diff --git a/providers/src/googleapis.com/v00.00.00000/provider.yaml b/providers/src/googleapis.com/v00.00.00000/provider.yaml index c3459fb1..31acc50e 100644 --- a/providers/src/googleapis.com/v00.00.00000/provider.yaml +++ b/providers/src/googleapis.com/v00.00.00000/provider.yaml @@ -247,10 +247,12 @@ providerServices: title: BeyondCorp API version: v00.00.00000 description: >- - Beyondcorp Enterprise provides identity and context aware access controls - for enterprise resources and enables zero-trust access. Using the - Beyondcorp Enterprise APIs, enterprises can set up multi-cloud and on-prem - connectivity solutions. + Chrome Enterprise Premium is a secure enterprise browsing solution that + provides secure access to applications and resources, and offers + integrated threat and data protection. It adds an extra layer of security + to safeguard your Chrome browser environment, including Data Loss + Prevention (DLP), real-time URL and file scanning, and Context-Aware + Access for SaaS and web apps. biglake: id: biglake:v00.00.00000 name: biglake @@ -566,7 +568,7 @@ providerServices: $ref: googleapis.com/v00.00.00000/services/compute.yaml title: Compute Engine API version: v00.00.00000 - description: 'Creates and runs virtual machines on Google Cloud Platform. ' + description: Creates and runs virtual machines on Google Cloud Platform. config: id: config:v00.00.00000 name: config @@ -1064,15 +1066,6 @@ providerServices: Provides natural language understanding technologies, such as sentiment analysis, entity recognition, entity sentiment analysis, and other text annotations, to developers. - libraryagent: - id: libraryagent:v00.00.00000 - name: libraryagent - preferred: true - service: - $ref: googleapis.com/v00.00.00000/services/libraryagent.yaml - title: Library Agent API - version: v00.00.00000 - description: A simple Google Example Library API. lifesciences: id: lifesciences:v00.00.00000 name: lifesciences @@ -1084,6 +1077,15 @@ providerServices: description: >- Cloud Life Sciences is a suite of services and tools for managing, processing, and transforming life sciences data. + libraryagent: + id: libraryagent:v00.00.00000 + name: libraryagent + preferred: true + service: + $ref: googleapis.com/v00.00.00000/services/libraryagent.yaml + title: Library Agent API + version: v00.00.00000 + description: A simple Google Example Library API. logging: id: logging:v00.00.00000 name: logging @@ -1659,6 +1661,15 @@ providerServices: title: Cloud Speech-to-Text API version: v00.00.00000 description: Converts audio to text by applying powerful neural network models. + speechv2: + id: speechv2:v00.00.00000 + name: speechv2 + preferred: true + service: + $ref: googleapis.com/v00.00.00000/services/speechv2.yaml + title: Cloud Speech-to-Text API + version: v00.00.00000 + description: Converts audio to text by applying powerful neural network models. sqladmin: id: sqladmin:v00.00.00000 name: sqladmin diff --git a/providers/src/googleapis.com/v00.00.00000/services/accessapproval.yaml b/providers/src/googleapis.com/v00.00.00000/services/accessapproval.yaml index f645490f..cbf83717 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/accessapproval.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/accessapproval.yaml @@ -7,8 +7,8 @@ info: title: Access Approval API description: An API for controlling access to data by Google personnel. version: v1 - x-discovery-doc-revision: '20250821' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251205' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/assured-workloads/access-approval/docs servers: @@ -34,105 +34,177 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListApprovalRequestsResponse: - id: ListApprovalRequestsResponse - description: Response to listing of ApprovalRequest objects. + DismissDecision: + description: A decision that has been made to dismiss an approval request. type: object properties: - approvalRequests: - description: Approval request details. - type: array - items: - $ref: '#/components/schemas/ApprovalRequest' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more. + dismissTime: + description: The time at which the approval request was dismissed. type: string - ApprovalRequest: - id: ApprovalRequest - description: A request for the customer to approve access to a resource. + format: google-datetime + implicit: + description: >- + This field will be true if the ApprovalRequest was implicitly + dismissed due to inaction by the access approval approvers (the + request is not acted on by the approvers before the exiration time). + type: boolean + id: DismissDecision + InvalidateApprovalRequestMessage: + id: InvalidateApprovalRequestMessage + properties: {} type: object + description: Request to invalidate an existing approval. + EnrolledService: + description: Represents the enrollment of a cloud resource into a specific service. properties: - name: + enrollmentLevel: + enumDescriptions: + - >- + Default value if not set, defaults to "BLOCK_ALL". This value is + not available to be set by the user, do not use. + - Service is enrolled in Access Approval for all requests + type: string + description: The enrollment level of the service. + enum: + - ENROLLMENT_LEVEL_UNSPECIFIED + - BLOCK_ALL + cloudProduct: description: >- - The resource name of the request. Format is - "{projects|folders|organizations}/{id}/approvalRequests/{approval_request}". + The product for which Access Approval will be enrolled. Allowed + values are listed below (case-sensitive): * all * GA * Access + Context Manager * Anthos Identity Service * AlloyDB for PostgreSQL * + Apigee * Application Integration * App Hub * Artifact Registry * + Anthos Service Mesh * Access Transparency * BigQuery * Certificate + Authority Service * Cloud Bigtable * CCAI Assist and Knowledge * + Cloud Dataflow * Cloud Dataproc * CEP Security Gateway * Compliance + Evaluation Service * Cloud Firestore * Cloud Healthcare API * + Chronicle * Cloud AI Companion Gateway - Titan * Google Cloud Armor + * Cloud Asset Inventory * Cloud Asset Search * Cloud Deploy * Cloud + DNS * Cloud Latency * Cloud Memorystore for Redis * CloudNet Control + * Cloud Riptide * Cloud Tasks * Cloud Trace * Cloud Data Transfer * + Cloud Composer * Integration Connectors * Contact Center AI Insights + * Cloud Pub/Sub * Cloud Run * Resource Manager * Cloud Spanner * + Database Center * Cloud Dataform * Cloud Data Fusion * Dataplex * + Dialogflow Customer Experience Edition * Cloud DLP * Document AI * + Edge Container * Edge Network * Cloud EKM * Eventarc * Firebase Data + Connect * Firebase Rules * App Engine * Cloud Build * Compute Engine + * Cloud Functions (2nd Gen) * Cloud Filestore * Cloud Interconnect * + Cloud NetApp Volumes * Cloud Storage * Generative AI App Builder * + Google Kubernetes Engine * Backup for GKE API * GKE Connect * GKE + Hub * Hoverboard * Cloud HSM * Cloud Identity and Access Management + * Cloud Identity-Aware Proxy * Infrastructure Manager * Identity + Storage Service * Key Access Justifications * Cloud Key Management + Service * Cloud Logging * Looker (Google Cloud core) * Looker Studio + * Management Hub * Model Armor * Cloud Monitoring * Cloud NAT * + Connectivity Hub * External passthrough Network Load Balancer * OIDC + One * Organization Policy Service * Org Lifecycle * Persistent Disk + * Parameter Manager * Private Services Access * Regional Internal + Application Load Balancer * Storage Batch Operations * Cloud + Security Command Center * Secure Source Manager * Seeker * Service + Provisioning * Speaker ID * Secret Manager * Cloud SQL * Cloud + Speech-to-Text * Traffic Director * Cloud Text-to-Speech * USPS + Andromeda * Vertex AI * Virtual Private Cloud (VPC) * VPC Access * + VPC Service Controls Troubleshooter * VPC virtnet * Cloud + Workstations * Web Risk Note: These values are supported as input + for legacy purposes, but will not be returned from the API. * all * + ga-only * appengine.googleapis.com * artifactregistry.googleapis.com + * bigquery.googleapis.com * bigtable.googleapis.com * + container.googleapis.com * cloudkms.googleapis.com * + cloudresourcemanager.googleapis.com * cloudsql.googleapis.com * + compute.googleapis.com * dataflow.googleapis.com * + dataproc.googleapis.com * dlp.googleapis.com * iam.googleapis.com * + logging.googleapis.com * orgpolicy.googleapis.com * + pubsub.googleapis.com * spanner.googleapis.com * + secretmanager.googleapis.com * speakerid.googleapis.com * + storage.googleapis.com Calls to UpdateAccessApprovalSettings using + 'all' or any of the XXX.googleapis.com will be translated to the + associated product name ('all', 'App Engine', etc.). Note: 'all' + will enroll the resource in all products supported at both 'GA' and + 'Preview' levels. More information about levels of support is + available at + https://cloud.google.com/access-approval/docs/supported-services type: string - requestedResourceName: + id: EnrolledService + type: object + AccessLocations: + type: object + properties: + principalOfficeCountry: description: >- - The resource for which approval is being requested. The format of - the resource name is defined at - https://cloud.google.com/apis/design/resource_names. The resource - name here may either be a "full" resource name (e.g. - "//library.googleapis.com/shelves/shelf1/books/book2") or a - "relative" resource name (e.g. "shelves/shelf1/books/book2") as - described in the resource name specification. + The "home office" location of the Google administrator. A two-letter + country code (ISO 3166-1 alpha-2), such as "US", "DE" or "GB" or a + region code. In some limited situations Google systems may refer + refer to a region code instead of a country code. Possible Region + Codes: * ASI: Asia * EUR: Europe * OCE: Oceania * AFR: Africa * NAM: + North America * SAM: South America * ANT: Antarctica * ANY: Any + location type: string - requestedAugmentedInfo: - description: This field contains the augmented information of the request. - $ref: '#/components/schemas/AugmentedInfo' - requestedResourceProperties: + principalPhysicalLocationCountry: description: >- - Properties related to the resource represented by - requested_resource_name. - $ref: '#/components/schemas/ResourceProperties' - requestedReason: - description: The justification for which approval is being requested. - $ref: '#/components/schemas/AccessReason' - requestedLocations: - description: The locations for which approval is being requested. - $ref: '#/components/schemas/AccessLocations' - requestTime: - description: The time at which approval was requested. + Physical location of the Google administrator at the time of the + access. A two-letter country code (ISO 3166-1 alpha-2), such as + "US", "DE" or "GB" or a region code. In some limited situations + Google systems may refer refer to a region code instead of a country + code. Possible Region Codes: * ASI: Asia * EUR: Europe * OCE: + Oceania * AFR: Africa * NAM: North America * SAM: South America * + ANT: Antarctica * ANY: Any location type: string + id: AccessLocations + description: >- + Physical assigned office and physical location of the Google + administrator performing the access. + ApproveDecision: + properties: + autoApproved: + type: boolean + description: True when the request has been auto-approved. + expireTime: + description: The time at which the approval expires. format: google-datetime - requestedExpiration: - description: >- - The original requested expiration for the approval. Calculated by - adding the requested_duration to the request_time. type: string + invalidateTime: + description: If set, denotes the timestamp at which the approval is invalidated. format: google-datetime - requestedDuration: - description: The requested access duration. type: string - format: google-duration - approve: - description: Access was approved. - $ref: '#/components/schemas/ApproveDecision' - dismiss: - description: The request was dismissed. - $ref: '#/components/schemas/DismissDecision' - AugmentedInfo: - id: AugmentedInfo - description: This field contains the augmented information of the request. - type: object - properties: - command: + signatureInfo: description: >- - For command-line tools, the full command-line exactly as entered by - the actor without adding any additional characters (such as - quotation marks). + The signature for the ApprovalRequest and details on how it was + signed. + $ref: '#/components/schemas/SignatureInfo' + approveTime: type: string - ResourceProperties: - id: ResourceProperties - description: The properties associated with the resource of the request. + description: The time at which approval was granted. + format: google-datetime + policyApproved: + type: boolean + description: >- + True when the request has been approved by the customer's defined + policy. + description: A decision that has been made to approve access to a resource. + id: ApproveDecision + type: object + ListApprovalRequestsResponse: + id: ListApprovalRequestsResponse + description: Response to listing of ApprovalRequest objects. type: object properties: - excludesDescendants: + approvalRequests: + description: Approval request details. + items: + $ref: '#/components/schemas/ApprovalRequest' + type: array + nextPageToken: description: >- - Whether an approval will exclude the descendants of the resource - being requested. - type: boolean + Token to retrieve the next page of results, or empty if there are no + more. + type: string AccessReason: - id: AccessReason type: object properties: type: - description: Type of access justification. type: string enumDescriptions: - - Default value for proto, shouldn't be used. + - This value is not used. - >- Customer made a request or raised an issue that required the principal to access customer data. `detail` is of the form @@ -160,6 +232,7 @@ components: principal accessed customer data in order to diagnose or resolve a suspected issue in services or a known outage, or for security, fraud, abuse, or compliance review purposes. + description: Type of access reason. enum: - TYPE_UNSPECIFIED - CUSTOMER_INITIATED_SUPPORT @@ -173,82 +246,223 @@ components: More detail about certain reason types. See comments for each type above. type: string - AccessLocations: - id: AccessLocations - description: Home office and physical location of the principal. - type: object + id: AccessReason + CustomerApprovalApprovalPolicy: + description: Represents all the policies that can be set for Customer Approval. + id: CustomerApprovalApprovalPolicy properties: - principalOfficeCountry: - description: >- - The "home office" location of the principal. A two-letter country - code (ISO 3166-1 alpha-2), such as "US", "DE" or "GB" or a region - code. In some limited situations Google systems may refer refer to a - region code instead of a country code. Possible Region Codes: * ASI: - Asia * EUR: Europe * OCE: Oceania * AFR: Africa * NAM: North America - * SAM: South America * ANT: Antarctica * ANY: Any location - type: string - principalPhysicalLocationCountry: - description: >- - Physical location of the principal at the time of the access. A - two-letter country code (ISO 3166-1 alpha-2), such as "US", "DE" or - "GB" or a region code. In some limited situations Google systems may - refer refer to a region code instead of a country code. Possible - Region Codes: * ASI: Asia * EUR: Europe * OCE: Oceania * AFR: Africa - * NAM: North America * SAM: South America * ANT: Antarctica * ANY: - Any location + justificationBasedApprovalPolicy: type: string - ApproveDecision: - id: ApproveDecision - description: A decision that has been made to approve access to a resource. + description: Optional. Policy for approval based on the justification given. + enum: + - JUSTIFICATION_BASED_APPROVAL_POLICY_UNSPECIFIED + - JUSTIFICATION_BASED_APPROVAL_ENABLED_ALL + - JUSTIFICATION_BASED_APPROVAL_ENABLED_EXTERNAL_JUSTIFICATIONS + - JUSTIFICATION_BASED_APPROVAL_NOT_ENABLED + - JUSTIFICATION_BASED_APPROVAL_INHERITED + enumDescriptions: + - >- + Default value, defaults to + JUSTIFICATION_BASED_APPROVAL_NOT_ENABLED if not set. This value is + not able to be configured by the user, do not use. + - Audit-only mode. All accesses are pre-approved instantly. + - >- + Customer initiated support access reasons are pre-approved + instantly. All other accesses require customer approval. + - >- + All access approval requests require customer approval. This is + the default value if the policy is not set. + - >- + Defer configuration to parent settings. This is the default value + if the policy is not set and the parent has a value set. type: object + ApproveApprovalRequestMessage: properties: - approveTime: - description: The time at which approval was granted. - type: string - format: google-datetime expireTime: - description: The time at which the approval expires. type: string format: google-datetime - invalidateTime: - description: If set, denotes the timestamp at which the approval is invalidated. + description: The expiration time of this approval. + description: Request to approve an ApprovalRequest. + type: object + id: ApproveApprovalRequestMessage + AccessApprovalSettings: + id: AccessApprovalSettings + type: object + description: Settings on a Project/Folder/Organization related to Access Approval. + properties: + activeKeyVersion: type: string - format: google-datetime - signatureInfo: description: >- - The signature for the ApprovalRequest and details on how it was - signed. - $ref: '#/components/schemas/SignatureInfo' - autoApproved: - description: True when the request has been auto-approved. + The asymmetric crypto key version to use for signing approval + requests. Empty active_key_version indicates that a Google-managed + key should be used for signing. This property will be ignored if set + by an ancestor of this resource, and new non-empty values may not be + set. + preferredRequestExpirationDays: + type: integer + description: >- + Set the default access approval request expiration time. This value + is able to be set directly by the customer at the time of approval, + overriding this suggested value. We recommend setting this value to + 30 days. + format: int32 + preferNoBroadApprovalRequests: type: boolean - policyApproved: description: >- - True when the request has been approved by the customer's defined - policy. + This field is used to set a preference for granularity of an access + approval request. If true, Google personnel will be asked to send + resource-level requests when possible. If false, Google personnel + will be asked to send requests at the project level. + ancestorHasActiveKeyVersion: + readOnly: true type: boolean - SignatureInfo: - id: SignatureInfo - description: Information about the digital signature of the resource. + description: >- + Output only. This field is read only (not settable via + UpdateAccessApprovalSettings method). If the field is true, that + indicates that an ancestor of this Project or Folder has set + active_key_version (this field will always be unset for the + organization since organizations do not have ancestors). + enrolledServices: + items: + $ref: '#/components/schemas/EnrolledService' + type: array + description: >- + A list of Google Cloud Services for which the given resource has + Access Approval enrolled. Access requests for the resource given by + name against any of these services contained here will be required + to have explicit approval. If name refers to an organization, + enrollment can be done for individual services. If name refers to a + folder or project, enrollment can only be done on an all or nothing + basis. If a cloud_product is repeated in this list, the first entry + will be honored and all following entries will be discarded. + notificationEmails: + items: + type: string + description: >- + A list of email addresses to which notifications relating to + approval requests should be sent. Notifications relating to a + resource will be sent to all emails in the settings of ancestor + resources of that resource. A maximum of 50 email addresses are + allowed. + type: array + requireCustomerVisibleJustification: + description: >- + Optional. When enabled, Google will only be able to send approval + requests for access reasons with a customer accessible case ID in + the reason detail. Also known as "Require customer initiated support + case justification" + type: boolean + approvalPolicy: + $ref: '#/components/schemas/CustomerApprovalApprovalPolicy' + description: >- + Optional. Policy configuration for Access Approval that sets the + operating mode. The available policies are Transparency, Streamlined + Support, and Approval Required. + enrolledAncestor: + type: boolean + description: >- + Output only. This field is read only (not settable via + UpdateAccessApprovalSettings method). If the field is true, that + indicates that at least one service is enrolled for Access Approval + in one or more ancestors of the Project or Folder (this field will + always be unset for the organization since organizations do not have + ancestors). + readOnly: true + notificationPubsubTopic: + type: string + description: >- + Optional. A pubsub topic that notifications relating to access + approval are published to. Notifications include pre-approved + accesses. + requestScopeMaxWidthPreference: + type: string + enum: + - REQUEST_SCOPE_MAX_WIDTH_PREFERENCE_UNSPECIFIED + - ORGANIZATION + - FOLDER + - PROJECT + enumDescriptions: + - >- + Default value, defaults to ORGANIZATION if not set. This value is + not able to be configured by the user, do not use. + - >- + This is the widest scope possible. It means the customer has no + scope restriction when it comes to Access Approval requests. + - >- + Customer allows the scope of Access Approval requests as broad as + the Folder level. + - >- + Customer allows the scope of Access Approval requests as broad as + the Project level. + description: >- + Optional. A setting that indicates the maximum scope of an Access + Approval request: either organization, folder, or project. Google + administrators will be asked to send requests no broader than the + configured scope. + invalidKeyVersion: + readOnly: true + description: >- + Output only. This field is read only (not settable via + UpdateAccessApprovalSettings method). If the field is true, that + indicates that there is some configuration issue with the + active_key_version configured at this level in the resource + hierarchy (e.g. it doesn't exist or the Access Approval service + account doesn't have the correct permissions on it, etc.) This key + version is not necessarily the effective key version at this level, + as key versions are inherited top-down. + type: boolean + name: + type: string + description: >- + The resource name of the settings. Format is one of: * + "projects/{project}/accessApprovalSettings" * + "folders/{folder}/accessApprovalSettings" * + "organizations/{organization}/accessApprovalSettings" + effectiveApprovalPolicy: + readOnly: true + description: >- + Output only. Effective policy applied for Access Approval, inclusive + of inheritance. + $ref: '#/components/schemas/CustomerApprovalApprovalPolicy' + AugmentedInfo: type: object + id: AugmentedInfo + description: >- + This field contains the augmented information of the request. Requires + augmented administrative access to be enabled. properties: - signature: - description: The digital signature. + command: + description: >- + For command-line tools, the full command-line exactly as entered by + the actor without adding any additional characters (such as + quotation marks). type: string + SignatureInfo: + type: object + description: Information about the digital signature of the resource. + properties: + serializedApprovalRequest: format: byte + description: >- + The ApprovalRequest that is serialized without the SignatureInfo + message field. This data is used with the hashing algorithm to + generate the digital signature, and it can be used for signature + verification. + type: string googlePublicKeyPem: description: >- The public key for the Google default signing, encoded in PEM format. The signature was created using a private key which may be verified using this public key. type: string + signature: + type: string + description: The digital signature. + format: byte customerKmsKeyVersion: description: The resource name of the customer CryptoKeyVersion used for signing. type: string googleKeyAlgorithm: - description: >- - The hashing algorithm used for signature verification. It will only - be present in the case of Google managed keys. type: string enumDescriptions: - Not specified. @@ -304,9 +518,15 @@ components: - >- X-Wing hybrid KEM combining ML-KEM-768 with X25519 following datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 1. Randomized version. - >- The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 3. Randomized version. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 5. Randomized version. - >- The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized version. @@ -314,6 +534,18 @@ components: The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized pre-hash version supporting SHA256 digests. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 1. Randomized version supporting + externally-computed message representatives. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 3. Randomized version supporting + externally-computed message representatives. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 5. Randomized version supporting + externally-computed message representatives. enum: - CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED - GOOGLE_SYMMETRIC_ENCRYPTION @@ -354,297 +586,151 @@ components: - ML_KEM_768 - ML_KEM_1024 - KEM_XWING + - PQ_SIGN_ML_DSA_44 - PQ_SIGN_ML_DSA_65 + - PQ_SIGN_ML_DSA_87 - PQ_SIGN_SLH_DSA_SHA2_128S - PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256 - serializedApprovalRequest: + - PQ_SIGN_ML_DSA_44_EXTERNAL_MU + - PQ_SIGN_ML_DSA_65_EXTERNAL_MU + - PQ_SIGN_ML_DSA_87_EXTERNAL_MU description: >- - The ApprovalRequest that is serialized without the SignatureInfo - message field. This data is used with the hashing algorithm to - generate the digital signature, and it can be used for signature - verification. - type: string - format: byte - DismissDecision: - id: DismissDecision - description: A decision that has been made to dismiss an approval request. + The hashing algorithm used for signature verification. It will only + be present in the case of Google managed keys. + id: SignatureInfo + ResourceProperties: + description: The properties associated with the resource of the request. type: object properties: - dismissTime: - description: The time at which the approval request was dismissed. - type: string - format: google-datetime - implicit: + excludesDescendants: description: >- - This field will be true if the ApprovalRequest was implicitly - dismissed due to inaction by the access approval approvers (the - request is not acted on by the approvers before the exiration time). + Whether an approval will exclude the descendants of the resource + being requested. type: boolean - ApproveApprovalRequestMessage: - id: ApproveApprovalRequestMessage - description: Request to approve an ApprovalRequest. - type: object - properties: - expireTime: - description: The expiration time of this approval. - type: string - format: google-datetime + id: ResourceProperties DismissApprovalRequestMessage: - id: DismissApprovalRequestMessage - description: Request to dismiss an approval request. - type: object - properties: {} - InvalidateApprovalRequestMessage: - id: InvalidateApprovalRequestMessage - description: Request to invalidate an existing approval. - type: object properties: {} - AccessApprovalSettings: - id: AccessApprovalSettings - description: Settings on a Project/Folder/Organization related to Access Approval. type: object + id: DismissApprovalRequestMessage + description: Request to dismiss an approval request. + ApprovalRequest: + id: ApprovalRequest + description: A request for the customer to approve access to a resource. properties: - name: - description: >- - The resource name of the settings. Format is one of: * - "projects/{project}/accessApprovalSettings" * - "folders/{folder}/accessApprovalSettings" * - "organizations/{organization}/accessApprovalSettings" - type: string - notificationEmails: - description: >- - A list of email addresses to which notifications relating to - approval requests should be sent. Notifications relating to a - resource will be sent to all emails in the settings of ancestor - resources of that resource. A maximum of 50 email addresses are - allowed. - type: array - items: - type: string - enrolledServices: - description: >- - A list of Google Cloud Services for which the given resource has - Access Approval enrolled. Access requests for the resource given by - name against any of these services contained here will be required - to have explicit approval. If name refers to an organization, - enrollment can be done for individual services. If name refers to a - folder or project, enrollment can only be done on an all or nothing - basis. If a cloud_product is repeated in this list, the first entry - will be honored and all following entries will be discarded. A - maximum of 10 enrolled services will be enforced, to be expanded as - the set of supported services is expanded. - type: array - items: - $ref: '#/components/schemas/EnrolledService' - enrolledAncestor: - description: >- - Output only. This field is read only (not settable via - UpdateAccessApprovalSettings method). If the field is true, that - indicates that at least one service is enrolled for Access Approval - in one or more ancestors of the Project or Folder (this field will - always be unset for the organization since organizations do not have - ancestors). - readOnly: true - type: boolean - activeKeyVersion: - description: >- - The asymmetric crypto key version to use for signing approval - requests. Empty active_key_version indicates that a Google-managed - key should be used for signing. This property will be ignored if set - by an ancestor of this resource, and new non-empty values may not be - set. + requestedExpiration: + format: google-datetime type: string - ancestorHasActiveKeyVersion: - description: >- - Output only. This field is read only (not settable via - UpdateAccessApprovalSettings method). If the field is true, that - indicates that an ancestor of this Project or Folder has set - active_key_version (this field will always be unset for the - organization since organizations do not have ancestors). - readOnly: true - type: boolean - invalidKeyVersion: - description: >- - Output only. This field is read only (not settable via - UpdateAccessApprovalSettings method). If the field is true, that - indicates that there is some configuration issue with the - active_key_version configured at this level in the resource - hierarchy (e.g. it doesn't exist or the Access Approval service - account doesn't have the correct permissions on it, etc.) This key - version is not necessarily the effective key version at this level, - as key versions are inherited top-down. - readOnly: true - type: boolean - preferredRequestExpirationDays: description: >- - This preference is shared with Google personnel, but can be - overridden if said personnel deems necessary. The approver - ultimately can set the expiration at approval time. - type: integer - format: int32 - preferNoBroadApprovalRequests: - description: >- - This preference is communicated to Google personnel when sending an - approval request but can be overridden if necessary. - type: boolean - notificationPubsubTopic: + The original requested expiration for the approval. Calculated by + adding the requested_duration to the request_time. + dismiss: + description: The request was dismissed. + $ref: '#/components/schemas/DismissDecision' + requestedReason: + description: The access reason for which approval is being requested. + $ref: '#/components/schemas/AccessReason' + name: description: >- - Optional. A pubsub topic to which notifications relating to approval - requests should be sent. + The resource name of the request. Format is + "{projects|folders|organizations}/{id}/approvalRequests/{approval_request}". type: string - requireCustomerVisibleJustification: - description: >- - Optional. A setting to require approval request justifications to be - customer visible. - type: boolean - requestScopeMaxWidthPreference: - description: >- - Optional. A setting to indicate the maximum width of an Access - Approval request. + requestedDuration: type: string - enumDescriptions: - - Default value for proto, shouldn't be used. - - >- - This is the widest scope possible. It means the customer has no - scope restriction when it comes to Access Approval requests. - - >- - Customer allows the scope of Access Approval requests as broad as - the Folder level. - - >- - Customer allows the scope of Access Approval requests as broad as - the Project level. - enum: - - REQUEST_SCOPE_MAX_WIDTH_PREFERENCE_UNSPECIFIED - - ORGANIZATION - - FOLDER - - PROJECT - approvalPolicy: - description: Optional. Policy for approval. This contains all policies. - $ref: '#/components/schemas/CustomerApprovalApprovalPolicy' - effectiveApprovalPolicy: - description: >- - Output only. Policy for approval included inherited settings to - understand the exact policy applied to this resource. This is a - read-only field. - readOnly: true - $ref: '#/components/schemas/CustomerApprovalApprovalPolicy' - EnrolledService: - id: EnrolledService - description: Represents the enrollment of a cloud resource into a specific service. - type: object - properties: - cloudProduct: + format: google-duration + description: The requested access duration. + approve: + description: Access was approved. + $ref: '#/components/schemas/ApproveDecision' + requestedAugmentedInfo: + description: This field contains the augmented information of the request. + $ref: '#/components/schemas/AugmentedInfo' + requestedResourceName: description: >- - The product for which Access Approval will be enrolled. Allowed - values are listed below (case-sensitive): * all * GA * App Engine * - Artifact Registry * BigQuery * Certificate Authority Service * Cloud - Bigtable * Cloud Key Management Service * Compute Engine * Cloud - Composer * Cloud Dataflow * Cloud Dataproc * Cloud DLP * Cloud EKM * - Cloud Firestore * Cloud HSM * Cloud Identity and Access Management * - Cloud Logging * Cloud NAT * Cloud Pub/Sub * Cloud Spanner * Cloud - SQL * Cloud Storage * Eventarc * Google Kubernetes Engine * - Organization Policy Serivice * Persistent Disk * Resource Manager * - Secret Manager * Speaker ID Note: These values are supported as - input for legacy purposes, but will not be returned from the API. * - all * ga-only * appengine.googleapis.com * - artifactregistry.googleapis.com * bigquery.googleapis.com * - bigtable.googleapis.com * container.googleapis.com * - cloudkms.googleapis.com * cloudresourcemanager.googleapis.com * - cloudsql.googleapis.com * compute.googleapis.com * - dataflow.googleapis.com * dataproc.googleapis.com * - dlp.googleapis.com * iam.googleapis.com * logging.googleapis.com * - orgpolicy.googleapis.com * pubsub.googleapis.com * - spanner.googleapis.com * secretmanager.googleapis.com * - speakerid.googleapis.com * storage.googleapis.com Calls to - UpdateAccessApprovalSettings using 'all' or any of the - XXX.googleapis.com will be translated to the associated product name - ('all', 'App Engine', etc.). Note: 'all' will enroll the resource in - all products supported at both 'GA' and 'Preview' levels. More - information about levels of support is available at - https://cloud.google.com/access-approval/docs/supported-services - type: string - enrollmentLevel: - description: The enrollment level of the service. + The resource for which approval is being requested. The format of + the resource name is defined at + https://cloud.google.com/apis/design/resource_names. The resource + name here may either be a "full" resource name (e.g. + "//library.googleapis.com/shelves/shelf1/books/book2") or a + "relative" resource name (e.g. "shelves/shelf1/books/book2") as + described in the resource name specification. type: string - enumDescriptions: - - Default value for proto, shouldn't be used. - - Service is enrolled in Access Approval for all requests - enum: - - ENROLLMENT_LEVEL_UNSPECIFIED - - BLOCK_ALL - CustomerApprovalApprovalPolicy: - id: CustomerApprovalApprovalPolicy - description: Represents all the policies that can be set for Customer Approval. - type: object - properties: - justificationBasedApprovalPolicy: - description: Optional. Policy for approval based on the justification given. + requestTime: + description: The time at which approval was requested. + format: google-datetime type: string - enumDescriptions: - - Default value for proto. - - Instant approval is enabled for all accesses. - - Instant approval is enabled for external justifications. - - Instant approval is not enabled for any accesses. - - Instant approval is inherited from the parent. - enum: - - JUSTIFICATION_BASED_APPROVAL_POLICY_UNSPECIFIED - - JUSTIFICATION_BASED_APPROVAL_ENABLED_ALL - - JUSTIFICATION_BASED_APPROVAL_ENABLED_EXTERNAL_JUSTIFICATIONS - - JUSTIFICATION_BASED_APPROVAL_NOT_ENABLED - - JUSTIFICATION_BASED_APPROVAL_INHERITED - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + requestedResourceProperties: + $ref: '#/components/schemas/ResourceProperties' + description: >- + Properties related to the resource represented by + requested_resource_name. + requestedLocations: + description: The locations for which approval is being requested. + $ref: '#/components/schemas/AccessLocations' type: object - properties: {} AccessApprovalServiceAccount: - id: AccessApprovalServiceAccount - description: >- - Access Approval service account related to a - project/folder/organization. type: object properties: + accountEmail: + description: Email address of the service account. + type: string name: description: >- The resource name of the Access Approval service account. Format is one of: * "projects/{project}/serviceAccount" * - "folders/{folder}/serviceAccount" * - "organizations/{organization}/serviceAccount" - type: string - accountEmail: - description: Email address of the service account. + "folders/{folder}/serviceAccount" * + "organizations/{organization}/serviceAccount" type: string + id: AccessApprovalServiceAccount + description: >- + Access Approval service account related to a + project/folder/organization. + Empty: + type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: Empty + properties: {} parameters: - access_token: - description: OAuth access token. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: access_token + name: fields schema: type: string - alt: - description: Data format for response. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: alt + name: oauth_token schema: type: string - enum: - - json - - media - - proto - callback: - description: JSONP + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: callback + name: quotaUser schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + access_token: + description: OAuth access token. in: query - name: fields + name: access_token + schema: + type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol schema: type: string key: @@ -656,37 +742,26 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + alt: + description: Data format for response. in: query - name: upload_protocol + name: alt schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + enum: + - json + - media + - proto + callback: + description: JSONP in: query - name: uploadType + name: callback schema: type: string _.xgafv: @@ -704,119 +779,119 @@ components: name: access_approval_settings title: Access_approval_settings methods: - projects_get_access_approval_settings: + organizations_delete_access_approval_settings: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1accessApprovalSettings/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1accessApprovalSettings/delete response: mediaType: application/json openAPIDocKey: '200' - projects_update_access_approval_settings: + organizations_update_access_approval_settings: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1accessApprovalSettings/patch' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1accessApprovalSettings/patch response: mediaType: application/json openAPIDocKey: '200' - projects_delete_access_approval_settings: + organizations_get_access_approval_settings: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1accessApprovalSettings/delete + #/paths/~1v1~1organizations~1{organizationsId}~1accessApprovalSettings/get response: mediaType: application/json openAPIDocKey: '200' - folders_get_access_approval_settings: + projects_delete_access_approval_settings: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1accessApprovalSettings/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1accessApprovalSettings/delete response: mediaType: application/json openAPIDocKey: '200' - folders_update_access_approval_settings: + projects_get_access_approval_settings: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1accessApprovalSettings/patch' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1accessApprovalSettings/get' response: mediaType: application/json openAPIDocKey: '200' - folders_delete_access_approval_settings: + projects_update_access_approval_settings: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1accessApprovalSettings/delete' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1accessApprovalSettings/patch' response: mediaType: application/json openAPIDocKey: '200' - organizations_get_access_approval_settings: + folders_update_access_approval_settings: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1accessApprovalSettings/get + $ref: '#/paths/~1v1~1folders~1{foldersId}~1accessApprovalSettings/patch' response: mediaType: application/json openAPIDocKey: '200' - organizations_update_access_approval_settings: + folders_delete_access_approval_settings: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1accessApprovalSettings/patch + $ref: '#/paths/~1v1~1folders~1{foldersId}~1accessApprovalSettings/delete' response: mediaType: application/json openAPIDocKey: '200' - organizations_delete_access_approval_settings: + folders_get_access_approval_settings: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1accessApprovalSettings/delete + $ref: '#/paths/~1v1~1folders~1{foldersId}~1accessApprovalSettings/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: + - $ref: >- + #/components/x-stackQL-resources/access_approval_settings/methods/organizations_get_access_approval_settings - $ref: >- #/components/x-stackQL-resources/access_approval_settings/methods/projects_get_access_approval_settings - $ref: >- #/components/x-stackQL-resources/access_approval_settings/methods/folders_get_access_approval_settings - - $ref: >- - #/components/x-stackQL-resources/access_approval_settings/methods/organizations_get_access_approval_settings insert: [] update: + - $ref: >- + #/components/x-stackQL-resources/access_approval_settings/methods/organizations_update_access_approval_settings - $ref: >- #/components/x-stackQL-resources/access_approval_settings/methods/projects_update_access_approval_settings - $ref: >- #/components/x-stackQL-resources/access_approval_settings/methods/folders_update_access_approval_settings - - $ref: >- - #/components/x-stackQL-resources/access_approval_settings/methods/organizations_update_access_approval_settings replace: [] delete: + - $ref: >- + #/components/x-stackQL-resources/access_approval_settings/methods/organizations_delete_access_approval_settings - $ref: >- #/components/x-stackQL-resources/access_approval_settings/methods/projects_delete_access_approval_settings - $ref: >- #/components/x-stackQL-resources/access_approval_settings/methods/folders_delete_access_approval_settings - - $ref: >- - #/components/x-stackQL-resources/access_approval_settings/methods/organizations_delete_access_approval_settings service_account: id: google.accessapproval.service_account name: service_account title: Service_account methods: - projects_get_service_account: + organizations_get_service_account: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1serviceAccount/get' + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1serviceAccount/get' response: mediaType: application/json openAPIDocKey: '200' - folders_get_service_account: + projects_get_service_account: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1serviceAccount/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1serviceAccount/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_get_service_account: + folders_get_service_account: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1serviceAccount/get' + $ref: '#/paths/~1v1~1folders~1{foldersId}~1serviceAccount/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: + - $ref: >- + #/components/x-stackQL-resources/service_account/methods/organizations_get_service_account - $ref: >- #/components/x-stackQL-resources/service_account/methods/projects_get_service_account - $ref: >- #/components/x-stackQL-resources/service_account/methods/folders_get_service_account - - $ref: >- - #/components/x-stackQL-resources/service_account/methods/organizations_get_service_account insert: [] update: [] replace: [] @@ -826,147 +901,152 @@ components: name: approval_requests title: Approval_requests methods: - projects_approval_requests_list: + organizations_approval_requests_dismiss: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1approvalRequests/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1approvalRequests~1{approvalRequestsId}:dismiss/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.approvalRequests - projects_approval_requests_get: + organizations_approval_requests_invalidate: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1approvalRequests~1{approvalRequestsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1approvalRequests~1{approvalRequestsId}:invalidate/post response: mediaType: application/json openAPIDocKey: '200' - projects_approval_requests_approve: + organizations_approval_requests_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1approvalRequests~1{approvalRequestsId}:approve/post + #/paths/~1v1~1organizations~1{organizationsId}~1approvalRequests/get response: mediaType: application/json openAPIDocKey: '200' - projects_approval_requests_dismiss: + objectKey: $.approvalRequests + organizations_approval_requests_approve: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1approvalRequests~1{approvalRequestsId}:dismiss/post + #/paths/~1v1~1organizations~1{organizationsId}~1approvalRequests~1{approvalRequestsId}:approve/post response: mediaType: application/json openAPIDocKey: '200' - projects_approval_requests_invalidate: + organizations_approval_requests_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1approvalRequests~1{approvalRequestsId}:invalidate/post + #/paths/~1v1~1organizations~1{organizationsId}~1approvalRequests~1{approvalRequestsId}/get response: mediaType: application/json openAPIDocKey: '200' - folders_approval_requests_list: + projects_approval_requests_approve: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1approvalRequests/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1approvalRequests~1{approvalRequestsId}:approve/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.approvalRequests - folders_approval_requests_get: + projects_approval_requests_dismiss: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1approvalRequests~1{approvalRequestsId}/get + #/paths/~1v1~1projects~1{projectsId}~1approvalRequests~1{approvalRequestsId}:dismiss/post response: mediaType: application/json openAPIDocKey: '200' - folders_approval_requests_approve: + projects_approval_requests_list: operation: - $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1approvalRequests~1{approvalRequestsId}:approve/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1approvalRequests/get' response: mediaType: application/json openAPIDocKey: '200' - folders_approval_requests_dismiss: + objectKey: $.approvalRequests + projects_approval_requests_get: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1approvalRequests~1{approvalRequestsId}:dismiss/post + #/paths/~1v1~1projects~1{projectsId}~1approvalRequests~1{approvalRequestsId}/get response: mediaType: application/json openAPIDocKey: '200' - folders_approval_requests_invalidate: + projects_approval_requests_invalidate: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1approvalRequests~1{approvalRequestsId}:invalidate/post + #/paths/~1v1~1projects~1{projectsId}~1approvalRequests~1{approvalRequestsId}:invalidate/post response: mediaType: application/json openAPIDocKey: '200' - organizations_approval_requests_list: + folders_approval_requests_dismiss: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1approvalRequests/get + #/paths/~1v1~1folders~1{foldersId}~1approvalRequests~1{approvalRequestsId}:dismiss/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.approvalRequests - organizations_approval_requests_get: + folders_approval_requests_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1approvalRequests~1{approvalRequestsId}/get + $ref: '#/paths/~1v1~1folders~1{foldersId}~1approvalRequests/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_approval_requests_approve: + objectKey: $.approvalRequests + folders_approval_requests_approve: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1approvalRequests~1{approvalRequestsId}:approve/post + #/paths/~1v1~1folders~1{foldersId}~1approvalRequests~1{approvalRequestsId}:approve/post response: mediaType: application/json openAPIDocKey: '200' - organizations_approval_requests_dismiss: + folders_approval_requests_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1approvalRequests~1{approvalRequestsId}:dismiss/post + #/paths/~1v1~1folders~1{foldersId}~1approvalRequests~1{approvalRequestsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_approval_requests_invalidate: + folders_approval_requests_invalidate: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1approvalRequests~1{approvalRequestsId}:invalidate/post + #/paths/~1v1~1folders~1{foldersId}~1approvalRequests~1{approvalRequestsId}:invalidate/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: + - $ref: >- + #/components/x-stackQL-resources/approval_requests/methods/organizations_approval_requests_get - $ref: >- #/components/x-stackQL-resources/approval_requests/methods/projects_approval_requests_get - $ref: >- #/components/x-stackQL-resources/approval_requests/methods/folders_approval_requests_get - $ref: >- - #/components/x-stackQL-resources/approval_requests/methods/organizations_approval_requests_get + #/components/x-stackQL-resources/approval_requests/methods/organizations_approval_requests_list - $ref: >- #/components/x-stackQL-resources/approval_requests/methods/projects_approval_requests_list - $ref: >- #/components/x-stackQL-resources/approval_requests/methods/folders_approval_requests_list - - $ref: >- - #/components/x-stackQL-resources/approval_requests/methods/organizations_approval_requests_list insert: [] update: [] replace: [] delete: [] paths: - /v1/projects/{projectsId}/accessApprovalSettings: + /v1/organizations/{organizationsId}/accessApprovalSettings: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/_.xgafv' - get: - description: Gets the settings associated with a project, folder, or organization. - operationId: accessapproval.projects.getAccessApprovalSettings + delete: + description: >- + Deletes the settings associated with a project, folder, or organization. + This will have the effect of disabling Access Approval for the resource. + Access Approval may remain active based on parent resource settings. To + confirm the effective settings, call GetAccessApprovalSettings and + verify effective setting is disabled. + operationId: accessapproval.organizations.deleteAccessApprovalSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -978,10 +1058,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AccessApprovalSettings' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -989,7 +1069,7 @@ paths: description: >- Updates the settings associated with a project, folder, or organization. Settings to update are determined by the value of field_mask. - operationId: accessapproval.projects.updateAccessApprovalSettings + operationId: accessapproval.organizations.updateAccessApprovalSettings requestBody: content: application/json: @@ -1009,7 +1089,7 @@ paths: $ref: '#/components/schemas/AccessApprovalSettings' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -1018,15 +1098,11 @@ paths: schema: type: string format: google-fieldmask - delete: + get: description: >- - Deletes the settings associated with a project, folder, or organization. - This will have the effect of disabling Access Approval for the project, - folder, or organization, but only if all ancestors also have Access - Approval disabled. If Access Approval is enabled at a higher level of - the hierarchy, then Access Approval will still be enabled at this level - as the settings are inherited. - operationId: accessapproval.projects.deleteAccessApprovalSettings + Gets the Access Approval settings associated with a project, folder, or + organization. + operationId: accessapproval.organizations.getAccessApprovalSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1038,20 +1114,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/AccessApprovalSettings' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - /v1/projects/{projectsId}/serviceAccount: + /v1/organizations/{organizationsId}/serviceAccount: parameters: *ref_1 get: description: >- Retrieves the service account that is used by Access Approval to access KMS keys for signing approved approval requests. - operationId: accessapproval.projects.getServiceAccount + operationId: accessapproval.organizations.getServiceAccount security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1066,56 +1142,25 @@ paths: $ref: '#/components/schemas/AccessApprovalServiceAccount' parameters: - in: path - name: projectsId - required: true - schema: - type: string - /v1/projects/{projectsId}/approvalRequests: - parameters: *ref_1 - get: - description: >- - Lists approval requests associated with a project, folder, or - organization. Approval requests can be filtered by state (pending, - active, dismissed). The order is reverse chronological. - operationId: accessapproval.projects.approvalRequests.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListApprovalRequestsResponse' - parameters: - - in: path - name: projectsId + name: organizationsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/approvalRequests/{approvalRequestsId}: + /v1/organizations/{organizationsId}/approvalRequests/{approvalRequestsId}:dismiss: parameters: *ref_1 - get: + post: description: >- - Gets an approval request. Returns NOT_FOUND if the request does not - exist. - operationId: accessapproval.projects.approvalRequests.get + Dismisses a request. Returns the updated ApprovalRequest. NOTE: When a + request is dismissed, it is considered ignored. Dismissing a request + does not prevent access granted by other Access Approval requests. + Returns NOT_FOUND if the request does not exist. Returns + FAILED_PRECONDITION if the request exists but is not in a pending state. + operationId: accessapproval.organizations.approvalRequests.dismiss + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DismissApprovalRequestMessage' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1130,7 +1175,7 @@ paths: $ref: '#/components/schemas/ApprovalRequest' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -1139,19 +1184,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/approvalRequests/{approvalRequestsId}:approve: + /v1/organizations/{organizationsId}/approvalRequests/{approvalRequestsId}:invalidate: parameters: *ref_1 post: description: >- - Approves a request and returns the updated ApprovalRequest. Returns - NOT_FOUND if the request does not exist. Returns FAILED_PRECONDITION if - the request exists but is not in a pending state. - operationId: accessapproval.projects.approvalRequests.approve + Invalidates an existing ApprovalRequest. Returns the updated + ApprovalRequest. NOTE: This action revokes Google access based on this + approval request. If the resource has other active approvals, access + will remain granted. Returns FAILED_PRECONDITION if the request exists + but is not in an approved state. + operationId: accessapproval.organizations.approvalRequests.invalidate requestBody: content: application/json: schema: - $ref: '#/components/schemas/ApproveApprovalRequestMessage' + $ref: '#/components/schemas/InvalidateApprovalRequestMessage' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1166,7 +1213,7 @@ paths: $ref: '#/components/schemas/ApprovalRequest' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -1175,21 +1222,14 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/approvalRequests/{approvalRequestsId}:dismiss: + /v1/organizations/{organizationsId}/approvalRequests: parameters: *ref_1 - post: + get: description: >- - Dismisses a request. Returns the updated ApprovalRequest. NOTE: This - does not deny access to the resource if another request has been made - and approved. It is equivalent in effect to ignoring the request - altogether. Returns NOT_FOUND if the request does not exist. Returns - FAILED_PRECONDITION if the request exists but is not in a pending state. - operationId: accessapproval.projects.approvalRequests.dismiss - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DismissApprovalRequestMessage' + Lists approval requests associated with a project, folder, or + organization. Approval requests can be filtered by state (pending, + active, dismissed). The order is reverse chronological. + operationId: accessapproval.organizations.approvalRequests.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1201,33 +1241,39 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApprovalRequest' + $ref: '#/components/schemas/ListApprovalRequestsResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - - in: path - name: approvalRequestsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/approvalRequests/{approvalRequestsId}:invalidate: + - in: query + name: pageToken + schema: + type: string + /v1/organizations/{organizationsId}/approvalRequests/{approvalRequestsId}:approve: parameters: *ref_1 post: description: >- - Invalidates an existing ApprovalRequest. Returns the updated - ApprovalRequest. NOTE: This does not deny access to the resource if - another request has been made and approved. It only invalidates a single - approval. Returns FAILED_PRECONDITION if the request exists but is not - in an approved state. - operationId: accessapproval.projects.approvalRequests.invalidate + Approves a request and returns the updated ApprovalRequest. Returns + NOT_FOUND if the request does not exist. Returns FAILED_PRECONDITION if + the request exists but is not in a pending state. + operationId: accessapproval.organizations.approvalRequests.approve requestBody: content: application/json: schema: - $ref: '#/components/schemas/InvalidateApprovalRequestMessage' + $ref: '#/components/schemas/ApproveApprovalRequestMessage' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1242,7 +1288,7 @@ paths: $ref: '#/components/schemas/ApprovalRequest' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -1251,11 +1297,13 @@ paths: required: true schema: type: string - /v1/folders/{foldersId}/accessApprovalSettings: + /v1/organizations/{organizationsId}/approvalRequests/{approvalRequestsId}: parameters: *ref_1 get: - description: Gets the settings associated with a project, folder, or organization. - operationId: accessapproval.folders.getAccessApprovalSettings + description: >- + Gets an approval request. Returns NOT_FOUND if the request does not + exist. + operationId: accessapproval.organizations.approvalRequests.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1267,23 +1315,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AccessApprovalSettings' + $ref: '#/components/schemas/ApprovalRequest' parameters: - in: path - name: foldersId + name: organizationsId required: true schema: type: string - patch: + - in: path + name: approvalRequestsId + required: true + schema: + type: string + /v1/projects/{projectsId}/approvalRequests/{approvalRequestsId}:approve: + parameters: *ref_1 + post: description: >- - Updates the settings associated with a project, folder, or organization. - Settings to update are determined by the value of field_mask. - operationId: accessapproval.folders.updateAccessApprovalSettings + Approves a request and returns the updated ApprovalRequest. Returns + NOT_FOUND if the request does not exist. Returns FAILED_PRECONDITION if + the request exists but is not in a pending state. + operationId: accessapproval.projects.approvalRequests.approve requestBody: content: application/json: schema: - $ref: '#/components/schemas/AccessApprovalSettings' + $ref: '#/components/schemas/ApproveApprovalRequestMessage' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1295,27 +1351,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AccessApprovalSettings' + $ref: '#/components/schemas/ApprovalRequest' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: approvalRequestsId + required: true schema: type: string - format: google-fieldmask - delete: + /v1/projects/{projectsId}/approvalRequests/{approvalRequestsId}:dismiss: + parameters: *ref_1 + post: description: >- - Deletes the settings associated with a project, folder, or organization. - This will have the effect of disabling Access Approval for the project, - folder, or organization, but only if all ancestors also have Access - Approval disabled. If Access Approval is enabled at a higher level of - the hierarchy, then Access Approval will still be enabled at this level - as the settings are inherited. - operationId: accessapproval.folders.deleteAccessApprovalSettings + Dismisses a request. Returns the updated ApprovalRequest. NOTE: When a + request is dismissed, it is considered ignored. Dismissing a request + does not prevent access granted by other Access Approval requests. + Returns NOT_FOUND if the request does not exist. Returns + FAILED_PRECONDITION if the request exists but is not in a pending state. + operationId: accessapproval.projects.approvalRequests.dismiss + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DismissApprovalRequestMessage' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1327,46 +1389,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ApprovalRequest' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string - /v1/folders/{foldersId}/serviceAccount: - parameters: *ref_1 - get: - description: >- - Retrieves the service account that is used by Access Approval to access - KMS keys for signing approved approval requests. - operationId: accessapproval.folders.getServiceAccount - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/AccessApprovalServiceAccount' - parameters: - in: path - name: foldersId + name: approvalRequestsId required: true schema: type: string - /v1/folders/{foldersId}/approvalRequests: + /v1/projects/{projectsId}/approvalRequests: parameters: *ref_1 get: description: >- Lists approval requests associated with a project, folder, or organization. Approval requests can be filtered by state (pending, active, dismissed). The order is reverse chronological. - operationId: accessapproval.folders.approvalRequests.list + operationId: accessapproval.projects.approvalRequests.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1381,66 +1423,30 @@ paths: $ref: '#/components/schemas/ListApprovalRequestsResponse' parameters: - in: path - name: foldersId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/folders/{foldersId}/approvalRequests/{approvalRequestsId}: - parameters: *ref_1 - get: - description: >- - Gets an approval request. Returns NOT_FOUND if the request does not - exist. - operationId: accessapproval.folders.approvalRequests.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ApprovalRequest' - parameters: - - in: path - name: foldersId + name: projectsId required: true schema: type: string - - in: path - name: approvalRequestsId - required: true + - in: query + name: pageToken schema: type: string - /v1/folders/{foldersId}/approvalRequests/{approvalRequestsId}:approve: + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/approvalRequests/{approvalRequestsId}: parameters: *ref_1 - post: + get: description: >- - Approves a request and returns the updated ApprovalRequest. Returns - NOT_FOUND if the request does not exist. Returns FAILED_PRECONDITION if - the request exists but is not in a pending state. - operationId: accessapproval.folders.approvalRequests.approve - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ApproveApprovalRequestMessage' + Gets an approval request. Returns NOT_FOUND if the request does not + exist. + operationId: accessapproval.projects.approvalRequests.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1455,7 +1461,7 @@ paths: $ref: '#/components/schemas/ApprovalRequest' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -1464,21 +1470,21 @@ paths: required: true schema: type: string - /v1/folders/{foldersId}/approvalRequests/{approvalRequestsId}:dismiss: + /v1/projects/{projectsId}/approvalRequests/{approvalRequestsId}:invalidate: parameters: *ref_1 post: description: >- - Dismisses a request. Returns the updated ApprovalRequest. NOTE: This - does not deny access to the resource if another request has been made - and approved. It is equivalent in effect to ignoring the request - altogether. Returns NOT_FOUND if the request does not exist. Returns - FAILED_PRECONDITION if the request exists but is not in a pending state. - operationId: accessapproval.folders.approvalRequests.dismiss + Invalidates an existing ApprovalRequest. Returns the updated + ApprovalRequest. NOTE: This action revokes Google access based on this + approval request. If the resource has other active approvals, access + will remain granted. Returns FAILED_PRECONDITION if the request exists + but is not in an approved state. + operationId: accessapproval.projects.approvalRequests.invalidate requestBody: content: application/json: schema: - $ref: '#/components/schemas/DismissApprovalRequestMessage' + $ref: '#/components/schemas/InvalidateApprovalRequestMessage' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1493,7 +1499,7 @@ paths: $ref: '#/components/schemas/ApprovalRequest' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -1502,21 +1508,16 @@ paths: required: true schema: type: string - /v1/folders/{foldersId}/approvalRequests/{approvalRequestsId}:invalidate: + /v1/projects/{projectsId}/accessApprovalSettings: parameters: *ref_1 - post: + delete: description: >- - Invalidates an existing ApprovalRequest. Returns the updated - ApprovalRequest. NOTE: This does not deny access to the resource if - another request has been made and approved. It only invalidates a single - approval. Returns FAILED_PRECONDITION if the request exists but is not - in an approved state. - operationId: accessapproval.folders.approvalRequests.invalidate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InvalidateApprovalRequestMessage' + Deletes the settings associated with a project, folder, or organization. + This will have the effect of disabling Access Approval for the resource. + Access Approval may remain active based on parent resource settings. To + confirm the effective settings, call GetAccessApprovalSettings and + verify effective setting is disabled. + operationId: accessapproval.projects.deleteAccessApprovalSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1528,23 +1529,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApprovalRequest' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: foldersId - required: true - schema: - type: string - - in: path - name: approvalRequestsId + name: projectsId required: true schema: type: string - /v1/organizations/{organizationsId}/accessApprovalSettings: - parameters: *ref_1 get: - description: Gets the settings associated with a project, folder, or organization. - operationId: accessapproval.organizations.getAccessApprovalSettings + description: >- + Gets the Access Approval settings associated with a project, folder, or + organization. + operationId: accessapproval.projects.getAccessApprovalSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1559,7 +1555,7 @@ paths: $ref: '#/components/schemas/AccessApprovalSettings' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -1567,7 +1563,7 @@ paths: description: >- Updates the settings associated with a project, folder, or organization. Settings to update are determined by the value of field_mask. - operationId: accessapproval.organizations.updateAccessApprovalSettings + operationId: accessapproval.projects.updateAccessApprovalSettings requestBody: content: application/json: @@ -1587,7 +1583,7 @@ paths: $ref: '#/components/schemas/AccessApprovalSettings' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -1596,15 +1592,13 @@ paths: schema: type: string format: google-fieldmask - delete: + /v1/projects/{projectsId}/serviceAccount: + parameters: *ref_1 + get: description: >- - Deletes the settings associated with a project, folder, or organization. - This will have the effect of disabling Access Approval for the project, - folder, or organization, but only if all ancestors also have Access - Approval disabled. If Access Approval is enabled at a higher level of - the hierarchy, then Access Approval will still be enabled at this level - as the settings are inherited. - operationId: accessapproval.organizations.deleteAccessApprovalSettings + Retrieves the service account that is used by Access Approval to access + KMS keys for signing approved approval requests. + operationId: accessapproval.projects.getServiceAccount security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1616,20 +1610,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/AccessApprovalServiceAccount' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - /v1/organizations/{organizationsId}/serviceAccount: + /v1/folders/{foldersId}/approvalRequests/{approvalRequestsId}:dismiss: parameters: *ref_1 - get: + post: description: >- - Retrieves the service account that is used by Access Approval to access - KMS keys for signing approved approval requests. - operationId: accessapproval.organizations.getServiceAccount + Dismisses a request. Returns the updated ApprovalRequest. NOTE: When a + request is dismissed, it is considered ignored. Dismissing a request + does not prevent access granted by other Access Approval requests. + Returns NOT_FOUND if the request does not exist. Returns + FAILED_PRECONDITION if the request exists but is not in a pending state. + operationId: accessapproval.folders.approvalRequests.dismiss + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DismissApprovalRequestMessage' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1641,21 +1643,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AccessApprovalServiceAccount' + $ref: '#/components/schemas/ApprovalRequest' parameters: - in: path - name: organizationsId + name: foldersId required: true schema: type: string - /v1/organizations/{organizationsId}/approvalRequests: + - in: path + name: approvalRequestsId + required: true + schema: + type: string + /v1/folders/{foldersId}/approvalRequests: parameters: *ref_1 get: description: >- Lists approval requests associated with a project, folder, or organization. Approval requests can be filtered by state (pending, active, dismissed). The order is reverse chronological. - operationId: accessapproval.organizations.approvalRequests.list + operationId: accessapproval.folders.approvalRequests.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1670,30 +1677,36 @@ paths: $ref: '#/components/schemas/ListApprovalRequestsResponse' parameters: - in: path - name: organizationsId + name: foldersId required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: filter + schema: + type: string - in: query name: pageToken schema: type: string - /v1/organizations/{organizationsId}/approvalRequests/{approvalRequestsId}: + /v1/folders/{foldersId}/approvalRequests/{approvalRequestsId}:approve: parameters: *ref_1 - get: + post: description: >- - Gets an approval request. Returns NOT_FOUND if the request does not - exist. - operationId: accessapproval.organizations.approvalRequests.get + Approves a request and returns the updated ApprovalRequest. Returns + NOT_FOUND if the request does not exist. Returns FAILED_PRECONDITION if + the request exists but is not in a pending state. + operationId: accessapproval.folders.approvalRequests.approve + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ApproveApprovalRequestMessage' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1708,7 +1721,7 @@ paths: $ref: '#/components/schemas/ApprovalRequest' parameters: - in: path - name: organizationsId + name: foldersId required: true schema: type: string @@ -1717,19 +1730,13 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/approvalRequests/{approvalRequestsId}:approve: + /v1/folders/{foldersId}/approvalRequests/{approvalRequestsId}: parameters: *ref_1 - post: + get: description: >- - Approves a request and returns the updated ApprovalRequest. Returns - NOT_FOUND if the request does not exist. Returns FAILED_PRECONDITION if - the request exists but is not in a pending state. - operationId: accessapproval.organizations.approvalRequests.approve - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ApproveApprovalRequestMessage' + Gets an approval request. Returns NOT_FOUND if the request does not + exist. + operationId: accessapproval.folders.approvalRequests.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1744,7 +1751,7 @@ paths: $ref: '#/components/schemas/ApprovalRequest' parameters: - in: path - name: organizationsId + name: foldersId required: true schema: type: string @@ -1753,21 +1760,21 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/approvalRequests/{approvalRequestsId}:dismiss: + /v1/folders/{foldersId}/approvalRequests/{approvalRequestsId}:invalidate: parameters: *ref_1 post: description: >- - Dismisses a request. Returns the updated ApprovalRequest. NOTE: This - does not deny access to the resource if another request has been made - and approved. It is equivalent in effect to ignoring the request - altogether. Returns NOT_FOUND if the request does not exist. Returns - FAILED_PRECONDITION if the request exists but is not in a pending state. - operationId: accessapproval.organizations.approvalRequests.dismiss + Invalidates an existing ApprovalRequest. Returns the updated + ApprovalRequest. NOTE: This action revokes Google access based on this + approval request. If the resource has other active approvals, access + will remain granted. Returns FAILED_PRECONDITION if the request exists + but is not in an approved state. + operationId: accessapproval.folders.approvalRequests.invalidate requestBody: content: application/json: schema: - $ref: '#/components/schemas/DismissApprovalRequestMessage' + $ref: '#/components/schemas/InvalidateApprovalRequestMessage' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1782,7 +1789,7 @@ paths: $ref: '#/components/schemas/ApprovalRequest' parameters: - in: path - name: organizationsId + name: foldersId required: true schema: type: string @@ -1791,21 +1798,18 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/approvalRequests/{approvalRequestsId}:invalidate: + /v1/folders/{foldersId}/accessApprovalSettings: parameters: *ref_1 - post: + patch: description: >- - Invalidates an existing ApprovalRequest. Returns the updated - ApprovalRequest. NOTE: This does not deny access to the resource if - another request has been made and approved. It only invalidates a single - approval. Returns FAILED_PRECONDITION if the request exists but is not - in an approved state. - operationId: accessapproval.organizations.approvalRequests.invalidate + Updates the settings associated with a project, folder, or organization. + Settings to update are determined by the value of field_mask. + operationId: accessapproval.folders.updateAccessApprovalSettings requestBody: content: application/json: schema: - $ref: '#/components/schemas/InvalidateApprovalRequestMessage' + $ref: '#/components/schemas/AccessApprovalSettings' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1817,15 +1821,89 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApprovalRequest' + $ref: '#/components/schemas/AccessApprovalSettings' parameters: - in: path - name: organizationsId + name: foldersId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: >- + Deletes the settings associated with a project, folder, or organization. + This will have the effect of disabling Access Approval for the resource. + Access Approval may remain active based on parent resource settings. To + confirm the effective settings, call GetAccessApprovalSettings and + verify effective setting is disabled. + operationId: accessapproval.folders.deleteAccessApprovalSettings + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: foldersId + required: true + schema: + type: string + get: + description: >- + Gets the Access Approval settings associated with a project, folder, or + organization. + operationId: accessapproval.folders.getAccessApprovalSettings + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/AccessApprovalSettings' + parameters: + - in: path + name: foldersId required: true schema: type: string + /v1/folders/{foldersId}/serviceAccount: + parameters: *ref_1 + get: + description: >- + Retrieves the service account that is used by Access Approval to access + KMS keys for signing approved approval requests. + operationId: accessapproval.folders.getServiceAccount + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/AccessApprovalServiceAccount' + parameters: - in: path - name: approvalRequestsId + name: foldersId required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/accesscontextmanager.yaml b/providers/src/googleapis.com/v00.00.00000/services/accesscontextmanager.yaml index f943666a..649f8654 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/accesscontextmanager.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/accesscontextmanager.yaml @@ -17,8 +17,8 @@ info: Modifications using v1alpha should be limited to policies with non-production/non-critical service perimeters. version: v1 - x-discovery-doc-revision: '20250805' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251202' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/access-context-manager/docs/reference/rest/ servers: @@ -44,133 +44,8 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object - properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - ListAccessPoliciesResponse: - id: ListAccessPoliciesResponse - description: A response to `ListAccessPoliciesRequest`. - type: object - properties: - accessPolicies: - description: List of the AccessPolicy instances. - type: array - items: - $ref: '#/components/schemas/AccessPolicy' - nextPageToken: - description: >- - The pagination token to retrieve the next page of results. If the - value is empty, no further results remain. - type: string AccessPolicy: + type: object id: AccessPolicy description: >- `AccessPolicy` is a container for `AccessLevels` (which define the @@ -179,23 +54,17 @@ components: pass data within a perimeter). An access policy is globally visible within an organization, and the restrictions it specifies apply to all projects within an organization. - type: object properties: name: + type: string description: >- Output only. Identifier. Resource name of the `AccessPolicy`. Format: `accessPolicies/{access_policy}` - type: string - parent: - description: >- - Required. The parent of this `AccessPolicy` in the Cloud Resource - Hierarchy. Currently immutable once created. Format: - `organizations/{organization_id}` - type: string title: - description: Required. Human readable title. Does not affect behavior. type: string + description: Required. Human readable title. Does not affect behavior. scopes: + type: array description: >- The scopes of the AccessPolicy. Scopes define which resources a policy can restrict and where its resources can be referenced. For @@ -209,627 +78,621 @@ components: restricted. Scopes cannot be modified after a policy is created. Policies can only have a single scope. Format: list of `folders/{folder_number}` or `projects/{project_number}` - type: array items: type: string etag: + readOnly: true description: >- Output only. An opaque identifier for the current version of the `AccessPolicy`. This will always be a strongly validated etag, meaning that two Access Policies will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format. - readOnly: true - type: string - ListAccessLevelsResponse: - id: ListAccessLevelsResponse - description: A response to `ListAccessLevelsRequest`. - type: object - properties: - accessLevels: - description: List of the Access Level instances. - type: array - items: - $ref: '#/components/schemas/AccessLevel' - nextPageToken: - description: >- - The pagination token to retrieve the next page of results. If the - value is empty, no further results remain. - type: string - AccessLevel: - id: AccessLevel - description: >- - An `AccessLevel` is a label that can be applied to requests to Google - Cloud services, along with a list of requirements necessary for the - label to be applied. - type: object - properties: - name: - description: >- - Identifier. Resource name for the `AccessLevel`. Format: - `accessPolicies/{access_policy}/accessLevels/{access_level}`. The - `access_level` component must begin with a letter, followed by - alphanumeric characters or `_`. Its maximum length is 50 characters. - After you create an `AccessLevel`, you cannot change its `name`. - type: string - title: - description: Human readable title. Must be unique within the Policy. type: string - description: + parent: description: >- - Description of the `AccessLevel` and its use. Does not affect - behavior. + Required. The parent of this `AccessPolicy` in the Cloud Resource + Hierarchy. Currently immutable once created. Format: + `organizations/{organization_id}` type: string - basic: - description: A `BasicLevel` composed of `Conditions`. - $ref: '#/components/schemas/BasicLevel' - custom: - description: A `CustomLevel` written in the Common Expression Language. - $ref: '#/components/schemas/CustomLevel' - BasicLevel: - id: BasicLevel - description: '`BasicLevel` is an `AccessLevel` using a set of recommended features.' + IngressTo: type: object properties: - conditions: + operations: + items: + $ref: '#/components/schemas/ApiOperation' description: >- - Required. A list of requirements for the `AccessLevel` to be - granted. + A list of ApiOperations allowed to be performed by the sources + specified in corresponding IngressFrom in this ServicePerimeter. type: array + resources: items: - $ref: '#/components/schemas/Condition' - combiningFunction: - description: >- - How the `conditions` list should be combined to determine if a - request is granted this `AccessLevel`. If AND is used, each - `Condition` in `conditions` must be satisfied for the `AccessLevel` - to be applied. If OR is used, at least one `Condition` in - `conditions` must be satisfied for the `AccessLevel` to be applied. - Default behavior is AND. - type: string - enumDescriptions: - - All `Conditions` must be true for the `BasicLevel` to be true. - - >- - If at least one `Condition` is true, then the `BasicLevel` is - true. - enum: - - AND - - OR - Condition: - id: Condition - description: >- - A condition necessary for an `AccessLevel` to be granted. The Condition - is an AND over its fields. So a Condition is true if: 1) the request IP - is from one of the listed subnetworks AND 2) the originating device - complies with the listed device policy AND 3) all listed access levels - are granted AND 4) the request was sent at a time allowed by the - DateTimeRestriction. - type: object - properties: - ipSubnetworks: + type: string description: >- - CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note - that for a CIDR IP address block, the specified IP address portion - must be properly truncated (i.e. all the host bits must be zero) or - the input is considered malformed. For example, "192.0.2.0/24" is - accepted but "192.0.2.1/24" is not. Similarly, for IPv6, - "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The - originating IP of a request must be in one of the listed subnets in - order for this Condition to be true. If empty, all IP addresses are - allowed. + A list of resources, currently only projects in the form + `projects/`, protected by this ServicePerimeter that are allowed to + be accessed by sources defined in the corresponding IngressFrom. If + a single `*` is specified, then access to all resources inside the + perimeter are allowed. + type: array + roles: type: array items: type: string - devicePolicy: - description: >- - Device specific restrictions, all restrictions must hold for the - Condition to be true. If not specified, all devices are allowed. - $ref: '#/components/schemas/DevicePolicy' - requiredAccessLevels: description: >- - A list of other access levels defined in the same `Policy`, - referenced by resource name. Referencing an `AccessLevel` which does - not exist is an error. All access levels listed must be granted for - the Condition to be true. Example: - "`accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"` + IAM roles that represent the set of operations that the sources + specified in the corresponding IngressFrom are allowed to perform in + this ServicePerimeter. + id: IngressTo + description: >- + Defines the conditions under which an IngressPolicy matches a request. + Conditions are based on information about the ApiOperation intended to + be performed on the target resource of the request. The request must + satisfy what is defined in `operations` AND `resources` in order to + match. + IngressFrom: + description: >- + Defines the conditions under which an IngressPolicy matches a request. + Conditions are based on information about the source of the request. The + request must satisfy what is defined in `sources` AND identity related + fields in order to match. + properties: + sources: type: array + description: Sources that this IngressPolicy authorizes access from. items: - type: string - negate: - description: >- - Whether to negate the Condition. If true, the Condition becomes a - NAND over its non-empty fields. Any non-empty field criteria - evaluating to false will result in the Condition to be satisfied. - Defaults to false. - type: boolean - members: + $ref: '#/components/schemas/IngressSource' + identities: description: >- - The request must be made by one of the provided user or service - accounts. Groups are not supported. Syntax: `user:{emailid}` - `serviceAccount:{emailid}` If not specified, a request may come from - any user. - type: array + A list of identities that are allowed access through + [IngressPolicy]. Identities can be an individual user, service + account, Google group, or third-party identity. For third-party + identity, only single identities are supported and other identity + types are not supported. The `v1` identities that have the prefix + `user`, `group`, `serviceAccount`, and `principal` in + https://cloud.google.com/iam/docs/principal-identifiers#v1 are + supported. items: type: string - regions: + type: array + identityType: + enum: + - IDENTITY_TYPE_UNSPECIFIED + - ANY_IDENTITY + - ANY_USER_ACCOUNT + - ANY_SERVICE_ACCOUNT + type: string description: >- - The request must originate from one of the provided - countries/regions. Must be valid ISO 3166-1 alpha-2 codes. + Specifies the type of identities that are allowed access from + outside the perimeter. If left unspecified, then members of + `identities` field will be allowed access. + enumDescriptions: + - No blanket identity group specified. + - Authorize access from all identities outside the perimeter. + - Authorize access from all human users outside the perimeter. + - Authorize access from all service accounts outside the perimeter. + type: object + id: IngressFrom + ListSupportedServicesResponse: + id: ListSupportedServicesResponse + type: object + properties: + supportedServices: + description: List of services supported by VPC Service Controls instances. + items: + $ref: '#/components/schemas/SupportedService' + type: array + nextPageToken: + description: >- + The pagination token to retrieve the next page of results. If the + value is empty, no further results remain. + type: string + description: A response to `ListSupportedServicesRequest`. + ListOperationsResponse: + properties: + nextPageToken: + type: string + description: The standard List next-page token. + operations: + description: >- + A list of operations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Operation' type: array + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. items: type: string - vpcNetworkSources: + type: array + description: The response message for Operations.ListOperations. + id: ListOperationsResponse + type: object + ListAccessPoliciesResponse: + properties: + nextPageToken: description: >- - The request must originate from one of the provided VPC networks in - Google Cloud. Cannot specify this field together with - `ip_subnetworks`. + The pagination token to retrieve the next page of results. If the + value is empty, no further results remain. + type: string + accessPolicies: + description: List of the AccessPolicy instances. type: array items: - $ref: '#/components/schemas/VpcNetworkSource' - DevicePolicy: - id: DevicePolicy - description: >- - `DevicePolicy` specifies device specific restrictions necessary to - acquire a given access level. A `DevicePolicy` specifies requirements - for requests from devices to be granted access levels, it does not do - any enforcement on the device. `DevicePolicy` acts as an AND over all - specified fields, and each repeated field is an OR over its elements. - Any unset fields are ignored. For example, if the proto is { os_type : - DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, - then the DevicePolicy will be true for requests originating from - encrypted Linux desktops and encrypted Windows desktops. + $ref: '#/components/schemas/AccessPolicy' + description: A response to `ListAccessPoliciesRequest`. + type: object + id: ListAccessPoliciesResponse + VpcAccessibleServices: type: object + description: >- + Specifies how APIs are allowed to communicate within the Service + Perimeter. properties: - requireScreenlock: + allowedServices: description: >- - Whether or not screenlock is required for the DevicePolicy to be - true. Defaults to `false`. - type: boolean - allowedEncryptionStatuses: - description: Allowed encryptions statuses, an empty list allows all statuses. + The list of APIs usable within the Service Perimeter. Must be empty + unless 'enable_restriction' is True. You can specify a list of + individual services, as well as include the 'RESTRICTED-SERVICES' + value, which automatically includes all of the services protected by + the perimeter. type: array items: type: string - enumDescriptions: - - >- - The encryption status of the device is not specified or not - known. - - The device does not support encryption. - - The device supports encryption, but is currently unencrypted. - - The device is encrypted. - enum: - - ENCRYPTION_UNSPECIFIED - - ENCRYPTION_UNSUPPORTED - - UNENCRYPTED - - ENCRYPTED - osConstraints: + enableRestriction: + type: boolean description: >- - Allowed OS versions, an empty list allows all types and all - versions. + Whether to restrict API calls within the Service Perimeter to the + list of APIs specified in 'allowed_services'. + id: VpcAccessibleServices + GcpUserAccessBinding: + properties: + groupKey: + type: string + description: >- + Optional. Immutable. Google Group id whose users are subject to this + binding's restrictions. See "id" in the [Google Workspace Directory + API's Group Resource] + (https://developers.google.com/admin-sdk/directory/v1/reference/groups#resource). + If a group's email address/alias is changed, this resource will + continue to point at the changed group. This field does not accept + group email addresses or aliases. Example: "01d520gv4vjcrht" + accessLevels: + description: >- + Optional. Access level that a user must have to be granted access. + Only one access level is supported, not multiple. This repeated + field must have exactly one element. Example: + "accessPolicies/9522/accessLevels/device_trusted" type: array items: - $ref: '#/components/schemas/OsConstraint' - allowedDeviceManagementLevels: + type: string + scopedAccessSettings: + type: array description: >- - Allowed device management levels, an empty list allows all - management levels. + Optional. A list of scoped access settings that set this binding's + restrictions on a subset of applications. This field cannot be set + if restricted_client_applications is set. + items: + $ref: '#/components/schemas/ScopedAccessSettings' + dryRunAccessLevels: + description: >- + Optional. Dry run access level that will be evaluated but will not + be enforced. The access denial based on dry run policy will be + logged. Only one access level is supported, not multiple. This list + must have exactly one element. Example: + "accessPolicies/9522/accessLevels/device_trusted" type: array items: type: string - enumDescriptions: - - The device's management level is not specified or not known. - - The device is not managed. - - >- - Basic management is enabled, which is generally limited to - monitoring and wiping the corporate account. - - >- - Complete device management. This includes more thorough - monitoring and the ability to directly manage the device (such - as remote wiping). This can be enabled through the Android - Enterprise Platform. - enum: - - MANAGEMENT_UNSPECIFIED - - NONE - - BASIC - - COMPLETE - requireAdminApproval: - description: Whether the device needs to be approved by the customer admin. - type: boolean - requireCorpOwned: - description: Whether the device needs to be corp owned. - type: boolean - OsConstraint: - id: OsConstraint - description: A restriction on the OS type and version of devices making requests. - type: object - properties: - osType: - description: Required. The allowed OS type. + name: + description: >- + Immutable. Assigned by the server during creation. The last segment + has an arbitrary length and has only URI unreserved characters (as + defined by [RFC 3986 Section + 2.3](https://tools.ietf.org/html/rfc3986#section-2.3)). Should not + be specified by the client during creation. Example: + "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N" type: string - enumDescriptions: - - The operating system of the device is not specified or not known. - - A desktop Mac operating system. - - A desktop Windows operating system. - - A desktop Linux operating system. - - A desktop ChromeOS operating system. - - An Android operating system. - - An iOS operating system. - enum: - - OS_UNSPECIFIED - - DESKTOP_MAC - - DESKTOP_WINDOWS - - DESKTOP_LINUX - - DESKTOP_CHROME_OS - - ANDROID - - IOS - minimumVersion: + sessionSettings: description: >- - The minimum allowed OS version. If not set, any version of this OS - satisfies the constraint. Format: `"major.minor.patch"`. Examples: - `"10.5.301"`, `"9.2.1"`. - type: string - requireVerifiedChromeOs: + Optional. The Google Cloud session length (GCSL) policy for the + group key. + $ref: '#/components/schemas/SessionSettings' + restrictedClientApplications: + type: array description: >- - Only allows requests from devices with a verified Chrome OS. - Verifications includes requirements that the device is - enterprise-managed, conformant to domain policies, and the caller - has permission to call the API targeted by the request. - type: boolean - VpcNetworkSource: - id: VpcNetworkSource - description: The originating network source in Google Cloud. + Optional. A list of applications that are subject to this binding's + restrictions. If the list is empty, the binding restrictions will + universally apply to all applications. + items: + $ref: '#/components/schemas/Application' + id: GcpUserAccessBinding type: object - properties: - vpcSubnetwork: - description: Sub-segment ranges of a VPC network. - $ref: '#/components/schemas/VpcSubNetwork' - VpcSubNetwork: - id: VpcSubNetwork - description: Sub-segment ranges inside of a VPC Network. + description: >- + Restricts access to Cloud Console and Google Cloud APIs for a set of + users using Context-Aware Access. + BasicLevel: + id: BasicLevel + description: '`BasicLevel` is an `AccessLevel` using a set of recommended features.' type: object properties: - network: + conditions: + items: + $ref: '#/components/schemas/Condition' + type: array description: >- - Required. Network name. If the network is not part of the - organization, the `compute.network.get` permission must be granted - to the caller. Format: - `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME}` - Example: - `//compute.googleapis.com/projects/my-project/global/networks/network-1` + Required. A list of requirements for the `AccessLevel` to be + granted. + combiningFunction: type: string - vpcIpSubnetworks: + enum: + - AND + - OR + enumDescriptions: + - All `Conditions` must be true for the `BasicLevel` to be true. + - >- + If at least one `Condition` is true, then the `BasicLevel` is + true. description: >- - CIDR block IP subnetwork specification. The IP address must be an - IPv4 address and can be a public or private IP address. Note that - for a CIDR IP address block, the specified IP address portion must - be properly truncated (i.e. all the host bits must be zero) or the - input is considered malformed. For example, "192.0.2.0/24" is - accepted but "192.0.2.1/24" is not. If empty, all IP addresses are - allowed. - type: array - items: - type: string - CustomLevel: - id: CustomLevel - description: >- - `CustomLevel` is an `AccessLevel` using the Cloud Common Expression - Language to represent the necessary conditions for the level to apply to - a request. See CEL spec at: https://github.com/google/cel-spec - type: object - properties: - expr: - description: Required. A Cloud CEL expression evaluating to a boolean. - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - type: object + How the `conditions` list should be combined to determine if a + request is granted this `AccessLevel`. If AND is used, each + `Condition` in `conditions` must be satisfied for the `AccessLevel` + to be applied. If OR is used, at least one `Condition` in + `conditions` must be satisfied for the `AccessLevel` to be applied. + Default behavior is AND. + SetIamPolicyRequest: properties: - expression: + updateMask: description: >- - Textual representation of an expression in Common Expression - Language syntax. + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` type: string - title: + format: google-fieldmask + policy: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' + description: Request message for `SetIamPolicy` method. + id: SetIamPolicyRequest + type: object + EgressSource: + properties: + resource: type: string - description: description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: + A Google Cloud resource from the service perimeter that you want to + allow to access data outside the perimeter. This field supports only + projects. The project format is `projects/{project_number}`. You + can't use `*` in this field to allow all Google Cloud resources. + accessLevel: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + An AccessLevel resource name that allows protected resources inside + the ServicePerimeters to access outside the ServicePerimeter + boundaries. AccessLevels listed must be in the same policy as this + ServicePerimeter. Referencing a nonexistent AccessLevel will cause + an error. If an AccessLevel name is not specified, only resources + within the perimeter can be accessed through Google Cloud calls with + request origins within the perimeter. Example: + `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is + specified for `access_level`, then all EgressSources will be + allowed. type: string - ReplaceAccessLevelsRequest: - id: ReplaceAccessLevelsRequest + type: object + id: EgressSource description: >- - A request to replace all existing Access Levels in an Access Policy with - the Access Levels provided. This is done atomically. + The source that EgressPolicy authorizes access from inside the + ServicePerimeter to somewhere outside the ServicePerimeter boundaries. + CancelOperationRequest: + properties: {} + type: object + id: CancelOperationRequest + description: The request message for Operations.CancelOperation. + MethodSelector: type: object + id: MethodSelector properties: - accessLevels: - description: >- - Required. The desired Access Levels that should replace all existing - Access Levels in the Access Policy. - type: array - items: - $ref: '#/components/schemas/AccessLevel' - etag: + permission: description: >- - Optional. The etag for the version of the Access Policy that this - replace operation is to be performed on. If, at the time of replace, - the etag for the Access Policy stored in Access Context Manager is - different from the specified etag, then the replace operation will - not be performed and the call will fail. This field is not required. - If etag is not provided, the operation will be performed as if a - valid etag is provided. + A valid Cloud IAM permission for the corresponding `service_name` in + ApiOperation. type: string - ListServicePerimetersResponse: - id: ListServicePerimetersResponse - description: A response to `ListServicePerimetersRequest`. - type: object - properties: - servicePerimeters: - description: List of the Service Perimeter instances. - type: array - items: - $ref: '#/components/schemas/ServicePerimeter' - nextPageToken: + method: description: >- - The pagination token to retrieve the next page of results. If the - value is empty, no further results remain. + A valid method name for the corresponding `service_name` in + ApiOperation. If `*` is used as the value for the `method`, then ALL + methods and permissions are allowed. type: string - ServicePerimeter: - id: ServicePerimeter + description: An allowed method or permission of a service specified in ApiOperation. + EgressTo: description: >- - `ServicePerimeter` describes a set of Google Cloud resources which can - freely import and export data amongst themselves, but not export outside - of the `ServicePerimeter`. If a request with a source within this - `ServicePerimeter` has a target outside of the `ServicePerimeter`, the - request will be blocked. Otherwise the request is allowed. There are two - types of Service Perimeter - Regular and Bridge. Regular Service - Perimeters cannot overlap, a single Google Cloud project or VPC network - can only belong to a single regular Service Perimeter. Service Perimeter - Bridges can contain only Google Cloud projects as members, a single - Google Cloud project may belong to multiple Service Perimeter Bridges. + Defines the conditions under which an EgressPolicy matches a request. + Conditions are based on information about the ApiOperation intended to + be performed on the `resources` specified. Note that if the destination + of the request is also protected by a ServicePerimeter, then that + ServicePerimeter must have an IngressPolicy which allows access in order + for this request to succeed. The request must match `operations` AND + `resources` fields in order to be allowed egress out of the perimeter. + id: EgressTo type: object properties: - name: + externalResources: description: >- - Identifier. Resource name for the `ServicePerimeter`. Format: - `accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}`. - The `service_perimeter` component must begin with a letter, followed - by alphanumeric characters or `_`. After you create a - `ServicePerimeter`, you cannot change its `name`. - type: string - title: - description: Human readable title. Must be unique within the Policy. - type: string - description: + A list of external resources that are allowed to be accessed. Only + AWS and Azure resources are supported. For Amazon S3, the supported + formats are s3://BUCKET_NAME, s3a://BUCKET_NAME, and + s3n://BUCKET_NAME. For Azure Storage, the supported format is + azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request + matches if it contains an external resource in this list (Example: + s3://bucket/path). Currently '*' is not allowed. + items: + type: string + type: array + roles: + items: + type: string + type: array description: >- - Description of the `ServicePerimeter` and its use. Does not affect - behavior. - type: string - perimeterType: + IAM roles that represent the set of operations that the sources + specified in the corresponding EgressFrom. are allowed to perform in + this ServicePerimeter. + resources: description: >- - Perimeter type indicator. A single project or VPC network is allowed - to be a member of single regular perimeter, but multiple service - perimeter bridges. A project cannot be a included in a perimeter - bridge without being included in regular perimeter. For perimeter - bridges, the restricted service list as well as access level lists - must be empty. - type: string - enumDescriptions: - - >- - Regular Perimeter. When no value is specified, the perimeter uses - this type. - - Perimeter Bridge. - enum: - - PERIMETER_TYPE_REGULAR - - PERIMETER_TYPE_BRIDGE - status: + A list of resources, currently only projects in the form + `projects/`, that are allowed to be accessed by sources defined in + the corresponding EgressFrom. A request matches if it contains a + resource in this list. If `*` is specified for `resources`, then + this EgressTo rule will authorize access to all resources outside + the perimeter. + items: + type: string + type: array + operations: description: >- - Current ServicePerimeter configuration. Specifies sets of resources, - restricted services and access levels that determine perimeter - content and boundaries. - $ref: '#/components/schemas/ServicePerimeterConfig' - spec: + A list of ApiOperations allowed to be performed by the sources + specified in the corresponding EgressFrom. A request matches if it + uses an operation/service in this list. + items: + $ref: '#/components/schemas/ApiOperation' + type: array + AccessSettings: + type: object + description: >- + Access settings represent the set of conditions that must be met for + access to be granted. At least one of the fields must be set. + id: AccessSettings + properties: + sessionSettings: + $ref: '#/components/schemas/SessionSettings' description: >- - Proposed (or dry run) ServicePerimeter configuration. This - configuration allows to specify and test ServicePerimeter - configuration without enforcing actual access restrictions. Only - allowed to be set when the "use_explicit_dry_run_spec" flag is set. - $ref: '#/components/schemas/ServicePerimeterConfig' - useExplicitDryRunSpec: + Optional. Session settings applied to user access on a given + AccessScope. + accessLevels: + items: + type: string + type: array description: >- - Use explicit dry run spec flag. Ordinarily, a dry-run spec - implicitly exists for all Service Perimeters, and that spec is - identical to the status for those Service Perimeters. When this flag - is set, it inhibits the generation of the implicit spec, thereby - allowing the user to explicitly provide a configuration ("spec") to - use in a dry-run version of the Service Perimeter. This allows the - user to test changes to the enforced config ("status") without - actually enforcing them. This testing is done through analyzing the - differences between currently enforced and suggested restrictions. - use_explicit_dry_run_spec must bet set to True if any of the fields - in the spec are set to non-default values. - type: boolean - etag: + Optional. Access level that a user must have to be granted access. + Only one access level is supported, not multiple. This repeated + field must have exactly one element. Example: + "accessPolicies/9522/accessLevels/device_trusted" + Operation: + id: Operation + type: object + description: >- + This resource represents a long-running operation that is the result of + a network API call. + properties: + name: description: >- - Optional. An opaque identifier for the current version of the - `ServicePerimeter`. This identifier does not follow any specific - format. If an etag is not provided, the operation will be performed - as if a valid etag is provided. + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string - ServicePerimeterConfig: - id: ServicePerimeterConfig + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + metadata: + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + response: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + Status: description: >- - `ServicePerimeterConfig` specifies a set of Google Cloud resources that - describe specific Service Perimeter configuration. + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + id: Status type: object properties: - resources: + message: description: >- - A list of Google Cloud resources that are inside of the service - perimeter. Currently only projects and VPCs are allowed. Project - format: `projects/{project_number}` VPC network format: - `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + details: type: array items: - type: string - accessLevels: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any description: >- - A list of `AccessLevel` resource names that allow resources within - the `ServicePerimeter` to be accessed from the internet. - `AccessLevels` listed must be in the same policy as this - `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a - syntax error. If no `AccessLevel` names are listed, resources within - the perimeter can only be accessed via Google Cloud calls with - request origins within the perimeter. Example: - `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`. For Service - Perimeter Bridge, must be empty. - type: array + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + code: + type: integer + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + Condition: + type: object + description: >- + A condition necessary for an `AccessLevel` to be granted. The Condition + is an AND over its fields. So a Condition is true if: 1) the request IP + is from one of the listed subnetworks AND 2) the originating device + complies with the listed device policy AND 3) all listed access levels + are granted AND 4) the request was sent at a time allowed by the + DateTimeRestriction. + id: Condition + properties: + ipSubnetworks: items: type: string - restrictedServices: + type: array description: >- - Google Cloud services that are subject to the Service Perimeter - restrictions. For example, if `storage.googleapis.com` is specified, - access to the storage buckets inside the perimeter must meet the - perimeter's access restrictions. + CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note + that for a CIDR IP address block, the specified IP address portion + must be properly truncated (i.e. all the host bits must be zero) or + the input is considered malformed. For example, "192.0.2.0/24" is + accepted but "192.0.2.1/24" is not. Similarly, for IPv6, + "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The + originating IP of a request must be in one of the listed subnets in + order for this Condition to be true. If empty, all IP addresses are + allowed. + requiredAccessLevels: + description: >- + A list of other access levels defined in the same `Policy`, + referenced by resource name. Referencing an `AccessLevel` which does + not exist is an error. All access levels listed must be granted for + the Condition to be true. Example: + "`accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"` type: array items: type: string - vpcAccessibleServices: - description: Configuration for APIs allowed within Perimeter. - $ref: '#/components/schemas/VpcAccessibleServices' - ingressPolicies: - description: >- - List of IngressPolicies to apply to the perimeter. A perimeter may - have multiple IngressPolicies, each of which is evaluated - separately. Access is granted if any Ingress Policy grants it. Must - be empty for a perimeter bridge. + members: type: array items: - $ref: '#/components/schemas/IngressPolicy' - egressPolicies: + type: string description: >- - List of EgressPolicies to apply to the perimeter. A perimeter may - have multiple EgressPolicies, each of which is evaluated separately. - Access is granted if any EgressPolicy grants it. Must be empty for a - perimeter bridge. + The request must be made by one of the provided user or service + accounts. Groups are not supported. Syntax: `user:{emailid}` + `serviceAccount:{emailid}` If not specified, a request may come from + any user. + vpcNetworkSources: type: array + description: >- + The request must originate from one of the provided VPC networks in + Google Cloud. Cannot specify this field together with + `ip_subnetworks`. items: - $ref: '#/components/schemas/EgressPolicy' - VpcAccessibleServices: - id: VpcAccessibleServices - description: >- - Specifies how APIs are allowed to communicate within the Service - Perimeter. - type: object - properties: - enableRestriction: + $ref: '#/components/schemas/VpcNetworkSource' + negate: description: >- - Whether to restrict API calls within the Service Perimeter to the - list of APIs specified in 'allowed_services'. + Whether to negate the Condition. If true, the Condition becomes a + NAND over its non-empty fields. Any non-empty field criteria + evaluating to false will result in the Condition to be satisfied. + Defaults to false. type: boolean - allowedServices: + devicePolicy: + $ref: '#/components/schemas/DevicePolicy' description: >- - The list of APIs usable within the Service Perimeter. Must be empty - unless 'enable_restriction' is True. You can specify a list of - individual services, as well as include the 'RESTRICTED-SERVICES' - value, which automatically includes all of the services protected by - the perimeter. + Device specific restrictions, all restrictions must hold for the + Condition to be true. If not specified, all devices are allowed. + regions: type: array + description: >- + The request must originate from one of the provided + countries/regions. Must be valid ISO 3166-1 alpha-2 codes. items: type: string - IngressPolicy: - id: IngressPolicy - description: >- - Policy for ingress into ServicePerimeter. IngressPolicies match requests - based on `ingress_from` and `ingress_to` stanzas. For an ingress policy - to match, both the `ingress_from` and `ingress_to` stanzas must be - matched. If an IngressPolicy matches a request, the request is allowed - through the perimeter boundary from outside the perimeter. For example, - access from the internet can be allowed either based on an AccessLevel - or, for traffic hosted on Google Cloud, the project of the source - network. For access from private networks, using the project of the - hosting network is required. Individual ingress policies can be limited - by restricting which services and/or actions they match using the - `ingress_to` field. + ListAuthorizedOrgsDescsResponse: type: object properties: - ingressFrom: - description: >- - Defines the conditions on the source of a request causing this - IngressPolicy to apply. - $ref: '#/components/schemas/IngressFrom' - ingressTo: + nextPageToken: + type: string description: >- - Defines the conditions on the ApiOperation and request destination - that cause this IngressPolicy to apply. - $ref: '#/components/schemas/IngressTo' - title: + The pagination token to retrieve the next page of results. If the + value is empty, no further results remain. + authorizedOrgsDescs: + items: + $ref: '#/components/schemas/AuthorizedOrgsDesc' + type: array + description: List of all the Authorized Orgs Desc instances. + description: A response to `ListAuthorizedOrgsDescsRequest`. + id: ListAuthorizedOrgsDescsResponse + CommitServicePerimetersRequest: + description: >- + A request to commit dry-run specs in all Service Perimeters belonging to + an Access Policy. + id: CommitServicePerimetersRequest + type: object + properties: + etag: + type: string description: >- - Optional. Human-readable title for the ingress rule. The title must - be unique within the perimeter and can not exceed 100 characters. - Within the access policy, the combined length of all rule titles - must not exceed 240,000 characters. + Optional. The etag for the version of the Access Policy that this + commit operation is to be performed on. If, at the time of commit, + the etag for the Access Policy stored in Access Context Manager is + different from the specified etag, then the commit operation will + not be performed and the call will fail. This field is not required. + If etag is not provided, the operation will be performed as if a + valid etag is provided. + Application: + id: Application + description: An application that accesses Google Cloud APIs. + type: object + properties: + clientId: + description: The OAuth client ID of the application. type: string - IngressFrom: - id: IngressFrom + name: + type: string + description: 'The name of the application. Example: "Cloud Console"' + Empty: description: >- - Defines the conditions under which an IngressPolicy matches a request. - Conditions are based on information about the source of the request. The - request must satisfy what is defined in `sources` AND identity related - fields in order to match. + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + properties: {} + id: Empty + EgressFrom: type: object properties: - sources: - description: Sources that this IngressPolicy authorizes access from. - type: array - items: - $ref: '#/components/schemas/IngressSource' - identities: - description: >- - A list of identities that are allowed access through - [IngressPolicy]. Identities can be an individual user, service - account, Google group, or third-party identity. For third-party - identity, only single identities are supported and other identity - types are not supported. The `v1` identities that have the prefix - `user`, `group`, `serviceAccount`, and `principal` in - https://cloud.google.com/iam/docs/principal-identifiers#v1 are - supported. - type: array - items: - type: string identityType: - description: >- - Specifies the type of identities that are allowed access from - outside the perimeter. If left unspecified, then members of - `identities` field will be allowed access. type: string enumDescriptions: - No blanket identity group specified. @@ -841,304 +704,441 @@ components: - ANY_IDENTITY - ANY_USER_ACCOUNT - ANY_SERVICE_ACCOUNT - IngressSource: - id: IngressSource - description: The source that IngressPolicy authorizes access from. - type: object - properties: - accessLevel: - description: >- - An AccessLevel resource name that allow resources within the - ServicePerimeters to be accessed from the internet. AccessLevels - listed must be in the same policy as this ServicePerimeter. - Referencing a nonexistent AccessLevel will cause an error. If no - AccessLevel names are listed, resources within the perimeter can - only be accessed via Google Cloud calls with request origins within - the perimeter. Example: - `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is - specified for `access_level`, then all IngressSources will be - allowed. - type: string - resource: - description: >- - A Google Cloud resource that is allowed to ingress the perimeter. - Requests from these resources will be allowed to access perimeter - data. Currently only projects and VPCs are allowed. Project format: - `projects/{project_number}` VPC network format: - `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. - The project may be in any Google Cloud organization, not just the - organization that the perimeter is defined in. `*` is not allowed, - the case of allowing all Google Cloud resources only is not - supported. - type: string - IngressTo: - id: IngressTo - description: >- - Defines the conditions under which an IngressPolicy matches a request. - Conditions are based on information about the ApiOperation intended to - be performed on the target resource of the request. The request must - satisfy what is defined in `operations` AND `resources` in order to - match. - type: object - properties: - operations: - description: >- - A list of ApiOperations allowed to be performed by the sources - specified in corresponding IngressFrom in this ServicePerimeter. - type: array - items: - $ref: '#/components/schemas/ApiOperation' - resources: - description: >- - A list of resources, currently only projects in the form - `projects/`, protected by this ServicePerimeter that are allowed to - be accessed by sources defined in the corresponding IngressFrom. If - a single `*` is specified, then access to all resources inside the - perimeter are allowed. - type: array - items: - type: string - roles: description: >- - IAM roles that represent the set of operations that the sources - specified in the corresponding IngressFrom are allowed to perform in - this ServicePerimeter. + Specifies the type of identities that are allowed access to outside + the perimeter. If left unspecified, then members of `identities` + field will be allowed access. + identities: type: array items: type: string - ApiOperation: - id: ApiOperation - description: Identification for an API Operation. - type: object - properties: - serviceName: description: >- - The name of the API whose methods or permissions the IngressPolicy - or EgressPolicy want to allow. A single ApiOperation with - `service_name` field set to `*` will allow all methods AND - permissions for all services. + A list of identities that are allowed access through [EgressPolicy]. + Identities can be an individual user, service account, Google group, + or third-party identity. For third-party identity, only single + identities are supported and other identity types are not supported. + The `v1` identities that have the prefix `user`, `group`, + `serviceAccount`, and `principal` in + https://cloud.google.com/iam/docs/principal-identifiers#v1 are + supported. + sourceRestriction: type: string - methodSelectors: + enum: + - SOURCE_RESTRICTION_UNSPECIFIED + - SOURCE_RESTRICTION_ENABLED + - SOURCE_RESTRICTION_DISABLED + enumDescriptions: + - >- + Enforcement preference unspecified, will not enforce traffic + restrictions based on `sources` in EgressFrom. + - >- + Enforcement preference enabled, traffic restrictions will be + enforced based on `sources` in EgressFrom. + - >- + Enforcement preference disabled, will not enforce traffic + restrictions based on `sources` in EgressFrom. description: >- - API methods or permissions to allow. Method or permission must - belong to the service specified by `service_name` field. A single - MethodSelector entry with `*` specified for the `method` field will - allow all methods AND permissions for the service specified in - `service_name`. + Whether to enforce traffic restrictions based on `sources` field. If + the `sources` fields is non-empty, then this field must be set to + `SOURCE_RESTRICTION_ENABLED`. + sources: type: array items: - $ref: '#/components/schemas/MethodSelector' - MethodSelector: - id: MethodSelector - description: An allowed method or permission of a service specified in ApiOperation. + $ref: '#/components/schemas/EgressSource' + description: >- + Sources that this EgressPolicy authorizes access from. If this field + is not empty, then `source_restriction` must be set to + `SOURCE_RESTRICTION_ENABLED`. + description: >- + Defines the conditions under which an EgressPolicy matches a request. + Conditions based on information about the source of the request. Note + that if the destination of the request is also protected by a + ServicePerimeter, then that ServicePerimeter must have an IngressPolicy + which allows access in order for this request to succeed. + id: EgressFrom + ScopedAccessSettings: type: object + id: ScopedAccessSettings properties: - method: + scope: + $ref: '#/components/schemas/AccessScope' description: >- - A valid method name for the corresponding `service_name` in - ApiOperation. If `*` is used as the value for the `method`, then ALL - methods and permissions are allowed. - type: string - permission: + Optional. Application, etc. to which the access settings will be + applied to. Implicitly, this is the scoped access settings key; as + such, it must be unique and non-empty. + activeSettings: description: >- - A valid Cloud IAM permission for the corresponding `service_name` in - ApiOperation. + Optional. Access settings for this scoped access settings. This + field may be empty if dry_run_settings is set. + $ref: '#/components/schemas/AccessSettings' + dryRunSettings: + description: >- + Optional. Dry-run access settings for this scoped access settings. + This field may be empty if active_settings is set. + $ref: '#/components/schemas/AccessSettings' + description: A relationship between access settings and its scope. + Expr: + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + properties: + title: + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. type: string - EgressPolicy: - id: EgressPolicy + location: + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: string + expression: + type: string + description: >- + Textual representation of an expression in Common Expression + Language syntax. + description: + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + id: Expr + type: object + IngressPolicy: description: >- - Policy for egress from perimeter. EgressPolicies match requests based on - `egress_from` and `egress_to` stanzas. For an EgressPolicy to match, - both `egress_from` and `egress_to` stanzas must be matched. If an - EgressPolicy matches a request, the request is allowed to span the - ServicePerimeter boundary. For example, an EgressPolicy can be used to - allow VMs on networks within the ServicePerimeter to access a defined - set of projects outside the perimeter in certain contexts (e.g. to read - data from a Cloud Storage bucket or query against a BigQuery dataset). - EgressPolicies are concerned with the *resources* that a request relates - as well as the API services and API actions being used. They do not - related to the direction of data movement. More detailed documentation - for this concept can be found in the descriptions of EgressFrom and - EgressTo. + Policy for ingress into ServicePerimeter. IngressPolicies match requests + based on `ingress_from` and `ingress_to` stanzas. For an ingress policy + to match, both the `ingress_from` and `ingress_to` stanzas must be + matched. If an IngressPolicy matches a request, the request is allowed + through the perimeter boundary from outside the perimeter. For example, + access from the internet can be allowed either based on an AccessLevel + or, for traffic hosted on Google Cloud, the project of the source + network. For access from private networks, using the project of the + hosting network is required. Individual ingress policies can be limited + by restricting which services and/or actions they match using the + `ingress_to` field. + id: IngressPolicy type: object properties: - egressFrom: + ingressTo: + $ref: '#/components/schemas/IngressTo' description: >- - Defines conditions on the source of a request causing this - EgressPolicy to apply. - $ref: '#/components/schemas/EgressFrom' - egressTo: + Defines the conditions on the ApiOperation and request destination + that cause this IngressPolicy to apply. + ingressFrom: description: >- - Defines the conditions on the ApiOperation and destination resources - that cause this EgressPolicy to apply. - $ref: '#/components/schemas/EgressTo' + Defines the conditions on the source of a request causing this + IngressPolicy to apply. + $ref: '#/components/schemas/IngressFrom' title: + type: string description: >- - Optional. Human-readable title for the egress rule. The title must + Optional. Human-readable title for the ingress rule. The title must be unique within the perimeter and can not exceed 100 characters. Within the access policy, the combined length of all rule titles must not exceed 240,000 characters. - type: string - EgressFrom: - id: EgressFrom + AuthorizedOrgsDesc: description: >- - Defines the conditions under which an EgressPolicy matches a request. - Conditions based on information about the source of the request. Note - that if the destination of the request is also protected by a - ServicePerimeter, then that ServicePerimeter must have an IngressPolicy - which allows access in order for this request to succeed. + `AuthorizedOrgsDesc` contains data for an organization's authorization + policy. type: object + id: AuthorizedOrgsDesc properties: - identities: - description: >- - A list of identities that are allowed access through [EgressPolicy]. - Identities can be an individual user, service account, Google group, - or third-party identity. For third-party identity, only single - identities are supported and other identity types are not supported. - The `v1` identities that have the prefix `user`, `group`, - `serviceAccount`, and `principal` in - https://cloud.google.com/iam/docs/principal-identifiers#v1 are - supported. - type: array - items: - type: string - identityType: + name: + type: string description: >- - Specifies the type of identities that are allowed access to outside - the perimeter. If left unspecified, then members of `identities` - field will be allowed access. + Identifier. Resource name for the `AuthorizedOrgsDesc`. Format: + `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`. + The `authorized_orgs_desc` component must begin with a letter, + followed by alphanumeric characters or `_`. After you create an + `AuthorizedOrgsDesc`, you cannot change its `name`. + assetType: type: string + description: >- + The asset type of this authorized orgs desc. Valid values are + `ASSET_TYPE_DEVICE`, and `ASSET_TYPE_CREDENTIAL_STRENGTH`. enumDescriptions: - - No blanket identity group specified. - - Authorize access from all identities outside the perimeter. - - Authorize access from all human users outside the perimeter. - - Authorize access from all service accounts outside the perimeter. + - No asset type specified. + - Device asset type. + - Credential strength asset type. enum: - - IDENTITY_TYPE_UNSPECIFIED - - ANY_IDENTITY - - ANY_USER_ACCOUNT - - ANY_SERVICE_ACCOUNT - sources: + - ASSET_TYPE_UNSPECIFIED + - ASSET_TYPE_DEVICE + - ASSET_TYPE_CREDENTIAL_STRENGTH + orgs: description: >- - Sources that this EgressPolicy authorizes access from. If this field - is not empty, then `source_restriction` must be set to - `SOURCE_RESTRICTION_ENABLED`. - type: array + The list of organization ids in this AuthorizedOrgsDesc. Format: + `organizations/` Example: `organizations/123456` items: - $ref: '#/components/schemas/EgressSource' - sourceRestriction: + type: string + type: array + authorizationDirection: description: >- - Whether to enforce traffic restrictions based on `sources` field. If - the `sources` fields is non-empty, then this field must be set to - `SOURCE_RESTRICTION_ENABLED`. - type: string + The direction of the authorization relationship between this + organization and the organizations listed in the `orgs` field. The + valid values for this field include the following: + `AUTHORIZATION_DIRECTION_FROM`: Allows this organization to evaluate + traffic in the organizations listed in the `orgs` field. + `AUTHORIZATION_DIRECTION_TO`: Allows the organizations listed in the + `orgs` field to evaluate the traffic in this organization. For the + authorization relationship to take effect, all of the organizations + must authorize and specify the appropriate relationship direction. + For example, if organization A authorized organization B and C to + evaluate its traffic, by specifying `AUTHORIZATION_DIRECTION_TO` as + the authorization direction, organizations B and C must specify + `AUTHORIZATION_DIRECTION_FROM` as the authorization direction in + their `AuthorizedOrgsDesc` resource. enumDescriptions: + - No direction specified. - >- - Enforcement preference unspecified, will not enforce traffic - restrictions based on `sources` in EgressFrom. - - >- - Enforcement preference enabled, traffic restrictions will be - enforced based on `sources` in EgressFrom. + The specified organizations are authorized to evaluate traffic in + this organization. - >- - Enforcement preference disabled, will not enforce traffic - restrictions based on `sources` in EgressFrom. - enum: - - SOURCE_RESTRICTION_UNSPECIFIED - - SOURCE_RESTRICTION_ENABLED - - SOURCE_RESTRICTION_DISABLED - EgressSource: - id: EgressSource - description: >- - The source that EgressPolicy authorizes access from inside the - ServicePerimeter to somewhere outside the ServicePerimeter boundaries. - type: object - properties: - accessLevel: - description: >- - An AccessLevel resource name that allows protected resources inside - the ServicePerimeters to access outside the ServicePerimeter - boundaries. AccessLevels listed must be in the same policy as this - ServicePerimeter. Referencing a nonexistent AccessLevel will cause - an error. If an AccessLevel name is not specified, only resources - within the perimeter can be accessed through Google Cloud calls with - request origins within the perimeter. Example: - `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is - specified for `access_level`, then all EgressSources will be - allowed. + The traffic of the specified organizations can be evaluated by + this organization. type: string - resource: + enum: + - AUTHORIZATION_DIRECTION_UNSPECIFIED + - AUTHORIZATION_DIRECTION_TO + - AUTHORIZATION_DIRECTION_FROM + authorizationType: description: >- - A Google Cloud resource from the service perimeter that you want to - allow to access data outside the perimeter. This field supports only - projects. The project format is `projects/{project_number}`. You - can't use `*` in this field to allow all Google Cloud resources. + A granular control type for authorization levels. Valid value is + `AUTHORIZATION_TYPE_TRUST`. + enum: + - AUTHORIZATION_TYPE_UNSPECIFIED + - AUTHORIZATION_TYPE_TRUST type: string - EgressTo: - id: EgressTo + enumDescriptions: + - No authorization type specified. + - This authorization relationship is "trust". + SessionSettings: + id: SessionSettings description: >- - Defines the conditions under which an EgressPolicy matches a request. - Conditions are based on information about the ApiOperation intended to - be performed on the `resources` specified. Note that if the destination - of the request is also protected by a ServicePerimeter, then that - ServicePerimeter must have an IngressPolicy which allows access in order - for this request to succeed. The request must match `operations` AND - `resources` fields in order to be allowed egress out of the perimeter. - type: object + Stores settings related to Google Cloud Session Length including session + duration, the type of challenge (i.e. method) they should face when + their session expires, and other related settings. properties: - resources: + sessionLengthEnabled: description: >- - A list of resources, currently only projects in the form - `projects/`, that are allowed to be accessed by sources defined in - the corresponding EgressFrom. A request matches if it contains a - resource in this list. If `*` is specified for `resources`, then - this EgressTo rule will authorize access to all resources outside - the perimeter. + Optional. This field enables or disables Google Cloud session + length. When false, all fields set above will be disregarded and the + session length is basically infinite. + type: boolean + useOidcMaxAge: + description: >- + Optional. Only useful for OIDC apps. When false, the OIDC max_age + param, if passed in the authentication request will be ignored. When + true, the re-auth period will be the minimum of the session_length + field and the max_age OIDC param. + type: boolean + maxInactivity: + description: >- + Optional. How long a user is allowed to take between actions before + a new access token must be issued. Only set for Google Cloud apps. + type: string + format: google-duration + sessionReauthMethod: + enum: + - SESSION_REAUTH_METHOD_UNSPECIFIED + - LOGIN + - SECURITY_KEY + - PASSWORD + enumDescriptions: + - If method is undefined in the API, LOGIN will be used by default. + - >- + The user will be prompted to perform regular login. Users who are + enrolled for two-step verification and haven't chosen "Remember + this computer" will be prompted for their second factor. + - >- + The user will be prompted to authenticate using their security + key. If no security key has been configured, then authentication + will fallback to LOGIN. + - The user will be prompted for their password. + type: string + description: Optional. Session method when user's Google Cloud session is up. + sessionLength: + type: string + description: >- + Optional. The session length. Setting this field to zero is equal to + disabling session. Also can set infinite session by flipping the + enabled bit to false below. If use_oidc_max_age is true, for OIDC + apps, the session length will be the minimum of this field and OIDC + max_age param. + format: google-duration + type: object + Policy: + id: Policy + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + properties: + version: + type: integer + format: int32 + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + etag: + type: string + format: byte + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + bindings: + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + type: array + items: + $ref: '#/components/schemas/Binding' + auditConfigs: + type: array + items: + $ref: '#/components/schemas/AuditConfig' + description: Specifies cloud audit logging configuration for this policy. + type: object + ServicePerimeterConfig: + properties: + accessLevels: type: array + description: >- + A list of `AccessLevel` resource names that allow resources within + the `ServicePerimeter` to be accessed from the internet. + `AccessLevels` listed must be in the same policy as this + `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a + syntax error. If no `AccessLevel` names are listed, resources within + the perimeter can only be accessed via Google Cloud calls with + request origins within the perimeter. Example: + `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`. For Service + Perimeter Bridge, must be empty. items: type: string - operations: + egressPolicies: + items: + $ref: '#/components/schemas/EgressPolicy' description: >- - A list of ApiOperations allowed to be performed by the sources - specified in the corresponding EgressFrom. A request matches if it - uses an operation/service in this list. + List of EgressPolicies to apply to the perimeter. A perimeter may + have multiple EgressPolicies, each of which is evaluated separately. + Access is granted if any EgressPolicy grants it. Must be empty for a + perimeter bridge. type: array + ingressPolicies: items: - $ref: '#/components/schemas/ApiOperation' - externalResources: + $ref: '#/components/schemas/IngressPolicy' + type: array description: >- - A list of external resources that are allowed to be accessed. Only - AWS and Azure resources are supported. For Amazon S3, the supported - formats are s3://BUCKET_NAME, s3a://BUCKET_NAME, and - s3n://BUCKET_NAME. For Azure Storage, the supported format is - azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request - matches if it contains an external resource in this list (Example: - s3://bucket/path). Currently '*' is not allowed. + List of IngressPolicies to apply to the perimeter. A perimeter may + have multiple IngressPolicies, each of which is evaluated + separately. Access is granted if any Ingress Policy grants it. Must + be empty for a perimeter bridge. + resources: type: array + description: >- + A list of Google Cloud resources that are inside of the service + perimeter. Currently only projects and VPCs are allowed. Project + format: `projects/{project_number}` VPC network format: + `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. items: type: string - roles: + vpcAccessibleServices: + description: Configuration for APIs allowed within Perimeter. + $ref: '#/components/schemas/VpcAccessibleServices' + restrictedServices: description: >- - IAM roles that represent the set of operations that the sources - specified in the corresponding EgressFrom. are allowed to perform in - this ServicePerimeter. - type: array + Google Cloud services that are subject to the Service Perimeter + restrictions. For example, if `storage.googleapis.com` is specified, + access to the storage buckets inside the perimeter must meet the + perimeter's access restrictions. items: type: string - ReplaceServicePerimetersRequest: - id: ReplaceServicePerimetersRequest + type: array description: >- - A request to replace all existing Service Perimeters in an Access Policy - with the Service Perimeters provided. This is done atomically. + `ServicePerimeterConfig` specifies a set of Google Cloud resources that + describe specific Service Perimeter configuration. + id: ServicePerimeterConfig type: object + ReplaceAccessLevelsRequest: properties: - servicePerimeters: - description: >- - Required. The desired Service Perimeters that should replace all - existing Service Perimeters in the Access Policy. - type: array - items: - $ref: '#/components/schemas/ServicePerimeter' etag: + type: string description: >- Optional. The etag for the version of the Access Policy that this replace operation is to be performed on. If, at the time of replace, @@ -1147,630 +1147,654 @@ components: not be performed and the call will fail. This field is not required. If etag is not provided, the operation will be performed as if a valid etag is provided. - type: string - CommitServicePerimetersRequest: - id: CommitServicePerimetersRequest - description: >- - A request to commit dry-run specs in all Service Perimeters belonging to - an Access Policy. - type: object - properties: - etag: + accessLevels: + type: array + items: + $ref: '#/components/schemas/AccessLevel' description: >- - Optional. The etag for the version of the Access Policy that this - commit operation is to be performed on. If, at the time of commit, - the etag for the Access Policy stored in Access Context Manager is - different from the specified etag, then the commit operation will - not be performed and the call will fail. This field is not required. - If etag is not provided, the operation will be performed as if a - valid etag is provided. - type: string - ListSupportedServicesResponse: - id: ListSupportedServicesResponse - description: A response to `ListSupportedServicesRequest`. + Required. The desired Access Levels that should replace all existing + Access Levels in the Access Policy. type: object + id: ReplaceAccessLevelsRequest + description: >- + A request to replace all existing Access Levels in an Access Policy with + the Access Levels provided. This is done atomically. + TestIamPermissionsRequest: properties: - supportedServices: - description: List of services supported by VPC Service Controls instances. - type: array + permissions: items: - $ref: '#/components/schemas/SupportedService' - nextPageToken: + type: string description: >- - The pagination token to retrieve the next page of results. If the - value is empty, no further results remain. - type: string - SupportedService: - id: SupportedService + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + type: array + description: Request message for `TestIamPermissions` method. + type: object + id: TestIamPermissionsRequest + GcpUserAccessBindingOperationMetadata: + type: object + properties: {} + id: GcpUserAccessBindingOperationMetadata + description: Metadata of Google Cloud Access Binding Long Running Operations. + ReplaceAccessLevelsResponse: description: >- - `SupportedService` specifies the VPC Service Controls and its - properties. + A response to ReplaceAccessLevelsRequest. This will be put inside of + Operation.response field. type: object properties: - name: + accessLevels: + type: array + description: List of the Access Level instances. + items: + $ref: '#/components/schemas/AccessLevel' + id: ReplaceAccessLevelsResponse + VpcSubNetwork: + properties: + network: description: >- - The service name or address of the supported service, such as - `service.googleapis.com`. - type: string - supportStage: - description: The support stage of the service. + Required. Network name. If the network is not part of the + organization, the `compute.network.get` permission must be granted + to the caller. Format: + `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME}` + Example: + `//compute.googleapis.com/projects/my-project/global/networks/network-1` type: string - enumDescriptions: - - Do not use this default value. - - The feature is not yet implemented. Users can not use it. - - >- - Prelaunch features are hidden from users and are only visible - internally. - - >- - Early Access features are limited to a closed group of testers. To - use these features, you must sign up in advance and sign a Trusted - Tester agreement (which includes confidentiality provisions). - These features may be unstable, changed in backward-incompatible - ways, and are not guaranteed to be released. - - >- - Alpha is a limited availability test for releases before they are - cleared for widespread use. By Alpha, all significant design - issues are resolved and we are in the process of verifying - functionality. Alpha customers need to apply for access, agree to - applicable terms, and have their projects allowlisted. Alpha - releases don't have to be feature complete, no SLAs are provided, - and there are no technical support obligations, but they will be - far enough along that customers can actually use them in test - environments or for limited-use tests -- just like they would in - normal production cases. - - >- - Beta is the point at which we are ready to open a release for any - customer to use. There are no SLA or technical support obligations - in a Beta release. Products will be complete from a feature - perspective, but may have some open outstanding issues. Beta - releases are suitable for limited production use cases. - - >- - GA features are open to all developers and are considered stable - and fully qualified for production use. - - >- - Deprecated features are scheduled to be shut down and removed. For - more information, see the "Deprecation Policy" section of our - [Terms of Service](https://cloud.google.com/terms/) and the - [Google Cloud Platform Subject to the Deprecation - Policy](https://cloud.google.com/terms/deprecation) documentation. - enum: - - LAUNCH_STAGE_UNSPECIFIED - - UNIMPLEMENTED - - PRELAUNCH - - EARLY_ACCESS - - ALPHA - - BETA - - GA - - DEPRECATED - availableOnRestrictedVip: + vpcIpSubnetworks: description: >- - True if the service is available on the restricted VIP. Services on - the restricted VIP typically either support VPC Service Controls or - are core infrastructure services required for the functioning of - Google Cloud. - type: boolean - title: - description: The name of the supported product, such as 'Cloud Product API'. + CIDR block IP subnetwork specification. The IP address must be an + IPv4 address and can be a public or private IP address. Note that + for a CIDR IP address block, the specified IP address portion must + be properly truncated (i.e. all the host bits must be zero) or the + input is considered malformed. For example, "192.0.2.0/24" is + accepted but "192.0.2.1/24" is not. If empty, all IP addresses are + allowed. + items: + type: string + type: array + description: Sub-segment ranges inside of a VPC Network. + id: VpcSubNetwork + type: object + ReplaceServicePerimetersRequest: + type: object + description: >- + A request to replace all existing Service Perimeters in an Access Policy + with the Service Perimeters provided. This is done atomically. + id: ReplaceServicePerimetersRequest + properties: + etag: type: string - supportedMethods: description: >- - The list of the supported methods. This field exists only in - response to GetSupportedService + Optional. The etag for the version of the Access Policy that this + replace operation is to be performed on. If, at the time of replace, + the etag for the Access Policy stored in Access Context Manager is + different from the specified etag, then the replace operation will + not be performed and the call will fail. This field is not required. + If etag is not provided, the operation will be performed as if a + valid etag is provided. + servicePerimeters: type: array + description: >- + Required. The desired Service Perimeters that should replace all + existing Service Perimeters in the Access Policy. items: - $ref: '#/components/schemas/MethodSelector' - knownLimitations: + $ref: '#/components/schemas/ServicePerimeter' + ApiOperation: + type: object + properties: + methodSelectors: description: >- - True if the service is supported with some limitations. Check - [documentation](https://cloud.google.com/vpc-service-controls/docs/supported-products) - for details. - type: boolean - serviceSupportStage: - description: The support stage of the service. + API methods or permissions to allow. Method or permission must + belong to the service specified by `service_name` field. A single + MethodSelector entry with `*` specified for the `method` field will + allow all methods AND permissions for the service specified in + `service_name`. + type: array + items: + $ref: '#/components/schemas/MethodSelector' + serviceName: type: string - enumDescriptions: - - Do not use this default value. - - >- - GA features are open to all developers and are considered stable - and fully qualified for production use. - - >- - PREVIEW indicates a pre-release stage where the product is - functionally complete but undergoing real-world testing. - - Deprecated features are scheduled to be shut down and removed. - enum: - - SERVICE_SUPPORT_STAGE_UNSPECIFIED - - GA - - PREVIEW - - DEPRECATED - ListGcpUserAccessBindingsResponse: - id: ListGcpUserAccessBindingsResponse - description: Response of ListGcpUserAccessBindings. + description: >- + The name of the API whose methods or permissions the IngressPolicy + or EgressPolicy want to allow. A single ApiOperation with + `service_name` field set to `*` will allow all methods AND + permissions for all services. + id: ApiOperation + description: Identification for an API Operation. + ListAccessLevelsResponse: type: object + description: A response to `ListAccessLevelsRequest`. + id: ListAccessLevelsResponse properties: - gcpUserAccessBindings: - description: GcpUserAccessBinding - type: array + accessLevels: items: - $ref: '#/components/schemas/GcpUserAccessBinding' + $ref: '#/components/schemas/AccessLevel' + description: List of the Access Level instances. + type: array nextPageToken: description: >- - Token to get the next page of items. If blank, there are no more - items. + The pagination token to retrieve the next page of results. If the + value is empty, no further results remain. type: string - GcpUserAccessBinding: - id: GcpUserAccessBinding - description: >- - Restricts access to Cloud Console and Google Cloud APIs for a set of - users using Context-Aware Access. + AuditConfig: + id: AuditConfig type: object + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. properties: - name: - description: >- - Immutable. Assigned by the server during creation. The last segment - has an arbitrary length and has only URI unreserved characters (as - defined by [RFC 3986 Section - 2.3](https://tools.ietf.org/html/rfc3986#section-2.3)). Should not - be specified by the client during creation. Example: - "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N" - type: string - groupKey: - description: >- - Optional. Immutable. Google Group id whose users are subject to this - binding's restrictions. See "id" in the [Google Workspace Directory - API's Group Resource] - (https://developers.google.com/admin-sdk/directory/v1/reference/groups#resource). - If a group's email address/alias is changed, this resource will - continue to point at the changed group. This field does not accept - group email addresses or aliases. Example: "01d520gv4vjcrht" + service: type: string - accessLevels: description: >- - Optional. Access level that a user must have to be granted access. - Only one access level is supported, not multiple. This repeated - field must have exactly one element. Example: - "accessPolicies/9522/accessLevels/device_trusted" + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + auditLogConfigs: + description: The configuration for logging of each type of permission. type: array items: - type: string - dryRunAccessLevels: - description: >- - Optional. Dry run access level that will be evaluated but will not - be enforced. The access denial based on dry run policy will be - logged. Only one access level is supported, not multiple. This list - must have exactly one element. Example: - "accessPolicies/9522/accessLevels/device_trusted" + $ref: '#/components/schemas/AuditLogConfig' + DevicePolicy: + type: object + description: >- + `DevicePolicy` specifies device specific restrictions necessary to + acquire a given access level. A `DevicePolicy` specifies requirements + for requests from devices to be granted access levels, it does not do + any enforcement on the device. `DevicePolicy` acts as an AND over all + specified fields, and each repeated field is an OR over its elements. + Any unset fields are ignored. For example, if the proto is { os_type : + DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, + then the DevicePolicy will be true for requests originating from + encrypted Linux desktops and encrypted Windows desktops. + id: DevicePolicy + properties: + requireScreenlock: + description: >- + Whether or not screenlock is required for the DevicePolicy to be + true. Defaults to `false`. + type: boolean + allowedEncryptionStatuses: type: array items: + enum: + - ENCRYPTION_UNSPECIFIED + - ENCRYPTION_UNSUPPORTED + - UNENCRYPTED + - ENCRYPTED type: string - sessionSettings: - description: >- - Optional. The Google Cloud session length (GCSL) policy for the - group key. - $ref: '#/components/schemas/SessionSettings' - restrictedClientApplications: - description: >- - Optional. A list of applications that are subject to this binding's - restrictions. If the list is empty, the binding restrictions will - universally apply to all applications. + enumDescriptions: + - >- + The encryption status of the device is not specified or not + known. + - The device does not support encryption. + - The device supports encryption, but is currently unencrypted. + - The device is encrypted. + description: Allowed encryptions statuses, an empty list allows all statuses. + allowedDeviceManagementLevels: type: array items: - $ref: '#/components/schemas/Application' - scopedAccessSettings: + enumDescriptions: + - The device's management level is not specified or not known. + - The device is not managed. + - >- + Basic management is enabled, which is generally limited to + monitoring and wiping the corporate account. + - >- + Complete device management. This includes more thorough + monitoring and the ability to directly manage the device (such + as remote wiping). This can be enabled through the Android + Enterprise Platform. + type: string + enum: + - MANAGEMENT_UNSPECIFIED + - NONE + - BASIC + - COMPLETE description: >- - Optional. A list of scoped access settings that set this binding's - restrictions on a subset of applications. This field cannot be set - if restricted_client_applications is set. + Allowed device management levels, an empty list allows all + management levels. + osConstraints: + description: >- + Allowed OS versions, an empty list allows all types and all + versions. type: array items: - $ref: '#/components/schemas/ScopedAccessSettings' - SessionSettings: - id: SessionSettings - description: >- - Stores settings related to Google Cloud Session Length including session - duration, the type of challenge (i.e. method) they should face when - their session expires, and other related settings. - type: object + $ref: '#/components/schemas/OsConstraint' + requireCorpOwned: + description: Whether the device needs to be corp owned. + type: boolean + requireAdminApproval: + type: boolean + description: Whether the device needs to be approved by the customer admin. + IngressSource: + description: The source that IngressPolicy authorizes access from. properties: - sessionReauthMethod: - description: Optional. Session method when user's Google Cloud session is up. - type: string - enumDescriptions: - - If method is undefined in the API, LOGIN will be used by default. - - >- - The user will be prompted to perform regular login. Users who are - enrolled for two-step verification and haven't chosen "Remember - this computer" will be prompted for their second factor. - - >- - The user will be prompted to authenticate using their security - key. If no security key has been configured, then authentication - will fallback to LOGIN. - - The user will be prompted for their password. - enum: - - SESSION_REAUTH_METHOD_UNSPECIFIED - - LOGIN - - SECURITY_KEY - - PASSWORD - sessionLength: + accessLevel: description: >- - Optional. The session length. Setting this field to zero is equal to - disabling session. Also can set infinite session by flipping the - enabled bit to false below. If use_oidc_max_age is true, for OIDC - apps, the session length will be the minimum of this field and OIDC - max_age param. + An AccessLevel resource name that allow resources within the + ServicePerimeters to be accessed from the internet. AccessLevels + listed must be in the same policy as this ServicePerimeter. + Referencing a nonexistent AccessLevel will cause an error. If no + AccessLevel names are listed, resources within the perimeter can + only be accessed via Google Cloud calls with request origins within + the perimeter. Example: + `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is + specified for `access_level`, then all IngressSources will be + allowed. type: string - format: google-duration - maxInactivity: + resource: description: >- - Optional. How long a user is allowed to take between actions before - a new access token must be issued. Only set for Google Cloud apps. + A Google Cloud resource that is allowed to ingress the perimeter. + Requests from these resources will be allowed to access perimeter + data. Currently only projects and VPCs are allowed. Project format: + `projects/{project_number}` VPC network format: + `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. + The project may be in any Google Cloud organization, not just the + organization that the perimeter is defined in. `*` is not allowed, + the case of allowing all Google Cloud resources only is not + supported. type: string - format: google-duration - useOidcMaxAge: - description: >- - Optional. Only useful for OIDC apps. When false, the OIDC max_age - param, if passed in the authentication request will be ignored. When - true, the re-auth period will be the minimum of the session_length - field and the max_age OIDC param. - type: boolean - sessionLengthEnabled: - description: >- - Optional. This field enables or disables Google Cloud session - length. When false, all fields set above will be disregarded and the - session length is basically infinite. - type: boolean - Application: - id: Application - description: An application that accesses Google Cloud APIs. + id: IngressSource type: object - properties: - clientId: - description: The OAuth client ID of the application. - type: string - name: - description: 'The name of the application. Example: "Cloud Console"' - type: string - ScopedAccessSettings: - id: ScopedAccessSettings - description: A relationship between access settings and its scope. + AuditLogConfig: + id: AuditLogConfig + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. type: object properties: - scope: - description: >- - Optional. Application, etc. to which the access settings will be - applied to. Implicitly, this is the scoped access settings key; as - such, it must be unique and non-empty. - $ref: '#/components/schemas/AccessScope' - activeSettings: + exemptedMembers: + items: + type: string + type: array description: >- - Optional. Access settings for this scoped access settings. This - field may be empty if dry_run_settings is set. - $ref: '#/components/schemas/AccessSettings' - dryRunSettings: + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + logType: + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + description: The log type that this config enables. + type: string + GetIamPolicyRequest: + id: GetIamPolicyRequest + description: Request message for `GetIamPolicy` method. + properties: + options: description: >- - Optional. Dry-run access settings for this scoped access settings. - This field may be empty if active_settings is set. - $ref: '#/components/schemas/AccessSettings' - AccessScope: - id: AccessScope - description: >- - Access scope represents the client scope, etc. to which the settings - will be applied to. + OPTIONAL: A `GetPolicyOptions` object for specifying options to + `GetIamPolicy`. + $ref: '#/components/schemas/GetPolicyOptions' + type: object + AccessContextManagerOperationMetadata: + type: object + id: AccessContextManagerOperationMetadata + description: Metadata of Access Context Manager's Long Running Operations. + properties: {} + ListServicePerimetersResponse: type: object properties: - clientScope: - description: Optional. Client scope for this access scope. - $ref: '#/components/schemas/ClientScope' + nextPageToken: + description: >- + The pagination token to retrieve the next page of results. If the + value is empty, no further results remain. + type: string + servicePerimeters: + description: List of the Service Perimeter instances. + items: + $ref: '#/components/schemas/ServicePerimeter' + type: array + id: ListServicePerimetersResponse + description: A response to `ListServicePerimetersRequest`. ClientScope: - id: ClientScope + type: object description: >- Client scope represents the application, etc. subject to this binding's restrictions. - type: object properties: restrictedClientApplication: - description: Optional. The application that is subject to this binding's scope. $ref: '#/components/schemas/Application' - AccessSettings: - id: AccessSettings + description: Optional. The application that is subject to this binding's scope. + id: ClientScope + CustomLevel: description: >- - Access settings represent the set of conditions that must be met for - access to be granted. At least one of the fields must be set. + `CustomLevel` is an `AccessLevel` using the Cloud Common Expression + Language to represent the necessary conditions for the level to apply to + a request. See CEL spec at: https://github.com/google/cel-spec + id: CustomLevel type: object properties: - accessLevels: + expr: + description: Required. A Cloud CEL expression evaluating to a boolean. + $ref: '#/components/schemas/Expr' + ServicePerimeter: + id: ServicePerimeter + description: >- + `ServicePerimeter` describes a set of Google Cloud resources which can + freely import and export data amongst themselves, but not export outside + of the `ServicePerimeter`. If a request with a source within this + `ServicePerimeter` has a target outside of the `ServicePerimeter`, the + request will be blocked. Otherwise the request is allowed. There are two + types of Service Perimeter - Regular and Bridge. Regular Service + Perimeters cannot overlap, a single Google Cloud project or VPC network + can only belong to a single regular Service Perimeter. Service Perimeter + Bridges can contain only Google Cloud projects as members, a single + Google Cloud project may belong to multiple Service Perimeter Bridges. + properties: + perimeterType: + enumDescriptions: + - >- + Regular Perimeter. When no value is specified, the perimeter uses + this type. + - Perimeter Bridge. description: >- - Optional. Access level that a user must have to be granted access. - Only one access level is supported, not multiple. This repeated - field must have exactly one element. Example: - "accessPolicies/9522/accessLevels/device_trusted" - type: array - items: - type: string - sessionSettings: + Perimeter type indicator. A single project or VPC network is allowed + to be a member of single regular perimeter, but multiple service + perimeter bridges. A project cannot be a included in a perimeter + bridge without being included in regular perimeter. For perimeter + bridges, the restricted service list as well as access level lists + must be empty. + enum: + - PERIMETER_TYPE_REGULAR + - PERIMETER_TYPE_BRIDGE + type: string + status: + $ref: '#/components/schemas/ServicePerimeterConfig' description: >- - Optional. Session settings applied to user access on a given - AccessScope. - $ref: '#/components/schemas/SessionSettings' - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: + Current ServicePerimeter configuration. Specifies sets of resources, + restricted services and access levels that determine perimeter + content and boundaries. + spec: + $ref: '#/components/schemas/ServicePerimeterConfig' description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: + Proposed (or dry run) ServicePerimeter configuration. This + configuration allows to specify and test ServicePerimeter + configuration without enforcing actual access restrictions. Only + allowed to be set when the "use_explicit_dry_run_spec" flag is set. + title: + type: string + description: Human readable title. Must be unique within the Policy. + name: + type: string description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` + Identifier. Resource name for the `ServicePerimeter`. Format: + `accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}`. + The `service_perimeter` component must begin with a letter, followed + by alphanumeric characters or `_`. After you create a + `ServicePerimeter`, you cannot change its `name`. + useExplicitDryRunSpec: + description: >- + Use explicit dry run spec flag. Ordinarily, a dry-run spec + implicitly exists for all Service Perimeters, and that spec is + identical to the status for those Service Perimeters. When this flag + is set, it inhibits the generation of the implicit spec, thereby + allowing the user to explicitly provide a configuration ("spec") to + use in a dry-run version of the Service Perimeter. This allows the + user to test changes to the enforced config ("status") without + actually enforcing them. This testing is done through analyzing the + differences between currently enforced and suggested restrictions. + use_explicit_dry_run_spec must bet set to True if any of the fields + in the spec are set to non-default values. + type: boolean + etag: + description: >- + Optional. An opaque identifier for the current version of the + `ServicePerimeter`. This identifier does not follow any specific + format. If an etag is not provided, the operation will be performed + as if a valid etag is provided. + type: string + description: + description: >- + Description of the `ServicePerimeter` and its use. Does not affect + behavior. type: string - format: google-fieldmask - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). type: object + ListGcpUserAccessBindingsResponse: properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + nextPageToken: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array + Token to get the next page of items. If blank, there are no more + items. + type: string + gcpUserAccessBindings: items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. + $ref: '#/components/schemas/GcpUserAccessBinding' + description: GcpUserAccessBinding type: array - items: - $ref: '#/components/schemas/AuditConfig' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + id: ListGcpUserAccessBindingsResponse + description: Response of ListGcpUserAccessBindings. type: object + AccessLevel: + description: >- + An `AccessLevel` is a label that can be applied to requests to Google + Cloud services, along with a list of requirements necessary for the + label to be applied. properties: - role: + title: + type: string + description: Human readable title. Must be unique within the Policy. + description: description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + Description of the `AccessLevel` and its use. Does not affect + behavior. type: string - members: + custom: + $ref: '#/components/schemas/CustomLevel' + description: A `CustomLevel` written in the Common Expression Language. + basic: + $ref: '#/components/schemas/BasicLevel' + description: A `BasicLevel` composed of `Conditions`. + name: description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + Identifier. Resource name for the `AccessLevel`. Format: + `accessPolicies/{access_policy}/accessLevels/{access_level}`. The + `access_level` component must begin with a letter, followed by + alphanumeric characters or `_`. Its maximum length is 50 characters. + After you create an `AccessLevel`, you cannot change its `name`. + type: string + type: object + id: AccessLevel + CommitServicePerimetersResponse: + properties: + servicePerimeters: + description: List of all the Service Perimeter instances in the Access Policy. type: array items: - type: string - condition: + $ref: '#/components/schemas/ServicePerimeter' + type: object + id: CommitServicePerimetersResponse + description: >- + A response to CommitServicePerimetersRequest. This will be put inside of + Operation.response field. + OsConstraint: + type: object + properties: + minimumVersion: + type: string description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - AuditConfig: - id: AuditConfig + The minimum allowed OS version. If not set, any version of this OS + satisfies the constraint. Format: `"major.minor.patch"`. Examples: + `"10.5.301"`, `"9.2.1"`. + requireVerifiedChromeOs: + type: boolean + description: >- + Only allows requests from devices with a verified Chrome OS. + Verifications includes requirements that the device is + enterprise-managed, conformant to domain policies, and the caller + has permission to call the API targeted by the request. + osType: + enum: + - OS_UNSPECIFIED + - DESKTOP_MAC + - DESKTOP_WINDOWS + - DESKTOP_LINUX + - DESKTOP_CHROME_OS + - ANDROID + - IOS + type: string + enumDescriptions: + - The operating system of the device is not specified or not known. + - A desktop Mac operating system. + - A desktop Windows operating system. + - A desktop Linux operating system. + - A desktop ChromeOS operating system. + - An Android operating system. + - An iOS operating system. + description: Required. The allowed OS type. + id: OsConstraint + description: A restriction on the OS type and version of devices making requests. + SupportedService: + id: SupportedService description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + `SupportedService` specifies the VPC Service Controls and its + properties. + properties: + supportStage: + enumDescriptions: + - Do not use this default value. + - The feature is not yet implemented. Users can not use it. + - >- + Prelaunch features are hidden from users and are only visible + internally. + - >- + Early Access features are limited to a closed group of testers. To + use these features, you must sign up in advance and sign a Trusted + Tester agreement (which includes confidentiality provisions). + These features may be unstable, changed in backward-incompatible + ways, and are not guaranteed to be released. + - >- + Alpha is a limited availability test for releases before they are + cleared for widespread use. By Alpha, all significant design + issues are resolved and we are in the process of verifying + functionality. Alpha customers need to apply for access, agree to + applicable terms, and have their projects allowlisted. Alpha + releases don't have to be feature complete, no SLAs are provided, + and there are no technical support obligations, but they will be + far enough along that customers can actually use them in test + environments or for limited-use tests -- just like they would in + normal production cases. + - >- + Beta is the point at which we are ready to open a release for any + customer to use. There are no SLA or technical support obligations + in a Beta release. Products will be complete from a feature + perspective, but may have some open outstanding issues. Beta + releases are suitable for limited production use cases. + - >- + GA features are open to all developers and are considered stable + and fully qualified for production use. + - >- + Deprecated features are scheduled to be shut down and removed. For + more information, see the "Deprecation Policy" section of our + [Terms of Service](https://cloud.google.com/terms/) and the + [Google Cloud Platform Subject to the Deprecation + Policy](https://cloud.google.com/terms/deprecation) documentation. + description: The support stage of the service. + enum: + - LAUNCH_STAGE_UNSPECIFIED + - UNIMPLEMENTED + - PRELAUNCH + - EARLY_ACCESS + - ALPHA + - BETA + - GA + - DEPRECATED + type: string + title: + description: The name of the supported product, such as 'Cloud Product API'. + type: string + name: + type: string + description: >- + The service name or address of the supported service, such as + `service.googleapis.com`. + availableOnRestrictedVip: + description: >- + True if the service is available on the restricted VIP. Services on + the restricted VIP typically either support VPC Service Controls or + are core infrastructure services required for the functioning of + Google Cloud. + type: boolean + knownLimitations: + description: >- + True if the service is supported with some limitations. Check + [documentation](https://cloud.google.com/vpc-service-controls/docs/supported-products) + for details. + type: boolean + supportedMethods: + type: array + description: >- + The list of the supported methods. This field exists only in + response to GetSupportedService + items: + $ref: '#/components/schemas/MethodSelector' + serviceSupportStage: + enumDescriptions: + - Do not use this default value. + - >- + GA features are open to all developers and are considered stable + and fully qualified for production use. + - >- + PREVIEW indicates a pre-release stage where the product is + functionally complete but undergoing real-world testing. + - Deprecated features are scheduled to be shut down and removed. + description: The support stage of the service. + enum: + - SERVICE_SUPPORT_STAGE_UNSPECIFIED + - GA + - PREVIEW + - DEPRECATED + type: string type: object + VpcNetworkSource: properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig + vpcSubnetwork: + description: Sub-segment ranges of a VPC network. + $ref: '#/components/schemas/VpcSubNetwork' + type: object + id: VpcNetworkSource + description: The originating network source in Google Cloud. + ReplaceServicePerimetersResponse: description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. + A response to ReplaceServicePerimetersRequest. This will be put inside + of Operation.response field. type: object properties: - logType: - description: The log type that this config enables. - type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: - description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array + servicePerimeters: + description: List of the Service Perimeter instances. items: - type: string - GetIamPolicyRequest: - id: GetIamPolicyRequest - description: Request message for `GetIamPolicy` method. - type: object - properties: - options: - description: >- - OPTIONAL: A `GetPolicyOptions` object for specifying options to - `GetIamPolicy`. - $ref: '#/components/schemas/GetPolicyOptions' + $ref: '#/components/schemas/ServicePerimeter' + type: array + id: ReplaceServicePerimetersResponse GetPolicyOptions: - id: GetPolicyOptions - description: Encapsulates settings provided to GetIamPolicy. - type: object properties: requestedPolicyVersion: + format: int32 description: >- Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid @@ -1784,190 +1808,174 @@ components: support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). type: integer - format: int32 - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. + type: object + description: Encapsulates settings provided to GetIamPolicy. + id: GetPolicyOptions + EgressPolicy: + description: >- + Policy for egress from perimeter. EgressPolicies match requests based on + `egress_from` and `egress_to` stanzas. For an EgressPolicy to match, + both `egress_from` and `egress_to` stanzas must be matched. If an + EgressPolicy matches a request, the request is allowed to span the + ServicePerimeter boundary. For example, an EgressPolicy can be used to + allow VMs on networks within the ServicePerimeter to access a defined + set of projects outside the perimeter in certain contexts (e.g. to read + data from a Cloud Storage bucket or query against a BigQuery dataset). + EgressPolicies are concerned with the *resources* that a request relates + as well as the API services and API actions being used. They do not + related to the direction of data movement. More detailed documentation + for this concept can be found in the descriptions of EgressFrom and + EgressTo. + id: EgressPolicy type: object properties: - permissions: + title: + type: string description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string + Optional. Human-readable title for the egress rule. The title must + be unique within the perimeter and can not exceed 100 characters. + Within the access policy, the combined length of all rule titles + must not exceed 240,000 characters. + egressFrom: + $ref: '#/components/schemas/EgressFrom' + description: >- + Defines conditions on the source of a request causing this + EgressPolicy to apply. + egressTo: + description: >- + Defines the conditions on the ApiOperation and destination resources + that cause this EgressPolicy to apply. + $ref: '#/components/schemas/EgressTo' TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object properties: permissions: + type: array description: >- A subset of `TestPermissionsRequest.permissions` that the caller is allowed. - type: array items: type: string - ListAuthorizedOrgsDescsResponse: - id: ListAuthorizedOrgsDescsResponse - description: A response to `ListAuthorizedOrgsDescsRequest`. - type: object - properties: - authorizedOrgsDescs: - description: List of all the Authorized Orgs Desc instances. - type: array - items: - $ref: '#/components/schemas/AuthorizedOrgsDesc' - nextPageToken: - description: >- - The pagination token to retrieve the next page of results. If the - value is empty, no further results remain. - type: string - AuthorizedOrgsDesc: - id: AuthorizedOrgsDesc - description: >- - `AuthorizedOrgsDesc` contains data for an organization's authorization - policy. type: object + id: TestIamPermissionsResponse + description: Response message for `TestIamPermissions` method. + Binding: + id: Binding properties: - name: - description: >- - Identifier. Resource name for the `AuthorizedOrgsDesc`. Format: - `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`. - The `authorized_orgs_desc` component must begin with a letter, - followed by alphanumeric characters or `_`. After you create an - `AuthorizedOrgsDesc`, you cannot change its `name`. - type: string - authorizationType: - description: >- - A granular control type for authorization levels. Valid value is - `AUTHORIZATION_TYPE_TRUST`. - type: string - enumDescriptions: - - No authorization type specified. - - This authorization relationship is "trust". - enum: - - AUTHORIZATION_TYPE_UNSPECIFIED - - AUTHORIZATION_TYPE_TRUST - assetType: - description: >- - The asset type of this authorized orgs desc. Valid values are - `ASSET_TYPE_DEVICE`, and `ASSET_TYPE_CREDENTIAL_STRENGTH`. + role: type: string - enumDescriptions: - - No asset type specified. - - Device asset type. - - Credential strength asset type. - enum: - - ASSET_TYPE_UNSPECIFIED - - ASSET_TYPE_DEVICE - - ASSET_TYPE_CREDENTIAL_STRENGTH - authorizationDirection: description: >- - The direction of the authorization relationship between this - organization and the organizations listed in the `orgs` field. The - valid values for this field include the following: - `AUTHORIZATION_DIRECTION_FROM`: Allows this organization to evaluate - traffic in the organizations listed in the `orgs` field. - `AUTHORIZATION_DIRECTION_TO`: Allows the organizations listed in the - `orgs` field to evaluate the traffic in this organization. For the - authorization relationship to take effect, all of the organizations - must authorize and specify the appropriate relationship direction. - For example, if organization A authorized organization B and C to - evaluate its traffic, by specifying `AUTHORIZATION_DIRECTION_TO` as - the authorization direction, organizations B and C must specify - `AUTHORIZATION_DIRECTION_FROM` as the authorization direction in - their `AuthorizedOrgsDesc` resource. - type: string - enumDescriptions: - - No direction specified. - - >- - The specified organizations are authorized to evaluate traffic in - this organization. - - >- - The traffic of the specified organizations can be evaluated by - this organization. - enum: - - AUTHORIZATION_DIRECTION_UNSPECIFIED - - AUTHORIZATION_DIRECTION_TO - - AUTHORIZATION_DIRECTION_FROM - orgs: + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + condition: description: >- - The list of organization ids in this AuthorizedOrgsDesc. Format: - `organizations/` Example: `organizations/123456` + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + members: type: array + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. items: type: string - ReplaceAccessLevelsResponse: - id: ReplaceAccessLevelsResponse - description: >- - A response to ReplaceAccessLevelsRequest. This will be put inside of - Operation.response field. type: object + description: Associates `members`, or principals, with a `role`. + AccessScope: properties: - accessLevels: - description: List of the Access Level instances. - type: array - items: - $ref: '#/components/schemas/AccessLevel' - ReplaceServicePerimetersResponse: - id: ReplaceServicePerimetersResponse - description: >- - A response to ReplaceServicePerimetersRequest. This will be put inside - of Operation.response field. + clientScope: + description: Optional. Client scope for this access scope. + $ref: '#/components/schemas/ClientScope' + id: AccessScope type: object - properties: - servicePerimeters: - description: List of the Service Perimeter instances. - type: array - items: - $ref: '#/components/schemas/ServicePerimeter' - CommitServicePerimetersResponse: - id: CommitServicePerimetersResponse description: >- - A response to CommitServicePerimetersRequest. This will be put inside of - Operation.response field. - type: object - properties: - servicePerimeters: - description: List of all the Service Perimeter instances in the Access Policy. - type: array - items: - $ref: '#/components/schemas/ServicePerimeter' - GcpUserAccessBindingOperationMetadata: - id: GcpUserAccessBindingOperationMetadata - description: Metadata of Google Cloud Access Binding Long Running Operations. - type: object - properties: {} - AccessContextManagerOperationMetadata: - id: AccessContextManagerOperationMetadata - description: Metadata of Access Context Manager's Long Running Operations. - type: object - properties: {} + Access scope represents the client scope, etc. to which the settings + will be applied to. parameters: - access_token: - description: OAuth access token. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: access_token + name: uploadType schema: type: string - alt: - description: Data format for response. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: alt + name: quotaUser schema: type: string - enum: - - json - - media - - proto - callback: - description: JSONP + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: callback + name: upload_protocol schema: type: string fields: @@ -1976,46 +1984,41 @@ components: name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + alt: + description: Data format for response. in: query - name: key + name: alt schema: type: string + enum: + - json + - media + - proto oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + access_token: + description: OAuth access token. in: query - name: quotaUser + name: access_token schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + callback: + description: JSONP in: query - name: upload_protocol + name: callback schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: uploadType + name: key schema: type: string _.xgafv: @@ -2027,7 +2030,70 @@ components: enum: - '1' - '2' + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean x-stackQL-resources: + gcp_user_access_bindings: + id: google.accesscontextmanager.gcp_user_access_bindings + name: gcp_user_access_bindings + title: Gcp_user_access_bindings + methods: + patch: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1gcpUserAccessBindings~1{gcpUserAccessBindingsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1gcpUserAccessBindings~1{gcpUserAccessBindingsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1gcpUserAccessBindings~1{gcpUserAccessBindingsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1gcpUserAccessBindings/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.gcpUserAccessBindings + create: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1gcpUserAccessBindings/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/gcp_user_access_bindings/methods/get + - $ref: >- + #/components/x-stackQL-resources/gcp_user_access_bindings/methods/list + insert: + - $ref: >- + #/components/x-stackQL-resources/gcp_user_access_bindings/methods/create + update: + - $ref: >- + #/components/x-stackQL-resources/gcp_user_access_bindings/methods/patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/gcp_user_access_bindings/methods/delete operations: id: google.accesscontextmanager.operations name: operations @@ -2040,9 +2106,9 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.operations - get: + cancel: operation: - $ref: '#/paths/~1v1~1operations~1{operationsId}/get' + $ref: '#/paths/~1v1~1operations~1{operationsId}:cancel/post' response: mediaType: application/json openAPIDocKey: '200' @@ -2052,9 +2118,9 @@ components: response: mediaType: application/json openAPIDocKey: '200' - cancel: + get: operation: - $ref: '#/paths/~1v1~1operations~1{operationsId}:cancel/post' + $ref: '#/paths/~1v1~1operations~1{operationsId}/get' response: mediaType: application/json openAPIDocKey: '200' @@ -2067,104 +2133,71 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - access_policies: - id: google.accesscontextmanager.access_policies - name: access_policies - title: Access_policies + authorized_orgs_descs: + id: google.accesscontextmanager.authorized_orgs_descs + name: authorized_orgs_descs + title: Authorized_orgs_descs methods: - list: - operation: - $ref: '#/paths/~1v1~1accessPolicies/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.accessPolicies - create: - operation: - $ref: '#/paths/~1v1~1accessPolicies/post' - response: - mediaType: application/json - openAPIDocKey: '200' get: operation: - $ref: '#/paths/~1v1~1accessPolicies~1{accessPoliciesId}/get' + $ref: >- + #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1authorizedOrgsDescs~1{authorizedOrgsDescsId}/get response: mediaType: application/json openAPIDocKey: '200' patch: operation: - $ref: '#/paths/~1v1~1accessPolicies~1{accessPoliciesId}/patch' - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: '#/paths/~1v1~1accessPolicies~1{accessPoliciesId}/delete' + $ref: >- + #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1authorizedOrgsDescs~1{authorizedOrgsDescsId}/patch response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/access_policies/methods/get' - - $ref: '#/components/x-stackQL-resources/access_policies/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/access_policies/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/access_policies/methods/patch' - replace: [] delete: - - $ref: '#/components/x-stackQL-resources/access_policies/methods/delete' - access_policies_iam_policies: - id: google.accesscontextmanager.access_policies_iam_policies - name: access_policies_iam_policies - title: Access_policies_iam_policies - methods: - set_iam_policy: operation: - $ref: '#/paths/~1v1~1accessPolicies~1{accessPoliciesId}:setIamPolicy/post' + $ref: >- + #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1authorizedOrgsDescs~1{authorizedOrgsDescsId}/delete response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + create: operation: - $ref: '#/paths/~1v1~1accessPolicies~1{accessPoliciesId}:getIamPolicy/post' + $ref: >- + #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1authorizedOrgsDescs/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + list: operation: $ref: >- - #/paths/~1v1~1accessPolicies~1{accessPoliciesId}:testIamPermissions/post + #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1authorizedOrgsDescs/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.authorizedOrgsDescs sqlVerbs: select: + - $ref: '#/components/x-stackQL-resources/authorized_orgs_descs/methods/get' - $ref: >- - #/components/x-stackQL-resources/access_policies_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: + #/components/x-stackQL-resources/authorized_orgs_descs/methods/list + insert: - $ref: >- - #/components/x-stackQL-resources/access_policies_iam_policies/methods/set_iam_policy - delete: [] + #/components/x-stackQL-resources/authorized_orgs_descs/methods/create + update: + - $ref: >- + #/components/x-stackQL-resources/authorized_orgs_descs/methods/patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/authorized_orgs_descs/methods/delete access_levels: id: google.accesscontextmanager.access_levels name: access_levels title: Access_levels methods: - list: - operation: - $ref: '#/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1accessLevels/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.accessLevels - create: + replace_all: operation: $ref: >- - #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1accessLevels/post + #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1accessLevels:replaceAll/post response: mediaType: application/json openAPIDocKey: '200' @@ -2189,13 +2222,20 @@ components: response: mediaType: application/json openAPIDocKey: '200' - replace_all: + create: operation: $ref: >- - #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1accessLevels:replaceAll/post + #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1accessLevels/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: '#/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1accessLevels/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.accessLevels sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/access_levels/methods/get' @@ -2231,18 +2271,10 @@ components: name: service_perimeters title: Service_perimeters methods: - list: - operation: - $ref: >- - #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1servicePerimeters/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.servicePerimeters - create: + replace_all: operation: $ref: >- - #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1servicePerimeters/post + #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1servicePerimeters:replaceAll/post response: mediaType: application/json openAPIDocKey: '200' @@ -2267,20 +2299,28 @@ components: response: mediaType: application/json openAPIDocKey: '200' - replace_all: + commit: operation: $ref: >- - #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1servicePerimeters:replaceAll/post + #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1servicePerimeters:commit/post response: mediaType: application/json openAPIDocKey: '200' - commit: + create: operation: $ref: >- - #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1servicePerimeters:commit/post + #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1servicePerimeters/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1servicePerimeters/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.servicePerimeters sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/service_perimeters/methods/get' @@ -2312,164 +2352,139 @@ components: update: [] replace: [] delete: [] - authorized_orgs_descs: - id: google.accesscontextmanager.authorized_orgs_descs - name: authorized_orgs_descs - title: Authorized_orgs_descs + access_policies_iam_policies: + id: google.accesscontextmanager.access_policies_iam_policies + name: access_policies_iam_policies + title: Access_policies_iam_policies methods: - list: - operation: - $ref: >- - #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1authorizedOrgsDescs/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.authorizedOrgsDescs - create: - operation: - $ref: >- - #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1authorizedOrgsDescs/post - response: - mediaType: application/json - openAPIDocKey: '200' - get: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1authorizedOrgsDescs~1{authorizedOrgsDescsId}/get + #/paths/~1v1~1accessPolicies~1{accessPoliciesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - patch: + get_iam_policy: operation: - $ref: >- - #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1authorizedOrgsDescs~1{authorizedOrgsDescsId}/patch + $ref: '#/paths/~1v1~1accessPolicies~1{accessPoliciesId}:getIamPolicy/post' response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.bindings + set_iam_policy: operation: - $ref: >- - #/paths/~1v1~1accessPolicies~1{accessPoliciesId}~1authorizedOrgsDescs~1{authorizedOrgsDescsId}/delete + $ref: '#/paths/~1v1~1accessPolicies~1{accessPoliciesId}:setIamPolicy/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/authorized_orgs_descs/methods/get' - - $ref: >- - #/components/x-stackQL-resources/authorized_orgs_descs/methods/list - insert: - $ref: >- - #/components/x-stackQL-resources/authorized_orgs_descs/methods/create - update: - - $ref: >- - #/components/x-stackQL-resources/authorized_orgs_descs/methods/patch - replace: [] - delete: + #/components/x-stackQL-resources/access_policies_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: - $ref: >- - #/components/x-stackQL-resources/authorized_orgs_descs/methods/delete - services: - id: google.accesscontextmanager.services - name: services - title: Services + #/components/x-stackQL-resources/access_policies_iam_policies/methods/set_iam_policy + delete: [] + access_policies: + id: google.accesscontextmanager.access_policies + name: access_policies + title: Access_policies methods: - list: + patch: operation: - $ref: '#/paths/~1v1~1services/get' + $ref: '#/paths/~1v1~1accessPolicies~1{accessPoliciesId}/patch' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.supportedServices - get: + delete: operation: - $ref: '#/paths/~1v1~1services~1{name}/get' + $ref: '#/paths/~1v1~1accessPolicies~1{accessPoliciesId}/delete' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/services/methods/get' - - $ref: '#/components/x-stackQL-resources/services/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - gcp_user_access_bindings: - id: google.accesscontextmanager.gcp_user_access_bindings - name: gcp_user_access_bindings - title: Gcp_user_access_bindings - methods: - list: + get: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1gcpUserAccessBindings/get + $ref: '#/paths/~1v1~1accessPolicies~1{accessPoliciesId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.gcpUserAccessBindings create: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1gcpUserAccessBindings/post + $ref: '#/paths/~1v1~1accessPolicies/post' response: mediaType: application/json openAPIDocKey: '200' - get: + list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1gcpUserAccessBindings~1{gcpUserAccessBindingsId}/get + $ref: '#/paths/~1v1~1accessPolicies/get' response: mediaType: application/json openAPIDocKey: '200' - patch: + objectKey: $.accessPolicies + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/access_policies/methods/get' + - $ref: '#/components/x-stackQL-resources/access_policies/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/access_policies/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/access_policies/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/access_policies/methods/delete' + services: + id: google.accesscontextmanager.services + name: services + title: Services + methods: + get: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1gcpUserAccessBindings~1{gcpUserAccessBindingsId}/patch + $ref: '#/paths/~1v1~1services~1{name}/get' response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1gcpUserAccessBindings~1{gcpUserAccessBindingsId}/delete + $ref: '#/paths/~1v1~1services/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.supportedServices sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/gcp_user_access_bindings/methods/get - - $ref: >- - #/components/x-stackQL-resources/gcp_user_access_bindings/methods/list - insert: - - $ref: >- - #/components/x-stackQL-resources/gcp_user_access_bindings/methods/create - update: - - $ref: >- - #/components/x-stackQL-resources/gcp_user_access_bindings/methods/patch + - $ref: '#/components/x-stackQL-resources/services/methods/get' + - $ref: '#/components/x-stackQL-resources/services/methods/list' + insert: [] + update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/gcp_user_access_bindings/methods/delete + delete: [] paths: - /v1/operations: + /v1/organizations/{organizationsId}/gcpUserAccessBindings/{gcpUserAccessBindingsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/_.xgafv' - get: + - $ref: '#/components/parameters/prettyPrint' + patch: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: accesscontextmanager.operations.list + Updates a GcpUserAccessBinding. Completion of this long-running + operation does not necessarily signify that the changed binding is + deployed onto all affected users, which may take more time. + operationId: accesscontextmanager.organizations.gcpUserAccessBindings.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GcpUserAccessBinding' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2481,29 +2496,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Operation' parameters: - - in: query - name: filter + - in: path + name: organizationsId + required: true + schema: + type: string + - in: path + name: gcpUserAccessBindingsId + required: true schema: type: string - in: query - name: pageSize + name: append schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: updateMask schema: type: string - /v1/operations/{operationsId}: - parameters: *ref_1 - get: + format: google-fieldmask + delete: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: accesscontextmanager.operations.get + Deletes a GcpUserAccessBinding. Completion of this long-running + operation does not necessarily signify that the binding deletion is + deployed onto all affected users, which may take more time. + operationId: accesscontextmanager.organizations.gcpUserAccessBindings.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2518,17 +2537,18 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: operationsId + name: organizationsId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: accesscontextmanager.operations.delete + - in: path + name: gcpUserAccessBindingsId + required: true + schema: + type: string + get: + description: Gets the GcpUserAccessBinding with the given name. + operationId: accesscontextmanager.organizations.gcpUserAccessBindings.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2540,32 +2560,63 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/GcpUserAccessBinding' parameters: - in: path - name: operationsId + name: organizationsId required: true schema: type: string - /v1/operations/{operationsId}:cancel: + - in: path + name: gcpUserAccessBindingsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/gcpUserAccessBindings: parameters: *ref_1 + get: + description: Lists all GcpUserAccessBindings for a Google Cloud organization. + operationId: accesscontextmanager.organizations.gcpUserAccessBindings.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListGcpUserAccessBindingsResponse' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: accesscontextmanager.operations.cancel + Creates a GcpUserAccessBinding. If the client specifies a name, the + server ignores it. Fails if a resource already exists with the same + group_key. Completion of this long-running operation does not + necessarily signify that the new binding is deployed onto all affected + users, which may take more time. + operationId: accesscontextmanager.organizations.gcpUserAccessBindings.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/GcpUserAccessBinding' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2577,18 +2628,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: operationsId + name: organizationsId required: true schema: type: string - /v1/accessPolicies: + /v1/operations: parameters: *ref_1 get: - description: Lists all access policies in an organization. - operationId: accesscontextmanager.accessPolicies.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: accesscontextmanager.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2600,10 +2653,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAccessPoliciesResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: query - name: parent + name: filter schema: type: string - in: query @@ -2611,23 +2664,33 @@ paths: schema: type: integer format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: pageToken schema: type: string + /v1/operations/{operationsId}:cancel: + parameters: *ref_1 post: description: >- - Creates an access policy. This method fails if the organization already - has an access policy. The long-running operation has a successful status - after the access policy propagates to long-lasting storage. Syntactic - and basic semantic errors are returned in `metadata` as a BadRequest - proto. - operationId: accesscontextmanager.accessPolicies.create + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: accesscontextmanager.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/AccessPolicy' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2639,13 +2702,22 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' - parameters: [] - /v1/accessPolicies/{accessPoliciesId}: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/operations/{operationsId}: parameters: *ref_1 - get: - description: Returns an access policy based on the name. - operationId: accesscontextmanager.accessPolicies.get + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: accesscontextmanager.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2657,24 +2729,19 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AccessPolicy' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: accessPoliciesId + name: operationsId required: true schema: type: string - patch: + get: description: >- - Updates an access policy. The long-running operation from this RPC has a - successful status after the changes to the access policy propagate to - long-lasting storage. - operationId: accesscontextmanager.accessPolicies.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AccessPolicy' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: accesscontextmanager.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2689,21 +2756,15 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: accessPoliciesId + name: operationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: >- - Deletes an access policy based on the resource name. The long-running - operation has a successful status after the access policy is removed - from long-lasting storage. - operationId: accesscontextmanager.accessPolicies.delete + /v1/accessPolicies/{accessPoliciesId}/authorizedOrgsDescs/{authorizedOrgsDescsId}: + parameters: *ref_1 + get: + description: Gets an authorized orgs desc based on the resource name. + operationId: accesscontextmanager.accessPolicies.authorizedOrgsDescs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2715,27 +2776,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/AuthorizedOrgsDesc' parameters: - in: path name: accessPoliciesId required: true schema: type: string - /v1/accessPolicies/{accessPoliciesId}:setIamPolicy: - parameters: *ref_1 - post: + - in: path + name: authorizedOrgsDescsId + required: true + schema: + type: string + patch: description: >- - Sets the IAM policy for the specified Access Context Manager access - policy. This method replaces the existing IAM policy on the access - policy. The IAM policy controls the set of users who can perform - specific operations on the Access Context Manager access policy. - operationId: accesscontextmanager.accessPolicies.setIamPolicy + Updates an authorized orgs desc. The long-running operation from this + RPC has a successful status after the authorized orgs desc propagates to + long-lasting storage. If a authorized orgs desc contains errors, an + error response is returned for the first error encountered. Only the + organization list in `AuthorizedOrgsDesc` can be updated. The name, + authorization_type, asset_type and authorization_direction cannot be + updated. + operationId: accesscontextmanager.accessPolicies.authorizedOrgsDescs.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/AuthorizedOrgsDesc' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2747,25 +2814,29 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: accessPoliciesId + name: accessPoliciesId + required: true + schema: + type: string + - in: path + name: authorizedOrgsDescsId required: true schema: type: string - /v1/accessPolicies/{accessPoliciesId}:getIamPolicy: - parameters: *ref_1 - post: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: description: >- - Gets the IAM policy for the specified Access Context Manager access - policy. - operationId: accesscontextmanager.accessPolicies.getIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + Deletes an authorized orgs desc based on the resource name. The + long-running operation from this RPC has a successful status after the + authorized orgs desc is removed from long-lasting storage. + operationId: accesscontextmanager.accessPolicies.authorizedOrgsDescs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2777,27 +2848,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: accessPoliciesId required: true schema: type: string - /v1/accessPolicies/{accessPoliciesId}:testIamPermissions: + - in: path + name: authorizedOrgsDescsId + required: true + schema: + type: string + /v1/accessPolicies/{accessPoliciesId}/authorizedOrgsDescs: parameters: *ref_1 post: description: >- - Returns the IAM permissions that the caller has on the specified Access - Context Manager resource. The resource can be an AccessPolicy, - AccessLevel, or ServicePerimeter. This method does not support other - resources. - operationId: accesscontextmanager.accessPolicies.testIamPermissions + Creates an authorized orgs desc. The long-running operation from this + RPC has a successful status after the authorized orgs desc propagates to + long-lasting storage. If a authorized orgs desc contains errors, an + error response is returned for the first error encountered. The name of + this `AuthorizedOrgsDesc` will be assigned during creation. + operationId: accesscontextmanager.accessPolicies.authorizedOrgsDescs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/AuthorizedOrgsDesc' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2809,18 +2886,16 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: accessPoliciesId required: true schema: type: string - /v1/accessPolicies/{accessPoliciesId}/accessLevels: - parameters: *ref_1 get: - description: Lists all access levels for an access policy. - operationId: accesscontextmanager.accessPolicies.accessLevels.list + description: Lists all authorized orgs descs for an access policy. + operationId: accesscontextmanager.accessPolicies.authorizedOrgsDescs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2832,38 +2907,41 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAccessLevelsResponse' + $ref: '#/components/schemas/ListAuthorizedOrgsDescsResponse' parameters: - in: path name: accessPoliciesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: type: string - in: query - name: accessLevelFormat + name: pageSize schema: - type: string + type: integer + format: int32 + /v1/accessPolicies/{accessPoliciesId}/accessLevels:replaceAll: + parameters: *ref_1 post: description: >- - Creates an access level. The long-running operation from this RPC has a - successful status after the access level propagates to long-lasting - storage. If access levels contain errors, an error response is returned - for the first error encountered. - operationId: accesscontextmanager.accessPolicies.accessLevels.create + Replaces all existing access levels in an access policy with the access + levels provided. This is done atomically. The long-running operation + from this RPC has a successful status after all replacements propagate + to long-lasting storage. If the replacement contains errors, an error + response is returned for the first error encountered. Upon error, the + replacement is cancelled, and existing access levels are not affected. + The Operation.response field contains ReplaceAccessLevelsResponse. + Removing access levels contained in existing service perimeters result + in an error. + operationId: accesscontextmanager.accessPolicies.accessLevels.replaceAll requestBody: content: application/json: schema: - $ref: '#/components/schemas/AccessLevel' + $ref: '#/components/schemas/ReplaceAccessLevelsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2983,25 +3061,20 @@ paths: required: true schema: type: string - /v1/accessPolicies/{accessPoliciesId}/accessLevels:replaceAll: + /v1/accessPolicies/{accessPoliciesId}/accessLevels/{accessLevelsId}:testIamPermissions: parameters: *ref_1 post: description: >- - Replaces all existing access levels in an access policy with the access - levels provided. This is done atomically. The long-running operation - from this RPC has a successful status after all replacements propagate - to long-lasting storage. If the replacement contains errors, an error - response is returned for the first error encountered. Upon error, the - replacement is cancelled, and existing access levels are not affected. - The Operation.response field contains ReplaceAccessLevelsResponse. - Removing access levels contained in existing service perimeters result - in an error. - operationId: accesscontextmanager.accessPolicies.accessLevels.replaceAll + Returns the IAM permissions that the caller has on the specified Access + Context Manager resource. The resource can be an AccessPolicy, + AccessLevel, or ServicePerimeter. This method does not support other + resources. + operationId: accesscontextmanager.accessPolicies.accessLevels.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/ReplaceAccessLevelsRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3013,27 +3086,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: accessPoliciesId required: true schema: type: string - /v1/accessPolicies/{accessPoliciesId}/accessLevels/{accessLevelsId}:testIamPermissions: + - in: path + name: accessLevelsId + required: true + schema: + type: string + /v1/accessPolicies/{accessPoliciesId}/accessLevels: parameters: *ref_1 post: description: >- - Returns the IAM permissions that the caller has on the specified Access - Context Manager resource. The resource can be an AccessPolicy, - AccessLevel, or ServicePerimeter. This method does not support other - resources. - operationId: accesscontextmanager.accessPolicies.accessLevels.testIamPermissions + Creates an access level. The long-running operation from this RPC has a + successful status after the access level propagates to long-lasting + storage. If access levels contain errors, an error response is returned + for the first error encountered. + operationId: accesscontextmanager.accessPolicies.accessLevels.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/AccessLevel' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3045,23 +3123,16 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: accessPoliciesId required: true schema: type: string - - in: path - name: accessLevelsId - required: true - schema: - type: string - /v1/accessPolicies/{accessPoliciesId}/servicePerimeters: - parameters: *ref_1 get: - description: Lists all service perimeters for an access policy. - operationId: accesscontextmanager.accessPolicies.servicePerimeters.list + description: Lists all access levels for an access policy. + operationId: accesscontextmanager.accessPolicies.accessLevels.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3073,7 +3144,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListServicePerimetersResponse' + $ref: '#/components/schemas/ListAccessLevelsResponse' parameters: - in: path name: accessPoliciesId @@ -3081,26 +3152,36 @@ paths: schema: type: string - in: query - name: pageSize + name: accessLevelFormat schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/accessPolicies/{accessPoliciesId}/servicePerimeters:replaceAll: + parameters: *ref_1 post: description: >- - Creates a service perimeter. The long-running operation from this RPC - has a successful status after the service perimeter propagates to - long-lasting storage. If a service perimeter contains errors, an error - response is returned for the first error encountered. - operationId: accesscontextmanager.accessPolicies.servicePerimeters.create + Replace all existing service perimeters in an access policy with the + service perimeters provided. This is done atomically. The long-running + operation from this RPC has a successful status after all replacements + propagate to long-lasting storage. Replacements containing errors result + in an error response for the first error encountered. Upon an error, + replacement are cancelled and existing service perimeters are not + affected. The Operation.response field contains + ReplaceServicePerimetersResponse. + operationId: accesscontextmanager.accessPolicies.servicePerimeters.replaceAll requestBody: content: application/json: schema: - $ref: '#/components/schemas/ServicePerimeter' + $ref: '#/components/schemas/ReplaceServicePerimetersRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3216,24 +3297,28 @@ paths: required: true schema: type: string - /v1/accessPolicies/{accessPoliciesId}/servicePerimeters:replaceAll: + /v1/accessPolicies/{accessPoliciesId}/servicePerimeters:commit: parameters: *ref_1 post: description: >- - Replace all existing service perimeters in an access policy with the - service perimeters provided. This is done atomically. The long-running - operation from this RPC has a successful status after all replacements - propagate to long-lasting storage. Replacements containing errors result - in an error response for the first error encountered. Upon an error, - replacement are cancelled and existing service perimeters are not - affected. The Operation.response field contains - ReplaceServicePerimetersResponse. - operationId: accesscontextmanager.accessPolicies.servicePerimeters.replaceAll + Commits the dry-run specification for all the service perimeters in an + access policy. A commit operation on a service perimeter involves + copying its `spec` field to the `status` field of the service perimeter. + Only service perimeters with `use_explicit_dry_run_spec` field set to + true are affected by a commit operation. The long-running operation from + this RPC has a successful status after the dry-run specifications for + all the service perimeters have been committed. If a commit fails, it + causes the long-running operation to return an error response and the + entire commit operation is cancelled. When successful, the + Operation.response field contains CommitServicePerimetersResponse. The + `dry_run` and the `spec` fields are cleared after a successful commit + operation. + operationId: accesscontextmanager.accessPolicies.servicePerimeters.commit requestBody: content: application/json: schema: - $ref: '#/components/schemas/ReplaceServicePerimetersRequest' + $ref: '#/components/schemas/CommitServicePerimetersRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3252,28 +3337,20 @@ paths: required: true schema: type: string - /v1/accessPolicies/{accessPoliciesId}/servicePerimeters:commit: + /v1/accessPolicies/{accessPoliciesId}/servicePerimeters: parameters: *ref_1 post: description: >- - Commits the dry-run specification for all the service perimeters in an - access policy. A commit operation on a service perimeter involves - copying its `spec` field to the `status` field of the service perimeter. - Only service perimeters with `use_explicit_dry_run_spec` field set to - true are affected by a commit operation. The long-running operation from - this RPC has a successful status after the dry-run specifications for - all the service perimeters have been committed. If a commit fails, it - causes the long-running operation to return an error response and the - entire commit operation is cancelled. When successful, the - Operation.response field contains CommitServicePerimetersResponse. The - `dry_run` and the `spec` fields are cleared after a successful commit - operation. - operationId: accesscontextmanager.accessPolicies.servicePerimeters.commit + Creates a service perimeter. The long-running operation from this RPC + has a successful status after the service perimeter propagates to + long-lasting storage. If a service perimeter contains errors, an error + response is returned for the first error encountered. + operationId: accesscontextmanager.accessPolicies.servicePerimeters.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/CommitServicePerimetersRequest' + $ref: '#/components/schemas/ServicePerimeter' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3292,20 +3369,9 @@ paths: required: true schema: type: string - /v1/accessPolicies/{accessPoliciesId}/servicePerimeters/{servicePerimetersId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns the IAM permissions that the caller has on the specified Access - Context Manager resource. The resource can be an AccessPolicy, - AccessLevel, or ServicePerimeter. This method does not support other - resources. - operationId: accesscontextmanager.accessPolicies.servicePerimeters.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + get: + description: Lists all service perimeters for an access policy. + operationId: accesscontextmanager.accessPolicies.servicePerimeters.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3317,23 +3383,36 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ListServicePerimetersResponse' parameters: - in: path name: accessPoliciesId required: true schema: type: string - - in: path - name: servicePerimetersId - required: true + - in: query + name: pageToken schema: type: string - /v1/accessPolicies/{accessPoliciesId}/authorizedOrgsDescs: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/accessPolicies/{accessPoliciesId}/servicePerimeters/{servicePerimetersId}:testIamPermissions: parameters: *ref_1 - get: - description: Lists all authorized orgs descs for an access policy. - operationId: accesscontextmanager.accessPolicies.authorizedOrgsDescs.list + post: + description: >- + Returns the IAM permissions that the caller has on the specified Access + Context Manager resource. The resource can be an AccessPolicy, + AccessLevel, or ServicePerimeter. This method does not support other + resources. + operationId: accesscontextmanager.accessPolicies.servicePerimeters.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3345,35 +3424,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAuthorizedOrgsDescsResponse' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: accessPoliciesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: servicePerimetersId + required: true schema: type: string + /v1/accessPolicies/{accessPoliciesId}:testIamPermissions: + parameters: *ref_1 post: description: >- - Creates an authorized orgs desc. The long-running operation from this - RPC has a successful status after the authorized orgs desc propagates to - long-lasting storage. If a authorized orgs desc contains errors, an - error response is returned for the first error encountered. The name of - this `AuthorizedOrgsDesc` will be assigned during creation. - operationId: accesscontextmanager.accessPolicies.authorizedOrgsDescs.create + Returns the IAM permissions that the caller has on the specified Access + Context Manager resource. The resource can be an AccessPolicy, + AccessLevel, or ServicePerimeter. This method does not support other + resources. + operationId: accesscontextmanager.accessPolicies.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/AuthorizedOrgsDesc' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3385,18 +3461,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: accessPoliciesId required: true schema: type: string - /v1/accessPolicies/{accessPoliciesId}/authorizedOrgsDescs/{authorizedOrgsDescsId}: + /v1/accessPolicies/{accessPoliciesId}:getIamPolicy: parameters: *ref_1 - get: - description: Gets an authorized orgs desc based on the resource name. - operationId: accesscontextmanager.accessPolicies.authorizedOrgsDescs.get + post: + description: >- + Gets the IAM policy for the specified Access Context Manager access + policy. + operationId: accesscontextmanager.accessPolicies.getIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3408,33 +3491,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AuthorizedOrgsDesc' + $ref: '#/components/schemas/Policy' parameters: - in: path name: accessPoliciesId required: true schema: type: string - - in: path - name: authorizedOrgsDescsId - required: true - schema: - type: string + /v1/accessPolicies/{accessPoliciesId}: + parameters: *ref_1 patch: description: >- - Updates an authorized orgs desc. The long-running operation from this - RPC has a successful status after the authorized orgs desc propagates to - long-lasting storage. If a authorized orgs desc contains errors, an - error response is returned for the first error encountered. Only the - organization list in `AuthorizedOrgsDesc` can be updated. The name, - authorization_type, asset_type and authorization_direction cannot be - updated. - operationId: accesscontextmanager.accessPolicies.authorizedOrgsDescs.patch + Updates an access policy. The long-running operation from this RPC has a + successful status after the changes to the access policy propagate to + long-lasting storage. + operationId: accesscontextmanager.accessPolicies.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/AuthorizedOrgsDesc' + $ref: '#/components/schemas/AccessPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3453,11 +3529,6 @@ paths: required: true schema: type: string - - in: path - name: authorizedOrgsDescsId - required: true - schema: - type: string - in: query name: updateMask schema: @@ -3465,10 +3536,10 @@ paths: format: google-fieldmask delete: description: >- - Deletes an authorized orgs desc based on the resource name. The - long-running operation from this RPC has a successful status after the - authorized orgs desc is removed from long-lasting storage. - operationId: accesscontextmanager.accessPolicies.authorizedOrgsDescs.delete + Deletes an access policy based on the resource name. The long-running + operation has a successful status after the access policy is removed + from long-lasting storage. + operationId: accesscontextmanager.accessPolicies.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3487,16 +3558,9 @@ paths: required: true schema: type: string - - in: path - name: authorizedOrgsDescsId - required: true - schema: - type: string - /v1/services: - parameters: *ref_1 get: - description: Lists all VPC-SC supported services. - operationId: accesscontextmanager.services.list + description: Returns an access policy based on the name. + operationId: accesscontextmanager.accessPolicies.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3508,22 +3572,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSupportedServicesResponse' + $ref: '#/components/schemas/AccessPolicy' parameters: - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: accessPoliciesId + required: true schema: type: string - /v1/services/{name}: + /v1/accessPolicies: parameters: *ref_1 - get: - description: Returns a VPC-SC supported service based on the service name. - operationId: accesscontextmanager.services.get + post: + description: >- + Creates an access policy. This method fails if the organization already + has an access policy. The long-running operation has a successful status + after the access policy propagates to long-lasting storage. Syntactic + and basic semantic errors are returned in `metadata` as a BadRequest + proto. + operationId: accesscontextmanager.accessPolicies.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AccessPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3535,18 +3605,11 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SupportedService' - parameters: - - in: path - name: name - required: true - schema: - type: string - /v1/organizations/{organizationsId}/gcpUserAccessBindings: - parameters: *ref_1 + $ref: '#/components/schemas/Operation' + parameters: [] get: - description: Lists all GcpUserAccessBindings for a Google Cloud organization. - operationId: accesscontextmanager.organizations.gcpUserAccessBindings.list + description: Lists all access policies in an organization. + operationId: accesscontextmanager.accessPolicies.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3558,11 +3621,14 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListGcpUserAccessBindingsResponse' + $ref: '#/components/schemas/ListAccessPoliciesResponse' parameters: - - in: path - name: organizationsId - required: true + - in: query + name: parent + schema: + type: string + - in: query + name: pageToken schema: type: string - in: query @@ -3570,23 +3636,20 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string + /v1/accessPolicies/{accessPoliciesId}:setIamPolicy: + parameters: *ref_1 post: description: >- - Creates a GcpUserAccessBinding. If the client specifies a name, the - server ignores it. Fails if a resource already exists with the same - group_key. Completion of this long-running operation does not - necessarily signify that the new binding is deployed onto all affected - users, which may take more time. - operationId: accesscontextmanager.organizations.gcpUserAccessBindings.create + Sets the IAM policy for the specified Access Context Manager access + policy. This method replaces the existing IAM policy on the access + policy. The IAM policy controls the set of users who can perform + specific operations on the Access Context Manager access policy. + operationId: accesscontextmanager.accessPolicies.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/GcpUserAccessBinding' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3598,18 +3661,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: organizationsId + name: accessPoliciesId required: true schema: type: string - /v1/organizations/{organizationsId}/gcpUserAccessBindings/{gcpUserAccessBindingsId}: + /v1/services/{name}: parameters: *ref_1 get: - description: Gets the GcpUserAccessBinding with the given name. - operationId: accesscontextmanager.organizations.gcpUserAccessBindings.get + description: Returns a VPC-SC supported service based on the service name. + operationId: accesscontextmanager.services.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3621,29 +3684,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GcpUserAccessBinding' + $ref: '#/components/schemas/SupportedService' parameters: - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: gcpUserAccessBindingsId + name: name required: true schema: type: string - patch: - description: >- - Updates a GcpUserAccessBinding. Completion of this long-running - operation does not necessarily signify that the changed binding is - deployed onto all affected users, which may take more time. - operationId: accesscontextmanager.organizations.gcpUserAccessBindings.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GcpUserAccessBinding' + /v1/services: + parameters: *ref_1 + get: + description: Lists all VPC-SC supported services. + operationId: accesscontextmanager.services.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3655,53 +3707,14 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListSupportedServicesResponse' parameters: - - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: gcpUserAccessBindingsId - required: true - schema: - type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - in: query - name: append - schema: - type: boolean - delete: - description: >- - Deletes a GcpUserAccessBinding. Completion of this long-running - operation does not necessarily signify that the binding deletion is - deployed onto all affected users, which may take more time. - operationId: accesscontextmanager.organizations.gcpUserAccessBindings.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: gcpUserAccessBindingsId - required: true + name: pageSize schema: - type: string + type: integer + format: int32 diff --git a/providers/src/googleapis.com/v00.00.00000/services/addressvalidation.yaml b/providers/src/googleapis.com/v00.00.00000/services/addressvalidation.yaml index e9d13456..a4f2ee2e 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/addressvalidation.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/addressvalidation.yaml @@ -11,8 +11,8 @@ info: the components of the parsed address, a geocode, and a verdict on the deliverability of the parsed address. version: v1 - x-discovery-doc-revision: '20250826' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251208' + x-generated-date: '2025-12-10' externalDocs: url: https://developers.google.com/maps/documentation/addressvalidation servers: @@ -41,12 +41,50 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: + GoogleTypeLatLng: + id: GoogleTypeLatLng + description: >- + An object that represents a latitude/longitude pair. This is expressed + as a pair of doubles to represent degrees latitude and degrees + longitude. Unless specified otherwise, this object must conform to the + WGS84 standard. Values must be within normalized ranges. + type: object + properties: + latitude: + format: double + description: The latitude in degrees. It must be in the range [-90.0, +90.0]. + type: number + longitude: + type: number + format: double + description: The longitude in degrees. It must be in the range [-180.0, +180.0]. GoogleMapsAddressvalidationV1ValidateAddressRequest: - id: GoogleMapsAddressvalidationV1ValidateAddressRequest description: The request for validating an address. - type: object properties: + languageOptions: + $ref: '#/components/schemas/GoogleMapsAddressvalidationV1LanguageOptions' + description: >- + Optional. Preview: This feature is in Preview (pre-GA). Pre-GA + products and features might have limited support, and changes to + pre-GA products and features might not be compatible with other + pre-GA versions. Pre-GA Offerings are covered by the [Google Maps + Platform Service Specific + Terms](https://cloud.google.com/maps-platform/terms/maps-service-terms). + For more information, see the [launch stage + descriptions](https://developers.google.com/maps/launch-stages). + Enables the Address Validation API to include additional information + in the response. + previousResponseId: + description: >- + This field must be empty for the first address validation request. + If more requests are necessary to fully validate a single address + (for example if the changes the user makes after the initial + validation need to be re-validated), then each followup request must + populate this field with the response_id from the very first + response in the validation sequence. + type: string address: + $ref: '#/components/schemas/GoogleTypePostalAddress' description: >- Required. The address being validated. Unformatted addresses should be submitted via `address_lines`. The total length of the fields in @@ -59,45 +97,8 @@ components: identified by the system. The Address Validation API ignores the values in recipients and organization. Any values in those fields will be discarded and not returned. Please do not set them. - $ref: '#/components/schemas/GoogleTypePostalAddress' - previousResponseId: - description: >- - This field must be empty for the first address validation request. - If more requests are necessary to fully validate a single address - (for example if the changes the user makes after the initial - validation need to be re-validated), then each followup request must - populate this field with the response_id from the very first - response in the validation sequence. - type: string - enableUspsCass: - description: >- - Enables USPS CASS compatible mode. This affects _only_ the - [google.maps.addressvalidation.v1.ValidationResult.usps_data] field - of [google.maps.addressvalidation.v1.ValidationResult]. Note: for - USPS CASS enabled requests for addresses in Puerto Rico, a - [google.type.PostalAddress.region_code] of the `address` must be - provided as "PR", or an - [google.type.PostalAddress.administrative_area] of the `address` - must be provided as "Puerto Rico" (case-insensitive) or "PR". It's - recommended to use a componentized `address`, or alternatively - specify at least two [google.type.PostalAddress.address_lines] where - the first line contains the street number and name and the second - line contains the city, state, and zip code. - type: boolean - languageOptions: - description: >- - Optional. Preview: This feature is in Preview (pre-GA). Pre-GA - products and features might have limited support, and changes to - pre-GA products and features might not be compatible with other - pre-GA versions. Pre-GA Offerings are covered by the [Google Maps - Platform Service Specific - Terms](https://cloud.google.com/maps-platform/terms/maps-service-terms). - For more information, see the [launch stage - descriptions](https://developers.google.com/maps/launch-stages). - Enables the Address Validation API to include additional information - in the response. - $ref: '#/components/schemas/GoogleMapsAddressvalidationV1LanguageOptions' sessionToken: + type: string description: >- Optional. A string which identifies an Autocomplete session for billing purposes. Must be a URL and filename safe base64 string with @@ -117,126 +118,175 @@ components: API, not the Autocomplete API. See https://developers.google.com/maps/documentation/places/web-service/session-pricing for more details. - type: string - GoogleTypePostalAddress: - id: GoogleTypePostalAddress + enableUspsCass: + description: >- + Enables USPS CASS compatible mode. This affects _only_ the + [google.maps.addressvalidation.v1.ValidationResult.usps_data] field + of [google.maps.addressvalidation.v1.ValidationResult]. Note: for + USPS CASS enabled requests for addresses in Puerto Rico, a + [google.type.PostalAddress.region_code] of the `address` must be + provided as "PR", or an + [google.type.PostalAddress.administrative_area] of the `address` + must be provided as "Puerto Rico" (case-insensitive) or "PR". It's + recommended to use a componentized `address`, or alternatively + specify at least two [google.type.PostalAddress.address_lines] where + the first line contains the street number and name and the second + line contains the city, state, and zip code. + type: boolean + type: object + id: GoogleMapsAddressvalidationV1ValidateAddressRequest + GoogleMapsAddressvalidationV1Address: description: >- - Represents a postal address, such as for postal delivery or payments - addresses. With a postal address, a postal service can deliver items to - a premise, P.O. box, or similar. A postal address is not intended to - model geographical locations like roads, towns, or mountains. In typical - usage, an address would be created by user input or from importing - existing data, depending on the type of process. Advice on address input - or editing: - Use an internationalization-ready address widget such as - https://github.com/google/libaddressinput. - Users should not be - presented with UI elements for input or editing of fields outside - countries where that field is used. For more guidance on how to use this - schema, see: https://support.google.com/business/answer/6397478. + Details of the post-processed address. Post-processing includes + correcting misspelled parts of the address, replacing incorrect parts, + and inferring missing parts. type: object + id: GoogleMapsAddressvalidationV1Address properties: - revision: - description: >- - The schema revision of the `PostalAddress`. This must be set to 0, - which is the latest revision. All new revisions **must** be backward - compatible with old revisions. - type: integer - format: int32 - regionCode: + missingComponentTypes: description: >- - Required. CLDR region code of the country/region of the address. - This is never inferred and it is up to the user to ensure the value - is correct. See https://cldr.unicode.org/ and - https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html - for details. Example: "CH" for Switzerland. - type: string - languageCode: + The types of components that were expected to be present in a + correctly formatted mailing address but were not found in the input + AND could not be inferred. An example might be `['street_number', + 'route']` for an input like "Boulder, Colorado, 80301, USA". The + list of possible types can be found + [here](https://developers.google.com/maps/documentation/geocoding/requests-geocoding#Types). + **Note: you might see a missing component type when you think you've + already supplied the missing component.** For example, this can + happen when the input address contains the building name, but not + the premise number. In the address "渋谷区渋谷3丁目 Shibuya Stream", the + building name "Shibuya Stream" has the component type `premise`, but + the premise number is missing, so `missing_component_types` will + contain `premise`. + type: array + items: + type: string + postalAddress: + $ref: '#/components/schemas/GoogleTypePostalAddress' + description: The post-processed address represented as a postal address. + unconfirmedComponentTypes: description: >- - Optional. BCP-47 language code of the contents of this address (if - known). This is often the UI language of the input form or is - expected to match one of the languages used in the address' - country/region, or their transliterated equivalents. This can affect - formatting in certain countries, but is not critical to the - correctness of the data and will never affect any validation or - other non-formatting related operations. If this value is not known, - it should be omitted (rather than specifying a possibly incorrect - default). Examples: "zh-Hant", "ja", "ja-Latn", "en". + The types of the components that are present in the + `address_components` but could not be confirmed to be correct. This + field is provided for the sake of convenience: its contents are + equivalent to iterating through the `address_components` to find the + types of all the components where the confirmation_level is not + CONFIRMED or the inferred flag is not set to `true`. The list of + possible types can be found + [here](https://developers.google.com/maps/documentation/geocoding/requests-geocoding#Types). + items: + type: string + type: array + formattedAddress: type: string - postalCode: description: >- - Optional. Postal code of the address. Not all countries use or - require postal codes to be present, but where they are used, they - may trigger additional validation with other parts of the address - (for example, state or zip code validation in the United States). - type: string - sortingCode: + The post-processed address, formatted as a single-line address + following the address formatting rules of the region where the + address is located. Note: the format of this address may not match + the format of the address in the `postal_address` field. For + example, the `postal_address` always represents the country as a 2 + letter `region_code`, such as "US" or "NZ". By contrast, this field + uses a longer form of the country name, such as "USA" or "New + Zealand". + unresolvedTokens: + type: array description: >- - Optional. Additional, country-specific, sorting code. This is not - used in most regions. Where it is used, the value is either a string - like "CEDEX", optionally followed by a number (for example, "CEDEX - 7"), or just a number alone, representing the "sector code" - (Jamaica), "delivery area indicator" (Malawi) or "post office - indicator" (Côte d'Ivoire). - type: string - administrativeArea: + Any tokens in the input that could not be resolved. This might be an + input that was not recognized as a valid part of an address. For + example, for an input such as "Parcel 0000123123 & 0000456456 Str # + Guthrie Center IA 50115 US", the unresolved tokens might look like + `["Parcel", "0000123123", "&", "0000456456"]`. + items: + type: string + addressComponents: description: >- - Optional. Highest administrative subdivision which is used for - postal addresses of a country or region. For example, this can be a - state, a province, an oblast, or a prefecture. For Spain, this is - the province and not the autonomous community (for example, - "Barcelona" and not "Catalonia"). Many countries don't use an - administrative area in postal addresses. For example, in - Switzerland, this should be left unpopulated. - type: string - locality: + Unordered list. The individual address components of the formatted + and corrected address, along with validation information. This + provides information on the validation status of the individual + components. Address components are not ordered in a particular way. + Do not make any assumptions on the ordering of the address + components in the list. + type: array + items: + $ref: '#/components/schemas/GoogleMapsAddressvalidationV1AddressComponent' + GoogleMapsAddressvalidationV1PlusCode: + id: GoogleMapsAddressvalidationV1PlusCode + properties: + globalCode: description: >- - Optional. Generally refers to the city or town portion of the - address. Examples: US city, IT comune, UK post town. In regions of - the world where localities are not well defined or do not fit into - this structure well, leave `locality` empty and use `address_lines`. + Place's global (full) code, such as "9FWM33GV+HQ", representing an + 1/8000 by 1/8000 degree area (~14 by 14 meters). type: string - sublocality: - description: >- - Optional. Sublocality of the address. For example, this can be a - neighborhood, borough, or district. + compoundCode: type: string - addressLines: description: >- - Unstructured address lines describing the lower levels of an - address. Because values in `address_lines` do not have type - information and may sometimes contain multiple values in a single - field (for example, "Austin, TX"), it is important that the line - order is clear. The order of address lines should be "envelope - order" for the country or region of the address. In places where - this can vary (for example, Japan), `address_language` is used to - make it explicit (for example, "ja" for large-to-small ordering and - "ja-Latn" or "en" for small-to-large). In this way, the most - specific line of an address can be selected based on the language. - The minimum permitted structural representation of an address - consists of a `region_code` with all remaining information placed in - the `address_lines`. It would be possible to format such an address - very approximately without geocoding, but no semantic reasoning - could be made about any of the address components until it was at - least partially resolved. Creating an address only containing a - `region_code` and `address_lines` and then geocoding is the - recommended way to handle completely unstructured addresses (as - opposed to guessing which parts of the address should be localities - or administrative areas). - type: array - items: - type: string - recipients: + Place's compound code, such as "33GV+HQ, Ramberg, Norway", + containing the suffix of the global code and replacing the prefix + with a formatted name of a reference entity. + description: >- + Plus code (http://plus.codes) is a location reference with two formats: + global code defining a 14mx14m (1/8000th of a degree) or smaller + rectangle, and compound code, replacing the prefix with a reference + location. + type: object + GoogleMapsAddressvalidationV1ProvideValidationFeedbackRequest: + properties: + conclusion: + enum: + - VALIDATION_CONCLUSION_UNSPECIFIED + - VALIDATED_VERSION_USED + - USER_VERSION_USED + - UNVALIDATED_VERSION_USED + - UNUSED + enumDescriptions: + - >- + This value is unused. If the + `ProvideValidationFeedbackRequest.conclusion` field is set to + `VALIDATION_CONCLUSION_UNSPECIFIED`, an `INVALID_ARGUMENT` error + will be returned. + - >- + The version of the address returned by the Address Validation API + was used for the transaction. + - >- + The version of the address provided by the user was used for the + transaction + - >- + A version of the address that was entered after the last + validation attempt but that was not re-validated was used for the + transaction. + - The transaction was abandoned and the address was not used. description: >- - Optional. The recipient at the address. This field may, under - certain circumstances, contain multiline information. For example, - it might contain "care of" information. - type: array - items: - type: string - organization: - description: Optional. The name of the organization at the address. + Required. The outcome of the sequence of validation attempts. If + this field is set to `VALIDATION_CONCLUSION_UNSPECIFIED`, an + `INVALID_ARGUMENT` error will be returned. + type: string + responseId: type: string + description: >- + Required. The ID of the response that this feedback is for. This + should be the response_id from the first response in a series of + address validation attempts. + id: GoogleMapsAddressvalidationV1ProvideValidationFeedbackRequest + description: The request for sending validation feedback. + type: object + GoogleMapsAddressvalidationV1ProvideValidationFeedbackResponse: + id: GoogleMapsAddressvalidationV1ProvideValidationFeedbackResponse + description: >- + The response for validation feedback. The response is empty if the + feedback is sent successfully. + type: object + properties: {} GoogleMapsAddressvalidationV1LanguageOptions: id: GoogleMapsAddressvalidationV1LanguageOptions + properties: + returnEnglishLatinAddress: + description: >- + Preview: Return a [google.maps.addressvalidation.v1.Address] in + English. See + [google.maps.addressvalidation.v1.ValidationResult.english_latin_address] + for details. + type: boolean + type: object description: >- Preview: This feature is in Preview (pre-GA). Pre-GA products and features might have limited support, and changes to pre-GA products and @@ -247,101 +297,9 @@ components: descriptions](https://developers.google.com/maps/launch-stages). Enables the Address Validation API to include additional information in the response. - type: object - properties: - returnEnglishLatinAddress: - description: >- - Preview: Return a [google.maps.addressvalidation.v1.Address] in - English. See - [google.maps.addressvalidation.v1.ValidationResult.english_latin_address] - for details. - type: boolean - GoogleMapsAddressvalidationV1ValidateAddressResponse: - id: GoogleMapsAddressvalidationV1ValidateAddressResponse - description: The response to an address validation request. - type: object - properties: - result: - description: The result of the address validation. - $ref: '#/components/schemas/GoogleMapsAddressvalidationV1ValidationResult' - responseId: - description: >- - The UUID that identifies this response. If the address needs to be - re-validated, this UUID *must* accompany the new request. - type: string - GoogleMapsAddressvalidationV1ValidationResult: - id: GoogleMapsAddressvalidationV1ValidationResult - description: The result of validating an address. - type: object - properties: - verdict: - description: Overall verdict flags - $ref: '#/components/schemas/GoogleMapsAddressvalidationV1Verdict' - address: - description: Information about the address itself as opposed to the geocode. - $ref: '#/components/schemas/GoogleMapsAddressvalidationV1Address' - geocode: - description: >- - Information about the location and place that the address geocoded - to. - $ref: '#/components/schemas/GoogleMapsAddressvalidationV1Geocode' - metadata: - description: >- - Other information relevant to deliverability. `metadata` is not - guaranteed to be fully populated for every address sent to the - Address Validation API. - $ref: '#/components/schemas/GoogleMapsAddressvalidationV1AddressMetadata' - uspsData: - description: >- - Extra deliverability flags provided by USPS. Only provided in region - `US` and `PR`. - $ref: '#/components/schemas/GoogleMapsAddressvalidationV1UspsData' - englishLatinAddress: - description: >- - Preview: This feature is in Preview (pre-GA). Pre-GA products and - features might have limited support, and changes to pre-GA products - and features might not be compatible with other pre-GA versions. - Pre-GA Offerings are covered by the [Google Maps Platform Service - Specific - Terms](https://cloud.google.com/maps-platform/terms/maps-service-terms). - For more information, see the [launch stage - descriptions](https://developers.google.com/maps/launch-stages). The - address translated to English. Translated addresses are not reusable - as API input. The service provides them so that the user can use - their native language to confirm or deny the validation of the - originally-provided address. If part of the address doesn't have an - English translation, the service returns that part in an alternate - language that uses a Latin script. See - [here](https://developers.google.com/maps/documentation/address-validation/convert-addresses-english) - for an explanation of how the alternate language is selected. If - part of the address doesn't have any translations or - transliterations in a language that uses a Latin script, the service - returns that part in the local language associated with the address. - Enable this output by using the - [google.maps.addressvalidation.v1.LanguageOptions.return_english_latin_address] - flag. Note: the - [google.maps.addressvalidation.v1.Address.unconfirmed_component_types] - field in the `english_latin_address` and the - [google.maps.addressvalidation.v1.AddressComponent.confirmation_level] - fields in `english_latin_address.address_components` are not - populated. - $ref: '#/components/schemas/GoogleMapsAddressvalidationV1Address' GoogleMapsAddressvalidationV1Verdict: - id: GoogleMapsAddressvalidationV1Verdict - description: High level overview of the address validation result and geocode. - type: object properties: inputGranularity: - description: >- - The granularity of the **input** address. This is the result of - parsing the input address and does not give any validation signals. - For validation signals, refer to `validation_granularity` below. For - example, if the input address includes a specific apartment number, - then the `input_granularity` here will be `SUB_PREMISE`. If the - address validation service cannot match the apartment number in the - databases or the apartment number is invalid, the - `validation_granularity` will likely be `PREMISE` or more coarse. - type: string enumDescriptions: - Default value. This value is unused. - Below-building level result, such as an apartment. @@ -358,6 +316,16 @@ components: - >- All other granularities, which are bucketed together since they are not deliverable. + description: >- + The granularity of the **input** address. This is the result of + parsing the input address and does not give any validation signals. + For validation signals, refer to `validation_granularity` below. For + example, if the input address includes a specific apartment number, + then the `input_granularity` here will be `SUB_PREMISE`. If the + address validation service cannot match the apartment number in the + databases or the apartment number is invalid, the + `validation_granularity` will likely be `PREMISE` or more coarse. + type: string enum: - GRANULARITY_UNSPECIFIED - SUB_PREMISE @@ -366,15 +334,31 @@ components: - BLOCK - ROUTE - OTHER - validationGranularity: + hasUnconfirmedComponents: + type: boolean description: >- - The level of granularity for the post-processed address that the API - can fully validate. For example, a `validation_granularity` of - `PREMISE` indicates all address components at the level of `PREMISE` - or more coarse can be validated. Per address component validation - result can be found in - [google.maps.addressvalidation.v1.Address.address_components]. + At least one address component cannot be categorized or validated, + see [google.maps.addressvalidation.v1.Address.address_components] + for details. + geocodeGranularity: + enum: + - GRANULARITY_UNSPECIFIED + - SUB_PREMISE + - PREMISE + - PREMISE_PROXIMITY + - BLOCK + - ROUTE + - OTHER type: string + description: >- + Information about the granularity of the `geocode`. This can be + understood as the semantic meaning of how coarse or fine the + geocoded location is. This can differ from the + `validation_granularity` above occasionally. For example, our + database might record the existence of an apartment number but do + not have a precise location for the apartment within a big apartment + complex. In that case, the `validation_granularity` will be + `SUB_PREMISE` but the `geocode_granularity` will be `PREMISE`. enumDescriptions: - Default value. This value is unused. - Below-building level result, such as an apartment. @@ -391,24 +375,19 @@ components: - >- All other granularities, which are bucketed together since they are not deliverable. - enum: - - GRANULARITY_UNSPECIFIED - - SUB_PREMISE - - PREMISE - - PREMISE_PROXIMITY - - BLOCK - - ROUTE - - OTHER - geocodeGranularity: + hasReplacedComponents: description: >- - Information about the granularity of the `geocode`. This can be - understood as the semantic meaning of how coarse or fine the - geocoded location is. This can differ from the - `validation_granularity` above occasionally. For example, our - database might record the existence of an apartment number but do - not have a precise location for the apartment within a big apartment - complex. In that case, the `validation_granularity` will be - `SUB_PREMISE` but the `geocode_granularity` will be `PREMISE`. + At least one address component was replaced, see + [google.maps.addressvalidation.v1.Address.address_components] for + details. + type: boolean + hasSpellCorrectedComponents: + description: >- + At least one address component was spell-corrected, see + [google.maps.addressvalidation.v1.Address.address_components] for + details. + type: boolean + validationGranularity: type: string enumDescriptions: - Default value. This value is unused. @@ -434,51 +413,27 @@ components: - BLOCK - ROUTE - OTHER - addressComplete: description: >- - The post-processed address is considered complete if there are no - unresolved tokens, no unexpected or missing address components. If - unset, indicates that the value is `false`. See - `missing_component_types`, `unresolved_tokens` or `unexpected` - fields for more details. + The level of granularity for the post-processed address that the API + can fully validate. For example, a `validation_granularity` of + `PREMISE` indicates all address components at the level of `PREMISE` + or more coarse can be validated. Per address component validation + result can be found in + [google.maps.addressvalidation.v1.Address.address_components]. + hasInferredComponents: type: boolean - hasUnconfirmedComponents: - description: >- - At least one address component cannot be categorized or validated, - see [google.maps.addressvalidation.v1.Address.address_components] - for details. - type: boolean - hasInferredComponents: description: >- At least one address component was inferred (added) that wasn't in the input, see [google.maps.addressvalidation.v1.Address.address_components] for details. - type: boolean - hasReplacedComponents: - description: >- - At least one address component was replaced, see - [google.maps.addressvalidation.v1.Address.address_components] for - details. - type: boolean possibleNextAction: - description: >- - Preview: This feature is in Preview (pre-GA). Pre-GA products and - features might have limited support, and changes to pre-GA products - and features might not be compatible with other pre-GA versions. - Pre-GA Offerings are covered by the [Google Maps Platform Service - Specific - Terms](https://cloud.google.com/maps-platform/terms/maps-service-terms). - For more information, see the [launch stage - descriptions](https://developers.google.com/maps/launch-stages). - Offers an interpretive summary of the API response, intended to - assist in determining a potential subsequent action to take. This - field is derived from other fields in the API response and should - not be considered as a guarantee of address accuracy or - deliverability. See [Build your validation - logic](https://developers.google.com/maps/documentation/address-validation/build-validation-logic) - for more details. - type: string + enum: + - POSSIBLE_NEXT_ACTION_UNSPECIFIED + - FIX + - CONFIRM_ADD_SUBPREMISES + - CONFIRM + - ACCEPT enumDescriptions: - Default value. This value is unused. - >- @@ -508,253 +463,257 @@ components: address might still contain corrections. It is your responsibility to determine if and how to prompt your customer, depending on your own risk assessment. - enum: - - POSSIBLE_NEXT_ACTION_UNSPECIFIED - - FIX - - CONFIRM_ADD_SUBPREMISES - - CONFIRM - - ACCEPT - hasSpellCorrectedComponents: description: >- - At least one address component was spell-corrected, see - [google.maps.addressvalidation.v1.Address.address_components] for - details. + Preview: This feature is in Preview (pre-GA). Pre-GA products and + features might have limited support, and changes to pre-GA products + and features might not be compatible with other pre-GA versions. + Pre-GA Offerings are covered by the [Google Maps Platform Service + Specific + Terms](https://cloud.google.com/maps-platform/terms/maps-service-terms). + For more information, see the [launch stage + descriptions](https://developers.google.com/maps/launch-stages). + Offers an interpretive summary of the API response, intended to + assist in determining a potential subsequent action to take. This + field is derived from other fields in the API response and should + not be considered as a guarantee of address accuracy or + deliverability. See [Build your validation + logic](https://developers.google.com/maps/documentation/address-validation/build-validation-logic) + for more details. + type: string + addressComplete: + description: >- + The post-processed address is considered complete if there are no + unresolved tokens, no unexpected or missing address components. If + unset, indicates that the value is `false`. See + `missing_component_types`, `unresolved_tokens` or `unexpected` + fields for more details. type: boolean - GoogleMapsAddressvalidationV1Address: - id: GoogleMapsAddressvalidationV1Address + type: object + id: GoogleMapsAddressvalidationV1Verdict + description: High level overview of the address validation result and geocode. + GoogleTypePostalAddress: + id: GoogleTypePostalAddress description: >- - Details of the post-processed address. Post-processing includes - correcting misspelled parts of the address, replacing incorrect parts, - and inferring missing parts. + Represents a postal address, such as for postal delivery or payments + addresses. With a postal address, a postal service can deliver items to + a premise, P.O. box, or similar. A postal address is not intended to + model geographical locations like roads, towns, or mountains. In typical + usage, an address would be created by user input or from importing + existing data, depending on the type of process. Advice on address input + or editing: - Use an internationalization-ready address widget such as + https://github.com/google/libaddressinput. - Users should not be + presented with UI elements for input or editing of fields outside + countries where that field is used. For more guidance on how to use this + schema, see: https://support.google.com/business/answer/6397478. type: object properties: - formattedAddress: + sublocality: + type: string description: >- - The post-processed address, formatted as a single-line address - following the address formatting rules of the region where the - address is located. Note: the format of this address may not match - the format of the address in the `postal_address` field. For - example, the `postal_address` always represents the country as a 2 - letter `region_code`, such as "US" or "NZ". By contrast, this field - uses a longer form of the country name, such as "USA" or "New - Zealand". + Optional. Sublocality of the address. For example, this can be a + neighborhood, borough, or district. + postalCode: + description: >- + Optional. Postal code of the address. Not all countries use or + require postal codes to be present, but where they are used, they + may trigger additional validation with other parts of the address + (for example, state or zip code validation in the United States). + type: string + languageCode: type: string - postalAddress: - description: The post-processed address represented as a postal address. - $ref: '#/components/schemas/GoogleTypePostalAddress' - addressComponents: description: >- - Unordered list. The individual address components of the formatted - and corrected address, along with validation information. This - provides information on the validation status of the individual - components. Address components are not ordered in a particular way. - Do not make any assumptions on the ordering of the address - components in the list. - type: array - items: - $ref: '#/components/schemas/GoogleMapsAddressvalidationV1AddressComponent' - missingComponentTypes: + Optional. BCP-47 language code of the contents of this address (if + known). This is often the UI language of the input form or is + expected to match one of the languages used in the address' + country/region, or their transliterated equivalents. This can affect + formatting in certain countries, but is not critical to the + correctness of the data and will never affect any validation or + other non-formatting related operations. If this value is not known, + it should be omitted (rather than specifying a possibly incorrect + default). Examples: "zh-Hant", "ja", "ja-Latn", "en". + organization: + description: Optional. The name of the organization at the address. + type: string + regionCode: description: >- - The types of components that were expected to be present in a - correctly formatted mailing address but were not found in the input - AND could not be inferred. An example might be `['street_number', - 'route']` for an input like "Boulder, Colorado, 80301, USA". The - list of possible types can be found - [here](https://developers.google.com/maps/documentation/geocoding/requests-geocoding#Types). - **Note: you might see a missing component type when you think you've - already supplied the missing component.** For example, this can - happen when the input address contains the building name, but not - the premise number. In the address "渋谷区渋谷3丁目 Shibuya Stream", the - building name "Shibuya Stream" has the component type `premise`, but - the premise number is missing, so `missing_component_types` will - contain `premise`. - type: array - items: - type: string - unconfirmedComponentTypes: + Required. CLDR region code of the country/region of the address. + This is never inferred and it is up to the user to ensure the value + is correct. See https://cldr.unicode.org/ and + https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html + for details. Example: "CH" for Switzerland. + type: string + administrativeArea: description: >- - The types of the components that are present in the - `address_components` but could not be confirmed to be correct. This - field is provided for the sake of convenience: its contents are - equivalent to iterating through the `address_components` to find the - types of all the components where the confirmation_level is not - CONFIRMED or the inferred flag is not set to `true`. The list of - possible types can be found - [here](https://developers.google.com/maps/documentation/geocoding/requests-geocoding#Types). - type: array + Optional. Highest administrative subdivision which is used for + postal addresses of a country or region. For example, this can be a + state, a province, an oblast, or a prefecture. For Spain, this is + the province and not the autonomous community (for example, + "Barcelona" and not "Catalonia"). Many countries don't use an + administrative area in postal addresses. For example, in + Switzerland, this should be left unpopulated. + type: string + sortingCode: + type: string + description: >- + Optional. Additional, country-specific, sorting code. This is not + used in most regions. Where it is used, the value is either a string + like "CEDEX", optionally followed by a number (for example, "CEDEX + 7"), or just a number alone, representing the "sector code" + (Jamaica), "delivery area indicator" (Malawi) or "post office + indicator" (Côte d'Ivoire). + revision: + type: integer + description: >- + The schema revision of the `PostalAddress`. This must be set to 0, + which is the latest revision. All new revisions **must** be backward + compatible with old revisions. + format: int32 + locality: + description: >- + Optional. Generally refers to the city or town portion of the + address. Examples: US city, IT comune, UK post town. In regions of + the world where localities are not well defined or do not fit into + this structure well, leave `locality` empty and use `address_lines`. + type: string + recipients: items: type: string - unresolvedTokens: + type: array description: >- - Any tokens in the input that could not be resolved. This might be an - input that was not recognized as a valid part of an address. For - example, for an input such as "Parcel 0000123123 & 0000456456 Str # - Guthrie Center IA 50115 US", the unresolved tokens might look like - `["Parcel", "0000123123", "&", "0000456456"]`. + Optional. The recipient at the address. This field may, under + certain circumstances, contain multiline information. For example, + it might contain "care of" information. + addressLines: type: array + description: >- + Unstructured address lines describing the lower levels of an + address. Because values in `address_lines` do not have type + information and may sometimes contain multiple values in a single + field (for example, "Austin, TX"), it is important that the line + order is clear. The order of address lines should be "envelope + order" for the country or region of the address. In places where + this can vary (for example, Japan), `address_language` is used to + make it explicit (for example, "ja" for large-to-small ordering and + "ja-Latn" or "en" for small-to-large). In this way, the most + specific line of an address can be selected based on the language. + The minimum permitted structural representation of an address + consists of a `region_code` with all remaining information placed in + the `address_lines`. It would be possible to format such an address + very approximately without geocoding, but no semantic reasoning + could be made about any of the address components until it was at + least partially resolved. Creating an address only containing a + `region_code` and `address_lines` and then geocoding is the + recommended way to handle completely unstructured addresses (as + opposed to guessing which parts of the address should be localities + or administrative areas). items: type: string - GoogleMapsAddressvalidationV1AddressComponent: - id: GoogleMapsAddressvalidationV1AddressComponent - description: Represents an address component, such as a street, city, or state. - type: object + GoogleMapsAddressvalidationV1ValidationResult: + description: The result of validating an address. + id: GoogleMapsAddressvalidationV1ValidationResult properties: - componentName: - description: The name for this component. - $ref: '#/components/schemas/GoogleMapsAddressvalidationV1ComponentName' - componentType: - description: >- - The type of the address component. See [Table 2: Additional types - returned by the Places - service](https://developers.google.com/places/web-service/supported_types#table2) - for a list of possible types. - type: string - confirmationLevel: + metadata: + $ref: '#/components/schemas/GoogleMapsAddressvalidationV1AddressMetadata' description: >- - Indicates the level of certainty that we have that the component is - correct. - type: string - enumDescriptions: - - Default value. This value is unused. - - >- - We were able to verify that this component exists and makes sense - in the context of the rest of the address. - - >- - This component could not be confirmed, but it is plausible that it - exists. For example, a street number within a known valid range of - numbers on a street where specific house numbers are not known. - - >- - This component was not confirmed and is likely to be wrong. For - example, a neighborhood that does not fit the rest of the address. - enum: - - CONFIRMATION_LEVEL_UNSPECIFIED - - CONFIRMED - - UNCONFIRMED_BUT_PLAUSIBLE - - UNCONFIRMED_AND_SUSPICIOUS - inferred: - description: >- - Indicates that the component was not part of the input, but we - inferred it for the address location and believe it should be - provided for a complete address. - type: boolean - spellCorrected: + Other information relevant to deliverability. `metadata` is not + guaranteed to be fully populated for every address sent to the + Address Validation API. + uspsData: description: >- - Indicates a correction to a misspelling in the component name. The - API does not always flag changes from one spelling variant to - another, such as when changing "centre" to "center". It also does - not always flag common misspellings, such as when changing - "Amphitheater Pkwy" to "Amphitheatre Pkwy". - type: boolean - replaced: + Extra deliverability flags provided by USPS. Only provided in region + `US` and `PR`. + $ref: '#/components/schemas/GoogleMapsAddressvalidationV1UspsData' + address: + description: Information about the address itself as opposed to the geocode. + $ref: '#/components/schemas/GoogleMapsAddressvalidationV1Address' + geocode: description: >- - Indicates the name of the component was replaced with a completely - different one, for example a wrong postal code being replaced with - one that is correct for the address. This is not a cosmetic change, - the input component has been changed to a different one. - type: boolean - unexpected: + Information about the location and place that the address geocoded + to. + $ref: '#/components/schemas/GoogleMapsAddressvalidationV1Geocode' + verdict: + $ref: '#/components/schemas/GoogleMapsAddressvalidationV1Verdict' + description: Overall verdict flags + englishLatinAddress: + $ref: '#/components/schemas/GoogleMapsAddressvalidationV1Address' description: >- - Indicates an address component that is not expected to be present in - a postal address for the given region. We have retained it only - because it was part of the input. - type: boolean - GoogleMapsAddressvalidationV1ComponentName: - id: GoogleMapsAddressvalidationV1ComponentName - description: A wrapper for the name of the component. + Preview: This feature is in Preview (pre-GA). Pre-GA products and + features might have limited support, and changes to pre-GA products + and features might not be compatible with other pre-GA versions. + Pre-GA Offerings are covered by the [Google Maps Platform Service + Specific + Terms](https://cloud.google.com/maps-platform/terms/maps-service-terms). + For more information, see the [launch stage + descriptions](https://developers.google.com/maps/launch-stages). The + address translated to English. Translated addresses are not reusable + as API input. The service provides them so that the user can use + their native language to confirm or deny the validation of the + originally-provided address. If part of the address doesn't have an + English translation, the service returns that part in an alternate + language that uses a Latin script. See + [here](https://developers.google.com/maps/documentation/address-validation/convert-addresses-english) + for an explanation of how the alternate language is selected. If + part of the address doesn't have any translations or + transliterations in a language that uses a Latin script, the service + returns that part in the local language associated with the address. + Enable this output by using the + [google.maps.addressvalidation.v1.LanguageOptions.return_english_latin_address] + flag. Note: the + [google.maps.addressvalidation.v1.Address.unconfirmed_component_types] + field in the `english_latin_address` and the + [google.maps.addressvalidation.v1.AddressComponent.confirmation_level] + fields in `english_latin_address.address_components` are not + populated. type: object + GoogleMapsAddressvalidationV1UspsAddress: + description: USPS representation of a US address. + id: GoogleMapsAddressvalidationV1UspsAddress properties: - text: - description: >- - The name text. For example, "5th Avenue" for a street name or "1253" - for a street number. + urbanization: type: string - languageCode: - description: >- - The BCP-47 language code. This will not be present if the component - name is not associated with a language, such as a street number. + description: Puerto Rican urbanization name. + firstAddressLine: type: string - GoogleMapsAddressvalidationV1Geocode: - id: GoogleMapsAddressvalidationV1Geocode - description: Contains information about the place the input was geocoded to. - type: object - properties: - location: - description: >- - The geocoded location of the input. Using place IDs is preferred - over using addresses, latitude/longitude coordinates, or plus codes. - Using coordinates when routing or calculating driving directions - will always result in the point being snapped to the road nearest to - those coordinates. This may not be a road that will quickly or - safely lead to the destination and may not be near an access point - to the property. Additionally, when a location is reverse geocoded, - there is no guarantee that the returned address will match the - original. - $ref: '#/components/schemas/GoogleTypeLatLng' - plusCode: - description: The plus code corresponding to the `location`. - $ref: '#/components/schemas/GoogleMapsAddressvalidationV1PlusCode' - bounds: - description: The bounds of the geocoded place. - $ref: '#/components/schemas/GoogleGeoTypeViewport' - featureSizeMeters: - description: >- - The size of the geocoded place, in meters. This is another measure - of the coarseness of the geocoded location, but in physical size - rather than in semantic meaning. - type: number - format: float - placeId: - description: >- - The PlaceID of the place this input geocodes to. For more - information about Place IDs see - [here](https://developers.google.com/maps/documentation/places/web-service/place-id). + description: First address line. + zipCode: type: string - placeTypes: - description: >- - The type(s) of place that the input geocoded to. For example, - `['locality', 'political']`. The full list of types can be found - [here](https://developers.google.com/maps/documentation/geocoding/requests-geocoding#Types). - type: array - items: - type: string - GoogleTypeLatLng: - id: GoogleTypeLatLng - description: >- - An object that represents a latitude/longitude pair. This is expressed - as a pair of doubles to represent degrees latitude and degrees - longitude. Unless specified otherwise, this object must conform to the - WGS84 standard. Values must be within normalized ranges. + description: Postal code e.g. 10009. + state: + description: 2 letter state code. + type: string + secondAddressLine: + description: Second address line. + type: string + zipCodeExtension: + type: string + description: 4-digit postal code extension e.g. 5023. + firm: + description: Firm name. + type: string + cityStateZipAddressLine: + type: string + description: City + state + postal code. + city: + type: string + description: City name. type: object - properties: - latitude: - description: The latitude in degrees. It must be in the range [-90.0, +90.0]. - type: number - format: double - longitude: - description: The longitude in degrees. It must be in the range [-180.0, +180.0]. - type: number - format: double - GoogleMapsAddressvalidationV1PlusCode: - id: GoogleMapsAddressvalidationV1PlusCode - description: >- - Plus code (http://plus.codes) is a location reference with two formats: - global code defining a 14mx14m (1/8000th of a degree) or smaller - rectangle, and compound code, replacing the prefix with a reference - location. + GoogleMapsAddressvalidationV1ComponentName: type: object properties: - globalCode: + languageCode: description: >- - Place's global (full) code, such as "9FWM33GV+HQ", representing an - 1/8000 by 1/8000 degree area (~14 by 14 meters). + The BCP-47 language code. This will not be present if the component + name is not associated with a language, such as a street number. type: string - compoundCode: + text: description: >- - Place's compound code, such as "33GV+HQ, Ramberg, Norway", - containing the suffix of the global code and replacing the prefix - with a formatted name of a reference entity. + The name text. For example, "5th Avenue" for a street name or "1253" + for a street number. type: string + id: GoogleMapsAddressvalidationV1ComponentName + description: A wrapper for the name of the component. GoogleGeoTypeViewport: + type: object id: GoogleGeoTypeViewport description: >- A latitude-longitude viewport, represented as two diagonally opposite @@ -774,59 +733,185 @@ components: viewport fully encloses New York City: { "low": { "latitude": 40.477398, "longitude": -74.259087 }, "high": { "latitude": 40.91618, "longitude": -73.70018 } } - type: object properties: low: - description: Required. The low point of the viewport. $ref: '#/components/schemas/GoogleTypeLatLng' + description: Required. The low point of the viewport. high: description: Required. The high point of the viewport. $ref: '#/components/schemas/GoogleTypeLatLng' GoogleMapsAddressvalidationV1AddressMetadata: - id: GoogleMapsAddressvalidationV1AddressMetadata + properties: + poBox: + description: >- + Indicates that the address of a PO box. If unset, indicates that the + value is unknown. + type: boolean + residential: + description: >- + Indicates that this is the address of a residence. If unset, + indicates that the value is unknown. + type: boolean + business: + type: boolean + description: >- + Indicates that this is the address of a business. If unset, + indicates that the value is unknown. description: >- The metadata for the post-processed address. `metadata` is not guaranteed to be fully populated for every address sent to the Address Validation API. + id: GoogleMapsAddressvalidationV1AddressMetadata + type: object + GoogleMapsAddressvalidationV1UspsData: type: object properties: - business: + lacsLinkReturnCode: + description: LACSLink return code. + type: string + poBoxOnlyPostalCode: + type: boolean + description: PO Box only postal code. + errorMessage: + type: string description: >- - Indicates that this is the address of a business. If unset, - indicates that the value is unknown. + Error message for USPS data retrieval. This is populated when USPS + processing is suspended because of the detection of artificially + created addresses. The USPS data fields might not be populated when + this error is present. + cassProcessed: + description: Indicator that the request has been CASS processed. type: boolean - poBox: + dpvFootnote: + type: string description: >- - Indicates that the address of a PO box. If unset, indicates that the - value is unknown. + The footnotes from delivery point validation. Multiple footnotes may + be strung together in the same string. * `AA`: Input address matched + to the ZIP+4 file * `A1`: Input address was not matched to the ZIP+4 + file * `BB`: Matched to DPV (all components) * `CC`: Secondary + number not matched and not required * `C1`: Secondary number not + matched but required * `N1`: High-rise address missing secondary + number * `M1`: Primary number missing * `M3`: Primary number invalid + * `P1`: Input address PO, RR or HC box number missing * `P3`: Input + address PO, RR, or HC Box number invalid * `F1`: Input address + matched to a military address * `G1`: Input address matched to a + general delivery address * `U1`: Input address matched to a unique + ZIP code * `PB`: Input address matched to PBSA record * `RR`: DPV + confirmed address with PMB information * `R1`: DPV confirmed address + without PMB information * `R7`: Carrier Route R777 or R779 record * + `IA`: Informed Address identified * `TA`: Primary number matched by + dropping a trailing alpha + elotNumber: + type: string + description: Enhanced Line of Travel (eLOT) number. + ewsNoMatch: + description: >- + The delivery address is matchable, but the EWS file indicates that + an exact match will be available soon. type: boolean - residential: + dpvEnhancedDeliveryCode: + description: >- + Indicates that more than one DPV return code is valid for the + address. Returns a single character. * `Y`: Address was DPV + confirmed for primary and any secondary numbers. * `N`: Primary and + any secondary number information failed to DPV confirm. * `S`: + Address was DPV confirmed for the primary number only, and the + secondary number information was present but not confirmed, or a + single trailing alpha on a primary number was dropped to make a DPV + match and secondary information required. * `D`: Address was DPV + confirmed for the primary number only, and the secondary number + information was missing. * `R`: Address confirmed but assigned to + phantom route R777 and R779 and USPS delivery is not provided. + type: string + dpvPbsa: + description: >- + Indicates the address was matched to PBSA record. Returns a single + character. * `Y`: The address was matched to PBSA record. * `N`: The + address was not matched to PBSA record. + type: string + dpvNoStat: + description: >- + Is this a no stat address or an active address? No stat addresses + are ones which are not continuously occupied or addresses that the + USPS does not service. Returns a single character. * `Y`: The + address is not active * `N`: The address is active + type: string + standardizedAddress: + description: USPS standardized address. + $ref: '#/components/schemas/GoogleMapsAddressvalidationV1UspsAddress' + dpvNonDeliveryDays: + type: string + description: >- + Flag indicates mail delivery is not performed every day of the week. + Returns a single character. * `Y`: The mail delivery is not + performed every day of the week. * `N`: No indication the mail + delivery is not performed every day of the week. + dpvCmra: + description: >- + Indicates if the address is a CMRA (Commercial Mail Receiving + Agency)--a private business receiving mail for clients. Returns a + single character. * `Y`: The address is a CMRA * `N`: The address is + not a CMRA + type: string + lacsLinkIndicator: + description: LACSLink indicator. + type: string + deliveryPointCheckDigit: + type: string + description: >- + The delivery point check digit. This number is added to the end of + the delivery_point_barcode for mechanically scanned mail. Adding all + the digits of the delivery_point_barcode, + delivery_point_check_digit, postal code, and ZIP+4 together should + yield a number divisible by 10. + deliveryPointCode: + type: string + description: 2 digit delivery point code + carrierRouteIndicator: + type: string + description: Carrier route rate sort indicator. + abbreviatedCity: + type: string + description: Abbreviated city. + addressRecordType: + description: >- + Type of the address record that matches the input address. * `F`: + FIRM. This is a match to a Firm Record, which is the finest level of + match available for an address. * `G`: GENERAL DELIVERY. This is a + match to a General Delivery record. * `H`: BUILDING / APARTMENT. + This is a match to a Building or Apartment record. * `P`: POST + OFFICE BOX. This is a match to a Post Office Box. * `R`: RURAL ROUTE + or HIGHWAY CONTRACT: This is a match to either a Rural Route or a + Highway Contract record, both of which may have associated Box + Number ranges. * `S`: STREET RECORD: This is a match to a Street + record containing a valid primary number range. + type: string + dpvDoorNotAccessible: + description: >- + Flag indicates addresses where USPS cannot knock on a door to + deliver mail. Returns a single character. * `Y`: The door is not + accessible. * `N`: No indication the door is not accessible. + type: string + dpvVacant: + type: string description: >- - Indicates that this is the address of a residence. If unset, - indicates that the value is unknown. - type: boolean - GoogleMapsAddressvalidationV1UspsData: - id: GoogleMapsAddressvalidationV1UspsData - description: >- - The USPS data for the address. `uspsData` is not guaranteed to be fully - populated for every US or PR address sent to the Address Validation API. - It's recommended to integrate the backup address fields in the response - if you utilize uspsData as the primary part of the response. - type: object - properties: - standardizedAddress: - description: USPS standardized address. - $ref: '#/components/schemas/GoogleMapsAddressvalidationV1UspsAddress' - deliveryPointCode: - description: 2 digit delivery point code + Is this place vacant? Returns a single character. * `Y`: The address + is vacant * `N`: The address is not vacant + dpvNoSecureLocation: + description: >- + Flag indicates door is accessible, but package will not be left due + to security concerns. Returns a single character. * `Y`: The package + will not be left due to security concerns. * `N`: No indication the + package will not be left due to security concerns. + type: string + dpvThrowback: type: string - deliveryPointCheckDigit: description: >- - The delivery point check digit. This number is added to the end of - the delivery_point_barcode for mechanically scanned mail. Adding all - the digits of the delivery_point_barcode, - delivery_point_check_digit, postal code, and ZIP+4 together should - yield a number divisible by 10. + Indicates that mail is not delivered to the street address. Returns + a single character. * `Y`: The mail is not delivered to the street + address. * `N`: The mail is delivered to the street address. + pmbNumber: + description: PMB (Private Mail Box) number; type: string dpvConfirmation: description: >- @@ -841,45 +926,39 @@ components: `dpv_confirmation` value, the address was not submitted for DPV confirmation. type: string - dpvFootnote: - description: >- - The footnotes from delivery point validation. Multiple footnotes may - be strung together in the same string. * `AA`: Input address matched - to the ZIP+4 file * `A1`: Input address was not matched to the ZIP+4 - file * `BB`: Matched to DPV (all components) * `CC`: Secondary - number not matched and not required * `C1`: Secondary number not - matched but required * `N1`: High-rise address missing secondary - number * `M1`: Primary number missing * `M3`: Primary number invalid - * `P1`: Input address PO, RR or HC box number missing * `P3`: Input - address PO, RR, or HC Box number invalid * `F1`: Input address - matched to a military address * `G1`: Input address matched to a - general delivery address * `U1`: Input address matched to a unique - ZIP code * `PB`: Input address matched to PBSA record * `RR`: DPV - confirmed address with PMB information * `R1`: DPV confirmed address - without PMB information * `R7`: Carrier Route R777 or R779 record * - `IA`: Informed Address identified * `TA`: Primary number matched by - dropping a trailing alpha + elotFlag: + description: eLOT Ascending/Descending Flag (A/D). type: string - dpvCmra: - description: >- - Indicates if the address is a CMRA (Commercial Mail Receiving - Agency)--a private business receiving mail for clients. Returns a - single character. * `Y`: The address is a CMRA * `N`: The address is - not a CMRA + postOfficeCity: + description: Main post office city. + type: string + county: + description: County name. + type: string + suitelinkFootnote: type: string - dpvVacant: description: >- - Is this place vacant? Returns a single character. * `Y`: The address - is vacant * `N`: The address is not vacant + Footnotes from matching a street or highrise record to suite + information. If business name match is found, the secondary number + is returned. * `A`: SuiteLink record match, business address + improved. * `00`: No match, business address is not improved. + carrierRoute: type: string - dpvNoStat: description: >- - Is this a no stat address or an active address? No stat addresses - are ones which are not continuously occupied or addresses that the - USPS does not service. Returns a single character. * `Y`: The - address is not active * `N`: The address is active + The carrier route code. A four character code consisting of a one + letter prefix and a three digit route designator. Prefixes: * `C`: + Carrier route (or city route) * `R`: Rural route * `H`: Highway + Contract Route * `B`: Post Office Box Section * `G`: General + delivery unit + pmbDesignator: + type: string + description: PMB (Private Mail Box) unit designator. + fipsCountyCode: type: string + description: FIPS county code. dpvNoStatReasonCode: + type: integer + format: int32 description: >- Indicates the NoStat type. Returns a reason code as int. * `1`: IDA (Internal Drop Address) – Addresses that do not receive mail @@ -893,28 +972,14 @@ components: Indicates addresses not receiving delivery and the addresses are not counted as possible deliveries. * `6`: Secondary Required - The address requires secondary information. - type: integer - format: int32 - dpvDrop: - description: >- - Flag indicates mail is delivered to a single receptable at a site. - Returns a single character. * `Y`: The mail is delivered to a single - receptable at a site. * `N`: The mail is not delivered to a single - receptable at a site. - type: string - dpvThrowback: - description: >- - Indicates that mail is not delivered to the street address. Returns - a single character. * `Y`: The mail is not delivered to the street - address. * `N`: The mail is delivered to the street address. - type: string - dpvNonDeliveryDays: + defaultAddress: + type: boolean description: >- - Flag indicates mail delivery is not performed every day of the week. - Returns a single character. * `Y`: The mail delivery is not - performed every day of the week. * `N`: No indication the mail - delivery is not performed every day of the week. + Indicator that a default address was found, but more specific + addresses exists. + postOfficeState: type: string + description: Main post office state. dpvNonDeliveryDaysValues: description: >- Integer identifying non-delivery days. It can be interrogated using @@ -923,236 +988,167 @@ components: Wednesday is a non-delivery day 0x04 – Thursday is a non-delivery day 0x02 – Friday is a non-delivery day 0x01 – Saturday is a non-delivery day - type: integer format: int32 - dpvNoSecureLocation: - description: >- - Flag indicates door is accessible, but package will not be left due - to security concerns. Returns a single character. * `Y`: The package - will not be left due to security concerns. * `N`: No indication the - package will not be left due to security concerns. - type: string - dpvPbsa: - description: >- - Indicates the address was matched to PBSA record. Returns a single - character. * `Y`: The address was matched to PBSA record. * `N`: The - address was not matched to PBSA record. - type: string - dpvDoorNotAccessible: - description: >- - Flag indicates addresses where USPS cannot knock on a door to - deliver mail. Returns a single character. * `Y`: The door is not - accessible. * `N`: No indication the door is not accessible. - type: string - dpvEnhancedDeliveryCode: - description: >- - Indicates that more than one DPV return code is valid for the - address. Returns a single character. * `Y`: Address was DPV - confirmed for primary and any secondary numbers. * `N`: Primary and - any secondary number information failed to DPV confirm. * `S`: - Address was DPV confirmed for the primary number only, and the - secondary number information was present but not confirmed, or a - single trailing alpha on a primary number was dropped to make a DPV - match and secondary information required. * `D`: Address was DPV - confirmed for the primary number only, and the secondary number - information was missing. * `R`: Address confirmed but assigned to - phantom route R777 and R779 and USPS delivery is not provided. - type: string - carrierRoute: - description: >- - The carrier route code. A four character code consisting of a one - letter prefix and a three digit route designator. Prefixes: * `C`: - Carrier route (or city route) * `R`: Rural route * `H`: Highway - Contract Route * `B`: Post Office Box Section * `G`: General - delivery unit - type: string - carrierRouteIndicator: - description: Carrier route rate sort indicator. - type: string - ewsNoMatch: - description: >- - The delivery address is matchable, but the EWS file indicates that - an exact match will be available soon. - type: boolean - postOfficeCity: - description: Main post office city. - type: string - postOfficeState: - description: Main post office state. - type: string - abbreviatedCity: - description: Abbreviated city. - type: string - fipsCountyCode: - description: FIPS county code. - type: string - county: - description: County name. - type: string - elotNumber: - description: Enhanced Line of Travel (eLOT) number. - type: string - elotFlag: - description: eLOT Ascending/Descending Flag (A/D). - type: string - lacsLinkReturnCode: - description: LACSLink return code. - type: string - lacsLinkIndicator: - description: LACSLink indicator. + type: integer + dpvDrop: type: string - poBoxOnlyPostalCode: - description: PO Box only postal code. - type: boolean - suitelinkFootnote: description: >- - Footnotes from matching a street or highrise record to suite - information. If business name match is found, the secondary number - is returned. * `A`: SuiteLink record match, business address - improved. * `00`: No match, business address is not improved. - type: string - pmbDesignator: - description: PMB (Private Mail Box) unit designator. - type: string - pmbNumber: - description: PMB (Private Mail Box) number; - type: string - addressRecordType: + Flag indicates mail is delivered to a single receptable at a site. + Returns a single character. * `Y`: The mail is delivered to a single + receptable at a site. * `N`: The mail is not delivered to a single + receptable at a site. + id: GoogleMapsAddressvalidationV1UspsData + description: >- + The USPS data for the address. `uspsData` is not guaranteed to be fully + populated for every US or PR address sent to the Address Validation API. + It's recommended to integrate the backup address fields in the response + if you utilize uspsData as the primary part of the response. + GoogleMapsAddressvalidationV1Geocode: + properties: + location: description: >- - Type of the address record that matches the input address. * `F`: - FIRM. This is a match to a Firm Record, which is the finest level of - match available for an address. * `G`: GENERAL DELIVERY. This is a - match to a General Delivery record. * `H`: BUILDING / APARTMENT. - This is a match to a Building or Apartment record. * `P`: POST - OFFICE BOX. This is a match to a Post Office Box. * `R`: RURAL ROUTE - or HIGHWAY CONTRACT: This is a match to either a Rural Route or a - Highway Contract record, both of which may have associated Box - Number ranges. * `S`: STREET RECORD: This is a match to a Street - record containing a valid primary number range. + The geocoded location of the input. Using place IDs is preferred + over using addresses, latitude/longitude coordinates, or plus codes. + Using coordinates when routing or calculating driving directions + will always result in the point being snapped to the road nearest to + those coordinates. This may not be a road that will quickly or + safely lead to the destination and may not be near an access point + to the property. Additionally, when a location is reverse geocoded, + there is no guarantee that the returned address will match the + original. + $ref: '#/components/schemas/GoogleTypeLatLng' + bounds: + $ref: '#/components/schemas/GoogleGeoTypeViewport' + description: The bounds of the geocoded place. + plusCode: + description: The plus code corresponding to the `location`. + $ref: '#/components/schemas/GoogleMapsAddressvalidationV1PlusCode' + placeId: type: string - defaultAddress: description: >- - Indicator that a default address was found, but more specific - addresses exists. - type: boolean - errorMessage: + The PlaceID of the place this input geocodes to. For more + information about Place IDs see + [here](https://developers.google.com/maps/documentation/places/web-service/place-id). + featureSizeMeters: + format: float + type: number description: >- - Error message for USPS data retrieval. This is populated when USPS - processing is suspended because of the detection of artificially - created addresses. The USPS data fields might not be populated when - this error is present. - type: string - cassProcessed: - description: Indicator that the request has been CASS processed. - type: boolean - GoogleMapsAddressvalidationV1UspsAddress: - id: GoogleMapsAddressvalidationV1UspsAddress - description: USPS representation of a US address. + The size of the geocoded place, in meters. This is another measure + of the coarseness of the geocoded location, but in physical size + rather than in semantic meaning. + placeTypes: + description: >- + The type(s) of place that the input geocoded to. For example, + `['locality', 'political']`. The full list of types can be found + [here](https://developers.google.com/maps/documentation/geocoding/requests-geocoding#Types). + items: + type: string + type: array type: object + id: GoogleMapsAddressvalidationV1Geocode + description: Contains information about the place the input was geocoded to. + GoogleMapsAddressvalidationV1ValidateAddressResponse: properties: - firstAddressLine: - description: First address line. - type: string - firm: - description: Firm name. - type: string - secondAddressLine: - description: Second address line. - type: string - urbanization: - description: Puerto Rican urbanization name. - type: string - cityStateZipAddressLine: - description: City + state + postal code. - type: string - city: - description: City name. - type: string - state: - description: 2 letter state code. - type: string - zipCode: - description: Postal code e.g. 10009. - type: string - zipCodeExtension: - description: 4-digit postal code extension e.g. 5023. + result: + description: The result of the address validation. + $ref: '#/components/schemas/GoogleMapsAddressvalidationV1ValidationResult' + responseId: + description: >- + The UUID that identifies this response. If the address needs to be + re-validated, this UUID *must* accompany the new request. type: string - GoogleMapsAddressvalidationV1ProvideValidationFeedbackRequest: - id: GoogleMapsAddressvalidationV1ProvideValidationFeedbackRequest - description: The request for sending validation feedback. + id: GoogleMapsAddressvalidationV1ValidateAddressResponse type: object + description: The response to an address validation request. + GoogleMapsAddressvalidationV1AddressComponent: + id: GoogleMapsAddressvalidationV1AddressComponent + description: Represents an address component, such as a street, city, or state. properties: - conclusion: + replaced: description: >- - Required. The outcome of the sequence of validation attempts. If - this field is set to `VALIDATION_CONCLUSION_UNSPECIFIED`, an - `INVALID_ARGUMENT` error will be returned. + Indicates the name of the component was replaced with a completely + different one, for example a wrong postal code being replaced with + one that is correct for the address. This is not a cosmetic change, + the input component has been changed to a different one. + type: boolean + spellCorrected: + type: boolean + description: >- + Indicates a correction to a misspelling in the component name. The + API does not always flag changes from one spelling variant to + another, such as when changing "centre" to "center". It also does + not always flag common misspellings, such as when changing + "Amphitheater Pkwy" to "Amphitheatre Pkwy". + confirmationLevel: + enum: + - CONFIRMATION_LEVEL_UNSPECIFIED + - CONFIRMED + - UNCONFIRMED_BUT_PLAUSIBLE + - UNCONFIRMED_AND_SUSPICIOUS + description: >- + Indicates the level of certainty that we have that the component is + correct. type: string enumDescriptions: + - Default value. This value is unused. - >- - This value is unused. If the - `ProvideValidationFeedbackRequest.conclusion` field is set to - `VALIDATION_CONCLUSION_UNSPECIFIED`, an `INVALID_ARGUMENT` error - will be returned. - - >- - The version of the address returned by the Address Validation API - was used for the transaction. + We were able to verify that this component exists and makes sense + in the context of the rest of the address. - >- - The version of the address provided by the user was used for the - transaction + This component could not be confirmed, but it is plausible that it + exists. For example, a street number within a known valid range of + numbers on a street where specific house numbers are not known. - >- - A version of the address that was entered after the last - validation attempt but that was not re-validated was used for the - transaction. - - The transaction was abandoned and the address was not used. - enum: - - VALIDATION_CONCLUSION_UNSPECIFIED - - VALIDATED_VERSION_USED - - USER_VERSION_USED - - UNVALIDATED_VERSION_USED - - UNUSED - responseId: + This component was not confirmed and is likely to be wrong. For + example, a neighborhood that does not fit the rest of the address. + unexpected: description: >- - Required. The ID of the response that this feedback is for. This - should be the response_id from the first response in a series of - address validation attempts. + Indicates an address component that is not expected to be present in + a postal address for the given region. We have retained it only + because it was part of the input. + type: boolean + componentName: + description: The name for this component. + $ref: '#/components/schemas/GoogleMapsAddressvalidationV1ComponentName' + componentType: + description: >- + The type of the address component. See [Table 2: Additional types + returned by the Places + service](https://developers.google.com/places/web-service/supported_types#table2) + for a list of possible types. type: string - GoogleMapsAddressvalidationV1ProvideValidationFeedbackResponse: - id: GoogleMapsAddressvalidationV1ProvideValidationFeedbackResponse - description: >- - The response for validation feedback. The response is empty if the - feedback is sent successfully. + inferred: + description: >- + Indicates that the component was not part of the input, but we + inferred it for the address location and believe it should be + provided for a complete address. + type: boolean type: object - properties: {} parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. + _.xgafv: + description: V1 error format. in: query - name: alt + name: $.xgafv schema: type: string enum: - - json - - media - - proto - callback: - description: JSONP + - '1' + - '2' + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: callback + name: quotaUser schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: fields + name: prettyPrint schema: - type: string + type: boolean key: description: >- API key. Your API key identifies your project and provides you with API @@ -1162,31 +1158,28 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + callback: + description: JSONP in: query - name: oauth_token + name: callback schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + access_token: + description: OAuth access token. in: query - name: prettyPrint + name: access_token schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + type: string + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: quotaUser + name: fields schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: upload_protocol + name: oauth_token schema: type: string uploadType: @@ -1195,15 +1188,22 @@ components: name: uploadType schema: type: string - _.xgafv: - description: V1 error format. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: $.xgafv + name: upload_protocol + schema: + type: string + alt: + description: Data format for response. + in: query + name: alt schema: type: string enum: - - '1' - - '2' + - json + - media + - proto x-stackQL-resources: addressvalidation: id: google.addressvalidation.addressvalidation @@ -1231,17 +1231,17 @@ components: paths: /v1:validateAddress: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/alt' post: description: Validates an address. operationId: addressvalidation.validateAddress diff --git a/providers/src/googleapis.com/v00.00.00000/services/advisorynotifications.yaml b/providers/src/googleapis.com/v00.00.00000/services/advisorynotifications.yaml index e2451b06..6031d404 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/advisorynotifications.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/advisorynotifications.yaml @@ -7,8 +7,8 @@ info: title: Advisory Notifications API description: An API for accessing Advisory Notifications in Google Cloud version: v1 - x-discovery-doc-revision: '20250824' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251207' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/advisory-notifications servers: @@ -35,88 +35,177 @@ components: scopes: *ref_0 schemas: GoogleCloudAdvisorynotificationsV1ListNotificationsResponse: + type: object id: GoogleCloudAdvisorynotificationsV1ListNotificationsResponse description: Response of ListNotifications endpoint. - type: object properties: - notifications: - description: List of notifications under a given parent. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAdvisorynotificationsV1Notification nextPageToken: + type: string description: >- A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. - type: string totalSize: description: Estimation of a total number of notifications. - type: integer format: int32 - GoogleCloudAdvisorynotificationsV1Notification: - id: GoogleCloudAdvisorynotificationsV1Notification + type: integer + notifications: + description: List of notifications under a given parent. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAdvisorynotificationsV1Notification + GoogleCloudAdvisorynotificationsV1Csv: + type: object description: >- - A notification object for notifying customers about security and privacy - issues. + A representation of a CSV file attachment, as a list of column headers + and a list of data rows. + id: GoogleCloudAdvisorynotificationsV1Csv + properties: + headers: + type: array + items: + type: string + description: The list of headers for data columns in a CSV file. + dataRows: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1CsvCsvRow' + description: >- + The list of data rows in a CSV file, as string arrays rather than as + a single comma-separated string. + GoogleCloudAdvisorynotificationsV1Settings: type: object + description: Settings for Advisory Notifications. properties: name: + type: string description: >- - The resource name of the notification. Format: - organizations/{organization}/locations/{location}/notifications/{notification} - or - projects/{project}/locations/{location}/notifications/{notification}. + Identifier. The resource name of the settings to retrieve. Format: + organizations/{organization}/locations/{location}/settings or + projects/{projects}/locations/{location}/settings. + notificationSettings: + type: object + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudAdvisorynotificationsV1NotificationSettings + description: >- + Required. Map of each notification type and its settings to get/set + all settings at once. The server will validate the value for each + notification type. + etag: type: string - subject: - description: The subject line of the notification. - $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1Subject' - messages: - description: A list of messages in the notification. + description: >- + Required. Fingerprint for optimistic concurrency returned in Get + requests. Must be provided for Update requests. If the value + provided does not match the value known to the server, ABORTED will + be thrown, and the client should retry the read-modify-write cycle. + id: GoogleCloudAdvisorynotificationsV1Settings + GoogleCloudAdvisorynotificationsV1CsvCsvRow: + id: GoogleCloudAdvisorynotificationsV1CsvCsvRow + properties: + entries: + items: + type: string + description: >- + The data entries in a CSV file row, as a string array rather than a + single comma-separated string. type: array + description: A representation of a single data row in a CSV file. + type: object + GoogleCloudAdvisorynotificationsV1Message: + type: object + description: A message which contains notification details. + id: GoogleCloudAdvisorynotificationsV1Message + properties: + localizationTime: + description: Time when Message was localized + type: string + format: google-datetime + attachments: + description: The attachments to download. items: - $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1Message' + $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1Attachment' + type: array createTime: - description: Output only. Time the notification was created. - readOnly: true - type: string + description: The Message creation timestamp. format: google-datetime - notificationType: - description: Type of notification type: string + body: + description: The message content. + $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1MessageBody' + GoogleCloudAdvisorynotificationsV1Attachment: + properties: + displayName: + type: string + description: The title of the attachment. + csv: + $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1Csv' + description: A CSV file attachment. Max size is 10 MB. + description: Attachment with specific information about the issue. + type: object + id: GoogleCloudAdvisorynotificationsV1Attachment + GoogleCloudAdvisorynotificationsV1NotificationSettings: + properties: + enabled: + description: Whether the associated NotificationType is enabled. + type: boolean + description: Settings for each NotificationType. + id: GoogleCloudAdvisorynotificationsV1NotificationSettings + type: object + GoogleCloudAdvisorynotificationsV1Notification: + id: GoogleCloudAdvisorynotificationsV1Notification + type: object + description: >- + A notification object for notifying customers about security and privacy + issues. + properties: + notificationType: enumDescriptions: - Default type - Security and privacy advisory notifications - Sensitive action notifications - General security MSA - Threat horizons MSA + type: string enum: - NOTIFICATION_TYPE_UNSPECIFIED - NOTIFICATION_TYPE_SECURITY_PRIVACY_ADVISORY - NOTIFICATION_TYPE_SENSITIVE_ACTIONS - NOTIFICATION_TYPE_SECURITY_MSA - NOTIFICATION_TYPE_THREAT_HORIZONS - GoogleCloudAdvisorynotificationsV1Subject: - id: GoogleCloudAdvisorynotificationsV1Subject - description: A subject line of a notification. - type: object - properties: - text: - description: The text content. - $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1Text' + description: Type of notification + createTime: + type: string + description: Output only. Time the notification was created. + format: google-datetime + readOnly: true + subject: + description: The subject line of the notification. + $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1Subject' + name: + description: >- + The resource name of the notification. Format: + organizations/{organization}/locations/{location}/notifications/{notification} + or + projects/{project}/locations/{location}/notifications/{notification}. + type: string + messages: + description: A list of messages in the notification. + items: + $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1Message' + type: array GoogleCloudAdvisorynotificationsV1Text: id: GoogleCloudAdvisorynotificationsV1Text - description: A text object containing the English text and its localized copies. type: object + description: A text object containing the English text and its localized copies. properties: - enText: - description: The English copy. - type: string - localizedText: - description: The requested localized copy (if applicable). - type: string localizationState: description: Status of the localization. + enum: + - LOCALIZATION_STATE_UNSPECIFIED + - LOCALIZATION_STATE_NOT_APPLICABLE + - LOCALIZATION_STATE_PENDING + - LOCALIZATION_STATE_COMPLETED type: string enumDescriptions: - Not used. @@ -131,122 +220,60 @@ components: Localization for requested language is in progress, and not ready yet. - Localization for requested language is completed. - enum: - - LOCALIZATION_STATE_UNSPECIFIED - - LOCALIZATION_STATE_NOT_APPLICABLE - - LOCALIZATION_STATE_PENDING - - LOCALIZATION_STATE_COMPLETED - GoogleCloudAdvisorynotificationsV1Message: - id: GoogleCloudAdvisorynotificationsV1Message - description: A message which contains notification details. - type: object - properties: - body: - description: The message content. - $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1MessageBody' - attachments: - description: The attachments to download. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1Attachment' - createTime: - description: The Message creation timestamp. + enText: type: string - format: google-datetime - localizationTime: - description: Time when Message was localized + description: The English copy. + localizedText: + description: The requested localized copy (if applicable). type: string - format: google-datetime GoogleCloudAdvisorynotificationsV1MessageBody: - id: GoogleCloudAdvisorynotificationsV1MessageBody - description: A message body containing text. type: object + description: A message body containing text. properties: text: description: The text content of the message body. $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1Text' - GoogleCloudAdvisorynotificationsV1Attachment: - id: GoogleCloudAdvisorynotificationsV1Attachment - description: Attachment with specific information about the issue. - type: object - properties: - csv: - description: A CSV file attachment. Max size is 10 MB. - $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1Csv' - displayName: - description: The title of the attachment. - type: string - GoogleCloudAdvisorynotificationsV1Csv: - id: GoogleCloudAdvisorynotificationsV1Csv - description: >- - A representation of a CSV file attachment, as a list of column headers - and a list of data rows. - type: object - properties: - headers: - description: The list of headers for data columns in a CSV file. - type: array - items: - type: string - dataRows: - description: >- - The list of data rows in a CSV file, as string arrays rather than as - a single comma-separated string. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1CsvCsvRow' - GoogleCloudAdvisorynotificationsV1CsvCsvRow: - id: GoogleCloudAdvisorynotificationsV1CsvCsvRow - description: A representation of a single data row in a CSV file. - type: object - properties: - entries: - description: >- - The data entries in a CSV file row, as a string array rather than a - single comma-separated string. - type: array - items: - type: string - GoogleCloudAdvisorynotificationsV1Settings: - id: GoogleCloudAdvisorynotificationsV1Settings - description: Settings for Advisory Notifications. - type: object - properties: - name: - description: >- - Identifier. The resource name of the settings to retrieve. Format: - organizations/{organization}/locations/{location}/settings or - projects/{projects}/locations/{location}/settings. - type: string - notificationSettings: - description: >- - Required. Map of each notification type and its settings to get/set - all settings at once. The server will validate the value for each - notification type. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudAdvisorynotificationsV1NotificationSettings - etag: - description: >- - Required. Fingerprint for optimistic concurrency returned in Get - requests. Must be provided for Update requests. If the value - provided does not match the value known to the server, ABORTED will - be thrown, and the client should retry the read-modify-write cycle. - type: string - GoogleCloudAdvisorynotificationsV1NotificationSettings: - id: GoogleCloudAdvisorynotificationsV1NotificationSettings - description: Settings for each NotificationType. + id: GoogleCloudAdvisorynotificationsV1MessageBody + GoogleCloudAdvisorynotificationsV1Subject: + id: GoogleCloudAdvisorynotificationsV1Subject type: object + description: A subject line of a notification. properties: - enabled: - description: Whether the associated NotificationType is enabled. - type: boolean + text: + description: The text content. + $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1Text' parameters: - access_token: - description: OAuth access token. + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: access_token + name: uploadType + schema: + type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol schema: type: string alt: @@ -265,12 +292,6 @@ components: name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string key: description: >- API key. Your API key identifies your project and provides you with API @@ -280,10 +301,10 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + access_token: + description: OAuth access token. in: query - name: oauth_token + name: access_token schema: type: string prettyPrint: @@ -301,100 +322,79 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - _.xgafv: - description: V1 error format. - in: query - name: $.xgafv - schema: - type: string - enum: - - '1' - - '2' x-stackQL-resources: - settings: - id: google.advisorynotifications.settings - name: settings - title: Settings + notifications: + id: google.advisorynotifications.notifications + name: notifications + title: Notifications methods: - get_settings: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1settings/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notifications~1{notificationsId}/get response: mediaType: application/json openAPIDocKey: '200' - update_settings: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1settings/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notifications/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.notifications sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/settings/methods/get_settings' + - $ref: '#/components/x-stackQL-resources/notifications/methods/get' + - $ref: '#/components/x-stackQL-resources/notifications/methods/list' insert: [] - update: - - $ref: '#/components/x-stackQL-resources/settings/methods/update_settings' + update: [] replace: [] delete: [] - notifications: - id: google.advisorynotifications.notifications - name: notifications - title: Notifications + settings: + id: google.advisorynotifications.settings + name: settings + title: Settings methods: - list: + update_settings: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notifications/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1settings/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.notifications - get: + get_settings: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notifications~1{notificationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1settings/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/notifications/methods/get' - - $ref: '#/components/x-stackQL-resources/notifications/methods/list' + - $ref: '#/components/x-stackQL-resources/settings/methods/get_settings' insert: [] - update: [] + update: + - $ref: '#/components/x-stackQL-resources/settings/methods/update_settings' replace: [] delete: [] paths: - /v1/organizations/{organizationsId}/locations/{locationsId}/settings: + /v1/organizations/{organizationsId}/locations/{locationsId}/notifications/{notificationsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' get: - description: Get notification settings. - operationId: advisorynotifications.organizations.locations.getSettings + description: Gets a notification. + operationId: advisorynotifications.organizations.locations.notifications.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -407,7 +407,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAdvisorynotificationsV1Settings + #/components/schemas/GoogleCloudAdvisorynotificationsV1Notification parameters: - in: path name: organizationsId @@ -419,36 +419,13 @@ paths: required: true schema: type: string - patch: - description: Update notification settings. - operationId: advisorynotifications.organizations.locations.updateSettings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1Settings' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAdvisorynotificationsV1Settings - parameters: - in: path - name: organizationsId + name: notificationsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: languageCode schema: type: string /v1/organizations/{organizationsId}/locations/{locationsId}/notifications: @@ -480,11 +457,6 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: @@ -493,15 +465,25 @@ paths: name: view schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 - in: query name: languageCode schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/notifications/{notificationsId}: + /v1/organizations/{organizationsId}/locations/{locationsId}/settings: parameters: *ref_1 - get: - description: Gets a notification. - operationId: advisorynotifications.organizations.locations.notifications.get + patch: + description: Update notification settings. + operationId: advisorynotifications.organizations.locations.updateSettings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1Settings' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -514,7 +496,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAdvisorynotificationsV1Notification + #/components/schemas/GoogleCloudAdvisorynotificationsV1Settings parameters: - in: path name: organizationsId @@ -526,20 +508,9 @@ paths: required: true schema: type: string - - in: path - name: notificationsId - required: true - schema: - type: string - - in: query - name: languageCode - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/settings: - parameters: *ref_1 get: description: Get notification settings. - operationId: advisorynotifications.projects.locations.getSettings + operationId: advisorynotifications.organizations.locations.getSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -555,7 +526,7 @@ paths: #/components/schemas/GoogleCloudAdvisorynotificationsV1Settings parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -564,14 +535,11 @@ paths: required: true schema: type: string - patch: - description: Update notification settings. - operationId: advisorynotifications.projects.locations.updateSettings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1Settings' + /v1/projects/{projectsId}/locations/{locationsId}/notifications/{notificationsId}: + parameters: *ref_1 + get: + description: Gets a notification. + operationId: advisorynotifications.projects.locations.notifications.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -584,7 +552,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAdvisorynotificationsV1Settings + #/components/schemas/GoogleCloudAdvisorynotificationsV1Notification parameters: - in: path name: projectsId @@ -596,6 +564,15 @@ paths: required: true schema: type: string + - in: path + name: notificationsId + required: true + schema: + type: string + - in: query + name: languageCode + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/notifications: parameters: *ref_1 get: @@ -631,22 +608,22 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: view schema: type: string - in: query - name: view + name: pageToken schema: type: string - in: query name: languageCode schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notifications/{notificationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/settings: parameters: *ref_1 get: - description: Gets a notification. - operationId: advisorynotifications.projects.locations.notifications.get + description: Get notification settings. + operationId: advisorynotifications.projects.locations.getSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -659,7 +636,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAdvisorynotificationsV1Notification + #/components/schemas/GoogleCloudAdvisorynotificationsV1Settings parameters: - in: path name: projectsId @@ -671,12 +648,35 @@ paths: required: true schema: type: string + patch: + description: Update notification settings. + operationId: advisorynotifications.projects.locations.updateSettings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAdvisorynotificationsV1Settings' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAdvisorynotificationsV1Settings + parameters: - in: path - name: notificationsId + name: projectsId required: true schema: type: string - - in: query - name: languageCode + - in: path + name: locationsId + required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/aiplatform.yaml b/providers/src/googleapis.com/v00.00.00000/services/aiplatform.yaml index 645cf0d4..f911fdda 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/aiplatform.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/aiplatform.yaml @@ -9,27 +9,12 @@ info: Train high-quality custom machine learning models with minimal machine learning expertise and effort. version: v1 - x-discovery-doc-revision: '20250825' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251204' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/vertex-ai/ servers: - - url: https://{ai_platform_region}-aiplatform.googleapis.com - description: Regional endpoint for Vertex AI (required for Matching Engine and similar services) - variables: - ai_platform_region: - default: us-central1 - enum: - - us-central1 - - europe-west4 - - asia-east1 - - asia-northeast1 - - us-west1 - description: | - The region where Vertex AI Matching Engine and related services are hosted. - Must be a region that supports Matching Engine. - url: https://aiplatform.googleapis.com - description: Global endpoint for general Vertex AI APIs (model registry, training, etc.) components: securitySchemes: Oauth2: @@ -54,7230 +39,6531 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleCloudLocationListLocationsResponse: - id: GoogleCloudLocationListLocationsResponse - description: The response message for Locations.ListLocations. - type: object - properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudLocationLocation' - nextPageToken: - description: The standard List next-page token. - type: string - GoogleCloudLocationLocation: - id: GoogleCloudLocationLocation - description: A resource that represents a Google Cloud location. - type: object + GoogleCloudAiplatformV1ExportFeatureValuesRequestSnapshotExport: properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + startTime: + format: google-datetime type: string - displayName: description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + Excludes Feature values with feature generation timestamp before + this timestamp. If not set, retrieve oldest values kept in Feature + Store. Timestamp, if present, must not have higher than millisecond + precision. + snapshotTime: + format: google-datetime type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleIamV1SetIamPolicyRequest: - id: GoogleIamV1SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/GoogleIamV1Policy' - GoogleIamV1Policy: - id: GoogleIamV1Policy + Exports Feature values as of this timestamp. If not set, retrieve + values as of now. Timestamp, if present, must not have higher than + millisecond precision. + id: GoogleCloudAiplatformV1ExportFeatureValuesRequestSnapshotExport description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + Describes exporting the latest Feature values of all entities of the + EntityType between [start_time, snapshot_time]. type: object + GoogleCloudAiplatformV1ToolParameterKeyMatchInput: properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: - description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. + metricSpec: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ToolParameterKeyMatchSpec + description: Required. Spec for tool parameter key match metric. + instances: type: array items: - $ref: '#/components/schemas/GoogleIamV1Binding' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte - GoogleIamV1Binding: - id: GoogleIamV1Binding - description: Associates `members`, or principals, with a `role`. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ToolParameterKeyMatchInstance + description: Required. Repeated tool parameter key match instances. + id: GoogleCloudAiplatformV1ToolParameterKeyMatchInput + description: Input for tool parameter key match metric. type: object + GoogleCloudAiplatformV1AugmentPromptRequest: + description: Request message for AugmentPrompt. + id: GoogleCloudAiplatformV1AugmentPromptRequest properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string - members: + model: + description: Optional. Metadata of the backend deployed model. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1AugmentPromptRequestModel + contents: description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array + Optional. Input content to augment, only text format is supported + for now. items: - type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/GoogleTypeExpr' - GoogleTypeExpr: - id: GoogleTypeExpr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + type: array + vertexRagStore: + $ref: '#/components/schemas/GoogleCloudAiplatformV1VertexRagStore' + description: Optional. Retrieves contexts from the Vertex RagStore. type: object + GoogleCloudAiplatformV1CreateMetadataStoreOperationMetadata: + id: GoogleCloudAiplatformV1CreateMetadataStoreOperationMetadata properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string - title: - description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. - type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: - description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - GoogleIamV1TestIamPermissionsResponse: - id: GoogleIamV1TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. + genericMetadata: + description: Operation metadata for creating a MetadataStore. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' type: object + description: Details of operations that perform MetadataService.CreateMetadataStore. + GoogleCloudAiplatformV1EvaluationRubricConfig: + id: GoogleCloudAiplatformV1EvaluationRubricConfig properties: - permissions: + predefinedRubricGenerationSpec: + description: Dynamically generate rubrics using a predefined spec. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationRunMetricPredefinedMetricSpec + rubricGenerationSpec: + description: Dynamically generate rubrics using this specification. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationRunMetricRubricGenerationSpec + rubricGroupKey: + type: string description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - GoogleLongrunningListOperationsResponse: - id: GoogleLongrunningListOperationsResponse - description: The response message for Operations.ListOperations. + Required. The key used to save the generated rubrics. If a + generation spec is provided, this key will be used for the name of + the generated rubric group. Otherwise, this key will be used to look + up the existing rubric group on the evaluation item. Note that if a + rubric group key is specified on both a rubric config and an + evaluation metric, the key from the metric will be used to select + the rubrics for evaluation. + description: Configuration for a rubric group to be generated/saved for evaluation. type: object + GoogleCloudAiplatformV1EvaluationRunMetric: + description: The metric used for evaluation runs. + type: object + id: GoogleCloudAiplatformV1EvaluationRunMetric properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/GoogleLongrunningOperation' - nextPageToken: - description: The standard List next-page token. + predefinedMetricSpec: + description: Spec for a pre-defined metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationRunMetricPredefinedMetricSpec + llmBasedMetricSpec: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationRunMetricLLMBasedMetricSpec + description: Spec for an LLM based metric. + metricConfig: + description: The metric config. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Metric' + metric: + description: Required. The name of the metric. type: string - GoogleLongrunningOperation: - id: GoogleLongrunningOperation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + rubricBasedMetricSpec: + description: Spec for rubric based metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationRunMetricRubricBasedMetricSpec + GoogleCloudAiplatformV1EvaluationInstanceInstanceData: type: object + description: Instance data used to populate placeholders in a metric prompt template. properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + contents: + description: List of Gemini content data. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceInstanceDataContents + text: type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/GoogleRpcStatus' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleRpcStatus: - id: GoogleRpcStatus - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + description: Text data. + id: GoogleCloudAiplatformV1EvaluationInstanceInstanceData + GoogleCloudAiplatformV1CandidateResult: + id: GoogleCloudAiplatformV1CandidateResult + description: Result for a single candidate. type: object properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + score: + description: Optional. The score for the metric. + type: number + format: float + additionalResults: + description: Optional. Additional results for the metric. + type: any + candidate: type: string - details: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array + Required. The candidate that is being evaluated. The value is the + same as the candidate name in the EvaluationRequest. + rubricVerdicts: items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleProtobufEmpty: - id: GoogleProtobufEmpty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - GoogleCloudAiplatformV1Dataset: - id: GoogleCloudAiplatformV1Dataset - description: A collection of DataItems and Annotations on them. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RubricVerdict' + description: Optional. The rubric verdicts for the metric. + type: array + explanation: + type: string + description: Optional. The explanation for the metric. + metric: + description: Required. The metric that was evaluated. + type: string + GoogleCloudAiplatformV1Annotation: type: object properties: - name: - description: >- - Output only. Identifier. The resource name of the Dataset. Format: - `projects/{project}/locations/{location}/datasets/{dataset}` - readOnly: true + etag: type: string - displayName: description: >- - Required. The user-defined name of the Dataset. The name can be up - to 128 characters long and can consist of any UTF-8 characters. - type: string - description: - description: The description of the Dataset. - type: string - metadataSchemaUri: + Optional. Used to perform consistent read-modify-write updates. If + not set, a blind "overwrite" update happens. + labels: + additionalProperties: + type: string description: >- - Required. Points to a YAML file stored on Google Cloud Storage - describing additional information about the Dataset. The schema is - defined as an OpenAPI 3.0.2 Schema Object. The schema files that can - be used here are found in - gs://google-cloud-aiplatform/schema/dataset/metadata/. + Optional. The labels with user-defined metadata to organize your + Annotations. Label keys and values can be no longer than 64 + characters (Unicode codepoints), can only contain lowercase letters, + numeric characters, underscores and dashes. International characters + are allowed. No more than 64 user labels can be associated with one + Annotation(System labels are excluded). See https://goo.gl/xmQnxf + for more information and examples of labels. System reserved label + keys are prefixed with "aiplatform.googleapis.com/" and are + immutable. Following system labels exist for each Annotation: * + "aiplatform.googleapis.com/annotation_set_name": optional, name of + the UI's annotation set this Annotation belongs to. If not set, the + Annotation is not visible in the UI. * + "aiplatform.googleapis.com/payload_schema": output only, its value + is the payload_schema's title. + type: object + name: type: string - metadata: - description: Required. Additional information about the Dataset. - type: any - dataItemCount: - description: >- - Output only. The number of DataItems in this Dataset. Only apply for - non-structured Dataset. + description: Output only. Resource name of the Annotation. readOnly: true - type: string - format: int64 createTime: - description: Output only. Timestamp when this Dataset was created. readOnly: true type: string format: google-datetime + description: Output only. Timestamp when this Annotation was created. updateTime: - description: Output only. Timestamp when this Dataset was last updated. - readOnly: true - type: string format: google-datetime - etag: - description: >- - Used to perform consistent read-modify-write updates. If not set, a - blind "overwrite" update happens. + readOnly: true type: string - labels: - description: >- - The labels with user-defined metadata to organize your Datasets. - Label keys and values can be no longer than 64 characters (Unicode - codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. No - more than 64 user labels can be associated with one Dataset (System - labels are excluded). See https://goo.gl/xmQnxf for more information - and examples of labels. System reserved label keys are prefixed with - "aiplatform.googleapis.com/" and are immutable. Following system - labels exist for each Dataset: * - "aiplatform.googleapis.com/dataset_metadata_schema": output only, - its value is the metadata_schema's title. - type: object - additionalProperties: - type: string - savedQueries: - description: >- - All SavedQueries belong to the Dataset will be returned in List/Get - Dataset response. The annotation_specs field will not be populated - except for UI cases which will only use annotation_spec_count. In - CreateDataset request, a SavedQuery is created together if this - field is set, up to one SavedQuery can be set in - CreateDatasetRequest. The SavedQuery should not contain any - AnnotationSpec. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1SavedQuery' - encryptionSpec: - description: >- - Customer-managed encryption key spec for a Dataset. If set, this - Dataset and all sub-resources of this Dataset will be secured by - this key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - metadataArtifact: - description: >- - Output only. The resource name of the Artifact that was created in - MetadataStore when creating the Dataset. The Artifact resource name - pattern is - `projects/{project}/locations/{location}/metadataStores/{metadata_store}/artifacts/{artifact}`. + description: Output only. Timestamp when this Annotation was last updated. + annotationSource: readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1UserActionReference' + description: Output only. The source of the Annotation. + payloadSchemaUri: type: string - modelReference: description: >- - Optional. Reference to the public base model last used by the - dataset. Only set for prompt datasets. - type: string - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - GoogleCloudAiplatformV1SavedQuery: - id: GoogleCloudAiplatformV1SavedQuery + Required. Google Cloud Storage URI points to a YAML file describing + payload. The schema is defined as an [OpenAPI 3.0.2 Schema + Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). + The schema files that can be used here are found in + gs://google-cloud-aiplatform/schema/dataset/annotation/, note that + the chosen schema must be consistent with the parent Dataset's + metadata. + payload: + description: Required. The schema of the payload can be found in payload_schema. + type: any description: >- - A SavedQuery is a view of the dataset. It references a subset of - annotations by problem type and filters. + Used to assign specific AnnotationSpec to a particular area of a + DataItem or the whole part of the DataItem. + id: GoogleCloudAiplatformV1Annotation + GoogleCloudAiplatformV1SafetyRating: + description: >- + A safety rating for a piece of content. The safety rating contains the + harm category and the harm probability level. + id: GoogleCloudAiplatformV1SafetyRating type: object properties: - name: - description: Output only. Resource name of the SavedQuery. + category: readOnly: true + enumDeprecated: + - false + - false + - false + - false + - false + - true + - false + - false + - false + - false + - false type: string - displayName: + description: Output only. The harm category of this rating. + enumDescriptions: + - Default value. This value is unused. + - >- + Content that promotes violence or incites hatred against + individuals or groups based on certain attributes. + - >- + Content that promotes, facilitates, or enables dangerous + activities. + - >- + Abusive, threatening, or content intended to bully, torment, or + ridicule. + - Content that contains sexually explicit material. + - >- + Deprecated: Election filter is not longer supported. The harm + category is civic integrity. + - Images that contain hate speech. + - Images that contain dangerous content. + - Images that contain harassment. + - Images that contain sexually explicit content. + - Prompts designed to bypass safety filters. + enum: + - HARM_CATEGORY_UNSPECIFIED + - HARM_CATEGORY_HATE_SPEECH + - HARM_CATEGORY_DANGEROUS_CONTENT + - HARM_CATEGORY_HARASSMENT + - HARM_CATEGORY_SEXUALLY_EXPLICIT + - HARM_CATEGORY_CIVIC_INTEGRITY + - HARM_CATEGORY_IMAGE_HATE + - HARM_CATEGORY_IMAGE_DANGEROUS_CONTENT + - HARM_CATEGORY_IMAGE_HARASSMENT + - HARM_CATEGORY_IMAGE_SEXUALLY_EXPLICIT + - HARM_CATEGORY_JAILBREAK + severityScore: + description: Output only. The severity score of harm for this category. + format: float + readOnly: true + type: number + overwrittenThreshold: + enumDescriptions: + - The harm block threshold is unspecified. + - Block content with a low harm probability or higher. + - Block content with a medium harm probability or higher. + - Block content with a high harm probability. + - Do not block any content, regardless of its harm probability. + - Turn off the safety filter entirely. + readOnly: true description: >- - Required. The user-defined name of the SavedQuery. The name can be - up to 128 characters long and can consist of any UTF-8 characters. + Output only. The overwritten threshold for the safety category of + Gemini 2.0 image out. If minors are detected in the output image, + the threshold of each safety category will be overwritten if user + sets a lower threshold. type: string - metadata: - description: Some additional information about the SavedQuery. - type: any - createTime: - description: Output only. Timestamp when this SavedQuery was created. + enum: + - HARM_BLOCK_THRESHOLD_UNSPECIFIED + - BLOCK_LOW_AND_ABOVE + - BLOCK_MEDIUM_AND_ABOVE + - BLOCK_ONLY_HIGH + - BLOCK_NONE + - 'OFF' + blocked: readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when SavedQuery was last updated. + description: >- + Output only. Indicates whether the content was blocked because of + this rating. + type: boolean + probabilityScore: + description: Output only. The probability score of harm for this category. + format: float + type: number + readOnly: true + severity: + enumDescriptions: + - The harm severity is unspecified. + - The harm severity is negligible. + - The harm severity is low. + - The harm severity is medium. + - The harm severity is high. readOnly: true type: string - format: google-datetime - annotationFilter: - description: Output only. Filters on the Annotations in the dataset. + description: Output only. The severity of harm for this category. + enum: + - HARM_SEVERITY_UNSPECIFIED + - HARM_SEVERITY_NEGLIGIBLE + - HARM_SEVERITY_LOW + - HARM_SEVERITY_MEDIUM + - HARM_SEVERITY_HIGH + probability: + enum: + - HARM_PROBABILITY_UNSPECIFIED + - NEGLIGIBLE + - LOW + - MEDIUM + - HIGH readOnly: true type: string - problemType: + description: Output only. The probability of harm for this category. + enumDescriptions: + - The harm probability is unspecified. + - The harm probability is negligible. + - The harm probability is low. + - The harm probability is medium. + - The harm probability is high. + GoogleIamV1SetIamPolicyRequest: + properties: + policy: + $ref: '#/components/schemas/GoogleIamV1Policy' description: >- - Required. Problem type of the SavedQuery. Allowed values: * - IMAGE_CLASSIFICATION_SINGLE_LABEL * IMAGE_CLASSIFICATION_MULTI_LABEL - * IMAGE_BOUNDING_POLY * IMAGE_BOUNDING_BOX * - TEXT_CLASSIFICATION_SINGLE_LABEL * TEXT_CLASSIFICATION_MULTI_LABEL * - TEXT_EXTRACTION * TEXT_SENTIMENT * VIDEO_CLASSIFICATION * - VIDEO_OBJECT_TRACKING + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + description: Request message for `SetIamPolicy` method. + id: GoogleIamV1SetIamPolicyRequest + type: object + GoogleCloudAiplatformV1InvokeRequest: + id: GoogleCloudAiplatformV1InvokeRequest + properties: + httpBody: + $ref: '#/components/schemas/GoogleApiHttpBody' + description: >- + The invoke method input. Supports HTTP headers and arbitrary data + payload. + deployedModelId: type: string - annotationSpecCount: + description: ID of the DeployedModel that serves the invoke request. + type: object + description: Request message for PredictionService.Invoke. + GoogleCloudAiplatformV1StudySpecStudyStoppingConfig: + properties: + maxDurationNoProgress: description: >- - Output only. Number of AnnotationSpecs in the context of the - SavedQuery. - readOnly: true + If the objective value has not improved for this much time, stop the + study. WARNING: Effective only for single-objective studies. + type: string + format: google-duration + maximumRuntimeConstraint: + description: If the specified time or duration has passed, stop the study. + $ref: '#/components/schemas/GoogleCloudAiplatformV1StudyTimeConstraint' + maxNumTrialsNoProgress: type: integer format: int32 - etag: description: >- - Used to perform a consistent read-modify-write update. If not set, a - blind "overwrite" update happens. - type: string - supportAutomlTraining: + If the objective value has not improved for this many consecutive + trials, stop the study. WARNING: Effective only for single-objective + studies. + minNumTrials: + format: int32 description: >- - Output only. If the Annotations belonging to the SavedQuery can be - used for AutoML training. - readOnly: true + If there are fewer than this many COMPLETED trials, do not stop the + study. + type: integer + shouldStopAsap: + description: >- + If true, a Study enters STOPPING_ASAP whenever it would normally + enters STOPPING state. The bottom line is: set to true if you want + to interrupt on-going evaluations of Trials as soon as the study + stopping condition is met. (Please see Study.State documentation for + the source of truth). type: boolean - GoogleCloudAiplatformV1EncryptionSpec: - id: GoogleCloudAiplatformV1EncryptionSpec + minimumRuntimeConstraint: + $ref: '#/components/schemas/GoogleCloudAiplatformV1StudyTimeConstraint' + description: >- + Each "stopping rule" in this proto specifies an "if" condition. + Before Vizier would generate a new suggestion, it first checks each + specified stopping rule, from top to bottom in this list. Note that + the first few rules (e.g. minimum_runtime_constraint, + min_num_trials) will prevent other stopping rules from being + evaluated until they are met. For example, setting + `min_num_trials=5` and `always_stop_after= 1 hour` means that the + Study will ONLY stop after it has 5 COMPLETED trials, even if more + than an hour has passed since its creation. It follows the first + applicable rule (whose "if" condition is satisfied) to make a + stopping decision. If none of the specified rules are applicable, + then Vizier decides that the study should not stop. If Vizier + decides that the study should stop, the study enters STOPPING state + (or STOPPING_ASAP if should_stop_asap = true). IMPORTANT: The + automatic study state transition happens precisely as described + above; that is, deleting trials or updating StudyConfig NEVER + automatically moves the study state back to ACTIVE. If you want to + _resume_ a Study that was stopped, 1) change the stopping conditions + if necessary, 2) activate the study, and then 3) ask for + suggestions. If the specified time or duration has not passed, do + not stop the study. + maxNumTrials: + format: int32 + description: If there are more than this many trials, stop the study. + type: integer + id: GoogleCloudAiplatformV1StudySpecStudyStoppingConfig description: >- - Represents a customer-managed encryption key spec that can be applied to - a top-level resource. + The configuration (stopping conditions) for automated stopping of a + Study. Conditions include trial budgets, time budgets, and convergence + detection. type: object + GoogleCloudAiplatformV1MigratableResourceMlEngineModelVersion: properties: - kmsKeyName: + endpoint: + type: string description: >- - Required. The Cloud KMS resource identifier of the customer managed - encryption key used to protect a resource. Has the form: - `projects/my-project/locations/my-region/keyRings/my-kr/cryptoKeys/my-key`. - The key needs to be in the same region as where the compute resource - is created. + The ml.googleapis.com endpoint that this model Version currently + lives in. Example values: * ml.googleapis.com * + us-centrall-ml.googleapis.com * europe-west4-ml.googleapis.com * + asia-east1-ml.googleapis.com + version: type: string - GoogleCloudAiplatformV1ListDatasetsResponse: - id: GoogleCloudAiplatformV1ListDatasetsResponse - description: Response message for DatasetService.ListDatasets. + description: >- + Full resource name of ml engine model Version. Format: + `projects/{project}/models/{model}/versions/{version}`. + id: GoogleCloudAiplatformV1MigratableResourceMlEngineModelVersion type: object - properties: - datasets: - description: A list of Datasets that matches the specified filter in the request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Dataset' - nextPageToken: - description: The standard List next-page token. - type: string - GoogleCloudAiplatformV1ImportDataRequest: - id: GoogleCloudAiplatformV1ImportDataRequest - description: Request message for DatasetService.ImportData. + description: Represents one model Version in ml.googleapis.com. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageObjectDetectionInputs: + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageObjectDetectionInputs type: object properties: - importConfigs: + tunableParameter: + description: Trainer type for Vision TrainRequest. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutomlImageTrainingTunableParameter + disableEarlyStopping: description: >- - Required. The desired input locations. The contents of all input - locations will be imported in one batch. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ImportDataConfig' - GoogleCloudAiplatformV1ImportDataConfig: - id: GoogleCloudAiplatformV1ImportDataConfig + Use the entire training budget. This disables the early stopping + feature. When false the early stopping feature is enabled, which + means that AutoML Image Object Detection might stop training before + the entire training budget has been used. + type: boolean + uptrainBaseModelId: + description: >- + The ID of `base` model for upTraining. If it is specified, the new + model will be upTrained based on the `base` model for upTraining. + Otherwise, the new model will be trained from scratch. The `base` + model for upTraining must be in the same Project and Location as the + new Model to train, and have the same modelType. + type: string + budgetMilliNodeHours: + description: >- + The training budget of creating this model, expressed in milli node + hours i.e. 1,000 value in this field means 1 node hour. The actual + metadata.costMilliNodeHours will be equal or less than this value. + If further model training ceases to provide any improvements, it + will stop without using the full budget and the + metadata.successfulStopReason will be `model-converged`. Note, + node_hour = actual_hour * number_of_nodes_involved. For modelType + `cloud`(default), the budget must be between 20,000 and 900,000 + milli node hours, inclusive. The default value is 216,000 which + represents one day in wall time, considering 9 nodes are used. For + model types `mobile-tf-low-latency-1`, `mobile-tf-versatile-1`, + `mobile-tf-high-accuracy-1` the training budget must be between + 1,000 and 100,000 milli node hours, inclusive. The default value is + 24,000 which represents one day in wall time on a single node that + is used. + format: int64 + type: string + modelType: + type: string + enum: + - MODEL_TYPE_UNSPECIFIED + - CLOUD_HIGH_ACCURACY_1 + - CLOUD_LOW_LATENCY_1 + - CLOUD_1 + - MOBILE_TF_LOW_LATENCY_1 + - MOBILE_TF_VERSATILE_1 + - MOBILE_TF_HIGH_ACCURACY_1 + - CLOUD_STREAMING_1 + - SPINENET + - YOLO + enumDescriptions: + - Should not be set. + - >- + A model best tailored to be used within Google Cloud, and which + cannot be exported. Expected to have a higher latency, but should + also have a higher prediction quality than other cloud models. + - >- + A model best tailored to be used within Google Cloud, and which + cannot be exported. Expected to have a low latency, but may have + lower prediction quality than other cloud models. + - >- + A model best tailored to be used within Google Cloud, and which + cannot be exported. Compared to the CLOUD_HIGH_ACCURACY_1 and + CLOUD_LOW_LATENCY_1 models above, it is expected to have higher + prediction quality and lower latency. + - >- + A model that, in addition to being available within Google Cloud + can also be exported (see ModelService.ExportModel) and used on a + mobile or edge device with TensorFlow afterwards. Expected to have + low latency, but may have lower prediction quality than other + mobile models. + - >- + A model that, in addition to being available within Google Cloud + can also be exported (see ModelService.ExportModel) and used on a + mobile or edge device with TensorFlow afterwards. + - >- + A model that, in addition to being available within Google Cloud, + can also be exported (see ModelService.ExportModel) and used on a + mobile or edge device with TensorFlow afterwards. Expected to have + a higher latency, but should also have a higher prediction quality + than other mobile models. + - >- + A model best tailored to be used within Google Cloud, and which + cannot be exported. Expected to best support predictions in + streaming with lower latency and lower prediction quality than + other cloud models. + - >- + SpineNet for Model Garden training with customizable + hyperparameters. Best tailored to be used within Google Cloud, and + cannot be exported externally. + - >- + YOLO for Model Garden training with customizable hyperparameters. + Best tailored to be used within Google Cloud, and cannot be + exported externally. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationNumericArrayTransformation: + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationNumericArrayTransformation description: >- - Describes the location from where we import data into a Dataset, - together with the labels that will be applied to the DataItems and the - Annotations. + Treats the column as numerical array and performs following + transformation functions. * All transformations for Numerical types + applied to the average of the all elements. * The average of empty + arrays is treated as zero. + properties: + columnName: + type: string + invalidValuesAllowed: + description: >- + If invalid values is allowed, the training pipeline will create a + boolean feature that indicated whether the value is valid. + Otherwise, the training pipeline will discard the input row from + trainining data. + type: boolean + type: object + GoogleCloudAiplatformV1RetrieveMemoriesRequestSimpleRetrievalParams: type: object + id: GoogleCloudAiplatformV1RetrieveMemoriesRequestSimpleRetrievalParams + description: Parameters for simple (non-similarity search) retrieval. properties: - gcsSource: - description: The Google Cloud Storage location for the input content. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' - dataItemLabels: + pageSize: description: >- - Labels that will be applied to newly imported DataItems. If an - identical DataItem as one being imported already exists in the - Dataset, then these labels will be appended to these of the already - existing one, and if labels with identical key is imported before, - the old label value will be overwritten. If two DataItems are - identical in the same import data operation, the labels will be - combined and if key collision happens in this case, one of the - values will be picked randomly. Two DataItems are considered - identical if their content bytes are identical (e.g. image bytes or - pdf bytes). These labels will be overridden by Annotation labels - specified inside index file referenced by import_schema_uri, e.g. - jsonl file. - type: object - additionalProperties: - type: string - annotationLabels: + Optional. The maximum number of memories to return. The service may + return fewer than this value. If unspecified, at most 3 memories + will be returned. The maximum value is 100; values above 100 will be + coerced to 100. + type: integer + format: int32 + pageToken: + type: string description: >- - Labels that will be applied to newly imported Annotations. If two - Annotations are identical, one of them will be deduped. Two - Annotations are considered identical if their payload, - payload_schema_uri and all of their labels are the same. These - labels will be overridden by Annotation labels specified inside - index file referenced by import_schema_uri, e.g. jsonl file. - type: object - additionalProperties: - type: string - importSchemaUri: + Optional. A page token, received from a previous `RetrieveMemories` + call. Provide this to retrieve the subsequent page. + GoogleCloudAiplatformV1RagVectorDbConfigVertexVectorSearch: + description: The config for the Vertex Vector Search. + properties: + index: + type: string description: >- - Required. Points to a YAML file stored on Google Cloud Storage - describing the import format. Validation will be done against the - schema. The schema is defined as an [OpenAPI 3.0.2 Schema - Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). + The resource name of the Index. Format: + `projects/{project}/locations/{location}/indexes/{index}` + indexEndpoint: + description: >- + The resource name of the Index Endpoint. Format: + `projects/{project}/locations/{location}/indexEndpoints/{index_endpoint}` type: string - GoogleCloudAiplatformV1GcsSource: - id: GoogleCloudAiplatformV1GcsSource - description: The Google Cloud Storage location for the input content. type: object + id: GoogleCloudAiplatformV1RagVectorDbConfigVertexVectorSearch + GoogleCloudAiplatformV1ExplainResponse: properties: - uris: - description: >- - Required. Google Cloud Storage URI(-s) to the input file(s). May - contain wildcards. For more information on wildcards, see - https://cloud.google.com/storage/docs/wildcards. + predictions: type: array items: - type: string - GoogleCloudAiplatformV1ExportDataRequest: - id: GoogleCloudAiplatformV1ExportDataRequest - description: Request message for DatasetService.ExportData. + type: any + description: >- + The predictions that are the output of the predictions call. Same as + PredictResponse.predictions. + deployedModelId: + type: string + description: ID of the Endpoint's DeployedModel that served this explanation. + explanations: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Explanation' + description: >- + The explanations of the Model's PredictResponse.predictions. It has + the same number of elements as instances to be explained. + type: array + id: GoogleCloudAiplatformV1ExplainResponse type: object - properties: - exportConfig: - description: Required. The desired output location. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExportDataConfig' - GoogleCloudAiplatformV1ExportDataConfig: - id: GoogleCloudAiplatformV1ExportDataConfig + description: Response message for PredictionService.Explain. + GoogleCloudAiplatformV1EvaluationPromptPromptTemplateData: description: >- - Describes what part of the Dataset is to be exported, the destination of - the export and how to export. - type: object + Message to hold a prompt template and the values to populate the + template. properties: - gcsDestination: - description: >- - The Google Cloud Storage location where the output is to be written - to. In the given directory a new directory will be created with - name: `export-data--` where timestamp is in YYYY-MM-DDThh:mm:ss.sssZ - ISO-8601 format. All export output will be written into that - directory. Inside that directory, annotations with the same schema - will be grouped into sub directories which are named with the - corresponding annotations' schema title. Inside these sub - directories, a schema.yaml will be created to describe the output - format. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' - fractionSplit: - description: Split based on fractions defining the size of each set. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExportFractionSplit' - filterSplit: - description: Split based on the provided filters for each set. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExportFilterSplit' - annotationsFilter: - description: >- - An expression for filtering what part of the Dataset is to be - exported. Only Annotations that match this filter will be exported. - The filter syntax is the same as in ListAnnotations. - type: string - savedQueryId: - description: >- - The ID of a SavedQuery (annotation set) under the Dataset specified - by ExportDataRequest.name used for filtering Annotations for - training. Only used for custom training data export use cases. Only - applicable to Datasets that have SavedQueries. Only Annotations that - are associated with this SavedQuery are used in respectively - training. When used in conjunction with annotations_filter, the - Annotations used for training are filtered by both saved_query_id - and annotations_filter. Only one of saved_query_id and - annotation_schema_uri should be specified as both of them represent - the same thing: problem type. - type: string - annotationSchemaUri: - description: >- - The Cloud Storage URI that points to a YAML file describing the - annotation schema. The schema is defined as an OpenAPI 3.0.2 [Schema - Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). - The schema files that can be used here are found in - gs://google-cloud-aiplatform/schema/dataset/annotation/, note that - the chosen schema must be consistent with metadata of the Dataset - specified by ExportDataRequest.name. Only used for custom training - data export use cases. Only applicable to Datasets that have - DataItems and Annotations. Only Annotations that both match this - schema and belong to DataItems not ignored by the split method are - used in respectively training, validation or test role, depending on - the role of the DataItem they are on. When used in conjunction with - annotations_filter, the Annotations used for training are filtered - by both annotations_filter and annotation_schema_uri. - type: string - exportUse: - description: Indicates the usage of the exported files. - type: string - enumDescriptions: - - Regular user export. - - Export for custom code training. - enum: - - EXPORT_USE_UNSPECIFIED - - CUSTOM_CODE_TRAINING - GoogleCloudAiplatformV1GcsDestination: - id: GoogleCloudAiplatformV1GcsDestination - description: The Google Cloud Storage location where the output is to be written to. + values: + additionalProperties: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + type: object + description: The values for fields in the prompt template. type: object + id: GoogleCloudAiplatformV1EvaluationPromptPromptTemplateData + GoogleCloudAiplatformV1BleuSpec: properties: - outputUriPrefix: - description: >- - Required. Google Cloud Storage URI to output directory. If the uri - doesn't end with '/', a '/' will be automatically appended. The - directory is created if it doesn't exist. - type: string - GoogleCloudAiplatformV1ExportFractionSplit: - id: GoogleCloudAiplatformV1ExportFractionSplit + useEffectiveOrder: + type: boolean + description: Optional. Whether to use_effective_order to compute bleu score. description: >- - Assigns the input data to training, validation, and test sets as per the - given fractions. Any of `training_fraction`, `validation_fraction` and - `test_fraction` may optionally be provided, they must sum to up to 1. If - the provided ones sum to less than 1, the remainder is assigned to sets - as decided by Vertex AI. If none of the fractions are set, by default - roughly 80% of data is used for training, 10% for validation, and 10% - for test. + Spec for bleu score metric - calculates the precision of n-grams in the + prediction as compared to reference - returns a score ranging between 0 + to 1. + id: GoogleCloudAiplatformV1BleuSpec + type: object + GoogleCloudAiplatformV1ToolParameterKeyMatchSpec: + properties: {} + id: GoogleCloudAiplatformV1ToolParameterKeyMatchSpec type: object + description: Spec for tool parameter key match metric. + GoogleCloudAiplatformV1ResourcePoolAutoscalingSpec: properties: - trainingFraction: - description: >- - The fraction of the input data that is to be used to train the - Model. - type: number - format: double - validationFraction: + maxReplicaCount: description: >- - The fraction of the input data that is to be used to validate the - Model. - type: number - format: double - testFraction: + Optional. max replicas in the node pool, must be ≥ replica_count and + > min_replica_count or will throw error + format: int64 + type: string + minReplicaCount: + type: string + format: int64 description: >- - The fraction of the input data that is to be used to evaluate the - Model. - type: number - format: double - GoogleCloudAiplatformV1ExportFilterSplit: - id: GoogleCloudAiplatformV1ExportFilterSplit - description: >- - Assigns input data to training, validation, and test sets based on the - given filters, data pieces not matched by any filter are ignored. - Currently only supported for Datasets containing DataItems. If any of - the filters in this message are to match nothing, then they can be set - as '-' (the minus sign). Supported only for unstructured Datasets. + Optional. min replicas in the node pool, must be ≤ replica_count and + < max_replica_count or will throw error. For autoscaling enabled + Ray-on-Vertex, we allow min_replica_count of a resource_pool to be 0 + to match the OSS Ray + behavior(https://docs.ray.io/en/latest/cluster/vms/user-guides/configuring-autoscaling.html#cluster-config-parameters). + As for Persistent Resource, the min_replica_count must be > 0, we + added a corresponding validation inside + CreatePersistentResourceRequestValidator.java. + description: The min/max number of replicas allowed if enabling autoscaling + id: GoogleCloudAiplatformV1ResourcePoolAutoscalingSpec + type: object + GoogleCloudAiplatformV1WriteFeatureValuesPayload: type: object + description: Contains Feature values to be written for a specific entity. + id: GoogleCloudAiplatformV1WriteFeatureValuesPayload properties: - trainingFilter: + entityId: + type: string + description: Required. The ID of the entity. + featureValues: + additionalProperties: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValue' + type: object description: >- - Required. A filter on DataItems of the Dataset. DataItems that match - this filter are used to train the Model. A filter with same syntax - as the one used in DatasetService.ListDataItems may be used. If a - single DataItem is matched by more than one of the FilterSplit - filters, then it is assigned to the first set that applies to it in - the training, validation, test order. + Required. Feature values to be written, mapping from Feature ID to + value. Up to 100,000 `feature_values` entries may be written across + all payloads. The feature generation time, aligned by days, must be + no older than five years (1825 days) and no later than one year (366 + days) in the future. + GoogleCloudAiplatformV1SchemaPredictPredictionVideoObjectTrackingPredictionResult: + properties: + timeSegmentStart: type: string - validationFilter: + format: google-duration description: >- - Required. A filter on DataItems of the Dataset. DataItems that match - this filter are used to validate the Model. A filter with same - syntax as the one used in DatasetService.ListDataItems may be used. - If a single DataItem is matched by more than one of the FilterSplit - filters, then it is assigned to the first set that applies to it in - the training, validation, test order. + The beginning, inclusive, of the video's time segment in which the + object instance has been detected. Expressed as a number of seconds + as measured from the start of the video, with fractions up to a + microsecond precision, and with "s" appended at the end. + displayName: type: string - testFilter: + description: The display name of the AnnotationSpec that had been identified. + id: + description: The resource ID of the AnnotationSpec that had been identified. + type: string + frames: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPredictPredictionVideoObjectTrackingPredictionResultFrame + type: array description: >- - Required. A filter on DataItems of the Dataset. DataItems that match - this filter are used to test the Model. A filter with same syntax as - the one used in DatasetService.ListDataItems may be used. If a - single DataItem is matched by more than one of the FilterSplit - filters, then it is assigned to the first set that applies to it in - the training, validation, test order. + All of the frames of the video in which a single object instance has + been detected. The bounding boxes in the frames identify the same + object. + timeSegmentEnd: + description: >- + The end, inclusive, of the video's time segment in which the object + instance has been detected. Expressed as a number of seconds as + measured from the start of the video, with fractions up to a + microsecond precision, and with "s" appended at the end. + format: google-duration type: string - GoogleCloudAiplatformV1DatasetVersion: - id: GoogleCloudAiplatformV1DatasetVersion - description: Describes the dataset version. + confidence: + format: float + type: number + description: >- + The Model's confidence in correction of this prediction, higher + value means higher confidence. + id: >- + GoogleCloudAiplatformV1SchemaPredictPredictionVideoObjectTrackingPredictionResult + type: object + description: Prediction output format for Video Object Tracking. + GoogleCloudAiplatformV1ProbeHttpHeader: + description: HttpHeader describes a custom header to be used in HTTP probes + id: GoogleCloudAiplatformV1ProbeHttpHeader type: object properties: name: description: >- - Output only. Identifier. The resource name of the DatasetVersion. - Format: - `projects/{project}/locations/{location}/datasets/{dataset}/datasetVersions/{dataset_version}` - readOnly: true + The header field name. This will be canonicalized upon output, so + case-variant names will be understood as the same header. type: string - createTime: - description: Output only. Timestamp when this DatasetVersion was created. - readOnly: true + value: + description: The header field value type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when this DatasetVersion was last updated. + GoogleCloudAiplatformV1TrajectoryAnyOrderMatchMetricValue: + description: TrajectoryAnyOrderMatch metric value for an instance. + type: object + properties: + score: + description: Output only. TrajectoryAnyOrderMatch score. + format: float + type: number readOnly: true - type: string - format: google-datetime - etag: + id: GoogleCloudAiplatformV1TrajectoryAnyOrderMatchMetricValue + GoogleCloudAiplatformV1UpdateFeatureOperationMetadata: + properties: + genericMetadata: + description: Operation metadata for Feature Update. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + type: object + description: Details of operations that perform update Feature. + id: GoogleCloudAiplatformV1UpdateFeatureOperationMetadata + GoogleCloudAiplatformV1FluencySpec: + properties: + version: + format: int32 + description: Optional. Which version to use for evaluation. + type: integer + id: GoogleCloudAiplatformV1FluencySpec + description: Spec for fluency score metric. + type: object + GoogleCloudAiplatformV1Probe: + description: >- + Probe describes a health check to be performed against a container to + determine whether it is alive or ready to receive traffic. + properties: + successThreshold: description: >- - Used to perform consistent read-modify-write updates. If not set, a - blind "overwrite" update happens. - type: string - bigQueryDatasetName: - description: Output only. Name of the associated BigQuery dataset. - readOnly: true - type: string - displayName: + Number of consecutive successes before the probe is considered + successful. Defaults to 1. Minimum value is 1. Maps to Kubernetes + probe argument 'successThreshold'. + format: int32 + type: integer + initialDelaySeconds: description: >- - The user-defined name of the DatasetVersion. The name can be up to - 128 characters long and can consist of any UTF-8 characters. - type: string - metadata: + Number of seconds to wait before starting the probe. Defaults to 0. + Minimum value is 0. Maps to Kubernetes probe argument + 'initialDelaySeconds'. + format: int32 + type: integer + httpGet: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ProbeHttpGetAction' description: >- - Required. Output only. Additional information about the - DatasetVersion. - readOnly: true - type: any - modelReference: + HttpGetAction probes the health of a container by sending an HTTP + GET request. + periodSeconds: + type: integer + format: int32 description: >- - Output only. Reference to the public base model last used by the - dataset version. Only set for prompt dataset versions. - readOnly: true - type: string - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - GoogleCloudAiplatformV1ListDatasetVersionsResponse: - id: GoogleCloudAiplatformV1ListDatasetVersionsResponse - description: Response message for DatasetService.ListDatasetVersions. - type: object - properties: - datasetVersions: + How often (in seconds) to perform the probe. Default to 10 seconds. + Minimum value is 1. Must be less than timeout_seconds. Maps to + Kubernetes probe argument 'periodSeconds'. + grpc: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ProbeGrpcAction' description: >- - A list of DatasetVersions that matches the specified filter in the + GrpcAction probes the health of a container by sending a gRPC request. - type: array + tcpSocket: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ProbeTcpSocketAction' + description: >- + TcpSocketAction probes the health of a container by opening a TCP + socket connection. + exec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ProbeExecAction' + description: ExecAction probes the health of a container by executing a command. + failureThreshold: + format: int32 + type: integer + description: >- + Number of consecutive failures before the probe is considered + failed. Defaults to 3. Minimum value is 1. Maps to Kubernetes probe + argument 'failureThreshold'. + timeoutSeconds: + format: int32 + description: >- + Number of seconds after which the probe times out. Defaults to 1 + second. Minimum value is 1. Must be greater or equal to + period_seconds. Maps to Kubernetes probe argument 'timeoutSeconds'. + type: integer + type: object + id: GoogleCloudAiplatformV1Probe + GoogleCloudAiplatformV1ListReasoningEnginesResponse: + id: GoogleCloudAiplatformV1ListReasoningEnginesResponse + description: Response message for ReasoningEngineService.ListReasoningEngines + properties: + reasoningEngines: items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetVersion' + $ref: '#/components/schemas/GoogleCloudAiplatformV1ReasoningEngine' + description: List of ReasoningEngines in the requested page. + type: array nextPageToken: - description: The standard List next-page token. type: string - GoogleCloudAiplatformV1ListDataItemsResponse: - id: GoogleCloudAiplatformV1ListDataItemsResponse - description: Response message for DatasetService.ListDataItems. + description: >- + A token to retrieve the next page of results. Pass to + ListReasoningEnginesRequest.page_token to obtain that page. + type: object + GoogleCloudAiplatformV1ModelBaseModelSource: type: object + id: GoogleCloudAiplatformV1ModelBaseModelSource + description: >- + User input field to specify the base model source. Currently it only + supports specifing the Model Garden models and Genie models. properties: - dataItems: + genieSource: + description: Information about the base model of Genie models. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenieSource' + modelGardenSource: + description: Source information of Model Garden models. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelGardenSource' + GoogleCloudAiplatformV1ListSpecialistPoolsResponse: + type: object + description: Response message for SpecialistPoolService.ListSpecialistPools. + properties: + specialistPools: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SpecialistPool' + type: array description: >- - A list of DataItems that matches the specified filter in the + A list of SpecialistPools that matches the specified filter in the request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DataItem' nextPageToken: - description: The standard List next-page token. type: string - GoogleCloudAiplatformV1DataItem: - id: GoogleCloudAiplatformV1DataItem - description: >- - A piece of data in a Dataset. Could be an image, a video, a document or - plain text. - type: object + description: The standard List next-page token. + id: GoogleCloudAiplatformV1ListSpecialistPoolsResponse + GoogleCloudAiplatformV1RagContextsContext: + id: GoogleCloudAiplatformV1RagContextsContext properties: - name: - description: Output only. The resource name of the DataItem. - readOnly: true + sourceUri: type: string - createTime: - description: Output only. Timestamp when this DataItem was created. - readOnly: true + description: >- + If the file is imported from Cloud Storage or Google Drive, + source_uri will be original file URI in Cloud Storage or Google + Drive; if file is uploaded, source_uri will be file display name. + chunk: + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagChunk' + description: Context of the retrieved chunk. + sourceDisplayName: + description: The file display name. type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when this DataItem was last updated. - readOnly: true + text: + description: The text chunk. type: string - format: google-datetime - labels: - description: >- - Optional. The labels with user-defined metadata to organize your - DataItems. Label keys and values can be no longer than 64 characters - (Unicode codepoints), can only contain lowercase letters, numeric - characters, underscores and dashes. International characters are - allowed. No more than 64 user labels can be associated with one - DataItem(System labels are excluded). See https://goo.gl/xmQnxf for - more information and examples of labels. System reserved label keys - are prefixed with "aiplatform.googleapis.com/" and are immutable. - type: object - additionalProperties: - type: string - payload: - description: >- - Required. The data that the DataItem represents (for example, an - image or a text snippet). The schema of the payload is stored in the - parent Dataset's metadata schema's dataItemSchemaUri field. - type: any - etag: + score: + format: double description: >- - Optional. Used to perform consistent read-modify-write updates. If - not set, a blind "overwrite" update happens. - type: string - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - GoogleCloudAiplatformV1SearchDataItemsResponse: - id: GoogleCloudAiplatformV1SearchDataItemsResponse - description: Response message for DatasetService.SearchDataItems. + According to the underlying Vector DB and the selected metric type, + the score can be either the distance or the similarity between the + query and the context and its range depends on the metric type. For + example, if the metric type is COSINE_DISTANCE, it represents the + distance between the query and the context. The larger the distance, + the less relevant the context is to the query. The range is [0, 2], + while 0 means the most relevant and 2 means the least relevant. + type: number + description: A context of the query. type: object + GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationPolylineAnnotation: + description: Represents a polyline in image. + id: >- + GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationPolylineAnnotation properties: - dataItemViews: - description: The DataItemViews read. + vertexes: type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DataItemView' - nextPageToken: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SchemaVertex' description: >- - A token to retrieve next page of results. Pass to - SearchDataItemsRequest.page_token to obtain that page. + The vertexes are connected one by one and the last vertex in not + connected to the first one. + annotationSpecId: + description: >- + The resource Id of the AnnotationSpec that this Annotation pertains + to. type: string - GoogleCloudAiplatformV1DataItemView: - id: GoogleCloudAiplatformV1DataItemView - description: A container for a single DataItem and Annotations on it. + displayName: + type: string + description: >- + The display name of the AnnotationSpec that this Annotation pertains + to. + type: object + GoogleCloudAiplatformV1RetrievalConfig: type: object + description: Retrieval config. properties: - dataItem: - description: The DataItem. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DataItem' - annotations: + languageCode: + description: The language code of the user. + type: string + latLng: + description: The location of the user. + $ref: '#/components/schemas/GoogleTypeLatLng' + id: GoogleCloudAiplatformV1RetrievalConfig + GoogleCloudAiplatformV1ReadTensorboardTimeSeriesDataResponse: + properties: + timeSeriesData: + description: The returned time series data. + $ref: '#/components/schemas/GoogleCloudAiplatformV1TimeSeriesData' + type: object + id: GoogleCloudAiplatformV1ReadTensorboardTimeSeriesDataResponse + description: Response message for TensorboardService.ReadTensorboardTimeSeriesData. + GoogleCloudAiplatformV1DeployModelRequest: + type: object + id: GoogleCloudAiplatformV1DeployModelRequest + properties: + trafficSplit: + additionalProperties: + type: integer + format: int32 + type: object description: >- - The Annotations on the DataItem. If too many Annotations should be - returned for the DataItem, this field will be truncated per - annotations_limit in request. If it was, then the - has_truncated_annotations will be set to true. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Annotation' - hasTruncatedAnnotations: + A map from a DeployedModel's ID to the percentage of this Endpoint's + traffic that should be forwarded to that DeployedModel. If this + field is non-empty, then the Endpoint's traffic_split will be + overwritten with it. To refer to the ID of the just being deployed + Model, a "0" should be used, and the actual ID of the new + DeployedModel will be filled in its place by this method. The + traffic percentage values must add up to 100. If this field is + empty, then the Endpoint's traffic_split is not updated. + deployedModel: description: >- - True if and only if the Annotations field has been truncated. It - happens if more Annotations for this DataItem met the request's - annotation_filter than are allowed to be returned by - annotations_limit. Note that if Annotations field is not being - returned due to field mask, then this field will not be set to true - no matter how many Annotations are there. - type: boolean - GoogleCloudAiplatformV1Annotation: - id: GoogleCloudAiplatformV1Annotation - description: >- - Used to assign specific AnnotationSpec to a particular area of a - DataItem or the whole part of the DataItem. + Required. The DeployedModel to be created within the Endpoint. Note + that Endpoint.traffic_split must be updated for the DeployedModel to + start receiving traffic, either as part of this call, or via + EndpointService.UpdateEndpoint. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModel' + description: Request message for EndpointService.DeployModel. + GoogleCloudAiplatformV1SchemaPromptSpecTranslationSentenceFileInput: + properties: + fileInputSource: + description: Inlined file source. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecTranslationFileInputSource + gcsInputSource: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecTranslationGcsInputSource + description: Cloud Storage file source. + id: GoogleCloudAiplatformV1SchemaPromptSpecTranslationSentenceFileInput + type: object + GoogleCloudAiplatformV1QuestionAnsweringRelevanceResult: + id: GoogleCloudAiplatformV1QuestionAnsweringRelevanceResult type: object properties: - name: - description: Output only. Resource name of the Annotation. + confidence: + format: float + type: number readOnly: true + description: Output only. Confidence for question answering relevance score. + score: + readOnly: true + description: Output only. Question Answering Relevance score. + format: float + type: number + explanation: + description: Output only. Explanation for question answering relevance score. type: string - payloadSchemaUri: - description: >- - Required. Google Cloud Storage URI points to a YAML file describing - payload. The schema is defined as an [OpenAPI 3.0.2 Schema - Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). - The schema files that can be used here are found in - gs://google-cloud-aiplatform/schema/dataset/annotation/, note that - the chosen schema must be consistent with the parent Dataset's - metadata. - type: string - payload: - description: Required. The schema of the payload can be found in payload_schema. - type: any - createTime: - description: Output only. Timestamp when this Annotation was created. + readOnly: true + description: Spec for question answering relevance result. + GoogleCloudAiplatformV1ImportModelEvaluationRequest: + type: object + properties: + modelEvaluation: + description: Required. Model evaluation resource to be imported. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelEvaluation' + id: GoogleCloudAiplatformV1ImportModelEvaluationRequest + description: Request message for ModelService.ImportModelEvaluation + GoogleCloudAiplatformV1DeployOperationMetadata: + properties: + genericMetadata: + description: The operation generic information. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + publisherModel: readOnly: true type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when this Annotation was last updated. + description: Output only. The name of the model resource. + modelId: + description: Output only. The model id to be used at query time. + type: string readOnly: true + projectNumber: type: string - format: google-datetime - etag: description: >- - Optional. Used to perform consistent read-modify-write updates. If - not set, a blind "overwrite" update happens. + Output only. The project number where the deploy model request is + sent. + format: int64 + readOnly: true + destination: type: string - annotationSource: - description: Output only. The source of the Annotation. readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1UserActionReference' - labels: description: >- - Optional. The labels with user-defined metadata to organize your - Annotations. Label keys and values can be no longer than 64 - characters (Unicode codepoints), can only contain lowercase letters, - numeric characters, underscores and dashes. International characters - are allowed. No more than 64 user labels can be associated with one - Annotation(System labels are excluded). See https://goo.gl/xmQnxf - for more information and examples of labels. System reserved label - keys are prefixed with "aiplatform.googleapis.com/" and are - immutable. Following system labels exist for each Annotation: * - "aiplatform.googleapis.com/annotation_set_name": optional, name of - the UI's annotation set this Annotation belongs to. If not set, the - Annotation is not visible in the UI. * - "aiplatform.googleapis.com/payload_schema": output only, its value - is the payload_schema's title. - type: object - additionalProperties: - type: string - GoogleCloudAiplatformV1UserActionReference: - id: GoogleCloudAiplatformV1UserActionReference - description: >- - References an API call. It contains more information about long running - operation and Jobs that are triggered by the API call. + Output only. The resource name of the Location to deploy the model + in. Format: `projects/{project}/locations/{location}` + description: Runtime operation information for ModelGardenService.Deploy. + id: GoogleCloudAiplatformV1DeployOperationMetadata type: object + GoogleCloudAiplatformV1RagFileChunkingConfigFixedLengthChunking: properties: - operation: - description: >- - For API calls that return a long running operation. Resource name of - the long running operation. Format: - `projects/{project}/locations/{location}/operations/{operation}` - type: string - dataLabelingJob: - description: >- - For API calls that start a LabelingJob. Resource name of the - LabelingJob. Format: - `projects/{project}/locations/{location}/dataLabelingJobs/{data_labeling_job}` + chunkSize: + type: integer + format: int32 + description: The size of the chunks. + chunkOverlap: + format: int32 + description: The overlap between chunks. + type: integer + description: Specifies the fixed length chunking config. + id: GoogleCloudAiplatformV1RagFileChunkingConfigFixedLengthChunking + type: object + GoogleCloudAiplatformV1FileStatus: + properties: + state: type: string - method: - description: >- - The method name of the API RPC call. For example, - "/google.cloud.aiplatform.{apiVersion}.DatasetService.CreateDataset" + enumDescriptions: + - RagFile state is unspecified. + - RagFile resource has been created and indexed successfully. + - >- + RagFile resource is in a problematic state. See `error_message` + field for details. + readOnly: true + enum: + - STATE_UNSPECIFIED + - ACTIVE + - ERROR + description: Output only. RagFile state. + errorStatus: type: string - GoogleCloudAiplatformV1ListSavedQueriesResponse: - id: GoogleCloudAiplatformV1ListSavedQueriesResponse - description: Response message for DatasetService.ListSavedQueries. + description: Output only. Only when the `state` field is ERROR. + readOnly: true type: object + id: GoogleCloudAiplatformV1FileStatus + description: RagFile status. + GoogleCloudAiplatformV1EvaluatedAnnotation: properties: - savedQueries: + predictions: + readOnly: true + items: + type: any description: >- - A list of SavedQueries that match the specified filter in the - request. + Output only. The model predicted annotations. For true positive, + there is one and only one prediction, which matches the only one + ground truth annotation in ground_truths. For false positive, there + is one and only one prediction, which doesn't match any ground truth + annotation of the corresponding data_item_view_id. For false + negative, there are zero or more predictions which are similar to + the only ground truth annotation in ground_truths but not enough for + a match. The schema of the prediction is stored in + ModelEvaluation.annotation_schema_uri + type: array + errorAnalysisAnnotations: type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1SavedQuery' - nextPageToken: - description: The standard List next-page token. - type: string - GoogleCloudAiplatformV1AnnotationSpec: - id: GoogleCloudAiplatformV1AnnotationSpec - description: Identifies a concept with which DataItems may be annotated with. - type: object - properties: - name: - description: Output only. Resource name of the AnnotationSpec. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ErrorAnalysisAnnotation + description: Annotations of model error analysis results. + explanations: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluatedAnnotationExplanation + description: >- + Explanations of predictions. Each element of the explanations + indicates the explanation for one explanation Method. The + attributions list in the EvaluatedAnnotationExplanation.explanation + object corresponds to the predictions list. For example, the second + element in the attributions list explains the second element in the + predictions list. + type: array + dataItemPayload: + type: any + description: >- + Output only. The data item payload that the Model predicted this + EvaluatedAnnotation on. readOnly: true - type: string - displayName: + groundTruths: description: >- - Required. The user-defined name of the AnnotationSpec. The name can - be up to 128 characters long and can consist of any UTF-8 - characters. - type: string - createTime: - description: Output only. Timestamp when this AnnotationSpec was created. + Output only. The ground truth Annotations, i.e. the Annotations that + exist in the test data the Model is evaluated on. For true positive, + there is one and only one ground truth annotation, which matches the + only prediction in predictions. For false positive, there are zero + or more ground truth annotations that are similar to the only + prediction in predictions, but not enough for a match. For false + negative, there is one and only one ground truth annotation, which + doesn't match any predictions created by the model. The schema of + the ground truth is stored in ModelEvaluation.annotation_schema_uri + items: + type: any + readOnly: true + type: array + evaluatedDataItemViewId: + description: >- + Output only. ID of the EvaluatedDataItemView under the same ancestor + ModelEvaluation. The EvaluatedDataItemView consists of all ground + truths and predictions on data_item_payload. readOnly: true type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when AnnotationSpec was last updated. + type: + enum: + - EVALUATED_ANNOTATION_TYPE_UNSPECIFIED + - TRUE_POSITIVE + - FALSE_POSITIVE + - FALSE_NEGATIVE + enumDescriptions: + - Invalid value. + - >- + The EvaluatedAnnotation is a true positive. It has a prediction + created by the Model and a ground truth Annotation which the + prediction matches. + - >- + The EvaluatedAnnotation is false positive. It has a prediction + created by the Model which does not match any ground truth + annotation. + - >- + The EvaluatedAnnotation is false negative. It has a ground truth + annotation which is not matched by any of the model created + predictions. readOnly: true + description: Output only. Type of the EvaluatedAnnotation. type: string - format: google-datetime - etag: + description: >- + True positive, false positive, or false negative. EvaluatedAnnotation is + only available under ModelEvaluationSlice with slice of `annotationSpec` + dimension. + id: GoogleCloudAiplatformV1EvaluatedAnnotation + type: object + GoogleCloudAiplatformV1StudySpec: + properties: + metrics: + type: array + description: Required. Metric specs for the Study. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1StudySpecMetricSpec' + measurementSelectionType: + enum: + - MEASUREMENT_SELECTION_TYPE_UNSPECIFIED + - LAST_MEASUREMENT + - BEST_MEASUREMENT + description: Describe which measurement selection type will be used + type: string + enumDescriptions: + - Will be treated as LAST_MEASUREMENT. + - Use the last measurement reported. + - Use the best measurement reported. + parameters: + type: array + description: Required. The set of parameters to tune. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpec' + convexAutomatedStoppingSpec: + description: The automated early stopping spec using convex stopping rule. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1StudySpecConvexAutomatedStoppingSpec + decayCurveStoppingSpec: + description: The automated early stopping spec using decay curve rule. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1StudySpecDecayCurveAutomatedStoppingSpec + medianAutomatedStoppingSpec: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1StudySpecMedianAutomatedStoppingSpec + description: The automated early stopping spec using median rule. + algorithm: + enumDescriptions: + - >- + The default algorithm used by Vertex AI for [hyperparameter + tuning](https://cloud.google.com/vertex-ai/docs/training/hyperparameter-tuning-overview) + and [Vertex AI + Vizier](https://cloud.google.com/vertex-ai/docs/vizier). + - >- + Simple grid search within the feasible space. To use grid search, + all parameters must be `INTEGER`, `CATEGORICAL`, or `DISCRETE`. + - Simple random search within the feasible space. + enum: + - ALGORITHM_UNSPECIFIED + - GRID_SEARCH + - RANDOM_SEARCH + description: The search algorithm specified for the Study. + type: string + studyStoppingConfig: description: >- - Optional. Used to perform consistent read-modify-write updates. If - not set, a blind "overwrite" update happens. + Conditions for automated stopping of a Study. Enable automated + stopping by configuring at least one condition. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1StudySpecStudyStoppingConfig + observationNoise: + enum: + - OBSERVATION_NOISE_UNSPECIFIED + - LOW + - HIGH + enumDescriptions: + - The default noise level chosen by Vertex AI. + - >- + Vertex AI assumes that the objective function is (nearly) + perfectly reproducible, and will never repeat the same Trial + parameters. + - >- + Vertex AI will estimate the amount of noise in metric evaluations, + it may repeat the same Trial parameters more than once. type: string - GoogleCloudAiplatformV1ListAnnotationsResponse: - id: GoogleCloudAiplatformV1ListAnnotationsResponse - description: Response message for DatasetService.ListAnnotations. + description: >- + The observation noise level of the study. Currently only supported + by the Vertex AI Vizier service. Not supported by + HyperparameterTuningJob or TrainingPipeline. type: object + id: GoogleCloudAiplatformV1StudySpec + description: Represents specification of a Study. + GoogleCloudAiplatformV1MigratableResourceDataLabelingDataset: properties: - annotations: - description: >- - A list of Annotations that matches the specified filter in the - request. + dataLabelingAnnotatedDatasets: type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Annotation' - nextPageToken: - description: The standard List next-page token. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MigratableResourceDataLabelingDatasetDataLabelingAnnotatedDataset + description: >- + The migratable AnnotatedDataset in datalabeling.googleapis.com + belongs to the data labeling Dataset. + dataset: + type: string + description: >- + Full resource name of data labeling Dataset. Format: + `projects/{project}/datasets/{dataset}`. + datasetDisplayName: + description: The Dataset's display name in datalabeling.googleapis.com. type: string - GoogleCloudAiplatformV1CreateDeploymentResourcePoolRequest: - id: GoogleCloudAiplatformV1CreateDeploymentResourcePoolRequest - description: Request message for CreateDeploymentResourcePool method. type: object + id: GoogleCloudAiplatformV1MigratableResourceDataLabelingDataset + description: Represents one Dataset in datalabeling.googleapis.com. + GoogleCloudAiplatformV1ListSchedulesResponse: + description: Response message for ScheduleService.ListSchedules properties: - deploymentResourcePool: - description: Required. The DeploymentResourcePool to create. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeploymentResourcePool' - deploymentResourcePoolId: + schedules: + description: List of Schedules in the requested page. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Schedule' + type: array + nextPageToken: description: >- - Required. The ID to use for the DeploymentResourcePool, which will - become the final component of the DeploymentResourcePool's resource - name. The maximum length is 63 characters, and valid characters are - `/^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$/`. + A token to retrieve the next page of results. Pass to + ListSchedulesRequest.page_token to obtain that page. type: string - GoogleCloudAiplatformV1DeploymentResourcePool: - id: GoogleCloudAiplatformV1DeploymentResourcePool - description: >- - A description of resources that can be shared by multiple - DeployedModels, whose underlying specification consists of a - DedicatedResources. + id: GoogleCloudAiplatformV1ListSchedulesResponse type: object + GoogleCloudAiplatformV1MutateDeployedIndexResponse: + description: Response message for IndexEndpointService.MutateDeployedIndex. properties: - name: - description: >- - Immutable. The resource name of the DeploymentResourcePool. Format: - `projects/{project}/locations/{location}/deploymentResourcePools/{deployment_resource_pool}` + deployedIndex: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedIndex' + description: The DeployedIndex that had been updated in the IndexEndpoint. + id: GoogleCloudAiplatformV1MutateDeployedIndexResponse + type: object + GoogleCloudAiplatformV1LustreMount: + description: Represents a mount configuration for Lustre file system. + type: object + id: GoogleCloudAiplatformV1LustreMount + properties: + instanceIp: + description: Required. IP address of the Lustre instance. type: string - dedicatedResources: + volumeHandle: + description: Required. The unique identifier of the Lustre volume. + type: string + filesystem: + description: Required. The name of the Lustre filesystem. + type: string + mountPoint: description: >- - Required. The underlying DedicatedResources that the - DeploymentResourcePool uses. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DedicatedResources' + Required. Destination mount path. The Lustre file system will be + mounted for the user under /mnt/lustre/ + type: string + GoogleCloudAiplatformV1TuningJob: + properties: encryptionSpec: description: >- - Customer-managed encryption key spec for a DeploymentResourcePool. - If set, this DeploymentResourcePool will be secured by this key. - Endpoints and the DeploymentResourcePool they deploy in need to have - the same EncryptionSpec. + Customer-managed encryption key options for a TuningJob. If this is + set, then all resources created by the TuningJob will be encrypted + with the provided encryption key. $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - serviceAccount: - description: >- - The service account that the DeploymentResourcePool's container(s) - run as. Specify the email address of the service account. If this - service account is not specified, the container(s) run as a service - account that doesn't have access to the resource project. Users - deploying the Models to this DeploymentResourcePool must have the - `iam.serviceAccounts.actAs` permission on this service account. - type: string - disableContainerLogging: - description: >- - If the DeploymentResourcePool is deployed with custom-trained Models - or AutoML Tabular Models, the container(s) of the - DeploymentResourcePool will send `stderr` and `stdout` streams to - Cloud Logging by default. Please note that the logs incur cost, - which are subject to [Cloud Logging - pricing](https://cloud.google.com/logging/pricing). User can disable - container logging by setting this flag to true. - type: boolean - createTime: - description: Output only. Timestamp when this DeploymentResourcePool was created. - readOnly: true + state: + description: Output only. The detailed state of the job. type: string - format: google-datetime - satisfiesPzs: - description: Output only. Reserved for future use. + enum: + - JOB_STATE_UNSPECIFIED + - JOB_STATE_QUEUED + - JOB_STATE_PENDING + - JOB_STATE_RUNNING + - JOB_STATE_SUCCEEDED + - JOB_STATE_FAILED + - JOB_STATE_CANCELLING + - JOB_STATE_CANCELLED + - JOB_STATE_PAUSED + - JOB_STATE_EXPIRED + - JOB_STATE_UPDATING + - JOB_STATE_PARTIALLY_SUCCEEDED + enumDescriptions: + - The job state is unspecified. + - >- + The job has been just created or resumed and processing has not + yet begun. + - The service is preparing to run the job. + - The job is in progress. + - The job completed successfully. + - The job failed. + - >- + The job is being cancelled. From this state the job may only go to + either `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED` or + `JOB_STATE_CANCELLED`. + - The job has been cancelled. + - The job has been stopped, and can be resumed. + - The job has expired. + - >- + The job is being updated. Only jobs in the `RUNNING` state can be + updated. After updating, the job goes back to the `RUNNING` state. + - >- + The job is partially succeeded, some results may be missing due to + errors. readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. + updateTime: + type: string + readOnly: true + format: google-datetime + description: Output only. Time when the TuningJob was most recently updated. + startTime: + type: string readOnly: true - type: boolean - GoogleCloudAiplatformV1DedicatedResources: - id: GoogleCloudAiplatformV1DedicatedResources - description: >- - A description of resources that are dedicated to a DeployedModel or - DeployedIndex, and that need a higher degree of manual configuration. - type: object - properties: - machineSpec: - description: >- - Required. Immutable. The specification of a single machine being - used. - $ref: '#/components/schemas/GoogleCloudAiplatformV1MachineSpec' - minReplicaCount: description: >- - Required. Immutable. The minimum number of machine replicas that - will be always deployed on. This value must be greater than or equal - to 1. If traffic increases, it may dynamically be deployed onto more - replicas, and as traffic decreases, some of these extra replicas may - be freed. - type: integer - format: int32 - maxReplicaCount: + Output only. Time when the TuningJob for the first time entered the + `JOB_STATE_RUNNING` state. + format: google-datetime + supervisedTuningSpec: + description: Tuning Spec for Supervised Fine Tuning. + $ref: '#/components/schemas/GoogleCloudAiplatformV1SupervisedTuningSpec' + error: + readOnly: true + $ref: '#/components/schemas/GoogleRpcStatus' description: >- - Immutable. The maximum number of replicas that may be deployed on - when the traffic against it increases. If the requested value is too - large, the deployment will error, but if deployment succeeds then - the ability to scale to that many replicas is guaranteed (barring - service outages). If traffic increases beyond what its replicas at - maximum may handle, a portion of the traffic will be dropped. If - this value is not provided, will use min_replica_count as the - default value. The value of this field impacts the charge against - Vertex CPU and GPU quotas. Specifically, you will be charged for - (max_replica_count * number of cores in the selected machine type) - and (max_replica_count * number of GPUs per replica in the selected - machine type). - type: integer - format: int32 - requiredReplicaCount: + Output only. Only populated when job's state is `JOB_STATE_FAILED` + or `JOB_STATE_CANCELLED`. + tunedModelDisplayName: description: >- - Optional. Number of required available replicas for the deployment - to succeed. This field is only needed when partial - deployment/mutation is desired. If set, the deploy/mutate operation - will succeed once available_replica_count reaches - required_replica_count, and the rest of the replicas will be - retried. If not set, the default required_replica_count will be - min_replica_count. - type: integer - format: int32 - autoscalingMetricSpecs: + Optional. The display name of the TunedModel. The name can be up to + 128 characters long and can consist of any UTF-8 characters. For + continuous tuning, tuned_model_display_name will by default use the + same display name as the pre-tuned model. If a new display name is + provided, the tuning job will create a new model instead of a new + version. + type: string + preTunedModel: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PreTunedModel' + description: The pre-tuned model for continuous tuning. + tuningDataStats: + readOnly: true description: >- - Immutable. The metric specifications that overrides a resource - utilization metric (CPU utilization, accelerator's duty cycle, and - so on) target value (default to 60 if not set). At most one entry is - allowed per metric. If machine_spec.accelerator_count is above 0, - the autoscaling will be based on both CPU utilization and - accelerator's duty cycle metrics and scale up when either metrics - exceeds its target value while scale down if both metrics are under - their target value. The default target value is 60 for both metrics. - If machine_spec.accelerator_count is 0, the autoscaling will be - based on CPU utilization metric only with default target value 60 if - not explicitly set. For example, in the case of Online Prediction, - if you want to override target CPU utilization to 80, you should set - autoscaling_metric_specs.metric_name to - `aiplatform.googleapis.com/prediction/online/cpu/utilization` and - autoscaling_metric_specs.target to `80`. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1AutoscalingMetricSpec' - spot: + Output only. The tuning data statistics associated with this + TuningJob. + $ref: '#/components/schemas/GoogleCloudAiplatformV1TuningDataStats' + labels: + type: object description: >- - Optional. If true, schedule the deployment workload on [spot - VMs](https://cloud.google.com/kubernetes-engine/docs/concepts/spot-vms). - type: boolean - GoogleCloudAiplatformV1MachineSpec: - id: GoogleCloudAiplatformV1MachineSpec - description: Specification of a single machine. - type: object - properties: - machineType: + Optional. The labels with user-defined metadata to organize + TuningJob and generated resources such as Model and Endpoint. Label + keys and values can be no longer than 64 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. See + https://goo.gl/xmQnxf for more information and examples of labels. + additionalProperties: + type: string + tunedModel: description: >- - Immutable. The type of the machine. See the [list of machine types - supported for - prediction](https://cloud.google.com/vertex-ai/docs/predictions/configure-compute#machine-types) - See the [list of machine types supported for custom - training](https://cloud.google.com/vertex-ai/docs/training/configure-compute#machine-types). - For DeployedModel this field is optional, and the default value is - `n1-standard-2`. For BatchPredictionJob or as part of WorkerPoolSpec - this field is required. + Output only. The tuned model resources associated with this + TuningJob. + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1TunedModel' + createTime: type: string - acceleratorType: - description: >- - Immutable. The type of accelerator(s) that may be attached to the - machine as per accelerator_count. + readOnly: true + format: google-datetime + description: Output only. Time when the TuningJob was created. + experiment: + readOnly: true + description: Output only. The Experiment associated with this TuningJob. type: string - enumDescriptions: - - Unspecified accelerator type, which means no accelerator. - - >- - Deprecated: Nvidia Tesla K80 GPU has reached end of support, see - https://cloud.google.com/compute/docs/eol/k80-eol. - - Nvidia Tesla P100 GPU. - - Nvidia Tesla V100 GPU. - - Nvidia Tesla P4 GPU. - - Nvidia Tesla T4 GPU. - - Nvidia Tesla A100 GPU. - - Nvidia A100 80GB GPU. - - Nvidia L4 GPU. - - Nvidia H100 80Gb GPU. - - Nvidia H100 Mega 80Gb GPU. - - Nvidia H200 141Gb GPU. - - Nvidia B200 GPU. - - Nvidia GB200 GPU. - - TPU v2. - - TPU v3. - - TPU v4. - - TPU v5. - enumDeprecated: - - false - - true - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - enum: - - ACCELERATOR_TYPE_UNSPECIFIED - - NVIDIA_TESLA_K80 - - NVIDIA_TESLA_P100 - - NVIDIA_TESLA_V100 - - NVIDIA_TESLA_P4 - - NVIDIA_TESLA_T4 - - NVIDIA_TESLA_A100 - - NVIDIA_A100_80GB - - NVIDIA_L4 - - NVIDIA_H100_80GB - - NVIDIA_H100_MEGA_80GB - - NVIDIA_H200_141GB - - NVIDIA_B200 - - NVIDIA_GB200 - - TPU_V2 - - TPU_V3 - - TPU_V4_POD - - TPU_V5_LITEPOD - acceleratorCount: - description: The number of accelerators to attach to the machine. - type: integer - format: int32 - tpuTopology: - description: >- - Immutable. The topology of the TPUs. Corresponds to the TPU - topologies available from GKE. (Example: tpu_topology: "2x2x1"). + endTime: type: string - reservationAffinity: + readOnly: true + format: google-datetime description: >- - Optional. Immutable. Configuration controlling how this resource - pool consumes reservation. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ReservationAffinity' - GoogleCloudAiplatformV1ReservationAffinity: - id: GoogleCloudAiplatformV1ReservationAffinity - description: >- - A ReservationAffinity can be used to configure a Vertex AI resource - (e.g., a DeployedModel) to draw its Compute Engine resources from a - Shared Reservation, or exclusively from on-demand capacity. - type: object - properties: - reservationAffinityType: - description: Required. Specifies the reservation affinity type. + Output only. Time when the TuningJob entered any of the following + JobStates: `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED`, + `JOB_STATE_CANCELLED`, `JOB_STATE_EXPIRED`. + description: + description: Optional. The description of the TuningJob. type: string - enumDescriptions: - - Default value. This should not be used. - - Do not consume from any reserved capacity, only use on-demand. - - Consume any reservation available, falling back to on-demand. - - >- - Consume from a specific reservation. When chosen, the reservation - must be identified via the `key` and `values` fields. - enum: - - TYPE_UNSPECIFIED - - NO_RESERVATION - - ANY_RESERVATION - - SPECIFIC_RESERVATION - key: - description: >- - Optional. Corresponds to the label key of a reservation resource. To - target a SPECIFIC_RESERVATION by name, use - `compute.googleapis.com/reservation-name` as the key and specify the - name of your reservation as its value. + preferenceOptimizationSpec: + description: Tuning Spec for Preference Optimization. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PreferenceOptimizationSpec + name: type: string - values: description: >- - Optional. Corresponds to the label values of a reservation resource. - This must be the full resource name of the reservation or - reservation block. - type: array - items: - type: string - GoogleCloudAiplatformV1AutoscalingMetricSpec: - id: GoogleCloudAiplatformV1AutoscalingMetricSpec - description: >- - The metric specification that defines the target resource utilization - (CPU utilization, accelerator's duty cycle, and so on) for calculating - the desired replica count. - type: object - properties: - metricName: + Output only. Identifier. Resource name of a TuningJob. Format: + `projects/{project}/locations/{location}/tuningJobs/{tuning_job}` + readOnly: true + serviceAccount: description: >- - Required. The resource metric name. Supported metrics: * For Online - Prediction: * - `aiplatform.googleapis.com/prediction/online/accelerator/duty_cycle` - * `aiplatform.googleapis.com/prediction/online/cpu/utilization` * - `aiplatform.googleapis.com/prediction/online/request_count` + The service account that the tuningJob workload runs as. If not + specified, the Vertex AI Secure Fine-Tuned Service Agent in the + project will be used. See + https://cloud.google.com/iam/docs/service-agents#vertex-ai-secure-fine-tuning-service-agent + Users starting the pipeline must have the + `iam.serviceAccounts.actAs` permission on this service account. type: string - target: - description: >- - The target resource utilization in percentage (1% - 100%) for the - given metric; once the real usage deviates from the target by a - certain percentage, the machine replicas change. The default value - is 60 (representing 60%) if not provided. - type: integer - format: int32 - GoogleCloudAiplatformV1ListDeploymentResourcePoolsResponse: - id: GoogleCloudAiplatformV1ListDeploymentResourcePoolsResponse - description: Response message for ListDeploymentResourcePools method. - type: object - properties: - deploymentResourcePools: - description: The DeploymentResourcePools from the specified location. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeploymentResourcePool' - nextPageToken: + baseModel: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + The base model that is being tuned. See [Supported + models](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/tuning#supported_models). type: string - GoogleCloudAiplatformV1QueryDeployedModelsResponse: - id: GoogleCloudAiplatformV1QueryDeployedModelsResponse - description: Response message for QueryDeployedModels method. + id: GoogleCloudAiplatformV1TuningJob type: object + description: Represents a TuningJob that runs with Google owned models. + GoogleCloudAiplatformV1GenerateSyntheticDataRequest: + id: GoogleCloudAiplatformV1GenerateSyntheticDataRequest properties: - deployedModels: - description: DEPRECATED Use deployed_model_refs instead. - deprecated: true + outputFieldSpecs: type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModel' - nextPageToken: + $ref: '#/components/schemas/GoogleCloudAiplatformV1OutputFieldSpec' description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - deployedModelRefs: + Required. The schema of the desired output, defined by a list of + fields. + examples: description: >- - References to the DeployedModels that share the specified - deploymentResourcePool. - type: array + Optional. A list of few-shot examples to guide the model's output + style and format. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModelRef' - totalDeployedModelCount: - description: The total number of DeployedModels on this DeploymentResourcePool. - type: integer + $ref: '#/components/schemas/GoogleCloudAiplatformV1SyntheticExample' + type: array + count: format: int32 - totalEndpointCount: description: >- - The total number of Endpoints that have DeployedModels on this - DeploymentResourcePool. + Required. The number of synthetic examples to generate. For this + stateless API, the count is limited to a small number. type: integer - format: int32 - GoogleCloudAiplatformV1DeployedModel: - id: GoogleCloudAiplatformV1DeployedModel - description: A deployment of a Model. Endpoints contain one or more DeployedModels. + taskDescription: + description: Generate data from a high-level task description. + $ref: '#/components/schemas/GoogleCloudAiplatformV1TaskDescriptionStrategy' + type: object + description: Request message for DataFoundryService.GenerateSyntheticData. + GoogleCloudAiplatformV1ListAnnotationsResponse: + description: Response message for DatasetService.ListAnnotations. + id: GoogleCloudAiplatformV1ListAnnotationsResponse type: object properties: - dedicatedResources: - description: >- - A description of resources that are dedicated to the DeployedModel, - and that need a higher degree of manual configuration. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DedicatedResources' - automaticResources: - description: >- - A description of resources that to large degree are decided by - Vertex AI, and require only a modest additional configuration. - $ref: '#/components/schemas/GoogleCloudAiplatformV1AutomaticResources' - sharedResources: - description: >- - The resource name of the shared DeploymentResourcePool to deploy on. - Format: - `projects/{project}/locations/{location}/deploymentResourcePools/{deployment_resource_pool}` + nextPageToken: + description: The standard List next-page token. type: string - id: + annotations: description: >- - Immutable. The ID of the DeployedModel. If not provided upon - deployment, Vertex AI will generate a value for this ID. This value - should be 1-10 characters, and valid characters are `/[0-9]/`. - type: string - model: + A list of Annotations that matches the specified filter in the + request. + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Annotation' + GoogleCloudAiplatformV1ReasoningEngineSpecSourceCodeSpecInlineSource: + description: Specifies source code provided as a byte stream. + type: object + id: GoogleCloudAiplatformV1ReasoningEngineSpecSourceCodeSpecInlineSource + properties: + sourceArchive: description: >- - The resource name of the Model that this is the deployment of. Note - that the Model may be in a different location than the - DeployedModel's Endpoint. The resource name may contain version id - or version alias to specify the version. Example: - `projects/{project}/locations/{location}/models/{model}@2` or - `projects/{project}/locations/{location}/models/{model}@golden` if - no version is specified, the default version will be deployed. + Required. Input only. The application source code archive. It must + be a compressed tarball (.tar.gz) file. + format: byte type: string - gdcConnectedModel: - description: >- - GDC pretrained / Gemini model name. The model name is a plain model - name, e.g. gemini-1.5-flash-002. + GoogleCloudAiplatformV1PscAutomatedEndpoints: + id: GoogleCloudAiplatformV1PscAutomatedEndpoints + description: >- + PscAutomatedEndpoints defines the output of the forwarding rule + automatically created by each PscAutomationConfig. + type: object + properties: + projectId: type: string - modelVersionId: - description: Output only. The version ID of the model that is deployed. - readOnly: true + description: Corresponding project_id in pscAutomationConfigs + network: + description: Corresponding network in pscAutomationConfigs. type: string - displayName: + matchAddress: + type: string + description: Ip Address created by the automated forwarding rule. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageSegmentationInputs: + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageSegmentationInputs + type: object + properties: + budgetMilliNodeHours: description: >- - The display name of the DeployedModel. If not provided upon - creation, the Model's display_name is used. + The training budget of creating this model, expressed in milli node + hours i.e. 1,000 value in this field means 1 node hour. The actual + metadata.costMilliNodeHours will be equal or less than this value. + If further model training ceases to provide any improvements, it + will stop without using the full budget and the + metadata.successfulStopReason will be `model-converged`. Note, + node_hour = actual_hour * number_of_nodes_involved. Or + actual_wall_clock_hours = train_budget_milli_node_hours / + (number_of_nodes_involved * 1000) For modelType + `cloud-high-accuracy-1`(default), the budget must be between 20,000 + and 2,000,000 milli node hours, inclusive. The default value is + 192,000 which represents one day in wall time (1000 milli * 24 hours + * 8 nodes). + format: int64 type: string - createTime: - description: Output only. Timestamp when the DeployedModel was created. - readOnly: true + modelType: type: string - format: google-datetime - explanationSpec: - description: >- - Explanation configuration for this DeployedModel. When deploying a - Model using EndpointService.DeployModel, this value overrides the - value of Model.explanation_spec. All fields of explanation_spec are - optional in the request. If a field of explanation_spec is not - populated, the value of the same field of Model.explanation_spec is - inherited. If the corresponding Model.explanation_spec is not - populated, all fields of the explanation_spec will be used for the - explanation configuration. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplanationSpec' - disableExplanations: - description: >- - If true, deploy the model without explainable feature, regardless - the existence of Model.explanation_spec or explanation_spec. - type: boolean - serviceAccount: + enum: + - MODEL_TYPE_UNSPECIFIED + - CLOUD_HIGH_ACCURACY_1 + - CLOUD_LOW_ACCURACY_1 + - MOBILE_TF_LOW_LATENCY_1 + enumDescriptions: + - Should not be set. + - >- + A model to be used via prediction calls to uCAIP API. Expected to + have a higher latency, but should also have a higher prediction + quality than other models. + - >- + A model to be used via prediction calls to uCAIP API. Expected to + have a lower latency but relatively lower prediction quality. + - >- + A model that, in addition to being available within Google Cloud, + can also be exported (see ModelService.ExportModel) as TensorFlow + model and used on a mobile or edge device afterwards. Expected to + have low latency, but may have lower prediction quality than other + mobile models. + baseModelId: description: >- - The service account that the DeployedModel's container runs as. - Specify the email address of the service account. If this service - account is not specified, the container runs as a service account - that doesn't have access to the resource project. Users deploying - the Model must have the `iam.serviceAccounts.actAs` permission on - this service account. + The ID of the `base` model. If it is specified, the new model will + be trained based on the `base` model. Otherwise, the new model will + be trained from scratch. The `base` model must be in the same + Project and Location as the new Model to train, and have the same + modelType. type: string - disableContainerLogging: + GoogleCloudAiplatformV1RawPredictRequest: + type: object + properties: + httpBody: description: >- - For custom-trained Models and AutoML Tabular Models, the container - of the DeployedModel instances will send `stderr` and `stdout` - streams to Cloud Logging by default. Please note that the logs incur - cost, which are subject to [Cloud Logging - pricing](https://cloud.google.com/logging/pricing). User can disable - container logging by setting this flag to true. - type: boolean - enableAccessLogging: - description: >- - If true, online prediction access logs are sent to Cloud Logging. - These logs are like standard server access logs, containing - information like timestamp and latency for each prediction request. - Note that logs may incur a cost, especially if your project receives - prediction requests at a high queries per second rate (QPS). - Estimate your costs before enabling this option. - type: boolean - privateEndpoints: - description: >- - Output only. Provide paths for users to send predict/explain/health - requests directly to the deployed model services running on Cloud - via private services access. This field is populated if network is - configured. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1PrivateEndpoints' - fasterDeploymentConfig: - description: Configuration for faster model deployment. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FasterDeploymentConfig' - status: - description: Output only. Runtime status of the deployed model. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModelStatus' - systemLabels: - description: >- - System labels to apply to Model Garden deployments. System labels - are managed by Google for internal use only. - type: object - additionalProperties: - type: string - checkpointId: - description: The checkpoint id of the model. - type: string - speculativeDecodingSpec: - description: Optional. Spec for configuring speculative decoding. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SpeculativeDecodingSpec' - GoogleCloudAiplatformV1AutomaticResources: - id: GoogleCloudAiplatformV1AutomaticResources + The prediction input. Supports HTTP headers and arbitrary data + payload. A DeployedModel may have an upper limit on the number of + instances it supports per request. When this limit it is exceeded + for an AutoML model, the RawPredict method returns an error. When + this limit is exceeded for a custom-trained model, the behavior + varies depending on the model. You can specify the schema for each + instance in the predict_schemata.instance_schema_uri field when you + create a Model. This schema applies when you deploy the `Model` as a + `DeployedModel` to an Endpoint and use the `RawPredict` method. + $ref: '#/components/schemas/GoogleApiHttpBody' + description: Request message for PredictionService.RawPredict. + id: GoogleCloudAiplatformV1RawPredictRequest + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationNumericTransformation: description: >- - A description of resources that to large degree are decided by Vertex - AI, and require only a modest additional configuration. Each Model - supporting these resources documents its specific guidelines. - type: object + Training pipeline will perform following transformation functions. * The + value converted to float32. * The z_score of the value. * log(value+1) + when the value is greater than or equal to 0. Otherwise, this + transformation is not applied and the value is considered a missing + value. * z_score of log(value+1) when the value is greater than or equal + to 0. Otherwise, this transformation is not applied and the value is + considered a missing value. properties: - minReplicaCount: - description: >- - Immutable. The minimum number of replicas that will be always - deployed on. If traffic against it increases, it may dynamically be - deployed onto more replicas up to max_replica_count, and as traffic - decreases, some of these extra replicas may be freed. If the - requested value is too large, the deployment will error. - type: integer - format: int32 - maxReplicaCount: - description: >- - Immutable. The maximum number of replicas that may be deployed on - when the traffic against it increases. If the requested value is too - large, the deployment will error, but if deployment succeeds then - the ability to scale to that many replicas is guaranteed (barring - service outages). If traffic increases beyond what its replicas at - maximum may handle, a portion of the traffic will be dropped. If - this value is not provided, a no upper bound for scaling under heavy - traffic will be assume, though Vertex AI may be unable to scale - beyond certain replica number. - type: integer - format: int32 - GoogleCloudAiplatformV1ExplanationSpec: - id: GoogleCloudAiplatformV1ExplanationSpec - description: Specification of Model explanation. + columnName: + type: string + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationNumericTransformation + type: object + GoogleCloudAiplatformV1SlackSourceSlackChannelsSlackChannel: type: object + description: SlackChannel contains the Slack channel ID and the time range to import. + id: GoogleCloudAiplatformV1SlackSourceSlackChannelsSlackChannel properties: - parameters: - description: >- - Required. Parameters that configure explaining of the Model's - predictions. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplanationParameters' - metadata: - description: >- - Optional. Metadata describing the Model's input and output for - explanation. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplanationMetadata' - GoogleCloudAiplatformV1ExplanationParameters: - id: GoogleCloudAiplatformV1ExplanationParameters - description: Parameters to configure explaining for Model's predictions. + channelId: + description: Required. The Slack channel ID. + type: string + startTime: + type: string + format: google-datetime + description: Optional. The starting timestamp for messages to import. + endTime: + description: Optional. The ending timestamp for messages to import. + type: string + format: google-datetime + GoogleCloudAiplatformV1EvaluateDatasetRequest: type: object + id: GoogleCloudAiplatformV1EvaluateDatasetRequest + description: Request message for EvaluationService.EvaluateDataset. properties: - sampledShapleyAttribution: - description: >- - An attribution method that approximates Shapley values for features - that contribute to the label being predicted. A sampling strategy is - used to approximate the value rather than considering all subsets of - features. Refer to this paper for model details: - https://arxiv.org/abs/1306.4265. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SampledShapleyAttribution - integratedGradientsAttribution: - description: >- - An attribution method that computes Aumann-Shapley values taking - advantage of the model's fully differentiable structure. Refer to - this paper for more details: https://arxiv.org/abs/1703.01365 - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1IntegratedGradientsAttribution - xraiAttribution: - description: >- - An attribution method that redistributes Integrated Gradients - attribution to segmented regions, taking advantage of the model's - fully differentiable structure. Refer to this paper for more - details: https://arxiv.org/abs/1906.02825 XRAI currently performs - better on natural images, like a picture of a house or an animal. If - the images are taken in artificial environments, like a lab or - manufacturing line, or from diagnostic equipment, like x-rays or - quality-control cameras, use Integrated Gradients instead. - $ref: '#/components/schemas/GoogleCloudAiplatformV1XraiAttribution' - examples: - description: >- - Example-based explanations that returns the nearest neighbors from - the provided dataset. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Examples' - topK: - description: >- - If populated, returns attributions for top K indices of outputs - (defaults to 1). Only applies to Models that predicts more than one - outputs (e,g, multi-class Models). When set to -1, returns - explanations for all outputs. - type: integer - format: int32 - outputIndices: + dataset: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationDataset' + description: Required. The dataset used for evaluation. + outputConfig: + description: Required. Config for evaluation output. + $ref: '#/components/schemas/GoogleCloudAiplatformV1OutputConfig' + autoraterConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1AutoraterConfig' description: >- - If populated, only returns attributions that have output_index - contained in output_indices. It must be an ndarray of integers, with - the same shape of the output it's explaining. If not populated, - returns attributions for top_k indices of outputs. If neither top_k - nor output_indices is populated, returns the argmax index of the - outputs. Only applicable to Models that predict multiple outputs - (e,g, multi-class Models that predict multiple classes). - type: array + Optional. Autorater config used for evaluation. Currently only + publisher Gemini models are supported. Format: + `projects/{PROJECT}/locations/{LOCATION}/publishers/google/models/{MODEL}.` + metrics: + description: Required. The metrics used for evaluation. items: - type: any - GoogleCloudAiplatformV1SampledShapleyAttribution: - id: GoogleCloudAiplatformV1SampledShapleyAttribution - description: >- - An attribution method that approximates Shapley values for features that - contribute to the label being predicted. A sampling strategy is used to - approximate the value rather than considering all subsets of features. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Metric' + type: array + GoogleCloudAiplatformV1FluencyInput: type: object + id: GoogleCloudAiplatformV1FluencyInput properties: - pathCount: - description: >- - Required. The number of feature permutations to consider when - approximating the Shapley values. Valid range of its value is [1, - 50], inclusively. - type: integer - format: int32 - GoogleCloudAiplatformV1IntegratedGradientsAttribution: - id: GoogleCloudAiplatformV1IntegratedGradientsAttribution - description: >- - An attribution method that computes the Aumann-Shapley value taking - advantage of the model's fully differentiable structure. Refer to this - paper for more details: https://arxiv.org/abs/1703.01365 + instance: + description: Required. Fluency instance. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FluencyInstance' + metricSpec: + description: Required. Spec for fluency score metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FluencySpec' + description: Input for fluency metric. + GoogleCloudAiplatformV1PurgeExecutionsResponse: type: object + id: GoogleCloudAiplatformV1PurgeExecutionsResponse + description: Response message for MetadataService.PurgeExecutions. properties: - stepCount: - description: >- - Required. The number of steps for approximating the path integral. A - good value to start is 50 and gradually increase until the sum to - diff property is within the desired error range. Valid range of its - value is [1, 100], inclusively. - type: integer - format: int32 - smoothGradConfig: + purgeSample: + type: array description: >- - Config for SmoothGrad approximation of gradients. When enabled, the - gradients are approximated by averaging the gradients from noisy - samples in the vicinity of the inputs. Adding noise can help improve - the computed gradients. Refer to this paper for more details: - https://arxiv.org/pdf/1706.03825.pdf - $ref: '#/components/schemas/GoogleCloudAiplatformV1SmoothGradConfig' - blurBaselineConfig: + A sample of the Execution names that will be deleted. Only populated + if `force` is set to false. The maximum number of samples is 100 (it + is possible to return fewer). + items: + type: string + purgeCount: + type: string + format: int64 description: >- - Config for IG with blur baseline. When enabled, a linear path from - the maximally blurred image to the input image is created. Using a - blurred baseline instead of zero (black image) is motivated by the - BlurIG approach explained here: https://arxiv.org/abs/2004.03383 - $ref: '#/components/schemas/GoogleCloudAiplatformV1BlurBaselineConfig' - GoogleCloudAiplatformV1SmoothGradConfig: - id: GoogleCloudAiplatformV1SmoothGradConfig - description: >- - Config for SmoothGrad approximation of gradients. When enabled, the - gradients are approximated by averaging the gradients from noisy samples - in the vicinity of the inputs. Adding noise can help improve the - computed gradients. Refer to this paper for more details: - https://arxiv.org/pdf/1706.03825.pdf + The number of Executions that this request deleted (or, if `force` + is false, the number of Executions that will be deleted). This can + be an estimate. + GoogleCloudAiplatformV1FeatureViewOptimizedConfig: + id: GoogleCloudAiplatformV1FeatureViewOptimizedConfig + description: Configuration for FeatureViews created in Optimized FeatureOnlineStore. type: object properties: - noiseSigma: - description: >- - This is a single float value and will be used to add noise to all - the features. Use this field when all features are normalized to - have the same distribution: scale to range [0, 1], [-1, 1] or - z-scoring, where features are normalized to have 0-mean and - 1-variance. Learn more about - [normalization](https://developers.google.com/machine-learning/data-prep/transform/normalization). - For best results the recommended value is about 10% - 20% of the - standard deviation of the input feature. Refer to section 3.2 of the - SmoothGrad paper: https://arxiv.org/pdf/1706.03825.pdf. Defaults to - 0.1. If the distribution is different per feature, set - feature_noise_sigma instead for each feature. - type: number - format: float - featureNoiseSigma: - description: >- - This is similar to noise_sigma, but provides additional flexibility. - A separate noise sigma can be provided for each feature, which is - useful if their distributions are different. No noise is added to - features that are not set. If this field is unset, noise_sigma will - be used for all features. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureNoiseSigma' - noisySampleCount: + automaticResources: description: >- - The number of gradient samples to use for approximation. The higher - this number, the more accurate the gradient is, but the runtime - complexity increases by this factor as well. Valid range of its - value is [1, 50]. Defaults to 3. - type: integer - format: int32 - GoogleCloudAiplatformV1FeatureNoiseSigma: - id: GoogleCloudAiplatformV1FeatureNoiseSigma - description: >- - Noise sigma by features. Noise sigma represents the standard deviation - of the gaussian kernel that will be used to add noise to interpolated - inputs prior to computing gradients. + Optional. A description of resources that the FeatureView uses, + which to large degree are decided by Vertex AI, and optionally + allows only a modest additional configuration. If min_replica_count + is not set, the default value is 2. If max_replica_count is not set, + the default value is 6. The max allowed replica count is 1000. + $ref: '#/components/schemas/GoogleCloudAiplatformV1AutomaticResources' + GoogleCloudAiplatformV1StartNotebookRuntimeOperationMetadata: + id: GoogleCloudAiplatformV1StartNotebookRuntimeOperationMetadata + description: Metadata information for NotebookService.StartNotebookRuntime. type: object properties: - noiseSigma: + genericMetadata: + description: The operation generic information. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + progressMessage: + type: string description: >- - Noise sigma per feature. No noise is added to features that are not - set. + A human-readable message that shows the intermediate progress + details of NotebookRuntime. + CloudAiLargeModelsVisionNamedBoundingBox: + id: CloudAiLargeModelsVisionNamedBoundingBox + properties: + x1: + type: number + format: float + scores: + items: + type: number + format: float + type: array + entities: type: array items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureNoiseSigmaNoiseSigmaForFeature - GoogleCloudAiplatformV1FeatureNoiseSigmaNoiseSigmaForFeature: - id: GoogleCloudAiplatformV1FeatureNoiseSigmaNoiseSigmaForFeature - description: Noise sigma for a single feature. - type: object - properties: - name: - description: >- - The name of the input feature for which noise sigma is provided. The - features are defined in explanation metadata inputs. - type: string - sigma: - description: >- - This represents the standard deviation of the Gaussian kernel that - will be used to add noise to the feature prior to computing - gradients. Similar to noise_sigma but represents the noise added to - the current feature. Defaults to 0.1. + type: string + y1: type: number format: float - GoogleCloudAiplatformV1BlurBaselineConfig: - id: GoogleCloudAiplatformV1BlurBaselineConfig - description: >- - Config for blur baseline. When enabled, a linear path from the maximally - blurred image to the input image is created. Using a blurred baseline - instead of zero (black image) is motivated by the BlurIG approach - explained here: https://arxiv.org/abs/2004.03383 - type: object - properties: - maxBlurSigma: - description: >- - The standard deviation of the blur kernel for the blurred baseline. - The same blurring parameter is used for both the height and the - width dimension. If not set, the method defaults to the zero (i.e. - black for images) baseline. + x2: + format: float + type: number + classes: + type: array + items: + type: string + y2: type: number format: float - GoogleCloudAiplatformV1XraiAttribution: - id: GoogleCloudAiplatformV1XraiAttribution - description: >- - An explanation method that redistributes Integrated Gradients - attributions to segmented regions, taking advantage of the model's fully - differentiable structure. Refer to this paper for more details: - https://arxiv.org/abs/1906.02825 Supported only by image Models. type: object + GoogleCloudAiplatformV1ExportTensorboardTimeSeriesDataRequest: + id: GoogleCloudAiplatformV1ExportTensorboardTimeSeriesDataRequest properties: - stepCount: - description: >- - Required. The number of steps for approximating the path integral. A - good value to start is 50 and gradually increase until the sum to - diff property is met within the desired error range. Valid range of - its value is [1, 100], inclusively. - type: integer - format: int32 - smoothGradConfig: + orderBy: description: >- - Config for SmoothGrad approximation of gradients. When enabled, the - gradients are approximated by averaging the gradients from noisy - samples in the vicinity of the inputs. Adding noise can help improve - the computed gradients. Refer to this paper for more details: - https://arxiv.org/pdf/1706.03825.pdf - $ref: '#/components/schemas/GoogleCloudAiplatformV1SmoothGradConfig' - blurBaselineConfig: + Field to use to sort the TensorboardTimeSeries' data. By default, + TensorboardTimeSeries' data is returned in a pseudo random order. + type: string + pageToken: description: >- - Config for XRAI with blur baseline. When enabled, a linear path from - the maximally blurred image to the input image is created. Using a - blurred baseline instead of zero (black image) is motivated by the - BlurIG approach explained here: https://arxiv.org/abs/2004.03383 - $ref: '#/components/schemas/GoogleCloudAiplatformV1BlurBaselineConfig' - GoogleCloudAiplatformV1Examples: - id: GoogleCloudAiplatformV1Examples - description: >- - Example-based explainability that returns the nearest neighbors from the - provided dataset. - type: object - properties: - exampleGcsSource: - description: The Cloud Storage input instances. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExamplesExampleGcsSource' - nearestNeighborSearchConfig: + A page token, received from a previous + ExportTensorboardTimeSeriesData call. Provide this to retrieve the + subsequent page. When paginating, all other parameters provided to + ExportTensorboardTimeSeriesData must match the call that provided + the page token. + type: string + filter: description: >- - The full configuration for the generated index, the semantics are - the same as metadata and should match - [NearestNeighborSearchConfig](https://cloud.google.com/vertex-ai/docs/explainable-ai/configuring-explanations-example-based#nearest-neighbor-search-config). - type: any - presets: + Exports the TensorboardTimeSeries' data that match the filter + expression. + type: string + pageSize: + format: int32 description: >- - Simplified preset configuration, which automatically sets - configuration values based on the desired query speed-precision - trade-off and modality. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Presets' - neighborCount: - description: The number of neighbors to return when querying for examples. + The maximum number of data points to return per page. The default + page_size is 1000. Values must be between 1 and 10000. Values above + 10000 are coerced to 10000. type: integer - format: int32 - GoogleCloudAiplatformV1ExamplesExampleGcsSource: - id: GoogleCloudAiplatformV1ExamplesExampleGcsSource - description: The Cloud Storage input instances. + description: Request message for TensorboardService.ExportTensorboardTimeSeriesData. type: object + GoogleCloudAiplatformV1ToolCallValidInput: properties: - dataFormat: - description: >- - The format in which instances are given, if not specified, assume - it's JSONL format. Currently only JSONL format is supported. - type: string - enumDescriptions: - - Format unspecified, used when unset. - - Examples are stored in JSONL files. - enum: - - DATA_FORMAT_UNSPECIFIED - - JSONL - gcsSource: - description: The Cloud Storage location for the input instances. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' - GoogleCloudAiplatformV1Presets: - id: GoogleCloudAiplatformV1Presets - description: Preset configuration for example-based explanations + metricSpec: + description: Required. Spec for tool call valid metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolCallValidSpec' + instances: + description: Required. Repeated tool call valid instances. + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolCallValidInstance' type: object + description: Input for tool call valid metric. + id: GoogleCloudAiplatformV1ToolCallValidInput + GoogleCloudAiplatformV1ModelDeploymentMonitoringJob: properties: - query: + updateTime: description: >- - Preset option controlling parameters for speed-precision trade-off - when querying for examples. If omitted, defaults to `PRECISE`. + Output only. Timestamp when this ModelDeploymentMonitoringJob was + updated most recently. + format: google-datetime type: string - enumDescriptions: - - More precise neighbors as a trade-off against slower response. - - Faster response as a trade-off against less precise neighbors. - enum: - - PRECISE - - FAST - modality: + readOnly: true + modelDeploymentMonitoringObjectiveConfigs: description: >- - The modality of the uploaded model, which automatically configures - the distance measurement and feature normalization for the - underlying example index and queries. If your model does not - precisely fit one of these types, it is okay to choose the closest - type. - type: string - enumDescriptions: - - Should not be set. Added as a recommended best practice for enums - - IMAGE modality - - TEXT modality - - TABULAR modality - enum: - - MODALITY_UNSPECIFIED - - IMAGE - - TEXT - - TABULAR - GoogleCloudAiplatformV1ExplanationMetadata: - id: GoogleCloudAiplatformV1ExplanationMetadata - description: Metadata describing the Model's input and output for explanation. - type: object - properties: - inputs: - description: >- - Required. Map from feature names to feature input metadata. Keys are - the name of the features. Values are the specification of the - feature. An empty InputMetadata is valid. It describes a text - feature which has the name specified as the key in - ExplanationMetadata.inputs. The baseline of the empty feature is - chosen by Vertex AI. For Vertex AI-provided Tensorflow images, the - key can be any friendly name of the feature. Once specified, - featureAttributions are keyed by this key (if not grouped with - another feature). For custom images, the key must match with the key - in instance. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ExplanationMetadataInputMetadata - outputs: - description: >- - Required. Map from output names to output metadata. For Vertex - AI-provided Tensorflow images, keys can be any user defined string - that consists of any UTF-8 characters. For custom images, keys are - the name of the output field in the prediction to be explained. - Currently only one key is allowed. - type: object - additionalProperties: + Required. The config for monitoring objectives. This is a per + DeployedModel config. Each DeployedModel needs to be configured + separately. + items: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ExplanationMetadataOutputMetadata - featureAttributionsSchemaUri: + #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringObjectiveConfig + type: array + displayName: description: >- - Points to a YAML file stored on Google Cloud Storage describing the - format of the feature attributions. The schema is defined as an - OpenAPI 3.0.2 [Schema - Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). - AutoML tabular Models always have this field populated by Vertex AI. - Note: The URI given on output may be different, including the URI - scheme, than the one given on input. The output URI will point to a - location where the user only has a read access. + Required. The user-defined name of the ModelDeploymentMonitoringJob. + The name can be up to 128 characters long and can consist of any + UTF-8 characters. Display name of a ModelDeploymentMonitoringJob. type: string - latentSpaceSource: + statsAnomaliesBaseDirectory: + description: Stats anomalies base folder path. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' + createTime: + format: google-datetime + type: string + readOnly: true description: >- - Name of the source to generate embeddings for example based - explanations. + Output only. Timestamp when this ModelDeploymentMonitoringJob was + created. + nextScheduleTime: type: string - GoogleCloudAiplatformV1ExplanationMetadataInputMetadata: - id: GoogleCloudAiplatformV1ExplanationMetadataInputMetadata - description: >- - Metadata of the input of a feature. Fields other than - InputMetadata.input_baselines are applicable only for Models that are - using Vertex AI-provided images for Tensorflow. - type: object - properties: - inputBaselines: + readOnly: true + format: google-datetime description: >- - Baseline inputs for this feature. If no baseline is specified, - Vertex AI chooses the baseline for this feature. If multiple - baselines are specified, Vertex AI returns the average attributions - across them in Attribution.feature_attributions. For Vertex - AI-provided Tensorflow images (both 1.x and 2.x), the shape of each - baseline must match the shape of the input tensor. If a scalar is - provided, we broadcast to the same shape as the input tensor. For - custom images, the element of the baselines must be in the same - format as the feature's input in the instance[]. The schema of any - single instance may be specified via Endpoint's DeployedModels' - Model's PredictSchemata's instance_schema_uri. - type: array - items: - type: any - inputTensorName: + Output only. Timestamp when this monitoring pipeline will be + scheduled to run for the next round. + logTtl: description: >- - Name of the input tensor for this feature. Required and is only - applicable to Vertex AI-provided images for Tensorflow. + The TTL of BigQuery tables in user projects which stores logs. A day + is the basic unit of the TTL and we take the ceil of TTL/86400(a + day). e.g. { second: 3600} indicates ttl = 1 day. + format: google-duration type: string - encoding: - description: >- - Defines how the feature is encoded into the input tensor. Defaults - to IDENTITY. + latestMonitoringPipelineMetadata: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringJobLatestMonitoringPipelineMetadata + readOnly: true + description: Output only. Latest triggered monitoring pipeline metadata. + name: + description: Output only. Resource name of a ModelDeploymentMonitoringJob. + readOnly: true type: string - enumDescriptions: - - Default value. This is the same as IDENTITY. - - The tensor represents one feature. - - >- - The tensor represents a bag of features where each index maps to a - feature. InputMetadata.index_feature_mapping must be provided for - this encoding. For example: ``` input = [27, 6.0, 150] - index_feature_mapping = ["age", "height", "weight"] ``` - - >- - The tensor represents a bag of features where each index maps to a - feature. Zero values in the tensor indicates feature being - non-existent. InputMetadata.index_feature_mapping must be provided - for this encoding. For example: ``` input = [2, 0, 5, 0, 1] - index_feature_mapping = ["a", "b", "c", "d", "e"] ``` - - >- - The tensor is a list of binaries representing whether a feature - exists or not (1 indicates existence). - InputMetadata.index_feature_mapping must be provided for this - encoding. For example: ``` input = [1, 0, 1, 0, 1] - index_feature_mapping = ["a", "b", "c", "d", "e"] ``` - - >- - The tensor is encoded into a 1-dimensional array represented by an - encoded tensor. InputMetadata.encoded_tensor_name must be provided - for this encoding. For example: ``` input = ["This", "is", "a", - "test", "."] encoded = [0.1, 0.2, 0.3, 0.4, 0.5] ``` - - >- - Select this encoding when the input tensor is encoded into a - 2-dimensional array represented by an encoded tensor. - InputMetadata.encoded_tensor_name must be provided for this - encoding. The first dimension of the encoded tensor's shape is the - same as the input tensor's shape. For example: ``` input = - ["This", "is", "a", "test", "."] encoded = [[0.1, 0.2, 0.3, 0.4, - 0.5], [0.2, 0.1, 0.4, 0.3, 0.5], [0.5, 0.1, 0.3, 0.5, 0.4], [0.5, - 0.3, 0.1, 0.2, 0.4], [0.4, 0.3, 0.2, 0.5, 0.1]] ``` - enum: - - ENCODING_UNSPECIFIED - - IDENTITY - - BAG_OF_FEATURES - - BAG_OF_FEATURES_SPARSE - - INDICATOR - - COMBINED_EMBEDDING - - CONCAT_EMBEDDING - modality: + satisfiesPzs: + readOnly: true + description: Output only. Reserved for future use. + type: boolean + analysisInstanceSchemaUri: description: >- - Modality of the feature. Valid values are: numeric, image. Defaults - to numeric. + YAML schema file uri describing the format of a single instance that + you want Tensorflow Data Validation (TFDV) to analyze. If this field + is empty, all the feature data types are inferred from + predict_instance_schema_uri, meaning that TFDV will use the data in + the exact format(data type) as prediction request/response. If there + are any data type differences between predict instance and TFDV + instance, this field can be used to override the schema. For models + trained with Vertex AI, this field must be set as all the fields in + predict instance formatted as string. type: string - featureValueDomain: + endpoint: description: >- - The domain details of the input feature value. Like min/max, - original mean or standard deviation if normalized. + Required. Endpoint resource name. Format: + `projects/{project}/locations/{location}/endpoints/{endpoint}` + type: string + satisfiesPzi: + type: boolean + description: Output only. Reserved for future use. + readOnly: true + modelMonitoringAlertConfig: + description: Alert config for model monitoring. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ExplanationMetadataInputMetadataFeatureValueDomain - indicesTensorName: + #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringAlertConfig + bigqueryTables: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringBigQueryTable + type: array + readOnly: true description: >- - Specifies the index of the values of the input tensor. Required when - the input tensor is a sparse representation. Refer to Tensorflow - documentation for more details: - https://www.tensorflow.org/api_docs/python/tf/sparse/SparseTensor. - type: string - denseShapeTensorName: + Output only. The created bigquery tables for the job under customer + project. Customer could do their own query & analysis. There could + be 4 log tables in maximum: 1. Training data logging predict + request/response 2. Serving data logging predict request/response + error: description: >- - Specifies the shape of the values of the input if the input is a - sparse representation. Refer to Tensorflow documentation for more - details: - https://www.tensorflow.org/api_docs/python/tf/sparse/SparseTensor. + Output only. Only populated when the job's state is + `JOB_STATE_FAILED` or `JOB_STATE_CANCELLED`. + readOnly: true + $ref: '#/components/schemas/GoogleRpcStatus' + loggingSamplingStrategy: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SamplingStrategy' + description: Required. Sample Strategy for logging. + predictInstanceSchemaUri: type: string - indexFeatureMapping: description: >- - A list of feature names for each index in the input tensor. Required - when the input InputMetadata.encoding is BAG_OF_FEATURES, - BAG_OF_FEATURES_SPARSE, INDICATOR. - type: array - items: - type: string - encodedTensorName: + YAML schema file uri describing the format of a single instance, + which are given to format this Endpoint's prediction (and + explanation). If not set, we will generate predict schema from + collected predict requests. + enableMonitoringPipelineLogs: + type: boolean description: >- - Encoded tensor is a transformation of the input tensor. Must be - provided if choosing Integrated Gradients attribution or XRAI - attribution and the input tensor is not differentiable. An encoded - tensor is generated if the input tensor is encoded by a lookup - table. + If true, the scheduled monitoring pipeline logs are sent to Google + Cloud Logging, including pipeline status and anomalies detected. + Please note the logs incur cost, which are subject to [Cloud Logging + pricing](https://cloud.google.com/logging#pricing). + scheduleState: type: string - encodedBaselines: description: >- - A list of baselines for the encoded tensor. The shape of each - baseline should match the shape of the encoded tensor. If a scalar - is provided, Vertex AI broadcasts to the same shape as the encoded - tensor. - type: array - items: - type: any - visualization: - description: Visualization configurations for image explanation. + Output only. Schedule state when the monitoring job is in Running + state. + readOnly: true + enumDescriptions: + - Unspecified state. + - The pipeline is picked up and wait to run. + - The pipeline is offline and will be scheduled for next run. + - The pipeline is running. + enum: + - MONITORING_SCHEDULE_STATE_UNSPECIFIED + - PENDING + - OFFLINE + - RUNNING + encryptionSpec: + description: >- + Customer-managed encryption key spec for a + ModelDeploymentMonitoringJob. If set, this + ModelDeploymentMonitoringJob and all sub-resources of this + ModelDeploymentMonitoringJob will be secured by this key. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + modelDeploymentMonitoringScheduleConfig: + description: Required. Schedule config for running the monitoring job. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ExplanationMetadataInputMetadataVisualization - groupName: + #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringScheduleConfig + labels: + type: object description: >- - Name of the group that the input belongs to. Features with the same - group name will be treated as one feature when computing - attributions. Features grouped together can have different shapes in - value. If provided, there will be one single attribution generated - in Attribution.feature_attributions, keyed by the group name. + The labels with user-defined metadata to organize your + ModelDeploymentMonitoringJob. Label keys and values can be no longer + than 64 characters (Unicode codepoints), can only contain lowercase + letters, numeric characters, underscores and dashes. International + characters are allowed. See https://goo.gl/xmQnxf for more + information and examples of labels. + additionalProperties: + type: string + samplePredictInstance: + type: any + description: >- + Sample Predict instance, same format as PredictRequest.instances, + this can be set as a replacement of + ModelDeploymentMonitoringJob.predict_instance_schema_uri. If not + set, we will generate predict schema from collected predict + requests. + state: + readOnly: true + enum: + - JOB_STATE_UNSPECIFIED + - JOB_STATE_QUEUED + - JOB_STATE_PENDING + - JOB_STATE_RUNNING + - JOB_STATE_SUCCEEDED + - JOB_STATE_FAILED + - JOB_STATE_CANCELLING + - JOB_STATE_CANCELLED + - JOB_STATE_PAUSED + - JOB_STATE_EXPIRED + - JOB_STATE_UPDATING + - JOB_STATE_PARTIALLY_SUCCEEDED type: string - GoogleCloudAiplatformV1ExplanationMetadataInputMetadataFeatureValueDomain: + enumDescriptions: + - The job state is unspecified. + - >- + The job has been just created or resumed and processing has not + yet begun. + - The service is preparing to run the job. + - The job is in progress. + - The job completed successfully. + - The job failed. + - >- + The job is being cancelled. From this state the job may only go to + either `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED` or + `JOB_STATE_CANCELLED`. + - The job has been cancelled. + - The job has been stopped, and can be resumed. + - The job has expired. + - >- + The job is being updated. Only jobs in the `RUNNING` state can be + updated. After updating, the job goes back to the `RUNNING` state. + - >- + The job is partially succeeded, some results may be missing due to + errors. + description: >- + Output only. The detailed state of the monitoring job. When the job + is still creating, the state will be 'PENDING'. Once the job is + successfully created, the state will be 'RUNNING'. Pause the job, + the state will be 'PAUSED'. Resume the job, the state will return to + 'RUNNING'. + description: >- + Represents a job that runs periodically to monitor the deployed models + in an endpoint. It will analyze the logged training & prediction data to + detect any abnormal behaviors. + type: object + id: GoogleCloudAiplatformV1ModelDeploymentMonitoringJob + GoogleCloudAiplatformV1RagVectorDbConfigPinecone: + properties: + indexName: + type: string + description: Pinecone index name. This value cannot be changed after it's set. + type: object + id: GoogleCloudAiplatformV1RagVectorDbConfigPinecone + description: The config for the Pinecone. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextClassificationInputs: + type: object + properties: + multiLabel: + type: boolean id: >- - GoogleCloudAiplatformV1ExplanationMetadataInputMetadataFeatureValueDomain + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextClassificationInputs + GoogleCloudAiplatformV1FetchFeatureValuesResponseFeatureNameValuePairList: description: >- - Domain details of the input feature value. Provides numeric information - about the feature, such as its range (min, max). If the feature has been - pre-processed, for example with z-scoring, then it provides information - about how to recover the original feature. For example, if the input - feature is an image and it has been pre-processed to obtain 0-mean and - stddev = 1 values, then original_mean, and original_stddev refer to the - mean and stddev of the original feature (e.g. image tensor) from which - input feature (with mean = 0 and stddev = 1) was obtained. + Response structure in the format of key (feature name) and (feature) + value pair. + properties: + features: + description: List of feature names and values. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FetchFeatureValuesResponseFeatureNameValuePairListFeatureNameValuePair + type: array type: object + id: >- + GoogleCloudAiplatformV1FetchFeatureValuesResponseFeatureNameValuePairList + GoogleCloudAiplatformV1FluencyResult: properties: - minValue: - description: The minimum permissible value for this feature. - type: number - format: float - maxValue: - description: The maximum permissible value for this feature. + confidence: + readOnly: true type: number format: float - originalMean: - description: >- - If this input feature has been normalized to a mean value of 0, the - original_mean specifies the mean value of the domain prior to - normalization. + description: Output only. Confidence for fluency score. + score: + description: Output only. Fluency score. type: number + readOnly: true format: float - originalStddev: + explanation: + description: Output only. Explanation for fluency score. + readOnly: true + type: string + id: GoogleCloudAiplatformV1FluencyResult + description: Spec for fluency result. + type: object + GoogleCloudAiplatformV1SchemaTablesDatasetMetadataGcsSource: + properties: + uri: description: >- - If this input feature has been normalized to a standard deviation of - 1.0, the original_stddev specifies the standard deviation of the - domain prior to normalization. - type: number - format: float - GoogleCloudAiplatformV1ExplanationMetadataInputMetadataVisualization: - id: GoogleCloudAiplatformV1ExplanationMetadataInputMetadataVisualization - description: Visualization configurations for image explanation. + Cloud Storage URI of one or more files. Only CSV files are + supported. The first line of the CSV file is used as the header. If + there are multiple files, the header is the first line of the + lexicographically first file, the other files must either contain + the exact same header or omit the header. + items: + type: string + type: array + type: object + id: GoogleCloudAiplatformV1SchemaTablesDatasetMetadataGcsSource + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHyperparameterTuningJobMetadata: type: object + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHyperparameterTuningJobMetadata properties: - type: + backingHyperparameterTuningJob: + type: string description: >- - Type of the image visualization. Only applicable to Integrated - Gradients attribution. OUTLINES shows regions of attribution, while - PIXELS shows per-pixel attribution. Defaults to OUTLINES. + The resource name of the HyperparameterTuningJob that has been + created to carry out this HyperparameterTuning task. + bestTrialBackingCustomJob: type: string - enumDescriptions: - - Should not be used. - - Shows which pixel contributed to the image prediction. - - >- - Shows which region contributed to the image prediction by - outlining the region. - enum: - - TYPE_UNSPECIFIED - - PIXELS - - OUTLINES - polarity: description: >- - Whether to only highlight pixels with positive contributions, - negative or both. Defaults to POSITIVE. + The resource name of the CustomJob that has been created to run the + best Trial of this HyperparameterTuning task. + GoogleCloudAiplatformV1ListModelsResponse: + type: object + description: Response message for ModelService.ListModels + id: GoogleCloudAiplatformV1ListModelsResponse + properties: + nextPageToken: type: string - enumDescriptions: - - Default value. This is the same as POSITIVE. - - >- - Highlights the pixels/outlines that were most influential to the - model's prediction. - - >- - Setting polarity to negative highlights areas that does not lead - to the models's current prediction. - - Shows both positive and negative attributions. - enum: - - POLARITY_UNSPECIFIED - - POSITIVE - - NEGATIVE - - BOTH - colorMap: description: >- - The color scheme used for the highlighted areas. Defaults to - PINK_GREEN for Integrated Gradients attribution, which shows - positive attributions in green and negative in pink. Defaults to - VIRIDIS for XRAI attribution, which highlights the most influential - regions in yellow and the least influential in blue. + A token to retrieve next page of results. Pass to + ListModelsRequest.page_token to obtain that page. + models: + description: List of Models in the requested page. + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Model' + GoogleCloudAiplatformV1MemoryBankCustomizationConfigMemoryTopicManagedMemoryTopic: + id: >- + GoogleCloudAiplatformV1MemoryBankCustomizationConfigMemoryTopicManagedMemoryTopic + type: object + properties: + managedTopicEnum: + description: Required. The managed topic. type: string enumDescriptions: - - Should not be used. - - 'Positive: green. Negative: pink.' + - Unspecified topic. This value should not be used. - >- - Viridis color map: A perceptually uniform color mapping which is - easier to see by those with colorblindness and progresses from - yellow to green to blue. Positive: yellow. Negative: blue. - - 'Positive: red. Negative: red.' - - 'Positive: green. Negative: green.' - - 'Positive: green. Negative: red.' - - PiYG palette. + Significant personal information about the User like first names, + relationships, hobbies, important dates. + - Stated or implied likes, dislikes, preferred styles, or patterns. + - Important milestones or conclusions within the dialogue. + - >- + Information that the user explicitly requested to remember or + forget. enum: - - COLOR_MAP_UNSPECIFIED - - PINK_GREEN - - VIRIDIS - - RED - - GREEN - - RED_GREEN - - PINK_WHITE_GREEN - clipPercentUpperbound: - description: >- - Excludes attributions above the specified percentile from the - highlighted areas. Using the clip_percent_upperbound and - clip_percent_lowerbound together can be useful for filtering out - noise and making it easier to see areas of strong attribution. - Defaults to 99.9. - type: number - format: float - clipPercentLowerbound: - description: >- - Excludes attributions below the specified percentile, from the - highlighted areas. Defaults to 62. - type: number - format: float - overlayType: - description: >- - How the original image is displayed in the visualization. Adjusting - the overlay can help increase visual clarity if the original image - makes it difficult to view the visualization. Defaults to NONE. - type: string - enumDescriptions: - - Default value. This is the same as NONE. - - No overlay. - - The attributions are shown on top of the original image. - - >- - The attributions are shown on top of grayscaled version of the - original image. - - >- - The attributions are used as a mask to reveal predictive parts of - the image and hide the un-predictive parts. - enum: - - OVERLAY_TYPE_UNSPECIFIED - - NONE - - ORIGINAL - - GRAYSCALE - - MASK_BLACK - GoogleCloudAiplatformV1ExplanationMetadataOutputMetadata: - id: GoogleCloudAiplatformV1ExplanationMetadataOutputMetadata - description: Metadata of the prediction output to be explained. - type: object - properties: - indexDisplayNameMapping: - description: >- - Static mapping between the index and display name. Use this if the - outputs are a deterministic n-dimensional array, e.g. a list of - scores of all the classes in a pre-defined order for a - multi-classification Model. It's not feasible if the outputs are - non-deterministic, e.g. the Model produces top-k classes or sort the - outputs by their values. The shape of the value must be an - n-dimensional array of strings. The number of dimensions must match - that of the outputs to be explained. The - Attribution.output_display_name is populated by locating in the - mapping with Attribution.output_index. - type: any - displayNameMappingKey: - description: >- - Specify a field name in the prediction to look for the display name. - Use this if the prediction contains the display names for the - outputs. The display names in the prediction must have the same - shape of the outputs, so that it can be located by - Attribution.output_index for a specific output. - type: string - outputTensorName: - description: >- - Name of the output tensor. Required and is only applicable to Vertex - AI provided images for Tensorflow. - type: string - GoogleCloudAiplatformV1PrivateEndpoints: - id: GoogleCloudAiplatformV1PrivateEndpoints + - MANAGED_TOPIC_ENUM_UNSPECIFIED + - USER_PERSONAL_INFO + - USER_PREFERENCES + - KEY_CONVERSATION_DETAILS + - EXPLICIT_INSTRUCTIONS + description: A managed memory topic defined by the system. + GoogleApiHttpBody: + id: GoogleApiHttpBody description: >- - PrivateEndpoints proto is used to provide paths for users to send - requests privately. To send request via private service access, use - predict_http_uri, explain_http_uri or health_http_uri. To send request - via private service connect, use service_attachment. + Message that represents an arbitrary HTTP body. It should only be used + for payload formats that can't be represented as JSON, such as raw + binary or an HTML page. This message can be used both in streaming and + non-streaming API methods in the request as well as the response. It can + be used as a top-level request field, which is convenient if one wants + to extract parameters from either the URL or HTTP template into the + request fields and also want access to the raw HTTP body. Example: + message GetResourceRequest { // A unique request id. string request_id = + 1; // The raw HTTP body is bound to this field. google.api.HttpBody + http_body = 2; } service ResourceService { rpc + GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc + UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } + Example with streaming methods: service CaldavService { rpc + GetCalendar(stream google.api.HttpBody) returns (stream + google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) + returns (stream google.api.HttpBody); } Use of this type only changes + how the request and response bodies are handled, all other features will + continue to work unchanged. type: object properties: - predictHttpUri: - description: Output only. Http(s) path to send prediction requests. - readOnly: true - type: string - explainHttpUri: - description: Output only. Http(s) path to send explain requests. - readOnly: true - type: string - healthHttpUri: - description: Output only. Http(s) path to send health check requests. - readOnly: true + extensions: + description: >- + Application specific response metadata. Must be set in the first + response for streaming APIs. + type: array + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + data: type: string - serviceAttachment: + format: byte + description: The HTTP request/response body as raw binary. + contentType: description: >- - Output only. The name of the service attachment resource. Populated - if private service connect is enabled. - readOnly: true + The HTTP Content-Type header value specifying the content type of + the body. type: string - GoogleCloudAiplatformV1FasterDeploymentConfig: - id: GoogleCloudAiplatformV1FasterDeploymentConfig - description: Configuration for faster model deployment. + GoogleCloudAiplatformV1UpdateFeatureGroupOperationMetadata: + id: GoogleCloudAiplatformV1UpdateFeatureGroupOperationMetadata type: object + description: Details of operations that perform update FeatureGroup. properties: - fastTryoutEnabled: - description: If true, enable fast tryout feature for this deployed model. - type: boolean - GoogleCloudAiplatformV1DeployedModelStatus: - id: GoogleCloudAiplatformV1DeployedModelStatus - description: Runtime status of the deployed model. + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Operation metadata for FeatureGroup. + GoogleCloudAiplatformV1TrajectoryInOrderMatchSpec: type: object + properties: {} + id: GoogleCloudAiplatformV1TrajectoryInOrderMatchSpec + description: >- + Spec for TrajectoryInOrderMatch metric - returns 1 if tool calls in the + reference trajectory appear in the predicted trajectory in the same + order, else 0. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationTextTransformation: + description: >- + Training pipeline will perform following transformation functions. * The + text as is--no change to case, punctuation, spelling, tense, and so on. + * Convert the category name to a dictionary lookup index and generate an + embedding for each index. properties: - message: - description: Output only. The latest deployed model's status message (if any). - readOnly: true - type: string - lastUpdateTime: - description: Output only. The time at which the status was last updated. - readOnly: true + columnName: type: string - format: google-datetime - availableReplicaCount: - description: Output only. The number of available replicas of the deployed model. - readOnly: true - type: integer - format: int32 - GoogleCloudAiplatformV1SpeculativeDecodingSpec: - id: GoogleCloudAiplatformV1SpeculativeDecodingSpec - description: Configuration for Speculative Decoding. - type: object - properties: - draftModelSpeculation: - description: draft model speculation. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SpeculativeDecodingSpecDraftModelSpeculation - ngramSpeculation: - description: N-Gram speculation. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SpeculativeDecodingSpecNgramSpeculation - speculativeTokenCount: - description: The number of speculative tokens to generate at each step. - type: integer - format: int32 - GoogleCloudAiplatformV1SpeculativeDecodingSpecDraftModelSpeculation: - id: GoogleCloudAiplatformV1SpeculativeDecodingSpecDraftModelSpeculation - description: >- - Draft model speculation works by using the smaller model to generate - candidate tokens for speculative decoding. type: object + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationTextTransformation + GoogleCloudAiplatformV1GenerationConfigRoutingConfigAutoRoutingMode: + id: GoogleCloudAiplatformV1GenerationConfigRoutingConfigAutoRoutingMode properties: - draftModel: - description: Required. The resource name of the draft model. + modelRoutingPreference: type: string - GoogleCloudAiplatformV1SpeculativeDecodingSpecNgramSpeculation: - id: GoogleCloudAiplatformV1SpeculativeDecodingSpecNgramSpeculation + description: The model routing preference. + enumDescriptions: + - Unspecified model routing preference. + - >- + The model will be selected to prioritize the quality of the + response. + - The model will be selected to balance quality and cost. + - The model will be selected to prioritize the cost of the request. + enum: + - UNKNOWN + - PRIORITIZE_QUALITY + - BALANCED + - PRIORITIZE_COST description: >- - N-Gram speculation works by trying to find matching tokens in the - previous prompt sequence and use those as speculation for generating new - tokens. + The configuration for automated routing. When automated routing is + specified, the routing will be determined by the pretrained routing + model and customer provided model routing preference. + type: object + GoogleCloudAiplatformV1SchemaVisualInspectionMaskSavedQueryMetadata: + id: GoogleCloudAiplatformV1SchemaVisualInspectionMaskSavedQueryMetadata + properties: {} + type: object + GoogleCloudAiplatformV1ListModelDeploymentMonitoringJobsResponse: + description: Response message for JobService.ListModelDeploymentMonitoringJobs. type: object + id: GoogleCloudAiplatformV1ListModelDeploymentMonitoringJobsResponse properties: - ngramSize: + modelDeploymentMonitoringJobs: description: >- - The number of last N input tokens used as ngram to search/match - against the previous prompt sequence. This is equal to the N in - N-Gram. The default value is 3 if not specified. - type: integer - format: int32 - GoogleCloudAiplatformV1DeployedModelRef: - id: GoogleCloudAiplatformV1DeployedModelRef - description: Points to a DeployedModel. - type: object + A list of ModelDeploymentMonitoringJobs that matches the specified + filter in the request. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringJob + nextPageToken: + type: string + description: The standard List next-page token. + GoogleCloudAiplatformV1GroundingChunkWeb: properties: - endpoint: - description: Immutable. A resource name of an Endpoint. + domain: + description: >- + The domain of the web page that contains the evidence. This can be + used to filter out low-quality sources. type: string - deployedModelId: - description: Immutable. An ID of a DeployedModel in the above Endpoint. + uri: + description: The URI of the web page that contains the evidence. type: string - checkpointId: - description: Immutable. The ID of the Checkpoint deployed in the DeployedModel. + title: type: string - GoogleCloudAiplatformV1Endpoint: - id: GoogleCloudAiplatformV1Endpoint + description: The title of the web page that contains the evidence. + type: object description: >- - Models are deployed into it, and afterwards Endpoint is called to obtain - predictions and explanations. + A `Web` chunk is a piece of evidence that comes from a web page. It + contains the URI of the web page, the title of the page, and the domain + of the page. This is used to provide the user with a link to the source + of the information. + id: GoogleCloudAiplatformV1GroundingChunkWeb + GoogleCloudAiplatformV1ImportFeatureValuesOperationMetadata: type: object + description: Details of operations that perform import Feature values. + id: GoogleCloudAiplatformV1ImportFeatureValuesOperationMetadata properties: - name: - description: Output only. The resource name of the Endpoint. - readOnly: true + importedEntityCount: + format: int64 + description: Number of entities that have been imported by the operation. type: string - displayName: + timestampOutsideRetentionRowsCount: + format: int64 description: >- - Required. The display name of the Endpoint. The name can be up to - 128 characters long and can consist of any UTF-8 characters. - type: string - description: - description: The description of the Endpoint. + The number rows that weren't ingested due to having timestamps + outside the retention boundary. type: string - deployedModels: - description: >- - Output only. The models deployed in this Endpoint. To add or remove - DeployedModels use EndpointService.DeployModel and - EndpointService.UndeployModel respectively. - readOnly: true + sourceUris: + description: The source URI from where Feature values are imported. + items: + type: string type: array + genericMetadata: + description: Operation metadata for Featurestore import Feature values. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + blockingOperationIds: items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModel' - trafficSplit: - description: >- - A map from a DeployedModel's ID to the percentage of this Endpoint's - traffic that should be forwarded to that DeployedModel. If a - DeployedModel's ID is not listed in this map, then it receives no - traffic. The traffic percentage values must add up to 100, or map - must be empty if the Endpoint is to not accept any traffic at a - moment. - type: object - additionalProperties: - type: integer - format: int32 - etag: - description: >- - Used to perform consistent read-modify-write updates. If not set, a - blind "overwrite" update happens. - type: string - labels: - description: >- - The labels with user-defined metadata to organize your Endpoints. - Label keys and values can be no longer than 64 characters (Unicode - codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. See - https://goo.gl/xmQnxf for more information and examples of labels. - type: object - additionalProperties: + format: int64 type: string - createTime: - description: Output only. Timestamp when this Endpoint was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when this Endpoint was last updated. - readOnly: true - type: string - format: google-datetime - encryptionSpec: - description: >- - Customer-managed encryption key spec for an Endpoint. If set, this - Endpoint and all sub-resources of this Endpoint will be secured by - this key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - network: - description: >- - Optional. The full name of the Google Compute Engine - [network](https://cloud.google.com//compute/docs/networks-and-firewalls#networks) - to which the Endpoint should be peered. Private services access must - already be configured for the network. If left unspecified, the - Endpoint is not peered with any network. Only one of the fields, - network or enable_private_service_connect, can be set. - [Format](https://cloud.google.com/compute/docs/reference/rest/v1/networks/insert): - `projects/{project}/global/networks/{network}`. Where `{project}` is - a project number, as in `12345`, and `{network}` is network name. - type: string - enablePrivateServiceConnect: - description: >- - Deprecated: If true, expose the Endpoint via private service - connect. Only one of the fields, network or - enable_private_service_connect, can be set. - deprecated: true - type: boolean - privateServiceConnectConfig: - description: >- - Optional. Configuration for private service connect. network and - private_service_connect_config are mutually exclusive. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PrivateServiceConnectConfig - modelDeploymentMonitoringJob: + type: array description: >- - Output only. Resource name of the Model Monitoring job associated - with this Endpoint if monitoring is enabled by - JobService.CreateModelDeploymentMonitoringJob. Format: - `projects/{project}/locations/{location}/modelDeploymentMonitoringJobs/{model_deployment_monitoring_job}` - readOnly: true + List of ImportFeatureValues operations running under a single + EntityType that are blocking this operation. + invalidRowCount: type: string - predictRequestResponseLoggingConfig: - description: Configures the request-response logging for online prediction. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PredictRequestResponseLoggingConfig - dedicatedEndpointEnabled: - description: >- - If true, the endpoint will be exposed through a dedicated DNS - [Endpoint.dedicated_endpoint_dns]. Your request to the dedicated DNS - will be isolated from other users' traffic and will have better - performance and reliability. Note: Once you enabled dedicated - endpoint, you won't be able to send request to the shared DNS - {region}-aiplatform.googleapis.com. The limitation will be removed - soon. - type: boolean - dedicatedEndpointDns: description: >- - Output only. DNS of the dedicated endpoint. Will only be populated - if dedicated_endpoint_enabled is true. Depending on the features - enabled, uid might be a random number or a string. For example, if - fast_tryout is enabled, uid will be fasttryout. Format: - `https://{endpoint_id}.{region}-{uid}.prediction.vertexai.goog`. - readOnly: true + The number of rows in input source that weren't imported due to + either * Not having any featureValues. * Having a null entityId. * + Having a null timestamp. * Not being parsable (applicable for CSV + sources). + format: int64 + importedFeatureValueCount: type: string - gdcConfig: - description: >- - Configures the Google Distributed Cloud (GDC) environment for online - prediction. Only set this field when the Endpoint is to be deployed - in a GDC environment. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GdcConfig' - clientConnectionConfig: - description: >- - Configurations that are applied to the endpoint for online - prediction. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ClientConnectionConfig' - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - genAiAdvancedFeaturesConfig: - description: >- - Optional. Configuration for GenAiAdvancedFeatures. If the endpoint - is serving GenAI models, advanced features like native RAG - integration can be configured. Currently, only Model Garden models - are supported. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenAiAdvancedFeaturesConfig - GoogleCloudAiplatformV1PrivateServiceConnectConfig: - id: GoogleCloudAiplatformV1PrivateServiceConnectConfig - description: Represents configuration for private service connect. - type: object + description: Number of Feature values that have been imported by the operation. + format: int64 + GoogleCloudAiplatformV1IndexDatapointRestriction: properties: - enablePrivateServiceConnect: - description: >- - Required. If true, expose the IndexEndpoint via private service - connect. - type: boolean - projectAllowlist: - description: >- - A list of Projects from which the forwarding rule will target the - service attachment. - type: array + allowList: items: type: string - pscAutomationConfigs: - description: >- - Optional. List of projects and networks where the PSC endpoints will - be created. This field is used by Online Inference(Prediction) only. + description: 'The attributes to allow in this namespace. e.g.: ''red''' type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PSCAutomationConfig' - serviceAttachment: - description: >- - Output only. The name of the generated service attachment resource. - This is only populated if the endpoint is deployed with - PrivateServiceConnect. - readOnly: true + namespace: type: string - GoogleCloudAiplatformV1PSCAutomationConfig: - id: GoogleCloudAiplatformV1PSCAutomationConfig + description: 'The namespace of this restriction. e.g.: color.' + denyList: + description: 'The attributes to deny in this namespace. e.g.: ''blue''' + items: + type: string + type: array + type: object + id: GoogleCloudAiplatformV1IndexDatapointRestriction description: >- - PSC config that is used to automatically create PSC endpoints in the - user projects. + Restriction of a datapoint which describe its attributes(tokens) from + each of several attribute categories(namespaces). + GoogleCloudAiplatformV1DynamicRetrievalConfig: + description: Describes the options to customize dynamic retrieval. type: object + id: GoogleCloudAiplatformV1DynamicRetrievalConfig properties: - projectId: - description: Required. Project id used to create forwarding rule. - type: string - network: + dynamicThreshold: description: >- - Required. The full name of the Google Compute Engine - [network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks). - [Format](https://cloud.google.com/compute/docs/reference/rest/v1/networks/get): - `projects/{project}/global/networks/{network}`. - type: string - ipAddress: - description: Output only. IP address rule created by the PSC service automation. - readOnly: true - type: string - forwardingRule: - description: Output only. Forwarding rule created by the PSC service automation. - readOnly: true - type: string - state: - description: Output only. The state of the PSC service automation. - readOnly: true - type: string + Optional. The threshold to be used in dynamic retrieval. If not set, + a system default value is used. + type: number + format: float + mode: enumDescriptions: - - Should not be used. - - The PSC service automation is successful. - - The PSC service automation has failed. + - Always trigger retrieval. + - Run retrieval only when system decides it is necessary. + type: string enum: - - PSC_AUTOMATION_STATE_UNSPECIFIED - - PSC_AUTOMATION_STATE_SUCCESSFUL - - PSC_AUTOMATION_STATE_FAILED - errorMessage: - description: Output only. Error message if the PSC service automation failed. - readOnly: true - type: string - GoogleCloudAiplatformV1PredictRequestResponseLoggingConfig: - id: GoogleCloudAiplatformV1PredictRequestResponseLoggingConfig - description: Configuration for logging request-response to a BigQuery table. - type: object - properties: - enabled: - description: If logging is enabled or not. - type: boolean - samplingRate: - description: >- - Percentage of requests to be logged, expressed as a fraction in - range(0,1]. - type: number - format: double - bigqueryDestination: - description: >- - BigQuery table for logging. If only given a project, a new dataset - will be created with name `logging__` where will be made - BigQuery-dataset-name compatible (e.g. most special characters will - become underscores). If no table name is given, a new table will be - created with name `request_response_logging` - $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQueryDestination' - GoogleCloudAiplatformV1BigQueryDestination: - id: GoogleCloudAiplatformV1BigQueryDestination - description: The BigQuery location for the output content. - type: object + - MODE_UNSPECIFIED + - MODE_DYNAMIC + description: The mode of the predictor to be used in dynamic retrieval. + GoogleCloudAiplatformV1ListNasTrialDetailsResponse: properties: - outputUri: + nextPageToken: description: >- - Required. BigQuery URI to a project or table, up to 2000 characters - long. When only the project is specified, the Dataset and Table is - created. When the full table reference is specified, the Dataset - must exist and table must not exist. Accepted forms: * BigQuery - path. For example: `bq://projectId` or `bq://projectId.bqDatasetId` - or `bq://projectId.bqDatasetId.bqTableId`. + A token to retrieve the next page of results. Pass to + ListNasTrialDetailsRequest.page_token to obtain that page. type: string - GoogleCloudAiplatformV1GdcConfig: - id: GoogleCloudAiplatformV1GdcConfig - description: Google Distributed Cloud (GDC) config. + nasTrialDetails: + description: List of top NasTrials in the requested page. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1NasTrialDetail' + type: array + description: Response message for JobService.ListNasTrialDetails type: object + id: GoogleCloudAiplatformV1ListNasTrialDetailsResponse + GoogleCloudAiplatformV1SummarizationQualityInstance: properties: - zone: - description: >- - GDC zone. A cluster will be designated for the Vertex AI workload in - this zone. + context: + description: Required. Text to be summarized. type: string - GoogleCloudAiplatformV1ClientConnectionConfig: - id: GoogleCloudAiplatformV1ClientConnectionConfig - description: >- - Configurations (e.g. inference timeout) that are applied on your - endpoints. - type: object - properties: - inferenceTimeout: - description: Customizable online prediction request timeout. + instruction: + type: string + description: Required. Summarization prompt for LLM. + prediction: + description: Required. Output of the evaluated model. + type: string + reference: + description: Optional. Ground truth used to compare against the prediction. type: string - format: google-duration - GoogleCloudAiplatformV1GenAiAdvancedFeaturesConfig: - id: GoogleCloudAiplatformV1GenAiAdvancedFeaturesConfig - description: Configuration for GenAiAdvancedFeatures. type: object - properties: - ragConfig: - description: Configuration for Retrieval Augmented Generation feature. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenAiAdvancedFeaturesConfigRagConfig - GoogleCloudAiplatformV1GenAiAdvancedFeaturesConfigRagConfig: - id: GoogleCloudAiplatformV1GenAiAdvancedFeaturesConfigRagConfig - description: Configuration for Retrieval Augmented Generation feature. + description: Spec for summarization quality instance. + id: GoogleCloudAiplatformV1SummarizationQualityInstance + GoogleCloudAiplatformV1ExplanationMetadataInputMetadataFeatureValueDomain: type: object + id: >- + GoogleCloudAiplatformV1ExplanationMetadataInputMetadataFeatureValueDomain properties: - enableRag: + originalMean: + format: float + type: number description: >- - If true, enable Retrieval Augmented Generation in ChatCompletion - request. Once enabled, the endpoint will be identified as GenAI - endpoint and Arthedain router will be used. - type: boolean - GoogleCloudAiplatformV1ListEndpointsResponse: - id: GoogleCloudAiplatformV1ListEndpointsResponse - description: Response message for EndpointService.ListEndpoints. + If this input feature has been normalized to a mean value of 0, the + original_mean specifies the mean value of the domain prior to + normalization. + originalStddev: + description: >- + If this input feature has been normalized to a standard deviation of + 1.0, the original_stddev specifies the standard deviation of the + domain prior to normalization. + type: number + format: float + maxValue: + description: The maximum permissible value for this feature. + type: number + format: float + minValue: + format: float + description: The minimum permissible value for this feature. + type: number + description: >- + Domain details of the input feature value. Provides numeric information + about the feature, such as its range (min, max). If the feature has been + pre-processed, for example with z-scoring, then it provides information + about how to recover the original feature. For example, if the input + feature is an image and it has been pre-processed to obtain 0-mean and + stddev = 1 values, then original_mean, and original_stddev refer to the + mean and stddev of the original feature (e.g. image tensor) from which + input feature (with mean = 0 and stddev = 1) was obtained. + GoogleCloudAiplatformV1GenerateSyntheticDataResponse: type: object properties: - endpoints: - description: List of Endpoints in the requested page. + syntheticExamples: + description: A list of generated synthetic examples. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Endpoint' - nextPageToken: - description: >- - A token to retrieve the next page of results. Pass to - ListEndpointsRequest.page_token to obtain that page. - type: string - GoogleCloudAiplatformV1UpdateEndpointLongRunningRequest: - id: GoogleCloudAiplatformV1UpdateEndpointLongRunningRequest - description: Request message for EndpointService.UpdateEndpointLongRunning. + $ref: '#/components/schemas/GoogleCloudAiplatformV1SyntheticExample' + id: GoogleCloudAiplatformV1GenerateSyntheticDataResponse + description: The response containing the generated data. + GoogleCloudAiplatformV1Metric: + properties: + aggregationMetrics: + type: array + description: Optional. The aggregation metrics to use. + items: + enumDescriptions: + - Unspecified aggregation metric. + - Average aggregation metric. Not supported for Pairwise metric. + - Mode aggregation metric. + - >- + Standard deviation aggregation metric. Not supported for + pairwise metric. + - Variance aggregation metric. Not supported for pairwise metric. + - Minimum aggregation metric. Not supported for pairwise metric. + - Maximum aggregation metric. Not supported for pairwise metric. + - Median aggregation metric. Not supported for pairwise metric. + - >- + 90th percentile aggregation metric. Not supported for pairwise + metric. + - >- + 95th percentile aggregation metric. Not supported for pairwise + metric. + - >- + 99th percentile aggregation metric. Not supported for pairwise + metric. + type: string + enum: + - AGGREGATION_METRIC_UNSPECIFIED + - AVERAGE + - MODE + - STANDARD_DEVIATION + - VARIANCE + - MINIMUM + - MAXIMUM + - MEDIAN + - PERCENTILE_P90 + - PERCENTILE_P95 + - PERCENTILE_P99 + pairwiseMetricSpec: + description: Spec for pairwise metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1PairwiseMetricSpec' + rougeSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1RougeSpec' + description: Spec for rouge metric. + customCodeExecutionSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomCodeExecutionSpec' + description: Spec for Custom Code Execution metric. + pointwiseMetricSpec: + description: Spec for pointwise metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1PointwiseMetricSpec' + llmBasedMetricSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1LLMBasedMetricSpec' + description: Spec for an LLM based metric. + exactMatchSpec: + description: Spec for exact match metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExactMatchSpec' + predefinedMetricSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PredefinedMetricSpec' + description: The spec for a pre-defined metric. + bleuSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1BleuSpec' + description: Spec for bleu metric. + id: GoogleCloudAiplatformV1Metric type: object + description: The metric used for running evaluations. + GoogleCloudAiplatformV1AuthConfigHttpBasicAuthConfig: + type: object + id: GoogleCloudAiplatformV1AuthConfigHttpBasicAuthConfig properties: - endpoint: + credentialSecret: + type: string description: >- - Required. The Endpoint which replaces the resource on the server. - Currently we only support updating the `client_connection_config` - field, all the other fields' update will be blocked. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Endpoint' - GoogleCloudAiplatformV1DeployModelRequest: - id: GoogleCloudAiplatformV1DeployModelRequest - description: Request message for EndpointService.DeployModel. + Required. The name of the SecretManager secret version resource + storing the base64 encoded credentials. Format: + `projects/{project}/secrets/{secrete}/versions/{version}` - If + specified, the `secretmanager.versions.access` permission should be + granted to Vertex AI Extension Service Agent + (https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) + on the specified resource. + description: Config for HTTP Basic Authentication. + GoogleCloudAiplatformV1CreateFeatureViewOperationMetadata: + description: Details of operations that perform create FeatureView. + id: GoogleCloudAiplatformV1CreateFeatureViewOperationMetadata + properties: + genericMetadata: + description: Operation metadata for FeatureView Create. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' type: object + GoogleCloudAiplatformV1CoherenceSpec: properties: - deployedModel: - description: >- - Required. The DeployedModel to be created within the Endpoint. Note - that Endpoint.traffic_split must be updated for the DeployedModel to - start receiving traffic, either as part of this call, or via - EndpointService.UpdateEndpoint. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModel' - trafficSplit: - description: >- - A map from a DeployedModel's ID to the percentage of this Endpoint's - traffic that should be forwarded to that DeployedModel. If this - field is non-empty, then the Endpoint's traffic_split will be - overwritten with it. To refer to the ID of the just being deployed - Model, a "0" should be used, and the actual ID of the new - DeployedModel will be filled in its place by this method. The - traffic percentage values must add up to 100. If this field is - empty, then the Endpoint's traffic_split is not updated. - type: object - additionalProperties: - type: integer - format: int32 - GoogleCloudAiplatformV1UndeployModelRequest: - id: GoogleCloudAiplatformV1UndeployModelRequest - description: Request message for EndpointService.UndeployModel. + version: + type: integer + description: Optional. Which version to use for evaluation. + format: int32 + description: Spec for coherence score metric. + id: GoogleCloudAiplatformV1CoherenceSpec type: object + GoogleCloudAiplatformV1ReadTensorboardSizeResponse: + type: object + id: GoogleCloudAiplatformV1ReadTensorboardSizeResponse + description: Response message for TensorboardService.ReadTensorboardSize. properties: - deployedModelId: - description: >- - Required. The ID of the DeployedModel to be undeployed from the - Endpoint. + storageSizeByte: + description: Payload storage size for the TensorBoard type: string - trafficSplit: - description: >- - If this field is provided, then the Endpoint's traffic_split will be - overwritten with it. If last DeployedModel is being undeployed from - the Endpoint, the [Endpoint.traffic_split] will always end up empty - when this call returns. A DeployedModel will be successfully - undeployed only if it doesn't have any traffic assigned to it when - this method executes, or if this field unassigns any traffic to it. - type: object - additionalProperties: - type: integer - format: int32 - GoogleCloudAiplatformV1MutateDeployedModelRequest: - id: GoogleCloudAiplatformV1MutateDeployedModelRequest - description: Request message for EndpointService.MutateDeployedModel. + format: int64 + GoogleCloudAiplatformV1DnsPeeringConfig: type: object + id: GoogleCloudAiplatformV1DnsPeeringConfig + description: >- + DNS peering configuration. These configurations are used to create DNS + peering zones in the Vertex tenant project VPC, enabling resolution of + records within the specified domain hosted in the target network's Cloud + DNS. properties: - deployedModel: + domain: + type: string description: >- - Required. The DeployedModel to be mutated within the Endpoint. Only - the following fields can be mutated: * `min_replica_count` in either - DedicatedResources or AutomaticResources * `max_replica_count` in - either DedicatedResources or AutomaticResources * - `required_replica_count` in DedicatedResources * - autoscaling_metric_specs * `disable_container_logging` (v1 only) * - `enable_container_logging` (v1beta1 only) - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModel' - updateMask: + Required. The DNS name suffix of the zone being peered to, e.g., + "my-internal-domain.corp.". Must end with a dot. + targetProject: description: >- - Required. The update mask applies to the resource. See - google.protobuf.FieldMask. + Required. The project ID hosting the Cloud DNS managed zone that + contains the 'domain'. The Vertex AI Service Agent requires the + dns.peer role on this project. type: string - format: google-fieldmask - GoogleCloudAiplatformV1EvaluateInstancesRequest: - id: GoogleCloudAiplatformV1EvaluateInstancesRequest - description: Request message for EvaluationService.EvaluateInstances. + targetNetwork: + type: string + description: >- + Required. The VPC network name in the target_project where the DNS + zone specified by 'domain' is visible. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformation: + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformation type: object properties: - exactMatchInput: - description: >- - Auto metric instances. Instances and metric spec for exact match - metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExactMatchInput' - bleuInput: - description: Instances and metric spec for bleu metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1BleuInput' - rougeInput: - description: Instances and metric spec for rouge metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RougeInput' - fluencyInput: - description: >- - LLM-based metric instance. General text generation metrics, - applicable to other categories. Input for fluency metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FluencyInput' - coherenceInput: - description: Input for coherence metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CoherenceInput' - safetyInput: - description: Input for safety metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SafetyInput' - groundednessInput: - description: Input for groundedness metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundednessInput' - fulfillmentInput: - description: Input for fulfillment metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FulfillmentInput' - summarizationQualityInput: - description: Input for summarization quality metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SummarizationQualityInput - pairwiseSummarizationQualityInput: - description: Input for pairwise summarization quality metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PairwiseSummarizationQualityInput - summarizationHelpfulnessInput: - description: Input for summarization helpfulness metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SummarizationHelpfulnessInput - summarizationVerbosityInput: - description: Input for summarization verbosity metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SummarizationVerbosityInput - questionAnsweringQualityInput: - description: Input for question answering quality metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringQualityInput - pairwiseQuestionAnsweringQualityInput: - description: Input for pairwise question answering quality metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityInput - questionAnsweringRelevanceInput: - description: Input for question answering relevance metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringRelevanceInput - questionAnsweringHelpfulnessInput: - description: Input for question answering helpfulness metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessInput - questionAnsweringCorrectnessInput: - description: Input for question answering correctness metric. + auto: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringCorrectnessInput - pointwiseMetricInput: - description: Input for pointwise metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PointwiseMetricInput' - pairwiseMetricInput: - description: Input for pairwise metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PairwiseMetricInput' - toolCallValidInput: - description: Tool call metric instances. Input for tool call valid metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolCallValidInput' - toolNameMatchInput: - description: Input for tool name match metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolNameMatchInput' - toolParameterKeyMatchInput: - description: Input for tool parameter key match metric. + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationAutoTransformation + categorical: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ToolParameterKeyMatchInput - toolParameterKvMatchInput: - description: Input for tool parameter key value match metric. + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationCategoricalTransformation + numeric: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ToolParameterKVMatchInput - cometInput: - description: Translation metrics. Input for Comet metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CometInput' - metricxInput: - description: Input for Metricx metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1MetricxInput' - trajectoryExactMatchInput: - description: Input for trajectory exact match metric. + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationNumericTransformation + timestamp: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryExactMatchInput - trajectoryInOrderMatchInput: - description: Input for trajectory in order match metric. + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationTimestampTransformation + text: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryInOrderMatchInput - trajectoryAnyOrderMatchInput: - description: Input for trajectory match any order metric. + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationTextTransformation + GoogleCloudAiplatformV1ModelMonitoringObjectiveConfig: + properties: + explanationConfig: + description: The config for integrating with Vertex Explainable AI. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryAnyOrderMatchInput - trajectoryPrecisionInput: - description: Input for trajectory precision metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1TrajectoryPrecisionInput' - trajectoryRecallInput: - description: Input for trajectory recall metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1TrajectoryRecallInput' - trajectorySingleToolUseInput: - description: Input for trajectory single tool use metric. + #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfig + trainingPredictionSkewDetectionConfig: + description: The config for skew between training data and prediction data. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectorySingleToolUseInput - rubricBasedInstructionFollowingInput: - description: Rubric Based Instruction Following metric. + #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingPredictionSkewDetectionConfig + trainingDataset: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RubricBasedInstructionFollowingInput - metrics: + #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingDataset description: >- - The metrics used for evaluation. Currently, we only support - evaluating a single metric. If multiple metrics are provided, only - the first one will be evaluated. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Metric' - instance: - description: The instance to be evaluated. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationInstance' - autoraterConfig: - description: Optional. Autorater config used for evaluation. - $ref: '#/components/schemas/GoogleCloudAiplatformV1AutoraterConfig' - GoogleCloudAiplatformV1ExactMatchInput: - id: GoogleCloudAiplatformV1ExactMatchInput - description: Input for exact match metric. - type: object - properties: - metricSpec: - description: Required. Spec for exact match metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExactMatchSpec' - instances: - description: Required. Repeated exact match instances. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExactMatchInstance' - GoogleCloudAiplatformV1ExactMatchSpec: - id: GoogleCloudAiplatformV1ExactMatchSpec + Training dataset for models. This field has to be set only if + TrainingPredictionSkewDetectionConfig is specified. + predictionDriftDetectionConfig: + description: The config for drift of prediction data. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigPredictionDriftDetectionConfig + id: GoogleCloudAiplatformV1ModelMonitoringObjectiveConfig description: >- - Spec for exact match metric - returns 1 if prediction and reference - exactly matches, otherwise 0. - type: object - properties: {} - GoogleCloudAiplatformV1ExactMatchInstance: - id: GoogleCloudAiplatformV1ExactMatchInstance - description: Spec for exact match instance. + The objective configuration for model monitoring, including the + information needed to detect anomalies for one particular model. type: object - properties: - prediction: - description: Required. Output of the evaluated model. - type: string - reference: - description: Required. Ground truth used to compare against the prediction. - type: string - GoogleCloudAiplatformV1BleuInput: - id: GoogleCloudAiplatformV1BleuInput - description: Input for bleu metric. + GoogleCloudAiplatformV1ProbeExecAction: + id: GoogleCloudAiplatformV1ProbeExecAction type: object + description: ExecAction specifies a command to execute. properties: - metricSpec: - description: Required. Spec for bleu score metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1BleuSpec' - instances: - description: Required. Repeated bleu instances. - type: array + command: + description: >- + Command is the command line to execute inside the container, the + working directory for the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is not run inside a + shell, so traditional shell instructions ('|', etc) won't work. To + use a shell, you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero is unhealthy. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1BleuInstance' - GoogleCloudAiplatformV1BleuSpec: - id: GoogleCloudAiplatformV1BleuSpec - description: >- - Spec for bleu score metric - calculates the precision of n-grams in the - prediction as compared to reference - returns a score ranging between 0 - to 1. - type: object - properties: - useEffectiveOrder: - description: Optional. Whether to use_effective_order to compute bleu score. - type: boolean - GoogleCloudAiplatformV1BleuInstance: - id: GoogleCloudAiplatformV1BleuInstance - description: Spec for bleu instance. - type: object - properties: - prediction: - description: Required. Output of the evaluated model. - type: string - reference: - description: Required. Ground truth used to compare against the prediction. - type: string - GoogleCloudAiplatformV1RougeInput: - id: GoogleCloudAiplatformV1RougeInput - description: Input for rouge metric. - type: object - properties: - metricSpec: - description: Required. Spec for rouge score metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RougeSpec' - instances: - description: Required. Repeated rouge instances. + type: string type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1RougeInstance' - GoogleCloudAiplatformV1RougeSpec: - id: GoogleCloudAiplatformV1RougeSpec - description: >- - Spec for rouge score metric - calculates the recall of n-grams in - prediction as compared to reference - returns a score ranging between 0 - and 1. - type: object + GoogleCloudAiplatformV1UploadRagFileRequest: + description: Request message for VertexRagDataService.UploadRagFile. properties: - rougeType: + uploadRagFileConfig: description: >- - Optional. Supported rouge types are rougen[1-9], rougeL, and - rougeLsum. - type: string - useStemmer: - description: Optional. Whether to use stemmer to compute rouge score. - type: boolean - splitSummaries: - description: Optional. Whether to split summaries while using rougeLsum. - type: boolean - GoogleCloudAiplatformV1RougeInstance: - id: GoogleCloudAiplatformV1RougeInstance - description: Spec for rouge instance. + Required. The config for the RagFiles to be uploaded into the + RagCorpus. VertexRagDataService.UploadRagFile. + $ref: '#/components/schemas/GoogleCloudAiplatformV1UploadRagFileConfig' + ragFile: + description: Required. The RagFile to upload. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagFile' + id: GoogleCloudAiplatformV1UploadRagFileRequest type: object + GoogleCloudAiplatformV1SecretEnvVar: + description: >- + Represents an environment variable where the value is a secret in Cloud + Secret Manager. + id: GoogleCloudAiplatformV1SecretEnvVar properties: - prediction: - description: Required. Output of the evaluated model. - type: string - reference: - description: Required. Ground truth used to compare against the prediction. + name: type: string - GoogleCloudAiplatformV1FluencyInput: - id: GoogleCloudAiplatformV1FluencyInput - description: Input for fluency metric. - type: object - properties: - metricSpec: - description: Required. Spec for fluency score metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FluencySpec' - instance: - description: Required. Fluency instance. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FluencyInstance' - GoogleCloudAiplatformV1FluencySpec: - id: GoogleCloudAiplatformV1FluencySpec - description: Spec for fluency score metric. + description: Required. Name of the secret environment variable. + secretRef: + description: >- + Required. Reference to a secret stored in the Cloud Secret Manager + that will provide the value for this environment variable. + $ref: '#/components/schemas/GoogleCloudAiplatformV1SecretRef' type: object - properties: - version: - description: Optional. Which version to use for evaluation. - type: integer - format: int32 - GoogleCloudAiplatformV1FluencyInstance: - id: GoogleCloudAiplatformV1FluencyInstance - description: Spec for fluency instance. + GoogleCloudAiplatformV1SchemaPredictionResultError: + id: GoogleCloudAiplatformV1SchemaPredictionResultError type: object properties: - prediction: - description: Required. Output of the evaluated model. + status: + enumDescriptions: + - 'Not an error; returned on success. HTTP Mapping: 200 OK' + - >- + The operation was cancelled, typically by the caller. HTTP + Mapping: 499 Client Closed Request + - >- + Unknown error. For example, this error may be returned when a + `Status` value received from another address space belongs to an + error space that is not known in this address space. Also errors + raised by APIs that do not return enough error information may be + converted to this error. HTTP Mapping: 500 Internal Server Error + - >- + The client specified an invalid argument. Note that this differs + from `FAILED_PRECONDITION`. `INVALID_ARGUMENT` indicates arguments + that are problematic regardless of the state of the system (e.g., + a malformed file name). HTTP Mapping: 400 Bad Request + - >- + The deadline expired before the operation could complete. For + operations that change the state of the system, this error may be + returned even if the operation has completed successfully. For + example, a successful response from a server could have been + delayed long enough for the deadline to expire. HTTP Mapping: 504 + Gateway Timeout + - >- + Some requested entity (e.g., file or directory) was not found. + Note to server developers: if a request is denied for an entire + class of users, such as gradual feature rollout or undocumented + allowlist, `NOT_FOUND` may be used. If a request is denied for + some users within a class of users, such as user-based access + control, `PERMISSION_DENIED` must be used. HTTP Mapping: 404 Not + Found + - >- + The entity that a client attempted to create (e.g., file or + directory) already exists. HTTP Mapping: 409 Conflict + - >- + The caller does not have permission to execute the specified + operation. `PERMISSION_DENIED` must not be used for rejections + caused by exhausting some resource (use `RESOURCE_EXHAUSTED` + instead for those errors). `PERMISSION_DENIED` must not be used if + the caller can not be identified (use `UNAUTHENTICATED` instead + for those errors). This error code does not imply the request is + valid or the requested entity exists or satisfies other + pre-conditions. HTTP Mapping: 403 Forbidden + - >- + The request does not have valid authentication credentials for the + operation. HTTP Mapping: 401 Unauthorized + - >- + Some resource has been exhausted, perhaps a per-user quota, or + perhaps the entire file system is out of space. HTTP Mapping: 429 + Too Many Requests + - >- + The operation was rejected because the system is not in a state + required for the operation's execution. For example, the directory + to be deleted is non-empty, an rmdir operation is applied to a + non-directory, etc. Service implementors can use the following + guidelines to decide between `FAILED_PRECONDITION`, `ABORTED`, and + `UNAVAILABLE`: (a) Use `UNAVAILABLE` if the client can retry just + the failing call. (b) Use `ABORTED` if the client should retry at + a higher level. For example, when a client-specified test-and-set + fails, indicating the client should restart a read-modify-write + sequence. (c) Use `FAILED_PRECONDITION` if the client should not + retry until the system state has been explicitly fixed. For + example, if an "rmdir" fails because the directory is non-empty, + `FAILED_PRECONDITION` should be returned since the client should + not retry unless the files are deleted from the directory. HTTP + Mapping: 400 Bad Request + - >- + The operation was aborted, typically due to a concurrency issue + such as a sequencer check failure or transaction abort. See the + guidelines above for deciding between `FAILED_PRECONDITION`, + `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: 409 Conflict + - >- + The operation was attempted past the valid range. E.g., seeking or + reading past end-of-file. Unlike `INVALID_ARGUMENT`, this error + indicates a problem that may be fixed if the system state changes. + For example, a 32-bit file system will generate `INVALID_ARGUMENT` + if asked to read at an offset that is not in the range [0,2^32-1], + but it will generate `OUT_OF_RANGE` if asked to read from an + offset past the current file size. There is a fair bit of overlap + between `FAILED_PRECONDITION` and `OUT_OF_RANGE`. We recommend + using `OUT_OF_RANGE` (the more specific error) when it applies so + that callers who are iterating through a space can easily look for + an `OUT_OF_RANGE` error to detect when they are done. HTTP + Mapping: 400 Bad Request + - >- + The operation is not implemented or is not supported/enabled in + this service. HTTP Mapping: 501 Not Implemented + - >- + Internal errors. This means that some invariants expected by the + underlying system have been broken. This error code is reserved + for serious errors. HTTP Mapping: 500 Internal Server Error + - >- + The service is currently unavailable. This is most likely a + transient condition, which can be corrected by retrying with a + backoff. Note that it is not always safe to retry non-idempotent + operations. See the guidelines above for deciding between + `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: + 503 Service Unavailable + - >- + Unrecoverable data loss or corruption. HTTP Mapping: 500 Internal + Server Error type: string - GoogleCloudAiplatformV1CoherenceInput: - id: GoogleCloudAiplatformV1CoherenceInput - description: Input for coherence metric. - type: object + enum: + - OK + - CANCELLED + - UNKNOWN + - INVALID_ARGUMENT + - DEADLINE_EXCEEDED + - NOT_FOUND + - ALREADY_EXISTS + - PERMISSION_DENIED + - UNAUTHENTICATED + - RESOURCE_EXHAUSTED + - FAILED_PRECONDITION + - ABORTED + - OUT_OF_RANGE + - UNIMPLEMENTED + - INTERNAL + - UNAVAILABLE + - DATA_LOSS + description: >- + Error status. This will be serialized into the enum name e.g. + "NOT_FOUND". + message: + description: Error message with additional details. + type: string + GoogleCloudAiplatformV1SchemaModelevaluationMetricsGeneralTextGenerationEvaluationMetrics: properties: - metricSpec: - description: Required. Spec for coherence score metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CoherenceSpec' - instance: - description: Required. Coherence instance. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CoherenceInstance' - GoogleCloudAiplatformV1CoherenceSpec: - id: GoogleCloudAiplatformV1CoherenceSpec - description: Spec for coherence score metric. + bleu: + format: float + description: >- + BLEU (bilingual evaluation understudy) scores based on sacrebleu + implementation. + type: number + rougeLSum: + format: float + type: number + description: ROUGE-L (Longest Common Subsequence) scoring at summary level. + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsGeneralTextGenerationEvaluationMetrics type: object - properties: - version: - description: Optional. Which version to use for evaluation. - type: integer - format: int32 - GoogleCloudAiplatformV1CoherenceInstance: - id: GoogleCloudAiplatformV1CoherenceInstance - description: Spec for coherence instance. + GoogleCloudAiplatformV1SchemaTextDatasetMetadata: + description: The metadata of Datasets that contain Text DataItems. + id: GoogleCloudAiplatformV1SchemaTextDatasetMetadata type: object properties: - prediction: - description: Required. Output of the evaluated model. + dataItemSchemaUri: + description: >- + Points to a YAML file stored on Google Cloud Storage describing + payload of the Text DataItems that belong to this Dataset. type: string - GoogleCloudAiplatformV1SafetyInput: - id: GoogleCloudAiplatformV1SafetyInput - description: Input for safety metric. - type: object - properties: - metricSpec: - description: Required. Spec for safety metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SafetySpec' - instance: - description: Required. Safety instance. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SafetyInstance' - GoogleCloudAiplatformV1SafetySpec: - id: GoogleCloudAiplatformV1SafetySpec - description: Spec for safety metric. - type: object + gcsBucket: + description: >- + Google Cloud Storage Bucket name that contains the blob data of this + Dataset. + type: string + GoogleCloudAiplatformV1TFRecordDestination: properties: - version: - description: Optional. Which version to use for evaluation. - type: integer - format: int32 - GoogleCloudAiplatformV1SafetyInstance: - id: GoogleCloudAiplatformV1SafetyInstance - description: Spec for safety instance. + gcsDestination: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' + description: Required. Google Cloud Storage location. type: object - properties: - prediction: - description: Required. Output of the evaluated model. - type: string - GoogleCloudAiplatformV1GroundednessInput: - id: GoogleCloudAiplatformV1GroundednessInput - description: Input for groundedness metric. + description: The storage details for TFRecord output content. + id: GoogleCloudAiplatformV1TFRecordDestination + GoogleCloudAiplatformV1NotebookSoftwareConfig: + description: >- + Notebook Software Config. This is passed to the backend when user makes + software configurations in UI. + id: GoogleCloudAiplatformV1NotebookSoftwareConfig type: object properties: - metricSpec: - description: Required. Spec for groundedness metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundednessSpec' - instance: - description: Required. Groundedness instance. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundednessInstance' - GoogleCloudAiplatformV1GroundednessSpec: - id: GoogleCloudAiplatformV1GroundednessSpec - description: Spec for groundedness metric. + env: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EnvVar' + type: array + description: >- + Optional. Environment variables to be passed to the container. + Maximum limit is 100. + postStartupScriptConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PostStartupScriptConfig' + description: Optional. Post startup script config. + colabImage: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ColabImage' + description: Optional. Google-managed NotebookRuntime colab image. + GoogleCloudAiplatformV1WriteTensorboardExperimentDataRequest: type: object + description: Request message for TensorboardService.WriteTensorboardExperimentData. properties: - version: - description: Optional. Which version to use for evaluation. - type: integer - format: int32 - GoogleCloudAiplatformV1GroundednessInstance: - id: GoogleCloudAiplatformV1GroundednessInstance - description: Spec for groundedness instance. + writeRunDataRequests: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1WriteTensorboardRunDataRequest + description: >- + Required. Requests containing per-run TensorboardTimeSeries data to + write. + id: GoogleCloudAiplatformV1WriteTensorboardExperimentDataRequest + GoogleCloudAiplatformV1EvaluationRunEvaluationConfigPromptTemplate: + id: GoogleCloudAiplatformV1EvaluationRunEvaluationConfigPromptTemplate type: object properties: - prediction: - description: Required. Output of the evaluated model. + promptTemplate: type: string - context: description: >- - Required. Background information provided in context used to compare - against the prediction. + Inline prompt template. Template variables should be in the format + "{var_name}". Example: "Translate the following from {source_lang} + to {target_lang}: {text}" + gcsUri: + description: >- + Prompt template stored in Cloud Storage. Format: + "gs://my-bucket/file-name.txt". type: string - GoogleCloudAiplatformV1FulfillmentInput: - id: GoogleCloudAiplatformV1FulfillmentInput - description: Input for fulfillment metric. - type: object + description: Prompt template used for inference. + GoogleCloudAiplatformV1ReadIndexDatapointsResponse: + description: The response message for MatchService.ReadIndexDatapoints. properties: - metricSpec: - description: Required. Spec for fulfillment score metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FulfillmentSpec' - instance: - description: Required. Fulfillment instance. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FulfillmentInstance' - GoogleCloudAiplatformV1FulfillmentSpec: - id: GoogleCloudAiplatformV1FulfillmentSpec - description: Spec for fulfillment metric. + datapoints: + description: The result list of datapoints. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexDatapoint' + type: array type: object - properties: - version: - description: Optional. Which version to use for evaluation. - type: integer - format: int32 - GoogleCloudAiplatformV1FulfillmentInstance: - id: GoogleCloudAiplatformV1FulfillmentInstance - description: Spec for fulfillment instance. + id: GoogleCloudAiplatformV1ReadIndexDatapointsResponse + GoogleCloudAiplatformV1DeployRequest: + description: Request message for ModelGardenService.Deploy. + id: GoogleCloudAiplatformV1DeployRequest type: object properties: - prediction: - description: Required. Output of the evaluated model. + huggingFaceModelId: + description: >- + The Hugging Face model to deploy. Format: Hugging Face model ID like + `google/gemma-2-2b-it`. type: string - instruction: - description: Required. Inference instruction prompt to compare prediction with. + modelConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployRequestModelConfig' + description: >- + Optional. The model config to use for the deployment. If not + specified, the default model config will be used. + publisherModelName: + description: >- + The Model Garden model to deploy. Format: + `publishers/{publisher}/models/{publisher_model}@{version_id}`, or + `publishers/hf-{hugging-face-author}/models/{hugging-face-model-name}@001`. type: string - GoogleCloudAiplatformV1SummarizationQualityInput: - id: GoogleCloudAiplatformV1SummarizationQualityInput - description: Input for summarization quality metric. - type: object - properties: - metricSpec: - description: Required. Spec for summarization quality score metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SummarizationQualitySpec' - instance: - description: Required. Summarization quality instance. + deployConfig: + description: >- + Optional. The deploy config to use for the deployment. If not + specified, the default deploy config will be used. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SummarizationQualityInstance - GoogleCloudAiplatformV1SummarizationQualitySpec: - id: GoogleCloudAiplatformV1SummarizationQualitySpec - description: Spec for summarization quality score metric. + #/components/schemas/GoogleCloudAiplatformV1DeployRequestDeployConfig + endpointConfig: + description: >- + Optional. The endpoint config to use for the deployment. If not + specified, the default endpoint config will be used. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1DeployRequestEndpointConfig + GoogleCloudAiplatformV1BatchDedicatedResources: type: object + id: GoogleCloudAiplatformV1BatchDedicatedResources properties: - useReference: - description: >- - Optional. Whether to use instance.reference to compute summarization - quality. - type: boolean - version: - description: Optional. Which version to use for evaluation. + startingReplicaCount: + format: int32 type: integer + description: >- + Immutable. The number of machine replicas used at the start of the + batch operation. If not set, Vertex AI decides starting number, not + greater than max_replica_count + machineSpec: + description: Required. Immutable. The specification of a single machine. + $ref: '#/components/schemas/GoogleCloudAiplatformV1MachineSpec' + maxReplicaCount: format: int32 - GoogleCloudAiplatformV1SummarizationQualityInstance: - id: GoogleCloudAiplatformV1SummarizationQualityInstance - description: Spec for summarization quality instance. - type: object + type: integer + description: >- + Immutable. The maximum number of machine replicas the batch + operation may be scaled to. The default value is 10. + description: >- + A description of resources that are used for performing batch + operations, are dedicated to a Model, and need manual configuration. + GoogleCloudAiplatformV1ReasoningEngineSpec: + description: ReasoningEngine configurations + id: GoogleCloudAiplatformV1ReasoningEngineSpec properties: - prediction: - description: Required. Output of the evaluated model. + identityType: type: string - reference: - description: Optional. Ground truth used to compare against the prediction. + description: >- + Optional. The identity type to use for the Reasoning Engine. If not + specified, the `service_account` field will be used if set, + otherwise the default Vertex AI Reasoning Engine Service Agent in + the project will be used. + enum: + - IDENTITY_TYPE_UNSPECIFIED + - SERVICE_ACCOUNT + - AGENT_IDENTITY + enumDescriptions: + - >- + Default value. Use a custom service account if the + `service_account` field is set, otherwise use the default Vertex + AI Reasoning Engine Service Agent in the project. Same behavior as + SERVICE_ACCOUNT. + - >- + Use a custom service account if the `service_account` field is + set, otherwise use the default Vertex AI Reasoning Engine Service + Agent in the project. + - Use Agent Identity. The `service_account` field must not be set. + deploymentSpec: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReasoningEngineSpecDeploymentSpec + description: Optional. The specification of a Reasoning Engine deployment. + serviceAccount: + description: >- + Optional. The service account that the Reasoning Engine artifact + runs as. It should have "roles/storage.objectViewer" for reading the + user project's Cloud Storage and "roles/aiplatform.user" for using + Vertex extensions. If not specified, the Vertex AI Reasoning Engine + Service Agent in the project will be used. type: string - context: - description: Required. Text to be summarized. - type: string - instruction: - description: Required. Summarization prompt for LLM. + agentFramework: type: string - GoogleCloudAiplatformV1PairwiseSummarizationQualityInput: - id: GoogleCloudAiplatformV1PairwiseSummarizationQualityInput - description: Input for pairwise summarization quality metric. - type: object - properties: - metricSpec: - description: Required. Spec for pairwise summarization quality score metric. + description: >- + Optional. The OSS agent framework used to develop the agent. + Currently supported values: "google-adk", "langchain", "langgraph", + "ag2", "llama-index", "custom". + classMethods: + description: >- + Optional. Declarations for object class methods in OpenAPI + specification format. + items: + type: object + additionalProperties: + description: Properties of the object. + type: any + type: array + packageSpec: + description: >- + Optional. User provided package spec of the ReasoningEngine. Ignored + when users directly specify a deployment image through + `deployment_spec.first_party_image_override`, but keeping the + field_behavior to avoid introducing breaking changes. The + `deployment_source` field should not be set if `package_spec` is + specified. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PairwiseSummarizationQualitySpec - instance: - description: Required. Pairwise summarization quality instance. + #/components/schemas/GoogleCloudAiplatformV1ReasoningEngineSpecPackageSpec + sourceCodeSpec: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PairwiseSummarizationQualityInstance - GoogleCloudAiplatformV1PairwiseSummarizationQualitySpec: - id: GoogleCloudAiplatformV1PairwiseSummarizationQualitySpec - description: Spec for pairwise summarization quality score metric. + #/components/schemas/GoogleCloudAiplatformV1ReasoningEngineSpecSourceCodeSpec + description: Deploy from source code files with a defined entrypoint. + effectiveIdentity: + description: >- + Output only. The identity to use for the Reasoning Engine. It can + contain one of the following values: * + service-{project}@gcp-sa-aiplatform-re.googleapis.com (for + SERVICE_AGENT identity type) * {name}@{project}.gserviceaccount.com + (for SERVICE_ACCOUNT identity type) * + agents.global.{org}.system.id.goog/resources/aiplatform/projects/{project}/locations/{location}/reasoningEngines/{reasoning_engine} + (for AGENT_IDENTITY identity type) + type: string + readOnly: true type: object + GoogleCloudAiplatformV1ListOptimalTrialsResponse: properties: - useReference: + optimalTrials: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' description: >- - Optional. Whether to use instance.reference to compute pairwise - summarization quality. - type: boolean - version: - description: Optional. Which version to use for evaluation. - type: integer - format: int32 - GoogleCloudAiplatformV1PairwiseSummarizationQualityInstance: - id: GoogleCloudAiplatformV1PairwiseSummarizationQualityInstance - description: Spec for pairwise summarization quality instance. + The pareto-optimal Trials for multiple objective Study or the + optimal trial for single objective Study. The definition of + pareto-optimal can be checked in wiki page. + https://en.wikipedia.org/wiki/Pareto_efficiency + description: Response message for VizierService.ListOptimalTrials. + id: GoogleCloudAiplatformV1ListOptimalTrialsResponse + type: object + GoogleCloudLocationListLocationsResponse: + description: The response message for Locations.ListLocations. type: object properties: - prediction: - description: Required. Output of the candidate model. - type: string - baselinePrediction: - description: Required. Output of the baseline model. - type: string - reference: - description: Optional. Ground truth used to compare against the prediction. + locations: + type: array + description: >- + A list of locations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/GoogleCloudLocationLocation' + nextPageToken: + description: The standard List next-page token. type: string - context: - description: Required. Text to be summarized. + id: GoogleCloudLocationListLocationsResponse + GoogleCloudAiplatformV1NasJob: + description: Represents a Neural Architecture Search (NAS) job. + properties: + enableRestrictedImageTraining: + deprecated: true + type: boolean + description: >- + Optional. Enable a separation of Custom model training and + restricted image training for tenant project. + error: + readOnly: true + description: >- + Output only. Only populated when job's state is JOB_STATE_FAILED or + JOB_STATE_CANCELLED. + $ref: '#/components/schemas/GoogleRpcStatus' + endTime: + description: >- + Output only. Time when the NasJob entered any of the following + states: `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED`, + `JOB_STATE_CANCELLED`. + format: google-datetime type: string - instruction: - description: Required. Summarization prompt for LLM. + readOnly: true + updateTime: + format: google-datetime + readOnly: true type: string - GoogleCloudAiplatformV1SummarizationHelpfulnessInput: - id: GoogleCloudAiplatformV1SummarizationHelpfulnessInput - description: Input for summarization helpfulness metric. - type: object - properties: - metricSpec: - description: Required. Spec for summarization helpfulness score metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SummarizationHelpfulnessSpec - instance: - description: Required. Summarization helpfulness instance. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SummarizationHelpfulnessInstance - GoogleCloudAiplatformV1SummarizationHelpfulnessSpec: - id: GoogleCloudAiplatformV1SummarizationHelpfulnessSpec - description: Spec for summarization helpfulness score metric. - type: object - properties: - useReference: + description: Output only. Time when the NasJob was most recently updated. + encryptionSpec: description: >- - Optional. Whether to use instance.reference to compute summarization - helpfulness. + Customer-managed encryption key options for a NasJob. If this is + set, then all resources created by the NasJob will be encrypted with + the provided encryption key. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + labels: + type: object + description: >- + The labels with user-defined metadata to organize NasJobs. Label + keys and values can be no longer than 64 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. See + https://goo.gl/xmQnxf for more information and examples of labels. + additionalProperties: + type: string + displayName: + description: >- + Required. The display name of the NasJob. The name can be up to 128 + characters long and can consist of any UTF-8 characters. + type: string + satisfiesPzs: type: boolean - version: - description: Optional. Which version to use for evaluation. - type: integer - format: int32 - GoogleCloudAiplatformV1SummarizationHelpfulnessInstance: - id: GoogleCloudAiplatformV1SummarizationHelpfulnessInstance - description: Spec for summarization helpfulness instance. - type: object - properties: - prediction: - description: Required. Output of the evaluated model. + description: Output only. Reserved for future use. + readOnly: true + state: + enum: + - JOB_STATE_UNSPECIFIED + - JOB_STATE_QUEUED + - JOB_STATE_PENDING + - JOB_STATE_RUNNING + - JOB_STATE_SUCCEEDED + - JOB_STATE_FAILED + - JOB_STATE_CANCELLING + - JOB_STATE_CANCELLED + - JOB_STATE_PAUSED + - JOB_STATE_EXPIRED + - JOB_STATE_UPDATING + - JOB_STATE_PARTIALLY_SUCCEEDED + enumDescriptions: + - The job state is unspecified. + - >- + The job has been just created or resumed and processing has not + yet begun. + - The service is preparing to run the job. + - The job is in progress. + - The job completed successfully. + - The job failed. + - >- + The job is being cancelled. From this state the job may only go to + either `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED` or + `JOB_STATE_CANCELLED`. + - The job has been cancelled. + - The job has been stopped, and can be resumed. + - The job has expired. + - >- + The job is being updated. Only jobs in the `RUNNING` state can be + updated. After updating, the job goes back to the `RUNNING` state. + - >- + The job is partially succeeded, some results may be missing due to + errors. + readOnly: true + description: Output only. The detailed state of the job. type: string - reference: - description: Optional. Ground truth used to compare against the prediction. + startTime: + format: google-datetime + readOnly: true type: string - context: - description: Required. Text to be summarized. + description: >- + Output only. Time when the NasJob for the first time entered the + `JOB_STATE_RUNNING` state. + nasJobOutput: + description: Output only. Output of the NasJob. + $ref: '#/components/schemas/GoogleCloudAiplatformV1NasJobOutput' + readOnly: true + satisfiesPzi: + description: Output only. Reserved for future use. + type: boolean + readOnly: true + name: type: string - instruction: - description: Optional. Summarization prompt for LLM. + readOnly: true + description: Output only. Resource name of the NasJob. + createTime: type: string - GoogleCloudAiplatformV1SummarizationVerbosityInput: - id: GoogleCloudAiplatformV1SummarizationVerbosityInput - description: Input for summarization verbosity metric. + description: Output only. Time when the NasJob was created. + readOnly: true + format: google-datetime + nasJobSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1NasJobSpec' + description: Required. The specification of a NasJob. + id: GoogleCloudAiplatformV1NasJob type: object + GoogleCloudAiplatformV1TrajectoryAnyOrderMatchResults: + description: Results for TrajectoryAnyOrderMatch metric. properties: - metricSpec: - description: Required. Spec for summarization verbosity score metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SummarizationVerbositySpec - instance: - description: Required. Summarization verbosity instance. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SummarizationVerbosityInstance - GoogleCloudAiplatformV1SummarizationVerbositySpec: - id: GoogleCloudAiplatformV1SummarizationVerbositySpec - description: Spec for summarization verbosity score metric. + trajectoryAnyOrderMatchMetricValues: + readOnly: true + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectoryAnyOrderMatchMetricValue + description: Output only. TrajectoryAnyOrderMatch metric values. + type: array + id: GoogleCloudAiplatformV1TrajectoryAnyOrderMatchResults type: object - properties: - useReference: - description: >- - Optional. Whether to use instance.reference to compute summarization - verbosity. - type: boolean - version: - description: Optional. Which version to use for evaluation. - type: integer - format: int32 - GoogleCloudAiplatformV1SummarizationVerbosityInstance: - id: GoogleCloudAiplatformV1SummarizationVerbosityInstance - description: Spec for summarization verbosity instance. + GoogleCloudAiplatformV1JiraSource: + description: The Jira source for the ImportRagFilesRequest. + id: GoogleCloudAiplatformV1JiraSource type: object properties: - prediction: - description: Required. Output of the evaluated model. - type: string - reference: - description: Optional. Ground truth used to compare against the prediction. - type: string - context: - description: Required. Text to be summarized. - type: string - instruction: - description: Optional. Summarization prompt for LLM. - type: string - GoogleCloudAiplatformV1QuestionAnsweringQualityInput: - id: GoogleCloudAiplatformV1QuestionAnsweringQualityInput - description: Input for question answering quality metric. - type: object + jiraQueries: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1JiraSourceJiraQueries' + description: Required. The Jira queries. + GoogleCloudAiplatformV1EvaluationPrompt: properties: - metricSpec: - description: Required. Spec for question answering quality score metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringQualitySpec - instance: - description: Required. Question answering quality instance. + text: + description: Text prompt. + type: string + value: + type: any + description: Fields and values that can be used to populate the prompt template. + promptTemplateData: + description: Prompt template data. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringQualityInstance - GoogleCloudAiplatformV1QuestionAnsweringQualitySpec: - id: GoogleCloudAiplatformV1QuestionAnsweringQualitySpec - description: Spec for question answering quality score metric. + #/components/schemas/GoogleCloudAiplatformV1EvaluationPromptPromptTemplateData type: object - properties: - useReference: - description: >- - Optional. Whether to use instance.reference to compute question - answering quality. - type: boolean - version: - description: Optional. Which version to use for evaluation. - type: integer - format: int32 - GoogleCloudAiplatformV1QuestionAnsweringQualityInstance: - id: GoogleCloudAiplatformV1QuestionAnsweringQualityInstance - description: Spec for question answering quality instance. + description: Prompt to be evaluated. + id: GoogleCloudAiplatformV1EvaluationPrompt + GoogleCloudAiplatformV1SchemaPromptApiSchema: + id: GoogleCloudAiplatformV1SchemaPromptApiSchema + description: The A2 schema of a prompt. type: object properties: - prediction: - description: Required. Output of the evaluated model. - type: string - reference: - description: Optional. Ground truth used to compare against the prediction. - type: string - context: - description: Required. Text to answer the question. - type: string - instruction: - description: Required. Question Answering prompt for LLM. + apiSchemaVersion: + description: The Schema version that represents changes to the API behavior. type: string - GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityInput: - id: GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityInput - description: Input for pairwise question answering quality metric. - type: object - properties: - metricSpec: - description: Required. Spec for pairwise question answering quality score metric. + executions: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptInstancePromptExecution + description: >- + A list of execution instances for constructing a ready-to-use + prompt. + type: array + multimodalPrompt: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualitySpec - instance: - description: Required. Pairwise question answering quality instance. + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecMultimodalPrompt + description: Multimodal prompt which embeds preambles to prompt string. + structuredPrompt: + description: The prompt variation that stores preambles in separate fields. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityInstance - GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualitySpec: - id: GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualitySpec - description: Spec for pairwise question answering quality score metric. - type: object + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecStructuredPrompt + translationPrompt: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecTranslationPrompt + description: The prompt variation for Translation use case. + GoogleCloudAiplatformV1EvaluationRun: + description: >- + EvaluationRun is a resource that represents a single evaluation run, + which includes a set of prompts, model responses, evaluation + configuration and the resulting metrics. properties: - useReference: + inferenceConfigs: + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationRunInferenceConfig description: >- - Optional. Whether to use instance.reference to compute question - answering quality. - type: boolean - version: - description: Optional. Which version to use for evaluation. - type: integer - format: int32 - GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityInstance: - id: GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityInstance - description: Spec for pairwise question answering quality instance. - type: object - properties: - prediction: - description: Required. Output of the candidate model. + Optional. The candidate to inference config map for the evaluation + run. The candidate can be up to 128 characters long and can consist + of any UTF-8 characters. + type: object + evaluationConfig: + description: Required. The configuration used for the evaluation. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationRunEvaluationConfig + state: type: string - baselinePrediction: - description: Required. Output of the baseline model. + readOnly: true + enumDescriptions: + - Unspecified state. + - The evaluation run is pending. + - The evaluation run is running. + - The evaluation run has succeeded. + - The evaluation run has failed. + - The evaluation run has been cancelled. + - The evaluation run is performing inference. + - The evaluation run is performing rubric generation. + description: Output only. The state of the evaluation run. + enum: + - STATE_UNSPECIFIED + - PENDING + - RUNNING + - SUCCEEDED + - FAILED + - CANCELLED + - INFERENCE + - GENERATING_RUBRICS + evaluationResults: + description: >- + Output only. The results of the evaluation run. Only populated when + the evaluation run's state is SUCCEEDED. + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationResults' + labels: + additionalProperties: + type: string + description: Optional. Labels for the evaluation run. + type: object + displayName: + description: Required. The display name of the Evaluation Run. type: string - reference: - description: Optional. Ground truth used to compare against the prediction. + name: + description: >- + Identifier. The resource name of the EvaluationRun. This is a unique + identifier. Format: + `projects/{project}/locations/{location}/evaluationRuns/{evaluation_run}` type: string - context: - description: Required. Text to answer the question. + evaluationSetSnapshot: + readOnly: true + description: >- + Output only. The specific evaluation set of the evaluation run. For + runs with an evaluation set input, this will be that same set. For + runs with BigQuery input, it's the sampled BigQuery dataset. type: string - instruction: - description: Required. Question Answering prompt for LLM. + createTime: type: string - GoogleCloudAiplatformV1QuestionAnsweringRelevanceInput: - id: GoogleCloudAiplatformV1QuestionAnsweringRelevanceInput - description: Input for question answering relevance metric. - type: object - properties: - metricSpec: - description: Required. Spec for question answering relevance score metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringRelevanceSpec - instance: - description: Required. Question answering relevance instance. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringRelevanceInstance - GoogleCloudAiplatformV1QuestionAnsweringRelevanceSpec: - id: GoogleCloudAiplatformV1QuestionAnsweringRelevanceSpec - description: Spec for question answering relevance metric. - type: object - properties: - useReference: + format: google-datetime + description: Output only. Time when the evaluation run was created. + readOnly: true + error: description: >- - Optional. Whether to use instance.reference to compute question - answering relevance. - type: boolean - version: - description: Optional. Which version to use for evaluation. - type: integer - format: int32 - GoogleCloudAiplatformV1QuestionAnsweringRelevanceInstance: - id: GoogleCloudAiplatformV1QuestionAnsweringRelevanceInstance - description: Spec for question answering relevance instance. + Output only. Only populated when the evaluation run's state is + FAILED or CANCELLED. + $ref: '#/components/schemas/GoogleRpcStatus' + readOnly: true + dataSource: + description: Required. The data source for the evaluation run. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationRunDataSource' + metadata: + type: any + description: >- + Optional. Metadata about the evaluation run, can be used by the + caller to store additional tracking information about the evaluation + run. + completionTime: + description: Output only. Time when the evaluation run was completed. + format: google-datetime + type: string + readOnly: true + id: GoogleCloudAiplatformV1EvaluationRun + type: object + GoogleCloudAiplatformV1NasJobSpec: type: object + id: GoogleCloudAiplatformV1NasJobSpec properties: - prediction: - description: Required. Output of the evaluated model. - type: string - reference: - description: Optional. Ground truth used to compare against the prediction. - type: string - context: - description: Optional. Text provided as context to answer the question. + searchSpaceSpec: + description: It defines the search space for Neural Architecture Search (NAS). type: string - instruction: + multiTrialAlgorithmSpec: + description: The spec of multi-trial algorithms. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpec + resumeNasJobId: description: >- - Required. The question asked and other instruction in the inference - prompt. + The ID of the existing NasJob in the same Project and Location which + will be used to resume search. search_space_spec and + nas_algorithm_spec are obtained from previous NasJob hence should + not provide them again for this NasJob. type: string - GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessInput: - id: GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessInput - description: Input for question answering helpfulness metric. + description: Represents the spec of a NasJob. + GoogleCloudAiplatformV1PipelineTaskDetail: + id: GoogleCloudAiplatformV1PipelineTaskDetail type: object + description: The runtime detail of a task execution. properties: - metricSpec: - description: Required. Spec for question answering helpfulness score metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessSpec - instance: - description: Required. Question answering helpfulness instance. + executorDetail: + description: Output only. The detailed execution info. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessInstance - GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessSpec: - id: GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessSpec - description: Spec for question answering helpfulness metric. - type: object - properties: - useReference: + #/components/schemas/GoogleCloudAiplatformV1PipelineTaskExecutorDetail + readOnly: true + taskId: + type: string + description: Output only. The system generated ID of the task. + readOnly: true + format: int64 + error: + readOnly: true description: >- - Optional. Whether to use instance.reference to compute question - answering helpfulness. - type: boolean - version: - description: Optional. Which version to use for evaluation. - type: integer - format: int32 - GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessInstance: - id: GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessInstance - description: Spec for question answering helpfulness instance. - type: object - properties: - prediction: - description: Required. Output of the evaluated model. + Output only. The error that occurred during task execution. Only + populated when the task's state is FAILED or CANCELLED. + $ref: '#/components/schemas/GoogleRpcStatus' + taskName: + readOnly: true type: string - reference: - description: Optional. Ground truth used to compare against the prediction. + description: >- + Output only. The user specified name of the task that is defined in + pipeline_spec. + outputs: + readOnly: true + description: Output only. The runtime output artifacts of the task. + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PipelineTaskDetailArtifactList + type: object + createTime: + format: google-datetime type: string - context: - description: Optional. Text provided as context to answer the question. + readOnly: true + description: Output only. Task create time. + startTime: + readOnly: true type: string - instruction: + description: Output only. Task start time. + format: google-datetime + pipelineTaskStatus: + type: array + readOnly: true description: >- - Required. The question asked and other instruction in the inference - prompt. + Output only. A list of task status. This field keeps a record of + task status evolving over time. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PipelineTaskDetailPipelineTaskStatus + taskUniqueName: type: string - GoogleCloudAiplatformV1QuestionAnsweringCorrectnessInput: - id: GoogleCloudAiplatformV1QuestionAnsweringCorrectnessInput - description: Input for question answering correctness metric. - type: object - properties: - metricSpec: - description: Required. Spec for question answering correctness score metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringCorrectnessSpec - instance: - description: Required. Question answering correctness instance. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringCorrectnessInstance - GoogleCloudAiplatformV1QuestionAnsweringCorrectnessSpec: - id: GoogleCloudAiplatformV1QuestionAnsweringCorrectnessSpec - description: Spec for question answering correctness metric. + description: >- + Output only. The unique name of a task. This field is used by rerun + pipeline job. Console UI and Vertex AI SDK will support triggering + pipeline job reruns. The name is constructed by concatenating all + the parent tasks name with the task name. For example, if a task + named "child_task" has a parent task named "parent_task_1" and + parent task 1 has a parent task named "parent_task_2", the task + unique name will be "parent_task_2.parent_task_1.child_task". + readOnly: true + endTime: + readOnly: true + description: Output only. Task end time. + format: google-datetime + type: string + state: + enum: + - STATE_UNSPECIFIED + - PENDING + - RUNNING + - SUCCEEDED + - CANCEL_PENDING + - CANCELLING + - CANCELLED + - FAILED + - SKIPPED + - NOT_TRIGGERED + enumDescriptions: + - Unspecified. + - Specifies pending state for the task. + - Specifies task is being executed. + - Specifies task completed successfully. + - Specifies Task cancel is in pending state. + - Specifies task is being cancelled. + - Specifies task was cancelled. + - Specifies task failed. + - Specifies task was skipped due to cache hit. + - >- + Specifies that the task was not triggered because the task's + trigger policy is not satisfied. The trigger policy is specified + in the `condition` field of PipelineJob.pipeline_spec. + readOnly: true + type: string + description: Output only. State of the task. + execution: + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1Execution' + description: Output only. The execution metadata of the task. + parentTaskId: + type: string + format: int64 + readOnly: true + description: >- + Output only. The id of the parent task if the task is within a + component scope. Empty if the task is at the root level. + inputs: + type: object + description: Output only. The runtime input artifacts of the task. + readOnly: true + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PipelineTaskDetailArtifactList + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageClassificationInputs: + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageClassificationInputs type: object properties: - useReference: + multiLabel: description: >- - Optional. Whether to use instance.reference to compute question - answering correctness. + If false, a single-label (multi-class) Model will be trained (i.e. + assuming that for each image just up to one annotation may be + applicable). If true, a multi-label Model will be trained (i.e. + assuming that for each image multiple annotations may be + applicable). type: boolean - version: - description: Optional. Which version to use for evaluation. - type: integer - format: int32 - GoogleCloudAiplatformV1QuestionAnsweringCorrectnessInstance: - id: GoogleCloudAiplatformV1QuestionAnsweringCorrectnessInstance - description: Spec for question answering correctness instance. - type: object - properties: - prediction: - description: Required. Output of the evaluated model. + modelType: + enum: + - MODEL_TYPE_UNSPECIFIED + - CLOUD + - CLOUD_1 + - MOBILE_TF_LOW_LATENCY_1 + - MOBILE_TF_VERSATILE_1 + - MOBILE_TF_HIGH_ACCURACY_1 + - EFFICIENTNET + - MAXVIT + - VIT + - COCA type: string - reference: - description: Optional. Ground truth used to compare against the prediction. + enumDescriptions: + - Should not be set. + - >- + A Model best tailored to be used within Google Cloud, and which + cannot be exported. Default. + - >- + A model type best tailored to be used within Google Cloud, which + cannot be exported externally. Compared to the CLOUD model above, + it is expected to have higher prediction accuracy. + - >- + A model that, in addition to being available within Google Cloud, + can also be exported (see ModelService.ExportModel) as TensorFlow + or Core ML model and used on a mobile or edge device afterwards. + Expected to have low latency, but may have lower prediction + quality than other mobile models. + - >- + A model that, in addition to being available within Google Cloud, + can also be exported (see ModelService.ExportModel) as TensorFlow + or Core ML model and used on a mobile or edge device with + afterwards. + - >- + A model that, in addition to being available within Google Cloud, + can also be exported (see ModelService.ExportModel) as TensorFlow + or Core ML model and used on a mobile or edge device afterwards. + Expected to have a higher latency, but should also have a higher + prediction quality than other mobile models. + - >- + EfficientNet model for Model Garden training with customizable + hyperparameters. Best tailored to be used within Google Cloud, and + cannot be exported externally. + - >- + MaxViT model for Model Garden training with customizable + hyperparameters. Best tailored to be used within Google Cloud, and + cannot be exported externally. + - >- + ViT model for Model Garden training with customizable + hyperparameters. Best tailored to be used within Google Cloud, and + cannot be exported externally. + - >- + CoCa model for Model Garden training with customizable + hyperparameters. Best tailored to be used within Google Cloud, and + cannot be exported externally. + disableEarlyStopping: + description: >- + Use the entire training budget. This disables the early stopping + feature. When false the early stopping feature is enabled, which + means that AutoML Image Classification might stop training before + the entire training budget has been used. + type: boolean + budgetMilliNodeHours: + format: int64 + description: >- + The training budget of creating this model, expressed in milli node + hours i.e. 1,000 value in this field means 1 node hour. The actual + metadata.costMilliNodeHours will be equal or less than this value. + If further model training ceases to provide any improvements, it + will stop without using the full budget and the + metadata.successfulStopReason will be `model-converged`. Note, + node_hour = actual_hour * number_of_nodes_involved. For modelType + `cloud`(default), the budget must be between 8,000 and 800,000 milli + node hours, inclusive. The default value is 192,000 which represents + one day in wall time, considering 8 nodes are used. For model types + `mobile-tf-low-latency-1`, `mobile-tf-versatile-1`, + `mobile-tf-high-accuracy-1`, the training budget must be between + 1,000 and 100,000 milli node hours, inclusive. The default value is + 24,000 which represents one day in wall time on a single node that + is used. type: string - context: - description: Optional. Text provided as context to answer the question. + tunableParameter: + description: Trainer type for Vision TrainRequest. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutomlImageTrainingTunableParameter + baseModelId: type: string - instruction: description: >- - Required. The question asked and other instruction in the inference - prompt. + The ID of the `base` model. If it is specified, the new model will + be trained based on the `base` model. Otherwise, the new model will + be trained from scratch. The `base` model must be in the same + Project and Location as the new Model to train, and have the same + modelType. + uptrainBaseModelId: type: string - GoogleCloudAiplatformV1PointwiseMetricInput: - id: GoogleCloudAiplatformV1PointwiseMetricInput - description: Input for pointwise metric. + description: >- + The ID of `base` model for upTraining. If it is specified, the new + model will be upTrained based on the `base` model for upTraining. + Otherwise, the new model will be trained from scratch. The `base` + model for upTraining must be in the same Project and Location as the + new Model to train, and have the same modelType. + GoogleCloudAiplatformV1SyntheticExample: + id: GoogleCloudAiplatformV1SyntheticExample type: object + description: >- + Represents a single synthetic example, composed of multiple fields. Used + for providing few-shot examples in the request and for returning + generated examples in the response. properties: - metricSpec: - description: Required. Spec for pointwise metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PointwiseMetricSpec' - instance: - description: Required. Pointwise metric instance. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PointwiseMetricInstance' - GoogleCloudAiplatformV1PointwiseMetricSpec: - id: GoogleCloudAiplatformV1PointwiseMetricSpec - description: Spec for pointwise metric. + fields: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SyntheticField' + description: Required. A list of fields that constitute an example. + GoogleCloudAiplatformV1FindNeighborsResponseNeighbor: type: object + id: GoogleCloudAiplatformV1FindNeighborsResponseNeighbor properties: - metricPromptTemplate: - description: Required. Metric prompt template for pointwise metric. - type: string - systemInstruction: - description: Optional. System instructions for pointwise metric. - type: string - customOutputFormatConfig: + distance: + format: double + description: The distance between the neighbor and the dense embedding query. + type: number + datapoint: description: >- - Optional. CustomOutputFormatConfig allows customization of metric - output. By default, metrics return a score and explanation. When - this config is set, the default output is replaced with either: - - The raw output string. - A parsed output based on a user-defined - schema. If a custom format is chosen, the `score` and `explanation` - fields in the corresponding metric result will be empty. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomOutputFormatConfig' - GoogleCloudAiplatformV1CustomOutputFormatConfig: - id: GoogleCloudAiplatformV1CustomOutputFormatConfig - description: Spec for custom output format configuration. + The datapoint of the neighbor. Note that full datapoints are + returned only when "return_full_datapoint" is set to true. + Otherwise, only the "datapoint_id" and "crowding_tag" fields are + populated. + $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexDatapoint' + sparseDistance: + description: The distance between the neighbor and the query sparse_embedding. + type: number + format: double + description: A neighbor of the query vector. + GoogleCloudAiplatformV1QuestionAnsweringQualityResult: type: object properties: - returnRawOutput: - description: Optional. Whether to return raw output. - type: boolean - GoogleCloudAiplatformV1PointwiseMetricInstance: - id: GoogleCloudAiplatformV1PointwiseMetricInstance - description: >- - Pointwise metric instance. Usually one instance corresponds to one row - in an evaluation dataset. + score: + description: Output only. Question Answering Quality score. + type: number + readOnly: true + format: float + confidence: + readOnly: true + type: number + description: Output only. Confidence for question answering quality score. + format: float + explanation: + readOnly: true + description: Output only. Explanation for question answering quality score. + type: string + description: Spec for question answering quality result. + id: GoogleCloudAiplatformV1QuestionAnsweringQualityResult + GoogleCloudAiplatformV1SchemaTablesDatasetMetadata: + properties: + inputConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTablesDatasetMetadataInputConfig + description: The metadata of Datasets that contain tables data. + id: GoogleCloudAiplatformV1SchemaTablesDatasetMetadata + type: object + GoogleCloudAiplatformV1ManualBatchTuningParameters: + description: Manual batch tuning parameters. + id: GoogleCloudAiplatformV1ManualBatchTuningParameters type: object properties: - jsonInstance: + batchSize: + type: integer description: >- - Instance specified as a json string. String key-value pairs are - expected in the json_instance to render - PointwiseMetricSpec.instance_prompt_template. + Immutable. The number of the records (e.g. instances) of the + operation given in each batch to a machine replica. Machine type, + and size of a single record should be considered when setting this + parameter, higher value speeds up the batch operation's execution, + but too high value will result in a whole batch not fitting in a + machine's memory, and the whole operation will fail. The default + value is 64. + format: int32 + GoogleCloudAiplatformV1FeatureViewFeatureRegistrySourceFeatureGroup: + id: GoogleCloudAiplatformV1FeatureViewFeatureRegistrySourceFeatureGroup + type: object + description: >- + Features belonging to a single feature group that will be synced to + Online Store. + properties: + featureGroupId: type: string - contentMapInstance: + description: Required. Identifier of the feature group. + featureIds: + description: Required. Identifiers of features under the feature group. + items: + type: string + type: array + GoogleCloudAiplatformV1EvaluatedAnnotationExplanation: + properties: + explanationType: description: >- - Key-value contents for the mutlimodality input, including text, - image, video, audio, and pdf, etc. The key is placeholder in metric - prompt template, and the value is the multimodal content. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ContentMap' - GoogleCloudAiplatformV1ContentMap: - id: GoogleCloudAiplatformV1ContentMap - description: Map of placeholder in metric prompt template to contents of model input. + Explanation type. For AutoML Image Classification models, possible + values are: * `image-integrated-gradients` * `image-xrai` + type: string + explanation: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Explanation' + description: Explanation attribution response details. + id: GoogleCloudAiplatformV1EvaluatedAnnotationExplanation + description: Explanation result of the prediction produced by the Model. type: object - properties: - values: - description: Optional. Map of placeholder to contents. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ContentMapContents' - GoogleCloudAiplatformV1ContentMapContents: - id: GoogleCloudAiplatformV1ContentMapContents - description: Repeated Content type. + GoogleCloudAiplatformV1EvaluationRunEvaluationConfig: type: object properties: - contents: - description: Optional. Repeated contents. + rubricConfigs: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationRubricConfig' + description: >- + Optional. The rubric configs for the evaluation run. They are used + to generate rubrics which can be used by rubric-based metrics. + Multiple rubric configs can be specified for rubric generation but + only one rubric config can be used for a rubric-based metric. If + more than one rubric config is provided, the evaluation metric must + specify a rubric group key. Note that if a generation spec is + specified on both a rubric config and an evaluation metric, the + rubrics generated for the metric will be used for evaluation. + type: array + autoraterConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationRunEvaluationConfigAutoraterConfig + description: Optional. The autorater config for the evaluation run. + outputConfig: + description: Optional. The output config for the evaluation run. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationRunEvaluationConfigOutputConfig + promptTemplate: + description: >- + The prompt template used for inference. The values for variables in + the prompt template are defined in + EvaluationItem.EvaluationPrompt.PromptTemplateData.values. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationRunEvaluationConfigPromptTemplate + metrics: type: array + description: Required. The metrics to be calculated in the evaluation run. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - GoogleCloudAiplatformV1Content: - id: GoogleCloudAiplatformV1Content - description: >- - The base structured datatype containing multi-part content of a message. - A `Content` includes a `role` field designating the producer of the - `Content` and a `parts` field containing multi-part data that contains - the content of the message turn. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationRunMetric' + id: GoogleCloudAiplatformV1EvaluationRunEvaluationConfig + description: The Evalution configuration used for the evaluation run. + GoogleCloudAiplatformV1RawOutput: + properties: + rawOutput: + items: + type: string + readOnly: true + description: Output only. Raw output string. + type: array + description: Raw output. type: object + id: GoogleCloudAiplatformV1RawOutput + GoogleCloudAiplatformV1FindNeighborsResponse: properties: - role: - description: >- - Optional. The producer of the content. Must be either 'user' or - 'model'. Useful to set for multi-turn conversations, otherwise can - be left blank or unset. - type: string - parts: - description: >- - Required. Ordered `Parts` that constitute a single message. Parts - may have different IANA MIME types. + nearestNeighbors: + description: The nearest neighbors of the query datapoints. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Part' - GoogleCloudAiplatformV1Part: - id: GoogleCloudAiplatformV1Part - description: >- - A datatype containing media that is part of a multi-part `Content` - message. A `Part` consists of data which has an associated datatype. A - `Part` can only contain one of the accepted types in `Part.data`. A - `Part` must have a fixed IANA MIME type identifying the type and subtype - of the media if `inline_data` or `file_data` field is filled with raw - bytes. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FindNeighborsResponseNearestNeighbors + description: The response message for MatchService.FindNeighbors. + id: GoogleCloudAiplatformV1FindNeighborsResponse type: object + GoogleCloudAiplatformV1ExamplesRestrictionsNamespace: + id: GoogleCloudAiplatformV1ExamplesRestrictionsNamespace properties: - text: - description: Optional. Text part (can be code). - type: string - inlineData: - description: Optional. Inlined bytes data. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Blob' - fileData: - description: Optional. URI based data. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FileData' - functionCall: - description: >- - Optional. A predicted [FunctionCall] returned from the model that - contains a string representing the [FunctionDeclaration.name] with - the parameters and their values. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FunctionCall' - functionResponse: - description: >- - Optional. The result output of a [FunctionCall] that contains a - string representing the [FunctionDeclaration.name] and a structured - JSON object containing any output from the function call. It is used - as context to the model. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FunctionResponse' - executableCode: - description: Optional. Code generated by the model that is meant to be executed. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExecutableCode' - codeExecutionResult: - description: Optional. Result of executing the [ExecutableCode]. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CodeExecutionResult' - videoMetadata: - description: >- - Optional. Video metadata. The metadata should only be specified - while the video data is presented in inline_data or file_data. - $ref: '#/components/schemas/GoogleCloudAiplatformV1VideoMetadata' - thought: - description: Optional. Indicates if the part is thought from the model. - type: boolean - thoughtSignature: - description: >- - Optional. An opaque signature for the thought so it can be reused in - subsequent requests. + allow: + description: The list of allowed tags. + items: + type: string + type: array + namespaceName: type: string - format: byte - GoogleCloudAiplatformV1Blob: - id: GoogleCloudAiplatformV1Blob - description: Content blob. + description: The namespace name. + deny: + items: + type: string + type: array + description: The list of deny tags. + description: Restrictions namespace for example-based explanations overrides. type: object + GoogleCloudAiplatformV1TrialContext: properties: - mimeType: - description: Required. The IANA standard MIME type of the source data. - type: string - data: - description: Required. Raw bytes. - type: string - format: byte - displayName: + parameters: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TrialParameter' description: >- - Optional. Display name of the blob. Used to provide a label or - filename to distinguish blobs. This field is only returned in - PromptMessage for prompt management. It is currently used in the - Gemini GenerateContent calls only when server side tools - (code_execution, google_search, and url_context) are enabled. - type: string - GoogleCloudAiplatformV1FileData: - id: GoogleCloudAiplatformV1FileData - description: URI based data. - type: object - properties: - mimeType: - description: Required. The IANA standard MIME type of the source data. - type: string - fileUri: - description: Required. URI. - type: string - displayName: + If/when a Trial is generated or selected from this Context, its + Parameters will match any parameters specified here. (I.e. if this + context specifies parameter name:'a' int_value:3, then a resulting + Trial will have int_value:3 for its parameter named 'a'.) Note that + we first attempt to match existing REQUESTED Trials with contexts, + and if there are no matches, we generate suggestions in the subspace + defined by the parameters specified here. NOTE: a Context without + any Parameters matches the entire feasible search space. + type: array + description: description: >- - Optional. Display name of the file data. Used to provide a label or - filename to distinguish file datas. This field is only returned in - PromptMessage for prompt management. It is currently used in the - Gemini GenerateContent calls only when server side tools - (code_execution, google_search, and url_context) are enabled. + A human-readable field which can store a description of this + context. This will become part of the resulting Trial's description + field. type: string - GoogleCloudAiplatformV1FunctionCall: - id: GoogleCloudAiplatformV1FunctionCall - description: >- - A predicted [FunctionCall] returned from the model that contains a - string representing the [FunctionDeclaration.name] and a structured JSON - object containing the parameters and their values. type: object + id: GoogleCloudAiplatformV1TrialContext + GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadata: properties: - name: + contentValidationStats: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadataContentValidationStats + type: array description: >- - Required. The name of the function to call. Matches - [FunctionDeclaration.name]. + The validation stats of the content (per file) to be inserted or + updated on the Matching Engine Index resource. Populated if + contentsDeltaUri is provided as part of Index.metadata. Please note + that, currently for those files that are broken or has unsupported + file format, we will not have the stats for those files. + dataBytesCount: + description: The ingested data size in bytes. type: string - args: - description: >- - Optional. The function parameters and values in JSON object format. - See [FunctionDeclaration.parameters] for parameter details. - type: object - additionalProperties: - type: any - description: Properties of the object. - GoogleCloudAiplatformV1FunctionResponse: - id: GoogleCloudAiplatformV1FunctionResponse - description: >- - The result output from a [FunctionCall] that contains a string - representing the [FunctionDeclaration.name] and a structured JSON object - containing any output from the function is used as context to the model. - This should contain the result of a [FunctionCall] made based on model - prediction. + format: int64 + id: GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadata type: object - properties: - name: - description: >- - Required. The name of the function to call. Matches - [FunctionDeclaration.name] and [FunctionCall.name]. - type: string - response: - description: >- - Required. The function response in JSON object format. Use "output" - key to specify function output and "error" key to specify error - details (if any). If "output" and "error" keys are not specified, - then whole "response" is treated as function output. - type: object - additionalProperties: - type: any - description: Properties of the object. - GoogleCloudAiplatformV1ExecutableCode: - id: GoogleCloudAiplatformV1ExecutableCode - description: >- - Code generated by the model that is meant to be executed, and the result - returned to the model. Generated when using the [CodeExecution] tool, in - which the code will be automatically executed, and a corresponding - [CodeExecutionResult] will also be generated. + description: Runtime operation metadata with regard to Matching Engine Index. + GoogleCloudAiplatformV1UpdateDeploymentResourcePoolOperationMetadata: type: object + description: Runtime operation information for UpdateDeploymentResourcePool method. properties: - language: - description: Required. Programming language of the `code`. - type: string - enumDescriptions: - - Unspecified language. This value should not be used. - - Python >= 3.10, with numpy and simpy available. - enum: - - LANGUAGE_UNSPECIFIED - - PYTHON - code: - description: Required. The code to be executed. - type: string - GoogleCloudAiplatformV1CodeExecutionResult: - id: GoogleCloudAiplatformV1CodeExecutionResult - description: >- - Result of executing the [ExecutableCode]. Only generated when using the - [CodeExecution] tool, and always follows a `part` containing the - [ExecutableCode]. - type: object + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: The operation generic information. + id: GoogleCloudAiplatformV1UpdateDeploymentResourcePoolOperationMetadata + GoogleCloudAiplatformV1ListTensorboardsResponse: properties: - outcome: - description: Required. Outcome of the code execution. - type: string - enumDescriptions: - - Unspecified status. This value should not be used. - - Code execution completed successfully. - - >- - Code execution finished but with a failure. `stderr` should - contain the reason. - - >- - Code execution ran for too long, and was cancelled. There may or - may not be a partial output present. - enum: - - OUTCOME_UNSPECIFIED - - OUTCOME_OK - - OUTCOME_FAILED - - OUTCOME_DEADLINE_EXCEEDED - output: + tensorboards: + description: The Tensorboards mathching the request. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensorboard' + type: array + nextPageToken: description: >- - Optional. Contains stdout when code execution is successful, stderr - or other description otherwise. + A token, which can be sent as ListTensorboardsRequest.page_token to + retrieve the next page. If this field is omitted, there are no + subsequent pages. type: string - GoogleCloudAiplatformV1VideoMetadata: - id: GoogleCloudAiplatformV1VideoMetadata - description: Metadata describes the input video content. + description: Response message for TensorboardService.ListTensorboards. + id: GoogleCloudAiplatformV1ListTensorboardsResponse type: object + GoogleCloudAiplatformV1ExportTensorboardTimeSeriesDataResponse: properties: - startOffset: - description: Optional. The start offset of the video. - type: string - format: google-duration - endOffset: - description: Optional. The end offset of the video. + timeSeriesDataPoints: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TimeSeriesDataPoint' + type: array + description: The returned time series data points. + nextPageToken: type: string - format: google-duration - fps: description: >- - Optional. The frame rate of the video sent to the model. If not - specified, the default value will be 1.0. The fps range is (0.0, - 24.0]. - type: number - format: double - GoogleCloudAiplatformV1PairwiseMetricInput: - id: GoogleCloudAiplatformV1PairwiseMetricInput - description: Input for pairwise metric. + A token, which can be sent as page_token to retrieve the next page. + If this field is omitted, there are no subsequent pages. type: object - properties: - metricSpec: - description: Required. Spec for pairwise metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PairwiseMetricSpec' - instance: - description: Required. Pairwise metric instance. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PairwiseMetricInstance' - GoogleCloudAiplatformV1PairwiseMetricSpec: - id: GoogleCloudAiplatformV1PairwiseMetricSpec - description: Spec for pairwise metric. + description: Response message for TensorboardService.ExportTensorboardTimeSeriesData. + id: GoogleCloudAiplatformV1ExportTensorboardTimeSeriesDataResponse + GoogleCloudAiplatformV1BatchCancelPipelineJobsRequest: type: object + id: GoogleCloudAiplatformV1BatchCancelPipelineJobsRequest + description: Request message for PipelineService.BatchCancelPipelineJobs. properties: - metricPromptTemplate: - description: Required. Metric prompt template for pairwise metric. - type: string - candidateResponseFieldName: - description: Optional. The field name of the candidate response. - type: string - baselineResponseFieldName: - description: Optional. The field name of the baseline response. - type: string - systemInstruction: - description: Optional. System instructions for pairwise metric. - type: string - customOutputFormatConfig: + names: description: >- - Optional. CustomOutputFormatConfig allows customization of metric - output. When this config is set, the default output is replaced with - the raw output string. If a custom format is chosen, the - `pairwise_choice` and `explanation` fields in the corresponding - metric result will be empty. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomOutputFormatConfig' - GoogleCloudAiplatformV1PairwiseMetricInstance: - id: GoogleCloudAiplatformV1PairwiseMetricInstance - description: >- - Pairwise metric instance. Usually one instance corresponds to one row in - an evaluation dataset. + Required. The names of the PipelineJobs to cancel. A maximum of 32 + PipelineJobs can be cancelled in a batch. Format: + `projects/{project}/locations/{location}/pipelineJobs/{pipelineJob}` + items: + type: string + type: array + GoogleCloudAiplatformV1ListMemoryRevisionsResponse: type: object + id: GoogleCloudAiplatformV1ListMemoryRevisionsResponse properties: - jsonInstance: + memoryRevisions: + description: The list of Memory Revisions in the request page. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1MemoryRevision' + type: array + nextPageToken: description: >- - Instance specified as a json string. String key-value pairs are - expected in the json_instance to render - PairwiseMetricSpec.instance_prompt_template. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - contentMapInstance: - description: >- - Key-value contents for the mutlimodality input, including text, - image, video, audio, and pdf, etc. The key is placeholder in metric - prompt template, and the value is the multimodal content. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ContentMap' - GoogleCloudAiplatformV1ToolCallValidInput: - id: GoogleCloudAiplatformV1ToolCallValidInput - description: Input for tool call valid metric. + description: Response message for MemoryBankService.ListMemoryRevisions. + GoogleCloudAiplatformV1CancelCustomJobRequest: type: object + properties: {} + id: GoogleCloudAiplatformV1CancelCustomJobRequest + description: Request message for JobService.CancelCustomJob. + GoogleCloudAiplatformV1TrajectoryPrecisionResults: properties: - metricSpec: - description: Required. Spec for tool call valid metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolCallValidSpec' - instances: - description: Required. Repeated tool call valid instances. + trajectoryPrecisionMetricValues: + readOnly: true type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolCallValidInstance' - GoogleCloudAiplatformV1ToolCallValidSpec: - id: GoogleCloudAiplatformV1ToolCallValidSpec - description: Spec for tool call valid metric. - type: object - properties: {} - GoogleCloudAiplatformV1ToolCallValidInstance: - id: GoogleCloudAiplatformV1ToolCallValidInstance - description: Spec for tool call valid instance. - type: object - properties: - prediction: - description: Required. Output of the evaluated model. - type: string - reference: - description: Required. Ground truth used to compare against the prediction. - type: string - GoogleCloudAiplatformV1ToolNameMatchInput: - id: GoogleCloudAiplatformV1ToolNameMatchInput - description: Input for tool name match metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectoryPrecisionMetricValue + description: Output only. TrajectoryPrecision metric values. + description: Results for TrajectoryPrecision metric. + id: GoogleCloudAiplatformV1TrajectoryPrecisionResults type: object + GoogleCloudAiplatformV1DataItemView: properties: - metricSpec: - description: Required. Spec for tool name match metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolNameMatchSpec' - instances: - description: Required. Repeated tool name match instances. + hasTruncatedAnnotations: + description: >- + True if and only if the Annotations field has been truncated. It + happens if more Annotations for this DataItem met the request's + annotation_filter than are allowed to be returned by + annotations_limit. Note that if Annotations field is not being + returned due to field mask, then this field will not be set to true + no matter how many Annotations are there. + type: boolean + dataItem: + description: The DataItem. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DataItem' + annotations: + description: >- + The Annotations on the DataItem. If too many Annotations should be + returned for the DataItem, this field will be truncated per + annotations_limit in request. If it was, then the + has_truncated_annotations will be set to true. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolNameMatchInstance' - GoogleCloudAiplatformV1ToolNameMatchSpec: - id: GoogleCloudAiplatformV1ToolNameMatchSpec - description: Spec for tool name match metric. - type: object - properties: {} - GoogleCloudAiplatformV1ToolNameMatchInstance: - id: GoogleCloudAiplatformV1ToolNameMatchInstance - description: Spec for tool name match instance. - type: object - properties: - prediction: - description: Required. Output of the evaluated model. - type: string - reference: - description: Required. Ground truth used to compare against the prediction. - type: string - GoogleCloudAiplatformV1ToolParameterKeyMatchInput: - id: GoogleCloudAiplatformV1ToolParameterKeyMatchInput - description: Input for tool parameter key match metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Annotation' type: object + description: A container for a single DataItem and Annotations on it. + id: GoogleCloudAiplatformV1DataItemView + GoogleCloudAiplatformV1Tool: + id: GoogleCloudAiplatformV1Tool properties: - metricSpec: - description: Required. Spec for tool parameter key match metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ToolParameterKeyMatchSpec - instances: - description: Required. Repeated tool parameter key match instances. + retrieval: + description: >- + Optional. Retrieval tool type. System will always execute the + provided retrieval tool(s) to get external knowledge to answer the + prompt. Retrieval results are presented to the model for generation. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Retrieval' + codeExecution: + description: >- + Optional. CodeExecution tool type. Enables the model to execute code + as part of generation. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolCodeExecution' + urlContext: + description: Optional. Tool to support URL context retrieval. + $ref: '#/components/schemas/GoogleCloudAiplatformV1UrlContext' + googleMaps: + description: >- + Optional. GoogleMaps tool type. Tool to support Google Maps in + Model. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GoogleMaps' + googleSearchRetrieval: + description: >- + Optional. Specialized retrieval tool that is powered by Google + Search. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GoogleSearchRetrieval' + deprecated: true + enterpriseWebSearch: + description: >- + Optional. Tool to support searching public web data, powered by + Vertex AI Search and Sec4 compliance. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EnterpriseWebSearch' + computerUse: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolComputerUse' + description: >- + Optional. Tool to support the model interacting directly with the + computer. If enabled, it automatically populates computer-use + specific Function Declarations. + functionDeclarations: type: array items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ToolParameterKeyMatchInstance - GoogleCloudAiplatformV1ToolParameterKeyMatchSpec: - id: GoogleCloudAiplatformV1ToolParameterKeyMatchSpec - description: Spec for tool parameter key match metric. - type: object - properties: {} - GoogleCloudAiplatformV1ToolParameterKeyMatchInstance: - id: GoogleCloudAiplatformV1ToolParameterKeyMatchInstance - description: Spec for tool parameter key match instance. - type: object - properties: - prediction: - description: Required. Output of the evaluated model. - type: string - reference: - description: Required. Ground truth used to compare against the prediction. - type: string - GoogleCloudAiplatformV1ToolParameterKVMatchInput: - id: GoogleCloudAiplatformV1ToolParameterKVMatchInput - description: Input for tool parameter key value match metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FunctionDeclaration' + description: >- + Optional. Function tool type. One or more function declarations to + be passed to the model along with the current user query. Model may + decide to call a subset of these functions by populating + FunctionCall in the response. User should provide a FunctionResponse + for each function call in the next turn. Based on the function + responses, Model will generate the final response back to the user. + Maximum 512 function declarations can be provided. + googleSearch: + description: >- + Optional. GoogleSearch tool type. Tool to support Google Search in + Model. Powered by Google. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolGoogleSearch' type: object + description: >- + Tool details that the model may use to generate response. A `Tool` is a + piece of code that enables the system to interact with external systems + to perform an action, or set of actions, outside of knowledge and scope + of the model. A Tool object should contain exactly one type of Tool (e.g + FunctionDeclaration, Retrieval or GoogleSearchRetrieval). + GoogleCloudAiplatformV1ListEvaluationSetsResponse: + description: Response message for EvaluationManagementService.ListEvaluationSets. properties: - metricSpec: - description: Required. Spec for tool parameter key value match metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolParameterKVMatchSpec' - instances: - description: Required. Repeated tool parameter key value match instances. + evaluationSets: + description: List of EvaluationSets in the requested page. type: array items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ToolParameterKVMatchInstance - GoogleCloudAiplatformV1ToolParameterKVMatchSpec: - id: GoogleCloudAiplatformV1ToolParameterKVMatchSpec - description: Spec for tool parameter key value match metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationSet' + nextPageToken: + description: A token to retrieve the next page of results. + type: string + id: GoogleCloudAiplatformV1ListEvaluationSetsResponse type: object - properties: - useStrictStringMatch: - description: Optional. Whether to use STRICT string match on parameter values. - type: boolean - GoogleCloudAiplatformV1ToolParameterKVMatchInstance: - id: GoogleCloudAiplatformV1ToolParameterKVMatchInstance - description: Spec for tool parameter key value match instance. + GoogleCloudAiplatformV1ExportFeatureValuesResponse: + properties: {} + description: Response message for FeaturestoreService.ExportFeatureValues. + id: GoogleCloudAiplatformV1ExportFeatureValuesResponse type: object + GoogleCloudAiplatformV1RagFileTransformationConfig: properties: - prediction: - description: Required. Output of the evaluated model. - type: string - reference: - description: Required. Ground truth used to compare against the prediction. - type: string - GoogleCloudAiplatformV1CometInput: - id: GoogleCloudAiplatformV1CometInput - description: Input for Comet metric. + ragFileChunkingConfig: + description: Specifies the chunking config for RagFiles. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagFileChunkingConfig' + description: Specifies the transformation config for RagFiles. type: object - properties: - metricSpec: - description: Required. Spec for comet metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CometSpec' - instance: - description: Required. Comet instance. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CometInstance' - GoogleCloudAiplatformV1CometSpec: - id: GoogleCloudAiplatformV1CometSpec - description: Spec for Comet metric. + id: GoogleCloudAiplatformV1RagFileTransformationConfig + GoogleCloudAiplatformV1BatchImportModelEvaluationSlicesResponse: + id: GoogleCloudAiplatformV1BatchImportModelEvaluationSlicesResponse + description: Response message for ModelService.BatchImportModelEvaluationSlices type: object properties: - version: - description: Required. Which version to use for evaluation. - type: string - enumDescriptions: - - Comet version unspecified. - - >- - Comet 22 for translation + source + reference - (source-reference-combined). - enum: - - COMET_VERSION_UNSPECIFIED - - COMET_22_SRC_REF - sourceLanguage: - description: Optional. Source language in BCP-47 format. - type: string - targetLanguage: - description: >- - Optional. Target language in BCP-47 format. Covers both prediction - and reference. - type: string - GoogleCloudAiplatformV1CometInstance: - id: GoogleCloudAiplatformV1CometInstance - description: >- - Spec for Comet instance - The fields used for evaluation are dependent - on the comet version. - type: object + importedModelEvaluationSlices: + items: + type: string + description: Output only. List of imported ModelEvaluationSlice.name. + type: array + readOnly: true + GoogleIamV1Binding: + id: GoogleIamV1Binding + description: Associates `members`, or principals, with a `role`. properties: - prediction: - description: Required. Output of the evaluated model. - type: string - reference: - description: Optional. Ground truth used to compare against the prediction. - type: string - source: - description: Optional. Source text in original language. + role: type: string - GoogleCloudAiplatformV1MetricxInput: - id: GoogleCloudAiplatformV1MetricxInput - description: Input for MetricX metric. - type: object - properties: - metricSpec: - description: Required. Spec for Metricx metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1MetricxSpec' - instance: - description: Required. Metricx instance. - $ref: '#/components/schemas/GoogleCloudAiplatformV1MetricxInstance' - GoogleCloudAiplatformV1MetricxSpec: - id: GoogleCloudAiplatformV1MetricxSpec - description: Spec for MetricX metric. - type: object - properties: - version: - description: Required. Which version to use for evaluation. - type: string - enumDescriptions: - - MetricX version unspecified. - - MetricX 2024 (2.6) for translation + reference (reference-based). - - MetricX 2024 (2.6) for translation + source (QE). - - >- - MetricX 2024 (2.6) for translation + source + reference - (source-reference-combined). - enum: - - METRICX_VERSION_UNSPECIFIED - - METRICX_24_REF - - METRICX_24_SRC - - METRICX_24_SRC_REF - sourceLanguage: - description: Optional. Source language in BCP-47 format. - type: string - targetLanguage: description: >- - Optional. Target language in BCP-47 format. Covers both prediction - and reference. - type: string - GoogleCloudAiplatformV1MetricxInstance: - id: GoogleCloudAiplatformV1MetricxInstance - description: >- - Spec for MetricX instance - The fields used for evaluation are dependent - on the MetricX version. - type: object - properties: - prediction: - description: Required. Output of the evaluated model. - type: string - reference: - description: Optional. Ground truth used to compare against the prediction. - type: string - source: - description: Optional. Source text in original language. - type: string - GoogleCloudAiplatformV1TrajectoryExactMatchInput: - id: GoogleCloudAiplatformV1TrajectoryExactMatchInput - description: Instances and metric spec for TrajectoryExactMatch metric. - type: object - properties: - metricSpec: - description: Required. Spec for TrajectoryExactMatch metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1TrajectoryExactMatchSpec' - instances: - description: Required. Repeated TrajectoryExactMatch instance. + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + condition: + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/GoogleTypeExpr' + members: type: array + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryExactMatchInstance - GoogleCloudAiplatformV1TrajectoryExactMatchSpec: - id: GoogleCloudAiplatformV1TrajectoryExactMatchSpec - description: >- - Spec for TrajectoryExactMatch metric - returns 1 if tool calls in the - reference trajectory exactly match the predicted trajectory, else 0. - type: object - properties: {} - GoogleCloudAiplatformV1TrajectoryExactMatchInstance: - id: GoogleCloudAiplatformV1TrajectoryExactMatchInstance - description: Spec for TrajectoryExactMatch instance. + type: string type: object - properties: - predictedTrajectory: - description: Required. Spec for predicted tool call trajectory. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' - referenceTrajectory: - description: Required. Spec for reference tool call trajectory. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' - GoogleCloudAiplatformV1Trajectory: - id: GoogleCloudAiplatformV1Trajectory - description: Spec for trajectory. + GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecCategoricalValueCondition: + description: Represents the spec to match categorical values from parent parameter. type: object properties: - toolCalls: - description: Required. Tool calls in the trajectory. - type: array + values: + description: >- + Required. Matches values of the parent parameter of 'CATEGORICAL' + type. All values must exist in `categorical_value_spec` of parent + parameter. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolCall' - GoogleCloudAiplatformV1ToolCall: - id: GoogleCloudAiplatformV1ToolCall - description: Spec for tool call. - type: object + type: string + type: array + id: >- + GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecCategoricalValueCondition + GoogleCloudAiplatformV1AuthConfigApiKeyConfig: properties: - toolName: - description: Required. Spec for tool name + name: type: string - toolInput: - description: Optional. Spec for tool input + description: >- + Optional. The parameter name of the API key. E.g. If the API request + is "https://example.com/act?api_key=", "api_key" would be the + parameter name. + apiKeyString: type: string - GoogleCloudAiplatformV1TrajectoryInOrderMatchInput: - id: GoogleCloudAiplatformV1TrajectoryInOrderMatchInput - description: Instances and metric spec for TrajectoryInOrderMatch metric. + description: Optional. The API key to be used in the request directly. + httpElementLocation: + type: string + description: Optional. The location of the API key. + enum: + - HTTP_IN_UNSPECIFIED + - HTTP_IN_QUERY + - HTTP_IN_HEADER + - HTTP_IN_PATH + - HTTP_IN_BODY + - HTTP_IN_COOKIE + enumDescriptions: + - '' + - Element is in the HTTP request query. + - Element is in the HTTP request header. + - Element is in the HTTP request path. + - Element is in the HTTP request body. + - Element is in the HTTP request cookie. + apiKeySecret: + type: string + description: >- + Optional. The name of the SecretManager secret version resource + storing the API key. Format: + `projects/{project}/secrets/{secrete}/versions/{version}` - If both + `api_key_secret` and `api_key_string` are specified, this field + takes precedence over `api_key_string`. - If specified, the + `secretmanager.versions.access` permission should be granted to + Vertex AI Extension Service Agent + (https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) + on the specified resource. + description: Config for authentication with API key. type: object + id: GoogleCloudAiplatformV1AuthConfigApiKeyConfig + GoogleCloudAiplatformV1ImportDataOperationMetadata: + id: GoogleCloudAiplatformV1ImportDataOperationMetadata properties: - metricSpec: - description: Required. Spec for TrajectoryInOrderMatch metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryInOrderMatchSpec - instances: - description: Required. Repeated TrajectoryInOrderMatch instance. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryInOrderMatchInstance - GoogleCloudAiplatformV1TrajectoryInOrderMatchSpec: - id: GoogleCloudAiplatformV1TrajectoryInOrderMatchSpec - description: >- - Spec for TrajectoryInOrderMatch metric - returns 1 if tool calls in the - reference trajectory appear in the predicted trajectory in the same - order, else 0. - type: object - properties: {} - GoogleCloudAiplatformV1TrajectoryInOrderMatchInstance: - id: GoogleCloudAiplatformV1TrajectoryInOrderMatchInstance - description: Spec for TrajectoryInOrderMatch instance. + genericMetadata: + description: The common part of the operation metadata. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Runtime operation information for DatasetService.ImportData. type: object - properties: - predictedTrajectory: - description: Required. Spec for predicted tool call trajectory. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' - referenceTrajectory: - description: Required. Spec for reference tool call trajectory. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' - GoogleCloudAiplatformV1TrajectoryAnyOrderMatchInput: - id: GoogleCloudAiplatformV1TrajectoryAnyOrderMatchInput - description: Instances and metric spec for TrajectoryAnyOrderMatch metric. + GoogleCloudAiplatformV1RagManagedDbConfigUnprovisioned: type: object - properties: - metricSpec: - description: Required. Spec for TrajectoryAnyOrderMatch metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryAnyOrderMatchSpec - instances: - description: Required. Repeated TrajectoryAnyOrderMatch instance. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryAnyOrderMatchInstance - GoogleCloudAiplatformV1TrajectoryAnyOrderMatchSpec: - id: GoogleCloudAiplatformV1TrajectoryAnyOrderMatchSpec + id: GoogleCloudAiplatformV1RagManagedDbConfigUnprovisioned description: >- - Spec for TrajectoryAnyOrderMatch metric - returns 1 if all tool calls in - the reference trajectory appear in the predicted trajectory in any - order, else 0. - type: object + Disables the RAG Engine service and deletes all your data held within + this service. This will halt the billing of the service. NOTE: Once + deleted the data cannot be recovered. To start using RAG Engine again, + you will need to update the tier by calling the UpdateRagEngineConfig + API. properties: {} - GoogleCloudAiplatformV1TrajectoryAnyOrderMatchInstance: - id: GoogleCloudAiplatformV1TrajectoryAnyOrderMatchInstance - description: Spec for TrajectoryAnyOrderMatch instance. - type: object - properties: - predictedTrajectory: - description: Required. Spec for predicted tool call trajectory. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' - referenceTrajectory: - description: Required. Spec for reference tool call trajectory. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' - GoogleCloudAiplatformV1TrajectoryPrecisionInput: - id: GoogleCloudAiplatformV1TrajectoryPrecisionInput - description: Instances and metric spec for TrajectoryPrecision metric. - type: object - properties: - metricSpec: - description: Required. Spec for TrajectoryPrecision metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1TrajectoryPrecisionSpec' - instances: - description: Required. Repeated TrajectoryPrecision instance. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryPrecisionInstance - GoogleCloudAiplatformV1TrajectoryPrecisionSpec: - id: GoogleCloudAiplatformV1TrajectoryPrecisionSpec + GoogleCloudAiplatformV1UrlContextMetadata: + id: GoogleCloudAiplatformV1UrlContextMetadata description: >- - Spec for TrajectoryPrecision metric - returns a float score based on - average precision of individual tool calls. - type: object - properties: {} - GoogleCloudAiplatformV1TrajectoryPrecisionInstance: - id: GoogleCloudAiplatformV1TrajectoryPrecisionInstance - description: Spec for TrajectoryPrecision instance. - type: object - properties: - predictedTrajectory: - description: Required. Spec for predicted tool call trajectory. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' - referenceTrajectory: - description: Required. Spec for reference tool call trajectory. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' - GoogleCloudAiplatformV1TrajectoryRecallInput: - id: GoogleCloudAiplatformV1TrajectoryRecallInput - description: Instances and metric spec for TrajectoryRecall metric. + Metadata returned when the model uses the `url_context` tool to get + information from a user-provided URL. type: object properties: - metricSpec: - description: Required. Spec for TrajectoryRecall metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1TrajectoryRecallSpec' - instances: - description: Required. Repeated TrajectoryRecall instance. - type: array + urlMetadata: items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryRecallInstance - GoogleCloudAiplatformV1TrajectoryRecallSpec: - id: GoogleCloudAiplatformV1TrajectoryRecallSpec - description: >- - Spec for TrajectoryRecall metric - returns a float score based on - average recall of individual tool calls. - type: object - properties: {} - GoogleCloudAiplatformV1TrajectoryRecallInstance: - id: GoogleCloudAiplatformV1TrajectoryRecallInstance - description: Spec for TrajectoryRecall instance. - type: object - properties: - predictedTrajectory: - description: Required. Spec for predicted tool call trajectory. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' - referenceTrajectory: - description: Required. Spec for reference tool call trajectory. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' - GoogleCloudAiplatformV1TrajectorySingleToolUseInput: - id: GoogleCloudAiplatformV1TrajectorySingleToolUseInput - description: Instances and metric spec for TrajectorySingleToolUse metric. - type: object - properties: - metricSpec: - description: Required. Spec for TrajectorySingleToolUse metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectorySingleToolUseSpec - instances: - description: Required. Repeated TrajectorySingleToolUse instance. + $ref: '#/components/schemas/GoogleCloudAiplatformV1UrlMetadata' type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectorySingleToolUseInstance - GoogleCloudAiplatformV1TrajectorySingleToolUseSpec: - id: GoogleCloudAiplatformV1TrajectorySingleToolUseSpec - description: >- - Spec for TrajectorySingleToolUse metric - returns 1 if tool is present - in the predicted trajectory, else 0. - type: object - properties: - toolName: + readOnly: true description: >- - Required. Spec for tool name to be checked for in the predicted - trajectory. - type: string - GoogleCloudAiplatformV1TrajectorySingleToolUseInstance: - id: GoogleCloudAiplatformV1TrajectorySingleToolUseInstance - description: Spec for TrajectorySingleToolUse instance. - type: object - properties: - predictedTrajectory: - description: Required. Spec for predicted tool call trajectory. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' - GoogleCloudAiplatformV1RubricBasedInstructionFollowingInput: - id: GoogleCloudAiplatformV1RubricBasedInstructionFollowingInput - description: Instance and metric spec for RubricBasedInstructionFollowing metric. - type: object + Output only. A list of URL metadata, with one entry for each URL + retrieved by the tool. + GoogleCloudAiplatformV1NotebookRuntime: properties: - metricSpec: - description: Required. Spec for RubricBasedInstructionFollowing metric. + reservationAffinity: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RubricBasedInstructionFollowingSpec - instance: - description: Required. Instance for RubricBasedInstructionFollowing metric. + #/components/schemas/GoogleCloudAiplatformV1NotebookReservationAffinity + readOnly: true + description: Output only. Reservation Affinity of the notebook runtime. + createTime: + format: google-datetime + type: string + readOnly: true + description: Output only. Timestamp when this NotebookRuntime was created. + machineSpec: + description: >- + Output only. The specification of a single machine used by the + notebook runtime. + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1MachineSpec' + idleShutdownConfig: + readOnly: true + description: >- + Output only. The idle shutdown configuration of the notebook + runtime. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RubricBasedInstructionFollowingInstance - GoogleCloudAiplatformV1RubricBasedInstructionFollowingSpec: - id: GoogleCloudAiplatformV1RubricBasedInstructionFollowingSpec - description: >- - Spec for RubricBasedInstructionFollowing metric - returns rubrics and - verdicts corresponding to rubrics along with overall score. - type: object - properties: {} - GoogleCloudAiplatformV1RubricBasedInstructionFollowingInstance: - id: GoogleCloudAiplatformV1RubricBasedInstructionFollowingInstance - description: >- - Instance for RubricBasedInstructionFollowing metric - one instance - corresponds to one row in an evaluation dataset. - type: object - properties: - jsonInstance: + #/components/schemas/GoogleCloudAiplatformV1NotebookIdleShutdownConfig + satisfiesPzs: + description: Output only. Reserved for future use. + type: boolean + readOnly: true + dataPersistentDiskSpec: + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1PersistentDiskSpec' description: >- - Required. Instance specified as a json string. String key-value - pairs are expected in the json_instance to render - RubricBasedInstructionFollowing prompt templates. + Output only. The specification of persistent disk attached to the + notebook runtime as data disk storage. + name: + type: string + readOnly: true + description: Output only. The resource name of the NotebookRuntime. + proxyUri: + description: Output only. The proxy endpoint used to access the NotebookRuntime. + type: string + readOnly: true + satisfiesPzi: + description: Output only. Reserved for future use. + type: boolean + readOnly: true + softwareConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookSoftwareConfig' + readOnly: true + description: Output only. Software config of the notebook runtime. + runtimeState: + type: string + enum: + - RUNTIME_STATE_UNSPECIFIED + - RUNNING + - BEING_STARTED + - BEING_STOPPED + - STOPPED + - BEING_UPGRADED + - ERROR + - INVALID + enumDescriptions: + - Unspecified runtime state. + - NotebookRuntime is in running state. + - >- + NotebookRuntime is in starting state. This is when the runtime is + being started from a stopped state. + - NotebookRuntime is in stopping state. + - NotebookRuntime is in stopped state. + - >- + NotebookRuntime is in upgrading state. It is in the middle of + upgrading process. + - NotebookRuntime was unable to start/stop properly. + - NotebookRuntime is in invalid state. Cannot be recovered. + description: Output only. The runtime (instance) state of the NotebookRuntime. + readOnly: true + healthState: + readOnly: true + type: string + description: Output only. The health state of the NotebookRuntime. + enum: + - HEALTH_STATE_UNSPECIFIED + - HEALTHY + - UNHEALTHY + enumDescriptions: + - Unspecified health state. + - NotebookRuntime is in healthy state. Applies to ACTIVE state. + - NotebookRuntime is in unhealthy state. Applies to ACTIVE state. + version: + description: Output only. The VM os image version of NotebookRuntime. + readOnly: true + type: string + serviceAccount: + readOnly: true type: string - GoogleCloudAiplatformV1Metric: - id: GoogleCloudAiplatformV1Metric - description: The metric used for running evaluations. - type: object - properties: - predefinedMetricSpec: - description: The spec for a pre-defined metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PredefinedMetricSpec' - pointwiseMetricSpec: - description: Spec for pointwise metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PointwiseMetricSpec' - pairwiseMetricSpec: - description: Spec for pairwise metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PairwiseMetricSpec' - exactMatchSpec: - description: Spec for exact match metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExactMatchSpec' - bleuSpec: - description: Spec for bleu metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1BleuSpec' - rougeSpec: - description: Spec for rouge metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RougeSpec' - aggregationMetrics: - description: Optional. The aggregation metrics to use. - type: array - items: - type: string - enumDescriptions: - - Unspecified aggregation metric. - - Average aggregation metric. Not supported for Pairwise metric. - - Mode aggregation metric. - - >- - Standard deviation aggregation metric. Not supported for - pairwise metric. - - Variance aggregation metric. Not supported for pairwise metric. - - Minimum aggregation metric. Not supported for pairwise metric. - - Maximum aggregation metric. Not supported for pairwise metric. - - Median aggregation metric. Not supported for pairwise metric. - - >- - 90th percentile aggregation metric. Not supported for pairwise - metric. - - >- - 95th percentile aggregation metric. Not supported for pairwise - metric. - - >- - 99th percentile aggregation metric. Not supported for pairwise - metric. - enum: - - AGGREGATION_METRIC_UNSPECIFIED - - AVERAGE - - MODE - - STANDARD_DEVIATION - - VARIANCE - - MINIMUM - - MAXIMUM - - MEDIAN - - PERCENTILE_P90 - - PERCENTILE_P95 - - PERCENTILE_P99 - GoogleCloudAiplatformV1PredefinedMetricSpec: - id: GoogleCloudAiplatformV1PredefinedMetricSpec - description: The spec for a pre-defined metric. - type: object - properties: - metricSpecName: description: >- - Required. The name of a pre-defined metric, such as - "instruction_following_v1" or "text_quality_v1". + Output only. Deprecated: This field is no longer used and the + "Vertex AI Notebook Service Account" + (service-PROJECT_NUMBER@gcp-sa-aiplatform-vm.iam.gserviceaccount.com) + is used for the runtime workload identity. See + https://cloud.google.com/iam/docs/service-agents#vertex-ai-notebook-service-account + for more details. The service account that the NotebookRuntime + workload runs as. + shieldedVmConfig: + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1ShieldedVmConfig' + description: Output only. Runtime Shielded VM spec. + encryptionSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + readOnly: true + description: >- + Output only. Customer-managed encryption key spec for the notebook + runtime. + expirationTime: + description: >- + Output only. Timestamp when this NotebookRuntime will be expired: 1. + System Predefined NotebookRuntime: 24 hours after creation. After + expiration, system predifined runtime will be deleted. 2. User + created NotebookRuntime: 6 months after last upgrade. After + expiration, user created runtime will be stopped and allowed for + upgrade. + readOnly: true type: string - metricSpecParameters: - description: Optional. The parameters needed to run the pre-defined metric. - type: object - additionalProperties: - type: any - description: Properties of the object. - GoogleCloudAiplatformV1EvaluationInstance: - id: GoogleCloudAiplatformV1EvaluationInstance - description: >- - A single instance to be evaluated. Instances are used to specify the - input data for evaluation, from simple string comparisons to complex, - multi-turn model evaluations - type: object - properties: - prompt: + format: google-datetime + networkTags: + type: array + items: + type: string description: >- - Optional. Data used to populate placeholder `prompt` in a metric - prompt template. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceInstanceData - rubricGroups: + Optional. The Compute Engine tags to add to runtime (see [Tagging + instances](https://cloud.google.com/vpc/docs/add-remove-network-tags)). + networkSpec: + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1NetworkSpec' + description: Output only. Network spec of the notebook runtime. + displayName: description: >- - Optional. Named groups of rubrics associated with the prompt. This - is used for rubric-based evaluations where rubrics can be referenced - by a key. The key could represent versions, associated metrics, etc. - type: object + Required. The display name of the NotebookRuntime. The name can be + up to 128 characters long and can consist of any UTF-8 characters. + type: string + isUpgradable: + description: Output only. Whether NotebookRuntime is upgradable. + readOnly: true + type: boolean + runtimeUser: + type: string + description: Required. The user email of the NotebookRuntime. + labels: additionalProperties: - $ref: '#/components/schemas/GoogleCloudAiplatformV1RubricGroup' - response: + type: string description: >- - Required. Data used to populate placeholder `response` in a metric - prompt template. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceInstanceData - reference: + The labels with user-defined metadata to organize your + NotebookRuntime. Label keys and values can be no longer than 64 + characters (Unicode codepoints), can only contain lowercase letters, + numeric characters, underscores and dashes. International characters + are allowed. No more than 64 user labels can be associated with one + NotebookRuntime (System labels are excluded). See + https://goo.gl/xmQnxf for more information and examples of labels. + System reserved label keys are prefixed with + "aiplatform.googleapis.com/" and are immutable. Following system + labels exist for NotebookRuntime: * + "aiplatform.googleapis.com/notebook_runtime_gce_instance_id": output + only, its value is the Compute Engine instance id. * + "aiplatform.googleapis.com/colab_enterprise_entry_service": its + value is either "bigquery" or "vertex"; if absent, it should be + "vertex". This is to describe the entry service, either BigQuery or + Vertex. + type: object + updateTime: + type: string description: >- - Optional. Data used to populate placeholder `reference` in a metric - prompt template. + Output only. Timestamp when this NotebookRuntime was most recently + updated. + format: google-datetime + readOnly: true + description: + description: The description of the NotebookRuntime. + type: string + eucConfig: + description: Output only. EUC configuration of the notebook runtime. + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookEucConfig' + notebookRuntimeTemplateRef: + readOnly: true $ref: >- - #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceInstanceData - otherData: + #/components/schemas/GoogleCloudAiplatformV1NotebookRuntimeTemplateRef description: >- - Optional. Other data used to populate placeholders based on their - key. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceMapInstance - GoogleCloudAiplatformV1EvaluationInstanceInstanceData: - id: GoogleCloudAiplatformV1EvaluationInstanceInstanceData - description: Instance data used to populate placeholders in a metric prompt template. + Output only. The pointer to NotebookRuntimeTemplate this + NotebookRuntime is created from. + notebookRuntimeType: + type: string + description: Output only. The type of the notebook runtime. + enumDescriptions: + - >- + Unspecified notebook runtime type, NotebookRuntimeType will + default to USER_DEFINED. + - runtime or template with coustomized configurations from user. + - runtime or template with system defined configurations. + enum: + - NOTEBOOK_RUNTIME_TYPE_UNSPECIFIED + - USER_DEFINED + - ONE_CLICK + readOnly: true + description: >- + A runtime is a virtual machine allocated to a particular user for a + particular Notebook file on temporary basis with lifetime. Default + runtimes have a lifetime of 18 hours, while custom runtimes last for 6 + months from their creation or last upgrade. type: object + id: GoogleCloudAiplatformV1NotebookRuntime + GoogleCloudAiplatformV1UpdateFeaturestoreOperationMetadata: properties: - text: - description: Text data. - type: string - contents: - description: List of Gemini content data. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceInstanceDataContents - GoogleCloudAiplatformV1EvaluationInstanceInstanceDataContents: - id: GoogleCloudAiplatformV1EvaluationInstanceInstanceDataContents - description: List of standard Content messages from Gemini API. + genericMetadata: + description: Operation metadata for Featurestore. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Details of operations that perform update Featurestore. + id: GoogleCloudAiplatformV1UpdateFeaturestoreOperationMetadata type: object + GoogleCloudAiplatformV1FunctionCallingConfig: + id: GoogleCloudAiplatformV1FunctionCallingConfig properties: - contents: - description: Optional. Repeated contents. - type: array + allowedFunctionNames: items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - GoogleCloudAiplatformV1RubricGroup: - id: GoogleCloudAiplatformV1RubricGroup - description: >- - A group of rubrics, used for grouping rubrics based on a metric or a - version. + type: string + description: >- + Optional. Function names to call. Only set when the Mode is ANY. + Function names should match [FunctionDeclaration.name]. With mode + set to ANY, model will predict a function call from the set of + function names provided. + type: array + mode: + description: Optional. Function calling mode. + type: string + enum: + - MODE_UNSPECIFIED + - AUTO + - ANY + - NONE + enumDescriptions: + - Unspecified function calling mode. This value should not be used. + - >- + Default model behavior, model decides to predict either function + calls or natural language response. + - >- + Model is constrained to always predicting function calls only. If + "allowed_function_names" are set, the predicted function calls + will be limited to any one of "allowed_function_names", else the + predicted function calls will be any one of the provided + "function_declarations". + - >- + Model will not predict any function calls. Model behavior is same + as when not passing any function declarations. + streamFunctionCallArguments: + description: >- + Optional. When set to true, arguments of a single function call will + be streamed out in multiple parts/contents/responses. Partial + parameter results will be returned in the + [FunctionCall.partial_args] field. + type: boolean + type: object + description: Function calling config. + GoogleCloudAiplatformV1UploadModelResponse: + id: GoogleCloudAiplatformV1UploadModelResponse + description: Response message of ModelService.UploadModel operation. type: object properties: - groupId: - description: Unique identifier for the group. + modelVersionId: + description: Output only. The version ID of the model that is uploaded. + readOnly: true type: string - displayName: - description: >- - Human-readable name for the group. This should be unique within a - given context if used for display or selection. Example: - "Instruction Following V1", "Content Quality - Summarization Task". + model: type: string - rubrics: - description: Rubrics that are part of this group. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Rubric' - GoogleCloudAiplatformV1Rubric: - id: GoogleCloudAiplatformV1Rubric - description: >- - Message representing a single testable criterion for evaluation. One - input prompt could have multiple rubrics. + description: >- + The name of the uploaded Model resource. Format: + `projects/{project}/locations/{location}/models/{model}` + GoogleCloudAiplatformV1IndexDatapointNumericRestriction: type: object properties: - rubricId: - description: >- - Unique identifier for the rubric. This ID is used to refer to this - rubric, e.g., in RubricVerdict. + valueFloat: + type: number + format: float + description: Represents 32 bit float. + valueInt: + format: int64 + description: Represents 64 bit integer. type: string - content: - description: Required. The actual testable criteria for the rubric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RubricContent' - type: + valueDouble: + type: number + format: double + description: Represents 64 bit float. + op: + enumDescriptions: + - Default value of the enum. + - Datapoints are eligible iff their value is < the query's. + - Datapoints are eligible iff their value is <= the query's. + - Datapoints are eligible iff their value is == the query's. + - Datapoints are eligible iff their value is >= the query's. + - Datapoints are eligible iff their value is > the query's. + - Datapoints are eligible iff their value is != the query's. description: >- - Optional. A type designator for the rubric, which can inform how - it's evaluated or interpreted by systems or users. It's recommended - to use consistent, well-defined, upper snake_case strings. Examples: - "SUMMARIZATION_QUALITY", "SAFETY_HARMFUL_CONTENT", - "INSTRUCTION_ADHERENCE". + This MUST be specified for queries and must NOT be specified for + datapoints. + enum: + - OPERATOR_UNSPECIFIED + - LESS + - LESS_EQUAL + - EQUAL + - GREATER_EQUAL + - GREATER + - NOT_EQUAL type: string - importance: - description: Optional. The relative importance of this rubric. + namespace: + description: 'The namespace of this restriction. e.g.: cost.' type: string - enumDescriptions: - - Importance is not specified. - - High importance. - - Medium importance. - - Low importance. - enum: - - IMPORTANCE_UNSPECIFIED - - HIGH - - MEDIUM - - LOW - GoogleCloudAiplatformV1RubricContent: - id: GoogleCloudAiplatformV1RubricContent - description: Content of the rubric, defining the testable criteria. - type: object - properties: - property: - description: Evaluation criteria based on a specific property. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RubricContentProperty' - GoogleCloudAiplatformV1RubricContentProperty: - id: GoogleCloudAiplatformV1RubricContentProperty - description: Defines criteria based on a specific property. + description: >- + This field allows restricts to be based on numeric comparisons rather + than categorical tokens. + id: GoogleCloudAiplatformV1IndexDatapointNumericRestriction + GoogleCloudAiplatformV1IntegratedGradientsAttribution: + description: >- + An attribution method that computes the Aumann-Shapley value taking + advantage of the model's fully differentiable structure. Refer to this + paper for more details: https://arxiv.org/abs/1703.01365 type: object properties: - description: + smoothGradConfig: description: >- - Description of the property being evaluated. Example: "The model's - response is grammatically correct." - type: string - GoogleCloudAiplatformV1EvaluationInstanceMapInstance: - id: GoogleCloudAiplatformV1EvaluationInstanceMapInstance - description: Instance data specified as a map. + Config for SmoothGrad approximation of gradients. When enabled, the + gradients are approximated by averaging the gradients from noisy + samples in the vicinity of the inputs. Adding noise can help improve + the computed gradients. Refer to this paper for more details: + https://arxiv.org/pdf/1706.03825.pdf + $ref: '#/components/schemas/GoogleCloudAiplatformV1SmoothGradConfig' + blurBaselineConfig: + description: >- + Config for IG with blur baseline. When enabled, a linear path from + the maximally blurred image to the input image is created. Using a + blurred baseline instead of zero (black image) is motivated by the + BlurIG approach explained here: https://arxiv.org/abs/2004.03383 + $ref: '#/components/schemas/GoogleCloudAiplatformV1BlurBaselineConfig' + stepCount: + format: int32 + type: integer + description: >- + Required. The number of steps for approximating the path integral. A + good value to start is 50 and gradually increase until the sum to + diff property is within the desired error range. Valid range of its + value is [1, 100], inclusively. + id: GoogleCloudAiplatformV1IntegratedGradientsAttribution + GoogleCloudAiplatformV1SafetyInput: type: object + id: GoogleCloudAiplatformV1SafetyInput + description: Input for safety metric. properties: - mapInstance: - description: Optional. Map of instance data. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceInstanceData - GoogleCloudAiplatformV1AutoraterConfig: - id: GoogleCloudAiplatformV1AutoraterConfig - description: >- - The configs for autorater. This is applicable to both EvaluateInstances - and EvaluateDataset. + metricSpec: + description: Required. Spec for safety metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1SafetySpec' + instance: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SafetyInstance' + description: Required. Safety instance. + GoogleCloudAiplatformV1TimeSeriesData: + id: GoogleCloudAiplatformV1TimeSeriesData type: object + description: All the data stored in a TensorboardTimeSeries. properties: - samplingCount: - description: >- - Optional. Number of samples for each instance in the dataset. If not - specified, the default is 4. Minimum value is 1, maximum value is - 32. - type: integer - format: int32 - flipEnabled: + values: + description: Required. Data points in this time series. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TimeSeriesDataPoint' + type: array + tensorboardTimeSeriesId: + type: string description: >- - Optional. Default is true. Whether to flip the candidate and - baseline responses. This is only applicable to the pairwise metric. - If enabled, also provide - PairwiseMetricSpec.candidate_response_field_name and - PairwiseMetricSpec.baseline_response_field_name. When rendering - PairwiseMetricSpec.metric_prompt_template, the candidate and - baseline fields will be flipped for half of the samples to reduce - bias. - type: boolean - autoraterModel: + Required. The ID of the TensorboardTimeSeries, which will become the + final component of the TensorboardTimeSeries' resource name + valueType: + enum: + - VALUE_TYPE_UNSPECIFIED + - SCALAR + - TENSOR + - BLOB_SEQUENCE + enumDescriptions: + - The value type is unspecified. + - >- + Used for TensorboardTimeSeries that is a list of scalars. E.g. + accuracy of a model over epochs/time. + - >- + Used for TensorboardTimeSeries that is a list of tensors. E.g. + histograms of weights of layer in a model over epoch/time. + - >- + Used for TensorboardTimeSeries that is a list of blob sequences. + E.g. set of sample images with labels over epochs/time. description: >- - Optional. The fully qualified name of the publisher model or tuned - autorater endpoint to use. Publisher model format: - `projects/{project}/locations/{location}/publishers/*/models/*` - Tuned model endpoint format: - `projects/{project}/locations/{location}/endpoints/{endpoint}` + Required. Immutable. The value type of this time series. All the + values in this time series data must match this value type. type: string - GoogleCloudAiplatformV1EvaluateInstancesResponse: - id: GoogleCloudAiplatformV1EvaluateInstancesResponse - description: Response message for EvaluationService.EvaluateInstances. + GoogleCloudAiplatformV1SupervisedHyperParameters: + description: Hyperparameters for SFT. type: object + id: GoogleCloudAiplatformV1SupervisedHyperParameters properties: - exactMatchResults: - description: Auto metric evaluation results. Results for exact match metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExactMatchResults' - bleuResults: - description: Results for bleu metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1BleuResults' - rougeResults: - description: Results for rouge metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RougeResults' - fluencyResult: - description: >- - LLM-based metric evaluation result. General text generation metrics, - applicable to other categories. Result for fluency metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FluencyResult' - coherenceResult: - description: Result for coherence metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CoherenceResult' - safetyResult: - description: Result for safety metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SafetyResult' - groundednessResult: - description: Result for groundedness metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundednessResult' - fulfillmentResult: - description: Result for fulfillment metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FulfillmentResult' - summarizationQualityResult: - description: Summarization only metrics. Result for summarization quality metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SummarizationQualityResult - pairwiseSummarizationQualityResult: - description: Result for pairwise summarization quality metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PairwiseSummarizationQualityResult - summarizationHelpfulnessResult: - description: Result for summarization helpfulness metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SummarizationHelpfulnessResult - summarizationVerbosityResult: - description: Result for summarization verbosity metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SummarizationVerbosityResult - questionAnsweringQualityResult: + adapterSize: + enumDescriptions: + - Adapter size is unspecified. + - Adapter size 1. + - Adapter size 2. + - Adapter size 4. + - Adapter size 8. + - Adapter size 16. + - Adapter size 32. + enum: + - ADAPTER_SIZE_UNSPECIFIED + - ADAPTER_SIZE_ONE + - ADAPTER_SIZE_TWO + - ADAPTER_SIZE_FOUR + - ADAPTER_SIZE_EIGHT + - ADAPTER_SIZE_SIXTEEN + - ADAPTER_SIZE_THIRTY_TWO + description: Optional. Adapter size for tuning. + type: string + epochCount: + type: string + format: int64 description: >- - Question answering only metrics. Result for question answering - quality metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringQualityResult - pairwiseQuestionAnsweringQualityResult: - description: Result for pairwise question answering quality metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityResult - questionAnsweringRelevanceResult: - description: Result for question answering relevance metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringRelevanceResult - questionAnsweringHelpfulnessResult: - description: Result for question answering helpfulness metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessResult - questionAnsweringCorrectnessResult: - description: Result for question answering correctness metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringCorrectnessResult - pointwiseMetricResult: - description: Generic metrics. Result for pointwise metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PointwiseMetricResult' - pairwiseMetricResult: - description: Result for pairwise metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PairwiseMetricResult' - toolCallValidResults: - description: Tool call metrics. Results for tool call valid metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolCallValidResults' - toolNameMatchResults: - description: Results for tool name match metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolNameMatchResults' - toolParameterKeyMatchResults: - description: Results for tool parameter key match metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ToolParameterKeyMatchResults - toolParameterKvMatchResults: - description: Results for tool parameter key value match metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ToolParameterKVMatchResults - cometResult: - description: Translation metrics. Result for Comet metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CometResult' - metricxResult: - description: Result for Metricx metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1MetricxResult' - trajectoryExactMatchResults: - description: Result for trajectory exact match metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryExactMatchResults - trajectoryInOrderMatchResults: - description: Result for trajectory in order match metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryInOrderMatchResults - trajectoryAnyOrderMatchResults: - description: Result for trajectory any order match metric. + Optional. Number of complete passes the model makes over the entire + training dataset during training. + learningRateMultiplier: + type: number + description: >- + Optional. Multiplier for adjusting the default learning rate. + Mutually exclusive with `learning_rate`. This feature is only + available for 1P models. + format: double + GoogleCloudAiplatformV1SchemaPromptSpecAppBuilderDataLinkedResource: + properties: + name: + description: >- + The unique resource name of the data source. The format is + determined by the 'type' field. For type "SAVED_PROMPT": + projects/{project}/locations/{location}/datasets/{dataset} For type + "AI_AGENT": projects/{project}/locations/{location}/agents/{agent} + type: string + type: + description: >- + The type of the linked resource. e.g., "SAVED_PROMPT", "AI_AGENT" + This string corresponds to the name of the LinkedResourceType enum + member. See: + google3/cloud/console/web/ai/platform/llm/prompts/build/services/specs_repository_service/linked_resources/linked_resource.ts + type: string + displayName: + description: A user-friendly name for the data source shown in the UI. + type: string + id: GoogleCloudAiplatformV1SchemaPromptSpecAppBuilderDataLinkedResource + type: object + description: A linked resource attached to the application by the user. + GoogleCloudAiplatformV1ReasoningEngine: + description: >- + ReasoningEngine provides a customizable runtime for models to determine + which actions to take and in which order. + id: GoogleCloudAiplatformV1ReasoningEngine + type: object + properties: + createTime: + format: google-datetime + type: string + readOnly: true + description: Output only. Timestamp when this ReasoningEngine was created. + contextSpec: + description: >- + Optional. Configuration for how Agent Engine sub-resources should + manage context. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryAnyOrderMatchResults - trajectoryPrecisionResults: - description: Result for trajectory precision metric. + #/components/schemas/GoogleCloudAiplatformV1ReasoningEngineContextSpec + description: + description: Optional. The description of the ReasoningEngine. + type: string + labels: + additionalProperties: + type: string + description: Labels for the ReasoningEngine. + type: object + encryptionSpec: + description: >- + Customer-managed encryption key spec for a ReasoningEngine. If set, + this ReasoningEngine and all sub-resources of this ReasoningEngine + will be secured by this key. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + updateTime: + type: string + format: google-datetime + readOnly: true + description: >- + Output only. Timestamp when this ReasoningEngine was most recently + updated. + name: + type: string + description: >- + Identifier. The resource name of the ReasoningEngine. Format: + `projects/{project}/locations/{location}/reasoningEngines/{reasoning_engine}` + displayName: + type: string + description: Required. The display name of the ReasoningEngine. + etag: + type: string + description: >- + Optional. Used to perform consistent read-modify-write updates. If + not set, a blind "overwrite" update happens. + spec: + description: Optional. Configurations of the ReasoningEngine + $ref: '#/components/schemas/GoogleCloudAiplatformV1ReasoningEngineSpec' + GoogleCloudAiplatformV1CreateNotebookExecutionJobOperationMetadata: + properties: + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: The operation generic information. + progressMessage: + description: >- + A human-readable message that shows the intermediate progress + details of NotebookRuntime. + type: string + description: Metadata information for NotebookService.CreateNotebookExecutionJob. + type: object + id: GoogleCloudAiplatformV1CreateNotebookExecutionJobOperationMetadata + GoogleCloudAiplatformV1SchemaPromptSpecTranslationPrompt: + type: object + id: GoogleCloudAiplatformV1SchemaPromptSpecTranslationPrompt + description: Prompt variation for Translation use case. + properties: + targetLanguageCode: + type: string + description: The target language code. + promptMessage: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryPrecisionResults - trajectoryRecallResults: - description: Results for trajectory recall metric. - $ref: '#/components/schemas/GoogleCloudAiplatformV1TrajectoryRecallResults' - trajectorySingleToolUseResults: - description: Results for trajectory single tool use metric. + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecPromptMessage + description: The prompt message. + option: + description: The translation option. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectorySingleToolUseResults - rubricBasedInstructionFollowingResult: - description: Result for rubric based instruction following metric. + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecTranslationOption + sourceLanguageCode: + type: string + description: The source language code. + example: + description: The translation example. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RubricBasedInstructionFollowingResult - metricResults: + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecTranslationExample + GoogleCloudAiplatformV1AuthConfigOauthConfig: + type: object + description: Config for user oauth. + id: GoogleCloudAiplatformV1AuthConfigOauthConfig + properties: + serviceAccount: description: >- - Metric results for each instance. The order of the metric results is - guaranteed to be the same as the order of the instances in the - request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1MetricResult' - GoogleCloudAiplatformV1ExactMatchResults: - id: GoogleCloudAiplatformV1ExactMatchResults - description: Results for exact match metric. + The service account used to generate access tokens for executing the + Extension. - If the service account is specified, the + `iam.serviceAccounts.getAccessToken` permission should be granted to + Vertex AI Extension Service Agent + (https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) + on the provided service account. + type: string + accessToken: + description: >- + Access token for extension endpoint. Only used to propagate token + from [[ExecuteExtensionRequest.runtime_auth_config]] at request + time. + type: string + GoogleCloudAiplatformV1CancelDataLabelingJobRequest: type: object + properties: {} + id: GoogleCloudAiplatformV1CancelDataLabelingJobRequest + description: Request message for JobService.CancelDataLabelingJob. + GoogleCloudAiplatformV1EmbedContentResponse: + id: GoogleCloudAiplatformV1EmbedContentResponse + description: Response message for PredictionService.EmbedContent. properties: - exactMatchMetricValues: - description: Output only. Exact match metric values. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExactMatchMetricValue' - GoogleCloudAiplatformV1ExactMatchMetricValue: - id: GoogleCloudAiplatformV1ExactMatchMetricValue - description: Exact match metric value for an instance. + usageMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1UsageMetadata' + description: Metadata about the response(s). + embedding: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EmbedContentResponseEmbedding + description: The embedding generated from the input content. + truncated: + description: >- + Whether the input content was truncated before generating the + embedding. + type: boolean type: object + GoogleCloudAiplatformV1IntermediateExtractedMemory: properties: - score: - description: Output only. Exact match score. + fact: + description: Output only. The fact of the extracted memory. readOnly: true - type: number - format: float - GoogleCloudAiplatformV1BleuResults: - id: GoogleCloudAiplatformV1BleuResults - description: Results for bleu metric. + type: string type: object + id: GoogleCloudAiplatformV1IntermediateExtractedMemory + description: >- + An extracted memory that is the intermediate result before + consolidation. + GoogleCloudAiplatformV1GenerateVideoResponse: + description: Generate video response. + id: GoogleCloudAiplatformV1GenerateVideoResponse properties: - bleuMetricValues: - description: Output only. Bleu metric values. - readOnly: true + videos: + description: List of video bytes or Cloud Storage URIs of the generated videos. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1BleuMetricValue' - GoogleCloudAiplatformV1BleuMetricValue: - id: GoogleCloudAiplatformV1BleuMetricValue - description: Bleu metric value for an instance. - type: object - properties: - score: - description: Output only. Bleu score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1RougeResults: - id: GoogleCloudAiplatformV1RougeResults - description: Results for rouge metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateVideoResponseVideo + generatedSamples: + deprecated: true + description: The cloud storage uris of the generated videos. + items: + type: string + type: array + raiMediaFilteredReasons: + items: + type: string + type: array + description: Returns rai failure reasons if any. + raiMediaFilteredCount: + format: int32 + type: integer + description: Returns if any videos were filtered due to RAI policies. type: object + GoogleCloudAiplatformV1ToolNameMatchInput: properties: - rougeMetricValues: - description: Output only. Rouge metric values. - readOnly: true + instances: + description: Required. Repeated tool name match instances. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1RougeMetricValue' - GoogleCloudAiplatformV1RougeMetricValue: - id: GoogleCloudAiplatformV1RougeMetricValue - description: Rouge metric value for an instance. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolNameMatchInstance' + metricSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolNameMatchSpec' + description: Required. Spec for tool name match metric. + description: Input for tool name match metric. + id: GoogleCloudAiplatformV1ToolNameMatchInput type: object - properties: - score: - description: Output only. Rouge score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1FluencyResult: - id: GoogleCloudAiplatformV1FluencyResult - description: Spec for fluency result. + GoogleCloudAiplatformV1AssignNotebookRuntimeOperationMetadata: + id: GoogleCloudAiplatformV1AssignNotebookRuntimeOperationMetadata + description: Metadata information for NotebookService.AssignNotebookRuntime. type: object properties: - score: - description: Output only. Fluency score. - readOnly: true - type: number - format: float - explanation: - description: Output only. Explanation for fluency score. - readOnly: true + progressMessage: + description: >- + A human-readable message that shows the intermediate progress + details of NotebookRuntime. type: string - confidence: - description: Output only. Confidence for fluency score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1CoherenceResult: - id: GoogleCloudAiplatformV1CoherenceResult - description: Spec for coherence result. + genericMetadata: + description: The operation generic information. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + GoogleCloudAiplatformV1StudySpecParameterSpecDiscreteValueSpec: + description: Value specification for a parameter in `DISCRETE` type. type: object + id: GoogleCloudAiplatformV1StudySpecParameterSpecDiscreteValueSpec properties: - score: - description: Output only. Coherence score. - readOnly: true - type: number - format: float - explanation: - description: Output only. Explanation for coherence score. - readOnly: true - type: string - confidence: - description: Output only. Confidence for coherence score. - readOnly: true + defaultValue: + description: >- + A default value for a `DISCRETE` parameter that is assumed to be a + relatively good starting point. Unset value signals that there is no + offered starting point. It automatically rounds to the nearest + feasible discrete point. Currently only supported by the Vertex AI + Vizier service. Not supported by HyperparameterTuningJob or + TrainingPipeline. + format: double type: number - format: float - GoogleCloudAiplatformV1SafetyResult: - id: GoogleCloudAiplatformV1SafetyResult - description: Spec for safety result. + values: + items: + type: number + format: double + type: array + description: >- + Required. A list of possible values. The list should be in + increasing order and at least 1e-10 apart. For instance, this + parameter might have possible settings of 1.5, 2.5, and 4.0. This + list should not contain more than 1,000 values. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesMetadata: + id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesMetadata type: object properties: - score: - description: Output only. Safety score. - readOnly: true - type: number - format: float - explanation: - description: Output only. Explanation for safety score. - readOnly: true + evaluatedDataItemsBigqueryUri: type: string - confidence: - description: Output only. Confidence for safety score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1GroundednessResult: - id: GoogleCloudAiplatformV1GroundednessResult - description: Spec for groundedness result. + description: BigQuery destination uri for exported evaluated examples. + trainCostMilliNodeHours: + format: int64 + description: >- + Output only. The actual training cost of the model, expressed in + milli node hours, i.e. 1,000 value in this field means 1 node hour. + Guaranteed to not exceed the train budget. + type: string + description: Model metadata specific to AutoML Tables. + GoogleCloudAiplatformV1AppendEventResponse: + properties: {} + description: Response message for SessionService.AppendEvent. + id: GoogleCloudAiplatformV1AppendEventResponse + type: object + GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataBigQuerySource: type: object properties: - score: - description: Output only. Groundedness score. - readOnly: true - type: number - format: float - explanation: - description: Output only. Explanation for groundedness score. - readOnly: true + uri: type: string - confidence: - description: Output only. Confidence for groundedness score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1FulfillmentResult: - id: GoogleCloudAiplatformV1FulfillmentResult - description: Spec for fulfillment result. + description: The URI of a BigQuery table. + id: GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataBigQuerySource + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageClassificationMetadata: type: object + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageClassificationMetadata properties: - score: - description: Output only. Fulfillment score. - readOnly: true - type: number - format: float - explanation: - description: Output only. Explanation for fulfillment score. - readOnly: true + successfulStopReason: + description: >- + For successful job completions, this is the reason why the job has + finished. + enumDescriptions: + - Should not be set. + - The inputs.budgetMilliNodeHours had been reached. + - >- + Further training of the Model ceased to increase its quality, + since it already has converged. type: string - confidence: - description: Output only. Confidence for fulfillment score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1SummarizationQualityResult: - id: GoogleCloudAiplatformV1SummarizationQualityResult - description: Spec for summarization quality result. - type: object + enum: + - SUCCESSFUL_STOP_REASON_UNSPECIFIED + - BUDGET_REACHED + - MODEL_CONVERGED + costMilliNodeHours: + format: int64 + description: >- + The actual training cost of creating this model, expressed in milli + node hours, i.e. 1,000 value in this field means 1 node hour. + Guaranteed to not exceed inputs.budgetMilliNodeHours. + type: string + GoogleCloudAiplatformV1AugmentPromptRequestModel: + id: GoogleCloudAiplatformV1AugmentPromptRequestModel properties: - score: - description: Output only. Summarization Quality score. - readOnly: true - type: number - format: float - explanation: - description: Output only. Explanation for summarization quality score. - readOnly: true + model: + description: >- + Optional. The model that the user will send the augmented prompt for + content generation. type: string - confidence: - description: Output only. Confidence for summarization quality score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1PairwiseSummarizationQualityResult: - id: GoogleCloudAiplatformV1PairwiseSummarizationQualityResult - description: Spec for pairwise summarization quality result. + modelVersion: + type: string + description: Optional. The model version of the backend deployed model. + type: object + description: Metadata of the backend deployed model. + GoogleCloudAiplatformV1CitationMetadata: + id: GoogleCloudAiplatformV1CitationMetadata + description: A collection of citations that apply to a piece of generated content. type: object properties: - pairwiseChoice: - description: Output only. Pairwise summarization prediction choice. - readOnly: true - type: string - enumDescriptions: - - Unspecified prediction choice. - - Baseline prediction wins - - Candidate prediction wins - - Winner cannot be determined - enum: - - PAIRWISE_CHOICE_UNSPECIFIED - - BASELINE - - CANDIDATE - - TIE - explanation: - description: Output only. Explanation for summarization quality score. - readOnly: true - type: string - confidence: - description: Output only. Confidence for summarization quality score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1SummarizationHelpfulnessResult: - id: GoogleCloudAiplatformV1SummarizationHelpfulnessResult - description: Spec for summarization helpfulness result. - type: object - properties: - score: - description: Output only. Summarization Helpfulness score. - readOnly: true - type: number - format: float - explanation: - description: Output only. Explanation for summarization helpfulness score. - readOnly: true - type: string - confidence: - description: Output only. Confidence for summarization helpfulness score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1SummarizationVerbosityResult: - id: GoogleCloudAiplatformV1SummarizationVerbosityResult - description: Spec for summarization verbosity result. - type: object - properties: - score: - description: Output only. Summarization Verbosity score. - readOnly: true - type: number - format: float - explanation: - description: Output only. Explanation for summarization verbosity score. - readOnly: true - type: string - confidence: - description: Output only. Confidence for summarization verbosity score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1QuestionAnsweringQualityResult: - id: GoogleCloudAiplatformV1QuestionAnsweringQualityResult - description: Spec for question answering quality result. - type: object - properties: - score: - description: Output only. Question Answering Quality score. - readOnly: true - type: number - format: float - explanation: - description: Output only. Explanation for question answering quality score. - readOnly: true - type: string - confidence: - description: Output only. Confidence for question answering quality score. + citations: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Citation' readOnly: true - type: number - format: float - GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityResult: - id: GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityResult - description: Spec for pairwise question answering quality result. + description: Output only. A list of citations for the content. + type: array + GoogleCloudAiplatformV1OutputFieldSpec: type: object + description: Defines a specification for a single output field. + id: GoogleCloudAiplatformV1OutputFieldSpec properties: - pairwiseChoice: - description: Output only. Pairwise question answering prediction choice. - readOnly: true - type: string - enumDescriptions: - - Unspecified prediction choice. - - Baseline prediction wins - - Candidate prediction wins - - Winner cannot be determined + fieldType: enum: - - PAIRWISE_CHOICE_UNSPECIFIED - - BASELINE - - CANDIDATE - - TIE - explanation: - description: Output only. Explanation for question answering quality score. - readOnly: true + - FIELD_TYPE_UNSPECIFIED + - CONTENT + - TEXT + - IMAGE + - AUDIO + description: >- + Optional. The data type of the field. Defaults to CONTENT if not + set. + enumDescriptions: + - Field type is unspecified. + - Arbitrary content field type. + - Text field type. + - Image field type. + - Audio field type. type: string - confidence: - description: Output only. Confidence for question answering quality score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1QuestionAnsweringRelevanceResult: - id: GoogleCloudAiplatformV1QuestionAnsweringRelevanceResult - description: Spec for question answering relevance result. - type: object - properties: - score: - description: Output only. Question Answering Relevance score. - readOnly: true - type: number - format: float - explanation: - description: Output only. Explanation for question answering relevance score. - readOnly: true + guidance: type: string - confidence: - description: Output only. Confidence for question answering relevance score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessResult: - id: GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessResult - description: Spec for question answering helpfulness result. - type: object - properties: - score: - description: Output only. Question Answering Helpfulness score. - readOnly: true - type: number - format: float - explanation: - description: Output only. Explanation for question answering helpfulness score. - readOnly: true + description: >- + Optional. Optional, but recommended. Additional guidance specific to + this field to provide targeted instructions for the LLM to generate + the content of a single output field. While the LLM can sometimes + infer content from the field name, providing explicit guidance is + preferred. + fieldName: + description: Required. The name of the output field. type: string - confidence: - description: Output only. Confidence for question answering helpfulness score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1QuestionAnsweringCorrectnessResult: - id: GoogleCloudAiplatformV1QuestionAnsweringCorrectnessResult - description: Spec for question answering correctness result. - type: object + GoogleCloudAiplatformV1ErrorAnalysisAnnotation: + description: Model error analysis for each annotation. + id: GoogleCloudAiplatformV1ErrorAnalysisAnnotation properties: - score: - description: Output only. Question Answering Correctness score. - readOnly: true - type: number - format: float - explanation: - description: Output only. Explanation for question answering correctness score. - readOnly: true + queryType: + enum: + - QUERY_TYPE_UNSPECIFIED + - ALL_SIMILAR + - SAME_CLASS_SIMILAR + - SAME_CLASS_DISSIMILAR + description: The query type used for finding the attributed items. + enumDescriptions: + - Unspecified query type for model error analysis. + - Query similar samples across all classes in the dataset. + - Query similar samples from the same class of the input sample. + - Query dissimilar samples from the same class of the input sample. type: string - confidence: - description: Output only. Confidence for question answering correctness score. - readOnly: true + outlierThreshold: type: number - format: float - GoogleCloudAiplatformV1PointwiseMetricResult: - id: GoogleCloudAiplatformV1PointwiseMetricResult - description: Spec for pointwise metric result. - type: object - properties: - score: - description: Output only. Pointwise metric score. - readOnly: true + format: double + description: >- + The threshold used to determine if this annotation is an outlier or + not. + outlierScore: + format: double type: number - format: float - explanation: - description: Output only. Explanation for pointwise metric score. - readOnly: true - type: string - customOutput: - description: Output only. Spec for custom output. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomOutput' - GoogleCloudAiplatformV1CustomOutput: - id: GoogleCloudAiplatformV1CustomOutput - description: Spec for custom output. - type: object - properties: - rawOutputs: - description: Output only. List of raw output strings. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1RawOutput' - GoogleCloudAiplatformV1RawOutput: - id: GoogleCloudAiplatformV1RawOutput - description: Raw output. - type: object - properties: - rawOutput: - description: Output only. Raw output string. - readOnly: true - type: array - items: - type: string - GoogleCloudAiplatformV1PairwiseMetricResult: - id: GoogleCloudAiplatformV1PairwiseMetricResult - description: Spec for pairwise metric result. - type: object - properties: - pairwiseChoice: - description: Output only. Pairwise metric choice. - readOnly: true - type: string - enumDescriptions: - - Unspecified prediction choice. - - Baseline prediction wins - - Candidate prediction wins - - Winner cannot be determined - enum: - - PAIRWISE_CHOICE_UNSPECIFIED - - BASELINE - - CANDIDATE - - TIE - explanation: - description: Output only. Explanation for pairwise metric score. - readOnly: true - type: string - customOutput: - description: Output only. Spec for custom output. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomOutput' - GoogleCloudAiplatformV1ToolCallValidResults: - id: GoogleCloudAiplatformV1ToolCallValidResults - description: Results for tool call valid metric. - type: object - properties: - toolCallValidMetricValues: - description: Output only. Tool call valid metric values. - readOnly: true - type: array + description: >- + The outlier score of this annotated item. Usually defined as the min + of all distances from attributed items. + attributedItems: items: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ToolCallValidMetricValue - GoogleCloudAiplatformV1ToolCallValidMetricValue: - id: GoogleCloudAiplatformV1ToolCallValidMetricValue - description: Tool call valid metric value for an instance. - type: object - properties: - score: - description: Output only. Tool call valid score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1ToolNameMatchResults: - id: GoogleCloudAiplatformV1ToolNameMatchResults - description: Results for tool name match metric. - type: object - properties: - toolNameMatchMetricValues: - description: Output only. Tool name match metric values. - readOnly: true + #/components/schemas/GoogleCloudAiplatformV1ErrorAnalysisAnnotationAttributedItem type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ToolNameMatchMetricValue - GoogleCloudAiplatformV1ToolNameMatchMetricValue: - id: GoogleCloudAiplatformV1ToolNameMatchMetricValue - description: Tool name match metric value for an instance. + description: >- + Attributed items for a given annotation, typically representing + neighbors from the training sets constrained by the query type. + type: object + GoogleCloudAiplatformV1UpdateModelDeploymentMonitoringJobOperationMetadata: type: object + id: >- + GoogleCloudAiplatformV1UpdateModelDeploymentMonitoringJobOperationMetadata properties: - score: - description: Output only. Tool name match score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1ToolParameterKeyMatchResults: - id: GoogleCloudAiplatformV1ToolParameterKeyMatchResults - description: Results for tool parameter key match metric. + genericMetadata: + description: The operation generic information. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: >- + Runtime operation information for + JobService.UpdateModelDeploymentMonitoringJob. + GoogleCloudAiplatformV1GenerateMemoriesRequestDirectContentsSource: + description: Defines a direct source of content from which to generate the memories. type: object + id: GoogleCloudAiplatformV1GenerateMemoriesRequestDirectContentsSource properties: - toolParameterKeyMatchMetricValues: - description: Output only. Tool parameter key match metric values. - readOnly: true + events: type: array + description: >- + Required. The source content (i.e. chat history) to generate + memories from. items: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ToolParameterKeyMatchMetricValue - GoogleCloudAiplatformV1ToolParameterKeyMatchMetricValue: - id: GoogleCloudAiplatformV1ToolParameterKeyMatchMetricValue - description: Tool parameter key match metric value for an instance. - type: object + #/components/schemas/GoogleCloudAiplatformV1GenerateMemoriesRequestDirectContentsSourceEvent + GoogleCloudAiplatformV1CheckTrialEarlyStoppingStateResponse: properties: - score: - description: Output only. Tool parameter key match score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1ToolParameterKVMatchResults: - id: GoogleCloudAiplatformV1ToolParameterKVMatchResults - description: Results for tool parameter key value match metric. + shouldStop: + description: True if the Trial should stop. + type: boolean + id: GoogleCloudAiplatformV1CheckTrialEarlyStoppingStateResponse + description: Response message for VizierService.CheckTrialEarlyStoppingState. type: object - properties: - toolParameterKvMatchMetricValues: - description: Output only. Tool parameter key value match metric values. - readOnly: true - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ToolParameterKVMatchMetricValue - GoogleCloudAiplatformV1ToolParameterKVMatchMetricValue: - id: GoogleCloudAiplatformV1ToolParameterKVMatchMetricValue - description: Tool parameter key value match metric value for an instance. + GoogleCloudAiplatformV1MetadataStoreDataplexConfig: type: object + description: Represents Dataplex integration settings. + id: GoogleCloudAiplatformV1MetadataStoreDataplexConfig properties: - score: - description: Output only. Tool parameter key value match score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1CometResult: - id: GoogleCloudAiplatformV1CometResult - description: >- - Spec for Comet result - calculates the comet score for the given - instance using the version specified in the spec. - type: object + enabledPipelinesLineage: + description: >- + Optional. Whether or not Data Lineage synchronization is enabled for + Vertex Pipelines. + type: boolean + GoogleCloudAiplatformV1ResumeScheduleRequest: + description: Request message for ScheduleService.ResumeSchedule. + id: GoogleCloudAiplatformV1ResumeScheduleRequest properties: - score: - description: Output only. Comet score. Range depends on version. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1MetricxResult: - id: GoogleCloudAiplatformV1MetricxResult + catchUp: + description: >- + Optional. Whether to backfill missed runs when the schedule is + resumed from PAUSED state. If set to true, all missed runs will be + scheduled. New runs will be scheduled after the backfill is + complete. This will also update Schedule.catch_up field. Default to + false. + type: boolean + type: object + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoObjectTracking: description: >- - Spec for MetricX result - calculates the MetricX score for the given - instance using the version specified in the spec. + A TrainingJob that trains and uploads an AutoML Video ObjectTracking + Model. + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoObjectTracking type: object properties: - score: - description: Output only. MetricX score. Range depends on version. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1TrajectoryExactMatchResults: - id: GoogleCloudAiplatformV1TrajectoryExactMatchResults - description: Results for TrajectoryExactMatch metric. - type: object + inputs: + description: The input parameters of this TrainingJob. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoObjectTrackingInputs + GoogleCloudAiplatformV1NearestNeighborQuery: properties: - trajectoryExactMatchMetricValues: - description: Output only. TrajectoryExactMatch metric values. - readOnly: true - type: array + perCrowdingAttributeNeighborCount: + description: >- + Optional. Crowding is a constraint on a neighbor list produced by + nearest neighbor search requiring that no more than + sper_crowding_attribute_neighbor_count of the k neighbors returned + have the same value of crowding_attribute. It's used for improving + result diversity. + type: integer + format: int32 + neighborCount: + type: integer + description: >- + Optional. The number of similar entities to be retrieved from + feature view for each query. + format: int32 + numericFilters: items: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryExactMatchMetricValue - GoogleCloudAiplatformV1TrajectoryExactMatchMetricValue: - id: GoogleCloudAiplatformV1TrajectoryExactMatchMetricValue - description: TrajectoryExactMatch metric value for an instance. - type: object - properties: - score: - description: Output only. TrajectoryExactMatch score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1TrajectoryInOrderMatchResults: - id: GoogleCloudAiplatformV1TrajectoryInOrderMatchResults - description: Results for TrajectoryInOrderMatch metric. - type: object - properties: - trajectoryInOrderMatchMetricValues: - description: Output only. TrajectoryInOrderMatch metric values. - readOnly: true + #/components/schemas/GoogleCloudAiplatformV1NearestNeighborQueryNumericFilter type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryInOrderMatchMetricValue - GoogleCloudAiplatformV1TrajectoryInOrderMatchMetricValue: - id: GoogleCloudAiplatformV1TrajectoryInOrderMatchMetricValue - description: TrajectoryInOrderMatch metric value for an instance. - type: object - properties: - score: - description: Output only. TrajectoryInOrderMatch score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1TrajectoryAnyOrderMatchResults: - id: GoogleCloudAiplatformV1TrajectoryAnyOrderMatchResults - description: Results for TrajectoryAnyOrderMatch metric. - type: object - properties: - trajectoryAnyOrderMatchMetricValues: - description: Output only. TrajectoryAnyOrderMatch metric values. - readOnly: true + description: Optional. The list of numeric filters. + parameters: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NearestNeighborQueryParameters + description: Optional. Parameters that can be set to tune query on the fly. + entityId: + description: >- + Optional. The entity id whose similar entities should be searched + for. If embedding is set, search will use embedding instead of + entity_id. + type: string + stringFilters: type: array items: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryAnyOrderMatchMetricValue - GoogleCloudAiplatformV1TrajectoryAnyOrderMatchMetricValue: - id: GoogleCloudAiplatformV1TrajectoryAnyOrderMatchMetricValue - description: TrajectoryAnyOrderMatch metric value for an instance. + #/components/schemas/GoogleCloudAiplatformV1NearestNeighborQueryStringFilter + description: Optional. The list of string filters. + embedding: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NearestNeighborQueryEmbedding + description: Optional. The embedding vector that be used for similar search. type: object - properties: - score: - description: Output only. TrajectoryAnyOrderMatch score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1TrajectoryPrecisionResults: - id: GoogleCloudAiplatformV1TrajectoryPrecisionResults - description: Results for TrajectoryPrecision metric. + id: GoogleCloudAiplatformV1NearestNeighborQuery + description: A query to find a number of similar entities. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextExtractionInputs: + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextExtractionInputs type: object + properties: {} + GoogleCloudAiplatformV1SchemaTextPromptDatasetMetadata: + type: object + id: GoogleCloudAiplatformV1SchemaTextPromptDatasetMetadata properties: - trajectoryPrecisionMetricValues: - description: Output only. TrajectoryPrecision metric values. - readOnly: true - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryPrecisionMetricValue - GoogleCloudAiplatformV1TrajectoryPrecisionMetricValue: - id: GoogleCloudAiplatformV1TrajectoryPrecisionMetricValue - description: TrajectoryPrecision metric value for an instance. - type: object - properties: - score: - description: Output only. TrajectoryPrecision score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1TrajectoryRecallResults: - id: GoogleCloudAiplatformV1TrajectoryRecallResults - description: Results for TrajectoryRecall metric. - type: object - properties: - trajectoryRecallMetricValues: - description: Output only. TrajectoryRecall metric values. - readOnly: true - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectoryRecallMetricValue - GoogleCloudAiplatformV1TrajectoryRecallMetricValue: - id: GoogleCloudAiplatformV1TrajectoryRecallMetricValue - description: TrajectoryRecall metric value for an instance. - type: object - properties: - score: - description: Output only. TrajectoryRecall score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1TrajectorySingleToolUseResults: - id: GoogleCloudAiplatformV1TrajectorySingleToolUseResults - description: Results for TrajectorySingleToolUse metric. - type: object - properties: - trajectorySingleToolUseMetricValues: - description: Output only. TrajectorySingleToolUse metric values. - readOnly: true - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TrajectorySingleToolUseMetricValue - GoogleCloudAiplatformV1TrajectorySingleToolUseMetricValue: - id: GoogleCloudAiplatformV1TrajectorySingleToolUseMetricValue - description: TrajectorySingleToolUse metric value for an instance. - type: object - properties: - score: - description: Output only. TrajectorySingleToolUse score. - readOnly: true - type: number - format: float - GoogleCloudAiplatformV1RubricBasedInstructionFollowingResult: - id: GoogleCloudAiplatformV1RubricBasedInstructionFollowingResult - description: Result for RubricBasedInstructionFollowing metric. - type: object - properties: - score: - description: Output only. Overall score for the instruction following. - readOnly: true - type: number - format: float - rubricCritiqueResults: - description: Output only. List of per rubric critique results. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1RubricCritiqueResult' - GoogleCloudAiplatformV1RubricCritiqueResult: - id: GoogleCloudAiplatformV1RubricCritiqueResult - description: Rubric critique result. - type: object - properties: - rubric: - description: Output only. Rubric to be evaluated. - readOnly: true + maxOutputTokens: type: string - verdict: description: >- - Output only. Verdict for the rubric - true if the rubric is met, - false otherwise. - readOnly: true + Value of the maximum number of tokens generated set when the dataset + was saved. + format: int64 + logprobs: type: boolean - GoogleCloudAiplatformV1MetricResult: - id: GoogleCloudAiplatformV1MetricResult - description: Result for a single metric on a single instance. - type: object - properties: - score: description: >- - The score for the metric. Please refer to each metric's - documentation for the meaning of the score. + Whether or not the user has enabled logit probabilities in the model + parameters. + text: + description: The content of the prompt dataset. + type: string + seedValue: + type: string + format: int64 + description: The actual value of the seed. + temperature: + description: >- + Temperature value used for sampling set when the dataset was saved. + This value is used to tune the degree of randomness. type: number format: float - rubricVerdicts: - description: For rubric-based metrics, the verdicts for each rubric. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1RubricVerdict' - explanation: - description: The explanation for the metric result. + seedEnabled: + type: boolean + description: >- + Seeding enables model to return a deterministic response on a best + effort basis. Determinism isn't guaranteed. This field determines + whether or not seeding is enabled. + gcsUri: type: string - GoogleCloudAiplatformV1RubricVerdict: - id: GoogleCloudAiplatformV1RubricVerdict - description: Represents the verdict of an evaluation against a single rubric. - type: object - properties: - evaluatedRubric: + description: The Google Cloud Storage URI that stores the prompt data. + topP: description: >- - Required. The full rubric definition that was evaluated. Storing - this ensures the verdict is self-contained and understandable, - especially if the original rubric definition changes or was - dynamically generated. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Rubric' - verdict: + Top P value set when the dataset was saved. Given topK tokens for + decoding, top candidates will be selected until the sum of their + probabilities is topP. + format: float + type: number + systemInstruction: + type: string + description: The content of the prompt dataset system instruction. + promptApiSchema: + description: The API schema of the prompt to support both UI and SDK usages. + $ref: '#/components/schemas/GoogleCloudAiplatformV1SchemaPromptApiSchema' + promptType: + description: Type of the prompt dataset. + type: string + systemInstructionGcsUri: description: >- - Required. Outcome of the evaluation against the rubric, represented - as a boolean. `true` indicates a "Pass", `false` indicates a "Fail". - type: boolean - reasoning: + The Google Cloud Storage URI that stores the system instruction, + starting with gs://. + type: string + stopSequences: + description: Customized stop sequences. + items: + type: string + type: array + topK: + type: string description: >- - Optional. Human-readable reasoning or explanation for the verdict. - This can include specific examples or details from the evaluated - content that justify the given verdict. + Top K value set when the dataset was saved. This value determines + how many candidates with highest probability from the vocab would be + selected for each decoding step. + format: int64 + candidateCount: + description: Number of candidates. type: string - GoogleCloudAiplatformV1EvaluateDatasetRequest: - id: GoogleCloudAiplatformV1EvaluateDatasetRequest - description: Request message for EvaluationService.EvaluateDataset. - type: object + format: int64 + groundingConfig: + description: Grounding checking configuration. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPredictParamsGroundingConfig + hasPromptVariable: + type: boolean + description: Whether the prompt dataset has prompt variable. + note: + description: User-created prompt note. Note size limit is 2KB. + type: string + description: The metadata of Datasets that contain Text Prompt data. + GoogleCloudAiplatformV1SearchDataItemsResponse: + id: GoogleCloudAiplatformV1SearchDataItemsResponse properties: - dataset: - description: Required. The dataset used for evaluation. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationDataset' - metrics: - description: Required. The metrics used for evaluation. + dataItemViews: + description: The DataItemViews read. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Metric' - outputConfig: - description: Required. Config for evaluation output. - $ref: '#/components/schemas/GoogleCloudAiplatformV1OutputConfig' - autoraterConfig: - description: >- - Optional. Autorater config used for evaluation. Currently only - publisher Gemini models are supported. Format: - `projects/{PROJECT}/locations/{LOCATION}/publishers/google/models/{MODEL}.` - $ref: '#/components/schemas/GoogleCloudAiplatformV1AutoraterConfig' - GoogleCloudAiplatformV1EvaluationDataset: - id: GoogleCloudAiplatformV1EvaluationDataset - description: The dataset used for evaluation. - type: object - properties: - gcsSource: - description: >- - Cloud storage source holds the dataset. Currently only one Cloud - Storage file path is supported. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' - bigquerySource: - description: BigQuery source holds the dataset. - $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQuerySource' - GoogleCloudAiplatformV1BigQuerySource: - id: GoogleCloudAiplatformV1BigQuerySource - description: The BigQuery location for the input content. - type: object - properties: - inputUri: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DataItemView' + nextPageToken: description: >- - Required. BigQuery URI to a table, up to 2000 characters long. - Accepted forms: * BigQuery path. For example: - `bq://projectId.bqDatasetId.bqTableId`. + A token to retrieve next page of results. Pass to + SearchDataItemsRequest.page_token to obtain that page. type: string - GoogleCloudAiplatformV1OutputConfig: - id: GoogleCloudAiplatformV1OutputConfig - description: Config for evaluation output. + description: Response message for DatasetService.SearchDataItems. type: object + GoogleCloudAiplatformV1TrajectorySingleToolUseInput: + id: GoogleCloudAiplatformV1TrajectorySingleToolUseInput properties: - gcsDestination: - description: Cloud storage destination for evaluation output. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' - GoogleCloudAiplatformV1GenerateInstanceRubricsRequest: - id: GoogleCloudAiplatformV1GenerateInstanceRubricsRequest - description: Request message for EvaluationService.GenerateInstanceRubrics. + metricSpec: + description: Required. Spec for TrajectorySingleToolUse metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectorySingleToolUseSpec + instances: + description: Required. Repeated TrajectorySingleToolUse instance. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectorySingleToolUseInstance + type: array type: object + description: Instances and metric spec for TrajectorySingleToolUse metric. + GoogleCloudAiplatformV1WorkerPoolSpec: + description: Represents the spec of a worker pool in a job. properties: - contents: - description: >- - Required. The prompt to generate rubrics from. For single-turn - queries, this is a single instance. For multi-turn queries, this is - a repeated field that contains conversation history + latest - request. + lustreMounts: + description: Optional. List of Lustre mounts. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1LustreMount' type: array + containerSpec: + description: The custom container task. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ContainerSpec' + pythonPackageSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PythonPackageSpec' + description: The Python packaged task. + replicaCount: + description: Optional. The number of worker replicas to use for this worker pool. + type: string + format: int64 + diskSpec: + description: Disk spec. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DiskSpec' + machineSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1MachineSpec' + description: Optional. Immutable. The specification of a single machine. + nfsMounts: + description: Optional. List of NFS mount spec. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - predefinedRubricGenerationSpec: - description: >- - Optional. Specification for using the rubric generation configs of a - pre-defined metric, e.g. "generic_quality_v1" and - "instruction_following_v1". Some of the configs may be only used in - rubric generation and not supporting evaluation, e.g. - "fully_customized_generic_quality_v1". If this field is set, the - `rubric_generation_spec` field will be ignored. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PredefinedMetricSpec' - rubricGenerationSpec: - description: Optional. Specification for how the rubrics should be generated. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RubricGenerationSpec' - GoogleCloudAiplatformV1RubricGenerationSpec: - id: GoogleCloudAiplatformV1RubricGenerationSpec - description: Specification for how rubrics should be generated. + $ref: '#/components/schemas/GoogleCloudAiplatformV1NfsMount' + type: array + id: GoogleCloudAiplatformV1WorkerPoolSpec type: object + GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadataRecordError: properties: - promptTemplate: - description: >- - Template for the prompt used to generate rubrics. The details should - be updated based on the most-recent recipe requirements. - type: string - modelConfig: - description: >- - Configuration for the model used in rubric generation. Configs - including sampling count and base model can be specified here. - Flipping is not supported for rubric generation. - $ref: '#/components/schemas/GoogleCloudAiplatformV1AutoraterConfig' - rubricContentType: - description: The type of rubric content to be generated. - type: string + errorType: enumDescriptions: - - The content type to generate is not specified. - - Generate rubrics based on properties. - - Generate rubrics in an NL question answer format. - - Generate rubrics in a unit test format. + - Default, shall not be used. + - The record is empty. + - Invalid json format. + - Invalid csv format. + - Invalid avro format. + - The embedding id is not valid. + - >- + The size of the dense embedding vectors does not match with the + specified dimension. + - The `namespace` field is missing. + - >- + Generic catch-all error. Only used for validation failure where + the root cause cannot be easily retrieved programmatically. + - There are multiple restricts with the same `namespace` value. + - Numeric restrict has operator specified in datapoint. + - Numeric restrict has multiple values specified. + - Numeric restrict has invalid numeric value specified. + - File is not in UTF_8 format. + - Error parsing sparse dimensions field. + - Token restrict value is invalid. + - Invalid sparse embedding. + - Invalid dense embedding. + - Invalid embedding metadata. + - Embedding metadata exceeds size limit. + type: string + description: The error type of this record. enum: - - RUBRIC_CONTENT_TYPE_UNSPECIFIED - - PROPERTY - - NL_QUESTION_ANSWER - - PYTHON_CODE_ASSERTION - rubricTypeOntology: + - ERROR_TYPE_UNSPECIFIED + - EMPTY_LINE + - INVALID_JSON_SYNTAX + - INVALID_CSV_SYNTAX + - INVALID_AVRO_SYNTAX + - INVALID_EMBEDDING_ID + - EMBEDDING_SIZE_MISMATCH + - NAMESPACE_MISSING + - PARSING_ERROR + - DUPLICATE_NAMESPACE + - OP_IN_DATAPOINT + - MULTIPLE_VALUES + - INVALID_NUMERIC_VALUE + - INVALID_ENCODING + - INVALID_SPARSE_DIMENSIONS + - INVALID_TOKEN_VALUE + - INVALID_SPARSE_EMBEDDING + - INVALID_EMBEDDING + - INVALID_EMBEDDING_METADATA + - EMBEDDING_METADATA_EXCEEDS_SIZE_LIMIT + embeddingId: + type: string + description: Empty if the embedding id is failed to parse. + rawRecord: + type: string + description: The original content of this record. + sourceGcsUri: + type: string + description: Cloud Storage URI pointing to the original file in user's bucket. + errorMessage: + type: string description: >- - Optional. An optional, pre-defined list of allowed types for - generated rubrics. If this field is provided, it implies - `include_rubric_type` should be true, and the generated rubric types - should be chosen from this ontology. - type: array - items: - type: string - GoogleCloudAiplatformV1GenerateInstanceRubricsResponse: - id: GoogleCloudAiplatformV1GenerateInstanceRubricsResponse - description: Response message for EvaluationService.GenerateInstanceRubrics. - type: object - properties: - generatedRubrics: - description: Output only. A list of generated rubrics. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Rubric' - GoogleCloudAiplatformV1ReadFeatureValuesRequest: - id: GoogleCloudAiplatformV1ReadFeatureValuesRequest - description: Request message for FeaturestoreOnlineServingService.ReadFeatureValues. + A human-readable message that is shown to the user to help them fix + the error. Note that this message may change from time to time, your + code should check against error_type as the source of truth. type: object + id: GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadataRecordError + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationTextTransformation: properties: - entityId: - description: >- - Required. ID for a specific entity. For example, for a machine - learning model predicting user clicks on a website, an entity ID - could be `user_123`. + columnName: type: string - featureSelector: - description: Required. Selector choosing Features of the target EntityType. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureSelector' - GoogleCloudAiplatformV1FeatureSelector: - id: GoogleCloudAiplatformV1FeatureSelector - description: Selector for Features of an EntityType. + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationTextTransformation type: object - properties: - idMatcher: - description: Required. Matches Features based on ID. - $ref: '#/components/schemas/GoogleCloudAiplatformV1IdMatcher' - GoogleCloudAiplatformV1IdMatcher: - id: GoogleCloudAiplatformV1IdMatcher - description: Matcher for Features of an EntityType by Feature ID. + description: >- + Training pipeline will perform following transformation functions. * The + text as is--no change to case, punctuation, spelling, tense, and so on. + * Convert the category name to a dictionary lookup index and generate an + embedding for each index. + GoogleCloudAiplatformV1StudyTimeConstraint: type: object + description: Time-based Constraint for Study + id: GoogleCloudAiplatformV1StudyTimeConstraint properties: - ids: + maxDuration: + type: string + description: Counts the wallclock time passed since the creation of this Study. + format: google-duration + endTime: + description: Compares the wallclock time to this time. Must use UTC timezone. + type: string + format: google-datetime + GoogleCloudAiplatformV1BatchMigrateResourcesRequest: + properties: + migrateResourceRequests: description: >- - Required. The following are accepted as `ids`: * A single-element - list containing only `*`, which selects all Features in the target - EntityType, or * A list containing only Feature IDs, which selects - only Features with those IDs in the target EntityType. + Required. The request messages specifying the resources to migrate. + They must be in the same location as the destination. Up to 50 + resources can be migrated in one batch. type: array items: - type: string - GoogleCloudAiplatformV1ReadFeatureValuesResponse: - id: GoogleCloudAiplatformV1ReadFeatureValuesResponse - description: Response message for FeaturestoreOnlineServingService.ReadFeatureValues. + $ref: '#/components/schemas/GoogleCloudAiplatformV1MigrateResourceRequest' + id: GoogleCloudAiplatformV1BatchMigrateResourcesRequest + type: object + description: Request message for MigrationService.BatchMigrateResources. + GoogleCloudAiplatformV1NotebookExecutionJobWorkbenchRuntime: + properties: {} + type: object + description: Configuration for a Workbench Instances-based environment. + id: GoogleCloudAiplatformV1NotebookExecutionJobWorkbenchRuntime + GoogleCloudAiplatformV1BatchCreateTensorboardRunsRequest: + id: GoogleCloudAiplatformV1BatchCreateTensorboardRunsRequest + description: Request message for TensorboardService.BatchCreateTensorboardRuns. type: object properties: - header: - description: Response header. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ReadFeatureValuesResponseHeader - entityView: + requests: description: >- - Entity view with Feature values. This may be the entity in the - Featurestore if values for all Features were requested, or a - projection of the entity in the Featurestore if values for only some - Features were requested. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ReadFeatureValuesResponseEntityView - GoogleCloudAiplatformV1ReadFeatureValuesResponseHeader: - id: GoogleCloudAiplatformV1ReadFeatureValuesResponseHeader + Required. The request message specifying the TensorboardRuns to + create. A maximum of 1000 TensorboardRuns can be created in a batch. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CreateTensorboardRunRequest + type: array + GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaseline: description: >- - Response header with metadata for the requested - ReadFeatureValuesRequest.entity_type and Features. + Output from BatchPredictionJob for Model Monitoring baseline dataset, + which can be used to generate baseline attribution scores. type: object properties: - entityType: - description: >- - The resource name of the EntityType from the - ReadFeatureValuesRequest. Value format: - `projects/{project}/locations/{location}/featurestores/{featurestore}/entityTypes/{entityType}`. + bigquery: + $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQueryDestination' + description: BigQuery location for BatchExplain output. + predictionFormat: type: string - featureDescriptors: - description: >- - List of Feature metadata corresponding to each piece of - ReadFeatureValuesResponse.EntityView.data. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ReadFeatureValuesResponseFeatureDescriptor - GoogleCloudAiplatformV1ReadFeatureValuesResponseFeatureDescriptor: - id: GoogleCloudAiplatformV1ReadFeatureValuesResponseFeatureDescriptor - description: Metadata for requested Features. - type: object + enumDescriptions: + - Should not be set. + - Predictions are in JSONL files. + - Predictions are in BigQuery. + enum: + - PREDICTION_FORMAT_UNSPECIFIED + - JSONL + - BIGQUERY + description: The storage format of the predictions generated BatchPrediction job. + gcs: + description: Cloud Storage location for BatchExplain output. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' + id: >- + GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaseline + GoogleCloudAiplatformV1Feature: properties: - id: - description: Feature ID. + valueType: type: string - GoogleCloudAiplatformV1ReadFeatureValuesResponseEntityView: - id: GoogleCloudAiplatformV1ReadFeatureValuesResponseEntityView - description: Entity view with Feature values. - type: object - properties: - entityId: - description: ID of the requested entity. + enum: + - VALUE_TYPE_UNSPECIFIED + - BOOL + - BOOL_ARRAY + - DOUBLE + - DOUBLE_ARRAY + - INT64 + - INT64_ARRAY + - STRING + - STRING_ARRAY + - BYTES + - STRUCT + description: >- + Immutable. Only applicable for Vertex AI Feature Store (Legacy). + Type of Feature value. + enumDescriptions: + - The value type is unspecified. + - Used for Feature that is a boolean. + - Used for Feature that is a list of boolean. + - Used for Feature that is double. + - Used for Feature that is a list of double. + - Used for Feature that is INT64. + - Used for Feature that is a list of INT64. + - Used for Feature that is string. + - Used for Feature that is a list of String. + - Used for Feature that is bytes. + - Used for Feature that is struct. + pointOfContact: + description: >- + Entity responsible for maintaining this feature. Can be comma + separated list of email addresses or URIs. + type: string + description: + description: Description of the Feature. + type: string + name: type: string - data: description: >- - Each piece of data holds the k requested values for one requested - Feature. If no values for the requested Feature exist, the - corresponding cell will be empty. This has the same size and is in - the same order as the features from the header - ReadFeatureValuesResponse.header. - type: array + Immutable. Name of the Feature. Format: + `projects/{project}/locations/{location}/featurestores/{featurestore}/entityTypes/{entity_type}/features/{feature}` + `projects/{project}/locations/{location}/featureGroups/{feature_group}/features/{feature}` + The last part feature is assigned by the client. The feature can be + up to 64 characters long and can consist only of ASCII Latin letters + A-Z and a-z, underscore(_), and ASCII digits 0-9 starting with a + letter. The value will be unique given an entity type. + updateTime: + type: string + description: >- + Output only. Only applicable for Vertex AI Feature Store (Legacy). + Timestamp when this EntityType was most recently updated. + readOnly: true + format: google-datetime + versionColumnName: + type: string + description: >- + Only applicable for Vertex AI Feature Store. The name of the + BigQuery Table/View column hosting data for this version. If no + value is provided, will use feature_id. + disableMonitoring: + description: >- + Optional. Only applicable for Vertex AI Feature Store (Legacy). If + not set, use the monitoring_config defined for the EntityType this + Feature belongs to. Only Features with type (Feature.ValueType) + BOOL, STRING, DOUBLE or INT64 can enable monitoring. If set to true, + all types of data monitoring are disabled despite the config on + EntityType. + type: boolean + etag: + description: >- + Used to perform a consistent read-modify-write updates. If not set, + a blind "overwrite" update happens. + type: string + createTime: + readOnly: true + type: string + format: google-datetime + description: >- + Output only. Only applicable for Vertex AI Feature Store (Legacy). + Timestamp when this EntityType was created. + monitoringStatsAnomalies: items: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ReadFeatureValuesResponseEntityViewData - GoogleCloudAiplatformV1ReadFeatureValuesResponseEntityViewData: - id: GoogleCloudAiplatformV1ReadFeatureValuesResponseEntityViewData - description: >- - Container to hold value(s), successive in time, for one Feature from the - request. - type: object - properties: - value: - description: Feature value if a single value is requested. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValue' - values: + #/components/schemas/GoogleCloudAiplatformV1FeatureMonitoringStatsAnomaly description: >- - Feature values list if values, successive in time, are requested. If - the requested number of values is greater than the number of - existing Feature values, nonexistent values are omitted instead of - being returned as empty. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValueList' - GoogleCloudAiplatformV1FeatureValue: - id: GoogleCloudAiplatformV1FeatureValue - description: Value for a feature. + Output only. Only applicable for Vertex AI Feature Store (Legacy). + The list of historical stats and anomalies with specified + objectives. + type: array + readOnly: true + labels: + additionalProperties: + type: string + description: >- + Optional. The labels with user-defined metadata to organize your + Features. Label keys and values can be no longer than 64 characters + (Unicode codepoints), can only contain lowercase letters, numeric + characters, underscores and dashes. International characters are + allowed. See https://goo.gl/xmQnxf for more information on and + examples of labels. No more than 64 user labels can be associated + with one Feature (System labels are excluded)." System reserved + label keys are prefixed with "aiplatform.googleapis.com/" and are + immutable. + type: object + id: GoogleCloudAiplatformV1Feature type: object + description: >- + Feature Metadata information. For example, color is a feature that + describes an apple. + GoogleCloudAiplatformV1MigrateResourceRequestMigrateAutomlModelConfig: properties: - boolValue: - description: Bool type feature value. - type: boolean - doubleValue: - description: Double type feature value. - type: number - format: double - int64Value: - description: Int64 feature value. - type: string - format: int64 - stringValue: - description: String feature value. + model: type: string - boolArrayValue: - description: A list of bool type feature value. - $ref: '#/components/schemas/GoogleCloudAiplatformV1BoolArray' - doubleArrayValue: - description: A list of double type feature value. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DoubleArray' - int64ArrayValue: - description: A list of int64 type feature value. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Int64Array' - stringArrayValue: - description: A list of string type feature value. - $ref: '#/components/schemas/GoogleCloudAiplatformV1StringArray' - bytesValue: - description: Bytes feature value. + description: >- + Required. Full resource name of automl Model. Format: + `projects/{project}/locations/{location}/models/{model}`. + modelDisplayName: type: string - format: byte - structValue: - description: A struct type feature value. - $ref: '#/components/schemas/GoogleCloudAiplatformV1StructValue' - metadata: - description: Metadata of feature value. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValueMetadata' - GoogleCloudAiplatformV1BoolArray: - id: GoogleCloudAiplatformV1BoolArray - description: A list of boolean values. - type: object - properties: - values: - description: A list of bool values. - type: array - items: - type: boolean - GoogleCloudAiplatformV1DoubleArray: - id: GoogleCloudAiplatformV1DoubleArray - description: A list of double values. + description: >- + Optional. Display name of the model in Vertex AI. System will pick a + display name if unspecified. + description: >- + Config for migrating Model in automl.googleapis.com to Vertex AI's + Model. type: object - properties: - values: - description: A list of double values. - type: array - items: - type: number - format: double - GoogleCloudAiplatformV1Int64Array: - id: GoogleCloudAiplatformV1Int64Array - description: A list of int64 values. + id: GoogleCloudAiplatformV1MigrateResourceRequestMigrateAutomlModelConfig + GoogleCloudAiplatformV1ReadTensorboardUsageResponsePerMonthUsageData: type: object + id: GoogleCloudAiplatformV1ReadTensorboardUsageResponsePerMonthUsageData properties: - values: - description: A list of int64 values. + userUsageData: type: array items: - type: string - format: int64 - GoogleCloudAiplatformV1StringArray: - id: GoogleCloudAiplatformV1StringArray - description: A list of string values. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReadTensorboardUsageResponsePerUserUsageData + description: Usage data for each user in the given month. + description: Per month usage data + GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoActionRecognitionMetrics: type: object + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoActionRecognitionMetrics properties: - values: - description: A list of string values. - type: array + evaluatedActionCount: + description: The number of ground truth actions used to create this evaluation. + format: int32 + type: integer + videoActionMetrics: + description: 'The metric entries for precision window lengths: 1s,2s,3s.' items: - type: string - GoogleCloudAiplatformV1StructValue: - id: GoogleCloudAiplatformV1StructValue - description: Struct (or object) type feature value. - type: object - properties: - values: - description: A list of field values. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoActionMetrics type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1StructFieldValue' - GoogleCloudAiplatformV1StructFieldValue: - id: GoogleCloudAiplatformV1StructFieldValue - description: One field of a Struct (or object) type feature value. + description: Model evaluation metrics for video action recognition. + GoogleCloudAiplatformV1ToolCall: + id: GoogleCloudAiplatformV1ToolCall + description: Spec for tool call. type: object properties: - name: - description: Name of the field in the struct feature. + toolInput: type: string - value: - description: The value for this field. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValue' - GoogleCloudAiplatformV1FeatureValueMetadata: - id: GoogleCloudAiplatformV1FeatureValueMetadata - description: Metadata of feature value. + description: Optional. Spec for tool input + toolName: + type: string + description: Required. Spec for tool name + GoogleCloudAiplatformV1ExactMatchMetricValue: + properties: + score: + format: float + type: number + readOnly: true + description: Output only. Exact match score. type: object + description: Exact match metric value for an instance. + id: GoogleCloudAiplatformV1ExactMatchMetricValue + GoogleCloudAiplatformV1SampleConfig: + id: GoogleCloudAiplatformV1SampleConfig properties: - generateTime: + followingBatchSamplePercentage: + format: int32 description: >- - Feature generation timestamp. Typically, it is provided by user at - feature ingestion time. If not, feature store will use the system - timestamp when the data is ingested into feature store. Legacy - Feature Store: For streaming ingestion, the time, aligned by days, - must be no older than five years (1825 days) and no later than one - year (366 days) in the future. + The percentage of data needed to be labeled in each following batch + (except the first batch). + type: integer + sampleStrategy: type: string - format: google-datetime - GoogleCloudAiplatformV1FeatureValueList: - id: GoogleCloudAiplatformV1FeatureValueList - description: Container for list of values. + description: >- + Field to choose sampling strategy. Sampling strategy will decide + which data should be selected for human labeling in every batch. + enum: + - SAMPLE_STRATEGY_UNSPECIFIED + - UNCERTAINTY + enumDescriptions: + - Default will be treated as UNCERTAINTY. + - Sample the most uncertain data to label. + initialBatchSamplePercentage: + type: integer + format: int32 + description: The percentage of data needed to be labeled in the first batch. + description: >- + Active learning data sampling config. For every active learning labeling + iteration, it will select a batch of data based on the sampling + strategy. + type: object + GoogleCloudAiplatformV1ListIndexesResponse: type: object + id: GoogleCloudAiplatformV1ListIndexesResponse properties: - values: - description: A list of feature values. All of them should be the same data type. - type: array + nextPageToken: + description: >- + A token to retrieve next page of results. Pass to + ListIndexesRequest.page_token to obtain that page. + type: string + indexes: items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValue' - GoogleCloudAiplatformV1StreamingReadFeatureValuesRequest: - id: GoogleCloudAiplatformV1StreamingReadFeatureValuesRequest + $ref: '#/components/schemas/GoogleCloudAiplatformV1Index' + description: List of indexes in the requested page. + type: array + description: Response message for IndexService.ListIndexes. + GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataInputConfig: description: >- - Request message for - FeaturestoreOnlineServingService.StreamingReadFeatureValues. + The time series Dataset's data source. The Dataset doesn't store the + data directly, but only pointer(s) to its data. type: object properties: - entityIds: + gcsSource: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataGcsSource + bigquerySource: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataBigQuerySource + id: GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataInputConfig + GoogleCloudAiplatformV1DeleteFeatureValuesResponse: + id: GoogleCloudAiplatformV1DeleteFeatureValuesResponse + type: object + description: Response message for FeaturestoreService.DeleteFeatureValues. + properties: + selectTimeRangeAndFeature: + description: Response for request specifying time range and feature + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1DeleteFeatureValuesResponseSelectTimeRangeAndFeature + selectEntity: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1DeleteFeatureValuesResponseSelectEntity + description: Response for request specifying the entities to delete + GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecValue: + description: Single value that supports strings and floats. + id: GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecValue + type: object + properties: + stringValue: + type: string + description: String type. + floatValue: + type: number + description: Float type. + format: float + GoogleCloudAiplatformV1FeatureValueDestination: + properties: + csvDestination: description: >- - Required. IDs of entities to read Feature values of. The maximum - number of IDs is 100. For example, for a machine learning model - predicting user clicks on a website, an entity ID could be - `user_123`. - type: array - items: - type: string - featureSelector: + Output in CSV format. Array Feature value types are not allowed in + CSV format. + $ref: '#/components/schemas/GoogleCloudAiplatformV1CsvDestination' + tfrecordDestination: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TFRecordDestination' description: >- - Required. Selector choosing Features of the target EntityType. - Feature IDs will be deduplicated. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureSelector' - GoogleCloudAiplatformV1WriteFeatureValuesRequest: - id: GoogleCloudAiplatformV1WriteFeatureValuesRequest - description: Request message for FeaturestoreOnlineServingService.WriteFeatureValues. + Output in TFRecord format. Below are the mapping from Feature value + type in Featurestore to Feature value type in TFRecord: Value type + in Featurestore | Value type in TFRecord DOUBLE, DOUBLE_ARRAY | + FLOAT_LIST INT64, INT64_ARRAY | INT64_LIST STRING, STRING_ARRAY, + BYTES | BYTES_LIST true -> byte_string("true"), false -> + byte_string("false") BOOL, BOOL_ARRAY (true, false) | BYTES_LIST + bigqueryDestination: + description: >- + Output in BigQuery format. BigQueryDestination.output_uri in + FeatureValueDestination.bigquery_destination must refer to a table. + $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQueryDestination' + description: A destination location for Feature values and format. + id: GoogleCloudAiplatformV1FeatureValueDestination type: object + GoogleCloudAiplatformV1RagEmbeddingModelConfig: + description: Config for the embedding model to use for RAG. + id: GoogleCloudAiplatformV1RagEmbeddingModelConfig properties: - payloads: + vertexPredictionEndpoint: description: >- - Required. The entities to be written. Up to 100,000 feature values - can be written across all `payloads`. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1WriteFeatureValuesPayload - GoogleCloudAiplatformV1WriteFeatureValuesPayload: - id: GoogleCloudAiplatformV1WriteFeatureValuesPayload - description: Contains Feature values to be written for a specific entity. + The Vertex AI Prediction Endpoint that either refers to a publisher + model or an endpoint that is hosting a 1P fine-tuned text embedding + model. Endpoints hosting non-1P fine-tuned text embedding models are + currently not supported. This is used for dense vector search. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RagEmbeddingModelConfigVertexPredictionEndpoint type: object + GoogleCloudAiplatformV1FetchFeatureValuesResponseFeatureNameValuePairListFeatureNameValuePair: + id: >- + GoogleCloudAiplatformV1FetchFeatureValuesResponseFeatureNameValuePairListFeatureNameValuePair + description: Feature name & value pair. properties: - entityId: - description: Required. The ID of the entity. + value: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValue' + description: Feature value. + name: + description: Feature short name. type: string - featureValues: - description: >- - Required. Feature values to be written, mapping from Feature ID to - value. Up to 100,000 `feature_values` entries may be written across - all payloads. The feature generation time, aligned by days, must be - no older than five years (1825 days) and no later than one year (366 - days) in the future. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValue' - GoogleCloudAiplatformV1WriteFeatureValuesResponse: - id: GoogleCloudAiplatformV1WriteFeatureValuesResponse - description: >- - Response message for - FeaturestoreOnlineServingService.WriteFeatureValues. type: object - properties: {} - GoogleCloudAiplatformV1Featurestore: - id: GoogleCloudAiplatformV1Featurestore - description: >- - Vertex AI Feature Store provides a centralized repository for - organizing, storing, and serving ML features. The Featurestore is a - top-level container for your features and their values. + GoogleCloudAiplatformV1TensorboardTimeSeriesMetadata: + description: Describes metadata for a TensorboardTimeSeries. type: object properties: - name: - description: >- - Output only. Name of the Featurestore. Format: - `projects/{project}/locations/{location}/featurestores/{featurestore}` + maxStep: + format: int64 readOnly: true + description: >- + Output only. Max step index of all data points within a + TensorboardTimeSeries. type: string - createTime: - description: Output only. Timestamp when this Featurestore was created. - readOnly: true + maxBlobSequenceLength: type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when this Featurestore was last updated. readOnly: true - type: string - format: google-datetime - etag: + format: int64 description: >- - Optional. Used to perform consistent read-modify-write updates. If - not set, a blind "overwrite" update happens. - type: string - labels: + Output only. The largest blob sequence length (number of blobs) of + all data points in this time series, if its ValueType is + BLOB_SEQUENCE. + maxWallTime: description: >- - Optional. The labels with user-defined metadata to organize your - Featurestore. Label keys and values can be no longer than 64 - characters (Unicode codepoints), can only contain lowercase letters, - numeric characters, underscores and dashes. International characters - are allowed. See https://goo.gl/xmQnxf for more information on and - examples of labels. No more than 64 user labels can be associated - with one Featurestore(System labels are excluded)." System reserved - label keys are prefixed with "aiplatform.googleapis.com/" and are - immutable. - type: object - additionalProperties: - type: string - onlineServingConfig: - description: >- - Optional. Config for online storage resources. The field should not - co-exist with the field of `OnlineStoreReplicationConfig`. If both - of it and OnlineStoreReplicationConfig are unset, the feature store - will not have an online store and cannot be used for online serving. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeaturestoreOnlineServingConfig - state: - description: Output only. State of the featurestore. - readOnly: true + Output only. Max wall clock timestamp of all data points within a + TensorboardTimeSeries. type: string - enumDescriptions: - - Default value. This value is unused. - - >- - State when the featurestore configuration is not being updated and - the fields reflect the current configuration of the featurestore. - The featurestore is usable in this state. - - >- - The state of the featurestore configuration when it is being - updated. During an update, the fields reflect either the original - configuration or the updated configuration of the featurestore. - For example, `online_serving_config.fixed_node_count` can take - minutes to update. While the update is in progress, the - featurestore is in the UPDATING state, and the value of - `fixed_node_count` can be the original value or the updated value, - depending on the progress of the operation. Until the update - completes, the actual number of nodes can still be the original - value of `fixed_node_count`. The featurestore is still usable in - this state. - enum: - - STATE_UNSPECIFIED - - STABLE - - UPDATING - onlineStorageTtlDays: - description: >- - Optional. TTL in days for feature values that will be stored in - online serving storage. The Feature Store online storage - periodically removes obsolete feature values older than - `online_storage_ttl_days` since the feature generation time. Note - that `online_storage_ttl_days` should be less than or equal to - `offline_storage_ttl_days` for each EntityType under a featurestore. - If not set, default to 4000 days - type: integer - format: int32 - encryptionSpec: - description: >- - Optional. Customer-managed encryption key spec for data storage. If - set, both of the online and offline data storage will be secured by - this key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - satisfiesPzs: - description: Output only. Reserved for future use. + format: google-datetime readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. + id: GoogleCloudAiplatformV1TensorboardTimeSeriesMetadata + GoogleCloudAiplatformV1TrajectoryInOrderMatchMetricValue: + description: TrajectoryInOrderMatch metric value for an instance. + id: GoogleCloudAiplatformV1TrajectoryInOrderMatchMetricValue + type: object + properties: + score: + type: number readOnly: true - type: boolean - GoogleCloudAiplatformV1FeaturestoreOnlineServingConfig: - id: GoogleCloudAiplatformV1FeaturestoreOnlineServingConfig - description: >- - OnlineServingConfig specifies the details for provisioning online - serving resources. + format: float + description: Output only. TrajectoryInOrderMatch score. + GoogleCloudAiplatformV1SchemaPredictInstanceTextSentimentPredictionInstance: type: object + description: Prediction input format for Text Sentiment. properties: - fixedNodeCount: + content: + description: The text snippet to make the predictions on. + type: string + mimeType: description: >- - The number of nodes for the online store. The number of nodes - doesn't scale automatically, but you can manually update the number - of nodes. If set to 0, the featurestore will not have an online - store and cannot be used for online serving. - type: integer - format: int32 - scaling: + The MIME type of the text snippet. The supported MIME types are + listed below. - text/plain + type: string + id: >- + GoogleCloudAiplatformV1SchemaPredictInstanceTextSentimentPredictionInstance + GoogleCloudAiplatformV1RagRetrievalConfigRankingLlmRanker: + properties: + modelName: description: >- - Online serving scaling configuration. Only one of `fixed_node_count` - and `scaling` can be set. Setting one will reset the other. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeaturestoreOnlineServingConfigScaling - GoogleCloudAiplatformV1FeaturestoreOnlineServingConfigScaling: - id: GoogleCloudAiplatformV1FeaturestoreOnlineServingConfigScaling - description: >- - Online serving scaling configuration. If min_node_count and - max_node_count are set to the same value, the cluster will be configured - with the fixed number of node (no auto-scaling). + Optional. The model name used for ranking. See [Supported + models](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/inference#supported-models). + type: string + type: object + description: Config for LlmRanker. + id: GoogleCloudAiplatformV1RagRetrievalConfigRankingLlmRanker + GoogleCloudAiplatformV1ToolCallValidSpec: + type: object + description: Spec for tool call valid metric. + properties: {} + id: GoogleCloudAiplatformV1ToolCallValidSpec + GoogleCloudAiplatformV1CancelEvaluationRunRequest: + description: Request message for EvaluationManagementService.CancelEvaluationRun. + properties: {} + id: GoogleCloudAiplatformV1CancelEvaluationRunRequest type: object + GoogleCloudAiplatformV1ModelArmorConfig: properties: - minNodeCount: - description: >- - Required. The minimum number of nodes to scale down to. Must be - greater than or equal to 1. - type: integer - format: int32 - maxNodeCount: + responseTemplateName: + type: string description: >- - The maximum number of nodes to scale up to. Must be greater than - min_node_count, and less than or equal to 10 times of - 'min_node_count'. - type: integer - format: int32 - cpuUtilizationTarget: + Optional. The resource name of the Model Armor template to use for + response screening. A Model Armor template is a set of customized + filters and thresholds that define how Model Armor screens content. + If specified, Model Armor will use this template to check the + model's response for safety and security risks before it is returned + to the user. The name must be in the format + `projects/{project}/locations/{location}/templates/{template}`. + promptTemplateName: + type: string description: >- - Optional. The cpu utilization that the Autoscaler should be trying - to achieve. This number is on a scale from 0 (no utilization) to 100 - (total utilization), and is limited between 10 and 80. When a - cluster's CPU utilization exceeds the target that you have set, - Bigtable immediately adds nodes to the cluster. When CPU utilization - is substantially lower than the target, Bigtable removes nodes. If - not set or set to 0, default to 50. - type: integer - format: int32 - GoogleCloudAiplatformV1ListFeaturestoresResponse: - id: GoogleCloudAiplatformV1ListFeaturestoresResponse - description: Response message for FeaturestoreService.ListFeaturestores. + Optional. The resource name of the Model Armor template to use for + prompt screening. A Model Armor template is a set of customized + filters and thresholds that define how Model Armor screens content. + If specified, Model Armor will use this template to check the user's + prompt for safety and security risks before it is sent to the model. + The name must be in the format + `projects/{project}/locations/{location}/templates/{template}`. + id: GoogleCloudAiplatformV1ModelArmorConfig + description: >- + Configuration for Model Armor. Model Armor is a Google Cloud service + that provides safety and security filtering for prompts and responses. + It helps protect your AI applications from risks such as harmful + content, sensitive data leakage, and prompt injection attacks. type: object + GoogleCloudAiplatformV1PredefinedSplit: properties: - featurestores: - description: The Featurestores matching the request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Featurestore' - nextPageToken: + key: description: >- - A token, which can be sent as ListFeaturestoresRequest.page_token to - retrieve the next page. If this field is omitted, there are no - subsequent pages. + Required. The key is a name of one of the Dataset's data columns. + The value of the key (either the label's value or value in the + column) must be one of {`training`, `validation`, `test`}, and it + defines to which set the given piece of data is assigned. If for a + piece of data the key is not present or has an invalid value, that + piece is ignored by the pipeline. type: string - GoogleCloudAiplatformV1EntityType: - id: GoogleCloudAiplatformV1EntityType description: >- - An entity type is a type of object in a system that needs to be modeled - and have stored information about. For example, driver is an entity - type, and driver0 is an instance of an entity type driver. + Assigns input data to training, validation, and test sets based on the + value of a provided key. Supported only for tabular Datasets. + type: object + id: GoogleCloudAiplatformV1PredefinedSplit + GoogleCloudAiplatformV1ExamplesOverride: + id: GoogleCloudAiplatformV1ExamplesOverride type: object + description: Overrides for example-based explanations. properties: - name: - description: >- - Immutable. Name of the EntityType. Format: - `projects/{project}/locations/{location}/featurestores/{featurestore}/entityTypes/{entity_type}` - The last part entity_type is assigned by the client. The entity_type - can be up to 64 characters long and can consist only of ASCII Latin - letters A-Z and a-z and underscore(_), and ASCII digits 0-9 starting - with a letter. The value will be unique given a featurestore. - type: string - description: - description: Optional. Description of the EntityType. - type: string - createTime: - description: Output only. Timestamp when this EntityType was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. Timestamp when this EntityType was most recently - updated. - readOnly: true - type: string - format: google-datetime - labels: - description: >- - Optional. The labels with user-defined metadata to organize your - EntityTypes. Label keys and values can be no longer than 64 - characters (Unicode codepoints), can only contain lowercase letters, - numeric characters, underscores and dashes. International characters - are allowed. See https://goo.gl/xmQnxf for more information on and - examples of labels. No more than 64 user labels can be associated - with one EntityType (System labels are excluded)." System reserved - label keys are prefixed with "aiplatform.googleapis.com/" and are - immutable. - type: object - additionalProperties: - type: string - etag: - description: >- - Optional. Used to perform a consistent read-modify-write updates. If - not set, a blind "overwrite" update happens. + dataFormat: type: string - monitoringConfig: - description: >- - Optional. The default monitoring configuration for all Features with - value type (Feature.ValueType) BOOL, STRING, DOUBLE or INT64 under - this EntityType. If this is populated with - [FeaturestoreMonitoringConfig.monitoring_interval] specified, - snapshot analysis monitoring is enabled. Otherwise, snapshot - analysis monitoring is disabled. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeaturestoreMonitoringConfig - offlineStorageTtlDays: + description: The format of the data being provided with each call. + enum: + - DATA_FORMAT_UNSPECIFIED + - INSTANCES + - EMBEDDINGS + enumDescriptions: + - Unspecified format. Must not be used. + - Provided data is a set of model inputs. + - Provided data is a set of embeddings. + restrictions: description: >- - Optional. Config for data retention policy in offline storage. TTL - in days for feature values that will be stored in offline storage. - The Feature Store offline storage periodically removes obsolete - feature values older than `offline_storage_ttl_days` since the - feature generation time. If unset (or explicitly set to 0), default - to 4000 days TTL. + Restrict the resulting nearest neighbors to respect these + constraints. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ExamplesRestrictionsNamespace + type: array + neighborCount: + description: The number of neighbors to return. type: integer format: int32 - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true + crowdingCount: + type: integer + format: int32 + description: The number of neighbors to return that have the same crowding tag. + returnEmbeddings: type: boolean - GoogleCloudAiplatformV1FeaturestoreMonitoringConfig: - id: GoogleCloudAiplatformV1FeaturestoreMonitoringConfig - description: Configuration of how features in Featurestore are monitored. + description: If true, return the embeddings instead of neighbors. + GoogleCloudAiplatformV1ResumeModelDeploymentMonitoringJobRequest: + type: object + description: Request message for JobService.ResumeModelDeploymentMonitoringJob. + id: GoogleCloudAiplatformV1ResumeModelDeploymentMonitoringJobRequest + properties: {} + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformation: type: object + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformation properties: - snapshotAnalysis: - description: The config for Snapshot Analysis Based Feature Monitoring. + auto: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeaturestoreMonitoringConfigSnapshotAnalysis - importFeaturesAnalysis: - description: The config for ImportFeatures Analysis Based Feature Monitoring. + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationAutoTransformation + text: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeaturestoreMonitoringConfigImportFeaturesAnalysis - numericalThresholdConfig: - description: >- - Threshold for numerical features of anomaly detection. This is - shared by all objectives of Featurestore Monitoring for numerical - features (i.e. Features with type (Feature.ValueType) DOUBLE or - INT64). + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationTextTransformation + timestamp: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeaturestoreMonitoringConfigThresholdConfig - categoricalThresholdConfig: - description: >- - Threshold for categorical features of anomaly detection. This is - shared by all types of Featurestore Monitoring for categorical - features (i.e. Features with type (Feature.ValueType) BOOL or - STRING). + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationTimestampTransformation + categorical: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeaturestoreMonitoringConfigThresholdConfig - GoogleCloudAiplatformV1FeaturestoreMonitoringConfigSnapshotAnalysis: - id: GoogleCloudAiplatformV1FeaturestoreMonitoringConfigSnapshotAnalysis - description: >- - Configuration of the Featurestore's Snapshot Analysis Based Monitoring. - This type of analysis generates statistics for each Feature based on a - snapshot of the latest feature value of each entities every - monitoring_interval. + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationCategoricalTransformation + numeric: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationNumericTransformation + GoogleCloudAiplatformV1StudySpecParameterSpecDoubleValueSpec: + id: GoogleCloudAiplatformV1StudySpecParameterSpecDoubleValueSpec + description: Value specification for a parameter in `DOUBLE` type. + properties: + defaultValue: + format: double + type: number + description: >- + A default value for a `DOUBLE` parameter that is assumed to be a + relatively good starting point. Unset value signals that there is no + offered starting point. Currently only supported by the Vertex AI + Vizier service. Not supported by HyperparameterTuningJob or + TrainingPipeline. + minValue: + type: number + description: Required. Inclusive minimum value of the parameter. + format: double + maxValue: + type: number + description: Required. Inclusive maximum value of the parameter. + format: double type: object + GoogleCloudAiplatformV1SchemaVideoActionRecognitionAnnotation: properties: - disabled: + timeSegment: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SchemaTimeSegment' description: >- - The monitoring schedule for snapshot analysis. For EntityType-level - config: unset / disabled = true indicates disabled by default for - Features under it; otherwise by default enable snapshot analysis - monitoring with monitoring_interval for Features under it. - Feature-level config: disabled = true indicates disabled regardless - of the EntityType-level config; unset monitoring_interval indicates - going with EntityType-level config; otherwise run snapshot analysis - monitoring with monitoring_interval regardless of the - EntityType-level config. Explicitly Disable the snapshot analysis - based monitoring. - type: boolean - monitoringIntervalDays: + This Annotation applies to the time period represented by the + TimeSegment. If it's not set, the Annotation applies to the whole + video. + displayName: description: >- - Configuration of the snapshot analysis based monitoring pipeline - running interval. The value indicates number of days. - type: integer - format: int32 - stalenessDays: + The display name of the AnnotationSpec that this Annotation pertains + to. + type: string + annotationSpecId: + type: string description: >- - Customized export features time window for snapshot analysis. Unit - is one day. Default value is 3 weeks. Minimum value is 1 day. - Maximum value is 4000 days. - type: integer - format: int32 - GoogleCloudAiplatformV1FeaturestoreMonitoringConfigImportFeaturesAnalysis: - id: >- - GoogleCloudAiplatformV1FeaturestoreMonitoringConfigImportFeaturesAnalysis - description: >- - Configuration of the Featurestore's ImportFeature Analysis Based - Monitoring. This type of analysis generates statistics for values of - each Feature imported by every ImportFeatureValues operation. + The resource Id of the AnnotationSpec that this Annotation pertains + to. + type: object + id: GoogleCloudAiplatformV1SchemaVideoActionRecognitionAnnotation + description: Annotation details specific to video action recognition. + GoogleCloudAiplatformV1SchemaPromptSpecReferenceSentencePair: + id: GoogleCloudAiplatformV1SchemaPromptSpecReferenceSentencePair + description: A pair of sentences used as reference in source and target languages. type: object properties: - state: - description: >- - Whether to enable / disable / inherite default hebavior for import - features analysis. + sourceSentence: type: string - enumDescriptions: - - Should not be used. - - >- - The default behavior of whether to enable the monitoring. - EntityType-level config: disabled. Feature-level config: inherited - from the configuration of EntityType this Feature belongs to. - - >- - Explicitly enables import features analysis. EntityType-level - config: by default enables import features analysis for all - Features under it. Feature-level config: enables import features - analysis regardless of the EntityType-level config. - - >- - Explicitly disables import features analysis. EntityType-level - config: by default disables import features analysis for all - Features under it. Feature-level config: disables import features - analysis regardless of the EntityType-level config. - enum: - - STATE_UNSPECIFIED - - DEFAULT - - ENABLED - - DISABLED - anomalyDetectionBaseline: - description: >- - The baseline used to do anomaly detection for the statistics - generated by import features analysis. + description: Source sentence in the sentence pair. + targetSentence: + description: Target sentence in the sentence pair. type: string - enumDescriptions: - - Should not be used. - - >- - Choose the later one statistics generated by either most recent - snapshot analysis or previous import features analysis. If non of - them exists, skip anomaly detection and only generate a - statistics. - - >- - Use the statistics generated by the most recent snapshot analysis - if exists. - - >- - Use the statistics generated by the previous import features - analysis if exists. - enum: - - BASELINE_UNSPECIFIED - - LATEST_STATS - - MOST_RECENT_SNAPSHOT_STATS - - PREVIOUS_IMPORT_FEATURES_STATS - GoogleCloudAiplatformV1FeaturestoreMonitoringConfigThresholdConfig: - id: GoogleCloudAiplatformV1FeaturestoreMonitoringConfigThresholdConfig - description: The config for Featurestore Monitoring threshold. + GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDb: type: object + id: GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDb + description: The config for the default RAG-managed Vector DB. properties: - value: + knn: + description: Performs a KNN search on RagCorpus. Default choice if not specified. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDbKNN + ann: description: >- - Specify a threshold value that can trigger the alert. 1. For - categorical feature, the distribution distance is calculated by - L-inifinity norm. 2. For numerical feature, the distribution - distance is calculated by Jensen–Shannon divergence. Each feature - must have a non-zero threshold if they need to be monitored. - Otherwise no alert will be triggered for that feature. - type: number - format: double - GoogleCloudAiplatformV1ListEntityTypesResponse: - id: GoogleCloudAiplatformV1ListEntityTypesResponse - description: Response message for FeaturestoreService.ListEntityTypes. + Performs an ANN search on RagCorpus. Use this if you have a lot of + files (> 10K) in your RagCorpus and want to reduce the search + latency. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDbANN + GoogleCloudAiplatformV1FetchFeatureValuesResponse: + id: GoogleCloudAiplatformV1FetchFeatureValuesResponse type: object properties: - entityTypes: - description: The EntityTypes matching the request. - type: array + dataKey: + description: >- + The data key associated with this response. Will only be populated + for FeatureOnlineStoreService.StreamingFetchFeatureValues RPCs. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureViewDataKey' + protoStruct: + type: object + additionalProperties: + description: Properties of the object. + type: any + description: Feature values in proto Struct format. + keyValues: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FetchFeatureValuesResponseFeatureNameValuePairList + description: Feature values in KeyValue format. + description: Response message for FeatureOnlineStoreService.FetchFeatureValues + GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataGcsSource: + properties: + uri: items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1EntityType' - nextPageToken: + type: string + type: array description: >- - A token, which can be sent as ListEntityTypesRequest.page_token to - retrieve the next page. If this field is omitted, there are no - subsequent pages. - type: string - GoogleCloudAiplatformV1Feature: - id: GoogleCloudAiplatformV1Feature - description: >- - Feature Metadata information. For example, color is a feature that - describes an apple. + Cloud Storage URI of one or more files. Only CSV files are + supported. The first line of the CSV file is used as the header. If + there are multiple files, the header is the first line of the + lexicographically first file, the other files must either contain + the exact same header or omit the header. + id: GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataGcsSource type: object + GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingPredictionSkewDetectionConfig: + id: >- + GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingPredictionSkewDetectionConfig properties: - name: - description: >- - Immutable. Name of the Feature. Format: - `projects/{project}/locations/{location}/featurestores/{featurestore}/entityTypes/{entity_type}/features/{feature}` - `projects/{project}/locations/{location}/featureGroups/{feature_group}/features/{feature}` - The last part feature is assigned by the client. The feature can be - up to 64 characters long and can consist only of ASCII Latin letters - A-Z and a-z, underscore(_), and ASCII digits 0-9 starting with a - letter. The value will be unique given an entity type. - type: string - description: - description: Description of the Feature. - type: string - valueType: - description: >- - Immutable. Only applicable for Vertex AI Feature Store (Legacy). - Type of Feature value. - type: string - enumDescriptions: - - The value type is unspecified. - - Used for Feature that is a boolean. - - Used for Feature that is a list of boolean. - - Used for Feature that is double. - - Used for Feature that is a list of double. - - Used for Feature that is INT64. - - Used for Feature that is a list of INT64. - - Used for Feature that is string. - - Used for Feature that is a list of String. - - Used for Feature that is bytes. - - Used for Feature that is struct. - enum: - - VALUE_TYPE_UNSPECIFIED - - BOOL - - BOOL_ARRAY - - DOUBLE - - DOUBLE_ARRAY - - INT64 - - INT64_ARRAY - - STRING - - STRING_ARRAY - - BYTES - - STRUCT - createTime: - description: >- - Output only. Only applicable for Vertex AI Feature Store (Legacy). - Timestamp when this EntityType was created. - readOnly: true - type: string - format: google-datetime - updateTime: + defaultSkewThreshold: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ThresholdConfig' description: >- - Output only. Only applicable for Vertex AI Feature Store (Legacy). - Timestamp when this EntityType was most recently updated. - readOnly: true - type: string - format: google-datetime - labels: + Skew anomaly detection threshold used by all features. When the + per-feature thresholds are not set, this field can be used to + specify a threshold for all features. + skewThresholds: description: >- - Optional. The labels with user-defined metadata to organize your - Features. Label keys and values can be no longer than 64 characters - (Unicode codepoints), can only contain lowercase letters, numeric - characters, underscores and dashes. International characters are - allowed. See https://goo.gl/xmQnxf for more information on and - examples of labels. No more than 64 user labels can be associated - with one Feature (System labels are excluded)." System reserved - label keys are prefixed with "aiplatform.googleapis.com/" and are - immutable. + Key is the feature name and value is the threshold. If a feature + needs to be monitored for skew, a value threshold must be configured + for that feature. The threshold here is against feature distribution + distance between the training and prediction feature. type: object additionalProperties: - type: string - etag: - description: >- - Used to perform a consistent read-modify-write updates. If not set, - a blind "overwrite" update happens. - type: string - disableMonitoring: - description: >- - Optional. Only applicable for Vertex AI Feature Store (Legacy). If - not set, use the monitoring_config defined for the EntityType this - Feature belongs to. Only Features with type (Feature.ValueType) - BOOL, STRING, DOUBLE or INT64 can enable monitoring. If set to true, - all types of data monitoring are disabled despite the config on - EntityType. - type: boolean - monitoringStatsAnomalies: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ThresholdConfig' + attributionScoreSkewThresholds: description: >- - Output only. Only applicable for Vertex AI Feature Store (Legacy). - The list of historical stats and anomalies with specified - objectives. + Key is the feature name and value is the threshold. The threshold + here is against attribution score distance between the training and + prediction feature. + type: object + additionalProperties: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ThresholdConfig' + type: object + description: >- + The config for Training & Prediction data skew detection. It specifies + the training dataset sources and the skew detection parameters. + GoogleCloudAiplatformV1ToolParameterKeyMatchMetricValue: + type: object + id: GoogleCloudAiplatformV1ToolParameterKeyMatchMetricValue + properties: + score: + format: float readOnly: true - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureMonitoringStatsAnomaly - versionColumnName: + description: Output only. Tool parameter key match score. + type: number + description: Tool parameter key match metric value for an instance. + GoogleCloudAiplatformV1PairwiseSummarizationQualityInput: + id: GoogleCloudAiplatformV1PairwiseSummarizationQualityInput + type: object + description: Input for pairwise summarization quality metric. + properties: + instance: + description: Required. Pairwise summarization quality instance. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PairwiseSummarizationQualityInstance + metricSpec: + description: Required. Spec for pairwise summarization quality score metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PairwiseSummarizationQualitySpec + GoogleCloudAiplatformV1StreamQueryReasoningEngineRequest: + id: GoogleCloudAiplatformV1StreamQueryReasoningEngineRequest + properties: + input: + type: object description: >- - Only applicable for Vertex AI Feature Store. The name of the - BigQuery Table/View column hosting data for this version. If no - value is provided, will use feature_id. + Optional. Input content provided by users in JSON object format. + Examples include text query, function calling parameters, media + bytes, etc. + additionalProperties: + description: Properties of the object. + type: any + classMethod: type: string - pointOfContact: description: >- - Entity responsible for maintaining this feature. Can be comma - separated list of email addresses or URIs. - type: string - GoogleCloudAiplatformV1FeatureMonitoringStatsAnomaly: - id: GoogleCloudAiplatformV1FeatureMonitoringStatsAnomaly - description: >- - A list of historical SnapshotAnalysis or ImportFeaturesAnalysis stats - requested by user, sorted by FeatureStatsAnomaly.start_time descending. + Optional. Class method to be used for the stream query. It is + optional and defaults to "stream_query" if unspecified. + description: Request message for ReasoningEngineExecutionService.StreamQuery. type: object + GoogleCloudAiplatformV1AuthConfigGoogleServiceAccountConfig: + id: GoogleCloudAiplatformV1AuthConfigGoogleServiceAccountConfig properties: - objective: - description: Output only. The objective for each stats. - readOnly: true + serviceAccount: type: string - enumDescriptions: - - If it's OBJECTIVE_UNSPECIFIED, monitoring_stats will be empty. - - Stats are generated by Import Feature Analysis. - - Stats are generated by Snapshot Analysis. - enum: - - OBJECTIVE_UNSPECIFIED - - IMPORT_FEATURE_ANALYSIS - - SNAPSHOT_ANALYSIS - featureStatsAnomaly: description: >- - Output only. The stats and anomalies generated at specific - timestamp. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureStatsAnomaly' - GoogleCloudAiplatformV1FeatureStatsAnomaly: - id: GoogleCloudAiplatformV1FeatureStatsAnomaly + Optional. The service account that the extension execution service + runs as. - If the service account is specified, the + `iam.serviceAccounts.getAccessToken` permission should be granted to + Vertex AI Extension Service Agent + (https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) + on the specified service account. - If not specified, the Vertex AI + Extension Service Agent will be used to execute the Extension. + description: Config for Google Service Account Authentication. + type: object + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTextArrayTransformation: + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTextArrayTransformation description: >- - Stats and Anomaly generated at specific timestamp for specific Feature. - The start_time and end_time are used to define the time range of the - dataset that current stats belongs to, e.g. prediction traffic is - bucketed into prediction datasets by time window. If the Dataset is not - defined by time window, start_time = end_time. Timestamp of the stats - and anomalies always refers to end_time. Raw stats and anomalies are - stored in stats_uri or anomaly_uri in the tensorflow defined protos. - Field data_stats contains almost identical information with the raw - stats in Vertex AI defined proto, for UI to display. + Treats the column as text array and performs following transformation + functions. * Concatenate all text values in the array into a single text + value using a space (" ") as a delimiter, and then treat the result as a + single text value. Apply the transformations for Text columns. * Empty + arrays treated as an empty text. type: object properties: - score: - description: >- - Feature importance score, only populated when cross-feature - monitoring is enabled. For now only used to represent feature - attribution score within range [0, 1] for - ModelDeploymentMonitoringObjectiveType.FEATURE_ATTRIBUTION_SKEW and - ModelDeploymentMonitoringObjectiveType.FEATURE_ATTRIBUTION_DRIFT. - type: number - format: double - statsUri: - description: >- - Path of the stats file for current feature values in Cloud Storage - bucket. Format: gs:////stats. Example: - gs://monitoring_bucket/feature_name/stats. Stats are stored as - binary format with Protobuf message - [tensorflow.metadata.v0.FeatureNameStatistics](https://github.com/tensorflow/metadata/blob/master/tensorflow_metadata/proto/v0/statistics.proto). - type: string - anomalyUri: - description: >- - Path of the anomaly file for current feature values in Cloud Storage - bucket. Format: gs:////anomalies. Example: - gs://monitoring_bucket/feature_name/anomalies. Stats are stored as - binary format with Protobuf message Anoamlies are stored as binary - format with Protobuf message [tensorflow.metadata.v0.AnomalyInfo] - (https://github.com/tensorflow/metadata/blob/master/tensorflow_metadata/proto/v0/anomalies.proto). + columnName: type: string - distributionDeviation: - description: >- - Deviation from the current stats to baseline stats. 1. For - categorical feature, the distribution distance is calculated by - L-inifinity norm. 2. For numerical feature, the distribution - distance is calculated by Jensen–Shannon divergence. - type: number - format: double - anomalyDetectionThreshold: - description: >- - This is the threshold used when detecting anomalies. The threshold - can be changed by user, so this one might be different from - ThresholdConfig.value. - type: number - format: double + GoogleCloudAiplatformV1SuggestTrialsResponse: + description: Response message for VizierService.SuggestTrials. + id: GoogleCloudAiplatformV1SuggestTrialsResponse + properties: + trials: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' + description: A list of Trials. startTime: - description: >- - The start timestamp of window where stats were generated. For - objectives where time window doesn't make sense (e.g. Featurestore - Snapshot Monitoring), start_time is only used to indicate the - monitoring intervals, so it always equals to (end_time - - monitoring_interval). + description: The time at which the operation was started. type: string format: google-datetime - endTime: - description: >- - The end timestamp of window where stats were generated. For - objectives where time window doesn't make sense (e.g. Featurestore - Snapshot Monitoring), end_time indicates the timestamp of the data - used to generate stats (e.g. timestamp we take snapshots for feature - values). + studyState: + description: The state of the Study. type: string + enum: + - STATE_UNSPECIFIED + - ACTIVE + - INACTIVE + - COMPLETED + enumDescriptions: + - The study state is unspecified. + - The study is active. + - The study is stopped due to an internal error. + - >- + The study is done when the service exhausts the parameter search + space or max_trial_count is reached. + endTime: + description: The time at which operation processing completed. format: google-datetime - GoogleCloudAiplatformV1BatchCreateFeaturesRequest: - id: GoogleCloudAiplatformV1BatchCreateFeaturesRequest - description: >- - Request message for FeaturestoreService.BatchCreateFeatures. Request - message for FeatureRegistryService.BatchCreateFeatures. + type: string type: object - properties: - requests: - description: >- - Required. The request message specifying the Features to create. All - Features must be created under the same parent EntityType / - FeatureGroup. The `parent` field in each child request message can - be omitted. If `parent` is set in a child request, then the value - must match the `parent` value in this request message. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CreateFeatureRequest' - GoogleCloudAiplatformV1CreateFeatureRequest: - id: GoogleCloudAiplatformV1CreateFeatureRequest - description: >- - Request message for FeaturestoreService.CreateFeature. Request message - for FeatureRegistryService.CreateFeature. + GoogleCloudAiplatformV1PscInterfaceConfig: type: object + description: Configuration for PSC-I. properties: - parent: - description: >- - Required. The resource name of the EntityType or FeatureGroup to - create a Feature. Format for entity_type as parent: - `projects/{project}/locations/{location}/featurestores/{featurestore}/entityTypes/{entity_type}` - Format for feature_group as parent: - `projects/{project}/locations/{location}/featureGroups/{feature_group}` - type: string - feature: - description: Required. The Feature to create. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' - featureId: + networkAttachment: description: >- - Required. The ID to use for the Feature, which will become the final - component of the Feature's resource name. This value may be up to - 128 characters, and valid characters are `[a-z0-9_]`. The first - character cannot be a number. The value must be unique within an - EntityType/FeatureGroup. + Optional. The name of the Compute Engine [network + attachment](https://cloud.google.com/vpc/docs/about-network-attachments) + to attach to the resource within the region and user project. To + specify this field, you must have already [created a network + attachment] + (https://cloud.google.com/vpc/docs/create-manage-network-attachments#create-network-attachments). + This field is only used for resources using PSC-I. type: string - GoogleCloudAiplatformV1ListFeaturesResponse: - id: GoogleCloudAiplatformV1ListFeaturesResponse - description: >- - Response message for FeaturestoreService.ListFeatures. Response message - for FeatureRegistryService.ListFeatures. - type: object - properties: - features: - description: The Features matching the request. + dnsPeeringConfigs: type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' - nextPageToken: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DnsPeeringConfig' description: >- - A token, which can be sent as ListFeaturesRequest.page_token to - retrieve the next page. If this field is omitted, there are no - subsequent pages. + Optional. DNS peering configurations. When specified, Vertex AI will + attempt to configure DNS peering zones in the tenant project VPC to + resolve the specified domains using the target network's Cloud DNS. + The user must grant the dns.peer role to the Vertex AI Service Agent + on the target project. + id: GoogleCloudAiplatformV1PscInterfaceConfig + GoogleCloudAiplatformV1SpeculativeDecodingSpecDraftModelSpeculation: + description: >- + Draft model speculation works by using the smaller model to generate + candidate tokens for speculative decoding. + properties: + draftModel: + description: Required. The resource name of the draft model. type: string - GoogleCloudAiplatformV1ImportFeatureValuesRequest: - id: GoogleCloudAiplatformV1ImportFeatureValuesRequest - description: Request message for FeaturestoreService.ImportFeatureValues. + type: object + id: GoogleCloudAiplatformV1SpeculativeDecodingSpecDraftModelSpeculation + GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoObjectTrackingMetrics: + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoObjectTrackingMetrics + description: >- + Model evaluation metrics for video object tracking problems. Evaluates + prediction quality of both labeled bounding boxes and labeled tracks + (i.e. series of bounding boxes sharing same label and instance ID). type: object properties: - avroSource: - $ref: '#/components/schemas/GoogleCloudAiplatformV1AvroSource' - bigquerySource: - $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQuerySource' - csvSource: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CsvSource' - featureTimeField: + evaluatedFrameCount: + type: integer description: >- - Source column that holds the Feature timestamp for all Feature - values in each entity. - type: string - featureTime: + UNIMPLEMENTED. The number of video frames used to create this + evaluation. + format: int32 + trackMeanMismatchRate: + format: float + type: number description: >- - Single Feature timestamp for all entities being imported. The - timestamp must not have higher than millisecond precision. - type: string - format: google-datetime - entityIdField: + UNIMPLEMENTED. The single metric for tracking consistency + evaluation: the `meanMismatchRate` averaged over all `trackMetrics`. + trackMeanBoundingBoxIou: + format: float + type: number description: >- - Source column that holds entity IDs. If not provided, entity IDs are - extracted from the column named entity_id. - type: string - featureSpecs: + UNIMPLEMENTED. The single metric for tracks bounding box iou + evaluation: the `meanBoundingBoxIou` averaged over all + `trackMetrics`. + boundingBoxMeanAveragePrecision: description: >- - Required. Specifications defining which Feature values to import - from the entity. The request fails if no feature_specs are provided, - and having multiple feature_specs for one Feature is not allowed. + The single metric for bounding boxes evaluation: the + `meanAveragePrecision` averaged over all `boundingBoxMetrics`. + type: number + format: float + trackMetrics: type: array + description: >- + UNIMPLEMENTED. The tracks match metrics for each + intersection-over-union threshold + 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 and each label confidence + threshold 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 pair. items: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ImportFeatureValuesRequestFeatureSpec - disableOnlineServing: + #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsTrackMetrics + evaluatedTrackCount: description: >- - If set, data will not be imported for online serving. This is - typically used for backfilling, where Feature generation timestamps - are not in the timestamp range needed for online serving. - type: boolean - workerCount: + UNIMPLEMENTED. The total number of tracks (i.e. as seen across all + frames) the ground truth used to create this evaluation had. + format: int32 + type: integer + evaluatedBoundingBoxCount: description: >- - Specifies the number of workers that are used to write data to the - Featurestore. Consider the online serving capacity that you require - to achieve the desired import throughput without interfering with - online serving. The value must be positive, and less than or equal - to 100. If not set, defaults to using 1 worker. The low count - ensures minimal impact on online serving performance. + UNIMPLEMENTED. The total number of bounding boxes (i.e. summed over + all frames) the ground truth used to create this evaluation had. type: integer format: int32 - disableIngestionAnalysis: - description: If true, API doesn't start ingestion analysis pipeline. - type: boolean - GoogleCloudAiplatformV1AvroSource: - id: GoogleCloudAiplatformV1AvroSource - description: The storage details for Avro input content. - type: object - properties: - gcsSource: - description: Required. Google Cloud Storage location. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' - GoogleCloudAiplatformV1CsvSource: - id: GoogleCloudAiplatformV1CsvSource - description: The storage details for CSV input content. - type: object - properties: - gcsSource: - description: Required. Google Cloud Storage location. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' - GoogleCloudAiplatformV1ImportFeatureValuesRequestFeatureSpec: - id: GoogleCloudAiplatformV1ImportFeatureValuesRequestFeatureSpec - description: Defines the Feature value(s) to import. - type: object - properties: - id: + boundingBoxMetrics: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsBoundingBoxMetrics + type: array description: >- - Required. ID of the Feature to import values of. This Feature must - exist in the target EntityType, or the request will fail. - type: string - sourceField: + The bounding boxes match metrics for each intersection-over-union + threshold 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 and each label + confidence threshold 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 pair. + trackMeanAveragePrecision: + format: float description: >- - Source column to get the Feature values from. If not set, uses the - column with the same name as the Feature ID. - type: string - GoogleCloudAiplatformV1BatchReadFeatureValuesRequest: - id: GoogleCloudAiplatformV1BatchReadFeatureValuesRequest - description: Request message for FeaturestoreService.BatchReadFeatureValues. + UNIMPLEMENTED. The single metric for tracks accuracy evaluation: the + `meanAveragePrecision` averaged over all `trackMetrics`. + type: number + GoogleCloudAiplatformV1EvaluationSet: type: object + id: GoogleCloudAiplatformV1EvaluationSet properties: - csvReadInstances: - description: >- - Each read instance consists of exactly one read timestamp and one or - more entity IDs identifying entities of the corresponding - EntityTypes whose Features are requested. Each output instance - contains Feature values of requested entities concatenated together - as of the read time. An example read instance may be `foo_entity_id, - bar_entity_id, 2020-01-01T10:00:00.123Z`. An example output instance - may be `foo_entity_id, bar_entity_id, 2020-01-01T10:00:00.123Z, - foo_entity_feature1_value, bar_entity_feature2_value`. Timestamp in - each read instance must be millisecond-aligned. `csv_read_instances` - are read instances stored in a plain-text CSV file. The header - should be: [ENTITY_TYPE_ID1], [ENTITY_TYPE_ID2], ..., timestamp The - columns can be in any order. Values in the timestamp column must use - the RFC 3339 format, e.g. `2012-07-30T10:43:17.123Z`. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CsvSource' - bigqueryReadInstances: - description: Similar to csv_read_instances, but from BigQuery source. - $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQuerySource' - destination: - description: Required. Specifies output location and format. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValueDestination' - passThroughFields: - description: >- - When not empty, the specified fields in the *_read_instances source - will be joined as-is in the output, in addition to those fields from - the Featurestore Entity. For BigQuery source, the type of the - pass-through values will be automatically inferred. For CSV source, - the pass-through values will be passed as opaque bytes. - type: array + createTime: + description: Output only. Timestamp when this item was created. + type: string + readOnly: true + format: google-datetime + evaluationItems: items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchReadFeatureValuesRequestPassThroughField - entityTypeSpecs: - description: >- - Required. Specifies EntityType grouping Features to read values of - and settings. + type: string type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchReadFeatureValuesRequestEntityTypeSpec - startTime: + description: Required. The EvaluationItems that are part of this dataset. + name: + type: string description: >- - Optional. Excludes Feature values with feature generation timestamp - before this timestamp. If not set, retrieve oldest values kept in - Feature Store. Timestamp, if present, must not have higher than - millisecond precision. + Identifier. The resource name of the EvaluationSet. Format: + `projects/{project}/locations/{location}/evaluationSets/{evaluation_set}` + metadata: + type: any + description: Optional. Metadata for the EvaluationSet. + displayName: + description: Required. The display name of the EvaluationSet. type: string + updateTime: + readOnly: true + description: Output only. Timestamp when this item was last updated. format: google-datetime - GoogleCloudAiplatformV1FeatureValueDestination: - id: GoogleCloudAiplatformV1FeatureValueDestination - description: A destination location for Feature values and format. - type: object + type: string + description: >- + EvaluationSet is a collection of related EvaluationItems that are + evaluated together. + GoogleCloudAiplatformV1Index: + id: GoogleCloudAiplatformV1Index properties: - bigqueryDestination: - description: >- - Output in BigQuery format. BigQueryDestination.output_uri in - FeatureValueDestination.bigquery_destination must refer to a table. - $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQueryDestination' - tfrecordDestination: + updateTime: description: >- - Output in TFRecord format. Below are the mapping from Feature value - type in Featurestore to Feature value type in TFRecord: Value type - in Featurestore | Value type in TFRecord DOUBLE, DOUBLE_ARRAY | - FLOAT_LIST INT64, INT64_ARRAY | INT64_LIST STRING, STRING_ARRAY, - BYTES | BYTES_LIST true -> byte_string("true"), false -> - byte_string("false") BOOL, BOOL_ARRAY (true, false) | BYTES_LIST - $ref: '#/components/schemas/GoogleCloudAiplatformV1TFRecordDestination' - csvDestination: + Output only. Timestamp when this Index was most recently updated. + This also includes any update to the contents of the Index. Note + that Operations working on this Index may have their + Operations.metadata.generic_metadata.update_time a little after the + value of this timestamp, yet that does not mean their results are + not already reflected in the Index. Result of any successfully + completed Operation on the Index is reflected in it. + readOnly: true + format: google-datetime + type: string + description: + type: string + description: The description of the Index. + satisfiesPzi: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + indexStats: + $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexStats' + readOnly: true + description: Output only. Stats of the index resource. + encryptionSpec: description: >- - Output in CSV format. Array Feature value types are not allowed in - CSV format. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CsvDestination' - GoogleCloudAiplatformV1TFRecordDestination: - id: GoogleCloudAiplatformV1TFRecordDestination - description: The storage details for TFRecord output content. - type: object - properties: - gcsDestination: - description: Required. Google Cloud Storage location. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' - GoogleCloudAiplatformV1CsvDestination: - id: GoogleCloudAiplatformV1CsvDestination - description: The storage details for CSV output content. - type: object - properties: - gcsDestination: - description: Required. Google Cloud Storage location. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' - GoogleCloudAiplatformV1BatchReadFeatureValuesRequestPassThroughField: - id: GoogleCloudAiplatformV1BatchReadFeatureValuesRequestPassThroughField - description: Describe pass-through fields in read_instance source. - type: object - properties: - fieldName: + Immutable. Customer-managed encryption key spec for an Index. If + set, this Index and all sub-resources of this Index will be secured + by this key. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + etag: description: >- - Required. The name of the field in the CSV header or the name of the - column in BigQuery table. The naming restriction is the same as - Feature.name. + Used to perform consistent read-modify-write updates. If not set, a + blind "overwrite" update happens. type: string - GoogleCloudAiplatformV1BatchReadFeatureValuesRequestEntityTypeSpec: - id: GoogleCloudAiplatformV1BatchReadFeatureValuesRequestEntityTypeSpec - description: >- - Selects Features of an EntityType to read values of and specifies read - settings. - type: object - properties: - entityTypeId: + metadataSchemaUri: description: >- - Required. ID of the EntityType to select Features. The EntityType id - is the entity_type_id specified during EntityType creation. + Immutable. Points to a YAML file stored on Google Cloud Storage + describing additional information about the Index, that is specific + to it. Unset if the Index does not have any additional information. + The schema is defined as an OpenAPI 3.0.2 [Schema + Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). + Note: The URI given on output will be immutable and probably + different, including the URI scheme, than the one given on input. + The output URI will point to a location where the user only has a + read access. type: string - featureSelector: + deployedIndexes: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedIndexRef' + readOnly: true description: >- - Required. Selectors choosing which Feature values to read from the - EntityType. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureSelector' - settings: - description: Per-Feature settings for the batch read. + Output only. The pointers to DeployedIndexes created from this + Index. An Index can be only deleted if all its DeployedIndexes had + been undeployed first. type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1DestinationFeatureSetting - GoogleCloudAiplatformV1DestinationFeatureSetting: - id: GoogleCloudAiplatformV1DestinationFeatureSetting - type: object - properties: - featureId: - description: Required. The ID of the Feature to apply the setting to. + labels: + type: object + description: >- + The labels with user-defined metadata to organize your Indexes. + Label keys and values can be no longer than 64 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. See + https://goo.gl/xmQnxf for more information and examples of labels. + additionalProperties: + type: string + metadata: + description: >- + An additional information about the Index; the schema of the + metadata can be found in metadata_schema. + type: any + createTime: + description: Output only. Timestamp when this Index was created. type: string - destinationField: + readOnly: true + format: google-datetime + indexUpdateMethod: + type: string + enum: + - INDEX_UPDATE_METHOD_UNSPECIFIED + - BATCH_UPDATE + - STREAM_UPDATE description: >- - Specify the field name in the export destination. If not specified, - Feature ID is used. + Immutable. The update method to use with this Index. If not set, + BATCH_UPDATE will be used by default. + enumDescriptions: + - Should not be used. + - >- + BatchUpdate: user can call UpdateIndex with files on Cloud Storage + of Datapoints to update. + - >- + StreamUpdate: user can call UpsertDatapoints/DeleteDatapoints to + update the Index and the updates will be applied in corresponding + DeployedIndexes in nearly real-time. + satisfiesPzs: + readOnly: true + description: Output only. Reserved for future use. + type: boolean + name: + description: Output only. The resource name of the Index. type: string - GoogleCloudAiplatformV1ExportFeatureValuesRequest: - id: GoogleCloudAiplatformV1ExportFeatureValuesRequest - description: Request message for FeaturestoreService.ExportFeatureValues. + readOnly: true + displayName: + type: string + description: >- + Required. The display name of the Index. The name can be up to 128 + characters long and can consist of any UTF-8 characters. type: object + description: >- + A representation of a collection of database items organized in a way + that allows for approximate nearest neighbor (a.k.a ANN) algorithms + search. + GoogleCloudAiplatformV1BatchCreateFeaturesResponse: + type: object + id: GoogleCloudAiplatformV1BatchCreateFeaturesResponse properties: - snapshotExport: - description: >- - Exports the latest Feature values of all entities of the EntityType - within a time range. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ExportFeatureValuesRequestSnapshotExport - fullExport: - description: >- - Exports all historical values of all entities of the EntityType - within a time range - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ExportFeatureValuesRequestFullExport - destination: - description: Required. Specifies destination location and format. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValueDestination' - featureSelector: - description: Required. Selects Features to export values of. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureSelector' - settings: - description: Per-Feature export settings. + features: type: array items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1DestinationFeatureSetting - GoogleCloudAiplatformV1ExportFeatureValuesRequestSnapshotExport: - id: GoogleCloudAiplatformV1ExportFeatureValuesRequestSnapshotExport - description: >- - Describes exporting the latest Feature values of all entities of the - EntityType between [start_time, snapshot_time]. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' + description: The Features created. + description: Response message for FeaturestoreService.BatchCreateFeatures. + GoogleCloudAiplatformV1CreateDeploymentResourcePoolOperationMetadata: type: object + description: Runtime operation information for CreateDeploymentResourcePool method. properties: - snapshotTime: - description: >- - Exports Feature values as of this timestamp. If not set, retrieve - values as of now. Timestamp, if present, must not have higher than - millisecond precision. - type: string - format: google-datetime - startTime: - description: >- - Excludes Feature values with feature generation timestamp before - this timestamp. If not set, retrieve oldest values kept in Feature - Store. Timestamp, if present, must not have higher than millisecond - precision. - type: string - format: google-datetime - GoogleCloudAiplatformV1ExportFeatureValuesRequestFullExport: - id: GoogleCloudAiplatformV1ExportFeatureValuesRequestFullExport - description: >- - Describes exporting all historical Feature values of all entities of the - EntityType between [start_time, end_time]. + genericMetadata: + description: The operation generic information. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + id: GoogleCloudAiplatformV1CreateDeploymentResourcePoolOperationMetadata + GoogleCloudAiplatformV1ListEvaluationItemsResponse: + id: GoogleCloudAiplatformV1ListEvaluationItemsResponse type: object + description: Response message for EvaluationManagementService.ListEvaluationItems. properties: - startTime: - description: >- - Excludes Feature values with feature generation timestamp before - this timestamp. If not set, retrieve oldest values kept in Feature - Store. Timestamp, if present, must not have higher than millisecond - precision. + evaluationItems: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationItem' + description: List of EvaluationItems in the requested page. + nextPageToken: + description: A token to retrieve the next page of results. type: string - format: google-datetime - endTime: - description: >- - Exports Feature values as of this timestamp. If not set, retrieve - values as of now. Timestamp, if present, must not have higher than - millisecond precision. + GoogleCloudAiplatformV1DeployedModelStatus: + description: Runtime status of the deployed model. + properties: + lastUpdateTime: + description: Output only. The time at which the status was last updated. type: string + readOnly: true format: google-datetime - GoogleCloudAiplatformV1DeleteFeatureValuesRequest: - id: GoogleCloudAiplatformV1DeleteFeatureValuesRequest - description: Request message for FeaturestoreService.DeleteFeatureValues. + message: + readOnly: true + type: string + description: Output only. The latest deployed model's status message (if any). + availableReplicaCount: + type: integer + description: Output only. The number of available replicas of the deployed model. + readOnly: true + format: int32 type: object + id: GoogleCloudAiplatformV1DeployedModelStatus + GoogleCloudAiplatformV1SchemaModelevaluationMetricsImageSegmentationEvaluationMetricsConfidenceMetricsEntry: + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsImageSegmentationEvaluationMetricsConfidenceMetricsEntry properties: - selectEntity: - description: Select feature values to be deleted by specifying entities. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1DeleteFeatureValuesRequestSelectEntity - selectTimeRangeAndFeature: + iouScore: + format: float + type: number description: >- - Select feature values to be deleted by specifying time range and - features. + The intersection-over-union score. The measure of overlap of the + annotation's category mask with ground truth category mask on the + DataItem. + confusionMatrix: + description: Confusion matrix for the given confidence threshold. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1DeleteFeatureValuesRequestSelectTimeRangeAndFeature - GoogleCloudAiplatformV1DeleteFeatureValuesRequestSelectEntity: - id: GoogleCloudAiplatformV1DeleteFeatureValuesRequestSelectEntity - description: >- - Message to select entity. If an entity id is selected, all the feature - values corresponding to the entity id will be deleted, including the - entityId. - type: object - properties: - entityIdSelector: + #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrix + diceScoreCoefficient: + description: DSC or the F1 score, The harmonic mean of recall and precision. + type: number + format: float + recall: + description: Recall (True Positive Rate) for the given confidence threshold. + type: number + format: float + precision: + type: number + description: Precision for the given confidence threshold. + format: float + confidenceThreshold: + format: float + type: number description: >- - Required. Selectors choosing feature values of which entity id to be - deleted from the EntityType. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EntityIdSelector' - GoogleCloudAiplatformV1EntityIdSelector: - id: GoogleCloudAiplatformV1EntityIdSelector - description: Selector for entityId. Getting ids from the given source. + Metrics are computed with an assumption that the model never returns + predictions with score lower than this value. type: object + GoogleCloudAiplatformV1PairwiseMetricSpec: + id: GoogleCloudAiplatformV1PairwiseMetricSpec properties: - csvSource: - description: Source of Csv - $ref: '#/components/schemas/GoogleCloudAiplatformV1CsvSource' - entityIdField: - description: >- - Source column that holds entity IDs. If not provided, entity IDs are - extracted from the column named entity_id. + metricPromptTemplate: + description: Required. Metric prompt template for pairwise metric. type: string - GoogleCloudAiplatformV1DeleteFeatureValuesRequestSelectTimeRangeAndFeature: - id: >- - GoogleCloudAiplatformV1DeleteFeatureValuesRequestSelectTimeRangeAndFeature - description: >- - Message to select time range and feature. Values of the selected feature - generated within an inclusive time range will be deleted. Using this - option permanently deletes the feature values from the specified feature - IDs within the specified time range. This might include data from the - online storage. If you want to retain any deleted historical data in the - online storage, you must re-ingest it. - type: object - properties: - timeRange: - description: >- - Required. Select feature generated within a half-inclusive time - range. The time range is lower inclusive and upper exclusive. - $ref: '#/components/schemas/GoogleTypeInterval' - featureSelector: - description: >- - Required. Selectors choosing which feature values to be deleted from - the EntityType. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureSelector' - skipOnlineStorageDelete: + baselineResponseFieldName: + description: Optional. The field name of the baseline response. + type: string + systemInstruction: + description: Optional. System instructions for pairwise metric. + type: string + candidateResponseFieldName: + type: string + description: Optional. The field name of the candidate response. + customOutputFormatConfig: description: >- - If set, data will not be deleted from online storage. When time - range is older than the data in online storage, setting this to be - true will make the deletion have no impact on online serving. - type: boolean - GoogleTypeInterval: - id: GoogleTypeInterval - description: >- - Represents a time interval, encoded as a Timestamp start (inclusive) and - a Timestamp end (exclusive). The start must be less than or equal to the - end. When the start equals the end, the interval is empty (matches no - time). When both start and end are unspecified, the interval matches any - time. + Optional. CustomOutputFormatConfig allows customization of metric + output. When this config is set, the default output is replaced with + the raw output string. If a custom format is chosen, the + `pairwise_choice` and `explanation` fields in the corresponding + metric result will be empty. + $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomOutputFormatConfig' + description: Spec for pairwise metric. type: object + GoogleCloudAiplatformV1PurgeArtifactsRequest: + description: Request message for MetadataService.PurgeArtifacts. + id: GoogleCloudAiplatformV1PurgeArtifactsRequest properties: - startTime: + filter: description: >- - Optional. Inclusive start of the interval. If specified, a Timestamp - matching this interval will have to be the same or after the start. + Required. A required filter matching the Artifacts to be purged. + E.g., `update_time <= 2020-11-19T11:30:00-04:00`. type: string - format: google-datetime - endTime: + force: + type: boolean description: >- - Optional. Exclusive end of the interval. If specified, a Timestamp - matching this interval will have to be before the end. - type: string - format: google-datetime - GoogleCloudAiplatformV1SearchFeaturesResponse: - id: GoogleCloudAiplatformV1SearchFeaturesResponse - description: Response message for FeaturestoreService.SearchFeatures. + Optional. Flag to indicate to actually perform the purge. If `force` + is set to false, the method will return a sample of Artifact names + that would be deleted. type: object + GoogleCloudAiplatformV1ListDatasetsResponse: + type: object + id: GoogleCloudAiplatformV1ListDatasetsResponse properties: - features: - description: >- - The Features matching the request. Fields returned: * `name` * - `description` * `labels` * `create_time` * `update_time` - type: array + datasets: + description: A list of Datasets that matches the specified filter in the request. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Dataset' + type: array nextPageToken: - description: >- - A token, which can be sent as SearchFeaturesRequest.page_token to - retrieve the next page. If this field is omitted, there are no - subsequent pages. + description: The standard List next-page token. type: string - GoogleCloudAiplatformV1FeatureGroup: - id: GoogleCloudAiplatformV1FeatureGroup - description: Vertex AI Feature Group. + description: Response message for DatasetService.ListDatasets. + GoogleCloudAiplatformV1FeatureGroupBigQuery: + id: GoogleCloudAiplatformV1FeatureGroupBigQuery type: object + description: Input source type for BigQuery Tables and Views. properties: - bigQuery: - description: >- - Indicates that features for this group come from BigQuery - Table/View. By default treats the source as a sparse time series - source. The BigQuery source table or view must have at least one - entity ID column and a column named `feature_timestamp`. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureGroupBigQuery' - name: - description: >- - Identifier. Name of the FeatureGroup. Format: - `projects/{project}/locations/{location}/featureGroups/{featureGroup}` - type: string - createTime: - description: Output only. Timestamp when this FeatureGroup was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when this FeatureGroup was last updated. - readOnly: true - type: string - format: google-datetime - etag: - description: >- - Optional. Used to perform consistent read-modify-write updates. If - not set, a blind "overwrite" update happens. - type: string - labels: - description: >- - Optional. The labels with user-defined metadata to organize your - FeatureGroup. Label keys and values can be no longer than 64 - characters (Unicode codepoints), can only contain lowercase letters, - numeric characters, underscores and dashes. International characters - are allowed. See https://goo.gl/xmQnxf for more information on and - examples of labels. No more than 64 user labels can be associated - with one FeatureGroup(System labels are excluded)." System reserved - label keys are prefixed with "aiplatform.googleapis.com/" and are - immutable. - type: object - additionalProperties: - type: string - description: - description: Optional. Description of the FeatureGroup. - type: string - serviceAgentType: - description: >- - Optional. Service agent type used during jobs under a FeatureGroup. - By default, the Vertex AI Service Agent is used. When using an IAM - Policy to isolate this FeatureGroup within a project, a separate - service account should be provisioned by setting this field to - `SERVICE_AGENT_TYPE_FEATURE_GROUP`. This will generate a separate - service account to access the BigQuery source table. - type: string - enumDescriptions: - - By default, the project-level Vertex AI Service Agent is enabled. - - >- - Specifies the project-level Vertex AI Service Agent - (https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents). - - >- - Enable a FeatureGroup service account to be created by Vertex AI - and output in the field `service_account_email`. This service - account will be used to read from the source BigQuery table during - jobs under a FeatureGroup. - enum: - - SERVICE_AGENT_TYPE_UNSPECIFIED - - SERVICE_AGENT_TYPE_PROJECT - - SERVICE_AGENT_TYPE_FEATURE_GROUP - serviceAccountEmail: - description: >- - Output only. A Service Account unique to this FeatureGroup. The role - bigquery.dataViewer should be granted to this service account to - allow Vertex AI Feature Store to access source data while running - jobs under this FeatureGroup. - readOnly: true - type: string - GoogleCloudAiplatformV1FeatureGroupBigQuery: - id: GoogleCloudAiplatformV1FeatureGroupBigQuery - description: Input source type for BigQuery Tables and Views. - type: object - properties: - bigQuerySource: - description: >- - Required. Immutable. The BigQuery source URI that points to either a - BigQuery Table or View. - $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQuerySource' - entityIdColumns: - description: >- - Optional. Columns to construct entity_id / row keys. If not provided - defaults to `entity_id`. - type: array - items: - type: string - staticDataSource: - description: Optional. Set if the data source is not a time-series. - type: boolean - timeSeries: - description: >- - Optional. If the source is a time-series source, this can be set to - control how downstream sources (ex: FeatureView ) will treat - time-series sources. If not set, will treat the source as a - time-series source with `feature_timestamp` as timestamp column and - no scan boundary. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureGroupBigQueryTimeSeries - dense: + dense: description: >- Optional. If set, all feature values will be fetched from a single row per unique entityId including nulls. If not set, will collapse @@ -7289,3249 +6575,3051 @@ components: 20, null)` is synced to online stores. If dense is not set, `(e1, 20, 15)` is synced to online stores. type: boolean - GoogleCloudAiplatformV1FeatureGroupBigQueryTimeSeries: - id: GoogleCloudAiplatformV1FeatureGroupBigQueryTimeSeries - type: object - properties: - timestampColumn: + timeSeries: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureGroupBigQueryTimeSeries description: >- - Optional. Column hosting timestamp values for a time-series source. - Will be used to determine the latest `feature_values` for each - entity. Optional. If not provided, column named `feature_timestamp` - of type `TIMESTAMP` will be used. - type: string - GoogleCloudAiplatformV1ListFeatureGroupsResponse: - id: GoogleCloudAiplatformV1ListFeatureGroupsResponse - description: Response message for FeatureRegistryService.ListFeatureGroups. - type: object - properties: - featureGroups: - description: The FeatureGroups matching the request. + Optional. If the source is a time-series source, this can be set to + control how downstream sources (ex: FeatureView ) will treat + time-series sources. If not set, will treat the source as a + time-series source with `feature_timestamp` as timestamp column and + no scan boundary. + staticDataSource: + type: boolean + description: Optional. Set if the data source is not a time-series. + entityIdColumns: type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureGroup' - nextPageToken: + type: string description: >- - A token, which can be sent as ListFeatureGroupsRequest.page_token to - retrieve the next page. If this field is omitted, there are no - subsequent pages. - type: string - GoogleCloudAiplatformV1FeatureOnlineStore: - id: GoogleCloudAiplatformV1FeatureOnlineStore - description: >- - Vertex AI Feature Online Store provides a centralized repository for - serving ML features and embedding indexes at low latency. The Feature - Online Store is a top-level container. + Optional. Columns to construct entity_id / row keys. If not provided + defaults to `entity_id`. + bigQuerySource: + description: >- + Required. Immutable. The BigQuery source URI that points to either a + BigQuery Table or View. + $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQuerySource' + GoogleCloudAiplatformV1SchemaModelevaluationMetricsForecastingEvaluationMetrics: type: object + description: Metrics for forecasting evaluation results. + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsForecastingEvaluationMetrics properties: - bigtable: + meanAbsoluteError: + type: number + format: float + description: Mean Absolute Error (MAE). + rSquared: description: >- - Contains settings for the Cloud Bigtable instance that will be - created to serve featureValues for all FeatureViews under this - FeatureOnlineStore. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureOnlineStoreBigtable - optimized: + Coefficient of determination as Pearson correlation coefficient. + Undefined when ground truth or predictions are constant or near + constant. + type: number + format: float + rootMeanSquaredLogError: + type: number + format: float description: >- - Contains settings for the Optimized store that will be created to - serve featureValues for all FeatureViews under this - FeatureOnlineStore. When choose Optimized storage type, need to set - PrivateServiceConnectConfig.enable_private_service_connect to use - private endpoint. Otherwise will use public endpoint by default. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureOnlineStoreOptimized - name: + Root mean squared log error. Undefined when there are negative + ground truth values or predictions. + weightedAbsolutePercentageError: + type: number + format: float description: >- - Identifier. Name of the FeatureOnlineStore. Format: - `projects/{project}/locations/{location}/featureOnlineStores/{featureOnlineStore}` - type: string - createTime: - description: Output only. Timestamp when this FeatureOnlineStore was created. - readOnly: true - type: string - format: google-datetime - updateTime: + Weighted Absolute Percentage Error. Does not use weights, this is + just what the metric is called. Undefined if actual values sum to + zero. Will be very large if actual values sum to a very small + number. + quantileMetrics: + description: The quantile metrics entries for each quantile. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsForecastingEvaluationMetricsQuantileMetricsEntry + type: array + rootMeanSquaredPercentageError: description: >- - Output only. Timestamp when this FeatureOnlineStore was last - updated. - readOnly: true - type: string - format: google-datetime - etag: + Root Mean Square Percentage Error. Square root of MSPE. + Undefined/imaginary when MSPE is negative. + format: float + type: number + rootMeanSquaredError: + type: number + format: float + description: Root Mean Squared Error (RMSE). + meanAbsolutePercentageError: description: >- - Optional. Used to perform consistent read-modify-write updates. If - not set, a blind "overwrite" update happens. + Mean absolute percentage error. Infinity when there are zeros in the + ground truth. + format: float + type: number + GoogleCloudAiplatformV1SchemaPredictPredictionVideoObjectTrackingPredictionResultFrame: + type: object + description: >- + The fields `xMin`, `xMax`, `yMin`, and `yMax` refer to a bounding box, + i.e. the rectangle over the video frame pinpointing the found + AnnotationSpec. The coordinates are relative to the frame size, and the + point 0,0 is in the top left of the frame. + properties: + yMin: + format: float + type: number + description: The topmost coordinate of the bounding box. + yMax: + format: float + description: The bottommost coordinate of the bounding box. + type: number + timeOffset: type: string - labels: + format: google-duration description: >- - Optional. The labels with user-defined metadata to organize your - FeatureOnlineStore. Label keys and values can be no longer than 64 - characters (Unicode codepoints), can only contain lowercase letters, - numeric characters, underscores and dashes. International characters - are allowed. See https://goo.gl/xmQnxf for more information on and - examples of labels. No more than 64 user labels can be associated - with one FeatureOnlineStore(System labels are excluded)." System - reserved label keys are prefixed with "aiplatform.googleapis.com/" - and are immutable. - type: object - additionalProperties: - type: string - state: - description: Output only. State of the featureOnlineStore. + A time (frame) of a video in which the object has been detected. + Expressed as a number of seconds as measured from the start of the + video, with fractions up to a microsecond precision, and with "s" + appended at the end. + xMax: + format: float + description: The rightmost coordinate of the bounding box. + type: number + xMin: + type: number + description: The leftmost coordinate of the bounding box. + format: float + id: >- + GoogleCloudAiplatformV1SchemaPredictPredictionVideoObjectTrackingPredictionResultFrame + GoogleCloudAiplatformV1ListDeploymentResourcePoolsResponse: + properties: + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + deploymentResourcePools: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeploymentResourcePool' + description: The DeploymentResourcePools from the specified location. + type: array + type: object + id: GoogleCloudAiplatformV1ListDeploymentResourcePoolsResponse + description: Response message for ListDeploymentResourcePools method. + GoogleCloudAiplatformV1SummarizationVerbosityResult: + properties: + explanation: readOnly: true type: string - enumDescriptions: - - Default value. This value is unused. - - >- - State when the featureOnlineStore configuration is not being - updated and the fields reflect the current configuration of the - featureOnlineStore. The featureOnlineStore is usable in this - state. - - >- - The state of the featureOnlineStore configuration when it is being - updated. During an update, the fields reflect either the original - configuration or the updated configuration of the - featureOnlineStore. The featureOnlineStore is still usable in this - state. - enum: - - STATE_UNSPECIFIED - - STABLE - - UPDATING - dedicatedServingEndpoint: - description: >- - Optional. The dedicated serving endpoint for this - FeatureOnlineStore, which is different from common Vertex service - endpoint. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureOnlineStoreDedicatedServingEndpoint - encryptionSpec: - description: >- - Optional. Customer-managed encryption key spec for data storage. If - set, online store will be secured by this key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - satisfiesPzs: - description: Output only. Reserved for future use. + description: Output only. Explanation for summarization verbosity score. + score: readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. + type: number + format: float + description: Output only. Summarization Verbosity score. + confidence: + type: number + description: Output only. Confidence for summarization verbosity score. + format: float readOnly: true - type: boolean - GoogleCloudAiplatformV1FeatureOnlineStoreBigtable: - id: GoogleCloudAiplatformV1FeatureOnlineStoreBigtable + description: Spec for summarization verbosity result. + id: GoogleCloudAiplatformV1SummarizationVerbosityResult type: object - properties: - autoScaling: - description: Required. Autoscaling config applied to Bigtable Instance. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureOnlineStoreBigtableAutoScaling - GoogleCloudAiplatformV1FeatureOnlineStoreBigtableAutoScaling: - id: GoogleCloudAiplatformV1FeatureOnlineStoreBigtableAutoScaling + GoogleCloudAiplatformV1ExternalApiSimpleSearchParams: + id: GoogleCloudAiplatformV1ExternalApiSimpleSearchParams type: object + properties: {} + description: The search parameters to use for SIMPLE_SEARCH spec. + GoogleCloudAiplatformV1StreamRawPredictRequest: properties: - minNodeCount: - description: >- - Required. The minimum number of nodes to scale down to. Must be - greater than or equal to 1. - type: integer - format: int32 - maxNodeCount: - description: >- - Required. The maximum number of nodes to scale up to. Must be - greater than or equal to min_node_count, and less than or equal to - 10 times of 'min_node_count'. - type: integer - format: int32 - cpuUtilizationTarget: + httpBody: description: >- - Optional. A percentage of the cluster's CPU capacity. Can be from - 10% to 80%. When a cluster's CPU utilization exceeds the target that - you have set, Bigtable immediately adds nodes to the cluster. When - CPU utilization is substantially lower than the target, Bigtable - removes nodes. If not set will default to 50%. - type: integer - format: int32 - GoogleCloudAiplatformV1FeatureOnlineStoreOptimized: - id: GoogleCloudAiplatformV1FeatureOnlineStoreOptimized - description: Optimized storage type - type: object - properties: {} - GoogleCloudAiplatformV1FeatureOnlineStoreDedicatedServingEndpoint: - id: GoogleCloudAiplatformV1FeatureOnlineStoreDedicatedServingEndpoint - description: >- - The dedicated serving endpoint for this FeatureOnlineStore. Only need to - set when you choose Optimized storage type. Public endpoint is - provisioned by default. + The prediction input. Supports HTTP headers and arbitrary data + payload. + $ref: '#/components/schemas/GoogleApiHttpBody' + id: GoogleCloudAiplatformV1StreamRawPredictRequest type: object + description: Request message for PredictionService.StreamRawPredict. + GoogleCloudAiplatformV1CreateEntityTypeOperationMetadata: properties: - publicEndpointDomainName: - description: >- - Output only. This field will be populated with the domain name to - use for this FeatureOnlineStore - readOnly: true - type: string - privateServiceConnectConfig: - description: >- - Optional. Private service connect config. The private service - connection is available only for Optimized storage type, not for - embedding management now. If - PrivateServiceConnectConfig.enable_private_service_connect set to - true, customers will use private service connection to send request. - Otherwise, the connection will set to public endpoint. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PrivateServiceConnectConfig - serviceAttachment: - description: >- - Output only. The name of the service attachment resource. Populated - if private service connect is enabled and after FeatureViewSync is - created. - readOnly: true - type: string - GoogleCloudAiplatformV1ListFeatureOnlineStoresResponse: - id: GoogleCloudAiplatformV1ListFeatureOnlineStoresResponse - description: >- - Response message for - FeatureOnlineStoreAdminService.ListFeatureOnlineStores. + genericMetadata: + description: Operation metadata for EntityType. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Details of operations that perform create EntityType. + id: GoogleCloudAiplatformV1CreateEntityTypeOperationMetadata + type: object + GoogleCloudAiplatformV1ListNasJobsResponse: type: object + description: Response message for JobService.ListNasJobs properties: - featureOnlineStores: - description: The FeatureOnlineStores matching the request. - type: array + nasJobs: + description: >- + List of NasJobs in the requested page. NasJob.nas_job_output of the + jobs will not be returned. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureOnlineStore' + $ref: '#/components/schemas/GoogleCloudAiplatformV1NasJob' + type: array nextPageToken: description: >- - A token, which can be sent as - ListFeatureOnlineStoresRequest.page_token to retrieve the next page. - If this field is omitted, there are no subsequent pages. + A token to retrieve the next page of results. Pass to + ListNasJobsRequest.page_token to obtain that page. type: string - GoogleCloudAiplatformV1FeatureView: - id: GoogleCloudAiplatformV1FeatureView - description: >- - FeatureView is representation of values that the FeatureOnlineStore will - serve based on its syncConfig. + id: GoogleCloudAiplatformV1ListNasJobsResponse + GoogleCloudAiplatformV1Artifact: type: object properties: - bigQuerySource: + uri: description: >- - Optional. Configures how data is supposed to be extracted from a - BigQuery source to be loaded onto the FeatureOnlineStore. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureViewBigQuerySource - featureRegistrySource: + The uniform resource identifier of the artifact file. May be empty + if there is no actual artifact file. + type: string + etag: description: >- - Optional. Configures the features from a Feature Registry source - that need to be loaded onto the FeatureOnlineStore. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureViewFeatureRegistrySource - vertexRagSource: - description: Optional. The Vertex RAG Source that the FeatureView is linked to. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureViewVertexRagSource - name: + An eTag used to perform consistent read-modify-write updates. If not + set, a blind "overwrite" update happens. + type: string + schemaVersion: description: >- - Identifier. Name of the FeatureView. Format: - `projects/{project}/locations/{location}/featureOnlineStores/{feature_online_store}/featureViews/{feature_view}` + The version of the schema in schema_name to use. Schema title and + version is expected to be registered in earlier Create Schema calls. + And both are used together as unique identifiers to identify schemas + within the local metadata store. type: string + labels: + description: >- + The labels with user-defined metadata to organize your Artifacts. + Label keys and values can be no longer than 64 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. No + more than 64 user labels can be associated with one Artifact (System + labels are excluded). + additionalProperties: + type: string + type: object createTime: - description: Output only. Timestamp when this FeatureView was created. - readOnly: true type: string format: google-datetime - updateTime: - description: Output only. Timestamp when this FeatureView was last updated. + description: Output only. Timestamp when this Artifact was created. readOnly: true + description: + description: Description of the Artifact type: string - format: google-datetime - etag: - description: >- - Optional. Used to perform consistent read-modify-write updates. If - not set, a blind "overwrite" update happens. - type: string - labels: + metadata: description: >- - Optional. The labels with user-defined metadata to organize your - FeatureViews. Label keys and values can be no longer than 64 - characters (Unicode codepoints), can only contain lowercase letters, - numeric characters, underscores and dashes. International characters - are allowed. See https://goo.gl/xmQnxf for more information on and - examples of labels. No more than 64 user labels can be associated - with one FeatureOnlineStore(System labels are excluded)." System - reserved label keys are prefixed with "aiplatform.googleapis.com/" - and are immutable. + Properties of the Artifact. Top level metadata keys' heading and + trailing spaces will be trimmed. The size of this field should not + exceed 200KB. type: object additionalProperties: - type: string - syncConfig: + description: Properties of the object. + type: any + displayName: + type: string description: >- - Configures when data is to be synced/updated for this FeatureView. - At the end of the sync the latest featureValues for each entityId of - this FeatureView are made ready for online serving. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureViewSyncConfig' - indexConfig: - description: >- - Optional. Configuration for index preparation for vector search. It - contains the required configurations to create an index from source - data, so that approximate nearest neighbor (a.k.a ANN) algorithms - search can be performed during online serving. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureViewIndexConfig' - optimizedConfig: - description: >- - Optional. Configuration for FeatureView created under Optimized - FeatureOnlineStore. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureViewOptimizedConfig - serviceAgentType: + User provided display name of the Artifact. May be up to 128 Unicode + characters. + updateTime: + readOnly: true + type: string + description: Output only. Timestamp when this Artifact was last updated. + format: google-datetime + name: + type: string + description: Output only. The resource name of the Artifact. + readOnly: true + schemaTitle: description: >- - Optional. Service agent type used during data sync. By default, the - Vertex AI Service Agent is used. When using an IAM Policy to isolate - this FeatureView within a project, a separate service account should - be provisioned by setting this field to - `SERVICE_AGENT_TYPE_FEATURE_VIEW`. This will generate a separate - service account to access the BigQuery source table. + The title of the schema describing the metadata. Schema title and + version is expected to be registered in earlier Create Schema calls. + And both are used together as unique identifiers to identify schemas + within the local metadata store. type: string + state: + enum: + - STATE_UNSPECIFIED + - PENDING + - LIVE enumDescriptions: - - By default, the project-level Vertex AI Service Agent is enabled. + - Unspecified state for the Artifact. - >- - Indicates the project-level Vertex AI Service Agent - (https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) - will be used during sync jobs. + A state used by systems like Vertex AI Pipelines to indicate that + the underlying data item represented by this Artifact is being + created. - >- - Enable a FeatureView service account to be created by Vertex AI - and output in the field `service_account_email`. This service - account will be used to read from the source BigQuery table during - sync. - enum: - - SERVICE_AGENT_TYPE_UNSPECIFIED - - SERVICE_AGENT_TYPE_PROJECT - - SERVICE_AGENT_TYPE_FEATURE_VIEW - serviceAccountEmail: - description: >- - Output only. A Service Account unique to this FeatureView. The role - bigquery.dataViewer should be granted to this service account to - allow Vertex AI Feature Store to sync data to the online store. - readOnly: true + A state indicating that the Artifact should exist, unless + something external to the system deletes it. type: string - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - GoogleCloudAiplatformV1FeatureViewBigQuerySource: - id: GoogleCloudAiplatformV1FeatureViewBigQuerySource + description: >- + The state of this Artifact. This is a property of the Artifact, and + does not imply or capture any ongoing process. This property is + managed by clients (such as Vertex AI Pipelines), and the system + does not prescribe or check the validity of state transitions. + id: GoogleCloudAiplatformV1Artifact + description: Instance of a general artifact. + GoogleCloudAiplatformV1ExamplesExampleGcsSource: + id: GoogleCloudAiplatformV1ExamplesExampleGcsSource + description: The Cloud Storage input instances. type: object properties: - uri: - description: >- - Required. The BigQuery view URI that will be materialized on each - sync trigger based on FeatureView.SyncConfig. + dataFormat: + enum: + - DATA_FORMAT_UNSPECIFIED + - JSONL type: string - entityIdColumns: - description: Required. Columns to construct entity_id / row keys. - type: array - items: - type: string - GoogleCloudAiplatformV1FeatureViewFeatureRegistrySource: - id: GoogleCloudAiplatformV1FeatureViewFeatureRegistrySource - description: >- - A Feature Registry source for features that need to be synced to Online - Store. - type: object + enumDescriptions: + - Format unspecified, used when unset. + - Examples are stored in JSONL files. + description: >- + The format in which instances are given, if not specified, assume + it's JSONL format. Currently only JSONL format is supported. + gcsSource: + description: The Cloud Storage location for the input instances. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' + GoogleCloudAiplatformV1GeminiPreferenceExample: properties: - featureGroups: - description: Required. List of features that need to be synced to Online Store. + completions: + description: List of completions for a given prompt. type: array items: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureViewFeatureRegistrySourceFeatureGroup - projectNumber: - description: >- - Optional. The project number of the parent project of the Feature - Groups. - type: string - format: int64 - GoogleCloudAiplatformV1FeatureViewFeatureRegistrySourceFeatureGroup: - id: GoogleCloudAiplatformV1FeatureViewFeatureRegistrySourceFeatureGroup - description: >- - Features belonging to a single feature group that will be synced to - Online Store. - type: object - properties: - featureGroupId: - description: Required. Identifier of the feature group. - type: string - featureIds: - description: Required. Identifiers of features under the feature group. + #/components/schemas/GoogleCloudAiplatformV1GeminiPreferenceExampleCompletion + contents: + description: Multi-turn contents that represents the Prompt. type: array items: - type: string - GoogleCloudAiplatformV1FeatureViewVertexRagSource: - id: GoogleCloudAiplatformV1FeatureViewVertexRagSource - description: A Vertex Rag source for features that need to be synced to Online Store. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + description: Input example for preference optimization. + id: GoogleCloudAiplatformV1GeminiPreferenceExample type: object - properties: - uri: - description: >- - Required. The BigQuery view/table URI that will be materialized on - each manual sync trigger. The table/view is expected to have the - following columns and types at least: - `corpus_id` (STRING, - NULLABLE/REQUIRED) - `file_id` (STRING, NULLABLE/REQUIRED) - - `chunk_id` (STRING, NULLABLE/REQUIRED) - `chunk_data_type` (STRING, - NULLABLE/REQUIRED) - `chunk_data` (STRING, NULLABLE/REQUIRED) - - `embeddings` (FLOAT, REPEATED) - `file_original_uri` (STRING, - NULLABLE/REQUIRED) - type: string - ragCorpusId: - description: Optional. The RAG corpus id corresponding to this FeatureView. - type: string - format: int64 - GoogleCloudAiplatformV1FeatureViewSyncConfig: - id: GoogleCloudAiplatformV1FeatureViewSyncConfig - description: Configuration for Sync. Only one option is set. + GoogleCloudAiplatformV1PublisherModelCallToActionDeploy: type: object properties: - cron: - description: >- - Cron schedule (https://en.wikipedia.org/wiki/Cron) to launch - scheduled runs. To explicitly set a timezone to the cron tab, apply - a prefix in the cron tab: "CRON_TZ=${IANA_TIME_ZONE}" or - "TZ=${IANA_TIME_ZONE}". The ${IANA_TIME_ZONE} may only be a valid - string from IANA time zone database. For example, - "CRON_TZ=America/New_York 1 * * * *", or "TZ=America/New_York 1 * * - * *". + sharedResources: type: string - continuous: description: >- - Optional. If true, syncs the FeatureView in a continuous manner to - Online Store. - type: boolean - GoogleCloudAiplatformV1FeatureViewIndexConfig: - id: GoogleCloudAiplatformV1FeatureViewIndexConfig - description: Configuration for vector indexing. - type: object - properties: - treeAhConfig: + The resource name of the shared DeploymentResourcePool to deploy on. + Format: + `projects/{project}/locations/{location}/deploymentResourcePools/{deployment_resource_pool}` + dedicatedResources: description: >- - Optional. Configuration options for the tree-AH algorithm (Shallow - tree + Asymmetric Hashing). Please refer to this paper for more - details: https://arxiv.org/abs/1908.10396 - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureViewIndexConfigTreeAHConfig - bruteForceConfig: + A description of resources that are dedicated to the DeployedModel, + and that need a higher degree of manual configuration. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DedicatedResources' + modelDisplayName: + type: string + description: Optional. Default model display name. + title: + type: string + description: Required. The title of the regional resource reference. + containerSpec: description: >- - Optional. Configuration options for using brute force search, which - simply implements the standard linear search in the database for - each query. It is primarily meant for benchmarking and to generate - the ground truth for approximate search. + Optional. The specification of the container that is to be used when + deploying this Model in Vertex AI. Not present for Large Models. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelContainerSpec' + automaticResources: + description: >- + A description of resources that to large degree are decided by + Vertex AI, and require only a modest additional configuration. + $ref: '#/components/schemas/GoogleCloudAiplatformV1AutomaticResources' + deployMetadata: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureViewIndexConfigBruteForceConfig - embeddingColumn: + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionDeployDeployMetadata + description: Optional. Metadata information about this deployment config. + deployTaskName: description: >- - Optional. Column of embedding. This column contains the source data - to create index for vector search. embedding_column must be set when - using vector search. + Optional. The name of the deploy task (e.g., "text to image + generation"). type: string - filterColumns: - description: >- - Optional. Columns of features that're used to filter vector search - results. - type: array - items: - type: string - crowdingColumn: + largeModelReference: description: >- - Optional. Column of crowding. This column contains crowding - attribute which is a constraint on a neighbor list produced by - FeatureOnlineStoreService.SearchNearestEntities to diversify search - results. If - NearestNeighborQuery.per_crowding_attribute_neighbor_count is set to - K in SearchNearestEntitiesRequest, it's guaranteed that no more than - K entities of the same crowding attribute are returned in the - response. - type: string - embeddingDimension: - description: Optional. The number of dimensions of the input embedding. - type: integer - format: int32 - distanceMeasureType: - description: Optional. The distance measure used in nearest neighbor search. + Optional. Large model reference. When this is set, + model_artifact_spec is not needed. + $ref: '#/components/schemas/GoogleCloudAiplatformV1LargeModelReference' + artifactUri: type: string - enumDescriptions: - - Should not be set. - - Euclidean (L_2) Distance. - - >- - Cosine Distance. Defined as 1 - cosine similarity. We strongly - suggest using DOT_PRODUCT_DISTANCE + UNIT_L2_NORM instead of - COSINE distance. Our algorithms have been more optimized for - DOT_PRODUCT distance which, when combined with UNIT_L2_NORM, is - mathematically equivalent to COSINE distance and results in the - same ranking. - - Dot Product Distance. Defined as a negative of the dot product. - enum: - - DISTANCE_MEASURE_TYPE_UNSPECIFIED - - SQUARED_L2_DISTANCE - - COSINE_DISTANCE - - DOT_PRODUCT_DISTANCE - GoogleCloudAiplatformV1FeatureViewIndexConfigTreeAHConfig: - id: GoogleCloudAiplatformV1FeatureViewIndexConfigTreeAHConfig - description: Configuration options for the tree-AH algorithm. - type: object - properties: - leafNodeEmbeddingCount: description: >- - Optional. Number of embeddings on each leaf node. The default value - is 1000 if not set. + Optional. The path to the directory containing the Model artifact + and any of its supporting files. + publicArtifactUri: type: string - format: int64 - GoogleCloudAiplatformV1FeatureViewIndexConfigBruteForceConfig: - id: GoogleCloudAiplatformV1FeatureViewIndexConfigBruteForceConfig - description: Configuration options for using brute force search. - type: object - properties: {} - GoogleCloudAiplatformV1FeatureViewOptimizedConfig: - id: GoogleCloudAiplatformV1FeatureViewOptimizedConfig - description: Configuration for FeatureViews created in Optimized FeatureOnlineStore. - type: object - properties: - automaticResources: description: >- - Optional. A description of resources that the FeatureView uses, - which to large degree are decided by Vertex AI, and optionally - allows only a modest additional configuration. If min_replica_count - is not set, the default value is 2. If max_replica_count is not set, - the default value is 6. The max allowed replica count is 1000. - $ref: '#/components/schemas/GoogleCloudAiplatformV1AutomaticResources' - GoogleCloudAiplatformV1ListFeatureViewsResponse: - id: GoogleCloudAiplatformV1ListFeatureViewsResponse - description: Response message for FeatureOnlineStoreAdminService.ListFeatureViews. + Optional. The signed URI for ephemeral Cloud Storage access to model + artifact. + description: >- + Model metadata that is needed for UploadModel or + DeployModel/CreateEndpoint requests. + id: GoogleCloudAiplatformV1PublisherModelCallToActionDeploy + GoogleCloudAiplatformV1MemoryBankCustomizationConfigGenerateMemoriesExampleConversationSource: type: object + id: >- + GoogleCloudAiplatformV1MemoryBankCustomizationConfigGenerateMemoriesExampleConversationSource + description: >- + A conversation source for the example. This is similar to + `DirectContentsSource`. properties: - featureViews: - description: The FeatureViews matching the request. + events: + description: Optional. The input conversation events for the example. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureView' - nextPageToken: - description: >- - A token, which can be sent as ListFeatureViewsRequest.page_token to - retrieve the next page. If this field is omitted, there are no - subsequent pages. - type: string - GoogleCloudAiplatformV1SyncFeatureViewRequest: - id: GoogleCloudAiplatformV1SyncFeatureViewRequest - description: Request message for FeatureOnlineStoreAdminService.SyncFeatureView. - type: object - properties: {} - GoogleCloudAiplatformV1SyncFeatureViewResponse: - id: GoogleCloudAiplatformV1SyncFeatureViewResponse - description: Response message for FeatureOnlineStoreAdminService.SyncFeatureView. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MemoryBankCustomizationConfigGenerateMemoriesExampleConversationSourceEvent + GoogleCloudAiplatformV1BigQueryRequestSet: type: object properties: - featureViewSync: - description: >- - Format: - `projects/{project}/locations/{location}/featureOnlineStores/{feature_online_store}/featureViews/{feature_view}/featureViewSyncs/{feature_view_sync}` + rubricsColumn: type: string - GoogleCloudAiplatformV1FeatureViewSync: - id: GoogleCloudAiplatformV1FeatureViewSync - description: >- - FeatureViewSync is a representation of sync operation which copies data - from data source to Feature View in Online Store. - type: object - properties: - name: description: >- - Identifier. Name of the FeatureViewSync. Format: - `projects/{project}/locations/{location}/featureOnlineStores/{feature_online_store}/featureViews/{feature_view}/featureViewSyncs/{feature_view_sync}` + Optional. The name of the column that contains the rubrics. This is + in evaluation_rubric.RubricGroup format. + candidateResponseColumns: + additionalProperties: + type: string + type: object + description: >- + Optional. Map of candidate name to candidate response column name. + The column will be in evaluation_item.CandidateResponse format. + uri: + description: >- + Required. The URI of a BigQuery table. e.g. + bq://projectId.bqDatasetId.bqTableId type: string - createTime: + promptColumn: description: >- - Output only. Time when this FeatureViewSync is created. Creation of - a FeatureViewSync means that the job is pending / waiting for - sufficient resources but may not have started the actual data - transfer yet. - readOnly: true + Optional. The name of the column that contains the requests to + evaluate. This will be in evaluation_item.EvalPrompt format. type: string - format: google-datetime - runTime: - description: Output only. Time when this FeatureViewSync is finished. - readOnly: true - $ref: '#/components/schemas/GoogleTypeInterval' - finalStatus: - description: Output only. Final status of the FeatureViewSync. - readOnly: true - $ref: '#/components/schemas/GoogleRpcStatus' - syncSummary: - description: Output only. Summary of the sync job. - readOnly: true + samplingConfig: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureViewSyncSyncSummary - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - GoogleCloudAiplatformV1FeatureViewSyncSyncSummary: - id: GoogleCloudAiplatformV1FeatureViewSyncSyncSummary - description: >- - Summary from the Sync job. For continuous syncs, the summary is updated - periodically. For batch syncs, it gets updated on completion of the - sync. - type: object + #/components/schemas/GoogleCloudAiplatformV1BigQueryRequestSetSamplingConfig + description: Optional. The sampling config for the bigquery resource. + id: GoogleCloudAiplatformV1BigQueryRequestSet + description: The request set for the evaluation run. + GoogleCloudAiplatformV1WriteTensorboardRunDataRequest: + description: Request message for TensorboardService.WriteTensorboardRunData. + id: GoogleCloudAiplatformV1WriteTensorboardRunDataRequest properties: - rowSynced: - description: Output only. Total number of rows synced. - readOnly: true - type: string - format: int64 - totalSlot: - description: Output only. BigQuery slot milliseconds consumed for the sync job. - readOnly: true + tensorboardRun: type: string - format: int64 - systemWatermarkTime: description: >- - Lower bound of the system time watermark for the sync job. This is - only set for continuously syncing feature views. - type: string - format: google-datetime - GoogleCloudAiplatformV1ListFeatureViewSyncsResponse: - id: GoogleCloudAiplatformV1ListFeatureViewSyncsResponse - description: >- - Response message for - FeatureOnlineStoreAdminService.ListFeatureViewSyncs. - type: object - properties: - featureViewSyncs: - description: The FeatureViewSyncs matching the request. - type: array + Required. The resource name of the TensorboardRun to write data to. + Format: + `projects/{project}/locations/{location}/tensorboards/{tensorboard}/experiments/{experiment}/runs/{run}` + timeSeriesData: items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureViewSync' - nextPageToken: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TimeSeriesData' + type: array description: >- - A token, which can be sent as ListFeatureViewSyncsRequest.page_token - to retrieve the next page. If this field is omitted, there are no - subsequent pages. - type: string - GoogleCloudAiplatformV1FetchFeatureValuesRequest: - id: GoogleCloudAiplatformV1FetchFeatureValuesRequest - description: >- - Request message for FeatureOnlineStoreService.FetchFeatureValues. All - the features under the requested feature view will be returned. + Required. The TensorboardTimeSeries data to write. Values with in a + time series are indexed by their step value. Repeated writes to the + same step will overwrite the existing value for that step. The upper + limit of data points per write request is 5000. + type: object + GoogleCloudAiplatformV1GroundednessSpec: + description: Spec for groundedness metric. type: object properties: - dataKey: - description: Optional. The request key to fetch feature values for. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureViewDataKey' - dataFormat: - description: >- - Optional. Response data format. If not set, - FeatureViewDataFormat.KEY_VALUE will be used. - type: string - enumDescriptions: - - Not set. Will be treated as the KeyValue format. - - Return response data in key-value format. - - Return response data in proto Struct format. - enum: - - FEATURE_VIEW_DATA_FORMAT_UNSPECIFIED - - KEY_VALUE - - PROTO_STRUCT - GoogleCloudAiplatformV1FeatureViewDataKey: - id: GoogleCloudAiplatformV1FeatureViewDataKey - description: Lookup key for a feature view. + version: + description: Optional. Which version to use for evaluation. + type: integer + format: int32 + id: GoogleCloudAiplatformV1GroundednessSpec + GoogleCloudAiplatformV1RubricContent: + id: GoogleCloudAiplatformV1RubricContent type: object properties: - key: - description: String key to use for lookup. - type: string - compositeKey: - description: >- - The actual Entity ID will be composed from this struct. This should - match with the way ID is defined in the FeatureView spec. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureViewDataKeyCompositeKey - GoogleCloudAiplatformV1FeatureViewDataKeyCompositeKey: - id: GoogleCloudAiplatformV1FeatureViewDataKeyCompositeKey - description: ID that is comprised from several parts (columns). + property: + description: Evaluation criteria based on a specific property. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RubricContentProperty' + description: Content of the rubric, defining the testable criteria. + GoogleCloudAiplatformV1NotebookExecutionJobCustomEnvironmentSpec: type: object + description: Compute configuration to use for an execution job. + id: GoogleCloudAiplatformV1NotebookExecutionJobCustomEnvironmentSpec properties: - parts: + networkSpec: + description: The network configuration to use for the execution job. + $ref: '#/components/schemas/GoogleCloudAiplatformV1NetworkSpec' + machineSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1MachineSpec' + description: The specification of a single machine for the execution job. + persistentDiskSpec: description: >- - Parts to construct Entity ID. Should match with the same ID columns - as defined in FeatureView in the same order. - type: array - items: - type: string - GoogleCloudAiplatformV1FetchFeatureValuesResponse: - id: GoogleCloudAiplatformV1FetchFeatureValuesResponse - description: Response message for FeatureOnlineStoreService.FetchFeatureValues - type: object + The specification of a persistent disk to attach for the execution + job. + $ref: '#/components/schemas/GoogleCloudAiplatformV1PersistentDiskSpec' + GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpec: properties: - keyValues: - description: Feature values in KeyValue format. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FetchFeatureValuesResponseFeatureNameValuePairList - protoStruct: - description: Feature values in proto Struct format. - type: object + configs: additionalProperties: - type: any - description: Properties of the object. - dataKey: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecSliceConfig description: >- - The data key associated with this response. Will only be populated - for FeatureOnlineStoreService.StreamingFetchFeatureValues RPCs. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureViewDataKey' - GoogleCloudAiplatformV1FetchFeatureValuesResponseFeatureNameValuePairList: - id: >- - GoogleCloudAiplatformV1FetchFeatureValuesResponseFeatureNameValuePairList - description: >- - Response structure in the format of key (feature name) and (feature) - value pair. + Mapping configuration for this SliceSpec. The key is the name of the + feature. By default, the key will be prefixed by "instance" as a + dictionary prefix for Vertex Batch Predictions output format. + type: object + id: GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpec + type: object + description: Specification for how the data should be sliced. + GoogleCloudAiplatformV1PurgeArtifactsResponse: type: object + id: GoogleCloudAiplatformV1PurgeArtifactsResponse + description: Response message for MetadataService.PurgeArtifacts. properties: - features: - description: List of feature names and values. - type: array + purgeCount: + type: string + description: >- + The number of Artifacts that this request deleted (or, if `force` is + false, the number of Artifacts that will be deleted). This can be an + estimate. + format: int64 + purgeSample: items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FetchFeatureValuesResponseFeatureNameValuePairListFeatureNameValuePair - GoogleCloudAiplatformV1FetchFeatureValuesResponseFeatureNameValuePairListFeatureNameValuePair: + type: string + description: >- + A sample of the Artifact names that will be deleted. Only populated + if `force` is set to false. The maximum number of samples is 100 (it + is possible to return fewer). + type: array + GoogleCloudAiplatformV1ModelMonitoringStatsAnomaliesFeatureHistoricStatsAnomalies: id: >- - GoogleCloudAiplatformV1FetchFeatureValuesResponseFeatureNameValuePairListFeatureNameValuePair - description: Feature name & value pair. + GoogleCloudAiplatformV1ModelMonitoringStatsAnomaliesFeatureHistoricStatsAnomalies type: object properties: - value: - description: Feature value. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValue' - name: - description: Feature short name. + threshold: + description: Threshold for anomaly detection. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ThresholdConfig' + featureDisplayName: type: string - GoogleCloudAiplatformV1SearchNearestEntitiesRequest: - id: GoogleCloudAiplatformV1SearchNearestEntitiesRequest - description: The request message for FeatureOnlineStoreService.SearchNearestEntities. - type: object - properties: - query: - description: Required. The query. - $ref: '#/components/schemas/GoogleCloudAiplatformV1NearestNeighborQuery' - returnFullEntity: + description: Display Name of the Feature. + predictionStats: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureStatsAnomaly' description: >- - Optional. If set to true, the full entities (including all vector - values and metadata) of the nearest neighbors are returned; - otherwise only entity id of the nearest neighbors will be returned. - Note that returning full entities will significantly increase the - latency and cost of the query. - type: boolean - GoogleCloudAiplatformV1NearestNeighborQuery: - id: GoogleCloudAiplatformV1NearestNeighborQuery - description: A query to find a number of similar entities. + A list of historical stats generated by different time window's + Prediction Dataset. + type: array + trainingStats: + description: Stats calculated for the Training Dataset. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureStatsAnomaly' + description: Historical Stats (and Anomalies) for a specific Feature. + GoogleCloudAiplatformV1Featurestore: type: object + id: GoogleCloudAiplatformV1Featurestore properties: - entityId: + createTime: + type: string + readOnly: true + format: google-datetime + description: Output only. Timestamp when this Featurestore was created. + labels: description: >- - Optional. The entity id whose similar entities should be searched - for. If embedding is set, search will use embedding instead of - entity_id. + Optional. The labels with user-defined metadata to organize your + Featurestore. Label keys and values can be no longer than 64 + characters (Unicode codepoints), can only contain lowercase letters, + numeric characters, underscores and dashes. International characters + are allowed. See https://goo.gl/xmQnxf for more information on and + examples of labels. No more than 64 user labels can be associated + with one Featurestore(System labels are excluded)." System reserved + label keys are prefixed with "aiplatform.googleapis.com/" and are + immutable. + type: object + additionalProperties: + type: string + name: + description: >- + Output only. Name of the Featurestore. Format: + `projects/{project}/locations/{location}/featurestores/{featurestore}` type: string - embedding: - description: Optional. The embedding vector that be used for similar search. + readOnly: true + updateTime: + readOnly: true + description: Output only. Timestamp when this Featurestore was last updated. + format: google-datetime + type: string + onlineServingConfig: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NearestNeighborQueryEmbedding - neighborCount: + #/components/schemas/GoogleCloudAiplatformV1FeaturestoreOnlineServingConfig description: >- - Optional. The number of similar entities to be retrieved from - feature view for each query. - type: integer - format: int32 - stringFilters: - description: Optional. The list of string filters. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NearestNeighborQueryStringFilter - numericFilters: - description: Optional. The list of numeric filters. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NearestNeighborQueryNumericFilter - perCrowdingAttributeNeighborCount: + Optional. Config for online storage resources. The field should not + co-exist with the field of `OnlineStoreReplicationConfig`. If both + of it and OnlineStoreReplicationConfig are unset, the feature store + will not have an online store and cannot be used for online serving. + etag: + type: string description: >- - Optional. Crowding is a constraint on a neighbor list produced by - nearest neighbor search requiring that no more than - sper_crowding_attribute_neighbor_count of the k neighbors returned - have the same value of crowding_attribute. It's used for improving - result diversity. + Optional. Used to perform consistent read-modify-write updates. If + not set, a blind "overwrite" update happens. + encryptionSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + description: >- + Optional. Customer-managed encryption key spec for data storage. If + set, both of the online and offline data storage will be secured by + this key. + satisfiesPzi: + type: boolean + readOnly: true + description: Output only. Reserved for future use. + state: + readOnly: true + enum: + - STATE_UNSPECIFIED + - STABLE + - UPDATING + enumDescriptions: + - Default value. This value is unused. + - >- + State when the featurestore configuration is not being updated and + the fields reflect the current configuration of the featurestore. + The featurestore is usable in this state. + - >- + The state of the featurestore configuration when it is being + updated. During an update, the fields reflect either the original + configuration or the updated configuration of the featurestore. + For example, `online_serving_config.fixed_node_count` can take + minutes to update. While the update is in progress, the + featurestore is in the UPDATING state, and the value of + `fixed_node_count` can be the original value or the updated value, + depending on the progress of the operation. Until the update + completes, the actual number of nodes can still be the original + value of `fixed_node_count`. The featurestore is still usable in + this state. + type: string + description: Output only. State of the featurestore. + onlineStorageTtlDays: + description: >- + Optional. TTL in days for feature values that will be stored in + online serving storage. The Feature Store online storage + periodically removes obsolete feature values older than + `online_storage_ttl_days` since the feature generation time. Note + that `online_storage_ttl_days` should be less than or equal to + `offline_storage_ttl_days` for each EntityType under a featurestore. + If not set, default to 4000 days type: integer format: int32 - parameters: - description: Optional. Parameters that can be set to tune query on the fly. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NearestNeighborQueryParameters - GoogleCloudAiplatformV1NearestNeighborQueryEmbedding: - id: GoogleCloudAiplatformV1NearestNeighborQueryEmbedding - description: The embedding vector. + satisfiesPzs: + description: Output only. Reserved for future use. + type: boolean + readOnly: true + description: >- + Vertex AI Feature Store provides a centralized repository for + organizing, storing, and serving ML features. The Featurestore is a + top-level container for your features and their values. + GoogleCloudAiplatformV1SpeakerVoiceConfig: type: object + description: Configuration for a single speaker in a multi-speaker setup. + id: GoogleCloudAiplatformV1SpeakerVoiceConfig properties: - value: - description: Optional. Individual value in the embedding. - type: array - items: - type: number - format: float - GoogleCloudAiplatformV1NearestNeighborQueryStringFilter: - id: GoogleCloudAiplatformV1NearestNeighborQueryStringFilter + speaker: + type: string + description: >- + Required. The name of the speaker. This should be the same as the + speaker name used in the prompt. + voiceConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1VoiceConfig' + description: Required. The configuration for the voice of this speaker. + GoogleCloudAiplatformV1RaySpec: description: >- - String filter is used to search a subset of the entities by using - boolean rules on string columns. For example: if a query specifies - string filter with 'name = color, allow_tokens = {red, blue}, - deny_tokens = {purple}',' then that query will match entities that are - red or blue, but if those points are also purple, then they will be - excluded even if they are red/blue. Only string filter is supported for - now, numeric filter will be supported in the near future. - type: object + Configuration information for the Ray cluster. For experimental launch, + Ray cluster creation and Persistent cluster creation are 1:1 mapping: We + will provision all the nodes within the Persistent cluster as Ray nodes. + id: GoogleCloudAiplatformV1RaySpec properties: - name: - description: Required. Column names in BigQuery that used as filters. + imageUri: + description: >- + Optional. Default image for user to choose a preferred ML framework + (for example, TensorFlow or Pytorch) by choosing from [Vertex + prebuilt + images](https://cloud.google.com/vertex-ai/docs/training/pre-built-containers). + Either this or the resource_pool_images is required. Use this field + if you need all the resource pools to have the same Ray image. + Otherwise, use the {@code resource_pool_images} field. type: string - allowTokens: - description: Optional. The allowed tokens. - type: array - items: - type: string - denyTokens: - description: Optional. The denied tokens. - type: array - items: + rayMetricSpec: + description: Optional. Ray metrics configurations. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RayMetricSpec' + resourcePoolImages: + additionalProperties: type: string - GoogleCloudAiplatformV1NearestNeighborQueryNumericFilter: - id: GoogleCloudAiplatformV1NearestNeighborQueryNumericFilter + type: object + description: >- + Optional. Required if image_uri isn't set. A map of resource_pool_id + to prebuild Ray image if user need to use different images for + different head/worker pools. This map needs to cover all the + resource pool ids. Example: { "ray_head_node_pool": "head image" + "ray_worker_node_pool1": "worker image" "ray_worker_node_pool2": + "another worker image" } + headNodeResourcePoolId: + description: >- + Optional. This will be used to indicate which resource pool will + serve as the Ray head node(the first node within that pool). Will + use the machine from the first workerpool as the head node by + default if this field isn't set. + type: string + rayLogsSpec: + description: Optional. OSS Ray logging configurations. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RayLogsSpec' + type: object + GoogleCloudAiplatformV1AutoscalingMetricSpec: description: >- - Numeric filter is used to search a subset of the entities by using - boolean rules on numeric columns. For example: Database Point 0: {name: - "a" value_int: 42} {name: "b" value_float: 1.0} Database Point 1: {name: - "a" value_int: 10} {name: "b" value_float: 2.0} Database Point 2: {name: - "a" value_int: -1} {name: "b" value_float: 3.0} Query: {name: "a" - value_int: 12 operator: LESS} // Matches Point 1, 2 {name: "b" - value_float: 2.0 operator: EQUAL} // Matches Point 1 + The metric specification that defines the target resource utilization + (CPU utilization, accelerator's duty cycle, and so on) for calculating + the desired replica count. type: object properties: - valueInt: - description: int value type. + target: + type: integer + format: int32 + description: >- + The target resource utilization in percentage (1% - 100%) for the + given metric; once the real usage deviates from the target by a + certain percentage, the machine replicas change. The default value + is 60 (representing 60%) if not provided. + metricName: + description: >- + Required. The resource metric name. Supported metrics: * For Online + Prediction: * + `aiplatform.googleapis.com/prediction/online/accelerator/duty_cycle` + * `aiplatform.googleapis.com/prediction/online/cpu/utilization` * + `aiplatform.googleapis.com/prediction/online/request_count` * + `pubsub.googleapis.com/subscription/num_undelivered_messages` type: string - format: int64 - valueFloat: - description: float value type. - type: number - format: float - valueDouble: - description: double value type. - type: number - format: double - name: - description: Required. Column name in BigQuery that used as filters. + id: GoogleCloudAiplatformV1AutoscalingMetricSpec + GoogleCloudAiplatformV1SafetySetting: + description: >- + A safety setting that affects the safety-blocking behavior. A + SafetySetting consists of a harm category and a threshold for that + category. + properties: + threshold: + description: >- + Required. The threshold for blocking content. If the harm + probability exceeds this threshold, the content will be blocked. + enum: + - HARM_BLOCK_THRESHOLD_UNSPECIFIED + - BLOCK_LOW_AND_ABOVE + - BLOCK_MEDIUM_AND_ABOVE + - BLOCK_ONLY_HIGH + - BLOCK_NONE + - 'OFF' + enumDescriptions: + - The harm block threshold is unspecified. + - Block content with a low harm probability or higher. + - Block content with a medium harm probability or higher. + - Block content with a high harm probability. + - Do not block any content, regardless of its harm probability. + - Turn off the safety filter entirely. type: string - op: + method: description: >- - Optional. This MUST be specified for queries and must NOT be - specified for database points. + Optional. The method for blocking content. If not specified, the + default behavior is to use the probability score. + enumDescriptions: + - The harm block method is unspecified. + - The harm block method uses both probability and severity scores. + - The harm block method uses the probability score. + type: string + enum: + - HARM_BLOCK_METHOD_UNSPECIFIED + - SEVERITY + - PROBABILITY + category: type: string enumDescriptions: - - Unspecified operator. - - Entities are eligible if their value is < the query's. - - Entities are eligible if their value is <= the query's. - - Entities are eligible if their value is == the query's. - - Entities are eligible if their value is >= the query's. - - Entities are eligible if their value is > the query's. - - Entities are eligible if their value is != the query's. + - Default value. This value is unused. + - >- + Content that promotes violence or incites hatred against + individuals or groups based on certain attributes. + - >- + Content that promotes, facilitates, or enables dangerous + activities. + - >- + Abusive, threatening, or content intended to bully, torment, or + ridicule. + - Content that contains sexually explicit material. + - >- + Deprecated: Election filter is not longer supported. The harm + category is civic integrity. + - Images that contain hate speech. + - Images that contain dangerous content. + - Images that contain harassment. + - Images that contain sexually explicit content. + - Prompts designed to bypass safety filters. enum: - - OPERATOR_UNSPECIFIED - - LESS - - LESS_EQUAL - - EQUAL - - GREATER_EQUAL - - GREATER - - NOT_EQUAL - GoogleCloudAiplatformV1NearestNeighborQueryParameters: - id: GoogleCloudAiplatformV1NearestNeighborQueryParameters - description: >- - Parameters that can be overrided in each query to tune query latency and - recall. + - HARM_CATEGORY_UNSPECIFIED + - HARM_CATEGORY_HATE_SPEECH + - HARM_CATEGORY_DANGEROUS_CONTENT + - HARM_CATEGORY_HARASSMENT + - HARM_CATEGORY_SEXUALLY_EXPLICIT + - HARM_CATEGORY_CIVIC_INTEGRITY + - HARM_CATEGORY_IMAGE_HATE + - HARM_CATEGORY_IMAGE_DANGEROUS_CONTENT + - HARM_CATEGORY_IMAGE_HARASSMENT + - HARM_CATEGORY_IMAGE_SEXUALLY_EXPLICIT + - HARM_CATEGORY_JAILBREAK + description: Required. The harm category to be blocked. + enumDeprecated: + - false + - false + - false + - false + - false + - true + - false + - false + - false + - false + - false + type: object + id: GoogleCloudAiplatformV1SafetySetting + GoogleCloudAiplatformV1RebootPersistentResourceOperationMetadata: type: object + description: Details of operations that perform reboot PersistentResource. + id: GoogleCloudAiplatformV1RebootPersistentResourceOperationMetadata properties: - approximateNeighborCandidates: - description: >- - Optional. The number of neighbors to find via approximate search - before exact reordering is performed; if set, this value must be > - neighbor_count. - type: integer - format: int32 - leafNodesSearchFraction: - description: >- - Optional. The fraction of the number of leaves to search, set at - query time allows user to tune search performance. This value - increase result in both search accuracy and latency increase. The - value should be between 0.0 and 1.0. - type: number - format: double - GoogleCloudAiplatformV1SearchNearestEntitiesResponse: - id: GoogleCloudAiplatformV1SearchNearestEntitiesResponse - description: Response message for FeatureOnlineStoreService.SearchNearestEntities + progressMessage: + description: Progress Message for Reboot LRO + type: string + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Operation metadata for PersistentResource. + GoogleCloudAiplatformV1ResourceRuntimeSpec: type: object properties: - nearestNeighbors: - description: The nearest neighbors of the query entity. - $ref: '#/components/schemas/GoogleCloudAiplatformV1NearestNeighbors' - GoogleCloudAiplatformV1NearestNeighbors: - id: GoogleCloudAiplatformV1NearestNeighbors - description: Nearest neighbors for one query. + raySpec: + description: >- + Optional. Ray cluster configuration. Required when creating a + dedicated RayCluster on the PersistentResource. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RaySpec' + serviceAccountSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ServiceAccountSpec' + description: >- + Optional. Configure the use of workload identity on the + PersistentResource + id: GoogleCloudAiplatformV1ResourceRuntimeSpec + description: >- + Configuration for the runtime on a PersistentResource instance, + including but not limited to: * Service accounts used to run the + workloads. * Whether to make it a dedicated Ray Cluster. + GoogleCloudAiplatformV1BatchCreateTensorboardRunsResponse: type: object + description: Response message for TensorboardService.BatchCreateTensorboardRuns. + id: GoogleCloudAiplatformV1BatchCreateTensorboardRunsResponse properties: - neighbors: - description: All its neighbors. - type: array + tensorboardRuns: items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NearestNeighborsNeighbor - GoogleCloudAiplatformV1NearestNeighborsNeighbor: - id: GoogleCloudAiplatformV1NearestNeighborsNeighbor - description: A neighbor of the query vector. - type: object + $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardRun' + type: array + description: The created TensorboardRuns. + GoogleCloudAiplatformV1VertexAiSearchConfig: + id: GoogleCloudAiplatformV1VertexAiSearchConfig properties: - entityId: - description: The id of the similar entity. + servingConfig: type: string - distance: - description: The distance between the neighbor and the query vector. - type: number - format: double - entityKeyValues: description: >- - The attributes of the neighbor, e.g. filters, crowding and metadata - Note that full entities are returned only when "return_full_entity" - is set to true. Otherwise, only the "entity_id" and "distance" - fields are populated. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FetchFeatureValuesResponse - GoogleCloudAiplatformV1FeatureViewDirectWriteRequest: - id: GoogleCloudAiplatformV1FeatureViewDirectWriteRequest - description: Request message for FeatureOnlineStoreService.FeatureViewDirectWrite. + Vertex AI Search Serving Config resource full name. For example, + `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}/servingConfigs/{serving_config}` + or + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/servingConfigs/{serving_config}`. + description: Config for the Vertex AI Search. type: object - properties: - dataKeyAndFeatureValues: - description: Required. The data keys and associated feature values. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureViewDirectWriteRequestDataKeyAndFeatureValues - GoogleCloudAiplatformV1FeatureViewDirectWriteRequestDataKeyAndFeatureValues: - id: >- - GoogleCloudAiplatformV1FeatureViewDirectWriteRequestDataKeyAndFeatureValues - description: A data key and associated feature values to write to the feature view. + GoogleCloudAiplatformV1BatchPredictionJobInstanceConfig: type: object properties: - dataKey: - description: The data key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureViewDataKey' - features: - description: List of features to write. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureViewDirectWriteRequestDataKeyAndFeatureValuesFeature - GoogleCloudAiplatformV1FeatureViewDirectWriteRequestDataKeyAndFeatureValuesFeature: - id: >- - GoogleCloudAiplatformV1FeatureViewDirectWriteRequestDataKeyAndFeatureValuesFeature - description: Feature name & value pair. - type: object - properties: - value: + keyField: + type: string description: >- - Feature value. A user provided timestamp may be set in the - `FeatureValue.metadata.generate_time` field. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValue' - name: - description: Feature short name. + The name of the field that is considered as a key. The values + identified by the key field is not included in the transformed + instances that is sent to the Model. This is similar to specifying + this name of the field in excluded_fields. In addition, the batch + prediction output will not include the instances. Instead the output + will only include the value of the key field, in a field named `key` + in the output: * For `jsonl` output format, the output will have a + `key` field instead of the `instance` field. * For `csv`/`bigquery` + output format, the output will have have a `key` column instead of + the instance feature columns. The input must be JSONL with objects + at each line, CSV, BigQuery or TfRecord. + instanceType: type: string - GoogleCloudAiplatformV1FeatureViewDirectWriteResponse: - id: GoogleCloudAiplatformV1FeatureViewDirectWriteResponse - description: Response message for FeatureOnlineStoreService.FeatureViewDirectWrite. - type: object - properties: - status: description: >- - Response status for the keys listed in - FeatureViewDirectWriteResponse.write_responses. The error only - applies to the listed data keys - the stream will remain open for - further FeatureOnlineStoreService.FeatureViewDirectWriteRequest - requests. Partial failures (e.g. if the first 10 keys of a request - fail, but the rest succeed) from a single request may result in - multiple responses - there will be one response for the successful - request keys and one response for the failing request keys. - $ref: '#/components/schemas/GoogleRpcStatus' - writeResponses: + The format of the instance that the Model accepts. Vertex AI will + convert compatible batch prediction input instance formats to the + specified format. Supported values are: * `object`: Each input is + converted to JSON object format. * For `bigquery`, each row is + converted to an object. * For `jsonl`, each line of the JSONL input + must be an object. * Does not apply to `csv`, `file-list`, + `tf-record`, or `tf-record-gzip`. * `array`: Each input is converted + to JSON array format. * For `bigquery`, each row is converted to an + array. The order of columns is determined by the BigQuery column + order, unless included_fields is populated. included_fields must be + populated for specifying field orders. * For `jsonl`, if each line + of the JSONL input is an object, included_fields must be populated + for specifying field orders. * Does not apply to `csv`, `file-list`, + `tf-record`, or `tf-record-gzip`. If not specified, Vertex AI + converts the batch prediction input as follows: * For `bigquery` and + `csv`, the behavior is the same as `array`. The order of columns is + the same as defined in the file or table, unless included_fields is + populated. * For `jsonl`, the prediction instance format is + determined by each line of the input. * For + `tf-record`/`tf-record-gzip`, each record will be converted to an + object in the format of `{"b64": }`, where `` is the Base64-encoded + string of the content of the record. * For `file-list`, each file in + the list will be converted to an object in the format of `{"b64": + }`, where `` is the Base64-encoded string of the content of the + file. + includedFields: + items: + type: string + type: array description: >- - Details about write for each key. If status is not OK, - WriteResponse.data_key will have the key with error, but - WriteResponse.online_store_write_time will not be present. + Fields that will be included in the prediction instance that is sent + to the Model. If instance_type is `array`, the order of field names + in included_fields also determines the order of the values in the + array. When included_fields is populated, excluded_fields must be + empty. The input must be JSONL with objects at each line, BigQuery + or TfRecord. + excludedFields: type: array items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureViewDirectWriteResponseWriteResponse - GoogleCloudAiplatformV1FeatureViewDirectWriteResponseWriteResponse: - id: GoogleCloudAiplatformV1FeatureViewDirectWriteResponseWriteResponse - description: Details about the write for each key. - type: object - properties: - dataKey: - description: What key is this write response associated with. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureViewDataKey' - onlineStoreWriteTime: + type: string description: >- - When the feature values were written to the online store. If - FeatureViewDirectWriteResponse.status is not OK, this field is not - populated. - type: string - format: google-datetime - GoogleCloudAiplatformV1CacheConfig: - id: GoogleCloudAiplatformV1CacheConfig - description: Config of GenAI caching features. This is a singleton resource. + Fields that will be excluded in the prediction instance that is sent + to the Model. Excluded will be attached to the batch prediction + output if key_field is not specified. When excluded_fields is + populated, included_fields must be empty. The input must be JSONL + with objects at each line, BigQuery or TfRecord. + description: >- + Configuration defining how to transform batch prediction input instances + to the instances that the Model accepts. + id: GoogleCloudAiplatformV1BatchPredictionJobInstanceConfig + GoogleCloudAiplatformV1OutputConfig: + id: GoogleCloudAiplatformV1OutputConfig type: object + description: Config for evaluation output. properties: - name: + gcsDestination: + description: Cloud storage destination for evaluation output. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' + GoogleCloudAiplatformV1PipelineJob: + description: An instance of a machine learning PipelineJob. + properties: + runtimeConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineJobRuntimeConfig' + description: Runtime config of the pipeline. + jobDetail: description: >- - Identifier. Name of the cache config. Format: - - `projects/{project}/cacheConfig`. - type: string - disableCache: + Output only. The details of pipeline run. Not available in the list + view. + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineJobDetail' + error: + readOnly: true description: >- - If set to true, disables GenAI caching. Otherwise caching is - enabled. + Output only. The error that occurred during pipeline execution. Only + populated when the pipeline's state is FAILED or CANCELLED. + $ref: '#/components/schemas/GoogleRpcStatus' + startTime: + readOnly: true + description: Output only. Pipeline start time. + format: google-datetime + type: string + preflightValidations: type: boolean - GoogleCloudAiplatformV1CachedContent: - id: GoogleCloudAiplatformV1CachedContent - description: >- - A resource used in LLM queries for users to explicitly specify what to - cache and how to cache. - type: object - properties: - expireTime: description: >- - Timestamp of when this resource is considered expired. This is - *always* provided on output, regardless of what was sent on input. + Optional. Whether to do component level validations before job + creation. + pipelineSpec: + description: The spec of the pipeline. + type: object + additionalProperties: + type: any + description: Properties of the object. + reservedIpRanges: + description: >- + A list of names for the reserved ip ranges under the VPC network + that can be used for this Pipeline Job's workload. If set, we will + deploy the Pipeline Job's workload within the provided ip ranges. + Otherwise, the job will be deployed to any ip ranges under the + provided VPC network. Example: ['vertex-ai-ip-range']. + type: array + items: + type: string + name: + readOnly: true + description: Output only. The resource name of the PipelineJob. type: string + pscInterfaceConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PscInterfaceConfig' + description: Optional. Configuration for PSC-I for PipelineJob. + encryptionSpec: + description: >- + Customer-managed encryption key spec for a pipelineJob. If set, this + PipelineJob and all of its sub-resources will be secured by this + key. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + updateTime: format: google-datetime - ttl: + readOnly: true description: >- - Input only. The TTL for this resource. The expiration time is - computed: now + TTL. + Output only. Timestamp when this PipelineJob was most recently + updated. type: string - format: google-duration - name: - description: >- - Immutable. Identifier. The server-generated resource name of the - cached content Format: - projects/{project}/locations/{location}/cachedContents/{cached_content} + endTime: type: string - displayName: - description: >- - Optional. Immutable. The user-generated meaningful display name of - the cached content. + readOnly: true + description: Output only. Pipeline end time. + format: google-datetime + state: + description: Output only. The detailed state of the job. type: string - model: + readOnly: true + enum: + - PIPELINE_STATE_UNSPECIFIED + - PIPELINE_STATE_QUEUED + - PIPELINE_STATE_PENDING + - PIPELINE_STATE_RUNNING + - PIPELINE_STATE_SUCCEEDED + - PIPELINE_STATE_FAILED + - PIPELINE_STATE_CANCELLING + - PIPELINE_STATE_CANCELLED + - PIPELINE_STATE_PAUSED + enumDescriptions: + - The pipeline state is unspecified. + - >- + The pipeline has been created or resumed, and processing has not + yet begun. + - The service is preparing to run the pipeline. + - The pipeline is in progress. + - The pipeline completed successfully. + - The pipeline failed. + - >- + The pipeline is being cancelled. From this state, the pipeline may + only go to either PIPELINE_STATE_SUCCEEDED, PIPELINE_STATE_FAILED + or PIPELINE_STATE_CANCELLED. + - The pipeline has been cancelled. + - The pipeline has been stopped, and can be resumed. + serviceAccount: description: >- - Immutable. The name of the `Model` to use for cached content. - Currently, only the published Gemini base models are supported, in - form of - projects/{PROJECT}/locations/{LOCATION}/publishers/google/models/{MODEL} + The service account that the pipeline workload runs as. If not + specified, the Compute Engine default service account in the project + will be used. See + https://cloud.google.com/compute/docs/access/service-accounts#default_service_account + Users starting the pipeline must have the + `iam.serviceAccounts.actAs` permission on this service account. type: string - systemInstruction: + labels: description: >- - Optional. Input only. Immutable. Developer set system instruction. - Currently, text only - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - contents: - description: Optional. Input only. Immutable. The content to cache - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - tools: + The labels with user-defined metadata to organize PipelineJob. Label + keys and values can be no longer than 64 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. See + https://goo.gl/xmQnxf for more information and examples of labels. + Note there is some reserved label key for Vertex AI Pipelines. - + `vertex-ai-pipelines-run-billing-id`, user set value will get + overrided. + additionalProperties: + type: string + type: object + displayName: + type: string description: >- - Optional. Input only. Immutable. A list of `Tools` the model may use - to generate the next response - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tool' - toolConfig: + The display name of the Pipeline. The name can be up to 128 + characters long and can consist of any UTF-8 characters. + templateUri: description: >- - Optional. Input only. Immutable. Tool config. This config is shared - for all tools - $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolConfig' - createTime: - description: Output only. Creation time of the cache entry. - readOnly: true + A template uri from where the PipelineJob.pipeline_spec, if empty, + will be downloaded. Currently, only uri from Vertex Template + Registry & Gallery is supported. Reference to + https://cloud.google.com/vertex-ai/docs/pipelines/create-pipeline-template. type: string + createTime: + description: Output only. Pipeline creation time. format: google-datetime - updateTime: - description: Output only. When the cache entry was last updated in UTC time. readOnly: true type: string - format: google-datetime - usageMetadata: - description: Output only. Metadata on the usage of the cached content. + network: + type: string + description: >- + The full name of the Compute Engine + [network](/compute/docs/networks-and-firewalls#networks) to which + the Pipeline Job's workload should be peered. For example, + `projects/12345/global/networks/myVPC`. + [Format](/compute/docs/reference/rest/v1/networks/insert) is of the + form `projects/{project}/global/networks/{network}`. Where {project} + is a project number, as in `12345`, and {network} is a network name. + Private services access must already be configured for the network. + Pipeline job will apply the network configuration to the Google + Cloud resources being launched, if applied, such as Vertex AI + Training or Dataflow job. If left unspecified, the workload is not + peered with any network. + templateMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineTemplateMetadata' readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CachedContentUsageMetadata - encryptionSpec: description: >- - Input only. Immutable. Customer-managed encryption key spec for a - `CachedContent`. If set, this `CachedContent` and all its - sub-resources will be secured by this key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - GoogleCloudAiplatformV1Tool: - id: GoogleCloudAiplatformV1Tool - description: >- - Tool details that the model may use to generate response. A `Tool` is a - piece of code that enables the system to interact with external systems - to perform an action, or set of actions, outside of knowledge and scope - of the model. A Tool object should contain exactly one type of Tool (e.g - FunctionDeclaration, Retrieval or GoogleSearchRetrieval). + Output only. Pipeline template metadata. Will fill up fields if + PipelineJob.template_uri is from supported template registry. + scheduleName: + type: string + description: >- + Output only. The schedule resource name. Only returned if the + Pipeline is created by Schedule API. + readOnly: true + id: GoogleCloudAiplatformV1PipelineJob + type: object + GoogleCloudAiplatformV1ToolParameterKeyMatchInstance: + description: Spec for tool parameter key match instance. type: object properties: - functionDeclarations: + reference: + type: string + description: Required. Ground truth used to compare against the prediction. + prediction: + type: string + description: Required. Output of the evaluated model. + id: GoogleCloudAiplatformV1ToolParameterKeyMatchInstance + GoogleCloudAiplatformV1ReservationAffinity: + properties: + key: description: >- - Optional. Function tool type. One or more function declarations to - be passed to the model along with the current user query. Model may - decide to call a subset of these functions by populating - FunctionCall in the response. User should provide a FunctionResponse - for each function call in the next turn. Based on the function - responses, Model will generate the final response back to the user. - Maximum 512 function declarations can be provided. - type: array + Optional. Corresponds to the label key of a reservation resource. To + target a SPECIFIC_RESERVATION by name, use + `compute.googleapis.com/reservation-name` as the key and specify the + name of your reservation as its value. + type: string + values: items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FunctionDeclaration' - retrieval: - description: >- - Optional. Retrieval tool type. System will always execute the - provided retrieval tool(s) to get external knowledge to answer the - prompt. Retrieval results are presented to the model for generation. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Retrieval' - googleSearch: - description: >- - Optional. GoogleSearch tool type. Tool to support Google Search in - Model. Powered by Google. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolGoogleSearch' - googleSearchRetrieval: + type: string description: >- - Optional. GoogleSearchRetrieval tool type. Specialized retrieval - tool that is powered by Google search. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GoogleSearchRetrieval' - googleMaps: + Optional. Corresponds to the label values of a reservation resource. + This must be the full resource name of the reservation or + reservation block. + type: array + reservationAffinityType: + enum: + - TYPE_UNSPECIFIED + - NO_RESERVATION + - ANY_RESERVATION + - SPECIFIC_RESERVATION + type: string + enumDescriptions: + - Default value. This should not be used. + - Do not consume from any reserved capacity, only use on-demand. + - Consume any reservation available, falling back to on-demand. + - >- + Consume from a specific reservation. When chosen, the reservation + must be identified via the `key` and `values` fields. + description: Required. Specifies the reservation affinity type. + id: GoogleCloudAiplatformV1ReservationAffinity + type: object + description: >- + A ReservationAffinity can be used to configure a Vertex AI resource + (e.g., a DeployedModel) to draw its Compute Engine resources from a + Shared Reservation, or exclusively from on-demand capacity. + GoogleCloudAiplatformV1TunedModelCheckpoint: + description: TunedModelCheckpoint for the Tuned Model of a Tuning Job. + properties: + endpoint: + type: string description: >- - Optional. GoogleMaps tool type. Tool to support Google Maps in - Model. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GoogleMaps' - enterpriseWebSearch: + The Endpoint resource name that the checkpoint is deployed to. + Format: + `projects/{project}/locations/{location}/endpoints/{endpoint}`. + checkpointId: + type: string + description: The ID of the checkpoint. + step: + type: string + format: int64 + description: The step of the checkpoint. + epoch: + format: int64 + type: string + description: The epoch of the checkpoint. + id: GoogleCloudAiplatformV1TunedModelCheckpoint + type: object + GoogleCloudAiplatformV1PointwiseMetricSpec: + id: GoogleCloudAiplatformV1PointwiseMetricSpec + description: Spec for pointwise metric. + type: object + properties: + metricPromptTemplate: + description: Required. Metric prompt template for pointwise metric. + type: string + systemInstruction: + description: Optional. System instructions for pointwise metric. + type: string + customOutputFormatConfig: description: >- - Optional. Tool to support searching public web data, powered by - Vertex AI Search and Sec4 compliance. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EnterpriseWebSearch' - codeExecution: + Optional. CustomOutputFormatConfig allows customization of metric + output. By default, metrics return a score and explanation. When + this config is set, the default output is replaced with either: - + The raw output string. - A parsed output based on a user-defined + schema. If a custom format is chosen, the `score` and `explanation` + fields in the corresponding metric result will be empty. + $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomOutputFormatConfig' + GoogleCloudAiplatformV1ToolGoogleSearch: + properties: + excludeDomains: + type: array description: >- - Optional. CodeExecution tool type. Enables the model to execute code - as part of generation. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolCodeExecution' - urlContext: - description: Optional. Tool to support URL context retrieval. - $ref: '#/components/schemas/GoogleCloudAiplatformV1UrlContext' - GoogleCloudAiplatformV1FunctionDeclaration: - id: GoogleCloudAiplatformV1FunctionDeclaration + Optional. List of domains to be excluded from the search results. + The default limit is 2000 domains. Example: ["amazon.com", + "facebook.com"]. + items: + type: string + blockingConfidence: + type: string + enumDescriptions: + - Defaults to unspecified. + - Blocks Low and above confidence URL that is risky. + - Blocks Medium and above confidence URL that is risky. + - Blocks High and above confidence URL that is risky. + - Blocks Higher and above confidence URL that is risky. + - Blocks Very high and above confidence URL that is risky. + - Blocks Extremely high confidence URL that is risky. + description: >- + Optional. Sites with confidence level chosen & above this value will + be blocked from the search results. + enum: + - PHISH_BLOCK_THRESHOLD_UNSPECIFIED + - BLOCK_LOW_AND_ABOVE + - BLOCK_MEDIUM_AND_ABOVE + - BLOCK_HIGH_AND_ABOVE + - BLOCK_HIGHER_AND_ABOVE + - BLOCK_VERY_HIGH_AND_ABOVE + - BLOCK_ONLY_EXTREMELY_HIGH + type: object description: >- - Structured representation of a function declaration as defined by the - [OpenAPI 3.0 specification](https://spec.openapis.org/oas/v3.0.3). - Included in this declaration are the function name, description, - parameters and response type. This FunctionDeclaration is a - representation of a block of code that can be used as a `Tool` by the - model and executed by the client. + GoogleSearch tool type. Tool to support Google Search in Model. Powered + by Google. + id: GoogleCloudAiplatformV1ToolGoogleSearch + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationCategoricalArrayTransformation: + description: >- + Treats the column as categorical array and performs following + transformation functions. * For each element in the array, convert the + category name to a dictionary lookup index and generate an embedding for + each index. Combine the embedding of all elements into a single + embedding using the mean. * Empty arrays treated as an embedding of + zeroes. type: object properties: - name: - description: >- - Required. The name of the function to call. Must start with a letter - or an underscore. Must be a-z, A-Z, 0-9, or contain underscores, - dots and dashes, with a maximum length of 64. + columnName: type: string - description: - description: >- - Optional. Description and purpose of the function. Model uses it to - decide how and whether to call the function. + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationCategoricalArrayTransformation + GoogleCloudAiplatformV1SchemaPromptSpecAppBuilderData: + description: Defines data for an application builder. + properties: + linkedResources: + type: array + description: Linked resources attached to the application by the user. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecAppBuilderDataLinkedResource + codeRepositoryState: type: string - parameters: description: >- - Optional. Describes the parameters to this function in JSON Schema - Object format. Reflects the Open API 3.03 Parameter Object. string - Key: the name of the parameter. Parameter names are case sensitive. - Schema Value: the Schema defining the type used for the parameter. - For function with no parameters, this can be left unset. Parameter - names must start with a letter or an underscore and must only - contain chars a-z, A-Z, 0-9, or underscores with a maximum length of - 64. Example with 1 required and 1 optional parameter: type: OBJECT - properties: param1: type: STRING param2: type: INTEGER required: - - param1 - $ref: '#/components/schemas/GoogleCloudAiplatformV1Schema' - parametersJsonSchema: - description: >- - Optional. Describes the parameters to the function in JSON Schema - format. The schema must describe an object where the properties are - the parameters to the function. For example: ``` { "type": "object", - "properties": { "name": { "type": "string" }, "age": { "type": - "integer" } }, "additionalProperties": false, "required": ["name", - "age"], "propertyOrdering": ["name", "age"] } ``` This field is - mutually exclusive with `parameters`. - type: any - response: - description: >- - Optional. Describes the output from this function in JSON Schema - format. Reflects the Open API 3.03 Response Object. The Schema - defines the type used for the response value of the function. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Schema' - responseJsonSchema: - description: >- - Optional. Describes the output from this function in JSON Schema - format. The value specified by the schema is the response value of - the function. This field is mutually exclusive with `response`. - type: any - GoogleCloudAiplatformV1Schema: - id: GoogleCloudAiplatformV1Schema - description: >- - Schema is used to define the format of input/output data. Represents a - select subset of an [OpenAPI 3.0 schema - object](https://spec.openapis.org/oas/v3.0.3#schema-object). More fields - may be added in the future as needed. + Serialized state of the code repository. This string will typically + contain a JSON representation of the UI's CodeRepositoryService + state (files, folders, content, and any metadata). The UI is + responsible for serialization and deserialization. + id: GoogleCloudAiplatformV1SchemaPromptSpecAppBuilderData type: object + GoogleCloudAiplatformV1RagChunkPageSpan: + description: Represents where the chunk starts and ends in the document. + id: GoogleCloudAiplatformV1RagChunkPageSpan properties: - type: - description: Optional. The type of the data. + firstPage: + format: int32 + description: Page where chunk starts in the document. Inclusive. 1-indexed. + type: integer + lastPage: + type: integer + description: Page where chunk ends in the document. Inclusive. 1-indexed. + format: int32 + type: object + GoogleCloudAiplatformV1EventActions: + id: GoogleCloudAiplatformV1EventActions + type: object + description: Actions are parts of events that are executed by the agent. + properties: + transferAgent: + description: Optional. If set, the event transfers to the specified agent. type: string - enumDescriptions: - - Not specified, should not be used. - - OpenAPI string type - - OpenAPI number type - - OpenAPI integer type - - OpenAPI boolean type - - OpenAPI array type - - OpenAPI object type - - Null type - enum: - - TYPE_UNSPECIFIED - - STRING - - NUMBER - - INTEGER - - BOOLEAN - - ARRAY - - OBJECT - - 'NULL' - format: + artifactDelta: description: >- - Optional. The format of the data. Supported formats: for NUMBER - type: "float", "double" for INTEGER type: "int32", "int64" for - STRING type: "email", "byte", etc - type: string - title: - description: Optional. The title of the Schema. - type: string - description: - description: Optional. The description of the data. - type: string - nullable: - description: Optional. Indicates if the value may be null. + Optional. Indicates that the event is updating an artifact. key is + the filename, value is the version. + additionalProperties: + format: int32 + type: integer + type: object + stateDelta: + type: object + description: >- + Optional. Indicates that the event is updating the state with the + given delta. + additionalProperties: + description: Properties of the object. + type: any + escalate: type: boolean - default: - description: Optional. Default value of the data. - type: any - items: + description: Optional. The agent is escalating to a higher level agent. + skipSummarization: description: >- - Optional. SCHEMA FIELDS FOR TYPE ARRAY Schema of the elements of - Type.ARRAY. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Schema' - minItems: - description: Optional. Minimum number of the elements for Type.ARRAY. - type: string - format: int64 - maxItems: - description: Optional. Maximum number of the elements for Type.ARRAY. - type: string - format: int64 - enum: + Optional. If true, it won't call model to summarize function + response. Only used for function_response event. + type: boolean + requestedAuthConfigs: description: >- - Optional. Possible values of the element of primitive type with enum - format. Examples: 1. We can define direction as : {type:STRING, - format:enum, enum:["EAST", NORTH", "SOUTH", "WEST"]} 2. We can - define apartment number as : {type:INTEGER, format:enum, - enum:["101", "201", "301"]} - type: array - items: - type: string - properties: - description: Optional. SCHEMA FIELDS FOR TYPE OBJECT Properties of Type.OBJECT. - type: object + Optional. Will only be set by a tool response indicating tool + request euc. Struct key is the function call id since one function + call response (from model) could correspond to multiple function + calls. Struct value is the required auth config, which can be + another struct. additionalProperties: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Schema' - propertyOrdering: - description: >- - Optional. The order of the properties. Not a standard field in open - api spec. Only used to support the order of the properties. - type: array + description: Properties of the object. + type: any + type: object + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoActionRecognitionInputs: + properties: + modelType: + enum: + - MODEL_TYPE_UNSPECIFIED + - CLOUD + - MOBILE_VERSATILE_1 + - MOBILE_JETSON_VERSATILE_1 + - MOBILE_CORAL_VERSATILE_1 + enumDescriptions: + - Should not be set. + - >- + A model best tailored to be used within Google Cloud, and which c + annot be exported. Default. + - >- + A model that, in addition to being available within Google Cloud, + can also be exported (see ModelService.ExportModel) as a + TensorFlow or TensorFlow Lite model and used on a mobile or edge + device afterwards. + - >- + A model that, in addition to being available within Google Cloud, + can also be exported (see ModelService.ExportModel) to a Jetson + device afterwards. + - >- + A model that, in addition to being available within Google Cloud, + can also be exported (see ModelService.ExportModel) as a + TensorFlow or TensorFlow Lite model and used on a Coral device + afterwards. + type: string + type: object + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoActionRecognitionInputs + GoogleCloudAiplatformV1UpdateExplanationDatasetRequest: + type: object + description: Request message for ModelService.UpdateExplanationDataset. + id: GoogleCloudAiplatformV1UpdateExplanationDatasetRequest + properties: + examples: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Examples' + description: The example config containing the location of the dataset. + GoogleCloudAiplatformV1BoolArray: + id: GoogleCloudAiplatformV1BoolArray + type: object + properties: + values: items: - type: string - required: - description: Optional. Required properties of Type.OBJECT. + type: boolean type: array - items: - type: string - minProperties: - description: Optional. Minimum number of the properties for Type.OBJECT. - type: string - format: int64 - maxProperties: - description: Optional. Maximum number of the properties for Type.OBJECT. - type: string - format: int64 - minimum: - description: >- - Optional. SCHEMA FIELDS FOR TYPE INTEGER and NUMBER Minimum value of - the Type.INTEGER and Type.NUMBER - type: number - format: double - maximum: - description: Optional. Maximum value of the Type.INTEGER and Type.NUMBER - type: number - format: double - minLength: - description: >- - Optional. SCHEMA FIELDS FOR TYPE STRING Minimum length of the - Type.STRING + description: A list of bool values. + description: A list of boolean values. + GoogleCloudAiplatformV1ReadTensorboardUsageResponsePerUserUsageData: + description: Per user usage data. + id: GoogleCloudAiplatformV1ReadTensorboardUsageResponsePerUserUsageData + properties: + username: + description: User's username type: string - format: int64 - maxLength: - description: Optional. Maximum length of the Type.STRING + viewCount: type: string + description: Number of times the user has read data within the Tensorboard. format: int64 - pattern: - description: >- - Optional. Pattern of the Type.STRING to restrict a string to a - regular expression. - type: string - example: - description: >- - Optional. Example of the object. Will only populated when the object - is the root. - type: any - anyOf: - description: >- - Optional. The value should be validated against any (one or more) of - the subschemas in the list. + type: object + GoogleCloudAiplatformV1TrajectoryAnyOrderMatchInput: + id: GoogleCloudAiplatformV1TrajectoryAnyOrderMatchInput + properties: + instances: type: array + description: Required. Repeated TrajectoryAnyOrderMatch instance. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Schema' - additionalProperties: - description: >- - Optional. Can either be a boolean or an object; controls the - presence of additional properties. - type: any - ref: - description: >- - Optional. Allows indirect references between schema nodes. The value - should be a valid reference to a child of the root `defs`. For - example, the following schema defines a reference to a schema node - named "Pet": type: object properties: pet: ref: #/defs/Pet defs: - Pet: type: object properties: name: type: string The value of the - "pet" property is a reference to the schema node named "Pet". See - details in - https://json-schema.org/understanding-json-schema/structuring - type: string - defs: - description: >- - Optional. A map of definitions for use by `ref` Only allowed at the - root of the schema. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Schema' - GoogleCloudAiplatformV1Retrieval: - id: GoogleCloudAiplatformV1Retrieval - description: >- - Defines a retrieval tool that model can call to access external - knowledge. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectoryAnyOrderMatchInstance + metricSpec: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectoryAnyOrderMatchSpec + description: Required. Spec for TrajectoryAnyOrderMatch metric. + type: object + description: Instances and metric spec for TrajectoryAnyOrderMatch metric. + GoogleCloudAiplatformV1UpdateTensorboardOperationMetadata: + description: Details of operations that perform update Tensorboard. type: object + id: GoogleCloudAiplatformV1UpdateTensorboardOperationMetadata properties: - vertexAiSearch: - description: Set to use data source powered by Vertex AI Search. - $ref: '#/components/schemas/GoogleCloudAiplatformV1VertexAISearch' - vertexRagStore: + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Operation metadata for Tensorboard. + GoogleCloudAiplatformV1ExportFeatureValuesOperationMetadata: + id: GoogleCloudAiplatformV1ExportFeatureValuesOperationMetadata + description: Details of operations that exports Features values. + type: object + properties: + genericMetadata: + description: Operation metadata for Featurestore export Feature values. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + GoogleCloudAiplatformV1EvaluationInstanceAgentDataTools: + properties: + tool: description: >- - Set to use data source powered by Vertex RAG store. User data is - uploaded via the VertexRagDataService. - $ref: '#/components/schemas/GoogleCloudAiplatformV1VertexRagStore' - externalApi: - description: Use data source powered by external API for grounding. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExternalApi' - disableAttribution: - description: Optional. Deprecated. This option is no longer supported. + Optional. List of tools: each tool can have multiple function + declarations. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tool' deprecated: true - type: boolean - GoogleCloudAiplatformV1VertexAISearch: - id: GoogleCloudAiplatformV1VertexAISearch + type: array + id: GoogleCloudAiplatformV1EvaluationInstanceAgentDataTools + type: object + description: Represents a list of tools for an agent. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationAutoTransformation: description: >- - Retrieve from Vertex AI Search datastore or engine for grounding. - datastore and engine are mutually exclusive. See - https://cloud.google.com/products/agent-builder + Training pipeline will infer the proper transformation based on the + statistic of dataset. + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationAutoTransformation type: object properties: - datastore: - description: >- - Optional. Fully-qualified Vertex AI Search data store resource ID. - Format: - `projects/{project}/locations/{location}/collections/{collection}/dataStores/{dataStore}` + columnName: + type: string + GoogleCloudAiplatformV1SchemaPredictInstanceVideoObjectTrackingPredictionInstance: + id: >- + GoogleCloudAiplatformV1SchemaPredictInstanceVideoObjectTrackingPredictionInstance + description: Prediction input format for Video Object Tracking. + type: object + properties: + content: type: string - engine: description: >- - Optional. Fully-qualified Vertex AI Search engine resource ID. - Format: - `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}` + The Google Cloud Storage location of the video on which to perform + the prediction. + timeSegmentStart: + description: >- + The beginning, inclusive, of the video's time segment on which to + perform the prediction. Expressed as a number of seconds as measured + from the start of the video, with "s" appended at the end. Fractions + are allowed, up to a microsecond precision. + type: string + timeSegmentEnd: type: string - maxResults: description: >- - Optional. Number of search results to return per query. The default - value is 10. The maximumm allowed value is 10. - type: integer - format: int32 - filter: - description: Optional. Filter strings to be passed to the search API. + The end, exclusive, of the video's time segment on which to perform + the prediction. Expressed as a number of seconds as measured from + the start of the video, with "s" appended at the end. Fractions are + allowed, up to a microsecond precision, and "inf" or "Infinity" is + allowed, which means the end of the video. + mimeType: type: string - dataStoreSpecs: description: >- - Specifications that define the specific DataStores to be searched, - along with configurations for those data stores. This is only - considered for Engines with multiple data stores. It should only be - set if engine is used. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1VertexAISearchDataStoreSpec - GoogleCloudAiplatformV1VertexAISearchDataStoreSpec: - id: GoogleCloudAiplatformV1VertexAISearchDataStoreSpec - description: >- - Define data stores within engine to filter on in a search call and - configurations for those data stores. For more information, see - https://cloud.google.com/generative-ai-app-builder/docs/reference/rpc/google.cloud.discoveryengine.v1#datastorespec - type: object + The MIME type of the content of the video. Only the following are + supported: video/mp4 video/avi video/quicktime + GoogleCloudAiplatformV1FulfillmentInstance: + description: Spec for fulfillment instance. properties: - dataStore: - description: >- - Full resource name of DataStore, such as Format: - `projects/{project}/locations/{location}/collections/{collection}/dataStores/{dataStore}` + instruction: type: string - filter: - description: >- - Optional. Filter specification to filter documents in the data store - specified by data_store field. For more information on filtering, - see - [Filtering](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) + description: Required. Inference instruction prompt to compare prediction with. + prediction: + description: Required. Output of the evaluated model. type: string - GoogleCloudAiplatformV1VertexRagStore: - id: GoogleCloudAiplatformV1VertexRagStore - description: Retrieve from Vertex RAG Store for grounding. + id: GoogleCloudAiplatformV1FulfillmentInstance type: object + GoogleCloudAiplatformV1ListMetadataStoresResponse: + description: Response message for MetadataService.ListMetadataStores. + id: GoogleCloudAiplatformV1ListMetadataStoresResponse properties: - ragResources: - description: >- - Optional. The representation of the rag source. It can be used to - specify corpus only or ragfiles. Currently only support one corpus - or multiple files from one corpus. In the future we may open up - multiple corpora support. - type: array + metadataStores: items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1VertexRagStoreRagResource - similarityTopK: - description: >- - Optional. Number of top k results to return from the selected - corpora. - deprecated: true - type: integer - format: int32 - vectorDistanceThreshold: + $ref: '#/components/schemas/GoogleCloudAiplatformV1MetadataStore' + type: array + description: The MetadataStores found for the Location. + nextPageToken: description: >- - Optional. Only return results with vector distance smaller than the - threshold. - deprecated: true - type: number - format: double - ragRetrievalConfig: - description: Optional. The retrieval config for the Rag query. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagRetrievalConfig' - GoogleCloudAiplatformV1VertexRagStoreRagResource: - id: GoogleCloudAiplatformV1VertexRagStoreRagResource - description: The definition of the Rag resource. + A token, which can be sent as ListMetadataStoresRequest.page_token + to retrieve the next page. If this field is not populated, there are + no subsequent pages. + type: string type: object + GoogleCloudAiplatformV1EntityIdSelector: + id: GoogleCloudAiplatformV1EntityIdSelector properties: - ragCorpus: - description: >- - Optional. RagCorpora resource name. Format: - `projects/{project}/locations/{location}/ragCorpora/{rag_corpus}` + entityIdField: type: string - ragFileIds: description: >- - Optional. rag_file_id. The files should be in the same rag_corpus - set in rag_corpus field. - type: array - items: - type: string - GoogleCloudAiplatformV1RagRetrievalConfig: - id: GoogleCloudAiplatformV1RagRetrievalConfig - description: Specifies the context retrieval config. + Source column that holds entity IDs. If not provided, entity IDs are + extracted from the column named entity_id. + csvSource: + description: Source of Csv + $ref: '#/components/schemas/GoogleCloudAiplatformV1CsvSource' + description: Selector for entityId. Getting ids from the given source. type: object + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageObjectDetectionMetadata: properties: - topK: - description: Optional. The number of contexts to retrieve. - type: integer - format: int32 - filter: - description: Optional. Config for filters. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagRetrievalConfigFilter' - ranking: - description: Optional. Config for ranking and reranking. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RagRetrievalConfigRanking - GoogleCloudAiplatformV1RagRetrievalConfigFilter: - id: GoogleCloudAiplatformV1RagRetrievalConfigFilter - description: Config for filters. + successfulStopReason: + description: >- + For successful job completions, this is the reason why the job has + finished. + type: string + enum: + - SUCCESSFUL_STOP_REASON_UNSPECIFIED + - BUDGET_REACHED + - MODEL_CONVERGED + enumDescriptions: + - Should not be set. + - The inputs.budgetMilliNodeHours had been reached. + - >- + Further training of the Model ceased to increase its quality, + since it already has converged. + costMilliNodeHours: + description: >- + The actual training cost of creating this model, expressed in milli + node hours, i.e. 1,000 value in this field means 1 node hour. + Guaranteed to not exceed inputs.budgetMilliNodeHours. + type: string + format: int64 + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageObjectDetectionMetadata type: object + GoogleCloudAiplatformV1FractionSplit: properties: - vectorDistanceThreshold: + validationFraction: + format: double description: >- - Optional. Only returns contexts with vector distance smaller than - the threshold. + The fraction of the input data that is to be used to validate the + Model. type: number + testFraction: format: double - vectorSimilarityThreshold: description: >- - Optional. Only returns contexts with vector similarity larger than - the threshold. + The fraction of the input data that is to be used to evaluate the + Model. type: number + trainingFraction: format: double - metadataFilter: - description: Optional. String for metadata filtering. - type: string - GoogleCloudAiplatformV1RagRetrievalConfigRanking: - id: GoogleCloudAiplatformV1RagRetrievalConfigRanking - description: Config for ranking and reranking. + description: >- + The fraction of the input data that is to be used to train the + Model. + type: number type: object - properties: - rankService: - description: Optional. Config for Rank Service. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RagRetrievalConfigRankingRankService - llmRanker: - description: Optional. Config for LlmRanker. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RagRetrievalConfigRankingLlmRanker - GoogleCloudAiplatformV1RagRetrievalConfigRankingRankService: - id: GoogleCloudAiplatformV1RagRetrievalConfigRankingRankService - description: Config for Rank Service. + id: GoogleCloudAiplatformV1FractionSplit + description: >- + Assigns the input data to training, validation, and test sets as per the + given fractions. Any of `training_fraction`, `validation_fraction` and + `test_fraction` may optionally be provided, they must sum to up to 1. If + the provided ones sum to less than 1, the remainder is assigned to sets + as decided by Vertex AI. If none of the fractions are set, by default + roughly 80% of data is used for training, 10% for validation, and 10% + for test. + GoogleCloudAiplatformV1SuggestTrialsRequest: + description: Request message for VizierService.SuggestTrials. type: object + id: GoogleCloudAiplatformV1SuggestTrialsRequest properties: - modelName: + contexts: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TrialContext' description: >- - Optional. The model name of the rank service. Format: - `semantic-ranker-512@latest` + Optional. This allows you to specify the "context" for a Trial; a + context is a slice (a subspace) of the search space. Typical uses + for contexts: 1) You are using Vizier to tune a server for best + performance, but there's a strong weekly cycle. The context + specifies the day-of-week. This allows Tuesday to generalize from + Wednesday without assuming that everything is identical. 2) Imagine + you're optimizing some medical treatment for people. As they walk in + the door, you know certain facts about them (e.g. sex, weight, + height, blood-pressure). Put that information in the context, and + Vizier will adapt its suggestions to the patient. 3) You want to do + a fair A/B test efficiently. Specify the "A" and "B" conditions as + contexts, and Vizier will generalize between "A" and "B" conditions. + If they are similar, this will allow Vizier to converge to the + optimum faster than if "A" and "B" were separate Studies. NOTE: You + can also enter contexts as REQUESTED Trials, e.g. via the + CreateTrial() RPC; that's the asynchronous option where you don't + need a close association between contexts and suggestions. NOTE: All + the Parameters you set in a context MUST be defined in the Study. + NOTE: You must supply 0 or $suggestion_count contexts. If you don't + supply any contexts, Vizier will make suggestions from the full + search space specified in the StudySpec; if you supply a full set of + context, each suggestion will match the corresponding context. NOTE: + A Context with no features set matches anything, and allows + suggestions from the full search space. NOTE: Contexts MUST lie + within the search space specified in the StudySpec. It's an error if + they don't. NOTE: Contexts preferentially match ACTIVE then + REQUESTED trials before new suggestions are generated. NOTE: + Generation of suggestions involves a match between a Context and + (optionally) a REQUESTED trial; if that match is not fully + specified, a suggestion will be geneated in the merged subspace. + type: array + clientId: type: string - GoogleCloudAiplatformV1RagRetrievalConfigRankingLlmRanker: - id: GoogleCloudAiplatformV1RagRetrievalConfigRankingLlmRanker - description: Config for LlmRanker. - type: object + description: >- + Required. The identifier of the client that is requesting the + suggestion. If multiple SuggestTrialsRequests have the same + `client_id`, the service will return the identical suggested Trial + if the Trial is pending, and provide a new Trial if the last + suggested Trial was completed. + suggestionCount: + type: integer + description: Required. The number of suggestions requested. It must be positive. + format: int32 + GoogleCloudAiplatformV1FunctionCall: + id: GoogleCloudAiplatformV1FunctionCall properties: - modelName: + args: description: >- - Optional. The model name used for ranking. See [Supported - models](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/inference#supported-models). + Optional. The function parameters and values in JSON object format. + See [FunctionDeclaration.parameters] for parameter details. + type: object + additionalProperties: + description: Properties of the object. + type: any + partialArgs: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PartialArg' + description: >- + Optional. The partial argument value of the function call. If + provided, represents the arguments/fields that are streamed + incrementally. + name: + description: >- + Optional. The name of the function to call. Matches + [FunctionDeclaration.name]. type: string - GoogleCloudAiplatformV1ExternalApi: - id: GoogleCloudAiplatformV1ExternalApi - description: >- - Retrieve from data source powered by external API for grounding. The - external API is not owned by Google, but need to follow the pre-defined - API spec. + willContinue: + type: boolean + description: >- + Optional. Whether this is the last part of the FunctionCall. If + true, another partial message for the current FunctionCall is + expected to follow. type: object + description: >- + A predicted [FunctionCall] returned from the model that contains a + string representing the [FunctionDeclaration.name] and a structured JSON + object containing the parameters and their values. + GoogleCloudAiplatformV1WriteFeatureValuesRequest: + description: Request message for FeaturestoreOnlineServingService.WriteFeatureValues. properties: - simpleSearchParams: - description: Parameters for the simple search API. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ExternalApiSimpleSearchParams - elasticSearchParams: - description: Parameters for the elastic search API. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ExternalApiElasticSearchParams - apiSpec: - description: The API spec that the external API implements. - type: string - enumDescriptions: - - Unspecified API spec. This value should not be used. - - Simple search API spec. - - Elastic search API spec. - enum: - - API_SPEC_UNSPECIFIED - - SIMPLE_SEARCH - - ELASTIC_SEARCH - endpoint: - description: >- - The endpoint of the external API. The system will call the API at - this endpoint to retrieve the data for grounding. Example: - https://acme.com:443/search - type: string - apiAuth: + payloads: + type: array description: >- - The authentication config to access the API. Deprecated. Please use - auth_config instead. - deprecated: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1ApiAuth' - authConfig: - description: The authentication config to access the API. - $ref: '#/components/schemas/GoogleCloudAiplatformV1AuthConfig' - GoogleCloudAiplatformV1ExternalApiSimpleSearchParams: - id: GoogleCloudAiplatformV1ExternalApiSimpleSearchParams - description: The search parameters to use for SIMPLE_SEARCH spec. + Required. The entities to be written. Up to 100,000 feature values + can be written across all `payloads`. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1WriteFeatureValuesPayload type: object - properties: {} - GoogleCloudAiplatformV1ExternalApiElasticSearchParams: - id: GoogleCloudAiplatformV1ExternalApiElasticSearchParams - description: The search parameters to use for the ELASTIC_SEARCH spec. + id: GoogleCloudAiplatformV1WriteFeatureValuesRequest + GoogleCloudAiplatformV1PrivateEndpoints: + description: >- + PrivateEndpoints proto is used to provide paths for users to send + requests privately. To send request via private service access, use + predict_http_uri, explain_http_uri or health_http_uri. To send request + via private service connect, use service_attachment. type: object + id: GoogleCloudAiplatformV1PrivateEndpoints properties: - index: - description: The ElasticSearch index to use. + predictHttpUri: type: string - searchTemplate: - description: The ElasticSearch search template to use. + description: Output only. Http(s) path to send prediction requests. + readOnly: true + healthHttpUri: + description: Output only. Http(s) path to send health check requests. + readOnly: true + type: string + explainHttpUri: + type: string + description: Output only. Http(s) path to send explain requests. + readOnly: true + serviceAttachment: + readOnly: true type: string - numHits: description: >- - Optional. Number of hits (chunks) to request. When specified, it is - passed to Elasticsearch as the `num_hits` param. - type: integer - format: int32 - GoogleCloudAiplatformV1ApiAuth: - id: GoogleCloudAiplatformV1ApiAuth - description: >- - The generic reusable api auth config. Deprecated. Please use AuthConfig - (google/cloud/aiplatform/master/auth.proto) instead. - type: object + Output only. The name of the service attachment resource. Populated + if private service connect is enabled. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecasting: properties: - apiKeyConfig: - description: The API secret. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ApiAuthApiKeyConfig' - GoogleCloudAiplatformV1ApiAuthApiKeyConfig: - id: GoogleCloudAiplatformV1ApiAuthApiKeyConfig - description: The API secret. + inputs: + description: The input parameters of this TrainingJob. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputs + metadata: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingMetadata + description: The metadata information. type: object + description: A TrainingJob that trains and uploads an AutoML Forecasting Model. + id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecasting + GoogleCloudAiplatformV1FeatureViewBigtableMetadata: properties: - apiKeySecretVersion: - description: >- - Required. The SecretManager secret version resource name storing API - key. e.g. projects/{project}/secrets/{secret}/versions/{version} + readAppProfile: type: string - apiKeyString: description: >- - The API key string. Either this or `api_key_secret_version` must be - set. - type: string - GoogleCloudAiplatformV1AuthConfig: - id: GoogleCloudAiplatformV1AuthConfig - description: Auth configuration to run the extension. + Output only. The Bigtable App Profile to use for reading from + Bigtable. + readOnly: true + id: GoogleCloudAiplatformV1FeatureViewBigtableMetadata type: object + description: >- + Metadata for the Cloud Bigtable that supports directly interacting + Bigtable instances. + GoogleCloudAiplatformV1Fact: properties: - apiKeyConfig: - description: Config for API key auth. - $ref: '#/components/schemas/GoogleCloudAiplatformV1AuthConfigApiKeyConfig' - httpBasicAuthConfig: - description: Config for HTTP Basic auth. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1AuthConfigHttpBasicAuthConfig - googleServiceAccountConfig: - description: Config for Google Service Account auth. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1AuthConfigGoogleServiceAccountConfig - oauthConfig: - description: Config for user oauth. - $ref: '#/components/schemas/GoogleCloudAiplatformV1AuthConfigOauthConfig' - oidcConfig: - description: Config for user OIDC auth. - $ref: '#/components/schemas/GoogleCloudAiplatformV1AuthConfigOidcConfig' - authType: - description: Type of auth scheme. + uri: type: string - enumDescriptions: - - '' - - No Auth. - - API Key Auth. - - HTTP Basic Auth. - - Google Service Account Auth. - - OAuth auth. - - OpenID Connect (OIDC) Auth. - enum: - - AUTH_TYPE_UNSPECIFIED - - NO_AUTH - - API_KEY_AUTH - - HTTP_BASIC_AUTH - - GOOGLE_SERVICE_ACCOUNT_AUTH - - OAUTH - - OIDC_AUTH - GoogleCloudAiplatformV1AuthConfigApiKeyConfig: - id: GoogleCloudAiplatformV1AuthConfigApiKeyConfig - description: Config for authentication with API key. - type: object - properties: - name: - description: >- - Optional. The parameter name of the API key. E.g. If the API request - is "https://example.com/act?api_key=", "api_key" would be the - parameter name. + description: If present, this uri links to the source of the fact. + title: + description: If present, it refers to the title of this fact. type: string - apiKeySecret: + chunk: + description: If present, chunk properties. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagChunk' + vectorDistance: + type: number description: >- - Optional. The name of the SecretManager secret version resource - storing the API key. Format: - `projects/{project}/secrets/{secrete}/versions/{version}` - If both - `api_key_secret` and `api_key_string` are specified, this field - takes precedence over `api_key_string`. - If specified, the - `secretmanager.versions.access` permission should be granted to - Vertex AI Extension Service Agent - (https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) - on the specified resource. - type: string - apiKeyString: - description: Optional. The API key to be used in the request directly. + If present, the distance between the query vector and this fact + vector. + format: double + deprecated: true + summary: + description: If present, the summary/snippet of the fact. type: string - httpElementLocation: - description: Optional. The location of the API key. + query: type: string - enumDescriptions: - - '' - - Element is in the HTTP request query. - - Element is in the HTTP request header. - - Element is in the HTTP request path. - - Element is in the HTTP request body. - - Element is in the HTTP request cookie. - enum: - - HTTP_IN_UNSPECIFIED - - HTTP_IN_QUERY - - HTTP_IN_HEADER - - HTTP_IN_PATH - - HTTP_IN_BODY - - HTTP_IN_COOKIE - GoogleCloudAiplatformV1AuthConfigHttpBasicAuthConfig: - id: GoogleCloudAiplatformV1AuthConfigHttpBasicAuthConfig - description: Config for HTTP Basic Authentication. - type: object - properties: - credentialSecret: + description: Query that is used to retrieve this fact. + score: description: >- - Required. The name of the SecretManager secret version resource - storing the base64 encoded credentials. Format: - `projects/{project}/secrets/{secrete}/versions/{version}` - If - specified, the `secretmanager.versions.access` permission should be - granted to Vertex AI Extension Service Agent - (https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) - on the specified resource. - type: string - GoogleCloudAiplatformV1AuthConfigGoogleServiceAccountConfig: - id: GoogleCloudAiplatformV1AuthConfigGoogleServiceAccountConfig - description: Config for Google Service Account Authentication. + If present, according to the underlying Vector DB and the selected + metric type, the score can be either the distance or the similarity + between the query and the fact and its range depends on the metric + type. For example, if the metric type is COSINE_DISTANCE, it + represents the distance between the query and the fact. The larger + the distance, the less relevant the fact is to the query. The range + is [0, 2], while 0 means the most relevant and 2 means the least + relevant. + type: number + format: double + id: GoogleCloudAiplatformV1Fact type: object - properties: - serviceAccount: - description: >- - Optional. The service account that the extension execution service - runs as. - If the service account is specified, the - `iam.serviceAccounts.getAccessToken` permission should be granted to - Vertex AI Extension Service Agent - (https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) - on the specified service account. - If not specified, the Vertex AI - Extension Service Agent will be used to execute the Extension. - type: string - GoogleCloudAiplatformV1AuthConfigOauthConfig: - id: GoogleCloudAiplatformV1AuthConfigOauthConfig - description: Config for user oauth. + description: The fact used in grounding. + GoogleCloudAiplatformV1GenerationConfigThinkingConfig: + id: GoogleCloudAiplatformV1GenerationConfigThinkingConfig type: object properties: - accessToken: + thinkingBudget: + format: int32 description: >- - Access token for extension endpoint. Only used to propagate token - from [[ExecuteExtensionRequest.runtime_auth_config]] at request - time. - type: string - serviceAccount: + Optional. The token budget for the model's thinking process. The + model will make a best effort to stay within this budget. This can + be used to control the trade-off between response quality and + latency. + type: integer + includeThoughts: + type: boolean description: >- - The service account used to generate access tokens for executing the - Extension. - If the service account is specified, the - `iam.serviceAccounts.getAccessToken` permission should be granted to - Vertex AI Extension Service Agent - (https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) - on the provided service account. + Optional. If true, the model will include its thoughts in the + response. "Thoughts" are the intermediate steps the model takes to + arrive at the final response. They can provide insights into the + model's reasoning process and help with debugging. If this is true, + thoughts are returned only when available. + thinkingLevel: + enum: + - THINKING_LEVEL_UNSPECIFIED + - LOW + - HIGH + enumDescriptions: + - Unspecified thinking level. + - Low thinking level. + - High thinking level. + description: >- + Optional. The number of thoughts tokens that the model should + generate. type: string - GoogleCloudAiplatformV1AuthConfigOidcConfig: - id: GoogleCloudAiplatformV1AuthConfigOidcConfig - description: Config for user OIDC auth. - type: object + description: >- + Configuration for the model's thinking features. "Thinking" is a process + where the model breaks down a complex task into smaller, manageable + steps. This allows the model to reason about the task, plan its + approach, and execute the plan to generate a high-quality response. + GoogleCloudAiplatformV1SchemaPredictPredictionVideoClassificationPredictionResult: properties: - idToken: + timeSegmentStart: description: >- - OpenID Connect formatted ID token for extension endpoint. Only used - to propagate token from - [[ExecuteExtensionRequest.runtime_auth_config]] at request time. + The beginning, inclusive, of the video's time segment in which the + AnnotationSpec has been identified. Expressed as a number of seconds + as measured from the start of the video, with fractions up to a + microsecond precision, and with "s" appended at the end. Note that + for 'segment-classification' prediction type, this equals the + original 'timeSegmentStart' from the input instance, for other types + it is the start of a shot or a 1 second interval respectively. type: string - serviceAccount: + format: google-duration + displayName: + type: string + description: The display name of the AnnotationSpec that had been identified. + timeSegmentEnd: description: >- - The service account used to generate an OpenID Connect - (OIDC)-compatible JWT token signed by the Google OIDC Provider - (accounts.google.com) for extension endpoint - (https://cloud.google.com/iam/docs/create-short-lived-credentials-direct#sa-credentials-oidc). - - The audience for the token will be set to the URL in the server - url defined in the OpenApi spec. - If the service account is - provided, the service account should grant - `iam.serviceAccounts.getOpenIdToken` permission to Vertex AI - Extension Service Agent - (https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents). + The end, exclusive, of the video's time segment in which the + AnnotationSpec has been identified. Expressed as a number of seconds + as measured from the start of the video, with fractions up to a + microsecond precision, and with "s" appended at the end. Note that + for 'segment-classification' prediction type, this equals the + original 'timeSegmentEnd' from the input instance, for other types + it is the end of a shot or a 1 second interval respectively. type: string - GoogleCloudAiplatformV1ToolGoogleSearch: - id: GoogleCloudAiplatformV1ToolGoogleSearch - description: >- - GoogleSearch tool type. Tool to support Google Search in Model. Powered - by Google. - type: object - properties: - excludeDomains: + format: google-duration + id: + type: string + description: The resource ID of the AnnotationSpec that had been identified. + confidence: + format: float description: >- - Optional. List of domains to be excluded from the search results. - The default limit is 2000 domains. Example: ["amazon.com", - "facebook.com"]. - type: array - items: - type: string - GoogleCloudAiplatformV1GoogleSearchRetrieval: - id: GoogleCloudAiplatformV1GoogleSearchRetrieval - description: Tool to retrieve public web data for grounding, powered by Google. - type: object - properties: - dynamicRetrievalConfig: - description: Specifies the dynamic retrieval configuration for the given source. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DynamicRetrievalConfig' - GoogleCloudAiplatformV1DynamicRetrievalConfig: - id: GoogleCloudAiplatformV1DynamicRetrievalConfig - description: Describes the options to customize dynamic retrieval. + The Model's confidence in correction of this prediction, higher + value means higher confidence. + type: number + type: + description: >- + The type of the prediction. The requested types can be configured + via parameters. This will be one of - segment-classification - + shot-classification - one-sec-interval-classification + type: string + description: Prediction output format for Video Classification. + id: >- + GoogleCloudAiplatformV1SchemaPredictPredictionVideoClassificationPredictionResult type: object + GoogleCloudAiplatformV1ImageConfig: + id: GoogleCloudAiplatformV1ImageConfig properties: - mode: - description: The mode of the predictor to be used in dynamic retrieval. + imageSize: type: string + description: >- + Optional. Specifies the size of generated images. Supported values + are `1K`, `2K`, `4K`. If not specified, the model will use default + value `1K`. + personGeneration: enumDescriptions: - - Always trigger retrieval. - - Run retrieval only when system decides it is necessary. + - >- + The default behavior is unspecified. The model will decide whether + to generate images of people. + - >- + Allows the model to generate images of people, including adults + and children. + - Allows the model to generate images of adults, but not children. + - Prevents the model from generating images of people. + type: string enum: - - MODE_UNSPECIFIED - - MODE_DYNAMIC - dynamicThreshold: - description: >- - Optional. The threshold to be used in dynamic retrieval. If not set, - a system default value is used. - type: number - format: float - GoogleCloudAiplatformV1GoogleMaps: - id: GoogleCloudAiplatformV1GoogleMaps - description: Tool to retrieve public maps data for grounding, powered by Google. + - PERSON_GENERATION_UNSPECIFIED + - ALLOW_ALL + - ALLOW_ADULT + - ALLOW_NONE + description: Optional. Controls whether the model can generate people. + aspectRatio: + type: string + description: >- + Optional. The desired aspect ratio for the generated images. The + following aspect ratios are supported: "1:1" "2:3", "3:2" "3:4", + "4:3" "4:5", "5:4" "9:16", "16:9" "21:9" + imageOutputOptions: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ImageConfigImageOutputOptions + description: Optional. The image output format for generated images. type: object - properties: {} - GoogleCloudAiplatformV1EnterpriseWebSearch: - id: GoogleCloudAiplatformV1EnterpriseWebSearch description: >- - Tool to search public web data, powered by Vertex AI Search and Sec4 - compliance. - type: object + Configuration for image generation. This message allows you to control + various aspects of image generation, such as the output format, aspect + ratio, and whether the model can generate images of people. + GoogleCloudAiplatformV1Trial: properties: - excludeDomains: + customJob: description: >- - Optional. List of domains to be excluded from the search results. - The default limit is 2000 domains. - type: array - items: - type: string - GoogleCloudAiplatformV1ToolCodeExecution: - id: GoogleCloudAiplatformV1ToolCodeExecution - description: >- - Tool that executes code generated by the model, and automatically - returns the result to the model. See also [ExecutableCode]and - [CodeExecutionResult] which are input and output to this tool. - type: object - properties: {} - GoogleCloudAiplatformV1UrlContext: - id: GoogleCloudAiplatformV1UrlContext - description: Tool to support URL context. - type: object - properties: {} - GoogleCloudAiplatformV1ToolConfig: - id: GoogleCloudAiplatformV1ToolConfig - description: >- - Tool config. This config is shared for all tools provided in the - request. - type: object - properties: - functionCallingConfig: - description: Optional. Function calling config. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FunctionCallingConfig' - retrievalConfig: - description: Optional. Retrieval config. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RetrievalConfig' - GoogleCloudAiplatformV1FunctionCallingConfig: - id: GoogleCloudAiplatformV1FunctionCallingConfig - description: Function calling config. - type: object - properties: - mode: - description: Optional. Function calling mode. - type: string - enumDescriptions: - - Unspecified function calling mode. This value should not be used. - - >- - Default model behavior, model decides to predict either function - calls or natural language response. - - >- - Model is constrained to always predicting function calls only. If - "allowed_function_names" are set, the predicted function calls - will be limited to any one of "allowed_function_names", else the - predicted function calls will be any one of the provided - "function_declarations". - - >- - Model will not predict any function calls. Model behavior is same - as when not passing any function declarations. - enum: - - MODE_UNSPECIFIED - - AUTO - - ANY - - NONE - allowedFunctionNames: - description: >- - Optional. Function names to call. Only set when the Mode is ANY. - Function names should match [FunctionDeclaration.name]. With mode - set to ANY, model will predict a function call from the set of - function names provided. - type: array - items: - type: string - GoogleCloudAiplatformV1RetrievalConfig: - id: GoogleCloudAiplatformV1RetrievalConfig - description: Retrieval config. - type: object - properties: - latLng: - description: The location of the user. - $ref: '#/components/schemas/GoogleTypeLatLng' - languageCode: - description: The language code of the user. + Output only. The CustomJob name linked to the Trial. It's set for a + HyperparameterTuningJob's Trial. + readOnly: true type: string - GoogleTypeLatLng: - id: GoogleTypeLatLng - description: >- - An object that represents a latitude/longitude pair. This is expressed - as a pair of doubles to represent degrees latitude and degrees - longitude. Unless specified otherwise, this object must conform to the - WGS84 standard. Values must be within normalized ranges. - type: object - properties: - latitude: - description: The latitude in degrees. It must be in the range [-90.0, +90.0]. - type: number - format: double - longitude: - description: The longitude in degrees. It must be in the range [-180.0, +180.0]. - type: number - format: double - GoogleCloudAiplatformV1CachedContentUsageMetadata: - id: GoogleCloudAiplatformV1CachedContentUsageMetadata - description: Metadata on the usage of the cached content. - type: object - properties: - totalTokenCount: - description: Total number of tokens that the cached content consumes. - type: integer - format: int32 - textCount: - description: Number of text characters. - type: integer - format: int32 - imageCount: - description: Number of images. - type: integer - format: int32 - videoDurationSeconds: - description: Duration of video in seconds. - type: integer - format: int32 - audioDurationSeconds: - description: Duration of audio in seconds. - type: integer - format: int32 - GoogleCloudAiplatformV1ListCachedContentsResponse: - id: GoogleCloudAiplatformV1ListCachedContentsResponse - description: Response with a list of CachedContents. - type: object - properties: - cachedContents: - description: List of cached contents. + measurements: + readOnly: true type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CachedContent' - nextPageToken: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudAiplatformV1TuningJob: - id: GoogleCloudAiplatformV1TuningJob - description: Represents a TuningJob that runs with Google owned models. - type: object - properties: - baseModel: + Output only. A list of measurements that are strictly + lexicographically ordered by their induced tuples (steps, + elapsed_duration). These are used for early stopping computations. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Measurement' + endTime: + format: google-datetime + readOnly: true description: >- - The base model that is being tuned. See [Supported - models](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/tuning#supported_models). + Output only. Time when the Trial's status changed to `SUCCEEDED` or + `INFEASIBLE`. type: string - supervisedTuningSpec: - description: Tuning Spec for Supervised Fine Tuning. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SupervisedTuningSpec' + finalMeasurement: + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1Measurement' + description: Output only. The final measurement containing the objective value. name: + type: string + description: Output only. Resource name of the Trial assigned by the service. + readOnly: true + webAccessUris: + type: object description: >- - Output only. Identifier. Resource name of a TuningJob. Format: - `projects/{project}/locations/{location}/tuningJobs/{tuning_job}` + Output only. URIs for accessing [interactive + shells](https://cloud.google.com/vertex-ai/docs/training/monitor-debug-interactive-shell) + (one URI for each training node). Only available if this trial is + part of a HyperparameterTuningJob and the job's + trial_job_spec.enable_web_access field is `true`. The keys are names + of each node used for the trial; for example, `workerpool0-0` for + the primary node, `workerpool1-0` for the first node in the second + worker pool, and `workerpool1-1` for the second node in the second + worker pool. The values are the URIs for each node's interactive + shell. + readOnly: true + additionalProperties: + type: string + parameters: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TrialParameter' readOnly: true + type: array + description: Output only. The parameters of the Trial. + clientId: type: string - tunedModelDisplayName: description: >- - Optional. The display name of the TunedModel. The name can be up to - 128 characters long and can consist of any UTF-8 characters. - type: string - description: - description: Optional. The description of the TuningJob. + Output only. The identifier of the client that originally requested + this Trial. Each client is identified by a unique client_id. When a + client asks for a suggestion, Vertex AI Vizier will assign it a + Trial. The client should evaluate the Trial, complete it, and report + back to Vertex AI Vizier. If suggestion is asked again by same + client_id before the Trial is completed, the same Trial will be + returned. Multiple clients with different client_ids can ask for + suggestions simultaneously, each of them will get their own Trial. + readOnly: true + infeasibleReason: + readOnly: true type: string + description: >- + Output only. A human readable string describing why the Trial is + infeasible. This is set only if Trial state is `INFEASIBLE`. state: - description: Output only. The detailed state of the job. readOnly: true + enum: + - STATE_UNSPECIFIED + - REQUESTED + - ACTIVE + - STOPPING + - SUCCEEDED + - INFEASIBLE type: string + description: Output only. The detailed state of the Trial. enumDescriptions: - - The job state is unspecified. - - >- - The job has been just created or resumed and processing has not - yet begun. - - The service is preparing to run the job. - - The job is in progress. - - The job completed successfully. - - The job failed. - - >- - The job is being cancelled. From this state the job may only go to - either `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED` or - `JOB_STATE_CANCELLED`. - - The job has been cancelled. - - The job has been stopped, and can be resumed. - - The job has expired. + - The Trial state is unspecified. - >- - The job is being updated. Only jobs in the `RUNNING` state can be - updated. After updating, the job goes back to the `RUNNING` state. + Indicates that a specific Trial has been requested, but it has not + yet been suggested by the service. + - Indicates that the Trial has been suggested. + - Indicates that the Trial should stop according to the service. + - Indicates that the Trial is completed successfully. - >- - The job is partially succeeded, some results may be missing due to - errors. - enum: - - JOB_STATE_UNSPECIFIED - - JOB_STATE_QUEUED - - JOB_STATE_PENDING - - JOB_STATE_RUNNING - - JOB_STATE_SUCCEEDED - - JOB_STATE_FAILED - - JOB_STATE_CANCELLING - - JOB_STATE_CANCELLED - - JOB_STATE_PAUSED - - JOB_STATE_EXPIRED - - JOB_STATE_UPDATING - - JOB_STATE_PARTIALLY_SUCCEEDED - createTime: - description: Output only. Time when the TuningJob was created. + Indicates that the Trial should not be attempted again. The + service will set a Trial to INFEASIBLE when it's done but missing + the final_measurement. + id: readOnly: true + description: Output only. The identifier of the Trial assigned by the service. type: string - format: google-datetime startTime: - description: >- - Output only. Time when the TuningJob for the first time entered the - `JOB_STATE_RUNNING` state. + description: Output only. Time when the Trial was started. readOnly: true - type: string format: google-datetime - endTime: + type: string + description: >- + A message representing a Trial. A Trial contains a unique set of + Parameters that has been or will be evaluated, along with the objective + metrics got by running the Trial. + type: object + id: GoogleCloudAiplatformV1Trial + GoogleCloudAiplatformV1RebaseTunedModelRequest: + id: GoogleCloudAiplatformV1RebaseTunedModelRequest + properties: + deployToSameEndpoint: + type: boolean description: >- - Output only. Time when the TuningJob entered any of the following - JobStates: `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED`, - `JOB_STATE_CANCELLED`, `JOB_STATE_EXPIRED`. + Optional. By default, bison to gemini migration will always create + new model/endpoint, but for gemini-1.0 to gemini-1.5 migration, we + default deploy to the same endpoint. See details in this Section. + tunedModelRef: + description: >- + Required. TunedModel reference to retrieve the legacy model + information. + $ref: '#/components/schemas/GoogleCloudAiplatformV1TunedModelRef' + artifactDestination: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' + description: Optional. The Google Cloud Storage location to write the artifacts. + tuningJob: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TuningJob' + description: >- + Optional. The TuningJob to be updated. Users can use this TuningJob + field to overwrite tuning configs. + type: object + description: Request message for GenAiTuningService.RebaseTunedModel. + GoogleCloudAiplatformV1RagRetrievalConfigRankingRankService: + id: GoogleCloudAiplatformV1RagRetrievalConfigRankingRankService + type: object + properties: + modelName: + type: string + description: >- + Optional. The model name of the rank service. Format: + `semantic-ranker-512@latest` + description: Config for Rank Service. + GoogleCloudAiplatformV1FeatureOnlineStoreBigtable: + id: GoogleCloudAiplatformV1FeatureOnlineStoreBigtable + properties: + zone: + description: >- + Optional. The zone where the underlying Bigtable cluster for the + primary Bigtable instance will be provisioned. Only the zone must be + provided. For example, only "us-central1-a" should be provided. + type: string + enableDirectBigtableAccess: + description: Optional. It true, enable direct access to the Bigtable instance. + type: boolean + autoScaling: + description: Required. Autoscaling config applied to Bigtable Instance. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureOnlineStoreBigtableAutoScaling + bigtableMetadata: + description: Output only. Metadata of the Bigtable instance. Output only. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureOnlineStoreBigtableBigtableMetadata + type: object + GoogleCloudAiplatformV1GenerateInstanceRubricsResponse: + properties: + generatedRubrics: + description: Output only. A list of generated rubrics. + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Rubric' readOnly: true + id: GoogleCloudAiplatformV1GenerateInstanceRubricsResponse + type: object + description: Response message for EvaluationService.GenerateInstanceRubrics. + GoogleCloudAiplatformV1Context: + type: object + properties: + etag: + type: string + description: >- + An eTag used to perform consistent read-modify-write updates. If not + set, a blind "overwrite" update happens. + description: + description: Description of the Context type: string + createTime: + description: Output only. Timestamp when this Context was created. format: google-datetime - updateTime: - description: Output only. Time when the TuningJob was most recently updated. readOnly: true type: string - format: google-datetime - error: + schemaTitle: description: >- - Output only. Only populated when job's state is `JOB_STATE_FAILED` - or `JOB_STATE_CANCELLED`. + The title of the schema describing the metadata. Schema title and + version is expected to be registered in earlier Create Schema calls. + And both are used together as unique identifiers to identify schemas + within the local metadata store. + type: string + displayName: + type: string + description: >- + User provided display name of the Context. May be up to 128 Unicode + characters. + parentContexts: readOnly: true - $ref: '#/components/schemas/GoogleRpcStatus' + items: + type: string + description: >- + Output only. A list of resource names of Contexts that are parents + of this Context. A Context may have at most 10 parent_contexts. + type: array labels: description: >- - Optional. The labels with user-defined metadata to organize - TuningJob and generated resources such as Model and Endpoint. Label - keys and values can be no longer than 64 characters (Unicode + The labels with user-defined metadata to organize your Contexts. + Label keys and values can be no longer than 64 characters (Unicode codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. See - https://goo.gl/xmQnxf for more information and examples of labels. + underscores and dashes. International characters are allowed. No + more than 64 user labels can be associated with one Context (System + labels are excluded). type: object additionalProperties: type: string - experiment: - description: Output only. The Experiment associated with this TuningJob. + updateTime: + format: google-datetime readOnly: true type: string - tunedModel: - description: >- - Output only. The tuned model resources associated with this - TuningJob. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1TunedModel' - tuningDataStats: - description: >- - Output only. The tuning data statistics associated with this - TuningJob. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1TuningDataStats' - encryptionSpec: - description: >- - Customer-managed encryption key options for a TuningJob. If this is - set, then all resources created by the TuningJob will be encrypted - with the provided encryption key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - serviceAccount: + description: Output only. Timestamp when this Context was last updated. + name: + type: string + description: Immutable. The resource name of the Context. + metadata: + additionalProperties: + description: Properties of the object. + type: any + type: object description: >- - The service account that the tuningJob workload runs as. If not - specified, the Vertex AI Secure Fine-Tuned Service Agent in the - project will be used. See - https://cloud.google.com/iam/docs/service-agents#vertex-ai-secure-fine-tuning-service-agent - Users starting the pipeline must have the - `iam.serviceAccounts.actAs` permission on this service account. + Properties of the Context. Top level metadata keys' heading and + trailing spaces will be trimmed. The size of this field should not + exceed 200KB. + schemaVersion: type: string - GoogleCloudAiplatformV1SupervisedTuningSpec: - id: GoogleCloudAiplatformV1SupervisedTuningSpec - description: Tuning Spec for Supervised Tuning for first party models. + description: >- + The version of the schema in schema_name to use. Schema title and + version is expected to be registered in earlier Create Schema calls. + And both are used together as unique identifiers to identify schemas + within the local metadata store. + id: GoogleCloudAiplatformV1Context + description: Instance of a general context. + GoogleCloudAiplatformV1StructValue: + id: GoogleCloudAiplatformV1StructValue + description: Struct (or object) type feature value. type: object properties: - trainingDatasetUri: + values: + description: A list of field values. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1StructFieldValue' + type: array + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputs: + properties: + dataGranularity: + description: Expected difference in time granularity between rows in the data. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsGranularity + quantiles: + items: + type: number + format: double description: >- - Required. Training dataset used for tuning. The dataset can be - specified as either a Cloud Storage path to a JSONL file or as the - resource name of a Vertex Multimodal Dataset. + Quantiles to use for minimize-quantile-loss + `optimization_objective`, or for probabilistic inference. Up to 5 + quantiles are allowed of values between 0 and 1, exclusive. Required + if the value of optimization_objective is minimize-quantile-loss. + Represents the percent quantiles to use for that objective. + Quantiles must be unique. + type: array + targetColumn: type: string - validationDatasetUri: description: >- - Optional. Validation dataset used for tuning. The dataset can be - specified as either a Cloud Storage path to a JSONL file or as the - resource name of a Vertex Multimodal Dataset. + The name of the column that the Model is to predict values for. This + column must be unavailable at forecast. + forecastHorizon: type: string - hyperParameters: - description: Optional. Hyperparameters for SFT. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SupervisedHyperParameters - exportLastCheckpointOnly: + format: int64 description: >- - Optional. If set to true, disable intermediate checkpoints for SFT - and only the last checkpoint will be exported. Otherwise, enable - intermediate checkpoints for SFT. Default is false. - type: boolean - GoogleCloudAiplatformV1SupervisedHyperParameters: - id: GoogleCloudAiplatformV1SupervisedHyperParameters - description: Hyperparameters for SFT. - type: object - properties: - epochCount: + The amount of time into the future for which forecasted values for + the target are returned. Expressed in number of units defined by the + `data_granularity` field. + validationOptions: description: >- - Optional. Number of complete passes the model makes over the entire - training dataset during training. + Validation options for the data validation component. The available + options are: * "fail-pipeline" - default, will validate against the + validation and fail the pipeline if it fails. * "ignore-validation" + - ignore the results of the validation and continue type: string - format: int64 - learningRateMultiplier: + windowConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionWindowConfig + description: Config containing strategy for generating sliding windows. + timeSeriesIdentifierColumn: + description: The name of the column that identifies the time series. + type: string + timeColumn: description: >- - Optional. Multiplier for adjusting the default learning rate. - Mutually exclusive with `learning_rate`. This feature is only - available for 1P models. - type: number - format: double - adapterSize: - description: Optional. Adapter size for tuning. + The name of the column that identifies time order in the time + series. This column must be available at forecast. type: string - enumDescriptions: - - Adapter size is unspecified. - - Adapter size 1. - - Adapter size 2. - - Adapter size 4. - - Adapter size 8. - - Adapter size 16. - - Adapter size 32. - enum: - - ADAPTER_SIZE_UNSPECIFIED - - ADAPTER_SIZE_ONE - - ADAPTER_SIZE_TWO - - ADAPTER_SIZE_FOUR - - ADAPTER_SIZE_EIGHT - - ADAPTER_SIZE_SIXTEEN - - ADAPTER_SIZE_THIRTY_TWO - GoogleCloudAiplatformV1TunedModel: - id: GoogleCloudAiplatformV1TunedModel - description: >- - The Model Registry Model and Online Prediction Endpoint associated with - this TuningJob. - type: object - properties: - model: - description: >- - Output only. The resource name of the TunedModel. Format: - `projects/{project}/locations/{location}/models/{model}@{version_id}` - When tuning from a base model, the version_id will be 1. For - continuous tuning, the version id will be incremented by 1 from the - last version id in the parent model. E.g., - `projects/{project}/locations/{location}/models/{model}@{last_version_id - + 1}` - readOnly: true - type: string - endpoint: - description: >- - Output only. A resource name of an Endpoint. Format: - `projects/{project}/locations/{location}/endpoints/{endpoint}`. - readOnly: true - type: string - checkpoints: + transformations: description: >- - Output only. The checkpoints associated with this TunedModel. This - field is only populated for tuning jobs that enable intermediate - checkpoints. - readOnly: true + Each transformation will apply transform function to given input + column. And the result will be used for training. When creating + transformation for BigQuery Struct column, the column should be + flattened using "." as the delimiter. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TunedModelCheckpoint' - GoogleCloudAiplatformV1TunedModelCheckpoint: - id: GoogleCloudAiplatformV1TunedModelCheckpoint - description: TunedModelCheckpoint for the Tuned Model of a Tuning Job. - type: object - properties: - checkpointId: - description: The ID of the checkpoint. - type: string - epoch: - description: The epoch of the checkpoint. - type: string - format: int64 - step: - description: The step of the checkpoint. - type: string - format: int64 - endpoint: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformation + exportEvaluatedDataItemsConfig: description: >- - The Endpoint resource name that the checkpoint is deployed to. - Format: - `projects/{project}/locations/{location}/endpoints/{endpoint}`. - type: string - GoogleCloudAiplatformV1TuningDataStats: - id: GoogleCloudAiplatformV1TuningDataStats - description: The tuning data statistic values for TuningJob. - type: object - properties: - supervisedTuningDataStats: - description: The SFT Tuning data stats. + Configuration for exporting test set predictions to a BigQuery + table. If this configuration is absent, then the export is not + performed. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SupervisedTuningDataStats - GoogleCloudAiplatformV1SupervisedTuningDataStats: - id: GoogleCloudAiplatformV1SupervisedTuningDataStats - description: Tuning data statistics for Supervised Tuning. - type: object - properties: - tuningDatasetExampleCount: - description: Output only. Number of examples in the tuning dataset. - readOnly: true - type: string - format: int64 - totalTuningCharacterCount: - description: Output only. Number of tuning characters in the tuning dataset. - readOnly: true - type: string - format: int64 - totalBillableCharacterCount: - description: Output only. Number of billable characters in the tuning dataset. - readOnly: true - deprecated: true - type: string - format: int64 - totalBillableTokenCount: - description: Output only. Number of billable tokens in the tuning dataset. - readOnly: true - type: string - format: int64 - tuningStepCount: - description: Output only. Number of tuning steps for this Tuning Job. - readOnly: true + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionExportEvaluatedDataItemsConfig + contextWindow: type: string format: int64 - userInputTokenDistribution: - description: Output only. Dataset distributions for the user input tokens. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SupervisedTuningDatasetDistribution - userOutputTokenDistribution: - description: Output only. Dataset distributions for the user output tokens. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SupervisedTuningDatasetDistribution - userMessagePerExampleDistribution: - description: Output only. Dataset distributions for the messages per example. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SupervisedTuningDatasetDistribution - userDatasetExamples: - description: Output only. Sample user messages in the training dataset uri. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - totalTruncatedExampleCount: description: >- - Output only. The number of examples in the dataset that have been - dropped. An example can be dropped for reasons including: too many - tokens, contains an invalid image, contains too many images, etc. - readOnly: true - type: string - format: int64 - truncatedExampleIndices: + The amount of time into the past training and prediction data is + used for model training and prediction respectively. Expressed in + number of units defined by the `data_granularity` field. + availableAtForecastColumns: description: >- - Output only. A partial sample of the indices (starting from 1) of - the dropped examples. - readOnly: true + Names of columns that are available and provided when a forecast is + requested. These columns contain information for the given entity + (identified by the time_series_identifier_column column) that is + known at forecast. For example, predicted weather for a specific + day. type: array items: type: string - format: int64 - droppedExampleReasons: + unavailableAtForecastColumns: + items: + type: string + type: array description: >- - Output only. For each index in `truncated_example_indices`, the - user-facing reason why the example was dropped. - readOnly: true + Names of columns that are unavailable when a forecast is requested. + This column contains information for the given entity (identified by + the time_series_identifier_column) that is unknown before the + forecast For example, actual weather on a given day. + timeSeriesAttributeColumns: + items: + type: string + description: >- + Column names that should be used as attribute columns. The value of + these columns does not vary as a function of time. For example, + store ID or item color. type: array + additionalExperiments: items: type: string - GoogleCloudAiplatformV1SupervisedTuningDatasetDistribution: - id: GoogleCloudAiplatformV1SupervisedTuningDatasetDistribution - description: Dataset distribution for Supervised Tuning. - type: object - properties: - sum: - description: Output only. Sum of a given population of values. - readOnly: true + type: array + description: Additional experiment flags for the time series forcasting training. + enableProbabilisticInference: + type: boolean + description: >- + If probabilistic inference is enabled, the model will fit a + distribution that captures the uncertainty of a prediction. At + inference time, the predictive distribution is used to make a point + prediction that minimizes the optimization objective. For example, + the mean of a predictive distribution is the point prediction that + minimizes RMSE loss. If quantiles are specified, then the quantiles + of the distribution are also returned. The optimization objective + cannot be minimize-quantile-loss. + weightColumn: type: string + description: >- + Column name that should be used as the weight column. Higher values + in this column give more importance to the row during model + training. The column must have numeric values between 0 and 10000 + inclusively; 0 means the row is ignored for training. If weight + column field is not set, then all rows are assumed to have equal + weight of 1. + trainBudgetMilliNodeHours: format: int64 - billableSum: - description: Output only. Sum of a given population of values that are billable. - readOnly: true + description: >- + Required. The train budget of creating this model, expressed in + milli node hours i.e. 1,000 value in this field means 1 node hour. + The training cost of the model will not exceed this budget. The + final cost will be attempted to be close to the budget, though may + end up being (even) noticeably smaller - at the backend's + discretion. This especially may happen when further model training + ceases to provide any improvements. If the budget is set to a value + known to be insufficient to train a model for the given dataset, the + training won't be attempted and will error. The train budget must be + between 1,000 and 72,000 milli node hours, inclusive. type: string - format: int64 - min: - description: Output only. The minimum of the population values. - readOnly: true - type: number - format: double - max: - description: Output only. The maximum of the population values. - readOnly: true - type: number - format: double - mean: - description: Output only. The arithmetic mean of the values in the population. - readOnly: true - type: number - format: double - median: - description: Output only. The median of the values in the population. - readOnly: true - type: number - format: double - p5: - description: Output only. The 5th percentile of the values in the population. - readOnly: true - type: number - format: double - p95: - description: Output only. The 95th percentile of the values in the population. - readOnly: true - type: number - format: double - buckets: - description: Output only. Defines the histogram bucket. - readOnly: true + holidayRegions: type: array + description: >- + The geographical region based on which the holiday effect is applied + in modeling by adding holiday categorical array feature that include + all holidays matching the date. This option only allowed when + data_granularity is day. By default, holiday effect modeling is + disabled. To turn it on, specify the holiday region using this + option. items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SupervisedTuningDatasetDistributionDatasetBucket - GoogleCloudAiplatformV1SupervisedTuningDatasetDistributionDatasetBucket: - id: GoogleCloudAiplatformV1SupervisedTuningDatasetDistributionDatasetBucket - description: >- - Dataset bucket used to create a histogram for the distribution given a - population of values. - type: object - properties: - count: - description: Output only. Number of values in the bucket. - readOnly: true - type: number - format: double - left: - description: Output only. Left bound of the bucket. - readOnly: true - type: number - format: double - right: - description: Output only. Right bound of the bucket. - readOnly: true - type: number - format: double - GoogleCloudAiplatformV1ListTuningJobsResponse: - id: GoogleCloudAiplatformV1ListTuningJobsResponse - description: Response message for GenAiTuningService.ListTuningJobs + type: string + optimizationObjective: + type: string + description: >- + Objective function the model is optimizing towards. The training + process creates a model that optimizes the value of the objective + function over the validation set. The supported optimization + objectives: * "minimize-rmse" (default) - Minimize root-mean-squared + error (RMSE). * "minimize-mae" - Minimize mean-absolute error (MAE). + * "minimize-rmsle" - Minimize root-mean-squared log error (RMSLE). * + "minimize-rmspe" - Minimize root-mean-squared percentage error + (RMSPE). * "minimize-wape-mae" - Minimize the combination of + weighted absolute percentage error (WAPE) and mean-absolute-error + (MAE). * "minimize-quantile-loss" - Minimize the quantile loss at + the quantiles defined in `quantiles`. * "minimize-mape" - Minimize + the mean absolute percentage error. + hierarchyConfig: + description: >- + Configuration that defines the hierarchical relationship of time + series and parameters for hierarchical forecasting strategies. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHierarchyConfig type: object + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputs + GoogleCloudAiplatformV1PurgeContextsResponse: properties: - tuningJobs: - description: List of TuningJobs in the requested page. - type: array + purgeSample: items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TuningJob' - nextPageToken: + type: string + type: array description: >- - A token to retrieve the next page of results. Pass to - ListTuningJobsRequest.page_token to obtain that page. + A sample of the Context names that will be deleted. Only populated + if `force` is set to false. The maximum number of samples is 100 (it + is possible to return fewer). + purgeCount: type: string - GoogleCloudAiplatformV1CancelTuningJobRequest: - id: GoogleCloudAiplatformV1CancelTuningJobRequest - description: Request message for GenAiTuningService.CancelTuningJob. - type: object - properties: {} - GoogleCloudAiplatformV1RebaseTunedModelRequest: - id: GoogleCloudAiplatformV1RebaseTunedModelRequest - description: Request message for GenAiTuningService.RebaseTunedModel. - type: object - properties: - tunedModelRef: - description: >- - Required. TunedModel reference to retrieve the legacy model - information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1TunedModelRef' - tuningJob: - description: >- - Optional. The TuningJob to be updated. Users can use this TuningJob - field to overwrite tuning configs. - $ref: '#/components/schemas/GoogleCloudAiplatformV1TuningJob' - artifactDestination: - description: Optional. The Google Cloud Storage location to write the artifacts. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' - deployToSameEndpoint: description: >- - Optional. By default, bison to gemini migration will always create - new model/endpoint, but for gemini-1.0 to gemini-1.5 migration, we - default deploy to the same endpoint. See details in this Section. - type: boolean - GoogleCloudAiplatformV1TunedModelRef: - id: GoogleCloudAiplatformV1TunedModelRef - description: TunedModel Reference for legacy model migration. + The number of Contexts that this request deleted (or, if `force` is + false, the number of Contexts that will be deleted). This can be an + estimate. + format: int64 + id: GoogleCloudAiplatformV1PurgeContextsResponse + description: Response message for MetadataService.PurgeContexts. type: object + GoogleCloudAiplatformV1CodeExecutionResult: + type: object + id: GoogleCloudAiplatformV1CodeExecutionResult + description: >- + Result of executing the [ExecutableCode]. Only generated when using the + [CodeExecution] tool, and always follows a `part` containing the + [ExecutableCode]. properties: - tunedModel: - description: Support migration from model registry. + output: type: string - tuningJob: description: >- - Support migration from tuning job list page, from gemini-1.0-pro-002 - to 1.5 and above. + Optional. Contains stdout when code execution is successful, stderr + or other description otherwise. + outcome: + enumDescriptions: + - Unspecified status. This value should not be used. + - Code execution completed successfully. + - >- + Code execution finished but with a failure. `stderr` should + contain the reason. + - >- + Code execution ran for too long, and was cancelled. There may or + may not be a partial output present. type: string - pipelineJob: + enum: + - OUTCOME_UNSPECIFIED + - OUTCOME_OK + - OUTCOME_FAILED + - OUTCOME_DEADLINE_EXCEEDED + description: Required. Outcome of the code execution. + GoogleIamV1Policy: + properties: + version: + type: integer + format: int32 description: >- - Support migration from tuning job list page, from bison model to - gemini model. + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + etag: type: string - GoogleCloudAiplatformV1Index: - id: GoogleCloudAiplatformV1Index + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + format: byte + bindings: + items: + $ref: '#/components/schemas/GoogleIamV1Binding' + type: array + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. description: >- - A representation of a collection of database items organized in a way - that allows for approximate nearest neighbor (a.k.a ANN) algorithms - search. + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + id: GoogleIamV1Policy + type: object + GoogleCloudAiplatformV1Checkpoint: type: object + description: Describes the machine learning model version checkpoint. + id: GoogleCloudAiplatformV1Checkpoint properties: - name: - description: Output only. The resource name of the Index. - readOnly: true + step: type: string - displayName: - description: >- - Required. The display name of the Index. The name can be up to 128 - characters long and can consist of any UTF-8 characters. + format: int64 + description: The step of the checkpoint. + epoch: + format: int64 type: string - description: - description: The description of the Index. + description: The epoch of the checkpoint. + checkpointId: + description: The ID of the checkpoint. type: string - metadataSchemaUri: - description: >- - Immutable. Points to a YAML file stored on Google Cloud Storage - describing additional information about the Index, that is specific - to it. Unset if the Index does not have any additional information. - The schema is defined as an OpenAPI 3.0.2 [Schema - Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). - Note: The URI given on output will be immutable and probably - different, including the URI scheme, than the one given on input. - The output URI will point to a location where the user only has a - read access. - type: string - metadata: - description: >- - An additional information about the Index; the schema of the - metadata can be found in metadata_schema. - type: any - deployedIndexes: - description: >- - Output only. The pointers to DeployedIndexes created from this - Index. An Index can be only deleted if all its DeployedIndexes had - been undeployed first. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedIndexRef' - etag: - description: >- - Used to perform consistent read-modify-write updates. If not set, a - blind "overwrite" update happens. - type: string - labels: - description: >- - The labels with user-defined metadata to organize your Indexes. - Label keys and values can be no longer than 64 characters (Unicode - codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. See - https://goo.gl/xmQnxf for more information and examples of labels. - type: object - additionalProperties: - type: string - createTime: - description: Output only. Timestamp when this Index was created. - readOnly: true - type: string - format: google-datetime - updateTime: + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsGranularity: + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsGranularity + properties: + quantity: description: >- - Output only. Timestamp when this Index was most recently updated. - This also includes any update to the contents of the Index. Note - that Operations working on this Index may have their - Operations.metadata.generic_metadata.update_time a little after the - value of this timestamp, yet that does not mean their results are - not already reflected in the Index. Result of any successfully - completed Operation on the Index is reflected in it. - readOnly: true + The number of granularity_units between data points in the training + data. If `granularity_unit` is `minute`, can be 1, 5, 10, 15, or 30. + For all other values of `granularity_unit`, must be 1. type: string - format: google-datetime - indexStats: - description: Output only. Stats of the index resource. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexStats' - indexUpdateMethod: - description: >- - Immutable. The update method to use with this Index. If not set, - BATCH_UPDATE will be used by default. + format: int64 + unit: type: string - enumDescriptions: - - Should not be used. - - >- - BatchUpdate: user can call UpdateIndex with files on Cloud Storage - of Datapoints to update. - - >- - StreamUpdate: user can call UpsertDatapoints/DeleteDatapoints to - update the Index and the updates will be applied in corresponding - DeployedIndexes in nearly real-time. - enum: - - INDEX_UPDATE_METHOD_UNSPECIFIED - - BATCH_UPDATE - - STREAM_UPDATE - encryptionSpec: description: >- - Immutable. Customer-managed encryption key spec for an Index. If - set, this Index and all sub-resources of this Index will be secured - by this key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - GoogleCloudAiplatformV1DeployedIndexRef: - id: GoogleCloudAiplatformV1DeployedIndexRef - description: Points to a DeployedIndex. + The time granularity unit of this time period. The supported units + are: * "minute" * "hour" * "day" * "week" * "month" * "year" + description: A duration of time expressed in time granularity units. type: object + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationTimestampTransformation: + description: >- + Training pipeline will perform following transformation functions. * + Apply the transformation functions for Numerical columns. * Determine + the year, month, day,and weekday. Treat each value from the timestamp as + a Categorical column. * Invalid numerical values (for example, values + that fall outside of a typical timestamp range, or are extreme values) + receive no special treatment and are not removed. properties: - indexEndpoint: - description: Immutable. A resource name of the IndexEndpoint. - type: string - deployedIndexId: - description: Immutable. The ID of the DeployedIndex in the above IndexEndpoint. + columnName: type: string - displayName: - description: Output only. The display name of the DeployedIndex. - readOnly: true + timeFormat: type: string - GoogleCloudAiplatformV1IndexStats: - id: GoogleCloudAiplatformV1IndexStats - description: Stats of the Index. + description: >- + The format in which that time field is expressed. The time_format + must either be one of: * `unix-seconds` * `unix-milliseconds` * + `unix-microseconds` * `unix-nanoseconds` (for respectively number of + seconds, milliseconds, microseconds and nanoseconds since start of + the Unix epoch); or be written in `strftime` syntax. If time_format + is not set, then the default format is RFC 3339 `date-time` format, + where `time-offset` = `"Z"` (e.g. 1985-04-12T23:20:50.52Z) + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationTimestampTransformation type: object - properties: - vectorsCount: - description: Output only. The number of dense vectors in the Index. - readOnly: true - type: string - format: int64 - sparseVectorsCount: - description: Output only. The number of sparse vectors in the Index. - readOnly: true - type: string - format: int64 - shardsCount: - description: Output only. The number of shards in the Index. - readOnly: true - type: integer - format: int32 - GoogleCloudAiplatformV1ListIndexesResponse: - id: GoogleCloudAiplatformV1ListIndexesResponse - description: Response message for IndexService.ListIndexes. + GoogleCloudAiplatformV1SearchNearestEntitiesRequest: type: object properties: - indexes: - description: List of indexes in the requested page. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Index' - nextPageToken: + returnFullEntity: + type: boolean description: >- - A token to retrieve next page of results. Pass to - ListIndexesRequest.page_token to obtain that page. - type: string - GoogleCloudAiplatformV1UpsertDatapointsRequest: - id: GoogleCloudAiplatformV1UpsertDatapointsRequest - description: Request message for IndexService.UpsertDatapoints + Optional. If set to true, the full entities (including all vector + values and metadata) of the nearest neighbors are returned; + otherwise only entity id of the nearest neighbors will be returned. + Note that returning full entities will significantly increase the + latency and cost of the query. + query: + description: Required. The query. + $ref: '#/components/schemas/GoogleCloudAiplatformV1NearestNeighborQuery' + description: The request message for FeatureOnlineStoreService.SearchNearestEntities. + id: GoogleCloudAiplatformV1SearchNearestEntitiesRequest + GoogleCloudAiplatformV1RetrievalMetadata: type: object + description: >- + Metadata related to the retrieval grounding source. This is part of the + `GroundingMetadata` returned when grounding is enabled. + id: GoogleCloudAiplatformV1RetrievalMetadata properties: - datapoints: - description: A list of datapoints to be created/updated. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexDatapoint' - updateMask: + googleSearchDynamicRetrievalScore: + format: float description: >- - Optional. Update mask is used to specify the fields to be - overwritten in the datapoints by the update. The fields specified in - the update_mask are relative to each IndexDatapoint inside - datapoints, not the full request. Updatable fields: * Use - `all_restricts` to update both restricts and numeric_restricts. - type: string - format: google-fieldmask - GoogleCloudAiplatformV1IndexDatapoint: - id: GoogleCloudAiplatformV1IndexDatapoint - description: A datapoint of Index. - type: object + Optional. A score indicating how likely it is that a Google Search + query could help answer the prompt. The score is in the range of + `[0, 1]`. A score of 1 means the model is confident that a search + will be helpful, and 0 means it is not. This score is populated only + when Google Search grounding and dynamic retrieval are enabled. The + score is used to determine whether to trigger a search. + type: number + GoogleCloudAiplatformV1CorroborateContentResponse: + id: GoogleCloudAiplatformV1CorroborateContentResponse properties: - datapointId: - description: Required. Unique identifier of the datapoint. - type: string - featureVector: - description: >- - Required. Feature embedding vector for dense index. An array of - numbers with the length of [NearestNeighborSearchConfig.dimensions]. - type: array - items: - type: number - format: float - sparseEmbedding: - description: Optional. Feature embedding vector for sparse index. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1IndexDatapointSparseEmbedding - restricts: + claims: description: >- - Optional. List of Restrict of the datapoint, used to perform - "restricted searches" where boolean rule are used to filter the - subset of the database eligible for matching. This uses categorical - tokens. See: - https://cloud.google.com/vertex-ai/docs/matching-engine/filtering - type: array + Claims that are extracted from the input content and facts that + support the claims. items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1IndexDatapointRestriction - numericRestricts: - description: >- - Optional. List of Restrict of the datapoint, used to perform - "restricted searches" where boolean rule are used to filter the - subset of the database eligible for matching. This uses numeric - comparisons. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Claim' type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1IndexDatapointNumericRestriction - crowdingTag: - description: >- - Optional. CrowdingTag of the datapoint, the number of neighbors to - return in each crowding can be configured during query. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1IndexDatapointCrowdingTag - embeddingMetadata: + corroborationScore: + format: float + type: number description: >- - Optional. The key-value map of additional metadata for the - datapoint. - type: object - additionalProperties: - type: any - description: Properties of the object. - GoogleCloudAiplatformV1IndexDatapointSparseEmbedding: - id: GoogleCloudAiplatformV1IndexDatapointSparseEmbedding - description: >- - Feature embedding vector for sparse index. An array of numbers whose - values are located in the specified dimensions. + Confidence score of corroborating content. Value is [0,1] with 1 is + the most confidence. + description: Response message for CorroborateContent. + type: object + GoogleCloudAiplatformV1RebootPersistentResourceRequest: + id: GoogleCloudAiplatformV1RebootPersistentResourceRequest + properties: {} + description: Request message for PersistentResourceService.RebootPersistentResource. type: object + GoogleCloudAiplatformV1CsvSource: + id: GoogleCloudAiplatformV1CsvSource properties: - values: - description: Required. The list of embedding values of the sparse vector. - type: array - items: - type: number - format: float - dimensions: - description: >- - Required. The list of indexes for the embedding values of the sparse - vector. - type: array - items: - type: string - format: int64 - GoogleCloudAiplatformV1IndexDatapointRestriction: - id: GoogleCloudAiplatformV1IndexDatapointRestriction - description: >- - Restriction of a datapoint which describe its attributes(tokens) from - each of several attribute categories(namespaces). + gcsSource: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' + description: Required. Google Cloud Storage location. + type: object + description: The storage details for CSV input content. + GoogleCloudAiplatformV1DeleteMetadataStoreOperationMetadata: + description: Details of operations that perform MetadataService.DeleteMetadataStore. + id: GoogleCloudAiplatformV1DeleteMetadataStoreOperationMetadata type: object properties: - namespace: - description: 'The namespace of this restriction. e.g.: color.' - type: string - allowList: - description: 'The attributes to allow in this namespace. e.g.: ''red''' - type: array - items: - type: string - denyList: - description: 'The attributes to deny in this namespace. e.g.: ''blue''' - type: array - items: - type: string - GoogleCloudAiplatformV1IndexDatapointNumericRestriction: - id: GoogleCloudAiplatformV1IndexDatapointNumericRestriction - description: >- - This field allows restricts to be based on numeric comparisons rather - than categorical tokens. + genericMetadata: + description: Operation metadata for deleting a MetadataStore. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + GoogleCloudAiplatformV1GenericOperationMetadata: + description: Generic Metadata shared by all operations. type: object + id: GoogleCloudAiplatformV1GenericOperationMetadata properties: - valueInt: - description: Represents 64 bit integer. + partialFailures: + readOnly: true + description: >- + Output only. Partial failures encountered. E.g. single files that + couldn't be read. This field should never exceed 20 entries. Status + details field will contain standard Google Cloud error details. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + createTime: + readOnly: true + description: Output only. Time when the operation was created. + format: google-datetime type: string - format: int64 - valueFloat: - description: Represents 32 bit float. - type: number - format: float - valueDouble: - description: Represents 64 bit float. - type: number - format: double - namespace: - description: 'The namespace of this restriction. e.g.: cost.' + updateTime: + format: google-datetime type: string - op: description: >- - This MUST be specified for queries and must NOT be specified for - datapoints. - type: string - enumDescriptions: - - Default value of the enum. - - Datapoints are eligible iff their value is < the query's. - - Datapoints are eligible iff their value is <= the query's. - - Datapoints are eligible iff their value is == the query's. - - Datapoints are eligible iff their value is >= the query's. - - Datapoints are eligible iff their value is > the query's. - - Datapoints are eligible iff their value is != the query's. - enum: - - OPERATOR_UNSPECIFIED - - LESS - - LESS_EQUAL - - EQUAL - - GREATER_EQUAL - - GREATER - - NOT_EQUAL - GoogleCloudAiplatformV1IndexDatapointCrowdingTag: - id: GoogleCloudAiplatformV1IndexDatapointCrowdingTag - description: >- - Crowding tag is a constraint on a neighbor list produced by nearest - neighbor search requiring that no more than some value k' of the k - neighbors returned have the same value of crowding_attribute. + Output only. Time when the operation was updated for the last time. + If the operation has finished (successfully or not), this is the + finish time. + readOnly: true + GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessInput: + id: GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessInput + description: Input for question answering helpfulness metric. type: object properties: - crowdingAttribute: - description: >- - The attribute value used for crowding. The maximum number of - neighbors to return per crowding attribute value - (per_crowding_attribute_num_neighbors) is configured per-query. This - field is ignored if per_crowding_attribute_num_neighbors is larger - than the total number of neighbors to return for a given query. - type: string - GoogleCloudAiplatformV1UpsertDatapointsResponse: - id: GoogleCloudAiplatformV1UpsertDatapointsResponse - description: Response message for IndexService.UpsertDatapoints + metricSpec: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessSpec + description: Required. Spec for question answering helpfulness score metric. + instance: + description: Required. Question answering helpfulness instance. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessInstance + GoogleCloudAiplatformV1RubricBasedInstructionFollowingInstance: type: object - properties: {} - GoogleCloudAiplatformV1RemoveDatapointsRequest: - id: GoogleCloudAiplatformV1RemoveDatapointsRequest - description: Request message for IndexService.RemoveDatapoints + description: >- + Instance for RubricBasedInstructionFollowing metric - one instance + corresponds to one row in an evaluation dataset. + properties: + jsonInstance: + type: string + description: >- + Required. Instance specified as a json string. String key-value + pairs are expected in the json_instance to render + RubricBasedInstructionFollowing prompt templates. + id: GoogleCloudAiplatformV1RubricBasedInstructionFollowingInstance + GoogleCloudAiplatformV1GenAiAdvancedFeaturesConfig: type: object properties: - datapointIds: - description: A list of datapoint ids to be deleted. - type: array - items: - type: string - GoogleCloudAiplatformV1RemoveDatapointsResponse: - id: GoogleCloudAiplatformV1RemoveDatapointsResponse - description: Response message for IndexService.RemoveDatapoints + ragConfig: + description: Configuration for Retrieval Augmented Generation feature. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenAiAdvancedFeaturesConfigRagConfig + description: Configuration for GenAiAdvancedFeatures. + id: GoogleCloudAiplatformV1GenAiAdvancedFeaturesConfig + GoogleCloudAiplatformV1FeatureOnlineStoreDedicatedServingEndpoint: + id: GoogleCloudAiplatformV1FeatureOnlineStoreDedicatedServingEndpoint type: object - properties: {} - GoogleCloudAiplatformV1IndexEndpoint: - id: GoogleCloudAiplatformV1IndexEndpoint description: >- - Indexes are deployed into it. An IndexEndpoint can have multiple - DeployedIndexes. - type: object + The dedicated serving endpoint for this FeatureOnlineStore. Only need to + set when you choose Optimized storage type. Public endpoint is + provisioned by default. properties: - name: - description: Output only. The resource name of the IndexEndpoint. - readOnly: true - type: string - displayName: + serviceAttachment: description: >- - Required. The display name of the IndexEndpoint. The name can be up - to 128 characters long and can consist of any UTF-8 characters. + Output only. The name of the service attachment resource. Populated + if private service connect is enabled and after FeatureViewSync is + created. type: string - description: - description: The description of the IndexEndpoint. + readOnly: true + privateServiceConnectConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PrivateServiceConnectConfig + description: >- + Optional. Private service connect config. The private service + connection is available only for Optimized storage type, not for + embedding management now. If + PrivateServiceConnectConfig.enable_private_service_connect set to + true, customers will use private service connection to send request. + Otherwise, the connection will set to public endpoint. + publicEndpointDomainName: type: string - deployedIndexes: - description: Output only. The indexes deployed in this endpoint. readOnly: true + description: >- + Output only. This field will be populated with the domain name to + use for this FeatureOnlineStore + GoogleCloudAiplatformV1ExactMatchInput: + properties: + metricSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExactMatchSpec' + description: Required. Spec for exact match metric. + instances: + description: Required. Repeated exact match instances. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedIndex' - etag: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExactMatchInstance' + id: GoogleCloudAiplatformV1ExactMatchInput + description: Input for exact match metric. + type: object + GoogleCloudAiplatformV1ExternalApi: + properties: + simpleSearchParams: + description: Parameters for the simple search API. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ExternalApiSimpleSearchParams + apiAuth: + deprecated: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1ApiAuth' description: >- - Used to perform consistent read-modify-write updates. If not set, a - blind "overwrite" update happens. + The authentication config to access the API. Deprecated. Please use + auth_config instead. + apiSpec: + type: string + enumDescriptions: + - Unspecified API spec. This value should not be used. + - Simple search API spec. + - Elastic search API spec. + enum: + - API_SPEC_UNSPECIFIED + - SIMPLE_SEARCH + - ELASTIC_SEARCH + description: The API spec that the external API implements. + endpoint: type: string - labels: description: >- - The labels with user-defined metadata to organize your - IndexEndpoints. Label keys and values can be no longer than 64 - characters (Unicode codepoints), can only contain lowercase letters, - numeric characters, underscores and dashes. International characters - are allowed. See https://goo.gl/xmQnxf for more information and - examples of labels. - type: object - additionalProperties: - type: string - createTime: - description: Output only. Timestamp when this IndexEndpoint was created. - readOnly: true - type: string - format: google-datetime - updateTime: + The endpoint of the external API. The system will call the API at + this endpoint to retrieve the data for grounding. Example: + https://acme.com:443/search + elasticSearchParams: + description: Parameters for the elastic search API. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ExternalApiElasticSearchParams + authConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1AuthConfig' + description: The authentication config to access the API. + description: >- + Retrieve from data source powered by external API for grounding. The + external API is not owned by Google, but need to follow the pre-defined + API spec. + id: GoogleCloudAiplatformV1ExternalApi + type: object + GoogleCloudAiplatformV1StratifiedSplit: + id: GoogleCloudAiplatformV1StratifiedSplit + type: object + description: >- + Assigns input data to the training, validation, and test sets so that + the distribution of values found in the categorical column (as specified + by the `key` field) is mirrored within each split. The fraction values + determine the relative sizes of the splits. For example, if the + specified column has three values, with 50% of the rows having value + "A", 25% value "B", and 25% value "C", and the split fractions are + specified as 80/10/10, then the training set will constitute 80% of the + training data, with about 50% of the training set rows having the value + "A" for the specified column, about 25% having the value "B", and about + 25% having the value "C". Only the top 500 occurring values are used; + any values not in the top 500 values are randomly assigned to a split. + If less than three rows contain a specific value, those rows are + randomly assigned. Supported only for tabular Datasets. + properties: + trainingFraction: description: >- - Output only. Timestamp when this IndexEndpoint was last updated. - This timestamp is not updated when the endpoint's DeployedIndexes - are updated, e.g. due to updates of the original Indexes they are - the deployments of. - readOnly: true - type: string - format: google-datetime - network: + The fraction of the input data that is to be used to train the + Model. + format: double + type: number + key: description: >- - Optional. The full name of the Google Compute Engine - [network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks) - to which the IndexEndpoint should be peered. Private services access - must already be configured for the network. If left unspecified, the - Endpoint is not peered with any network. network and - private_service_connect_config are mutually exclusive. - [Format](https://cloud.google.com/compute/docs/reference/rest/v1/networks/insert): - `projects/{project}/global/networks/{network}`. Where {project} is a - project number, as in '12345', and {network} is network name. + Required. The key is a name of one of the Dataset's data columns. + The key provided must be for a categorical column. type: string - enablePrivateServiceConnect: + testFraction: description: >- - Optional. Deprecated: If true, expose the IndexEndpoint via private - service connect. Only one of the fields, network or - enable_private_service_connect, can be set. - deprecated: true - type: boolean - privateServiceConnectConfig: + The fraction of the input data that is to be used to evaluate the + Model. + format: double + type: number + validationFraction: + type: number description: >- - Optional. Configuration for private service connect. network and - private_service_connect_config are mutually exclusive. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PrivateServiceConnectConfig - publicEndpointEnabled: + The fraction of the input data that is to be used to validate the + Model. + format: double + GoogleCloudAiplatformV1BatchPredictionJobOutputConfig: + properties: + bigqueryDestination: + $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQueryDestination' description: >- - Optional. If true, the deployed index will be accessible through - public endpoint. - type: boolean - publicEndpointDomainName: + The BigQuery project or dataset location where the output is to be + written to. If project is provided, a new dataset is created with + name `prediction__` where is made BigQuery-dataset-name compatible + (for example, most special characters become underscores), and + timestamp is in YYYY_MM_DDThh_mm_ss_sssZ "based on ISO-8601" format. + In the dataset two tables will be created, `predictions`, and + `errors`. If the Model has both instance and prediction schemata + defined then the tables have columns as follows: The `predictions` + table contains instances for which the prediction succeeded, it has + columns as per a concatenation of the Model's instance and + prediction schemata. The `errors` table contains rows for which the + prediction has failed, it has instance columns, as per the instance + schema, followed by a single "errors" column, which as values has + google.rpc.Status represented as a STRUCT, and containing only + `code` and `message`. + predictionsFormat: description: >- - Output only. If public_endpoint_enabled is true, this field will be - populated with the domain name to use for this index endpoint. - readOnly: true + Required. The format in which Vertex AI gives the predictions, must + be one of the Model's supported_output_storage_formats. type: string - encryptionSpec: + gcsDestination: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' description: >- - Immutable. Customer-managed encryption key spec for an - IndexEndpoint. If set, this IndexEndpoint and all sub-resources of - this IndexEndpoint will be secured by this key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - GoogleCloudAiplatformV1DeployedIndex: - id: GoogleCloudAiplatformV1DeployedIndex + The Cloud Storage location of the directory where the output is to + be written to. In the given directory a new directory is created. + Its name is `prediction--`, where timestamp is in + YYYY-MM-DDThh:mm:ss.sssZ ISO-8601 format. Inside of it files + `predictions_0001.`, `predictions_0002.`, ..., `predictions_N.` are + created where `` depends on chosen predictions_format, and N may + equal 0001 and depends on the total number of successfully predicted + instances. If the Model has both instance and prediction schemata + defined then each such file contains predictions as per the + predictions_format. If prediction for any instance failed (partially + or completely), then an additional `errors_0001.`, + `errors_0002.`,..., `errors_N.` files are created (N depends on + total number of failed predictions). These files contain the failed + instances, as per their schema, followed by an additional `error` + field which as value has google.rpc.Status containing only `code` + and `message` fields. + type: object + id: GoogleCloudAiplatformV1BatchPredictionJobOutputConfig description: >- - A deployment of an Index. IndexEndpoints contain one or more - DeployedIndexes. + Configures the output of BatchPredictionJob. See + Model.supported_output_storage_formats for supported output formats, and + how predictions are expressed via any of them. + GoogleCloudAiplatformV1SchemaPredictInstanceImageSegmentationPredictionInstance: + description: Prediction input format for Image Segmentation. type: object properties: - id: - description: >- - Required. The user specified ID of the DeployedIndex. The ID can be - up to 128 characters long and must start with a letter and only - contain letters, numbers, and underscores. The ID must be unique - within the project it is created in. - type: string - index: - description: >- - Required. The name of the Index this is the deployment of. We may - refer to this Index as the DeployedIndex's "original" Index. + content: + description: The image bytes to make the predictions on. type: string - displayName: + mimeType: description: >- - The display name of the DeployedIndex. If not provided upon - creation, the Index's display_name is used. + The MIME type of the content of the image. Only the images in below + listed MIME types are supported. - image/jpeg - image/png type: string - createTime: - description: Output only. Timestamp when the DeployedIndex was created. - readOnly: true + id: >- + GoogleCloudAiplatformV1SchemaPredictInstanceImageSegmentationPredictionInstance + GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpec: + id: GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpec + type: object + properties: + multiTrialAlgorithm: + enum: + - MULTI_TRIAL_ALGORITHM_UNSPECIFIED + - REINFORCEMENT_LEARNING + - GRID_SEARCH type: string - format: google-datetime - privateEndpoints: + enumDescriptions: + - Defaults to `REINFORCEMENT_LEARNING`. + - >- + The Reinforcement Learning Algorithm for Multi-trial Neural + Architecture Search (NAS). + - >- + The Grid Search Algorithm for Multi-trial Neural Architecture + Search (NAS). description: >- - Output only. Provides paths for users to send requests directly to - the deployed index services running on Cloud via private services - access. This field is populated if network is configured. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexPrivateEndpoints' - indexSyncTime: + The multi-trial Neural Architecture Search (NAS) algorithm type. + Defaults to `REINFORCEMENT_LEARNING`. + searchTrialSpec: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecSearchTrialSpec + description: Required. Spec for search trials. + metric: description: >- - Output only. The DeployedIndex may depend on various data on its - original Index. Additionally when certain changes to the original - Index are being done (e.g. when what the Index contains is being - changed) the DeployedIndex may be asynchronously updated in the - background to reflect these changes. If this timestamp's value is at - least the Index.update_time of the original Index, it means that - this DeployedIndex and the original Index are in sync. If this - timestamp is older, then to see which updates this DeployedIndex - already contains (and which it does not), one must list the - operations that are running on the original Index. Only the - successfully completed Operations with update_time equal or before - this sync time are contained in this DeployedIndex. - readOnly: true - type: string - format: google-datetime - automaticResources: + Metric specs for the NAS job. Validation for this field is done at + `multi_trial_algorithm_spec` field. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecMetricSpec + trainTrialSpec: description: >- - Optional. A description of resources that the DeployedIndex uses, - which to large degree are decided by Vertex AI, and optionally - allows only a modest additional configuration. If min_replica_count - is not set, the default value is 2 (we don't provide SLA when - min_replica_count=1). If max_replica_count is not set, the default - value is min_replica_count. The max allowed replica count is 1000. - $ref: '#/components/schemas/GoogleCloudAiplatformV1AutomaticResources' - dedicatedResources: + Spec for train trials. Top N + [TrainTrialSpec.max_parallel_trial_count] search trials will be + trained for every M [TrainTrialSpec.frequency] trials searched. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecTrainTrialSpec + description: The spec of multi-trial Neural Architecture Search (NAS). + GoogleCloudAiplatformV1DedicatedResources: + properties: + minReplicaCount: + format: int32 description: >- - Optional. A description of resources that are dedicated to the - DeployedIndex, and that need a higher degree of manual - configuration. The field min_replica_count must be set to a value - strictly greater than 0, or else validation will fail. We don't - provide SLA when min_replica_count=1. If max_replica_count is not - set, the default value is min_replica_count. The max allowed replica - count is 1000. Available machine types for SMALL shard: - e2-standard-2 and all machine types available for MEDIUM and LARGE - shard. Available machine types for MEDIUM shard: e2-standard-16 and - all machine types available for LARGE shard. Available machine types - for LARGE shard: e2-highmem-16, n2d-standard-32. n1-standard-16 and - n1-standard-32 are still available, but we recommend e2-standard-16 - and e2-highmem-16 for cost efficiency. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DedicatedResources' - enableAccessLogging: + Required. Immutable. The minimum number of machine replicas that + will be always deployed on. This value must be greater than or equal + to 1. If traffic increases, it may dynamically be deployed onto more + replicas, and as traffic decreases, some of these extra replicas may + be freed. + type: integer + autoscalingMetricSpecs: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1AutoscalingMetricSpec' description: >- - Optional. If true, private endpoint's access logs are sent to Cloud - Logging. These logs are like standard server access logs, containing - information like timestamp and latency for each MatchRequest. Note - that logs may incur a cost, especially if the deployed index - receives a high queries per second rate (QPS). Estimate your costs - before enabling this option. - type: boolean - enableDatapointUpsertLogging: + Immutable. The metric specifications that overrides a resource + utilization metric (CPU utilization, accelerator's duty cycle, and + so on) target value (default to 60 if not set). At most one entry is + allowed per metric. If machine_spec.accelerator_count is above 0, + the autoscaling will be based on both CPU utilization and + accelerator's duty cycle metrics and scale up when either metrics + exceeds its target value while scale down if both metrics are under + their target value. The default target value is 60 for both metrics. + If machine_spec.accelerator_count is 0, the autoscaling will be + based on CPU utilization metric only with default target value 60 if + not explicitly set. For example, in the case of Online Prediction, + if you want to override target CPU utilization to 80, you should set + autoscaling_metric_specs.metric_name to + `aiplatform.googleapis.com/prediction/online/cpu/utilization` and + autoscaling_metric_specs.target to `80`. + type: array + spot: description: >- - Optional. If true, logs to Cloud Logging errors relating to - datapoint upserts. Under normal operation conditions, these log - entries should be very rare. However, if incompatible datapoint - updates are being uploaded to an index, a high volume of log entries - may be generated in a short period of time. Note that logs may incur - a cost, especially if the deployed index receives a high volume of - datapoint upserts. Estimate your costs before enabling this option. + Optional. If true, schedule the deployment workload on [spot + VMs](https://cloud.google.com/kubernetes-engine/docs/concepts/spot-vms). type: boolean - deployedIndexAuthConfig: - description: >- - Optional. If set, the authentication is enabled for the private - endpoint. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedIndexAuthConfig' - reservedIpRanges: - description: >- - Optional. A list of reserved ip ranges under the VPC network that - can be used for this DeployedIndex. If set, we will deploy the index - within the provided ip ranges. Otherwise, the index might be - deployed to any ip ranges under the provided VPC network. The value - should be the name of the address - (https://cloud.google.com/compute/docs/reference/rest/v1/addresses) - Example: ['vertex-ai-ip-range']. For more information about subnets - and network IP ranges, please see - https://cloud.google.com/vpc/docs/subnets#manually_created_subnet_ip_ranges. - type: array - items: - type: string - deploymentGroup: + machineSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1MachineSpec' description: >- - Optional. The deployment group can be no longer than 64 characters - (eg: 'test', 'prod'). If not set, we will use the 'default' - deployment group. Creating `deployment_groups` with - `reserved_ip_ranges` is a recommended practice when the peered - network has multiple peering ranges. This creates your deployments - from predictable IP spaces for easier traffic administration. Also, - one deployment_group (except 'default') can only be used with the - same reserved_ip_ranges which means if the deployment_group has been - used with reserved_ip_ranges: [a, b, c], using it with [a, b] or [d, - e] is disallowed. Note: we only support up to 5 deployment - groups(not including 'default'). - type: string - deploymentTier: + Required. Immutable. The specification of a single machine being + used. + maxReplicaCount: + format: int32 description: >- - Optional. The deployment tier that the index is deployed to. - DEPLOYMENT_TIER_UNSPECIFIED defaults to PERFORMANCE. - type: string - enumDescriptions: - - Default deployment tier. - - Optimized for costs. - enum: - - DEPLOYMENT_TIER_UNSPECIFIED - - STORAGE - pscAutomationConfigs: + Immutable. The maximum number of replicas that may be deployed on + when the traffic against it increases. If the requested value is too + large, the deployment will error, but if deployment succeeds then + the ability to scale to that many replicas is guaranteed (barring + service outages). If traffic increases beyond what its replicas at + maximum may handle, a portion of the traffic will be dropped. If + this value is not provided, will use min_replica_count as the + default value. The value of this field impacts the charge against + Vertex CPU and GPU quotas. Specifically, you will be charged for + (max_replica_count * number of cores in the selected machine type) + and (max_replica_count * number of GPUs per replica in the selected + machine type). + type: integer + requiredReplicaCount: + format: int32 description: >- - Optional. If set for PSC deployed index, PSC connection will be - automatically created after deployment is done and the endpoint - information is populated in - private_endpoints.psc_automated_endpoints. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PSCAutomationConfig' - GoogleCloudAiplatformV1IndexPrivateEndpoints: - id: GoogleCloudAiplatformV1IndexPrivateEndpoints + Optional. Number of required available replicas for the deployment + to succeed. This field is only needed when partial + deployment/mutation is desired. If set, the deploy/mutate operation + will succeed once available_replica_count reaches + required_replica_count, and the rest of the replicas will be + retried. If not set, the default required_replica_count will be + min_replica_count. + type: integer description: >- - IndexPrivateEndpoints proto is used to provide paths for users to send - requests via private endpoints (e.g. private service access, private - service connect). To send request via private service access, use - match_grpc_address. To send request via private service connect, use - service_attachment. + A description of resources that are dedicated to a DeployedModel or + DeployedIndex, and that need a higher degree of manual configuration. + type: object + id: GoogleCloudAiplatformV1DedicatedResources + GoogleCloudAiplatformV1NotebookExecutionJob: type: object + description: NotebookExecutionJob represents an instance of a notebook execution. + id: GoogleCloudAiplatformV1NotebookExecutionJob properties: - matchGrpcAddress: - description: Output only. The ip address used to send match gRPC requests. + createTime: readOnly: true + format: google-datetime + description: Output only. Timestamp when this NotebookExecutionJob was created. type: string - serviceAttachment: + labels: + type: object + additionalProperties: + type: string description: >- - Output only. The name of the service attachment resource. Populated - if private service connect is enabled. - readOnly: true + The labels with user-defined metadata to organize + NotebookExecutionJobs. Label keys and values can be no longer than + 64 characters (Unicode codepoints), can only contain lowercase + letters, numeric characters, underscores and dashes. International + characters are allowed. See https://goo.gl/xmQnxf for more + information and examples of labels. System reserved label keys are + prefixed with "aiplatform.googleapis.com/" and are immutable. + scheduleResourceName: + description: >- + The Schedule resource name if this job is triggered by one. Format: + `projects/{project_id}/locations/{location}/schedules/{schedule_id}` type: string - pscAutomatedEndpoints: + gcsOutputUri: description: >- - Output only. PscAutomatedEndpoints is populated if private service - connect is enabled if PscAutomatedConfig is set. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PscAutomatedEndpoints' - GoogleCloudAiplatformV1PscAutomatedEndpoints: - id: GoogleCloudAiplatformV1PscAutomatedEndpoints - description: >- - PscAutomatedEndpoints defines the output of the forwarding rule - automatically created by each PscAutomationConfig. - type: object - properties: - projectId: - description: Corresponding project_id in pscAutomationConfigs + The Cloud Storage location to upload the result to. Format: + `gs://bucket-name` type: string - network: - description: Corresponding network in pscAutomationConfigs. + executionUser: + description: >- + The user email to run the execution as. Only supported by Colab + runtimes. type: string - matchAddress: - description: Ip Address created by the automated forwarding rule. + serviceAccount: + description: The service account to run the execution as. type: string - GoogleCloudAiplatformV1DeployedIndexAuthConfig: - id: GoogleCloudAiplatformV1DeployedIndexAuthConfig - description: Used to set up the auth on the DeployedIndex's private endpoint. - type: object - properties: - authProvider: - description: Defines the authentication provider that the DeployedIndex uses. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1DeployedIndexAuthConfigAuthProvider - GoogleCloudAiplatformV1DeployedIndexAuthConfigAuthProvider: - id: GoogleCloudAiplatformV1DeployedIndexAuthConfigAuthProvider - description: >- - Configuration for an authentication provider, including support for - [JSON Web Token - (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32). - type: object - properties: - audiences: + updateTime: description: >- - The list of JWT - [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3). - that are allowed to access. A JWT containing any of these audiences - will be accepted. - type: array - items: - type: string - allowedIssuers: + Output only. Timestamp when this NotebookExecutionJob was most + recently updated. + format: google-datetime + type: string + readOnly: true + executionTimeout: description: >- - A list of allowed JWT issuers. Each entry must be a valid Google - service account, in the following format: - `service-account-name@project-id.iam.gserviceaccount.com` - type: array - items: - type: string - GoogleCloudAiplatformV1ListIndexEndpointsResponse: - id: GoogleCloudAiplatformV1ListIndexEndpointsResponse - description: Response message for IndexEndpointService.ListIndexEndpoints. - type: object - properties: - indexEndpoints: - description: List of IndexEndpoints in the requested page. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexEndpoint' - nextPageToken: - description: >- - A token to retrieve next page of results. Pass to - ListIndexEndpointsRequest.page_token to obtain that page. + Max running time of the execution job in seconds (default 86400s / + 24 hrs). + format: google-duration type: string - GoogleCloudAiplatformV1DeployIndexRequest: - id: GoogleCloudAiplatformV1DeployIndexRequest - description: Request message for IndexEndpointService.DeployIndex. - type: object - properties: - deployedIndex: - description: Required. The DeployedIndex to be created within the IndexEndpoint. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedIndex' - GoogleCloudAiplatformV1UndeployIndexRequest: - id: GoogleCloudAiplatformV1UndeployIndexRequest - description: Request message for IndexEndpointService.UndeployIndex. - type: object - properties: - deployedIndexId: + name: description: >- - Required. The ID of the DeployedIndex to be undeployed from the - IndexEndpoint. + Output only. The resource name of this NotebookExecutionJob. Format: + `projects/{project_id}/locations/{location}/notebookExecutionJobs/{job_id}` type: string - GoogleCloudAiplatformV1CustomJob: - id: GoogleCloudAiplatformV1CustomJob - description: >- - Represents a job that runs custom workloads such as a Docker container - or a Python package. A CustomJob can have multiple worker pools and each - worker pool can have its own machine and input spec. A CustomJob will be - cleaned up once the job enters terminal state (failed or succeeded). - type: object - properties: - name: - description: Output only. Resource name of a CustomJob. readOnly: true + status: + readOnly: true + $ref: '#/components/schemas/GoogleRpcStatus' + description: >- + Output only. Populated when the NotebookExecutionJob is completed. + When there is an error during notebook execution, the error details + are populated. + workbenchRuntime: + description: >- + The Workbench runtime configuration to use for the notebook + execution. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJobWorkbenchRuntime + encryptionSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + description: >- + Customer-managed encryption key spec for the notebook execution job. + This field is auto-populated if the NotebookRuntimeTemplate has an + encryption spec. + kernelName: + description: >- + The name of the kernel to use during notebook execution. If unset, + the default kernel is used. type: string + directNotebookSource: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJobDirectNotebookSource + description: The contents of an input notebook file. displayName: + type: string description: >- - Required. The display name of the CustomJob. The name can be up to + The display name of the NotebookExecutionJob. The name can be up to 128 characters long and can consist of any UTF-8 characters. + gcsNotebookSource: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJobGcsNotebookSource + description: >- + The Cloud Storage url pointing to the ipynb file. Format: + `gs://bucket/notebook_file.ipynb` + jobState: type: string - jobSpec: - description: Required. Job spec. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJobSpec' - state: - description: Output only. The detailed state of the job. readOnly: true - type: string + enum: + - JOB_STATE_UNSPECIFIED + - JOB_STATE_QUEUED + - JOB_STATE_PENDING + - JOB_STATE_RUNNING + - JOB_STATE_SUCCEEDED + - JOB_STATE_FAILED + - JOB_STATE_CANCELLING + - JOB_STATE_CANCELLED + - JOB_STATE_PAUSED + - JOB_STATE_EXPIRED + - JOB_STATE_UPDATING + - JOB_STATE_PARTIALLY_SUCCEEDED + description: Output only. The state of the NotebookExecutionJob. enumDescriptions: - The job state is unspecified. - >- @@ -10554,127 +9642,120 @@ components: - >- The job is partially succeeded, some results may be missing due to errors. - enum: - - JOB_STATE_UNSPECIFIED - - JOB_STATE_QUEUED - - JOB_STATE_PENDING - - JOB_STATE_RUNNING - - JOB_STATE_SUCCEEDED - - JOB_STATE_FAILED - - JOB_STATE_CANCELLING - - JOB_STATE_CANCELLED - - JOB_STATE_PAUSED - - JOB_STATE_EXPIRED - - JOB_STATE_UPDATING - - JOB_STATE_PARTIALLY_SUCCEEDED - createTime: - description: Output only. Time when the CustomJob was created. - readOnly: true + customEnvironmentSpec: + description: The custom compute configuration for an execution job. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJobCustomEnvironmentSpec + notebookRuntimeTemplateResourceName: type: string - format: google-datetime - startTime: + description: The NotebookRuntimeTemplate to source compute configuration from. + dataformRepositorySource: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJobDataformRepositorySource description: >- - Output only. Time when the CustomJob for the first time entered the - `JOB_STATE_RUNNING` state. + The Dataform Repository pointing to a single file notebook + repository. + GoogleCloudAiplatformV1PersistentResource: + description: >- + Represents long-lasting resources that are dedicated to users to runs + custom workloads. A PersistentResource can have multiple node pools and + each node pool can have its own machine spec. + type: object + id: GoogleCloudAiplatformV1PersistentResource + properties: + encryptionSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + description: >- + Optional. Customer-managed encryption key spec for a + PersistentResource. If set, this PersistentResource and all + sub-resources of this PersistentResource will be secured by this + key. + satisfiesPzs: readOnly: true + description: Output only. Reserved for future use. + type: boolean + displayName: + description: >- + Optional. The display name of the PersistentResource. The name can + be up to 128 characters long and can consist of any UTF-8 + characters. type: string + updateTime: format: google-datetime - endTime: description: >- - Output only. Time when the CustomJob entered any of the following - states: `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED`, - `JOB_STATE_CANCELLED`. + Output only. Time when the PersistentResource was most recently + updated. readOnly: true type: string - format: google-datetime - updateTime: - description: Output only. Time when the CustomJob was most recently updated. + reservedIpRanges: + items: + type: string + description: >- + Optional. A list of names for the reserved IP ranges under the VPC + network that can be used for this persistent resource. If set, we + will deploy the persistent resource within the provided IP ranges. + Otherwise, the persistent resource is deployed to any IP ranges + under the provided VPC network. Example: ['vertex-ai-ip-range']. + type: array + state: readOnly: true + enumDescriptions: + - Not set. + - >- + The PROVISIONING state indicates the persistent resources is being + created. + - >- + The RUNNING state indicates the persistent resource is healthy and + fully usable. + - >- + The STOPPING state indicates the persistent resource is being + deleted. + - >- + The ERROR state indicates the persistent resource may be unusable. + Details can be found in the `error` field. + - >- + The REBOOTING state indicates the persistent resource is being + rebooted (PR is not available right now but is expected to be + ready again later). + - >- + The UPDATING state indicates the persistent resource is being + updated. type: string - format: google-datetime - error: - description: >- - Output only. Only populated when job's state is `JOB_STATE_FAILED` - or `JOB_STATE_CANCELLED`. + enum: + - STATE_UNSPECIFIED + - PROVISIONING + - RUNNING + - STOPPING + - ERROR + - REBOOTING + - UPDATING + description: Output only. The detailed state of a Study. + resourceRuntime: readOnly: true - $ref: '#/components/schemas/GoogleRpcStatus' - labels: + description: Output only. Runtime information of the Persistent Resource. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ResourceRuntime' + resourceRuntimeSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ResourceRuntimeSpec' description: >- - The labels with user-defined metadata to organize CustomJobs. Label - keys and values can be no longer than 64 characters (Unicode - codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. See - https://goo.gl/xmQnxf for more information and examples of labels. - type: object + Optional. Persistent Resource runtime spec. For example, used for + Ray cluster configuration. + labels: additionalProperties: type: string - encryptionSpec: - description: >- - Customer-managed encryption key options for a CustomJob. If this is - set, then all resources created by the CustomJob will be encrypted - with the provided encryption key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - webAccessUris: - description: >- - Output only. URIs for accessing [interactive - shells](https://cloud.google.com/vertex-ai/docs/training/monitor-debug-interactive-shell) - (one URI for each training node). Only available if - job_spec.enable_web_access is `true`. The keys are names of each - node in the training job; for example, `workerpool0-0` for the - primary node, `workerpool1-0` for the first node in the second - worker pool, and `workerpool1-1` for the second node in the second - worker pool. The values are the URIs for each node's interactive - shell. - readOnly: true type: object - additionalProperties: - type: string - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - GoogleCloudAiplatformV1CustomJobSpec: - id: GoogleCloudAiplatformV1CustomJobSpec - description: Represents the spec of a CustomJob. - type: object - properties: - persistentResourceId: description: >- - Optional. The ID of the PersistentResource in the same Project and - Location which to run If this is specified, the job will be run on - existing machines held by the PersistentResource instead of - on-demand short-live machines. The network and CMEK configs on the - job should be consistent with those on the PersistentResource, - otherwise, the job will be rejected. - type: string - workerPoolSpecs: - description: >- - Required. The spec of the worker pools including machine type and - Docker image. All worker pools except the first one are optional and - can be skipped by providing an empty value. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1WorkerPoolSpec' - scheduling: - description: Scheduling options for a CustomJob. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Scheduling' - serviceAccount: - description: >- - Specifies the service account for workload run-as account. Users - submitting jobs must have act-as permission on this run-as account. - If unspecified, the [Vertex AI Custom Code Service - Agent](https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) - for the CustomJob's project is used. - type: string + Optional. The labels with user-defined metadata to organize + PersistentResource. Label keys and values can be no longer than 64 + characters (Unicode codepoints), can only contain lowercase letters, + numeric characters, underscores and dashes. International characters + are allowed. See https://goo.gl/xmQnxf for more information and + examples of labels. network: + type: string description: >- Optional. The full name of the Compute Engine - [network](/compute/docs/networks-and-firewalls#networks) to which - the Job should be peered. For example, + [network](/compute/docs/networks-and-firewalls#networks) to peered + with Vertex AI to host the persistent resources. For example, `projects/12345/global/networks/myVPC`. [Format](/compute/docs/reference/rest/v1/networks/insert) is of the form `projects/{project}/global/networks/{network}`. Where {project} @@ -10682,1017 +9763,967 @@ components: To specify this field, you must have already [configured VPC Network Peering for Vertex AI](https://cloud.google.com/vertex-ai/docs/general/vpc-peering). If - this field is left unspecified, the job is not peered with any + this field is left unspecified, the resources aren't peered with any network. - type: string - reservedIpRanges: - description: >- - Optional. A list of names for the reserved ip ranges under the VPC - network that can be used for this job. If set, we will deploy the - job within the provided ip ranges. Otherwise, the job will be - deployed to any ip ranges under the provided VPC network. Example: - ['vertex-ai-ip-range']. + resourcePools: type: array + description: Required. The spec of the pools of different resources. items: - type: string - pscInterfaceConfig: - description: Optional. Configuration for PSC-I for CustomJob. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PscInterfaceConfig' - baseOutputDirectory: - description: >- - The Cloud Storage location to store the output of this CustomJob or - HyperparameterTuningJob. For HyperparameterTuningJob, the - baseOutputDirectory of each child CustomJob backing a Trial is set - to a subdirectory of name id under its parent - HyperparameterTuningJob's baseOutputDirectory. The following Vertex - AI environment variables will be passed to containers or python - modules when this field is set: For CustomJob: * AIP_MODEL_DIR = - `/model/` * AIP_CHECKPOINT_DIR = `/checkpoints/` * - AIP_TENSORBOARD_LOG_DIR = `/logs/` For CustomJob backing a Trial of - HyperparameterTuningJob: * AIP_MODEL_DIR = `//model/` * - AIP_CHECKPOINT_DIR = `//checkpoints/` * AIP_TENSORBOARD_LOG_DIR = - `//logs/` - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' - protectedArtifactLocationId: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ResourcePool' + error: + $ref: '#/components/schemas/GoogleRpcStatus' description: >- - The ID of the location to store protected artifacts. e.g. - us-central1. Populate only when the location is different than - CustomJob location. List of supported locations: - https://cloud.google.com/vertex-ai/docs/general/locations + Output only. Only populated when persistent resource's state is + `STOPPING` or `ERROR`. + readOnly: true + startTime: type: string - tensorboard: + readOnly: true + format: google-datetime description: >- - Optional. The name of a Vertex AI Tensorboard resource to which this - CustomJob will upload Tensorboard logs. Format: - `projects/{project}/locations/{location}/tensorboards/{tensorboard}` + Output only. Time when the PersistentResource for the first time + entered the `RUNNING` state. + pscInterfaceConfig: + description: Optional. Configuration for PSC-I for PersistentResource. + $ref: '#/components/schemas/GoogleCloudAiplatformV1PscInterfaceConfig' + createTime: + description: Output only. Time when the PersistentResource was created. + format: google-datetime type: string - enableWebAccess: - description: >- - Optional. Whether you want Vertex AI to enable [interactive shell - access](https://cloud.google.com/vertex-ai/docs/training/monitor-debug-interactive-shell) - to training containers. If set to `true`, you can access interactive - shells at the URIs given by CustomJob.web_access_uris or - Trial.web_access_uris (within HyperparameterTuningJob.trials). + readOnly: true + name: + description: Immutable. Resource name of a PersistentResource. + type: string + satisfiesPzi: + description: Output only. Reserved for future use. + readOnly: true type: boolean - enableDashboardAccess: + GoogleCloudAiplatformV1SchemaAnnotationSpecColor: + type: object + description: >- + An entry of mapping between color and AnnotationSpec. The mapping is + used in segmentation mask. + properties: + color: + description: The color of the AnnotationSpec in a segmentation mask. + $ref: '#/components/schemas/GoogleTypeColor' + displayName: + type: string description: >- - Optional. Whether you want Vertex AI to enable access to the - customized dashboard in training chief container. If set to `true`, - you can access the dashboard at the URIs given by - CustomJob.web_access_uris or Trial.web_access_uris (within - HyperparameterTuningJob.trials). - type: boolean - experiment: + The display name of the AnnotationSpec represented by the color in + the segmentation mask. + id: description: >- - Optional. The Experiment associated with this job. Format: - `projects/{project}/locations/{location}/metadataStores/{metadataStores}/contexts/{experiment-name}` + The ID of the AnnotationSpec represented by the color in the + segmentation mask. type: string - experimentRun: + id: GoogleCloudAiplatformV1SchemaAnnotationSpecColor + GoogleCloudAiplatformV1SchemaPredictParamsImageObjectDetectionPredictionParams: + type: object + properties: + maxPredictions: + type: integer description: >- - Optional. The Experiment Run associated with this job. Format: - `projects/{project}/locations/{location}/metadataStores/{metadataStores}/contexts/{experiment-name}-{experiment-run-name}` - type: string - models: + The Model only returns up to that many top, by confidence score, + predictions per instance. Note that number of returned predictions + is also limited by metadata's predictionsLimit. Default value is 10. + format: int32 + confidenceThreshold: + format: float description: >- - Optional. The name of the Model resources for which to generate a - mapping to artifact URIs. Applicable only to some of the - Google-provided custom jobs. Format: - `projects/{project}/locations/{location}/models/{model}` In order to - retrieve a specific version of the model, also provide the version - ID or version alias. Example: - `projects/{project}/locations/{location}/models/{model}@2` or - `projects/{project}/locations/{location}/models/{model}@golden` If - no version ID or alias is specified, the "default" version will be - returned. The "default" version alias is created for the first - version of the model, and can be moved to other versions later on. - There will be exactly one default version. - type: array - items: - type: string - GoogleCloudAiplatformV1WorkerPoolSpec: - id: GoogleCloudAiplatformV1WorkerPoolSpec - description: Represents the spec of a worker pool in a job. + The Model only returns predictions with at least this confidence + score. Default value is 0.0 + type: number + description: Prediction model parameters for Image Object Detection. + id: >- + GoogleCloudAiplatformV1SchemaPredictParamsImageObjectDetectionPredictionParams + GoogleCloudAiplatformV1CancelTuningJobRequest: + id: GoogleCloudAiplatformV1CancelTuningJobRequest + properties: {} + description: Request message for GenAiTuningService.CancelTuningJob. + type: object + GoogleCloudAiplatformV1TrajectoryAnyOrderMatchInstance: + id: GoogleCloudAiplatformV1TrajectoryAnyOrderMatchInstance type: object properties: - containerSpec: - description: The custom container task. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ContainerSpec' - pythonPackageSpec: - description: The Python packaged task. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PythonPackageSpec' - machineSpec: - description: Optional. Immutable. The specification of a single machine. - $ref: '#/components/schemas/GoogleCloudAiplatformV1MachineSpec' - replicaCount: - description: Optional. The number of worker replicas to use for this worker pool. - type: string - format: int64 - nfsMounts: - description: Optional. List of NFS mount spec. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1NfsMount' - diskSpec: - description: Disk spec. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DiskSpec' - GoogleCloudAiplatformV1ContainerSpec: - id: GoogleCloudAiplatformV1ContainerSpec - description: The spec of a Container. + predictedTrajectory: + description: Required. Spec for predicted tool call trajectory. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' + referenceTrajectory: + description: Required. Spec for reference tool call trajectory. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' + description: Spec for TrajectoryAnyOrderMatch instance. + GoogleCloudAiplatformV1PrebuiltVoiceConfig: + description: Configuration for a prebuilt voice. type: object + id: GoogleCloudAiplatformV1PrebuiltVoiceConfig properties: - imageUri: - description: >- - Required. The URI of a container image in the Container Registry - that is to be run on each worker replica. + voiceName: + description: The name of the prebuilt voice to use. type: string - command: - description: >- - The command to be invoked when the container is started. It - overrides the entrypoint instruction in Dockerfile when provided. - type: array - items: - type: string - args: - description: The arguments to be passed when starting the container. - type: array + GoogleCloudAiplatformV1GoogleDriveSource: + description: The Google Drive location for the input content. + id: GoogleCloudAiplatformV1GoogleDriveSource + properties: + resourceIds: items: - type: string - env: - description: >- - Environment variables to be passed to the container. Maximum limit - is 100. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GoogleDriveSourceResourceId type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1EnvVar' - GoogleCloudAiplatformV1EnvVar: - id: GoogleCloudAiplatformV1EnvVar - description: >- - Represents an environment variable present in a Container or Python - Module. + description: Required. Google Drive resource IDs. type: object + GoogleCloudAiplatformV1RougeMetricValue: properties: - name: - description: >- - Required. Name of the environment variable. Must be a valid C - identifier. - type: string - value: - description: >- - Required. Variables that reference a $(VAR_NAME) are expanded using - the previous defined environment variables in the container and any - service environment variables. If a variable cannot be resolved, the - reference in the input string will be unchanged. The $(VAR_NAME) - syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped - references will never be expanded, regardless of whether the - variable exists or not. - type: string - GoogleCloudAiplatformV1PythonPackageSpec: - id: GoogleCloudAiplatformV1PythonPackageSpec - description: The spec of a Python packaged code. + score: + type: number + format: float + readOnly: true + description: Output only. Rouge score. + id: GoogleCloudAiplatformV1RougeMetricValue + description: Rouge metric value for an instance. type: object + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTables: + type: object + id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTables + description: A TrainingJob that trains and uploads an AutoML Tables Model. properties: - executorImageUri: + inputs: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputs + description: The input parameters of this TrainingJob. + metadata: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesMetadata + description: The metadata information. + GoogleCloudAiplatformV1EventMetadata: + id: GoogleCloudAiplatformV1EventMetadata + properties: + groundingMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundingMetadata' + description: Optional. Metadata returned to client when grounding is enabled. + branch: description: >- - Required. The URI of a container image in Artifact Registry that - will run the provided Python package. Vertex AI provides a wide - range of executor images with pre-installed packages to meet users' - various use cases. See the list of [pre-built containers for - training](https://cloud.google.com/vertex-ai/docs/training/pre-built-containers). - You must use an image from this list. + Optional. The branch of the event. The format is like + agent_1.agent_2.agent_3, where agent_1 is the parent of agent_2, and + agent_2 is the parent of agent_3. Branch is used when multiple child + agents shouldn't see their siblings' conversation history. type: string - packageUris: + interrupted: + type: boolean description: >- - Required. The Google Cloud Storage location of the Python package - files which are the training program and its dependent packages. The - maximum number of package URIs is 100. + Optional. Flag indicating that LLM was interrupted when generating + the content. Usually it's due to user interruption during a bidi + streaming. + longRunningToolIds: type: array items: type: string - pythonModule: description: >- - Required. The Python module name to run after installing the - packages. - type: string - args: - description: Command line arguments to be passed to the Python task. - type: array - items: - type: string - env: + Optional. Set of ids of the long running function calls. Agent + client will know from this field about which function call is long + running. Only valid for function call event. + turnComplete: + type: boolean description: >- - Environment variables to be passed to the python module. Maximum - limit is 100. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1EnvVar' - GoogleCloudAiplatformV1NfsMount: - id: GoogleCloudAiplatformV1NfsMount - description: Represents a mount configuration for Network File System (NFS) to mount. + Optional. Indicates whether the response from the model is complete. + Only used for streaming mode. + partial: + type: boolean + description: >- + Optional. Indicates whether the text content is part of a unfinished + text stream. Only used for streaming mode and when the content is + plain text. + customMetadata: + type: object + description: The custom metadata of the LlmResponse. + additionalProperties: + type: any + description: Properties of the object. + description: Metadata relating to a LLM response event. type: object + GoogleCloudAiplatformV1GroundingChunkRetrievedContext: + description: >- + Context retrieved from a data source to ground the model's response. + This is used when a retrieval tool fetches information from a + user-provided corpus or a public dataset. + id: GoogleCloudAiplatformV1GroundingChunkRetrievedContext properties: - server: - description: Required. IP address of the NFS server. + uri: + description: The URI of the retrieved data source. type: string - path: - description: >- - Required. Source path exported from NFS server. Has to start with - '/', and combined with the ip address, it indicates the source mount - path in the form of `server:path` + text: type: string - mountPoint: + description: The content of the retrieved data source. + ragChunk: + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagChunk' description: >- - Required. Destination mount path. The NFS will be mounted for the - user under /mnt/nfs/ + Additional context for a Retrieval-Augmented Generation (RAG) + retrieval result. This is populated only when the RAG retrieval tool + is used. + title: type: string - GoogleCloudAiplatformV1DiskSpec: - id: GoogleCloudAiplatformV1DiskSpec - description: Represents the spec of disk options. - type: object - properties: - bootDiskType: + description: The title of the retrieved data source. + documentName: description: >- - Type of the boot disk. For non-A3U machines, the default value is - "pd-ssd", for A3U machines, the default value is - "hyperdisk-balanced". Valid values: "pd-ssd" (Persistent Disk Solid - State Drive), "pd-standard" (Persistent Disk Hard Disk Drive) or - "hyperdisk-balanced". + Output only. The full resource name of the referenced Vertex AI + Search document. This is used to identify the specific document that + was retrieved. The format is + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/branches/{branch}/documents/{document}`. type: string - bootDiskSizeGb: - description: Size in GB of the boot disk (default is 100GB). - type: integer - format: int32 - GoogleCloudAiplatformV1Scheduling: - id: GoogleCloudAiplatformV1Scheduling - description: All parameters related to queuing and scheduling of custom jobs. + readOnly: true + type: object + GoogleCloudAiplatformV1Rubric: type: object properties: - timeout: - description: Optional. The maximum job running time. The default is 7 days. + content: + description: Required. The actual testable criteria for the rubric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RubricContent' + importance: + description: Optional. The relative importance of this rubric. + enum: + - IMPORTANCE_UNSPECIFIED + - HIGH + - MEDIUM + - LOW + enumDescriptions: + - Importance is not specified. + - High importance. + - Medium importance. + - Low importance. type: string - format: google-duration - restartJobOnWorkerRestart: + rubricId: description: >- - Optional. Restarts the entire CustomJob if a worker gets restarted. - This feature can be used by distributed training jobs that are not - resilient to workers leaving and joining a job. - type: boolean - strategy: - description: Optional. This determines which type of scheduling strategy to use. + Unique identifier for the rubric. This ID is used to refer to this + rubric, e.g., in RubricVerdict. type: string - enumDescriptions: - - Strategy will default to STANDARD. - - Deprecated. Regular on-demand provisioning strategy. - - Deprecated. Low cost by making potential use of spot resources. - - Standard provisioning strategy uses regular on-demand resources. - - Spot provisioning strategy uses spot resources. - - Flex Start strategy uses DWS to queue for resources. - enumDeprecated: - - false - - true - - true - - false - - false - - false - enum: - - STRATEGY_UNSPECIFIED - - ON_DEMAND - - LOW_COST - - STANDARD - - SPOT - - FLEX_START - disableRetries: - description: >- - Optional. Indicates if the job should retry for internal errors - after the job starts running. If true, overrides - `Scheduling.restart_job_on_worker_restart` to false. - type: boolean - maxWaitDuration: + type: description: >- - Optional. This is the maximum duration that a job will wait for the - requested resources to be provisioned if the scheduling strategy is - set to [Strategy.DWS_FLEX_START]. If set to 0, the job will wait - indefinitely. The default is 24 hours. + Optional. A type designator for the rubric, which can inform how + it's evaluated or interpreted by systems or users. It's recommended + to use consistent, well-defined, upper snake_case strings. Examples: + "SUMMARIZATION_QUALITY", "SAFETY_HARMFUL_CONTENT", + "INSTRUCTION_ADHERENCE". type: string - format: google-duration - GoogleCloudAiplatformV1PscInterfaceConfig: - id: GoogleCloudAiplatformV1PscInterfaceConfig - description: Configuration for PSC-I. + id: GoogleCloudAiplatformV1Rubric + description: >- + Message representing a single testable criterion for evaluation. One + input prompt could have multiple rubrics. + GoogleCloudAiplatformV1DeployedIndexRef: type: object + description: Points to a DeployedIndex. + id: GoogleCloudAiplatformV1DeployedIndexRef properties: - networkAttachment: - description: >- - Optional. The name of the Compute Engine [network - attachment](https://cloud.google.com/vpc/docs/about-network-attachments) - to attach to the resource within the region and user project. To - specify this field, you must have already [created a network - attachment] - (https://cloud.google.com/vpc/docs/create-manage-network-attachments#create-network-attachments). - This field is only used for resources using PSC-I. + displayName: + readOnly: true + description: Output only. The display name of the DeployedIndex. type: string - dnsPeeringConfigs: - description: >- - Optional. DNS peering configurations. When specified, Vertex AI will - attempt to configure DNS peering zones in the tenant project VPC to - resolve the specified domains using the target network's Cloud DNS. - The user must grant the dns.peer role to the Vertex AI Service Agent - on the target project. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DnsPeeringConfig' - GoogleCloudAiplatformV1DnsPeeringConfig: - id: GoogleCloudAiplatformV1DnsPeeringConfig - description: >- - DNS peering configuration. These configurations are used to create DNS - peering zones in the Vertex tenant project VPC, enabling resolution of - records within the specified domain hosted in the target network's Cloud - DNS. - type: object + indexEndpoint: + description: Immutable. A resource name of the IndexEndpoint. + type: string + deployedIndexId: + description: Immutable. The ID of the DeployedIndex in the above IndexEndpoint. + type: string + GoogleCloudAiplatformV1SchemaImageBoundingBoxAnnotation: + id: GoogleCloudAiplatformV1SchemaImageBoundingBoxAnnotation properties: - domain: + yMax: + format: double + type: number + description: The bottommost coordinate of the bounding box. + annotationSpecId: description: >- - Required. The DNS name suffix of the zone being peered to, e.g., - "my-internal-domain.corp.". Must end with a dot. + The resource Id of the AnnotationSpec that this Annotation pertains + to. type: string - targetProject: - description: >- - Required. The project ID hosting the Cloud DNS managed zone that - contains the 'domain'. The Vertex AI Service Agent requires the - dns.peer role on this project. + xMax: + description: The rightmost coordinate of the bounding box. + format: double + type: number + yMin: + format: double + type: number + description: The topmost coordinate of the bounding box. + xMin: + format: double + description: The leftmost coordinate of the bounding box. + type: number + displayName: type: string - targetNetwork: description: >- - Required. The VPC network name in the target_project where the DNS - zone specified by 'domain' is visible. + The display name of the AnnotationSpec that this Annotation pertains + to. + description: Annotation details specific to image object detection. + type: object + GoogleCloudAiplatformV1UpdatePersistentResourceOperationMetadata: + properties: + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Operation metadata for PersistentResource. + progressMessage: type: string - GoogleCloudAiplatformV1ListCustomJobsResponse: - id: GoogleCloudAiplatformV1ListCustomJobsResponse - description: Response message for JobService.ListCustomJobs + description: Progress Message for Update LRO type: object + id: GoogleCloudAiplatformV1UpdatePersistentResourceOperationMetadata + description: Details of operations that perform update PersistentResource. + GoogleCloudAiplatformV1Value: properties: - customJobs: - description: List of CustomJobs in the requested page. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJob' - nextPageToken: - description: >- - A token to retrieve the next page of results. Pass to - ListCustomJobsRequest.page_token to obtain that page. + doubleValue: + format: double + type: number + description: A double value. + intValue: type: string - GoogleCloudAiplatformV1CancelCustomJobRequest: - id: GoogleCloudAiplatformV1CancelCustomJobRequest - description: Request message for JobService.CancelCustomJob. + description: An integer value. + format: int64 + stringValue: + description: A string value. + type: string + id: GoogleCloudAiplatformV1Value type: object + description: Value is the value of the field. + GoogleCloudAiplatformV1CancelTrainingPipelineRequest: properties: {} - GoogleCloudAiplatformV1DataLabelingJob: - id: GoogleCloudAiplatformV1DataLabelingJob - description: >- - DataLabelingJob is used to trigger a human labeling job on unlabeled - data from the following Dataset: + id: GoogleCloudAiplatformV1CancelTrainingPipelineRequest type: object + description: Request message for PipelineService.CancelTrainingPipeline. + GoogleCloudAiplatformV1GroundingMetadata: properties: - name: - description: Output only. Resource name of the DataLabelingJob. - readOnly: true - type: string - displayName: + googleMapsWidgetContextToken: description: >- - Required. The user-defined name of the DataLabelingJob. The name can - be up to 128 characters long and can consist of any UTF-8 - characters. Display name of a DataLabelingJob. + Optional. Output only. A token that can be used to render a Google + Maps widget with the contextual data. This field is populated only + when the grounding source is Google Maps. + readOnly: true type: string - datasets: - description: >- - Required. Dataset resource names. Right now we only support labeling - from a single Dataset. Format: - `projects/{project}/locations/{location}/datasets/{dataset}` - type: array + groundingSupports: items: - type: string - annotationLabels: - description: >- - Labels to assign to annotations generated by this DataLabelingJob. - Label keys and values can be no longer than 64 characters (Unicode - codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. See - https://goo.gl/xmQnxf for more information and examples of labels. - System reserved label keys are prefixed with - "aiplatform.googleapis.com/" and are immutable. - type: object - additionalProperties: - type: string - labelerCount: - description: Required. Number of labelers to work on each DataItem. - type: integer - format: int32 - instructionUri: - description: >- - Required. The Google Cloud Storage location of the instruction pdf. - This pdf is shared with labelers, and provides detailed description - on how to label DataItems in Datasets. - type: string - inputsSchemaUri: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundingSupport' description: >- - Required. Points to a YAML file stored on Google Cloud Storage - describing the config for a specific type of DataLabelingJob. The - schema files that can be used here are found in the - https://storage.googleapis.com/google-cloud-aiplatform bucket in the - /schema/datalabelingjob/inputs/ folder. - type: string - inputs: - description: Required. Input config parameters for the DataLabelingJob. - type: any - state: - description: Output only. The detailed state of the job. - readOnly: true - type: string - enumDescriptions: - - The job state is unspecified. - - >- - The job has been just created or resumed and processing has not - yet begun. - - The service is preparing to run the job. - - The job is in progress. - - The job completed successfully. - - The job failed. - - >- - The job is being cancelled. From this state the job may only go to - either `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED` or - `JOB_STATE_CANCELLED`. - - The job has been cancelled. - - The job has been stopped, and can be resumed. - - The job has expired. - - >- - The job is being updated. Only jobs in the `RUNNING` state can be - updated. After updating, the job goes back to the `RUNNING` state. - - >- - The job is partially succeeded, some results may be missing due to - errors. - enum: - - JOB_STATE_UNSPECIFIED - - JOB_STATE_QUEUED - - JOB_STATE_PENDING - - JOB_STATE_RUNNING - - JOB_STATE_SUCCEEDED - - JOB_STATE_FAILED - - JOB_STATE_CANCELLING - - JOB_STATE_CANCELLED - - JOB_STATE_PAUSED - - JOB_STATE_EXPIRED - - JOB_STATE_UPDATING - - JOB_STATE_PARTIALLY_SUCCEEDED - labelingProgress: + Optional. A list of grounding supports that connect the generated + content to the grounding chunks. This field is populated when the + grounding source is Google Search or Vertex AI Search. + type: array + sourceFlaggingUris: + type: array description: >- - Output only. Current labeling job progress percentage scaled in - interval [0, 100], indicating the percentage of DataItems that has - been finished. + Optional. Output only. A list of URIs that can be used to flag a + place or review for inappropriate content. This field is populated + only when the grounding source is Google Maps. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GroundingMetadataSourceFlaggingUri readOnly: true - type: integer - format: int32 - currentSpend: + searchEntryPoint: description: >- - Output only. Estimated cost(in US dollars) that the DataLabelingJob - has incurred to date. - readOnly: true - $ref: '#/components/schemas/GoogleTypeMoney' - createTime: - description: Output only. Timestamp when this DataLabelingJob was created. - readOnly: true - type: string - format: google-datetime - updateTime: + Optional. A web search entry point that can be used to display + search results. This field is populated only when the grounding + source is Google Search. + $ref: '#/components/schemas/GoogleCloudAiplatformV1SearchEntryPoint' + groundingChunks: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundingChunk' description: >- - Output only. Timestamp when this DataLabelingJob was updated most - recently. - readOnly: true - type: string - format: google-datetime - error: + A list of supporting references retrieved from the grounding source. + This field is populated when the grounding source is Google Search, + Vertex AI Search, or Google Maps. + type: array + retrievalMetadata: description: >- - Output only. DataLabelingJob errors. It is only populated when job's - state is `JOB_STATE_FAILED` or `JOB_STATE_CANCELLED`. + Optional. Output only. Metadata related to the retrieval grounding + source. readOnly: true - $ref: '#/components/schemas/GoogleRpcStatus' - labels: + $ref: '#/components/schemas/GoogleCloudAiplatformV1RetrievalMetadata' + webSearchQueries: description: >- - The labels with user-defined metadata to organize your - DataLabelingJobs. Label keys and values can be no longer than 64 - characters (Unicode codepoints), can only contain lowercase letters, - numeric characters, underscores and dashes. International characters - are allowed. See https://goo.gl/xmQnxf for more information and - examples of labels. System reserved label keys are prefixed with - "aiplatform.googleapis.com/" and are immutable. Following system - labels exist for each DataLabelingJob: * - "aiplatform.googleapis.com/schema": output only, its value is the - inputs_schema's title. - type: object - additionalProperties: - type: string - specialistPools: - description: The SpecialistPools' resource names associated with this job. - type: array + Optional. The web search queries that were used to generate the + content. This field is populated only when the grounding source is + Google Search. items: type: string - encryptionSpec: - description: >- - Customer-managed encryption key spec for a DataLabelingJob. If set, - this DataLabelingJob will be secured by this key. Note: Annotations - created in the DataLabelingJob are associated with the - EncryptionSpec of the Dataset they are exported to. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - activeLearningConfig: - description: >- - Parameters that configure the active learning pipeline. Active - learning will label the data incrementally via several iterations. - For every iteration, it will select a batch of data based on the - sampling strategy. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ActiveLearningConfig' - GoogleTypeMoney: - id: GoogleTypeMoney - description: Represents an amount of money with its currency type. + type: array + description: >- + Information about the sources that support the content of a response. + When grounding is enabled, the model returns citations for claims in the + response. This object contains the retrieved sources. + id: GoogleCloudAiplatformV1GroundingMetadata type: object + CloudAiLargeModelsVisionMedia: properties: - currencyCode: - description: The three-letter currency code defined in ISO 4217. - type: string - units: - description: >- - The whole units of the amount. For example if `currencyCode` is - `"USD"`, then 1 unit is one US dollar. - type: string - format: int64 - nanos: - description: >- - Number of nano (10^-9) units of the amount. The value must be - between -999,999,999 and +999,999,999 inclusive. If `units` is - positive, `nanos` must be positive or zero. If `units` is zero, - `nanos` can be positive, zero, or negative. If `units` is negative, - `nanos` must be negative or zero. For example $-1.75 is represented - as `units`=-1 and `nanos`=-750,000,000. - type: integer - format: int32 - GoogleCloudAiplatformV1ActiveLearningConfig: - id: GoogleCloudAiplatformV1ActiveLearningConfig - description: >- - Parameters that configure the active learning pipeline. Active learning - will label the data incrementally by several iterations. For every - iteration, it will select a batch of data based on the sampling - strategy. + image: + $ref: '#/components/schemas/CloudAiLargeModelsVisionImage' + description: Image. + video: + description: Video + $ref: '#/components/schemas/CloudAiLargeModelsVisionVideo' + description: Media. type: object + id: CloudAiLargeModelsVisionMedia + GoogleCloudAiplatformV1CreateFeatureOperationMetadata: properties: - maxDataItemCount: - description: Max number of human labeled DataItems. - type: string - format: int64 - maxDataItemPercentage: - description: Max percent of total DataItems for human labeling. - type: integer - format: int32 - sampleConfig: + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Operation metadata for Feature. + id: GoogleCloudAiplatformV1CreateFeatureOperationMetadata + description: Details of operations that perform create Feature. + type: object + GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrix: + id: GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrix + properties: + rows: + items: + items: + type: any + type: array description: >- - Active learning data sampling config. For every active learning - labeling iteration, it will select a batch of data based on the - sampling strategy. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SampleConfig' - trainingConfig: + Rows in the confusion matrix. The number of rows is equal to the + size of `annotationSpecs`. `rowsi` is the number of DataItems that + have ground truth of the `annotationSpecs[i]` and are predicted as + `annotationSpecs[j]` by the Model being evaluated. For Text + Extraction, when `annotationSpecs[i]` is the last element in + `annotationSpecs`, i.e. the special negative AnnotationSpec, `rowsi` + is the number of predicted entities of `annoatationSpec[j]` that are + not labeled as any of the ground truth AnnotationSpec. When + annotationSpecs[j] is the special negative AnnotationSpec, `rowsi` + is the number of entities have ground truth of `annotationSpec[i]` + that are not predicted as an entity by the Model. The value of the + last cell, i.e. `rowi` where i == j and `annotationSpec[i]` is the + special negative AnnotationSpec, is always 0. + type: array + annotationSpecs: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrixAnnotationSpecRef description: >- - CMLE training config. For every active learning labeling iteration, - system will train a machine learning model on CMLE. The trained - model will be used by data sampling algorithm to select DataItems. - $ref: '#/components/schemas/GoogleCloudAiplatformV1TrainingConfig' - GoogleCloudAiplatformV1SampleConfig: - id: GoogleCloudAiplatformV1SampleConfig - description: >- - Active learning data sampling config. For every active learning labeling - iteration, it will select a batch of data based on the sampling - strategy. + AnnotationSpecs used in the confusion matrix. For AutoML Text + Extraction, a special negative AnnotationSpec with empty `id` and + `displayName` of "NULL" will be added as the last element. type: object + GoogleCloudAiplatformV1QuestionAnsweringQualitySpec: + id: GoogleCloudAiplatformV1QuestionAnsweringQualitySpec + type: object + description: Spec for question answering quality score metric. properties: - initialBatchSamplePercentage: - description: The percentage of data needed to be labeled in the first batch. + version: + format: int32 + description: Optional. Which version to use for evaluation. type: integer + useReference: + description: >- + Optional. Whether to use instance.reference to compute question + answering quality. + type: boolean + GoogleCloudAiplatformV1XraiAttribution: + description: >- + An explanation method that redistributes Integrated Gradients + attributions to segmented regions, taking advantage of the model's fully + differentiable structure. Refer to this paper for more details: + https://arxiv.org/abs/1906.02825 Supported only by image Models. + id: GoogleCloudAiplatformV1XraiAttribution + type: object + properties: + blurBaselineConfig: + description: >- + Config for XRAI with blur baseline. When enabled, a linear path from + the maximally blurred image to the input image is created. Using a + blurred baseline instead of zero (black image) is motivated by the + BlurIG approach explained here: https://arxiv.org/abs/2004.03383 + $ref: '#/components/schemas/GoogleCloudAiplatformV1BlurBaselineConfig' + smoothGradConfig: + description: >- + Config for SmoothGrad approximation of gradients. When enabled, the + gradients are approximated by averaging the gradients from noisy + samples in the vicinity of the inputs. Adding noise can help improve + the computed gradients. Refer to this paper for more details: + https://arxiv.org/pdf/1706.03825.pdf + $ref: '#/components/schemas/GoogleCloudAiplatformV1SmoothGradConfig' + stepCount: format: int32 - followingBatchSamplePercentage: description: >- - The percentage of data needed to be labeled in each following batch - (except the first batch). + Required. The number of steps for approximating the path integral. A + good value to start is 50 and gradually increase until the sum to + diff property is met within the desired error range. Valid range of + its value is [1, 100], inclusively. type: integer - format: int32 - sampleStrategy: + GoogleCloudAiplatformV1FunctionDeclaration: + properties: + response: description: >- - Field to choose sampling strategy. Sampling strategy will decide - which data should be selected for human labeling in every batch. + Optional. Describes the output from this function in JSON Schema + format. Reflects the Open API 3.03 Response Object. The Schema + defines the type used for the response value of the function. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Schema' + parametersJsonSchema: + type: any + description: >- + Optional. Describes the parameters to the function in JSON Schema + format. The schema must describe an object where the properties are + the parameters to the function. For example: ``` { "type": "object", + "properties": { "name": { "type": "string" }, "age": { "type": + "integer" } }, "additionalProperties": false, "required": ["name", + "age"], "propertyOrdering": ["name", "age"] } ``` This field is + mutually exclusive with `parameters`. + responseJsonSchema: + type: any + description: >- + Optional. Describes the output from this function in JSON Schema + format. The value specified by the schema is the response value of + the function. This field is mutually exclusive with `response`. + parameters: + description: >- + Optional. Describes the parameters to this function in JSON Schema + Object format. Reflects the Open API 3.03 Parameter Object. string + Key: the name of the parameter. Parameter names are case sensitive. + Schema Value: the Schema defining the type used for the parameter. + For function with no parameters, this can be left unset. Parameter + names must start with a letter or an underscore and must only + contain chars a-z, A-Z, 0-9, or underscores with a maximum length of + 64. Example with 1 required and 1 optional parameter: type: OBJECT + properties: param1: type: STRING param2: type: INTEGER required: - + param1 + $ref: '#/components/schemas/GoogleCloudAiplatformV1Schema' + name: type: string - enumDescriptions: - - Default will be treated as UNCERTAINTY. - - Sample the most uncertain data to label. - enum: - - SAMPLE_STRATEGY_UNSPECIFIED - - UNCERTAINTY - GoogleCloudAiplatformV1TrainingConfig: - id: GoogleCloudAiplatformV1TrainingConfig + description: >- + Required. The name of the function to call. Must start with a letter + or an underscore. Must be a-z, A-Z, 0-9, or contain underscores, + dots, colons and dashes, with a maximum length of 64. + description: + type: string + description: >- + Optional. Description and purpose of the function. Model uses it to + decide how and whether to call the function. description: >- - CMLE training config. For every active learning labeling iteration, - system will train a machine learning model on CMLE. The trained model - will be used by data sampling algorithm to select DataItems. + Structured representation of a function declaration as defined by the + [OpenAPI 3.0 specification](https://spec.openapis.org/oas/v3.0.3). + Included in this declaration are the function name, description, + parameters and response type. This FunctionDeclaration is a + representation of a block of code that can be used as a `Tool` by the + model and executed by the client. + id: GoogleCloudAiplatformV1FunctionDeclaration type: object + GoogleCloudAiplatformV1TensorboardBlobSequence: properties: - timeoutTrainingMilliHours: + values: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardBlob' + description: List of blobs contained within the sequence. + type: array + description: >- + One point viewable on a blob metric plot, but mostly just a wrapper + message to work around repeated fields can't be used directly within + `oneof` fields. + type: object + id: GoogleCloudAiplatformV1TensorboardBlobSequence + GoogleCloudAiplatformV1Retrieval: + description: >- + Defines a retrieval tool that model can call to access external + knowledge. + type: object + id: GoogleCloudAiplatformV1Retrieval + properties: + disableAttribution: + description: Optional. Deprecated. This option is no longer supported. + deprecated: true + type: boolean + vertexAiSearch: + description: Set to use data source powered by Vertex AI Search. + $ref: '#/components/schemas/GoogleCloudAiplatformV1VertexAISearch' + externalApi: + description: Use data source powered by external API for grounding. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExternalApi' + vertexRagStore: description: >- - The timeout hours for the CMLE training job, expressed in milli - hours i.e. 1,000 value in this field means 1 hour. + Set to use data source powered by Vertex RAG store. User data is + uploaded via the VertexRagDataService. + $ref: '#/components/schemas/GoogleCloudAiplatformV1VertexRagStore' + GoogleCloudAiplatformV1SchemaPredictInstanceTextClassificationPredictionInstance: + description: Prediction input format for Text Classification. + properties: + mimeType: + description: >- + The MIME type of the text snippet. The supported MIME types are + listed below. - text/plain type: string - format: int64 - GoogleCloudAiplatformV1ListDataLabelingJobsResponse: - id: GoogleCloudAiplatformV1ListDataLabelingJobsResponse - description: Response message for JobService.ListDataLabelingJobs. + content: + type: string + description: The text snippet to make the predictions on. + id: >- + GoogleCloudAiplatformV1SchemaPredictInstanceTextClassificationPredictionInstance type: object + GoogleCloudAiplatformV1GenerateVideoResponseVideo: + id: GoogleCloudAiplatformV1GenerateVideoResponseVideo properties: - dataLabelingJobs: + bytesBase64Encoded: + description: Base64 encoded bytes string representing the video. + type: string + mimeType: + description: The MIME type of the content of the video. - video/mp4 + type: string + gcsUri: + description: Cloud Storage URI where the generated video is written. + type: string + type: object + description: A generated video. + GoogleCloudAiplatformV1RetrieveContextsRequest: + type: object + description: Request message for VertexRagService.RetrieveContexts. + id: GoogleCloudAiplatformV1RetrieveContextsRequest + properties: + query: + description: Required. Single RAG retrieve query. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagQuery' + vertexRagStore: + description: The data source for Vertex RagStore. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RetrieveContextsRequestVertexRagStore + GoogleCloudAiplatformV1UnmanagedContainerModel: + type: object + properties: + artifactUri: + type: string description: >- - A list of DataLabelingJobs that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DataLabelingJob' + The path to the directory containing the Model artifact and any of + its supporting files. + predictSchemata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictSchemata' + description: Contains the schemata used in Model's predictions and explanations + containerSpec: + description: >- + Input only. The specification of the container that is to be used + when deploying this Model. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelContainerSpec' + id: GoogleCloudAiplatformV1UnmanagedContainerModel + description: >- + Contains model information necessary to perform batch prediction without + requiring a full model import. + GoogleCloudAiplatformV1RayMetricSpec: + description: Configuration for the Ray metrics. + properties: + disabled: + description: Optional. Flag to disable the Ray metrics collection. + type: boolean + type: object + id: GoogleCloudAiplatformV1RayMetricSpec + GoogleCloudAiplatformV1ScheduleRunResponse: + id: GoogleCloudAiplatformV1ScheduleRunResponse + type: object + properties: + runResponse: + description: The response of the scheduled run. + type: string + scheduledRunTime: + type: string + description: The scheduled run time based on the user-specified schedule. + format: google-datetime + description: Status of a scheduled run. + GoogleCloudAiplatformV1MutateDeployedModelOperationMetadata: + description: Runtime operation information for EndpointService.MutateDeployedModel. + properties: + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: The operation generic information. + id: GoogleCloudAiplatformV1MutateDeployedModelOperationMetadata + type: object + GoogleLongrunningListOperationsResponse: + id: GoogleLongrunningListOperationsResponse + properties: nextPageToken: description: The standard List next-page token. type: string - GoogleCloudAiplatformV1CancelDataLabelingJobRequest: - id: GoogleCloudAiplatformV1CancelDataLabelingJobRequest - description: Request message for JobService.CancelDataLabelingJob. + operations: + type: array + description: >- + A list of operations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/GoogleLongrunningOperation' + unreachable: + type: array + items: + type: string + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. type: object - properties: {} - GoogleCloudAiplatformV1HyperparameterTuningJob: - id: GoogleCloudAiplatformV1HyperparameterTuningJob + description: The response message for Operations.ListOperations. + GoogleCloudAiplatformV1WriteFeatureValuesResponse: description: >- - Represents a HyperparameterTuningJob. A HyperparameterTuningJob has a - Study specification and multiple CustomJobs with identical CustomJob - specification. + Response message for + FeaturestoreOnlineServingService.WriteFeatureValues. type: object + id: GoogleCloudAiplatformV1WriteFeatureValuesResponse + properties: {} + GoogleCloudAiplatformV1VertexAISearch: + description: >- + Retrieve from Vertex AI Search datastore or engine for grounding. + datastore and engine are mutually exclusive. See + https://cloud.google.com/products/agent-builder properties: - name: - description: Output only. Resource name of the HyperparameterTuningJob. - readOnly: true - type: string - displayName: + dataStoreSpecs: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1VertexAISearchDataStoreSpec description: >- - Required. The display name of the HyperparameterTuningJob. The name - can be up to 128 characters long and can consist of any UTF-8 - characters. + Specifications that define the specific DataStores to be searched, + along with configurations for those data stores. This is only + considered for Engines with multiple data stores. It should only be + set if engine is used. + engine: + description: >- + Optional. Fully-qualified Vertex AI Search engine resource ID. + Format: + `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}` type: string - studySpec: - description: Required. Study configuration of the HyperparameterTuningJob. - $ref: '#/components/schemas/GoogleCloudAiplatformV1StudySpec' - maxTrialCount: - description: Required. The desired total number of Trials. - type: integer - format: int32 - parallelTrialCount: - description: Required. The desired number of Trials to run in parallel. - type: integer - format: int32 - maxFailedTrialCount: + maxResults: description: >- - The number of failed Trials that need to be seen before failing the - HyperparameterTuningJob. If set to 0, Vertex AI decides how many - Trials must fail before the whole job fails. + Optional. Number of search results to return per query. The default + value is 10. The maximumm allowed value is 10. type: integer format: int32 - trialJobSpec: + datastore: description: >- - Required. The spec of a trial job. The same spec applies to the - CustomJobs created in all the trials. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJobSpec' - trials: - description: Output only. Trials of the HyperparameterTuningJob. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' - state: - description: Output only. The detailed state of the job. - readOnly: true + Optional. Fully-qualified Vertex AI Search data store resource ID. + Format: + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{dataStore}` type: string - enumDescriptions: - - The job state is unspecified. - - >- - The job has been just created or resumed and processing has not - yet begun. - - The service is preparing to run the job. - - The job is in progress. - - The job completed successfully. - - The job failed. - - >- - The job is being cancelled. From this state the job may only go to - either `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED` or - `JOB_STATE_CANCELLED`. - - The job has been cancelled. - - The job has been stopped, and can be resumed. - - The job has expired. - - >- - The job is being updated. Only jobs in the `RUNNING` state can be - updated. After updating, the job goes back to the `RUNNING` state. - - >- - The job is partially succeeded, some results may be missing due to - errors. - enum: - - JOB_STATE_UNSPECIFIED - - JOB_STATE_QUEUED - - JOB_STATE_PENDING - - JOB_STATE_RUNNING - - JOB_STATE_SUCCEEDED - - JOB_STATE_FAILED - - JOB_STATE_CANCELLING - - JOB_STATE_CANCELLED - - JOB_STATE_PAUSED - - JOB_STATE_EXPIRED - - JOB_STATE_UPDATING - - JOB_STATE_PARTIALLY_SUCCEEDED - createTime: - description: Output only. Time when the HyperparameterTuningJob was created. - readOnly: true + filter: type: string - format: google-datetime - startTime: - description: >- - Output only. Time when the HyperparameterTuningJob for the first - time entered the `JOB_STATE_RUNNING` state. - readOnly: true + description: Optional. Filter strings to be passed to the search API. + type: object + id: GoogleCloudAiplatformV1VertexAISearch + GoogleCloudAiplatformV1SchemaPredictInstanceImageClassificationPredictionInstance: + properties: + mimeType: type: string - format: google-datetime - endTime: description: >- - Output only. Time when the HyperparameterTuningJob entered any of - the following states: `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED`, - `JOB_STATE_CANCELLED`. - readOnly: true + The MIME type of the content of the image. Only the images in below + listed MIME types are supported. - image/jpeg - image/gif - + image/png - image/webp - image/bmp - image/tiff - + image/vnd.microsoft.icon + content: type: string - format: google-datetime - updateTime: - description: >- - Output only. Time when the HyperparameterTuningJob was most recently - updated. - readOnly: true + description: The image bytes or Cloud Storage URI to make the prediction on. + id: >- + GoogleCloudAiplatformV1SchemaPredictInstanceImageClassificationPredictionInstance + type: object + description: Prediction input format for Image Classification. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationNumericTransformation: + type: object + description: >- + Training pipeline will perform following transformation functions. * The + value converted to float32. * The z_score of the value. * log(value+1) + when the value is greater than or equal to 0. Otherwise, this + transformation is not applied and the value is considered a missing + value. * z_score of log(value+1) when the value is greater than or equal + to 0. Otherwise, this transformation is not applied and the value is + considered a missing value. + properties: + columnName: type: string - format: google-datetime - error: - description: >- - Output only. Only populated when job's state is JOB_STATE_FAILED or - JOB_STATE_CANCELLED. + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationNumericTransformation + GoogleCloudAiplatformV1ToolParameterKVMatchResults: + properties: + toolParameterKvMatchMetricValues: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ToolParameterKVMatchMetricValue + description: Output only. Tool parameter key value match metric values. readOnly: true - $ref: '#/components/schemas/GoogleRpcStatus' - labels: - description: >- - The labels with user-defined metadata to organize - HyperparameterTuningJobs. Label keys and values can be no longer - than 64 characters (Unicode codepoints), can only contain lowercase - letters, numeric characters, underscores and dashes. International - characters are allowed. See https://goo.gl/xmQnxf for more - information and examples of labels. - type: object - additionalProperties: - type: string - encryptionSpec: - description: >- - Customer-managed encryption key options for a - HyperparameterTuningJob. If this is set, then all resources created - by the HyperparameterTuningJob will be encrypted with the provided - encryption key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - GoogleCloudAiplatformV1StudySpec: - id: GoogleCloudAiplatformV1StudySpec - description: Represents specification of a Study. + type: object + id: GoogleCloudAiplatformV1ToolParameterKVMatchResults + description: Results for tool parameter key value match metric. + GoogleCloudAiplatformV1FeatureViewDirectWriteRequestDataKeyAndFeatureValues: + id: >- + GoogleCloudAiplatformV1FeatureViewDirectWriteRequestDataKeyAndFeatureValues + description: A data key and associated feature values to write to the feature view. type: object properties: - decayCurveStoppingSpec: - description: The automated early stopping spec using decay curve rule. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StudySpecDecayCurveAutomatedStoppingSpec - medianAutomatedStoppingSpec: - description: The automated early stopping spec using median rule. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StudySpecMedianAutomatedStoppingSpec - convexAutomatedStoppingSpec: - description: The automated early stopping spec using convex stopping rule. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StudySpecConvexAutomatedStoppingSpec - metrics: - description: Required. Metric specs for the Study. - type: array + features: items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1StudySpecMetricSpec' - parameters: - description: Required. The set of parameters to tune. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureViewDirectWriteRequestDataKeyAndFeatureValuesFeature + description: List of features to write. type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpec' - algorithm: - description: The search algorithm specified for the Study. - type: string - enumDescriptions: - - >- - The default algorithm used by Vertex AI for [hyperparameter - tuning](https://cloud.google.com/vertex-ai/docs/training/hyperparameter-tuning-overview) - and [Vertex AI - Vizier](https://cloud.google.com/vertex-ai/docs/vizier). - - >- - Simple grid search within the feasible space. To use grid search, - all parameters must be `INTEGER`, `CATEGORICAL`, or `DISCRETE`. - - Simple random search within the feasible space. - enum: - - ALGORITHM_UNSPECIFIED - - GRID_SEARCH - - RANDOM_SEARCH - observationNoise: - description: >- - The observation noise level of the study. Currently only supported - by the Vertex AI Vizier service. Not supported by - HyperparameterTuningJob or TrainingPipeline. - type: string - enumDescriptions: - - The default noise level chosen by Vertex AI. - - >- - Vertex AI assumes that the objective function is (nearly) - perfectly reproducible, and will never repeat the same Trial - parameters. - - >- - Vertex AI will estimate the amount of noise in metric evaluations, - it may repeat the same Trial parameters more than once. - enum: - - OBSERVATION_NOISE_UNSPECIFIED - - LOW - - HIGH - measurementSelectionType: - description: Describe which measurement selection type will be used - type: string - enumDescriptions: - - Will be treated as LAST_MEASUREMENT. - - Use the last measurement reported. - - Use the best measurement reported. - enum: - - MEASUREMENT_SELECTION_TYPE_UNSPECIFIED - - LAST_MEASUREMENT - - BEST_MEASUREMENT - studyStoppingConfig: + dataKey: + description: The data key. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureViewDataKey' + GoogleCloudAiplatformV1SchemaModelevaluationMetricsQuestionAnsweringEvaluationMetrics: + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsQuestionAnsweringEvaluationMetrics + properties: + exactMatch: + type: number description: >- - Conditions for automated stopping of a Study. Enable automated - stopping by configuring at least one condition. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StudySpecStudyStoppingConfig - GoogleCloudAiplatformV1StudySpecDecayCurveAutomatedStoppingSpec: - id: GoogleCloudAiplatformV1StudySpecDecayCurveAutomatedStoppingSpec - description: >- - The decay curve automated stopping rule builds a Gaussian Process - Regressor to predict the final objective value of a Trial based on the - already completed Trials and the intermediate measurements of the - current Trial. Early stopping is requested for the current Trial if - there is very low probability to exceed the optimal value found so far. + The rate at which the input predicted strings exactly match their + references. + format: float + type: object + GoogleCloudAiplatformV1MergeVersionAliasesRequest: type: object + description: Request message for ModelService.MergeVersionAliases. properties: - useElapsedDuration: + versionAliases: + type: array + items: + type: string description: >- - True if Measurement.elapsed_duration is used as the x-axis of each - Trials Decay Curve. Otherwise, Measurement.step_count will be used - as the x-axis. - type: boolean - GoogleCloudAiplatformV1StudySpecMedianAutomatedStoppingSpec: - id: GoogleCloudAiplatformV1StudySpecMedianAutomatedStoppingSpec - description: >- - The median automated stopping rule stops a pending Trial if the Trial's - best objective_value is strictly below the median 'performance' of all - completed Trials reported up to the Trial's last measurement. Currently, - 'performance' refers to the running average of the objective values - reported by the Trial in each measurement. + Required. The set of version aliases to merge. The alias should be + at most 128 characters, and match `a-z{0,126}[a-z-0-9]`. Add the `-` + prefix to an alias means removing that alias from the version. `-` + is NOT counted in the 128 characters. Example: `-golden` means + removing the `golden` alias from the version. There is NO ordering + in aliases, which means 1) The aliases returned from GetModel API + might not have the exactly same order from this MergeVersionAliases + API. 2) Adding and deleting the same alias in the request is not + recommended, and the 2 operations will be cancelled out. + id: GoogleCloudAiplatformV1MergeVersionAliasesRequest + GoogleCloudAiplatformV1ModelEvaluationSliceSlice: type: object + id: GoogleCloudAiplatformV1ModelEvaluationSliceSlice + description: Definition of a slice. properties: - useElapsedDuration: + sliceSpec: + readOnly: true + description: Output only. Specification for how the data was sliced. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpec + dimension: + readOnly: true description: >- - True if median automated stopping rule applies on - Measurement.elapsed_duration. It means that elapsed_duration field - of latest measurement of current Trial is used to compute median - objective value for each completed Trials. + Output only. The dimension of the slice. Well-known dimensions are: + * `annotationSpec`: This slice is on the test data that has either + ground truth or prediction with AnnotationSpec.display_name equals + to value. * `slice`: This slice is a user customized slice defined + by its SliceSpec. + type: string + value: + type: string + readOnly: true + description: Output only. The value of the dimension in this slice. + GoogleCloudAiplatformV1ToolParameterKVMatchSpec: + description: Spec for tool parameter key value match metric. + id: GoogleCloudAiplatformV1ToolParameterKVMatchSpec + type: object + properties: + useStrictStringMatch: + description: Optional. Whether to use STRICT string match on parameter values. type: boolean - GoogleCloudAiplatformV1StudySpecConvexAutomatedStoppingSpec: - id: GoogleCloudAiplatformV1StudySpecConvexAutomatedStoppingSpec - description: >- - Configuration for ConvexAutomatedStoppingSpec. When there are enough - completed trials (configured by min_measurement_count), for pending - trials with enough measurements and steps, the policy first computes an - overestimate of the objective value at max_num_steps according to the - slope of the incomplete objective value curve. No prediction can be made - if the curve is completely flat. If the overestimation is worse than the - best objective value of the completed trials, this pending trial will be - early-stopped, but a last measurement will be added to the pending trial - with max_num_steps and predicted objective value from the autoregression - model. + GoogleCloudAiplatformV1SchemaModelevaluationMetricsSummarizationEvaluationMetrics: + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsSummarizationEvaluationMetrics + properties: + rougeLSum: + type: number + description: ROUGE-L (Longest Common Subsequence) scoring at summary level. + format: float + type: object + GoogleCloudAiplatformV1DestinationFeatureSetting: + id: GoogleCloudAiplatformV1DestinationFeatureSetting type: object properties: - maxStepCount: - description: >- - Steps used in predicting the final objective for early stopped - trials. In general, it's set to be the same as the defined steps in - training / tuning. If not defined, it will learn it from the - completed trials. When use_steps is false, this field is set to the - maximum elapsed seconds. + destinationField: type: string - format: int64 - minStepCount: description: >- - Minimum number of steps for a trial to complete. Trials which do not - have a measurement with step_count > min_step_count won't be - considered for early stopping. It's ok to set it to 0, and a trial - can be early stopped at any stage. By default, min_step_count is set - to be one-tenth of the max_step_count. When use_elapsed_duration is - true, this field is set to the minimum elapsed seconds. + Specify the field name in the export destination. If not specified, + Feature ID is used. + featureId: type: string - format: int64 - minMeasurementCount: + description: Required. The ID of the Feature to apply the setting to. + GoogleCloudAiplatformV1EntityType: + properties: + monitoringConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeaturestoreMonitoringConfig description: >- - The minimal number of measurements in a Trial. Early-stopping checks - will not trigger if less than min_measurement_count+1 completed - trials or pending trials with less than min_measurement_count - measurements. If not defined, the default value is 5. + Optional. The default monitoring configuration for all Features with + value type (Feature.ValueType) BOOL, STRING, DOUBLE or INT64 under + this EntityType. If this is populated with + [FeaturestoreMonitoringConfig.monitoring_interval] specified, + snapshot analysis monitoring is enabled. Otherwise, snapshot + analysis monitoring is disabled. + name: + description: >- + Immutable. Name of the EntityType. Format: + `projects/{project}/locations/{location}/featurestores/{featurestore}/entityTypes/{entity_type}` + The last part entity_type is assigned by the client. The entity_type + can be up to 64 characters long and can consist only of ASCII Latin + letters A-Z and a-z and underscore(_), and ASCII digits 0-9 starting + with a letter. The value will be unique given a featurestore. type: string - format: int64 - learningRateParameterName: + updateTime: description: >- - The hyper-parameter name used in the tuning job that stands for - learning rate. Leave it blank if learning rate is not in a parameter - in tuning. The learning_rate is used to estimate the objective value - of the ongoing trial. + Output only. Timestamp when this EntityType was most recently + updated. + readOnly: true type: string - useElapsedDuration: + format: google-datetime + labels: description: >- - This bool determines whether or not the rule is applied based on - elapsed_secs or steps. If use_elapsed_duration==false, the early - stopping decision is made according to the predicted objective - values according to the target steps. If use_elapsed_duration==true, - elapsed_secs is used instead of steps. Also, in this case, the - parameters max_num_steps and min_num_steps are overloaded to contain - max_elapsed_seconds and min_elapsed_seconds. + Optional. The labels with user-defined metadata to organize your + EntityTypes. Label keys and values can be no longer than 64 + characters (Unicode codepoints), can only contain lowercase letters, + numeric characters, underscores and dashes. International characters + are allowed. See https://goo.gl/xmQnxf for more information on and + examples of labels. No more than 64 user labels can be associated + with one EntityType (System labels are excluded)." System reserved + label keys are prefixed with "aiplatform.googleapis.com/" and are + immutable. + type: object + additionalProperties: + type: string + satisfiesPzi: + description: Output only. Reserved for future use. + readOnly: true type: boolean - updateAllStoppedTrials: + offlineStorageTtlDays: + type: integer + format: int32 description: >- - ConvexAutomatedStoppingSpec by default only updates the trials that - needs to be early stopped using a newly trained auto-regressive - model. When this flag is set to True, all stopped trials from the - beginning are potentially updated in terms of their - `final_measurement`. Also, note that the training logic of - autoregressive models is different in this case. Enabling this - option has shown better results and this may be the default option - in the future. - type: boolean - GoogleCloudAiplatformV1StudySpecMetricSpec: - id: GoogleCloudAiplatformV1StudySpecMetricSpec - description: Represents a metric to optimize. - type: object - properties: - metricId: + Optional. Config for data retention policy in offline storage. TTL + in days for feature values that will be stored in offline storage. + The Feature Store offline storage periodically removes obsolete + feature values older than `offline_storage_ttl_days` since the + feature generation time. If unset (or explicitly set to 0), default + to 4000 days TTL. + etag: description: >- - Required. The ID of the metric. Must not contain whitespaces and - must be unique amongst all MetricSpecs. + Optional. Used to perform a consistent read-modify-write updates. If + not set, a blind "overwrite" update happens. type: string - goal: - description: Required. The optimization goal of the metric. + description: type: string - enumDescriptions: - - Goal Type will default to maximize. - - Maximize the goal metric. - - Minimize the goal metric. - enum: - - GOAL_TYPE_UNSPECIFIED - - MAXIMIZE - - MINIMIZE - safetyConfig: - description: >- - Used for safe search. In the case, the metric will be a safety - metric. You must provide a separate metric for objective metric. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StudySpecMetricSpecSafetyMetricConfig + description: Optional. Description of the EntityType. + createTime: + type: string + description: Output only. Timestamp when this EntityType was created. + format: google-datetime + readOnly: true + satisfiesPzs: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + description: >- + An entity type is a type of object in a system that needs to be modeled + and have stored information about. For example, driver is an entity + type, and driver0 is an instance of an entity type driver. + id: GoogleCloudAiplatformV1EntityType + type: object GoogleCloudAiplatformV1StudySpecMetricSpecSafetyMetricConfig: id: GoogleCloudAiplatformV1StudySpecMetricSpecSafetyMetricConfig + type: object description: >- Used in safe optimization to specify threshold levels and risk tolerance. - type: object properties: - safetyThreshold: - description: >- - Safety threshold (boundary value between safe and unsafe). NOTE that - if you leave SafetyMetricConfig unset, a default value of 0 will be - used. + desiredMinSafeTrialsFraction: type: number format: double - desiredMinSafeTrialsFraction: description: >- Desired minimum fraction of safe trials (over total number of trials) that should be targeted by the algorithm at any time during @@ -11700,4156 +10731,3455 @@ components: value of 0.0 means that there is no minimum and an algorithm proceeds without targeting any specific fraction. A value of 1.0 means that the algorithm attempts to only Suggest safe Trials. - type: number + safetyThreshold: + description: >- + Safety threshold (boundary value between safe and unsafe). NOTE that + if you leave SafetyMetricConfig unset, a default value of 0 will be + used. format: double - GoogleCloudAiplatformV1StudySpecParameterSpec: - id: GoogleCloudAiplatformV1StudySpecParameterSpec - description: Represents a single parameter to optimize. + type: number + GoogleCloudAiplatformV1EvaluationDataset: type: object + description: The dataset used for evaluation. properties: - doubleValueSpec: - description: The value spec for a 'DOUBLE' parameter. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpecDoubleValueSpec - integerValueSpec: - description: The value spec for an 'INTEGER' parameter. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpecIntegerValueSpec - categoricalValueSpec: - description: The value spec for a 'CATEGORICAL' parameter. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpecCategoricalValueSpec - discreteValueSpec: - description: The value spec for a 'DISCRETE' parameter. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpecDiscreteValueSpec - parameterId: - description: >- - Required. The ID of the parameter. Must not contain whitespaces and - must be unique amongst all ParameterSpecs. - type: string - scaleType: - description: >- - How the parameter should be scaled. Leave unset for `CATEGORICAL` - parameters. - type: string - enumDescriptions: - - By default, no scaling is applied. - - Scales the feasible space to (0, 1) linearly. - - >- - Scales the feasible space logarithmically to (0, 1). The entire - feasible space must be strictly positive. - - >- - Scales the feasible space "reverse" logarithmically to (0, 1). The - result is that values close to the top of the feasible space are - spread out more than points near the bottom. The entire feasible - space must be strictly positive. - enum: - - SCALE_TYPE_UNSPECIFIED - - UNIT_LINEAR_SCALE - - UNIT_LOG_SCALE - - UNIT_REVERSE_LOG_SCALE - conditionalParameterSpecs: + bigquerySource: + $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQuerySource' + description: BigQuery source holds the dataset. + gcsSource: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' description: >- - A conditional parameter node is active if the parameter's value - matches the conditional node's parent_value_condition. If two items - in conditional_parameter_specs have the same name, they must have - disjoint parent_value_condition. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpec - GoogleCloudAiplatformV1StudySpecParameterSpecDoubleValueSpec: - id: GoogleCloudAiplatformV1StudySpecParameterSpecDoubleValueSpec - description: Value specification for a parameter in `DOUBLE` type. + Cloud storage source holds the dataset. Currently only one Cloud + Storage file path is supported. + id: GoogleCloudAiplatformV1EvaluationDataset + GoogleCloudAiplatformV1Attribution: type: object properties: - minValue: - description: Required. Inclusive minimum value of the parameter. - type: number - format: double - maxValue: - description: Required. Inclusive maximum value of the parameter. - type: number - format: double - defaultValue: + approximationError: + readOnly: true description: >- - A default value for a `DOUBLE` parameter that is assumed to be a - relatively good starting point. Unset value signals that there is no - offered starting point. Currently only supported by the Vertex AI - Vizier service. Not supported by HyperparameterTuningJob or - TrainingPipeline. - type: number + Output only. Error of feature_attributions caused by approximation + used in the explanation method. Lower value means more precise + attributions. * For Sampled Shapley attribution, increasing + path_count might reduce the error. * For Integrated Gradients + attribution, increasing step_count might reduce the error. * For + XRAI attribution, increasing step_count might reduce the error. See + [this introduction](/vertex-ai/docs/explainable-ai/overview) for + more information. format: double - GoogleCloudAiplatformV1StudySpecParameterSpecIntegerValueSpec: - id: GoogleCloudAiplatformV1StudySpecParameterSpecIntegerValueSpec - description: Value specification for a parameter in `INTEGER` type. - type: object - properties: - minValue: - description: Required. Inclusive minimum value of the parameter. - type: string - format: int64 - maxValue: - description: Required. Inclusive maximum value of the parameter. - type: string - format: int64 - defaultValue: + type: number + outputIndex: + readOnly: true description: >- - A default value for an `INTEGER` parameter that is assumed to be a - relatively good starting point. Unset value signals that there is no - offered starting point. Currently only supported by the Vertex AI - Vizier service. Not supported by HyperparameterTuningJob or - TrainingPipeline. - type: string - format: int64 - GoogleCloudAiplatformV1StudySpecParameterSpecCategoricalValueSpec: - id: GoogleCloudAiplatformV1StudySpecParameterSpecCategoricalValueSpec - description: Value specification for a parameter in `CATEGORICAL` type. - type: object - properties: - values: - description: Required. The list of possible categories. - type: array + Output only. The index that locates the explained prediction output. + If the prediction output is a scalar value, output_index is not + populated. If the prediction output has multiple dimensions, the + length of the output_index list is the same as the number of + dimensions of the output. The i-th element in output_index is the + element index of the i-th dimension of the output vector. Indices + start from 0. items: - type: string - defaultValue: - description: >- - A default value for a `CATEGORICAL` parameter that is assumed to be - a relatively good starting point. Unset value signals that there is - no offered starting point. Currently only supported by the Vertex AI - Vizier service. Not supported by HyperparameterTuningJob or - TrainingPipeline. + type: integer + format: int32 + type: array + outputDisplayName: type: string - GoogleCloudAiplatformV1StudySpecParameterSpecDiscreteValueSpec: - id: GoogleCloudAiplatformV1StudySpecParameterSpecDiscreteValueSpec - description: Value specification for a parameter in `DISCRETE` type. - type: object - properties: - values: description: >- - Required. A list of possible values. The list should be in - increasing order and at least 1e-10 apart. For instance, this - parameter might have possible settings of 1.5, 2.5, and 4.0. This - list should not contain more than 1,000 values. - type: array - items: - type: number - format: double - defaultValue: - description: >- - A default value for a `DISCRETE` parameter that is assumed to be a - relatively good starting point. Unset value signals that there is no - offered starting point. It automatically rounds to the nearest - feasible discrete point. Currently only supported by the Vertex AI - Vizier service. Not supported by HyperparameterTuningJob or - TrainingPipeline. - type: number - format: double - GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpec: - id: GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpec - description: Represents a parameter spec with condition from its parent parameter. - type: object - properties: - parentDiscreteValues: - description: >- - The spec for matching values from a parent parameter of `DISCRETE` - type. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecDiscreteValueCondition - parentIntValues: - description: >- - The spec for matching values from a parent parameter of `INTEGER` - type. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecIntValueCondition - parentCategoricalValues: + Output only. The display name of the output identified by + output_index. For example, the predicted class name by a + multi-classification Model. This field is only populated iff the + Model predicts display names as a separate field along with the + explained output. The predicted display name must has the same shape + of the explained output, and can be located using output_index. + readOnly: true + featureAttributions: + readOnly: true + type: any description: >- - The spec for matching values from a parent parameter of - `CATEGORICAL` type. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecCategoricalValueCondition - parameterSpec: - description: Required. The spec for a conditional parameter. - $ref: '#/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpec' - GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecDiscreteValueCondition: - id: >- - GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecDiscreteValueCondition - description: Represents the spec to match discrete values from parent parameter. - type: object - properties: - values: + Output only. Attributions of each explained feature. Features are + extracted from the prediction instances according to explanation + metadata for inputs. The value is a struct, whose keys are the name + of the feature. The values are how much the feature in the instance + contributed to the predicted result. The format of the value is + determined by the feature's input format: * If the feature is a + scalar value, the attribution value is a floating number. * If the + feature is an array of scalar values, the attribution value is an + array. * If the feature is a struct, the attribution value is a + struct. The keys in the attribution value struct are the same as the + keys in the feature struct. The formats of the values in the + attribution struct are determined by the formats of the values in + the feature struct. The + ExplanationMetadata.feature_attributions_schema_uri field, pointed + to by the ExplanationSpec field of the Endpoint.deployed_models + object, points to the schema file that describes the features and + their attribution values (if it is populated). + outputName: + readOnly: true description: >- - Required. Matches values of the parent parameter of 'DISCRETE' type. - All values must exist in `discrete_value_spec` of parent parameter. - The Epsilon of the value matching is 1e-10. - type: array - items: - type: number - format: double - GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecIntValueCondition: - id: >- - GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecIntValueCondition - description: Represents the spec to match integer values from parent parameter. - type: object - properties: - values: + Output only. Name of the explain output. Specified as the key in + ExplanationMetadata.outputs. + type: string + instanceOutputValue: + format: double description: >- - Required. Matches values of the parent parameter of 'INTEGER' type. - All values must lie in `integer_value_spec` of parent parameter. - type: array - items: - type: string - format: int64 - GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecCategoricalValueCondition: - id: >- - GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecCategoricalValueCondition - description: Represents the spec to match categorical values from parent parameter. - type: object - properties: - values: + Output only. Model predicted output on the corresponding explanation + instance. The field name of the output is determined by the key in + ExplanationMetadata.outputs. If the Model predicted output has + multiple dimensions, this is the value in the output located by + output_index. + readOnly: true + type: number + baselineOutputValue: + format: double description: >- - Required. Matches values of the parent parameter of 'CATEGORICAL' - type. All values must exist in `categorical_value_spec` of parent - parameter. - type: array - items: - type: string - GoogleCloudAiplatformV1StudySpecStudyStoppingConfig: - id: GoogleCloudAiplatformV1StudySpecStudyStoppingConfig - description: >- - The configuration (stopping conditions) for automated stopping of a - Study. Conditions include trial budgets, time budgets, and convergence - detection. - type: object + Output only. Model predicted output if the input instance is + constructed from the baselines of all the features defined in + ExplanationMetadata.inputs. The field name of the output is + determined by the key in ExplanationMetadata.outputs. If the Model's + predicted output has multiple dimensions (rank > 1), this is the + value in the output located by output_index. If there are multiple + baselines, their output values are averaged. + readOnly: true + type: number + id: GoogleCloudAiplatformV1Attribution + description: Attribution that explains a particular prediction output. + GoogleCloudAiplatformV1CreateDatasetVersionOperationMetadata: + description: Runtime operation information for DatasetService.CreateDatasetVersion. properties: - shouldStopAsap: - description: >- - If true, a Study enters STOPPING_ASAP whenever it would normally - enters STOPPING state. The bottom line is: set to true if you want - to interrupt on-going evaluations of Trials as soon as the study - stopping condition is met. (Please see Study.State documentation for - the source of truth). - type: boolean - minimumRuntimeConstraint: - description: >- - Each "stopping rule" in this proto specifies an "if" condition. - Before Vizier would generate a new suggestion, it first checks each - specified stopping rule, from top to bottom in this list. Note that - the first few rules (e.g. minimum_runtime_constraint, - min_num_trials) will prevent other stopping rules from being - evaluated until they are met. For example, setting - `min_num_trials=5` and `always_stop_after= 1 hour` means that the - Study will ONLY stop after it has 5 COMPLETED trials, even if more - than an hour has passed since its creation. It follows the first - applicable rule (whose "if" condition is satisfied) to make a - stopping decision. If none of the specified rules are applicable, - then Vizier decides that the study should not stop. If Vizier - decides that the study should stop, the study enters STOPPING state - (or STOPPING_ASAP if should_stop_asap = true). IMPORTANT: The - automatic study state transition happens precisely as described - above; that is, deleting trials or updating StudyConfig NEVER - automatically moves the study state back to ACTIVE. If you want to - _resume_ a Study that was stopped, 1) change the stopping conditions - if necessary, 2) activate the study, and then 3) ask for - suggestions. If the specified time or duration has not passed, do - not stop the study. - $ref: '#/components/schemas/GoogleCloudAiplatformV1StudyTimeConstraint' - maximumRuntimeConstraint: - description: If the specified time or duration has passed, stop the study. - $ref: '#/components/schemas/GoogleCloudAiplatformV1StudyTimeConstraint' - minNumTrials: - description: >- - If there are fewer than this many COMPLETED trials, do not stop the - study. - type: integer - format: int32 - maxNumTrials: - description: If there are more than this many trials, stop the study. - type: integer - format: int32 - maxNumTrialsNoProgress: - description: >- - If the objective value has not improved for this many consecutive - trials, stop the study. WARNING: Effective only for single-objective - studies. - type: integer - format: int32 - maxDurationNoProgress: - description: >- - If the objective value has not improved for this much time, stop the - study. WARNING: Effective only for single-objective studies. - type: string - format: google-duration - GoogleCloudAiplatformV1StudyTimeConstraint: - id: GoogleCloudAiplatformV1StudyTimeConstraint - description: Time-based Constraint for Study + genericMetadata: + description: The common part of the operation metadata. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' type: object + id: GoogleCloudAiplatformV1CreateDatasetVersionOperationMetadata + GoogleCloudAiplatformV1Schedule: properties: - maxDuration: - description: Counts the wallclock time passed since the creation of this Study. - type: string - format: google-duration - endTime: - description: Compares the wallclock time to this time. Must use UTC timezone. - type: string + updateTime: format: google-datetime - GoogleCloudAiplatformV1Trial: - id: GoogleCloudAiplatformV1Trial - description: >- - A message representing a Trial. A Trial contains a unique set of - Parameters that has been or will be evaluated, along with the objective - metrics got by running the Trial. - type: object - properties: - name: - description: Output only. Resource name of the Trial assigned by the service. - readOnly: true - type: string - id: - description: Output only. The identifier of the Trial assigned by the service. - readOnly: true - type: string - state: - description: Output only. The detailed state of the Trial. + description: Output only. Timestamp when this Schedule was updated. readOnly: true type: string - enumDescriptions: - - The Trial state is unspecified. - - >- - Indicates that a specific Trial has been requested, but it has not - yet been suggested by the service. - - Indicates that the Trial has been suggested. - - Indicates that the Trial should stop according to the service. - - Indicates that the Trial is completed successfully. - - >- - Indicates that the Trial should not be attempted again. The - service will set a Trial to INFEASIBLE when it's done but missing - the final_measurement. - enum: - - STATE_UNSPECIFIED - - REQUESTED - - ACTIVE - - STOPPING - - SUCCEEDED - - INFEASIBLE - parameters: - description: Output only. The parameters of the Trial. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TrialParameter' - finalMeasurement: - description: Output only. The final measurement containing the objective value. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1Measurement' - measurements: - description: >- - Output only. A list of measurements that are strictly - lexicographically ordered by their induced tuples (steps, - elapsed_duration). These are used for early stopping computations. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Measurement' - startTime: - description: Output only. Time when the Trial was started. + createTime: readOnly: true - type: string format: google-datetime - endTime: - description: >- - Output only. Time when the Trial's status changed to `SUCCEEDED` or - `INFEASIBLE`. - readOnly: true + description: Output only. Timestamp when this Schedule was created. type: string + nextRunTime: format: google-datetime - clientId: - description: >- - Output only. The identifier of the client that originally requested - this Trial. Each client is identified by a unique client_id. When a - client asks for a suggestion, Vertex AI Vizier will assign it a - Trial. The client should evaluate the Trial, complete it, and report - back to Vertex AI Vizier. If suggestion is asked again by same - client_id before the Trial is completed, the same Trial will be - returned. Multiple clients with different client_ids can ask for - suggestions simultaneously, each of them will get their own Trial. - readOnly: true type: string - infeasibleReason: description: >- - Output only. A human readable string describing why the Trial is - infeasible. This is set only if Trial state is `INFEASIBLE`. + Output only. Timestamp when this Schedule should schedule the next + run. Having a next_run_time in the past means the runs are being + started behind schedule. readOnly: true - type: string - customJob: + cron: description: >- - Output only. The CustomJob name linked to the Trial. It's set for a - HyperparameterTuningJob's Trial. - readOnly: true + Cron schedule (https://en.wikipedia.org/wiki/Cron) to launch + scheduled runs. To explicitly set a timezone to the cron tab, apply + a prefix in the cron tab: "CRON_TZ=${IANA_TIME_ZONE}" or + "TZ=${IANA_TIME_ZONE}". The ${IANA_TIME_ZONE} may only be a valid + string from IANA time zone database. For example, + "CRON_TZ=America/New_York 1 * * * *", or "TZ=America/New_York 1 * * + * *". type: string - webAccessUris: + lastScheduledRunResponse: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ScheduleRunResponse' description: >- - Output only. URIs for accessing [interactive - shells](https://cloud.google.com/vertex-ai/docs/training/monitor-debug-interactive-shell) - (one URI for each training node). Only available if this trial is - part of a HyperparameterTuningJob and the job's - trial_job_spec.enable_web_access field is `true`. The keys are names - of each node used for the trial; for example, `workerpool0-0` for - the primary node, `workerpool1-0` for the first node in the second - worker pool, and `workerpool1-1` for the second node in the second - worker pool. The values are the URIs for each node's interactive - shell. + Output only. Response of the last scheduled run. This is the + response for starting the scheduled requests and not the execution + of the operations/jobs created by the requests (if applicable). + Unset if no run has been scheduled yet. readOnly: true - type: object - additionalProperties: - type: string - GoogleCloudAiplatformV1TrialParameter: - id: GoogleCloudAiplatformV1TrialParameter - description: A message representing a parameter to be tuned. - type: object - properties: - parameterId: - description: >- - Output only. The ID of the parameter. The parameter should be - defined in StudySpec's Parameters. + lastPauseTime: readOnly: true - type: string - value: description: >- - Output only. The value of the parameter. `number_value` will be set - if a parameter defined in StudySpec is in type 'INTEGER', 'DOUBLE' - or 'DISCRETE'. `string_value` will be set if a parameter defined in - StudySpec is in type 'CATEGORICAL'. + Output only. Timestamp when this Schedule was last paused. Unset if + never paused. + format: google-datetime + type: string + catchUp: readOnly: true - type: any - GoogleCloudAiplatformV1Measurement: - id: GoogleCloudAiplatformV1Measurement - description: >- - A message representing a Measurement of a Trial. A Measurement contains - the Metrics got by executing a Trial using suggested hyperparameter - values. - type: object - properties: - elapsedDuration: + type: boolean description: >- - Output only. Time that the Trial has been running at the point of - this Measurement. - readOnly: true + Output only. Whether to backfill missed runs when the schedule is + resumed from PAUSED state. If set to true, all missed runs will be + scheduled. New runs will be scheduled after the backfill is + complete. Default to false. + startedRunCount: type: string - format: google-duration - stepCount: - description: >- - Output only. The number of steps the machine learning model has been - trained for. Must be non-negative. + format: int64 + description: Output only. The number of runs started by this schedule. readOnly: true - type: string + maxRunCount: format: int64 - metrics: + type: string description: >- - Output only. A list of metrics got by evaluating the objective - functions using suggested Parameter values. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1MeasurementMetric' - GoogleCloudAiplatformV1MeasurementMetric: - id: GoogleCloudAiplatformV1MeasurementMetric - description: A message representing a metric in the measurement. - type: object - properties: - metricId: + Optional. Maximum run count of the schedule. If specified, The + schedule will be completed when either started_run_count >= + max_run_count or when end_time is reached. If not specified, new + runs will keep getting scheduled until this Schedule is paused or + deleted. Already scheduled runs will be allowed to complete. Unset + if not specified. + createNotebookExecutionJobRequest: + description: Request for NotebookService.CreateNotebookExecutionJob. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CreateNotebookExecutionJobRequest + lastResumeTime: description: >- - Output only. The ID of the Metric. The Metric should be defined in - StudySpec's Metrics. + Output only. Timestamp when this Schedule was last resumed. Unset if + never resumed from pause. readOnly: true type: string - value: - description: Output only. The value for this metric. - readOnly: true - type: number - format: double - GoogleCloudAiplatformV1ListHyperparameterTuningJobsResponse: - id: GoogleCloudAiplatformV1ListHyperparameterTuningJobsResponse - description: Response message for JobService.ListHyperparameterTuningJobs - type: object - properties: - hyperparameterTuningJobs: - description: >- - List of HyperparameterTuningJobs in the requested page. - HyperparameterTuningJob.trials of the jobs will be not be returned. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1HyperparameterTuningJob - nextPageToken: + format: google-datetime + endTime: + format: google-datetime description: >- - A token to retrieve the next page of results. Pass to - ListHyperparameterTuningJobsRequest.page_token to obtain that page. + Optional. Timestamp after which no new runs can be scheduled. If + specified, The schedule will be completed when either end_time is + reached or when scheduled_run_count >= max_run_count. If not + specified, new runs will keep getting scheduled until this Schedule + is paused or deleted. Already scheduled runs will be allowed to + complete. Unset if not specified. type: string - GoogleCloudAiplatformV1CancelHyperparameterTuningJobRequest: - id: GoogleCloudAiplatformV1CancelHyperparameterTuningJobRequest - description: Request message for JobService.CancelHyperparameterTuningJob. - type: object - properties: {} - GoogleCloudAiplatformV1NasJob: - id: GoogleCloudAiplatformV1NasJob - description: Represents a Neural Architecture Search (NAS) job. - type: object - properties: name: - description: Output only. Resource name of the NasJob. - readOnly: true + description: Immutable. The resource name of the Schedule. type: string - displayName: + startTime: description: >- - Required. The display name of the NasJob. The name can be up to 128 - characters long and can consist of any UTF-8 characters. + Optional. Timestamp after which the first run can be scheduled. + Default to Schedule create time if not specified. type: string - nasJobSpec: - description: Required. The specification of a NasJob. - $ref: '#/components/schemas/GoogleCloudAiplatformV1NasJobSpec' - nasJobOutput: - description: Output only. Output of the NasJob. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1NasJobOutput' + format: google-datetime + maxConcurrentRunCount: + type: string + format: int64 + description: >- + Required. Maximum number of runs that can be started concurrently + for this Schedule. This is the limit for starting the scheduled + requests and not the execution of the operations/jobs created by the + requests (if applicable). + allowQueueing: + description: >- + Optional. Whether new scheduled runs can be queued when + max_concurrent_runs limit is reached. If set to true, new runs will + be queued instead of skipped. Default to false. + type: boolean state: - description: Output only. The detailed state of the job. - readOnly: true + enum: + - STATE_UNSPECIFIED + - ACTIVE + - PAUSED + - COMPLETED type: string enumDescriptions: - - The job state is unspecified. + - Unspecified. - >- - The job has been just created or resumed and processing has not - yet begun. - - The service is preparing to run the job. - - The job is in progress. - - The job completed successfully. - - The job failed. + The Schedule is active. Runs are being scheduled on the + user-specified timespec. - >- - The job is being cancelled. From this state the job may only go to - either `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED` or - `JOB_STATE_CANCELLED`. - - The job has been cancelled. - - The job has been stopped, and can be resumed. - - The job has expired. + The schedule is paused. No new runs will be created until the + schedule is resumed. Already started runs will be allowed to + complete. - >- - The job is being updated. Only jobs in the `RUNNING` state can be - updated. After updating, the job goes back to the `RUNNING` state. - - >- - The job is partially succeeded, some results may be missing due to - errors. - enum: - - JOB_STATE_UNSPECIFIED - - JOB_STATE_QUEUED - - JOB_STATE_PENDING - - JOB_STATE_RUNNING - - JOB_STATE_SUCCEEDED - - JOB_STATE_FAILED - - JOB_STATE_CANCELLING - - JOB_STATE_CANCELLED - - JOB_STATE_PAUSED - - JOB_STATE_EXPIRED - - JOB_STATE_UPDATING - - JOB_STATE_PARTIALLY_SUCCEEDED - createTime: - description: Output only. Time when the NasJob was created. - readOnly: true - type: string - format: google-datetime - startTime: - description: >- - Output only. Time when the NasJob for the first time entered the - `JOB_STATE_RUNNING` state. - readOnly: true - type: string - format: google-datetime - endTime: - description: >- - Output only. Time when the NasJob entered any of the following - states: `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED`, - `JOB_STATE_CANCELLED`. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Time when the NasJob was most recently updated. + The Schedule is completed. No new runs will be scheduled. Already + started runs will be allowed to complete. Schedules in completed + state cannot be paused or resumed. readOnly: true + description: Output only. The state of this Schedule. + displayName: type: string - format: google-datetime - error: - description: >- - Output only. Only populated when job's state is JOB_STATE_FAILED or - JOB_STATE_CANCELLED. - readOnly: true - $ref: '#/components/schemas/GoogleRpcStatus' - labels: - description: >- - The labels with user-defined metadata to organize NasJobs. Label - keys and values can be no longer than 64 characters (Unicode - codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. See - https://goo.gl/xmQnxf for more information and examples of labels. - type: object - additionalProperties: - type: string - encryptionSpec: description: >- - Customer-managed encryption key options for a NasJob. If this is - set, then all resources created by the NasJob will be encrypted with - the provided encryption key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - enableRestrictedImageTraining: + Required. User provided name of the Schedule. The name can be up to + 128 characters long and can consist of any UTF-8 characters. + createPipelineJobRequest: description: >- - Optional. Enable a separation of Custom model training and - restricted image training for tenant project. - deprecated: true - type: boolean - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - GoogleCloudAiplatformV1NasJobSpec: - id: GoogleCloudAiplatformV1NasJobSpec - description: Represents the spec of a NasJob. + Request for PipelineService.CreatePipelineJob. + CreatePipelineJobRequest.parent field is required (format: + projects/{project}/locations/{location}). + $ref: '#/components/schemas/GoogleCloudAiplatformV1CreatePipelineJobRequest' + description: >- + An instance of a Schedule periodically schedules runs to make API calls + based on user specified time specification and API request type. type: object + id: GoogleCloudAiplatformV1Schedule + GoogleCloudAiplatformV1FasterDeploymentConfig: + id: GoogleCloudAiplatformV1FasterDeploymentConfig properties: - multiTrialAlgorithmSpec: - description: The spec of multi-trial algorithms. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpec - resumeNasJobId: - description: >- - The ID of the existing NasJob in the same Project and Location which - will be used to resume search. search_space_spec and - nas_algorithm_spec are obtained from previous NasJob hence should - not provide them again for this NasJob. - type: string - searchSpaceSpec: - description: It defines the search space for Neural Architecture Search (NAS). - type: string - GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpec: - id: GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpec - description: The spec of multi-trial Neural Architecture Search (NAS). + fastTryoutEnabled: + description: If true, enable fast tryout feature for this deployed model. + type: boolean + description: Configuration for faster model deployment. type: object + GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityInput: + id: GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityInput properties: - multiTrialAlgorithm: - description: >- - The multi-trial Neural Architecture Search (NAS) algorithm type. - Defaults to `REINFORCEMENT_LEARNING`. - type: string - enumDescriptions: - - Defaults to `REINFORCEMENT_LEARNING`. - - >- - The Reinforcement Learning Algorithm for Multi-trial Neural - Architecture Search (NAS). - - >- - The Grid Search Algorithm for Multi-trial Neural Architecture - Search (NAS). - enum: - - MULTI_TRIAL_ALGORITHM_UNSPECIFIED - - REINFORCEMENT_LEARNING - - GRID_SEARCH - metric: - description: >- - Metric specs for the NAS job. Validation for this field is done at - `multi_trial_algorithm_spec` field. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecMetricSpec - searchTrialSpec: - description: Required. Spec for search trials. + metricSpec: + description: Required. Spec for pairwise question answering quality score metric. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecSearchTrialSpec - trainTrialSpec: - description: >- - Spec for train trials. Top N - [TrainTrialSpec.max_parallel_trial_count] search trials will be - trained for every M [TrainTrialSpec.frequency] trials searched. + #/components/schemas/GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualitySpec + instance: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecTrainTrialSpec - GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecMetricSpec: - id: GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecMetricSpec - description: Represents a metric to optimize. + #/components/schemas/GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityInstance + description: Required. Pairwise question answering quality instance. + type: object + description: Input for pairwise question answering quality metric. + GoogleCloudAiplatformV1ModelVersionCheckpoint: + description: Describes the machine learning model version checkpoint. + deprecated: true type: object + id: GoogleCloudAiplatformV1ModelVersionCheckpoint properties: - metricId: - description: Required. The ID of the metric. Must not contain whitespaces. + step: + description: The step of the checkpoint. type: string - goal: - description: Required. The optimization goal of the metric. + format: int64 + epoch: + format: int64 + description: The epoch of the checkpoint. type: string - enumDescriptions: - - Goal Type will default to maximize. - - Maximize the goal metric. - - Minimize the goal metric. - enum: - - GOAL_TYPE_UNSPECIFIED - - MAXIMIZE - - MINIMIZE - GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecSearchTrialSpec: - id: GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecSearchTrialSpec - description: Represent spec for search trials. + checkpointId: + type: string + description: The ID of the checkpoint. + GoogleCloudAiplatformV1UndeployIndexResponse: type: object - properties: - searchTrialJobSpec: - description: >- - Required. The spec of a search trial job. The same spec applies to - all search trials. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJobSpec' - maxTrialCount: - description: >- - Required. The maximum number of Neural Architecture Search (NAS) - trials to run. - type: integer - format: int32 - maxParallelTrialCount: - description: Required. The maximum number of trials to run in parallel. - type: integer - format: int32 - maxFailedTrialCount: - description: >- - The number of failed trials that need to be seen before failing the - NasJob. If set to 0, Vertex AI decides how many trials must fail - before the whole job fails. - type: integer - format: int32 - GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecTrainTrialSpec: - id: GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecTrainTrialSpec - description: Represent spec for train trials. + id: GoogleCloudAiplatformV1UndeployIndexResponse + properties: {} + description: Response message for IndexEndpointService.UndeployIndex. + GoogleCloudAiplatformV1SchemaPredictParamsImageClassificationPredictionParams: type: object + id: >- + GoogleCloudAiplatformV1SchemaPredictParamsImageClassificationPredictionParams + description: Prediction model parameters for Image Classification. properties: - trainTrialJobSpec: - description: >- - Required. The spec of a train trial job. The same spec applies to - all train trials. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJobSpec' - maxParallelTrialCount: - description: Required. The maximum number of trials to run in parallel. - type: integer + maxPredictions: format: int32 - frequency: - description: >- - Required. Frequency of search trials to start train stage. Top N - [TrainTrialSpec.max_parallel_trial_count] search trials will be - trained for every M [TrainTrialSpec.frequency] trials searched. type: integer - format: int32 - GoogleCloudAiplatformV1NasJobOutput: - id: GoogleCloudAiplatformV1NasJobOutput - description: Represents a uCAIP NasJob output. - type: object - properties: - multiTrialJobOutput: description: >- - Output only. The output of this multi-trial Neural Architecture - Search (NAS) job. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NasJobOutputMultiTrialJobOutput - GoogleCloudAiplatformV1NasJobOutputMultiTrialJobOutput: - id: GoogleCloudAiplatformV1NasJobOutputMultiTrialJobOutput - description: The output of a multi-trial Neural Architecture Search (NAS) jobs. + The Model only returns up to that many top, by confidence score, + predictions per instance. If this number is very high, the Model may + return fewer predictions. Default value is 10. + confidenceThreshold: + description: >- + The Model only returns predictions with at least this confidence + score. Default value is 0.0 + format: float + type: number + GoogleCloudAiplatformV1GenerateContentResponse: type: object + description: Response message for [PredictionService.GenerateContent]. properties: - searchTrials: - description: >- - Output only. List of NasTrials that were started as part of search - stage. + candidates: readOnly: true - type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1NasTrial' - trainTrials: - description: >- - Output only. List of NasTrials that were started as part of train - stage. - readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1Candidate' type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1NasTrial' - GoogleCloudAiplatformV1NasTrial: - id: GoogleCloudAiplatformV1NasTrial - description: Represents a uCAIP NasJob trial. - type: object - properties: - id: - description: Output only. The identifier of the NasTrial assigned by the service. - readOnly: true - type: string - state: - description: Output only. The detailed state of the NasTrial. - readOnly: true + description: Output only. Generated candidates. + modelVersion: + description: Output only. The model version used to generate the response. type: string - enumDescriptions: - - The NasTrial state is unspecified. - - >- - Indicates that a specific NasTrial has been requested, but it has - not yet been suggested by the service. - - Indicates that the NasTrial has been suggested. - - Indicates that the NasTrial should stop according to the service. - - Indicates that the NasTrial is completed successfully. - - >- - Indicates that the NasTrial should not be attempted again. The - service will set a NasTrial to INFEASIBLE when it's done but - missing the final_measurement. - enum: - - STATE_UNSPECIFIED - - REQUESTED - - ACTIVE - - STOPPING - - SUCCEEDED - - INFEASIBLE - finalMeasurement: - description: Output only. The final measurement containing the objective value. readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1Measurement' - startTime: - description: Output only. Time when the NasTrial was started. + responseId: readOnly: true + description: >- + Output only. response_id is used to identify each response. It is + the encoding of the event_id. type: string - format: google-datetime - endTime: + usageMetadata: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponseUsageMetadata + description: Usage metadata about the response(s). + promptFeedback: description: >- - Output only. Time when the NasTrial's status changed to `SUCCEEDED` - or `INFEASIBLE`. + Output only. Content filter results for a prompt sent in the + request. Note: Sent only in the first stream chunk. Only happens + when no candidates were generated due to content violations. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponsePromptFeedback readOnly: true + createTime: + description: Output only. Timestamp when the request is made to the server. type: string format: google-datetime - GoogleCloudAiplatformV1ListNasJobsResponse: - id: GoogleCloudAiplatformV1ListNasJobsResponse - description: Response message for JobService.ListNasJobs + readOnly: true + id: GoogleCloudAiplatformV1GenerateContentResponse + GoogleCloudAiplatformV1SummarizationHelpfulnessInput: type: object properties: - nasJobs: - description: >- - List of NasJobs in the requested page. NasJob.nas_job_output of the - jobs will not be returned. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1NasJob' - nextPageToken: - description: >- - A token to retrieve the next page of results. Pass to - ListNasJobsRequest.page_token to obtain that page. - type: string - GoogleCloudAiplatformV1CancelNasJobRequest: - id: GoogleCloudAiplatformV1CancelNasJobRequest - description: Request message for JobService.CancelNasJob. - type: object - properties: {} - GoogleCloudAiplatformV1NasTrialDetail: - id: GoogleCloudAiplatformV1NasTrialDetail - description: >- - Represents a NasTrial details along with its parameters. If there is a - corresponding train NasTrial, the train NasTrial is also returned. + metricSpec: + description: Required. Spec for summarization helpfulness score metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SummarizationHelpfulnessSpec + instance: + description: Required. Summarization helpfulness instance. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SummarizationHelpfulnessInstance + description: Input for summarization helpfulness metric. + id: GoogleCloudAiplatformV1SummarizationHelpfulnessInput + GoogleCloudAiplatformV1TensorboardBlob: + description: One blob (e.g, image, graph) viewable on a blob metric plot. + id: GoogleCloudAiplatformV1TensorboardBlob type: object properties: - name: - description: Output only. Resource name of the NasTrialDetail. + id: + description: >- + Output only. A URI safe key uniquely identifying a blob. Can be used + to locate the blob stored in the Cloud Storage bucket of the + consumer project. readOnly: true type: string - parameters: - description: The parameters for the NasJob NasTrial. - type: string - searchTrial: - description: The requested search NasTrial. - $ref: '#/components/schemas/GoogleCloudAiplatformV1NasTrial' - trainTrial: + data: description: >- - The train NasTrial corresponding to search_trial. Only populated if - search_trial is used for training. - $ref: '#/components/schemas/GoogleCloudAiplatformV1NasTrial' - GoogleCloudAiplatformV1ListNasTrialDetailsResponse: - id: GoogleCloudAiplatformV1ListNasTrialDetailsResponse - description: Response message for JobService.ListNasTrialDetails - type: object + Optional. The bytes of the blob is not present unless it's returned + by the ReadTensorboardBlobData endpoint. + format: byte + type: string + GoogleCloudAiplatformV1BatchReadFeatureValuesRequestPassThroughField: + id: GoogleCloudAiplatformV1BatchReadFeatureValuesRequestPassThroughField properties: - nasTrialDetails: - description: List of top NasTrials in the requested page. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1NasTrialDetail' - nextPageToken: + fieldName: description: >- - A token to retrieve the next page of results. Pass to - ListNasTrialDetailsRequest.page_token to obtain that page. + Required. The name of the field in the CSV header or the name of the + column in BigQuery table. The naming restriction is the same as + Feature.name. type: string - GoogleCloudAiplatformV1BatchPredictionJob: - id: GoogleCloudAiplatformV1BatchPredictionJob - description: >- - A job that uses a Model to produce predictions on multiple input - instances. If predictions for significant portion of the instances fail, - the job may finish without attempting predictions for all remaining - instances. type: object + description: Describe pass-through fields in read_instance source. + GoogleCloudAiplatformV1ReasoningEngineContextSpecMemoryBankConfig: + id: GoogleCloudAiplatformV1ReasoningEngineContextSpecMemoryBankConfig + description: Specification for a Memory Bank. properties: - name: - description: Output only. Resource name of the BatchPredictionJob. - readOnly: true - type: string - displayName: - description: Required. The user-defined name of this BatchPredictionJob. - type: string - model: - description: >- - The name of the Model resource that produces the predictions via - this job, must share the same ancestor Location. Starting this job - has no impact on any existing deployments of the Model and their - resources. Exactly one of model and unmanaged_container_model must - be set. The model resource name may contain version id or version - alias to specify the version. Example: - `projects/{project}/locations/{location}/models/{model}@2` or - `projects/{project}/locations/{location}/models/{model}@golden` if - no version is specified, the default version will be deployed. The - model resource could also be a publisher model. Example: - `publishers/{publisher}/models/{model}` or - `projects/{project}/locations/{location}/publishers/{publisher}/models/{model}` - type: string - modelVersionId: + generationConfig: description: >- - Output only. The version ID of the Model that produces the - predictions via this job. - readOnly: true - type: string - unmanagedContainerModel: + Optional. Configuration for how to generate memories for the Memory + Bank. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReasoningEngineContextSpecMemoryBankConfigGenerationConfig + disableMemoryRevisions: description: >- - Contains model information necessary to perform batch prediction - without requiring uploading to model registry. Exactly one of model - and unmanaged_container_model must be set. - $ref: '#/components/schemas/GoogleCloudAiplatformV1UnmanagedContainerModel' - inputConfig: + If true, no memory revisions will be created for any requests to the + Memory Bank. + type: boolean + similaritySearchConfig: description: >- - Required. Input configuration of the instances on which predictions - are performed. The schema of any single instance may be specified - via the Model's PredictSchemata's instance_schema_uri. + Optional. Configuration for how to perform similarity search on + memories. If not set, the Memory Bank will use the default embedding + model `text-embedding-005`. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchPredictionJobInputConfig - instanceConfig: + #/components/schemas/GoogleCloudAiplatformV1ReasoningEngineContextSpecMemoryBankConfigSimilaritySearchConfig + ttlConfig: description: >- - Configuration for how to convert batch prediction input instances to - the prediction instances that are sent to the Model. + Optional. Configuration for automatic TTL ("time-to-live") of the + memories in the Memory Bank. If not set, TTL will not be applied + automatically. The TTL can be explicitly set by modifying the + `expire_time` of each Memory resource. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchPredictionJobInstanceConfig - modelParameters: - description: >- - The parameters that govern the predictions. The schema of the - parameters may be specified via the Model's PredictSchemata's - parameters_schema_uri. - type: any - outputConfig: + #/components/schemas/GoogleCloudAiplatformV1ReasoningEngineContextSpecMemoryBankConfigTtlConfig + customizationConfigs: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MemoryBankCustomizationConfig + type: array description: >- - Required. The Configuration specifying where output predictions - should be written. The schema of any single prediction may be - specified as a concatenation of Model's PredictSchemata's - instance_schema_uri and prediction_schema_uri. + Optional. Configuration for how to customize Memory Bank behavior + for a particular scope. + type: object + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecasting: + description: A TrainingJob that trains and uploads an AutoML Forecasting Model. + properties: + inputs: + description: The input parameters of this TrainingJob. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchPredictionJobOutputConfig - dedicatedResources: + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputs + metadata: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingMetadata + description: The metadata information. + id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecasting + type: object + GoogleCloudAiplatformV1SchemaVideoObjectTrackingAnnotation: + description: Annotation details specific to video object tracking. + id: GoogleCloudAiplatformV1SchemaVideoObjectTrackingAnnotation + type: object + properties: + annotationSpecId: + type: string description: >- - The config of resources used by the Model during the batch - prediction. If the Model supports DEDICATED_RESOURCES this config - may be provided (and the job will use these resources), if the Model - doesn't support AUTOMATIC_RESOURCES, this config must be provided. - $ref: '#/components/schemas/GoogleCloudAiplatformV1BatchDedicatedResources' - serviceAccount: + The resource Id of the AnnotationSpec that this Annotation pertains + to. + instanceId: + type: string description: >- - The service account that the DeployedModel's container runs as. If - not specified, a system generated one will be used, which has - minimal permissions and the custom container, if used, may not have - enough permission to access other Google Cloud resources. Users - deploying the Model must have the `iam.serviceAccounts.actAs` - permission on this service account. - type: string - manualBatchTuningParameters: + The instance of the object, expressed as a positive integer. Used to + track the same object across different frames. + format: int64 + timeOffset: description: >- - Immutable. Parameters configuring the batch behavior. Currently only - applicable when dedicated_resources are used (in other cases Vertex - AI does the tuning itself). - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ManualBatchTuningParameters - generateExplanation: + A time (frame) of a video to which this annotation pertains. + Represented as the duration since the video's start. + format: google-duration + type: string + yMax: + format: double + type: number + description: The bottommost coordinate of the bounding box. + displayName: + type: string description: >- - Generate explanation with the batch prediction results. When set to - `true`, the batch prediction output changes based on the - `predictions_format` field of the BatchPredictionJob.output_config - object: * `bigquery`: output includes a column named `explanation`. - The value is a struct that conforms to the Explanation object. * - `jsonl`: The JSON objects on each line include an additional entry - keyed `explanation`. The value of the entry is a JSON object that - conforms to the Explanation object. * `csv`: Generating explanations - for CSV format is not supported. If this field is set to true, - either the Model.explanation_spec or explanation_spec must be - populated. - type: boolean - explanationSpec: + The display name of the AnnotationSpec that this Annotation pertains + to. + xMax: + type: number + description: The rightmost coordinate of the bounding box. + format: double + yMin: + description: The topmost coordinate of the bounding box. + type: number + format: double + xMin: + description: The leftmost coordinate of the bounding box. + type: number + format: double + GoogleCloudAiplatformV1ToolNameMatchSpec: + properties: {} + description: Spec for tool name match metric. + type: object + id: GoogleCloudAiplatformV1ToolNameMatchSpec + GoogleCloudAiplatformV1ExportFeatureValuesRequestFullExport: + description: >- + Describes exporting all historical Feature values of all entities of the + EntityType between [start_time, end_time]. + type: object + properties: + startTime: description: >- - Explanation configuration for this BatchPredictionJob. Can be - specified only if generate_explanation is set to `true`. This value - overrides the value of Model.explanation_spec. All fields of - explanation_spec are optional in the request. If a field of the - explanation_spec object is not populated, the corresponding field of - the Model.explanation_spec object is inherited. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplanationSpec' - outputInfo: - description: Output only. Information further describing the output of this job. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchPredictionJobOutputInfo - state: - description: Output only. The detailed state of the job. - readOnly: true + Excludes Feature values with feature generation timestamp before + this timestamp. If not set, retrieve oldest values kept in Feature + Store. Timestamp, if present, must not have higher than millisecond + precision. + format: google-datetime type: string - enumDescriptions: - - The job state is unspecified. - - >- - The job has been just created or resumed and processing has not - yet begun. - - The service is preparing to run the job. - - The job is in progress. - - The job completed successfully. - - The job failed. - - >- - The job is being cancelled. From this state the job may only go to - either `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED` or - `JOB_STATE_CANCELLED`. - - The job has been cancelled. - - The job has been stopped, and can be resumed. - - The job has expired. - - >- - The job is being updated. Only jobs in the `RUNNING` state can be - updated. After updating, the job goes back to the `RUNNING` state. - - >- - The job is partially succeeded, some results may be missing due to - errors. - enum: - - JOB_STATE_UNSPECIFIED - - JOB_STATE_QUEUED - - JOB_STATE_PENDING - - JOB_STATE_RUNNING - - JOB_STATE_SUCCEEDED - - JOB_STATE_FAILED - - JOB_STATE_CANCELLING - - JOB_STATE_CANCELLED - - JOB_STATE_PAUSED - - JOB_STATE_EXPIRED - - JOB_STATE_UPDATING - - JOB_STATE_PARTIALLY_SUCCEEDED - error: - description: >- - Output only. Only populated when the job's state is JOB_STATE_FAILED - or JOB_STATE_CANCELLED. - readOnly: true - $ref: '#/components/schemas/GoogleRpcStatus' - partialFailures: + endTime: + format: google-datetime description: >- - Output only. Partial failures encountered. For example, single files - that can't be read. This field never exceeds 20 entries. Status - details fields contain standard Google Cloud error details. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - resourcesConsumed: + Exports Feature values as of this timestamp. If not set, retrieve + values as of now. Timestamp, if present, must not have higher than + millisecond precision. + type: string + id: GoogleCloudAiplatformV1ExportFeatureValuesRequestFullExport + GoogleCloudAiplatformV1SchemaPromptInstancePromptExecution: + id: GoogleCloudAiplatformV1SchemaPromptInstancePromptExecution + description: >- + A prompt instance's parameters set that contains a set of variable + values. + type: object + properties: + arguments: + type: object + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptInstanceVariableValue + description: Maps variable names to their value. + GoogleCloudAiplatformV1PointwiseMetricInstance: + type: object + description: >- + Pointwise metric instance. Usually one instance corresponds to one row + in an evaluation dataset. + id: GoogleCloudAiplatformV1PointwiseMetricInstance + properties: + jsonInstance: + type: string description: >- - Output only. Information about resources that had been consumed by - this job. Provided in real time at best effort basis, as well as a - final value once the job completes. Note: This field currently may - be not populated for batch predictions that use AutoML Models. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1ResourcesConsumed' - completionStats: + Instance specified as a json string. String key-value pairs are + expected in the json_instance to render + PointwiseMetricSpec.instance_prompt_template. + contentMapInstance: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ContentMap' description: >- - Output only. Statistics on completed and failed prediction - instances. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1CompletionStats' - createTime: - description: Output only. Time when the BatchPredictionJob was created. - readOnly: true + Key-value contents for the mutlimodality input, including text, + image, video, audio, and pdf, etc. The key is placeholder in metric + prompt template, and the value is the multimodal content. + GoogleCloudAiplatformV1QuestionAnsweringRelevanceInstance: + id: GoogleCloudAiplatformV1QuestionAnsweringRelevanceInstance + type: object + description: Spec for question answering relevance instance. + properties: + instruction: type: string - format: google-datetime - startTime: description: >- - Output only. Time when the BatchPredictionJob for the first time - entered the `JOB_STATE_RUNNING` state. - readOnly: true + Required. The question asked and other instruction in the inference + prompt. + reference: type: string - format: google-datetime - endTime: - description: >- - Output only. Time when the BatchPredictionJob entered any of the - following states: `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED`, - `JOB_STATE_CANCELLED`. - readOnly: true + description: Optional. Ground truth used to compare against the prediction. + prediction: + description: Required. Output of the evaluated model. type: string - format: google-datetime - updateTime: + context: + type: string + description: Optional. Text provided as context to answer the question. + GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecSliceConfig: + description: >- + Specification message containing the config for this SliceSpec. When + `kind` is selected as `value` and/or `range`, only a single slice will + be computed. When `all_values` is present, a separate slice will be + computed for each possible label/value for the corresponding key in + `config`. Examples, with feature zip_code with values 12345, 23334, + 88888 and feature country with values "US", "Canada", "Mexico" in the + dataset: Example 1: { "zip_code": { "value": { "float_value": 12345.0 } + } } A single slice for any data with zip_code 12345 in the dataset. + Example 2: { "zip_code": { "range": { "low": 12345, "high": 20000 } } } + A single slice containing data where the zip_codes between 12345 and + 20000 For this example, data with the zip_code of 12345 will be in this + slice. Example 3: { "zip_code": { "range": { "low": 10000, "high": 20000 + } }, "country": { "value": { "string_value": "US" } } } A single slice + containing data where the zip_codes between 10000 and 20000 has the + country "US". For this example, data with the zip_code of 12345 and + country "US" will be in this slice. Example 4: { "country": + {"all_values": { "value": true } } } Three slices are computed, one for + each unique country in the dataset. Example 5: { "country": { + "all_values": { "value": true } }, "zip_code": { "value": { + "float_value": 12345.0 } } } Three slices are computed, one for each + unique country in the dataset where the zip_code is also 12345. For this + example, data with zip_code 12345 and country "US" will be in one slice, + zip_code 12345 and country "Canada" in another slice, and zip_code 12345 + and country "Mexico" in another slice, totaling 3 slices. + id: GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecSliceConfig + properties: + range: description: >- - Output only. Time when the BatchPredictionJob was most recently - updated. - readOnly: true + A range of values for a numerical feature. Example: + `{"range":{"low":10000.0,"high":50000.0}}` will capture 12345 and + 23334 in the slice. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecRange + allValues: + description: >- + If all_values is set to true, then all possible labels of the keyed + feature will have another slice computed. Example: + `{"all_values":{"value":true}}` + type: boolean + value: + description: >- + A unique specific value for a given feature. Example: `{ "value": { + "string_value": "12345" } }` + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecValue + type: object + GoogleCloudAiplatformV1ReasoningEngineSpecSourceCodeSpecPythonSpec: + properties: + entrypointModule: + description: >- + Optional. The Python module to load as the entrypoint, specified as + a fully qualified module name. For example: path.to.agent. If not + specified, defaults to "agent". The project root will be added to + Python sys.path, allowing imports to be specified relative to the + root. type: string - format: google-datetime - labels: + entrypointObject: description: >- - The labels with user-defined metadata to organize - BatchPredictionJobs. Label keys and values can be no longer than 64 - characters (Unicode codepoints), can only contain lowercase letters, - numeric characters, underscores and dashes. International characters - are allowed. See https://goo.gl/xmQnxf for more information and - examples of labels. - type: object - additionalProperties: - type: string - encryptionSpec: + Optional. The name of the callable object within the + `entrypoint_module` to use as the application If not specified, + defaults to "root_agent". + type: string + requirementsFile: + type: string description: >- - Customer-managed encryption key options for a BatchPredictionJob. If - this is set, then all resources created by the BatchPredictionJob - will be encrypted with the provided encryption key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - disableContainerLogging: + Optional. The path to the requirements file, relative to the source + root. If not specified, defaults to "requirements.txt". + version: + type: string description: >- - For custom-trained Models and AutoML Tabular Models, the container - of the DeployedModel instances will send `stderr` and `stdout` - streams to Cloud Logging by default. Please note that the logs incur - cost, which are subject to [Cloud Logging - pricing](https://cloud.google.com/logging/pricing). User can disable - container logging by setting this flag to true. - type: boolean - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - GoogleCloudAiplatformV1UnmanagedContainerModel: - id: GoogleCloudAiplatformV1UnmanagedContainerModel - description: >- - Contains model information necessary to perform batch prediction without - requiring a full model import. + Optional. The version of Python to use. Support version includes + 3.9, 3.10, 3.11, 3.12, 3.13. If not specified, default value is + 3.10. + type: object + id: GoogleCloudAiplatformV1ReasoningEngineSpecSourceCodeSpecPythonSpec + description: Specification for running a Python application from source. + GoogleCloudAiplatformV1ServiceAccountSpec: type: object + id: GoogleCloudAiplatformV1ServiceAccountSpec properties: - artifactUri: + enableCustomServiceAccount: + type: boolean description: >- - The path to the directory containing the Model artifact and any of - its supporting files. + Required. If true, custom user-managed service account is enforced + to run any workloads (for example, Vertex Jobs) on the resource. + Otherwise, uses the [Vertex AI Custom Code Service + Agent](https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents). + serviceAccount: type: string - predictSchemata: - description: Contains the schemata used in Model's predictions and explanations - $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictSchemata' - containerSpec: description: >- - Input only. The specification of the container that is to be used - when deploying this Model. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelContainerSpec' - GoogleCloudAiplatformV1PredictSchemata: - id: GoogleCloudAiplatformV1PredictSchemata + Optional. Required when all below conditions are met * + `enable_custom_service_account` is true; * any runtime is specified + via `ResourceRuntimeSpec` on creation time, for example, Ray The + users must have `iam.serviceAccounts.actAs` permission on this + service account and then the specified runtime containers will run + as it. Do not set this field if you want to submit jobs using custom + service account to this PersistentResource after creation, but only + specify the `service_account` inside the job. description: >- - Contains the schemata used in Model's predictions and explanations via - PredictionService.Predict, PredictionService.Explain and - BatchPredictionJob. + Configuration for the use of custom service account to run the + workloads. + GoogleCloudAiplatformV1ImportFeatureValuesResponse: type: object properties: - instanceSchemaUri: + invalidRowCount: description: >- - Immutable. Points to a YAML file stored on Google Cloud Storage - describing the format of a single instance, which are used in - PredictRequest.instances, ExplainRequest.instances and - BatchPredictionJob.input_config. The schema is defined as an OpenAPI - 3.0.2 [Schema - Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). - AutoML Models always have this field populated by Vertex AI. Note: - The URI given on output will be immutable and probably different, - including the URI scheme, than the one given on input. The output - URI will point to a location where the user only has a read access. + The number of rows in input source that weren't imported due to + either * Not having any featureValues. * Having a null entityId. * + Having a null timestamp. * Not being parsable (applicable for CSV + sources). type: string - parametersSchemaUri: + format: int64 + importedFeatureValueCount: + format: int64 + description: Number of Feature values that have been imported by the operation. + type: string + timestampOutsideRetentionRowsCount: + format: int64 description: >- - Immutable. Points to a YAML file stored on Google Cloud Storage - describing the parameters of prediction and explanation via - PredictRequest.parameters, ExplainRequest.parameters and - BatchPredictionJob.model_parameters. The schema is defined as an - OpenAPI 3.0.2 [Schema - Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). - AutoML Models always have this field populated by Vertex AI, if no - parameters are supported, then it is set to an empty string. Note: - The URI given on output will be immutable and probably different, - including the URI scheme, than the one given on input. The output - URI will point to a location where the user only has a read access. + The number rows that weren't ingested due to having feature + timestamps outside the retention boundary. type: string - predictionSchemaUri: + importedEntityCount: + type: string + format: int64 + description: Number of entities that have been imported by the operation. + id: GoogleCloudAiplatformV1ImportFeatureValuesResponse + description: Response message for FeaturestoreService.ImportFeatureValues. + GoogleCloudAiplatformV1CreatePipelineJobRequest: + description: Request message for PipelineService.CreatePipelineJob. + properties: + pipelineJob: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineJob' + description: Required. The PipelineJob to create. + parent: description: >- - Immutable. Points to a YAML file stored on Google Cloud Storage - describing the format of a single prediction produced by this Model, - which are returned via PredictResponse.predictions, - ExplainResponse.explanations, and BatchPredictionJob.output_config. - The schema is defined as an OpenAPI 3.0.2 [Schema - Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). - AutoML Models always have this field populated by Vertex AI. Note: - The URI given on output will be immutable and probably different, - including the URI scheme, than the one given on input. The output - URI will point to a location where the user only has a read access. + Required. The resource name of the Location to create the + PipelineJob in. Format: `projects/{project}/locations/{location}` type: string - GoogleCloudAiplatformV1ModelContainerSpec: - id: GoogleCloudAiplatformV1ModelContainerSpec + pipelineJobId: + description: >- + The ID to use for the PipelineJob, which will become the final + component of the PipelineJob name. If not provided, an ID will be + automatically generated. This value should be less than 128 + characters, and valid characters are `/a-z-/`. + type: string + id: GoogleCloudAiplatformV1CreatePipelineJobRequest + type: object + GoogleCloudAiplatformV1EvaluationInstance: + properties: + rubricGroups: + description: >- + Optional. Named groups of rubrics associated with the prompt. This + is used for rubric-based evaluations where rubrics can be referenced + by a key. The key could represent versions, associated metrics, etc. + type: object + additionalProperties: + $ref: '#/components/schemas/GoogleCloudAiplatformV1RubricGroup' + prompt: + description: >- + Optional. Data used to populate placeholder `prompt` in a metric + prompt template. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceInstanceData + agentData: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceAgentData + description: Optional. Data used for agent evaluation. + otherData: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceMapInstance + description: >- + Optional. Other data used to populate placeholders based on their + key. + reference: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceInstanceData + description: >- + Optional. Data used to populate placeholder `reference` in a metric + prompt template. + response: + description: >- + Optional. Data used to populate placeholder `response` in a metric + prompt template. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceInstanceData + type: object + id: GoogleCloudAiplatformV1EvaluationInstance description: >- - Specification of a container for serving predictions. Some fields in - this message correspond to fields in the [Kubernetes Container v1 core - specification](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core). + A single instance to be evaluated. Instances are used to specify the + input data for evaluation, from simple string comparisons to complex, + multi-turn model evaluations + GoogleCloudAiplatformV1TrajectoryExactMatchInput: type: object + id: GoogleCloudAiplatformV1TrajectoryExactMatchInput properties: - imageUri: + metricSpec: + description: Required. Spec for TrajectoryExactMatch metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1TrajectoryExactMatchSpec' + instances: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectoryExactMatchInstance + description: Required. Repeated TrajectoryExactMatch instance. + description: Instances and metric spec for TrajectoryExactMatch metric. + GoogleCloudAiplatformV1BleuInput: + description: Input for bleu metric. + properties: + metricSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1BleuSpec' + description: Required. Spec for bleu score metric. + instances: + description: Required. Repeated bleu instances. + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1BleuInstance' + type: object + id: GoogleCloudAiplatformV1BleuInput + GoogleCloudAiplatformV1PurgeContextsRequest: + properties: + force: description: >- - Required. Immutable. URI of the Docker image to be used as the - custom container for serving predictions. This URI must identify an - image in Artifact Registry or Container Registry. Learn more about - the [container publishing - requirements](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#publishing), - including permissions requirements for the Vertex AI Service Agent. - The container image is ingested upon ModelService.UploadModel, - stored internally, and this original path is afterwards not used. To - learn about the requirements for the Docker image itself, see - [Custom container - requirements](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#). - You can use the URI to one of Vertex AI's [pre-built container - images for - prediction](https://cloud.google.com/vertex-ai/docs/predictions/pre-built-containers) - in this field. + Optional. Flag to indicate to actually perform the purge. If `force` + is set to false, the method will return a sample of Context names + that would be deleted. + type: boolean + filter: type: string - command: description: >- - Immutable. Specifies the command that runs when the container - starts. This overrides the container's - [ENTRYPOINT](https://docs.docker.com/engine/reference/builder/#entrypoint). - Specify this field as an array of executable and arguments, similar - to a Docker `ENTRYPOINT`'s "exec" form, not its "shell" form. If you - do not specify this field, then the container's `ENTRYPOINT` runs, - in conjunction with the args field or the container's - [`CMD`](https://docs.docker.com/engine/reference/builder/#cmd), if - either exists. If this field is not specified and the container does - not have an `ENTRYPOINT`, then refer to the Docker documentation - about [how `CMD` and `ENTRYPOINT` - interact](https://docs.docker.com/engine/reference/builder/#understand-how-cmd-and-entrypoint-interact). - If you specify this field, then you can also specify the `args` - field to provide additional arguments for this command. However, if - you specify this field, then the container's `CMD` is ignored. See - the [Kubernetes documentation about how the `command` and `args` - fields interact with a container's `ENTRYPOINT` and - `CMD`](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#notes). - In this field, you can reference [environment variables set by - Vertex - AI](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables) - and environment variables set in the env field. You cannot reference - environment variables set in the Docker image. In order for - environment variables to be expanded, reference them by using the - following syntax: $( VARIABLE_NAME) Note that this differs from Bash - variable expansion, which does not use parentheses. If a variable - cannot be resolved, the reference in the input string is used - unchanged. To avoid variable expansion, you can escape this syntax - with `$$`; for example: $$(VARIABLE_NAME) This field corresponds to - the `command` field of the Kubernetes Containers [v1 core - API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core). - type: array + Required. A required filter matching the Contexts to be purged. + E.g., `update_time <= 2020-11-19T11:30:00-04:00`. + description: Request message for MetadataService.PurgeContexts. + type: object + id: GoogleCloudAiplatformV1PurgeContextsRequest + GoogleCloudAiplatformV1PublisherModelCallToActionDeployVertex: + id: GoogleCloudAiplatformV1PublisherModelCallToActionDeployVertex + properties: + multiDeployVertex: items: - type: string - args: - description: >- - Immutable. Specifies arguments for the command that runs when the - container starts. This overrides the container's - [`CMD`](https://docs.docker.com/engine/reference/builder/#cmd). - Specify this field as an array of executable and arguments, similar - to a Docker `CMD`'s "default parameters" form. If you don't specify - this field but do specify the command field, then the command from - the `command` field runs without any additional arguments. See the - [Kubernetes documentation about how the `command` and `args` fields - interact with a container's `ENTRYPOINT` and - `CMD`](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#notes). - If you don't specify this field and don't specify the `command` - field, then the container's - [`ENTRYPOINT`](https://docs.docker.com/engine/reference/builder/#cmd) - and `CMD` determine what runs based on their default behavior. See - the Docker documentation about [how `CMD` and `ENTRYPOINT` - interact](https://docs.docker.com/engine/reference/builder/#understand-how-cmd-and-entrypoint-interact). - In this field, you can reference [environment variables set by - Vertex - AI](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables) - and environment variables set in the env field. You cannot reference - environment variables set in the Docker image. In order for - environment variables to be expanded, reference them by using the - following syntax: $( VARIABLE_NAME) Note that this differs from Bash - variable expansion, which does not use parentheses. If a variable - cannot be resolved, the reference in the input string is used - unchanged. To avoid variable expansion, you can escape this syntax - with `$$`; for example: $$(VARIABLE_NAME) This field corresponds to - the `args` field of the Kubernetes Containers [v1 core - API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core). + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionDeploy type: array + description: Optional. One click deployment configurations. + type: object + description: Multiple setups to deploy the PublisherModel. + GoogleCloudAiplatformV1ListNotebookExecutionJobsResponse: + type: object + description: Response message for [NotebookService.CreateNotebookExecutionJob] + id: GoogleCloudAiplatformV1ListNotebookExecutionJobsResponse + properties: + notebookExecutionJobs: items: - type: string - env: - description: >- - Immutable. List of environment variables to set in the container. - After the container starts running, code running in the container - can read these environment variables. Additionally, the command and - args fields can reference these variables. Later entries in this - list can also reference earlier entries. For example, the following - example sets the variable `VAR_2` to have the value `foo bar`: - ```json [ { "name": "VAR_1", "value": "foo" }, { "name": "VAR_2", - "value": "$(VAR_1) bar" } ] ``` If you switch the order of the - variables in the example, then the expansion does not occur. This - field corresponds to the `env` field of the Kubernetes Containers - [v1 core - API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core). + $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJob' + description: List of NotebookExecutionJobs in the requested page. type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1EnvVar' - ports: + nextPageToken: description: >- - Immutable. List of ports to expose from the container. Vertex AI - sends any prediction requests that it receives to the first port on - this list. Vertex AI also sends [liveness and health - checks](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#liveness) - to this port. If you do not specify this field, it defaults to - following value: ```json [ { "containerPort": 8080 } ] ``` Vertex AI - does not use ports other than the first one listed. This field - corresponds to the `ports` field of the Kubernetes Containers [v1 - core - API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core). + A token to retrieve next page of results. Pass to + ListNotebookExecutionJobsRequest.page_token to obtain that page. + type: string + GoogleCloudAiplatformV1AugmentPromptResponse: + id: GoogleCloudAiplatformV1AugmentPromptResponse + properties: + facts: type: array + description: Retrieved facts from RAG data sources. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Port' - predictRoute: - description: >- - Immutable. HTTP path on the container to send prediction requests - to. Vertex AI forwards requests sent using - projects.locations.endpoints.predict to this path on the container's - IP address and port. Vertex AI then returns the container's response - in the API response. For example, if you set this field to `/foo`, - then when Vertex AI receives a prediction request, it forwards the - request body in a POST request to the `/foo` path on the port of - your container specified by the first value of this - `ModelContainerSpec`'s ports field. If you don't specify this field, - it defaults to the following value when you deploy this Model to an - Endpoint: - /v1/endpoints/ENDPOINT/deployedModels/DEPLOYED_MODEL:predict The - placeholders in this value are replaced as follows: * ENDPOINT: The - last segment (following `endpoints/`)of the Endpoint.name][] field - of the Endpoint where this Model has been deployed. (Vertex AI makes - this value available to your container code as the - [`AIP_ENDPOINT_ID` environment - variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).) - * DEPLOYED_MODEL: DeployedModel.id of the `DeployedModel`. (Vertex - AI makes this value available to your container code as the - [`AIP_DEPLOYED_MODEL_ID` environment - variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).) - type: string - healthRoute: - description: >- - Immutable. HTTP path on the container to send health checks to. - Vertex AI intermittently sends GET requests to this path on the - container's IP address and port to check that the container is - healthy. Read more about [health - checks](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#health). - For example, if you set this field to `/bar`, then Vertex AI - intermittently sends a GET request to the `/bar` path on the port of - your container specified by the first value of this - `ModelContainerSpec`'s ports field. If you don't specify this field, - it defaults to the following value when you deploy this Model to an - Endpoint: /v1/endpoints/ENDPOINT/deployedModels/ - DEPLOYED_MODEL:predict The placeholders in this value are replaced - as follows: * ENDPOINT: The last segment (following `endpoints/`)of - the Endpoint.name][] field of the Endpoint where this Model has been - deployed. (Vertex AI makes this value available to your container - code as the [`AIP_ENDPOINT_ID` environment - variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).) - * DEPLOYED_MODEL: DeployedModel.id of the `DeployedModel`. (Vertex - AI makes this value available to your container code as the - [`AIP_DEPLOYED_MODEL_ID` environment - variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).) - type: string - invokeRoutePrefix: - description: >- - Immutable. Invoke route prefix for the custom container. "/*" is the - only supported value right now. By setting this field, any non-root - route on this model will be accessible with invoke http call eg: - "/invoke/foo/bar", however the [PredictionService.Invoke] RPC is not - supported yet. Only one of `predict_route` or `invoke_route_prefix` - can be set, and we default to using `predict_route` if this field is - not set. If this field is set, the Model can only be deployed to - dedicated endpoint. - type: string - grpcPorts: - description: >- - Immutable. List of ports to expose from the container. Vertex AI - sends gRPC prediction requests that it receives to the first port on - this list. Vertex AI also sends liveness and health checks to this - port. If you do not specify this field, gRPC requests to the - container will be disabled. Vertex AI does not use ports other than - the first one listed. This field corresponds to the `ports` field of - the Kubernetes Containers v1 core API. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Fact' + augmentedPrompt: + description: Augmented prompt, only text format is supported for now. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Port' - deploymentTimeout: - description: >- - Immutable. Deployment timeout. Limit for deployment timeout is 2 - hours. - type: string - format: google-duration - sharedMemorySizeMb: - description: >- - Immutable. The amount of the VM memory to reserve as the shared - memory for the model in megabytes. - type: string - format: int64 - startupProbe: - description: Immutable. Specification for Kubernetes startup probe. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Probe' - healthProbe: - description: Immutable. Specification for Kubernetes readiness probe. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Probe' - livenessProbe: - description: Immutable. Specification for Kubernetes liveness probe. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Probe' - GoogleCloudAiplatformV1Port: - id: GoogleCloudAiplatformV1Port - description: Represents a network port in a container. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + type: object + description: Response message for AugmentPrompt. + GoogleCloudAiplatformV1AutoraterConfig: + id: GoogleCloudAiplatformV1AutoraterConfig type: object + description: >- + The configs for autorater. This is applicable to both EvaluateInstances + and EvaluateDataset. properties: - containerPort: - description: >- - The number of the port to expose on the pod's IP address. Must be a - valid port number, between 1 and 65535 inclusive. + samplingCount: type: integer format: int32 - GoogleCloudAiplatformV1Probe: - id: GoogleCloudAiplatformV1Probe - description: >- - Probe describes a health check to be performed against a container to - determine whether it is alive or ready to receive traffic. - type: object + description: >- + Optional. Number of samples for each instance in the dataset. If not + specified, the default is 4. Minimum value is 1, maximum value is + 32. + flipEnabled: + description: >- + Optional. Default is true. Whether to flip the candidate and + baseline responses. This is only applicable to the pairwise metric. + If enabled, also provide + PairwiseMetricSpec.candidate_response_field_name and + PairwiseMetricSpec.baseline_response_field_name. When rendering + PairwiseMetricSpec.metric_prompt_template, the candidate and + baseline fields will be flipped for half of the samples to reduce + bias. + type: boolean + autoraterModel: + type: string + description: >- + Optional. The fully qualified name of the publisher model or tuned + autorater endpoint to use. Publisher model format: + `projects/{project}/locations/{location}/publishers/*/models/*` + Tuned model endpoint format: + `projects/{project}/locations/{location}/endpoints/{endpoint}` + generationConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenerationConfig' + description: Optional. Configuration options for model generation and outputs. + GoogleCloudAiplatformV1GenerateContentRequest: properties: - exec: - description: ExecAction probes the health of a container by executing a command. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ProbeExecAction' - httpGet: + safetySettings: description: >- - HttpGetAction probes the health of a container by sending an HTTP - GET request. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ProbeHttpGetAction' - grpc: + Optional. Per request settings for blocking unsafe content. Enforced + on GenerateContentResponse.candidates. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SafetySetting' + type: array + generationConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenerationConfig' + description: Optional. Generation config. + cachedContent: description: >- - GrpcAction probes the health of a container by sending a gRPC - request. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ProbeGrpcAction' - tcpSocket: + Optional. The name of the cached content used as context to serve + the prediction. Note: only used in explicit caching, where users can + have control over caching (e.g. what content to cache) and enjoy + guaranteed cost savings. Format: + `projects/{project}/locations/{location}/cachedContents/{cachedContent}` + type: string + labels: description: >- - TcpSocketAction probes the health of a container by opening a TCP - socket connection. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ProbeTcpSocketAction' - periodSeconds: + Optional. The labels with user-defined metadata for the request. It + is used for billing and reporting only. Label keys and values can be + no longer than 63 characters (Unicode codepoints) and can only + contain lowercase letters, numeric characters, underscores, and + dashes. International characters are allowed. Label values are + optional. Label keys must start with a letter. + additionalProperties: + type: string + type: object + tools: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tool' description: >- - How often (in seconds) to perform the probe. Default to 10 seconds. - Minimum value is 1. Must be less than timeout_seconds. Maps to - Kubernetes probe argument 'periodSeconds'. - type: integer - format: int32 - timeoutSeconds: + Optional. A list of `Tools` the model may use to generate the next + response. A `Tool` is a piece of code that enables the system to + interact with external systems to perform an action, or set of + actions, outside of knowledge and scope of the model. + toolConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolConfig' description: >- - Number of seconds after which the probe times out. Defaults to 1 - second. Minimum value is 1. Must be greater or equal to - period_seconds. Maps to Kubernetes probe argument 'timeoutSeconds'. - type: integer - format: int32 - failureThreshold: + Optional. Tool config. This config is shared for all tools provided + in the request. + contents: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' description: >- - Number of consecutive failures before the probe is considered - failed. Defaults to 3. Minimum value is 1. Maps to Kubernetes probe - argument 'failureThreshold'. - type: integer - format: int32 - successThreshold: + Required. The content of the current conversation with the model. + For single-turn queries, this is a single instance. For multi-turn + queries, this is a repeated field that contains conversation history + + latest request. + modelArmorConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelArmorConfig' description: >- - Number of consecutive successes before the probe is considered - successful. Defaults to 1. Minimum value is 1. Maps to Kubernetes - probe argument 'successThreshold'. - type: integer - format: int32 - initialDelaySeconds: + Optional. Settings for prompt and response sanitization using the + Model Armor service. If supplied, safety_settings must not be + supplied. + systemInstruction: description: >- - Number of seconds to wait before starting the probe. Defaults to 0. - Minimum value is 0. Maps to Kubernetes probe argument - 'initialDelaySeconds'. - type: integer - format: int32 - GoogleCloudAiplatformV1ProbeExecAction: - id: GoogleCloudAiplatformV1ProbeExecAction - description: ExecAction specifies a command to execute. + Optional. The user provided system instructions for the model. Note: + only text should be used in parts and content in each part will be + in a separate paragraph. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + id: GoogleCloudAiplatformV1GenerateContentRequest + description: Request message for [PredictionService.GenerateContent]. + type: object + GoogleCloudAiplatformV1FeatureViewDirectWriteRequest: type: object + description: Request message for FeatureOnlineStoreService.FeatureViewDirectWrite. + id: GoogleCloudAiplatformV1FeatureViewDirectWriteRequest properties: - command: - description: >- - Command is the command line to execute inside the container, the - working directory for the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is not run inside a - shell, so traditional shell instructions ('|', etc) won't work. To - use a shell, you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero is unhealthy. + dataKeyAndFeatureValues: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureViewDirectWriteRequestDataKeyAndFeatureValues + description: Required. The data keys and associated feature values. + type: array + GoogleCloudAiplatformV1BatchCreateTensorboardTimeSeriesResponse: + id: GoogleCloudAiplatformV1BatchCreateTensorboardTimeSeriesResponse + description: >- + Response message for + TensorboardService.BatchCreateTensorboardTimeSeries. + properties: + tensorboardTimeSeries: type: array + description: The created TensorboardTimeSeries. items: - type: string - GoogleCloudAiplatformV1ProbeHttpGetAction: - id: GoogleCloudAiplatformV1ProbeHttpGetAction - description: HttpGetAction describes an action based on HTTP Get requests. + $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeries' type: object + GoogleCloudAiplatformV1BigQueryDestination: properties: - path: - description: Path to access on the HTTP server. - type: string - port: - description: >- - Number of the port to access on the container. Number must be in the - range 1 to 65535. - type: integer - format: int32 - host: - description: >- - Host name to connect to, defaults to the model serving container's - IP. You probably want to set "Host" in httpHeaders instead. + outputUri: type: string - scheme: description: >- - Scheme to use for connecting to the host. Defaults to HTTP. - Acceptable values are "HTTP" or "HTTPS". - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ProbeHttpHeader' - GoogleCloudAiplatformV1ProbeHttpHeader: - id: GoogleCloudAiplatformV1ProbeHttpHeader - description: HttpHeader describes a custom header to be used in HTTP probes + Required. BigQuery URI to a project or table, up to 2000 characters + long. When only the project is specified, the Dataset and Table is + created. When the full table reference is specified, the Dataset + must exist and table must not exist. Accepted forms: * BigQuery + path. For example: `bq://projectId` or `bq://projectId.bqDatasetId` + or `bq://projectId.bqDatasetId.bqTableId`. + description: The BigQuery location for the output content. + id: GoogleCloudAiplatformV1BigQueryDestination type: object + GoogleCloudAiplatformV1FunctionResponseFileData: + description: URI based data for function response. + id: GoogleCloudAiplatformV1FunctionResponseFileData properties: - name: - description: >- - The header field name. This will be canonicalized upon output, so - case-variant names will be understood as the same header. + mimeType: type: string - value: - description: The header field value + description: Required. The IANA standard MIME type of the source data. + fileUri: type: string - GoogleCloudAiplatformV1ProbeGrpcAction: - id: GoogleCloudAiplatformV1ProbeGrpcAction - description: GrpcAction checks the health of a container using a gRPC service. + description: Required. URI. + displayName: + type: string + description: >- + Optional. Display name of the file data. Used to provide a label or + filename to distinguish file datas. This field is only returned in + PromptMessage for prompt management. It is currently used in the + Gemini GenerateContent calls only when server side tools + (code_execution, google_search, and url_context) are enabled. type: object + GoogleCloudAiplatformV1PipelineTaskExecutorDetail: properties: - port: - description: >- - Port number of the gRPC service. Number must be in the range 1 to - 65535. - type: integer - format: int32 - service: - description: >- - Service is the name of the service to place in the gRPC - HealthCheckRequest. See - https://github.com/grpc/grpc/blob/master/doc/health-checking.md. If - this is not specified, the default behavior is defined by gRPC. + customJobDetail: + description: Output only. The detailed info for a custom job executor. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PipelineTaskExecutorDetailCustomJobDetail + containerDetail: + readOnly: true + description: Output only. The detailed info for a container executor. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PipelineTaskExecutorDetailContainerDetail + id: GoogleCloudAiplatformV1PipelineTaskExecutorDetail + description: The runtime detail of a pipeline executor. + type: object + GoogleCloudAiplatformV1SummarizationQualityResult: + type: object + description: Spec for summarization quality result. + properties: + confidence: + type: number + readOnly: true + format: float + description: Output only. Confidence for summarization quality score. + score: + type: number + readOnly: true + description: Output only. Summarization Quality score. + format: float + explanation: + readOnly: true + description: Output only. Explanation for summarization quality score. type: string - GoogleCloudAiplatformV1ProbeTcpSocketAction: - id: GoogleCloudAiplatformV1ProbeTcpSocketAction + id: GoogleCloudAiplatformV1SummarizationQualityResult + GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences: description: >- - TcpSocketAction probes the health of a container by opening a TCP socket - connection. + The regional resource name or the URI. Key is region, e.g., us-central1, + europe-west2, global, etc.. type: object + id: >- + GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences properties: - port: - description: >- - Number of the port to access on the container. Number must be in the - range 1 to 65535. - type: integer - format: int32 - host: + colabNotebookDisabled: description: >- - Optional: Host name to connect to, defaults to the model serving - container's IP. + Optional. For notebook resource. When set to true, the Colab + Enterprise link will be disabled in the "open notebook" dialog in + UI. + type: boolean + resourceDescription: type: string - GoogleCloudAiplatformV1BatchPredictionJobInputConfig: - id: GoogleCloudAiplatformV1BatchPredictionJobInputConfig - description: >- - Configures the input to BatchPredictionJob. See - Model.supported_input_storage_formats for Model's supported input - formats, and how instances should be expressed via any of them. - type: object - properties: - gcsSource: - description: The Cloud Storage location for the input instances. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' - bigquerySource: - description: >- - The BigQuery location of the input table. The schema of the table - should be in the format described by the given context OpenAPI - Schema, if one is provided. The table may contain additional columns - that are not described by the schema, and they will be ignored. - $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQuerySource' - instancesFormat: - description: >- - Required. The format in which instances are given, must be one of - the Model's supported_input_storage_formats. + description: Optional. Description of the resource. + resourceUseCase: + description: Optional. Use case (CUJ) of the resource. type: string - GoogleCloudAiplatformV1BatchPredictionJobInstanceConfig: - id: GoogleCloudAiplatformV1BatchPredictionJobInstanceConfig - description: >- - Configuration defining how to transform batch prediction input instances - to the instances that the Model accepts. - type: object - properties: - instanceType: + supportsWorkbench: + type: boolean description: >- - The format of the instance that the Model accepts. Vertex AI will - convert compatible batch prediction input instance formats to the - specified format. Supported values are: * `object`: Each input is - converted to JSON object format. * For `bigquery`, each row is - converted to an object. * For `jsonl`, each line of the JSONL input - must be an object. * Does not apply to `csv`, `file-list`, - `tf-record`, or `tf-record-gzip`. * `array`: Each input is converted - to JSON array format. * For `bigquery`, each row is converted to an - array. The order of columns is determined by the BigQuery column - order, unless included_fields is populated. included_fields must be - populated for specifying field orders. * For `jsonl`, if each line - of the JSONL input is an object, included_fields must be populated - for specifying field orders. * Does not apply to `csv`, `file-list`, - `tf-record`, or `tf-record-gzip`. If not specified, Vertex AI - converts the batch prediction input as follows: * For `bigquery` and - `csv`, the behavior is the same as `array`. The order of columns is - the same as defined in the file or table, unless included_fields is - populated. * For `jsonl`, the prediction instance format is - determined by each line of the input. * For - `tf-record`/`tf-record-gzip`, each record will be converted to an - object in the format of `{"b64": }`, where `` is the Base64-encoded - string of the content of the record. * For `file-list`, each file in - the list will be converted to an object in the format of `{"b64": - }`, where `` is the Base64-encoded string of the content of the - file. + Optional. For notebook resource, whether the notebook supports + Workbench. + title: + description: 'Required. ' type: string - keyField: - description: >- - The name of the field that is considered as a key. The values - identified by the key field is not included in the transformed - instances that is sent to the Model. This is similar to specifying - this name of the field in excluded_fields. In addition, the batch - prediction output will not include the instances. Instead the output - will only include the value of the key field, in a field named `key` - in the output: * For `jsonl` output format, the output will have a - `key` field instead of the `instance` field. * For `csv`/`bigquery` - output format, the output will have have a `key` column instead of - the instance feature columns. The input must be JSONL with objects - at each line, CSV, BigQuery or TfRecord. + references: + type: object + description: Required. + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelResourceReference + resourceTitle: + description: Optional. Title of the resource. type: string - includedFields: - description: >- - Fields that will be included in the prediction instance that is sent - to the Model. If instance_type is `array`, the order of field names - in included_fields also determines the order of the values in the - array. When included_fields is populated, excluded_fields must be - empty. The input must be JSONL with objects at each line, BigQuery - or TfRecord. - type: array - items: - type: string - excludedFields: - description: >- - Fields that will be excluded in the prediction instance that is sent - to the Model. Excluded will be attached to the batch prediction - output if key_field is not specified. When excluded_fields is - populated, included_fields must be empty. The input must be JSONL - with objects at each line, BigQuery or TfRecord. - type: array - items: - type: string - GoogleCloudAiplatformV1BatchPredictionJobOutputConfig: - id: GoogleCloudAiplatformV1BatchPredictionJobOutputConfig - description: >- - Configures the output of BatchPredictionJob. See - Model.supported_output_storage_formats for supported output formats, and - how predictions are expressed via any of them. + GoogleCloudAiplatformV1SchemaModelevaluationMetricsTrackMetrics: type: object properties: - gcsDestination: - description: >- - The Cloud Storage location of the directory where the output is to - be written to. In the given directory a new directory is created. - Its name is `prediction--`, where timestamp is in - YYYY-MM-DDThh:mm:ss.sssZ ISO-8601 format. Inside of it files - `predictions_0001.`, `predictions_0002.`, ..., `predictions_N.` are - created where `` depends on chosen predictions_format, and N may - equal 0001 and depends on the total number of successfully predicted - instances. If the Model has both instance and prediction schemata - defined then each such file contains predictions as per the - predictions_format. If prediction for any instance failed (partially - or completely), then an additional `errors_0001.`, - `errors_0002.`,..., `errors_N.` files are created (N depends on - total number of failed predictions). These files contain the failed - instances, as per their schema, followed by an additional `error` - field which as value has google.rpc.Status containing only `code` - and `message` fields. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' - bigqueryDestination: + meanTrackingAveragePrecision: + format: float + type: number + description: The mean average precision over all confidence thresholds. + confidenceMetrics: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsTrackMetricsConfidenceMetrics description: >- - The BigQuery project or dataset location where the output is to be - written to. If project is provided, a new dataset is created with - name `prediction__` where is made BigQuery-dataset-name compatible - (for example, most special characters become underscores), and - timestamp is in YYYY_MM_DDThh_mm_ss_sssZ "based on ISO-8601" format. - In the dataset two tables will be created, `predictions`, and - `errors`. If the Model has both instance and prediction schemata - defined then the tables have columns as follows: The `predictions` - table contains instances for which the prediction succeeded, it has - columns as per a concatenation of the Model's instance and - prediction schemata. The `errors` table contains rows for which the - prediction has failed, it has instance columns, as per the instance - schema, followed by a single "errors" column, which as values has - google.rpc.Status represented as a STRUCT, and containing only - `code` and `message`. - $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQueryDestination' - predictionsFormat: + Metrics for each label-match `confidenceThreshold` from + 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99. Precision-recall curve is + derived from them. + meanMismatchRate: + type: number + format: float + description: The mean mismatch rate over all confidence thresholds. + iouThreshold: + format: float + type: number description: >- - Required. The format in which Vertex AI gives the predictions, must - be one of the Model's supported_output_storage_formats. - type: string - GoogleCloudAiplatformV1BatchDedicatedResources: - id: GoogleCloudAiplatformV1BatchDedicatedResources + The intersection-over-union threshold value between bounding boxes + across frames used to compute this metric entry. + meanBoundingBoxIou: + description: The mean bounding box iou over all confidence thresholds. + type: number + format: float + id: GoogleCloudAiplatformV1SchemaModelevaluationMetricsTrackMetrics description: >- - A description of resources that are used for performing batch - operations, are dedicated to a Model, and need manual configuration. + UNIMPLEMENTED. Track matching model metrics for a single track match + threshold and multiple label match confidence thresholds. + GoogleCloudAiplatformV1ExportModelResponse: + id: GoogleCloudAiplatformV1ExportModelResponse type: object + description: Response message of ModelService.ExportModel operation. + properties: {} + GoogleCloudAiplatformV1ExternalApiElasticSearchParams: properties: - machineSpec: - description: Required. Immutable. The specification of a single machine. - $ref: '#/components/schemas/GoogleCloudAiplatformV1MachineSpec' - startingReplicaCount: + numHits: description: >- - Immutable. The number of machine replicas used at the start of the - batch operation. If not set, Vertex AI decides starting number, not - greater than max_replica_count - type: integer + Optional. Number of hits (chunks) to request. When specified, it is + passed to Elasticsearch as the `num_hits` param. format: int32 - maxReplicaCount: - description: >- - Immutable. The maximum number of machine replicas the batch - operation may be scaled to. The default value is 10. type: integer - format: int32 - GoogleCloudAiplatformV1ManualBatchTuningParameters: - id: GoogleCloudAiplatformV1ManualBatchTuningParameters - description: Manual batch tuning parameters. + searchTemplate: + type: string + description: The ElasticSearch search template to use. + index: + description: The ElasticSearch index to use. + type: string + id: GoogleCloudAiplatformV1ExternalApiElasticSearchParams + description: The search parameters to use for the ELASTIC_SEARCH spec. type: object + GoogleCloudAiplatformV1SearchNearestEntitiesResponse: properties: - batchSize: - description: >- - Immutable. The number of the records (e.g. instances) of the - operation given in each batch to a machine replica. Machine type, - and size of a single record should be considered when setting this - parameter, higher value speeds up the batch operation's execution, - but too high value will result in a whole batch not fitting in a - machine's memory, and the whole operation will fail. The default - value is 64. - type: integer - format: int32 - GoogleCloudAiplatformV1BatchPredictionJobOutputInfo: - id: GoogleCloudAiplatformV1BatchPredictionJobOutputInfo - description: Further describes this job's output. Supplements output_config. + nearestNeighbors: + $ref: '#/components/schemas/GoogleCloudAiplatformV1NearestNeighbors' + description: The nearest neighbors of the query entity. + description: Response message for FeatureOnlineStoreService.SearchNearestEntities type: object + id: GoogleCloudAiplatformV1SearchNearestEntitiesResponse + GoogleCloudAiplatformV1ListStudiesResponse: + description: Response message for VizierService.ListStudies. properties: - gcsOutputDirectory: - description: >- - Output only. The full path of the Cloud Storage directory created, - into which the prediction output is written. - readOnly: true - type: string - bigqueryOutputDataset: - description: >- - Output only. The path of the BigQuery dataset created, in - `bq://projectId.bqDatasetId` format, into which the prediction - output is written. - readOnly: true - type: string - bigqueryOutputTable: + nextPageToken: description: >- - Output only. The name of the BigQuery table created, in - `predictions_` format, into which the prediction output is written. - Can be used by UI to generate the BigQuery output path, for example. - readOnly: true + Passes this token as the `page_token` field of the request for a + subsequent call. If this field is omitted, there are no subsequent + pages. type: string - GoogleCloudAiplatformV1ResourcesConsumed: - id: GoogleCloudAiplatformV1ResourcesConsumed - description: Statistics information about resource consumption. + studies: + description: The studies associated with the project. + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Study' + type: object + id: GoogleCloudAiplatformV1ListStudiesResponse + GoogleCloudAiplatformV1SamplingStrategyRandomSampleConfig: type: object + id: GoogleCloudAiplatformV1SamplingStrategyRandomSampleConfig properties: - replicaHours: - description: >- - Output only. The number of replica hours used. Note that many - replicas may run in parallel, and additionally any given work may be - queued for some time. Therefore this value is not strictly related - to wall time. - readOnly: true + sampleRate: + description: Sample rate (0, 1] type: number format: double - GoogleCloudAiplatformV1CompletionStats: - id: GoogleCloudAiplatformV1CompletionStats - description: >- - Success and error statistics of processing multiple entities (for - example, DataItems or structured data rows) in batch. + description: Requests are randomly selected. + GoogleCloudAiplatformV1EvaluationRunDataSource: type: object + id: GoogleCloudAiplatformV1EvaluationRunDataSource + description: The data source for the evaluation run. properties: - successfulCount: + bigqueryRequestSet: + $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQueryRequestSet' + description: Evaluation data in bigquery. + evaluationSet: description: >- - Output only. The number of entities that had been processed - successfully. - readOnly: true + The EvaluationSet resource name. Format: + `projects/{project}/locations/{location}/evaluationSets/{evaluation_set}` type: string - format: int64 - failedCount: - description: >- - Output only. The number of entities for which any error was - encountered. - readOnly: true + GoogleCloudAiplatformV1ModelSourceInfo: + properties: + sourceType: type: string - format: int64 - incompleteCount: + description: Type of the model source. + enumDescriptions: + - Should not be used. + - The Model is uploaded by automl training pipeline. + - The Model is uploaded by user or custom training pipeline. + - The Model is registered and sync'ed from BigQuery ML. + - The Model is saved or tuned from Model Garden. + - The Model is saved or tuned from Genie. + - The Model is uploaded by text embedding finetuning pipeline. + - The Model is saved or tuned from Marketplace. + enum: + - MODEL_SOURCE_TYPE_UNSPECIFIED + - AUTOML + - CUSTOM + - BQML + - MODEL_GARDEN + - GENIE + - CUSTOM_TEXT_EMBEDDING + - MARKETPLACE + copy: description: >- - Output only. In cases when enough errors are encountered a job, - pipeline, or operation may be failed as a whole. Below is the number - of entities for which the processing had not been finished (either - in successful or failed state). Set to -1 if the number is unknown - (for example, the operation failed before the total entity number - could be collected). - readOnly: true + If this Model is copy of another Model. If true then source_type + pertains to the original. + type: boolean + id: GoogleCloudAiplatformV1ModelSourceInfo + type: object + description: Detail description of the source information of the model. + GoogleCloudAiplatformV1PublisherModelCallToActionDeployDeployMetadata: + description: >- + Metadata information about the deployment for managing deployment + config. + properties: + sampleRequest: + description: Optional. Sample request for deployed endpoint. type: string - format: int64 - successfulForecastPointCount: + labels: + additionalProperties: + type: string + type: object description: >- - Output only. The number of the successful forecast points that are - generated by the forecasting model. This is ONLY used by the - forecasting batch prediction. - readOnly: true - type: string - format: int64 - GoogleCloudAiplatformV1ListBatchPredictionJobsResponse: - id: GoogleCloudAiplatformV1ListBatchPredictionJobsResponse - description: Response message for JobService.ListBatchPredictionJobs + Optional. Labels for the deployment config. For managing deployment + config like verifying, source of deployment config, etc. + type: object + id: GoogleCloudAiplatformV1PublisherModelCallToActionDeployDeployMetadata + GoogleCloudAiplatformV1IndexPrivateEndpoints: type: object + description: >- + IndexPrivateEndpoints proto is used to provide paths for users to send + requests via private endpoints (e.g. private service access, private + service connect). To send request via private service access, use + match_grpc_address. To send request via private service connect, use + service_attachment. properties: - batchPredictionJobs: - description: List of BatchPredictionJobs in the requested page. + pscAutomatedEndpoints: type: array + readOnly: true + description: >- + Output only. PscAutomatedEndpoints is populated if private service + connect is enabled if PscAutomatedConfig is set. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1BatchPredictionJob' - nextPageToken: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PscAutomatedEndpoints' + matchGrpcAddress: + description: Output only. The ip address used to send match gRPC requests. + type: string + readOnly: true + serviceAttachment: + readOnly: true description: >- - A token to retrieve the next page of results. Pass to - ListBatchPredictionJobsRequest.page_token to obtain that page. + Output only. The name of the service attachment resource. Populated + if private service connect is enabled. type: string - GoogleCloudAiplatformV1CancelBatchPredictionJobRequest: - id: GoogleCloudAiplatformV1CancelBatchPredictionJobRequest - description: Request message for JobService.CancelBatchPredictionJob. + id: GoogleCloudAiplatformV1IndexPrivateEndpoints + GoogleCloudAiplatformV1MutateDeployedModelRequest: + description: Request message for EndpointService.MutateDeployedModel. + properties: + updateMask: + type: string + format: google-fieldmask + description: >- + Required. The update mask applies to the resource. See + google.protobuf.FieldMask. + deployedModel: + description: >- + Required. The DeployedModel to be mutated within the Endpoint. Only + the following fields can be mutated: * `min_replica_count` in either + DedicatedResources or AutomaticResources * `max_replica_count` in + either DedicatedResources or AutomaticResources * + `required_replica_count` in DedicatedResources * + autoscaling_metric_specs * `disable_container_logging` (v1 only) * + `enable_container_logging` (v1beta1 only) * `scale_to_zero_spec` in + DedicatedResources (v1beta1 only) * `initial_replica_count` in + DedicatedResources (v1beta1 only) + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModel' + id: GoogleCloudAiplatformV1MutateDeployedModelRequest type: object - properties: {} - GoogleCloudAiplatformV1ModelDeploymentMonitoringJob: - id: GoogleCloudAiplatformV1ModelDeploymentMonitoringJob - description: >- - Represents a job that runs periodically to monitor the deployed models - in an endpoint. It will analyze the logged training & prediction data to - detect any abnormal behaviors. + GoogleCloudAiplatformV1FulfillmentSpec: + description: Spec for fulfillment metric. + properties: + version: + format: int32 + description: Optional. Which version to use for evaluation. + type: integer + id: GoogleCloudAiplatformV1FulfillmentSpec + type: object + GoogleCloudAiplatformV1CachedContentUsageMetadata: + id: GoogleCloudAiplatformV1CachedContentUsageMetadata + description: Metadata on the usage of the cached content. type: object properties: - name: - description: Output only. Resource name of a ModelDeploymentMonitoringJob. - readOnly: true + totalTokenCount: + format: int32 + type: integer + description: Total number of tokens that the cached content consumes. + textCount: + format: int32 + description: Number of text characters. + type: integer + imageCount: + description: Number of images. + format: int32 + type: integer + audioDurationSeconds: + type: integer + format: int32 + description: Duration of audio in seconds. + videoDurationSeconds: + type: integer + format: int32 + description: Duration of video in seconds. + GoogleCloudAiplatformV1EvaluationRunMetricPredefinedMetricSpec: + description: Specification for a pre-defined metric. + id: GoogleCloudAiplatformV1EvaluationRunMetricPredefinedMetricSpec + properties: + metricSpecName: type: string - displayName: description: >- - Required. The user-defined name of the ModelDeploymentMonitoringJob. - The name can be up to 128 characters long and can consist of any - UTF-8 characters. Display name of a ModelDeploymentMonitoringJob. - type: string - endpoint: + Required. The name of a pre-defined metric, such as + "instruction_following_v1" or "text_quality_v1". + parameters: + description: Optional. The parameters needed to run the pre-defined metric. + type: object + additionalProperties: + type: any + description: Properties of the object. + type: object + GoogleLongrunningOperation: + description: >- + This resource represents a long-running operation that is the result of + a network API call. + id: GoogleLongrunningOperation + type: object + properties: + error: + $ref: '#/components/schemas/GoogleRpcStatus' description: >- - Required. Endpoint resource name. Format: - `projects/{project}/locations/{location}/endpoints/{endpoint}` + The error result of the operation in case of failure or + cancellation. + metadata: + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + name: type: string - state: description: >- - Output only. The detailed state of the monitoring job. When the job - is still creating, the state will be 'PENDING'. Once the job is - successfully created, the state will be 'RUNNING'. Pause the job, - the state will be 'PAUSED'. Resume the job, the state will return to - 'RUNNING'. - readOnly: true - type: string - enumDescriptions: - - The job state is unspecified. - - >- - The job has been just created or resumed and processing has not - yet begun. - - The service is preparing to run the job. - - The job is in progress. - - The job completed successfully. - - The job failed. - - >- - The job is being cancelled. From this state the job may only go to - either `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED` or - `JOB_STATE_CANCELLED`. - - The job has been cancelled. - - The job has been stopped, and can be resumed. - - The job has expired. - - >- - The job is being updated. Only jobs in the `RUNNING` state can be - updated. After updating, the job goes back to the `RUNNING` state. - - >- - The job is partially succeeded, some results may be missing due to - errors. - enum: - - JOB_STATE_UNSPECIFIED - - JOB_STATE_QUEUED - - JOB_STATE_PENDING - - JOB_STATE_RUNNING - - JOB_STATE_SUCCEEDED - - JOB_STATE_FAILED - - JOB_STATE_CANCELLING - - JOB_STATE_CANCELLED - - JOB_STATE_PAUSED - - JOB_STATE_EXPIRED - - JOB_STATE_UPDATING - - JOB_STATE_PARTIALLY_SUCCEEDED - scheduleState: + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + done: + type: boolean description: >- - Output only. Schedule state when the monitoring job is in Running - state. - readOnly: true - type: string - enumDescriptions: - - Unspecified state. - - The pipeline is picked up and wait to run. - - The pipeline is offline and will be scheduled for next run. - - The pipeline is running. - enum: - - MONITORING_SCHEDULE_STATE_UNSPECIFIED - - PENDING - - OFFLINE - - RUNNING - latestMonitoringPipelineMetadata: - description: Output only. Latest triggered monitoring pipeline metadata. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringJobLatestMonitoringPipelineMetadata - modelDeploymentMonitoringObjectiveConfigs: + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + response: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any description: >- - Required. The config for monitoring objectives. This is a per - DeployedModel config. Each DeployedModel needs to be configured - separately. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringObjectiveConfig - modelDeploymentMonitoringScheduleConfig: - description: Required. Schedule config for running the monitoring job. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringScheduleConfig - loggingSamplingStrategy: - description: Required. Sample Strategy for logging. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SamplingStrategy' - modelMonitoringAlertConfig: - description: Alert config for model monitoring. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringAlertConfig - predictInstanceSchemaUri: + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + GoogleCloudAiplatformV1PauseModelDeploymentMonitoringJobRequest: + description: Request message for JobService.PauseModelDeploymentMonitoringJob. + id: GoogleCloudAiplatformV1PauseModelDeploymentMonitoringJobRequest + type: object + properties: {} + GoogleTypeExpr: + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + type: object + properties: + expression: description: >- - YAML schema file uri describing the format of a single instance, - which are given to format this Endpoint's prediction (and - explanation). If not set, we will generate predict schema from - collected predict requests. + Textual representation of an expression in Common Expression + Language syntax. + type: string + title: type: string - samplePredictInstance: description: >- - Sample Predict instance, same format as PredictRequest.instances, - this can be set as a replacement of - ModelDeploymentMonitoringJob.predict_instance_schema_uri. If not - set, we will generate predict schema from collected predict - requests. - type: any - analysisInstanceSchemaUri: + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + location: description: >- - YAML schema file uri describing the format of a single instance that - you want Tensorflow Data Validation (TFDV) to analyze. If this field - is empty, all the feature data types are inferred from - predict_instance_schema_uri, meaning that TFDV will use the data in - the exact format(data type) as prediction request/response. If there - are any data type differences between predict instance and TFDV - instance, this field can be used to override the schema. For models - trained with Vertex AI, this field must be set as all the fields in - predict instance formatted as string. + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: string + description: type: string - bigqueryTables: description: >- - Output only. The created bigquery tables for the job under customer - project. Customer could do their own query & analysis. There could - be 4 log tables in maximum: 1. Training data logging predict - request/response 2. Serving data logging predict request/response - readOnly: true + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + id: GoogleTypeExpr + GoogleCloudAiplatformV1TrajectoryInOrderMatchResults: + properties: + trajectoryInOrderMatchMetricValues: type: array + description: Output only. TrajectoryInOrderMatch metric values. items: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringBigQueryTable - logTtl: + #/components/schemas/GoogleCloudAiplatformV1TrajectoryInOrderMatchMetricValue + readOnly: true + description: Results for TrajectoryInOrderMatch metric. + id: GoogleCloudAiplatformV1TrajectoryInOrderMatchResults + type: object + GoogleCloudAiplatformV1InputDataConfig: + id: GoogleCloudAiplatformV1InputDataConfig + properties: + persistMlUseAssignment: + type: boolean + description: Whether to persist the ML use assignment to data item system labels. + gcsDestination: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' description: >- - The TTL of BigQuery tables in user projects which stores logs. A day - is the basic unit of the TTL and we take the ceil of TTL/86400(a - day). e.g. { second: 3600} indicates ttl = 1 day. + The Cloud Storage location where the training data is to be written + to. In the given directory a new directory is created with name: + `dataset---` where timestamp is in YYYY-MM-DDThh:mm:ss.sssZ ISO-8601 + format. All training input data is written into that directory. The + Vertex AI environment variables representing Cloud Storage data URIs + are represented in the Cloud Storage wildcard format to support + sharded data. e.g.: "gs://.../training-*.jsonl" * AIP_DATA_FORMAT = + "jsonl" for non-tabular data, "csv" for tabular data * + AIP_TRAINING_DATA_URI = + "gcs_destination/dataset---/training-*.${AIP_DATA_FORMAT}" * + AIP_VALIDATION_DATA_URI = + "gcs_destination/dataset---/validation-*.${AIP_DATA_FORMAT}" * + AIP_TEST_DATA_URI = + "gcs_destination/dataset---/test-*.${AIP_DATA_FORMAT}" + fractionSplit: + description: Split based on fractions defining the size of each set. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FractionSplit' + bigqueryDestination: + description: >- + Only applicable to custom training with tabular Dataset with + BigQuery source. The BigQuery project location where the training + data is to be written to. In the given project a new dataset is + created with name `dataset___` where timestamp is in + YYYY_MM_DDThh_mm_ss_sssZ format. All training input data is written + into that dataset. In the dataset three tables are created, + `training`, `validation` and `test`. * AIP_DATA_FORMAT = "bigquery". + * AIP_TRAINING_DATA_URI = "bigquery_destination.dataset___.training" + * AIP_VALIDATION_DATA_URI = + "bigquery_destination.dataset___.validation" * AIP_TEST_DATA_URI = + "bigquery_destination.dataset___.test" + $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQueryDestination' + annotationSchemaUri: type: string - format: google-duration - labels: description: >- - The labels with user-defined metadata to organize your - ModelDeploymentMonitoringJob. Label keys and values can be no longer - than 64 characters (Unicode codepoints), can only contain lowercase - letters, numeric characters, underscores and dashes. International - characters are allowed. See https://goo.gl/xmQnxf for more - information and examples of labels. - type: object - additionalProperties: - type: string - createTime: + Applicable only to custom training with Datasets that have DataItems + and Annotations. Cloud Storage URI that points to a YAML file + describing the annotation schema. The schema is defined as an + OpenAPI 3.0.2 [Schema + Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). + The schema files that can be used here are found in + gs://google-cloud-aiplatform/schema/dataset/annotation/ , note that + the chosen schema must be consistent with metadata of the Dataset + specified by dataset_id. Only Annotations that both match this + schema and belong to DataItems not ignored by the split method are + used in respectively training, validation or test role, depending on + the role of the DataItem they are on. When used in conjunction with + annotations_filter, the Annotations used for training are filtered + by both annotations_filter and annotation_schema_uri. + predefinedSplit: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PredefinedSplit' description: >- - Output only. Timestamp when this ModelDeploymentMonitoringJob was - created. - readOnly: true - type: string - format: google-datetime - updateTime: + Supported only for tabular Datasets. Split based on a predefined + key. + savedQueryId: description: >- - Output only. Timestamp when this ModelDeploymentMonitoringJob was - updated most recently. - readOnly: true + Only applicable to Datasets that have SavedQueries. The ID of a + SavedQuery (annotation set) under the Dataset specified by + dataset_id used for filtering Annotations for training. Only + Annotations that are associated with this SavedQuery are used in + respectively training. When used in conjunction with + annotations_filter, the Annotations used for training are filtered + by both saved_query_id and annotations_filter. Only one of + saved_query_id and annotation_schema_uri should be specified as both + of them represent the same thing: problem type. type: string - format: google-datetime - nextScheduleTime: - description: >- - Output only. Timestamp when this monitoring pipeline will be - scheduled to run for the next round. - readOnly: true + annotationsFilter: type: string - format: google-datetime - statsAnomaliesBaseDirectory: - description: Stats anomalies base folder path. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' - encryptionSpec: description: >- - Customer-managed encryption key spec for a - ModelDeploymentMonitoringJob. If set, this - ModelDeploymentMonitoringJob and all sub-resources of this - ModelDeploymentMonitoringJob will be secured by this key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - enableMonitoringPipelineLogs: + Applicable only to Datasets that have DataItems and Annotations. A + filter on Annotations of the Dataset. Only Annotations that both + match this filter and belong to DataItems not ignored by the split + method are used in respectively training, validation or test role, + depending on the role of the DataItem they are on (for the + auto-assigned that role is decided by Vertex AI). A filter with same + syntax as the one used in ListAnnotations may be used, but note here + it filters across all Annotations of the Dataset, and not just + within a single DataItem. + timestampSplit: description: >- - If true, the scheduled monitoring pipeline logs are sent to Google - Cloud Logging, including pipeline status and anomalies detected. - Please note the logs incur cost, which are subject to [Cloud Logging - pricing](https://cloud.google.com/logging#pricing). - type: boolean - error: + Supported only for tabular Datasets. Split based on the timestamp of + the input data pieces. + $ref: '#/components/schemas/GoogleCloudAiplatformV1TimestampSplit' + stratifiedSplit: + $ref: '#/components/schemas/GoogleCloudAiplatformV1StratifiedSplit' description: >- - Output only. Only populated when the job's state is - `JOB_STATE_FAILED` or `JOB_STATE_CANCELLED`. - readOnly: true - $ref: '#/components/schemas/GoogleRpcStatus' - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - GoogleCloudAiplatformV1ModelDeploymentMonitoringJobLatestMonitoringPipelineMetadata: - id: >- - GoogleCloudAiplatformV1ModelDeploymentMonitoringJobLatestMonitoringPipelineMetadata - description: All metadata of most recent monitoring pipelines. - type: object - properties: - runTime: + Supported only for tabular Datasets. Split based on the distribution + of the specified column. + filterSplit: + description: Split based on the provided filters for each set. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FilterSplit' + datasetId: description: >- - The time that most recent monitoring pipelines that is related to - this run. + Required. The ID of the Dataset in the same Project and Location + which data will be used to train the Model. The Dataset must use + schema compatible with Model being trained, and what is compatible + should be described in the used TrainingPipeline's + training_task_definition. For tabular Datasets, all their data is + exported to training, to pick and choose from. type: string - format: google-datetime - status: - description: The status of the most recent monitoring pipeline. - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudAiplatformV1ModelDeploymentMonitoringObjectiveConfig: - id: GoogleCloudAiplatformV1ModelDeploymentMonitoringObjectiveConfig + type: object description: >- - ModelDeploymentMonitoringObjectiveConfig contains the pair of - deployed_model_id to ModelMonitoringObjectiveConfig. + Specifies Vertex AI owned input data to be used for training, and + possibly evaluating, the Model. + GoogleCloudAiplatformV1ApiAuth: + description: >- + The generic reusable api auth config. Deprecated. Please use AuthConfig + (google/cloud/aiplatform/master/auth.proto) instead. + id: GoogleCloudAiplatformV1ApiAuth + properties: + apiKeyConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ApiAuthApiKeyConfig' + description: The API secret. + type: object + GoogleCloudAiplatformV1RagEngineConfig: type: object properties: - deployedModelId: - description: The DeployedModel ID of the objective config. + name: + description: >- + Identifier. The name of the RagEngineConfig. Format: + `projects/{project}/locations/{location}/ragEngineConfig` type: string - objectiveConfig: + ragManagedDbConfig: + description: The config of the RagManagedDb used by RagEngine. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagManagedDbConfig' + id: GoogleCloudAiplatformV1RagEngineConfig + description: Config for RagEngine. + GoogleCloudAiplatformV1PurgeContextsMetadata: + type: object + properties: + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Operation metadata for purging Contexts. + description: Details of operations that perform MetadataService.PurgeContexts. + id: GoogleCloudAiplatformV1PurgeContextsMetadata + GoogleCloudAiplatformV1RetrieveContextsRequestVertexRagStore: + id: GoogleCloudAiplatformV1RetrieveContextsRequestVertexRagStore + description: The data source for Vertex RagStore. + type: object + properties: + ragResources: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RetrieveContextsRequestVertexRagStoreRagResource + type: array description: >- - The objective config of for the modelmonitoring job of this deployed - model. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringObjectiveConfig - GoogleCloudAiplatformV1ModelMonitoringObjectiveConfig: - id: GoogleCloudAiplatformV1ModelMonitoringObjectiveConfig - description: >- - The objective configuration for model monitoring, including the - information needed to detect anomalies for one particular model. + Optional. The representation of the rag source. It can be used to + specify corpus only or ragfiles. Currently only support one corpus + or multiple files from one corpus. In the future we may open up + multiple corpora support. + vectorDistanceThreshold: + format: double + type: number + deprecated: true + description: >- + Optional. Only return contexts with vector distance smaller than the + threshold. + GoogleCloudAiplatformV1ExportFeatureValuesRequest: + description: Request message for FeaturestoreService.ExportFeatureValues. type: object + id: GoogleCloudAiplatformV1ExportFeatureValuesRequest properties: - trainingDataset: + featureSelector: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureSelector' + description: Required. Selects Features to export values of. + destination: + description: Required. Specifies destination location and format. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValueDestination' + snapshotExport: description: >- - Training dataset for models. This field has to be set only if - TrainingPredictionSkewDetectionConfig is specified. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingDataset - trainingPredictionSkewDetectionConfig: - description: The config for skew between training data and prediction data. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingPredictionSkewDetectionConfig - predictionDriftDetectionConfig: - description: The config for drift of prediction data. + Exports the latest Feature values of all entities of the EntityType + within a time range. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigPredictionDriftDetectionConfig - explanationConfig: - description: The config for integrating with Vertex Explainable AI. + #/components/schemas/GoogleCloudAiplatformV1ExportFeatureValuesRequestSnapshotExport + settings: + type: array + description: Per-Feature export settings. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1DestinationFeatureSetting + fullExport: + description: >- + Exports all historical values of all entities of the EntityType + within a time range $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfig - GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingDataset: - id: GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingDataset - description: Training Dataset information. - type: object + #/components/schemas/GoogleCloudAiplatformV1ExportFeatureValuesRequestFullExport + GoogleCloudAiplatformV1StreamingReadFeatureValuesRequest: + description: >- + Request message for + FeaturestoreOnlineServingService.StreamingReadFeatureValues. + id: GoogleCloudAiplatformV1StreamingReadFeatureValuesRequest properties: - dataset: - description: The resource name of the Dataset used to train this Model. - type: string - gcsSource: + entityIds: + type: array description: >- - The Google Cloud Storage uri of the unmanaged Dataset used to train - this Model. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' - bigquerySource: + Required. IDs of entities to read Feature values of. The maximum + number of IDs is 100. For example, for a machine learning model + predicting user clicks on a website, an entity ID could be + `user_123`. + items: + type: string + featureSelector: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureSelector' description: >- - The BigQuery table of the unmanaged Dataset used to train this - Model. - $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQuerySource' - dataFormat: + Required. Selector choosing Features of the target EntityType. + Feature IDs will be deduplicated. + type: object + GoogleCloudAiplatformV1ModelDeploymentMonitoringScheduleConfig: + id: GoogleCloudAiplatformV1ModelDeploymentMonitoringScheduleConfig + description: The config for scheduling monitoring job. + type: object + properties: + monitorInterval: + format: google-duration description: >- - Data format of the dataset, only applicable if the input is from - Google Cloud Storage. The possible formats are: "tf-record" The - source file is a TFRecord file. "csv" The source file is a CSV file. - "jsonl" The source file is a JSONL file. + Required. The model monitoring job scheduling interval. It will be + rounded up to next full hour. This defines how often the monitoring + jobs are triggered. type: string - targetField: - description: >- - The target field name the model is to predict. This field will be - excluded when doing Predict and (or) Explain for the training data. + monitorWindow: type: string - loggingSamplingStrategy: + format: google-duration description: >- - Strategy to sample data from Training Dataset. If not set, we - process the whole dataset. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SamplingStrategy' - GoogleCloudAiplatformV1SamplingStrategy: - id: GoogleCloudAiplatformV1SamplingStrategy - description: >- - Sampling Strategy for logging, can be for both training and prediction - dataset. + The time window of the prediction data being included in each + prediction dataset. This window specifies how long the data should + be collected from historical model results for each run. If not set, + ModelDeploymentMonitoringScheduleConfig.monitor_interval will be + used. e.g. If currently the cutoff time is 2022-01-08 14:30:00 and + the monitor_window is set to be 3600, then data from 2022-01-08 + 13:30:00 to 2022-01-08 14:30:00 will be retrieved and aggregated to + calculate the monitoring statistics. + GoogleCloudAiplatformV1PartMediaResolution: + id: GoogleCloudAiplatformV1PartMediaResolution type: object + description: per part media resolution. Media resolution for the input media. properties: - randomSampleConfig: - description: Random sample config. Will support more sampling strategies later. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SamplingStrategyRandomSampleConfig - GoogleCloudAiplatformV1SamplingStrategyRandomSampleConfig: - id: GoogleCloudAiplatformV1SamplingStrategyRandomSampleConfig - description: Requests are randomly selected. + level: + enum: + - MEDIA_RESOLUTION_UNSPECIFIED + - MEDIA_RESOLUTION_LOW + - MEDIA_RESOLUTION_MEDIUM + - MEDIA_RESOLUTION_HIGH + description: The tokenization quality used for given media. + enumDescriptions: + - Media resolution has not been set. + - Media resolution set to low. + - Media resolution set to medium. + - Media resolution set to high. + type: string + GoogleCloudAiplatformV1MemoryTopicId: type: object - properties: - sampleRate: - description: Sample rate (0, 1] - type: number - format: double - GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingPredictionSkewDetectionConfig: - id: >- - GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingPredictionSkewDetectionConfig description: >- - The config for Training & Prediction data skew detection. It specifies - the training dataset sources and the skew detection parameters. + A memory topic identifier. This will be used to label a Memory and to + restrict which topics are eligible for generation or retrieval. + properties: + managedMemoryTopic: + enum: + - MANAGED_TOPIC_ENUM_UNSPECIFIED + - USER_PERSONAL_INFO + - USER_PREFERENCES + - KEY_CONVERSATION_DETAILS + - EXPLICIT_INSTRUCTIONS + type: string + description: Optional. The managed memory topic. + enumDescriptions: + - Unspecified topic. This value should not be used. + - >- + Significant personal information about the User like first names, + relationships, hobbies, important dates. + - Stated or implied likes, dislikes, preferred styles, or patterns. + - Important milestones or conclusions within the dialogue. + - >- + Information that the user explicitly requested to remember or + forget. + customMemoryTopicLabel: + description: Optional. The custom memory topic label. + type: string + id: GoogleCloudAiplatformV1MemoryTopicId + GoogleCloudAiplatformV1PairwiseMetricResult: + description: Spec for pairwise metric result. + id: GoogleCloudAiplatformV1PairwiseMetricResult type: object properties: - skewThresholds: + explanation: + readOnly: true + type: string + description: Output only. Explanation for pairwise metric score. + pairwiseChoice: + type: string + enum: + - PAIRWISE_CHOICE_UNSPECIFIED + - BASELINE + - CANDIDATE + - TIE + readOnly: true + description: Output only. Pairwise metric choice. + enumDescriptions: + - Unspecified prediction choice. + - Baseline prediction wins + - Candidate prediction wins + - Winner cannot be determined + customOutput: + readOnly: true + description: Output only. Spec for custom output. + $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomOutput' + GoogleCloudAiplatformV1SchemaPromptSpecTranslationOption: + type: object + description: Optional settings for translation prompt. + properties: + numberOfShots: + description: How many shots to use. + type: integer + format: int32 + id: GoogleCloudAiplatformV1SchemaPromptSpecTranslationOption + GoogleCloudAiplatformV1QueryReasoningEngineRequest: + properties: + classMethod: description: >- - Key is the feature name and value is the threshold. If a feature - needs to be monitored for skew, a value threshold must be configured - for that feature. The threshold here is against feature distribution - distance between the training and prediction feature. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ThresholdConfig' - attributionScoreSkewThresholds: + Optional. Class method to be used for the query. It is optional and + defaults to "query" if unspecified. + type: string + input: description: >- - Key is the feature name and value is the threshold. The threshold - here is against attribution score distance between the training and - prediction feature. + Optional. Input content provided by users in JSON object format. + Examples include text query, function calling parameters, media + bytes, etc. type: object additionalProperties: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ThresholdConfig' - defaultSkewThreshold: - description: >- - Skew anomaly detection threshold used by all features. When the - per-feature thresholds are not set, this field can be used to - specify a threshold for all features. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ThresholdConfig' - GoogleCloudAiplatformV1ThresholdConfig: - id: GoogleCloudAiplatformV1ThresholdConfig - description: The config for feature monitoring threshold. + type: any + description: Properties of the object. type: object + id: GoogleCloudAiplatformV1QueryReasoningEngineRequest + description: Request message for ReasoningEngineExecutionService.Query. + GoogleCloudAiplatformV1ListTuningJobsResponse: + description: Response message for GenAiTuningService.ListTuningJobs + id: GoogleCloudAiplatformV1ListTuningJobsResponse properties: - value: + nextPageToken: + type: string description: >- - Specify a threshold value that can trigger the alert. If this - threshold config is for feature distribution distance: 1. For - categorical feature, the distribution distance is calculated by - L-inifinity norm. 2. For numerical feature, the distribution - distance is calculated by Jensen–Shannon divergence. Each feature - must have a non-zero threshold if they need to be monitored. - Otherwise no alert will be triggered for that feature. - type: number - format: double - GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigPredictionDriftDetectionConfig: - id: >- - GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigPredictionDriftDetectionConfig - description: The config for Prediction data drift detection. + A token to retrieve the next page of results. Pass to + ListTuningJobsRequest.page_token to obtain that page. + tuningJobs: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TuningJob' + description: List of TuningJobs in the requested page. + type: array + type: object + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTimestampTransformation: type: object properties: - driftThresholds: - description: >- - Key is the feature name and value is the threshold. If a feature - needs to be monitored for drift, a value threshold must be - configured for that feature. The threshold here is against feature - distribution distance between different time windws. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ThresholdConfig' - attributionScoreDriftThresholds: + invalidValuesAllowed: description: >- - Key is the feature name and value is the threshold. The threshold - here is against attribution score distance between different time - windows. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ThresholdConfig' - defaultDriftThreshold: + If invalid values is allowed, the training pipeline will create a + boolean feature that indicated whether the value is valid. + Otherwise, the training pipeline will discard the input row from + trainining data. + type: boolean + columnName: + type: string + timeFormat: + type: string description: >- - Drift anomaly detection threshold used by all features. When the - per-feature thresholds are not set, this field can be used to - specify a threshold for all features. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ThresholdConfig' - GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfig: - id: GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfig + The format in which that time field is expressed. The time_format + must either be one of: * `unix-seconds` * `unix-milliseconds` * + `unix-microseconds` * `unix-nanoseconds` (for respectively number of + seconds, milliseconds, microseconds and nanoseconds since start of + the Unix epoch); or be written in `strftime` syntax. If time_format + is not set, then the default format is RFC 3339 `date-time` format, + where `time-offset` = `"Z"` (e.g. 1985-04-12T23:20:50.52Z) description: >- - The config for integrating with Vertex Explainable AI. Only applicable - if the Model has explanation_spec populated. + Training pipeline will perform following transformation functions. * + Apply the transformation functions for Numerical columns. * Determine + the year, month, day,and weekday. Treat each value from the * timestamp + as a Categorical column. * Invalid numerical values (for example, values + that fall outside of a typical timestamp range, or are extreme values) + receive no special treatment and are not removed. + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTimestampTransformation + GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecIntValueCondition: + id: >- + GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecIntValueCondition + properties: + values: + items: + format: int64 + type: string + description: >- + Required. Matches values of the parent parameter of 'INTEGER' type. + All values must lie in `integer_value_spec` of parent parameter. + type: array type: object + description: Represents the spec to match integer values from parent parameter. + GoogleCloudAiplatformV1ExplanationMetadataInputMetadata: properties: - enableFeatureAttributes: + encodedTensorName: description: >- - If want to analyze the Vertex Explainable AI feature attribute - scores or not. If set to true, Vertex AI will log the feature - attributions from explain response and do the skew/drift detection - for them. - type: boolean - explanationBaseline: + Encoded tensor is a transformation of the input tensor. Must be + provided if choosing Integrated Gradients attribution or XRAI + attribution and the input tensor is not differentiable. An encoded + tensor is generated if the input tensor is encoded by a lookup + table. + type: string + inputTensorName: + type: string description: >- - Predictions generated by the BatchPredictionJob using baseline - dataset. + Name of the input tensor for this feature. Required and is only + applicable to Vertex AI-provided images for Tensorflow. + featureValueDomain: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaseline - GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaseline: - id: >- - GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaseline - description: >- - Output from BatchPredictionJob for Model Monitoring baseline dataset, - which can be used to generate baseline attribution scores. - type: object - properties: - gcs: - description: Cloud Storage location for BatchExplain output. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' - bigquery: - description: BigQuery location for BatchExplain output. - $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQueryDestination' - predictionFormat: - description: The storage format of the predictions generated BatchPrediction job. + #/components/schemas/GoogleCloudAiplatformV1ExplanationMetadataInputMetadataFeatureValueDomain + description: >- + The domain details of the input feature value. Like min/max, + original mean or standard deviation if normalized. + denseShapeTensorName: + description: >- + Specifies the shape of the values of the input if the input is a + sparse representation. Refer to Tensorflow documentation for more + details: + https://www.tensorflow.org/api_docs/python/tf/sparse/SparseTensor. type: string + encoding: enumDescriptions: - - Should not be set. - - Predictions are in JSONL files. - - Predictions are in BigQuery. + - Default value. This is the same as IDENTITY. + - The tensor represents one feature. + - >- + The tensor represents a bag of features where each index maps to a + feature. InputMetadata.index_feature_mapping must be provided for + this encoding. For example: ``` input = [27, 6.0, 150] + index_feature_mapping = ["age", "height", "weight"] ``` + - >- + The tensor represents a bag of features where each index maps to a + feature. Zero values in the tensor indicates feature being + non-existent. InputMetadata.index_feature_mapping must be provided + for this encoding. For example: ``` input = [2, 0, 5, 0, 1] + index_feature_mapping = ["a", "b", "c", "d", "e"] ``` + - >- + The tensor is a list of binaries representing whether a feature + exists or not (1 indicates existence). + InputMetadata.index_feature_mapping must be provided for this + encoding. For example: ``` input = [1, 0, 1, 0, 1] + index_feature_mapping = ["a", "b", "c", "d", "e"] ``` + - >- + The tensor is encoded into a 1-dimensional array represented by an + encoded tensor. InputMetadata.encoded_tensor_name must be provided + for this encoding. For example: ``` input = ["This", "is", "a", + "test", "."] encoded = [0.1, 0.2, 0.3, 0.4, 0.5] ``` + - >- + Select this encoding when the input tensor is encoded into a + 2-dimensional array represented by an encoded tensor. + InputMetadata.encoded_tensor_name must be provided for this + encoding. The first dimension of the encoded tensor's shape is the + same as the input tensor's shape. For example: ``` input = + ["This", "is", "a", "test", "."] encoded = [[0.1, 0.2, 0.3, 0.4, + 0.5], [0.2, 0.1, 0.4, 0.3, 0.5], [0.5, 0.1, 0.3, 0.5, 0.4], [0.5, + 0.3, 0.1, 0.2, 0.4], [0.4, 0.3, 0.2, 0.5, 0.1]] ``` + type: string + description: >- + Defines how the feature is encoded into the input tensor. Defaults + to IDENTITY. enum: - - PREDICTION_FORMAT_UNSPECIFIED - - JSONL - - BIGQUERY - GoogleCloudAiplatformV1ModelDeploymentMonitoringScheduleConfig: - id: GoogleCloudAiplatformV1ModelDeploymentMonitoringScheduleConfig - description: The config for scheduling monitoring job. - type: object - properties: - monitorInterval: + - ENCODING_UNSPECIFIED + - IDENTITY + - BAG_OF_FEATURES + - BAG_OF_FEATURES_SPARSE + - INDICATOR + - COMBINED_EMBEDDING + - CONCAT_EMBEDDING + indicesTensorName: description: >- - Required. The model monitoring job scheduling interval. It will be - rounded up to next full hour. This defines how often the monitoring - jobs are triggered. + Specifies the index of the values of the input tensor. Required when + the input tensor is a sparse representation. Refer to Tensorflow + documentation for more details: + https://www.tensorflow.org/api_docs/python/tf/sparse/SparseTensor. type: string - format: google-duration - monitorWindow: + groupName: description: >- - The time window of the prediction data being included in each - prediction dataset. This window specifies how long the data should - be collected from historical model results for each run. If not set, - ModelDeploymentMonitoringScheduleConfig.monitor_interval will be - used. e.g. If currently the cutoff time is 2022-01-08 14:30:00 and - the monitor_window is set to be 3600, then data from 2022-01-08 - 13:30:00 to 2022-01-08 14:30:00 will be retrieved and aggregated to - calculate the monitoring statistics. + Name of the group that the input belongs to. Features with the same + group name will be treated as one feature when computing + attributions. Features grouped together can have different shapes in + value. If provided, there will be one single attribution generated + in Attribution.feature_attributions, keyed by the group name. type: string - format: google-duration - GoogleCloudAiplatformV1ModelMonitoringAlertConfig: - id: GoogleCloudAiplatformV1ModelMonitoringAlertConfig - description: The alert config for model monitoring. - type: object - properties: - emailAlertConfig: - description: Email alert config. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringAlertConfigEmailAlertConfig - enableLogging: + inputBaselines: + type: array + items: + type: any description: >- - Dump the anomalies to Cloud Logging. The anomalies will be put to - json payload encoded from proto ModelMonitoringStatsAnomalies. This - can be further synced to Pub/Sub or any other services supported by - Cloud Logging. - type: boolean - notificationChannels: + Baseline inputs for this feature. If no baseline is specified, + Vertex AI chooses the baseline for this feature. If multiple + baselines are specified, Vertex AI returns the average attributions + across them in Attribution.feature_attributions. For Vertex + AI-provided Tensorflow images (both 1.x and 2.x), the shape of each + baseline must match the shape of the input tensor. If a scalar is + provided, we broadcast to the same shape as the input tensor. For + custom images, the element of the baselines must be in the same + format as the feature's input in the instance[]. The schema of any + single instance may be specified via Endpoint's DeployedModels' + Model's PredictSchemata's instance_schema_uri. + visualization: + description: Visualization configurations for image explanation. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ExplanationMetadataInputMetadataVisualization + encodedBaselines: description: >- - Resource names of the NotificationChannels to send alert. Must be of - the format `projects//notificationChannels/` + A list of baselines for the encoded tensor. The shape of each + baseline should match the shape of the encoded tensor. If a scalar + is provided, Vertex AI broadcasts to the same shape as the encoded + tensor. type: array items: - type: string - GoogleCloudAiplatformV1ModelMonitoringAlertConfigEmailAlertConfig: - id: GoogleCloudAiplatformV1ModelMonitoringAlertConfigEmailAlertConfig - description: The config for email alert. - type: object - properties: - userEmails: - description: The email addresses to send the alert. + type: any + indexFeatureMapping: type: array + description: >- + A list of feature names for each index in the input tensor. Required + when the input InputMetadata.encoding is BAG_OF_FEATURES, + BAG_OF_FEATURES_SPARSE, INDICATOR. items: type: string - GoogleCloudAiplatformV1ModelDeploymentMonitoringBigQueryTable: - id: GoogleCloudAiplatformV1ModelDeploymentMonitoringBigQueryTable + modality: + type: string + description: >- + Modality of the feature. Valid values are: numeric, image. Defaults + to numeric. + id: GoogleCloudAiplatformV1ExplanationMetadataInputMetadata + type: object description: >- - ModelDeploymentMonitoringBigQueryTable specifies the BigQuery table name - as well as some information of the logs stored in this table. + Metadata of the input of a feature. Fields other than + InputMetadata.input_baselines are applicable only for Models that are + using Vertex AI-provided images for Tensorflow. + GoogleCloudAiplatformV1SchemaPredictPredictionVideoActionRecognitionPredictionResult: + description: Prediction output format for Video Action Recognition. type: object + id: >- + GoogleCloudAiplatformV1SchemaPredictPredictionVideoActionRecognitionPredictionResult properties: - logSource: - description: The source of log. - type: string - enumDescriptions: - - Unspecified source. - - Logs coming from Training dataset. - - Logs coming from Serving traffic. - enum: - - LOG_SOURCE_UNSPECIFIED - - TRAINING - - SERVING - logType: - description: The type of log. + id: + description: The resource ID of the AnnotationSpec that had been identified. type: string - enumDescriptions: - - Unspecified type. - - Predict logs. - - Explain logs. - enum: - - LOG_TYPE_UNSPECIFIED - - PREDICT - - EXPLAIN - bigqueryTablePath: - description: >- - The created BigQuery table to store logs. Customer could do their - own query & analysis. Format: `bq://.model_deployment_monitoring_._` + timeSegmentStart: type: string - requestResponseLoggingSchemaVersion: + format: google-duration description: >- - Output only. The schema version of the request/response logging - BigQuery table. Default to v1 if unset. - readOnly: true + The beginning, inclusive, of the video's time segment in which the + AnnotationSpec has been identified. Expressed as a number of seconds + as measured from the start of the video, with fractions up to a + microsecond precision, and with "s" appended at the end. + timeSegmentEnd: + format: google-duration type: string - GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesRequest: - id: >- - GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesRequest - description: >- - Request message for - JobService.SearchModelDeploymentMonitoringStatsAnomalies. - type: object - properties: - deployedModelId: description: >- - Required. The DeployedModel ID of the - [ModelDeploymentMonitoringObjectiveConfig.deployed_model_id]. - type: string - featureDisplayName: + The end, exclusive, of the video's time segment in which the + AnnotationSpec has been identified. Expressed as a number of seconds + as measured from the start of the video, with fractions up to a + microsecond precision, and with "s" appended at the end. + confidence: description: >- - The feature display name. If specified, only return the stats - belonging to this feature. Format: - ModelMonitoringStatsAnomalies.FeatureHistoricStatsAnomalies.feature_display_name, - example: "user_destination". + The Model's confidence in correction of this prediction, higher + value means higher confidence. + type: number + format: float + displayName: + description: The display name of the AnnotationSpec that had been identified. type: string - objectives: - description: Required. Objectives of the stats to retrieve. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesRequestStatsAnomaliesObjective - pageSize: - description: The standard list page size. - type: integer - format: int32 - pageToken: + GoogleCloudAiplatformV1SchemaTextExtractionAnnotation: + id: GoogleCloudAiplatformV1SchemaTextExtractionAnnotation + properties: + textSegment: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SchemaTextSegment' + description: The segment of the text content. + displayName: description: >- - A page token received from a previous - JobService.SearchModelDeploymentMonitoringStatsAnomalies call. + The display name of the AnnotationSpec that this Annotation pertains + to. type: string - startTime: - description: >- - The earliest timestamp of stats being generated. If not set, - indicates fetching stats till the earliest possible one. + annotationSpecId: type: string - format: google-datetime - endTime: description: >- - The latest timestamp of stats being generated. If not set, indicates - feching stats till the latest possible one. - type: string - format: google-datetime - GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesRequestStatsAnomaliesObjective: + The resource Id of the AnnotationSpec that this Annotation pertains + to. + description: Annotation details specific to text extraction. + type: object + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageObjectDetection: + description: >- + A TrainingJob that trains and uploads an AutoML Image Object Detection + Model. id: >- - GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesRequestStatsAnomaliesObjective - description: Stats requested for specific objective. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageObjectDetection type: object properties: - type: + inputs: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageObjectDetectionInputs + description: The input parameters of this TrainingJob. + metadata: + description: The metadata information + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageObjectDetectionMetadata + GoogleCloudAiplatformV1NasTrial: + properties: + endTime: + description: >- + Output only. Time when the NasTrial's status changed to `SUCCEEDED` + or `INFEASIBLE`. + readOnly: true + format: google-datetime + type: string + startTime: + type: string + readOnly: true + description: Output only. Time when the NasTrial was started. + format: google-datetime + finalMeasurement: + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1Measurement' + description: Output only. The final measurement containing the objective value. + id: + readOnly: true type: string + description: Output only. The identifier of the NasTrial assigned by the service. + state: enumDescriptions: - - Default value, should not be set. - - >- - Raw feature values' stats to detect skew between - Training-Prediction datasets. - - >- - Raw feature values' stats to detect drift between - Serving-Prediction datasets. + - The NasTrial state is unspecified. - >- - Feature attribution scores to detect skew between - Training-Prediction datasets. + Indicates that a specific NasTrial has been requested, but it has + not yet been suggested by the service. + - Indicates that the NasTrial has been suggested. + - Indicates that the NasTrial should stop according to the service. + - Indicates that the NasTrial is completed successfully. - >- - Feature attribution scores to detect skew between Prediction - datasets collected within different time windows. + Indicates that the NasTrial should not be attempted again. The + service will set a NasTrial to INFEASIBLE when it's done but + missing the final_measurement. + type: string + readOnly: true enum: - - MODEL_DEPLOYMENT_MONITORING_OBJECTIVE_TYPE_UNSPECIFIED - - RAW_FEATURE_SKEW - - RAW_FEATURE_DRIFT - - FEATURE_ATTRIBUTION_SKEW - - FEATURE_ATTRIBUTION_DRIFT - topFeatureCount: - description: >- - If set, all attribution scores between - SearchModelDeploymentMonitoringStatsAnomaliesRequest.start_time and - SearchModelDeploymentMonitoringStatsAnomaliesRequest.end_time are - fetched, and page token doesn't take effect in this case. Only used - to retrieve attribution score for the top Features which has the - highest attribution score in the latest monitoring run. - type: integer - format: int32 - GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesResponse: + - STATE_UNSPECIFIED + - REQUESTED + - ACTIVE + - STOPPING + - SUCCEEDED + - INFEASIBLE + description: Output only. The detailed state of the NasTrial. + description: Represents a uCAIP NasJob trial. + type: object + id: GoogleCloudAiplatformV1NasTrial + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationCategoricalTransformation: id: >- - GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesResponse - description: >- - Response message for - JobService.SearchModelDeploymentMonitoringStatsAnomalies. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationCategoricalTransformation type: object properties: - monitoringStats: - description: >- - Stats retrieved for requested objectives. There are at most 1000 - ModelMonitoringStatsAnomalies.FeatureHistoricStatsAnomalies.prediction_stats - in the response. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringStatsAnomalies - nextPageToken: - description: >- - The page token that can be used by the next - JobService.SearchModelDeploymentMonitoringStatsAnomalies call. + columnName: type: string - GoogleCloudAiplatformV1ModelMonitoringStatsAnomalies: - id: GoogleCloudAiplatformV1ModelMonitoringStatsAnomalies - description: Statistics and anomalies generated by Model Monitoring. + description: >- + Training pipeline will perform following transformation functions. * The + categorical string as is--no change to case, punctuation, spelling, + tense, and so on. * Convert the category name to a dictionary lookup + index and generate an embedding for each index. * Categories that appear + less than 5 times in the training dataset are treated as the "unknown" + category. The "unknown" category gets its own special lookup index and + resulting embedding. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputs: + id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputs type: object properties: - objective: - description: Model Monitoring Objective those stats and anomalies belonging to. + targetColumn: + description: >- + The name of the column that the Model is to predict values for. This + column must be unavailable at forecast. type: string - enumDescriptions: - - Default value, should not be set. - - >- - Raw feature values' stats to detect skew between - Training-Prediction datasets. - - >- - Raw feature values' stats to detect drift between - Serving-Prediction datasets. - - >- - Feature attribution scores to detect skew between - Training-Prediction datasets. - - >- - Feature attribution scores to detect skew between Prediction - datasets collected within different time windows. - enum: - - MODEL_DEPLOYMENT_MONITORING_OBJECTIVE_TYPE_UNSPECIFIED - - RAW_FEATURE_SKEW - - RAW_FEATURE_DRIFT - - FEATURE_ATTRIBUTION_SKEW - - FEATURE_ATTRIBUTION_DRIFT - deployedModelId: - description: Deployed Model ID. + dataGranularity: + description: Expected difference in time granularity between rows in the data. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsGranularity + optimizationObjective: + description: >- + Objective function the model is optimizing towards. The training + process creates a model that optimizes the value of the objective + function over the validation set. The supported optimization + objectives: * "minimize-rmse" (default) - Minimize root-mean-squared + error (RMSE). * "minimize-mae" - Minimize mean-absolute error (MAE). + * "minimize-rmsle" - Minimize root-mean-squared log error (RMSLE). * + "minimize-rmspe" - Minimize root-mean-squared percentage error + (RMSPE). * "minimize-wape-mae" - Minimize the combination of + weighted absolute percentage error (WAPE) and mean-absolute-error + (MAE). * "minimize-quantile-loss" - Minimize the quantile loss at + the quantiles defined in `quantiles`. * "minimize-mape" - Minimize + the mean absolute percentage error. type: string - anomalyCount: - description: Number of anomalies within all stats. - type: integer - format: int32 - featureStats: - description: A list of historical Stats and Anomalies generated for all Features. + quantiles: type: array items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringStatsAnomaliesFeatureHistoricStatsAnomalies - GoogleCloudAiplatformV1ModelMonitoringStatsAnomaliesFeatureHistoricStatsAnomalies: - id: >- - GoogleCloudAiplatformV1ModelMonitoringStatsAnomaliesFeatureHistoricStatsAnomalies - description: Historical Stats (and Anomalies) for a specific Feature. - type: object - properties: - featureDisplayName: - description: Display Name of the Feature. + type: number + format: double + description: >- + Quantiles to use for minimize-quantile-loss + `optimization_objective`. Up to 5 quantiles are allowed of values + between 0 and 1, exclusive. Required if the value of + optimization_objective is minimize-quantile-loss. Represents the + percent quantiles to use for that objective. Quantiles must be + unique. + trainBudgetMilliNodeHours: + format: int64 + description: >- + Required. The train budget of creating this model, expressed in + milli node hours i.e. 1,000 value in this field means 1 node hour. + The training cost of the model will not exceed this budget. The + final cost will be attempted to be close to the budget, though may + end up being (even) noticeably smaller - at the backend's + discretion. This especially may happen when further model training + ceases to provide any improvements. If the budget is set to a value + known to be insufficient to train a model for the given dataset, the + training won't be attempted and will error. The train budget must be + between 1,000 and 72,000 milli node hours, inclusive. type: string - threshold: - description: Threshold for anomaly detection. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ThresholdConfig' - trainingStats: - description: Stats calculated for the Training Dataset. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureStatsAnomaly' - predictionStats: + validationOptions: description: >- - A list of historical stats generated by different time window's - Prediction Dataset. + Validation options for the data validation component. The available + options are: * "fail-pipeline" - default, will validate against the + validation and fail the pipeline if it fails. * "ignore-validation" + - ignore the results of the validation and continue + type: string + forecastHorizon: + type: string + description: >- + The amount of time into the future for which forecasted values for + the target are returned. Expressed in number of units defined by the + `data_granularity` field. + format: int64 + additionalExperiments: + description: Additional experiment flags for the time series forcasting training. + items: + type: string type: array + unavailableAtForecastColumns: items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureStatsAnomaly' - GoogleCloudAiplatformV1ListModelDeploymentMonitoringJobsResponse: - id: GoogleCloudAiplatformV1ListModelDeploymentMonitoringJobsResponse - description: Response message for JobService.ListModelDeploymentMonitoringJobs. - type: object - properties: - modelDeploymentMonitoringJobs: + type: string + type: array description: >- - A list of ModelDeploymentMonitoringJobs that matches the specified - filter in the request. + Names of columns that are unavailable when a forecast is requested. + This column contains information for the given entity (identified by + the time_series_identifier_column) that is unknown before the + forecast For example, actual weather on a given day. + exportEvaluatedDataItemsConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionExportEvaluatedDataItemsConfig + description: >- + Configuration for exporting test set predictions to a BigQuery + table. If this configuration is absent, then the export is not + performed. + transformations: type: array + description: >- + Each transformation will apply transform function to given input + column. And the result will be used for training. When creating + transformation for BigQuery Struct column, the column should be + flattened using "." as the delimiter. items: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringJob - nextPageToken: - description: The standard List next-page token. + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformation + windowConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionWindowConfig + description: Config containing strategy for generating sliding windows. + weightColumn: + description: >- + Column name that should be used as the weight column. Higher values + in this column give more importance to the row during model + training. The column must have numeric values between 0 and 10000 + inclusively; 0 means the row is ignored for training. If weight + column field is not set, then all rows are assumed to have equal + weight of 1. This column must be available at forecast. type: string - GoogleCloudAiplatformV1PauseModelDeploymentMonitoringJobRequest: - id: GoogleCloudAiplatformV1PauseModelDeploymentMonitoringJobRequest - description: Request message for JobService.PauseModelDeploymentMonitoringJob. - type: object - properties: {} - GoogleCloudAiplatformV1ResumeModelDeploymentMonitoringJobRequest: - id: GoogleCloudAiplatformV1ResumeModelDeploymentMonitoringJobRequest - description: Request message for JobService.ResumeModelDeploymentMonitoringJob. - type: object - properties: {} - GoogleCloudAiplatformV1PredictRequest: - id: GoogleCloudAiplatformV1PredictRequest - description: Request message for PredictionService.Predict. - type: object - properties: - instances: + contextWindow: + type: string + format: int64 description: >- - Required. The instances that are the input to the prediction call. A - DeployedModel may have an upper limit on the number of instances it - supports per request, and when it is exceeded the prediction call - errors in case of AutoML Models, or, in case of customer created - Models, the behaviour is as documented by that Model. The schema of - any single instance may be specified via Endpoint's DeployedModels' - Model's PredictSchemata's instance_schema_uri. - type: array + The amount of time into the past training and prediction data is + used for model training and prediction respectively. Expressed in + number of units defined by the `data_granularity` field. + holidayRegions: items: - type: any - parameters: + type: string + type: array description: >- - The parameters that govern the prediction. The schema of the - parameters may be specified via Endpoint's DeployedModels' Model's - PredictSchemata's parameters_schema_uri. - type: any - GoogleCloudAiplatformV1PredictResponse: - id: GoogleCloudAiplatformV1PredictResponse - description: Response message for PredictionService.Predict. - type: object - properties: - predictions: + The geographical region based on which the holiday effect is applied + in modeling by adding holiday categorical array feature that include + all holidays matching the date. This option only allowed when + data_granularity is day. By default, holiday effect modeling is + disabled. To turn it on, specify the holiday region using this + option. + hierarchyConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHierarchyConfig description: >- - The predictions that are the output of the predictions call. The - schema of any single prediction may be specified via Endpoint's - DeployedModels' Model's PredictSchemata's prediction_schema_uri. + Configuration that defines the hierarchical relationship of time + series and parameters for hierarchical forecasting strategies. + availableAtForecastColumns: type: array - items: - type: any - deployedModelId: - description: ID of the Endpoint's DeployedModel that served this prediction. - type: string - model: description: >- - Output only. The resource name of the Model which is deployed as the - DeployedModel that this prediction hits. - readOnly: true - type: string - modelVersionId: + Names of columns that are available and provided when a forecast is + requested. These columns contain information for the given entity + (identified by the time_series_identifier_column column) that is + known at forecast. For example, predicted weather for a specific + day. + items: + type: string + timeSeriesAttributeColumns: description: >- - Output only. The version ID of the Model which is deployed as the - DeployedModel that this prediction hits. - readOnly: true + Column names that should be used as attribute columns. The value of + these columns does not vary as a function of time. For example, + store ID or item color. + type: array + items: + type: string + timeSeriesIdentifierColumn: type: string - modelDisplayName: + description: The name of the column that identifies the time series. + timeColumn: description: >- - Output only. The display name of the Model which is deployed as the - DeployedModel that this prediction hits. - readOnly: true + The name of the column that identifies time order in the time + series. This column must be available at forecast. type: string - metadata: - description: >- - Output only. Request-level metadata returned by the model. The - metadata type will be dependent upon the model implementation. - readOnly: true - type: any - GoogleCloudAiplatformV1RawPredictRequest: - id: GoogleCloudAiplatformV1RawPredictRequest - description: Request message for PredictionService.RawPredict. - type: object + GoogleCloudAiplatformV1GeminiPreferenceExampleCompletion: properties: - httpBody: - description: >- - The prediction input. Supports HTTP headers and arbitrary data - payload. A DeployedModel may have an upper limit on the number of - instances it supports per request. When this limit it is exceeded - for an AutoML model, the RawPredict method returns an error. When - this limit is exceeded for a custom-trained model, the behavior - varies depending on the model. You can specify the schema for each - instance in the predict_schemata.instance_schema_uri field when you - create a Model. This schema applies when you deploy the `Model` as a - `DeployedModel` to an Endpoint and use the `RawPredict` method. - $ref: '#/components/schemas/GoogleApiHttpBody' - GoogleApiHttpBody: - id: GoogleApiHttpBody - description: >- - Message that represents an arbitrary HTTP body. It should only be used - for payload formats that can't be represented as JSON, such as raw - binary or an HTML page. This message can be used both in streaming and - non-streaming API methods in the request as well as the response. It can - be used as a top-level request field, which is convenient if one wants - to extract parameters from either the URL or HTTP template into the - request fields and also want access to the raw HTTP body. Example: - message GetResourceRequest { // A unique request id. string request_id = - 1; // The raw HTTP body is bound to this field. google.api.HttpBody - http_body = 2; } service ResourceService { rpc - GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc - UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } - Example with streaming methods: service CaldavService { rpc - GetCalendar(stream google.api.HttpBody) returns (stream - google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) - returns (stream google.api.HttpBody); } Use of this type only changes - how the request and response bodies are handled, all other features will - continue to work unchanged. + completion: + description: Single turn completion for the given prompt. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + score: + description: The score for the given completion. + type: number + format: float + description: Completion and its preference score. + id: GoogleCloudAiplatformV1GeminiPreferenceExampleCompletion + type: object + GoogleCloudAiplatformV1ProbeHttpGetAction: type: object + id: GoogleCloudAiplatformV1ProbeHttpGetAction + description: HttpGetAction describes an action based on HTTP Get requests. properties: - contentType: - description: >- - The HTTP Content-Type header value specifying the content type of - the body. + path: type: string - data: - description: The HTTP request/response body as raw binary. + description: Path to access on the HTTP server. + port: + format: int32 + type: integer + description: >- + Number of the port to access on the container. Number must be in the + range 1 to 65535. + host: type: string - format: byte - extensions: description: >- - Application specific response metadata. Must be set in the first - response for streaming APIs. + Host name to connect to, defaults to the model serving container's + IP. You probably want to set "Host" in httpHeaders instead. + scheme: + description: >- + Scheme to use for connecting to the host. Defaults to HTTP. + Acceptable values are "HTTP" or "HTTPS". + type: string + httpHeaders: type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleCloudAiplatformV1StreamRawPredictRequest: - id: GoogleCloudAiplatformV1StreamRawPredictRequest - description: Request message for PredictionService.StreamRawPredict. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ProbeHttpHeader' + description: Custom headers to set in the request. HTTP allows repeated headers. + GoogleCloudAiplatformV1RagVectorDbConfig: + properties: + ragManagedDb: + description: The config for the RAG-managed Vector DB. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDb + apiAuth: + description: Authentication config for the chosen Vector DB. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ApiAuth' + ragEmbeddingModelConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagEmbeddingModelConfig' + description: Optional. Immutable. The embedding model config of the Vector DB. + pinecone: + description: The config for the Pinecone. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RagVectorDbConfigPinecone + vertexVectorSearch: + description: The config for the Vertex Vector Search. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RagVectorDbConfigVertexVectorSearch + description: Config for the Vector DB to use for RAG. + id: GoogleCloudAiplatformV1RagVectorDbConfig type: object + GoogleCloudAiplatformV1PipelineJobRuntimeConfigInputArtifact: + description: The type of an input artifact. + type: object + id: GoogleCloudAiplatformV1PipelineJobRuntimeConfigInputArtifact properties: - httpBody: + artifactId: + type: string description: >- - The prediction input. Supports HTTP headers and arbitrary data - payload. - $ref: '#/components/schemas/GoogleApiHttpBody' - GoogleCloudAiplatformV1DirectPredictRequest: - id: GoogleCloudAiplatformV1DirectPredictRequest - description: Request message for PredictionService.DirectPredict. + Artifact resource id from MLMD. Which is the last portion of an + artifact resource name: + `projects/{project}/locations/{location}/metadataStores/default/artifacts/{artifact_id}`. + The artifact must stay within the same project, location and default + metadatastore as the pipeline. + GoogleCloudAiplatformV1PreferenceOptimizationHyperParameters: type: object + description: Hyperparameters for Preference Optimization. properties: - inputs: - description: The prediction input. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' - parameters: - description: The parameters that govern the prediction. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' - GoogleCloudAiplatformV1Tensor: - id: GoogleCloudAiplatformV1Tensor - description: A tensor value type. - type: object - properties: - dtype: - description: The data type of tensor. + epochCount: + description: >- + Optional. Number of complete passes the model makes over the entire + training dataset during training. type: string + format: int64 + learningRateMultiplier: + description: Optional. Multiplier for adjusting the default learning rate. + format: double + type: number + beta: + type: number + description: Optional. Weight for KL Divergence regularization. + format: double + adapterSize: + description: Optional. Adapter size for preference optimization. enumDescriptions: - - >- - Not a legal value for DataType. Used to indicate a DataType field - has not been set. - - >- - Data types that all computation devices are expected to be capable - to support. - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' + - Adapter size is unspecified. + - Adapter size 1. + - Adapter size 2. + - Adapter size 4. + - Adapter size 8. + - Adapter size 16. + - Adapter size 32. + type: string enum: - - DATA_TYPE_UNSPECIFIED - - BOOL - - STRING - - FLOAT - - DOUBLE - - INT8 - - INT16 - - INT32 - - INT64 - - UINT8 - - UINT16 - - UINT32 - - UINT64 - shape: - description: Shape of the tensor. - type: array - items: - type: string - format: int64 - boolVal: - description: >- - Type specific representations that make it easy to create tensor - protos in all languages. Only the representation corresponding to - "dtype" can be set. The values hold the flattened representation of - the tensor in row major order. BOOL - type: array - items: - type: boolean - stringVal: - description: STRING - type: array - items: - type: string - bytesVal: - description: STRING - type: array - items: - type: string - format: byte - floatVal: - description: FLOAT - type: array + - ADAPTER_SIZE_UNSPECIFIED + - ADAPTER_SIZE_ONE + - ADAPTER_SIZE_TWO + - ADAPTER_SIZE_FOUR + - ADAPTER_SIZE_EIGHT + - ADAPTER_SIZE_SIXTEEN + - ADAPTER_SIZE_THIRTY_TWO + id: GoogleCloudAiplatformV1PreferenceOptimizationHyperParameters + GoogleCloudAiplatformV1IndexDatapointSparseEmbedding: + description: >- + Feature embedding vector for sparse index. An array of numbers whose + values are located in the specified dimensions. + properties: + values: items: type: number format: float - doubleVal: - description: DOUBLE - type: array - items: - type: number - format: double - intVal: - description: INT_8 INT_16 INT_32 type: array - items: - type: integer - format: int32 - int64Val: - description: INT64 + description: Required. The list of embedding values of the sparse vector. + dimensions: type: array items: - type: string format: int64 - uintVal: - description: UINT8 UINT16 UINT32 - type: array - items: - type: integer - format: uint32 - uint64Val: - description: UINT64 - type: array - items: type: string - format: uint64 - listVal: - description: A list of tensor values. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' - structVal: - description: A map of string to tensor. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' - tensorVal: - description: Serialized raw tensor content. - type: string - format: byte - GoogleCloudAiplatformV1DirectPredictResponse: - id: GoogleCloudAiplatformV1DirectPredictResponse - description: Response message for PredictionService.DirectPredict. + description: >- + Required. The list of indexes for the embedding values of the sparse + vector. + id: GoogleCloudAiplatformV1IndexDatapointSparseEmbedding type: object - properties: - outputs: - description: The prediction output. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' - parameters: - description: The parameters that govern the prediction. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' - GoogleCloudAiplatformV1DirectRawPredictRequest: - id: GoogleCloudAiplatformV1DirectRawPredictRequest - description: Request message for PredictionService.DirectRawPredict. + GoogleCloudAiplatformV1ModelDeploymentMonitoringBigQueryTable: type: object + id: GoogleCloudAiplatformV1ModelDeploymentMonitoringBigQueryTable + description: >- + ModelDeploymentMonitoringBigQueryTable specifies the BigQuery table name + as well as some information of the logs stored in this table. properties: - methodName: + bigqueryTablePath: + type: string description: >- - Fully qualified name of the API method being invoked to perform - predictions. Format: `/namespace.Service/Method/` Example: - `/tensorflow.serving.PredictionService/Predict` + The created BigQuery table to store logs. Customer could do their + own query & analysis. Format: `bq://.model_deployment_monitoring_._` + logType: + description: The type of log. + enumDescriptions: + - Unspecified type. + - Predict logs. + - Explain logs. type: string - input: - description: The prediction input. + enum: + - LOG_TYPE_UNSPECIFIED + - PREDICT + - EXPLAIN + logSource: type: string - format: byte - GoogleCloudAiplatformV1DirectRawPredictResponse: - id: GoogleCloudAiplatformV1DirectRawPredictResponse - description: Response message for PredictionService.DirectRawPredict. - type: object - properties: - output: - description: The prediction output. + description: The source of log. + enum: + - LOG_SOURCE_UNSPECIFIED + - TRAINING + - SERVING + enumDescriptions: + - Unspecified source. + - Logs coming from Training dataset. + - Logs coming from Serving traffic. + requestResponseLoggingSchemaVersion: type: string - format: byte - GoogleCloudAiplatformV1StreamingPredictRequest: - id: GoogleCloudAiplatformV1StreamingPredictRequest - description: >- - Request message for PredictionService.StreamingPredict. The first - message must contain endpoint field and optionally input. The subsequent - messages must contain input. + readOnly: true + description: >- + Output only. The schema version of the request/response logging + BigQuery table. Default to v1 if unset. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHyperparameterTuningTask: type: object + description: A TrainingJob that tunes Hypererparameters of a custom code Model. + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHyperparameterTuningTask properties: inputs: - description: The prediction input. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' - parameters: - description: The parameters that govern the prediction. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' - GoogleCloudAiplatformV1StreamingPredictResponse: - id: GoogleCloudAiplatformV1StreamingPredictResponse - description: Response message for PredictionService.StreamingPredict. + description: The input parameters of this HyperparameterTuningTask. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHyperparameterTuningJobSpec + metadata: + description: The metadata information. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHyperparameterTuningJobMetadata + GoogleCloudAiplatformV1CheckTrialEarlyStoppingStateRequest: + properties: {} + id: GoogleCloudAiplatformV1CheckTrialEarlyStoppingStateRequest type: object - properties: - outputs: - description: The prediction output. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' - parameters: - description: The parameters that govern the prediction. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' - GoogleCloudAiplatformV1PredictLongRunningRequest: - id: GoogleCloudAiplatformV1PredictLongRunningRequest - description: Request message for PredictionService.PredictLongRunning. + description: Request message for VizierService.CheckTrialEarlyStoppingState. + GoogleCloudAiplatformV1ListPipelineJobsResponse: type: object + id: GoogleCloudAiplatformV1ListPipelineJobsResponse properties: - instances: - description: >- - Required. The instances that are the input to the prediction call. A - DeployedModel may have an upper limit on the number of instances it - supports per request, and when it is exceeded the prediction call - errors in case of AutoML Models, or, in case of customer created - Models, the behaviour is as documented by that Model. The schema of - any single instance may be specified via Endpoint's DeployedModels' - Model's PredictSchemata's instance_schema_uri. + pipelineJobs: type: array items: - type: any - parameters: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineJob' + description: List of PipelineJobs in the requested page. + nextPageToken: description: >- - Optional. The parameters that govern the prediction. The schema of - the parameters may be specified via Endpoint's DeployedModels' - Model's PredictSchemata's parameters_schema_uri. - type: any - GoogleCloudAiplatformV1FetchPredictOperationRequest: - id: GoogleCloudAiplatformV1FetchPredictOperationRequest - description: Request message for PredictionService.FetchPredictOperation. - type: object - properties: - operationName: - description: Required. The server-assigned name for the operation. + A token to retrieve the next page of results. Pass to + ListPipelineJobsRequest.page_token to obtain that page. type: string - GoogleCloudAiplatformV1ExplainRequest: - id: GoogleCloudAiplatformV1ExplainRequest - description: Request message for PredictionService.Explain. + description: Response message for PipelineService.ListPipelineJobs + GoogleCloudAiplatformV1DeleteFeatureValuesResponseSelectTimeRangeAndFeature: + id: >- + GoogleCloudAiplatformV1DeleteFeatureValuesResponseSelectTimeRangeAndFeature type: object properties: - instances: - description: >- - Required. The instances that are the input to the explanation call. - A DeployedModel may have an upper limit on the number of instances - it supports per request, and when it is exceeded the explanation - call errors in case of AutoML Models, or, in case of customer - created Models, the behaviour is as documented by that Model. The - schema of any single instance may be specified via Endpoint's - DeployedModels' Model's PredictSchemata's instance_schema_uri. - type: array - items: - type: any - parameters: + onlineStorageModifiedEntityCount: + type: string + format: int64 description: >- - The parameters that govern the prediction. The schema of the - parameters may be specified via Endpoint's DeployedModels' Model's - PredictSchemata's parameters_schema_uri. - type: any - explanationSpecOverride: + The count of modified entities in the online storage. Each entity ID + corresponds to one entity. Within each entity, only the features + specified in the request are deleted. + impactedFeatureCount: + format: int64 description: >- - If specified, overrides the explanation_spec of the DeployedModel. - Can be used for explaining prediction results with different - configurations, such as: - Explaining top-5 predictions results as - opposed to top-1; - Increasing path count or step count of the - attribution methods to reduce approximate errors; - Using different - baselines for explaining the prediction results. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplanationSpecOverride' - deployedModelId: + The count of the features or columns impacted. This is the same as + the feature count in the request. + type: string + offlineStorageModifiedEntityRowCount: + format: int64 description: >- - If specified, this ExplainRequest will be served by the chosen - DeployedModel, overriding Endpoint.traffic_split. + The count of modified entity rows in the offline storage. Each row + corresponds to the combination of an entity ID and a timestamp. One + entity ID can have multiple rows in the offline storage. Within each + row, only the features specified in the request are deleted. type: string - GoogleCloudAiplatformV1ExplanationSpecOverride: - id: GoogleCloudAiplatformV1ExplanationSpecOverride description: >- - The ExplanationSpec entries that can be overridden at online explanation - time. - type: object + Response message if the request uses the SelectTimeRangeAndFeature + option. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHierarchyConfig: + id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHierarchyConfig + description: >- + Configuration that defines the hierarchical relationship of time series + and parameters for hierarchical forecasting strategies. properties: - parameters: + groupColumns: + items: + type: string + type: array description: >- - The parameters to be overridden. Note that the attribution method - cannot be changed. If not specified, no parameter is overridden. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplanationParameters' - metadata: + A list of time series attribute column names that define the time + series hierarchy. Only one level of hierarchy is supported, ex. + 'region' for a hierarchy of stores or 'department' for a hierarchy + of products. If multiple columns are specified, time series will be + grouped by their combined values, ex. ('blue', 'large') for 'color' + and 'size', up to 5 columns are accepted. If no group columns are + specified, all time series are considered to be part of the same + group. + groupTemporalTotalWeight: + format: double + type: number description: >- - The metadata to be overridden. If not specified, no metadata is - overridden. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ExplanationMetadataOverride - examplesOverride: - description: The example-based explanations parameter overrides. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExamplesOverride' - GoogleCloudAiplatformV1ExplanationMetadataOverride: - id: GoogleCloudAiplatformV1ExplanationMetadataOverride - description: >- - The ExplanationMetadata entries that can be overridden at online - explanation time. - type: object - properties: - inputs: + The weight of the loss for predictions aggregated over both the + horizon and time series in the same hierarchy group. + groupTotalWeight: description: >- - Required. Overrides the input metadata of the features. The key is - the name of the feature to be overridden. The keys specified here - must exist in the input metadata to be overridden. If a feature is - not specified here, the corresponding feature's input metadata is - not overridden. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ExplanationMetadataOverrideInputMetadataOverride - GoogleCloudAiplatformV1ExplanationMetadataOverrideInputMetadataOverride: - id: GoogleCloudAiplatformV1ExplanationMetadataOverrideInputMetadataOverride - description: The input metadata entries to be overridden. - type: object - properties: - inputBaselines: + The weight of the loss for predictions aggregated over time series + in the same group. + format: double + type: number + temporalTotalWeight: + type: number description: >- - Baseline inputs for this feature. This overrides the - `input_baseline` field of the ExplanationMetadata.InputMetadata - object of the corresponding feature's input metadata. If it's not - specified, the original baselines are not overridden. - type: array - items: - type: any - GoogleCloudAiplatformV1ExamplesOverride: - id: GoogleCloudAiplatformV1ExamplesOverride - description: Overrides for example-based explanations. + The weight of the loss for predictions aggregated over the horizon + for a single time series. + format: double + type: object + GoogleCloudAiplatformV1DeployRequestModelConfig: + description: The model config to use for the deployment. type: object properties: - neighborCount: - description: The number of neighbors to return. - type: integer - format: int32 - crowdingCount: - description: The number of neighbors to return that have the same crowding tag. - type: integer - format: int32 - restrictions: + modelUserId: + type: string description: >- - Restrict the resulting nearest neighbors to respect these - constraints. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ExamplesRestrictionsNamespace - returnEmbeddings: - description: If true, return the embeddings instead of neighbors. + Optional. The ID to use for the uploaded Model, which will become + the final component of the model resource name. When not provided, + Vertex AI will generate a value for this ID. When Model Registry + model is provided, this field will be ignored. This value may be up + to 63 characters, and valid characters are `[a-z0-9_-]`. The first + character cannot be a number or hyphen. + huggingFaceCacheEnabled: + description: >- + Optional. If true, the model will deploy with a cached version + instead of directly downloading the model artifacts from Hugging + Face. This is suitable for VPC-SC users with limited internet + access. type: boolean - dataFormat: - description: The format of the data being provided with each call. + acceptEula: + type: boolean + description: >- + Optional. Whether the user accepts the End User License Agreement + (EULA) for the model. + huggingFaceAccessToken: type: string - enumDescriptions: - - Unspecified format. Must not be used. - - Provided data is a set of model inputs. - - Provided data is a set of embeddings. - enum: - - DATA_FORMAT_UNSPECIFIED - - INSTANCES - - EMBEDDINGS - GoogleCloudAiplatformV1ExamplesRestrictionsNamespace: - id: GoogleCloudAiplatformV1ExamplesRestrictionsNamespace - description: Restrictions namespace for example-based explanations overrides. + description: >- + Optional. The Hugging Face read access token used to access the + model artifacts of gated models. + containerSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelContainerSpec' + description: >- + Optional. The specification of the container that is to be used when + deploying. If not set, the default container spec will be used. + modelDisplayName: + type: string + description: >- + Optional. The user-specified display name of the uploaded model. If + not set, a default name will be used. + id: GoogleCloudAiplatformV1DeployRequestModelConfig + GoogleCloudAiplatformV1RougeResults: type: object properties: - namespaceName: - description: The namespace name. - type: string - allow: - description: The list of allowed tags. - type: array + rougeMetricValues: + description: Output only. Rouge metric values. + readOnly: true items: - type: string - deny: - description: The list of deny tags. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RougeMetricValue' type: array - items: - type: string - GoogleCloudAiplatformV1ExplainResponse: - id: GoogleCloudAiplatformV1ExplainResponse - description: Response message for PredictionService.Explain. + id: GoogleCloudAiplatformV1RougeResults + description: Results for rouge metric. + GoogleCloudAiplatformV1FeatureSelector: type: object + description: Selector for Features of an EntityType. + id: GoogleCloudAiplatformV1FeatureSelector properties: - explanations: - description: >- - The explanations of the Model's PredictResponse.predictions. It has - the same number of elements as instances to be explained. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Explanation' - deployedModelId: - description: ID of the Endpoint's DeployedModel that served this explanation. + idMatcher: + $ref: '#/components/schemas/GoogleCloudAiplatformV1IdMatcher' + description: Required. Matches Features based on ID. + GoogleCloudAiplatformV1MemoryBankCustomizationConfigMemoryTopicCustomMemoryTopic: + properties: + label: + type: string + description: Required. The label of the topic. + description: type: string - predictions: description: >- - The predictions that are the output of the predictions call. Same as - PredictResponse.predictions. - type: array - items: - type: any - GoogleCloudAiplatformV1Explanation: - id: GoogleCloudAiplatformV1Explanation - description: >- - Explanation of a prediction (provided in PredictResponse.predictions) - produced by the Model on a given instance. + Required. Description of the memory topic. This should explain what + information should be extracted for this topic. + description: A custom memory topic defined by the developer. + id: >- + GoogleCloudAiplatformV1MemoryBankCustomizationConfigMemoryTopicCustomMemoryTopic type: object + GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecMetricSpec: + type: object + id: GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecMetricSpec properties: - attributions: - description: >- - Output only. Feature attributions grouped by predicted outputs. For - Models that predict only one output, such as regression Models that - predict only one score, there is only one attibution that explains - the predicted output. For Models that predict multiple outputs, such - as multiclass Models that predict multiple classes, each element - explains one specific item. Attribution.output_index can be used to - identify which output this attribution is explaining. By default, we - provide Shapley values for the predicted class. However, you can - configure the explanation request to generate Shapley values for any - other classes too. For example, if a model predicts a probability of - `0.4` for approving a loan application, the model's decision is to - reject the application since `p(reject) = 0.6 > p(approve) = 0.4`, - and the default Shapley values would be computed for rejection - decision and not approval, even though the latter might be the - positive class. If users set ExplanationParameters.top_k, the - attributions are sorted by instance_output_value in descending - order. If ExplanationParameters.output_indices is specified, the - attributions are stored by Attribution.output_index in the same - order as they appear in the output_indices. - readOnly: true - type: array + goal: + description: Required. The optimization goal of the metric. + enum: + - GOAL_TYPE_UNSPECIFIED + - MAXIMIZE + - MINIMIZE + enumDescriptions: + - Goal Type will default to maximize. + - Maximize the goal metric. + - Minimize the goal metric. + type: string + metricId: + description: Required. The ID of the metric. Must not contain whitespaces. + type: string + description: Represents a metric to optimize. + GoogleCloudAiplatformV1ToolCallValidResults: + id: GoogleCloudAiplatformV1ToolCallValidResults + properties: + toolCallValidMetricValues: + description: Output only. Tool call valid metric values. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Attribution' - neighbors: - description: >- - Output only. List of the nearest neighbors for example-based - explanations. For models deployed with the examples explanations - feature enabled, the attributions field is empty and instead the - neighbors field is populated. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ToolCallValidMetricValue readOnly: true type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Neighbor' - GoogleCloudAiplatformV1Attribution: - id: GoogleCloudAiplatformV1Attribution - description: Attribution that explains a particular prediction output. + type: object + description: Results for tool call valid metric. + GoogleCloudAiplatformV1PublisherModelResourceReference: + description: Reference to a resource. + id: GoogleCloudAiplatformV1PublisherModelResourceReference type: object properties: - baselineOutputValue: - description: >- - Output only. Model predicted output if the input instance is - constructed from the baselines of all the features defined in - ExplanationMetadata.inputs. The field name of the output is - determined by the key in ExplanationMetadata.outputs. If the Model's - predicted output has multiple dimensions (rank > 1), this is the - value in the output located by output_index. If there are multiple - baselines, their output values are averaged. - readOnly: true + uri: + type: string + description: The URI of the resource. + resourceName: + description: The resource name of the Google Cloud resource. + type: string + useCase: + deprecated: true + description: Use case (CUJ) of the resource. + type: string + description: + type: string + description: Description of the resource. + deprecated: true + GoogleCloudAiplatformV1FulfillmentResult: + properties: + score: + format: float + description: Output only. Fulfillment score. type: number - format: double - instanceOutputValue: - description: >- - Output only. Model predicted output on the corresponding explanation - instance. The field name of the output is determined by the key in - ExplanationMetadata.outputs. If the Model predicted output has - multiple dimensions, this is the value in the output located by - output_index. readOnly: true - type: number - format: double - featureAttributions: - description: >- - Output only. Attributions of each explained feature. Features are - extracted from the prediction instances according to explanation - metadata for inputs. The value is a struct, whose keys are the name - of the feature. The values are how much the feature in the instance - contributed to the predicted result. The format of the value is - determined by the feature's input format: * If the feature is a - scalar value, the attribution value is a floating number. * If the - feature is an array of scalar values, the attribution value is an - array. * If the feature is a struct, the attribution value is a - struct. The keys in the attribution value struct are the same as the - keys in the feature struct. The formats of the values in the - attribution struct are determined by the formats of the values in - the feature struct. The - ExplanationMetadata.feature_attributions_schema_uri field, pointed - to by the ExplanationSpec field of the Endpoint.deployed_models - object, points to the schema file that describes the features and - their attribution values (if it is populated). + confidence: + format: float readOnly: true - type: any - outputIndex: - description: >- - Output only. The index that locates the explained prediction output. - If the prediction output is a scalar value, output_index is not - populated. If the prediction output has multiple dimensions, the - length of the output_index list is the same as the number of - dimensions of the output. The i-th element in output_index is the - element index of the i-th dimension of the output vector. Indices - start from 0. + description: Output only. Confidence for fulfillment score. + type: number + explanation: + type: string + description: Output only. Explanation for fulfillment score. readOnly: true - type: array - items: - type: integer - format: int32 - outputDisplayName: + id: GoogleCloudAiplatformV1FulfillmentResult + type: object + description: Spec for fulfillment result. + GoogleCloudAiplatformV1GenerateMemoriesRequestVertexSessionSource: + properties: + startTime: + format: google-datetime description: >- - Output only. The display name of the output identified by - output_index. For example, the predicted class name by a - multi-classification Model. This field is only populated iff the - Model predicts display names as a separate field along with the - explained output. The predicted display name must has the same shape - of the explained output, and can be located using output_index. - readOnly: true + Optional. Time range to define which session events should be used + to generate memories. Start time (inclusive) of the time range. If + not set, the start time is unbounded. type: string - approximationError: - description: >- - Output only. Error of feature_attributions caused by approximation - used in the explanation method. Lower value means more precise - attributions. * For Sampled Shapley attribution, increasing - path_count might reduce the error. * For Integrated Gradients - attribution, increasing step_count might reduce the error. * For - XRAI attribution, increasing step_count might reduce the error. See - [this introduction](/vertex-ai/docs/explainable-ai/overview) for - more information. - readOnly: true - type: number - format: double - outputName: + session: description: >- - Output only. Name of the explain output. Specified as the key in - ExplanationMetadata.outputs. - readOnly: true + Required. The resource name of the Session to generate memories for. + Format: + `projects/{project}/locations/{location}/reasoningEngines/{reasoning_engine}/sessions/{session}` type: string - GoogleCloudAiplatformV1Neighbor: - id: GoogleCloudAiplatformV1Neighbor - description: Neighbors for example-based explanations. + endTime: + type: string + description: >- + Optional. End time (exclusive) of the time range. If not set, the + end time is unbounded. + format: google-datetime + type: object + description: >- + Defines an Agent Engine Session from which to generate the memories. If + `scope` is not provided, the scope will be extracted from the Session + (i.e. {"user_id": sesison.user_id}). + id: GoogleCloudAiplatformV1GenerateMemoriesRequestVertexSessionSource + GoogleCloudAiplatformV1TensorboardExperiment: type: object properties: - neighborId: - description: Output only. The neighbor id. + updateTime: + format: google-datetime + description: >- + Output only. Timestamp when this TensorboardExperiment was last + updated. + type: string readOnly: true + displayName: + description: User provided name of this TensorboardExperiment. type: string - neighborDistance: - description: Output only. The neighbor distance. + createTime: + format: google-datetime readOnly: true - type: number - format: double - GoogleCloudAiplatformV1GenerateContentRequest: - id: GoogleCloudAiplatformV1GenerateContentRequest - description: Request message for [PredictionService.GenerateContent]. - type: object - properties: - contents: - description: >- - Required. The content of the current conversation with the model. - For single-turn queries, this is a single instance. For multi-turn - queries, this is a repeated field that contains conversation history - + latest request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - systemInstruction: - description: >- - Optional. The user provided system instructions for the model. Note: - only text should be used in parts and content in each part will be - in a separate paragraph. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - cachedContent: - description: >- - Optional. The name of the cached content used as context to serve - the prediction. Note: only used in explicit caching, where users can - have control over caching (e.g. what content to cache) and enjoy - guaranteed cost savings. Format: - `projects/{project}/locations/{location}/cachedContents/{cachedContent}` type: string - tools: + description: Output only. Timestamp when this TensorboardExperiment was created. + etag: description: >- - Optional. A list of `Tools` the model may use to generate the next - response. A `Tool` is a piece of code that enables the system to - interact with external systems to perform an action, or set of - actions, outside of knowledge and scope of the model. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tool' - toolConfig: + Used to perform consistent read-modify-write updates. If not set, a + blind "overwrite" update happens. + type: string + source: + type: string description: >- - Optional. Tool config. This config is shared for all tools provided - in the request. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolConfig' + Immutable. Source of the TensorboardExperiment. Example: a custom + training job. labels: - description: >- - Optional. The labels with user-defined metadata for the request. It - is used for billing and reporting only. Label keys and values can be - no longer than 63 characters (Unicode codepoints) and can only - contain lowercase letters, numeric characters, underscores, and - dashes. International characters are allowed. Label values are - optional. Label keys must start with a letter. - type: object additionalProperties: type: string - safetySettings: - description: >- - Optional. Per request settings for blocking unsafe content. Enforced - on GenerateContentResponse.candidates. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1SafetySetting' - modelArmorConfig: + type: object description: >- - Optional. Settings for prompt and response sanitization using the - Model Armor service. If supplied, safety_settings must not be - supplied. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelArmorConfig' - generationConfig: - description: Optional. Generation config. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenerationConfig' - GoogleCloudAiplatformV1SafetySetting: - id: GoogleCloudAiplatformV1SafetySetting - description: Safety settings. - type: object - properties: - category: - description: Required. Harm category. + The labels with user-defined metadata to organize your + TensorboardExperiment. Label keys and values cannot be longer than + 64 characters (Unicode codepoints), can only contain lowercase + letters, numeric characters, underscores and dashes. International + characters are allowed. No more than 64 user labels can be + associated with one Dataset (System labels are excluded). See + https://goo.gl/xmQnxf for more information and examples of labels. + System reserved label keys are prefixed with + `aiplatform.googleapis.com/` and are immutable. The following system + labels exist for each Dataset: * + `aiplatform.googleapis.com/dataset_metadata_schema`: output only. + Its value is the metadata_schema's title. + description: + description: Description of this TensorboardExperiment. type: string - enumDescriptions: - - The harm category is unspecified. - - The harm category is hate speech. - - The harm category is dangerous content. - - The harm category is harassment. - - The harm category is sexually explicit content. - - >- - Deprecated: Election filter is not longer supported. The harm - category is civic integrity. - - The harm category is image hate. - - The harm category is image dangerous content. - - The harm category is image harassment. - - The harm category is image sexually explicit content. - enumDeprecated: - - false - - false - - false - - false - - false - - true - - false - - false - - false - - false - enum: - - HARM_CATEGORY_UNSPECIFIED - - HARM_CATEGORY_HATE_SPEECH - - HARM_CATEGORY_DANGEROUS_CONTENT - - HARM_CATEGORY_HARASSMENT - - HARM_CATEGORY_SEXUALLY_EXPLICIT - - HARM_CATEGORY_CIVIC_INTEGRITY - - HARM_CATEGORY_IMAGE_HATE - - HARM_CATEGORY_IMAGE_DANGEROUS_CONTENT - - HARM_CATEGORY_IMAGE_HARASSMENT - - HARM_CATEGORY_IMAGE_SEXUALLY_EXPLICIT - threshold: - description: Required. The harm block threshold. + name: + readOnly: true type: string - enumDescriptions: - - Unspecified harm block threshold. - - Block low threshold and above (i.e. block more). - - Block medium threshold and above. - - Block only high threshold (i.e. block less). - - Block none. - - Turn off the safety filter. - enum: - - HARM_BLOCK_THRESHOLD_UNSPECIFIED - - BLOCK_LOW_AND_ABOVE - - BLOCK_MEDIUM_AND_ABOVE - - BLOCK_ONLY_HIGH - - BLOCK_NONE - - 'OFF' - method: description: >- - Optional. Specify if the threshold is used for probability or - severity score. If not specified, the threshold is used for - probability score. - type: string - enumDescriptions: - - The harm block method is unspecified. - - The harm block method uses both probability and severity scores. - - The harm block method uses the probability score. - enum: - - HARM_BLOCK_METHOD_UNSPECIFIED - - SEVERITY - - PROBABILITY - GoogleCloudAiplatformV1ModelArmorConfig: - id: GoogleCloudAiplatformV1ModelArmorConfig - description: Configuration for Model Armor integrations of prompt and responses. - type: object + Output only. Name of the TensorboardExperiment. Format: + `projects/{project}/locations/{location}/tensorboards/{tensorboard}/experiments/{experiment}` + id: GoogleCloudAiplatformV1TensorboardExperiment + description: >- + A TensorboardExperiment is a group of TensorboardRuns, that are + typically the results of a training job run, in a Tensorboard. + GoogleCloudAiplatformV1SchemaModelevaluationMetricsForecastingEvaluationMetricsQuantileMetricsEntry: + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsForecastingEvaluationMetricsQuantileMetricsEntry properties: - promptTemplateName: - description: >- - Optional. The name of the Model Armor template to use for prompt - sanitization. - type: string - responseTemplateName: + observedQuantile: description: >- - Optional. The name of the Model Armor template to use for response - sanitization. - type: string - GoogleCloudAiplatformV1GenerationConfig: - id: GoogleCloudAiplatformV1GenerationConfig - description: Generation config. - type: object - properties: - temperature: - description: Optional. Controls the randomness of predictions. - type: number - format: float - topP: - description: Optional. If specified, nucleus sampling will be used. - type: number - format: float - topK: - description: Optional. If specified, top-k sampling will be used. + This is a custom metric that calculates the percentage of true + values that were less than the predicted value for that quantile. + Only populated when optimization_objective is minimize-quantile-loss + and each entry corresponds to an entry in quantiles The percent + value can be used to compare with the quantile value, which is the + target value. type: number + format: double + scaledPinballLoss: format: float - candidateCount: - description: Optional. Number of candidates to generate. - type: integer - format: int32 - maxOutputTokens: - description: >- - Optional. The maximum number of output tokens to generate per - message. - type: integer - format: int32 - stopSequences: - description: Optional. Stop sequences. - type: array - items: - type: string - responseLogprobs: - description: Optional. If true, export the logprobs results in response. - type: boolean - logprobs: - description: Optional. Logit probabilities. - type: integer - format: int32 - presencePenalty: - description: Optional. Positive penalties. + description: The scaled pinball loss of this quantile. type: number - format: float - frequencyPenalty: - description: Optional. Frequency penalties. + quantile: + format: double + description: The quantile for this entry. type: number - format: float - seed: - description: Optional. Seed. - type: integer - format: int32 - responseMimeType: - description: >- - Optional. Output response mimetype of the generated candidate text. - Supported mimetype: - `text/plain`: (default) Text output. - - `application/json`: JSON response in the candidates. The model needs - to be prompted to output the appropriate response type, otherwise - the behavior is undefined. This is a preview feature. + description: Entry for the Quantiles loss type optimization objective. + type: object + GoogleCloudAiplatformV1ReadIndexDatapointsRequest: + description: The request message for MatchService.ReadIndexDatapoints. + id: GoogleCloudAiplatformV1ReadIndexDatapointsRequest + type: object + properties: + deployedIndexId: type: string - responseSchema: - description: >- - Optional. The `Schema` object allows the definition of input and - output data types. These types can be objects, but also primitives - and arrays. Represents a select subset of an [OpenAPI 3.0 schema - object](https://spec.openapis.org/oas/v3.0.3#schema). If set, a - compatible response_mime_type must also be set. Compatible - mimetypes: `application/json`: Schema for JSON response. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Schema' - responseJsonSchema: - description: >- - Optional. Output schema of the generated response. This is an - alternative to `response_schema` that accepts [JSON - Schema](https://json-schema.org/). If set, `response_schema` must be - omitted, but `response_mime_type` is required. While the full JSON - Schema may be sent, not all features are supported. Specifically, - only the following properties are supported: - `$id` - `$defs` - - `$ref` - `$anchor` - `type` - `format` - `title` - `description` - - `enum` (for strings and numbers) - `items` - `prefixItems` - - `minItems` - `maxItems` - `minimum` - `maximum` - `anyOf` - `oneOf` - (interpreted the same as `anyOf`) - `properties` - - `additionalProperties` - `required` The non-standard - `propertyOrdering` property may also be set. Cyclic references are - unrolled to a limited degree and, as such, may only be used within - non-required properties. (Nullable properties are not sufficient.) - If `$ref` is set on a sub-schema, no other properties, except for - than those starting as a `$`, may be set. - type: any - routingConfig: - description: Optional. Routing configuration. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerationConfigRoutingConfig - audioTimestamp: - description: >- - Optional. If enabled, audio timestamp will be included in the - request to the model. - type: boolean - responseModalities: - description: Optional. The modalities of the response. + description: The ID of the DeployedIndex that will serve the request. + ids: type: array + description: IDs of the datapoints to be searched for. items: type: string - enumDescriptions: - - Unspecified modality. Will be processed as text. - - Text modality. - - Image modality. - - Audio modality. - enum: - - MODALITY_UNSPECIFIED - - TEXT - - IMAGE - - AUDIO - mediaResolution: - description: Optional. If specified, the media resolution specified will be used. - type: string - enumDescriptions: - - Media resolution has not been set. - - Media resolution set to low (64 tokens). - - Media resolution set to medium (256 tokens). - - Media resolution set to high (zoomed reframing with 256 tokens). - enum: - - MEDIA_RESOLUTION_UNSPECIFIED - - MEDIA_RESOLUTION_LOW - - MEDIA_RESOLUTION_MEDIUM - - MEDIA_RESOLUTION_HIGH - speechConfig: - description: Optional. The speech generation config. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SpeechConfig' - thinkingConfig: - description: >- - Optional. Config for thinking features. An error will be returned if - this field is set for models that don't support thinking. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerationConfigThinkingConfig - enableAffectiveDialog: - description: >- - Optional. If enabled, the model will detect emotions and adapt its - responses accordingly. - type: boolean - GoogleCloudAiplatformV1GenerationConfigRoutingConfig: - id: GoogleCloudAiplatformV1GenerationConfigRoutingConfig - description: The configuration for routing the request to a specific model. - type: object + GoogleCloudAiplatformV1EvaluationRunEvaluationConfigOutputConfig: + id: GoogleCloudAiplatformV1EvaluationRunEvaluationConfigOutputConfig + description: The output config for the evaluation run. properties: - autoMode: - description: Automated routing. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerationConfigRoutingConfigAutoRoutingMode - manualMode: - description: Manual routing. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerationConfigRoutingConfigManualRoutingMode - GoogleCloudAiplatformV1GenerationConfigRoutingConfigAutoRoutingMode: - id: GoogleCloudAiplatformV1GenerationConfigRoutingConfigAutoRoutingMode - description: >- - When automated routing is specified, the routing will be determined by - the pretrained routing model and customer provided model routing - preference. + gcsDestination: + description: Cloud Storage destination for evaluation output. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' + bigqueryDestination: + $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQueryDestination' + description: BigQuery destination for evaluation output. type: object + GoogleCloudAiplatformV1ExecutableCode: properties: - modelRoutingPreference: - description: The model routing preference. + code: + description: Required. The code to be executed. + type: string + language: type: string enumDescriptions: - - Unspecified model routing preference. - - Prefer higher quality over low cost. - - Balanced model routing preference. - - Prefer lower cost over higher quality. + - Unspecified language. This value should not be used. + - Python >= 3.10, with numpy and simpy available. enum: - - UNKNOWN - - PRIORITIZE_QUALITY - - BALANCED - - PRIORITIZE_COST - GoogleCloudAiplatformV1GenerationConfigRoutingConfigManualRoutingMode: - id: GoogleCloudAiplatformV1GenerationConfigRoutingConfigManualRoutingMode - description: When manual routing is set, the specified model will be used directly. - type: object - properties: - modelName: - description: >- - The model name to use. Only the public LLM models are accepted. See - [Supported - models](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/inference#supported-models). - type: string - GoogleCloudAiplatformV1SpeechConfig: - id: GoogleCloudAiplatformV1SpeechConfig - description: The speech generation config. + - LANGUAGE_UNSPECIFIED + - PYTHON + description: Required. Programming language of the `code`. type: object + id: GoogleCloudAiplatformV1ExecutableCode + description: >- + Code generated by the model that is meant to be executed, and the result + returned to the model. Generated when using the [CodeExecution] tool, in + which the code will be automatically executed, and a corresponding + [CodeExecutionResult] will also be generated. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationCategoricalTransformation: + description: >- + Training pipeline will perform following transformation functions. * The + categorical string as is--no change to case, punctuation, spelling, + tense, and so on. * Convert the category name to a dictionary lookup + index and generate an embedding for each index. * Categories that appear + less than 5 times in the training dataset are treated as the "unknown" + category. The "unknown" category gets its own special lookup index and + resulting embedding. properties: - voiceConfig: - description: The configuration for the speaker to use. - $ref: '#/components/schemas/GoogleCloudAiplatformV1VoiceConfig' - languageCode: - description: >- - Optional. Language code (ISO 639. e.g. en-US) for the speech - synthesization. + columnName: type: string - GoogleCloudAiplatformV1VoiceConfig: - id: GoogleCloudAiplatformV1VoiceConfig - description: The configuration for the voice to use. - type: object - properties: - prebuiltVoiceConfig: - description: The configuration for the prebuilt voice to use. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PrebuiltVoiceConfig' - GoogleCloudAiplatformV1PrebuiltVoiceConfig: - id: GoogleCloudAiplatformV1PrebuiltVoiceConfig - description: The configuration for the prebuilt speaker to use. type: object - properties: - voiceName: - description: The name of the preset voice to use. - type: string - GoogleCloudAiplatformV1GenerationConfigThinkingConfig: - id: GoogleCloudAiplatformV1GenerationConfigThinkingConfig - description: Config for thinking features. + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationCategoricalTransformation + GoogleCloudAiplatformV1PredictLongRunningRequest: type: object properties: - includeThoughts: + instances: description: >- - Optional. Indicates whether to include thoughts in the response. If - true, thoughts are returned only when available. - type: boolean - thinkingBudget: - description: Optional. Indicates the thinking budget in tokens. - type: integer - format: int32 - GoogleCloudAiplatformV1GenerateContentResponse: - id: GoogleCloudAiplatformV1GenerateContentResponse - description: Response message for [PredictionService.GenerateContent]. - type: object - properties: - candidates: - description: Output only. Generated candidates. - readOnly: true - type: array + Required. The instances that are the input to the prediction call. A + DeployedModel may have an upper limit on the number of instances it + supports per request, and when it is exceeded the prediction call + errors in case of AutoML Models, or, in case of customer created + Models, the behaviour is as documented by that Model. The schema of + any single instance may be specified via Endpoint's DeployedModels' + Model's PredictSchemata's instance_schema_uri. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Candidate' - modelVersion: - description: Output only. The model version used to generate the response. - readOnly: true - type: string + type: any + type: array + parameters: + description: >- + Optional. The parameters that govern the prediction. The schema of + the parameters may be specified via Endpoint's DeployedModels' + Model's PredictSchemata's parameters_schema_uri. + type: any + id: GoogleCloudAiplatformV1PredictLongRunningRequest + description: Request message for PredictionService.PredictLongRunning. + GoogleCloudAiplatformV1DataLabelingJob: + id: GoogleCloudAiplatformV1DataLabelingJob + properties: + activeLearningConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ActiveLearningConfig' + description: >- + Parameters that configure the active learning pipeline. Active + learning will label the data incrementally via several iterations. + For every iteration, it will select a batch of data based on the + sampling strategy. createTime: - description: Output only. Timestamp when the request is made to the server. - readOnly: true + description: Output only. Timestamp when this DataLabelingJob was created. type: string format: google-datetime - responseId: + readOnly: true + inputs: + description: Required. Input config parameters for the DataLabelingJob. + type: any + updateTime: description: >- - Output only. response_id is used to identify each response. It is - the encoding of the event_id. + Output only. Timestamp when this DataLabelingJob was updated most + recently. + format: google-datetime readOnly: true type: string - promptFeedback: + currentSpend: description: >- - Output only. Content filter results for a prompt sent in the - request. Note: Sent only in the first stream chunk. Only happens - when no candidates were generated due to content violations. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponsePromptFeedback - usageMetadata: - description: Usage metadata about the response(s). - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponseUsageMetadata - GoogleCloudAiplatformV1Candidate: - id: GoogleCloudAiplatformV1Candidate - description: A response candidate generated from the model. - type: object - properties: - index: - description: Output only. Index of the candidate. + Output only. Estimated cost(in US dollars) that the DataLabelingJob + has incurred to date. + $ref: '#/components/schemas/GoogleTypeMoney' readOnly: true + labelerCount: type: integer + description: Required. Number of labelers to work on each DataItem. format: int32 - content: - description: Output only. Content parts of the candidate. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - avgLogprobs: - description: Output only. Average log probability score of the candidate. - readOnly: true - type: number - format: double - logprobsResult: + inputsSchemaUri: + type: string + description: >- + Required. Points to a YAML file stored on Google Cloud Storage + describing the config for a specific type of DataLabelingJob. The + schema files that can be used here are found in the + https://storage.googleapis.com/google-cloud-aiplatform bucket in the + /schema/datalabelingjob/inputs/ folder. + datasets: + description: >- + Required. Dataset resource names. Right now we only support labeling + from a single Dataset. Format: + `projects/{project}/locations/{location}/datasets/{dataset}` + items: + type: string + type: array + encryptionSpec: + description: >- + Customer-managed encryption key spec for a DataLabelingJob. If set, + this DataLabelingJob will be secured by this key. Note: Annotations + created in the DataLabelingJob are associated with the + EncryptionSpec of the Dataset they are exported to. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + displayName: description: >- - Output only. Log-likelihood scores for the response tokens and top - tokens + Required. The user-defined name of the DataLabelingJob. The name can + be up to 128 characters long and can consist of any UTF-8 + characters. Display name of a DataLabelingJob. + type: string + name: + description: Output only. Resource name of the DataLabelingJob. readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1LogprobsResult' - finishReason: + type: string + specialistPools: + description: The SpecialistPools' resource names associated with this job. + type: array + items: + type: string + labels: description: >- - Output only. The reason why the model stopped generating tokens. If - empty, the model has not stopped generating the tokens. + The labels with user-defined metadata to organize your + DataLabelingJobs. Label keys and values can be no longer than 64 + characters (Unicode codepoints), can only contain lowercase letters, + numeric characters, underscores and dashes. International characters + are allowed. See https://goo.gl/xmQnxf for more information and + examples of labels. System reserved label keys are prefixed with + "aiplatform.googleapis.com/" and are immutable. Following system + labels exist for each DataLabelingJob: * + "aiplatform.googleapis.com/schema": output only, its value is the + inputs_schema's title. + type: object + additionalProperties: + type: string + error: + $ref: '#/components/schemas/GoogleRpcStatus' readOnly: true + description: >- + Output only. DataLabelingJob errors. It is only populated when job's + state is `JOB_STATE_FAILED` or `JOB_STATE_CANCELLED`. + state: + description: Output only. The detailed state of the job. type: string + readOnly: true + enum: + - JOB_STATE_UNSPECIFIED + - JOB_STATE_QUEUED + - JOB_STATE_PENDING + - JOB_STATE_RUNNING + - JOB_STATE_SUCCEEDED + - JOB_STATE_FAILED + - JOB_STATE_CANCELLING + - JOB_STATE_CANCELLED + - JOB_STATE_PAUSED + - JOB_STATE_EXPIRED + - JOB_STATE_UPDATING + - JOB_STATE_PARTIALLY_SUCCEEDED enumDescriptions: - - The finish reason is unspecified. - - >- - Token generation reached a natural stopping point or a configured - stop sequence. - - Token generation reached the configured maximum output tokens. - - >- - Token generation stopped because the content potentially contains - safety violations. NOTE: When streaming, content is empty if - content filters blocks the output. - - The token generation stopped because of potential recitation. - - All other reasons that stopped the token generation. - - >- - Token generation stopped because the content contains forbidden - terms. + - The job state is unspecified. - >- - Token generation stopped for potentially containing prohibited - content. + The job has been just created or resumed and processing has not + yet begun. + - The service is preparing to run the job. + - The job is in progress. + - The job completed successfully. + - The job failed. - >- - Token generation stopped because the content potentially contains - Sensitive Personally Identifiable Information (SPII). - - The function call generated by the model is invalid. - - The model response was blocked by Model Armor. + The job is being cancelled. From this state the job may only go to + either `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED` or + `JOB_STATE_CANCELLED`. + - The job has been cancelled. + - The job has been stopped, and can be resumed. + - The job has expired. - >- - Token generation stopped because generated images has safety - violations. + The job is being updated. Only jobs in the `RUNNING` state can be + updated. After updating, the job goes back to the `RUNNING` state. - >- - Image generation stopped because generated images has other - prohibited content. - - Image generation stopped due to recitation. - - Image generation stopped because of other miscellaneous issue. - - The tool call generated by the model is invalid. - enum: - - FINISH_REASON_UNSPECIFIED - - STOP - - MAX_TOKENS - - SAFETY - - RECITATION - - OTHER - - BLOCKLIST - - PROHIBITED_CONTENT - - SPII - - MALFORMED_FUNCTION_CALL - - MODEL_ARMOR - - IMAGE_SAFETY - - IMAGE_PROHIBITED_CONTENT - - IMAGE_RECITATION - - IMAGE_OTHER - - UNEXPECTED_TOOL_CALL - safetyRatings: - description: >- - Output only. List of ratings for the safety of a response candidate. - There is at most one rating per category. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1SafetyRating' - finishMessage: + The job is partially succeeded, some results may be missing due to + errors. + annotationLabels: + additionalProperties: + type: string description: >- - Output only. Describes the reason the mode stopped generating tokens - in more detail. This is only filled when `finish_reason` is set. - readOnly: true - type: string - citationMetadata: - description: Output only. Source attribution of the generated content. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1CitationMetadata' - groundingMetadata: + Labels to assign to annotations generated by this DataLabelingJob. + Label keys and values can be no longer than 64 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. See + https://goo.gl/xmQnxf for more information and examples of labels. + System reserved label keys are prefixed with + "aiplatform.googleapis.com/" and are immutable. + type: object + labelingProgress: description: >- - Output only. Metadata specifies sources used to ground generated - content. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundingMetadata' - urlContextMetadata: - description: Output only. Metadata related to url context retrieval tool. + Output only. Current labeling job progress percentage scaled in + interval [0, 100], indicating the percentage of DataItems that has + been finished. + format: int32 readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1UrlContextMetadata' - GoogleCloudAiplatformV1LogprobsResult: - id: GoogleCloudAiplatformV1LogprobsResult - description: Logprobs Result - type: object - properties: - topCandidates: - description: Length = total number of decoding steps. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1LogprobsResultTopCandidates - chosenCandidates: + type: integer + instructionUri: description: >- - Length = total number of decoding steps. The chosen candidates may - or may not be in top_candidates. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1LogprobsResultCandidate - GoogleCloudAiplatformV1LogprobsResultTopCandidates: - id: GoogleCloudAiplatformV1LogprobsResultTopCandidates - description: Candidates with top log probabilities at each decoding step. - type: object - properties: - candidates: - description: Sorted by log probability in descending order. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1LogprobsResultCandidate - GoogleCloudAiplatformV1LogprobsResultCandidate: - id: GoogleCloudAiplatformV1LogprobsResultCandidate - description: Candidate for the logprobs token and score. - type: object - properties: - token: - description: The candidate's token string value. + Required. The Google Cloud Storage location of the instruction pdf. + This pdf is shared with labelers, and provides detailed description + on how to label DataItems in Datasets. type: string - tokenId: - description: The candidate's token id value. - type: integer - format: int32 - logProbability: - description: The candidate's log probability. - type: number - format: float - GoogleCloudAiplatformV1SafetyRating: - id: GoogleCloudAiplatformV1SafetyRating - description: Safety rating corresponding to the generated content. type: object + description: >- + DataLabelingJob is used to trigger a human labeling job on unlabeled + data from the following Dataset: + GoogleCloudAiplatformV1ResourcePool: properties: - category: - description: Output only. Harm category. - readOnly: true - type: string - enumDescriptions: - - The harm category is unspecified. - - The harm category is hate speech. - - The harm category is dangerous content. - - The harm category is harassment. - - The harm category is sexually explicit content. - - >- - Deprecated: Election filter is not longer supported. The harm - category is civic integrity. - - The harm category is image hate. - - The harm category is image dangerous content. - - The harm category is image harassment. - - The harm category is image sexually explicit content. - enumDeprecated: - - false - - false - - false - - false - - false - - true - - false - - false - - false - - false - enum: - - HARM_CATEGORY_UNSPECIFIED - - HARM_CATEGORY_HATE_SPEECH - - HARM_CATEGORY_DANGEROUS_CONTENT - - HARM_CATEGORY_HARASSMENT - - HARM_CATEGORY_SEXUALLY_EXPLICIT - - HARM_CATEGORY_CIVIC_INTEGRITY - - HARM_CATEGORY_IMAGE_HATE - - HARM_CATEGORY_IMAGE_DANGEROUS_CONTENT - - HARM_CATEGORY_IMAGE_HARASSMENT - - HARM_CATEGORY_IMAGE_SEXUALLY_EXPLICIT - probability: - description: Output only. Harm probability levels in the content. - readOnly: true + replicaCount: + format: int64 + description: >- + Optional. The total number of machines to use for this resource + pool. type: string - enumDescriptions: - - Harm probability unspecified. - - Negligible level of harm. - - Low level of harm. - - Medium level of harm. - - High level of harm. - enum: - - HARM_PROBABILITY_UNSPECIFIED - - NEGLIGIBLE - - LOW - - MEDIUM - - HIGH - probabilityScore: - description: Output only. Harm probability score. - readOnly: true - type: number - format: float - severity: - description: Output only. Harm severity levels in the content. - readOnly: true + usedReplicaCount: type: string - enumDescriptions: - - Harm severity unspecified. - - Negligible level of harm severity. - - Low level of harm severity. - - Medium level of harm severity. - - High level of harm severity. - enum: - - HARM_SEVERITY_UNSPECIFIED - - HARM_SEVERITY_NEGLIGIBLE - - HARM_SEVERITY_LOW - - HARM_SEVERITY_MEDIUM - - HARM_SEVERITY_HIGH - severityScore: - description: Output only. Harm severity score. - readOnly: true - type: number - format: float - blocked: description: >- - Output only. Indicates whether the content was filtered out because - of this rating. + Output only. The number of machines currently in use by training + jobs for this resource pool. Will replace idle_replica_count. + format: int64 readOnly: true - type: boolean - overwrittenThreshold: + autoscalingSpec: description: >- - Output only. The overwritten threshold for the safety category of - Gemini 2.0 image out. If minors are detected in the output image, - the threshold of each safety category will be overwritten if user - sets a lower threshold. - readOnly: true + Optional. Optional spec to configure GKE or Ray-on-Vertex + autoscaling + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ResourcePoolAutoscalingSpec + diskSpec: + description: Optional. Disk spec for the machine in this node pool. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DiskSpec' + id: + description: >- + Immutable. The unique ID in a PersistentResource for referring to + this resource pool. User can specify it if necessary. Otherwise, + it's generated automatically. type: string - enumDescriptions: - - Unspecified harm block threshold. - - Block low threshold and above (i.e. block more). - - Block medium threshold and above. - - Block only high threshold (i.e. block less). - - Block none. - - Turn off the safety filter. - enum: - - HARM_BLOCK_THRESHOLD_UNSPECIFIED - - BLOCK_LOW_AND_ABOVE - - BLOCK_MEDIUM_AND_ABOVE - - BLOCK_ONLY_HIGH - - BLOCK_NONE - - 'OFF' - GoogleCloudAiplatformV1CitationMetadata: - id: GoogleCloudAiplatformV1CitationMetadata - description: A collection of source attributions for a piece of content. - type: object - properties: - citations: - description: Output only. List of citations. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Citation' - GoogleCloudAiplatformV1Citation: - id: GoogleCloudAiplatformV1Citation - description: Source attributions for content. + machineSpec: + description: Required. Immutable. The specification of a single machine. + $ref: '#/components/schemas/GoogleCloudAiplatformV1MachineSpec' + description: >- + Represents the spec of a group of resources of the same type, for + example machine type, disk, and accelerators, in a PersistentResource. type: object + id: GoogleCloudAiplatformV1ResourcePool + GoogleCloudAiplatformV1FeatureViewSyncSyncSummary: properties: - startIndex: - description: Output only. Start index into the content. - readOnly: true - type: integer - format: int32 - endIndex: - description: Output only. End index into the content. - readOnly: true - type: integer - format: int32 - uri: - description: Output only. Url reference of the attribution. + totalSlot: + description: Output only. BigQuery slot milliseconds consumed for the sync job. readOnly: true type: string - title: - description: Output only. Title of the attribution. - readOnly: true + format: int64 + systemWatermarkTime: + format: google-datetime + description: >- + Lower bound of the system time watermark for the sync job. This is + only set for continuously syncing feature views. type: string - license: - description: Output only. License of the attribution. - readOnly: true + rowSynced: type: string - publicationDate: - description: Output only. Publication date of the attribution. + format: int64 + description: Output only. Total number of rows synced. readOnly: true - $ref: '#/components/schemas/GoogleTypeDate' - GoogleTypeDate: - id: GoogleTypeDate + type: object + id: GoogleCloudAiplatformV1FeatureViewSyncSyncSummary description: >- - Represents a whole or partial calendar date, such as a birthday. The - time of day and time zone are either specified elsewhere or are - insignificant. The date is relative to the Gregorian Calendar. This can - represent one of the following: * A full date, with non-zero year, - month, and day values. * A month and day, with a zero year (for example, - an anniversary). * A year on its own, with a zero month and a zero day. - * A year and month, with a zero day (for example, a credit card - expiration date). Related types: * google.type.TimeOfDay * - google.type.DateTime * google.protobuf.Timestamp + Summary from the Sync job. For continuous syncs, the summary is updated + periodically. For batch syncs, it gets updated on completion of the + sync. + GoogleCloudAiplatformV1ReasoningEngineContextSpecMemoryBankConfigTtlConfig: + description: >- + Configuration for automatically setting the TTL ("time-to-live") of the + memories in the Memory Bank. type: object properties: - year: + defaultTtl: + format: google-duration description: >- - Year of the date. Must be from 1 to 9999, or 0 to specify a date - without a year. - type: integer - format: int32 - month: + Optional. The default TTL duration of the memories in the Memory + Bank. This applies to all operations that create or update a memory. + type: string + memoryRevisionDefaultTtl: + type: string + format: google-duration description: >- - Month of a year. Must be from 1 to 12, or 0 to specify a year - without a month and day. - type: integer - format: int32 - day: + Optional. The default TTL duration of the memory revisions in the + Memory Bank. This applies to all operations that create a memory + revision. If not set, a default TTL of 365 days will be used. + granularTtlConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReasoningEngineContextSpecMemoryBankConfigTtlConfigGranularTtlConfig description: >- - Day of a month. Must be from 1 to 31 and valid for the year and - month, or 0 to specify a year by itself or a year and month where - the day isn't significant. - type: integer + Optional. The granular TTL configuration of the memories in the + Memory Bank. + id: >- + GoogleCloudAiplatformV1ReasoningEngineContextSpecMemoryBankConfigTtlConfig + GoogleTypeColor: + description: >- + Represents a color in the RGBA color space. This representation is + designed for simplicity of conversion to and from color representations + in various languages over compactness. For example, the fields of this + representation can be trivially provided to the constructor of + `java.awt.Color` in Java; it can also be trivially provided to UIColor's + `+colorWithRed:green:blue:alpha` method in iOS; and, with just a little + work, it can be easily formatted into a CSS `rgba()` string in + JavaScript. This reference page doesn't have information about the + absolute color space that should be used to interpret the RGB value—for + example, sRGB, Adobe RGB, DCI-P3, and BT.2020. By default, applications + should assume the sRGB color space. When color equality needs to be + decided, implementations, unless documented otherwise, treat two colors + as equal if all their red, green, blue, and alpha values each differ by + at most `1e-5`. Example (Java): import com.google.type.Color; // ... + public static java.awt.Color fromProto(Color protocolor) { float alpha = + protocolor.hasAlpha() ? protocolor.getAlpha().getValue() : 1.0; return + new java.awt.Color( protocolor.getRed(), protocolor.getGreen(), + protocolor.getBlue(), alpha); } public static Color + toProto(java.awt.Color color) { float red = (float) color.getRed(); + float green = (float) color.getGreen(); float blue = (float) + color.getBlue(); float denominator = 255.0; Color.Builder resultBuilder + = Color .newBuilder() .setRed(red / denominator) .setGreen(green / + denominator) .setBlue(blue / denominator); int alpha = color.getAlpha(); + if (alpha != 255) { result.setAlpha( FloatValue .newBuilder() + .setValue(((float) alpha) / denominator) .build()); } return + resultBuilder.build(); } // ... Example (iOS / Obj-C): // ... static + UIColor* fromProto(Color* protocolor) { float red = [protocolor red]; + float green = [protocolor green]; float blue = [protocolor blue]; + FloatValue* alpha_wrapper = [protocolor alpha]; float alpha = 1.0; if + (alpha_wrapper != nil) { alpha = [alpha_wrapper value]; } return + [UIColor colorWithRed:red green:green blue:blue alpha:alpha]; } static + Color* toProto(UIColor* color) { CGFloat red, green, blue, alpha; if + (![color getRed:&red green:&green blue:&blue alpha:&alpha]) { return + nil; } Color* result = [[Color alloc] init]; [result setRed:red]; + [result setGreen:green]; [result setBlue:blue]; if (alpha <= 0.9999) { + [result setAlpha:floatWrapperWithValue(alpha)]; } [result autorelease]; + return result; } // ... Example (JavaScript): // ... var protoToCssColor + = function(rgb_color) { var redFrac = rgb_color.red || 0.0; var + greenFrac = rgb_color.green || 0.0; var blueFrac = rgb_color.blue || + 0.0; var red = Math.floor(redFrac * 255); var green = + Math.floor(greenFrac * 255); var blue = Math.floor(blueFrac * 255); if + (!('alpha' in rgb_color)) { return rgbToCssColor(red, green, blue); } + var alphaFrac = rgb_color.alpha.value || 0.0; var rgbParams = [red, + green, blue].join(','); return ['rgba(', rgbParams, ',', alphaFrac, + ')'].join(''); }; var rgbToCssColor = function(red, green, blue) { var + rgbNumber = new Number((red << 16) | (green << 8) | blue); var hexString + = rgbNumber.toString(16); var missingZeros = 6 - hexString.length; var + resultBuilder = ['#']; for (var i = 0; i < missingZeros; i++) { + resultBuilder.push('0'); } resultBuilder.push(hexString); return + resultBuilder.join(''); }; // ... + id: GoogleTypeColor + type: object + properties: + blue: + format: float + description: The amount of blue in the color as a value in the interval [0, 1]. + type: number + green: + type: number + format: float + description: The amount of green in the color as a value in the interval [0, 1]. + alpha: + type: number + description: >- + The fraction of this color that should be applied to the pixel. That + is, the final pixel color is defined by the equation: `pixel color = + alpha * (this color) + (1.0 - alpha) * (background color)` This + means that a value of 1.0 corresponds to a solid color, whereas a + value of 0.0 corresponds to a completely transparent color. This + uses a wrapper message rather than a simple float scalar so that it + is possible to distinguish between a default value and the value + being unset. If omitted, this color object is rendered as a solid + color (as if the alpha value had been explicitly given a value of + 1.0). + format: float + red: + description: The amount of red in the color as a value in the interval [0, 1]. + format: float + type: number + GoogleCloudAiplatformV1Examples: + id: GoogleCloudAiplatformV1Examples + description: >- + Example-based explainability that returns the nearest neighbors from the + provided dataset. + type: object + properties: + presets: + description: >- + Simplified preset configuration, which automatically sets + configuration values based on the desired query speed-precision + trade-off and modality. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Presets' + neighborCount: format: int32 - GoogleCloudAiplatformV1GroundingMetadata: - id: GoogleCloudAiplatformV1GroundingMetadata - description: Metadata returned to client when grounding is enabled. + description: The number of neighbors to return when querying for examples. + type: integer + exampleGcsSource: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExamplesExampleGcsSource' + description: The Cloud Storage input instances. + nearestNeighborSearchConfig: + description: >- + The full configuration for the generated index, the semantics are + the same as metadata and should match + [NearestNeighborSearchConfig](https://cloud.google.com/vertex-ai/docs/explainable-ai/configuring-explanations-example-based#nearest-neighbor-search-config). + type: any + GoogleCloudAiplatformV1PairwiseMetricInput: type: object + description: Input for pairwise metric. properties: - webSearchQueries: - description: Optional. Web search queries for the following-up web search. - type: array - items: - type: string - searchEntryPoint: - description: Optional. Google search entry for the following-up web searches. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SearchEntryPoint' - groundingChunks: + instance: + description: Required. Pairwise metric instance. + $ref: '#/components/schemas/GoogleCloudAiplatformV1PairwiseMetricInstance' + metricSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PairwiseMetricSpec' + description: Required. Spec for pairwise metric. + id: GoogleCloudAiplatformV1PairwiseMetricInput + GoogleCloudAiplatformV1MigrateResourceRequestMigrateDataLabelingDatasetConfigMigrateDataLabelingAnnotatedDatasetConfig: + type: object + id: >- + GoogleCloudAiplatformV1MigrateResourceRequestMigrateDataLabelingDatasetConfigMigrateDataLabelingAnnotatedDatasetConfig + properties: + annotatedDataset: description: >- - List of supporting references retrieved from specified grounding - source. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundingChunk' - groundingSupports: - description: Optional. List of grounding support. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundingSupport' - retrievalMetadata: - description: Optional. Output only. Retrieval metadata. + Required. Full resource name of data labeling AnnotatedDataset. + Format: + `projects/{project}/datasets/{dataset}/annotatedDatasets/{annotated_dataset}`. + type: string + description: >- + Config for migrating AnnotatedDataset in datalabeling.googleapis.com to + Vertex AI's SavedQuery. + GoogleCloudAiplatformV1Tensorboard: + type: object + description: >- + Tensorboard is a physical database that stores users' training metrics. + A default Tensorboard is provided in each region of a Google Cloud + project. If needed users can also create extra Tensorboards in their + projects. + id: GoogleCloudAiplatformV1Tensorboard + properties: + createTime: readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1RetrievalMetadata' - googleMapsWidgetContextToken: + description: Output only. Timestamp when this Tensorboard was created. + format: google-datetime + type: string + updateTime: + format: google-datetime + type: string + readOnly: true + description: Output only. Timestamp when this Tensorboard was last updated. + satisfiesPzi: + type: boolean + description: Output only. Reserved for future use. + readOnly: true + etag: + type: string description: >- - Optional. Output only. Resource name of the Google Maps widget - context token to be used with the PlacesContextElement widget to - render contextual data. This is populated only for Google Maps - grounding. + Used to perform a consistent read-modify-write updates. If not set, + a blind "overwrite" update happens. + blobStoragePathPrefix: + type: string readOnly: true + description: >- + Output only. Consumer project Cloud Storage path prefix used to + store blob data, which can either be a bucket or directory. Does not + end with a '/'. + encryptionSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + description: >- + Customer-managed encryption key spec for a Tensorboard. If set, this + Tensorboard and all sub-resources of this Tensorboard will be + secured by this key. + isDefault: + type: boolean + description: >- + Used to indicate if the TensorBoard instance is the default one. + Each project & region can have at most one default TensorBoard + instance. Creation of a default TensorBoard instance and updating an + existing TensorBoard instance to be default will mark all other + TensorBoard instances (if any) as non default. + labels: + description: >- + The labels with user-defined metadata to organize your Tensorboards. + Label keys and values can be no longer than 64 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. No + more than 64 user labels can be associated with one Tensorboard + (System labels are excluded). See https://goo.gl/xmQnxf for more + information and examples of labels. System reserved label keys are + prefixed with "aiplatform.googleapis.com/" and are immutable. + type: object + additionalProperties: + type: string + name: type: string - GoogleCloudAiplatformV1SearchEntryPoint: - id: GoogleCloudAiplatformV1SearchEntryPoint - description: Google search entry point. - type: object - properties: - renderedContent: description: >- - Optional. Web content snippet that can be embedded in a web page or - an app webview. + Output only. Name of the Tensorboard. Format: + `projects/{project}/locations/{location}/tensorboards/{tensorboard}` + readOnly: true + satisfiesPzs: + type: boolean + description: Output only. Reserved for future use. + readOnly: true + runCount: + description: Output only. The number of Runs stored in this Tensorboard. + type: integer + format: int32 + readOnly: true + description: type: string - sdkBlob: - description: Optional. Base64 encoded JSON representing array of tuple. + description: Description of this Tensorboard. + displayName: + description: Required. User provided name of this Tensorboard. type: string - format: byte - GoogleCloudAiplatformV1GroundingChunk: - id: GoogleCloudAiplatformV1GroundingChunk - description: Grounding chunk. - type: object + GoogleCloudAiplatformV1NasJobOutput: properties: - web: - description: Grounding chunk from the web. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundingChunkWeb' - retrievedContext: - description: Grounding chunk from context retrieved by the retrieval tools. + multiTrialJobOutput: + description: >- + Output only. The output of this multi-trial Neural Architecture + Search (NAS) job. + readOnly: true $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GroundingChunkRetrievedContext - maps: - description: Grounding chunk from Google Maps. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundingChunkMaps' - GoogleCloudAiplatformV1GroundingChunkWeb: - id: GoogleCloudAiplatformV1GroundingChunkWeb - description: Chunk from the web. + #/components/schemas/GoogleCloudAiplatformV1NasJobOutputMultiTrialJobOutput + id: GoogleCloudAiplatformV1NasJobOutput type: object + description: Represents a uCAIP NasJob output. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationAutoTransformation: properties: - uri: - description: URI reference of the chunk. + columnName: type: string - title: - description: Title of the chunk. + description: >- + Training pipeline will infer the proper transformation based on the + statistic of dataset. + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationAutoTransformation + type: object + GoogleCloudAiplatformV1GenerateFetchAccessTokenResponse: + description: Response message for FeatureOnlineStoreService.GenerateFetchAccessToken. + id: GoogleCloudAiplatformV1GenerateFetchAccessTokenResponse + type: object + properties: + accessToken: + description: The OAuth 2.0 access token. type: string - domain: - description: Domain of the (original) URI. + expireTime: type: string - GoogleCloudAiplatformV1GroundingChunkRetrievedContext: - id: GoogleCloudAiplatformV1GroundingChunkRetrievedContext - description: Chunk from context retrieved by the retrieval tools. + format: google-datetime + description: Token expiration time. This is always set + GoogleCloudAiplatformV1ListTrialsResponse: + description: Response message for VizierService.ListTrials. type: object + id: GoogleCloudAiplatformV1ListTrialsResponse properties: - ragChunk: - description: >- - Additional context for the RAG retrieval result. This is only - populated when using the RAG retrieval tool. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagChunk' - uri: - description: URI reference of the attribution. + nextPageToken: type: string - title: - description: Title of the attribution. + description: >- + Pass this token as the `page_token` field of the request for a + subsequent call. If this field is omitted, there are no subsequent + pages. + trials: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' + description: The Trials associated with the Study. + GoogleCloudAiplatformV1ColabImage: + description: Colab image of the runtime. + properties: + releaseName: type: string - text: - description: Text of the attribution. + description: >- + Optional. The release name of the NotebookRuntime Colab image, e.g. + "py310". If not specified, detault to the latest release. + description: type: string - documentName: description: >- - Output only. The full document name for the referenced Vertex AI - Search document. + Output only. A human-readable description of the specified colab + image release, populated by the system. Example: "Python 3.10", + "Latest - current Python 3.11" readOnly: true - type: string + type: object + id: GoogleCloudAiplatformV1ColabImage + GoogleCloudAiplatformV1SharePointSources: + description: The SharePointSources to pass to ImportRagFiles. + properties: + sharePointSources: + description: The SharePoint sources. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SharePointSourcesSharePointSource + id: GoogleCloudAiplatformV1SharePointSources + type: object GoogleCloudAiplatformV1RagChunk: - id: GoogleCloudAiplatformV1RagChunk + type: object description: >- A RagChunk includes the content of a chunk of a RagFile, and associated metadata. - type: object + id: GoogleCloudAiplatformV1RagChunk properties: text: description: The content of the chunk. @@ -15859,1516 +14189,1481 @@ components: If populated, represents where the chunk starts and ends in the document. $ref: '#/components/schemas/GoogleCloudAiplatformV1RagChunkPageSpan' - GoogleCloudAiplatformV1RagChunkPageSpan: - id: GoogleCloudAiplatformV1RagChunkPageSpan - description: Represents where the chunk starts and ends in the document. + GoogleCloudAiplatformV1EvaluationRunMetricRubricBasedMetricSpec: + description: Specification for a metric that is based on rubrics. + properties: + inlineRubrics: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationRunMetricRubricBasedMetricSpecRepeatedRubrics + description: Use rubrics provided directly in the spec. + metricPromptTemplate: + description: >- + Optional. Template for the prompt used by the judge model to + evaluate against rubrics. + type: string + judgeAutoraterConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationRunEvaluationConfigAutoraterConfig + description: >- + Optional. Optional configuration for the judge LLM (Autorater). The + definition of AutoraterConfig needs to be provided. + rubricGroupKey: + description: >- + Use a pre-defined group of rubrics associated with the input + content. This refers to a key in the `rubric_groups` map of + `RubricEnhancedContents`. + type: string + rubricGenerationSpec: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationRunMetricRubricGenerationSpec + description: >- + Dynamically generate rubrics for evaluation using this + specification. + type: object + id: GoogleCloudAiplatformV1EvaluationRunMetricRubricBasedMetricSpec + GoogleCloudAiplatformV1DiskSpec: type: object + description: Represents the spec of disk options. properties: - firstPage: - description: Page where chunk starts in the document. Inclusive. 1-indexed. - type: integer + bootDiskType: + description: >- + Type of the boot disk. For non-A3U machines, the default value is + "pd-ssd", for A3U machines, the default value is + "hyperdisk-balanced". Valid values: "pd-ssd" (Persistent Disk Solid + State Drive), "pd-standard" (Persistent Disk Hard Disk Drive) or + "hyperdisk-balanced". + type: string + bootDiskSizeGb: + description: Size in GB of the boot disk (default is 100GB). format: int32 - lastPage: - description: Page where chunk ends in the document. Inclusive. 1-indexed. type: integer - format: int32 - GoogleCloudAiplatformV1GroundingChunkMaps: - id: GoogleCloudAiplatformV1GroundingChunkMaps - description: Chunk from Google Maps. + id: GoogleCloudAiplatformV1DiskSpec + GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessInstance: type: object + description: Spec for question answering helpfulness instance. properties: - uri: - description: URI reference of the chunk. - type: string - title: - description: Title of the chunk. + reference: type: string - text: - description: Text of the chunk. + description: Optional. Ground truth used to compare against the prediction. + instruction: type: string - placeId: description: >- - This Place's resource name, in `places/{place_id}` format. Can be - used to look up the Place. + Required. The question asked and other instruction in the inference + prompt. + prediction: type: string - placeAnswerSources: - description: >- - Sources used to generate the place answer. This includes review - snippets and photos that were used to generate the answer, as well - as uris to flag content. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GroundingChunkMapsPlaceAnswerSources - GoogleCloudAiplatformV1GroundingChunkMapsPlaceAnswerSources: - id: GoogleCloudAiplatformV1GroundingChunkMapsPlaceAnswerSources - description: Sources used to generate the place answer. - type: object - properties: - reviewSnippets: - description: Snippets of reviews that are used to generate the answer. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GroundingChunkMapsPlaceAnswerSourcesReviewSnippet - flagContentUri: - description: A link where users can flag a problem with the generated answer. + description: Required. Output of the evaluated model. + context: + description: Optional. Text provided as context to answer the question. type: string - GoogleCloudAiplatformV1GroundingChunkMapsPlaceAnswerSourcesReviewSnippet: - id: GoogleCloudAiplatformV1GroundingChunkMapsPlaceAnswerSourcesReviewSnippet - description: Encapsulates a review snippet. + id: GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessInstance + GoogleCloudAiplatformV1PersistentDiskSpec: + id: GoogleCloudAiplatformV1PersistentDiskSpec type: object properties: - review: - description: >- - A reference representing this place review which may be used to look - up this place review again. + diskType: type: string - authorAttribution: - description: This review's author. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GroundingChunkMapsPlaceAnswerSourcesAuthorAttribution - relativePublishTimeDescription: description: >- - A string of formatted recent time, expressing the review time - relative to the current time in a form appropriate for the language - and country. + Type of the disk (default is "pd-standard"). Valid values: "pd-ssd" + (Persistent Disk Solid State Drive) "pd-standard" (Persistent Disk + Hard Disk Drive) "pd-balanced" (Balanced Persistent Disk) + "pd-extreme" (Extreme Persistent Disk) + diskSizeGb: type: string - flagContentUri: - description: A link where users can flag a problem with the review. + format: int64 + description: Size in GB of the disk (default is 100GB). + description: Represents the spec of persistent disk options. + GoogleCloudAiplatformV1SchemaTimeSegment: + description: >- + A time period inside of a DataItem that has a time dimension (e.g. + video). + properties: + startTimeOffset: type: string - googleMapsUri: - description: A link to show the review on Google Maps. + format: google-duration + description: >- + Start of the time segment (inclusive), represented as the duration + since the start of the DataItem. + endTimeOffset: type: string - GoogleCloudAiplatformV1GroundingChunkMapsPlaceAnswerSourcesAuthorAttribution: - id: >- - GoogleCloudAiplatformV1GroundingChunkMapsPlaceAnswerSourcesAuthorAttribution - description: Author attribution for a photo or review. + format: google-duration + description: >- + End of the time segment (exclusive), represented as the duration + since the start of the DataItem. type: object + id: GoogleCloudAiplatformV1SchemaTimeSegment + GoogleCloudAiplatformV1FeatureOnlineStoreBigtableBigtableMetadata: + description: >- + Metadata of the Bigtable instance. This is used by direct read access to + the Bigtable in tenant project. + id: GoogleCloudAiplatformV1FeatureOnlineStoreBigtableBigtableMetadata properties: - displayName: - description: Name of the author of the Photo or Review. + tenantProjectId: type: string - uri: - description: URI of the author of the Photo or Review. + description: Tenant project ID. + tableId: + description: The Cloud Bigtable table id. type: string - photoUri: - description: Profile photo URI of the author of the Photo or Review. + instanceId: type: string - GoogleCloudAiplatformV1GroundingSupport: - id: GoogleCloudAiplatformV1GroundingSupport - description: Grounding support. + description: The Cloud Bigtable instance id. type: object + GoogleCloudAiplatformV1FeatureViewDirectWriteRequestDataKeyAndFeatureValuesFeature: + id: >- + GoogleCloudAiplatformV1FeatureViewDirectWriteRequestDataKeyAndFeatureValuesFeature properties: - segment: - description: Segment of the content this support belongs to. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Segment' - groundingChunkIndices: + value: + description: >- + Feature value. A user provided timestamp may be set in the + `FeatureValue.metadata.generate_time` field. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValue' + name: + type: string + description: Feature short name. + description: Feature name & value pair. + type: object + GoogleCloudAiplatformV1TrajectoryAnyOrderMatchSpec: + id: GoogleCloudAiplatformV1TrajectoryAnyOrderMatchSpec + description: >- + Spec for TrajectoryAnyOrderMatch metric - returns 1 if all tool calls in + the reference trajectory appear in the predicted trajectory in any + order, else 0. + properties: {} + type: object + GoogleCloudAiplatformV1GenerationConfig: + description: >- + Configuration for content generation. This message contains all the + parameters that control how the model generates content. It allows you + to influence the randomness, length, and structure of the output. + type: object + properties: + speechConfig: + description: Optional. The speech generation config. + $ref: '#/components/schemas/GoogleCloudAiplatformV1SpeechConfig' + enableAffectiveDialog: + type: boolean description: >- - A list of indices (into 'grounding_chunk') specifying the citations - associated with the claim. For instance [1,3,4] means that - grounding_chunk[1], grounding_chunk[3], grounding_chunk[4] are the - retrieved content attributed to the claim. + Optional. If enabled, the model will detect emotions and adapt its + responses accordingly. For example, if the model detects that the + user is frustrated, it may provide a more empathetic response. + responseMimeType: + type: string + description: >- + Optional. The IANA standard MIME type of the response. The model + will generate output that conforms to this MIME type. Supported + values include 'text/plain' (default) and 'application/json'. The + model needs to be prompted to output the appropriate response type, + otherwise the behavior is undefined. This is a preview feature. + audioTimestamp: + description: >- + Optional. If enabled, audio timestamps will be included in the + request to the model. This can be useful for synchronizing audio + with other modalities in the response. + type: boolean + stopSequences: type: array + description: >- + Optional. A list of character sequences that will stop the model + from generating further tokens. If a stop sequence is generated, the + output will end at that point. This is useful for controlling the + length and structure of the output. For example, you can use ["\n", + "###"] to stop generation at a new line or a specific marker. items: - type: integer - format: int32 - confidenceScores: + type: string + imageConfig: + description: Optional. Config for image generation features. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ImageConfig' + topP: + format: float + type: number description: >- - Confidence score of the support references. Ranges from 0 to 1. 1 is - the most confident. For Gemini 2.0 and before, this list must have - the same size as the grounding_chunk_indices. For Gemini 2.5 and - after, this list will be empty and should be ignored. + Optional. Specifies the nucleus sampling threshold. The model + considers only the smallest set of tokens whose cumulative + probability is at least `top_p`. This helps generate more diverse + and less repetitive responses. For example, a `top_p` of 0.9 means + the model considers tokens until the cumulative probability of the + tokens to select from reaches 0.9. It's recommended to adjust either + temperature or `top_p`, but not both. + responseModalities: type: array items: - type: number - format: float - GoogleCloudAiplatformV1Segment: - id: GoogleCloudAiplatformV1Segment - description: Segment of the content. - type: object - properties: - partIndex: + enumDescriptions: + - Unspecified modality. Will be processed as text. + - Text modality. + - Image modality. + - Audio modality. + enum: + - MODALITY_UNSPECIFIED + - TEXT + - IMAGE + - AUDIO + type: string description: >- - Output only. The index of a Part object within its parent Content - object. - readOnly: true - type: integer - format: int32 - startIndex: + Optional. The modalities of the response. The model will generate a + response that includes all the specified modalities. For example, if + this is set to `[TEXT, IMAGE]`, the response will include both text + and an image. + maxOutputTokens: description: >- - Output only. Start index in the given Part, measured in bytes. - Offset from the start of the Part, inclusive, starting at zero. - readOnly: true + Optional. The maximum number of tokens to generate in the response. + A token is approximately four characters. The default value varies + by model. This parameter can be used to control the length of the + generated text and prevent overly long responses. + format: int32 + type: integer + seed: type: integer + description: >- + Optional. A seed for the random number generator. By setting a seed, + you can make the model's output mostly deterministic. For a given + prompt and parameters (like temperature, top_p, etc.), the model + will produce the same response every time. However, it's not a + guaranteed absolute deterministic behavior. This is different from + parameters like `temperature`, which control the *level* of + randomness. `seed` ensures that the "random" choices the model makes + are the same on every run, making it essential for testing and + ensuring reproducible results. format: int32 - endIndex: + presencePenalty: description: >- - Output only. End index in the given Part, measured in bytes. Offset - from the start of the Part, exclusive, starting at zero. - readOnly: true + Optional. Penalizes tokens that have already appeared in the + generated text. A positive value encourages the model to generate + more diverse and less repetitive text. Valid values can range from + [-2.0, 2.0]. + format: float + type: number + responseJsonSchema: + type: any + description: >- + Optional. When this field is set, response_schema must be omitted + and response_mime_type must be set to `application/json`. + responseLogprobs: + description: >- + Optional. If set to true, the log probabilities of the output tokens + are returned. Log probabilities are the logarithm of the probability + of a token appearing in the output. A higher log probability means + the token is more likely to be generated. This can be useful for + analyzing the model's confidence in its own output and for + debugging. + type: boolean + temperature: + description: >- + Optional. Controls the randomness of the output. A higher + temperature results in more creative and diverse responses, while a + lower temperature makes the output more predictable and focused. The + valid range is (0.0, 2.0]. + type: number + format: float + routingConfig: + description: Optional. Routing configuration. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerationConfigRoutingConfig + logprobs: + description: >- + Optional. The number of top log probabilities to return for each + token. This can be used to see which other tokens were considered + likely candidates for a given position. A higher value will return + more options, but it will also increase the size of the response. type: integer format: int32 - text: + thinkingConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerationConfigThinkingConfig description: >- - Output only. The text corresponding to the segment from the - response. - readOnly: true - type: string - GoogleCloudAiplatformV1RetrievalMetadata: - id: GoogleCloudAiplatformV1RetrievalMetadata - description: Metadata related to retrieval in the grounding flow. - type: object - properties: - googleSearchDynamicRetrievalScore: + Optional. Configuration for thinking features. An error will be + returned if this field is set for models that don't support + thinking. + responseSchema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Schema' + description: >- + Optional. Lets you to specify a schema for the model's response, + ensuring that the output conforms to a particular structure. This is + useful for generating structured data such as JSON. The schema is a + subset of the [OpenAPI 3.0 schema + object](https://spec.openapis.org/oas/v3.0.3#schema) object. When + this field is set, you must also set the `response_mime_type` to + `application/json`. + candidateCount: + type: integer + format: int32 + description: >- + Optional. The number of candidate responses to generate. A higher + `candidate_count` can provide more options to choose from, but it + also consumes more resources. This can be useful for generating a + variety of responses and selecting the best one. + topK: + format: float description: >- - Optional. Score indicating how likely information from Google Search - could help answer the prompt. The score is in the range `[0, 1]`, - where 0 is the least likely and 1 is the most likely. This score is - only populated when Google Search grounding and dynamic retrieval is - enabled. It will be compared to the threshold to determine whether - to trigger Google Search. + Optional. Specifies the top-k sampling threshold. The model + considers only the top k most probable tokens for the next token. + This can be useful for generating more coherent and less random + text. For example, a `top_k` of 40 means the model will choose the + next word from the 40 most likely words. + type: number + frequencyPenalty: + description: >- + Optional. Penalizes tokens based on their frequency in the generated + text. A positive value helps to reduce the repetition of words and + phrases. Valid values can range from [-2.0, 2.0]. type: number format: float - GoogleCloudAiplatformV1UrlContextMetadata: - id: GoogleCloudAiplatformV1UrlContextMetadata - description: Metadata related to url context retrieval tool. - type: object - properties: - urlMetadata: - description: Output only. List of url context. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1UrlMetadata' - GoogleCloudAiplatformV1UrlMetadata: - id: GoogleCloudAiplatformV1UrlMetadata - description: Context of the a single url retrieval. - type: object - properties: - retrievedUrl: - description: Retrieved url by the tool. - type: string - urlRetrievalStatus: - description: Status of the url retrieval. - type: string + mediaResolution: enumDescriptions: - - Default value. This value is unused. - - Url retrieval is successful. - - Url retrieval is failed due to error. + - Media resolution has not been set. + - Media resolution set to low (64 tokens). + - Media resolution set to medium (256 tokens). + - Media resolution set to high (zoomed reframing with 256 tokens). enum: - - URL_RETRIEVAL_STATUS_UNSPECIFIED - - URL_RETRIEVAL_STATUS_SUCCESS - - URL_RETRIEVAL_STATUS_ERROR - GoogleCloudAiplatformV1GenerateContentResponsePromptFeedback: - id: GoogleCloudAiplatformV1GenerateContentResponsePromptFeedback - description: Content filter results for a prompt sent in the request. - type: object + - MEDIA_RESOLUTION_UNSPECIFIED + - MEDIA_RESOLUTION_LOW + - MEDIA_RESOLUTION_MEDIUM + - MEDIA_RESOLUTION_HIGH + type: string + description: >- + Optional. The token resolution at which input media content is + sampled. This is used to control the trade-off between the quality + of the response and the number of tokens used to represent the + media. A higher resolution allows the model to perceive more detail, + which can lead to a more nuanced response, but it will also use more + tokens. This does not affect the image dimensions sent to the model. + id: GoogleCloudAiplatformV1GenerationConfig + GoogleCloudAiplatformV1TrainingPipeline: + id: GoogleCloudAiplatformV1TrainingPipeline + description: >- + The TrainingPipeline orchestrates tasks associated with training a + Model. It always executes the training task, and optionally may also + export data from Vertex AI's Dataset which becomes the training input, + upload the Model to Vertex AI, and evaluate the Model. properties: - blockReason: - description: Output only. Blocked reason. - readOnly: true + state: type: string + readOnly: true + description: Output only. The detailed state of the pipeline. + enum: + - PIPELINE_STATE_UNSPECIFIED + - PIPELINE_STATE_QUEUED + - PIPELINE_STATE_PENDING + - PIPELINE_STATE_RUNNING + - PIPELINE_STATE_SUCCEEDED + - PIPELINE_STATE_FAILED + - PIPELINE_STATE_CANCELLING + - PIPELINE_STATE_CANCELLED + - PIPELINE_STATE_PAUSED enumDescriptions: - - Unspecified blocked reason. - - Candidates blocked due to safety. - - Candidates blocked due to other reason. + - The pipeline state is unspecified. - >- - Candidates blocked due to the terms which are included from the - terminology blocklist. - - Candidates blocked due to prohibited content. - - The user prompt was blocked by Model Armor. - - Candidates blocked due to unsafe image generation content. - enum: - - BLOCKED_REASON_UNSPECIFIED - - SAFETY - - OTHER - - BLOCKLIST - - PROHIBITED_CONTENT - - MODEL_ARMOR - - IMAGE_SAFETY - safetyRatings: - description: Output only. Safety ratings. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1SafetyRating' - blockReasonMessage: - description: Output only. A readable block reason message. - readOnly: true - type: string - GoogleCloudAiplatformV1GenerateContentResponseUsageMetadata: - id: GoogleCloudAiplatformV1GenerateContentResponseUsageMetadata - description: Usage metadata about response(s). - type: object - properties: - promptTokenCount: + The pipeline has been created or resumed, and processing has not + yet begun. + - The service is preparing to run the pipeline. + - The pipeline is in progress. + - The pipeline completed successfully. + - The pipeline failed. + - >- + The pipeline is being cancelled. From this state, the pipeline may + only go to either PIPELINE_STATE_SUCCEEDED, PIPELINE_STATE_FAILED + or PIPELINE_STATE_CANCELLED. + - The pipeline has been cancelled. + - The pipeline has been stopped, and can be resumed. + modelId: description: >- - Number of tokens in the request. When `cached_content` is set, this - is still the total effective prompt size meaning this includes the - number of tokens in the cached content. - type: integer - format: int32 - candidatesTokenCount: - description: Number of tokens in the response(s). - type: integer - format: int32 - toolUsePromptTokenCount: - description: Output only. Number of tokens present in tool-use prompt(s). - readOnly: true - type: integer - format: int32 - thoughtsTokenCount: - description: Output only. Number of tokens present in thoughts output. + Optional. The ID to use for the uploaded Model, which will become + the final component of the model resource name. This value may be up + to 63 characters, and valid characters are `[a-z0-9_-]`. The first + character cannot be a number or hyphen. + type: string + startTime: readOnly: true - type: integer - format: int32 - totalTokenCount: + format: google-datetime description: >- - Total token count for prompt, response candidates, and tool-use - prompts (if present). - type: integer - format: int32 - cachedContentTokenCount: + Output only. Time when the TrainingPipeline for the first time + entered the `PIPELINE_STATE_RUNNING` state. + type: string + labels: + type: object + description: >- + The labels with user-defined metadata to organize TrainingPipelines. + Label keys and values can be no longer than 64 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. See + https://goo.gl/xmQnxf for more information and examples of labels. + additionalProperties: + type: string + trainingTaskDefinition: description: >- - Output only. Number of tokens in the cached part in the input (the - cached content). + Required. A Google Cloud Storage path to the YAML file that defines + the training task which is responsible for producing the model + artifact, and may also include additional auxiliary work. The + definition files that can be used here are found in + gs://google-cloud-aiplatform/schema/trainingjob/definition/. Note: + The URI given on output will be immutable and probably different, + including the URI scheme, than the one given on input. The output + URI will point to a location where the user only has a read access. + type: string + endTime: + format: google-datetime readOnly: true - type: integer - format: int32 - promptTokensDetails: + type: string description: >- - Output only. List of modalities that were processed in the request - input. + Output only. Time when the TrainingPipeline entered any of the + following states: `PIPELINE_STATE_SUCCEEDED`, + `PIPELINE_STATE_FAILED`, `PIPELINE_STATE_CANCELLED`. + createTime: + format: google-datetime + type: string + description: Output only. Time when the TrainingPipeline was created. readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModalityTokenCount' - cacheTokensDetails: + updateTime: description: >- - Output only. List of modalities of the cached content in the request - input. + Output only. Time when the TrainingPipeline was most recently + updated. + type: string readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModalityTokenCount' - candidatesTokensDetails: - description: Output only. List of modalities that were returned in the response. + format: google-datetime + trainingTaskMetadata: readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModalityTokenCount' - toolUsePromptTokensDetails: description: >- - Output only. List of modalities that were processed for tool-use - request inputs. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModalityTokenCount' - trafficType: + Output only. The metadata information as specified in the + training_task_definition's `metadata`. This metadata is an auxiliary + runtime and final information about the training task. While the + pipeline is running this information is populated only at a best + effort basis. Only present if the pipeline's + training_task_definition contains `metadata` object. + type: any + error: description: >- - Output only. Traffic type. This shows whether a request consumes - Pay-As-You-Go or Provisioned Throughput quota. + Output only. Only populated when the pipeline's state is + `PIPELINE_STATE_FAILED` or `PIPELINE_STATE_CANCELLED`. readOnly: true + $ref: '#/components/schemas/GoogleRpcStatus' + inputDataConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1InputDataConfig' + description: >- + Specifies Vertex AI owned input data that may be used for training + the Model. The TrainingPipeline's training_task_definition should + make clear whether this config is used and if there are any special + requirements on how it should be filled. If nothing about this + config is mentioned in the training_task_definition, then it should + be assumed that the TrainingPipeline does not depend on this + configuration. + encryptionSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + description: >- + Customer-managed encryption key spec for a TrainingPipeline. If set, + this TrainingPipeline will be secured by this key. Note: Model + trained by this TrainingPipeline is also secured by this key if + model_to_upload is not set separately. + displayName: type: string - enumDescriptions: - - Unspecified request traffic type. - - Type for Pay-As-You-Go traffic. - - Type for Provisioned Throughput traffic. - enum: - - TRAFFIC_TYPE_UNSPECIFIED - - ON_DEMAND - - PROVISIONED_THROUGHPUT - GoogleCloudAiplatformV1ModalityTokenCount: - id: GoogleCloudAiplatformV1ModalityTokenCount - description: Represents token counting info for a single modality. - type: object - properties: - modality: - description: The modality associated with this token count. - type: string - enumDescriptions: - - Unspecified modality. - - Plain text. - - Image. - - Video. - - Audio. - - Document, e.g. PDF. - enum: - - MODALITY_UNSPECIFIED - - TEXT - - IMAGE - - VIDEO - - AUDIO - - DOCUMENT - tokenCount: - description: Number of tokens. - type: integer - format: int32 - GoogleCloudAiplatformV1CountTokensRequest: - id: GoogleCloudAiplatformV1CountTokensRequest - description: Request message for PredictionService.CountTokens. - type: object - properties: - model: + description: Required. The user-defined name of this TrainingPipeline. + trainingTaskInputs: + type: any description: >- - Optional. The name of the publisher model requested to serve the - prediction. Format: - `projects/{project}/locations/{location}/publishers/*/models/*` + Required. The training task's parameter(s), as specified in the + training_task_definition's `inputs`. + parentModel: type: string - instances: description: >- - Optional. The instances that are the input to token counting call. - Schema is identical to the prediction schema of the underlying - model. - type: array - items: - type: any - contents: - description: Optional. Input content. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - systemInstruction: + Optional. When specify this field, the `model_to_upload` will not be + uploaded as a new model, instead, it will become a new version of + this `parent_model`. + name: + type: string + description: Output only. Resource name of the TrainingPipeline. + readOnly: true + modelToUpload: description: >- - Optional. The user provided system instructions for the model. Note: - only text should be used in parts and content in each part will be - in a separate paragraph. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - tools: + Describes the Model that may be uploaded (via + ModelService.UploadModel) by this TrainingPipeline. The + TrainingPipeline's training_task_definition should make clear + whether this Model description should be populated, and if there are + any special requirements regarding how it should be filled. If + nothing is mentioned in the training_task_definition, then it should + be assumed that this field should not be filled and the training + task either uploads the Model without a need of this information, or + that training task does not support uploading a Model as part of the + pipeline. When the Pipeline's state becomes + `PIPELINE_STATE_SUCCEEDED` and the trained Model had been uploaded + into Vertex AI, then the model_to_upload's resource name is + populated. The Model is always uploaded into the Project and + Location in which this pipeline is. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Model' + type: object + GoogleCloudAiplatformV1SchemaModelevaluationMetricsTextExtractionEvaluationMetricsConfidenceMetrics: + properties: + confidenceThreshold: description: >- - Optional. A list of `Tools` the model may use to generate the next - response. A `Tool` is a piece of code that enables the system to - interact with external systems to perform an action, or set of - actions, outside of knowledge and scope of the model. + Metrics are computed with an assumption that the Model never returns + predictions with score lower than this value. + format: float + type: number + recall: + type: number + format: float + description: Recall (True Positive Rate) for the given confidence threshold. + precision: + format: float + type: number + description: Precision for the given confidence threshold. + f1Score: + format: float + description: The harmonic mean of recall and precision. + type: number + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsTextExtractionEvaluationMetricsConfidenceMetrics + type: object + GoogleCloudAiplatformV1FeatureViewDataKeyCompositeKey: + properties: + parts: type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tool' - generationConfig: + type: string description: >- - Optional. Generation config that the model will use to generate the - response. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenerationConfig' - GoogleCloudAiplatformV1CountTokensResponse: - id: GoogleCloudAiplatformV1CountTokensResponse - description: Response message for PredictionService.CountTokens. + Parts to construct Entity ID. Should match with the same ID columns + as defined in FeatureView in the same order. + description: ID that is comprised from several parts (columns). + type: object + id: GoogleCloudAiplatformV1FeatureViewDataKeyCompositeKey + GoogleRpcStatus: type: object + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + id: GoogleRpcStatus properties: - totalTokens: - description: >- - The total number of tokens counted across all instances from the - request. - type: integer + code: format: int32 - totalBillableCharacters: - description: >- - The total number of billable characters counted across all instances - from the request. + description: The status code, which should be an enum value of google.rpc.Code. type: integer - format: int32 - promptTokensDetails: + details: description: >- - Output only. List of modalities that were processed in the request - input. - readOnly: true - type: array + A list of messages that carry the error details. There is a common + set of message types for APIs to use. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModalityTokenCount' - GoogleCloudAiplatformV1ComputeTokensRequest: - id: GoogleCloudAiplatformV1ComputeTokensRequest - description: Request message for ComputeTokens RPC call. - type: object - properties: - instances: - description: >- - Optional. The instances that are the input to token computing API - call. Schema is identical to the prediction schema of the text - model, even for the non-text models, like chat models, or Codey - models. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object type: array - items: - type: any - model: + message: description: >- - Optional. The name of the publisher model requested to serve the - prediction. Format: - projects/{project}/locations/{location}/publishers/*/models/* + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - contents: - description: Optional. Input content. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - GoogleCloudAiplatformV1ComputeTokensResponse: - id: GoogleCloudAiplatformV1ComputeTokensResponse - description: Response message for ComputeTokens RPC call. - type: object + GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecSearchTrialSpec: + description: Represent spec for search trials. + id: GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecSearchTrialSpec properties: - tokensInfo: + searchTrialJobSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJobSpec' description: >- - Lists of tokens info from the input. A ComputeTokensRequest could - have multiple instances with a prompt in each instance. We also need - to return lists of tokens info for the request with multiple - instances. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TokensInfo' - GoogleCloudAiplatformV1TokensInfo: - id: GoogleCloudAiplatformV1TokensInfo - description: >- - Tokens info with a list of tokens and the corresponding list of token - ids. + Required. The spec of a search trial job. The same spec applies to + all search trials. + maxFailedTrialCount: + description: >- + The number of failed trials that need to be seen before failing the + NasJob. If set to 0, Vertex AI decides how many trials must fail + before the whole job fails. + format: int32 + type: integer + maxParallelTrialCount: + type: integer + format: int32 + description: Required. The maximum number of trials to run in parallel. + maxTrialCount: + type: integer + format: int32 + description: >- + Required. The maximum number of Neural Architecture Search (NAS) + trials to run. type: object + GoogleIamV1TestIamPermissionsResponse: + description: Response message for `TestIamPermissions` method. properties: - tokens: - description: A list of tokens from the input. - type: array + permissions: + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. items: type: string - format: byte - tokenIds: - description: A list of token ids from the input. type: array - items: - type: string - format: int64 - role: - description: >- - Optional. Optional fields for the role from the corresponding - Content. - type: string - GoogleCloudAiplatformV1FindNeighborsRequest: - id: GoogleCloudAiplatformV1FindNeighborsRequest - description: The request message for MatchService.FindNeighbors. + id: GoogleIamV1TestIamPermissionsResponse + type: object + GoogleCloudAiplatformV1Study: + id: GoogleCloudAiplatformV1Study type: object + description: A message representing a Study. properties: - deployedIndexId: - description: >- - The ID of the DeployedIndex that will serve the request. This - request is sent to a specific IndexEndpoint, as per the - IndexEndpoint.network. That IndexEndpoint also has - IndexEndpoint.deployed_indexes, and each such index has a - DeployedIndex.id field. The value of the field below must equal one - of the DeployedIndex.id fields of the IndexEndpoint that is being - called for this request. + state: + description: Output only. The detailed state of a Study. + enumDescriptions: + - The study state is unspecified. + - The study is active. + - The study is stopped due to an internal error. + - >- + The study is done when the service exhausts the parameter search + space or max_trial_count is reached. + readOnly: true type: string - queries: - description: The list of queries. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FindNeighborsRequestQuery - returnFullDatapoint: - description: >- - If set to true, the full datapoints (including all vector values and - restricts) of the nearest neighbors are returned. Note that - returning full datapoint will significantly increase the latency and - cost of the query. - type: boolean - GoogleCloudAiplatformV1FindNeighborsRequestQuery: - id: GoogleCloudAiplatformV1FindNeighborsRequestQuery - description: >- - A query to find a number of the nearest neighbors (most similar vectors) - of a vector. - type: object - properties: - rrf: - description: Optional. Represents RRF algorithm that combines search results. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FindNeighborsRequestQueryRRF - datapoint: - description: >- - Required. The datapoint/vector whose nearest neighbors should be - searched for. - $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexDatapoint' - neighborCount: - description: >- - The number of nearest neighbors to be retrieved from database for - each query. If not set, will use the default from the service - configuration - (https://cloud.google.com/vertex-ai/docs/matching-engine/configuring-indexes#nearest-neighbor-search-config). - type: integer - format: int32 - perCrowdingAttributeNeighborCount: - description: >- - Crowding is a constraint on a neighbor list produced by nearest - neighbor search requiring that no more than some value k' of the k - neighbors returned have the same value of crowding_attribute. It's - used for improving result diversity. This field is the maximum - number of matches with the same crowding tag. - type: integer - format: int32 - approximateNeighborCount: + enum: + - STATE_UNSPECIFIED + - ACTIVE + - INACTIVE + - COMPLETED + name: description: >- - The number of neighbors to find via approximate search before exact - reordering is performed. If not set, the default value from scam - config is used; if set, this value must be > 0. - type: integer - format: int32 - fractionLeafNodesToSearchOverride: + Output only. The name of a study. The study's globally unique + identifier. Format: + `projects/{project}/locations/{location}/studies/{study}` + readOnly: true + type: string + createTime: + type: string + readOnly: true + format: google-datetime + description: Output only. Time at which the study was created. + displayName: + description: Required. Describes the Study, default value is empty string. + type: string + inactiveReason: description: >- - The fraction of the number of leaves to search, set at query time - allows user to tune search performance. This value increase result - in both search accuracy and latency increase. The value should be - between 0.0 and 1.0. If not set or set to 0.0, query uses the - default value specified in - NearestNeighborSearchConfig.TreeAHConfig.fraction_leaf_nodes_to_search. - type: number - format: double - GoogleCloudAiplatformV1FindNeighborsRequestQueryRRF: - id: GoogleCloudAiplatformV1FindNeighborsRequestQueryRRF - description: Parameters for RRF algorithm that combines search results. - type: object + Output only. A human readable reason why the Study is inactive. This + should be empty if a study is ACTIVE or COMPLETED. + readOnly: true + type: string + studySpec: + description: Required. Configuration of the Study. + $ref: '#/components/schemas/GoogleCloudAiplatformV1StudySpec' + GoogleCloudAiplatformV1ListRagCorporaResponse: properties: - alpha: + nextPageToken: description: >- - Required. Users can provide an alpha value to give more weight to - dense vs sparse results. For example, if the alpha is 0, we only - return sparse and if the alpha is 1, we only return dense. - type: number - format: float - GoogleCloudAiplatformV1FindNeighborsResponse: - id: GoogleCloudAiplatformV1FindNeighborsResponse - description: The response message for MatchService.FindNeighbors. - type: object - properties: - nearestNeighbors: - description: The nearest neighbors of the query datapoints. + A token to retrieve the next page of results. Pass to + ListRagCorporaRequest.page_token to obtain that page. + type: string + ragCorpora: type: array items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FindNeighborsResponseNearestNeighbors - GoogleCloudAiplatformV1FindNeighborsResponseNearestNeighbors: - id: GoogleCloudAiplatformV1FindNeighborsResponseNearestNeighbors - description: Nearest neighbors for one query. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagCorpus' + description: List of RagCorpora in the requested page. + description: Response message for VertexRagDataService.ListRagCorpora. + id: GoogleCloudAiplatformV1ListRagCorporaResponse + type: object + GoogleCloudAiplatformV1DirectRawPredictResponse: type: object + description: Response message for PredictionService.DirectRawPredict. + id: GoogleCloudAiplatformV1DirectRawPredictResponse properties: - id: - description: The ID of the query datapoint. + output: + format: byte type: string - neighbors: - description: All its neighbors. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FindNeighborsResponseNeighbor - GoogleCloudAiplatformV1FindNeighborsResponseNeighbor: - id: GoogleCloudAiplatformV1FindNeighborsResponseNeighbor - description: A neighbor of the query vector. + description: The prediction output. + GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoActionMetricsConfidenceMetrics: type: object + description: Metrics for a single confidence threshold. + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoActionMetricsConfidenceMetrics properties: - datapoint: + confidenceThreshold: + format: float description: >- - The datapoint of the neighbor. Note that full datapoints are - returned only when "return_full_datapoint" is set to true. - Otherwise, only the "datapoint_id" and "crowding_tag" fields are - populated. - $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexDatapoint' - distance: - description: The distance between the neighbor and the dense embedding query. + Output only. The confidence threshold value used to compute the + metrics. type: number - format: double - sparseDistance: - description: The distance between the neighbor and the query sparse_embedding. + precision: type: number - format: double - GoogleCloudAiplatformV1ReadIndexDatapointsRequest: - id: GoogleCloudAiplatformV1ReadIndexDatapointsRequest - description: The request message for MatchService.ReadIndexDatapoints. + format: float + description: Output only. Precision for the given confidence threshold. + recall: + format: float + description: Output only. Recall for the given confidence threshold. + type: number + f1Score: + description: Output only. The harmonic mean of recall and precision. + type: number + format: float + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationAutoTransformation: type: object properties: - deployedIndexId: - description: The ID of the DeployedIndex that will serve the request. + columnName: type: string - ids: - description: IDs of the datapoints to be searched for. - type: array - items: - type: string - GoogleCloudAiplatformV1ReadIndexDatapointsResponse: - id: GoogleCloudAiplatformV1ReadIndexDatapointsResponse - description: The response message for MatchService.ReadIndexDatapoints. - type: object - properties: - datapoints: - description: The result list of datapoints. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexDatapoint' - GoogleCloudAiplatformV1MetadataStore: - id: GoogleCloudAiplatformV1MetadataStore description: >- - Instance of a metadata store. Contains a set of metadata that can be - queried. - type: object + Training pipeline will infer the proper transformation based on the + statistic of dataset. + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationAutoTransformation + GoogleCloudAiplatformV1CandidateResponse: properties: - name: - description: Output only. The resource name of the MetadataStore instance. - readOnly: true - type: string - createTime: - description: Output only. Timestamp when this MetadataStore was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when this MetadataStore was last updated. - readOnly: true + candidate: type: string - format: google-datetime - encryptionSpec: + description: Required. The name of the candidate that produced the response. + value: description: >- - Customer-managed encryption key spec for a Metadata Store. If set, - this Metadata Store and all sub-resources of this Metadata Store are - secured using this key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - description: - description: Description of the MetadataStore. + Fields and values that can be used to populate the response + template. + type: any + text: type: string - state: - description: Output only. State information of the MetadataStore. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1MetadataStoreMetadataStoreState - dataplexConfig: - description: Optional. Dataplex integration settings. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1MetadataStoreDataplexConfig - GoogleCloudAiplatformV1MetadataStoreMetadataStoreState: - id: GoogleCloudAiplatformV1MetadataStoreMetadataStoreState - description: Represents state information for a MetadataStore. + description: Text response. + description: Responses from model or agent. + type: object + id: GoogleCloudAiplatformV1CandidateResponse + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationAutoTransformation: + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationAutoTransformation type: object properties: - diskUtilizationBytes: - description: The disk utilization of the MetadataStore in bytes. + columnName: type: string - format: int64 - GoogleCloudAiplatformV1MetadataStoreDataplexConfig: - id: GoogleCloudAiplatformV1MetadataStoreDataplexConfig - description: Represents Dataplex integration settings. - type: object + description: >- + Training pipeline will infer the proper transformation based on the + statistic of dataset. + CloudAiPlatformCommonCreatePipelineJobApiErrorDetail: + description: Create API error message for Vertex Pipeline. properties: - enabledPipelinesLineage: - description: >- - Optional. Whether or not Data Lineage synchronization is enabled for - Vertex Pipelines. - type: boolean - GoogleCloudAiplatformV1ListMetadataStoresResponse: - id: GoogleCloudAiplatformV1ListMetadataStoresResponse - description: Response message for MetadataService.ListMetadataStores. + errorCause: + description: The error root cause returned by CreatePipelineJob API. + enumDescriptions: + - Should never be used. + - IR Pipeline Spec can not been parsed to yaml or json format. + - A pipeline spec is invalid. + - A deployment config is invalid. + - A deployment spec is invalid. + - An instance schema is invalid. + - A custom job is invalid. + - A container spec is invalid. + - Notification email setup is invalid. + - Service account setup is invalid. + - KMS setup is invalid. + - Network setup is invalid. + - Task spec is invalid. + - Task artifact is invalid. + - Importer spec is invalid. + - Resolver spec is invalid. + - Runtime Parameters are invalid. + - Cloud API not enabled. + - Invalid Cloud Storage input uri + - Invalid Cloud Storage output uri + - Component spec of pipeline is invalid. + - DagOutputsSpec is invalid. + - DagSpec is invalid. + - Project does not have enough quota. + - An internal error with unknown cause. + type: string + enum: + - ERROR_CAUSE_UNSPECIFIED + - INVALID_PIPELINE_SPEC_FORMAT + - INVALID_PIPELINE_SPEC + - INVALID_DEPLOYMENT_CONFIG + - INVALID_DEPLOYMENT_SPEC + - INVALID_INSTANCE_SCHEMA + - INVALID_CUSTOM_JOB + - INVALID_CONTAINER_SPEC + - INVALID_NOTIFICATION_EMAIL_SETUP + - INVALID_SERVICE_ACCOUNT_SETUP + - INVALID_KMS_SETUP + - INVALID_NETWORK_SETUP + - INVALID_PIPELINE_TASK_SPEC + - INVALID_PIPELINE_TASK_ARTIFACT + - INVALID_IMPORTER_SPEC + - INVALID_RESOLVER_SPEC + - INVALID_RUNTIME_PARAMETERS + - CLOUD_API_NOT_ENABLED + - INVALID_GCS_INPUT_URI + - INVALID_GCS_OUTPUT_URI + - INVALID_COMPONENT_SPEC + - INVALID_DAG_OUTPUTS_SPEC + - INVALID_DAG_SPEC + - INSUFFICIENT_QUOTA + - INTERNAL + publicMessage: + description: Public messages contains actionable items for the error cause. + type: string type: object + id: CloudAiPlatformCommonCreatePipelineJobApiErrorDetail + GoogleCloudAiplatformV1ListIndexEndpointsResponse: + id: GoogleCloudAiplatformV1ListIndexEndpointsResponse + description: Response message for IndexEndpointService.ListIndexEndpoints. properties: - metadataStores: - description: The MetadataStores found for the Location. - type: array + indexEndpoints: + description: List of IndexEndpoints in the requested page. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1MetadataStore' + $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexEndpoint' + type: array nextPageToken: description: >- - A token, which can be sent as ListMetadataStoresRequest.page_token - to retrieve the next page. If this field is not populated, there are - no subsequent pages. + A token to retrieve next page of results. Pass to + ListIndexEndpointsRequest.page_token to obtain that page. type: string - GoogleCloudAiplatformV1Artifact: - id: GoogleCloudAiplatformV1Artifact - description: Instance of a general artifact. + type: object + GoogleCloudAiplatformV1PreferenceOptimizationDataStats: type: object properties: - name: - description: Output only. The resource name of the Artifact. + userDatasetExamples: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GeminiPreferenceExample + type: array readOnly: true + description: Output only. Sample user examples in the training dataset. + tuningDatasetExampleCount: + format: int64 + description: Output only. Number of examples in the tuning dataset. type: string - displayName: - description: >- - User provided display name of the Artifact. May be up to 128 Unicode - characters. - type: string - uri: - description: >- - The uniform resource identifier of the artifact file. May be empty - if there is no actual artifact file. - type: string - etag: - description: >- - An eTag used to perform consistent read-modify-write updates. If not - set, a blind "overwrite" update happens. - type: string - labels: + readOnly: true + userOutputTokenDistribution: + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetDistribution' + description: Output only. Dataset distributions for the user output tokens. + droppedExampleReasons: description: >- - The labels with user-defined metadata to organize your Artifacts. - Label keys and values can be no longer than 64 characters (Unicode - codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. No - more than 64 user labels can be associated with one Artifact (System - labels are excluded). - type: object - additionalProperties: + Output only. For each index in `dropped_example_indices`, the + user-facing reason why the example was dropped. + type: array + items: type: string - createTime: - description: Output only. Timestamp when this Artifact was created. readOnly: true + totalBillableTokenCount: + format: int64 type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when this Artifact was last updated. + description: Output only. Number of billable tokens in the tuning dataset. + readOnly: true + tuningStepCount: + format: int64 readOnly: true + description: Output only. Number of tuning steps for this Tuning Job. type: string - format: google-datetime - state: + scoreVariancePerExampleDistribution: + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetDistribution' + description: Output only. Dataset distributions for scores variance per example. + userInputTokenDistribution: + description: Output only. Dataset distributions for the user input tokens. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetDistribution' + readOnly: true + droppedExampleIndices: + items: + format: int64 + type: string + type: array description: >- - The state of this Artifact. This is a property of the Artifact, and - does not imply or capture any ongoing process. This property is - managed by clients (such as Vertex AI Pipelines), and the system - does not prescribe or check the validity of state transitions. + Output only. A partial sample of the indices (starting from 1) of + the dropped examples. + readOnly: true + scoresDistribution: + readOnly: true + description: Output only. Dataset distributions for scores. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetDistribution' + description: Statistics computed for datasets used for preference optimization. + id: GoogleCloudAiplatformV1PreferenceOptimizationDataStats + GoogleCloudAiplatformV1MigratableResource: + description: >- + Represents one resource that exists in automl.googleapis.com, + datalabeling.googleapis.com or ml.googleapis.com. + type: object + id: GoogleCloudAiplatformV1MigratableResource + properties: + lastUpdateTime: type: string - enumDescriptions: - - Unspecified state for the Artifact. - - >- - A state used by systems like Vertex AI Pipelines to indicate that - the underlying data item represented by this Artifact is being - created. - - >- - A state indicating that the Artifact should exist, unless - something external to the system deletes it. - enum: - - STATE_UNSPECIFIED - - PENDING - - LIVE - schemaTitle: + format: google-datetime description: >- - The title of the schema describing the metadata. Schema title and - version is expected to be registered in earlier Create Schema calls. - And both are used together as unique identifiers to identify schemas - within the local metadata store. + Output only. Timestamp when this MigratableResource was last + updated. + readOnly: true + automlDataset: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MigratableResourceAutomlDataset + description: Output only. Represents one Dataset in automl.googleapis.com. + readOnly: true + automlModel: + description: Output only. Represents one Model in automl.googleapis.com. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MigratableResourceAutomlModel + readOnly: true + dataLabelingDataset: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MigratableResourceDataLabelingDataset + readOnly: true + description: Output only. Represents one Dataset in datalabeling.googleapis.com. + lastMigrateTime: + readOnly: true + format: google-datetime type: string - schemaVersion: description: >- - The version of the schema in schema_name to use. Schema title and - version is expected to be registered in earlier Create Schema calls. - And both are used together as unique identifiers to identify schemas - within the local metadata store. + Output only. Timestamp when the last migration attempt on this + MigratableResource started. Will not be set if there's no migration + attempt on this MigratableResource. + mlEngineModelVersion: + description: Output only. Represents one Version in ml.googleapis.com. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MigratableResourceMlEngineModelVersion + readOnly: true + GoogleCloudAiplatformV1FeatureViewDataKey: + type: object + id: GoogleCloudAiplatformV1FeatureViewDataKey + description: Lookup key for a feature view. + properties: + key: + description: String key to use for lookup. type: string - metadata: + compositeKey: description: >- - Properties of the Artifact. Top level metadata keys' heading and - trailing spaces will be trimmed. The size of this field should not - exceed 200KB. - type: object - additionalProperties: - type: any - description: Properties of the object. - description: - description: Description of the Artifact - type: string - GoogleCloudAiplatformV1ListArtifactsResponse: - id: GoogleCloudAiplatformV1ListArtifactsResponse - description: Response message for MetadataService.ListArtifacts. + The actual Entity ID will be composed from this struct. This should + match with the way ID is defined in the FeatureView spec. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureViewDataKeyCompositeKey + GoogleCloudAiplatformV1VideoMetadata: type: object + id: GoogleCloudAiplatformV1VideoMetadata + description: >- + Provides metadata for a video, including the start and end offsets for + clipping and the frame rate. properties: - artifacts: - description: The Artifacts retrieved from the MetadataStore. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Artifact' - nextPageToken: + fps: + type: number + format: double description: >- - A token, which can be sent as ListArtifactsRequest.page_token to - retrieve the next page. If this field is not populated, there are no - subsequent pages. + Optional. The frame rate of the video sent to the model. If not + specified, the default value is 1.0. The valid range is (0.0, 24.0]. + startOffset: + description: Optional. The start offset of the video. + format: google-duration type: string - GoogleCloudAiplatformV1PurgeArtifactsRequest: - id: GoogleCloudAiplatformV1PurgeArtifactsRequest - description: Request message for MetadataService.PurgeArtifacts. - type: object + endOffset: + description: Optional. The end offset of the video. + format: google-duration + type: string + GoogleCloudAiplatformV1FetchPredictOperationRequest: properties: - filter: - description: >- - Required. A required filter matching the Artifacts to be purged. - E.g., `update_time <= 2020-11-19T11:30:00-04:00`. + operationName: type: string - force: - description: >- - Optional. Flag to indicate to actually perform the purge. If `force` - is set to false, the method will return a sample of Artifact names - that would be deleted. - type: boolean - GoogleCloudAiplatformV1Context: - id: GoogleCloudAiplatformV1Context - description: Instance of a general context. + description: Required. The server-assigned name for the operation. + description: Request message for PredictionService.FetchPredictOperation. + type: object + id: GoogleCloudAiplatformV1FetchPredictOperationRequest + GoogleCloudAiplatformV1ContentMapContents: type: object + description: Repeated Content type. + id: GoogleCloudAiplatformV1ContentMapContents properties: - name: - description: Immutable. The resource name of the Context. - type: string - displayName: - description: >- - User provided display name of the Context. May be up to 128 Unicode - characters. - type: string - etag: - description: >- - An eTag used to perform consistent read-modify-write updates. If not - set, a blind "overwrite" update happens. - type: string - labels: - description: >- - The labels with user-defined metadata to organize your Contexts. - Label keys and values can be no longer than 64 characters (Unicode - codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. No - more than 64 user labels can be associated with one Context (System - labels are excluded). - type: object - additionalProperties: - type: string - createTime: - description: Output only. Timestamp when this Context was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when this Context was last updated. - readOnly: true - type: string - format: google-datetime - parentContexts: - description: >- - Output only. A list of resource names of Contexts that are parents - of this Context. A Context may have at most 10 parent_contexts. - readOnly: true - type: array + contents: items: - type: string - schemaTitle: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + description: Optional. Repeated contents. + type: array + GoogleCloudAiplatformV1StudySpecMetricSpec: + properties: + safetyConfig: description: >- - The title of the schema describing the metadata. Schema title and - version is expected to be registered in earlier Create Schema calls. - And both are used together as unique identifiers to identify schemas - within the local metadata store. + Used for safe search. In the case, the metric will be a safety + metric. You must provide a separate metric for objective metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1StudySpecMetricSpecSafetyMetricConfig + goal: type: string - schemaVersion: - description: >- - The version of the schema in schema_name to use. Schema title and - version is expected to be registered in earlier Create Schema calls. - And both are used together as unique identifiers to identify schemas - within the local metadata store. + description: Required. The optimization goal of the metric. + enum: + - GOAL_TYPE_UNSPECIFIED + - MAXIMIZE + - MINIMIZE + enumDescriptions: + - Goal Type will default to maximize. + - Maximize the goal metric. + - Minimize the goal metric. + metricId: type: string - metadata: description: >- - Properties of the Context. Top level metadata keys' heading and - trailing spaces will be trimmed. The size of this field should not - exceed 200KB. - type: object - additionalProperties: - type: any - description: Properties of the object. - description: - description: Description of the Context - type: string - GoogleCloudAiplatformV1ListContextsResponse: - id: GoogleCloudAiplatformV1ListContextsResponse - description: Response message for MetadataService.ListContexts. + Required. The ID of the metric. Must not contain whitespaces and + must be unique amongst all MetricSpecs. + description: Represents a metric to optimize. + type: object + id: GoogleCloudAiplatformV1StudySpecMetricSpec + GoogleCloudAiplatformV1ReadTensorboardBlobDataResponse: + description: Response message for TensorboardService.ReadTensorboardBlobData. type: object properties: - contexts: - description: The Contexts retrieved from the MetadataStore. - type: array + blobs: + description: Blob messages containing blob bytes. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Context' - nextPageToken: - description: >- - A token, which can be sent as ListContextsRequest.page_token to - retrieve the next page. If this field is not populated, there are no - subsequent pages. + $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardBlob' + type: array + id: GoogleCloudAiplatformV1ReadTensorboardBlobDataResponse + GoogleCloudAiplatformV1DeployedIndexAuthConfig: + properties: + authProvider: + description: Defines the authentication provider that the DeployedIndex uses. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1DeployedIndexAuthConfigAuthProvider + description: Used to set up the auth on the DeployedIndex's private endpoint. + type: object + id: GoogleCloudAiplatformV1DeployedIndexAuthConfig + GoogleCloudAiplatformV1QuestionAnsweringCorrectnessResult: + properties: + confidence: + description: Output only. Confidence for question answering correctness score. + type: number + format: float + readOnly: true + explanation: + readOnly: true type: string - GoogleCloudAiplatformV1PurgeContextsRequest: - id: GoogleCloudAiplatformV1PurgeContextsRequest - description: Request message for MetadataService.PurgeContexts. + description: Output only. Explanation for question answering correctness score. + score: + type: number + format: float + readOnly: true + description: Output only. Question Answering Correctness score. + description: Spec for question answering correctness result. + id: GoogleCloudAiplatformV1QuestionAnsweringCorrectnessResult type: object + GoogleCloudAiplatformV1PurgeMemoriesRequest: + id: GoogleCloudAiplatformV1PurgeMemoriesRequest properties: filter: description: >- - Required. A required filter matching the Contexts to be purged. - E.g., `update_time <= 2020-11-19T11:30:00-04:00`. + Required. The standard list filter to determine which memories to + purge. More detail in [AIP-160](https://google.aip.dev/160). type: string force: description: >- - Optional. Flag to indicate to actually perform the purge. If `force` - is set to false, the method will return a sample of Context names - that would be deleted. + Optional. If true, the memories will actually be purged. If false, + the purge request will be validated but not executed. type: boolean - GoogleCloudAiplatformV1AddContextArtifactsAndExecutionsRequest: - id: GoogleCloudAiplatformV1AddContextArtifactsAndExecutionsRequest - description: Request message for MetadataService.AddContextArtifactsAndExecutions. type: object + description: Request message for MemoryBankService.PurgeMemories. + GoogleCloudAiplatformV1CopyModelResponse: + id: GoogleCloudAiplatformV1CopyModelResponse + type: object + description: Response message of ModelService.CopyModel operation. properties: - artifacts: - description: >- - The resource names of the Artifacts to attribute to the Context. - Format: - `projects/{project}/locations/{location}/metadataStores/{metadatastore}/artifacts/{artifact}` - type: array - items: - type: string - executions: + model: + type: string description: >- - The resource names of the Executions to associate with the Context. - Format: - `projects/{project}/locations/{location}/metadataStores/{metadatastore}/executions/{execution}` - type: array - items: - type: string - GoogleCloudAiplatformV1AddContextArtifactsAndExecutionsResponse: - id: GoogleCloudAiplatformV1AddContextArtifactsAndExecutionsResponse - description: Response message for MetadataService.AddContextArtifactsAndExecutions. + The name of the copied Model resource. Format: + `projects/{project}/locations/{location}/models/{model}` + modelVersionId: + readOnly: true + description: Output only. The version ID of the model that is copied. + type: string + GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrixAnnotationSpecRef: + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrixAnnotationSpecRef + properties: + id: + type: string + description: ID of the AnnotationSpec. + displayName: + description: Display name of the AnnotationSpec. + type: string type: object - properties: {} - GoogleCloudAiplatformV1AddContextChildrenRequest: - id: GoogleCloudAiplatformV1AddContextChildrenRequest - description: Request message for MetadataService.AddContextChildren. + GoogleCloudAiplatformV1NearestNeighbors: type: object + id: GoogleCloudAiplatformV1NearestNeighbors properties: - childContexts: - description: The resource names of the child Contexts. + neighbors: type: array + description: All its neighbors. items: - type: string - GoogleCloudAiplatformV1AddContextChildrenResponse: - id: GoogleCloudAiplatformV1AddContextChildrenResponse - description: Response message for MetadataService.AddContextChildren. - type: object - properties: {} - GoogleCloudAiplatformV1RemoveContextChildrenRequest: - id: GoogleCloudAiplatformV1RemoveContextChildrenRequest - description: Request message for MetadataService.DeleteContextChildrenRequest. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NearestNeighborsNeighbor + description: Nearest neighbors for one query. + GoogleCloudAiplatformV1Int64Array: type: object + id: GoogleCloudAiplatformV1Int64Array properties: - childContexts: - description: The resource names of the child Contexts. + values: + description: A list of int64 values. type: array items: type: string - GoogleCloudAiplatformV1RemoveContextChildrenResponse: - id: GoogleCloudAiplatformV1RemoveContextChildrenResponse - description: Response message for MetadataService.RemoveContextChildren. + format: int64 + description: A list of int64 values. + GoogleCloudAiplatformV1UndeployModelResponse: type: object + description: Response message for EndpointService.UndeployModel. + id: GoogleCloudAiplatformV1UndeployModelResponse properties: {} - GoogleCloudAiplatformV1LineageSubgraph: - id: GoogleCloudAiplatformV1LineageSubgraph - description: >- - A subgraph of the overall lineage graph. Event edges connect Artifact - and Execution nodes. + GoogleCloudAiplatformV1ListFeaturesResponse: type: object properties: - artifacts: - description: The Artifact nodes in the subgraph. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Artifact' - executions: - description: The Execution nodes in the subgraph. - type: array + nextPageToken: + type: string + description: >- + A token, which can be sent as ListFeaturesRequest.page_token to + retrieve the next page. If this field is omitted, there are no + subsequent pages. + features: + description: The Features matching the request. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Execution' - events: - description: The Event edges between Artifacts and Executions in the subgraph. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Event' - GoogleCloudAiplatformV1Execution: - id: GoogleCloudAiplatformV1Execution - description: Instance of a general execution. - type: object + id: GoogleCloudAiplatformV1ListFeaturesResponse + description: >- + Response message for FeaturestoreService.ListFeatures. Response message + for FeatureRegistryService.ListFeatures. + GoogleCloudAiplatformV1QuestionAnsweringCorrectnessSpec: properties: - name: - description: Output only. The resource name of the Execution. - readOnly: true - type: string - displayName: + version: + description: Optional. Which version to use for evaluation. + format: int32 + type: integer + useReference: + type: boolean description: >- - User provided display name of the Execution. May be up to 128 - Unicode characters. + Optional. Whether to use instance.reference to compute question + answering correctness. + description: Spec for question answering correctness metric. + type: object + id: GoogleCloudAiplatformV1QuestionAnsweringCorrectnessSpec + GoogleCloudAiplatformV1Session: + id: GoogleCloudAiplatformV1Session + type: object + properties: + userId: type: string - state: - description: >- - The state of this Execution. This is a property of the Execution, - and does not imply or capture any ongoing process. This property is - managed by clients (such as Vertex AI Pipelines) and the system does - not prescribe or check the validity of state transitions. + description: Required. Immutable. String id provided by the user + expireTime: type: string - enumDescriptions: - - Unspecified Execution state - - The Execution is new - - The Execution is running - - The Execution has finished running - - The Execution has failed - - The Execution completed through Cache hit. - - The Execution was cancelled. - enum: - - STATE_UNSPECIFIED - - NEW - - RUNNING - - COMPLETE - - FAILED - - CACHED - - CANCELLED - etag: description: >- - An eTag used to perform consistent read-modify-write updates. If not - set, a blind "overwrite" update happens. - type: string - labels: + Optional. Timestamp of when this session is considered expired. This + is *always* provided on output, regardless of what was sent on + input. The minimum value is 24 hours from the time of creation. + format: google-datetime + sessionState: + additionalProperties: + type: any + description: Properties of the object. description: >- - The labels with user-defined metadata to organize your Executions. - Label keys and values can be no longer than 64 characters (Unicode - codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. No - more than 64 user labels can be associated with one Execution - (System labels are excluded). + Optional. Session specific memory which stores key conversation + points. type: object - additionalProperties: - type: string createTime: - description: Output only. Timestamp when this Execution was created. - readOnly: true type: string format: google-datetime + readOnly: true + description: Output only. Timestamp when the session was created. updateTime: - description: Output only. Timestamp when this Execution was last updated. + format: google-datetime readOnly: true type: string - format: google-datetime - schemaTitle: - description: >- - The title of the schema describing the metadata. Schema title and - version is expected to be registered in earlier Create Schema calls. - And both are used together as unique identifiers to identify schemas - within the local metadata store. + description: Output only. Timestamp when the session was updated. + name: type: string - schemaVersion: description: >- - The version of the schema in `schema_title` to use. Schema title and - version is expected to be registered in earlier Create Schema calls. - And both are used together as unique identifiers to identify schemas - within the local metadata store. + Identifier. The resource name of the session. Format: + 'projects/{project}/locations/{location}/reasoningEngines/{reasoning_engine}/sessions/{session}'. + displayName: + description: Optional. The display name of the session. type: string - metadata: + labels: description: >- - Properties of the Execution. Top level metadata keys' heading and - trailing spaces will be trimmed. The size of this field should not - exceed 200KB. + The labels with user-defined metadata to organize your Sessions. + Label keys and values can be no longer than 64 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. See + https://goo.gl/xmQnxf for more information and examples of labels. type: object additionalProperties: - type: any - description: Properties of the object. - description: - description: Description of the Execution + type: string + ttl: + format: google-duration + description: >- + Optional. Input only. The TTL for this session. The minimum value is + 24 hours. type: string - GoogleCloudAiplatformV1Event: - id: GoogleCloudAiplatformV1Event - description: >- - An edge describing the relationship between an Artifact and an Execution - in a lineage graph. + description: A session contains a set of actions between users and Vertex agents. + GoogleCloudAiplatformV1SchemaModelevaluationMetricsBoundingBoxMetricsConfidenceMetrics: type: object + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsBoundingBoxMetricsConfidenceMetrics + description: Metrics for a single confidence threshold. properties: - artifact: - description: Required. The relative resource name of the Artifact in the Event. + recall: + type: number + description: Recall under the given confidence threshold. + format: float + f1Score: + type: number + format: float + description: The harmonic mean of recall and precision. + confidenceThreshold: + description: The confidence threshold value used to compute the metrics. + type: number + format: float + precision: + description: Precision under the given confidence threshold. + type: number + format: float + GoogleCloudAiplatformV1FindNeighborsRequestQueryRRF: + id: GoogleCloudAiplatformV1FindNeighborsRequestQueryRRF + description: Parameters for RRF algorithm that combines search results. + type: object + properties: + alpha: + type: number + format: float + description: >- + Required. Users can provide an alpha value to give more weight to + dense vs sparse results. For example, if the alpha is 0, we only + return sparse and if the alpha is 1, we only return dense. + GoogleCloudAiplatformV1CompletionStats: + id: GoogleCloudAiplatformV1CompletionStats + properties: + failedCount: + format: int64 type: string - execution: description: >- - Output only. The relative resource name of the Execution in the - Event. + Output only. The number of entities for which any error was + encountered. readOnly: true + successfulCount: + format: int64 type: string - eventTime: - description: Output only. Time the Event occurred. readOnly: true + description: >- + Output only. The number of entities that had been processed + successfully. + successfulForecastPointCount: type: string - format: google-datetime - type: - description: Required. The type of the Event. - type: string - enumDescriptions: - - Unspecified whether input or output of the Execution. - - An input of the Execution. - - An output of the Execution. - enum: - - TYPE_UNSPECIFIED - - INPUT - - OUTPUT - labels: description: >- - The labels with user-defined metadata to annotate Events. Label keys - and values can be no longer than 64 characters (Unicode codepoints), - can only contain lowercase letters, numeric characters, underscores - and dashes. International characters are allowed. No more than 64 - user labels can be associated with one Event (System labels are - excluded). See https://goo.gl/xmQnxf for more information and - examples of labels. System reserved label keys are prefixed with - "aiplatform.googleapis.com/" and are immutable. - type: object - additionalProperties: - type: string - GoogleCloudAiplatformV1ListExecutionsResponse: - id: GoogleCloudAiplatformV1ListExecutionsResponse - description: Response message for MetadataService.ListExecutions. - type: object - properties: - executions: - description: The Executions retrieved from the MetadataStore. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Execution' - nextPageToken: + Output only. The number of the successful forecast points that are + generated by the forecasting model. This is ONLY used by the + forecasting batch prediction. + format: int64 + readOnly: true + incompleteCount: description: >- - A token, which can be sent as ListExecutionsRequest.page_token to - retrieve the next page. If this field is not populated, there are no - subsequent pages. + Output only. In cases when enough errors are encountered a job, + pipeline, or operation may be failed as a whole. Below is the number + of entities for which the processing had not been finished (either + in successful or failed state). Set to -1 if the number is unknown + (for example, the operation failed before the total entity number + could be collected). type: string - GoogleCloudAiplatformV1PurgeExecutionsRequest: - id: GoogleCloudAiplatformV1PurgeExecutionsRequest - description: Request message for MetadataService.PurgeExecutions. + readOnly: true + format: int64 type: object - properties: - filter: - description: >- - Required. A required filter matching the Executions to be purged. - E.g., `update_time <= 2020-11-19T11:30:00-04:00`. - type: string - force: - description: >- - Optional. Flag to indicate to actually perform the purge. If `force` - is set to false, the method will return a sample of Execution names - that would be deleted. - type: boolean - GoogleCloudAiplatformV1AddExecutionEventsRequest: - id: GoogleCloudAiplatformV1AddExecutionEventsRequest - description: Request message for MetadataService.AddExecutionEvents. + description: >- + Success and error statistics of processing multiple entities (for + example, DataItems or structured data rows) in batch. + GoogleCloudAiplatformV1PublisherModelCallToActionDeployGke: + description: Configurations for PublisherModel GKE deployment type: object properties: - events: - description: The Events to create and add. - type: array + gkeYamlConfigs: + description: Optional. GKE deployment configuration in yaml format. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Event' - GoogleCloudAiplatformV1AddExecutionEventsResponse: - id: GoogleCloudAiplatformV1AddExecutionEventsResponse - description: Response message for MetadataService.AddExecutionEvents. - type: object - properties: {} - GoogleCloudAiplatformV1MetadataSchema: - id: GoogleCloudAiplatformV1MetadataSchema - description: Instance of a general MetadataSchema. + type: string + type: array + id: GoogleCloudAiplatformV1PublisherModelCallToActionDeployGke + GoogleCloudAiplatformV1RagFileParsingConfigLlmParser: type: object + id: GoogleCloudAiplatformV1RagFileParsingConfigLlmParser + description: Specifies the LLM parsing for RagFiles. properties: - name: - description: Output only. The resource name of the MetadataSchema. - readOnly: true - type: string - schemaVersion: + maxParsingRequestsPerMin: + type: integer description: >- - The version of the MetadataSchema. The version's format must match - the following regular expression: `^[0-9]+.+.+$`, which would allow - to order/compare different versions. Example: 1.0.0, 1.0.1, etc. - type: string - schema: + The maximum number of requests the job is allowed to make to the LLM + model per minute. Consult + https://cloud.google.com/vertex-ai/generative-ai/docs/quotas and + your document size to set an appropriate value here. If unspecified, + a default value of 5000 QPM would be used. + format: int32 + modelName: description: >- - Required. The raw YAML string representation of the MetadataSchema. - The combination of [MetadataSchema.version] and the schema name - given by `title` in [MetadataSchema.schema] must be unique within a - MetadataStore. The schema is defined as an OpenAPI 3.0.2 - [MetadataSchema - Object](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.2.md#schemaObject) + The name of a LLM model used for parsing. Format: * + `projects/{project_id}/locations/{location}/publishers/{publisher}/models/{model}` type: string - schemaType: + customParsingPrompt: description: >- - The type of the MetadataSchema. This is a property that identifies - which metadata types will use the MetadataSchema. - type: string - enumDescriptions: - - Unspecified type for the MetadataSchema. - - >- - A type indicating that the MetadataSchema will be used by - Artifacts. - - >- - A typee indicating that the MetadataSchema will be used by - Executions. - - >- - A state indicating that the MetadataSchema will be used by - Contexts. - enum: - - METADATA_SCHEMA_TYPE_UNSPECIFIED - - ARTIFACT_TYPE - - EXECUTION_TYPE - - CONTEXT_TYPE - createTime: - description: Output only. Timestamp when this MetadataSchema was created. - readOnly: true - type: string - format: google-datetime - description: - description: Description of the Metadata Schema + The prompt to use for parsing. If not specified, a default prompt + will be used. type: string - GoogleCloudAiplatformV1ListMetadataSchemasResponse: - id: GoogleCloudAiplatformV1ListMetadataSchemasResponse - description: Response message for MetadataService.ListMetadataSchemas. - type: object + GoogleCloudAiplatformV1BatchReadFeatureValuesOperationMetadata: + description: Details of operations that batch reads Feature values. properties: - metadataSchemas: - description: The MetadataSchemas found for the MetadataStore. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1MetadataSchema' - nextPageToken: - description: >- - A token, which can be sent as ListMetadataSchemasRequest.page_token - to retrieve the next page. If this field is not populated, there are - no subsequent pages. - type: string - GoogleCloudAiplatformV1SearchMigratableResourcesRequest: - id: GoogleCloudAiplatformV1SearchMigratableResourcesRequest - description: Request message for MigrationService.SearchMigratableResources. + genericMetadata: + description: Operation metadata for Featurestore batch read Features values. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' type: object + id: GoogleCloudAiplatformV1BatchReadFeatureValuesOperationMetadata + CloudAiLargeModelsVisionImageImageSize: properties: - pageSize: - description: The standard page size. The default and maximum value is 100. + width: + format: int32 + type: integer + height: type: integer format: int32 - pageToken: - description: The standard page token. - type: string - filter: - description: >- - A filter for your search. You can use the following types of - filters: * Resource type filters. The following strings filter for a - specific type of MigratableResource: * `ml_engine_model_version:*` * - `automl_model:*` * `automl_dataset:*` * `data_labeling_dataset:*` * - "Migrated or not" filters. The following strings filter for - resources that either have or have not already been migrated: * - `last_migrate_time:*` filters for migrated resources. * `NOT - last_migrate_time:*` filters for not yet migrated resources. - type: string - GoogleCloudAiplatformV1SearchMigratableResourcesResponse: - id: GoogleCloudAiplatformV1SearchMigratableResourcesResponse - description: Response message for MigrationService.SearchMigratableResources. + channels: + type: integer + format: int32 + id: CloudAiLargeModelsVisionImageImageSize + description: Image size. + type: object + GoogleCloudAiplatformV1StudySpecParameterSpecCategoricalValueSpec: type: object properties: - migratableResources: - description: >- - All migratable resources that can be migrated to the location - specified in the request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1MigratableResource' - nextPageToken: + defaultValue: description: >- - The standard next-page token. The migratable_resources may not fill - page_size in SearchMigratableResourcesRequest even when there are - subsequent pages. + A default value for a `CATEGORICAL` parameter that is assumed to be + a relatively good starting point. Unset value signals that there is + no offered starting point. Currently only supported by the Vertex AI + Vizier service. Not supported by HyperparameterTuningJob or + TrainingPipeline. type: string - GoogleCloudAiplatformV1MigratableResource: - id: GoogleCloudAiplatformV1MigratableResource + values: + items: + type: string + description: Required. The list of possible categories. + type: array + description: Value specification for a parameter in `CATEGORICAL` type. + id: GoogleCloudAiplatformV1StudySpecParameterSpecCategoricalValueSpec + GoogleCloudAiplatformV1GenerateContentResponseUsageMetadata: description: >- - Represents one resource that exists in automl.googleapis.com, - datalabeling.googleapis.com or ml.googleapis.com. - type: object + Usage metadata about the content generation request and response. This + message provides a detailed breakdown of token usage and other relevant + metrics. properties: - mlEngineModelVersion: - description: Output only. Represents one Version in ml.googleapis.com. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1MigratableResourceMlEngineModelVersion - automlModel: - description: Output only. Represents one Model in automl.googleapis.com. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1MigratableResourceAutomlModel - automlDataset: - description: Output only. Represents one Dataset in automl.googleapis.com. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1MigratableResourceAutomlDataset - dataLabelingDataset: - description: Output only. Represents one Dataset in datalabeling.googleapis.com. + candidatesTokensDetails: readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1MigratableResourceDataLabelingDataset - lastMigrateTime: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModalityTokenCount' description: >- - Output only. Timestamp when the last migration attempt on this - MigratableResource started. Will not be set if there's no migration - attempt on this MigratableResource. + Output only. A detailed breakdown of the token count for each + modality in the generated candidates. + cachedContentTokenCount: + type: integer readOnly: true - type: string - format: google-datetime - lastUpdateTime: description: >- - Output only. Timestamp when this MigratableResource was last - updated. + Output only. The number of tokens in the cached content that was + used for this request. + format: int32 + toolUsePromptTokenCount: readOnly: true - type: string - format: google-datetime - GoogleCloudAiplatformV1MigratableResourceMlEngineModelVersion: - id: GoogleCloudAiplatformV1MigratableResourceMlEngineModelVersion - description: Represents one model Version in ml.googleapis.com. - type: object - properties: - endpoint: description: >- - The ml.googleapis.com endpoint that this model Version currently - lives in. Example values: * ml.googleapis.com * - us-centrall-ml.googleapis.com * europe-west4-ml.googleapis.com * - asia-east1-ml.googleapis.com - type: string - version: + Output only. The number of tokens in the results from tool + executions, which are provided back to the model as input, if + applicable. + type: integer + format: int32 + cacheTokensDetails: description: >- - Full resource name of ml engine model Version. Format: - `projects/{project}/models/{model}/versions/{version}`. - type: string - GoogleCloudAiplatformV1MigratableResourceAutomlModel: - id: GoogleCloudAiplatformV1MigratableResourceAutomlModel - description: Represents one Model in automl.googleapis.com. - type: object - properties: - model: + Output only. A detailed breakdown of the token count for each + modality in the cached content. + readOnly: true + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModalityTokenCount' + type: array + thoughtsTokenCount: description: >- - Full resource name of automl Model. Format: - `projects/{project}/locations/{location}/models/{model}`. - type: string - modelDisplayName: - description: The Model's display name in automl.googleapis.com. - type: string - GoogleCloudAiplatformV1MigratableResourceAutomlDataset: - id: GoogleCloudAiplatformV1MigratableResourceAutomlDataset - description: Represents one Dataset in automl.googleapis.com. - type: object - properties: - dataset: + Output only. The number of tokens that were part of the model's + generated "thoughts" output, if applicable. + readOnly: true + format: int32 + type: integer + totalTokenCount: + type: integer + format: int32 description: >- - Full resource name of automl Dataset. Format: - `projects/{project}/locations/{location}/datasets/{dataset}`. - type: string - datasetDisplayName: - description: The Dataset's display name in automl.googleapis.com. - type: string - GoogleCloudAiplatformV1MigratableResourceDataLabelingDataset: - id: GoogleCloudAiplatformV1MigratableResourceDataLabelingDataset - description: Represents one Dataset in datalabeling.googleapis.com. - type: object - properties: - dataset: + The total number of tokens for the entire request. This is the sum + of `prompt_token_count`, `candidates_token_count`, + `tool_use_prompt_token_count`, and `thoughts_token_count`. + promptTokenCount: + format: int32 description: >- - Full resource name of data labeling Dataset. Format: - `projects/{project}/datasets/{dataset}`. - type: string - datasetDisplayName: - description: The Dataset's display name in datalabeling.googleapis.com. + The total number of tokens in the prompt. This includes any text, + images, or other media provided in the request. When + `cached_content` is set, this also includes the number of tokens in + the cached content. + type: integer + trafficType: + readOnly: true + enumDescriptions: + - Unspecified request traffic type. + - The request was processed using Pay-As-You-Go quota. + - Type for Provisioned Throughput traffic. + description: Output only. The traffic type for this request. type: string - dataLabelingAnnotatedDatasets: - description: >- - The migratable AnnotatedDataset in datalabeling.googleapis.com - belongs to the data labeling Dataset. + enum: + - TRAFFIC_TYPE_UNSPECIFIED + - ON_DEMAND + - PROVISIONED_THROUGHPUT + candidatesTokenCount: + description: The total number of tokens in the generated candidates. + format: int32 + type: integer + toolUsePromptTokensDetails: + readOnly: true type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1MigratableResourceDataLabelingDatasetDataLabelingAnnotatedDataset - GoogleCloudAiplatformV1MigratableResourceDataLabelingDatasetDataLabelingAnnotatedDataset: - id: >- - GoogleCloudAiplatformV1MigratableResourceDataLabelingDatasetDataLabelingAnnotatedDataset - description: Represents one AnnotatedDataset in datalabeling.googleapis.com. - type: object - properties: - annotatedDataset: description: >- - Full resource name of data labeling AnnotatedDataset. Format: - `projects/{project}/datasets/{dataset}/annotatedDatasets/{annotated_dataset}`. - type: string - annotatedDatasetDisplayName: - description: The AnnotatedDataset's display name in datalabeling.googleapis.com. - type: string - GoogleCloudAiplatformV1BatchMigrateResourcesRequest: - id: GoogleCloudAiplatformV1BatchMigrateResourcesRequest - description: Request message for MigrationService.BatchMigrateResources. - type: object - properties: - migrateResourceRequests: + Output only. A detailed breakdown by modality of the token counts + from the results of tool executions, which are provided back to the + model as input. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModalityTokenCount' + promptTokensDetails: + readOnly: true description: >- - Required. The request messages specifying the resources to migrate. - They must be in the same location as the destination. Up to 50 - resources can be migrated in one batch. - type: array + Output only. A detailed breakdown of the token count for each + modality in the prompt. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1MigrateResourceRequest' - GoogleCloudAiplatformV1MigrateResourceRequest: - id: GoogleCloudAiplatformV1MigrateResourceRequest - description: >- - Config of migrating one resource from automl.googleapis.com, - datalabeling.googleapis.com and ml.googleapis.com to Vertex AI. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModalityTokenCount' + type: array + id: GoogleCloudAiplatformV1GenerateContentResponseUsageMetadata type: object + GoogleCloudAiplatformV1GroundingSupport: properties: - migrateMlEngineModelVersionConfig: - description: >- - Config for migrating Version in ml.googleapis.com to Vertex AI's - Model. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1MigrateResourceRequestMigrateMlEngineModelVersionConfig - migrateAutomlModelConfig: - description: >- - Config for migrating Model in automl.googleapis.com to Vertex AI's - Model. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1MigrateResourceRequestMigrateAutomlModelConfig - migrateAutomlDatasetConfig: + confidenceScores: + items: + format: float + type: number + type: array description: >- - Config for migrating Dataset in automl.googleapis.com to Vertex AI's - Dataset. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1MigrateResourceRequestMigrateAutomlDatasetConfig - migrateDataLabelingDatasetConfig: + The confidence scores for the support references. This list is + parallel to the `grounding_chunk_indices` list. A score is a value + between 0.0 and 1.0, with a higher score indicating a higher + confidence that the reference supports the claim. For Gemini 2.0 and + before, this list has the same size as `grounding_chunk_indices`. + For Gemini 2.5 and later, this list is empty and should be ignored. + groundingChunkIndices: description: >- - Config for migrating Dataset in datalabeling.googleapis.com to - Vertex AI's Dataset. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1MigrateResourceRequestMigrateDataLabelingDatasetConfig - GoogleCloudAiplatformV1MigrateResourceRequestMigrateMlEngineModelVersionConfig: - id: >- - GoogleCloudAiplatformV1MigrateResourceRequestMigrateMlEngineModelVersionConfig - description: Config for migrating version in ml.googleapis.com to Vertex AI's Model. + A list of indices into the `grounding_chunks` field of the + `GroundingMetadata` message. These indices specify which grounding + chunks support the claim made in the content segment. For example, + if this field has the values `[1, 3]`, it means that + `grounding_chunks[1]` and `grounding_chunks[3]` are the sources for + the claim in the content segment. + items: + type: integer + format: int32 + type: array + segment: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Segment' + description: The content segment that this support message applies to. type: object - properties: - endpoint: - description: >- - Required. The ml.googleapis.com endpoint that this model version - should be migrated from. Example values: * ml.googleapis.com * - us-centrall-ml.googleapis.com * europe-west4-ml.googleapis.com * - asia-east1-ml.googleapis.com - type: string - modelVersion: - description: >- - Required. Full resource name of ml engine model version. Format: - `projects/{project}/models/{model}/versions/{version}`. - type: string - modelDisplayName: - description: >- - Required. Display name of the model in Vertex AI. System will pick a - display name if unspecified. - type: string - GoogleCloudAiplatformV1MigrateResourceRequestMigrateAutomlModelConfig: - id: GoogleCloudAiplatformV1MigrateResourceRequestMigrateAutomlModelConfig + id: GoogleCloudAiplatformV1GroundingSupport description: >- - Config for migrating Model in automl.googleapis.com to Vertex AI's - Model. + A collection of supporting references for a segment of the model's + response. + GoogleCloudAiplatformV1CoherenceInput: + id: GoogleCloudAiplatformV1CoherenceInput + description: Input for coherence metric. type: object properties: - model: - description: >- - Required. Full resource name of automl Model. Format: - `projects/{project}/locations/{location}/models/{model}`. - type: string - modelDisplayName: - description: >- - Optional. Display name of the model in Vertex AI. System will pick a - display name if unspecified. - type: string + instance: + description: Required. Coherence instance. + $ref: '#/components/schemas/GoogleCloudAiplatformV1CoherenceInstance' + metricSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CoherenceSpec' + description: Required. Spec for coherence score metric. GoogleCloudAiplatformV1MigrateResourceRequestMigrateAutomlDatasetConfig: id: GoogleCloudAiplatformV1MigrateResourceRequestMigrateAutomlDatasetConfig description: >- @@ -17377,10350 +15672,11410 @@ components: type: object properties: dataset: + type: string description: >- Required. Full resource name of automl Dataset. Format: `projects/{project}/locations/{location}/datasets/{dataset}`. - type: string datasetDisplayName: + type: string description: >- Required. Display name of the Dataset in Vertex AI. System will pick a display name if unspecified. - type: string - GoogleCloudAiplatformV1MigrateResourceRequestMigrateDataLabelingDatasetConfig: - id: >- - GoogleCloudAiplatformV1MigrateResourceRequestMigrateDataLabelingDatasetConfig - description: >- - Config for migrating Dataset in datalabeling.googleapis.com to Vertex - AI's Dataset. + GoogleCloudAiplatformV1CreateDatasetOperationMetadata: + id: GoogleCloudAiplatformV1CreateDatasetOperationMetadata + properties: + genericMetadata: + description: The operation generic information. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Runtime operation information for DatasetService.CreateDataset. + type: object + GoogleCloudAiplatformV1FeatureOnlineStoreOptimized: type: object + properties: {} + id: GoogleCloudAiplatformV1FeatureOnlineStoreOptimized + description: Optimized storage type + GoogleCloudAiplatformV1FeaturestoreOnlineServingConfigScaling: + type: object + description: >- + Online serving scaling configuration. If min_node_count and + max_node_count are set to the same value, the cluster will be configured + with the fixed number of node (no auto-scaling). + id: GoogleCloudAiplatformV1FeaturestoreOnlineServingConfigScaling properties: - dataset: + maxNodeCount: + type: integer + format: int32 description: >- - Required. Full resource name of data labeling Dataset. Format: - `projects/{project}/datasets/{dataset}`. - type: string - datasetDisplayName: + The maximum number of nodes to scale up to. Must be greater than + min_node_count, and less than or equal to 10 times of + 'min_node_count'. + cpuUtilizationTarget: + type: integer + format: int32 description: >- - Optional. Display name of the Dataset in Vertex AI. System will pick - a display name if unspecified. - type: string - migrateDataLabelingAnnotatedDatasetConfigs: + Optional. The cpu utilization that the Autoscaler should be trying + to achieve. This number is on a scale from 0 (no utilization) to 100 + (total utilization), and is limited between 10 and 80. When a + cluster's CPU utilization exceeds the target that you have set, + Bigtable immediately adds nodes to the cluster. When CPU utilization + is substantially lower than the target, Bigtable removes nodes. If + not set or set to 0, default to 50. + minNodeCount: description: >- - Optional. Configs for migrating AnnotatedDataset in - datalabeling.googleapis.com to Vertex AI's SavedQuery. The specified - AnnotatedDatasets have to belong to the datalabeling Dataset. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1MigrateResourceRequestMigrateDataLabelingDatasetConfigMigrateDataLabelingAnnotatedDatasetConfig - GoogleCloudAiplatformV1MigrateResourceRequestMigrateDataLabelingDatasetConfigMigrateDataLabelingAnnotatedDatasetConfig: + Required. The minimum number of nodes to scale down to. Must be + greater than or equal to 1. + format: int32 + type: integer + GoogleCloudAiplatformV1SchemaModelevaluationMetricsClassificationEvaluationMetricsConfidenceMetrics: id: >- - GoogleCloudAiplatformV1MigrateResourceRequestMigrateDataLabelingDatasetConfigMigrateDataLabelingAnnotatedDatasetConfig - description: >- - Config for migrating AnnotatedDataset in datalabeling.googleapis.com to - Vertex AI's SavedQuery. + GoogleCloudAiplatformV1SchemaModelevaluationMetricsClassificationEvaluationMetricsConfidenceMetrics type: object properties: - annotatedDataset: + trueNegativeCount: description: >- - Required. Full resource name of data labeling AnnotatedDataset. - Format: - `projects/{project}/datasets/{dataset}/annotatedDatasets/{annotated_dataset}`. + The number of labels that were not created by the Model, but if they + would, they would not match a ground truth label. + format: int64 type: string - GoogleCloudAiplatformV1UploadModelRequest: - id: GoogleCloudAiplatformV1UploadModelRequest - description: Request message for ModelService.UploadModel. - type: object - properties: - parentModel: + maxPredictions: description: >- - Optional. The resource name of the model into which to upload the - version. Only specify this field when uploading a new version. + Metrics are computed with an assumption that the Model always + returns at most this many predictions (ordered by their score, + descendingly), but they all still need to meet the + `confidenceThreshold`. + type: integer + format: int32 + falsePositiveCount: type: string - modelId: + format: int64 description: >- - Optional. The ID to use for the uploaded Model, which will become - the final component of the model resource name. This value may be up - to 63 characters, and valid characters are `[a-z0-9_-]`. The first - character cannot be a number or hyphen. + The number of Model created labels that do not match a ground truth + label. + f1Score: + description: >- + The harmonic mean of recall and precision. For summary metrics, it + computes the micro-averaged F1 score. + format: float + type: number + truePositiveCount: type: string - model: - description: Required. The Model to create. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Model' - serviceAccount: + format: int64 + description: The number of Model created labels that match a ground truth label. + f1ScoreAt1: + type: number + description: The harmonic mean of recallAt1 and precisionAt1. + format: float + precision: + description: Precision for the given confidence threshold. + format: float + type: number + falsePositiveRate: + format: float + type: number + description: False Positive Rate for the given confidence threshold. + f1ScoreMicro: + format: float + description: Micro-averaged F1 Score. + type: number + recall: + description: Recall (True Positive Rate) for the given confidence threshold. + format: float + type: number + recallAt1: description: >- - Optional. The user-provided custom service account to use to do the - model upload. If empty, [Vertex AI Service - Agent](https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) - will be used to access resources needed to upload the model. This - account must belong to the target project where the model is - uploaded to, i.e., the project specified in the `parent` field of - this request and have necessary read permissions (to Google Cloud - Storage, Artifact Registry, etc.). + The Recall (True Positive Rate) when only considering the label that + has the highest prediction score and not below the confidence + threshold for each DataItem. + type: number + format: float + confusionMatrix: + description: Confusion matrix of the evaluation for this confidence_threshold. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrix + confidenceThreshold: + type: number + format: float + description: >- + Metrics are computed with an assumption that the Model never returns + predictions with score lower than this value. + f1ScoreMacro: + format: float + description: Macro-averaged F1 Score. + type: number + falseNegativeCount: + format: int64 type: string - GoogleCloudAiplatformV1Model: - id: GoogleCloudAiplatformV1Model - description: A trained machine learning Model. + description: >- + The number of ground truth labels that are not matched by a Model + created label. + precisionAt1: + type: number + format: float + description: >- + The precision when only considering the label that has the highest + prediction score and not below the confidence threshold for each + DataItem. + falsePositiveRateAt1: + description: >- + The False Positive Rate when only considering the label that has the + highest prediction score and not below the confidence threshold for + each DataItem. + format: float + type: number + GoogleCloudAiplatformV1SchemaTablesDatasetMetadataBigQuerySource: type: object + id: GoogleCloudAiplatformV1SchemaTablesDatasetMetadataBigQuerySource properties: - name: - description: The resource name of the Model. - type: string - versionId: - description: >- - Output only. Immutable. The version ID of the model. A new version - is committed when a new model version is uploaded or trained under - an existing model id. It is an auto-incrementing decimal number in - string representation. - readOnly: true + uri: type: string - versionAliases: description: >- - User provided version aliases so that a model version can be - referenced via alias (i.e. - `projects/{project}/locations/{location}/models/{model_id}@{version_alias}` - instead of auto-generated version id (i.e. - `projects/{project}/locations/{location}/models/{model_id}@{version_id})`. - The format is a-z{0,126}[a-z0-9] to distinguish from version_id. A - default version alias will be created for the first version of the - model, and there must be exactly one default version alias for a - model. + The URI of a BigQuery table. e.g. + bq://projectId.bqDatasetId.bqTableId + GoogleCloudAiplatformV1StringArray: + description: A list of string values. + type: object + properties: + values: + description: A list of string values. type: array items: type: string - versionCreateTime: - description: Output only. Timestamp when this version was created. + id: GoogleCloudAiplatformV1StringArray + GoogleCloudAiplatformV1StudySpecMedianAutomatedStoppingSpec: + type: object + properties: + useElapsedDuration: + description: >- + True if median automated stopping rule applies on + Measurement.elapsed_duration. It means that elapsed_duration field + of latest measurement of current Trial is used to compute median + objective value for each completed Trials. + type: boolean + description: >- + The median automated stopping rule stops a pending Trial if the Trial's + best objective_value is strictly below the median 'performance' of all + completed Trials reported up to the Trial's last measurement. Currently, + 'performance' refers to the running average of the objective values + reported by the Trial in each measurement. + id: GoogleCloudAiplatformV1StudySpecMedianAutomatedStoppingSpec + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageSegmentation: + type: object + properties: + inputs: + description: The input parameters of this TrainingJob. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageSegmentationInputs + metadata: + description: The metadata information. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageSegmentationMetadata + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageSegmentation + description: >- + A TrainingJob that trains and uploads an AutoML Image Segmentation + Model. + GoogleCloudAiplatformV1TrajectoryRecallMetricValue: + id: GoogleCloudAiplatformV1TrajectoryRecallMetricValue + type: object + description: TrajectoryRecall metric value for an instance. + properties: + score: + format: float readOnly: true + description: Output only. TrajectoryRecall score. + type: number + GoogleCloudAiplatformV1RagQuery: + type: object + id: GoogleCloudAiplatformV1RagQuery + properties: + text: + description: Optional. The query in text format to get relevant contexts. type: string - format: google-datetime - versionUpdateTime: - description: Output only. Timestamp when this version was most recently updated. - readOnly: true + ragRetrievalConfig: + description: Optional. The retrieval config for the query. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagRetrievalConfig' + description: A query to retrieve relevant contexts. + GoogleCloudAiplatformV1SchemaPredictParamsGroundingConfigSourceEntry: + properties: + type: + enum: + - UNSPECIFIED + - WEB + - ENTERPRISE + - VERTEX_AI_SEARCH + - INLINE + enumDeprecated: + - false + - false + - true + - false + - false + enumDescriptions: + - '' + - Uses Web Search to check the grounding. + - >- + Uses Vertex AI Search to check the grounding. Deprecated. Use + VERTEX_AI_SEARCH instead. + - Uses Vertex AI Search to check the grounding + - Uses inline context to check the grounding. + description: The type of the grounding checking source. type: string - format: google-datetime - displayName: + enterpriseDatastore: description: >- - Required. The display name of the Model. The name can be up to 128 - characters long and can consist of any UTF-8 characters. + The uri of the Vertex AI Search data source. Deprecated. Use + vertex_ai_search_datastore instead. type: string - description: - description: The description of the Model. + deprecated: true + vertexAiSearchDatastore: + description: The uri of the Vertex AI Search data source. type: string - versionDescription: - description: The description of this version. + inlineContext: + description: >- + The grounding text passed inline with the Predict API. It can + support up to 1 million bytes. type: string - defaultCheckpointId: - description: The default checkpoint id of a model version. + id: GoogleCloudAiplatformV1SchemaPredictParamsGroundingConfigSourceEntry + description: Single source entry for the grounding checking. + type: object + GoogleCloudAiplatformV1RougeSpec: + properties: + splitSummaries: + type: boolean + description: Optional. Whether to split summaries while using rougeLsum. + useStemmer: + description: Optional. Whether to use stemmer to compute rouge score. + type: boolean + rougeType: type: string - predictSchemata: description: >- - The schemata that describe formats of the Model's predictions and - explanations as given and returned via PredictionService.Predict and - PredictionService.Explain. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictSchemata' - metadataSchemaUri: + Optional. Supported rouge types are rougen[1-9], rougeL, and + rougeLsum. + id: GoogleCloudAiplatformV1RougeSpec + description: >- + Spec for rouge score metric - calculates the recall of n-grams in + prediction as compared to reference - returns a score ranging between 0 + and 1. + type: object + GoogleCloudAiplatformV1CreateSpecialistPoolOperationMetadata: + id: GoogleCloudAiplatformV1CreateSpecialistPoolOperationMetadata + properties: + genericMetadata: + description: The operation generic information. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: >- + Runtime operation information for + SpecialistPoolService.CreateSpecialistPool. + type: object + GoogleCloudAiplatformV1RagFileChunkingConfig: + id: GoogleCloudAiplatformV1RagFileChunkingConfig + type: object + description: Specifies the size and overlap of chunks for RagFiles. + properties: + fixedLengthChunking: + description: Specifies the fixed length chunking config. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RagFileChunkingConfigFixedLengthChunking + GoogleCloudAiplatformV1ReasoningEngineSpecSourceCodeSpec: + id: GoogleCloudAiplatformV1ReasoningEngineSpecSourceCodeSpec + properties: + developerConnectSource: + description: Source code is in a Git repository managed by Developer Connect. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReasoningEngineSpecSourceCodeSpecDeveloperConnectSource + inlineSource: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReasoningEngineSpecSourceCodeSpecInlineSource + description: Source code is provided directly in the request. + pythonSpec: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReasoningEngineSpecSourceCodeSpecPythonSpec + description: Configuration for a Python application. + type: object + description: Specification for deploying from source code. + GoogleCloudAiplatformV1UploadModelOperationMetadata: + properties: + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: The common part of the operation metadata. + type: object + description: Details of ModelService.UploadModel operation. + id: GoogleCloudAiplatformV1UploadModelOperationMetadata + GoogleCloudAiplatformV1RubricContentProperty: + properties: + description: description: >- - Immutable. Points to a YAML file stored on Google Cloud Storage - describing additional information about the Model, that is specific - to it. Unset if the Model does not have any additional information. - The schema is defined as an OpenAPI 3.0.2 [Schema - Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). - AutoML Models always have this field populated by Vertex AI, if no - additional metadata is needed, this field is set to an empty string. - Note: The URI given on output will be immutable and probably - different, including the URI scheme, than the one given on input. - The output URI will point to a location where the user only has a - read access. + Description of the property being evaluated. Example: "The model's + response is grammatically correct." type: string - metadata: + description: Defines criteria based on a specific property. + id: GoogleCloudAiplatformV1RubricContentProperty + type: object + GoogleCloudAiplatformV1CancelBatchPredictionJobRequest: + properties: {} + id: GoogleCloudAiplatformV1CancelBatchPredictionJobRequest + type: object + description: Request message for JobService.CancelBatchPredictionJob. + GoogleCloudAiplatformV1SlackSourceSlackChannels: + type: object + description: >- + SlackChannels contains the Slack channels and corresponding access + token. + properties: + channels: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SlackSourceSlackChannelsSlackChannel + type: array + description: Required. The Slack channel IDs. + apiKeyConfig: description: >- - Immutable. An additional information about the Model; the schema of - the metadata can be found in metadata_schema. Unset if the Model - does not have any additional information. - type: any - supportedExportFormats: + Required. The SecretManager secret version resource name (e.g. + projects/{project}/secrets/{secret}/versions/{version}) storing the + Slack channel access token that has access to the slack channel IDs. + See: https://api.slack.com/tutorials/tracks/getting-a-token. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ApiAuthApiKeyConfig' + id: GoogleCloudAiplatformV1SlackSourceSlackChannels + GoogleCloudAiplatformV1ListTensorboardRunsResponse: + properties: + nextPageToken: + type: string description: >- - Output only. The formats in which this Model may be exported. If - empty, this Model is not available for export. - readOnly: true + A token, which can be sent as ListTensorboardRunsRequest.page_token + to retrieve the next page. If this field is omitted, there are no + subsequent pages. + tensorboardRuns: + description: The TensorboardRuns mathching the request. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelExportFormat' - trainingPipeline: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardRun' + description: Response message for TensorboardService.ListTensorboardRuns. + id: GoogleCloudAiplatformV1ListTensorboardRunsResponse + type: object + GoogleCloudAiplatformV1CreateTensorboardOperationMetadata: + id: GoogleCloudAiplatformV1CreateTensorboardOperationMetadata + type: object + description: Details of operations that perform create Tensorboard. + properties: + genericMetadata: + description: Operation metadata for Tensorboard. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + GoogleCloudAiplatformV1SchemaModelevaluationMetricsImageSegmentationEvaluationMetrics: + type: object + properties: + confidenceMetricsEntries: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsImageSegmentationEvaluationMetricsConfidenceMetricsEntry + type: array description: >- - Output only. The resource name of the TrainingPipeline that uploaded - this Model, if any. - readOnly: true - type: string - pipelineJob: + Metrics for each confidenceThreshold in + 0.00,0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 Precision-recall curve + can be derived from it. + description: Metrics for image segmentation evaluation results. + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsImageSegmentationEvaluationMetrics + GoogleCloudAiplatformV1BatchPredictionJobInputConfig: + type: object + properties: + bigquerySource: description: >- - Optional. This field is populated if the model is produced by a - pipeline job. + The BigQuery location of the input table. The schema of the table + should be in the format described by the given context OpenAPI + Schema, if one is provided. The table may contain additional columns + that are not described by the schema, and they will be ignored. + $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQuerySource' + instancesFormat: + description: >- + Required. The format in which instances are given, must be one of + the Model's supported_input_storage_formats. + type: string + gcsSource: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' + description: The Cloud Storage location for the input instances. + id: GoogleCloudAiplatformV1BatchPredictionJobInputConfig + description: >- + Configures the input to BatchPredictionJob. See + Model.supported_input_storage_formats for Model's supported input + formats, and how instances should be expressed via any of them. + GoogleCloudAiplatformV1FindNeighborsRequest: + type: object + id: GoogleCloudAiplatformV1FindNeighborsRequest + properties: + deployedIndexId: type: string - containerSpec: description: >- - Input only. The specification of the container that is to be used - when deploying this Model. The specification is ingested upon - ModelService.UploadModel, and all binaries it contains are copied - and stored internally by Vertex AI. Not required for AutoML Models. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelContainerSpec' - artifactUri: + The ID of the DeployedIndex that will serve the request. This + request is sent to a specific IndexEndpoint, as per the + IndexEndpoint.network. That IndexEndpoint also has + IndexEndpoint.deployed_indexes, and each such index has a + DeployedIndex.id field. The value of the field below must equal one + of the DeployedIndex.id fields of the IndexEndpoint that is being + called for this request. + returnFullDatapoint: description: >- - Immutable. The path to the directory containing the Model artifact - and any of its supporting files. Not required for AutoML Models. + If set to true, the full datapoints (including all vector values and + restricts) of the nearest neighbors are returned. Note that + returning full datapoint will significantly increase the latency and + cost of the query. + type: boolean + queries: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FindNeighborsRequestQuery + description: The list of queries. + type: array + description: The request message for MatchService.FindNeighbors. + GoogleCloudAiplatformV1SchemaImageDatasetMetadata: + description: The metadata of Datasets that contain Image DataItems. + properties: + gcsBucket: + description: >- + Google Cloud Storage Bucket name that contains the blob data of this + Dataset. + type: string + dataItemSchemaUri: type: string - supportedDeploymentResourcesTypes: description: >- - Output only. When this Model is deployed, its prediction resources - are described by the `prediction_resources` field of the - Endpoint.deployed_models object. Because not all Models support all - resource configuration types, the configuration types this Model - supports are listed here. If no configuration types are listed, the - Model cannot be deployed to an Endpoint and does not support online - predictions (PredictionService.Predict or - PredictionService.Explain). Such a Model can serve predictions by - using a BatchPredictionJob, if it has at least one entry each in - supported_input_storage_formats and - supported_output_storage_formats. - readOnly: true + Points to a YAML file stored on Google Cloud Storage describing + payload of the Image DataItems that belong to this Dataset. + type: object + id: GoogleCloudAiplatformV1SchemaImageDatasetMetadata + GoogleCloudAiplatformV1DoubleArray: + properties: + values: type: array items: - type: string - enumDescriptions: - - Should not be used. - - >- - Resources that are dedicated to the DeployedModel, and that need - a higher degree of manual configuration. - - >- - Resources that to large degree are decided by Vertex AI, and - require only a modest additional configuration. - - >- - Resources that can be shared by multiple DeployedModels. A - pre-configured DeploymentResourcePool is required. - enum: - - DEPLOYMENT_RESOURCES_TYPE_UNSPECIFIED - - DEDICATED_RESOURCES - - AUTOMATIC_RESOURCES - - SHARED_RESOURCES - supportedInputStorageFormats: - description: >- - Output only. The formats this Model supports in - BatchPredictionJob.input_config. If - PredictSchemata.instance_schema_uri exists, the instances should be - given as per that schema. The possible formats are: * `jsonl` The - JSON Lines format, where each instance is a single line. Uses - GcsSource. * `csv` The CSV format, where each instance is a single - comma-separated line. The first line in the file is the header, - containing comma-separated field names. Uses GcsSource. * - `tf-record` The TFRecord format, where each instance is a single - record in tfrecord syntax. Uses GcsSource. * `tf-record-gzip` - Similar to `tf-record`, but the file is gzipped. Uses GcsSource. * - `bigquery` Each instance is a single row in BigQuery. Uses - BigQuerySource. * `file-list` Each line of the file is the location - of an instance to process, uses `gcs_source` field of the - InputConfig object. If this Model doesn't support any of these - formats it means it cannot be used with a BatchPredictionJob. - However, if it has supported_deployment_resources_types, it could - serve online predictions by using PredictionService.Predict or - PredictionService.Explain. - readOnly: true - type: array - items: - type: string - supportedOutputStorageFormats: + type: number + format: double + description: A list of double values. + type: object + id: GoogleCloudAiplatformV1DoubleArray + description: A list of double values. + GoogleCloudAiplatformV1SmoothGradConfig: + description: >- + Config for SmoothGrad approximation of gradients. When enabled, the + gradients are approximated by averaging the gradients from noisy samples + in the vicinity of the inputs. Adding noise can help improve the + computed gradients. Refer to this paper for more details: + https://arxiv.org/pdf/1706.03825.pdf + type: object + id: GoogleCloudAiplatformV1SmoothGradConfig + properties: + noiseSigma: + type: number description: >- - Output only. The formats this Model supports in - BatchPredictionJob.output_config. If both - PredictSchemata.instance_schema_uri and - PredictSchemata.prediction_schema_uri exist, the predictions are - returned together with their instances. In other words, the - prediction has the original instance data first, followed by the - actual prediction content (as per the schema). The possible formats - are: * `jsonl` The JSON Lines format, where each prediction is a - single line. Uses GcsDestination. * `csv` The CSV format, where each - prediction is a single comma-separated line. The first line in the - file is the header, containing comma-separated field names. Uses - GcsDestination. * `bigquery` Each prediction is a single row in a - BigQuery table, uses BigQueryDestination . If this Model doesn't - support any of these formats it means it cannot be used with a - BatchPredictionJob. However, if it has - supported_deployment_resources_types, it could serve online - predictions by using PredictionService.Predict or - PredictionService.Explain. - readOnly: true - type: array - items: - type: string - createTime: - description: Output only. Timestamp when this Model was uploaded into Vertex AI. - readOnly: true + This is a single float value and will be used to add noise to all + the features. Use this field when all features are normalized to + have the same distribution: scale to range [0, 1], [-1, 1] or + z-scoring, where features are normalized to have 0-mean and + 1-variance. Learn more about + [normalization](https://developers.google.com/machine-learning/data-prep/transform/normalization). + For best results the recommended value is about 10% - 20% of the + standard deviation of the input feature. Refer to section 3.2 of the + SmoothGrad paper: https://arxiv.org/pdf/1706.03825.pdf. Defaults to + 0.1. If the distribution is different per feature, set + feature_noise_sigma instead for each feature. + format: float + featureNoiseSigma: + description: >- + This is similar to noise_sigma, but provides additional flexibility. + A separate noise sigma can be provided for each feature, which is + useful if their distributions are different. No noise is added to + features that are not set. If this field is unset, noise_sigma will + be used for all features. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureNoiseSigma' + noisySampleCount: + format: int32 + description: >- + The number of gradient samples to use for approximation. The higher + this number, the more accurate the gradient is, but the runtime + complexity increases by this factor as well. Valid range of its + value is [1, 50]. Defaults to 3. + type: integer + GoogleCloudAiplatformV1DeployedModel: + properties: + model: + description: >- + The resource name of the Model that this is the deployment of. Note + that the Model may be in a different location than the + DeployedModel's Endpoint. The resource name may contain version id + or version alias to specify the version. Example: + `projects/{project}/locations/{location}/models/{model}@2` or + `projects/{project}/locations/{location}/models/{model}@golden` if + no version is specified, the default version will be deployed. type: string + fasterDeploymentConfig: + description: Configuration for faster model deployment. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FasterDeploymentConfig' + createTime: format: google-datetime - updateTime: - description: Output only. Timestamp when this Model was most recently updated. readOnly: true + description: Output only. Timestamp when the DeployedModel was created. type: string - format: google-datetime - deployedModels: + gdcConnectedModel: description: >- - Output only. The pointers to DeployedModels created from this Model. - Note that Model could have been deployed to Endpoints in different - Locations. + GDC pretrained / Gemini model name. The model name is a plain model + name, e.g. gemini-1.5-flash-002. + type: string + privateEndpoints: + description: >- + Output only. Provide paths for users to send predict/explain/health + requests directly to the deployed model services running on Cloud + via private services access. This field is populated if network is + configured. + $ref: '#/components/schemas/GoogleCloudAiplatformV1PrivateEndpoints' readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModelRef' - explanationSpec: + dedicatedResources: description: >- - The default explanation specification for this Model. The Model can - be used for requesting explanation after being deployed if it is - populated. The Model can be used for batch explanation if it is - populated. All fields of the explanation_spec can be overridden by - explanation_spec of DeployModelRequest.deployed_model, or - explanation_spec of BatchPredictionJob. If the default explanation - specification is not set for this Model, this Model can still be - used for requesting explanation by setting explanation_spec of - DeployModelRequest.deployed_model and for batch explanation by - setting explanation_spec of BatchPredictionJob. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplanationSpec' - etag: + A description of resources that are dedicated to the DeployedModel, + and that need a higher degree of manual configuration. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DedicatedResources' + enableAccessLogging: description: >- - Used to perform consistent read-modify-write updates. If not set, a - blind "overwrite" update happens. + If true, online prediction access logs are sent to Cloud Logging. + These logs are like standard server access logs, containing + information like timestamp and latency for each prediction request. + Note that logs may incur a cost, especially if your project receives + prediction requests at a high queries per second rate (QPS). + Estimate your costs before enabling this option. + type: boolean + displayName: type: string - labels: description: >- - The labels with user-defined metadata to organize your Models. Label - keys and values can be no longer than 64 characters (Unicode - codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. See - https://goo.gl/xmQnxf for more information and examples of labels. + The display name of the DeployedModel. If not provided upon + creation, the Model's display_name is used. + serviceAccount: + type: string + description: >- + The service account that the DeployedModel's container runs as. + Specify the email address of the service account. If this service + account is not specified, the container runs as a service account + that doesn't have access to the resource project. Users deploying + the Model must have the `iam.serviceAccounts.actAs` permission on + this service account. + speculativeDecodingSpec: + description: Optional. Spec for configuring speculative decoding. + $ref: '#/components/schemas/GoogleCloudAiplatformV1SpeculativeDecodingSpec' + status: + description: Output only. Runtime status of the deployed model. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModelStatus' + readOnly: true + systemLabels: type: object additionalProperties: type: string - dataStats: - description: >- - Stats of data used for training or evaluating the Model. Only - populated when the Model is trained by a TrainingPipeline with - data_input_config. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelDataStats' - encryptionSpec: description: >- - Customer-managed encryption key spec for a Model. If set, this Model - and all sub-resources of this Model will be secured by this key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - modelSourceInfo: + System labels to apply to Model Garden deployments. System labels + are managed by Google for internal use only. + sharedResources: + type: string description: >- - Output only. Source of a model. It can either be automl training - pipeline, custom training pipeline, BigQuery ML, or saved and tuned - from Genie or Model Garden. + The resource name of the shared DeploymentResourcePool to deploy on. + Format: + `projects/{project}/locations/{location}/deploymentResourcePools/{deployment_resource_pool}` + modelVersionId: + type: string + description: Output only. The version ID of the model that is deployed. readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelSourceInfo' - originalModelInfo: + checkpointId: + type: string + description: The checkpoint id of the model. + automaticResources: description: >- - Output only. If this Model is a copy of another Model, this contains - info about the original. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelOriginalModelInfo' - metadataArtifact: + A description of resources that to large degree are decided by + Vertex AI, and require only a modest additional configuration. + $ref: '#/components/schemas/GoogleCloudAiplatformV1AutomaticResources' + disableExplanations: + type: boolean description: >- - Output only. The resource name of the Artifact that was created in - MetadataStore when creating the Model. The Artifact resource name - pattern is - `projects/{project}/locations/{location}/metadataStores/{metadata_store}/artifacts/{artifact}`. - readOnly: true + If true, deploy the model without explainable feature, regardless + the existence of Model.explanation_spec or explanation_spec. + id: + description: >- + Immutable. The ID of the DeployedModel. If not provided upon + deployment, Vertex AI will generate a value for this ID. This value + should be 1-10 characters, and valid characters are `/[0-9]/`. type: string - baseModelSource: + explanationSpec: description: >- - Optional. User input field to specify the base model source. - Currently it only supports specifing the Model Garden models and - Genie models. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelBaseModelSource' - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true + Explanation configuration for this DeployedModel. When deploying a + Model using EndpointService.DeployModel, this value overrides the + value of Model.explanation_spec. All fields of explanation_spec are + optional in the request. If a field of explanation_spec is not + populated, the value of the same field of Model.explanation_spec is + inherited. If the corresponding Model.explanation_spec is not + populated, all fields of the explanation_spec will be used for the + explanation configuration. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplanationSpec' + disableContainerLogging: + description: >- + For custom-trained Models and AutoML Tabular Models, the container + of the DeployedModel instances will send `stderr` and `stdout` + streams to Cloud Logging by default. Please note that the logs incur + cost, which are subject to [Cloud Logging + pricing](https://cloud.google.com/logging/pricing). User can disable + container logging by setting this flag to true. type: boolean - checkpoints: - description: Optional. Output only. The checkpoints of the model. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Checkpoint' - GoogleCloudAiplatformV1ModelExportFormat: - id: GoogleCloudAiplatformV1ModelExportFormat - description: >- - Represents export format supported by the Model. All formats export to - Google Cloud Storage. type: object + id: GoogleCloudAiplatformV1DeployedModel + description: A deployment of a Model. Endpoints contain one or more DeployedModels. + GoogleCloudAiplatformV1ProbeGrpcAction: + id: GoogleCloudAiplatformV1ProbeGrpcAction properties: - id: + service: description: >- - Output only. The ID of the export format. The possible format IDs - are: * `tflite` Used for Android mobile devices. * `edgetpu-tflite` - Used for [Edge TPU](https://cloud.google.com/edge-tpu/) devices. * - `tf-saved-model` A tensorflow model in SavedModel format. * `tf-js` - A [TensorFlow.js](https://www.tensorflow.org/js) model that can be - used in the browser and in Node.js using JavaScript. * `core-ml` - Used for iOS mobile devices. * `custom-trained` A Model that was - uploaded or trained by custom code. * `genie` A tuned Model Garden - model. - readOnly: true + Service is the name of the service to place in the gRPC + HealthCheckRequest. See + https://github.com/grpc/grpc/blob/master/doc/health-checking.md. If + this is not specified, the default behavior is defined by gRPC. type: string - exportableContents: - description: Output only. The content of this Model that may be exported. - readOnly: true - type: array - items: - type: string - enumDescriptions: - - Should not be used. - - >- - Model artifact and any of its supported files. Will be exported - to the location specified by the `artifactDestination` field of - the ExportModelRequest.output_config object. - - >- - The container image that is to be used when deploying this - Model. Will be exported to the location specified by the - `imageDestination` field of the ExportModelRequest.output_config - object. - enum: - - EXPORTABLE_CONTENT_UNSPECIFIED - - ARTIFACT - - IMAGE - GoogleCloudAiplatformV1ModelDataStats: - id: GoogleCloudAiplatformV1ModelDataStats - description: Stats of data used for train or evaluate the Model. + port: + format: int32 + description: >- + Port number of the gRPC service. Number must be in the range 1 to + 65535. + type: integer + description: GrpcAction checks the health of a container using a gRPC service. + type: object + GoogleCloudAiplatformV1CreateFeatureOnlineStoreOperationMetadata: type: object properties: - trainingDataItemsCount: - description: Number of DataItems that were used for training this Model. + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Operation metadata for FeatureOnlineStore. + id: GoogleCloudAiplatformV1CreateFeatureOnlineStoreOperationMetadata + description: Details of operations that perform create FeatureOnlineStore. + GoogleCloudAiplatformV1ExplanationMetadata: + description: Metadata describing the Model's input and output for explanation. + id: GoogleCloudAiplatformV1ExplanationMetadata + properties: + outputs: + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ExplanationMetadataOutputMetadata + type: object + description: >- + Required. Map from output names to output metadata. For Vertex + AI-provided Tensorflow images, keys can be any user defined string + that consists of any UTF-8 characters. For custom images, keys are + the name of the output field in the prediction to be explained. + Currently only one key is allowed. + latentSpaceSource: + description: >- + Name of the source to generate embeddings for example based + explanations. type: string - format: int64 - validationDataItemsCount: + featureAttributionsSchemaUri: description: >- - Number of DataItems that were used for validating this Model during - training. + Points to a YAML file stored on Google Cloud Storage describing the + format of the feature attributions. The schema is defined as an + OpenAPI 3.0.2 [Schema + Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). + AutoML tabular Models always have this field populated by Vertex AI. + Note: The URI given on output may be different, including the URI + scheme, than the one given on input. The output URI will point to a + location where the user only has a read access. type: string - format: int64 - testDataItemsCount: + inputs: + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ExplanationMetadataInputMetadata + type: object description: >- - Number of DataItems that were used for evaluating this Model. If the - Model is evaluated multiple times, this will be the number of test - DataItems used by the first evaluation. If the Model is not - evaluated, the number is 0. + Required. Map from feature names to feature input metadata. Keys are + the name of the features. Values are the specification of the + feature. An empty InputMetadata is valid. It describes a text + feature which has the name specified as the key in + ExplanationMetadata.inputs. The baseline of the empty feature is + chosen by Vertex AI. For Vertex AI-provided Tensorflow images, the + key can be any friendly name of the feature. Once specified, + featureAttributions are keyed by this key (if not grouped with + another feature). For custom images, the key must match with the key + in instance. + type: object + GoogleCloudAiplatformV1FetchFeatureValuesRequest: + properties: + dataKey: + description: Optional. The request key to fetch feature values for. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureViewDataKey' + dataFormat: + description: >- + Optional. Response data format. If not set, + FeatureViewDataFormat.KEY_VALUE will be used. + enum: + - FEATURE_VIEW_DATA_FORMAT_UNSPECIFIED + - KEY_VALUE + - PROTO_STRUCT type: string - format: int64 - trainingAnnotationsCount: - description: Number of Annotations that are used for training this Model. + enumDescriptions: + - Not set. Will be treated as the KeyValue format. + - Return response data in key-value format. + - Return response data in proto Struct format. + type: object + description: >- + Request message for FeatureOnlineStoreService.FetchFeatureValues. All + the features under the requested feature view will be returned. + id: GoogleCloudAiplatformV1FetchFeatureValuesRequest + GoogleCloudAiplatformV1StudySpecConvexAutomatedStoppingSpec: + type: object + properties: + learningRateParameterName: + description: >- + The hyper-parameter name used in the tuning job that stands for + learning rate. Leave it blank if learning rate is not in a parameter + in tuning. The learning_rate is used to estimate the objective value + of the ongoing trial. type: string + minStepCount: format: int64 - validationAnnotationsCount: description: >- - Number of Annotations that are used for validating this Model during - training. + Minimum number of steps for a trial to complete. Trials which do not + have a measurement with step_count > min_step_count won't be + considered for early stopping. It's ok to set it to 0, and a trial + can be early stopped at any stage. By default, min_step_count is set + to be one-tenth of the max_step_count. When use_elapsed_duration is + true, this field is set to the minimum elapsed seconds. type: string + maxStepCount: format: int64 - testAnnotationsCount: description: >- - Number of Annotations that are used for evaluating this Model. If - the Model is evaluated multiple times, this will be the number of - test Annotations used by the first evaluation. If the Model is not - evaluated, the number is 0. + Steps used in predicting the final objective for early stopped + trials. In general, it's set to be the same as the defined steps in + training / tuning. If not defined, it will learn it from the + completed trials. When use_steps is false, this field is set to the + maximum elapsed seconds. type: string + minMeasurementCount: format: int64 - GoogleCloudAiplatformV1ModelSourceInfo: - id: GoogleCloudAiplatformV1ModelSourceInfo - description: Detail description of the source information of the model. - type: object - properties: - sourceType: - description: Type of the model source. + description: >- + The minimal number of measurements in a Trial. Early-stopping checks + will not trigger if less than min_measurement_count+1 completed + trials or pending trials with less than min_measurement_count + measurements. If not defined, the default value is 5. type: string - enumDescriptions: - - Should not be used. - - The Model is uploaded by automl training pipeline. - - The Model is uploaded by user or custom training pipeline. - - The Model is registered and sync'ed from BigQuery ML. - - The Model is saved or tuned from Model Garden. - - The Model is saved or tuned from Genie. - - The Model is uploaded by text embedding finetuning pipeline. - - The Model is saved or tuned from Marketplace. - enum: - - MODEL_SOURCE_TYPE_UNSPECIFIED - - AUTOML - - CUSTOM - - BQML - - MODEL_GARDEN - - GENIE - - CUSTOM_TEXT_EMBEDDING - - MARKETPLACE - copy: + updateAllStoppedTrials: description: >- - If this Model is copy of another Model. If true then source_type - pertains to the original. + ConvexAutomatedStoppingSpec by default only updates the trials that + needs to be early stopped using a newly trained auto-regressive + model. When this flag is set to True, all stopped trials from the + beginning are potentially updated in terms of their + `final_measurement`. Also, note that the training logic of + autoregressive models is different in this case. Enabling this + option has shown better results and this may be the default option + in the future. type: boolean - GoogleCloudAiplatformV1ModelOriginalModelInfo: - id: GoogleCloudAiplatformV1ModelOriginalModelInfo - description: Contains information about the original Model if this Model is a copy. - type: object - properties: - model: + useElapsedDuration: description: >- - Output only. The resource name of the Model this Model is a copy of, - including the revision. Format: - `projects/{project}/locations/{location}/models/{model_id}@{version_id}` - readOnly: true - type: string - GoogleCloudAiplatformV1ModelBaseModelSource: - id: GoogleCloudAiplatformV1ModelBaseModelSource + This bool determines whether or not the rule is applied based on + elapsed_secs or steps. If use_elapsed_duration==false, the early + stopping decision is made according to the predicted objective + values according to the target steps. If use_elapsed_duration==true, + elapsed_secs is used instead of steps. Also, in this case, the + parameters max_num_steps and min_num_steps are overloaded to contain + max_elapsed_seconds and min_elapsed_seconds. + type: boolean description: >- - User input field to specify the base model source. Currently it only - supports specifing the Model Garden models and Genie models. + Configuration for ConvexAutomatedStoppingSpec. When there are enough + completed trials (configured by min_measurement_count), for pending + trials with enough measurements and steps, the policy first computes an + overestimate of the objective value at max_num_steps according to the + slope of the incomplete objective value curve. No prediction can be made + if the curve is completely flat. If the overestimation is worse than the + best objective value of the completed trials, this pending trial will be + early-stopped, but a last measurement will be added to the pending trial + with max_num_steps and predicted objective value from the autoregression + model. + id: GoogleCloudAiplatformV1StudySpecConvexAutomatedStoppingSpec + GoogleCloudAiplatformV1AddTrialMeasurementRequest: + description: Request message for VizierService.AddTrialMeasurement. type: object + id: GoogleCloudAiplatformV1AddTrialMeasurementRequest properties: - modelGardenSource: - description: Source information of Model Garden models. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelGardenSource' - genieSource: - description: Information about the base model of Genie models. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenieSource' - GoogleCloudAiplatformV1ModelGardenSource: - id: GoogleCloudAiplatformV1ModelGardenSource - description: >- - Contains information about the source of the models generated from Model - Garden. + measurement: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Measurement' + description: Required. The measurement to be added to a Trial. + GoogleCloudAiplatformV1EnterpriseWebSearch: + id: GoogleCloudAiplatformV1EnterpriseWebSearch type: object properties: - publicModelName: - description: Required. The model garden source model resource name. + blockingConfidence: + enum: + - PHISH_BLOCK_THRESHOLD_UNSPECIFIED + - BLOCK_LOW_AND_ABOVE + - BLOCK_MEDIUM_AND_ABOVE + - BLOCK_HIGH_AND_ABOVE + - BLOCK_HIGHER_AND_ABOVE + - BLOCK_VERY_HIGH_AND_ABOVE + - BLOCK_ONLY_EXTREMELY_HIGH type: string - versionId: - description: Optional. The model garden source model version ID. + description: >- + Optional. Sites with confidence level chosen & above this value will + be blocked from the search results. + enumDescriptions: + - Defaults to unspecified. + - Blocks Low and above confidence URL that is risky. + - Blocks Medium and above confidence URL that is risky. + - Blocks High and above confidence URL that is risky. + - Blocks Higher and above confidence URL that is risky. + - Blocks Very high and above confidence URL that is risky. + - Blocks Extremely high confidence URL that is risky. + excludeDomains: + type: array + description: >- + Optional. List of domains to be excluded from the search results. + The default limit is 2000 domains. + items: + type: string + description: >- + Tool to search public web data, powered by Vertex AI Search and Sec4 + compliance. + GoogleCloudAiplatformV1FeatureOnlineStore: + properties: + bigtable: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureOnlineStoreBigtable + description: >- + Contains settings for the Cloud Bigtable instance that will be + created to serve featureValues for all FeatureViews under this + FeatureOnlineStore. + satisfiesPzs: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + createTime: + format: google-datetime + description: Output only. Timestamp when this FeatureOnlineStore was created. + readOnly: true type: string - skipHfModelCache: - description: Optional. Whether to avoid pulling the model from the HF cache. + dedicatedServingEndpoint: + description: >- + Optional. The dedicated serving endpoint for this + FeatureOnlineStore, which is different from common Vertex service + endpoint. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureOnlineStoreDedicatedServingEndpoint + encryptionSpec: + description: >- + Optional. Customer-managed encryption key spec for data storage. If + set, online store will be secured by this key. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + updateTime: + format: google-datetime + description: >- + Output only. Timestamp when this FeatureOnlineStore was last + updated. + type: string + readOnly: true + optimized: + description: >- + Contains settings for the Optimized store that will be created to + serve featureValues for all FeatureViews under this + FeatureOnlineStore. When choose Optimized storage type, need to set + PrivateServiceConnectConfig.enable_private_service_connect to use + private endpoint. Otherwise will use public endpoint by default. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureOnlineStoreOptimized + name: + type: string + description: >- + Identifier. Name of the FeatureOnlineStore. Format: + `projects/{project}/locations/{location}/featureOnlineStores/{featureOnlineStore}` + etag: + description: >- + Optional. Used to perform consistent read-modify-write updates. If + not set, a blind "overwrite" update happens. + type: string + labels: + type: object + additionalProperties: + type: string + description: >- + Optional. The labels with user-defined metadata to organize your + FeatureOnlineStore. Label keys and values can be no longer than 64 + characters (Unicode codepoints), can only contain lowercase letters, + numeric characters, underscores and dashes. International characters + are allowed. See https://goo.gl/xmQnxf for more information on and + examples of labels. No more than 64 user labels can be associated + with one FeatureOnlineStore(System labels are excluded)." System + reserved label keys are prefixed with "aiplatform.googleapis.com/" + and are immutable. + state: + enumDescriptions: + - Default value. This value is unused. + - >- + State when the featureOnlineStore configuration is not being + updated and the fields reflect the current configuration of the + featureOnlineStore. The featureOnlineStore is usable in this + state. + - >- + The state of the featureOnlineStore configuration when it is being + updated. During an update, the fields reflect either the original + configuration or the updated configuration of the + featureOnlineStore. The featureOnlineStore is still usable in this + state. + readOnly: true + type: string + enum: + - STATE_UNSPECIFIED + - STABLE + - UPDATING + description: Output only. State of the featureOnlineStore. + satisfiesPzi: + description: Output only. Reserved for future use. + readOnly: true type: boolean - GoogleCloudAiplatformV1GenieSource: - id: GoogleCloudAiplatformV1GenieSource + type: object + id: GoogleCloudAiplatformV1FeatureOnlineStore description: >- - Contains information about the source of the models generated from - Generative AI Studio. + Vertex AI Feature Online Store provides a centralized repository for + serving ML features and embedding indexes at low latency. The Feature + Online Store is a top-level container. + GoogleCloudAiplatformV1AddExecutionEventsResponse: + description: Response message for MetadataService.AddExecutionEvents. + id: GoogleCloudAiplatformV1AddExecutionEventsResponse type: object - properties: - baseModelUri: - description: Required. The public base model URI. - type: string - GoogleCloudAiplatformV1Checkpoint: - id: GoogleCloudAiplatformV1Checkpoint - description: Describes the machine learning model version checkpoint. + properties: {} + GoogleCloudAiplatformV1AddContextChildrenResponse: + id: GoogleCloudAiplatformV1AddContextChildrenResponse + description: Response message for MetadataService.AddContextChildren. + properties: {} + type: object + GoogleCloudAiplatformV1AssignNotebookRuntimeRequest: type: object + id: GoogleCloudAiplatformV1AssignNotebookRuntimeRequest properties: - checkpointId: - description: The ID of the checkpoint. - type: string - epoch: - description: The epoch of the checkpoint. + notebookRuntimeTemplate: type: string - format: int64 - step: - description: The step of the checkpoint. + description: >- + Required. The resource name of the NotebookRuntimeTemplate based on + which a NotebookRuntime will be assigned (reuse or create a new + one). + notebookRuntimeId: type: string - format: int64 - GoogleCloudAiplatformV1ListModelsResponse: - id: GoogleCloudAiplatformV1ListModelsResponse - description: Response message for ModelService.ListModels + description: Optional. User specified ID for the notebook runtime. + notebookRuntime: + $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookRuntime' + description: >- + Required. Provide runtime specific information (e.g. runtime owner, + notebook id) used for NotebookRuntime assignment. + description: Request message for NotebookService.AssignNotebookRuntime. + GoogleCloudAiplatformV1LogprobsResultTopCandidates: type: object properties: - models: - description: List of Models in the requested page. - type: array + candidates: items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Model' - nextPageToken: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1LogprobsResultCandidate description: >- - A token to retrieve next page of results. Pass to - ListModelsRequest.page_token to obtain that page. - type: string - GoogleCloudAiplatformV1ListModelVersionsResponse: - id: GoogleCloudAiplatformV1ListModelVersionsResponse - description: Response message for ModelService.ListModelVersions + The list of candidate tokens, sorted by log probability in + descending order. + type: array + id: GoogleCloudAiplatformV1LogprobsResultTopCandidates + description: >- + A list of the top candidate tokens and their log probabilities at each + decoding step. This can be used to see what other tokens the model + considered. + GoogleCloudAiplatformV1SchemaPredictInstanceTextExtractionPredictionInstance: + id: >- + GoogleCloudAiplatformV1SchemaPredictInstanceTextExtractionPredictionInstance type: object properties: - models: + key: description: >- - List of Model versions in the requested page. In the returned Model - name field, version ID instead of regvision tag will be included. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Model' - nextPageToken: + This field is only used for batch prediction. If a key is provided, + the batch prediction result will by mapped to this key. If omitted, + then the batch prediction result will contain the entire input + instance. Vertex AI will not check if keys in the request are + duplicates, so it is up to the caller to ensure the keys are unique. + type: string + mimeType: description: >- - A token to retrieve the next page of results. Pass to - ListModelVersionsRequest.page_token to obtain that page. + The MIME type of the text snippet. The supported MIME types are + listed below. - text/plain type: string - GoogleCloudAiplatformV1ListModelVersionCheckpointsResponse: - id: GoogleCloudAiplatformV1ListModelVersionCheckpointsResponse - description: Response message for ModelService.ListModelVersionCheckpoints - type: object + content: + type: string + description: The text snippet to make the predictions on. + description: Prediction input format for Text Extraction. + GoogleCloudAiplatformV1TimestampSplit: properties: - checkpoints: - description: List of Model Version checkpoints. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelVersionCheckpoint' - nextPageToken: + validationFraction: description: >- - A token to retrieve the next page of results. Pass to - ListModelVersionCheckpointsRequest.page_token to obtain that page. + The fraction of the input data that is to be used to validate the + Model. + type: number + format: double + trainingFraction: + format: double + description: >- + The fraction of the input data that is to be used to train the + Model. + type: number + key: type: string - GoogleCloudAiplatformV1ModelVersionCheckpoint: - id: GoogleCloudAiplatformV1ModelVersionCheckpoint - deprecated: true - description: Describes the machine learning model version checkpoint. + description: >- + Required. The key is a name of one of the Dataset's data columns. + The values of the key (the values in the column) must be in RFC 3339 + `date-time` format, where `time-offset` = `"Z"` (e.g. + 1985-04-12T23:20:50.52Z). If for a piece of data the key is not + present or has an invalid value, that piece is ignored by the + pipeline. + testFraction: + format: double + description: >- + The fraction of the input data that is to be used to evaluate the + Model. + type: number + type: object + id: GoogleCloudAiplatformV1TimestampSplit + description: >- + Assigns input data to training, validation, and test sets based on a + provided timestamps. The youngest data pieces are assigned to training + set, next to validation set, and the oldest to the test set. Supported + only for tabular Datasets. + GoogleCloudAiplatformV1SchemaPromptSpecTranslationGcsInputSource: type: object properties: - checkpointId: - description: The ID of the checkpoint. - type: string - epoch: - description: The epoch of the checkpoint. - type: string - format: int64 - step: - description: The step of the checkpoint. + inputUri: type: string - format: int64 - GoogleCloudAiplatformV1UpdateExplanationDatasetRequest: - id: GoogleCloudAiplatformV1UpdateExplanationDatasetRequest - description: Request message for ModelService.UpdateExplanationDataset. - type: object + description: Source data URI. For example, `gs://my_bucket/my_object`. + id: GoogleCloudAiplatformV1SchemaPromptSpecTranslationGcsInputSource + GoogleCloudAiplatformV1BatchImportModelEvaluationSlicesRequest: + description: Request message for ModelService.BatchImportModelEvaluationSlices + id: GoogleCloudAiplatformV1BatchImportModelEvaluationSlicesRequest properties: - examples: - description: The example config containing the location of the dataset. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Examples' - GoogleCloudAiplatformV1MergeVersionAliasesRequest: - id: GoogleCloudAiplatformV1MergeVersionAliasesRequest - description: Request message for ModelService.MergeVersionAliases. + modelEvaluationSlices: + type: array + description: Required. Model evaluation slice resource to be imported. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelEvaluationSlice' type: object + GoogleCloudAiplatformV1ExportDataResponse: properties: - versionAliases: + exportedFiles: description: >- - Required. The set of version aliases to merge. The alias should be - at most 128 characters, and match `a-z{0,126}[a-z-0-9]`. Add the `-` - prefix to an alias means removing that alias from the version. `-` - is NOT counted in the 128 characters. Example: `-golden` means - removing the `golden` alias from the version. There is NO ordering - in aliases, which means 1) The aliases returned from GetModel API - might not have the exactly same order from this MergeVersionAliases - API. 2) Adding and deleting the same alias in the request is not - recommended, and the 2 operations will be cancelled out. + All of the files that are exported in this export operation. For + custom code training export, only three (training, validation and + test) Cloud Storage paths in wildcard format are populated (for + example, gs://.../training-*). type: array items: type: string - GoogleCloudAiplatformV1ExportModelRequest: - id: GoogleCloudAiplatformV1ExportModelRequest - description: Request message for ModelService.ExportModel. + dataStats: + description: >- + Only present for custom code training export use case. Records data + stats, i.e., train/validation/test item/annotation counts calculated + during the export operation. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelDataStats' type: object - properties: - outputConfig: - description: Required. The desired output location and configuration. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ExportModelRequestOutputConfig - GoogleCloudAiplatformV1ExportModelRequestOutputConfig: - id: GoogleCloudAiplatformV1ExportModelRequestOutputConfig - description: Output configuration for the Model export. + description: Response message for DatasetService.ExportData. + id: GoogleCloudAiplatformV1ExportDataResponse + GoogleCloudAiplatformV1SchemaPredictionResult: + id: GoogleCloudAiplatformV1SchemaPredictionResult type: object + description: Represents a line of JSONL in the batch prediction output file. properties: - exportFormatId: - description: >- - The ID of the format in which the Model must be exported. Each Model - lists the export formats it supports. If no value is provided here, - then the first from the list of the Model's supported formats is - used by default. + error: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPredictionResultError + description: The error result. Do not set prediction if this is set. + key: type: string - artifactDestination: + description: Optional user-provided key from the input instance. + prediction: description: >- - The Cloud Storage location where the Model artifact is to be written - to. Under the directory given as the destination a new one with name - "`model-export--`", where timestamp is in YYYY-MM-DDThh:mm:ss.sssZ - ISO-8601 format, will be created. Inside, the Model and any of its - supporting files will be written. This field should only be set when - the `exportableContent` field of the - [Model.supported_export_formats] object contains `ARTIFACT`. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' - imageDestination: + The prediction result. Value is used here instead of Any so that + JsonFormat does not append an extra "@type" field when we convert + the proto to JSON and so we can represent array of objects. Do not + set error if this is set. + type: any + instance: description: >- - The Google Container Registry or Artifact Registry uri where the - Model container image will be copied to. This field should only be - set when the `exportableContent` field of the - [Model.supported_export_formats] object contains `IMAGE`. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ContainerRegistryDestination - GoogleCloudAiplatformV1ContainerRegistryDestination: - id: GoogleCloudAiplatformV1ContainerRegistryDestination - description: The Container Registry location for the container image. + User's input instance. Struct is used here instead of Any so that + JsonFormat does not append an extra "@type" field when we convert + the proto to JSON. + type: object + additionalProperties: + description: Properties of the object. + type: any + GoogleCloudAiplatformV1FeatureValueList: + description: Container for list of values. type: object properties: - outputUri: + values: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValue' + description: A list of feature values. All of them should be the same data type. + type: array + id: GoogleCloudAiplatformV1FeatureValueList + GoogleCloudAiplatformV1GenerationConfigRoutingConfig: + properties: + autoMode: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerationConfigRoutingConfigAutoRoutingMode description: >- - Required. Container Registry URI of a container image. Only Google - Container Registry and Artifact Registry are supported now. Accepted - forms: * Google Container Registry path. For example: - `gcr.io/projectId/imageName:tag`. * Artifact Registry path. For - example: - `us-central1-docker.pkg.dev/projectId/repoName/imageName:tag`. If a - tag is not specified, "latest" will be used as the default tag. - type: string - GoogleCloudAiplatformV1CopyModelRequest: - id: GoogleCloudAiplatformV1CopyModelRequest - description: Request message for ModelService.CopyModel. + In this mode, the model is selected automatically based on the + content of the request. + manualMode: + description: In this mode, the model is specified manually. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerationConfigRoutingConfigManualRoutingMode type: object + description: >- + The configuration for routing the request to a specific model. This can + be used to control which model is used for the generation, either + automatically or by specifying a model name. + id: GoogleCloudAiplatformV1GenerationConfigRoutingConfig + CloudAiLargeModelsVisionSemanticFilterResponse: properties: - modelId: - description: >- - Optional. Copy source_model into a new Model with this ID. The ID - will become the final component of the model resource name. This - value may be up to 63 characters, and valid characters are - `[a-z0-9_-]`. The first character cannot be a number or hyphen. - type: string - parentModel: - description: >- - Optional. Specify this field to copy source_model into this existing - Model as a new version. Format: - `projects/{project}/locations/{location}/models/{model}` - type: string - sourceModel: + passedSemanticFilter: description: >- - Required. The resource name of the Model to copy. That Model must be - in the same Project. Format: - `projects/{project}/locations/{location}/models/{model}` - type: string - encryptionSpec: + This response is added when semantic filter config is turned on in + EditConfig. It reports if this image is passed semantic filter + response. If passed_semantic_filter is false, the bounding box + information will be populated for user to check what caused the + semantic filter to fail. + type: boolean + namedBoundingBoxes: + items: + $ref: '#/components/schemas/CloudAiLargeModelsVisionNamedBoundingBox' description: >- - Customer-managed encryption key options. If this is set, then the - Model copy will be encrypted with the provided encryption key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - GoogleCloudAiplatformV1ImportModelEvaluationRequest: - id: GoogleCloudAiplatformV1ImportModelEvaluationRequest - description: Request message for ModelService.ImportModelEvaluation + Class labels of the bounding boxes that failed the semantic + filtering. Bounding box coordinates. + type: array + id: CloudAiLargeModelsVisionSemanticFilterResponse type: object - properties: - modelEvaluation: - description: Required. Model evaluation resource to be imported. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelEvaluation' - GoogleCloudAiplatformV1ModelEvaluation: - id: GoogleCloudAiplatformV1ModelEvaluation - description: >- - A collection of metrics calculated by comparing Model's predictions on - all of the test data against annotations from the test data. + GoogleCloudAiplatformV1CancelNasJobRequest: + properties: {} + type: object + description: Request message for JobService.CancelNasJob. + id: GoogleCloudAiplatformV1CancelNasJobRequest + GoogleCloudAiplatformV1PublisherModelCallToActionViewRestApi: + id: GoogleCloudAiplatformV1PublisherModelCallToActionViewRestApi type: object properties: - name: - description: Output only. The resource name of the ModelEvaluation. - readOnly: true + documentations: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelDocumentation + description: Required. + type: array + title: type: string - displayName: - description: The display name of the ModelEvaluation. + description: Required. The title of the view rest API. + description: Rest API docs. + GoogleCloudAiplatformV1RagRetrievalConfigFilter: + properties: + metadataFilter: + description: Optional. String for metadata filtering. type: string - metricsSchemaUri: + vectorDistanceThreshold: + type: number description: >- - Points to a YAML file stored on Google Cloud Storage describing the - metrics of this ModelEvaluation. The schema is defined as an OpenAPI - 3.0.2 [Schema - Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). - type: string - metrics: + Optional. Only returns contexts with vector distance smaller than + the threshold. + format: double + vectorSimilarityThreshold: description: >- - Evaluation metrics of the Model. The schema of the metrics is stored - in metrics_schema_uri - type: any - createTime: - description: Output only. Timestamp when this ModelEvaluation was created. - readOnly: true + Optional. Only returns contexts with vector similarity larger than + the threshold. + type: number + format: double + type: object + id: GoogleCloudAiplatformV1RagRetrievalConfigFilter + description: Config for filters. + CloudAiLargeModelsVisionRaiInfoDetectedLabelsEntity: + type: object + id: CloudAiLargeModelsVisionRaiInfoDetectedLabelsEntity + properties: + score: + format: float + description: Confidence score of the label + type: number + mid: + description: MID of the label type: string - format: google-datetime - sliceDimensions: - description: >- - All possible dimensions of ModelEvaluationSlices. The dimensions can - be used as the filter of the ModelService.ListModelEvaluationSlices - request, in the form of `slice.dimension = `. - type: array - items: - type: string - dataItemSchemaUri: + iouScore: + type: number + format: float description: >- - Points to a YAML file stored on Google Cloud Storage describing - EvaluatedDataItemView.data_item_payload and - EvaluatedAnnotation.data_item_payload. The schema is defined as an - OpenAPI 3.0.2 [Schema - Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). - This field is not populated if there are neither - EvaluatedDataItemViews nor EvaluatedAnnotations under this - ModelEvaluation. + The intersection ratio between the detection bounding box and the + mask. + description: + description: Description of the label type: string - annotationSchemaUri: + boundingBox: + $ref: >- + #/components/schemas/CloudAiLargeModelsVisionRaiInfoDetectedLabelsBoundingBox + description: Bounding box of the label + description: The properties for a detected entity from the rai signal. + GoogleCloudAiplatformV1RubricCritiqueResult: + id: GoogleCloudAiplatformV1RubricCritiqueResult + properties: + verdict: + readOnly: true description: >- - Points to a YAML file stored on Google Cloud Storage describing - EvaluatedDataItemView.predictions, - EvaluatedDataItemView.ground_truths, - EvaluatedAnnotation.predictions, and - EvaluatedAnnotation.ground_truths. The schema is defined as an - OpenAPI 3.0.2 [Schema - Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). - This field is not populated if there are neither - EvaluatedDataItemViews nor EvaluatedAnnotations under this - ModelEvaluation. + Output only. Verdict for the rubric - true if the rubric is met, + false otherwise. + type: boolean + rubric: + description: Output only. Rubric to be evaluated. type: string - modelExplanation: - description: >- - Aggregated explanation metrics for the Model's prediction output - over the data this ModelEvaluation uses. This field is populated - only if the Model is evaluated with explanations, and only for - AutoML tabular Models. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelExplanation' - explanationSpecs: - description: >- - Describes the values of ExplanationSpec that are used for explaining - the predicted values on the evaluated data. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelEvaluationModelEvaluationExplanationSpec - metadata: - description: >- - The metadata of the ModelEvaluation. For the ModelEvaluation - uploaded from Managed Pipeline, metadata contains a structured value - with keys of "pipeline_job_id", "evaluation_dataset_type", - "evaluation_dataset_path", "row_based_metrics_path". - type: any - GoogleCloudAiplatformV1ModelExplanation: - id: GoogleCloudAiplatformV1ModelExplanation - description: Aggregated explanation metrics for a Model over a set of instances. + readOnly: true type: object + description: Rubric critique result. + GoogleCloudAiplatformV1GenerateMemoriesRequestDirectContentsSourceEvent: + description: A single piece of conversation from which to generate memories. + type: object + id: GoogleCloudAiplatformV1GenerateMemoriesRequestDirectContentsSourceEvent properties: - meanAttributions: - description: >- - Output only. Aggregated attributions explaining the Model's - prediction outputs over the set of instances. The attributions are - grouped by outputs. For Models that predict only one output, such as - regression Models that predict only one score, there is only one - attibution that explains the predicted output. For Models that - predict multiple outputs, such as multiclass Models that predict - multiple classes, each element explains one specific item. - Attribution.output_index can be used to identify which output this - attribution is explaining. The baselineOutputValue, - instanceOutputValue and featureAttributions fields are averaged over - the test data. NOTE: Currently AutoML tabular classification Models - produce only one attribution, which averages attributions over all - the classes it predicts. Attribution.approximation_error is not - populated. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Attribution' - GoogleCloudAiplatformV1ModelEvaluationModelEvaluationExplanationSpec: - id: GoogleCloudAiplatformV1ModelEvaluationModelEvaluationExplanationSpec + content: + description: Required. A single piece of content from which to generate memories. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + GoogleCloudAiplatformV1PurgeExecutionsMetadata: type: object + description: Details of operations that perform MetadataService.PurgeExecutions. properties: - explanationType: - description: >- - Explanation type. For AutoML Image Classification models, possible - values are: * `image-integrated-gradients` * `image-xrai` - type: string - explanationSpec: - description: Explanation spec details. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplanationSpec' - GoogleCloudAiplatformV1BatchImportModelEvaluationSlicesRequest: - id: GoogleCloudAiplatformV1BatchImportModelEvaluationSlicesRequest - description: Request message for ModelService.BatchImportModelEvaluationSlices + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Operation metadata for purging Executions. + id: GoogleCloudAiplatformV1PurgeExecutionsMetadata + GoogleCloudAiplatformV1TrajectoryInOrderMatchInstance: + description: Spec for TrajectoryInOrderMatch instance. + properties: + referenceTrajectory: + description: Required. Spec for reference tool call trajectory. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' + predictedTrajectory: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' + description: Required. Spec for predicted tool call trajectory. + type: object + id: GoogleCloudAiplatformV1TrajectoryInOrderMatchInstance + GoogleCloudAiplatformV1ExportModelRequest: + id: GoogleCloudAiplatformV1ExportModelRequest + description: Request message for ModelService.ExportModel. type: object properties: - modelEvaluationSlices: - description: Required. Model evaluation slice resource to be imported. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelEvaluationSlice' - GoogleCloudAiplatformV1ModelEvaluationSlice: - id: GoogleCloudAiplatformV1ModelEvaluationSlice + outputConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ExportModelRequestOutputConfig + description: Required. The desired output location and configuration. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationTextTransformation: + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationTextTransformation description: >- - A collection of metrics calculated by comparing Model's predictions on a - slice of the test data against ground truth annotations. + Training pipeline will perform following transformation functions. * The + text as is--no change to case, punctuation, spelling, tense, and so on. + * Convert the category name to a dictionary lookup index and generate an + embedding for each index. type: object properties: - name: - description: Output only. The resource name of the ModelEvaluationSlice. - readOnly: true + columnName: + type: string + GoogleCloudAiplatformV1PublisherModel: + id: GoogleCloudAiplatformV1PublisherModel + description: A Model Garden Publisher Model. + properties: + versionId: type: string - slice: description: >- - Output only. The slice of the test data that is used to evaluate the - Model. + Output only. Immutable. The version ID of the PublisherModel. A new + version is committed when a new model version is uploaded under an + existing model id. It is an auto-incrementing decimal number in + string representation. readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelEvaluationSliceSlice - metricsSchemaUri: - description: >- - Output only. Points to a YAML file stored on Google Cloud Storage - describing the metrics of this ModelEvaluationSlice. The schema is - defined as an OpenAPI 3.0.2 [Schema - Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). + versionState: + type: string + enum: + - VERSION_STATE_UNSPECIFIED + - VERSION_STATE_STABLE + - VERSION_STATE_UNSTABLE + description: Optional. Indicates the state of the model version. + enumDescriptions: + - The version state is unspecified. + - Used to indicate the version is stable. + - Used to indicate the version is unstable. + publisherModelTemplate: readOnly: true type: string - metrics: description: >- - Output only. Sliced evaluation metrics of the Model. The schema of - the metrics is stored in metrics_schema_uri - readOnly: true - type: any - createTime: - description: Output only. Timestamp when this ModelEvaluationSlice was created. + Optional. Output only. Immutable. Used to indicate this model has a + publisher model and provide the template of the publisher model + resource name. + name: readOnly: true type: string - format: google-datetime - modelExplanation: + description: Output only. The resource name of the PublisherModel. + supportedActions: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToAction + description: Optional. Supported call-to-action options. + predictSchemata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictSchemata' description: >- - Output only. Aggregated explanation metrics for the Model's - prediction output over the data this ModelEvaluation uses. This - field is populated only if the Model is evaluated with explanations, - and only for tabular Models. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelExplanation' - GoogleCloudAiplatformV1ModelEvaluationSliceSlice: - id: GoogleCloudAiplatformV1ModelEvaluationSliceSlice - description: Definition of a slice. + Optional. The schemata that describes formats of the + PublisherModel's predictions and explanations as given and returned + via PredictionService.Predict. + launchStage: + enumDescriptions: + - The model launch stage is unspecified. + - >- + Used to indicate the PublisherModel is at Experimental launch + stage, available to a small set of customers. + - >- + Used to indicate the PublisherModel is at Private Preview launch + stage, only available to a small set of customers, although a + larger set of customers than an Experimental launch. Previews are + the first launch stage used to get feedback from customers. + - >- + Used to indicate the PublisherModel is at Public Preview launch + stage, available to all customers, although not supported for + production workloads. + - >- + Used to indicate the PublisherModel is at GA launch stage, + available to all customers and ready for production workload. + description: Optional. Indicates the launch stage of the model. + enum: + - LAUNCH_STAGE_UNSPECIFIED + - EXPERIMENTAL + - PRIVATE_PREVIEW + - PUBLIC_PREVIEW + - GA + type: string + openSourceCategory: + description: Required. Indicates the open source category of the publisher model. + enum: + - OPEN_SOURCE_CATEGORY_UNSPECIFIED + - PROPRIETARY + - GOOGLE_OWNED_OSS_WITH_GOOGLE_CHECKPOINT + - THIRD_PARTY_OWNED_OSS_WITH_GOOGLE_CHECKPOINT + - GOOGLE_OWNED_OSS + - THIRD_PARTY_OWNED_OSS + enumDescriptions: + - The open source category is unspecified, which should not be used. + - Used to indicate the PublisherModel is not open sourced. + - >- + Used to indicate the PublisherModel is a Google-owned open source + model w/ Google checkpoint. + - >- + Used to indicate the PublisherModel is a 3p-owned open source + model w/ Google checkpoint. + - >- + Used to indicate the PublisherModel is a Google-owned pure open + source model. + - >- + Used to indicate the PublisherModel is a 3p-owned pure open source + model. + type: string + frameworks: + type: array + description: Optional. Additional information about the model's Frameworks. + items: + type: string + type: object + GoogleCloudAiplatformV1SchemaImageDataItem: type: object + id: GoogleCloudAiplatformV1SchemaImageDataItem + description: Payload of Image DataItem. properties: - dimension: + gcsUri: description: >- - Output only. The dimension of the slice. Well-known dimensions are: - * `annotationSpec`: This slice is on the test data that has either - ground truth or prediction with AnnotationSpec.display_name equals - to value. * `slice`: This slice is a user customized slice defined - by its SliceSpec. - readOnly: true + Required. Google Cloud Storage URI points to the original image in + user's bucket. The image is up to 30MB in size. type: string - value: - description: Output only. The value of the dimension in this slice. + mimeType: readOnly: true + description: >- + Output only. The mime type of the content of the image. Only the + images in below listed mime types are supported. - image/jpeg - + image/gif - image/png - image/webp - image/bmp - image/tiff - + image/vnd.microsoft.icon type: string - sliceSpec: - description: Output only. Specification for how the data was sliced. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsGranularity: + properties: + unit: + description: >- + The time granularity unit of this time period. The supported units + are: * "minute" * "hour" * "day" * "week" * "month" * "year" + type: string + quantity: + format: int64 + type: string + description: >- + The number of granularity_units between data points in the training + data. If `granularity_unit` is `minute`, can be 1, 5, 10, 15, or 30. + For all other values of `granularity_unit`, must be 1. + description: A duration of time expressed in time granularity units. + type: object + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsGranularity + GoogleCloudAiplatformV1ModelOriginalModelInfo: + description: Contains information about the original Model if this Model is a copy. + id: GoogleCloudAiplatformV1ModelOriginalModelInfo + properties: + model: + type: string + description: >- + Output only. The resource name of the Model this Model is a copy of, + including the revision. Format: + `projects/{project}/locations/{location}/models/{model_id}@{version_id}` readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpec - GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpec: - id: GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpec - description: Specification for how the data should be sliced. type: object + GoogleCloudAiplatformV1NotebookExecutionJobGcsNotebookSource: + id: GoogleCloudAiplatformV1NotebookExecutionJobGcsNotebookSource + description: The Cloud Storage uri for the input notebook. properties: - configs: + uri: + type: string description: >- - Mapping configuration for this SliceSpec. The key is the name of the - feature. By default, the key will be prefixed by "instance" as a - dictionary prefix for Vertex Batch Predictions output format. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecSliceConfig - GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecSliceConfig: - id: GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecSliceConfig - description: >- - Specification message containing the config for this SliceSpec. When - `kind` is selected as `value` and/or `range`, only a single slice will - be computed. When `all_values` is present, a separate slice will be - computed for each possible label/value for the corresponding key in - `config`. Examples, with feature zip_code with values 12345, 23334, - 88888 and feature country with values "US", "Canada", "Mexico" in the - dataset: Example 1: { "zip_code": { "value": { "float_value": 12345.0 } - } } A single slice for any data with zip_code 12345 in the dataset. - Example 2: { "zip_code": { "range": { "low": 12345, "high": 20000 } } } - A single slice containing data where the zip_codes between 12345 and - 20000 For this example, data with the zip_code of 12345 will be in this - slice. Example 3: { "zip_code": { "range": { "low": 10000, "high": 20000 - } }, "country": { "value": { "string_value": "US" } } } A single slice - containing data where the zip_codes between 10000 and 20000 has the - country "US". For this example, data with the zip_code of 12345 and - country "US" will be in this slice. Example 4: { "country": - {"all_values": { "value": true } } } Three slices are computed, one for - each unique country in the dataset. Example 5: { "country": { - "all_values": { "value": true } }, "zip_code": { "value": { - "float_value": 12345.0 } } } Three slices are computed, one for each - unique country in the dataset where the zip_code is also 12345. For this - example, data with zip_code 12345 and country "US" will be in one slice, - zip_code 12345 and country "Canada" in another slice, and zip_code 12345 - and country "Mexico" in another slice, totaling 3 slices. + The Cloud Storage uri pointing to the ipynb file. Format: + `gs://bucket/notebook_file.ipynb` + generation: + description: >- + The version of the Cloud Storage object to read. If unset, the + current version of the object is read. See + https://cloud.google.com/storage/docs/metadata#generation-number. + type: string + type: object + GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingDataset: type: object + id: GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingDataset + description: Training Dataset information. properties: - value: + targetField: + type: string description: >- - A unique specific value for a given feature. Example: `{ "value": { - "string_value": "12345" } }` - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecValue - range: + The target field name the model is to predict. This field will be + excluded when doing Predict and (or) Explain for the training data. + bigquerySource: + $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQuerySource' description: >- - A range of values for a numerical feature. Example: - `{"range":{"low":10000.0,"high":50000.0}}` will capture 12345 and - 23334 in the slice. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecRange - allValues: + The BigQuery table of the unmanaged Dataset used to train this + Model. + dataset: + type: string + description: The resource name of the Dataset used to train this Model. + dataFormat: + type: string description: >- - If all_values is set to true, then all possible labels of the keyed - feature will have another slice computed. Example: - `{"all_values":{"value":true}}` - type: boolean - GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecValue: - id: GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecValue - description: Single value that supports strings and floats. - type: object + Data format of the dataset, only applicable if the input is from + Google Cloud Storage. The possible formats are: "tf-record" The + source file is a TFRecord file. "csv" The source file is a CSV file. + "jsonl" The source file is a JSONL file. + gcsSource: + description: >- + The Google Cloud Storage uri of the unmanaged Dataset used to train + this Model. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' + loggingSamplingStrategy: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SamplingStrategy' + description: >- + Strategy to sample data from Training Dataset. If not set, we + process the whole dataset. + GoogleCloudAiplatformV1NotebookExecutionJobDataformRepositorySource: + id: GoogleCloudAiplatformV1NotebookExecutionJobDataformRepositorySource properties: - stringValue: - description: String type. + commitSha: + description: >- + The commit SHA to read repository with. If unset, the file will be + read at HEAD. + type: string + dataformRepositoryResourceName: + description: >- + The resource name of the Dataform Repository. Format: + `projects/{project_id}/locations/{location}/repositories/{repository_id}` type: string - floatValue: - description: Float type. - type: number - format: float - GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecRange: - id: GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecRange - description: A range of values for slice(s). `low` is inclusive, `high` is exclusive. type: object + description: The Dataform Repository containing the input notebook. + GoogleCloudAiplatformV1CreateNotebookExecutionJobRequest: + description: Request message for [NotebookService.CreateNotebookExecutionJob] properties: - low: - description: Inclusive low value for the range. - type: number - format: float - high: - description: Exclusive high value for the range. - type: number - format: float - GoogleCloudAiplatformV1BatchImportModelEvaluationSlicesResponse: - id: GoogleCloudAiplatformV1BatchImportModelEvaluationSlicesResponse - description: Response message for ModelService.BatchImportModelEvaluationSlices + notebookExecutionJobId: + description: Optional. User specified ID for the NotebookExecutionJob. + type: string + parent: + type: string + description: >- + Required. The resource name of the Location to create the + NotebookExecutionJob. Format: + `projects/{project}/locations/{location}` + notebookExecutionJob: + description: Required. The NotebookExecutionJob to create. + $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJob' type: object + id: GoogleCloudAiplatformV1CreateNotebookExecutionJobRequest + GoogleCloudAiplatformV1PairwiseSummarizationQualityInstance: + id: GoogleCloudAiplatformV1PairwiseSummarizationQualityInstance + description: Spec for pairwise summarization quality instance. properties: - importedModelEvaluationSlices: - description: Output only. List of imported ModelEvaluationSlice.name. - readOnly: true - type: array - items: - type: string - GoogleCloudAiplatformV1BatchImportEvaluatedAnnotationsRequest: - id: GoogleCloudAiplatformV1BatchImportEvaluatedAnnotationsRequest - description: Request message for ModelService.BatchImportEvaluatedAnnotations + instruction: + type: string + description: Required. Summarization prompt for LLM. + context: + description: Required. Text to be summarized. + type: string + reference: + type: string + description: Optional. Ground truth used to compare against the prediction. + prediction: + type: string + description: Required. Output of the candidate model. + baselinePrediction: + type: string + description: Required. Output of the baseline model. type: object + GoogleCloudAiplatformV1SlackSource: + id: GoogleCloudAiplatformV1SlackSource + description: The Slack source for the ImportRagFilesRequest. properties: - evaluatedAnnotations: - description: Required. Evaluated annotations resource to be imported. + channels: + description: Required. The Slack channels. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluatedAnnotation' - GoogleCloudAiplatformV1EvaluatedAnnotation: - id: GoogleCloudAiplatformV1EvaluatedAnnotation - description: >- - True positive, false positive, or false negative. EvaluatedAnnotation is - only available under ModelEvaluationSlice with slice of `annotationSpec` - dimension. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SlackSourceSlackChannels type: object + GoogleCloudAiplatformV1ListModelVersionCheckpointsResponse: + id: GoogleCloudAiplatformV1ListModelVersionCheckpointsResponse + type: object + description: Response message for ModelService.ListModelVersionCheckpoints properties: - type: - description: Output only. Type of the EvaluatedAnnotation. - readOnly: true - type: string - enumDescriptions: - - Invalid value. - - >- - The EvaluatedAnnotation is a true positive. It has a prediction - created by the Model and a ground truth Annotation which the - prediction matches. - - >- - The EvaluatedAnnotation is false positive. It has a prediction - created by the Model which does not match any ground truth - annotation. - - >- - The EvaluatedAnnotation is false negative. It has a ground truth - annotation which is not matched by any of the model created - predictions. - enum: - - EVALUATED_ANNOTATION_TYPE_UNSPECIFIED - - TRUE_POSITIVE - - FALSE_POSITIVE - - FALSE_NEGATIVE - predictions: - description: >- - Output only. The model predicted annotations. For true positive, - there is one and only one prediction, which matches the only one - ground truth annotation in ground_truths. For false positive, there - is one and only one prediction, which doesn't match any ground truth - annotation of the corresponding data_item_view_id. For false - negative, there are zero or more predictions which are similar to - the only ground truth annotation in ground_truths but not enough for - a match. The schema of the prediction is stored in - ModelEvaluation.annotation_schema_uri - readOnly: true + checkpoints: type: array items: - type: any - groundTruths: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelVersionCheckpoint' + description: List of Model Version checkpoints. + nextPageToken: description: >- - Output only. The ground truth Annotations, i.e. the Annotations that - exist in the test data the Model is evaluated on. For true positive, - there is one and only one ground truth annotation, which matches the - only prediction in predictions. For false positive, there are zero - or more ground truth annotations that are similar to the only - prediction in predictions, but not enough for a match. For false - negative, there is one and only one ground truth annotation, which - doesn't match any predictions created by the model. The schema of - the ground truth is stored in ModelEvaluation.annotation_schema_uri - readOnly: true - type: array + A token to retrieve the next page of results. Pass to + ListModelVersionCheckpointsRequest.page_token to obtain that page. + type: string + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoActionRecognition: + properties: + inputs: + description: The input parameters of this TrainingJob. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoActionRecognitionInputs + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoActionRecognition + description: >- + A TrainingJob that trains and uploads an AutoML Video Action Recognition + Model. + type: object + GoogleCloudAiplatformV1UpdateExplanationDatasetResponse: + description: Response message of ModelService.UpdateExplanationDataset operation. + properties: {} + id: GoogleCloudAiplatformV1UpdateExplanationDatasetResponse + type: object + GoogleCloudAiplatformV1PublisherModelCallToActionOpenFineTuningPipelines: + description: Open fine tuning pipelines. + properties: + fineTuningPipelines: items: - type: any - dataItemPayload: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences + type: array + description: Required. Regional resource references to fine tuning pipelines. + id: GoogleCloudAiplatformV1PublisherModelCallToActionOpenFineTuningPipelines + type: object + GoogleCloudAiplatformV1Schema: + description: >- + Schema is used to define the format of input/output data. Represents a + select subset of an [OpenAPI 3.0 schema + object](https://spec.openapis.org/oas/v3.0.3#schema-object). More fields + may be added in the future as needed. + id: GoogleCloudAiplatformV1Schema + properties: + format: + type: string description: >- - Output only. The data item payload that the Model predicted this - EvaluatedAnnotation on. - readOnly: true + Optional. The format of the data. Supported formats: for NUMBER + type: "float", "double" for INTEGER type: "int32", "int64" for + STRING type: "email", "byte", etc + defs: + type: object + additionalProperties: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Schema' + description: >- + Optional. A map of definitions for use by `ref` Only allowed at the + root of the schema. + nullable: + description: Optional. Indicates if the value may be null. + type: boolean + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Schema' + description: >- + Optional. SCHEMA FIELDS FOR TYPE ARRAY Schema of the elements of + Type.ARRAY. + additionalProperties: type: any - evaluatedDataItemViewId: description: >- - Output only. ID of the EvaluatedDataItemView under the same ancestor - ModelEvaluation. The EvaluatedDataItemView consists of all ground - truths and predictions on data_item_payload. - readOnly: true + Optional. Can either be a boolean or an object; controls the + presence of additional properties. + minItems: type: string - explanations: - description: >- - Explanations of predictions. Each element of the explanations - indicates the explanation for one explanation Method. The - attributions list in the EvaluatedAnnotationExplanation.explanation - object corresponds to the predictions list. For example, the second - element in the attributions list explains the second element in the - predictions list. + description: Optional. Minimum number of the elements for Type.ARRAY. + format: int64 + default: + description: Optional. Default value of the data. + type: any + description: + description: Optional. The description of the data. + type: string + enum: type: array + description: >- + Optional. Possible values of the element of primitive type with enum + format. Examples: 1. We can define direction as : {type:STRING, + format:enum, enum:["EAST", NORTH", "SOUTH", "WEST"]} 2. We can + define apartment number as : {type:INTEGER, format:enum, + enum:["101", "201", "301"]} items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1EvaluatedAnnotationExplanation - errorAnalysisAnnotations: - description: Annotations of model error analysis results. + type: string + propertyOrdering: + description: >- + Optional. The order of the properties. Not a standard field in open + api spec. Only used to support the order of the properties. type: array items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ErrorAnalysisAnnotation - GoogleCloudAiplatformV1EvaluatedAnnotationExplanation: - id: GoogleCloudAiplatformV1EvaluatedAnnotationExplanation - description: Explanation result of the prediction produced by the Model. - type: object - properties: - explanationType: + type: string + anyOf: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Schema' + type: array description: >- - Explanation type. For AutoML Image Classification models, possible - values are: * `image-integrated-gradients` * `image-xrai` + Optional. The value should be validated against any (one or more) of + the subschemas in the list. + pattern: + description: >- + Optional. Pattern of the Type.STRING to restrict a string to a + regular expression. type: string - explanation: - description: Explanation attribution response details. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Explanation' - GoogleCloudAiplatformV1ErrorAnalysisAnnotation: - id: GoogleCloudAiplatformV1ErrorAnalysisAnnotation - description: Model error analysis for each annotation. - type: object - properties: - attributedItems: + properties: + type: object + description: Optional. SCHEMA FIELDS FOR TYPE OBJECT Properties of Type.OBJECT. + additionalProperties: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Schema' + example: description: >- - Attributed items for a given annotation, typically representing - neighbors from the training sets constrained by the query type. + Optional. Example of the object. Will only populated when the object + is the root. + type: any + required: + description: Optional. Required properties of Type.OBJECT. type: array items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ErrorAnalysisAnnotationAttributedItem - queryType: - description: The query type used for finding the attributed items. + type: string + title: type: string + description: Optional. The title of the Schema. + type: enumDescriptions: - - Unspecified query type for model error analysis. - - Query similar samples across all classes in the dataset. - - Query similar samples from the same class of the input sample. - - Query dissimilar samples from the same class of the input sample. + - Not specified, should not be used. + - OpenAPI string type + - OpenAPI number type + - OpenAPI integer type + - OpenAPI boolean type + - OpenAPI array type + - OpenAPI object type + - Null type enum: - - QUERY_TYPE_UNSPECIFIED - - ALL_SIMILAR - - SAME_CLASS_SIMILAR - - SAME_CLASS_DISSIMILAR - outlierScore: - description: >- - The outlier score of this annotated item. Usually defined as the min - of all distances from attributed items. + - TYPE_UNSPECIFIED + - STRING + - NUMBER + - INTEGER + - BOOLEAN + - ARRAY + - OBJECT + - 'NULL' + type: string + description: Optional. The type of the data. + minProperties: + description: Optional. Minimum number of the properties for Type.OBJECT. + type: string + format: int64 + maximum: type: number format: double - outlierThreshold: + description: Optional. Maximum value of the Type.INTEGER and Type.NUMBER + maxProperties: + description: Optional. Maximum number of the properties for Type.OBJECT. + format: int64 + type: string + ref: description: >- - The threshold used to determine if this annotation is an outlier or - not. + Optional. Allows indirect references between schema nodes. The value + should be a valid reference to a child of the root `defs`. For + example, the following schema defines a reference to a schema node + named "Pet": type: object properties: pet: ref: #/defs/Pet defs: + Pet: type: object properties: name: type: string The value of the + "pet" property is a reference to the schema node named "Pet". See + details in + https://json-schema.org/understanding-json-schema/structuring + type: string + maxLength: + format: int64 + description: Optional. Maximum length of the Type.STRING + type: string + minimum: type: number + description: >- + Optional. SCHEMA FIELDS FOR TYPE INTEGER and NUMBER Minimum value of + the Type.INTEGER and Type.NUMBER format: double - GoogleCloudAiplatformV1ErrorAnalysisAnnotationAttributedItem: - id: GoogleCloudAiplatformV1ErrorAnalysisAnnotationAttributedItem - description: >- - Attributed items for a given annotation, typically representing - neighbors from the training sets constrained by the query type. - type: object - properties: - annotationResourceName: + maxItems: + type: string + format: int64 + description: Optional. Maximum number of the elements for Type.ARRAY. + minLength: + format: int64 description: >- - The unique ID for each annotation. Used by FE to allocate the - annotation in DB. + Optional. SCHEMA FIELDS FOR TYPE STRING Minimum length of the + Type.STRING type: string - distance: - description: The distance of this item to the annotation. - type: number - format: double - GoogleCloudAiplatformV1BatchImportEvaluatedAnnotationsResponse: - id: GoogleCloudAiplatformV1BatchImportEvaluatedAnnotationsResponse - description: Response message for ModelService.BatchImportEvaluatedAnnotations type: object - properties: - importedEvaluatedAnnotationsCount: - description: Output only. Number of EvaluatedAnnotations imported. - readOnly: true - type: integer - format: int32 - GoogleCloudAiplatformV1ListModelEvaluationsResponse: - id: GoogleCloudAiplatformV1ListModelEvaluationsResponse - description: Response message for ModelService.ListModelEvaluations. + GoogleCloudAiplatformV1CorroborateContentRequest: + id: GoogleCloudAiplatformV1CorroborateContentRequest type: object + description: Request message for CorroborateContent. properties: - modelEvaluations: - description: List of ModelEvaluations in the requested page. + content: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + description: >- + Optional. Input content to corroborate, only text format is + supported for now. + facts: type: array + description: >- + Optional. Facts used to generate the text can also be used to + corroborate the text. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelEvaluation' - nextPageToken: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Fact' + parameters: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CorroborateContentRequestParameters description: >- - A token to retrieve next page of results. Pass to - ListModelEvaluationsRequest.page_token to obtain that page. - type: string - GoogleCloudAiplatformV1ListModelEvaluationSlicesResponse: - id: GoogleCloudAiplatformV1ListModelEvaluationSlicesResponse - description: Response message for ModelService.ListModelEvaluationSlices. - type: object + Optional. Parameters that can be set to override default settings + per request. + CloudAiLargeModelsVisionRaiInfoDetectedLabels: + description: Filters returning list of deteceted labels, scores, and bounding boxes. properties: - modelEvaluationSlices: - description: List of ModelEvaluations in the requested page. + raiCategory: + type: string + description: The RAI category for the deteceted labels. + entities: + description: The list of detected entities for the rai signal. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelEvaluationSlice' - nextPageToken: + $ref: >- + #/components/schemas/CloudAiLargeModelsVisionRaiInfoDetectedLabelsEntity + id: CloudAiLargeModelsVisionRaiInfoDetectedLabels + type: object + GoogleCloudAiplatformV1ToolConfig: + properties: + retrievalConfig: + description: Optional. Retrieval config. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RetrievalConfig' + functionCallingConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FunctionCallingConfig' + description: Optional. Function calling config. + id: GoogleCloudAiplatformV1ToolConfig + description: >- + Tool config. This config is shared for all tools provided in the + request. + type: object + GoogleCloudAiplatformV1CancelHyperparameterTuningJobRequest: + id: GoogleCloudAiplatformV1CancelHyperparameterTuningJobRequest + description: Request message for JobService.CancelHyperparameterTuningJob. + type: object + properties: {} + GoogleCloudAiplatformV1ShieldedVmConfig: + id: GoogleCloudAiplatformV1ShieldedVmConfig + properties: + enableSecureBoot: description: >- - A token to retrieve next page of results. Pass to - ListModelEvaluationSlicesRequest.page_token to obtain that page. - type: string - GoogleCloudAiplatformV1NotebookRuntimeTemplate: - id: GoogleCloudAiplatformV1NotebookRuntimeTemplate + Defines whether the instance has [Secure + Boot](https://cloud.google.com/compute/shielded-vm/docs/shielded-vm#secure-boot) + enabled. Secure Boot helps ensure that the system only runs + authentic software by verifying the digital signature of all boot + components, and halting the boot process if signature verification + fails. + type: boolean description: >- - A template that specifies runtime configurations such as machine type, - runtime version, network configurations, etc. Multiple runtimes can be - created from a runtime template. + A set of Shielded Instance options. See [Images using supported Shielded + VM + features](https://cloud.google.com/compute/docs/instances/modifying-shielded-vm). type: object + GoogleCloudAiplatformV1ExportFilterSplit: + description: >- + Assigns input data to training, validation, and test sets based on the + given filters, data pieces not matched by any filter are ignored. + Currently only supported for Datasets containing DataItems. If any of + the filters in this message are to match nothing, then they can be set + as '-' (the minus sign). Supported only for unstructured Datasets. properties: - name: - description: The resource name of the NotebookRuntimeTemplate. + trainingFilter: + description: >- + Required. A filter on DataItems of the Dataset. DataItems that match + this filter are used to train the Model. A filter with same syntax + as the one used in DatasetService.ListDataItems may be used. If a + single DataItem is matched by more than one of the FilterSplit + filters, then it is assigned to the first set that applies to it in + the training, validation, test order. type: string - displayName: + testFilter: description: >- - Required. The display name of the NotebookRuntimeTemplate. The name - can be up to 128 characters long and can consist of any UTF-8 - characters. + Required. A filter on DataItems of the Dataset. DataItems that match + this filter are used to test the Model. A filter with same syntax as + the one used in DatasetService.ListDataItems may be used. If a + single DataItem is matched by more than one of the FilterSplit + filters, then it is assigned to the first set that applies to it in + the training, validation, test order. type: string - description: - description: The description of the NotebookRuntimeTemplate. + validationFilter: type: string - isDefault: description: >- - Output only. Deprecated: This field has no behavior. Use - notebook_runtime_type = 'ONE_CLICK' instead. The default template to - use if not specified. - readOnly: true - deprecated: true - type: boolean - machineSpec: + Required. A filter on DataItems of the Dataset. DataItems that match + this filter are used to validate the Model. A filter with same + syntax as the one used in DatasetService.ListDataItems may be used. + If a single DataItem is matched by more than one of the FilterSplit + filters, then it is assigned to the first set that applies to it in + the training, validation, test order. + type: object + id: GoogleCloudAiplatformV1ExportFilterSplit + GoogleCloudAiplatformV1BatchMigrateResourcesOperationMetadataPartialResult: + type: object + description: >- + Represents a partial result in batch migration operation for one + MigrateResourceRequest. + properties: + error: + $ref: '#/components/schemas/GoogleRpcStatus' + description: The error result of the migration request in case of failure. + model: + type: string + description: Migrated model resource name. + dataset: + description: Migrated dataset resource name. + type: string + request: description: >- - Optional. Immutable. The specification of a single machine for the - template. - $ref: '#/components/schemas/GoogleCloudAiplatformV1MachineSpec' - dataPersistentDiskSpec: + It's the same as the value in + BatchMigrateResourcesRequest.migrate_resource_requests. + $ref: '#/components/schemas/GoogleCloudAiplatformV1MigrateResourceRequest' + id: >- + GoogleCloudAiplatformV1BatchMigrateResourcesOperationMetadataPartialResult + GoogleCloudAiplatformV1AnnotationSpec: + description: Identifies a concept with which DataItems may be annotated with. + type: object + properties: + createTime: + type: string + format: google-datetime + readOnly: true + description: Output only. Timestamp when this AnnotationSpec was created. + updateTime: + readOnly: true + description: Output only. Timestamp when AnnotationSpec was last updated. + format: google-datetime + type: string + etag: + type: string description: >- - Optional. The specification of persistent disk attached to the - runtime as data disk storage. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PersistentDiskSpec' - networkSpec: - description: Optional. Network spec. - $ref: '#/components/schemas/GoogleCloudAiplatformV1NetworkSpec' - serviceAccount: - description: >- - Deprecated: This field is ignored and the "Vertex AI Notebook - Service Account" - (service-PROJECT_NUMBER@gcp-sa-aiplatform-vm.iam.gserviceaccount.com) - is used for the runtime workload identity. See - https://cloud.google.com/iam/docs/service-agents#vertex-ai-notebook-service-account - for more details. For NotebookExecutionJob, use - NotebookExecutionJob.service_account instead. The service account - that the runtime workload runs as. You can use any service account - within the same project, but you must have the service account user - permission to use the instance. If not specified, the [Compute - Engine default service - account](https://cloud.google.com/compute/docs/access/service-accounts#default_service_account) - is used. - deprecated: true - type: string - etag: - description: >- - Used to perform consistent read-modify-write updates. If not set, a - blind "overwrite" update happens. + Optional. Used to perform consistent read-modify-write updates. If + not set, a blind "overwrite" update happens. + displayName: type: string - labels: - description: >- - The labels with user-defined metadata to organize the - NotebookRuntimeTemplates. Label keys and values can be no longer - than 64 characters (Unicode codepoints), can only contain lowercase - letters, numeric characters, underscores and dashes. International - characters are allowed. See https://goo.gl/xmQnxf for more - information and examples of labels. - type: object - additionalProperties: - type: string - idleShutdownConfig: - description: >- - The idle shutdown configuration of NotebookRuntimeTemplate. This - config will only be set when idle shutdown is enabled. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NotebookIdleShutdownConfig - eucConfig: - description: EUC configuration of the NotebookRuntimeTemplate. - $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookEucConfig' - createTime: description: >- - Output only. Timestamp when this NotebookRuntimeTemplate was - created. - readOnly: true + Required. The user-defined name of the AnnotationSpec. The name can + be up to 128 characters long and can consist of any UTF-8 + characters. + name: type: string - format: google-datetime - updateTime: - description: >- - Output only. Timestamp when this NotebookRuntimeTemplate was most - recently updated. readOnly: true - type: string - format: google-datetime - notebookRuntimeType: - description: Optional. Immutable. The type of the notebook runtime template. - type: string - enumDescriptions: - - >- - Unspecified notebook runtime type, NotebookRuntimeType will - default to USER_DEFINED. - - runtime or template with coustomized configurations from user. - - runtime or template with system defined configurations. - enum: - - NOTEBOOK_RUNTIME_TYPE_UNSPECIFIED - - USER_DEFINED - - ONE_CLICK - shieldedVmConfig: - description: Optional. Immutable. Runtime Shielded VM spec. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ShieldedVmConfig' - networkTags: - description: >- - Optional. The Compute Engine tags to add to runtime (see [Tagging - instances](https://cloud.google.com/vpc/docs/add-remove-network-tags)). - type: array - items: - type: string - reservationAffinity: - description: Optional. Reservation Affinity of the notebook runtime template. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NotebookReservationAffinity - encryptionSpec: - description: Customer-managed encryption key spec for the notebook runtime. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - softwareConfig: - description: >- - Optional. The notebook software configuration of the notebook - runtime. - $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookSoftwareConfig' - GoogleCloudAiplatformV1PersistentDiskSpec: - id: GoogleCloudAiplatformV1PersistentDiskSpec - description: Represents the spec of persistent disk options. + description: Output only. Resource name of the AnnotationSpec. + id: GoogleCloudAiplatformV1AnnotationSpec + GoogleCloudAiplatformV1ToolNameMatchMetricValue: type: object + id: GoogleCloudAiplatformV1ToolNameMatchMetricValue + description: Tool name match metric value for an instance. properties: - diskType: - description: >- - Type of the disk (default is "pd-standard"). Valid values: "pd-ssd" - (Persistent Disk Solid State Drive) "pd-standard" (Persistent Disk - Hard Disk Drive) "pd-balanced" (Balanced Persistent Disk) - "pd-extreme" (Extreme Persistent Disk) - type: string - diskSizeGb: - description: Size in GB of the disk (default is 100GB). - type: string - format: int64 - GoogleCloudAiplatformV1NetworkSpec: - id: GoogleCloudAiplatformV1NetworkSpec - description: Network spec. + score: + readOnly: true + type: number + description: Output only. Tool name match score. + format: float + GoogleCloudAiplatformV1ListHyperparameterTuningJobsResponse: + description: Response message for JobService.ListHyperparameterTuningJobs + id: GoogleCloudAiplatformV1ListHyperparameterTuningJobsResponse type: object properties: - enableInternetAccess: - description: Whether to enable public internet access. Default false. - type: boolean - network: + hyperparameterTuningJobs: description: >- - The full name of the Google Compute Engine - [network](https://cloud.google.com//compute/docs/networks-and-firewalls#networks) - type: string - subnetwork: + List of HyperparameterTuningJobs in the requested page. + HyperparameterTuningJob.trials of the jobs will be not be returned. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1HyperparameterTuningJob + nextPageToken: description: >- - The name of the subnet that this instance is in. Format: - `projects/{project_id_or_number}/regions/{region}/subnetworks/{subnetwork_id}` + A token to retrieve the next page of results. Pass to + ListHyperparameterTuningJobsRequest.page_token to obtain that page. type: string - GoogleCloudAiplatformV1NotebookIdleShutdownConfig: - id: GoogleCloudAiplatformV1NotebookIdleShutdownConfig - description: >- - The idle shutdown configuration of NotebookRuntimeTemplate, which - contains the idle_timeout as required field. + GoogleCloudAiplatformV1ExplainRequest: + description: Request message for PredictionService.Explain. + id: GoogleCloudAiplatformV1ExplainRequest type: object properties: - idleTimeout: + explanationSpecOverride: description: >- - Required. Duration is accurate to the second. In Notebook, Idle - Timeout is accurate to minute so the range of idle_timeout (second) - is: 10 * 60 ~ 1440 * 60. + If specified, overrides the explanation_spec of the DeployedModel. + Can be used for explaining prediction results with different + configurations, such as: - Explaining top-5 predictions results as + opposed to top-1; - Increasing path count or step count of the + attribution methods to reduce approximate errors; - Using different + baselines for explaining the prediction results. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplanationSpecOverride' + parameters: + description: >- + The parameters that govern the prediction. The schema of the + parameters may be specified via Endpoint's DeployedModels' Model's + PredictSchemata's parameters_schema_uri. + type: any + deployedModelId: type: string - format: google-duration - idleShutdownDisabled: - description: Whether Idle Shutdown is disabled in this NotebookRuntimeTemplate. - type: boolean - GoogleCloudAiplatformV1NotebookEucConfig: - id: GoogleCloudAiplatformV1NotebookEucConfig - description: The euc configuration of NotebookRuntimeTemplate. - type: object - properties: - eucDisabled: description: >- - Input only. Whether EUC is disabled in this NotebookRuntimeTemplate. - In proto3, the default value of a boolean is false. In this way, by - default EUC will be enabled for NotebookRuntimeTemplate. - type: boolean - bypassActasCheck: + If specified, this ExplainRequest will be served by the chosen + DeployedModel, overriding Endpoint.traffic_split. + instances: description: >- - Output only. Whether ActAs check is bypassed for service account - attached to the VM. If false, we need ActAs check for the default - Compute Engine Service account. When a Runtime is created, a VM is - allocated using Default Compute Engine Service Account. Any user - requesting to use this Runtime requires Service Account User (ActAs) - permission over this SA. If true, Runtime owner is using EUC and - does not require the above permission as VM no longer use default - Compute Engine SA, but a P4SA. - readOnly: true - type: boolean - GoogleCloudAiplatformV1ShieldedVmConfig: - id: GoogleCloudAiplatformV1ShieldedVmConfig - description: >- - A set of Shielded Instance options. See [Images using supported Shielded - VM - features](https://cloud.google.com/compute/docs/instances/modifying-shielded-vm). - type: object + Required. The instances that are the input to the explanation call. + A DeployedModel may have an upper limit on the number of instances + it supports per request, and when it is exceeded the explanation + call errors in case of AutoML Models, or, in case of customer + created Models, the behaviour is as documented by that Model. The + schema of any single instance may be specified via Endpoint's + DeployedModels' Model's PredictSchemata's instance_schema_uri. + type: array + items: + type: any + GoogleCloudAiplatformV1FeatureNoiseSigmaNoiseSigmaForFeature: + id: GoogleCloudAiplatformV1FeatureNoiseSigmaNoiseSigmaForFeature + description: Noise sigma for a single feature. properties: - enableSecureBoot: + name: + type: string description: >- - Defines whether the instance has [Secure - Boot](https://cloud.google.com/compute/shielded-vm/docs/shielded-vm#secure-boot) - enabled. Secure Boot helps ensure that the system only runs - authentic software by verifying the digital signature of all boot - components, and halting the boot process if signature verification - fails. - type: boolean - GoogleCloudAiplatformV1NotebookReservationAffinity: - id: GoogleCloudAiplatformV1NotebookReservationAffinity - description: Notebook Reservation Affinity for consuming Zonal reservation. + The name of the input feature for which noise sigma is provided. The + features are defined in explanation metadata inputs. + sigma: + format: float + type: number + description: >- + This represents the standard deviation of the Gaussian kernel that + will be used to add noise to the feature prior to computing + gradients. Similar to noise_sigma but represents the noise added to + the current feature. Defaults to 0.1. type: object + GoogleCloudLocationLocation: + id: GoogleCloudLocationLocation properties: - consumeReservationType: + name: description: >- - Required. Specifies the type of reservation from which this instance - can consume resources: RESERVATION_ANY (default), - RESERVATION_SPECIFIC, or RESERVATION_NONE. See Consuming reserved - instances for examples. + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` type: string - enumDescriptions: - - Default type. - - Do not consume from any allocated capacity. - - Consume any reservation available. - - >- - Must consume from a specific reservation. Must specify key value - fields for specifying the reservations. - enum: - - RESERVATION_AFFINITY_TYPE_UNSPECIFIED - - RESERVATION_NONE - - RESERVATION_ANY - - RESERVATION_SPECIFIC - key: + metadata: description: >- - Optional. Corresponds to the label key of a reservation resource. To - target a RESERVATION_SPECIFIC by name, use - compute.googleapis.com/reservation-name as the key and specify the - name of your reservation as its value. + Service-specific metadata. For example the available capacity at the + given location. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + displayName: type: string - values: description: >- - Optional. Corresponds to the label values of a reservation resource. - This must be the full path name of Reservation. - type: array - items: + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + labels: + type: object + additionalProperties: type: string - GoogleCloudAiplatformV1NotebookSoftwareConfig: - id: GoogleCloudAiplatformV1NotebookSoftwareConfig + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + description: A resource that represents a Google Cloud location. + type: object + GoogleCloudAiplatformV1BatchCreateFeaturesRequest: description: >- - Notebook Software Config. This is passed to the backend when user makes - software configurations in UI. + Request message for FeaturestoreService.BatchCreateFeatures. Request + message for FeatureRegistryService.BatchCreateFeatures. type: object properties: - colabImage: - description: Optional. Google-managed NotebookRuntime colab image. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ColabImage' - env: - description: >- - Optional. Environment variables to be passed to the container. - Maximum limit is 100. + requests: type: array + description: >- + Required. The request message specifying the Features to create. All + Features must be created under the same parent EntityType / + FeatureGroup. The `parent` field in each child request message can + be omitted. If `parent` is set in a child request, then the value + must match the `parent` value in this request message. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1EnvVar' - postStartupScriptConfig: - description: Optional. Post startup script config. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PostStartupScriptConfig' - GoogleCloudAiplatformV1ColabImage: - id: GoogleCloudAiplatformV1ColabImage - description: Colab image of the runtime. + $ref: '#/components/schemas/GoogleCloudAiplatformV1CreateFeatureRequest' + id: GoogleCloudAiplatformV1BatchCreateFeaturesRequest + GoogleCloudAiplatformV1GenerateFetchAccessTokenRequest: + description: Request message for FeatureOnlineStoreService.GenerateFetchAccessToken. + properties: {} + type: object + id: GoogleCloudAiplatformV1GenerateFetchAccessTokenRequest + GoogleCloudAiplatformV1ReadFeatureValuesResponseEntityView: + description: Entity view with Feature values. + id: GoogleCloudAiplatformV1ReadFeatureValuesResponseEntityView type: object properties: - releaseName: - description: >- - Optional. The release name of the NotebookRuntime Colab image, e.g. - "py310". If not specified, detault to the latest release. + entityId: + description: ID of the requested entity. type: string - description: + data: + type: array description: >- - Output only. A human-readable description of the specified colab - image release, populated by the system. Example: "Python 3.10", - "Latest - current Python 3.11" - readOnly: true + Each piece of data holds the k requested values for one requested + Feature. If no values for the requested Feature exist, the + corresponding cell will be empty. This has the same size and is in + the same order as the features from the header + ReadFeatureValuesResponse.header. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReadFeatureValuesResponseEntityViewData + GoogleCloudAiplatformV1StopTrialRequest: + type: object + id: GoogleCloudAiplatformV1StopTrialRequest + properties: {} + description: Request message for VizierService.StopTrial. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecasting: + type: object + description: A TrainingJob that trains and uploads an AutoML Forecasting Model. + id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecasting + properties: + inputs: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputs + description: The input parameters of this TrainingJob. + metadata: + description: The metadata information. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingMetadata + GoogleCloudAiplatformV1CreatePersistentResourceOperationMetadata: + type: object + id: GoogleCloudAiplatformV1CreatePersistentResourceOperationMetadata + description: Details of operations that perform create PersistentResource. + properties: + progressMessage: + description: Progress Message for Create LRO type: string - GoogleCloudAiplatformV1PostStartupScriptConfig: - id: GoogleCloudAiplatformV1PostStartupScriptConfig - description: Post startup script config. + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Operation metadata for PersistentResource. + GoogleCloudAiplatformV1DeleteFeatureValuesOperationMetadata: type: object + description: Details of operations that delete Feature values. + id: GoogleCloudAiplatformV1DeleteFeatureValuesOperationMetadata properties: - postStartupScript: - description: Optional. Post startup script to run after runtime is started. + genericMetadata: + description: Operation metadata for Featurestore delete Features values. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + GoogleCloudAiplatformV1LookupStudyRequest: + id: GoogleCloudAiplatformV1LookupStudyRequest + type: object + properties: + displayName: type: string - postStartupScriptUrl: + description: Required. The user-defined display name of the Study + description: Request message for VizierService.LookupStudy. + GoogleCloudAiplatformV1MigrateResourceRequestMigrateDataLabelingDatasetConfig: + id: >- + GoogleCloudAiplatformV1MigrateResourceRequestMigrateDataLabelingDatasetConfig + description: >- + Config for migrating Dataset in datalabeling.googleapis.com to Vertex + AI's Dataset. + properties: + datasetDisplayName: description: >- - Optional. Post startup script url to download. Example: - `gs://bucket/script.sh` + Optional. Display name of the Dataset in Vertex AI. System will pick + a display name if unspecified. type: string - postStartupScriptBehavior: - description: >- - Optional. Post startup script behavior that defines download and - execution behavior. + dataset: type: string - enumDescriptions: - - Unspecified post startup script behavior. - - Run post startup script after runtime is started. - - Run post startup script after runtime is stopped. - - >- - Download and run post startup script every time runtime is - started. - enum: - - POST_STARTUP_SCRIPT_BEHAVIOR_UNSPECIFIED - - RUN_ONCE - - RUN_EVERY_START - - DOWNLOAD_AND_RUN_EVERY_START - GoogleCloudAiplatformV1ListNotebookRuntimeTemplatesResponse: - id: GoogleCloudAiplatformV1ListNotebookRuntimeTemplatesResponse - description: Response message for NotebookService.ListNotebookRuntimeTemplates. - type: object - properties: - notebookRuntimeTemplates: - description: List of NotebookRuntimeTemplates in the requested page. - type: array + description: >- + Required. Full resource name of data labeling Dataset. Format: + `projects/{project}/datasets/{dataset}`. + migrateDataLabelingAnnotatedDatasetConfigs: + description: >- + Optional. Configs for migrating AnnotatedDataset in + datalabeling.googleapis.com to Vertex AI's SavedQuery. The specified + AnnotatedDatasets have to belong to the datalabeling Dataset. items: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NotebookRuntimeTemplate - nextPageToken: - description: >- - A token to retrieve next page of results. Pass to - ListNotebookRuntimeTemplatesRequest.page_token to obtain that page. - type: string - GoogleCloudAiplatformV1AssignNotebookRuntimeRequest: - id: GoogleCloudAiplatformV1AssignNotebookRuntimeRequest - description: Request message for NotebookService.AssignNotebookRuntime. + #/components/schemas/GoogleCloudAiplatformV1MigrateResourceRequestMigrateDataLabelingDatasetConfigMigrateDataLabelingAnnotatedDatasetConfig + type: array + type: object + GoogleCloudAiplatformV1LogprobsResultCandidate: + id: GoogleCloudAiplatformV1LogprobsResultCandidate type: object properties: - notebookRuntimeTemplate: + logProbability: + format: float description: >- - Required. The resource name of the NotebookRuntimeTemplate based on - which a NotebookRuntime will be assigned (reuse or create a new - one). + The log probability of this token. A higher value indicates that the + model was more confident in this token. The log probability can be + used to assess the relative likelihood of different tokens and to + identify when the model is uncertain. + type: number + token: + description: The token's string representation. type: string - notebookRuntime: + tokenId: + type: integer + format: int32 description: >- - Required. Provide runtime specific information (e.g. runtime owner, - notebook id) used for NotebookRuntime assignment. - $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookRuntime' - notebookRuntimeId: - description: Optional. User specified ID for the notebook runtime. - type: string - GoogleCloudAiplatformV1NotebookRuntime: - id: GoogleCloudAiplatformV1NotebookRuntime - description: >- - A runtime is a virtual machine allocated to a particular user for a - particular Notebook file on temporary basis with lifetime. Default - runtimes have a lifetime of 18 hours, while custom runtimes last for 6 - months from their creation or last upgrade. + The token's numerical ID. While the `token` field provides the + string representation of the token, the `token_id` is the numerical + representation that the model uses internally. This can be useful + for developers who want to build custom logic based on the model's + vocabulary. + description: A single token and its associated log probability. + GoogleCloudAiplatformV1SchemaPredictPredictionTimeSeriesForecastingPredictionResult: type: object properties: - name: - description: Output only. The resource name of the NotebookRuntime. - readOnly: true - type: string - runtimeUser: - description: Required. The user email of the NotebookRuntime. - type: string - notebookRuntimeTemplateRef: - description: >- - Output only. The pointer to NotebookRuntimeTemplate this - NotebookRuntime is created from. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NotebookRuntimeTemplateRef - proxyUri: - description: Output only. The proxy endpoint used to access the NotebookRuntime. - readOnly: true - type: string - createTime: - description: Output only. Timestamp when this NotebookRuntime was created. - readOnly: true - type: string - format: google-datetime - updateTime: + quantilePredictions: + type: array + items: + format: float + type: number + description: Quantile predictions, in 1-1 correspondence with quantile_values. + quantileValues: + description: Quantile values. + items: + type: number + format: float + type: array + tftFeatureImportance: + description: Only use these if TFt is enabled. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPredictPredictionTftFeatureImportance + value: + type: number + description: The regression value. + format: float + description: Prediction output format for Time Series Forecasting. + id: >- + GoogleCloudAiplatformV1SchemaPredictPredictionTimeSeriesForecastingPredictionResult + GoogleCloudAiplatformV1Part: + id: GoogleCloudAiplatformV1Part + properties: + executableCode: description: >- - Output only. Timestamp when this NotebookRuntime was most recently - updated. - readOnly: true - type: string - format: google-datetime - healthState: - description: Output only. The health state of the NotebookRuntime. - readOnly: true - type: string - enumDescriptions: - - Unspecified health state. - - NotebookRuntime is in healthy state. Applies to ACTIVE state. - - NotebookRuntime is in unhealthy state. Applies to ACTIVE state. - enum: - - HEALTH_STATE_UNSPECIFIED - - HEALTHY - - UNHEALTHY - displayName: + Optional. Code generated by the model that is intended to be + executed. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExecutableCode' + functionCall: description: >- - Required. The display name of the NotebookRuntime. The name can be - up to 128 characters long and can consist of any UTF-8 characters. - type: string - description: - description: The description of the NotebookRuntime. + Optional. A predicted function call returned from the model. This + contains the name of the function to call and the arguments to pass + to the function. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FunctionCall' + thoughtSignature: + format: byte type: string - serviceAccount: description: >- - Output only. Deprecated: This field is no longer used and the - "Vertex AI Notebook Service Account" - (service-PROJECT_NUMBER@gcp-sa-aiplatform-vm.iam.gserviceaccount.com) - is used for the runtime workload identity. See - https://cloud.google.com/iam/docs/service-agents#vertex-ai-notebook-service-account - for more details. The service account that the NotebookRuntime - workload runs as. - readOnly: true - type: string - runtimeState: - description: Output only. The runtime (instance) state of the NotebookRuntime. - readOnly: true + Optional. An opaque signature for the thought so it can be reused in + subsequent requests. + text: + description: Optional. The text content of the part. type: string - enumDescriptions: - - Unspecified runtime state. - - NotebookRuntime is in running state. - - >- - NotebookRuntime is in starting state. This is when the runtime is - being started from a stopped state. - - NotebookRuntime is in stopping state. - - NotebookRuntime is in stopped state. - - >- - NotebookRuntime is in upgrading state. It is in the middle of - upgrading process. - - NotebookRuntime was unable to start/stop properly. - - NotebookRuntime is in invalid state. Cannot be recovered. - enum: - - RUNTIME_STATE_UNSPECIFIED - - RUNNING - - BEING_STARTED - - BEING_STOPPED - - STOPPED - - BEING_UPGRADED - - ERROR - - INVALID - isUpgradable: - description: Output only. Whether NotebookRuntime is upgradable. - readOnly: true - type: boolean - labels: + codeExecutionResult: + description: Optional. The result of executing the ExecutableCode. + $ref: '#/components/schemas/GoogleCloudAiplatformV1CodeExecutionResult' + functionResponse: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FunctionResponse' description: >- - The labels with user-defined metadata to organize your - NotebookRuntime. Label keys and values can be no longer than 64 - characters (Unicode codepoints), can only contain lowercase letters, - numeric characters, underscores and dashes. International characters - are allowed. No more than 64 user labels can be associated with one - NotebookRuntime (System labels are excluded). See - https://goo.gl/xmQnxf for more information and examples of labels. - System reserved label keys are prefixed with - "aiplatform.googleapis.com/" and are immutable. Following system - labels exist for NotebookRuntime: * - "aiplatform.googleapis.com/notebook_runtime_gce_instance_id": output - only, its value is the Compute Engine instance id. * - "aiplatform.googleapis.com/colab_enterprise_entry_service": its - value is either "bigquery" or "vertex"; if absent, it should be - "vertex". This is to describe the entry service, either BigQuery or - Vertex. - type: object - additionalProperties: - type: string - expirationTime: + Optional. The result of a function call. This is used to provide the + model with the result of a function call that it predicted. + thought: description: >- - Output only. Timestamp when this NotebookRuntime will be expired: 1. - System Predefined NotebookRuntime: 24 hours after creation. After - expiration, system predifined runtime will be deleted. 2. User - created NotebookRuntime: 6 months after last upgrade. After - expiration, user created runtime will be stopped and allowed for - upgrade. - readOnly: true - type: string - format: google-datetime - version: - description: Output only. The VM os image version of NotebookRuntime. - readOnly: true - type: string - notebookRuntimeType: - description: Output only. The type of the notebook runtime. - readOnly: true - type: string - enumDescriptions: - - >- - Unspecified notebook runtime type, NotebookRuntimeType will - default to USER_DEFINED. - - runtime or template with coustomized configurations from user. - - runtime or template with system defined configurations. - enum: - - NOTEBOOK_RUNTIME_TYPE_UNSPECIFIED - - USER_DEFINED - - ONE_CLICK - machineSpec: + Optional. Indicates whether the `part` represents the model's + thought process or reasoning. + type: boolean + videoMetadata: description: >- - Output only. The specification of a single machine used by the - notebook runtime. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1MachineSpec' - dataPersistentDiskSpec: + Optional. Video metadata. The metadata should only be specified + while the video data is presented in inline_data or file_data. + $ref: '#/components/schemas/GoogleCloudAiplatformV1VideoMetadata' + mediaResolution: + description: per part media resolution. Media resolution for the input media. + $ref: '#/components/schemas/GoogleCloudAiplatformV1PartMediaResolution' + fileData: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FileData' description: >- - Output only. The specification of persistent disk attached to the - notebook runtime as data disk storage. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1PersistentDiskSpec' - networkSpec: - description: Output only. Network spec of the notebook runtime. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1NetworkSpec' - idleShutdownConfig: + Optional. The URI-based data of the part. This can be used to + include files from Google Cloud Storage. + inlineData: description: >- - Output only. The idle shutdown configuration of the notebook - runtime. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NotebookIdleShutdownConfig - eucConfig: - description: Output only. EUC configuration of the notebook runtime. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookEucConfig' - shieldedVmConfig: - description: Output only. Runtime Shielded VM spec. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1ShieldedVmConfig' - networkTags: + Optional. The inline data content of the part. This can be used to + include images, audio, or video in a request. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Blob' + description: >- + A datatype containing media that is part of a multi-part Content + message. A `Part` consists of data which has an associated datatype. A + `Part` can only contain one of the accepted types in `Part.data`. For + media types that are not text, `Part` must have a fixed IANA MIME type + identifying the type and subtype of the media if `inline_data` or + `file_data` field is filled with raw bytes. + type: object + GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationMaskAnnotation: + type: object + properties: + maskGcsUri: description: >- - Optional. The Compute Engine tags to add to runtime (see [Tagging - instances](https://cloud.google.com/vpc/docs/add-remove-network-tags)). + Google Cloud Storage URI that points to the mask image. The image + must be in PNG format. It must have the same size as the DataItem's + image. Each pixel in the image mask represents the AnnotationSpec + which the pixel in the image DataItem belong to. Each color is + mapped to one AnnotationSpec based on annotation_spec_colors. + type: string + annotationSpecColors: type: array items: - type: string - reservationAffinity: - description: Output only. Reservation Affinity of the notebook runtime. - readOnly: true + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaAnnotationSpecColor + description: The mapping between color and AnnotationSpec for this Annotation. + id: GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationMaskAnnotation + description: The mask based segmentation annotation. + GoogleCloudAiplatformV1EvaluationInstanceAgentConfig: + id: GoogleCloudAiplatformV1EvaluationInstanceAgentConfig + description: Configuration for an Agent. + properties: + tools: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NotebookReservationAffinity - softwareConfig: - description: Output only. Software config of the notebook runtime. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookSoftwareConfig' - encryptionSpec: + #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceAgentConfigTools + description: List of tools. + toolsText: description: >- - Output only. Customer-managed encryption key spec for the notebook - runtime. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - GoogleCloudAiplatformV1NotebookRuntimeTemplateRef: - id: GoogleCloudAiplatformV1NotebookRuntimeTemplateRef - description: Points to a NotebookRuntimeTemplateRef. + A JSON string containing a list of tools available to an agent with + info such as name, description, parameters and required parameters. + type: string + developerInstruction: + description: >- + Optional. A field containing instructions from the developer for the + agent. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceInstanceData + type: object + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationTimestampTransformation: + description: >- + Training pipeline will perform following transformation functions. * + Apply the transformation functions for Numerical columns. * Determine + the year, month, day,and weekday. Treat each value from the timestamp as + a Categorical column. * Invalid numerical values (for example, values + that fall outside of a typical timestamp range, or are extreme values) + receive no special treatment and are not removed. type: object properties: - notebookRuntimeTemplate: - description: Immutable. A resource name of the NotebookRuntimeTemplate. + columnName: type: string - GoogleCloudAiplatformV1ListNotebookRuntimesResponse: - id: GoogleCloudAiplatformV1ListNotebookRuntimesResponse - description: Response message for NotebookService.ListNotebookRuntimes. - type: object + timeFormat: + type: string + description: >- + The format in which that time field is expressed. The time_format + must either be one of: * `unix-seconds` * `unix-milliseconds` * + `unix-microseconds` * `unix-nanoseconds` (for respectively number of + seconds, milliseconds, microseconds and nanoseconds since start of + the Unix epoch); or be written in `strftime` syntax. If time_format + is not set, then the default format is RFC 3339 `date-time` format, + where `time-offset` = `"Z"` (e.g. 1985-04-12T23:20:50.52Z) + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationTimestampTransformation + GoogleCloudAiplatformV1ReplicatedVoiceConfig: + id: GoogleCloudAiplatformV1ReplicatedVoiceConfig properties: - notebookRuntimes: - description: List of NotebookRuntimes in the requested page. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookRuntime' - nextPageToken: + voiceSampleAudio: + format: byte + description: Optional. The sample of the custom voice. + type: string + mimeType: description: >- - A token to retrieve next page of results. Pass to - ListNotebookRuntimesRequest.page_token to obtain that page. + Optional. The mimetype of the voice sample. The only currently + supported value is `audio/wav`. This represents 16-bit signed + little-endian wav data, with a 24kHz sampling rate. `mime_type` will + default to `audio/wav` if not set. type: string - GoogleCloudAiplatformV1UpgradeNotebookRuntimeRequest: - id: GoogleCloudAiplatformV1UpgradeNotebookRuntimeRequest - description: Request message for NotebookService.UpgradeNotebookRuntime. - type: object - properties: {} - GoogleCloudAiplatformV1StartNotebookRuntimeRequest: - id: GoogleCloudAiplatformV1StartNotebookRuntimeRequest - description: Request message for NotebookService.StartNotebookRuntime. + description: The configuration for the replicated voice to use. type: object - properties: {} - GoogleCloudAiplatformV1StopNotebookRuntimeRequest: - id: GoogleCloudAiplatformV1StopNotebookRuntimeRequest - description: Request message for NotebookService.StopNotebookRuntime. - type: object - properties: {} - GoogleCloudAiplatformV1NotebookExecutionJob: - id: GoogleCloudAiplatformV1NotebookExecutionJob - description: NotebookExecutionJob represents an instance of a notebook execution. + GoogleCloudAiplatformV1QuestionAnsweringQualityInput: type: object properties: - dataformRepositorySource: - description: >- - The Dataform Repository pointing to a single file notebook - repository. + metricSpec: + description: Required. Spec for question answering quality score metric. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJobDataformRepositorySource - gcsNotebookSource: - description: >- - The Cloud Storage url pointing to the ipynb file. Format: - `gs://bucket/notebook_file.ipynb` + #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringQualitySpec + instance: + description: Required. Question answering quality instance. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJobGcsNotebookSource - directNotebookSource: - description: The contents of an input notebook file. + #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringQualityInstance + description: Input for question answering quality metric. + id: GoogleCloudAiplatformV1QuestionAnsweringQualityInput + GoogleCloudAiplatformV1EvaluationInstanceAgentData: + properties: + events: + description: A list of events. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJobDirectNotebookSource - notebookRuntimeTemplateResourceName: - description: The NotebookRuntimeTemplate to source compute configuration from. - type: string - customEnvironmentSpec: - description: The custom compute configuration for an execution job. + #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceAgentDataEvents + tools: + description: List of tools. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJobCustomEnvironmentSpec - gcsOutputUri: + #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceAgentDataTools + deprecated: true + developerInstruction: + deprecated: true description: >- - The Cloud Storage location to upload the result to. Format: - `gs://bucket-name` + Optional. A field containing instructions from the developer for the + agent. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceInstanceData + agentConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceAgentConfig + description: Optional. Agent configuration. + toolsText: + deprecated: true type: string - executionUser: description: >- - The user email to run the execution as. Only supported by Colab - runtimes. - type: string - serviceAccount: - description: The service account to run the execution as. + A JSON string containing a list of tools available to an agent with + info such as name, description, parameters and required parameters. + Example: [ { "name": "search_actors", "description": "Search for + actors in a movie. Returns a list of actors, their roles, their + birthdate, and their place of birth.", "parameters": [ { "name": + "movie_name", "description": "The name of the movie." }, { "name": + "character_name", "description": "The name of the character." } ], + "required": ["movie_name", "character_name"] } ] + type: object + description: Contains data specific to agent evaluations. + id: GoogleCloudAiplatformV1EvaluationInstanceAgentData + GoogleCloudAiplatformV1StreamingPredictResponse: + type: object + id: GoogleCloudAiplatformV1StreamingPredictResponse + description: Response message for PredictionService.StreamingPredict. + properties: + outputs: + description: The prediction output. + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' + parameters: + description: The parameters that govern the prediction. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' + GoogleCloudAiplatformV1QueryDeployedModelsResponse: + id: GoogleCloudAiplatformV1QueryDeployedModelsResponse + type: object + properties: + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - workbenchRuntime: + totalEndpointCount: + format: int32 + type: integer description: >- - The Workbench runtime configuration to use for the notebook - execution. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJobWorkbenchRuntime - name: + The total number of Endpoints that have DeployedModels on this + DeploymentResourcePool. + deployedModelRefs: description: >- - Output only. The resource name of this NotebookExecutionJob. Format: - `projects/{project_id}/locations/{location}/notebookExecutionJobs/{job_id}` - readOnly: true + References to the DeployedModels that share the specified + deploymentResourcePool. + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModelRef' + totalDeployedModelCount: + format: int32 + description: The total number of DeployedModels on this DeploymentResourcePool. + type: integer + deployedModels: + type: array + description: DEPRECATED Use deployed_model_refs instead. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModel' + deprecated: true + description: Response message for QueryDeployedModels method. + GoogleCloudAiplatformV1PredictSchemata: + properties: + instanceSchemaUri: + description: >- + Immutable. Points to a YAML file stored on Google Cloud Storage + describing the format of a single instance, which are used in + PredictRequest.instances, ExplainRequest.instances and + BatchPredictionJob.input_config. The schema is defined as an OpenAPI + 3.0.2 [Schema + Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). + AutoML Models always have this field populated by Vertex AI. Note: + The URI given on output will be immutable and probably different, + including the URI scheme, than the one given on input. The output + URI will point to a location where the user only has a read access. + type: string + parametersSchemaUri: type: string - displayName: description: >- - The display name of the NotebookExecutionJob. The name can be up to - 128 characters long and can consist of any UTF-8 characters. + Immutable. Points to a YAML file stored on Google Cloud Storage + describing the parameters of prediction and explanation via + PredictRequest.parameters, ExplainRequest.parameters and + BatchPredictionJob.model_parameters. The schema is defined as an + OpenAPI 3.0.2 [Schema + Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). + AutoML Models always have this field populated by Vertex AI, if no + parameters are supported, then it is set to an empty string. Note: + The URI given on output will be immutable and probably different, + including the URI scheme, than the one given on input. The output + URI will point to a location where the user only has a read access. + predictionSchemaUri: type: string - executionTimeout: description: >- - Max running time of the execution job in seconds (default 86400s / - 24 hrs). + Immutable. Points to a YAML file stored on Google Cloud Storage + describing the format of a single prediction produced by this Model, + which are returned via PredictResponse.predictions, + ExplainResponse.explanations, and BatchPredictionJob.output_config. + The schema is defined as an OpenAPI 3.0.2 [Schema + Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). + AutoML Models always have this field populated by Vertex AI. Note: + The URI given on output will be immutable and probably different, + including the URI scheme, than the one given on input. The output + URI will point to a location where the user only has a read access. + type: object + description: >- + Contains the schemata used in Model's predictions and explanations via + PredictionService.Predict, PredictionService.Explain and + BatchPredictionJob. + id: GoogleCloudAiplatformV1PredictSchemata + GoogleCloudAiplatformV1SafetySpec: + type: object + description: Spec for safety metric. + id: GoogleCloudAiplatformV1SafetySpec + properties: + version: + description: Optional. Which version to use for evaluation. + format: int32 + type: integer + GoogleCloudAiplatformV1VertexAISearchDataStoreSpec: + description: >- + Define data stores within engine to filter on in a search call and + configurations for those data stores. For more information, see + https://cloud.google.com/generative-ai-app-builder/docs/reference/rpc/google.cloud.discoveryengine.v1#datastorespec + properties: + filter: type: string - format: google-duration - scheduleResourceName: description: >- - The Schedule resource name if this job is triggered by one. Format: - `projects/{project_id}/locations/{location}/schedules/{schedule_id}` + Optional. Filter specification to filter documents in the data store + specified by data_store field. For more information on filtering, + see + [Filtering](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) + dataStore: + description: >- + Full resource name of DataStore, such as Format: + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{dataStore}` type: string - jobState: - description: Output only. The state of the NotebookExecutionJob. - readOnly: true + type: object + id: GoogleCloudAiplatformV1VertexAISearchDataStoreSpec + GoogleCloudAiplatformV1ExactMatchSpec: + description: >- + Spec for exact match metric - returns 1 if prediction and reference + exactly matches, otherwise 0. + properties: {} + type: object + id: GoogleCloudAiplatformV1ExactMatchSpec + GoogleCloudAiplatformV1FunctionResponseBlob: + type: object + description: >- + Raw media bytes for function response. Text should not be sent as raw + bytes, use the 'text' field. + id: GoogleCloudAiplatformV1FunctionResponseBlob + properties: + data: + format: byte type: string - enumDescriptions: - - The job state is unspecified. - - >- - The job has been just created or resumed and processing has not - yet begun. - - The service is preparing to run the job. - - The job is in progress. - - The job completed successfully. - - The job failed. - - >- - The job is being cancelled. From this state the job may only go to - either `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED` or - `JOB_STATE_CANCELLED`. - - The job has been cancelled. - - The job has been stopped, and can be resumed. - - The job has expired. - - >- - The job is being updated. Only jobs in the `RUNNING` state can be - updated. After updating, the job goes back to the `RUNNING` state. - - >- - The job is partially succeeded, some results may be missing due to - errors. - enum: - - JOB_STATE_UNSPECIFIED - - JOB_STATE_QUEUED - - JOB_STATE_PENDING - - JOB_STATE_RUNNING - - JOB_STATE_SUCCEEDED - - JOB_STATE_FAILED - - JOB_STATE_CANCELLING - - JOB_STATE_CANCELLED - - JOB_STATE_PAUSED - - JOB_STATE_EXPIRED - - JOB_STATE_UPDATING - - JOB_STATE_PARTIALLY_SUCCEEDED - status: - description: >- - Output only. Populated when the NotebookExecutionJob is completed. - When there is an error during notebook execution, the error details - are populated. - readOnly: true - $ref: '#/components/schemas/GoogleRpcStatus' - createTime: - description: Output only. Timestamp when this NotebookExecutionJob was created. - readOnly: true + description: Required. Raw bytes. + displayName: type: string - format: google-datetime - updateTime: description: >- - Output only. Timestamp when this NotebookExecutionJob was most - recently updated. - readOnly: true + Optional. Display name of the blob. Used to provide a label or + filename to distinguish blobs. This field is only returned in + PromptMessage for prompt management. It is currently used in the + Gemini GenerateContent calls only when server side tools + (code_execution, google_search, and url_context) are enabled. + mimeType: + description: Required. The IANA standard MIME type of the source data. type: string - format: google-datetime - labels: - description: >- - The labels with user-defined metadata to organize - NotebookExecutionJobs. Label keys and values can be no longer than - 64 characters (Unicode codepoints), can only contain lowercase - letters, numeric characters, underscores and dashes. International - characters are allowed. See https://goo.gl/xmQnxf for more - information and examples of labels. System reserved label keys are - prefixed with "aiplatform.googleapis.com/" and are immutable. - type: object - additionalProperties: + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputs: + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputs + properties: + dataGranularity: + description: Expected difference in time granularity between rows in the data. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsGranularity + availableAtForecastColumns: + items: type: string - kernelName: - description: >- - The name of the kernel to use during notebook execution. If unset, - the default kernel is used. - type: string - encryptionSpec: description: >- - Customer-managed encryption key spec for the notebook execution job. - This field is auto-populated if the NotebookRuntimeTemplate has an - encryption spec. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - GoogleCloudAiplatformV1NotebookExecutionJobDataformRepositorySource: - id: GoogleCloudAiplatformV1NotebookExecutionJobDataformRepositorySource - description: The Dataform Repository containing the input notebook. - type: object - properties: - dataformRepositoryResourceName: + Names of columns that are available and provided when a forecast is + requested. These columns contain information for the given entity + (identified by the time_series_identifier_column column) that is + known at forecast. For example, predicted weather for a specific + day. + type: array + exportEvaluatedDataItemsConfig: description: >- - The resource name of the Dataform Repository. Format: - `projects/{project_id}/locations/{location}/repositories/{repository_id}` - type: string - commitSha: + Configuration for exporting test set predictions to a BigQuery + table. If this configuration is absent, then the export is not + performed. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionExportEvaluatedDataItemsConfig + holidayRegions: + items: + type: string description: >- - The commit SHA to read repository with. If unset, the file will be - read at HEAD. + The geographical region based on which the holiday effect is applied + in modeling by adding holiday categorical array feature that include + all holidays matching the date. This option only allowed when + data_granularity is day. By default, holiday effect modeling is + disabled. To turn it on, specify the holiday region using this + option. + type: array + validationOptions: type: string - GoogleCloudAiplatformV1NotebookExecutionJobGcsNotebookSource: - id: GoogleCloudAiplatformV1NotebookExecutionJobGcsNotebookSource - description: The Cloud Storage uri for the input notebook. - type: object - properties: - uri: description: >- - The Cloud Storage uri pointing to the ipynb file. Format: - `gs://bucket/notebook_file.ipynb` - type: string - generation: + Validation options for the data validation component. The available + options are: * "fail-pipeline" - default, will validate against the + validation and fail the pipeline if it fails. * "ignore-validation" + - ignore the results of the validation and continue + forecastHorizon: description: >- - The version of the Cloud Storage object to read. If unset, the - current version of the object is read. See - https://cloud.google.com/storage/docs/metadata#generation-number. - type: string - GoogleCloudAiplatformV1NotebookExecutionJobDirectNotebookSource: - id: GoogleCloudAiplatformV1NotebookExecutionJobDirectNotebookSource - description: The content of the input notebook in ipynb format. - type: object - properties: - content: - description: The base64-encoded contents of the input notebook file. + The amount of time into the future for which forecasted values for + the target are returned. Expressed in number of units defined by the + `data_granularity` field. + format: int64 type: string - format: byte - GoogleCloudAiplatformV1NotebookExecutionJobCustomEnvironmentSpec: - id: GoogleCloudAiplatformV1NotebookExecutionJobCustomEnvironmentSpec - description: Compute configuration to use for an execution job. - type: object - properties: - machineSpec: - description: The specification of a single machine for the execution job. - $ref: '#/components/schemas/GoogleCloudAiplatformV1MachineSpec' - persistentDiskSpec: - description: >- - The specification of a persistent disk to attach for the execution - job. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PersistentDiskSpec' - networkSpec: - description: The network configuration to use for the execution job. - $ref: '#/components/schemas/GoogleCloudAiplatformV1NetworkSpec' - GoogleCloudAiplatformV1NotebookExecutionJobWorkbenchRuntime: - id: GoogleCloudAiplatformV1NotebookExecutionJobWorkbenchRuntime - description: Configuration for a Workbench Instances-based environment. - type: object - properties: {} - GoogleCloudAiplatformV1ListNotebookExecutionJobsResponse: - id: GoogleCloudAiplatformV1ListNotebookExecutionJobsResponse - description: Response message for [NotebookService.CreateNotebookExecutionJob] - type: object - properties: - notebookExecutionJobs: - description: List of NotebookExecutionJobs in the requested page. + unavailableAtForecastColumns: type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJob' - nextPageToken: + type: string description: >- - A token to retrieve next page of results. Pass to - ListNotebookExecutionJobsRequest.page_token to obtain that page. + Names of columns that are unavailable when a forecast is requested. + This column contains information for the given entity (identified by + the time_series_identifier_column) that is unknown before the + forecast For example, actual weather on a given day. + timeSeriesIdentifierColumn: type: string - GoogleCloudAiplatformV1PersistentResource: - id: GoogleCloudAiplatformV1PersistentResource - description: >- - Represents long-lasting resources that are dedicated to users to runs - custom workloads. A PersistentResource can have multiple node pools and - each node pool can have its own machine spec. - type: object - properties: - name: - description: Immutable. Resource name of a PersistentResource. + description: The name of the column that identifies the time series. + trainBudgetMilliNodeHours: + format: int64 type: string - displayName: description: >- - Optional. The display name of the PersistentResource. The name can - be up to 128 characters long and can consist of any UTF-8 - characters. + Required. The train budget of creating this model, expressed in + milli node hours i.e. 1,000 value in this field means 1 node hour. + The training cost of the model will not exceed this budget. The + final cost will be attempted to be close to the budget, though may + end up being (even) noticeably smaller - at the backend's + discretion. This especially may happen when further model training + ceases to provide any improvements. If the budget is set to a value + known to be insufficient to train a model for the given dataset, the + training won't be attempted and will error. The train budget must be + between 1,000 and 72,000 milli node hours, inclusive. + optimizationObjective: type: string - resourcePools: - description: Required. The spec of the pools of different resources. + description: >- + Objective function the model is optimizing towards. The training + process creates a model that optimizes the value of the objective + function over the validation set. The supported optimization + objectives: * "minimize-rmse" (default) - Minimize root-mean-squared + error (RMSE). * "minimize-mae" - Minimize mean-absolute error (MAE). + * "minimize-rmsle" - Minimize root-mean-squared log error (RMSLE). * + "minimize-rmspe" - Minimize root-mean-squared percentage error + (RMSPE). * "minimize-wape-mae" - Minimize the combination of + weighted absolute percentage error (WAPE) and mean-absolute-error + (MAE). * "minimize-quantile-loss" - Minimize the quantile loss at + the quantiles defined in `quantiles`. * "minimize-mape" - Minimize + the mean absolute percentage error. + transformations: type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ResourcePool' - state: - description: Output only. The detailed state of a Study. - readOnly: true - type: string - enumDescriptions: - - Not set. - - >- - The PROVISIONING state indicates the persistent resources is being - created. - - >- - The RUNNING state indicates the persistent resource is healthy and - fully usable. - - >- - The STOPPING state indicates the persistent resource is being - deleted. - - >- - The ERROR state indicates the persistent resource may be unusable. - Details can be found in the `error` field. - - >- - The REBOOTING state indicates the persistent resource is being - rebooted (PR is not available right now but is expected to be - ready again later). - - >- - The UPDATING state indicates the persistent resource is being - updated. - enum: - - STATE_UNSPECIFIED - - PROVISIONING - - RUNNING - - STOPPING - - ERROR - - REBOOTING - - UPDATING - error: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformation description: >- - Output only. Only populated when persistent resource's state is - `STOPPING` or `ERROR`. - readOnly: true - $ref: '#/components/schemas/GoogleRpcStatus' - createTime: - description: Output only. Time when the PersistentResource was created. - readOnly: true - type: string - format: google-datetime - startTime: + Each transformation will apply transform function to given input + column. And the result will be used for training. When creating + transformation for BigQuery Struct column, the column should be + flattened using "." as the delimiter. + timeColumn: description: >- - Output only. Time when the PersistentResource for the first time - entered the `RUNNING` state. - readOnly: true + The name of the column that identifies time order in the time + series. This column must be available at forecast. + type: string + windowConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionWindowConfig + description: Config containing strategy for generating sliding windows. + contextWindow: type: string - format: google-datetime - updateTime: description: >- - Output only. Time when the PersistentResource was most recently - updated. - readOnly: true + The amount of time into the past training and prediction data is + used for model training and prediction respectively. Expressed in + number of units defined by the `data_granularity` field. + format: int64 + weightColumn: type: string - format: google-datetime - labels: description: >- - Optional. The labels with user-defined metadata to organize - PersistentResource. Label keys and values can be no longer than 64 - characters (Unicode codepoints), can only contain lowercase letters, - numeric characters, underscores and dashes. International characters - are allowed. See https://goo.gl/xmQnxf for more information and - examples of labels. - type: object - additionalProperties: - type: string - network: + Column name that should be used as the weight column. Higher values + in this column give more importance to the row during model + training. The column must have numeric values between 0 and 10000 + inclusively; 0 means the row is ignored for training. If weight + column field is not set, then all rows are assumed to have equal + weight of 1. This column must be available at forecast. + hierarchyConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHierarchyConfig description: >- - Optional. The full name of the Compute Engine - [network](/compute/docs/networks-and-firewalls#networks) to peered - with Vertex AI to host the persistent resources. For example, - `projects/12345/global/networks/myVPC`. - [Format](/compute/docs/reference/rest/v1/networks/insert) is of the - form `projects/{project}/global/networks/{network}`. Where {project} - is a project number, as in `12345`, and {network} is a network name. - To specify this field, you must have already [configured VPC Network - Peering for Vertex - AI](https://cloud.google.com/vertex-ai/docs/general/vpc-peering). If - this field is left unspecified, the resources aren't peered with any - network. - type: string - pscInterfaceConfig: - description: Optional. Configuration for PSC-I for PersistentResource. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PscInterfaceConfig' - encryptionSpec: + Configuration that defines the hierarchical relationship of time + series and parameters for hierarchical forecasting strategies. + targetColumn: description: >- - Optional. Customer-managed encryption key spec for a - PersistentResource. If set, this PersistentResource and all - sub-resources of this PersistentResource will be secured by this - key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - resourceRuntimeSpec: + The name of the column that the Model is to predict values for. This + column must be unavailable at forecast. + type: string + quantiles: description: >- - Optional. Persistent Resource runtime spec. For example, used for - Ray cluster configuration. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ResourceRuntimeSpec' - resourceRuntime: - description: Output only. Runtime information of the Persistent Resource. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1ResourceRuntime' - reservedIpRanges: + Quantiles to use for minimize-quantile-loss + `optimization_objective`. Up to 5 quantiles are allowed of values + between 0 and 1, exclusive. Required if the value of + optimization_objective is minimize-quantile-loss. Represents the + percent quantiles to use for that objective. Quantiles must be + unique. + items: + format: double + type: number + type: array + timeSeriesAttributeColumns: + items: + type: string description: >- - Optional. A list of names for the reserved IP ranges under the VPC - network that can be used for this persistent resource. If set, we - will deploy the persistent resource within the provided IP ranges. - Otherwise, the persistent resource is deployed to any IP ranges - under the provided VPC network. Example: ['vertex-ai-ip-range']. + Column names that should be used as attribute columns. The value of + these columns does not vary as a function of time. For example, + store ID or item color. + type: array + additionalExperiments: type: array items: type: string - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - GoogleCloudAiplatformV1ResourcePool: - id: GoogleCloudAiplatformV1ResourcePool - description: >- - Represents the spec of a group of resources of the same type, for - example machine type, disk, and accelerators, in a PersistentResource. + description: Additional experiment flags for the time series forcasting training. + type: object + GoogleCloudAiplatformV1PythonPackageSpec: + id: GoogleCloudAiplatformV1PythonPackageSpec type: object properties: - id: + pythonModule: description: >- - Immutable. The unique ID in a PersistentResource for referring to - this resource pool. User can specify it if necessary. Otherwise, - it's generated automatically. + Required. The Python module name to run after installing the + packages. type: string - machineSpec: - description: Required. Immutable. The specification of a single machine. - $ref: '#/components/schemas/GoogleCloudAiplatformV1MachineSpec' - replicaCount: - description: >- - Optional. The total number of machines to use for this resource - pool. + executorImageUri: type: string - format: int64 - diskSpec: - description: Optional. Disk spec for the machine in this node pool. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DiskSpec' - usedReplicaCount: description: >- - Output only. The number of machines currently in use by training - jobs for this resource pool. Will replace idle_replica_count. - readOnly: true - type: string - format: int64 - autoscalingSpec: + Required. The URI of a container image in Artifact Registry that + will run the provided Python package. Vertex AI provides a wide + range of executor images with pre-installed packages to meet users' + various use cases. See the list of [pre-built containers for + training](https://cloud.google.com/vertex-ai/docs/training/pre-built-containers). + You must use an image from this list. + env: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EnvVar' description: >- - Optional. Optional spec to configure GKE or Ray-on-Vertex - autoscaling - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ResourcePoolAutoscalingSpec - GoogleCloudAiplatformV1ResourcePoolAutoscalingSpec: - id: GoogleCloudAiplatformV1ResourcePoolAutoscalingSpec - description: The min/max number of replicas allowed if enabling autoscaling + Environment variables to be passed to the python module. Maximum + limit is 100. + args: + type: array + items: + type: string + description: Command line arguments to be passed to the Python task. + packageUris: + type: array + description: >- + Required. The Google Cloud Storage location of the Python package + files which are the training program and its dependent packages. The + maximum number of package URIs is 100. + items: + type: string + description: The spec of a Python packaged code. + GoogleCloudAiplatformV1UpgradeNotebookRuntimeOperationMetadata: type: object properties: - minReplicaCount: + genericMetadata: + description: The operation generic information. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + progressMessage: description: >- - Optional. min replicas in the node pool, must be ≤ replica_count and - < max_replica_count or will throw error. For autoscaling enabled - Ray-on-Vertex, we allow min_replica_count of a resource_pool to be 0 - to match the OSS Ray - behavior(https://docs.ray.io/en/latest/cluster/vms/user-guides/configuring-autoscaling.html#cluster-config-parameters). - As for Persistent Resource, the min_replica_count must be > 0, we - added a corresponding validation inside - CreatePersistentResourceRequestValidator.java. + A human-readable message that shows the intermediate progress + details of NotebookRuntime. type: string - format: int64 - maxReplicaCount: + description: Metadata information for NotebookService.UpgradeNotebookRuntime. + id: GoogleCloudAiplatformV1UpgradeNotebookRuntimeOperationMetadata + GoogleCloudAiplatformV1ContainerRegistryDestination: + type: object + properties: + outputUri: description: >- - Optional. max replicas in the node pool, must be ≥ replica_count and - > min_replica_count or will throw error + Required. Container Registry URI of a container image. Only Google + Container Registry and Artifact Registry are supported now. Accepted + forms: * Google Container Registry path. For example: + `gcr.io/projectId/imageName:tag`. * Artifact Registry path. For + example: + `us-central1-docker.pkg.dev/projectId/repoName/imageName:tag`. If a + tag is not specified, "latest" will be used as the default tag. type: string - format: int64 - GoogleCloudAiplatformV1ResourceRuntimeSpec: - id: GoogleCloudAiplatformV1ResourceRuntimeSpec - description: >- - Configuration for the runtime on a PersistentResource instance, - including but not limited to: * Service accounts used to run the - workloads. * Whether to make it a dedicated Ray Cluster. - type: object + description: The Container Registry location for the container image. + id: GoogleCloudAiplatformV1ContainerRegistryDestination + GoogleCloudAiplatformV1SchemaPromptSpecStructuredPrompt: + id: GoogleCloudAiplatformV1SchemaPromptSpecStructuredPrompt properties: - serviceAccountSpec: + infillSuffix: + type: string description: >- - Optional. Configure the use of workload identity on the - PersistentResource - $ref: '#/components/schemas/GoogleCloudAiplatformV1ServiceAccountSpec' - raySpec: + Preamble: For infill prompt, the suffix after expected model + response. + outputPrefixes: + description: 'Preamble: The output prefixes before each example output.' + items: + type: string + type: array + infillPrefix: description: >- - Optional. Ray cluster configuration. Required when creating a - dedicated RayCluster on the PersistentResource. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RaySpec' - GoogleCloudAiplatformV1ServiceAccountSpec: - id: GoogleCloudAiplatformV1ServiceAccountSpec - description: >- - Configuration for the use of custom service account to run the - workloads. + Preamble: For infill prompt, the prefix before expected model + response. + type: string + predictionInputs: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecPartList + description: >- + Preamble: The input test data for prediction. Each PartList in this + field represents one text-only input set for a single model request. + type: array + context: + description: 'Preamble: The context of the prompt.' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + examples: + type: array + description: 'Preamble: A set of examples for expected model response.' + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecPartList + inputPrefixes: + description: 'Preamble: The input prefixes before each example input.' + type: array + items: + type: string + promptMessage: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecPromptMessage + description: The prompt message. + appBuilderData: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecAppBuilderData + description: Data for app builder use case. + description: Prompt variation that stores preambles in separate fields. + type: object + GoogleCloudAiplatformV1RubricBasedInstructionFollowingSpec: type: object + id: GoogleCloudAiplatformV1RubricBasedInstructionFollowingSpec + description: >- + Spec for RubricBasedInstructionFollowing metric - returns rubrics and + verdicts corresponding to rubrics along with overall score. + properties: {} + GoogleCloudAiplatformV1MigratableResourceAutomlDataset: + id: GoogleCloudAiplatformV1MigratableResourceAutomlDataset properties: - enableCustomServiceAccount: - description: >- - Required. If true, custom user-managed service account is enforced - to run any workloads (for example, Vertex Jobs) on the resource. - Otherwise, uses the [Vertex AI Custom Code Service - Agent](https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents). - type: boolean - serviceAccount: + dataset: + type: string description: >- - Optional. Required when all below conditions are met * - `enable_custom_service_account` is true; * any runtime is specified - via `ResourceRuntimeSpec` on creation time, for example, Ray The - users must have `iam.serviceAccounts.actAs` permission on this - service account and then the specified runtime containers will run - as it. Do not set this field if you want to submit jobs using custom - service account to this PersistentResource after creation, but only - specify the `service_account` inside the job. + Full resource name of automl Dataset. Format: + `projects/{project}/locations/{location}/datasets/{dataset}`. + datasetDisplayName: type: string - GoogleCloudAiplatformV1RaySpec: - id: GoogleCloudAiplatformV1RaySpec + description: The Dataset's display name in automl.googleapis.com. + type: object + description: Represents one Dataset in automl.googleapis.com. + GoogleCloudAiplatformV1QuestionAnsweringRelevanceInput: + type: object + id: GoogleCloudAiplatformV1QuestionAnsweringRelevanceInput + description: Input for question answering relevance metric. + properties: + instance: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringRelevanceInstance + description: Required. Question answering relevance instance. + metricSpec: + description: Required. Spec for question answering relevance score metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringRelevanceSpec + GoogleCloudAiplatformV1SampledShapleyAttribution: + properties: + pathCount: + description: >- + Required. The number of feature permutations to consider when + approximating the Shapley values. Valid range of its value is [1, + 50], inclusively. + format: int32 + type: integer description: >- - Configuration information for the Ray cluster. For experimental launch, - Ray cluster creation and Persistent cluster creation are 1:1 mapping: We - will provision all the nodes within the Persistent cluster as Ray nodes. + An attribution method that approximates Shapley values for features that + contribute to the label being predicted. A sampling strategy is used to + approximate the value rather than considering all subsets of features. type: object + id: GoogleCloudAiplatformV1SampledShapleyAttribution + GoogleCloudAiplatformV1EvaluationRunInferenceConfig: + type: object + description: An inference config used for model inference during the evaluation run. + id: GoogleCloudAiplatformV1EvaluationRunInferenceConfig properties: - imageUri: + generationConfig: + description: Optional. Generation config. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenerationConfig' + model: description: >- - Optional. Default image for user to choose a preferred ML framework - (for example, TensorFlow or Pytorch) by choosing from [Vertex - prebuilt - images](https://cloud.google.com/vertex-ai/docs/training/pre-built-containers). - Either this or the resource_pool_images is required. Use this field - if you need all the resource pools to have the same Ray image. - Otherwise, use the {@code resource_pool_images} field. + Optional. The fully qualified name of the publisher model or + endpoint to use. Publisher model format: + `projects/{project}/locations/{location}/publishers/*/models/*` + Endpoint format: + `projects/{project}/locations/{location}/endpoints/{endpoint}` type: string - resourcePoolImages: + GoogleCloudAiplatformV1PrivateServiceConnectConfig: + properties: + serviceAttachment: description: >- - Optional. Required if image_uri isn't set. A map of resource_pool_id - to prebuild Ray image if user need to use different images for - different head/worker pools. This map needs to cover all the - resource pool ids. Example: { "ray_head_node_pool": "head image" - "ray_worker_node_pool1": "worker image" "ray_worker_node_pool2": - "another worker image" } - type: object - additionalProperties: + Output only. The name of the generated service attachment resource. + This is only populated if the endpoint is deployed with + PrivateServiceConnect. + readOnly: true + type: string + pscAutomationConfigs: + description: >- + Optional. List of projects and networks where the PSC endpoints will + be created. This field is used by Online Inference(Prediction) only. + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PSCAutomationConfig' + projectAllowlist: + description: >- + A list of Projects from which the forwarding rule will target the + service attachment. + items: type: string - headNodeResourcePoolId: + type: array + enablePrivateServiceConnect: + type: boolean description: >- - Optional. This will be used to indicate which resource pool will - serve as the Ray head node(the first node within that pool). Will - use the machine from the first workerpool as the head node by - default if this field isn't set. - type: string - rayMetricSpec: - description: Optional. Ray metrics configurations. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RayMetricSpec' - rayLogsSpec: - description: Optional. OSS Ray logging configurations. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RayLogsSpec' - GoogleCloudAiplatformV1RayMetricSpec: - id: GoogleCloudAiplatformV1RayMetricSpec - description: Configuration for the Ray metrics. + Required. If true, expose the IndexEndpoint via private service + connect. + id: GoogleCloudAiplatformV1PrivateServiceConnectConfig + description: Represents configuration for private service connect. type: object - properties: - disabled: - description: Optional. Flag to disable the Ray metrics collection. - type: boolean - GoogleCloudAiplatformV1RayLogsSpec: - id: GoogleCloudAiplatformV1RayLogsSpec - description: Configuration for the Ray OSS Logs. + GoogleCloudAiplatformV1ListModelEvaluationSlicesResponse: type: object + id: GoogleCloudAiplatformV1ListModelEvaluationSlicesResponse properties: - disabled: + nextPageToken: + type: string description: >- - Optional. Flag to disable the export of Ray OSS logs to Cloud - Logging. - type: boolean - GoogleCloudAiplatformV1ResourceRuntime: - id: GoogleCloudAiplatformV1ResourceRuntime - description: Persistent Cluster runtime information as output + A token to retrieve next page of results. Pass to + ListModelEvaluationSlicesRequest.page_token to obtain that page. + modelEvaluationSlices: + description: List of ModelEvaluations in the requested page. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelEvaluationSlice' + type: array + description: Response message for ModelService.ListModelEvaluationSlices. + GoogleCloudAiplatformV1EvaluationRequest: + description: Single evaluation request. + id: GoogleCloudAiplatformV1EvaluationRequest type: object properties: - accessUris: + candidateResponses: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CandidateResponse' description: >- - Output only. URIs for user to connect to the Cluster. Example: { - "RAY_HEAD_NODE_INTERNAL_IP": "head-node-IP:10001" - "RAY_DASHBOARD_URI": "ray-dashboard-address:8888" } - readOnly: true + Optional. Responses from model under test and other baseline models + for comparison. + rubrics: + description: >- + Optional. Named groups of rubrics associated with this prompt. The + key is a user-defined name for the rubric group. type: object additionalProperties: - type: string - GoogleCloudAiplatformV1ListPersistentResourcesResponse: - id: GoogleCloudAiplatformV1ListPersistentResourcesResponse - description: Response message for PersistentResourceService.ListPersistentResources + $ref: '#/components/schemas/GoogleCloudAiplatformV1RubricGroup' + prompt: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationPrompt' + description: Required. The request/prompt to evaluate. + goldenResponse: + description: Optional. The Ideal response or ground truth. + $ref: '#/components/schemas/GoogleCloudAiplatformV1CandidateResponse' + GoogleCloudAiplatformV1MetricxInput: + description: Input for MetricX metric. type: object properties: - persistentResources: - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PersistentResource' - nextPageToken: - description: >- - A token to retrieve next page of results. Pass to - ListPersistentResourcesRequest.page_token to obtain that page. - type: string - GoogleCloudAiplatformV1RebootPersistentResourceRequest: - id: GoogleCloudAiplatformV1RebootPersistentResourceRequest - description: Request message for PersistentResourceService.RebootPersistentResource. - type: object - properties: {} - GoogleCloudAiplatformV1TrainingPipeline: - id: GoogleCloudAiplatformV1TrainingPipeline - description: >- - The TrainingPipeline orchestrates tasks associated with training a - Model. It always executes the training task, and optionally may also - export data from Vertex AI's Dataset which becomes the training input, - upload the Model to Vertex AI, and evaluate the Model. + metricSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1MetricxSpec' + description: Required. Spec for Metricx metric. + instance: + $ref: '#/components/schemas/GoogleCloudAiplatformV1MetricxInstance' + description: Required. Metricx instance. + id: GoogleCloudAiplatformV1MetricxInput + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageSegmentationMetadata: type: object + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageSegmentationMetadata properties: - name: - description: Output only. Resource name of the TrainingPipeline. - readOnly: true - type: string - displayName: - description: Required. The user-defined name of this TrainingPipeline. + costMilliNodeHours: + format: int64 type: string - inputDataConfig: - description: >- - Specifies Vertex AI owned input data that may be used for training - the Model. The TrainingPipeline's training_task_definition should - make clear whether this config is used and if there are any special - requirements on how it should be filled. If nothing about this - config is mentioned in the training_task_definition, then it should - be assumed that the TrainingPipeline does not depend on this - configuration. - $ref: '#/components/schemas/GoogleCloudAiplatformV1InputDataConfig' - trainingTaskDefinition: description: >- - Required. A Google Cloud Storage path to the YAML file that defines - the training task which is responsible for producing the model - artifact, and may also include additional auxiliary work. The - definition files that can be used here are found in - gs://google-cloud-aiplatform/schema/trainingjob/definition/. Note: - The URI given on output will be immutable and probably different, - including the URI scheme, than the one given on input. The output - URI will point to a location where the user only has a read access. + The actual training cost of creating this model, expressed in milli + node hours, i.e. 1,000 value in this field means 1 node hour. + Guaranteed to not exceed inputs.budgetMilliNodeHours. + successfulStopReason: + enum: + - SUCCESSFUL_STOP_REASON_UNSPECIFIED + - BUDGET_REACHED + - MODEL_CONVERGED type: string - trainingTaskInputs: - description: >- - Required. The training task's parameter(s), as specified in the - training_task_definition's `inputs`. - type: any - trainingTaskMetadata: - description: >- - Output only. The metadata information as specified in the - training_task_definition's `metadata`. This metadata is an auxiliary - runtime and final information about the training task. While the - pipeline is running this information is populated only at a best - effort basis. Only present if the pipeline's - training_task_definition contains `metadata` object. - readOnly: true - type: any - modelToUpload: - description: >- - Describes the Model that may be uploaded (via - ModelService.UploadModel) by this TrainingPipeline. The - TrainingPipeline's training_task_definition should make clear - whether this Model description should be populated, and if there are - any special requirements regarding how it should be filled. If - nothing is mentioned in the training_task_definition, then it should - be assumed that this field should not be filled and the training - task either uploads the Model without a need of this information, or - that training task does not support uploading a Model as part of the - pipeline. When the Pipeline's state becomes - `PIPELINE_STATE_SUCCEEDED` and the trained Model had been uploaded - into Vertex AI, then the model_to_upload's resource name is - populated. The Model is always uploaded into the Project and - Location in which this pipeline is. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Model' - modelId: + enumDescriptions: + - Should not be set. + - The inputs.budgetMilliNodeHours had been reached. + - >- + Further training of the Model ceased to increase its quality, + since it already has converged. description: >- - Optional. The ID to use for the uploaded Model, which will become - the final component of the model resource name. This value may be up - to 63 characters, and valid characters are `[a-z0-9_-]`. The first - character cannot be a number or hyphen. + For successful job completions, this is the reason why the job has + finished. + GoogleCloudAiplatformV1ImageConfigImageOutputOptions: + id: GoogleCloudAiplatformV1ImageConfigImageOutputOptions + properties: + mimeType: type: string - parentModel: + description: Optional. The image format that the output should be saved as. + compressionQuality: + description: Optional. The compression quality of the output image. + type: integer + format: int32 + type: object + description: The image output format for generated images. + GoogleCloudAiplatformV1CancelPipelineJobRequest: + properties: {} + description: Request message for PipelineService.CancelPipelineJob. + type: object + id: GoogleCloudAiplatformV1CancelPipelineJobRequest + GoogleCloudAiplatformV1PartialArg: + description: Partial argument value of the function call. + type: object + properties: + willContinue: description: >- - Optional. When specify this field, the `model_to_upload` will not be - uploaded as a new model, instead, it will become a new version of - this `parent_model`. + Optional. Whether this is not the last part of the same json_path. + If true, another PartialArg message for the current json_path is + expected to follow. + type: boolean + jsonPath: + description: >- + Required. A JSON Path (RFC 9535) to the argument being streamed. + https://datatracker.ietf.org/doc/html/rfc9535. e.g. + "$.foo.bar[0].data". type: string - state: - description: Output only. The detailed state of the pipeline. - readOnly: true + boolValue: + description: Optional. Represents a boolean value. + type: boolean + nullValue: type: string enumDescriptions: - - The pipeline state is unspecified. - - >- - The pipeline has been created or resumed, and processing has not - yet begun. - - The service is preparing to run the pipeline. - - The pipeline is in progress. - - The pipeline completed successfully. - - The pipeline failed. - - >- - The pipeline is being cancelled. From this state, the pipeline may - only go to either PIPELINE_STATE_SUCCEEDED, PIPELINE_STATE_FAILED - or PIPELINE_STATE_CANCELLED. - - The pipeline has been cancelled. - - The pipeline has been stopped, and can be resumed. + - Null value. + description: Optional. Represents a null value. enum: - - PIPELINE_STATE_UNSPECIFIED - - PIPELINE_STATE_QUEUED - - PIPELINE_STATE_PENDING - - PIPELINE_STATE_RUNNING - - PIPELINE_STATE_SUCCEEDED - - PIPELINE_STATE_FAILED - - PIPELINE_STATE_CANCELLING - - PIPELINE_STATE_CANCELLED - - PIPELINE_STATE_PAUSED - error: - description: >- - Output only. Only populated when the pipeline's state is - `PIPELINE_STATE_FAILED` or `PIPELINE_STATE_CANCELLED`. - readOnly: true - $ref: '#/components/schemas/GoogleRpcStatus' - createTime: - description: Output only. Time when the TrainingPipeline was created. - readOnly: true + - NULL_VALUE + stringValue: + description: Optional. Represents a string value. type: string - format: google-datetime - startTime: + numberValue: + format: double + type: number + description: Optional. Represents a double value. + id: GoogleCloudAiplatformV1PartialArg + GoogleCloudAiplatformV1RetrieveMemoriesResponseRetrievedMemory: + properties: + memory: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Memory' + description: The retrieved Memory. + distance: + type: number + format: double description: >- - Output only. Time when the TrainingPipeline for the first time - entered the `PIPELINE_STATE_RUNNING` state. - readOnly: true - type: string - format: google-datetime - endTime: + The distance between the query and the retrieved Memory. Smaller + values indicate more similar memories. This is only set if + similarity search was used for retrieval. + description: A retrieved memory. + id: GoogleCloudAiplatformV1RetrieveMemoriesResponseRetrievedMemory + type: object + GoogleCloudAiplatformV1EvaluationResult: + properties: + candidateResults: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CandidateResult' + description: Optional. The results for the metric. + type: array + evaluationRequest: description: >- - Output only. Time when the TrainingPipeline entered any of the - following states: `PIPELINE_STATE_SUCCEEDED`, - `PIPELINE_STATE_FAILED`, `PIPELINE_STATE_CANCELLED`. - readOnly: true + Required. The request item that was evaluated. Format: + projects/{project}/locations/{location}/evaluationItems/{evaluation_item} type: string - format: google-datetime - updateTime: - description: >- - Output only. Time when the TrainingPipeline was most recently - updated. - readOnly: true + metadata: + type: any + description: Optional. Metadata about the evaluation result. + evaluationRun: type: string - format: google-datetime - labels: - description: >- - The labels with user-defined metadata to organize TrainingPipelines. - Label keys and values can be no longer than 64 characters (Unicode - codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. See - https://goo.gl/xmQnxf for more information and examples of labels. - type: object - additionalProperties: - type: string - encryptionSpec: description: >- - Customer-managed encryption key spec for a TrainingPipeline. If set, - this TrainingPipeline will be secured by this key. Note: Model - trained by this TrainingPipeline is also secured by this key if - model_to_upload is not set separately. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - GoogleCloudAiplatformV1InputDataConfig: - id: GoogleCloudAiplatformV1InputDataConfig - description: >- - Specifies Vertex AI owned input data to be used for training, and - possibly evaluating, the Model. + Required. The evaluation run that was used to generate the result. + Format: + projects/{project}/locations/{location}/evaluationRuns/{evaluation_run} + metric: + description: Required. The metric that was evaluated. + type: string + request: + description: Required. The request that was evaluated. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationRequest' + id: GoogleCloudAiplatformV1EvaluationResult type: object + description: Evaluation result. + GoogleCloudAiplatformV1FeaturestoreMonitoringConfigSnapshotAnalysis: + id: GoogleCloudAiplatformV1FeaturestoreMonitoringConfigSnapshotAnalysis + description: >- + Configuration of the Featurestore's Snapshot Analysis Based Monitoring. + This type of analysis generates statistics for each Feature based on a + snapshot of the latest feature value of each entities every + monitoring_interval. properties: - fractionSplit: - description: Split based on fractions defining the size of each set. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FractionSplit' - filterSplit: - description: Split based on the provided filters for each set. - $ref: '#/components/schemas/GoogleCloudAiplatformV1FilterSplit' - predefinedSplit: - description: >- - Supported only for tabular Datasets. Split based on a predefined - key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PredefinedSplit' - timestampSplit: - description: >- - Supported only for tabular Datasets. Split based on the timestamp of - the input data pieces. - $ref: '#/components/schemas/GoogleCloudAiplatformV1TimestampSplit' - stratifiedSplit: - description: >- - Supported only for tabular Datasets. Split based on the distribution - of the specified column. - $ref: '#/components/schemas/GoogleCloudAiplatformV1StratifiedSplit' - gcsDestination: + disabled: description: >- - The Cloud Storage location where the training data is to be written - to. In the given directory a new directory is created with name: - `dataset---` where timestamp is in YYYY-MM-DDThh:mm:ss.sssZ ISO-8601 - format. All training input data is written into that directory. The - Vertex AI environment variables representing Cloud Storage data URIs - are represented in the Cloud Storage wildcard format to support - sharded data. e.g.: "gs://.../training-*.jsonl" * AIP_DATA_FORMAT = - "jsonl" for non-tabular data, "csv" for tabular data * - AIP_TRAINING_DATA_URI = - "gcs_destination/dataset---/training-*.${AIP_DATA_FORMAT}" * - AIP_VALIDATION_DATA_URI = - "gcs_destination/dataset---/validation-*.${AIP_DATA_FORMAT}" * - AIP_TEST_DATA_URI = - "gcs_destination/dataset---/test-*.${AIP_DATA_FORMAT}" - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' - bigqueryDestination: + The monitoring schedule for snapshot analysis. For EntityType-level + config: unset / disabled = true indicates disabled by default for + Features under it; otherwise by default enable snapshot analysis + monitoring with monitoring_interval for Features under it. + Feature-level config: disabled = true indicates disabled regardless + of the EntityType-level config; unset monitoring_interval indicates + going with EntityType-level config; otherwise run snapshot analysis + monitoring with monitoring_interval regardless of the + EntityType-level config. Explicitly Disable the snapshot analysis + based monitoring. + type: boolean + stalenessDays: + type: integer + format: int32 description: >- - Only applicable to custom training with tabular Dataset with - BigQuery source. The BigQuery project location where the training - data is to be written to. In the given project a new dataset is - created with name `dataset___` where timestamp is in - YYYY_MM_DDThh_mm_ss_sssZ format. All training input data is written - into that dataset. In the dataset three tables are created, - `training`, `validation` and `test`. * AIP_DATA_FORMAT = "bigquery". - * AIP_TRAINING_DATA_URI = "bigquery_destination.dataset___.training" - * AIP_VALIDATION_DATA_URI = - "bigquery_destination.dataset___.validation" * AIP_TEST_DATA_URI = - "bigquery_destination.dataset___.test" - $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQueryDestination' - datasetId: + Customized export features time window for snapshot analysis. Unit + is one day. Default value is 3 weeks. Minimum value is 1 day. + Maximum value is 4000 days. + monitoringIntervalDays: + type: integer description: >- - Required. The ID of the Dataset in the same Project and Location - which data will be used to train the Model. The Dataset must use - schema compatible with Model being trained, and what is compatible - should be described in the used TrainingPipeline's - training_task_definition. For tabular Datasets, all their data is - exported to training, to pick and choose from. - type: string - annotationsFilter: - description: >- - Applicable only to Datasets that have DataItems and Annotations. A - filter on Annotations of the Dataset. Only Annotations that both - match this filter and belong to DataItems not ignored by the split - method are used in respectively training, validation or test role, - depending on the role of the DataItem they are on (for the - auto-assigned that role is decided by Vertex AI). A filter with same - syntax as the one used in ListAnnotations may be used, but note here - it filters across all Annotations of the Dataset, and not just - within a single DataItem. - type: string - annotationSchemaUri: - description: >- - Applicable only to custom training with Datasets that have DataItems - and Annotations. Cloud Storage URI that points to a YAML file - describing the annotation schema. The schema is defined as an - OpenAPI 3.0.2 [Schema - Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). - The schema files that can be used here are found in - gs://google-cloud-aiplatform/schema/dataset/annotation/ , note that - the chosen schema must be consistent with metadata of the Dataset - specified by dataset_id. Only Annotations that both match this - schema and belong to DataItems not ignored by the split method are - used in respectively training, validation or test role, depending on - the role of the DataItem they are on. When used in conjunction with - annotations_filter, the Annotations used for training are filtered - by both annotations_filter and annotation_schema_uri. - type: string - savedQueryId: - description: >- - Only applicable to Datasets that have SavedQueries. The ID of a - SavedQuery (annotation set) under the Dataset specified by - dataset_id used for filtering Annotations for training. Only - Annotations that are associated with this SavedQuery are used in - respectively training. When used in conjunction with - annotations_filter, the Annotations used for training are filtered - by both saved_query_id and annotations_filter. Only one of - saved_query_id and annotation_schema_uri should be specified as both - of them represent the same thing: problem type. + Configuration of the snapshot analysis based monitoring pipeline + running interval. The value indicates number of days. + format: int32 + type: object + GoogleCloudAiplatformV1RubricBasedInstructionFollowingInput: + properties: + instance: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RubricBasedInstructionFollowingInstance + description: Required. Instance for RubricBasedInstructionFollowing metric. + metricSpec: + description: Required. Spec for RubricBasedInstructionFollowing metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RubricBasedInstructionFollowingSpec + description: Instance and metric spec for RubricBasedInstructionFollowing metric. + type: object + id: GoogleCloudAiplatformV1RubricBasedInstructionFollowingInput + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationCategoricalTransformation: + properties: + columnName: type: string - persistMlUseAssignment: - description: Whether to persist the ML use assignment to data item system labels. - type: boolean - GoogleCloudAiplatformV1FractionSplit: - id: GoogleCloudAiplatformV1FractionSplit + type: object + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationCategoricalTransformation description: >- - Assigns the input data to training, validation, and test sets as per the - given fractions. Any of `training_fraction`, `validation_fraction` and - `test_fraction` may optionally be provided, they must sum to up to 1. If - the provided ones sum to less than 1, the remainder is assigned to sets - as decided by Vertex AI. If none of the fractions are set, by default - roughly 80% of data is used for training, 10% for validation, and 10% - for test. + Training pipeline will perform following transformation functions. * The + categorical string as is--no change to case, punctuation, spelling, + tense, and so on. * Convert the category name to a dictionary lookup + index and generate an embedding for each index. * Categories that appear + less than 5 times in the training dataset are treated as the "unknown" + category. The "unknown" category gets its own special lookup index and + resulting embedding. + GoogleCloudAiplatformV1CustomCodeExecutionSpec: + description: >- + Specificies a metric that is populated by evaluating user-defined Python + code. + id: GoogleCloudAiplatformV1CustomCodeExecutionSpec + properties: + evaluationFunction: + type: string + description: >- + Required. Python function. Expected user to define the following + function, e.g.: def evaluate(instance: dict[str, Any]) -> float: + Please include this function signature in the code snippet. Instance + is the evaluation instance, any fields populated in the instance are + available to the function as instance[field_name]. Example: Example + input: ``` instance= EvaluationInstance( + response=EvaluationInstance.InstanceData(text="The answer is 4."), + reference=EvaluationInstance.InstanceData(text="4") ) ``` Example + converted input: ``` { 'response': {'text': 'The answer is 4.'}, + 'reference': {'text': '4'} } ``` Example python function: ``` def + evaluate(instance: dict[str, Any]) -> float: if instance'response' + == instance'reference': return 1.0 return 0.0 ``` + CustomCodeExecutionSpec is also supported in Batch Evaluation + (EvalDataset RPC) and Tuning Evaluation. Each line in the input + jsonl file will be converted to dict[str, Any] and passed to the + evaluation function. type: object - properties: - trainingFraction: - description: >- - The fraction of the input data that is to be used to train the - Model. - type: number - format: double - validationFraction: - description: >- - The fraction of the input data that is to be used to validate the - Model. - type: number - format: double - testFraction: - description: >- - The fraction of the input data that is to be used to evaluate the - Model. - type: number - format: double - GoogleCloudAiplatformV1FilterSplit: - id: GoogleCloudAiplatformV1FilterSplit + GoogleCloudAiplatformV1RagManagedDbConfigBasic: description: >- - Assigns input data to training, validation, and test sets based on the - given filters, data pieces not matched by any filter are ignored. - Currently only supported for Datasets containing DataItems. If any of - the filters in this message are to match nothing, then they can be set - as '-' (the minus sign). Supported only for unstructured Datasets. + Basic tier is a cost-effective and low compute tier suitable for the + following cases: * Experimenting with RagManagedDb. * Small data size. * + Latency insensitive workload. * Only using RAG Engine with external + vector DBs. NOTE: This is the default tier if not explicitly chosen. + properties: {} type: object + id: GoogleCloudAiplatformV1RagManagedDbConfigBasic + GoogleCloudAiplatformV1GroundingChunkMapsPlaceAnswerSourcesReviewSnippet: + description: A review snippet that is used to generate the answer. + id: GoogleCloudAiplatformV1GroundingChunkMapsPlaceAnswerSourcesReviewSnippet properties: - trainingFilter: - description: >- - Required. A filter on DataItems of the Dataset. DataItems that match - this filter are used to train the Model. A filter with same syntax - as the one used in DatasetService.ListDataItems may be used. If a - single DataItem is matched by more than one of the FilterSplit - filters, then it is assigned to the first set that applies to it in - the training, validation, test order. + googleMapsUri: + description: A link to show the review on Google Maps. type: string - validationFilter: - description: >- - Required. A filter on DataItems of the Dataset. DataItems that match - this filter are used to validate the Model. A filter with same - syntax as the one used in DatasetService.ListDataItems may be used. - If a single DataItem is matched by more than one of the FilterSplit - filters, then it is assigned to the first set that applies to it in - the training, validation, test order. + reviewId: type: string - testFilter: - description: >- - Required. A filter on DataItems of the Dataset. DataItems that match - this filter are used to test the Model. A filter with same syntax as - the one used in DatasetService.ListDataItems may be used. If a - single DataItem is matched by more than one of the FilterSplit - filters, then it is assigned to the first set that applies to it in - the training, validation, test order. + description: The ID of the review that is being referenced. + title: type: string - GoogleCloudAiplatformV1PredefinedSplit: - id: GoogleCloudAiplatformV1PredefinedSplit - description: >- - Assigns input data to training, validation, and test sets based on the - value of a provided key. Supported only for tabular Datasets. + description: The title of the review. + type: object + GoogleCloudAiplatformV1SpeculativeDecodingSpec: type: object + description: Configuration for Speculative Decoding. properties: - key: - description: >- - Required. The key is a name of one of the Dataset's data columns. - The value of the key (either the label's value or value in the - column) must be one of {`training`, `validation`, `test`}, and it - defines to which set the given piece of data is assigned. If for a - piece of data the key is not present or has an invalid value, that - piece is ignored by the pipeline. - type: string - GoogleCloudAiplatformV1TimestampSplit: - id: GoogleCloudAiplatformV1TimestampSplit - description: >- - Assigns input data to training, validation, and test sets based on a - provided timestamps. The youngest data pieces are assigned to training - set, next to validation set, and the oldest to the test set. Supported - only for tabular Datasets. + speculativeTokenCount: + format: int32 + type: integer + description: The number of speculative tokens to generate at each step. + ngramSpeculation: + description: N-Gram speculation. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SpeculativeDecodingSpecNgramSpeculation + draftModelSpeculation: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SpeculativeDecodingSpecDraftModelSpeculation + description: draft model speculation. + id: GoogleCloudAiplatformV1SpeculativeDecodingSpec + GoogleCloudAiplatformV1ExplanationMetadataOverrideInputMetadataOverride: + id: GoogleCloudAiplatformV1ExplanationMetadataOverrideInputMetadataOverride + description: The input metadata entries to be overridden. type: object properties: - trainingFraction: - description: >- - The fraction of the input data that is to be used to train the - Model. - type: number - format: double - validationFraction: - description: >- - The fraction of the input data that is to be used to validate the - Model. - type: number - format: double - testFraction: + inputBaselines: + items: + type: any + type: array description: >- - The fraction of the input data that is to be used to evaluate the - Model. + Baseline inputs for this feature. This overrides the + `input_baseline` field of the ExplanationMetadata.InputMetadata + object of the corresponding feature's input metadata. If it's not + specified, the original baselines are not overridden. + GoogleCloudAiplatformV1RagFileParsingConfig: + type: object + id: GoogleCloudAiplatformV1RagFileParsingConfig + properties: + llmParser: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RagFileParsingConfigLlmParser + description: The LLM Parser to use for RagFiles. + layoutParser: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RagFileParsingConfigLayoutParser + description: The Layout Parser to use for RagFiles. + description: Specifies the parsing config for RagFiles. + GoogleCloudAiplatformV1PairwiseSummarizationQualityResult: + properties: + explanation: + readOnly: true + description: Output only. Explanation for summarization quality score. + type: string + confidence: + format: float + readOnly: true + description: Output only. Confidence for summarization quality score. type: number - format: double - key: - description: >- - Required. The key is a name of one of the Dataset's data columns. - The values of the key (the values in the column) must be in RFC 3339 - `date-time` format, where `time-offset` = `"Z"` (e.g. - 1985-04-12T23:20:50.52Z). If for a piece of data the key is not - present or has an invalid value, that piece is ignored by the - pipeline. + pairwiseChoice: + enum: + - PAIRWISE_CHOICE_UNSPECIFIED + - BASELINE + - CANDIDATE + - TIE type: string - GoogleCloudAiplatformV1StratifiedSplit: - id: GoogleCloudAiplatformV1StratifiedSplit - description: >- - Assigns input data to the training, validation, and test sets so that - the distribution of values found in the categorical column (as specified - by the `key` field) is mirrored within each split. The fraction values - determine the relative sizes of the splits. For example, if the - specified column has three values, with 50% of the rows having value - "A", 25% value "B", and 25% value "C", and the split fractions are - specified as 80/10/10, then the training set will constitute 80% of the - training data, with about 50% of the training set rows having the value - "A" for the specified column, about 25% having the value "B", and about - 25% having the value "C". Only the top 500 occurring values are used; - any values not in the top 500 values are randomly assigned to a split. - If less than three rows contain a specific value, those rows are - randomly assigned. Supported only for tabular Datasets. + readOnly: true + description: Output only. Pairwise summarization prediction choice. + enumDescriptions: + - Unspecified prediction choice. + - Baseline prediction wins + - Candidate prediction wins + - Winner cannot be determined + id: GoogleCloudAiplatformV1PairwiseSummarizationQualityResult + description: Spec for pairwise summarization quality result. type: object + GoogleCloudAiplatformV1UpdateSpecialistPoolOperationMetadata: properties: - trainingFraction: - description: >- - The fraction of the input data that is to be used to train the - Model. - type: number - format: double - validationFraction: - description: >- - The fraction of the input data that is to be used to validate the - Model. - type: number - format: double - testFraction: + specialistPool: + type: string description: >- - The fraction of the input data that is to be used to evaluate the - Model. + Output only. The name of the SpecialistPool to which the specialists + are being added. Format: + `projects/{project_id}/locations/{location_id}/specialistPools/{specialist_pool}` + readOnly: true + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: The operation generic information. + id: GoogleCloudAiplatformV1UpdateSpecialistPoolOperationMetadata + description: >- + Runtime operation metadata for + SpecialistPoolService.UpdateSpecialistPool. + type: object + GoogleCloudAiplatformV1TrajectoryPrecisionMetricValue: + description: TrajectoryPrecision metric value for an instance. + properties: + score: + format: float + readOnly: true + description: Output only. TrajectoryPrecision score. type: number - format: double - key: - description: >- - Required. The key is a name of one of the Dataset's data columns. - The key provided must be for a categorical column. - type: string - GoogleCloudAiplatformV1ListTrainingPipelinesResponse: - id: GoogleCloudAiplatformV1ListTrainingPipelinesResponse - description: Response message for PipelineService.ListTrainingPipelines type: object + id: GoogleCloudAiplatformV1TrajectoryPrecisionMetricValue + GoogleCloudAiplatformV1UndeployModelOperationMetadata: properties: - trainingPipelines: - description: List of TrainingPipelines in the requested page. + genericMetadata: + description: The operation generic information. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + type: object + description: Runtime operation information for EndpointService.UndeployModel. + id: GoogleCloudAiplatformV1UndeployModelOperationMetadata + GoogleCloudAiplatformV1ListNotebookRuntimeTemplatesResponse: + properties: + notebookRuntimeTemplates: type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TrainingPipeline' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NotebookRuntimeTemplate + description: List of NotebookRuntimeTemplates in the requested page. nextPageToken: - description: >- - A token to retrieve the next page of results. Pass to - ListTrainingPipelinesRequest.page_token to obtain that page. type: string - GoogleCloudAiplatformV1CancelTrainingPipelineRequest: - id: GoogleCloudAiplatformV1CancelTrainingPipelineRequest - description: Request message for PipelineService.CancelTrainingPipeline. + description: >- + A token to retrieve next page of results. Pass to + ListNotebookRuntimeTemplatesRequest.page_token to obtain that page. type: object - properties: {} - GoogleCloudAiplatformV1PipelineJob: - id: GoogleCloudAiplatformV1PipelineJob - description: An instance of a machine learning PipelineJob. + id: GoogleCloudAiplatformV1ListNotebookRuntimeTemplatesResponse + description: Response message for NotebookService.ListNotebookRuntimeTemplates. + GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadataContentValidationStats: + id: >- + GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadataContentValidationStats type: object properties: - name: - description: Output only. The resource name of the PipelineJob. - readOnly: true + partialErrors: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadataRecordError + description: >- + The detail information of the partial failures encountered for those + invalid records that couldn't be parsed. Up to 50 partial errors + will be reported. + type: array + validRecordCount: type: string - displayName: + description: Number of records in this file that were successfully processed. + format: int64 + validSparseRecordCount: description: >- - The display name of the Pipeline. The name can be up to 128 - characters long and can consist of any UTF-8 characters. + Number of sparse records in this file that were successfully + processed. type: string - createTime: - description: Output only. Pipeline creation time. - readOnly: true + format: int64 + invalidRecordCount: type: string - format: google-datetime - startTime: - description: Output only. Pipeline start time. - readOnly: true + description: Number of records in this file we skipped due to validate errors. + format: int64 + sourceGcsUri: + description: Cloud Storage URI pointing to the original file in user's bucket. type: string - format: google-datetime - endTime: - description: Output only. Pipeline end time. - readOnly: true + invalidSparseRecordCount: + description: >- + Number of sparse records in this file we skipped due to validate + errors. type: string - format: google-datetime - updateTime: + format: int64 + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextSentiment: + id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextSentiment + description: A TrainingJob that trains and uploads an AutoML Text Sentiment Model. + properties: + inputs: + description: The input parameters of this TrainingJob. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextSentimentInputs + type: object + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionCustomJobMetadata: + properties: + backingCustomJob: description: >- - Output only. Timestamp when this PipelineJob was most recently - updated. - readOnly: true + The resource name of the CustomJob that has been created to carry + out this custom task. type: string - format: google-datetime - pipelineSpec: - description: The spec of the pipeline. - type: object - additionalProperties: - type: any - description: Properties of the object. - state: - description: Output only. The detailed state of the job. + id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionCustomJobMetadata + type: object + GoogleCloudAiplatformV1TrajectoryRecallResults: + id: GoogleCloudAiplatformV1TrajectoryRecallResults + type: object + description: Results for TrajectoryRecall metric. + properties: + trajectoryRecallMetricValues: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectoryRecallMetricValue + type: array + description: Output only. TrajectoryRecall metric values. readOnly: true + GoogleCloudAiplatformV1NearestNeighborQueryStringFilter: + type: object + id: GoogleCloudAiplatformV1NearestNeighborQueryStringFilter + properties: + name: type: string + description: Required. Column names in BigQuery that used as filters. + denyTokens: + description: Optional. The denied tokens. + items: + type: string + type: array + allowTokens: + items: + type: string + description: Optional. The allowed tokens. + type: array + description: >- + String filter is used to search a subset of the entities by using + boolean rules on string columns. For example: if a query specifies + string filter with 'name = color, allow_tokens = {red, blue}, + deny_tokens = {purple}',' then that query will match entities that are + red or blue, but if those points are also purple, then they will be + excluded even if they are red/blue. Only string filter is supported for + now, numeric filter will be supported in the near future. + GoogleCloudAiplatformV1DeployModelOperationMetadata: + id: GoogleCloudAiplatformV1DeployModelOperationMetadata + description: Runtime operation information for EndpointService.DeployModel. + type: object + properties: + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: The operation generic information. + deploymentStage: enumDescriptions: - - The pipeline state is unspecified. - - >- - The pipeline has been created or resumed, and processing has not - yet begun. - - The service is preparing to run the pipeline. - - The pipeline is in progress. - - The pipeline completed successfully. - - The pipeline failed. + - Default value. This value is unused. + - The deployment is initializing and setting up the environment. + - The deployment is preparing the model assets. + - The deployment is creating the underlying serving cluster. + - The deployment is adding nodes to the serving cluster. - >- - The pipeline is being cancelled. From this state, the pipeline may - only go to either PIPELINE_STATE_SUCCEEDED, PIPELINE_STATE_FAILED - or PIPELINE_STATE_CANCELLED. - - The pipeline has been cancelled. - - The pipeline has been stopped, and can be resumed. - enum: - - PIPELINE_STATE_UNSPECIFIED - - PIPELINE_STATE_QUEUED - - PIPELINE_STATE_PENDING - - PIPELINE_STATE_RUNNING - - PIPELINE_STATE_SUCCEEDED - - PIPELINE_STATE_FAILED - - PIPELINE_STATE_CANCELLING - - PIPELINE_STATE_CANCELLED - - PIPELINE_STATE_PAUSED - jobDetail: - description: >- - Output only. The details of pipeline run. Not available in the list - view. + The deployment is getting the container image for the model + server. + - The deployment is starting the model server. + - The deployment is performing finalization steps. + - The deployment has terminated. + - The deployment has succeeded. + - The deployment has failed. + type: string readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineJobDetail' - error: - description: >- - Output only. The error that occurred during pipeline execution. Only - populated when the pipeline's state is FAILED or CANCELLED. - readOnly: true - $ref: '#/components/schemas/GoogleRpcStatus' - labels: - description: >- - The labels with user-defined metadata to organize PipelineJob. Label - keys and values can be no longer than 64 characters (Unicode - codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. See - https://goo.gl/xmQnxf for more information and examples of labels. - Note there is some reserved label key for Vertex AI Pipelines. - - `vertex-ai-pipelines-run-billing-id`, user set value will get - overrided. - type: object - additionalProperties: - type: string - runtimeConfig: - description: Runtime config of the pipeline. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineJobRuntimeConfig' - encryptionSpec: - description: >- - Customer-managed encryption key spec for a pipelineJob. If set, this - PipelineJob and all of its sub-resources will be secured by this - key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - serviceAccount: + description: Output only. The deployment stage of the model. + enum: + - DEPLOYMENT_STAGE_UNSPECIFIED + - STARTING_DEPLOYMENT + - PREPARING_MODEL + - CREATING_SERVING_CLUSTER + - ADDING_NODES_TO_CLUSTER + - GETTING_CONTAINER_IMAGE + - STARTING_MODEL_SERVER + - FINISHING_UP + - DEPLOYMENT_TERMINATED + - SUCCESSFULLY_DEPLOYED + - FAILED_TO_DEPLOY + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageClassification: + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageClassification + type: object + properties: + inputs: + description: The input parameters of this TrainingJob. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageClassificationInputs + metadata: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageClassificationMetadata + description: The metadata information. + description: >- + A TrainingJob that trains and uploads an AutoML Image Classification + Model. + GoogleCloudAiplatformV1AvroSource: + id: GoogleCloudAiplatformV1AvroSource + description: The storage details for Avro input content. + type: object + properties: + gcsSource: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' + description: Required. Google Cloud Storage location. + GoogleCloudAiplatformV1ListNotebookRuntimesResponse: + id: GoogleCloudAiplatformV1ListNotebookRuntimesResponse + properties: + notebookRuntimes: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookRuntime' + description: List of NotebookRuntimes in the requested page. + type: array + nextPageToken: description: >- - The service account that the pipeline workload runs as. If not - specified, the Compute Engine default service account in the project - will be used. See - https://cloud.google.com/compute/docs/access/service-accounts#default_service_account - Users starting the pipeline must have the - `iam.serviceAccounts.actAs` permission on this service account. + A token to retrieve next page of results. Pass to + ListNotebookRuntimesRequest.page_token to obtain that page. type: string - network: + description: Response message for NotebookService.ListNotebookRuntimes. + type: object + GoogleCloudAiplatformV1PublisherModelCallToAction: + description: Actions could take on this Publisher Model. + id: GoogleCloudAiplatformV1PublisherModelCallToAction + properties: + openGenie: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences + description: Optional. Open Genie / Playground. + openNotebooks: + description: Optional. Open notebooks of the PublisherModel. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionOpenNotebooks + viewRestApi: + description: Optional. To view Rest API docs. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionViewRestApi + deploy: + description: Optional. Deploy the PublisherModel to Vertex Endpoint. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionDeploy + openPromptTuningPipeline: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences + description: Optional. Open prompt-tuning pipeline of the PublisherModel. + requestAccess: + description: Optional. Request for access. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences + deployGke: + description: Optional. Deploy PublisherModel to Google Kubernetes Engine. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionDeployGke + createApplication: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences + description: Optional. Create application using the PublisherModel. + openEvaluationPipeline: + description: Optional. Open evaluation pipeline of the PublisherModel. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences + openFineTuningPipeline: + description: Optional. Open fine-tuning pipeline of the PublisherModel. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences + openFineTuningPipelines: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionOpenFineTuningPipelines + description: Optional. Open fine-tuning pipelines of the PublisherModel. + openGenerationAiStudio: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences + description: Optional. Open in Generation AI Studio. + openNotebook: + description: Optional. Open notebook of the PublisherModel. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences + multiDeployVertex: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionDeployVertex description: >- - The full name of the Compute Engine - [network](/compute/docs/networks-and-firewalls#networks) to which - the Pipeline Job's workload should be peered. For example, - `projects/12345/global/networks/myVPC`. - [Format](/compute/docs/reference/rest/v1/networks/insert) is of the - form `projects/{project}/global/networks/{network}`. Where {project} - is a project number, as in `12345`, and {network} is a network name. - Private services access must already be configured for the network. - Pipeline job will apply the network configuration to the Google - Cloud resources being launched, if applied, such as Vertex AI - Training or Dataflow job. If left unspecified, the workload is not - peered with any network. + Optional. Multiple setups to deploy the PublisherModel to Vertex + Endpoint. + type: object + GoogleCloudAiplatformV1StudySpecParameterSpecIntegerValueSpec: + properties: + minValue: + format: int64 + description: Required. Inclusive minimum value of the parameter. + type: string + defaultValue: type: string - reservedIpRanges: description: >- - A list of names for the reserved ip ranges under the VPC network - that can be used for this Pipeline Job's workload. If set, we will - deploy the Pipeline Job's workload within the provided ip ranges. - Otherwise, the job will be deployed to any ip ranges under the - provided VPC network. Example: ['vertex-ai-ip-range']. - type: array - items: - type: string - pscInterfaceConfig: - description: Optional. Configuration for PSC-I for PipelineJob. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PscInterfaceConfig' - templateUri: + A default value for an `INTEGER` parameter that is assumed to be a + relatively good starting point. Unset value signals that there is no + offered starting point. Currently only supported by the Vertex AI + Vizier service. Not supported by HyperparameterTuningJob or + TrainingPipeline. + format: int64 + maxValue: + format: int64 + description: Required. Inclusive maximum value of the parameter. + type: string + id: GoogleCloudAiplatformV1StudySpecParameterSpecIntegerValueSpec + type: object + description: Value specification for a parameter in `INTEGER` type. + GoogleCloudAiplatformV1ImportFeatureValuesRequestFeatureSpec: + properties: + sourceField: description: >- - A template uri from where the PipelineJob.pipeline_spec, if empty, - will be downloaded. Currently, only uri from Vertex Template - Registry & Gallery is supported. Reference to - https://cloud.google.com/vertex-ai/docs/pipelines/create-pipeline-template. + Source column to get the Feature values from. If not set, uses the + column with the same name as the Feature ID. type: string - templateMetadata: + id: description: >- - Output only. Pipeline template metadata. Will fill up fields if - PipelineJob.template_uri is from supported template registry. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineTemplateMetadata' - scheduleName: + Required. ID of the Feature to import values of. This Feature must + exist in the target EntityType, or the request will fail. + type: string + id: GoogleCloudAiplatformV1ImportFeatureValuesRequestFeatureSpec + description: Defines the Feature value(s) to import. + type: object + GoogleCloudAiplatformV1LargeModelReference: + type: object + id: GoogleCloudAiplatformV1LargeModelReference + properties: + name: description: >- - Output only. The schedule resource name. Only returned if the - Pipeline is created by Schedule API. - readOnly: true + Required. The unique name of the large Foundation or pre-built + model. Like "chat-bison", "text-bison". Or model name with version + ID, like "chat-bison@001", "text-bison@005", etc. type: string - preflightValidations: + description: Contains information about the Large Model. + GoogleCloudAiplatformV1BigQuerySource: + description: The BigQuery location for the input content. + properties: + inputUri: description: >- - Optional. Whether to do component level validations before job - creation. - type: boolean - GoogleCloudAiplatformV1PipelineJobDetail: - id: GoogleCloudAiplatformV1PipelineJobDetail - description: The runtime detail of PipelineJob. + Required. BigQuery URI to a table, up to 2000 characters long. + Accepted forms: * BigQuery path. For example: + `bq://projectId.bqDatasetId.bqTableId`. + type: string + type: object + id: GoogleCloudAiplatformV1BigQuerySource + GoogleCloudAiplatformV1ContentMap: + description: Map of placeholder in metric prompt template to contents of model input. type: object properties: - pipelineContext: - description: Output only. The context of the pipeline. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1Context' - pipelineRunContext: - description: Output only. The context of the current pipeline run. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1Context' - taskDetails: - description: Output only. The runtime details of the tasks under the pipeline. - readOnly: true + values: + type: object + description: Optional. Map of placeholder to contents. + additionalProperties: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ContentMapContents' + id: GoogleCloudAiplatformV1ContentMap + GoogleCloudAiplatformV1SchemaPredictPredictionTabularRegressionPredictionResult: + description: Prediction output format for Tabular Regression. + properties: + value: + type: number + description: The regression value. + format: float + upperBound: + type: number + format: float + description: The upper bound of the prediction interval. + quantilePredictions: + description: Quantile predictions, in 1-1 correspondence with quantile_values. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineTaskDetail' - GoogleCloudAiplatformV1PipelineTaskDetail: - id: GoogleCloudAiplatformV1PipelineTaskDetail - description: The runtime detail of a task execution. + format: float + type: number + quantileValues: + description: Quantile values. + type: array + items: + format: float + type: number + lowerBound: + type: number + format: float + description: The lower bound of the prediction interval. type: object + id: >- + GoogleCloudAiplatformV1SchemaPredictPredictionTabularRegressionPredictionResult + GoogleCloudAiplatformV1DeploymentResourcePool: + description: >- + A description of resources that can be shared by multiple + DeployedModels, whose underlying specification consists of a + DedicatedResources. properties: - taskId: - description: Output only. The system generated ID of the task. + satisfiesPzi: + type: boolean readOnly: true - type: string - format: int64 - parentTaskId: + description: Output only. Reserved for future use. + dedicatedResources: description: >- - Output only. The id of the parent task if the task is within a - component scope. Empty if the task is at the root level. - readOnly: true - type: string - format: int64 - taskName: + Required. The underlying DedicatedResources that the + DeploymentResourcePool uses. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DedicatedResources' + disableContainerLogging: description: >- - Output only. The user specified name of the task that is defined in - pipeline_spec. + If the DeploymentResourcePool is deployed with custom-trained Models + or AutoML Tabular Models, the container(s) of the + DeploymentResourcePool will send `stderr` and `stdout` streams to + Cloud Logging by default. Please note that the logs incur cost, + which are subject to [Cloud Logging + pricing](https://cloud.google.com/logging/pricing). User can disable + container logging by setting this flag to true. + type: boolean + satisfiesPzs: readOnly: true + type: boolean + description: Output only. Reserved for future use. + name: + description: >- + Immutable. The resource name of the DeploymentResourcePool. Format: + `projects/{project}/locations/{location}/deploymentResourcePools/{deployment_resource_pool}` type: string createTime: - description: Output only. Task create time. - readOnly: true - type: string - format: google-datetime - startTime: - description: Output only. Task start time. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. Task end time. readOnly: true type: string + description: Output only. Timestamp when this DeploymentResourcePool was created. format: google-datetime - executorDetail: - description: Output only. The detailed execution info. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PipelineTaskExecutorDetail - state: - description: Output only. State of the task. - readOnly: true + encryptionSpec: + description: >- + Customer-managed encryption key spec for a DeploymentResourcePool. + If set, this DeploymentResourcePool will be secured by this key. + Endpoints and the DeploymentResourcePool they deploy in need to have + the same EncryptionSpec. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + serviceAccount: type: string - enumDescriptions: - - Unspecified. - - Specifies pending state for the task. - - Specifies task is being executed. - - Specifies task completed successfully. - - Specifies Task cancel is in pending state. - - Specifies task is being cancelled. - - Specifies task was cancelled. - - Specifies task failed. - - Specifies task was skipped due to cache hit. - - >- - Specifies that the task was not triggered because the task's - trigger policy is not satisfied. The trigger policy is specified - in the `condition` field of PipelineJob.pipeline_spec. - enum: - - STATE_UNSPECIFIED - - PENDING - - RUNNING - - SUCCEEDED - - CANCEL_PENDING - - CANCELLING - - CANCELLED - - FAILED - - SKIPPED - - NOT_TRIGGERED - execution: - description: Output only. The execution metadata of the task. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1Execution' - error: description: >- - Output only. The error that occurred during task execution. Only - populated when the task's state is FAILED or CANCELLED. - readOnly: true - $ref: '#/components/schemas/GoogleRpcStatus' - pipelineTaskStatus: + The service account that the DeploymentResourcePool's container(s) + run as. Specify the email address of the service account. If this + service account is not specified, the container(s) run as a service + account that doesn't have access to the resource project. Users + deploying the Models to this DeploymentResourcePool must have the + `iam.serviceAccounts.actAs` permission on this service account. + id: GoogleCloudAiplatformV1DeploymentResourcePool + type: object + GoogleCloudAiplatformV1ListOptimalTrialsRequest: + type: object + description: Request message for VizierService.ListOptimalTrials. + id: GoogleCloudAiplatformV1ListOptimalTrialsRequest + properties: {} + GoogleCloudAiplatformV1GenerateMemoriesRequestDirectMemoriesSource: + id: GoogleCloudAiplatformV1GenerateMemoriesRequestDirectMemoriesSource + properties: + directMemories: description: >- - Output only. A list of task status. This field keeps a record of - task status evolving over time. - readOnly: true + Required. The direct memories to upload to Memory Bank. At most 5 + direct memories are allowed per request. type: array items: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PipelineTaskDetailPipelineTaskStatus - inputs: - description: Output only. The runtime input artifacts of the task. - readOnly: true - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PipelineTaskDetailArtifactList - outputs: - description: Output only. The runtime output artifacts of the task. - readOnly: true - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PipelineTaskDetailArtifactList - taskUniqueName: - description: >- - Output only. The unique name of a task. This field is used by rerun - pipeline job. Console UI and Vertex AI SDK will support triggering - pipeline job reruns. The name is constructed by concatenating all - the parent tasks name with the task name. For example, if a task - named "child_task" has a parent task named "parent_task_1" and - parent task 1 has a parent task named "parent_task_2", the task - unique name will be "parent_task_2.parent_task_1.child_task". - readOnly: true - type: string - GoogleCloudAiplatformV1PipelineTaskExecutorDetail: - id: GoogleCloudAiplatformV1PipelineTaskExecutorDetail - description: The runtime detail of a pipeline executor. + #/components/schemas/GoogleCloudAiplatformV1GenerateMemoriesRequestDirectMemoriesSourceDirectMemory type: object - properties: - containerDetail: - description: Output only. The detailed info for a container executor. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PipelineTaskExecutorDetailContainerDetail - customJobDetail: - description: Output only. The detailed info for a custom job executor. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PipelineTaskExecutorDetailCustomJobDetail - GoogleCloudAiplatformV1PipelineTaskExecutorDetailContainerDetail: - id: GoogleCloudAiplatformV1PipelineTaskExecutorDetailContainerDetail description: >- - The detail of a container execution. It contains the job names of the - lifecycle of a container execution. + Defines a direct source of memories that should be uploaded to Memory + Bank with consolidation. + GoogleCloudAiplatformV1WriteTensorboardRunDataResponse: + type: object + id: GoogleCloudAiplatformV1WriteTensorboardRunDataResponse + description: Response message for TensorboardService.WriteTensorboardRunData. + properties: {} + GoogleCloudAiplatformV1CountTokensRequest: type: object + description: Request message for PredictionService.CountTokens. + id: GoogleCloudAiplatformV1CountTokensRequest properties: - mainJob: + generationConfig: description: >- - Output only. The name of the CustomJob for the main container - execution. - readOnly: true - type: string - preCachingCheckJob: + Optional. Generation config that the model will use to generate the + response. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenerationConfig' + tools: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tool' description: >- - Output only. The name of the CustomJob for the pre-caching-check - container execution. This job will be available if the - PipelineJob.pipeline_spec specifies the `pre_caching_check` hook in - the lifecycle events. - readOnly: true - type: string - failedMainJobs: + Optional. A list of `Tools` the model may use to generate the next + response. A `Tool` is a piece of code that enables the system to + interact with external systems to perform an action, or set of + actions, outside of knowledge and scope of the model. + type: array + systemInstruction: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' description: >- - Output only. The names of the previously failed CustomJob for the - main container executions. The list includes the all attempts in - chronological order. - readOnly: true + Optional. The user provided system instructions for the model. Note: + only text should be used in parts and content in each part will be + in a separate paragraph. + model: + description: >- + Optional. The name of the publisher model requested to serve the + prediction. Format: + `projects/{project}/locations/{location}/publishers/*/models/*` + type: string + contents: type: array items: - type: string - failedPreCachingCheckJobs: - description: >- - Output only. The names of the previously failed CustomJob for the - pre-caching-check container executions. This job will be available - if the PipelineJob.pipeline_spec specifies the `pre_caching_check` - hook in the lifecycle events. The list includes the all attempts in - chronological order. - readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + description: Optional. Input content. + instances: type: array items: - type: string - GoogleCloudAiplatformV1PipelineTaskExecutorDetailCustomJobDetail: - id: GoogleCloudAiplatformV1PipelineTaskExecutorDetailCustomJobDetail - description: The detailed info for a custom job executor. - type: object - properties: - job: - description: Output only. The name of the CustomJob. - readOnly: true - type: string - failedJobs: + type: any description: >- - Output only. The names of the previously failed CustomJob. The list - includes the all attempts in chronological order. - readOnly: true - type: array - items: - type: string - GoogleCloudAiplatformV1PipelineTaskDetailPipelineTaskStatus: - id: GoogleCloudAiplatformV1PipelineTaskDetailPipelineTaskStatus - description: A single record of the task status. + Optional. The instances that are the input to token counting call. + Schema is identical to the prediction schema of the underlying + model. + GoogleCloudAiplatformV1ReasoningEngineSpecSourceCodeSpecDeveloperConnectSource: + id: >- + GoogleCloudAiplatformV1ReasoningEngineSpecSourceCodeSpecDeveloperConnectSource + description: >- + Specifies source code to be fetched from a Git repository managed + through the Developer Connect service. type: object properties: - updateTime: - description: Output only. Update time of this status. - readOnly: true - type: string - format: google-datetime - state: - description: Output only. The state of the task. - readOnly: true - type: string - enumDescriptions: - - Unspecified. - - Specifies pending state for the task. - - Specifies task is being executed. - - Specifies task completed successfully. - - Specifies Task cancel is in pending state. - - Specifies task is being cancelled. - - Specifies task was cancelled. - - Specifies task failed. - - Specifies task was skipped due to cache hit. - - >- - Specifies that the task was not triggered because the task's - trigger policy is not satisfied. The trigger policy is specified - in the `condition` field of PipelineJob.pipeline_spec. - enum: - - STATE_UNSPECIFIED - - PENDING - - RUNNING - - SUCCEEDED - - CANCEL_PENDING - - CANCELLING - - CANCELLED - - FAILED - - SKIPPED - - NOT_TRIGGERED - error: + config: description: >- - Output only. The error that occurred during the state. May be set - when the state is any of the non-final state - (PENDING/RUNNING/CANCELLING) or FAILED state. If the state is - FAILED, the error here is final and not going to be retried. If the - state is a non-final state, the error indicates a system-error being - retried. - readOnly: true - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudAiplatformV1PipelineTaskDetailArtifactList: - id: GoogleCloudAiplatformV1PipelineTaskDetailArtifactList - description: A list of artifact metadata. - type: object - properties: - artifacts: - description: Output only. A list of artifact metadata. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Artifact' - GoogleCloudAiplatformV1PipelineJobRuntimeConfig: - id: GoogleCloudAiplatformV1PipelineJobRuntimeConfig - description: The runtime config of a PipelineJob. + Required. The Developer Connect configuration that defines the + specific repository, revision, and directory to use as the source + code root. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReasoningEngineSpecSourceCodeSpecDeveloperConnectConfig + GoogleCloudAiplatformV1ExportDataConfig: type: object + id: GoogleCloudAiplatformV1ExportDataConfig properties: - parameters: - description: >- - Deprecated. Use RuntimeConfig.parameter_values instead. The runtime - parameters of the PipelineJob. The parameters will be passed into - PipelineJob.pipeline_spec to replace the placeholders at runtime. - This field is used by pipelines built using - `PipelineJob.pipeline_spec.schema_version` 2.0.0 or lower, such as - pipelines built using Kubeflow Pipelines SDK 1.8 or lower. - deprecated: true - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Value' - gcsOutputDirectory: - description: >- - Required. A path in a Cloud Storage bucket, which will be treated as - the root output directory of the pipeline. It is used by the system - to generate the paths of output artifacts. The artifact paths are - generated with a sub-path pattern `{job_id}/{task_id}/{output_key}` - under the specified output directory. The service account specified - in this pipeline must have the `storage.objects.get` and - `storage.objects.create` permissions for this bucket. - type: string - parameterValues: - description: >- - The runtime parameters of the PipelineJob. The parameters will be - passed into PipelineJob.pipeline_spec to replace the placeholders at - runtime. This field is used by pipelines built using - `PipelineJob.pipeline_spec.schema_version` 2.1.0, such as pipelines - built using Kubeflow Pipelines SDK 1.9 or higher and the v2 DSL. - type: object - additionalProperties: - type: any - failurePolicy: + gcsDestination: description: >- - Represents the failure policy of a pipeline. Currently, the default - of a pipeline is that the pipeline will continue to run until no - more tasks can be executed, also known as - PIPELINE_FAILURE_POLICY_FAIL_SLOW. However, if a pipeline is set to - PIPELINE_FAILURE_POLICY_FAIL_FAST, it will stop scheduling any new - tasks when a task has failed. Any scheduled tasks will continue to - completion. + The Google Cloud Storage location where the output is to be written + to. In the given directory a new directory will be created with + name: `export-data--` where timestamp is in YYYY-MM-DDThh:mm:ss.sssZ + ISO-8601 format. All export output will be written into that + directory. Inside that directory, annotations with the same schema + will be grouped into sub directories which are named with the + corresponding annotations' schema title. Inside these sub + directories, a schema.yaml will be created to describe the output + format. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' + exportUse: type: string - enumDescriptions: - - Default value, and follows fail slow behavior. - - >- - Indicates that the pipeline should continue to run until all - possible tasks have been scheduled and completed. - - >- - Indicates that the pipeline should stop scheduling new tasks after - a task has failed. + description: Indicates the usage of the exported files. enum: - - PIPELINE_FAILURE_POLICY_UNSPECIFIED - - PIPELINE_FAILURE_POLICY_FAIL_SLOW - - PIPELINE_FAILURE_POLICY_FAIL_FAST - inputArtifacts: + - EXPORT_USE_UNSPECIFIED + - CUSTOM_CODE_TRAINING + enumDescriptions: + - Regular user export. + - Export for custom code training. + savedQueryId: description: >- - The runtime artifacts of the PipelineJob. The key will be the input - artifact name and the value would be one of the InputArtifact. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PipelineJobRuntimeConfigInputArtifact - GoogleCloudAiplatformV1Value: - id: GoogleCloudAiplatformV1Value - description: Value is the value of the field. - type: object - properties: - intValue: - description: An integer value. + The ID of a SavedQuery (annotation set) under the Dataset specified + by ExportDataRequest.name used for filtering Annotations for + training. Only used for custom training data export use cases. Only + applicable to Datasets that have SavedQueries. Only Annotations that + are associated with this SavedQuery are used in respectively + training. When used in conjunction with annotations_filter, the + Annotations used for training are filtered by both saved_query_id + and annotations_filter. Only one of saved_query_id and + annotation_schema_uri should be specified as both of them represent + the same thing: problem type. type: string - format: int64 - doubleValue: - description: A double value. - type: number - format: double - stringValue: - description: A string value. + annotationSchemaUri: type: string - GoogleCloudAiplatformV1PipelineJobRuntimeConfigInputArtifact: - id: GoogleCloudAiplatformV1PipelineJobRuntimeConfigInputArtifact - description: The type of an input artifact. - type: object - properties: - artifactId: description: >- - Artifact resource id from MLMD. Which is the last portion of an - artifact resource name: - `projects/{project}/locations/{location}/metadataStores/default/artifacts/{artifact_id}`. - The artifact must stay within the same project, location and default - metadatastore as the pipeline. - type: string - GoogleCloudAiplatformV1PipelineTemplateMetadata: - id: GoogleCloudAiplatformV1PipelineTemplateMetadata - description: >- - Pipeline template metadata if PipelineJob.template_uri is from supported - template registry. Currently, the only supported registry is Artifact - Registry. - type: object - properties: - version: + The Cloud Storage URI that points to a YAML file describing the + annotation schema. The schema is defined as an OpenAPI 3.0.2 [Schema + Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). + The schema files that can be used here are found in + gs://google-cloud-aiplatform/schema/dataset/annotation/, note that + the chosen schema must be consistent with metadata of the Dataset + specified by ExportDataRequest.name. Only used for custom training + data export use cases. Only applicable to Datasets that have + DataItems and Annotations. Only Annotations that both match this + schema and belong to DataItems not ignored by the split method are + used in respectively training, validation or test role, depending on + the role of the DataItem they are on. When used in conjunction with + annotations_filter, the Annotations used for training are filtered + by both annotations_filter and annotation_schema_uri. + annotationsFilter: description: >- - The version_name in artifact registry. Will always be presented in - output if the PipelineJob.template_uri is from supported template - registry. Format is "sha256:abcdef123456...". + An expression for filtering what part of the Dataset is to be + exported. Only Annotations that match this filter will be exported. + The filter syntax is the same as in ListAnnotations. type: string - GoogleCloudAiplatformV1ListPipelineJobsResponse: - id: GoogleCloudAiplatformV1ListPipelineJobsResponse - description: Response message for PipelineService.ListPipelineJobs - type: object + filterSplit: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExportFilterSplit' + description: Split based on the provided filters for each set. + fractionSplit: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExportFractionSplit' + description: Split based on fractions defining the size of each set. + description: >- + Describes what part of the Dataset is to be exported, the destination of + the export and how to export. + GoogleCloudAiplatformV1ListSavedQueriesResponse: properties: - pipelineJobs: - description: List of PipelineJobs in the requested page. + savedQueries: type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineJob' - nextPageToken: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SavedQuery' description: >- - A token to retrieve the next page of results. Pass to - ListPipelineJobsRequest.page_token to obtain that page. + A list of SavedQueries that match the specified filter in the + request. + nextPageToken: + description: The standard List next-page token. type: string - GoogleCloudAiplatformV1BatchDeletePipelineJobsRequest: - id: GoogleCloudAiplatformV1BatchDeletePipelineJobsRequest - description: Request message for PipelineService.BatchDeletePipelineJobs. - type: object - properties: - names: - description: >- - Required. The names of the PipelineJobs to delete. A maximum of 32 - PipelineJobs can be deleted in a batch. Format: - `projects/{project}/locations/{location}/pipelineJobs/{pipelineJob}` - type: array - items: - type: string - GoogleCloudAiplatformV1CancelPipelineJobRequest: - id: GoogleCloudAiplatformV1CancelPipelineJobRequest - description: Request message for PipelineService.CancelPipelineJob. - type: object - properties: {} - GoogleCloudAiplatformV1BatchCancelPipelineJobsRequest: - id: GoogleCloudAiplatformV1BatchCancelPipelineJobsRequest - description: Request message for PipelineService.BatchCancelPipelineJobs. + id: GoogleCloudAiplatformV1ListSavedQueriesResponse type: object - properties: - names: - description: >- - Required. The names of the PipelineJobs to cancel. A maximum of 32 - PipelineJobs can be cancelled in a batch. Format: - `projects/{project}/locations/{location}/pipelineJobs/{pipelineJob}` - type: array - items: - type: string - GoogleCloudAiplatformV1QueryReasoningEngineRequest: - id: GoogleCloudAiplatformV1QueryReasoningEngineRequest - description: Request message for ReasoningEngineExecutionService.Query. + description: Response message for DatasetService.ListSavedQueries. + GoogleCloudAiplatformV1ExportModelOperationMetadataOutputInfo: type: object + description: >- + Further describes the output of the ExportModel. Supplements + ExportModelRequest.OutputConfig. + id: GoogleCloudAiplatformV1ExportModelOperationMetadataOutputInfo properties: - input: + artifactOutputUri: + readOnly: true description: >- - Optional. Input content provided by users in JSON object format. - Examples include text query, function calling parameters, media - bytes, etc. - type: object - additionalProperties: - type: any - description: Properties of the object. - classMethod: + Output only. If the Model artifact is being exported to Google Cloud + Storage this is the full path of the directory created, into which + the Model files are being written to. + type: string + imageOutputUri: + readOnly: true description: >- - Optional. Class method to be used for the query. It is optional and - defaults to "query" if unspecified. + Output only. If the Model image is being exported to Google + Container Registry or Artifact Registry this is the full path of the + image created. type: string - GoogleCloudAiplatformV1QueryReasoningEngineResponse: - id: GoogleCloudAiplatformV1QueryReasoningEngineResponse - description: Response message for ReasoningEngineExecutionService.Query - type: object + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextSentimentInputs: properties: - output: - description: Response provided by users in JSON object format. - type: any - GoogleCloudAiplatformV1StreamQueryReasoningEngineRequest: - id: GoogleCloudAiplatformV1StreamQueryReasoningEngineRequest - description: Request message for ReasoningEngineExecutionService.StreamQuery. + sentimentMax: + type: integer + format: int32 + description: >- + A sentiment is expressed as an integer ordinal, where higher value + means a more positive sentiment. The range of sentiments that will + be used is between 0 and sentimentMax (inclusive on both ends), and + all the values in the range must be represented in the dataset + before a model can be created. Only the Annotations with this + sentimentMax will be used for training. sentimentMax value must be + between 1 and 10 (inclusive). + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextSentimentInputs type: object + GoogleCloudAiplatformV1RollbackMemoryRequest: properties: - input: - description: >- - Optional. Input content provided by users in JSON object format. - Examples include text query, function calling parameters, media - bytes, etc. - type: object - additionalProperties: - type: any - description: Properties of the object. - classMethod: - description: >- - Optional. Class method to be used for the stream query. It is - optional and defaults to "stream_query" if unspecified. + targetRevisionId: type: string - GoogleCloudAiplatformV1ReasoningEngine: - id: GoogleCloudAiplatformV1ReasoningEngine + description: Required. The ID of the revision to rollback to. + format: int64 + description: Request message for MemoryBankService.RollbackMemory. + id: GoogleCloudAiplatformV1RollbackMemoryRequest + type: object + GoogleCloudAiplatformV1ReasoningEngineSpecSourceCodeSpecDeveloperConnectConfig: description: >- - ReasoningEngine provides a customizable runtime for models to determine - which actions to take and in which order. + Specifies the configuration for fetching source code from a Git + repository that is managed by Developer Connect. This includes the + repository, revision, and directory to use. type: object + id: >- + GoogleCloudAiplatformV1ReasoningEngineSpecSourceCodeSpecDeveloperConnectConfig properties: - name: + gitRepositoryLink: description: >- - Identifier. The resource name of the ReasoningEngine. Format: - `projects/{project}/locations/{location}/reasoningEngines/{reasoning_engine}` - type: string - displayName: - description: Required. The display name of the ReasoningEngine. - type: string - description: - description: Optional. The description of the ReasoningEngine. + Required. The Developer Connect Git repository link, formatted as + `projects/*/locations/*/connections/*/gitRepositoryLink/*`. type: string - spec: - description: Optional. Configurations of the ReasoningEngine - $ref: '#/components/schemas/GoogleCloudAiplatformV1ReasoningEngineSpec' - createTime: - description: Output only. Timestamp when this ReasoningEngine was created. - readOnly: true + dir: type: string - format: google-datetime - updateTime: description: >- - Output only. Timestamp when this ReasoningEngine was most recently - updated. - readOnly: true - type: string - format: google-datetime - etag: + Required. Directory, relative to the source root, in which to run + the build. + revision: description: >- - Optional. Used to perform consistent read-modify-write updates. If - not set, a blind "overwrite" update happens. + Required. The revision to fetch from the Git repository such as a + branch, a tag, a commit SHA, or any Git ref. type: string - encryptionSpec: - description: >- - Customer-managed encryption key spec for a ReasoningEngine. If set, - this ReasoningEngine and all sub-resources of this ReasoningEngine - will be secured by this key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - GoogleCloudAiplatformV1ReasoningEngineSpec: - id: GoogleCloudAiplatformV1ReasoningEngineSpec - description: ReasoningEngine configurations + GoogleCloudAiplatformV1CreateIndexEndpointOperationMetadata: + description: >- + Runtime operation information for + IndexEndpointService.CreateIndexEndpoint. type: object + id: GoogleCloudAiplatformV1CreateIndexEndpointOperationMetadata properties: - serviceAccount: - description: >- - Optional. The service account that the Reasoning Engine artifact - runs as. It should have "roles/storage.objectViewer" for reading the - user project's Cloud Storage and "roles/aiplatform.user" for using - Vertex extensions. If not specified, the Vertex AI Reasoning Engine - Service Agent in the project will be used. - type: string - packageSpec: - description: >- - Optional. User provided package spec of the ReasoningEngine. Ignored - when users directly specify a deployment image through - `deployment_spec.first_party_image_override`, but keeping the - field_behavior to avoid introducing breaking changes. + genericMetadata: + description: The operation generic information. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + GoogleCloudAiplatformV1EvaluateInstancesRequest: + description: Request message for EvaluationService.EvaluateInstances. + properties: + trajectoryExactMatchInput: + description: Input for trajectory exact match metric. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ReasoningEngineSpecPackageSpec - deploymentSpec: - description: Optional. The specification of a Reasoning Engine deployment. + #/components/schemas/GoogleCloudAiplatformV1TrajectoryExactMatchInput + toolNameMatchInput: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolNameMatchInput' + description: Input for tool name match metric. + bleuInput: + $ref: '#/components/schemas/GoogleCloudAiplatformV1BleuInput' + description: Instances and metric spec for bleu metric. + pairwiseSummarizationQualityInput: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ReasoningEngineSpecDeploymentSpec - classMethods: - description: >- - Optional. Declarations for object class methods in OpenAPI - specification format. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. - agentFramework: - description: >- - Optional. The OSS agent framework used to develop the agent. - Currently supported values: "google-adk", "langchain", "langgraph", - "ag2", "llama-index", "custom". - type: string - GoogleCloudAiplatformV1ReasoningEngineSpecPackageSpec: - id: GoogleCloudAiplatformV1ReasoningEngineSpecPackageSpec - description: User provided package spec like pickled object and package requirements. - type: object - properties: - pickleObjectGcsUri: - description: Optional. The Cloud Storage URI of the pickled python object. - type: string - dependencyFilesGcsUri: - description: >- - Optional. The Cloud Storage URI of the dependency files in tar.gz - format. - type: string - requirementsGcsUri: - description: Optional. The Cloud Storage URI of the `requirements.txt` file - type: string - pythonVersion: - description: >- - Optional. The Python version. Currently support 3.8, 3.9, 3.10, - 3.11. If not specified, default value is 3.10. - type: string - GoogleCloudAiplatformV1ReasoningEngineSpecDeploymentSpec: - id: GoogleCloudAiplatformV1ReasoningEngineSpecDeploymentSpec - description: The specification of a Reasoning Engine deployment. - type: object - properties: - env: - description: >- - Optional. Environment variables to be set with the Reasoning Engine - deployment. The environment variables can be updated through the - UpdateReasoningEngine API. - type: array + #/components/schemas/GoogleCloudAiplatformV1PairwiseSummarizationQualityInput + description: Input for pairwise summarization quality metric. + trajectoryAnyOrderMatchInput: + description: Input for trajectory match any order metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectoryAnyOrderMatchInput + toolParameterKeyMatchInput: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ToolParameterKeyMatchInput + description: Input for tool parameter key match metric. + cometInput: + description: Translation metrics. Input for Comet metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1CometInput' + metrics: items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1EnvVar' - secretEnv: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Metric' description: >- - Optional. Environment variables where the value is a secret in Cloud - Secret Manager. To use this feature, add 'Secret Manager Secret - Accessor' role (roles/secretmanager.secretAccessor) to AI Platform - Reasoning Engine Service Agent. + The metrics used for evaluation. Currently, we only support + evaluating a single metric. If multiple metrics are provided, only + the first one will be evaluated. type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1SecretEnvVar' - pscInterfaceConfig: - description: Optional. Configuration for PSC-I. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PscInterfaceConfig' - minInstances: - description: >- - Optional. The minimum number of application instances that will be - kept running at all times. Defaults to 1. Range: [0, 10]. - type: integer - format: int32 - maxInstances: - description: >- - Optional. The maximum number of application instances that can be - launched to handle increased traffic. Defaults to 100. Range: [1, - 1000]. If VPC-SC or PSC-I is enabled, the acceptable range is [1, - 100]. - type: integer - format: int32 - resourceLimits: + questionAnsweringRelevanceInput: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringRelevanceInput + description: Input for question answering relevance metric. + toolParameterKvMatchInput: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ToolParameterKVMatchInput + description: Input for tool parameter key value match metric. + groundednessInput: + description: Input for groundedness metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundednessInput' + pointwiseMetricInput: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PointwiseMetricInput' + description: Input for pointwise metric. + questionAnsweringQualityInput: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringQualityInput + description: Input for question answering quality metric. + pairwiseMetricInput: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PairwiseMetricInput' + description: Input for pairwise metric. + coherenceInput: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CoherenceInput' + description: Input for coherence metric. + fluencyInput: description: >- - Optional. Resource limits for each container. Only 'cpu' and - 'memory' keys are supported. Defaults to {"cpu": "4", "memory": - "4Gi"}. * The only supported values for CPU are '1', '2', '4', '6' - and '8'. For more information, go to - https://cloud.google.com/run/docs/configuring/cpu. * The only - supported values for memory are '1Gi', '2Gi', ... '32 Gi'. * For - required cpu on different memory values, go to - https://cloud.google.com/run/docs/configuring/memory-limits - type: object - additionalProperties: - type: string - containerConcurrency: + LLM-based metric instance. General text generation metrics, + applicable to other categories. Input for fluency metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FluencyInput' + rougeInput: + description: Instances and metric spec for rouge metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RougeInput' + questionAnsweringCorrectnessInput: + description: Input for question answering correctness metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringCorrectnessInput + autoraterConfig: + description: Optional. Autorater config used for evaluation. + $ref: '#/components/schemas/GoogleCloudAiplatformV1AutoraterConfig' + summarizationHelpfulnessInput: + description: Input for summarization helpfulness metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SummarizationHelpfulnessInput + trajectoryPrecisionInput: + description: Input for trajectory precision metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1TrajectoryPrecisionInput' + instance: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationInstance' + description: The instance to be evaluated. + questionAnsweringHelpfulnessInput: + description: Input for question answering helpfulness metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessInput + toolCallValidInput: + description: Tool call metric instances. Input for tool call valid metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolCallValidInput' + summarizationVerbosityInput: + description: Input for summarization verbosity metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SummarizationVerbosityInput + trajectorySingleToolUseInput: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectorySingleToolUseInput + description: Input for trajectory single tool use metric. + safetyInput: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SafetyInput' + description: Input for safety metric. + summarizationQualityInput: + description: Input for summarization quality metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SummarizationQualityInput + trajectoryInOrderMatchInput: + description: Input for trajectory in order match metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectoryInOrderMatchInput + trajectoryRecallInput: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TrajectoryRecallInput' + description: Input for trajectory recall metric. + metricxInput: + description: Input for Metricx metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1MetricxInput' + rubricBasedInstructionFollowingInput: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RubricBasedInstructionFollowingInput + description: Rubric Based Instruction Following metric. + fulfillmentInput: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FulfillmentInput' + description: Input for fulfillment metric. + pairwiseQuestionAnsweringQualityInput: + description: Input for pairwise question answering quality metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityInput + exactMatchInput: description: >- - Optional. Concurrency for each container and agent server. - Recommended value: 2 * cpu + 1. Defaults to 9. - type: integer - format: int32 - GoogleCloudAiplatformV1SecretEnvVar: - id: GoogleCloudAiplatformV1SecretEnvVar - description: >- - Represents an environment variable where the value is a secret in Cloud - Secret Manager. + Auto metric instances. Instances and metric spec for exact match + metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExactMatchInput' + id: GoogleCloudAiplatformV1EvaluateInstancesRequest type: object - properties: - name: - description: Required. Name of the secret environment variable. - type: string - secretRef: - description: >- - Required. Reference to a secret stored in the Cloud Secret Manager - that will provide the value for this environment variable. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SecretRef' - GoogleCloudAiplatformV1SecretRef: - id: GoogleCloudAiplatformV1SecretRef - description: >- - Reference to a secret stored in the Cloud Secret Manager that will - provide the value for this environment variable. + GoogleCloudAiplatformV1ComputeTokensRequest: type: object properties: - secret: - description: >- - Required. The name of the secret in Cloud Secret Manager. Format: - {secret_name}. + model: type: string - version: description: >- - The Cloud Secret Manager secret version. Can be 'latest' for the - latest version, an integer for a specific version, or a version - alias. - type: string - GoogleCloudAiplatformV1ListReasoningEnginesResponse: - id: GoogleCloudAiplatformV1ListReasoningEnginesResponse - description: Response message for ReasoningEngineService.ListReasoningEngines - type: object + Optional. The name of the publisher model requested to serve the + prediction. Format: + projects/{project}/locations/{location}/publishers/*/models/* + contents: + type: array + description: Optional. Input content. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + instances: + items: + type: any + description: >- + Optional. The instances that are the input to token computing API + call. Schema is identical to the prediction schema of the text + model, even for the non-text models, like chat models, or Codey + models. + type: array + id: GoogleCloudAiplatformV1ComputeTokensRequest + description: Request message for ComputeTokens RPC call. + GoogleCloudAiplatformV1ListPersistentResourcesResponse: + id: GoogleCloudAiplatformV1ListPersistentResourcesResponse properties: - reasoningEngines: - description: List of ReasoningEngines in the requested page. + persistentResources: type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ReasoningEngine' + $ref: '#/components/schemas/GoogleCloudAiplatformV1PersistentResource' nextPageToken: - description: >- - A token to retrieve the next page of results. Pass to - ListReasoningEnginesRequest.page_token to obtain that page. type: string - GoogleCloudAiplatformV1Schedule: - id: GoogleCloudAiplatformV1Schedule - description: >- - An instance of a Schedule periodically schedules runs to make API calls - based on user specified time specification and API request type. + description: >- + A token to retrieve next page of results. Pass to + ListPersistentResourcesRequest.page_token to obtain that page. + description: Response message for PersistentResourceService.ListPersistentResources type: object + GoogleCloudAiplatformV1RubricVerdict: properties: - cron: - description: >- - Cron schedule (https://en.wikipedia.org/wiki/Cron) to launch - scheduled runs. To explicitly set a timezone to the cron tab, apply - a prefix in the cron tab: "CRON_TZ=${IANA_TIME_ZONE}" or - "TZ=${IANA_TIME_ZONE}". The ${IANA_TIME_ZONE} may only be a valid - string from IANA time zone database. For example, - "CRON_TZ=America/New_York 1 * * * *", or "TZ=America/New_York 1 * * - * *". + reasoning: type: string - createPipelineJobRequest: description: >- - Request for PipelineService.CreatePipelineJob. - CreatePipelineJobRequest.parent field is required (format: - projects/{project}/locations/{location}). - $ref: '#/components/schemas/GoogleCloudAiplatformV1CreatePipelineJobRequest' - createNotebookExecutionJobRequest: - description: Request for NotebookService.CreateNotebookExecutionJob. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CreateNotebookExecutionJobRequest - name: - description: Immutable. The resource name of the Schedule. - type: string - displayName: + Optional. Human-readable reasoning or explanation for the verdict. + This can include specific examples or details from the evaluated + content that justify the given verdict. + verdict: + type: boolean description: >- - Required. User provided name of the Schedule. The name can be up to - 128 characters long and can consist of any UTF-8 characters. - type: string - startTime: + Required. Outcome of the evaluation against the rubric, represented + as a boolean. `true` indicates a "Pass", `false` indicates a "Fail". + evaluatedRubric: description: >- - Optional. Timestamp after which the first run can be scheduled. - Default to Schedule create time if not specified. + Required. The full rubric definition that was evaluated. Storing + this ensures the verdict is self-contained and understandable, + especially if the original rubric definition changes or was + dynamically generated. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Rubric' + description: Represents the verdict of an evaluation against a single rubric. + type: object + id: GoogleCloudAiplatformV1RubricVerdict + GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityInstance: + properties: + reference: + description: Optional. Ground truth used to compare against the prediction. type: string - format: google-datetime - endTime: - description: >- - Optional. Timestamp after which no new runs can be scheduled. If - specified, The schedule will be completed when either end_time is - reached or when scheduled_run_count >= max_run_count. If not - specified, new runs will keep getting scheduled until this Schedule - is paused or deleted. Already scheduled runs will be allowed to - complete. Unset if not specified. + context: + description: Required. Text to answer the question. type: string - format: google-datetime - maxRunCount: - description: >- - Optional. Maximum run count of the schedule. If specified, The - schedule will be completed when either started_run_count >= - max_run_count or when end_time is reached. If not specified, new - runs will keep getting scheduled until this Schedule is paused or - deleted. Already scheduled runs will be allowed to complete. Unset - if not specified. + baselinePrediction: + description: Required. Output of the baseline model. type: string - format: int64 - startedRunCount: - description: Output only. The number of runs started by this schedule. - readOnly: true + prediction: type: string - format: int64 - state: - description: Output only. The state of this Schedule. - readOnly: true + description: Required. Output of the candidate model. + instruction: + description: Required. Question Answering prompt for LLM. type: string - enumDescriptions: - - Unspecified. - - >- - The Schedule is active. Runs are being scheduled on the - user-specified timespec. - - >- - The schedule is paused. No new runs will be created until the - schedule is resumed. Already started runs will be allowed to - complete. - - >- - The Schedule is completed. No new runs will be scheduled. Already - started runs will be allowed to complete. Schedules in completed - state cannot be paused or resumed. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - PAUSED - - COMPLETED - createTime: - description: Output only. Timestamp when this Schedule was created. + type: object + id: GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityInstance + description: Spec for pairwise question answering quality instance. + GoogleCloudAiplatformV1UpdateIndexOperationMetadata: + type: object + properties: + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: The operation generic information. + nearestNeighborSearchOperationMetadata: + description: >- + The operation metadata with regard to Matching Engine Index + operation. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadata + id: GoogleCloudAiplatformV1UpdateIndexOperationMetadata + description: Runtime operation information for IndexService.UpdateIndex. + GoogleCloudAiplatformV1Port: + type: object + properties: + containerPort: + description: >- + The number of the port to expose on the pod's IP address. Must be a + valid port number, between 1 and 65535 inclusive. + format: int32 + type: integer + id: GoogleCloudAiplatformV1Port + description: Represents a network port in a container. + GoogleCloudAiplatformV1SchemaPromptSpecTranslationExample: + id: GoogleCloudAiplatformV1SchemaPromptSpecTranslationExample + type: object + description: >- + The translation example that contains reference sentences from various + sources. + properties: + referenceSentencesFileInputs: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecTranslationSentenceFileInput + description: The reference sentences from file. + type: array + referenceSentencePairLists: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecReferenceSentencePairList + type: array + description: The reference sentences from inline text. + GoogleCloudAiplatformV1DatasetVersion: + description: Describes the dataset version. + type: object + properties: + metadata: + type: any readOnly: true + description: >- + Required. Output only. Additional information about the + DatasetVersion. + bigQueryDatasetName: type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when this Schedule was updated. readOnly: true + description: Output only. Name of the associated BigQuery dataset. + name: type: string - format: google-datetime - nextRunTime: description: >- - Output only. Timestamp when this Schedule should schedule the next - run. Having a next_run_time in the past means the runs are being - started behind schedule. + Output only. Identifier. The resource name of the DatasetVersion. + Format: + `projects/{project}/locations/{location}/datasets/{dataset}/datasetVersions/{dataset_version}` readOnly: true + displayName: type: string - format: google-datetime - lastPauseTime: description: >- - Output only. Timestamp when this Schedule was last paused. Unset if - never paused. + The user-defined name of the DatasetVersion. The name can be up to + 128 characters long and can consist of any UTF-8 characters. + satisfiesPzi: + description: Output only. Reserved for future use. + type: boolean + readOnly: true + updateTime: + description: Output only. Timestamp when this DatasetVersion was last updated. readOnly: true - type: string format: google-datetime - lastResumeTime: - description: >- - Output only. Timestamp when this Schedule was last resumed. Unset if - never resumed from pause. + type: string + modelReference: readOnly: true + description: >- + Output only. Reference to the public base model last used by the + dataset version. Only set for prompt dataset versions. + type: string + createTime: type: string + description: Output only. Timestamp when this DatasetVersion was created. + readOnly: true format: google-datetime - maxConcurrentRunCount: + etag: description: >- - Required. Maximum number of runs that can be started concurrently - for this Schedule. This is the limit for starting the scheduled - requests and not the execution of the operations/jobs created by the - requests (if applicable). + Used to perform consistent read-modify-write updates. If not set, a + blind "overwrite" update happens. type: string - format: int64 - allowQueueing: - description: >- - Optional. Whether new scheduled runs can be queued when - max_concurrent_runs limit is reached. If set to true, new runs will - be queued instead of skipped. Default to false. - type: boolean - catchUp: - description: >- - Output only. Whether to backfill missed runs when the schedule is - resumed from PAUSED state. If set to true, all missed runs will be - scheduled. New runs will be scheduled after the backfill is - complete. Default to false. - readOnly: true + satisfiesPzs: + description: Output only. Reserved for future use. type: boolean - lastScheduledRunResponse: - description: >- - Output only. Response of the last scheduled run. This is the - response for starting the scheduled requests and not the execution - of the operations/jobs created by the requests (if applicable). - Unset if no run has been scheduled yet. readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1ScheduleRunResponse' - GoogleCloudAiplatformV1CreatePipelineJobRequest: - id: GoogleCloudAiplatformV1CreatePipelineJobRequest - description: Request message for PipelineService.CreatePipelineJob. + id: GoogleCloudAiplatformV1DatasetVersion + GoogleCloudAiplatformV1LineageSubgraph: + description: >- + A subgraph of the overall lineage graph. Event edges connect Artifact + and Execution nodes. + id: GoogleCloudAiplatformV1LineageSubgraph + properties: + events: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Event' + description: The Event edges between Artifacts and Executions in the subgraph. + executions: + description: The Execution nodes in the subgraph. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Execution' + type: array + artifacts: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Artifact' + type: array + description: The Artifact nodes in the subgraph. + type: object + GoogleCloudAiplatformV1FeaturestoreMonitoringConfigThresholdConfig: type: object properties: - parent: - description: >- - Required. The resource name of the Location to create the - PipelineJob in. Format: `projects/{project}/locations/{location}` - type: string - pipelineJob: - description: Required. The PipelineJob to create. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineJob' - pipelineJobId: + value: description: >- - The ID to use for the PipelineJob, which will become the final - component of the PipelineJob name. If not provided, an ID will be - automatically generated. This value should be less than 128 - characters, and valid characters are `/a-z-/`. + Specify a threshold value that can trigger the alert. 1. For + categorical feature, the distribution distance is calculated by + L-inifinity norm. 2. For numerical feature, the distribution + distance is calculated by Jensen–Shannon divergence. Each feature + must have a non-zero threshold if they need to be monitored. + Otherwise no alert will be triggered for that feature. + type: number + format: double + description: The config for Featurestore Monitoring threshold. + id: GoogleCloudAiplatformV1FeaturestoreMonitoringConfigThresholdConfig + GoogleCloudAiplatformV1FindNeighborsResponseNearestNeighbors: + type: object + description: Nearest neighbors for one query. + id: GoogleCloudAiplatformV1FindNeighborsResponseNearestNeighbors + properties: + neighbors: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FindNeighborsResponseNeighbor + description: All its neighbors. + id: type: string - GoogleCloudAiplatformV1CreateNotebookExecutionJobRequest: - id: GoogleCloudAiplatformV1CreateNotebookExecutionJobRequest - description: Request message for [NotebookService.CreateNotebookExecutionJob] + description: The ID of the query datapoint. + GoogleCloudAiplatformV1FeaturestoreOnlineServingConfig: + id: GoogleCloudAiplatformV1FeaturestoreOnlineServingConfig type: object + description: >- + OnlineServingConfig specifies the details for provisioning online + serving resources. properties: - parent: + fixedNodeCount: + type: integer + format: int32 description: >- - Required. The resource name of the Location to create the - NotebookExecutionJob. Format: - `projects/{project}/locations/{location}` - type: string - notebookExecutionJob: - description: Required. The NotebookExecutionJob to create. - $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJob' - notebookExecutionJobId: - description: Optional. User specified ID for the NotebookExecutionJob. - type: string - GoogleCloudAiplatformV1ScheduleRunResponse: - id: GoogleCloudAiplatformV1ScheduleRunResponse - description: Status of a scheduled run. - type: object - properties: - scheduledRunTime: - description: The scheduled run time based on the user-specified schedule. - type: string - format: google-datetime - runResponse: - description: The response of the scheduled run. - type: string - GoogleCloudAiplatformV1ListSchedulesResponse: - id: GoogleCloudAiplatformV1ListSchedulesResponse - description: Response message for ScheduleService.ListSchedules - type: object - properties: - schedules: - description: List of Schedules in the requested page. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Schedule' - nextPageToken: - description: >- - A token to retrieve the next page of results. Pass to - ListSchedulesRequest.page_token to obtain that page. - type: string - GoogleCloudAiplatformV1PauseScheduleRequest: - id: GoogleCloudAiplatformV1PauseScheduleRequest - description: Request message for ScheduleService.PauseSchedule. - type: object - properties: {} - GoogleCloudAiplatformV1ResumeScheduleRequest: - id: GoogleCloudAiplatformV1ResumeScheduleRequest - description: Request message for ScheduleService.ResumeSchedule. - type: object - properties: - catchUp: + The number of nodes for the online store. The number of nodes + doesn't scale automatically, but you can manually update the number + of nodes. If set to 0, the featurestore will not have an online + store and cannot be used for online serving. + scaling: description: >- - Optional. Whether to backfill missed runs when the schedule is - resumed from PAUSED state. If set to true, all missed runs will be - scheduled. New runs will be scheduled after the backfill is - complete. This will also update Schedule.catch_up field. Default to - false. - type: boolean - GoogleCloudAiplatformV1SpecialistPool: - id: GoogleCloudAiplatformV1SpecialistPool - description: >- - SpecialistPool represents customers' own workforce to work on their data - labeling jobs. It includes a group of specialist managers and workers. - Managers are responsible for managing the workers in this pool as well - as customers' data labeling jobs associated with this pool. Customers - create specialist pool as well as start data labeling jobs on Cloud, - managers and workers handle the jobs using CrowdCompute console. - type: object + Online serving scaling configuration. Only one of `fixed_node_count` + and `scaling` can be set. Setting one will reset the other. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeaturestoreOnlineServingConfigScaling + GoogleCloudAiplatformV1TrajectorySingleToolUseResults: + id: GoogleCloudAiplatformV1TrajectorySingleToolUseResults properties: - name: - description: Required. The resource name of the SpecialistPool. - type: string - displayName: - description: >- - Required. The user-defined name of the SpecialistPool. The name can - be up to 128 characters long and can consist of any UTF-8 - characters. This field should be unique on project-level. - type: string - specialistManagersCount: - description: Output only. The number of managers in this SpecialistPool. - readOnly: true - type: integer - format: int32 - specialistManagerEmails: - description: The email addresses of the managers in the SpecialistPool. - type: array - items: - type: string - pendingDataLabelingJobs: - description: Output only. The resource name of the pending data labeling jobs. - readOnly: true - type: array + trajectorySingleToolUseMetricValues: items: - type: string - specialistWorkerEmails: - description: The email addresses of workers in the SpecialistPool. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectorySingleToolUseMetricValue type: array - items: - type: string - GoogleCloudAiplatformV1ListSpecialistPoolsResponse: - id: GoogleCloudAiplatformV1ListSpecialistPoolsResponse - description: Response message for SpecialistPoolService.ListSpecialistPools. + description: Output only. TrajectorySingleToolUse metric values. + readOnly: true + type: object + description: Results for TrajectorySingleToolUse metric. + GoogleCloudAiplatformV1FeatureGroupBigQueryTimeSeries: type: object + id: GoogleCloudAiplatformV1FeatureGroupBigQueryTimeSeries properties: - specialistPools: - description: >- - A list of SpecialistPools that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1SpecialistPool' - nextPageToken: - description: The standard List next-page token. + timestampColumn: type: string - GoogleCloudAiplatformV1Tensorboard: - id: GoogleCloudAiplatformV1Tensorboard - description: >- - Tensorboard is a physical database that stores users' training metrics. - A default Tensorboard is provided in each region of a Google Cloud - project. If needed users can also create extra Tensorboards in their - projects. - type: object + description: >- + Optional. Column hosting timestamp values for a time-series source. + Will be used to determine the latest `feature_values` for each + entity. Optional. If not provided, column named `feature_timestamp` + of type `TIMESTAMP` will be used. + GoogleCloudAiplatformV1DeployRequestEndpointConfig: properties: - name: + dedicatedEndpointEnabled: description: >- - Output only. Name of the Tensorboard. Format: - `projects/{project}/locations/{location}/tensorboards/{tensorboard}` - readOnly: true - type: string - displayName: - description: Required. User provided name of this Tensorboard. - type: string - description: - description: Description of this Tensorboard. - type: string - encryptionSpec: + Optional. Deprecated. Use dedicated_endpoint_disabled instead. If + true, the endpoint will be exposed through a dedicated DNS + [Endpoint.dedicated_endpoint_dns]. Your request to the dedicated DNS + will be isolated from other users' traffic and will have better + performance and reliability. Note: Once you enabled dedicated + endpoint, you won't be able to send request to the shared DNS + {region}-aiplatform.googleapis.com. The limitations will be removed + soon. + deprecated: true + type: boolean + privateServiceConnectConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PrivateServiceConnectConfig description: >- - Customer-managed encryption key spec for a Tensorboard. If set, this - Tensorboard and all sub-resources of this Tensorboard will be - secured by this key. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - blobStoragePathPrefix: + Optional. Configuration for private service connect. If set, the + endpoint will be exposed through private service connect. + endpointUserId: description: >- - Output only. Consumer project Cloud Storage path prefix used to - store blob data, which can either be a bucket or directory. Does not - end with a '/'. - readOnly: true - type: string - runCount: - description: Output only. The number of Runs stored in this Tensorboard. - readOnly: true - type: integer - format: int32 - createTime: - description: Output only. Timestamp when this Tensorboard was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when this Tensorboard was last updated. - readOnly: true + Optional. Immutable. The ID to use for endpoint, which will become + the final component of the endpoint resource name. If not provided, + Vertex AI will generate a value for this ID. If the first character + is a letter, this value may be up to 63 characters, and valid + characters are `[a-z0-9-]`. The last character must be a letter or + number. If the first character is a number, this value may be up to + 9 characters, and valid characters are `[0-9]` with no leading + zeros. When using HTTP/JSON, this field is populated based on a + query string argument, such as `?endpoint_id=12345`. This is the + fallback for fields that are not included in either the URI or the + body. type: string - format: google-datetime labels: description: >- - The labels with user-defined metadata to organize your Tensorboards. - Label keys and values can be no longer than 64 characters (Unicode - codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. No - more than 64 user labels can be associated with one Tensorboard - (System labels are excluded). See https://goo.gl/xmQnxf for more - information and examples of labels. System reserved label keys are - prefixed with "aiplatform.googleapis.com/" and are immutable. - type: object + Optional. The labels with user-defined metadata to organize your + Endpoints. Label keys and values can be no longer than 64 characters + (Unicode codepoints), can only contain lowercase letters, numeric + characters, underscores and dashes. International characters are + allowed. See https://goo.gl/xmQnxf for more information and examples + of labels. additionalProperties: type: string - etag: + type: object + endpointDisplayName: description: >- - Used to perform a consistent read-modify-write updates. If not set, - a blind "overwrite" update happens. + Optional. The user-specified display name of the endpoint. If not + set, a default name will be used. type: string - isDefault: + dedicatedEndpointDisabled: description: >- - Used to indicate if the TensorBoard instance is the default one. - Each project & region can have at most one default TensorBoard - instance. Creation of a default TensorBoard instance and updating an - existing TensorBoard instance to be default will mark all other - TensorBoard instances (if any) as non default. - type: boolean - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true + Optional. By default, if dedicated endpoint is enabled and private + service connect config is not set, the endpoint will be exposed + through a dedicated DNS [Endpoint.dedicated_endpoint_dns]. If + private service connect config is set, the endpoint will be exposed + through private service connect. Your request to the dedicated DNS + will be isolated from other users' traffic and will have better + performance and reliability. Note: Once you enabled dedicated + endpoint, you won't be able to send request to the shared DNS + {region}-aiplatform.googleapis.com. The limitations will be removed + soon. If this field is set to true, the dedicated endpoint will be + disabled and the deployed model will be exposed through the shared + DNS {region}-aiplatform.googleapis.com. type: boolean - GoogleCloudAiplatformV1ListTensorboardsResponse: - id: GoogleCloudAiplatformV1ListTensorboardsResponse - description: Response message for TensorboardService.ListTensorboards. type: object + id: GoogleCloudAiplatformV1DeployRequestEndpointConfig + description: The endpoint config to use for the deployment. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationNumericTransformation: + description: >- + Training pipeline will perform following transformation functions. * The + value converted to float32. * The z_score of the value. * log(value+1) + when the value is greater than or equal to 0. Otherwise, this + transformation is not applied and the value is considered a missing + value. * z_score of log(value+1) when the value is greater than or equal + to 0. Otherwise, this transformation is not applied and the value is + considered a missing value. * A boolean value that indicates whether the + value is valid. properties: - tensorboards: - description: The Tensorboards mathching the request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensorboard' - nextPageToken: + invalidValuesAllowed: description: >- - A token, which can be sent as ListTensorboardsRequest.page_token to - retrieve the next page. If this field is omitted, there are no - subsequent pages. + If invalid values is allowed, the training pipeline will create a + boolean feature that indicated whether the value is valid. + Otherwise, the training pipeline will discard the input row from + trainining data. + type: boolean + columnName: type: string - GoogleCloudAiplatformV1ReadTensorboardUsageResponse: - id: GoogleCloudAiplatformV1ReadTensorboardUsageResponse - description: Response message for TensorboardService.ReadTensorboardUsage. - type: object - properties: - monthlyUsageData: - description: Maps year-month (YYYYMM) string to per month usage data. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ReadTensorboardUsageResponsePerMonthUsageData - GoogleCloudAiplatformV1ReadTensorboardUsageResponsePerMonthUsageData: - id: GoogleCloudAiplatformV1ReadTensorboardUsageResponsePerMonthUsageData - description: Per month usage data type: object + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationNumericTransformation + GoogleCloudAiplatformV1BleuResults: properties: - userUsageData: - description: Usage data for each user in the given month. + bleuMetricValues: + description: Output only. Bleu metric values. type: array items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ReadTensorboardUsageResponsePerUserUsageData - GoogleCloudAiplatformV1ReadTensorboardUsageResponsePerUserUsageData: - id: GoogleCloudAiplatformV1ReadTensorboardUsageResponsePerUserUsageData - description: Per user usage data. + $ref: '#/components/schemas/GoogleCloudAiplatformV1BleuMetricValue' + readOnly: true + id: GoogleCloudAiplatformV1BleuResults + description: Results for bleu metric. + type: object + GoogleCloudAiplatformV1SyncFeatureViewRequest: + properties: {} + description: Request message for FeatureOnlineStoreAdminService.SyncFeatureView. type: object + id: GoogleCloudAiplatformV1SyncFeatureViewRequest + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionExportEvaluatedDataItemsConfig: properties: - username: - description: User's username - type: string - viewCount: - description: Number of times the user has read data within the Tensorboard. + destinationBigqueryUri: type: string - format: int64 - GoogleCloudAiplatformV1ReadTensorboardSizeResponse: - id: GoogleCloudAiplatformV1ReadTensorboardSizeResponse - description: Response message for TensorboardService.ReadTensorboardSize. + description: >- + URI of desired destination BigQuery table. Expected format: + `bq://{project_id}:{dataset_id}:{table}` If not specified, then + results are exported to the following auto-created BigQuery table: + `{project_id}:export_evaluated_examples_{model_name}_{yyyy_MM_dd'T'HH_mm_ss_SSS'Z'}.evaluated_examples` + overrideExistingTable: + type: boolean + description: >- + If true and an export destination is specified, then the contents of + the destination are overwritten. Otherwise, if the export + destination already exists, then the export operation fails. + description: Configuration for exporting test set predictions to a BigQuery table. type: object + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionExportEvaluatedDataItemsConfig + GoogleCloudAiplatformV1BatchReadFeatureValuesRequestEntityTypeSpec: + id: GoogleCloudAiplatformV1BatchReadFeatureValuesRequestEntityTypeSpec properties: - storageSizeByte: - description: Payload storage size for the TensorBoard + featureSelector: + description: >- + Required. Selectors choosing which Feature values to read from the + EntityType. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureSelector' + entityTypeId: + description: >- + Required. ID of the EntityType to select Features. The EntityType id + is the entity_type_id specified during EntityType creation. type: string - format: int64 - GoogleCloudAiplatformV1TensorboardExperiment: - id: GoogleCloudAiplatformV1TensorboardExperiment + settings: + type: array + description: Per-Feature settings for the batch read. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1DestinationFeatureSetting description: >- - A TensorboardExperiment is a group of TensorboardRuns, that are - typically the results of a training job run, in a Tensorboard. + Selects Features of an EntityType to read values of and specifies read + settings. type: object + GoogleCloudAiplatformV1PurgeArtifactsMetadata: + id: GoogleCloudAiplatformV1PurgeArtifactsMetadata properties: - name: - description: >- - Output only. Name of the TensorboardExperiment. Format: - `projects/{project}/locations/{location}/tensorboards/{tensorboard}/experiments/{experiment}` + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Operation metadata for purging Artifacts. + description: Details of operations that perform MetadataService.PurgeArtifacts. + type: object + GoogleCloudAiplatformV1PointwiseMetricResult: + id: GoogleCloudAiplatformV1PointwiseMetricResult + type: object + description: Spec for pointwise metric result. + properties: + score: + description: Output only. Pointwise metric score. + type: number readOnly: true + format: float + explanation: type: string - displayName: - description: User provided name of this TensorboardExperiment. - type: string - description: - description: Description of this TensorboardExperiment. - type: string - createTime: - description: Output only. Timestamp when this TensorboardExperiment was created. readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. Timestamp when this TensorboardExperiment was last - updated. + description: Output only. Explanation for pointwise metric score. + customOutput: + description: Output only. Spec for custom output. readOnly: true - type: string - format: google-datetime - labels: - description: >- - The labels with user-defined metadata to organize your - TensorboardExperiment. Label keys and values cannot be longer than - 64 characters (Unicode codepoints), can only contain lowercase - letters, numeric characters, underscores and dashes. International - characters are allowed. No more than 64 user labels can be - associated with one Dataset (System labels are excluded). See - https://goo.gl/xmQnxf for more information and examples of labels. - System reserved label keys are prefixed with - `aiplatform.googleapis.com/` and are immutable. The following system - labels exist for each Dataset: * - `aiplatform.googleapis.com/dataset_metadata_schema`: output only. - Its value is the metadata_schema's title. - type: object - additionalProperties: - type: string - etag: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomOutput' + GoogleCloudAiplatformV1UploadModelRequest: + description: Request message for ModelService.UploadModel. + properties: + modelId: description: >- - Used to perform consistent read-modify-write updates. If not set, a - blind "overwrite" update happens. + Optional. The ID to use for the uploaded Model, which will become + the final component of the model resource name. This value may be up + to 63 characters, and valid characters are `[a-z0-9_-]`. The first + character cannot be a number or hyphen. type: string - source: + model: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Model' + description: Required. The Model to create. + parentModel: description: >- - Immutable. Source of the TensorboardExperiment. Example: a custom - training job. + Optional. The resource name of the model into which to upload the + version. Only specify this field when uploading a new version. type: string - GoogleCloudAiplatformV1ListTensorboardExperimentsResponse: - id: GoogleCloudAiplatformV1ListTensorboardExperimentsResponse - description: Response message for TensorboardService.ListTensorboardExperiments. + serviceAccount: + type: string + description: >- + Optional. The user-provided custom service account to use to do the + model upload. If empty, [Vertex AI Service + Agent](https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) + will be used to access resources needed to upload the model. This + account must belong to the target project where the model is + uploaded to, i.e., the project specified in the `parent` field of + this request and have necessary read permissions (to Google Cloud + Storage, Artifact Registry, etc.). + id: GoogleCloudAiplatformV1UploadModelRequest + type: object + GoogleCloudAiplatformV1ListFeatureGroupsResponse: type: object + id: GoogleCloudAiplatformV1ListFeatureGroupsResponse properties: - tensorboardExperiments: - description: The TensorboardExperiments mathching the request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardExperiment' nextPageToken: description: >- - A token, which can be sent as - ListTensorboardExperimentsRequest.page_token to retrieve the next - page. If this field is omitted, there are no subsequent pages. + A token, which can be sent as ListFeatureGroupsRequest.page_token to + retrieve the next page. If this field is omitted, there are no + subsequent pages. type: string - GoogleCloudAiplatformV1TensorboardRun: - id: GoogleCloudAiplatformV1TensorboardRun - description: >- - TensorboardRun maps to a specific execution of a training job with a - given set of hyperparameter values, model definition, dataset, etc + featureGroups: + description: The FeatureGroups matching the request. + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureGroup' + description: Response message for FeatureRegistryService.ListFeatureGroups. + GoogleCloudAiplatformV1GenerateInstanceRubricsRequest: + id: GoogleCloudAiplatformV1GenerateInstanceRubricsRequest + description: Request message for EvaluationService.GenerateInstanceRubrics. type: object properties: - name: - description: >- - Output only. Name of the TensorboardRun. Format: - `projects/{project}/locations/{location}/tensorboards/{tensorboard}/experiments/{experiment}/runs/{run}` - readOnly: true - type: string - displayName: + rubricGenerationSpec: + description: Optional. Specification for how the rubrics should be generated. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RubricGenerationSpec' + agentConfig: description: >- - Required. User provided name of this TensorboardRun. This value must - be unique among all TensorboardRuns belonging to the same parent - TensorboardExperiment. - type: string - description: - description: Description of this TensorboardRun. - type: string - createTime: - description: Output only. Timestamp when this TensorboardRun was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when this TensorboardRun was last updated. - readOnly: true - type: string - format: google-datetime - labels: + Optional. Agent configuration, required for agent-based rubric + generation. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceAgentConfig + predefinedRubricGenerationSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PredefinedMetricSpec' description: >- - The labels with user-defined metadata to organize your - TensorboardRuns. This field will be used to filter and visualize - Runs in the Tensorboard UI. For example, a Vertex AI training job - can set a label aiplatform.googleapis.com/training_job_id=xxxxx to - all the runs created within that job. An end user can set a label - experiment_id=xxxxx for all the runs produced in a Jupyter notebook. - These runs can be grouped by a label value and visualized together - in the Tensorboard UI. Label keys and values can be no longer than - 64 characters (Unicode codepoints), can only contain lowercase - letters, numeric characters, underscores and dashes. International - characters are allowed. No more than 64 user labels can be - associated with one TensorboardRun (System labels are excluded). See - https://goo.gl/xmQnxf for more information and examples of labels. - System reserved label keys are prefixed with - "aiplatform.googleapis.com/" and are immutable. - type: object - additionalProperties: - type: string - etag: + Optional. Specification for using the rubric generation configs of a + pre-defined metric, e.g. "generic_quality_v1" and + "instruction_following_v1". Some of the configs may be only used in + rubric generation and not supporting evaluation, e.g. + "fully_customized_generic_quality_v1". If this field is set, the + `rubric_generation_spec` field will be ignored. + contents: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' description: >- - Used to perform a consistent read-modify-write updates. If not set, - a blind "overwrite" update happens. - type: string - GoogleCloudAiplatformV1BatchCreateTensorboardRunsRequest: - id: GoogleCloudAiplatformV1BatchCreateTensorboardRunsRequest - description: Request message for TensorboardService.BatchCreateTensorboardRuns. + Required. The prompt to generate rubrics from. For single-turn + queries, this is a single instance. For multi-turn queries, this is + a repeated field that contains conversation history + latest + request. + type: array + GoogleCloudAiplatformV1ImportRagFilesConfig: + id: GoogleCloudAiplatformV1ImportRagFilesConfig type: object + description: Config for importing RagFiles. properties: - requests: + gcsSource: description: >- - Required. The request message specifying the TensorboardRuns to - create. A maximum of 1000 TensorboardRuns can be created in a batch. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CreateTensorboardRunRequest - GoogleCloudAiplatformV1CreateTensorboardRunRequest: - id: GoogleCloudAiplatformV1CreateTensorboardRunRequest - description: Request message for TensorboardService.CreateTensorboardRun. - type: object + Google Cloud Storage location. Supports importing individual files + as well as entire Google Cloud Storage directories. Sample formats: + - `gs://bucket_name/my_directory/object_name/my_file.txt` - + `gs://bucket_name/my_directory` + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' + partialFailureGcsSink: + deprecated: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' + description: >- + The Cloud Storage path to write partial failures to. Deprecated. + Prefer to use `import_result_gcs_sink`. + slackSource: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SlackSource' + description: Slack channels with their corresponding access tokens. + googleDriveSource: + description: >- + Google Drive location. Supports importing individual files as well + as Google Drive folders. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GoogleDriveSource' + partialFailureBigquerySink: + deprecated: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQueryDestination' + description: >- + The BigQuery destination to write partial failures to. It should be + a bigquery table resource name (e.g. + "bq://projectId.bqDatasetId.bqTableId"). The dataset must exist. If + the table does not exist, it will be created with the expected + schema. If the table exists, the schema will be validated and data + will be added to this existing table. Deprecated. Prefer to use + `import_result_bq_sink`. + ragFileParsingConfig: + description: >- + Optional. Specifies the parsing config for RagFiles. RAG will use + the default parser if this field is not set. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagFileParsingConfig' + rebuildAnnIndex: + description: >- + Rebuilds the ANN index to optimize for recall on the imported data. + Only applicable for RagCorpora running on RagManagedDb with + `retrieval_strategy` set to `ANN`. The rebuild will be performed + using the existing ANN config set on the RagCorpus. To change the + ANN config, please use the UpdateRagCorpus API. Default is false, + i.e., index is not rebuilt. + type: boolean + importResultGcsSink: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' + description: The Cloud Storage path to write import result to. + jiraSource: + $ref: '#/components/schemas/GoogleCloudAiplatformV1JiraSource' + description: Jira queries with their corresponding authentication. + maxEmbeddingRequestsPerMin: + type: integer + description: >- + Optional. The max number of queries per minute that this job is + allowed to make to the embedding model specified on the corpus. This + value is specific to this job and not shared across other import + jobs. Consult the Quotas page on the project to set an appropriate + value here. If unspecified, a default value of 1,000 QPM would be + used. + format: int32 + importResultBigquerySink: + description: >- + The BigQuery destination to write import result to. It should be a + bigquery table resource name (e.g. + "bq://projectId.bqDatasetId.bqTableId"). The dataset must exist. If + the table does not exist, it will be created with the expected + schema. If the table exists, the schema will be validated and data + will be added to this existing table. + $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQueryDestination' + sharePointSources: + description: SharePoint sources. + $ref: '#/components/schemas/GoogleCloudAiplatformV1SharePointSources' + ragFileTransformationConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RagFileTransformationConfig + description: Specifies the transformation config for RagFiles. + GoogleCloudAiplatformV1ApiAuthApiKeyConfig: + id: GoogleCloudAiplatformV1ApiAuthApiKeyConfig + description: The API secret. properties: - parent: + apiKeyString: description: >- - Required. The resource name of the TensorboardExperiment to create - the TensorboardRun in. Format: - `projects/{project}/locations/{location}/tensorboards/{tensorboard}/experiments/{experiment}` + The API key string. Either this or `api_key_secret_version` must be + set. type: string - tensorboardRun: - description: Required. The TensorboardRun to create. - $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardRun' - tensorboardRunId: - description: >- - Required. The ID to use for the Tensorboard run, which becomes the - final component of the Tensorboard run's resource name. This value - should be 1-128 characters, and valid characters are `/a-z-/`. + apiKeySecretVersion: type: string - GoogleCloudAiplatformV1BatchCreateTensorboardRunsResponse: - id: GoogleCloudAiplatformV1BatchCreateTensorboardRunsResponse - description: Response message for TensorboardService.BatchCreateTensorboardRuns. - type: object - properties: - tensorboardRuns: - description: The created TensorboardRuns. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardRun' - GoogleCloudAiplatformV1ListTensorboardRunsResponse: - id: GoogleCloudAiplatformV1ListTensorboardRunsResponse - description: Response message for TensorboardService.ListTensorboardRuns. + description: >- + Required. The SecretManager secret version resource name storing API + key. e.g. projects/{project}/secrets/{secret}/versions/{version} type: object + GoogleCloudAiplatformV1ListArtifactsResponse: + description: Response message for MetadataService.ListArtifacts. properties: - tensorboardRuns: - description: The TensorboardRuns mathching the request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardRun' nextPageToken: + type: string description: >- - A token, which can be sent as ListTensorboardRunsRequest.page_token - to retrieve the next page. If this field is omitted, there are no + A token, which can be sent as ListArtifactsRequest.page_token to + retrieve the next page. If this field is not populated, there are no subsequent pages. - type: string - GoogleCloudAiplatformV1BatchCreateTensorboardTimeSeriesRequest: - id: GoogleCloudAiplatformV1BatchCreateTensorboardTimeSeriesRequest - description: Request message for TensorboardService.BatchCreateTensorboardTimeSeries. + artifacts: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Artifact' + type: array + description: The Artifacts retrieved from the MetadataStore. + type: object + id: GoogleCloudAiplatformV1ListArtifactsResponse + GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoActionMetrics: + id: GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoActionMetrics type: object + description: The Evaluation metrics given a specific precision_window_length. properties: - requests: + meanAveragePrecision: + type: number + description: The mean average precision. + format: float + precisionWindowLength: + format: google-duration + type: string description: >- - Required. The request message specifying the TensorboardTimeSeries - to create. A maximum of 1000 TensorboardTimeSeries can be created in - a batch. - type: array + This VideoActionMetrics is calculated based on this prediction + window length. If the predicted action's timestamp is inside the + time window whose center is the ground truth action's timestamp with + this specific length, the prediction result is treated as a true + positive. + confidenceMetrics: items: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CreateTensorboardTimeSeriesRequest - GoogleCloudAiplatformV1CreateTensorboardTimeSeriesRequest: - id: GoogleCloudAiplatformV1CreateTensorboardTimeSeriesRequest - description: Request message for TensorboardService.CreateTensorboardTimeSeries. + #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoActionMetricsConfidenceMetrics + type: array + description: >- + Metrics for each label-match confidence_threshold from + 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99. + GoogleCloudAiplatformV1PurgeExecutionsRequest: type: object + description: Request message for MetadataService.PurgeExecutions. + id: GoogleCloudAiplatformV1PurgeExecutionsRequest properties: - parent: + force: + type: boolean description: >- - Required. The resource name of the TensorboardRun to create the - TensorboardTimeSeries in. Format: - `projects/{project}/locations/{location}/tensorboards/{tensorboard}/experiments/{experiment}/runs/{run}` - type: string - tensorboardTimeSeriesId: + Optional. Flag to indicate to actually perform the purge. If `force` + is set to false, the method will return a sample of Execution names + that would be deleted. + filter: description: >- - Optional. The user specified unique ID to use for the - TensorboardTimeSeries, which becomes the final component of the - TensorboardTimeSeries's resource name. This value should match - "a-z0-9{0, 127}" + Required. A required filter matching the Executions to be purged. + E.g., `update_time <= 2020-11-19T11:30:00-04:00`. type: string - tensorboardTimeSeries: - description: Required. The TensorboardTimeSeries to create. - $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeries' - GoogleCloudAiplatformV1TensorboardTimeSeries: - id: GoogleCloudAiplatformV1TensorboardTimeSeries - description: TensorboardTimeSeries maps to times series produced in training runs + GoogleCloudAiplatformV1DeployedModelRef: + properties: + endpoint: + type: string + description: Immutable. A resource name of an Endpoint. + deployedModelId: + type: string + description: Immutable. An ID of a DeployedModel in the above Endpoint. + checkpointId: + description: Immutable. The ID of the Checkpoint deployed in the DeployedModel. + type: string + id: GoogleCloudAiplatformV1DeployedModelRef + type: object + description: Points to a DeployedModel. + GoogleCloudAiplatformV1CreateFeaturestoreOperationMetadata: + id: GoogleCloudAiplatformV1CreateFeaturestoreOperationMetadata type: object + description: Details of operations that perform create Featurestore. properties: - name: - description: Output only. Name of the TensorboardTimeSeries. - readOnly: true + genericMetadata: + description: Operation metadata for Featurestore. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + GoogleCloudAiplatformV1SchemaPromptSpecTranslationFileInputSource: + type: object + id: GoogleCloudAiplatformV1SchemaPromptSpecTranslationFileInputSource + properties: + content: + description: The file's contents. type: string displayName: - description: >- - Required. User provided name of this TensorboardTimeSeries. This - value should be unique among all TensorboardTimeSeries resources - belonging to the same TensorboardRun resource (parent resource). - type: string - description: - description: Description of this TensorboardTimeSeries. type: string - valueType: - description: Required. Immutable. Type of TensorboardTimeSeries value. + description: The file's display name. + mimeType: + description: The file's mime type. type: string - enumDescriptions: - - The value type is unspecified. - - >- - Used for TensorboardTimeSeries that is a list of scalars. E.g. - accuracy of a model over epochs/time. - - >- - Used for TensorboardTimeSeries that is a list of tensors. E.g. - histograms of weights of layer in a model over epoch/time. - - >- - Used for TensorboardTimeSeries that is a list of blob sequences. - E.g. set of sample images with labels over epochs/time. - enum: - - VALUE_TYPE_UNSPECIFIED - - SCALAR - - TENSOR - - BLOB_SEQUENCE - createTime: - description: Output only. Timestamp when this TensorboardTimeSeries was created. - readOnly: true + GoogleCloudAiplatformV1TrajectoryExactMatchInstance: + type: object + id: GoogleCloudAiplatformV1TrajectoryExactMatchInstance + description: Spec for TrajectoryExactMatch instance. + properties: + predictedTrajectory: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' + description: Required. Spec for predicted tool call trajectory. + referenceTrajectory: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' + description: Required. Spec for reference tool call trajectory. + GoogleCloudAiplatformV1FeatureViewSyncConfig: + properties: + cron: type: string - format: google-datetime - updateTime: description: >- - Output only. Timestamp when this TensorboardTimeSeries was last - updated. - readOnly: true - type: string - format: google-datetime - etag: + Cron schedule (https://en.wikipedia.org/wiki/Cron) to launch + scheduled runs. To explicitly set a timezone to the cron tab, apply + a prefix in the cron tab: "CRON_TZ=${IANA_TIME_ZONE}" or + "TZ=${IANA_TIME_ZONE}". The ${IANA_TIME_ZONE} may only be a valid + string from IANA time zone database. For example, + "CRON_TZ=America/New_York 1 * * * *", or "TZ=America/New_York 1 * * + * *". + continuous: description: >- - Used to perform a consistent read-modify-write updates. If not set, - a blind "overwrite" update happens. + Optional. If true, syncs the FeatureView in a continuous manner to + Online Store. + type: boolean + description: Configuration for Sync. Only one option is set. + type: object + id: GoogleCloudAiplatformV1FeatureViewSyncConfig + GoogleCloudAiplatformV1Scheduling: + properties: + maxWaitDuration: type: string - pluginName: + format: google-duration description: >- - Immutable. Name of the plugin this time series pertain to. Such as - Scalar, Tensor, Blob + Optional. This is the maximum duration that a job will wait for the + requested resources to be provisioned if the scheduling strategy is + set to [Strategy.DWS_FLEX_START]. If set to 0, the job will wait + indefinitely. The default is 24 hours. + disableRetries: + type: boolean + description: >- + Optional. Indicates if the job should retry for internal errors + after the job starts running. If true, overrides + `Scheduling.restart_job_on_worker_restart` to false. + restartJobOnWorkerRestart: + description: >- + Optional. Restarts the entire CustomJob if a worker gets restarted. + This feature can be used by distributed training jobs that are not + resilient to workers leaving and joining a job. + type: boolean + strategy: + enumDescriptions: + - Strategy will default to STANDARD. + - Deprecated. Regular on-demand provisioning strategy. + - Deprecated. Low cost by making potential use of spot resources. + - Standard provisioning strategy uses regular on-demand resources. + - Spot provisioning strategy uses spot resources. + - Flex Start strategy uses DWS to queue for resources. type: string - pluginData: - description: Data of the current plugin, with the size limited to 65KB. + enum: + - STRATEGY_UNSPECIFIED + - ON_DEMAND + - LOW_COST + - STANDARD + - SPOT + - FLEX_START + enumDeprecated: + - false + - true + - true + - false + - false + - false + description: Optional. This determines which type of scheduling strategy to use. + timeout: + format: google-duration + description: Optional. The maximum job running time. The default is 7 days. type: string - format: byte - metadata: - description: >- - Output only. Scalar, Tensor, or Blob metadata for this - TensorboardTimeSeries. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeriesMetadata - GoogleCloudAiplatformV1TensorboardTimeSeriesMetadata: - id: GoogleCloudAiplatformV1TensorboardTimeSeriesMetadata - description: Describes metadata for a TensorboardTimeSeries. type: object + description: All parameters related to queuing and scheduling of custom jobs. + id: GoogleCloudAiplatformV1Scheduling + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingMetadata: + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingMetadata properties: - maxStep: - description: >- - Output only. Max step index of all data points within a - TensorboardTimeSeries. - readOnly: true - type: string - format: int64 - maxWallTime: - description: >- - Output only. Max wall clock timestamp of all data points within a - TensorboardTimeSeries. - readOnly: true + evaluatedDataItemsBigqueryUri: + description: BigQuery destination uri for exported evaluated examples. type: string - format: google-datetime - maxBlobSequenceLength: - description: >- - Output only. The largest blob sequence length (number of blobs) of - all data points in this time series, if its ValueType is - BLOB_SEQUENCE. - readOnly: true + trainCostMilliNodeHours: type: string format: int64 - GoogleCloudAiplatformV1BatchCreateTensorboardTimeSeriesResponse: - id: GoogleCloudAiplatformV1BatchCreateTensorboardTimeSeriesResponse - description: >- - Response message for - TensorboardService.BatchCreateTensorboardTimeSeries. + description: >- + Output only. The actual training cost of the model, expressed in + milli node hours, i.e. 1,000 value in this field means 1 node hour. + Guaranteed to not exceed the train budget. type: object - properties: - tensorboardTimeSeries: - description: The created TensorboardTimeSeries. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeries' - GoogleCloudAiplatformV1ListTensorboardTimeSeriesResponse: - id: GoogleCloudAiplatformV1ListTensorboardTimeSeriesResponse - description: Response message for TensorboardService.ListTensorboardTimeSeries. + description: Model metadata specific to AutoML Forecasting. + GoogleCloudAiplatformV1TrajectoryPrecisionInput: + description: Instances and metric spec for TrajectoryPrecision metric. type: object properties: - tensorboardTimeSeries: - description: The TensorboardTimeSeries mathching the request. + metricSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TrajectoryPrecisionSpec' + description: Required. Spec for TrajectoryPrecision metric. + instances: type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeries' - nextPageToken: - description: >- - A token, which can be sent as - ListTensorboardTimeSeriesRequest.page_token to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudAiplatformV1BatchReadTensorboardTimeSeriesDataResponse: - id: GoogleCloudAiplatformV1BatchReadTensorboardTimeSeriesDataResponse - description: >- - Response message for - TensorboardService.BatchReadTensorboardTimeSeriesData. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectoryPrecisionInstance + description: Required. Repeated TrajectoryPrecision instance. + id: GoogleCloudAiplatformV1TrajectoryPrecisionInput + GoogleCloudAiplatformV1CustomJobSpec: type: object + description: Represents the spec of a CustomJob. properties: - timeSeriesData: - description: The returned time series data. - type: array + protectedArtifactLocationId: + type: string + description: >- + The ID of the location to store protected artifacts. e.g. + us-central1. Populate only when the location is different than + CustomJob location. List of supported locations: + https://cloud.google.com/vertex-ai/docs/general/locations + models: items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TimeSeriesData' - GoogleCloudAiplatformV1TimeSeriesData: - id: GoogleCloudAiplatformV1TimeSeriesData - description: All the data stored in a TensorboardTimeSeries. - type: object - properties: - tensorboardTimeSeriesId: + type: string + type: array description: >- - Required. The ID of the TensorboardTimeSeries, which will become the - final component of the TensorboardTimeSeries' resource name - type: string - valueType: + Optional. The name of the Model resources for which to generate a + mapping to artifact URIs. Applicable only to some of the + Google-provided custom jobs. Format: + `projects/{project}/locations/{location}/models/{model}` In order to + retrieve a specific version of the model, also provide the version + ID or version alias. Example: + `projects/{project}/locations/{location}/models/{model}@2` or + `projects/{project}/locations/{location}/models/{model}@golden` If + no version ID or alias is specified, the "default" version will be + returned. The "default" version alias is created for the first + version of the model, and can be moved to other versions later on. + There will be exactly one default version. + network: description: >- - Required. Immutable. The value type of this time series. All the - values in this time series data must match this value type. + Optional. The full name of the Compute Engine + [network](/compute/docs/networks-and-firewalls#networks) to which + the Job should be peered. For example, + `projects/12345/global/networks/myVPC`. + [Format](/compute/docs/reference/rest/v1/networks/insert) is of the + form `projects/{project}/global/networks/{network}`. Where {project} + is a project number, as in `12345`, and {network} is a network name. + To specify this field, you must have already [configured VPC Network + Peering for Vertex + AI](https://cloud.google.com/vertex-ai/docs/general/vpc-peering). If + this field is left unspecified, the job is not peered with any + network. + type: string + serviceAccount: type: string - enumDescriptions: - - The value type is unspecified. - - >- - Used for TensorboardTimeSeries that is a list of scalars. E.g. - accuracy of a model over epochs/time. - - >- - Used for TensorboardTimeSeries that is a list of tensors. E.g. - histograms of weights of layer in a model over epoch/time. - - >- - Used for TensorboardTimeSeries that is a list of blob sequences. - E.g. set of sample images with labels over epochs/time. - enum: - - VALUE_TYPE_UNSPECIFIED - - SCALAR - - TENSOR - - BLOB_SEQUENCE - values: - description: Required. Data points in this time series. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TimeSeriesDataPoint' - GoogleCloudAiplatformV1TimeSeriesDataPoint: - id: GoogleCloudAiplatformV1TimeSeriesDataPoint - description: A TensorboardTimeSeries data point. - type: object - properties: - scalar: - description: A scalar value. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Scalar' - tensor: - description: A tensor value. - $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardTensor' - blobs: - description: A blob sequence value. - $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardBlobSequence' - wallTime: description: >- - Wall clock timestamp when this data point is generated by the end - user. + Specifies the service account for workload run-as account. Users + submitting jobs must have act-as permission on this run-as account. + If unspecified, the [Vertex AI Custom Code Service + Agent](https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) + for the CustomJob's project is used. + scheduling: + description: Scheduling options for a CustomJob. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Scheduling' + persistentResourceId: + description: >- + Optional. The ID of the PersistentResource in the same Project and + Location which to run If this is specified, the job will be run on + existing machines held by the PersistentResource instead of + on-demand short-live machines. The network and CMEK configs on the + job should be consistent with those on the PersistentResource, + otherwise, the job will be rejected. type: string - format: google-datetime - step: - description: Step index of this data point within the run. + experiment: type: string - format: int64 - GoogleCloudAiplatformV1Scalar: - id: GoogleCloudAiplatformV1Scalar - description: One point viewable on a scalar metric plot. - type: object - properties: - value: - description: Value of the point at this step / timestamp. - type: number - format: double - GoogleCloudAiplatformV1TensorboardTensor: - id: GoogleCloudAiplatformV1TensorboardTensor - description: One point viewable on a tensor metric plot. - type: object - properties: - value: description: >- - Required. Serialized form of - https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/framework/tensor.proto + Optional. The Experiment associated with this job. Format: + `projects/{project}/locations/{location}/metadataStores/{metadataStores}/contexts/{experiment-name}` + experimentRun: type: string - format: byte - versionNumber: - description: Optional. Version number of TensorProto used to serialize value. - type: integer - format: int32 - GoogleCloudAiplatformV1TensorboardBlobSequence: - id: GoogleCloudAiplatformV1TensorboardBlobSequence - description: >- - One point viewable on a blob metric plot, but mostly just a wrapper - message to work around repeated fields can't be used directly within - `oneof` fields. - type: object - properties: - values: - description: List of blobs contained within the sequence. + description: >- + Optional. The Experiment Run associated with this job. Format: + `projects/{project}/locations/{location}/metadataStores/{metadataStores}/contexts/{experiment-name}-{experiment-run-name}` + workerPoolSpecs: + description: >- + Required. The spec of the worker pools including machine type and + Docker image. All worker pools except the first one are optional and + can be skipped by providing an empty value. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardBlob' - GoogleCloudAiplatformV1TensorboardBlob: - id: GoogleCloudAiplatformV1TensorboardBlob - description: One blob (e.g, image, graph) viewable on a blob metric plot. - type: object - properties: - id: + $ref: '#/components/schemas/GoogleCloudAiplatformV1WorkerPoolSpec' + baseOutputDirectory: description: >- - Output only. A URI safe key uniquely identifying a blob. Can be used - to locate the blob stored in the Cloud Storage bucket of the - consumer project. - readOnly: true - type: string - data: + The Cloud Storage location to store the output of this CustomJob or + HyperparameterTuningJob. For HyperparameterTuningJob, the + baseOutputDirectory of each child CustomJob backing a Trial is set + to a subdirectory of name id under its parent + HyperparameterTuningJob's baseOutputDirectory. The following Vertex + AI environment variables will be passed to containers or python + modules when this field is set: For CustomJob: * AIP_MODEL_DIR = + `/model/` * AIP_CHECKPOINT_DIR = `/checkpoints/` * + AIP_TENSORBOARD_LOG_DIR = `/logs/` For CustomJob backing a Trial of + HyperparameterTuningJob: * AIP_MODEL_DIR = `//model/` * + AIP_CHECKPOINT_DIR = `//checkpoints/` * AIP_TENSORBOARD_LOG_DIR = + `//logs/` + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' + reservedIpRanges: + type: array description: >- - Optional. The bytes of the blob is not present unless it's returned - by the ReadTensorboardBlobData endpoint. + Optional. A list of names for the reserved ip ranges under the VPC + network that can be used for this job. If set, we will deploy the + job within the provided ip ranges. Otherwise, the job will be + deployed to any ip ranges under the provided VPC network. Example: + ['vertex-ai-ip-range']. + items: + type: string + pscInterfaceConfig: + description: Optional. Configuration for PSC-I for CustomJob. + $ref: '#/components/schemas/GoogleCloudAiplatformV1PscInterfaceConfig' + enableWebAccess: + description: >- + Optional. Whether you want Vertex AI to enable [interactive shell + access](https://cloud.google.com/vertex-ai/docs/training/monitor-debug-interactive-shell) + to training containers. If set to `true`, you can access interactive + shells at the URIs given by CustomJob.web_access_uris or + Trial.web_access_uris (within HyperparameterTuningJob.trials). + type: boolean + tensorboard: type: string - format: byte - GoogleCloudAiplatformV1ReadTensorboardTimeSeriesDataResponse: - id: GoogleCloudAiplatformV1ReadTensorboardTimeSeriesDataResponse - description: Response message for TensorboardService.ReadTensorboardTimeSeriesData. - type: object - properties: - timeSeriesData: - description: The returned time series data. - $ref: '#/components/schemas/GoogleCloudAiplatformV1TimeSeriesData' - GoogleCloudAiplatformV1ReadTensorboardBlobDataResponse: - id: GoogleCloudAiplatformV1ReadTensorboardBlobDataResponse - description: Response message for TensorboardService.ReadTensorboardBlobData. + description: >- + Optional. The name of a Vertex AI Tensorboard resource to which this + CustomJob will upload Tensorboard logs. Format: + `projects/{project}/locations/{location}/tensorboards/{tensorboard}` + enableDashboardAccess: + type: boolean + description: >- + Optional. Whether you want Vertex AI to enable access to the + customized dashboard in training chief container. If set to `true`, + you can access the dashboard at the URIs given by + CustomJob.web_access_uris or Trial.web_access_uris (within + HyperparameterTuningJob.trials). + id: GoogleCloudAiplatformV1CustomJobSpec + GoogleCloudAiplatformV1VertexRagStoreRagResource: type: object properties: - blobs: - description: Blob messages containing blob bytes. - type: array + ragCorpus: + type: string + description: >- + Optional. RagCorpora resource name. Format: + `projects/{project}/locations/{location}/ragCorpora/{rag_corpus}` + ragFileIds: items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardBlob' - GoogleCloudAiplatformV1WriteTensorboardExperimentDataRequest: - id: GoogleCloudAiplatformV1WriteTensorboardExperimentDataRequest - description: Request message for TensorboardService.WriteTensorboardExperimentData. + type: string + type: array + description: >- + Optional. rag_file_id. The files should be in the same rag_corpus + set in rag_corpus field. + description: The definition of the Rag resource. + id: GoogleCloudAiplatformV1VertexRagStoreRagResource + GoogleCloudAiplatformV1BatchReadTensorboardTimeSeriesDataResponse: + id: GoogleCloudAiplatformV1BatchReadTensorboardTimeSeriesDataResponse type: object properties: - writeRunDataRequests: - description: >- - Required. Requests containing per-run TensorboardTimeSeries data to - write. + timeSeriesData: + description: The returned time series data. type: array items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1WriteTensorboardRunDataRequest - GoogleCloudAiplatformV1WriteTensorboardRunDataRequest: - id: GoogleCloudAiplatformV1WriteTensorboardRunDataRequest - description: Request message for TensorboardService.WriteTensorboardRunData. + $ref: '#/components/schemas/GoogleCloudAiplatformV1TimeSeriesData' + description: >- + Response message for + TensorboardService.BatchReadTensorboardTimeSeriesData. + GoogleCloudAiplatformV1SchemaModelevaluationMetricsTextExtractionEvaluationMetrics: type: object + description: Metrics for text extraction evaluation results. + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsTextExtractionEvaluationMetrics properties: - tensorboardRun: + confusionMatrix: description: >- - Required. The resource name of the TensorboardRun to write data to. - Format: - `projects/{project}/locations/{location}/tensorboards/{tensorboard}/experiments/{experiment}/runs/{run}` - type: string - timeSeriesData: + Confusion matrix of the evaluation. Only set for Models where number + of AnnotationSpecs is no more than 10. Only set for + ModelEvaluations, not for ModelEvaluationSlices. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrix + confidenceMetrics: description: >- - Required. The TensorboardTimeSeries data to write. Values with in a - time series are indexed by their step value. Repeated writes to the - same step will overwrite the existing value for that step. The upper - limit of data points per write request is 5000. + Metrics that have confidence thresholds. Precision-recall curve can + be derived from them. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TimeSeriesData' - GoogleCloudAiplatformV1WriteTensorboardExperimentDataResponse: - id: GoogleCloudAiplatformV1WriteTensorboardExperimentDataResponse - description: Response message for TensorboardService.WriteTensorboardExperimentData. - type: object - properties: {} - GoogleCloudAiplatformV1WriteTensorboardRunDataResponse: - id: GoogleCloudAiplatformV1WriteTensorboardRunDataResponse - description: Response message for TensorboardService.WriteTensorboardRunData. - type: object - properties: {} - GoogleCloudAiplatformV1ExportTensorboardTimeSeriesDataRequest: - id: GoogleCloudAiplatformV1ExportTensorboardTimeSeriesDataRequest - description: Request message for TensorboardService.ExportTensorboardTimeSeriesData. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsTextExtractionEvaluationMetricsConfidenceMetrics + GoogleCloudAiplatformV1FindNeighborsRequestQuery: type: object properties: - filter: + fractionLeafNodesToSearchOverride: + type: number + format: double description: >- - Exports the TensorboardTimeSeries' data that match the filter - expression. - type: string - pageSize: + The fraction of the number of leaves to search, set at query time + allows user to tune search performance. This value increase result + in both search accuracy and latency increase. The value should be + between 0.0 and 1.0. If not set or set to 0.0, query uses the + default value specified in + NearestNeighborSearchConfig.TreeAHConfig.fraction_leaf_nodes_to_search. + perCrowdingAttributeNeighborCount: + type: integer description: >- - The maximum number of data points to return per page. The default - page_size is 1000. Values must be between 1 and 10000. Values above - 10000 are coerced to 10000. + Crowding is a constraint on a neighbor list produced by nearest + neighbor search requiring that no more than some value k' of the k + neighbors returned have the same value of crowding_attribute. It's + used for improving result diversity. This field is the maximum + number of matches with the same crowding tag. + format: int32 + rrf: + description: Optional. Represents RRF algorithm that combines search results. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FindNeighborsRequestQueryRRF + neighborCount: type: integer + description: >- + The number of nearest neighbors to be retrieved from database for + each query. If not set, will use the default from the service + configuration + (https://cloud.google.com/vertex-ai/docs/matching-engine/configuring-indexes#nearest-neighbor-search-config). format: int32 - pageToken: + datapoint: + $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexDatapoint' description: >- - A page token, received from a previous - ExportTensorboardTimeSeriesData call. Provide this to retrieve the - subsequent page. When paginating, all other parameters provided to - ExportTensorboardTimeSeriesData must match the call that provided - the page token. - type: string - orderBy: + Required. The datapoint/vector whose nearest neighbors should be + searched for. + approximateNeighborCount: description: >- - Field to use to sort the TensorboardTimeSeries' data. By default, - TensorboardTimeSeries' data is returned in a pseudo random order. + The number of neighbors to find via approximate search before exact + reordering is performed. If not set, the default value from scam + config is used; if set, this value must be > 0. + format: int32 + type: integer + description: >- + A query to find a number of the nearest neighbors (most similar vectors) + of a vector. + id: GoogleCloudAiplatformV1FindNeighborsRequestQuery + GoogleCloudAiplatformV1UpdateFeatureOnlineStoreOperationMetadata: + properties: + genericMetadata: + description: Operation metadata for FeatureOnlineStore. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + id: GoogleCloudAiplatformV1UpdateFeatureOnlineStoreOperationMetadata + type: object + description: Details of operations that perform update FeatureOnlineStore. + GoogleCloudAiplatformV1FeatureViewDirectWriteResponseWriteResponse: + id: GoogleCloudAiplatformV1FeatureViewDirectWriteResponseWriteResponse + properties: + onlineStoreWriteTime: + format: google-datetime type: string - GoogleCloudAiplatformV1ExportTensorboardTimeSeriesDataResponse: - id: GoogleCloudAiplatformV1ExportTensorboardTimeSeriesDataResponse - description: Response message for TensorboardService.ExportTensorboardTimeSeriesData. + description: >- + When the feature values were written to the online store. If + FeatureViewDirectWriteResponse.status is not OK, this field is not + populated. + dataKey: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureViewDataKey' + description: What key is this write response associated with. + type: object + description: Details about the write for each key. + GoogleCloudAiplatformV1ListFeatureViewSyncsResponse: + id: GoogleCloudAiplatformV1ListFeatureViewSyncsResponse type: object + description: >- + Response message for + FeatureOnlineStoreAdminService.ListFeatureViewSyncs. properties: - timeSeriesDataPoints: - description: The returned time series data points. + featureViewSyncs: type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TimeSeriesDataPoint' + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureViewSync' + description: The FeatureViewSyncs matching the request. nextPageToken: description: >- - A token, which can be sent as page_token to retrieve the next page. - If this field is omitted, there are no subsequent pages. + A token, which can be sent as ListFeatureViewSyncsRequest.page_token + to retrieve the next page. If this field is omitted, there are no + subsequent pages. type: string - GoogleCloudAiplatformV1Study: - id: GoogleCloudAiplatformV1Study - description: A message representing a Study. + GoogleCloudAiplatformV1GroundingChunkMaps: type: object + description: >- + A `Maps` chunk is a piece of evidence that comes from Google Maps. It + contains information about a place, such as its name, address, and + reviews. This is used to provide the user with rich, location-based + information. properties: - name: - description: >- - Output only. The name of a study. The study's globally unique - identifier. Format: - `projects/{project}/locations/{location}/studies/{study}` - readOnly: true + placeId: type: string - displayName: - description: Required. Describes the Study, default value is empty string. + description: >- + This Place's resource name, in `places/{place_id}` format. This can + be used to look up the place in the Google Maps API. + placeAnswerSources: + description: >- + The sources that were used to generate the place answer. This + includes review snippets and photos that were used to generate the + answer, as well as URIs to flag content. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GroundingChunkMapsPlaceAnswerSources + uri: type: string - studySpec: - description: Required. Configuration of the Study. - $ref: '#/components/schemas/GoogleCloudAiplatformV1StudySpec' - state: - description: Output only. The detailed state of a Study. - readOnly: true + description: The URI of the place. + text: type: string - enumDescriptions: - - The study state is unspecified. - - The study is active. - - The study is stopped due to an internal error. - - >- - The study is done when the service exhausts the parameter search - space or max_trial_count is reached. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - INACTIVE - - COMPLETED - createTime: - description: Output only. Time at which the study was created. - readOnly: true + description: The text of the place answer. + title: type: string - format: google-datetime - inactiveReason: + description: The title of the place. + id: GoogleCloudAiplatformV1GroundingChunkMaps + GoogleCloudAiplatformV1EncryptionSpec: + id: GoogleCloudAiplatformV1EncryptionSpec + description: >- + Represents a customer-managed encryption key spec that can be applied to + a top-level resource. + type: object + properties: + kmsKeyName: description: >- - Output only. A human readable reason why the Study is inactive. This - should be empty if a study is ACTIVE or COMPLETED. - readOnly: true + Required. The Cloud KMS resource identifier of the customer managed + encryption key used to protect a resource. Has the form: + `projects/my-project/locations/my-region/keyRings/my-kr/cryptoKeys/my-key`. + The key needs to be in the same region as where the compute resource + is created. type: string - GoogleCloudAiplatformV1ListStudiesResponse: - id: GoogleCloudAiplatformV1ListStudiesResponse - description: Response message for VizierService.ListStudies. - type: object + GoogleCloudAiplatformV1SchemaPredictPredictionTextExtractionPredictionResult: properties: - studies: - description: The studies associated with the project. + ids: + items: + type: string + format: int64 + type: array + description: >- + The resource IDs of the AnnotationSpecs that had been identified, + ordered by the confidence score descendingly. + confidences: + items: + type: number + format: float + description: >- + The Model's confidences in correctness of the predicted IDs, higher + value means higher confidence. Order matches the Ids. type: array + textSegmentStartOffsets: + description: >- + The start offsets, inclusive, of the text segment in which the + AnnotationSpec has been identified. Expressed as a zero-based number + of characters as measured from the start of the text snippet. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Study' - nextPageToken: + type: string + format: int64 + type: array + displayNames: + items: + type: string + type: array description: >- - Passes this token as the `page_token` field of the request for a - subsequent call. If this field is omitted, there are no subsequent - pages. - type: string - GoogleCloudAiplatformV1LookupStudyRequest: - id: GoogleCloudAiplatformV1LookupStudyRequest - description: Request message for VizierService.LookupStudy. + The display names of the AnnotationSpecs that had been identified, + order matches the IDs. + textSegmentEndOffsets: + type: array + items: + type: string + format: int64 + description: >- + The end offsets, inclusive, of the text segment in which the + AnnotationSpec has been identified. Expressed as a zero-based number + of characters as measured from the start of the text snippet. type: object - properties: - displayName: - description: Required. The user-defined display name of the Study - type: string - GoogleCloudAiplatformV1SuggestTrialsRequest: - id: GoogleCloudAiplatformV1SuggestTrialsRequest - description: Request message for VizierService.SuggestTrials. + description: Prediction output format for Text Extraction. + id: >- + GoogleCloudAiplatformV1SchemaPredictPredictionTextExtractionPredictionResult + GoogleCloudAiplatformV1IndexDatapoint: type: object properties: - suggestionCount: - description: Required. The number of suggestions requested. It must be positive. - type: integer - format: int32 - clientId: + sparseEmbedding: + description: Optional. Feature embedding vector for sparse index. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1IndexDatapointSparseEmbedding + numericRestricts: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1IndexDatapointNumericRestriction + type: array description: >- - Required. The identifier of the client that is requesting the - suggestion. If multiple SuggestTrialsRequests have the same - `client_id`, the service will return the identical suggested Trial - if the Trial is pending, and provide a new Trial if the last - suggested Trial was completed. - type: string - contexts: + Optional. List of Restrict of the datapoint, used to perform + "restricted searches" where boolean rule are used to filter the + subset of the database eligible for matching. This uses numeric + comparisons. + crowdingTag: description: >- - Optional. This allows you to specify the "context" for a Trial; a - context is a slice (a subspace) of the search space. Typical uses - for contexts: 1) You are using Vizier to tune a server for best - performance, but there's a strong weekly cycle. The context - specifies the day-of-week. This allows Tuesday to generalize from - Wednesday without assuming that everything is identical. 2) Imagine - you're optimizing some medical treatment for people. As they walk in - the door, you know certain facts about them (e.g. sex, weight, - height, blood-pressure). Put that information in the context, and - Vizier will adapt its suggestions to the patient. 3) You want to do - a fair A/B test efficiently. Specify the "A" and "B" conditions as - contexts, and Vizier will generalize between "A" and "B" conditions. - If they are similar, this will allow Vizier to converge to the - optimum faster than if "A" and "B" were separate Studies. NOTE: You - can also enter contexts as REQUESTED Trials, e.g. via the - CreateTrial() RPC; that's the asynchronous option where you don't - need a close association between contexts and suggestions. NOTE: All - the Parameters you set in a context MUST be defined in the Study. - NOTE: You must supply 0 or $suggestion_count contexts. If you don't - supply any contexts, Vizier will make suggestions from the full - search space specified in the StudySpec; if you supply a full set of - context, each suggestion will match the corresponding context. NOTE: - A Context with no features set matches anything, and allows - suggestions from the full search space. NOTE: Contexts MUST lie - within the search space specified in the StudySpec. It's an error if - they don't. NOTE: Contexts preferentially match ACTIVE then - REQUESTED trials before new suggestions are generated. NOTE: - Generation of suggestions involves a match between a Context and - (optionally) a REQUESTED trial; if that match is not fully - specified, a suggestion will be geneated in the merged subspace. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TrialContext' - GoogleCloudAiplatformV1TrialContext: - id: GoogleCloudAiplatformV1TrialContext - type: object - properties: - description: + Optional. CrowdingTag of the datapoint, the number of neighbors to + return in each crowding can be configured during query. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1IndexDatapointCrowdingTag + featureVector: description: >- - A human-readable field which can store a description of this - context. This will become part of the resulting Trial's description - field. + Required. Feature embedding vector for dense index. An array of + numbers with the length of [NearestNeighborSearchConfig.dimensions]. + items: + type: number + format: float + type: array + datapointId: type: string - parameters: + description: Required. Unique identifier of the datapoint. + restricts: description: >- - If/when a Trial is generated or selected from this Context, its - Parameters will match any parameters specified here. (I.e. if this - context specifies parameter name:'a' int_value:3, then a resulting - Trial will have int_value:3 for its parameter named 'a'.) Note that - we first attempt to match existing REQUESTED Trials with contexts, - and if there are no matches, we generate suggestions in the subspace - defined by the parameters specified here. NOTE: a Context without - any Parameters matches the entire feasible search space. + Optional. List of Restrict of the datapoint, used to perform + "restricted searches" where boolean rule are used to filter the + subset of the database eligible for matching. This uses categorical + tokens. See: + https://cloud.google.com/vertex-ai/docs/matching-engine/filtering type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TrialParameter' - GoogleCloudAiplatformV1ListTrialsResponse: - id: GoogleCloudAiplatformV1ListTrialsResponse - description: Response message for VizierService.ListTrials. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1IndexDatapointRestriction + embeddingMetadata: + description: >- + Optional. The key-value map of additional metadata for the + datapoint. + additionalProperties: + type: any + description: Properties of the object. + type: object + id: GoogleCloudAiplatformV1IndexDatapoint + description: A datapoint of Index. + GoogleCloudAiplatformV1ListModelEvaluationsResponse: type: object + id: GoogleCloudAiplatformV1ListModelEvaluationsResponse properties: - trials: - description: The Trials associated with the Study. + modelEvaluations: + description: List of ModelEvaluations in the requested page. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelEvaluation' nextPageToken: + type: string description: >- - Pass this token as the `page_token` field of the request for a - subsequent call. If this field is omitted, there are no subsequent - pages. + A token to retrieve next page of results. Pass to + ListModelEvaluationsRequest.page_token to obtain that page. + description: Response message for ModelService.ListModelEvaluations. + GoogleCloudAiplatformV1SafetyInstance: + id: GoogleCloudAiplatformV1SafetyInstance + properties: + prediction: type: string - GoogleCloudAiplatformV1AddTrialMeasurementRequest: - id: GoogleCloudAiplatformV1AddTrialMeasurementRequest - description: Request message for VizierService.AddTrialMeasurement. + description: Required. Output of the evaluated model. + type: object + description: Spec for safety instance. + GoogleCloudAiplatformV1MemoryBankCustomizationConfigGenerateMemoriesExampleConversationSourceEvent: type: object properties: - measurement: - description: Required. The measurement to be added to a Trial. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Measurement' - GoogleCloudAiplatformV1CompleteTrialRequest: - id: GoogleCloudAiplatformV1CompleteTrialRequest - description: Request message for VizierService.CompleteTrial. + content: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + description: Required. The content of the event. + description: A single conversation event. + id: >- + GoogleCloudAiplatformV1MemoryBankCustomizationConfigGenerateMemoriesExampleConversationSourceEvent + GoogleCloudAiplatformV1Blob: + id: GoogleCloudAiplatformV1Blob type: object + description: >- + A content blob. A Blob contains data of a specific media type. It is + used to represent images, audio, and video. properties: - finalMeasurement: - description: >- - Optional. If provided, it will be used as the completed Trial's - final_measurement; Otherwise, the service will auto-select a - previously reported measurement as the final-measurement - $ref: '#/components/schemas/GoogleCloudAiplatformV1Measurement' - trialInfeasible: - description: >- - Optional. True if the Trial cannot be run with the given Parameter, - and final_measurement will be ignored. - type: boolean - infeasibleReason: + displayName: description: >- - Optional. A human readable reason why the trial was infeasible. This - should only be provided if `trial_infeasible` is true. + Optional. The display name of the blob. Used to provide a label or + filename to distinguish blobs. This field is only returned in + `PromptMessage` for prompt management. It is used in the Gemini + calls only when server-side tools (`code_execution`, + `google_search`, and `url_context`) are enabled. type: string - GoogleCloudAiplatformV1CheckTrialEarlyStoppingStateRequest: - id: GoogleCloudAiplatformV1CheckTrialEarlyStoppingStateRequest - description: Request message for VizierService.CheckTrialEarlyStoppingState. - type: object - properties: {} - GoogleCloudAiplatformV1StopTrialRequest: - id: GoogleCloudAiplatformV1StopTrialRequest - description: Request message for VizierService.StopTrial. - type: object - properties: {} - GoogleCloudAiplatformV1ListOptimalTrialsRequest: - id: GoogleCloudAiplatformV1ListOptimalTrialsRequest - description: Request message for VizierService.ListOptimalTrials. - type: object - properties: {} - GoogleCloudAiplatformV1ListOptimalTrialsResponse: - id: GoogleCloudAiplatformV1ListOptimalTrialsResponse - description: Response message for VizierService.ListOptimalTrials. + data: + format: byte + description: Required. The raw bytes of the data. + type: string + mimeType: + type: string + description: Required. The IANA standard MIME type of the source data. + GoogleCloudAiplatformV1GenerationConfigRoutingConfigManualRoutingMode: + id: GoogleCloudAiplatformV1GenerationConfigRoutingConfigManualRoutingMode + description: >- + The configuration for manual routing. When manual routing is specified, + the model will be selected based on the model name provided. type: object properties: - optimalTrials: - description: >- - The pareto-optimal Trials for multiple objective Study or the - optimal trial for single objective Study. The definition of - pareto-optimal can be checked in wiki page. - https://en.wikipedia.org/wiki/Pareto_efficiency - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' - GoogleCloudAiplatformV1PublisherModel: - id: GoogleCloudAiplatformV1PublisherModel - description: A Model Garden Publisher Model. + modelName: + description: The name of the model to use. Only public LLM models are accepted. + type: string + GoogleCloudAiplatformV1GoogleSearchRetrieval: + id: GoogleCloudAiplatformV1GoogleSearchRetrieval + description: Tool to retrieve public web data for grounding, powered by Google. + properties: + dynamicRetrievalConfig: + description: Specifies the dynamic retrieval configuration for the given source. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DynamicRetrievalConfig' type: object + GoogleCloudAiplatformV1MemoryRevision: properties: - name: - description: Output only. The resource name of the PublisherModel. + extractedMemories: readOnly: true - type: string - versionId: description: >- - Output only. Immutable. The version ID of the PublisherModel. A new - version is committed when a new model version is uploaded under an - existing model id. It is an auto-incrementing decimal number in - string representation. - readOnly: true - type: string - openSourceCategory: - description: Required. Indicates the open source category of the publisher model. - type: string - enumDescriptions: - - The open source category is unspecified, which should not be used. - - Used to indicate the PublisherModel is not open sourced. - - >- - Used to indicate the PublisherModel is a Google-owned open source - model w/ Google checkpoint. - - >- - Used to indicate the PublisherModel is a 3p-owned open source - model w/ Google checkpoint. - - >- - Used to indicate the PublisherModel is a Google-owned pure open - source model. - - >- - Used to indicate the PublisherModel is a 3p-owned pure open source - model. - enum: - - OPEN_SOURCE_CATEGORY_UNSPECIFIED - - PROPRIETARY - - GOOGLE_OWNED_OSS_WITH_GOOGLE_CHECKPOINT - - THIRD_PARTY_OWNED_OSS_WITH_GOOGLE_CHECKPOINT - - GOOGLE_OWNED_OSS - - THIRD_PARTY_OWNED_OSS - supportedActions: - description: Optional. Supported call-to-action options. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToAction - frameworks: - description: Optional. Additional information about the model's Frameworks. - type: array + Output only. The extracted memories from the source content before + consolidation when the memory was updated via GenerateMemories. This + information was used to modify an existing Memory via Consolidation. items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1IntermediateExtractedMemory + type: array + labels: + description: >- + Output only. The labels of the Memory Revision. These labels are + applied to the MemoryRevision when it is created based on + `GenerateMemoriesRequest.revision_labels`. + additionalProperties: type: string - launchStage: - description: Optional. Indicates the launch stage of the model. + type: object + readOnly: true + expireTime: + readOnly: true + format: google-datetime type: string - enumDescriptions: - - The model launch stage is unspecified. - - >- - Used to indicate the PublisherModel is at Experimental launch - stage, available to a small set of customers. - - >- - Used to indicate the PublisherModel is at Private Preview launch - stage, only available to a small set of customers, although a - larger set of customers than an Experimental launch. Previews are - the first launch stage used to get feedback from customers. - - >- - Used to indicate the PublisherModel is at Public Preview launch - stage, available to all customers, although not supported for - production workloads. - - >- - Used to indicate the PublisherModel is at GA launch stage, - available to all customers and ready for production workload. - enum: - - LAUNCH_STAGE_UNSPECIFIED - - EXPERIMENTAL - - PRIVATE_PREVIEW - - PUBLIC_PREVIEW - - GA - versionState: - description: Optional. Indicates the state of the model version. + description: Output only. Timestamp of when this resource is considered expired. + createTime: + format: google-datetime type: string - enumDescriptions: - - The version state is unspecified. - - Used to indicate the version is stable. - - Used to indicate the version is unstable. - enum: - - VERSION_STATE_UNSPECIFIED - - VERSION_STATE_STABLE - - VERSION_STATE_UNSTABLE - publisherModelTemplate: - description: >- - Optional. Output only. Immutable. Used to indicate this model has a - publisher model and provide the template of the publisher model - resource name. + description: Output only. Timestamp when this Memory Revision was created. readOnly: true + name: + description: >- + Identifier. The resource name of the Memory Revision. Format: + `projects/{project}/locations/{location}/reasoningEngines/{reasoning_engine}/memories/{memory}/revisions/{memory_revision}` type: string - predictSchemata: + fact: + readOnly: true description: >- - Optional. The schemata that describes formats of the - PublisherModel's predictions and explanations as given and returned - via PredictionService.Predict. - $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictSchemata' - GoogleCloudAiplatformV1PublisherModelCallToAction: - id: GoogleCloudAiplatformV1PublisherModelCallToAction - description: Actions could take on this Publisher Model. + Output only. The fact of the Memory Revision. This corresponds to + the `fact` field of the parent Memory at the time of revision + creation. + type: string + description: A revision of a Memory. + id: GoogleCloudAiplatformV1MemoryRevision type: object + GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadata: + id: GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadata properties: - viewRestApi: - description: Optional. To view Rest API docs. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionViewRestApi - openNotebook: - description: Optional. Open notebook of the PublisherModel. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences - openNotebooks: - description: Optional. Open notebooks of the PublisherModel. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionOpenNotebooks - createApplication: - description: Optional. Create application using the PublisherModel. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences - openFineTuningPipeline: - description: Optional. Open fine-tuning pipeline of the PublisherModel. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences - openFineTuningPipelines: - description: Optional. Open fine-tuning pipelines of the PublisherModel. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionOpenFineTuningPipelines - openPromptTuningPipeline: - description: Optional. Open prompt-tuning pipeline of the PublisherModel. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences - openGenie: - description: Optional. Open Genie / Playground. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences - deploy: - description: Optional. Deploy the PublisherModel to Vertex Endpoint. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionDeploy - multiDeployVertex: + timeColumn: description: >- - Optional. Multiple setups to deploy the PublisherModel to Vertex - Endpoint. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionDeployVertex - deployGke: - description: Optional. Deploy PublisherModel to Google Kubernetes Engine. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionDeployGke - openGenerationAiStudio: - description: Optional. Open in Generation AI Studio. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences - requestAccess: - description: Optional. Request for access. + The column name of the time column that identifies time order in the + time series. + type: string + inputConfig: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences - openEvaluationPipeline: - description: Optional. Open evaluation pipeline of the PublisherModel. + #/components/schemas/GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataInputConfig + timeSeriesIdentifierColumn: + type: string + description: >- + The column name of the time series identifier column that identifies + the time series. + description: The metadata of Datasets that contain time series data. + type: object + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoClassification: + description: >- + A TrainingJob that trains and uploads an AutoML Video Classification + Model. + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoClassification + properties: + inputs: + description: The input parameters of this TrainingJob. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences - GoogleCloudAiplatformV1PublisherModelCallToActionViewRestApi: - id: GoogleCloudAiplatformV1PublisherModelCallToActionViewRestApi - description: Rest API docs. + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoClassificationInputs type: object + GoogleCloudAiplatformV1UrlContext: + id: GoogleCloudAiplatformV1UrlContext + type: object + properties: {} + description: Tool to support URL context. + GoogleCloudAiplatformV1ListDatasetVersionsResponse: + description: Response message for DatasetService.ListDatasetVersions. properties: - documentations: - description: Required. + datasetVersions: type: array + description: >- + A list of DatasetVersions that matches the specified filter in the + request. items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelDocumentation - title: - description: Required. The title of the view rest API. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetVersion' + nextPageToken: type: string - GoogleCloudAiplatformV1PublisherModelDocumentation: - id: GoogleCloudAiplatformV1PublisherModelDocumentation - description: A named piece of documentation. + description: The standard List next-page token. + type: object + id: GoogleCloudAiplatformV1ListDatasetVersionsResponse + GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigPredictionDriftDetectionConfig: type: object properties: - title: + defaultDriftThreshold: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ThresholdConfig' description: >- - Required. E.g., OVERVIEW, USE CASES, DOCUMENTATION, SDK & SAMPLES, - JAVA, NODE.JS, etc.. - type: string - content: - description: Required. Content of this piece of document (in Markdown format). - type: string - GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences: + Drift anomaly detection threshold used by all features. When the + per-feature thresholds are not set, this field can be used to + specify a threshold for all features. + attributionScoreDriftThresholds: + description: >- + Key is the feature name and value is the threshold. The threshold + here is against attribution score distance between different time + windows. + type: object + additionalProperties: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ThresholdConfig' + driftThresholds: + type: object + description: >- + Key is the feature name and value is the threshold. If a feature + needs to be monitored for drift, a value threshold must be + configured for that feature. The threshold here is against feature + distribution distance between different time windws. + additionalProperties: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ThresholdConfig' id: >- - GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences - description: >- - The regional resource name or the URI. Key is region, e.g., us-central1, - europe-west2, global, etc.. + GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigPredictionDriftDetectionConfig + description: The config for Prediction data drift detection. + GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecTrainTrialSpec: type: object properties: - references: - description: Required. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelResourceReference - title: - description: 'Required. ' - type: string - resourceTitle: - description: Optional. Title of the resource. - type: string - resourceUseCase: - description: Optional. Use case (CUJ) of the resource. - type: string - resourceDescription: - description: Optional. Description of the resource. - type: string - supportsWorkbench: + trainTrialJobSpec: description: >- - Optional. For notebook resource, whether the notebook supports - Workbench. - type: boolean - colabNotebookDisabled: + Required. The spec of a train trial job. The same spec applies to + all train trials. + $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJobSpec' + maxParallelTrialCount: + type: integer + description: Required. The maximum number of trials to run in parallel. + format: int32 + frequency: + type: integer description: >- - Optional. For notebook resource. When set to true, the Colab - Enterprise link will be disabled in the "open notebook" dialog in - UI. - type: boolean - GoogleCloudAiplatformV1PublisherModelResourceReference: - id: GoogleCloudAiplatformV1PublisherModelResourceReference - description: Reference to a resource. + Required. Frequency of search trials to start train stage. Top N + [TrainTrialSpec.max_parallel_trial_count] search trials will be + trained for every M [TrainTrialSpec.frequency] trials searched. + format: int32 + description: Represent spec for train trials. + id: GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecTrainTrialSpec + GoogleCloudAiplatformV1DeployIndexRequest: + id: GoogleCloudAiplatformV1DeployIndexRequest + description: Request message for IndexEndpointService.DeployIndex. + properties: + deployedIndex: + description: Required. The DeployedIndex to be created within the IndexEndpoint. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedIndex' type: object + GoogleCloudAiplatformV1GroundingChunkMapsPlaceAnswerSources: + type: object + id: GoogleCloudAiplatformV1GroundingChunkMapsPlaceAnswerSources + description: >- + The sources that were used to generate the place answer. This includes + review snippets and photos that were used to generate the answer, as + well as URIs to flag content. properties: - uri: - description: The URI of the resource. - type: string - resourceName: - description: The resource name of the Google Cloud resource. - type: string - useCase: - description: Use case (CUJ) of the resource. - deprecated: true - type: string - description: - description: Description of the resource. - deprecated: true - type: string - GoogleCloudAiplatformV1PublisherModelCallToActionOpenNotebooks: - id: GoogleCloudAiplatformV1PublisherModelCallToActionOpenNotebooks - description: Open notebooks. - type: object - properties: - notebooks: - description: Required. Regional resource references to notebooks. - type: array + reviewSnippets: items: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences - GoogleCloudAiplatformV1PublisherModelCallToActionOpenFineTuningPipelines: - id: GoogleCloudAiplatformV1PublisherModelCallToActionOpenFineTuningPipelines - description: Open fine tuning pipelines. - type: object - properties: - fineTuningPipelines: - description: Required. Regional resource references to fine tuning pipelines. + #/components/schemas/GoogleCloudAiplatformV1GroundingChunkMapsPlaceAnswerSourcesReviewSnippet type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences - GoogleCloudAiplatformV1PublisherModelCallToActionDeploy: - id: GoogleCloudAiplatformV1PublisherModelCallToActionDeploy + description: Snippets of reviews that were used to generate the answer. + GoogleCloudAiplatformV1DeployedIndexAuthConfigAuthProvider: description: >- - Model metadata that is needed for UploadModel or - DeployModel/CreateEndpoint requests. - type: object + Configuration for an authentication provider, including support for + [JSON Web Token + (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32). properties: - dedicatedResources: - description: >- - A description of resources that are dedicated to the DeployedModel, - and that need a higher degree of manual configuration. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DedicatedResources' - automaticResources: + allowedIssuers: description: >- - A description of resources that to large degree are decided by - Vertex AI, and require only a modest additional configuration. - $ref: '#/components/schemas/GoogleCloudAiplatformV1AutomaticResources' - sharedResources: + A list of allowed JWT issuers. Each entry must be a valid Google + service account, in the following format: + `service-account-name@project-id.iam.gserviceaccount.com` + type: array + items: + type: string + audiences: + items: + type: string + type: array description: >- - The resource name of the shared DeploymentResourcePool to deploy on. - Format: - `projects/{project}/locations/{location}/deploymentResourcePools/{deployment_resource_pool}` - type: string - modelDisplayName: - description: Optional. Default model display name. + The list of JWT + [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3). + that are allowed to access. A JWT containing any of these audiences + will be accepted. + type: object + id: GoogleCloudAiplatformV1DeployedIndexAuthConfigAuthProvider + GoogleCloudAiplatformV1ExactMatchInstance: + type: object + id: GoogleCloudAiplatformV1ExactMatchInstance + description: Spec for exact match instance. + properties: + reference: type: string - largeModelReference: - description: >- - Optional. Large model reference. When this is set, - model_artifact_spec is not needed. - $ref: '#/components/schemas/GoogleCloudAiplatformV1LargeModelReference' - containerSpec: - description: >- - Optional. The specification of the container that is to be used when - deploying this Model in Vertex AI. Not present for Large Models. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelContainerSpec' - artifactUri: - description: >- - Optional. The path to the directory containing the Model artifact - and any of its supporting files. + description: Required. Ground truth used to compare against the prediction. + prediction: type: string - deployTaskName: - description: >- - Optional. The name of the deploy task (e.g., "text to image - generation"). + description: Required. Output of the evaluated model. + GoogleCloudAiplatformV1ReasoningEngineContextSpecMemoryBankConfigTtlConfigGranularTtlConfig: + description: >- + Configuration for TTL of the memories in the Memory Bank based on the + action that created or updated the memory. + properties: + createTtl: type: string - deployMetadata: - description: Optional. Metadata information about this deployment config. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionDeployDeployMetadata - title: - description: Required. The title of the regional resource reference. + format: google-duration + description: Optional. The TTL duration for memories uploaded via CreateMemory. + generateCreatedTtl: type: string - publicArtifactUri: + format: google-duration description: >- - Optional. The signed URI for ephemeral Cloud Storage access to model - artifact. + Optional. The TTL duration for memories newly generated via + GenerateMemories + (GenerateMemoriesResponse.GeneratedMemory.Action.CREATED). + generateUpdatedTtl: + description: >- + Optional. The TTL duration for memories updated via GenerateMemories + (GenerateMemoriesResponse.GeneratedMemory.Action.UPDATED). In the + case of an UPDATE action, the `expire_time` of the existing memory + will be updated to the new value (now + TTL). type: string - GoogleCloudAiplatformV1LargeModelReference: - id: GoogleCloudAiplatformV1LargeModelReference - description: Contains information about the Large Model. + format: google-duration + id: >- + GoogleCloudAiplatformV1ReasoningEngineContextSpecMemoryBankConfigTtlConfigGranularTtlConfig type: object + GoogleCloudAiplatformV1GdcConfig: properties: - name: - description: >- - Required. The unique name of the large Foundation or pre-built - model. Like "chat-bison", "text-bison". Or model name with version - ID, like "chat-bison@001", "text-bison@005", etc. + zone: type: string - GoogleCloudAiplatformV1PublisherModelCallToActionDeployDeployMetadata: - id: GoogleCloudAiplatformV1PublisherModelCallToActionDeployDeployMetadata - description: >- - Metadata information about the deployment for managing deployment - config. + description: >- + GDC zone. A cluster will be designated for the Vertex AI workload in + this zone. + description: Google Distributed Cloud (GDC) config. + type: object + id: GoogleCloudAiplatformV1GdcConfig + GoogleCloudAiplatformV1DeployIndexOperationMetadata: + id: GoogleCloudAiplatformV1DeployIndexOperationMetadata type: object + description: Runtime operation information for IndexEndpointService.DeployIndex. properties: - labels: - description: >- - Optional. Labels for the deployment config. For managing deployment - config like verifying, source of deployment config, etc. - type: object - additionalProperties: - type: string - sampleRequest: - description: Optional. Sample request for deployed endpoint. + deployedIndexId: + description: The unique index id specified by user type: string - GoogleCloudAiplatformV1PublisherModelCallToActionDeployVertex: - id: GoogleCloudAiplatformV1PublisherModelCallToActionDeployVertex - description: Multiple setups to deploy the PublisherModel. - type: object + genericMetadata: + description: The operation generic information. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTextTransformation: + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTextTransformation properties: - multiDeployVertex: - description: Optional. One click deployment configurations. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionDeploy - GoogleCloudAiplatformV1PublisherModelCallToActionDeployGke: - id: GoogleCloudAiplatformV1PublisherModelCallToActionDeployGke - description: Configurations for PublisherModel GKE deployment + columnName: + type: string type: object - properties: - gkeYamlConfigs: - description: Optional. GKE deployment configuration in yaml format. - type: array - items: - type: string - GoogleCloudAiplatformV1DeployRequest: - id: GoogleCloudAiplatformV1DeployRequest - description: Request message for ModelGardenService.Deploy. + description: >- + Training pipeline will perform following transformation functions. * The + text as is--no change to case, punctuation, spelling, tense, and so on. + * Tokenize text to words. Convert each words to a dictionary lookup + index and generate an embedding for each index. Combine the embedding of + all elements into a single embedding using the mean. * Tokenization is + based on unicode script boundaries. * Missing values get their own + lookup index and resulting embedding. * Stop-words receive no special + treatment and are not removed. + GoogleCloudAiplatformV1NotebookRuntimeTemplate: type: object + description: >- + A template that specifies runtime configurations such as machine type, + runtime version, network configurations, etc. Multiple runtimes can be + created from a runtime template. properties: - publisherModelName: - description: >- - The Model Garden model to deploy. Format: - `publishers/{publisher}/models/{publisher_model}@{version_id}`, or - `publishers/hf-{hugging-face-author}/models/{hugging-face-model-name}@001`. + description: + description: The description of the NotebookRuntimeTemplate. type: string - huggingFaceModelId: - description: >- - The Hugging Face model to deploy. Format: Hugging Face model ID like - `google/gemma-2-2b-it`. + notebookRuntimeType: type: string - modelConfig: - description: >- - Optional. The model config to use for the deployment. If not - specified, the default model config will be used. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployRequestModelConfig' - endpointConfig: + enum: + - NOTEBOOK_RUNTIME_TYPE_UNSPECIFIED + - USER_DEFINED + - ONE_CLICK + description: Optional. Immutable. The type of the notebook runtime template. + enumDescriptions: + - >- + Unspecified notebook runtime type, NotebookRuntimeType will + default to USER_DEFINED. + - runtime or template with coustomized configurations from user. + - runtime or template with system defined configurations. + serviceAccount: + type: string + deprecated: true description: >- - Optional. The endpoint config to use for the deployment. If not - specified, the default endpoint config will be used. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1DeployRequestEndpointConfig - deployConfig: + Deprecated: This field is ignored and the "Vertex AI Notebook + Service Account" + (service-PROJECT_NUMBER@gcp-sa-aiplatform-vm.iam.gserviceaccount.com) + is used for the runtime workload identity. See + https://cloud.google.com/iam/docs/service-agents#vertex-ai-notebook-service-account + for more details. For NotebookExecutionJob, use + NotebookExecutionJob.service_account instead. The service account + that the runtime workload runs as. You can use any service account + within the same project, but you must have the service account user + permission to use the instance. If not specified, the [Compute + Engine default service + account](https://cloud.google.com/compute/docs/access/service-accounts#default_service_account) + is used. + displayName: + type: string description: >- - Optional. The deploy config to use for the deployment. If not - specified, the default deploy config will be used. + Required. The display name of the NotebookRuntimeTemplate. The name + can be up to 128 characters long and can consist of any UTF-8 + characters. + reservationAffinity: + description: Optional. Reservation Affinity of the notebook runtime template. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1DeployRequestDeployConfig - GoogleCloudAiplatformV1DeployRequestModelConfig: - id: GoogleCloudAiplatformV1DeployRequestModelConfig - description: The model config to use for the deployment. - type: object - properties: - acceptEula: - description: >- - Optional. Whether the user accepts the End User License Agreement - (EULA) for the model. - type: boolean - huggingFaceAccessToken: - description: >- - Optional. The Hugging Face read access token used to access the - model artifacts of gated models. + #/components/schemas/GoogleCloudAiplatformV1NotebookReservationAffinity + networkSpec: + description: Optional. Network spec. + $ref: '#/components/schemas/GoogleCloudAiplatformV1NetworkSpec' + name: type: string - huggingFaceCacheEnabled: - description: >- - Optional. If true, the model will deploy with a cached version - instead of directly downloading the model artifacts from Hugging - Face. This is suitable for VPC-SC users with limited internet - access. - type: boolean - modelDisplayName: + description: The resource name of the NotebookRuntimeTemplate. + encryptionSpec: + description: Customer-managed encryption key spec for the notebook runtime. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + dataPersistentDiskSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PersistentDiskSpec' description: >- - Optional. The user-specified display name of the uploaded model. If - not set, a default name will be used. - type: string - containerSpec: + Optional. The specification of persistent disk attached to the + runtime as data disk storage. + networkTags: description: >- - Optional. The specification of the container that is to be used when - deploying. If not set, the default container spec will be used. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelContainerSpec' - modelUserId: + Optional. The Compute Engine tags to add to runtime (see [Tagging + instances](https://cloud.google.com/vpc/docs/add-remove-network-tags)). + type: array + items: + type: string + etag: description: >- - Optional. The ID to use for the uploaded Model, which will become - the final component of the model resource name. When not provided, - Vertex AI will generate a value for this ID. When Model Registry - model is provided, this field will be ignored. This value may be up - to 63 characters, and valid characters are `[a-z0-9_-]`. The first - character cannot be a number or hyphen. + Used to perform consistent read-modify-write updates. If not set, a + blind "overwrite" update happens. type: string - GoogleCloudAiplatformV1DeployRequestEndpointConfig: - id: GoogleCloudAiplatformV1DeployRequestEndpointConfig - description: The endpoint config to use for the deployment. - type: object - properties: - endpointDisplayName: - description: >- - Optional. The user-specified display name of the endpoint. If not - set, a default name will be used. + eucConfig: + description: EUC configuration of the NotebookRuntimeTemplate. + $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookEucConfig' + createTime: type: string - dedicatedEndpointEnabled: + format: google-datetime + readOnly: true description: >- - Optional. Deprecated. Use dedicated_endpoint_disabled instead. If - true, the endpoint will be exposed through a dedicated DNS - [Endpoint.dedicated_endpoint_dns]. Your request to the dedicated DNS - will be isolated from other users' traffic and will have better - performance and reliability. Note: Once you enabled dedicated - endpoint, you won't be able to send request to the shared DNS - {region}-aiplatform.googleapis.com. The limitations will be removed - soon. + Output only. Timestamp when this NotebookRuntimeTemplate was + created. + labels: + type: object + description: >- + The labels with user-defined metadata to organize the + NotebookRuntimeTemplates. Label keys and values can be no longer + than 64 characters (Unicode codepoints), can only contain lowercase + letters, numeric characters, underscores and dashes. International + characters are allowed. See https://goo.gl/xmQnxf for more + information and examples of labels. + additionalProperties: + type: string + shieldedVmConfig: + description: Optional. Immutable. Runtime Shielded VM spec. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ShieldedVmConfig' + isDefault: + readOnly: true deprecated: true type: boolean - dedicatedEndpointDisabled: description: >- - Optional. By default, if dedicated endpoint is enabled, the endpoint - will be exposed through a dedicated DNS - [Endpoint.dedicated_endpoint_dns]. Your request to the dedicated DNS - will be isolated from other users' traffic and will have better - performance and reliability. Note: Once you enabled dedicated - endpoint, you won't be able to send request to the shared DNS - {region}-aiplatform.googleapis.com. The limitations will be removed - soon. If this field is set to true, the dedicated endpoint will be - disabled and the deployed model will be exposed through the shared - DNS {region}-aiplatform.googleapis.com. - type: boolean - endpointUserId: + Output only. Deprecated: This field has no behavior. Use + notebook_runtime_type = 'ONE_CLICK' instead. The default template to + use if not specified. + updateTime: + format: google-datetime description: >- - Optional. Immutable. The ID to use for endpoint, which will become - the final component of the endpoint resource name. If not provided, - Vertex AI will generate a value for this ID. If the first character - is a letter, this value may be up to 63 characters, and valid - characters are `[a-z0-9-]`. The last character must be a letter or - number. If the first character is a number, this value may be up to - 9 characters, and valid characters are `[0-9]` with no leading - zeros. When using HTTP/JSON, this field is populated based on a - query string argument, such as `?endpoint_id=12345`. This is the - fallback for fields that are not included in either the URI or the - body. + Output only. Timestamp when this NotebookRuntimeTemplate was most + recently updated. + readOnly: true type: string - GoogleCloudAiplatformV1DeployRequestDeployConfig: - id: GoogleCloudAiplatformV1DeployRequestDeployConfig - description: The deploy config to use for the deployment. - type: object - properties: - dedicatedResources: + machineSpec: description: >- - Optional. The dedicated resources to use for the endpoint. If not - set, the default resources will be used. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DedicatedResources' - fastTryoutEnabled: + Optional. Immutable. The specification of a single machine for the + template. + $ref: '#/components/schemas/GoogleCloudAiplatformV1MachineSpec' + softwareConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookSoftwareConfig' description: >- - Optional. If true, enable the QMT fast tryout feature for this model - if possible. - type: boolean - systemLabels: + Optional. The notebook software configuration of the notebook + runtime. + idleShutdownConfig: description: >- - Optional. System labels for Model Garden deployments. These labels - are managed by Google and for tracking purposes only. - type: object - additionalProperties: - type: string - GoogleCloudAiplatformV1RagCorpus: - id: GoogleCloudAiplatformV1RagCorpus - description: >- - A RagCorpus is a RagFile container and a project can have multiple - RagCorpora. - type: object + The idle shutdown configuration of NotebookRuntimeTemplate. This + config will only be set when idle shutdown is enabled. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NotebookIdleShutdownConfig + id: GoogleCloudAiplatformV1NotebookRuntimeTemplate + GoogleCloudAiplatformV1PipelineTaskDetailPipelineTaskStatus: + id: GoogleCloudAiplatformV1PipelineTaskDetailPipelineTaskStatus + description: A single record of the task status. properties: - vectorDbConfig: - description: Optional. Immutable. The config for the Vector DBs. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagVectorDbConfig' - vertexAiSearchConfig: - description: Optional. Immutable. The config for the Vertex AI Search. - $ref: '#/components/schemas/GoogleCloudAiplatformV1VertexAiSearchConfig' - name: - description: Output only. The resource name of the RagCorpus. - readOnly: true - type: string - displayName: + error: + $ref: '#/components/schemas/GoogleRpcStatus' description: >- - Required. The display name of the RagCorpus. The name can be up to - 128 characters long and can consist of any UTF-8 characters. - type: string - description: - description: Optional. The description of the RagCorpus. - type: string - createTime: - description: Output only. Timestamp when this RagCorpus was created. + Output only. The error that occurred during the state. May be set + when the state is any of the non-final state + (PENDING/RUNNING/CANCELLING) or FAILED state. If the state is + FAILED, the error here is final and not going to be retried. If the + state is a non-final state, the error indicates a system-error being + retried. readOnly: true + state: + description: Output only. The state of the task. + enum: + - STATE_UNSPECIFIED + - PENDING + - RUNNING + - SUCCEEDED + - CANCEL_PENDING + - CANCELLING + - CANCELLED + - FAILED + - SKIPPED + - NOT_TRIGGERED type: string - format: google-datetime + readOnly: true + enumDescriptions: + - Unspecified. + - Specifies pending state for the task. + - Specifies task is being executed. + - Specifies task completed successfully. + - Specifies Task cancel is in pending state. + - Specifies task is being cancelled. + - Specifies task was cancelled. + - Specifies task failed. + - Specifies task was skipped due to cache hit. + - >- + Specifies that the task was not triggered because the task's + trigger policy is not satisfied. The trigger policy is specified + in the `condition` field of PipelineJob.pipeline_spec. updateTime: - description: Output only. Timestamp when this RagCorpus was last updated. + description: Output only. Update time of this status. readOnly: true type: string format: google-datetime - corpusStatus: - description: Output only. RagCorpus state. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1CorpusStatus' - encryptionSpec: - description: >- - Optional. Immutable. The CMEK key name used to encrypt at-rest data - related to this Corpus. Only applicable to RagManagedDb option for - Vector DB. This field can only be set at corpus creation time, and - cannot be updated or deleted. - $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' - GoogleCloudAiplatformV1RagVectorDbConfig: - id: GoogleCloudAiplatformV1RagVectorDbConfig - description: Config for the Vector DB to use for RAG. type: object + GoogleCloudAiplatformV1PairwiseSummarizationQualitySpec: properties: - ragManagedDb: - description: The config for the RAG-managed Vector DB. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDb - pinecone: - description: The config for the Pinecone. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RagVectorDbConfigPinecone - vertexVectorSearch: - description: The config for the Vertex Vector Search. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RagVectorDbConfigVertexVectorSearch - apiAuth: - description: Authentication config for the chosen Vector DB. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ApiAuth' - ragEmbeddingModelConfig: - description: Optional. Immutable. The embedding model config of the Vector DB. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagEmbeddingModelConfig' - GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDb: - id: GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDb - description: The config for the default RAG-managed Vector DB. - type: object - properties: - knn: - description: Performs a KNN search on RagCorpus. Default choice if not specified. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDbKNN - ann: + version: + format: int32 + type: integer + description: Optional. Which version to use for evaluation. + useReference: + type: boolean description: >- - Performs an ANN search on RagCorpus. Use this if you have a lot of - files (> 10K) in your RagCorpus and want to reduce the search - latency. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDbANN - GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDbKNN: - id: GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDbKNN - description: Config for KNN search. + Optional. Whether to use instance.reference to compute pairwise + summarization quality. + id: GoogleCloudAiplatformV1PairwiseSummarizationQualitySpec type: object - properties: {} - GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDbANN: - id: GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDbANN - description: >- - Config for ANN search. RagManagedDb uses a tree-based structure to - partition data and facilitate faster searches. As a tradeoff, it - requires longer indexing time and manual triggering of index rebuild via - the ImportRagFiles and UpdateRagCorpus API. + description: Spec for pairwise summarization quality score metric. + GoogleCloudAiplatformV1PostStartupScriptConfig: + id: GoogleCloudAiplatformV1PostStartupScriptConfig + description: Post startup script config. type: object properties: - treeDepth: + postStartupScript: + type: string + description: Optional. Post startup script to run after runtime is started. + postStartupScriptUrl: description: >- - The depth of the tree-based structure. Only depth values of 2 and 3 - are supported. Recommended value is 2 if you have if you have O(10K) - files in the RagCorpus and set this to 3 if more than that. Default - value is 2. + Optional. Post startup script url to download. Example: + `gs://bucket/script.sh` + type: string + postStartupScriptBehavior: + type: string + enumDescriptions: + - Unspecified post startup script behavior. + - Run post startup script after runtime is started. + - Run post startup script after runtime is stopped. + - >- + Download and run post startup script every time runtime is + started. + enum: + - POST_STARTUP_SCRIPT_BEHAVIOR_UNSPECIFIED + - RUN_ONCE + - RUN_EVERY_START + - DOWNLOAD_AND_RUN_EVERY_START + description: >- + Optional. Post startup script behavior that defines download and + execution behavior. + CloudAiLargeModelsVisionRaiInfoDetectedLabelsBoundingBox: + type: object + properties: + x1: type: integer format: int32 - leafCount: - description: >- - Number of leaf nodes in the tree-based structure. Each leaf node - contains groups of closely related vectors along with their - corresponding centroid. Recommended value is 10 * sqrt(num of - RagFiles in your RagCorpus). Default value is 500. + description: The X coordinate of the top-left corner, in pixels. + y2: + format: int32 + description: The Y coordinate of the bottom-right corner, in pixels. + type: integer + x2: type: integer format: int32 - GoogleCloudAiplatformV1RagVectorDbConfigPinecone: - id: GoogleCloudAiplatformV1RagVectorDbConfigPinecone - description: The config for the Pinecone. - type: object + description: The X coordinate of the bottom-right corner, in pixels. + y1: + format: int32 + description: The Y coordinate of the top-left corner, in pixels. + type: integer + id: CloudAiLargeModelsVisionRaiInfoDetectedLabelsBoundingBox + description: >- + An integer bounding box of original pixels of the image for the detected + labels. + GoogleCloudAiplatformV1CustomOutputFormatConfig: properties: - indexName: - description: Pinecone index name. This value cannot be changed after it's set. - type: string - GoogleCloudAiplatformV1RagVectorDbConfigVertexVectorSearch: - id: GoogleCloudAiplatformV1RagVectorDbConfigVertexVectorSearch - description: The config for the Vertex Vector Search. + returnRawOutput: + description: Optional. Whether to return raw output. + type: boolean + description: Spec for custom output format configuration. type: object - properties: - indexEndpoint: - description: >- - The resource name of the Index Endpoint. Format: - `projects/{project}/locations/{location}/indexEndpoints/{index_endpoint}` - type: string - index: - description: >- - The resource name of the Index. Format: - `projects/{project}/locations/{location}/indexes/{index}` - type: string - GoogleCloudAiplatformV1RagEmbeddingModelConfig: - id: GoogleCloudAiplatformV1RagEmbeddingModelConfig - description: Config for the embedding model to use for RAG. + id: GoogleCloudAiplatformV1CustomOutputFormatConfig + GoogleTypeLatLng: type: object + description: >- + An object that represents a latitude/longitude pair. This is expressed + as a pair of doubles to represent degrees latitude and degrees + longitude. Unless specified otherwise, this object must conform to the + WGS84 standard. Values must be within normalized ranges. properties: - vertexPredictionEndpoint: - description: >- - The Vertex AI Prediction Endpoint that either refers to a publisher - model or an endpoint that is hosting a 1P fine-tuned text embedding - model. Endpoints hosting non-1P fine-tuned text embedding models are - currently not supported. This is used for dense vector search. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RagEmbeddingModelConfigVertexPredictionEndpoint - GoogleCloudAiplatformV1RagEmbeddingModelConfigVertexPredictionEndpoint: - id: GoogleCloudAiplatformV1RagEmbeddingModelConfigVertexPredictionEndpoint - description: Config representing a model hosted on Vertex Prediction Endpoint. + longitude: + format: double + description: The longitude in degrees. It must be in the range [-180.0, +180.0]. + type: number + latitude: + description: The latitude in degrees. It must be in the range [-90.0, +90.0]. + type: number + format: double + id: GoogleTypeLatLng + GoogleCloudAiplatformV1CometInstance: + description: >- + Spec for Comet instance - The fields used for evaluation are dependent + on the comet version. + id: GoogleCloudAiplatformV1CometInstance type: object properties: - endpoint: - description: >- - Required. The endpoint resource name. Format: - `projects/{project}/locations/{location}/publishers/{publisher}/models/{model}` - or `projects/{project}/locations/{location}/endpoints/{endpoint}` + reference: + description: Optional. Ground truth used to compare against the prediction. type: string - model: + prediction: + type: string + description: Required. Output of the evaluated model. + source: + type: string + description: Optional. Source text in original language. + GoogleCloudAiplatformV1CreateTensorboardRunRequest: + properties: + parent: description: >- - Output only. The resource name of the model that is deployed on the - endpoint. Present only when the endpoint is not a publisher model. - Pattern: `projects/{project}/locations/{location}/models/{model}` - readOnly: true + Required. The resource name of the TensorboardExperiment to create + the TensorboardRun in. Format: + `projects/{project}/locations/{location}/tensorboards/{tensorboard}/experiments/{experiment}` type: string - modelVersionId: + tensorboardRunId: description: >- - Output only. Version ID of the model that is deployed on the - endpoint. Present only when the endpoint is not a publisher model. - readOnly: true + Required. The ID to use for the Tensorboard run, which becomes the + final component of the Tensorboard run's resource name. This value + should be 1-128 characters, and valid characters are `/a-z-/`. type: string - GoogleCloudAiplatformV1VertexAiSearchConfig: - id: GoogleCloudAiplatformV1VertexAiSearchConfig - description: Config for the Vertex AI Search. + tensorboardRun: + description: Required. The TensorboardRun to create. + $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardRun' + id: GoogleCloudAiplatformV1CreateTensorboardRunRequest + description: Request message for TensorboardService.CreateTensorboardRun. type: object + GoogleCloudAiplatformV1TrainingConfig: + type: object + id: GoogleCloudAiplatformV1TrainingConfig + description: >- + CMLE training config. For every active learning labeling iteration, + system will train a machine learning model on CMLE. The trained model + will be used by data sampling algorithm to select DataItems. properties: - servingConfig: + timeoutTrainingMilliHours: + format: int64 description: >- - Vertex AI Search Serving Config resource full name. For example, - `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}/servingConfigs/{serving_config}` - or - `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/servingConfigs/{serving_config}`. + The timeout hours for the CMLE training job, expressed in milli + hours i.e. 1,000 value in this field means 1 hour. type: string - GoogleCloudAiplatformV1CorpusStatus: - id: GoogleCloudAiplatformV1CorpusStatus - description: RagCorpus status. - type: object + GoogleCloudAiplatformV1TunedModelRef: properties: - state: - description: Output only. RagCorpus life state. - readOnly: true + tunedModel: + description: Support migration from model registry. type: string - enumDescriptions: - - This state is not supposed to happen. - - >- - RagCorpus resource entry is initialized, but hasn't done - validation. - - RagCorpus is provisioned successfully and is ready to serve. - - >- - RagCorpus is in a problematic situation. See `error_message` field - for details. - enum: - - UNKNOWN - - INITIALIZED - - ACTIVE - - ERROR - errorStatus: - description: Output only. Only when the `state` field is ERROR. - readOnly: true + pipelineJob: type: string - GoogleCloudAiplatformV1ListRagCorporaResponse: - id: GoogleCloudAiplatformV1ListRagCorporaResponse - description: Response message for VertexRagDataService.ListRagCorpora. + description: >- + Support migration from tuning job list page, from bison model to + gemini model. + tuningJob: + description: >- + Support migration from tuning job list page, from gemini-1.0-pro-002 + to 1.5 and above. + type: string + description: TunedModel Reference for legacy model migration. + id: GoogleCloudAiplatformV1TunedModelRef + type: object + GoogleCloudAiplatformV1ListMemoriesResponse: + description: Response message for MemoryBankService.ListMemories. + id: GoogleCloudAiplatformV1ListMemoriesResponse type: object properties: - ragCorpora: - description: List of RagCorpora in the requested page. + memories: type: array + description: List of Memories in the requested page. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagCorpus' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Memory' nextPageToken: description: >- A token to retrieve the next page of results. Pass to - ListRagCorporaRequest.page_token to obtain that page. + ListMemoriesRequest.page_token to obtain that page. type: string - GoogleCloudAiplatformV1UploadRagFileRequest: - id: GoogleCloudAiplatformV1UploadRagFileRequest - description: Request message for VertexRagDataService.UploadRagFile. - type: object - properties: - ragFile: - description: Required. The RagFile to upload. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagFile' - uploadRagFileConfig: - description: >- - Required. The config for the RagFiles to be uploaded into the - RagCorpus. VertexRagDataService.UploadRagFile. - $ref: '#/components/schemas/GoogleCloudAiplatformV1UploadRagFileConfig' - GoogleCloudAiplatformV1RagFile: - id: GoogleCloudAiplatformV1RagFile - description: A RagFile contains user data for chunking, embedding and indexing. + GoogleCloudAiplatformV1SchemaTextClassificationAnnotation: type: object properties: - gcsSource: - description: >- - Output only. Google Cloud Storage location of the RagFile. It does - not support wildcards in the Cloud Storage uri for now. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' - googleDriveSource: - description: >- - Output only. Google Drive location. Supports importing individual - files as well as Google Drive folders. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1GoogleDriveSource' - directUploadSource: - description: >- - Output only. The RagFile is encapsulated and uploaded in the - UploadRagFile request. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1DirectUploadSource' - slackSource: - description: The RagFile is imported from a Slack channel. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SlackSource' - jiraSource: - description: The RagFile is imported from a Jira query. - $ref: '#/components/schemas/GoogleCloudAiplatformV1JiraSource' - sharePointSources: - description: The RagFile is imported from a SharePoint source. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SharePointSources' - name: - description: Output only. The resource name of the RagFile. - readOnly: true - type: string displayName: description: >- - Required. The display name of the RagFile. The name can be up to 128 - characters long and can consist of any UTF-8 characters. - type: string - description: - description: Optional. The description of the RagFile. - type: string - createTime: - description: Output only. Timestamp when this RagFile was created. - readOnly: true + The display name of the AnnotationSpec that this Annotation pertains + to. type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when this RagFile was last updated. - readOnly: true + annotationSpecId: type: string - format: google-datetime - fileStatus: - description: Output only. State of the RagFile. - readOnly: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1FileStatus' - userMetadata: description: >- - Output only. The metadata for metadata search. The user_metadata - Needs to be in JSON format. - readOnly: true + The resource Id of the AnnotationSpec that this Annotation pertains + to. + description: Annotation details specific to text classification. + id: GoogleCloudAiplatformV1SchemaTextClassificationAnnotation + GoogleCloudAiplatformV1UrlMetadata: + properties: + retrievedUrl: + description: The URL retrieved by the tool. type: string - GoogleCloudAiplatformV1GoogleDriveSource: - id: GoogleCloudAiplatformV1GoogleDriveSource - description: The Google Drive location for the input content. + urlRetrievalStatus: + type: string + enum: + - URL_RETRIEVAL_STATUS_UNSPECIFIED + - URL_RETRIEVAL_STATUS_SUCCESS + - URL_RETRIEVAL_STATUS_ERROR + description: The status of the URL retrieval. + enumDescriptions: + - Default value. This value is unused. + - The URL was retrieved successfully. + - The URL retrieval failed. + id: GoogleCloudAiplatformV1UrlMetadata + description: The metadata for a single URL retrieval. type: object + GoogleCloudAiplatformV1TaskDescriptionStrategy: + description: Defines a generation strategy based on a high-level task description. properties: - resourceIds: - description: Required. Google Drive resource IDs. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GoogleDriveSourceResourceId - GoogleCloudAiplatformV1GoogleDriveSourceResourceId: - id: GoogleCloudAiplatformV1GoogleDriveSourceResourceId - description: The type and ID of the Google Drive resource. + taskDescription: + description: >- + Required. A high-level description of the synthetic data to be + generated. + type: string + id: GoogleCloudAiplatformV1TaskDescriptionStrategy type: object + GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessSpec: + id: GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessSpec + description: Spec for question answering helpfulness metric. properties: - resourceType: - description: Required. The type of the Google Drive resource. - type: string - enumDescriptions: - - Unspecified resource type. - - File resource type. - - Folder resource type. - enum: - - RESOURCE_TYPE_UNSPECIFIED - - RESOURCE_TYPE_FILE - - RESOURCE_TYPE_FOLDER - resourceId: - description: Required. The ID of the Google Drive resource. - type: string - GoogleCloudAiplatformV1DirectUploadSource: - id: GoogleCloudAiplatformV1DirectUploadSource - description: The input content is encapsulated and uploaded in the request. + useReference: + description: >- + Optional. Whether to use instance.reference to compute question + answering helpfulness. + type: boolean + version: + type: integer + format: int32 + description: Optional. Which version to use for evaluation. type: object - properties: {} - GoogleCloudAiplatformV1SlackSource: - id: GoogleCloudAiplatformV1SlackSource - description: The Slack source for the ImportRagFilesRequest. + GoogleCloudAiplatformV1ErrorAnalysisAnnotationAttributedItem: + id: GoogleCloudAiplatformV1ErrorAnalysisAnnotationAttributedItem type: object properties: - channels: - description: Required. The Slack channels. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SlackSourceSlackChannels - GoogleCloudAiplatformV1SlackSourceSlackChannels: - id: GoogleCloudAiplatformV1SlackSourceSlackChannels + annotationResourceName: + description: >- + The unique ID for each annotation. Used by FE to allocate the + annotation in DB. + type: string + distance: + format: double + type: number + description: The distance of this item to the annotation. description: >- - SlackChannels contains the Slack channels and corresponding access - token. + Attributed items for a given annotation, typically representing + neighbors from the training sets constrained by the query type. + GoogleCloudAiplatformV1MigrateResourceResponse: type: object properties: - channels: - description: Required. The Slack channel IDs. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SlackSourceSlackChannelsSlackChannel - apiKeyConfig: + migratableResource: + $ref: '#/components/schemas/GoogleCloudAiplatformV1MigratableResource' description: >- - Required. The SecretManager secret version resource name (e.g. - projects/{project}/secrets/{secret}/versions/{version}) storing the - Slack channel access token that has access to the slack channel IDs. - See: https://api.slack.com/tutorials/tracks/getting-a-token. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ApiAuthApiKeyConfig' - GoogleCloudAiplatformV1SlackSourceSlackChannelsSlackChannel: - id: GoogleCloudAiplatformV1SlackSourceSlackChannelsSlackChannel - description: SlackChannel contains the Slack channel ID and the time range to import. - type: object - properties: - channelId: - description: Required. The Slack channel ID. - type: string - startTime: - description: Optional. The starting timestamp for messages to import. + Before migration, the identifier in ml.googleapis.com, + automl.googleapis.com or datalabeling.googleapis.com. + model: type: string - format: google-datetime - endTime: - description: Optional. The ending timestamp for messages to import. + description: Migrated Model's resource name. + dataset: type: string - format: google-datetime - GoogleCloudAiplatformV1JiraSource: - id: GoogleCloudAiplatformV1JiraSource - description: The Jira source for the ImportRagFilesRequest. - type: object + description: Migrated Dataset's resource name. + id: GoogleCloudAiplatformV1MigrateResourceResponse + description: Describes a successfully migrated resource. + GoogleCloudAiplatformV1SchemaPromptSpecPartList: + id: GoogleCloudAiplatformV1SchemaPromptSpecPartList + description: A list of elements and information that make up a portion of prompt. properties: - jiraQueries: - description: Required. The Jira queries. - type: array + parts: + description: A list of elements that can be part of a prompt. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1JiraSourceJiraQueries' - GoogleCloudAiplatformV1JiraSourceJiraQueries: - id: GoogleCloudAiplatformV1JiraSourceJiraQueries - description: JiraQueries contains the Jira queries and corresponding authentication. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Part' + type: array type: object + GoogleCloudAiplatformV1ModelDataStats: + type: object + description: Stats of data used for train or evaluate the Model. properties: - projects: - description: A list of Jira projects to import in their entirety. - type: array - items: - type: string - customQueries: + testDataItemsCount: description: >- - A list of custom Jira queries to import. For information about JQL - (Jira Query Language), see - https://support.atlassian.com/jira-service-management-cloud/docs/use-advanced-search-with-jira-query-language-jql/ - type: array - items: - type: string - email: - description: Required. The Jira email address. + Number of DataItems that were used for evaluating this Model. If the + Model is evaluated multiple times, this will be the number of test + DataItems used by the first evaluation. If the Model is not + evaluated, the number is 0. + format: int64 type: string - serverUri: - description: Required. The Jira server URI. + validationDataItemsCount: + description: >- + Number of DataItems that were used for validating this Model during + training. type: string - apiKeyConfig: + format: int64 + trainingDataItemsCount: + description: Number of DataItems that were used for training this Model. + format: int64 + type: string + testAnnotationsCount: description: >- - Required. The SecretManager secret version resource name (e.g. - projects/{project}/secrets/{secret}/versions/{version}) storing the - Jira API key. See [Manage API tokens for your Atlassian - account](https://support.atlassian.com/atlassian-account/docs/manage-api-tokens-for-your-atlassian-account/). - $ref: '#/components/schemas/GoogleCloudAiplatformV1ApiAuthApiKeyConfig' - GoogleCloudAiplatformV1SharePointSources: - id: GoogleCloudAiplatformV1SharePointSources - description: The SharePointSources to pass to ImportRagFiles. - type: object - properties: - sharePointSources: - description: The SharePoint sources. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SharePointSourcesSharePointSource - GoogleCloudAiplatformV1SharePointSourcesSharePointSource: - id: GoogleCloudAiplatformV1SharePointSourcesSharePointSource - description: An individual SharePointSource. - type: object - properties: - sharepointFolderPath: - description: The path of the SharePoint folder to download from. - type: string - sharepointFolderId: - description: The ID of the SharePoint folder to download from. + Number of Annotations that are used for evaluating this Model. If + the Model is evaluated multiple times, this will be the number of + test Annotations used by the first evaluation. If the Model is not + evaluated, the number is 0. type: string - driveName: - description: The name of the drive to download from. + format: int64 + trainingAnnotationsCount: type: string - driveId: - description: The ID of the drive to download from. + description: Number of Annotations that are used for training this Model. + format: int64 + validationAnnotationsCount: + format: int64 type: string - clientId: description: >- - The Application ID for the app registered in Microsoft Azure Portal. - The application must also be configured with MS Graph permissions - "Files.ReadAll", "Sites.ReadAll" and BrowserSiteLists.Read.All. + Number of Annotations that are used for validating this Model during + training. + id: GoogleCloudAiplatformV1ModelDataStats + GoogleCloudAiplatformV1QuestionAnsweringQualityInstance: + type: object + id: GoogleCloudAiplatformV1QuestionAnsweringQualityInstance + description: Spec for question answering quality instance. + properties: + context: + description: Required. Text to answer the question. type: string - clientSecret: - description: The application secret for the app registered in Azure. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ApiAuthApiKeyConfig' - tenantId: - description: Unique identifier of the Azure Active Directory Instance. + prediction: type: string - sharepointSiteName: - description: >- - The name of the SharePoint site to download from. This can be the - site name or the site id. + description: Required. Output of the evaluated model. + reference: type: string - fileId: - description: Output only. The SharePoint file id. Output only. - readOnly: true + description: Optional. Ground truth used to compare against the prediction. + instruction: type: string - GoogleCloudAiplatformV1FileStatus: - id: GoogleCloudAiplatformV1FileStatus - description: RagFile status. - type: object + description: Required. Question Answering prompt for LLM. + GoogleCloudAiplatformV1UndeployIndexRequest: + id: GoogleCloudAiplatformV1UndeployIndexRequest + description: Request message for IndexEndpointService.UndeployIndex. properties: - state: - description: Output only. RagFile state. - readOnly: true - type: string - enumDescriptions: - - RagFile state is unspecified. - - RagFile resource has been created and indexed successfully. - - >- - RagFile resource is in a problematic state. See `error_message` - field for details. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - ERROR - errorStatus: - description: Output only. Only when the `state` field is ERROR. - readOnly: true + deployedIndexId: + description: >- + Required. The ID of the DeployedIndex to be undeployed from the + IndexEndpoint. type: string - GoogleCloudAiplatformV1UploadRagFileConfig: - id: GoogleCloudAiplatformV1UploadRagFileConfig - description: Config for uploading RagFile. - type: object - properties: - ragFileTransformationConfig: - description: Specifies the transformation config for RagFiles. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RagFileTransformationConfig - GoogleCloudAiplatformV1RagFileTransformationConfig: - id: GoogleCloudAiplatformV1RagFileTransformationConfig - description: Specifies the transformation config for RagFiles. - type: object - properties: - ragFileChunkingConfig: - description: Specifies the chunking config for RagFiles. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagFileChunkingConfig' - GoogleCloudAiplatformV1RagFileChunkingConfig: - id: GoogleCloudAiplatformV1RagFileChunkingConfig - description: Specifies the size and overlap of chunks for RagFiles. type: object + GoogleCloudAiplatformV1TrajectorySingleToolUseInstance: properties: - fixedLengthChunking: - description: Specifies the fixed length chunking config. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RagFileChunkingConfigFixedLengthChunking - GoogleCloudAiplatformV1RagFileChunkingConfigFixedLengthChunking: - id: GoogleCloudAiplatformV1RagFileChunkingConfigFixedLengthChunking - description: Specifies the fixed length chunking config. + predictedTrajectory: + description: Required. Spec for predicted tool call trajectory. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' + id: GoogleCloudAiplatformV1TrajectorySingleToolUseInstance type: object + description: Spec for TrajectorySingleToolUse instance. + GoogleCloudAiplatformV1Content: + description: >- + The structured data content of a message. A Content message contains a + `role` field, which indicates the producer of the content, and a `parts` + field, which contains the multi-part data of the message. + id: GoogleCloudAiplatformV1Content properties: - chunkSize: - description: The size of the chunks. - type: integer - format: int32 - chunkOverlap: - description: The overlap between chunks. - type: integer - format: int32 - GoogleCloudAiplatformV1UploadRagFileResponse: - id: GoogleCloudAiplatformV1UploadRagFileResponse - description: Response message for VertexRagDataService.UploadRagFile. + role: + description: >- + Optional. The producer of the content. Must be either 'user' or + 'model'. If not set, the service will default to 'user'. + type: string + parts: + description: >- + Required. A list of Part objects that make up a single message. + Parts of a message can have different MIME types. A Content message + must have at least one Part. + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Part' type: object - properties: - ragFile: - description: The RagFile that had been uploaded into the RagCorpus. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagFile' - error: - description: The error that occurred while processing the RagFile. - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudAiplatformV1ImportRagFilesRequest: - id: GoogleCloudAiplatformV1ImportRagFilesRequest - description: Request message for VertexRagDataService.ImportRagFiles. + GoogleCloudAiplatformV1SchemaPredictInstanceVideoClassificationPredictionInstance: + id: >- + GoogleCloudAiplatformV1SchemaPredictInstanceVideoClassificationPredictionInstance + description: Prediction input format for Video Classification. type: object properties: - importRagFilesConfig: + timeSegmentEnd: + type: string description: >- - Required. The config for the RagFiles to be synced and imported into - the RagCorpus. VertexRagDataService.ImportRagFiles. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ImportRagFilesConfig' - GoogleCloudAiplatformV1ImportRagFilesConfig: - id: GoogleCloudAiplatformV1ImportRagFilesConfig - description: Config for importing RagFiles. + The end, exclusive, of the video's time segment on which to perform + the prediction. Expressed as a number of seconds as measured from + the start of the video, with "s" appended at the end. Fractions are + allowed, up to a microsecond precision, and "inf" or "Infinity" is + allowed, which means the end of the video. + content: + description: >- + The Google Cloud Storage location of the video on which to perform + the prediction. + type: string + mimeType: + description: >- + The MIME type of the content of the video. Only the following are + supported: video/mp4 video/avi video/quicktime + type: string + timeSegmentStart: + type: string + description: >- + The beginning, inclusive, of the video's time segment on which to + perform the prediction. Expressed as a number of seconds as measured + from the start of the video, with "s" appended at the end. Fractions + are allowed, up to a microsecond precision. + GoogleCloudAiplatformV1SamplingStrategy: + description: >- + Sampling Strategy for logging, can be for both training and prediction + dataset. + id: GoogleCloudAiplatformV1SamplingStrategy type: object properties: - gcsSource: - description: >- - Google Cloud Storage location. Supports importing individual files - as well as entire Google Cloud Storage directories. Sample formats: - - `gs://bucket_name/my_directory/object_name/my_file.txt` - - `gs://bucket_name/my_directory` - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' - googleDriveSource: + randomSampleConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SamplingStrategyRandomSampleConfig + description: Random sample config. Will support more sampling strategies later. + GoogleCloudAiplatformV1FeatureViewIndexConfig: + description: Configuration for vector indexing. + properties: + crowdingColumn: description: >- - Google Drive location. Supports importing individual files as well - as Google Drive folders. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GoogleDriveSource' - slackSource: - description: Slack channels with their corresponding access tokens. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SlackSource' - jiraSource: - description: Jira queries with their corresponding authentication. - $ref: '#/components/schemas/GoogleCloudAiplatformV1JiraSource' - sharePointSources: - description: SharePoint sources. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SharePointSources' - partialFailureGcsSink: + Optional. Column of crowding. This column contains crowding + attribute which is a constraint on a neighbor list produced by + FeatureOnlineStoreService.SearchNearestEntities to diversify search + results. If + NearestNeighborQuery.per_crowding_attribute_neighbor_count is set to + K in SearchNearestEntitiesRequest, it's guaranteed that no more than + K entities of the same crowding attribute are returned in the + response. + type: string + embeddingColumn: + type: string description: >- - The Cloud Storage path to write partial failures to. Deprecated. - Prefer to use `import_result_gcs_sink`. - deprecated: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' - partialFailureBigquerySink: + Optional. Column of embedding. This column contains the source data + to create index for vector search. embedding_column must be set when + using vector search. + filterColumns: + type: array + items: + type: string description: >- - The BigQuery destination to write partial failures to. It should be - a bigquery table resource name (e.g. - "bq://projectId.bqDatasetId.bqTableId"). The dataset must exist. If - the table does not exist, it will be created with the expected - schema. If the table exists, the schema will be validated and data - will be added to this existing table. Deprecated. Prefer to use - `import_result_bq_sink`. - deprecated: true - $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQueryDestination' - importResultGcsSink: - description: The Cloud Storage path to write import result to. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' - importResultBigquerySink: + Optional. Columns of features that're used to filter vector search + results. + bruteForceConfig: description: >- - The BigQuery destination to write import result to. It should be a - bigquery table resource name (e.g. - "bq://projectId.bqDatasetId.bqTableId"). The dataset must exist. If - the table does not exist, it will be created with the expected - schema. If the table exists, the schema will be validated and data - will be added to this existing table. - $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQueryDestination' - ragFileTransformationConfig: - description: Specifies the transformation config for RagFiles. + Optional. Configuration options for using brute force search, which + simply implements the standard linear search in the database for + each query. It is primarily meant for benchmarking and to generate + the ground truth for approximate search. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RagFileTransformationConfig - ragFileParsingConfig: - description: >- - Optional. Specifies the parsing config for RagFiles. RAG will use - the default parser if this field is not set. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagFileParsingConfig' - maxEmbeddingRequestsPerMin: + #/components/schemas/GoogleCloudAiplatformV1FeatureViewIndexConfigBruteForceConfig + treeAhConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureViewIndexConfigTreeAHConfig description: >- - Optional. The max number of queries per minute that this job is - allowed to make to the embedding model specified on the corpus. This - value is specific to this job and not shared across other import - jobs. Consult the Quotas page on the project to set an appropriate - value here. If unspecified, a default value of 1,000 QPM would be - used. - type: integer + Optional. Configuration options for the tree-AH algorithm (Shallow + tree + Asymmetric Hashing). Please refer to this paper for more + details: https://arxiv.org/abs/1908.10396 + embeddingDimension: + description: Optional. The number of dimensions of the input embedding. format: int32 - rebuildAnnIndex: - description: >- - Rebuilds the ANN index to optimize for recall on the imported data. - Only applicable for RagCorpora running on RagManagedDb with - `retrieval_strategy` set to `ANN`. The rebuild will be performed - using the existing ANN config set on the RagCorpus. To change the - ANN config, please use the UpdateRagCorpus API. Default is false, - i.e., index is not rebuilt. - type: boolean - GoogleCloudAiplatformV1RagFileParsingConfig: - id: GoogleCloudAiplatformV1RagFileParsingConfig - description: Specifies the parsing config for RagFiles. + type: integer + distanceMeasureType: + type: string + description: Optional. The distance measure used in nearest neighbor search. + enumDescriptions: + - Should not be set. + - Euclidean (L_2) Distance. + - >- + Cosine Distance. Defined as 1 - cosine similarity. We strongly + suggest using DOT_PRODUCT_DISTANCE + UNIT_L2_NORM instead of + COSINE distance. Our algorithms have been more optimized for + DOT_PRODUCT distance which, when combined with UNIT_L2_NORM, is + mathematically equivalent to COSINE distance and results in the + same ranking. + - Dot Product Distance. Defined as a negative of the dot product. + enum: + - DISTANCE_MEASURE_TYPE_UNSPECIFIED + - SQUARED_L2_DISTANCE + - COSINE_DISTANCE + - DOT_PRODUCT_DISTANCE type: object - properties: - layoutParser: - description: The Layout Parser to use for RagFiles. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RagFileParsingConfigLayoutParser - llmParser: - description: The LLM Parser to use for RagFiles. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RagFileParsingConfigLlmParser - GoogleCloudAiplatformV1RagFileParsingConfigLayoutParser: - id: GoogleCloudAiplatformV1RagFileParsingConfigLayoutParser - description: Document AI Layout Parser config. + id: GoogleCloudAiplatformV1FeatureViewIndexConfig + GoogleCloudAiplatformV1GoogleDriveSourceResourceId: type: object + id: GoogleCloudAiplatformV1GoogleDriveSourceResourceId properties: - processorName: - description: >- - The full resource name of a Document AI processor or processor - version. The processor must have type `LAYOUT_PARSER_PROCESSOR`. If - specified, the `additional_config.parse_as_scanned_pdf` field must - be false. Format: * - `projects/{project_id}/locations/{location}/processors/{processor_id}` - * - `projects/{project_id}/locations/{location}/processors/{processor_id}/processorVersions/{processor_version_id}` + resourceType: + enum: + - RESOURCE_TYPE_UNSPECIFIED + - RESOURCE_TYPE_FILE + - RESOURCE_TYPE_FOLDER + description: Required. The type of the Google Drive resource. + enumDescriptions: + - Unspecified resource type. + - File resource type. + - Folder resource type. type: string - maxParsingRequestsPerMin: - description: >- - The maximum number of requests the job is allowed to make to the - Document AI processor per minute. Consult - https://cloud.google.com/document-ai/quotas and the Quota page for - your project to set an appropriate value here. If unspecified, a - default value of 120 QPM would be used. - type: integer - format: int32 - GoogleCloudAiplatformV1RagFileParsingConfigLlmParser: - id: GoogleCloudAiplatformV1RagFileParsingConfigLlmParser - description: Specifies the LLM parsing for RagFiles. + resourceId: + description: Required. The ID of the Google Drive resource. + type: string + description: The type and ID of the Google Drive resource. + GoogleCloudAiplatformV1StructFieldValue: + description: One field of a Struct (or object) type feature value. + id: GoogleCloudAiplatformV1StructFieldValue type: object properties: - modelName: - description: >- - The name of a LLM model used for parsing. Format: * - `projects/{project_id}/locations/{location}/publishers/{publisher}/models/{model}` + name: + description: Name of the field in the struct feature. type: string - maxParsingRequestsPerMin: + value: + description: The value for this field. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValue' + GoogleCloudAiplatformV1SchemaVisualInspectionClassificationLabelSavedQueryMetadata: + type: object + properties: + multiLabel: + type: boolean + description: Whether or not the classification label is multi_label. + id: >- + GoogleCloudAiplatformV1SchemaVisualInspectionClassificationLabelSavedQueryMetadata + GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDbANN: + type: object + properties: + leafCount: description: >- - The maximum number of requests the job is allowed to make to the LLM - model per minute. Consult - https://cloud.google.com/vertex-ai/generative-ai/docs/quotas and - your document size to set an appropriate value here. If unspecified, - a default value of 5000 QPM would be used. + Number of leaf nodes in the tree-based structure. Each leaf node + contains groups of closely related vectors along with their + corresponding centroid. Recommended value is 10 * sqrt(num of + RagFiles in your RagCorpus). Default value is 500. + type: integer + format: int32 + treeDepth: type: integer format: int32 - customParsingPrompt: description: >- - The prompt to use for parsing. If not specified, a default prompt - will be used. - type: string - GoogleCloudAiplatformV1ListRagFilesResponse: - id: GoogleCloudAiplatformV1ListRagFilesResponse - description: Response message for VertexRagDataService.ListRagFiles. - type: object + The depth of the tree-based structure. Only depth values of 2 and 3 + are supported. Recommended value is 2 if you have if you have O(10K) + files in the RagCorpus and set this to 3 if more than that. Default + value is 2. + description: >- + Config for ANN search. RagManagedDb uses a tree-based structure to + partition data and facilitate faster searches. As a tradeoff, it + requires longer indexing time and manual triggering of index rebuild via + the ImportRagFiles and UpdateRagCorpus API. + id: GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDbANN + GoogleCloudAiplatformV1ComputeTokensResponse: + description: Response message for ComputeTokens RPC call. properties: - ragFiles: - description: List of RagFiles in the requested page. + tokensInfo: type: array + description: >- + Lists of tokens info from the input. A ComputeTokensRequest could + have multiple instances with a prompt in each instance. We also need + to return lists of tokens info for the request with multiple + instances. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagFile' + $ref: '#/components/schemas/GoogleCloudAiplatformV1TokensInfo' + id: GoogleCloudAiplatformV1ComputeTokensResponse + type: object + GoogleCloudAiplatformV1ListCustomJobsResponse: + properties: + customJobs: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJob' + type: array + description: List of CustomJobs in the requested page. nextPageToken: + type: string description: >- A token to retrieve the next page of results. Pass to - ListRagFilesRequest.page_token to obtain that page. - type: string - GoogleCloudAiplatformV1RagEngineConfig: - id: GoogleCloudAiplatformV1RagEngineConfig - description: Config for RagEngine. + ListCustomJobsRequest.page_token to obtain that page. + id: GoogleCloudAiplatformV1ListCustomJobsResponse + description: Response message for JobService.ListCustomJobs + type: object + GoogleCloudAiplatformV1IndexStats: + description: Stats of the Index. type: object properties: - name: - description: >- - Identifier. The name of the RagEngineConfig. Format: - `projects/{project}/locations/{location}/ragEngineConfig` + shardsCount: + description: Output only. The number of shards in the Index. + format: int32 + readOnly: true + type: integer + vectorsCount: + description: Output only. The number of dense vectors in the Index. + format: int64 type: string - ragManagedDbConfig: - description: The config of the RagManagedDb used by RagEngine. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagManagedDbConfig' - GoogleCloudAiplatformV1RagManagedDbConfig: - id: GoogleCloudAiplatformV1RagManagedDbConfig - description: Configuration message for RagManagedDb used by RagEngine. + readOnly: true + sparseVectorsCount: + format: int64 + readOnly: true + description: Output only. The number of sparse vectors in the Index. + type: string + id: GoogleCloudAiplatformV1IndexStats + GoogleCloudAiplatformV1DeleteOperationMetadata: + description: Details of operations that perform deletes of any entities. type: object + id: GoogleCloudAiplatformV1DeleteOperationMetadata properties: - scaled: - description: Sets the RagManagedDb to the Scaled tier. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagManagedDbConfigScaled' - basic: - description: Sets the RagManagedDb to the Basic tier. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagManagedDbConfigBasic' - unprovisioned: - description: Sets the RagManagedDb to the Unprovisioned tier. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RagManagedDbConfigUnprovisioned - GoogleCloudAiplatformV1RagManagedDbConfigScaled: - id: GoogleCloudAiplatformV1RagManagedDbConfigScaled - description: >- - Scaled tier offers production grade performance along with autoscaling - functionality. It is suitable for customers with large amounts of data - or performance sensitive workloads. + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: The common part of the operation metadata. + CloudAiLargeModelsVisionVideo: + description: Video + id: CloudAiLargeModelsVisionVideo + type: object + properties: + encoding: + description: Video encoding, for example "video/mp4". + type: string + encodedVideo: + type: string + description: Base 64 encoded video bytes. + text: + type: string + description: Text/Expanded text input for Help Me Write. + uri: + type: string + description: Path to another storage (typically Google Cloud Storage). + video: + format: byte + description: Raw bytes. + type: string + GoogleCloudAiplatformV1ExplanationMetadataInputMetadataVisualization: + description: Visualization configurations for image explanation. + id: GoogleCloudAiplatformV1ExplanationMetadataInputMetadataVisualization + type: object + properties: + polarity: + type: string + description: >- + Whether to only highlight pixels with positive contributions, + negative or both. Defaults to POSITIVE. + enumDescriptions: + - Default value. This is the same as POSITIVE. + - >- + Highlights the pixels/outlines that were most influential to the + model's prediction. + - >- + Setting polarity to negative highlights areas that does not lead + to the models's current prediction. + - Shows both positive and negative attributions. + enum: + - POLARITY_UNSPECIFIED + - POSITIVE + - NEGATIVE + - BOTH + colorMap: + enum: + - COLOR_MAP_UNSPECIFIED + - PINK_GREEN + - VIRIDIS + - RED + - GREEN + - RED_GREEN + - PINK_WHITE_GREEN + type: string + description: >- + The color scheme used for the highlighted areas. Defaults to + PINK_GREEN for Integrated Gradients attribution, which shows + positive attributions in green and negative in pink. Defaults to + VIRIDIS for XRAI attribution, which highlights the most influential + regions in yellow and the least influential in blue. + enumDescriptions: + - Should not be used. + - 'Positive: green. Negative: pink.' + - >- + Viridis color map: A perceptually uniform color mapping which is + easier to see by those with colorblindness and progresses from + yellow to green to blue. Positive: yellow. Negative: blue. + - 'Positive: red. Negative: red.' + - 'Positive: green. Negative: green.' + - 'Positive: green. Negative: red.' + - PiYG palette. + clipPercentUpperbound: + description: >- + Excludes attributions above the specified percentile from the + highlighted areas. Using the clip_percent_upperbound and + clip_percent_lowerbound together can be useful for filtering out + noise and making it easier to see areas of strong attribution. + Defaults to 99.9. + type: number + format: float + clipPercentLowerbound: + description: >- + Excludes attributions below the specified percentile, from the + highlighted areas. Defaults to 62. + format: float + type: number + overlayType: + enum: + - OVERLAY_TYPE_UNSPECIFIED + - NONE + - ORIGINAL + - GRAYSCALE + - MASK_BLACK + enumDescriptions: + - Default value. This is the same as NONE. + - No overlay. + - The attributions are shown on top of the original image. + - >- + The attributions are shown on top of grayscaled version of the + original image. + - >- + The attributions are used as a mask to reveal predictive parts of + the image and hide the un-predictive parts. + description: >- + How the original image is displayed in the visualization. Adjusting + the overlay can help increase visual clarity if the original image + makes it difficult to view the visualization. Defaults to NONE. + type: string + type: + enum: + - TYPE_UNSPECIFIED + - PIXELS + - OUTLINES + description: >- + Type of the image visualization. Only applicable to Integrated + Gradients attribution. OUTLINES shows regions of attribution, while + PIXELS shows per-pixel attribution. Defaults to OUTLINES. + enumDescriptions: + - Should not be used. + - Shows which pixel contributed to the image prediction. + - >- + Shows which region contributed to the image prediction by + outlining the region. + type: string + GoogleCloudAiplatformV1BlurBaselineConfig: + id: GoogleCloudAiplatformV1BlurBaselineConfig type: object - properties: {} - GoogleCloudAiplatformV1RagManagedDbConfigBasic: - id: GoogleCloudAiplatformV1RagManagedDbConfigBasic description: >- - Basic tier is a cost-effective and low compute tier suitable for the - following cases: * Experimenting with RagManagedDb. * Small data size. * - Latency insensitive workload. * Only using RAG Engine with external - vector DBs. NOTE: This is the default tier if not explicitly chosen. + Config for blur baseline. When enabled, a linear path from the maximally + blurred image to the input image is created. Using a blurred baseline + instead of zero (black image) is motivated by the BlurIG approach + explained here: https://arxiv.org/abs/2004.03383 + properties: + maxBlurSigma: + description: >- + The standard deviation of the blur kernel for the blurred baseline. + The same blurring parameter is used for both the height and the + width dimension. If not set, the method defaults to the zero (i.e. + black for images) baseline. + format: float + type: number + GoogleCloudAiplatformV1MutateDeployedIndexOperationMetadata: type: object - properties: {} - GoogleCloudAiplatformV1RagManagedDbConfigUnprovisioned: - id: GoogleCloudAiplatformV1RagManagedDbConfigUnprovisioned description: >- - Disables the RAG Engine service and deletes all your data held within - this service. This will halt the billing of the service. NOTE: Once - deleted the data cannot be recovered. To start using RAG Engine again, - you will need to update the tier by calling the UpdateRagEngineConfig - API. + Runtime operation information for + IndexEndpointService.MutateDeployedIndex. + id: GoogleCloudAiplatformV1MutateDeployedIndexOperationMetadata + properties: + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: The operation generic information. + deployedIndexId: + description: The unique index id specified by user + type: string + GoogleCloudAiplatformV1ImportDataConfig: + description: >- + Describes the location from where we import data into a Dataset, + together with the labels that will be applied to the DataItems and the + Annotations. type: object + properties: + gcsSource: + description: The Google Cloud Storage location for the input content. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' + importSchemaUri: + description: >- + Required. Points to a YAML file stored on Google Cloud Storage + describing the import format. Validation will be done against the + schema. The schema is defined as an [OpenAPI 3.0.2 Schema + Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). + type: string + dataItemLabels: + type: object + additionalProperties: + type: string + description: >- + Labels that will be applied to newly imported DataItems. If an + identical DataItem as one being imported already exists in the + Dataset, then these labels will be appended to these of the already + existing one, and if labels with identical key is imported before, + the old label value will be overwritten. If two DataItems are + identical in the same import data operation, the labels will be + combined and if key collision happens in this case, one of the + values will be picked randomly. Two DataItems are considered + identical if their content bytes are identical (e.g. image bytes or + pdf bytes). These labels will be overridden by Annotation labels + specified inside index file referenced by import_schema_uri, e.g. + jsonl file. + annotationLabels: + type: object + description: >- + Labels that will be applied to newly imported Annotations. If two + Annotations are identical, one of them will be deduped. Two + Annotations are considered identical if their payload, + payload_schema_uri and all of their labels are the same. These + labels will be overridden by Annotation labels specified inside + index file referenced by import_schema_uri, e.g. jsonl file. + additionalProperties: + type: string + id: GoogleCloudAiplatformV1ImportDataConfig + GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDbKNN: properties: {} - GoogleCloudAiplatformV1RetrieveContextsRequest: - id: GoogleCloudAiplatformV1RetrieveContextsRequest - description: Request message for VertexRagService.RetrieveContexts. type: object + description: Config for KNN search. + id: GoogleCloudAiplatformV1RagVectorDbConfigRagManagedDbKNN + GoogleCloudAiplatformV1SchemaPredictPredictionImageSegmentationPredictionResult: + id: >- + GoogleCloudAiplatformV1SchemaPredictPredictionImageSegmentationPredictionResult + type: object + description: Prediction output format for Image Segmentation. properties: - vertexRagStore: - description: The data source for Vertex RagStore. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RetrieveContextsRequestVertexRagStore - query: - description: Required. Single RAG retrieve query. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagQuery' - GoogleCloudAiplatformV1RetrieveContextsRequestVertexRagStore: - id: GoogleCloudAiplatformV1RetrieveContextsRequestVertexRagStore - description: The data source for Vertex RagStore. + categoryMask: + type: string + description: >- + A PNG image where each pixel in the mask represents the category in + which the pixel in the original image was predicted to belong to. + The size of this image will be the same as the original image. The + mapping between the AnntoationSpec and the color can be found in + model's metadata. The model will choose the most likely category and + if none of the categories reach the confidence threshold, the pixel + will be marked as background. + confidenceMask: + description: >- + A one channel image which is encoded as an 8bit lossless PNG. The + size of the image will be the same as the original image. For a + specific pixel, darker color means less confidence in correctness of + the cateogry in the categoryMask for the corresponding pixel. Black + means no confidence and white means complete confidence. + type: string + GoogleCloudAiplatformV1TrialParameter: type: object + description: A message representing a parameter to be tuned. + id: GoogleCloudAiplatformV1TrialParameter properties: - ragResources: + parameterId: + readOnly: true + type: string description: >- - Optional. The representation of the rag source. It can be used to - specify corpus only or ragfiles. Currently only support one corpus - or multiple files from one corpus. In the future we may open up - multiple corpora support. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RetrieveContextsRequestVertexRagStoreRagResource - vectorDistanceThreshold: + Output only. The ID of the parameter. The parameter should be + defined in StudySpec's Parameters. + value: + readOnly: true description: >- - Optional. Only return contexts with vector distance smaller than the - threshold. - deprecated: true - type: number - format: double - GoogleCloudAiplatformV1RetrieveContextsRequestVertexRagStoreRagResource: - id: GoogleCloudAiplatformV1RetrieveContextsRequestVertexRagStoreRagResource - description: The definition of the Rag resource. + Output only. The value of the parameter. `number_value` will be set + if a parameter defined in StudySpec is in type 'INTEGER', 'DOUBLE' + or 'DISCRETE'. `string_value` will be set if a parameter defined in + StudySpec is in type 'CATEGORICAL'. + type: any + GoogleCloudAiplatformV1UpsertDatapointsRequest: type: object + description: Request message for IndexService.UpsertDatapoints + id: GoogleCloudAiplatformV1UpsertDatapointsRequest properties: - ragCorpus: + updateMask: + format: google-fieldmask description: >- - Optional. RagCorpora resource name. Format: - `projects/{project}/locations/{location}/ragCorpora/{rag_corpus}` + Optional. Update mask is used to specify the fields to be + overwritten in the datapoints by the update. The fields specified in + the update_mask are relative to each IndexDatapoint inside + datapoints, not the full request. Updatable fields: * Use + `all_restricts` to update both restricts and numeric_restricts. type: string - ragFileIds: - description: >- - Optional. rag_file_id. The files should be in the same rag_corpus - set in rag_corpus field. + datapoints: + description: A list of datapoints to be created/updated. type: array items: - type: string - GoogleCloudAiplatformV1RagQuery: - id: GoogleCloudAiplatformV1RagQuery - description: A query to retrieve relevant contexts. - type: object + $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexDatapoint' + GoogleCloudAiplatformV1CreateDeploymentResourcePoolRequest: + id: GoogleCloudAiplatformV1CreateDeploymentResourcePoolRequest properties: - text: - description: Optional. The query in text format to get relevant contexts. + deploymentResourcePool: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeploymentResourcePool' + description: Required. The DeploymentResourcePool to create. + deploymentResourcePoolId: type: string - ragRetrievalConfig: - description: Optional. The retrieval config for the query. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagRetrievalConfig' - GoogleCloudAiplatformV1RetrieveContextsResponse: - id: GoogleCloudAiplatformV1RetrieveContextsResponse - description: Response message for VertexRagService.RetrieveContexts. + description: >- + Required. The ID to use for the DeploymentResourcePool, which will + become the final component of the DeploymentResourcePool's resource + name. The maximum length is 63 characters, and valid characters are + `/^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$/`. + description: Request message for CreateDeploymentResourcePool method. + type: object + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformation: type: object properties: - contexts: - description: The contexts of the query. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagContexts' - GoogleCloudAiplatformV1RagContexts: - id: GoogleCloudAiplatformV1RagContexts - description: Relevant contexts for one query. + timestamp: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTimestampTransformation + text: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTextTransformation + repeatedText: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTextArrayTransformation + categorical: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationCategoricalTransformation + auto: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationAutoTransformation + numeric: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationNumericTransformation + repeatedNumeric: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationNumericArrayTransformation + repeatedCategorical: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationCategoricalArrayTransformation + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformation + GoogleCloudAiplatformV1EvaluationInstanceAgentDataEvents: + id: GoogleCloudAiplatformV1EvaluationInstanceAgentDataEvents type: object + description: Represents a list of events for an agent. properties: - contexts: - description: All its contexts. + event: + description: Optional. A list of events. type: array items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagContextsContext' - GoogleCloudAiplatformV1RagContextsContext: - id: GoogleCloudAiplatformV1RagContextsContext - description: A context of the query. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + GoogleCloudAiplatformV1TensorboardRun: + description: >- + TensorboardRun maps to a specific execution of a training job with a + given set of hyperparameter values, model definition, dataset, etc + id: GoogleCloudAiplatformV1TensorboardRun type: object properties: - sourceUri: + description: + description: Description of this TensorboardRun. + type: string + labels: + additionalProperties: + type: string + type: object description: >- - If the file is imported from Cloud Storage or Google Drive, - source_uri will be original file URI in Cloud Storage or Google - Drive; if file is uploaded, source_uri will be file display name. + The labels with user-defined metadata to organize your + TensorboardRuns. This field will be used to filter and visualize + Runs in the Tensorboard UI. For example, a Vertex AI training job + can set a label aiplatform.googleapis.com/training_job_id=xxxxx to + all the runs created within that job. An end user can set a label + experiment_id=xxxxx for all the runs produced in a Jupyter notebook. + These runs can be grouped by a label value and visualized together + in the Tensorboard UI. Label keys and values can be no longer than + 64 characters (Unicode codepoints), can only contain lowercase + letters, numeric characters, underscores and dashes. International + characters are allowed. No more than 64 user labels can be + associated with one TensorboardRun (System labels are excluded). See + https://goo.gl/xmQnxf for more information and examples of labels. + System reserved label keys are prefixed with + "aiplatform.googleapis.com/" and are immutable. + etag: + description: >- + Used to perform a consistent read-modify-write updates. If not set, + a blind "overwrite" update happens. type: string - sourceDisplayName: - description: The file display name. + name: + description: >- + Output only. Name of the TensorboardRun. Format: + `projects/{project}/locations/{location}/tensorboards/{tensorboard}/experiments/{experiment}/runs/{run}` type: string - text: - description: The text chunk. + readOnly: true + createTime: + format: google-datetime + description: Output only. Timestamp when this TensorboardRun was created. + readOnly: true + type: string + displayName: type: string - score: description: >- - According to the underlying Vector DB and the selected metric type, - the score can be either the distance or the similarity between the - query and the context and its range depends on the metric type. For - example, if the metric type is COSINE_DISTANCE, it represents the - distance between the query and the context. The larger the distance, - the less relevant the context is to the query. The range is [0, 2], - while 0 means the most relevant and 2 means the least relevant. - type: number - format: double - chunk: - description: Context of the retrieved chunk. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagChunk' - GoogleCloudAiplatformV1AugmentPromptRequest: - id: GoogleCloudAiplatformV1AugmentPromptRequest - description: Request message for AugmentPrompt. + Required. User provided name of this TensorboardRun. This value must + be unique among all TensorboardRuns belonging to the same parent + TensorboardExperiment. + updateTime: + format: google-datetime + description: Output only. Timestamp when this TensorboardRun was last updated. + type: string + readOnly: true + GoogleCloudAiplatformV1UndeployIndexOperationMetadata: type: object properties: - vertexRagStore: - description: Optional. Retrieves contexts from the Vertex RagStore. - $ref: '#/components/schemas/GoogleCloudAiplatformV1VertexRagStore' - contents: - description: >- - Optional. Input content to augment, only text format is supported - for now. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - model: - description: Optional. Metadata of the backend deployed model. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1AugmentPromptRequestModel - GoogleCloudAiplatformV1AugmentPromptRequestModel: - id: GoogleCloudAiplatformV1AugmentPromptRequestModel - description: Metadata of the backend deployed model. + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: The operation generic information. + id: GoogleCloudAiplatformV1UndeployIndexOperationMetadata + description: Runtime operation information for IndexEndpointService.UndeployIndex. + GoogleCloudAiplatformV1GcsDestination: + id: GoogleCloudAiplatformV1GcsDestination type: object properties: - model: + outputUriPrefix: description: >- - Optional. The model that the user will send the augmented prompt for - content generation. - type: string - modelVersion: - description: Optional. The model version of the backend deployed model. + Required. Google Cloud Storage URI to output directory. If the uri + doesn't end with '/', a '/' will be automatically appended. The + directory is created if it doesn't exist. type: string - GoogleCloudAiplatformV1AugmentPromptResponse: - id: GoogleCloudAiplatformV1AugmentPromptResponse - description: Response message for AugmentPrompt. + description: The Google Cloud Storage location where the output is to be written to. + GoogleCloudAiplatformV1GenerateContentResponsePromptFeedback: + description: >- + Content filter results for a prompt sent in the request. Note: This is + sent only in the first stream chunk and only if no candidates were + generated due to content violations. type: object properties: - augmentedPrompt: - description: Augmented prompt, only text format is supported for now. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - facts: - description: Retrieved facts from RAG data sources. + safetyRatings: type: array + description: >- + Output only. A list of safety ratings for the prompt. There is one + rating per category. + readOnly: true items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Fact' - GoogleCloudAiplatformV1Fact: - id: GoogleCloudAiplatformV1Fact - description: The fact used in grounding. - type: object - properties: - query: - description: Query that is used to retrieve this fact. - type: string - title: - description: If present, it refers to the title of this fact. - type: string - uri: - description: If present, this uri links to the source of the fact. - type: string - summary: - description: If present, the summary/snippet of the fact. + $ref: '#/components/schemas/GoogleCloudAiplatformV1SafetyRating' + blockReasonMessage: type: string - vectorDistance: description: >- - If present, the distance between the query vector and this fact - vector. - deprecated: true - type: number - format: double - score: - description: >- - If present, according to the underlying Vector DB and the selected - metric type, the score can be either the distance or the similarity - between the query and the fact and its range depends on the metric - type. For example, if the metric type is COSINE_DISTANCE, it - represents the distance between the query and the fact. The larger - the distance, the less relevant the fact is to the query. The range - is [0, 2], while 0 means the most relevant and 2 means the least - relevant. - type: number - format: double - chunk: - description: If present, chunk properties. - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagChunk' - GoogleCloudAiplatformV1CorroborateContentRequest: - id: GoogleCloudAiplatformV1CorroborateContentRequest - description: Request message for CorroborateContent. + Output only. A readable message that explains the reason why the + prompt was blocked. + readOnly: true + blockReason: + type: string + description: Output only. The reason why the prompt was blocked. + enumDescriptions: + - The blocked reason is unspecified. + - The prompt was blocked for safety reasons. + - >- + The prompt was blocked for other reasons. For example, it may be + due to the prompt's language, or because it contains other harmful + content. + - >- + The prompt was blocked because it contains a term from the + terminology blocklist. + - The prompt was blocked because it contains prohibited content. + - The prompt was blocked by Model Armor. + - >- + The prompt was blocked because it contains content that is unsafe + for image generation. + - The prompt was blocked as a jailbreak attempt. + enum: + - BLOCKED_REASON_UNSPECIFIED + - SAFETY + - OTHER + - BLOCKLIST + - PROHIBITED_CONTENT + - MODEL_ARMOR + - IMAGE_SAFETY + - JAILBREAK + readOnly: true + id: GoogleCloudAiplatformV1GenerateContentResponsePromptFeedback + GoogleCloudAiplatformV1CopyModelOperationMetadata: + description: Details of ModelService.CopyModel operation. type: object properties: - content: - description: >- - Optional. Input content to corroborate, only text format is - supported for now. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - facts: + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: The common part of the operation metadata. + id: GoogleCloudAiplatformV1CopyModelOperationMetadata + GoogleCloudAiplatformV1StudySpecParameterSpec: + properties: + categoricalValueSpec: + description: The value spec for a 'CATEGORICAL' parameter. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpecCategoricalValueSpec + conditionalParameterSpecs: description: >- - Optional. Facts used to generate the text can also be used to - corroborate the text. - type: array + A conditional parameter node is active if the parameter's value + matches the conditional node's parent_value_condition. If two items + in conditional_parameter_specs have the same name, they must have + disjoint parent_value_condition. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Fact' - parameters: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpec + type: array + doubleValueSpec: + description: The value spec for a 'DOUBLE' parameter. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpecDoubleValueSpec + scaleType: + enumDescriptions: + - By default, no scaling is applied. + - Scales the feasible space to (0, 1) linearly. + - >- + Scales the feasible space logarithmically to (0, 1). The entire + feasible space must be strictly positive. + - >- + Scales the feasible space "reverse" logarithmically to (0, 1). The + result is that values close to the top of the feasible space are + spread out more than points near the bottom. The entire feasible + space must be strictly positive. + type: string + enum: + - SCALE_TYPE_UNSPECIFIED + - UNIT_LINEAR_SCALE + - UNIT_LOG_SCALE + - UNIT_REVERSE_LOG_SCALE description: >- - Optional. Parameters that can be set to override default settings - per request. + How the parameter should be scaled. Leave unset for `CATEGORICAL` + parameters. + discreteValueSpec: + description: The value spec for a 'DISCRETE' parameter. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CorroborateContentRequestParameters - GoogleCloudAiplatformV1CorroborateContentRequestParameters: - id: GoogleCloudAiplatformV1CorroborateContentRequestParameters - description: Parameters that can be overrided per request. + #/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpecDiscreteValueSpec + parameterId: + description: >- + Required. The ID of the parameter. Must not contain whitespaces and + must be unique amongst all ParameterSpecs. + type: string + integerValueSpec: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpecIntegerValueSpec + description: The value spec for an 'INTEGER' parameter. + type: object + id: GoogleCloudAiplatformV1StudySpecParameterSpec + description: Represents a single parameter to optimize. + GoogleCloudAiplatformV1FileData: + id: GoogleCloudAiplatformV1FileData type: object properties: - citationThreshold: + mimeType: + type: string + description: Required. The IANA standard MIME type of the source data. + fileUri: + description: Required. The URI of the file in Google Cloud Storage. + type: string + displayName: + type: string description: >- - Optional. Only return claims with citation score larger than the - threshold. - type: number - format: double - GoogleCloudAiplatformV1CorroborateContentResponse: - id: GoogleCloudAiplatformV1CorroborateContentResponse - description: Response message for CorroborateContent. + Optional. The display name of the file. Used to provide a label or + filename to distinguish files. This field is only returned in + `PromptMessage` for prompt management. It is used in the Gemini + calls only when server side tools (`code_execution`, + `google_search`, and `url_context`) are enabled. + description: >- + URI-based data. A FileData message contains a URI pointing to data of a + specific media type. It is used to represent images, audio, and video + stored in Google Cloud Storage. + GoogleCloudAiplatformV1ReadFeatureValuesRequest: type: object properties: - corroborationScore: - description: >- - Confidence score of corroborating content. Value is [0,1] with 1 is - the most confidence. - type: number - format: float - claims: + entityId: + type: string description: >- - Claims that are extracted from the input content and facts that - support the claims. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Claim' - GoogleCloudAiplatformV1Claim: - id: GoogleCloudAiplatformV1Claim - description: Claim that is extracted from the input text and facts that support it. - type: object + Required. ID for a specific entity. For example, for a machine + learning model predicting user clicks on a website, an entity ID + could be `user_123`. + featureSelector: + description: Required. Selector choosing Features of the target EntityType. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureSelector' + id: GoogleCloudAiplatformV1ReadFeatureValuesRequest + description: Request message for FeaturestoreOnlineServingService.ReadFeatureValues. + GoogleCloudAiplatformV1ToolParameterKVMatchInput: + id: GoogleCloudAiplatformV1ToolParameterKVMatchInput properties: - startIndex: - description: Index in the input text where the claim starts (inclusive). - type: integer - format: int32 - endIndex: - description: Index in the input text where the claim ends (exclusive). - type: integer - format: int32 - factIndexes: - description: Indexes of the facts supporting this claim. + instances: + description: Required. Repeated tool parameter key value match instances. type: array items: - type: integer - format: int32 - score: - description: Confidence score of this corroboration. - type: number - format: float - GoogleCloudAiplatformV1AssignNotebookRuntimeOperationMetadata: - id: GoogleCloudAiplatformV1AssignNotebookRuntimeOperationMetadata - description: Metadata information for NotebookService.AssignNotebookRuntime. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ToolParameterKVMatchInstance + metricSpec: + description: Required. Spec for tool parameter key value match metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolParameterKVMatchSpec' + type: object + description: Input for tool parameter key value match metric. + GoogleCloudAiplatformV1SearchMigratableResourcesResponse: type: object + id: GoogleCloudAiplatformV1SearchMigratableResourcesResponse + description: Response message for MigrationService.SearchMigratableResources. properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - progressMessage: + migratableResources: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1MigratableResource' + type: array description: >- - A human-readable message that shows the intermediate progress - details of NotebookRuntime. + All migratable resources that can be migrated to the location + specified in the request. + nextPageToken: + description: >- + The standard next-page token. The migratable_resources may not fill + page_size in SearchMigratableResourcesRequest even when there are + subsequent pages. type: string - GoogleCloudAiplatformV1GenericOperationMetadata: - id: GoogleCloudAiplatformV1GenericOperationMetadata - description: Generic Metadata shared by all operations. - type: object + GoogleCloudAiplatformV1ExplanationParameters: properties: - partialFailures: + outputIndices: description: >- - Output only. Partial failures encountered. E.g. single files that - couldn't be read. This field should never exceed 20 entries. Status - details field will contain standard Google Cloud error details. - readOnly: true + If populated, only returns attributions that have output_index + contained in output_indices. It must be an ndarray of integers, with + the same shape of the output it's explaining. If not populated, + returns attributions for top_k indices of outputs. If neither top_k + nor output_indices is populated, returns the argmax index of the + outputs. Only applicable to Models that predict multiple outputs + (e,g, multi-class Models that predict multiple classes). type: array items: - $ref: '#/components/schemas/GoogleRpcStatus' - createTime: - description: Output only. Time when the operation was created. - readOnly: true - type: string - format: google-datetime - updateTime: + type: any + topK: description: >- - Output only. Time when the operation was updated for the last time. - If the operation has finished (successfully or not), this is the - finish time. - readOnly: true - type: string - format: google-datetime - GoogleCloudAiplatformV1BatchMigrateResourcesOperationMetadata: - id: GoogleCloudAiplatformV1BatchMigrateResourcesOperationMetadata - description: >- - Runtime operation information for - MigrationService.BatchMigrateResources. + If populated, returns attributions for top K indices of outputs + (defaults to 1). Only applies to Models that predicts more than one + outputs (e,g, multi-class Models). When set to -1, returns + explanations for all outputs. + type: integer + format: int32 + xraiAttribution: + $ref: '#/components/schemas/GoogleCloudAiplatformV1XraiAttribution' + description: >- + An attribution method that redistributes Integrated Gradients + attribution to segmented regions, taking advantage of the model's + fully differentiable structure. Refer to this paper for more + details: https://arxiv.org/abs/1906.02825 XRAI currently performs + better on natural images, like a picture of a house or an animal. If + the images are taken in artificial environments, like a lab or + manufacturing line, or from diagnostic equipment, like x-rays or + quality-control cameras, use Integrated Gradients instead. + sampledShapleyAttribution: + description: >- + An attribution method that approximates Shapley values for features + that contribute to the label being predicted. A sampling strategy is + used to approximate the value rather than considering all subsets of + features. Refer to this paper for model details: + https://arxiv.org/abs/1306.4265. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SampledShapleyAttribution + examples: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Examples' + description: >- + Example-based explanations that returns the nearest neighbors from + the provided dataset. + integratedGradientsAttribution: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1IntegratedGradientsAttribution + description: >- + An attribution method that computes Aumann-Shapley values taking + advantage of the model's fully differentiable structure. Refer to + this paper for more details: https://arxiv.org/abs/1703.01365 + id: GoogleCloudAiplatformV1ExplanationParameters + type: object + description: Parameters to configure explaining for Model's predictions. + GoogleCloudAiplatformV1CreateFeatureGroupOperationMetadata: + description: Details of operations that perform create FeatureGroup. type: object + id: GoogleCloudAiplatformV1CreateFeatureGroupOperationMetadata properties: genericMetadata: - description: The common part of the operation metadata. $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - partialResults: - description: >- - Partial results that reflect the latest migration operation - progress. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchMigrateResourcesOperationMetadataPartialResult - GoogleCloudAiplatformV1BatchMigrateResourcesOperationMetadataPartialResult: - id: >- - GoogleCloudAiplatformV1BatchMigrateResourcesOperationMetadataPartialResult - description: >- - Represents a partial result in batch migration operation for one - MigrateResourceRequest. + description: Operation metadata for FeatureGroup. + GoogleCloudAiplatformV1SchemaTablesDatasetMetadataInputConfig: type: object + id: GoogleCloudAiplatformV1SchemaTablesDatasetMetadataInputConfig + description: >- + The tables Dataset's data source. The Dataset doesn't store the data + directly, but only pointer(s) to its data. properties: - error: - description: The error result of the migration request in case of failure. - $ref: '#/components/schemas/GoogleRpcStatus' - model: - description: Migrated model resource name. - type: string - dataset: - description: Migrated dataset resource name. + gcsSource: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTablesDatasetMetadataGcsSource + bigquerySource: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTablesDatasetMetadataBigQuerySource + GoogleCloudAiplatformV1UndeployModelRequest: + id: GoogleCloudAiplatformV1UndeployModelRequest + description: Request message for EndpointService.UndeployModel. + properties: + trafficSplit: + additionalProperties: + type: integer + format: int32 + type: object + description: >- + If this field is provided, then the Endpoint's traffic_split will be + overwritten with it. If last DeployedModel is being undeployed from + the Endpoint, the [Endpoint.traffic_split] will always end up empty + when this call returns. A DeployedModel will be successfully + undeployed only if it doesn't have any traffic assigned to it when + this method executes, or if this field unassigns any traffic to it. + deployedModelId: + description: >- + Required. The ID of the DeployedModel to be undeployed from the + Endpoint. type: string - request: + type: object + GoogleCloudAiplatformV1PredictRequestResponseLoggingConfig: + properties: + samplingRate: + format: double description: >- - It's the same as the value in - BatchMigrateResourcesRequest.migrate_resource_requests. - $ref: '#/components/schemas/GoogleCloudAiplatformV1MigrateResourceRequest' - GoogleCloudAiplatformV1BatchMigrateResourcesResponse: - id: GoogleCloudAiplatformV1BatchMigrateResourcesResponse - description: Response message for MigrationService.BatchMigrateResources. + Percentage of requests to be logged, expressed as a fraction in + range(0,1]. + type: number + enabled: + description: If logging is enabled or not. + type: boolean + bigqueryDestination: + description: >- + BigQuery table for logging. If only given a project, a new dataset + will be created with name `logging__` where will be made + BigQuery-dataset-name compatible (e.g. most special characters will + become underscores). If no table name is given, a new table will be + created with name `request_response_logging` + $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQueryDestination' + type: object + id: GoogleCloudAiplatformV1PredictRequestResponseLoggingConfig + description: Configuration for logging request-response to a BigQuery table. + GoogleCloudAiplatformV1ModelMonitoringAlertConfig: + id: GoogleCloudAiplatformV1ModelMonitoringAlertConfig + description: The alert config for model monitoring. type: object properties: - migrateResourceResponses: - description: Successfully migrated resources. + emailAlertConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringAlertConfigEmailAlertConfig + description: Email alert config. + notificationChannels: type: array items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1MigrateResourceResponse - GoogleCloudAiplatformV1MigrateResourceResponse: - id: GoogleCloudAiplatformV1MigrateResourceResponse - description: Describes a successfully migrated resource. - type: object - properties: - dataset: - description: Migrated Dataset's resource name. - type: string - model: - description: Migrated Model's resource name. - type: string - migratableResource: + type: string description: >- - Before migration, the identifier in ml.googleapis.com, - automl.googleapis.com or datalabeling.googleapis.com. - $ref: '#/components/schemas/GoogleCloudAiplatformV1MigratableResource' - GoogleCloudAiplatformV1BatchReadFeatureValuesOperationMetadata: - id: GoogleCloudAiplatformV1BatchReadFeatureValuesOperationMetadata - description: Details of operations that batch reads Feature values. - type: object + Resource names of the NotificationChannels to send alert. Must be of + the format `projects//notificationChannels/` + enableLogging: + description: >- + Dump the anomalies to Cloud Logging. The anomalies will be put to + json payload encoded from proto ModelMonitoringStatsAnomalies. This + can be further synced to Pub/Sub or any other services supported by + Cloud Logging. + type: boolean + GoogleCloudAiplatformV1FunctionResponsePart: + description: >- + A datatype containing media that is part of a `FunctionResponse` + message. A `FunctionResponsePart` consists of data which has an + associated datatype. A `FunctionResponsePart` can only contain one of + the accepted types in `FunctionResponsePart.data`. A + `FunctionResponsePart` must have a fixed IANA MIME type identifying the + type and subtype of the media if the `inline_data` field is filled with + raw bytes. + id: GoogleCloudAiplatformV1FunctionResponsePart properties: - genericMetadata: - description: Operation metadata for Featurestore batch read Features values. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1BatchReadFeatureValuesResponse: - id: GoogleCloudAiplatformV1BatchReadFeatureValuesResponse - description: Response message for FeaturestoreService.BatchReadFeatureValues. + inlineData: + description: Inline media bytes. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FunctionResponseBlob' + fileData: + description: URI based data. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FunctionResponseFileData' type: object - properties: {} - GoogleCloudAiplatformV1CheckTrialEarlyStoppingStateMetatdata: - id: GoogleCloudAiplatformV1CheckTrialEarlyStoppingStateMetatdata - description: >- - This message will be placed in the metadata field of a - google.longrunning.Operation associated with a - CheckTrialEarlyStoppingState request. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingMetadata: + id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingMetadata type: object + description: Model metadata specific to TFT Forecasting. properties: - genericMetadata: - description: Operation metadata for suggesting Trials. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - study: - description: The name of the Study that the Trial belongs to. + trainCostMilliNodeHours: + description: >- + Output only. The actual training cost of the model, expressed in + milli node hours, i.e. 1,000 value in this field means 1 node hour. + Guaranteed to not exceed the train budget. + format: int64 type: string - trial: - description: The Trial name. + evaluatedDataItemsBigqueryUri: + description: BigQuery destination uri for exported evaluated examples. type: string - GoogleCloudAiplatformV1CheckTrialEarlyStoppingStateResponse: - id: GoogleCloudAiplatformV1CheckTrialEarlyStoppingStateResponse - description: Response message for VizierService.CheckTrialEarlyStoppingState. - type: object - properties: - shouldStop: - description: True if the Trial should stop. - type: boolean - GoogleCloudAiplatformV1CreateDeploymentResourcePoolOperationMetadata: - id: GoogleCloudAiplatformV1CreateDeploymentResourcePoolOperationMetadata - description: Runtime operation information for CreateDeploymentResourcePool method. - type: object + GoogleCloudAiplatformV1CreateNotebookRuntimeTemplateOperationMetadata: properties: genericMetadata: description: The operation generic information. $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1CreateFeatureOperationMetadata: - id: GoogleCloudAiplatformV1CreateFeatureOperationMetadata - description: Details of operations that perform create Feature. - type: object - properties: - genericMetadata: - description: Operation metadata for Feature. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1CreateFeaturestoreOperationMetadata: - id: GoogleCloudAiplatformV1CreateFeaturestoreOperationMetadata - description: Details of operations that perform create Featurestore. - type: object - properties: - genericMetadata: - description: Operation metadata for Featurestore. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1CreateFeatureGroupOperationMetadata: - id: GoogleCloudAiplatformV1CreateFeatureGroupOperationMetadata - description: Details of operations that perform create FeatureGroup. + id: GoogleCloudAiplatformV1CreateNotebookRuntimeTemplateOperationMetadata + description: Metadata information for NotebookService.CreateNotebookRuntimeTemplate. type: object + GoogleCloudAiplatformV1FeatureStatsAnomaly: properties: - genericMetadata: - description: Operation metadata for FeatureGroup. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1CreateRegistryFeatureOperationMetadata: - id: GoogleCloudAiplatformV1CreateRegistryFeatureOperationMetadata - description: Details of operations that perform create FeatureGroup. - type: object - properties: - genericMetadata: - description: Operation metadata for Feature. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1CreateFeatureOnlineStoreOperationMetadata: - id: GoogleCloudAiplatformV1CreateFeatureOnlineStoreOperationMetadata - description: Details of operations that perform create FeatureOnlineStore. + startTime: + type: string + description: >- + The start timestamp of window where stats were generated. For + objectives where time window doesn't make sense (e.g. Featurestore + Snapshot Monitoring), start_time is only used to indicate the + monitoring intervals, so it always equals to (end_time - + monitoring_interval). + format: google-datetime + anomalyDetectionThreshold: + type: number + format: double + description: >- + This is the threshold used when detecting anomalies. The threshold + can be changed by user, so this one might be different from + ThresholdConfig.value. + endTime: + description: >- + The end timestamp of window where stats were generated. For + objectives where time window doesn't make sense (e.g. Featurestore + Snapshot Monitoring), end_time indicates the timestamp of the data + used to generate stats (e.g. timestamp we take snapshots for feature + values). + format: google-datetime + type: string + score: + description: >- + Feature importance score, only populated when cross-feature + monitoring is enabled. For now only used to represent feature + attribution score within range [0, 1] for + ModelDeploymentMonitoringObjectiveType.FEATURE_ATTRIBUTION_SKEW and + ModelDeploymentMonitoringObjectiveType.FEATURE_ATTRIBUTION_DRIFT. + format: double + type: number + statsUri: + type: string + description: >- + Path of the stats file for current feature values in Cloud Storage + bucket. Format: gs:////stats. Example: + gs://monitoring_bucket/feature_name/stats. Stats are stored as + binary format with Protobuf message + [tensorflow.metadata.v0.FeatureNameStatistics](https://github.com/tensorflow/metadata/blob/master/tensorflow_metadata/proto/v0/statistics.proto). + anomalyUri: + type: string + description: >- + Path of the anomaly file for current feature values in Cloud Storage + bucket. Format: gs:////anomalies. Example: + gs://monitoring_bucket/feature_name/anomalies. Stats are stored as + binary format with Protobuf message Anoamlies are stored as binary + format with Protobuf message [tensorflow.metadata.v0.AnomalyInfo] + (https://github.com/tensorflow/metadata/blob/master/tensorflow_metadata/proto/v0/anomalies.proto). + distributionDeviation: + type: number + description: >- + Deviation from the current stats to baseline stats. 1. For + categorical feature, the distribution distance is calculated by + L-inifinity norm. 2. For numerical feature, the distribution + distance is calculated by Jensen–Shannon divergence. + format: double + description: >- + Stats and Anomaly generated at specific timestamp for specific Feature. + The start_time and end_time are used to define the time range of the + dataset that current stats belongs to, e.g. prediction traffic is + bucketed into prediction datasets by time window. If the Dataset is not + defined by time window, start_time = end_time. Timestamp of the stats + and anomalies always refers to end_time. Raw stats and anomalies are + stored in stats_uri or anomaly_uri in the tensorflow defined protos. + Field data_stats contains almost identical information with the raw + stats in Vertex AI defined proto, for UI to display. type: object + id: GoogleCloudAiplatformV1FeatureStatsAnomaly + GoogleCloudAiplatformV1ListRagFilesResponse: + type: object + id: GoogleCloudAiplatformV1ListRagFilesResponse properties: - genericMetadata: - description: Operation metadata for FeatureOnlineStore. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1CreateFeatureViewOperationMetadata: - id: GoogleCloudAiplatformV1CreateFeatureViewOperationMetadata - description: Details of operations that perform create FeatureView. + nextPageToken: + type: string + description: >- + A token to retrieve the next page of results. Pass to + ListRagFilesRequest.page_token to obtain that page. + ragFiles: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagFile' + description: List of RagFiles in the requested page. + description: Response message for VertexRagDataService.ListRagFiles. + GoogleCloudAiplatformV1MemoryBankCustomizationConfigMemoryTopic: + properties: + managedMemoryTopic: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MemoryBankCustomizationConfigMemoryTopicManagedMemoryTopic + description: A managed memory topic defined by Memory Bank. + customMemoryTopic: + description: A custom memory topic defined by the developer. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MemoryBankCustomizationConfigMemoryTopicCustomMemoryTopic + description: >- + A topic of information that should be extracted from conversations and + stored as memories. + type: object + id: GoogleCloudAiplatformV1MemoryBankCustomizationConfigMemoryTopic + GoogleCloudAiplatformV1RougeInput: + id: GoogleCloudAiplatformV1RougeInput + description: Input for rouge metric. type: object properties: - genericMetadata: - description: Operation metadata for FeatureView Create. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1UpdateFeatureOnlineStoreOperationMetadata: - id: GoogleCloudAiplatformV1UpdateFeatureOnlineStoreOperationMetadata - description: Details of operations that perform update FeatureOnlineStore. + metricSpec: + description: Required. Spec for rouge score metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RougeSpec' + instances: + description: Required. Repeated rouge instances. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1RougeInstance' + type: array + GoogleCloudAiplatformV1ReadFeatureValuesResponse: type: object + id: GoogleCloudAiplatformV1ReadFeatureValuesResponse + description: Response message for FeaturestoreOnlineServingService.ReadFeatureValues. properties: - genericMetadata: - description: Operation metadata for FeatureOnlineStore. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1UpdateFeatureViewOperationMetadata: - id: GoogleCloudAiplatformV1UpdateFeatureViewOperationMetadata - description: Details of operations that perform update FeatureView. + entityView: + description: >- + Entity view with Feature values. This may be the entity in the + Featurestore if values for all Features were requested, or a + projection of the entity in the Featurestore if values for only some + Features were requested. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReadFeatureValuesResponseEntityView + header: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReadFeatureValuesResponseHeader + description: Response header. + GoogleCloudAiplatformV1PipelineJobDetail: type: object + description: The runtime detail of PipelineJob. properties: - genericMetadata: - description: Operation metadata for FeatureView Update. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1CreateEndpointOperationMetadata: - id: GoogleCloudAiplatformV1CreateEndpointOperationMetadata - description: Runtime operation information for EndpointService.CreateEndpoint. + pipelineContext: + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1Context' + description: Output only. The context of the pipeline. + taskDetails: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineTaskDetail' + description: Output only. The runtime details of the tasks under the pipeline. + type: array + readOnly: true + pipelineRunContext: + readOnly: true + description: Output only. The context of the current pipeline run. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Context' + id: GoogleCloudAiplatformV1PipelineJobDetail + GoogleCloudAiplatformV1PauseScheduleRequest: + description: Request message for ScheduleService.PauseSchedule. + id: GoogleCloudAiplatformV1PauseScheduleRequest + type: object + properties: {} + GoogleCloudAiplatformV1SchemaVideoDataItem: type: object + description: Payload of Video DataItem. properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - deploymentStage: + mimeType: description: >- - Output only. The deployment stage of the model. Only populated if - this CreateEndpoint request deploys a model at the same time. + Output only. The mime type of the content of the video. Only the + videos in below listed mime types are supported. Supported + mime_type: - video/mp4 - video/avi - video/quicktime readOnly: true type: string - enumDescriptions: - - Default value. This value is unused. - - The deployment is initializing and setting up the environment. - - The deployment is preparing the model assets. - - The deployment is creating the underlying serving cluster. - - The deployment is adding nodes to the serving cluster. - - >- - The deployment is getting the container image for the model - server. - - The deployment is starting the model server. - - The deployment is performing finalization steps. - - The deployment has terminated. + gcsUri: + type: string + description: >- + Required. Google Cloud Storage URI points to the original video in + user's bucket. The video is up to 50 GB in size and up to 3 hour in + duration. + id: GoogleCloudAiplatformV1SchemaVideoDataItem + GoogleCloudAiplatformV1FeatureMonitoringStatsAnomaly: + description: >- + A list of historical SnapshotAnalysis or ImportFeaturesAnalysis stats + requested by user, sorted by FeatureStatsAnomaly.start_time descending. + id: GoogleCloudAiplatformV1FeatureMonitoringStatsAnomaly + properties: + objective: + readOnly: true enum: - - DEPLOYMENT_STAGE_UNSPECIFIED - - STARTING_DEPLOYMENT - - PREPARING_MODEL - - CREATING_SERVING_CLUSTER - - ADDING_NODES_TO_CLUSTER - - GETTING_CONTAINER_IMAGE - - STARTING_MODEL_SERVER - - FINISHING_UP - - DEPLOYMENT_TERMINATED - GoogleCloudAiplatformV1CreateMetadataStoreOperationMetadata: - id: GoogleCloudAiplatformV1CreateMetadataStoreOperationMetadata - description: Details of operations that perform MetadataService.CreateMetadataStore. + - OBJECTIVE_UNSPECIFIED + - IMPORT_FEATURE_ANALYSIS + - SNAPSHOT_ANALYSIS + type: string + description: Output only. The objective for each stats. + enumDescriptions: + - If it's OBJECTIVE_UNSPECIFIED, monitoring_stats will be empty. + - Stats are generated by Import Feature Analysis. + - Stats are generated by Snapshot Analysis. + featureStatsAnomaly: + readOnly: true + description: >- + Output only. The stats and anomalies generated at specific + timestamp. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureStatsAnomaly' type: object + GoogleCloudAiplatformV1SchemaImageClassificationAnnotation: properties: - genericMetadata: - description: Operation metadata for creating a MetadataStore. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1CreateNotebookExecutionJobOperationMetadata: - id: GoogleCloudAiplatformV1CreateNotebookExecutionJobOperationMetadata - description: Metadata information for NotebookService.CreateNotebookExecutionJob. + annotationSpecId: + type: string + description: >- + The resource Id of the AnnotationSpec that this Annotation pertains + to. + displayName: + description: >- + The display name of the AnnotationSpec that this Annotation pertains + to. + type: string + description: Annotation details specific to image classification. + id: GoogleCloudAiplatformV1SchemaImageClassificationAnnotation type: object + GoogleCloudAiplatformV1CreateFeatureRequest: + description: >- + Request message for FeaturestoreService.CreateFeature. Request message + for FeatureRegistryService.CreateFeature. + id: GoogleCloudAiplatformV1CreateFeatureRequest properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - progressMessage: + feature: + description: Required. The Feature to create. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' + parent: + type: string description: >- - A human-readable message that shows the intermediate progress - details of NotebookRuntime. + Required. The resource name of the EntityType or FeatureGroup to + create a Feature. Format for entity_type as parent: + `projects/{project}/locations/{location}/featurestores/{featurestore}/entityTypes/{entity_type}` + Format for feature_group as parent: + `projects/{project}/locations/{location}/featureGroups/{feature_group}` + featureId: type: string - GoogleCloudAiplatformV1CreateNotebookRuntimeTemplateOperationMetadata: - id: GoogleCloudAiplatformV1CreateNotebookRuntimeTemplateOperationMetadata - description: Metadata information for NotebookService.CreateNotebookRuntimeTemplate. + description: >- + Required. The ID to use for the Feature, which will become the final + component of the Feature's resource name. This value may be up to + 128 characters, and valid characters are `[a-z0-9_]`. The first + character cannot be a number. The value must be unique within an + EntityType/FeatureGroup. type: object + GoogleCloudAiplatformV1SchemaModelevaluationMetricsTextSentimentEvaluationMetrics: + type: object + description: Model evaluation metrics for text sentiment problems. properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1CreateSpecialistPoolOperationMetadata: - id: GoogleCloudAiplatformV1CreateSpecialistPoolOperationMetadata + precision: + description: Precision. + format: float + type: number + meanAbsoluteError: + format: float + description: >- + Mean absolute error. Only set for ModelEvaluations, not for + ModelEvaluationSlices. + type: number + quadraticKappa: + description: >- + Quadratic weighted kappa. Only set for ModelEvaluations, not for + ModelEvaluationSlices. + format: float + type: number + f1Score: + type: number + format: float + description: The harmonic mean of recall and precision. + linearKappa: + description: >- + Linear weighted kappa. Only set for ModelEvaluations, not for + ModelEvaluationSlices. + format: float + type: number + recall: + description: Recall. + type: number + format: float + meanSquaredError: + format: float + description: >- + Mean squared error. Only set for ModelEvaluations, not for + ModelEvaluationSlices. + type: number + confusionMatrix: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrix + description: >- + Confusion matrix of the evaluation. Only set for ModelEvaluations, + not for ModelEvaluationSlices. + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsTextSentimentEvaluationMetrics + GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessResult: + description: Spec for question answering helpfulness result. + type: object + properties: + score: + format: float + description: Output only. Question Answering Helpfulness score. + type: number + readOnly: true + confidence: + description: Output only. Confidence for question answering helpfulness score. + format: float + type: number + readOnly: true + explanation: + description: Output only. Explanation for question answering helpfulness score. + type: string + readOnly: true + id: GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessResult + GoogleCloudAiplatformV1RagManagedDbConfigScaled: + id: GoogleCloudAiplatformV1RagManagedDbConfigScaled + type: object description: >- - Runtime operation information for - SpecialistPoolService.CreateSpecialistPool. + Scaled tier offers production grade performance along with autoscaling + functionality. It is suitable for customers with large amounts of data + or performance sensitive workloads. + properties: {} + GoogleCloudAiplatformV1SummarizationQualityInput: + id: GoogleCloudAiplatformV1SummarizationQualityInput + properties: + instance: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SummarizationQualityInstance + description: Required. Summarization quality instance. + metricSpec: + description: Required. Spec for summarization quality score metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1SummarizationQualitySpec' + description: Input for summarization quality metric. type: object + GoogleCloudAiplatformV1NotebookExecutionJobDirectNotebookSource: + description: The content of the input notebook in ipynb format. properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1CreateIndexOperationMetadata: - id: GoogleCloudAiplatformV1CreateIndexOperationMetadata - description: Runtime operation information for IndexService.CreateIndex. + content: + format: byte + description: The base64-encoded contents of the input notebook file. + type: string + id: GoogleCloudAiplatformV1NotebookExecutionJobDirectNotebookSource type: object + GoogleCloudAiplatformV1SpeechConfig: + type: object + id: GoogleCloudAiplatformV1SpeechConfig + description: Configuration for speech generation. properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - nearestNeighborSearchOperationMetadata: + voiceConfig: + description: The configuration for the voice to use. + $ref: '#/components/schemas/GoogleCloudAiplatformV1VoiceConfig' + languageCode: + type: string + description: Optional. The language code (ISO 639-1) for the speech synthesis. + multiSpeakerVoiceConfig: description: >- - The operation metadata with regard to Matching Engine Index - operation. + The configuration for a multi-speaker text-to-speech request. This + field is mutually exclusive with `voice_config`. + $ref: '#/components/schemas/GoogleCloudAiplatformV1MultiSpeakerVoiceConfig' + GoogleCloudAiplatformV1SchemaImageSegmentationAnnotation: + properties: + maskAnnotation: + description: >- + Mask based segmentation annotation. Only one mask annotation can + exist for one image. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadata - GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadata: - id: GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadata - description: Runtime operation metadata with regard to Matching Engine Index. + #/components/schemas/GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationMaskAnnotation + polylineAnnotation: + description: Polyline annotation. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationPolylineAnnotation + polygonAnnotation: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationPolygonAnnotation + description: Polygon annotation. + id: GoogleCloudAiplatformV1SchemaImageSegmentationAnnotation + type: object + description: Annotation details specific to image segmentation. + GoogleCloudAiplatformV1TrajectoryExactMatchSpec: + properties: {} + id: GoogleCloudAiplatformV1TrajectoryExactMatchSpec + description: >- + Spec for TrajectoryExactMatch metric - returns 1 if tool calls in the + reference trajectory exactly match the predicted trajectory, else 0. type: object + GoogleCloudAiplatformV1NearestNeighborQueryEmbedding: properties: - contentValidationStats: - description: >- - The validation stats of the content (per file) to be inserted or - updated on the Matching Engine Index resource. Populated if - contentsDeltaUri is provided as part of Index.metadata. Please note - that, currently for those files that are broken or has unsupported - file format, we will not have the stats for those files. - type: array + value: items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadataContentValidationStats - dataBytesCount: - description: The ingested data size in bytes. - type: string - format: int64 - GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadataContentValidationStats: - id: >- - GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadataContentValidationStats + format: float + type: number + description: Optional. Individual value in the embedding. + type: array + description: The embedding vector. + type: object + id: GoogleCloudAiplatformV1NearestNeighborQueryEmbedding + GoogleCloudAiplatformV1ModelEvaluation: + id: GoogleCloudAiplatformV1ModelEvaluation type: object + description: >- + A collection of metrics calculated by comparing Model's predictions on + all of the test data against annotations from the test data. properties: - sourceGcsUri: - description: Cloud Storage URI pointing to the original file in user's bucket. - type: string - validRecordCount: - description: Number of records in this file that were successfully processed. - type: string - format: int64 - invalidRecordCount: - description: Number of records in this file we skipped due to validate errors. - type: string - format: int64 - partialErrors: + explanationSpecs: description: >- - The detail information of the partial failures encountered for those - invalid records that couldn't be parsed. Up to 50 partial errors - will be reported. + Describes the values of ExplanationSpec that are used for explaining + the predicted values on the evaluated data. type: array items: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadataRecordError - validSparseRecordCount: + #/components/schemas/GoogleCloudAiplatformV1ModelEvaluationModelEvaluationExplanationSpec + modelExplanation: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelExplanation' description: >- - Number of sparse records in this file that were successfully - processed. - type: string - format: int64 - invalidSparseRecordCount: + Aggregated explanation metrics for the Model's prediction output + over the data this ModelEvaluation uses. This field is populated + only if the Model is evaluated with explanations, and only for + AutoML tabular Models. + sliceDimensions: + type: array + items: + type: string description: >- - Number of sparse records in this file we skipped due to validate - errors. + All possible dimensions of ModelEvaluationSlices. The dimensions can + be used as the filter of the ModelService.ListModelEvaluationSlices + request, in the form of `slice.dimension = `. + metrics: + description: >- + Evaluation metrics of the Model. The schema of the metrics is stored + in metrics_schema_uri + type: any + displayName: type: string - format: int64 - GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadataRecordError: - id: GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadataRecordError - type: object - properties: - errorType: - description: The error type of this record. - type: string - enumDescriptions: - - Default, shall not be used. - - The record is empty. - - Invalid json format. - - Invalid csv format. - - Invalid avro format. - - The embedding id is not valid. - - >- - The size of the dense embedding vectors does not match with the - specified dimension. - - The `namespace` field is missing. - - >- - Generic catch-all error. Only used for validation failure where - the root cause cannot be easily retrieved programmatically. - - There are multiple restricts with the same `namespace` value. - - Numeric restrict has operator specified in datapoint. - - Numeric restrict has multiple values specified. - - Numeric restrict has invalid numeric value specified. - - File is not in UTF_8 format. - - Error parsing sparse dimensions field. - - Token restrict value is invalid. - - Invalid sparse embedding. - - Invalid dense embedding. - - Invalid embedding metadata. - - Embedding metadata exceeds size limit. - enum: - - ERROR_TYPE_UNSPECIFIED - - EMPTY_LINE - - INVALID_JSON_SYNTAX - - INVALID_CSV_SYNTAX - - INVALID_AVRO_SYNTAX - - INVALID_EMBEDDING_ID - - EMBEDDING_SIZE_MISMATCH - - NAMESPACE_MISSING - - PARSING_ERROR - - DUPLICATE_NAMESPACE - - OP_IN_DATAPOINT - - MULTIPLE_VALUES - - INVALID_NUMERIC_VALUE - - INVALID_ENCODING - - INVALID_SPARSE_DIMENSIONS - - INVALID_TOKEN_VALUE - - INVALID_SPARSE_EMBEDDING - - INVALID_EMBEDDING - - INVALID_EMBEDDING_METADATA - - EMBEDDING_METADATA_EXCEEDS_SIZE_LIMIT - errorMessage: + description: The display name of the ModelEvaluation. + metricsSchemaUri: description: >- - A human-readable message that is shown to the user to help them fix - the error. Note that this message may change from time to time, your - code should check against error_type as the source of truth. + Points to a YAML file stored on Google Cloud Storage describing the + metrics of this ModelEvaluation. The schema is defined as an OpenAPI + 3.0.2 [Schema + Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). type: string - sourceGcsUri: - description: Cloud Storage URI pointing to the original file in user's bucket. + createTime: + description: Output only. Timestamp when this ModelEvaluation was created. + format: google-datetime + readOnly: true type: string - embeddingId: - description: Empty if the embedding id is failed to parse. + metadata: + type: any + description: >- + The metadata of the ModelEvaluation. For the ModelEvaluation + uploaded from Managed Pipeline, metadata contains a structured value + with keys of "pipeline_job_id", "evaluation_dataset_type", + "evaluation_dataset_path", "row_based_metrics_path". + annotationSchemaUri: type: string - rawRecord: - description: The original content of this record. + description: >- + Points to a YAML file stored on Google Cloud Storage describing + EvaluatedDataItemView.predictions, + EvaluatedDataItemView.ground_truths, + EvaluatedAnnotation.predictions, and + EvaluatedAnnotation.ground_truths. The schema is defined as an + OpenAPI 3.0.2 [Schema + Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). + This field is not populated if there are neither + EvaluatedDataItemViews nor EvaluatedAnnotations under this + ModelEvaluation. + name: type: string - GoogleCloudAiplatformV1CreateIndexEndpointOperationMetadata: - id: GoogleCloudAiplatformV1CreateIndexEndpointOperationMetadata - description: >- - Runtime operation information for - IndexEndpointService.CreateIndexEndpoint. - type: object - properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1CreateEntityTypeOperationMetadata: - id: GoogleCloudAiplatformV1CreateEntityTypeOperationMetadata - description: Details of operations that perform create EntityType. - type: object - properties: - genericMetadata: - description: Operation metadata for EntityType. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1CreateTensorboardOperationMetadata: - id: GoogleCloudAiplatformV1CreateTensorboardOperationMetadata - description: Details of operations that perform create Tensorboard. - type: object - properties: - genericMetadata: - description: Operation metadata for Tensorboard. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1BatchCreateFeaturesOperationMetadata: - id: GoogleCloudAiplatformV1BatchCreateFeaturesOperationMetadata - description: Details of operations that perform batch create Features. - type: object - properties: - genericMetadata: - description: Operation metadata for Feature. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1BatchCreateFeaturesResponse: - id: GoogleCloudAiplatformV1BatchCreateFeaturesResponse - description: Response message for FeaturestoreService.BatchCreateFeatures. + description: Output only. The resource name of the ModelEvaluation. + readOnly: true + dataItemSchemaUri: + type: string + description: >- + Points to a YAML file stored on Google Cloud Storage describing + EvaluatedDataItemView.data_item_payload and + EvaluatedAnnotation.data_item_payload. The schema is defined as an + OpenAPI 3.0.2 [Schema + Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). + This field is not populated if there are neither + EvaluatedDataItemViews nor EvaluatedAnnotations under this + ModelEvaluation. + GoogleCloudAiplatformV1TrajectoryExactMatchResults: + id: GoogleCloudAiplatformV1TrajectoryExactMatchResults + description: Results for TrajectoryExactMatch metric. type: object properties: - features: - description: The Features created. + trajectoryExactMatchMetricValues: type: array + description: Output only. TrajectoryExactMatch metric values. items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' - GoogleCloudAiplatformV1CreatePersistentResourceOperationMetadata: - id: GoogleCloudAiplatformV1CreatePersistentResourceOperationMetadata - description: Details of operations that perform create PersistentResource. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectoryExactMatchMetricValue + readOnly: true + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputs: type: object + id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputs properties: - genericMetadata: - description: Operation metadata for PersistentResource. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - progressMessage: - description: Progress Message for Create LRO + weightColumnName: + description: >- + Column name that should be used as the weight column. Higher values + in this column give more importance to the row during model + training. The column must have numeric values between 0 and 10000 + inclusively; 0 means the row is ignored for training. If weight + column field is not set, then all rows are assumed to have equal + weight of 1. type: string - GoogleCloudAiplatformV1DeleteFeatureValuesOperationMetadata: - id: GoogleCloudAiplatformV1DeleteFeatureValuesOperationMetadata - description: Details of operations that delete Feature values. - type: object - properties: - genericMetadata: - description: Operation metadata for Featurestore delete Features values. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1DeleteFeatureValuesResponse: - id: GoogleCloudAiplatformV1DeleteFeatureValuesResponse - description: Response message for FeaturestoreService.DeleteFeatureValues. - type: object - properties: - selectEntity: - description: Response for request specifying the entities to delete - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1DeleteFeatureValuesResponseSelectEntity - selectTimeRangeAndFeature: - description: Response for request specifying time range and feature + exportEvaluatedDataItemsConfig: + description: >- + Configuration for exporting test set predictions to a BigQuery + table. If this configuration is absent, then the export is not + performed. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1DeleteFeatureValuesResponseSelectTimeRangeAndFeature - GoogleCloudAiplatformV1DeleteFeatureValuesResponseSelectEntity: - id: GoogleCloudAiplatformV1DeleteFeatureValuesResponseSelectEntity - description: Response message if the request uses the SelectEntity option. - type: object - properties: - offlineStorageDeletedEntityRowCount: + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionExportEvaluatedDataItemsConfig + optimizationObjectiveRecallValue: description: >- - The count of deleted entity rows in the offline storage. Each row - corresponds to the combination of an entity ID and a timestamp. One - entity ID can have multiple rows in the offline storage. - type: string - format: int64 - onlineStorageDeletedEntityCount: + Required when optimization_objective is + "maximize-precision-at-recall". Must be between 0 and 1, inclusive. + format: float + type: number + additionalExperiments: + description: Additional experiment flags for the Tables training pipeline. + type: array + items: + type: string + transformations: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformation description: >- - The count of deleted entities in the online storage. Each entity ID - corresponds to one entity. + Each transformation will apply transform function to given input + column. And the result will be used for training. When creating + transformation for BigQuery Struct column, the column should be + flattened using "." as the delimiter. + type: array + optimizationObjective: + description: >- + Objective function the model is optimizing towards. The training + process creates a model that maximizes/minimizes the value of the + objective function over the validation set. The supported + optimization objectives depend on the prediction type. If the field + is not set, a default objective function is used. classification + (binary): "maximize-au-roc" (default) - Maximize the area under the + receiver operating characteristic (ROC) curve. "minimize-log-loss" - + Minimize log loss. "maximize-au-prc" - Maximize the area under the + precision-recall curve. "maximize-precision-at-recall" - Maximize + precision for a specified recall value. + "maximize-recall-at-precision" - Maximize recall for a specified + precision value. classification (multi-class): "minimize-log-loss" + (default) - Minimize log loss. regression: "minimize-rmse" (default) + - Minimize root-mean-squared error (RMSE). "minimize-mae" - Minimize + mean-absolute error (MAE). "minimize-rmsle" - Minimize + root-mean-squared log error (RMSLE). type: string - format: int64 - GoogleCloudAiplatformV1DeleteFeatureValuesResponseSelectTimeRangeAndFeature: - id: >- - GoogleCloudAiplatformV1DeleteFeatureValuesResponseSelectTimeRangeAndFeature - description: >- - Response message if the request uses the SelectTimeRangeAndFeature - option. - type: object - properties: - impactedFeatureCount: + disableEarlyStopping: description: >- - The count of the features or columns impacted. This is the same as - the feature count in the request. + Use the entire training budget. This disables the early stopping + feature. By default, the early stopping feature is enabled, which + means that AutoML Tables might stop training before the entire + training budget has been used. + type: boolean + predictionType: type: string - format: int64 - offlineStorageModifiedEntityRowCount: description: >- - The count of modified entity rows in the offline storage. Each row - corresponds to the combination of an entity ID and a timestamp. One - entity ID can have multiple rows in the offline storage. Within each - row, only the features specified in the request are deleted. + The type of prediction the Model is to produce. "classification" - + Predict one out of multiple target values is picked for each row. + "regression" - Predict a value based on its relation to other + values. This type is available only to columns that contain + semantically numeric values, i.e. integers or floating point number, + even if stored as e.g. strings. + trainBudgetMilliNodeHours: type: string format: int64 - onlineStorageModifiedEntityCount: description: >- - The count of modified entities in the online storage. Each entity ID - corresponds to one entity. Within each entity, only the features - specified in the request are deleted. + Required. The train budget of creating this model, expressed in + milli node hours i.e. 1,000 value in this field means 1 node hour. + The training cost of the model will not exceed this budget. The + final cost will be attempted to be close to the budget, though may + end up being (even) noticeably smaller - at the backend's + discretion. This especially may happen when further model training + ceases to provide any improvements. If the budget is set to a value + known to be insufficient to train a model for the given dataset, the + training won't be attempted and will error. The train budget must be + between 1,000 and 72,000 milli node hours, inclusive. + optimizationObjectivePrecisionValue: + format: float + description: >- + Required when optimization_objective is + "maximize-recall-at-precision". Must be between 0 and 1, inclusive. + type: number + targetColumn: + description: The column name of the target column that the model is to predict. type: string - format: int64 - GoogleCloudAiplatformV1DeleteOperationMetadata: - id: GoogleCloudAiplatformV1DeleteOperationMetadata - description: Details of operations that perform deletes of any entities. - type: object - properties: - genericMetadata: - description: The common part of the operation metadata. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1DeleteMetadataStoreOperationMetadata: - id: GoogleCloudAiplatformV1DeleteMetadataStoreOperationMetadata - description: Details of operations that perform MetadataService.DeleteMetadataStore. - type: object - properties: - genericMetadata: - description: Operation metadata for deleting a MetadataStore. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1DeployModelOperationMetadata: - id: GoogleCloudAiplatformV1DeployModelOperationMetadata - description: Runtime operation information for EndpointService.DeployModel. + GoogleCloudAiplatformV1MetricxSpec: + id: GoogleCloudAiplatformV1MetricxSpec type: object + description: Spec for MetricX metric. properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - deploymentStage: - description: Output only. The deployment stage of the model. - readOnly: true - type: string + version: + description: Required. Which version to use for evaluation. enumDescriptions: - - Default value. This value is unused. - - The deployment is initializing and setting up the environment. - - The deployment is preparing the model assets. - - The deployment is creating the underlying serving cluster. - - The deployment is adding nodes to the serving cluster. + - MetricX version unspecified. + - MetricX 2024 (2.6) for translation + reference (reference-based). + - MetricX 2024 (2.6) for translation + source (QE). - >- - The deployment is getting the container image for the model - server. - - The deployment is starting the model server. - - The deployment is performing finalization steps. - - The deployment has terminated. + MetricX 2024 (2.6) for translation + source + reference + (source-reference-combined). enum: - - DEPLOYMENT_STAGE_UNSPECIFIED - - STARTING_DEPLOYMENT - - PREPARING_MODEL - - CREATING_SERVING_CLUSTER - - ADDING_NODES_TO_CLUSTER - - GETTING_CONTAINER_IMAGE - - STARTING_MODEL_SERVER - - FINISHING_UP - - DEPLOYMENT_TERMINATED - GoogleCloudAiplatformV1DeployModelResponse: - id: GoogleCloudAiplatformV1DeployModelResponse - description: Response message for EndpointService.DeployModel. - type: object - properties: - deployedModel: - description: The DeployedModel that had been deployed in the Endpoint. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModel' - GoogleCloudAiplatformV1DeployIndexOperationMetadata: - id: GoogleCloudAiplatformV1DeployIndexOperationMetadata - description: Runtime operation information for IndexEndpointService.DeployIndex. - type: object - properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - deployedIndexId: - description: The unique index id specified by user + - METRICX_VERSION_UNSPECIFIED + - METRICX_24_REF + - METRICX_24_SRC + - METRICX_24_SRC_REF type: string - GoogleCloudAiplatformV1DeployIndexResponse: - id: GoogleCloudAiplatformV1DeployIndexResponse - description: Response message for IndexEndpointService.DeployIndex. - type: object - properties: - deployedIndex: - description: The DeployedIndex that had been deployed in the IndexEndpoint. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedIndex' - GoogleCloudAiplatformV1ExportDataOperationMetadata: - id: GoogleCloudAiplatformV1ExportDataOperationMetadata - description: Runtime operation information for DatasetService.ExportData. - type: object - properties: - genericMetadata: - description: The common part of the operation metadata. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - gcsOutputDirectory: + targetLanguage: description: >- - A Google Cloud Storage directory which path ends with '/'. The - exported data is stored in the directory. + Optional. Target language in BCP-47 format. Covers both prediction + and reference. type: string - GoogleCloudAiplatformV1ExportDataResponse: - id: GoogleCloudAiplatformV1ExportDataResponse - description: Response message for DatasetService.ExportData. - type: object + sourceLanguage: + description: Optional. Source language in BCP-47 format. + type: string + GoogleCloudAiplatformV1ReasoningEngineContextSpecMemoryBankConfigSimilaritySearchConfig: properties: - exportedFiles: - description: >- - All of the files that are exported in this export operation. For - custom code training export, only three (training, validation and - test) Cloud Storage paths in wildcard format are populated (for - example, gs://.../training-*). - type: array - items: - type: string - dataStats: + embeddingModel: + type: string description: >- - Only present for custom code training export use case. Records data - stats, i.e., train/validation/test item/annotation counts calculated - during the export operation. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelDataStats' - GoogleCloudAiplatformV1ExportFeatureValuesOperationMetadata: - id: GoogleCloudAiplatformV1ExportFeatureValuesOperationMetadata - description: Details of operations that exports Features values. - type: object - properties: - genericMetadata: - description: Operation metadata for Featurestore export Feature values. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1ExportFeatureValuesResponse: - id: GoogleCloudAiplatformV1ExportFeatureValuesResponse - description: Response message for FeaturestoreService.ExportFeatureValues. + Required. The model used to generate embeddings to lookup similar + memories. Format: + `projects/{project}/locations/{location}/publishers/google/models/{model}`. + id: >- + GoogleCloudAiplatformV1ReasoningEngineContextSpecMemoryBankConfigSimilaritySearchConfig + description: Configuration for how to perform similarity search on memories. type: object + GoogleCloudAiplatformV1ImportDataResponse: properties: {} - GoogleCloudAiplatformV1ExportModelOperationMetadata: - id: GoogleCloudAiplatformV1ExportModelOperationMetadata - description: Details of ModelService.ExportModel operation. type: object + id: GoogleCloudAiplatformV1ImportDataResponse + description: Response message for DatasetService.ImportData. + GoogleCloudAiplatformV1RagManagedDbConfig: properties: - genericMetadata: - description: The common part of the operation metadata. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - outputInfo: + scaled: description: >- - Output only. Information further describing the output of this Model - export. - readOnly: true + Sets the RagManagedDb to the Scaled tier. This is the default tier + if not explicitly chosen. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagManagedDbConfigScaled' + basic: + description: Sets the RagManagedDb to the Basic tier. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagManagedDbConfigBasic' + unprovisioned: + description: Sets the RagManagedDb to the Unprovisioned tier. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ExportModelOperationMetadataOutputInfo - GoogleCloudAiplatformV1ExportModelOperationMetadataOutputInfo: - id: GoogleCloudAiplatformV1ExportModelOperationMetadataOutputInfo - description: >- - Further describes the output of the ExportModel. Supplements - ExportModelRequest.OutputConfig. + #/components/schemas/GoogleCloudAiplatformV1RagManagedDbConfigUnprovisioned + id: GoogleCloudAiplatformV1RagManagedDbConfig + type: object + description: Configuration message for RagManagedDb used by RagEngine. + GoogleCloudAiplatformV1DataItem: type: object + description: >- + A piece of data in a Dataset. Could be an image, a video, a document or + plain text. + id: GoogleCloudAiplatformV1DataItem properties: - artifactOutputUri: - description: >- - Output only. If the Model artifact is being exported to Google Cloud - Storage this is the full path of the directory created, into which - the Model files are being written to. + updateTime: + type: string + description: Output only. Timestamp when this DataItem was last updated. + format: google-datetime readOnly: true + etag: + description: >- + Optional. Used to perform consistent read-modify-write updates. If + not set, a blind "overwrite" update happens. type: string - imageOutputUri: + payload: description: >- - Output only. If the Model image is being exported to Google - Container Registry or Artifact Registry this is the full path of the - image created. + Required. The data that the DataItem represents (for example, an + image or a text snippet). The schema of the payload is stored in the + parent Dataset's metadata schema's dataItemSchemaUri field. + type: any + satisfiesPzi: + readOnly: true + type: boolean + description: Output only. Reserved for future use. + satisfiesPzs: + description: Output only. Reserved for future use. readOnly: true + type: boolean + labels: + additionalProperties: + type: string + description: >- + Optional. The labels with user-defined metadata to organize your + DataItems. Label keys and values can be no longer than 64 characters + (Unicode codepoints), can only contain lowercase letters, numeric + characters, underscores and dashes. International characters are + allowed. No more than 64 user labels can be associated with one + DataItem(System labels are excluded). See https://goo.gl/xmQnxf for + more information and examples of labels. System reserved label keys + are prefixed with "aiplatform.googleapis.com/" and are immutable. + type: object + name: type: string - GoogleCloudAiplatformV1ExportModelResponse: - id: GoogleCloudAiplatformV1ExportModelResponse - description: Response message of ModelService.ExportModel operation. - type: object - properties: {} - GoogleCloudAiplatformV1GenerateVideoResponse: - id: GoogleCloudAiplatformV1GenerateVideoResponse - description: Generate video response. + description: Output only. The resource name of the DataItem. + readOnly: true + createTime: + description: Output only. Timestamp when this DataItem was created. + readOnly: true + format: google-datetime + type: string + GoogleCloudAiplatformV1ToolComputerUse: + id: GoogleCloudAiplatformV1ToolComputerUse + description: Tool to support computer use. type: object properties: - generatedSamples: - description: The cloud storage uris of the generated videos. - deprecated: true - type: array + environment: + type: string + description: Required. The environment being operated. + enum: + - ENVIRONMENT_UNSPECIFIED + - ENVIRONMENT_BROWSER + enumDescriptions: + - Defaults to browser. + - Operates in a web browser. + excludedPredefinedFunctions: items: type: string - raiMediaFilteredCount: - description: Returns if any videos were filtered due to RAI policies. - type: integer - format: int32 - raiMediaFilteredReasons: - description: Returns rai failure reasons if any. type: array + description: >- + Optional. By default, [predefined + functions](https://cloud.google.com/vertex-ai/generative-ai/docs/computer-use#supported-actions) + are included in the final model call. Some of them can be explicitly + excluded from being automatically included. This can serve two + purposes: 1. Using a more restricted / different action space. 2. + Improving the definitions / instructions of predefined functions. + GoogleCloudAiplatformV1EvaluationInstanceAgentConfigTools: + description: Represents a list of tools for an agent. + type: object + properties: + tool: items: - type: string - videos: - description: List of video bytes or Cloud Storage URIs of the generated videos. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tool' type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateVideoResponseVideo - GoogleCloudAiplatformV1GenerateVideoResponseVideo: - id: GoogleCloudAiplatformV1GenerateVideoResponseVideo - description: A generated video. + description: >- + Optional. List of tools: each tool can have multiple function + declarations. + id: GoogleCloudAiplatformV1EvaluationInstanceAgentConfigTools + GoogleCloudAiplatformV1SummarizationHelpfulnessResult: type: object + description: Spec for summarization helpfulness result. properties: - gcsUri: - description: Cloud Storage URI where the generated video is written. - type: string - bytesBase64Encoded: - description: Base64 encoded bytes string representing the video. - type: string - mimeType: - description: The MIME type of the content of the video. - video/mp4 + explanation: + description: Output only. Explanation for summarization helpfulness score. + readOnly: true type: string - GoogleCloudAiplatformV1ImportDataOperationMetadata: - id: GoogleCloudAiplatformV1ImportDataOperationMetadata - description: Runtime operation information for DatasetService.ImportData. - type: object - properties: - genericMetadata: - description: The common part of the operation metadata. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1ImportDataResponse: - id: GoogleCloudAiplatformV1ImportDataResponse - description: Response message for DatasetService.ImportData. - type: object - properties: {} - GoogleCloudAiplatformV1ImportFeatureValuesOperationMetadata: - id: GoogleCloudAiplatformV1ImportFeatureValuesOperationMetadata - description: Details of operations that perform import Feature values. + confidence: + description: Output only. Confidence for summarization helpfulness score. + format: float + readOnly: true + type: number + score: + readOnly: true + description: Output only. Summarization Helpfulness score. + type: number + format: float + id: GoogleCloudAiplatformV1SummarizationHelpfulnessResult + GoogleCloudAiplatformV1SupervisedTuningDatasetDistribution: type: object + description: Dataset distribution for Supervised Tuning. + id: GoogleCloudAiplatformV1SupervisedTuningDatasetDistribution properties: - genericMetadata: - description: Operation metadata for Featurestore import Feature values. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - importedEntityCount: - description: Number of entities that have been imported by the operation. - type: string - format: int64 - importedFeatureValueCount: - description: Number of Feature values that have been imported by the operation. - type: string - format: int64 - sourceUris: - description: The source URI from where Feature values are imported. + mean: + description: Output only. The arithmetic mean of the values in the population. + readOnly: true + format: double + type: number + max: + format: double + readOnly: true + description: Output only. The maximum of the population values. + type: number + p5: + type: number + format: double + readOnly: true + description: Output only. The 5th percentile of the values in the population. + buckets: type: array + description: Output only. Defines the histogram bucket. + readOnly: true items: - type: string - invalidRowCount: - description: >- - The number of rows in input source that weren't imported due to - either * Not having any featureValues. * Having a null entityId. * - Having a null timestamp. * Not being parsable (applicable for CSV - sources). - type: string + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SupervisedTuningDatasetDistributionDatasetBucket + billableSum: format: int64 - timestampOutsideRetentionRowsCount: - description: >- - The number rows that weren't ingested due to having timestamps - outside the retention boundary. + readOnly: true + description: Output only. Sum of a given population of values that are billable. type: string + sum: + readOnly: true format: int64 - blockingOperationIds: - description: >- - List of ImportFeatureValues operations running under a single - EntityType that are blocking this operation. - type: array - items: - type: string - format: int64 - GoogleCloudAiplatformV1ImportFeatureValuesResponse: - id: GoogleCloudAiplatformV1ImportFeatureValuesResponse - description: Response message for FeaturestoreService.ImportFeatureValues. + description: Output only. Sum of a given population of values. + type: string + p95: + format: double + description: Output only. The 95th percentile of the values in the population. + type: number + readOnly: true + min: + readOnly: true + format: double + type: number + description: Output only. The minimum of the population values. + median: + readOnly: true + description: Output only. The median of the values in the population. + type: number + format: double + GoogleCloudAiplatformV1MachineSpec: type: object + id: GoogleCloudAiplatformV1MachineSpec + description: Specification of a single machine. properties: - importedEntityCount: - description: Number of entities that have been imported by the operation. - type: string - format: int64 - importedFeatureValueCount: - description: Number of Feature values that have been imported by the operation. - type: string - format: int64 - invalidRowCount: + acceleratorCount: + format: int32 + type: integer description: >- - The number of rows in input source that weren't imported due to - either * Not having any featureValues. * Having a null entityId. * - Having a null timestamp. * Not being parsable (applicable for CSV - sources). + The number of accelerators to attach to the machine. For accelerator + optimized machine types + (https://cloud.google.com/compute/docs/accelerator-optimized-machines), + One may set the accelerator_count from 1 to N for machine with N + GPUs. If accelerator_count is less than or equal to N / 2, Vertex + will co-schedule the replicas of the model into the same VM to save + cost. For example, if the machine type is a3-highgpu-8g, which has 8 + H100 GPUs, one can set accelerator_count to 1 to 8. If + accelerator_count is 1, 2, 3, or 4, Vertex will co-schedule 8, 4, 2, + or 2 replicas of the model into the same VM to save cost. When + co-scheduling, CPU, memory and storage on the VM will be distributed + to replicas on the VM. For example, one can expect a co-scheduled + replica requesting 2 GPUs out of a 8-GPU VM will receive 25% of the + CPU, memory and storage of the VM. Note that the feature is not + compatible with multihost_gpu_node_count. When + multihost_gpu_node_count is set, the co-scheduling will not be + enabled. + reservationAffinity: + description: >- + Optional. Immutable. Configuration controlling how this resource + pool consumes reservation. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ReservationAffinity' + gpuPartitionSize: + type: string + description: >- + Optional. Immutable. The Nvidia GPU partition size. When specified, + the requested accelerators will be partitioned into smaller GPU + partitions. For example, if the request is for 8 units of NVIDIA + A100 GPUs, and gpu_partition_size="1g.10gb", the service will create + 8 * 7 = 56 partitioned MIG instances. The partition size must be a + value supported by the requested accelerator. Refer to [Nvidia GPU + Partitioning](https://cloud.google.com/kubernetes-engine/docs/how-to/gpus-multi#multi-instance_gpu_partitions) + for the available partition sizes. If set, the accelerator_count + should be set to 1. + acceleratorType: + description: >- + Immutable. The type of accelerator(s) that may be attached to the + machine as per accelerator_count. + enum: + - ACCELERATOR_TYPE_UNSPECIFIED + - NVIDIA_TESLA_K80 + - NVIDIA_TESLA_P100 + - NVIDIA_TESLA_V100 + - NVIDIA_TESLA_P4 + - NVIDIA_TESLA_T4 + - NVIDIA_TESLA_A100 + - NVIDIA_A100_80GB + - NVIDIA_L4 + - NVIDIA_H100_80GB + - NVIDIA_H100_MEGA_80GB + - NVIDIA_H200_141GB + - NVIDIA_B200 + - NVIDIA_GB200 + - NVIDIA_RTX_PRO_6000 + - TPU_V2 + - TPU_V3 + - TPU_V4_POD + - TPU_V5_LITEPOD + enumDescriptions: + - Unspecified accelerator type, which means no accelerator. + - >- + Deprecated: Nvidia Tesla K80 GPU has reached end of support, see + https://cloud.google.com/compute/docs/eol/k80-eol. + - Nvidia Tesla P100 GPU. + - Nvidia Tesla V100 GPU. + - Nvidia Tesla P4 GPU. + - Nvidia Tesla T4 GPU. + - Nvidia Tesla A100 GPU. + - Nvidia A100 80GB GPU. + - Nvidia L4 GPU. + - Nvidia H100 80Gb GPU. + - Nvidia H100 Mega 80Gb GPU. + - Nvidia H200 141Gb GPU. + - Nvidia B200 GPU. + - Nvidia GB200 GPU. + - Nvidia RTX Pro 6000 GPU. + - TPU v2. + - TPU v3. + - TPU v4. + - TPU v5. type: string - format: int64 - timestampOutsideRetentionRowsCount: + enumDeprecated: + - false + - true + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + tpuTopology: description: >- - The number rows that weren't ingested due to having feature - timestamps outside the retention boundary. + Immutable. The topology of the TPUs. Corresponds to the TPU + topologies available from GKE. (Example: tpu_topology: "2x2x1"). type: string - format: int64 - GoogleCloudAiplatformV1MutateDeployedIndexOperationMetadata: - id: GoogleCloudAiplatformV1MutateDeployedIndexOperationMetadata - description: >- - Runtime operation information for - IndexEndpointService.MutateDeployedIndex. - type: object - properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - deployedIndexId: - description: The unique index id specified by user + machineType: type: string - GoogleCloudAiplatformV1MutateDeployedIndexResponse: - id: GoogleCloudAiplatformV1MutateDeployedIndexResponse - description: Response message for IndexEndpointService.MutateDeployedIndex. - type: object - properties: - deployedIndex: - description: The DeployedIndex that had been updated in the IndexEndpoint. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedIndex' - GoogleCloudAiplatformV1MutateDeployedModelOperationMetadata: - id: GoogleCloudAiplatformV1MutateDeployedModelOperationMetadata - description: Runtime operation information for EndpointService.MutateDeployedModel. - type: object - properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1MutateDeployedModelResponse: - id: GoogleCloudAiplatformV1MutateDeployedModelResponse - description: Response message for EndpointService.MutateDeployedModel. - type: object + description: >- + Immutable. The type of the machine. See the [list of machine types + supported for + prediction](https://cloud.google.com/vertex-ai/docs/predictions/configure-compute#machine-types) + See the [list of machine types supported for custom + training](https://cloud.google.com/vertex-ai/docs/training/configure-compute#machine-types). + For DeployedModel this field is optional, and the default value is + `n1-standard-2`. For BatchPredictionJob or as part of WorkerPoolSpec + this field is required. + GoogleCloudAiplatformV1CsvDestination: properties: - deployedModel: - description: The DeployedModel that's being mutated. - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModel' - GoogleCloudAiplatformV1PurgeArtifactsResponse: - id: GoogleCloudAiplatformV1PurgeArtifactsResponse - description: Response message for MetadataService.PurgeArtifacts. + gcsDestination: + description: Required. Google Cloud Storage location. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' + id: GoogleCloudAiplatformV1CsvDestination + description: The storage details for CSV output content. type: object + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutomlImageTrainingTunableParameter: + description: >- + A wrapper class which contains the tunable parameters in an AutoML Image + training job. properties: - purgeCount: - description: >- - The number of Artifacts that this request deleted (or, if `force` is - false, the number of Artifacts that will be deleted). This can be an - estimate. + checkpointName: type: string - format: int64 - purgeSample: description: >- - A sample of the Artifact names that will be deleted. Only populated - if `force` is set to false. The maximum number of samples is 100 (it - is possible to return fewer). - type: array - items: + Optional. An unique name of pretrained model checkpoint provided in + model garden, it will be mapped to a GCS location internally. + datasetConfig: + description: Customizable dataset settings, used in the `model_garden_trainer`. + type: object + additionalProperties: type: string - GoogleCloudAiplatformV1PurgeArtifactsMetadata: - id: GoogleCloudAiplatformV1PurgeArtifactsMetadata - description: Details of operations that perform MetadataService.PurgeArtifacts. - type: object - properties: - genericMetadata: - description: Operation metadata for purging Artifacts. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1PurgeContextsMetadata: - id: GoogleCloudAiplatformV1PurgeContextsMetadata - description: Details of operations that perform MetadataService.PurgeContexts. + studySpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1StudySpec' + description: >- + Optioinal. StudySpec of hyperparameter tuning job. Required for + `model_garden_trainer`. + trainerConfig: + type: object + description: Customizable trainer settings, used in the `model_garden_trainer`. + additionalProperties: + type: string + trainerType: + enumDescriptions: + - Default value. + - '' + - '' + type: string + enum: + - TRAINER_TYPE_UNSPECIFIED + - AUTOML_TRAINER + - MODEL_GARDEN_TRAINER type: object + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutomlImageTrainingTunableParameter + GoogleCloudAiplatformV1TrajectoryRecallInstance: + description: Spec for TrajectoryRecall instance. properties: - genericMetadata: - description: Operation metadata for purging Contexts. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1PurgeContextsResponse: - id: GoogleCloudAiplatformV1PurgeContextsResponse - description: Response message for MetadataService.PurgeContexts. + referenceTrajectory: + description: Required. Spec for reference tool call trajectory. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' + predictedTrajectory: + description: Required. Spec for predicted tool call trajectory. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' + id: GoogleCloudAiplatformV1TrajectoryRecallInstance type: object + GoogleCloudAiplatformV1AddContextArtifactsAndExecutionsRequest: properties: - purgeCount: - description: >- - The number of Contexts that this request deleted (or, if `force` is - false, the number of Contexts that will be deleted). This can be an - estimate. - type: string - format: int64 - purgeSample: - description: >- - A sample of the Context names that will be deleted. Only populated - if `force` is set to false. The maximum number of samples is 100 (it - is possible to return fewer). + artifacts: type: array + description: >- + The resource names of the Artifacts to attribute to the Context. + Format: + `projects/{project}/locations/{location}/metadataStores/{metadatastore}/artifacts/{artifact}` items: type: string - GoogleCloudAiplatformV1PurgeExecutionsResponse: - id: GoogleCloudAiplatformV1PurgeExecutionsResponse - description: Response message for MetadataService.PurgeExecutions. - type: object - properties: - purgeCount: - description: >- - The number of Executions that this request deleted (or, if `force` - is false, the number of Executions that will be deleted). This can - be an estimate. - type: string - format: int64 - purgeSample: - description: >- - A sample of the Execution names that will be deleted. Only populated - if `force` is set to false. The maximum number of samples is 100 (it - is possible to return fewer). + executions: type: array items: type: string - GoogleCloudAiplatformV1PurgeExecutionsMetadata: - id: GoogleCloudAiplatformV1PurgeExecutionsMetadata - description: Details of operations that perform MetadataService.PurgeExecutions. + description: >- + The resource names of the Executions to associate with the Context. + Format: + `projects/{project}/locations/{location}/metadataStores/{metadatastore}/executions/{execution}` + id: GoogleCloudAiplatformV1AddContextArtifactsAndExecutionsRequest + description: Request message for MetadataService.AddContextArtifactsAndExecutions. type: object - properties: - genericMetadata: - description: Operation metadata for purging Executions. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1RebootPersistentResourceOperationMetadata: - id: GoogleCloudAiplatformV1RebootPersistentResourceOperationMetadata - description: Details of operations that perform reboot PersistentResource. + GoogleCloudAiplatformV1ModelExportFormat: type: object + description: >- + Represents export format supported by the Model. All formats export to + Google Cloud Storage. properties: - genericMetadata: - description: Operation metadata for PersistentResource. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - progressMessage: - description: Progress Message for Reboot LRO + exportableContents: + readOnly: true + description: Output only. The content of this Model that may be exported. + items: + enumDescriptions: + - Should not be used. + - >- + Model artifact and any of its supported files. Will be exported + to the location specified by the `artifactDestination` field of + the ExportModelRequest.output_config object. + - >- + The container image that is to be used when deploying this + Model. Will be exported to the location specified by the + `imageDestination` field of the ExportModelRequest.output_config + object. + enum: + - EXPORTABLE_CONTENT_UNSPECIFIED + - ARTIFACT + - IMAGE + type: string + type: array + id: type: string - GoogleCloudAiplatformV1StartNotebookRuntimeOperationMetadata: - id: GoogleCloudAiplatformV1StartNotebookRuntimeOperationMetadata - description: Metadata information for NotebookService.StartNotebookRuntime. + readOnly: true + description: >- + Output only. The ID of the export format. The possible format IDs + are: * `tflite` Used for Android mobile devices. * `edgetpu-tflite` + Used for [Edge TPU](https://cloud.google.com/edge-tpu/) devices. * + `tf-saved-model` A tensorflow model in SavedModel format. * `tf-js` + A [TensorFlow.js](https://www.tensorflow.org/js) model that can be + used in the browser and in Node.js using JavaScript. * `core-ml` + Used for iOS mobile devices. * `custom-trained` A Model that was + uploaded or trained by custom code. * `genie` A tuned Model Garden + model. + id: GoogleCloudAiplatformV1ModelExportFormat + GoogleCloudAiplatformV1MemoryBankCustomizationConfigGenerateMemoriesExample: + description: An example of how to generate memories for a particular scope. type: object properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - progressMessage: + conversationSource: + description: A conversation source for the example. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MemoryBankCustomizationConfigGenerateMemoriesExampleConversationSource + generatedMemories: description: >- - A human-readable message that shows the intermediate progress - details of NotebookRuntime. - type: string - GoogleCloudAiplatformV1SuggestTrialsMetadata: - id: GoogleCloudAiplatformV1SuggestTrialsMetadata - description: Details of operations that perform Trials suggestion. - type: object + Optional. The memories that are expected to be generated from the + input conversation. An empty list indicates that no memories are + expected to be generated for the input conversation. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MemoryBankCustomizationConfigGenerateMemoriesExampleGeneratedMemory + type: array + id: >- + GoogleCloudAiplatformV1MemoryBankCustomizationConfigGenerateMemoriesExample + GoogleCloudAiplatformV1DeployedIndex: properties: - genericMetadata: - description: Operation metadata for suggesting Trials. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - clientId: + privateEndpoints: + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexPrivateEndpoints' description: >- - The identifier of the client that is requesting the suggestion. If - multiple SuggestTrialsRequests have the same `client_id`, the - service will return the identical suggested Trial if the Trial is - pending, and provide a new Trial if the last suggested Trial was - completed. + Output only. Provides paths for users to send requests directly to + the deployed index services running on Cloud via private services + access. This field is populated if network is configured. + automaticResources: + description: >- + Optional. A description of resources that the DeployedIndex uses, + which to large degree are decided by Vertex AI, and optionally + allows only a modest additional configuration. If min_replica_count + is not set, the default value is 2 (we don't provide SLA when + min_replica_count=1). If max_replica_count is not set, the default + value is min_replica_count. The max allowed replica count is 1000. + $ref: '#/components/schemas/GoogleCloudAiplatformV1AutomaticResources' + enableDatapointUpsertLogging: + description: >- + Optional. If true, logs to Cloud Logging errors relating to + datapoint upserts. Under normal operation conditions, these log + entries should be very rare. However, if incompatible datapoint + updates are being uploaded to an index, a high volume of log entries + may be generated in a short period of time. Note that logs may incur + a cost, especially if the deployed index receives a high volume of + datapoint upserts. Estimate your costs before enabling this option. + type: boolean + index: + description: >- + Required. The name of the Index this is the deployment of. We may + refer to this Index as the DeployedIndex's "original" Index. type: string - GoogleCloudAiplatformV1SuggestTrialsResponse: - id: GoogleCloudAiplatformV1SuggestTrialsResponse - description: Response message for VizierService.SuggestTrials. - type: object - properties: - trials: - description: A list of Trials. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' - studyState: - description: The state of the Study. + dedicatedResources: + description: >- + Optional. A description of resources that are dedicated to the + DeployedIndex, and that need a higher degree of manual + configuration. The field min_replica_count must be set to a value + strictly greater than 0, or else validation will fail. We don't + provide SLA when min_replica_count=1. If max_replica_count is not + set, the default value is min_replica_count. The max allowed replica + count is 1000. Available machine types for SMALL shard: + e2-standard-2 and all machine types available for MEDIUM and LARGE + shard. Available machine types for MEDIUM shard: e2-standard-16 and + all machine types available for LARGE shard. Available machine types + for LARGE shard: e2-highmem-16, n2d-standard-32. n1-standard-16 and + n1-standard-32 are still available, but we recommend e2-standard-16 + and e2-highmem-16 for cost efficiency. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DedicatedResources' + deploymentGroup: type: string - enumDescriptions: - - The study state is unspecified. - - The study is active. - - The study is stopped due to an internal error. - - >- - The study is done when the service exhausts the parameter search - space or max_trial_count is reached. + description: >- + Optional. The deployment group can be no longer than 64 characters + (eg: 'test', 'prod'). If not set, we will use the 'default' + deployment group. Creating `deployment_groups` with + `reserved_ip_ranges` is a recommended practice when the peered + network has multiple peering ranges. This creates your deployments + from predictable IP spaces for easier traffic administration. Also, + one deployment_group (except 'default') can only be used with the + same reserved_ip_ranges which means if the deployment_group has been + used with reserved_ip_ranges: [a, b, c], using it with [a, b] or [d, + e] is disallowed. Note: we only support up to 5 deployment + groups(not including 'default'). + deploymentTier: enum: - - STATE_UNSPECIFIED - - ACTIVE - - INACTIVE - - COMPLETED - startTime: - description: The time at which the operation was started. + - DEPLOYMENT_TIER_UNSPECIFIED + - STORAGE + description: >- + Optional. The deployment tier that the index is deployed to. + DEPLOYMENT_TIER_UNSPECIFIED will use a system-chosen default tier. + enumDescriptions: + - Default deployment tier. + - Optimized for costs. + type: string + reservedIpRanges: + type: array + items: + type: string + description: >- + Optional. A list of reserved ip ranges under the VPC network that + can be used for this DeployedIndex. If set, we will deploy the index + within the provided ip ranges. Otherwise, the index might be + deployed to any ip ranges under the provided VPC network. The value + should be the name of the address + (https://cloud.google.com/compute/docs/reference/rest/v1/addresses) + Example: ['vertex-ai-ip-range']. For more information about subnets + and network IP ranges, please see + https://cloud.google.com/vpc/docs/subnets#manually_created_subnet_ip_ranges. + createTime: type: string format: google-datetime - endTime: - description: The time at which operation processing completed. + description: Output only. Timestamp when the DeployedIndex was created. + readOnly: true + enableAccessLogging: + description: >- + Optional. If true, private endpoint's access logs are sent to Cloud + Logging. These logs are like standard server access logs, containing + information like timestamp and latency for each MatchRequest. Note + that logs may incur a cost, especially if the deployed index + receives a high queries per second rate (QPS). Estimate your costs + before enabling this option. + type: boolean + indexSyncTime: type: string + description: >- + Output only. The DeployedIndex may depend on various data on its + original Index. Additionally when certain changes to the original + Index are being done (e.g. when what the Index contains is being + changed) the DeployedIndex may be asynchronously updated in the + background to reflect these changes. If this timestamp's value is at + least the Index.update_time of the original Index, it means that + this DeployedIndex and the original Index are in sync. If this + timestamp is older, then to see which updates this DeployedIndex + already contains (and which it does not), one must list the + operations that are running on the original Index. Only the + successfully completed Operations with update_time equal or before + this sync time are contained in this DeployedIndex. format: google-datetime - GoogleCloudAiplatformV1UndeployModelOperationMetadata: - id: GoogleCloudAiplatformV1UndeployModelOperationMetadata - description: Runtime operation information for EndpointService.UndeployModel. - type: object - properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1UndeployModelResponse: - id: GoogleCloudAiplatformV1UndeployModelResponse - description: Response message for EndpointService.UndeployModel. - type: object - properties: {} - GoogleCloudAiplatformV1UndeployIndexOperationMetadata: - id: GoogleCloudAiplatformV1UndeployIndexOperationMetadata - description: Runtime operation information for IndexEndpointService.UndeployIndex. - type: object - properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1UndeployIndexResponse: - id: GoogleCloudAiplatformV1UndeployIndexResponse - description: Response message for IndexEndpointService.UndeployIndex. - type: object - properties: {} - GoogleCloudAiplatformV1UpdateDeploymentResourcePoolOperationMetadata: - id: GoogleCloudAiplatformV1UpdateDeploymentResourcePoolOperationMetadata - description: Runtime operation information for UpdateDeploymentResourcePool method. - type: object - properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1UpdateExplanationDatasetOperationMetadata: - id: GoogleCloudAiplatformV1UpdateExplanationDatasetOperationMetadata - description: Runtime operation information for ModelService.UpdateExplanationDataset. - type: object - properties: - genericMetadata: - description: The common part of the operation metadata. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1UpdateExplanationDatasetResponse: - id: GoogleCloudAiplatformV1UpdateExplanationDatasetResponse - description: Response message of ModelService.UpdateExplanationDataset operation. - type: object - properties: {} - GoogleCloudAiplatformV1UpdateModelDeploymentMonitoringJobOperationMetadata: - id: >- - GoogleCloudAiplatformV1UpdateModelDeploymentMonitoringJobOperationMetadata + readOnly: true + displayName: + description: >- + The display name of the DeployedIndex. If not provided upon + creation, the Index's display_name is used. + type: string + deployedIndexAuthConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedIndexAuthConfig' + description: >- + Optional. If set, the authentication is enabled for the private + endpoint. + id: + description: >- + Required. The user specified ID of the DeployedIndex. The ID can be + up to 128 characters long and must start with a letter and only + contain letters, numbers, and underscores. The ID must be unique + within the project it is created in. + type: string + pscAutomationConfigs: + description: >- + Optional. If set for PSC deployed index, PSC connection will be + automatically created after deployment is done and the endpoint + information is populated in + private_endpoints.psc_automated_endpoints. + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PSCAutomationConfig' + id: GoogleCloudAiplatformV1DeployedIndex description: >- - Runtime operation information for - JobService.UpdateModelDeploymentMonitoringJob. - type: object - properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1UpdateFeatureGroupOperationMetadata: - id: GoogleCloudAiplatformV1UpdateFeatureGroupOperationMetadata - description: Details of operations that perform update FeatureGroup. - type: object - properties: - genericMetadata: - description: Operation metadata for FeatureGroup. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1UpdateFeatureOperationMetadata: - id: GoogleCloudAiplatformV1UpdateFeatureOperationMetadata - description: Details of operations that perform update Feature. - type: object - properties: - genericMetadata: - description: Operation metadata for Feature Update. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1UpdateFeaturestoreOperationMetadata: - id: GoogleCloudAiplatformV1UpdateFeaturestoreOperationMetadata - description: Details of operations that perform update Featurestore. + A deployment of an Index. IndexEndpoints contain one or more + DeployedIndexes. type: object + GoogleCloudAiplatformV1TrajectoryPrecisionInstance: + description: Spec for TrajectoryPrecision instance. properties: - genericMetadata: - description: Operation metadata for Featurestore. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1UpdatePersistentResourceOperationMetadata: - id: GoogleCloudAiplatformV1UpdatePersistentResourceOperationMetadata - description: Details of operations that perform update PersistentResource. + referenceTrajectory: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' + description: Required. Spec for reference tool call trajectory. + predictedTrajectory: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trajectory' + description: Required. Spec for predicted tool call trajectory. type: object - properties: - genericMetadata: - description: Operation metadata for PersistentResource. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - progressMessage: - description: Progress Message for Update LRO - type: string - GoogleCloudAiplatformV1UpdateSpecialistPoolOperationMetadata: - id: GoogleCloudAiplatformV1UpdateSpecialistPoolOperationMetadata + id: GoogleCloudAiplatformV1TrajectoryPrecisionInstance + GoogleCloudAiplatformV1Endpoint: description: >- - Runtime operation metadata for - SpecialistPoolService.UpdateSpecialistPool. + Models are deployed into it, and afterwards Endpoint is called to obtain + predictions and explanations. type: object + id: GoogleCloudAiplatformV1Endpoint properties: - specialistPool: + gdcConfig: description: >- - Output only. The name of the SpecialistPool to which the specialists - are being added. Format: - `projects/{project_id}/locations/{location_id}/specialistPools/{specialist_pool}` + Configures the Google Distributed Cloud (GDC) environment for online + prediction. Only set this field when the Endpoint is to be deployed + in a GDC environment. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GdcConfig' + displayName: + type: string + description: >- + Required. The display name of the Endpoint. The name can be up to + 128 characters long and can consist of any UTF-8 characters. + enablePrivateServiceConnect: + type: boolean + deprecated: true + description: >- + Deprecated: If true, expose the Endpoint via private service + connect. Only one of the fields, network or + enable_private_service_connect, can be set. + etag: + description: >- + Used to perform consistent read-modify-write updates. If not set, a + blind "overwrite" update happens. + type: string + genAiAdvancedFeaturesConfig: + description: >- + Optional. Configuration for GenAiAdvancedFeatures. If the endpoint + is serving GenAI models, advanced features like native RAG + integration can be configured. Currently, only Model Garden models + are supported. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenAiAdvancedFeaturesConfig + privateServiceConnectConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PrivateServiceConnectConfig + description: >- + Optional. Configuration for private service connect. network and + private_service_connect_config are mutually exclusive. + satisfiesPzs: + type: boolean + readOnly: true + description: Output only. Reserved for future use. + satisfiesPzi: + description: Output only. Reserved for future use. readOnly: true + type: boolean + updateTime: type: string - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1UpdateTensorboardOperationMetadata: - id: GoogleCloudAiplatformV1UpdateTensorboardOperationMetadata - description: Details of operations that perform update Tensorboard. - type: object - properties: - genericMetadata: - description: Operation metadata for Tensorboard. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1UpdateIndexOperationMetadata: - id: GoogleCloudAiplatformV1UpdateIndexOperationMetadata - description: Runtime operation information for IndexService.UpdateIndex. - type: object - properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - nearestNeighborSearchOperationMetadata: + description: Output only. Timestamp when this Endpoint was last updated. + readOnly: true + format: google-datetime + deployedModels: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModel' + readOnly: true + type: array description: >- - The operation metadata with regard to Matching Engine Index - operation. + Output only. The models deployed in this Endpoint. To add or remove + DeployedModels use EndpointService.DeployModel and + EndpointService.UndeployModel respectively. + network: + type: string + description: >- + Optional. The full name of the Google Compute Engine + [network](https://cloud.google.com//compute/docs/networks-and-firewalls#networks) + to which the Endpoint should be peered. Private services access must + already be configured for the network. If left unspecified, the + Endpoint is not peered with any network. Only one of the fields, + network or enable_private_service_connect, can be set. + [Format](https://cloud.google.com/compute/docs/reference/rest/v1/networks/insert): + `projects/{project}/global/networks/{network}`. Where `{project}` is + a project number, as in `12345`, and `{network}` is network name. + name: + description: Output only. The resource name of the Endpoint. + type: string + readOnly: true + trafficSplit: + type: object + description: >- + A map from a DeployedModel's ID to the percentage of this Endpoint's + traffic that should be forwarded to that DeployedModel. If a + DeployedModel's ID is not listed in this map, then it receives no + traffic. The traffic percentage values must add up to 100, or map + must be empty if the Endpoint is to not accept any traffic at a + moment. + additionalProperties: + type: integer + format: int32 + predictRequestResponseLoggingConfig: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadata - GoogleCloudAiplatformV1UpgradeNotebookRuntimeOperationMetadata: - id: GoogleCloudAiplatformV1UpgradeNotebookRuntimeOperationMetadata - description: Metadata information for NotebookService.UpgradeNotebookRuntime. - type: object - properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - progressMessage: + #/components/schemas/GoogleCloudAiplatformV1PredictRequestResponseLoggingConfig + description: Configures the request-response logging for online prediction. + description: + type: string + description: The description of the Endpoint. + clientConnectionConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ClientConnectionConfig' description: >- - A human-readable message that shows the intermediate progress - details of NotebookRuntime. + Configurations that are applied to the endpoint for online + prediction. + dedicatedEndpointDns: + readOnly: true + description: >- + Output only. DNS of the dedicated endpoint. Will only be populated + if dedicated_endpoint_enabled is true. Depending on the features + enabled, uid might be a random number or a string. For example, if + fast_tryout is enabled, uid will be fasttryout. Format: + `https://{endpoint_id}.{region}-{uid}.prediction.vertexai.goog`. type: string - GoogleCloudAiplatformV1UploadModelOperationMetadata: - id: GoogleCloudAiplatformV1UploadModelOperationMetadata - description: Details of ModelService.UploadModel operation. - type: object - properties: - genericMetadata: - description: The common part of the operation metadata. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1UploadModelResponse: - id: GoogleCloudAiplatformV1UploadModelResponse - description: Response message of ModelService.UploadModel operation. - type: object - properties: - model: + labels: description: >- - The name of the uploaded Model resource. Format: - `projects/{project}/locations/{location}/models/{model}` + The labels with user-defined metadata to organize your Endpoints. + Label keys and values can be no longer than 64 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. See + https://goo.gl/xmQnxf for more information and examples of labels. + type: object + additionalProperties: + type: string + encryptionSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + description: >- + Customer-managed encryption key spec for an Endpoint. If set, this + Endpoint and all sub-resources of this Endpoint will be secured by + this key. + modelDeploymentMonitoringJob: + readOnly: true + description: >- + Output only. Resource name of the Model Monitoring job associated + with this Endpoint if monitoring is enabled by + JobService.CreateModelDeploymentMonitoringJob. Format: + `projects/{project}/locations/{location}/modelDeploymentMonitoringJobs/{model_deployment_monitoring_job}` type: string - modelVersionId: - description: Output only. The version ID of the model that is uploaded. + createTime: readOnly: true + description: Output only. Timestamp when this Endpoint was created. + format: google-datetime type: string - GoogleCloudAiplatformV1CopyModelOperationMetadata: - id: GoogleCloudAiplatformV1CopyModelOperationMetadata - description: Details of ModelService.CopyModel operation. - type: object - properties: - genericMetadata: - description: The common part of the operation metadata. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1CopyModelResponse: - id: GoogleCloudAiplatformV1CopyModelResponse - description: Response message of ModelService.CopyModel operation. - type: object + dedicatedEndpointEnabled: + description: >- + If true, the endpoint will be exposed through a dedicated DNS + [Endpoint.dedicated_endpoint_dns]. Your request to the dedicated DNS + will be isolated from other users' traffic and will have better + performance and reliability. Note: Once you enabled dedicated + endpoint, you won't be able to send request to the shared DNS + {region}-aiplatform.googleapis.com. The limitation will be removed + soon. + type: boolean + GoogleCloudAiplatformV1BatchPredictionJobOutputInfo: properties: - model: + bigqueryOutputTable: description: >- - The name of the copied Model resource. Format: - `projects/{project}/locations/{location}/models/{model}` + Output only. The name of the BigQuery table created, in + `predictions_` format, into which the prediction output is written. + Can be used by UI to generate the BigQuery output path, for example. type: string - modelVersionId: - description: Output only. The version ID of the model that is copied. + readOnly: true + gcsOutputDirectory: readOnly: true type: string - GoogleCloudAiplatformV1SchemaModelevaluationMetricsBoundingBoxMetrics: - id: GoogleCloudAiplatformV1SchemaModelevaluationMetricsBoundingBoxMetrics - description: >- - Bounding box matching model metrics for a single intersection-over-union - threshold and multiple label match confidence thresholds. + description: >- + Output only. The full path of the Cloud Storage directory created, + into which the prediction output is written. + bigqueryOutputDataset: + type: string + description: >- + Output only. The path of the BigQuery dataset created, in + `bq://projectId.bqDatasetId` format, into which the prediction + output is written. + readOnly: true + id: GoogleCloudAiplatformV1BatchPredictionJobOutputInfo type: object + description: Further describes this job's output. Supplements output_config. + GoogleCloudAiplatformV1NotebookReservationAffinity: + id: GoogleCloudAiplatformV1NotebookReservationAffinity properties: - iouThreshold: + values: + type: array description: >- - The intersection-over-union threshold value used to compute this - metrics entry. - type: number - format: float - meanAveragePrecision: - description: The mean average precision, most often close to `auPrc`. - type: number - format: float - confidenceMetrics: + Optional. Corresponds to the label values of a reservation resource. + This must be the full path name of Reservation. + items: + type: string + key: + type: string description: >- - Metrics for each label-match confidence_threshold from - 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99. Precision-recall curve is - derived from them. + Optional. Corresponds to the label key of a reservation resource. To + target a RESERVATION_SPECIFIC by name, use + compute.googleapis.com/reservation-name as the key and specify the + name of your reservation as its value. + consumeReservationType: + type: string + enum: + - RESERVATION_AFFINITY_TYPE_UNSPECIFIED + - RESERVATION_NONE + - RESERVATION_ANY + - RESERVATION_SPECIFIC + enumDescriptions: + - Default type. + - Do not consume from any allocated capacity. + - Consume any reservation available. + - >- + Must consume from a specific reservation. Must specify key value + fields for specifying the reservations. + description: >- + Required. Specifies the type of reservation from which this instance + can consume resources: RESERVATION_ANY (default), + RESERVATION_SPECIFIC, or RESERVATION_NONE. See Consuming reserved + instances for examples. + description: Notebook Reservation Affinity for consuming Zonal reservation. + type: object + GoogleCloudAiplatformV1ToolParameterKeyMatchResults: + id: GoogleCloudAiplatformV1ToolParameterKeyMatchResults + type: object + properties: + toolParameterKeyMatchMetricValues: type: array + description: Output only. Tool parameter key match metric values. + readOnly: true items: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsBoundingBoxMetricsConfidenceMetrics - GoogleCloudAiplatformV1SchemaModelevaluationMetricsBoundingBoxMetricsConfidenceMetrics: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsBoundingBoxMetricsConfidenceMetrics - description: Metrics for a single confidence threshold. - type: object - properties: - confidenceThreshold: - description: The confidence threshold value used to compute the metrics. - type: number - format: float - recall: - description: Recall under the given confidence threshold. - type: number - format: float - precision: - description: Precision under the given confidence threshold. - type: number - format: float - f1Score: - description: The harmonic mean of recall and precision. - type: number - format: float - GoogleCloudAiplatformV1SchemaModelevaluationMetricsClassificationEvaluationMetrics: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsClassificationEvaluationMetrics - description: Metrics for classification evaluation results. - type: object + #/components/schemas/GoogleCloudAiplatformV1ToolParameterKeyMatchMetricValue + description: Results for tool parameter key match metric. + CloudAiLargeModelsVisionRaiInfo: properties: - auPrc: - description: >- - The Area Under Precision-Recall Curve metric. Micro-averaged for the - overall evaluation. - type: number - format: float - auRoc: + scores: + items: + type: number + format: float description: >- - The Area Under Receiver Operating Characteristic curve metric. - Micro-averaged for the overall evaluation. - type: number - format: float - logLoss: - description: The Log Loss metric. - type: number - format: float - confidenceMetrics: + List of rai scores mapping to the rai categories. Rounded to 1 + decimal place. + type: array + raiCategories: + description: List of rai categories' information to return + type: array + items: + type: string + modelName: + type: string description: >- - Metrics for each `confidenceThreshold` in - 0.00,0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 and `positionThreshold` - = INT32_MAX_VALUE. ROC and precision-recall curves, and other - aggregated metrics are derived from them. The confidence metrics - entries may also be supplied for additional values of - `positionThreshold`, but from these no aggregated metrics are - computed. + The model name used to indexing into the RaiFilterConfig map. Would + either be one of imagegeneration@002-006, imagen-3.0-... api + endpoint names, or internal names used for mapping to different + filter configs (genselfie, ai_watermark) than its api endpoint. + blockedEntities: + description: List of blocked entities from the blocklist if it is detected. type: array items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsClassificationEvaluationMetricsConfidenceMetrics - confusionMatrix: - description: Confusion matrix of the evaluation. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrix - GoogleCloudAiplatformV1SchemaModelevaluationMetricsClassificationEvaluationMetricsConfidenceMetrics: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsClassificationEvaluationMetricsConfidenceMetrics + type: string + detectedLabels: + items: + $ref: '#/components/schemas/CloudAiLargeModelsVisionRaiInfoDetectedLabels' + description: The list of detected labels for different rai categories. + type: array + description: 'Next ID: 6' + id: CloudAiLargeModelsVisionRaiInfo type: object + GoogleCloudAiplatformV1FeatureOnlineStoreBigtableAutoScaling: properties: - confidenceThreshold: + minNodeCount: + type: integer + format: int32 description: >- - Metrics are computed with an assumption that the Model never returns - predictions with score lower than this value. - type: number - format: float - maxPredictions: + Required. The minimum number of nodes to scale down to. Must be + greater than or equal to 1. + cpuUtilizationTarget: + format: int32 description: >- - Metrics are computed with an assumption that the Model always - returns at most this many predictions (ordered by their score, - descendingly), but they all still need to meet the - `confidenceThreshold`. + Optional. A percentage of the cluster's CPU capacity. Can be from + 10% to 80%. When a cluster's CPU utilization exceeds the target that + you have set, Bigtable immediately adds nodes to the cluster. When + CPU utilization is substantially lower than the target, Bigtable + removes nodes. If not set will default to 50%. + type: integer + maxNodeCount: type: integer format: int32 - recall: - description: Recall (True Positive Rate) for the given confidence threshold. - type: number - format: float - precision: - description: Precision for the given confidence threshold. - type: number - format: float - falsePositiveRate: - description: False Positive Rate for the given confidence threshold. - type: number - format: float - f1Score: description: >- - The harmonic mean of recall and precision. For summary metrics, it - computes the micro-averaged F1 score. - type: number - format: float - f1ScoreMicro: - description: Micro-averaged F1 Score. - type: number - format: float - f1ScoreMacro: - description: Macro-averaged F1 Score. - type: number - format: float - recallAt1: + Required. The maximum number of nodes to scale up to. Must be + greater than or equal to min_node_count, and less than or equal to + 10 times of 'min_node_count'. + type: object + id: GoogleCloudAiplatformV1FeatureOnlineStoreBigtableAutoScaling + GoogleCloudAiplatformV1CreateIndexOperationMetadata: + id: GoogleCloudAiplatformV1CreateIndexOperationMetadata + description: Runtime operation information for IndexService.CreateIndex. + type: object + properties: + nearestNeighborSearchOperationMetadata: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NearestNeighborSearchOperationMetadata description: >- - The Recall (True Positive Rate) when only considering the label that - has the highest prediction score and not below the confidence - threshold for each DataItem. - type: number - format: float - precisionAt1: + The operation metadata with regard to Matching Engine Index + operation. + genericMetadata: + description: The operation generic information. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + GoogleCloudAiplatformV1WriteTensorboardExperimentDataResponse: + type: object + id: GoogleCloudAiplatformV1WriteTensorboardExperimentDataResponse + description: Response message for TensorboardService.WriteTensorboardExperimentData. + properties: {} + GoogleCloudAiplatformV1GenAiAdvancedFeaturesConfigRagConfig: + type: object + id: GoogleCloudAiplatformV1GenAiAdvancedFeaturesConfigRagConfig + description: Configuration for Retrieval Augmented Generation feature. + properties: + enableRag: description: >- - The precision when only considering the label that has the highest - prediction score and not below the confidence threshold for each - DataItem. - type: number - format: float - falsePositiveRateAt1: + If true, enable Retrieval Augmented Generation in ChatCompletion + request. Once enabled, the endpoint will be identified as GenAI + endpoint and Arthedain router will be used. + type: boolean + GoogleCloudAiplatformV1ModelEvaluationModelEvaluationExplanationSpec: + id: GoogleCloudAiplatformV1ModelEvaluationModelEvaluationExplanationSpec + type: object + properties: + explanationSpec: + description: Explanation spec details. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplanationSpec' + explanationType: + type: string description: >- - The False Positive Rate when only considering the label that has the - highest prediction score and not below the confidence threshold for - each DataItem. - type: number - format: float - f1ScoreAt1: - description: The harmonic mean of recallAt1 and precisionAt1. - type: number - format: float - truePositiveCount: - description: The number of Model created labels that match a ground truth label. + Explanation type. For AutoML Image Classification models, possible + values are: * `image-integrated-gradients` * `image-xrai` + GoogleCloudAiplatformV1RagRetrievalConfigRanking: + description: Config for ranking and reranking. + type: object + properties: + llmRanker: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RagRetrievalConfigRankingLlmRanker + description: Optional. Config for LlmRanker. + rankService: + description: Optional. Config for Rank Service. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RagRetrievalConfigRankingRankService + id: GoogleCloudAiplatformV1RagRetrievalConfigRanking + GoogleCloudAiplatformV1GroundednessInput: + type: object + properties: + metricSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundednessSpec' + description: Required. Spec for groundedness metric. + instance: + description: Required. Groundedness instance. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundednessInstance' + id: GoogleCloudAiplatformV1GroundednessInput + description: Input for groundedness metric. + GoogleCloudAiplatformV1SavedQuery: + id: GoogleCloudAiplatformV1SavedQuery + description: >- + A SavedQuery is a view of the dataset. It references a subset of + annotations by problem type and filters. + properties: + updateTime: type: string - format: int64 - falsePositiveCount: + format: google-datetime + readOnly: true + description: Output only. Timestamp when SavedQuery was last updated. + annotationSpecCount: + format: int32 + type: integer description: >- - The number of Model created labels that do not match a ground truth - label. + Output only. Number of AnnotationSpecs in the context of the + SavedQuery. + readOnly: true + supportAutomlTraining: + description: >- + Output only. If the Annotations belonging to the SavedQuery can be + used for AutoML training. + type: boolean + readOnly: true + annotationFilter: type: string - format: int64 - falseNegativeCount: + description: Output only. Filters on the Annotations in the dataset. + readOnly: true + problemType: description: >- - The number of ground truth labels that are not matched by a Model - created label. + Required. Problem type of the SavedQuery. Allowed values: * + IMAGE_CLASSIFICATION_SINGLE_LABEL * IMAGE_CLASSIFICATION_MULTI_LABEL + * IMAGE_BOUNDING_POLY * IMAGE_BOUNDING_BOX * + TEXT_CLASSIFICATION_SINGLE_LABEL * TEXT_CLASSIFICATION_MULTI_LABEL * + TEXT_EXTRACTION * TEXT_SENTIMENT * VIDEO_CLASSIFICATION * + VIDEO_OBJECT_TRACKING type: string - format: int64 - trueNegativeCount: + displayName: description: >- - The number of labels that were not created by the Model, but if they - would, they would not match a ground truth label. + Required. The user-defined name of the SavedQuery. The name can be + up to 128 characters long and can consist of any UTF-8 characters. type: string - format: int64 - confusionMatrix: - description: Confusion matrix of the evaluation for this confidence_threshold. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrix - GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrix: - id: GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrix + etag: + type: string + description: >- + Used to perform a consistent read-modify-write update. If not set, a + blind "overwrite" update happens. + metadata: + description: Some additional information about the SavedQuery. + type: any + createTime: + format: google-datetime + description: Output only. Timestamp when this SavedQuery was created. + readOnly: true + type: string + name: + readOnly: true + type: string + description: Output only. Resource name of the SavedQuery. type: object + GoogleCloudAiplatformV1SchemaTextSentimentAnnotation: properties: - annotationSpecs: + sentiment: + description: The sentiment score for text. + format: int32 + type: integer + annotationSpecId: description: >- - AnnotationSpecs used in the confusion matrix. For AutoML Text - Extraction, a special negative AnnotationSpec with empty `id` and - `displayName` of "NULL" will be added as the last element. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrixAnnotationSpecRef - rows: + The resource Id of the AnnotationSpec that this Annotation pertains + to. + type: string + displayName: description: >- - Rows in the confusion matrix. The number of rows is equal to the - size of `annotationSpecs`. `rowsi` is the number of DataItems that - have ground truth of the `annotationSpecs[i]` and are predicted as - `annotationSpecs[j]` by the Model being evaluated. For Text - Extraction, when `annotationSpecs[i]` is the last element in - `annotationSpecs`, i.e. the special negative AnnotationSpec, `rowsi` - is the number of predicted entities of `annoatationSpec[j]` that are - not labeled as any of the ground truth AnnotationSpec. When - annotationSpecs[j] is the special negative AnnotationSpec, `rowsi` - is the number of entities have ground truth of `annotationSpec[i]` - that are not predicted as an entity by the Model. The value of the - last cell, i.e. `rowi` where i == j and `annotationSpec[i]` is the - special negative AnnotationSpec, is always 0. - type: array - items: - type: array - items: - type: any - GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrixAnnotationSpecRef: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrixAnnotationSpecRef + The display name of the AnnotationSpec that this Annotation pertains + to. + type: string + sentimentMax: + type: integer + format: int32 + description: The sentiment max score for text. + description: Annotation details specific to text sentiment. + type: object + id: GoogleCloudAiplatformV1SchemaTextSentimentAnnotation + GoogleCloudAiplatformV1RagCorpus: + id: GoogleCloudAiplatformV1RagCorpus + description: >- + A RagCorpus is a RagFile container and a project can have multiple + RagCorpora. type: object properties: - id: - description: ID of the AnnotationSpec. + name: + description: Output only. The resource name of the RagCorpus. + type: string + readOnly: true + encryptionSpec: + description: >- + Optional. Immutable. The CMEK key name used to encrypt at-rest data + related to this Corpus. Only applicable to RagManagedDb option for + Vector DB. This field can only be set at corpus creation time, and + cannot be updated or deleted. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + updateTime: type: string + format: google-datetime + description: Output only. Timestamp when this RagCorpus was last updated. + readOnly: true + createTime: + readOnly: true + format: google-datetime + type: string + description: Output only. Timestamp when this RagCorpus was created. + vectorDbConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagVectorDbConfig' + description: Optional. Immutable. The config for the Vector DBs. displayName: - description: Display name of the AnnotationSpec. type: string - GoogleCloudAiplatformV1SchemaModelevaluationMetricsForecastingEvaluationMetrics: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsForecastingEvaluationMetrics - description: Metrics for forecasting evaluation results. + description: >- + Required. The display name of the RagCorpus. The name can be up to + 128 characters long and can consist of any UTF-8 characters. + satisfiesPzs: + readOnly: true + type: boolean + description: Output only. Reserved for future use. + description: + type: string + description: Optional. The description of the RagCorpus. + vertexAiSearchConfig: + description: Optional. Immutable. The config for the Vertex AI Search. + $ref: '#/components/schemas/GoogleCloudAiplatformV1VertexAiSearchConfig' + corpusStatus: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CorpusStatus' + readOnly: true + description: Output only. RagCorpus state. + satisfiesPzi: + readOnly: true + type: boolean + description: Output only. Reserved for future use. + GoogleCloudAiplatformV1TensorboardTimeSeries: + id: GoogleCloudAiplatformV1TensorboardTimeSeries type: object + description: TensorboardTimeSeries maps to times series produced in training runs properties: - rootMeanSquaredError: - description: Root Mean Squared Error (RMSE). - type: number - format: float - meanAbsoluteError: - description: Mean Absolute Error (MAE). - type: number - format: float - meanAbsolutePercentageError: + pluginName: description: >- - Mean absolute percentage error. Infinity when there are zeros in the - ground truth. - type: number - format: float - rSquared: + Immutable. Name of the plugin this time series pertain to. Such as + Scalar, Tensor, Blob + type: string + updateTime: + format: google-datetime + type: string description: >- - Coefficient of determination as Pearson correlation coefficient. - Undefined when ground truth or predictions are constant or near - constant. - type: number - format: float - rootMeanSquaredLogError: + Output only. Timestamp when this TensorboardTimeSeries was last + updated. + readOnly: true + description: + type: string + description: Description of this TensorboardTimeSeries. + displayName: + type: string description: >- - Root mean squared log error. Undefined when there are negative - ground truth values or predictions. - type: number - format: float - quantileMetrics: - description: The quantile metrics entries for each quantile. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsForecastingEvaluationMetricsQuantileMetricsEntry - weightedAbsolutePercentageError: + Required. User provided name of this TensorboardTimeSeries. This + value should be unique among all TensorboardTimeSeries resources + belonging to the same TensorboardRun resource (parent resource). + etag: + type: string description: >- - Weighted Absolute Percentage Error. Does not use weights, this is - just what the metric is called. Undefined if actual values sum to - zero. Will be very large if actual values sum to a very small - number. - type: number - format: float - rootMeanSquaredPercentageError: + Used to perform a consistent read-modify-write updates. If not set, + a blind "overwrite" update happens. + metadata: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeriesMetadata + readOnly: true description: >- - Root Mean Square Percentage Error. Square root of MSPE. - Undefined/imaginary when MSPE is negative. - type: number - format: float - GoogleCloudAiplatformV1SchemaModelevaluationMetricsForecastingEvaluationMetricsQuantileMetricsEntry: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsForecastingEvaluationMetricsQuantileMetricsEntry - description: Entry for the Quantiles loss type optimization objective. - type: object + Output only. Scalar, Tensor, or Blob metadata for this + TensorboardTimeSeries. + pluginData: + format: byte + type: string + description: Data of the current plugin, with the size limited to 65KB. + name: + readOnly: true + description: Output only. Name of the TensorboardTimeSeries. + type: string + valueType: + description: Required. Immutable. Type of TensorboardTimeSeries value. + enum: + - VALUE_TYPE_UNSPECIFIED + - SCALAR + - TENSOR + - BLOB_SEQUENCE + type: string + enumDescriptions: + - The value type is unspecified. + - >- + Used for TensorboardTimeSeries that is a list of scalars. E.g. + accuracy of a model over epochs/time. + - >- + Used for TensorboardTimeSeries that is a list of tensors. E.g. + histograms of weights of layer in a model over epoch/time. + - >- + Used for TensorboardTimeSeries that is a list of blob sequences. + E.g. set of sample images with labels over epochs/time. + createTime: + type: string + description: Output only. Timestamp when this TensorboardTimeSeries was created. + readOnly: true + format: google-datetime + GoogleCloudAiplatformV1SupervisedTuningDatasetDistributionDatasetBucket: + id: GoogleCloudAiplatformV1SupervisedTuningDatasetDistributionDatasetBucket properties: - quantile: - description: The quantile for this entry. - type: number + left: format: double - scaledPinballLoss: - description: The scaled pinball loss of this quantile. type: number - format: float - observedQuantile: - description: >- - This is a custom metric that calculates the percentage of true - values that were less than the predicted value for that quantile. - Only populated when optimization_objective is minimize-quantile-loss - and each entry corresponds to an entry in quantiles The percent - value can be used to compare with the quantile value, which is the - target value. + description: Output only. Left bound of the bucket. + readOnly: true + right: + format: double type: number + description: Output only. Right bound of the bucket. + readOnly: true + count: format: double - GoogleCloudAiplatformV1SchemaModelevaluationMetricsGeneralTextGenerationEvaluationMetrics: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsGeneralTextGenerationEvaluationMetrics + description: Output only. Number of values in the bucket. + type: number + readOnly: true + type: object + description: >- + Dataset bucket used to create a histogram for the distribution given a + population of values. + GoogleCloudAiplatformV1EnvVar: + description: >- + Represents an environment variable present in a Container or Python + Module. type: object properties: - bleu: + value: description: >- - BLEU (bilingual evaluation understudy) scores based on sacrebleu - implementation. - type: number - format: float - rougeLSum: - description: ROUGE-L (Longest Common Subsequence) scoring at summary level. - type: number - format: float - GoogleCloudAiplatformV1SchemaModelevaluationMetricsImageObjectDetectionEvaluationMetrics: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsImageObjectDetectionEvaluationMetrics - description: Metrics for image object detection evaluation results. + Required. Variables that reference a $(VAR_NAME) are expanded using + the previous defined environment variables in the container and any + service environment variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. The $(VAR_NAME) + syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped + references will never be expanded, regardless of whether the + variable exists or not. + type: string + name: + description: >- + Required. Name of the environment variable. Must be a valid C + identifier. + type: string + id: GoogleCloudAiplatformV1EnvVar + GoogleCloudAiplatformV1ReasoningEngineContextSpec: type: object properties: - evaluatedBoundingBoxCount: - description: >- - The total number of bounding boxes (i.e. summed over all images) the - ground truth used to create this evaluation had. - type: integer - format: int32 - boundingBoxMetrics: + memoryBankConfig: description: >- - The bounding boxes match metrics for each intersection-over-union - threshold 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 and each label - confidence threshold 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 pair. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsBoundingBoxMetrics - boundingBoxMeanAveragePrecision: + Optional. Specification for a Memory Bank, which manages memories + for the Agent Engine. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReasoningEngineContextSpecMemoryBankConfig + description: Configuration for how Agent Engine sub-resources should manage context. + id: GoogleCloudAiplatformV1ReasoningEngineContextSpec + GoogleCloudAiplatformV1CreateEndpointOperationMetadata: + id: GoogleCloudAiplatformV1CreateEndpointOperationMetadata + properties: + deploymentStage: description: >- - The single metric for bounding boxes evaluation: the - `meanAveragePrecision` averaged over all - `boundingBoxMetricsEntries`. - type: number - format: float - GoogleCloudAiplatformV1SchemaModelevaluationMetricsImageSegmentationEvaluationMetrics: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsImageSegmentationEvaluationMetrics - description: Metrics for image segmentation evaluation results. + Output only. The deployment stage of the model. Only populated if + this CreateEndpoint request deploys a model at the same time. + enum: + - DEPLOYMENT_STAGE_UNSPECIFIED + - STARTING_DEPLOYMENT + - PREPARING_MODEL + - CREATING_SERVING_CLUSTER + - ADDING_NODES_TO_CLUSTER + - GETTING_CONTAINER_IMAGE + - STARTING_MODEL_SERVER + - FINISHING_UP + - DEPLOYMENT_TERMINATED + - SUCCESSFULLY_DEPLOYED + - FAILED_TO_DEPLOY + readOnly: true + enumDescriptions: + - Default value. This value is unused. + - The deployment is initializing and setting up the environment. + - The deployment is preparing the model assets. + - The deployment is creating the underlying serving cluster. + - The deployment is adding nodes to the serving cluster. + - >- + The deployment is getting the container image for the model + server. + - The deployment is starting the model server. + - The deployment is performing finalization steps. + - The deployment has terminated. + - The deployment has succeeded. + - The deployment has failed. + type: string + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: The operation generic information. + type: object + description: Runtime operation information for EndpointService.CreateEndpoint. + GoogleCloudAiplatformV1EvaluationResults: type: object + description: The results of the evaluation run. properties: - confidenceMetricsEntries: + evaluationSet: + type: string + description: The evaluation set where item level results are stored. + summaryMetrics: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SummaryMetrics' + description: Optional. The summary metrics for the evaluation run. + id: GoogleCloudAiplatformV1EvaluationResults + GoogleCloudAiplatformV1FeatureViewBigQuerySource: + properties: + uri: description: >- - Metrics for each confidenceThreshold in - 0.00,0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 Precision-recall curve - can be derived from it. - type: array + Required. The BigQuery view URI that will be materialized on each + sync trigger based on FeatureView.SyncConfig. + type: string + entityIdColumns: + description: Required. Columns to construct entity_id / row keys. items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsImageSegmentationEvaluationMetricsConfidenceMetricsEntry - GoogleCloudAiplatformV1SchemaModelevaluationMetricsImageSegmentationEvaluationMetricsConfidenceMetricsEntry: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsImageSegmentationEvaluationMetricsConfidenceMetricsEntry + type: string + type: array type: object - properties: - confidenceThreshold: - description: >- - Metrics are computed with an assumption that the model never returns - predictions with score lower than this value. - type: number - format: float - recall: - description: Recall (True Positive Rate) for the given confidence threshold. - type: number - format: float - precision: - description: Precision for the given confidence threshold. - type: number - format: float - diceScoreCoefficient: - description: DSC or the F1 score, The harmonic mean of recall and precision. - type: number - format: float - iouScore: - description: >- - The intersection-over-union score. The measure of overlap of the - annotation's category mask with ground truth category mask on the - DataItem. - type: number - format: float - confusionMatrix: - description: Confusion matrix for the given confidence threshold. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrix - GoogleCloudAiplatformV1SchemaModelevaluationMetricsQuestionAnsweringEvaluationMetrics: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsQuestionAnsweringEvaluationMetrics + id: GoogleCloudAiplatformV1FeatureViewBigQuerySource + GoogleCloudAiplatformV1ResourceRuntime: type: object + id: GoogleCloudAiplatformV1ResourceRuntime properties: - exactMatch: + accessUris: + readOnly: true + type: object + additionalProperties: + type: string description: >- - The rate at which the input predicted strings exactly match their - references. - type: number - format: float - GoogleCloudAiplatformV1SchemaModelevaluationMetricsRegressionEvaluationMetrics: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsRegressionEvaluationMetrics - description: Metrics for regression evaluation results. - type: object + Output only. URIs for user to connect to the Cluster. Example: { + "RAY_HEAD_NODE_INTERNAL_IP": "head-node-IP:10001" + "RAY_DASHBOARD_URI": "ray-dashboard-address:8888" } + description: Persistent Cluster runtime information as output + GoogleCloudAiplatformV1SupervisedTuningSpec: + description: Tuning Spec for Supervised Tuning for first party models. properties: - rootMeanSquaredError: - description: Root Mean Squared Error (RMSE). - type: number - format: float - meanAbsoluteError: - description: Mean Absolute Error (MAE). - type: number - format: float - meanAbsolutePercentageError: + trainingDatasetUri: + type: string description: >- - Mean absolute percentage error. Infinity when there are zeros in the - ground truth. - type: number - format: float - rSquared: + Required. Training dataset used for tuning. The dataset can be + specified as either a Cloud Storage path to a JSONL file or as the + resource name of a Vertex Multimodal Dataset. + validationDatasetUri: + type: string description: >- - Coefficient of determination as Pearson correlation coefficient. - Undefined when ground truth or predictions are constant or near - constant. - type: number - format: float - rootMeanSquaredLogError: + Optional. Validation dataset used for tuning. The dataset can be + specified as either a Cloud Storage path to a JSONL file or as the + resource name of a Vertex Multimodal Dataset. + exportLastCheckpointOnly: + type: boolean description: >- - Root mean squared log error. Undefined when there are negative - ground truth values or predictions. - type: number - format: float - GoogleCloudAiplatformV1SchemaModelevaluationMetricsSummarizationEvaluationMetrics: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsSummarizationEvaluationMetrics + Optional. If set to true, disable intermediate checkpoints for SFT + and only the last checkpoint will be exported. Otherwise, enable + intermediate checkpoints for SFT. Default is false. + hyperParameters: + description: Optional. Hyperparameters for SFT. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SupervisedHyperParameters + id: GoogleCloudAiplatformV1SupervisedTuningSpec type: object - properties: - rougeLSum: - description: ROUGE-L (Longest Common Subsequence) scoring at summary level. - type: number - format: float - GoogleCloudAiplatformV1SchemaModelevaluationMetricsTextExtractionEvaluationMetrics: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsTextExtractionEvaluationMetrics - description: Metrics for text extraction evaluation results. + GoogleCloudAiplatformV1GroundednessInstance: + id: GoogleCloudAiplatformV1GroundednessInstance type: object + description: Spec for groundedness instance. properties: - confidenceMetrics: - description: >- - Metrics that have confidence thresholds. Precision-recall curve can - be derived from them. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsTextExtractionEvaluationMetricsConfidenceMetrics - confusionMatrix: + context: + type: string description: >- - Confusion matrix of the evaluation. Only set for Models where number - of AnnotationSpecs is no more than 10. Only set for - ModelEvaluations, not for ModelEvaluationSlices. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrix - GoogleCloudAiplatformV1SchemaModelevaluationMetricsTextExtractionEvaluationMetricsConfidenceMetrics: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsTextExtractionEvaluationMetricsConfidenceMetrics - type: object + Required. Background information provided in context used to compare + against the prediction. + prediction: + type: string + description: Required. Output of the evaluated model. + GoogleCloudAiplatformV1EvaluationRunEvaluationConfigAutoraterConfig: + id: GoogleCloudAiplatformV1EvaluationRunEvaluationConfigAutoraterConfig + description: The autorater config used for the evaluation run. properties: - confidenceThreshold: + generationConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenerationConfig' + description: Optional. Configuration options for model generation and outputs. + sampleCount: + format: int32 + type: integer description: >- - Metrics are computed with an assumption that the Model never returns - predictions with score lower than this value. - type: number - format: float - recall: - description: Recall (True Positive Rate) for the given confidence threshold. - type: number - format: float - precision: - description: Precision for the given confidence threshold. - type: number - format: float - f1Score: - description: The harmonic mean of recall and precision. - type: number - format: float - GoogleCloudAiplatformV1SchemaModelevaluationMetricsTextSentimentEvaluationMetrics: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsTextSentimentEvaluationMetrics - description: Model evaluation metrics for text sentiment problems. + Optional. Number of samples for each instance in the dataset. If not + specified, the default is 4. Minimum value is 1, maximum value is + 32. + autoraterModel: + description: >- + Optional. The fully qualified name of the publisher model or tuned + autorater endpoint to use. Publisher model format: + `projects/{project}/locations/{location}/publishers/*/models/*` + Tuned model endpoint format: + `projects/{project}/locations/{location}/endpoints/{endpoint}` + type: string + type: object + GoogleCloudAiplatformV1MetricxInstance: type: object + id: GoogleCloudAiplatformV1MetricxInstance properties: - precision: - description: Precision. - type: number - format: float - recall: - description: Recall. - type: number - format: float - f1Score: - description: The harmonic mean of recall and precision. - type: number - format: float - meanAbsoluteError: - description: >- - Mean absolute error. Only set for ModelEvaluations, not for - ModelEvaluationSlices. - type: number - format: float - meanSquaredError: - description: >- - Mean squared error. Only set for ModelEvaluations, not for - ModelEvaluationSlices. - type: number - format: float - linearKappa: - description: >- - Linear weighted kappa. Only set for ModelEvaluations, not for - ModelEvaluationSlices. - type: number - format: float - quadraticKappa: - description: >- - Quadratic weighted kappa. Only set for ModelEvaluations, not for - ModelEvaluationSlices. - type: number - format: float - confusionMatrix: - description: >- - Confusion matrix of the evaluation. Only set for ModelEvaluations, - not for ModelEvaluationSlices. + reference: + description: Optional. Ground truth used to compare against the prediction. + type: string + source: + type: string + description: Optional. Source text in original language. + prediction: + type: string + description: Required. Output of the evaluated model. + description: >- + Spec for MetricX instance - The fields used for evaluation are dependent + on the MetricX version. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextClassification: + properties: + inputs: + description: The input parameters of this TrainingJob. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrix - GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoActionRecognitionMetrics: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoActionRecognitionMetrics - description: Model evaluation metrics for video action recognition. + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextClassificationInputs type: object + description: >- + A TrainingJob that trains and uploads an AutoML Text Classification + Model. + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextClassification + GoogleCloudAiplatformV1SchemaPredictPredictionClassificationPredictionResult: properties: - evaluatedActionCount: - description: The number of ground truth actions used to create this evaluation. - type: integer - format: int32 - videoActionMetrics: - description: 'The metric entries for precision window lengths: 1s,2s,3s.' + displayNames: type: array items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoActionMetrics - GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoActionMetrics: - id: GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoActionMetrics - description: The Evaluation metrics given a specific precision_window_length. - type: object - properties: - precisionWindowLength: + type: string description: >- - This VideoActionMetrics is calculated based on this prediction - window length. If the predicted action's timestamp is inside the - time window whose center is the ground truth action's timestamp with - this specific length, the prediction result is treated as a true - positive. - type: string - format: google-duration - meanAveragePrecision: - description: The mean average precision. - type: number - format: float - confidenceMetrics: + The display names of the AnnotationSpecs that had been identified, + order matches the IDs. + confidences: + items: + type: number + format: float + type: array description: >- - Metrics for each label-match confidence_threshold from - 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99. + The Model's confidences in correctness of the predicted IDs, higher + value means higher confidence. Order matches the Ids. + ids: type: array items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoActionMetricsConfidenceMetrics - GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoActionMetricsConfidenceMetrics: + type: string + format: int64 + description: The resource IDs of the AnnotationSpecs that had been identified. + type: object + description: Prediction output format for Image and Text Classification. id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoActionMetricsConfidenceMetrics - description: Metrics for a single confidence threshold. + GoogleCloudAiplatformV1SchemaPredictPredictionClassificationPredictionResult + GoogleCloudAiplatformV1StudySpecDecayCurveAutomatedStoppingSpec: type: object properties: - confidenceThreshold: + useElapsedDuration: + type: boolean description: >- - Output only. The confidence threshold value used to compute the - metrics. - type: number - format: float - recall: - description: Output only. Recall for the given confidence threshold. - type: number - format: float - precision: - description: Output only. Precision for the given confidence threshold. - type: number - format: float - f1Score: - description: Output only. The harmonic mean of recall and precision. + True if Measurement.elapsed_duration is used as the x-axis of each + Trials Decay Curve. Otherwise, Measurement.step_count will be used + as the x-axis. + id: GoogleCloudAiplatformV1StudySpecDecayCurveAutomatedStoppingSpec + description: >- + The decay curve automated stopping rule builds a Gaussian Process + Regressor to predict the final objective value of a Trial based on the + already completed Trials and the intermediate measurements of the + current Trial. Early stopping is requested for the current Trial if + there is very low probability to exceed the optimal value found so far. + GoogleCloudAiplatformV1SummarizationVerbosityInput: + type: object + id: GoogleCloudAiplatformV1SummarizationVerbosityInput + properties: + instance: + description: Required. Summarization verbosity instance. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SummarizationVerbosityInstance + metricSpec: + description: Required. Spec for summarization verbosity score metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SummarizationVerbositySpec + description: Input for summarization verbosity metric. + GoogleCloudAiplatformV1ToolParameterKVMatchMetricValue: + id: GoogleCloudAiplatformV1ToolParameterKVMatchMetricValue + description: Tool parameter key value match metric value for an instance. + type: object + properties: + score: type: number + readOnly: true format: float - GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoObjectTrackingMetrics: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsVideoObjectTrackingMetrics + description: Output only. Tool parameter key value match score. + GoogleCloudAiplatformV1EvaluationItem: description: >- - Model evaluation metrics for video object tracking problems. Evaluates - prediction quality of both labeled bounding boxes and labeled tracks - (i.e. series of bounding boxes sharing same label and instance ID). + EvaluationItem is a single evaluation request or result. The content of + an EvaluationItem is immutable - it cannot be updated once created. + EvaluationItems can be deleted when no longer needed. type: object + id: GoogleCloudAiplatformV1EvaluationItem properties: - evaluatedFrameCount: + gcsUri: + type: string + description: The Cloud Storage object where the request or response is stored. + error: + readOnly: true + $ref: '#/components/schemas/GoogleRpcStatus' + description: Output only. Error for the evaluation item. + metadata: + type: any + description: Optional. Metadata for the EvaluationItem. + evaluationRequest: + description: The request to evaluate. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationRequest' + displayName: + description: Required. The display name of the EvaluationItem. + type: string + name: description: >- - UNIMPLEMENTED. The number of video frames used to create this - evaluation. + Identifier. The resource name of the EvaluationItem. Format: + `projects/{project}/locations/{location}/evaluationItems/{evaluation_item}` + type: string + evaluationResponse: + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationResult' + description: Output only. The response from evaluation. + labels: + type: object + additionalProperties: + type: string + description: Optional. Labels for the EvaluationItem. + evaluationItemType: + enum: + - EVALUATION_ITEM_TYPE_UNSPECIFIED + - REQUEST + - RESULT + type: string + description: Required. The type of the EvaluationItem. + enumDescriptions: + - The default value. This value is unused. + - The EvaluationItem is a request to evaluate. + - The EvaluationItem is the result of evaluation. + createTime: + description: Output only. Timestamp when this item was created. + type: string + readOnly: true + format: google-datetime + GoogleCloudAiplatformV1UpdateExplanationDatasetOperationMetadata: + id: GoogleCloudAiplatformV1UpdateExplanationDatasetOperationMetadata + type: object + properties: + genericMetadata: + description: The common part of the operation metadata. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Runtime operation information for ModelService.UpdateExplanationDataset. + GoogleCloudAiplatformV1UsageMetadata: + id: GoogleCloudAiplatformV1UsageMetadata + type: object + properties: + cachedContentTokenCount: type: integer - format: int32 - evaluatedBoundingBoxCount: + readOnly: true description: >- - UNIMPLEMENTED. The total number of bounding boxes (i.e. summed over - all frames) the ground truth used to create this evaluation had. - type: integer + Output only. The number of tokens in the cached content that was + used for this request. format: int32 - evaluatedTrackCount: + candidatesTokensDetails: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModalityTokenCount' + type: array description: >- - UNIMPLEMENTED. The total number of tracks (i.e. as seen across all - frames) the ground truth used to create this evaluation had. + Output only. A detailed breakdown of the token count for each + modality in the generated candidates. + readOnly: true + totalTokenCount: + description: >- + The total number of tokens for the entire request. This is the sum + of `prompt_token_count`, `candidates_token_count`, + `tool_use_prompt_token_count`, and `thoughts_token_count`. type: integer format: int32 - boundingBoxMetrics: - description: >- - The bounding boxes match metrics for each intersection-over-union - threshold 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 and each label - confidence threshold 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 pair. + promptTokensDetails: type: array + readOnly: true items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsBoundingBoxMetrics - trackMetrics: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModalityTokenCount' description: >- - UNIMPLEMENTED. The tracks match metrics for each - intersection-over-union threshold - 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 and each label confidence - threshold 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 pair. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsTrackMetrics - boundingBoxMeanAveragePrecision: + Output only. A detailed breakdown of the token count for each + modality in the prompt. + candidatesTokenCount: + format: int32 + description: The total number of tokens in the generated candidates. + type: integer + toolUsePromptTokenCount: description: >- - The single metric for bounding boxes evaluation: the - `meanAveragePrecision` averaged over all `boundingBoxMetrics`. - type: number - format: float - trackMeanAveragePrecision: + Output only. The number of tokens in the results from tool + executions, which are provided back to the model as input, if + applicable. + format: int32 + type: integer + readOnly: true + promptTokenCount: + format: int32 description: >- - UNIMPLEMENTED. The single metric for tracks accuracy evaluation: the - `meanAveragePrecision` averaged over all `trackMetrics`. - type: number - format: float - trackMeanBoundingBoxIou: + The total number of tokens in the prompt. This includes any text, + images, or other media provided in the request. When + `cached_content` is set, this also includes the number of tokens in + the cached content. + type: integer + thoughtsTokenCount: + readOnly: true description: >- - UNIMPLEMENTED. The single metric for tracks bounding box iou - evaluation: the `meanBoundingBoxIou` averaged over all - `trackMetrics`. - type: number - format: float - trackMeanMismatchRate: + Output only. The number of tokens that were part of the model's + generated "thoughts" output, if applicable. + type: integer + format: int32 + toolUsePromptTokensDetails: + type: array description: >- - UNIMPLEMENTED. The single metric for tracking consistency - evaluation: the `meanMismatchRate` averaged over all `trackMetrics`. - type: number - format: float - GoogleCloudAiplatformV1SchemaModelevaluationMetricsTrackMetrics: - id: GoogleCloudAiplatformV1SchemaModelevaluationMetricsTrackMetrics + Output only. A detailed breakdown by modality of the token counts + from the results of tool executions, which are provided back to the + model as input. + readOnly: true + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModalityTokenCount' + trafficType: + type: string + description: Output only. The traffic type for this request. + readOnly: true + enumDescriptions: + - Unspecified request traffic type. + - Type for Pay-As-You-Go traffic. + - Type for Provisioned Throughput traffic. + enum: + - TRAFFIC_TYPE_UNSPECIFIED + - ON_DEMAND + - PROVISIONED_THROUGHPUT + cacheTokensDetails: + readOnly: true + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModalityTokenCount' + type: array + description: >- + Output only. A detailed breakdown of the token count for each + modality in the cached content. description: >- - UNIMPLEMENTED. Track matching model metrics for a single track match - threshold and multiple label match confidence thresholds. - type: object + Usage metadata about the content generation request and response. This + message provides a detailed breakdown of token usage and other relevant + metrics. + GoogleCloudAiplatformV1MigratableResourceDataLabelingDatasetDataLabelingAnnotatedDataset: + description: Represents one AnnotatedDataset in datalabeling.googleapis.com. properties: - iouThreshold: - description: >- - The intersection-over-union threshold value between bounding boxes - across frames used to compute this metric entry. - type: number - format: float - meanTrackingAveragePrecision: - description: The mean average precision over all confidence thresholds. - type: number - format: float - meanBoundingBoxIou: - description: The mean bounding box iou over all confidence thresholds. - type: number - format: float - meanMismatchRate: - description: The mean mismatch rate over all confidence thresholds. - type: number - format: float - confidenceMetrics: + annotatedDataset: + type: string description: >- - Metrics for each label-match `confidenceThreshold` from - 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99. Precision-recall curve is - derived from them. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsTrackMetricsConfidenceMetrics - GoogleCloudAiplatformV1SchemaModelevaluationMetricsTrackMetricsConfidenceMetrics: - id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsTrackMetricsConfidenceMetrics - description: Metrics for a single confidence threshold. + Full resource name of data labeling AnnotatedDataset. Format: + `projects/{project}/datasets/{dataset}/annotatedDatasets/{annotated_dataset}`. + annotatedDatasetDisplayName: + description: The AnnotatedDataset's display name in datalabeling.googleapis.com. + type: string type: object - properties: - confidenceThreshold: - description: The confidence threshold value used to compute the metrics. - type: number - format: float - trackingPrecision: - description: Tracking precision. - type: number - format: float - trackingRecall: - description: Tracking recall. - type: number - format: float - boundingBoxIou: - description: >- - Bounding box intersection-over-union precision. Measures how well - the bounding boxes overlap between each other (e.g. complete overlap - or just barely above iou_threshold). - type: number - format: float - mismatchRate: - description: >- - Mismatch rate, which measures the tracking consistency, i.e. - correctness of instance ID continuity. - type: number - format: float - GoogleCloudAiplatformV1SchemaModelevaluationMetricsPairwiseTextGenerationEvaluationMetrics: id: >- - GoogleCloudAiplatformV1SchemaModelevaluationMetricsPairwiseTextGenerationEvaluationMetrics - description: Metrics for general pairwise text generation evaluation results. + GoogleCloudAiplatformV1MigratableResourceDataLabelingDatasetDataLabelingAnnotatedDataset + GoogleCloudAiplatformV1MetadataSchema: type: object + description: Instance of a general MetadataSchema. + id: GoogleCloudAiplatformV1MetadataSchema properties: - modelWinRate: - description: >- - Percentage of time the autorater decided the model had the better - response. - type: number - format: float - baselineModelWinRate: - description: >- - Percentage of time the autorater decided the baseline model had the - better response. - type: number - format: float - humanPreferenceModelWinRate: - description: Percentage of time humans decided the model had the better response. - type: number - format: float - humanPreferenceBaselineModelWinRate: - description: >- - Percentage of time humans decided the baseline model had the better - response. - type: number - format: float - truePositiveCount: - description: >- - Number of examples where both the autorater and humans decided that - the model had the better response. + createTime: + format: google-datetime type: string - format: int64 - falsePositiveCount: - description: >- - Number of examples where the autorater chose the model, but humans - preferred the baseline model. + description: Output only. Timestamp when this MetadataSchema was created. + readOnly: true + description: + description: Description of the Metadata Schema type: string - format: int64 - falseNegativeCount: - description: >- - Number of examples where the autorater chose the baseline model, but - humans preferred the model. + name: type: string - format: int64 - trueNegativeCount: + description: Output only. The resource name of the MetadataSchema. + readOnly: true + schema: description: >- - Number of examples where both the autorater and humans decided that - the model had the worse response. + Required. The raw YAML string representation of the MetadataSchema. + The combination of [MetadataSchema.version] and the schema name + given by `title` in [MetadataSchema.schema] must be unique within a + MetadataStore. The schema is defined as an OpenAPI 3.0.2 + [MetadataSchema + Object](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.2.md#schemaObject) + type: string + schemaType: + enumDescriptions: + - Unspecified type for the MetadataSchema. + - >- + A type indicating that the MetadataSchema will be used by + Artifacts. + - >- + A typee indicating that the MetadataSchema will be used by + Executions. + - >- + A state indicating that the MetadataSchema will be used by + Contexts. type: string - format: int64 - accuracy: - description: Fraction of cases where the autorater agreed with the human raters. - type: number - format: float - precision: - description: >- - Fraction of cases where the autorater and humans thought the model - had a better response out of all cases where the autorater thought - the model had a better response. True positive divided by all - positive. - type: number - format: float - recall: description: >- - Fraction of cases where the autorater and humans thought the model - had a better response out of all cases where the humans thought the - model had a better response. - type: number - format: float - f1Score: - description: Harmonic mean of precision and recall. - type: number - format: float - cohensKappa: + The type of the MetadataSchema. This is a property that identifies + which metadata types will use the MetadataSchema. + enum: + - METADATA_SCHEMA_TYPE_UNSPECIFIED + - ARTIFACT_TYPE + - EXECUTION_TYPE + - CONTEXT_TYPE + schemaVersion: + type: string description: >- - A measurement of agreement between the autorater and human raters - that takes the likelihood of random agreement into account. - type: number - format: float - GoogleCloudAiplatformV1SchemaPredictInstanceImageClassificationPredictionInstance: - id: >- - GoogleCloudAiplatformV1SchemaPredictInstanceImageClassificationPredictionInstance - description: Prediction input format for Image Classification. + The version of the MetadataSchema. The version's format must match + the following regular expression: `^[0-9]+.+.+$`, which would allow + to order/compare different versions. Example: 1.0.0, 1.0.1, etc. + GoogleCloudAiplatformV1SummaryMetrics: type: object properties: - content: - description: The image bytes or Cloud Storage URI to make the prediction on. - type: string - mimeType: + metrics: + additionalProperties: + type: any + description: Optional. Map of metric name to metric value. + type: object + failedItems: + type: integer + format: int32 + description: Optional. The number of items that failed to be evaluated. + totalItems: + type: integer + format: int32 + description: Optional. The total number of items that were evaluated. + description: The summary metrics for the evaluation run. + id: GoogleCloudAiplatformV1SummaryMetrics + GoogleCloudAiplatformV1NasJobOutputMultiTrialJobOutput: + properties: + searchTrials: + type: array description: >- - The MIME type of the content of the image. Only the images in below - listed MIME types are supported. - image/jpeg - image/gif - - image/png - image/webp - image/bmp - image/tiff - - image/vnd.microsoft.icon - type: string - GoogleCloudAiplatformV1SchemaPredictInstanceImageObjectDetectionPredictionInstance: - id: >- - GoogleCloudAiplatformV1SchemaPredictInstanceImageObjectDetectionPredictionInstance - description: Prediction input format for Image Object Detection. + Output only. List of NasTrials that were started as part of search + stage. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1NasTrial' + readOnly: true + trainTrials: + description: >- + Output only. List of NasTrials that were started as part of train + stage. + readOnly: true + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1NasTrial' + description: The output of a multi-trial Neural Architecture Search (NAS) jobs. + type: object + id: GoogleCloudAiplatformV1NasJobOutputMultiTrialJobOutput + GoogleCloudAiplatformV1NasTrialDetail: type: object + description: >- + Represents a NasTrial details along with its parameters. If there is a + corresponding train NasTrial, the train NasTrial is also returned. properties: - content: - description: The image bytes or Cloud Storage URI to make the prediction on. + parameters: + description: The parameters for the NasJob NasTrial. type: string - mimeType: + trainTrial: + $ref: '#/components/schemas/GoogleCloudAiplatformV1NasTrial' description: >- - The MIME type of the content of the image. Only the images in below - listed MIME types are supported. - image/jpeg - image/gif - - image/png - image/webp - image/bmp - image/tiff - - image/vnd.microsoft.icon + The train NasTrial corresponding to search_trial. Only populated if + search_trial is used for training. + name: + description: Output only. Resource name of the NasTrialDetail. + readOnly: true type: string - GoogleCloudAiplatformV1SchemaPredictInstanceImageSegmentationPredictionInstance: - id: >- - GoogleCloudAiplatformV1SchemaPredictInstanceImageSegmentationPredictionInstance - description: Prediction input format for Image Segmentation. + searchTrial: + $ref: '#/components/schemas/GoogleCloudAiplatformV1NasTrial' + description: The requested search NasTrial. + id: GoogleCloudAiplatformV1NasTrialDetail + GoogleCloudAiplatformV1CometSpec: type: object + description: Spec for Comet metric. properties: - content: - description: The image bytes to make the predictions on. + version: type: string - mimeType: - description: >- - The MIME type of the content of the image. Only the images in below - listed MIME types are supported. - image/jpeg - image/png + enum: + - COMET_VERSION_UNSPECIFIED + - COMET_22_SRC_REF + enumDescriptions: + - Comet version unspecified. + - >- + Comet 22 for translation + source + reference + (source-reference-combined). + description: Required. Which version to use for evaluation. + sourceLanguage: + description: Optional. Source language in BCP-47 format. type: string - GoogleCloudAiplatformV1SchemaPredictInstanceTextClassificationPredictionInstance: - id: >- - GoogleCloudAiplatformV1SchemaPredictInstanceTextClassificationPredictionInstance - description: Prediction input format for Text Classification. - type: object - properties: - content: - description: The text snippet to make the predictions on. + targetLanguage: type: string - mimeType: description: >- - The MIME type of the text snippet. The supported MIME types are - listed below. - text/plain - type: string - GoogleCloudAiplatformV1SchemaPredictInstanceTextExtractionPredictionInstance: - id: >- - GoogleCloudAiplatformV1SchemaPredictInstanceTextExtractionPredictionInstance - description: Prediction input format for Text Extraction. - type: object + Optional. Target language in BCP-47 format. Covers both prediction + and reference. + id: GoogleCloudAiplatformV1CometSpec + GoogleCloudAiplatformV1MetadataStore: properties: - content: - description: The text snippet to make the predictions on. + description: + description: Description of the MetadataStore. type: string - mimeType: - description: >- - The MIME type of the text snippet. The supported MIME types are - listed below. - text/plain + name: type: string - key: - description: >- - This field is only used for batch prediction. If a key is provided, - the batch prediction result will by mapped to this key. If omitted, - then the batch prediction result will contain the entire input - instance. Vertex AI will not check if keys in the request are - duplicates, so it is up to the caller to ensure the keys are unique. + description: Output only. The resource name of the MetadataStore instance. + readOnly: true + state: + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MetadataStoreMetadataStoreState + description: Output only. State information of the MetadataStore. + createTime: type: string - GoogleCloudAiplatformV1SchemaPredictInstanceTextSentimentPredictionInstance: - id: >- - GoogleCloudAiplatformV1SchemaPredictInstanceTextSentimentPredictionInstance - description: Prediction input format for Text Sentiment. - type: object - properties: - content: - description: The text snippet to make the predictions on. + description: Output only. Timestamp when this MetadataStore was created. + readOnly: true + format: google-datetime + updateTime: + description: Output only. Timestamp when this MetadataStore was last updated. + format: google-datetime type: string - mimeType: - description: >- - The MIME type of the text snippet. The supported MIME types are - listed below. - text/plain - type: string - GoogleCloudAiplatformV1SchemaPredictInstanceVideoActionRecognitionPredictionInstance: - id: >- - GoogleCloudAiplatformV1SchemaPredictInstanceVideoActionRecognitionPredictionInstance - description: Prediction input format for Video Action Recognition. + readOnly: true + dataplexConfig: + description: Optional. Dataplex integration settings. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MetadataStoreDataplexConfig + encryptionSpec: + description: >- + Customer-managed encryption key spec for a Metadata Store. If set, + this Metadata Store and all sub-resources of this Metadata Store are + secured using this key. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + description: >- + Instance of a metadata store. Contains a set of metadata that can be + queried. + type: object + id: GoogleCloudAiplatformV1MetadataStore + GoogleCloudAiplatformV1PredictRequest: type: object properties: - content: + labels: + type: object + additionalProperties: + type: string description: >- - The Google Cloud Storage location of the video on which to perform - the prediction. - type: string - mimeType: + Optional. The user labels for Imagen billing usage only. Only Imagen + supports labels. For other use cases, it will be ignored. + parameters: + type: any description: >- - The MIME type of the content of the video. Only the following are - supported: video/mp4 video/avi video/quicktime - type: string - timeSegmentStart: + The parameters that govern the prediction. The schema of the + parameters may be specified via Endpoint's DeployedModels' Model's + PredictSchemata's parameters_schema_uri. + instances: + items: + type: any + type: array description: >- - The beginning, inclusive, of the video's time segment on which to - perform the prediction. Expressed as a number of seconds as measured - from the start of the video, with "s" appended at the end. Fractions - are allowed, up to a microsecond precision. + Required. The instances that are the input to the prediction call. A + DeployedModel may have an upper limit on the number of instances it + supports per request, and when it is exceeded the prediction call + errors in case of AutoML Models, or, in case of customer created + Models, the behaviour is as documented by that Model. The schema of + any single instance may be specified via Endpoint's DeployedModels' + Model's PredictSchemata's instance_schema_uri. + description: Request message for PredictionService.Predict. + id: GoogleCloudAiplatformV1PredictRequest + GoogleCloudAiplatformV1NearestNeighborsNeighbor: + id: GoogleCloudAiplatformV1NearestNeighborsNeighbor + properties: + entityKeyValues: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FetchFeatureValuesResponse + description: >- + The attributes of the neighbor, e.g. filters, crowding and metadata + Note that full entities are returned only when "return_full_entity" + is set to true. Otherwise, only the "entity_id" and "distance" + fields are populated. + distance: + type: number + format: double + description: The distance between the neighbor and the query vector. + entityId: + description: The id of the similar entity. type: string - timeSegmentEnd: + description: A neighbor of the query vector. + type: object + GoogleCloudAiplatformV1BatchCreateTensorboardTimeSeriesRequest: + description: Request message for TensorboardService.BatchCreateTensorboardTimeSeries. + id: GoogleCloudAiplatformV1BatchCreateTensorboardTimeSeriesRequest + type: object + properties: + requests: + type: array description: >- - The end, exclusive, of the video's time segment on which to perform - the prediction. Expressed as a number of seconds as measured from - the start of the video, with "s" appended at the end. Fractions are - allowed, up to a microsecond precision, and "inf" or "Infinity" is - allowed, which means the end of the video. + Required. The request message specifying the TensorboardTimeSeries + to create. A maximum of 1000 TensorboardTimeSeries can be created in + a batch. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CreateTensorboardTimeSeriesRequest + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationNumericTransformation: + properties: + columnName: type: string - GoogleCloudAiplatformV1SchemaPredictInstanceVideoClassificationPredictionInstance: + description: >- + Training pipeline will perform following transformation functions. * The + value converted to float32. * The z_score of the value. * log(value+1) + when the value is greater than or equal to 0. Otherwise, this + transformation is not applied and the value is considered a missing + value. * z_score of log(value+1) when the value is greater than or equal + to 0. Otherwise, this transformation is not applied and the value is + considered a missing value. * A boolean value that indicates whether the + value is valid. id: >- - GoogleCloudAiplatformV1SchemaPredictInstanceVideoClassificationPredictionInstance - description: Prediction input format for Video Classification. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationNumericTransformation type: object + GoogleCloudAiplatformV1GroundingChunk: + id: GoogleCloudAiplatformV1GroundingChunk properties: - content: + maps: description: >- - The Google Cloud Storage location of the video on which to perform - the prediction. - type: string - mimeType: + A grounding chunk from Google Maps. See the `Maps` message for + details. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundingChunkMaps' + web: description: >- - The MIME type of the content of the video. Only the following are - supported: video/mp4 video/avi video/quicktime - type: string - timeSegmentStart: + A grounding chunk from a web page, typically from Google Search. See + the `Web` message for details. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundingChunkWeb' + retrievedContext: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GroundingChunkRetrievedContext description: >- - The beginning, inclusive, of the video's time segment on which to - perform the prediction. Expressed as a number of seconds as measured - from the start of the video, with "s" appended at the end. Fractions - are allowed, up to a microsecond precision. - type: string - timeSegmentEnd: + A grounding chunk from a data source retrieved by a retrieval tool, + such as Vertex AI Search. See the `RetrievedContext` message for + details + type: object + description: >- + A piece of evidence that supports a claim made by the model. This is + used to show a citation for a claim made by the model. When grounding is + enabled, the model returns a `GroundingChunk` that contains a reference + to the source of the information. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingMetadata: + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingMetadata + description: Model metadata specific to Seq2Seq Plus Forecasting. + properties: + trainCostMilliNodeHours: description: >- - The end, exclusive, of the video's time segment on which to perform - the prediction. Expressed as a number of seconds as measured from - the start of the video, with "s" appended at the end. Fractions are - allowed, up to a microsecond precision, and "inf" or "Infinity" is - allowed, which means the end of the video. + Output only. The actual training cost of the model, expressed in + milli node hours, i.e. 1,000 value in this field means 1 node hour. + Guaranteed to not exceed the train budget. + type: string + format: int64 + evaluatedDataItemsBigqueryUri: + description: BigQuery destination uri for exported evaluated examples. type: string - GoogleCloudAiplatformV1SchemaPredictInstanceVideoObjectTrackingPredictionInstance: - id: >- - GoogleCloudAiplatformV1SchemaPredictInstanceVideoObjectTrackingPredictionInstance - description: Prediction input format for Video Object Tracking. type: object + GoogleCloudAiplatformV1SupervisedTuningDataStats: properties: - content: - description: >- - The Google Cloud Storage location of the video on which to perform - the prediction. + totalBillableTokenCount: + readOnly: true + format: int64 type: string - mimeType: - description: >- - The MIME type of the content of the video. Only the following are - supported: video/mp4 video/avi video/quicktime + description: Output only. Number of billable tokens in the tuning dataset. + tuningStepCount: + readOnly: true + format: int64 + description: Output only. Number of tuning steps for this Tuning Job. + type: string + totalTruncatedExampleCount: + format: int64 type: string - timeSegmentStart: description: >- - The beginning, inclusive, of the video's time segment on which to - perform the prediction. Expressed as a number of seconds as measured - from the start of the video, with "s" appended at the end. Fractions - are allowed, up to a microsecond precision. + Output only. The number of examples in the dataset that have been + dropped. An example can be dropped for reasons including: too many + tokens, contains an invalid image, contains too many images, etc. + readOnly: true + totalTuningCharacterCount: + description: Output only. Number of tuning characters in the tuning dataset. type: string - timeSegmentEnd: + readOnly: true + format: int64 + userMessagePerExampleDistribution: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SupervisedTuningDatasetDistribution + readOnly: true + description: Output only. Dataset distributions for the messages per example. + droppedExampleReasons: + type: array + readOnly: true description: >- - The end, exclusive, of the video's time segment on which to perform - the prediction. Expressed as a number of seconds as measured from - the start of the video, with "s" appended at the end. Fractions are - allowed, up to a microsecond precision, and "inf" or "Infinity" is - allowed, which means the end of the video. + Output only. For each index in `truncated_example_indices`, the + user-facing reason why the example was dropped. + items: + type: string + tuningDatasetExampleCount: + description: Output only. Number of examples in the tuning dataset. + format: int64 type: string - GoogleCloudAiplatformV1SchemaPredictParamsImageClassificationPredictionParams: - id: >- - GoogleCloudAiplatformV1SchemaPredictParamsImageClassificationPredictionParams - description: Prediction model parameters for Image Classification. + readOnly: true + userInputTokenDistribution: + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SupervisedTuningDatasetDistribution + description: Output only. Dataset distributions for the user input tokens. + totalBillableCharacterCount: + deprecated: true + type: string + readOnly: true + description: Output only. Number of billable characters in the tuning dataset. + format: int64 + truncatedExampleIndices: + items: + format: int64 + type: string + type: array + description: >- + Output only. A partial sample of the indices (starting from 1) of + the dropped examples. + readOnly: true + userOutputTokenDistribution: + description: Output only. Dataset distributions for the user output tokens. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SupervisedTuningDatasetDistribution + readOnly: true + userDatasetExamples: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + type: array + description: Output only. Sample user messages in the training dataset uri. + readOnly: true type: object + description: Tuning data statistics for Supervised Tuning. + id: GoogleCloudAiplatformV1SupervisedTuningDataStats + GoogleCloudAiplatformV1SchemaPredictPredictionTextSentimentPredictionResult: properties: - confidenceThreshold: - description: >- - The Model only returns predictions with at least this confidence - score. Default value is 0.0 - type: number - format: float - maxPredictions: - description: >- - The Model only returns up to that many top, by confidence score, - predictions per instance. If this number is very high, the Model may - return fewer predictions. Default value is 10. + sentiment: type: integer format: int32 - GoogleCloudAiplatformV1SchemaPredictParamsImageObjectDetectionPredictionParams: + description: >- + The integer sentiment labels between 0 (inclusive) and sentimentMax + label (inclusive), while 0 maps to the least positive sentiment and + sentimentMax maps to the most positive one. The higher the score is, + the more positive the sentiment in the text snippet is. Note: + sentimentMax is an integer value between 1 (inclusive) and 10 + (inclusive). + description: Prediction output format for Text Sentiment id: >- - GoogleCloudAiplatformV1SchemaPredictParamsImageObjectDetectionPredictionParams - description: Prediction model parameters for Image Object Detection. + GoogleCloudAiplatformV1SchemaPredictPredictionTextSentimentPredictionResult type: object + GoogleCloudAiplatformV1IndexDatapointCrowdingTag: properties: - confidenceThreshold: - description: >- - The Model only returns predictions with at least this confidence - score. Default value is 0.0 - type: number - format: float - maxPredictions: + crowdingAttribute: + type: string description: >- - The Model only returns up to that many top, by confidence score, - predictions per instance. Note that number of returned predictions - is also limited by metadata's predictionsLimit. Default value is 10. - type: integer - format: int32 - GoogleCloudAiplatformV1SchemaPredictParamsImageSegmentationPredictionParams: - id: >- - GoogleCloudAiplatformV1SchemaPredictParamsImageSegmentationPredictionParams - description: Prediction model parameters for Image Segmentation. + The attribute value used for crowding. The maximum number of + neighbors to return per crowding attribute value + (per_crowding_attribute_num_neighbors) is configured per-query. This + field is ignored if per_crowding_attribute_num_neighbors is larger + than the total number of neighbors to return for a given query. + type: object + description: >- + Crowding tag is a constraint on a neighbor list produced by nearest + neighbor search requiring that no more than some value k' of the k + neighbors returned have the same value of crowding_attribute. + id: GoogleCloudAiplatformV1IndexDatapointCrowdingTag + GoogleCloudAiplatformV1SuggestTrialsMetadata: type: object + id: GoogleCloudAiplatformV1SuggestTrialsMetadata + description: Details of operations that perform Trials suggestion. properties: - confidenceThreshold: + clientId: + type: string description: >- - When the model predicts category of pixels of the image, it will - only provide predictions for pixels that it is at least this much - confident about. All other pixels will be classified as background. - Default value is 0.5. - type: number - format: float - GoogleCloudAiplatformV1SchemaPredictParamsVideoActionRecognitionPredictionParams: + The identifier of the client that is requesting the suggestion. If + multiple SuggestTrialsRequests have the same `client_id`, the + service will return the identical suggested Trial if the Trial is + pending, and provide a new Trial if the last suggested Trial was + completed. + genericMetadata: + description: Operation metadata for suggesting Trials. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationTimestampTransformation: id: >- - GoogleCloudAiplatformV1SchemaPredictParamsVideoActionRecognitionPredictionParams - description: Prediction model parameters for Video Action Recognition. - type: object + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationTimestampTransformation properties: - confidenceThreshold: - description: >- - The Model only returns predictions with at least this confidence - score. Default value is 0.0 - type: number - format: float - maxPredictions: + columnName: + type: string + timeFormat: + type: string description: >- - The model only returns up to that many top, by confidence score, - predictions per frame of the video. If this number is very high, the - Model may return fewer predictions per frame. Default value is 50. - type: integer - format: int32 - GoogleCloudAiplatformV1SchemaPredictParamsVideoClassificationPredictionParams: - id: >- - GoogleCloudAiplatformV1SchemaPredictParamsVideoClassificationPredictionParams - description: Prediction model parameters for Video Classification. + The format in which that time field is expressed. The time_format + must either be one of: * `unix-seconds` * `unix-milliseconds` * + `unix-microseconds` * `unix-nanoseconds` (for respectively number of + seconds, milliseconds, microseconds and nanoseconds since start of + the Unix epoch); or be written in `strftime` syntax. If time_format + is not set, then the default format is RFC 3339 `date-time` format, + where `time-offset` = `"Z"` (e.g. 1985-04-12T23:20:50.52Z) + description: >- + Training pipeline will perform following transformation functions. * + Apply the transformation functions for Numerical columns. * Determine + the year, month, day,and weekday. Treat each value from the timestamp as + a Categorical column. * Invalid numerical values (for example, values + that fall outside of a typical timestamp range, or are extreme values) + receive no special treatment and are not removed. type: object + GoogleCloudAiplatformV1UploadRagFileConfig: properties: - confidenceThreshold: - description: >- - The Model only returns predictions with at least this confidence - score. Default value is 0.0 - type: number - format: float - maxPredictions: + ragFileTransformationConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RagFileTransformationConfig + description: Specifies the transformation config for RagFiles. + type: object + description: Config for uploading RagFile. + id: GoogleCloudAiplatformV1UploadRagFileConfig + GoogleCloudAiplatformV1FeatureValueMetadata: + id: GoogleCloudAiplatformV1FeatureValueMetadata + type: object + properties: + generateTime: description: >- - The Model only returns up to that many top, by confidence score, - predictions per instance. If this number is very high, the Model may - return fewer predictions. Default value is 10,000. - type: integer - format: int32 - segmentClassification: + Feature generation timestamp. Typically, it is provided by user at + feature ingestion time. If not, feature store will use the system + timestamp when the data is ingested into feature store. Legacy + Feature Store: For streaming ingestion, the time, aligned by days, + must be no older than five years (1825 days) and no later than one + year (366 days) in the future. + format: google-datetime + type: string + description: Metadata of feature value. + GoogleCloudAiplatformV1DeployResponse: + type: object + id: GoogleCloudAiplatformV1DeployResponse + properties: + endpoint: + readOnly: true + type: string description: >- - Set to true to request segment-level classification. Vertex AI - returns labels and their confidence scores for the entire time - segment of the video that user specified in the input instance. - Default value is true - type: boolean - shotClassification: + Output only. The name of the Endpoint created. Format: + `projects/{project}/locations/{location}/endpoints/{endpoint}` + publisherModel: + type: string description: >- - Set to true to request shot-level classification. Vertex AI - determines the boundaries for each camera shot in the entire time - segment of the video that user specified in the input instance. - Vertex AI then returns labels and their confidence scores for each - detected shot, along with the start and end time of the shot. - WARNING: Model evaluation is not done for this classification type, - the quality of it depends on the training data, but there are no - metrics provided to describe that quality. Default value is false - type: boolean - oneSecIntervalClassification: + Output only. The name of the PublisherModel resource. Format: + `publishers/{publisher}/models/{publisher_model}@{version_id}`, or + `publishers/hf-{hugging-face-author}/models/{hugging-face-model-name}@001` + readOnly: true + model: description: >- - Set to true to request classification for a video at one-second - intervals. Vertex AI returns labels and their confidence scores for - each second of the entire time segment of the video that user - specified in the input WARNING: Model evaluation is not done for - this classification type, the quality of it depends on the training - data, but there are no metrics provided to describe that quality. - Default value is false - type: boolean - GoogleCloudAiplatformV1SchemaPredictParamsVideoObjectTrackingPredictionParams: - id: >- - GoogleCloudAiplatformV1SchemaPredictParamsVideoObjectTrackingPredictionParams - description: Prediction model parameters for Video Object Tracking. + Output only. The name of the Model created. Format: + `projects/{project}/locations/{location}/models/{model}` + readOnly: true + type: string + description: Response message for ModelGardenService.Deploy. + GoogleCloudAiplatformV1FeaturestoreMonitoringConfig: type: object properties: - confidenceThreshold: - description: >- - The Model only returns predictions with at least this confidence - score. Default value is 0.0 - type: number - format: float - maxPredictions: + numericalThresholdConfig: description: >- - The model only returns up to that many top, by confidence score, - predictions per frame of the video. If this number is very high, the - Model may return fewer predictions per frame. Default value is 50. - type: integer - format: int32 - minBoundingBoxSize: + Threshold for numerical features of anomaly detection. This is + shared by all objectives of Featurestore Monitoring for numerical + features (i.e. Features with type (Feature.ValueType) DOUBLE or + INT64). + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeaturestoreMonitoringConfigThresholdConfig + snapshotAnalysis: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeaturestoreMonitoringConfigSnapshotAnalysis + description: The config for Snapshot Analysis Based Feature Monitoring. + importFeaturesAnalysis: + description: The config for ImportFeatures Analysis Based Feature Monitoring. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeaturestoreMonitoringConfigImportFeaturesAnalysis + categoricalThresholdConfig: description: >- - Only bounding boxes with shortest edge at least that long as a - relative value of video frame size are returned. Default value is - 0.0. - type: number - format: float - GoogleCloudAiplatformV1SchemaPredictPredictionClassificationPredictionResult: - id: >- - GoogleCloudAiplatformV1SchemaPredictPredictionClassificationPredictionResult - description: Prediction output format for Image and Text Classification. - type: object + Threshold for categorical features of anomaly detection. This is + shared by all types of Featurestore Monitoring for categorical + features (i.e. Features with type (Feature.ValueType) BOOL or + STRING). + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeaturestoreMonitoringConfigThresholdConfig + description: Configuration of how features in Featurestore are monitored. + id: GoogleCloudAiplatformV1FeaturestoreMonitoringConfig + GoogleCloudAiplatformV1GcsSource: + description: The Google Cloud Storage location for the input content. + id: GoogleCloudAiplatformV1GcsSource properties: - ids: - description: The resource IDs of the AnnotationSpecs that had been identified. - type: array + uris: items: type: string - format: int64 - displayNames: - description: >- - The display names of the AnnotationSpecs that had been identified, - order matches the IDs. type: array - items: - type: string - confidences: description: >- - The Model's confidences in correctness of the predicted IDs, higher - value means higher confidence. Order matches the Ids. - type: array - items: - type: number - format: float - GoogleCloudAiplatformV1SchemaPredictPredictionImageObjectDetectionPredictionResult: - id: >- - GoogleCloudAiplatformV1SchemaPredictPredictionImageObjectDetectionPredictionResult - description: Prediction output format for Image Object Detection. + Required. Google Cloud Storage URI(-s) to the input file(s). May + contain wildcards. For more information on wildcards, see + https://cloud.google.com/storage/docs/wildcards. type: object + GoogleCloudAiplatformV1ListTrainingPipelinesResponse: + description: Response message for PipelineService.ListTrainingPipelines properties: - ids: - description: >- - The resource IDs of the AnnotationSpecs that had been identified, - ordered by the confidence score descendingly. - type: array - items: - type: string - format: int64 - displayNames: - description: >- - The display names of the AnnotationSpecs that had been identified, - order matches the IDs. - type: array - items: - type: string - confidences: - description: >- - The Model's confidences in correctness of the predicted IDs, higher - value means higher confidence. Order matches the Ids. - type: array + trainingPipelines: items: - type: number - format: float - bboxes: - description: >- - Bounding boxes, i.e. the rectangles over the image, that pinpoint - the found AnnotationSpecs. Given in order that matches the IDs. Each - bounding box is an array of 4 numbers `xMin`, `xMax`, `yMin`, and - `yMax`, which represent the extremal coordinates of the box. They - are relative to the image size, and the point 0,0 is in the top left - of the image. + $ref: '#/components/schemas/GoogleCloudAiplatformV1TrainingPipeline' + description: List of TrainingPipelines in the requested page. type: array - items: - type: array - items: - type: any - GoogleCloudAiplatformV1SchemaPredictPredictionImageSegmentationPredictionResult: - id: >- - GoogleCloudAiplatformV1SchemaPredictPredictionImageSegmentationPredictionResult - description: Prediction output format for Image Segmentation. - type: object - properties: - categoryMask: - description: >- - A PNG image where each pixel in the mask represents the category in - which the pixel in the original image was predicted to belong to. - The size of this image will be the same as the original image. The - mapping between the AnntoationSpec and the color can be found in - model's metadata. The model will choose the most likely category and - if none of the categories reach the confidence threshold, the pixel - will be marked as background. + nextPageToken: type: string - confidenceMask: description: >- - A one channel image which is encoded as an 8bit lossless PNG. The - size of the image will be the same as the original image. For a - specific pixel, darker color means less confidence in correctness of - the cateogry in the categoryMask for the corresponding pixel. Black - means no confidence and white means complete confidence. - type: string - GoogleCloudAiplatformV1SchemaPredictPredictionTabularClassificationPredictionResult: - id: >- - GoogleCloudAiplatformV1SchemaPredictPredictionTabularClassificationPredictionResult - description: Prediction output format for Tabular Classification. + A token to retrieve the next page of results. Pass to + ListTrainingPipelinesRequest.page_token to obtain that page. + id: GoogleCloudAiplatformV1ListTrainingPipelinesResponse type: object + GoogleCloudAiplatformV1DeleteFeatureValuesRequestSelectEntity: + type: object + description: >- + Message to select entity. If an entity id is selected, all the feature + values corresponding to the entity id will be deleted, including the + entityId. + id: GoogleCloudAiplatformV1DeleteFeatureValuesRequestSelectEntity properties: - classes: - description: >- - The name of the classes being classified, contains all possible - values of the target column. - type: array - items: - type: string - scores: + entityIdSelector: description: >- - The model's confidence in each class being correct, higher value - means higher confidence. The N-th score corresponds to the N-th - class in classes. - type: array - items: - type: number - format: float - GoogleCloudAiplatformV1SchemaPredictPredictionTabularRegressionPredictionResult: - id: >- - GoogleCloudAiplatformV1SchemaPredictPredictionTabularRegressionPredictionResult - description: Prediction output format for Tabular Regression. + Required. Selectors choosing feature values of which entity id to be + deleted from the EntityType. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EntityIdSelector' + GoogleCloudAiplatformV1TuningDataStats: + properties: + preferenceOptimizationDataStats: + description: Output only. Statistics for preference optimization. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PreferenceOptimizationDataStats + supervisedTuningDataStats: + description: The SFT Tuning data stats. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SupervisedTuningDataStats + description: The tuning data statistic values for TuningJob. + id: GoogleCloudAiplatformV1TuningDataStats type: object + GoogleCloudAiplatformV1RagRetrievalConfig: + description: Specifies the context retrieval config. properties: - value: - description: The regression value. - type: number - format: float - lowerBound: - description: The lower bound of the prediction interval. - type: number - format: float - upperBound: - description: The upper bound of the prediction interval. - type: number - format: float - quantileValues: - description: Quantile values. - type: array - items: - type: number - format: float - quantilePredictions: - description: Quantile predictions, in 1-1 correspondence with quantile_values. - type: array - items: - type: number - format: float - GoogleCloudAiplatformV1SchemaPredictPredictionTextExtractionPredictionResult: - id: >- - GoogleCloudAiplatformV1SchemaPredictPredictionTextExtractionPredictionResult - description: Prediction output format for Text Extraction. + topK: + type: integer + description: Optional. The number of contexts to retrieve. + format: int32 + ranking: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RagRetrievalConfigRanking + description: Optional. Config for ranking and reranking. + filter: + description: Optional. Config for filters. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagRetrievalConfigFilter' type: object + id: GoogleCloudAiplatformV1RagRetrievalConfig + GoogleCloudAiplatformV1SchemaModelevaluationMetricsImageObjectDetectionEvaluationMetrics: properties: - ids: - description: >- - The resource IDs of the AnnotationSpecs that had been identified, - ordered by the confidence score descendingly. - type: array - items: - type: string - format: int64 - displayNames: - description: >- - The display names of the AnnotationSpecs that had been identified, - order matches the IDs. - type: array - items: - type: string - textSegmentStartOffsets: + evaluatedBoundingBoxCount: + format: int32 + type: integer description: >- - The start offsets, inclusive, of the text segment in which the - AnnotationSpec has been identified. Expressed as a zero-based number - of characters as measured from the start of the text snippet. + The total number of bounding boxes (i.e. summed over all images) the + ground truth used to create this evaluation had. + boundingBoxMetrics: type: array - items: - type: string - format: int64 - textSegmentEndOffsets: description: >- - The end offsets, inclusive, of the text segment in which the - AnnotationSpec has been identified. Expressed as a zero-based number - of characters as measured from the start of the text snippet. - type: array + The bounding boxes match metrics for each intersection-over-union + threshold 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 and each label + confidence threshold 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 pair. items: - type: string - format: int64 - confidences: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsBoundingBoxMetrics + boundingBoxMeanAveragePrecision: + type: number description: >- - The Model's confidences in correctness of the predicted IDs, higher - value means higher confidence. Order matches the Ids. - type: array - items: - type: number - format: float - GoogleCloudAiplatformV1SchemaPredictPredictionTextSentimentPredictionResult: - id: >- - GoogleCloudAiplatformV1SchemaPredictPredictionTextSentimentPredictionResult - description: Prediction output format for Text Sentiment + The single metric for bounding boxes evaluation: the + `meanAveragePrecision` averaged over all + `boundingBoxMetricsEntries`. + format: float type: object - properties: - sentiment: - description: >- - The integer sentiment labels between 0 (inclusive) and sentimentMax - label (inclusive), while 0 maps to the least positive sentiment and - sentimentMax maps to the most positive one. The higher the score is, - the more positive the sentiment in the text snippet is. Note: - sentimentMax is an integer value between 1 (inclusive) and 10 - (inclusive). - type: integer - format: int32 - GoogleCloudAiplatformV1SchemaPredictPredictionTimeSeriesForecastingPredictionResult: + description: Metrics for image object detection evaluation results. id: >- - GoogleCloudAiplatformV1SchemaPredictPredictionTimeSeriesForecastingPredictionResult - description: Prediction output format for Time Series Forecasting. - type: object + GoogleCloudAiplatformV1SchemaModelevaluationMetricsImageObjectDetectionEvaluationMetrics + GoogleCloudAiplatformV1ExactMatchResults: + description: Results for exact match metric. properties: - value: - description: The regression value. - type: number - format: float - quantileValues: - description: Quantile values. - type: array - items: - type: number - format: float - quantilePredictions: - description: Quantile predictions, in 1-1 correspondence with quantile_values. + exactMatchMetricValues: + readOnly: true + description: Output only. Exact match metric values. type: array items: - type: number - format: float - tftFeatureImportance: - description: Only use these if TFt is enabled. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPredictPredictionTftFeatureImportance - GoogleCloudAiplatformV1SchemaPredictPredictionTftFeatureImportance: - id: GoogleCloudAiplatformV1SchemaPredictPredictionTftFeatureImportance + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExactMatchMetricValue' + id: GoogleCloudAiplatformV1ExactMatchResults type: object + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextExtraction: + id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextExtraction + type: object + description: A TrainingJob that trains and uploads an AutoML Text Extraction Model. properties: - contextWeights: - description: >- - TFT feature importance values. Each pair for - {context/horizon/attribute} should have the same shape since the - weight corresponds to the column names. - type: array + inputs: + description: The input parameters of this TrainingJob. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextExtractionInputs + CloudAiLargeModelsVisionGenerateVideoResponse: + properties: + generatedSamples: items: - type: number - format: float - contextColumns: + $ref: '#/components/schemas/CloudAiLargeModelsVisionMedia' + description: The generates samples. type: array - items: - type: string - horizonWeights: + videos: + description: List of videos, used to align naming with the external response. type: array items: - type: number - format: float - horizonColumns: - type: array + $ref: >- + #/components/schemas/CloudAiLargeModelsVisionGenerateVideoResponseVideo + raiMediaFilteredReasons: items: type: string - attributeWeights: - type: array - items: - type: number - format: float - attributeColumns: + description: Returns rai failure reasons if any. type: array - items: - type: string - GoogleCloudAiplatformV1SchemaPredictPredictionVideoActionRecognitionPredictionResult: - id: >- - GoogleCloudAiplatformV1SchemaPredictPredictionVideoActionRecognitionPredictionResult - description: Prediction output format for Video Action Recognition. + raiMediaFilteredCount: + format: int32 + description: Returns if any videos were filtered due to RAI policies. + type: integer type: object + description: Generate video response. + id: CloudAiLargeModelsVisionGenerateVideoResponse + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsGranularity: + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsGranularity properties: - id: - description: The resource ID of the AnnotationSpec that had been identified. - type: string - displayName: - description: The display name of the AnnotationSpec that had been identified. + quantity: + format: int64 + description: >- + The number of granularity_units between data points in the training + data. If `granularity_unit` is `minute`, can be 1, 5, 10, 15, or 30. + For all other values of `granularity_unit`, must be 1. type: string - timeSegmentStart: + unit: description: >- - The beginning, inclusive, of the video's time segment in which the - AnnotationSpec has been identified. Expressed as a number of seconds - as measured from the start of the video, with fractions up to a - microsecond precision, and with "s" appended at the end. + The time granularity unit of this time period. The supported units + are: * "minute" * "hour" * "day" * "week" * "month" * "year" type: string - format: google-duration - timeSegmentEnd: + description: A duration of time expressed in time granularity units. + type: object + GoogleCloudAiplatformV1ListModelVersionsResponse: + properties: + models: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Model' description: >- - The end, exclusive, of the video's time segment in which the - AnnotationSpec has been identified. Expressed as a number of seconds - as measured from the start of the video, with fractions up to a - microsecond precision, and with "s" appended at the end. + List of Model versions in the requested page. In the returned Model + name field, version ID instead of regvision tag will be included. + type: array + nextPageToken: type: string - format: google-duration - confidence: description: >- - The Model's confidence in correction of this prediction, higher - value means higher confidence. - type: number - format: float - GoogleCloudAiplatformV1SchemaPredictPredictionVideoClassificationPredictionResult: - id: >- - GoogleCloudAiplatformV1SchemaPredictPredictionVideoClassificationPredictionResult - description: Prediction output format for Video Classification. + A token to retrieve the next page of results. Pass to + ListModelVersionsRequest.page_token to obtain that page. + description: Response message for ModelService.ListModelVersions + id: GoogleCloudAiplatformV1ListModelVersionsResponse type: object + GoogleCloudAiplatformV1DeleteFeatureValuesResponseSelectEntity: properties: - id: - description: The resource ID of the AnnotationSpec that had been identified. - type: string - displayName: - description: The display name of the AnnotationSpec that had been identified. + offlineStorageDeletedEntityRowCount: type: string - type: description: >- - The type of the prediction. The requested types can be configured - via parameters. This will be one of - segment-classification - - shot-classification - one-sec-interval-classification - type: string - timeSegmentStart: + The count of deleted entity rows in the offline storage. Each row + corresponds to the combination of an entity ID and a timestamp. One + entity ID can have multiple rows in the offline storage. + format: int64 + onlineStorageDeletedEntityCount: description: >- - The beginning, inclusive, of the video's time segment in which the - AnnotationSpec has been identified. Expressed as a number of seconds - as measured from the start of the video, with fractions up to a - microsecond precision, and with "s" appended at the end. Note that - for 'segment-classification' prediction type, this equals the - original 'timeSegmentStart' from the input instance, for other types - it is the start of a shot or a 1 second interval respectively. + The count of deleted entities in the online storage. Each entity ID + corresponds to one entity. + format: int64 + type: string + description: Response message if the request uses the SelectEntity option. + id: GoogleCloudAiplatformV1DeleteFeatureValuesResponseSelectEntity + type: object + GoogleCloudAiplatformV1FeaturestoreMonitoringConfigImportFeaturesAnalysis: + properties: + state: + enum: + - STATE_UNSPECIFIED + - DEFAULT + - ENABLED + - DISABLED type: string - format: google-duration - timeSegmentEnd: description: >- - The end, exclusive, of the video's time segment in which the - AnnotationSpec has been identified. Expressed as a number of seconds - as measured from the start of the video, with fractions up to a - microsecond precision, and with "s" appended at the end. Note that - for 'segment-classification' prediction type, this equals the - original 'timeSegmentEnd' from the input instance, for other types - it is the end of a shot or a 1 second interval respectively. + Whether to enable / disable / inherite default hebavior for import + features analysis. + enumDescriptions: + - Should not be used. + - >- + The default behavior of whether to enable the monitoring. + EntityType-level config: disabled. Feature-level config: inherited + from the configuration of EntityType this Feature belongs to. + - >- + Explicitly enables import features analysis. EntityType-level + config: by default enables import features analysis for all + Features under it. Feature-level config: enables import features + analysis regardless of the EntityType-level config. + - >- + Explicitly disables import features analysis. EntityType-level + config: by default disables import features analysis for all + Features under it. Feature-level config: disables import features + analysis regardless of the EntityType-level config. + anomalyDetectionBaseline: + enum: + - BASELINE_UNSPECIFIED + - LATEST_STATS + - MOST_RECENT_SNAPSHOT_STATS + - PREVIOUS_IMPORT_FEATURES_STATS + enumDescriptions: + - Should not be used. + - >- + Choose the later one statistics generated by either most recent + snapshot analysis or previous import features analysis. If non of + them exists, skip anomaly detection and only generate a + statistics. + - >- + Use the statistics generated by the most recent snapshot analysis + if exists. + - >- + Use the statistics generated by the previous import features + analysis if exists. type: string - format: google-duration - confidence: description: >- - The Model's confidence in correction of this prediction, higher - value means higher confidence. - type: number - format: float - GoogleCloudAiplatformV1SchemaPredictPredictionVideoObjectTrackingPredictionResult: + The baseline used to do anomaly detection for the statistics + generated by import features analysis. + type: object + description: >- + Configuration of the Featurestore's ImportFeature Analysis Based + Monitoring. This type of analysis generates statistics for values of + each Feature imported by every ImportFeatureValues operation. id: >- - GoogleCloudAiplatformV1SchemaPredictPredictionVideoObjectTrackingPredictionResult - description: Prediction output format for Video Object Tracking. + GoogleCloudAiplatformV1FeaturestoreMonitoringConfigImportFeaturesAnalysis + GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualitySpec: + properties: + version: + description: Optional. Which version to use for evaluation. + type: integer + format: int32 + useReference: + description: >- + Optional. Whether to use instance.reference to compute question + answering quality. + type: boolean type: object + id: GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualitySpec + description: Spec for pairwise question answering quality score metric. + GoogleCloudAiplatformV1SummarizationHelpfulnessSpec: + id: GoogleCloudAiplatformV1SummarizationHelpfulnessSpec + description: Spec for summarization helpfulness score metric. properties: - id: - description: The resource ID of the AnnotationSpec that had been identified. - type: string - displayName: - description: The display name of the AnnotationSpec that had been identified. + useReference: + description: >- + Optional. Whether to use instance.reference to compute summarization + helpfulness. + type: boolean + version: + description: Optional. Which version to use for evaluation. + format: int32 + type: integer + type: object + GoogleCloudAiplatformV1UserActionReference: + properties: + operation: type: string - timeSegmentStart: description: >- - The beginning, inclusive, of the video's time segment in which the - object instance has been detected. Expressed as a number of seconds - as measured from the start of the video, with fractions up to a - microsecond precision, and with "s" appended at the end. + For API calls that return a long running operation. Resource name of + the long running operation. Format: + `projects/{project}/locations/{location}/operations/{operation}` + method: + description: >- + The method name of the API RPC call. For example, + "/google.cloud.aiplatform.{apiVersion}.DatasetService.CreateDataset" type: string - format: google-duration - timeSegmentEnd: + dataLabelingJob: description: >- - The end, inclusive, of the video's time segment in which the object - instance has been detected. Expressed as a number of seconds as - measured from the start of the video, with fractions up to a - microsecond precision, and with "s" appended at the end. + For API calls that start a LabelingJob. Resource name of the + LabelingJob. Format: + `projects/{project}/locations/{location}/dataLabelingJobs/{data_labeling_job}` type: string - format: google-duration - confidence: + type: object + description: >- + References an API call. It contains more information about long running + operation and Jobs that are triggered by the API call. + id: GoogleCloudAiplatformV1UserActionReference + GoogleTypeDate: + type: object + properties: + month: + format: int32 + type: integer description: >- - The Model's confidence in correction of this prediction, higher - value means higher confidence. - type: number - format: float - frames: + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. + year: + format: int32 description: >- - All of the frames of the video in which a single object instance has - been detected. The bounding boxes in the frames identify the same - object. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPredictPredictionVideoObjectTrackingPredictionResultFrame - GoogleCloudAiplatformV1SchemaPredictPredictionVideoObjectTrackingPredictionResultFrame: - id: >- - GoogleCloudAiplatformV1SchemaPredictPredictionVideoObjectTrackingPredictionResultFrame + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. + type: integer + day: + type: integer + format: int32 + description: >- + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. description: >- - The fields `xMin`, `xMax`, `yMin`, and `yMax` refer to a bounding box, - i.e. the rectangle over the video frame pinpointing the found - AnnotationSpec. The coordinates are relative to the frame size, and the - point 0,0 is in the top left of the frame. - type: object + Represents a whole or partial calendar date, such as a birthday. The + time of day and time zone are either specified elsewhere or are + insignificant. The date is relative to the Gregorian Calendar. This can + represent one of the following: * A full date, with non-zero year, + month, and day values. * A month and day, with a zero year (for example, + an anniversary). * A year on its own, with a zero month and a zero day. + * A year and month, with a zero day (for example, a credit card + expiration date). Related types: * google.type.TimeOfDay * + google.type.DateTime * google.protobuf.Timestamp + id: GoogleTypeDate + GoogleCloudAiplatformV1PredefinedMetricSpec: + description: The spec for a pre-defined metric. properties: - timeOffset: + metricSpecName: description: >- - A time (frame) of a video in which the object has been detected. - Expressed as a number of seconds as measured from the start of the - video, with fractions up to a microsecond precision, and with "s" - appended at the end. + Required. The name of a pre-defined metric, such as + "instruction_following_v1" or "text_quality_v1". type: string - format: google-duration - xMin: - description: The leftmost coordinate of the bounding box. - type: number - format: float - xMax: - description: The rightmost coordinate of the bounding box. - type: number - format: float - yMin: - description: The topmost coordinate of the bounding box. - type: number - format: float - yMax: - description: The bottommost coordinate of the bounding box. - type: number - format: float - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecasting: - id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecasting - description: A TrainingJob that trains and uploads an AutoML Forecasting Model. + metricSpecParameters: + type: object + description: Optional. The parameters needed to run the pre-defined metric. + additionalProperties: + description: Properties of the object. + type: any + id: GoogleCloudAiplatformV1PredefinedMetricSpec + type: object + GoogleCloudAiplatformV1TrajectoryInOrderMatchInput: type: object + description: Instances and metric spec for TrajectoryInOrderMatch metric. properties: - inputs: - description: The input parameters of this TrainingJob. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputs - metadata: - description: The metadata information. + metricSpec: + description: Required. Spec for TrajectoryInOrderMatch metric. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingMetadata - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputs: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputs + #/components/schemas/GoogleCloudAiplatformV1TrajectoryInOrderMatchSpec + instances: + description: Required. Repeated TrajectoryInOrderMatch instance. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectoryInOrderMatchInstance + id: GoogleCloudAiplatformV1TrajectoryInOrderMatchInput + GoogleCloudAiplatformV1MultiSpeakerVoiceConfig: type: object + id: GoogleCloudAiplatformV1MultiSpeakerVoiceConfig + description: Configuration for a multi-speaker text-to-speech request. properties: - targetColumn: + speakerVoiceConfigs: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SpeakerVoiceConfig' description: >- - The name of the column that the Model is to predict values for. This - column must be unavailable at forecast. - type: string - timeSeriesIdentifierColumn: - description: The name of the column that identifies the time series. - type: string - timeColumn: + Required. A list of configurations for the voices of the speakers. + Exactly two speaker voice configurations must be provided. + type: array + GoogleCloudAiplatformV1Model: + id: GoogleCloudAiplatformV1Model + properties: + dataStats: description: >- - The name of the column that identifies time order in the time - series. This column must be available at forecast. + Stats of data used for training or evaluating the Model. Only + populated when the Model is trained by a TrainingPipeline with + data_input_config. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelDataStats' + predictSchemata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictSchemata' + description: >- + The schemata that describe formats of the Model's predictions and + explanations as given and returned via PredictionService.Predict and + PredictionService.Explain. + metadataSchemaUri: type: string - transformations: description: >- - Each transformation will apply transform function to given input - column. And the result will be used for training. When creating - transformation for BigQuery Struct column, the column should be - flattened using "." as the delimiter. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformation - optimizationObjective: + Immutable. Points to a YAML file stored on Google Cloud Storage + describing additional information about the Model, that is specific + to it. Unset if the Model does not have any additional information. + The schema is defined as an OpenAPI 3.0.2 [Schema + Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). + AutoML Models always have this field populated by Vertex AI, if no + additional metadata is needed, this field is set to an empty string. + Note: The URI given on output will be immutable and probably + different, including the URI scheme, than the one given on input. + The output URI will point to a location where the user only has a + read access. + explanationSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplanationSpec' description: >- - Objective function the model is optimizing towards. The training - process creates a model that optimizes the value of the objective - function over the validation set. The supported optimization - objectives: * "minimize-rmse" (default) - Minimize root-mean-squared - error (RMSE). * "minimize-mae" - Minimize mean-absolute error (MAE). - * "minimize-rmsle" - Minimize root-mean-squared log error (RMSLE). * - "minimize-rmspe" - Minimize root-mean-squared percentage error - (RMSPE). * "minimize-wape-mae" - Minimize the combination of - weighted absolute percentage error (WAPE) and mean-absolute-error - (MAE). * "minimize-quantile-loss" - Minimize the quantile loss at - the quantiles defined in `quantiles`. * "minimize-mape" - Minimize - the mean absolute percentage error. + The default explanation specification for this Model. The Model can + be used for requesting explanation after being deployed if it is + populated. The Model can be used for batch explanation if it is + populated. All fields of the explanation_spec can be overridden by + explanation_spec of DeployModelRequest.deployed_model, or + explanation_spec of BatchPredictionJob. If the default explanation + specification is not set for this Model, this Model can still be + used for requesting explanation by setting explanation_spec of + DeployModelRequest.deployed_model and for batch explanation by + setting explanation_spec of BatchPredictionJob. + encryptionSpec: + description: >- + Customer-managed encryption key spec for a Model. If set, this Model + and all sub-resources of this Model will be secured by this key. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + displayName: + description: >- + Required. The display name of the Model. The name can be up to 128 + characters long and can consist of any UTF-8 characters. type: string - trainBudgetMilliNodeHours: + labels: + additionalProperties: + type: string + type: object description: >- - Required. The train budget of creating this model, expressed in - milli node hours i.e. 1,000 value in this field means 1 node hour. - The training cost of the model will not exceed this budget. The - final cost will be attempted to be close to the budget, though may - end up being (even) noticeably smaller - at the backend's - discretion. This especially may happen when further model training - ceases to provide any improvements. If the budget is set to a value - known to be insufficient to train a model for the given dataset, the - training won't be attempted and will error. The train budget must be - between 1,000 and 72,000 milli node hours, inclusive. + The labels with user-defined metadata to organize your Models. Label + keys and values can be no longer than 64 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. See + https://goo.gl/xmQnxf for more information and examples of labels. + modelSourceInfo: + readOnly: true + description: >- + Output only. Source of a model. It can either be automl training + pipeline, custom training pipeline, BigQuery ML, or saved and tuned + from Genie or Model Garden. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelSourceInfo' + baseModelSource: + description: >- + Optional. User input field to specify the base model source. + Currently it only supports specifing the Model Garden models and + Genie models. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelBaseModelSource' + createTime: + description: Output only. Timestamp when this Model was uploaded into Vertex AI. + format: google-datetime type: string - format: int64 - weightColumn: + readOnly: true + versionCreateTime: + readOnly: true + type: string + description: Output only. Timestamp when this version was created. + format: google-datetime + metadata: description: >- - Column name that should be used as the weight column. Higher values - in this column give more importance to the row during model - training. The column must have numeric values between 0 and 10000 - inclusively; 0 means the row is ignored for training. If weight - column field is not set, then all rows are assumed to have equal - weight of 1. + Immutable. An additional information about the Model; the schema of + the metadata can be found in metadata_schema. Unset if the Model + does not have any additional information. + type: any + versionDescription: + description: The description of this version. type: string - timeSeriesAttributeColumns: + supportedExportFormats: description: >- - Column names that should be used as attribute columns. The value of - these columns does not vary as a function of time. For example, - store ID or item color. - type: array + Output only. The formats in which this Model may be exported. If + empty, this Model is not available for export. items: - type: string - unavailableAtForecastColumns: - description: >- - Names of columns that are unavailable when a forecast is requested. - This column contains information for the given entity (identified by - the time_series_identifier_column) that is unknown before the - forecast For example, actual weather on a given day. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelExportFormat' type: array + readOnly: true + originalModelInfo: + description: >- + Output only. If this Model is a copy of another Model, this contains + info about the original. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelOriginalModelInfo' + readOnly: true + supportedInputStorageFormats: items: type: string - availableAtForecastColumns: description: >- - Names of columns that are available and provided when a forecast is - requested. These columns contain information for the given entity - (identified by the time_series_identifier_column column) that is - known at forecast. For example, predicted weather for a specific - day. + Output only. The formats this Model supports in + BatchPredictionJob.input_config. If + PredictSchemata.instance_schema_uri exists, the instances should be + given as per that schema. The possible formats are: * `jsonl` The + JSON Lines format, where each instance is a single line. Uses + GcsSource. * `csv` The CSV format, where each instance is a single + comma-separated line. The first line in the file is the header, + containing comma-separated field names. Uses GcsSource. * + `tf-record` The TFRecord format, where each instance is a single + record in tfrecord syntax. Uses GcsSource. * `tf-record-gzip` + Similar to `tf-record`, but the file is gzipped. Uses GcsSource. * + `bigquery` Each instance is a single row in BigQuery. Uses + BigQuerySource. * `file-list` Each line of the file is the location + of an instance to process, uses `gcs_source` field of the + InputConfig object. If this Model doesn't support any of these + formats it means it cannot be used with a BatchPredictionJob. + However, if it has supported_deployment_resources_types, it could + serve online predictions by using PredictionService.Predict or + PredictionService.Explain. + readOnly: true type: array - items: - type: string - dataGranularity: - description: Expected difference in time granularity between rows in the data. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsGranularity - forecastHorizon: + artifactUri: description: >- - The amount of time into the future for which forecasted values for - the target are returned. Expressed in number of units defined by the - `data_granularity` field. + Immutable. The path to the directory containing the Model artifact + and any of its supporting files. Not required for AutoML Models. type: string - format: int64 - contextWindow: + etag: description: >- - The amount of time into the past training and prediction data is - used for model training and prediction respectively. Expressed in - number of units defined by the `data_granularity` field. + Used to perform consistent read-modify-write updates. If not set, a + blind "overwrite" update happens. type: string - format: int64 - exportEvaluatedDataItemsConfig: - description: >- - Configuration for exporting test set predictions to a BigQuery - table. If this configuration is absent, then the export is not - performed. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionExportEvaluatedDataItemsConfig - quantiles: + metadataArtifact: description: >- - Quantiles to use for minimize-quantile-loss - `optimization_objective`, or for probabilistic inference. Up to 5 - quantiles are allowed of values between 0 and 1, exclusive. Required - if the value of optimization_objective is minimize-quantile-loss. - Represents the percent quantiles to use for that objective. - Quantiles must be unique. + Output only. The resource name of the Artifact that was created in + MetadataStore when creating the Model. The Artifact resource name + pattern is + `projects/{project}/locations/{location}/metadataStores/{metadata_store}/artifacts/{artifact}`. + type: string + readOnly: true + versionAliases: type: array items: - type: number - format: double - hierarchyConfig: + type: string description: >- - Configuration that defines the hierarchical relationship of time - series and parameters for hierarchical forecasting strategies. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHierarchyConfig - windowConfig: - description: Config containing strategy for generating sliding windows. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionWindowConfig - holidayRegions: + User provided version aliases so that a model version can be + referenced via alias (i.e. + `projects/{project}/locations/{location}/models/{model_id}@{version_alias}` + instead of auto-generated version id (i.e. + `projects/{project}/locations/{location}/models/{model_id}@{version_id})`. + The format is a-z{0,126}[a-z0-9] to distinguish from version_id. A + default version alias will be created for the first version of the + model, and there must be exactly one default version alias for a + model. + versionId: + type: string description: >- - The geographical region based on which the holiday effect is applied - in modeling by adding holiday categorical array feature that include - all holidays matching the date. This option only allowed when - data_granularity is day. By default, holiday effect modeling is - disabled. To turn it on, specify the holiday region using this - option. - type: array - items: - type: string - enableProbabilisticInference: + Output only. Immutable. The version ID of the model. A new version + is committed when a new model version is uploaded or trained under + an existing model id. It is an auto-incrementing decimal number in + string representation. + readOnly: true + pipelineJob: description: >- - If probabilistic inference is enabled, the model will fit a - distribution that captures the uncertainty of a prediction. At - inference time, the predictive distribution is used to make a point - prediction that minimizes the optimization objective. For example, - the mean of a predictive distribution is the point prediction that - minimizes RMSE loss. If quantiles are specified, then the quantiles - of the distribution are also returned. The optimization objective - cannot be minimize-quantile-loss. + Optional. This field is populated if the model is produced by a + pipeline job. + type: string + satisfiesPzi: + readOnly: true + description: Output only. Reserved for future use. type: boolean - validationOptions: + trainingPipeline: description: >- - Validation options for the data validation component. The available - options are: * "fail-pipeline" - default, will validate against the - validation and fail the pipeline if it fails. * "ignore-validation" - - ignore the results of the validation and continue + Output only. The resource name of the TrainingPipeline that uploaded + this Model, if any. type: string - additionalExperiments: - description: Additional experiment flags for the time series forcasting training. - type: array - items: - type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformation - type: object - properties: - auto: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationAutoTransformation - numeric: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationNumericTransformation - categorical: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationCategoricalTransformation - timestamp: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationTimestampTransformation - text: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationTextTransformation - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationAutoTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationAutoTransformation - description: >- - Training pipeline will infer the proper transformation based on the - statistic of dataset. - type: object - properties: - columnName: + readOnly: true + updateTime: type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationNumericTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationNumericTransformation - description: >- - Training pipeline will perform following transformation functions. * The - value converted to float32. * The z_score of the value. * log(value+1) - when the value is greater than or equal to 0. Otherwise, this - transformation is not applied and the value is considered a missing - value. * z_score of log(value+1) when the value is greater than or equal - to 0. Otherwise, this transformation is not applied and the value is - considered a missing value. * A boolean value that indicates whether the - value is valid. - type: object - properties: - columnName: + format: google-datetime + readOnly: true + description: Output only. Timestamp when this Model was most recently updated. + versionUpdateTime: + readOnly: true type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationCategoricalTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationCategoricalTransformation - description: >- - Training pipeline will perform following transformation functions. * The - categorical string as is--no change to case, punctuation, spelling, - tense, and so on. * Convert the category name to a dictionary lookup - index and generate an embedding for each index. * Categories that appear - less than 5 times in the training dataset are treated as the "unknown" - category. The "unknown" category gets its own special lookup index and - resulting embedding. - type: object - properties: - columnName: + description: Output only. Timestamp when this version was most recently updated. + format: google-datetime + description: + description: The description of the Model. type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationTimestampTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationTimestampTransformation - description: >- - Training pipeline will perform following transformation functions. * - Apply the transformation functions for Numerical columns. * Determine - the year, month, day,and weekday. Treat each value from the timestamp as - a Categorical column. * Invalid numerical values (for example, values - that fall outside of a typical timestamp range, or are extreme values) - receive no special treatment and are not removed. - type: object - properties: - columnName: + checkpoints: + readOnly: true + description: Optional. Output only. The checkpoints of the model. + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Checkpoint' + defaultCheckpointId: + description: The default checkpoint id of a model version. type: string - timeFormat: + supportedOutputStorageFormats: + readOnly: true description: >- - The format in which that time field is expressed. The time_format - must either be one of: * `unix-seconds` * `unix-milliseconds` * - `unix-microseconds` * `unix-nanoseconds` (for respectively number of - seconds, milliseconds, microseconds and nanoseconds since start of - the Unix epoch); or be written in `strftime` syntax. If time_format - is not set, then the default format is RFC 3339 `date-time` format, - where `time-offset` = `"Z"` (e.g. 1985-04-12T23:20:50.52Z) + Output only. The formats this Model supports in + BatchPredictionJob.output_config. If both + PredictSchemata.instance_schema_uri and + PredictSchemata.prediction_schema_uri exist, the predictions are + returned together with their instances. In other words, the + prediction has the original instance data first, followed by the + actual prediction content (as per the schema). The possible formats + are: * `jsonl` The JSON Lines format, where each prediction is a + single line. Uses GcsDestination. * `csv` The CSV format, where each + prediction is a single comma-separated line. The first line in the + file is the header, containing comma-separated field names. Uses + GcsDestination. * `bigquery` Each prediction is a single row in a + BigQuery table, uses BigQueryDestination . If this Model doesn't + support any of these formats it means it cannot be used with a + BatchPredictionJob. However, if it has + supported_deployment_resources_types, it could serve online + predictions by using PredictionService.Predict or + PredictionService.Explain. + type: array + items: + type: string + supportedDeploymentResourcesTypes: + readOnly: true + items: + enumDescriptions: + - Should not be used. + - >- + Resources that are dedicated to the DeployedModel, and that need + a higher degree of manual configuration. + - >- + Resources that to large degree are decided by Vertex AI, and + require only a modest additional configuration. + - >- + Resources that can be shared by multiple DeployedModels. A + pre-configured DeploymentResourcePool is required. + enum: + - DEPLOYMENT_RESOURCES_TYPE_UNSPECIFIED + - DEDICATED_RESOURCES + - AUTOMATIC_RESOURCES + - SHARED_RESOURCES + type: string + type: array + description: >- + Output only. When this Model is deployed, its prediction resources + are described by the `prediction_resources` field of the + Endpoint.deployed_models object. Because not all Models support all + resource configuration types, the configuration types this Model + supports are listed here. If no configuration types are listed, the + Model cannot be deployed to an Endpoint and does not support online + predictions (PredictionService.Predict or + PredictionService.Explain). Such a Model can serve predictions by + using a BatchPredictionJob, if it has at least one entry each in + supported_input_storage_formats and + supported_output_storage_formats. + deployedModels: + readOnly: true + type: array + description: >- + Output only. The pointers to DeployedModels created from this Model. + Note that Model could have been deployed to Endpoints in different + Locations. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModelRef' + satisfiesPzs: + type: boolean + readOnly: true + description: Output only. Reserved for future use. + containerSpec: + description: >- + Input only. The specification of the container that is to be used + when deploying this Model. The specification is ingested upon + ModelService.UploadModel, and all binaries it contains are copied + and stored internally by Vertex AI. Not required for AutoML Models. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelContainerSpec' + name: + description: The resource name of the Model. type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationTextTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsTransformationTextTransformation - description: >- - Training pipeline will perform following transformation functions. * The - text as is--no change to case, punctuation, spelling, tense, and so on. - * Convert the category name to a dictionary lookup index and generate an - embedding for each index. type: object + description: A trained machine learning Model. + GoogleCloudAiplatformV1ListMetadataSchemasResponse: + type: object + id: GoogleCloudAiplatformV1ListMetadataSchemasResponse + description: Response message for MetadataService.ListMetadataSchemas. properties: - columnName: + nextPageToken: + description: >- + A token, which can be sent as ListMetadataSchemasRequest.page_token + to retrieve the next page. If this field is not populated, there are + no subsequent pages. type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsGranularity: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingInputsGranularity - description: A duration of time expressed in time granularity units. + metadataSchemas: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1MetadataSchema' + type: array + description: The MetadataSchemas found for the MetadataStore. + GoogleCloudAiplatformV1GroundednessResult: + description: Spec for groundedness result. type: object + id: GoogleCloudAiplatformV1GroundednessResult properties: - unit: - description: >- - The time granularity unit of this time period. The supported units - are: * "minute" * "hour" * "day" * "week" * "month" * "year" + score: + type: number + format: float + description: Output only. Groundedness score. + readOnly: true + confidence: + readOnly: true + type: number + format: float + description: Output only. Confidence for groundedness score. + explanation: + readOnly: true type: string - quantity: + description: Output only. Explanation for groundedness score. + GoogleCloudAiplatformV1DeleteFeatureValuesRequestSelectTimeRangeAndFeature: + properties: + featureSelector: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureSelector' description: >- - The number of granularity_units between data points in the training - data. If `granularity_unit` is `minute`, can be 1, 5, 10, 15, or 30. - For all other values of `granularity_unit`, must be 1. - type: string - format: int64 - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionExportEvaluatedDataItemsConfig: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionExportEvaluatedDataItemsConfig - description: Configuration for exporting test set predictions to a BigQuery table. + Required. Selectors choosing which feature values to be deleted from + the EntityType. + timeRange: + $ref: '#/components/schemas/GoogleTypeInterval' + description: >- + Required. Select feature generated within a half-inclusive time + range. The time range is lower inclusive and upper exclusive. + skipOnlineStorageDelete: + description: >- + If set, data will not be deleted from online storage. When time + range is older than the data in online storage, setting this to be + true will make the deletion have no impact on online serving. + type: boolean type: object + description: >- + Message to select time range and feature. Values of the selected feature + generated within an inclusive time range will be deleted. Using this + option permanently deletes the feature values from the specified feature + IDs within the specified time range. This might include data from the + online storage. If you want to retain any deleted historical data in the + online storage, you must re-ingest it. + id: >- + GoogleCloudAiplatformV1DeleteFeatureValuesRequestSelectTimeRangeAndFeature + GoogleCloudAiplatformV1AutomaticResources: + id: GoogleCloudAiplatformV1AutomaticResources properties: - destinationBigqueryUri: + maxReplicaCount: description: >- - URI of desired destination BigQuery table. Expected format: - `bq://{project_id}:{dataset_id}:{table}` If not specified, then - results are exported to the following auto-created BigQuery table: - `{project_id}:export_evaluated_examples_{model_name}_{yyyy_MM_dd'T'HH_mm_ss_SSS'Z'}.evaluated_examples` - type: string - overrideExistingTable: + Immutable. The maximum number of replicas that may be deployed on + when the traffic against it increases. If the requested value is too + large, the deployment will error, but if deployment succeeds then + the ability to scale to that many replicas is guaranteed (barring + service outages). If traffic increases beyond what its replicas at + maximum may handle, a portion of the traffic will be dropped. If + this value is not provided, a no upper bound for scaling under heavy + traffic will be assume, though Vertex AI may be unable to scale + beyond certain replica number. + format: int32 + type: integer + minReplicaCount: + format: int32 description: >- - If true and an export destination is specified, then the contents of - the destination are overwritten. Otherwise, if the export - destination already exists, then the export operation fails. - type: boolean - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHierarchyConfig: - id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHierarchyConfig + Immutable. The minimum number of replicas that will be always + deployed on. If traffic against it increases, it may dynamically be + deployed onto more replicas up to max_replica_count, and as traffic + decreases, some of these extra replicas may be freed. If the + requested value is too large, the deployment will error. + type: integer + type: object description: >- - Configuration that defines the hierarchical relationship of time series - and parameters for hierarchical forecasting strategies. + A description of resources that to large degree are decided by Vertex + AI, and require only a modest additional configuration. Each Model + supporting these resources documents its specific guidelines. + GoogleCloudAiplatformV1RubricGroup: type: object properties: - groupColumns: - description: >- - A list of time series attribute column names that define the time - series hierarchy. Only one level of hierarchy is supported, ex. - 'region' for a hierarchy of stores or 'department' for a hierarchy - of products. If multiple columns are specified, time series will be - grouped by their combined values, ex. ('blue', 'large') for 'color' - and 'size', up to 5 columns are accepted. If no group columns are - specified, all time series are considered to be part of the same - group. + rubrics: + description: Rubrics that are part of this group. type: array items: - type: string - groupTotalWeight: - description: >- - The weight of the loss for predictions aggregated over time series - in the same group. - type: number - format: double - temporalTotalWeight: - description: >- - The weight of the loss for predictions aggregated over the horizon - for a single time series. - type: number - format: double - groupTemporalTotalWeight: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Rubric' + groupId: + type: string + description: Unique identifier for the group. + displayName: description: >- - The weight of the loss for predictions aggregated over both the - horizon and time series in the same hierarchy group. - type: number - format: double - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionWindowConfig: - id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionWindowConfig + Human-readable name for the group. This should be unique within a + given context if used for display or selection. Example: + "Instruction Following V1", "Content Quality - Summarization Task". + type: string + id: GoogleCloudAiplatformV1RubricGroup description: >- - Config that contains the strategy used to generate sliding windows in - time series training. A window is a series of rows that comprise the - context up to the time of prediction, and the horizon following. The - corresponding row for each window marks the start of the forecast - horizon. Each window is used as an input example for - training/evaluation. + A group of rubrics, used for grouping rubrics based on a metric or a + version. + GoogleCloudAiplatformV1BatchReadFeatureValuesResponse: + properties: {} + id: GoogleCloudAiplatformV1BatchReadFeatureValuesResponse + description: Response message for FeaturestoreService.BatchReadFeatureValues. type: object + GoogleCloudAiplatformV1RestoreDatasetVersionOperationMetadata: properties: - column: + genericMetadata: + description: The common part of the operation metadata. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Runtime operation information for DatasetService.RestoreDatasetVersion. + id: GoogleCloudAiplatformV1RestoreDatasetVersionOperationMetadata + type: object + GoogleCloudAiplatformV1SchemaPredictInstanceVideoActionRecognitionPredictionInstance: + description: Prediction input format for Video Action Recognition. + type: object + properties: + content: description: >- - Name of the column that should be used to generate sliding windows. - The column should contain either booleans or string booleans; if the - value of the row is True, generate a sliding window with the horizon - starting at that row. The column will not be used as a feature in - training. + The Google Cloud Storage location of the video on which to perform + the prediction. type: string - strideLength: + timeSegmentEnd: description: >- - Stride length used to generate input examples. Within one time - series, every {$STRIDE_LENGTH} rows will be used to generate a - sliding window. + The end, exclusive, of the video's time segment on which to perform + the prediction. Expressed as a number of seconds as measured from + the start of the video, with "s" appended at the end. Fractions are + allowed, up to a microsecond precision, and "inf" or "Infinity" is + allowed, which means the end of the video. type: string - format: int64 - maxCount: + mimeType: description: >- - Maximum number of windows that should be generated across all time - series. + The MIME type of the content of the video. Only the following are + supported: video/mp4 video/avi video/quicktime + type: string + timeSegmentStart: + description: >- + The beginning, inclusive, of the video's time segment on which to + perform the prediction. Expressed as a number of seconds as measured + from the start of the video, with "s" appended at the end. Fractions + are allowed, up to a microsecond precision. type: string - format: int64 - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingMetadata: id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlForecastingMetadata - description: Model metadata specific to AutoML Forecasting. - type: object + GoogleCloudAiplatformV1SchemaPredictInstanceVideoActionRecognitionPredictionInstance + GoogleCloudAiplatformV1ListExecutionsResponse: properties: - trainCostMilliNodeHours: + nextPageToken: description: >- - Output only. The actual training cost of the model, expressed in - milli node hours, i.e. 1,000 value in this field means 1 node hour. - Guaranteed to not exceed the train budget. - type: string - format: int64 - evaluatedDataItemsBigqueryUri: - description: BigQuery destination uri for exported evaluated examples. + A token, which can be sent as ListExecutionsRequest.page_token to + retrieve the next page. If this field is not populated, there are no + subsequent pages. type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageClassification: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageClassification - description: >- - A TrainingJob that trains and uploads an AutoML Image Classification - Model. + executions: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Execution' + description: The Executions retrieved from the MetadataStore. + type: array + description: Response message for MetadataService.ListExecutions. + id: GoogleCloudAiplatformV1ListExecutionsResponse type: object + GoogleCloudAiplatformV1EvaluationRunMetricLLMBasedMetricSpec: + description: Specification for an LLM based metric. + id: GoogleCloudAiplatformV1EvaluationRunMetricLLMBasedMetricSpec properties: - inputs: - description: The input parameters of this TrainingJob. + additionalConfig: + additionalProperties: + description: Properties of the object. + type: any + description: Optional. Optional additional configuration for the metric. + type: object + predefinedRubricGenerationSpec: + description: Dynamically generate rubrics using a predefined spec. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageClassificationInputs - metadata: - description: The metadata information. + #/components/schemas/GoogleCloudAiplatformV1EvaluationRunMetricPredefinedMetricSpec + systemInstruction: + type: string + description: Optional. System instructions for the judge model. + judgeAutoraterConfig: + description: Optional. Optional configuration for the judge LLM (Autorater). $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageClassificationMetadata - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageClassificationInputs: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageClassificationInputs + #/components/schemas/GoogleCloudAiplatformV1EvaluationRunEvaluationConfigAutoraterConfig + metricPromptTemplate: + description: Required. Template for the prompt sent to the judge model. + type: string + rubricGenerationSpec: + description: Dynamically generate rubrics using this specification. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationRunMetricRubricGenerationSpec + rubricGroupKey: + type: string + description: >- + Use a pre-defined group of rubrics associated with the input. Refers + to a key in the rubric_groups map of EvaluationInstance. + type: object + GoogleCloudAiplatformV1MeasurementMetric: type: object + description: A message representing a metric in the measurement. properties: - modelType: + metricId: + readOnly: true type: string - enumDescriptions: - - Should not be set. - - >- - A Model best tailored to be used within Google Cloud, and which - cannot be exported. Default. - - >- - A model type best tailored to be used within Google Cloud, which - cannot be exported externally. Compared to the CLOUD model above, - it is expected to have higher prediction accuracy. - - >- - A model that, in addition to being available within Google Cloud, - can also be exported (see ModelService.ExportModel) as TensorFlow - or Core ML model and used on a mobile or edge device afterwards. - Expected to have low latency, but may have lower prediction - quality than other mobile models. - - >- - A model that, in addition to being available within Google Cloud, - can also be exported (see ModelService.ExportModel) as TensorFlow - or Core ML model and used on a mobile or edge device with - afterwards. - - >- - A model that, in addition to being available within Google Cloud, - can also be exported (see ModelService.ExportModel) as TensorFlow - or Core ML model and used on a mobile or edge device afterwards. - Expected to have a higher latency, but should also have a higher - prediction quality than other mobile models. - - >- - EfficientNet model for Model Garden training with customizable - hyperparameters. Best tailored to be used within Google Cloud, and - cannot be exported externally. - - >- - MaxViT model for Model Garden training with customizable - hyperparameters. Best tailored to be used within Google Cloud, and - cannot be exported externally. - - >- - ViT model for Model Garden training with customizable - hyperparameters. Best tailored to be used within Google Cloud, and - cannot be exported externally. - - >- - CoCa model for Model Garden training with customizable - hyperparameters. Best tailored to be used within Google Cloud, and - cannot be exported externally. - enum: - - MODEL_TYPE_UNSPECIFIED - - CLOUD - - CLOUD_1 - - MOBILE_TF_LOW_LATENCY_1 - - MOBILE_TF_VERSATILE_1 - - MOBILE_TF_HIGH_ACCURACY_1 - - EFFICIENTNET - - MAXVIT - - VIT - - COCA - baseModelId: description: >- - The ID of the `base` model. If it is specified, the new model will - be trained based on the `base` model. Otherwise, the new model will - be trained from scratch. The `base` model must be in the same - Project and Location as the new Model to train, and have the same - modelType. + Output only. The ID of the Metric. The Metric should be defined in + StudySpec's Metrics. + value: + readOnly: true + type: number + description: Output only. The value for this metric. + format: double + id: GoogleCloudAiplatformV1MeasurementMetric + GoogleCloudAiplatformV1LLMBasedMetricSpec: + properties: + systemInstruction: + type: string + description: Optional. System instructions for the judge model. + additionalConfig: + type: object + additionalProperties: + type: any + description: Properties of the object. + description: Optional. Optional additional configuration for the metric. + rubricGenerationSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1RubricGenerationSpec' + description: Dynamically generate rubrics using this specification. + predefinedRubricGenerationSpec: + description: Dynamically generate rubrics using a predefined spec. + $ref: '#/components/schemas/GoogleCloudAiplatformV1PredefinedMetricSpec' + rubricGroupKey: type: string - budgetMilliNodeHours: description: >- - The training budget of creating this model, expressed in milli node - hours i.e. 1,000 value in this field means 1 node hour. The actual - metadata.costMilliNodeHours will be equal or less than this value. - If further model training ceases to provide any improvements, it - will stop without using the full budget and the - metadata.successfulStopReason will be `model-converged`. Note, - node_hour = actual_hour * number_of_nodes_involved. For modelType - `cloud`(default), the budget must be between 8,000 and 800,000 milli - node hours, inclusive. The default value is 192,000 which represents - one day in wall time, considering 8 nodes are used. For model types - `mobile-tf-low-latency-1`, `mobile-tf-versatile-1`, - `mobile-tf-high-accuracy-1`, the training budget must be between - 1,000 and 100,000 milli node hours, inclusive. The default value is - 24,000 which represents one day in wall time on a single node that - is used. + Use a pre-defined group of rubrics associated with the input. Refers + to a key in the rubric_groups map of EvaluationInstance. + judgeAutoraterConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1AutoraterConfig' + description: Optional. Optional configuration for the judge LLM (Autorater). + metricPromptTemplate: type: string - format: int64 - disableEarlyStopping: + description: Required. Template for the prompt sent to the judge model. + description: Specification for an LLM based metric. + id: GoogleCloudAiplatformV1LLMBasedMetricSpec + type: object + GoogleCloudAiplatformV1Memory: + properties: + expireTime: + type: string + format: google-datetime description: >- - Use the entire training budget. This disables the early stopping - feature. When false the early stopping feature is enabled, which - means that AutoML Image Classification might stop training before - the entire training budget has been used. + Optional. Timestamp of when this resource is considered expired. + This is *always* provided on output when `expiration` is set on + input, regardless of whether `expire_time` or `ttl` was provided. + disableMemoryRevisions: type: boolean - multiLabel: description: >- - If false, a single-label (multi-class) Model will be trained (i.e. - assuming that for each image just up to one annotation may be - applicable). If true, a multi-label Model will be trained (i.e. - assuming that for each image multiple annotations may be - applicable). - type: boolean - uptrainBaseModelId: + Optional. Input only. If true, no revision will be created for this + request. + revisionExpireTime: description: >- - The ID of `base` model for upTraining. If it is specified, the new - model will be upTrained based on the `base` model for upTraining. - Otherwise, the new model will be trained from scratch. The `base` - model for upTraining must be in the same Project and Location as the - new Model to train, and have the same modelType. + Optional. Input only. Timestamp of when the revision is considered + expired. If not set, the memory revision will be kept until manually + deleted. + format: google-datetime type: string - tunableParameter: - description: Trainer type for Vision TrainRequest. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutomlImageTrainingTunableParameter - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutomlImageTrainingTunableParameter: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutomlImageTrainingTunableParameter - description: >- - A wrapper class which contains the tunable parameters in an AutoML Image - training job. - type: object - properties: - trainerType: + name: + description: >- + Identifier. The resource name of the Memory. Format: + `projects/{project}/locations/{location}/reasoningEngines/{reasoning_engine}/memories/{memory}` type: string - enumDescriptions: - - Default value. - - '' - - '' - enum: - - TRAINER_TYPE_UNSPECIFIED - - AUTOML_TRAINER - - MODEL_GARDEN_TRAINER - checkpointName: + revisionTtl: description: >- - Optional. An unique name of pretrained model checkpoint provided in - model garden, it will be mapped to a GCS location internally. + Optional. Input only. The TTL for the revision. The expiration time + is computed: now + TTL. + format: google-duration type: string - studySpec: + ttl: + type: string + format: google-duration description: >- - Optioinal. StudySpec of hyperparameter tuning job. Required for - `model_garden_trainer`. - $ref: '#/components/schemas/GoogleCloudAiplatformV1StudySpec' - trainerConfig: - description: Customizable trainer settings, used in the `model_garden_trainer`. - type: object + Optional. Input only. The TTL for this resource. The expiration time + is computed: now + TTL. + fact: + type: string + description: Required. Semantic knowledge extracted from the source content. + updateTime: + description: Output only. Timestamp when this Memory was most recently updated. + readOnly: true + format: google-datetime + type: string + displayName: + type: string + description: Optional. Display name of the Memory. + createTime: + description: Output only. Timestamp when this Memory was created. + readOnly: true + format: google-datetime + type: string + topics: + type: array + description: Optional. The Topics of the Memory. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1MemoryTopicId' + scope: + description: >- + Required. Immutable. The scope of the Memory. Memories are isolated + within their scope. The scope is defined when creating or generating + memories. Scope values cannot contain the wildcard character '*'. additionalProperties: type: string - datasetConfig: - description: Customizable dataset settings, used in the `model_garden_trainer`. + type: object + description: + type: string + description: Optional. Description of the Memory. + revisionLabels: + description: >- + Optional. Input only. The labels to apply to the Memory Revision + created as a result of this request. type: object additionalProperties: type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageClassificationMetadata: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageClassificationMetadata + type: object + id: GoogleCloudAiplatformV1Memory + description: A memory. + GoogleCloudAiplatformV1TrajectoryExactMatchMetricValue: + description: TrajectoryExactMatch metric value for an instance. + id: GoogleCloudAiplatformV1TrajectoryExactMatchMetricValue type: object properties: - costMilliNodeHours: - description: >- - The actual training cost of creating this model, expressed in milli - node hours, i.e. 1,000 value in this field means 1 node hour. - Guaranteed to not exceed inputs.budgetMilliNodeHours. + score: + type: number + format: float + readOnly: true + description: Output only. TrajectoryExactMatch score. + GoogleCloudAiplatformV1UpdateFeatureViewOperationMetadata: + type: object + properties: + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Operation metadata for FeatureView Update. + id: GoogleCloudAiplatformV1UpdateFeatureViewOperationMetadata + description: Details of operations that perform update FeatureView. + GoogleCloudAiplatformV1ModelDeploymentMonitoringObjectiveConfig: + properties: + deployedModelId: type: string - format: int64 - successfulStopReason: + description: The DeployedModel ID of the objective config. + objectiveConfig: description: >- - For successful job completions, this is the reason why the job has - finished. - type: string - enumDescriptions: - - Should not be set. - - The inputs.budgetMilliNodeHours had been reached. - - >- - Further training of the Model ceased to increase its quality, - since it already has converged. - enum: - - SUCCESSFUL_STOP_REASON_UNSPECIFIED - - BUDGET_REACHED - - MODEL_CONVERGED - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageObjectDetection: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageObjectDetection + The objective config of for the modelmonitoring job of this deployed + model. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringObjectiveConfig + type: object + id: GoogleCloudAiplatformV1ModelDeploymentMonitoringObjectiveConfig description: >- - A TrainingJob that trains and uploads an AutoML Image Object Detection - Model. + ModelDeploymentMonitoringObjectiveConfig contains the pair of + deployed_model_id to ModelMonitoringObjectiveConfig. + GoogleCloudAiplatformV1DirectPredictResponse: + description: Response message for PredictionService.DirectPredict. type: object properties: - inputs: - description: The input parameters of this TrainingJob. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageObjectDetectionInputs - metadata: - description: The metadata information - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageObjectDetectionMetadata - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageObjectDetectionInputs: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageObjectDetectionInputs - type: object + outputs: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' + description: The prediction output. + parameters: + description: The parameters that govern the prediction. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' + id: GoogleCloudAiplatformV1DirectPredictResponse + GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfig: properties: - modelType: - type: string - enumDescriptions: - - Should not be set. - - >- - A model best tailored to be used within Google Cloud, and which - cannot be exported. Expected to have a higher latency, but should - also have a higher prediction quality than other cloud models. - - >- - A model best tailored to be used within Google Cloud, and which - cannot be exported. Expected to have a low latency, but may have - lower prediction quality than other cloud models. - - >- - A model best tailored to be used within Google Cloud, and which - cannot be exported. Compared to the CLOUD_HIGH_ACCURACY_1 and - CLOUD_LOW_LATENCY_1 models above, it is expected to have higher - prediction quality and lower latency. - - >- - A model that, in addition to being available within Google Cloud - can also be exported (see ModelService.ExportModel) and used on a - mobile or edge device with TensorFlow afterwards. Expected to have - low latency, but may have lower prediction quality than other - mobile models. - - >- - A model that, in addition to being available within Google Cloud - can also be exported (see ModelService.ExportModel) and used on a - mobile or edge device with TensorFlow afterwards. - - >- - A model that, in addition to being available within Google Cloud, - can also be exported (see ModelService.ExportModel) and used on a - mobile or edge device with TensorFlow afterwards. Expected to have - a higher latency, but should also have a higher prediction quality - than other mobile models. - - >- - A model best tailored to be used within Google Cloud, and which - cannot be exported. Expected to best support predictions in - streaming with lower latency and lower prediction quality than - other cloud models. - - >- - SpineNet for Model Garden training with customizable - hyperparameters. Best tailored to be used within Google Cloud, and - cannot be exported externally. - - >- - YOLO for Model Garden training with customizable hyperparameters. - Best tailored to be used within Google Cloud, and cannot be - exported externally. - enum: - - MODEL_TYPE_UNSPECIFIED - - CLOUD_HIGH_ACCURACY_1 - - CLOUD_LOW_LATENCY_1 - - CLOUD_1 - - MOBILE_TF_LOW_LATENCY_1 - - MOBILE_TF_VERSATILE_1 - - MOBILE_TF_HIGH_ACCURACY_1 - - CLOUD_STREAMING_1 - - SPINENET - - YOLO - budgetMilliNodeHours: - description: >- - The training budget of creating this model, expressed in milli node - hours i.e. 1,000 value in this field means 1 node hour. The actual - metadata.costMilliNodeHours will be equal or less than this value. - If further model training ceases to provide any improvements, it - will stop without using the full budget and the - metadata.successfulStopReason will be `model-converged`. Note, - node_hour = actual_hour * number_of_nodes_involved. For modelType - `cloud`(default), the budget must be between 20,000 and 900,000 - milli node hours, inclusive. The default value is 216,000 which - represents one day in wall time, considering 9 nodes are used. For - model types `mobile-tf-low-latency-1`, `mobile-tf-versatile-1`, - `mobile-tf-high-accuracy-1` the training budget must be between - 1,000 and 100,000 milli node hours, inclusive. The default value is - 24,000 which represents one day in wall time on a single node that - is used. - type: string - format: int64 - disableEarlyStopping: - description: >- - Use the entire training budget. This disables the early stopping - feature. When false the early stopping feature is enabled, which - means that AutoML Image Object Detection might stop training before - the entire training budget has been used. + enableFeatureAttributes: type: boolean - uptrainBaseModelId: description: >- - The ID of `base` model for upTraining. If it is specified, the new - model will be upTrained based on the `base` model for upTraining. - Otherwise, the new model will be trained from scratch. The `base` - model for upTraining must be in the same Project and Location as the - new Model to train, and have the same modelType. - type: string - tunableParameter: - description: Trainer type for Vision TrainRequest. + If want to analyze the Vertex Explainable AI feature attribute + scores or not. If set to true, Vertex AI will log the feature + attributions from explain response and do the skew/drift detection + for them. + explanationBaseline: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutomlImageTrainingTunableParameter - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageObjectDetectionMetadata: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageObjectDetectionMetadata + #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaseline + description: >- + Predictions generated by the BatchPredictionJob using baseline + dataset. + description: >- + The config for integrating with Vertex Explainable AI. Only applicable + if the Model has explanation_spec populated. + id: GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfig + type: object + GoogleCloudAiplatformV1SecretRef: type: object + id: GoogleCloudAiplatformV1SecretRef + description: >- + Reference to a secret stored in the Cloud Secret Manager that will + provide the value for this environment variable. properties: - costMilliNodeHours: + version: description: >- - The actual training cost of creating this model, expressed in milli - node hours, i.e. 1,000 value in this field means 1 node hour. - Guaranteed to not exceed inputs.budgetMilliNodeHours. + The Cloud Secret Manager secret version. Can be 'latest' for the + latest version, an integer for a specific version, or a version + alias. type: string - format: int64 - successfulStopReason: + secret: description: >- - For successful job completions, this is the reason why the job has - finished. + Required. The name of the secret in Cloud Secret Manager. Format: + {secret_name}. type: string - enumDescriptions: - - Should not be set. - - The inputs.budgetMilliNodeHours had been reached. - - >- - Further training of the Model ceased to increase its quality, - since it already has converged. - enum: - - SUCCESSFUL_STOP_REASON_UNSPECIFIED - - BUDGET_REACHED - - MODEL_CONVERGED - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageSegmentation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageSegmentation - description: >- - A TrainingJob that trains and uploads an AutoML Image Segmentation - Model. - type: object - properties: - inputs: - description: The input parameters of this TrainingJob. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageSegmentationInputs - metadata: - description: The metadata information. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageSegmentationMetadata - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageSegmentationInputs: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageSegmentationInputs - type: object + GoogleCloudAiplatformV1SchemaVideoClassificationAnnotation: properties: - modelType: + displayName: type: string - enumDescriptions: - - Should not be set. - - >- - A model to be used via prediction calls to uCAIP API. Expected to - have a higher latency, but should also have a higher prediction - quality than other models. - - >- - A model to be used via prediction calls to uCAIP API. Expected to - have a lower latency but relatively lower prediction quality. - - >- - A model that, in addition to being available within Google Cloud, - can also be exported (see ModelService.ExportModel) as TensorFlow - model and used on a mobile or edge device afterwards. Expected to - have low latency, but may have lower prediction quality than other - mobile models. - enum: - - MODEL_TYPE_UNSPECIFIED - - CLOUD_HIGH_ACCURACY_1 - - CLOUD_LOW_ACCURACY_1 - - MOBILE_TF_LOW_LATENCY_1 - budgetMilliNodeHours: description: >- - The training budget of creating this model, expressed in milli node - hours i.e. 1,000 value in this field means 1 node hour. The actual - metadata.costMilliNodeHours will be equal or less than this value. - If further model training ceases to provide any improvements, it - will stop without using the full budget and the - metadata.successfulStopReason will be `model-converged`. Note, - node_hour = actual_hour * number_of_nodes_involved. Or - actual_wall_clock_hours = train_budget_milli_node_hours / - (number_of_nodes_involved * 1000) For modelType - `cloud-high-accuracy-1`(default), the budget must be between 20,000 - and 2,000,000 milli node hours, inclusive. The default value is - 192,000 which represents one day in wall time (1000 milli * 24 hours - * 8 nodes). - type: string - format: int64 - baseModelId: + The display name of the AnnotationSpec that this Annotation pertains + to. + timeSegment: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SchemaTimeSegment' description: >- - The ID of the `base` model. If it is specified, the new model will - be trained based on the `base` model. Otherwise, the new model will - be trained from scratch. The `base` model must be in the same - Project and Location as the new Model to train, and have the same - modelType. + This Annotation applies to the time period represented by the + TimeSegment. If it's not set, the Annotation applies to the whole + video. + annotationSpecId: type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageSegmentationMetadata: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlImageSegmentationMetadata + description: >- + The resource Id of the AnnotationSpec that this Annotation pertains + to. + id: GoogleCloudAiplatformV1SchemaVideoClassificationAnnotation + type: object + description: Annotation details specific to video classification. + GoogleCloudAiplatformV1SummarizationVerbosityInstance: type: object + description: Spec for summarization verbosity instance. + id: GoogleCloudAiplatformV1SummarizationVerbosityInstance properties: - costMilliNodeHours: - description: >- - The actual training cost of creating this model, expressed in milli - node hours, i.e. 1,000 value in this field means 1 node hour. - Guaranteed to not exceed inputs.budgetMilliNodeHours. + reference: type: string - format: int64 - successfulStopReason: - description: >- - For successful job completions, this is the reason why the job has - finished. + description: Optional. Ground truth used to compare against the prediction. + instruction: type: string - enumDescriptions: - - Should not be set. - - The inputs.budgetMilliNodeHours had been reached. - - >- - Further training of the Model ceased to increase its quality, - since it already has converged. - enum: - - SUCCESSFUL_STOP_REASON_UNSPECIFIED - - BUDGET_REACHED - - MODEL_CONVERGED - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTables: - id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTables - description: A TrainingJob that trains and uploads an AutoML Tables Model. - type: object + description: Optional. Summarization prompt for LLM. + prediction: + type: string + description: Required. Output of the evaluated model. + context: + type: string + description: Required. Text to be summarized. + GoogleCloudAiplatformV1TrajectorySingleToolUseMetricValue: + description: TrajectorySingleToolUse metric value for an instance. + id: GoogleCloudAiplatformV1TrajectorySingleToolUseMetricValue properties: - inputs: - description: The input parameters of this TrainingJob. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputs - metadata: - description: The metadata information. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesMetadata - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputs: - id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputs + score: + format: float + type: number + description: Output only. TrajectorySingleToolUse score. + readOnly: true + type: object + GoogleCloudAiplatformV1FeatureView: type: object properties: - optimizationObjectiveRecallValue: - description: >- - Required when optimization_objective is - "maximize-precision-at-recall". Must be between 0 and 1, inclusive. - type: number - format: float - optimizationObjectivePrecisionValue: + labels: description: >- - Required when optimization_objective is - "maximize-recall-at-precision". Must be between 0 and 1, inclusive. - type: number - format: float - predictionType: + Optional. The labels with user-defined metadata to organize your + FeatureViews. Label keys and values can be no longer than 64 + characters (Unicode codepoints), can only contain lowercase letters, + numeric characters, underscores and dashes. International characters + are allowed. See https://goo.gl/xmQnxf for more information on and + examples of labels. No more than 64 user labels can be associated + with one FeatureOnlineStore(System labels are excluded)." System + reserved label keys are prefixed with "aiplatform.googleapis.com/" + and are immutable. + additionalProperties: + type: string + type: object + satisfiesPzi: + type: boolean + description: Output only. Reserved for future use. + readOnly: true + vertexRagSource: + description: Optional. The Vertex RAG Source that the FeatureView is linked to. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureViewVertexRagSource + etag: description: >- - The type of prediction the Model is to produce. "classification" - - Predict one out of multiple target values is picked for each row. - "regression" - Predict a value based on its relation to other - values. This type is available only to columns that contain - semantically numeric values, i.e. integers or floating point number, - even if stored as e.g. strings. + Optional. Used to perform consistent read-modify-write updates. If + not set, a blind "overwrite" update happens. type: string - targetColumn: - description: The column name of the target column that the model is to predict. + indexConfig: + description: >- + Optional. Configuration for index preparation for vector search. It + contains the required configurations to create an index from source + data, so that approximate nearest neighbor (a.k.a ANN) algorithms + search can be performed during online serving. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureViewIndexConfig' + createTime: + format: google-datetime + readOnly: true + description: Output only. Timestamp when this FeatureView was created. type: string - transformations: + syncConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureViewSyncConfig' description: >- - Each transformation will apply transform function to given input - column. And the result will be used for training. When creating - transformation for BigQuery Struct column, the column should be - flattened using "." as the delimiter. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformation - optimizationObjective: + Configures when data is to be synced/updated for this FeatureView. + At the end of the sync the latest featureValues for each entityId of + this FeatureView are made ready for online serving. + featureRegistrySource: description: >- - Objective function the model is optimizing towards. The training - process creates a model that maximizes/minimizes the value of the - objective function over the validation set. The supported - optimization objectives depend on the prediction type. If the field - is not set, a default objective function is used. classification - (binary): "maximize-au-roc" (default) - Maximize the area under the - receiver operating characteristic (ROC) curve. "minimize-log-loss" - - Minimize log loss. "maximize-au-prc" - Maximize the area under the - precision-recall curve. "maximize-precision-at-recall" - Maximize - precision for a specified recall value. - "maximize-recall-at-precision" - Maximize recall for a specified - precision value. classification (multi-class): "minimize-log-loss" - (default) - Minimize log loss. regression: "minimize-rmse" (default) - - Minimize root-mean-squared error (RMSE). "minimize-mae" - Minimize - mean-absolute error (MAE). "minimize-rmsle" - Minimize - root-mean-squared log error (RMSLE). + Optional. Configures the features from a Feature Registry source + that need to be loaded onto the FeatureOnlineStore. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureViewFeatureRegistrySource + serviceAccountEmail: + description: >- + Output only. A Service Account unique to this FeatureView. The role + bigquery.dataViewer should be granted to this service account to + allow Vertex AI Feature Store to sync data to the online store. type: string - trainBudgetMilliNodeHours: + readOnly: true + bigQuerySource: description: >- - Required. The train budget of creating this model, expressed in - milli node hours i.e. 1,000 value in this field means 1 node hour. - The training cost of the model will not exceed this budget. The - final cost will be attempted to be close to the budget, though may - end up being (even) noticeably smaller - at the backend's - discretion. This especially may happen when further model training - ceases to provide any improvements. If the budget is set to a value - known to be insufficient to train a model for the given dataset, the - training won't be attempted and will error. The train budget must be - between 1,000 and 72,000 milli node hours, inclusive. + Optional. Configures how data is supposed to be extracted from a + BigQuery source to be loaded onto the FeatureOnlineStore. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureViewBigQuerySource + updateTime: + readOnly: true type: string - format: int64 - disableEarlyStopping: + description: Output only. Timestamp when this FeatureView was last updated. + format: google-datetime + optimizedConfig: description: >- - Use the entire training budget. This disables the early stopping - feature. By default, the early stopping feature is enabled, which - means that AutoML Tables might stop training before the entire - training budget has been used. + Optional. Configuration for FeatureView created under Optimized + FeatureOnlineStore. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureViewOptimizedConfig + satisfiesPzs: + readOnly: true + description: Output only. Reserved for future use. type: boolean - weightColumnName: + name: + type: string description: >- - Column name that should be used as the weight column. Higher values - in this column give more importance to the row during model - training. The column must have numeric values between 0 and 10000 - inclusively; 0 means the row is ignored for training. If weight - column field is not set, then all rows are assumed to have equal - weight of 1. + Identifier. Name of the FeatureView. Format: + `projects/{project}/locations/{location}/featureOnlineStores/{feature_online_store}/featureViews/{feature_view}` + serviceAgentType: + enumDescriptions: + - By default, the project-level Vertex AI Service Agent is enabled. + - >- + Indicates the project-level Vertex AI Service Agent + (https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) + will be used during sync jobs. + - >- + Enable a FeatureView service account to be created by Vertex AI + and output in the field `service_account_email`. This service + account will be used to read from the source BigQuery table during + sync. + enum: + - SERVICE_AGENT_TYPE_UNSPECIFIED + - SERVICE_AGENT_TYPE_PROJECT + - SERVICE_AGENT_TYPE_FEATURE_VIEW type: string - exportEvaluatedDataItemsConfig: description: >- - Configuration for exporting test set predictions to a BigQuery - table. If this configuration is absent, then the export is not - performed. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionExportEvaluatedDataItemsConfig - additionalExperiments: - description: Additional experiment flags for the Tables training pipeline. - type: array - items: - type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformation - type: object - properties: - auto: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationAutoTransformation - numeric: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationNumericTransformation - categorical: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationCategoricalTransformation - timestamp: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTimestampTransformation - text: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTextTransformation - repeatedNumeric: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationNumericArrayTransformation - repeatedCategorical: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationCategoricalArrayTransformation - repeatedText: + Optional. Service agent type used during data sync. By default, the + Vertex AI Service Agent is used. When using an IAM Policy to isolate + this FeatureView within a project, a separate service account should + be provisioned by setting this field to + `SERVICE_AGENT_TYPE_FEATURE_VIEW`. This will generate a separate + service account to access the BigQuery source table. + bigtableMetadata: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTextArrayTransformation - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationAutoTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationAutoTransformation + #/components/schemas/GoogleCloudAiplatformV1FeatureViewBigtableMetadata + description: >- + Output only. Metadata containing information about the Cloud + Bigtable. + readOnly: true + id: GoogleCloudAiplatformV1FeatureView description: >- - Training pipeline will infer the proper transformation based on the - statistic of dataset. + FeatureView is representation of values that the FeatureOnlineStore will + serve based on its syncConfig. + GoogleCloudAiplatformV1SearchMigratableResourcesRequest: type: object + id: GoogleCloudAiplatformV1SearchMigratableResourcesRequest + description: Request message for MigrationService.SearchMigratableResources. properties: - columnName: + pageToken: type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationNumericTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationNumericTransformation - description: >- - Training pipeline will perform following transformation functions. * The - value converted to float32. * The z_score of the value. * log(value+1) - when the value is greater than or equal to 0. Otherwise, this - transformation is not applied and the value is considered a missing - value. * z_score of log(value+1) when the value is greater than or equal - to 0. Otherwise, this transformation is not applied and the value is - considered a missing value. * A boolean value that indicates whether the - value is valid. + description: The standard page token. + filter: + description: >- + A filter for your search. You can use the following types of + filters: * Resource type filters. The following strings filter for a + specific type of MigratableResource: * `ml_engine_model_version:*` * + `automl_model:*` * `automl_dataset:*` * `data_labeling_dataset:*` * + "Migrated or not" filters. The following strings filter for + resources that either have or have not already been migrated: * + `last_migrate_time:*` filters for migrated resources. * `NOT + last_migrate_time:*` filters for not yet migrated resources. + type: string + pageSize: + type: integer + format: int32 + description: The standard page size. The default and maximum value is 100. + GoogleCloudAiplatformV1SchemaModelevaluationMetricsPairwiseTextGenerationEvaluationMetrics: + description: Metrics for general pairwise text generation evaluation results. type: object + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsPairwiseTextGenerationEvaluationMetrics properties: - columnName: + falseNegativeCount: + format: int64 type: string - invalidValuesAllowed: description: >- - If invalid values is allowed, the training pipeline will create a - boolean feature that indicated whether the value is valid. - Otherwise, the training pipeline will discard the input row from - trainining data. - type: boolean - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationCategoricalTransformation: + Number of examples where the autorater chose the baseline model, but + humans preferred the model. + f1Score: + format: float + type: number + description: Harmonic mean of precision and recall. + falsePositiveCount: + description: >- + Number of examples where the autorater chose the model, but humans + preferred the baseline model. + type: string + format: int64 + accuracy: + description: Fraction of cases where the autorater agreed with the human raters. + type: number + format: float + truePositiveCount: + description: >- + Number of examples where both the autorater and humans decided that + the model had the better response. + type: string + format: int64 + humanPreferenceModelWinRate: + type: number + description: Percentage of time humans decided the model had the better response. + format: float + recall: + type: number + description: >- + Fraction of cases where the autorater and humans thought the model + had a better response out of all cases where the humans thought the + model had a better response. + format: float + cohensKappa: + type: number + format: float + description: >- + A measurement of agreement between the autorater and human raters + that takes the likelihood of random agreement into account. + modelWinRate: + format: float + description: >- + Percentage of time the autorater decided the model had the better + response. + type: number + baselineModelWinRate: + format: float + description: >- + Percentage of time the autorater decided the baseline model had the + better response. + type: number + trueNegativeCount: + format: int64 + type: string + description: >- + Number of examples where both the autorater and humans decided that + the model had the worse response. + precision: + description: >- + Fraction of cases where the autorater and humans thought the model + had a better response out of all cases where the autorater thought + the model had a better response. True positive divided by all + positive. + format: float + type: number + humanPreferenceBaselineModelWinRate: + format: float + type: number + description: >- + Percentage of time humans decided the baseline model had the better + response. + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationCategoricalTransformation: id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationCategoricalTransformation + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationCategoricalTransformation description: >- Training pipeline will perform following transformation functions. * The categorical string as is--no change to case, punctuation, spelling, @@ -27733,191 +27088,146 @@ components: properties: columnName: type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTimestampTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTimestampTransformation - description: >- - Training pipeline will perform following transformation functions. * - Apply the transformation functions for Numerical columns. * Determine - the year, month, day,and weekday. Treat each value from the * timestamp - as a Categorical column. * Invalid numerical values (for example, values - that fall outside of a typical timestamp range, or are extreme values) - receive no special treatment and are not removed. + GoogleCloudAiplatformV1UpgradeNotebookRuntimeRequest: + id: GoogleCloudAiplatformV1UpgradeNotebookRuntimeRequest type: object + properties: {} + description: Request message for NotebookService.UpgradeNotebookRuntime. + GoogleCloudAiplatformV1RetrieveMemoriesResponse: properties: - columnName: - type: string - timeFormat: + retrievedMemories: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RetrieveMemoriesResponseRetrievedMemory + type: array + description: The retrieved memories. + nextPageToken: description: >- - The format in which that time field is expressed. The time_format - must either be one of: * `unix-seconds` * `unix-milliseconds` * - `unix-microseconds` * `unix-nanoseconds` (for respectively number of - seconds, milliseconds, microseconds and nanoseconds since start of - the Unix epoch); or be written in `strftime` syntax. If time_format - is not set, then the default format is RFC 3339 `date-time` format, - where `time-offset` = `"Z"` (e.g. 1985-04-12T23:20:50.52Z) + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. This token + is not set if similarity search was used for retrieval. type: string - invalidValuesAllowed: - description: >- - If invalid values is allowed, the training pipeline will create a - boolean feature that indicated whether the value is valid. - Otherwise, the training pipeline will discard the input row from - trainining data. - type: boolean - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTextTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTextTransformation - description: >- - Training pipeline will perform following transformation functions. * The - text as is--no change to case, punctuation, spelling, tense, and so on. - * Tokenize text to words. Convert each words to a dictionary lookup - index and generate an embedding for each index. Combine the embedding of - all elements into a single embedding using the mean. * Tokenization is - based on unicode script boundaries. * Missing values get their own - lookup index and resulting embedding. * Stop-words receive no special - treatment and are not removed. + id: GoogleCloudAiplatformV1RetrieveMemoriesResponse type: object - properties: - columnName: - type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationNumericArrayTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationNumericArrayTransformation - description: >- - Treats the column as numerical array and performs following - transformation functions. * All transformations for Numerical types - applied to the average of the all elements. * The average of empty - arrays is treated as zero. + description: Response message for MemoryBankService.RetrieveMemories. + GoogleCloudAiplatformV1ExportFractionSplit: type: object properties: - columnName: - type: string - invalidValuesAllowed: + testFraction: + type: number description: >- - If invalid values is allowed, the training pipeline will create a - boolean feature that indicated whether the value is valid. - Otherwise, the training pipeline will discard the input row from - trainining data. - type: boolean - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationCategoricalArrayTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationCategoricalArrayTransformation - description: >- - Treats the column as categorical array and performs following - transformation functions. * For each element in the array, convert the - category name to a dictionary lookup index and generate an embedding for - each index. Combine the embedding of all elements into a single - embedding using the mean. * Empty arrays treated as an embedding of - zeroes. - type: object - properties: - columnName: - type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTextArrayTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesInputsTransformationTextArrayTransformation + The fraction of the input data that is to be used to evaluate the + Model. + format: double + validationFraction: + type: number + description: >- + The fraction of the input data that is to be used to validate the + Model. + format: double + trainingFraction: + type: number + description: >- + The fraction of the input data that is to be used to train the + Model. + format: double + id: GoogleCloudAiplatformV1ExportFractionSplit description: >- - Treats the column as text array and performs following transformation - functions. * Concatenate all text values in the array into a single text - value using a space (" ") as a delimiter, and then treat the result as a - single text value. Apply the transformations for Text columns. * Empty - arrays treated as an empty text. + Assigns the input data to training, validation, and test sets as per the + given fractions. Any of `training_fraction`, `validation_fraction` and + `test_fraction` may optionally be provided, they must sum to up to 1. If + the provided ones sum to less than 1, the remainder is assigned to sets + as decided by Vertex AI. If none of the fractions are set, by default + roughly 80% of data is used for training, 10% for validation, and 10% + for test. + GoogleCloudAiplatformV1DatasetDistribution: + id: GoogleCloudAiplatformV1DatasetDistribution type: object properties: - columnName: - type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesMetadata: - id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTablesMetadata - description: Model metadata specific to AutoML Tables. + p5: + format: double + description: Output only. The 5th percentile of the values in the population. + readOnly: true + type: number + buckets: + readOnly: true + type: array + description: Output only. Defines the histogram bucket. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1DatasetDistributionDistributionBucket + min: + format: double + type: number + readOnly: true + description: Output only. The minimum of the population values. + median: + format: double + readOnly: true + description: Output only. The median of the values in the population. + type: number + max: + description: Output only. The maximum of the population values. + readOnly: true + type: number + format: double + mean: + readOnly: true + description: Output only. The arithmetic mean of the values in the population. + format: double + type: number + p95: + description: Output only. The 95th percentile of the values in the population. + readOnly: true + format: double + type: number + sum: + description: Output only. Sum of a given population of values. + readOnly: true + type: number + format: double + description: Distribution computed over a tuning dataset. + GoogleCloudAiplatformV1ListCachedContentsResponse: type: object + description: Response with a list of CachedContents. properties: - trainCostMilliNodeHours: + cachedContents: + description: List of cached contents. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CachedContent' + type: array + nextPageToken: description: >- - Output only. The actual training cost of the model, expressed in - milli node hours, i.e. 1,000 value in this field means 1 node hour. - Guaranteed to not exceed the train budget. - type: string - format: int64 - evaluatedDataItemsBigqueryUri: - description: BigQuery destination uri for exported evaluated examples. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextClassification: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextClassification - description: >- - A TrainingJob that trains and uploads an AutoML Text Classification - Model. - type: object - properties: - inputs: - description: The input parameters of this TrainingJob. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextClassificationInputs - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextClassificationInputs: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextClassificationInputs - type: object - properties: - multiLabel: - type: boolean - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextExtraction: - id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextExtraction - description: A TrainingJob that trains and uploads an AutoML Text Extraction Model. - type: object - properties: - inputs: - description: The input parameters of this TrainingJob. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextExtractionInputs - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextExtractionInputs: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextExtractionInputs - type: object - properties: {} - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextSentiment: - id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextSentiment - description: A TrainingJob that trains and uploads an AutoML Text Sentiment Model. - type: object - properties: - inputs: - description: The input parameters of this TrainingJob. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextSentimentInputs - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextSentimentInputs: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlTextSentimentInputs - type: object + id: GoogleCloudAiplatformV1ListCachedContentsResponse + GoogleCloudAiplatformV1SchemaVideoDatasetMetadata: + description: The metadata of Datasets that contain Video DataItems. properties: - sentimentMax: + dataItemSchemaUri: + type: string description: >- - A sentiment is expressed as an integer ordinal, where higher value - means a more positive sentiment. The range of sentiments that will - be used is between 0 and sentimentMax (inclusive on both ends), and - all the values in the range must be represented in the dataset - before a model can be created. Only the Annotations with this - sentimentMax will be used for training. sentimentMax value must be - between 1 and 10 (inclusive). - type: integer - format: int32 - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoActionRecognition: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoActionRecognition - description: >- - A TrainingJob that trains and uploads an AutoML Video Action Recognition - Model. - type: object - properties: - inputs: - description: The input parameters of this TrainingJob. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoActionRecognitionInputs - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoActionRecognitionInputs: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoActionRecognitionInputs + Points to a YAML file stored on Google Cloud Storage describing + payload of the Video DataItems that belong to this Dataset. + gcsBucket: + description: >- + Google Cloud Storage Bucket name that contains the blob data of this + Dataset. + type: string type: object + id: GoogleCloudAiplatformV1SchemaVideoDatasetMetadata + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoObjectTrackingInputs: properties: modelType: - type: string + enum: + - MODEL_TYPE_UNSPECIFIED + - CLOUD + - MOBILE_VERSATILE_1 + - MOBILE_CORAL_VERSATILE_1 + - MOBILE_CORAL_LOW_LATENCY_1 + - MOBILE_JETSON_VERSATILE_1 + - MOBILE_JETSON_LOW_LATENCY_1 enumDescriptions: - Should not be set. - >- @@ -27929,90 +27239,8 @@ components: TensorFlow or TensorFlow Lite model and used on a mobile or edge device afterwards. - >- - A model that, in addition to being available within Google Cloud, - can also be exported (see ModelService.ExportModel) to a Jetson - device afterwards. - - >- - A model that, in addition to being available within Google Cloud, - can also be exported (see ModelService.ExportModel) as a - TensorFlow or TensorFlow Lite model and used on a Coral device - afterwards. - enum: - - MODEL_TYPE_UNSPECIFIED - - CLOUD - - MOBILE_VERSATILE_1 - - MOBILE_JETSON_VERSATILE_1 - - MOBILE_CORAL_VERSATILE_1 - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoClassification: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoClassification - description: >- - A TrainingJob that trains and uploads an AutoML Video Classification - Model. - type: object - properties: - inputs: - description: The input parameters of this TrainingJob. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoClassificationInputs - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoClassificationInputs: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoClassificationInputs - type: object - properties: - modelType: - type: string - enumDescriptions: - - Should not be set. - - >- - A model best tailored to be used within Google Cloud, and which - cannot be exported. Default. - - >- - A model that, in addition to being available within Google Cloud, - can also be exported (see ModelService.ExportModel) as a - TensorFlow or TensorFlow Lite model and used on a mobile or edge - device afterwards. - - >- - A model that, in addition to being available within Google Cloud, - can also be exported (see ModelService.ExportModel) to a Jetson - device afterwards. - enum: - - MODEL_TYPE_UNSPECIFIED - - CLOUD - - MOBILE_VERSATILE_1 - - MOBILE_JETSON_VERSATILE_1 - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoObjectTracking: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoObjectTracking - description: >- - A TrainingJob that trains and uploads an AutoML Video ObjectTracking - Model. - type: object - properties: - inputs: - description: The input parameters of this TrainingJob. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoObjectTrackingInputs - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoObjectTrackingInputs: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoObjectTrackingInputs - type: object - properties: - modelType: - type: string - enumDescriptions: - - Should not be set. - - >- - A model best tailored to be used within Google Cloud, and which c - annot be exported. Default. - - >- - A model that, in addition to being available within Google Cloud, - can also be exported (see ModelService.ExportModel) as a - TensorFlow or TensorFlow Lite model and used on a mobile or edge - device afterwards. - - >- - A versatile model that is meant to be exported (see - ModelService.ExportModel) and used on a Google Coral device. + A versatile model that is meant to be exported (see + ModelService.ExportModel) and used on a Google Coral device. - >- A model that trades off quality for low latency, to be exported (see ModelService.ExportModel) and used on a Google Coral device. @@ -28023,3535 +27251,7803 @@ components: A model that trades off quality for low latency, to be exported (see ModelService.ExportModel) and used on an NVIDIA Jetson device. - enum: - - MODEL_TYPE_UNSPECIFIED - - CLOUD - - MOBILE_VERSATILE_1 - - MOBILE_CORAL_VERSATILE_1 - - MOBILE_CORAL_LOW_LATENCY_1 - - MOBILE_JETSON_VERSATILE_1 - - MOBILE_JETSON_LOW_LATENCY_1 - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionCustomTask: - id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionCustomTask - description: A TrainingJob that trains a custom code Model. - type: object - properties: - inputs: - description: The input parameters of this CustomTask. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJobSpec' - metadata: - description: The metadata information. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionCustomJobMetadata - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionCustomJobMetadata: - id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionCustomJobMetadata - type: object - properties: - backingCustomJob: - description: >- - The resource name of the CustomJob that has been created to carry - out this custom task. type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHyperparameterTuningTask: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHyperparameterTuningTask - description: A TrainingJob that tunes Hypererparameters of a custom code Model. type: object + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoObjectTrackingInputs + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformation: properties: - inputs: - description: The input parameters of this HyperparameterTuningTask. + categorical: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHyperparameterTuningJobSpec - metadata: - description: The metadata information. + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationCategoricalTransformation + text: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHyperparameterTuningJobMetadata - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHyperparameterTuningJobSpec: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHyperparameterTuningJobSpec - type: object - properties: - studySpec: - description: Study configuration of the HyperparameterTuningJob. - $ref: '#/components/schemas/GoogleCloudAiplatformV1StudySpec' - trialJobSpec: - description: >- - The spec of a trial job. The same spec applies to the CustomJobs - created in all the trials. - $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJobSpec' - maxTrialCount: - description: The desired total number of Trials. - type: integer - format: int32 - parallelTrialCount: - description: The desired number of Trials to run in parallel. - type: integer - format: int32 - maxFailedTrialCount: - description: >- - The number of failed Trials that need to be seen before failing the - HyperparameterTuningJob. If set to 0, Vertex AI decides how many - Trials must fail before the whole job fails. - type: integer - format: int32 - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHyperparameterTuningJobMetadata: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHyperparameterTuningJobMetadata - type: object - properties: - backingHyperparameterTuningJob: - description: >- - The resource name of the HyperparameterTuningJob that has been - created to carry out this HyperparameterTuning task. - type: string - bestTrialBackingCustomJob: - description: >- - The resource name of the CustomJob that has been created to run the - best Trial of this HyperparameterTuning task. - type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecasting: - id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecasting - description: A TrainingJob that trains and uploads an AutoML Forecasting Model. - type: object - properties: - inputs: - description: The input parameters of this TrainingJob. + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationTextTransformation + auto: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputs - metadata: - description: The metadata information. + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationAutoTransformation + timestamp: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingMetadata - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputs: + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationTimestampTransformation + numeric: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationNumericTransformation id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputs + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformation type: object + GoogleCloudAiplatformV1SchemaPredictPredictionTftFeatureImportance: properties: - targetColumn: - description: >- - The name of the column that the Model is to predict values for. This - column must be unavailable at forecast. - type: string - timeSeriesIdentifierColumn: - description: The name of the column that identifies the time series. - type: string - timeColumn: - description: >- - The name of the column that identifies time order in the time - series. This column must be available at forecast. - type: string - transformations: - description: >- - Each transformation will apply transform function to given input - column. And the result will be used for training. When creating - transformation for BigQuery Struct column, the column should be - flattened using "." as the delimiter. - type: array + contextWeights: items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformation - optimizationObjective: - description: >- - Objective function the model is optimizing towards. The training - process creates a model that optimizes the value of the objective - function over the validation set. The supported optimization - objectives: * "minimize-rmse" (default) - Minimize root-mean-squared - error (RMSE). * "minimize-mae" - Minimize mean-absolute error (MAE). - * "minimize-rmsle" - Minimize root-mean-squared log error (RMSLE). * - "minimize-rmspe" - Minimize root-mean-squared percentage error - (RMSPE). * "minimize-wape-mae" - Minimize the combination of - weighted absolute percentage error (WAPE) and mean-absolute-error - (MAE). * "minimize-quantile-loss" - Minimize the quantile loss at - the quantiles defined in `quantiles`. * "minimize-mape" - Minimize - the mean absolute percentage error. - type: string - trainBudgetMilliNodeHours: - description: >- - Required. The train budget of creating this model, expressed in - milli node hours i.e. 1,000 value in this field means 1 node hour. - The training cost of the model will not exceed this budget. The - final cost will be attempted to be close to the budget, though may - end up being (even) noticeably smaller - at the backend's - discretion. This especially may happen when further model training - ceases to provide any improvements. If the budget is set to a value - known to be insufficient to train a model for the given dataset, the - training won't be attempted and will error. The train budget must be - between 1,000 and 72,000 milli node hours, inclusive. - type: string - format: int64 - weightColumn: - description: >- - Column name that should be used as the weight column. Higher values - in this column give more importance to the row during model - training. The column must have numeric values between 0 and 10000 - inclusively; 0 means the row is ignored for training. If weight - column field is not set, then all rows are assumed to have equal - weight of 1. This column must be available at forecast. - type: string - timeSeriesAttributeColumns: + format: float + type: number description: >- - Column names that should be used as attribute columns. The value of - these columns does not vary as a function of time. For example, - store ID or item color. + TFT feature importance values. Each pair for + {context/horizon/attribute} should have the same shape since the + weight corresponds to the column names. type: array + contextColumns: items: type: string - unavailableAtForecastColumns: - description: >- - Names of columns that are unavailable when a forecast is requested. - This column contains information for the given entity (identified by - the time_series_identifier_column) that is unknown before the - forecast For example, actual weather on a given day. type: array + horizonWeights: items: - type: string - availableAtForecastColumns: - description: >- - Names of columns that are available and provided when a forecast is - requested. These columns contain information for the given entity - (identified by the time_series_identifier_column column) that is - known at forecast. For example, predicted weather for a specific - day. + type: number + format: float + type: array + attributeColumns: type: array items: type: string - dataGranularity: - description: Expected difference in time granularity between rows in the data. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsGranularity - forecastHorizon: - description: >- - The amount of time into the future for which forecasted values for - the target are returned. Expressed in number of units defined by the - `data_granularity` field. - type: string - format: int64 - contextWindow: - description: >- - The amount of time into the past training and prediction data is - used for model training and prediction respectively. Expressed in - number of units defined by the `data_granularity` field. - type: string - format: int64 - holidayRegions: - description: >- - The geographical region based on which the holiday effect is applied - in modeling by adding holiday categorical array feature that include - all holidays matching the date. This option only allowed when - data_granularity is day. By default, holiday effect modeling is - disabled. To turn it on, specify the holiday region using this - option. - type: array + horizonColumns: items: type: string - exportEvaluatedDataItemsConfig: - description: >- - Configuration for exporting test set predictions to a BigQuery - table. If this configuration is absent, then the export is not - performed. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionExportEvaluatedDataItemsConfig - windowConfig: - description: Config containing strategy for generating sliding windows. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionWindowConfig - quantiles: - description: >- - Quantiles to use for minimize-quantile-loss - `optimization_objective`. Up to 5 quantiles are allowed of values - between 0 and 1, exclusive. Required if the value of - optimization_objective is minimize-quantile-loss. Represents the - percent quantiles to use for that objective. Quantiles must be - unique. type: array + attributeWeights: items: + format: float type: number - format: double - validationOptions: - description: >- - Validation options for the data validation component. The available - options are: * "fail-pipeline" - default, will validate against the - validation and fail the pipeline if it fails. * "ignore-validation" - - ignore the results of the validation and continue - type: string - additionalExperiments: - description: Additional experiment flags for the time series forcasting training. type: array + type: object + id: GoogleCloudAiplatformV1SchemaPredictPredictionTftFeatureImportance + GoogleCloudAiplatformV1RemoveContextChildrenRequest: + type: object + description: Request message for MetadataService.DeleteContextChildrenRequest. + id: GoogleCloudAiplatformV1RemoveContextChildrenRequest + properties: + childContexts: items: type: string - hierarchyConfig: + description: The resource names of the child Contexts. + type: array + GoogleCloudAiplatformV1SchemaModelevaluationMetricsBoundingBoxMetrics: + description: >- + Bounding box matching model metrics for a single intersection-over-union + threshold and multiple label match confidence thresholds. + id: GoogleCloudAiplatformV1SchemaModelevaluationMetricsBoundingBoxMetrics + type: object + properties: + meanAveragePrecision: + format: float + description: The mean average precision, most often close to `auPrc`. + type: number + confidenceMetrics: + type: array description: >- - Configuration that defines the hierarchical relationship of time - series and parameters for hierarchical forecasting strategies. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHierarchyConfig - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformation + Metrics for each label-match confidence_threshold from + 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99. Precision-recall curve is + derived from them. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsBoundingBoxMetricsConfidenceMetrics + iouThreshold: + format: float + type: number + description: >- + The intersection-over-union threshold value used to compute this + metrics entry. + GoogleCloudAiplatformV1CorpusStatus: + description: RagCorpus status. + id: GoogleCloudAiplatformV1CorpusStatus + properties: + state: + enum: + - UNKNOWN + - INITIALIZED + - ACTIVE + - ERROR + type: string + description: Output only. RagCorpus life state. + enumDescriptions: + - This state is not supposed to happen. + - >- + RagCorpus resource entry is initialized, but hasn't done + validation. + - RagCorpus is provisioned successfully and is ready to serve. + - >- + RagCorpus is in a problematic situation. See `error_message` field + for details. + readOnly: true + errorStatus: + type: string + description: Output only. Only when the `state` field is ERROR. + readOnly: true type: object + GoogleCloudAiplatformV1SchemaModelevaluationMetricsClassificationEvaluationMetrics: + description: Metrics for classification evaluation results. properties: - auto: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationAutoTransformation - numeric: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationNumericTransformation - categorical: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationCategoricalTransformation - timestamp: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationTimestampTransformation - text: + confidenceMetrics: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsClassificationEvaluationMetricsConfidenceMetrics + description: >- + Metrics for each `confidenceThreshold` in + 0.00,0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 and `positionThreshold` + = INT32_MAX_VALUE. ROC and precision-recall curves, and other + aggregated metrics are derived from them. The confidence metrics + entries may also be supplied for additional values of + `positionThreshold`, but from these no aggregated metrics are + computed. + type: array + confusionMatrix: + description: Confusion matrix of the evaluation. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationTextTransformation - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationAutoTransformation: + #/components/schemas/GoogleCloudAiplatformV1SchemaModelevaluationMetricsConfusionMatrix + auRoc: + description: >- + The Area Under Receiver Operating Characteristic curve metric. + Micro-averaged for the overall evaluation. + type: number + format: float + logLoss: + format: float + description: The Log Loss metric. + type: number + auPrc: + description: >- + The Area Under Precision-Recall Curve metric. Micro-averaged for the + overall evaluation. + type: number + format: float id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationAutoTransformation - description: >- - Training pipeline will infer the proper transformation based on the - statistic of dataset. + GoogleCloudAiplatformV1SchemaModelevaluationMetricsClassificationEvaluationMetrics type: object + GoogleCloudAiplatformV1SafetyResult: + description: Spec for safety result. + id: GoogleCloudAiplatformV1SafetyResult properties: - columnName: + confidence: + type: number + readOnly: true + description: Output only. Confidence for safety score. + format: float + score: + description: Output only. Safety score. + readOnly: true + type: number + format: float + explanation: type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationNumericTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationNumericTransformation - description: >- - Training pipeline will perform following transformation functions. * The - value converted to float32. * The z_score of the value. * log(value+1) - when the value is greater than or equal to 0. Otherwise, this - transformation is not applied and the value is considered a missing - value. * z_score of log(value+1) when the value is greater than or equal - to 0. Otherwise, this transformation is not applied and the value is - considered a missing value. + description: Output only. Explanation for safety score. + readOnly: true type: object + GoogleCloudAiplatformV1RubricGenerationSpec: + description: Specification for how rubrics should be generated. + id: GoogleCloudAiplatformV1RubricGenerationSpec properties: - columnName: + promptTemplate: + description: >- + Template for the prompt used to generate rubrics. The details should + be updated based on the most-recent recipe requirements. type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationCategoricalTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationCategoricalTransformation - description: >- - Training pipeline will perform following transformation functions. * The - categorical string as is--no change to case, punctuation, spelling, - tense, and so on. * Convert the category name to a dictionary lookup - index and generate an embedding for each index. * Categories that appear - less than 5 times in the training dataset are treated as the "unknown" - category. The "unknown" category gets its own special lookup index and - resulting embedding. - type: object - properties: - columnName: - type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationTimestampTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationTimestampTransformation - description: >- - Training pipeline will perform following transformation functions. * - Apply the transformation functions for Numerical columns. * Determine - the year, month, day,and weekday. Treat each value from the timestamp as - a Categorical column. * Invalid numerical values (for example, values - that fall outside of a typical timestamp range, or are extreme values) - receive no special treatment and are not removed. - type: object - properties: - columnName: - type: string - timeFormat: - description: >- - The format in which that time field is expressed. The time_format - must either be one of: * `unix-seconds` * `unix-milliseconds` * - `unix-microseconds` * `unix-nanoseconds` (for respectively number of - seconds, milliseconds, microseconds and nanoseconds since start of - the Unix epoch); or be written in `strftime` syntax. If time_format - is not set, then the default format is RFC 3339 `date-time` format, - where `time-offset` = `"Z"` (e.g. 1985-04-12T23:20:50.52Z) - type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationTextTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsTransformationTextTransformation - description: >- - Training pipeline will perform following transformation functions. * The - text as is--no change to case, punctuation, spelling, tense, and so on. - * Convert the category name to a dictionary lookup index and generate an - embedding for each index. - type: object - properties: - columnName: - type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsGranularity: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingInputsGranularity - description: A duration of time expressed in time granularity units. - type: object - properties: - unit: - description: >- - The time granularity unit of this time period. The supported units - are: * "minute" * "hour" * "day" * "week" * "month" * "year" - type: string - quantity: + rubricTypeOntology: description: >- - The number of granularity_units between data points in the training - data. If `granularity_unit` is `minute`, can be 1, 5, 10, 15, or 30. - For all other values of `granularity_unit`, must be 1. + Optional. An optional, pre-defined list of allowed types for + generated rubrics. If this field is provided, it implies + `include_rubric_type` should be true, and the generated rubric types + should be chosen from this ontology. + type: array + items: + type: string + rubricContentType: type: string - format: int64 - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingMetadata: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionSeq2SeqPlusForecastingMetadata - description: Model metadata specific to Seq2Seq Plus Forecasting. - type: object - properties: - trainCostMilliNodeHours: + enumDescriptions: + - The content type to generate is not specified. + - Generate rubrics based on properties. + - Generate rubrics in an NL question answer format. + - Generate rubrics in a unit test format. + enum: + - RUBRIC_CONTENT_TYPE_UNSPECIFIED + - PROPERTY + - NL_QUESTION_ANSWER + - PYTHON_CODE_ASSERTION + description: The type of rubric content to be generated. + modelConfig: description: >- - Output only. The actual training cost of the model, expressed in - milli node hours, i.e. 1,000 value in this field means 1 node hour. - Guaranteed to not exceed the train budget. - type: string - format: int64 - evaluatedDataItemsBigqueryUri: - description: BigQuery destination uri for exported evaluated examples. - type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecasting: - id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecasting - description: A TrainingJob that trains and uploads an AutoML Forecasting Model. + Configuration for the model used in rubric generation. Configs + including sampling count and base model can be specified here. + Flipping is not supported for rubric generation. + $ref: '#/components/schemas/GoogleCloudAiplatformV1AutoraterConfig' type: object - properties: - inputs: - description: The input parameters of this TrainingJob. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputs - metadata: - description: The metadata information. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingMetadata - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputs: - id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputs + GoogleCloudAiplatformV1FunctionResponse: + description: >- + The result output from a [FunctionCall] that contains a string + representing the [FunctionDeclaration.name] and a structured JSON object + containing any output from the function is used as context to the model. + This should contain the result of a [FunctionCall] made based on model + prediction. type: object + id: GoogleCloudAiplatformV1FunctionResponse properties: - targetColumn: - description: >- - The name of the column that the Model is to predict values for. This - column must be unavailable at forecast. - type: string - timeSeriesIdentifierColumn: - description: The name of the column that identifies the time series. - type: string - timeColumn: - description: >- - The name of the column that identifies time order in the time - series. This column must be available at forecast. - type: string - transformations: - description: >- - Each transformation will apply transform function to given input - column. And the result will be used for training. When creating - transformation for BigQuery Struct column, the column should be - flattened using "." as the delimiter. + parts: type: array items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformation - optimizationObjective: - description: >- - Objective function the model is optimizing towards. The training - process creates a model that optimizes the value of the objective - function over the validation set. The supported optimization - objectives: * "minimize-rmse" (default) - Minimize root-mean-squared - error (RMSE). * "minimize-mae" - Minimize mean-absolute error (MAE). - * "minimize-rmsle" - Minimize root-mean-squared log error (RMSLE). * - "minimize-rmspe" - Minimize root-mean-squared percentage error - (RMSPE). * "minimize-wape-mae" - Minimize the combination of - weighted absolute percentage error (WAPE) and mean-absolute-error - (MAE). * "minimize-quantile-loss" - Minimize the quantile loss at - the quantiles defined in `quantiles`. * "minimize-mape" - Minimize - the mean absolute percentage error. - type: string - trainBudgetMilliNodeHours: - description: >- - Required. The train budget of creating this model, expressed in - milli node hours i.e. 1,000 value in this field means 1 node hour. - The training cost of the model will not exceed this budget. The - final cost will be attempted to be close to the budget, though may - end up being (even) noticeably smaller - at the backend's - discretion. This especially may happen when further model training - ceases to provide any improvements. If the budget is set to a value - known to be insufficient to train a model for the given dataset, the - training won't be attempted and will error. The train budget must be - between 1,000 and 72,000 milli node hours, inclusive. - type: string - format: int64 - weightColumn: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FunctionResponsePart' description: >- - Column name that should be used as the weight column. Higher values - in this column give more importance to the row during model - training. The column must have numeric values between 0 and 10000 - inclusively; 0 means the row is ignored for training. If weight - column field is not set, then all rows are assumed to have equal - weight of 1. This column must be available at forecast. + Optional. Ordered `Parts` that constitute a function response. Parts + may have different IANA MIME types. + name: type: string - timeSeriesAttributeColumns: description: >- - Column names that should be used as attribute columns. The value of - these columns does not vary as a function of time. For example, - store ID or item color. - type: array - items: - type: string - unavailableAtForecastColumns: + Required. The name of the function to call. Matches + [FunctionDeclaration.name] and [FunctionCall.name]. + response: + type: object description: >- - Names of columns that are unavailable when a forecast is requested. - This column contains information for the given entity (identified by - the time_series_identifier_column) that is unknown before the - forecast For example, actual weather on a given day. - type: array - items: - type: string - availableAtForecastColumns: + Required. The function response in JSON object format. Use "output" + key to specify function output and "error" key to specify error + details (if any). If "output" and "error" keys are not specified, + then whole "response" is treated as function output. + additionalProperties: + type: any + description: Properties of the object. + GoogleCloudAiplatformV1EvaluateInstancesResponse: + properties: + questionAnsweringQualityResult: description: >- - Names of columns that are available and provided when a forecast is - requested. These columns contain information for the given entity - (identified by the time_series_identifier_column column) that is - known at forecast. For example, predicted weather for a specific - day. - type: array - items: - type: string - dataGranularity: - description: Expected difference in time granularity between rows in the data. + Question answering only metrics. Result for question answering + quality metric. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsGranularity - forecastHorizon: - description: >- - The amount of time into the future for which forecasted values for - the target are returned. Expressed in number of units defined by the - `data_granularity` field. - type: string - format: int64 - contextWindow: - description: >- - The amount of time into the past training and prediction data is - used for model training and prediction respectively. Expressed in - number of units defined by the `data_granularity` field. - type: string - format: int64 - holidayRegions: - description: >- - The geographical region based on which the holiday effect is applied - in modeling by adding holiday categorical array feature that include - all holidays matching the date. This option only allowed when - data_granularity is day. By default, holiday effect modeling is - disabled. To turn it on, specify the holiday region using this - option. - type: array - items: - type: string - exportEvaluatedDataItemsConfig: - description: >- - Configuration for exporting test set predictions to a BigQuery - table. If this configuration is absent, then the export is not - performed. + #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringQualityResult + cometResult: + description: Translation metrics. Result for Comet metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1CometResult' + summarizationQualityResult: + description: Summarization only metrics. Result for summarization quality metric. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionExportEvaluatedDataItemsConfig - windowConfig: - description: Config containing strategy for generating sliding windows. + #/components/schemas/GoogleCloudAiplatformV1SummarizationQualityResult + toolParameterKvMatchResults: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionWindowConfig - quantiles: + #/components/schemas/GoogleCloudAiplatformV1ToolParameterKVMatchResults + description: Results for tool parameter key value match metric. + fluencyResult: description: >- - Quantiles to use for minimize-quantile-loss - `optimization_objective`. Up to 5 quantiles are allowed of values - between 0 and 1, exclusive. Required if the value of - optimization_objective is minimize-quantile-loss. Represents the - percent quantiles to use for that objective. Quantiles must be - unique. - type: array + LLM-based metric evaluation result. General text generation metrics, + applicable to other categories. Result for fluency metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FluencyResult' + toolNameMatchResults: + description: Results for tool name match metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolNameMatchResults' + pairwiseQuestionAnsweringQualityResult: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityResult + description: Result for pairwise question answering quality metric. + safetyResult: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SafetyResult' + description: Result for safety metric. + bleuResults: + $ref: '#/components/schemas/GoogleCloudAiplatformV1BleuResults' + description: Results for bleu metric. + metricResults: items: - type: number - format: double - validationOptions: + $ref: '#/components/schemas/GoogleCloudAiplatformV1MetricResult' description: >- - Validation options for the data validation component. The available - options are: * "fail-pipeline" - default, will validate against the - validation and fail the pipeline if it fails. * "ignore-validation" - - ignore the results of the validation and continue - type: string - additionalExperiments: - description: Additional experiment flags for the time series forcasting training. + Metric results for each instance. The order of the metric results is + guaranteed to be the same as the order of the instances in the + request. type: array - items: - type: string - hierarchyConfig: - description: >- - Configuration that defines the hierarchical relationship of time - series and parameters for hierarchical forecasting strategies. + pairwiseSummarizationQualityResult: + description: Result for pairwise summarization quality metric. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHierarchyConfig - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformation - type: object - properties: - auto: + #/components/schemas/GoogleCloudAiplatformV1PairwiseSummarizationQualityResult + trajectoryInOrderMatchResults: + description: Result for trajectory in order match metric. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationAutoTransformation - numeric: + #/components/schemas/GoogleCloudAiplatformV1TrajectoryInOrderMatchResults + trajectorySingleToolUseResults: + description: Results for trajectory single tool use metric. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationNumericTransformation - categorical: + #/components/schemas/GoogleCloudAiplatformV1TrajectorySingleToolUseResults + trajectoryAnyOrderMatchResults: + description: Result for trajectory any order match metric. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationCategoricalTransformation - timestamp: + #/components/schemas/GoogleCloudAiplatformV1TrajectoryAnyOrderMatchResults + summarizationVerbosityResult: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationTimestampTransformation - text: + #/components/schemas/GoogleCloudAiplatformV1SummarizationVerbosityResult + description: Result for summarization verbosity metric. + toolParameterKeyMatchResults: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationTextTransformation - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationAutoTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationAutoTransformation - description: >- - Training pipeline will infer the proper transformation based on the - statistic of dataset. + #/components/schemas/GoogleCloudAiplatformV1ToolParameterKeyMatchResults + description: Results for tool parameter key match metric. + questionAnsweringRelevanceResult: + description: Result for question answering relevance metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringRelevanceResult + rougeResults: + description: Results for rouge metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RougeResults' + pairwiseMetricResult: + description: Result for pairwise metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1PairwiseMetricResult' + questionAnsweringHelpfulnessResult: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringHelpfulnessResult + description: Result for question answering helpfulness metric. + questionAnsweringCorrectnessResult: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringCorrectnessResult + description: Result for question answering correctness metric. + groundednessResult: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundednessResult' + description: Result for groundedness metric. + trajectoryExactMatchResults: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectoryExactMatchResults + description: Result for trajectory exact match metric. + toolCallValidResults: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolCallValidResults' + description: Tool call metrics. Results for tool call valid metric. + fulfillmentResult: + description: Result for fulfillment metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FulfillmentResult' + pointwiseMetricResult: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PointwiseMetricResult' + description: Generic metrics. Result for pointwise metric. + summarizationHelpfulnessResult: + description: Result for summarization helpfulness metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SummarizationHelpfulnessResult + trajectoryPrecisionResults: + description: Result for trajectory precision metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectoryPrecisionResults + metricxResult: + description: Result for Metricx metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1MetricxResult' + trajectoryRecallResults: + description: Results for trajectory recall metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1TrajectoryRecallResults' + exactMatchResults: + description: Auto metric evaluation results. Results for exact match metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExactMatchResults' + coherenceResult: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CoherenceResult' + description: Result for coherence metric. + rubricBasedInstructionFollowingResult: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RubricBasedInstructionFollowingResult + description: Result for rubric based instruction following metric. type: object + description: Response message for EvaluationService.EvaluateInstances. + id: GoogleCloudAiplatformV1EvaluateInstancesResponse + GoogleCloudAiplatformV1PipelineTaskDetailArtifactList: + id: GoogleCloudAiplatformV1PipelineTaskDetailArtifactList properties: - columnName: - type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationNumericTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationNumericTransformation - description: >- - Training pipeline will perform following transformation functions. * The - value converted to float32. * The z_score of the value. * log(value+1) - when the value is greater than or equal to 0. Otherwise, this - transformation is not applied and the value is considered a missing - value. * z_score of log(value+1) when the value is greater than or equal - to 0. Otherwise, this transformation is not applied and the value is - considered a missing value. + artifacts: + readOnly: true + description: Output only. A list of artifact metadata. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Artifact' + type: array + description: A list of artifact metadata. type: object - properties: - columnName: - type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationCategoricalTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationCategoricalTransformation + GoogleCloudAiplatformV1DatasetDistributionDistributionBucket: + id: GoogleCloudAiplatformV1DatasetDistributionDistributionBucket description: >- - Training pipeline will perform following transformation functions. * The - categorical string as is--no change to case, punctuation, spelling, - tense, and so on. * Convert the category name to a dictionary lookup - index and generate an embedding for each index. * Categories that appear - less than 5 times in the training dataset are treated as the "unknown" - category. The "unknown" category gets its own special lookup index and - resulting embedding. + Dataset bucket used to create a histogram for the distribution given a + population of values. type: object properties: - columnName: + count: type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationTimestampTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationTimestampTransformation + format: int64 + description: Output only. Number of values in the bucket. + readOnly: true + left: + type: number + format: double + description: Output only. Left bound of the bucket. + readOnly: true + right: + type: number + readOnly: true + format: double + description: Output only. Right bound of the bucket. + GoogleCloudAiplatformV1ModelGardenSource: description: >- - Training pipeline will perform following transformation functions. * - Apply the transformation functions for Numerical columns. * Determine - the year, month, day,and weekday. Treat each value from the timestamp as - a Categorical column. * Invalid numerical values (for example, values - that fall outside of a typical timestamp range, or are extreme values) - receive no special treatment and are not removed. - type: object + Contains information about the source of the models generated from Model + Garden. properties: - columnName: + versionId: + description: Optional. The model garden source model version ID. type: string - timeFormat: - description: >- - The format in which that time field is expressed. The time_format - must either be one of: * `unix-seconds` * `unix-milliseconds` * - `unix-microseconds` * `unix-nanoseconds` (for respectively number of - seconds, milliseconds, microseconds and nanoseconds since start of - the Unix epoch); or be written in `strftime` syntax. If time_format - is not set, then the default format is RFC 3339 `date-time` format, - where `time-offset` = `"Z"` (e.g. 1985-04-12T23:20:50.52Z) + publicModelName: type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationTextTransformation: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsTransformationTextTransformation - description: >- - Training pipeline will perform following transformation functions. * The - text as is--no change to case, punctuation, spelling, tense, and so on. - * Convert the category name to a dictionary lookup index and generate an - embedding for each index. + description: Required. The model garden source model resource name. + skipHfModelCache: + description: Optional. Whether to avoid pulling the model from the HF cache. + type: boolean + id: GoogleCloudAiplatformV1ModelGardenSource type: object + GoogleCloudAiplatformV1ModelContainerSpec: + id: GoogleCloudAiplatformV1ModelContainerSpec properties: - columnName: + deploymentTimeout: type: string - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsGranularity: - id: >- - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingInputsGranularity - description: A duration of time expressed in time granularity units. - type: object - properties: - unit: description: >- - The time granularity unit of this time period. The supported units - are: * "minute" * "hour" * "day" * "week" * "month" * "year" + Immutable. Deployment timeout. Limit for deployment timeout is 2 + hours. + format: google-duration + grpcPorts: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Port' + description: >- + Immutable. List of ports to expose from the container. Vertex AI + sends gRPC prediction requests that it receives to the first port on + this list. Vertex AI also sends liveness and health checks to this + port. If you do not specify this field, gRPC requests to the + container will be disabled. Vertex AI does not use ports other than + the first one listed. This field corresponds to the `ports` field of + the Kubernetes Containers v1 core API. + type: array + command: + description: >- + Immutable. Specifies the command that runs when the container + starts. This overrides the container's + [ENTRYPOINT](https://docs.docker.com/engine/reference/builder/#entrypoint). + Specify this field as an array of executable and arguments, similar + to a Docker `ENTRYPOINT`'s "exec" form, not its "shell" form. If you + do not specify this field, then the container's `ENTRYPOINT` runs, + in conjunction with the args field or the container's + [`CMD`](https://docs.docker.com/engine/reference/builder/#cmd), if + either exists. If this field is not specified and the container does + not have an `ENTRYPOINT`, then refer to the Docker documentation + about [how `CMD` and `ENTRYPOINT` + interact](https://docs.docker.com/engine/reference/builder/#understand-how-cmd-and-entrypoint-interact). + If you specify this field, then you can also specify the `args` + field to provide additional arguments for this command. However, if + you specify this field, then the container's `CMD` is ignored. See + the [Kubernetes documentation about how the `command` and `args` + fields interact with a container's `ENTRYPOINT` and + `CMD`](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#notes). + In this field, you can reference [environment variables set by + Vertex + AI](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables) + and environment variables set in the env field. You cannot reference + environment variables set in the Docker image. In order for + environment variables to be expanded, reference them by using the + following syntax: $( VARIABLE_NAME) Note that this differs from Bash + variable expansion, which does not use parentheses. If a variable + cannot be resolved, the reference in the input string is used + unchanged. To avoid variable expansion, you can escape this syntax + with `$$`; for example: $$(VARIABLE_NAME) This field corresponds to + the `command` field of the Kubernetes Containers [v1 core + API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core). + type: array + items: + type: string + imageUri: type: string - quantity: description: >- - The number of granularity_units between data points in the training - data. If `granularity_unit` is `minute`, can be 1, 5, 10, 15, or 30. - For all other values of `granularity_unit`, must be 1. + Required. Immutable. URI of the Docker image to be used as the + custom container for serving predictions. This URI must identify an + image in Artifact Registry or Container Registry. Learn more about + the [container publishing + requirements](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#publishing), + including permissions requirements for the Vertex AI Service Agent. + The container image is ingested upon ModelService.UploadModel, + stored internally, and this original path is afterwards not used. To + learn about the requirements for the Docker image itself, see + [Custom container + requirements](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#). + You can use the URI to one of Vertex AI's [pre-built container + images for + prediction](https://cloud.google.com/vertex-ai/docs/predictions/pre-built-containers) + in this field. + args: + items: + type: string + type: array + description: >- + Immutable. Specifies arguments for the command that runs when the + container starts. This overrides the container's + [`CMD`](https://docs.docker.com/engine/reference/builder/#cmd). + Specify this field as an array of executable and arguments, similar + to a Docker `CMD`'s "default parameters" form. If you don't specify + this field but do specify the command field, then the command from + the `command` field runs without any additional arguments. See the + [Kubernetes documentation about how the `command` and `args` fields + interact with a container's `ENTRYPOINT` and + `CMD`](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#notes). + If you don't specify this field and don't specify the `command` + field, then the container's + [`ENTRYPOINT`](https://docs.docker.com/engine/reference/builder/#cmd) + and `CMD` determine what runs based on their default behavior. See + the Docker documentation about [how `CMD` and `ENTRYPOINT` + interact](https://docs.docker.com/engine/reference/builder/#understand-how-cmd-and-entrypoint-interact). + In this field, you can reference [environment variables set by + Vertex + AI](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables) + and environment variables set in the env field. You cannot reference + environment variables set in the Docker image. In order for + environment variables to be expanded, reference them by using the + following syntax: $( VARIABLE_NAME) Note that this differs from Bash + variable expansion, which does not use parentheses. If a variable + cannot be resolved, the reference in the input string is used + unchanged. To avoid variable expansion, you can escape this syntax + with `$$`; for example: $$(VARIABLE_NAME) This field corresponds to + the `args` field of the Kubernetes Containers [v1 core + API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core). + env: + description: >- + Immutable. List of environment variables to set in the container. + After the container starts running, code running in the container + can read these environment variables. Additionally, the command and + args fields can reference these variables. Later entries in this + list can also reference earlier entries. For example, the following + example sets the variable `VAR_2` to have the value `foo bar`: + ```json [ { "name": "VAR_1", "value": "foo" }, { "name": "VAR_2", + "value": "$(VAR_1) bar" } ] ``` If you switch the order of the + variables in the example, then the expansion does not occur. This + field corresponds to the `env` field of the Kubernetes Containers + [v1 core + API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core). + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EnvVar' + ports: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Port' + type: array + description: >- + Immutable. List of ports to expose from the container. Vertex AI + sends any prediction requests that it receives to the first port on + this list. Vertex AI also sends [liveness and health + checks](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#liveness) + to this port. If you do not specify this field, it defaults to + following value: ```json [ { "containerPort": 8080 } ] ``` Vertex AI + does not use ports other than the first one listed. This field + corresponds to the `ports` field of the Kubernetes Containers [v1 + core + API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core). + predictRoute: type: string + description: >- + Immutable. HTTP path on the container to send prediction requests + to. Vertex AI forwards requests sent using + projects.locations.endpoints.predict to this path on the container's + IP address and port. Vertex AI then returns the container's response + in the API response. For example, if you set this field to `/foo`, + then when Vertex AI receives a prediction request, it forwards the + request body in a POST request to the `/foo` path on the port of + your container specified by the first value of this + `ModelContainerSpec`'s ports field. If you don't specify this field, + it defaults to the following value when you deploy this Model to an + Endpoint: + /v1/endpoints/ENDPOINT/deployedModels/DEPLOYED_MODEL:predict The + placeholders in this value are replaced as follows: * ENDPOINT: The + last segment (following `endpoints/`)of the Endpoint.name][] field + of the Endpoint where this Model has been deployed. (Vertex AI makes + this value available to your container code as the + [`AIP_ENDPOINT_ID` environment + variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).) + * DEPLOYED_MODEL: DeployedModel.id of the `DeployedModel`. (Vertex + AI makes this value available to your container code as the + [`AIP_DEPLOYED_MODEL_ID` environment + variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).) + sharedMemorySizeMb: format: int64 - GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingMetadata: - id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionTftForecastingMetadata - description: Model metadata specific to TFT Forecasting. - type: object - properties: - trainCostMilliNodeHours: description: >- - Output only. The actual training cost of the model, expressed in - milli node hours, i.e. 1,000 value in this field means 1 node hour. - Guaranteed to not exceed the train budget. + Immutable. The amount of the VM memory to reserve as the shared + memory for the model in megabytes. type: string - format: int64 - evaluatedDataItemsBigqueryUri: - description: BigQuery destination uri for exported evaluated examples. + healthProbe: + description: Immutable. Specification for Kubernetes readiness probe. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Probe' + invokeRoutePrefix: + description: >- + Immutable. Invoke route prefix for the custom container. "/*" is the + only supported value right now. By setting this field, any non-root + route on this model will be accessible with invoke http call eg: + "/invoke/foo/bar", however the [PredictionService.Invoke] RPC is not + supported yet. Only one of `predict_route` or `invoke_route_prefix` + can be set, and we default to using `predict_route` if this field is + not set. If this field is set, the Model can only be deployed to + dedicated endpoint. type: string - GoogleCloudAiplatformV1SchemaPredictionResult: - id: GoogleCloudAiplatformV1SchemaPredictionResult - description: Represents a line of JSONL in the batch prediction output file. + startupProbe: + description: Immutable. Specification for Kubernetes startup probe. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Probe' + healthRoute: + description: >- + Immutable. HTTP path on the container to send health checks to. + Vertex AI intermittently sends GET requests to this path on the + container's IP address and port to check that the container is + healthy. Read more about [health + checks](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#health). + For example, if you set this field to `/bar`, then Vertex AI + intermittently sends a GET request to the `/bar` path on the port of + your container specified by the first value of this + `ModelContainerSpec`'s ports field. If you don't specify this field, + it defaults to the following value when you deploy this Model to an + Endpoint: /v1/endpoints/ENDPOINT/deployedModels/ + DEPLOYED_MODEL:predict The placeholders in this value are replaced + as follows: * ENDPOINT: The last segment (following `endpoints/`)of + the Endpoint.name][] field of the Endpoint where this Model has been + deployed. (Vertex AI makes this value available to your container + code as the [`AIP_ENDPOINT_ID` environment + variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).) + * DEPLOYED_MODEL: DeployedModel.id of the `DeployedModel`. (Vertex + AI makes this value available to your container code as the + [`AIP_DEPLOYED_MODEL_ID` environment + variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).) + type: string + livenessProbe: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Probe' + description: Immutable. Specification for Kubernetes liveness probe. type: object + description: >- + Specification of a container for serving predictions. Some fields in + this message correspond to fields in the [Kubernetes Container v1 core + specification](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core). + GoogleCloudAiplatformV1RagFileParsingConfigLayoutParser: properties: - instance: - description: >- - User's input instance. Struct is used here instead of Any so that - JsonFormat does not append an extra "@type" field when we convert - the proto to JSON. - type: object - additionalProperties: - type: any - description: Properties of the object. - key: - description: Optional user-provided key from the input instance. + processorName: type: string - prediction: description: >- - The prediction result. Value is used here instead of Any so that - JsonFormat does not append an extra "@type" field when we convert - the proto to JSON and so we can represent array of objects. Do not - set error if this is set. - type: any - error: - description: The error result. Do not set prediction if this is set. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPredictionResultError - GoogleCloudAiplatformV1SchemaPredictionResultError: - id: GoogleCloudAiplatformV1SchemaPredictionResultError + The full resource name of a Document AI processor or processor + version. The processor must have type `LAYOUT_PARSER_PROCESSOR`. If + specified, the `additional_config.parse_as_scanned_pdf` field must + be false. Format: * + `projects/{project_id}/locations/{location}/processors/{processor_id}` + * + `projects/{project_id}/locations/{location}/processors/{processor_id}/processorVersions/{processor_version_id}` + maxParsingRequestsPerMin: + description: >- + The maximum number of requests the job is allowed to make to the + Document AI processor per minute. Consult + https://cloud.google.com/document-ai/quotas and the Quota page for + your project to set an appropriate value here. If unspecified, a + default value of 120 QPM would be used. + format: int32 + type: integer + description: Document AI Layout Parser config. + id: GoogleCloudAiplatformV1RagFileParsingConfigLayoutParser type: object + GoogleCloudAiplatformV1BatchMigrateResourcesResponse: properties: - status: - description: >- - Error status. This will be serialized into the enum name e.g. - "NOT_FOUND". - type: string - enumDescriptions: - - 'Not an error; returned on success. HTTP Mapping: 200 OK' - - >- - The operation was cancelled, typically by the caller. HTTP - Mapping: 499 Client Closed Request - - >- - Unknown error. For example, this error may be returned when a - `Status` value received from another address space belongs to an - error space that is not known in this address space. Also errors - raised by APIs that do not return enough error information may be - converted to this error. HTTP Mapping: 500 Internal Server Error - - >- - The client specified an invalid argument. Note that this differs - from `FAILED_PRECONDITION`. `INVALID_ARGUMENT` indicates arguments - that are problematic regardless of the state of the system (e.g., - a malformed file name). HTTP Mapping: 400 Bad Request - - >- - The deadline expired before the operation could complete. For - operations that change the state of the system, this error may be - returned even if the operation has completed successfully. For - example, a successful response from a server could have been - delayed long enough for the deadline to expire. HTTP Mapping: 504 - Gateway Timeout - - >- - Some requested entity (e.g., file or directory) was not found. - Note to server developers: if a request is denied for an entire - class of users, such as gradual feature rollout or undocumented - allowlist, `NOT_FOUND` may be used. If a request is denied for - some users within a class of users, such as user-based access - control, `PERMISSION_DENIED` must be used. HTTP Mapping: 404 Not - Found - - >- - The entity that a client attempted to create (e.g., file or - directory) already exists. HTTP Mapping: 409 Conflict - - >- - The caller does not have permission to execute the specified - operation. `PERMISSION_DENIED` must not be used for rejections - caused by exhausting some resource (use `RESOURCE_EXHAUSTED` - instead for those errors). `PERMISSION_DENIED` must not be used if - the caller can not be identified (use `UNAUTHENTICATED` instead - for those errors). This error code does not imply the request is - valid or the requested entity exists or satisfies other - pre-conditions. HTTP Mapping: 403 Forbidden - - >- - The request does not have valid authentication credentials for the - operation. HTTP Mapping: 401 Unauthorized - - >- - Some resource has been exhausted, perhaps a per-user quota, or - perhaps the entire file system is out of space. HTTP Mapping: 429 - Too Many Requests - - >- - The operation was rejected because the system is not in a state - required for the operation's execution. For example, the directory - to be deleted is non-empty, an rmdir operation is applied to a - non-directory, etc. Service implementors can use the following - guidelines to decide between `FAILED_PRECONDITION`, `ABORTED`, and - `UNAVAILABLE`: (a) Use `UNAVAILABLE` if the client can retry just - the failing call. (b) Use `ABORTED` if the client should retry at - a higher level. For example, when a client-specified test-and-set - fails, indicating the client should restart a read-modify-write - sequence. (c) Use `FAILED_PRECONDITION` if the client should not - retry until the system state has been explicitly fixed. For - example, if an "rmdir" fails because the directory is non-empty, - `FAILED_PRECONDITION` should be returned since the client should - not retry unless the files are deleted from the directory. HTTP - Mapping: 400 Bad Request - - >- - The operation was aborted, typically due to a concurrency issue - such as a sequencer check failure or transaction abort. See the - guidelines above for deciding between `FAILED_PRECONDITION`, - `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: 409 Conflict - - >- - The operation was attempted past the valid range. E.g., seeking or - reading past end-of-file. Unlike `INVALID_ARGUMENT`, this error - indicates a problem that may be fixed if the system state changes. - For example, a 32-bit file system will generate `INVALID_ARGUMENT` - if asked to read at an offset that is not in the range [0,2^32-1], - but it will generate `OUT_OF_RANGE` if asked to read from an - offset past the current file size. There is a fair bit of overlap - between `FAILED_PRECONDITION` and `OUT_OF_RANGE`. We recommend - using `OUT_OF_RANGE` (the more specific error) when it applies so - that callers who are iterating through a space can easily look for - an `OUT_OF_RANGE` error to detect when they are done. HTTP - Mapping: 400 Bad Request - - >- - The operation is not implemented or is not supported/enabled in - this service. HTTP Mapping: 501 Not Implemented - - >- - Internal errors. This means that some invariants expected by the - underlying system have been broken. This error code is reserved - for serious errors. HTTP Mapping: 500 Internal Server Error - - >- - The service is currently unavailable. This is most likely a - transient condition, which can be corrected by retrying with a - backoff. Note that it is not always safe to retry non-idempotent - operations. See the guidelines above for deciding between - `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: - 503 Service Unavailable - - >- - Unrecoverable data loss or corruption. HTTP Mapping: 500 Internal - Server Error - enum: - - OK - - CANCELLED - - UNKNOWN - - INVALID_ARGUMENT - - DEADLINE_EXCEEDED - - NOT_FOUND - - ALREADY_EXISTS - - PERMISSION_DENIED - - UNAUTHENTICATED - - RESOURCE_EXHAUSTED - - FAILED_PRECONDITION - - ABORTED - - OUT_OF_RANGE - - UNIMPLEMENTED - - INTERNAL - - UNAVAILABLE - - DATA_LOSS - message: - description: Error message with additional details. + migrateResourceResponses: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MigrateResourceResponse + description: Successfully migrated resources. + type: object + description: Response message for MigrationService.BatchMigrateResources. + id: GoogleCloudAiplatformV1BatchMigrateResourcesResponse + GoogleCloudAiplatformV1FluencyInstance: + description: Spec for fluency instance. + properties: + prediction: type: string - CloudAiLargeModelsVisionGenerateVideoResponse: - id: CloudAiLargeModelsVisionGenerateVideoResponse - description: Generate video response. + description: Required. Output of the evaluated model. + id: GoogleCloudAiplatformV1FluencyInstance type: object + GoogleCloudAiplatformV1SchemaPredictPredictionImageObjectDetectionPredictionResult: + description: Prediction output format for Image Object Detection. properties: - generatedSamples: - description: The generates samples. + ids: type: array items: - $ref: '#/components/schemas/CloudAiLargeModelsVisionMedia' - raiMediaFilteredCount: - description: Returns if any videos were filtered due to RAI policies. - type: integer - format: int32 - raiMediaFilteredReasons: - description: Returns rai failure reasons if any. + format: int64 + type: string + description: >- + The resource IDs of the AnnotationSpecs that had been identified, + ordered by the confidence score descendingly. + confidences: + items: + type: number + format: float + type: array + description: >- + The Model's confidences in correctness of the predicted IDs, higher + value means higher confidence. Order matches the Ids. + displayNames: + description: >- + The display names of the AnnotationSpecs that had been identified, + order matches the IDs. type: array items: type: string - videos: - description: List of videos, used to align naming with the external response. + bboxes: type: array + description: >- + Bounding boxes, i.e. the rectangles over the image, that pinpoint + the found AnnotationSpecs. Given in order that matches the IDs. Each + bounding box is an array of 4 numbers `xMin`, `xMax`, `yMin`, and + `yMax`, which represent the extremal coordinates of the box. They + are relative to the image size, and the point 0,0 is in the top left + of the image. items: - $ref: >- - #/components/schemas/CloudAiLargeModelsVisionGenerateVideoResponseVideo - CloudAiLargeModelsVisionMedia: - id: CloudAiLargeModelsVisionMedia - description: Media. + type: array + items: + type: any + id: >- + GoogleCloudAiplatformV1SchemaPredictPredictionImageObjectDetectionPredictionResult type: object - properties: - image: - description: Image. - $ref: '#/components/schemas/CloudAiLargeModelsVisionImage' - video: - description: Video - $ref: '#/components/schemas/CloudAiLargeModelsVisionVideo' CloudAiLargeModelsVisionImage: - id: CloudAiLargeModelsVisionImage description: Image. type: object + id: CloudAiLargeModelsVisionImage properties: - image: - description: Raw bytes. - type: string - format: byte - uri: - description: Path to another storage (typically Google Cloud Storage). + text: + description: Text/Expanded text input for imagen. type: string + imageSize: + $ref: '#/components/schemas/CloudAiLargeModelsVisionImageImageSize' + description: >- + Image size. The size of the image. Can be self reported, or computed + from the image bytes. + generationSeed: + format: int32 + description: >- + Generation seed for the sampled image. This parameter is exposed to + the user only if one of the following is true: 1. The user specified + per-example seeds in the request. 2. The user doesn't specify the + generation seed in the request. + type: integer encoding: description: Image encoding, encoded as "image/png" or "image/jpg". type: string + image: + description: Raw bytes. + type: string + format: byte imageRaiScores: description: RAI scores for generated image. $ref: '#/components/schemas/CloudAiLargeModelsVisionImageRAIScores' raiInfo: - description: RAI info for image. $ref: '#/components/schemas/CloudAiLargeModelsVisionRaiInfo' + description: RAI info for image. + uri: + description: Path to another storage (typically Google Cloud Storage). + type: string semanticFilterResponse: description: Semantic filter info for image. $ref: '#/components/schemas/CloudAiLargeModelsVisionSemanticFilterResponse' - text: - description: Text/Expanded text input for imagen. - type: string - generationSeed: + GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesRequestStatsAnomaliesObjective: + properties: + topFeatureCount: description: >- - Generation seed for the sampled image. This parameter is exposed to - the user only if one of the following is true: 1. The user specified - per-example seeds in the request. 2. The user doesn't specify the - generation seed in the request. - type: integer + If set, all attribution scores between + SearchModelDeploymentMonitoringStatsAnomaliesRequest.start_time and + SearchModelDeploymentMonitoringStatsAnomaliesRequest.end_time are + fetched, and page token doesn't take effect in this case. Only used + to retrieve attribution score for the top Features which has the + highest attribution score in the latest monitoring run. format: int32 - imageSize: - description: >- - Image size. The size of the image. Can be self reported, or computed - from the image bytes. - $ref: '#/components/schemas/CloudAiLargeModelsVisionImageImageSize' - CloudAiLargeModelsVisionImageRAIScores: - id: CloudAiLargeModelsVisionImageRAIScores - description: RAI scores for generated image returned. - type: object - properties: - agileWatermarkDetectionScore: - description: Agile watermark score for image. - type: number - format: double - CloudAiLargeModelsVisionRaiInfo: - id: CloudAiLargeModelsVisionRaiInfo - description: 'Next ID: 6' - type: object - properties: - raiCategories: - description: List of rai categories' information to return - type: array - items: - type: string - scores: - description: >- - List of rai scores mapping to the rai categories. Rounded to 1 - decimal place. - type: array - items: - type: number - format: float - blockedEntities: - description: List of blocked entities from the blocklist if it is detected. - type: array - items: - type: string - detectedLabels: - description: The list of detected labels for different rai categories. - type: array - items: - $ref: '#/components/schemas/CloudAiLargeModelsVisionRaiInfoDetectedLabels' - modelName: - description: >- - The model name used to indexing into the RaiFilterConfig map. Would - either be one of imagegeneration@002-006, imagen-3.0-... api - endpoint names, or internal names used for mapping to different - filter configs (genselfie, ai_watermark) than its api endpoint. - type: string - CloudAiLargeModelsVisionRaiInfoDetectedLabels: - id: CloudAiLargeModelsVisionRaiInfoDetectedLabels - description: Filters returning list of deteceted labels, scores, and bounding boxes. - type: object - properties: - raiCategory: - description: The RAI category for the deteceted labels. + type: integer + type: + enum: + - MODEL_DEPLOYMENT_MONITORING_OBJECTIVE_TYPE_UNSPECIFIED + - RAW_FEATURE_SKEW + - RAW_FEATURE_DRIFT + - FEATURE_ATTRIBUTION_SKEW + - FEATURE_ATTRIBUTION_DRIFT + enumDescriptions: + - Default value, should not be set. + - >- + Raw feature values' stats to detect skew between + Training-Prediction datasets. + - >- + Raw feature values' stats to detect drift between + Serving-Prediction datasets. + - >- + Feature attribution scores to detect skew between + Training-Prediction datasets. + - >- + Feature attribution scores to detect skew between Prediction + datasets collected within different time windows. type: string - entities: - description: The list of detected entities for the rai signal. - type: array - items: - $ref: >- - #/components/schemas/CloudAiLargeModelsVisionRaiInfoDetectedLabelsEntity - CloudAiLargeModelsVisionRaiInfoDetectedLabelsEntity: - id: CloudAiLargeModelsVisionRaiInfoDetectedLabelsEntity - description: The properties for a detected entity from the rai signal. + id: >- + GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesRequestStatsAnomaliesObjective type: object + description: Stats requested for specific objective. + GoogleCloudAiplatformV1QuestionAnsweringCorrectnessInput: properties: - mid: - description: MID of the label - type: string - description: - description: Description of the label - type: string - score: - description: Confidence score of the label - type: number - format: float - boundingBox: - description: Bounding box of the label + instance: + description: Required. Question answering correctness instance. $ref: >- - #/components/schemas/CloudAiLargeModelsVisionRaiInfoDetectedLabelsBoundingBox - iouScore: - description: >- - The intersection ratio between the detection bounding box and the - mask. - type: number - format: float - CloudAiLargeModelsVisionRaiInfoDetectedLabelsBoundingBox: - id: CloudAiLargeModelsVisionRaiInfoDetectedLabelsBoundingBox - description: >- - An integer bounding box of original pixels of the image for the detected - labels. + #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringCorrectnessInstance + metricSpec: + description: Required. Spec for question answering correctness score metric. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1QuestionAnsweringCorrectnessSpec + id: GoogleCloudAiplatformV1QuestionAnsweringCorrectnessInput type: object - properties: - x1: - description: The X coordinate of the top-left corner, in pixels. - type: integer - format: int32 - y1: - description: The Y coordinate of the top-left corner, in pixels. - type: integer - format: int32 - x2: - description: The X coordinate of the bottom-right corner, in pixels. - type: integer - format: int32 - y2: - description: The Y coordinate of the bottom-right corner, in pixels. - type: integer - format: int32 - CloudAiLargeModelsVisionSemanticFilterResponse: - id: CloudAiLargeModelsVisionSemanticFilterResponse + description: Input for question answering correctness metric. + GoogleCloudAiplatformV1ImportDataRequest: + description: Request message for DatasetService.ImportData. + id: GoogleCloudAiplatformV1ImportDataRequest type: object properties: - passedSemanticFilter: - description: >- - This response is added when semantic filter config is turned on in - EditConfig. It reports if this image is passed semantic filter - response. If passed_semantic_filter is false, the bounding box - information will be populated for user to check what caused the - semantic filter to fail. - type: boolean - namedBoundingBoxes: + importConfigs: description: >- - Class labels of the bounding boxes that failed the semantic - filtering. Bounding box coordinates. + Required. The desired input locations. The contents of all input + locations will be imported in one batch. type: array items: - $ref: '#/components/schemas/CloudAiLargeModelsVisionNamedBoundingBox' - CloudAiLargeModelsVisionNamedBoundingBox: - id: CloudAiLargeModelsVisionNamedBoundingBox + $ref: '#/components/schemas/GoogleCloudAiplatformV1ImportDataConfig' + GoogleCloudAiplatformV1BatchDeletePipelineJobsRequest: type: object + id: GoogleCloudAiplatformV1BatchDeletePipelineJobsRequest properties: - x1: - type: number - format: float - x2: - type: number - format: float - y1: - type: number - format: float - y2: - type: number - format: float - classes: - type: array - items: - type: string - entities: + names: type: array + description: >- + Required. The names of the PipelineJobs to delete. A maximum of 32 + PipelineJobs can be deleted in a batch. Format: + `projects/{project}/locations/{location}/pipelineJobs/{pipelineJob}` items: type: string - scores: - type: array - items: - type: number - format: float - CloudAiLargeModelsVisionImageImageSize: - id: CloudAiLargeModelsVisionImageImageSize - description: Image size. - type: object - properties: - width: - type: integer - format: int32 - height: - type: integer - format: int32 - channels: - type: integer - format: int32 - CloudAiLargeModelsVisionVideo: - id: CloudAiLargeModelsVisionVideo - description: Video - type: object - properties: - video: - description: Raw bytes. - type: string - format: byte - uri: - description: Path to another storage (typically Google Cloud Storage). - type: string - encodedVideo: - description: Base 64 encoded video bytes. - type: string - encoding: - description: Video encoding, for example "video/mp4". - type: string - text: - description: Text/Expanded text input for Help Me Write. - type: string - CloudAiLargeModelsVisionGenerateVideoResponseVideo: - id: CloudAiLargeModelsVisionGenerateVideoResponseVideo - type: object - properties: - gcsUri: - description: Cloud Storage URI where the generated video is written. - type: string - bytesBase64Encoded: - description: Base64 encoded bytes string representing the video. - type: string - mimeType: - description: The MIME type of the content of the video. - video/mp4 - type: string - CloudAiPlatformCommonCreatePipelineJobApiErrorDetail: - id: CloudAiPlatformCommonCreatePipelineJobApiErrorDetail - description: Create API error message for Vertex Pipeline. - type: object - properties: - errorCause: - description: The error root cause returned by CreatePipelineJob API. - type: string - enumDescriptions: - - Should never be used. - - IR Pipeline Spec can not been parsed to yaml or json format. - - A pipeline spec is invalid. - - A deployment config is invalid. - - A deployment spec is invalid. - - An instance schema is invalid. - - A custom job is invalid. - - A container spec is invalid. - - Notification email setup is invalid. - - Service account setup is invalid. - - KMS setup is invalid. - - Network setup is invalid. - - Task spec is invalid. - - Task artifact is invalid. - - Importer spec is invalid. - - Resolver spec is invalid. - - Runtime Parameters are invalid. - - Cloud API not enabled. - - Invalid Cloud Storage input uri - - Invalid Cloud Storage output uri - - Component spec of pipeline is invalid. - - DagOutputsSpec is invalid. - - DagSpec is invalid. - - Project does not have enough quota. - - An internal error with unknown cause. - enum: - - ERROR_CAUSE_UNSPECIFIED - - INVALID_PIPELINE_SPEC_FORMAT - - INVALID_PIPELINE_SPEC - - INVALID_DEPLOYMENT_CONFIG - - INVALID_DEPLOYMENT_SPEC - - INVALID_INSTANCE_SCHEMA - - INVALID_CUSTOM_JOB - - INVALID_CONTAINER_SPEC - - INVALID_NOTIFICATION_EMAIL_SETUP - - INVALID_SERVICE_ACCOUNT_SETUP - - INVALID_KMS_SETUP - - INVALID_NETWORK_SETUP - - INVALID_PIPELINE_TASK_SPEC - - INVALID_PIPELINE_TASK_ARTIFACT - - INVALID_IMPORTER_SPEC - - INVALID_RESOLVER_SPEC - - INVALID_RUNTIME_PARAMETERS - - CLOUD_API_NOT_ENABLED - - INVALID_GCS_INPUT_URI - - INVALID_GCS_OUTPUT_URI - - INVALID_COMPONENT_SPEC - - INVALID_DAG_OUTPUTS_SPEC - - INVALID_DAG_SPEC - - INSUFFICIENT_QUOTA - - INTERNAL - publicMessage: - description: Public messages contains actionable items for the error cause. - type: string - GoogleCloudAiplatformV1CreateDatasetOperationMetadata: - id: GoogleCloudAiplatformV1CreateDatasetOperationMetadata - description: Runtime operation information for DatasetService.CreateDataset. - type: object - properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1CreateDatasetVersionOperationMetadata: - id: GoogleCloudAiplatformV1CreateDatasetVersionOperationMetadata - description: Runtime operation information for DatasetService.CreateDatasetVersion. - type: object - properties: - genericMetadata: - description: The common part of the operation metadata. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1RestoreDatasetVersionOperationMetadata: - id: GoogleCloudAiplatformV1RestoreDatasetVersionOperationMetadata - description: Runtime operation information for DatasetService.RestoreDatasetVersion. - type: object - properties: - genericMetadata: - description: The common part of the operation metadata. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - GoogleCloudAiplatformV1SchemaImageBoundingBoxAnnotation: - id: GoogleCloudAiplatformV1SchemaImageBoundingBoxAnnotation - description: Annotation details specific to image object detection. + description: Request message for PipelineService.BatchDeletePipelineJobs. + GoogleCloudAiplatformV1BatchPredictionJob: type: object + description: >- + A job that uses a Model to produce predictions on multiple input + instances. If predictions for significant portion of the instances fail, + the job may finish without attempting predictions for all remaining + instances. properties: - annotationSpecId: + outputConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1BatchPredictionJobOutputConfig description: >- - The resource Id of the AnnotationSpec that this Annotation pertains - to. - type: string - displayName: + Required. The Configuration specifying where output predictions + should be written. The schema of any single prediction may be + specified as a concatenation of Model's PredictSchemata's + instance_schema_uri and prediction_schema_uri. + startTime: + readOnly: true + format: google-datetime description: >- - The display name of the AnnotationSpec that this Annotation pertains - to. + Output only. Time when the BatchPredictionJob for the first time + entered the `JOB_STATE_RUNNING` state. type: string - xMin: - description: The leftmost coordinate of the bounding box. - type: number - format: double - xMax: - description: The rightmost coordinate of the bounding box. - type: number - format: double - yMin: - description: The topmost coordinate of the bounding box. - type: number - format: double - yMax: - description: The bottommost coordinate of the bounding box. - type: number - format: double - GoogleCloudAiplatformV1SchemaImageClassificationAnnotation: - id: GoogleCloudAiplatformV1SchemaImageClassificationAnnotation - description: Annotation details specific to image classification. - type: object - properties: - annotationSpecId: + dedicatedResources: description: >- - The resource Id of the AnnotationSpec that this Annotation pertains - to. - type: string - displayName: + The config of resources used by the Model during the batch + prediction. If the Model supports DEDICATED_RESOURCES this config + may be provided (and the job will use these resources), if the Model + doesn't support AUTOMATIC_RESOURCES, this config must be provided. + $ref: '#/components/schemas/GoogleCloudAiplatformV1BatchDedicatedResources' + modelVersionId: description: >- - The display name of the AnnotationSpec that this Annotation pertains - to. + Output only. The version ID of the Model that produces the + predictions via this job. + readOnly: true type: string - GoogleCloudAiplatformV1SchemaImageDataItem: - id: GoogleCloudAiplatformV1SchemaImageDataItem - description: Payload of Image DataItem. - type: object - properties: - gcsUri: - description: >- - Required. Google Cloud Storage URI points to the original image in - user's bucket. The image is up to 30MB in size. + state: + enum: + - JOB_STATE_UNSPECIFIED + - JOB_STATE_QUEUED + - JOB_STATE_PENDING + - JOB_STATE_RUNNING + - JOB_STATE_SUCCEEDED + - JOB_STATE_FAILED + - JOB_STATE_CANCELLING + - JOB_STATE_CANCELLED + - JOB_STATE_PAUSED + - JOB_STATE_EXPIRED + - JOB_STATE_UPDATING + - JOB_STATE_PARTIALLY_SUCCEEDED + description: Output only. The detailed state of the job. + enumDescriptions: + - The job state is unspecified. + - >- + The job has been just created or resumed and processing has not + yet begun. + - The service is preparing to run the job. + - The job is in progress. + - The job completed successfully. + - The job failed. + - >- + The job is being cancelled. From this state the job may only go to + either `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED` or + `JOB_STATE_CANCELLED`. + - The job has been cancelled. + - The job has been stopped, and can be resumed. + - The job has expired. + - >- + The job is being updated. Only jobs in the `RUNNING` state can be + updated. After updating, the job goes back to the `RUNNING` state. + - >- + The job is partially succeeded, some results may be missing due to + errors. type: string - mimeType: + readOnly: true + disableContainerLogging: description: >- - Output only. The mime type of the content of the image. Only the - images in below listed mime types are supported. - image/jpeg - - image/gif - image/png - image/webp - image/bmp - image/tiff - - image/vnd.microsoft.icon + For custom-trained Models and AutoML Tabular Models, the container + of the DeployedModel instances will send `stderr` and `stdout` + streams to Cloud Logging by default. Please note that the logs incur + cost, which are subject to [Cloud Logging + pricing](https://cloud.google.com/logging/pricing). User can disable + container logging by setting this flag to true. + type: boolean + satisfiesPzs: + type: boolean readOnly: true - type: string - GoogleCloudAiplatformV1SchemaImageDatasetMetadata: - id: GoogleCloudAiplatformV1SchemaImageDatasetMetadata - description: The metadata of Datasets that contain Image DataItems. - type: object - properties: - dataItemSchemaUri: + description: Output only. Reserved for future use. + labels: description: >- - Points to a YAML file stored on Google Cloud Storage describing - payload of the Image DataItems that belong to this Dataset. - type: string - gcsBucket: + The labels with user-defined metadata to organize + BatchPredictionJobs. Label keys and values can be no longer than 64 + characters (Unicode codepoints), can only contain lowercase letters, + numeric characters, underscores and dashes. International characters + are allowed. See https://goo.gl/xmQnxf for more information and + examples of labels. + additionalProperties: + type: string + type: object + endTime: + readOnly: true description: >- - Google Cloud Storage Bucket name that contains the blob data of this - Dataset. + Output only. Time when the BatchPredictionJob entered any of the + following states: `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED`, + `JOB_STATE_CANCELLED`. type: string - GoogleCloudAiplatformV1SchemaImageSegmentationAnnotation: - id: GoogleCloudAiplatformV1SchemaImageSegmentationAnnotation - description: Annotation details specific to image segmentation. - type: object - properties: - maskAnnotation: - description: >- - Mask based segmentation annotation. Only one mask annotation can - exist for one image. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationMaskAnnotation - polygonAnnotation: - description: Polygon annotation. + format: google-datetime + inputConfig: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationPolygonAnnotation - polylineAnnotation: - description: Polyline annotation. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationPolylineAnnotation - GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationMaskAnnotation: - id: GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationMaskAnnotation - description: The mask based segmentation annotation. - type: object - properties: - maskGcsUri: + #/components/schemas/GoogleCloudAiplatformV1BatchPredictionJobInputConfig description: >- - Google Cloud Storage URI that points to the mask image. The image - must be in PNG format. It must have the same size as the DataItem's - image. Each pixel in the image mask represents the AnnotationSpec - which the pixel in the image DataItem belong to. Each color is - mapped to one AnnotationSpec based on annotation_spec_colors. + Required. Input configuration of the instances on which predictions + are performed. The schema of any single instance may be specified + via the Model's PredictSchemata's instance_schema_uri. + createTime: + readOnly: true type: string - annotationSpecColors: - description: The mapping between color and AnnotationSpec for this Annotation. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaAnnotationSpecColor - GoogleCloudAiplatformV1SchemaAnnotationSpecColor: - id: GoogleCloudAiplatformV1SchemaAnnotationSpecColor - description: >- - An entry of mapping between color and AnnotationSpec. The mapping is - used in segmentation mask. - type: object - properties: - color: - description: The color of the AnnotationSpec in a segmentation mask. - $ref: '#/components/schemas/GoogleTypeColor' - displayName: + description: Output only. Time when the BatchPredictionJob was created. + format: google-datetime + resourcesConsumed: description: >- - The display name of the AnnotationSpec represented by the color in - the segmentation mask. + Output only. Information about resources that had been consumed by + this job. Provided in real time at best effort basis, as well as a + final value once the job completes. Note: This field currently may + be not populated for batch predictions that use AutoML Models. + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1ResourcesConsumed' + model: + description: >- + The name of the Model resource that produces the predictions via + this job, must share the same ancestor Location. Starting this job + has no impact on any existing deployments of the Model and their + resources. Exactly one of model, unmanaged_container_model, or + endpoint must be set. The model resource name may contain version id + or version alias to specify the version. Example: + `projects/{project}/locations/{location}/models/{model}@2` or + `projects/{project}/locations/{location}/models/{model}@golden` if + no version is specified, the default version will be deployed. The + model resource could also be a publisher model. Example: + `publishers/{publisher}/models/{model}` or + `projects/{project}/locations/{location}/publishers/{publisher}/models/{model}` + type: string + updateTime: + readOnly: true + format: google-datetime type: string - id: description: >- - The ID of the AnnotationSpec represented by the color in the - segmentation mask. + Output only. Time when the BatchPredictionJob was most recently + updated. + displayName: + description: Required. The user-defined name of this BatchPredictionJob. type: string - GoogleTypeColor: - id: GoogleTypeColor - description: >- - Represents a color in the RGBA color space. This representation is - designed for simplicity of conversion to and from color representations - in various languages over compactness. For example, the fields of this - representation can be trivially provided to the constructor of - `java.awt.Color` in Java; it can also be trivially provided to UIColor's - `+colorWithRed:green:blue:alpha` method in iOS; and, with just a little - work, it can be easily formatted into a CSS `rgba()` string in - JavaScript. This reference page doesn't have information about the - absolute color space that should be used to interpret the RGB value—for - example, sRGB, Adobe RGB, DCI-P3, and BT.2020. By default, applications - should assume the sRGB color space. When color equality needs to be - decided, implementations, unless documented otherwise, treat two colors - as equal if all their red, green, blue, and alpha values each differ by - at most `1e-5`. Example (Java): import com.google.type.Color; // ... - public static java.awt.Color fromProto(Color protocolor) { float alpha = - protocolor.hasAlpha() ? protocolor.getAlpha().getValue() : 1.0; return - new java.awt.Color( protocolor.getRed(), protocolor.getGreen(), - protocolor.getBlue(), alpha); } public static Color - toProto(java.awt.Color color) { float red = (float) color.getRed(); - float green = (float) color.getGreen(); float blue = (float) - color.getBlue(); float denominator = 255.0; Color.Builder resultBuilder - = Color .newBuilder() .setRed(red / denominator) .setGreen(green / - denominator) .setBlue(blue / denominator); int alpha = color.getAlpha(); - if (alpha != 255) { result.setAlpha( FloatValue .newBuilder() - .setValue(((float) alpha) / denominator) .build()); } return - resultBuilder.build(); } // ... Example (iOS / Obj-C): // ... static - UIColor* fromProto(Color* protocolor) { float red = [protocolor red]; - float green = [protocolor green]; float blue = [protocolor blue]; - FloatValue* alpha_wrapper = [protocolor alpha]; float alpha = 1.0; if - (alpha_wrapper != nil) { alpha = [alpha_wrapper value]; } return - [UIColor colorWithRed:red green:green blue:blue alpha:alpha]; } static - Color* toProto(UIColor* color) { CGFloat red, green, blue, alpha; if - (![color getRed:&red green:&green blue:&blue alpha:&alpha]) { return - nil; } Color* result = [[Color alloc] init]; [result setRed:red]; - [result setGreen:green]; [result setBlue:blue]; if (alpha <= 0.9999) { - [result setAlpha:floatWrapperWithValue(alpha)]; } [result autorelease]; - return result; } // ... Example (JavaScript): // ... var protoToCssColor - = function(rgb_color) { var redFrac = rgb_color.red || 0.0; var - greenFrac = rgb_color.green || 0.0; var blueFrac = rgb_color.blue || - 0.0; var red = Math.floor(redFrac * 255); var green = - Math.floor(greenFrac * 255); var blue = Math.floor(blueFrac * 255); if - (!('alpha' in rgb_color)) { return rgbToCssColor(red, green, blue); } - var alphaFrac = rgb_color.alpha.value || 0.0; var rgbParams = [red, - green, blue].join(','); return ['rgba(', rgbParams, ',', alphaFrac, - ')'].join(''); }; var rgbToCssColor = function(red, green, blue) { var - rgbNumber = new Number((red << 16) | (green << 8) | blue); var hexString - = rgbNumber.toString(16); var missingZeros = 6 - hexString.length; var - resultBuilder = ['#']; for (var i = 0; i < missingZeros; i++) { - resultBuilder.push('0'); } resultBuilder.push(hexString); return - resultBuilder.join(''); }; // ... - type: object - properties: - red: - description: The amount of red in the color as a value in the interval [0, 1]. - type: number - format: float - green: - description: The amount of green in the color as a value in the interval [0, 1]. - type: number - format: float - blue: - description: The amount of blue in the color as a value in the interval [0, 1]. - type: number - format: float - alpha: + error: + $ref: '#/components/schemas/GoogleRpcStatus' + readOnly: true description: >- - The fraction of this color that should be applied to the pixel. That - is, the final pixel color is defined by the equation: `pixel color = - alpha * (this color) + (1.0 - alpha) * (background color)` This - means that a value of 1.0 corresponds to a solid color, whereas a - value of 0.0 corresponds to a completely transparent color. This - uses a wrapper message rather than a simple float scalar so that it - is possible to distinguish between a default value and the value - being unset. If omitted, this color object is rendered as a solid - color (as if the alpha value had been explicitly given a value of - 1.0). - type: number - format: float - GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationPolygonAnnotation: - id: >- - GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationPolygonAnnotation - description: Represents a polygon in image. - type: object - properties: - vertexes: + Output only. Only populated when the job's state is JOB_STATE_FAILED + or JOB_STATE_CANCELLED. + explanationSpec: description: >- - The vertexes are connected one by one and the last vertex is - connected to the first one to represent a polygon. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1SchemaVertex' - annotationSpecId: + Explanation configuration for this BatchPredictionJob. Can be + specified only if generate_explanation is set to `true`. This value + overrides the value of Model.explanation_spec. All fields of + explanation_spec are optional in the request. If a field of the + explanation_spec object is not populated, the corresponding field of + the Model.explanation_spec object is inherited. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplanationSpec' + completionStats: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CompletionStats' + readOnly: true description: >- - The resource Id of the AnnotationSpec that this Annotation pertains - to. - type: string - displayName: + Output only. Statistics on completed and failed prediction + instances. + generateExplanation: description: >- - The display name of the AnnotationSpec that this Annotation pertains - to. + Generate explanation with the batch prediction results. When set to + `true`, the batch prediction output changes based on the + `predictions_format` field of the BatchPredictionJob.output_config + object: * `bigquery`: output includes a column named `explanation`. + The value is a struct that conforms to the Explanation object. * + `jsonl`: The JSON objects on each line include an additional entry + keyed `explanation`. The value of the entry is a JSON object that + conforms to the Explanation object. * `csv`: Generating explanations + for CSV format is not supported. If this field is set to true, + either the Model.explanation_spec or explanation_spec must be + populated. + type: boolean + outputInfo: + description: Output only. Information further describing the output of this job. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1BatchPredictionJobOutputInfo + readOnly: true + name: + readOnly: true type: string - GoogleCloudAiplatformV1SchemaVertex: - id: GoogleCloudAiplatformV1SchemaVertex - description: >- - A vertex represents a 2D point in the image. NOTE: the normalized vertex - coordinates are relative to the original image and range from 0 to 1. - type: object - properties: - x: - description: X coordinate. - type: number - format: double - 'y': - description: Y coordinate. - type: number - format: double - GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationPolylineAnnotation: - id: >- - GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationPolylineAnnotation - description: Represents a polyline in image. - type: object - properties: - vertexes: + description: Output only. Resource name of the BatchPredictionJob. + modelParameters: + type: any description: >- - The vertexes are connected one by one and the last vertex in not - connected to the first one. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1SchemaVertex' - annotationSpecId: + The parameters that govern the predictions. The schema of the + parameters may be specified via the Model's PredictSchemata's + parameters_schema_uri. + serviceAccount: description: >- - The resource Id of the AnnotationSpec that this Annotation pertains - to. + The service account that the DeployedModel's container runs as. If + not specified, a system generated one will be used, which has + minimal permissions and the custom container, if used, may not have + enough permission to access other Google Cloud resources. Users + deploying the Model must have the `iam.serviceAccounts.actAs` + permission on this service account. type: string - displayName: + unmanagedContainerModel: description: >- - The display name of the AnnotationSpec that this Annotation pertains - to. - type: string - GoogleCloudAiplatformV1SchemaTablesDatasetMetadata: - id: GoogleCloudAiplatformV1SchemaTablesDatasetMetadata - description: The metadata of Datasets that contain tables data. - type: object - properties: - inputConfig: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTablesDatasetMetadataInputConfig - GoogleCloudAiplatformV1SchemaTablesDatasetMetadataInputConfig: - id: GoogleCloudAiplatformV1SchemaTablesDatasetMetadataInputConfig - description: >- - The tables Dataset's data source. The Dataset doesn't store the data - directly, but only pointer(s) to its data. - type: object - properties: - gcsSource: + Contains model information necessary to perform batch prediction + without requiring uploading to model registry. Exactly one of model, + unmanaged_container_model, or endpoint must be set. + $ref: '#/components/schemas/GoogleCloudAiplatformV1UnmanagedContainerModel' + manualBatchTuningParameters: + description: >- + Immutable. Parameters configuring the batch behavior. Currently only + applicable when dedicated_resources are used (in other cases Vertex + AI does the tuning itself). $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTablesDatasetMetadataGcsSource - bigquerySource: + #/components/schemas/GoogleCloudAiplatformV1ManualBatchTuningParameters + instanceConfig: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTablesDatasetMetadataBigQuerySource - GoogleCloudAiplatformV1SchemaTablesDatasetMetadataGcsSource: - id: GoogleCloudAiplatformV1SchemaTablesDatasetMetadataGcsSource - type: object - properties: - uri: + #/components/schemas/GoogleCloudAiplatformV1BatchPredictionJobInstanceConfig description: >- - Cloud Storage URI of one or more files. Only CSV files are - supported. The first line of the CSV file is used as the header. If - there are multiple files, the header is the first line of the - lexicographically first file, the other files must either contain - the exact same header or omit the header. + Configuration for how to convert batch prediction input instances to + the prediction instances that are sent to the Model. + partialFailures: type: array + readOnly: true items: - type: string - GoogleCloudAiplatformV1SchemaTablesDatasetMetadataBigQuerySource: - id: GoogleCloudAiplatformV1SchemaTablesDatasetMetadataBigQuerySource - type: object - properties: - uri: + $ref: '#/components/schemas/GoogleRpcStatus' description: >- - The URI of a BigQuery table. e.g. - bq://projectId.bqDatasetId.bqTableId - type: string - GoogleCloudAiplatformV1SchemaTextClassificationAnnotation: - id: GoogleCloudAiplatformV1SchemaTextClassificationAnnotation - description: Annotation details specific to text classification. - type: object + Output only. Partial failures encountered. For example, single files + that can't be read. This field never exceeds 20 entries. Status + details fields contain standard Google Cloud error details. + encryptionSpec: + description: >- + Customer-managed encryption key options for a BatchPredictionJob. If + this is set, then all resources created by the BatchPredictionJob + will be encrypted with the provided encryption key. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + satisfiesPzi: + type: boolean + readOnly: true + description: Output only. Reserved for future use. + id: GoogleCloudAiplatformV1BatchPredictionJob + GoogleCloudAiplatformV1HyperparameterTuningJob: + description: >- + Represents a HyperparameterTuningJob. A HyperparameterTuningJob has a + Study specification and multiple CustomJobs with identical CustomJob + specification. + id: GoogleCloudAiplatformV1HyperparameterTuningJob properties: - annotationSpecId: + satisfiesPzs: + type: boolean + description: Output only. Reserved for future use. + readOnly: true + studySpec: + description: Required. Study configuration of the HyperparameterTuningJob. + $ref: '#/components/schemas/GoogleCloudAiplatformV1StudySpec' + error: description: >- - The resource Id of the AnnotationSpec that this Annotation pertains - to. - type: string - displayName: + Output only. Only populated when job's state is JOB_STATE_FAILED or + JOB_STATE_CANCELLED. + $ref: '#/components/schemas/GoogleRpcStatus' + readOnly: true + trialJobSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJobSpec' description: >- - The display name of the AnnotationSpec that this Annotation pertains - to. + Required. The spec of a trial job. The same spec applies to the + CustomJobs created in all the trials. + labels: + description: >- + The labels with user-defined metadata to organize + HyperparameterTuningJobs. Label keys and values can be no longer + than 64 characters (Unicode codepoints), can only contain lowercase + letters, numeric characters, underscores and dashes. International + characters are allowed. See https://goo.gl/xmQnxf for more + information and examples of labels. + additionalProperties: + type: string + type: object + name: type: string - GoogleCloudAiplatformV1SchemaTextDataItem: - id: GoogleCloudAiplatformV1SchemaTextDataItem - description: Payload of Text DataItem. - type: object - properties: - gcsUri: + readOnly: true + description: Output only. Resource name of the HyperparameterTuningJob. + startTime: description: >- - Output only. Google Cloud Storage URI points to a copy of the - original text in the Vertex-managed bucket in the user's project. - The text file is up to 10MB in size. + Output only. Time when the HyperparameterTuningJob for the first + time entered the `JOB_STATE_RUNNING` state. readOnly: true + format: google-datetime type: string - GoogleCloudAiplatformV1SchemaTextDatasetMetadata: - id: GoogleCloudAiplatformV1SchemaTextDatasetMetadata - description: The metadata of Datasets that contain Text DataItems. - type: object - properties: - dataItemSchemaUri: + maxTrialCount: + type: integer + description: Required. The desired total number of Trials. + format: int32 + trials: + description: Output only. Trials of the HyperparameterTuningJob. + type: array + readOnly: true + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' + parallelTrialCount: + format: int32 + type: integer + description: Required. The desired number of Trials to run in parallel. + updateTime: description: >- - Points to a YAML file stored on Google Cloud Storage describing - payload of the Text DataItems that belong to this Dataset. + Output only. Time when the HyperparameterTuningJob was most recently + updated. + readOnly: true + format: google-datetime type: string - gcsBucket: + endTime: + readOnly: true + format: google-datetime description: >- - Google Cloud Storage Bucket name that contains the blob data of this - Dataset. + Output only. Time when the HyperparameterTuningJob entered any of + the following states: `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED`, + `JOB_STATE_CANCELLED`. type: string - GoogleCloudAiplatformV1SchemaTextExtractionAnnotation: - id: GoogleCloudAiplatformV1SchemaTextExtractionAnnotation - description: Annotation details specific to text extraction. - type: object - properties: - textSegment: - description: The segment of the text content. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SchemaTextSegment' - annotationSpecId: + createTime: + format: google-datetime + description: Output only. Time when the HyperparameterTuningJob was created. + type: string + readOnly: true + maxFailedTrialCount: description: >- - The resource Id of the AnnotationSpec that this Annotation pertains - to. + The number of failed Trials that need to be seen before failing the + HyperparameterTuningJob. If set to 0, Vertex AI decides how many + Trials must fail before the whole job fails. + type: integer + format: int32 + state: + enum: + - JOB_STATE_UNSPECIFIED + - JOB_STATE_QUEUED + - JOB_STATE_PENDING + - JOB_STATE_RUNNING + - JOB_STATE_SUCCEEDED + - JOB_STATE_FAILED + - JOB_STATE_CANCELLING + - JOB_STATE_CANCELLED + - JOB_STATE_PAUSED + - JOB_STATE_EXPIRED + - JOB_STATE_UPDATING + - JOB_STATE_PARTIALLY_SUCCEEDED + enumDescriptions: + - The job state is unspecified. + - >- + The job has been just created or resumed and processing has not + yet begun. + - The service is preparing to run the job. + - The job is in progress. + - The job completed successfully. + - The job failed. + - >- + The job is being cancelled. From this state the job may only go to + either `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED` or + `JOB_STATE_CANCELLED`. + - The job has been cancelled. + - The job has been stopped, and can be resumed. + - The job has expired. + - >- + The job is being updated. Only jobs in the `RUNNING` state can be + updated. After updating, the job goes back to the `RUNNING` state. + - >- + The job is partially succeeded, some results may be missing due to + errors. + readOnly: true type: string + description: Output only. The detailed state of the job. + encryptionSpec: + description: >- + Customer-managed encryption key options for a + HyperparameterTuningJob. If this is set, then all resources created + by the HyperparameterTuningJob will be encrypted with the provided + encryption key. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' displayName: description: >- - The display name of the AnnotationSpec that this Annotation pertains - to. + Required. The display name of the HyperparameterTuningJob. The name + can be up to 128 characters long and can consist of any UTF-8 + characters. type: string - GoogleCloudAiplatformV1SchemaTextSegment: - id: GoogleCloudAiplatformV1SchemaTextSegment - description: The text segment inside of DataItem. + satisfiesPzi: + description: Output only. Reserved for future use. + readOnly: true + type: boolean type: object + GoogleCloudAiplatformV1ActiveLearningConfig: properties: - startOffset: - description: >- - Zero-based character index of the first character of the text - segment (counting characters from the beginning of the text). - type: string - format: uint64 - endOffset: + trainingConfig: description: >- - Zero-based character index of the first character past the end of - the text segment (counting character from the beginning of the - text). The character at the end_offset is NOT included in the text - segment. - type: string - format: uint64 - content: - description: The text content in the segment for output only. + CMLE training config. For every active learning labeling iteration, + system will train a machine learning model on CMLE. The trained + model will be used by data sampling algorithm to select DataItems. + $ref: '#/components/schemas/GoogleCloudAiplatformV1TrainingConfig' + maxDataItemPercentage: + format: int32 + description: Max percent of total DataItems for human labeling. + type: integer + maxDataItemCount: + description: Max number of human labeled DataItems. + format: int64 type: string - GoogleCloudAiplatformV1SchemaTextPromptDatasetMetadata: - id: GoogleCloudAiplatformV1SchemaTextPromptDatasetMetadata - description: The metadata of Datasets that contain Text Prompt data. + sampleConfig: + description: >- + Active learning data sampling config. For every active learning + labeling iteration, it will select a batch of data based on the + sampling strategy. + $ref: '#/components/schemas/GoogleCloudAiplatformV1SampleConfig' + id: GoogleCloudAiplatformV1ActiveLearningConfig + description: >- + Parameters that configure the active learning pipeline. Active learning + will label the data incrementally by several iterations. For every + iteration, it will select a batch of data based on the sampling + strategy. type: object + GoogleCloudAiplatformV1PublisherModelDocumentation: + description: A named piece of documentation. properties: - text: - description: The content of the prompt dataset. - type: string - gcsUri: - description: The Google Cloud Storage URI that stores the prompt data. - type: string - temperature: - description: >- - Temperature value used for sampling set when the dataset was saved. - This value is used to tune the degree of randomness. - type: number - format: float - maxOutputTokens: - description: >- - Value of the maximum number of tokens generated set when the dataset - was saved. - type: string - format: int64 - topK: - description: >- - Top K value set when the dataset was saved. This value determines - how many candidates with highest probability from the vocab would be - selected for each decoding step. + content: + description: Required. Content of this piece of document (in Markdown format). type: string - format: int64 - topP: + title: description: >- - Top P value set when the dataset was saved. Given topK tokens for - decoding, top candidates will be selected until the sum of their - probabilities is topP. - type: number - format: float - promptType: - description: Type of the prompt dataset. + Required. E.g., OVERVIEW, USE CASES, DOCUMENTATION, SDK & SAMPLES, + JAVA, NODE.JS, etc.. type: string - groundingConfig: - description: Grounding checking configuration. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPredictParamsGroundingConfig - stopSequences: - description: Customized stop sequences. + type: object + id: GoogleCloudAiplatformV1PublisherModelDocumentation + GoogleCloudAiplatformV1ModelMonitoringAlertConfigEmailAlertConfig: + id: GoogleCloudAiplatformV1ModelMonitoringAlertConfigEmailAlertConfig + properties: + userEmails: + description: The email addresses to send the alert. type: array items: type: string - candidateCount: - description: Number of candidates. - type: string - format: int64 - note: - description: User-created prompt note. Note size limit is 2KB. - type: string - systemInstructionGcsUri: - description: >- - The Google Cloud Storage URI that stores the system instruction, - starting with gs://. - type: string - hasPromptVariable: - description: Whether the prompt dataset has prompt variable. - type: boolean - systemInstruction: - description: The content of the prompt dataset system instruction. - type: string - seedEnabled: - description: >- - Seeding enables model to return a deterministic response on a best - effort basis. Determinism isn't guaranteed. This field determines - whether or not seeding is enabled. - type: boolean - seedValue: - description: The actual value of the seed. - type: string - format: int64 - logprobs: - description: >- - Whether or not the user has enabled logit probabilities in the model - parameters. - type: boolean - promptApiSchema: - description: The API schema of the prompt to support both UI and SDK usages. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SchemaPromptApiSchema' - GoogleCloudAiplatformV1SchemaPredictParamsGroundingConfig: - id: GoogleCloudAiplatformV1SchemaPredictParamsGroundingConfig - description: The configuration for grounding checking. type: object + description: The config for email alert. + GoogleCloudAiplatformV1ListFeaturestoresResponse: + type: object + id: GoogleCloudAiplatformV1ListFeaturestoresResponse properties: - sources: - description: The sources for the grounding checking. + featurestores: type: array + description: The Featurestores matching the request. items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPredictParamsGroundingConfigSourceEntry - disableAttribution: - description: >- - If set, skip finding claim attributions (i.e not generate grounding - citation). - deprecated: true - type: boolean - GoogleCloudAiplatformV1SchemaPredictParamsGroundingConfigSourceEntry: - id: GoogleCloudAiplatformV1SchemaPredictParamsGroundingConfigSourceEntry - description: Single source entry for the grounding checking. - type: object - properties: - type: - description: The type of the grounding checking source. - type: string - enumDescriptions: - - '' - - Uses Web Search to check the grounding. - - >- - Uses Vertex AI Search to check the grounding. Deprecated. Use - VERTEX_AI_SEARCH instead. - - Uses Vertex AI Search to check the grounding - - Uses inline context to check the grounding. - enumDeprecated: - - false - - false - - true - - false - - false - enum: - - UNSPECIFIED - - WEB - - ENTERPRISE - - VERTEX_AI_SEARCH - - INLINE - enterpriseDatastore: - description: >- - The uri of the Vertex AI Search data source. Deprecated. Use - vertex_ai_search_datastore instead. - deprecated: true - type: string - vertexAiSearchDatastore: - description: The uri of the Vertex AI Search data source. - type: string - inlineContext: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Featurestore' + nextPageToken: description: >- - The grounding text passed inline with the Predict API. It can - support up to 1 million bytes. + A token, which can be sent as ListFeaturestoresRequest.page_token to + retrieve the next page. If this field is omitted, there are no + subsequent pages. type: string - GoogleCloudAiplatformV1SchemaPromptApiSchema: - id: GoogleCloudAiplatformV1SchemaPromptApiSchema - description: The A2 schema of a prompt. + description: Response message for FeaturestoreService.ListFeaturestores. + GoogleCloudAiplatformV1ExportDataRequest: + description: Request message for DatasetService.ExportData. + properties: + exportConfig: + description: Required. The desired output location. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExportDataConfig' + type: object + id: GoogleCloudAiplatformV1ExportDataRequest + GoogleCloudAiplatformV1RetrieveMemoriesRequest: + description: Request message for MemoryBankService.RetrieveMemories. type: object + id: GoogleCloudAiplatformV1RetrieveMemoriesRequest properties: - multimodalPrompt: - description: Multimodal prompt which embeds preambles to prompt string. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecMultimodalPrompt - structuredPrompt: - description: The prompt variation that stores preambles in separate fields. + simpleRetrievalParams: + description: Parameters for simple (non-similarity search) retrieval. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecStructuredPrompt - translationPrompt: - description: The prompt variation for Translation use case. + #/components/schemas/GoogleCloudAiplatformV1RetrieveMemoriesRequestSimpleRetrievalParams + similaritySearchParams: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecTranslationPrompt - executions: + #/components/schemas/GoogleCloudAiplatformV1RetrieveMemoriesRequestSimilaritySearchParams + description: Parameters for semantic similarity search based retrieval. + scope: + type: object description: >- - A list of execution instances for constructing a ready-to-use - prompt. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPromptInstancePromptExecution - apiSchemaVersion: - description: The Schema version that represents changes to the API behavior. + Required. The scope of the memories to retrieve. A memory must have + exactly the same scope (`Memory.scope`) as the scope provided here + to be retrieved (same keys and values). Order does not matter, but + it is case-sensitive. + additionalProperties: + type: string + filter: + description: >- + Optional. The standard list filter that will be applied to the + retrieved memories. More detail in + [AIP-160](https://google.aip.dev/160). Supported fields: * `fact` * + `create_time` * `update_time` * `topics` (i.e. + `topics.custom_memory_topic_label: "example topic" OR + topics.managed_memory_topic: USER_PREFERENCES`) type: string - GoogleCloudAiplatformV1SchemaPromptSpecMultimodalPrompt: - id: GoogleCloudAiplatformV1SchemaPromptSpecMultimodalPrompt - description: Prompt variation that embeds preambles to prompt string. - type: object - properties: - promptMessage: - description: The prompt message. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecPromptMessage - GoogleCloudAiplatformV1SchemaPromptSpecPromptMessage: - id: GoogleCloudAiplatformV1SchemaPromptSpecPromptMessage - description: >- - The prompt message that aligns with the prompt message in - google.cloud.aiplatform.master.GenerateContentRequest. + GoogleCloudAiplatformV1PreTunedModel: + description: A pre-tuned model for continuous tuning. type: object properties: - model: - description: The model name. - type: string - contents: + baseModel: description: >- - The content of the current conversation with the model. For - single-turn queries, this is a single instance. For multi-turn - queries, this is a repeated field that contains conversation history - + latest request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - systemInstruction: + Output only. The name of the base model this PreTunedModel was tuned + from. + type: string + readOnly: true + checkpointId: description: >- - The user provided system instructions for the model. Note: only text - should be used in parts and content in each part will be in a - separate paragraph. - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - tools: + Optional. The source checkpoint id. If not specified, the default + checkpoint will be used. + type: string + tunedModelName: + type: string description: >- - A list of `Tools` the model may use to generate the next response. A - `Tool` is a piece of code that enables the system to interact with - external systems to perform an action, or set of actions, outside of - knowledge and scope of the model. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tool' - toolConfig: + The resource name of the Model. E.g., a model resource name with a + specified version id or alias: + `projects/{project}/locations/{location}/models/{model}@{version_id}` + `projects/{project}/locations/{location}/models/{model}@{alias}` Or, + omit the version id to use the default version: + `projects/{project}/locations/{location}/models/{model}` + id: GoogleCloudAiplatformV1PreTunedModel + GoogleCloudAiplatformV1NotebookEucConfig: + properties: + bypassActasCheck: + readOnly: true + type: boolean description: >- - Tool config. This config is shared for all tools provided in the - request. - $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolConfig' - safetySettings: + Output only. Whether ActAs check is bypassed for service account + attached to the VM. If false, we need ActAs check for the default + Compute Engine Service account. When a Runtime is created, a VM is + allocated using Default Compute Engine Service Account. Any user + requesting to use this Runtime requires Service Account User (ActAs) + permission over this SA. If true, Runtime owner is using EUC and + does not require the above permission as VM no longer use default + Compute Engine SA, but a P4SA. + eucDisabled: + type: boolean description: >- - Per request settings for blocking unsafe content. Enforced on - GenerateContentResponse.candidates. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1SafetySetting' - generationConfig: - description: Generation config. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenerationConfig' - GoogleCloudAiplatformV1SchemaPromptSpecStructuredPrompt: - id: GoogleCloudAiplatformV1SchemaPromptSpecStructuredPrompt - description: Prompt variation that stores preambles in separate fields. + Input only. Whether EUC is disabled in this NotebookRuntimeTemplate. + In proto3, the default value of a boolean is false. In this way, by + default EUC will be enabled for NotebookRuntimeTemplate. + id: GoogleCloudAiplatformV1NotebookEucConfig type: object + description: The euc configuration of NotebookRuntimeTemplate. + GoogleCloudAiplatformV1ListDataLabelingJobsResponse: properties: - promptMessage: - description: The prompt message. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecPromptMessage - context: - description: 'Preamble: The context of the prompt.' - $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' - inputPrefixes: - description: 'Preamble: The input prefixes before each example input.' - type: array - items: - type: string - outputPrefixes: - description: 'Preamble: The output prefixes before each example output.' - type: array - items: - type: string - examples: - description: 'Preamble: A set of examples for expected model response.' - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecPartList - infillPrefix: - description: >- - Preamble: For infill prompt, the prefix before expected model - response. - type: string - infillSuffix: - description: >- - Preamble: For infill prompt, the suffix after expected model - response. + nextPageToken: type: string - predictionInputs: + description: The standard List next-page token. + dataLabelingJobs: description: >- - Preamble: The input test data for prediction. Each PartList in this - field represents one text-only input set for a single model request. - type: array + A list of DataLabelingJobs that matches the specified filter in the + request. items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecPartList - GoogleCloudAiplatformV1SchemaPromptSpecPartList: - id: GoogleCloudAiplatformV1SchemaPromptSpecPartList - description: A list of elements and information that make up a portion of prompt. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DataLabelingJob' + type: array + type: object + description: Response message for JobService.ListDataLabelingJobs. + id: GoogleCloudAiplatformV1ListDataLabelingJobsResponse + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionCustomTask: + id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionCustomTask + description: A TrainingJob that trains a custom code Model. type: object properties: - parts: - description: A list of elements that can be part of a prompt. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Part' - GoogleCloudAiplatformV1SchemaPromptSpecTranslationPrompt: - id: GoogleCloudAiplatformV1SchemaPromptSpecTranslationPrompt - description: Prompt variation for Translation use case. + inputs: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJobSpec' + description: The input parameters of this CustomTask. + metadata: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaTrainingjobDefinitionCustomJobMetadata + description: The metadata information. + GoogleProtobufEmpty: + id: GoogleProtobufEmpty + properties: {} + type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpec: + description: Represents a parameter spec with condition from its parent parameter. + id: GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpec type: object properties: - promptMessage: - description: The prompt message. + parameterSpec: + description: Required. The spec for a conditional parameter. + $ref: '#/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpec' + parentDiscreteValues: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecPromptMessage - sourceLanguageCode: - description: The source language code. - type: string - targetLanguageCode: - description: The target language code. - type: string - option: - description: The translation option. + #/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecDiscreteValueCondition + description: >- + The spec for matching values from a parent parameter of `DISCRETE` + type. + parentIntValues: + description: >- + The spec for matching values from a parent parameter of `INTEGER` + type. $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecTranslationOption - example: - description: The translation example. + #/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecIntValueCondition + parentCategoricalValues: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecTranslationExample - GoogleCloudAiplatformV1SchemaPromptSpecTranslationOption: - id: GoogleCloudAiplatformV1SchemaPromptSpecTranslationOption - description: Optional settings for translation prompt. + #/components/schemas/GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecCategoricalValueCondition + description: >- + The spec for matching values from a parent parameter of + `CATEGORICAL` type. + GoogleCloudAiplatformV1StreamingPredictRequest: type: object - properties: - numberOfShots: - description: How many shots to use. - type: integer - format: int32 - GoogleCloudAiplatformV1SchemaPromptSpecTranslationExample: - id: GoogleCloudAiplatformV1SchemaPromptSpecTranslationExample description: >- - The translation example that contains reference sentences from various - sources. - type: object + Request message for PredictionService.StreamingPredict. The first + message must contain endpoint field and optionally input. The subsequent + messages must contain input. properties: - referenceSentencesFileInputs: - description: The reference sentences from file. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecTranslationSentenceFileInput - referenceSentencePairLists: - description: The reference sentences from inline text. + inputs: + description: The prediction input. type: array items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecReferenceSentencePairList - GoogleCloudAiplatformV1SchemaPromptSpecTranslationSentenceFileInput: - id: GoogleCloudAiplatformV1SchemaPromptSpecTranslationSentenceFileInput - type: object - properties: - fileInputSource: - description: Inlined file source. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecTranslationFileInputSource - gcsInputSource: - description: Cloud Storage file source. - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecTranslationGcsInputSource - GoogleCloudAiplatformV1SchemaPromptSpecTranslationFileInputSource: - id: GoogleCloudAiplatformV1SchemaPromptSpecTranslationFileInputSource + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' + parameters: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' + description: The parameters that govern the prediction. + id: GoogleCloudAiplatformV1StreamingPredictRequest + GoogleCloudAiplatformV1SummarizationHelpfulnessInstance: + id: GoogleCloudAiplatformV1SummarizationHelpfulnessInstance type: object + description: Spec for summarization helpfulness instance. properties: - mimeType: - description: The file's mime type. + instruction: type: string - content: - description: The file's contents. + description: Optional. Summarization prompt for LLM. + prediction: type: string - displayName: - description: The file's display name. + description: Required. Output of the evaluated model. + reference: + description: Optional. Ground truth used to compare against the prediction. type: string - GoogleCloudAiplatformV1SchemaPromptSpecTranslationGcsInputSource: - id: GoogleCloudAiplatformV1SchemaPromptSpecTranslationGcsInputSource + context: + description: Required. Text to be summarized. + type: string + GoogleCloudAiplatformV1CheckTrialEarlyStoppingStateMetatdata: + description: >- + This message will be placed in the metadata field of a + google.longrunning.Operation associated with a + CheckTrialEarlyStoppingState request. type: object properties: - inputUri: - description: Source data URI. For example, `gs://my_bucket/my_object`. + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Operation metadata for suggesting Trials. + study: + description: The name of the Study that the Trial belongs to. type: string - GoogleCloudAiplatformV1SchemaPromptSpecReferenceSentencePairList: - id: GoogleCloudAiplatformV1SchemaPromptSpecReferenceSentencePairList - description: A list of reference sentence pairs. + trial: + type: string + description: The Trial name. + id: GoogleCloudAiplatformV1CheckTrialEarlyStoppingStateMetatdata + GoogleCloudAiplatformV1CustomJob: type: object + id: GoogleCloudAiplatformV1CustomJob properties: - referenceSentencePairs: - description: Reference sentence pairs. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecReferenceSentencePair - GoogleCloudAiplatformV1SchemaPromptSpecReferenceSentencePair: - id: GoogleCloudAiplatformV1SchemaPromptSpecReferenceSentencePair - description: A pair of sentences used as reference in source and target languages. - type: object - properties: - sourceSentence: - description: Source sentence in the sentence pair. + webAccessUris: + additionalProperties: + type: string + readOnly: true + description: >- + Output only. URIs for accessing [interactive + shells](https://cloud.google.com/vertex-ai/docs/training/monitor-debug-interactive-shell) + (one URI for each training node). Only available if + job_spec.enable_web_access is `true`. The keys are names of each + node in the training job; for example, `workerpool0-0` for the + primary node, `workerpool1-0` for the first node in the second + worker pool, and `workerpool1-1` for the second node in the second + worker pool. The values are the URIs for each node's interactive + shell. + type: object + updateTime: + readOnly: true type: string - targetSentence: - description: Target sentence in the sentence pair. + format: google-datetime + description: Output only. Time when the CustomJob was most recently updated. + jobSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJobSpec' + description: Required. Job spec. + endTime: type: string - GoogleCloudAiplatformV1SchemaPromptInstancePromptExecution: - id: GoogleCloudAiplatformV1SchemaPromptInstancePromptExecution - description: >- - A prompt instance's parameters set that contains a set of variable - values. - type: object - properties: - arguments: - description: Maps variable names to their value. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaPromptInstanceVariableValue - GoogleCloudAiplatformV1SchemaPromptInstanceVariableValue: - id: GoogleCloudAiplatformV1SchemaPromptInstanceVariableValue - description: The value of a variable in prompt. - type: object - properties: - partList: - description: The parts of the variable value. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecPartList' - GoogleCloudAiplatformV1SchemaTextSentimentAnnotation: - id: GoogleCloudAiplatformV1SchemaTextSentimentAnnotation - description: Annotation details specific to text sentiment. - type: object - properties: - sentiment: - description: The sentiment score for text. - type: integer - format: int32 - sentimentMax: - description: The sentiment max score for text. - type: integer - format: int32 - annotationSpecId: description: >- - The resource Id of the AnnotationSpec that this Annotation pertains - to. + Output only. Time when the CustomJob entered any of the following + states: `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED`, + `JOB_STATE_CANCELLED`. + format: google-datetime + readOnly: true + encryptionSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + description: >- + Customer-managed encryption key options for a CustomJob. If this is + set, then all resources created by the CustomJob will be encrypted + with the provided encryption key. + startTime: + description: >- + Output only. Time when the CustomJob for the first time entered the + `JOB_STATE_RUNNING` state. type: string + readOnly: true + format: google-datetime displayName: + type: string description: >- - The display name of the AnnotationSpec that this Annotation pertains - to. + Required. The display name of the CustomJob. The name can be up to + 128 characters long and can consist of any UTF-8 characters. + name: + readOnly: true type: string - GoogleCloudAiplatformV1SchemaTextSentimentSavedQueryMetadata: - id: GoogleCloudAiplatformV1SchemaTextSentimentSavedQueryMetadata - description: The metadata of SavedQuery contains TextSentiment Annotations. - type: object - properties: - sentimentMax: - description: The maximum sentiment of sentiment Anntoation in this SavedQuery. - type: integer - format: int32 - GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadata: - id: GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadata - description: The metadata of Datasets that contain time series data. - type: object - properties: - inputConfig: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataInputConfig - timeSeriesIdentifierColumn: + description: Output only. Resource name of a CustomJob. + error: + readOnly: true description: >- - The column name of the time series identifier column that identifies - the time series. + Output only. Only populated when job's state is `JOB_STATE_FAILED` + or `JOB_STATE_CANCELLED`. + $ref: '#/components/schemas/GoogleRpcStatus' + createTime: + format: google-datetime + description: Output only. Time when the CustomJob was created. + readOnly: true type: string - timeColumn: + satisfiesPzi: + description: Output only. Reserved for future use. + type: boolean + readOnly: true + labels: + additionalProperties: + type: string + type: object description: >- - The column name of the time column that identifies time order in the - time series. + The labels with user-defined metadata to organize CustomJobs. Label + keys and values can be no longer than 64 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. See + https://goo.gl/xmQnxf for more information and examples of labels. + satisfiesPzs: + type: boolean + description: Output only. Reserved for future use. + readOnly: true + state: + description: Output only. The detailed state of the job. type: string - GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataInputConfig: - id: GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataInputConfig + enum: + - JOB_STATE_UNSPECIFIED + - JOB_STATE_QUEUED + - JOB_STATE_PENDING + - JOB_STATE_RUNNING + - JOB_STATE_SUCCEEDED + - JOB_STATE_FAILED + - JOB_STATE_CANCELLING + - JOB_STATE_CANCELLED + - JOB_STATE_PAUSED + - JOB_STATE_EXPIRED + - JOB_STATE_UPDATING + - JOB_STATE_PARTIALLY_SUCCEEDED + readOnly: true + enumDescriptions: + - The job state is unspecified. + - >- + The job has been just created or resumed and processing has not + yet begun. + - The service is preparing to run the job. + - The job is in progress. + - The job completed successfully. + - The job failed. + - >- + The job is being cancelled. From this state the job may only go to + either `JOB_STATE_SUCCEEDED`, `JOB_STATE_FAILED` or + `JOB_STATE_CANCELLED`. + - The job has been cancelled. + - The job has been stopped, and can be resumed. + - The job has expired. + - >- + The job is being updated. Only jobs in the `RUNNING` state can be + updated. After updating, the job goes back to the `RUNNING` state. + - >- + The job is partially succeeded, some results may be missing due to + errors. description: >- - The time series Dataset's data source. The Dataset doesn't store the - data directly, but only pointer(s) to its data. - type: object + Represents a job that runs custom workloads such as a Docker container + or a Python package. A CustomJob can have multiple worker pools and each + worker pool can have its own machine and input spec. A CustomJob will be + cleaned up once the job enters terminal state (failed or succeeded). + GoogleCloudAiplatformV1RubricBasedInstructionFollowingResult: + id: GoogleCloudAiplatformV1RubricBasedInstructionFollowingResult properties: - gcsSource: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataGcsSource - bigquerySource: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataBigQuerySource - GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataGcsSource: - id: GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataGcsSource + score: + type: number + format: float + description: Output only. Overall score for the instruction following. + readOnly: true + rubricCritiqueResults: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1RubricCritiqueResult' + readOnly: true + type: array + description: Output only. List of per rubric critique results. + description: Result for RubricBasedInstructionFollowing metric. + type: object + GoogleCloudAiplatformV1RetrieveContextsRequestVertexRagStoreRagResource: type: object + id: GoogleCloudAiplatformV1RetrieveContextsRequestVertexRagStoreRagResource + description: The definition of the Rag resource. properties: - uri: + ragCorpus: description: >- - Cloud Storage URI of one or more files. Only CSV files are - supported. The first line of the CSV file is used as the header. If - there are multiple files, the header is the first line of the - lexicographically first file, the other files must either contain - the exact same header or omit the header. + Optional. RagCorpora resource name. Format: + `projects/{project}/locations/{location}/ragCorpora/{rag_corpus}` + type: string + ragFileIds: + description: >- + Optional. rag_file_id. The files should be in the same rag_corpus + set in rag_corpus field. type: array items: type: string - GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataBigQuerySource: - id: GoogleCloudAiplatformV1SchemaTimeSeriesDatasetMetadataBigQuerySource + GoogleCloudAiplatformV1ClientConnectionConfig: type: object + description: >- + Configurations (e.g. inference timeout) that are applied on your + endpoints. + id: GoogleCloudAiplatformV1ClientConnectionConfig properties: - uri: - description: The URI of a BigQuery table. + inferenceTimeout: + format: google-duration + description: Customizable online prediction request timeout. type: string - GoogleCloudAiplatformV1SchemaVideoActionRecognitionAnnotation: - id: GoogleCloudAiplatformV1SchemaVideoActionRecognitionAnnotation - description: Annotation details specific to video action recognition. + GoogleCloudAiplatformV1RemoveContextChildrenResponse: + description: Response message for MetadataService.RemoveContextChildren. type: object + id: GoogleCloudAiplatformV1RemoveContextChildrenResponse + properties: {} + GoogleCloudAiplatformV1CoherenceInstance: properties: - timeSegment: - description: >- - This Annotation applies to the time period represented by the - TimeSegment. If it's not set, the Annotation applies to the whole - video. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SchemaTimeSegment' - annotationSpecId: - description: >- - The resource Id of the AnnotationSpec that this Annotation pertains - to. + prediction: type: string - displayName: + description: Required. Output of the evaluated model. + id: GoogleCloudAiplatformV1CoherenceInstance + description: Spec for coherence instance. + type: object + GoogleCloudAiplatformV1ToolCodeExecution: + id: GoogleCloudAiplatformV1ToolCodeExecution + type: object + properties: {} + description: >- + Tool that executes code generated by the model, and automatically + returns the result to the model. See also [ExecutableCode]and + [CodeExecutionResult] which are input and output to this tool. + GoogleCloudAiplatformV1ListFeatureOnlineStoresResponse: + properties: + nextPageToken: description: >- - The display name of the AnnotationSpec that this Annotation pertains - to. + A token, which can be sent as + ListFeatureOnlineStoresRequest.page_token to retrieve the next page. + If this field is omitted, there are no subsequent pages. type: string - GoogleCloudAiplatformV1SchemaTimeSegment: - id: GoogleCloudAiplatformV1SchemaTimeSegment + featureOnlineStores: + type: array + description: The FeatureOnlineStores matching the request. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureOnlineStore' + id: GoogleCloudAiplatformV1ListFeatureOnlineStoresResponse description: >- - A time period inside of a DataItem that has a time dimension (e.g. - video). + Response message for + FeatureOnlineStoreAdminService.ListFeatureOnlineStores. type: object + GoogleCloudAiplatformV1ExplanationSpec: + description: Specification of Model explanation. + id: GoogleCloudAiplatformV1ExplanationSpec properties: - startTimeOffset: + metadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplanationMetadata' description: >- - Start of the time segment (inclusive), represented as the duration - since the start of the DataItem. - type: string - format: google-duration - endTimeOffset: + Optional. Metadata describing the Model's input and output for + explanation. + parameters: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplanationParameters' description: >- - End of the time segment (exclusive), represented as the duration - since the start of the DataItem. - type: string - format: google-duration - GoogleCloudAiplatformV1SchemaVideoClassificationAnnotation: - id: GoogleCloudAiplatformV1SchemaVideoClassificationAnnotation - description: Annotation details specific to video classification. + Required. Parameters that configure explaining of the Model's + predictions. type: object + GoogleCloudAiplatformV1MemoryBankCustomizationConfig: properties: - timeSegment: + memoryTopics: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MemoryBankCustomizationConfigMemoryTopic description: >- - This Annotation applies to the time period represented by the - TimeSegment. If it's not set, the Annotation applies to the whole - video. - $ref: '#/components/schemas/GoogleCloudAiplatformV1SchemaTimeSegment' - annotationSpecId: + Optional. Topics of information that should be extracted from + conversations and stored as memories. If not set, then Memory Bank's + default topics will be used. + scopeKeys: + items: + type: string + type: array description: >- - The resource Id of the AnnotationSpec that this Annotation pertains - to. - type: string - displayName: + Optional. The scope keys (i.e. 'user_id') for which to use this + config. A request's scope must include all of the provided keys for + the config to be used (order does not matter). If empty, then the + config will be used for all requests that do not have a more + specific config. Only one default config is allowed per Memory Bank. + generateMemoriesExamples: description: >- - The display name of the AnnotationSpec that this Annotation pertains - to. - type: string - GoogleCloudAiplatformV1SchemaVideoDataItem: - id: GoogleCloudAiplatformV1SchemaVideoDataItem - description: Payload of Video DataItem. + Optional. Examples of how to generate memories for a particular + scope. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MemoryBankCustomizationConfigGenerateMemoriesExample + type: array type: object + id: GoogleCloudAiplatformV1MemoryBankCustomizationConfig + description: Configuration for organizing memories for a particular scope. + GoogleCloudAiplatformV1SchemaPromptInstanceVariableValue: + id: GoogleCloudAiplatformV1SchemaPromptInstanceVariableValue properties: - gcsUri: - description: >- - Required. Google Cloud Storage URI points to the original video in - user's bucket. The video is up to 50 GB in size and up to 3 hour in - duration. + partList: + description: The parts of the variable value. + $ref: '#/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecPartList' + type: object + description: The value of a variable in prompt. + GoogleCloudAiplatformV1PipelineTemplateMetadata: + type: object + description: >- + Pipeline template metadata if PipelineJob.template_uri is from supported + template registry. Currently, the only supported registry is Artifact + Registry. + properties: + version: type: string - mimeType: description: >- - Output only. The mime type of the content of the video. Only the - videos in below listed mime types are supported. Supported - mime_type: - video/mp4 - video/avi - video/quicktime - readOnly: true - type: string - GoogleCloudAiplatformV1SchemaVideoDatasetMetadata: - id: GoogleCloudAiplatformV1SchemaVideoDatasetMetadata - description: The metadata of Datasets that contain Video DataItems. + The version_name in artifact registry. Will always be presented in + output if the PipelineJob.template_uri is from supported template + registry. Format is "sha256:abcdef123456...". + id: GoogleCloudAiplatformV1PipelineTemplateMetadata + GoogleCloudAiplatformV1ExportModelRequestOutputConfig: type: object properties: - dataItemSchemaUri: + imageDestination: description: >- - Points to a YAML file stored on Google Cloud Storage describing - payload of the Video DataItems that belong to this Dataset. - type: string - gcsBucket: + The Google Container Registry or Artifact Registry uri where the + Model container image will be copied to. This field should only be + set when the `exportableContent` field of the + [Model.supported_export_formats] object contains `IMAGE`. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ContainerRegistryDestination + artifactDestination: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsDestination' description: >- - Google Cloud Storage Bucket name that contains the blob data of this - Dataset. + The Cloud Storage location where the Model artifact is to be written + to. Under the directory given as the destination a new one with name + "`model-export--`", where timestamp is in YYYY-MM-DDThh:mm:ss.sssZ + ISO-8601 format, will be created. Inside, the Model and any of its + supporting files will be written. This field should only be set when + the `exportableContent` field of the + [Model.supported_export_formats] object contains `ARTIFACT`. + exportFormatId: type: string - GoogleCloudAiplatformV1SchemaVideoObjectTrackingAnnotation: - id: GoogleCloudAiplatformV1SchemaVideoObjectTrackingAnnotation - description: Annotation details specific to video object tracking. + description: >- + The ID of the format in which the Model must be exported. Each Model + lists the export formats it supports. If no value is provided here, + then the first from the list of the Model's supported formats is + used by default. + id: GoogleCloudAiplatformV1ExportModelRequestOutputConfig + description: Output configuration for the Model export. + CloudAiLargeModelsVisionImageRAIScores: type: object properties: - timeOffset: - description: >- - A time (frame) of a video to which this annotation pertains. - Represented as the duration since the video's start. - type: string - format: google-duration - xMin: - description: The leftmost coordinate of the bounding box. - type: number - format: double - xMax: - description: The rightmost coordinate of the bounding box. - type: number - format: double - yMin: - description: The topmost coordinate of the bounding box. - type: number - format: double - yMax: - description: The bottommost coordinate of the bounding box. + agileWatermarkDetectionScore: + description: Agile watermark score for image. type: number format: double - instanceId: - description: >- - The instance of the object, expressed as a positive integer. Used to - track the same object across different frames. - type: string - format: int64 - annotationSpecId: - description: >- - The resource Id of the AnnotationSpec that this Annotation pertains - to. - type: string - displayName: - description: >- - The display name of the AnnotationSpec that this Annotation pertains - to. - type: string - GoogleCloudAiplatformV1SchemaVisualInspectionClassificationLabelSavedQueryMetadata: - id: >- - GoogleCloudAiplatformV1SchemaVisualInspectionClassificationLabelSavedQueryMetadata + description: RAI scores for generated image returned. + id: CloudAiLargeModelsVisionImageRAIScores + GoogleCloudAiplatformV1EmbedContentResponseEmbedding: type: object + id: GoogleCloudAiplatformV1EmbedContentResponseEmbedding + description: A list of floats representing an embedding. properties: - multiLabel: - description: Whether or not the classification label is multi_label. - type: boolean - GoogleCloudAiplatformV1SchemaVisualInspectionMaskSavedQueryMetadata: - id: GoogleCloudAiplatformV1SchemaVisualInspectionMaskSavedQueryMetadata + values: + description: Embedding vector values. + type: array + items: + type: number + format: float + GoogleCloudAiplatformV1ExplanationMetadataOverride: + id: GoogleCloudAiplatformV1ExplanationMetadataOverride + description: >- + The ExplanationMetadata entries that can be overridden at online + explanation time. + properties: + inputs: + type: object + description: >- + Required. Overrides the input metadata of the features. The key is + the name of the feature to be overridden. The keys specified here + must exist in the input metadata to be overridden. If a feature is + not specified here, the corresponding feature's input metadata is + not overridden. + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ExplanationMetadataOverrideInputMetadataOverride type: object - properties: {} - GoogleCloudAiplatformV1DeployOperationMetadata: - id: GoogleCloudAiplatformV1DeployOperationMetadata - description: Runtime operation information for ModelGardenService.Deploy. + GoogleCloudAiplatformV1Tensor: + id: GoogleCloudAiplatformV1Tensor type: object + description: A tensor value type. properties: - genericMetadata: - description: The operation generic information. - $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' - publisherModel: - description: Output only. The name of the model resource. - readOnly: true - type: string - destination: - description: >- - Output only. The resource name of the Location to deploy the model - in. Format: `projects/{project}/locations/{location}` - readOnly: true + int64Val: + type: array + description: INT64 + items: + format: int64 + type: string + listVal: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' + description: A list of tensor values. + dtype: type: string - projectNumber: - description: >- - Output only. The project number where the deploy model request is - sent. + enumDescriptions: + - >- + Not a legal value for DataType. Used to indicate a DataType field + has not been set. + - >- + Data types that all computation devices are expected to be capable + to support. + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + description: The data type of tensor. + enum: + - DATA_TYPE_UNSPECIFIED + - BOOL + - STRING + - FLOAT + - DOUBLE + - INT8 + - INT16 + - INT32 + - INT64 + - UINT8 + - UINT16 + - UINT32 + - UINT64 + stringVal: + type: array + description: STRING + items: + type: string + structVal: + description: A map of string to tensor. + additionalProperties: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' + type: object + doubleVal: + type: array + items: + type: number + format: double + description: DOUBLE + floatVal: + description: FLOAT + type: array + items: + format: float + type: number + uintVal: + description: UINT8 UINT16 UINT32 + items: + format: uint32 + type: integer + type: array + intVal: + items: + type: integer + format: int32 + type: array + description: INT_8 INT_16 INT_32 + uint64Val: + type: array + items: + format: uint64 + type: string + description: UINT64 + shape: + type: array + description: Shape of the tensor. + items: + type: string + format: int64 + bytesVal: + items: + format: byte + type: string + type: array + description: STRING + tensorVal: + type: string + format: byte + description: Serialized raw tensor content. + boolVal: + items: + type: boolean + type: array + description: >- + Type specific representations that make it easy to create tensor + protos in all languages. Only the representation corresponding to + "dtype" can be set. The values hold the flattened representation of + the tensor in row major order. BOOL + GoogleCloudAiplatformV1SchemaModelevaluationMetricsRegressionEvaluationMetrics: + type: object + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsRegressionEvaluationMetrics + description: Metrics for regression evaluation results. + properties: + rootMeanSquaredError: + description: Root Mean Squared Error (RMSE). + format: float + type: number + rootMeanSquaredLogError: + format: float + description: >- + Root mean squared log error. Undefined when there are negative + ground truth values or predictions. + type: number + meanAbsoluteError: + type: number + format: float + description: Mean Absolute Error (MAE). + meanAbsolutePercentageError: + description: >- + Mean absolute percentage error. Infinity when there are zeros in the + ground truth. + type: number + format: float + rSquared: + type: number + format: float + description: >- + Coefficient of determination as Pearson correlation coefficient. + Undefined when ground truth or predictions are constant or near + constant. + GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityResult: + type: object + description: Spec for pairwise question answering quality result. + properties: + confidence: + format: float readOnly: true + description: Output only. Confidence for question answering quality score. + type: number + explanation: + description: Output only. Explanation for question answering quality score. type: string - format: int64 - modelId: - description: Output only. The model id to be used at query time. readOnly: true + pairwiseChoice: + description: Output only. Pairwise question answering prediction choice. + readOnly: true + enumDescriptions: + - Unspecified prediction choice. + - Baseline prediction wins + - Candidate prediction wins + - Winner cannot be determined + enum: + - PAIRWISE_CHOICE_UNSPECIFIED + - BASELINE + - CANDIDATE + - TIE type: string - GoogleCloudAiplatformV1DeployResponse: - id: GoogleCloudAiplatformV1DeployResponse - description: Response message for ModelGardenService.Deploy. + id: GoogleCloudAiplatformV1PairwiseQuestionAnsweringQualityResult + GoogleCloudAiplatformV1SchemaPredictParamsVideoClassificationPredictionParams: + properties: + oneSecIntervalClassification: + type: boolean + description: >- + Set to true to request classification for a video at one-second + intervals. Vertex AI returns labels and their confidence scores for + each second of the entire time segment of the video that user + specified in the input WARNING: Model evaluation is not done for + this classification type, the quality of it depends on the training + data, but there are no metrics provided to describe that quality. + Default value is false + confidenceThreshold: + format: float + type: number + description: >- + The Model only returns predictions with at least this confidence + score. Default value is 0.0 + maxPredictions: + format: int32 + description: >- + The Model only returns up to that many top, by confidence score, + predictions per instance. If this number is very high, the Model may + return fewer predictions. Default value is 10,000. + type: integer + segmentClassification: + description: >- + Set to true to request segment-level classification. Vertex AI + returns labels and their confidence scores for the entire time + segment of the video that user specified in the input instance. + Default value is true + type: boolean + shotClassification: + description: >- + Set to true to request shot-level classification. Vertex AI + determines the boundaries for each camera shot in the entire time + segment of the video that user specified in the input instance. + Vertex AI then returns labels and their confidence scores for each + detected shot, along with the start and end time of the shot. + WARNING: Model evaluation is not done for this classification type, + the quality of it depends on the training data, but there are no + metrics provided to describe that quality. Default value is false + type: boolean + description: Prediction model parameters for Video Classification. + type: object + id: >- + GoogleCloudAiplatformV1SchemaPredictParamsVideoClassificationPredictionParams + GoogleCloudAiplatformV1SchemaPredictParamsVideoActionRecognitionPredictionParams: + description: Prediction model parameters for Video Action Recognition. type: object properties: - publisherModel: + confidenceThreshold: + format: float + type: number description: >- - Output only. The name of the PublisherModel resource. Format: - `publishers/{publisher}/models/{publisher_model}@{version_id}`, or - `publishers/hf-{hugging-face-author}/models/{hugging-face-model-name}@001` - readOnly: true + The Model only returns predictions with at least this confidence + score. Default value is 0.0 + maxPredictions: + description: >- + The model only returns up to that many top, by confidence score, + predictions per frame of the video. If this number is very high, the + Model may return fewer predictions per frame. Default value is 50. + format: int32 + type: integer + id: >- + GoogleCloudAiplatformV1SchemaPredictParamsVideoActionRecognitionPredictionParams + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionWindowConfig: + type: object + properties: + strideLength: + type: string + format: int64 + description: >- + Stride length used to generate input examples. Within one time + series, every {$STRIDE_LENGTH} rows will be used to generate a + sliding window. + maxCount: + format: int64 + description: >- + Maximum number of windows that should be generated across all time + series. + type: string + column: + type: string + description: >- + Name of the column that should be used to generate sliding windows. + The column should contain either booleans or string booleans; if the + value of the row is True, generate a sliding window with the horizon + starting at that row. The column will not be used as a feature in + training. + description: >- + Config that contains the strategy used to generate sliding windows in + time series training. A window is a series of rows that comprise the + context up to the time of prediction, and the horizon following. The + corresponding row for each window marks the start of the forecast + horizon. Each window is used as an input example for + training/evaluation. + id: GoogleCloudAiplatformV1SchemaTrainingjobDefinitionWindowConfig + GoogleCloudAiplatformV1Presets: + properties: + query: + enum: + - PRECISE + - FAST + description: >- + Preset option controlling parameters for speed-precision trade-off + when querying for examples. If omitted, defaults to `PRECISE`. + enumDescriptions: + - More precise neighbors as a trade-off against slower response. + - Faster response as a trade-off against less precise neighbors. + type: string + modality: + enum: + - MODALITY_UNSPECIFIED + - IMAGE + - TEXT + - TABULAR + enumDescriptions: + - Should not be set. Added as a recommended best practice for enums + - IMAGE modality + - TEXT modality + - TABULAR modality + description: >- + The modality of the uploaded model, which automatically configures + the distance measurement and feature normalization for the + underlying example index and queries. If your model does not + precisely fit one of these types, it is okay to choose the closest + type. + type: string + id: GoogleCloudAiplatformV1Presets + description: Preset configuration for example-based explanations + type: object + GoogleCloudAiplatformV1MigrateResourceRequest: + type: object + id: GoogleCloudAiplatformV1MigrateResourceRequest + description: >- + Config of migrating one resource from automl.googleapis.com, + datalabeling.googleapis.com and ml.googleapis.com to Vertex AI. + properties: + migrateAutomlDatasetConfig: + description: >- + Config for migrating Dataset in automl.googleapis.com to Vertex AI's + Dataset. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MigrateResourceRequestMigrateAutomlDatasetConfig + migrateMlEngineModelVersionConfig: + description: >- + Config for migrating Version in ml.googleapis.com to Vertex AI's + Model. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MigrateResourceRequestMigrateMlEngineModelVersionConfig + migrateAutomlModelConfig: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MigrateResourceRequestMigrateAutomlModelConfig + description: >- + Config for migrating Model in automl.googleapis.com to Vertex AI's + Model. + migrateDataLabelingDatasetConfig: + description: >- + Config for migrating Dataset in datalabeling.googleapis.com to + Vertex AI's Dataset. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MigrateResourceRequestMigrateDataLabelingDatasetConfig + GoogleCloudAiplatformV1MigrateResourceRequestMigrateMlEngineModelVersionConfig: + properties: + modelDisplayName: type: string + description: >- + Required. Display name of the model in Vertex AI. System will pick a + display name if unspecified. endpoint: + type: string description: >- - Output only. The name of the Endpoint created. Format: - `projects/{project}/locations/{location}/endpoints/{endpoint}` + Required. The ml.googleapis.com endpoint that this model version + should be migrated from. Example values: * ml.googleapis.com * + us-centrall-ml.googleapis.com * europe-west4-ml.googleapis.com * + asia-east1-ml.googleapis.com + modelVersion: + type: string + description: >- + Required. Full resource name of ml engine model version. Format: + `projects/{project}/models/{model}/versions/{version}`. + type: object + id: >- + GoogleCloudAiplatformV1MigrateResourceRequestMigrateMlEngineModelVersionConfig + description: Config for migrating version in ml.googleapis.com to Vertex AI's Model. + GoogleCloudAiplatformV1SessionEvent: + description: An event represents a message from either the user or agent. + id: GoogleCloudAiplatformV1SessionEvent + properties: + author: + description: Required. The name of the agent that sent the event, or user. + type: string + content: + description: Optional. Content of the event provided by the author. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + invocationId: + type: string + description: >- + Required. The invocation id of the event, multiple events can have + the same invocation id. + timestamp: + format: google-datetime + description: Required. Timestamp when the event was created on client side. + type: string + actions: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EventActions' + description: Optional. Actions executed by the agent. + errorCode: + description: >- + Optional. Error code if the response is an error. Code varies by + model. + type: string + errorMessage: + type: string + description: Optional. Error message if the response is an error. + eventMetadata: + description: Optional. Metadata relating to this event. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EventMetadata' + name: + description: >- + Identifier. The resource name of the event. + Format:`projects/{project}/locations/{location}/reasoningEngines/{reasoning_engine}/sessions/{session}/events/{event}`. + type: string + type: object + GoogleCloudAiplatformV1ModelEvaluationSlice: + description: >- + A collection of metrics calculated by comparing Model's predictions on a + slice of the test data against ground truth annotations. + id: GoogleCloudAiplatformV1ModelEvaluationSlice + type: object + properties: + createTime: + description: Output only. Timestamp when this ModelEvaluationSlice was created. readOnly: true type: string - model: + format: google-datetime + name: + description: Output only. The resource name of the ModelEvaluationSlice. + type: string + readOnly: true + metrics: + type: any description: >- - Output only. The name of the Model created. Format: - `projects/{project}/locations/{location}/models/{model}` + Output only. Sliced evaluation metrics of the Model. The schema of + the metrics is stored in metrics_schema_uri + readOnly: true + modelExplanation: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelExplanation' + description: >- + Output only. Aggregated explanation metrics for the Model's + prediction output over the data this ModelEvaluation uses. This + field is populated only if the Model is evaluated with explanations, + and only for tabular Models. + readOnly: true + slice: + description: >- + Output only. The slice of the test data that is used to evaluate the + Model. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ModelEvaluationSliceSlice readOnly: true + metricsSchemaUri: type: string - parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: + readOnly: true + description: >- + Output only. Points to a YAML file stored on Google Cloud Storage + describing the metrics of this ModelEvaluationSlice. The schema is + defined as an OpenAPI 3.0.2 [Schema + Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). + GoogleCloudAiplatformV1ThresholdConfig: + description: The config for feature monitoring threshold. + type: object + id: GoogleCloudAiplatformV1ThresholdConfig + properties: + value: + format: double + description: >- + Specify a threshold value that can trigger the alert. If this + threshold config is for feature distribution distance: 1. For + categorical feature, the distribution distance is calculated by + L-inifinity norm. 2. For numerical feature, the distribution + distance is calculated by Jensen–Shannon divergence. Each feature + must have a non-zero threshold if they need to be monitored. + Otherwise no alert will be triggered for that feature. + type: number + GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesResponse: description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - _.xgafv: - description: V1 error format. - in: query - name: $.xgafv - schema: - type: string - enum: - - '1' - - '2' - x-stackQL-resources: - datasets: - id: google.aiplatform.datasets - name: datasets - title: Datasets - methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.datasets - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - import: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:import/post - response: - mediaType: application/json - openAPIDocKey: '200' - export: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:export/post - response: - mediaType: application/json - openAPIDocKey: '200' - search_data_items: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:searchDataItems/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/datasets/methods/get' - - $ref: '#/components/x-stackQL-resources/datasets/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/datasets/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/datasets/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/datasets/methods/delete' - dataset_versions: - id: google.aiplatform.dataset_versions - name: dataset_versions - title: Dataset_versions - methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1datasetVersions/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1datasetVersions/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.datasetVersions - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1datasetVersions~1{datasetVersionsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1datasetVersions~1{datasetVersionsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1datasetVersions~1{datasetVersionsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - restore: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1datasetVersions~1{datasetVersionsId}:restore/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/dataset_versions/methods/get' - - $ref: '#/components/x-stackQL-resources/dataset_versions/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/dataset_versions/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/dataset_versions/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/dataset_versions/methods/delete' - cache_config: - id: google.aiplatform.cache_config - name: cache_config - title: Cache_config - methods: - update_cache_config: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1cacheConfig/patch' - response: - mediaType: application/json - openAPIDocKey: '200' - get_cache_config: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1cacheConfig/get' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/cache_config/methods/get_cache_config - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/cache_config/methods/update_cache_config - replace: [] - delete: [] - locations: - id: google.aiplatform.locations - name: locations - title: Locations - methods: - list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations - get: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - evaluate_instances: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:evaluateInstances/post - response: - mediaType: application/json - openAPIDocKey: '200' - evaluate_dataset: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:evaluateDataset/post - response: - mediaType: application/json - openAPIDocKey: '200' - generate_instance_rubrics: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:generateInstanceRubrics/post - response: - mediaType: application/json - openAPIDocKey: '200' - deploy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:deploy/post - response: - mediaType: application/json - openAPIDocKey: '200' - augment_prompt: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:augmentPrompt/post - response: - mediaType: application/json - openAPIDocKey: '200' - corroborate_content: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:corroborateContent/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - rag_engine_config: - id: google.aiplatform.rag_engine_config - name: rag_engine_config - title: Rag_engine_config - methods: - update_rag_engine_config: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragEngineConfig/patch - response: - mediaType: application/json - openAPIDocKey: '200' - get_rag_engine_config: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragEngineConfig/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/rag_engine_config/methods/get_rag_engine_config - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/rag_engine_config/methods/update_rag_engine_config - replace: [] - delete: [] - contexts: - id: google.aiplatform.contexts - name: contexts - title: Contexts - methods: - retrieve_contexts: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:retrieveContexts/post - response: - mediaType: application/json - openAPIDocKey: '200' - create: - operation: + Response message for + JobService.SearchModelDeploymentMonitoringStatsAnomalies. + properties: + nextPageToken: + type: string + description: >- + The page token that can be used by the next + JobService.SearchModelDeploymentMonitoringStatsAnomalies call. + monitoringStats: + type: array + description: >- + Stats retrieved for requested objectives. There are at most 1000 + ModelMonitoringStatsAnomalies.FeatureHistoricStatsAnomalies.prediction_stats + in the response. + items: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: + #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringStatsAnomalies + type: object + id: >- + GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesResponse + GoogleCloudAiplatformV1ListBatchPredictionJobsResponse: + description: Response message for JobService.ListBatchPredictionJobs + properties: + batchPredictionJobs: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1BatchPredictionJob' + type: array + description: List of BatchPredictionJobs in the requested page. + nextPageToken: + type: string + description: >- + A token to retrieve the next page of results. Pass to + ListBatchPredictionJobsRequest.page_token to obtain that page. + id: GoogleCloudAiplatformV1ListBatchPredictionJobsResponse + type: object + GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesRequest: + description: >- + Request message for + JobService.SearchModelDeploymentMonitoringStatsAnomalies. + id: >- + GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesRequest + properties: + objectives: + description: Required. Objectives of the stats to retrieve. + items: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.contexts - get: - operation: + #/components/schemas/GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesRequestStatsAnomaliesObjective + type: array + pageToken: + type: string + description: >- + A page token received from a previous + JobService.SearchModelDeploymentMonitoringStatsAnomalies call. + deployedModelId: + description: >- + Required. The DeployedModel ID of the + [ModelDeploymentMonitoringObjectiveConfig.deployed_model_id]. + type: string + pageSize: + format: int32 + type: integer + description: The standard list page size. + featureDisplayName: + type: string + description: >- + The feature display name. If specified, only return the stats + belonging to this feature. Format: + ModelMonitoringStatsAnomalies.FeatureHistoricStatsAnomalies.feature_display_name, + example: "user_destination". + endTime: + description: >- + The latest timestamp of stats being generated. If not set, indicates + feching stats till the latest possible one. + type: string + format: google-datetime + startTime: + type: string + description: >- + The earliest timestamp of stats being generated. If not set, + indicates fetching stats till the earliest possible one. + format: google-datetime + type: object + GoogleCloudAiplatformV1RagContexts: + id: GoogleCloudAiplatformV1RagContexts + description: Relevant contexts for one query. + type: object + properties: + contexts: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagContextsContext' + description: All its contexts. + GoogleCloudAiplatformV1MetricResult: + id: GoogleCloudAiplatformV1MetricResult + type: object + properties: + rubricVerdicts: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1RubricVerdict' + description: Output only. For rubric-based metrics, the verdicts for each rubric. + readOnly: true + score: + type: number + description: >- + Output only. The score for the metric. Please refer to each metric's + documentation for the meaning of the score. + format: float + readOnly: true + error: + $ref: '#/components/schemas/GoogleRpcStatus' + description: Output only. The error status for the metric result. + readOnly: true + explanation: + readOnly: true + description: Output only. The explanation for the metric result. + type: string + description: Result for a single metric on a single instance. + GoogleCloudAiplatformV1SchemaTextDataItem: + id: GoogleCloudAiplatformV1SchemaTextDataItem + type: object + properties: + gcsUri: + description: >- + Output only. Google Cloud Storage URI points to a copy of the + original text in the Vertex-managed bucket in the user's project. + The text file is up to 10MB in size. + type: string + readOnly: true + description: Payload of Text DataItem. + GoogleCloudAiplatformV1ToolParameterKVMatchInstance: + type: object + description: Spec for tool parameter key value match instance. + properties: + prediction: + description: Required. Output of the evaluated model. + type: string + reference: + type: string + description: Required. Ground truth used to compare against the prediction. + id: GoogleCloudAiplatformV1ToolParameterKVMatchInstance + GoogleCloudAiplatformV1SchemaPromptSpecPromptMessage: + description: >- + The prompt message that aligns with the prompt message in + google.cloud.aiplatform.master.GenerateContentRequest. + type: object + properties: + tools: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tool' + description: >- + A list of `Tools` the model may use to generate the next response. A + `Tool` is a piece of code that enables the system to interact with + external systems to perform an action, or set of actions, outside of + knowledge and scope of the model. + model: + description: The model name. + type: string + toolConfig: + description: >- + Tool config. This config is shared for all tools provided in the + request. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolConfig' + safetySettings: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SafetySetting' + description: >- + Per request settings for blocking unsafe content. Enforced on + GenerateContentResponse.candidates. + type: array + contents: + type: array + description: >- + The content of the current conversation with the model. For + single-turn queries, this is a single instance. For multi-turn + queries, this is a repeated field that contains conversation history + + latest request. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + systemInstruction: + description: >- + The user provided system instructions for the model. Note: only text + should be used in parts and content in each part will be in a + separate paragraph. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + generationConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenerationConfig' + description: Generation config. + id: GoogleCloudAiplatformV1SchemaPromptSpecPromptMessage + GoogleCloudAiplatformV1CometInput: + properties: + metricSpec: + description: Required. Spec for comet metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1CometSpec' + instance: + description: Required. Comet instance. + $ref: '#/components/schemas/GoogleCloudAiplatformV1CometInstance' + description: Input for Comet metric. + type: object + id: GoogleCloudAiplatformV1CometInput + GoogleCloudAiplatformV1ImportFeatureValuesRequest: + properties: + featureTimeField: + description: >- + Source column that holds the Feature timestamp for all Feature + values in each entity. + type: string + disableOnlineServing: + type: boolean + description: >- + If set, data will not be imported for online serving. This is + typically used for backfilling, where Feature generation timestamps + are not in the timestamp range needed for online serving. + bigquerySource: + $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQuerySource' + workerCount: + type: integer + format: int32 + description: >- + Specifies the number of workers that are used to write data to the + Featurestore. Consider the online serving capacity that you require + to achieve the desired import throughput without interfering with + online serving. The value must be positive, and less than or equal + to 100. If not set, defaults to using 1 worker. The low count + ensures minimal impact on online serving performance. + csvSource: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CsvSource' + entityIdField: + description: >- + Source column that holds entity IDs. If not provided, entity IDs are + extracted from the column named entity_id. + type: string + disableIngestionAnalysis: + description: If true, API doesn't start ingestion analysis pipeline. + type: boolean + featureSpecs: + items: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts~1{contextsId}/get + #/components/schemas/GoogleCloudAiplatformV1ImportFeatureValuesRequestFeatureSpec + description: >- + Required. Specifications defining which Feature values to import + from the entity. The request fails if no feature_specs are provided, + and having multiple feature_specs for one Feature is not allowed. + type: array + avroSource: + $ref: '#/components/schemas/GoogleCloudAiplatformV1AvroSource' + featureTime: + description: >- + Single Feature timestamp for all entities being imported. The + timestamp must not have higher than millisecond precision. + format: google-datetime + type: string + description: Request message for FeaturestoreService.ImportFeatureValues. + type: object + id: GoogleCloudAiplatformV1ImportFeatureValuesRequest + GoogleCloudAiplatformV1GroundingMetadataSourceFlaggingUri: + type: object + properties: + sourceId: + description: The ID of the place or review. + type: string + flagContentUri: + description: The URI that can be used to flag the content. + type: string + description: >- + A URI that can be used to flag a place or review for inappropriate + content. This is populated only when the grounding source is Google + Maps. + id: GoogleCloudAiplatformV1GroundingMetadataSourceFlaggingUri + GoogleCloudAiplatformV1ListSessionsResponse: + description: Response message for SessionService.ListSessions. + id: GoogleCloudAiplatformV1ListSessionsResponse + type: object + properties: + sessions: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Session' + description: A list of sessions matching the request. + nextPageToken: + type: string + description: >- + A token, which can be sent as ListSessionsRequest.page_token to + retrieve the next page. Absence of this field indicates there are no + subsequent pages. + GoogleCloudAiplatformV1PSCAutomationConfig: + id: GoogleCloudAiplatformV1PSCAutomationConfig + type: object + properties: + network: + type: string + description: >- + Required. The full name of the Google Compute Engine + [network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks). + [Format](https://cloud.google.com/compute/docs/reference/rest/v1/networks/get): + `projects/{project}/global/networks/{network}`. + errorMessage: + description: Output only. Error message if the PSC service automation failed. + readOnly: true + type: string + state: + enumDescriptions: + - Should not be used. + - The PSC service automation is successful. + - The PSC service automation has failed. + type: string + enum: + - PSC_AUTOMATION_STATE_UNSPECIFIED + - PSC_AUTOMATION_STATE_SUCCESSFUL + - PSC_AUTOMATION_STATE_FAILED + description: Output only. The state of the PSC service automation. + readOnly: true + projectId: + type: string + description: Required. Project id used to create forwarding rule. + ipAddress: + readOnly: true + description: Output only. IP address rule created by the PSC service automation. + type: string + forwardingRule: + readOnly: true + type: string + description: Output only. Forwarding rule created by the PSC service automation. + description: >- + PSC config that is used to automatically create PSC endpoints in the + user projects. + GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationPolygonAnnotation: + id: >- + GoogleCloudAiplatformV1SchemaImageSegmentationAnnotationPolygonAnnotation + properties: + displayName: + type: string + description: >- + The display name of the AnnotationSpec that this Annotation pertains + to. + vertexes: + description: >- + The vertexes are connected one by one and the last vertex is + connected to the first one to represent a polygon. + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SchemaVertex' + annotationSpecId: + type: string + description: >- + The resource Id of the AnnotationSpec that this Annotation pertains + to. + type: object + description: Represents a polygon in image. + GoogleCloudAiplatformV1QueryReasoningEngineResponse: + type: object + properties: + output: + description: Response provided by users in JSON object format. + type: any + id: GoogleCloudAiplatformV1QueryReasoningEngineResponse + description: Response message for ReasoningEngineExecutionService.Query + GoogleCloudAiplatformV1UpsertDatapointsResponse: + type: object + description: Response message for IndexService.UpsertDatapoints + id: GoogleCloudAiplatformV1UpsertDatapointsResponse + properties: {} + GoogleCloudAiplatformV1Measurement: + properties: + metrics: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1MeasurementMetric' + description: >- + Output only. A list of metrics got by evaluating the objective + functions using suggested Parameter values. + type: array + readOnly: true + stepCount: + type: string + description: >- + Output only. The number of steps the machine learning model has been + trained for. Must be non-negative. + readOnly: true + format: int64 + elapsedDuration: + type: string + description: >- + Output only. Time that the Trial has been running at the point of + this Measurement. + readOnly: true + format: google-duration + description: >- + A message representing a Measurement of a Trial. A Measurement contains + the Metrics got by executing a Trial using suggested hyperparameter + values. + id: GoogleCloudAiplatformV1Measurement + type: object + GoogleCloudAiplatformV1FeatureViewVertexRagSource: + description: A Vertex Rag source for features that need to be synced to Online Store. + properties: + uri: + description: >- + Required. The BigQuery view/table URI that will be materialized on + each manual sync trigger. The table/view is expected to have the + following columns and types at least: - `corpus_id` (STRING, + NULLABLE/REQUIRED) - `file_id` (STRING, NULLABLE/REQUIRED) - + `chunk_id` (STRING, NULLABLE/REQUIRED) - `chunk_data_type` (STRING, + NULLABLE/REQUIRED) - `chunk_data` (STRING, NULLABLE/REQUIRED) - + `embeddings` (FLOAT, REPEATED) - `file_original_uri` (STRING, + NULLABLE/REQUIRED) + type: string + ragCorpusId: + type: string + description: Optional. The RAG corpus id corresponding to this FeatureView. + format: int64 + type: object + id: GoogleCloudAiplatformV1FeatureViewVertexRagSource + GoogleCloudAiplatformV1ModelDeploymentMonitoringJobLatestMonitoringPipelineMetadata: + id: >- + GoogleCloudAiplatformV1ModelDeploymentMonitoringJobLatestMonitoringPipelineMetadata + type: object + description: All metadata of most recent monitoring pipelines. + properties: + status: + description: The status of the most recent monitoring pipeline. + $ref: '#/components/schemas/GoogleRpcStatus' + runTime: + type: string + format: google-datetime + description: >- + The time that most recent monitoring pipelines that is related to + this run. + GoogleCloudAiplatformV1ToolCallValidInstance: + type: object + properties: + reference: + type: string + description: Required. Ground truth used to compare against the prediction. + prediction: + description: Required. Output of the evaluated model. + type: string + id: GoogleCloudAiplatformV1ToolCallValidInstance + description: Spec for tool call valid instance. + GoogleCloudAiplatformV1ContainerSpec: + description: The spec of a Container. + id: GoogleCloudAiplatformV1ContainerSpec + properties: + command: + description: >- + The command to be invoked when the container is started. It + overrides the entrypoint instruction in Dockerfile when provided. + type: array + items: + type: string + imageUri: + type: string + description: >- + Required. The URI of a container image in the Container Registry + that is to be run on each worker replica. + args: + items: + type: string + description: The arguments to be passed when starting the container. + type: array + env: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EnvVar' + type: array + description: >- + Environment variables to be passed to the container. Maximum limit + is 100. + type: object + GoogleCloudAiplatformV1Candidate: + type: object + properties: + avgLogprobs: + format: double + readOnly: true + description: >- + Output only. The average log probability of the tokens in this + candidate. This is a length-normalized score that can be used to + compare the quality of candidates of different lengths. A higher + average log probability suggests a more confident and coherent + response. + type: number + citationMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CitationMetadata' + description: >- + Output only. A collection of citations that apply to the generated + content. + readOnly: true + content: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + description: Output only. The content of the candidate. + readOnly: true + index: + type: integer + description: >- + Output only. The 0-based index of this candidate in the list of + generated responses. This is useful for distinguishing between + multiple candidates when `candidate_count` > 1. + readOnly: true + format: int32 + urlContextMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1UrlContextMetadata' + readOnly: true + description: >- + Output only. Metadata returned when the model uses the `url_context` + tool to get information from a user-provided URL. + groundingMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GroundingMetadata' + description: >- + Output only. Metadata returned when grounding is enabled. It + contains the sources used to ground the generated content. + readOnly: true + safetyRatings: + readOnly: true + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SafetyRating' + type: array + description: >- + Output only. A list of ratings for the safety of a response + candidate. There is at most one rating per category. + finishMessage: + type: string + readOnly: true + description: >- + Output only. Describes the reason the model stopped generating + tokens in more detail. This field is returned only when + `finish_reason` is set. + logprobsResult: + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1LogprobsResult' + description: >- + Output only. The detailed log probability information for the tokens + in this candidate. This is useful for debugging, understanding model + uncertainty, and identifying potential "hallucinations". + finishReason: + type: string + enum: + - FINISH_REASON_UNSPECIFIED + - STOP + - MAX_TOKENS + - SAFETY + - RECITATION + - OTHER + - BLOCKLIST + - PROHIBITED_CONTENT + - SPII + - MALFORMED_FUNCTION_CALL + - MODEL_ARMOR + - IMAGE_SAFETY + - IMAGE_PROHIBITED_CONTENT + - IMAGE_RECITATION + - IMAGE_OTHER + - UNEXPECTED_TOOL_CALL + - NO_IMAGE + readOnly: true + description: >- + Output only. The reason why the model stopped generating tokens. If + empty, the model has not stopped generating. + enumDescriptions: + - The finish reason is unspecified. + - >- + The model reached a natural stopping point or a configured stop + sequence. + - >- + The model generated the maximum number of tokens allowed by the + `max_output_tokens` parameter. + - >- + The model stopped generating because the content potentially + violates safety policies. NOTE: When streaming, the `content` + field is empty if content filters block the output. + - >- + The model stopped generating because the content may be a + recitation from a source. + - The model stopped generating for a reason not otherwise specified. + - >- + The model stopped generating because the content contains a term + from a configured blocklist. + - >- + The model stopped generating because the content may be + prohibited. + - >- + The model stopped generating because the content may contain + sensitive personally identifiable information (SPII). + - >- + The model generated a function call that is syntactically invalid + and can't be parsed. + - The model response was blocked by Model Armor. + - The generated image potentially violates safety policies. + - The generated image may contain prohibited content. + - The generated image may be a recitation from a source. + - The image generation stopped for a reason not otherwise specified. + - >- + The model generated a function call that is semantically invalid. + This can happen, for example, if function calling is not enabled + or the generated function is not in the function declaration. + - The model was expected to generate an image, but didn't. + id: GoogleCloudAiplatformV1Candidate + description: A response candidate generated from the model. + GoogleCloudAiplatformV1SpecialistPool: + properties: + specialistWorkerEmails: + description: The email addresses of workers in the SpecialistPool. + items: + type: string + type: array + name: + description: Required. The resource name of the SpecialistPool. + type: string + displayName: + type: string + description: >- + Required. The user-defined name of the SpecialistPool. The name can + be up to 128 characters long and can consist of any UTF-8 + characters. This field should be unique on project-level. + pendingDataLabelingJobs: + items: + type: string + description: Output only. The resource name of the pending data labeling jobs. + type: array + readOnly: true + specialistManagerEmails: + description: The email addresses of the managers in the SpecialistPool. + type: array + items: + type: string + specialistManagersCount: + format: int32 + readOnly: true + description: Output only. The number of managers in this SpecialistPool. + type: integer + type: object + description: >- + SpecialistPool represents customers' own workforce to work on their data + labeling jobs. It includes a group of specialist managers and workers. + Managers are responsible for managing the workers in this pool as well + as customers' data labeling jobs associated with this pool. Customers + create specialist pool as well as start data labeling jobs on Cloud, + managers and workers handle the jobs using CrowdCompute console. + id: GoogleCloudAiplatformV1SpecialistPool + GoogleCloudAiplatformV1PipelineTaskExecutorDetailContainerDetail: + type: object + id: GoogleCloudAiplatformV1PipelineTaskExecutorDetailContainerDetail + properties: + mainJob: + readOnly: true + description: >- + Output only. The name of the CustomJob for the main container + execution. + type: string + preCachingCheckJob: + description: >- + Output only. The name of the CustomJob for the pre-caching-check + container execution. This job will be available if the + PipelineJob.pipeline_spec specifies the `pre_caching_check` hook in + the lifecycle events. + readOnly: true + type: string + failedMainJobs: + type: array + items: + type: string + description: >- + Output only. The names of the previously failed CustomJob for the + main container executions. The list includes the all attempts in + chronological order. + readOnly: true + failedPreCachingCheckJobs: + readOnly: true + description: >- + Output only. The names of the previously failed CustomJob for the + pre-caching-check container executions. This job will be available + if the PipelineJob.pipeline_spec specifies the `pre_caching_check` + hook in the lifecycle events. The list includes the all attempts in + chronological order. + type: array + items: + type: string + description: >- + The detail of a container execution. It contains the job names of the + lifecycle of a container execution. + GoogleCloudAiplatformV1Trajectory: + description: Spec for trajectory. + id: GoogleCloudAiplatformV1Trajectory + properties: + toolCalls: + description: Required. Tool calls in the trajectory. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolCall' + type: array + type: object + GoogleCloudAiplatformV1VoiceConfig: + type: object + description: Configuration for a voice. + properties: + replicatedVoiceConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ReplicatedVoiceConfig' + description: >- + Optional. The configuration for a replicated voice. This enables + users to replicate a voice from an audio sample. + prebuiltVoiceConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PrebuiltVoiceConfig' + description: The configuration for a prebuilt voice. + id: GoogleCloudAiplatformV1VoiceConfig + GoogleCloudAiplatformV1TrajectorySingleToolUseSpec: + type: object + properties: + toolName: + description: >- + Required. Spec for tool name to be checked for in the predicted + trajectory. + type: string + id: GoogleCloudAiplatformV1TrajectorySingleToolUseSpec + description: >- + Spec for TrajectorySingleToolUse metric - returns 1 if tool is present + in the predicted trajectory, else 0. + GoogleCloudAiplatformV1RagFile: + description: A RagFile contains user data for chunking, embedding and indexing. + id: GoogleCloudAiplatformV1RagFile + properties: + jiraSource: + $ref: '#/components/schemas/GoogleCloudAiplatformV1JiraSource' + description: The RagFile is imported from a Jira query. + createTime: + type: string + format: google-datetime + readOnly: true + description: Output only. Timestamp when this RagFile was created. + name: + readOnly: true + description: Output only. The resource name of the RagFile. + type: string + displayName: + description: >- + Required. The display name of the RagFile. The name can be up to 128 + characters long and can consist of any UTF-8 characters. + type: string + slackSource: + description: The RagFile is imported from a Slack channel. + $ref: '#/components/schemas/GoogleCloudAiplatformV1SlackSource' + googleDriveSource: + description: >- + Output only. Google Drive location. Supports importing individual + files as well as Google Drive folders. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GoogleDriveSource' + readOnly: true + updateTime: + readOnly: true + description: Output only. Timestamp when this RagFile was last updated. + format: google-datetime + type: string + directUploadSource: + description: >- + Output only. The RagFile is encapsulated and uploaded in the + UploadRagFile request. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DirectUploadSource' + readOnly: true + sharePointSources: + description: The RagFile is imported from a SharePoint source. + $ref: '#/components/schemas/GoogleCloudAiplatformV1SharePointSources' + description: + description: Optional. The description of the RagFile. + type: string + fileStatus: + description: Output only. State of the RagFile. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FileStatus' + readOnly: true + gcsSource: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GcsSource' + description: >- + Output only. Google Cloud Storage location of the RagFile. It does + not support wildcards in the Cloud Storage uri for now. + readOnly: true + userMetadata: + type: string + description: >- + Output only. The metadata for metadata search. The user_metadata + Needs to be in JSON format. + readOnly: true + type: object + GoogleCloudAiplatformV1SpeculativeDecodingSpecNgramSpeculation: + properties: + ngramSize: + type: integer + format: int32 + description: >- + The number of last N input tokens used as ngram to search/match + against the previous prompt sequence. This is equal to the N in + N-Gram. The default value is 3 if not specified. + description: >- + N-Gram speculation works by trying to find matching tokens in the + previous prompt sequence and use those as speculation for generating new + tokens. + type: object + id: GoogleCloudAiplatformV1SpeculativeDecodingSpecNgramSpeculation + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHyperparameterTuningJobSpec: + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionHyperparameterTuningJobSpec + properties: + maxFailedTrialCount: + type: integer + description: >- + The number of failed Trials that need to be seen before failing the + HyperparameterTuningJob. If set to 0, Vertex AI decides how many + Trials must fail before the whole job fails. + format: int32 + maxTrialCount: + format: int32 + description: The desired total number of Trials. + type: integer + trialJobSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJobSpec' + description: >- + The spec of a trial job. The same spec applies to the CustomJobs + created in all the trials. + studySpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1StudySpec' + description: Study configuration of the HyperparameterTuningJob. + parallelTrialCount: + description: The desired number of Trials to run in parallel. + format: int32 + type: integer + type: object + GoogleCloudAiplatformV1StartNotebookRuntimeRequest: + properties: {} + description: Request message for NotebookService.StartNotebookRuntime. + id: GoogleCloudAiplatformV1StartNotebookRuntimeRequest + type: object + GoogleCloudAiplatformV1ListDataItemsResponse: + description: Response message for DatasetService.ListDataItems. + id: GoogleCloudAiplatformV1ListDataItemsResponse + type: object + properties: + nextPageToken: + description: The standard List next-page token. + type: string + dataItems: + type: array + description: >- + A list of DataItems that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DataItem' + GoogleCloudAiplatformV1ReasoningEngineSpecDeploymentSpec: + id: GoogleCloudAiplatformV1ReasoningEngineSpecDeploymentSpec + type: object + description: The specification of a Reasoning Engine deployment. + properties: + env: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EnvVar' + description: >- + Optional. Environment variables to be set with the Reasoning Engine + deployment. The environment variables can be updated through the + UpdateReasoningEngine API. + type: array + maxInstances: + type: integer + format: int32 + description: >- + Optional. The maximum number of application instances that can be + launched to handle increased traffic. Defaults to 100. Range: [1, + 1000]. If VPC-SC or PSC-I is enabled, the acceptable range is [1, + 100]. + containerConcurrency: + type: integer + description: >- + Optional. Concurrency for each container and agent server. + Recommended value: 2 * cpu + 1. Defaults to 9. + format: int32 + minInstances: + description: >- + Optional. The minimum number of application instances that will be + kept running at all times. Defaults to 1. Range: [0, 10]. + format: int32 + type: integer + secretEnv: + type: array + description: >- + Optional. Environment variables where the value is a secret in Cloud + Secret Manager. To use this feature, add 'Secret Manager Secret + Accessor' role (roles/secretmanager.secretAccessor) to AI Platform + Reasoning Engine Service Agent. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SecretEnvVar' + resourceLimits: + type: object + description: >- + Optional. Resource limits for each container. Only 'cpu' and + 'memory' keys are supported. Defaults to {"cpu": "4", "memory": + "4Gi"}. * The only supported values for CPU are '1', '2', '4', '6' + and '8'. For more information, go to + https://cloud.google.com/run/docs/configuring/cpu. * The only + supported values for memory are '1Gi', '2Gi', ... '32 Gi'. * For + required cpu on different memory values, go to + https://cloud.google.com/run/docs/configuring/memory-limits + additionalProperties: + type: string + pscInterfaceConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PscInterfaceConfig' + description: Optional. Configuration for PSC-I. + GoogleCloudAiplatformV1AuthConfigOidcConfig: + id: GoogleCloudAiplatformV1AuthConfigOidcConfig + properties: + idToken: + description: >- + OpenID Connect formatted ID token for extension endpoint. Only used + to propagate token from + [[ExecuteExtensionRequest.runtime_auth_config]] at request time. + type: string + serviceAccount: + type: string + description: >- + The service account used to generate an OpenID Connect + (OIDC)-compatible JWT token signed by the Google OIDC Provider + (accounts.google.com) for extension endpoint + (https://cloud.google.com/iam/docs/create-short-lived-credentials-direct#sa-credentials-oidc). + - The audience for the token will be set to the URL in the server + url defined in the OpenApi spec. - If the service account is + provided, the service account should grant + `iam.serviceAccounts.getOpenIdToken` permission to Vertex AI + Extension Service Agent + (https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents). + description: Config for user OIDC auth. + type: object + GoogleCloudAiplatformV1TrajectoryPrecisionSpec: + type: object + properties: {} + id: GoogleCloudAiplatformV1TrajectoryPrecisionSpec + description: >- + Spec for TrajectoryPrecision metric - returns a float score based on + average precision of individual tool calls. + GoogleCloudAiplatformV1RetrieveContextsResponse: + id: GoogleCloudAiplatformV1RetrieveContextsResponse + type: object + description: Response message for VertexRagService.RetrieveContexts. + properties: + contexts: + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagContexts' + description: The contexts of the query. + GoogleCloudAiplatformV1ListContextsResponse: + properties: + contexts: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Context' + description: The Contexts retrieved from the MetadataStore. + nextPageToken: + description: >- + A token, which can be sent as ListContextsRequest.page_token to + retrieve the next page. If this field is not populated, there are no + subsequent pages. + type: string + id: GoogleCloudAiplatformV1ListContextsResponse + description: Response message for MetadataService.ListContexts. + type: object + GoogleCloudAiplatformV1RemoveDatapointsResponse: + id: GoogleCloudAiplatformV1RemoveDatapointsResponse + properties: {} + type: object + description: Response message for IndexService.RemoveDatapoints + GoogleCloudAiplatformV1DeployModelResponse: + properties: + deployedModel: + description: The DeployedModel that had been deployed in the Endpoint. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModel' + id: GoogleCloudAiplatformV1DeployModelResponse + description: Response message for EndpointService.DeployModel. + type: object + GoogleCloudAiplatformV1LogprobsResult: + description: >- + The log probabilities of the tokens generated by the model. This is + useful for understanding the model's confidence in its predictions and + for debugging. For example, you can use log probabilities to identify + when the model is making a less confident prediction or to explore + alternative responses that the model considered. A low log probability + can also indicate that the model is "hallucinating" or generating + factually incorrect information. + type: object + id: GoogleCloudAiplatformV1LogprobsResult + properties: + topCandidates: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1LogprobsResultTopCandidates + description: >- + A list of the top candidate tokens at each decoding step. The length + of this list is equal to the total number of decoding steps. + chosenCandidates: + type: array + description: >- + A list of the chosen candidate tokens at each decoding step. The + length of this list is equal to the total number of decoding steps. + Note that the chosen candidate might not be in `top_candidates`. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1LogprobsResultCandidate + GoogleCloudAiplatformV1Scalar: + type: object + properties: + value: + description: Value of the point at this step / timestamp. + type: number + format: double + id: GoogleCloudAiplatformV1Scalar + description: One point viewable on a scalar metric plot. + GoogleCloudAiplatformV1PublisherModelCallToActionOpenNotebooks: + description: Open notebooks. + properties: + notebooks: + description: Required. Regional resource references to notebooks. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PublisherModelCallToActionRegionalResourceReferences + type: array + type: object + id: GoogleCloudAiplatformV1PublisherModelCallToActionOpenNotebooks + GoogleCloudAiplatformV1EvaluationRunMetricRubricBasedMetricSpecRepeatedRubrics: + description: Defines a list of rubrics, used when providing rubrics inline. + id: >- + GoogleCloudAiplatformV1EvaluationRunMetricRubricBasedMetricSpecRepeatedRubrics + type: object + properties: + rubrics: + description: The list of rubrics. + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Rubric' + GoogleCloudAiplatformV1BatchImportEvaluatedAnnotationsRequest: + properties: + evaluatedAnnotations: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluatedAnnotation' + description: Required. Evaluated annotations resource to be imported. + type: array + id: GoogleCloudAiplatformV1BatchImportEvaluatedAnnotationsRequest + type: object + description: Request message for ModelService.BatchImportEvaluatedAnnotations + GoogleCloudAiplatformV1Event: + id: GoogleCloudAiplatformV1Event + type: object + description: >- + An edge describing the relationship between an Artifact and an Execution + in a lineage graph. + properties: + artifact: + description: Required. The relative resource name of the Artifact in the Event. + type: string + eventTime: + description: Output only. Time the Event occurred. + type: string + readOnly: true + format: google-datetime + execution: + readOnly: true + type: string + description: >- + Output only. The relative resource name of the Execution in the + Event. + type: + description: Required. The type of the Event. + type: string + enumDescriptions: + - Unspecified whether input or output of the Execution. + - An input of the Execution. + - An output of the Execution. + enum: + - TYPE_UNSPECIFIED + - INPUT + - OUTPUT + labels: + additionalProperties: + type: string + description: >- + The labels with user-defined metadata to annotate Events. Label keys + and values can be no longer than 64 characters (Unicode codepoints), + can only contain lowercase letters, numeric characters, underscores + and dashes. International characters are allowed. No more than 64 + user labels can be associated with one Event (System labels are + excluded). See https://goo.gl/xmQnxf for more information and + examples of labels. System reserved label keys are prefixed with + "aiplatform.googleapis.com/" and are immutable. + type: object + GoogleCloudAiplatformV1SchemaPromptSpecReferenceSentencePairList: + properties: + referenceSentencePairs: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecReferenceSentencePair + type: array + description: Reference sentence pairs. + type: object + id: GoogleCloudAiplatformV1SchemaPromptSpecReferenceSentencePairList + description: A list of reference sentence pairs. + GoogleCloudAiplatformV1Explanation: + type: object + id: GoogleCloudAiplatformV1Explanation + description: >- + Explanation of a prediction (provided in PredictResponse.predictions) + produced by the Model on a given instance. + properties: + attributions: + readOnly: true + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Attribution' + description: >- + Output only. Feature attributions grouped by predicted outputs. For + Models that predict only one output, such as regression Models that + predict only one score, there is only one attibution that explains + the predicted output. For Models that predict multiple outputs, such + as multiclass Models that predict multiple classes, each element + explains one specific item. Attribution.output_index can be used to + identify which output this attribution is explaining. By default, we + provide Shapley values for the predicted class. However, you can + configure the explanation request to generate Shapley values for any + other classes too. For example, if a model predicts a probability of + `0.4` for approving a loan application, the model's decision is to + reject the application since `p(reject) = 0.6 > p(approve) = 0.4`, + and the default Shapley values would be computed for rejection + decision and not approval, even though the latter might be the + positive class. If users set ExplanationParameters.top_k, the + attributions are sorted by instance_output_value in descending + order. If ExplanationParameters.output_indices is specified, the + attributions are stored by Attribution.output_index in the same + order as they appear in the output_indices. + neighbors: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Neighbor' + readOnly: true + description: >- + Output only. List of the nearest neighbors for example-based + explanations. For models deployed with the examples explanations + feature enabled, the attributions field is empty and instead the + neighbors field is populated. + type: array + GoogleCloudAiplatformV1FeatureNoiseSigma: + id: GoogleCloudAiplatformV1FeatureNoiseSigma + type: object + properties: + noiseSigma: + description: >- + Noise sigma per feature. No noise is added to features that are not + set. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureNoiseSigmaNoiseSigmaForFeature + description: >- + Noise sigma by features. Noise sigma represents the standard deviation + of the gaussian kernel that will be used to add noise to interpolated + inputs prior to computing gradients. + GoogleCloudAiplatformV1GoogleMaps: + type: object + properties: + enableWidget: + type: boolean + description: Optional. If true, include the widget context token in the response. + description: Tool to retrieve public maps data for grounding, powered by Google. + id: GoogleCloudAiplatformV1GoogleMaps + GoogleCloudAiplatformV1SummarizationVerbositySpec: + properties: + useReference: + description: >- + Optional. Whether to use instance.reference to compute summarization + verbosity. + type: boolean + version: + description: Optional. Which version to use for evaluation. + format: int32 + type: integer + description: Spec for summarization verbosity score metric. + type: object + id: GoogleCloudAiplatformV1SummarizationVerbositySpec + GoogleCloudAiplatformV1FilterSplit: + type: object + id: GoogleCloudAiplatformV1FilterSplit + description: >- + Assigns input data to training, validation, and test sets based on the + given filters, data pieces not matched by any filter are ignored. + Currently only supported for Datasets containing DataItems. If any of + the filters in this message are to match nothing, then they can be set + as '-' (the minus sign). Supported only for unstructured Datasets. + properties: + testFilter: + type: string + description: >- + Required. A filter on DataItems of the Dataset. DataItems that match + this filter are used to test the Model. A filter with same syntax as + the one used in DatasetService.ListDataItems may be used. If a + single DataItem is matched by more than one of the FilterSplit + filters, then it is assigned to the first set that applies to it in + the training, validation, test order. + validationFilter: + description: >- + Required. A filter on DataItems of the Dataset. DataItems that match + this filter are used to validate the Model. A filter with same + syntax as the one used in DatasetService.ListDataItems may be used. + If a single DataItem is matched by more than one of the FilterSplit + filters, then it is assigned to the first set that applies to it in + the training, validation, test order. + type: string + trainingFilter: + description: >- + Required. A filter on DataItems of the Dataset. DataItems that match + this filter are used to train the Model. A filter with same syntax + as the one used in DatasetService.ListDataItems may be used. If a + single DataItem is matched by more than one of the FilterSplit + filters, then it is assigned to the first set that applies to it in + the training, validation, test order. + type: string + GoogleTypeMoney: + description: Represents an amount of money with its currency type. + properties: + currencyCode: + type: string + description: The three-letter currency code defined in ISO 4217. + units: + description: >- + The whole units of the amount. For example if `currencyCode` is + `"USD"`, then 1 unit is one US dollar. + type: string + format: int64 + nanos: + type: integer + description: >- + Number of nano (10^-9) units of the amount. The value must be + between -999,999,999 and +999,999,999 inclusive. If `units` is + positive, `nanos` must be positive or zero. If `units` is zero, + `nanos` can be positive, zero, or negative. If `units` is negative, + `nanos` must be negative or zero. For example $-1.75 is represented + as `units`=-1 and `nanos`=-750,000,000. + format: int32 + type: object + id: GoogleTypeMoney + GoogleCloudAiplatformV1StopNotebookRuntimeRequest: + properties: {} + type: object + description: Request message for NotebookService.StopNotebookRuntime. + id: GoogleCloudAiplatformV1StopNotebookRuntimeRequest + GoogleCloudAiplatformV1SchemaVertex: + id: GoogleCloudAiplatformV1SchemaVertex + properties: + 'y': + type: number + format: double + description: Y coordinate. + x: + description: X coordinate. + type: number + format: double + description: >- + A vertex represents a 2D point in the image. NOTE: the normalized vertex + coordinates are relative to the original image and range from 0 to 1. + type: object + GoogleCloudAiplatformV1PairwiseMetricInstance: + type: object + description: >- + Pairwise metric instance. Usually one instance corresponds to one row in + an evaluation dataset. + id: GoogleCloudAiplatformV1PairwiseMetricInstance + properties: + jsonInstance: + description: >- + Instance specified as a json string. String key-value pairs are + expected in the json_instance to render + PairwiseMetricSpec.instance_prompt_template. + type: string + contentMapInstance: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ContentMap' + description: >- + Key-value contents for the mutlimodality input, including text, + image, video, audio, and pdf, etc. The key is placeholder in metric + prompt template, and the value is the multimodal content. + GoogleCloudAiplatformV1ReadFeatureValuesResponseHeader: + description: >- + Response header with metadata for the requested + ReadFeatureValuesRequest.entity_type and Features. + properties: + entityType: + type: string + description: >- + The resource name of the EntityType from the + ReadFeatureValuesRequest. Value format: + `projects/{project}/locations/{location}/featurestores/{featurestore}/entityTypes/{entityType}`. + featureDescriptors: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReadFeatureValuesResponseFeatureDescriptor + description: >- + List of Feature metadata corresponding to each piece of + ReadFeatureValuesResponse.EntityView.data. + type: object + id: GoogleCloudAiplatformV1ReadFeatureValuesResponseHeader + GoogleCloudAiplatformV1ReasoningEngineSpecPackageSpec: + type: object + description: >- + User-provided package specification, containing pickled object and + package requirements. + id: GoogleCloudAiplatformV1ReasoningEngineSpecPackageSpec + properties: + dependencyFilesGcsUri: + description: >- + Optional. The Cloud Storage URI of the dependency files in tar.gz + format. + type: string + pythonVersion: + description: >- + Optional. The Python version. Supported values are 3.9, 3.10, 3.11, + 3.12, 3.13. If not specified, the default value is 3.10. + type: string + requirementsGcsUri: + type: string + description: Optional. The Cloud Storage URI of the `requirements.txt` file + pickleObjectGcsUri: + type: string + description: Optional. The Cloud Storage URI of the pickled python object. + GoogleCloudAiplatformV1ReadFeatureValuesResponseEntityViewData: + properties: + value: + description: Feature value if a single value is requested. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValue' + values: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValueList' + description: >- + Feature values list if values, successive in time, are requested. If + the requested number of values is greater than the number of + existing Feature values, nonexistent values are omitted instead of + being returned as empty. + id: GoogleCloudAiplatformV1ReadFeatureValuesResponseEntityViewData + description: >- + Container to hold value(s), successive in time, for one Feature from the + request. + type: object + GoogleCloudAiplatformV1BatchCreateFeaturesOperationMetadata: + description: Details of operations that perform batch create Features. + type: object + id: GoogleCloudAiplatformV1BatchCreateFeaturesOperationMetadata + properties: + genericMetadata: + description: Operation metadata for Feature. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + GoogleCloudAiplatformV1SchemaPromptSpecMultimodalPrompt: + description: Prompt variation that embeds preambles to prompt string. + properties: + promptMessage: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPromptSpecPromptMessage + description: The prompt message. + id: GoogleCloudAiplatformV1SchemaPromptSpecMultimodalPrompt + type: object + GoogleCloudAiplatformV1DirectRawPredictRequest: + properties: + input: + description: The prediction input. + type: string + format: byte + methodName: + type: string + description: >- + Fully qualified name of the API method being invoked to perform + predictions. Format: `/namespace.Service/Method/` Example: + `/tensorflow.serving.PredictionService/Predict` + id: GoogleCloudAiplatformV1DirectRawPredictRequest + description: Request message for PredictionService.DirectRawPredict. + type: object + GoogleTypeInterval: + description: >- + Represents a time interval, encoded as a Timestamp start (inclusive) and + a Timestamp end (exclusive). The start must be less than or equal to the + end. When the start equals the end, the interval is empty (matches no + time). When both start and end are unspecified, the interval matches any + time. + id: GoogleTypeInterval + properties: + startTime: + type: string + format: google-datetime + description: >- + Optional. Inclusive start of the interval. If specified, a Timestamp + matching this interval will have to be the same or after the start. + endTime: + type: string + format: google-datetime + description: >- + Optional. Exclusive end of the interval. If specified, a Timestamp + matching this interval will have to be before the end. + type: object + GoogleCloudAiplatformV1ListEntityTypesResponse: + description: Response message for FeaturestoreService.ListEntityTypes. + type: object + properties: + entityTypes: + type: array + description: The EntityTypes matching the request. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EntityType' + nextPageToken: + description: >- + A token, which can be sent as ListEntityTypesRequest.page_token to + retrieve the next page. If this field is omitted, there are no + subsequent pages. + type: string + id: GoogleCloudAiplatformV1ListEntityTypesResponse + GoogleCloudAiplatformV1ListTensorboardTimeSeriesResponse: + id: GoogleCloudAiplatformV1ListTensorboardTimeSeriesResponse + type: object + description: Response message for TensorboardService.ListTensorboardTimeSeries. + properties: + tensorboardTimeSeries: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeries' + description: The TensorboardTimeSeries mathching the request. + nextPageToken: + type: string + description: >- + A token, which can be sent as + ListTensorboardTimeSeriesRequest.page_token to retrieve the next + page. If this field is omitted, there are no subsequent pages. + GoogleCloudAiplatformV1MigratableResourceAutomlModel: + description: Represents one Model in automl.googleapis.com. + id: GoogleCloudAiplatformV1MigratableResourceAutomlModel + properties: + model: + type: string + description: >- + Full resource name of automl Model. Format: + `projects/{project}/locations/{location}/models/{model}`. + modelDisplayName: + description: The Model's display name in automl.googleapis.com. + type: string + type: object + GoogleCloudAiplatformV1NearestNeighborQueryParameters: + description: >- + Parameters that can be overrided in each query to tune query latency and + recall. + id: GoogleCloudAiplatformV1NearestNeighborQueryParameters + type: object + properties: + leafNodesSearchFraction: + description: >- + Optional. The fraction of the number of leaves to search, set at + query time allows user to tune search performance. This value + increase result in both search accuracy and latency increase. The + value should be between 0.0 and 1.0. + type: number + format: double + approximateNeighborCandidates: + format: int32 + description: >- + Optional. The number of neighbors to find via approximate search + before exact reordering is performed; if set, this value must be > + neighbor_count. + type: integer + GoogleCloudAiplatformV1MemoryBankCustomizationConfigGenerateMemoriesExampleGeneratedMemory: + description: A memory generated by the operation. + type: object + properties: + fact: + type: string + description: Required. The fact to generate a memory from. + topics: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1MemoryTopicId' + description: >- + Optional. The list of topics that the memory should be associated + with. For example, use `custom_memory_topic_label = "jargon"` if the + extracted memory is an example of memory extraction for the custom + topic `jargon`. + type: array + id: >- + GoogleCloudAiplatformV1MemoryBankCustomizationConfigGenerateMemoriesExampleGeneratedMemory + GoogleCloudAiplatformV1DeleteFeatureValuesRequest: + id: GoogleCloudAiplatformV1DeleteFeatureValuesRequest + properties: + selectEntity: + description: Select feature values to be deleted by specifying entities. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1DeleteFeatureValuesRequestSelectEntity + selectTimeRangeAndFeature: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1DeleteFeatureValuesRequestSelectTimeRangeAndFeature + description: >- + Select feature values to be deleted by specifying time range and + features. + description: Request message for FeaturestoreService.DeleteFeatureValues. + type: object + GoogleCloudAiplatformV1CacheConfig: + type: object + id: GoogleCloudAiplatformV1CacheConfig + properties: + disableCache: + description: >- + If set to true, disables GenAI caching. Otherwise caching is + enabled. + type: boolean + name: + type: string + description: >- + Identifier. Name of the cache config. Format: - + `projects/{project}/cacheConfig`. + description: Config of GenAI caching features. This is a singleton resource. + GoogleCloudAiplatformV1CustomOutput: + description: Spec for custom output. + id: GoogleCloudAiplatformV1CustomOutput + properties: + rawOutputs: + readOnly: true + $ref: '#/components/schemas/GoogleCloudAiplatformV1RawOutput' + description: Output only. List of raw output strings. + type: object + GoogleCloudAiplatformV1BatchReadFeatureValuesRequest: + id: GoogleCloudAiplatformV1BatchReadFeatureValuesRequest + type: object + description: Request message for FeaturestoreService.BatchReadFeatureValues. + properties: + csvReadInstances: + description: >- + Each read instance consists of exactly one read timestamp and one or + more entity IDs identifying entities of the corresponding + EntityTypes whose Features are requested. Each output instance + contains Feature values of requested entities concatenated together + as of the read time. An example read instance may be `foo_entity_id, + bar_entity_id, 2020-01-01T10:00:00.123Z`. An example output instance + may be `foo_entity_id, bar_entity_id, 2020-01-01T10:00:00.123Z, + foo_entity_feature1_value, bar_entity_feature2_value`. Timestamp in + each read instance must be millisecond-aligned. `csv_read_instances` + are read instances stored in a plain-text CSV file. The header + should be: [ENTITY_TYPE_ID1], [ENTITY_TYPE_ID2], ..., timestamp The + columns can be in any order. Values in the timestamp column must use + the RFC 3339 format, e.g. `2012-07-30T10:43:17.123Z`. + $ref: '#/components/schemas/GoogleCloudAiplatformV1CsvSource' + startTime: + type: string + description: >- + Optional. Excludes Feature values with feature generation timestamp + before this timestamp. If not set, retrieve oldest values kept in + Feature Store. Timestamp, if present, must not have higher than + millisecond precision. + format: google-datetime + entityTypeSpecs: + description: >- + Required. Specifies EntityType grouping Features to read values of + and settings. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1BatchReadFeatureValuesRequestEntityTypeSpec + type: array + passThroughFields: + description: >- + When not empty, the specified fields in the *_read_instances source + will be joined as-is in the output, in addition to those fields from + the Featurestore Entity. For BigQuery source, the type of the + pass-through values will be automatically inferred. For CSV source, + the pass-through values will be passed as opaque bytes. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1BatchReadFeatureValuesRequestPassThroughField + type: array + destination: + description: Required. Specifies output location and format. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValueDestination' + bigqueryReadInstances: + description: Similar to csv_read_instances, but from BigQuery source. + $ref: '#/components/schemas/GoogleCloudAiplatformV1BigQuerySource' + GoogleCloudAiplatformV1FeatureViewDirectWriteResponse: + properties: + status: + description: >- + Response status for the keys listed in + FeatureViewDirectWriteResponse.write_responses. The error only + applies to the listed data keys - the stream will remain open for + further FeatureOnlineStoreService.FeatureViewDirectWriteRequest + requests. Partial failures (e.g. if the first 10 keys of a request + fail, but the rest succeed) from a single request may result in + multiple responses - there will be one response for the successful + request keys and one response for the failing request keys. + $ref: '#/components/schemas/GoogleRpcStatus' + writeResponses: + type: array + description: >- + Details about write for each key. If status is not OK, + WriteResponse.data_key will have the key with error, but + WriteResponse.online_store_write_time will not be present. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureViewDirectWriteResponseWriteResponse + id: GoogleCloudAiplatformV1FeatureViewDirectWriteResponse + description: Response message for FeatureOnlineStoreService.FeatureViewDirectWrite. + type: object + GoogleCloudAiplatformV1SchemaPredictInstanceImageObjectDetectionPredictionInstance: + properties: + mimeType: + type: string + description: >- + The MIME type of the content of the image. Only the images in below + listed MIME types are supported. - image/jpeg - image/gif - + image/png - image/webp - image/bmp - image/tiff - + image/vnd.microsoft.icon + content: + description: The image bytes or Cloud Storage URI to make the prediction on. + type: string + type: object + description: Prediction input format for Image Object Detection. + id: >- + GoogleCloudAiplatformV1SchemaPredictInstanceImageObjectDetectionPredictionInstance + GoogleCloudAiplatformV1FeatureViewSync: + description: >- + FeatureViewSync is a representation of sync operation which copies data + from data source to Feature View in Online Store. + type: object + properties: + name: + type: string + description: >- + Identifier. Name of the FeatureViewSync. Format: + `projects/{project}/locations/{location}/featureOnlineStores/{feature_online_store}/featureViews/{feature_view}/featureViewSyncs/{feature_view_sync}` + syncSummary: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureViewSyncSyncSummary + description: Output only. Summary of the sync job. + readOnly: true + runTime: + $ref: '#/components/schemas/GoogleTypeInterval' + readOnly: true + description: Output only. Time when this FeatureViewSync is finished. + satisfiesPzs: + readOnly: true + type: boolean + description: Output only. Reserved for future use. + createTime: + type: string + format: google-datetime + readOnly: true + description: >- + Output only. Time when this FeatureViewSync is created. Creation of + a FeatureViewSync means that the job is pending / waiting for + sufficient resources but may not have started the actual data + transfer yet. + satisfiesPzi: + type: boolean + description: Output only. Reserved for future use. + readOnly: true + finalStatus: + $ref: '#/components/schemas/GoogleRpcStatus' + readOnly: true + description: Output only. Final status of the FeatureViewSync. + id: GoogleCloudAiplatformV1FeatureViewSync + GoogleCloudAiplatformV1DeployIndexResponse: + id: GoogleCloudAiplatformV1DeployIndexResponse + description: Response message for IndexEndpointService.DeployIndex. + properties: + deployedIndex: + description: The DeployedIndex that had been deployed in the IndexEndpoint. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedIndex' + type: object + GoogleCloudAiplatformV1TokensInfo: + properties: + role: + description: >- + Optional. Optional fields for the role from the corresponding + Content. + type: string + tokenIds: + type: array + items: + type: string + format: int64 + description: A list of token ids from the input. + tokens: + type: array + description: A list of tokens from the input. + items: + type: string + format: byte + id: GoogleCloudAiplatformV1TokensInfo + description: >- + Tokens info with a list of tokens and the corresponding list of token + ids. + type: object + GoogleCloudAiplatformV1FeatureValue: + id: GoogleCloudAiplatformV1FeatureValue + type: object + description: Value for a feature. + properties: + bytesValue: + description: Bytes feature value. + format: byte + type: string + boolArrayValue: + description: A list of bool type feature value. + $ref: '#/components/schemas/GoogleCloudAiplatformV1BoolArray' + stringArrayValue: + $ref: '#/components/schemas/GoogleCloudAiplatformV1StringArray' + description: A list of string type feature value. + stringValue: + description: String feature value. + type: string + int64Value: + format: int64 + type: string + description: Int64 feature value. + metadata: + description: Metadata of feature value. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureValueMetadata' + doubleArrayValue: + description: A list of double type feature value. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DoubleArray' + boolValue: + description: Bool type feature value. + type: boolean + doubleValue: + type: number + description: Double type feature value. + format: double + int64ArrayValue: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Int64Array' + description: A list of int64 type feature value. + structValue: + $ref: '#/components/schemas/GoogleCloudAiplatformV1StructValue' + description: A struct type feature value. + GoogleCloudAiplatformV1NfsMount: + type: object + description: Represents a mount configuration for Network File System (NFS) to mount. + id: GoogleCloudAiplatformV1NfsMount + properties: + mountPoint: + type: string + description: >- + Required. Destination mount path. The NFS will be mounted for the + user under /mnt/nfs/ + path: + description: >- + Required. Source path exported from NFS server. Has to start with + '/', and combined with the ip address, it indicates the source mount + path in the form of `server:path` + type: string + server: + type: string + description: Required. IP address of the NFS server. + GoogleCloudAiplatformV1Execution: + id: GoogleCloudAiplatformV1Execution + description: Instance of a general execution. + type: object + properties: + description: + type: string + description: Description of the Execution + schemaVersion: + type: string + description: >- + The version of the schema in `schema_title` to use. Schema title and + version is expected to be registered in earlier Create Schema calls. + And both are used together as unique identifiers to identify schemas + within the local metadata store. + createTime: + description: Output only. Timestamp when this Execution was created. + format: google-datetime + readOnly: true + type: string + etag: + description: >- + An eTag used to perform consistent read-modify-write updates. If not + set, a blind "overwrite" update happens. + type: string + metadata: + additionalProperties: + type: any + description: Properties of the object. + description: >- + Properties of the Execution. Top level metadata keys' heading and + trailing spaces will be trimmed. The size of this field should not + exceed 200KB. + type: object + schemaTitle: + type: string + description: >- + The title of the schema describing the metadata. Schema title and + version is expected to be registered in earlier Create Schema calls. + And both are used together as unique identifiers to identify schemas + within the local metadata store. + state: + enumDescriptions: + - Unspecified Execution state + - The Execution is new + - The Execution is running + - The Execution has finished running + - The Execution has failed + - The Execution completed through Cache hit. + - The Execution was cancelled. + description: >- + The state of this Execution. This is a property of the Execution, + and does not imply or capture any ongoing process. This property is + managed by clients (such as Vertex AI Pipelines) and the system does + not prescribe or check the validity of state transitions. + enum: + - STATE_UNSPECIFIED + - NEW + - RUNNING + - COMPLETE + - FAILED + - CACHED + - CANCELLED + type: string + labels: + additionalProperties: + type: string + type: object + description: >- + The labels with user-defined metadata to organize your Executions. + Label keys and values can be no longer than 64 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. No + more than 64 user labels can be associated with one Execution + (System labels are excluded). + updateTime: + type: string + format: google-datetime + description: Output only. Timestamp when this Execution was last updated. + readOnly: true + name: + description: Output only. The resource name of the Execution. + type: string + readOnly: true + displayName: + description: >- + User provided display name of the Execution. May be up to 128 + Unicode characters. + type: string + GoogleCloudAiplatformV1ExplanationSpecOverride: + id: GoogleCloudAiplatformV1ExplanationSpecOverride + type: object + properties: + examplesOverride: + description: The example-based explanations parameter overrides. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExamplesOverride' + parameters: + description: >- + The parameters to be overridden. Note that the attribution method + cannot be changed. If not specified, no parameter is overridden. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplanationParameters' + metadata: + description: >- + The metadata to be overridden. If not specified, no metadata is + overridden. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ExplanationMetadataOverride + description: >- + The ExplanationSpec entries that can be overridden at online explanation + time. + GoogleCloudAiplatformV1RayLogsSpec: + type: object + id: GoogleCloudAiplatformV1RayLogsSpec + properties: + disabled: + type: boolean + description: >- + Optional. Flag to disable the export of Ray OSS logs to Cloud + Logging. + description: Configuration for the Ray OSS Logs. + GoogleCloudAiplatformV1DirectUploadSource: + type: object + description: The input content is encapsulated and uploaded in the request. + properties: {} + id: GoogleCloudAiplatformV1DirectUploadSource + GoogleCloudAiplatformV1EvaluationRunMetricRubricGenerationSpec: + description: Specification for how rubrics should be generated. + id: GoogleCloudAiplatformV1EvaluationRunMetricRubricGenerationSpec + properties: + rubricContentType: + description: Optional. The type of rubric content to be generated. + type: string + enumDescriptions: + - The content type to generate is not specified. + - Generate rubrics based on properties. + - Generate rubrics in an NL question answer format. + - Generate rubrics in a unit test format. + enum: + - RUBRIC_CONTENT_TYPE_UNSPECIFIED + - PROPERTY + - NL_QUESTION_ANSWER + - PYTHON_CODE_ASSERTION + modelConfig: + description: >- + Optional. Configuration for the model used in rubric generation. + Configs including sampling count and base model can be specified + here. Flipping is not supported for rubric generation. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationRunEvaluationConfigAutoraterConfig + rubricTypeOntology: + description: >- + Optional. An optional, pre-defined list of allowed types for + generated rubrics. If this field is provided, it implies + `include_rubric_type` should be true, and the generated rubric types + should be chosen from this ontology. + type: array + items: + type: string + promptTemplate: + description: >- + Optional. Template for the prompt used to generate rubrics. The + details should be updated based on the most-recent recipe + requirements. + type: string + type: object + GoogleCloudAiplatformV1RagEmbeddingModelConfigVertexPredictionEndpoint: + id: GoogleCloudAiplatformV1RagEmbeddingModelConfigVertexPredictionEndpoint + description: Config representing a model hosted on Vertex Prediction Endpoint. + type: object + properties: + modelVersionId: + description: >- + Output only. Version ID of the model that is deployed on the + endpoint. Present only when the endpoint is not a publisher model. + readOnly: true + type: string + endpoint: + description: >- + Required. The endpoint resource name. Format: + `projects/{project}/locations/{location}/publishers/{publisher}/models/{model}` + or `projects/{project}/locations/{location}/endpoints/{endpoint}` + type: string + model: + description: >- + Output only. The resource name of the model that is deployed on the + endpoint. Present only when the endpoint is not a publisher model. + Pattern: `projects/{project}/locations/{location}/models/{model}` + readOnly: true + type: string + GoogleCloudAiplatformV1MutateDeployedModelResponse: + description: Response message for EndpointService.MutateDeployedModel. + id: GoogleCloudAiplatformV1MutateDeployedModelResponse + type: object + properties: + deployedModel: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedModel' + description: The DeployedModel that's being mutated. + GoogleCloudAiplatformV1ToolNameMatchResults: + id: GoogleCloudAiplatformV1ToolNameMatchResults + description: Results for tool name match metric. + type: object + properties: + toolNameMatchMetricValues: + description: Output only. Tool name match metric values. + readOnly: true + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ToolNameMatchMetricValue + GoogleCloudAiplatformV1ListTensorboardExperimentsResponse: + properties: + nextPageToken: + type: string + description: >- + A token, which can be sent as + ListTensorboardExperimentsRequest.page_token to retrieve the next + page. If this field is omitted, there are no subsequent pages. + tensorboardExperiments: + description: The TensorboardExperiments mathching the request. + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardExperiment' + id: GoogleCloudAiplatformV1ListTensorboardExperimentsResponse + type: object + description: Response message for TensorboardService.ListTensorboardExperiments. + GoogleCloudAiplatformV1Dataset: + description: A collection of DataItems and Annotations on them. + type: object + id: GoogleCloudAiplatformV1Dataset + properties: + metadataSchemaUri: + description: >- + Required. Points to a YAML file stored on Google Cloud Storage + describing additional information about the Dataset. The schema is + defined as an OpenAPI 3.0.2 Schema Object. The schema files that can + be used here are found in + gs://google-cloud-aiplatform/schema/dataset/metadata/. + type: string + labels: + description: >- + The labels with user-defined metadata to organize your Datasets. + Label keys and values can be no longer than 64 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. No + more than 64 user labels can be associated with one Dataset (System + labels are excluded). See https://goo.gl/xmQnxf for more information + and examples of labels. System reserved label keys are prefixed with + "aiplatform.googleapis.com/" and are immutable. Following system + labels exist for each Dataset: * + "aiplatform.googleapis.com/dataset_metadata_schema": output only, + its value is the metadata_schema's title. + type: object + additionalProperties: + type: string + createTime: + readOnly: true + description: Output only. Timestamp when this Dataset was created. + format: google-datetime + type: string + name: + type: string + description: >- + Output only. Identifier. The resource name of the Dataset. Format: + `projects/{project}/locations/{location}/datasets/{dataset}` + readOnly: true + satisfiesPzi: + readOnly: true + type: boolean + description: Output only. Reserved for future use. + dataItemCount: + readOnly: true + description: >- + Output only. The number of DataItems in this Dataset. Only apply for + non-structured Dataset. + type: string + format: int64 + displayName: + description: >- + Required. The user-defined name of the Dataset. The name can be up + to 128 characters long and can consist of any UTF-8 characters. + type: string + satisfiesPzs: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + modelReference: + description: >- + Optional. Reference to the public base model last used by the + dataset. Only set for prompt datasets. + type: string + updateTime: + format: google-datetime + type: string + description: Output only. Timestamp when this Dataset was last updated. + readOnly: true + metadataArtifact: + readOnly: true + type: string + description: >- + Output only. The resource name of the Artifact that was created in + MetadataStore when creating the Dataset. The Artifact resource name + pattern is + `projects/{project}/locations/{location}/metadataStores/{metadata_store}/artifacts/{artifact}`. + etag: + type: string + description: >- + Used to perform consistent read-modify-write updates. If not set, a + blind "overwrite" update happens. + metadata: + description: Required. Additional information about the Dataset. + type: any + savedQueries: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SavedQuery' + description: >- + All SavedQueries belong to the Dataset will be returned in List/Get + Dataset response. The annotation_specs field will not be populated + except for UI cases which will only use annotation_spec_count. In + CreateDataset request, a SavedQuery is created together if this + field is set, up to one SavedQuery can be set in + CreateDatasetRequest. The SavedQuery should not contain any + AnnotationSpec. + type: array + description: + description: The description of the Dataset. + type: string + encryptionSpec: + description: >- + Customer-managed encryption key spec for a Dataset. If set, this + Dataset and all sub-resources of this Dataset will be secured by + this key. + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + GoogleCloudAiplatformV1ReadTensorboardUsageResponse: + description: Response message for TensorboardService.ReadTensorboardUsage. + id: GoogleCloudAiplatformV1ReadTensorboardUsageResponse + properties: + monthlyUsageData: + type: object + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReadTensorboardUsageResponsePerMonthUsageData + description: Maps year-month (YYYYMM) string to per month usage data. + type: object + GoogleCloudAiplatformV1ExportDataOperationMetadata: + type: object + id: GoogleCloudAiplatformV1ExportDataOperationMetadata + properties: + gcsOutputDirectory: + description: >- + A Google Cloud Storage directory which path ends with '/'. The + exported data is stored in the directory. + type: string + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: The common part of the operation metadata. + description: Runtime operation information for DatasetService.ExportData. + GoogleCloudAiplatformV1TrajectoryRecallInput: + type: object + description: Instances and metric spec for TrajectoryRecall metric. + properties: + metricSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TrajectoryRecallSpec' + description: Required. Spec for TrajectoryRecall metric. + instances: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TrajectoryRecallInstance + description: Required. Repeated TrajectoryRecall instance. + type: array + id: GoogleCloudAiplatformV1TrajectoryRecallInput + GoogleCloudAiplatformV1ProbeTcpSocketAction: + id: GoogleCloudAiplatformV1ProbeTcpSocketAction + properties: + host: + type: string + description: >- + Optional: Host name to connect to, defaults to the model serving + container's IP. + port: + description: >- + Number of the port to access on the container. Number must be in the + range 1 to 65535. + format: int32 + type: integer + type: object + description: >- + TcpSocketAction probes the health of a container by opening a TCP socket + connection. + GoogleCloudAiplatformV1FeatureViewIndexConfigBruteForceConfig: + description: Configuration options for using brute force search. + id: GoogleCloudAiplatformV1FeatureViewIndexConfigBruteForceConfig + properties: {} + type: object + GoogleCloudAiplatformV1ReadFeatureValuesResponseFeatureDescriptor: + properties: + id: + type: string + description: Feature ID. + description: Metadata for requested Features. + id: GoogleCloudAiplatformV1ReadFeatureValuesResponseFeatureDescriptor + type: object + GoogleCloudAiplatformV1BleuMetricValue: + id: GoogleCloudAiplatformV1BleuMetricValue + type: object + description: Bleu metric value for an instance. + properties: + score: + description: Output only. Bleu score. + format: float + type: number + readOnly: true + GoogleCloudAiplatformV1IdMatcher: + type: object + id: GoogleCloudAiplatformV1IdMatcher + properties: + ids: + description: >- + Required. The following are accepted as `ids`: * A single-element + list containing only `*`, which selects all Features in the target + EntityType, or * A list containing only Feature IDs, which selects + only Features with those IDs in the target EntityType. + type: array + items: + type: string + description: Matcher for Features of an EntityType by Feature ID. + GoogleCloudAiplatformV1PredictResponse: + properties: + modelDisplayName: + description: >- + Output only. The display name of the Model which is deployed as the + DeployedModel that this prediction hits. + readOnly: true + type: string + metadata: + readOnly: true + description: >- + Output only. Request-level metadata returned by the model. The + metadata type will be dependent upon the model implementation. + type: any + model: + type: string + description: >- + Output only. The resource name of the Model which is deployed as the + DeployedModel that this prediction hits. + readOnly: true + deployedModelId: + description: ID of the Endpoint's DeployedModel that served this prediction. + type: string + predictions: + description: >- + The predictions that are the output of the predictions call. The + schema of any single prediction may be specified via Endpoint's + DeployedModels' Model's PredictSchemata's prediction_schema_uri. + type: array + items: + type: any + modelVersionId: + readOnly: true + description: >- + Output only. The version ID of the Model which is deployed as the + DeployedModel that this prediction hits. + type: string + id: GoogleCloudAiplatformV1PredictResponse + description: Response message for PredictionService.Predict. + type: object + GoogleCloudAiplatformV1FulfillmentInput: + properties: + metricSpec: + description: Required. Spec for fulfillment score metric. + $ref: '#/components/schemas/GoogleCloudAiplatformV1FulfillmentSpec' + instance: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FulfillmentInstance' + description: Required. Fulfillment instance. + type: object + description: Input for fulfillment metric. + id: GoogleCloudAiplatformV1FulfillmentInput + GoogleCloudAiplatformV1ImportRagFilesRequest: + type: object + description: Request message for VertexRagDataService.ImportRagFiles. + id: GoogleCloudAiplatformV1ImportRagFilesRequest + properties: + importRagFilesConfig: + description: >- + Required. The config for the RagFiles to be synced and imported into + the RagCorpus. VertexRagDataService.ImportRagFiles. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ImportRagFilesConfig' + GoogleCloudAiplatformV1GenieSource: + properties: + baseModelUri: + description: Required. The public base model URI. + type: string + description: >- + Contains information about the source of the models generated from + Generative AI Studio. + type: object + id: GoogleCloudAiplatformV1GenieSource + GoogleCloudAiplatformV1ReasoningEngineContextSpecMemoryBankConfigGenerationConfig: + type: object + properties: + model: + type: string + description: >- + Required. The model used to generate memories. Format: + `projects/{project}/locations/{location}/publishers/google/models/{model}`. + id: >- + GoogleCloudAiplatformV1ReasoningEngineContextSpecMemoryBankConfigGenerationConfig + description: Configuration for how to generate memories. + GoogleCloudAiplatformV1FeatureViewFeatureRegistrySource: + description: >- + A Feature Registry source for features that need to be synced to Online + Store. + id: GoogleCloudAiplatformV1FeatureViewFeatureRegistrySource + properties: + projectNumber: + type: string + format: int64 + description: >- + Optional. The project number of the parent project of the Feature + Groups. + featureGroups: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureViewFeatureRegistrySourceFeatureGroup + description: Required. List of features that need to be synced to Online Store. + type: object + GoogleCloudAiplatformV1CreateTensorboardTimeSeriesRequest: + id: GoogleCloudAiplatformV1CreateTensorboardTimeSeriesRequest + properties: + parent: + type: string + description: >- + Required. The resource name of the TensorboardRun to create the + TensorboardTimeSeries in. Format: + `projects/{project}/locations/{location}/tensorboards/{tensorboard}/experiments/{experiment}/runs/{run}` + tensorboardTimeSeries: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeries' + description: Required. The TensorboardTimeSeries to create. + tensorboardTimeSeriesId: + description: >- + Optional. The user specified unique ID to use for the + TensorboardTimeSeries, which becomes the final component of the + TensorboardTimeSeries's resource name. This value should match + "a-z0-9{0, 127}" + type: string + type: object + description: Request message for TensorboardService.CreateTensorboardTimeSeries. + GoogleCloudAiplatformV1TrajectoryRecallSpec: + type: object + id: GoogleCloudAiplatformV1TrajectoryRecallSpec + description: >- + Spec for TrajectoryRecall metric - returns a float score based on + average recall of individual tool calls. + properties: {} + GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecRange: + description: A range of values for slice(s). `low` is inclusive, `high` is exclusive. + properties: + low: + type: number + description: Inclusive low value for the range. + format: float + high: + format: float + description: Exclusive high value for the range. + type: number + type: object + id: GoogleCloudAiplatformV1ModelEvaluationSliceSliceSliceSpecRange + GoogleCloudAiplatformV1ModalityTokenCount: + description: >- + Represents a breakdown of token usage by modality. This message is used + in CountTokensResponse and GenerateContentResponse.UsageMetadata to + provide a detailed view of how many tokens are used by each modality + (e.g., text, image, video) in a request. This is particularly useful for + multimodal models, allowing you to track and manage token consumption + for billing and quota purposes. + type: object + properties: + modality: + enumDescriptions: + - When a modality is not specified, it is treated as `TEXT`. + - The `Part` contains plain text. + - The `Part` contains an image. + - The `Part` contains a video. + - The `Part` contains audio. + - The `Part` contains a document, such as a PDF. + description: The modality that this token count applies to. + enum: + - MODALITY_UNSPECIFIED + - TEXT + - IMAGE + - VIDEO + - AUDIO + - DOCUMENT + type: string + tokenCount: + description: The number of tokens counted for this modality. + format: int32 + type: integer + id: GoogleCloudAiplatformV1ModalityTokenCount + GoogleCloudAiplatformV1SummarizationQualitySpec: + type: object + description: Spec for summarization quality score metric. + id: GoogleCloudAiplatformV1SummarizationQualitySpec + properties: + useReference: + description: >- + Optional. Whether to use instance.reference to compute summarization + quality. + type: boolean + version: + type: integer + format: int32 + description: Optional. Which version to use for evaluation. + GoogleCloudAiplatformV1NotebookIdleShutdownConfig: + id: GoogleCloudAiplatformV1NotebookIdleShutdownConfig + description: >- + The idle shutdown configuration of NotebookRuntimeTemplate, which + contains the idle_timeout as required field. + type: object + properties: + idleShutdownDisabled: + type: boolean + description: Whether Idle Shutdown is disabled in this NotebookRuntimeTemplate. + idleTimeout: + description: >- + Required. Duration is accurate to the second. In Notebook, Idle + Timeout is accurate to minute so the range of idle_timeout (second) + is: 10 * 60 ~ 1440 * 60. + format: google-duration + type: string + GoogleCloudAiplatformV1GenerateMemoriesRequest: + type: object + description: >- + Request message for MemoryBankService.GenerateMemories. Maximum size is + 8 MB. + id: GoogleCloudAiplatformV1GenerateMemoriesRequest + properties: + revisionTtl: + description: >- + Optional. The TTL for the revision. The expiration time is computed: + now + TTL. + format: google-duration + type: string + scope: + description: >- + Optional. The scope of the memories that should be generated. + Memories will be consolidated across memories with the same scope. + Must be provided unless the scope is defined in the source content. + If `scope` is provided, it will override the scope defined in the + source content. Scope values cannot contain the wildcard character + '*'. + type: object + additionalProperties: + type: string + directMemoriesSource: + description: >- + Defines a direct source of memories that should be uploaded to + Memory Bank. This is similar to `CreateMemory`, but it allows for + consolidation between these new memories and existing memories for + the same scope. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateMemoriesRequestDirectMemoriesSource + vertexSessionSource: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateMemoriesRequestVertexSessionSource + description: >- + Defines a Vertex Session as the source content from which to + generate memories. + revisionLabels: + description: >- + Optional. Labels to be applied to the generated memory revisions. + For example, you can use this to label a revision with its data + source. + type: object + additionalProperties: + type: string + directContentsSource: + description: >- + Defines a direct source of content as the source content from which + to generate memories. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateMemoriesRequestDirectContentsSource + revisionExpireTime: + type: string + format: google-datetime + description: >- + Optional. Timestamp of when the revision is considered expired. If + not set, the memory revision will be kept until manually deleted. + disableMemoryRevisions: + description: Optional. If true, no revisions will be created for this request. + type: boolean + disableConsolidation: + description: >- + Optional. If true, generated memories will not be consolidated with + existing memories; all generated memories will be added as new + memories regardless of whether they are duplicates of or + contradictory to existing memories. By default, memory consolidation + is enabled. + type: boolean + GoogleCloudAiplatformV1EvaluationInstanceInstanceDataContents: + properties: + contents: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + description: Optional. Repeated contents. + type: array + description: List of standard Content messages from Gemini API. + type: object + id: GoogleCloudAiplatformV1EvaluationInstanceInstanceDataContents + GoogleCloudAiplatformV1BigQueryRequestSetSamplingConfig: + type: object + description: The sampling config. + properties: + samplingMethod: + type: string + description: Optional. The sampling method to use. + enumDescriptions: + - Unspecified sampling method. + - Random sampling. + enum: + - SAMPLING_METHOD_UNSPECIFIED + - RANDOM + samplingCount: + type: integer + format: int32 + description: >- + Optional. The total number of logged data to import. If available + data is less than the sampling count, all data will be imported. + Default is 100. + samplingDuration: + format: google-duration + description: >- + Optional. How long to wait before sampling data from the BigQuery + table. If not specified, defaults to 0. + type: string + id: GoogleCloudAiplatformV1BigQueryRequestSetSamplingConfig + GoogleCloudAiplatformV1TensorboardTensor: + type: object + id: GoogleCloudAiplatformV1TensorboardTensor + description: One point viewable on a tensor metric plot. + properties: + value: + format: byte + type: string + description: >- + Required. Serialized form of + https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/framework/tensor.proto + versionNumber: + type: integer + format: int32 + description: Optional. Version number of TensorProto used to serialize value. + GoogleCloudAiplatformV1CoherenceResult: + description: Spec for coherence result. + id: GoogleCloudAiplatformV1CoherenceResult + type: object + properties: + explanation: + type: string + readOnly: true + description: Output only. Explanation for coherence score. + score: + type: number + description: Output only. Coherence score. + format: float + readOnly: true + confidence: + readOnly: true + type: number + format: float + description: Output only. Confidence for coherence score. + GoogleCloudAiplatformV1IndexEndpoint: + type: object + id: GoogleCloudAiplatformV1IndexEndpoint + properties: + publicEndpointDomainName: + readOnly: true + description: >- + Output only. If public_endpoint_enabled is true, this field will be + populated with the domain name to use for this index endpoint. + type: string + publicEndpointEnabled: + description: >- + Optional. If true, the deployed index will be accessible through + public endpoint. + type: boolean + deployedIndexes: + description: Output only. The indexes deployed in this endpoint. + type: array + readOnly: true + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedIndex' + satisfiesPzi: + readOnly: true + description: Output only. Reserved for future use. + type: boolean + satisfiesPzs: + description: Output only. Reserved for future use. + type: boolean + readOnly: true + etag: + description: >- + Used to perform consistent read-modify-write updates. If not set, a + blind "overwrite" update happens. + type: string + enablePrivateServiceConnect: + type: boolean + description: >- + Optional. Deprecated: If true, expose the IndexEndpoint via private + service connect. Only one of the fields, network or + enable_private_service_connect, can be set. + deprecated: true + description: + description: The description of the IndexEndpoint. + type: string + displayName: + type: string + description: >- + Required. The display name of the IndexEndpoint. The name can be up + to 128 characters long and can consist of any UTF-8 characters. + network: + description: >- + Optional. The full name of the Google Compute Engine + [network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks) + to which the IndexEndpoint should be peered. Private services access + must already be configured for the network. If left unspecified, the + Endpoint is not peered with any network. network and + private_service_connect_config are mutually exclusive. + [Format](https://cloud.google.com/compute/docs/reference/rest/v1/networks/insert): + `projects/{project}/global/networks/{network}`. Where {project} is a + project number, as in '12345', and {network} is network name. + type: string + privateServiceConnectConfig: + description: >- + Optional. Configuration for private service connect. network and + private_service_connect_config are mutually exclusive. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PrivateServiceConnectConfig + createTime: + format: google-datetime + type: string + description: Output only. Timestamp when this IndexEndpoint was created. + readOnly: true + updateTime: + readOnly: true + format: google-datetime + description: >- + Output only. Timestamp when this IndexEndpoint was last updated. + This timestamp is not updated when the endpoint's DeployedIndexes + are updated, e.g. due to updates of the original Indexes they are + the deployments of. + type: string + encryptionSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + description: >- + Immutable. Customer-managed encryption key spec for an + IndexEndpoint. If set, this IndexEndpoint and all sub-resources of + this IndexEndpoint will be secured by this key. + name: + description: Output only. The resource name of the IndexEndpoint. + readOnly: true + type: string + labels: + type: object + description: >- + The labels with user-defined metadata to organize your + IndexEndpoints. Label keys and values can be no longer than 64 + characters (Unicode codepoints), can only contain lowercase letters, + numeric characters, underscores and dashes. International characters + are allowed. See https://goo.gl/xmQnxf for more information and + examples of labels. + additionalProperties: + type: string + description: >- + Indexes are deployed into it. An IndexEndpoint can have multiple + DeployedIndexes. + GoogleCloudAiplatformV1TimeSeriesDataPoint: + description: A TensorboardTimeSeries data point. + properties: + wallTime: + description: >- + Wall clock timestamp when this data point is generated by the end + user. + format: google-datetime + type: string + step: + description: Step index of this data point within the run. + format: int64 + type: string + blobs: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardBlobSequence' + description: A blob sequence value. + tensor: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardTensor' + description: A tensor value. + scalar: + description: A scalar value. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Scalar' + id: GoogleCloudAiplatformV1TimeSeriesDataPoint + type: object + GoogleCloudAiplatformV1PipelineJobRuntimeConfig: + description: The runtime config of a PipelineJob. + type: object + id: GoogleCloudAiplatformV1PipelineJobRuntimeConfig + properties: + parameters: + deprecated: true + additionalProperties: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Value' + type: object + description: >- + Deprecated. Use RuntimeConfig.parameter_values instead. The runtime + parameters of the PipelineJob. The parameters will be passed into + PipelineJob.pipeline_spec to replace the placeholders at runtime. + This field is used by pipelines built using + `PipelineJob.pipeline_spec.schema_version` 2.0.0 or lower, such as + pipelines built using Kubeflow Pipelines SDK 1.8 or lower. + failurePolicy: + enum: + - PIPELINE_FAILURE_POLICY_UNSPECIFIED + - PIPELINE_FAILURE_POLICY_FAIL_SLOW + - PIPELINE_FAILURE_POLICY_FAIL_FAST + type: string + description: >- + Represents the failure policy of a pipeline. Currently, the default + of a pipeline is that the pipeline will continue to run until no + more tasks can be executed, also known as + PIPELINE_FAILURE_POLICY_FAIL_SLOW. However, if a pipeline is set to + PIPELINE_FAILURE_POLICY_FAIL_FAST, it will stop scheduling any new + tasks when a task has failed. Any scheduled tasks will continue to + completion. + enumDescriptions: + - Default value, and follows fail slow behavior. + - >- + Indicates that the pipeline should continue to run until all + possible tasks have been scheduled and completed. + - >- + Indicates that the pipeline should stop scheduling new tasks after + a task has failed. + parameterValues: + description: >- + The runtime parameters of the PipelineJob. The parameters will be + passed into PipelineJob.pipeline_spec to replace the placeholders at + runtime. This field is used by pipelines built using + `PipelineJob.pipeline_spec.schema_version` 2.1.0, such as pipelines + built using Kubeflow Pipelines SDK 1.9 or higher and the v2 DSL. + type: object + additionalProperties: + type: any + gcsOutputDirectory: + type: string + description: >- + Required. A path in a Cloud Storage bucket, which will be treated as + the root output directory of the pipeline. It is used by the system + to generate the paths of output artifacts. The artifact paths are + generated with a sub-path pattern `{job_id}/{task_id}/{output_key}` + under the specified output directory. The service account specified + in this pipeline must have the `storage.objects.get` and + `storage.objects.create` permissions for this bucket. + inputArtifacts: + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PipelineJobRuntimeConfigInputArtifact + description: >- + The runtime artifacts of the PipelineJob. The key will be the input + artifact name and the value would be one of the InputArtifact. + type: object + GoogleCloudAiplatformV1SchemaModelevaluationMetricsTrackMetricsConfidenceMetrics: + id: >- + GoogleCloudAiplatformV1SchemaModelevaluationMetricsTrackMetricsConfidenceMetrics + type: object + description: Metrics for a single confidence threshold. + properties: + confidenceThreshold: + type: number + format: float + description: The confidence threshold value used to compute the metrics. + boundingBoxIou: + type: number + format: float + description: >- + Bounding box intersection-over-union precision. Measures how well + the bounding boxes overlap between each other (e.g. complete overlap + or just barely above iou_threshold). + trackingRecall: + format: float + type: number + description: Tracking recall. + mismatchRate: + type: number + format: float + description: >- + Mismatch rate, which measures the tracking consistency, i.e. + correctness of instance ID continuity. + trackingPrecision: + format: float + description: Tracking precision. + type: number + GoogleCloudAiplatformV1SyntheticField: + properties: + fieldName: + description: Optional. The name of the field. + type: string + content: + description: Required. The content of the field. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + type: object + id: GoogleCloudAiplatformV1SyntheticField + description: Represents a single named field within a SyntheticExample. + GoogleCloudAiplatformV1DeployRequestDeployConfig: + type: object + id: GoogleCloudAiplatformV1DeployRequestDeployConfig + properties: + fastTryoutEnabled: + description: >- + Optional. If true, enable the QMT fast tryout feature for this model + if possible. + type: boolean + dedicatedResources: + description: >- + Optional. The dedicated resources to use for the endpoint. If not + set, the default resources will be used. + $ref: '#/components/schemas/GoogleCloudAiplatformV1DedicatedResources' + systemLabels: + description: >- + Optional. System labels for Model Garden deployments. These labels + are managed by Google and for tracking purposes only. + type: object + additionalProperties: + type: string + description: The deploy config to use for the deployment. + GoogleCloudAiplatformV1BatchImportEvaluatedAnnotationsResponse: + description: Response message for ModelService.BatchImportEvaluatedAnnotations + id: GoogleCloudAiplatformV1BatchImportEvaluatedAnnotationsResponse + type: object + properties: + importedEvaluatedAnnotationsCount: + readOnly: true + format: int32 + description: Output only. Number of EvaluatedAnnotations imported. + type: integer + GoogleCloudAiplatformV1EmbedContentRequest: + type: object + properties: + title: + description: Optional. An optional title for the text. + type: string + autoTruncate: + type: boolean + description: >- + Optional. Whether to silently truncate the input content if it's + longer than the maximum sequence length. + taskType: + description: Optional. The task type of the embedding. + enumDescriptions: + - Unset value, which will default to one of the other enum values. + - Specifies the given text is a query in a search/retrieval setting. + - >- + Specifies the given text is a document from the corpus being + searched. + - Specifies the given text will be used for STS. + - Specifies that the given text will be classified. + - Specifies that the embeddings will be used for clustering. + - Specifies that the embeddings will be used for question answering. + - Specifies that the embeddings will be used for fact verification. + - Specifies that the embeddings will be used for code retrieval. + enum: + - UNSPECIFIED + - RETRIEVAL_QUERY + - RETRIEVAL_DOCUMENT + - SEMANTIC_SIMILARITY + - CLASSIFICATION + - CLUSTERING + - QUESTION_ANSWERING + - FACT_VERIFICATION + - CODE_RETRIEVAL_QUERY + type: string + outputDimensionality: + description: >- + Optional. Optional reduced dimension for the output embedding. If + set, excessive values in the output embedding are truncated from the + end. + format: int32 + type: integer + content: + description: Required. Input content to be embedded. Required. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + id: GoogleCloudAiplatformV1EmbedContentRequest + description: Request message for PredictionService.EmbedContent. + GoogleCloudAiplatformV1CachedContent: + properties: + toolConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ToolConfig' + description: >- + Optional. Input only. Immutable. Tool config. This config is shared + for all tools + tools: + description: >- + Optional. Input only. Immutable. A list of `Tools` the model may use + to generate the next response + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tool' + type: array + model: + type: string + description: >- + Immutable. The name of the `Model` to use for cached content. + Currently, only the published Gemini base models are supported, in + form of + projects/{PROJECT}/locations/{LOCATION}/publishers/google/models/{MODEL} + displayName: + type: string + description: >- + Optional. Immutable. The user-generated meaningful display name of + the cached content. + encryptionSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + description: >- + Input only. Immutable. Customer-managed encryption key spec for a + `CachedContent`. If set, this `CachedContent` and all its + sub-resources will be secured by this key. + systemInstruction: + description: >- + Optional. Input only. Immutable. Developer set system instruction. + Currently, text only + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + createTime: + type: string + description: Output only. Creation time of the cache entry. + format: google-datetime + readOnly: true + contents: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Content' + description: Optional. Input only. Immutable. The content to cache + name: + type: string + description: >- + Immutable. Identifier. The server-generated resource name of the + cached content Format: + projects/{project}/locations/{location}/cachedContents/{cached_content} + usageMetadata: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CachedContentUsageMetadata + description: Output only. Metadata on the usage of the cached content. + readOnly: true + updateTime: + format: google-datetime + readOnly: true + description: Output only. When the cache entry was last updated in UTC time. + type: string + expireTime: + description: >- + Timestamp of when this resource is considered expired. This is + *always* provided on output, regardless of what was sent on input. + format: google-datetime + type: string + ttl: + type: string + format: google-duration + description: >- + Input only. The TTL for this resource. The expiration time is + computed: now + TTL. + id: GoogleCloudAiplatformV1CachedContent + description: >- + A resource used in LLM queries for users to explicitly specify what to + cache and how to cache. + type: object + GoogleCloudAiplatformV1FeatureViewIndexConfigTreeAHConfig: + properties: + leafNodeEmbeddingCount: + format: int64 + description: >- + Optional. Number of embeddings on each leaf node. The default value + is 1000 if not set. + type: string + id: GoogleCloudAiplatformV1FeatureViewIndexConfigTreeAHConfig + type: object + description: Configuration options for the tree-AH algorithm. + GoogleCloudAiplatformV1ListEventsResponse: + description: Response message for SessionService.ListEvents. + id: GoogleCloudAiplatformV1ListEventsResponse + type: object + properties: + nextPageToken: + type: string + description: >- + A token, which can be sent as ListEventsRequest.page_token to + retrieve the next page. Absence of this field indicates there are no + subsequent pages. + sessionEvents: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SessionEvent' + type: array + description: >- + A list of events matching the request. Ordered by timestamp in + ascending order. + GoogleCloudAiplatformV1ModelMonitoringStatsAnomalies: + description: Statistics and anomalies generated by Model Monitoring. + id: GoogleCloudAiplatformV1ModelMonitoringStatsAnomalies + type: object + properties: + featureStats: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ModelMonitoringStatsAnomaliesFeatureHistoricStatsAnomalies + description: A list of historical Stats and Anomalies generated for all Features. + type: array + deployedModelId: + description: Deployed Model ID. + type: string + anomalyCount: + type: integer + format: int32 + description: Number of anomalies within all stats. + objective: + enumDescriptions: + - Default value, should not be set. + - >- + Raw feature values' stats to detect skew between + Training-Prediction datasets. + - >- + Raw feature values' stats to detect drift between + Serving-Prediction datasets. + - >- + Feature attribution scores to detect skew between + Training-Prediction datasets. + - >- + Feature attribution scores to detect skew between Prediction + datasets collected within different time windows. + enum: + - MODEL_DEPLOYMENT_MONITORING_OBJECTIVE_TYPE_UNSPECIFIED + - RAW_FEATURE_SKEW + - RAW_FEATURE_DRIFT + - FEATURE_ATTRIBUTION_SKEW + - FEATURE_ATTRIBUTION_DRIFT + type: string + description: Model Monitoring Objective those stats and anomalies belonging to. + GoogleCloudAiplatformV1VertexRagStore: + description: Retrieve from Vertex RAG Store for grounding. + type: object + id: GoogleCloudAiplatformV1VertexRagStore + properties: + ragResources: + description: >- + Optional. The representation of the rag source. It can be used to + specify corpus only or ragfiles. Currently only support one corpus + or multiple files from one corpus. In the future we may open up + multiple corpora support. + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1VertexRagStoreRagResource + type: array + ragRetrievalConfig: + description: Optional. The retrieval config for the Rag query. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagRetrievalConfig' + similarityTopK: + type: integer + deprecated: true + format: int32 + description: >- + Optional. Number of top k results to return from the selected + corpora. + vectorDistanceThreshold: + deprecated: true + description: >- + Optional. Only return results with vector distance smaller than the + threshold. + format: double + type: number + GoogleCloudAiplatformV1BatchMigrateResourcesOperationMetadata: + type: object + description: >- + Runtime operation information for + MigrationService.BatchMigrateResources. + id: GoogleCloudAiplatformV1BatchMigrateResourcesOperationMetadata + properties: + genericMetadata: + description: The common part of the operation metadata. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + partialResults: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1BatchMigrateResourcesOperationMetadataPartialResult + description: >- + Partial results that reflect the latest migration operation + progress. + GoogleCloudAiplatformV1UploadRagFileResponse: + id: GoogleCloudAiplatformV1UploadRagFileResponse + type: object + properties: + ragFile: + description: The RagFile that had been uploaded into the RagCorpus. + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagFile' + error: + $ref: '#/components/schemas/GoogleRpcStatus' + description: The error that occurred while processing the RagFile. + description: Response message for VertexRagDataService.UploadRagFile. + GoogleCloudAiplatformV1CountTokensResponse: + type: object + properties: + totalTokens: + type: integer + description: >- + The total number of tokens counted across all instances from the + request. + format: int32 + totalBillableCharacters: + description: >- + The total number of billable characters counted across all instances + from the request. + format: int32 + type: integer + promptTokensDetails: + readOnly: true + description: >- + Output only. List of modalities that were processed in the request + input. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModalityTokenCount' + type: array + description: Response message for PredictionService.CountTokens. + id: GoogleCloudAiplatformV1CountTokensResponse + GoogleCloudAiplatformV1AddExecutionEventsRequest: + description: Request message for MetadataService.AddExecutionEvents. + id: GoogleCloudAiplatformV1AddExecutionEventsRequest + properties: + events: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Event' + type: array + description: The Events to create and add. + type: object + GoogleCloudAiplatformV1Neighbor: + description: Neighbors for example-based explanations. + id: GoogleCloudAiplatformV1Neighbor + properties: + neighborId: + type: string + readOnly: true + description: Output only. The neighbor id. + neighborDistance: + readOnly: true + format: double + type: number + description: Output only. The neighbor distance. + type: object + GoogleCloudAiplatformV1ListEvaluationRunsResponse: + id: GoogleCloudAiplatformV1ListEvaluationRunsResponse + description: Response message for EvaluationManagementService.ListEvaluationRuns. + properties: + nextPageToken: + description: A token to retrieve the next page of results. + type: string + evaluationRuns: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationRun' + type: array + description: List of EvaluationRuns in the requested page. + type: object + GoogleCloudAiplatformV1RemoveDatapointsRequest: + description: Request message for IndexService.RemoveDatapoints + id: GoogleCloudAiplatformV1RemoveDatapointsRequest + type: object + properties: + datapointIds: + type: array + items: + type: string + description: A list of datapoint ids to be deleted. + GoogleCloudAiplatformV1CopyModelRequest: + properties: + encryptionSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EncryptionSpec' + description: >- + Customer-managed encryption key options. If this is set, then the + Model copy will be encrypted with the provided encryption key. + sourceModel: + type: string + description: >- + Required. The resource name of the Model to copy. That Model must be + in the same Project. Format: + `projects/{project}/locations/{location}/models/{model}` + modelId: + description: >- + Optional. Copy source_model into a new Model with this ID. The ID + will become the final component of the model resource name. This + value may be up to 63 characters, and valid characters are + `[a-z0-9_-]`. The first character cannot be a number or hyphen. + type: string + parentModel: + type: string + description: >- + Optional. Specify this field to copy source_model into this existing + Model as a new version. Format: + `projects/{project}/locations/{location}/models/{model}` + description: Request message for ModelService.CopyModel. + id: GoogleCloudAiplatformV1CopyModelRequest + type: object + GoogleCloudAiplatformV1AddContextChildrenRequest: + id: GoogleCloudAiplatformV1AddContextChildrenRequest + description: Request message for MetadataService.AddContextChildren. + properties: + childContexts: + description: The resource names of the child Contexts. + type: array + items: + type: string + type: object + GoogleCloudAiplatformV1ListFeatureViewsResponse: + description: Response message for FeatureOnlineStoreAdminService.ListFeatureViews. + type: object + id: GoogleCloudAiplatformV1ListFeatureViewsResponse + properties: + nextPageToken: + description: >- + A token, which can be sent as ListFeatureViewsRequest.page_token to + retrieve the next page. If this field is omitted, there are no + subsequent pages. + type: string + featureViews: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureView' + description: The FeatureViews matching the request. + type: array + GoogleCloudAiplatformV1AuthConfig: + type: object + description: Auth configuration to run the extension. + properties: + authType: + type: string + description: Type of auth scheme. + enum: + - AUTH_TYPE_UNSPECIFIED + - NO_AUTH + - API_KEY_AUTH + - HTTP_BASIC_AUTH + - GOOGLE_SERVICE_ACCOUNT_AUTH + - OAUTH + - OIDC_AUTH + enumDescriptions: + - '' + - No Auth. + - API Key Auth. + - HTTP Basic Auth. + - Google Service Account Auth. + - OAuth auth. + - OpenID Connect (OIDC) Auth. + oauthConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1AuthConfigOauthConfig' + description: Config for user oauth. + googleServiceAccountConfig: + description: Config for Google Service Account auth. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1AuthConfigGoogleServiceAccountConfig + oidcConfig: + description: Config for user OIDC auth. + $ref: '#/components/schemas/GoogleCloudAiplatformV1AuthConfigOidcConfig' + apiKeyConfig: + description: Config for API key auth. + $ref: '#/components/schemas/GoogleCloudAiplatformV1AuthConfigApiKeyConfig' + httpBasicAuthConfig: + description: Config for HTTP Basic auth. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1AuthConfigHttpBasicAuthConfig + id: GoogleCloudAiplatformV1AuthConfig + GoogleCloudAiplatformV1Segment: + id: GoogleCloudAiplatformV1Segment + properties: + text: + type: string + readOnly: true + description: Output only. The text of the segment. + partIndex: + format: int32 + readOnly: true + description: >- + Output only. The index of the `Part` object that this segment + belongs to. This is useful for associating the segment with a + specific part of the content. + type: integer + startIndex: + readOnly: true + type: integer + format: int32 + description: >- + Output only. The start index of the segment in the `Part`, measured + in bytes. This marks the beginning of the segment and is inclusive, + meaning the byte at this index is the first byte of the segment. + endIndex: + description: >- + Output only. The end index of the segment in the `Part`, measured in + bytes. This marks the end of the segment and is exclusive, meaning + the segment includes content up to, but not including, the byte at + this index. + type: integer + readOnly: true + format: int32 + type: object + description: A segment of the content. + GoogleCloudAiplatformV1SharePointSourcesSharePointSource: + id: GoogleCloudAiplatformV1SharePointSourcesSharePointSource + properties: + clientSecret: + description: The application secret for the app registered in Azure. + $ref: '#/components/schemas/GoogleCloudAiplatformV1ApiAuthApiKeyConfig' + sharepointSiteName: + description: >- + The name of the SharePoint site to download from. This can be the + site name or the site id. + type: string + tenantId: + description: Unique identifier of the Azure Active Directory Instance. + type: string + sharepointFolderId: + type: string + description: The ID of the SharePoint folder to download from. + sharepointFolderPath: + description: The path of the SharePoint folder to download from. + type: string + driveId: + type: string + description: The ID of the drive to download from. + driveName: + type: string + description: The name of the drive to download from. + fileId: + readOnly: true + description: Output only. The SharePoint file id. Output only. + type: string + clientId: + description: >- + The Application ID for the app registered in Microsoft Azure Portal. + The application must also be configured with MS Graph permissions + "Files.ReadAll", "Sites.ReadAll" and BrowserSiteLists.Read.All. + type: string + description: An individual SharePointSource. + type: object + GoogleCloudAiplatformV1EvaluationInstanceMapInstance: + properties: + mapInstance: + description: Optional. Map of instance data. + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluationInstanceInstanceData + type: object + description: Instance data specified as a map. + id: GoogleCloudAiplatformV1EvaluationInstanceMapInstance + type: object + GoogleCloudAiplatformV1UpdateEndpointLongRunningRequest: + id: GoogleCloudAiplatformV1UpdateEndpointLongRunningRequest + description: Request message for EndpointService.UpdateEndpointLongRunning. + type: object + properties: + endpoint: + description: >- + Required. The Endpoint which replaces the resource on the server. + Currently we only support updating the `client_connection_config` + field, all the other fields' update will be blocked. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Endpoint' + GoogleCloudAiplatformV1SchemaPredictPredictionTabularClassificationPredictionResult: + id: >- + GoogleCloudAiplatformV1SchemaPredictPredictionTabularClassificationPredictionResult + properties: + classes: + description: >- + The name of the classes being classified, contains all possible + values of the target column. + type: array + items: + type: string + scores: + items: + type: number + format: float + type: array + description: >- + The model's confidence in each class being correct, higher value + means higher confidence. The N-th score corresponds to the N-th + class in classes. + type: object + description: Prediction output format for Tabular Classification. + GoogleCloudAiplatformV1SchemaPredictParamsVideoObjectTrackingPredictionParams: + properties: + maxPredictions: + format: int32 + type: integer + description: >- + The model only returns up to that many top, by confidence score, + predictions per frame of the video. If this number is very high, the + Model may return fewer predictions per frame. Default value is 50. + minBoundingBoxSize: + format: float + description: >- + Only bounding boxes with shortest edge at least that long as a + relative value of video frame size are returned. Default value is + 0.0. + type: number + confidenceThreshold: + format: float + description: >- + The Model only returns predictions with at least this confidence + score. Default value is 0.0 + type: number + description: Prediction model parameters for Video Object Tracking. + id: >- + GoogleCloudAiplatformV1SchemaPredictParamsVideoObjectTrackingPredictionParams + type: object + GoogleCloudAiplatformV1ToolCallValidMetricValue: + properties: + score: + type: number + format: float + description: Output only. Tool call valid score. + readOnly: true + id: GoogleCloudAiplatformV1ToolCallValidMetricValue + type: object + description: Tool call valid metric value for an instance. + GoogleCloudAiplatformV1BleuInstance: + properties: + prediction: + description: Required. Output of the evaluated model. + type: string + reference: + type: string + description: Required. Ground truth used to compare against the prediction. + id: GoogleCloudAiplatformV1BleuInstance + description: Spec for bleu instance. + type: object + GoogleCloudAiplatformV1ModelExplanation: + type: object + description: Aggregated explanation metrics for a Model over a set of instances. + properties: + meanAttributions: + readOnly: true + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Attribution' + description: >- + Output only. Aggregated attributions explaining the Model's + prediction outputs over the set of instances. The attributions are + grouped by outputs. For Models that predict only one output, such as + regression Models that predict only one score, there is only one + attibution that explains the predicted output. For Models that + predict multiple outputs, such as multiclass Models that predict + multiple classes, each element explains one specific item. + Attribution.output_index can be used to identify which output this + attribution is explaining. The baselineOutputValue, + instanceOutputValue and featureAttributions fields are averaged over + the test data. NOTE: Currently AutoML tabular classification Models + produce only one attribution, which averages attributions over all + the classes it predicts. Attribution.approximation_error is not + populated. + id: GoogleCloudAiplatformV1ModelExplanation + GoogleCloudAiplatformV1CorroborateContentRequestParameters: + properties: + citationThreshold: + description: >- + Optional. Only return claims with citation score larger than the + threshold. + format: double + type: number + id: GoogleCloudAiplatformV1CorroborateContentRequestParameters + type: object + description: Parameters that can be overrided per request. + GoogleCloudAiplatformV1SchemaPredictParamsImageSegmentationPredictionParams: + description: Prediction model parameters for Image Segmentation. + properties: + confidenceThreshold: + description: >- + When the model predicts category of pixels of the image, it will + only provide predictions for pixels that it is at least this much + confident about. All other pixels will be classified as background. + Default value is 0.5. + type: number + format: float + type: object + id: >- + GoogleCloudAiplatformV1SchemaPredictParamsImageSegmentationPredictionParams + GoogleCloudAiplatformV1NetworkSpec: + type: object + id: GoogleCloudAiplatformV1NetworkSpec + properties: + network: + description: >- + The full name of the Google Compute Engine + [network](https://cloud.google.com//compute/docs/networks-and-firewalls#networks) + type: string + enableInternetAccess: + description: Whether to enable public internet access. Default false. + type: boolean + subnetwork: + type: string + description: >- + The name of the subnet that this instance is in. Format: + `projects/{project_id_or_number}/regions/{region}/subnetworks/{subnetwork_id}` + description: Network spec. + GoogleCloudAiplatformV1CreateRegistryFeatureOperationMetadata: + properties: + genericMetadata: + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + description: Operation metadata for Feature. + id: GoogleCloudAiplatformV1CreateRegistryFeatureOperationMetadata + description: Details of operations that perform create FeatureGroup. + type: object + GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecDiscreteValueCondition: + properties: + values: + type: array + items: + format: double + type: number + description: >- + Required. Matches values of the parent parameter of 'DISCRETE' type. + All values must exist in `discrete_value_spec` of parent parameter. + The Epsilon of the value matching is 1e-10. + description: Represents the spec to match discrete values from parent parameter. + id: >- + GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecDiscreteValueCondition + type: object + GoogleCloudAiplatformV1NearestNeighborQueryNumericFilter: + description: >- + Numeric filter is used to search a subset of the entities by using + boolean rules on numeric columns. For example: Database Point 0: {name: + "a" value_int: 42} {name: "b" value_float: 1.0} Database Point 1: {name: + "a" value_int: 10} {name: "b" value_float: 2.0} Database Point 2: {name: + "a" value_int: -1} {name: "b" value_float: 3.0} Query: {name: "a" + value_int: 12 operator: LESS} // Matches Point 1, 2 {name: "b" + value_float: 2.0 operator: EQUAL} // Matches Point 1 + type: object + properties: + valueDouble: + description: double value type. + type: number + format: double + name: + description: Required. Column name in BigQuery that used as filters. + type: string + valueInt: + format: int64 + description: int value type. + type: string + valueFloat: + type: number + format: float + description: float value type. + op: + description: >- + Optional. This MUST be specified for queries and must NOT be + specified for database points. + enum: + - OPERATOR_UNSPECIFIED + - LESS + - LESS_EQUAL + - EQUAL + - GREATER_EQUAL + - GREATER + - NOT_EQUAL + enumDescriptions: + - Unspecified operator. + - Entities are eligible if their value is < the query's. + - Entities are eligible if their value is <= the query's. + - Entities are eligible if their value is == the query's. + - Entities are eligible if their value is >= the query's. + - Entities are eligible if their value is > the query's. + - Entities are eligible if their value is != the query's. + type: string + id: GoogleCloudAiplatformV1NearestNeighborQueryNumericFilter + GoogleCloudAiplatformV1ExplanationMetadataOutputMetadata: + type: object + id: GoogleCloudAiplatformV1ExplanationMetadataOutputMetadata + description: Metadata of the prediction output to be explained. + properties: + outputTensorName: + description: >- + Name of the output tensor. Required and is only applicable to Vertex + AI provided images for Tensorflow. + type: string + displayNameMappingKey: + type: string + description: >- + Specify a field name in the prediction to look for the display name. + Use this if the prediction contains the display names for the + outputs. The display names in the prediction must have the same + shape of the outputs, so that it can be located by + Attribution.output_index for a specific output. + indexDisplayNameMapping: + type: any + description: >- + Static mapping between the index and display name. Use this if the + outputs are a deterministic n-dimensional array, e.g. a list of + scores of all the classes in a pre-defined order for a + multi-classification Model. It's not feasible if the outputs are + non-deterministic, e.g. the Model produces top-k classes or sort the + outputs by their values. The shape of the value must be an + n-dimensional array of strings. The number of dimensions must match + that of the outputs to be explained. The + Attribution.output_display_name is populated by locating in the + mapping with Attribution.output_index. + GoogleCloudAiplatformV1SchemaTextSentimentSavedQueryMetadata: + description: The metadata of SavedQuery contains TextSentiment Annotations. + properties: + sentimentMax: + format: int32 + description: The maximum sentiment of sentiment Anntoation in this SavedQuery. + type: integer + type: object + id: GoogleCloudAiplatformV1SchemaTextSentimentSavedQueryMetadata + GoogleCloudAiplatformV1MetadataStoreMetadataStoreState: + properties: + diskUtilizationBytes: + description: The disk utilization of the MetadataStore in bytes. + format: int64 + type: string + description: Represents state information for a MetadataStore. + type: object + id: GoogleCloudAiplatformV1MetadataStoreMetadataStoreState + GoogleCloudAiplatformV1ExportModelOperationMetadata: + id: GoogleCloudAiplatformV1ExportModelOperationMetadata + type: object + description: Details of ModelService.ExportModel operation. + properties: + genericMetadata: + description: The common part of the operation metadata. + $ref: '#/components/schemas/GoogleCloudAiplatformV1GenericOperationMetadata' + outputInfo: + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ExportModelOperationMetadataOutputInfo + description: >- + Output only. Information further describing the output of this Model + export. + GoogleCloudAiplatformV1PreferenceOptimizationSpec: + type: object + id: GoogleCloudAiplatformV1PreferenceOptimizationSpec + description: Tuning Spec for Preference Optimization. + properties: + validationDatasetUri: + description: >- + Optional. Cloud Storage path to file containing validation dataset + for preference optimization tuning. The dataset must be formatted as + a JSONL file. + type: string + trainingDatasetUri: + type: string + description: >- + Required. Cloud Storage path to file containing training dataset for + preference optimization tuning. The dataset must be formatted as a + JSONL file. + exportLastCheckpointOnly: + description: >- + Optional. If set to true, disable intermediate checkpoints for + Preference Optimization and only the last checkpoint will be + exported. Otherwise, enable intermediate checkpoints for Preference + Optimization. Default is false. + type: boolean + hyperParameters: + description: Optional. Hyperparameters for Preference Optimization. + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PreferenceOptimizationHyperParameters + GoogleCloudAiplatformV1ListEndpointsResponse: + type: object + properties: + endpoints: + type: array + description: List of Endpoints in the requested page. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Endpoint' + nextPageToken: + description: >- + A token to retrieve the next page of results. Pass to + ListEndpointsRequest.page_token to obtain that page. + type: string + description: Response message for EndpointService.ListEndpoints. + id: GoogleCloudAiplatformV1ListEndpointsResponse + GoogleCloudAiplatformV1ToolNameMatchInstance: + properties: + prediction: + description: Required. Output of the evaluated model. + type: string + reference: + type: string + description: Required. Ground truth used to compare against the prediction. + description: Spec for tool name match instance. + type: object + id: GoogleCloudAiplatformV1ToolNameMatchInstance + GoogleCloudAiplatformV1SyncFeatureViewResponse: + type: object + properties: + featureViewSync: + description: >- + Format: + `projects/{project}/locations/{location}/featureOnlineStores/{feature_online_store}/featureViews/{feature_view}/featureViewSyncs/{feature_view_sync}` + type: string + description: Response message for FeatureOnlineStoreAdminService.SyncFeatureView. + id: GoogleCloudAiplatformV1SyncFeatureViewResponse + GoogleCloudAiplatformV1QuestionAnsweringCorrectnessInstance: + id: GoogleCloudAiplatformV1QuestionAnsweringCorrectnessInstance + description: Spec for question answering correctness instance. + properties: + prediction: + type: string + description: Required. Output of the evaluated model. + reference: + type: string + description: Optional. Ground truth used to compare against the prediction. + instruction: + description: >- + Required. The question asked and other instruction in the inference + prompt. + type: string + context: + description: Optional. Text provided as context to answer the question. + type: string + type: object + GoogleCloudAiplatformV1DirectPredictRequest: + type: object + description: Request message for PredictionService.DirectPredict. + id: GoogleCloudAiplatformV1DirectPredictRequest + properties: + inputs: + description: The prediction input. + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' + parameters: + description: The parameters that govern the prediction. + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensor' + GoogleCloudAiplatformV1FeatureGroup: + type: object + description: Vertex AI Feature Group. + properties: + etag: + type: string + description: >- + Optional. Used to perform consistent read-modify-write updates. If + not set, a blind "overwrite" update happens. + serviceAccountEmail: + readOnly: true + type: string + description: >- + Output only. A Service Account unique to this FeatureGroup. The role + bigquery.dataViewer should be granted to this service account to + allow Vertex AI Feature Store to access source data while running + jobs under this FeatureGroup. + labels: + additionalProperties: + type: string + type: object + description: >- + Optional. The labels with user-defined metadata to organize your + FeatureGroup. Label keys and values can be no longer than 64 + characters (Unicode codepoints), can only contain lowercase letters, + numeric characters, underscores and dashes. International characters + are allowed. See https://goo.gl/xmQnxf for more information on and + examples of labels. No more than 64 user labels can be associated + with one FeatureGroup(System labels are excluded)." System reserved + label keys are prefixed with "aiplatform.googleapis.com/" and are + immutable. + serviceAgentType: + description: >- + Optional. Service agent type used during jobs under a FeatureGroup. + By default, the Vertex AI Service Agent is used. When using an IAM + Policy to isolate this FeatureGroup within a project, a separate + service account should be provisioned by setting this field to + `SERVICE_AGENT_TYPE_FEATURE_GROUP`. This will generate a separate + service account to access the BigQuery source table. + enumDescriptions: + - By default, the project-level Vertex AI Service Agent is enabled. + - >- + Specifies the project-level Vertex AI Service Agent + (https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents). + - >- + Enable a FeatureGroup service account to be created by Vertex AI + and output in the field `service_account_email`. This service + account will be used to read from the source BigQuery table during + jobs under a FeatureGroup. + type: string + enum: + - SERVICE_AGENT_TYPE_UNSPECIFIED + - SERVICE_AGENT_TYPE_PROJECT + - SERVICE_AGENT_TYPE_FEATURE_GROUP + createTime: + description: Output only. Timestamp when this FeatureGroup was created. + format: google-datetime + type: string + readOnly: true + updateTime: + format: google-datetime + type: string + readOnly: true + description: Output only. Timestamp when this FeatureGroup was last updated. + description: + description: Optional. Description of the FeatureGroup. + type: string + bigQuery: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureGroupBigQuery' + description: >- + Indicates that features for this group come from BigQuery + Table/View. By default treats the source as a sparse time series + source. The BigQuery source table or view must have at least one + entity ID column and a column named `feature_timestamp`. + name: + type: string + description: >- + Identifier. Name of the FeatureGroup. Format: + `projects/{project}/locations/{location}/featureGroups/{featureGroup}` + id: GoogleCloudAiplatformV1FeatureGroup + GoogleCloudAiplatformV1RougeInstance: + id: GoogleCloudAiplatformV1RougeInstance + description: Spec for rouge instance. + type: object + properties: + prediction: + type: string + description: Required. Output of the evaluated model. + reference: + description: Required. Ground truth used to compare against the prediction. + type: string + GoogleCloudAiplatformV1PointwiseMetricInput: + properties: + metricSpec: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PointwiseMetricSpec' + description: Required. Spec for pointwise metric. + instance: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PointwiseMetricInstance' + description: Required. Pointwise metric instance. + id: GoogleCloudAiplatformV1PointwiseMetricInput + description: Input for pointwise metric. + type: object + GoogleCloudAiplatformV1RetrieveMemoriesRequestSimilaritySearchParams: + type: object + properties: + searchQuery: + description: >- + Required. Query to use for similarity search retrieval. If provided, + then the parent ReasoningEngine must have + ReasoningEngineContextSpec.MemoryBankConfig.SimilaritySearchConfig + set. + type: string + topK: + description: >- + Optional. The maximum number of memories to return. The service may + return fewer than this value. If unspecified, at most 3 memories + will be returned. The maximum value is 100; values above 100 will be + coerced to 100. + format: int32 + type: integer + id: GoogleCloudAiplatformV1RetrieveMemoriesRequestSimilaritySearchParams + description: Parameters for semantic similarity search based retrieval. + GoogleCloudAiplatformV1SearchFeaturesResponse: + type: object + properties: + nextPageToken: + type: string + description: >- + A token, which can be sent as SearchFeaturesRequest.page_token to + retrieve the next page. If this field is omitted, there are no + subsequent pages. + features: + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' + type: array + description: >- + The Features matching the request. Fields returned: * `name` * + `description` * `labels` * `create_time` * `update_time` + id: GoogleCloudAiplatformV1SearchFeaturesResponse + description: Response message for FeaturestoreService.SearchFeatures. + GoogleCloudAiplatformV1AddContextArtifactsAndExecutionsResponse: + description: Response message for MetadataService.AddContextArtifactsAndExecutions. + properties: {} + type: object + id: GoogleCloudAiplatformV1AddContextArtifactsAndExecutionsResponse + GoogleCloudAiplatformV1SchemaTextSegment: + type: object + properties: + startOffset: + type: string + description: >- + Zero-based character index of the first character of the text + segment (counting characters from the beginning of the text). + format: uint64 + endOffset: + format: uint64 + type: string + description: >- + Zero-based character index of the first character past the end of + the text segment (counting character from the beginning of the + text). The character at the end_offset is NOT included in the text + segment. + content: + description: The text content in the segment for output only. + type: string + description: The text segment inside of DataItem. + id: GoogleCloudAiplatformV1SchemaTextSegment + GoogleCloudAiplatformV1Citation: + properties: + startIndex: + type: integer + description: Output only. The start index of the citation in the content. + format: int32 + readOnly: true + license: + readOnly: true + type: string + description: Output only. The license of the source of the citation. + uri: + description: Output only. The URI of the source of the citation. + type: string + readOnly: true + publicationDate: + $ref: '#/components/schemas/GoogleTypeDate' + description: Output only. The publication date of the source of the citation. + readOnly: true + title: + readOnly: true + description: Output only. The title of the source of the citation. + type: string + endIndex: + description: Output only. The end index of the citation in the content. + readOnly: true + type: integer + format: int32 + type: object + id: GoogleCloudAiplatformV1Citation + description: A citation for a piece of generatedcontent. + GoogleCloudAiplatformV1SearchEntryPoint: + description: >- + An entry point for displaying Google Search results. A + `SearchEntryPoint` is populated when the grounding source for a model's + response is Google Search. It provides information that you can use to + display the search results in your application. + id: GoogleCloudAiplatformV1SearchEntryPoint + properties: + renderedContent: + type: string + description: >- + Optional. An HTML snippet that can be embedded in a web page or an + application's webview. This snippet displays a search result, + including the title, URL, and a brief description of the search + result. + sdkBlob: + description: >- + Optional. A base64-encoded JSON object that contains a list of + search queries and their corresponding search URLs. This information + can be used to build a custom search UI. + type: string + format: byte + type: object + GoogleCloudAiplatformV1CompleteTrialRequest: + properties: + trialInfeasible: + type: boolean + description: >- + Optional. True if the Trial cannot be run with the given Parameter, + and final_measurement will be ignored. + finalMeasurement: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Measurement' + description: >- + Optional. If provided, it will be used as the completed Trial's + final_measurement; Otherwise, the service will auto-select a + previously reported measurement as the final-measurement + infeasibleReason: + description: >- + Optional. A human readable reason why the trial was infeasible. This + should only be provided if `trial_infeasible` is true. + type: string + type: object + description: Request message for VizierService.CompleteTrial. + id: GoogleCloudAiplatformV1CompleteTrialRequest + GoogleCloudAiplatformV1TunedModel: + properties: + model: + readOnly: true + type: string + description: >- + Output only. The resource name of the TunedModel. Format: + `projects/{project}/locations/{location}/models/{model}@{version_id}` + When tuning from a base model, the version ID will be 1. For + continuous tuning, if the provided tuned_model_display_name is set + and different from parent model's display name, the tuned model will + have a new parent model with version 1. Otherwise the version id + will be incremented by 1 from the last version ID in the parent + model. E.g., + `projects/{project}/locations/{location}/models/{model}@{last_version_id + + 1}` + endpoint: + readOnly: true + type: string + description: >- + Output only. A resource name of an Endpoint. Format: + `projects/{project}/locations/{location}/endpoints/{endpoint}`. + checkpoints: + type: array + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TunedModelCheckpoint' + readOnly: true + description: >- + Output only. The checkpoints associated with this TunedModel. This + field is only populated for tuning jobs that enable intermediate + checkpoints. + description: >- + The Model Registry Model and Online Prediction Endpoint associated with + this TuningJob. + type: object + id: GoogleCloudAiplatformV1TunedModel + GoogleCloudAiplatformV1NotebookRuntimeTemplateRef: + description: Points to a NotebookRuntimeTemplateRef. + id: GoogleCloudAiplatformV1NotebookRuntimeTemplateRef + type: object + properties: + notebookRuntimeTemplate: + type: string + description: Immutable. A resource name of the NotebookRuntimeTemplate. + GoogleCloudAiplatformV1JiraSourceJiraQueries: + id: GoogleCloudAiplatformV1JiraSourceJiraQueries + properties: + serverUri: + description: Required. The Jira server URI. + type: string + apiKeyConfig: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ApiAuthApiKeyConfig' + description: >- + Required. The SecretManager secret version resource name (e.g. + projects/{project}/secrets/{secret}/versions/{version}) storing the + Jira API key. See [Manage API tokens for your Atlassian + account](https://support.atlassian.com/atlassian-account/docs/manage-api-tokens-for-your-atlassian-account/). + projects: + items: + type: string + type: array + description: A list of Jira projects to import in their entirety. + customQueries: + items: + type: string + type: array + description: >- + A list of custom Jira queries to import. For information about JQL + (Jira Query Language), see + https://support.atlassian.com/jira-service-management-cloud/docs/use-advanced-search-with-jira-query-language-jql/ + email: + type: string + description: Required. The Jira email address. + type: object + description: JiraQueries contains the Jira queries and corresponding authentication. + GoogleCloudAiplatformV1ResourcesConsumed: + properties: + replicaHours: + description: >- + Output only. The number of replica hours used. Note that many + replicas may run in parallel, and additionally any given work may be + queued for some time. Therefore this value is not strictly related + to wall time. + readOnly: true + format: double + type: number + description: Statistics information about resource consumption. + type: object + id: GoogleCloudAiplatformV1ResourcesConsumed + GoogleCloudAiplatformV1SchemaPredictParamsGroundingConfig: + type: object + properties: + disableAttribution: + description: >- + If set, skip finding claim attributions (i.e not generate grounding + citation). + deprecated: true + type: boolean + sources: + items: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SchemaPredictParamsGroundingConfigSourceEntry + type: array + description: The sources for the grounding checking. + id: GoogleCloudAiplatformV1SchemaPredictParamsGroundingConfig + description: The configuration for grounding checking. + GoogleCloudAiplatformV1Claim: + description: Claim that is extracted from the input text and facts that support it. + type: object + properties: + endIndex: + format: int32 + type: integer + description: Index in the input text where the claim ends (exclusive). + startIndex: + format: int32 + type: integer + description: Index in the input text where the claim starts (inclusive). + score: + format: float + type: number + description: Confidence score of this corroboration. + factIndexes: + type: array + items: + format: int32 + type: integer + description: Indexes of the facts supporting this claim. + id: GoogleCloudAiplatformV1Claim + GoogleCloudAiplatformV1MetricxResult: + type: object + properties: + score: + type: number + description: Output only. MetricX score. Range depends on version. + readOnly: true + format: float + description: >- + Spec for MetricX result - calculates the MetricX score for the given + instance using the version specified in the spec. + id: GoogleCloudAiplatformV1MetricxResult + GoogleCloudAiplatformV1QuestionAnsweringRelevanceSpec: + description: Spec for question answering relevance metric. + type: object + properties: + version: + type: integer + description: Optional. Which version to use for evaluation. + format: int32 + useReference: + description: >- + Optional. Whether to use instance.reference to compute question + answering relevance. + type: boolean + id: GoogleCloudAiplatformV1QuestionAnsweringRelevanceSpec + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoClassificationInputs: + type: object + id: >- + GoogleCloudAiplatformV1SchemaTrainingjobDefinitionAutoMlVideoClassificationInputs + properties: + modelType: + enum: + - MODEL_TYPE_UNSPECIFIED + - CLOUD + - MOBILE_VERSATILE_1 + - MOBILE_JETSON_VERSATILE_1 + enumDescriptions: + - Should not be set. + - >- + A model best tailored to be used within Google Cloud, and which + cannot be exported. Default. + - >- + A model that, in addition to being available within Google Cloud, + can also be exported (see ModelService.ExportModel) as a + TensorFlow or TensorFlow Lite model and used on a mobile or edge + device afterwards. + - >- + A model that, in addition to being available within Google Cloud, + can also be exported (see ModelService.ExportModel) to a Jetson + device afterwards. + type: string + GoogleCloudAiplatformV1CometResult: + description: >- + Spec for Comet result - calculates the comet score for the given + instance using the version specified in the spec. + properties: + score: + type: number + format: float + description: Output only. Comet score. Range depends on version. + readOnly: true + type: object + id: GoogleCloudAiplatformV1CometResult + CloudAiLargeModelsVisionGenerateVideoResponseVideo: + id: CloudAiLargeModelsVisionGenerateVideoResponseVideo + properties: + mimeType: + description: The MIME type of the content of the video. - video/mp4 + type: string + bytesBase64Encoded: + description: Base64 encoded bytes string representing the video. + type: string + gcsUri: + description: Cloud Storage URI where the generated video is written. + type: string + type: object + GoogleCloudAiplatformV1GenerateMemoriesRequestDirectMemoriesSourceDirectMemory: + properties: + fact: + type: string + description: Required. The fact to consolidate with existing memories. + topics: + type: array + description: >- + Optional. The topics that the consolidated memories should be + associated with. + items: + $ref: '#/components/schemas/GoogleCloudAiplatformV1MemoryTopicId' + type: object + id: >- + GoogleCloudAiplatformV1GenerateMemoriesRequestDirectMemoriesSourceDirectMemory + description: A direct memory to upload to Memory Bank. + GoogleCloudAiplatformV1PipelineTaskExecutorDetailCustomJobDetail: + description: The detailed info for a custom job executor. + type: object + properties: + failedJobs: + readOnly: true + description: >- + Output only. The names of the previously failed CustomJob. The list + includes the all attempts in chronological order. + type: array + items: + type: string + job: + type: string + readOnly: true + description: Output only. The name of the CustomJob. + id: GoogleCloudAiplatformV1PipelineTaskExecutorDetailCustomJobDetail + parameters: + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string + alt: + description: Data format for response. + in: query + name: alt + schema: + type: string + enum: + - json + - media + - proto + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + callback: + description: JSONP + in: query + name: callback + schema: + type: string + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' + x-stackQL-resources: + operations: + id: google.aiplatform.operations + name: operations + title: Operations + methods: + cancel: + operation: + $ref: >- + #/paths/~1v1~1persistentResources~1{persistentResourcesId}~1operations~1{operationsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1persistentResources~1{persistentResourcesId}~1operations~1{operationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1persistentResources~1{persistentResourcesId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + wait: + operation: + $ref: >- + #/paths/~1v1~1persistentResources~1{persistentResourcesId}~1operations~1{operationsId}:wait/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1persistentResources~1{persistentResourcesId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.operations + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' + insert: [] + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + models: + id: google.aiplatform.models + name: models + title: Models + methods: + count_tokens: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1publishers~1{publishersId}~1models~1{modelsId}:countTokens/post + response: + mediaType: application/json + openAPIDocKey: '200' + predict: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1publishers~1{publishersId}~1models~1{modelsId}:predict/post + response: + mediaType: application/json + openAPIDocKey: '200' + fetch_predict_operation: + operation: + $ref: >- + #/paths/~1v1~1publishers~1{publishersId}~1models~1{modelsId}:fetchPredictOperation/post + response: + mediaType: application/json + openAPIDocKey: '200' + predict_long_running: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1publishers~1{publishersId}~1models~1{modelsId}:predictLongRunning/post + response: + mediaType: application/json + openAPIDocKey: '200' + generate_content: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1publishers~1{publishersId}~1models~1{modelsId}:generateContent/post + response: + mediaType: application/json + openAPIDocKey: '200' + compute_tokens: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1publishers~1{publishersId}~1models~1{modelsId}:computeTokens/post + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + stream_generate_content: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1publishers~1{publishersId}~1models~1{modelsId}:streamGenerateContent/post + response: + mediaType: application/json + openAPIDocKey: '200' + stream_raw_predict: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1publishers~1{publishersId}~1models~1{modelsId}:streamRawPredict/post + response: + mediaType: application/json + openAPIDocKey: '200' + server_streaming_predict: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1publishers~1{publishersId}~1models~1{modelsId}:serverStreamingPredict/post + response: + mediaType: application/json + openAPIDocKey: '200' + raw_predict: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1publishers~1{publishersId}~1models~1{modelsId}:rawPredict/post + response: + mediaType: application/json + openAPIDocKey: '200' + embed_content: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1publishers~1{publishersId}~1models~1{modelsId}:embedContent/post response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts~1{contextsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}/patch response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts~1{contextsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}/delete response: mediaType: application/json openAPIDocKey: '200' - purge: + copy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts:purge/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models:copy/post response: mediaType: application/json openAPIDocKey: '200' - add_context_artifacts_and_executions: + export: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts~1{contextsId}:addContextArtifactsAndExecutions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:export/post response: mediaType: application/json openAPIDocKey: '200' - add_context_children: + merge_version_aliases: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts~1{contextsId}:addContextChildren/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:mergeVersionAliases/post response: mediaType: application/json openAPIDocKey: '200' - remove_context_children: + update_explanation_dataset: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts~1{contextsId}:removeContextChildren/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:updateExplanationDataset/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.models + upload: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models:upload/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/contexts/methods/get' - - $ref: '#/components/x-stackQL-resources/contexts/methods/list' + - $ref: '#/components/x-stackQL-resources/models/methods/get' + - $ref: '#/components/x-stackQL-resources/models/methods/list' + insert: [] + update: + - $ref: '#/components/x-stackQL-resources/models/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/models/methods/delete' + chat: + id: google.aiplatform.chat + name: chat + title: Chat + methods: + completions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}~1chat~1completions/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + endpoints: + id: google.aiplatform.endpoints + name: endpoints + title: Endpoints + methods: + compute_tokens: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:computeTokens/post + response: + mediaType: application/json + openAPIDocKey: '200' + predict_long_running: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:predictLongRunning/post + response: + mediaType: application/json + openAPIDocKey: '200' + count_tokens: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:countTokens/post + response: + mediaType: application/json + openAPIDocKey: '200' + generate_content: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:generateContent/post + response: + mediaType: application/json + openAPIDocKey: '200' + predict: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:predict/post + response: + mediaType: application/json + openAPIDocKey: '200' + stream_generate_content: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:streamGenerateContent/post + response: + mediaType: application/json + openAPIDocKey: '200' + fetch_predict_operation: + operation: + $ref: '#/paths/~1v1~1endpoints~1{endpointsId}:fetchPredictOperation/post' + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.endpoints + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints/post + response: + mediaType: application/json + openAPIDocKey: '200' + direct_predict: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:directPredict/post + response: + mediaType: application/json + openAPIDocKey: '200' + direct_raw_predict: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:directRawPredict/post + response: + mediaType: application/json + openAPIDocKey: '200' + stream_raw_predict: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:streamRawPredict/post + response: + mediaType: application/json + openAPIDocKey: '200' + raw_predict: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:rawPredict/post + response: + mediaType: application/json + openAPIDocKey: '200' + server_streaming_predict: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:serverStreamingPredict/post + response: + mediaType: application/json + openAPIDocKey: '200' + mutate_deployed_model: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:mutateDeployedModel/post + response: + mediaType: application/json + openAPIDocKey: '200' + explain: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:explain/post + response: + mediaType: application/json + openAPIDocKey: '200' + update: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:update/post + response: + mediaType: application/json + openAPIDocKey: '200' + undeploy_model: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:undeployModel/post + response: + mediaType: application/json + openAPIDocKey: '200' + deploy_model: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:deployModel/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/endpoints/methods/get' + - $ref: '#/components/x-stackQL-resources/endpoints/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/contexts/methods/create' + - $ref: '#/components/x-stackQL-resources/endpoints/methods/create' update: - - $ref: '#/components/x-stackQL-resources/contexts/methods/patch' + - $ref: '#/components/x-stackQL-resources/endpoints/methods/patch' + - $ref: '#/components/x-stackQL-resources/endpoints/methods/update' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/contexts/methods/delete' - featurestores_iam_policies: - id: google.aiplatform.featurestores_iam_policies - name: featurestores_iam_policies - title: Featurestores_iam_policies + - $ref: '#/components/x-stackQL-resources/endpoints/methods/delete' + batch_prediction_jobs: + id: google.aiplatform.batch_prediction_jobs + name: batch_prediction_jobs + title: Batch_prediction_jobs methods: - set_iam_policy: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batchPredictionJobs/get response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + objectKey: $.batchPredictionJobs + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batchPredictionJobs/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batchPredictionJobs~1{batchPredictionJobsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batchPredictionJobs~1{batchPredictionJobsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batchPredictionJobs~1{batchPredictionJobsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: + - $ref: '#/components/x-stackQL-resources/batch_prediction_jobs/methods/get' - $ref: >- - #/components/x-stackQL-resources/featurestores_iam_policies/methods/get_iam_policy - insert: [] + #/components/x-stackQL-resources/batch_prediction_jobs/methods/list + insert: + - $ref: >- + #/components/x-stackQL-resources/batch_prediction_jobs/methods/create update: [] - replace: + replace: [] + delete: - $ref: >- - #/components/x-stackQL-resources/featurestores_iam_policies/methods/set_iam_policy - delete: [] - featurestores: - id: google.aiplatform.featurestores - name: featurestores - title: Featurestores + #/components/x-stackQL-resources/batch_prediction_jobs/methods/delete + operations_wait: + id: google.aiplatform.operations_wait + name: operations_wait + title: Operations_wait methods: - create: + list_wait: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}~1operations~1{operationsId}:wait/get response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.operations + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/operations_wait/methods/list_wait' + insert: [] + update: [] + replace: [] + delete: [] + dataset_versions: + id: google.aiplatform.dataset_versions + name: dataset_versions + title: Dataset_versions + methods: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1datasetVersions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.featurestores - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1datasetVersions/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.datasetVersions patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1datasetVersions~1{datasetVersionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1datasetVersions~1{datasetVersionsId}/get response: mediaType: application/json openAPIDocKey: '200' - batch_read_feature_values: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}:batchReadFeatureValues/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1datasetVersions~1{datasetVersionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - search_features: + restore: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores:searchFeatures/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1datasetVersions~1{datasetVersionsId}:restore/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/featurestores/methods/get' - - $ref: '#/components/x-stackQL-resources/featurestores/methods/list' + - $ref: '#/components/x-stackQL-resources/dataset_versions/methods/get' + - $ref: '#/components/x-stackQL-resources/dataset_versions/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/featurestores/methods/create' + - $ref: '#/components/x-stackQL-resources/dataset_versions/methods/create' update: - - $ref: '#/components/x-stackQL-resources/featurestores/methods/patch' + - $ref: '#/components/x-stackQL-resources/dataset_versions/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/featurestores/methods/delete' - entity_types_iam_policies: - id: google.aiplatform.entity_types_iam_policies - name: entity_types_iam_policies - title: Entity_types_iam_policies + - $ref: '#/components/x-stackQL-resources/dataset_versions/methods/delete' + datasets: + id: google.aiplatform.datasets + name: datasets + title: Datasets methods: - set_iam_policy: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets/post response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.datasets + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + search_data_items: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:searchDataItems/get + response: + mediaType: application/json + openAPIDocKey: '200' + export: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:export/post + response: + mediaType: application/json + openAPIDocKey: '200' + import: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:import/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/datasets/methods/get' + - $ref: '#/components/x-stackQL-resources/datasets/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/datasets/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/datasets/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/datasets/methods/delete' + cache_config: + id: google.aiplatform.cache_config + name: cache_config + title: Cache_config + methods: + update_cache_config: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1cacheConfig/patch' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + get_cache_config: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:testIamPermissions/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1cacheConfig/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/entity_types_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/cache_config/methods/get_cache_config insert: [] - update: [] - replace: + update: - $ref: >- - #/components/x-stackQL-resources/entity_types_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/cache_config/methods/update_cache_config + replace: [] delete: [] - entity_types: - id: google.aiplatform.entity_types - name: entity_types - title: Entity_types + locations: + id: google.aiplatform.locations + name: locations + title: Locations methods: - read_feature_values: + evaluate_dataset: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:readFeatureValues/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:evaluateDataset/post response: mediaType: application/json openAPIDocKey: '200' - streaming_read_feature_values: + deploy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:streamingReadFeatureValues/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:deploy/post response: mediaType: application/json openAPIDocKey: '200' - write_feature_values: + get: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:writeFeatureValues/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - create: + generate_instance_rubrics: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:generateInstanceRubrics/post response: mediaType: application/json openAPIDocKey: '200' list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.entityTypes - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}/patch + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.locations + augment_prompt: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:augmentPrompt/post response: mediaType: application/json openAPIDocKey: '200' - import_feature_values: + corroborate_content: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:importFeatureValues/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:corroborateContent/post response: mediaType: application/json openAPIDocKey: '200' - export_feature_values: + evaluate_instances: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:exportFeatureValues/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:evaluateInstances/post response: mediaType: application/json openAPIDocKey: '200' - delete_feature_values: + generate_synthetic_data: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:deleteFeatureValues/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:generateSyntheticData/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/entity_types/methods/get' - - $ref: '#/components/x-stackQL-resources/entity_types/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/entity_types/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/entity_types/methods/patch' + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' + insert: [] + update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/entity_types/methods/delete' - operations: - id: google.aiplatform.operations - name: operations - title: Operations + delete: [] + contexts: + id: google.aiplatform.contexts + name: contexts + title: Contexts methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - get: + retrieve_contexts: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:retrieveContexts/post response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts~1{contextsId}/delete response: mediaType: application/json openAPIDocKey: '200' - cancel: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts~1{contextsId}/patch response: mediaType: application/json openAPIDocKey: '200' - wait: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1operations~1{operationsId}:wait/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts~1{contextsId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' - insert: [] - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - features: - id: google.aiplatform.features - name: features - title: Features - methods: create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}~1features/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}~1features/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.features - batch_create: + objectKey: $.contexts + add_context_children: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}~1features:batchCreate/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts~1{contextsId}:addContextChildren/post response: mediaType: application/json openAPIDocKey: '200' - get: + add_context_artifacts_and_executions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}~1features~1{featuresId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts~1{contextsId}:addContextArtifactsAndExecutions/post response: mediaType: application/json openAPIDocKey: '200' - patch: + remove_context_children: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}~1features~1{featuresId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts~1{contextsId}:removeContextChildren/post response: mediaType: application/json openAPIDocKey: '200' - delete: + purge: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}~1features~1{featuresId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1contexts:purge/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/features/methods/get' - - $ref: '#/components/x-stackQL-resources/features/methods/list' + - $ref: '#/components/x-stackQL-resources/contexts/methods/get' + - $ref: '#/components/x-stackQL-resources/contexts/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/features/methods/create' - - $ref: '#/components/x-stackQL-resources/features/methods/batch_create' + - $ref: '#/components/x-stackQL-resources/contexts/methods/create' update: - - $ref: '#/components/x-stackQL-resources/features/methods/patch' + - $ref: '#/components/x-stackQL-resources/contexts/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/features/methods/delete' - models_iam_policies: - id: google.aiplatform.models_iam_policies - name: models_iam_policies - title: Models_iam_policies + - $ref: '#/components/x-stackQL-resources/contexts/methods/delete' + rag_engine_config: + id: google.aiplatform.rag_engine_config + name: rag_engine_config + title: Rag_engine_config methods: - set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - get_iam_policy: + get_rag_engine_config: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragEngineConfig/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + update_rag_engine_config: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragEngineConfig/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/models_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/rag_engine_config/methods/get_rag_engine_config insert: [] - update: [] - replace: + update: - $ref: >- - #/components/x-stackQL-resources/models_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/rag_engine_config/methods/update_rag_engine_config + replace: [] delete: [] - models: - id: google.aiplatform.models - name: models - title: Models + specialist_pools: + id: google.aiplatform.specialist_pools + name: specialist_pools + title: Specialist_pools methods: - upload: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models:upload/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1specialistPools~1{specialistPoolsId}/delete response: mediaType: application/json openAPIDocKey: '200' - get: + patch: operation: - $ref: '#/paths/~1v1~1publishers~1{publishersId}~1models~1{modelsId}/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1specialistPools~1{specialistPoolsId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1specialistPools~1{specialistPoolsId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1specialistPools/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1specialistPools/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.models - update_explanation_dataset: + objectKey: $.specialistPools + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/specialist_pools/methods/get' + - $ref: '#/components/x-stackQL-resources/specialist_pools/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/specialist_pools/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/specialist_pools/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/specialist_pools/methods/delete' + index_endpoints: + id: google.aiplatform.index_endpoints + name: index_endpoints + title: Index_endpoints + methods: + mutate_deployed_index: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:updateExplanationDataset/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints~1{indexEndpointsId}:mutateDeployedIndex/post response: mediaType: application/json openAPIDocKey: '200' - merge_version_aliases: + deploy_index: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:mergeVersionAliases/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints~1{indexEndpointsId}:deployIndex/post response: mediaType: application/json openAPIDocKey: '200' - export: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:export/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints/get response: mediaType: application/json openAPIDocKey: '200' - copy: + objectKey: $.indexEndpoints + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models:copy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints/post response: mediaType: application/json openAPIDocKey: '200' - predict: + undeploy_index: operation: $ref: >- - #/paths/~1v1~1publishers~1{publishersId}~1models~1{modelsId}:predict/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints~1{indexEndpointsId}:undeployIndex/post response: mediaType: application/json openAPIDocKey: '200' - raw_predict: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1publishers~1{publishersId}~1models~1{modelsId}:rawPredict/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints~1{indexEndpointsId}/patch response: mediaType: application/json openAPIDocKey: '200' - stream_raw_predict: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1publishers~1{publishersId}~1models~1{modelsId}:streamRawPredict/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints~1{indexEndpointsId}/get response: mediaType: application/json openAPIDocKey: '200' - server_streaming_predict: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1publishers~1{publishersId}~1models~1{modelsId}:serverStreamingPredict/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints~1{indexEndpointsId}/delete response: mediaType: application/json openAPIDocKey: '200' - predict_long_running: + read_index_datapoints: operation: $ref: >- - #/paths/~1v1~1publishers~1{publishersId}~1models~1{modelsId}:predictLongRunning/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints~1{indexEndpointsId}:readIndexDatapoints/post response: mediaType: application/json openAPIDocKey: '200' - generate_content: + find_neighbors: operation: $ref: >- - #/paths/~1v1~1publishers~1{publishersId}~1models~1{modelsId}:generateContent/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints~1{indexEndpointsId}:findNeighbors/post response: mediaType: application/json openAPIDocKey: '200' - stream_generate_content: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/index_endpoints/methods/get' + - $ref: '#/components/x-stackQL-resources/index_endpoints/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/index_endpoints/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/index_endpoints/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/index_endpoints/methods/delete' + training_pipelines: + id: google.aiplatform.training_pipelines + name: training_pipelines + title: Training_pipelines + methods: + delete: operation: $ref: >- - #/paths/~1v1~1publishers~1{publishersId}~1models~1{modelsId}:streamGenerateContent/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1trainingPipelines~1{trainingPipelinesId}/delete response: mediaType: application/json openAPIDocKey: '200' - count_tokens: + get: operation: $ref: >- - #/paths/~1v1~1publishers~1{publishersId}~1models~1{modelsId}:countTokens/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1trainingPipelines~1{trainingPipelinesId}/get response: mediaType: application/json openAPIDocKey: '200' - compute_tokens: + create: operation: $ref: >- - #/paths/~1v1~1publishers~1{publishersId}~1models~1{modelsId}:computeTokens/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1trainingPipelines/post response: mediaType: application/json openAPIDocKey: '200' - fetch_predict_operation: + list: operation: $ref: >- - #/paths/~1v1~1publishers~1{publishersId}~1models~1{modelsId}:fetchPredictOperation/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1trainingPipelines/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/models/methods/get' - - $ref: '#/components/x-stackQL-resources/models/methods/list' - insert: [] - update: - - $ref: '#/components/x-stackQL-resources/models/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/models/methods/delete' - models_versions: - id: google.aiplatform.models_versions - name: models_versions - title: Models_versions - methods: - list_versions: + objectKey: $.trainingPipelines + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:listVersions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1trainingPipelines~1{trainingPipelinesId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.models sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/models_versions/methods/list_versions - insert: [] + - $ref: '#/components/x-stackQL-resources/training_pipelines/methods/get' + - $ref: '#/components/x-stackQL-resources/training_pipelines/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/training_pipelines/methods/create' update: [] replace: [] - delete: [] - models_checkpoints: - id: google.aiplatform.models_checkpoints - name: models_checkpoints - title: Models_checkpoints + delete: + - $ref: '#/components/x-stackQL-resources/training_pipelines/methods/delete' + rag_corpora: + id: google.aiplatform.rag_corpora + name: rag_corpora + title: Rag_corpora methods: - list_checkpoints: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:listCheckpoints/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.checkpoints - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/models_checkpoints/methods/list_checkpoints - insert: [] - update: [] - replace: [] - delete: [] - model_versions: - id: google.aiplatform.model_versions - name: model_versions - title: Model_versions - methods: - delete_version: + objectKey: $.ragCorpora + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:deleteVersion/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/model_versions/methods/delete_version - evaluations: - id: google.aiplatform.evaluations - name: evaluations - title: Evaluations - methods: - import: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}~1evaluations:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}~1evaluations~1{evaluationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}~1evaluations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.modelEvaluations sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/evaluations/methods/get' - - $ref: '#/components/x-stackQL-resources/evaluations/methods/list' - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/rag_corpora/methods/get' + - $ref: '#/components/x-stackQL-resources/rag_corpora/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/rag_corpora/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/rag_corpora/methods/patch' replace: [] - delete: [] - slices: - id: google.aiplatform.slices - name: slices - title: Slices + delete: + - $ref: '#/components/x-stackQL-resources/rag_corpora/methods/delete' + rag_files: + id: google.aiplatform.rag_files + name: rag_files + title: Rag_files methods: - batch_import: + import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}~1evaluations~1{evaluationsId}~1slices~1{slicesId}:batchImport/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles:import/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.ragFiles + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles~1{ragFilesId}/delete response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}~1evaluations~1{evaluationsId}~1slices~1{slicesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles~1{ragFilesId}/get response: mediaType: application/json openAPIDocKey: '200' - list: + upload: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}~1evaluations~1{evaluationsId}~1slices/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles:upload/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.modelEvaluationSlices sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/slices/methods/get' - - $ref: '#/components/x-stackQL-resources/slices/methods/list' + - $ref: '#/components/x-stackQL-resources/rag_files/methods/get' + - $ref: '#/components/x-stackQL-resources/rag_files/methods/list' insert: [] update: [] replace: [] - delete: [] - notebook_runtime_templates_iam_policies: - id: google.aiplatform.notebook_runtime_templates_iam_policies - name: notebook_runtime_templates_iam_policies - title: Notebook_runtime_templates_iam_policies + delete: + - $ref: '#/components/x-stackQL-resources/rag_files/methods/delete' + rag_file_operations: + id: google.aiplatform.rag_file_operations + name: rag_file_operations + title: Rag_file_operations methods: - set_iam_policy: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimeTemplates~1{notebookRuntimeTemplatesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles~1{ragFilesId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimeTemplates~1{notebookRuntimeTemplatesId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles~1{ragFilesId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimeTemplates~1{notebookRuntimeTemplatesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles~1{ragFilesId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.operations + wait: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles~1{ragFilesId}~1operations~1{operationsId}:wait/post + response: + mediaType: application/json + openAPIDocKey: '200' + cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles~1{ragFilesId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/notebook_runtime_templates_iam_policies/methods/get_iam_policy + - $ref: '#/components/x-stackQL-resources/rag_file_operations/methods/get' + - $ref: '#/components/x-stackQL-resources/rag_file_operations/methods/list' insert: [] update: [] - replace: + replace: [] + delete: - $ref: >- - #/components/x-stackQL-resources/notebook_runtime_templates_iam_policies/methods/set_iam_policy - delete: [] - notebook_runtime_templates: - id: google.aiplatform.notebook_runtime_templates - name: notebook_runtime_templates - title: Notebook_runtime_templates + #/components/x-stackQL-resources/rag_file_operations/methods/delete + notebook_execution_jobs: + id: google.aiplatform.notebook_execution_jobs + name: notebook_execution_jobs + title: Notebook_execution_jobs methods: create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimeTemplates/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookExecutionJobs/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimeTemplates/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.notebookRuntimeTemplates - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimeTemplates~1{notebookRuntimeTemplatesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookExecutionJobs/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.notebookExecutionJobs + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimeTemplates~1{notebookRuntimeTemplatesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookExecutionJobs~1{notebookExecutionJobsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimeTemplates~1{notebookRuntimeTemplatesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookExecutionJobs~1{notebookExecutionJobsId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/notebook_runtime_templates/methods/get + #/components/x-stackQL-resources/notebook_execution_jobs/methods/get - $ref: >- - #/components/x-stackQL-resources/notebook_runtime_templates/methods/list + #/components/x-stackQL-resources/notebook_execution_jobs/methods/list insert: - $ref: >- - #/components/x-stackQL-resources/notebook_runtime_templates/methods/create - update: - - $ref: >- - #/components/x-stackQL-resources/notebook_runtime_templates/methods/patch + #/components/x-stackQL-resources/notebook_execution_jobs/methods/create + update: [] replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/notebook_runtime_templates/methods/delete + #/components/x-stackQL-resources/notebook_execution_jobs/methods/delete feature_online_stores_iam_policies: id: google.aiplatform.feature_online_stores_iam_policies name: feature_online_stores_iam_policies title: Feature_online_stores_iam_policies methods: - set_iam_policy: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- @@ -31567,21 +35063,20 @@ components: name: feature_online_stores title: Feature_online_stores methods: - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}/patch response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.featureOnlineStores get: operation: $ref: >- @@ -31589,17 +35084,18 @@ components: response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.featureOnlineStores + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores/post response: mediaType: application/json openAPIDocKey: '200' @@ -31618,81 +35114,50 @@ components: delete: - $ref: >- #/components/x-stackQL-resources/feature_online_stores/methods/delete - feature_views_iam_policies: - id: google.aiplatform.feature_views_iam_policies - name: feature_views_iam_policies - title: Feature_views_iam_policies + feature_views: + id: google.aiplatform.feature_views + name: feature_views + title: Feature_views methods: - set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - get_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}:getIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}/patch response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/feature_views_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/feature_views_iam_policies/methods/set_iam_policy - delete: [] - feature_views: - id: google.aiplatform.feature_views - name: feature_views - title: Feature_views - methods: - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}/get response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.featureViews - get: + direct_write: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}:directWrite/post response: mediaType: application/json openAPIDocKey: '200' - patch: + generate_fetch_access_token: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}:generateFetchAccessToken/post response: mediaType: application/json openAPIDocKey: '200' - delete: + search_nearest_entities: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}:searchNearestEntities/post response: mediaType: application/json openAPIDocKey: '200' @@ -31703,24 +35168,25 @@ components: response: mediaType: application/json openAPIDocKey: '200' - fetch_feature_values: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}:fetchFeatureValues/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews/get response: mediaType: application/json openAPIDocKey: '200' - search_nearest_entities: + objectKey: $.featureViews + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}:searchNearestEntities/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews/post response: mediaType: application/json openAPIDocKey: '200' - direct_write: + fetch_feature_values: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}:directWrite/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}:fetchFeatureValues/post response: mediaType: application/json openAPIDocKey: '200' @@ -31735,25 +35201,42 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/feature_views/methods/delete' - operations_wait: - id: google.aiplatform.operations_wait - name: operations_wait - title: Operations_wait + feature_views_iam_policies: + id: google.aiplatform.feature_views_iam_policies + name: feature_views_iam_policies + title: Feature_views_iam_policies methods: - list_wait: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}~1operations~1{operationsId}:wait/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}:getIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + test_iam_permissions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureOnlineStores~1{featureOnlineStoresId}~1featureViews~1{featureViewsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations_wait/methods/list_wait' + - $ref: >- + #/components/x-stackQL-resources/feature_views_iam_policies/methods/get_iam_policy insert: [] update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/feature_views_iam_policies/methods/set_iam_policy delete: [] feature_view_syncs: id: google.aiplatform.feature_view_syncs @@ -31783,570 +35266,674 @@ components: update: [] replace: [] delete: [] - feature_groups_iam_policies: - id: google.aiplatform.feature_groups_iam_policies - name: feature_groups_iam_policies - title: Feature_groups_iam_policies + deployment_resource_pools: + id: google.aiplatform.deployment_resource_pools + name: deployment_resource_pools + title: Deployment_resource_pools methods: - set_iam_policy: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deploymentResourcePools~1{deploymentResourcePoolsId}/patch response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deploymentResourcePools~1{deploymentResourcePoolsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deploymentResourcePools~1{deploymentResourcePoolsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + query_deployed_models: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deploymentResourcePools~1{deploymentResourcePoolsId}:queryDeployedModels/get + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deploymentResourcePools/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.deploymentResourcePools + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deploymentResourcePools/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/feature_groups_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: + #/components/x-stackQL-resources/deployment_resource_pools/methods/get - $ref: >- - #/components/x-stackQL-resources/feature_groups_iam_policies/methods/set_iam_policy - delete: [] - feature_groups: - id: google.aiplatform.feature_groups - name: feature_groups - title: Feature_groups + #/components/x-stackQL-resources/deployment_resource_pools/methods/query_deployed_models + - $ref: >- + #/components/x-stackQL-resources/deployment_resource_pools/methods/list + insert: + - $ref: >- + #/components/x-stackQL-resources/deployment_resource_pools/methods/create + update: + - $ref: >- + #/components/x-stackQL-resources/deployment_resource_pools/methods/patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/deployment_resource_pools/methods/delete + persistent_resources: + id: google.aiplatform.persistent_resources + name: persistent_resources + title: Persistent_resources methods: - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1persistentResources~1{persistentResourcesId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1persistentResources~1{persistentResourcesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.featureGroups - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1persistentResources~1{persistentResourcesId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + reboot: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1persistentResources~1{persistentResourcesId}:reboot/post response: mediaType: application/json openAPIDocKey: '200' - delete: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1persistentResources/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1persistentResources/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.persistentResources sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/feature_groups/methods/get' - - $ref: '#/components/x-stackQL-resources/feature_groups/methods/list' + - $ref: '#/components/x-stackQL-resources/persistent_resources/methods/get' + - $ref: '#/components/x-stackQL-resources/persistent_resources/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/feature_groups/methods/create' + - $ref: >- + #/components/x-stackQL-resources/persistent_resources/methods/create update: - - $ref: '#/components/x-stackQL-resources/feature_groups/methods/patch' + - $ref: >- + #/components/x-stackQL-resources/persistent_resources/methods/patch replace: [] delete: - - $ref: '#/components/x-stackQL-resources/feature_groups/methods/delete' - feature_group_operations: - id: google.aiplatform.feature_group_operations - name: feature_group_operations - title: Feature_group_operations + - $ref: >- + #/components/x-stackQL-resources/persistent_resources/methods/delete + migratable_resources: + id: google.aiplatform.migratable_resources + name: migratable_resources + title: Migratable_resources methods: - list_wait: + search: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}~1features~1{featuresId}~1operations~1{operationsId}:wait/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1migratableResources:search/post + response: + mediaType: application/json + openAPIDocKey: '200' + batch_migrate: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1migratableResources:batchMigrate/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/feature_group_operations/methods/list_wait + select: [] insert: [] update: [] replace: [] delete: [] - data_items: - id: google.aiplatform.data_items - name: data_items - title: Data_items + endpoints_predict_operation: + id: google.aiplatform.endpoints_predict_operation + name: endpoints_predict_operation + title: Endpoints_predict_operation methods: - list: + fetch_predict_operation: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dataItems/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:fetchPredictOperation/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.dataItems sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/data_items/methods/list' + - $ref: >- + #/components/x-stackQL-resources/endpoints_predict_operation/methods/fetch_predict_operation insert: [] update: [] replace: [] delete: [] - annotations: - id: google.aiplatform.annotations - name: annotations - title: Annotations + science: + id: google.aiplatform.science + name: science + title: Science methods: - list: + inference: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dataItems~1{dataItemsId}~1annotations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1google~1science~1inference/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.annotations sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/annotations/methods/list' + select: [] insert: [] update: [] replace: [] delete: [] - saved_queries: - id: google.aiplatform.saved_queries - name: saved_queries - title: Saved_queries + invoke: + id: google.aiplatform.invoke + name: invoke + title: Invoke methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1savedQueries/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.savedQueries - delete: + invoke: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1savedQueries~1{savedQueriesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}~1invoke~1{invokeId}/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/saved_queries/methods/list' + select: [] insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/saved_queries/methods/delete' - annotation_specs: - id: google.aiplatform.annotation_specs - name: annotation_specs - title: Annotation_specs + delete: [] + openapi: + id: google.aiplatform.openapi + name: openapi + title: Openapi methods: - get: + embeddings: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1annotationSpecs~1{annotationSpecsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1openapi~1embeddings/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/annotation_specs/methods/get' + select: [] insert: [] update: [] replace: [] delete: [] - deployment_resource_pools: - id: google.aiplatform.deployment_resource_pools - name: deployment_resource_pools - title: Deployment_resource_pools + evaluation_items: + id: google.aiplatform.evaluation_items + name: evaluation_items + title: Evaluation_items methods: - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deploymentResourcePools/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluationItems~1{evaluationItemsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluationItems~1{evaluationItemsId}/get response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deploymentResourcePools/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluationItems/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.deploymentResourcePools - get: + objectKey: $.evaluationItems + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deploymentResourcePools~1{deploymentResourcePoolsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluationItems/post response: mediaType: application/json openAPIDocKey: '200' - patch: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/evaluation_items/methods/get' + - $ref: '#/components/x-stackQL-resources/evaluation_items/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/evaluation_items/methods/create' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/evaluation_items/methods/delete' + evaluation_sets: + id: google.aiplatform.evaluation_sets + name: evaluation_sets + title: Evaluation_sets + methods: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deploymentResourcePools~1{deploymentResourcePoolsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluationSets/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.evaluationSets + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluationSets/post response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deploymentResourcePools~1{deploymentResourcePoolsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluationSets~1{evaluationSetsId}/delete response: mediaType: application/json openAPIDocKey: '200' - query_deployed_models: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deploymentResourcePools~1{deploymentResourcePoolsId}:queryDeployedModels/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluationSets~1{evaluationSetsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluationSets~1{evaluationSetsId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/deployment_resource_pools/methods/get - - $ref: >- - #/components/x-stackQL-resources/deployment_resource_pools/methods/query_deployed_models - - $ref: >- - #/components/x-stackQL-resources/deployment_resource_pools/methods/list + - $ref: '#/components/x-stackQL-resources/evaluation_sets/methods/get' + - $ref: '#/components/x-stackQL-resources/evaluation_sets/methods/list' insert: - - $ref: >- - #/components/x-stackQL-resources/deployment_resource_pools/methods/create + - $ref: '#/components/x-stackQL-resources/evaluation_sets/methods/create' update: - - $ref: >- - #/components/x-stackQL-resources/deployment_resource_pools/methods/patch + - $ref: '#/components/x-stackQL-resources/evaluation_sets/methods/patch' replace: [] delete: - - $ref: >- - #/components/x-stackQL-resources/deployment_resource_pools/methods/delete - endpoints: - id: google.aiplatform.endpoints - name: endpoints - title: Endpoints + - $ref: '#/components/x-stackQL-resources/evaluation_sets/methods/delete' + cached_contents: + id: google.aiplatform.cached_contents + name: cached_contents + title: Cached_contents methods: - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cachedContents/get response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.cachedContents + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cachedContents/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.endpoints get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cachedContents~1{cachedContentsId}/get response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cachedContents~1{cachedContentsId}/patch response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cachedContents~1{cachedContentsId}/delete response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/cached_contents/methods/get' + - $ref: '#/components/x-stackQL-resources/cached_contents/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/cached_contents/methods/create' update: + - $ref: '#/components/x-stackQL-resources/cached_contents/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/cached_contents/methods/delete' + custom_jobs: + id: google.aiplatform.custom_jobs + name: custom_jobs + title: Custom_jobs + methods: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:update/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customJobs/post response: mediaType: application/json openAPIDocKey: '200' - deploy_model: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:deployModel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customJobs/get response: mediaType: application/json openAPIDocKey: '200' - undeploy_model: + objectKey: $.customJobs + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:undeployModel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customJobs~1{customJobsId}/delete response: mediaType: application/json openAPIDocKey: '200' - mutate_deployed_model: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:mutateDeployedModel/post - response: - mediaType: application/json - openAPIDocKey: '200' - predict: - operation: - $ref: '#/paths/~1v1~1endpoints~1{endpointsId}:predict/post' + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customJobs~1{customJobsId}/get response: mediaType: application/json openAPIDocKey: '200' - raw_predict: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:rawPredict/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customJobs~1{customJobsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - stream_raw_predict: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/custom_jobs/methods/get' + - $ref: '#/components/x-stackQL-resources/custom_jobs/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/custom_jobs/methods/create' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/custom_jobs/methods/delete' + tuning_jobs: + id: google.aiplatform.tuning_jobs + name: tuning_jobs + title: Tuning_jobs + methods: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:streamRawPredict/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tuningJobs~1{tuningJobsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - direct_predict: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:directPredict/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tuningJobs/get response: mediaType: application/json openAPIDocKey: '200' - direct_raw_predict: + objectKey: $.tuningJobs + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:directRawPredict/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tuningJobs/post response: mediaType: application/json openAPIDocKey: '200' - server_streaming_predict: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:serverStreamingPredict/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tuningJobs~1{tuningJobsId}/get response: mediaType: application/json openAPIDocKey: '200' - predict_long_running: + rebase_tuned_model: operation: - $ref: '#/paths/~1v1~1endpoints~1{endpointsId}:predictLongRunning/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tuningJobs:rebaseTunedModel/post response: mediaType: application/json openAPIDocKey: '200' - explain: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/tuning_jobs/methods/get' + - $ref: '#/components/x-stackQL-resources/tuning_jobs/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/tuning_jobs/methods/create' + update: [] + replace: [] + delete: [] + datasets_iam_policies: + id: google.aiplatform.datasets_iam_policies + name: datasets_iam_policies + title: Datasets_iam_policies + methods: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:explain/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - generate_content: + test_iam_permissions: operation: - $ref: '#/paths/~1v1~1endpoints~1{endpointsId}:generateContent/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - stream_generate_content: + get_iam_policy: operation: - $ref: '#/paths/~1v1~1endpoints~1{endpointsId}:streamGenerateContent/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - count_tokens: + objectKey: $.bindings + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/datasets_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/datasets_iam_policies/methods/set_iam_policy + delete: [] + saved_queries: + id: google.aiplatform.saved_queries + name: saved_queries + title: Saved_queries + methods: + list: operation: - $ref: '#/paths/~1v1~1endpoints~1{endpointsId}:countTokens/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1savedQueries/get response: mediaType: application/json openAPIDocKey: '200' - compute_tokens: + objectKey: $.savedQueries + delete: operation: - $ref: '#/paths/~1v1~1endpoints~1{endpointsId}:computeTokens/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1savedQueries~1{savedQueriesId}/delete response: mediaType: application/json openAPIDocKey: '200' - fetch_predict_operation: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/saved_queries/methods/list' + insert: [] + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/saved_queries/methods/delete' + data_items: + id: google.aiplatform.data_items + name: data_items + title: Data_items + methods: + list: operation: - $ref: '#/paths/~1v1~1endpoints~1{endpointsId}:fetchPredictOperation/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dataItems/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.dataItems sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/endpoints/methods/get' - - $ref: '#/components/x-stackQL-resources/endpoints/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/endpoints/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/endpoints/methods/patch' - - $ref: '#/components/x-stackQL-resources/endpoints/methods/update' + - $ref: '#/components/x-stackQL-resources/data_items/methods/list' + insert: [] + update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/endpoints/methods/delete' - endpoints_predict_operation: - id: google.aiplatform.endpoints_predict_operation - name: endpoints_predict_operation - title: Endpoints_predict_operation + delete: [] + annotations: + id: google.aiplatform.annotations + name: annotations + title: Annotations methods: - fetch_predict_operation: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}:fetchPredictOperation/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dataItems~1{dataItemsId}~1annotations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.annotations sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/endpoints_predict_operation/methods/fetch_predict_operation + - $ref: '#/components/x-stackQL-resources/annotations/methods/list' insert: [] update: [] replace: [] delete: [] - chat: - id: google.aiplatform.chat - name: chat - title: Chat + annotation_specs: + id: google.aiplatform.annotation_specs + name: annotation_specs + title: Annotation_specs methods: - completions: + get: operation: - $ref: '#/paths/~1v1~1endpoints~1{endpointsId}~1chat~1completions/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1annotationSpecs~1{annotationSpecsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] + select: + - $ref: '#/components/x-stackQL-resources/annotation_specs/methods/get' insert: [] update: [] replace: [] delete: [] - cached_contents: - id: google.aiplatform.cached_contents - name: cached_contents - title: Cached_contents + data_labeling_jobs: + id: google.aiplatform.data_labeling_jobs + name: data_labeling_jobs + title: Data_labeling_jobs methods: create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cachedContents/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataLabelingJobs/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cachedContents/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataLabelingJobs/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.cachedContents + objectKey: $.dataLabelingJobs get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cachedContents~1{cachedContentsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataLabelingJobs~1{dataLabelingJobsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cachedContents~1{cachedContentsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataLabelingJobs~1{dataLabelingJobsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cachedContents~1{cachedContentsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataLabelingJobs~1{dataLabelingJobsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/cached_contents/methods/get' - - $ref: '#/components/x-stackQL-resources/cached_contents/methods/list' + - $ref: '#/components/x-stackQL-resources/data_labeling_jobs/methods/get' + - $ref: '#/components/x-stackQL-resources/data_labeling_jobs/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/cached_contents/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/cached_contents/methods/patch' + - $ref: '#/components/x-stackQL-resources/data_labeling_jobs/methods/create' + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/cached_contents/methods/delete' - tuning_jobs: - id: google.aiplatform.tuning_jobs - name: tuning_jobs - title: Tuning_jobs + - $ref: '#/components/x-stackQL-resources/data_labeling_jobs/methods/delete' + models_predict_operation: + id: google.aiplatform.models_predict_operation + name: models_predict_operation + title: Models_predict_operation methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tuningJobs/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tuningJobs/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.tuningJobs - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tuningJobs~1{tuningJobsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - cancel: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tuningJobs~1{tuningJobsId}:cancel/post - response: - mediaType: application/json - openAPIDocKey: '200' - rebase_tuned_model: + fetch_predict_operation: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tuningJobs:rebaseTunedModel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1publishers~1{publishersId}~1models~1{modelsId}:fetchPredictOperation/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/tuning_jobs/methods/get' - - $ref: '#/components/x-stackQL-resources/tuning_jobs/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/tuning_jobs/methods/create' + - $ref: >- + #/components/x-stackQL-resources/models_predict_operation/methods/fetch_predict_operation + insert: [] update: [] replace: [] delete: [] @@ -32355,21 +35942,20 @@ components: name: indexes title: Indexes methods: - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexes/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexes~1{indexesId}/patch response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexes/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexes~1{indexesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.indexes get: operation: $ref: >- @@ -32377,31 +35963,32 @@ components: response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexes~1{indexesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexes/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexes~1{indexesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexes/get response: mediaType: application/json openAPIDocKey: '200' - upsert_datapoints: + objectKey: $.indexes + remove_datapoints: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexes~1{indexesId}:upsertDatapoints/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexes~1{indexesId}:removeDatapoints/post response: mediaType: application/json openAPIDocKey: '200' - remove_datapoints: + upsert_datapoints: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexes~1{indexesId}:removeDatapoints/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexes~1{indexesId}:upsertDatapoints/post response: mediaType: application/json openAPIDocKey: '200' @@ -32416,590 +36003,735 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/indexes/methods/delete' - index_endpoints: - id: google.aiplatform.index_endpoints - name: index_endpoints - title: Index_endpoints + notebook_runtimes: + id: google.aiplatform.notebook_runtimes + name: notebook_runtimes + title: Notebook_runtimes methods: - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimes~1{notebookRuntimesId}/get response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimes~1{notebookRuntimesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.indexEndpoints - get: + stop: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints~1{indexEndpointsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimes~1{notebookRuntimesId}:stop/post response: mediaType: application/json openAPIDocKey: '200' - patch: + start: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints~1{indexEndpointsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimes~1{notebookRuntimesId}:start/post + response: + mediaType: application/json + openAPIDocKey: '200' + upgrade: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimes~1{notebookRuntimesId}:upgrade/post + response: + mediaType: application/json + openAPIDocKey: '200' + assign: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimes:assign/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimes/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.notebookRuntimes + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/notebook_runtimes/methods/get' + - $ref: '#/components/x-stackQL-resources/notebook_runtimes/methods/list' + insert: [] + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/notebook_runtimes/methods/delete' + schedules: + id: google.aiplatform.schedules + name: schedules + title: Schedules + methods: delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints~1{indexEndpointsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schedules~1{schedulesId}/delete response: mediaType: application/json openAPIDocKey: '200' - deploy_index: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints~1{indexEndpointsId}:deployIndex/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schedules~1{schedulesId}/patch response: mediaType: application/json openAPIDocKey: '200' - undeploy_index: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints~1{indexEndpointsId}:undeployIndex/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schedules~1{schedulesId}/get response: mediaType: application/json openAPIDocKey: '200' - mutate_deployed_index: + pause: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints~1{indexEndpointsId}:mutateDeployedIndex/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schedules~1{schedulesId}:pause/post response: mediaType: application/json openAPIDocKey: '200' - find_neighbors: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints~1{indexEndpointsId}:findNeighbors/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schedules/get response: mediaType: application/json openAPIDocKey: '200' - read_index_datapoints: + objectKey: $.schedules + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1indexEndpoints~1{indexEndpointsId}:readIndexDatapoints/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schedules/post + response: + mediaType: application/json + openAPIDocKey: '200' + resume: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schedules~1{schedulesId}:resume/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/index_endpoints/methods/get' - - $ref: '#/components/x-stackQL-resources/index_endpoints/methods/list' + - $ref: '#/components/x-stackQL-resources/schedules/methods/get' + - $ref: '#/components/x-stackQL-resources/schedules/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/index_endpoints/methods/create' + - $ref: '#/components/x-stackQL-resources/schedules/methods/create' update: - - $ref: '#/components/x-stackQL-resources/index_endpoints/methods/patch' + - $ref: '#/components/x-stackQL-resources/schedules/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/index_endpoints/methods/delete' - custom_jobs: - id: google.aiplatform.custom_jobs - name: custom_jobs - title: Custom_jobs + - $ref: '#/components/x-stackQL-resources/schedules/methods/delete' + studies: + id: google.aiplatform.studies + name: studies + title: Studies methods: - create: + lookup: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customJobs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies:lookup/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customJobs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.customJobs - get: + objectKey: $.studies + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customJobs~1{customJobsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies/post response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customJobs~1{customJobsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}/get response: mediaType: application/json openAPIDocKey: '200' - cancel: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customJobs~1{customJobsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/custom_jobs/methods/get' - - $ref: '#/components/x-stackQL-resources/custom_jobs/methods/list' + - $ref: '#/components/x-stackQL-resources/studies/methods/get' + - $ref: '#/components/x-stackQL-resources/studies/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/custom_jobs/methods/create' + - $ref: '#/components/x-stackQL-resources/studies/methods/create' update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/custom_jobs/methods/delete' - data_labeling_jobs: - id: google.aiplatform.data_labeling_jobs - name: data_labeling_jobs - title: Data_labeling_jobs + - $ref: '#/components/x-stackQL-resources/studies/methods/delete' + trials: + id: google.aiplatform.trials + name: trials + title: Trials methods: - create: + add_trial_measurement: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataLabelingJobs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials~1{trialsId}:addTrialMeasurement/post response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataLabelingJobs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials~1{trialsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.dataLabelingJobs get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataLabelingJobs~1{dataLabelingJobsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials~1{trialsId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataLabelingJobs~1{dataLabelingJobsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials/get response: mediaType: application/json openAPIDocKey: '200' - cancel: + objectKey: $.trials + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataLabelingJobs~1{dataLabelingJobsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials/post + response: + mediaType: application/json + openAPIDocKey: '200' + check_trial_early_stopping_state: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials~1{trialsId}:checkTrialEarlyStoppingState/post + response: + mediaType: application/json + openAPIDocKey: '200' + stop: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials~1{trialsId}:stop/post + response: + mediaType: application/json + openAPIDocKey: '200' + complete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials~1{trialsId}:complete/post + response: + mediaType: application/json + openAPIDocKey: '200' + suggest: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials:suggest/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/data_labeling_jobs/methods/get' - - $ref: '#/components/x-stackQL-resources/data_labeling_jobs/methods/list' + - $ref: '#/components/x-stackQL-resources/trials/methods/get' + - $ref: '#/components/x-stackQL-resources/trials/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/data_labeling_jobs/methods/create' + - $ref: '#/components/x-stackQL-resources/trials/methods/create' update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/data_labeling_jobs/methods/delete' - hyperparameter_tuning_jobs: - id: google.aiplatform.hyperparameter_tuning_jobs - name: hyperparameter_tuning_jobs - title: Hyperparameter_tuning_jobs + - $ref: '#/components/x-stackQL-resources/trials/methods/delete' + optimal_trials: + id: google.aiplatform.optimal_trials + name: optimal_trials + title: Optimal_trials methods: - create: + list_optimal_trials: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1hyperparameterTuningJobs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials:listOptimalTrials/post response: mediaType: application/json openAPIDocKey: '200' - list: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/optimal_trials/methods/list_optimal_trials + insert: [] + update: [] + replace: [] + delete: [] + models_iam_policies: + id: google.aiplatform.models_iam_policies + name: models_iam_policies + title: Models_iam_policies + methods: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1hyperparameterTuningJobs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.hyperparameterTuningJobs - get: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1hyperparameterTuningJobs~1{hyperparameterTuningJobsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.bindings + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1hyperparameterTuningJobs~1{hyperparameterTuningJobsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - cancel: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/models_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/models_iam_policies/methods/set_iam_policy + delete: [] + model_versions: + id: google.aiplatform.model_versions + name: model_versions + title: Model_versions + methods: + delete_version: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1hyperparameterTuningJobs~1{hyperparameterTuningJobsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:deleteVersion/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/hyperparameter_tuning_jobs/methods/get - - $ref: >- - #/components/x-stackQL-resources/hyperparameter_tuning_jobs/methods/list - insert: - - $ref: >- - #/components/x-stackQL-resources/hyperparameter_tuning_jobs/methods/create + select: [] + insert: [] update: [] replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/hyperparameter_tuning_jobs/methods/delete - nas_jobs: - id: google.aiplatform.nas_jobs - name: nas_jobs - title: Nas_jobs + #/components/x-stackQL-resources/model_versions/methods/delete_version + models_checkpoints: + id: google.aiplatform.models_checkpoints + name: models_checkpoints + title: Models_checkpoints methods: - create: + list_checkpoints: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:listCheckpoints/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.checkpoints + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/models_checkpoints/methods/list_checkpoints + insert: [] + update: [] + replace: [] + delete: [] + models_versions: + id: google.aiplatform.models_versions + name: models_versions + title: Models_versions + methods: + list_versions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nasJobs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}:listVersions/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.models + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/models_versions/methods/list_versions + insert: [] + update: [] + replace: [] + delete: [] + slices: + id: google.aiplatform.slices + name: slices + title: Slices + methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nasJobs/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.nasJobs - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nasJobs~1{nasJobsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}~1evaluations~1{evaluationsId}~1slices/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.modelEvaluationSlices + batch_import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nasJobs~1{nasJobsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}~1evaluations~1{evaluationsId}~1slices~1{slicesId}:batchImport/post response: mediaType: application/json openAPIDocKey: '200' - cancel: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nasJobs~1{nasJobsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}~1evaluations~1{evaluationsId}~1slices~1{slicesId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/nas_jobs/methods/get' - - $ref: '#/components/x-stackQL-resources/nas_jobs/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/nas_jobs/methods/create' + - $ref: '#/components/x-stackQL-resources/slices/methods/get' + - $ref: '#/components/x-stackQL-resources/slices/methods/list' + insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/nas_jobs/methods/delete' - nas_trial_details: - id: google.aiplatform.nas_trial_details - name: nas_trial_details - title: Nas_trial_details + delete: [] + evaluations: + id: google.aiplatform.evaluations + name: evaluations + title: Evaluations methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}~1evaluations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.modelEvaluations get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nasJobs~1{nasJobsId}~1nasTrialDetails~1{nasTrialDetailsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}~1evaluations~1{evaluationsId}/get response: mediaType: application/json openAPIDocKey: '200' - list: + import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nasJobs~1{nasJobsId}~1nasTrialDetails/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1models~1{modelsId}~1evaluations:import/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.nasTrialDetails sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/nas_trial_details/methods/get' - - $ref: '#/components/x-stackQL-resources/nas_trial_details/methods/list' + - $ref: '#/components/x-stackQL-resources/evaluations/methods/get' + - $ref: '#/components/x-stackQL-resources/evaluations/methods/list' insert: [] update: [] replace: [] delete: [] - batch_prediction_jobs: - id: google.aiplatform.batch_prediction_jobs - name: batch_prediction_jobs - title: Batch_prediction_jobs + experiments: + id: google.aiplatform.experiments + name: experiments + title: Experiments methods: create: operation: - $ref: '#/paths/~1v1~1batchPredictionJobs/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments/post response: mediaType: application/json openAPIDocKey: '200' list: operation: - $ref: '#/paths/~1v1~1batchPredictionJobs/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.tensorboardExperiments + batch_create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}:batchCreate/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.batchPredictionJobs get: operation: - $ref: '#/paths/~1v1~1batchPredictionJobs~1{batchPredictionJobsId}/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}/patch response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batchPredictionJobs~1{batchPredictionJobsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - cancel: + write: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batchPredictionJobs~1{batchPredictionJobsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}:write/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/batch_prediction_jobs/methods/get' - - $ref: >- - #/components/x-stackQL-resources/batch_prediction_jobs/methods/list + - $ref: '#/components/x-stackQL-resources/experiments/methods/get' + - $ref: '#/components/x-stackQL-resources/experiments/methods/list' insert: - - $ref: >- - #/components/x-stackQL-resources/batch_prediction_jobs/methods/create - update: [] + - $ref: '#/components/x-stackQL-resources/experiments/methods/batch_create' + - $ref: '#/components/x-stackQL-resources/experiments/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/experiments/methods/patch' replace: [] delete: - - $ref: >- - #/components/x-stackQL-resources/batch_prediction_jobs/methods/delete - model_deployment_monitoring_jobs: - id: google.aiplatform.model_deployment_monitoring_jobs - name: model_deployment_monitoring_jobs - title: Model_deployment_monitoring_jobs + - $ref: '#/components/x-stackQL-resources/experiments/methods/delete' + runs: + id: google.aiplatform.runs + name: runs + title: Runs methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1modelDeploymentMonitoringJobs/post - response: - mediaType: application/json - openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1modelDeploymentMonitoringJobs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.modelDeploymentMonitoringJobs - search_model_deployment_monitoring_stats_anomalies: + objectKey: $.tensorboardRuns + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1modelDeploymentMonitoringJobs~1{modelDeploymentMonitoringJobsId}:searchModelDeploymentMonitoringStatsAnomalies/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs/post response: mediaType: application/json openAPIDocKey: '200' - get: + batch_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1modelDeploymentMonitoringJobs~1{modelDeploymentMonitoringJobsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs:batchCreate/post response: mediaType: application/json openAPIDocKey: '200' - patch: + write: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1modelDeploymentMonitoringJobs~1{modelDeploymentMonitoringJobsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}:write/post response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1modelDeploymentMonitoringJobs~1{modelDeploymentMonitoringJobsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}/delete response: mediaType: application/json openAPIDocKey: '200' - pause: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1modelDeploymentMonitoringJobs~1{modelDeploymentMonitoringJobsId}:pause/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}/get response: mediaType: application/json openAPIDocKey: '200' - resume: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1modelDeploymentMonitoringJobs~1{modelDeploymentMonitoringJobsId}:resume/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/model_deployment_monitoring_jobs/methods/get - - $ref: >- - #/components/x-stackQL-resources/model_deployment_monitoring_jobs/methods/list + - $ref: '#/components/x-stackQL-resources/runs/methods/get' + - $ref: '#/components/x-stackQL-resources/runs/methods/list' insert: - - $ref: >- - #/components/x-stackQL-resources/model_deployment_monitoring_jobs/methods/create + - $ref: '#/components/x-stackQL-resources/runs/methods/create' + - $ref: '#/components/x-stackQL-resources/runs/methods/batch_create' update: - - $ref: >- - #/components/x-stackQL-resources/model_deployment_monitoring_jobs/methods/patch + - $ref: '#/components/x-stackQL-resources/runs/methods/patch' replace: [] delete: - - $ref: >- - #/components/x-stackQL-resources/model_deployment_monitoring_jobs/methods/delete - models_predict_operation: - id: google.aiplatform.models_predict_operation - name: models_predict_operation - title: Models_predict_operation + - $ref: '#/components/x-stackQL-resources/runs/methods/delete' + time_series: + id: google.aiplatform.time_series + name: time_series + title: Time_series methods: - fetch_predict_operation: + export_tensorboard_time_series: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1publishers~1{publishersId}~1models~1{modelsId}:fetchPredictOperation/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}~1timeSeries~1{timeSeriesId}:exportTensorboardTimeSeries/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/models_predict_operation/methods/fetch_predict_operation - insert: [] - update: [] - replace: [] - delete: [] - metadata_stores: - id: google.aiplatform.metadata_stores - name: metadata_stores - title: Metadata_stores - methods: - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}~1timeSeries~1{timeSeriesId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}~1timeSeries~1{timeSeriesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.metadataStores - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}~1timeSeries~1{timeSeriesId}/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + read: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}~1timeSeries~1{timeSeriesId}:read/get + response: + mediaType: application/json + openAPIDocKey: '200' + read_blob_data: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}~1timeSeries~1{timeSeriesId}:readBlobData/get + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}~1timeSeries/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.tensorboardTimeSeries + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}~1timeSeries/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/metadata_stores/methods/get' - - $ref: '#/components/x-stackQL-resources/metadata_stores/methods/list' + - $ref: '#/components/x-stackQL-resources/time_series/methods/get' + - $ref: '#/components/x-stackQL-resources/time_series/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/metadata_stores/methods/create' - update: [] + - $ref: '#/components/x-stackQL-resources/time_series/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/time_series/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/metadata_stores/methods/delete' - artifacts: - id: google.aiplatform.artifacts - name: artifacts - title: Artifacts + - $ref: '#/components/x-stackQL-resources/time_series/methods/delete' + tensorboards: + id: google.aiplatform.tensorboards + name: tensorboards + title: Tensorboards methods: - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1artifacts/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1artifacts/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.artifacts - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1artifacts~1{artifactsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1artifacts~1{artifactsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1artifacts~1{artifactsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards/get response: mediaType: application/json openAPIDocKey: '200' - purge: + objectKey: $.tensorboards + batch_read: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1artifacts:purge/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}:batchRead/get response: mediaType: application/json openAPIDocKey: '200' - query_artifact_lineage_subgraph: + read_usage: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1artifacts~1{artifactsId}:queryArtifactLineageSubgraph/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}:readUsage/get + response: + mediaType: application/json + openAPIDocKey: '200' + read_size: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}:readSize/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/artifacts/methods/get' - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/query_artifact_lineage_subgraph - - $ref: '#/components/x-stackQL-resources/artifacts/methods/list' + - $ref: '#/components/x-stackQL-resources/tensorboards/methods/get' + - $ref: '#/components/x-stackQL-resources/tensorboards/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/artifacts/methods/create' + - $ref: '#/components/x-stackQL-resources/tensorboards/methods/create' update: - - $ref: '#/components/x-stackQL-resources/artifacts/methods/patch' + - $ref: '#/components/x-stackQL-resources/tensorboards/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/artifacts/methods/delete' + - $ref: '#/components/x-stackQL-resources/tensorboards/methods/delete' context_lineage_subgraph: id: google.aiplatform.context_lineage_subgraph name: context_lineage_subgraph @@ -33020,26 +36752,47 @@ components: update: [] replace: [] delete: [] - executions: - id: google.aiplatform.executions - name: executions - title: Executions + metadata_schemas: + id: google.aiplatform.metadata_schemas + name: metadata_schemas + title: Metadata_schemas methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1metadataSchemas/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.metadataSchemas create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1executions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1metadataSchemas/post response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1executions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1metadataSchemas~1{metadataSchemasId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.executions + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/metadata_schemas/methods/get' + - $ref: '#/components/x-stackQL-resources/metadata_schemas/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/metadata_schemas/methods/create' + update: [] + replace: [] + delete: [] + executions: + id: google.aiplatform.executions + name: executions + title: Executions + methods: get: operation: $ref: >- @@ -33061,6 +36814,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + add_execution_events: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1executions~1{executionsId}:addExecutionEvents/post + response: + mediaType: application/json + openAPIDocKey: '200' purge: operation: $ref: >- @@ -33068,10 +36828,18 @@ components: response: mediaType: application/json openAPIDocKey: '200' - add_execution_events: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1executions~1{executionsId}:addExecutionEvents/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1executions/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.executions + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1executions/post response: mediaType: application/json openAPIDocKey: '200' @@ -33106,1142 +36874,12111 @@ components: update: [] replace: [] delete: [] - metadata_schemas: - id: google.aiplatform.metadata_schemas - name: metadata_schemas - title: Metadata_schemas + artifacts: + id: google.aiplatform.artifacts + name: artifacts + title: Artifacts methods: - create: + purge: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1metadataSchemas/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1artifacts:purge/post response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1metadataSchemas/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1artifacts~1{artifactsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.metadataSchemas - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1metadataSchemas~1{metadataSchemasId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1artifacts~1{artifactsId}/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/metadata_schemas/methods/get' - - $ref: '#/components/x-stackQL-resources/metadata_schemas/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/metadata_schemas/methods/create' - update: [] - replace: [] - delete: [] - migratable_resources: - id: google.aiplatform.migratable_resources - name: migratable_resources - title: Migratable_resources - methods: - search: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1migratableResources:search/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1artifacts~1{artifactsId}/patch response: mediaType: application/json openAPIDocKey: '200' - batch_migrate: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1migratableResources:batchMigrate/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1artifacts/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - notebook_runtimes: - id: google.aiplatform.notebook_runtimes - name: notebook_runtimes - title: Notebook_runtimes - methods: - assign: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimes:assign/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1artifacts/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.artifacts + query_artifact_lineage_subgraph: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}~1artifacts~1{artifactsId}:queryArtifactLineageSubgraph/get response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/artifacts/methods/get' + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/query_artifact_lineage_subgraph + - $ref: '#/components/x-stackQL-resources/artifacts/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/artifacts/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/artifacts/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/artifacts/methods/delete' + metadata_stores: + id: google.aiplatform.metadata_stores + name: metadata_stores + title: Metadata_stores + methods: get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimes~1{notebookRuntimesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}/get response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimes~1{notebookRuntimesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores~1{metadataStoresId}/delete response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimes/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.notebookRuntimes - upgrade: + objectKey: $.metadataStores + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimes~1{notebookRuntimesId}:upgrade/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1metadataStores/post response: mediaType: application/json openAPIDocKey: '200' - start: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/metadata_stores/methods/get' + - $ref: '#/components/x-stackQL-resources/metadata_stores/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/metadata_stores/methods/create' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/metadata_stores/methods/delete' + entity_types: + id: google.aiplatform.entity_types + name: entity_types + title: Entity_types + methods: + read_feature_values: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimes~1{notebookRuntimesId}:start/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:readFeatureValues/post response: mediaType: application/json openAPIDocKey: '200' - stop: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimes~1{notebookRuntimesId}:stop/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/notebook_runtimes/methods/get' - - $ref: '#/components/x-stackQL-resources/notebook_runtimes/methods/list' - insert: [] - update: [] - replace: [] delete: - - $ref: '#/components/x-stackQL-resources/notebook_runtimes/methods/delete' - notebook_execution_jobs: - id: google.aiplatform.notebook_execution_jobs - name: notebook_execution_jobs - title: Notebook_execution_jobs - methods: - create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookExecutionJobs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete_feature_values: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:deleteFeatureValues/post response: mediaType: application/json openAPIDocKey: '200' - list: + import_feature_values: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookExecutionJobs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:importFeatureValues/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.notebookExecutionJobs - get: + write_feature_values: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookExecutionJobs~1{notebookExecutionJobsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:writeFeatureValues/post response: mediaType: application/json openAPIDocKey: '200' - delete: + streaming_read_feature_values: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookExecutionJobs~1{notebookExecutionJobsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:streamingReadFeatureValues/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/notebook_execution_jobs/methods/get - - $ref: >- - #/components/x-stackQL-resources/notebook_execution_jobs/methods/list - insert: - - $ref: >- - #/components/x-stackQL-resources/notebook_execution_jobs/methods/create - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/notebook_execution_jobs/methods/delete - persistent_resources: - id: google.aiplatform.persistent_resources - name: persistent_resources - title: Persistent_resources - methods: create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1persistentResources/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1persistentResources/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.persistentResources - get: + objectKey: $.entityTypes + export_feature_values: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1persistentResources~1{persistentResourcesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:exportFeatureValues/post response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/entity_types/methods/get' + - $ref: '#/components/x-stackQL-resources/entity_types/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/entity_types/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/entity_types/methods/patch' + replace: [] delete: + - $ref: '#/components/x-stackQL-resources/entity_types/methods/delete' + entity_types_iam_policies: + id: google.aiplatform.entity_types_iam_policies + name: entity_types_iam_policies + title: Entity_types_iam_policies + methods: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1persistentResources~1{persistentResourcesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - patch: + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1persistentResources~1{persistentResourcesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - reboot: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1persistentResources~1{persistentResourcesId}:reboot/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}~1entityTypes~1{entityTypesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/persistent_resources/methods/get' - - $ref: '#/components/x-stackQL-resources/persistent_resources/methods/list' - insert: - - $ref: >- - #/components/x-stackQL-resources/persistent_resources/methods/create - update: - $ref: >- - #/components/x-stackQL-resources/persistent_resources/methods/patch - replace: [] - delete: + #/components/x-stackQL-resources/entity_types_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: - $ref: >- - #/components/x-stackQL-resources/persistent_resources/methods/delete - training_pipelines: - id: google.aiplatform.training_pipelines - name: training_pipelines - title: Training_pipelines + #/components/x-stackQL-resources/entity_types_iam_policies/methods/set_iam_policy + delete: [] + features: + id: google.aiplatform.features + name: features + title: Features methods: - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1trainingPipelines/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}~1features~1{featuresId}/get response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1trainingPipelines/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}~1features~1{featuresId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.trainingPipelines - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1trainingPipelines~1{trainingPipelinesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}~1features~1{featuresId}/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1trainingPipelines~1{trainingPipelinesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}~1features/post response: mediaType: application/json openAPIDocKey: '200' - cancel: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1trainingPipelines~1{trainingPipelinesId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}~1features/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.features + batch_create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}~1features:batchCreate/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/training_pipelines/methods/get' - - $ref: '#/components/x-stackQL-resources/training_pipelines/methods/list' + - $ref: '#/components/x-stackQL-resources/features/methods/get' + - $ref: '#/components/x-stackQL-resources/features/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/training_pipelines/methods/create' - update: [] + - $ref: '#/components/x-stackQL-resources/features/methods/create' + - $ref: '#/components/x-stackQL-resources/features/methods/batch_create' + update: + - $ref: '#/components/x-stackQL-resources/features/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/training_pipelines/methods/delete' - pipeline_jobs: - id: google.aiplatform.pipeline_jobs - name: pipeline_jobs - title: Pipeline_jobs + - $ref: '#/components/x-stackQL-resources/features/methods/delete' + featurestores: + id: google.aiplatform.featurestores + name: featurestores + title: Featurestores methods: create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1pipelineJobs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1pipelineJobs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.pipelineJobs + objectKey: $.featurestores get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1pipelineJobs~1{pipelineJobsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}/get response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1pipelineJobs~1{pipelineJobsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}/delete response: mediaType: application/json openAPIDocKey: '200' - batch_delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1pipelineJobs:batchDelete/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}/patch response: mediaType: application/json openAPIDocKey: '200' - cancel: + batch_read_feature_values: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1pipelineJobs~1{pipelineJobsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}:batchReadFeatureValues/post response: mediaType: application/json openAPIDocKey: '200' - batch_cancel: + search_features: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1pipelineJobs:batchCancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores:searchFeatures/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/pipeline_jobs/methods/get' - - $ref: '#/components/x-stackQL-resources/pipeline_jobs/methods/list' + - $ref: '#/components/x-stackQL-resources/featurestores/methods/get' + - $ref: '#/components/x-stackQL-resources/featurestores/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/pipeline_jobs/methods/create' - update: [] + - $ref: '#/components/x-stackQL-resources/featurestores/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/featurestores/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/pipeline_jobs/methods/delete' - - $ref: >- - #/components/x-stackQL-resources/pipeline_jobs/methods/batch_delete - reasoning_engines: - id: google.aiplatform.reasoning_engines - name: reasoning_engines - title: Reasoning_engines + - $ref: '#/components/x-stackQL-resources/featurestores/methods/delete' + featurestores_iam_policies: + id: google.aiplatform.featurestores_iam_policies + name: featurestores_iam_policies + title: Featurestores_iam_policies methods: - query: + test_iam_permissions: operation: - $ref: '#/paths/~1v1~1reasoningEngines~1{reasoningEnginesId}:query/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - stream_query: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1reasoningEngines~1{reasoningEnginesId}:streamQuery/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featurestores~1{featurestoresId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/featurestores_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/featurestores_iam_policies/methods/set_iam_policy + delete: [] + nas_jobs: + id: google.aiplatform.nas_jobs + name: nas_jobs + title: Nas_jobs + methods: create: operation: - $ref: '#/paths/~1v1~1reasoningEngines/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nasJobs/post response: mediaType: application/json openAPIDocKey: '200' list: operation: - $ref: '#/paths/~1v1~1reasoningEngines/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nasJobs/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.reasoningEngines - get: + objectKey: $.nasJobs + delete: operation: - $ref: '#/paths/~1v1~1reasoningEngines~1{reasoningEnginesId}/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nasJobs~1{nasJobsId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + get: operation: - $ref: '#/paths/~1v1~1reasoningEngines~1{reasoningEnginesId}/patch' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nasJobs~1{nasJobsId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: + cancel: operation: - $ref: '#/paths/~1v1~1reasoningEngines~1{reasoningEnginesId}/delete' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nasJobs~1{nasJobsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/reasoning_engines/methods/get' - - $ref: '#/components/x-stackQL-resources/reasoning_engines/methods/list' + - $ref: '#/components/x-stackQL-resources/nas_jobs/methods/get' + - $ref: '#/components/x-stackQL-resources/nas_jobs/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/reasoning_engines/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/reasoning_engines/methods/patch' + - $ref: '#/components/x-stackQL-resources/nas_jobs/methods/create' + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/reasoning_engines/methods/delete' - schedules: - id: google.aiplatform.schedules - name: schedules - title: Schedules + - $ref: '#/components/x-stackQL-resources/nas_jobs/methods/delete' + nas_trial_details: + id: google.aiplatform.nas_trial_details + name: nas_trial_details + title: Nas_trial_details methods: - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schedules/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nasJobs~1{nasJobsId}~1nasTrialDetails~1{nasTrialDetailsId}/get response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schedules/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.schedules - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schedules~1{schedulesId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schedules~1{schedulesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nasJobs~1{nasJobsId}~1nasTrialDetails/get response: mediaType: application/json openAPIDocKey: '200' - patch: + objectKey: $.nasTrialDetails + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/nas_trial_details/methods/get' + - $ref: '#/components/x-stackQL-resources/nas_trial_details/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + model_deployment_monitoring_jobs: + id: google.aiplatform.model_deployment_monitoring_jobs + name: model_deployment_monitoring_jobs + title: Model_deployment_monitoring_jobs + methods: + pause: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schedules~1{schedulesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1modelDeploymentMonitoringJobs~1{modelDeploymentMonitoringJobsId}:pause/post response: mediaType: application/json openAPIDocKey: '200' - pause: + resume: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schedules~1{schedulesId}:pause/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1modelDeploymentMonitoringJobs~1{modelDeploymentMonitoringJobsId}:resume/post response: mediaType: application/json openAPIDocKey: '200' - resume: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schedules~1{schedulesId}:resume/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1modelDeploymentMonitoringJobs~1{modelDeploymentMonitoringJobsId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/schedules/methods/get' - - $ref: '#/components/x-stackQL-resources/schedules/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/schedules/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/schedules/methods/patch' - replace: [] delete: - - $ref: '#/components/x-stackQL-resources/schedules/methods/delete' - specialist_pools: - id: google.aiplatform.specialist_pools - name: specialist_pools - title: Specialist_pools - methods: - create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1specialistPools/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1modelDeploymentMonitoringJobs~1{modelDeploymentMonitoringJobsId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1specialistPools/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1modelDeploymentMonitoringJobs~1{modelDeploymentMonitoringJobsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.specialistPools - get: + search_model_deployment_monitoring_stats_anomalies: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1specialistPools~1{specialistPoolsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1modelDeploymentMonitoringJobs~1{modelDeploymentMonitoringJobsId}:searchModelDeploymentMonitoringStatsAnomalies/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1specialistPools~1{specialistPoolsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1modelDeploymentMonitoringJobs/get response: mediaType: application/json openAPIDocKey: '200' - patch: + objectKey: $.modelDeploymentMonitoringJobs + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1specialistPools~1{specialistPoolsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1modelDeploymentMonitoringJobs/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/specialist_pools/methods/get' - - $ref: '#/components/x-stackQL-resources/specialist_pools/methods/list' + - $ref: >- + #/components/x-stackQL-resources/model_deployment_monitoring_jobs/methods/get + - $ref: >- + #/components/x-stackQL-resources/model_deployment_monitoring_jobs/methods/list insert: - - $ref: '#/components/x-stackQL-resources/specialist_pools/methods/create' + - $ref: >- + #/components/x-stackQL-resources/model_deployment_monitoring_jobs/methods/create update: - - $ref: '#/components/x-stackQL-resources/specialist_pools/methods/patch' + - $ref: >- + #/components/x-stackQL-resources/model_deployment_monitoring_jobs/methods/patch replace: [] delete: - - $ref: '#/components/x-stackQL-resources/specialist_pools/methods/delete' - tensorboards: - id: google.aiplatform.tensorboards - name: tensorboards - title: Tensorboards + - $ref: >- + #/components/x-stackQL-resources/model_deployment_monitoring_jobs/methods/delete + notebook_runtime_templates_iam_policies: + id: google.aiplatform.notebook_runtime_templates_iam_policies + name: notebook_runtime_templates_iam_policies + title: Notebook_runtime_templates_iam_policies methods: - create: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimeTemplates~1{notebookRuntimeTemplatesId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.bindings + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimeTemplates~1{notebookRuntimeTemplatesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tensorboards - get: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimeTemplates~1{notebookRuntimeTemplatesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - patch: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/notebook_runtime_templates_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/notebook_runtime_templates_iam_policies/methods/set_iam_policy + delete: [] + notebook_runtime_templates: + id: google.aiplatform.notebook_runtime_templates + name: notebook_runtime_templates + title: Notebook_runtime_templates + methods: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimeTemplates/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimeTemplates/get response: mediaType: application/json openAPIDocKey: '200' - read_usage: + objectKey: $.notebookRuntimeTemplates + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}:readUsage/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimeTemplates~1{notebookRuntimeTemplatesId}/delete response: mediaType: application/json openAPIDocKey: '200' - read_size: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}:readSize/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimeTemplates~1{notebookRuntimeTemplatesId}/patch response: mediaType: application/json openAPIDocKey: '200' - batch_read: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}:batchRead/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notebookRuntimeTemplates~1{notebookRuntimeTemplatesId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/tensorboards/methods/get' - - $ref: '#/components/x-stackQL-resources/tensorboards/methods/list' + - $ref: >- + #/components/x-stackQL-resources/notebook_runtime_templates/methods/get + - $ref: >- + #/components/x-stackQL-resources/notebook_runtime_templates/methods/list insert: - - $ref: '#/components/x-stackQL-resources/tensorboards/methods/create' + - $ref: >- + #/components/x-stackQL-resources/notebook_runtime_templates/methods/create update: - - $ref: '#/components/x-stackQL-resources/tensorboards/methods/patch' + - $ref: >- + #/components/x-stackQL-resources/notebook_runtime_templates/methods/patch replace: [] delete: - - $ref: '#/components/x-stackQL-resources/tensorboards/methods/delete' - experiments: - id: google.aiplatform.experiments - name: experiments - title: Experiments + - $ref: >- + #/components/x-stackQL-resources/notebook_runtime_templates/methods/delete + pipeline_jobs: + id: google.aiplatform.pipeline_jobs + name: pipeline_jobs + title: Pipeline_jobs methods: - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1pipelineJobs~1{pipelineJobsId}/get response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1pipelineJobs~1{pipelineJobsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tensorboardExperiments - get: + batch_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1pipelineJobs:batchDelete/post response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1pipelineJobs/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.pipelineJobs + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1pipelineJobs/post response: mediaType: application/json openAPIDocKey: '200' - batch_create: + batch_cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}:batchCreate/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1pipelineJobs:batchCancel/post response: mediaType: application/json openAPIDocKey: '200' - write: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}:write/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1pipelineJobs~1{pipelineJobsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/experiments/methods/get' - - $ref: '#/components/x-stackQL-resources/experiments/methods/list' + - $ref: '#/components/x-stackQL-resources/pipeline_jobs/methods/get' + - $ref: '#/components/x-stackQL-resources/pipeline_jobs/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/experiments/methods/batch_create' - - $ref: '#/components/x-stackQL-resources/experiments/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/experiments/methods/patch' + - $ref: '#/components/x-stackQL-resources/pipeline_jobs/methods/create' + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/experiments/methods/delete' - runs: - id: google.aiplatform.runs - name: runs - title: Runs - methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.tensorboardRuns - batch_create: + - $ref: '#/components/x-stackQL-resources/pipeline_jobs/methods/delete' + - $ref: >- + #/components/x-stackQL-resources/pipeline_jobs/methods/batch_delete + hyperparameter_tuning_jobs: + id: google.aiplatform.hyperparameter_tuning_jobs + name: hyperparameter_tuning_jobs + title: Hyperparameter_tuning_jobs + methods: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs:batchCreate/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1hyperparameterTuningJobs/get response: mediaType: application/json openAPIDocKey: '200' - get: + objectKey: $.hyperparameterTuningJobs + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1hyperparameterTuningJobs/post response: mediaType: application/json openAPIDocKey: '200' - patch: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1hyperparameterTuningJobs~1{hyperparameterTuningJobsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1hyperparameterTuningJobs~1{hyperparameterTuningJobsId}/get response: mediaType: application/json openAPIDocKey: '200' - write: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}:write/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1hyperparameterTuningJobs~1{hyperparameterTuningJobsId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/runs/methods/get' - - $ref: '#/components/x-stackQL-resources/runs/methods/list' + - $ref: >- + #/components/x-stackQL-resources/hyperparameter_tuning_jobs/methods/get + - $ref: >- + #/components/x-stackQL-resources/hyperparameter_tuning_jobs/methods/list insert: - - $ref: '#/components/x-stackQL-resources/runs/methods/create' - - $ref: '#/components/x-stackQL-resources/runs/methods/batch_create' - update: - - $ref: '#/components/x-stackQL-resources/runs/methods/patch' + - $ref: >- + #/components/x-stackQL-resources/hyperparameter_tuning_jobs/methods/create + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/runs/methods/delete' - time_series: - id: google.aiplatform.time_series - name: time_series - title: Time_series + - $ref: >- + #/components/x-stackQL-resources/hyperparameter_tuning_jobs/methods/delete + evaluation_runs: + id: google.aiplatform.evaluation_runs + name: evaluation_runs + title: Evaluation_runs methods: - create: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}~1timeSeries/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluationRuns~1{evaluationRunsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}~1timeSeries/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluationRuns~1{evaluationRunsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tensorboardTimeSeries get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}~1timeSeries~1{timeSeriesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}~1timeSeries~1{timeSeriesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluationRuns~1{evaluationRunsId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}~1timeSeries~1{timeSeriesId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - read: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}~1timeSeries~1{timeSeriesId}:read/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluationRuns/post response: mediaType: application/json openAPIDocKey: '200' - read_blob_data: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}~1timeSeries~1{timeSeriesId}:readBlobData/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluationRuns/get response: mediaType: application/json openAPIDocKey: '200' - export_tensorboard_time_series: + objectKey: $.evaluationRuns + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/evaluation_runs/methods/get' + - $ref: '#/components/x-stackQL-resources/evaluation_runs/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/evaluation_runs/methods/create' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/evaluation_runs/methods/delete' + feature_group_operations: + id: google.aiplatform.feature_group_operations + name: feature_group_operations + title: Feature_group_operations + methods: + list_wait: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tensorboards~1{tensorboardsId}~1experiments~1{experimentsId}~1runs~1{runsId}~1timeSeries~1{timeSeriesId}:exportTensorboardTimeSeries/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}~1features~1{featuresId}~1operations~1{operationsId}:wait/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.operations sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/time_series/methods/get' - - $ref: '#/components/x-stackQL-resources/time_series/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/time_series/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/time_series/methods/patch' + - $ref: >- + #/components/x-stackQL-resources/feature_group_operations/methods/list_wait + insert: [] + update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/time_series/methods/delete' - studies: - id: google.aiplatform.studies - name: studies - title: Studies + delete: [] + feature_groups: + id: google.aiplatform.feature_groups + name: feature_groups + title: Feature_groups methods: - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.studies - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups/post response: mediaType: application/json openAPIDocKey: '200' - lookup: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies:lookup/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.featureGroups sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/studies/methods/get' - - $ref: '#/components/x-stackQL-resources/studies/methods/list' + - $ref: '#/components/x-stackQL-resources/feature_groups/methods/get' + - $ref: '#/components/x-stackQL-resources/feature_groups/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/studies/methods/create' - update: [] + - $ref: '#/components/x-stackQL-resources/feature_groups/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/feature_groups/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/studies/methods/delete' - trials: - id: google.aiplatform.trials - name: trials - title: Trials + - $ref: '#/components/x-stackQL-resources/feature_groups/methods/delete' + feature_groups_iam_policies: + id: google.aiplatform.feature_groups_iam_policies + name: feature_groups_iam_policies + title: Feature_groups_iam_policies methods: - suggest: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials:suggest/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - create: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.bindings + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1featureGroups~1{featureGroupsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.trials + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/feature_groups_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/feature_groups_iam_policies/methods/set_iam_policy + delete: [] + reasoning_engines: + id: google.aiplatform.reasoning_engines + name: reasoning_engines + title: Reasoning_engines + methods: get: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials~1{trialsId}/get + $ref: '#/paths/~1v1~1reasoningEngines~1{reasoningEnginesId}/get' response: mediaType: application/json openAPIDocKey: '200' delete: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials~1{trialsId}/delete + $ref: '#/paths/~1v1~1reasoningEngines~1{reasoningEnginesId}/delete' response: mediaType: application/json openAPIDocKey: '200' - add_trial_measurement: + patch: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials~1{trialsId}:addTrialMeasurement/post + $ref: '#/paths/~1v1~1reasoningEngines~1{reasoningEnginesId}/patch' response: mediaType: application/json openAPIDocKey: '200' - complete: + query: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials~1{trialsId}:complete/post + $ref: '#/paths/~1v1~1reasoningEngines~1{reasoningEnginesId}:query/post' response: mediaType: application/json openAPIDocKey: '200' - check_trial_early_stopping_state: + stream_query: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials~1{trialsId}:checkTrialEarlyStoppingState/post + #/paths/~1v1~1reasoningEngines~1{reasoningEnginesId}:streamQuery/post response: mediaType: application/json openAPIDocKey: '200' - stop: + create: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials~1{trialsId}:stop/post + $ref: '#/paths/~1v1~1reasoningEngines/post' + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: '#/paths/~1v1~1reasoningEngines/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.reasoningEngines sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/trials/methods/get' - - $ref: '#/components/x-stackQL-resources/trials/methods/list' + - $ref: '#/components/x-stackQL-resources/reasoning_engines/methods/get' + - $ref: '#/components/x-stackQL-resources/reasoning_engines/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/trials/methods/create' - update: [] + - $ref: '#/components/x-stackQL-resources/reasoning_engines/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/reasoning_engines/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/trials/methods/delete' - optimal_trials: - id: google.aiplatform.optimal_trials - name: optimal_trials - title: Optimal_trials + - $ref: '#/components/x-stackQL-resources/reasoning_engines/methods/delete' + revisions: + id: google.aiplatform.revisions + name: revisions + title: Revisions methods: - list_optimal_trials: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1studies~1{studiesId}~1trials:listOptimalTrials/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1memories~1{memoriesId}~1revisions~1{revisionsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1memories~1{memoriesId}~1revisions/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.memoryRevisions sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/optimal_trials/methods/list_optimal_trials + - $ref: '#/components/x-stackQL-resources/revisions/methods/get' + - $ref: '#/components/x-stackQL-resources/revisions/methods/list' insert: [] update: [] replace: [] delete: [] - rag_corpora: - id: google.aiplatform.rag_corpora - name: rag_corpora - title: Rag_corpora + memories: + id: google.aiplatform.memories + name: memories + title: Memories methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1memories~1{memoriesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.ragCorpora - patch: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1memories~1{memoriesId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1memories~1{memoriesId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + rollback: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1memories~1{memoriesId}:rollback/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/rag_corpora/methods/get' - - $ref: '#/components/x-stackQL-resources/rag_corpora/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/rag_corpora/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/rag_corpora/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/rag_corpora/methods/delete' - rag_files: - id: google.aiplatform.rag_files - name: rag_files - title: Rag_files - methods: - import: + retrieve: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1memories:retrieve/post response: mediaType: application/json openAPIDocKey: '200' - get: + generate: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles~1{ragFilesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1memories:generate/post response: mediaType: application/json openAPIDocKey: '200' - delete: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles~1{ragFilesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1memories/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1memories/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.ragFiles - upload: + objectKey: $.memories + purge: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles:upload/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1memories:purge/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/rag_files/methods/get' - - $ref: '#/components/x-stackQL-resources/rag_files/methods/list' - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/memories/methods/get' + - $ref: '#/components/x-stackQL-resources/memories/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/memories/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/memories/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/rag_files/methods/delete' - rag_file_operations: - id: google.aiplatform.rag_file_operations - name: rag_file_operations - title: Rag_file_operations + - $ref: '#/components/x-stackQL-resources/memories/methods/delete' + sessions: + id: google.aiplatform.sessions + name: sessions + title: Sessions methods: - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles~1{ragFilesId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1sessions~1{sessionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles~1{ragFilesId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1sessions~1{sessionsId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles~1{ragFilesId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1sessions~1{sessionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - cancel: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles~1{ragFilesId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1sessions/post response: mediaType: application/json openAPIDocKey: '200' - wait: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ragCorpora~1{ragCorporaId}~1ragFiles~1{ragFilesId}~1operations~1{operationsId}:wait/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1sessions/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.sessions + append_event: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1sessions~1{sessionsId}:appendEvent/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/rag_file_operations/methods/get' - - $ref: '#/components/x-stackQL-resources/rag_file_operations/methods/list' + - $ref: '#/components/x-stackQL-resources/sessions/methods/get' + - $ref: '#/components/x-stackQL-resources/sessions/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/sessions/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/sessions/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/sessions/methods/delete' + events: + id: google.aiplatform.events + name: events + title: Events + methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reasoningEngines~1{reasoningEnginesId}~1sessions~1{sessionsId}~1events/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.sessionEvents + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/events/methods/list' insert: [] update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/rag_file_operations/methods/delete + delete: [] paths: + /v1/hyperparameterTuningJobs/{hyperparameterTuningJobsId}/operations/{operationsId}:cancel: + parameters: &ref_1 + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/_.xgafv' + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.hyperparameterTuningJobs.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: hyperparameterTuningJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/hyperparameterTuningJobs/{hyperparameterTuningJobsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.hyperparameterTuningJobs.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: hyperparameterTuningJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.hyperparameterTuningJobs.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: hyperparameterTuningJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/hyperparameterTuningJobs/{hyperparameterTuningJobsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.hyperparameterTuningJobs.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: hyperparameterTuningJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/hyperparameterTuningJobs/{hyperparameterTuningJobsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.hyperparameterTuningJobs.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: hyperparameterTuningJobsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/ragCorpora/{ragCorporaId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.ragCorpora.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.ragCorpora.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/ragCorpora/{ragCorporaId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.ragCorpora.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/ragCorpora/{ragCorporaId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.ragCorpora.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/ragCorpora/{ragCorporaId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.ragCorpora.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/ragCorpora/{ragCorporaId}/ragFiles/{ragFilesId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.ragCorpora.ragFiles.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: ragFilesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.ragCorpora.ragFiles.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: ragFilesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/ragCorpora/{ragCorporaId}/ragFiles/{ragFilesId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.ragCorpora.ragFiles.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: ragFilesId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/ragCorpora/{ragCorporaId}/ragFiles/{ragFilesId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.ragCorpora.ragFiles.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: ragFilesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/ragCorpora/{ragCorporaId}/ragFiles/{ragFilesId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.ragCorpora.ragFiles.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: ragFilesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/publishers/{publishersId}/models/{modelsId}:countTokens: + parameters: *ref_1 + post: + description: Perform a token counting. + operationId: aiplatform.publishers.models.countTokens + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CountTokensRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CountTokensResponse + parameters: + - in: path + name: publishersId + required: true + schema: + type: string + - in: path + name: modelsId + required: true + schema: + type: string + /v1/publishers/{publishersId}/models/{modelsId}:predict: + parameters: *ref_1 + post: + description: Perform an online prediction. + operationId: aiplatform.publishers.models.predict + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictResponse' + parameters: + - in: path + name: publishersId + required: true + schema: + type: string + - in: path + name: modelsId + required: true + schema: + type: string + /v1/publishers/{publishersId}/models/{modelsId}:fetchPredictOperation: + parameters: *ref_1 + post: + description: Fetch an asynchronous online prediction operation. + operationId: aiplatform.publishers.models.fetchPredictOperation + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FetchPredictOperationRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: publishersId + required: true + schema: + type: string + - in: path + name: modelsId + required: true + schema: + type: string + /v1/publishers/{publishersId}/models/{modelsId}:predictLongRunning: + parameters: *ref_1 + post: + description: '' + operationId: aiplatform.publishers.models.predictLongRunning + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PredictLongRunningRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: publishersId + required: true + schema: + type: string + - in: path + name: modelsId + required: true + schema: + type: string + /v1/publishers/{publishersId}/models/{modelsId}:generateContent: + parameters: *ref_1 + post: + description: Generate content with multimodal inputs. + operationId: aiplatform.publishers.models.generateContent + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateContentRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponse + parameters: + - in: path + name: publishersId + required: true + schema: + type: string + - in: path + name: modelsId + required: true + schema: + type: string + /v1/publishers/{publishersId}/models/{modelsId}:computeTokens: + parameters: *ref_1 + post: + description: Return a list of tokens based on the input text. + operationId: aiplatform.publishers.models.computeTokens + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ComputeTokensRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ComputeTokensResponse + parameters: + - in: path + name: publishersId + required: true + schema: + type: string + - in: path + name: modelsId + required: true + schema: + type: string + /v1/publishers/{publishersId}/models/{modelsId}: + parameters: *ref_1 + get: + description: Gets a Model Garden publisher model. + operationId: aiplatform.publishers.models.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PublisherModel' + parameters: + - in: path + name: publishersId + required: true + schema: + type: string + - in: path + name: modelsId + required: true + schema: + type: string + - in: query + name: languageCode + schema: + type: string + - in: query + name: isHuggingFaceModel + schema: + type: boolean + - in: query + name: view + schema: + type: string + - in: query + name: huggingFaceToken + schema: + type: string + /v1/publishers/{publishersId}/models/{modelsId}:streamGenerateContent: + parameters: *ref_1 + post: + description: Generate content with multimodal inputs with streaming support. + operationId: aiplatform.publishers.models.streamGenerateContent + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateContentRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponse + parameters: + - in: path + name: publishersId + required: true + schema: + type: string + - in: path + name: modelsId + required: true + schema: + type: string + /v1/customJobs/{customJobsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.customJobs.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: customJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.customJobs.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: customJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/customJobs/{customJobsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.customJobs.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: customJobsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/customJobs/{customJobsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.customJobs.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: customJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/customJobs/{customJobsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.customJobs.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: customJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/metadataStores/{metadataStoresId}/executions/{executionsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.metadataStores.executions.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: executionsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.metadataStores.executions.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: executionsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/metadataStores/{metadataStoresId}/executions/{executionsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.metadataStores.executions.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: executionsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/metadataStores/{metadataStoresId}/executions/{executionsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.metadataStores.executions.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: executionsId + required: true + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/metadataStores/{metadataStoresId}/executions/{executionsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.metadataStores.executions.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: executionsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/metadataStores/{metadataStoresId}/artifacts/{artifactsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.metadataStores.artifacts.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: artifactsId + required: true + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/metadataStores/{metadataStoresId}/artifacts/{artifactsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.metadataStores.artifacts.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: artifactsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/metadataStores/{metadataStoresId}/artifacts/{artifactsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.metadataStores.artifacts.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: artifactsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/metadataStores/{metadataStoresId}/artifacts/{artifactsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.metadataStores.artifacts.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: artifactsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.metadataStores.artifacts.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: artifactsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/metadataStores/{metadataStoresId}/contexts/{contextsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.metadataStores.contexts.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: contextsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.metadataStores.contexts.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: contextsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/metadataStores/{metadataStoresId}/contexts/{contextsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.metadataStores.contexts.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: contextsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/metadataStores/{metadataStoresId}/contexts/{contextsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.metadataStores.contexts.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: contextsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + /v1/metadataStores/{metadataStoresId}/contexts/{contextsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.metadataStores.contexts.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: contextsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/metadataStores/{metadataStoresId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.metadataStores.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/metadataStores/{metadataStoresId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.metadataStores.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.metadataStores.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/metadataStores/{metadataStoresId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.metadataStores.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/metadataStores/{metadataStoresId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.metadataStores.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/schedules/{schedulesId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.schedules.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: schedulesId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + /v1/schedules/{schedulesId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.schedules.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: schedulesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.schedules.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: schedulesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/schedules/{schedulesId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.schedules.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: schedulesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/schedules/{schedulesId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.schedules.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: schedulesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/endpoints/{endpointsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.endpoints.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: endpointsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.endpoints.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: endpointsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/endpoints/{endpointsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.endpoints.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: endpointsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/endpoints/{endpointsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.endpoints.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: endpointsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/endpoints/{endpointsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.endpoints.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: endpointsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/endpoints/{endpointsId}/chat/completions: + parameters: *ref_1 + post: + description: Exposes an OpenAI-compatible endpoint for chat completions. + operationId: aiplatform.endpoints.chat.completions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleApiHttpBody' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleApiHttpBody' + parameters: + - in: path + name: endpointsId + required: true + schema: + type: string + /v1/endpoints/{endpointsId}:computeTokens: + parameters: *ref_1 + post: + description: Return a list of tokens based on the input text. + operationId: aiplatform.endpoints.computeTokens + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ComputeTokensRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ComputeTokensResponse + parameters: + - in: path + name: endpointsId + required: true + schema: + type: string + /v1/endpoints/{endpointsId}:predictLongRunning: + parameters: *ref_1 + post: + description: '' + operationId: aiplatform.endpoints.predictLongRunning + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PredictLongRunningRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: endpointsId + required: true + schema: + type: string + /v1/endpoints/{endpointsId}:countTokens: + parameters: *ref_1 + post: + description: Perform a token counting. + operationId: aiplatform.endpoints.countTokens + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CountTokensRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CountTokensResponse + parameters: + - in: path + name: endpointsId + required: true + schema: + type: string + /v1/endpoints/{endpointsId}:generateContent: + parameters: *ref_1 + post: + description: Generate content with multimodal inputs. + operationId: aiplatform.endpoints.generateContent + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateContentRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponse + parameters: + - in: path + name: endpointsId + required: true + schema: + type: string + /v1/endpoints/{endpointsId}:predict: + parameters: *ref_1 + post: + description: Perform an online prediction. + operationId: aiplatform.endpoints.predict + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictResponse' + parameters: + - in: path + name: endpointsId + required: true + schema: + type: string + /v1/endpoints/{endpointsId}:streamGenerateContent: + parameters: *ref_1 + post: + description: Generate content with multimodal inputs with streaming support. + operationId: aiplatform.endpoints.streamGenerateContent + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateContentRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponse + parameters: + - in: path + name: endpointsId + required: true + schema: + type: string + /v1/endpoints/{endpointsId}:fetchPredictOperation: + parameters: *ref_1 + post: + description: Fetch an asynchronous online prediction operation. + operationId: aiplatform.endpoints.fetchPredictOperation + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FetchPredictOperationRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: endpointsId + required: true + schema: + type: string + /v1/batchPredictionJobs: + parameters: *ref_1 + get: + description: Lists BatchPredictionJobs in a Location. + operationId: aiplatform.batchPredictionJobs.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListBatchPredictionJobsResponse + parameters: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + - in: query + name: parent + schema: + type: string + post: + description: >- + Creates a BatchPredictionJob. A BatchPredictionJob once created will + right away be attempted to start. + operationId: aiplatform.batchPredictionJobs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1BatchPredictionJob' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1BatchPredictionJob' + parameters: + - in: query + name: parent + schema: + type: string + /v1/batchPredictionJobs/{batchPredictionJobsId}: + parameters: *ref_1 + get: + description: Gets a BatchPredictionJob + operationId: aiplatform.batchPredictionJobs.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1BatchPredictionJob' + parameters: + - in: path + name: batchPredictionJobsId + required: true + schema: + type: string + /v1/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: query + name: name + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/tensorboards/{tensorboardsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.tensorboards.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.tensorboards.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/tensorboards/{tensorboardsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.tensorboards.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/tensorboards/{tensorboardsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.tensorboards.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/tensorboards/{tensorboardsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.tensorboards.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/tensorboards/{tensorboardsId}/experiments/{experimentsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.tensorboards.experiments.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/tensorboards/{tensorboardsId}/experiments/{experimentsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.tensorboards.experiments.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/tensorboards/{tensorboardsId}/experiments/{experimentsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.tensorboards.experiments.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/tensorboards/{tensorboardsId}/experiments/{experimentsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.tensorboards.experiments.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.tensorboards.experiments.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.tensorboards.experiments.runs.timeSeries.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: timeSeriesId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.tensorboards.experiments.runs.timeSeries.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: timeSeriesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.tensorboards.experiments.runs.timeSeries.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: timeSeriesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.tensorboards.experiments.runs.timeSeries.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: timeSeriesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.tensorboards.experiments.runs.timeSeries.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: timeSeriesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.tensorboards.experiments.runs.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: runsId + required: true + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.tensorboards.experiments.runs.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.tensorboards.experiments.runs.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.tensorboards.experiments.runs.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.tensorboards.experiments.runs.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/deploymentResourcePools/{deploymentResourcePoolsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.deploymentResourcePools.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: deploymentResourcePoolsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + /v1/deploymentResourcePools/{deploymentResourcePoolsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.deploymentResourcePools.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: deploymentResourcePoolsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/deploymentResourcePools/{deploymentResourcePoolsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.deploymentResourcePools.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: deploymentResourcePoolsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.deploymentResourcePools.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: deploymentResourcePoolsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/deploymentResourcePools/{deploymentResourcePoolsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.deploymentResourcePools.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: deploymentResourcePoolsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/tuningJobs/{tuningJobsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.tuningJobs.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: tuningJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/tuningJobs/{tuningJobsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.tuningJobs.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: tuningJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.tuningJobs.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: tuningJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/tuningJobs/{tuningJobsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.tuningJobs.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: tuningJobsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/featureGroups/{featureGroupsId}/features/{featuresId}/operations/{operationsId}:wait: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.featureGroups.features.operations.listWait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: featureGroupsId + required: true + schema: + type: string + - in: path + name: featuresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.featureGroups.features.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: featureGroupsId + required: true + schema: + type: string + - in: path + name: featuresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/featureGroups/{featureGroupsId}/features/{featuresId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.featureGroups.features.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: featureGroupsId + required: true + schema: + type: string + - in: path + name: featuresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.featureGroups.features.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: featureGroupsId + required: true + schema: + type: string + - in: path + name: featuresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/featureGroups/{featureGroupsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.featureGroups.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: featureGroupsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.featureGroups.operations.listWait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: featureGroupsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/featureGroups/{featureGroupsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.featureGroups.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: featureGroupsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.featureGroups.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: featureGroupsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/trainingPipelines/{trainingPipelinesId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.trainingPipelines.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: trainingPipelinesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/trainingPipelines/{trainingPipelinesId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.trainingPipelines.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: trainingPipelinesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/trainingPipelines/{trainingPipelinesId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.trainingPipelines.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: trainingPipelinesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.trainingPipelines.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: trainingPipelinesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/trainingPipelines/{trainingPipelinesId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.trainingPipelines.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: trainingPipelinesId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1/notebookRuntimes/{notebookRuntimesId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.notebookRuntimes.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: notebookRuntimesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.notebookRuntimes.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: notebookRuntimesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/notebookRuntimes/{notebookRuntimesId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.notebookRuntimes.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: notebookRuntimesId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/notebookRuntimes/{notebookRuntimesId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.notebookRuntimes.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: notebookRuntimesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/notebookRuntimes/{notebookRuntimesId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.notebookRuntimes.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: notebookRuntimesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/dataLabelingJobs/{dataLabelingJobsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.dataLabelingJobs.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: dataLabelingJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/dataLabelingJobs/{dataLabelingJobsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.dataLabelingJobs.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: dataLabelingJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.dataLabelingJobs.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: dataLabelingJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/dataLabelingJobs/{dataLabelingJobsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.dataLabelingJobs.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: dataLabelingJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/dataLabelingJobs/{dataLabelingJobsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.dataLabelingJobs.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: dataLabelingJobsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/ragEngineConfig/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.ragEngineConfig.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/ragEngineConfig/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.ragEngineConfig.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/ragEngineConfig/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.ragEngineConfig.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/ragEngineConfig/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.ragEngineConfig.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.ragEngineConfig.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.featurestores.entityTypes.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: featurestoresId + required: true + schema: + type: string + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.featurestores.entityTypes.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: featurestoresId + required: true + schema: + type: string + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.featurestores.entityTypes.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: featurestoresId + required: true + schema: + type: string + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.featurestores.entityTypes.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: featurestoresId + required: true + schema: + type: string + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.featurestores.entityTypes.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: featurestoresId + required: true + schema: + type: string + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features/{featuresId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.featurestores.entityTypes.features.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: featurestoresId + required: true + schema: + type: string + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: path + name: featuresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features/{featuresId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.featurestores.entityTypes.features.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: featurestoresId + required: true + schema: + type: string + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: path + name: featuresId + required: true + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features/{featuresId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.featurestores.entityTypes.features.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: featurestoresId + required: true + schema: + type: string + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: path + name: featuresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features/{featuresId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.featurestores.entityTypes.features.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: featurestoresId + required: true + schema: + type: string + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: path + name: featuresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.featurestores.entityTypes.features.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: featurestoresId + required: true + schema: + type: string + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: path + name: featuresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/featurestores/{featurestoresId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.featurestores.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: featurestoresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/featurestores/{featurestoresId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.featurestores.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: featurestoresId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + /v1/featurestores/{featurestoresId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.featurestores.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: featurestoresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.featurestores.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: featurestoresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/featurestores/{featurestoresId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.featurestores.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: featurestoresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/indexEndpoints/{indexEndpointsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.indexEndpoints.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: indexEndpointsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/indexEndpoints/{indexEndpointsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.indexEndpoints.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: indexEndpointsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.indexEndpoints.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: indexEndpointsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/indexEndpoints/{indexEndpointsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.indexEndpoints.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: indexEndpointsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/indexEndpoints/{indexEndpointsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.indexEndpoints.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: indexEndpointsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.modelDeploymentMonitoringJobs.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: modelDeploymentMonitoringJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.modelDeploymentMonitoringJobs.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: modelDeploymentMonitoringJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.modelDeploymentMonitoringJobs.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: modelDeploymentMonitoringJobsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.modelDeploymentMonitoringJobs.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: modelDeploymentMonitoringJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.modelDeploymentMonitoringJobs.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: modelDeploymentMonitoringJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/pipelineJobs/{pipelineJobsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.pipelineJobs.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: pipelineJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.pipelineJobs.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: pipelineJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/pipelineJobs/{pipelineJobsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.pipelineJobs.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: pipelineJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/pipelineJobs/{pipelineJobsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.pipelineJobs.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: pipelineJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/pipelineJobs/{pipelineJobsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.pipelineJobs.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: pipelineJobsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/specialistPools/{specialistPoolsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.specialistPools.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: specialistPoolsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/specialistPools/{specialistPoolsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.specialistPools.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: specialistPoolsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/specialistPools/{specialistPoolsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.specialistPools.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: specialistPoolsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.specialistPools.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: specialistPoolsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/specialistPools/{specialistPoolsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.specialistPools.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: specialistPoolsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + /v1/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}/operations/{operationsId}:wait: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.featureOnlineStores.featureViews.operations.listWait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: featureOnlineStoresId + required: true + schema: + type: string + - in: path + name: featureViewsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.featureOnlineStores.featureViews.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: featureOnlineStoresId + required: true + schema: + type: string + - in: path + name: featureViewsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.featureOnlineStores.featureViews.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: featureOnlineStoresId + required: true + schema: + type: string + - in: path + name: featureViewsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.featureOnlineStores.featureViews.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: featureOnlineStoresId + required: true + schema: + type: string + - in: path + name: featureViewsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/featureOnlineStores/{featureOnlineStoresId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.featureOnlineStores.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: featureOnlineStoresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.featureOnlineStores.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: featureOnlineStoresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/featureOnlineStores/{featureOnlineStoresId}/operations/{operationsId}:wait: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.featureOnlineStores.operations.listWait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: featureOnlineStoresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.featureOnlineStores.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: featureOnlineStoresId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/notebookExecutionJobs/{notebookExecutionJobsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.notebookExecutionJobs.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: notebookExecutionJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.notebookExecutionJobs.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: notebookExecutionJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/notebookExecutionJobs/{notebookExecutionJobsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.notebookExecutionJobs.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: notebookExecutionJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/notebookExecutionJobs/{notebookExecutionJobsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.notebookExecutionJobs.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: notebookExecutionJobsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/notebookExecutionJobs/{notebookExecutionJobsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.notebookExecutionJobs.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: notebookExecutionJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.notebookRuntimeTemplates.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: notebookRuntimeTemplatesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.notebookRuntimeTemplates.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: notebookRuntimeTemplatesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.notebookRuntimeTemplates.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: notebookRuntimeTemplatesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.notebookRuntimeTemplates.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: notebookRuntimeTemplatesId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.notebookRuntimeTemplates.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: notebookRuntimeTemplatesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/studies/{studiesId}/trials/{trialsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.studies.trials.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: studiesId + required: true + schema: + type: string + - in: path + name: trialsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/studies/{studiesId}/trials/{trialsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.studies.trials.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: studiesId + required: true + schema: + type: string + - in: path + name: trialsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/studies/{studiesId}/trials/{trialsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.studies.trials.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: studiesId + required: true + schema: + type: string + - in: path + name: trialsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.studies.trials.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: studiesId + required: true + schema: + type: string + - in: path + name: trialsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/studies/{studiesId}/trials/{trialsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.studies.trials.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: studiesId + required: true + schema: + type: string + - in: path + name: trialsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/studies/{studiesId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.studies.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: studiesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/studies/{studiesId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.studies.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: studiesId + required: true + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/studies/{studiesId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.studies.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: studiesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.studies.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: studiesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/studies/{studiesId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.studies.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: studiesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/models/{modelsId}/evaluations/{evaluationsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.models.evaluations.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: modelsId + required: true + schema: + type: string + - in: path + name: evaluationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/models/{modelsId}/evaluations/{evaluationsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.models.evaluations.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: modelsId + required: true + schema: + type: string + - in: path + name: evaluationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.models.evaluations.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: modelsId + required: true + schema: + type: string + - in: path + name: evaluationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/models/{modelsId}/evaluations/{evaluationsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.models.evaluations.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: modelsId + required: true + schema: + type: string + - in: path + name: evaluationsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/models/{modelsId}/evaluations/{evaluationsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.models.evaluations.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: modelsId + required: true + schema: + type: string + - in: path + name: evaluationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/models/{modelsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.models.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: modelsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.models.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: modelsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/models/{modelsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.models.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: modelsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/models/{modelsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.models.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: modelsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/models/{modelsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.models.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: modelsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/datasets/{datasetsId}/annotationSpecs/{annotationSpecsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.datasets.annotationSpecs.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: annotationSpecsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/datasets/{datasetsId}/annotationSpecs/{annotationSpecsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.datasets.annotationSpecs.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: annotationSpecsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/datasets/{datasetsId}/annotationSpecs/{annotationSpecsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.datasets.annotationSpecs.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: annotationSpecsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/datasets/{datasetsId}/annotationSpecs/{annotationSpecsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.datasets.annotationSpecs.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: annotationSpecsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.datasets.annotationSpecs.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: annotationSpecsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/datasets/{datasetsId}/dataItems/{dataItemsId}/annotations/{annotationsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.datasets.dataItems.annotations.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: dataItemsId + required: true + schema: + type: string + - in: path + name: annotationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.datasets.dataItems.annotations.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: dataItemsId + required: true + schema: + type: string + - in: path + name: annotationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/datasets/{datasetsId}/dataItems/{dataItemsId}/annotations/{annotationsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.datasets.dataItems.annotations.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: dataItemsId + required: true + schema: + type: string + - in: path + name: annotationsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/datasets/{datasetsId}/dataItems/{dataItemsId}/annotations/{annotationsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.datasets.dataItems.annotations.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: dataItemsId + required: true + schema: + type: string + - in: path + name: annotationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/datasets/{datasetsId}/dataItems/{dataItemsId}/annotations/{annotationsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.datasets.dataItems.annotations.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: dataItemsId + required: true + schema: + type: string + - in: path + name: annotationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/datasets/{datasetsId}/dataItems/{dataItemsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.datasets.dataItems.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: dataItemsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.datasets.dataItems.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: dataItemsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/datasets/{datasetsId}/dataItems/{dataItemsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.datasets.dataItems.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: dataItemsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/datasets/{datasetsId}/dataItems/{dataItemsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.datasets.dataItems.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: dataItemsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/datasets/{datasetsId}/dataItems/{dataItemsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.datasets.dataItems.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: dataItemsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/datasets/{datasetsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.datasets.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/datasets/{datasetsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.datasets.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/datasets/{datasetsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.datasets.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/datasets/{datasetsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.datasets.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.datasets.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/datasets/{datasetsId}/datasetVersions: + parameters: *ref_1 + post: + description: Create a version from a Dataset. + operationId: aiplatform.datasets.datasetVersions.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetVersion' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + get: + description: Lists DatasetVersions in a Dataset. + operationId: aiplatform.datasets.datasetVersions.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListDatasetVersionsResponse + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/datasets/{datasetsId}/datasetVersions/{datasetVersionsId}: + parameters: *ref_1 + patch: + description: Updates a DatasetVersion. + operationId: aiplatform.datasets.datasetVersions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetVersion' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetVersion' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: datasetVersionsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets a Dataset version. + operationId: aiplatform.datasets.datasetVersions.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetVersion' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: datasetVersionsId + required: true + schema: + type: string + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a Dataset version. + operationId: aiplatform.datasets.datasetVersions.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: datasetVersionsId + required: true + schema: + type: string + /v1/datasets/{datasetsId}/datasetVersions/{datasetVersionsId}:restore: + parameters: *ref_1 + get: + description: Restores a dataset version. + operationId: aiplatform.datasets.datasetVersions.restore + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: datasetVersionsId + required: true + schema: + type: string + /v1/datasets/{datasetsId}/savedQueries/{savedQueriesId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.datasets.savedQueries.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: savedQueriesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.datasets.savedQueries.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: savedQueriesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/datasets/{datasetsId}/savedQueries/{savedQueriesId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.datasets.savedQueries.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: savedQueriesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/datasets/{datasetsId}/savedQueries/{savedQueriesId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.datasets.savedQueries.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: savedQueriesId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/datasets/{datasetsId}/savedQueries/{savedQueriesId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.datasets.savedQueries.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: savedQueriesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string /v1/datasets: - parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + parameters: *ref_1 + post: + description: Creates a Dataset. + operationId: aiplatform.datasets.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Dataset' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: query + name: parent + schema: + type: string + get: + description: Lists Datasets in a Location. + operationId: aiplatform.datasets.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListDatasetsResponse + parameters: + - in: query + name: filter + schema: + type: string + - in: query + name: parent + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/datasets/{datasetsId}: + parameters: *ref_1 + get: + description: Gets a Dataset. + operationId: aiplatform.datasets.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Dataset' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + patch: + description: Updates a Dataset. + operationId: aiplatform.datasets.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Dataset' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Dataset' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a Dataset. + operationId: aiplatform.datasets.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: datasetsId + required: true + schema: + type: string + /v1/migratableResources/{migratableResourcesId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.migratableResources.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: migratableResourcesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/migratableResources/{migratableResourcesId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.migratableResources.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: migratableResourcesId + required: true + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/migratableResources/{migratableResourcesId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.migratableResources.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: migratableResourcesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.migratableResources.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: migratableResourcesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/migratableResources/{migratableResourcesId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.migratableResources.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: migratableResourcesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/indexes/{indexesId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.indexes.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: indexesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.indexes.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: indexesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/indexes/{indexesId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.indexes.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: indexesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/indexes/{indexesId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.indexes.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: indexesId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/indexes/{indexesId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.indexes.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: indexesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/cacheConfig: + parameters: *ref_1 + patch: + description: Updates a cache config. + operationId: aiplatform.projects.updateCacheConfig + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CacheConfig' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + get: + description: Gets a GenAI cache config. + operationId: aiplatform.projects.getCacheConfig + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CacheConfig' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}:evaluateDataset: + parameters: *ref_1 + post: + description: Evaluates a dataset based on a set of given metrics. + operationId: aiplatform.projects.locations.evaluateDataset + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluateDatasetRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}:deploy: + parameters: *ref_1 + post: + description: Deploys a model to a new endpoint. + operationId: aiplatform.projects.locations.deploy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}:retrieveContexts: + parameters: *ref_1 + post: + description: Retrieves relevant contexts for a query. + operationId: aiplatform.projects.locations.retrieveContexts + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RetrieveContextsRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RetrieveContextsResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/ragEngineConfig: + parameters: *ref_1 + get: + description: Gets a RagEngineConfig. + operationId: aiplatform.projects.locations.getRagEngineConfig + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagEngineConfig' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + patch: + description: Updates a RagEngineConfig. + operationId: aiplatform.projects.locations.updateRagEngineConfig + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagEngineConfig' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}: + parameters: *ref_1 + get: + description: Gets information about a location. + operationId: aiplatform.projects.locations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudLocationLocation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}:generateInstanceRubrics: + parameters: *ref_1 + post: + description: >- + Generates rubrics for a given prompt. A rubric represents a single + testable criterion for evaluation. One input prompt could have multiple + rubrics This RPC allows users to get suggested rubrics based on provided + prompt, which can then be reviewed and used for subsequent evaluations. + operationId: aiplatform.projects.locations.generateInstanceRubrics + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateInstanceRubricsRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateInstanceRubricsResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations: + parameters: *ref_1 + get: + description: Lists information about the supported locations for this service. + operationId: aiplatform.projects.locations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudLocationListLocationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: extraLocationTypes + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}:augmentPrompt: + parameters: *ref_1 + post: + description: >- + Given an input prompt, it returns augmented prompt from vertex rag store + to guide LLM towards generating grounded responses. + operationId: aiplatform.projects.locations.augmentPrompt + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1AugmentPromptRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1AugmentPromptResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}:corroborateContent: + parameters: *ref_1 + post: + description: >- + Given an input text, it returns a score that evaluates the factuality of + the text. It also extracts and returns claims from the text and provides + supporting facts. + operationId: aiplatform.projects.locations.corroborateContent + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CorroborateContentRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CorroborateContentResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}:evaluateInstances: + parameters: *ref_1 + post: + description: Evaluates instances based on a given metric. + operationId: aiplatform.projects.locations.evaluateInstances + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluateInstancesRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EvaluateInstancesResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}:generateSyntheticData: + parameters: *ref_1 + post: + description: Generates synthetic data based on the provided configuration. + operationId: aiplatform.projects.locations.generateSyntheticData + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateSyntheticDataRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateSyntheticDataResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/specialistPools/{specialistPoolsId}: + parameters: *ref_1 + delete: + description: Deletes a SpecialistPool as well as all Specialists in the pool. + operationId: aiplatform.projects.locations.specialistPools.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: specialistPoolsId + required: true + schema: + type: string + - in: query + name: force + schema: + type: boolean + patch: + description: Updates a SpecialistPool. + operationId: aiplatform.projects.locations.specialistPools.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SpecialistPool' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: specialistPoolsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets a SpecialistPool. + operationId: aiplatform.projects.locations.specialistPools.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SpecialistPool' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: specialistPoolsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/specialistPools: + parameters: *ref_1 + post: + description: Creates a SpecialistPool. + operationId: aiplatform.projects.locations.specialistPools.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SpecialistPool' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + get: + description: Lists SpecialistPools in a Location. + operationId: aiplatform.projects.locations.specialistPools.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListSpecialistPoolsResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/specialistPools/{specialistPoolsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.specialistPools.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: specialistPoolsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/specialistPools/{specialistPoolsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.specialistPools.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: specialistPoolsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/specialistPools/{specialistPoolsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.specialistPools.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: specialistPoolsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.specialistPools.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: specialistPoolsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/specialistPools/{specialistPoolsId}/operations/{operationsId}:cancel: + parameters: *ref_1 post: - description: Creates a Dataset. - operationId: aiplatform.datasets.create + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.specialistPools.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: specialistPoolsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}:mutateDeployedIndex: + parameters: *ref_1 + post: + description: Update an existing DeployedIndex under an IndexEndpoint. + operationId: aiplatform.projects.locations.indexEndpoints.mutateDeployedIndex requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Dataset' + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedIndex' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: indexEndpointsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}:deployIndex: + parameters: *ref_1 + post: + description: >- + Deploys an Index into this IndexEndpoint, creating a DeployedIndex + within it. + operationId: aiplatform.projects.locations.indexEndpoints.deployIndex + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployIndexRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: indexEndpointsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints: + parameters: *ref_1 + get: + description: Lists IndexEndpoints in a Location. + operationId: aiplatform.projects.locations.indexEndpoints.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListIndexEndpointsResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates an IndexEndpoint. + operationId: aiplatform.projects.locations.indexEndpoints.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexEndpoint' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}:undeployIndex: + parameters: *ref_1 + post: + description: >- + Undeploys an Index from an IndexEndpoint, removing a DeployedIndex from + it, and freeing all resources it's using. + operationId: aiplatform.projects.locations.indexEndpoints.undeployIndex + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1UndeployIndexRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: indexEndpointsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}: + parameters: *ref_1 + patch: + description: Updates an IndexEndpoint. + operationId: aiplatform.projects.locations.indexEndpoints.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexEndpoint' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexEndpoint' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: indexEndpointsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets an IndexEndpoint. + operationId: aiplatform.projects.locations.indexEndpoints.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexEndpoint' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: indexEndpointsId + required: true + schema: + type: string + delete: + description: Deletes an IndexEndpoint. + operationId: aiplatform.projects.locations.indexEndpoints.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: indexEndpointsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}:readIndexDatapoints: + parameters: *ref_1 + post: + description: >- + Reads the datapoints/vectors of the given IDs. A maximum of 1000 + datapoints can be retrieved in a batch. + operationId: aiplatform.projects.locations.indexEndpoints.readIndexDatapoints + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReadIndexDatapointsRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReadIndexDatapointsResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: indexEndpointsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}:findNeighbors: + parameters: *ref_1 + post: + description: Finds the nearest neighbors of each vector within the request. + operationId: aiplatform.projects.locations.indexEndpoints.findNeighbors + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FindNeighborsRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FindNeighborsResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: indexEndpointsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.indexEndpoints.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: indexEndpointsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.indexEndpoints.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: indexEndpointsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.indexEndpoints.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: indexEndpointsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.indexEndpoints.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34255,13 +48992,33 @@ paths: schema: $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - - in: query - name: parent + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: indexEndpointsId + required: true schema: type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}/operations: + parameters: *ref_1 get: - description: Lists Datasets in a Location. - operationId: aiplatform.datasets.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.indexEndpoints.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34273,17 +49030,31 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListDatasetsResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - - in: query - name: parent + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: indexEndpointsId + required: true schema: type: string - in: query name: filter schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: pageSize schema: @@ -34293,20 +49064,113 @@ paths: name: pageToken schema: type: string - - in: query - name: readMask + /v1/projects/{projectsId}/locations/{locationsId}/trainingPipelines/{trainingPipelinesId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.trainingPipelines.operations.wait + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: trainingPipelinesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true schema: type: string - format: google-fieldmask - in: query - name: orderBy + name: timeout schema: type: string - /v1/datasets/{datasetsId}: + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/trainingPipelines/{trainingPipelinesId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.trainingPipelines.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: trainingPipelinesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/trainingPipelines/{trainingPipelinesId}/operations/{operationsId}: parameters: *ref_1 get: - description: Gets a Dataset. - operationId: aiplatform.datasets.get + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.trainingPipelines.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34318,26 +49182,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Dataset' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: datasetsId + name: projectsId required: true schema: type: string - - in: query - name: readMask + - in: path + name: locationsId + required: true schema: type: string - format: google-fieldmask - patch: - description: Updates a Dataset. - operationId: aiplatform.datasets.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Dataset' + - in: path + name: trainingPipelinesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.trainingPipelines.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34349,21 +49222,85 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Dataset' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path - name: datasetsId + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: trainingPipelinesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/trainingPipelines/{trainingPipelinesId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.trainingPipelines.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: trainingPipelinesId required: true schema: type: string - in: query - name: updateMask + name: filter schema: type: string - format: google-fieldmask + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/trainingPipelines/{trainingPipelinesId}: + parameters: *ref_1 delete: - description: Deletes a Dataset. - operationId: aiplatform.datasets.delete + description: Deletes a TrainingPipeline. + operationId: aiplatform.projects.locations.trainingPipelines.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34378,20 +49315,63 @@ paths: $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: datasetsId + name: projectsId required: true schema: type: string - /v1/datasets/{datasetsId}/datasetVersions: + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: trainingPipelinesId + required: true + schema: + type: string + get: + description: Gets a TrainingPipeline. + operationId: aiplatform.projects.locations.trainingPipelines.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TrainingPipeline' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: trainingPipelinesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/trainingPipelines: parameters: *ref_1 post: - description: Create a version from a Dataset. - operationId: aiplatform.datasets.datasetVersions.create + description: >- + Creates a TrainingPipeline. A created TrainingPipeline right away will + be attempted to be run. + operationId: aiplatform.projects.locations.trainingPipelines.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetVersion' + $ref: '#/components/schemas/GoogleCloudAiplatformV1TrainingPipeline' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34403,16 +49383,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1TrainingPipeline' parameters: - in: path - name: datasetsId + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId required: true schema: type: string get: - description: Lists DatasetVersions in a Dataset. - operationId: aiplatform.datasets.datasetVersions.list + description: Lists TrainingPipelines in a Location. + operationId: aiplatform.projects.locations.trainingPipelines.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34425,13 +49410,27 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListDatasetVersionsResponse + #/components/schemas/GoogleCloudAiplatformV1ListTrainingPipelinesResponse parameters: - in: path - name: datasetsId + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId required: true schema: type: string + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + - in: query + name: pageToken + schema: + type: string - in: query name: filter schema: @@ -34441,29 +49440,100 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken + /v1/projects/{projectsId}/locations/{locationsId}/trainingPipelines/{trainingPipelinesId}:cancel: + parameters: *ref_1 + post: + description: >- + Cancels a TrainingPipeline. Starts asynchronous cancellation on the + TrainingPipeline. The server makes a best effort to cancel the pipeline, + but success is not guaranteed. Clients can use + PipelineService.GetTrainingPipeline or other methods to check whether + the cancellation succeeded or whether the pipeline completed despite + cancellation. On successful cancellation, the TrainingPipeline is not + deleted; instead it becomes a pipeline with a TrainingPipeline.error + value with a google.rpc.Status.code of 1, corresponding to + `Code.CANCELLED`, and TrainingPipeline.state is set to `CANCELLED`. + operationId: aiplatform.projects.locations.trainingPipelines.cancel + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CancelTrainingPipelineRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true schema: type: string - - in: query - name: readMask + - in: path + name: locationsId + required: true schema: type: string - format: google-fieldmask - - in: query - name: orderBy + - in: path + name: trainingPipelinesId + required: true schema: type: string - /v1/datasets/{datasetsId}/datasetVersions/{datasetVersionsId}: + /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora: parameters: *ref_1 - patch: - description: Updates a DatasetVersion. - operationId: aiplatform.datasets.datasetVersions.patch + get: + description: Lists RagCorpora in a Location. + operationId: aiplatform.projects.locations.ragCorpora.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListRagCorporaResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a RagCorpus. + operationId: aiplatform.projects.locations.ragCorpora.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetVersion' + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagCorpus' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34475,26 +49545,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetVersion' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: datasetsId + name: projectsId required: true schema: type: string - in: path - name: datasetVersionsId + name: locationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a Dataset version. - operationId: aiplatform.datasets.datasetVersions.delete + /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}: + parameters: *ref_1 + get: + description: Gets a RagCorpus. + operationId: aiplatform.projects.locations.ragCorpora.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34506,21 +49573,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagCorpus' parameters: - in: path - name: datasetsId + name: projectsId required: true schema: type: string - in: path - name: datasetVersionsId + name: locationsId required: true schema: type: string - get: - description: Gets a Dataset version. - operationId: aiplatform.datasets.datasetVersions.get + - in: path + name: ragCorporaId + required: true + schema: + type: string + delete: + description: Deletes a RagCorpus. + operationId: aiplatform.projects.locations.ragCorpora.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34532,28 +49604,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetVersion' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: datasetsId + name: projectsId required: true schema: type: string - in: path - name: datasetVersionsId + name: locationsId required: true schema: type: string - - in: query - name: readMask + - in: path + name: ragCorporaId + required: true schema: type: string - format: google-fieldmask - /v1/datasets/{datasetsId}/datasetVersions/{datasetVersionsId}:restore: - parameters: *ref_1 - get: - description: Restores a dataset version. - operationId: aiplatform.datasets.datasetVersions.restore + - in: query + name: force + schema: + type: boolean + patch: + description: Updates a RagCorpus. + operationId: aiplatform.projects.locations.ragCorpora.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagCorpus' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34568,25 +49647,31 @@ paths: $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: datasetsId + name: projectsId required: true schema: type: string - in: path - name: datasetVersionsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/cacheConfig: + - in: path + name: ragCorporaId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/ragFiles:import: parameters: *ref_1 - patch: - description: Updates a cache config. - operationId: aiplatform.projects.updateCacheConfig + post: + description: Import files from Google Cloud Storage or Google Drive into a RagCorpus. + operationId: aiplatform.projects.locations.ragCorpora.ragFiles.import requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CacheConfig' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ImportRagFilesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34605,9 +49690,21 @@ paths: required: true schema: type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: ragCorporaId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/ragFiles: + parameters: *ref_1 get: - description: Gets a GenAI cache config. - operationId: aiplatform.projects.getCacheConfig + description: Lists RagFiles in a RagCorpus. + operationId: aiplatform.projects.locations.ragCorpora.ragFiles.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34619,18 +49716,38 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CacheConfig' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListRagFilesResponse parameters: - in: path name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/locations: + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/ragFiles/{ragFilesId}: parameters: *ref_1 - get: - description: Lists information about the supported locations for this service. - operationId: aiplatform.projects.locations.list + delete: + description: Deletes a RagFile. + operationId: aiplatform.projects.locations.ragCorpora.ragFiles.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34642,35 +49759,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudLocationListLocationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: pageSize + - in: path + name: ragCorporaId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: ragFilesId + required: true schema: type: string - in: query - name: extraLocationTypes + name: forceDelete schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 + type: boolean get: - description: Gets information about a location. - operationId: aiplatform.projects.locations.get + description: Gets a RagFile. + operationId: aiplatform.projects.locations.ragCorpora.ragFiles.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34682,7 +49799,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudLocationLocation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1RagFile' parameters: - in: path name: projectsId @@ -34694,17 +49811,25 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}:evaluateInstances: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: ragFilesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/ragFiles/{ragFilesId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Evaluates instances based on a given metric. - operationId: aiplatform.projects.locations.evaluateInstances - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1EvaluateInstancesRequest + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.ragCorpora.ragFiles.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34716,8 +49841,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1EvaluateInstancesResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -34729,17 +49853,27 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}:evaluateDataset: - parameters: *ref_1 - post: - description: Evaluates a dataset based on a set of given metrics. - operationId: aiplatform.projects.locations.evaluateDataset - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1EvaluateDatasetRequest + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: ragFilesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.ragCorpora.ragFiles.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34763,21 +49897,28 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}:generateInstanceRubrics: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: ragFilesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/ragFiles/{ragFilesId}/operations: parameters: *ref_1 - post: + get: description: >- - Generates rubrics for a given prompt. A rubric represents a single - testable criterion for evaluation. One input prompt could have multiple - rubrics This RPC allows users to get suggested rubrics based on provided - prompt, which can then be reviewed and used for subsequent evaluations. - operationId: aiplatform.projects.locations.generateInstanceRubrics - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateInstanceRubricsRequest + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.ragCorpora.ragFiles.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34789,8 +49930,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateInstanceRubricsResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -34802,16 +49942,47 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}:deploy: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: ragFilesId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/ragFiles/{ragFilesId}/operations/{operationsId}:wait: parameters: *ref_1 post: - description: Deploys a model to a new endpoint. - operationId: aiplatform.projects.locations.deploy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployRequest' + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.ragCorpora.ragFiles.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34835,16 +50006,40 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ragEngineConfig: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: ragFilesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/ragFiles/{ragFilesId}/operations/{operationsId}:cancel: parameters: *ref_1 - patch: - description: Updates a RagEngineConfig. - operationId: aiplatform.projects.locations.updateRagEngineConfig - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagEngineConfig' + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.ragCorpora.ragFiles.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34856,7 +50051,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -34868,9 +50063,35 @@ paths: required: true schema: type: string - get: - description: Gets a RagEngineConfig. - operationId: aiplatform.projects.locations.getRagEngineConfig + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: ragFilesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.ragCorpora.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34882,7 +50103,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagEngineConfig' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -34894,17 +50115,29 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}:retrieveContexts: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Retrieves relevant contexts for a query. - operationId: aiplatform.projects.locations.retrieveContexts - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RetrieveContextsRequest + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.ragCorpora.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34916,8 +50149,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RetrieveContextsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -34929,18 +50161,23 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}:augmentPrompt: - parameters: *ref_1 - post: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: description: >- - Given an input prompt, it returns augmented prompt from vertex rag store - to guide LLM towards generating grounded responses. - operationId: aiplatform.projects.locations.augmentPrompt - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1AugmentPromptRequest' + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.ragCorpora.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34952,8 +50189,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1AugmentPromptResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -34965,20 +50201,23 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}:corroborateContent: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/operations: parameters: *ref_1 - post: + get: description: >- - Given an input text, it returns a score that evaluates the factuality of - the text. It also extracts and returns claims from the text and provides - supporting facts. - operationId: aiplatform.projects.locations.corroborateContent - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CorroborateContentRequest + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.ragCorpora.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -34990,8 +50229,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CorroborateContentResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -35003,19 +50241,42 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}:setIamPolicy: + - in: path + name: ragCorporaId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: aiplatform.projects.locations.featurestores.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.ragCorpora.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35027,7 +50288,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -35040,17 +50301,24 @@ paths: schema: type: string - in: path - name: featurestoresId + name: ragCorporaId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}:getIamPolicy: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/notebookExecutionJobs/{notebookExecutionJobsId}/operations/{operationsId}: parameters: *ref_1 - post: + delete: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: aiplatform.projects.locations.featurestores.getIamPolicy + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.notebookExecutionJobs.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35062,7 +50330,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -35075,25 +50343,21 @@ paths: schema: type: string - in: path - name: featurestoresId + name: notebookExecutionJobsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion + - in: path + name: operationsId + required: true schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}:testIamPermissions: - parameters: *ref_1 - post: + type: string + get: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: aiplatform.projects.locations.featurestores.testIamPermissions + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.notebookExecutionJobs.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35105,7 +50369,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -35118,24 +50382,29 @@ paths: schema: type: string - in: path - name: featurestoresId + name: notebookExecutionJobsId required: true schema: type: string - - in: query - name: permissions + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores: + /v1/projects/{projectsId}/locations/{locationsId}/notebookExecutionJobs/{notebookExecutionJobsId}/operations/{operationsId}:wait: parameters: *ref_1 post: - description: Creates a new Featurestore in a given project and location. - operationId: aiplatform.projects.locations.featurestores.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Featurestore' + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.notebookExecutionJobs.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35159,13 +50428,28 @@ paths: required: true schema: type: string + - in: path + name: notebookExecutionJobsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string - in: query - name: featurestoreId + name: timeout schema: type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/notebookExecutionJobs/{notebookExecutionJobsId}/operations: + parameters: *ref_1 get: - description: Lists Featurestores in a given project and location. - operationId: aiplatform.projects.locations.featurestores.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.notebookExecutionJobs.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35177,8 +50461,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListFeaturestoresResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -35190,33 +50473,42 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: notebookExecutionJobsId + required: true schema: type: string - in: query - name: pageSize + name: returnPartialSuccess schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: filter schema: type: string - in: query - name: orderBy + name: pageToken schema: type: string - in: query - name: readMask + name: pageSize schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/notebookExecutionJobs/{notebookExecutionJobsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: - description: Gets details of a single Featurestore. - operationId: aiplatform.projects.locations.featurestores.get + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.notebookExecutionJobs.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35228,7 +50520,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Featurestore' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -35241,18 +50533,25 @@ paths: schema: type: string - in: path - name: featurestoresId + name: notebookExecutionJobsId required: true schema: type: string - patch: - description: Updates the parameters of a single Featurestore. - operationId: aiplatform.projects.locations.featurestores.patch + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/notebookExecutionJobs: + parameters: *ref_1 + post: + description: Creates a NotebookExecutionJob. + operationId: aiplatform.projects.locations.notebookExecutionJobs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Featurestore' + $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJob' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35276,21 +50575,13 @@ paths: required: true schema: type: string - - in: path - name: featurestoresId - required: true - schema: - type: string - in: query - name: updateMask + name: notebookExecutionJobId schema: type: string - format: google-fieldmask - delete: - description: >- - Deletes a single Featurestore. The Featurestore must not contain any - EntityTypes or `force` must be set to true for the request to succeed. - operationId: aiplatform.projects.locations.featurestores.delete + get: + description: Lists NotebookExecutionJobs in a Location. + operationId: aiplatform.projects.locations.notebookExecutionJobs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35302,7 +50593,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListNotebookExecutionJobsResponse parameters: - in: path name: projectsId @@ -35314,31 +50606,32 @@ paths: required: true schema: type: string - - in: path - name: featurestoresId - required: true + - in: query + name: view schema: type: string - in: query - name: force + name: pageSize schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}:batchReadFeatureValues: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/notebookExecutionJobs/{notebookExecutionJobsId}: parameters: *ref_1 - post: - description: >- - Batch reads Feature values from a Featurestore. This API enables batch - reading Feature values, where each read instance in the batch may read - Feature values of entities from one or more EntityTypes. Point-in-time - correctness is guaranteed for Feature values of each read instance as of - each instance's read timestamp. - operationId: aiplatform.projects.locations.featurestores.batchReadFeatureValues - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchReadFeatureValuesRequest + get: + description: Gets a NotebookExecutionJob. + operationId: aiplatform.projects.locations.notebookExecutionJobs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35350,7 +50643,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJob parameters: - in: path name: projectsId @@ -35363,15 +50657,17 @@ paths: schema: type: string - in: path - name: featurestoresId + name: notebookExecutionJobsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores:searchFeatures: - parameters: *ref_1 - get: - description: Searches Features matching a query in a given project. - operationId: aiplatform.projects.locations.featurestores.searchFeatures + - in: query + name: view + schema: + type: string + delete: + description: Deletes a NotebookExecutionJob. + operationId: aiplatform.projects.locations.notebookExecutionJobs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35383,8 +50679,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SearchFeaturesResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -35396,32 +50691,21 @@ paths: required: true schema: type: string - - in: query - name: query - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: notebookExecutionJobsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}:testIamPermissions: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: aiplatform.projects.locations.featurestores.entityTypes.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: aiplatform.projects.locations.featureOnlineStores.testIamPermissions security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35433,7 +50717,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -35446,22 +50730,24 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - - in: path - name: entityTypesId - required: true + - in: query + name: permissions schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}: parameters: *ref_1 - post: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: aiplatform.projects.locations.featurestores.entityTypes.getIamPolicy + patch: + description: Updates the parameters of a single FeatureOnlineStore. + operationId: aiplatform.projects.locations.featureOnlineStores.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureOnlineStore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35473,7 +50759,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -35486,31 +50772,20 @@ paths: schema: type: string - in: path - name: featurestoresId - required: true - schema: - type: string - - in: path - name: entityTypesId + name: featureOnlineStoresId required: true schema: type: string - in: query - name: options.requestedPolicyVersion + name: updateMask schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:testIamPermissions: - parameters: *ref_1 - post: + type: string + format: google-fieldmask + delete: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: >- - aiplatform.projects.locations.featurestores.entityTypes.testIamPermissions + Deletes a single FeatureOnlineStore. The FeatureOnlineStore must not + contain any FeatureViews. + operationId: aiplatform.projects.locations.featureOnlineStores.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35522,7 +50797,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -35535,34 +50810,17 @@ paths: schema: type: string - in: path - name: featurestoresId - required: true - schema: - type: string - - in: path - name: entityTypesId + name: featureOnlineStoresId required: true schema: type: string - in: query - name: permissions + name: force schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:readFeatureValues: - parameters: *ref_1 - post: - description: >- - Reads Feature values of a specific entity of an EntityType. For reading - feature values of multiple entities of an EntityType, please use - StreamingReadFeatureValues. - operationId: >- - aiplatform.projects.locations.featurestores.entityTypes.readFeatureValues - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ReadFeatureValuesRequest + type: boolean + get: + description: Gets details of a single FeatureOnlineStore. + operationId: aiplatform.projects.locations.featureOnlineStores.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35574,8 +50832,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ReadFeatureValuesResponse + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureOnlineStore' parameters: - in: path name: projectsId @@ -35588,29 +50845,23 @@ paths: schema: type: string - in: path - name: featurestoresId - required: true - schema: - type: string - - in: path - name: entityTypesId + name: featureOnlineStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:streamingReadFeatureValues: + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}:setIamPolicy: parameters: *ref_1 post: description: >- - Reads Feature values for multiple entities. Depending on their size, - data for different entities may be broken up across multiple responses. - operationId: >- - aiplatform.projects.locations.featurestores.entityTypes.streamingReadFeatureValues + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: aiplatform.projects.locations.featureOnlineStores.setIamPolicy requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StreamingReadFeatureValuesRequest + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35622,8 +50873,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ReadFeatureValuesResponse + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -35636,31 +50886,15 @@ paths: schema: type: string - in: path - name: featurestoresId - required: true - schema: - type: string - - in: path - name: entityTypesId + name: featureOnlineStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:writeFeatureValues: + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores: parameters: *ref_1 - post: - description: >- - Writes Feature values of one or more entities of an EntityType. The - Feature values are merged into existing entities if any. The Feature - values to be written must have timestamp within the online storage - retention. - operationId: >- - aiplatform.projects.locations.featurestores.entityTypes.writeFeatureValues - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1WriteFeatureValuesRequest + get: + description: Lists FeatureOnlineStores in a given project and location. + operationId: aiplatform.projects.locations.featureOnlineStores.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35673,7 +50907,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1WriteFeatureValuesResponse + #/components/schemas/GoogleCloudAiplatformV1ListFeatureOnlineStoresResponse parameters: - in: path name: projectsId @@ -35685,26 +50919,31 @@ paths: required: true schema: type: string - - in: path - name: featurestoresId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - - in: path - name: entityTypesId - required: true + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes: - parameters: *ref_1 post: - description: Creates a new EntityType in a given Featurestore. - operationId: aiplatform.projects.locations.featurestores.entityTypes.create + description: Creates a new FeatureOnlineStore in a given project and location. + operationId: aiplatform.projects.locations.featureOnlineStores.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1EntityType' + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureOnlineStore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35728,18 +50967,17 @@ paths: required: true schema: type: string - - in: path - name: featurestoresId - required: true - schema: - type: string - in: query - name: entityTypeId + name: featureOnlineStoreId schema: type: string - get: - description: Lists EntityTypes in a given Featurestore. - operationId: aiplatform.projects.locations.featurestores.entityTypes.list + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}:getIamPolicy: + parameters: *ref_1 + post: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: aiplatform.projects.locations.featureOnlineStores.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35751,8 +50989,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListEntityTypesResponse + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -35765,37 +51002,25 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: pageSize + name: options.requestedPolicyVersion schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: readMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}: + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}: parameters: *ref_1 - get: - description: Gets details of a single EntityType. - operationId: aiplatform.projects.locations.featurestores.entityTypes.get + patch: + description: Updates the parameters of a single FeatureView. + operationId: aiplatform.projects.locations.featureOnlineStores.featureViews.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureView' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35807,7 +51032,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1EntityType' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -35820,23 +51045,23 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - in: path - name: entityTypesId + name: featureViewsId required: true schema: type: string - patch: - description: Updates the parameters of a single EntityType. - operationId: aiplatform.projects.locations.featurestores.entityTypes.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1EntityType' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets details of a single FeatureView. + operationId: aiplatform.projects.locations.featureOnlineStores.featureViews.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35848,7 +51073,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1EntityType' + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureView' parameters: - in: path name: projectsId @@ -35861,25 +51086,18 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - in: path - name: entityTypesId + name: featureViewsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask delete: - description: >- - Deletes a single EntityType. The EntityType must not have any Features - or `force` must be set to true for the request to succeed. - operationId: aiplatform.projects.locations.featurestores.entityTypes.delete + description: Deletes a single FeatureView. + operationId: aiplatform.projects.locations.featureOnlineStores.featureViews.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35904,45 +51122,29 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - in: path - name: entityTypesId + name: featureViewsId required: true schema: type: string - - in: query - name: force - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:importFeatureValues: + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}:setIamPolicy: parameters: *ref_1 post: description: >- - Imports Feature values into the Featurestore from a source storage. The - progress of the import is tracked by the returned operation. The - imported features are guaranteed to be visible to subsequent read - operations after the operation is marked as successfully done. If an - import operation fails, the Feature values returned from reads and - exports may be inconsistent. If consistency is required, the caller must - retry the same import request again and wait till the new operation - returned is marked as successfully done. There are also scenarios where - the caller can cause inconsistency. - Source data for import contains - multiple distinct Feature values for the same entity ID and timestamp. - - Source is modified during an import. This includes adding, updating, or - removing source data and/or metadata. Examples of updating metadata - include but are not limited to changing storage location, storage class, - or retention policy. - Online serving cluster is under-provisioned. + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. operationId: >- - aiplatform.projects.locations.featurestores.entityTypes.importFeatureValues + aiplatform.projects.locations.featureOnlineStores.featureViews.setIamPolicy requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ImportFeatureValuesRequest + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35954,7 +51156,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -35967,27 +51169,30 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - in: path - name: entityTypesId + name: featureViewsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:exportFeatureValues: + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}:directWrite: parameters: *ref_1 post: - description: Exports Feature values from all the entities of a target EntityType. + description: >- + Bidirectional streaming RPC to directly write to feature values in a + feature view. Requests may not have a one-to-one mapping to responses + and responses may be returned out-of-order to reduce latency. operationId: >- - aiplatform.projects.locations.featurestores.entityTypes.exportFeatureValues + aiplatform.projects.locations.featureOnlineStores.featureViews.directWrite requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ExportFeatureValuesRequest + #/components/schemas/GoogleCloudAiplatformV1FeatureViewDirectWriteRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -35999,7 +51204,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FeatureViewDirectWriteResponse parameters: - in: path name: projectsId @@ -36012,35 +51218,29 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - in: path - name: entityTypesId + name: featureViewsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:deleteFeatureValues: + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}:generateFetchAccessToken: parameters: *ref_1 post: description: >- - Delete Feature values from Featurestore. The progress of the deletion is - tracked by the returned operation. The deleted feature values are - guaranteed to be invisible to subsequent read operations after the - operation is marked as successfully done. If a delete feature values - operation fails, the feature values returned from reads and exports may - be inconsistent. If consistency is required, the caller must retry the - same delete request again and wait till the new operation returned is - marked as successfully done. + RPC to generate an access token for the given feature view. FeatureViews + under the same FeatureOnlineStore share the same access token. operationId: >- - aiplatform.projects.locations.featurestores.entityTypes.deleteFeatureValues + aiplatform.projects.locations.featureOnlineStores.featureViews.generateFetchAccessToken requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1DeleteFeatureValuesRequest + #/components/schemas/GoogleCloudAiplatformV1GenerateFetchAccessTokenRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36052,7 +51252,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateFetchAccessTokenResponse parameters: - in: path name: projectsId @@ -36065,22 +51266,30 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - in: path - name: entityTypesId + name: featureViewsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}:searchNearestEntities: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.featurestores.entityTypes.operations.list + Search the nearest entities under a FeatureView. Search only works for + indexable feature view; if a feature view isn't indexable, returns + Invalid argument response. + operationId: >- + aiplatform.projects.locations.featureOnlineStores.featureViews.searchNearestEntities + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SearchNearestEntitiesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36092,7 +51301,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SearchNearestEntitiesResponse parameters: - in: path name: projectsId @@ -36105,36 +51315,26 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - in: path - name: entityTypesId + name: featureViewsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}:sync: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.featurestores.entityTypes.operations.get + post: + description: Triggers on-demand sync for the FeatureView. + operationId: aiplatform.projects.locations.featureOnlineStores.featureViews.sync + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SyncFeatureViewRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36146,7 +51346,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SyncFeatureViewResponse parameters: - in: path name: projectsId @@ -36159,28 +51360,23 @@ paths: schema: type: string - in: path - name: featurestoresId - required: true - schema: - type: string - - in: path - name: entityTypesId + name: featureOnlineStoresId required: true schema: type: string - in: path - name: operationsId + name: featureViewsId required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}:getIamPolicy: + parameters: *ref_1 + post: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. operationId: >- - aiplatform.projects.locations.featurestores.entityTypes.operations.delete + aiplatform.projects.locations.featureOnlineStores.featureViews.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36192,7 +51388,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -36205,35 +51401,25 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - in: path - name: entityTypesId + name: featureViewsId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: options.requestedPolicyVersion schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/operations/{operationsId}:cancel: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews: parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: >- - aiplatform.projects.locations.featurestores.entityTypes.operations.cancel + get: + description: Lists FeatureViews in a given FeatureOnlineStore. + operationId: aiplatform.projects.locations.featureOnlineStores.featureViews.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36245,7 +51431,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListFeatureViewsResponse parameters: - in: path name: projectsId @@ -36258,34 +51445,35 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - - in: path - name: entityTypesId - required: true + - in: query + name: filter schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/operations/{operationsId}:wait: - parameters: *ref_1 post: - description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.featurestores.entityTypes.operations.wait + description: Creates a new FeatureView in a given FeatureOnlineStore. + operationId: aiplatform.projects.locations.featureOnlineStores.featureViews.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureView' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36310,35 +51498,30 @@ paths: schema: type: string - in: path - name: featurestoresId - required: true - schema: - type: string - - in: path - name: entityTypesId + name: featureOnlineStoresId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: featureViewId schema: type: string - in: query - name: timeout + name: runSyncImmediately schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}:fetchFeatureValues: parameters: *ref_1 post: - description: Creates a new Feature in a given EntityType. - operationId: aiplatform.projects.locations.featurestores.entityTypes.features.create + description: Fetch feature values under a FeatureView. + operationId: >- + aiplatform.projects.locations.featureOnlineStores.featureViews.fetchFeatureValues requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FetchFeatureValuesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36350,7 +51533,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FetchFeatureValuesResponse parameters: - in: path name: projectsId @@ -36363,22 +51547,26 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - in: path - name: entityTypesId + name: featureViewsId required: true schema: type: string - - in: query - name: featureId - schema: - type: string - get: - description: Lists Features in a given EntityType. - operationId: aiplatform.projects.locations.featurestores.entityTypes.features.list + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: >- + aiplatform.projects.locations.featureOnlineStores.featureViews.testIamPermissions security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36390,8 +51578,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListFeaturesResponse + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -36404,54 +51591,27 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - in: path - name: entityTypesId + name: featureViewsId required: true schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: readMask + name: permissions schema: type: string - format: google-fieldmask - - in: query - name: latestStatsCount - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features:batchCreate: + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}/operations/{operationsId}:wait: parameters: *ref_1 - post: - description: Creates a batch of Features in a given EntityType. + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. operationId: >- - aiplatform.projects.locations.featurestores.entityTypes.features.batchCreate - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchCreateFeaturesRequest + aiplatform.projects.locations.featureOnlineStores.featureViews.operations.listWait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36463,7 +51623,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -36476,20 +51636,50 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - in: path - name: entityTypesId + name: featureViewsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features/{featuresId}: - parameters: *ref_1 - get: - description: Gets details of a single Feature. - operationId: aiplatform.projects.locations.featurestores.entityTypes.features.get + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: >- + aiplatform.projects.locations.featureOnlineStores.featureViews.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36501,7 +51691,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -36514,28 +51704,35 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - in: path - name: entityTypesId + name: featureViewsId required: true schema: type: string - in: path - name: featuresId + name: operationsId required: true schema: type: string - patch: - description: Updates the parameters of a single Feature. - operationId: aiplatform.projects.locations.featurestores.entityTypes.features.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: >- + aiplatform.projects.locations.featureOnlineStores.featureViews.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36547,7 +51744,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -36560,28 +51757,27 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - in: path - name: entityTypesId + name: featureViewsId required: true schema: type: string - in: path - name: featuresId + name: operationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a single Feature. - operationId: aiplatform.projects.locations.featurestores.entityTypes.features.delete + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: >- + aiplatform.projects.locations.featureOnlineStores.featureViews.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36606,28 +51802,26 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - in: path - name: entityTypesId + name: featureViewsId required: true schema: type: string - in: path - name: featuresId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features/{featuresId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}/featureViewSyncs/{featureViewSyncsId}: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. + description: Gets details of a single FeatureViewSync. operationId: >- - aiplatform.projects.locations.featurestores.entityTypes.features.operations.list + aiplatform.projects.locations.featureOnlineStores.featureViews.featureViewSyncs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36639,7 +51833,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureViewSync' parameters: - in: path name: projectsId @@ -36652,42 +51846,26 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - in: path - name: entityTypesId + name: featureViewsId required: true schema: type: string - in: path - name: featuresId + name: featureViewSyncsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features/{featuresId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}/featureViewSyncs: parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. + description: Lists FeatureViewSyncs in a given FeatureView. operationId: >- - aiplatform.projects.locations.featurestores.entityTypes.features.operations.get + aiplatform.projects.locations.featureOnlineStores.featureViews.featureViewSyncs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36699,7 +51877,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListFeatureViewSyncsResponse parameters: - in: path name: projectsId @@ -36712,33 +51891,40 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - in: path - name: entityTypesId + name: featureViewsId required: true schema: type: string - - in: path - name: featuresId - required: true + - in: query + name: pageToken + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageSize schema: - type: string - - in: path - name: operationsId - required: true + type: integer + format: int32 + - in: query + name: filter schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/operations/{operationsId}: + parameters: *ref_1 + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: >- - aiplatform.projects.locations.featurestores.entityTypes.features.operations.delete + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.featureOnlineStores.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36750,7 +51936,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -36763,17 +51949,7 @@ paths: schema: type: string - in: path - name: featurestoresId - required: true - schema: - type: string - - in: path - name: entityTypesId - required: true - schema: - type: string - - in: path - name: featuresId + name: featureOnlineStoresId required: true schema: type: string @@ -36782,21 +51958,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features/{featuresId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: + delete: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: >- - aiplatform.projects.locations.featurestores.entityTypes.features.operations.cancel + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.featureOnlineStores.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36821,17 +51989,7 @@ paths: schema: type: string - in: path - name: featurestoresId - required: true - schema: - type: string - - in: path - name: entityTypesId - required: true - schema: - type: string - - in: path - name: featuresId + name: featureOnlineStoresId required: true schema: type: string @@ -36840,7 +51998,7 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features/{featuresId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- @@ -36853,8 +52011,7 @@ paths: best-effort basis. It may return the latest state before the specified timeout (including immediately), meaning even an immediate response is no guarantee that the operation is done. - operationId: >- - aiplatform.projects.locations.featurestores.entityTypes.features.operations.wait + operationId: aiplatform.projects.locations.featureOnlineStores.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36879,17 +52036,7 @@ paths: schema: type: string - in: path - name: featurestoresId - required: true - schema: - type: string - - in: path - name: entityTypesId - required: true - schema: - type: string - - in: path - name: featuresId + name: featureOnlineStoresId required: true schema: type: string @@ -36903,13 +52050,11 @@ paths: schema: type: string format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/operations: - parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.featurestores.operations.list + operationId: aiplatform.projects.locations.featureOnlineStores.operations.listWait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36934,12 +52079,13 @@ paths: schema: type: string - in: path - name: featurestoresId + name: featureOnlineStoresId required: true schema: type: string - - in: query - name: filter + - in: path + name: operationsId + required: true schema: type: string - in: query @@ -36947,18 +52093,61 @@ paths: schema: type: integer format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/ragEngineConfig/operations/{operationsId}: parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.ragEngineConfig.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string get: description: >- Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: aiplatform.projects.locations.featurestores.operations.get + operationId: aiplatform.projects.locations.ragEngineConfig.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -36982,23 +52171,18 @@ paths: required: true schema: type: string - - in: path - name: featurestoresId - required: true - schema: - type: string - in: path name: operationsId required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/ragEngineConfig/operations: + parameters: *ref_1 + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.featurestores.operations.delete + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.ragEngineConfig.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37010,7 +52194,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -37022,17 +52206,24 @@ paths: required: true schema: type: string - - in: path - name: featurestoresId - required: true + - in: query + name: filter schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/ragEngineConfig/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- @@ -37045,7 +52236,7 @@ paths: cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.featurestores.operations.cancel + operationId: aiplatform.projects.locations.ragEngineConfig.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37069,17 +52260,12 @@ paths: required: true schema: type: string - - in: path - name: featurestoresId - required: true - schema: - type: string - in: path name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/ragEngineConfig/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- @@ -37092,7 +52278,7 @@ paths: best-effort basis. It may return the latest state before the specified timeout (including immediately), meaning even an immediate response is no guarantee that the operation is done. - operationId: aiplatform.projects.locations.featurestores.operations.wait + operationId: aiplatform.projects.locations.ragEngineConfig.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37116,11 +52302,6 @@ paths: required: true schema: type: string - - in: path - name: featurestoresId - required: true - schema: - type: string - in: path name: operationsId required: true @@ -37131,19 +52312,14 @@ paths: schema: type: string format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/deploymentResourcePools/{deploymentResourcePoolsId}/operations/{operationsId}: parameters: *ref_1 - post: + get: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: aiplatform.projects.locations.models.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.deploymentResourcePools.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37155,7 +52331,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -37168,17 +52344,22 @@ paths: schema: type: string - in: path - name: modelsId + name: deploymentResourcePoolsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:getIamPolicy: - parameters: *ref_1 - post: + - in: path + name: operationsId + required: true + schema: + type: string + delete: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: aiplatform.projects.locations.models.getIamPolicy + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.deploymentResourcePools.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37190,7 +52371,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -37203,25 +52384,29 @@ paths: schema: type: string - in: path - name: modelsId + name: deploymentResourcePoolsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion + - in: path + name: operationsId + required: true schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:testIamPermissions: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/deploymentResourcePools/{deploymentResourcePoolsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: aiplatform.projects.locations.models.testIamPermissions + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.deploymentResourcePools.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37233,7 +52418,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -37246,24 +52431,22 @@ paths: schema: type: string - in: path - name: modelsId + name: deploymentResourcePoolsId required: true schema: type: string - - in: query - name: permissions + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/models:upload: + /v1/projects/{projectsId}/locations/{locationsId}/deploymentResourcePools/{deploymentResourcePoolsId}/operations: parameters: *ref_1 - post: - description: Uploads a Model artifact into Vertex AI. - operationId: aiplatform.projects.locations.models.upload - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1UploadModelRequest' + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.deploymentResourcePools.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37275,7 +52458,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -37287,11 +52470,42 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}: + - in: path + name: deploymentResourcePoolsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/deploymentResourcePools/{deploymentResourcePoolsId}/operations/{operationsId}:wait: parameters: *ref_1 - get: - description: Gets a Model. - operationId: aiplatform.projects.locations.models.get + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.deploymentResourcePools.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37303,7 +52517,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Model' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -37316,18 +52530,31 @@ paths: schema: type: string - in: path - name: modelsId + name: deploymentResourcePoolsId + required: true + schema: + type: string + - in: path + name: operationsId required: true schema: type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/deploymentResourcePools/{deploymentResourcePoolsId}: + parameters: *ref_1 patch: - description: Updates a Model. - operationId: aiplatform.projects.locations.models.patch + description: Update a DeploymentResourcePool. + operationId: aiplatform.projects.locations.deploymentResourcePools.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Model' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1DeploymentResourcePool security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37339,7 +52566,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Model' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -37352,7 +52579,7 @@ paths: schema: type: string - in: path - name: modelsId + name: deploymentResourcePoolsId required: true schema: type: string @@ -37361,11 +52588,9 @@ paths: schema: type: string format: google-fieldmask - delete: - description: >- - Deletes a Model. A model cannot be deleted if any Endpoint resource has - a DeployedModel based on the model in its deployed_models field. - operationId: aiplatform.projects.locations.models.delete + get: + description: Get a DeploymentResourcePool. + operationId: aiplatform.projects.locations.deploymentResourcePools.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37377,7 +52602,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1DeploymentResourcePool parameters: - in: path name: projectsId @@ -37390,15 +52616,13 @@ paths: schema: type: string - in: path - name: modelsId + name: deploymentResourcePoolsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/models: - parameters: *ref_1 - get: - description: Lists Models in a Location. - operationId: aiplatform.projects.locations.models.list + delete: + description: Delete a DeploymentResourcePool. + operationId: aiplatform.projects.locations.deploymentResourcePools.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37410,7 +52634,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ListModelsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -37422,33 +52646,19 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: readMask - schema: - type: string - format: google-fieldmask - - in: query - name: orderBy + - in: path + name: deploymentResourcePoolsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:listVersions: + /v1/projects/{projectsId}/locations/{locationsId}/deploymentResourcePools/{deploymentResourcePoolsId}:queryDeployedModels: parameters: *ref_1 get: - description: Lists versions of the specified model. - operationId: aiplatform.projects.locations.models.listVersions + description: >- + List DeployedModels that have been deployed on this + DeploymentResourcePool. + operationId: >- + aiplatform.projects.locations.deploymentResourcePools.queryDeployedModels security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37461,7 +52671,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListModelVersionsResponse + #/components/schemas/GoogleCloudAiplatformV1QueryDeployedModelsResponse parameters: - in: path name: projectsId @@ -37474,7 +52684,7 @@ paths: schema: type: string - in: path - name: modelsId + name: deploymentResourcePoolsId required: true schema: type: string @@ -37487,24 +52697,11 @@ paths: name: pageToken schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: readMask - schema: - type: string - format: google-fieldmask - - in: query - name: orderBy - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:listCheckpoints: + /v1/projects/{projectsId}/locations/{locationsId}/deploymentResourcePools: parameters: *ref_1 get: - description: Lists checkpoints of the specified model version. - operationId: aiplatform.projects.locations.models.listCheckpoints + description: List DeploymentResourcePools in a location. + operationId: aiplatform.projects.locations.deploymentResourcePools.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37517,7 +52714,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListModelVersionCheckpointsResponse + #/components/schemas/GoogleCloudAiplatformV1ListDeploymentResourcePoolsResponse parameters: - in: path name: projectsId @@ -37529,9 +52726,8 @@ paths: required: true schema: type: string - - in: path - name: modelsId - required: true + - in: query + name: pageToken schema: type: string - in: query @@ -37539,21 +52735,15 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:updateExplanationDataset: - parameters: *ref_1 post: - description: Incrementally update the dataset used for an examples model. - operationId: aiplatform.projects.locations.models.updateExplanationDataset + description: Create a DeploymentResourcePool. + operationId: aiplatform.projects.locations.deploymentResourcePools.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1UpdateExplanationDatasetRequest + #/components/schemas/GoogleCloudAiplatformV1CreateDeploymentResourcePoolRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37577,19 +52767,63 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/batchPredictionJobs: + parameters: *ref_1 + get: + description: Lists BatchPredictionJobs in a Location. + operationId: aiplatform.projects.locations.batchPredictionJobs.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListBatchPredictionJobsResponse + parameters: - in: path - name: modelsId + name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:deleteVersion: - parameters: *ref_1 - delete: + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + post: description: >- - Deletes a Model version. Model version can only be deleted if there are - no DeployedModels created from it. Deleting the only version in the - Model is not allowed. Use DeleteModel for deleting the Model instead. - operationId: aiplatform.projects.locations.models.deleteVersion + Creates a BatchPredictionJob. A BatchPredictionJob once created will + right away be attempted to start. + operationId: aiplatform.projects.locations.batchPredictionJobs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1BatchPredictionJob' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37601,7 +52835,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1BatchPredictionJob' parameters: - in: path name: projectsId @@ -37613,22 +52847,11 @@ paths: required: true schema: type: string - - in: path - name: modelsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:mergeVersionAliases: + /v1/projects/{projectsId}/locations/{locationsId}/batchPredictionJobs/{batchPredictionJobsId}: parameters: *ref_1 - post: - description: Merges a set of aliases for a Model version. - operationId: aiplatform.projects.locations.models.mergeVersionAliases - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1MergeVersionAliasesRequest + get: + description: Gets a BatchPredictionJob + operationId: aiplatform.projects.locations.batchPredictionJobs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37640,7 +52863,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Model' + $ref: '#/components/schemas/GoogleCloudAiplatformV1BatchPredictionJob' parameters: - in: path name: projectsId @@ -37653,23 +52876,15 @@ paths: schema: type: string - in: path - name: modelsId + name: batchPredictionJobsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:export: - parameters: *ref_1 - post: + delete: description: >- - Exports a trained, exportable Model to a location specified by the user. - A Model is considered to be exportable if it has at least one supported - export format. - operationId: aiplatform.projects.locations.models.export - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExportModelRequest' + Deletes a BatchPredictionJob. Can only be called on jobs that already + finished. + operationId: aiplatform.projects.locations.batchPredictionJobs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37694,25 +52909,29 @@ paths: schema: type: string - in: path - name: modelsId + name: batchPredictionJobsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/models:copy: + /v1/projects/{projectsId}/locations/{locationsId}/batchPredictionJobs/{batchPredictionJobsId}:cancel: parameters: *ref_1 post: description: >- - Copies an already existing Vertex AI Model into the specified Location. - The source Model must exist in the same Project. When copying custom - Models, the users themselves are responsible for Model.metadata content - to be region-agnostic, as well as making sure that any resources (e.g. - files) it depends on remain accessible. - operationId: aiplatform.projects.locations.models.copy + Cancels a BatchPredictionJob. Starts asynchronous cancellation on the + BatchPredictionJob. The server makes the best effort to cancel the job, + but success is not guaranteed. Clients can use + JobService.GetBatchPredictionJob or other methods to check whether the + cancellation succeeded or whether the job completed despite + cancellation. On a successful cancellation, the BatchPredictionJob is + not deleted;instead its BatchPredictionJob.state is set to `CANCELLED`. + Any files already outputted by the job are not deleted. + operationId: aiplatform.projects.locations.batchPredictionJobs.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CopyModelRequest' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CancelBatchPredictionJobRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37724,7 +52943,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -37736,13 +52955,25 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/operations: + - in: path + name: batchPredictionJobsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.models.operations.list + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37754,7 +52985,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -37767,31 +52998,19 @@ paths: schema: type: string - in: path - name: modelsId + name: operationsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - get: + delete: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.models.operations.get + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37803,7 +53022,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -37815,23 +53034,17 @@ paths: required: true schema: type: string - - in: path - name: modelsId - required: true - schema: - type: string - in: path name: operationsId required: true schema: type: string - delete: + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.models.operations.delete + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37843,7 +53056,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -37855,30 +53068,25 @@ paths: required: true schema: type: string - - in: path - name: modelsId - required: true - schema: - type: string - in: path name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.models.operations.cancel + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37890,7 +53098,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -37903,29 +53111,22 @@ paths: schema: type: string - in: path - name: modelsId + name: operationsId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: timeout schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/operations/{operationsId}:wait: + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 - post: + get: description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.models.operations.wait + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37937,7 +53138,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -37949,32 +53150,32 @@ paths: required: true schema: type: string - - in: path - name: modelsId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: operationsId - required: true + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - in: query - name: timeout + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter schema: type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations:import: + /v1/projects/{projectsId}/locations/{locationsId}/persistentResources/{persistentResourcesId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Imports an externally generated ModelEvaluation. - operationId: aiplatform.projects.locations.models.evaluations.import - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ImportModelEvaluationRequest + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.persistentResources.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -37986,7 +53187,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelEvaluation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -37999,15 +53200,21 @@ paths: schema: type: string - in: path - name: modelsId + name: persistentResourcesId + required: true + schema: + type: string + - in: path + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations/{evaluationsId}: - parameters: *ref_1 get: - description: Gets a ModelEvaluation. - operationId: aiplatform.projects.locations.models.evaluations.get + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.persistentResources.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38019,7 +53226,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelEvaluation' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -38032,20 +53239,29 @@ paths: schema: type: string - in: path - name: modelsId + name: persistentResourcesId required: true schema: type: string - in: path - name: evaluationsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations: + /v1/projects/{projectsId}/locations/{locationsId}/persistentResources/{persistentResourcesId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: - description: Lists ModelEvaluations in a Model. - operationId: aiplatform.projects.locations.models.evaluations.list + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.persistentResources.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38057,8 +53273,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListModelEvaluationsResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -38071,35 +53286,22 @@ paths: schema: type: string - in: path - name: modelsId + name: persistentResourcesId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: readMask + - in: path + name: operationsId + required: true schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations/{evaluationsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/persistentResources/{persistentResourcesId}/operations: parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.models.evaluations.operations.list + operationId: aiplatform.projects.locations.persistentResources.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38124,12 +53326,7 @@ paths: schema: type: string - in: path - name: modelsId - required: true - schema: - type: string - - in: path - name: evaluationsId + name: persistentResourcesId required: true schema: type: string @@ -38137,6 +53334,10 @@ paths: name: filter schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: pageSize schema: @@ -38146,14 +53347,20 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations/{evaluationsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/persistentResources/{persistentResourcesId}/operations/{operationsId}:wait: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.models.evaluations.operations.get + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.persistentResources.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38178,27 +53385,25 @@ paths: schema: type: string - in: path - name: modelsId + name: persistentResourcesId required: true schema: type: string - in: path - name: evaluationsId + name: operationsId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: timeout schema: type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/persistentResources/{persistentResourcesId}: + parameters: *ref_1 delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.models.evaluations.operations.delete + description: Deletes a PersistentResource. + operationId: aiplatform.projects.locations.persistentResources.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38210,7 +53415,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -38223,34 +53428,13 @@ paths: schema: type: string - in: path - name: modelsId - required: true - schema: - type: string - - in: path - name: evaluationsId - required: true - schema: - type: string - - in: path - name: operationsId + name: persistentResourcesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations/{evaluationsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.models.evaluations.operations.cancel + get: + description: Gets a PersistentResource. + operationId: aiplatform.projects.locations.persistentResources.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38262,7 +53446,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudAiplatformV1PersistentResource' parameters: - in: path name: projectsId @@ -38275,34 +53459,18 @@ paths: schema: type: string - in: path - name: modelsId - required: true - schema: - type: string - - in: path - name: evaluationsId - required: true - schema: - type: string - - in: path - name: operationsId + name: persistentResourcesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations/{evaluationsId}/operations/{operationsId}:wait: - parameters: *ref_1 - post: - description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.models.evaluations.operations.wait + patch: + description: Updates a PersistentResource. + operationId: aiplatform.projects.locations.persistentResources.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PersistentResource' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38327,36 +53495,26 @@ paths: schema: type: string - in: path - name: modelsId - required: true - schema: - type: string - - in: path - name: evaluationsId - required: true - schema: - type: string - - in: path - name: operationsId + name: persistentResourcesId required: true schema: type: string - in: query - name: timeout + name: updateMask schema: type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations/{evaluationsId}/slices/{slicesId}:batchImport: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/persistentResources/{persistentResourcesId}:reboot: parameters: *ref_1 post: - description: Imports a list of externally generated EvaluatedAnnotations. - operationId: aiplatform.projects.locations.models.evaluations.slices.batchImport + description: Reboots a PersistentResource. + operationId: aiplatform.projects.locations.persistentResources.reboot requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchImportEvaluatedAnnotationsRequest + #/components/schemas/GoogleCloudAiplatformV1RebootPersistentResourceRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38368,8 +53526,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchImportEvaluatedAnnotationsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -38382,25 +53539,50 @@ paths: schema: type: string - in: path - name: modelsId + name: persistentResourcesId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/persistentResources: + parameters: *ref_1 + post: + description: Creates a PersistentResource. + operationId: aiplatform.projects.locations.persistentResources.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PersistentResource' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: - in: path - name: evaluationsId + name: projectsId required: true schema: type: string - in: path - name: slicesId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations/{evaluationsId}/slices/{slicesId}: - parameters: *ref_1 + - in: query + name: persistentResourceId + schema: + type: string get: - description: Gets a ModelEvaluationSlice. - operationId: aiplatform.projects.locations.models.evaluations.slices.get + description: Lists PersistentResources in a Location. + operationId: aiplatform.projects.locations.persistentResources.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38413,7 +53595,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelEvaluationSlice + #/components/schemas/GoogleCloudAiplatformV1ListPersistentResourcesResponse parameters: - in: path name: projectsId @@ -38425,26 +53607,29 @@ paths: required: true schema: type: string - - in: path - name: modelsId - required: true - schema: - type: string - - in: path - name: evaluationsId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: slicesId - required: true + - in: query + name: pageSize schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations/{evaluationsId}/slices: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/migratableResources:search: parameters: *ref_1 - get: - description: Lists ModelEvaluationSlices in a ModelEvaluation. - operationId: aiplatform.projects.locations.models.evaluations.slices.list + post: + description: >- + Searches all of the resources in automl.googleapis.com, + datalabeling.googleapis.com and ml.googleapis.com that can be migrated + to Vertex AI's given location. + operationId: aiplatform.projects.locations.migratableResources.search + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SearchMigratableResourcesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38457,7 +53642,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListModelEvaluationSlicesResponse + #/components/schemas/GoogleCloudAiplatformV1SearchMigratableResourcesResponse parameters: - in: path name: projectsId @@ -38469,47 +53654,19 @@ paths: required: true schema: type: string - - in: path - name: modelsId - required: true - schema: - type: string - - in: path - name: evaluationsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: readMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/migratableResources:batchMigrate: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: aiplatform.projects.locations.notebookRuntimeTemplates.setIamPolicy + Batch migrates resources from ml.googleapis.com, automl.googleapis.com, + and datalabeling.googleapis.com to Vertex AI. + operationId: aiplatform.projects.locations.migratableResources.batchMigrate requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1BatchMigrateResourcesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38521,7 +53678,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -38533,18 +53690,15 @@ paths: required: true schema: type: string - - in: path - name: notebookRuntimeTemplatesId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/migratableResources/{migratableResourcesId}/operations/{operationsId}: parameters: *ref_1 - post: + delete: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: aiplatform.projects.locations.notebookRuntimeTemplates.getIamPolicy + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.migratableResources.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38556,7 +53710,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -38569,26 +53723,21 @@ paths: schema: type: string - in: path - name: notebookRuntimeTemplatesId + name: migratableResourcesId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion + - in: path + name: operationsId + required: true schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}:testIamPermissions: - parameters: *ref_1 - post: + type: string + get: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: >- - aiplatform.projects.locations.notebookRuntimeTemplates.testIamPermissions + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.migratableResources.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38600,7 +53749,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -38613,25 +53762,29 @@ paths: schema: type: string - in: path - name: notebookRuntimeTemplatesId + name: migratableResourcesId required: true schema: type: string - - in: query - name: permissions + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates: + /v1/projects/{projectsId}/locations/{locationsId}/migratableResources/{migratableResourcesId}/operations/{operationsId}:wait: parameters: *ref_1 post: - description: Creates a NotebookRuntimeTemplate. - operationId: aiplatform.projects.locations.notebookRuntimeTemplates.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NotebookRuntimeTemplate + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.migratableResources.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38655,13 +53808,35 @@ paths: required: true schema: type: string + - in: path + name: migratableResourcesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string - in: query - name: notebookRuntimeTemplateId + name: timeout schema: type: string - get: - description: Lists NotebookRuntimeTemplates in a Location. - operationId: aiplatform.projects.locations.notebookRuntimeTemplates.list + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/migratableResources/{migratableResourcesId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.migratableResources.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38673,8 +53848,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListNotebookRuntimeTemplatesResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -38686,33 +53860,23 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: readMask + - in: path + name: migratableResourcesId + required: true schema: type: string - format: google-fieldmask - - in: query - name: orderBy + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}: + /v1/projects/{projectsId}/locations/{locationsId}/migratableResources/{migratableResourcesId}/operations: parameters: *ref_1 get: - description: Gets a NotebookRuntimeTemplate. - operationId: aiplatform.projects.locations.notebookRuntimeTemplates.get + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.migratableResources.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38724,8 +53888,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NotebookRuntimeTemplate + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -38738,13 +53901,32 @@ paths: schema: type: string - in: path - name: notebookRuntimeTemplatesId + name: migratableResourcesId required: true schema: type: string - delete: - description: Deletes a NotebookRuntimeTemplate. - operationId: aiplatform.projects.locations.notebookRuntimeTemplates.delete + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}: + parameters: *ref_1 + get: + description: Gets an Endpoint. + operationId: aiplatform.projects.locations.endpoints.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38756,7 +53938,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Endpoint' parameters: - in: path name: projectsId @@ -38769,19 +53951,18 @@ paths: schema: type: string - in: path - name: notebookRuntimeTemplatesId + name: endpointsId required: true schema: type: string patch: - description: Updates a NotebookRuntimeTemplate. - operationId: aiplatform.projects.locations.notebookRuntimeTemplates.patch + description: Updates an Endpoint. + operationId: aiplatform.projects.locations.endpoints.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NotebookRuntimeTemplate + $ref: '#/components/schemas/GoogleCloudAiplatformV1Endpoint' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38793,8 +53974,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NotebookRuntimeTemplate + $ref: '#/components/schemas/GoogleCloudAiplatformV1Endpoint' parameters: - in: path name: projectsId @@ -38807,7 +53987,7 @@ paths: schema: type: string - in: path - name: notebookRuntimeTemplatesId + name: endpointsId required: true schema: type: string @@ -38816,13 +53996,9 @@ paths: schema: type: string format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.notebookRuntimeTemplates.operations.list + delete: + description: Deletes an Endpoint. + operationId: aiplatform.projects.locations.endpoints.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38834,7 +54010,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -38847,31 +54023,15 @@ paths: schema: type: string - in: path - name: notebookRuntimeTemplatesId + name: endpointsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints: parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.notebookRuntimeTemplates.operations.get + description: Lists Endpoints in a Location. + operationId: aiplatform.projects.locations.endpoints.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38883,7 +54043,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListEndpointsResponse parameters: - in: path name: projectsId @@ -38895,23 +54056,40 @@ paths: required: true schema: type: string - - in: path - name: notebookRuntimeTemplatesId - required: true + - in: query + name: filter schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: orderBy schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.notebookRuntimeTemplates.operations.delete + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + - in: query + name: gdcZone + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates an Endpoint. + operationId: aiplatform.projects.locations.endpoints.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Endpoint' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -38923,7 +54101,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -38935,42 +54113,38 @@ paths: required: true schema: type: string - - in: path - name: notebookRuntimeTemplatesId - required: true - schema: - type: string - - in: path - name: operationsId - required: true + - in: query + name: endpointId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:generateContent: parameters: *ref_1 post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.notebookRuntimeTemplates.operations.cancel + description: Generate content with multimodal inputs. + operationId: aiplatform.projects.locations.endpoints.generateContent + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateContentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponse parameters: - in: path name: projectsId @@ -38983,41 +54157,36 @@ paths: schema: type: string - in: path - name: notebookRuntimeTemplatesId - required: true - schema: - type: string - - in: path - name: operationsId + name: endpointsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:predict: parameters: *ref_1 post: - description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.notebookRuntimeTemplates.operations.wait + description: Perform an online prediction. + operationId: aiplatform.projects.locations.endpoints.predict + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictResponse' parameters: - in: path name: projectsId @@ -39030,45 +54199,39 @@ paths: schema: type: string - in: path - name: notebookRuntimeTemplatesId - required: true - schema: - type: string - - in: path - name: operationsId + name: endpointsId required: true schema: type: string - - in: query - name: timeout - schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:directPredict: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: aiplatform.projects.locations.featureOnlineStores.setIamPolicy + Perform an unary online prediction request to a gRPC model server for + Vertex first-party products and frameworks. + operationId: aiplatform.projects.locations.endpoints.directPredict requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + $ref: '#/components/schemas/GoogleCloudAiplatformV1DirectPredictRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1DirectPredictResponse parameters: - in: path name: projectsId @@ -39081,29 +54244,40 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId + name: endpointsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:directRawPredict: parameters: *ref_1 post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: aiplatform.projects.locations.featureOnlineStores.getIamPolicy + Perform an unary online prediction request to a gRPC model server for + custom containers. + operationId: aiplatform.projects.locations.endpoints.directRawPredict + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1DirectRawPredictRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1DirectRawPredictResponse parameters: - in: path name: projectsId @@ -39116,37 +54290,37 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId + name: endpointsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:streamRawPredict: parameters: *ref_1 post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: aiplatform.projects.locations.featureOnlineStores.testIamPermissions + description: Perform a streaming online prediction with an arbitrary HTTP payload. + operationId: aiplatform.projects.locations.endpoints.streamRawPredict + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1StreamRawPredictRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: projectsId @@ -39159,36 +54333,41 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId + name: endpointsId required: true schema: type: string - - in: query - name: permissions - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:rawPredict: parameters: *ref_1 post: - description: Creates a new FeatureOnlineStore in a given project and location. - operationId: aiplatform.projects.locations.featureOnlineStores.create + description: >- + Perform an online prediction with an arbitrary HTTP payload. The + response includes the following HTTP headers: * + `X-Vertex-AI-Endpoint-Id`: ID of the Endpoint that served this + prediction. * `X-Vertex-AI-Deployed-Model-Id`: ID of the Endpoint's + DeployedModel that served this prediction. + operationId: aiplatform.projects.locations.endpoints.rawPredict requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureOnlineStore' + $ref: '#/components/schemas/GoogleCloudAiplatformV1RawPredictRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: projectsId @@ -39200,13 +54379,21 @@ paths: required: true schema: type: string - - in: query - name: featureOnlineStoreId + - in: path + name: endpointsId + required: true schema: type: string - get: - description: Lists FeatureOnlineStores in a given project and location. - operationId: aiplatform.projects.locations.featureOnlineStores.list + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:computeTokens: + parameters: *ref_1 + post: + description: Return a list of tokens based on the input text. + operationId: aiplatform.projects.locations.endpoints.computeTokens + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ComputeTokensRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -39219,7 +54406,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListFeatureOnlineStoresResponse + #/components/schemas/GoogleCloudAiplatformV1ComputeTokensResponse parameters: - in: path name: projectsId @@ -39231,40 +54418,41 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy + - in: path + name: endpointsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:serverStreamingPredict: parameters: *ref_1 - get: - description: Gets details of a single FeatureOnlineStore. - operationId: aiplatform.projects.locations.featureOnlineStores.get + post: + description: >- + Perform a server-side streaming online prediction request for Vertex LLM + streaming. + operationId: aiplatform.projects.locations.endpoints.serverStreamingPredict + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1StreamingPredictRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureOnlineStore' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1StreamingPredictResponse parameters: - in: path name: projectsId @@ -39277,18 +54465,25 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId + name: endpointsId required: true schema: type: string - patch: - description: Updates the parameters of a single FeatureOnlineStore. - operationId: aiplatform.projects.locations.featureOnlineStores.patch + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:mutateDeployedModel: + parameters: *ref_1 + post: + description: >- + Updates an existing deployed model. Updatable fields include + `min_replica_count`, `max_replica_count`, `required_replica_count`, + `autoscaling_metric_specs`, `disable_container_logging` (v1 only), and + `enable_container_logging` (v1beta1 only). + operationId: aiplatform.projects.locations.endpoints.mutateDeployedModel requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureOnlineStore' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MutateDeployedModelRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -39313,20 +54508,20 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId + name: endpointsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: >- - Deletes a single FeatureOnlineStore. The FeatureOnlineStore must not - contain any FeatureViews. - operationId: aiplatform.projects.locations.featureOnlineStores.delete + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:countTokens: + parameters: *ref_1 + post: + description: Perform a token counting. + operationId: aiplatform.projects.locations.endpoints.countTokens + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CountTokensRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -39338,7 +54533,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CountTokensResponse parameters: - in: path name: projectsId @@ -39351,40 +54547,37 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId + name: endpointsId required: true schema: type: string - - in: query - name: force - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:predictLongRunning: parameters: *ref_1 post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: >- - aiplatform.projects.locations.featureOnlineStores.featureViews.setIamPolicy + description: '' + operationId: aiplatform.projects.locations.endpoints.predictLongRunning requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PredictLongRunningRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -39397,35 +54590,37 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId - required: true - schema: - type: string - - in: path - name: featureViewsId + name: endpointsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:fetchPredictOperation: parameters: *ref_1 post: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: >- - aiplatform.projects.locations.featureOnlineStores.featureViews.getIamPolicy + description: Fetch an asynchronous online prediction operation. + operationId: aiplatform.projects.locations.endpoints.fetchPredictOperation + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FetchPredictOperationRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -39438,43 +54633,40 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId - required: true - schema: - type: string - - in: path - name: featureViewsId + name: endpointsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:explain: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: >- - aiplatform.projects.locations.featureOnlineStores.featureViews.testIamPermissions + Perform an online explanation. If deployed_model_id is specified, the + corresponding DeployModel must have explanation_spec populated. If + deployed_model_id is not specified, all DeployedModels must have + explanation_spec populated. + operationId: aiplatform.projects.locations.endpoints.explain + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplainRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplainResponse' parameters: - in: path name: projectsId @@ -39487,29 +54679,21 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId - required: true - schema: - type: string - - in: path - name: featureViewsId + name: endpointsId required: true schema: type: string - - in: query - name: permissions - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:update: parameters: *ref_1 post: - description: Creates a new FeatureView in a given FeatureOnlineStore. - operationId: aiplatform.projects.locations.featureOnlineStores.featureViews.create + description: Updates an Endpoint with a long running operation. + operationId: aiplatform.projects.locations.endpoints.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureView' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1UpdateEndpointLongRunningRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -39534,26 +54718,30 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId + name: endpointsId required: true schema: type: string - - in: query - name: featureViewId - schema: - type: string - - in: query - name: runSyncImmediately - schema: - type: boolean - get: - description: Lists FeatureViews in a given FeatureOnlineStore. - operationId: aiplatform.projects.locations.featureOnlineStores.featureViews.list + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:streamGenerateContent: + parameters: *ref_1 + post: + description: Generate content with multimodal inputs with streaming support. + operationId: aiplatform.projects.locations.endpoints.streamGenerateContent + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateContentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response @@ -39561,7 +54749,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListFeatureViewsResponse + #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponse parameters: - in: path name: projectsId @@ -39574,32 +54762,22 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId + name: endpointsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:undeployModel: parameters: *ref_1 - get: - description: Gets details of a single FeatureView. - operationId: aiplatform.projects.locations.featureOnlineStores.featureViews.get + post: + description: >- + Undeploys a Model from an Endpoint, removing a DeployedModel from it, + and freeing all resources it's using. + operationId: aiplatform.projects.locations.endpoints.undeployModel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1UndeployModelRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -39611,7 +54789,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureView' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -39624,23 +54802,20 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId - required: true - schema: - type: string - - in: path - name: featureViewsId + name: endpointsId required: true schema: type: string - patch: - description: Updates the parameters of a single FeatureView. - operationId: aiplatform.projects.locations.featureOnlineStores.featureViews.patch + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:deployModel: + parameters: *ref_1 + post: + description: Deploys a Model into this Endpoint, creating a DeployedModel within it. + operationId: aiplatform.projects.locations.endpoints.deployModel requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureView' + $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployModelRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -39665,35 +54840,36 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId - required: true - schema: - type: string - - in: path - name: featureViewsId + name: endpointsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a single FeatureView. - operationId: aiplatform.projects.locations.featureOnlineStores.featureViews.delete + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}/chat/completions: + parameters: *ref_1 + post: + description: Exposes an OpenAI-compatible endpoint for chat completions. + operationId: aiplatform.projects.locations.endpoints.chat.completions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleApiHttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: projectsId @@ -39706,39 +54882,39 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId - required: true - schema: - type: string - - in: path - name: featureViewsId + name: endpointsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}:sync: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/google/science/inference: parameters: *ref_1 post: - description: Triggers on-demand sync for the FeatureView. - operationId: aiplatform.projects.locations.featureOnlineStores.featureViews.sync + description: >- + Forwards arbitrary HTTP requests for both streaming and non-streaming + cases. To use this method, invoke_route_prefix must be set to allow the + paths that will be specified in the request. + operationId: aiplatform.projects.locations.endpoints.google.science.inference requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SyncFeatureViewRequest + $ref: '#/components/schemas/GoogleApiHttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SyncFeatureViewResponse + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: projectsId @@ -39750,28 +54926,19 @@ paths: required: true schema: type: string - - in: path - name: featureOnlineStoresId - required: true - schema: - type: string - - in: path - name: featureViewsId - required: true + - in: query + name: deployedModelId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}:fetchFeatureValues: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Fetch feature values under a FeatureView. - operationId: >- - aiplatform.projects.locations.featureOnlineStores.featureViews.fetchFeatureValues - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FetchFeatureValuesRequest + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.endpoints.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -39783,8 +54950,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FetchFeatureValuesResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -39797,30 +54963,21 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId + name: endpointsId required: true schema: type: string - in: path - name: featureViewsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}:searchNearestEntities: - parameters: *ref_1 - post: + get: description: >- - Search the nearest entities under a FeatureView. Search only works for - indexable feature view; if a feature view isn't indexable, returns - Invalid argument response. - operationId: >- - aiplatform.projects.locations.featureOnlineStores.featureViews.searchNearestEntities - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SearchNearestEntitiesRequest + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.endpoints.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -39832,8 +54989,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SearchNearestEntitiesResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -39846,30 +55002,29 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId + name: endpointsId required: true schema: type: string - in: path - name: featureViewsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}:directWrite: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Bidirectional streaming RPC to directly write to feature values in a - feature view. Requests may not have a one-to-one mapping to responses - and responses may be returned out-of-order to reduce latency. - operationId: >- - aiplatform.projects.locations.featureOnlineStores.featureViews.directWrite - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureViewDirectWriteRequest + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.endpoints.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -39881,8 +55036,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FeatureViewDirectWriteResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -39895,23 +55049,29 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId + name: endpointsId required: true schema: type: string - in: path - name: featureViewsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}/operations/{operationsId}:wait: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: >- - aiplatform.projects.locations.featureOnlineStores.featureViews.operations.listWait + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.endpoints.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -39923,7 +55083,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -39936,12 +55096,7 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId - required: true - schema: - type: string - - in: path - name: featureViewsId + name: endpointsId required: true schema: type: string @@ -39951,31 +55106,17 @@ paths: schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: timeout schema: type: string - post: + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}/operations: + parameters: *ref_1 + get: description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: >- - aiplatform.projects.locations.featureOnlineStores.featureViews.operations.wait + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.endpoints.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -39987,7 +55128,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -40000,46 +55141,56 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId + name: endpointsId required: true schema: type: string - - in: path - name: featureViewsId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: filter schema: type: string - in: query - name: timeout + name: pageSize schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}/operations/{operationsId}: - parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: >- - aiplatform.projects.locations.featureOnlineStores.featureViews.operations.get + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}/deployedModels/{deployedModelId}/invoke/{invokeId}: + parameters: *ref_1 + post: + description: >- + Forwards arbitrary HTTP requests for both streaming and non-streaming + cases. To use this method, invoke_route_prefix must be set to allow the + paths that will be specified in the request. + operationId: aiplatform.projects.locations.endpoints.deployedModels.invoke.invoke + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1InvokeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: projectsId @@ -40052,40 +55203,49 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId + name: endpointsId required: true schema: type: string - in: path - name: featureViewsId + name: deployedModelId required: true schema: type: string - in: path - name: operationsId + name: invokeId required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}/invoke/{invokeId}: + parameters: *ref_1 + post: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: >- - aiplatform.projects.locations.featureOnlineStores.featureViews.operations.delete + Forwards arbitrary HTTP requests for both streaming and non-streaming + cases. To use this method, invoke_route_prefix must be set to allow the + paths that will be specified in the request. + operationId: aiplatform.projects.locations.endpoints.invoke.invoke + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1InvokeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: projectsId @@ -40098,38 +55258,44 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId - required: true - schema: - type: string - - in: path - name: featureViewsId + name: endpointsId required: true schema: type: string - in: path - name: operationsId + name: invokeId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}/featureViewSyncs/{featureViewSyncsId}: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/openapi/embeddings: parameters: *ref_1 - get: - description: Gets details of a single FeatureViewSync. - operationId: >- - aiplatform.projects.locations.featureOnlineStores.featureViews.featureViewSyncs.get + post: + description: >- + Forwards arbitrary HTTP requests for both streaming and non-streaming + cases. To use this method, invoke_route_prefix must be set to allow the + paths that will be specified in the request. + operationId: aiplatform.projects.locations.endpoints.openapi.embeddings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleApiHttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureViewSync' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: projectsId @@ -40141,27 +55307,46 @@ paths: required: true schema: type: string + - in: query + name: deployedModelId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/evaluationItems/{evaluationItemsId}: + parameters: *ref_1 + delete: + description: Deletes an Evaluation Item. + operationId: aiplatform.projects.locations.evaluationItems.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: - in: path - name: featureOnlineStoresId + name: projectsId required: true schema: type: string - in: path - name: featureViewsId + name: locationsId required: true schema: type: string - in: path - name: featureViewSyncsId + name: evaluationItemsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/featureViews/{featureViewsId}/featureViewSyncs: - parameters: *ref_1 get: - description: Lists FeatureViewSyncs in a given FeatureView. - operationId: >- - aiplatform.projects.locations.featureOnlineStores.featureViews.featureViewSyncs.list + description: Gets an Evaluation Item. + operationId: aiplatform.projects.locations.evaluationItems.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40173,8 +55358,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListFeatureViewSyncsResponse + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationItem' parameters: - in: path name: projectsId @@ -40187,39 +55371,15 @@ paths: schema: type: string - in: path - name: featureOnlineStoresId - required: true - schema: - type: string - - in: path - name: featureViewsId + name: evaluationItemsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/evaluationItems: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.featureOnlineStores.operations.listWait + description: Lists Evaluation Items. + operationId: aiplatform.projects.locations.evaluationItems.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40231,7 +55391,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListEvaluationItemsResponse parameters: - in: path name: projectsId @@ -40243,18 +55404,16 @@ paths: required: true schema: type: string - - in: path - name: featureOnlineStoresId - required: true + - in: query + name: filter schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: filter + name: orderBy schema: type: string - in: query @@ -40262,22 +55421,14 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string post: - description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.featureOnlineStores.operations.wait + description: Creates an Evaluation Item. + operationId: aiplatform.projects.locations.evaluationItems.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationItem' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40289,7 +55440,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationItem' parameters: - in: path name: projectsId @@ -40301,29 +55452,11 @@ paths: required: true schema: type: string - - in: path - name: featureOnlineStoresId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - - in: query - name: timeout - schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/featureOnlineStores/{featureOnlineStoresId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/evaluationSets: parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.featureOnlineStores.operations.get + description: Lists Evaluation Sets. + operationId: aiplatform.projects.locations.evaluationSets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40335,7 +55468,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListEvaluationSetsResponse parameters: - in: path name: projectsId @@ -40347,23 +55481,31 @@ paths: required: true schema: type: string - - in: path - name: featureOnlineStoresId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.featureOnlineStores.operations.delete + - in: query + name: orderBy + schema: + type: string + post: + description: Creates an Evaluation Set. + operationId: aiplatform.projects.locations.evaluationSets.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationSet' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40375,7 +55517,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationSet' parameters: - in: path name: projectsId @@ -40387,29 +55529,11 @@ paths: required: true schema: type: string - - in: path - name: featureOnlineStoresId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/evaluationSets/{evaluationSetsId}: parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: aiplatform.projects.locations.featureGroups.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + delete: + description: Deletes an Evaluation Set. + operationId: aiplatform.projects.locations.evaluationSets.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40421,7 +55545,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -40434,17 +55558,13 @@ paths: schema: type: string - in: path - name: featureGroupsId + name: evaluationSetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}:getIamPolicy: - parameters: *ref_1 - post: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: aiplatform.projects.locations.featureGroups.getIamPolicy + get: + description: Gets an Evaluation Set. + operationId: aiplatform.projects.locations.evaluationSets.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40456,7 +55576,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationSet' parameters: - in: path name: projectsId @@ -40469,25 +55589,18 @@ paths: schema: type: string - in: path - name: featureGroupsId + name: evaluationSetsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: aiplatform.projects.locations.featureGroups.testIamPermissions + patch: + description: Updates an Evaluation Set. + operationId: aiplatform.projects.locations.evaluationSets.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationSet' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40499,7 +55612,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationSet' parameters: - in: path name: projectsId @@ -40512,24 +55625,20 @@ paths: schema: type: string - in: path - name: featureGroupsId + name: evaluationSetsId required: true schema: type: string - in: query - name: permissions + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureGroups: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/cachedContents: parameters: *ref_1 - post: - description: Creates a new FeatureGroup in a given project and location. - operationId: aiplatform.projects.locations.featureGroups.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureGroup' + get: + description: Lists cached contents in a project + operationId: aiplatform.projects.locations.cachedContents.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40541,7 +55650,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListCachedContentsResponse parameters: - in: path name: projectsId @@ -40554,12 +55664,24 @@ paths: schema: type: string - in: query - name: featureGroupId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - get: - description: Lists FeatureGroups in a given project and location. - operationId: aiplatform.projects.locations.featureGroups.list + post: + description: >- + Creates cached content, this call will initialize the cached content in + the data storage, and users need to pay for the cache data storage. + operationId: aiplatform.projects.locations.cachedContents.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CachedContent' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40571,8 +55693,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListFeatureGroupsResponse + $ref: '#/components/schemas/GoogleCloudAiplatformV1CachedContent' parameters: - in: path name: projectsId @@ -40584,28 +55705,11 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}: + /v1/projects/{projectsId}/locations/{locationsId}/cachedContents/{cachedContentsId}: parameters: *ref_1 get: - description: Gets details of a single FeatureGroup. - operationId: aiplatform.projects.locations.featureGroups.get + description: Gets cached content configurations + operationId: aiplatform.projects.locations.cachedContents.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40617,7 +55721,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureGroup' + $ref: '#/components/schemas/GoogleCloudAiplatformV1CachedContent' parameters: - in: path name: projectsId @@ -40630,18 +55734,18 @@ paths: schema: type: string - in: path - name: featureGroupsId + name: cachedContentsId required: true schema: type: string patch: - description: Updates the parameters of a single FeatureGroup. - operationId: aiplatform.projects.locations.featureGroups.patch + description: Updates cached content configurations + operationId: aiplatform.projects.locations.cachedContents.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureGroup' + $ref: '#/components/schemas/GoogleCloudAiplatformV1CachedContent' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40653,7 +55757,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1CachedContent' parameters: - in: path name: projectsId @@ -40666,7 +55770,7 @@ paths: schema: type: string - in: path - name: featureGroupsId + name: cachedContentsId required: true schema: type: string @@ -40676,8 +55780,8 @@ paths: type: string format: google-fieldmask delete: - description: Deletes a single FeatureGroup. - operationId: aiplatform.projects.locations.featureGroups.delete + description: Deletes cached content + operationId: aiplatform.projects.locations.cachedContents.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40689,7 +55793,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -40702,21 +55806,17 @@ paths: schema: type: string - in: path - name: featureGroupsId + name: cachedContentsId required: true schema: type: string - - in: query - name: force - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/customJobs/{customJobsId}/operations: parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.featureGroups.operations.listWait + operationId: aiplatform.projects.locations.customJobs.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40741,40 +55841,35 @@ paths: schema: type: string - in: path - name: featureGroupsId + name: customJobsId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query name: filter schema: type: string - in: query - name: pageSize + name: returnPartialSuccess schema: - type: integer - format: int32 + type: boolean - in: query name: pageToken schema: type: string - post: + /v1/projects/{projectsId}/locations/{locationsId}/customJobs/{customJobsId}/operations/{operationsId}: + parameters: *ref_1 + get: description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.featureGroups.operations.wait + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.customJobs.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40799,7 +55894,7 @@ paths: schema: type: string - in: path - name: featureGroupsId + name: customJobsId required: true schema: type: string @@ -40808,19 +55903,13 @@ paths: required: true schema: type: string - - in: query - name: timeout - schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}/operations/{operationsId}: - parameters: *ref_1 - get: + delete: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.featureGroups.operations.get + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.customJobs.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40832,7 +55921,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -40845,7 +55934,7 @@ paths: schema: type: string - in: path - name: featureGroupsId + name: customJobsId required: true schema: type: string @@ -40854,13 +55943,20 @@ paths: required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/customJobs/{customJobsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.featureGroups.operations.delete + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.customJobs.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40885,7 +55981,7 @@ paths: schema: type: string - in: path - name: featureGroupsId + name: customJobsId required: true schema: type: string @@ -40894,16 +55990,20 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}/features: + /v1/projects/{projectsId}/locations/{locationsId}/customJobs/{customJobsId}/operations/{operationsId}:wait: parameters: *ref_1 post: - description: Creates a new Feature in a given FeatureGroup. - operationId: aiplatform.projects.locations.featureGroups.features.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.customJobs.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40928,17 +56028,32 @@ paths: schema: type: string - in: path - name: featureGroupsId + name: customJobsId + required: true + schema: + type: string + - in: path + name: operationsId required: true schema: type: string - in: query - name: featureId + name: timeout schema: type: string - get: - description: Lists Features in a given FeatureGroup. - operationId: aiplatform.projects.locations.featureGroups.features.list + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/customJobs: + parameters: *ref_1 + post: + description: >- + Creates a CustomJob. A created CustomJob right away will be attempted to + be run. + operationId: aiplatform.projects.locations.customJobs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJob' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -40950,8 +56065,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListFeaturesResponse + $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJob' parameters: - in: path name: projectsId @@ -40963,8 +56077,30 @@ paths: required: true schema: type: string + get: + description: Lists CustomJobs in a Location. + operationId: aiplatform.projects.locations.customJobs.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListCustomJobsResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: featureGroupsId + name: locationsId required: true schema: type: string @@ -40981,31 +56117,16 @@ paths: name: pageToken schema: type: string - - in: query - name: orderBy - schema: - type: string - in: query name: readMask schema: type: string format: google-fieldmask - - in: query - name: latestStatsCount - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}/features:batchCreate: + /v1/projects/{projectsId}/locations/{locationsId}/customJobs/{customJobsId}: parameters: *ref_1 - post: - description: Creates a batch of Features in a given FeatureGroup. - operationId: aiplatform.projects.locations.featureGroups.features.batchCreate - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchCreateFeaturesRequest + delete: + description: Deletes a CustomJob. + operationId: aiplatform.projects.locations.customJobs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41030,15 +56151,13 @@ paths: schema: type: string - in: path - name: featureGroupsId + name: customJobsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}/features/{featuresId}: - parameters: *ref_1 get: - description: Gets details of a single Feature. - operationId: aiplatform.projects.locations.featureGroups.features.get + description: Gets a CustomJob. + operationId: aiplatform.projects.locations.customJobs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41050,7 +56169,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' + $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJob' parameters: - in: path name: projectsId @@ -41063,23 +56182,29 @@ paths: schema: type: string - in: path - name: featureGroupsId - required: true - schema: - type: string - - in: path - name: featuresId + name: customJobsId required: true schema: type: string - patch: - description: Updates the parameters of a single Feature. - operationId: aiplatform.projects.locations.featureGroups.features.patch + /v1/projects/{projectsId}/locations/{locationsId}/customJobs/{customJobsId}:cancel: + parameters: *ref_1 + post: + description: >- + Cancels a CustomJob. Starts asynchronous cancellation on the CustomJob. + The server makes a best effort to cancel the job, but success is not + guaranteed. Clients can use JobService.GetCustomJob or other methods to + check whether the cancellation succeeded or whether the job completed + despite cancellation. On successful cancellation, the CustomJob is not + deleted; instead it becomes a job with a CustomJob.error value with a + google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`, and + CustomJob.state is set to `CANCELLED`. + operationId: aiplatform.projects.locations.customJobs.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CancelCustomJobRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41091,7 +56216,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -41104,23 +56229,19 @@ paths: schema: type: string - in: path - name: featureGroupsId - required: true - schema: - type: string - - in: path - name: featuresId + name: customJobsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/tuningJobs/{tuningJobsId}/operations/{operationsId}: + parameters: *ref_1 delete: - description: Deletes a single Feature. - operationId: aiplatform.projects.locations.featureGroups.features.delete + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.tuningJobs.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41132,7 +56253,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -41145,22 +56266,21 @@ paths: schema: type: string - in: path - name: featureGroupsId + name: tuningJobsId required: true schema: type: string - in: path - name: featuresId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}/features/{featuresId}/operations/{operationsId}:wait: - parameters: *ref_1 get: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.featureGroups.features.operations.listWait + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.tuningJobs.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41172,7 +56292,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -41185,12 +56305,7 @@ paths: schema: type: string - in: path - name: featureGroupsId - required: true - schema: - type: string - - in: path - name: featuresId + name: tuningJobsId required: true schema: type: string @@ -41199,31 +56314,13 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - post: + /v1/projects/{projectsId}/locations/{locationsId}/tuningJobs/{tuningJobsId}/operations: + parameters: *ref_1 + get: description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.featureGroups.features.operations.wait + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.tuningJobs.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41235,7 +56332,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -41248,33 +56345,41 @@ paths: schema: type: string - in: path - name: featureGroupsId + name: tuningJobsId required: true schema: type: string - - in: path - name: featuresId - required: true + - in: query + name: filter schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: timeout + name: returnPartialSuccess schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}/features/{featuresId}/operations/{operationsId}: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/tuningJobs/{tuningJobsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.featureGroups.features.operations.get + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.tuningJobs.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41286,7 +56391,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -41299,12 +56404,7 @@ paths: schema: type: string - in: path - name: featureGroupsId - required: true - schema: - type: string - - in: path - name: featuresId + name: tuningJobsId required: true schema: type: string @@ -41313,13 +56413,25 @@ paths: required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/tuningJobs/{tuningJobsId}:cancel: + parameters: *ref_1 + post: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.featureGroups.features.operations.delete + Cancels a TuningJob. Starts asynchronous cancellation on the TuningJob. + The server makes a best effort to cancel the job, but success is not + guaranteed. Clients can use GenAiTuningService.GetTuningJob or other + methods to check whether the cancellation succeeded or whether the job + completed despite cancellation. On successful cancellation, the + TuningJob is not deleted; instead it becomes a job with a + TuningJob.error value with a google.rpc.Status.code of 1, corresponding + to `Code.CANCELLED`, and TuningJob.state is set to `CANCELLED`. + operationId: aiplatform.projects.locations.tuningJobs.cancel + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CancelTuningJobRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41344,27 +56456,15 @@ paths: schema: type: string - in: path - name: featureGroupsId - required: true - schema: - type: string - - in: path - name: featuresId - required: true - schema: - type: string - - in: path - name: operationsId + name: tuningJobsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/tuningJobs: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.operations.list + description: Lists TuningJobs in a Location. + operationId: aiplatform.projects.locations.tuningJobs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41376,7 +56476,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListTuningJobsResponse parameters: - in: path name: projectsId @@ -41388,6 +56489,10 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: filter schema: @@ -41397,18 +56502,16 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.operations.get + Creates a TuningJob. A created TuningJob right away will be attempted to + be run. + operationId: aiplatform.projects.locations.tuningJobs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TuningJob' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41420,7 +56523,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1TuningJob' parameters: - in: path name: projectsId @@ -41432,18 +56535,11 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true - schema: - type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.operations.delete + /v1/projects/{projectsId}/locations/{locationsId}/tuningJobs/{tuningJobsId}: + parameters: *ref_1 + get: + description: Gets a TuningJob. + operationId: aiplatform.projects.locations.tuningJobs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41455,7 +56551,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudAiplatformV1TuningJob' parameters: - in: path name: projectsId @@ -41468,24 +56564,21 @@ paths: schema: type: string - in: path - name: operationsId + name: tuningJobsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/tuningJobs:rebaseTunedModel: parameters: *ref_1 post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.operations.cancel + description: Rebase a TunedModel. + operationId: aiplatform.projects.locations.tuningJobs.rebaseTunedModel + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RebaseTunedModelRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41497,7 +56590,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -41509,25 +56602,19 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:setIamPolicy: parameters: *ref_1 post: description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.operations.wait + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: aiplatform.projects.locations.datasets.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41539,7 +56626,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -41552,22 +56639,15 @@ paths: schema: type: string - in: path - name: operationsId + name: datasetsId required: true schema: type: string - - in: query - name: timeout - schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/ragEngineConfig/operations: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:searchDataItems: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.ragEngineConfig.operations.list + description: Searches DataItems in a Dataset. + operationId: aiplatform.projects.locations.datasets.searchDataItems security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41579,7 +56659,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SearchDataItemsResponse parameters: - in: path name: projectsId @@ -41591,8 +56672,33 @@ paths: required: true schema: type: string + - in: path + name: datasetsId + required: true + schema: + type: string - in: query - name: filter + name: savedQuery + schema: + type: string + - in: query + name: dataLabelingJob + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: annotationFilters + schema: + type: string + - in: query + name: orderByDataItem + schema: + type: string + - in: query + name: pageToken schema: type: string - in: query @@ -41601,17 +56707,41 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: dataItemFilter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ragEngineConfig/operations/{operationsId}: + - in: query + name: annotationsFilter + schema: + type: string + - in: query + name: annotationsLimit + schema: + type: integer + format: int32 + - in: query + name: fieldMask + schema: + type: string + format: google-fieldmask + - in: query + name: orderByAnnotation.savedQuery + schema: + type: string + - in: query + name: orderByAnnotation.orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:export: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.ragEngineConfig.operations.get + post: + description: Exports data from a Dataset. + operationId: aiplatform.projects.locations.datasets.export + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExportDataRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41636,17 +56766,20 @@ paths: schema: type: string - in: path - name: operationsId + name: datasetsId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.ragEngineConfig.operations.delete + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:import: + parameters: *ref_1 + post: + description: Imports data into a Dataset. + operationId: aiplatform.projects.locations.datasets.import + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ImportDataRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41658,7 +56791,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -41671,24 +56804,20 @@ paths: schema: type: string - in: path - name: operationsId + name: datasetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ragEngineConfig/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}: parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.ragEngineConfig.operations.cancel + patch: + description: Updates a Dataset. + operationId: aiplatform.projects.locations.datasets.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Dataset' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41700,7 +56829,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Dataset' parameters: - in: path name: projectsId @@ -41713,24 +56842,49 @@ paths: schema: type: string - in: path - name: operationsId + name: datasetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ragEngineConfig/operations/{operationsId}:wait: - parameters: *ref_1 - post: - description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.ragEngineConfig.operations.wait + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a Dataset. + operationId: aiplatform.projects.locations.datasets.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: datasetsId + required: true + schema: + type: string + get: + description: Gets a Dataset. + operationId: aiplatform.projects.locations.datasets.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41742,7 +56896,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Dataset' parameters: - in: path name: projectsId @@ -41755,15 +56909,15 @@ paths: schema: type: string - in: path - name: operationsId + name: datasetsId required: true schema: type: string - in: query - name: timeout + name: readMask schema: type: string - format: google-duration + format: google-fieldmask /v1/projects/{projectsId}/locations/{locationsId}/datasets: parameters: *ref_1 post: @@ -41824,10 +56978,6 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: @@ -41842,15 +56992,24 @@ paths: schema: type: string format: google-fieldmask + - in: query + name: filter + schema: + type: string - in: query name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:testIamPermissions: parameters: *ref_1 - get: - description: Gets a Dataset. - operationId: aiplatform.projects.locations.datasets.get + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: aiplatform.projects.locations.datasets.testIamPermissions security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41862,7 +57021,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Dataset' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -41880,18 +57039,16 @@ paths: schema: type: string - in: query - name: readMask + name: permissions schema: type: string - format: google-fieldmask - patch: - description: Updates a Dataset. - operationId: aiplatform.projects.locations.datasets.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Dataset' + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:getIamPolicy: + parameters: *ref_1 + post: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: aiplatform.projects.locations.datasets.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41903,7 +57060,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Dataset' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -41921,13 +57078,17 @@ paths: schema: type: string - in: query - name: updateMask + name: options.requestedPolicyVersion schema: - type: string - format: google-fieldmask - delete: - description: Deletes a Dataset. - operationId: aiplatform.projects.locations.datasets.delete + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/savedQueries/{savedQueriesId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.datasets.savedQueries.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41939,7 +57100,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -41956,16 +57117,36 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:import: + - in: path + name: savedQueriesId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/savedQueries/{savedQueriesId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Imports data into a Dataset. - operationId: aiplatform.projects.locations.datasets.import - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ImportDataRequest' + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.datasets.savedQueries.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -41994,16 +57175,23 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:export: - parameters: *ref_1 - post: - description: Exports data from a Dataset. - operationId: aiplatform.projects.locations.datasets.export - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExportDataRequest' + - in: path + name: savedQueriesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.datasets.savedQueries.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -42015,7 +57203,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -42032,11 +57220,30 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:searchDataItems: + - in: path + name: savedQueriesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/savedQueries/{savedQueriesId}/operations/{operationsId}:wait: parameters: *ref_1 - get: - description: Searches DataItems in a Dataset. - operationId: aiplatform.projects.locations.datasets.searchDataItems + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.datasets.savedQueries.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -42048,8 +57255,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SearchDataItemsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -42066,68 +57272,78 @@ paths: required: true schema: type: string - - in: query - name: orderByDataItem - schema: - type: string - - in: query - name: orderByAnnotation.savedQuery - schema: - type: string - - in: query - name: orderByAnnotation.orderBy - schema: - type: string - - in: query - name: savedQuery + - in: path + name: savedQueriesId + required: true schema: type: string - - in: query - name: dataLabelingJob + - in: path + name: operationsId + required: true schema: type: string - in: query - name: dataItemFilter + name: timeout schema: type: string - - in: query - name: annotationsFilter + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/savedQueries/{savedQueriesId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.datasets.savedQueries.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true schema: type: string - - in: query - name: annotationFilters + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: fieldMask + - in: path + name: datasetsId + required: true schema: type: string - format: google-fieldmask - - in: query - name: annotationsLimit - schema: - type: integer - format: int32 - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: orderBy + - in: path + name: savedQueriesId + required: true schema: type: string - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/savedQueries: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.datasets.operations.list + description: Lists SavedQueries in a Dataset. + operationId: aiplatform.projects.locations.datasets.savedQueries.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -42139,7 +57355,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListSavedQueriesResponse parameters: - in: path name: projectsId @@ -42161,22 +57378,28 @@ paths: schema: type: string - in: query - name: pageSize + name: readMask schema: - type: integer - format: int32 + type: string + format: google-fieldmask - in: query name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/operations/{operationsId}: + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/savedQueries/{savedQueriesId}: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.datasets.operations.get + delete: + description: Deletes a SavedQuery. + operationId: aiplatform.projects.locations.datasets.savedQueries.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -42206,17 +57429,15 @@ paths: schema: type: string - in: path - name: operationsId + name: savedQueriesId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.datasets.operations.delete + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/datasetVersions/{datasetVersionsId}: + parameters: *ref_1 + get: + description: Gets a Dataset version. + operationId: aiplatform.projects.locations.datasets.datasetVersions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -42228,7 +57449,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetVersion' parameters: - in: path name: projectsId @@ -42246,24 +57467,23 @@ paths: schema: type: string - in: path - name: operationsId + name: datasetVersionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.datasets.operations.cancel + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + patch: + description: Updates a DatasetVersion. + operationId: aiplatform.projects.locations.datasets.datasetVersions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetVersion' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -42275,7 +57495,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetVersion' parameters: - in: path name: projectsId @@ -42293,24 +57513,18 @@ paths: schema: type: string - in: path - name: operationsId + name: datasetVersionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/operations/{operationsId}:wait: - parameters: *ref_1 - post: - description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.datasets.operations.wait + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a Dataset version. + operationId: aiplatform.projects.locations.datasets.datasetVersions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -42340,15 +57554,10 @@ paths: schema: type: string - in: path - name: operationsId + name: datasetVersionsId required: true schema: type: string - - in: query - name: timeout - schema: - type: string - format: google-duration /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/datasetVersions: parameters: *ref_1 post: @@ -42419,38 +57628,33 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query - name: readMask + name: pageToken schema: type: string - format: google-fieldmask - in: query name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/datasetVersions/{datasetVersionsId}: + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/datasetVersions/{datasetVersionsId}:restore: parameters: *ref_1 - patch: - description: Updates a DatasetVersion. - operationId: aiplatform.projects.locations.datasets.datasetVersions.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetVersion' + get: + description: Restores a dataset version. + operationId: aiplatform.projects.locations.datasets.datasetVersions.restore security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -42462,7 +57666,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetVersion' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -42484,14 +57688,119 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.datasets.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: datasetsId + required: true + schema: + type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - delete: - description: Deletes a Dataset version. - operationId: aiplatform.projects.locations.datasets.datasetVersions.delete + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.datasets.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: datasetsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.datasets.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -42521,13 +57830,24 @@ paths: schema: type: string - in: path - name: datasetVersionsId + name: operationsId required: true schema: type: string - get: - description: Gets a Dataset version. - operationId: aiplatform.projects.locations.datasets.datasetVersions.get + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.datasets.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -42539,7 +57859,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DatasetVersion' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -42557,20 +57877,16 @@ paths: schema: type: string - in: path - name: datasetVersionsId + name: operationsId required: true schema: type: string - - in: query - name: readMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/datasetVersions/{datasetVersionsId}:restore: - parameters: *ref_1 get: - description: Restores a dataset version. - operationId: aiplatform.projects.locations.datasets.datasetVersions.restore + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.datasets.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -42600,7 +57916,7 @@ paths: schema: type: string - in: path - name: datasetVersionsId + name: operationsId required: true schema: type: string @@ -42639,16 +57955,7 @@ paths: schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: orderBy schema: type: string - in: query @@ -42657,47 +57964,7 @@ paths: type: string format: google-fieldmask - in: query - name: orderBy - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataItems/{dataItemsId}/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.datasets.dataItems.operations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: datasetsId - required: true - schema: - type: string - - in: path - name: dataItemsId - required: true + name: pageToken schema: type: string - in: query @@ -42709,10 +57976,6 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataItems/{dataItemsId}/operations/{operationsId}: parameters: *ref_1 get: @@ -42856,20 +58119,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataItems/{dataItemsId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataItems/{dataItemsId}/operations: parameters: *ref_1 - post: + get: description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.datasets.dataItems.operations.wait + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.datasets.dataItems.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -42881,7 +58137,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -42903,21 +58159,37 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken schema: type: string - in: query - name: timeout + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataItems/{dataItemsId}/annotations: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataItems/{dataItemsId}/operations/{operationsId}:wait: parameters: *ref_1 - get: - description: Lists Annotations belongs to a dataitem. - operationId: aiplatform.projects.locations.datasets.dataItems.annotations.list + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.datasets.dataItems.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -42929,8 +58201,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListAnnotationsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -42952,36 +58223,31 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: readMask + - in: path + name: operationsId + required: true schema: type: string - format: google-fieldmask - in: query - name: orderBy + name: timeout schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataItems/{dataItemsId}/annotations/{annotationsId}/operations: + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataItems/{dataItemsId}/annotations/{annotationsId}/operations/{operationsId}:wait: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. operationId: >- - aiplatform.projects.locations.datasets.dataItems.annotations.operations.list + aiplatform.projects.locations.datasets.dataItems.annotations.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -42993,7 +58259,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -43020,19 +58286,16 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: operationsId + required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: timeout schema: type: string + format: google-duration /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataItems/{dataItemsId}/annotations/{annotationsId}/operations/{operationsId}: parameters: *ref_1 get: @@ -43136,79 +58399,14 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataItems/{dataItemsId}/annotations/{annotationsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: >- - aiplatform.projects.locations.datasets.dataItems.annotations.operations.cancel - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: datasetsId - required: true - schema: - type: string - - in: path - name: dataItemsId - required: true - schema: - type: string - - in: path - name: annotationsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataItems/{dataItemsId}/annotations/{annotationsId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataItems/{dataItemsId}/annotations/{annotationsId}/operations: parameters: *ref_1 - post: + get: description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. operationId: >- - aiplatform.projects.locations.datasets.dataItems.annotations.operations.wait + aiplatform.projects.locations.datasets.dataItems.annotations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -43220,7 +58418,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -43247,21 +58445,38 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: timeout + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/savedQueries: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataItems/{dataItemsId}/annotations/{annotationsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: - description: Lists SavedQueries in a Dataset. - operationId: aiplatform.projects.locations.datasets.savedQueries.list + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: >- + aiplatform.projects.locations.datasets.dataItems.annotations.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -43273,8 +58488,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListSavedQueriesResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -43291,33 +58505,26 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: dataItemsId + required: true schema: type: string - - in: query - name: readMask + - in: path + name: annotationsId + required: true schema: type: string - format: google-fieldmask - - in: query - name: orderBy + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/savedQueries/{savedQueriesId}: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataItems/{dataItemsId}/annotations: parameters: *ref_1 - delete: - description: Deletes a SavedQuery. - operationId: aiplatform.projects.locations.datasets.savedQueries.delete + get: + description: Lists Annotations belongs to a dataitem. + operationId: aiplatform.projects.locations.datasets.dataItems.annotations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -43329,7 +58536,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListAnnotationsResponse parameters: - in: path name: projectsId @@ -43347,17 +58555,37 @@ paths: schema: type: string - in: path - name: savedQueriesId + name: dataItemsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/savedQueries/{savedQueriesId}/operations: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/annotationSpecs/{annotationSpecsId}: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.datasets.savedQueries.operations.list + description: Gets an AnnotationSpec. + operationId: aiplatform.projects.locations.datasets.annotationSpecs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -43369,7 +58597,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleCloudAiplatformV1AnnotationSpec' parameters: - in: path name: projectsId @@ -43387,31 +58615,29 @@ paths: schema: type: string - in: path - name: savedQueriesId + name: annotationSpecsId required: true schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: readMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/savedQueries/{savedQueriesId}/operations/{operationsId}: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/annotationSpecs/{annotationSpecsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.datasets.savedQueries.operations.get + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.datasets.annotationSpecs.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -43423,7 +58649,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -43441,7 +58667,7 @@ paths: schema: type: string - in: path - name: savedQueriesId + name: annotationSpecsId required: true schema: type: string @@ -43450,13 +58676,20 @@ paths: required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/annotationSpecs/{annotationSpecsId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.datasets.savedQueries.operations.delete + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.datasets.annotationSpecs.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -43468,7 +58701,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -43486,7 +58719,7 @@ paths: schema: type: string - in: path - name: savedQueriesId + name: annotationSpecsId required: true schema: type: string @@ -43495,20 +58728,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/savedQueries/{savedQueriesId}/operations/{operationsId}:cancel: + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/annotationSpecs/{annotationSpecsId}/operations/{operationsId}: parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.datasets.savedQueries.operations.cancel + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.datasets.annotationSpecs.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -43520,7 +58752,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -43538,7 +58770,7 @@ paths: schema: type: string - in: path - name: savedQueriesId + name: annotationSpecsId required: true schema: type: string @@ -43547,20 +58779,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/savedQueries/{savedQueriesId}/operations/{operationsId}:wait: - parameters: *ref_1 - post: + delete: description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.datasets.savedQueries.operations.wait + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.datasets.annotationSpecs.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -43572,7 +58797,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -43590,7 +58815,7 @@ paths: schema: type: string - in: path - name: savedQueriesId + name: annotationSpecsId required: true schema: type: string @@ -43599,16 +58824,13 @@ paths: required: true schema: type: string - - in: query - name: timeout - schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/annotationSpecs/{annotationSpecsId}: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/annotationSpecs/{annotationSpecsId}/operations: parameters: *ref_1 get: - description: Gets an AnnotationSpec. - operationId: aiplatform.projects.locations.datasets.annotationSpecs.get + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.datasets.annotationSpecs.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -43620,7 +58842,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1AnnotationSpec' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -43643,17 +58865,36 @@ paths: schema: type: string - in: query - name: readMask + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/annotationSpecs/{annotationSpecsId}/operations: + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/dataLabelingJobs/{dataLabelingJobsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.datasets.annotationSpecs.operations.list + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.dataLabelingJobs.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -43665,7 +58906,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -43678,36 +58919,23 @@ paths: schema: type: string - in: path - name: datasetsId + name: dataLabelingJobsId required: true schema: type: string - in: path - name: annotationSpecsId + name: operationsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/annotationSpecs/{annotationSpecsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/dataLabelingJobs/{dataLabelingJobsId}/operations/{operationsId}: parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: aiplatform.projects.locations.datasets.annotationSpecs.operations.get + operationId: aiplatform.projects.locations.dataLabelingJobs.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -43732,12 +58960,7 @@ paths: schema: type: string - in: path - name: datasetsId - required: true - schema: - type: string - - in: path - name: annotationSpecsId + name: dataLabelingJobsId required: true schema: type: string @@ -43752,7 +58975,7 @@ paths: is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.datasets.annotationSpecs.operations.delete + operationId: aiplatform.projects.locations.dataLabelingJobs.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -43777,12 +59000,7 @@ paths: schema: type: string - in: path - name: datasetsId - required: true - schema: - type: string - - in: path - name: annotationSpecsId + name: dataLabelingJobsId required: true schema: type: string @@ -43791,20 +59009,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/annotationSpecs/{annotationSpecsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/dataLabelingJobs/{dataLabelingJobsId}/operations: parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.datasets.annotationSpecs.operations.cancel + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.dataLabelingJobs.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -43816,7 +59027,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -43829,21 +59040,28 @@ paths: schema: type: string - in: path - name: datasetsId + name: dataLabelingJobsId required: true schema: type: string - - in: path - name: annotationSpecsId - required: true + - in: query + name: filter schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/annotationSpecs/{annotationSpecsId}/operations/{operationsId}:wait: + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/dataLabelingJobs/{dataLabelingJobsId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- @@ -43856,7 +59074,7 @@ paths: best-effort basis. It may return the latest state before the specified timeout (including immediately), meaning even an immediate response is no guarantee that the operation is done. - operationId: aiplatform.projects.locations.datasets.annotationSpecs.operations.wait + operationId: aiplatform.projects.locations.dataLabelingJobs.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -43881,12 +59099,7 @@ paths: schema: type: string - in: path - name: datasetsId - required: true - schema: - type: string - - in: path - name: annotationSpecsId + name: dataLabelingJobsId required: true schema: type: string @@ -43900,17 +59113,16 @@ paths: schema: type: string format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/deploymentResourcePools: + /v1/projects/{projectsId}/locations/{locationsId}/dataLabelingJobs: parameters: *ref_1 post: - description: Create a DeploymentResourcePool. - operationId: aiplatform.projects.locations.deploymentResourcePools.create + description: Creates a DataLabelingJob. + operationId: aiplatform.projects.locations.dataLabelingJobs.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CreateDeploymentResourcePoolRequest + $ref: '#/components/schemas/GoogleCloudAiplatformV1DataLabelingJob' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -43922,7 +59134,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1DataLabelingJob' parameters: - in: path name: projectsId @@ -43935,8 +59147,8 @@ paths: schema: type: string get: - description: List DeploymentResourcePools in a location. - operationId: aiplatform.projects.locations.deploymentResourcePools.list + description: Lists DataLabelingJobs in a Location. + operationId: aiplatform.projects.locations.dataLabelingJobs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -43949,7 +59161,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListDeploymentResourcePoolsResponse + #/components/schemas/GoogleCloudAiplatformV1ListDataLabelingJobsResponse parameters: - in: path name: projectsId @@ -43961,6 +59173,14 @@ paths: required: true schema: type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string - in: query name: pageSize schema: @@ -43970,11 +59190,16 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deploymentResourcePools/{deploymentResourcePoolsId}: + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/dataLabelingJobs/{dataLabelingJobsId}: parameters: *ref_1 get: - description: Get a DeploymentResourcePool. - operationId: aiplatform.projects.locations.deploymentResourcePools.get + description: Gets a DataLabelingJob. + operationId: aiplatform.projects.locations.dataLabelingJobs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -43986,8 +59211,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1DeploymentResourcePool + $ref: '#/components/schemas/GoogleCloudAiplatformV1DataLabelingJob' parameters: - in: path name: projectsId @@ -44000,19 +59224,13 @@ paths: schema: type: string - in: path - name: deploymentResourcePoolsId + name: dataLabelingJobsId required: true schema: type: string - patch: - description: Update a DeploymentResourcePool. - operationId: aiplatform.projects.locations.deploymentResourcePools.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1DeploymentResourcePool + delete: + description: Deletes a DataLabelingJob. + operationId: aiplatform.projects.locations.dataLabelingJobs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -44037,18 +59255,21 @@ paths: schema: type: string - in: path - name: deploymentResourcePoolsId + name: dataLabelingJobsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Delete a DeploymentResourcePool. - operationId: aiplatform.projects.locations.deploymentResourcePools.delete + /v1/projects/{projectsId}/locations/{locationsId}/dataLabelingJobs/{dataLabelingJobsId}:cancel: + parameters: *ref_1 + post: + description: Cancels a DataLabelingJob. Success of cancellation is not guaranteed. + operationId: aiplatform.projects.locations.dataLabelingJobs.cancel + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CancelDataLabelingJobRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -44060,7 +59281,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -44073,23 +59294,30 @@ paths: schema: type: string - in: path - name: deploymentResourcePoolsId + name: dataLabelingJobsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deploymentResourcePools/{deploymentResourcePoolsId}:queryDeployedModels: + /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:generateContent: parameters: *ref_1 - get: - description: >- - List DeployedModels that have been deployed on this - DeploymentResourcePool. - operationId: >- - aiplatform.projects.locations.deploymentResourcePools.queryDeployedModels + post: + description: Generate content with multimodal inputs. + operationId: aiplatform.projects.locations.publishers.models.generateContent + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateContentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response @@ -44097,7 +59325,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QueryDeployedModelsResponse + #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponse parameters: - in: path name: projectsId @@ -44110,38 +59338,42 @@ paths: schema: type: string - in: path - name: deploymentResourcePoolsId + name: publishersId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: modelsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deploymentResourcePools/{deploymentResourcePoolsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:predictLongRunning: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.deploymentResourcePools.operations.list + post: + description: '' + operationId: aiplatform.projects.locations.publishers.models.predictLongRunning + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PredictLongRunningRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -44154,43 +59386,42 @@ paths: schema: type: string - in: path - name: deploymentResourcePoolsId + name: publishersId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: modelsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deploymentResourcePools/{deploymentResourcePoolsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:streamRawPredict: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.deploymentResourcePools.operations.get + post: + description: Perform a streaming online prediction with an arbitrary HTTP payload. + operationId: aiplatform.projects.locations.publishers.models.streamRawPredict + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1StreamRawPredictRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: projectsId @@ -44203,22 +59434,25 @@ paths: schema: type: string - in: path - name: deploymentResourcePoolsId + name: publishersId required: true schema: type: string - in: path - name: operationsId + name: modelsId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.deploymentResourcePools.operations.delete + /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:countTokens: + parameters: *ref_1 + post: + description: Perform a token counting. + operationId: aiplatform.projects.locations.publishers.models.countTokens + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CountTokensRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -44230,7 +59464,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CountTokensResponse parameters: - in: path name: projectsId @@ -44243,29 +59478,25 @@ paths: schema: type: string - in: path - name: deploymentResourcePoolsId + name: publishersId required: true schema: type: string - in: path - name: operationsId + name: modelsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deploymentResourcePools/{deploymentResourcePoolsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:computeTokens: parameters: *ref_1 post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.deploymentResourcePools.operations.cancel + description: Return a list of tokens based on the input text. + operationId: aiplatform.projects.locations.publishers.models.computeTokens + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ComputeTokensRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -44277,7 +59508,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ComputeTokensResponse parameters: - in: path name: projectsId @@ -44290,41 +59522,43 @@ paths: schema: type: string - in: path - name: deploymentResourcePoolsId + name: publishersId required: true schema: type: string - in: path - name: operationsId + name: modelsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deploymentResourcePools/{deploymentResourcePoolsId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:streamGenerateContent: parameters: *ref_1 post: - description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.deploymentResourcePools.operations.wait + description: Generate content with multimodal inputs with streaming support. + operationId: aiplatform.projects.locations.publishers.models.streamGenerateContent + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateContentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponse parameters: - in: path name: projectsId @@ -44337,42 +59571,45 @@ paths: schema: type: string - in: path - name: deploymentResourcePoolsId + name: publishersId required: true schema: type: string - in: path - name: operationsId + name: modelsId required: true schema: type: string - - in: query - name: timeout - schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/endpoints: + /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:serverStreamingPredict: parameters: *ref_1 post: - description: Creates an Endpoint. - operationId: aiplatform.projects.locations.endpoints.create + description: >- + Perform a server-side streaming online prediction request for Vertex LLM + streaming. + operationId: aiplatform.projects.locations.publishers.models.serverStreamingPredict requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Endpoint' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1StreamingPredictRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1StreamingPredictResponse parameters: - in: path name: projectsId @@ -44384,26 +59621,42 @@ paths: required: true schema: type: string - - in: query - name: endpointId + - in: path + name: publishersId + required: true schema: type: string - get: - description: Lists Endpoints in a Location. - operationId: aiplatform.projects.locations.endpoints.list + - in: path + name: modelsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:predict: + parameters: *ref_1 + post: + description: Perform an online prediction. + operationId: aiplatform.projects.locations.publishers.models.predict + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListEndpointsResponse + $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictResponse' parameters: - in: path name: projectsId @@ -44415,49 +59668,43 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: readMask - schema: - type: string - format: google-fieldmask - - in: query - name: orderBy + - in: path + name: publishersId + required: true schema: type: string - - in: query - name: gdcZone + - in: path + name: modelsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}: + /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:fetchPredictOperation: parameters: *ref_1 - get: - description: Gets an Endpoint. - operationId: aiplatform.projects.locations.endpoints.get + post: + description: Fetch an asynchronous online prediction operation. + operationId: aiplatform.projects.locations.publishers.models.fetchPredictOperation + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1FetchPredictOperationRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Endpoint' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -44470,30 +59717,46 @@ paths: schema: type: string - in: path - name: endpointsId + name: publishersId required: true schema: type: string - patch: - description: Updates an Endpoint. - operationId: aiplatform.projects.locations.endpoints.patch + - in: path + name: modelsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:rawPredict: + parameters: *ref_1 + post: + description: >- + Perform an online prediction with an arbitrary HTTP payload. The + response includes the following HTTP headers: * + `X-Vertex-AI-Endpoint-Id`: ID of the Endpoint that served this + prediction. * `X-Vertex-AI-Deployed-Model-Id`: ID of the Endpoint's + DeployedModel that served this prediction. + operationId: aiplatform.projects.locations.publishers.models.rawPredict requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Endpoint' + $ref: '#/components/schemas/GoogleCloudAiplatformV1RawPredictRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Endpoint' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: projectsId @@ -44506,30 +59769,42 @@ paths: schema: type: string - in: path - name: endpointsId + name: publishersId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: modelsId + required: true schema: type: string - format: google-fieldmask - delete: - description: Deletes an Endpoint. - operationId: aiplatform.projects.locations.endpoints.delete + /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:embedContent: + parameters: *ref_1 + post: + description: Embed content with multimodal inputs. + operationId: aiplatform.projects.locations.publishers.models.embedContent + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EmbedContentRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1EmbedContentResponse parameters: - in: path name: projectsId @@ -44542,21 +59817,25 @@ paths: schema: type: string - in: path - name: endpointsId + name: publishersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:update: + - in: path + name: modelsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/indexes/{indexesId}: parameters: *ref_1 - post: - description: Updates an Endpoint with a long running operation. - operationId: aiplatform.projects.locations.endpoints.update + patch: + description: Updates an Index. + operationId: aiplatform.projects.locations.indexes.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1UpdateEndpointLongRunningRequest + $ref: '#/components/schemas/GoogleCloudAiplatformV1Index' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -44581,20 +59860,20 @@ paths: schema: type: string - in: path - name: endpointsId + name: indexesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:deployModel: - parameters: *ref_1 - post: - description: Deploys a Model into this Endpoint, creating a DeployedModel within it. - operationId: aiplatform.projects.locations.endpoints.deployModel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployModelRequest' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: >- + Deletes an Index. An Index can only be deleted when all its + DeployedIndexes had been undeployed. + operationId: aiplatform.projects.locations.indexes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -44619,22 +59898,13 @@ paths: schema: type: string - in: path - name: endpointsId + name: indexesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:undeployModel: - parameters: *ref_1 - post: - description: >- - Undeploys a Model from an Endpoint, removing a DeployedModel from it, - and freeing all resources it's using. - operationId: aiplatform.projects.locations.endpoints.undeployModel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1UndeployModelRequest' + get: + description: Gets an Index. + operationId: aiplatform.projects.locations.indexes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -44646,7 +59916,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Index' parameters: - in: path name: projectsId @@ -44659,25 +59929,20 @@ paths: schema: type: string - in: path - name: endpointsId + name: indexesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:mutateDeployedModel: + /v1/projects/{projectsId}/locations/{locationsId}/indexes: parameters: *ref_1 post: - description: >- - Updates an existing deployed model. Updatable fields include - `min_replica_count`, `max_replica_count`, `required_replica_count`, - `autoscaling_metric_specs`, `disable_container_logging` (v1 only), and - `enable_container_logging` (v1beta1 only). - operationId: aiplatform.projects.locations.endpoints.mutateDeployedModel + description: Creates an Index. + operationId: aiplatform.projects.locations.indexes.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1MutateDeployedModelRequest + $ref: '#/components/schemas/GoogleCloudAiplatformV1Index' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -44701,37 +59966,75 @@ paths: required: true schema: type: string - - in: path - name: endpointsId - required: true + get: + description: Lists Indexes in a Location. + operationId: aiplatform.projects.locations.indexes.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListIndexesResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:predict: + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/indexes/{indexesId}:removeDatapoints: parameters: *ref_1 post: - description: Perform an online prediction. - operationId: aiplatform.projects.locations.endpoints.predict + description: Remove Datapoints from an Index. + operationId: aiplatform.projects.locations.indexes.removeDatapoints requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictRequest' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RemoveDatapointsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictResponse' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RemoveDatapointsResponse parameters: - in: path name: projectsId @@ -44744,41 +60047,34 @@ paths: schema: type: string - in: path - name: endpointsId + name: indexesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:rawPredict: + /v1/projects/{projectsId}/locations/{locationsId}/indexes/{indexesId}:upsertDatapoints: parameters: *ref_1 post: - description: >- - Perform an online prediction with an arbitrary HTTP payload. The - response includes the following HTTP headers: * - `X-Vertex-AI-Endpoint-Id`: ID of the Endpoint that served this - prediction. * `X-Vertex-AI-Deployed-Model-Id`: ID of the Endpoint's - DeployedModel that served this prediction. - operationId: aiplatform.projects.locations.endpoints.rawPredict + description: Add/update Datapoints into an Index. + operationId: aiplatform.projects.locations.indexes.upsertDatapoints requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1RawPredictRequest' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1UpsertDatapointsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1UpsertDatapointsResponse parameters: - in: path name: projectsId @@ -44791,37 +60087,36 @@ paths: schema: type: string - in: path - name: endpointsId + name: indexesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:streamRawPredict: + /v1/projects/{projectsId}/locations/{locationsId}/indexes/{indexesId}/operations/{operationsId}:cancel: parameters: *ref_1 post: - description: Perform a streaming online prediction with an arbitrary HTTP payload. - operationId: aiplatform.projects.locations.endpoints.streamRawPredict - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StreamRawPredictRequest + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.indexes.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -44834,39 +60129,36 @@ paths: schema: type: string - in: path - name: endpointsId + name: indexesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:directPredict: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/indexes/{indexesId}/operations/{operationsId}: parameters: *ref_1 - post: + delete: description: >- - Perform an unary online prediction request to a gRPC model server for - Vertex first-party products and frameworks. - operationId: aiplatform.projects.locations.endpoints.directPredict - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DirectPredictRequest' + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.indexes.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1DirectPredictResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -44879,40 +60171,33 @@ paths: schema: type: string - in: path - name: endpointsId + name: indexesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:directRawPredict: - parameters: *ref_1 - post: + - in: path + name: operationsId + required: true + schema: + type: string + get: description: >- - Perform an unary online prediction request to a gRPC model server for - custom containers. - operationId: aiplatform.projects.locations.endpoints.directRawPredict - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1DirectRawPredictRequest + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.indexes.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1DirectRawPredictResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -44925,40 +60210,34 @@ paths: schema: type: string - in: path - name: endpointsId + name: indexesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:serverStreamingPredict: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/indexes/{indexesId}/operations: parameters: *ref_1 - post: + get: description: >- - Perform a server-side streaming online prediction request for Vertex LLM - streaming. - operationId: aiplatform.projects.locations.endpoints.serverStreamingPredict - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StreamingPredictRequest + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.indexes.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StreamingPredictResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -44971,30 +60250,46 @@ paths: schema: type: string - in: path - name: endpointsId + name: indexesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:predictLongRunning: + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/indexes/{indexesId}/operations/{operationsId}:wait: parameters: *ref_1 post: - description: '' - operationId: aiplatform.projects.locations.endpoints.predictLongRunning - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PredictLongRunningRequest + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.indexes.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response @@ -45014,37 +60309,37 @@ paths: schema: type: string - in: path - name: endpointsId + name: indexesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:fetchPredictOperation: + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes/{notebookRuntimesId}: parameters: *ref_1 - post: - description: Fetch an asynchronous online prediction operation. - operationId: aiplatform.projects.locations.endpoints.fetchPredictOperation - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FetchPredictOperationRequest + get: + description: Gets a NotebookRuntime. + operationId: aiplatform.projects.locations.notebookRuntimes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookRuntime' parameters: - in: path name: projectsId @@ -45057,40 +60352,25 @@ paths: schema: type: string - in: path - name: endpointsId + name: notebookRuntimesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:explain: - parameters: *ref_1 - post: - description: >- - Perform an online explanation. If deployed_model_id is specified, the - corresponding DeployModel must have explanation_spec populated. If - deployed_model_id is not specified, all DeployedModels must have - explanation_spec populated. - operationId: aiplatform.projects.locations.endpoints.explain - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplainRequest' + delete: + description: Deletes a NotebookRuntime. + operationId: aiplatform.projects.locations.notebookRuntimes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ExplainResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -45103,38 +60383,33 @@ paths: schema: type: string - in: path - name: endpointsId + name: notebookRuntimesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:generateContent: + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes/{notebookRuntimesId}:stop: parameters: *ref_1 post: - description: Generate content with multimodal inputs. - operationId: aiplatform.projects.locations.endpoints.generateContent + description: Stops a NotebookRuntime. + operationId: aiplatform.projects.locations.notebookRuntimes.stop requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentRequest + #/components/schemas/GoogleCloudAiplatformV1StopNotebookRuntimeRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -45147,38 +60422,33 @@ paths: schema: type: string - in: path - name: endpointsId + name: notebookRuntimesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:streamGenerateContent: + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes/{notebookRuntimesId}:start: parameters: *ref_1 post: - description: Generate content with multimodal inputs with streaming support. - operationId: aiplatform.projects.locations.endpoints.streamGenerateContent + description: Starts a NotebookRuntime. + operationId: aiplatform.projects.locations.notebookRuntimes.start requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentRequest + #/components/schemas/GoogleCloudAiplatformV1StartNotebookRuntimeRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -45191,20 +60461,21 @@ paths: schema: type: string - in: path - name: endpointsId + name: notebookRuntimesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:countTokens: + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes/{notebookRuntimesId}:upgrade: parameters: *ref_1 post: - description: Perform a token counting. - operationId: aiplatform.projects.locations.endpoints.countTokens + description: Upgrades a NotebookRuntime. + operationId: aiplatform.projects.locations.notebookRuntimes.upgrade requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CountTokensRequest' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1UpgradeNotebookRuntimeRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45216,8 +60487,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CountTokensResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -45230,20 +60500,24 @@ paths: schema: type: string - in: path - name: endpointsId + name: notebookRuntimesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}:computeTokens: + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes:assign: parameters: *ref_1 post: - description: Return a list of tokens based on the input text. - operationId: aiplatform.projects.locations.endpoints.computeTokens + description: >- + Assigns a NotebookRuntime to a user for a particular Notebook file. This + method will either returns an existing assignment or generates a new + one. + operationId: aiplatform.projects.locations.notebookRuntimes.assign requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ComputeTokensRequest' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1AssignNotebookRuntimeRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45255,8 +60529,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ComputeTokensResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -45268,18 +60541,11 @@ paths: required: true schema: type: string - - in: path - name: endpointsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.endpoints.operations.list + description: Lists NotebookRuntimes in a Location. + operationId: aiplatform.projects.locations.notebookRuntimes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45291,7 +60557,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListNotebookRuntimesResponse parameters: - in: path name: projectsId @@ -45303,32 +60570,36 @@ paths: required: true schema: type: string - - in: path - name: endpointsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: filter + name: orderBy + schema: + type: string + - in: query + name: readMask schema: type: string + format: google-fieldmask - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes/{notebookRuntimesId}/operations/{operationsId}: parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: aiplatform.projects.locations.endpoints.operations.get + operationId: aiplatform.projects.locations.notebookRuntimes.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45353,7 +60624,7 @@ paths: schema: type: string - in: path - name: endpointsId + name: notebookRuntimesId required: true schema: type: string @@ -45368,7 +60639,7 @@ paths: is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.endpoints.operations.delete + operationId: aiplatform.projects.locations.notebookRuntimes.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45393,7 +60664,7 @@ paths: schema: type: string - in: path - name: endpointsId + name: notebookRuntimesId required: true schema: type: string @@ -45402,7 +60673,7 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes/{notebookRuntimesId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- @@ -45415,7 +60686,7 @@ paths: cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.endpoints.operations.cancel + operationId: aiplatform.projects.locations.notebookRuntimes.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45440,7 +60711,7 @@ paths: schema: type: string - in: path - name: endpointsId + name: notebookRuntimesId required: true schema: type: string @@ -45449,20 +60720,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes/{notebookRuntimesId}/operations: parameters: *ref_1 - post: + get: description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.endpoints.operations.wait + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.notebookRuntimes.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45474,7 +60738,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -45487,74 +60751,41 @@ paths: schema: type: string - in: path - name: endpointsId - required: true - schema: - type: string - - in: path - name: operationsId + name: notebookRuntimesId required: true schema: type: string - in: query - name: timeout + name: filter schema: type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}/chat/completions: - parameters: *ref_1 - post: - description: Exposes an OpenAI-compatible endpoint for chat completions. - operationId: aiplatform.projects.locations.endpoints.chat.completions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleApiHttpBody' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleApiHttpBody' - parameters: - - in: path - name: projectsId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: locationsId - required: true + type: integer + format: int32 + - in: query + name: returnPartialSuccess schema: - type: string - - in: path - name: endpointsId - required: true + type: boolean + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/cachedContents: + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes/{notebookRuntimesId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- - Creates cached content, this call will initialize the cached content in - the data storage, and users need to pay for the cache data storage. - operationId: aiplatform.projects.locations.cachedContents.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CachedContent' + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.notebookRuntimes.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45566,7 +60797,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CachedContent' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -45578,47 +60809,30 @@ paths: required: true schema: type: string - get: - description: Lists cached contents in a project - operationId: aiplatform.projects.locations.cachedContents.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListCachedContentsResponse - parameters: - in: path - name: projectsId + name: notebookRuntimesId required: true schema: type: string - in: path - name: locationsId + name: operationsId required: true schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: timeout schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/cachedContents/{cachedContentsId}: + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/schedules/{schedulesId}/operations/{operationsId}: parameters: *ref_1 - get: - description: Gets cached content configurations - operationId: aiplatform.projects.locations.cachedContents.get + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.schedules.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45630,7 +60844,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CachedContent' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -45643,18 +60857,21 @@ paths: schema: type: string - in: path - name: cachedContentsId + name: schedulesId required: true schema: type: string - patch: - description: Updates cached content configurations - operationId: aiplatform.projects.locations.cachedContents.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CachedContent' + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.schedules.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45666,7 +60883,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CachedContent' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -45679,18 +60896,29 @@ paths: schema: type: string - in: path - name: cachedContentsId + name: schedulesId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: operationsId + required: true schema: type: string - format: google-fieldmask - delete: - description: Deletes cached content - operationId: aiplatform.projects.locations.cachedContents.delete + /v1/projects/{projectsId}/locations/{locationsId}/schedules/{schedulesId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.schedules.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45715,22 +60943,29 @@ paths: schema: type: string - in: path - name: cachedContentsId + name: schedulesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tuningJobs: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/schedules/{schedulesId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- - Creates a TuningJob. A created TuningJob right away will be attempted to - be run. - operationId: aiplatform.projects.locations.tuningJobs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TuningJob' + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.schedules.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45742,7 +60977,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TuningJob' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -45754,9 +60989,28 @@ paths: required: true schema: type: string + - in: path + name: schedulesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/schedules/{schedulesId}/operations: + parameters: *ref_1 get: - description: Lists TuningJobs in a Location. - operationId: aiplatform.projects.locations.tuningJobs.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.schedules.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45768,8 +61022,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListTuningJobsResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -45781,8 +61034,9 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: schedulesId + required: true schema: type: string - in: query @@ -45794,11 +61048,19 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tuningJobs/{tuningJobsId}: + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/schedules/{schedulesId}: parameters: *ref_1 - get: - description: Gets a TuningJob. - operationId: aiplatform.projects.locations.tuningJobs.get + delete: + description: Deletes a Schedule. + operationId: aiplatform.projects.locations.schedules.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45810,7 +61072,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TuningJob' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -45823,29 +61085,23 @@ paths: schema: type: string - in: path - name: tuningJobsId + name: schedulesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tuningJobs/{tuningJobsId}:cancel: - parameters: *ref_1 - post: + patch: description: >- - Cancels a TuningJob. Starts asynchronous cancellation on the TuningJob. - The server makes a best effort to cancel the job, but success is not - guaranteed. Clients can use GenAiTuningService.GetTuningJob or other - methods to check whether the cancellation succeeded or whether the job - completed despite cancellation. On successful cancellation, the - TuningJob is not deleted; instead it becomes a job with a - TuningJob.error value with a google.rpc.Status.code of 1, corresponding - to `Code.CANCELLED`, and TuningJob.state is set to `CANCELLED`. - operationId: aiplatform.projects.locations.tuningJobs.cancel + Updates an active or paused Schedule. When the Schedule is updated, new + runs will be scheduled starting from the updated next execution time + after the update time based on the time_specification in the updated + Schedule. All unstarted runs before the update time will be skipped + while already created runs will NOT be paused or canceled. + operationId: aiplatform.projects.locations.schedules.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CancelTuningJobRequest + $ref: '#/components/schemas/GoogleCloudAiplatformV1Schedule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45857,7 +61113,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Schedule' parameters: - in: path name: projectsId @@ -45870,21 +61126,18 @@ paths: schema: type: string - in: path - name: tuningJobsId + name: schedulesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tuningJobs:rebaseTunedModel: - parameters: *ref_1 - post: - description: Rebase a TunedModel. - operationId: aiplatform.projects.locations.tuningJobs.rebaseTunedModel - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RebaseTunedModelRequest + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets a Schedule. + operationId: aiplatform.projects.locations.schedules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45896,7 +61149,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Schedule' parameters: - in: path name: projectsId @@ -45908,13 +61161,24 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tuningJobs/{tuningJobsId}/operations: + - in: path + name: schedulesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/schedules/{schedulesId}:pause: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.tuningJobs.operations.list + Pauses a Schedule. Will mark Schedule.state to 'PAUSED'. If the schedule + is paused, no new runs will be created. Already created runs will NOT be + paused or canceled. + operationId: aiplatform.projects.locations.schedules.pause + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PauseScheduleRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45926,7 +61190,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -45939,31 +61203,15 @@ paths: schema: type: string - in: path - name: tuningJobsId + name: schedulesId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/tuningJobs/{tuningJobsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/schedules: parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.tuningJobs.operations.get + description: Lists Schedules in a Location. + operationId: aiplatform.projects.locations.schedules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -45975,7 +61223,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListSchedulesResponse parameters: - in: path name: projectsId @@ -45987,23 +61236,31 @@ paths: required: true schema: type: string - - in: path - name: tuningJobsId - required: true + - in: query + name: filter schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.tuningJobs.operations.delete + - in: query + name: orderBy + schema: + type: string + post: + description: Creates a Schedule. + operationId: aiplatform.projects.locations.schedules.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Schedule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46015,7 +61272,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Schedule' parameters: - in: path name: projectsId @@ -46027,30 +61284,23 @@ paths: required: true schema: type: string - - in: path - name: tuningJobsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/tuningJobs/{tuningJobsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/schedules/{schedulesId}:resume: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.tuningJobs.operations.cancel + Resumes a paused Schedule to start scheduling new runs. Will mark + Schedule.state to 'ACTIVE'. Only paused Schedule can be resumed. When + the Schedule is resumed, new runs will be scheduled starting from the + next execution time after the current time based on the + time_specification in the Schedule. If Schedule.catch_up is set up true, + all missed runs will be scheduled for backfill first. + operationId: aiplatform.projects.locations.schedules.resume + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ResumeScheduleRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46075,25 +61325,22 @@ paths: schema: type: string - in: path - name: tuningJobsId - required: true - schema: - type: string - - in: path - name: operationsId + name: schedulesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/indexes: + /v1/projects/{projectsId}/locations/{locationsId}/studies:lookup: parameters: *ref_1 post: - description: Creates an Index. - operationId: aiplatform.projects.locations.indexes.create + description: >- + Looks a study up using the user-defined display_name field instead of + the fully qualified resource name. + operationId: aiplatform.projects.locations.studies.lookup requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Index' + $ref: '#/components/schemas/GoogleCloudAiplatformV1LookupStudyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46105,7 +61352,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Study' parameters: - in: path name: projectsId @@ -46117,9 +61364,11 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/studies: + parameters: *ref_1 get: - description: Lists Indexes in a Location. - operationId: aiplatform.projects.locations.indexes.list + description: Lists all the studies in a region for an associated project. + operationId: aiplatform.projects.locations.studies.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46132,7 +61381,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListIndexesResponse + #/components/schemas/GoogleCloudAiplatformV1ListStudiesResponse parameters: - in: path name: projectsId @@ -46145,7 +61394,7 @@ paths: schema: type: string - in: query - name: filter + name: pageToken schema: type: string - in: query @@ -46153,20 +61402,44 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken + post: + description: >- + Creates a Study. A resource name will be generated after creation of the + Study. + operationId: aiplatform.projects.locations.studies.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Study' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Study' + parameters: + - in: path + name: projectsId + required: true schema: type: string - - in: query - name: readMask + - in: path + name: locationsId + required: true schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/indexes/{indexesId}: + /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}: parameters: *ref_1 get: - description: Gets an Index. - operationId: aiplatform.projects.locations.indexes.get + description: Gets a Study by name. + operationId: aiplatform.projects.locations.studies.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46178,7 +61451,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Index' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Study' parameters: - in: path name: projectsId @@ -46191,18 +61464,13 @@ paths: schema: type: string - in: path - name: indexesId + name: studiesId required: true schema: type: string - patch: - description: Updates an Index. - operationId: aiplatform.projects.locations.indexes.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Index' + delete: + description: Deletes a Study. + operationId: aiplatform.projects.locations.studies.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46214,7 +61482,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -46227,20 +61495,18 @@ paths: schema: type: string - in: path - name: indexesId + name: studiesId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: + /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/operations/{operationsId}: + parameters: *ref_1 + get: description: >- - Deletes an Index. An Index can only be deleted when all its - DeployedIndexes had been undeployed. - operationId: aiplatform.projects.locations.indexes.delete + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.studies.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46265,21 +61531,22 @@ paths: schema: type: string - in: path - name: indexesId + name: studiesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/indexes/{indexesId}:upsertDatapoints: - parameters: *ref_1 - post: - description: Add/update Datapoints into an Index. - operationId: aiplatform.projects.locations.indexes.upsertDatapoints - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1UpsertDatapointsRequest + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.studies.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46291,8 +61558,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1UpsertDatapointsResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -46305,21 +61571,22 @@ paths: schema: type: string - in: path - name: indexesId + name: studiesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/indexes/{indexesId}:removeDatapoints: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/operations: parameters: *ref_1 - post: - description: Remove Datapoints from an Index. - operationId: aiplatform.projects.locations.indexes.removeDatapoints - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RemoveDatapointsRequest + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.studies.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46331,8 +61598,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RemoveDatapointsResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -46345,17 +61611,41 @@ paths: schema: type: string - in: path - name: indexesId + name: studiesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/indexes/{indexesId}/operations: + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/operations/{operationsId}:wait: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.indexes.operations.list + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.studies.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46367,7 +61657,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -46380,31 +61670,34 @@ paths: schema: type: string - in: path - name: indexesId + name: studiesId required: true schema: type: string - - in: query - name: filter + - in: path + name: operationsId + required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: timeout schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/indexes/{indexesId}/operations/{operationsId}: + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.indexes.operations.get + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.studies.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46416,7 +61709,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -46429,7 +61722,7 @@ paths: schema: type: string - in: path - name: indexesId + name: studiesId required: true schema: type: string @@ -46438,13 +61731,15 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}/operations/{operationsId}: + parameters: *ref_1 delete: description: >- Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.indexes.operations.delete + operationId: aiplatform.projects.locations.studies.trials.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46469,7 +61764,12 @@ paths: schema: type: string - in: path - name: indexesId + name: studiesId + required: true + schema: + type: string + - in: path + name: trialsId required: true schema: type: string @@ -46478,20 +61778,12 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/indexes/{indexesId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.indexes.operations.cancel + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.studies.trials.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46503,7 +61795,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -46516,7 +61808,12 @@ paths: schema: type: string - in: path - name: indexesId + name: studiesId + required: true + schema: + type: string + - in: path + name: trialsId required: true schema: type: string @@ -46525,7 +61822,7 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/indexes/{indexesId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- @@ -46538,7 +61835,7 @@ paths: best-effort basis. It may return the latest state before the specified timeout (including immediately), meaning even an immediate response is no guarantee that the operation is done. - operationId: aiplatform.projects.locations.indexes.operations.wait + operationId: aiplatform.projects.locations.studies.trials.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46563,7 +61860,12 @@ paths: schema: type: string - in: path - name: indexesId + name: studiesId + required: true + schema: + type: string + - in: path + name: trialsId required: true schema: type: string @@ -46577,16 +61879,13 @@ paths: schema: type: string format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints: + /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}/operations: parameters: *ref_1 - post: - description: Creates an IndexEndpoint. - operationId: aiplatform.projects.locations.indexEndpoints.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexEndpoint' + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.studies.trials.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46598,7 +61897,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -46610,35 +61909,22 @@ paths: required: true schema: type: string - get: - description: Lists IndexEndpoints in a Location. - operationId: aiplatform.projects.locations.indexEndpoints.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListIndexEndpointsResponse - parameters: - in: path - name: projectsId + name: studiesId required: true schema: type: string - in: path - name: locationsId + name: trialsId required: true schema: type: string - in: query - name: filter + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken schema: type: string - in: query @@ -46647,19 +61933,23 @@ paths: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - - in: query - name: readMask + name: filter schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}: + /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: - description: Gets an IndexEndpoint. - operationId: aiplatform.projects.locations.indexEndpoints.get + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.studies.trials.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46671,7 +61961,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexEndpoint' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -46684,18 +61974,33 @@ paths: schema: type: string - in: path - name: indexEndpointsId + name: studiesId required: true schema: type: string - patch: - description: Updates an IndexEndpoint. - operationId: aiplatform.projects.locations.indexEndpoints.patch + - in: path + name: trialsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}:addTrialMeasurement: + parameters: *ref_1 + post: + description: >- + Adds a measurement of the objective metrics to a Trial. This measurement + is assumed to have been taken before the Trial is complete. + operationId: aiplatform.projects.locations.studies.trials.addTrialMeasurement requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexEndpoint' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1AddTrialMeasurementRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46707,7 +62012,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1IndexEndpoint' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' parameters: - in: path name: projectsId @@ -46720,18 +62025,20 @@ paths: schema: type: string - in: path - name: indexEndpointsId + name: studiesId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: trialsId + required: true schema: type: string - format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}: + parameters: *ref_1 delete: - description: Deletes an IndexEndpoint. - operationId: aiplatform.projects.locations.indexEndpoints.delete + description: Deletes a Trial. + operationId: aiplatform.projects.locations.studies.trials.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46743,7 +62050,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -46756,22 +62063,18 @@ paths: schema: type: string - in: path - name: indexEndpointsId + name: studiesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}:deployIndex: - parameters: *ref_1 - post: - description: >- - Deploys an Index into this IndexEndpoint, creating a DeployedIndex - within it. - operationId: aiplatform.projects.locations.indexEndpoints.deployIndex - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployIndexRequest' + - in: path + name: trialsId + required: true + schema: + type: string + get: + description: Gets a Trial. + operationId: aiplatform.projects.locations.studies.trials.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46783,7 +62086,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' parameters: - in: path name: projectsId @@ -46796,22 +62099,20 @@ paths: schema: type: string - in: path - name: indexEndpointsId + name: studiesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}:undeployIndex: + - in: path + name: trialsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials: parameters: *ref_1 - post: - description: >- - Undeploys an Index from an IndexEndpoint, removing a DeployedIndex from - it, and freeing all resources it's using. - operationId: aiplatform.projects.locations.indexEndpoints.undeployIndex - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1UndeployIndexRequest' + get: + description: Lists the Trials associated with a Study. + operationId: aiplatform.projects.locations.studies.trials.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46823,7 +62124,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1ListTrialsResponse' parameters: - in: path name: projectsId @@ -46836,20 +62137,27 @@ paths: schema: type: string - in: path - name: indexEndpointsId + name: studiesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}:mutateDeployedIndex: - parameters: *ref_1 + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string post: - description: Update an existing DeployedIndex under an IndexEndpoint. - operationId: aiplatform.projects.locations.indexEndpoints.mutateDeployedIndex + description: Adds a user provided Trial to a Study. + operationId: aiplatform.projects.locations.studies.trials.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DeployedIndex' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46861,7 +62169,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' parameters: - in: path name: projectsId @@ -46874,20 +62182,25 @@ paths: schema: type: string - in: path - name: indexEndpointsId + name: studiesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}:findNeighbors: + /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}:checkTrialEarlyStoppingState: parameters: *ref_1 post: - description: Finds the nearest neighbors of each vector within the request. - operationId: aiplatform.projects.locations.indexEndpoints.findNeighbors + description: >- + Checks whether a Trial should stop or not. Returns a long-running + operation. When the operation is successful, it will contain a + CheckTrialEarlyStoppingStateResponse. + operationId: >- + aiplatform.projects.locations.studies.trials.checkTrialEarlyStoppingState requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1FindNeighborsRequest' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CheckTrialEarlyStoppingStateRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46899,8 +62212,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FindNeighborsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -46913,23 +62225,29 @@ paths: schema: type: string - in: path - name: indexEndpointsId + name: studiesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}:readIndexDatapoints: + - in: path + name: trialsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials:listOptimalTrials: parameters: *ref_1 post: description: >- - Reads the datapoints/vectors of the given IDs. A maximum of 1000 - datapoints can be retrieved in a batch. - operationId: aiplatform.projects.locations.indexEndpoints.readIndexDatapoints + Lists the pareto-optimal Trials for multi-objective Study or the optimal + Trials for single-objective Study. The definition of pareto-optimal can + be checked in wiki page. https://en.wikipedia.org/wiki/Pareto_efficiency + operationId: aiplatform.projects.locations.studies.trials.listOptimalTrials requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ReadIndexDatapointsRequest + #/components/schemas/GoogleCloudAiplatformV1ListOptimalTrialsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -46942,42 +62260,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ReadIndexDatapointsResponse - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: indexEndpointsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.indexEndpoints.operations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + #/components/schemas/GoogleCloudAiplatformV1ListOptimalTrialsResponse parameters: - in: path name: projectsId @@ -46990,31 +62273,20 @@ paths: schema: type: string - in: path - name: indexEndpointsId + name: studiesId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}:stop: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.indexEndpoints.operations.get + post: + description: Stops a Trial. + operationId: aiplatform.projects.locations.studies.trials.stop + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1StopTrialRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47026,7 +62298,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' parameters: - in: path name: projectsId @@ -47039,22 +62311,25 @@ paths: schema: type: string - in: path - name: indexEndpointsId + name: studiesId required: true schema: type: string - in: path - name: operationsId + name: trialsId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.indexEndpoints.operations.delete + /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}:complete: + parameters: *ref_1 + post: + description: Marks a Trial as complete. + operationId: aiplatform.projects.locations.studies.trials.complete + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1CompleteTrialRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47066,7 +62341,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' parameters: - in: path name: projectsId @@ -47079,29 +62354,29 @@ paths: schema: type: string - in: path - name: indexEndpointsId + name: studiesId required: true schema: type: string - in: path - name: operationsId + name: trialsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials:suggest: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.indexEndpoints.operations.cancel + Adds one or more Trials to a Study, with parameter values suggested by + Vertex AI Vizier. Returns a long-running operation associated with the + generation of Trial suggestions. When this long-running operation + succeeds, it will contain a SuggestTrialsResponse. + operationId: aiplatform.projects.locations.studies.trials.suggest + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SuggestTrialsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47113,7 +62388,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -47126,29 +62401,15 @@ paths: schema: type: string - in: path - name: indexEndpointsId - required: true - schema: - type: string - - in: path - name: operationsId + name: studiesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/indexEndpoints/{indexEndpointsId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}: parameters: *ref_1 - post: - description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.indexEndpoints.operations.wait + get: + description: Gets a Model. + operationId: aiplatform.projects.locations.models.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47160,7 +62421,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Model' parameters: - in: path name: projectsId @@ -47173,32 +62434,18 @@ paths: schema: type: string - in: path - name: indexEndpointsId - required: true - schema: - type: string - - in: path - name: operationsId + name: modelsId required: true schema: type: string - - in: query - name: timeout - schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/customJobs: - parameters: *ref_1 - post: - description: >- - Creates a CustomJob. A created CustomJob right away will be attempted to - be run. - operationId: aiplatform.projects.locations.customJobs.create + patch: + description: Updates a Model. + operationId: aiplatform.projects.locations.models.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJob' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Model' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47210,7 +62457,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJob' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Model' parameters: - in: path name: projectsId @@ -47222,56 +62469,21 @@ paths: required: true schema: type: string - get: - description: Lists CustomJobs in a Location. - operationId: aiplatform.projects.locations.customJobs.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListCustomJobsResponse - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: modelsId + required: true schema: type: string - in: query - name: readMask + name: updateMask schema: type: string format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/customJobs/{customJobsId}: - parameters: *ref_1 - get: - description: Gets a CustomJob. - operationId: aiplatform.projects.locations.customJobs.get + delete: + description: >- + Deletes a Model. A model cannot be deleted if any Endpoint resource has + a DeployedModel based on the model in its deployed_models field. + operationId: aiplatform.projects.locations.models.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47283,7 +62495,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CustomJob' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -47296,13 +62508,23 @@ paths: schema: type: string - in: path - name: customJobsId + name: modelsId required: true schema: type: string - delete: - description: Deletes a CustomJob. - operationId: aiplatform.projects.locations.customJobs.delete + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: aiplatform.projects.locations.models.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47314,7 +62536,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -47327,29 +62549,25 @@ paths: schema: type: string - in: path - name: customJobsId + name: modelsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/customJobs/{customJobsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/models:copy: parameters: *ref_1 post: description: >- - Cancels a CustomJob. Starts asynchronous cancellation on the CustomJob. - The server makes a best effort to cancel the job, but success is not - guaranteed. Clients can use JobService.GetCustomJob or other methods to - check whether the cancellation succeeded or whether the job completed - despite cancellation. On successful cancellation, the CustomJob is not - deleted; instead it becomes a job with a CustomJob.error value with a - google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`, and - CustomJob.state is set to `CANCELLED`. - operationId: aiplatform.projects.locations.customJobs.cancel + Copies an already existing Vertex AI Model into the specified Location. + The source Model must exist in the same Project. When copying custom + Models, the users themselves are responsible for Model.metadata content + to be region-agnostic, as well as making sure that any resources (e.g. + files) it depends on remain accessible. + operationId: aiplatform.projects.locations.models.copy requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CancelCustomJobRequest + $ref: '#/components/schemas/GoogleCloudAiplatformV1CopyModelRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47361,7 +62579,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -47373,18 +62591,19 @@ paths: required: true schema: type: string - - in: path - name: customJobsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/customJobs/{customJobsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:export: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.customJobs.operations.list + Exports a trained, exportable Model to a location specified by the user. + A Model is considered to be exportable if it has at least one supported + export format. + operationId: aiplatform.projects.locations.models.export + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ExportModelRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47396,7 +62615,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -47409,31 +62628,18 @@ paths: schema: type: string - in: path - name: customJobsId + name: modelsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/customJobs/{customJobsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:deleteVersion: parameters: *ref_1 - get: + delete: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.customJobs.operations.get + Deletes a Model version. Model version can only be deleted if there are + no DeployedModels created from it. Deleting the only version in the + Model is not allowed. Use DeleteModel for deleting the Model instead. + operationId: aiplatform.projects.locations.models.deleteVersion security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47458,22 +62664,17 @@ paths: schema: type: string - in: path - name: customJobsId - required: true - schema: - type: string - - in: path - name: operationsId + name: modelsId required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:getIamPolicy: + parameters: *ref_1 + post: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.customJobs.operations.delete + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: aiplatform.projects.locations.models.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47485,7 +62686,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -47498,29 +62699,20 @@ paths: schema: type: string - in: path - name: customJobsId + name: modelsId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: options.requestedPolicyVersion schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/customJobs/{customJobsId}/operations/{operationsId}:cancel: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:listCheckpoints: parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.customJobs.operations.cancel + get: + description: Lists checkpoints of the specified model version. + operationId: aiplatform.projects.locations.models.listCheckpoints security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47532,7 +62724,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListModelVersionCheckpointsResponse parameters: - in: path name: projectsId @@ -47545,29 +62738,29 @@ paths: schema: type: string - in: path - name: customJobsId + name: modelsId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/customJobs/{customJobsId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:testIamPermissions: parameters: *ref_1 post: description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.customJobs.operations.wait + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: aiplatform.projects.locations.models.testIamPermissions security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47579,7 +62772,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -47592,30 +62785,25 @@ paths: schema: type: string - in: path - name: customJobsId - required: true - schema: - type: string - - in: path - name: operationsId + name: modelsId required: true schema: type: string - in: query - name: timeout + name: permissions schema: type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/dataLabelingJobs: + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:mergeVersionAliases: parameters: *ref_1 post: - description: Creates a DataLabelingJob. - operationId: aiplatform.projects.locations.dataLabelingJobs.create + description: Merges a set of aliases for a Model version. + operationId: aiplatform.projects.locations.models.mergeVersionAliases requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DataLabelingJob' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1MergeVersionAliasesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47627,7 +62815,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DataLabelingJob' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Model' parameters: - in: path name: projectsId @@ -47639,9 +62827,16 @@ paths: required: true schema: type: string + - in: path + name: modelsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:listVersions: + parameters: *ref_1 get: - description: Lists DataLabelingJobs in a Location. - operationId: aiplatform.projects.locations.dataLabelingJobs.list + description: Lists versions of the specified model. + operationId: aiplatform.projects.locations.models.listVersions security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47654,7 +62849,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListDataLabelingJobsResponse + #/components/schemas/GoogleCloudAiplatformV1ListModelVersionsResponse parameters: - in: path name: projectsId @@ -47666,8 +62861,17 @@ paths: required: true schema: type: string + - in: path + name: modelsId + required: true + schema: + type: string - in: query - name: filter + name: orderBy + schema: + type: string + - in: query + name: pageToken schema: type: string - in: query @@ -47676,7 +62880,7 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query @@ -47684,15 +62888,17 @@ paths: schema: type: string format: google-fieldmask - - in: query - name: orderBy - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataLabelingJobs/{dataLabelingJobsId}: + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}:updateExplanationDataset: parameters: *ref_1 - get: - description: Gets a DataLabelingJob. - operationId: aiplatform.projects.locations.dataLabelingJobs.get + post: + description: Incrementally update the dataset used for an examples model. + operationId: aiplatform.projects.locations.models.updateExplanationDataset + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1UpdateExplanationDatasetRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47704,7 +62910,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1DataLabelingJob' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -47717,13 +62923,15 @@ paths: schema: type: string - in: path - name: dataLabelingJobsId + name: modelsId required: true schema: type: string - delete: - description: Deletes a DataLabelingJob. - operationId: aiplatform.projects.locations.dataLabelingJobs.delete + /v1/projects/{projectsId}/locations/{locationsId}/models: + parameters: *ref_1 + get: + description: Lists Models in a Location. + operationId: aiplatform.projects.locations.models.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47735,7 +62943,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1ListModelsResponse' parameters: - in: path name: projectsId @@ -47747,57 +62955,38 @@ paths: required: true schema: type: string - - in: path - name: dataLabelingJobsId - required: true + - in: query + name: readMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataLabelingJobs/{dataLabelingJobsId}:cancel: - parameters: *ref_1 - post: - description: Cancels a DataLabelingJob. Success of cancellation is not guaranteed. - operationId: aiplatform.projects.locations.dataLabelingJobs.cancel - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CancelDataLabelingJobRequest - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' - parameters: - - in: path - name: projectsId - required: true + format: google-fieldmask + - in: query + name: pageToken schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: orderBy schema: type: string - - in: path - name: dataLabelingJobsId - required: true + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataLabelingJobs/{dataLabelingJobsId}/operations: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/models:upload: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.dataLabelingJobs.operations.list + post: + description: Uploads a Model artifact into Vertex AI. + operationId: aiplatform.projects.locations.models.upload + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1UploadModelRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47809,7 +62998,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -47821,32 +63010,14 @@ paths: required: true schema: type: string - - in: path - name: dataLabelingJobsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataLabelingJobs/{dataLabelingJobsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/operations/{operationsId}: parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: aiplatform.projects.locations.dataLabelingJobs.operations.get + operationId: aiplatform.projects.locations.models.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47871,7 +63042,7 @@ paths: schema: type: string - in: path - name: dataLabelingJobsId + name: modelsId required: true schema: type: string @@ -47886,7 +63057,7 @@ paths: is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.dataLabelingJobs.operations.delete + operationId: aiplatform.projects.locations.models.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47911,7 +63082,7 @@ paths: schema: type: string - in: path - name: dataLabelingJobsId + name: modelsId required: true schema: type: string @@ -47920,20 +63091,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataLabelingJobs/{dataLabelingJobsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/operations: parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.dataLabelingJobs.operations.cancel + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.models.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -47945,7 +63109,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -47958,16 +63122,28 @@ paths: schema: type: string - in: path - name: dataLabelingJobsId + name: modelsId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataLabelingJobs/{dataLabelingJobsId}/operations/{operationsId}:wait: + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- @@ -47980,7 +63156,7 @@ paths: best-effort basis. It may return the latest state before the specified timeout (including immediately), meaning even an immediate response is no guarantee that the operation is done. - operationId: aiplatform.projects.locations.dataLabelingJobs.operations.wait + operationId: aiplatform.projects.locations.models.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48005,7 +63181,7 @@ paths: schema: type: string - in: path - name: dataLabelingJobsId + name: modelsId required: true schema: type: string @@ -48019,17 +63195,20 @@ paths: schema: type: string format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/hyperparameterTuningJobs: + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: - description: Creates a HyperparameterTuningJob - operationId: aiplatform.projects.locations.hyperparameterTuningJobs.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1HyperparameterTuningJob + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.models.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48041,8 +63220,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1HyperparameterTuningJob + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -48054,56 +63232,25 @@ paths: required: true schema: type: string - get: - description: Lists HyperparameterTuningJobs in a Location. - operationId: aiplatform.projects.locations.hyperparameterTuningJobs.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListHyperparameterTuningJobsResponse - parameters: - in: path - name: projectsId + name: modelsId required: true schema: type: string - in: path - name: locationsId + name: operationsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: readMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/hyperparameterTuningJobs/{hyperparameterTuningJobsId}: + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations/{evaluationsId}/operations/{operationsId}: parameters: *ref_1 - get: - description: Gets a HyperparameterTuningJob - operationId: aiplatform.projects.locations.hyperparameterTuningJobs.get + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.models.evaluations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48115,8 +63262,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1HyperparameterTuningJob + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -48125,66 +63271,30 @@ paths: type: string - in: path name: locationsId - required: true - schema: - type: string - - in: path - name: hyperparameterTuningJobsId - required: true - schema: - type: string - delete: - description: Deletes a HyperparameterTuningJob. - operationId: aiplatform.projects.locations.hyperparameterTuningJobs.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: + required: true + schema: + type: string - in: path - name: projectsId + name: modelsId required: true schema: type: string - in: path - name: locationsId + name: evaluationsId required: true schema: type: string - in: path - name: hyperparameterTuningJobsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/hyperparameterTuningJobs/{hyperparameterTuningJobsId}:cancel: - parameters: *ref_1 - post: + get: description: >- - Cancels a HyperparameterTuningJob. Starts asynchronous cancellation on - the HyperparameterTuningJob. The server makes a best effort to cancel - the job, but success is not guaranteed. Clients can use - JobService.GetHyperparameterTuningJob or other methods to check whether - the cancellation succeeded or whether the job completed despite - cancellation. On successful cancellation, the HyperparameterTuningJob is - not deleted; instead it becomes a job with a - HyperparameterTuningJob.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`, and HyperparameterTuningJob.state is - set to `CANCELLED`. - operationId: aiplatform.projects.locations.hyperparameterTuningJobs.cancel - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CancelHyperparameterTuningJobRequest + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.models.evaluations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48196,7 +63306,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -48209,17 +63319,27 @@ paths: schema: type: string - in: path - name: hyperparameterTuningJobsId + name: modelsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/hyperparameterTuningJobs/{hyperparameterTuningJobsId}/operations: + - in: path + name: evaluationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations/{evaluationsId}/operations: parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.hyperparameterTuningJobs.operations.list + operationId: aiplatform.projects.locations.models.evaluations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48244,10 +63364,23 @@ paths: schema: type: string - in: path - name: hyperparameterTuningJobsId + name: modelsId + required: true + schema: + type: string + - in: path + name: evaluationsId required: true schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string - in: query name: filter schema: @@ -48257,18 +63390,20 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/hyperparameterTuningJobs/{hyperparameterTuningJobsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations/{evaluationsId}/operations/{operationsId}:wait: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.hyperparameterTuningJobs.operations.get + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.models.evaluations.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48293,7 +63428,12 @@ paths: schema: type: string - in: path - name: hyperparameterTuningJobsId + name: modelsId + required: true + schema: + type: string + - in: path + name: evaluationsId required: true schema: type: string @@ -48302,13 +63442,25 @@ paths: required: true schema: type: string - delete: + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations/{evaluationsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.hyperparameterTuningJobs.operations.delete + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.models.evaluations.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48333,7 +63485,12 @@ paths: schema: type: string - in: path - name: hyperparameterTuningJobsId + name: modelsId + required: true + schema: + type: string + - in: path + name: evaluationsId required: true schema: type: string @@ -48342,20 +63499,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/hyperparameterTuningJobs/{hyperparameterTuningJobsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations/{evaluationsId}/slices: parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.hyperparameterTuningJobs.operations.cancel + get: + description: Lists ModelEvaluationSlices in a ModelEvaluation. + operationId: aiplatform.projects.locations.models.evaluations.slices.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48367,7 +63515,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListModelEvaluationSlicesResponse parameters: - in: path name: projectsId @@ -48380,29 +63529,44 @@ paths: schema: type: string - in: path - name: hyperparameterTuningJobsId + name: modelsId required: true schema: type: string - in: path - name: operationsId + name: evaluationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/hyperparameterTuningJobs/{hyperparameterTuningJobsId}/operations/{operationsId}:wait: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations/{evaluationsId}/slices/{slicesId}:batchImport: parameters: *ref_1 post: - description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.hyperparameterTuningJobs.operations.wait + description: Imports a list of externally generated EvaluatedAnnotations. + operationId: aiplatform.projects.locations.models.evaluations.slices.batchImport + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1BatchImportEvaluatedAnnotationsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48414,7 +63578,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1BatchImportEvaluatedAnnotationsResponse parameters: - in: path name: projectsId @@ -48427,30 +63592,25 @@ paths: schema: type: string - in: path - name: hyperparameterTuningJobsId + name: modelsId required: true schema: type: string - in: path - name: operationsId + name: evaluationsId required: true schema: type: string - - in: query - name: timeout + - in: path + name: slicesId + required: true schema: type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/nasJobs: + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations/{evaluationsId}/slices/{slicesId}: parameters: *ref_1 - post: - description: Creates a NasJob - operationId: aiplatform.projects.locations.nasJobs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1NasJob' + get: + description: Gets a ModelEvaluationSlice. + operationId: aiplatform.projects.locations.models.evaluations.slices.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48462,7 +63622,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1NasJob' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ModelEvaluationSlice parameters: - in: path name: projectsId @@ -48474,9 +63635,26 @@ paths: required: true schema: type: string + - in: path + name: modelsId + required: true + schema: + type: string + - in: path + name: evaluationsId + required: true + schema: + type: string + - in: path + name: slicesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations: + parameters: *ref_1 get: - description: Lists NasJobs in a Location. - operationId: aiplatform.projects.locations.nasJobs.list + description: Lists ModelEvaluations in a Model. + operationId: aiplatform.projects.locations.models.evaluations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48489,7 +63667,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListNasJobsResponse + #/components/schemas/GoogleCloudAiplatformV1ListModelEvaluationsResponse parameters: - in: path name: projectsId @@ -48501,8 +63679,13 @@ paths: required: true schema: type: string + - in: path + name: modelsId + required: true + schema: + type: string - in: query - name: filter + name: pageToken schema: type: string - in: query @@ -48511,7 +63694,7 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query @@ -48519,27 +63702,23 @@ paths: schema: type: string format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/nasJobs/{nasJobsId}: + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations/{evaluationsId}: parameters: *ref_1 get: - description: Gets a NasJob - operationId: aiplatform.projects.locations.nasJobs.get + description: Gets a ModelEvaluation. + operationId: aiplatform.projects.locations.models.evaluations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1NasJob' + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelEvaluation' parameters: - in: path name: projectsId @@ -48552,13 +63731,26 @@ paths: schema: type: string - in: path - name: nasJobsId + name: modelsId required: true schema: type: string - delete: - description: Deletes a NasJob. - operationId: aiplatform.projects.locations.nasJobs.delete + - in: path + name: evaluationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/models/{modelsId}/evaluations:import: + parameters: *ref_1 + post: + description: Imports an externally generated ModelEvaluation. + operationId: aiplatform.projects.locations.models.evaluations.import + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ImportModelEvaluationRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48570,7 +63762,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1ModelEvaluation' parameters: - in: path name: projectsId @@ -48583,28 +63775,21 @@ paths: schema: type: string - in: path - name: nasJobsId + name: modelsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/nasJobs/{nasJobsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments: parameters: *ref_1 post: - description: >- - Cancels a NasJob. Starts asynchronous cancellation on the NasJob. The - server makes a best effort to cancel the job, but success is not - guaranteed. Clients can use JobService.GetNasJob or other methods to - check whether the cancellation succeeded or whether the job completed - despite cancellation. On successful cancellation, the NasJob is not - deleted; instead it becomes a job with a NasJob.error value with a - google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`, and - NasJob.state is set to `CANCELLED`. - operationId: aiplatform.projects.locations.nasJobs.cancel + description: Creates a TensorboardExperiment. + operationId: aiplatform.projects.locations.tensorboards.experiments.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CancelNasJobRequest' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TensorboardExperiment security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48616,7 +63801,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TensorboardExperiment parameters: - in: path name: projectsId @@ -48629,27 +63815,34 @@ paths: schema: type: string - in: path - name: nasJobsId + name: tensorboardsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/nasJobs/{nasJobsId}/nasTrialDetails/{nasTrialDetailsId}: - parameters: *ref_1 + - in: query + name: tensorboardExperimentId + schema: + type: string get: - description: Gets a NasTrialDetail. - operationId: aiplatform.projects.locations.nasJobs.nasTrialDetails.get + description: Lists TensorboardExperiments in a Location. + operationId: aiplatform.projects.locations.tensorboards.experiments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1NasTrialDetail' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListTensorboardExperimentsResponse parameters: - in: path name: projectsId @@ -48662,25 +63855,93 @@ paths: schema: type: string - in: path - name: nasJobsId + name: tensorboardsId required: true schema: type: string + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + - in: query + name: pageToken + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}:batchCreate: + parameters: *ref_1 + post: + description: >- + Batch create TensorboardTimeSeries that belong to a + TensorboardExperiment. + operationId: aiplatform.projects.locations.tensorboards.experiments.batchCreate + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1BatchCreateTensorboardTimeSeriesRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1BatchCreateTensorboardTimeSeriesResponse + parameters: - in: path - name: nasTrialDetailsId + name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/nasJobs/{nasJobsId}/nasTrialDetails: + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}: parameters: *ref_1 get: - description: List top NasTrialDetails of a NasJob. - operationId: aiplatform.projects.locations.nasJobs.nasTrialDetails.list + description: Gets a TensorboardExperiment. + operationId: aiplatform.projects.locations.tensorboards.experiments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response @@ -48688,7 +63949,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListNasTrialDetailsResponse + #/components/schemas/GoogleCloudAiplatformV1TensorboardExperiment parameters: - in: path name: projectsId @@ -48701,31 +63962,24 @@ paths: schema: type: string - in: path - name: nasJobsId + name: tensorboardsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: experimentsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/batchPredictionJobs: - parameters: *ref_1 - post: - description: >- - Creates a BatchPredictionJob. A BatchPredictionJob once created will - right away be attempted to start. - operationId: aiplatform.projects.locations.batchPredictionJobs.create + patch: + description: Updates a TensorboardExperiment. + operationId: aiplatform.projects.locations.tensorboards.experiments.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1BatchPredictionJob' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TensorboardExperiment security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48737,7 +63991,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1BatchPredictionJob' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TensorboardExperiment parameters: - in: path name: projectsId @@ -48749,9 +64004,24 @@ paths: required: true schema: type: string - get: - description: Lists BatchPredictionJobs in a Location. - operationId: aiplatform.projects.locations.batchPredictionJobs.list + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a TensorboardExperiment. + operationId: aiplatform.projects.locations.tensorboards.experiments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48763,8 +64033,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListBatchPredictionJobsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -48776,29 +64045,30 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: tensorboardsId + required: true schema: type: string - - in: query - name: readMask + - in: path + name: experimentsId + required: true schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/batchPredictionJobs/{batchPredictionJobsId}: + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}:write: parameters: *ref_1 - get: - description: Gets a BatchPredictionJob - operationId: aiplatform.projects.locations.batchPredictionJobs.get + post: + description: >- + Write time series data points of multiple TensorboardTimeSeries in + multiple TensorboardRun's. If any data fail to be ingested, an error is + returned. + operationId: aiplatform.projects.locations.tensorboards.experiments.write + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1WriteTensorboardExperimentDataRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48810,7 +64080,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1BatchPredictionJob' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1WriteTensorboardExperimentDataResponse parameters: - in: path name: projectsId @@ -48823,15 +64094,23 @@ paths: schema: type: string - in: path - name: batchPredictionJobsId + name: tensorboardsId required: true schema: type: string - delete: - description: >- - Deletes a BatchPredictionJob. Can only be called on jobs that already - finished. - operationId: aiplatform.projects.locations.batchPredictionJobs.delete + - in: path + name: experimentsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.tensorboards.experiments.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48856,29 +64135,27 @@ paths: schema: type: string - in: path - name: batchPredictionJobsId + name: tensorboardsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/batchPredictionJobs/{batchPredictionJobsId}:cancel: - parameters: *ref_1 - post: + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: description: >- - Cancels a BatchPredictionJob. Starts asynchronous cancellation on the - BatchPredictionJob. The server makes the best effort to cancel the job, - but success is not guaranteed. Clients can use - JobService.GetBatchPredictionJob or other methods to check whether the - cancellation succeeded or whether the job completed despite - cancellation. On a successful cancellation, the BatchPredictionJob is - not deleted;instead its BatchPredictionJob.state is set to `CANCELLED`. - Any files already outputted by the job are not deleted. - operationId: aiplatform.projects.locations.batchPredictionJobs.cancel - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CancelBatchPredictionJobRequest + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.tensorboards.experiments.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48903,23 +64180,27 @@ paths: schema: type: string - in: path - name: batchPredictionJobsId + name: tensorboardsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs: + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/operations: parameters: *ref_1 - post: + get: description: >- - Creates a ModelDeploymentMonitoringJob. It will run periodically on a - configured interval. - operationId: aiplatform.projects.locations.modelDeploymentMonitoringJobs.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringJob + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.tensorboards.experiments.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -48931,8 +64212,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringJob + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -48944,33 +64224,20 @@ paths: required: true schema: type: string - get: - description: Lists ModelDeploymentMonitoringJobs in a Location. - operationId: aiplatform.projects.locations.modelDeploymentMonitoringJobs.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListModelDeploymentMonitoringJobsResponse - parameters: - in: path - name: projectsId + name: tensorboardsId required: true schema: type: string - in: path - name: locationsId + name: experimentsId required: true schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: filter schema: @@ -48984,25 +64251,20 @@ paths: name: pageToken schema: type: string - - in: query - name: readMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}:searchModelDeploymentMonitoringStatsAnomalies: + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Searches Model Monitoring Statistics generated within a given time - window. - operationId: >- - aiplatform.projects.locations.modelDeploymentMonitoringJobs.searchModelDeploymentMonitoringStatsAnomalies - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesRequest + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.tensorboards.experiments.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -49014,8 +64276,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -49028,15 +64289,34 @@ paths: schema: type: string - in: path - name: modelDeploymentMonitoringJobsId + name: tensorboardsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}: + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/operations/{operationsId}:wait: parameters: *ref_1 - get: - description: Gets a ModelDeploymentMonitoringJob. - operationId: aiplatform.projects.locations.modelDeploymentMonitoringJobs.get + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.tensorboards.experiments.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -49048,8 +64328,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringJob + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -49062,31 +64341,47 @@ paths: schema: type: string - in: path - name: modelDeploymentMonitoringJobsId + name: tensorboardsId required: true schema: type: string - patch: - description: Updates a ModelDeploymentMonitoringJob. - operationId: aiplatform.projects.locations.modelDeploymentMonitoringJobs.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringJob + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs: + parameters: *ref_1 + get: + description: Lists TensorboardRuns in a Location. + operationId: aiplatform.projects.locations.tensorboards.experiments.runs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListTensorboardRunsResponse parameters: - in: path name: projectsId @@ -49099,18 +64394,45 @@ paths: schema: type: string - in: path - name: modelDeploymentMonitoringJobsId + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId required: true schema: type: string - in: query - name: updateMask + name: readMask schema: type: string format: google-fieldmask - delete: - description: Deletes a ModelDeploymentMonitoringJob. - operationId: aiplatform.projects.locations.modelDeploymentMonitoringJobs.delete + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + post: + description: Creates a TensorboardRun. + operationId: aiplatform.projects.locations.tensorboards.experiments.runs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardRun' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -49122,7 +64444,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardRun' parameters: - in: path name: projectsId @@ -49135,24 +64457,30 @@ paths: schema: type: string - in: path - name: modelDeploymentMonitoringJobsId + name: tensorboardsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}:pause: + - in: path + name: experimentsId + required: true + schema: + type: string + - in: query + name: tensorboardRunId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs:batchCreate: parameters: *ref_1 post: - description: >- - Pauses a ModelDeploymentMonitoringJob. If the job is running, the server - makes a best effort to cancel the job. Will mark - ModelDeploymentMonitoringJob.state to 'PAUSED'. - operationId: aiplatform.projects.locations.modelDeploymentMonitoringJobs.pause + description: Batch create TensorboardRuns. + operationId: aiplatform.projects.locations.tensorboards.experiments.runs.batchCreate requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PauseModelDeploymentMonitoringJobRequest + #/components/schemas/GoogleCloudAiplatformV1BatchCreateTensorboardRunsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -49164,7 +64492,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1BatchCreateTensorboardRunsResponse parameters: - in: path name: projectsId @@ -49177,24 +64506,28 @@ paths: schema: type: string - in: path - name: modelDeploymentMonitoringJobsId + name: tensorboardsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}:resume: + - in: path + name: experimentsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}:write: parameters: *ref_1 post: description: >- - Resumes a paused ModelDeploymentMonitoringJob. It will start to run from - next scheduled time. A deleted ModelDeploymentMonitoringJob can't be - resumed. - operationId: aiplatform.projects.locations.modelDeploymentMonitoringJobs.resume + Write time series data points into multiple TensorboardTimeSeries under + a TensorboardRun. If any data fail to be ingested, an error is returned. + operationId: aiplatform.projects.locations.tensorboards.experiments.runs.write requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ResumeModelDeploymentMonitoringJobRequest + #/components/schemas/GoogleCloudAiplatformV1WriteTensorboardRunDataRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -49206,7 +64539,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1WriteTensorboardRunDataResponse parameters: - in: path name: projectsId @@ -49219,18 +64553,25 @@ paths: schema: type: string - in: path - name: modelDeploymentMonitoringJobsId + name: tensorboardsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}/operations: + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: runsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: >- - aiplatform.projects.locations.modelDeploymentMonitoringJobs.operations.list + delete: + description: Deletes a TensorboardRun. + operationId: aiplatform.projects.locations.tensorboards.experiments.runs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -49242,7 +64583,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -49255,44 +64596,39 @@ paths: schema: type: string - in: path - name: modelDeploymentMonitoringJobsId + name: tensorboardsId required: true schema: type: string - - in: query - name: filter + - in: path + name: experimentsId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: runsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}/operations/{operationsId}: - parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: >- - aiplatform.projects.locations.modelDeploymentMonitoringJobs.operations.get + description: Gets a TensorboardRun. + operationId: aiplatform.projects.locations.tensorboards.experiments.runs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardRun' parameters: - in: path name: projectsId @@ -49305,23 +64641,28 @@ paths: schema: type: string - in: path - name: modelDeploymentMonitoringJobsId + name: tensorboardsId required: true schema: type: string - in: path - name: operationsId + name: experimentsId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: >- - aiplatform.projects.locations.modelDeploymentMonitoringJobs.operations.delete + - in: path + name: runsId + required: true + schema: + type: string + patch: + description: Updates a TensorboardRun. + operationId: aiplatform.projects.locations.tensorboards.experiments.runs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardRun' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -49333,7 +64674,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardRun' parameters: - in: path name: projectsId @@ -49346,30 +64687,33 @@ paths: schema: type: string - in: path - name: modelDeploymentMonitoringJobsId + name: tensorboardsId required: true schema: type: string - in: path - name: operationsId + name: experimentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}/operations/{operationsId}:cancel: + - in: path + name: runsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}/operations: parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. operationId: >- - aiplatform.projects.locations.modelDeploymentMonitoringJobs.operations.cancel + aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -49381,7 +64725,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -49394,16 +64738,43 @@ paths: schema: type: string - in: path - name: modelDeploymentMonitoringJobsId + name: tensorboardsId required: true schema: type: string - in: path - name: operationsId + name: experimentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}/operations/{operationsId}:wait: + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: timeSeriesId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- @@ -49417,7 +64788,7 @@ paths: timeout (including immediately), meaning even an immediate response is no guarantee that the operation is done. operationId: >- - aiplatform.projects.locations.modelDeploymentMonitoringJobs.operations.wait + aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -49442,7 +64813,22 @@ paths: schema: type: string - in: path - name: modelDeploymentMonitoringJobsId + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: timeSeriesId required: true schema: type: string @@ -49456,32 +64842,27 @@ paths: schema: type: string format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:predict: + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Perform an online prediction. - operationId: aiplatform.projects.locations.publishers.models.predict - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictRequest' + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: >- + aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -49494,46 +64875,50 @@ paths: schema: type: string - in: path - name: publishersId + name: tensorboardsId required: true schema: type: string - in: path - name: modelsId + name: experimentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:rawPredict: - parameters: *ref_1 - post: + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: timeSeriesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: description: >- - Perform an online prediction with an arbitrary HTTP payload. The - response includes the following HTTP headers: * - `X-Vertex-AI-Endpoint-Id`: ID of the Endpoint that served this - prediction. * `X-Vertex-AI-Deployed-Model-Id`: ID of the Endpoint's - DeployedModel that served this prediction. - operationId: aiplatform.projects.locations.publishers.models.rawPredict - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1RawPredictRequest' + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: >- + aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -49546,42 +64931,57 @@ paths: schema: type: string - in: path - name: publishersId + name: tensorboardsId required: true schema: type: string - in: path - name: modelsId + name: experimentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:streamRawPredict: + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: timeSeriesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}/operations/{operationsId}:cancel: parameters: *ref_1 post: - description: Perform a streaming online prediction with an arbitrary HTTP payload. - operationId: aiplatform.projects.locations.publishers.models.streamRawPredict - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StreamRawPredictRequest + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: >- + aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -49594,37 +64994,49 @@ paths: schema: type: string - in: path - name: publishersId + name: tensorboardsId required: true schema: type: string - in: path - name: modelsId + name: experimentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:serverStreamingPredict: + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: timeSeriesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}:exportTensorboardTimeSeries: parameters: *ref_1 post: description: >- - Perform a server-side streaming online prediction request for Vertex LLM - streaming. - operationId: aiplatform.projects.locations.publishers.models.serverStreamingPredict + Exports a TensorboardTimeSeries' data. Data is returned in paginated + responses. + operationId: >- + aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.exportTensorboardTimeSeries requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StreamingPredictRequest + #/components/schemas/GoogleCloudAiplatformV1ExportTensorboardTimeSeriesDataRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response @@ -49632,7 +65044,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StreamingPredictResponse + #/components/schemas/GoogleCloudAiplatformV1ExportTensorboardTimeSeriesDataResponse parameters: - in: path name: projectsId @@ -49645,35 +65057,36 @@ paths: schema: type: string - in: path - name: publishersId + name: tensorboardsId required: true schema: type: string - in: path - name: modelsId + name: experimentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:predictLongRunning: + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: timeSeriesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}: parameters: *ref_1 - post: - description: '' - operationId: aiplatform.projects.locations.publishers.models.predictLongRunning - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PredictLongRunningRequest + delete: + description: Deletes a TensorboardTimeSeries. + operationId: >- + aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response @@ -49693,26 +65106,29 @@ paths: schema: type: string - in: path - name: publishersId + name: tensorboardsId required: true schema: type: string - in: path - name: modelsId + name: experimentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:fetchPredictOperation: - parameters: *ref_1 - post: - description: Fetch an asynchronous online prediction operation. - operationId: aiplatform.projects.locations.publishers.models.fetchPredictOperation - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FetchPredictOperationRequest + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: timeSeriesId + required: true + schema: + type: string + get: + description: Gets a TensorboardTimeSeries. + operationId: >- + aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -49728,7 +65144,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeries parameters: - in: path name: projectsId @@ -49741,35 +65158,40 @@ paths: schema: type: string - in: path - name: publishersId + name: tensorboardsId required: true schema: type: string - in: path - name: modelsId + name: experimentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:generateContent: - parameters: *ref_1 - post: - description: Generate content with multimodal inputs. - operationId: aiplatform.projects.locations.publishers.models.generateContent + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: timeSeriesId + required: true + schema: + type: string + patch: + description: Updates a TensorboardTimeSeries. + operationId: >- + aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.patch requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentRequest + #/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeries security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response @@ -49777,7 +65199,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponse + #/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeries parameters: - in: path name: projectsId @@ -49790,26 +65212,41 @@ paths: schema: type: string - in: path - name: publishersId + name: tensorboardsId required: true schema: type: string - in: path - name: modelsId + name: experimentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:streamGenerateContent: + - in: path + name: runsId + required: true + schema: + type: string + - in: path + name: timeSeriesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}:read: parameters: *ref_1 - post: - description: Generate content with multimodal inputs with streaming support. - operationId: aiplatform.projects.locations.publishers.models.streamGenerateContent - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentRequest + get: + description: >- + Reads a TensorboardTimeSeries' data. By default, if the number of data + points stored is less than 1000, all data is returned. Otherwise, 1000 + data points is randomly selected from this time series and returned. + This value can be changed by changing max_data_points, which can't be + greater than 10k. + operationId: >- + aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.read security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -49826,7 +65263,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponse + #/components/schemas/GoogleCloudAiplatformV1ReadTensorboardTimeSeriesDataResponse parameters: - in: path name: projectsId @@ -49839,74 +65276,52 @@ paths: schema: type: string - in: path - name: publishersId + name: tensorboardsId required: true schema: type: string - in: path - name: modelsId + name: experimentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:countTokens: - parameters: *ref_1 - post: - description: Perform a token counting. - operationId: aiplatform.projects.locations.publishers.models.countTokens - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CountTokensRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CountTokensResponse - parameters: - in: path - name: projectsId + name: runsId required: true schema: type: string - in: path - name: locationsId + name: timeSeriesId required: true schema: type: string - - in: path - name: publishersId - required: true + - in: query + name: filter schema: type: string - - in: path - name: modelsId - required: true + - in: query + name: maxDataPoints schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/publishers/{publishersId}/models/{modelsId}:computeTokens: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}:readBlobData: parameters: *ref_1 - post: - description: Return a list of tokens based on the input text. - operationId: aiplatform.projects.locations.publishers.models.computeTokens - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ComputeTokensRequest' + get: + description: >- + Gets bytes of TensorboardBlobs. This is to allow reading blob data + stored in consumer project's Cloud Storage bucket without users having + to obtain Cloud Storage access permission. + operationId: >- + aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.readBlobData security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response @@ -49914,7 +65329,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ComputeTokensResponse + #/components/schemas/GoogleCloudAiplatformV1ReadTensorboardBlobDataResponse parameters: - in: path name: projectsId @@ -49927,60 +65342,44 @@ paths: schema: type: string - in: path - name: publishersId + name: tensorboardsId required: true schema: type: string - in: path - name: modelsId + name: experimentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores: - parameters: *ref_1 - post: - description: Initializes a MetadataStore, including allocation of resources. - operationId: aiplatform.projects.locations.metadataStores.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1MetadataStore' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - in: path - name: projectsId + name: runsId required: true schema: type: string - in: path - name: locationsId + name: timeSeriesId required: true schema: type: string - in: query - name: metadataStoreId + name: blobIds schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries: + parameters: *ref_1 get: - description: Lists MetadataStores for a Location. - operationId: aiplatform.projects.locations.metadataStores.list + description: Lists TensorboardTimeSeries in a Location. + operationId: >- + aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response @@ -49988,7 +65387,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListMetadataStoresResponse + #/components/schemas/GoogleCloudAiplatformV1ListTensorboardTimeSeriesResponse parameters: - in: path name: projectsId @@ -50000,20 +65399,53 @@ paths: required: true schema: type: string + - in: path + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: runsId + required: true + schema: + type: string + - in: query + name: readMask + schema: + type: string + format: google-fieldmask - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string - in: query name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}: - parameters: *ref_1 - get: - description: Retrieves a specific MetadataStore. - operationId: aiplatform.projects.locations.metadataStores.get + post: + description: Creates a TensorboardTimeSeries. + operationId: >- + aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeries security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50025,7 +65457,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1MetadataStore' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeries parameters: - in: path name: projectsId @@ -50038,54 +65471,34 @@ paths: schema: type: string - in: path - name: metadataStoresId - required: true - schema: - type: string - delete: - description: >- - Deletes a single MetadataStore and all its child resources (Artifacts, - Executions, and Contexts). - operationId: aiplatform.projects.locations.metadataStores.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId + name: tensorboardsId required: true schema: type: string - in: path - name: locationsId + name: experimentsId required: true schema: type: string - in: path - name: metadataStoresId + name: runsId required: true schema: type: string - in: query - name: force + name: tensorboardTimeSeriesId schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/operations: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/operations/{operationsId}: parameters: *ref_1 - get: + delete: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.metadataStores.operations.list + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: >- + aiplatform.projects.locations.tensorboards.experiments.runs.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50097,7 +65510,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -50110,31 +65523,32 @@ paths: schema: type: string - in: path - name: metadataStoresId + name: tensorboardsId required: true schema: type: string - - in: query - name: filter + - in: path + name: experimentsId + required: true schema: type: string - - in: query - name: pageSize + - in: path + name: runsId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/operations/{operationsId}: - parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: aiplatform.projects.locations.metadataStores.operations.get + operationId: >- + aiplatform.projects.locations.tensorboards.experiments.runs.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50159,7 +65573,17 @@ paths: schema: type: string - in: path - name: metadataStoresId + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: runsId required: true schema: type: string @@ -50168,13 +65592,14 @@ paths: required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/operations: + parameters: *ref_1 + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.metadataStores.operations.delete + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: >- + aiplatform.projects.locations.tensorboards.experiments.runs.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50186,7 +65611,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -50199,16 +65624,38 @@ paths: schema: type: string - in: path - name: metadataStoresId + name: tensorboardsId required: true schema: type: string - in: path - name: operationsId + name: experimentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/operations/{operationsId}:cancel: + - in: path + name: runsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- @@ -50221,7 +65668,8 @@ paths: cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.metadataStores.operations.cancel + operationId: >- + aiplatform.projects.locations.tensorboards.experiments.runs.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50246,7 +65694,17 @@ paths: schema: type: string - in: path - name: metadataStoresId + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: runsId required: true schema: type: string @@ -50255,7 +65713,7 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- @@ -50268,7 +65726,8 @@ paths: best-effort basis. It may return the latest state before the specified timeout (including immediately), meaning even an immediate response is no guarantee that the operation is done. - operationId: aiplatform.projects.locations.metadataStores.operations.wait + operationId: >- + aiplatform.projects.locations.tensorboards.experiments.runs.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50293,7 +65752,17 @@ paths: schema: type: string - in: path - name: metadataStoresId + name: tensorboardsId + required: true + schema: + type: string + - in: path + name: experimentsId + required: true + schema: + type: string + - in: path + name: runsId required: true schema: type: string @@ -50307,16 +65776,15 @@ paths: schema: type: string format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/artifacts: + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Creates an Artifact associated with a MetadataStore. - operationId: aiplatform.projects.locations.metadataStores.artifacts.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Artifact' + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.tensorboards.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50328,7 +65796,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Artifact' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -50341,17 +65809,21 @@ paths: schema: type: string - in: path - name: metadataStoresId + name: tensorboardsId required: true schema: type: string - - in: query - name: artifactId + - in: path + name: operationsId + required: true schema: type: string get: - description: Lists Artifacts in the MetadataStore. - operationId: aiplatform.projects.locations.metadataStores.artifacts.list + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.tensorboards.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50363,8 +65835,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListArtifactsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -50377,32 +65848,29 @@ paths: schema: type: string - in: path - name: metadataStoresId + name: tensorboardsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/artifacts/{artifactsId}: + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/operations/{operationsId}:wait: parameters: *ref_1 - get: - description: Retrieves a specific Artifact. - operationId: aiplatform.projects.locations.metadataStores.artifacts.get + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.tensorboards.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50414,7 +65882,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Artifact' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -50427,23 +65895,27 @@ paths: schema: type: string - in: path - name: metadataStoresId + name: tensorboardsId required: true schema: type: string - in: path - name: artifactsId + name: operationsId required: true schema: type: string - patch: - description: Updates a stored Artifact. - operationId: aiplatform.projects.locations.metadataStores.artifacts.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Artifact' + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.tensorboards.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50455,7 +65927,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Artifact' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -50468,27 +65940,41 @@ paths: schema: type: string - in: path - name: metadataStoresId + name: tensorboardsId required: true schema: type: string - - in: path - name: artifactsId - required: true + - in: query + name: filter schema: type: string - in: query - name: updateMask + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - format: google-fieldmask - in: query - name: allowMissing + name: returnPartialSuccess schema: type: boolean - delete: - description: Deletes an Artifact. - operationId: aiplatform.projects.locations.metadataStores.artifacts.delete + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.tensorboards.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50500,7 +65986,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -50513,30 +65999,20 @@ paths: schema: type: string - in: path - name: metadataStoresId + name: tensorboardsId required: true schema: type: string - in: path - name: artifactsId + name: operationsId required: true schema: type: string - - in: query - name: etag - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/artifacts:purge: + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}: parameters: *ref_1 - post: - description: Purges Artifacts. - operationId: aiplatform.projects.locations.metadataStores.artifacts.purge - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PurgeArtifactsRequest + delete: + description: Deletes a Tensorboard. + operationId: aiplatform.projects.locations.tensorboards.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50561,30 +66037,29 @@ paths: schema: type: string - in: path - name: metadataStoresId + name: tensorboardsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/artifacts/{artifactsId}:queryArtifactLineageSubgraph: - parameters: *ref_1 get: - description: >- - Retrieves lineage of an Artifact represented through Artifacts and - Executions connected by Event edges and returned as a LineageSubgraph. - operationId: >- - aiplatform.projects.locations.metadataStores.artifacts.queryArtifactLineageSubgraph + description: Gets a Tensorboard. + operationId: aiplatform.projects.locations.tensorboards.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1LineageSubgraph' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensorboard' parameters: - in: path name: projectsId @@ -50597,31 +66072,18 @@ paths: schema: type: string - in: path - name: metadataStoresId - required: true - schema: - type: string - - in: path - name: artifactsId + name: tensorboardsId required: true schema: type: string - - in: query - name: maxHops - schema: - type: integer - format: int32 - - in: query - name: filter - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/artifacts/{artifactsId}/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.metadataStores.artifacts.operations.list + patch: + description: Updates a Tensorboard. + operationId: aiplatform.projects.locations.tensorboards.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensorboard' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50633,7 +66095,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -50646,36 +66108,25 @@ paths: schema: type: string - in: path - name: metadataStoresId - required: true - schema: - type: string - - in: path - name: artifactsId + name: tensorboardsId required: true schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/artifacts/{artifactsId}/operations/{operationsId}: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.metadataStores.artifacts.operations.get + post: + description: Creates a Tensorboard. + operationId: aiplatform.projects.locations.tensorboards.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensorboard' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50699,40 +66150,26 @@ paths: required: true schema: type: string - - in: path - name: metadataStoresId - required: true - schema: - type: string - - in: path - name: artifactsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.metadataStores.artifacts.operations.delete + get: + description: Lists Tensorboards in a Location. + operationId: aiplatform.projects.locations.tensorboards.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListTensorboardsResponse parameters: - in: path name: projectsId @@ -50744,87 +66181,38 @@ paths: required: true schema: type: string - - in: path - name: metadataStoresId - required: true - schema: - type: string - - in: path - name: artifactsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/artifacts/{artifactsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.metadataStores.artifacts.operations.cancel - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' - parameters: - - in: path - name: projectsId - required: true + - in: query + name: orderBy schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: metadataStoresId - required: true + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - - in: path - name: artifactsId - required: true + - in: query + name: readMask schema: type: string - - in: path - name: operationsId - required: true + format: google-fieldmask + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/artifacts/{artifactsId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}:batchRead: parameters: *ref_1 - post: + get: description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.metadataStores.artifacts.operations.wait + Reads multiple TensorboardTimeSeries' data. The data point number limit + is 1000 for scalars, 100 for tensors and blob references. If the number + of data points stored is less than the limit, all data is returned. + Otherwise, the number limit of data points is randomly selected from + this time series and returned. + operationId: aiplatform.projects.locations.tensorboards.batchRead security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50836,7 +66224,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1BatchReadTensorboardTimeSeriesDataResponse parameters: - in: path name: projectsId @@ -50849,35 +66238,19 @@ paths: schema: type: string - in: path - name: metadataStoresId - required: true - schema: - type: string - - in: path - name: artifactsId - required: true - schema: - type: string - - in: path - name: operationsId + name: tensorboardsId required: true schema: type: string - in: query - name: timeout + name: timeSeries schema: type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts: + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}:readUsage: parameters: *ref_1 - post: - description: Creates a Context associated with a MetadataStore. - operationId: aiplatform.projects.locations.metadataStores.contexts.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Context' + get: + description: Returns a list of monthly active users for a given TensorBoard instance. + operationId: aiplatform.projects.locations.tensorboards.readUsage security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50889,7 +66262,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Context' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReadTensorboardUsageResponse parameters: - in: path name: projectsId @@ -50902,17 +66276,15 @@ paths: schema: type: string - in: path - name: metadataStoresId + name: tensorboardsId required: true schema: type: string - - in: query - name: contextId - schema: - type: string + /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}:readSize: + parameters: *ref_1 get: - description: Lists Contexts on the MetadataStore. - operationId: aiplatform.projects.locations.metadataStores.contexts.list + description: Returns the storage size for a given TensorBoard instance. + operationId: aiplatform.projects.locations.tensorboards.readSize security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50925,7 +66297,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListContextsResponse + #/components/schemas/GoogleCloudAiplatformV1ReadTensorboardSizeResponse parameters: - in: path name: projectsId @@ -50938,32 +66310,18 @@ paths: schema: type: string - in: path - name: metadataStoresId + name: tensorboardsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts/{contextsId}: + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts/{contextsId}:queryContextLineageSubgraph: parameters: *ref_1 get: - description: Retrieves a specific Context. - operationId: aiplatform.projects.locations.metadataStores.contexts.get + description: >- + Retrieves Artifacts and Executions within the specified Context, + connected by Event edges and returned as a LineageSubgraph. + operationId: >- + aiplatform.projects.locations.metadataStores.contexts.queryContextLineageSubgraph security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -50975,7 +66333,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Context' + $ref: '#/components/schemas/GoogleCloudAiplatformV1LineageSubgraph' parameters: - in: path name: projectsId @@ -50997,14 +66355,11 @@ paths: required: true schema: type: string - patch: - description: Updates a stored Context. - operationId: aiplatform.projects.locations.metadataStores.contexts.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Context' + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts/{contextsId}: + parameters: *ref_1 + delete: + description: Deletes a stored Context. + operationId: aiplatform.projects.locations.metadataStores.contexts.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -51016,7 +66371,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Context' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -51039,17 +66394,21 @@ paths: schema: type: string - in: query - name: updateMask + name: etag schema: type: string - format: google-fieldmask - in: query - name: allowMissing + name: force schema: type: boolean - delete: - description: Deletes a stored Context. - operationId: aiplatform.projects.locations.metadataStores.contexts.delete + patch: + description: Updates a stored Context. + operationId: aiplatform.projects.locations.metadataStores.contexts.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Context' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -51061,7 +66420,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Context' parameters: - in: path name: projectsId @@ -51084,23 +66443,17 @@ paths: schema: type: string - in: query - name: force + name: allowMissing schema: type: boolean - in: query - name: etag + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts:purge: - parameters: *ref_1 - post: - description: Purges Contexts. - operationId: aiplatform.projects.locations.metadataStores.contexts.purge - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PurgeContextsRequest' + format: google-fieldmask + get: + description: Retrieves a specific Context. + operationId: aiplatform.projects.locations.metadataStores.contexts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -51112,7 +66465,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Context' parameters: - in: path name: projectsId @@ -51129,21 +66482,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts/{contextsId}:addContextArtifactsAndExecutions: + - in: path + name: contextsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts: parameters: *ref_1 post: - description: >- - Adds a set of Artifacts and Executions to a Context. If any of the - Artifacts or Executions have already been added to a Context, they are - simply skipped. - operationId: >- - aiplatform.projects.locations.metadataStores.contexts.addContextArtifactsAndExecutions + description: Creates a Context associated with a MetadataStore. + operationId: aiplatform.projects.locations.metadataStores.contexts.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1AddContextArtifactsAndExecutionsRequest + $ref: '#/components/schemas/GoogleCloudAiplatformV1Context' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -51155,8 +66508,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1AddContextArtifactsAndExecutionsResponse + $ref: '#/components/schemas/GoogleCloudAiplatformV1Context' parameters: - in: path name: projectsId @@ -51173,11 +66525,59 @@ paths: required: true schema: type: string + - in: query + name: contextId + schema: + type: string + get: + description: Lists Contexts on the MetadataStore. + operationId: aiplatform.projects.locations.metadataStores.contexts.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListContextsResponse + parameters: - in: path - name: contextsId + name: projectsId required: true schema: type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: metadataStoresId + required: true + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts/{contextsId}:addContextChildren: parameters: *ref_1 post: @@ -51228,21 +66628,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts/{contextsId}:removeContextChildren: + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts/{contextsId}:addContextArtifactsAndExecutions: parameters: *ref_1 post: description: >- - Remove a set of children contexts from a parent Context. If any of the - child Contexts were NOT added to the parent Context, they are simply - skipped. + Adds a set of Artifacts and Executions to a Context. If any of the + Artifacts or Executions have already been added to a Context, they are + simply skipped. operationId: >- - aiplatform.projects.locations.metadataStores.contexts.removeContextChildren + aiplatform.projects.locations.metadataStores.contexts.addContextArtifactsAndExecutions requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RemoveContextChildrenRequest + #/components/schemas/GoogleCloudAiplatformV1AddContextArtifactsAndExecutionsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -51255,7 +66655,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RemoveContextChildrenResponse + #/components/schemas/GoogleCloudAiplatformV1AddContextArtifactsAndExecutionsResponse parameters: - in: path name: projectsId @@ -51277,14 +66677,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts/{contextsId}:queryContextLineageSubgraph: + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts/{contextsId}:removeContextChildren: parameters: *ref_1 - get: + post: description: >- - Retrieves Artifacts and Executions within the specified Context, - connected by Event edges and returned as a LineageSubgraph. + Remove a set of children contexts from a parent Context. If any of the + child Contexts were NOT added to the parent Context, they are simply + skipped. operationId: >- - aiplatform.projects.locations.metadataStores.contexts.queryContextLineageSubgraph + aiplatform.projects.locations.metadataStores.contexts.removeContextChildren + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RemoveContextChildrenRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -51296,7 +66703,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1LineageSubgraph' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RemoveContextChildrenResponse parameters: - in: path name: projectsId @@ -51318,13 +66726,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts/{contextsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts:purge: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.metadataStores.contexts.operations.list + post: + description: Purges Contexts. + operationId: aiplatform.projects.locations.metadataStores.contexts.purge + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1PurgeContextsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -51336,7 +66747,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -51353,26 +66764,53 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts/{contextsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.metadataStores.contexts.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: - in: path - name: contextsId + name: projectsId required: true schema: type: string - - in: query - name: filter + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: pageSize + - in: path + name: metadataStoresId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: contextsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts/{contextsId}/operations/{operationsId}: - parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this @@ -51417,13 +66855,13 @@ paths: required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts/{contextsId}/operations: + parameters: *ref_1 + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.metadataStores.contexts.operations.delete + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.metadataStores.contexts.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -51435,7 +66873,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -51457,11 +66895,23 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/contexts/{contextsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: @@ -51571,51 +67021,14 @@ paths: schema: type: string format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/executions: + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Creates an Execution associated with a MetadataStore. - operationId: aiplatform.projects.locations.metadataStores.executions.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Execution' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Execution' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: metadataStoresId - required: true - schema: - type: string - - in: query - name: executionId - schema: - type: string get: - description: Lists Executions in the MetadataStore. - operationId: aiplatform.projects.locations.metadataStores.executions.list + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.metadataStores.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -51627,8 +67040,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListExecutionsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -51645,28 +67057,18 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/executions/{executionsId}: - parameters: *ref_1 - get: - description: Retrieves a specific Execution. - operationId: aiplatform.projects.locations.metadataStores.executions.get + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.metadataStores.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -51678,7 +67080,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Execution' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -51696,18 +67098,24 @@ paths: schema: type: string - in: path - name: executionsId + name: operationsId required: true schema: type: string - patch: - description: Updates a stored Execution. - operationId: aiplatform.projects.locations.metadataStores.executions.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Execution' + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.metadataStores.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -51719,7 +67127,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Execution' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -51737,22 +67145,24 @@ paths: schema: type: string - in: path - name: executionsId + name: operationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: allowMissing - schema: - type: boolean - delete: - description: Deletes an Execution. - operationId: aiplatform.projects.locations.metadataStores.executions.delete + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.metadataStores.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -51782,25 +67192,22 @@ paths: schema: type: string - in: path - name: executionsId + name: operationsId required: true schema: type: string - in: query - name: etag + name: timeout schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/executions:purge: + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/operations: parameters: *ref_1 - post: - description: Purges Executions. - operationId: aiplatform.projects.locations.metadataStores.executions.purge - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PurgeExecutionsRequest + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.metadataStores.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -51812,7 +67219,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -51829,22 +67236,28 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/executions/{executionsId}:addExecutionEvents: + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/metadataSchemas: parameters: *ref_1 - post: - description: >- - Adds Events to the specified Execution. An Event indicates whether an - Artifact was used as an input or output for an Execution. If an Event - already exists between the Execution and the Artifact, the Event is - skipped. - operationId: >- - aiplatform.projects.locations.metadataStores.executions.addExecutionEvents - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1AddExecutionEventsRequest + get: + description: Lists MetadataSchemas. + operationId: aiplatform.projects.locations.metadataStores.metadataSchemas.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -51857,7 +67270,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1AddExecutionEventsResponse + #/components/schemas/GoogleCloudAiplatformV1ListMetadataSchemasResponse parameters: - in: path name: projectsId @@ -51874,20 +67287,27 @@ paths: required: true schema: type: string - - in: path - name: executionsId - required: true + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/executions/{executionsId}:queryExecutionInputsAndOutputs: - parameters: *ref_1 - get: - description: >- - Obtains the set of input and output Artifacts for this Execution, in the - form of LineageSubgraph that also contains the Execution and connecting - Events. - operationId: >- - aiplatform.projects.locations.metadataStores.executions.queryExecutionInputsAndOutputs + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a MetadataSchema. + operationId: aiplatform.projects.locations.metadataStores.metadataSchemas.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1MetadataSchema' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -51899,7 +67319,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1LineageSubgraph' + $ref: '#/components/schemas/GoogleCloudAiplatformV1MetadataSchema' parameters: - in: path name: projectsId @@ -51916,18 +67336,15 @@ paths: required: true schema: type: string - - in: path - name: executionsId - required: true + - in: query + name: metadataSchemaId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/executions/{executionsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/metadataSchemas/{metadataSchemasId}: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.metadataStores.executions.operations.list + description: Retrieves a specific MetadataSchema. + operationId: aiplatform.projects.locations.metadataStores.metadataSchemas.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -51939,7 +67356,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleCloudAiplatformV1MetadataSchema' parameters: - in: path name: projectsId @@ -51957,23 +67374,10 @@ paths: schema: type: string - in: path - name: executionsId + name: metadataSchemasId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/executions/{executionsId}/operations/{operationsId}: parameters: *ref_1 get: @@ -52066,21 +67470,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/executions/{executionsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/executions/{executionsId}/operations: parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: >- - aiplatform.projects.locations.metadataStores.executions.operations.cancel + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.metadataStores.executions.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52092,7 +67488,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -52114,9 +67510,21 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/executions/{executionsId}/operations/{operationsId}:wait: @@ -52176,16 +67584,21 @@ paths: schema: type: string format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/metadataSchemas: + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/executions/{executionsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: - description: Creates a MetadataSchema. - operationId: aiplatform.projects.locations.metadataStores.metadataSchemas.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1MetadataSchema' + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: >- + aiplatform.projects.locations.metadataStores.executions.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52197,7 +67610,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1MetadataSchema' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -52214,13 +67627,21 @@ paths: required: true schema: type: string - - in: query - name: metadataSchemaId + - in: path + name: executionsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/executions/{executionsId}: + parameters: *ref_1 get: - description: Lists MetadataSchemas. - operationId: aiplatform.projects.locations.metadataStores.metadataSchemas.list + description: Retrieves a specific Execution. + operationId: aiplatform.projects.locations.metadataStores.executions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52232,8 +67653,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListMetadataSchemasResponse + $ref: '#/components/schemas/GoogleCloudAiplatformV1Execution' parameters: - in: path name: projectsId @@ -52250,24 +67670,19 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: executionsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/metadataSchemas/{metadataSchemasId}: - parameters: *ref_1 - get: - description: Retrieves a specific MetadataSchema. - operationId: aiplatform.projects.locations.metadataStores.metadataSchemas.get + patch: + description: Updates a stored Execution. + operationId: aiplatform.projects.locations.metadataStores.executions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Execution' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52279,7 +67694,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1MetadataSchema' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Execution' parameters: - in: path name: projectsId @@ -52297,24 +67712,22 @@ paths: schema: type: string - in: path - name: metadataSchemasId + name: executionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/migratableResources:search: - parameters: *ref_1 - post: - description: >- - Searches all of the resources in automl.googleapis.com, - datalabeling.googleapis.com and ml.googleapis.com that can be migrated - to Vertex AI's given location. - operationId: aiplatform.projects.locations.migratableResources.search - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SearchMigratableResourcesRequest + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: allowMissing + schema: + type: boolean + delete: + description: Deletes an Execution. + operationId: aiplatform.projects.locations.metadataStores.executions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52326,8 +67739,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1SearchMigratableResourcesResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -52339,49 +67751,36 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/migratableResources:batchMigrate: - parameters: *ref_1 - post: - description: >- - Batch migrates resources from ml.googleapis.com, automl.googleapis.com, - and datalabeling.googleapis.com to Vertex AI. - operationId: aiplatform.projects.locations.migratableResources.batchMigrate - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchMigrateResourcesRequest - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - in: path - name: projectsId + name: metadataStoresId required: true schema: type: string - in: path - name: locationsId + name: executionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/migratableResources/{migratableResourcesId}/operations: + - in: query + name: etag + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/executions/{executionsId}:addExecutionEvents: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.migratableResources.operations.list + Adds Events to the specified Execution. An Event indicates whether an + Artifact was used as an input or output for an Execution. If an Event + already exists between the Execution and the Artifact, the Event is + skipped. + operationId: >- + aiplatform.projects.locations.metadataStores.executions.addExecutionEvents + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1AddExecutionEventsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52393,7 +67792,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1AddExecutionEventsResponse parameters: - in: path name: projectsId @@ -52406,31 +67806,26 @@ paths: schema: type: string - in: path - name: migratableResourcesId + name: metadataStoresId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: executionsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/migratableResources/{migratableResourcesId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/executions:purge: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.migratableResources.operations.get + post: + description: Purges Executions. + operationId: aiplatform.projects.locations.metadataStores.executions.purge + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PurgeExecutionsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52455,22 +67850,15 @@ paths: schema: type: string - in: path - name: migratableResourcesId - required: true - schema: - type: string - - in: path - name: operationsId + name: metadataStoresId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.migratableResources.operations.delete + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/executions: + parameters: *ref_1 + get: + description: Lists Executions in the MetadataStore. + operationId: aiplatform.projects.locations.metadataStores.executions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52482,7 +67870,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListExecutionsResponse parameters: - in: path name: projectsId @@ -52495,29 +67884,35 @@ paths: schema: type: string - in: path - name: migratableResourcesId + name: metadataStoresId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/migratableResources/{migratableResourcesId}/operations/{operationsId}:cancel: - parameters: *ref_1 post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.migratableResources.operations.cancel + description: Creates an Execution associated with a MetadataStore. + operationId: aiplatform.projects.locations.metadataStores.executions.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Execution' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52529,7 +67924,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Execution' parameters: - in: path name: projectsId @@ -52542,29 +67937,23 @@ paths: schema: type: string - in: path - name: migratableResourcesId - required: true - schema: - type: string - - in: path - name: operationsId + name: metadataStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/migratableResources/{migratableResourcesId}/operations/{operationsId}:wait: + - in: query + name: executionId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/executions/{executionsId}:queryExecutionInputsAndOutputs: parameters: *ref_1 - post: + get: description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.migratableResources.operations.wait + Obtains the set of input and output Artifacts for this Execution, in the + form of LineageSubgraph that also contains the Execution and connecting + Events. + operationId: >- + aiplatform.projects.locations.metadataStores.executions.queryExecutionInputsAndOutputs security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52576,7 +67965,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1LineageSubgraph' parameters: - in: path name: projectsId @@ -52589,34 +67978,26 @@ paths: schema: type: string - in: path - name: migratableResourcesId + name: metadataStoresId required: true schema: type: string - in: path - name: operationsId + name: executionsId required: true schema: type: string - - in: query - name: timeout - schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes:assign: + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/artifacts:purge: parameters: *ref_1 post: - description: >- - Assigns a NotebookRuntime to a user for a particular Notebook file. This - method will either returns an existing assignment or generates a new - one. - operationId: aiplatform.projects.locations.notebookRuntimes.assign + description: Purges Artifacts. + operationId: aiplatform.projects.locations.metadataStores.artifacts.purge requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1AssignNotebookRuntimeRequest + #/components/schemas/GoogleCloudAiplatformV1PurgeArtifactsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52640,11 +68021,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes/{notebookRuntimesId}: + - in: path + name: metadataStoresId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/artifacts/{artifactsId}: parameters: *ref_1 get: - description: Gets a NotebookRuntime. - operationId: aiplatform.projects.locations.notebookRuntimes.get + description: Retrieves a specific Artifact. + operationId: aiplatform.projects.locations.metadataStores.artifacts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52656,7 +68042,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookRuntime' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Artifact' parameters: - in: path name: projectsId @@ -52669,13 +68055,18 @@ paths: schema: type: string - in: path - name: notebookRuntimesId + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: artifactsId required: true schema: type: string delete: - description: Deletes a NotebookRuntime. - operationId: aiplatform.projects.locations.notebookRuntimes.delete + description: Deletes an Artifact. + operationId: aiplatform.projects.locations.metadataStores.artifacts.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52700,15 +68091,27 @@ paths: schema: type: string - in: path - name: notebookRuntimesId + name: metadataStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes: - parameters: *ref_1 - get: - description: Lists NotebookRuntimes in a Location. - operationId: aiplatform.projects.locations.notebookRuntimes.list + - in: path + name: artifactsId + required: true + schema: + type: string + - in: query + name: etag + schema: + type: string + patch: + description: Updates a stored Artifact. + operationId: aiplatform.projects.locations.metadataStores.artifacts.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Artifact' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52720,8 +68123,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListNotebookRuntimesResponse + $ref: '#/components/schemas/GoogleCloudAiplatformV1Artifact' parameters: - in: path name: projectsId @@ -52733,39 +68135,35 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: metadataStoresId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: artifactsId + required: true schema: type: string - in: query - name: readMask + name: updateMask schema: type: string format: google-fieldmask - in: query - name: orderBy + name: allowMissing schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes/{notebookRuntimesId}:upgrade: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/artifacts: parameters: *ref_1 post: - description: Upgrades a NotebookRuntime. - operationId: aiplatform.projects.locations.notebookRuntimes.upgrade + description: Creates an Artifact associated with a MetadataStore. + operationId: aiplatform.projects.locations.metadataStores.artifacts.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1UpgradeNotebookRuntimeRequest + $ref: '#/components/schemas/GoogleCloudAiplatformV1Artifact' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52777,7 +68175,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Artifact' parameters: - in: path name: projectsId @@ -52790,21 +68188,17 @@ paths: schema: type: string - in: path - name: notebookRuntimesId + name: metadataStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes/{notebookRuntimesId}:start: - parameters: *ref_1 - post: - description: Starts a NotebookRuntime. - operationId: aiplatform.projects.locations.notebookRuntimes.start - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StartNotebookRuntimeRequest + - in: query + name: artifactId + schema: + type: string + get: + description: Lists Artifacts in the MetadataStore. + operationId: aiplatform.projects.locations.metadataStores.artifacts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52816,7 +68210,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListArtifactsResponse parameters: - in: path name: projectsId @@ -52829,21 +68224,35 @@ paths: schema: type: string - in: path - name: notebookRuntimesId + name: metadataStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes/{notebookRuntimesId}:stop: + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/artifacts/{artifactsId}:queryArtifactLineageSubgraph: parameters: *ref_1 - post: - description: Stops a NotebookRuntime. - operationId: aiplatform.projects.locations.notebookRuntimes.stop - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StopNotebookRuntimeRequest + get: + description: >- + Retrieves lineage of an Artifact represented through Artifacts and + Executions connected by Event edges and returned as a LineageSubgraph. + operationId: >- + aiplatform.projects.locations.metadataStores.artifacts.queryArtifactLineageSubgraph security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52855,7 +68264,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1LineageSubgraph' parameters: - in: path name: projectsId @@ -52868,17 +68277,38 @@ paths: schema: type: string - in: path - name: notebookRuntimesId + name: metadataStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes/{notebookRuntimesId}/operations: + - in: path + name: artifactsId + required: true + schema: + type: string + - in: query + name: maxHops + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/artifacts/{artifactsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.notebookRuntimes.operations.list + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.metadataStores.artifacts.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52890,7 +68320,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -52903,31 +68333,28 @@ paths: schema: type: string - in: path - name: notebookRuntimesId + name: metadataStoresId required: true schema: type: string - - in: query - name: filter + - in: path + name: artifactsId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes/{notebookRuntimesId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/artifacts/{artifactsId}/operations/{operationsId}: parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: aiplatform.projects.locations.notebookRuntimes.operations.get + operationId: aiplatform.projects.locations.metadataStores.artifacts.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52952,7 +68379,12 @@ paths: schema: type: string - in: path - name: notebookRuntimesId + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: artifactsId required: true schema: type: string @@ -52967,7 +68399,7 @@ paths: is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.notebookRuntimes.operations.delete + operationId: aiplatform.projects.locations.metadataStores.artifacts.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -52992,7 +68424,12 @@ paths: schema: type: string - in: path - name: notebookRuntimesId + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: artifactsId required: true schema: type: string @@ -53001,20 +68438,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes/{notebookRuntimesId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/artifacts/{artifactsId}/operations: parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.notebookRuntimes.operations.cancel + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.metadataStores.artifacts.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53026,7 +68456,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -53039,16 +68469,33 @@ paths: schema: type: string - in: path - name: notebookRuntimesId + name: metadataStoresId required: true schema: type: string - in: path - name: operationsId + name: artifactsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimes/{notebookRuntimesId}/operations/{operationsId}:wait: + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}/artifacts/{artifactsId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- @@ -53061,7 +68508,7 @@ paths: best-effort basis. It may return the latest state before the specified timeout (including immediately), meaning even an immediate response is no guarantee that the operation is done. - operationId: aiplatform.projects.locations.notebookRuntimes.operations.wait + operationId: aiplatform.projects.locations.metadataStores.artifacts.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53086,7 +68533,12 @@ paths: schema: type: string - in: path - name: notebookRuntimesId + name: metadataStoresId + required: true + schema: + type: string + - in: path + name: artifactsId required: true schema: type: string @@ -53100,16 +68552,11 @@ paths: schema: type: string format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/notebookExecutionJobs: + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores/{metadataStoresId}: parameters: *ref_1 - post: - description: Creates a NotebookExecutionJob. - operationId: aiplatform.projects.locations.notebookExecutionJobs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJob' + get: + description: Retrieves a specific MetadataStore. + operationId: aiplatform.projects.locations.metadataStores.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53121,7 +68568,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1MetadataStore' parameters: - in: path name: projectsId @@ -53133,13 +68580,16 @@ paths: required: true schema: type: string - - in: query - name: notebookExecutionJobId + - in: path + name: metadataStoresId + required: true schema: type: string - get: - description: Lists NotebookExecutionJobs in a Location. - operationId: aiplatform.projects.locations.notebookExecutionJobs.list + delete: + description: >- + Deletes a single MetadataStore and all its child resources (Artifacts, + Executions, and Contexts). + operationId: aiplatform.projects.locations.metadataStores.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53151,8 +68601,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListNotebookExecutionJobsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -53164,32 +68613,20 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy + - in: path + name: metadataStoresId + required: true schema: type: string - in: query - name: view + name: force schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookExecutionJobs/{notebookExecutionJobsId}: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/metadataStores: parameters: *ref_1 get: - description: Gets a NotebookExecutionJob. - operationId: aiplatform.projects.locations.notebookExecutionJobs.get + description: Lists MetadataStores for a Location. + operationId: aiplatform.projects.locations.metadataStores.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53202,7 +68639,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1NotebookExecutionJob + #/components/schemas/GoogleCloudAiplatformV1ListMetadataStoresResponse parameters: - in: path name: projectsId @@ -53214,18 +68651,23 @@ paths: required: true schema: type: string - - in: path - name: notebookExecutionJobsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: view + name: pageToken schema: type: string - delete: - description: Deletes a NotebookExecutionJob. - operationId: aiplatform.projects.locations.notebookExecutionJobs.delete + post: + description: Initializes a MetadataStore, including allocation of resources. + operationId: aiplatform.projects.locations.metadataStores.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1MetadataStore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53249,18 +68691,25 @@ paths: required: true schema: type: string - - in: path - name: notebookExecutionJobsId - required: true + - in: query + name: metadataStoreId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookExecutionJobs/{notebookExecutionJobsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:readFeatureValues: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.notebookExecutionJobs.operations.list + Reads Feature values of a specific entity of an EntityType. For reading + feature values of multiple entities of an EntityType, please use + StreamingReadFeatureValues. + operationId: >- + aiplatform.projects.locations.featurestores.entityTypes.readFeatureValues + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReadFeatureValuesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53272,7 +68721,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReadFeatureValuesResponse parameters: - in: path name: projectsId @@ -53285,31 +68735,20 @@ paths: schema: type: string - in: path - name: notebookExecutionJobsId + name: featurestoresId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: entityTypesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookExecutionJobs/{notebookExecutionJobsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}: parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.notebookExecutionJobs.operations.get + description: Gets details of a single EntityType. + operationId: aiplatform.projects.locations.featurestores.entityTypes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53321,7 +68760,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1EntityType' parameters: - in: path name: projectsId @@ -53334,22 +68773,20 @@ paths: schema: type: string - in: path - name: notebookExecutionJobsId + name: featurestoresId required: true schema: type: string - in: path - name: operationsId + name: entityTypesId required: true schema: type: string delete: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.notebookExecutionJobs.operations.delete + Deletes a single EntityType. The EntityType must not have any Features + or `force` must be set to true for the request to succeed. + operationId: aiplatform.projects.locations.featurestores.entityTypes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53361,7 +68798,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -53374,29 +68811,27 @@ paths: schema: type: string - in: path - name: notebookExecutionJobsId + name: featurestoresId required: true schema: type: string - in: path - name: operationsId + name: entityTypesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookExecutionJobs/{notebookExecutionJobsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.notebookExecutionJobs.operations.cancel + - in: query + name: force + schema: + type: boolean + patch: + description: Updates the parameters of a single EntityType. + operationId: aiplatform.projects.locations.featurestores.entityTypes.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EntityType' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53408,7 +68843,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudAiplatformV1EntityType' parameters: - in: path name: projectsId @@ -53421,29 +68856,27 @@ paths: schema: type: string - in: path - name: notebookExecutionJobsId + name: featurestoresId required: true schema: type: string - in: path - name: operationsId + name: entityTypesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notebookExecutionJobs/{notebookExecutionJobsId}/operations/{operationsId}:wait: - parameters: *ref_1 - post: - description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.notebookExecutionJobs.operations.wait + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:getIamPolicy: + parameters: *ref_1 + post: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: aiplatform.projects.locations.featurestores.entityTypes.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53455,7 +68888,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -53468,30 +68901,40 @@ paths: schema: type: string - in: path - name: notebookExecutionJobsId + name: featurestoresId required: true schema: type: string - in: path - name: operationsId + name: entityTypesId required: true schema: type: string - in: query - name: timeout + name: options.requestedPolicyVersion schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/persistentResources: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:deleteFeatureValues: parameters: *ref_1 post: - description: Creates a PersistentResource. - operationId: aiplatform.projects.locations.persistentResources.create + description: >- + Delete Feature values from Featurestore. The progress of the deletion is + tracked by the returned operation. The deleted feature values are + guaranteed to be invisible to subsequent read operations after the + operation is marked as successfully done. If a delete feature values + operation fails, the feature values returned from reads and exports may + be inconsistent. If consistency is required, the caller must retry the + same delete request again and wait till the new operation returned is + marked as successfully done. + operationId: >- + aiplatform.projects.locations.featurestores.entityTypes.deleteFeatureValues requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PersistentResource' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1DeleteFeatureValuesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53515,13 +68958,42 @@ paths: required: true schema: type: string - - in: query - name: persistentResourceId + - in: path + name: featurestoresId + required: true schema: type: string - get: - description: Lists PersistentResources in a Location. - operationId: aiplatform.projects.locations.persistentResources.list + - in: path + name: entityTypesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:importFeatureValues: + parameters: *ref_1 + post: + description: >- + Imports Feature values into the Featurestore from a source storage. The + progress of the import is tracked by the returned operation. The + imported features are guaranteed to be visible to subsequent read + operations after the operation is marked as successfully done. If an + import operation fails, the Feature values returned from reads and + exports may be inconsistent. If consistency is required, the caller must + retry the same import request again and wait till the new operation + returned is marked as successfully done. There are also scenarios where + the caller can cause inconsistency. - Source data for import contains + multiple distinct Feature values for the same entity ID and timestamp. - + Source is modified during an import. This includes adding, updating, or + removing source data and/or metadata. Examples of updating metadata + include but are not limited to changing storage location, storage class, + or retention policy. - Online serving cluster is under-provisioned. + operationId: >- + aiplatform.projects.locations.featurestores.entityTypes.importFeatureValues + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ImportFeatureValuesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53533,8 +69005,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListPersistentResourcesResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -53546,20 +69017,29 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: featurestoresId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: entityTypesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/persistentResources/{persistentResourcesId}: + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:setIamPolicy: parameters: *ref_1 - get: - description: Gets a PersistentResource. - operationId: aiplatform.projects.locations.persistentResources.get + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: aiplatform.projects.locations.featurestores.entityTypes.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53571,7 +69051,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PersistentResource' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -53584,13 +69064,26 @@ paths: schema: type: string - in: path - name: persistentResourcesId + name: featurestoresId required: true schema: type: string - delete: - description: Deletes a PersistentResource. - operationId: aiplatform.projects.locations.persistentResources.delete + - in: path + name: entityTypesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: >- + aiplatform.projects.locations.featurestores.entityTypes.testIamPermissions security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53602,7 +69095,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -53615,18 +69108,35 @@ paths: schema: type: string - in: path - name: persistentResourcesId + name: featurestoresId required: true schema: type: string - patch: - description: Updates a PersistentResource. - operationId: aiplatform.projects.locations.persistentResources.patch + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: query + name: permissions + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:writeFeatureValues: + parameters: *ref_1 + post: + description: >- + Writes Feature values of one or more entities of an EntityType. The + Feature values are merged into existing entities if any. The Feature + values to be written must have timestamp within the online storage + retention. + operationId: >- + aiplatform.projects.locations.featurestores.entityTypes.writeFeatureValues requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PersistentResource' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1WriteFeatureValuesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53638,7 +69148,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1WriteFeatureValuesResponse parameters: - in: path name: projectsId @@ -53651,26 +69162,29 @@ paths: schema: type: string - in: path - name: persistentResourcesId + name: featurestoresId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: entityTypesId + required: true schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/persistentResources/{persistentResourcesId}:reboot: + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:streamingReadFeatureValues: parameters: *ref_1 post: - description: Reboots a PersistentResource. - operationId: aiplatform.projects.locations.persistentResources.reboot + description: >- + Reads Feature values for multiple entities. Depending on their size, + data for different entities may be broken up across multiple responses. + operationId: >- + aiplatform.projects.locations.featurestores.entityTypes.streamingReadFeatureValues requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1RebootPersistentResourceRequest + #/components/schemas/GoogleCloudAiplatformV1StreamingReadFeatureValuesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53682,7 +69196,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ReadFeatureValuesResponse parameters: - in: path name: projectsId @@ -53695,17 +69210,25 @@ paths: schema: type: string - in: path - name: persistentResourcesId + name: featurestoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/persistentResources/{persistentResourcesId}/operations: + - in: path + name: entityTypesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.persistentResources.operations.list + post: + description: Creates a new EntityType in a given Featurestore. + operationId: aiplatform.projects.locations.featurestores.entityTypes.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EntityType' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53717,7 +69240,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -53730,31 +69253,17 @@ paths: schema: type: string - in: path - name: persistentResourcesId + name: featurestoresId required: true schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: entityTypeId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/persistentResources/{persistentResourcesId}/operations/{operationsId}: - parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.persistentResources.operations.get + description: Lists EntityTypes in a given Featurestore. + operationId: aiplatform.projects.locations.featurestores.entityTypes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53766,7 +69275,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListEntityTypesResponse parameters: - in: path name: projectsId @@ -53779,22 +69289,44 @@ paths: schema: type: string - in: path - name: persistentResourcesId + name: featurestoresId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.persistentResources.operations.delete + - in: query + name: pageToken + schema: + type: string + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}:exportFeatureValues: + parameters: *ref_1 + post: + description: Exports Feature values from all the entities of a target EntityType. + operationId: >- + aiplatform.projects.locations.featurestores.entityTypes.exportFeatureValues + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ExportFeatureValuesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53806,7 +69338,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -53819,29 +69351,22 @@ paths: schema: type: string - in: path - name: persistentResourcesId + name: featurestoresId required: true schema: type: string - in: path - name: operationsId + name: entityTypesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/persistentResources/{persistentResourcesId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/operations: parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.persistentResources.operations.cancel + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.featurestores.entityTypes.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53853,7 +69378,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -53866,16 +69391,33 @@ paths: schema: type: string - in: path - name: persistentResourcesId + name: featurestoresId required: true schema: type: string - in: path - name: operationsId + name: entityTypesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/persistentResources/{persistentResourcesId}/operations/{operationsId}:wait: + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- @@ -53888,7 +69430,7 @@ paths: best-effort basis. It may return the latest state before the specified timeout (including immediately), meaning even an immediate response is no guarantee that the operation is done. - operationId: aiplatform.projects.locations.persistentResources.operations.wait + operationId: aiplatform.projects.locations.featurestores.entityTypes.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53913,7 +69455,12 @@ paths: schema: type: string - in: path - name: persistentResourcesId + name: featurestoresId + required: true + schema: + type: string + - in: path + name: entityTypesId required: true schema: type: string @@ -53927,18 +69474,16 @@ paths: schema: type: string format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/trainingPipelines: + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/operations/{operationsId}: parameters: *ref_1 - post: + delete: description: >- - Creates a TrainingPipeline. A created TrainingPipeline right away will - be attempted to be run. - operationId: aiplatform.projects.locations.trainingPipelines.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TrainingPipeline' + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: >- + aiplatform.projects.locations.featurestores.entityTypes.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -53950,7 +69495,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TrainingPipeline' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -53962,56 +69507,27 @@ paths: required: true schema: type: string - get: - description: Lists TrainingPipelines in a Location. - operationId: aiplatform.projects.locations.trainingPipelines.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListTrainingPipelinesResponse - parameters: - in: path - name: projectsId + name: featurestoresId required: true schema: type: string - in: path - name: locationsId + name: entityTypesId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: readMask + - in: path + name: operationsId + required: true schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/trainingPipelines/{trainingPipelinesId}: - parameters: *ref_1 get: - description: Gets a TrainingPipeline. - operationId: aiplatform.projects.locations.trainingPipelines.get + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.featurestores.entityTypes.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54023,7 +69539,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TrainingPipeline' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -54036,61 +69552,35 @@ paths: schema: type: string - in: path - name: trainingPipelinesId - required: true - schema: - type: string - delete: - description: Deletes a TrainingPipeline. - operationId: aiplatform.projects.locations.trainingPipelines.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId + name: featurestoresId required: true schema: type: string - in: path - name: locationsId + name: entityTypesId required: true schema: type: string - in: path - name: trainingPipelinesId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/trainingPipelines/{trainingPipelinesId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Cancels a TrainingPipeline. Starts asynchronous cancellation on the - TrainingPipeline. The server makes a best effort to cancel the pipeline, - but success is not guaranteed. Clients can use - PipelineService.GetTrainingPipeline or other methods to check whether - the cancellation succeeded or whether the pipeline completed despite - cancellation. On successful cancellation, the TrainingPipeline is not - deleted; instead it becomes a pipeline with a TrainingPipeline.error - value with a google.rpc.Status.code of 1, corresponding to - `Code.CANCELLED`, and TrainingPipeline.state is set to `CANCELLED`. - operationId: aiplatform.projects.locations.trainingPipelines.cancel - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CancelTrainingPipelineRequest + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: >- + aiplatform.projects.locations.featurestores.entityTypes.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54115,17 +69605,28 @@ paths: schema: type: string - in: path - name: trainingPipelinesId + name: featurestoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/trainingPipelines/{trainingPipelinesId}/operations: + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features/{featuresId}/operations: parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.trainingPipelines.operations.list + operationId: >- + aiplatform.projects.locations.featurestores.entityTypes.features.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54150,10 +69651,28 @@ paths: schema: type: string - in: path - name: trainingPipelinesId + name: featurestoresId + required: true + schema: + type: string + - in: path + name: entityTypesId required: true schema: type: string + - in: path + name: featuresId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: filter schema: @@ -54163,18 +69682,16 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/trainingPipelines/{trainingPipelinesId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features/{featuresId}/operations/{operationsId}: parameters: *ref_1 - get: + delete: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.trainingPipelines.operations.get + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: >- + aiplatform.projects.locations.featurestores.entityTypes.features.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54186,7 +69703,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -54199,7 +69716,17 @@ paths: schema: type: string - in: path - name: trainingPipelinesId + name: featurestoresId + required: true + schema: + type: string + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: path + name: featuresId required: true schema: type: string @@ -54208,13 +69735,13 @@ paths: required: true schema: type: string - delete: + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.trainingPipelines.operations.delete + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: >- + aiplatform.projects.locations.featurestores.entityTypes.features.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54226,7 +69753,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -54239,7 +69766,17 @@ paths: schema: type: string - in: path - name: trainingPipelinesId + name: featurestoresId + required: true + schema: + type: string + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: path + name: featuresId required: true schema: type: string @@ -54248,7 +69785,7 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/trainingPipelines/{trainingPipelinesId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features/{featuresId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- @@ -54261,7 +69798,8 @@ paths: cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.trainingPipelines.operations.cancel + operationId: >- + aiplatform.projects.locations.featurestores.entityTypes.features.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54286,7 +69824,17 @@ paths: schema: type: string - in: path - name: trainingPipelinesId + name: featurestoresId + required: true + schema: + type: string + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: path + name: featuresId required: true schema: type: string @@ -54295,7 +69843,7 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/trainingPipelines/{trainingPipelinesId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features/{featuresId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- @@ -54308,7 +69856,8 @@ paths: best-effort basis. It may return the latest state before the specified timeout (including immediately), meaning even an immediate response is no guarantee that the operation is done. - operationId: aiplatform.projects.locations.trainingPipelines.operations.wait + operationId: >- + aiplatform.projects.locations.featurestores.entityTypes.features.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54333,60 +69882,35 @@ paths: schema: type: string - in: path - name: trainingPipelinesId + name: featurestoresId required: true schema: type: string - in: path - name: operationsId + name: entityTypesId required: true schema: type: string - - in: query - name: timeout - schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs: - parameters: *ref_1 - post: - description: Creates a PipelineJob. A PipelineJob will run immediately when created. - operationId: aiplatform.projects.locations.pipelineJobs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineJob' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineJob' - parameters: - in: path - name: projectsId + name: featuresId required: true schema: type: string - in: path - name: locationsId + name: operationsId required: true schema: type: string - in: query - name: pipelineJobId + name: timeout schema: type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features/{featuresId}: + parameters: *ref_1 get: - description: Lists PipelineJobs in a Location. - operationId: aiplatform.projects.locations.pipelineJobs.list + description: Gets details of a single Feature. + operationId: aiplatform.projects.locations.featurestores.entityTypes.features.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54398,8 +69922,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListPipelineJobsResponse + $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' parameters: - in: path name: projectsId @@ -54411,64 +69934,24 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: readMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs/{pipelineJobsId}: - parameters: *ref_1 - get: - description: Gets a PipelineJob. - operationId: aiplatform.projects.locations.pipelineJobs.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineJob' - parameters: - in: path - name: projectsId + name: featurestoresId required: true schema: type: string - in: path - name: locationsId + name: entityTypesId required: true schema: type: string - in: path - name: pipelineJobsId + name: featuresId required: true schema: type: string delete: - description: Deletes a PipelineJob. - operationId: aiplatform.projects.locations.pipelineJobs.delete + description: Deletes a single Feature. + operationId: aiplatform.projects.locations.featurestores.entityTypes.features.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54493,67 +69976,28 @@ paths: schema: type: string - in: path - name: pipelineJobsId + name: featurestoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs:batchDelete: - parameters: *ref_1 - post: - description: >- - Batch deletes PipelineJobs The Operation is atomic. If it fails, none of - the PipelineJobs are deleted. If it succeeds, all of the PipelineJobs - are deleted. - operationId: aiplatform.projects.locations.pipelineJobs.batchDelete - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchDeletePipelineJobsRequest - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - in: path - name: projectsId + name: entityTypesId required: true schema: type: string - in: path - name: locationsId + name: featuresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs/{pipelineJobsId}:cancel: - parameters: *ref_1 - post: - description: >- - Cancels a PipelineJob. Starts asynchronous cancellation on the - PipelineJob. The server makes a best effort to cancel the pipeline, but - success is not guaranteed. Clients can use - PipelineService.GetPipelineJob or other methods to check whether the - cancellation succeeded or whether the pipeline completed despite - cancellation. On successful cancellation, the PipelineJob is not - deleted; instead it becomes a pipeline with a PipelineJob.error value - with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`, - and PipelineJob.state is set to `CANCELLED`. - operationId: aiplatform.projects.locations.pipelineJobs.cancel + patch: + description: Updates the parameters of a single Feature. + operationId: aiplatform.projects.locations.featurestores.entityTypes.features.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CancelPipelineJobRequest + $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54565,7 +70009,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' parameters: - in: path name: projectsId @@ -54578,27 +70022,35 @@ paths: schema: type: string - in: path - name: pipelineJobsId + name: featurestoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs:batchCancel: + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: path + name: featuresId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features: parameters: *ref_1 post: - description: >- - Batch cancel PipelineJobs. Firstly the server will check if all the jobs - are in non-terminal states, and skip the jobs that are already - terminated. If the operation failed, none of the pipeline jobs are - cancelled. The server will poll the states of all the pipeline jobs - periodically to check the cancellation status. This operation will - return an LRO. - operationId: aiplatform.projects.locations.pipelineJobs.batchCancel + description: Creates a new Feature in a given EntityType. + operationId: aiplatform.projects.locations.featurestores.entityTypes.features.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchCancelPipelineJobsRequest + $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54622,13 +70074,23 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs/{pipelineJobsId}/operations: - parameters: *ref_1 + - in: path + name: featurestoresId + required: true + schema: + type: string + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: query + name: featureId + schema: + type: string get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.pipelineJobs.operations.list + description: Lists Features in a given EntityType. + operationId: aiplatform.projects.locations.featurestores.entityTypes.features.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54640,7 +70102,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListFeaturesResponse parameters: - in: path name: projectsId @@ -54653,16 +70116,17 @@ paths: schema: type: string - in: path - name: pipelineJobsId + name: featurestoresId required: true schema: type: string - - in: query - name: filter + - in: path + name: entityTypesId + required: true schema: type: string - in: query - name: pageSize + name: latestStatsCount schema: type: integer format: int32 @@ -54670,54 +70134,36 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs/{pipelineJobsId}/operations/{operationsId}: - parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.pipelineJobs.operations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId - required: true + - in: query + name: filter schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: pipelineJobsId - required: true + type: integer + format: int32 + - in: query + name: orderBy schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: readMask schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.pipelineJobs.operations.delete + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/entityTypes/{entityTypesId}/features:batchCreate: + parameters: *ref_1 + post: + description: Creates a batch of Features in a given EntityType. + operationId: >- + aiplatform.projects.locations.featurestores.entityTypes.features.batchCreate + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1BatchCreateFeaturesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54729,7 +70175,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -54742,16 +70188,16 @@ paths: schema: type: string - in: path - name: pipelineJobsId + name: featurestoresId required: true schema: type: string - in: path - name: operationsId + name: entityTypesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs/{pipelineJobsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- @@ -54764,7 +70210,7 @@ paths: cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.pipelineJobs.operations.cancel + operationId: aiplatform.projects.locations.featurestores.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54789,7 +70235,7 @@ paths: schema: type: string - in: path - name: pipelineJobsId + name: featurestoresId required: true schema: type: string @@ -54798,20 +70244,15 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs/{pipelineJobsId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/operations/{operationsId}: parameters: *ref_1 - post: + delete: description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.pipelineJobs.operations.wait + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.featurestores.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54823,7 +70264,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -54836,7 +70277,7 @@ paths: schema: type: string - in: path - name: pipelineJobsId + name: featurestoresId required: true schema: type: string @@ -54845,22 +70286,12 @@ paths: required: true schema: type: string - - in: query - name: timeout - schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}:query: - parameters: *ref_1 - post: - description: Queries using a reasoning engine. - operationId: aiplatform.projects.locations.reasoningEngines.query - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QueryReasoningEngineRequest + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.featurestores.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54872,8 +70303,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QueryReasoningEngineResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -54886,21 +70316,29 @@ paths: schema: type: string - in: path - name: reasoningEnginesId + name: featurestoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}:streamQuery: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/operations/{operationsId}:wait: parameters: *ref_1 post: - description: Streams queries using a reasoning engine. - operationId: aiplatform.projects.locations.reasoningEngines.streamQuery - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StreamQueryReasoningEngineRequest + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.featurestores.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54912,7 +70350,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -54925,46 +70363,27 @@ paths: schema: type: string - in: path - name: reasoningEnginesId + name: featurestoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines: - parameters: *ref_1 - post: - description: Creates a reasoning engine. - operationId: aiplatform.projects.locations.reasoningEngines.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ReasoningEngine' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - in: path - name: projectsId + name: operationsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: timeout schema: type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}/operations: + parameters: *ref_1 get: - description: Lists reasoning engines in a location. - operationId: aiplatform.projects.locations.reasoningEngines.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.featurestores.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -54976,8 +70395,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListReasoningEnginesResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -54989,24 +70407,38 @@ paths: required: true schema: type: string + - in: path + name: featurestoresId + required: true + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: filter schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}: + /v1/projects/{projectsId}/locations/{locationsId}/featurestores: parameters: *ref_1 - get: - description: Gets a reasoning engine. - operationId: aiplatform.projects.locations.reasoningEngines.get + post: + description: Creates a new Featurestore in a given project and location. + operationId: aiplatform.projects.locations.featurestores.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Featurestore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55018,7 +70450,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ReasoningEngine' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -55030,19 +70462,13 @@ paths: required: true schema: type: string - - in: path - name: reasoningEnginesId - required: true + - in: query + name: featurestoreId schema: type: string - patch: - description: Updates a reasoning engine. - operationId: aiplatform.projects.locations.reasoningEngines.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ReasoningEngine' + get: + description: Lists Featurestores in a given project and location. + operationId: aiplatform.projects.locations.featurestores.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55054,7 +70480,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListFeaturestoresResponse parameters: - in: path name: projectsId @@ -55066,19 +70493,38 @@ paths: required: true schema: type: string - - in: path - name: reasoningEnginesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - in: query - name: updateMask + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: readMask schema: type: string format: google-fieldmask - delete: - description: Deletes a reasoning engine. - operationId: aiplatform.projects.locations.reasoningEngines.delete + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: aiplatform.projects.locations.featurestores.testIamPermissions security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55090,7 +70536,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -55103,21 +70549,27 @@ paths: schema: type: string - in: path - name: reasoningEnginesId + name: featurestoresId required: true schema: type: string - in: query - name: force + name: permissions schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/operations: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}:setIamPolicy: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.reasoningEngines.operations.list + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: aiplatform.projects.locations.featurestores.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55129,7 +70581,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -55142,31 +70594,15 @@ paths: schema: type: string - in: path - name: reasoningEnginesId + name: featurestoresId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}: parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.reasoningEngines.operations.get + description: Gets details of a single Featurestore. + operationId: aiplatform.projects.locations.featurestores.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55178,7 +70614,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Featurestore' parameters: - in: path name: projectsId @@ -55191,22 +70627,15 @@ paths: schema: type: string - in: path - name: reasoningEnginesId - required: true - schema: - type: string - - in: path - name: operationsId + name: featurestoresId required: true schema: type: string delete: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.reasoningEngines.operations.delete + Deletes a single Featurestore. The Featurestore must not contain any + EntityTypes or `force` must be set to true for the request to succeed. + operationId: aiplatform.projects.locations.featurestores.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55218,7 +70647,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -55231,29 +70660,22 @@ paths: schema: type: string - in: path - name: reasoningEnginesId + name: featurestoresId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: force schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.reasoningEngines.operations.cancel + type: boolean + patch: + description: Updates the parameters of a single Featurestore. + operationId: aiplatform.projects.locations.featurestores.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Featurestore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55265,7 +70687,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -55278,29 +70700,22 @@ paths: schema: type: string - in: path - name: reasoningEnginesId + name: featurestoresId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/operations/{operationsId}:wait: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}:getIamPolicy: parameters: *ref_1 post: description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.reasoningEngines.operations.wait + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: aiplatform.projects.locations.featurestores.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55312,7 +70727,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -55325,30 +70740,31 @@ paths: schema: type: string - in: path - name: reasoningEnginesId - required: true - schema: - type: string - - in: path - name: operationsId + name: featurestoresId required: true schema: type: string - in: query - name: timeout + name: options.requestedPolicyVersion schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/schedules: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/featurestores/{featurestoresId}:batchReadFeatureValues: parameters: *ref_1 post: - description: Creates a Schedule. - operationId: aiplatform.projects.locations.schedules.create + description: >- + Batch reads Feature values from a Featurestore. This API enables batch + reading Feature values, where each read instance in the batch may read + Feature values of entities from one or more EntityTypes. Point-in-time + correctness is guaranteed for Feature values of each read instance as of + each instance's read timestamp. + operationId: aiplatform.projects.locations.featurestores.batchReadFeatureValues requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Schedule' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1BatchReadFeatureValuesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55360,7 +70776,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Schedule' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -55372,9 +70788,16 @@ paths: required: true schema: type: string + - in: path + name: featurestoresId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/featurestores:searchFeatures: + parameters: *ref_1 get: - description: Lists Schedules in a Location. - operationId: aiplatform.projects.locations.schedules.list + description: Searches Features matching a query in a given project. + operationId: aiplatform.projects.locations.featurestores.searchFeatures security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55387,7 +70810,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListSchedulesResponse + #/components/schemas/GoogleCloudAiplatformV1SearchFeaturesResponse parameters: - in: path name: projectsId @@ -55400,7 +70823,7 @@ paths: schema: type: string - in: query - name: filter + name: query schema: type: string - in: query @@ -55412,15 +70835,16 @@ paths: name: pageToken schema: type: string - - in: query - name: orderBy - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/schedules/{schedulesId}: + /v1/projects/{projectsId}/locations/{locationsId}/nasJobs: parameters: *ref_1 - delete: - description: Deletes a Schedule. - operationId: aiplatform.projects.locations.schedules.delete + post: + description: Creates a NasJob + operationId: aiplatform.projects.locations.nasJobs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1NasJob' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55432,7 +70856,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1NasJob' parameters: - in: path name: projectsId @@ -55444,14 +70868,9 @@ paths: required: true schema: type: string - - in: path - name: schedulesId - required: true - schema: - type: string get: - description: Gets a Schedule. - operationId: aiplatform.projects.locations.schedules.get + description: Lists NasJobs in a Location. + operationId: aiplatform.projects.locations.nasJobs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55463,7 +70882,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Schedule' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListNasJobsResponse parameters: - in: path name: projectsId @@ -55475,24 +70895,29 @@ paths: required: true schema: type: string - - in: path - name: schedulesId - required: true + - in: query + name: pageToken schema: type: string - patch: - description: >- - Updates an active or paused Schedule. When the Schedule is updated, new - runs will be scheduled starting from the updated next execution time - after the update time based on the time_specification in the updated - Schedule. All unstarted runs before the update time will be skipped - while already created runs will NOT be paused or canceled. - operationId: aiplatform.projects.locations.schedules.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Schedule' + - in: query + name: filter + schema: + type: string + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/nasJobs/{nasJobsId}: + parameters: *ref_1 + delete: + description: Deletes a NasJob. + operationId: aiplatform.projects.locations.nasJobs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55504,7 +70929,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Schedule' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -55517,40 +70942,29 @@ paths: schema: type: string - in: path - name: schedulesId + name: nasJobsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/schedules/{schedulesId}:pause: - parameters: *ref_1 - post: - description: >- - Pauses a Schedule. Will mark Schedule.state to 'PAUSED'. If the schedule - is paused, no new runs will be created. Already created runs will NOT be - paused or canceled. - operationId: aiplatform.projects.locations.schedules.pause - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PauseScheduleRequest' + get: + description: Gets a NasJob + operationId: aiplatform.projects.locations.nasJobs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudAiplatformV1NasJob' parameters: - in: path name: projectsId @@ -55563,27 +70977,28 @@ paths: schema: type: string - in: path - name: schedulesId + name: nasJobsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schedules/{schedulesId}:resume: + /v1/projects/{projectsId}/locations/{locationsId}/nasJobs/{nasJobsId}:cancel: parameters: *ref_1 post: description: >- - Resumes a paused Schedule to start scheduling new runs. Will mark - Schedule.state to 'ACTIVE'. Only paused Schedule can be resumed. When - the Schedule is resumed, new runs will be scheduled starting from the - next execution time after the current time based on the - time_specification in the Schedule. If Schedule.catch_up is set up true, - all missed runs will be scheduled for backfill first. - operationId: aiplatform.projects.locations.schedules.resume + Cancels a NasJob. Starts asynchronous cancellation on the NasJob. The + server makes a best effort to cancel the job, but success is not + guaranteed. Clients can use JobService.GetNasJob or other methods to + check whether the cancellation succeeded or whether the job completed + despite cancellation. On successful cancellation, the NasJob is not + deleted; instead it becomes a job with a NasJob.error value with a + google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`, and + NasJob.state is set to `CANCELLED`. + operationId: aiplatform.projects.locations.nasJobs.cancel requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ResumeScheduleRequest + $ref: '#/components/schemas/GoogleCloudAiplatformV1CancelNasJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55608,17 +71023,15 @@ paths: schema: type: string - in: path - name: schedulesId + name: nasJobsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schedules/{schedulesId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/nasJobs/{nasJobsId}/nasTrialDetails/{nasTrialDetailsId}: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.schedules.operations.list + description: Gets a NasTrialDetail. + operationId: aiplatform.projects.locations.nasJobs.nasTrialDetails.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55630,7 +71043,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleCloudAiplatformV1NasTrialDetail' parameters: - in: path name: projectsId @@ -55643,31 +71056,20 @@ paths: schema: type: string - in: path - name: schedulesId + name: nasJobsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: nasTrialDetailsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schedules/{schedulesId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/nasJobs/{nasJobsId}/nasTrialDetails: parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.schedules.operations.get + description: List top NasTrialDetails of a NasJob. + operationId: aiplatform.projects.locations.nasJobs.nasTrialDetails.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55679,7 +71081,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListNasTrialDetailsResponse parameters: - in: path name: projectsId @@ -55692,22 +71095,33 @@ paths: schema: type: string - in: path - name: schedulesId + name: nasJobsId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}:pause: + parameters: *ref_1 + post: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.schedules.operations.delete + Pauses a ModelDeploymentMonitoringJob. If the job is running, the server + makes a best effort to cancel the job. Will mark + ModelDeploymentMonitoringJob.state to 'PAUSED'. + operationId: aiplatform.projects.locations.modelDeploymentMonitoringJobs.pause + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1PauseModelDeploymentMonitoringJobRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55732,29 +71146,24 @@ paths: schema: type: string - in: path - name: schedulesId - required: true - schema: - type: string - - in: path - name: operationsId + name: modelDeploymentMonitoringJobsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schedules/{schedulesId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}:resume: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.schedules.operations.cancel + Resumes a paused ModelDeploymentMonitoringJob. It will start to run from + next scheduled time. A deleted ModelDeploymentMonitoringJob can't be + resumed. + operationId: aiplatform.projects.locations.modelDeploymentMonitoringJobs.resume + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ResumeModelDeploymentMonitoringJobRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55779,29 +71188,15 @@ paths: schema: type: string - in: path - name: schedulesId - required: true - schema: - type: string - - in: path - name: operationsId + name: modelDeploymentMonitoringJobsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schedules/{schedulesId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}: parameters: *ref_1 - post: - description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.schedules.operations.wait + get: + description: Gets a ModelDeploymentMonitoringJob. + operationId: aiplatform.projects.locations.modelDeploymentMonitoringJobs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55813,7 +71208,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringJob parameters: - in: path name: projectsId @@ -55826,30 +71222,13 @@ paths: schema: type: string - in: path - name: schedulesId - required: true - schema: - type: string - - in: path - name: operationsId + name: modelDeploymentMonitoringJobsId required: true schema: type: string - - in: query - name: timeout - schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/specialistPools: - parameters: *ref_1 - post: - description: Creates a SpecialistPool. - operationId: aiplatform.projects.locations.specialistPools.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1SpecialistPool' + delete: + description: Deletes a ModelDeploymentMonitoringJob. + operationId: aiplatform.projects.locations.modelDeploymentMonitoringJobs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55873,9 +71252,20 @@ paths: required: true schema: type: string - get: - description: Lists SpecialistPools in a Location. - operationId: aiplatform.projects.locations.specialistPools.list + - in: path + name: modelDeploymentMonitoringJobsId + required: true + schema: + type: string + patch: + description: Updates a ModelDeploymentMonitoringJob. + operationId: aiplatform.projects.locations.modelDeploymentMonitoringJobs.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringJob security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55887,8 +71277,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListSpecialistPoolsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -55900,25 +71289,30 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: modelDeploymentMonitoringJobsId + required: true schema: type: string - in: query - name: readMask + name: updateMask schema: type: string format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/specialistPools/{specialistPoolsId}: + /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}:searchModelDeploymentMonitoringStatsAnomalies: parameters: *ref_1 - get: - description: Gets a SpecialistPool. - operationId: aiplatform.projects.locations.specialistPools.get + post: + description: >- + Searches Model Monitoring Statistics generated within a given time + window. + operationId: >- + aiplatform.projects.locations.modelDeploymentMonitoringJobs.searchModelDeploymentMonitoringStatsAnomalies + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55930,7 +71324,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1SpecialistPool' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1SearchModelDeploymentMonitoringStatsAnomaliesResponse parameters: - in: path name: projectsId @@ -55943,13 +71338,15 @@ paths: schema: type: string - in: path - name: specialistPoolsId + name: modelDeploymentMonitoringJobsId required: true schema: type: string - delete: - description: Deletes a SpecialistPool as well as all Specialists in the pool. - operationId: aiplatform.projects.locations.specialistPools.delete + /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs: + parameters: *ref_1 + get: + description: Lists ModelDeploymentMonitoringJobs in a Location. + operationId: aiplatform.projects.locations.modelDeploymentMonitoringJobs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -55961,7 +71358,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListModelDeploymentMonitoringJobsResponse parameters: - in: path name: projectsId @@ -55973,23 +71371,35 @@ paths: required: true schema: type: string - - in: path - name: specialistPoolsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: force + name: readMask schema: - type: boolean - patch: - description: Updates a SpecialistPool. - operationId: aiplatform.projects.locations.specialistPools.patch + type: string + format: google-fieldmask + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + post: + description: >- + Creates a ModelDeploymentMonitoringJob. It will run periodically on a + configured interval. + operationId: aiplatform.projects.locations.modelDeploymentMonitoringJobs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1SpecialistPool' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringJob security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56001,7 +71411,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ModelDeploymentMonitoringJob parameters: - in: path name: projectsId @@ -56013,23 +71424,14 @@ paths: required: true schema: type: string - - in: path - name: specialistPoolsId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/specialistPools/{specialistPoolsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}/operations: parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.specialistPools.operations.list + operationId: >- + aiplatform.projects.locations.modelDeploymentMonitoringJobs.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56054,31 +71456,36 @@ paths: schema: type: string - in: path - name: specialistPoolsId + name: modelDeploymentMonitoringJobsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/specialistPools/{specialistPoolsId}/operations/{operationsId}: + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}/operations/{operationsId}: parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: aiplatform.projects.locations.specialistPools.operations.get + operationId: >- + aiplatform.projects.locations.modelDeploymentMonitoringJobs.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56103,7 +71510,7 @@ paths: schema: type: string - in: path - name: specialistPoolsId + name: modelDeploymentMonitoringJobsId required: true schema: type: string @@ -56118,54 +71525,8 @@ paths: is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.specialistPools.operations.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: specialistPoolsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/specialistPools/{specialistPoolsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.specialistPools.operations.cancel + operationId: >- + aiplatform.projects.locations.modelDeploymentMonitoringJobs.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56190,7 +71551,7 @@ paths: schema: type: string - in: path - name: specialistPoolsId + name: modelDeploymentMonitoringJobsId required: true schema: type: string @@ -56199,7 +71560,7 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/specialistPools/{specialistPoolsId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- @@ -56212,7 +71573,8 @@ paths: best-effort basis. It may return the latest state before the specified timeout (including immediately), meaning even an immediate response is no guarantee that the operation is done. - operationId: aiplatform.projects.locations.specialistPools.operations.wait + operationId: >- + aiplatform.projects.locations.modelDeploymentMonitoringJobs.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56237,7 +71599,7 @@ paths: schema: type: string - in: path - name: specialistPoolsId + name: modelDeploymentMonitoringJobsId required: true schema: type: string @@ -56251,16 +71613,21 @@ paths: schema: type: string format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards: + /v1/projects/{projectsId}/locations/{locationsId}/modelDeploymentMonitoringJobs/{modelDeploymentMonitoringJobsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: - description: Creates a Tensorboard. - operationId: aiplatform.projects.locations.tensorboards.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensorboard' + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: >- + aiplatform.projects.locations.modelDeploymentMonitoringJobs.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56272,7 +71639,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -56284,80 +71651,35 @@ paths: required: true schema: type: string - get: - description: Lists Tensorboards in a Location. - operationId: aiplatform.projects.locations.tensorboards.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListTensorboardsResponse - parameters: - in: path - name: projectsId + name: modelDeploymentMonitoringJobsId required: true schema: type: string - in: path - name: locationsId + name: operationsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: readMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}: + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}:getIamPolicy: parameters: *ref_1 - get: - description: Gets a Tensorboard. - operationId: aiplatform.projects.locations.tensorboards.get + post: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: aiplatform.projects.locations.notebookRuntimeTemplates.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensorboard' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -56370,18 +71692,26 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: notebookRuntimeTemplatesId required: true schema: type: string - patch: - description: Updates a Tensorboard. - operationId: aiplatform.projects.locations.tensorboards.patch + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates: + parameters: *ref_1 + post: + description: Creates a NotebookRuntimeTemplate. + operationId: aiplatform.projects.locations.notebookRuntimeTemplates.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Tensorboard' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NotebookRuntimeTemplate security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56405,19 +71735,13 @@ paths: required: true schema: type: string - - in: path - name: tensorboardsId - required: true - schema: - type: string - in: query - name: updateMask + name: notebookRuntimeTemplateId schema: type: string - format: google-fieldmask - delete: - description: Deletes a Tensorboard. - operationId: aiplatform.projects.locations.tensorboards.delete + get: + description: Lists NotebookRuntimeTemplates in a Location. + operationId: aiplatform.projects.locations.notebookRuntimeTemplates.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56429,7 +71753,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListNotebookRuntimeTemplatesResponse parameters: - in: path name: projectsId @@ -56441,16 +71766,33 @@ paths: required: true schema: type: string - - in: path - name: tensorboardsId - required: true + - in: query + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}:readUsage: + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}: parameters: *ref_1 - get: - description: Returns a list of monthly active users for a given TensorBoard instance. - operationId: aiplatform.projects.locations.tensorboards.readUsage + delete: + description: Deletes a NotebookRuntimeTemplate. + operationId: aiplatform.projects.locations.notebookRuntimeTemplates.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56462,8 +71804,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ReadTensorboardUsageResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -56476,15 +71817,19 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: notebookRuntimeTemplatesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}:readSize: - parameters: *ref_1 - get: - description: Returns the storage size for a given TensorBoard instance. - operationId: aiplatform.projects.locations.tensorboards.readSize + patch: + description: Updates a NotebookRuntimeTemplate. + operationId: aiplatform.projects.locations.notebookRuntimeTemplates.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1NotebookRuntimeTemplate security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56497,7 +71842,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ReadTensorboardSizeResponse + #/components/schemas/GoogleCloudAiplatformV1NotebookRuntimeTemplate parameters: - in: path name: projectsId @@ -56510,20 +71855,18 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: notebookRuntimeTemplatesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}:batchRead: - parameters: *ref_1 + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: >- - Reads multiple TensorboardTimeSeries' data. The data point number limit - is 1000 for scalars, 100 for tensors and blob references. If the number - of data points stored is less than the limit, all data is returned. - Otherwise, the number limit of data points is randomly selected from - this time series and returned. - operationId: aiplatform.projects.locations.tensorboards.batchRead + description: Gets a NotebookRuntimeTemplate. + operationId: aiplatform.projects.locations.notebookRuntimeTemplates.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56536,7 +71879,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchReadTensorboardTimeSeriesDataResponse + #/components/schemas/GoogleCloudAiplatformV1NotebookRuntimeTemplate parameters: - in: path name: projectsId @@ -56549,21 +71892,21 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: notebookRuntimeTemplatesId required: true schema: type: string - - in: query - name: timeSeries - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}:testIamPermissions: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.tensorboards.operations.list + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: >- + aiplatform.projects.locations.notebookRuntimeTemplates.testIamPermissions security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56575,7 +71918,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -56588,31 +71931,27 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: notebookRuntimeTemplatesId required: true schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: permissions schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}:setIamPolicy: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.tensorboards.operations.get + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: aiplatform.projects.locations.notebookRuntimeTemplates.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56624,7 +71963,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -56637,22 +71976,19 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: operationsId + name: notebookRuntimeTemplatesId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}/operations/{operationsId}: + parameters: *ref_1 delete: description: >- Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.tensorboards.operations.delete + operationId: aiplatform.projects.locations.notebookRuntimeTemplates.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56677,7 +72013,7 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: notebookRuntimeTemplatesId required: true schema: type: string @@ -56686,20 +72022,12 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.tensorboards.operations.cancel + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.notebookRuntimeTemplates.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56711,7 +72039,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -56724,7 +72052,7 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: notebookRuntimeTemplatesId required: true schema: type: string @@ -56733,7 +72061,7 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- @@ -56746,7 +72074,7 @@ paths: best-effort basis. It may return the latest state before the specified timeout (including immediately), meaning even an immediate response is no guarantee that the operation is done. - operationId: aiplatform.projects.locations.tensorboards.operations.wait + operationId: aiplatform.projects.locations.notebookRuntimeTemplates.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56771,7 +72099,7 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: notebookRuntimeTemplatesId required: true schema: type: string @@ -56785,17 +72113,20 @@ paths: schema: type: string format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments: + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}/operations/{operationsId}:cancel: parameters: *ref_1 post: - description: Creates a TensorboardExperiment. - operationId: aiplatform.projects.locations.tensorboards.experiments.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TensorboardExperiment + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.notebookRuntimeTemplates.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56807,8 +72138,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TensorboardExperiment + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -56821,34 +72151,34 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: notebookRuntimeTemplatesId required: true schema: type: string - - in: query - name: tensorboardExperimentId + - in: path + name: operationsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/notebookRuntimeTemplates/{notebookRuntimeTemplatesId}/operations: + parameters: *ref_1 get: - description: Lists TensorboardExperiments in a Location. - operationId: aiplatform.projects.locations.tensorboards.experiments.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.notebookRuntimeTemplates.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListTensorboardExperimentsResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -56861,54 +72191,44 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: notebookRuntimeTemplatesId required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query - name: orderBy + name: returnPartialSuccess schema: - type: string + type: boolean - in: query - name: readMask + name: pageToken schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}: + /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs/{pipelineJobsId}: parameters: *ref_1 get: - description: Gets a TensorboardExperiment. - operationId: aiplatform.projects.locations.tensorboards.experiments.get + description: Gets a PipelineJob. + operationId: aiplatform.projects.locations.pipelineJobs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TensorboardExperiment + $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineJob' parameters: - in: path name: projectsId @@ -56921,24 +72241,13 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId + name: pipelineJobsId required: true schema: type: string - patch: - description: Updates a TensorboardExperiment. - operationId: aiplatform.projects.locations.tensorboards.experiments.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TensorboardExperiment + delete: + description: Deletes a PipelineJob. + operationId: aiplatform.projects.locations.pipelineJobs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -56950,8 +72259,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TensorboardExperiment + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -56964,23 +72272,24 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId + name: pipelineJobsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a TensorboardExperiment. - operationId: aiplatform.projects.locations.tensorboards.experiments.delete + /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs:batchDelete: + parameters: *ref_1 + post: + description: >- + Batch deletes PipelineJobs The Operation is atomic. If it fails, none of + the PipelineJobs are deleted. If it succeeds, all of the PipelineJobs + are deleted. + operationId: aiplatform.projects.locations.pipelineJobs.batchDelete + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1BatchDeletePipelineJobsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57004,29 +72313,11 @@ paths: required: true schema: type: string - - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}:batchCreate: + /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs: parameters: *ref_1 - post: - description: >- - Batch create TensorboardTimeSeries that belong to a - TensorboardExperiment. - operationId: aiplatform.projects.locations.tensorboards.experiments.batchCreate - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchCreateTensorboardTimeSeriesRequest + get: + description: Lists PipelineJobs in a Location. + operationId: aiplatform.projects.locations.pipelineJobs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57039,7 +72330,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchCreateTensorboardTimeSeriesResponse + #/components/schemas/GoogleCloudAiplatformV1ListPipelineJobsResponse parameters: - in: path name: projectsId @@ -57051,30 +72342,36 @@ paths: required: true schema: type: string - - in: path - name: tensorboardsId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: experimentsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}:write: - parameters: *ref_1 post: - description: >- - Write time series data points of multiple TensorboardTimeSeries in - multiple TensorboardRun's. If any data fail to be ingested, an error is - returned. - operationId: aiplatform.projects.locations.tensorboards.experiments.write + description: Creates a PipelineJob. A PipelineJob will run immediately when created. + operationId: aiplatform.projects.locations.pipelineJobs.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1WriteTensorboardExperimentDataRequest + $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineJob' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57086,8 +72383,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1WriteTensorboardExperimentDataResponse + $ref: '#/components/schemas/GoogleCloudAiplatformV1PipelineJob' parameters: - in: path name: projectsId @@ -57099,23 +72395,27 @@ paths: required: true schema: type: string - - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId - required: true + - in: query + name: pipelineJobId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs:batchCancel: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.tensorboards.experiments.operations.list + Batch cancel PipelineJobs. Firstly the server will check if all the jobs + are in non-terminal states, and skip the jobs that are already + terminated. If the operation failed, none of the pipeline jobs are + cancelled. The server will poll the states of all the pipeline jobs + periodically to check the cancellation status. This operation will + return an LRO. + operationId: aiplatform.projects.locations.pipelineJobs.batchCancel + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1BatchCancelPipelineJobsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57127,7 +72427,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -57139,37 +72439,26 @@ paths: required: true schema: type: string - - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs/{pipelineJobsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.tensorboards.experiments.operations.get + Cancels a PipelineJob. Starts asynchronous cancellation on the + PipelineJob. The server makes a best effort to cancel the pipeline, but + success is not guaranteed. Clients can use + PipelineService.GetPipelineJob or other methods to check whether the + cancellation succeeded or whether the pipeline completed despite + cancellation. On successful cancellation, the PipelineJob is not + deleted; instead it becomes a pipeline with a PipelineJob.error value + with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`, + and PipelineJob.state is set to `CANCELLED`. + operationId: aiplatform.projects.locations.pipelineJobs.cancel + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CancelPipelineJobRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57181,7 +72470,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -57194,27 +72483,17 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId - required: true - schema: - type: string - - in: path - name: operationsId + name: pipelineJobsId required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs/{pipelineJobsId}/operations: + parameters: *ref_1 + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.tensorboards.experiments.operations.delete + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.pipelineJobs.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57226,7 +72505,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -57239,21 +72518,28 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: pipelineJobsId required: true schema: type: string - - in: path - name: experimentsId - required: true + - in: query + name: filter schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs/{pipelineJobsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- @@ -57266,7 +72552,7 @@ paths: cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.tensorboards.experiments.operations.cancel + operationId: aiplatform.projects.locations.pipelineJobs.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57291,12 +72577,7 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId + name: pipelineJobsId required: true schema: type: string @@ -57305,7 +72586,7 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs/{pipelineJobsId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- @@ -57318,7 +72599,7 @@ paths: best-effort basis. It may return the latest state before the specified timeout (including immediately), meaning even an immediate response is no guarantee that the operation is done. - operationId: aiplatform.projects.locations.tensorboards.experiments.operations.wait + operationId: aiplatform.projects.locations.pipelineJobs.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57343,12 +72624,7 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId + name: pipelineJobsId required: true schema: type: string @@ -57362,16 +72638,15 @@ paths: schema: type: string format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs: + /v1/projects/{projectsId}/locations/{locationsId}/pipelineJobs/{pipelineJobsId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Creates a TensorboardRun. - operationId: aiplatform.projects.locations.tensorboards.experiments.runs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardRun' + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.pipelineJobs.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57383,7 +72658,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardRun' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -57396,39 +72671,33 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: pipelineJobsId required: true schema: type: string - in: path - name: experimentsId + name: operationsId required: true schema: type: string - - in: query - name: tensorboardRunId - schema: - type: string get: - description: Lists TensorboardRuns in a Location. - operationId: aiplatform.projects.locations.tensorboards.experiments.runs.list + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.pipelineJobs.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListTensorboardRunsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -57441,17 +72710,42 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: pipelineJobsId required: true schema: type: string - in: path - name: experimentsId + name: operationsId required: true schema: type: string - - in: query - name: filter + /v1/projects/{projectsId}/locations/{locationsId}/hyperparameterTuningJobs: + parameters: *ref_1 + get: + description: Lists HyperparameterTuningJobs in a Location. + operationId: aiplatform.projects.locations.hyperparameterTuningJobs.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListHyperparameterTuningJobsResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true schema: type: string - in: query @@ -57464,7 +72758,7 @@ paths: schema: type: string - in: query - name: orderBy + name: filter schema: type: string - in: query @@ -57472,17 +72766,15 @@ paths: schema: type: string format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs:batchCreate: - parameters: *ref_1 post: - description: Batch create TensorboardRuns. - operationId: aiplatform.projects.locations.tensorboards.experiments.runs.batchCreate + description: Creates a HyperparameterTuningJob + operationId: aiplatform.projects.locations.hyperparameterTuningJobs.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchCreateTensorboardRunsRequest + #/components/schemas/GoogleCloudAiplatformV1HyperparameterTuningJob security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57495,7 +72787,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1BatchCreateTensorboardRunsResponse + #/components/schemas/GoogleCloudAiplatformV1HyperparameterTuningJob parameters: - in: path name: projectsId @@ -57507,37 +72799,104 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/hyperparameterTuningJobs/{hyperparameterTuningJobsId}:cancel: + parameters: *ref_1 + post: + description: >- + Cancels a HyperparameterTuningJob. Starts asynchronous cancellation on + the HyperparameterTuningJob. The server makes a best effort to cancel + the job, but success is not guaranteed. Clients can use + JobService.GetHyperparameterTuningJob or other methods to check whether + the cancellation succeeded or whether the job completed despite + cancellation. On successful cancellation, the HyperparameterTuningJob is + not deleted; instead it becomes a job with a + HyperparameterTuningJob.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`, and HyperparameterTuningJob.state is + set to `CANCELLED`. + operationId: aiplatform.projects.locations.hyperparameterTuningJobs.cancel + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CancelHyperparameterTuningJobRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: tensorboardsId + name: locationsId required: true schema: type: string - in: path - name: experimentsId + name: hyperparameterTuningJobsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}: + /v1/projects/{projectsId}/locations/{locationsId}/hyperparameterTuningJobs/{hyperparameterTuningJobsId}: parameters: *ref_1 get: - description: Gets a TensorboardRun. - operationId: aiplatform.projects.locations.tensorboards.experiments.runs.get + description: Gets a HyperparameterTuningJob + operationId: aiplatform.projects.locations.hyperparameterTuningJobs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1HyperparameterTuningJob + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: hyperparameterTuningJobsId + required: true + schema: + type: string + delete: + description: Deletes a HyperparameterTuningJob. + operationId: aiplatform.projects.locations.hyperparameterTuningJobs.delete + security: - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only + - https://www.googleapis.com/auth/cloud-platform Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardRun' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -57550,28 +72909,66 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: hyperparameterTuningJobsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/hyperparameterTuningJobs/{hyperparameterTuningJobsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.projects.locations.hyperparameterTuningJobs.operations.cancel + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId required: true schema: type: string - in: path - name: experimentsId + name: locationsId required: true schema: type: string - in: path - name: runsId + name: hyperparameterTuningJobsId required: true schema: type: string - patch: - description: Updates a TensorboardRun. - operationId: aiplatform.projects.locations.tensorboards.experiments.runs.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardRun' + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/hyperparameterTuningJobs/{hyperparameterTuningJobsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.hyperparameterTuningJobs.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57583,7 +72980,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1TensorboardRun' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -57596,28 +72993,21 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId + name: hyperparameterTuningJobsId required: true schema: type: string - in: path - name: runsId + name: operationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a TensorboardRun. - operationId: aiplatform.projects.locations.tensorboards.experiments.runs.delete + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.hyperparameterTuningJobs.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57642,33 +73032,29 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId + name: hyperparameterTuningJobsId required: true schema: type: string - in: path - name: runsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}:write: + /v1/projects/{projectsId}/locations/{locationsId}/hyperparameterTuningJobs/{hyperparameterTuningJobsId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- - Write time series data points into multiple TensorboardTimeSeries under - a TensorboardRun. If any data fail to be ingested, an error is returned. - operationId: aiplatform.projects.locations.tensorboards.experiments.runs.write - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1WriteTensorboardRunDataRequest + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.hyperparameterTuningJobs.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57680,8 +73066,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1WriteTensorboardRunDataResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -57694,28 +73079,27 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: hyperparameterTuningJobsId required: true schema: type: string - in: path - name: experimentsId + name: operationsId required: true schema: type: string - - in: path - name: runsId - required: true + - in: query + name: timeout schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/operations: + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/hyperparameterTuningJobs/{hyperparameterTuningJobsId}/operations: parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.operations.list + operationId: aiplatform.projects.locations.hyperparameterTuningJobs.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57740,24 +73124,14 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId - required: true - schema: - type: string - - in: path - name: runsId + name: hyperparameterTuningJobsId required: true schema: type: string - in: query - name: filter + name: returnPartialSuccess schema: - type: string + type: boolean - in: query name: pageSize schema: @@ -57767,15 +73141,23 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/operations/{operationsId}: + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/evaluationRuns/{evaluationRunsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.operations.get + Cancels an Evaluation Run. Attempts to cancel a running Evaluation Run + asynchronously. Status of run can be checked via GetEvaluationRun. + operationId: aiplatform.projects.locations.evaluationRuns.cancel + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1CancelEvaluationRunRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57787,7 +73169,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -57800,33 +73182,15 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId - required: true - schema: - type: string - - in: path - name: runsId - required: true - schema: - type: string - - in: path - name: operationsId + name: evaluationRunsId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/evaluationRuns/{evaluationRunsId}: + parameters: *ref_1 delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.operations.delete + description: Deletes an Evaluation Run. + operationId: aiplatform.projects.locations.evaluationRuns.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57838,7 +73202,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -57851,40 +73215,51 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: evaluationRunsId required: true schema: type: string + get: + description: Gets an Evaluation Run. + operationId: aiplatform.projects.locations.evaluationRuns.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationRun' + parameters: - in: path - name: experimentsId + name: projectsId required: true schema: type: string - in: path - name: runsId + name: locationsId required: true schema: type: string - in: path - name: operationsId + name: evaluationRunsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/evaluationRuns: parameters: *ref_1 post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.operations.cancel + description: Creates an Evaluation Run. + operationId: aiplatform.projects.locations.evaluationRuns.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationRun' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57896,7 +73271,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudAiplatformV1EvaluationRun' parameters: - in: path name: projectsId @@ -57908,41 +73283,55 @@ paths: required: true schema: type: string + get: + description: Lists Evaluation Runs. + operationId: aiplatform.projects.locations.evaluationRuns.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListEvaluationRunsResponse + parameters: - in: path - name: tensorboardsId + name: projectsId required: true schema: type: string - in: path - name: experimentsId + name: locationsId required: true schema: type: string - - in: path - name: runsId - required: true + - in: query + name: orderBy schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/operations/{operationsId}:wait: + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}/features: parameters: *ref_1 - post: - description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.operations.wait + get: + description: Lists Features in a given FeatureGroup. + operationId: aiplatform.projects.locations.featureGroups.features.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -57954,7 +73343,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListFeaturesResponse parameters: - in: path name: projectsId @@ -57967,42 +73357,45 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: featureGroupsId required: true schema: type: string - - in: path - name: experimentsId - required: true + - in: query + name: readMask schema: type: string - - in: path - name: runsId - required: true + format: google-fieldmask + - in: query + name: filter schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: timeout + name: latestStatsCount + schema: + type: integer + format: int32 + - in: query + name: orderBy schema: type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries: - parameters: *ref_1 + - in: query + name: pageSize + schema: + type: integer + format: int32 post: - description: Creates a TensorboardTimeSeries. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.create + description: Creates a new Feature in a given FeatureGroup. + operationId: aiplatform.projects.locations.featureGroups.features.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeries + $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -58014,8 +73407,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeries + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -58028,45 +73420,31 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId - required: true - schema: - type: string - - in: path - name: runsId + name: featureGroupsId required: true schema: type: string - in: query - name: tensorboardTimeSeriesId + name: featureId schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}/features/{featuresId}: + parameters: *ref_1 get: - description: Lists TensorboardTimeSeries in a Location. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.list + description: Gets details of a single Feature. + operationId: aiplatform.projects.locations.featureGroups.features.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListTensorboardTimeSeriesResponse + $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' parameters: - in: path name: projectsId @@ -58079,65 +73457,30 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId + name: featureGroupsId required: true schema: type: string - in: path - name: runsId + name: featuresId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: readMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}: - parameters: *ref_1 - get: - description: Gets a TensorboardTimeSeries. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.get + delete: + description: Deletes a single Feature. + operationId: aiplatform.projects.locations.featureGroups.features.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeries + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -58150,35 +73493,23 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId - required: true - schema: - type: string - - in: path - name: runsId + name: featureGroupsId required: true schema: type: string - in: path - name: timeSeriesId + name: featuresId required: true schema: type: string patch: - description: Updates a TensorboardTimeSeries. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.patch + description: Updates the parameters of a single Feature. + operationId: aiplatform.projects.locations.featureGroups.features.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeries + $ref: '#/components/schemas/GoogleCloudAiplatformV1Feature' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -58190,8 +73521,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1TensorboardTimeSeries + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -58204,34 +73534,73 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: featureGroupsId required: true schema: type: string - in: path - name: experimentsId + name: featuresId required: true schema: type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}/features:batchCreate: + parameters: *ref_1 + post: + description: Creates a batch of Features in a given FeatureGroup. + operationId: aiplatform.projects.locations.featureGroups.features.batchCreate + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1BatchCreateFeaturesRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: - in: path - name: runsId + name: projectsId required: true schema: type: string - in: path - name: timeSeriesId + name: locationsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: featureGroupsId + required: true schema: type: string - format: google-fieldmask - delete: - description: Deletes a TensorboardTimeSeries. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.delete + /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}/features/{featuresId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.featureGroups.features.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -58256,53 +73625,42 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: featureGroupsId required: true schema: type: string - in: path - name: experimentsId + name: featuresId required: true schema: type: string - in: path - name: runsId + name: operationsId required: true schema: type: string - - in: path - name: timeSeriesId - required: true + - in: query + name: timeout schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}:read: - parameters: *ref_1 + format: google-duration get: description: >- - Reads a TensorboardTimeSeries' data. By default, if the number of data - points stored is less than 1000, all data is returned. Otherwise, 1000 - data points is randomly selected from this time series and returned. - This value can be changed by changing max_data_points, which can't be - greater than 10k. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.read + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.featureGroups.features.operations.listWait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ReadTensorboardTimeSeriesDataResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -58315,60 +73673,58 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId + name: featureGroupsId required: true schema: type: string - in: path - name: runsId + name: featuresId required: true schema: type: string - in: path - name: timeSeriesId + name: operationsId required: true schema: type: string - in: query - name: maxDataPoints + name: pageToken schema: - type: integer - format: int32 + type: string - in: query name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}:readBlobData: + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}/features/{featuresId}/operations/{operationsId}: parameters: *ref_1 - get: + delete: description: >- - Gets bytes of TensorboardBlobs. This is to allow reading blob data - stored in consumer project's Cloud Storage bucket without users having - to obtain Cloud Storage access permission. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.readBlobData + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.featureGroups.features.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ReadTensorboardBlobDataResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -58381,43 +73737,26 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId + name: featureGroupsId required: true schema: type: string - in: path - name: runsId + name: featuresId required: true schema: type: string - in: path - name: timeSeriesId + name: operationsId required: true schema: type: string - - in: query - name: blobIds - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}:exportTensorboardTimeSeries: - parameters: *ref_1 - post: + get: description: >- - Exports a TensorboardTimeSeries' data. Data is returned in paginated - responses. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.exportTensorboardTimeSeries - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ExportTensorboardTimeSeriesDataRequest + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.featureGroups.features.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -58429,8 +73768,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ExportTensorboardTimeSeriesDataResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -58443,33 +73781,27 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId + name: featureGroupsId required: true schema: type: string - in: path - name: runsId + name: featuresId required: true schema: type: string - in: path - name: timeSeriesId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}/operations/{operationsId}:wait: parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.operations.list + operationId: aiplatform.projects.locations.featureGroups.operations.listWait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -58494,27 +73826,25 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: featureGroupsId required: true schema: type: string - in: path - name: experimentsId + name: operationsId required: true schema: type: string - - in: path - name: runsId - required: true + - in: query + name: filter schema: type: string - - in: path - name: timeSeriesId - required: true + - in: query + name: returnPartialSuccess schema: - type: string + type: boolean - in: query - name: filter + name: pageToken schema: type: string - in: query @@ -58522,19 +73852,18 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}/operations/{operationsId}: - parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.operations.get + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.featureGroups.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -58559,38 +73888,28 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId - required: true - schema: - type: string - - in: path - name: runsId + name: featureGroupsId required: true schema: type: string - in: path - name: timeSeriesId + name: operationsId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: timeout schema: type: string - delete: + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}/operations/{operationsId}: + parameters: *ref_1 + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.operations.delete + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.featureGroups.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -58602,7 +73921,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -58615,22 +73934,7 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId - required: true - schema: - type: string - - in: path - name: runsId - required: true - schema: - type: string - - in: path - name: timeSeriesId + name: featureGroupsId required: true schema: type: string @@ -58639,21 +73943,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: + delete: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.operations.cancel + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.featureGroups.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -58678,22 +73974,7 @@ paths: schema: type: string - in: path - name: tensorboardsId - required: true - schema: - type: string - - in: path - name: experimentsId - required: true - schema: - type: string - - in: path - name: runsId - required: true - schema: - type: string - - in: path - name: timeSeriesId + name: featureGroupsId required: true schema: type: string @@ -58702,21 +73983,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tensorboards/{tensorboardsId}/experiments/{experimentsId}/runs/{runsId}/timeSeries/{timeSeriesId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}: parameters: *ref_1 - post: - description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: >- - aiplatform.projects.locations.tensorboards.experiments.runs.timeSeries.operations.wait + delete: + description: Deletes a single FeatureGroup. + operationId: aiplatform.projects.locations.featureGroups.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -58741,47 +74012,53 @@ paths: schema: type: string - in: path - name: tensorboardsId + name: featureGroupsId required: true schema: type: string - - in: path - name: experimentsId - required: true + - in: query + name: force schema: - type: string + type: boolean + get: + description: Gets details of a single FeatureGroup. + operationId: aiplatform.projects.locations.featureGroups.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureGroup' + parameters: - in: path - name: runsId + name: projectsId required: true schema: type: string - in: path - name: timeSeriesId + name: locationsId required: true schema: type: string - in: path - name: operationsId + name: featureGroupsId required: true schema: type: string - - in: query - name: timeout - schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/studies: - parameters: *ref_1 - post: - description: >- - Creates a Study. A resource name will be generated after creation of the - Study. - operationId: aiplatform.projects.locations.studies.create + patch: + description: Updates the parameters of a single FeatureGroup. + operationId: aiplatform.projects.locations.featureGroups.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Study' + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -58793,7 +74070,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Study' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -58805,9 +74082,26 @@ paths: required: true schema: type: string - get: - description: Lists all the studies in a region for an associated project. - operationId: aiplatform.projects.locations.studies.list + - in: path + name: featureGroupsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/featureGroups: + parameters: *ref_1 + post: + description: Creates a new FeatureGroup in a given project and location. + operationId: aiplatform.projects.locations.featureGroups.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1FeatureGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -58819,8 +74113,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListStudiesResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -58833,19 +74126,12 @@ paths: schema: type: string - in: query - name: pageToken + name: featureGroupId schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}: - parameters: *ref_1 get: - description: Gets a Study by name. - operationId: aiplatform.projects.locations.studies.get + description: Lists FeatureGroups in a given project and location. + operationId: aiplatform.projects.locations.featureGroups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -58857,7 +74143,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Study' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListFeatureGroupsResponse parameters: - in: path name: projectsId @@ -58869,14 +74156,36 @@ paths: required: true schema: type: string - - in: path - name: studiesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - delete: - description: Deletes a Study. - operationId: aiplatform.projects.locations.studies.delete + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: aiplatform.projects.locations.featureGroups.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -58888,7 +74197,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -58901,22 +74210,17 @@ paths: schema: type: string - in: path - name: studiesId + name: featureGroupsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/studies:lookup: + /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}:getIamPolicy: parameters: *ref_1 post: description: >- - Looks a study up using the user-defined display_name field instead of - the fully qualified resource name. - operationId: aiplatform.projects.locations.studies.lookup - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1LookupStudyRequest' + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: aiplatform.projects.locations.featureGroups.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -58928,7 +74232,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Study' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -58940,13 +74244,26 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/operations: + - in: path + name: featureGroupsId + required: true + schema: + type: string + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/featureGroups/{featureGroupsId}:testIamPermissions: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.studies.operations.list + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: aiplatform.projects.locations.featureGroups.testIamPermissions security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -58958,7 +74275,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -58971,31 +74288,19 @@ paths: schema: type: string - in: path - name: studiesId + name: featureGroupsId required: true schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: permissions schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}: parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.studies.operations.get + description: Gets a reasoning engine. + operationId: aiplatform.projects.locations.reasoningEngines.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59007,7 +74312,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1ReasoningEngine' parameters: - in: path name: projectsId @@ -59020,22 +74325,13 @@ paths: schema: type: string - in: path - name: studiesId - required: true - schema: - type: string - - in: path - name: operationsId + name: reasoningEnginesId required: true schema: type: string delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.studies.operations.delete + description: Deletes a reasoning engine. + operationId: aiplatform.projects.locations.reasoningEngines.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59047,7 +74343,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -59060,29 +74356,22 @@ paths: schema: type: string - in: path - name: studiesId + name: reasoningEnginesId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: force schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.studies.operations.cancel + type: boolean + patch: + description: Updates a reasoning engine. + operationId: aiplatform.projects.locations.reasoningEngines.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ReasoningEngine' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59094,7 +74383,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -59107,29 +74396,26 @@ paths: schema: type: string - in: path - name: studiesId + name: reasoningEnginesId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/operations/{operationsId}:wait: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}:query: parameters: *ref_1 post: - description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.studies.operations.wait + description: Queries using a reasoning engine. + operationId: aiplatform.projects.locations.reasoningEngines.query + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1QueryReasoningEngineRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59141,7 +74427,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1QueryReasoningEngineResponse parameters: - in: path name: projectsId @@ -59154,34 +74441,21 @@ paths: schema: type: string - in: path - name: studiesId - required: true - schema: - type: string - - in: path - name: operationsId + name: reasoningEnginesId required: true schema: type: string - - in: query - name: timeout - schema: - type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials:suggest: + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}:streamQuery: parameters: *ref_1 post: - description: >- - Adds one or more Trials to a Study, with parameter values suggested by - Vertex AI Vizier. Returns a long-running operation associated with the - generation of Trial suggestions. When this long-running operation - succeeds, it will contain a SuggestTrialsResponse. - operationId: aiplatform.projects.locations.studies.trials.suggest + description: Streams queries using a reasoning engine. + operationId: aiplatform.projects.locations.reasoningEngines.streamQuery requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1SuggestTrialsRequest' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1StreamQueryReasoningEngineRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59193,7 +74467,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: projectsId @@ -59206,20 +74480,20 @@ paths: schema: type: string - in: path - name: studiesId + name: reasoningEnginesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials: + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines: parameters: *ref_1 post: - description: Adds a user provided Trial to a Study. - operationId: aiplatform.projects.locations.studies.trials.create + description: Creates a reasoning engine. + operationId: aiplatform.projects.locations.reasoningEngines.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' + $ref: '#/components/schemas/GoogleCloudAiplatformV1ReasoningEngine' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59231,7 +74505,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -59243,14 +74517,9 @@ paths: required: true schema: type: string - - in: path - name: studiesId - required: true - schema: - type: string get: - description: Lists the Trials associated with a Study. - operationId: aiplatform.projects.locations.studies.trials.list + description: Lists reasoning engines in a location. + operationId: aiplatform.projects.locations.reasoningEngines.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59262,7 +74531,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ListTrialsResponse' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListReasoningEnginesResponse parameters: - in: path name: projectsId @@ -59274,25 +74544,24 @@ paths: required: true schema: type: string - - in: path - name: studiesId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query name: pageToken schema: type: string - in: query - name: pageSize + name: filter schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/memories/{memoriesId}/revisions/{revisionsId}: parameters: *ref_1 get: - description: Gets a Trial. - operationId: aiplatform.projects.locations.studies.trials.get + description: Get a Memory Revision. + operationId: aiplatform.projects.locations.reasoningEngines.memories.revisions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59304,7 +74573,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' + $ref: '#/components/schemas/GoogleCloudAiplatformV1MemoryRevision' parameters: - in: path name: projectsId @@ -59317,18 +74586,25 @@ paths: schema: type: string - in: path - name: studiesId + name: reasoningEnginesId required: true schema: type: string - in: path - name: trialsId + name: memoriesId required: true schema: type: string - delete: - description: Deletes a Trial. - operationId: aiplatform.projects.locations.studies.trials.delete + - in: path + name: revisionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/memories/{memoriesId}/revisions: + parameters: *ref_1 + get: + description: List Memory Revisions for a Memory. + operationId: aiplatform.projects.locations.reasoningEngines.memories.revisions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59340,7 +74616,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListMemoryRevisionsResponse parameters: - in: path name: projectsId @@ -59353,28 +74630,36 @@ paths: schema: type: string - in: path - name: studiesId + name: reasoningEnginesId required: true schema: type: string - in: path - name: trialsId + name: memoriesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}:addTrialMeasurement: + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/memories/{memoriesId}/operations/{operationsId}: parameters: *ref_1 - post: + get: description: >- - Adds a measurement of the objective metrics to a Trial. This measurement - is assumed to have been taken before the Trial is complete. - operationId: aiplatform.projects.locations.studies.trials.addTrialMeasurement - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1AddTrialMeasurementRequest + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.reasoningEngines.memories.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59386,7 +74671,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -59399,25 +74684,28 @@ paths: schema: type: string - in: path - name: studiesId + name: reasoningEnginesId required: true schema: type: string - in: path - name: trialsId + name: memoriesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}:complete: - parameters: *ref_1 - post: - description: Marks a Trial as complete. - operationId: aiplatform.projects.locations.studies.trials.complete - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CompleteTrialRequest' + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: >- + aiplatform.projects.locations.reasoningEngines.memories.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59429,7 +74717,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -59442,30 +74730,27 @@ paths: schema: type: string - in: path - name: studiesId + name: reasoningEnginesId required: true schema: type: string - in: path - name: trialsId + name: memoriesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}:checkTrialEarlyStoppingState: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/memories/{memoriesId}/operations: parameters: *ref_1 - post: + get: description: >- - Checks whether a Trial should stop or not. Returns a long-running - operation. When the operation is successful, it will contain a - CheckTrialEarlyStoppingStateResponse. - operationId: >- - aiplatform.projects.locations.studies.trials.checkTrialEarlyStoppingState - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CheckTrialEarlyStoppingStateRequest + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.reasoningEngines.memories.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59477,7 +74762,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -59490,25 +74775,46 @@ paths: schema: type: string - in: path - name: studiesId + name: reasoningEnginesId required: true schema: type: string - in: path - name: trialsId + name: memoriesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}:stop: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/memories/{memoriesId}/operations/{operationsId}:wait: parameters: *ref_1 post: - description: Stops a Trial. - operationId: aiplatform.projects.locations.studies.trials.stop - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1StopTrialRequest' + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.reasoningEngines.memories.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59520,7 +74826,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1Trial' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -59533,29 +74839,40 @@ paths: schema: type: string - in: path - name: studiesId + name: reasoningEnginesId required: true schema: type: string - in: path - name: trialsId + name: memoriesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials:listOptimalTrials: + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/memories/{memoriesId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Lists the pareto-optimal Trials for multi-objective Study or the optimal - Trials for single-objective Study. The definition of pareto-optimal can - be checked in wiki page. https://en.wikipedia.org/wiki/Pareto_efficiency - operationId: aiplatform.projects.locations.studies.trials.listOptimalTrials - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListOptimalTrialsRequest + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: >- + aiplatform.projects.locations.reasoningEngines.memories.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59567,8 +74884,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListOptimalTrialsResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -59581,17 +74897,30 @@ paths: schema: type: string - in: path - name: studiesId + name: reasoningEnginesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}/operations: + - in: path + name: memoriesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/memories/{memoriesId}: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.studies.trials.operations.list + patch: + description: Update a Memory. + operationId: aiplatform.projects.locations.reasoningEngines.memories.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Memory' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59603,7 +74932,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -59616,36 +74945,23 @@ paths: schema: type: string - in: path - name: studiesId + name: reasoningEnginesId required: true schema: type: string - in: path - name: trialsId + name: memoriesId required: true schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}/operations/{operationsId}: - parameters: *ref_1 + format: google-fieldmask get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.studies.trials.operations.get + description: Get a Memory. + operationId: aiplatform.projects.locations.reasoningEngines.memories.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59657,7 +74973,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Memory' parameters: - in: path name: projectsId @@ -59670,27 +74986,18 @@ paths: schema: type: string - in: path - name: studiesId - required: true - schema: - type: string - - in: path - name: trialsId + name: reasoningEnginesId required: true schema: type: string - in: path - name: operationsId + name: memoriesId required: true schema: type: string delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.studies.trials.operations.delete + description: Delete a Memory. + operationId: aiplatform.projects.locations.reasoningEngines.memories.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59702,7 +75009,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -59715,34 +75022,26 @@ paths: schema: type: string - in: path - name: studiesId - required: true - schema: - type: string - - in: path - name: trialsId + name: reasoningEnginesId required: true schema: type: string - in: path - name: operationsId + name: memoriesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/memories/{memoriesId}:rollback: parameters: *ref_1 post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.studies.trials.operations.cancel + description: Rollback Memory to a specific revision. + operationId: aiplatform.projects.locations.reasoningEngines.memories.rollback + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RollbackMemoryRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59754,7 +75053,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -59767,34 +75066,26 @@ paths: schema: type: string - in: path - name: studiesId - required: true - schema: - type: string - - in: path - name: trialsId + name: reasoningEnginesId required: true schema: type: string - in: path - name: operationsId + name: memoriesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/studies/{studiesId}/trials/{trialsId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/memories:retrieve: parameters: *ref_1 post: - description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.studies.trials.operations.wait + description: Retrieve memories. + operationId: aiplatform.projects.locations.reasoningEngines.memories.retrieve + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RetrieveMemoriesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59806,7 +75097,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1RetrieveMemoriesResponse parameters: - in: path name: projectsId @@ -59819,35 +75111,59 @@ paths: schema: type: string - in: path - name: studiesId + name: reasoningEnginesId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/memories:generate: + parameters: *ref_1 + post: + description: Generate memories. + operationId: aiplatform.projects.locations.reasoningEngines.memories.generate + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1GenerateMemoriesRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: - in: path - name: trialsId + name: projectsId required: true schema: type: string - in: path - name: operationsId + name: locationsId required: true schema: type: string - - in: query - name: timeout + - in: path + name: reasoningEnginesId + required: true schema: type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora: + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/memories: parameters: *ref_1 post: - description: Creates a RagCorpus. - operationId: aiplatform.projects.locations.ragCorpora.create + description: Create a Memory. + operationId: aiplatform.projects.locations.reasoningEngines.memories.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagCorpus' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Memory' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59871,9 +75187,14 @@ paths: required: true schema: type: string + - in: path + name: reasoningEnginesId + required: true + schema: + type: string get: - description: Lists RagCorpora in a Location. - operationId: aiplatform.projects.locations.ragCorpora.list + description: List Memories. + operationId: aiplatform.projects.locations.reasoningEngines.memories.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59886,7 +75207,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListRagCorporaResponse + #/components/schemas/GoogleCloudAiplatformV1ListMemoriesResponse parameters: - in: path name: projectsId @@ -59898,25 +75219,38 @@ paths: required: true schema: type: string + - in: path + name: reasoningEnginesId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: orderBy + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}: + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/memories:purge: parameters: *ref_1 - patch: - description: Updates a RagCorpus. - operationId: aiplatform.projects.locations.ragCorpora.patch + post: + description: Purge memories. + operationId: aiplatform.projects.locations.reasoningEngines.memories.purge requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagCorpus' + $ref: '#/components/schemas/GoogleCloudAiplatformV1PurgeMemoriesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59941,13 +75275,15 @@ paths: schema: type: string - in: path - name: ragCorporaId + name: reasoningEnginesId required: true schema: type: string - get: - description: Gets a RagCorpus. - operationId: aiplatform.projects.locations.ragCorpora.get + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/sessions/{sessionsId}: + parameters: *ref_1 + delete: + description: Deletes details of the specific Session. + operationId: aiplatform.projects.locations.reasoningEngines.sessions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59959,7 +75295,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagCorpus' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -59972,13 +75308,18 @@ paths: schema: type: string - in: path - name: ragCorporaId + name: reasoningEnginesId required: true schema: type: string - delete: - description: Deletes a RagCorpus. - operationId: aiplatform.projects.locations.ragCorpora.delete + - in: path + name: sessionsId + required: true + schema: + type: string + get: + description: Gets details of the specific Session. + operationId: aiplatform.projects.locations.reasoningEngines.sessions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -59990,7 +75331,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Session' parameters: - in: path name: projectsId @@ -60003,21 +75344,23 @@ paths: schema: type: string - in: path - name: ragCorporaId + name: reasoningEnginesId required: true schema: type: string - - in: query - name: force + - in: path + name: sessionsId + required: true schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.ragCorpora.operations.list + type: string + patch: + description: Updates the specific Session. + operationId: aiplatform.projects.locations.reasoningEngines.sessions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Session' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60029,7 +75372,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleCloudAiplatformV1Session' parameters: - in: path name: projectsId @@ -60042,31 +75385,30 @@ paths: schema: type: string - in: path - name: ragCorporaId + name: reasoningEnginesId required: true schema: type: string - - in: query - name: filter + - in: path + name: sessionsId + required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/operations/{operationsId}: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/sessions: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: aiplatform.projects.locations.ragCorpora.operations.get + post: + description: Creates a new Session. + operationId: aiplatform.projects.locations.reasoningEngines.sessions.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1Session' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60091,22 +75433,69 @@ paths: schema: type: string - in: path - name: ragCorporaId + name: reasoningEnginesId + required: true + schema: + type: string + get: + description: Lists Sessions in a given reasoning engine. + operationId: aiplatform.projects.locations.reasoningEngines.sessions.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1ListSessionsResponse + parameters: + - in: path + name: projectsId required: true schema: type: string - in: path - name: operationsId + name: locationsId + required: true + schema: + type: string + - in: path + name: reasoningEnginesId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.ragCorpora.operations.delete + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/sessions/{sessionsId}:appendEvent: + parameters: *ref_1 + post: + description: Appends an event to a given session. + operationId: aiplatform.projects.locations.reasoningEngines.sessions.appendEvent + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1SessionEvent' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60118,7 +75507,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1AppendEventResponse parameters: - in: path name: projectsId @@ -60131,29 +75521,29 @@ paths: schema: type: string - in: path - name: ragCorporaId + name: reasoningEnginesId required: true schema: type: string - in: path - name: operationsId + name: sessionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/sessions/{sessionsId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.ragCorpora.operations.cancel + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.projects.locations.reasoningEngines.sessions.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60165,7 +75555,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -60178,7 +75568,12 @@ paths: schema: type: string - in: path - name: ragCorporaId + name: reasoningEnginesId + required: true + schema: + type: string + - in: path + name: sessionsId required: true schema: type: string @@ -60187,20 +75582,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/operations/{operationsId}:wait: + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/sessions/{sessionsId}/operations/{operationsId}: parameters: *ref_1 - post: + delete: description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: aiplatform.projects.locations.ragCorpora.operations.wait + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: >- + aiplatform.projects.locations.reasoningEngines.sessions.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60212,7 +75608,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -60225,31 +75621,26 @@ paths: schema: type: string - in: path - name: ragCorporaId + name: reasoningEnginesId required: true schema: type: string - in: path - name: operationsId + name: sessionsId required: true schema: type: string - - in: query - name: timeout + - in: path + name: operationsId + required: true schema: type: string - format: google-duration - /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/ragFiles:import: - parameters: *ref_1 - post: - description: Import files from Google Cloud Storage or Google Drive into a RagCorpus. - operationId: aiplatform.projects.locations.ragCorpora.ragFiles.import - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ImportRagFilesRequest + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.projects.locations.reasoningEngines.sessions.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60274,15 +75665,35 @@ paths: schema: type: string - in: path - name: ragCorporaId + name: reasoningEnginesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/ragFiles/{ragFilesId}: + - in: path + name: sessionsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/sessions/{sessionsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: - description: Gets a RagFile. - operationId: aiplatform.projects.locations.ragCorpora.ragFiles.get + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: >- + aiplatform.projects.locations.reasoningEngines.sessions.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60294,7 +75705,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1RagFile' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -60307,18 +75718,27 @@ paths: schema: type: string - in: path - name: ragCorporaId + name: reasoningEnginesId required: true schema: type: string - in: path - name: ragFilesId + name: sessionsId required: true schema: type: string - delete: - description: Deletes a RagFile. - operationId: aiplatform.projects.locations.ragCorpora.ragFiles.delete + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/sessions/{sessionsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.projects.locations.reasoningEngines.sessions.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60330,7 +75750,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -60343,24 +75763,37 @@ paths: schema: type: string - in: path - name: ragCorporaId + name: reasoningEnginesId required: true schema: type: string - in: path - name: ragFilesId + name: sessionsId required: true schema: type: string - in: query - name: forceDelete + name: returnPartialSuccess schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/ragFiles: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/sessions/{sessionsId}/events: parameters: *ref_1 get: - description: Lists RagFiles in a RagCorpus. - operationId: aiplatform.projects.locations.ragCorpora.ragFiles.list + description: Lists Events in a given session. + operationId: aiplatform.projects.locations.reasoningEngines.sessions.events.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60372,8 +75805,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListRagFilesResponse + $ref: '#/components/schemas/GoogleCloudAiplatformV1ListEventsResponse' parameters: - in: path name: projectsId @@ -60386,26 +75818,39 @@ paths: schema: type: string - in: path - name: ragCorporaId + name: reasoningEnginesId required: true schema: type: string + - in: path + name: sessionsId + required: true + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/ragFiles/{ragFilesId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/operations: parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.ragCorpora.ragFiles.operations.list + operationId: aiplatform.projects.locations.reasoningEngines.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60430,36 +75875,35 @@ paths: schema: type: string - in: path - name: ragCorporaId - required: true - schema: - type: string - - in: path - name: ragFilesId + name: reasoningEnginesId required: true schema: type: string - in: query - name: filter + name: returnPartialSuccess schema: - type: string + type: boolean - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: filter + schema: + type: string - in: query name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/ragFiles/{ragFilesId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/operations/{operationsId}: parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: aiplatform.projects.locations.ragCorpora.ragFiles.operations.get + operationId: aiplatform.projects.locations.reasoningEngines.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60484,12 +75928,7 @@ paths: schema: type: string - in: path - name: ragCorporaId - required: true - schema: - type: string - - in: path - name: ragFilesId + name: reasoningEnginesId required: true schema: type: string @@ -60504,7 +75943,7 @@ paths: is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. - operationId: aiplatform.projects.locations.ragCorpora.ragFiles.operations.delete + operationId: aiplatform.projects.locations.reasoningEngines.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60529,12 +75968,7 @@ paths: schema: type: string - in: path - name: ragCorporaId - required: true - schema: - type: string - - in: path - name: ragFilesId + name: reasoningEnginesId required: true schema: type: string @@ -60543,7 +75977,7 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/ragFiles/{ragFilesId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- @@ -60556,7 +75990,7 @@ paths: cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - operationId: aiplatform.projects.locations.ragCorpora.ragFiles.operations.cancel + operationId: aiplatform.projects.locations.reasoningEngines.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60581,12 +76015,7 @@ paths: schema: type: string - in: path - name: ragCorporaId - required: true - schema: - type: string - - in: path - name: ragFilesId + name: reasoningEnginesId required: true schema: type: string @@ -60595,7 +76024,7 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/ragFiles/{ragFilesId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/reasoningEngines/{reasoningEnginesId}/operations/{operationsId}:wait: parameters: *ref_1 post: description: >- @@ -60608,7 +76037,7 @@ paths: best-effort basis. It may return the latest state before the specified timeout (including immediately), meaning even an immediate response is no guarantee that the operation is done. - operationId: aiplatform.projects.locations.ragCorpora.ragFiles.operations.wait + operationId: aiplatform.projects.locations.reasoningEngines.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60633,12 +76062,7 @@ paths: schema: type: string - in: path - name: ragCorporaId - required: true - schema: - type: string - - in: path - name: ragFilesId + name: reasoningEnginesId required: true schema: type: string @@ -60652,18 +76076,16 @@ paths: schema: type: string format: google-duration - /v1/batchPredictionJobs: + /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/ragFiles:upload: parameters: *ref_1 post: - description: >- - Creates a BatchPredictionJob. A BatchPredictionJob once created will - right away be attempted to start. - operationId: aiplatform.batchPredictionJobs.create + description: Upload a file into a RagCorpus. + operationId: aiplatform.media.upload requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1BatchPredictionJob' + $ref: '#/components/schemas/GoogleCloudAiplatformV1UploadRagFileRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60675,15 +76097,29 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1BatchPredictionJob' + $ref: >- + #/components/schemas/GoogleCloudAiplatformV1UploadRagFileResponse parameters: - - in: query - name: parent + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: ragCorporaId + required: true schema: type: string + /v1/reasoningEngines: + parameters: *ref_1 get: - description: Lists BatchPredictionJobs in a Location. - operationId: aiplatform.batchPredictionJobs.list + description: Lists reasoning engines in a location. + operationId: aiplatform.reasoningEngines.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60696,14 +76132,10 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListBatchPredictionJobsResponse + #/components/schemas/GoogleCloudAiplatformV1ListReasoningEnginesResponse parameters: - in: query - name: parent - schema: - type: string - - in: query - name: filter + name: pageToken schema: type: string - in: query @@ -60712,19 +76144,21 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query - name: readMask + name: parent schema: type: string - format: google-fieldmask - /v1/batchPredictionJobs/{batchPredictionJobsId}: - parameters: *ref_1 - get: - description: Gets a BatchPredictionJob - operationId: aiplatform.batchPredictionJobs.get + post: + description: Creates a reasoning engine. + operationId: aiplatform.reasoningEngines.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAiplatformV1ReasoningEngine' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60736,65 +76170,73 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1BatchPredictionJob' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - - in: path - name: batchPredictionJobsId - required: true + - in: query + name: parent schema: type: string - /v1/endpoints/{endpointsId}:predict: + /v1/reasoningEngines/{reasoningEnginesId}: parameters: *ref_1 - post: - description: Perform an online prediction. - operationId: aiplatform.endpoints.predict - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictRequest' + delete: + description: Deletes a reasoning engine. + operationId: aiplatform.reasoningEngines.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: reasoningEnginesId + required: true + schema: + type: string + - in: query + name: force + schema: + type: boolean + get: + description: Gets a reasoning engine. + operationId: aiplatform.reasoningEngines.get + security: - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only + - https://www.googleapis.com/auth/cloud-platform Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictResponse' + $ref: '#/components/schemas/GoogleCloudAiplatformV1ReasoningEngine' parameters: - in: path - name: endpointsId + name: reasoningEnginesId required: true schema: type: string - /v1/endpoints/{endpointsId}:predictLongRunning: - parameters: *ref_1 - post: - description: '' - operationId: aiplatform.endpoints.predictLongRunning + patch: + description: Updates a reasoning engine. + operationId: aiplatform.reasoningEngines.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PredictLongRunningRequest + $ref: '#/components/schemas/GoogleCloudAiplatformV1ReasoningEngine' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response @@ -60804,63 +76246,60 @@ paths: $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: endpointsId + name: reasoningEnginesId required: true schema: type: string - /v1/endpoints/{endpointsId}:fetchPredictOperation: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/reasoningEngines/{reasoningEnginesId}:streamQuery: parameters: *ref_1 post: - description: Fetch an asynchronous online prediction operation. - operationId: aiplatform.endpoints.fetchPredictOperation + description: Streams queries using a reasoning engine. + operationId: aiplatform.reasoningEngines.streamQuery requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FetchPredictOperationRequest + #/components/schemas/GoogleCloudAiplatformV1StreamQueryReasoningEngineRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path - name: endpointsId + name: reasoningEnginesId required: true schema: type: string - /v1/endpoints/{endpointsId}:generateContent: + /v1/reasoningEngines/{reasoningEnginesId}:query: parameters: *ref_1 post: - description: Generate content with multimodal inputs. - operationId: aiplatform.endpoints.generateContent + description: Queries using a reasoning engine. + operationId: aiplatform.reasoningEngines.query requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentRequest + #/components/schemas/GoogleCloudAiplatformV1QueryReasoningEngineRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response @@ -60868,57 +76307,74 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponse + #/components/schemas/GoogleCloudAiplatformV1QueryReasoningEngineResponse parameters: - in: path - name: endpointsId + name: reasoningEnginesId required: true schema: type: string - /v1/endpoints/{endpointsId}:streamGenerateContent: + /v1/reasoningEngines/{reasoningEnginesId}/sessions/{sessionsId}/operations: parameters: *ref_1 - post: - description: Generate content with multimodal inputs with streaming support. - operationId: aiplatform.endpoints.streamGenerateContent - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentRequest + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.reasoningEngines.sessions.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path - name: endpointsId + name: reasoningEnginesId required: true schema: type: string - /v1/endpoints/{endpointsId}:countTokens: + - in: path + name: sessionsId + required: true + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1/reasoningEngines/{reasoningEnginesId}/sessions/{sessionsId}/operations/{operationsId}:wait: parameters: *ref_1 post: - description: Perform a token counting. - operationId: aiplatform.endpoints.countTokens - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CountTokensRequest' + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.reasoningEngines.sessions.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60930,24 +76386,42 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CountTokensResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: endpointsId + name: reasoningEnginesId required: true schema: type: string - /v1/endpoints/{endpointsId}:computeTokens: + - in: path + name: sessionsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/reasoningEngines/{reasoningEnginesId}/sessions/{sessionsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: - description: Return a list of tokens based on the input text. - operationId: aiplatform.endpoints.computeTokens - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ComputeTokensRequest' + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.reasoningEngines.sessions.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -60959,103 +76433,107 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ComputeTokensResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path - name: endpointsId + name: reasoningEnginesId + required: true + schema: + type: string + - in: path + name: sessionsId + required: true + schema: + type: string + - in: path + name: operationsId required: true schema: type: string - /v1/endpoints/{endpointsId}/chat/completions: + /v1/reasoningEngines/{reasoningEnginesId}/sessions/{sessionsId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Exposes an OpenAI-compatible endpoint for chat completions. - operationId: aiplatform.endpoints.chat.completions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.reasoningEngines.sessions.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: endpointsId + name: reasoningEnginesId required: true schema: type: string - /v1/publishers/{publishersId}/models/{modelsId}:predict: - parameters: *ref_1 - post: - description: Perform an online prediction. - operationId: aiplatform.publishers.models.predict - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictRequest' + - in: path + name: sessionsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.reasoningEngines.sessions.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PredictResponse' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path - name: publishersId + name: reasoningEnginesId required: true schema: type: string - in: path - name: modelsId + name: sessionsId required: true schema: type: string - /v1/publishers/{publishersId}/models/{modelsId}:predictLongRunning: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/reasoningEngines/{reasoningEnginesId}/memories/{memoriesId}/operations/{operationsId}: parameters: *ref_1 - post: - description: '' - operationId: aiplatform.publishers.models.predictLongRunning - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1PredictLongRunningRequest + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.reasoningEngines.memories.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response @@ -61065,141 +76543,158 @@ paths: $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: publishersId + name: reasoningEnginesId required: true schema: type: string - in: path - name: modelsId + name: memoriesId required: true schema: type: string - /v1/publishers/{publishersId}/models/{modelsId}:fetchPredictOperation: - parameters: *ref_1 - post: - description: Fetch an asynchronous online prediction operation. - operationId: aiplatform.publishers.models.fetchPredictOperation - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1FetchPredictOperationRequest + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.reasoningEngines.memories.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path - name: publishersId + name: reasoningEnginesId required: true schema: type: string - in: path - name: modelsId + name: memoriesId required: true schema: type: string - /v1/publishers/{publishersId}/models/{modelsId}:generateContent: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/reasoningEngines/{reasoningEnginesId}/memories/{memoriesId}/operations/{operationsId}:cancel: parameters: *ref_1 post: - description: Generate content with multimodal inputs. - operationId: aiplatform.publishers.models.generateContent - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentRequest + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.reasoningEngines.memories.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path - name: publishersId + name: reasoningEnginesId required: true schema: type: string - in: path - name: modelsId + name: memoriesId required: true schema: type: string - /v1/publishers/{publishersId}/models/{modelsId}:streamGenerateContent: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/reasoningEngines/{reasoningEnginesId}/memories/{memoriesId}/operations: parameters: *ref_1 - post: - description: Generate content with multimodal inputs with streaming support. - operationId: aiplatform.publishers.models.streamGenerateContent - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentRequest + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.reasoningEngines.memories.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1GenerateContentResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path - name: publishersId + name: reasoningEnginesId required: true schema: type: string - in: path - name: modelsId + name: memoriesId required: true schema: type: string - /v1/publishers/{publishersId}/models/{modelsId}:countTokens: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/reasoningEngines/{reasoningEnginesId}/memories/{memoriesId}/operations/{operationsId}:wait: parameters: *ref_1 post: - description: Perform a token counting. - operationId: aiplatform.publishers.models.countTokens - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1CountTokensRequest' + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.reasoningEngines.memories.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -61211,29 +76706,37 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1CountTokensResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: publishersId + name: reasoningEnginesId required: true schema: type: string - in: path - name: modelsId + name: memoriesId required: true schema: type: string - /v1/publishers/{publishersId}/models/{modelsId}:computeTokens: + - in: path + name: operationsId + required: true + schema: + type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/reasoningEngines/{reasoningEnginesId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Return a list of tokens based on the input text. - operationId: aiplatform.publishers.models.computeTokens - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ComputeTokensRequest' + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.reasoningEngines.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -61245,24 +76748,24 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ComputeTokensResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path - name: publishersId + name: reasoningEnginesId required: true schema: type: string - in: path - name: modelsId + name: operationsId required: true schema: type: string - /v1/publishers/{publishersId}/models/{modelsId}: - parameters: *ref_1 get: - description: Gets a Model Garden publisher model. - operationId: aiplatform.publishers.models.get + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.reasoningEngines.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -61274,45 +76777,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1PublisherModel' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: publishersId + name: reasoningEnginesId required: true schema: type: string - in: path - name: modelsId + name: operationsId required: true schema: type: string - - in: query - name: languageCode - schema: - type: string - - in: query - name: view - schema: - type: string - - in: query - name: isHuggingFaceModel - schema: - type: boolean - - in: query - name: huggingFaceToken - schema: - type: string - /v1/reasoningEngines/{reasoningEnginesId}:query: + /v1/reasoningEngines/{reasoningEnginesId}/operations/{operationsId}:cancel: parameters: *ref_1 post: - description: Queries using a reasoning engine. - operationId: aiplatform.reasoningEngines.query - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QueryReasoningEngineRequest + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.reasoningEngines.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -61324,25 +76814,25 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1QueryReasoningEngineResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: reasoningEnginesId required: true schema: type: string - /v1/reasoningEngines/{reasoningEnginesId}:streamQuery: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/reasoningEngines/{reasoningEnginesId}/operations: parameters: *ref_1 - post: - description: Streams queries using a reasoning engine. - operationId: aiplatform.reasoningEngines.streamQuery - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1StreamQueryReasoningEngineRequest + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.reasoningEngines.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -61354,23 +76844,44 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: reasoningEnginesId required: true schema: type: string - /v1/reasoningEngines: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1/reasoningEngines/{reasoningEnginesId}/operations/{operationsId}:wait: parameters: *ref_1 post: - description: Creates a reasoning engine. - operationId: aiplatform.reasoningEngines.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ReasoningEngine' + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.reasoningEngines.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -61384,13 +76895,29 @@ paths: schema: $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: + - in: path + name: reasoningEnginesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string - in: query - name: parent + name: timeout schema: type: string + format: google-duration + /v1/persistentResources/{persistentResourcesId}/operations/{operationsId}: + parameters: *ref_1 get: - description: Lists reasoning engines in a location. - operationId: aiplatform.reasoningEngines.list + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: aiplatform.persistentResources.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -61402,31 +76929,25 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1ListReasoningEnginesResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - - in: query - name: parent - schema: - type: string - - in: query - name: filter + - in: path + name: persistentResourcesId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string - /v1/reasoningEngines/{reasoningEnginesId}: - parameters: *ref_1 - get: - description: Gets a reasoning engine. - operationId: aiplatform.reasoningEngines.get + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: aiplatform.persistentResources.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -61438,21 +76959,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ReasoningEngine' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path - name: reasoningEnginesId + name: persistentResourcesId required: true schema: type: string - patch: - description: Updates a reasoning engine. - operationId: aiplatform.reasoningEngines.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1ReasoningEngine' + - in: path + name: operationsId + required: true + schema: + type: string + /v1/persistentResources/{persistentResourcesId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: aiplatform.persistentResources.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -61464,21 +76989,44 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path - name: reasoningEnginesId + name: persistentResourcesId required: true schema: type: string - in: query - name: updateMask + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - format: google-fieldmask - delete: - description: Deletes a reasoning engine. - operationId: aiplatform.reasoningEngines.delete + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + /v1/persistentResources/{persistentResourcesId}/operations/{operationsId}:wait: + parameters: *ref_1 + post: + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: aiplatform.persistentResources.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -61493,24 +77041,34 @@ paths: $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: reasoningEnginesId + name: persistentResourcesId + required: true + schema: + type: string + - in: path + name: operationsId required: true schema: type: string - in: query - name: force + name: timeout schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/ragCorpora/{ragCorporaId}/ragFiles:upload: + type: string + format: google-duration + /v1/persistentResources/{persistentResourcesId}/operations/{operationsId}:cancel: parameters: *ref_1 post: - description: Upload a file into a RagCorpus. - operationId: aiplatform.media.upload - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAiplatformV1UploadRagFileRequest' + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: aiplatform.persistentResources.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -61522,21 +77080,15 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAiplatformV1UploadRagFileResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId + name: persistentResourcesId required: true schema: type: string - in: path - name: ragCorporaId + name: operationsId required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/airquality.yaml b/providers/src/googleapis.com/v00.00.00000/services/airquality.yaml index 32410cfc..ae3f1308 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/airquality.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/airquality.yaml @@ -7,8 +7,8 @@ info: title: Air Quality API description: The Air Quality API. version: v1 - x-discovery-doc-revision: '20250826' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251208' + x-generated-date: '2025-12-10' externalDocs: url: https://developers.google.com/maps/documentation/air-quality servers: @@ -34,233 +34,7 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - LookupCurrentConditionsRequest: - id: LookupCurrentConditionsRequest - description: The request definition of the air quality current conditions. - type: object - properties: - location: - description: >- - Required. The longitude and latitude from which the API looks for - air quality current conditions data. - $ref: '#/components/schemas/LatLng' - universalAqi: - description: >- - Optional. If set to true, the Universal AQI will be included in the - 'indexes' field of the response. Default value is true. - type: boolean - extraComputations: - description: >- - Optional. Additional features that can be optionally enabled. - Specifying extra computations will result in the relevant elements - and fields to be returned in the response. - type: array - items: - type: string - enumDescriptions: - - >- - The default value. The server ignores it if it is passed as a - parameter. - - >- - Determines whether to include the local (national) AQI of the - requested location (country) in the response. If specified, the - response will contain an 'air_quality_index' data structure with - all the relevant data on the location's local AQI. - - >- - Determines whether the response will include the health advice - and recommended actions for the current AQI conditions. The - recommendations are tailored for the general population and six - populations at risk groups with greater sensitivities to - pollutants than the general population. If specified, the - `health_recommendations` field will be populated in the response - when the relevant data is available. - - >- - Determines whether to include in the response the additional - information of each pollutant. If specified, each air quality - index object contained in the 'indexes' field response will - include an `additional_info` field when the data is available. - - >- - Determines whether the response would include the concentrations - of the dominant pollutants measured according to global and/or - local indexes. If the request specified both the global AQI and - the local AQI, there may be up to two pollutant codes returned. - If specified, the dominant pollutant object contained in the - 'pollutants' list will include a `concentration` field when the - data is available. - - >- - Determines whether the response would include the concentrations - of all pollutants with available measurements according to - global and/or local indexes. If specified, each pollutant object - contained in the 'pollutants' field in the response will include - a `concentration` field when the data is available. - enum: - - EXTRA_COMPUTATION_UNSPECIFIED - - LOCAL_AQI - - HEALTH_RECOMMENDATIONS - - POLLUTANT_ADDITIONAL_INFO - - DOMINANT_POLLUTANT_CONCENTRATION - - POLLUTANT_CONCENTRATION - languageCode: - description: >- - Optional. Allows the client to choose the language for the response. - If data cannot be provided for that language the API uses the - closest match. Allowed values rely on the IETF standard. Default - value is en. - type: string - uaqiColorPalette: - description: >- - Optional. Determines the color palette used for data provided by the - 'Universal Air Quality Index' (UAQI). This color palette is relevant - just for UAQI, other AQIs have a predetermined color palette that - can't be controlled. - type: string - enumDescriptions: - - The default value. Ignored if passed as a parameter. - - Determines whether to use a red/green palette. - - Determines whether to use a indigo/persian palette (dark theme). - - Determines whether to use a indigo/persian palette (light theme). - enum: - - COLOR_PALETTE_UNSPECIFIED - - RED_GREEN - - INDIGO_PERSIAN_DARK - - INDIGO_PERSIAN_LIGHT - customLocalAqis: - description: >- - Optional. Expresses a 'country/region to AQI' relationship. Pairs a - country/region with a desired AQI so that air quality data that is - required for that country/region will be displayed according to the - chosen AQI. This parameter can be used to specify a non-default AQI - for a given country, for example, to get the US EPA index for Canada - rather than the default index for Canada. - type: array - items: - $ref: '#/components/schemas/CustomLocalAqi' - LatLng: - id: LatLng - description: >- - An object that represents a latitude/longitude pair. This is expressed - as a pair of doubles to represent degrees latitude and degrees - longitude. Unless specified otherwise, this object must conform to the - WGS84 standard. Values must be within normalized ranges. - type: object - properties: - latitude: - description: The latitude in degrees. It must be in the range [-90.0, +90.0]. - type: number - format: double - longitude: - description: The longitude in degrees. It must be in the range [-180.0, +180.0]. - type: number - format: double - CustomLocalAqi: - id: CustomLocalAqi - description: >- - Expresses a 'country/region to AQI' relationship. Pairs a country/region - with a desired AQI so that air quality data that is required for that - country/region will be displayed according to the chosen AQI. - type: object - properties: - regionCode: - description: >- - The country/region requiring the custom AQI. Value should be - provided using [ISO 3166-1 - alpha-2](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) code. - type: string - aqi: - description: >- - The AQI to associate the country/region with. Value should be a - [valid index](/maps/documentation/air-quality/laqis) code. - type: string - LookupCurrentConditionsResponse: - id: LookupCurrentConditionsResponse - type: object - properties: - dateTime: - description: >- - A rounded down timestamp in RFC3339 UTC "Zulu" format, with - nanosecond resolution and up to nine fractional digits. For example: - "2014-10-02T15:00:00Z". - type: string - format: google-datetime - regionCode: - description: >- - The ISO_3166-1 alpha-2 code of the country/region corresponding to - the location provided in the request. This field might be omitted - from the response if the location provided in the request resides in - a disputed territory. - type: string - indexes: - description: >- - Based on the request parameters, this list will include (up to) two - air quality indexes: - Universal AQI. Will be returned if the - universalAqi boolean is set to true. - Local AQI. Will be returned - if the LOCAL_AQI extra computation is specified. - type: array - items: - $ref: '#/components/schemas/AirQualityIndex' - pollutants: - description: >- - A list of pollutants affecting the location specified in the - request. Note: This field will be returned only for requests that - specified one or more of the following extra computations: - POLLUTANT_ADDITIONAL_INFO, DOMINANT_POLLUTANT_CONCENTRATION, - POLLUTANT_CONCENTRATION. - type: array - items: - $ref: '#/components/schemas/Pollutant' - healthRecommendations: - description: >- - Health advice and recommended actions related to the reported air - quality conditions. Recommendations are tailored differently for - populations at risk, groups with greater sensitivities to - pollutants, and the general population. - $ref: '#/components/schemas/HealthRecommendations' - AirQualityIndex: - id: AirQualityIndex - description: >- - The basic object for representing different air quality metrics. When - brought together, these metrics provide a snapshot about the current air - quality conditions. There are multiple indexes in the world serving - different purposes and groups interested in measuring different aspects - of air quality. - type: object - properties: - code: - description: >- - The index's code. This field represents the index for programming - purposes by using snake case instead of spaces. Examples: "uaqi", - "fra_atmo". - type: string - displayName: - description: >- - A human readable representation of the index name. Example: "AQI - (US)" - type: string - aqi: - description: ' The index''s numeric score. Examples: 10, 100. The value is not normalized and should only be interpreted in the context of its related air-quality index. For non-numeric indexes, this field will not be returned. Note: This field should be used for calculations, graph display, etc. For displaying the index score, you should use the AQI display field.' - type: integer - format: int32 - aqiDisplay: - description: >- - Textual representation of the index numeric score, that may include - prefix or suffix symbols, which usually represents the worst index - score. Example: >100 or 10+. Note: This field should be used when - you want to display the index score. For non-numeric indexes, this - field is empty. - type: string - color: - description: The color used to represent the AQI numeric score. - $ref: '#/components/schemas/Color' - category: - description: >- - Textual classification of the index numeric score interpretation. - For example: "Excellent air quality". - type: string - dominantPollutant: - description: 'The chemical symbol of the dominant pollutant. For example: "CO".' - type: string Color: - id: Color description: >- Represents a color in the RGBA color space. This representation is designed for simplicity of conversion to and from color representations @@ -312,21 +86,10 @@ components: resultBuilder = ['#']; for (var i = 0; i < missingZeros; i++) { resultBuilder.push('0'); } resultBuilder.push(hexString); return resultBuilder.join(''); }; // ... - type: object properties: - red: - description: The amount of red in the color as a value in the interval [0, 1]. - type: number - format: float - green: - description: The amount of green in the color as a value in the interval [0, 1]. - type: number + alpha: format: float - blue: - description: The amount of blue in the color as a value in the interval [0, 1]. type: number - format: float - alpha: description: >- The fraction of this color that should be applied to the pixel. That is, the final pixel color is defined by the equation: `pixel color = @@ -338,156 +101,131 @@ components: being unset. If omitted, this color object is rendered as a solid color (as if the alpha value had been explicitly given a value of 1.0). + blue: type: number format: float - Pollutant: - id: Pollutant - description: Data regarding an air quality pollutant. + description: The amount of blue in the color as a value in the interval [0, 1]. + green: + type: number + format: float + description: The amount of green in the color as a value in the interval [0, 1]. + red: + type: number + description: The amount of red in the color as a value in the interval [0, 1]. + format: float type: object + id: Color + HealthRecommendations: + id: HealthRecommendations properties: - code: - description: >- - The pollutant's code name (for example, "so2"). For a list of - supported pollutant codes, see [Reported - pollutants](/maps/documentation/air-quality/pollutants#reported_pollutants). - type: string - displayName: - description: 'The pollutant''s display name. For example: "NOx".' - type: string - fullName: - description: >- - The pollutant's full name. For chemical compounds, this is the IUPAC - name. Example: "Sulfur Dioxide". For more information about the - IUPAC names table, see - https://iupac.org/what-we-do/periodic-table-of-elements/. + lungDiseasePopulation: + description: Respiratory related problems and asthma suffers. type: string - concentration: - description: >- - The pollutant's concentration level measured by one of the standard - air pollutation measure units. - $ref: '#/components/schemas/Concentration' - additionalInfo: - description: Additional information about the pollutant. - $ref: '#/components/schemas/AdditionalInfo' - Concentration: - id: Concentration - description: The concentration of a given pollutant in the air. - type: object - properties: - value: - description: Value of the pollutant concentration. - type: number - format: float - units: - description: Units for measuring this pollutant concentration. + elderly: type: string - enumDescriptions: - - Unspecified concentration unit. - - The ppb (parts per billion) concentration unit. - - The "µg/m^3" (micrograms per cubic meter) concentration unit. - enum: - - UNIT_UNSPECIFIED - - PARTS_PER_BILLION - - MICROGRAMS_PER_CUBIC_METER - AdditionalInfo: - id: AdditionalInfo - description: The emission sources and health effects of a given pollutant. - type: object - properties: - sources: - description: Text representing the pollutant's main emission sources. + description: Retirees and people older than the general population. + athletes: + description: Sports and other strenuous outdoor activities. type: string - effects: - description: Text representing the pollutant's main health effects. + children: + description: Younger populations including children, toddlers, and babies. type: string - HealthRecommendations: - id: HealthRecommendations - description: >- - Health recommendations for different population groups in a free text - format. The recommendations are derived from their associated air - quality conditions. - type: object - properties: generalPopulation: - description: No specific sensitivities. - type: string - elderly: - description: Retirees and people older than the general population. - type: string - lungDiseasePopulation: - description: Respiratory related problems and asthma suffers. type: string + description: No specific sensitivities. heartDiseasePopulation: description: Heart and circulatory system diseases. type: string - athletes: - description: Sports and other strenuous outdoor activities. - type: string pregnantWomen: description: Women at all stages of pregnancy. type: string - children: - description: Younger populations including children, toddlers, and babies. - type: string - LookupHistoryRequest: - id: LookupHistoryRequest - description: The request object of the air quality history API. + description: >- + Health recommendations for different population groups in a free text + format. The recommendations are derived from their associated air + quality conditions. type: object + LookupForecastRequest: + id: LookupForecastRequest + description: The request object of the air quality forecast API. properties: + period: + description: >- + Indicates the start and end period for which to get the forecast + data. The timestamp is rounded to the previous exact hour. + $ref: '#/components/schemas/Interval' pageSize: + format: int32 + type: integer description: >- Optional. The maximum number of hourly info records to return per - page. The default is 72 and the max value is 168 (7 days of data). - type: integer - format: int32 - pageToken: + page (default = 24). + universalAqi: description: >- - Optional. A page token received from a previous history call. It is - used to retrieve the subsequent page. Note that when providing a - value for this parameter all other parameters provided must match - the call that provided the page token (the previous call). + Optional. If set to true, the Universal AQI will be included in the + 'indexes' field of the response (default = true). + type: boolean + uaqiColorPalette: type: string - location: + enumDescriptions: + - The default value. Ignored if passed as a parameter. + - Determines whether to use a red/green palette. + - Determines whether to use a indigo/persian palette (dark theme). + - Determines whether to use a indigo/persian palette (light theme). + enum: + - COLOR_PALETTE_UNSPECIFIED + - RED_GREEN + - INDIGO_PERSIAN_DARK + - INDIGO_PERSIAN_LIGHT description: >- - Required. The latitude and longitude for which the API looks for air - quality history data. - $ref: '#/components/schemas/LatLng' + Optional. Determines the color palette used for data provided by the + 'Universal Air Quality Index' (UAQI). This color palette is relevant + just for UAQI, other AQIs have a predetermined color palette that + can't be controlled. dateTime: + format: google-datetime description: >- - A timestamp for which to return historical data. The timestamp is - rounded to the previous exact hour. Note: this will return hourly - data for the requested timestamp only (i.e. a single hourly info - element). For example, a request sent where the dateTime parameter - is set to 2023-01-03T11:05:49Z will be rounded down to - 2023-01-03T11:00:00Z. A timestamp in RFC3339 UTC "Zulu" format, with - nanosecond resolution and up to nine fractional digits. Examples: - "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". + A timestamp for which to return the data for a specific point in + time. The timestamp is rounded to the previous exact hour. Note: + this will return hourly data for the requested timestamp only (i.e. + a single hourly info element). For example, a request sent where the + date_time parameter is set to 2023-01-03T11:05:49Z will be rounded + down to 2023-01-03T11:00:00Z. type: string - format: google-datetime - hours: + customLocalAqis: + items: + $ref: '#/components/schemas/CustomLocalAqi' + type: array description: >- - Number from 1 to 720 that indicates the hours range for the request. - For example: A value of 48 will yield data from the last 48 hours. - type: integer - format: int32 - period: + Optional. Expresses a 'country/region to AQI' relationship. Pairs a + country/region with a desired AQI so that air quality data that is + required for that country/region will be displayed according to the + chosen AQI. This parameter can be used to specify a non-default AQI + for a given country, for example, to get the US EPA index for Canada + rather than the default index for Canada. + languageCode: + type: string description: >- - Indicates the start and end period for which to get the historical - data. The timestamp is rounded to the previous exact hour. - $ref: '#/components/schemas/Interval' - universalAqi: + Optional. Allows the client to choose the language for the response. + If data cannot be provided for that language the API uses the + closest match. Allowed values rely on the IETF standard (default = + 'en'). + pageToken: + type: string description: >- - Optional. If set to true, the Universal AQI will be included in the - 'indexes' field of the response. Default value is true. - type: boolean + Optional. A page token received from a previous forecast call. It is + used to retrieve the subsequent page. + location: + description: >- + Required. The latitude and longitude for which the API looks for air + quality data. + $ref: '#/components/schemas/LatLng' extraComputations: + type: array description: >- Optional. Additional features that can be optionally enabled. Specifying extra computations will result in the relevant elements and fields to be returned in the response. - type: array items: - type: string enumDescriptions: - >- The default value. The server ignores it if it is passed as a @@ -531,119 +269,73 @@ components: - POLLUTANT_ADDITIONAL_INFO - DOMINANT_POLLUTANT_CONCENTRATION - POLLUTANT_CONCENTRATION - languageCode: - description: >- - Optional. Allows the client to choose the language for the response. - If data cannot be provided for that language the API uses the - closest match. Allowed values rely on the IETF standard. Default - value is en. - type: string - uaqiColorPalette: - description: >- - Optional. Determines the color palette used for data provided by the - 'Universal Air Quality Index' (UAQI). This color palette is relevant - just for UAQI, other AQIs have a predetermined color palette that - can't be controlled. + type: string + type: object + Concentration: + description: The concentration of a given pollutant in the air. + id: Concentration + properties: + units: type: string - enumDescriptions: - - The default value. Ignored if passed as a parameter. - - Determines whether to use a red/green palette. - - Determines whether to use a indigo/persian palette (dark theme). - - Determines whether to use a indigo/persian palette (light theme). enum: - - COLOR_PALETTE_UNSPECIFIED - - RED_GREEN - - INDIGO_PERSIAN_DARK - - INDIGO_PERSIAN_LIGHT - customLocalAqis: - description: >- - Optional. Expresses a 'country/region to AQI' relationship. Pairs a - country/region with a desired AQI so that air quality data that is - required for that country/region will be displayed according to the - chosen AQI. This parameter can be used to specify a non-default AQI - for a given country, for example, to get the US EPA index for Canada - rather than the default index for Canada. - type: array - items: - $ref: '#/components/schemas/CustomLocalAqi' - Interval: - id: Interval - description: >- - Represents a time interval, encoded as a Timestamp start (inclusive) and - a Timestamp end (exclusive). The start must be less than or equal to the - end. When the start equals the end, the interval is empty (matches no - time). When both start and end are unspecified, the interval matches any - time. + - UNIT_UNSPECIFIED + - PARTS_PER_BILLION + - MICROGRAMS_PER_CUBIC_METER + description: Units for measuring this pollutant concentration. + enumDescriptions: + - Unspecified concentration unit. + - The ppb (parts per billion) concentration unit. + - The "µg/m^3" (micrograms per cubic meter) concentration unit. + value: + description: Value of the pollutant concentration. + type: number + format: float type: object + CustomLocalAqi: + id: CustomLocalAqi properties: - startTime: + aqi: description: >- - Optional. Inclusive start of the interval. If specified, a Timestamp - matching this interval will have to be the same or after the start. + The AQI to associate the country/region with. Value should be a + [valid index](/maps/documentation/air-quality/laqis) code. type: string - format: google-datetime - endTime: - description: >- - Optional. Exclusive end of the interval. If specified, a Timestamp - matching this interval will have to be before the end. - type: string - format: google-datetime - LookupHistoryResponse: - id: LookupHistoryResponse - type: object - properties: - hoursInfo: - description: >- - Optional. Contains the air quality information for each hour in the - requested range. For example, if the request is for 48 hours of - history there will be 48 elements of hourly info. - type: array - items: - $ref: '#/components/schemas/HourInfo' regionCode: description: >- - Optional. The ISO_3166-1 alpha-2 code of the country/region - corresponding to the location provided in the request. This field - might be omitted from the response if the location provided in the - request resides in a disputed territory. - type: string - nextPageToken: - description: Optional. The token to retrieve the next page. + The country/region requiring the custom AQI. Value should be + provided using [ISO 3166-1 + alpha-2](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) code. type: string + type: object + description: >- + Expresses a 'country/region to AQI' relationship. Pairs a country/region + with a desired AQI so that air quality data that is required for that + country/region will be displayed according to the chosen AQI. HourInfo: id: HourInfo description: >- Contains the air quality information for each hour in the requested range. For example, if the request is for 48 hours of history there will be 48 elements of hourly info. - type: object properties: - dateTime: - description: >- - A rounded down timestamp indicating the time the data refers to in - RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine - fractional digits. For example: "2014-10-02T15:00:00Z". - type: string - format: google-datetime indexes: + items: + $ref: '#/components/schemas/AirQualityIndex' + type: array description: >- Based on the request parameters, this list will include (up to) two air quality indexes: - Universal AQI. Will be returned if the universalAqi boolean is set to true. - Local AQI. Will be returned if the LOCAL_AQI extra computation is specified. + pollutants: type: array items: - $ref: '#/components/schemas/AirQualityIndex' - pollutants: + $ref: '#/components/schemas/Pollutant' description: >- A list of pollutants affecting the location specified in the request. Note: This field will be returned only for requests that specified one or more of the following extra computations: POLLUTANT_ADDITIONAL_INFO, DOMINANT_POLLUTANT_CONCENTRATION, POLLUTANT_CONCENTRATION. - type: array - items: - $ref: '#/components/schemas/Pollutant' healthRecommendations: description: >- Health advice and recommended actions related to the reported air @@ -651,44 +343,184 @@ components: populations at risk, groups with greater sensitivities to pollutants, and the general population. $ref: '#/components/schemas/HealthRecommendations' - LookupForecastRequest: - id: LookupForecastRequest - description: The request object of the air quality forecast API. + dateTime: + type: string + format: google-datetime + description: >- + A rounded down timestamp indicating the time the data refers to in + RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine + fractional digits. For example: "2014-10-02T15:00:00Z". + type: object + Pollutant: + id: Pollutant + type: object + description: Data regarding an air quality pollutant. + properties: + concentration: + $ref: '#/components/schemas/Concentration' + description: >- + The pollutant's concentration level measured by one of the standard + air pollutation measure units. + fullName: + description: >- + The pollutant's full name. For chemical compounds, this is the IUPAC + name. Example: "Sulfur Dioxide". For more information about the + IUPAC names table, see + https://iupac.org/what-we-do/periodic-table-of-elements/. + type: string + additionalInfo: + $ref: '#/components/schemas/AdditionalInfo' + description: Additional information about the pollutant. + code: + type: string + description: >- + The pollutant's code name (for example, "so2"). For a list of + supported pollutant codes, see [Reported + pollutants](/maps/documentation/air-quality/pollutants#reported_pollutants). + displayName: + description: 'The pollutant''s display name. For example: "NOx".' + type: string + HttpBody: type: object + id: HttpBody properties: - location: + data: + format: byte + type: string + description: The HTTP request/response body as raw binary. + contentType: description: >- - Required. The latitude and longitude for which the API looks for air - quality data. - $ref: '#/components/schemas/LatLng' - dateTime: + The HTTP Content-Type header value specifying the content type of + the body. + type: string + extensions: description: >- - A timestamp for which to return the data for a specific point in - time. The timestamp is rounded to the previous exact hour. Note: - this will return hourly data for the requested timestamp only (i.e. - a single hourly info element). For example, a request sent where the - date_time parameter is set to 2023-01-03T11:05:49Z will be rounded - down to 2023-01-03T11:00:00Z. + Application specific response metadata. Must be set in the first + response for streaming APIs. + type: array + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + description: >- + Message that represents an arbitrary HTTP body. It should only be used + for payload formats that can't be represented as JSON, such as raw + binary or an HTML page. This message can be used both in streaming and + non-streaming API methods in the request as well as the response. It can + be used as a top-level request field, which is convenient if one wants + to extract parameters from either the URL or HTTP template into the + request fields and also want access to the raw HTTP body. Example: + message GetResourceRequest { // A unique request id. string request_id = + 1; // The raw HTTP body is bound to this field. google.api.HttpBody + http_body = 2; } service ResourceService { rpc + GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc + UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } + Example with streaming methods: service CaldavService { rpc + GetCalendar(stream google.api.HttpBody) returns (stream + google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) + returns (stream google.api.HttpBody); } Use of this type only changes + how the request and response bodies are handled, all other features will + continue to work unchanged. + AdditionalInfo: + id: AdditionalInfo + type: object + properties: + sources: + description: Text representing the pollutant's main emission sources. + type: string + effects: + description: Text representing the pollutant's main health effects. + type: string + description: The emission sources and health effects of a given pollutant. + HourlyForecast: + type: object + properties: + indexes: + description: >- + Based on the request parameters, this list will include (up to) two + air quality indexes: - Universal AQI. Will be returned if the + `universal_aqi` boolean is set to true. - Local AQI. Will be + returned if the LOCAL_AQI extra computation is specified. + type: array + items: + $ref: '#/components/schemas/AirQualityIndex' + dateTime: type: string format: google-datetime - period: description: >- - Indicates the start and end period for which to get the forecast - data. The timestamp is rounded to the previous exact hour. - $ref: '#/components/schemas/Interval' + A rounded down timestamp indicating the time (hour) the data refers + to in RFC3339 UTC "Zulu" format. For example: + "2014-10-02T15:00:00Z". + healthRecommendations: + $ref: '#/components/schemas/HealthRecommendations' + description: >- + Health advice and recommended actions related to the reported air + quality conditions. Recommendations are tailored differently for + populations at risk, groups with greater sensitivities to + pollutants, and the general population. + pollutants: + items: + $ref: '#/components/schemas/Pollutant' + type: array + description: >- + A list of pollutants affecting the location specified in the + request. Note: This field will be returned only for requests that + specified one or more of the following extra computations: + POLLUTANT_ADDITIONAL_INFO, DOMINANT_POLLUTANT_CONCENTRATION, + POLLUTANT_CONCENTRATION. + id: HourlyForecast + description: >- + Contains the air quality information for each hour in the requested + range. For example, if the request is for 48 hours of forecast there + will be 48 elements of hourly forecasts. + LookupCurrentConditionsRequest: + type: object + properties: + languageCode: + description: >- + Optional. Allows the client to choose the language for the response. + If data cannot be provided for that language the API uses the + closest match. Allowed values rely on the IETF standard. Default + value is en. + type: string + location: + $ref: '#/components/schemas/LatLng' + description: >- + Required. The longitude and latitude from which the API looks for + air quality current conditions data. universalAqi: + type: boolean description: >- Optional. If set to true, the Universal AQI will be included in the - 'indexes' field of the response (default = true). - type: boolean - extraComputations: + 'indexes' field of the response. Default value is true. + uaqiColorPalette: description: >- - Optional. Additional features that can be optionally enabled. - Specifying extra computations will result in the relevant elements - and fields to be returned in the response. + Optional. Determines the color palette used for data provided by the + 'Universal Air Quality Index' (UAQI). This color palette is relevant + just for UAQI, other AQIs have a predetermined color palette that + can't be controlled. + type: string + enumDescriptions: + - The default value. Ignored if passed as a parameter. + - Determines whether to use a red/green palette. + - Determines whether to use a indigo/persian palette (dark theme). + - Determines whether to use a indigo/persian palette (light theme). + enum: + - COLOR_PALETTE_UNSPECIFIED + - RED_GREEN + - INDIGO_PERSIAN_DARK + - INDIGO_PERSIAN_LIGHT + extraComputations: type: array items: - type: string + enum: + - EXTRA_COMPUTATION_UNSPECIFIED + - LOCAL_AQI + - HEALTH_RECOMMENDATIONS + - POLLUTANT_ADDITIONAL_INFO + - DOMINANT_POLLUTANT_CONCENTRATION + - POLLUTANT_CONCENTRATION enumDescriptions: - >- The default value. The server ignores it if it is passed as a @@ -725,38 +557,15 @@ components: global and/or local indexes. If specified, each pollutant object contained in the 'pollutants' field in the response will include a `concentration` field when the data is available. - enum: - - EXTRA_COMPUTATION_UNSPECIFIED - - LOCAL_AQI - - HEALTH_RECOMMENDATIONS - - POLLUTANT_ADDITIONAL_INFO - - DOMINANT_POLLUTANT_CONCENTRATION - - POLLUTANT_CONCENTRATION - languageCode: - description: >- - Optional. Allows the client to choose the language for the response. - If data cannot be provided for that language the API uses the - closest match. Allowed values rely on the IETF standard (default = - 'en'). - type: string - uaqiColorPalette: + type: string description: >- - Optional. Determines the color palette used for data provided by the - 'Universal Air Quality Index' (UAQI). This color palette is relevant - just for UAQI, other AQIs have a predetermined color palette that - can't be controlled. - type: string - enumDescriptions: - - The default value. Ignored if passed as a parameter. - - Determines whether to use a red/green palette. - - Determines whether to use a indigo/persian palette (dark theme). - - Determines whether to use a indigo/persian palette (light theme). - enum: - - COLOR_PALETTE_UNSPECIFIED - - RED_GREEN - - INDIGO_PERSIAN_DARK - - INDIGO_PERSIAN_LIGHT + Optional. Additional features that can be optionally enabled. + Specifying extra computations will result in the relevant elements + and fields to be returned in the response. customLocalAqis: + type: array + items: + $ref: '#/components/schemas/CustomLocalAqi' description: >- Optional. Expresses a 'country/region to AQI' relationship. Pairs a country/region with a desired AQI so that air quality data that is @@ -764,131 +573,343 @@ components: chosen AQI. This parameter can be used to specify a non-default AQI for a given country, for example, to get the US EPA index for Canada rather than the default index for Canada. + description: The request definition of the air quality current conditions. + id: LookupCurrentConditionsRequest + LookupCurrentConditionsResponse: + type: object + properties: + regionCode: + description: >- + The ISO_3166-1 alpha-2 code of the country/region corresponding to + the location provided in the request. This field might be omitted + from the response if the location provided in the request resides in + a disputed territory. + type: string + pollutants: + items: + $ref: '#/components/schemas/Pollutant' type: array + description: >- + A list of pollutants affecting the location specified in the + request. Note: This field will be returned only for requests that + specified one or more of the following extra computations: + POLLUTANT_ADDITIONAL_INFO, DOMINANT_POLLUTANT_CONCENTRATION, + POLLUTANT_CONCENTRATION. + healthRecommendations: + description: >- + Health advice and recommended actions related to the reported air + quality conditions. Recommendations are tailored differently for + populations at risk, groups with greater sensitivities to + pollutants, and the general population. + $ref: '#/components/schemas/HealthRecommendations' + dateTime: + description: >- + A rounded down timestamp in RFC3339 UTC "Zulu" format, with + nanosecond resolution and up to nine fractional digits. For example: + "2014-10-02T15:00:00Z". + format: google-datetime + type: string + indexes: items: - $ref: '#/components/schemas/CustomLocalAqi' - pageSize: + $ref: '#/components/schemas/AirQualityIndex' + type: array description: >- - Optional. The maximum number of hourly info records to return per - page (default = 24). + Based on the request parameters, this list will include (up to) two + air quality indexes: - Universal AQI. Will be returned if the + universalAqi boolean is set to true. - Local AQI. Will be returned + if the LOCAL_AQI extra computation is specified. + id: LookupCurrentConditionsResponse + Interval: + id: Interval + type: object + properties: + startTime: + type: string + description: >- + Optional. Inclusive start of the interval. If specified, a Timestamp + matching this interval will have to be the same or after the start. + format: google-datetime + endTime: + description: >- + Optional. Exclusive end of the interval. If specified, a Timestamp + matching this interval will have to be before the end. + format: google-datetime + type: string + description: >- + Represents a time interval, encoded as a Timestamp start (inclusive) and + a Timestamp end (exclusive). The start must be less than or equal to the + end. When the start equals the end, the interval is empty (matches no + time). When both start and end are unspecified, the interval matches any + time. + LookupHistoryResponse: + id: LookupHistoryResponse + properties: + regionCode: + type: string + description: >- + Optional. The ISO_3166-1 alpha-2 code of the country/region + corresponding to the location provided in the request. This field + might be omitted from the response if the location provided in the + request resides in a disputed territory. + hoursInfo: + type: array + items: + $ref: '#/components/schemas/HourInfo' + description: >- + Optional. Contains the air quality information for each hour in the + requested range. For example, if the request is for 48 hours of + history there will be 48 elements of hourly info. + nextPageToken: + type: string + description: Optional. The token to retrieve the next page. + type: object + AirQualityIndex: + properties: + color: + $ref: '#/components/schemas/Color' + description: The color used to represent the AQI numeric score. + displayName: + type: string + description: >- + A human readable representation of the index name. Example: "AQI + (US)" + code: + type: string + description: >- + The index's code. This field represents the index for programming + purposes by using snake case instead of spaces. Examples: "uaqi", + "fra_atmo". + aqiDisplay: + type: string + description: >- + Textual representation of the index numeric score, that may include + prefix or suffix symbols, which usually represents the worst index + score. Example: >100 or 10+. Note: This field should be used when + you want to display the index score. For non-numeric indexes, this + field is empty. + category: + type: string + description: >- + Textual classification of the index numeric score interpretation. + For example: "Excellent air quality". + aqi: type: integer + description: ' The index''s numeric score. Examples: 10, 100. The value is not normalized and should only be interpreted in the context of its related air-quality index. For non-numeric indexes, this field will not be returned. Note: This field should be used for calculations, graph display, etc. For displaying the index score, you should use the AQI display field.' format: int32 - pageToken: - description: >- - Optional. A page token received from a previous forecast call. It is - used to retrieve the subsequent page. + dominantPollutant: + description: 'The chemical symbol of the dominant pollutant. For example: "CO".' type: string - LookupForecastResponse: - id: LookupForecastResponse - description: The response object of the air quality forecast API. + id: AirQualityIndex + description: >- + The basic object for representing different air quality metrics. When + brought together, these metrics provide a snapshot about the current air + quality conditions. There are multiple indexes in the world serving + different purposes and groups interested in measuring different aspects + of air quality. type: object + LatLng: + description: >- + An object that represents a latitude/longitude pair. This is expressed + as a pair of doubles to represent degrees latitude and degrees + longitude. Unless specified otherwise, this object must conform to the + WGS84 standard. Values must be within normalized ranges. + id: LatLng + properties: + latitude: + type: number + format: double + description: The latitude in degrees. It must be in the range [-90.0, +90.0]. + longitude: + type: number + format: double + description: The longitude in degrees. It must be in the range [-180.0, +180.0]. + type: object + LookupForecastResponse: properties: hourlyForecasts: + type: array + items: + $ref: '#/components/schemas/HourlyForecast' description: >- Optional. Contains the air quality information for each hour in the requested range. For example, if the request is for 48 hours of forecast there will be 48 elements of hourly forecasts. - type: array - items: - $ref: '#/components/schemas/HourlyForecast' regionCode: + type: string description: >- Optional. The ISO_3166-1 alpha-2 code of the country/region corresponding to the location provided in the request. This field might be omitted from the response if the location provided in the request resides in a disputed territory. - type: string nextPageToken: - description: Optional. The token to retrieve the next page. type: string - HourlyForecast: - id: HourlyForecast - description: >- - Contains the air quality information for each hour in the requested - range. For example, if the request is for 48 hours of forecast there - will be 48 elements of hourly forecasts. + description: Optional. The token to retrieve the next page. type: object + description: The response object of the air quality forecast API. + id: LookupForecastResponse + LookupHistoryRequest: + id: LookupHistoryRequest + description: The request object of the air quality history API. properties: - dateTime: + period: description: >- - A rounded down timestamp indicating the time (hour) the data refers - to in RFC3339 UTC "Zulu" format. For example: - "2014-10-02T15:00:00Z". + Indicates the start and end period for which to get the historical + data. The timestamp is rounded to the previous exact hour. + $ref: '#/components/schemas/Interval' + uaqiColorPalette: + enum: + - COLOR_PALETTE_UNSPECIFIED + - RED_GREEN + - INDIGO_PERSIAN_DARK + - INDIGO_PERSIAN_LIGHT + enumDescriptions: + - The default value. Ignored if passed as a parameter. + - Determines whether to use a red/green palette. + - Determines whether to use a indigo/persian palette (dark theme). + - Determines whether to use a indigo/persian palette (light theme). + description: >- + Optional. Determines the color palette used for data provided by the + 'Universal Air Quality Index' (UAQI). This color palette is relevant + just for UAQI, other AQIs have a predetermined color palette that + can't be controlled. type: string + hours: + type: integer + description: >- + Number from 1 to 720 that indicates the hours range for the request. + For example: A value of 48 will yield data from the last 48 hours. + format: int32 + pageToken: + description: >- + Optional. A page token received from a previous history call. It is + used to retrieve the subsequent page. Note that when providing a + value for this parameter all other parameters provided must match + the call that provided the page token (the previous call). + type: string + location: + $ref: '#/components/schemas/LatLng' + description: >- + Required. The latitude and longitude for which the API looks for air + quality history data. + dateTime: + description: >- + A timestamp for which to return historical data. The timestamp is + rounded to the previous exact hour. Note: this will return hourly + data for the requested timestamp only (i.e. a single hourly info + element). For example, a request sent where the dateTime parameter + is set to 2023-01-03T11:05:49Z will be rounded down to + 2023-01-03T11:00:00Z. A timestamp in RFC3339 UTC "Zulu" format, with + nanosecond resolution and up to nine fractional digits. Examples: + "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". format: google-datetime - indexes: + type: string + languageCode: description: >- - Based on the request parameters, this list will include (up to) two - air quality indexes: - Universal AQI. Will be returned if the - `universal_aqi` boolean is set to true. - Local AQI. Will be - returned if the LOCAL_AQI extra computation is specified. + Optional. Allows the client to choose the language for the response. + If data cannot be provided for that language the API uses the + closest match. Allowed values rely on the IETF standard. Default + value is en. + type: string + extraComputations: + items: + enumDescriptions: + - >- + The default value. The server ignores it if it is passed as a + parameter. + - >- + Determines whether to include the local (national) AQI of the + requested location (country) in the response. If specified, the + response will contain an 'air_quality_index' data structure with + all the relevant data on the location's local AQI. + - >- + Determines whether the response will include the health advice + and recommended actions for the current AQI conditions. The + recommendations are tailored for the general population and six + populations at risk groups with greater sensitivities to + pollutants than the general population. If specified, the + `health_recommendations` field will be populated in the response + when the relevant data is available. + - >- + Determines whether to include in the response the additional + information of each pollutant. If specified, each air quality + index object contained in the 'indexes' field response will + include an `additional_info` field when the data is available. + - >- + Determines whether the response would include the concentrations + of the dominant pollutants measured according to global and/or + local indexes. If the request specified both the global AQI and + the local AQI, there may be up to two pollutant codes returned. + If specified, the dominant pollutant object contained in the + 'pollutants' list will include a `concentration` field when the + data is available. + - >- + Determines whether the response would include the concentrations + of all pollutants with available measurements according to + global and/or local indexes. If specified, each pollutant object + contained in the 'pollutants' field in the response will include + a `concentration` field when the data is available. + type: string + enum: + - EXTRA_COMPUTATION_UNSPECIFIED + - LOCAL_AQI + - HEALTH_RECOMMENDATIONS + - POLLUTANT_ADDITIONAL_INFO + - DOMINANT_POLLUTANT_CONCENTRATION + - POLLUTANT_CONCENTRATION type: array - items: - $ref: '#/components/schemas/AirQualityIndex' - pollutants: description: >- - A list of pollutants affecting the location specified in the - request. Note: This field will be returned only for requests that - specified one or more of the following extra computations: - POLLUTANT_ADDITIONAL_INFO, DOMINANT_POLLUTANT_CONCENTRATION, - POLLUTANT_CONCENTRATION. - type: array + Optional. Additional features that can be optionally enabled. + Specifying extra computations will result in the relevant elements + and fields to be returned in the response. + customLocalAqis: items: - $ref: '#/components/schemas/Pollutant' - healthRecommendations: + $ref: '#/components/schemas/CustomLocalAqi' description: >- - Health advice and recommended actions related to the reported air - quality conditions. Recommendations are tailored differently for - populations at risk, groups with greater sensitivities to - pollutants, and the general population. - $ref: '#/components/schemas/HealthRecommendations' - HttpBody: - id: HttpBody - description: >- - Message that represents an arbitrary HTTP body. It should only be used - for payload formats that can't be represented as JSON, such as raw - binary or an HTML page. This message can be used both in streaming and - non-streaming API methods in the request as well as the response. It can - be used as a top-level request field, which is convenient if one wants - to extract parameters from either the URL or HTTP template into the - request fields and also want access to the raw HTTP body. Example: - message GetResourceRequest { // A unique request id. string request_id = - 1; // The raw HTTP body is bound to this field. google.api.HttpBody - http_body = 2; } service ResourceService { rpc - GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc - UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } - Example with streaming methods: service CaldavService { rpc - GetCalendar(stream google.api.HttpBody) returns (stream - google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) - returns (stream google.api.HttpBody); } Use of this type only changes - how the request and response bodies are handled, all other features will - continue to work unchanged. - type: object - properties: - contentType: + Optional. Expresses a 'country/region to AQI' relationship. Pairs a + country/region with a desired AQI so that air quality data that is + required for that country/region will be displayed according to the + chosen AQI. This parameter can be used to specify a non-default AQI + for a given country, for example, to get the US EPA index for Canada + rather than the default index for Canada. + type: array + universalAqi: + type: boolean description: >- - The HTTP Content-Type header value specifying the content type of - the body. - type: string - data: - description: The HTTP request/response body as raw binary. - type: string - format: byte - extensions: + Optional. If set to true, the Universal AQI will be included in the + 'indexes' field of the response. Default value is true. + pageSize: + format: int32 description: >- - Application specific response metadata. Must be set in the first - response for streaming APIs. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + Optional. The maximum number of hourly info records to return per + page. The default is 72 and the max value is 168 (7 days of data). + type: integer + type: object parameters: - access_token: - description: OAuth access token. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: access_token + name: key + schema: + type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + callback: + description: JSONP + in: query + name: callback + schema: + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol schema: type: string alt: @@ -901,39 +922,27 @@ components: - json - media - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + _.xgafv: + description: V1 error format. in: query - name: key + name: $.xgafv schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + enum: + - '1' + - '2' + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: oauth_token + name: uploadType schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -943,36 +952,27 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + access_token: + description: OAuth access token. in: query - name: uploadType + name: access_token schema: type: string - _.xgafv: - description: V1 error format. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: $.xgafv + name: prettyPrint schema: - type: string - enum: - - '1' - - '2' + type: boolean x-stackQL-resources: - current_conditions: - id: google.airquality.current_conditions - name: current_conditions - title: Current_conditions + forecast: + id: google.airquality.forecast + name: forecast + title: Forecast methods: lookup: operation: - $ref: '#/paths/~1v1~1currentConditions:lookup/post' + $ref: '#/paths/~1v1~1forecast:lookup/post' response: mediaType: application/json openAPIDocKey: '200' @@ -982,14 +982,14 @@ components: update: [] replace: [] delete: [] - history: - id: google.airquality.history - name: history - title: History + current_conditions: + id: google.airquality.current_conditions + name: current_conditions + title: Current_conditions methods: lookup: operation: - $ref: '#/paths/~1v1~1history:lookup/post' + $ref: '#/paths/~1v1~1currentConditions:lookup/post' response: mediaType: application/json openAPIDocKey: '200' @@ -999,14 +999,14 @@ components: update: [] replace: [] delete: [] - forecast: - id: google.airquality.forecast - name: forecast - title: Forecast + history: + id: google.airquality.history + name: history + title: History methods: lookup: operation: - $ref: '#/paths/~1v1~1forecast:lookup/post' + $ref: '#/paths/~1v1~1history:lookup/post' response: mediaType: application/json openAPIDocKey: '200' @@ -1035,31 +1035,29 @@ components: replace: [] delete: [] paths: - /v1/currentConditions:lookup: + /v1/forecast:lookup: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/prettyPrint' post: description: >- - The Current Conditions endpoint provides hourly air quality information - in more than 100 countries, up to a 500 x 500 meters resolution. - Includes over 70 local indexes and global air quality index and - categories. - operationId: airquality.currentConditions.lookup + Returns air quality forecast for a specific location for a given time + range. + operationId: airquality.forecast.lookup requestBody: content: application/json: schema: - $ref: '#/components/schemas/LookupCurrentConditionsRequest' + $ref: '#/components/schemas/LookupForecastRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1071,20 +1069,22 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LookupCurrentConditionsResponse' + $ref: '#/components/schemas/LookupForecastResponse' parameters: [] - /v1/history:lookup: + /v1/currentConditions:lookup: parameters: *ref_1 post: description: >- - Returns air quality history for a specific location for a given time - range. - operationId: airquality.history.lookup + The Current Conditions endpoint provides hourly air quality information + in more than 100 countries, up to a 500 x 500 meters resolution. + Includes over 70 local indexes and global air quality index and + categories. + operationId: airquality.currentConditions.lookup requestBody: content: application/json: schema: - $ref: '#/components/schemas/LookupHistoryRequest' + $ref: '#/components/schemas/LookupCurrentConditionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1096,20 +1096,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LookupHistoryResponse' + $ref: '#/components/schemas/LookupCurrentConditionsResponse' parameters: [] - /v1/forecast:lookup: + /v1/history:lookup: parameters: *ref_1 post: description: >- - Returns air quality forecast for a specific location for a given time + Returns air quality history for a specific location for a given time range. - operationId: airquality.forecast.lookup + operationId: airquality.history.lookup requestBody: content: application/json: schema: - $ref: '#/components/schemas/LookupForecastRequest' + $ref: '#/components/schemas/LookupHistoryRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1121,7 +1121,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LookupForecastResponse' + $ref: '#/components/schemas/LookupHistoryResponse' parameters: [] /v1/mapTypes/{mapType}/heatmapTiles/{zoom}/{x}/{y}: parameters: *ref_1 diff --git a/providers/src/googleapis.com/v00.00.00000/services/alloydb.yaml b/providers/src/googleapis.com/v00.00.00000/services/alloydb.yaml index a3ac0949..6e32d055 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/alloydb.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/alloydb.yaml @@ -18,8 +18,8 @@ info: resources; scale existing PostgreSQL workloads with no application changes; and modernize legacy proprietary databases. version: v1 - x-discovery-doc-revision: '20250807' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251106' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/alloydb/ servers: @@ -60,6 +60,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -207,6 +216,23 @@ components: description: Output only. Cluster created from CloudSQL snapshot. readOnly: true $ref: '#/components/schemas/CloudSQLBackupRunSource' + backupdrBackupSource: + description: Output only. Cluster created from a BackupDR backup. + readOnly: true + $ref: '#/components/schemas/BackupDrBackupSource' + maintenanceVersionSelectionPolicy: + description: >- + Input only. Policy to use to automatically select the maintenance + version to which to update the cluster's instances. + type: string + enumDescriptions: + - The maintenance version selection policy is not specified. + - Use the latest available maintenance version. + - Use the current default maintenance version. + enum: + - MAINTENANCE_VERSION_SELECTION_POLICY_UNSPECIFIED + - MAINTENANCE_VERSION_SELECTION_POLICY_LATEST + - MAINTENANCE_VERSION_SELECTION_POLICY_DEFAULT name: description: >- Output only. The name of the cluster resource with the format: * @@ -315,18 +341,21 @@ components: - The database version is Postgres 14. - The database version is Postgres 15. - The database version is Postgres 16. + - The database version is Postgres 17. enumDeprecated: - false - true - false - false - false + - false enum: - DATABASE_VERSION_UNSPECIFIED - POSTGRES_13 - POSTGRES_14 - POSTGRES_15 - POSTGRES_16 + - POSTGRES_17 networkConfig: $ref: '#/components/schemas/NetworkConfig' network: @@ -450,6 +479,15 @@ components: type: object additionalProperties: type: string + backupdrInfo: + description: >- + Output only. Output only information about BackupDR protection for + this cluster. + readOnly: true + $ref: '#/components/schemas/BackupDrInfo' + dataplexConfig: + description: Optional. Configuration for Dataplex integration. + $ref: '#/components/schemas/DataplexConfig' BackupSource: id: BackupSource description: Message describing a BackupSource. @@ -496,6 +534,16 @@ components: enum: - MIGRATION_SOURCE_TYPE_UNSPECIFIED - DMS + BackupDrBackupSource: + id: BackupDrBackupSource + description: Message describing a BackupDrBackupSource. + type: object + properties: + backup: + description: >- + Required. The name of the backup resource with the format: * + projects/{project}/locations/{location}/backupVaults/{backupvault_id}/dataSources/{datasource_id}/backups/{backup_id} + type: string NetworkConfig: id: NetworkConfig description: Metadata related to network configuration. @@ -1052,6 +1100,93 @@ components: description: grace end time of the cluster. type: string format: google-datetime + BackupDrInfo: + id: BackupDrInfo + description: Information about BackupDR protection for this cluster. + type: object + properties: + currentWindow: + description: >- + The current BackupDR configuration for this cluster. If BackupDR + protection is not enabled for this cluster, this field will be + empty. + $ref: '#/components/schemas/BackupDrEnabledWindow' + previousWindows: + description: >- + Windows during which BackupDR was enabled for this cluster, along + with associated configuration for that window. These are used to + determine points-in-time for which restores can be performed. The + windows are ordered with the most recent window last. Windows are + mutally exclusive. Windows which closed more than 1 year ago will be + removed from this list. + type: array + items: + $ref: '#/components/schemas/BackupDrEnabledWindow' + BackupDrEnabledWindow: + id: BackupDrEnabledWindow + description: >- + Information about a single window when BackupDR was enabled for this + cluster. + type: object + properties: + enabledTime: + description: Time when the BackupDR protection for this cluster was enabled. + type: string + format: google-datetime + disabledTime: + description: >- + Time when the BackupDR protection for this cluster was disabled. + This field will be empty if this BackupDR window is the + `current_window`. + type: string + format: google-datetime + backupPlanAssociation: + description: >- + The BackupPlanAssociation resource that was used to enable BackupDR + protection for this cluster. + type: string + dataSource: + description: The DataSource resource that represents the cluster in BackupDR. + type: string + continuousBackupPreviouslyEnabled: + description: >- + Whether continuous backup was previously enabled prior to enabling + BackupDR protection for this cluster. + type: boolean + continuousBackupPreviouslyEnabledTime: + description: >- + The time when continuous backup was previously enabled prior to + enabling BackupDR protection for this cluster. + type: string + format: google-datetime + continuousBackupPreviousRecoveryWindowDays: + description: >- + The retention set for the continuous backup that was previously + enabled prior to enabling BackupDR protection for this cluster. + type: integer + format: int32 + automatedBackupPreviouslyEnabled: + description: >- + Whether automated backup was previously enabled prior to enabling + BackupDR protection for this cluster. + type: boolean + logRetentionPeriod: + description: >- + The retention period for logs generated by BackupDR for this + cluster. + type: string + format: google-duration + DataplexConfig: + id: DataplexConfig + description: Configuration for Dataplex integration. + type: object + properties: + enabled: + description: >- + Dataplex is enabled by default for resources such as clusters and + instances. This flag controls the integration of AlloyDB PG + resources (like databases, schemas, and tables) with Dataplex." + type: boolean ListClustersResponse: id: ListClustersResponse description: Message for response to listing Clusters @@ -1240,18 +1375,21 @@ components: - The database version is Postgres 14. - The database version is Postgres 15. - The database version is Postgres 16. + - The database version is Postgres 17. enumDeprecated: - false - true - false - false - false + - false enum: - DATABASE_VERSION_UNSPECIFIED - POSTGRES_13 - POSTGRES_14 - POSTGRES_15 - POSTGRES_16 + - POSTGRES_17 requestId: description: >- Optional. An optional request ID to identify requests. Specify a @@ -1352,6 +1490,12 @@ components: ContinuousBackup source. Continuous backup needs to be enabled in the source cluster for this operation to succeed. $ref: '#/components/schemas/ContinuousBackupSource' + backupdrBackupSource: + description: BackupDR backup source. + $ref: '#/components/schemas/BackupDrBackupSource' + backupdrPitrSource: + description: BackupDR source used for point in time recovery. + $ref: '#/components/schemas/BackupDrPitrSource' clusterId: description: Required. ID of the requesting object. type: string @@ -1394,6 +1538,20 @@ components: description: Required. The point in time to restore to. type: string format: google-datetime + BackupDrPitrSource: + id: BackupDrPitrSource + description: Message describing a BackupDrPitrSource. + type: object + properties: + dataSource: + description: >- + Required. The name of the backup resource with the format: * + projects/{project}/locations/{location}/backupVaults/{backupvault_id}/dataSources/{datasource_id} + type: string + pointInTime: + description: Required. The point in time to restore to. + type: string + format: google-datetime ListInstancesResponse: id: ListInstancesResponse description: Message for response to listing Instances @@ -1481,10 +1639,8 @@ components: would tried to be auto-repaired. And Customers should be able to restart, update or delete these instances. - >- - Index 7 is used in the producer apis for ROLLED_BACK state. - Keeping that index unused in case that state also needs to exposed - via consumer apis in future. The instance has been configured to - sync data from some other source. + The instance has been configured to sync data from some other + source. - The instance is being promoted. enum: - STATE_UNSPECIFIED @@ -1662,6 +1818,16 @@ components: - ACTIVATION_POLICY_UNSPECIFIED - ALWAYS - NEVER + connectionPoolConfig: + description: Optional. The configuration for Managed Connection Pool (MCP). + $ref: '#/components/schemas/ConnectionPoolConfig' + maintenanceVersionName: + description: >- + Output only. Maintenance version of the instance, for example: + POSTGRES_15.2025_07_15.04_00. Output only. Update this field via the + parent cluster's maintenance_version field(s). + readOnly: true + type: string MachineConfig: id: MachineConfig description: MachineConfig describes the configuration of a machine. @@ -1961,6 +2127,24 @@ components: cidrRange: description: CIDR range for one authorzied network of the instance. type: string + ConnectionPoolConfig: + id: ConnectionPoolConfig + description: Configuration for Managed Connection Pool (MCP). + type: object + properties: + enabled: + description: Optional. Whether to enable Managed Connection Pool (MCP). + type: boolean + flags: + description: 'Optional. Connection Pool flags, as a list of "key": "value" pairs.' + type: object + additionalProperties: + type: string + poolerCount: + description: Output only. The number of running poolers per instance. + readOnly: true + type: integer + format: int32 FailoverInstanceRequest: id: FailoverInstanceRequest description: Message for triggering failover on an Instance @@ -2244,18 +2428,21 @@ components: - The database version is Postgres 14. - The database version is Postgres 15. - The database version is Postgres 16. + - The database version is Postgres 17. enumDeprecated: - false - true - false - false - false + - false enum: - DATABASE_VERSION_UNSPECIFIED - POSTGRES_13 - POSTGRES_14 - POSTGRES_15 - POSTGRES_16 + - POSTGRES_17 tags: description: >- Optional. Input only. Immutable. Tag keys/values directly bound to @@ -2369,18 +2556,21 @@ components: - The database version is Postgres 14. - The database version is Postgres 15. - The database version is Postgres 16. + - The database version is Postgres 17. enumDeprecated: - false - true - false - false - false + - false enum: - DATABASE_VERSION_UNSPECIFIED - POSTGRES_13 - POSTGRES_14 - POSTGRES_15 - POSTGRES_16 + - POSTGRES_17 requiresDbRestart: description: >- Whether setting or updating this flag on an Instance requires a @@ -2643,18 +2833,21 @@ components: - The database version is Postgres 14. - The database version is Postgres 15. - The database version is Postgres 16. + - The database version is Postgres 17. enumDeprecated: - false - true - false - false - false + - false enum: - DATABASE_VERSION_UNSPECIFIED - POSTGRES_13 - POSTGRES_14 - POSTGRES_15 - POSTGRES_16 + - POSTGRES_17 targetVersion: description: Target database major version. type: string @@ -2664,18 +2857,21 @@ components: - The database version is Postgres 14. - The database version is Postgres 15. - The database version is Postgres 16. + - The database version is Postgres 17. enumDeprecated: - false - true - false - false - false + - false enum: - DATABASE_VERSION_UNSPECIFIED - POSTGRES_13 - POSTGRES_14 - POSTGRES_15 - POSTGRES_16 + - POSTGRES_17 stages: description: Status of all upgrade stages. type: array @@ -2731,10 +2927,6 @@ components: - PARTIAL_SUCCESS - CANCEL_IN_PROGRESS - CANCELLED - schedule: - description: Output only. Timing information for the stage execution. - readOnly: true - $ref: '#/components/schemas/StageSchedule' ReadPoolInstancesUpgradeStageStatus: id: ReadPoolInstancesUpgradeStageStatus description: Read pool instances upgrade specific status. @@ -2764,31 +2956,6 @@ components: description: Number of read pool instances which failed to upgrade. type: integer format: int32 - StageSchedule: - id: StageSchedule - description: Timing information for the stage execution. - type: object - properties: - estimatedStartTime: - description: >- - When the stage is expected to start. Set only if the stage has not - started yet. - type: string - format: google-datetime - actualStartTime: - description: Actual start time of the stage. Set only if the stage has started. - type: string - format: google-datetime - estimatedEndTime: - description: >- - When the stage is expected to end. Set only if the stage has not - completed yet. - type: string - format: google-datetime - actualEndTime: - description: Actual end time of the stage. Set only if the stage has completed. - type: string - format: google-datetime ExportClusterResponse: id: ExportClusterResponse description: Response of export cluster rpc. @@ -2902,18 +3069,21 @@ components: - The database version is Postgres 14. - The database version is Postgres 15. - The database version is Postgres 16. + - The database version is Postgres 17. enumDeprecated: - false - true - false - false - false + - false enum: - DATABASE_VERSION_UNSPECIFIED - POSTGRES_13 - POSTGRES_14 - POSTGRES_15 - POSTGRES_16 + - POSTGRES_17 stageInfo: description: Array containing stage info associated with this cluster. type: array @@ -3033,7 +3203,7 @@ components: description: >- DatabaseResourceFeed is the top level proto to be used to ingest different database resource level events into Condor platform. Next ID: - 11 + 13 type: object properties: resourceId: @@ -3058,6 +3228,7 @@ components: - Database resource recommendation signal data - Database config based signal data - Database resource metadata from BackupDR + - Database resource signal data enum: - FEEDTYPE_UNSPECIFIED - RESOURCE_METADATA @@ -3066,6 +3237,7 @@ components: - RECOMMENDATION_SIGNAL_DATA - CONFIG_BASED_SIGNAL_DATA - BACKUPDR_METADATA + - DATABASE_RESOURCE_SIGNAL_DATA resourceMetadata: $ref: >- #/components/schemas/StorageDatabasecenterPartnerapiV1mainDatabaseResourceMetadata @@ -3088,6 +3260,12 @@ components: description: BackupDR metadata is used to ingest metadata from BackupDR. $ref: >- #/components/schemas/StorageDatabasecenterPartnerapiV1mainBackupDRMetadata + databaseResourceSignalData: + description: >- + Database resource signal data is used to ingest signals from + database resource signal feeds. + $ref: >- + #/components/schemas/StorageDatabasecenterPartnerapiV1mainDatabaseResourceSignalData skipIngestion: description: >- Optional. If true, the feed won't be ingested by DB Center. This @@ -3155,7 +3333,7 @@ components: type: string StorageDatabasecenterPartnerapiV1mainDatabaseResourceMetadata: id: StorageDatabasecenterPartnerapiV1mainDatabaseResourceMetadata - description: 'Common model for database resource instance metadata. Next ID: 26' + description: 'Common model for database resource instance metadata. Next ID: 30' type: object properties: id: @@ -3194,6 +3372,11 @@ components: location: description: The resource location. REQUIRED type: string + zone: + description: >- + The resource zone. This is only applicable for zonal resources and + will be empty for regional and multi-regional resources. + type: string creationTime: description: >- The creation time of the resource, i.e. the time when resource is @@ -3326,10 +3509,12 @@ components: - Default, to make it consistent with instance edition enum. - Represents the enterprise edition. - Represents the enterprise plus edition. + - Represents the standard edition. enum: - EDITION_UNSPECIFIED - EDITION_ENTERPRISE - EDITION_ENTERPRISE_PLUS + - EDITION_STANDARD suspensionReason: description: Optional. Suspension reason for the resource. type: string @@ -3358,6 +3543,13 @@ components: description: Optional. BackupDR Configuration for the resource. $ref: >- #/components/schemas/StorageDatabasecenterPartnerapiV1mainBackupDRConfiguration + maintenanceInfo: + description: Optional. Maintenance info for the resource. + $ref: >- + #/components/schemas/StorageDatabasecenterPartnerapiV1mainResourceMaintenanceInfo + isDeletionProtectionEnabled: + description: Optional. Whether deletion protection is enabled for this resource. + type: boolean StorageDatabasecenterProtoCommonProduct: id: StorageDatabasecenterProtoCommonProduct description: Product specification for Condor resources. @@ -3382,6 +3574,7 @@ components: - Firestore product area in GCP. - Compute Engine self managed databases - Oracle product area in GCP + - BigQuery product area in GCP - >- Other refers to rest of other product type. This is to be when product type is known, but it is not present in this enum. @@ -3400,6 +3593,7 @@ components: - false - false - false + - false enum: - PRODUCT_TYPE_UNSPECIFIED - PRODUCT_TYPE_CLOUD_SQL @@ -3414,6 +3608,7 @@ components: - PRODUCT_TYPE_FIRESTORE - PRODUCT_TYPE_COMPUTE_ENGINE - PRODUCT_TYPE_ORACLE_ON_GCP + - PRODUCT_TYPE_BIGQUERY - PRODUCT_TYPE_OTHER engine: description: The specific engine that the underlying database is running. @@ -3821,6 +4016,102 @@ components: backupdrManaged: description: Indicates if the resource is managed by BackupDR. type: boolean + StorageDatabasecenterPartnerapiV1mainResourceMaintenanceInfo: + id: StorageDatabasecenterPartnerapiV1mainResourceMaintenanceInfo + description: MaintenanceInfo to capture the maintenance details of database resource. + type: object + properties: + maintenanceSchedule: + description: Optional. Maintenance window for the database resource. + $ref: >- + #/components/schemas/StorageDatabasecenterPartnerapiV1mainResourceMaintenanceSchedule + denyMaintenanceSchedules: + description: Optional. List of Deny maintenance period for the database resource. + type: array + items: + $ref: >- + #/components/schemas/StorageDatabasecenterPartnerapiV1mainResourceMaintenanceDenySchedule + maintenanceVersion: + description: >- + Optional. Current Maintenance version of the database resource. + Example: "MYSQL_8_0_41.R20250531.01_15" + type: string + StorageDatabasecenterPartnerapiV1mainResourceMaintenanceSchedule: + id: StorageDatabasecenterPartnerapiV1mainResourceMaintenanceSchedule + description: >- + Maintenance window for the database resource. It specifies preferred + time and day of the week and phase in some cases, when the maintenance + can start. This is configured by the customer. + type: object + properties: + time: + description: >- + Optional. Preferred time to start the maintenance operation on the + specified day. + $ref: '#/components/schemas/GoogleTypeTimeOfDay' + day: + description: >- + Optional. Preferred day of the week for maintenance, e.g. MONDAY, + TUESDAY, etc. + type: string + enumDescriptions: + - The day of the week is unspecified. + - Monday + - Tuesday + - Wednesday + - Thursday + - Friday + - Saturday + - Sunday + enum: + - DAY_OF_WEEK_UNSPECIFIED + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + - SUNDAY + phase: + description: >- + Optional. Phase of the maintenance window. This is to capture order + of maintenance. For example, for Cloud SQL resources, this can be + used to capture if the maintenance window is in Week1, Week2, Week5, + etc. Non production resources are usually part of early phase. For + more details, refer to Cloud SQL resources - + https://cloud.google.com/sql/docs/mysql/maintenance + type: string + enumDescriptions: + - Phase is unspecified. + - Any phase. + - Week 1. + - Week 2. + - Week 5. + enum: + - PHASE_UNSPECIFIED + - ANY + - WEEK1 + - WEEK2 + - WEEK5 + StorageDatabasecenterPartnerapiV1mainResourceMaintenanceDenySchedule: + id: StorageDatabasecenterPartnerapiV1mainResourceMaintenanceDenySchedule + description: >- + Deny maintenance period for the database resource. It specifies the time + range during which the maintenance cannot start. This is configured by + the customer. + type: object + properties: + startDate: + description: Optional. The start date of the deny maintenance period. + $ref: '#/components/schemas/GoogleTypeDate' + endDate: + description: Optional. Deny period end date. + $ref: '#/components/schemas/GoogleTypeDate' + time: + description: >- + Optional. Time in UTC when the deny period starts on start_date and + ends on end_date. + $ref: '#/components/schemas/GoogleTypeTimeOfDay' StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData: id: StorageDatabasecenterPartnerapiV1mainDatabaseResourceHealthSignalData description: Common model for database resource health signal data. @@ -4183,6 +4474,9 @@ components: - Replication delay. - Outdated version. - Outdated client. + - Databoost is disabled. + - Recommended maintenance policy. + - Resource version is in extended support. enumDeprecated: - false - false @@ -4286,6 +4580,9 @@ components: - false - false - false + - false + - false + - false enum: - SIGNAL_TYPE_UNSPECIFIED - SIGNAL_TYPE_NOT_PROTECTED_BY_AUTOMATIC_FAILOVER @@ -4389,6 +4686,9 @@ components: - SIGNAL_TYPE_REPLICATION_LAG - SIGNAL_TYPE_OUTDATED_VERSION - SIGNAL_TYPE_OUTDATED_CLIENT + - SIGNAL_TYPE_DATABOOST_DISABLED + - SIGNAL_TYPE_RECOMMENDED_MAINTENANCE_POLICIES + - SIGNAL_TYPE_EXTENDED_SUPPORT location: description: >- This is used to identify the location of the resource. Example: @@ -4628,6 +4928,9 @@ components: - Replication delay. - Outdated version. - Outdated client. + - Databoost is disabled. + - Recommended maintenance policy. + - Resource version is in extended support. enumDeprecated: - false - false @@ -4731,6 +5034,9 @@ components: - false - false - false + - false + - false + - false enum: - SIGNAL_TYPE_UNSPECIFIED - SIGNAL_TYPE_NOT_PROTECTED_BY_AUTOMATIC_FAILOVER @@ -4834,6 +5140,9 @@ components: - SIGNAL_TYPE_REPLICATION_LAG - SIGNAL_TYPE_OUTDATED_VERSION - SIGNAL_TYPE_OUTDATED_CLIENT + - SIGNAL_TYPE_DATABOOST_DISABLED + - SIGNAL_TYPE_RECOMMENDED_MAINTENANCE_POLICIES + - SIGNAL_TYPE_EXTENDED_SUPPORT lastRefreshTime: description: Required. last time recommendationw as refreshed type: string @@ -5016,6 +5325,7 @@ components: - >- Represents if a resources requires all incoming connections to use SSL or not. + - Represents if a resource version is in extended support. enum: - SIGNAL_TYPE_UNSPECIFIED - SIGNAL_TYPE_OUTDATED_MINOR_VERSION @@ -5023,6 +5333,7 @@ components: - SIGNAL_TYPE_NO_ROOT_PASSWORD - SIGNAL_TYPE_EXPOSED_TO_PUBLIC_ACCESS - SIGNAL_TYPE_UNENCRYPTED_CONNECTIONS + - SIGNAL_TYPE_EXTENDED_SUPPORT signalBoolValue: description: Signal data for boolean signals. type: boolean @@ -5055,6 +5366,67 @@ components: fullResourceName: description: Required. Full resource name of this instance. type: string + StorageDatabasecenterPartnerapiV1mainDatabaseResourceSignalData: + id: StorageDatabasecenterPartnerapiV1mainDatabaseResourceSignalData + description: >- + Database resource signal data. This is used to send signals to Condor + which are based on the DB/Instance/Fleet level configurations. These + will be used to send signals for all inventory types. Next ID: 7 + type: object + properties: + resourceId: + description: Database resource id. + $ref: >- + #/components/schemas/StorageDatabasecenterPartnerapiV1mainDatabaseResourceId + fullResourceName: + description: Required. Full Resource name of the source resource. + type: string + lastRefreshTime: + description: Required. Last time signal was refreshed + type: string + format: google-datetime + signalType: + description: Required. Signal type of the signal + type: string + enumDescriptions: + - Unspecified signal type. + - Outdated Minor Version + - Represents database auditing is disabled. + - >- + Represents if a database has a password configured for the root + account or not. + - Represents if a resource is exposed to public access. + - >- + Represents if a resources requires all incoming connections to use + SSL or not. + - Represents if a resource version is in extended support. + enum: + - SIGNAL_TYPE_UNSPECIFIED + - SIGNAL_TYPE_OUTDATED_MINOR_VERSION + - SIGNAL_TYPE_DATABASE_AUDITING_DISABLED + - SIGNAL_TYPE_NO_ROOT_PASSWORD + - SIGNAL_TYPE_EXPOSED_TO_PUBLIC_ACCESS + - SIGNAL_TYPE_UNENCRYPTED_CONNECTIONS + - SIGNAL_TYPE_EXTENDED_SUPPORT + signalState: + description: Required. Output only. Signal state of the signal + readOnly: true + type: string + enumDescriptions: + - Unspecified signal state. + - Signal is active and requires attention. + - Signal is inactive and does not require attention. + - >- + Signal is dismissed by the user and should not be shown to the + user again. + enum: + - SIGNAL_STATE_UNSPECIFIED + - ACTIVE + - INACTIVE + - DISMISSED + signalBoolValue: + description: Signal data for boolean signals. + type: boolean CloudControl2SharedOperationsReconciliationOperationMetadata: id: CloudControl2SharedOperationsReconciliationOperationMetadata description: >- @@ -5720,6 +6092,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: @@ -7127,6 +7503,10 @@ paths: name: orderBy schema: type: string + - in: query + name: view + schema: + type: string post: description: Creates a new Backup in a given project and location. operationId: alloydb.projects.locations.backups.create @@ -7203,6 +7583,10 @@ paths: required: true schema: type: string + - in: query + name: view + schema: + type: string patch: description: Updates the parameters of a single Backup. operationId: alloydb.projects.locations.backups.patch diff --git a/providers/src/googleapis.com/v00.00.00000/services/analyticshub.yaml b/providers/src/googleapis.com/v00.00.00000/services/analyticshub.yaml index 7ec6b385..30b7d91b 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/analyticshub.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/analyticshub.yaml @@ -7,8 +7,8 @@ info: title: Analytics Hub API description: Exchange data and analytics assets securely and efficiently. version: v1 - x-discovery-doc-revision: '20250818' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251130' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/bigquery/docs/analytics-hub-introduction servers: @@ -22,12 +22,12 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 - https://www.googleapis.com/auth/bigquery: >- - View and manage your data in Google BigQuery and see the email - address for your Google Account https://www.googleapis.com/auth/cloud-platform: >- See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account. + https://www.googleapis.com/auth/bigquery: >- + View and manage your data in Google BigQuery and see the email + address for your Google Account Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -37,561 +37,663 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListDataExchangesResponse: - id: ListDataExchangesResponse - description: Message for response to the list of data exchanges. - type: object + SubscribeDataExchangeRequest: + description: Message for subscribing to a Data Exchange. properties: - dataExchanges: - description: The list of data exchanges. - type: array - items: - $ref: '#/components/schemas/DataExchange' - nextPageToken: - description: A token to request the next page of results. + destination: type: string - DataExchange: - id: DataExchange - description: >- - A data exchange is a container that lets you share data. Along with the - descriptive information about the data exchange, it contains listings - that reference shared datasets. + description: >- + Required. The parent resource path of the Subscription. e.g. + `projects/subscriberproject/locations/us` + subscriberContact: + description: Email of the subscriber. + type: string + destinationDataset: + description: Optional. BigQuery destination dataset to create for the subscriber. + $ref: '#/components/schemas/DestinationDataset' + subscription: + type: string + description: Required. Name of the subscription to create. e.g. `subscription1` type: object + id: SubscribeDataExchangeRequest + NoWrapper: + description: Sets the `data` field as the HTTP body for delivery. properties: - name: + writeMetadata: description: >- - Output only. The resource name of the data exchange. e.g. - `projects/myproject/locations/us/dataExchanges/123`. - readOnly: true + Optional. When true, writes the Pub/Sub message metadata to + `x-goog-pubsub-:` headers of the HTTP request. Writes the Pub/Sub + message attributes to `:` headers of the HTTP request. + type: boolean + type: object + id: NoWrapper + CloudStorageConfig: + type: object + description: Configuration for a Cloud Storage subscription. + id: CloudStorageConfig + properties: + maxDuration: + format: google-duration type: string - displayName: description: >- - Required. Human-readable display name of the data exchange. The - display name must contain only Unicode letters, numbers (0-9), - underscores (_), dashes (-), spaces ( ), ampersands (&) and must not - start or end with spaces. Default value is an empty string. Max - length: 63 bytes. - type: string - description: + Optional. File batching settings. If no max_duration setting is + specified, a max_duration of 5 minutes will be set by default. + max_duration is required regardless of whether other file batching + settings are specified. The maximum duration that can elapse before + a new Cloud Storage file is created. Min 1 minute, max 10 minutes, + default 5 minutes. May not exceed the subscription's acknowledgement + deadline. + maxMessages: description: >- - Optional. Description of the data exchange. The description must not - contain Unicode non-characters as well as C0 and C1 control codes - except tabs (HT), new lines (LF), carriage returns (CR), and page - breaks (FF). Default value is an empty string. Max length: 2000 - bytes. + Optional. The maximum number of messages that can be written to a + Cloud Storage file before a new file is created. Min 1000 messages. type: string - primaryContact: + format: int64 + filenameDatetimeFormat: description: >- - Optional. Email or URL of the primary point of contact of the data - exchange. Max Length: 1000 bytes. + Optional. User-provided format string specifying how to represent + datetimes in Cloud Storage filenames. See the [datetime format + guidance](https://cloud.google.com/pubsub/docs/create-cloudstorage-subscription#file_names). type: string - documentation: - description: Optional. Documentation describing the data exchange. + textConfig: + $ref: '#/components/schemas/TextConfig' + description: >- + Optional. If set, message data will be written to Cloud Storage in + text format. + avroConfig: + $ref: '#/components/schemas/AvroConfig' + description: >- + Optional. If set, message data will be written to Cloud Storage in + Avro format. + filenamePrefix: type: string - listingCount: - description: Output only. Number of listings contained in the data exchange. - readOnly: true - type: integer - format: int32 - icon: description: >- - Optional. Base64 encoded image representing the data exchange. Max - Size: 3.0MiB Expected image dimensions are 512x512 pixels, however - the API only performs validation on size of the encoded data. Note: - For byte fields, the content of the fields are base64-encoded (which - increases the size of the data by 33-36%) when using JSON on the - wire. + Optional. User-provided prefix for Cloud Storage filename. See the + [object naming + requirements](https://cloud.google.com/storage/docs/objects#naming). + serviceAccountEmail: type: string - format: byte - sharingEnvironmentConfig: description: >- - Optional. Configurable data sharing environment option for a data - exchange. - $ref: '#/components/schemas/SharingEnvironmentConfig' - discoveryType: + Optional. The service account to use to write to Cloud Storage. The + subscription creator or updater that specifies this field must have + `iam.serviceAccounts.actAs` permission on the service account. If + not specified, the Pub/Sub [service + agent](https://cloud.google.com/iam/docs/service-agents), + service-{project_number}@gcp-sa-pubsub.iam.gserviceaccount.com, is + used. + maxBytes: + format: int64 description: >- - Optional. Type of discovery on the discovery page for all the - listings under this exchange. Updating this field also updates - (overwrites) the discovery_type field for all the listings under - this exchange. + Optional. The maximum bytes that can be written to a Cloud Storage + file before a new file is created. Min 1 KB, max 10 GiB. The + max_bytes limit may be exceeded in cases where messages are larger + than the limit. type: string - enumDescriptions: - - Unspecified. Defaults to DISCOVERY_TYPE_PRIVATE. - - >- - The Data exchange/listing can be discovered in the 'Private' - results list. - - >- - The Data exchange/listing can be discovered in the 'Public' - results list. - enum: - - DISCOVERY_TYPE_UNSPECIFIED - - DISCOVERY_TYPE_PRIVATE - - DISCOVERY_TYPE_PUBLIC - logLinkedDatasetQueryUserEmail: + bucket: description: >- - Optional. By default, false. If true, the DataExchange has an email - sharing mandate enabled. - type: boolean - SharingEnvironmentConfig: - id: SharingEnvironmentConfig + Required. User-provided name for the Cloud Storage bucket. The + bucket must be created by the user. The bucket name must be without + any prefix like "gs://". See the [bucket naming requirements] + (https://cloud.google.com/storage/docs/buckets#naming). + type: string + filenameSuffix: + description: >- + Optional. User-provided suffix for Cloud Storage filename. See the + [object naming + requirements](https://cloud.google.com/storage/docs/objects#naming). + Must not end in "/". + type: string + Status: description: >- - Sharing environment is a behavior model for sharing data within a data - exchange. This option is configurable for a data exchange. + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). type: object + id: Status properties: - defaultExchangeConfig: - description: Default Analytics Hub data exchange, used for secured data sharing. - $ref: '#/components/schemas/DefaultExchangeConfig' - dcrExchangeConfig: + details: description: >- - Data Clean Room (DCR), used for privacy-safe and secured data - sharing. - $ref: '#/components/schemas/DcrExchangeConfig' - DefaultExchangeConfig: - id: DefaultExchangeConfig - description: Default Analytics Hub data exchange, used for secured data sharing. - type: object - properties: {} - DcrExchangeConfig: - id: DcrExchangeConfig - description: Data Clean Room (DCR), used for privacy-safe and secured data sharing. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + type: array + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + code: + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + ExpirationPolicy: type: object properties: - singleSelectedResourceSharingRestriction: - description: >- - Output only. If True, this DCR restricts the contributors to sharing - only a single resource in a Listing. And no two resources should - have the same IDs. So if a contributor adds a view with a - conflicting name, the CreateListing API will reject the request. if - False, the data contributor can publish an entire dataset (as - before). This is not configurable, and by default, all new DCRs will - have the restriction set to True. - readOnly: true - type: boolean - singleLinkedDatasetPerCleanroom: + ttl: description: >- - Output only. If True, when subscribing to this DCR, it will create - only one linked dataset containing all resources shared within the - cleanroom. If False, when subscribing to this DCR, it will create 1 - linked dataset per listing. This is not configurable, and by - default, all new DCRs will have the restriction set to True. - readOnly: true - type: boolean - ListOrgDataExchangesResponse: - id: ListOrgDataExchangesResponse + Optional. Specifies the "time-to-live" duration for an associated + resource. The resource expires if it is not active for a period of + `ttl`. The definition of "activity" depends on the type of the + associated resource. The minimum and maximum allowed values for + `ttl` depend on the type of the associated resource, as well. If + `ttl` is not set, the associated resource never expires. + type: string + format: google-duration + id: ExpirationPolicy description: >- - Message for response to listing data exchanges in an organization and - location. - type: object - properties: - dataExchanges: - description: The list of data exchanges. - type: array - items: - $ref: '#/components/schemas/DataExchange' + A policy that specifies the conditions for resource expiration (i.e., + automatic resource deletion). + RevokeSubscriptionRequest: + description: Message for revoking a subscription. + id: RevokeSubscriptionRequest + properties: + revokeCommercial: + description: >- + Optional. If the subscription is commercial then this field must be + set to true, otherwise a failure is thrown. This acts as a safety + guard to avoid revoking commercial subscriptions accidentally. + type: boolean + type: object + MessageTransform: + description: All supported message transforms types. + type: object + id: MessageTransform + properties: + enabled: + type: boolean + description: >- + Optional. This field is deprecated, use the `disabled` field to + disable transforms. + deprecated: true + javascriptUdf: + $ref: '#/components/schemas/JavaScriptUDF' + description: >- + Optional. JavaScript User Defined Function. If multiple + JavaScriptUDF's are specified on a resource, each must have a unique + `function_name`. + disabled: + description: >- + Optional. If true, the transform is disabled and will not be applied + to messages. Defaults to `false`. + type: boolean + ApproveQueryTemplateRequest: + properties: {} + type: object + id: ApproveQueryTemplateRequest + description: Message for approving a QueryTemplate. + LinkedResource: + properties: + listing: + type: string + description: Output only. Listing for which linked resource is created. + readOnly: true + linkedPubsubSubscription: + type: string + description: >- + Output only. Name of the Pub/Sub subscription, e.g. + projects/subscriberproject/subscriptions/subscriptions/sub_id + readOnly: true + linkedDataset: + type: string + readOnly: true + description: >- + Output only. Name of the linked dataset, e.g. + projects/subscriberproject/datasets/linked_dataset + description: Reference to a linked resource tracked by this Subscription. + id: LinkedResource + type: object + ListDataExchangesResponse: + type: object + description: Message for response to the list of data exchanges. + properties: nextPageToken: description: A token to request the next page of results. type: string - Empty: - id: Empty + dataExchanges: + items: + $ref: '#/components/schemas/DataExchange' + type: array + description: The list of data exchanges. + id: ListDataExchangesResponse + StoredProcedureConfig: + properties: + allowedStoredProcedureTypes: + type: array + readOnly: true + items: + enum: + - STORED_PROCEDURE_TYPE_UNSPECIFIED + - SQL_PROCEDURE + enumDescriptions: + - Default value. This value is unused. + - SQL stored procedure. + type: string + description: Output only. Types of stored procedure supported to share. + enabled: + description: Optional. If true, enable sharing of stored procedure. + type: boolean + id: StoredProcedureConfig description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + Stored procedure configuration, used to configure stored procedure + sharing on linked dataset. type: object - properties: {} - ListListingsResponse: - id: ListListingsResponse - description: Message for response to the list of Listings. + ListSubscriptionsResponse: type: object + id: ListSubscriptionsResponse properties: - listings: - description: The list of Listing. - type: array - items: - $ref: '#/components/schemas/Listing' nextPageToken: - description: A token to request the next page of results. + description: Next page token. type: string - Listing: - id: Listing - description: >- - A listing is what gets published into a data exchange that a subscriber - can subscribe to. It contains a reference to the data source along with - descriptive information that will help subscribers find and subscribe - the data. + subscriptions: + type: array + items: + $ref: '#/components/schemas/Subscription' + description: The list of subscriptions. + description: Message for response to the listing of subscriptions. + RefreshSubscriptionRequest: + properties: {} + id: RefreshSubscriptionRequest type: object + description: Message for refreshing a subscription. + Subscription: properties: - bigqueryDataset: - description: Shared dataset i.e. BigQuery dataset source. - $ref: '#/components/schemas/BigQueryDatasetSource' - pubsubTopic: - description: Pub/Sub topic source. - $ref: '#/components/schemas/PubSubTopicSource' - name: - description: >- - Output only. The resource name of the listing. e.g. - `projects/myproject/locations/us/dataExchanges/123/listings/456` + destinationDataset: + description: Optional. BigQuery destination dataset to create for the subscriber. + $ref: '#/components/schemas/DestinationDataset' + organizationId: readOnly: true - type: string - displayName: - description: >- - Required. Human-readable display name of the listing. The display - name must contain only Unicode letters, numbers (0-9), underscores - (_), dashes (-), spaces ( ), ampersands (&) and can't start or end - with spaces. Default value is an empty string. Max length: 63 bytes. - type: string - description: - description: >- - Optional. Short description of the listing. The description must not - contain Unicode non-characters and C0 and C1 control codes except - tabs (HT), new lines (LF), carriage returns (CR), and page breaks - (FF). Default value is an empty string. Max length: 2000 bytes. - type: string - primaryContact: description: >- - Optional. Email or URL of the primary point of contact of the - listing. Max Length: 1000 bytes. - type: string - documentation: - description: Optional. Documentation describing the listing. + Output only. Organization of the project this subscription belongs + to. type: string - state: - description: Output only. Current state of the listing. + resourceType: readOnly: true + enum: + - SHARED_RESOURCE_TYPE_UNSPECIFIED + - BIGQUERY_DATASET + - PUBSUB_TOPIC + description: Output only. Listing shared asset type. type: string + enumDescriptions: + - Not specified. + - BigQuery Dataset Asset. + - Pub/Sub Topic Asset. + state: enumDescriptions: - Default value. This value is unused. + - This subscription is active and the data is accessible. - >- - Subscribable state. Users with dataexchange.listings.subscribe - permission can subscribe to this listing. + The data referenced by this subscription is out of date and should + be refreshed. This can happen when a data provider adds or removes + datasets. + - >- + This subscription has been cancelled or revoked and the data is no + longer accessible. enum: - STATE_UNSPECIFIED - - ACTIVE - icon: + - STATE_ACTIVE + - STATE_STALE + - STATE_INACTIVE + type: string + description: Output only. Current state of the subscription. + readOnly: true + commercialInfo: + readOnly: true description: >- - Optional. Base64 encoded image representing the listing. Max Size: - 3.0MiB Expected image dimensions are 512x512 pixels, however the API - only performs validation on size of the encoded data. Note: For byte - fields, the contents of the field are base64-encoded (which - increases the size of the data by 33-36%) when using JSON on the - wire. + Output only. This is set if this is a commercial subscription i.e. + if this subscription was created from subscribing to a commercial + listing. + $ref: >- + #/components/schemas/GoogleCloudBigqueryAnalyticshubV1SubscriptionCommercialInfo + linkedDatasetMap: + additionalProperties: + $ref: '#/components/schemas/LinkedResource' + readOnly: true + description: >- + Output only. Map of listing resource names to associated linked + resource, e.g. + projects/123/locations/us/dataExchanges/456/listings/789 -> + projects/123/datasets/my_dataset For listing-level subscriptions, + this is a map of size 1. Only contains values if state == + STATE_ACTIVE. + type: object + dataExchange: + readOnly: true type: string - format: byte - dataProvider: - description: Optional. Details of the data provider who owns the source data. - $ref: '#/components/schemas/DataProvider' - categories: description: >- - Optional. Categories of the listing. Up to five categories are - allowed. - type: array + Output only. Resource name of the source Data Exchange. e.g. + projects/123/locations/us/dataExchanges/456 + organizationDisplayName: + readOnly: true + description: Output only. Display name of the project of this subscription. + type: string + name: + type: string + readOnly: true + description: >- + Output only. The resource name of the subscription. e.g. + `projects/myproject/locations/us/subscriptions/123`. + subscriberContact: + type: string + readOnly: true + description: Output only. Email of the subscriber. + linkedResources: items: - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - CATEGORY_UNSPECIFIED - - CATEGORY_OTHERS - - CATEGORY_ADVERTISING_AND_MARKETING - - CATEGORY_COMMERCE - - CATEGORY_CLIMATE_AND_ENVIRONMENT - - CATEGORY_DEMOGRAPHICS - - CATEGORY_ECONOMICS - - CATEGORY_EDUCATION - - CATEGORY_ENERGY - - CATEGORY_FINANCIAL - - CATEGORY_GAMING - - CATEGORY_GEOSPATIAL - - CATEGORY_HEALTHCARE_AND_LIFE_SCIENCE - - CATEGORY_MEDIA - - CATEGORY_PUBLIC_SECTOR - - CATEGORY_RETAIL - - CATEGORY_SPORTS - - CATEGORY_SCIENCE_AND_RESEARCH - - CATEGORY_TRANSPORTATION_AND_LOGISTICS - - CATEGORY_TRAVEL_AND_TOURISM - - CATEGORY_GOOGLE_EARTH_ENGINE - publisher: - description: >- - Optional. Details of the publisher who owns the listing and who can - share the source data. - $ref: '#/components/schemas/Publisher' - requestAccess: - description: >- - Optional. Email or URL of the request access of the listing. - Subscribers can use this reference to request access. Max Length: - 1000 bytes. - type: string - restrictedExportConfig: + $ref: '#/components/schemas/LinkedResource' + readOnly: true + type: array description: >- - Optional. If set, restricted export configuration will be propagated - and enforced on the linked dataset. - $ref: '#/components/schemas/RestrictedExportConfig' - discoveryType: - description: Optional. Type of discovery of the listing on the discovery page. + Output only. Linked resources created in the subscription. Only + contains values if state = STATE_ACTIVE. + creationTime: type: string - enumDescriptions: - - Unspecified. Defaults to DISCOVERY_TYPE_PRIVATE. - - >- - The Data exchange/listing can be discovered in the 'Private' - results list. - - >- - The Data exchange/listing can be discovered in the 'Public' - results list. - enum: - - DISCOVERY_TYPE_UNSPECIFIED - - DISCOVERY_TYPE_PRIVATE - - DISCOVERY_TYPE_PUBLIC - resourceType: - description: Output only. Listing shared asset type. + format: google-datetime + description: Output only. Timestamp when the subscription was created. readOnly: true - type: string - enumDescriptions: - - Not specified. - - BigQuery Dataset Asset. - - Pub/Sub Topic Asset. - enum: - - SHARED_RESOURCE_TYPE_UNSPECIFIED - - BIGQUERY_DATASET - - PUBSUB_TOPIC - commercialInfo: - description: >- - Output only. Commercial info contains the information about the - commercial data products associated with the listing. + lastModifyTime: readOnly: true - $ref: >- - #/components/schemas/GoogleCloudBigqueryAnalyticshubV1ListingCommercialInfo + format: google-datetime + description: Output only. Timestamp when the subscription was last modified. + type: string logLinkedDatasetQueryUserEmail: - description: >- - Optional. By default, false. If true, the Listing has an email - sharing mandate enabled. type: boolean - allowOnlyMetadataSharing: + readOnly: true description: >- - Optional. If true, the listing is only available to get the resource - metadata. Listing is non subscribable. - type: boolean - BigQueryDatasetSource: - id: BigQueryDatasetSource + Output only. By default, false. If true, the Subscriber agreed to + the email sharing mandate that is enabled for DataExchange/Listing. + listing: + readOnly: true + type: string + description: >- + Output only. Resource name of the source Listing. e.g. + projects/123/locations/us/dataExchanges/456/listings/789 description: >- - A reference to a shared dataset. It is an existing BigQuery dataset with - a collection of objects such as tables and views that you want to share - with subscribers. When subscriber's subscribe to a listing, Analytics - Hub creates a linked dataset in the subscriber's project. A Linked - dataset is an opaque, read-only BigQuery dataset that serves as a - _symbolic link_ to a shared dataset. + A subscription represents a subscribers' access to a particular set of + published data. It contains references to associated listings, data + exchanges, and linked datasets. + id: Subscription + type: object + GoogleCloudBigqueryAnalyticshubV1SubscriptionCommercialInfoGoogleCloudMarketplaceInfo: type: object + description: Cloud Marketplace commercial metadata for this subscription. + id: >- + GoogleCloudBigqueryAnalyticshubV1SubscriptionCommercialInfoGoogleCloudMarketplaceInfo properties: - dataset: - description: >- - Optional. Resource name of the dataset source for this listing. e.g. - `projects/myproject/datasets/123` + order: type: string - selectedResources: + description: Resource name of the Marketplace Order. + DefaultExchangeConfig: + properties: {} + type: object + id: DefaultExchangeConfig + description: Default Analytics Hub data exchange, used for secured data sharing. + SubscribeListingRequest: + id: SubscribeListingRequest + type: object + properties: + destinationDataset: description: >- - Optional. Resource in this dataset that is selectively shared. This - field is required for data clean room exchanges. - type: array - items: - $ref: '#/components/schemas/SelectedResource' - restrictedExportPolicy: + Input only. BigQuery destination dataset to create for the + subscriber. + $ref: '#/components/schemas/DestinationDataset' + destinationPubsubSubscription: description: >- - Optional. If set, restricted export policy will be propagated and - enforced on the linked dataset. - $ref: '#/components/schemas/RestrictedExportPolicy' - SelectedResource: - id: SelectedResource - description: Resource in this dataset that is selectively shared. + Input only. Destination Pub/Sub subscription to create for the + subscriber. + $ref: '#/components/schemas/DestinationPubSubSubscription' + description: Message for subscribing to a listing. + GoogleCloudBigqueryAnalyticshubV1SubscriptionCommercialInfo: + description: Commercial info metadata for this subscription. type: object properties: - table: + cloudMarketplace: description: >- - Optional. Format: For table: - `projects/{projectId}/datasets/{datasetId}/tables/{tableId}` - Example:"projects/test_project/datasets/test_dataset/tables/test_table" + Output only. This is set when the subscription is commercialised via + Cloud Marketplace. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudBigqueryAnalyticshubV1SubscriptionCommercialInfoGoogleCloudMarketplaceInfo + id: GoogleCloudBigqueryAnalyticshubV1SubscriptionCommercialInfo + SetIamPolicyRequest: + properties: + updateMask: type: string - routine: description: >- - Optional. Format: For routine: - `projects/{projectId}/datasets/{datasetId}/routines/{routineId}` - Example:"projects/test_project/datasets/test_dataset/routines/test_routine" + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + format: google-fieldmask + policy: + description: >- + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' + type: object + id: SetIamPolicyRequest + description: Request message for `SetIamPolicy` method. + Empty: + properties: {} + type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: Empty + PubsubWrapper: + properties: {} + id: PubsubWrapper + description: >- + The payload to the push endpoint is in the form of the JSON + representation of a PubsubMessage + (https://cloud.google.com/pubsub/docs/reference/rpc/google.pubsub.v1#pubsubmessage). + type: object + GoogleCloudBigqueryAnalyticshubV1ListingCommercialInfoGoogleCloudMarketplaceInfo: + properties: + service: + description: >- + Output only. Resource name of the commercial service associated with + the Marketplace Data Product. e.g. example.com + readOnly: true + type: string + commercialState: + description: Output only. Commercial state of the Marketplace Data Product. + enumDescriptions: + - Commercialization is incomplete and cannot be used. + - Commercialization has been initialized. + - Commercialization is complete and available for use. type: string + readOnly: true + enum: + - COMMERCIAL_STATE_UNSPECIFIED + - ONBOARDING + - ACTIVE + type: object + id: >- + GoogleCloudBigqueryAnalyticshubV1ListingCommercialInfoGoogleCloudMarketplaceInfo + description: >- + Specifies the details of the Marketplace Data Product associated with + the Listing. + GoogleCloudBigqueryAnalyticshubV1ListingCommercialInfo: + id: GoogleCloudBigqueryAnalyticshubV1ListingCommercialInfo + properties: + cloudMarketplace: + readOnly: true + description: >- + Output only. Details of the Marketplace Data Product associated with + the Listing. + $ref: >- + #/components/schemas/GoogleCloudBigqueryAnalyticshubV1ListingCommercialInfoGoogleCloudMarketplaceInfo + type: object + description: >- + Commercial info contains the information about the commercial data + products associated with the listing. RestrictedExportPolicy: - id: RestrictedExportPolicy description: >- Restricted export policy used to configure restricted export on linked dataset. + id: RestrictedExportPolicy type: object properties: enabled: description: Optional. If true, enable restricted export. type: boolean + restrictQueryResult: + type: boolean + description: >- + Optional. If true, restrict export of query result derived from + restricted linked dataset table. restrictDirectTableAccess: description: >- Optional. If true, restrict direct table access (read api/tabledata.list) on linked table. type: boolean - restrictQueryResult: - description: >- - Optional. If true, restrict export of query result derived from - restricted linked dataset table. - type: boolean - PubSubTopicSource: - id: PubSubTopicSource - description: Pub/Sub topic source. + Publisher: type: object properties: - topic: + primaryContact: description: >- - Required. Resource name of the Pub/Sub topic source for this - listing. e.g. projects/myproject/topics/topicId + Optional. Email or URL of the listing publisher. Max Length: 1000 + bytes. type: string - dataAffinityRegions: - description: >- - Optional. Region hint on where the data might be published. Data - affinity regions are modifiable. See - https://cloud.google.com/about/locations for full listing of - possible Cloud regions. - type: array - items: - type: string - DataProvider: - id: DataProvider - description: Contains details of the data provider. - type: object - properties: name: - description: Optional. Name of the data provider. - type: string - primaryContact: - description: 'Optional. Email or URL of the data provider. Max Length: 1000 bytes.' + description: Optional. Name of the listing publisher. type: string - Publisher: id: Publisher description: Contains details of the listing publisher. + GetPolicyOptions: + properties: + requestedPolicyVersion: + type: integer + description: >- + Optional. The maximum policy version that will be used to format the + policy. Valid values are 0, 1, and 3. Requests specifying an invalid + value will be rejected. Requests for policies with any conditional + role bindings must specify version 3. Policies with no conditional + role bindings may specify any valid value or leave the field unset. + The policy in the response might use the policy version that you + specified, or it might use a lower policy version. For example, if + you specify version 3, but the policy has no conditional role + bindings, the response uses version 1. To learn which resources + support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + format: int32 + type: object + description: Encapsulates settings provided to GetIamPolicy. + id: GetPolicyOptions + ListOrgDataExchangesResponse: type: object + id: ListOrgDataExchangesResponse + description: >- + Message for response to listing data exchanges in an organization and + location. properties: - name: - description: Optional. Name of the listing publisher. + dataExchanges: + items: + $ref: '#/components/schemas/DataExchange' + type: array + description: The list of data exchanges. + nextPageToken: type: string - primaryContact: + description: A token to request the next page of results. + PushConfig: + properties: + pubsubWrapper: description: >- - Optional. Email or URL of the listing publisher. Max Length: 1000 - bytes. + Optional. When set, the payload to the push endpoint is in the form + of the JSON representation of a PubsubMessage + (https://cloud.google.com/pubsub/docs/reference/rpc/google.pubsub.v1#pubsubmessage). + $ref: '#/components/schemas/PubsubWrapper' + noWrapper: + description: Optional. When set, the payload to the push endpoint is not wrapped. + $ref: '#/components/schemas/NoWrapper' + pushEndpoint: + description: >- + Optional. A URL locating the endpoint to which messages should be + pushed. For example, a Webhook endpoint might use + `https://example.com/push`. type: string - RestrictedExportConfig: - id: RestrictedExportConfig - description: >- - Restricted export config, used to configure restricted export on linked - dataset. - type: object - properties: - enabled: - description: Optional. If true, enable restricted export. - type: boolean - restrictDirectTableAccess: + oidcToken: description: >- - Output only. If true, restrict direct table access(read - api/tabledata.list) on linked table. - readOnly: true - type: boolean - restrictQueryResult: + Optional. If specified, Pub/Sub will generate and attach an OIDC JWT + token as an `Authorization` header in the HTTP request for every + pushed message. + $ref: '#/components/schemas/OidcToken' + attributes: + type: object description: >- - Optional. If true, restrict export of query result derived from - restricted linked dataset table. - type: boolean - GoogleCloudBigqueryAnalyticshubV1ListingCommercialInfo: - id: GoogleCloudBigqueryAnalyticshubV1ListingCommercialInfo - description: >- - Commercial info contains the information about the commercial data - products associated with the listing. + Optional. Endpoint configuration attributes that can be used to + control different aspects of the message delivery. The only + currently supported attribute is `x-goog-version`, which you can use + to change the format of the pushed message. This attribute indicates + the version of the data expected by the endpoint. This controls the + shape of the pushed message (i.e., its fields and metadata). If not + present during the `CreateSubscription` call, it will default to the + version of the Pub/Sub API used to make such call. If not present in + a `ModifyPushConfig` call, its value will not be changed. + `GetSubscription` calls will always return a valid version, even if + the subscription was created without this attribute. The only + supported values for the `x-goog-version` attribute are: * + `v1beta1`: uses the push format defined in the v1beta1 Pub/Sub API. + * `v1` or `v1beta2`: uses the push format defined in the v1 Pub/Sub + API. For example: `attributes { "x-goog-version": "v1" }` + additionalProperties: + type: string + id: PushConfig + description: Configuration for a push delivery endpoint. type: object - properties: - cloudMarketplace: - description: >- - Output only. Details of the Marketplace Data Product associated with - the Listing. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudBigqueryAnalyticshubV1ListingCommercialInfoGoogleCloudMarketplaceInfo - GoogleCloudBigqueryAnalyticshubV1ListingCommercialInfoGoogleCloudMarketplaceInfo: - id: >- - GoogleCloudBigqueryAnalyticshubV1ListingCommercialInfoGoogleCloudMarketplaceInfo + AuditLogConfig: description: >- - Specifies the details of the Marketplace Data Product associated with - the Listing. - type: object + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. properties: - service: + exemptedMembers: + items: + type: string + type: array description: >- - Output only. Resource name of the commercial service associated with - the Marketplace Data Product. e.g. example.com - readOnly: true - type: string - commercialState: - description: Output only. Commercial state of the Marketplace Data Product. - readOnly: true - type: string + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + logType: enumDescriptions: - - Commercialization is incomplete and cannot be used. - - Commercialization has been initialized. - - Commercialization is complete and available for use. + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' enum: - - COMMERCIAL_STATE_UNSPECIFIED - - ONBOARDING - - ACTIVE - SubscribeListingRequest: - id: SubscribeListingRequest - description: Message for subscribing to a listing. + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + description: The log type that this config enables. + type: string type: object - properties: - destinationDataset: - description: >- - Input only. BigQuery destination dataset to create for the - subscriber. - $ref: '#/components/schemas/DestinationDataset' - destinationPubsubSubscription: - description: >- - Input only. Destination Pub/Sub subscription to create for the - subscriber. - $ref: '#/components/schemas/DestinationPubSubSubscription' + id: AuditLogConfig DestinationDataset: id: DestinationDataset description: Defines the destination bigquery dataset. - type: object properties: - datasetReference: - description: Required. A reference that identifies the destination dataset. - $ref: '#/components/schemas/DestinationDatasetReference' friendlyName: description: Optional. A descriptive name for the dataset. type: string - description: - description: Optional. A user-friendly description of the dataset. - type: string labels: + additionalProperties: + type: string description: >- Optional. The labels associated with this dataset. You can use these to organize and group your datasets. You can set this property when @@ -599,245 +701,198 @@ components: https://cloud.google.com/resource-manager/docs/creating-managing-labels for more information. type: object - additionalProperties: - type: string + datasetReference: + $ref: '#/components/schemas/DestinationDatasetReference' + description: Required. A reference that identifies the destination dataset. location: description: >- Required. The geographic location where the dataset should reside. See https://cloud.google.com/bigquery/docs/locations for supported locations. type: string - DestinationDatasetReference: - id: DestinationDatasetReference - type: object - properties: - datasetId: - description: >- - Required. A unique ID for this dataset, without the project name. - The ID must contain only letters (a-z, A-Z), numbers (0-9), or - underscores (_). The maximum length is 1,024 characters. - type: string - projectId: - description: Required. The ID of the project containing this dataset. + description: + description: Optional. A user-friendly description of the dataset. type: string - DestinationPubSubSubscription: - id: DestinationPubSubSubscription - description: Defines the destination Pub/Sub subscription. + replicaLocations: + type: array + description: >- + Optional. The geographic locations where the dataset should be + replicated. See [BigQuery + locations](https://cloud.google.com/bigquery/docs/locations) for + supported locations. + items: + type: string type: object + DestinationPubSubSubscription: properties: pubsubSubscription: description: Required. Destination Pub/Sub subscription resource. $ref: '#/components/schemas/GooglePubsubV1Subscription' - GooglePubsubV1Subscription: - id: GooglePubsubV1Subscription - description: >- - Defines the destination Pub/Sub subscription. If none of `push_config`, - `bigquery_config`, `cloud_storage_config`, `pubsub_export_config`, or - `pubsublite_export_config` is set, then the subscriber will pull and ack - messages using API methods. At most one of these fields may be set. + description: Defines the destination Pub/Sub subscription. + type: object + id: DestinationPubSubSubscription + Policy: type: object properties: - name: - description: >- - Required. Name of the subscription. Format is - `projects/{project}/subscriptions/{sub}`. - type: string - pushConfig: - description: >- - Optional. If push delivery is used with this subscription, this - field is used to configure it. - $ref: '#/components/schemas/PushConfig' - bigqueryConfig: - description: >- - Optional. If delivery to BigQuery is used with this subscription, - this field is used to configure it. - $ref: '#/components/schemas/BigQueryConfig' - cloudStorageConfig: - description: >- - Optional. If delivery to Google Cloud Storage is used with this - subscription, this field is used to configure it. - $ref: '#/components/schemas/CloudStorageConfig' - ackDeadlineSeconds: - description: >- - Optional. The approximate amount of time (on a best-effort basis) - Pub/Sub waits for the subscriber to acknowledge receipt before - resending the message. In the interval after the message is - delivered and before it is acknowledged, it is considered to be - _outstanding_. During that time period, the message will not be - redelivered (on a best-effort basis). For pull subscriptions, this - value is used as the initial value for the ack deadline. To override - this value for a given message, call `ModifyAckDeadline` with the - corresponding `ack_id` if using non-streaming pull or send the - `ack_id` in a `StreamingModifyAckDeadlineRequest` if using streaming - pull. The minimum custom deadline you can specify is 10 seconds. The - maximum custom deadline you can specify is 600 seconds (10 minutes). - If this parameter is 0, a default value of 10 seconds is used. For - push delivery, this value is also used to set the request timeout - for the call to the push endpoint. If the subscriber never - acknowledges the message, the Pub/Sub system will eventually - redeliver the message. - type: integer + auditConfigs: + description: Specifies cloud audit logging configuration for this policy. + type: array + items: + $ref: '#/components/schemas/AuditConfig' + version: format: int32 - retainAckedMessages: - description: >- - Optional. Indicates whether to retain acknowledged messages. If - true, then messages are not expunged from the subscription's - backlog, even if they are acknowledged, until they fall out of the - `message_retention_duration` window. This must be true if you would - like to [`Seek` to a timestamp] - (https://cloud.google.com/pubsub/docs/replay-overview#seek_to_a_time) - in the past to replay previously-acknowledged messages. - type: boolean - messageRetentionDuration: - description: >- - Optional. How long to retain unacknowledged messages in the - subscription's backlog, from the moment a message is published. If - `retain_acked_messages` is true, then this also configures the - retention of acknowledged messages, and thus configures how far back - in time a `Seek` can be done. Defaults to 7 days. Cannot be more - than 31 days or less than 10 minutes. - type: string - format: google-duration - labels: - description: >- - Optional. See [Creating and managing - labels](https://cloud.google.com/pubsub/docs/labels). - type: object - additionalProperties: - type: string - enableMessageOrdering: description: >- - Optional. If true, messages published with the same `ordering_key` - in `PubsubMessage` will be delivered to the subscribers in the order - in which they are received by the Pub/Sub system. Otherwise, they - may be delivered in any order. - type: boolean - expirationPolicy: - description: >- - Optional. A policy that specifies the conditions for this - subscription's expiration. A subscription is considered active as - long as any connected subscriber is successfully consuming messages - from the subscription or is issuing operations on the subscription. - If `expiration_policy` is not set, a *default policy* with `ttl` of - 31 days will be used. The minimum allowed value for - `expiration_policy.ttl` is 1 day. If `expiration_policy` is set, but - `expiration_policy.ttl` is not set, the subscription never expires. - $ref: '#/components/schemas/ExpirationPolicy' - filter: + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + type: integer + etag: description: >- - Optional. An expression written in the Pub/Sub [filter - language](https://cloud.google.com/pubsub/docs/filtering). If - non-empty, then only `PubsubMessage`s whose `attributes` field - matches the filter are delivered on this subscription. If empty, - then no messages are filtered out. + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. type: string - deadLetterPolicy: - description: >- - Optional. A policy that specifies the conditions for dead lettering - messages in this subscription. If dead_letter_policy is not set, - dead lettering is disabled. The Pub/Sub service account associated - with this subscriptions's parent project (i.e., - service-{project_number}@gcp-sa-pubsub.iam.gserviceaccount.com) must - have permission to Acknowledge() messages on this subscription. - $ref: '#/components/schemas/DeadLetterPolicy' - retryPolicy: - description: >- - Optional. A policy that specifies how Pub/Sub retries message - delivery for this subscription. If not set, the default retry policy - is applied. This generally implies that messages will be retried as - soon as possible for healthy subscribers. RetryPolicy will be - triggered on NACKs or acknowledgement deadline exceeded events for a - given message. - $ref: '#/components/schemas/RetryPolicy' - detached: - description: >- - Optional. Indicates whether the subscription is detached from its - topic. Detached subscriptions don't receive messages from their - topic and don't retain any backlog. `Pull` and `StreamingPull` - requests will return FAILED_PRECONDITION. If the subscription is a - push subscription, pushes to the endpoint will not be made. - type: boolean - enableExactlyOnceDelivery: + format: byte + bindings: + type: array description: >- - Optional. If true, Pub/Sub provides the following guarantees for the - delivery of a message with a given value of `message_id` on this - subscription: * The message sent to a subscriber is guaranteed not - to be resent before the message's acknowledgement deadline expires. - * An acknowledged message will not be resent to a subscriber. Note - that subscribers may still receive multiple copies of a message when - `enable_exactly_once_delivery` is true if the message was published - multiple times by a publisher client. These copies are considered - distinct by Pub/Sub and have distinct `message_id` values. - type: boolean - messageTransforms: + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + items: + $ref: '#/components/schemas/Binding' + id: Policy + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + BigQueryDatasetSource: + description: >- + A reference to a shared dataset. It is an existing BigQuery dataset with + a collection of objects such as tables and views that you want to share + with subscribers. When subscriber's subscribe to a listing, Analytics + Hub creates a linked dataset in the subscriber's project. A Linked + dataset is an opaque, read-only BigQuery dataset that serves as a + _symbolic link_ to a shared dataset. + properties: + selectedResources: + items: + $ref: '#/components/schemas/SelectedResource' + type: array description: >- - Optional. Transforms to be applied to messages before they are - delivered to subscribers. Transforms are applied in the order - specified. + Optional. Resource in this dataset that is selectively shared. This + field is required for data clean room exchanges. + replicaLocations: type: array + description: >- + Optional. A list of regions where the publisher has created shared + dataset replicas. items: - $ref: '#/components/schemas/MessageTransform' - PushConfig: - id: PushConfig - description: Configuration for a push delivery endpoint. - type: object - properties: - oidcToken: + type: string + effectiveReplicas: + readOnly: true + items: + $ref: '#/components/schemas/Replica' description: >- - Optional. If specified, Pub/Sub will generate and attach an OIDC JWT - token as an `Authorization` header in the HTTP request for every - pushed message. - $ref: '#/components/schemas/OidcToken' - pubsubWrapper: + Output only. Server-owned effective state of replicas. Contains both + primary and secondary replicas. Each replica includes a + system-computed (output-only) state and primary designation. + type: array + restrictedExportPolicy: description: >- - Optional. When set, the payload to the push endpoint is in the form - of the JSON representation of a PubsubMessage - (https://cloud.google.com/pubsub/docs/reference/rpc/google.pubsub.v1#pubsubmessage). - $ref: '#/components/schemas/PubsubWrapper' - noWrapper: - description: Optional. When set, the payload to the push endpoint is not wrapped. - $ref: '#/components/schemas/NoWrapper' - pushEndpoint: + Optional. If set, restricted export policy will be propagated and + enforced on the linked dataset. + $ref: '#/components/schemas/RestrictedExportPolicy' + dataset: description: >- - Optional. A URL locating the endpoint to which messages should be - pushed. For example, a Webhook endpoint might use - `https://example.com/push`. + Optional. Resource name of the dataset source for this listing. e.g. + `projects/myproject/datasets/123` type: string - attributes: - description: >- - Optional. Endpoint configuration attributes that can be used to - control different aspects of the message delivery. The only - currently supported attribute is `x-goog-version`, which you can use - to change the format of the pushed message. This attribute indicates - the version of the data expected by the endpoint. This controls the - shape of the pushed message (i.e., its fields and metadata). If not - present during the `CreateSubscription` call, it will default to the - version of the Pub/Sub API used to make such call. If not present in - a `ModifyPushConfig` call, its value will not be changed. - `GetSubscription` calls will always return a valid version, even if - the subscription was created without this attribute. The only - supported values for the `x-goog-version` attribute are: * - `v1beta1`: uses the push format defined in the v1beta1 Pub/Sub API. - * `v1` or `v1beta2`: uses the push format defined in the v1 Pub/Sub - API. For example: `attributes { "x-goog-version": "v1" }` - type: object - additionalProperties: - type: string - OidcToken: - id: OidcToken - description: >- - Contains information needed for generating an [OpenID Connect - token](https://developers.google.com/identity/protocols/OpenIDConnect). + id: BigQueryDatasetSource type: object + Routine: + type: object + id: Routine + description: Represents a bigquery routine. properties: - serviceAccountEmail: - description: >- - Optional. [Service account - email](https://cloud.google.com/iam/docs/service-accounts) used for - generating the OIDC token. For more information on setting up - authentication, see [Push - subscriptions](https://cloud.google.com/pubsub/docs/push). + definitionBody: type: string + description: Optional. The definition body of the routine. + routineType: + type: string + enumDescriptions: + - Default value. + - Non-built-in persistent TVF. + enum: + - ROUTINE_TYPE_UNSPECIFIED + - TABLE_VALUED_FUNCTION + description: Required. The type of routine. + SubmitQueryTemplateRequest: + description: Message for submitting a QueryTemplate. + type: object + properties: {} + id: SubmitQueryTemplateRequest + OidcToken: + type: object + properties: audience: description: >- Optional. Audience to be used when generating OIDC token. The @@ -848,143 +903,200 @@ components: https://tools.ietf.org/html/rfc7519#section-4.1.3 Note: if not specified, the Push endpoint URL will be used. type: string - PubsubWrapper: - id: PubsubWrapper + serviceAccountEmail: + type: string + description: >- + Optional. [Service account + email](https://cloud.google.com/iam/docs/service-accounts) used for + generating the OIDC token. For more information on setting up + authentication, see [Push + subscriptions](https://cloud.google.com/pubsub/docs/push). + id: OidcToken description: >- - The payload to the push endpoint is in the form of the JSON - representation of a PubsubMessage - (https://cloud.google.com/pubsub/docs/reference/rpc/google.pubsub.v1#pubsubmessage). - type: object - properties: {} - NoWrapper: - id: NoWrapper - description: Sets the `data` field as the HTTP body for delivery. + Contains information needed for generating an [OpenID Connect + token](https://developers.google.com/identity/protocols/OpenIDConnect). + DcrExchangeConfig: type: object + id: DcrExchangeConfig + description: Data Clean Room (DCR), used for privacy-safe and secured data sharing. properties: - writeMetadata: + singleSelectedResourceSharingRestriction: + readOnly: true description: >- - Optional. When true, writes the Pub/Sub message metadata to - `x-goog-pubsub-:` headers of the HTTP request. Writes the Pub/Sub - message attributes to `:` headers of the HTTP request. + Output only. If True, this DCR restricts the contributors to sharing + only a single resource in a Listing. And no two resources should + have the same IDs. So if a contributor adds a view with a + conflicting name, the CreateListing API will reject the request. if + False, the data contributor can publish an entire dataset (as + before). This is not configurable, and by default, all new DCRs will + have the restriction set to True. type: boolean - BigQueryConfig: - id: BigQueryConfig - description: Configuration for a BigQuery subscription. - type: object - properties: - table: + singleLinkedDatasetPerCleanroom: description: >- - Optional. The name of the table to which to write data, of the form - {projectId}.{datasetId}.{tableId} + Output only. If True, when subscribing to this DCR, it will create + only one linked dataset containing all resources shared within the + cleanroom. If False, when subscribing to this DCR, it will create 1 + linked dataset per listing. This is not configurable, and by + default, all new DCRs will have the restriction set to True. + type: boolean + readOnly: true + AuditConfig: + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + properties: + auditLogConfigs: + type: array + description: The configuration for logging of each type of permission. + items: + $ref: '#/components/schemas/AuditLogConfig' + service: type: string - useTopicSchema: description: >- - Optional. When true, use the topic's schema as the columns to write - to in BigQuery, if it exists. `use_topic_schema` and - `use_table_schema` cannot be enabled at the same time. - type: boolean + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + type: object + id: AuditConfig + AvroConfig: + properties: writeMetadata: description: >- Optional. When true, write the subscription name, message_id, - publish_time, attributes, and ordering_key to additional columns in - the table. The subscription name, message_id, and publish_time - fields are put in their own columns while all other message - properties (other than data) are written to a JSON object in the - attributes column. - type: boolean - dropUnknownFields: - description: >- - Optional. When true and use_topic_schema is true, any fields that - are a part of the topic schema that are not part of the BigQuery - table schema are dropped when writing to BigQuery. Otherwise, the - schemas must be kept in sync and any messages with extra fields are - not written and remain in the subscription's backlog. + publish_time, attributes, and ordering_key as additional fields in + the output. The subscription name, message_id, and publish_time + fields are put in their own fields while all other message + properties other than data (for example, an ordering_key, if + present) are added as entries in the attributes map. type: boolean - useTableSchema: + useTopicSchema: description: >- - Optional. When true, use the BigQuery table's schema as the columns - to write to in BigQuery. `use_table_schema` and `use_topic_schema` - cannot be enabled at the same time. + Optional. When true, the output Cloud Storage file will be + serialized using the topic schema, if it exists. type: boolean - serviceAccountEmail: - description: >- - Optional. The service account to use to write to BigQuery. The - subscription creator or updater that specifies this field must have - `iam.serviceAccounts.actAs` permission on the service account. If - not specified, the Pub/Sub [service - agent](https://cloud.google.com/iam/docs/service-agents), - service-{project_number}@gcp-sa-pubsub.iam.gserviceaccount.com, is - used. + description: >- + Configuration for writing message data in Avro format. Message payloads + and metadata will be written to files as an Avro binary. + type: object + id: AvroConfig + ListQueryTemplatesResponse: + type: object + description: Message for response to the list of QueryTemplates. + properties: + queryTemplates: + description: The list of QueryTemplates. + type: array + items: + $ref: '#/components/schemas/QueryTemplate' + nextPageToken: type: string - CloudStorageConfig: - id: CloudStorageConfig - description: Configuration for a Cloud Storage subscription. + description: A token to request the next page of results. + id: ListQueryTemplatesResponse + TestIamPermissionsRequest: type: object + id: TestIamPermissionsRequest properties: - textConfig: - description: >- - Optional. If set, message data will be written to Cloud Storage in - text format. - $ref: '#/components/schemas/TextConfig' - avroConfig: - description: >- - Optional. If set, message data will be written to Cloud Storage in - Avro format. - $ref: '#/components/schemas/AvroConfig' - bucket: + permissions: + type: array + items: + type: string description: >- - Required. User-provided name for the Cloud Storage bucket. The - bucket must be created by the user. The bucket name must be without - any prefix like "gs://". See the [bucket naming requirements] - (https://cloud.google.com/storage/docs/buckets#naming). + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + description: Request message for `TestIamPermissions` method. + QueryTemplate: + description: >- + A query template is a container for sharing table-valued functions + defined by contributors in a data clean room. + properties: + updateTime: + readOnly: true + description: Output only. Timestamp when the QueryTemplate was last modified. + format: google-datetime type: string - filenamePrefix: + name: description: >- - Optional. User-provided prefix for Cloud Storage filename. See the - [object naming - requirements](https://cloud.google.com/storage/docs/objects#naming). + Output only. The resource name of the QueryTemplate. e.g. + `projects/myproject/locations/us/dataExchanges/123/queryTemplates/456` type: string - filenameSuffix: - description: >- - Optional. User-provided suffix for Cloud Storage filename. See the - [object naming - requirements](https://cloud.google.com/storage/docs/objects#naming). - Must not end in "/". + readOnly: true + state: + description: Output only. The QueryTemplate lifecycle state. + enumDescriptions: + - Default value. This value is unused. + - The QueryTemplate is in draft state. + - The QueryTemplate is in pending state. + - The QueryTemplate is in deleted state. + - The QueryTemplate is in approved state. + readOnly: true type: string - filenameDatetimeFormat: - description: >- - Optional. User-provided format string specifying how to represent - datetimes in Cloud Storage filenames. See the [datetime format - guidance](https://cloud.google.com/pubsub/docs/create-cloudstorage-subscription#file_names). + enum: + - STATE_UNSPECIFIED + - DRAFTED + - PENDING + - DELETED + - APPROVED + primaryContact: type: string - maxDuration: description: >- - Optional. File batching settings. If no max_duration setting is - specified, a max_duration of 5 minutes will be set by default. - max_duration is required regardless of whether other file batching - settings are specified. The maximum duration that can elapse before - a new Cloud Storage file is created. Min 1 minute, max 10 minutes, - default 5 minutes. May not exceed the subscription's acknowledgement - deadline. + Optional. Email or URL of the primary point of contact of the + QueryTemplate. Max Length: 1000 bytes. + description: + description: >- + Optional. Short description of the QueryTemplate. The description + must not contain Unicode non-characters and C0 and C1 control codes + except tabs (HT), new lines (LF), carriage returns (CR), and page + breaks (FF). Default value is an empty string. Max length: 2000 + bytes. type: string - format: google-duration - maxBytes: + routine: + $ref: '#/components/schemas/Routine' + description: Optional. The routine associated with the QueryTemplate. + proposer: description: >- - Optional. The maximum bytes that can be written to a Cloud Storage - file before a new file is created. Min 1 KB, max 10 GiB. The - max_bytes limit may be exceeded in cases where messages are larger - than the limit. + Optional. Will be deprecated. Email or URL of the primary point of + contact of the QueryTemplate. Max Length: 1000 bytes. + type: string + createTime: + type: string + readOnly: true + format: google-datetime + description: Output only. Timestamp when the QueryTemplate was created. + documentation: type: string - format: int64 - maxMessages: - description: >- - Optional. The maximum number of messages that can be written to a - Cloud Storage file before a new file is created. Min 1000 messages. + description: Optional. Documentation describing the QueryTemplate. + displayName: type: string - format: int64 + description: >- + Required. Human-readable display name of the QueryTemplate. The + display name must contain only Unicode letters, numbers (0-9), + underscores (_), dashes (-), spaces ( ), ampersands (&) and can't + start or end with spaces. Default value is an empty string. Max + length: 63 bytes. + id: QueryTemplate + type: object + BigQueryConfig: + properties: serviceAccountEmail: description: >- - Optional. The service account to use to write to Cloud Storage. The + Optional. The service account to use to write to BigQuery. The subscription creator or updater that specifies this field must have `iam.serviceAccounts.actAs` permission on the service account. If not specified, the Pub/Sub [service @@ -992,58 +1104,229 @@ components: service-{project_number}@gcp-sa-pubsub.iam.gserviceaccount.com, is used. type: string - TextConfig: - id: TextConfig - description: >- - Configuration for writing message data in text format. Message payloads - will be written to files as raw text, separated by a newline. - type: object - properties: {} - AvroConfig: - id: AvroConfig - description: >- - Configuration for writing message data in Avro format. Message payloads - and metadata will be written to files as an Avro binary. - type: object - properties: writeMetadata: description: >- Optional. When true, write the subscription name, message_id, - publish_time, attributes, and ordering_key as additional fields in - the output. The subscription name, message_id, and publish_time - fields are put in their own fields while all other message - properties other than data (for example, an ordering_key, if - present) are added as entries in the attributes map. + publish_time, attributes, and ordering_key to additional columns in + the table. The subscription name, message_id, and publish_time + fields are put in their own columns while all other message + properties (other than data) are written to a JSON object in the + attributes column. + type: boolean + dropUnknownFields: type: boolean - useTopicSchema: description: >- - Optional. When true, the output Cloud Storage file will be - serialized using the topic schema, if it exists. + Optional. When true and use_topic_schema is true, any fields that + are a part of the topic schema that are not part of the BigQuery + table schema are dropped when writing to BigQuery. Otherwise, the + schemas must be kept in sync and any messages with extra fields are + not written and remain in the subscription's backlog. + table: + description: >- + Optional. The name of the table to which to write data, of the form + {projectId}.{datasetId}.{tableId} + type: string + useTableSchema: + description: >- + Optional. When true, use the BigQuery table's schema as the columns + to write to in BigQuery. `use_table_schema` and `use_topic_schema` + cannot be enabled at the same time. type: boolean - ExpirationPolicy: - id: ExpirationPolicy - description: >- - A policy that specifies the conditions for resource expiration (i.e., - automatic resource deletion). + useTopicSchema: + type: boolean + description: >- + Optional. When true, use the topic's schema as the columns to write + to in BigQuery, if it exists. `use_topic_schema` and + `use_table_schema` cannot be enabled at the same time. type: object + description: Configuration for a BigQuery subscription. + id: BigQueryConfig + Listing: + id: Listing + description: >- + A listing is what gets published into a data exchange that a subscriber + can subscribe to. It contains a reference to the data source along with + descriptive information that will help subscribers find and subscribe + the data. properties: - ttl: + requestAccess: description: >- - Optional. Specifies the "time-to-live" duration for an associated - resource. The resource expires if it is not active for a period of - `ttl`. The definition of "activity" depends on the type of the - associated resource. The minimum and maximum allowed values for - `ttl` depend on the type of the associated resource, as well. If - `ttl` is not set, the associated resource never expires. + Optional. Email or URL of the request access of the listing. + Subscribers can use this reference to request access. Max Length: + 1000 bytes. type: string - format: google-duration + name: + type: string + description: >- + Output only. The resource name of the listing. e.g. + `projects/myproject/locations/us/dataExchanges/123/listings/456` + readOnly: true + discoveryType: + enumDescriptions: + - Unspecified. Defaults to DISCOVERY_TYPE_PRIVATE. + - >- + The Data exchange/listing can be discovered in the 'Private' + results list. + - >- + The Data exchange/listing can be discovered in the 'Public' + results list. + description: Optional. Type of discovery of the listing on the discovery page. + type: string + enum: + - DISCOVERY_TYPE_UNSPECIFIED + - DISCOVERY_TYPE_PRIVATE + - DISCOVERY_TYPE_PUBLIC + dataProvider: + description: Optional. Details of the data provider who owns the source data. + $ref: '#/components/schemas/DataProvider' + allowOnlyMetadataSharing: + description: >- + Optional. If true, the listing is only available to get the resource + metadata. Listing is non subscribable. + type: boolean + description: + description: >- + Optional. Short description of the listing. The description must not + contain Unicode non-characters and C0 and C1 control codes except + tabs (HT), new lines (LF), carriage returns (CR), and page breaks + (FF). Default value is an empty string. Max length: 2000 bytes. + type: string + resourceType: + enum: + - SHARED_RESOURCE_TYPE_UNSPECIFIED + - BIGQUERY_DATASET + - PUBSUB_TOPIC + readOnly: true + enumDescriptions: + - Not specified. + - BigQuery Dataset Asset. + - Pub/Sub Topic Asset. + description: Output only. Listing shared asset type. + type: string + state: + enumDescriptions: + - Default value. This value is unused. + - >- + Subscribable state. Users with dataexchange.listings.subscribe + permission can subscribe to this listing. + type: string + description: Output only. Current state of the listing. + enum: + - STATE_UNSPECIFIED + - ACTIVE + readOnly: true + restrictedExportConfig: + $ref: '#/components/schemas/RestrictedExportConfig' + description: >- + Optional. If set, restricted export configuration will be propagated + and enforced on the linked dataset. + commercialInfo: + $ref: >- + #/components/schemas/GoogleCloudBigqueryAnalyticshubV1ListingCommercialInfo + readOnly: true + description: >- + Output only. Commercial info contains the information about the + commercial data products associated with the listing. + bigqueryDataset: + description: Shared dataset i.e. BigQuery dataset source. + $ref: '#/components/schemas/BigQueryDatasetSource' + displayName: + description: >- + Required. Human-readable display name of the listing. The display + name must contain only Unicode letters, numbers (0-9), underscores + (_), dashes (-), spaces ( ), ampersands (&) and can't start or end + with spaces. Default value is an empty string. Max length: 63 bytes. + type: string + primaryContact: + type: string + description: >- + Optional. Email or URL of the primary point of contact of the + listing. Max Length: 1000 bytes. + documentation: + type: string + description: Optional. Documentation describing the listing. + icon: + format: byte + description: >- + Optional. Base64 encoded image representing the listing. Max Size: + 3.0MiB Expected image dimensions are 512x512 pixels, however the API + only performs validation on size of the encoded data. Note: For byte + fields, the contents of the field are base64-encoded (which + increases the size of the data by 33-36%) when using JSON on the + wire. + type: string + logLinkedDatasetQueryUserEmail: + description: >- + Optional. By default, false. If true, the Listing has an email + sharing mandate enabled. + type: boolean + pubsubTopic: + $ref: '#/components/schemas/PubSubTopicSource' + description: Pub/Sub topic source. + categories: + type: array + description: >- + Optional. Categories of the listing. Up to five categories are + allowed. + items: + type: string + enum: + - CATEGORY_UNSPECIFIED + - CATEGORY_OTHERS + - CATEGORY_ADVERTISING_AND_MARKETING + - CATEGORY_COMMERCE + - CATEGORY_CLIMATE_AND_ENVIRONMENT + - CATEGORY_DEMOGRAPHICS + - CATEGORY_ECONOMICS + - CATEGORY_EDUCATION + - CATEGORY_ENERGY + - CATEGORY_FINANCIAL + - CATEGORY_GAMING + - CATEGORY_GEOSPATIAL + - CATEGORY_HEALTHCARE_AND_LIFE_SCIENCE + - CATEGORY_MEDIA + - CATEGORY_PUBLIC_SECTOR + - CATEGORY_RETAIL + - CATEGORY_SPORTS + - CATEGORY_SCIENCE_AND_RESEARCH + - CATEGORY_TRANSPORTATION_AND_LOGISTICS + - CATEGORY_TRAVEL_AND_TOURISM + - CATEGORY_GOOGLE_EARTH_ENGINE + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + storedProcedureConfig: + $ref: '#/components/schemas/StoredProcedureConfig' + description: >- + Optional. If set, stored procedure configuration will be propagated + and enforced on the linked dataset. + publisher: + description: >- + Optional. Details of the publisher who owns the listing and who can + share the source data. + $ref: '#/components/schemas/Publisher' + type: object DeadLetterPolicy: id: DeadLetterPolicy - description: >- - Dead lettering is done on a best effort basis. The same message might be - dead lettered multiple times. If validation on any of the fields fails - at subscription creation/updation, the create/update subscription - request will fail. type: object properties: deadLetterTopic: @@ -1059,6 +1342,7 @@ components: topic with no subscriptions are lost. type: string maxDeliveryAttempts: + type: integer description: >- Optional. The maximum number of delivery attempts for any message. The value must be between 5 and 100. The number of delivery attempts @@ -1068,538 +1352,229 @@ components: client libraries may automatically extend ack_deadlines. This field will be honored on a best effort basis. If this parameter is 0, a default value of 5 is used. - type: integer format: int32 - RetryPolicy: - id: RetryPolicy - description: >- - A policy that specifies how Pub/Sub retries message delivery. Retry - delay will be exponential based on provided minimum and maximum - backoffs. https://en.wikipedia.org/wiki/Exponential_backoff. RetryPolicy - will be triggered on NACKs or acknowledgement deadline exceeded events - for a given message. Retry Policy is implemented on a best effort basis. - At times, the delay between consecutive deliveries may not match the - configuration. That is, delay can be more or less than configured - backoff. - type: object - properties: - minimumBackoff: - description: >- - Optional. The minimum delay between consecutive deliveries of a - given message. Value should be between 0 and 600 seconds. Defaults - to 10 seconds. - type: string - format: google-duration - maximumBackoff: - description: >- - Optional. The maximum delay between consecutive deliveries of a - given message. Value should be between 0 and 600 seconds. Defaults - to 600 seconds. - type: string - format: google-duration - MessageTransform: - id: MessageTransform - description: All supported message transforms types. - type: object - properties: - javascriptUdf: - description: >- - Optional. JavaScript User Defined Function. If multiple - JavaScriptUDF's are specified on a resource, each must have a unique - `function_name`. - $ref: '#/components/schemas/JavaScriptUDF' - enabled: - description: >- - Optional. This field is deprecated, use the `disabled` field to - disable transforms. - deprecated: true - type: boolean - disabled: - description: >- - Optional. If true, the transform is disabled and will not be applied - to messages. Defaults to `false`. - type: boolean - JavaScriptUDF: - id: JavaScriptUDF - description: >- - User-defined JavaScript function that can transform or filter a Pub/Sub - message. - type: object - properties: - functionName: - description: >- - Required. Name of the JavasScript function that should applied to - Pub/Sub messages. - type: string - code: - description: >- - Required. JavaScript code that contains a function `function_name` - with the below signature: ``` /** * Transforms a Pub/Sub message. * - @return {(Object)>|null)} - To * filter a message, return `null`. To - transform a message return a map * with the following keys: * - - (required) 'data' : {string} * - (optional) 'attributes' : {Object} - * Returning empty `attributes` will remove all attributes from the * - message. * * @param {(Object)>} Pub/Sub * message. Keys: * - - (required) 'data' : {string} * - (required) 'attributes' : {Object} - * * @param {Object} metadata - Pub/Sub message metadata. * Keys: * - - (required) 'message_id' : {string} * - (optional) 'publish_time': - {string} YYYY-MM-DDTHH:MM:SSZ format * - (optional) 'ordering_key': - {string} */ function (message, metadata) { } ``` - type: string - SubscribeListingResponse: - id: SubscribeListingResponse - description: Message for response when you subscribe to a listing. - type: object - properties: - subscription: - description: Subscription object created from this subscribe action. - $ref: '#/components/schemas/Subscription' - Subscription: - id: Subscription description: >- - A subscription represents a subscribers' access to a particular set of - published data. It contains references to associated listings, data - exchanges, and linked datasets. - type: object - properties: - listing: - description: >- - Output only. Resource name of the source Listing. e.g. - projects/123/locations/us/dataExchanges/456/listings/789 - readOnly: true - type: string - dataExchange: - description: >- - Output only. Resource name of the source Data Exchange. e.g. - projects/123/locations/us/dataExchanges/456 - readOnly: true - type: string - name: - description: >- - Output only. The resource name of the subscription. e.g. - `projects/myproject/locations/us/subscriptions/123`. - readOnly: true - type: string - creationTime: - description: Output only. Timestamp when the subscription was created. - readOnly: true - type: string - format: google-datetime - lastModifyTime: - description: Output only. Timestamp when the subscription was last modified. - readOnly: true - type: string - format: google-datetime - organizationId: - description: >- - Output only. Organization of the project this subscription belongs - to. - readOnly: true - type: string - organizationDisplayName: - description: Output only. Display name of the project of this subscription. - readOnly: true - type: string - state: - description: Output only. Current state of the subscription. - readOnly: true - type: string - enumDescriptions: - - Default value. This value is unused. - - This subscription is active and the data is accessible. - - >- - The data referenced by this subscription is out of date and should - be refreshed. This can happen when a data provider adds or removes - datasets. - - >- - This subscription has been cancelled or revoked and the data is no - longer accessible. - enum: - - STATE_UNSPECIFIED - - STATE_ACTIVE - - STATE_STALE - - STATE_INACTIVE - linkedDatasetMap: - description: >- - Output only. Map of listing resource names to associated linked - resource, e.g. - projects/123/locations/us/dataExchanges/456/listings/789 -> - projects/123/datasets/my_dataset For listing-level subscriptions, - this is a map of size 1. Only contains values if state == - STATE_ACTIVE. - readOnly: true - type: object - additionalProperties: - $ref: '#/components/schemas/LinkedResource' - subscriberContact: - description: Output only. Email of the subscriber. - readOnly: true - type: string - linkedResources: - description: >- - Output only. Linked resources created in the subscription. Only - contains values if state = STATE_ACTIVE. - readOnly: true - type: array - items: - $ref: '#/components/schemas/LinkedResource' - resourceType: - description: Output only. Listing shared asset type. - readOnly: true - type: string - enumDescriptions: - - Not specified. - - BigQuery Dataset Asset. - - Pub/Sub Topic Asset. - enum: - - SHARED_RESOURCE_TYPE_UNSPECIFIED - - BIGQUERY_DATASET - - PUBSUB_TOPIC - commercialInfo: - description: >- - Output only. This is set if this is a commercial subscription i.e. - if this subscription was created from subscribing to a commercial - listing. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudBigqueryAnalyticshubV1SubscriptionCommercialInfo - logLinkedDatasetQueryUserEmail: - description: >- - Output only. By default, false. If true, the Subscriber agreed to - the email sharing mandate that is enabled for DataExchange/Listing. - readOnly: true - type: boolean - destinationDataset: - description: Optional. BigQuery destination dataset to create for the subscriber. - $ref: '#/components/schemas/DestinationDataset' - LinkedResource: - id: LinkedResource - description: Reference to a linked resource tracked by this Subscription. - type: object - properties: - linkedDataset: - description: >- - Output only. Name of the linked dataset, e.g. - projects/subscriberproject/datasets/linked_dataset - readOnly: true - type: string - linkedPubsubSubscription: - description: >- - Output only. Name of the Pub/Sub subscription, e.g. - projects/subscriberproject/subscriptions/subscriptions/sub_id - readOnly: true - type: string - listing: - description: Output only. Listing for which linked resource is created. - readOnly: true - type: string - GoogleCloudBigqueryAnalyticshubV1SubscriptionCommercialInfo: - id: GoogleCloudBigqueryAnalyticshubV1SubscriptionCommercialInfo - description: Commercial info metadata for this subscription. - type: object - properties: - cloudMarketplace: - description: >- - Output only. This is set when the subscription is commercialised via - Cloud Marketplace. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudBigqueryAnalyticshubV1SubscriptionCommercialInfoGoogleCloudMarketplaceInfo - GoogleCloudBigqueryAnalyticshubV1SubscriptionCommercialInfoGoogleCloudMarketplaceInfo: - id: >- - GoogleCloudBigqueryAnalyticshubV1SubscriptionCommercialInfoGoogleCloudMarketplaceInfo - description: Cloud Marketplace commercial metadata for this subscription. + Dead lettering is done on a best effort basis. The same message might be + dead lettered multiple times. If validation on any of the fields fails + at subscription creation/updation, the create/update subscription + request will fail. + SubscribeDataExchangeResponse: + description: Message for response when you subscribe to a Data Exchange. + id: SubscribeDataExchangeResponse type: object properties: - order: - description: Resource name of the Marketplace Order. - type: string - SubscribeDataExchangeRequest: - id: SubscribeDataExchangeRequest - description: Message for subscribing to a Data Exchange. - type: object + subscription: + description: Subscription object created from this subscribe action. + $ref: '#/components/schemas/Subscription' + SelectedResource: properties: - destination: + table: description: >- - Required. The parent resource path of the Subscription. e.g. - `projects/subscriberproject/locations/us` + Optional. Format: For table: + `projects/{projectId}/datasets/{datasetId}/tables/{tableId}` + Example:"projects/test_project/datasets/test_dataset/tables/test_table" type: string - destinationDataset: - description: Optional. BigQuery destination dataset to create for the subscriber. - $ref: '#/components/schemas/DestinationDataset' - subscription: - description: Required. Name of the subscription to create. e.g. `subscription1` + routine: + description: >- + Optional. Format: For routine: + `projects/{projectId}/datasets/{datasetId}/routines/{routineId}` + Example:"projects/test_project/datasets/test_dataset/routines/test_routine" type: string - subscriberContact: - description: Email of the subscriber. + description: Resource in this dataset that is selectively shared. + type: object + id: SelectedResource + DestinationDatasetReference: + type: object + properties: + datasetId: type: string - Operation: - id: Operation + description: >- + Required. A unique ID for this dataset, without the project name. + The ID must contain only letters (a-z, A-Z), numbers (0-9), or + underscores (_). The maximum length is 1,024 characters. + projectId: + description: Required. The ID of the project containing this dataset. + type: string + id: DestinationDatasetReference + Expr: description: >- - This resource represents a long-running operation that is the result of - a network API call. + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. type: object + id: Expr properties: - name: + location: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + expression: description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + Textual representation of an expression in Common Expression + Language syntax. + type: string + title: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + type: string + description: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + JavaScriptUDF: description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object + User-defined JavaScript function that can transform or filter a Pub/Sub + message. properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + functionName: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + Required. Name of the JavasScript function that should applied to + Pub/Sub messages. type: string - details: + code: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - RefreshSubscriptionRequest: - id: RefreshSubscriptionRequest - description: Message for refreshing a subscription. - type: object - properties: {} - ListSubscriptionsResponse: - id: ListSubscriptionsResponse - description: Message for response to the listing of subscriptions. + Required. JavaScript code that contains a function `function_name` + with the below signature: ``` /** * Transforms a Pub/Sub message. * + @return {(Object)>|null)} - To * filter a message, return `null`. To + transform a message return a map * with the following keys: * - + (required) 'data' : {string} * - (optional) 'attributes' : {Object} + * Returning empty `attributes` will remove all attributes from the * + message. * * @param {(Object)>} Pub/Sub * message. Keys: * - + (required) 'data' : {string} * - (required) 'attributes' : {Object} + * * @param {Object} metadata - Pub/Sub message metadata. * Keys: * - + (required) 'message_id' : {string} * - (optional) 'publish_time': + {string} YYYY-MM-DDTHH:MM:SSZ format * - (optional) 'ordering_key': + {string} */ function (message, metadata) { } ``` + type: string type: object + id: JavaScriptUDF + ListListingsResponse: + description: Message for response to the list of Listings. + id: ListListingsResponse properties: - subscriptions: - description: The list of subscriptions. + listings: + description: The list of Listing. type: array items: - $ref: '#/components/schemas/Subscription' + $ref: '#/components/schemas/Listing' nextPageToken: - description: Next page token. type: string - ListSharedResourceSubscriptionsResponse: - id: ListSharedResourceSubscriptionsResponse - description: Message for response to the listing of shared resource subscriptions. + description: A token to request the next page of results. type: object + RestrictedExportConfig: properties: - sharedResourceSubscriptions: - description: The list of subscriptions. + enabled: + description: Optional. If true, enable restricted export. + type: boolean + restrictDirectTableAccess: + type: boolean + readOnly: true + description: >- + Output only. If true, restrict direct table access(read + api/tabledata.list) on linked table. + restrictQueryResult: + description: >- + Optional. If true, restrict export of query result derived from + restricted linked dataset table. + type: boolean + id: RestrictedExportConfig + description: >- + Restricted export config, used to configure restricted export on linked + dataset. + type: object + PubSubTopicSource: + description: Pub/Sub topic source. + type: object + id: PubSubTopicSource + properties: + topic: + description: >- + Required. Resource name of the Pub/Sub topic source for this + listing. e.g. projects/myproject/topics/topicId + type: string + dataAffinityRegions: type: array + description: >- + Optional. Region hint on where the data might be published. Data + affinity regions are modifiable. See + https://cloud.google.com/about/locations for full listing of + possible Cloud regions. items: - $ref: '#/components/schemas/Subscription' - nextPageToken: - description: Next page token. + type: string + OperationMetadata: + id: OperationMetadata + type: object + description: Represents the metadata of a long-running operation in Analytics Hub. + properties: + statusMessage: + type: string + readOnly: true + description: Output only. Human-readable status of the operation, if any. + verb: + readOnly: true + type: string + description: Output only. Name of the verb executed by the operation. + endTime: + format: google-datetime + type: string + readOnly: true + description: Output only. The time the operation finished running. + target: + description: >- + Output only. Server-defined resource path for the target of the + operation. type: string - RevokeSubscriptionRequest: - id: RevokeSubscriptionRequest - description: Message for revoking a subscription. - type: object - properties: - revokeCommercial: + readOnly: true + apiVersion: + readOnly: true + description: Output only. API version used to start the operation. + type: string + requestedCancellation: description: >- - Optional. If the subscription is commercial then this field must be - set to true, otherwise a failure is thrown. This acts as a safety - guard to avoid revoking commercial subscriptions accidentally. + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. type: boolean - RevokeSubscriptionResponse: - id: RevokeSubscriptionResponse - description: Message for response when you revoke a subscription. Empty for now. - type: object - properties: {} + readOnly: true + createTime: + description: Output only. The time the operation was created. + readOnly: true + format: google-datetime + type: string GetIamPolicyRequest: - id: GetIamPolicyRequest - description: Request message for `GetIamPolicy` method. type: object + description: Request message for `GetIamPolicy` method. properties: options: description: >- OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`. $ref: '#/components/schemas/GetPolicyOptions' - GetPolicyOptions: - id: GetPolicyOptions - description: Encapsulates settings provided to GetIamPolicy. - type: object - properties: - requestedPolicyVersion: - description: >- - Optional. The maximum policy version that will be used to format the - policy. Valid values are 0, 1, and 3. Requests specifying an invalid - value will be rejected. Requests for policies with any conditional - role bindings must specify version 3. Policies with no conditional - role bindings may specify any valid value or leave the field unset. - The policy in the response might use the policy version that you - specified, or it might use a lower policy version. For example, if - you specify version 3, but the policy has no conditional role - bindings, the response uses version 1. To learn which resources - support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). - type: object - properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: - description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. - type: array - items: - $ref: '#/components/schemas/AuditConfig' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte + id: GetIamPolicyRequest Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. - type: object properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string members: + type: array + items: + type: string description: >- Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A @@ -1659,10 +1634,17 @@ components: `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string + role: + type: string + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). condition: + $ref: '#/components/schemas/Expr' description: >- The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current @@ -1672,331 +1654,452 @@ components: in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + description: Associates `members`, or principals, with a `role`. type: object + id: Binding + GooglePubsubV1Subscription: + id: GooglePubsubV1Subscription + description: >- + Defines the destination Pub/Sub subscription. If none of `push_config`, + `bigquery_config`, `cloud_storage_config`, `pubsub_export_config`, or + `pubsublite_export_config` is set, then the subscriber will pull and ack + messages using API methods. At most one of these fields may be set. properties: - expression: + tags: + additionalProperties: + type: string + type: object + description: >- + Optional. Input only. Immutable. Tag keys/values directly bound to + this resource. For example: "123/environment": "production", + "123/costCenter": "marketing" + messageRetentionDuration: + format: google-duration + description: >- + Optional. How long to retain unacknowledged messages in the + subscription's backlog, from the moment a message is published. If + `retain_acked_messages` is true, then this also configures the + retention of acknowledged messages, and thus configures how far back + in time a `Seek` can be done. Defaults to 7 days. Cannot be more + than 31 days or less than 10 minutes. + type: string + enableMessageOrdering: + description: >- + Optional. If true, messages published with the same `ordering_key` + in `PubsubMessage` will be delivered to the subscribers in the order + in which they are received by the Pub/Sub system. Otherwise, they + may be delivered in any order. + type: boolean + expirationPolicy: + description: >- + Optional. A policy that specifies the conditions for this + subscription's expiration. A subscription is considered active as + long as any connected subscriber is successfully consuming messages + from the subscription or is issuing operations on the subscription. + If `expiration_policy` is not set, a *default policy* with `ttl` of + 31 days will be used. The minimum allowed value for + `expiration_policy.ttl` is 1 day. If `expiration_policy` is set, but + `expiration_policy.ttl` is not set, the subscription never expires. + $ref: '#/components/schemas/ExpirationPolicy' + retryPolicy: + $ref: '#/components/schemas/RetryPolicy' + description: >- + Optional. A policy that specifies how Pub/Sub retries message + delivery for this subscription. If not set, the default retry policy + is applied. This generally implies that messages will be retried as + soon as possible for healthy subscribers. RetryPolicy will be + triggered on NACKs or acknowledgement deadline exceeded events for a + given message. + ackDeadlineSeconds: + type: integer + description: >- + Optional. The approximate amount of time (on a best-effort basis) + Pub/Sub waits for the subscriber to acknowledge receipt before + resending the message. In the interval after the message is + delivered and before it is acknowledged, it is considered to be + _outstanding_. During that time period, the message will not be + redelivered (on a best-effort basis). For pull subscriptions, this + value is used as the initial value for the ack deadline. To override + this value for a given message, call `ModifyAckDeadline` with the + corresponding `ack_id` if using non-streaming pull or send the + `ack_id` in a `StreamingModifyAckDeadlineRequest` if using streaming + pull. The minimum custom deadline you can specify is 10 seconds. The + maximum custom deadline you can specify is 600 seconds (10 minutes). + If this parameter is 0, a default value of 10 seconds is used. For + push delivery, this value is also used to set the request timeout + for the call to the push endpoint. If the subscriber never + acknowledges the message, the Pub/Sub system will eventually + redeliver the message. + format: int32 + labels: description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string - title: + Optional. See [Creating and managing + labels](https://cloud.google.com/pubsub/docs/labels). + additionalProperties: + type: string + type: object + bigqueryConfig: + $ref: '#/components/schemas/BigQueryConfig' description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. - type: string - description: + Optional. If delivery to BigQuery is used with this subscription, + this field is used to configure it. + deadLetterPolicy: + $ref: '#/components/schemas/DeadLetterPolicy' description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: + Optional. A policy that specifies the conditions for dead lettering + messages in this subscription. If dead_letter_policy is not set, + dead lettering is disabled. The Pub/Sub service account associated + with this subscriptions's parent project (i.e., + service-{project_number}@gcp-sa-pubsub.iam.gserviceaccount.com) must + have permission to Acknowledge() messages on this subscription. + cloudStorageConfig: + $ref: '#/components/schemas/CloudStorageConfig' description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - AuditConfig: - id: AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. - type: object - properties: - service: + Optional. If delivery to Google Cloud Storage is used with this + subscription, this field is used to configure it. + detached: + type: boolean description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. + Optional. Indicates whether the subscription is detached from its + topic. Detached subscriptions don't receive messages from their + topic and don't retain any backlog. `Pull` and `StreamingPull` + requests will return FAILED_PRECONDITION. If the subscription is a + push subscription, pushes to the endpoint will not be made. + retainAckedMessages: + type: boolean + description: >- + Optional. Indicates whether to retain acknowledged messages. If + true, then messages are not expunged from the subscription's + backlog, even if they are acknowledged, until they fall out of the + `message_retention_duration` window. This must be true if you would + like to [`Seek` to a timestamp] + (https://cloud.google.com/pubsub/docs/replay-overview#seek_to_a_time) + in the past to replay previously-acknowledged messages. + enableExactlyOnceDelivery: + type: boolean + description: >- + Optional. If true, Pub/Sub provides the following guarantees for the + delivery of a message with a given value of `message_id` on this + subscription: * The message sent to a subscriber is guaranteed not + to be resent before the message's acknowledgement deadline expires. + * An acknowledged message will not be resent to a subscriber. Note + that subscribers may still receive multiple copies of a message when + `enable_exactly_once_delivery` is true if the message was published + multiple times by a publisher client. These copies are considered + distinct by Pub/Sub and have distinct `message_id` values. + messageTransforms: + description: >- + Optional. Transforms to be applied to messages before they are + delivered to subscribers. Transforms are applied in the order + specified. type: array items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. + $ref: '#/components/schemas/MessageTransform' + name: + description: >- + Required. Name of the subscription. Format is + `projects/{project}/subscriptions/{sub}`. + type: string + filter: + type: string + description: >- + Optional. An expression written in the Pub/Sub [filter + language](https://cloud.google.com/pubsub/docs/filtering). If + non-empty, then only `PubsubMessage`s whose `attributes` field + matches the filter are delivered on this subscription. If empty, + then no messages are filtered out. + pushConfig: + description: >- + Optional. If push delivery is used with this subscription, this + field is used to configure it. + $ref: '#/components/schemas/PushConfig' type: object + Replica: properties: - logType: - description: The log type that this config enables. + primaryState: + description: Output only. Indicates that this replica is the primary replica. type: string enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' + - Default value. This value is unused. + - The replica is the primary replica. enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: - description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: - type: string - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: + - PRIMARY_STATE_UNSPECIFIED + - PRIMARY_REPLICA + readOnly: true + replicaState: + readOnly: true + enumDescriptions: + - Default value. This value is unused. + - The replica is backfilled and ready to use. + - >- + The replica is unavailable, does not exist, or has not been + backfilled yet. description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` + Output only. Assigned by Analytics Hub based on real BigQuery + replication state. type: string - format: google-fieldmask - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: + enum: + - REPLICA_STATE_UNSPECIFIED + - READY_TO_USE + - UNAVAILABLE + location: description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. + Output only. The geographic location where the replica resides. See + [BigQuery + locations](https://cloud.google.com/bigquery/docs/locations) for + supported locations. Eg. "us-central1". + type: string + readOnly: true + id: Replica type: object - properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - QueryTemplate: - id: QueryTemplate description: >- - A query template is a container for sharing table-valued functions - defined by contributors in a data clean room. - type: object + Represents the state of a replica of a shared dataset. It includes the + geographic location of the replica and system-computed, output-only + fields indicating its replication state and whether it is the primary + replica. + DataExchange: properties: - name: - description: >- - Output only. The resource name of the QueryTemplate. e.g. - `projects/myproject/locations/us/dataExchanges/123/queryTemplates/456` - readOnly: true + description: type: string + description: >- + Optional. Description of the data exchange. The description must not + contain Unicode non-characters as well as C0 and C1 control codes + except tabs (HT), new lines (LF), carriage returns (CR), and page + breaks (FF). Default value is an empty string. Max length: 2000 + bytes. displayName: description: >- - Required. Human-readable display name of the QueryTemplate. The + Required. Human-readable display name of the data exchange. The display name must contain only Unicode letters, numbers (0-9), - underscores (_), dashes (-), spaces ( ), ampersands (&) and can't + underscores (_), dashes (-), spaces ( ), ampersands (&) and must not start or end with spaces. Default value is an empty string. Max length: 63 bytes. type: string - description: + icon: + format: byte + description: >- + Optional. Base64 encoded image representing the data exchange. Max + Size: 3.0MiB Expected image dimensions are 512x512 pixels, however + the API only performs validation on size of the encoded data. Note: + For byte fields, the content of the fields are base64-encoded (which + increases the size of the data by 33-36%) when using JSON on the + wire. + type: string + listingCount: + type: integer + format: int32 + readOnly: true + description: Output only. Number of listings contained in the data exchange. + sharingEnvironmentConfig: + $ref: '#/components/schemas/SharingEnvironmentConfig' + description: >- + Optional. Configurable data sharing environment option for a data + exchange. + name: + readOnly: true description: >- - Optional. Short description of the QueryTemplate. The description - must not contain Unicode non-characters and C0 and C1 control codes - except tabs (HT), new lines (LF), carriage returns (CR), and page - breaks (FF). Default value is an empty string. Max length: 2000 - bytes. + Output only. The resource name of the data exchange. e.g. + `projects/myproject/locations/us/dataExchanges/123`. type: string - proposer: + logLinkedDatasetQueryUserEmail: + type: boolean description: >- - Optional. Will be deprecated. Email or URL of the primary point of - contact of the QueryTemplate. Max Length: 1000 bytes. + Optional. By default, false. If true, the DataExchange has an email + sharing mandate enabled. + discoveryType: type: string + enum: + - DISCOVERY_TYPE_UNSPECIFIED + - DISCOVERY_TYPE_PRIVATE + - DISCOVERY_TYPE_PUBLIC + description: >- + Optional. Type of discovery on the discovery page for all the + listings under this exchange. Updating this field also updates + (overwrites) the discovery_type field for all the listings under + this exchange. + enumDescriptions: + - Unspecified. Defaults to DISCOVERY_TYPE_PRIVATE. + - >- + The Data exchange/listing can be discovered in the 'Private' + results list. + - >- + The Data exchange/listing can be discovered in the 'Public' + results list. primaryContact: description: >- - Optional. Email or URL of the primary point of contact of the - QueryTemplate. Max Length: 1000 bytes. + Optional. Email or URL of the primary point of contact of the data + exchange. Max Length: 1000 bytes. type: string documentation: - description: Optional. Documentation describing the QueryTemplate. - type: string - state: - description: Output only. The QueryTemplate lifecycle state. - readOnly: true - type: string - enumDescriptions: - - Default value. This value is unused. - - The QueryTemplate is in draft state. - - The QueryTemplate is in pending state. - - The QueryTemplate is in deleted state. - - The QueryTemplate is in approved state. - enum: - - STATE_UNSPECIFIED - - DRAFTED - - PENDING - - DELETED - - APPROVED - routine: - description: Optional. The routine associated with the QueryTemplate. - $ref: '#/components/schemas/Routine' - createTime: - description: Output only. Timestamp when the QueryTemplate was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when the QueryTemplate was last modified. - readOnly: true + description: Optional. Documentation describing the data exchange. type: string - format: google-datetime - Routine: - id: Routine - description: Represents a bigquery routine. + id: DataExchange + description: >- + A data exchange is a container that lets you share data. Along with the + descriptive information about the data exchange, it contains listings + that reference shared datasets. type: object - properties: - routineType: - description: Required. The type of routine. - type: string - enumDescriptions: - - Default value. - - Non-built-in persistent TVF. - enum: - - ROUTINE_TYPE_UNSPECIFIED - - TABLE_VALUED_FUNCTION - definitionBody: - description: Optional. The definition body of the routine. - type: string - ListQueryTemplatesResponse: - id: ListQueryTemplatesResponse - description: Message for response to the list of QueryTemplates. + SharingEnvironmentConfig: type: object properties: - queryTemplates: - description: The list of QueryTemplates. - type: array - items: - $ref: '#/components/schemas/QueryTemplate' - nextPageToken: - description: A token to request the next page of results. + dcrExchangeConfig: + description: >- + Data Clean Room (DCR), used for privacy-safe and secured data + sharing. + $ref: '#/components/schemas/DcrExchangeConfig' + defaultExchangeConfig: + $ref: '#/components/schemas/DefaultExchangeConfig' + description: Default Analytics Hub data exchange, used for secured data sharing. + description: >- + Sharing environment is a behavior model for sharing data within a data + exchange. This option is configurable for a data exchange. + id: SharingEnvironmentConfig + Operation: + description: >- + This resource represents a long-running operation that is the result of + a network API call. + id: Operation + properties: + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string - SubmitQueryTemplateRequest: - id: SubmitQueryTemplateRequest - description: Message for submitting a QueryTemplate. + response: + type: object + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + metadata: + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' type: object - properties: {} - ApproveQueryTemplateRequest: - id: ApproveQueryTemplateRequest - description: Message for approving a QueryTemplate. + RevokeSubscriptionResponse: + id: RevokeSubscriptionResponse type: object properties: {} - SubscribeDataExchangeResponse: - id: SubscribeDataExchangeResponse - description: Message for response when you subscribe to a Data Exchange. + description: Message for response when you revoke a subscription. Empty for now. + SubscribeListingResponse: + description: Message for response when you subscribe to a listing. type: object + id: SubscribeListingResponse properties: subscription: description: Subscription object created from this subscribe action. $ref: '#/components/schemas/Subscription' RefreshSubscriptionResponse: + type: object id: RefreshSubscriptionResponse description: Message for response when you refresh a subscription. - type: object properties: subscription: - description: The refreshed subscription resource. $ref: '#/components/schemas/Subscription' - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of a long-running operation in Analytics Hub. - type: object + description: The refreshed subscription resource. + RetryPolicy: properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + minimumBackoff: type: string - format: google-datetime - target: description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true + Optional. The minimum delay between consecutive deliveries of a + given message. Value should be between 0 and 600 seconds. Defaults + to 10 seconds. + format: google-duration + maximumBackoff: + format: google-duration type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true + description: >- + Optional. The maximum delay between consecutive deliveries of a + given message. Value should be between 0 and 600 seconds. Defaults + to 600 seconds. + id: RetryPolicy + type: object + description: >- + A policy that specifies how Pub/Sub retries message delivery. Retry + delay will be exponential based on provided minimum and maximum + backoffs. https://en.wikipedia.org/wiki/Exponential_backoff. RetryPolicy + will be triggered on NACKs or acknowledgement deadline exceeded events + for a given message. Retry Policy is implemented on a best effort basis. + At times, the delay between consecutive deliveries may not match the + configuration. That is, delay can be more or less than configured + backoff. + TextConfig: + id: TextConfig + properties: {} + description: >- + Configuration for writing message data in text format. Message payloads + will be written to files as raw text, separated by a newline. + type: object + DataProvider: + description: Contains details of the data provider. + type: object + properties: + name: type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true + description: Optional. Name of the data provider. + primaryContact: + description: 'Optional. Email or URL of the data provider. Max Length: 1000 bytes.' type: string - requestedCancellation: - description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + id: DataProvider + TestIamPermissionsResponse: + type: object + properties: + permissions: + items: + type: string + type: array + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + id: TestIamPermissionsResponse + description: Response message for `TestIamPermissions` method. + ListSharedResourceSubscriptionsResponse: + type: object + properties: + sharedResourceSubscriptions: + description: The list of subscriptions. + type: array + items: + $ref: '#/components/schemas/Subscription' + nextPageToken: type: string + description: Next page token. + id: ListSharedResourceSubscriptionsResponse + description: Message for response to the listing of shared resource subscriptions. parameters: - access_token: - description: OAuth access token. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: access_token + name: upload_protocol schema: type: string alt: @@ -2009,16 +2112,16 @@ components: - json - media - proto - callback: - description: JSONP + access_token: + description: OAuth access token. in: query - name: callback + name: access_token schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: fields + name: oauth_token schema: type: string key: @@ -2030,18 +2133,18 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + callback: + description: JSONP in: query - name: oauth_token + name: callback schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: prettyPrint + name: fields schema: - type: boolean + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -2051,18 +2154,12 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: uploadType + name: prettyPrint schema: - type: string + type: boolean _.xgafv: description: V1 error format. in: query @@ -2072,180 +2169,137 @@ components: enum: - '1' - '2' + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string x-stackQL-resources: - data_exchanges: - id: google.analyticshub.data_exchanges - name: data_exchanges - title: Data_exchanges + subscriptions_iam_policies: + id: google.analyticshub.subscriptions_iam_policies + name: subscriptions_iam_policies + title: Subscriptions_iam_policies methods: - projects_locations_data_exchanges_list: + projects_locations_subscriptions_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1subscriptions~1{subscriptionsId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.dataExchanges - projects_locations_data_exchanges_create: + objectKey: $.bindings + projects_locations_subscriptions_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1subscriptions~1{subscriptionsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_exchanges_get: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/subscriptions_iam_policies/methods/projects_locations_subscriptions_get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/subscriptions_iam_policies/methods/projects_locations_subscriptions_set_iam_policy + delete: [] + subscriptions: + id: google.analyticshub.subscriptions + name: subscriptions + title: Subscriptions + methods: + projects_locations_subscriptions_refresh: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1subscriptions~1{subscriptionsId}:refresh/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_exchanges_patch: + projects_locations_subscriptions_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1subscriptions~1{subscriptionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_exchanges_delete: + projects_locations_subscriptions_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1subscriptions~1{subscriptionsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_exchanges_subscribe: + projects_locations_subscriptions_revoke: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}:subscribe/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1subscriptions~1{subscriptionsId}:revoke/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_data_exchanges_list: + projects_locations_subscriptions_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1dataExchanges/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1subscriptions/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.dataExchanges + objectKey: $.subscriptions sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/data_exchanges/methods/projects_locations_data_exchanges_get - - $ref: >- - #/components/x-stackQL-resources/data_exchanges/methods/projects_locations_data_exchanges_list - - $ref: >- - #/components/x-stackQL-resources/data_exchanges/methods/organizations_locations_data_exchanges_list - insert: - - $ref: >- - #/components/x-stackQL-resources/data_exchanges/methods/projects_locations_data_exchanges_create - update: - - $ref: >- - #/components/x-stackQL-resources/data_exchanges/methods/projects_locations_data_exchanges_patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/data_exchanges/methods/projects_locations_data_exchanges_delete - data_exchanges_subscriptions: - id: google.analyticshub.data_exchanges_subscriptions - name: data_exchanges_subscriptions - title: Data_exchanges_subscriptions - methods: - projects_locations_data_exchanges_list_subscriptions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}:listSubscriptions/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.sharedResourceSubscriptions - sqlVerbs: - select: + #/components/x-stackQL-resources/subscriptions/methods/projects_locations_subscriptions_get - $ref: >- - #/components/x-stackQL-resources/data_exchanges_subscriptions/methods/projects_locations_data_exchanges_list_subscriptions + #/components/x-stackQL-resources/subscriptions/methods/projects_locations_subscriptions_list insert: [] update: [] replace: [] - delete: [] - data_exchanges_iam_policies: - id: google.analyticshub.data_exchanges_iam_policies - name: data_exchanges_iam_policies - title: Data_exchanges_iam_policies - methods: - projects_locations_data_exchanges_get_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}:getIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_data_exchanges_set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_data_exchanges_test_iam_permissions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/data_exchanges_iam_policies/methods/projects_locations_data_exchanges_get_iam_policy - insert: [] - update: [] - replace: + delete: - $ref: >- - #/components/x-stackQL-resources/data_exchanges_iam_policies/methods/projects_locations_data_exchanges_set_iam_policy - delete: [] + #/components/x-stackQL-resources/subscriptions/methods/projects_locations_subscriptions_delete listings: id: google.analyticshub.listings name: listings title: Listings methods: - projects_locations_data_exchanges_listings_list: + projects_locations_data_exchanges_listings_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1listings/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1listings~1{listingsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.listings - projects_locations_data_exchanges_listings_create: + projects_locations_data_exchanges_listings_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1listings/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1listings~1{listingsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_exchanges_listings_get: + projects_locations_data_exchanges_listings_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1listings~1{listingsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1listings~1{listingsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_exchanges_listings_patch: + projects_locations_data_exchanges_listings_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1listings~1{listingsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1listings/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_exchanges_listings_delete: + projects_locations_data_exchanges_listings_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1listings~1{listingsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1listings/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.listings projects_locations_data_exchanges_listings_subscribe: operation: $ref: >- @@ -2295,25 +2349,25 @@ components: name: listings_iam_policies title: Listings_iam_policies methods: - projects_locations_data_exchanges_listings_get_iam_policy: + projects_locations_data_exchanges_listings_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1listings~1{listingsId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1listings~1{listingsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_data_exchanges_listings_set_iam_policy: + projects_locations_data_exchanges_listings_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1listings~1{listingsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1listings~1{listingsId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_exchanges_listings_test_iam_permissions: + objectKey: $.bindings + projects_locations_data_exchanges_listings_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1listings~1{listingsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1listings~1{listingsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' @@ -2332,49 +2386,49 @@ components: name: query_templates title: Query_templates methods: - projects_locations_data_exchanges_query_templates_create: + projects_locations_data_exchanges_query_templates_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1queryTemplates/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1queryTemplates~1{queryTemplatesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_exchanges_query_templates_list: + projects_locations_data_exchanges_query_templates_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1queryTemplates/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1queryTemplates~1{queryTemplatesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.queryTemplates - projects_locations_data_exchanges_query_templates_get: + projects_locations_data_exchanges_query_templates_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1queryTemplates~1{queryTemplatesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1queryTemplates~1{queryTemplatesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_exchanges_query_templates_patch: + projects_locations_data_exchanges_query_templates_submit: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1queryTemplates~1{queryTemplatesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1queryTemplates~1{queryTemplatesId}:submit/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_exchanges_query_templates_delete: + projects_locations_data_exchanges_query_templates_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1queryTemplates~1{queryTemplatesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1queryTemplates/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_exchanges_query_templates_submit: + projects_locations_data_exchanges_query_templates_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1queryTemplates~1{queryTemplatesId}:submit/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}~1queryTemplates/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.queryTemplates projects_locations_data_exchanges_query_templates_approve: operation: $ref: >- @@ -2398,106 +2452,160 @@ components: delete: - $ref: >- #/components/x-stackQL-resources/query_templates/methods/projects_locations_data_exchanges_query_templates_delete - subscriptions: - id: google.analyticshub.subscriptions - name: subscriptions - title: Subscriptions + data_exchanges: + id: google.analyticshub.data_exchanges + name: data_exchanges + title: Data_exchanges methods: - projects_locations_subscriptions_refresh: + projects_locations_data_exchanges_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1subscriptions~1{subscriptionsId}:refresh/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_subscriptions_get: + projects_locations_data_exchanges_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1subscriptions~1{subscriptionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_subscriptions_delete: + projects_locations_data_exchanges_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1subscriptions~1{subscriptionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_subscriptions_list: + projects_locations_data_exchanges_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1subscriptions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.subscriptions - projects_locations_subscriptions_revoke: + objectKey: $.dataExchanges + projects_locations_data_exchanges_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1subscriptions~1{subscriptionsId}:revoke/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_exchanges_subscribe: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}:subscribe/post + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_locations_data_exchanges_list: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1dataExchanges/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.dataExchanges sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/subscriptions/methods/projects_locations_subscriptions_get + #/components/x-stackQL-resources/data_exchanges/methods/projects_locations_data_exchanges_get - $ref: >- - #/components/x-stackQL-resources/subscriptions/methods/projects_locations_subscriptions_list - insert: [] - update: [] + #/components/x-stackQL-resources/data_exchanges/methods/projects_locations_data_exchanges_list + - $ref: >- + #/components/x-stackQL-resources/data_exchanges/methods/organizations_locations_data_exchanges_list + insert: + - $ref: >- + #/components/x-stackQL-resources/data_exchanges/methods/projects_locations_data_exchanges_create + update: + - $ref: >- + #/components/x-stackQL-resources/data_exchanges/methods/projects_locations_data_exchanges_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/subscriptions/methods/projects_locations_subscriptions_delete - subscriptions_iam_policies: - id: google.analyticshub.subscriptions_iam_policies - name: subscriptions_iam_policies - title: Subscriptions_iam_policies + #/components/x-stackQL-resources/data_exchanges/methods/projects_locations_data_exchanges_delete + data_exchanges_iam_policies: + id: google.analyticshub.data_exchanges_iam_policies + name: data_exchanges_iam_policies + title: Data_exchanges_iam_policies methods: - projects_locations_subscriptions_get_iam_policy: + projects_locations_data_exchanges_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1subscriptions~1{subscriptionsId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_exchanges_get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - projects_locations_subscriptions_set_iam_policy: + projects_locations_data_exchanges_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1subscriptions~1{subscriptionsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/subscriptions_iam_policies/methods/projects_locations_subscriptions_get_iam_policy + #/components/x-stackQL-resources/data_exchanges_iam_policies/methods/projects_locations_data_exchanges_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/subscriptions_iam_policies/methods/projects_locations_subscriptions_set_iam_policy + #/components/x-stackQL-resources/data_exchanges_iam_policies/methods/projects_locations_data_exchanges_set_iam_policy + delete: [] + data_exchanges_subscriptions: + id: google.analyticshub.data_exchanges_subscriptions + name: data_exchanges_subscriptions + title: Data_exchanges_subscriptions + methods: + projects_locations_data_exchanges_list_subscriptions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataExchanges~1{dataExchangesId}:listSubscriptions/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.sharedResourceSubscriptions + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/data_exchanges_subscriptions/methods/projects_locations_data_exchanges_list_subscriptions + insert: [] + update: [] + replace: [] delete: [] paths: - /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges: + /v1/projects/{projectsId}/locations/{locationsId}/subscriptions/{subscriptionsId}:getIamPolicy: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/_.xgafv' - get: - description: Lists all data exchanges in a given project and location. - operationId: analyticshub.projects.locations.dataExchanges.list + - $ref: '#/components/parameters/uploadType' + post: + description: Gets the IAM policy. + operationId: analyticshub.projects.locations.subscriptions.getIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2513,7 +2621,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDataExchangesResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2525,23 +2633,21 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: subscriptionsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/subscriptions/{subscriptionsId}:setIamPolicy: + parameters: *ref_1 post: - description: Creates a new data exchange. - operationId: analyticshub.projects.locations.dataExchanges.create + description: Sets the IAM policy. + operationId: analyticshub.projects.locations.subscriptions.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/DataExchange' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2557,7 +2663,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DataExchange' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2569,15 +2675,24 @@ paths: required: true schema: type: string - - in: query - name: dataExchangeId + - in: path + name: subscriptionsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}: + /v1/projects/{projectsId}/locations/{locationsId}/subscriptions/{subscriptionsId}:refresh: parameters: *ref_1 - get: - description: Gets the details of a data exchange. - operationId: analyticshub.projects.locations.dataExchanges.get + post: + description: >- + Refreshes a Subscription to a Data Exchange. A Data Exchange can become + stale when a publisher adds or removes data. This is a long-running + operation as it may create many linked datasets. + operationId: analyticshub.projects.locations.subscriptions.refresh + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RefreshSubscriptionRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2593,7 +2708,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DataExchange' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2606,18 +2721,15 @@ paths: schema: type: string - in: path - name: dataExchangesId + name: subscriptionsId required: true schema: type: string - patch: - description: Updates an existing data exchange. - operationId: analyticshub.projects.locations.dataExchanges.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DataExchange' + /v1/projects/{projectsId}/locations/{locationsId}/subscriptions/{subscriptionsId}: + parameters: *ref_1 + delete: + description: Deletes a subscription. + operationId: analyticshub.projects.locations.subscriptions.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2633,7 +2745,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DataExchange' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2646,18 +2758,55 @@ paths: schema: type: string - in: path - name: dataExchangesId + name: subscriptionsId required: true schema: type: string - - in: query - name: updateMask + get: + description: Gets the details of a Subscription. + operationId: analyticshub.projects.locations.subscriptions.get + security: + - Oauth2: + - https://www.googleapis.com/auth/bigquery + Oauth2c: + - https://www.googleapis.com/auth/bigquery + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Subscription' + parameters: + - in: path + name: projectsId + required: true schema: type: string - format: google-fieldmask - delete: - description: Deletes an existing data exchange. - operationId: analyticshub.projects.locations.dataExchanges.delete + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: subscriptionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/subscriptions/{subscriptionsId}:revoke: + parameters: *ref_1 + post: + description: Revokes a given subscription. + operationId: analyticshub.projects.locations.subscriptions.revoke + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RevokeSubscriptionRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2673,7 +2822,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/RevokeSubscriptionResponse' parameters: - in: path name: projectsId @@ -2686,23 +2835,15 @@ paths: schema: type: string - in: path - name: dataExchangesId + name: subscriptionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}:subscribe: + /v1/projects/{projectsId}/locations/{locationsId}/subscriptions: parameters: *ref_1 - post: - description: >- - Creates a Subscription to a Data Clean Room. This is a long-running - operation as it will create one or more linked datasets. Throws a Bad - Request error if the Data Exchange does not contain any listings. - operationId: analyticshub.projects.locations.dataExchanges.subscribe - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SubscribeDataExchangeRequest' + get: + description: Lists all subscriptions in a given project and location. + operationId: analyticshub.projects.locations.subscriptions.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2718,7 +2859,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListSubscriptionsResponse' parameters: - in: path name: projectsId @@ -2730,16 +2871,24 @@ paths: required: true schema: type: string - - in: path - name: dataExchangesId - required: true + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}:listSubscriptions: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/listings/{listingsId}: parameters: *ref_1 get: - description: Lists all subscriptions on a given Data Exchange or Listing. - operationId: analyticshub.projects.locations.dataExchanges.listSubscriptions + description: Gets the details of a listing. + operationId: analyticshub.projects.locations.dataExchanges.listings.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2755,7 +2904,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSharedResourceSubscriptionsResponse' + $ref: '#/components/schemas/Listing' parameters: - in: path name: projectsId @@ -2772,29 +2921,19 @@ paths: required: true schema: type: string - - in: query - name: includeDeletedSubscriptions - schema: - type: boolean - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: listingsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}:getIamPolicy: - parameters: *ref_1 - post: - description: Gets the IAM policy. - operationId: analyticshub.projects.locations.dataExchanges.getIamPolicy + patch: + description: Updates an existing listing. + operationId: analyticshub.projects.locations.dataExchanges.listings.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/Listing' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2810,7 +2949,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Listing' parameters: - in: path name: projectsId @@ -2827,16 +2966,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}:setIamPolicy: - parameters: *ref_1 - post: - description: Sets the IAM policy. - operationId: analyticshub.projects.locations.dataExchanges.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + - in: path + name: listingsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a listing. + operationId: analyticshub.projects.locations.dataExchanges.listings.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2852,7 +2994,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2869,16 +3011,25 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}:testIamPermissions: + - in: path + name: listingsId + required: true + schema: + type: string + - in: query + name: deleteCommercial + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/listings: parameters: *ref_1 post: - description: Returns the permissions that a caller has. - operationId: analyticshub.projects.locations.dataExchanges.testIamPermissions + description: Creates a new listing. + operationId: analyticshub.projects.locations.dataExchanges.listings.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/Listing' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2894,7 +3045,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Listing' parameters: - in: path name: projectsId @@ -2911,8 +3062,10 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/listings: - parameters: *ref_1 + - in: query + name: listingId + schema: + type: string get: description: Lists all listings in a given project and location. operationId: analyticshub.projects.locations.dataExchanges.listings.list @@ -2948,23 +3101,20 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - post: - description: Creates a new listing. - operationId: analyticshub.projects.locations.dataExchanges.listings.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Listing' + /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/listings/{listingsId}:listSubscriptions: + parameters: *ref_1 + get: + description: Lists all subscriptions on a given Data Exchange or Listing. + operationId: analyticshub.projects.locations.dataExchanges.listings.listSubscriptions security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2980,7 +3130,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Listing' + $ref: '#/components/schemas/ListSharedResourceSubscriptionsResponse' parameters: - in: path name: projectsId @@ -2997,15 +3147,38 @@ paths: required: true schema: type: string + - in: path + name: listingsId + required: true + schema: + type: string - in: query - name: listingId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/listings/{listingsId}: + - in: query + name: includeDeletedSubscriptions + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/listings/{listingsId}:subscribe: parameters: *ref_1 - get: - description: Gets the details of a listing. - operationId: analyticshub.projects.locations.dataExchanges.listings.get + post: + description: >- + Subscribes to a listing. Currently, with Analytics Hub, you can create + listings that reference only BigQuery datasets. Upon subscription to a + listing for a BigQuery dataset, Analytics Hub creates a linked dataset + in the subscriber's project. + operationId: analyticshub.projects.locations.dataExchanges.listings.subscribe + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SubscribeListingRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3021,7 +3194,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Listing' + $ref: '#/components/schemas/SubscribeListingResponse' parameters: - in: path name: projectsId @@ -3043,14 +3216,17 @@ paths: required: true schema: type: string - patch: - description: Updates an existing listing. - operationId: analyticshub.projects.locations.dataExchanges.listings.patch + /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/listings/{listingsId}:testIamPermissions: + parameters: *ref_1 + post: + description: Returns the permissions that a caller has. + operationId: >- + analyticshub.projects.locations.dataExchanges.listings.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/Listing' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3066,7 +3242,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Listing' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -3088,14 +3264,16 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a listing. - operationId: analyticshub.projects.locations.dataExchanges.listings.delete + /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/listings/{listingsId}:getIamPolicy: + parameters: *ref_1 + post: + description: Gets the IAM policy. + operationId: analyticshub.projects.locations.dataExchanges.listings.getIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3111,7 +3289,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -3133,24 +3311,16 @@ paths: required: true schema: type: string - - in: query - name: deleteCommercial - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/listings/{listingsId}:subscribe: + /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/listings/{listingsId}:setIamPolicy: parameters: *ref_1 post: - description: >- - Subscribes to a listing. Currently, with Analytics Hub, you can create - listings that reference only BigQuery datasets. Upon subscription to a - listing for a BigQuery dataset, Analytics Hub creates a linked dataset - in the subscriber's project. - operationId: analyticshub.projects.locations.dataExchanges.listings.subscribe + description: Sets the IAM policy. + operationId: analyticshub.projects.locations.dataExchanges.listings.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/SubscribeListingRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3166,7 +3336,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SubscribeListingResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -3188,11 +3358,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/listings/{listingsId}:listSubscriptions: + /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/queryTemplates/{queryTemplatesId}: parameters: *ref_1 get: - description: Lists all subscriptions on a given Data Exchange or Listing. - operationId: analyticshub.projects.locations.dataExchanges.listings.listSubscriptions + description: Gets a QueryTemplate + operationId: analyticshub.projects.locations.dataExchanges.queryTemplates.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3208,7 +3378,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSharedResourceSubscriptionsResponse' + $ref: '#/components/schemas/QueryTemplate' parameters: - in: path name: projectsId @@ -3226,33 +3396,18 @@ paths: schema: type: string - in: path - name: listingsId + name: queryTemplatesId required: true schema: type: string - - in: query - name: includeDeletedSubscriptions - schema: - type: boolean - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/listings/{listingsId}:getIamPolicy: - parameters: *ref_1 - post: - description: Gets the IAM policy. - operationId: analyticshub.projects.locations.dataExchanges.listings.getIamPolicy + patch: + description: Updates an existing QueryTemplate + operationId: analyticshub.projects.locations.dataExchanges.queryTemplates.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/QueryTemplate' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3268,7 +3423,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/QueryTemplate' parameters: - in: path name: projectsId @@ -3286,20 +3441,18 @@ paths: schema: type: string - in: path - name: listingsId + name: queryTemplatesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/listings/{listingsId}:setIamPolicy: - parameters: *ref_1 - post: - description: Sets the IAM policy. - operationId: analyticshub.projects.locations.dataExchanges.listings.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a query template. + operationId: analyticshub.projects.locations.dataExchanges.queryTemplates.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3315,7 +3468,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -3333,21 +3486,20 @@ paths: schema: type: string - in: path - name: listingsId + name: queryTemplatesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/listings/{listingsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/queryTemplates/{queryTemplatesId}:submit: parameters: *ref_1 post: - description: Returns the permissions that a caller has. - operationId: >- - analyticshub.projects.locations.dataExchanges.listings.testIamPermissions + description: Submits a query template for approval. + operationId: analyticshub.projects.locations.dataExchanges.queryTemplates.submit requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/SubmitQueryTemplateRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3363,7 +3515,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/QueryTemplate' parameters: - in: path name: projectsId @@ -3381,7 +3533,7 @@ paths: schema: type: string - in: path - name: listingsId + name: queryTemplatesId required: true schema: type: string @@ -3475,11 +3627,16 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/queryTemplates/{queryTemplatesId}: + /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/queryTemplates/{queryTemplatesId}:approve: parameters: *ref_1 - get: - description: Gets a QueryTemplate - operationId: analyticshub.projects.locations.dataExchanges.queryTemplates.get + post: + description: Approves a query template. + operationId: analyticshub.projects.locations.dataExchanges.queryTemplates.approve + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ApproveQueryTemplateRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3517,14 +3674,16 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}: + parameters: *ref_1 patch: - description: Updates an existing QueryTemplate - operationId: analyticshub.projects.locations.dataExchanges.queryTemplates.patch + description: Updates an existing data exchange. + operationId: analyticshub.projects.locations.dataExchanges.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/QueryTemplate' + $ref: '#/components/schemas/DataExchange' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3540,7 +3699,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/QueryTemplate' + $ref: '#/components/schemas/DataExchange' parameters: - in: path name: projectsId @@ -3557,19 +3716,14 @@ paths: required: true schema: type: string - - in: path - name: queryTemplatesId - required: true - schema: - type: string - in: query name: updateMask schema: type: string format: google-fieldmask - delete: - description: Deletes a query template. - operationId: analyticshub.projects.locations.dataExchanges.queryTemplates.delete + get: + description: Gets the details of a data exchange. + operationId: analyticshub.projects.locations.dataExchanges.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3585,7 +3739,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/DataExchange' parameters: - in: path name: projectsId @@ -3602,21 +3756,9 @@ paths: required: true schema: type: string - - in: path - name: queryTemplatesId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/queryTemplates/{queryTemplatesId}:submit: - parameters: *ref_1 - post: - description: Submits a query template for approval. - operationId: analyticshub.projects.locations.dataExchanges.queryTemplates.submit - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SubmitQueryTemplateRequest' + delete: + description: Deletes an existing data exchange. + operationId: analyticshub.projects.locations.dataExchanges.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3632,7 +3774,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/QueryTemplate' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -3649,21 +3791,16 @@ paths: required: true schema: type: string - - in: path - name: queryTemplatesId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}/queryTemplates/{queryTemplatesId}:approve: + /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}:testIamPermissions: parameters: *ref_1 post: - description: Approves a query template. - operationId: analyticshub.projects.locations.dataExchanges.queryTemplates.approve + description: Returns the permissions that a caller has. + operationId: analyticshub.projects.locations.dataExchanges.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/ApproveQueryTemplateRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3679,7 +3816,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/QueryTemplate' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -3696,24 +3833,16 @@ paths: required: true schema: type: string - - in: path - name: queryTemplatesId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/subscriptions/{subscriptionsId}:refresh: + /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}:getIamPolicy: parameters: *ref_1 post: - description: >- - Refreshes a Subscription to a Data Exchange. A Data Exchange can become - stale when a publisher adds or removes data. This is a long-running - operation as it may create many linked datasets. - operationId: analyticshub.projects.locations.subscriptions.refresh + description: Gets the IAM policy. + operationId: analyticshub.projects.locations.dataExchanges.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/RefreshSubscriptionRequest' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3729,7 +3858,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -3742,15 +3871,15 @@ paths: schema: type: string - in: path - name: subscriptionsId + name: dataExchangesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/subscriptions/{subscriptionsId}: + /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges: parameters: *ref_1 get: - description: Gets the details of a Subscription. - operationId: analyticshub.projects.locations.subscriptions.get + description: Lists all data exchanges in a given project and location. + operationId: analyticshub.projects.locations.dataExchanges.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3766,7 +3895,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Subscription' + $ref: '#/components/schemas/ListDataExchangesResponse' parameters: - in: path name: projectsId @@ -3778,14 +3907,23 @@ paths: required: true schema: type: string - - in: path - name: subscriptionsId - required: true + - in: query + name: pageToken schema: type: string - delete: - description: Deletes a subscription. - operationId: analyticshub.projects.locations.subscriptions.delete + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a new data exchange. + operationId: analyticshub.projects.locations.dataExchanges.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DataExchange' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3801,7 +3939,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/DataExchange' parameters: - in: path name: projectsId @@ -3813,16 +3951,15 @@ paths: required: true schema: type: string - - in: path - name: subscriptionsId - required: true + - in: query + name: dataExchangeId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/subscriptions: + /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}:listSubscriptions: parameters: *ref_1 get: - description: Lists all subscriptions in a given project and location. - operationId: analyticshub.projects.locations.subscriptions.list + description: Lists all subscriptions on a given Data Exchange or Listing. + operationId: analyticshub.projects.locations.dataExchanges.listSubscriptions security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3838,7 +3975,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSubscriptionsResponse' + $ref: '#/components/schemas/ListSharedResourceSubscriptionsResponse' parameters: - in: path name: projectsId @@ -3850,8 +3987,13 @@ paths: required: true schema: type: string + - in: path + name: dataExchangesId + required: true + schema: + type: string - in: query - name: filter + name: pageToken schema: type: string - in: query @@ -3860,61 +4002,19 @@ paths: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/subscriptions/{subscriptionsId}:revoke: - parameters: *ref_1 - post: - description: Revokes a given subscription. - operationId: analyticshub.projects.locations.subscriptions.revoke - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RevokeSubscriptionRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/bigquery - Oauth2c: - - https://www.googleapis.com/auth/bigquery - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/RevokeSubscriptionResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: subscriptionsId - required: true + name: includeDeletedSubscriptions schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/subscriptions/{subscriptionsId}:getIamPolicy: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}:setIamPolicy: parameters: *ref_1 post: - description: Gets the IAM policy. - operationId: analyticshub.projects.locations.subscriptions.getIamPolicy + description: Sets the IAM policy. + operationId: analyticshub.projects.locations.dataExchanges.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3943,20 +4043,23 @@ paths: schema: type: string - in: path - name: subscriptionsId + name: dataExchangesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/subscriptions/{subscriptionsId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/dataExchanges/{dataExchangesId}:subscribe: parameters: *ref_1 post: - description: Sets the IAM policy. - operationId: analyticshub.projects.locations.subscriptions.setIamPolicy + description: >- + Creates a Subscription to a Data Clean Room. This is a long-running + operation as it will create one or more linked datasets. Throws a Bad + Request error if the Data Exchange does not contain any listings. + operationId: analyticshub.projects.locations.dataExchanges.subscribe requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/SubscribeDataExchangeRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3972,7 +4075,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3985,7 +4088,7 @@ paths: schema: type: string - in: path - name: subscriptionsId + name: dataExchangesId required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/apigateway.yaml b/providers/src/googleapis.com/v00.00.00000/services/apigateway.yaml index b33308c9..e8604f5c 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/apigateway.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/apigateway.yaml @@ -7,8 +7,8 @@ info: title: API Gateway API description: '' version: v1 - x-discovery-doc-revision: '20250813' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251105' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/api-gateway/docs servers: @@ -34,186 +34,65 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ApigatewayListOperationsResponse: - id: ApigatewayListOperationsResponse - description: The response message for Operations.ListOperations. - type: object - properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/ApigatewayOperation' - nextPageToken: - description: The standard List next-page token. - type: string - ApigatewayOperation: - id: ApigatewayOperation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/ApigatewayStatus' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ApigatewayStatus: - id: ApigatewayStatus - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - ApigatewayCancelOperationRequest: - id: ApigatewayCancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - ApigatewayListGatewaysResponse: - id: ApigatewayListGatewaysResponse - description: Response message for ApiGatewayService.ListGateways - type: object - properties: - gateways: - description: Gateways. - type: array - items: - $ref: '#/components/schemas/ApigatewayGateway' - nextPageToken: - description: Next page token. - type: string - unreachableLocations: - description: Locations that could not be reached. - type: array - items: - type: string - ApigatewayGateway: - id: ApigatewayGateway + ApigatewayApiConfig: + id: ApigatewayApiConfig description: >- - A Gateway is an API-aware HTTP proxy. It performs API-Method and/or - API-Consumer specific actions based on an API Config such as - authentication, policy enforcement, and backend selection. + An API Configuration is a combination of settings for both the Managed + Service and Gateways serving this API Config. type: object properties: name: description: >- - Output only. Resource name of the Gateway. Format: - projects/{project}/locations/{location}/gateways/{gateway} + Output only. Resource name of the API Config. Format: + projects/{project}/locations/global/apis/{api}/configs/{api_config} readOnly: true type: string createTime: - description: Output only. Created time. - readOnly: true type: string format: google-datetime - updateTime: - description: Output only. Updated time. readOnly: true + description: Output only. Created time. + managedServiceConfigs: + type: array + description: >- + Optional. Service Configuration files. At least one must be included + when using gRPC service definitions. See + https://cloud.google.com/endpoints/docs/grpc/grpc-service-config#service_configuration_overview + for the expected file contents. If multiple files are specified, the + files are merged with the following rules: * All singular scalar + fields are merged using "last one wins" semantics in the order of + the files uploaded. * Repeated fields are concatenated. * Singular + embedded messages are merged using these rules for nested fields. + items: + $ref: '#/components/schemas/ApigatewayApiConfigFile' + serviceConfigId: + readOnly: true + description: >- + Output only. The ID of the associated Service Config ( + https://cloud.google.com/service-infrastructure/docs/glossary#config). type: string - format: google-datetime labels: + type: object description: >- Optional. Resource labels to represent user-provided metadata. Refer to cloud documentation on labels for more details. https://cloud.google.com/compute/docs/labeling-resources - type: object additionalProperties: type: string - displayName: - description: Optional. Display name. - type: string - apiConfig: - description: >- - Required. Resource name of the API Config for this Gateway. Format: - projects/{project}/locations/global/apis/{api}/configs/{apiConfig} - type: string state: - description: Output only. The current state of the Gateway. - readOnly: true type: string + description: Output only. State of the API Config. enumDescriptions: - - Gateway does not have a state yet. - - Gateway is being created. - - Gateway is running and ready for requests. - - Gateway creation failed. - - Gateway is being deleted. - - Gateway is being updated. + - API Config does not have a state yet. + - API Config is being created and deployed to the API Controller. + - API Config is ready for use by Gateways. + - API Config creation failed. + - API Config is being deleted. + - API Config is being updated. + - >- + API Config settings are being activated in downstream systems. API + Configs in this state cannot be used by Gateways. + readOnly: true enum: - STATE_UNSPECIFIED - CREATING @@ -221,267 +100,112 @@ components: - FAILED - DELETING - UPDATING - defaultHostname: - description: >- - Output only. The default API Gateway host name of the form - `{gateway_id}-{hash}.{region_code}.gateway.dev`. - readOnly: true - type: string - ApigatewayListApisResponse: - id: ApigatewayListApisResponse - description: Response message for ApiGatewayService.ListApis - type: object - properties: - apis: - description: APIs. - type: array - items: - $ref: '#/components/schemas/ApigatewayApi' - nextPageToken: - description: Next page token. - type: string - unreachableLocations: - description: Locations that could not be reached. + - ACTIVATING + grpcServices: type: array items: - type: string - ApigatewayApi: - id: ApigatewayApi - description: An API that can be served by one or more Gateways. - type: object - properties: - name: + $ref: '#/components/schemas/ApigatewayApiConfigGrpcServiceDefinition' description: >- - Output only. Resource name of the API. Format: - projects/{project}/locations/global/apis/{api} - readOnly: true - type: string - createTime: - description: Output only. Created time. - readOnly: true + Optional. gRPC service definition files. If specified, + openapi_documents must not be included. + displayName: type: string - format: google-datetime + description: Optional. Display name. updateTime: - description: Output only. Updated time. readOnly: true type: string format: google-datetime - labels: + description: Output only. Updated time. + openapiDocuments: + items: + $ref: '#/components/schemas/ApigatewayApiConfigOpenApiDocument' description: >- - Optional. Resource labels to represent user-provided metadata. Refer - to cloud documentation on labels for more details. - https://cloud.google.com/compute/docs/labeling-resources - type: object - additionalProperties: - type: string - displayName: - description: Optional. Display name. + Optional. OpenAPI specification documents. If specified, + grpc_services and managed_service_configs must not be included. + type: array + gatewayServiceAccount: type: string - managedService: description: >- - Optional. Immutable. The name of a Google Managed Service ( - https://cloud.google.com/service-infrastructure/docs/glossary#managed). - If not specified, a new Service will automatically be created in the - same project as this API. - type: string - state: - description: Output only. State of the API. - readOnly: true - type: string - enumDescriptions: - - API does not have a state yet. - - API is being created. - - API is active. - - API creation failed. - - API is being deleted. - - API is being updated. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - FAILED - - DELETING - - UPDATING - ApigatewayListApiConfigsResponse: - id: ApigatewayListApiConfigsResponse - description: Response message for ApiGatewayService.ListApiConfigs - type: object - properties: - apiConfigs: - description: API Configs. - type: array - items: - $ref: '#/components/schemas/ApigatewayApiConfig' - nextPageToken: - description: Next page token. - type: string - unreachableLocations: - description: Locations that could not be reached. - type: array - items: - type: string - ApigatewayApiConfig: - id: ApigatewayApiConfig - description: >- - An API Configuration is a combination of settings for both the Managed - Service and Gateways serving this API Config. + Immutable. The Google Cloud IAM Service Account that Gateways + serving this config should use to authenticate to other services. + This may either be the Service Account's email + (`{ACCOUNT_ID}@{PROJECT}.iam.gserviceaccount.com`) or its full + resource name (`projects/{PROJECT}/accounts/{UNIQUE_ID}`). This is + most often used when the service is a GCP resource such as a Cloud + Run Service or an IAP-secured service. + ApigatewayOperationMetadata: + description: Represents the metadata of the long-running operation. type: object properties: - name: - description: >- - Output only. Resource name of the API Config. Format: - projects/{project}/locations/global/apis/{api}/configs/{api_config} + target: readOnly: true type: string + description: >- + Output only. Server-defined resource path for the target of the + operation. createTime: - description: Output only. Created time. - readOnly: true type: string format: google-datetime - updateTime: - description: Output only. Updated time. + description: Output only. The time the operation was created. + readOnly: true + apiVersion: readOnly: true + description: Output only. API version used to start the operation. type: string - format: google-datetime - labels: - description: >- - Optional. Resource labels to represent user-provided metadata. Refer - to cloud documentation on labels for more details. - https://cloud.google.com/compute/docs/labeling-resources - type: object - additionalProperties: - type: string - displayName: - description: Optional. Display name. + statusMessage: + readOnly: true type: string - gatewayServiceAccount: - description: >- - Immutable. The Google Cloud IAM Service Account that Gateways - serving this config should use to authenticate to other services. - This may either be the Service Account's email - (`{ACCOUNT_ID}@{PROJECT}.iam.gserviceaccount.com`) or its full - resource name (`projects/{PROJECT}/accounts/{UNIQUE_ID}`). This is - most often used when the service is a GCP resource such as a Cloud - Run Service or an IAP-secured service. + description: Output only. Human-readable status of the operation, if any. + verb: + description: Output only. Name of the verb executed by the operation. type: string - serviceConfigId: - description: >- - Output only. The ID of the associated Service Config ( - https://cloud.google.com/service-infrastructure/docs/glossary#config). readOnly: true + endTime: type: string - state: - description: Output only. State of the API Config. + description: Output only. The time the operation finished running. + readOnly: true + format: google-datetime + requestedCancellation: readOnly: true - type: string - enumDescriptions: - - API Config does not have a state yet. - - API Config is being created and deployed to the API Controller. - - API Config is ready for use by Gateways. - - API Config creation failed. - - API Config is being deleted. - - API Config is being updated. - - >- - API Config settings are being activated in downstream systems. API - Configs in this state cannot be used by Gateways. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - FAILED - - DELETING - - UPDATING - - ACTIVATING - openapiDocuments: description: >- - Optional. OpenAPI specification documents. If specified, - grpc_services and managed_service_configs must not be included. - type: array - items: - $ref: '#/components/schemas/ApigatewayApiConfigOpenApiDocument' - grpcServices: + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have google.longrunning.Operation.error value with a + google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. + type: boolean + diagnostics: + readOnly: true description: >- - Optional. gRPC service definition files. If specified, - openapi_documents must not be included. - type: array + Output only. Diagnostics generated during processing of + configuration source files. items: - $ref: '#/components/schemas/ApigatewayApiConfigGrpcServiceDefinition' - managedServiceConfigs: - description: >- - Optional. Service Configuration files. At least one must be included - when using gRPC service definitions. See - https://cloud.google.com/endpoints/docs/grpc/grpc-service-config#service_configuration_overview - for the expected file contents. If multiple files are specified, the - files are merged with the following rules: * All singular scalar - fields are merged using "last one wins" semantics in the order of - the files uploaded. * Repeated fields are concatenated. * Singular - embedded messages are merged using these rules for nested fields. + $ref: '#/components/schemas/ApigatewayOperationMetadataDiagnostic' type: array - items: - $ref: '#/components/schemas/ApigatewayApiConfigFile' - ApigatewayApiConfigOpenApiDocument: - id: ApigatewayApiConfigOpenApiDocument - description: An OpenAPI Specification Document describing an API. - type: object - properties: - document: - description: The OpenAPI Specification document file. - $ref: '#/components/schemas/ApigatewayApiConfigFile' - ApigatewayApiConfigFile: - id: ApigatewayApiConfigFile - description: A lightweight description of a file. - type: object - properties: - path: - description: >- - The file path (full or relative path). This is typically the path of - the file when it is uploaded. - type: string - contents: - description: The bytes that constitute the file. - type: string - format: byte - ApigatewayApiConfigGrpcServiceDefinition: - id: ApigatewayApiConfigGrpcServiceDefinition - description: A gRPC service definition. + id: ApigatewayOperationMetadata + ApigatewaySetIamPolicyRequest: + description: Request message for `SetIamPolicy` method. + id: ApigatewaySetIamPolicyRequest type: object properties: - fileDescriptorSet: - description: >- - Input only. File descriptor set, generated by protoc. To generate, - use protoc with imports and source info included. For an example - test.proto file, the following command would put the value in a new - file named out.pb. $ protoc --include_imports --include_source_info - test.proto -o out.pb - $ref: '#/components/schemas/ApigatewayApiConfigFile' - source: + policy: description: >- - Optional. Uncompiled proto files associated with the descriptor set, - used for display purposes (server-side compilation is not - supported). These should match the inputs to 'protoc' command used - to generate file_descriptor_set. - type: array - items: - $ref: '#/components/schemas/ApigatewayApiConfigFile' - ApigatewayListLocationsResponse: - id: ApigatewayListLocationsResponse - description: The response message for Locations.ListLocations. - type: object - properties: - locations: + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/ApigatewayPolicy' + updateMask: description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/ApigatewayLocation' - nextPageToken: - description: The standard List next-page token. + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + format: google-fieldmask type: string ApigatewayLocation: - id: ApigatewayLocation description: A resource that represents a Google Cloud location. type: object + id: ApigatewayLocation properties: name: description: >- @@ -489,157 +213,155 @@ components: implementations. For example: `"projects/example-project/locations/us-east1"` type: string + metadata: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' type: string + description: 'The canonical id for this location. For example: `"us-east1"`.' displayName: description: >- The friendly name for this location, typically a nearby city name. For example, "Tokyo". type: string labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object additionalProperties: type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ApigatewaySetIamPolicyRequest: - id: ApigatewaySetIamPolicyRequest - description: Request message for `SetIamPolicy` method. + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + ApigatewayAuditLogConfig: + id: ApigatewayAuditLogConfig + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. type: object properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/ApigatewayPolicy' - updateMask: - description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` + logType: + description: The log type that this config enables. + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' type: string - format: google-fieldmask - ApigatewayPolicy: - id: ApigatewayPolicy + exemptedMembers: + description: >- + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + items: + type: string + type: array + ApigatewayExpr: description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). - type: object + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. properties: - version: + description: description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + location: + type: string description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + title: + type: string + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + expression: + description: >- + Textual representation of an expression in Common Expression + Language syntax. + type: string + type: object + id: ApigatewayExpr + ApigatewayListApisResponse: + type: object + properties: + nextPageToken: + type: string + description: Next page token. + unreachableLocations: type: array items: - $ref: '#/components/schemas/ApigatewayBinding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. + type: string + description: Locations that could not be reached. + apis: + description: APIs. + items: + $ref: '#/components/schemas/ApigatewayApi' + type: array + description: Response message for ApiGatewayService.ListApis + id: ApigatewayListApisResponse + ApigatewayListGatewaysResponse: + properties: + unreachableLocations: type: array + description: Locations that could not be reached. items: - $ref: '#/components/schemas/ApigatewayAuditConfig' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + type: string + gateways: + items: + $ref: '#/components/schemas/ApigatewayGateway' + description: Gateways. + type: array + nextPageToken: type: string - format: byte + description: Next page token. + id: ApigatewayListGatewaysResponse + description: Response message for ApiGatewayService.ListGateways + type: object ApigatewayBinding: - id: ApigatewayBinding - description: Associates `members`, or principals, with a `role`. type: object properties: - role: + condition: + $ref: '#/components/schemas/ApigatewayExpr' description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). members: + items: + type: string + type: array description: >- Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A @@ -699,64 +421,191 @@ components: `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: + role: + type: string description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/ApigatewayExpr' - ApigatewayExpr: - id: ApigatewayExpr + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + description: Associates `members`, or principals, with a `role`. + id: ApigatewayBinding + ApigatewayOperation: + id: ApigatewayOperation description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - type: object + This resource represents a long-running operation that is the result of + a network API call. properties: - expression: + done: + type: boolean description: >- - Textual representation of an expression in Common Expression - Language syntax. + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + response: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/ApigatewayStatus' + metadata: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string - title: + type: object + ApigatewayListLocationsResponse: + description: The response message for Locations.ListLocations. + type: object + properties: + nextPageToken: + description: The standard List next-page token. + type: string + locations: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + A list of locations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/ApigatewayLocation' + type: array + id: ApigatewayListLocationsResponse + ApigatewayApiConfigGrpcServiceDefinition: + type: object + id: ApigatewayApiConfigGrpcServiceDefinition + description: A gRPC service definition. + properties: + source: + description: >- + Optional. Uncompiled proto files associated with the descriptor set, + used for display purposes (server-side compilation is not + supported). These should match the inputs to 'protoc' command used + to generate file_descriptor_set. + items: + $ref: '#/components/schemas/ApigatewayApiConfigFile' + type: array + fileDescriptorSet: + description: >- + Input only. File descriptor set, generated by protoc. To generate, + use protoc with imports and source info included. For an example + test.proto file, the following command would put the value in a new + file named out.pb. $ protoc --include_imports --include_source_info + test.proto -o out.pb + $ref: '#/components/schemas/ApigatewayApiConfigFile' + ApigatewayApiConfigOpenApiDocument: + type: object + properties: + document: + description: The OpenAPI Specification document file. + $ref: '#/components/schemas/ApigatewayApiConfigFile' + description: An OpenAPI Specification Document describing an API. + id: ApigatewayApiConfigOpenApiDocument + ApigatewayGateway: + id: ApigatewayGateway + description: >- + A Gateway is an API-aware HTTP proxy. It performs API-Method and/or + API-Consumer specific actions based on an API Config such as + authentication, policy enforcement, and backend selection. + properties: + state: + enumDescriptions: + - Gateway does not have a state yet. + - Gateway is being created. + - Gateway is running and ready for requests. + - Gateway creation failed. + - Gateway is being deleted. + - Gateway is being updated. + readOnly: true type: string - description: + description: Output only. The current state of the Gateway. + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - FAILED + - DELETING + - UPDATING + displayName: + type: string + description: Optional. Display name. + labels: + additionalProperties: + type: string description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + Optional. Resource labels to represent user-provided metadata. Refer + to cloud documentation on labels for more details. + https://cloud.google.com/compute/docs/labeling-resources + type: object + name: + description: >- + Output only. Resource name of the Gateway. Format: + projects/{project}/locations/{location}/gateways/{gateway} + type: string + readOnly: true + createTime: + format: google-datetime + readOnly: true + type: string + description: Output only. Created time. + apiConfig: type: string - location: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + Required. Resource name of the API Config for this Gateway. Format: + projects/{project}/locations/global/apis/{api}/configs/{apiConfig} + defaultHostname: + description: >- + Output only. The default API Gateway host name of the form + `{gateway_id}-{hash}.{region_code}.gateway.dev`. + readOnly: true + type: string + updateTime: + format: google-datetime type: string + readOnly: true + description: Output only. Updated time. + type: object ApigatewayAuditConfig: id: ApigatewayAuditConfig + type: object + properties: + service: + type: string + description: >- + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + auditLogConfigs: + description: The configuration for logging of each type of permission. + items: + $ref: '#/components/schemas/ApigatewayAuditLogConfig' + type: array description: >- Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if @@ -775,185 +624,354 @@ components: enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging. + ApigatewayOperationMetadataDiagnostic: type: object + description: Diagnostic information from configuration processing. + id: ApigatewayOperationMetadataDiagnostic properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. + message: type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/ApigatewayAuditLogConfig' - ApigatewayAuditLogConfig: - id: ApigatewayAuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. + description: The diagnostic message. + location: + type: string + description: Location of the diagnostic. + Empty: type: object + properties: {} + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + ApigatewayStatus: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). properties: - logType: - description: The log type that this config enables. + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: + code: + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + details: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. type: array items: - type: string + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + id: ApigatewayStatus + type: object ApigatewayTestIamPermissionsRequest: - id: ApigatewayTestIamPermissionsRequest description: Request message for `TestIamPermissions` method. - type: object properties: permissions: + items: + type: string + type: array description: >- The set of permissions to check for the `resource`. Permissions with wildcards (such as `*` or `storage.*`) are not allowed. For more information see [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions). + id: ApigatewayTestIamPermissionsRequest + type: object + ApigatewayCancelOperationRequest: + description: The request message for Operations.CancelOperation. + id: ApigatewayCancelOperationRequest + type: object + properties: {} + ApigatewayPolicy: + id: ApigatewayPolicy + properties: + etag: + type: string + format: byte + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + auditConfigs: + description: Specifies cloud audit logging configuration for this policy. + items: + $ref: '#/components/schemas/ApigatewayAuditConfig' + type: array + version: + format: int32 + type: integer + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + bindings: + items: + $ref: '#/components/schemas/ApigatewayBinding' + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + type: array + type: object + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + ApigatewayApi: + id: ApigatewayApi + description: An API that can be served by one or more Gateways. + properties: + labels: + additionalProperties: + type: string + type: object + description: >- + Optional. Resource labels to represent user-provided metadata. Refer + to cloud documentation on labels for more details. + https://cloud.google.com/compute/docs/labeling-resources + name: + readOnly: true + type: string + description: >- + Output only. Resource name of the API. Format: + projects/{project}/locations/global/apis/{api} + displayName: + type: string + description: Optional. Display name. + state: + readOnly: true + description: Output only. State of the API. + type: string + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - FAILED + - DELETING + - UPDATING + enumDescriptions: + - API does not have a state yet. + - API is being created. + - API is active. + - API creation failed. + - API is being deleted. + - API is being updated. + updateTime: + description: Output only. Updated time. + type: string + readOnly: true + format: google-datetime + managedService: + type: string + description: >- + Optional. Immutable. The name of a Google Managed Service ( + https://cloud.google.com/service-infrastructure/docs/glossary#managed). + If not specified, a new Service will automatically be created in the + same project as this API. + createTime: + description: Output only. Created time. + type: string + readOnly: true + format: google-datetime + type: object + ApigatewayListApiConfigsResponse: + properties: + unreachableLocations: + items: + type: string + description: Locations that could not be reached. + type: array + apiConfigs: + items: + $ref: '#/components/schemas/ApigatewayApiConfig' + description: API Configs. + type: array + nextPageToken: + type: string + description: Next page token. + description: Response message for ApiGatewayService.ListApiConfigs + type: object + id: ApigatewayListApiConfigsResponse + ApigatewayApiConfigFile: + id: ApigatewayApiConfigFile + properties: + path: + description: >- + The file path (full or relative path). This is typically the path of + the file when it is uploaded. + type: string + contents: + format: byte + type: string + description: The bytes that constitute the file. + description: A lightweight description of a file. + type: object + ApigatewayListOperationsResponse: + type: object + id: ApigatewayListOperationsResponse + description: The response message for Operations.ListOperations. + properties: + operations: + description: >- + A list of operations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/ApigatewayOperation' + type: array + nextPageToken: + type: string + description: The standard List next-page token. + unreachable: type: array + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. items: type: string ApigatewayTestIamPermissionsResponse: - id: ApigatewayTestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. type: object + id: ApigatewayTestIamPermissionsResponse properties: permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. type: array items: type: string - ApigatewayOperationMetadata: - id: ApigatewayOperationMetadata - description: Represents the metadata of the long-running operation. - type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - target: description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true - type: string - requestedCancellation: - description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have google.longrunning.Operation.error value with a - google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string - diagnostics: - description: >- - Output only. Diagnostics generated during processing of - configuration source files. - readOnly: true - type: array - items: - $ref: '#/components/schemas/ApigatewayOperationMetadataDiagnostic' - ApigatewayOperationMetadataDiagnostic: - id: ApigatewayOperationMetadataDiagnostic - description: Diagnostic information from configuration processing. - type: object - properties: - location: - description: Location of the diagnostic. - type: string - message: - description: The diagnostic message. - type: string + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + description: Response message for `TestIamPermissions` method. parameters: - access_token: - description: OAuth access token. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: access_token + name: key schema: type: string - alt: - description: Data format for response. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: alt + name: prettyPrint + schema: + type: boolean + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol schema: type: string - enum: - - json - - media - - proto callback: description: JSONP in: query name: callback schema: type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + alt: + description: Data format for response. in: query - name: key + name: alt schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + enum: + - json + - media + - proto + access_token: + description: OAuth access token. in: query - name: oauth_token + name: access_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -963,138 +981,86 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query name: uploadType schema: type: string - _.xgafv: - description: V1 error format. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: $.xgafv + name: oauth_token schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: locations: id: google.apigateway.locations name: locations title: Locations methods: - list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations get: operation: $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - operations: - id: google.apigateway.operations - name: operations - title: Operations - methods: list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - cancel: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.locations sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + delete: [] gateways: id: google.apigateway.gateways name: gateways title: Gateways methods: - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways~1{gatewaysId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.gateways - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways~1{gatewaysId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways~1{gatewaysId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways~1{gatewaysId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways~1{gatewaysId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways~1{gatewaysId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.gateways sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/gateways/methods/get' @@ -1118,21 +1084,21 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways~1{gatewaysId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways~1{gatewaysId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways~1{gatewaysId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways~1{gatewaysId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- @@ -1143,126 +1109,117 @@ components: - $ref: >- #/components/x-stackQL-resources/gateways_iam_policies/methods/set_iam_policy delete: [] - apis: - id: google.apigateway.apis - name: apis - title: Apis + operations: + id: google.apigateway.operations + name: operations + title: Operations methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.apis - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.operations get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/apis/methods/get' - - $ref: '#/components/x-stackQL-resources/apis/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/apis/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/apis/methods/patch' + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' + insert: [] + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/apis/methods/delete' - apis_iam_policies: - id: google.apigateway.apis_iam_policies - name: apis_iam_policies - title: Apis_iam_policies + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + configs_iam_policies: + id: google.apigateway.configs_iam_policies + name: configs_iam_policies + title: Configs_iam_policies methods: - set_iam_policy: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1configs~1{configsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1configs~1{configsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1configs~1{configsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/apis_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/configs_iam_policies/methods/get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/apis_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/configs_iam_policies/methods/set_iam_policy delete: [] configs: id: google.apigateway.configs name: configs title: Configs methods: - list: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1configs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1configs/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.apiConfigs - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1configs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1configs/get response: mediaType: application/json openAPIDocKey: '200' - get: + objectKey: $.apiConfigs + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1configs~1{configsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1configs~1{configsId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1configs~1{configsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1configs~1{configsId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -1284,22 +1241,74 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/configs/methods/delete' - configs_iam_policies: - id: google.apigateway.configs_iam_policies - name: configs_iam_policies - title: Configs_iam_policies + apis: + id: google.apigateway.apis + name: apis + title: Apis + methods: + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.apis + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/apis/methods/get' + - $ref: '#/components/x-stackQL-resources/apis/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/apis/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/apis/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/apis/methods/delete' + apis_iam_policies: + id: google.apigateway.apis_iam_policies + name: apis_iam_policies + title: Apis_iam_policies methods: set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1configs~1{configsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1configs~1{configsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' @@ -1307,37 +1316,37 @@ components: test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1configs~1{configsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/configs_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/apis_iam_policies/methods/get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/configs_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/apis_iam_policies/methods/set_iam_policy delete: [] paths: - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/oauth_token' get: - description: Lists information about the supported locations for this service. - operationId: apigateway.projects.locations.list + description: Gets information about a location. + operationId: apigateway.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1349,35 +1358,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayListLocationsResponse' + $ref: '#/components/schemas/ApigatewayLocation' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes + - in: path + name: locationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}: + /v1/projects/{projectsId}/locations: parameters: *ref_1 get: - description: Gets information about a location. - operationId: apigateway.projects.locations.get + description: Lists information about the supported locations for this service. + operationId: apigateway.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1389,25 +1386,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayLocation' + $ref: '#/components/schemas/ApigatewayListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: extraLocationTypes + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/gateways/{gatewaysId}: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: apigateway.projects.locations.operations.list + delete: + description: Deletes a single Gateway. + operationId: apigateway.projects.locations.gateways.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1419,7 +1426,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayListOperationsResponse' + $ref: '#/components/schemas/ApigatewayOperation' parameters: - in: path name: projectsId @@ -1431,27 +1438,14 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: gatewaysId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: apigateway.projects.locations.operations.get + description: Gets details of a single Gateway. + operationId: apigateway.projects.locations.gateways.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1463,7 +1457,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayOperation' + $ref: '#/components/schemas/ApigatewayGateway' parameters: - in: path name: projectsId @@ -1476,17 +1470,18 @@ paths: schema: type: string - in: path - name: operationsId + name: gatewaysId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: apigateway.projects.locations.operations.delete + patch: + description: Updates the parameters of a single Gateway. + operationId: apigateway.projects.locations.gateways.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ApigatewayGateway' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1498,7 +1493,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ApigatewayOperation' parameters: - in: path name: projectsId @@ -1511,29 +1506,25 @@ paths: schema: type: string - in: path - name: operationsId + name: gatewaysId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/gateways: parameters: *ref_1 post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: apigateway.projects.locations.operations.cancel + description: Creates a new Gateway in a given project and location. + operationId: apigateway.projects.locations.gateways.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayCancelOperationRequest' + $ref: '#/components/schemas/ApigatewayGateway' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1545,7 +1536,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ApigatewayOperation' parameters: - in: path name: projectsId @@ -1557,13 +1548,10 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: gatewayId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/gateways: - parameters: *ref_1 get: description: Lists Gateways in a given project and location. operationId: apigateway.projects.locations.gateways.list @@ -1607,14 +1595,19 @@ paths: name: orderBy schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/gateways/{gatewaysId}:setIamPolicy: + parameters: *ref_1 post: - description: Creates a new Gateway in a given project and location. - operationId: apigateway.projects.locations.gateways.create + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: apigateway.projects.locations.gateways.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayGateway' + $ref: '#/components/schemas/ApigatewaySetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1626,7 +1619,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayOperation' + $ref: '#/components/schemas/ApigatewayPolicy' parameters: - in: path name: projectsId @@ -1638,15 +1631,26 @@ paths: required: true schema: type: string - - in: query - name: gatewayId + - in: path + name: gatewaysId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/gateways/{gatewaysId}: + /v1/projects/{projectsId}/locations/{locationsId}/gateways/{gatewaysId}:testIamPermissions: parameters: *ref_1 - get: - description: Gets details of a single Gateway. - operationId: apigateway.projects.locations.gateways.get + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: apigateway.projects.locations.gateways.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ApigatewayTestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1658,7 +1662,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayGateway' + $ref: '#/components/schemas/ApigatewayTestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -1675,14 +1679,13 @@ paths: required: true schema: type: string - patch: - description: Updates the parameters of a single Gateway. - operationId: apigateway.projects.locations.gateways.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ApigatewayGateway' + /v1/projects/{projectsId}/locations/{locationsId}/gateways/{gatewaysId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: apigateway.projects.locations.gateways.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1694,7 +1697,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayOperation' + $ref: '#/components/schemas/ApigatewayPolicy' parameters: - in: path name: projectsId @@ -1712,13 +1715,17 @@ paths: schema: type: string - in: query - name: updateMask + name: options.requestedPolicyVersion schema: - type: string - format: google-fieldmask - delete: - description: Deletes a single Gateway. - operationId: apigateway.projects.locations.gateways.delete + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: apigateway.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1730,7 +1737,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayOperation' + $ref: '#/components/schemas/ApigatewayListOperationsResponse' parameters: - in: path name: projectsId @@ -1742,24 +1749,31 @@ paths: required: true schema: type: string - - in: path - name: gatewaysId - required: true + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/gateways/{gatewaysId}:setIamPolicy: + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - post: + get: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: apigateway.projects.locations.gateways.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ApigatewaySetIamPolicyRequest' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: apigateway.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1771,7 +1785,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayPolicy' + $ref: '#/components/schemas/ApigatewayOperation' parameters: - in: path name: projectsId @@ -1784,17 +1798,17 @@ paths: schema: type: string - in: path - name: gatewaysId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/gateways/{gatewaysId}:getIamPolicy: - parameters: *ref_1 - get: + delete: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: apigateway.projects.locations.gateways.getIamPolicy + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: apigateway.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1806,7 +1820,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayPolicy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -1819,30 +1833,29 @@ paths: schema: type: string - in: path - name: gatewaysId + name: operationsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/gateways/{gatewaysId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: apigateway.projects.locations.gateways.testIamPermissions + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: apigateway.projects.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayTestIamPermissionsRequest' + $ref: '#/components/schemas/ApigatewayCancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1854,7 +1867,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayTestIamPermissionsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -1867,15 +1880,17 @@ paths: schema: type: string - in: path - name: gatewaysId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/configs/{configsId}:getIamPolicy: parameters: *ref_1 get: - description: Lists Apis in a given project and location. - operationId: apigateway.projects.locations.apis.list + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: apigateway.projects.locations.apis.configs.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1887,7 +1902,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayListApisResponse' + $ref: '#/components/schemas/ApigatewayPolicy' parameters: - in: path name: projectsId @@ -1899,31 +1914,31 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: apisId + required: true schema: type: string - - in: query - name: filter + - in: path + name: configsId + required: true schema: type: string - in: query - name: orderBy + name: options.requestedPolicyVersion schema: - type: string + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/configs: + parameters: *ref_1 post: - description: Creates a new Api in a given project and location. - operationId: apigateway.projects.locations.apis.create + description: Creates a new ApiConfig in a given project and location. + operationId: apigateway.projects.locations.apis.configs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayApi' + $ref: '#/components/schemas/ApigatewayApiConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1947,15 +1962,18 @@ paths: required: true schema: type: string + - in: path + name: apisId + required: true + schema: + type: string - in: query - name: apiId + name: apiConfigId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}: - parameters: *ref_1 get: - description: Gets details of a single Api. - operationId: apigateway.projects.locations.apis.get + description: Lists ApiConfigs in a given project and location. + operationId: apigateway.projects.locations.apis.configs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1967,7 +1985,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayApi' + $ref: '#/components/schemas/ApigatewayListApiConfigsResponse' parameters: - in: path name: projectsId @@ -1983,15 +2001,34 @@ paths: name: apisId required: true schema: - type: string + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/configs/{configsId}: + parameters: *ref_1 patch: - description: Updates the parameters of a single Api. - operationId: apigateway.projects.locations.apis.patch + description: Updates the parameters of a single ApiConfig. + operationId: apigateway.projects.locations.apis.configs.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayApi' + $ref: '#/components/schemas/ApigatewayApiConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2020,14 +2057,19 @@ paths: required: true schema: type: string + - in: path + name: configsId + required: true + schema: + type: string - in: query name: updateMask schema: type: string format: google-fieldmask - delete: - description: Deletes a single Api. - operationId: apigateway.projects.locations.apis.delete + get: + description: Gets details of a single ApiConfig. + operationId: apigateway.projects.locations.apis.configs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2039,7 +2081,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayOperation' + $ref: '#/components/schemas/ApigatewayApiConfig' parameters: - in: path name: projectsId @@ -2056,19 +2098,18 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: apigateway.projects.locations.apis.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ApigatewaySetIamPolicyRequest' + - in: path + name: configsId + required: true + schema: + type: string + - in: query + name: view + schema: + type: string + delete: + description: Deletes a single ApiConfig. + operationId: apigateway.projects.locations.apis.configs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2080,7 +2121,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayPolicy' + $ref: '#/components/schemas/ApigatewayOperation' parameters: - in: path name: projectsId @@ -2097,13 +2138,24 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}:getIamPolicy: + - in: path + name: configsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/configs/{configsId}:setIamPolicy: parameters: *ref_1 - get: + post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: apigateway.projects.locations.apis.getIamPolicy + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: apigateway.projects.locations.apis.configs.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ApigatewaySetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2132,12 +2184,12 @@ paths: required: true schema: type: string - - in: query - name: options.requestedPolicyVersion + - in: path + name: configsId + required: true schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}:testIamPermissions: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/configs/{configsId}:testIamPermissions: parameters: *ref_1 post: description: >- @@ -2146,7 +2198,7 @@ paths: not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. - operationId: apigateway.projects.locations.apis.testIamPermissions + operationId: apigateway.projects.locations.apis.configs.testIamPermissions requestBody: content: application/json: @@ -2180,11 +2232,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/configs: + - in: path + name: configsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}: parameters: *ref_1 - get: - description: Lists ApiConfigs in a given project and location. - operationId: apigateway.projects.locations.apis.configs.list + patch: + description: Updates the parameters of a single Api. + operationId: apigateway.projects.locations.apis.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ApigatewayApi' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2196,7 +2258,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayListApiConfigsResponse' + $ref: '#/components/schemas/ApigatewayOperation' parameters: - in: path name: projectsId @@ -2214,30 +2276,13 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + name: updateMask schema: type: string - post: - description: Creates a new ApiConfig in a given project and location. - operationId: apigateway.projects.locations.apis.configs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ApigatewayApiConfig' + format: google-fieldmask + delete: + description: Deletes a single Api. + operationId: apigateway.projects.locations.apis.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2266,15 +2311,9 @@ paths: required: true schema: type: string - - in: query - name: apiConfigId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/configs/{configsId}: - parameters: *ref_1 get: - description: Gets details of a single ApiConfig. - operationId: apigateway.projects.locations.apis.configs.get + description: Gets details of a single Api. + operationId: apigateway.projects.locations.apis.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2286,7 +2325,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayApiConfig' + $ref: '#/components/schemas/ApigatewayApi' parameters: - in: path name: projectsId @@ -2303,23 +2342,19 @@ paths: required: true schema: type: string - - in: path - name: configsId - required: true - schema: - type: string - - in: query - name: view - schema: - type: string - patch: - description: Updates the parameters of a single ApiConfig. - operationId: apigateway.projects.locations.apis.configs.patch + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: apigateway.projects.locations.apis.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayApiConfig' + $ref: '#/components/schemas/ApigatewaySetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2331,7 +2366,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayOperation' + $ref: '#/components/schemas/ApigatewayPolicy' parameters: - in: path name: projectsId @@ -2348,19 +2383,16 @@ paths: required: true schema: type: string - - in: path - name: configsId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a single ApiConfig. - operationId: apigateway.projects.locations.apis.configs.delete + /v1/projects/{projectsId}/locations/{locationsId}/apis: + parameters: *ref_1 + post: + description: Creates a new Api in a given project and location. + operationId: apigateway.projects.locations.apis.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ApigatewayApi' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2384,29 +2416,13 @@ paths: required: true schema: type: string - - in: path - name: apisId - required: true - schema: - type: string - - in: path - name: configsId - required: true + - in: query + name: apiId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/configs/{configsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: apigateway.projects.locations.apis.configs.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ApigatewaySetIamPolicyRequest' + get: + description: Lists Apis in a given project and location. + operationId: apigateway.projects.locations.apis.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2418,7 +2434,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApigatewayPolicy' + $ref: '#/components/schemas/ApigatewayListApisResponse' parameters: - in: path name: projectsId @@ -2430,23 +2446,30 @@ paths: required: true schema: type: string - - in: path - name: apisId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - - in: path - name: configsId - required: true + - in: query + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/configs/{configsId}:getIamPolicy: + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}:getIamPolicy: parameters: *ref_1 get: description: >- Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. - operationId: apigateway.projects.locations.apis.configs.getIamPolicy + operationId: apigateway.projects.locations.apis.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2475,17 +2498,12 @@ paths: required: true schema: type: string - - in: path - name: configsId - required: true - schema: - type: string - in: query name: options.requestedPolicyVersion schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/configs/{configsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}:testIamPermissions: parameters: *ref_1 post: description: >- @@ -2494,7 +2512,7 @@ paths: not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. - operationId: apigateway.projects.locations.apis.configs.testIamPermissions + operationId: apigateway.projects.locations.apis.testIamPermissions requestBody: content: application/json: @@ -2528,8 +2546,3 @@ paths: required: true schema: type: string - - in: path - name: configsId - required: true - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/apigee.yaml b/providers/src/googleapis.com/v00.00.00000/services/apigee.yaml index 9bc812ab..024f672e 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/apigee.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/apigee.yaml @@ -12,8 +12,8 @@ info: more. Note: This product is available as a free trial for a time period of 60 days. version: v1 - x-discovery-doc-revision: '20250814' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251125' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/apigee-api-management/ servers: @@ -39,1173 +39,1432 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleCloudApigeeV1ListHybridIssuersResponse: - id: GoogleCloudApigeeV1ListHybridIssuersResponse + GoogleCloudApigeeV1AdjustDeveloperBalanceRequest: type: object properties: - issuers: - description: Lists of hybrid services and its trusted issuer email ids. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1ServiceIssuersMapping' - GoogleCloudApigeeV1ServiceIssuersMapping: - id: GoogleCloudApigeeV1ServiceIssuersMapping + adjustment: + description: >- + * A positive value of `adjustment` means that that the API provider + wants to adjust the balance for an under-charged developer i.e. the + balance of the developer will decrease. * A negative value of + `adjustment` means that that the API provider wants to adjust the + balance for an over-charged developer i.e. the balance of the + developer will increase. NOTE: An adjustment cannot increase the + balance of the developer beyond the balance as of the most recent + credit. For example, if a developer's balance is updated to be $100, + and they spend $10, a negative adjustment can only increase the + balance of the developer to $100. + $ref: '#/components/schemas/GoogleTypeMoney' + description: Request for AdjustDeveloperBalance. + id: GoogleCloudApigeeV1AdjustDeveloperBalanceRequest + GoogleCloudApigeeV1DeveloperBalanceWallet: type: object + id: GoogleCloudApigeeV1DeveloperBalanceWallet + description: Wallet used to manage an account balance for a particular currency. properties: - service: - description: String indicating the Apigee service name. + lastCreditTime: + format: int64 + description: >- + Output only. Time at which the developer last added credit to the + account in milliseconds since epoch. + readOnly: true type: string - emailIds: - description: List of trusted issuer email ids. - type: array - items: - type: string - GoogleApiHttpBody: - id: GoogleApiHttpBody - description: >- - Message that represents an arbitrary HTTP body. It should only be used - for payload formats that can't be represented as JSON, such as raw - binary or an HTML page. This message can be used both in streaming and - non-streaming API methods in the request as well as the response. It can - be used as a top-level request field, which is convenient if one wants - to extract parameters from either the URL or HTTP template into the - request fields and also want access to the raw HTTP body. Example: - message GetResourceRequest { // A unique request id. string request_id = - 1; // The raw HTTP body is bound to this field. google.api.HttpBody - http_body = 2; } service ResourceService { rpc - GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc - UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } - Example with streaming methods: service CaldavService { rpc - GetCalendar(stream google.api.HttpBody) returns (stream - google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) - returns (stream google.api.HttpBody); } Use of this type only changes - how the request and response bodies are handled, all other features will - continue to work unchanged. + balance: + description: >- + Current remaining balance of the developer for a particular + currency. + $ref: '#/components/schemas/GoogleTypeMoney' + GoogleCloudApigeeV1PodStatus: type: object properties: - contentType: - description: >- - The HTTP Content-Type header value specifying the content type of - the body. + podName: type: string - data: - description: The HTTP request/response body as raw binary. + description: Name of the pod which is reporting the status. + deploymentTime: + format: int64 type: string - format: byte - extensions: + description: Time the proxy was deployed in milliseconds since epoch. + statusCodeDetails: + type: string + description: Human-readable message associated with the status code. + deploymentStatus: description: >- - Application specific response metadata. Must be set in the first - response for streaming APIs. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleCloudApigeeV1ResourceFile: - id: GoogleCloudApigeeV1ResourceFile - description: Metadata about a resource file. - type: object - properties: - name: - description: ID of the resource file. + Status of the deployment. Valid values include: - `deployed`: + Successful. - `error` : Failed. - `pending` : Pod has not yet + reported on the deployment. type: string - type: - description: Resource file type. {{ resource_file_type }} + appVersion: + description: Version of the application running in the pod. type: string - GoogleCloudApigeeV1ListEnvironmentResourcesResponse: - id: GoogleCloudApigeeV1ListEnvironmentResourcesResponse - description: Response for ListEnvironmentResources - type: object - properties: - resourceFile: - description: List of resources files. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceFile' - GoogleCloudApigeeV1ListApiProxiesResponse: - id: GoogleCloudApigeeV1ListApiProxiesResponse - type: object + deploymentStatusTime: + description: Time the deployment status was reported in milliseconds since epoch. + type: string + format: int64 + statusCode: + description: Code associated with the deployment status. + type: string + podStatusTime: + description: Time the pod status was reported in milliseconds since epoch. + format: int64 + type: string + podStatus: + description: >- + Overall status of the pod (not this specific deployment). Valid + values include: - `active`: Up to date. - `stale` : Recently out of + date. Pods that have not reported status in a long time are excluded + from the output. + type: string + id: GoogleCloudApigeeV1PodStatus + GoogleCloudApigeeV1SecurityFeedback: properties: - proxies: + feedbackContexts: + description: >- + Required. One or more attribute/value pairs for constraining the + feedback. type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxy' - GoogleCloudApigeeV1ApiProxy: - id: GoogleCloudApigeeV1ApiProxy - description: Metadata describing the API proxy - type: object - properties: - metaData: - description: Output only. Metadata describing the API proxy. - readOnly: true - $ref: '#/components/schemas/GoogleCloudApigeeV1EntityMetadata' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityFeedbackFeedbackContext + feedbackType: + enumDescriptions: + - Unspecified feedback type. + - Feedback identifying attributes to be excluded from detections. + type: string + description: Required. The type of feedback being submitted. + enum: + - FEEDBACK_TYPE_UNSPECIFIED + - EXCLUDED_DETECTION name: - description: Output only. Name of the API proxy. + description: >- + Output only. Identifier. The feedback name is intended to be a + system-generated uuid. readOnly: true type: string - revision: - description: Output only. List of revisions defined for the API proxy. + reason: + description: Optional. The reason for the feedback. + type: string + enumDescriptions: + - Unspecified reason. + - The feedback is created for an internal system. + - The feedback is created for a non-risk client. + - The feedback is created for to label NAT. + - The feedback is created for a penetration test. + - The feedback is created for other reasons. + enum: + - REASON_UNSPECIFIED + - INTERNAL_SYSTEM + - NON_RISK_CLIENT + - NAT + - PENETRATION_TEST + - OTHER + displayName: + description: Optional. The display name of the feedback. + type: string + updateTime: + type: string readOnly: true - type: array - items: - type: string - latestRevisionId: - description: >- - Output only. The id of the most recently created revision for this - api proxy. + format: google-datetime + description: Output only. The time when this specific feedback id was updated. + createTime: + format: google-datetime readOnly: true type: string - labels: - description: User labels applied to this API Proxy. - type: object - additionalProperties: - type: string - readOnly: + description: Output only. The time when this specific feedback id was created. + comment: + type: string description: >- - Output only. Whether this proxy is read-only. A read-only proxy - cannot have new revisions created through calls to - CreateApiProxyRevision. A proxy is read-only if it was generated by - an archive. - readOnly: true - type: boolean - apiProxyType: - description: Output only. The type of the API proxy. - readOnly: true + Optional. Optional text the user can provide for additional, + unstructured context. + id: GoogleCloudApigeeV1SecurityFeedback + description: Represents a feedback report from an Advanced API Security customer. + type: object + GoogleCloudApigeeV1UpdateSecurityIncidentRequest: + type: object + properties: + securityIncident: + description: >- + Required. The security incident to update. Must contain all existing + populated fields of the current incident. + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityIncident' + updateMask: + description: >- + Required. The list of fields to update. Allowed fields are: + LINT.IfChange(allowed_update_fields_comment) - observability + LINT.ThenChange() + format: google-fieldmask + type: string + id: GoogleCloudApigeeV1UpdateSecurityIncidentRequest + description: Request for UpdateSecurityIncident. + GoogleCloudApigeeV1SecurityFeedbackFeedbackContext: + properties: + attribute: + description: Required. The attribute the user is providing feedback about. type: string enumDescriptions: - - API proxy type not specified. + - Unspecified attribute. + - Values will be a list of environments. - >- - Programmable API Proxies enable you to develop APIs with highly - flexible behavior using bundled policy configuration and one or - more programming languages to describe complex sequential and/or - conditional flows of logic. - - >- - Configurable API Proxies enable you to develop efficient APIs - using simple configuration while complex execution control flow - logic is handled by Apigee. This type only works with the ARCHIVE - deployment type and cannot be combined with the PROXY deployment - type. + Values will be a list of IP addresses. This could be either IPv4 + or IPv6. enum: - - API_PROXY_TYPE_UNSPECIFIED - - PROGRAMMABLE - - CONFIGURABLE - space: + - ATTRIBUTE_UNSPECIFIED + - ATTRIBUTE_ENVIRONMENTS + - ATTRIBUTE_IP_ADDRESS_RANGES + values: description: >- - Optional. The id of the space this proxy is associated with. Any IAM - policies applied to the space will control access to this proxy. To - learn how Spaces can be used to manage resources, read the [Apigee - Spaces - Overview](https://cloud.google.com/apigee/docs/api-platform/system-administration/spaces/apigee-spaces-overview). - type: string - GoogleCloudApigeeV1EntityMetadata: - id: GoogleCloudApigeeV1EntityMetadata - description: Metadata common to many entities in this API. + Required. The values of the attribute the user is providing feedback + about. + items: + type: string + type: array + id: GoogleCloudApigeeV1SecurityFeedbackFeedbackContext type: object + description: FeedbackContext captures the intent of the submitted feedback. + GoogleCloudApigeeV1Datastore: properties: - createdAt: - description: >- - Time at which the API proxy was created, in milliseconds since - epoch. + createTime: type: string - format: int64 - lastModifiedAt: description: >- - Time at which the API proxy was most recently modified, in - milliseconds since epoch. - type: string + Output only. Datastore create time, in milliseconds since the epoch + of 1970-01-01T00:00:00Z + readOnly: true format: int64 - subType: - description: The type of entity described + targetType: + description: Destination storage type. Supported types `gcs` or `bigquery`. type: string - GoogleCloudApigeeV1MoveApiProxyRequest: - id: GoogleCloudApigeeV1MoveApiProxyRequest - description: Moves an API Proxy to a different Space. - type: object - properties: - space: - description: >- - Optional. Resource ID of the space to move the proxy to. If - unspecified, the proxy will be moved to the organization level. - type: string - GoogleCloudApigeeV1ApiProxyRevision: - id: GoogleCloudApigeeV1ApiProxyRevision - description: API proxy revision. - type: object - properties: - basepaths: - description: Base URL of the API proxy. - type: array - items: - type: string - configurationVersion: + lastUpdateTime: description: >- - Version of the API proxy configuration schema to which the API proxy - conforms. Currently, the only supported value is 4.0 - (`majorVersion.minorVersion`). This setting may be used in the - future to track the evolution of the API proxy format. - $ref: '#/components/schemas/GoogleCloudApigeeV1ConfigVersion' - contextInfo: - description: Revision number, app name, and organization for the API proxy. + Output only. Datastore last update time, in milliseconds since the + epoch of 1970-01-01T00:00:00Z + readOnly: true + format: int64 type: string - createdAt: - description: >- - Time that the API proxy revision was created in milliseconds since - epoch. + org: + description: Output only. Organization that the datastore belongs to type: string - format: int64 + readOnly: true displayName: - description: Human-readable name of the API proxy. type: string - description: - description: Description of the API proxy revision. + description: Required. Display name in UI + datastoreConfig: + description: Datastore Configurations. + $ref: '#/components/schemas/GoogleCloudApigeeV1DatastoreConfig' + self: + readOnly: true type: string - entityMetaDataAsProperties: - description: Metadata describing the API proxy revision as a key-value map. - type: object - additionalProperties: - type: string - lastModifiedAt: description: >- - Time that the API proxy revision was last modified in milliseconds - since epoch. - type: string - format: int64 + Output only. Resource link of Datastore. Example: + `/organizations/{org}/analytics/datastores/{uuid}` + description: >- + The data store defines the connection to export data repository (Cloud + Storage, BigQuery), including the credentials used to access the data + repository. + id: GoogleCloudApigeeV1Datastore + type: object + GoogleCloudApigeeV1DimensionMetric: + id: GoogleCloudApigeeV1DimensionMetric + description: Encapsulates a metric grouped by dimension. + properties: name: - description: Name of the API proxy. - type: string - revision: - description: API proxy revision. - type: string - policies: - description: List of policy names included in the API proxy revision.. - type: array - items: - type: string - proxies: - description: List of proxy names included in the API proxy revision. - type: array - items: - type: string - proxyEndpoints: - description: >- - List of ProxyEndpoints in the `/proxies` directory of the API proxy. - Typically, this element is included only when the API proxy was - created using the Edge UI. This is a 'manifest' setting designed to - provide visibility into the contents of the API proxy. - type: array - items: - type: string - resourceFiles: - description: List of resource files included in the API proxy revision. - $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceFiles' - resources: - description: >- - List of the resources included in the API proxy revision formatted - as "{type}://{name}". - type: array - items: - type: string - sharedFlows: - description: List of the shared flows included in the API proxy revision. - type: array - items: - type: string - spec: - description: >- - OpenAPI Specification that is associated with the API proxy. The - value is set to a URL or to a path in the specification store. type: string - targetEndpoints: - description: >- - List of TargetEndpoints in the `/targets` directory of the API - proxy. Typically, this element is included only when the API proxy - was created using the Edge UI. This is a 'manifest' setting designed - to provide visibility into the contents of the API proxy. - type: array - items: - type: string - targetServers: - description: >- - List of TargetServers referenced in any TargetEndpoint in the API - proxy. Typically, you will see this element only when the API proxy - was created using the Edge UI. This is a 'manifest' setting designed - to provide visibility into the contents of the API proxy. - type: array - items: - type: string - targets: - description: List of the targets included in the API proxy revision. - type: array - items: - type: string - integrationEndpoints: description: >- - List of IntegrationEndpoints in the '/integration-endpoints' - directory of the API proxy. This is a 'manifest' setting designed to - provide visibility into the contents of the API proxy. + Comma joined dimension names. E.g. "dim1_name,dim2_name". + Deprecated. If name already has comma before join, we may get wrong + splits. Please use individual_names. + deprecated: true + metrics: type: array items: - type: string - type: - description: >- - Type. Set to `Application`. Maintained for compatibility with the - Apigee Edge API. - type: string - teams: - description: List of the teams included in the API proxy revision. + $ref: '#/components/schemas/GoogleCloudApigeeV1Metric' + description: List of metrics. + individualNames: + description: Individual dimension names. E.g. ["dim1_name", "dim2_name"]. type: array items: type: string - archive: - description: >- - Output only. The archive that generated this proxy revision. This - field is only present on proxy revisions that were generated by an - archive. Proxies generated by archives cannot be updated, deleted, - or deployed to other environments. Format: - `organizations/*/environments/*/archiveDeployments/*` - readOnly: true - type: string - hasExtensiblePolicy: - description: >- - Output only. This field will be marked as true if revision contains - any policies marked as extensible. - readOnly: true - type: boolean - GoogleCloudApigeeV1ConfigVersion: - id: GoogleCloudApigeeV1ConfigVersion - description: >- - Version of the API proxy configuration schema. Currently, only 4.0 is - supported. type: object + GoogleCloudApigeeV1MonetizationConfig: + id: GoogleCloudApigeeV1MonetizationConfig + description: Configuration for the Monetization add-on. properties: - majorVersion: - description: Major version of the API proxy configuration schema. - type: integer - format: int32 - minorVersion: - description: Minor version of the API proxy configuration schema. - type: integer - format: int32 - GoogleCloudApigeeV1ResourceFiles: - id: GoogleCloudApigeeV1ResourceFiles - description: List of resource files. + enabled: + description: Flag that specifies whether the Monetization add-on is enabled. + type: boolean type: object - properties: - resourceFile: - description: List of resource files. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceFile' - GoogleLongrunningListOperationsResponse: - id: GoogleLongrunningListOperationsResponse - description: The response message for Operations.ListOperations. + GoogleCloudApigeeV1LlmOperationGroup: + id: GoogleCloudApigeeV1LlmOperationGroup type: object properties: - operations: + operationConfigs: description: >- - A list of operations that matches the specified filter in the - request. - type: array + Required. List of LLM operation configurations for either Apigee API + proxies that are associated with this API product. items: - $ref: '#/components/schemas/GoogleLongrunningOperation' - nextPageToken: - description: The standard List next-page token. - type: string - GoogleLongrunningOperation: - id: GoogleLongrunningOperation + $ref: '#/components/schemas/GoogleCloudApigeeV1LlmOperationConfig' + type: array description: >- - This resource represents a long-running operation that is the result of - a network API call. + List of LLM operation configuration details associated with Apigee API + proxies. + GoogleCloudApigeeV1TargetServer: + id: GoogleCloudApigeeV1TargetServer type: object properties: - name: + sSLInfo: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + Optional. Specifies TLS configuration info for this TargetServer. + The JSON name is `sSLInfo` for legacy/backwards compatibility + reasons -- Edge originally supported SSL, and the name is still used + for TLS configuration. + $ref: '#/components/schemas/GoogleCloudApigeeV1TlsInfo' + description: + description: Optional. A human-readable description of this TargetServer. type: string - metadata: + name: description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + Required. The resource id of this target server. Values must match + the regular expression + type: string + isEnabled: description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. + Optional. Enabling/disabling a TargetServer is useful when + TargetServers are used in load balancing configurations, and one or + more TargetServers need to taken out of rotation periodically. + Defaults to true. type: boolean - error: + port: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/GoogleRpcStatus' - response: + Required. The port number this target connects to on the given host. + Value must be between 1 and 65535, inclusive. + type: integer + format: int32 + protocol: + enumDescriptions: + - UNSPECIFIED defaults to HTTP for backwards compatibility. + - The TargetServer uses HTTP. + - The TargetSever uses HTTP2. + - The TargetServer uses GRPC. + - >- + GRPC TargetServer to be used in ExternalCallout Policy. Prefer to + use EXTERNAL_CALLOUT instead. TODO(b/266125112) deprecate once + EXTERNAL _CALLOUT generally available. + - The TargetServer is to be used in the ExternalCallout Policy + type: string + description: Immutable. The protocol used by this TargetServer. + enum: + - PROTOCOL_UNSPECIFIED + - HTTP + - HTTP2 + - GRPC_TARGET + - GRPC + - EXTERNAL_CALLOUT + host: + type: string description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleRpcStatus: - id: GoogleRpcStatus + Required. The host name this target connects to. Value must be a + valid hostname as described by RFC-1123. description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + TargetServer configuration. TargetServers are used to decouple a proxy + TargetEndpoint HTTPTargetConnections from concrete URLs for backend + services. + GoogleIamV1AuditConfig: + id: GoogleIamV1AuditConfig type: object properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + service: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + auditLogConfigs: + description: The configuration for logging of each type of permission. type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleCloudApigeeV1ArchiveDeployment: - id: GoogleCloudApigeeV1ArchiveDeployment - description: Archive Deployment information. + $ref: '#/components/schemas/GoogleIamV1AuditLogConfig' + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + GoogleCloudApigeeV1ListArchiveDeploymentsResponse: type: object properties: - name: + nextPageToken: description: >- - Name of the Archive Deployment in the following format: - `organizations/{org}/environments/{env}/archiveDeployments/{id}`. + Page token that you can include in a ListArchiveDeployments request + to retrieve the next page. If omitted, no subsequent pages exist. type: string - labels: + archiveDeployments: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1ArchiveDeployment' + description: Archive Deployments in the specified environment. + type: array + description: Response for ListArchiveDeployments method. + id: GoogleCloudApigeeV1ListArchiveDeploymentsResponse + GoogleCloudApigeeV1ResourceFiles: + type: object + id: GoogleCloudApigeeV1ResourceFiles + description: List of resource files. + properties: + resourceFile: + description: List of resource files. + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceFile' + GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendation: + id: >- + GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendation + properties: + scoreImpact: + type: integer + format: int32 description: >- - User-supplied key-value pairs used to organize ArchiveDeployments. - Label keys must be between 1 and 63 characters long, have a UTF-8 - encoding of maximum 128 bytes, and must conform to the following - PCRE regular expression: \p{Ll}\p{Lo}{0,62} Label values must be - between 1 and 63 characters long, have a UTF-8 encoding of maximum - 128 bytes, and must conform to the following PCRE regular - expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can - be associated with a given store. - type: object - additionalProperties: - type: string - createdAt: + Score impact indicates the impact on the overall score if the + assessment were to pass. + recommendations: + items: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendationRecommendation + type: array + description: The recommended steps of the assessment. + weight: + enumDescriptions: + - The weight is unspecified. + - The weight is minor. + - The weight is moderate. + - The weight is major. + description: The weight of the assessment which was set in the profile. + type: string + enum: + - WEIGHT_UNSPECIFIED + - MINOR + - MODERATE + - MAJOR + verdict: + description: Verdict indicates the assessment result. + enumDescriptions: + - The verdict is unspecified. + - The assessment has passed. + - The assessment has failed. + - The verdict is not applicable. + type: string + enum: + - VERDICT_UNSPECIFIED + - PASS + - FAIL + - NOT_APPLICABLE + displayName: + description: The display name of the assessment. + type: string + description: The message format of a recommendation from the assessment. + type: object + GoogleCloudApigeeV1SecurityProfileEnvironment: + id: GoogleCloudApigeeV1SecurityProfileEnvironment + properties: + attachTime: description: >- - Output only. The time at which the Archive Deployment was created in - milliseconds since the epoch. + Output only. Time at which environment was attached to the security + profile. readOnly: true + format: google-datetime type: string - format: int64 - updatedAt: - description: >- - Output only. The time at which the Archive Deployment was updated in - milliseconds since the epoch. + environment: readOnly: true + type: string + description: Output only. Name of the environment. + type: object + description: >- + Environment information of attached environments. Scoring an environment + is enabled only if it is attached to a security profile. + GoogleCloudApigeeV1Credential: + id: GoogleCloudApigeeV1Credential + properties: + issuedAt: type: string format: int64 - gcsUri: + description: Time the credential was issued in milliseconds since epoch. + status: description: >- - Input only. The Google Cloud Storage signed URL returned from - GenerateUploadUrl and used to upload the Archive zip file. + Status of the credential. Valid values include `approved` or + `revoked`. type: string - operation: + expiresAt: + format: int64 + type: string + description: Time the credential will expire in milliseconds since epoch. + consumerSecret: + description: Secret key. + type: string + scopes: + type: array + items: + type: string description: >- - Output only. A reference to the LRO that created this Archive - Deployment in the following format: - `organizations/{org}/operations/{id}` - readOnly: true + List of scopes to apply to the app. Specified scopes must already + exist on the API product that you associate with the app. + apiProducts: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProductRef' + type: array + description: List of API products this credential can be used for. + attributes: + description: List of attributes associated with this credential. + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + consumerKey: + description: Consumer key. type: string - GoogleCloudApigeeV1ListArchiveDeploymentsResponse: - id: GoogleCloudApigeeV1ListArchiveDeploymentsResponse - description: Response for ListArchiveDeployments method. type: object + GoogleCloudApigeeV1ListSecurityProfilesV2Response: + description: Response for ListSecurityProfilesV2. properties: - archiveDeployments: - description: Archive Deployments in the specified environment. + securityProfilesV2: + description: List of security profiles in the organization. type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1ArchiveDeployment' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfileV2' nextPageToken: description: >- - Page token that you can include in a ListArchiveDeployments request - to retrieve the next page. If omitted, no subsequent pages exist. + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. type: string - GoogleCloudApigeeV1GenerateUploadUrlRequest: - id: GoogleCloudApigeeV1GenerateUploadUrlRequest - description: Request for GenerateUploadUrl method. + id: GoogleCloudApigeeV1ListSecurityProfilesV2Response type: object - properties: {} - GoogleCloudApigeeV1GenerateUploadUrlResponse: - id: GoogleCloudApigeeV1GenerateUploadUrlResponse - description: Response for GenerateUploadUrl method. + GoogleTypeExpr: type: object + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. properties: - uploadUri: + description: + type: string description: >- - The Google Cloud Storage signed URL that can be used to upload a new - Archive zip file. + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + title: + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. type: string - GoogleCloudApigeeV1GenerateDownloadUrlRequest: - id: GoogleCloudApigeeV1GenerateDownloadUrlRequest - description: Request for GenerateDownloadUrl method. - type: object - properties: {} - GoogleCloudApigeeV1GenerateDownloadUrlResponse: - id: GoogleCloudApigeeV1GenerateDownloadUrlResponse - description: Response for GenerateDownloadUrl method. - type: object + expression: + type: string + description: >- + Textual representation of an expression in Common Expression + Language syntax. + location: + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: string + id: GoogleTypeExpr + GoogleCloudApigeeV1RuntimeAddonsConfig: properties: - downloadUri: + analyticsConfig: + description: Runtime configuration for Analytics add-on. + $ref: '#/components/schemas/GoogleCloudApigeeV1RuntimeAnalyticsConfig' + revisionId: + type: string + description: Revision number used by the runtime to detect config changes. + uid: description: >- - The Google Cloud Storage signed URL that can be used to download the - Archive zip file. + UID is to detect if config is recreated after deletion. The add-on + config will only be deleted when the environment itself gets + deleted, thus it will always be the same as the UID of + EnvironmentConfig. type: string - GoogleProtobufEmpty: - id: GoogleProtobufEmpty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - GoogleCloudApigeeV1DataCollector: - id: GoogleCloudApigeeV1DataCollector - description: Data collector configuration. + name: + type: string + description: >- + Name of the addons config in the format: + `organizations/{org}/environments/{env}/addonsConfig` + apiSecurityConfig: + $ref: '#/components/schemas/GoogleCloudApigeeV1RuntimeApiSecurityConfig' + description: Runtime configuration for API Security add-on. type: object + description: >- + RuntimeAddonsConfig defines the runtime configurations for add-ons in an + environment. + id: GoogleCloudApigeeV1RuntimeAddonsConfig + GoogleCloudApigeeV1SecurityAction: + id: GoogleCloudApigeeV1SecurityAction properties: + flag: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityActionFlag' + description: Flag a request through if it matches this SecurityAction. + allow: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityActionAllow' + description: Allow a request through if it matches this SecurityAction. + deny: + description: Deny a request through if it matches this SecurityAction. + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityActionDeny' name: - description: ID of the data collector. Must begin with `dc_`. - type: string - description: - description: A description of the data collector. type: string - type: - description: Immutable. The type of data this data collector will collect. + description: >- + Immutable. This field is ignored during creation as per AIP-133. + Please set the `security_action_id` field in the + CreateSecurityActionRequest when creating a new SecurityAction. + Format: + organizations/{org}/environments/{env}/securityActions/{security_action} + state: + description: >- + Required. Only an ENABLED SecurityAction is enforced. An ENABLED + SecurityAction past its expiration time will not be enforced. type: string - enumDescriptions: - - For future compatibility. - - For integer values. - - For float values. - - For string values. - - For boolean values. - - For datetime values. enum: - - TYPE_UNSPECIFIED - - INTEGER - - FLOAT - - STRING - - BOOLEAN - - DATETIME - createdAt: + - STATE_UNSPECIFIED + - ENABLED + - DISABLED + enumDescriptions: + - >- + The default value. This only exists for forward compatibility. A + create request with this value will be rejected. + - >- + An ENABLED SecurityAction is actively enforced if the + `expiration_time` is in the future. + - A disabled SecurityAction is never enforced. + conditionConfig: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityActionConditionConfig description: >- - Output only. The time at which the data collector was created in - milliseconds since the epoch. + Required. A valid SecurityAction must contain at least one + condition. + expireTime: + description: The expiration for this SecurityAction. + format: google-datetime + type: string + createTime: + format: google-datetime + description: Output only. The create time for this SecurityAction. + type: string readOnly: true + apiProxies: + description: >- + Optional. If unset, this would apply to all proxies in the + environment. If set, this action is enforced only if at least one + proxy in the repeated list is deployed at the time of enforcement. + If set, several restrictions are enforced on SecurityActions. There + can be at most 100 enabled actions with proxies set in an env. + Several other restrictions apply on conditions and are detailed + later. + items: + type: string + type: array + description: type: string - format: int64 - lastModifiedAt: description: >- - Output only. The time at which the Data Collector was last updated - in milliseconds since the epoch. + Optional. An optional user provided description of the + SecurityAction. + ttl: + description: Input only. The TTL for this SecurityAction. + type: string + format: google-duration + updateTime: + description: >- + Output only. The update time for this SecurityAction. This reflects + when this SecurityAction changed states. readOnly: true + format: google-datetime type: string - format: int64 - GoogleCloudApigeeV1ListDataCollectorsResponse: - id: GoogleCloudApigeeV1ListDataCollectorsResponse - description: Response for ListDataCollectors. + description: >- + A SecurityAction is rule that can be enforced at an environment level. + The result is one of: - A denied API call - An explicitly allowed API + call - A flagged API call (HTTP headers added before the target receives + it) At least one condition is required to create a SecurityAction. + type: object + GoogleCloudApigeeV1EnvironmentClientIPResolutionConfig: + description: Configuration for resolving the client ip. + id: GoogleCloudApigeeV1EnvironmentClientIPResolutionConfig type: object properties: - dataCollectors: - description: Data collectors in the specified organization. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1DataCollector' - nextPageToken: - description: >- - Page token that you can include in a ListDataCollectors request to - retrieve the next page. If omitted, no subsequent pages exist. - type: string - GoogleCloudApigeeV1DebugMask: - id: GoogleCloudApigeeV1DebugMask + headerIndexAlgorithm: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1EnvironmentClientIPResolutionConfigHeaderIndexAlgorithm + description: Resolves the client ip based on a custom header. + GoogleCloudApigeeV1LlmTokenQuota: + id: GoogleCloudApigeeV1LlmTokenQuota + description: >- + LLM Token Quota contains the essential parameters needed that can be + applied on the resources, methods, models, API source combination + associated with this API product. While LLM Token Quota is optional, + setting it prevents requests from exceeding the provisioned parameters. type: object properties: - name: - description: Name of the debug mask. + interval: type: string - namespaces: - description: Map of namespaces to URIs. - type: object - additionalProperties: - type: string - requestXPaths: description: >- - List of XPaths that specify the XML elements to be filtered from XML - request message payloads. - type: array - items: - type: string - responseXPaths: + Required. Time interval over which the number of request messages is + calculated. + timeUnit: + type: string description: >- - List of XPaths that specify the XML elements to be filtered from XML - response message payloads. - type: array - items: - type: string - faultXPaths: + Optional. Time unit defined for the `interval`. Valid values include + `minute`, `hour`, `day`, or `month`. If `limit` and `interval` are + valid, the default value is `hour`; otherwise, the default is null. + limit: description: >- - List of XPaths that specify the XML elements to be filtered from XML - payloads in error flows. + Required. Upper limit of LLM tokens allowed for the time interval + and time unit specified. Requests exceeding this limit will be + rejected. + type: string + GoogleCloudApigeeV1EnvironmentConfigClientIPResolutionConfig: + id: GoogleCloudApigeeV1EnvironmentConfigClientIPResolutionConfig + type: object + description: Configuration for resolving the client ip. + properties: + headerIndexAlgorithm: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1EnvironmentConfigClientIPResolutionConfigHeaderIndexAlgorithm + description: Resolves the client ip based on a custom header. + GoogleCloudApigeeV1ReportProperty: + id: GoogleCloudApigeeV1ReportProperty + type: object + properties: + property: + type: string + description: name of the property + value: type: array + description: property values items: - type: string - requestJSONPaths: - description: >- - List of JSON paths that specify the JSON elements to be filtered - from JSON request message payloads. - type: array + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + GoogleCloudApigeeV1ListKeyValueEntriesResponse: + description: >- + The request structure for listing key value map keys and its + corresponding values. + id: GoogleCloudApigeeV1ListKeyValueEntriesResponse + properties: + keyValueEntries: items: - type: string - responseJSONPaths: - description: >- - List of JSON paths that specify the JSON elements to be filtered - from JSON response message payloads. + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + description: One or more key value map keys and values. type: array - items: - type: string - faultJSONPaths: + nextPageToken: description: >- - List of JSON paths that specify the JSON elements to be filtered - from JSON payloads in error flows. - type: array + Token that can be sent as `next_page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + type: object + GoogleCloudApigeeV1ApiDebugSession: + description: Session carries the debug session id and its creation time. + properties: + environmentId: + description: The environment ID of the deployed API proxy. + type: string + createTime: + format: google-datetime + type: string + description: >- + The first transaction creation timestamp in millisecond, recorded by + UAP. + apiProxyRevisionId: + type: string + description: The revision ID of the deployed API proxy. + id: + description: The debug session ID. + type: string + type: object + id: GoogleCloudApigeeV1ApiDebugSession + GoogleCloudApigeeV1ProfileConfig: + description: >- + ProfileConfig defines a set of categories and policies which will be + used to compute security score. + type: object + id: GoogleCloudApigeeV1ProfileConfig + properties: + categories: + description: List of categories of profile config. items: - type: string - variables: - description: List of variables that should be masked from the debug output. + $ref: '#/components/schemas/GoogleCloudApigeeV1ProfileConfigCategory' type: array - items: - type: string - GoogleCloudApigeeV1Deployment: - id: GoogleCloudApigeeV1Deployment - description: Deployment represents a deployment of an API proxy or shared flow. + GoogleCloudApigeeV1AsyncQuery: type: object + id: GoogleCloudApigeeV1AsyncQuery properties: - environment: - description: Environment. + resultFileSize: + description: ResultFileSize is available only after the query is completed. type: string - apiProxy: - description: API proxy. + reportDefinitionId: + description: Asynchronous Report ID. type: string - revision: - description: API proxy revision. + created: + description: Creation time of the query. type: string - deployStartTime: - description: >- - Time the API proxy was marked `deployed` in the control plane in - millisconds since epoch. + resultRows: + description: ResultRows is available only after the query is completed. type: string format: int64 - pods: + updated: + description: Last updated timestamp for the query. + type: string + self: description: >- - Status reported by runtime pods. **Note**: **This field is - deprecated**. Runtime versions 1.3 and above report instance level - status rather than pod status. + Self link of the query. Example: + `/organizations/myorg/environments/myenv/queries/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd` + or following format if query is running at host level: + `/organizations/myorg/hostQueries/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd` + type: string + result: + description: Result is available only after the query is completed. + $ref: '#/components/schemas/GoogleCloudApigeeV1AsyncQueryResult' + envgroupHostname: + type: string + description: Hostname is available only when query is executed at host level. + name: + description: Asynchronous Query Name. + type: string + error: + description: Error is set when query fails. + type: string + queryParams: + description: >- + Contains information like metrics, dimenstions etc of the + AsyncQuery. + $ref: '#/components/schemas/GoogleCloudApigeeV1QueryMetadata' + executionTime: + description: ExecutionTime is available only after the query is completed. + type: string + state: + description: Query state could be "enqueued", "running", "completed", "failed". + type: string + GoogleCloudApigeeV1EndpointChainingRule: + id: GoogleCloudApigeeV1EndpointChainingRule + description: >- + EndpointChainingRule specifies the proxies contained in a particular + deployment group, so that other deployment groups can find them in + chaining calls. + properties: + proxyIds: + description: List of proxy ids which may be found in the given deployment group. type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1PodStatus' - state: + type: string + deploymentGroup: description: >- - Current state of the deployment. **Note**: This field is displayed - only when viewing deployment status. + The deployment group to target for cross-shard chaining calls to + these proxies. type: string - enumDescriptions: - - This value should never be returned. - - Runtime has loaded the deployment. - - Deployment is not fully ready in the runtime. - - >- - Encountered an error with the deployment that requires - intervention. + type: object + GoogleCloudApigeeV1MaintenanceUpdatePolicy: + description: >- + MaintenanceUpdatePolicy specifies the preferred window to perform + maintenance on the instance (day of the week and time of day). + properties: + maintenanceChannel: enum: - - RUNTIME_STATE_UNSPECIFIED - - READY - - PROGRESSING - - ERROR - errors: - description: >- - Errors reported for this deployment. Populated only when state == - ERROR. **Note**: This field is displayed only when viewing - deployment status. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - routeConflicts: + - MAINTENANCE_CHANNEL_UNSPECIFIED + - WEEK1 + - WEEK2 + enumDescriptions: + - Unspecified maintenance channel. + - Receive 1 weeks notice before maintenance occurs + - Receive 2 weeks notice before maintenance occurs description: >- - Conflicts in the desired state routing configuration. The presence - of conflicts does not cause the state to be `ERROR`, but it will - mean that some of the deployment's base paths are not routed to its - environment. If the conflicts change, the state will transition to - `PROGRESSING` until the latest configuration is rolled out to all - instances. **Note**: This field is displayed only when viewing - deployment status. + Optional. Maintenance channel to specify relative scheduling for + maintenance. + type: string + maintenanceWindows: type: array items: $ref: >- - #/components/schemas/GoogleCloudApigeeV1DeploymentChangeReportRoutingConflict - instances: - description: >- - Status reported by each runtime instance. **Note**: This field is - displayed only when viewing deployment status. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1InstanceDeploymentStatus' - serviceAccount: - description: >- - The full resource name of Cloud IAM Service Account that this - deployment is using, eg, `projects/-/serviceAccounts/{email}`. - type: string - proxyDeploymentType: + #/components/schemas/GoogleCloudApigeeV1MaintenanceUpdatePolicyMaintenanceWindow description: >- - Output only. The type of the deployment (standard or extensible) - Deployed proxy revision will be marked as extensible in following 2 - cases. 1. The deployed proxy revision uses extensible policies. 2. - If a environment supports flowhooks and flow hook is configured. - readOnly: true - type: string - enumDescriptions: - - >- - Default value till public preview. After public preview this value - should not be returned. - - >- - Deployment will be of type Standard if only Standard proxies are - used - - >- - Proxy will be of type Extensible if deployments uses one or more - Extensible proxies - enum: - - PROXY_DEPLOYMENT_TYPE_UNSPECIFIED - - STANDARD - - EXTENSIBLE - GoogleCloudApigeeV1PodStatus: - id: GoogleCloudApigeeV1PodStatus + Optional. Preferred windows to perform maintenance. Currently + limited to 1. + type: object + id: GoogleCloudApigeeV1MaintenanceUpdatePolicy + GoogleCloudApigeeV1CanaryEvaluation: + id: GoogleCloudApigeeV1CanaryEvaluation + description: >- + CanaryEvaluation represents the canary analysis between two versions of + the runtime that is serving requests. type: object properties: - podName: - description: Name of the pod which is reporting the status. + treatment: type: string - appVersion: - description: Version of the application running in the pod. + description: Required. The newer version that is serving requests. + createTime: + format: google-datetime type: string - podStatus: - description: >- - Overall status of the pod (not this specific deployment). Valid - values include: - `active`: Up to date. - `stale` : Recently out of - date. Pods that have not reported status in a long time are excluded - from the output. + description: Output only. Create time of the canary evaluation. + readOnly: true + name: + readOnly: true type: string - podStatusTime: - description: Time the pod status was reported in milliseconds since epoch. - type: string - format: int64 - deploymentStatusTime: - description: Time the deployment status was reported in milliseconds since epoch. + description: Output only. Name of the canary evalution. + verdict: + enum: + - VERDICT_UNSPECIFIED + - NONE + - FAIL + - PASS + enumDescriptions: + - Verdict is not available yet. + - No verdict reached. + - Evaluation is not good. + - Evaluation is good. + description: >- + Output only. The resulting verdict of the canary evaluations: NONE, + PASS, or FAIL. + readOnly: true type: string - format: int64 - deploymentTime: - description: Time the proxy was deployed in milliseconds since epoch. + control: + description: Required. The stable version that is serving requests. type: string - format: int64 - deploymentStatus: - description: >- - Status of the deployment. Valid values include: - `deployed`: - Successful. - `error` : Failed. - `pending` : Pod has not yet - reported on the deployment. + endTime: + description: Required. End time for the evaluation's analysis. type: string - statusCode: - description: Code associated with the deployment status. + format: google-datetime + state: + enumDescriptions: + - No state has been specified. + - The canary evaluation is still in progress. + - The canary evaluation has finished. + description: Output only. The current state of the canary evaluation. type: string - statusCodeDetails: - description: Human-readable message associated with the status code. + enum: + - STATE_UNSPECIFIED + - RUNNING + - SUCCEEDED + readOnly: true + metricLabels: + $ref: '#/components/schemas/GoogleCloudApigeeV1CanaryEvaluationMetricLabels' + description: >- + Required. Labels used to filter the metrics used for a canary + evaluation. + startTime: + format: google-datetime type: string - GoogleCloudApigeeV1DeploymentChangeReportRoutingConflict: - id: GoogleCloudApigeeV1DeploymentChangeReportRoutingConflict - description: >- - Describes a routing conflict that may cause a deployment not to receive - traffic at some base path. + description: Required. Start time for the canary evaluation's analysis. + GoogleCloudApigeeV1ScoreComponentRecommendationAction: type: object properties: - environmentGroup: - description: Name of the environment group in which this conflict exists. - type: string - conflictingDeployment: - description: Existing base path/deployment causing the conflict. + actionContext: $ref: >- - #/components/schemas/GoogleCloudApigeeV1DeploymentChangeReportRoutingDeployment + #/components/schemas/GoogleCloudApigeeV1ScoreComponentRecommendationActionActionContext + description: Action context for the action. description: - description: Human-readable description of this conflict. type: string - GoogleCloudApigeeV1DeploymentChangeReportRoutingDeployment: - id: GoogleCloudApigeeV1DeploymentChangeReportRoutingDeployment - description: Tuple representing a base path and the deployment containing it. - type: object + description: Description of the action. + description: Action to improve security score. + id: GoogleCloudApigeeV1ScoreComponentRecommendationAction + GoogleCloudApigeeV1RoutingRule: properties: - basepath: - description: Base path receiving traffic. + receiver: + description: >- + The resource name of the proxy revision that is receiving this + basepath in the following format: + `organizations/{org}/apis/{api}/revisions/{rev}`. This field is + omitted from the IngressConfig unless the GetDeployedIngressConfig + API is called with view=FULL. + type: string + updateTime: + description: >- + The unix timestamp when this rule was updated. This is updated + whenever env_group_revision is updated. This field is omitted from + the IngressConfig unless the GetDeployedIngressConfig API is called + with view=FULL. type: string + format: google-datetime environment: - description: Name of the environment in which the proxy is deployed. type: string - apiProxy: - description: Name of the deployed API proxy revision containing the base path. + description: >- + Name of an environment bound to the environment group in the + following format: `organizations/{org}/environments/{env}`. Only one + of environment or deployment_group will be set. + envGroupRevision: + description: >- + The env group config revision_id when this rule was added or last + updated. This value is set when the rule is created and will only + update if the the environment_id changes. It is used to determine if + the runtime is up to date with respect to this rule. This field is + omitted from the IngressConfig unless the GetDeployedIngressConfig + API is called with view=FULL. type: string - revision: - description: Name of the deployed API proxy revision containing the base path. + format: int64 + basepath: type: string - GoogleCloudApigeeV1InstanceDeploymentStatus: - id: GoogleCloudApigeeV1InstanceDeploymentStatus - description: The status of a deployment as reported by a single instance. - type: object - properties: - instance: - description: ID of the instance reporting the status. + description: >- + URI path prefix used to route to the specified environment. May + contain one or more wildcards. For example, path segments consisting + of a single `*` character will match any string. + deploymentGroup: type: string - deployedRevisions: - description: Revisions currently deployed in MPs. - type: array + description: >- + Name of a deployment group in an environment bound to the + environment group in the following format: + `organizations/{org}/environment/{env}/deploymentGroups/{group}` + Only one of environment or deployment_group will be set. + otherTargets: items: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1InstanceDeploymentStatusDeployedRevision - deployedRoutes: + type: string description: >- - Current routes deployed in the ingress routing table. A route which - is missing will appear in `missing_routes`. + Conflicting targets, which will be resource names specifying either + deployment groups or environments. type: array - items: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1InstanceDeploymentStatusDeployedRoute - GoogleCloudApigeeV1InstanceDeploymentStatusDeployedRevision: - id: GoogleCloudApigeeV1InstanceDeploymentStatusDeployedRevision - description: Revisions deployed in the MPs. type: object - properties: - revision: - description: API proxy revision reported as deployed. - type: string - percentage: - description: Percentage of MP replicas reporting this revision. - type: integer - format: int32 - GoogleCloudApigeeV1InstanceDeploymentStatusDeployedRoute: - id: GoogleCloudApigeeV1InstanceDeploymentStatusDeployedRoute - description: Route deployed in the ingress routing table. + id: GoogleCloudApigeeV1RoutingRule + GoogleCloudApigeeV1ProfileConfigCORS: + description: Checks to see if you have CORS policy in place. + properties: {} + id: GoogleCloudApigeeV1ProfileConfigCORS type: object + GoogleCloudApigeeV1ListNatAddressesResponse: + id: GoogleCloudApigeeV1ListNatAddressesResponse properties: - basepath: - description: Base path in the routing table. - type: string - envgroup: - description: Environment group where this route is installed. + natAddresses: + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1NatAddress' + description: List of NAT Addresses for the instance. + nextPageToken: type: string - environment: description: >- - Destination environment. This will be empty if the route is not yet - reported. - type: string - percentage: - description: Percentage of ingress replicas reporting this route. - type: integer - format: int32 - GoogleCloudApigeeV1DeploymentChangeReport: - id: GoogleCloudApigeeV1DeploymentChangeReport - description: >- - Response for GenerateDeployChangeReport and - GenerateUndeployChangeReport. This report contains any validation - failures that would cause the deployment to be rejected, as well changes - and conflicts in routing that may occur due to the new deployment. The - existence of a routing warning does not necessarily imply that the - deployment request is bad, if the desired state of the deployment - request is to effect a routing change. The primary purposes of the - routing messages are: 1) To inform users of routing changes that may - have an effect on traffic currently being routed to other existing - deployments. 2) To warn users if some base path in the proxy will not - receive traffic due to an existing deployment having already claimed - that base path. The presence of routing conflicts/changes will not cause - non-dry-run DeployApiProxy/UndeployApiProxy requests to be rejected. + Page token that you can include in a ListNatAddresses request to + retrieve the next page of content. If omitted, no subsequent pages + exist. type: object - properties: - validationErrors: - description: >- - Validation errors that would cause the deployment change request to - be rejected. - $ref: '#/components/schemas/GoogleRpcPreconditionFailure' - routingChanges: - description: All routing changes that may result from a deployment request. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1DeploymentChangeReportRoutingChange - routingConflicts: - description: All base path conflicts detected for a deployment request. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1DeploymentChangeReportRoutingConflict - GoogleRpcPreconditionFailure: - id: GoogleRpcPreconditionFailure - description: >- - Describes what preconditions have failed. For example, if an RPC failed - because it required the Terms of Service to be acknowledged, it could - list the terms of service violation in the PreconditionFailure message. + description: Response for ListNatAddresses. + GoogleCloudApigeeV1KeystoreConfig: type: object properties: - violations: - description: Describes all precondition violations. + aliases: + description: Aliases in the keystore. type: array items: - $ref: '#/components/schemas/GoogleRpcPreconditionFailureViolation' - GoogleRpcPreconditionFailureViolation: - id: GoogleRpcPreconditionFailureViolation - description: A message type used to describe a single precondition failure. + $ref: '#/components/schemas/GoogleCloudApigeeV1AliasRevisionConfig' + name: + description: >- + Resource name in the following format: + `organizations/{org}/environments/{env}/keystores/{keystore}` + type: string + id: GoogleCloudApigeeV1KeystoreConfig + GoogleCloudApigeeV1OptimizedStatsResponse: + description: Encapsulates a response format for JavaScript Optimized Scenario. type: object properties: - type: + resultTruncated: description: >- - The type of PreconditionFailure. We recommend using a - service-specific enum type to define the supported precondition - violation subjects. For example, "TOS" for "Terms of Service - violation". - type: string - subject: + Boolean flag that indicates whether the results were truncated based + on the limit parameter. + type: boolean + TimeUnit: description: >- - The subject, relative to the type, that failed. For example, - "google.com/cloud" relative to the "TOS" type would indicate which - terms of service is being referenced. - type: string - description: + List of time unit values. Time unit refers to an epoch timestamp + value. + type: array + items: + type: string + format: int64 + metaData: + description: Metadata information about the query executed. + $ref: '#/components/schemas/GoogleCloudApigeeV1Metadata' + stats: + description: '`stats` results.' + $ref: '#/components/schemas/GoogleCloudApigeeV1OptimizedStatsNode' + id: GoogleCloudApigeeV1OptimizedStatsResponse + GoogleCloudApigeeV1RuntimeTraceSamplingConfig: + type: object + id: GoogleCloudApigeeV1RuntimeTraceSamplingConfig + properties: + samplingRate: + type: number + format: float description: >- - A description of how the precondition failed. Developers can use - this description to understand how to fix the failure. For example: - "Terms of service not accepted". + Field sampling rate. This value is only applicable when using the + PROBABILITY sampler. The supported values are > 0 and <= 0.5. + sampler: + description: Sampler of distributed tracing. OFF is the default value. + enumDescriptions: + - Sampler unspecified. + - >- + OFF means distributed trace is disabled, or the sampling + probability is 0. + - >- + PROBABILITY means traces are captured on a probability that + defined by sampling_rate. The sampling rate is limited to 0 to 0.5 + when this is set. + enum: + - SAMPLER_UNSPECIFIED + - 'OFF' + - PROBABILITY type: string - GoogleCloudApigeeV1DeploymentChangeReportRoutingChange: - id: GoogleCloudApigeeV1DeploymentChangeReportRoutingChange description: >- - Describes a potential routing change that may occur as a result of some - deployment operation. + NEXT ID: 3 RuntimeTraceSamplingConfig represents the detail settings of + distributed tracing. Only the fields that are defined in the distributed + trace configuration can be overridden using the distribute trace + configuration override APIs. + GoogleCloudApigeeV1DnsZonePeeringConfig: type: object properties: - environmentGroup: - description: Name of the environment group affected by this routing change. + targetProjectId: type: string - fromDeployment: - description: Base path/deployment that may stop receiving some traffic. - $ref: >- - #/components/schemas/GoogleCloudApigeeV1DeploymentChangeReportRoutingDeployment - toDeployment: description: >- - Base path/deployment that may start receiving that traffic. May be - null if no deployment is able to receive the traffic. - $ref: >- - #/components/schemas/GoogleCloudApigeeV1DeploymentChangeReportRoutingDeployment - shouldSequenceRollout: + Required. The ID of the project that contains the producer VPC + network. + targetNetworkId: description: >- - Set to `true` if using sequenced rollout would make this routing - change safer. **Note**: This does not necessarily imply that - automated sequenced rollout mode is supported for the operation. - type: boolean - description: - description: Human-readable description of this routing change. + Required. The VPC network where the records for that private DNS + zone's namespace are available. Apigee will be performing DNS + peering with this VPC network. type: string - GoogleCloudApigeeV1ListDeploymentsResponse: - id: GoogleCloudApigeeV1ListDeploymentsResponse - type: object + description: Fields for DNS PEERING zone. + id: GoogleCloudApigeeV1DnsZonePeeringConfig + GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestResourceArrayResource: + description: Resource for which we are computing security assessment. properties: - deployments: - description: List of deployments. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Deployment' - GoogleCloudApigeeV1FlowHook: - id: GoogleCloudApigeeV1FlowHook + name: + description: >- + Required. Name of this resource. For an Apigee API Proxy, this + should be the id of the API proxy. For an API Hub Deployment, this + should be the id of the deployment. + type: string + type: + type: string + enumDescriptions: + - ResourceType not specified. + - Resource is an Apigee Proxy. + - Resource is an API Hub deployment. + description: Required. Type of this resource. + enum: + - RESOURCE_TYPE_UNSPECIFIED + - API_PROXY + - API_HUB_DEPLOYMENT + id: >- + GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestResourceArrayResource + type: object + GoogleCloudApigeeV1Instance: + description: Apigee runtime instance. type: object + id: GoogleCloudApigeeV1Instance properties: - flowHookPoint: + isVersionLocked: + readOnly: true description: >- - Output only. Where in the API call flow the flow hook is invoked. - Must be one of `PreProxyFlowHook`, `PostProxyFlowHook`, - `PreTargetFlowHook`, or `PostTargetFlowHook`. + Output only. Indicates whether the instance is version locked. If + true, the instance will not be updated by automated runtime + rollouts. This is only supported for Apigee X instances. + type: boolean + runtimeVersion: + type: string + description: >- + Output only. Version of the runtime system running in the instance. + The runtime system is the set of components that serve the API Proxy + traffic in your Environments. + readOnly: true + host: + description: >- + Output only. Internal hostname or IP address of the Apigee endpoint + used by clients to connect to the service. + type: string readOnly: true + peeringCidrRange: + enum: + - CIDR_RANGE_UNSPECIFIED + - SLASH_16 + - SLASH_17 + - SLASH_18 + - SLASH_19 + - SLASH_20 + - SLASH_22 + - SLASH_23 type: string + enumDescriptions: + - Range not specified. + - '`/16` CIDR range.' + - '`/17` CIDR range.' + - '`/18` CIDR range.' + - '`/19` CIDR range.' + - '`/20` CIDR range.' + - '`/22` CIDR range. Supported for evaluation only.' + - '`/23` CIDR range. Supported for evaluation only.' + description: >- + Optional. Size of the CIDR block range that will be reserved by the + instance. PAID organizations support `SLASH_16` to `SLASH_20` and + defaults to `SLASH_16`. Evaluation organizations support only + `SLASH_23`. + deprecated: true description: - description: Description of the flow hook. + description: Optional. Description of the instance. type: string - sharedFlow: + ipRange: description: >- - Shared flow attached to this flow hook, or empty if there is none - attached. + Optional. Comma-separated list of CIDR blocks of length 22 and/or 28 + used to create the Apigee instance. Providing CIDR ranges is + optional. You can provide just /22 or /28 or both (or neither). + Ranges you provide should be freely available as part of a larger + named range you have allocated to the Service Networking peering. If + this parameter is not provided, Apigee automatically requests an + available /22 and /28 CIDR block from Service Networking. Use the + /22 CIDR block for configuring your firewall needs to allow traffic + from Apigee. Input formats: `a.b.c.d/22` or `e.f.g.h/28` or + `a.b.c.d/22,e.f.g.h/28` type: string - continueOnError: + consumerAcceptList: description: >- - Optional. Flag that specifies whether execution should continue if - the flow hook throws an exception. Set to `true` to continue - execution. Set to `false` to stop execution if the flow hook throws - an exception. Defaults to `true`. - type: boolean - GoogleIamV1SetIamPolicyRequest: - id: GoogleIamV1SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: + Optional. Customer accept list represents the list of projects + (id/number) on customer side that can privately connect to the + service attachment. It is an optional field which the customers can + provide during the instance creation. By default, the customer + project associated with the Apigee organization will be included to + the list. + type: array + items: + type: string + createdAt: description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/GoogleIamV1Policy' - updateMask: + Output only. Time the instance was created in milliseconds since + epoch. + type: string + format: int64 + readOnly: true + name: + type: string description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` + Required. Resource ID of the instance. Values must match the regular + expression `^a-z{0,30}[a-z\d]$`. + maintenanceUpdatePolicy: + description: >- + Optional. Apigee customers can set the preferred window to perform + maintenance on the instance (day of the week and time of day). + $ref: '#/components/schemas/GoogleCloudApigeeV1MaintenanceUpdatePolicy' + location: type: string - format: google-fieldmask - GoogleIamV1Policy: - id: GoogleIamV1Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + description: Required. Compute Engine location where the instance resides. + scheduledMaintenance: + readOnly: true + description: >- + Output only. Time and date of the scheduled maintenance for this + instance. This field is only populated for instances that have opted + into Maintenance Window and if there is an upcoming maintenance. + Cleared once the maintenance is complete. + $ref: '#/components/schemas/GoogleCloudApigeeV1ScheduledMaintenance' + serviceAttachment: + readOnly: true + description: >- + Output only. Resource name of the service attachment created for the + instance in the format: `projects/*/regions/*/serviceAttachments/*` + Apigee customers can privately forward traffic to this service + attachment using the PSC endpoints. + type: string + state: + description: >- + Output only. State of the instance. Values other than `ACTIVE` means + the resource is not ready to use. + enumDescriptions: + - Resource is in an unspecified state. + - Resource is being created. + - Resource is provisioned and ready to use. + - The resource is being deleted. + - The resource is being updated. + readOnly: true + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + - UPDATING + type: string + diskEncryptionKeyName: + description: >- + Optional. Customer Managed Encryption Key (CMEK) used for disk and + volume encryption. If not specified, a Google-Managed encryption key + will be used. Use the following format: + `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)` + type: string + displayName: + description: Optional. Display name for the instance. + type: string + port: + description: Output only. Port number of the exposed Apigee endpoint. + type: string + readOnly: true + lastModifiedAt: + description: >- + Output only. Time the instance was last modified in milliseconds + since epoch. + type: string + format: int64 + readOnly: true + accessLoggingConfig: + description: >- + Optional. Access logging configuration enables the access logging + feature at the instance. Apigee customers can enable access logging + to ship the access logs to their own project's cloud logging. + $ref: '#/components/schemas/GoogleCloudApigeeV1AccessLoggingConfig' + GoogleCloudApigeeV1QueryTabularStatsResponse: + description: >- + Encapsulates two kinds of stats that are results of the dimensions and + aggregations requested. - Tabular rows. - Time series data. Example of + tabular rows, Represents security stats results as a row of flat values. + id: GoogleCloudApigeeV1QueryTabularStatsResponse type: object properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + columns: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. + Column names corresponding to the same order as the inner values in + the stats field. + items: + type: string type: array + values: items: - $ref: '#/components/schemas/GoogleIamV1Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. + items: + type: any + type: array type: array + description: Resultant rows from the executed query. + nextPageToken: + type: string + description: Next page token. + GoogleCloudApigeeV1ListApiDocsResponse: + id: GoogleCloudApigeeV1ListApiDocsResponse + type: object + properties: + status: + description: Status of the operation. + type: string + requestId: + type: string + description: Unique ID of the request. + message: + description: Description of the operation. + type: string + errorCode: + type: string + description: Unique error code for the request, if any. + data: + description: The catalog item resources. items: - $ref: '#/components/schemas/GoogleIamV1AuditConfig' - etag: + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDoc' + type: array + nextPageToken: + type: string description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + GoogleCloudApigeeV1ListRatePlansResponse: + id: GoogleCloudApigeeV1ListRatePlansResponse + description: Response for ListRatePlans. + properties: + nextStartKey: type: string - format: byte - GoogleIamV1Binding: - id: GoogleIamV1Binding - description: Associates `members`, or principals, with a `role`. + description: >- + Value that can be sent as `startKey` to retrieve the next page of + content. If this field is omitted, there are no subsequent pages. + ratePlans: + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1RatePlan' + description: List of rate plans in an organization. + type: object + GoogleCloudApigeeV1ApiDocDocumentationResponse: + id: GoogleCloudApigeeV1ApiDocDocumentationResponse type: object + description: >- + The catalog item documentation wrapped with response status, error_code, + etc. properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + requestId: + readOnly: true + description: Output only. Unique ID of the request. + type: string + data: + description: Output only. The documentation resource. + readOnly: true + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDocDocumentation' + status: + description: Output only. Status of the operation. + readOnly: true + type: string + message: + readOnly: true + type: string + description: Output only. Description of the operation. + errorCode: + description: Output only. Unique error code for the request, if any. + readOnly: true + type: string + GoogleCloudApigeeV1CommonNameConfig: + id: GoogleCloudApigeeV1CommonNameConfig + properties: + name: type: string + matchWildCards: + type: boolean + type: object + GoogleCloudApigeeV1ListExportsResponse: + description: The response for ListExports + properties: + exports: + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Export' + description: Details of the export jobs. + type: object + id: GoogleCloudApigeeV1ListExportsResponse + GoogleCloudApigeeV1Access: + type: object + properties: + Set: + $ref: '#/components/schemas/GoogleCloudApigeeV1AccessSet' + Get: + $ref: '#/components/schemas/GoogleCloudApigeeV1AccessGet' + Remove: + $ref: '#/components/schemas/GoogleCloudApigeeV1AccessRemove' + id: GoogleCloudApigeeV1Access + GoogleCloudApigeeV1ListOrganizationsResponse: + properties: + organizations: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1OrganizationProjectMapping' + description: List of Apigee organizations and associated Google Cloud projects. + type: array + type: object + id: GoogleCloudApigeeV1ListOrganizationsResponse + GoogleCloudApigeeV1SetAddonsRequest: + properties: + addonsConfig: + $ref: '#/components/schemas/GoogleCloudApigeeV1AddonsConfig' + description: Required. Add-on configurations. + id: GoogleCloudApigeeV1SetAddonsRequest + type: object + description: Request for SetAddons. + GoogleIamV1Binding: + type: object + id: GoogleIamV1Binding + properties: members: + items: + type: string description: >- Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A @@ -1266,2390 +1525,2302 @@ components: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. type: array - items: - type: string - condition: + role: + type: string description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + condition: + $ref: '#/components/schemas/GoogleTypeExpr' + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/GoogleTypeExpr' - GoogleTypeExpr: - id: GoogleTypeExpr + description: Associates `members`, or principals, with a `role`. + GoogleCloudApigeeV1ProfileConfigAuthorization: description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + By default, following policies will be included: - JWS - JWT - OAuth - + BasicAuth - APIKey + type: object + properties: {} + id: GoogleCloudApigeeV1ProfileConfigAuthorization + GoogleCloudApigeeV1RevenueShareRange: + id: GoogleCloudApigeeV1RevenueShareRange + description: >- + API call volume range and the percentage of revenue to share with the + developer when the total number of API calls is within the range. type: object properties: - expression: + start: description: >- - Textual representation of an expression in Common Expression - Language syntax. + Starting value of the range. Set to 0 or `null` for the initial + range of values. + format: int64 type: string - title: + end: + format: int64 description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + Ending value of the range. Set to 0 or `null` for the last range of + values. type: string - description: + sharePercentage: + type: number + format: double description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: + Percentage of the revenue to be shared with the developer. For + example, to share 21 percent of the total revenue with the + developer, set this value to 21. Specify a decimal number with a + maximum of two digits following the decimal point. + GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestResourceArray: + properties: + resources: + items: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestResourceArrayResource description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - GoogleIamV1AuditConfig: - id: GoogleIamV1AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + Required. The array of resources. For Apigee, the proxies are + resources. + type: array + id: >- + GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestResourceArray type: object + description: >- + Message for the array of resources. For Apigee, the proxies are + resources. + GoogleCloudApigeeV1AccessGet: properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. + value: type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/GoogleIamV1AuditLogConfig' - GoogleIamV1AuditLogConfig: - id: GoogleIamV1AuditLogConfig + name: + type: string + type: object description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. + Get action. For example, "Get" : { "name" : "target.name", "value" : + "default" } + id: GoogleCloudApigeeV1AccessGet + GoogleCloudApigeeV1SharedFlow: type: object + id: GoogleCloudApigeeV1SharedFlow + description: The metadata describing a shared flow properties: - logType: - description: The log type that this config enables. - type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: + space: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array + Optional. The ID of the space associated with this shared flow. Any + IAM policies applied to the space will control access to this shared + flow. To learn how Spaces can be used to manage resources, read the + [Apigee Spaces + Overview](https://cloud.google.com/apigee/docs/api-platform/system-administration/spaces/apigee-spaces-overview). + type: string + metaData: + $ref: '#/components/schemas/GoogleCloudApigeeV1EntityMetadata' + description: Metadata describing the shared flow. + revision: + description: A list of revisions of this shared flow. items: type: string - GoogleIamV1TestIamPermissionsRequest: - id: GoogleIamV1TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object + type: array + name: + description: The ID of the shared flow. + type: string + latestRevisionId: + description: The id of the most recently created revision for this shared flow. + type: string + GoogleCloudApigeeV1KeyAliasReference: + id: GoogleCloudApigeeV1KeyAliasReference properties: - permissions: + reference: description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - GoogleIamV1TestIamPermissionsResponse: - id: GoogleIamV1TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. + Reference name in the following format: + `organizations/{org}/environments/{env}/references/{reference}` + type: string + aliasId: + type: string + description: Alias ID. Must exist in the keystore referred to by the reference. + type: object + GoogleCloudApigeeV1OperationGroup: type: object properties: - permissions: + operationConfigType: description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array + Flag that specifes whether the configuration is for Apigee API proxy + or a remote service. Valid values include `proxy` or + `remoteservice`. Defaults to `proxy`. Set to `proxy` when Apigee API + proxies are associated with the API product. Set to `remoteservice` + when non-Apigee proxies like Istio-Envoy are associated with the API + product. + type: string + operationConfigs: + description: >- + Required. List of operation configurations for either Apigee API + proxies or other remote services that are associated with this API + product. items: - type: string - GoogleCloudApigeeV1EnvironmentGroup: - id: GoogleCloudApigeeV1EnvironmentGroup + $ref: '#/components/schemas/GoogleCloudApigeeV1OperationConfig' + type: array + id: GoogleCloudApigeeV1OperationGroup description: >- - EnvironmentGroup configuration. An environment group is used to group - one or more Apigee environments under a single host name. + List of operation configuration details associated with Apigee API + proxies or remote services. Remote services are non-Apigee proxies, such + as Istio-Envoy. + GoogleCloudApigeeV1RuntimeConfig: + description: >- + Runtime configuration for the organization. Response for + GetRuntimeConfig. type: object properties: name: - description: ID of the environment group. - type: string - hostnames: - description: Required. Host names for this environment group. - type: array - items: - type: string - createdAt: description: >- - Output only. The time at which the environment group was created as - milliseconds since epoch. - readOnly: true + Name of the resource in the following format: + `organizations/{org}/runtimeConfig`. type: string - format: int64 - lastModifiedAt: - description: >- - Output only. The time at which the environment group was last - updated as milliseconds since epoch. - readOnly: true + analyticsBucket: + description: Cloud Storage bucket used for uploading Analytics records. type: string - format: int64 - state: + traceBucket: + description: Cloud Storage bucket used for uploading Trace records. + type: string + tenantProjectId: + readOnly: true description: >- - Output only. State of the environment group. Values other than - ACTIVE means the resource is not ready to use. - readOnly: true + Output only. Tenant project ID associated with the Apigee + organization. The tenant project is used to host Google-managed + resources that are dedicated to this Apigee organization. Clients + have limited access to resources within the tenant project used to + support Apigee runtime instances. Access to the tenant project is + managed using SetSyncAuthorization. It can be empty if the tenant + project hasn't been created yet. type: string - enumDescriptions: - - Resource is in an unspecified state. - - Resource is being created. - - Resource is provisioned and ready to use. - - The resource is being deleted. - - The resource is being updated. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - - UPDATING - GoogleCloudApigeeV1ListEnvironmentGroupsResponse: - id: GoogleCloudApigeeV1ListEnvironmentGroupsResponse - description: Response for ListEnvironmentGroups. + id: GoogleCloudApigeeV1RuntimeConfig + GoogleCloudApigeeV1TlsInfoConfig: type: object + id: GoogleCloudApigeeV1TlsInfoConfig properties: - environmentGroups: - description: EnvironmentGroups in the specified organization. + protocols: + items: + type: string + description: List of TLS protocols that are granted access. type: array + enabled: + description: >- + Flag that specifies whether one-way TLS is enabled. Set to `true` to + enable one-way TLS. + type: boolean + clientAuthEnabled: + description: >- + Flag that specifies whether client-side authentication is enabled + for the target server. Enables two-way TLS. + type: boolean + trustStore: + type: string + description: >- + Name of the keystore or keystore reference containing trusted + certificates for the server in the following format: + `organizations/{org}/environments/{env}/keystores/{keystore}` or + `organizations/{org}/environments/{env}/references/{reference}` + commonName: + $ref: '#/components/schemas/GoogleCloudApigeeV1CommonNameConfig' + description: Common name to validate the target server against. + ciphers: items: - $ref: '#/components/schemas/GoogleCloudApigeeV1EnvironmentGroup' - nextPageToken: + type: string + description: List of ciphers that are granted access. + type: array + keyAliasReference: + description: Reference name and alias pair to use for client-side authentication. + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyAliasReference' + enforce: + description: Flag that enforces TLS settings + type: boolean + ignoreValidationErrors: description: >- - Page token that you can include in a ListEnvironmentGroups request - to retrieve the next page. If omitted, no subsequent pages exist. + Flag that specifies whether to ignore TLS certificate validation + errors. Set to `true` to ignore errors. + type: boolean + keyAlias: + description: >- + Name of the alias used for client-side authentication in the + following format: + `organizations/{org}/environments/{env}/keystores/{keystore}/aliases/{alias}` type: string - GoogleCloudApigeeV1EnvironmentGroupAttachment: - id: GoogleCloudApigeeV1EnvironmentGroupAttachment - description: >- - EnvironmentGroupAttachment is a resource which defines an attachment of - an environment to an environment group. + GoogleCloudApigeeV1ReportInstanceStatusResponse: + id: GoogleCloudApigeeV1ReportInstanceStatusResponse type: object + description: Placeholder for future enhancements to status reporting protocol + properties: {} + GoogleCloudApigeeV1ApiDocDocumentation: + id: GoogleCloudApigeeV1ApiDocDocumentation + description: The documentation for a catalog item. properties: - name: - description: ID of the environment group attachment. - type: string - environment: - description: Required. ID of the attached environment. - type: string - createdAt: - description: >- - Output only. The time at which the environment group attachment was - created as milliseconds since epoch. - readOnly: true - type: string - format: int64 - environmentGroupId: - description: Output only. ID of the environment group. - readOnly: true - type: string - GoogleCloudApigeeV1ListEnvironmentGroupAttachmentsResponse: - id: GoogleCloudApigeeV1ListEnvironmentGroupAttachmentsResponse - description: Response for ListEnvironmentGroupAttachments. + graphqlDocumentation: + $ref: '#/components/schemas/GoogleCloudApigeeV1GraphqlDocumentation' + description: Optional. GraphQL documentation. + oasDocumentation: + description: Optional. OpenAPI Specification documentation. + $ref: '#/components/schemas/GoogleCloudApigeeV1OASDocumentation' type: object + GoogleCloudApigeeV1KeyValueEntry: + description: >- + Key value map pair where the value represents the data associated with + the corresponding key. **Note**: Supported for Apigee hybrid 1.8.x and + higher. properties: - environmentGroupAttachments: - description: EnvironmentGroupAttachments for the specified environment group. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1EnvironmentGroupAttachment' - nextPageToken: + value: + type: string description: >- - Page token that you can include in a ListEnvironmentGroupAttachments - request to retrieve the next page. If omitted, no subsequent pages - exist. + Required. Data or payload that is being retrieved and associated + with the unique key. + name: type: string - GoogleCloudApigeeV1Keystore: - id: GoogleCloudApigeeV1Keystore - description: Datastore for Certificates and Aliases. + description: >- + Resource URI that can be used to identify the scope of the key value + map entries. type: object + id: GoogleCloudApigeeV1KeyValueEntry + GoogleCloudApigeeV1ControlPlaneAccess: properties: name: - description: >- - Required. Resource ID for this keystore. Values must match the - regular expression `[\w[:space:].-]{1,255}`. type: string - aliases: - description: Output only. Aliases in this keystore. - readOnly: true - type: array + description: >- + Identifier. The resource name of the ControlPlaneAccess. Format: + "organizations/{org}/controlPlaneAccess" + synchronizerIdentities: items: type: string - GoogleCloudApigeeV1Alias: - id: GoogleCloudApigeeV1Alias - description: Reference to a certificate or key/certificate pair. - type: object - properties: - alias: description: >- - Resource ID for this alias. Values must match the regular expression - `[^/]{1,255}`. - type: string - certsInfo: - description: Chain of certificates under this alias. - $ref: '#/components/schemas/GoogleCloudApigeeV1Certificate' - type: - description: Type of alias. - type: string - enumDescriptions: - - Alias type is not specified. - - Certificate. - - Key/certificate pair. - enum: - - ALIAS_TYPE_UNSPECIFIED - - CERT - - KEY_CERT - GoogleCloudApigeeV1Certificate: - id: GoogleCloudApigeeV1Certificate - type: object - properties: - certInfo: - description: Chain of certificates under this name. + Optional. Array of service accounts to grant access to control plane + resources (for the Synchronizer component). The service accounts + must have **Apigee Synchronizer Manager** role. See also [Create + service + accounts](https://cloud.google.com/apigee/docs/hybrid/latest/sa-about#create-the-service-accounts). type: array + analyticsPublisherIdentities: items: - $ref: '#/components/schemas/GoogleCloudApigeeV1CertInfo' - GoogleCloudApigeeV1CertInfo: - id: GoogleCloudApigeeV1CertInfo - description: X.509 certificate as defined in RFC 5280. + type: string + type: array + description: >- + Optional. Array of service accounts authorized to publish analytics + data to the control plane (for the Message Processor component). type: object + id: GoogleCloudApigeeV1ControlPlaneAccess + description: >- + ControlPlaneAccess is the request body and response body of + UpdateControlPlaneAccess. and the response body of + GetControlPlaneAccess. The input identities contains an array of service + accounts to grant access to the respective control plane resource, with + each service account specified using the following format: + `serviceAccount:`***service-account-name***. The + ***service-account-name*** is formatted like an email address. For + example: + `my-control-plane-service_account@my_project_id.iam.gserviceaccount.com` + You might specify multiple service accounts, for example, if you have + multiple environments and wish to assign a unique service account to + each one. + GoogleCloudApigeeV1DeveloperSubscription: + description: Structure of a DeveloperSubscription. + id: GoogleCloudApigeeV1DeveloperSubscription properties: - version: - description: X.509 version. - type: integer - format: int32 - subject: - description: X.509 subject. - type: string - issuer: - description: X.509 issuer. + startTime: + format: int64 + description: >- + Time when the API product subscription starts in milliseconds since + epoch. type: string - expiryDate: - description: X.509 `notAfter` validity period in milliseconds since epoch. + name: + description: Output only. Name of the API product subscription. type: string + readOnly: true + endTime: + description: >- + Time when the API product subscription ends in milliseconds since + epoch. format: int64 - validFrom: - description: X.509 `notBefore` validity period in milliseconds since epoch. type: string + lastModifiedAt: + readOnly: true + description: >- + Output only. Time when the API product subscription was last + modified in milliseconds since epoch. format: int64 - isValid: + type: string + createdAt: + readOnly: true description: >- - Flag that specifies whether the certificate is valid. Flag is set to - `Yes` if the certificate is valid, `No` if expired, or `Not yet` if - not yet valid. + Output only. Time when the API product subscription was created in + milliseconds since epoch. + format: int64 type: string - subjectAlternativeNames: - description: X.509 subject alternative names (SANs) extension. - type: array - items: - type: string - sigAlgName: - description: X.509 signatureAlgorithm. - type: string - publicKey: - description: Public key component of the X.509 subject public key info. - type: string - basicConstraints: - description: X.509 basic constraints extension. - type: string - serialNumber: - description: X.509 serial number. + apiproduct: type: string - GoogleCloudApigeeV1TargetServer: - id: GoogleCloudApigeeV1TargetServer - description: >- - TargetServer configuration. TargetServers are used to decouple a proxy - TargetEndpoint HTTPTargetConnections from concrete URLs for backend - services. + description: >- + Name of the API product for which the developer is purchasing a + subscription. + type: object + GoogleCloudApigeeV1ListInstancesResponse: type: object properties: - name: + nextPageToken: description: >- - Required. The resource id of this target server. Values must match - the regular expression - type: string - description: - description: Optional. A human-readable description of this TargetServer. + Page token that you can include in a ListInstance request to + retrieve the next page of content. If omitted, no subsequent pages + exist. type: string - host: + instances: + description: Instances in the specified organization. + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Instance' + description: Response for ListInstances. + id: GoogleCloudApigeeV1ListInstancesResponse + GoogleCloudApigeeV1ScoreComponent: + id: GoogleCloudApigeeV1ScoreComponent + properties: + recommendations: + description: List of recommendations to improve API security. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ScoreComponentRecommendation + drilldownPaths: + items: + type: string + type: array + description: List of paths for next components. + dataCaptureTime: description: >- - Required. The host name this target connects to. Value must be a - valid hostname as described by RFC-1123. + Time in the requested time period when data was last captured to + compute the score. type: string - port: - description: >- - Required. The port number this target connects to on the given host. - Value must be between 1 and 65535, inclusive. - type: integer + format: google-datetime + score: format: int32 - isEnabled: - description: >- - Optional. Enabling/disabling a TargetServer is useful when - TargetServers are used in load balancing configurations, and one or - more TargetServers need to taken out of rotation periodically. - Defaults to true. - type: boolean - sSLInfo: + type: integer + description: Score for the component. + scorePath: description: >- - Optional. Specifies TLS configuration info for this TargetServer. - The JSON name is `sSLInfo` for legacy/backwards compatibility - reasons -- Edge originally supported SSL, and the name is still used - for TLS configuration. - $ref: '#/components/schemas/GoogleCloudApigeeV1TlsInfo' - protocol: - description: Immutable. The protocol used by this TargetServer. + Path of the component. Example: + /org@myorg/envgroup@myenvgroup/proxies/proxy@myproxy type: string - enumDescriptions: - - UNSPECIFIED defaults to HTTP for backwards compatibility. - - The TargetServer uses HTTP. - - The TargetSever uses HTTP2. - - The TargetServer uses GRPC. - - >- - GRPC TargetServer to be used in ExternalCallout Policy. Prefer to - use EXTERNAL_CALLOUT instead. TODO(b/266125112) deprecate once - EXTERNAL _CALLOUT generally available. - - The TargetServer is to be used in the ExternalCallout Policy - enum: - - PROTOCOL_UNSPECIFIED - - HTTP - - HTTP2 - - GRPC_TARGET - - GRPC - - EXTERNAL_CALLOUT - GoogleCloudApigeeV1TlsInfo: - id: GoogleCloudApigeeV1TlsInfo - description: TLS configuration information for virtual hosts and TargetServers. + calculateTime: + type: string + description: Time when score was calculated. + format: google-datetime + type: object + description: Component is an individual security element that is scored. + GoogleCloudApigeeV1ReportInstanceStatusRequest: + id: GoogleCloudApigeeV1ReportInstanceStatusRequest type: object properties: - enabled: - description: >- - Required. Enables TLS. If false, neither one-way nor two-way TLS - will be enabled. - type: boolean - clientAuthEnabled: - description: Optional. Enables two-way TLS. - type: boolean - keyStore: - description: >- - Required if `client_auth_enabled` is true. The resource ID of the - keystore. + resources: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceStatus' + description: Status for config resources + type: array + reportTime: type: string - keyAlias: description: >- - Required if `client_auth_enabled` is true. The resource ID for the - alias containing the private key and cert. - type: string - trustStore: - description: The resource ID of the truststore. - type: string - ignoreValidationErrors: + The time the report was generated in the runtime. Used to prevent an + old status from overwriting a newer one. An instance should space + out it's status reports so that clock skew does not play a factor. + format: google-datetime + instanceUid: description: >- - If true, Edge ignores TLS certificate errors. Valid when configuring - TLS for target servers and target endpoints, and when configuring - virtual hosts that use 2-way TLS. When used with a target - endpoint/target server, if the backend system uses SNI and returns a - cert with a subject Distinguished Name (DN) that does not match the - hostname, there is no way to ignore the error and the connection - fails. - type: boolean - protocols: - description: The TLS versioins to be used. + A unique ID for the instance which is guaranteed to be unique in + case the user installs multiple hybrid runtimes with the same + instance ID. + type: string + description: Request for ReportInstanceStatus. + GoogleCloudApigeeV1BatchUpdateSecurityIncidentsRequest: + description: Request for BatchUpdateSecurityIncident. + id: GoogleCloudApigeeV1BatchUpdateSecurityIncidentsRequest + properties: + requests: type: array - items: - type: string - ciphers: description: >- - The SSL/TLS cipher suites to be used. For programmable proxies, it - must be one of the cipher suite names listed in: - http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#ciphersuites. - For configurable proxies, it must follow the configuration specified - in: - https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration. - This setting has no effect for configurable proxies when negotiating - TLS 1.3. - type: array + Optional. Required. The request message specifying the resources to + update. A maximum of 1000 can be modified in a batch. items: - type: string - commonName: - description: The TLS Common Name of the certificate. - $ref: '#/components/schemas/GoogleCloudApigeeV1TlsInfoCommonName' - enforce: - description: TLS is strictly enforced. - type: boolean - GoogleCloudApigeeV1TlsInfoCommonName: - id: GoogleCloudApigeeV1TlsInfoCommonName + $ref: >- + #/components/schemas/GoogleCloudApigeeV1UpdateSecurityIncidentRequest type: object - properties: - value: - description: The TLS Common Name string of the certificate. - type: string - wildcardMatch: - description: >- - Indicates whether the cert should be matched against as a wildcard - cert. - type: boolean - GoogleCloudApigeeV1TraceConfig: - id: GoogleCloudApigeeV1TraceConfig - description: >- - TraceConfig defines the configurations in an environment of distributed - trace. + GoogleCloudApigeeV1CanaryEvaluationMetricLabels: type: object properties: - exporter: + env: + description: The environment ID associated with the metrics. + type: string + instance_id: description: >- - Required. Exporter that is used to view the distributed trace - captured using OpenCensus. An exporter sends traces to any backend - that is capable of consuming them. Recorded spans can be exported by - registered exporters. + Required. The instance ID associated with the metrics. In Apigee + Hybrid, the value is configured during installation. type: string - enumDescriptions: - - Exporter unspecified - - Jaeger exporter - - Cloudtrace exporter - enum: - - EXPORTER_UNSPECIFIED - - JAEGER - - CLOUD_TRACE - endpoint: - description: Required. Endpoint of the exporter. + location: + description: Required. The location associated with the metrics. type: string - samplingConfig: - description: >- - Distributed trace configuration for all API proxies in an - environment. You can also override the configuration for a specific - API proxy using the distributed trace configuration overrides API. - $ref: '#/components/schemas/GoogleCloudApigeeV1TraceSamplingConfig' - GoogleCloudApigeeV1TraceSamplingConfig: - id: GoogleCloudApigeeV1TraceSamplingConfig - description: >- - TraceSamplingConfig represents the detail settings of distributed - tracing. Only the fields that are defined in the distributed trace - configuration can be overridden using the distribute trace configuration - override APIs. - type: object + id: GoogleCloudApigeeV1CanaryEvaluationMetricLabels + description: Labels that can be used to filter Apigee metrics. + GoogleCloudApigeeV1ScoreComponentRecommendation: properties: - sampler: - description: Sampler of distributed tracing. OFF is the default value. + title: + description: Title represents recommendation title. type: string - enumDescriptions: - - Sampler unspecified. - - >- - OFF means distributed trace is disabled, or the sampling - probability is 0. - - >- - PROBABILITY means traces are captured on a probability that - defined by sampling_rate. The sampling rate is limited to 0 to 0.5 - when this is set. - enum: - - SAMPLER_UNSPECIFIED - - 'OFF' - - PROBABILITY - samplingRate: + impact: + type: integer description: >- - Field sampling rate. This value is only applicable when using the - PROBABILITY sampler. The supported values are > 0 and <= 0.5. - type: number - format: float - GoogleCloudApigeeV1Environment: - id: GoogleCloudApigeeV1Environment + Potential impact of this recommendation on the overall score. This + denotes how important this recommendation is to improve the score. + format: int32 + actions: + type: array + description: Actions for the recommendation to improve the security score. + items: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ScoreComponentRecommendationAction + description: + description: Description of the recommendation. + type: string + id: GoogleCloudApigeeV1ScoreComponentRecommendation type: object + description: Recommendation based on security concerns and score. + GoogleCloudApigeeV1GraphqlDocumentation: properties: - name: + schema: + description: Required. The documentation file contents for the GraphQL schema. + $ref: '#/components/schemas/GoogleCloudApigeeV1DocumentationFile' + endpointUri: description: >- - Required. Name of the environment. Values must match the regular - expression `^[.\\p{Alnum}-_]{1,255}$` + Required. The GraphQL endpoint URI to be queried by API consumers. + Max length is 2,083 characters. type: string - description: - description: Optional. Description of the environment. + type: object + description: GraphQL documentation for a catalog item. + id: GoogleCloudApigeeV1GraphqlDocumentation + GoogleCloudApigeeV1SecurityProfileV2ProfileAssessmentConfig: + id: GoogleCloudApigeeV1SecurityProfileV2ProfileAssessmentConfig + type: object + description: The configuration definition for a specific assessment. + properties: + include: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityProfileV2ProfileAssessmentConfigApiHubGatewayTypeArray + description: Include only these Gateway Types. + weight: type: string - createdAt: + enum: + - WEIGHT_UNSPECIFIED + - MINOR + - MODERATE + - MAJOR + description: The weight of the assessment. + enumDescriptions: + - The weight is unspecified. + - The weight is minor. + - The weight is moderate. + - The weight is major. + GoogleCloudApigeeV1ProfileConfigAbuse: + description: >- + Checks for abuse, which includes any requests sent to the API for + purposes other than what it is intended for, such as high volumes of + requests, data scraping, and abuse related to authorization. + type: object + properties: {} + id: GoogleCloudApigeeV1ProfileConfigAbuse + GoogleCloudApigeeV1ListOfDevelopersResponse: + type: object + id: GoogleCloudApigeeV1ListOfDevelopersResponse + properties: + developer: + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Developer' + description: List of developers. + GoogleCloudApigeeV1ListDataCollectorsResponse: + id: GoogleCloudApigeeV1ListDataCollectorsResponse + description: Response for ListDataCollectors. + properties: + nextPageToken: description: >- - Output only. Creation time of this environment as milliseconds since - epoch. - readOnly: true + Page token that you can include in a ListDataCollectors request to + retrieve the next page. If omitted, no subsequent pages exist. type: string - format: int64 - lastModifiedAt: + dataCollectors: + description: Data collectors in the specified organization. + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1DataCollector' + type: object + GoogleCloudApigeeV1RateRange: + type: object + id: GoogleCloudApigeeV1RateRange + description: >- + API call volume range and the fees charged when the total number of API + calls is within the range. + properties: + fee: description: >- - Output only. Last modification time of this environment as - milliseconds since epoch. - readOnly: true - type: string + Fee to charge when total number of API calls falls within this + range. + $ref: '#/components/schemas/GoogleTypeMoney' + start: format: int64 - properties: description: >- - Optional. Key-value pairs that may be used for customizing the - environment. - $ref: '#/components/schemas/GoogleCloudApigeeV1Properties' - displayName: - description: Optional. Display name for this environment. + Starting value of the range. Set to 0 or `null` for the initial + range of values. type: string - state: + end: description: >- - Output only. State of the environment. Values other than ACTIVE - means the resource is not ready to use. + Ending value of the range. Set to 0 or `null` for the last range of + values. + type: string + format: int64 + GoogleCloudApigeeV1ListCustomReportsResponse: + type: object + properties: + qualifier: + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1CustomReport' + id: GoogleCloudApigeeV1ListCustomReportsResponse + description: This message encapsulates a list of custom report definitions + GoogleCloudApigeeV1SecurityProfileScoringConfig: + description: Security configurations to manage scoring. + properties: + scorePath: + type: string + description: Path of the component config used for scoring. + title: + description: Title of the config. + type: string + description: + type: string + description: Description of the config. + type: object + id: GoogleCloudApigeeV1SecurityProfileScoringConfig + GoogleCloudApigeeV1AnalyticsConfig: + id: GoogleCloudApigeeV1AnalyticsConfig + description: Configuration for the Analytics add-on. + properties: + updateTime: readOnly: true type: string - enumDescriptions: - - Resource is in an unspecified state. - - Resource is being created. - - Resource is provisioned and ready to use. - - The resource is being deleted. - - The resource is being updated. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - - UPDATING - deploymentType: + format: google-datetime + description: Output only. The latest update time. + expireTimeMillis: + format: int64 description: >- - Optional. Deployment type supported by the environment. The - deployment type can be set when creating the environment and cannot - be changed. When you enable archive deployment, you will be - **prevented from performing** a [subset of - actions](/apigee/docs/api-platform/local-development/overview#prevented-actions) - within the environment, including: * Managing the deployment of API - proxy or shared flow revisions * Creating, updating, or deleting - resource files * Creating, updating, or deleting target servers + Output only. Time at which the Analytics add-on expires in + milliseconds since epoch. If unspecified, the add-on will never + expire. + readOnly: true type: string + state: + description: Output only. The state of the Analytics add-on. enumDescriptions: - - Deployment type not specified. - - >- - Proxy deployment enables you to develop and deploy API proxies - using Apigee on Google Cloud. This cannot currently be combined - with the CONFIGURABLE API proxy type. - - >- - Archive deployment enables you to develop API proxies locally then - deploy an archive of your API proxy configuration to an - environment in Apigee on Google Cloud. You will be prevented from - performing a [subset of - actions](/apigee/docs/api-platform/local-development/overview#prevented-actions) - within the environment. + - Default value. + - Add-on is in progress of enabling. + - Add-on is fully enabled and ready to use. + - Add-on is in progress of disabling. + - Add-on is fully disabled. + readOnly: true enum: - - DEPLOYMENT_TYPE_UNSPECIFIED - - PROXY - - ARCHIVE - apiProxyType: + - ADDON_STATE_UNSPECIFIED + - ENABLING + - ENABLED + - DISABLING + - DISABLED + type: string + enabled: + description: Whether the Analytics add-on is enabled. + type: boolean + type: object + GoogleCloudApigeeV1AccessRemove: + type: object + id: GoogleCloudApigeeV1AccessRemove + properties: + name: + type: string + success: + type: boolean + description: >- + Remove action. For example, "Remove" : { "name" : "target.name", + "success" : true } + GoogleCloudApigeeV1SecurityReportResultMetadata: + type: object + description: Contains informations about the security report results. + id: GoogleCloudApigeeV1SecurityReportResultMetadata + properties: + self: + type: string description: >- - Optional. API Proxy type supported by the environment. The type can - be set when creating the Environment and cannot be changed. + Self link of the query results. Example: + `/organizations/myorg/environments/myenv/securityReports/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd/result` + or following format if query is running at host level: + `/organizations/myorg/hostSecurityReports/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd/result` + expires: + readOnly: true + description: >- + Output only. Expire_time is set to 7 days after report creation. + Query result will be unaccessable after this time. Example: + "2021-05-04T13:38:52-07:00" type: string - enumDescriptions: - - API proxy type not specified. - - >- - Programmable API Proxies enable you to develop APIs with highly - flexible behavior using bundled policy configuration and one or - more programming languages to describe complex sequential and/or - conditional flows of logic. - - >- - Configurable API Proxies enable you to develop efficient APIs - using simple configuration while complex execution control flow - logic is handled by Apigee. This type only works with the ARCHIVE - deployment type and cannot be combined with the PROXY deployment - type. - enum: - - API_PROXY_TYPE_UNSPECIFIED - - PROGRAMMABLE - - CONFIGURABLE - nodeConfig: - description: Optional. NodeConfig of the environment. - $ref: '#/components/schemas/GoogleCloudApigeeV1NodeConfig' - forwardProxyUri: - description: >- - Optional. URI of the forward proxy to be applied to the runtime - instances in this environment. Must be in the format of - {scheme}://{hostname}:{port}. Note that the only supported scheme is - "http". The port must be supplied. To remove a forward proxy - setting, update the field to an empty value. Note: At this time, PUT - operations to add forwardProxyUri to an existing environment fail if - the environment has nodeConfig set up. To successfully add the - forwardProxyUri setting in this case, include the NodeConfig details - with the request. + GoogleCloudApigeeV1DeleteResponse: + properties: + status: + description: Status of the operation. type: string - type: - description: Optional. EnvironmentType selected for the environment. + gcpResource: type: string - enumDescriptions: - - Environment type not specified. - - >- - This is the default type. Base environment has limited capacity - and capabilities and are usually used when you are getting started - with Apigee or while experimenting. Refer to Apigee's public - documentation for more details. - - >- - Intermediate environment supports API management features and - higher capacity than Base environment. Refer to Apigee's public - documentation for more details. - - >- - Comprehensive environment supports advanced capabilites and even - higher capacity than Intermediate environment. Refer to Apigee's - public documentation for more details. - enum: - - ENVIRONMENT_TYPE_UNSPECIFIED - - BASE - - INTERMEDIATE - - COMPREHENSIVE - hasAttachedFlowHooks: - type: boolean - clientIpResolutionConfig: - description: >- - Optional. The algorithm to resolve IP. This will affect Analytics, - API Security, and other features that use the client ip. To remove a - client ip resolution config, update the field to an empty value. - Example: '{ "clientIpResolutionConfig" = {} }' For more information, - see: - https://cloud.google.com/apigee/docs/api-platform/system-administration/client-ip-resolution. - $ref: >- - #/components/schemas/GoogleCloudApigeeV1EnvironmentClientIPResolutionConfig - GoogleCloudApigeeV1Properties: - id: GoogleCloudApigeeV1Properties - description: >- - Message for compatibility with legacy Edge specification for Java - Properties object in JSON. - type: object - properties: - property: - description: List of all properties in the object - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Property' - GoogleCloudApigeeV1Property: - id: GoogleCloudApigeeV1Property - description: A single property entry in the Properties message. - type: object - properties: - name: - description: The property key + description: Google Cloud name of deleted resource. + requestId: + description: Unique ID of the request. type: string - value: - description: The property value + message: type: string - GoogleCloudApigeeV1NodeConfig: - id: GoogleCloudApigeeV1NodeConfig - description: >- - NodeConfig for setting the min/max number of nodes associated with the - environment. + description: Description of the operation. + errorCode: + type: string + description: Unique error code for the request, if any. type: object + id: GoogleCloudApigeeV1DeleteResponse + description: Response for certain delete operations. + GoogleCloudApigeeV1AccessSet: + description: >- + Set action. For example, "Set" : { "name" : "target.name", "success" : + true, "value" : "default" } + id: GoogleCloudApigeeV1AccessSet properties: - minNodeCount: - description: >- - Optional. The minimum total number of gateway nodes that the is - reserved for all instances that has the specified environment. If - not specified, the default is determined by the recommended minimum - number of nodes for that gateway. - type: string - format: int64 - maxNodeCount: - description: >- - Optional. The maximum total number of gateway nodes that the is - reserved for all instances that has the specified environment. If - not specified, the default is determined by the recommended maximum - number of nodes for that gateway. + value: type: string - format: int64 - currentAggregateNodeCount: - description: >- - Output only. The current total number of gateway nodes that each - environment currently has across all instances. - readOnly: true + name: type: string - format: int64 - GoogleCloudApigeeV1EnvironmentClientIPResolutionConfig: - id: GoogleCloudApigeeV1EnvironmentClientIPResolutionConfig - description: Configuration for resolving the client ip. + success: + type: boolean type: object - properties: - headerIndexAlgorithm: - description: Resolves the client ip based on a custom header. - $ref: >- - #/components/schemas/GoogleCloudApigeeV1EnvironmentClientIPResolutionConfigHeaderIndexAlgorithm - GoogleCloudApigeeV1EnvironmentClientIPResolutionConfigHeaderIndexAlgorithm: - id: >- - GoogleCloudApigeeV1EnvironmentClientIPResolutionConfigHeaderIndexAlgorithm - description: Resolves the client ip based on a custom header. + GoogleCloudApigeeV1ResourceConfig: type: object + id: GoogleCloudApigeeV1ResourceConfig properties: - ipHeaderName: - description: >- - Required. The name of the header to extract the client ip from. We - are currently only supporting the X-Forwarded-For header. + location: + description: Location of the resource as a URI. type: string - ipHeaderIndex: + name: description: >- - Required. The index of the ip in the header. Positive indices 0, 1, - 2, 3 chooses indices from the left (first ips) Negative indices -1, - -2, -3 chooses indices from the right (last ips) - type: integer - format: int32 - GoogleCloudApigeeV1EnvironmentConfig: - id: GoogleCloudApigeeV1EnvironmentConfig + Resource name in the following format: + `organizations/{org}/environments/{env}/resourcefiles/{type}/{file}/revisions/{rev}` + Only environment-scoped resource files are supported. + type: string + GoogleCloudApigeeV1GrpcOperationConfig: type: object + id: GoogleCloudApigeeV1GrpcOperationConfig properties: - name: + methods: description: >- - Name of the environment configuration in the following format: - `organizations/{org}/environments/{env}/configs/{config}` - type: string - uid: + List of unqualified gRPC method names for the proxy to which quota + will be applied. If this field is empty, the Quota will apply to all + operations on the gRPC service defined on the proxy. Example: Given + a proxy that is configured to serve com.petstore.PetService, the + methods com.petstore.PetService.ListPets and + com.petstore.PetService.GetPet would be specified here as simply + ["ListPets", "GetPet"]. + type: array + items: + type: string + attributes: + type: array + description: Custom attributes associated with the operation. + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + service: description: >- - Unique ID for the environment configuration. The ID will only change - if the environment is deleted and recreated. + Required. gRPC Service name associated to be associated with the API + proxy, on which quota rules can be applied upon. type: string - revisionId: + quota: description: >- - Revision ID of the environment configuration. The higher the value, - the more recently the configuration was deployed. - type: string - format: int64 - envScopedRevisionId: + Quota parameters to be enforced for the methods and API source + combination. If none are specified, quota enforcement will not be + done. + $ref: '#/components/schemas/GoogleCloudApigeeV1Quota' + apiSource: description: >- - Revision ID for environment-scoped resources (e.g. target servers, - keystores) in this config. This ID will increment any time a - resource not scoped to a deployment group changes. + Required. Name of the API proxy with which the gRPC operation and + quota are associated. type: string - format: int64 - sequenceNumber: - description: 'DEPRECATED: Use revision_id.' + description: >- + Binds the resources in a proxy or remote service with the gRPC operation + and its associated quota enforcement. + GoogleCloudApigeeV1GenerateUploadUrlRequest: + type: object + properties: {} + description: Request for GenerateUploadUrl method. + id: GoogleCloudApigeeV1GenerateUploadUrlRequest + GoogleCloudApigeeV1DataCollector: + description: Data collector configuration. + type: object + properties: + name: + description: ID of the data collector. Must begin with `dc_`. type: string - format: int64 - createTime: - description: Time that the environment configuration was created. + description: type: string - format: google-datetime - provider: + description: A description of the data collector. + lastModifiedAt: description: >- - Used by the Control plane to add context information to help detect - the source of the document during diagnostics and debugging. + Output only. The time at which the Data Collector was last updated + in milliseconds since the epoch. + format: int64 + readOnly: true type: string - resources: - description: List of resource versions in the environment. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceConfig' - targets: - description: >- - List of target servers in the environment. Disabled target servers - are not displayed. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1TargetServerConfig' - deployments: - description: List of deployments in the environment. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeploymentConfig' - deploymentGroups: - description: List of deployment groups in the environment. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeploymentGroupConfig' - flowhooks: - description: List of flow hooks in the environment. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1FlowHookConfig' - debugMask: - description: Debug mask that applies to all deployments in the environment. - $ref: '#/components/schemas/GoogleCloudApigeeV1DebugMask' - keystores: - description: List of keystores in the environment. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeystoreConfig' - featureFlags: - description: Feature flags inherited from the organization and environment. - type: object - additionalProperties: - type: string - pubsubTopic: - description: Name of the PubSub topic for the environment. - type: string - resourceReferences: - description: List of resource references in the environment. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1ReferenceConfig' - dataCollectors: - description: List of data collectors used by the deployments in the environment. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1DataCollectorConfig' - traceConfig: - description: >- - Trace configurations. Contains config for the environment and config - overrides for specific API proxies. - $ref: '#/components/schemas/GoogleCloudApigeeV1RuntimeTraceConfig' - gatewayConfigLocation: - description: >- - The location for the gateway config blob as a URI, e.g. a Cloud - Storage URI. This is only used by Envoy-based gateways. - type: string - arcConfigLocation: - description: >- - The location for the config blob of API Runtime Control, aka Envoy - Adapter, for op-based authentication as a URI, e.g. a Cloud Storage - URI. This is only used by Envoy-based gateways. + type: type: string - forwardProxyUri: + enumDescriptions: + - For future compatibility. + - For integer values. + - For float values. + - For string values. + - For boolean values. + - For datetime values. + enum: + - TYPE_UNSPECIFIED + - INTEGER + - FLOAT + - STRING + - BOOLEAN + - DATETIME + description: Immutable. The type of data this data collector will collect. + createdAt: description: >- - The forward proxy's url to be used by the runtime. When set, runtime - will send requests to the target via the given forward proxy. This - is only used by programmable gateways. + Output only. The time at which the data collector was created in + milliseconds since the epoch. + readOnly: true + format: int64 type: string - addonsConfig: - description: The latest runtime configurations for add-ons. - $ref: '#/components/schemas/GoogleCloudApigeeV1RuntimeAddonsConfig' - clientIpResolutionConfig: - description: The algorithm to resolve IP. - $ref: >- - #/components/schemas/GoogleCloudApigeeV1EnvironmentConfigClientIPResolutionConfig - GoogleCloudApigeeV1ResourceConfig: - id: GoogleCloudApigeeV1ResourceConfig + id: GoogleCloudApigeeV1DataCollector + GoogleCloudApigeeV1ApiSecurityConfig: + description: Configurations of the API Security add-on. type: object + id: GoogleCloudApigeeV1ApiSecurityConfig properties: - name: - description: >- - Resource name in the following format: - `organizations/{org}/environments/{env}/resourcefiles/{type}/{file}/revisions/{rev}` - Only environment-scoped resource files are supported. - type: string - location: - description: Location of the resource as a URI. + expiresAt: type: string - GoogleCloudApigeeV1TargetServerConfig: - id: GoogleCloudApigeeV1TargetServerConfig - type: object - properties: - name: description: >- - Target server revision name in the following format: - `organizations/{org}/environments/{env}/targetservers/{targetserver}/revisions/{rev}` - type: string - host: - description: Host name of the target server. - type: string - port: - description: Port number for the target server. - type: integer - format: int32 - tlsInfo: - description: TLS settings for the target server. - $ref: '#/components/schemas/GoogleCloudApigeeV1TlsInfoConfig' - protocol: - description: The protocol used by this target server. - type: string - enumDescriptions: - - UNSPECIFIED defaults to HTTP for backwards compatibility. - - The TargetServer uses HTTP. - - The TargetSever uses HTTP2. - - The TargetServer uses GRPC. - - >- - GRPC TargetServer to be used in ExternalCallout Policy. Prefer to - use EXTERNAL_CALLOUT instead. TODO(b/266125112) deprecate once - EXTERNAL _CALLOUT generally available. - - The TargetServer is to be used in the ExternalCallout Policy - enum: - - PROTOCOL_UNSPECIFIED - - HTTP - - HTTP2 - - GRPC_TARGET - - GRPC - - EXTERNAL_CALLOUT + Output only. Time at which the API Security add-on expires in + milliseconds since epoch. If unspecified, the add-on will never + expire. + format: int64 + readOnly: true enabled: - description: >- - Whether the target server is enabled. An empty/omitted value for - this field should be interpreted as true. + description: Flag that specifies whether the API security add-on is enabled. type: boolean - GoogleCloudApigeeV1TlsInfoConfig: - id: GoogleCloudApigeeV1TlsInfoConfig + GoogleCloudApigeeV1RevisionStatus: + description: The status of a specific resource revision. type: object + id: GoogleCloudApigeeV1RevisionStatus properties: - enabled: - description: >- - Flag that specifies whether one-way TLS is enabled. Set to `true` to - enable one-way TLS. - type: boolean - clientAuthEnabled: - description: >- - Flag that specifies whether client-side authentication is enabled - for the target server. Enables two-way TLS. - type: boolean - keyAlias: - description: >- - Name of the alias used for client-side authentication in the - following format: - `organizations/{org}/environments/{env}/keystores/{keystore}/aliases/{alias}` + jsonSpec: type: string - keyAliasReference: - description: Reference name and alias pair to use for client-side authentication. - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyAliasReference' - trustStore: description: >- - Name of the keystore or keystore reference containing trusted - certificates for the server in the following format: - `organizations/{org}/environments/{env}/keystores/{keystore}` or - `organizations/{org}/environments/{env}/references/{reference}` + The json content of the resource revision. Large specs should be + sent individually via the spec field to avoid hitting request size + limits. + revisionId: + description: The revision of the resource. type: string - ciphers: - description: List of ciphers that are granted access. - type: array + errors: + description: Errors reported when attempting to load this revision. items: - type: string - protocols: - description: List of TLS protocols that are granted access. + $ref: '#/components/schemas/GoogleCloudApigeeV1UpdateError' type: array - items: - type: string - commonName: - description: Common name to validate the target server against. - $ref: '#/components/schemas/GoogleCloudApigeeV1CommonNameConfig' - ignoreValidationErrors: - description: >- - Flag that specifies whether to ignore TLS certificate validation - errors. Set to `true` to ignore errors. - type: boolean - enforce: - description: Flag that enforces TLS settings - type: boolean - GoogleCloudApigeeV1KeyAliasReference: - id: GoogleCloudApigeeV1KeyAliasReference + replicas: + description: The number of replicas that have successfully loaded this revision. + type: integer + format: int32 + GoogleCloudApigeeV1Score: + id: GoogleCloudApigeeV1Score type: object properties: - reference: - description: >- - Reference name in the following format: - `organizations/{org}/environments/{env}/references/{reference}` - type: string - aliasId: - description: Alias ID. Must exist in the keystore referred to by the reference. - type: string - GoogleCloudApigeeV1CommonNameConfig: - id: GoogleCloudApigeeV1CommonNameConfig + subcomponents: + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1ScoreComponent' + description: List of all the drilldown score components. + timeRange: + description: Start and end time for the score. + $ref: '#/components/schemas/GoogleTypeInterval' + component: + description: Component containing score, recommendations and actions. + $ref: '#/components/schemas/GoogleCloudApigeeV1ScoreComponent' + description: Represents Security Score. + GoogleCloudApigeeV1ListSharedFlowsResponse: + id: GoogleCloudApigeeV1ListSharedFlowsResponse type: object properties: - name: - type: string - matchWildCards: - type: boolean - GoogleCloudApigeeV1DeploymentConfig: - id: GoogleCloudApigeeV1DeploymentConfig - description: 'NEXT ID: 11' + sharedFlows: + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1SharedFlow' + GoogleCloudApigeeV1AddonsConfig: + id: GoogleCloudApigeeV1AddonsConfig type: object properties: - name: + analyticsConfig: + $ref: '#/components/schemas/GoogleCloudApigeeV1AnalyticsConfig' description: >- - Name of the API or shared flow revision to be deployed in the - following format: `organizations/{org}/apis/{api}/revisions/{rev}` - or `organizations/{org}/sharedflows/{sharedflow}/revisions/{rev}` - type: string - uid: - description: >- - Unique ID. The ID will only change if the deployment is deleted and - recreated. - type: string - proxyUid: - description: Unique ID of the API proxy revision. - type: string - location: - description: Location of the API proxy bundle as a URI. - type: string - basePath: - description: Base path where the application will be hosted. Defaults to "/". - type: string - attributes: - description: Additional key-value metadata for the deployment. - type: object - additionalProperties: - type: string - serviceAccount: - description: >- - The service account identity associated with this deployment. If - non-empty, will be in the following format: - `projects/-/serviceAccounts/{account_email}` - type: string - deploymentGroups: - description: >- - The list of deployment groups in which this proxy should be - deployed. Not currently populated for shared flows. - type: array + Configuration for the Analytics add-on. Only used in + organizations.environments.addonsConfig. + monetizationConfig: + description: Configuration for the Monetization add-on. + $ref: '#/components/schemas/GoogleCloudApigeeV1MonetizationConfig' + apiSecurityConfig: + description: Configuration for the API Security add-on. + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiSecurityConfig' + advancedApiOpsConfig: + description: Configuration for the Advanced API Ops add-on. + $ref: '#/components/schemas/GoogleCloudApigeeV1AdvancedApiOpsConfig' + connectorsPlatformConfig: + $ref: '#/components/schemas/GoogleCloudApigeeV1ConnectorsPlatformConfig' + description: Configuration for the Connectors Platform add-on. + integrationConfig: + description: Configuration for the Integration add-on. + $ref: '#/components/schemas/GoogleCloudApigeeV1IntegrationConfig' + description: Add-on configurations for the Apigee organization. + GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestApiHubGatewayArray: + id: >- + GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestApiHubGatewayArray + type: object + properties: + gateways: items: type: string - endpoints: + type: array description: >- - A mapping from basepaths to proxy endpoint names in this proxy. Not - populated for shared flows. - type: object - additionalProperties: - type: string - GoogleCloudApigeeV1DeploymentGroupConfig: - id: GoogleCloudApigeeV1DeploymentGroupConfig - description: >- - DeploymentGroupConfig represents a deployment group that should be - present in a particular environment. + Required. The array of API Hub Gateway IDs. Format: + `projects/{project}/locations/{location}/plugins/{plugin}/instances/{instance}` + description: Message for the array of API Hub Gateways. + GoogleCloudApigeeV1ApiProductRef: + id: GoogleCloudApigeeV1ApiProductRef type: object properties: - name: - description: >- - Name of the deployment group in the following format: - `organizations/{org}/environments/{env}/deploymentGroups/{group}`. - type: string - uid: - description: >- - Unique ID. The ID will only change if the deployment group is - deleted and recreated. - type: string - revisionId: - description: >- - Revision number which can be used by the runtime to detect if the - deployment group has changed between two versions. + status: + description: Status of the API product. Valid values are `approved` or `revoked`. type: string - format: int64 - deploymentGroupType: - description: >- - Type of the deployment group, which will be either Standard or - Extensible. + apiproduct: + description: Name of the API product. type: string - enumDescriptions: - - Unspecified type - - Standard type - - Extensible Type - enum: - - DEPLOYMENT_GROUP_TYPE_UNSPECIFIED - - STANDARD - - EXTENSIBLE - GoogleCloudApigeeV1FlowHookConfig: - id: GoogleCloudApigeeV1FlowHookConfig + GoogleCloudApigeeV1GraphQLOperation: type: object + description: >- + Represents the pairing of GraphQL operation types and the GraphQL + operation name. properties: - name: + operationTypes: + items: + type: string description: >- - Name of the flow hook in the following format: - `organizations/{org}/environments/{env}/flowhooks/{point}`. Valid - `point` values include: `PreProxyFlowHook`, `PostProxyFlowHook`, - `PreTargetFlowHook`, and `PostTargetFlowHook` - type: string - sharedFlowName: + Required. GraphQL operation types. Valid values include `query` or + `mutation`. **Note**: Apigee does not currently support + `subscription` types. + type: array + operation: description: >- - Name of the shared flow to invoke in the following format: - `organizations/{org}/sharedflows/{sharedflow}` + GraphQL operation name. The name and operation type will be used to + apply quotas. If no name is specified, the quota will be applied to + all GraphQL operations irrespective of their operation names in the + payload. type: string - continueOnError: - description: >- - Flag that specifies whether the flow should abort after an error in - the flow hook. Defaults to `true` (continue on error). - type: boolean - GoogleCloudApigeeV1KeystoreConfig: - id: GoogleCloudApigeeV1KeystoreConfig - type: object + id: GoogleCloudApigeeV1GraphQLOperation + GoogleCloudApigeeV1ListDeveloperAppsResponse: properties: - name: - description: >- - Resource name in the following format: - `organizations/{org}/environments/{env}/keystores/{keystore}` - type: string - aliases: - description: Aliases in the keystore. + app: type: array + description: List of developer apps and their credentials. items: - $ref: '#/components/schemas/GoogleCloudApigeeV1AliasRevisionConfig' - GoogleCloudApigeeV1AliasRevisionConfig: - id: GoogleCloudApigeeV1AliasRevisionConfig + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' + id: GoogleCloudApigeeV1ListDeveloperAppsResponse + type: object + GoogleCloudApigeeV1QueryMetric: type: object + id: GoogleCloudApigeeV1QueryMetric + description: >- + More info about Metric: + https://docs.apigee.com/api-platform/analytics/analytics-reference#metrics properties: name: + type: string + description: Required. Metric name. + operator: + type: string + description: One of `+`, `-`, `/`, `%`, `*`. + alias: description: >- - Name of the alias revision included in the keystore in the following - format: - `organizations/{org}/environments/{env}/keystores/{keystore}/aliases/{alias}/revisions/{rev}` + Alias for the metric. Alias will be used to replace metric name in + query results. type: string - type: + value: + description: Operand value should be provided when operator is set. type: string - enumDescriptions: - - Alias type is not specified. - - Certificate. - - Key/certificate pair. - enum: - - ALIAS_TYPE_UNSPECIFIED - - CERT - - KEY_CERT - location: - description: Location of the alias file. For example, a Google Cloud Storage URI. + function: type: string - GoogleCloudApigeeV1ReferenceConfig: - id: GoogleCloudApigeeV1ReferenceConfig - type: object + description: 'Aggregation function: avg, min, max, or sum.' + GoogleCloudApigeeV1ListSecurityProfilesResponse: + id: GoogleCloudApigeeV1ListSecurityProfilesResponse properties: - name: + securityProfiles: + type: array description: >- - Name of the reference in the following format: - `organizations/{org}/environments/{env}/references/{reference}` - type: string - resourceName: + List of security profiles in the organization. The profiles may be + attached or unattached to any environment. This will return latest + revision of each profile. + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfile' + nextPageToken: description: >- - Name of the referenced resource in the following format: - `organizations/{org}/environments/{env}/keystores/{keystore}` Only - references to keystore resources are supported. + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. type: string - GoogleCloudApigeeV1DataCollectorConfig: - id: GoogleCloudApigeeV1DataCollectorConfig - description: Data collector and its configuration. type: object - properties: - name: - description: >- - Name of the data collector in the following format: - `organizations/{org}/datacollectors/{datacollector}` - type: string - type: - description: Data type accepted by the data collector. - type: string - enumDescriptions: - - For future compatibility. - - For integer values. - - For float values. - - For string values. - - For boolean values. - - For datetime values. - enum: - - TYPE_UNSPECIFIED - - INTEGER - - FLOAT - - STRING - - BOOLEAN - - DATETIME - GoogleCloudApigeeV1RuntimeTraceConfig: - id: GoogleCloudApigeeV1RuntimeTraceConfig - description: >- - NEXT ID: 8 RuntimeTraceConfig defines the configurations for distributed - trace in an environment. + description: Response for ListSecurityProfiles. + GoogleCloudApigeeV1EnvironmentConfig: + id: GoogleCloudApigeeV1EnvironmentConfig type: object properties: - name: - description: >- - Name of the trace config in the following format: - `organizations/{org}/environment/{env}/traceConfig` + deployments: + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1DeploymentConfig' + description: List of deployments in the environment. + pubsubTopic: type: string - revisionId: + description: Name of the PubSub topic for the environment. + uid: description: >- - Revision number which can be used by the runtime to detect if the - trace config has changed between two versions. + Unique ID for the environment configuration. The ID will only change + if the environment is deleted and recreated. type: string - revisionCreateTime: - description: The timestamp that the revision was created or updated. - type: string - format: google-datetime - exporter: + forwardProxyUri: description: >- - Exporter that is used to view the distributed trace captured using - OpenCensus. An exporter sends traces to any backend that is capable - of consuming them. Recorded spans can be exported by registered - exporters. + The forward proxy's url to be used by the runtime. When set, runtime + will send requests to the target via the given forward proxy. This + is only used by programmable gateways. type: string - enumDescriptions: - - Exporter unspecified - - Jaeger exporter - - Cloudtrace exporter - enum: - - EXPORTER_UNSPECIFIED - - JAEGER - - CLOUD_TRACE - endpoint: - description: Endpoint of the exporter. + traceConfig: + description: >- + Trace configurations. Contains config for the environment and config + overrides for specific API proxies. + $ref: '#/components/schemas/GoogleCloudApigeeV1RuntimeTraceConfig' + deploymentGroups: + description: List of deployment groups in the environment. + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1DeploymentGroupConfig' + type: array + dataCollectors: + description: List of data collectors used by the deployments in the environment. + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1DataCollectorConfig' + type: array + provider: + description: >- + Used by the Control plane to add context information to help detect + the source of the document during diagnostics and debugging. type: string - samplingConfig: - description: Trace configuration for all API proxies in an environment. - $ref: '#/components/schemas/GoogleCloudApigeeV1RuntimeTraceSamplingConfig' - overrides: - description: List of trace configuration overrides for spicific API proxies. + resourceReferences: type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1RuntimeTraceConfigOverride' - GoogleCloudApigeeV1RuntimeTraceSamplingConfig: - id: GoogleCloudApigeeV1RuntimeTraceSamplingConfig - description: >- - NEXT ID: 3 RuntimeTraceSamplingConfig represents the detail settings of - distributed tracing. Only the fields that are defined in the distributed - trace configuration can be overridden using the distribute trace - configuration override APIs. - type: object - properties: - sampler: - description: Sampler of distributed tracing. OFF is the default value. + $ref: '#/components/schemas/GoogleCloudApigeeV1ReferenceConfig' + description: List of resource references in the environment. + featureFlags: + description: Feature flags inherited from the organization and environment. + type: object + additionalProperties: + type: string + resources: + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceConfig' + description: List of resource versions in the environment. + debugMask: + $ref: '#/components/schemas/GoogleCloudApigeeV1DebugMask' + description: Debug mask that applies to all deployments in the environment. + envScopedRevisionId: type: string - enumDescriptions: - - Sampler unspecified. - - >- - OFF means distributed trace is disabled, or the sampling - probability is 0. - - >- - PROBABILITY means traces are captured on a probability that - defined by sampling_rate. The sampling rate is limited to 0 to 0.5 - when this is set. - enum: - - SAMPLER_UNSPECIFIED - - 'OFF' - - PROBABILITY - samplingRate: - description: >- - Field sampling rate. This value is only applicable when using the - PROBABILITY sampler. The supported values are > 0 and <= 0.5. - type: number - format: float - GoogleCloudApigeeV1RuntimeTraceConfigOverride: - id: GoogleCloudApigeeV1RuntimeTraceConfigOverride - description: >- - NEXT ID: 7 Trace configuration override for a specific API proxy in an - environment. - type: object - properties: - name: description: >- - Name of the trace config override in the following format: - `organizations/{org}/environment/{env}/traceConfig/overrides/{override}` + Revision ID for environment-scoped resources (e.g. target servers, + keystores) in this config. This ID will increment any time a + resource not scoped to a deployment group changes. + format: int64 + sequenceNumber: + format: int64 type: string - uid: - description: >- - Unique ID for the configuration override. The ID will only change if - the override is deleted and recreated. Corresponds to name's - "override" field. + description: 'DEPRECATED: Use revision_id.' + addonsConfig: + description: The latest runtime configurations for add-ons. + $ref: '#/components/schemas/GoogleCloudApigeeV1RuntimeAddonsConfig' + createTime: + description: Time that the environment configuration was created. + format: google-datetime type: string revisionId: + format: int64 description: >- - Revision number which can be used by the runtime to detect if the - trace config override has changed between two versions. - type: string - revisionCreateTime: - description: The timestamp that the revision was created or updated. + Revision ID of the environment configuration. The higher the value, + the more recently the configuration was deployed. type: string - format: google-datetime - apiProxy: + arcConfigLocation: description: >- - Name of the API proxy that will have its trace configuration - overridden following format: `organizations/{org}/apis/{api}` + The location for the config blob of API Runtime Control, aka Envoy + Adapter, for op-based authentication as a URI, e.g. a Cloud Storage + URI. This is only used by Envoy-based gateways. type: string - samplingConfig: + flowhooks: + description: List of flow hooks in the environment. + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1FlowHookConfig' + type: array + targets: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1TargetServerConfig' description: >- - Trace configuration override for a specific API proxy in an - environment. - $ref: '#/components/schemas/GoogleCloudApigeeV1RuntimeTraceSamplingConfig' - GoogleCloudApigeeV1RuntimeAddonsConfig: - id: GoogleCloudApigeeV1RuntimeAddonsConfig - description: >- - RuntimeAddonsConfig defines the runtime configurations for add-ons in an - environment. - type: object - properties: + List of target servers in the environment. Disabled target servers + are not displayed. + type: array + keystores: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1KeystoreConfig' + type: array + description: List of keystores in the environment. name: description: >- - Name of the addons config in the format: - `organizations/{org}/environments/{env}/addonsConfig` - type: string - revisionId: - description: Revision number used by the runtime to detect config changes. - type: string - uid: - description: >- - UID is to detect if config is recreated after deletion. The add-on - config will only be deleted when the environment itself gets - deleted, thus it will always be the same as the UID of - EnvironmentConfig. + Name of the environment configuration in the following format: + `organizations/{org}/environments/{env}/configs/{config}` type: string - analyticsConfig: - description: Runtime configuration for Analytics add-on. - $ref: '#/components/schemas/GoogleCloudApigeeV1RuntimeAnalyticsConfig' - apiSecurityConfig: - description: Runtime configuration for API Security add-on. - $ref: '#/components/schemas/GoogleCloudApigeeV1RuntimeApiSecurityConfig' - GoogleCloudApigeeV1RuntimeAnalyticsConfig: - id: GoogleCloudApigeeV1RuntimeAnalyticsConfig - description: Runtime configuration for the Analytics add-on. - type: object - properties: - enabled: - description: If the Analytics is enabled or not. - type: boolean - billingPipelineEnabled: - description: If Runtime should send billing data to AX or not. - type: boolean - GoogleCloudApigeeV1RuntimeApiSecurityConfig: - id: GoogleCloudApigeeV1RuntimeApiSecurityConfig - description: Runtime configuration for the API Security add-on. - type: object - properties: - enabled: - description: If the API Security is enabled or not. - type: boolean - GoogleCloudApigeeV1EnvironmentConfigClientIPResolutionConfig: - id: GoogleCloudApigeeV1EnvironmentConfigClientIPResolutionConfig - description: Configuration for resolving the client ip. - type: object - properties: - headerIndexAlgorithm: - description: Resolves the client ip based on a custom header. + clientIpResolutionConfig: $ref: >- - #/components/schemas/GoogleCloudApigeeV1EnvironmentConfigClientIPResolutionConfigHeaderIndexAlgorithm - GoogleCloudApigeeV1EnvironmentConfigClientIPResolutionConfigHeaderIndexAlgorithm: - id: >- - GoogleCloudApigeeV1EnvironmentConfigClientIPResolutionConfigHeaderIndexAlgorithm - description: Resolves the client ip based on a custom header. - type: object - properties: - ipHeaderName: - description: The name of the header to extract the client ip from. + #/components/schemas/GoogleCloudApigeeV1EnvironmentConfigClientIPResolutionConfig + description: The algorithm to resolve IP. + gatewayConfigLocation: type: string - ipHeaderIndex: description: >- - The index of the ip in the header. (By default, value is 0 if - missing) - type: integer - format: int32 - GoogleCloudApigeeV1ApiSecurityRuntimeConfig: - id: GoogleCloudApigeeV1ApiSecurityRuntimeConfig - description: >- - Response for - GetApiSecurityRuntimeConfig[EnvironmentService.GetApiSecurityRuntimeConfig]. - type: object + The location for the gateway config blob as a URI, e.g. a Cloud + Storage URI. This is only used by Envoy-based gateways. + GoogleCloudApigeeV1ProvisionOrganizationRequest: properties: - name: - description: >- - Name of the environment API Security Runtime configuration resource. - Format: - `organizations/{org}/environments/{env}/apiSecurityRuntimeConfig` - type: string - uid: - description: >- - Unique ID for the API Security Runtime configuration. The ID will - only change if the environment is deleted and recreated. + authorizedNetwork: type: string - revisionId: description: >- - Revision ID of the API Security Runtime configuration. The higher - the value, the more recently the configuration was deployed. - type: string - format: int64 - updateTime: - description: Time that the API Security Runtime configuration was updated. + Compute Engine network used for Service Networking to be peered with + Apigee runtime instances. See [Getting started with the Service + Networking + API](https://cloud.google.com/service-infrastructure/docs/service-networking/getting-started). + Apigee also supports shared VPC (that is, the host network project + is not the same as the one that is peering with Apigee). See [Shared + VPC overview](https://cloud.google.com/vpc/docs/shared-vpc). To use + a shared VPC network, use the following format: + `projects/{host-project-id}/{region}/networks/{network-name}`. For + example: `projects/my-sharedvpc-host/global/networks/mynetwork` + runtimeLocation: + description: >- + Cloud Platform location for the runtime instance. Defaults to zone + `us-west1-a`. If a region is provided, `EVAL` organizations will use + the region for automatically selecting a zone for the runtime + instance. type: string - format: google-datetime - location: - description: A list of up to 5 Cloud Storage Blobs that contain SecurityActions. - type: array - items: - type: string - GoogleCloudApigeeV1Subscription: - id: GoogleCloudApigeeV1Subscription - description: Pub/Sub subscription of an environment. - type: object - properties: - name: + disableVpcPeering: + type: boolean description: >- - Full name of the Pub/Sub subcription. Use the following structure in - your request: `subscription "projects/foo/subscription/bar"` + Optional. Flag that specifies whether the VPC Peering through + Private Google Access should be disabled between the consumer + network and Apigee. Required if an authorizedNetwork on the consumer + project is not provided, in which case the flag should be set to + true. The value must be set before the creation of any Apigee + runtime instance and can be updated only when there are no runtime + instances. **Note:** Apigee will be deprecating the vpc peering + model that requires you to provide 'authorizedNetwork', by making + the non-peering model as the default way of provisioning Apigee + organization in future. So, this will be a temporary flag to enable + the transition. Not supported for Apigee hybrid. + analyticsRegion: type: string - GoogleCloudApigeeV1AddonsConfig: - id: GoogleCloudApigeeV1AddonsConfig - description: Add-on configurations for the Apigee organization. + description: >- + Primary Cloud Platform region for analytics data storage. For valid + values, see [Create an + organization](https://cloud.google.com/apigee/docs/hybrid/latest/precog-provision). + Defaults to `us-west1`. type: object + id: GoogleCloudApigeeV1ProvisionOrganizationRequest + description: Request for ProvisionOrganization. + GoogleCloudApigeeV1ListEnvironmentGroupAttachmentsResponse: properties: - advancedApiOpsConfig: - description: Configuration for the Advanced API Ops add-on. - $ref: '#/components/schemas/GoogleCloudApigeeV1AdvancedApiOpsConfig' - integrationConfig: - description: Configuration for the Integration add-on. - $ref: '#/components/schemas/GoogleCloudApigeeV1IntegrationConfig' - monetizationConfig: - description: Configuration for the Monetization add-on. - $ref: '#/components/schemas/GoogleCloudApigeeV1MonetizationConfig' - apiSecurityConfig: - description: Configuration for the API Security add-on. - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiSecurityConfig' - connectorsPlatformConfig: - description: Configuration for the Connectors Platform add-on. - $ref: '#/components/schemas/GoogleCloudApigeeV1ConnectorsPlatformConfig' - analyticsConfig: + nextPageToken: description: >- - Configuration for the Analytics add-on. Only used in - organizations.environments.addonsConfig. - $ref: '#/components/schemas/GoogleCloudApigeeV1AnalyticsConfig' - GoogleCloudApigeeV1AdvancedApiOpsConfig: - id: GoogleCloudApigeeV1AdvancedApiOpsConfig - description: Configuration for the Advanced API Ops add-on. + Page token that you can include in a ListEnvironmentGroupAttachments + request to retrieve the next page. If omitted, no subsequent pages + exist. + type: string + environmentGroupAttachments: + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1EnvironmentGroupAttachment' + description: EnvironmentGroupAttachments for the specified environment group. + id: GoogleCloudApigeeV1ListEnvironmentGroupAttachmentsResponse + description: Response for ListEnvironmentGroupAttachments. type: object + GoogleCloudApigeeV1Property: + description: A single property entry in the Properties message. properties: - enabled: - description: Flag that specifies whether the Advanced API Ops add-on is enabled. - type: boolean - GoogleCloudApigeeV1IntegrationConfig: - id: GoogleCloudApigeeV1IntegrationConfig - description: Configuration for the Integration add-on. + value: + description: The property value + type: string + name: + type: string + description: The property key type: object + id: GoogleCloudApigeeV1Property + GoogleRpcPreconditionFailure: + type: object + description: >- + Describes what preconditions have failed. For example, if an RPC failed + because it required the Terms of Service to be acknowledged, it could + list the terms of service violation in the PreconditionFailure message. properties: - enabled: - description: Flag that specifies whether the Integration add-on is enabled. - type: boolean - GoogleCloudApigeeV1MonetizationConfig: - id: GoogleCloudApigeeV1MonetizationConfig - description: Configuration for the Monetization add-on. + violations: + type: array + description: Describes all precondition violations. + items: + $ref: '#/components/schemas/GoogleRpcPreconditionFailureViolation' + id: GoogleRpcPreconditionFailure + GoogleCloudApigeeV1SecurityActionDeny: type: object + description: Message that should be set in case of a Deny Action. + id: GoogleCloudApigeeV1SecurityActionDeny properties: - enabled: - description: Flag that specifies whether the Monetization add-on is enabled. - type: boolean - GoogleCloudApigeeV1ApiSecurityConfig: - id: GoogleCloudApigeeV1ApiSecurityConfig - description: Configurations of the API Security add-on. + responseCode: + description: Optional. The HTTP response code if the Action = DENY. + type: integer + format: int32 + GoogleCloudApigeeV1SchemaSchemaElement: type: object + description: Message type for the schema element + id: GoogleCloudApigeeV1SchemaSchemaElement properties: - enabled: - description: Flag that specifies whether the API security add-on is enabled. - type: boolean - expiresAt: + name: + description: Name of the field. + type: string + properties: + $ref: '#/components/schemas/GoogleCloudApigeeV1SchemaSchemaProperty' description: >- - Output only. Time at which the API Security add-on expires in - milliseconds since epoch. If unspecified, the add-on will never - expire. + Properties for the schema field. For example: { "createTime": + "2016-02-26T10:23:09.592Z", "custom": "false", "type": "string" } + GoogleCloudApigeeV1SecurityMonitoringCondition: + properties: + include: + description: Include only these resources. + $ref: >- + #/components/schemas/GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestResourceArray + includeAllResources: + description: Include all resources under the scope. + $ref: >- + #/components/schemas/GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestIncludeAll + createTime: readOnly: true + format: google-datetime type: string - format: int64 - GoogleCloudApigeeV1ConnectorsPlatformConfig: - id: GoogleCloudApigeeV1ConnectorsPlatformConfig - description: Configuration for the Connectors Platform add-on. - type: object - properties: - enabled: - description: >- - Flag that specifies whether the Connectors Platform add-on is - enabled. - type: boolean - expiresAt: - description: >- - Output only. Time at which the Connectors Platform add-on expires in - milliseconds since epoch. If unspecified, the add-on will never - expire. + description: Output only. The time of the security monitoring condition creation. + updateTime: + type: string + format: google-datetime readOnly: true + description: Output only. The time of the security monitoring condition update. + name: type: string - format: int64 - GoogleCloudApigeeV1AnalyticsConfig: - id: GoogleCloudApigeeV1AnalyticsConfig - description: Configuration for the Analytics add-on. - type: object - properties: - enabled: - description: Whether the Analytics add-on is enabled. - type: boolean - expireTimeMillis: description: >- - Output only. Time at which the Analytics add-on expires in - milliseconds since epoch. If unspecified, the add-on will never - expire. + Identifier. Name of the security monitoring condition resource. + Format: + organizations/{org}/securityMonitoringConditions/{security_monitoring_condition} + totalDeployedResources: + type: integer + format: int32 + description: Output only. Total number of deployed resources within scope. readOnly: true - type: string - format: int64 - state: - description: Output only. The state of the Analytics add-on. + totalMonitoredResources: + type: integer readOnly: true + format: int32 + description: >- + Output only. Total number of monitored resources within this + condition. + profile: + description: >- + Required. ID of security profile of the security monitoring + condition. type: string - enumDescriptions: - - Default value. - - Add-on is in progress of enabling. - - Add-on is fully enabled and ready to use. - - Add-on is in progress of disabling. - - Add-on is fully disabled. - enum: - - ADDON_STATE_UNSPECIFIED - - ENABLING - - ENABLED - - DISABLING - - DISABLED - updateTime: - description: Output only. The latest update time. - readOnly: true + scope: + description: >- + Optional. Scope of the security monitoring condition. For Apigee, + the environment is the scope of the resources. type: string - format: google-datetime - GoogleCloudApigeeV1SetAddonEnablementRequest: - id: GoogleCloudApigeeV1SetAddonEnablementRequest - description: Request for SetAddonEnablement. - type: object - properties: - analyticsEnabled: - description: If the Analytics should be enabled in the environment. - type: boolean - apiSecurityEnabled: - description: If the API Security should be enabled in the environment. - type: boolean - GoogleCloudApigeeV1Instance: - id: GoogleCloudApigeeV1Instance - description: Apigee runtime instance. + description: Security monitoring condition for risk assessment version 2. + id: GoogleCloudApigeeV1SecurityMonitoringCondition type: object + GoogleCloudApigeeV1SecurityActionHttpHeader: + description: An HTTP header. + id: GoogleCloudApigeeV1SecurityActionHttpHeader properties: name: - description: >- - Required. Resource ID of the instance. Values must match the regular - expression `^a-z{0,30}[a-z\d]$`. + description: The header name to be sent to the target. type: string - location: - description: Required. Compute Engine location where the instance resides. + value: + description: The header value to be sent to the target. type: string - peeringCidrRange: + type: object + GoogleCloudApigeeV1AsyncQueryResultView: + properties: + state: + description: State of retrieving ResultView. + type: string + metadata: + $ref: '#/components/schemas/GoogleCloudApigeeV1QueryMetadata' description: >- - Optional. Size of the CIDR block range that will be reserved by the - instance. PAID organizations support `SLASH_16` to `SLASH_20` and - defaults to `SLASH_16`. Evaluation organizations support only - `SLASH_23`. - deprecated: true + Metadata contains information like metrics, dimenstions etc of the + AsyncQuery. + error: + description: Error message when there is a failure. type: string - enumDescriptions: - - Range not specified. - - '`/16` CIDR range.' - - '`/17` CIDR range.' - - '`/18` CIDR range.' - - '`/19` CIDR range.' - - '`/20` CIDR range.' - - '`/22` CIDR range. Supported for evaluation only.' - - '`/23` CIDR range. Supported for evaluation only.' - enum: - - CIDR_RANGE_UNSPECIFIED - - SLASH_16 - - SLASH_17 - - SLASH_18 - - SLASH_19 - - SLASH_20 - - SLASH_22 - - SLASH_23 - host: + code: + type: integer + format: int32 + description: Error code when there is a failure. + rows: + items: + type: any + type: array description: >- - Output only. Internal hostname or IP address of the Apigee endpoint - used by clients to connect to the service. - readOnly: true + Rows of query result. Each row is a JSON object. Example: + {sum(message_count): 1, developer_app: "(not set)",…} + type: object + id: GoogleCloudApigeeV1AsyncQueryResultView + GoogleCloudApigeeV1ExpireDeveloperSubscriptionRequest: + type: object + id: GoogleCloudApigeeV1ExpireDeveloperSubscriptionRequest + properties: {} + description: Request for ExpireDeveloperSubscription. + GoogleCloudApigeeV1Properties: + properties: + property: + description: List of all properties in the object + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Property' + type: array + type: object + description: >- + Message for compatibility with legacy Edge specification for Java + Properties object in JSON. + id: GoogleCloudApigeeV1Properties + GoogleCloudApigeeV1SecurityAssessmentResultResourceApiHubDeploymentDetails: + type: object + description: Additional details if the resource is an API Hub deployment. + properties: + sourceProject: + description: The source project for the API Hub deployment. type: string - port: - description: Output only. Port number of the exposed Apigee endpoint. - readOnly: true + resourceUri: + description: The resource uri for the API Hub deployment. type: string - description: - description: Optional. Description of the instance. + gatewayType: + enum: + - API_HUB_GATEWAY_TYPE_UNSPECIFIED + - APIGEE_X + - APIGEE_HYBRID + - APIGEE_EDGE + - APIGEE_OPDK + enumDescriptions: + - Gateway type is not specified. + - Gateway is Apigee X for API Hub. + - Gateway is Apigee Hybrid for API Hub. + - Gateway is Apigee Edge for API Hub. + - Gateway is Apigee OPDK for API Hub. + description: The gateway type for the API Hub deployment. type: string displayName: - description: Optional. Display name for the instance. + description: The display name of the API Hub deployment. type: string - createdAt: + gateway: description: >- - Output only. Time the instance was created in milliseconds since - epoch. - readOnly: true + The gateway for the API Hub deployment. Format: + `projects/{project}/locations/{location}/plugins/{plugin}/instances/{instance}` type: string - format: int64 - lastModifiedAt: + id: >- + GoogleCloudApigeeV1SecurityAssessmentResultResourceApiHubDeploymentDetails + GoogleCloudApigeeV1StatsHostStats: + type: object + id: GoogleCloudApigeeV1StatsHostStats + properties: + metrics: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Metric' description: >- - Output only. Time the instance was last modified in milliseconds - since epoch. + In the final response, only one of the following fields will be + present based on the dimensions provided. If no dimensions are + provided, then only the top-level metrics are provided. If + dimensions are included, then there will be a top-level dimensions + field under hostnames which will contain metrics values and the + dimension name. Example: ``` "hosts": [ { "dimensions": [ { + "metrics": [ { "name": "sum(message_count)", "values": [ + "2.14049521E8" ] } ], "name": "nit_proxy" } ], "name": "example.com" + } ]``` OR ```"hosts": [ { "metrics": [ { "name": + "sum(message_count)", "values": [ "2.19026331E8" ] } ], "name": + "example.com" } ]``` List of metric values. + type: array + name: + description: Hostname used in query. + type: string + dimensions: + description: List of metrics grouped under dimensions. + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1DimensionMetric' + type: array + description: >- + Encapsulates the hostname wrapper: ``` "hosts": [ { "metrics": [ { + "name": "sum(message_count)", "values": [ "2.52056245E8" ] } ], "name": + "example.com" } ]``` + GoogleCloudApigeeV1AppGroup: + properties: + appGroupId: + description: Output only. Internal identifier that cannot be edited readOnly: true type: string - format: int64 - diskEncryptionKeyName: - description: >- - Optional. Customer Managed Encryption Key (CMEK) used for disk and - volume encryption. If not specified, a Google-Managed encryption key - will be used. Use the following format: - `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)` + name: type: string - state: description: >- - Output only. State of the instance. Values other than `ACTIVE` means - the resource is not ready to use. - readOnly: true + Immutable. Name of the AppGroup. Characters you can use in the name + are restricted to: A-Z0-9._\-$ %. + displayName: + description: app group name displayed in the UI type: string - enumDescriptions: - - Resource is in an unspecified state. - - Resource is being created. - - Resource is provisioned and ready to use. - - The resource is being deleted. - - The resource is being updated. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - - UPDATING - runtimeVersion: + status: description: >- - Output only. Version of the runtime system running in the instance. - The runtime system is the set of components that serve the API Proxy - traffic in your Environments. - readOnly: true + Valid values are `active` or `inactive`. Note that the status of the + AppGroup should be updated via UpdateAppGroupRequest by setting the + action as `active` or `inactive`. type: string - ipRange: - description: >- - Optional. Comma-separated list of CIDR blocks of length 22 and/or 28 - used to create the Apigee instance. Providing CIDR ranges is - optional. You can provide just /22 or /28 or both (or neither). - Ranges you provide should be freely available as part of a larger - named range you have allocated to the Service Networking peering. If - this parameter is not provided, Apigee automatically requests an - available /22 and /28 CIDR block from Service Networking. Use the - /22 CIDR block for configuring your firewall needs to allow traffic - from Apigee. Input formats: `a.b.c.d/22` or `e.f.g.h/28` or - `a.b.c.d/22,e.f.g.h/28` + channelId: + description: channel identifier identifies the owner maintaing this grouping. type: string - consumerAcceptList: - description: >- - Optional. Customer accept list represents the list of projects - (id/number) on customer side that can privately connect to the - service attachment. It is an optional field which the customers can - provide during the instance creation. By default, the customer - project associated with the Apigee organization will be included to - the list. - type: array + attributes: items: - type: string - serviceAttachment: - description: >- - Output only. Resource name of the service attachment created for the - instance in the format: `projects/*/regions/*/serviceAttachments/*` - Apigee customers can privately forward traffic to this service - attachment using the PSC endpoints. + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + type: array + description: A list of attributes + createdAt: readOnly: true + format: int64 type: string - accessLoggingConfig: - description: >- - Optional. Access logging configuration enables the access logging - feature at the instance. Apigee customers can enable access logging - to ship the access logs to their own project's cloud logging. - $ref: '#/components/schemas/GoogleCloudApigeeV1AccessLoggingConfig' - GoogleCloudApigeeV1AccessLoggingConfig: - id: GoogleCloudApigeeV1AccessLoggingConfig + description: Output only. Created time as milliseconds since epoch. + lastModifiedAt: + type: string + readOnly: true + format: int64 + description: Output only. Modified time as milliseconds since epoch. + channelUri: + type: string + description: A reference to the associated storefront/marketplace. + organization: + description: Immutable. the org the app group is created + type: string + type: object + id: GoogleCloudApigeeV1AppGroup description: >- - Access logging configuration enables customers to ship the access logs - from the tenant projects to their own project's cloud logging. The - feature is at the instance level ad disabled by default. It can be - enabled during CreateInstance or UpdateInstance. + AppGroup contains the request/response fields representing the logical + grouping of apps. Note that appgroup_id, create_time and update_time + cannot be changed by the user, and gets updated by the system. The name + and the organization once provided cannot be edited subsequently. + GoogleCloudApigeeV1Metadata: type: object properties: - enabled: - description: >- - Optional. Boolean flag that specifies whether the customer access - log feature is enabled. - type: boolean - filter: + errors: + items: + type: string + description: List of error messages as strings. + type: array + notices: + items: + type: string description: >- - Optional. Ship the access log entries that match the status_code - defined in the filter. The status_code is the only - expected/supported filter field. (Ex: status_code) The filter will - parse it to the Common Expression Language semantics for expression - evaluation to build the filter condition. (Ex: "filter": status_code - >= 200 && status_code < 300 ) - type: string - GoogleCloudApigeeV1ListInstancesResponse: - id: GoogleCloudApigeeV1ListInstancesResponse - description: Response for ListInstances. + List of additional information such as data source, if result was + truncated. For example: ``` "notices": [ "Source:Postgres", "PG + Host:uappg0rw.e2e.apigeeks.net", "query served + by:4b64601e-40de-4eb1-bfb9-eeee7ac929ed", "Table used: + edge.api.uapgroup2.agg_api" ]``` + type: array + id: GoogleCloudApigeeV1Metadata + description: Encapsulates additional information about query execution. + GoogleCloudApigeeV1RuntimeTraceConfigOverride: type: object + id: GoogleCloudApigeeV1RuntimeTraceConfigOverride + description: >- + NEXT ID: 7 Trace configuration override for a specific API proxy in an + environment. properties: - instances: - description: Instances in the specified organization. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Instance' - nextPageToken: + samplingConfig: + $ref: '#/components/schemas/GoogleCloudApigeeV1RuntimeTraceSamplingConfig' description: >- - Page token that you can include in a ListInstance request to - retrieve the next page of content. If omitted, no subsequent pages - exist. + Trace configuration override for a specific API proxy in an + environment. + apiProxy: + description: >- + Name of the API proxy that will have its trace configuration + overridden following format: `organizations/{org}/apis/{api}` type: string - GoogleCloudApigeeV1ListOrganizationsResponse: - id: GoogleCloudApigeeV1ListOrganizationsResponse - type: object + name: + description: >- + Name of the trace config override in the following format: + `organizations/{org}/environment/{env}/traceConfig/overrides/{override}` + type: string + revisionCreateTime: + format: google-datetime + description: The timestamp that the revision was created or updated. + type: string + revisionId: + type: string + description: >- + Revision number which can be used by the runtime to detect if the + trace config override has changed between two versions. + uid: + description: >- + Unique ID for the configuration override. The ID will only change if + the override is deleted and recreated. Corresponds to name's + "override" field. + type: string + GoogleCloudApigeeV1SecurityProfileV2: + id: GoogleCloudApigeeV1SecurityProfileV2 + description: Security profile for risk assessment version 2. properties: - organizations: - description: List of Apigee organizations and associated Google Cloud projects. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1OrganizationProjectMapping' - GoogleCloudApigeeV1OrganizationProjectMapping: - id: GoogleCloudApigeeV1OrganizationProjectMapping + description: + type: string + description: Optional. The description of the security profile. + updateTime: + description: Output only. The time of the security profile update. + readOnly: true + type: string + format: google-datetime + profileAssessmentConfigs: + description: >- + Required. The configuration for each assessment in this profile. Key + is the name/id of the assessment. + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityProfileV2ProfileAssessmentConfig + type: object + riskAssessmentType: + enumDescriptions: + - Risk assessment type is not specified. + - Risk assessment type is Apigee. + - Risk assessment type is API Hub. + description: >- + Optional. The risk assessment type of the security profile. Defaults + to ADVANCED_API_SECURITY. + enum: + - RISK_ASSESSMENT_TYPE_UNSPECIFIED + - APIGEE + - API_HUB + type: string + name: + description: >- + Identifier. Name of the security profile v2 resource. Format: + organizations/{org}/securityProfilesV2/{profile} + type: string + googleDefined: + description: Output only. Whether the security profile is google defined. + type: boolean + readOnly: true + createTime: + description: Output only. The time of the security profile creation. + format: google-datetime + readOnly: true + type: string type: object + GoogleCloudApigeeV1IngressConfig: properties: - organization: - description: Name of the Apigee organization. + revisionCreateTime: + type: string + description: Time at which the IngressConfig revision was created. + format: google-datetime + revisionId: type: string - projectIds: description: >- - DEPRECATED: Use `project_id`. An Apigee Organization is mapped to a - single project. - deprecated: true + Revision id that defines the ordering on IngressConfig resources. + The higher the revision, the more recently the configuration was + deployed. + format: int64 + name: + type: string + description: >- + Name of the resource in the following format: + `organizations/{org}/deployedIngressConfig`. + environmentGroups: + description: List of environment groups in the organization. type: array items: - type: string - projectId: - description: Google Cloud project associated with the Apigee organization - type: string - location: + $ref: '#/components/schemas/GoogleCloudApigeeV1EnvironmentGroupConfig' + uid: description: >- - Output only. The Google Cloud region where control plane data is - located. For more information, see - https://cloud.google.com/about/locations/. - readOnly: true + A unique id for the ingress config that will only change if the + organization is deleted and recreated. type: string - GoogleCloudApigeeV1Organization: - id: GoogleCloudApigeeV1Organization + id: GoogleCloudApigeeV1IngressConfig type: object + GoogleCloudApigeeV1Metric: properties: + values: + items: + type: any + description: >- + List of metric values. Possible value formats include: + `"values":["39.0"]` or `"values":[ { "value": "39.0", "timestamp": + 1232434354} ]` + type: array name: - description: Output only. Name of the Apigee organization. - readOnly: true + description: Metric name. type: string - displayName: + description: >- + Encapsulates the metric data point. For example: ```{ "name": + "sum(message_count)", "values" : [ { "timestamp": 1549004400000, + "value": "39.0" }, { "timestamp" : 1548997200000, "value" : "0.0" } ] + }``` or ```{ "name": "sum(message_count)", "values" : ["39.0"] }``` + type: object + id: GoogleCloudApigeeV1Metric + GoogleCloudApigeeV1Quota: + type: object + properties: + limit: description: >- - Optional. Display name for the Apigee organization. Unused, but - reserved for future use. + Required. Upper limit allowed for the time interval and time unit + specified. Requests exceeding this limit will be rejected. type: string - description: - description: Optional. Description of the Apigee organization. + interval: + description: >- + Required. Time interval over which the number of request messages is + calculated. type: string - customerName: - description: Not used by Apigee. + timeUnit: + description: >- + Time unit defined for the `interval`. Valid values include `minute`, + `hour`, `day`, or `month`. If `limit` and `interval` are valid, the + default value is `hour`; otherwise, the default is null. type: string - attributes: - description: Not used by Apigee. - type: array + id: GoogleCloudApigeeV1Quota + description: >- + Quota contains the essential parameters needed that can be applied on + the resources, methods, API source combination associated with this API + product. While Quota is optional, setting it prevents requests from + exceeding the provisioned parameters. + GoogleIamV1TestIamPermissionsRequest: + type: object + properties: + permissions: + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). items: type: string - createdAt: - description: >- - Output only. Time that the Apigee organization was created in - milliseconds since epoch. + type: array + id: GoogleIamV1TestIamPermissionsRequest + description: Request message for `TestIamPermissions` method. + GoogleCloudApigeeV1OrganizationProjectMapping: + id: GoogleCloudApigeeV1OrganizationProjectMapping + type: object + properties: + location: readOnly: true - type: string - format: int64 - lastModifiedAt: description: >- - Output only. Time that the Apigee organization was last modified in - milliseconds since epoch. - readOnly: true + Output only. The Google Cloud region where control plane data is + located. For more information, see + https://cloud.google.com/about/locations/. type: string - format: int64 - expiresAt: - description: >- - Output only. Time that the Apigee organization is scheduled for - deletion. - readOnly: true + projectId: type: string - format: int64 - environments: - description: Output only. List of environments in the Apigee organization. - readOnly: true + description: Google Cloud project associated with the Apigee organization + organization: + type: string + description: Name of the Apigee organization. + projectIds: type: array + description: >- + DEPRECATED: Use `project_id`. An Apigee Organization is mapped to a + single project. items: type: string - properties: - description: Optional. Properties defined in the Apigee organization profile. - $ref: '#/components/schemas/GoogleCloudApigeeV1Properties' - type: - description: Not used by Apigee. + deprecated: true + GoogleCloudApigeeV1ListEndpointAttachmentsResponse: + type: object + properties: + nextPageToken: type: string - enumDescriptions: - - Subscription type not specified. - - >- - Subscription to Apigee is free, limited, and used for evaluation - purposes only. - - >- - Full subscription to Apigee has been purchased. See [Apigee - pricing](https://cloud.google.com/apigee/pricing/). - - For internal users only. - enum: - - TYPE_UNSPECIFIED - - TYPE_TRIAL - - TYPE_PAID - - TYPE_INTERNAL - analyticsRegion: description: >- - Required. DEPRECATED: This field will eventually be deprecated and - replaced with a differently-named field. Primary Google Cloud region - for analytics data storage. For valid values, see [Create an Apigee - organization](https://cloud.google.com/apigee/docs/api-platform/get-started/create-org). - deprecated: true - type: string - authorizedNetwork: + Page token that you can include in an `ListEndpointAttachments` + request to retrieve the next page. If omitted, no subsequent pages + exist. + endpointAttachments: + description: Endpoint attachments in the specified organization. + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1EndpointAttachment' + id: GoogleCloudApigeeV1ListEndpointAttachmentsResponse + description: Response for ListEndpointAttachments method. + GoogleCloudApigeeV1ProfileConfigCategory: + id: GoogleCloudApigeeV1ProfileConfigCategory + properties: + mtls: + description: Checks to see if you have configured mTLS for the target server. + $ref: '#/components/schemas/GoogleCloudApigeeV1ProfileConfigMTLS' + abuse: + $ref: '#/components/schemas/GoogleCloudApigeeV1ProfileConfigAbuse' description: >- - Optional. Compute Engine network used for Service Networking to be - peered with Apigee runtime instances. See [Getting started with the - Service Networking - API](https://cloud.google.com/service-infrastructure/docs/service-networking/getting-started). - Valid only when [RuntimeType](#RuntimeType) is set to `CLOUD`. The - value must be set before the creation of a runtime instance and can - be updated only when there are no runtime instances. For example: - `default`. When changing authorizedNetwork, you must reconfigure VPC - peering. After VPC peering with previous network is deleted, [run - the following - command](https://cloud.google.com/sdk/gcloud/reference/services/vpc-peerings/delete): - `gcloud services vpc-peerings delete --network=NETWORK`, where - `NETWORK` is the name of the previous network. This will delete the - previous Service Networking. Otherwise, you will get the following - error: `The resource 'projects/...-tp' is already linked to another - shared VPC host 'projects/...-tp`. Apigee also supports shared VPC - (that is, the host network project is not the same as the one that - is peering with Apigee). See [Shared VPC - overview](https://cloud.google.com/vpc/docs/shared-vpc). To use a - shared VPC network, use the following format: - `projects/{host-project-id}/{region}/networks/{network-name}`. For - example: `projects/my-sharedvpc-host/global/networks/mynetwork` - **Note:** Not supported for Apigee hybrid. + Checks for abuse, which includes any requests sent to the API for + purposes other than what it is intended for, such as high volumes of + requests, data scraping, and abuse related to authorization. + cors: + description: Checks to see if you have CORS policy in place. + $ref: '#/components/schemas/GoogleCloudApigeeV1ProfileConfigCORS' + authorization: + description: Checks to see if you have an authorization policy in place. + $ref: '#/components/schemas/GoogleCloudApigeeV1ProfileConfigAuthorization' + threat: + description: Checks to see if you have a threat protection policy in place. + $ref: '#/components/schemas/GoogleCloudApigeeV1ProfileConfigThreat' + mediation: + $ref: '#/components/schemas/GoogleCloudApigeeV1ProfileConfigMediation' + description: Checks to see if you have a mediation policy in place. + type: object + description: >- + Advanced API Security provides security profile that scores the + following categories. + GoogleCloudApigeeV1SecurityReportQuery: + description: Body structure when user makes a request to create a security report. + type: object + properties: + mimeType: type: string - disableVpcPeering: description: >- - Optional. Flag that specifies whether the VPC Peering through - Private Google Access should be disabled between the consumer - network and Apigee. Valid only when RuntimeType is set to CLOUD. - Required if an authorizedNetwork on the consumer project is not - provided, in which case the flag should be set to true. The value - must be set before the creation of any Apigee runtime instance and - can be updated only when there are no runtime instances. **Note:** - Apigee will be deprecating the vpc peering model that requires you - to provide 'authorizedNetwork', by making the non-peering model as - the default way of provisioning Apigee organization in future. So, - this will be a temporary flag to enable the transition. Not - supported for Apigee hybrid. - type: boolean - runtimeType: + Valid values include: `csv` or `json`. Defaults to `json`. Note: + Configure the delimiter for CSV output using the csvDelimiter + property. + timeRange: description: >- - Required. Runtime type of the Apigee organization based on the - Apigee subscription purchased. + Required. Time range for the query. Can use the following predefined + strings to specify the time range: `last60minutes` `last24hours` + `last7days` Or, specify the timeRange as a structure describing + start and end timestamps in the ISO format: yyyy-mm-ddThh:mm:ssZ. + Example: "timeRange": { "start": "2018-07-29T00:13:00Z", "end": + "2018-08-01T00:18:00Z" } + type: any + envgroupHostname: type: string - enumDescriptions: - - Runtime type not specified. - - Google-managed Apigee runtime. - - User-managed Apigee hybrid runtime. - enum: - - RUNTIME_TYPE_UNSPECIFIED - - CLOUD - - HYBRID - subscriptionType: description: >- - Output only. DEPRECATED: This will eventually be replaced by - BillingType. Subscription type of the Apigee organization. Valid - values include trial (free, limited, and for evaluation purposes - only) or paid (full subscription has been purchased). See [Apigee - pricing](https://cloud.google.com/apigee/pricing/). - readOnly: true - deprecated: true + Hostname needs to be specified if query intends to run at host + level. This field is only allowed when query is submitted by + CreateHostSecurityReport where analytics data will be grouped by + organization and hostname. + reportDefinitionId: + description: Report Definition ID. type: string - enumDescriptions: - - Subscription type not specified. - - Full subscription to Apigee has been purchased. - - >- - Subscription to Apigee is free, limited, and used for evaluation - purposes only. - enum: - - SUBSCRIPTION_TYPE_UNSPECIFIED - - PAID - - TRIAL - billingType: + metrics: + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReportQueryMetric' + description: A list of Metrics. + dimensions: description: >- - Optional. Billing type of the Apigee organization. See [Apigee - pricing](https://cloud.google.com/apigee/pricing). + A list of dimensions. + https://docs.apigee.com/api-platform/analytics/analytics-reference#dimensions + type: array + items: + type: string + groupByTimeUnit: type: string - enumDescriptions: - - Billing type not specified. - - A pre-paid subscription to Apigee. - - Free and limited access to Apigee for evaluation purposes only. - - Access to Apigee using a Pay-As-You-Go plan. - enum: - - BILLING_TYPE_UNSPECIFIED - - SUBSCRIPTION - - EVALUATION - - PAYG - addonsConfig: - description: Optional. Addon configurations of the Apigee organization. - $ref: '#/components/schemas/GoogleCloudApigeeV1AddonsConfig' - caCertificate: description: >- - Output only. Base64-encoded public certificate for the root CA of - the Apigee organization. Valid only when [RuntimeType](#RuntimeType) - is `CLOUD`. - readOnly: true + Time unit used to group the result set. Valid values include: + second, minute, hour, day, week, or month. If a query includes + groupByTimeUnit, then the result is an aggregation based on the + specified time unit and the resultant timestamp does not include + milliseconds precision. If a query omits groupByTimeUnit, then the + resultant timestamp includes milliseconds precision. + displayName: + description: Security Report display name which users can specify. + type: string + filter: type: string - format: byte - runtimeDatabaseEncryptionKeyName: description: >- - Optional. Cloud KMS key name used for encrypting the data that is - stored and replicated across runtime instances. Update is not - allowed after the organization is created. If not specified or - [RuntimeType](#RuntimeType) is `TRIAL`, a Google-Managed encryption - key will be used. For example: - "projects/foo/locations/us/keyRings/bar/cryptoKeys/baz". **Note:** - Not supported for Apigee hybrid. + Boolean expression that can be used to filter data. Filter + expressions can be combined using AND/OR terms and should be fully + parenthesized to avoid ambiguity. See Analytics metrics, dimensions, + and filters reference + https://docs.apigee.com/api-platform/analytics/analytics-reference + for more information on the fields available to filter on. For more + information on the tokens that you use to build filter expressions, + see Filter expression syntax. + https://docs.apigee.com/api-platform/analytics/asynch-reports-api#filter-expression-syntax + csvDelimiter: + description: >- + Delimiter used in the CSV file, if `outputFormat` is set to `csv`. + Defaults to the `,` (comma) character. Supported delimiter + characters include comma (`,`), pipe (`|`), and tab (`\t`). type: string - projectId: - description: Output only. Project ID associated with the Apigee organization. - readOnly: true + limit: + type: integer + format: int32 + description: Maximum number of rows that can be returned in the result. + id: GoogleCloudApigeeV1SecurityReportQuery + GoogleCloudApigeeV1OperationMetadata: + type: object + id: GoogleCloudApigeeV1OperationMetadata + description: Metadata describing an Operation. + properties: + progress: + description: Progress of the operation. + $ref: '#/components/schemas/GoogleCloudApigeeV1OperationMetadataProgress' + targetResourceName: + description: Name of the resource for which the operation is operating on. type: string + warnings: + items: + type: string + description: Warnings encountered while executing the operation. + type: array state: - description: >- - Output only. State of the organization. Values other than ACTIVE - means the resource is not ready to use. - readOnly: true - type: string - enumDescriptions: - - Resource is in an unspecified state. - - Resource is being created. - - Resource is provisioned and ready to use. - - The resource is being deleted. - - The resource is being updated. enum: - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - - UPDATING - portalDisabled: - description: Optional. Configuration for the Portals settings. - type: boolean - apiConsumerDataEncryptionKeyName: - description: >- - Optional. Cloud KMS key name used for encrypting API consumer data. - If not specified or [BillingType](#BillingType) is `EVALUATION`, a - Google-Managed encryption key will be used. Format: - `projects/*/locations/*/keyRings/*/cryptoKeys/*` - type: string - controlPlaneEncryptionKeyName: - description: >- - Optional. Cloud KMS key name used for encrypting control plane data - that is stored in a multi region. Only used for the data residency - region "US" or "EU". If not specified or [BillingType](#BillingType) - is `EVALUATION`, a Google-Managed encryption key will be used. - Format: `projects/*/locations/*/keyRings/*/cryptoKeys/*` - type: string - apiConsumerDataLocation: - description: >- - Optional. This field is needed only for customers using non-default - data residency regions. Apigee stores some control plane data only - in single region. This field determines which single region Apigee - should use. For example: "us-west1" when control plane is in US or - "europe-west2" when control plane is in EU. - type: string - apigeeProjectId: - description: >- - Output only. Apigee Project ID associated with the organization. Use - this project to allowlist Apigee in the Service Attachment when - using private service connect with Apigee. - readOnly: true + - NOT_STARTED + - IN_PROGRESS + - FINISHED + enumDescriptions: + - '' + - '' + - '' + - '' type: string - subscriptionPlan: - description: >- - Output only. Subscription plan that the customer has purchased. - Output only. - readOnly: true + operationType: + enum: + - OPERATION_TYPE_UNSPECIFIED + - INSERT + - DELETE + - UPDATE type: string enumDescriptions: - - Subscription plan not specified. - - Traditional subscription plan. - - >- - New subscription plan that provides standard proxy and scaled - proxy implementation. - enum: - - SUBSCRIPTION_PLAN_UNSPECIFIED - - SUBSCRIPTION_2021 - - SUBSCRIPTION_2024 - networkEgressRestricted: - description: >- - Optional. Flag that specifies if internet egress is restricted for - VPC Service Controls. Valid only when runtime_type is `CLOUD` and - disable_vpc_peering is `true`. - type: boolean - GoogleCloudApigeeV1GetSyncAuthorizationRequest: - id: GoogleCloudApigeeV1GetSyncAuthorizationRequest - description: Request for GetSyncAuthorization. - type: object - properties: {} - GoogleCloudApigeeV1SyncAuthorization: - id: GoogleCloudApigeeV1SyncAuthorization + - '' + - '' + - '' + - '' + GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsResponse: + description: Response for BatchComputeSecurityAssessmentResults. + id: GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsResponse type: object properties: - identities: + nextPageToken: + type: string description: >- - Required. Array of service accounts to grant access to control plane - resources, each specified using the following format: - `serviceAccount:` service-account-name. The service-account-name is - formatted like an email address. For example: - `my-synchronizer-manager-service_account@my_project_id.iam.gserviceaccount.com` - You might specify multiple service accounts, for example, if you - have multiple environments and wish to assign a unique service - account to each one. The service accounts must have **Apigee - Synchronizer Manager** role. See also [Create service - accounts](https://cloud.google.com/apigee/docs/hybrid/latest/sa-about#create-the-service-accounts). + A token that can be sent as `page_token` to retrieve the next page. + If this field is blank, there are no subsequent pages. + assessmentTime: + description: The time of the assessment api call. + format: google-datetime + type: string + securityAssessmentResults: type: array + description: Default sort order is by resource name in alphabetic order. items: - type: string - etag: - description: >- - Entity tag (ETag) used for optimistic concurrency control as a way - to help prevent simultaneous updates from overwriting each other. - For example, when you call - [getSyncAuthorization](organizations/getSyncAuthorization) an ETag - is returned in the response. Pass that ETag when calling the - [setSyncAuthorization](organizations/setSyncAuthorization) to ensure - that you are updating the correct version. If you don't pass the - ETag in the call to `setSyncAuthorization`, then the existing - authorization is overwritten indiscriminately. **Note**: We strongly - recommend that you use the ETag in the read-modify-write cycle to - avoid race conditions. - type: string - format: byte - GoogleCloudApigeeV1ControlPlaneAccess: - id: GoogleCloudApigeeV1ControlPlaneAccess + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityAssessmentResult' + GoogleCloudApigeeV1AppGroupApp: + id: GoogleCloudApigeeV1AppGroupApp description: >- - ControlPlaneAccess is the request body and response body of - UpdateControlPlaneAccess. and the response body of - GetControlPlaneAccess. The input identities contains an array of service - accounts to grant access to the respective control plane resource, with - each service account specified using the following format: - `serviceAccount:`***service-account-name***. The - ***service-account-name*** is formatted like an email address. For - example: - `my-control-plane-service_account@my_project_id.iam.gserviceaccount.com` - You might specify multiple service accounts, for example, if you have - multiple environments and wish to assign a unique service account to - each one. - type: object + Response for [GetAppGroupApp].[AppGroupApps.GetAppGroupApp], + [CreateAppGroupAppRequest].[AppGroupApp.CreateAppGroupAppRequest] and + [DeleteAppGroupApp].[AppGroupApp.DeleteAppGroupApp] properties: - name: + createdAt: + readOnly: true description: >- - Identifier. The resource name of the ControlPlaneAccess. Format: - "organizations/{org}/controlPlaneAccess" + Output only. Time the AppGroup app was created in milliseconds since + epoch. type: string - synchronizerIdentities: - description: >- - Optional. Array of service accounts to grant access to control plane - resources (for the Synchronizer component). The service accounts - must have **Apigee Synchronizer Manager** role. See also [Create - service - accounts](https://cloud.google.com/apigee/docs/hybrid/latest/sa-about#create-the-service-accounts). - type: array + format: int64 + attributes: + description: List of attributes for the AppGroup app. items: - type: string - analyticsPublisherIdentities: - description: >- - Optional. Array of service accounts authorized to publish analytics - data to the control plane (for the Message Processor component). + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' type: array + appGroup: + type: string + description: >- + Immutable. Name of the parent AppGroup whose resource name format is + of syntax (organizations/*/appgroups/*). + apiProducts: + description: List of API products associated with the AppGroup app. items: type: string - GoogleCloudApigeeV1SetAddonsRequest: - id: GoogleCloudApigeeV1SetAddonsRequest - description: Request for SetAddons. - type: object - properties: - addonsConfig: - description: Required. Add-on configurations. - $ref: '#/components/schemas/GoogleCloudApigeeV1AddonsConfig' - GoogleCloudApigeeV1Reference: - id: GoogleCloudApigeeV1Reference - description: >- - A Reference configuration. References must refer to a keystore that also - exists in the parent environment. - type: object - properties: - name: + type: array + lastModifiedAt: + format: int64 + readOnly: true description: >- - Required. The resource id of this reference. Values must match the - regular expression [\w\s\-.]+. + Output only. Time the AppGroup app was modified in milliseconds + since epoch. type: string - description: - description: Optional. A human-readable description of this reference. + appId: + description: Immutable. ID of the AppGroup app. type: string - resourceType: - description: >- - The type of resource referred to by this reference. Valid values are - 'KeyStore' or 'TrustStore'. + status: + description: Status of the App. Valid values include `approved` or `revoked`. type: string - refers: + scopes: + items: + type: string description: >- - Required. The id of the resource to which this reference refers. - Must be the id of a resource that exists in the parent environment - and is of the given resource_type. - type: string - GoogleCloudApigeeV1IngressConfig: - id: GoogleCloudApigeeV1IngressConfig - type: object - properties: + Scopes to apply to the AppGroup app. The specified scopes must + already exist for the API product that you associate with the + AppGroup app. + type: array name: - description: >- - Name of the resource in the following format: - `organizations/{org}/deployedIngressConfig`. type: string - uid: description: >- - A unique id for the ingress config that will only change if the - organization is deleted and recreated. - type: string - revisionId: + Immutable. Name of the AppGroup app whose resource name format is of + syntax (organizations/*/appgroups/*/apps/*). + callbackUrl: description: >- - Revision id that defines the ordering on IngressConfig resources. - The higher the revision, the more recently the configuration was - deployed. + Callback URL used by OAuth 2.0 authorization servers to communicate + authorization codes back to AppGroup apps. type: string + keyExpiresIn: format: int64 - revisionCreateTime: - description: Time at which the IngressConfig revision was created. + description: >- + Immutable. Expiration time, in seconds, for the consumer key that is + generated for the AppGroup app. If not set or left to the default + value of `-1`, the API key never expires. The expiration time can't + be updated after it is set. type: string - format: google-datetime - environmentGroups: - description: List of environment groups in the organization. + credentials: type: array + description: >- + Output only. Set of credentials for the AppGroup app consisting of + the consumer key/secret pairs associated with the API products. items: - $ref: '#/components/schemas/GoogleCloudApigeeV1EnvironmentGroupConfig' - GoogleCloudApigeeV1EnvironmentGroupConfig: - id: GoogleCloudApigeeV1EnvironmentGroupConfig - description: >- - EnvironmentGroupConfig is a revisioned snapshot of an EnvironmentGroup - and its associated routing rules. + $ref: '#/components/schemas/GoogleCloudApigeeV1Credential' + readOnly: true + type: object + GoogleCloudApigeeV1MoveSharedFlowRequest: + description: Moves a Shared Flow to a different space. type: object + id: GoogleCloudApigeeV1MoveSharedFlowRequest properties: - name: + space: description: >- - Name of the environment group in the following format: - `organizations/{org}/envgroups/{envgroup}`. + Optional. Resource ID of the space to move the shared flow to. If + unspecified, the shared flow will be moved to the organization + level. type: string - uid: + GoogleCloudApigeeV1ExportRequest: + type: object + properties: + outputFormat: description: >- - A unique id for the environment group config that will only change - if the environment group is deleted and recreated. + Optional. Output format of the export. Valid values include: `csv` + or `json`. Defaults to `json`. Note: Configure the delimiter for CSV + output using the `csvDelimiter` property. + type: string + datastoreName: + description: Required. Name of the preconfigured datastore. + type: string + description: + description: Optional. Description of the export job. + type: string + dateRange: + description: Required. Date range of the data to export. + $ref: '#/components/schemas/GoogleCloudApigeeV1DateRange' + csvDelimiter: type: string - revisionId: description: >- - Revision id that defines the ordering of the EnvironmentGroupConfig - resource. The higher the revision, the more recently the - configuration was deployed. + Optional. Delimiter used in the CSV file, if `outputFormat` is set + to `csv`. Defaults to the `,` (comma) character. Supported delimiter + characters include comma (`,`), pipe (`|`), and tab (`\t`). + name: + description: Required. Display name of the export job. type: string - format: int64 - hostnames: - description: Host names for the environment group. - type: array + id: GoogleCloudApigeeV1ExportRequest + description: Request body for [CreateExportRequest] + GoogleCloudApigeeV1StatsEnvironmentStats: + properties: + name: + description: Name of the environment. + type: string + metrics: items: - type: string - routingRules: + $ref: '#/components/schemas/GoogleCloudApigeeV1Metric' description: >- - Ordered list of routing rules defining how traffic to this - environment group's hostnames should be routed to different - environments. + In the final response, only one of the following fields will be + present based on the dimensions provided. If no dimensions are + provided, then only top-level metrics is provided. If dimensions are + included, then there will be a top-level dimensions field under + environments which will contain metrics values and the dimension + name. Example: ``` "environments": [ { "dimensions": [ { "metrics": + [ { "name": "sum(message_count)", "values": [ "2.14049521E8" ] } ], + "name": "nit_proxy" } ], "name": "prod" } ]``` or ```"environments": + [ { "metrics": [ { "name": "sum(message_count)", "values": [ + "2.19026331E8" ] } ], "name": "prod" } ]``` List of metric values. type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1RoutingRule' - location: - description: >- - When this message appears in the top-level IngressConfig, this field - will be populated in lieu of the inlined routing_rules and hostnames - fields. Some URL for downloading the full EnvironmentGroupConfig for - this group. - type: string - endpointChainingRules: - description: A list of proxies in each deployment group for proxy chaining calls. + dimensions: type: array + description: List of metrics grouped under dimensions. items: - $ref: '#/components/schemas/GoogleCloudApigeeV1EndpointChainingRule' - GoogleCloudApigeeV1RoutingRule: - id: GoogleCloudApigeeV1RoutingRule + $ref: '#/components/schemas/GoogleCloudApigeeV1DimensionMetric' + type: object + id: GoogleCloudApigeeV1StatsEnvironmentStats + description: >- + Encapsulates the environment wrapper: ``` "environments": [ { "metrics": + [ { "name": "sum(message_count)", "values": [ "2.52056245E8" ] } ], + "name": "prod" } ]``` + GoogleTypeMoney: + description: Represents an amount of money with its currency type. type: object properties: - basepath: - description: >- - URI path prefix used to route to the specified environment. May - contain one or more wildcards. For example, path segments consisting - of a single `*` character will match any string. + currencyCode: type: string - environment: + description: The three-letter currency code defined in ISO 4217. + units: description: >- - Name of an environment bound to the environment group in the - following format: `organizations/{org}/environments/{env}`. Only one - of environment or deployment_group will be set. + The whole units of the amount. For example if `currencyCode` is + `"USD"`, then 1 unit is one US dollar. + format: int64 type: string - deploymentGroup: + nanos: + format: int32 description: >- - Name of a deployment group in an environment bound to the - environment group in the following format: - `organizations/{org}/environment/{env}/deploymentGroups/{group}` - Only one of environment or deployment_group will be set. - type: string - otherTargets: + Number of nano (10^-9) units of the amount. The value must be + between -999,999,999 and +999,999,999 inclusive. If `units` is + positive, `nanos` must be positive or zero. If `units` is zero, + `nanos` can be positive, zero, or negative. If `units` is negative, + `nanos` must be negative or zero. For example $-1.75 is represented + as `units`=-1 and `nanos`=-750,000,000. + type: integer + id: GoogleTypeMoney + GoogleCloudApigeeV1Deployment: + properties: + errors: description: >- - Conflicting targets, which will be resource names specifying either - deployment groups or environments. + Errors reported for this deployment. Populated only when state == + ERROR. **Note**: This field is displayed only when viewing + deployment status. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + routeConflicts: type: array items: - type: string - envGroupRevision: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1DeploymentChangeReportRoutingConflict description: >- - The env group config revision_id when this rule was added or last - updated. This value is set when the rule is created and will only - update if the the environment_id changes. It is used to determine if - the runtime is up to date with respect to this rule. This field is - omitted from the IngressConfig unless the GetDeployedIngressConfig - API is called with view=FULL. + Conflicts in the desired state routing configuration. The presence + of conflicts does not cause the state to be `ERROR`, but it will + mean that some of the deployment's base paths are not routed to its + environment. If the conflicts change, the state will transition to + `PROGRESSING` until the latest configuration is rolled out to all + instances. **Note**: This field is displayed only when viewing + deployment status. + revision: type: string - format: int64 - updateTime: + description: API proxy revision. + instances: description: >- - The unix timestamp when this rule was updated. This is updated - whenever env_group_revision is updated. This field is omitted from - the IngressConfig unless the GetDeployedIngressConfig API is called - with view=FULL. + Status reported by each runtime instance. **Note**: This field is + displayed only when viewing deployment status. + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1InstanceDeploymentStatus' + type: array + environment: type: string - format: google-datetime - receiver: + description: Environment. + deployStartTime: description: >- - The resource name of the proxy revision that is receiving this - basepath in the following format: - `organizations/{org}/apis/{api}/revisions/{rev}`. This field is - omitted from the IngressConfig unless the GetDeployedIngressConfig - API is called with view=FULL. + Time the API proxy was marked `deployed` in the control plane in + millisconds since epoch. + format: int64 type: string - GoogleCloudApigeeV1EndpointChainingRule: - id: GoogleCloudApigeeV1EndpointChainingRule - description: >- - EndpointChainingRule specifies the proxies contained in a particular - deployment group, so that other deployment groups can find them in - chaining calls. - type: object - properties: - proxyIds: - description: List of proxy ids which may be found in the given deployment group. - type: array - items: - type: string - deploymentGroup: + serviceAccount: description: >- - The deployment group to target for cross-shard chaining calls to - these proxies. + The full resource name of Cloud IAM Service Account that this + deployment is using, eg, `projects/-/serviceAccounts/{email}`. type: string - GoogleCloudApigeeV1ReportInstanceStatusRequest: - id: GoogleCloudApigeeV1ReportInstanceStatusRequest - description: Request for ReportInstanceStatus. - type: object - properties: - instanceUid: - description: >- - A unique ID for the instance which is guaranteed to be unique in - case the user installs multiple hybrid runtimes with the same - instance ID. + proxyDeploymentType: type: string - reportTime: + enum: + - PROXY_DEPLOYMENT_TYPE_UNSPECIFIED + - STANDARD + - EXTENSIBLE description: >- - The time the report was generated in the runtime. Used to prevent an - old status from overwriting a newer one. An instance should space - out it's status reports so that clock skew does not play a factor. - type: string - format: google-datetime - resources: - description: Status for config resources - type: array + Output only. The type of the deployment (standard or extensible) + Deployed proxy revision will be marked as extensible in following 2 + cases. 1. The deployed proxy revision uses extensible policies. 2. + If a environment supports flowhooks and flow hook is configured. + enumDescriptions: + - >- + Default value till public preview. After public preview this value + should not be returned. + - >- + Deployment will be of type Standard if only Standard proxies are + used + - >- + Proxy will be of type Extensible if deployments uses one or more + Extensible proxies + readOnly: true + pods: items: - $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceStatus' - GoogleCloudApigeeV1ResourceStatus: - id: GoogleCloudApigeeV1ResourceStatus - description: The status of a resource loaded in the runtime. - type: object - properties: - resource: + $ref: '#/components/schemas/GoogleCloudApigeeV1PodStatus' description: >- - The resource name. Currently only two resources are supported: - EnvironmentGroup - organizations/{org}/envgroups/{envgroup} - EnvironmentConfig - - organizations/{org}/environments/{environment}/deployedConfig + Status reported by runtime pods. **Note**: **This field is + deprecated**. Runtime versions 1.3 and above report instance level + status rather than pod status. + type: array + apiProxy: + description: API proxy. type: string - uid: + state: description: >- - The uid of the resource. In the unexpected case that the instance - has multiple uids for the same name, they should be reported under - separate ResourceStatuses. + Current state of the deployment. **Note**: This field is displayed + only when viewing deployment status. + enum: + - RUNTIME_STATE_UNSPECIFIED + - READY + - PROGRESSING + - ERROR type: string - totalReplicas: - description: The total number of replicas that should have this resource. - type: integer - format: int32 - revisions: - description: Revisions of the resource currently deployed in the instance. + enumDescriptions: + - This value should never be returned. + - Runtime has loaded the deployment. + - Deployment is not fully ready in the runtime. + - >- + Encountered an error with the deployment that requires + intervention. + id: GoogleCloudApigeeV1Deployment + description: Deployment represents a deployment of an API proxy or shared flow. + type: object + GoogleCloudApigeeV1MaintenanceUpdatePolicyMaintenanceWindow: + id: GoogleCloudApigeeV1MaintenanceUpdatePolicyMaintenanceWindow + description: >- + MaintenanceWindow specifies the preferred day of the week and time of + day to perform maintenance. + type: object + properties: + day: + type: string + enumDescriptions: + - The day of the week is unspecified. + - Monday + - Tuesday + - Wednesday + - Thursday + - Friday + - Saturday + - Sunday + description: >- + Required. Preferred day of the week for maintenance, e.g. MONDAY, + TUESDAY, etc. + enum: + - DAY_OF_WEEK_UNSPECIFIED + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + - SUNDAY + startTime: + description: Required. The start time (UTC) of the maintenance window. + $ref: '#/components/schemas/GoogleTypeTimeOfDay' + GoogleCloudApigeeV1ApiSecurityRuntimeConfig: + type: object + description: >- + Response for + GetApiSecurityRuntimeConfig[EnvironmentService.GetApiSecurityRuntimeConfig]. + properties: + name: + description: >- + Name of the environment API Security Runtime configuration resource. + Format: + `organizations/{org}/environments/{env}/apiSecurityRuntimeConfig` + type: string + revisionId: + description: >- + Revision ID of the API Security Runtime configuration. The higher + the value, the more recently the configuration was deployed. + format: int64 + type: string + uid: + description: >- + Unique ID for the API Security Runtime configuration. The ID will + only change if the environment is deleted and recreated. + type: string + updateTime: + description: Time that the API Security Runtime configuration was updated. + type: string + format: google-datetime + location: type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1RevisionStatus' - GoogleCloudApigeeV1RevisionStatus: - id: GoogleCloudApigeeV1RevisionStatus - description: The status of a specific resource revision. + type: string + description: A list of up to 5 Cloud Storage Blobs that contain SecurityActions. + id: GoogleCloudApigeeV1ApiSecurityRuntimeConfig + GoogleCloudApigeeV1NodeConfig: + description: >- + NodeConfig for setting the min/max number of nodes associated with the + environment. + id: GoogleCloudApigeeV1NodeConfig type: object properties: - revisionId: - description: The revision of the resource. + currentAggregateNodeCount: type: string - replicas: - description: The number of replicas that have successfully loaded this revision. - type: integer + format: int64 + readOnly: true + description: >- + Output only. The current total number of gateway nodes that each + environment currently has across all instances. + maxNodeCount: + format: int64 + type: string + description: >- + Optional. The maximum total number of gateway nodes that the is + reserved for all instances that has the specified environment. If + not specified, the default is determined by the recommended maximum + number of nodes for that gateway. + minNodeCount: + description: >- + Optional. The minimum total number of gateway nodes that the is + reserved for all instances that has the specified environment. If + not specified, the default is determined by the recommended minimum + number of nodes for that gateway. + type: string + format: int64 + GoogleCloudApigeeV1InstanceDeploymentStatusDeployedRoute: + properties: + basepath: + description: Base path in the routing table. + type: string + environment: + description: >- + Destination environment. This will be empty if the route is not yet + reported. + type: string + percentage: + description: Percentage of ingress replicas reporting this route. format: int32 - errors: - description: Errors reported when attempting to load this revision. - type: array + type: integer + envgroup: + type: string + description: Environment group where this route is installed. + type: object + id: GoogleCloudApigeeV1InstanceDeploymentStatusDeployedRoute + description: Route deployed in the ingress routing table. + GoogleCloudApigeeV1DeploymentChangeReportRoutingConflict: + description: >- + Describes a routing conflict that may cause a deployment not to receive + traffic at some base path. + properties: + description: + description: Human-readable description of this conflict. + type: string + environmentGroup: + description: Name of the environment group in which this conflict exists. + type: string + conflictingDeployment: + description: Existing base path/deployment causing the conflict. + $ref: >- + #/components/schemas/GoogleCloudApigeeV1DeploymentChangeReportRoutingDeployment + type: object + id: GoogleCloudApigeeV1DeploymentChangeReportRoutingConflict + EdgeConfigstoreBundleBadBundleViolation: + properties: + filename: + description: >- + The filename (including relative path from the bundle root) in which + the error occurred. + type: string + description: + type: string + description: A description of why the bundle is invalid and how to fix it. + type: object + id: EdgeConfigstoreBundleBadBundleViolation + description: A message type used to describe a single bundle validation error. + GoogleCloudApigeeV1ListDebugSessionsResponse: + id: GoogleCloudApigeeV1ListDebugSessionsResponse + type: object + properties: + nextPageToken: + description: >- + Page token that you can include in a ListDebugSessionsRequest to + retrieve the next page. If omitted, no subsequent pages exist. + type: string + sessions: items: - $ref: '#/components/schemas/GoogleCloudApigeeV1UpdateError' - jsonSpec: + $ref: '#/components/schemas/GoogleCloudApigeeV1Session' + type: array description: >- - The json content of the resource revision. Large specs should be - sent individually via the spec field to avoid hitting request size - limits. + Session info that includes debug session ID and the first + transaction creation timestamp. + GoogleCloudApigeeV1DeploymentChangeReportRoutingDeployment: + type: object + description: Tuple representing a base path and the deployment containing it. + properties: + apiProxy: + type: string + description: Name of the deployed API proxy revision containing the base path. + revision: + description: Name of the deployed API proxy revision containing the base path. + type: string + basepath: + description: Base path receiving traffic. + type: string + environment: + description: Name of the environment in which the proxy is deployed. + type: string + id: GoogleCloudApigeeV1DeploymentChangeReportRoutingDeployment + GoogleCloudApigeeV1DeploymentChangeReportRoutingChange: + id: GoogleCloudApigeeV1DeploymentChangeReportRoutingChange + properties: + fromDeployment: + description: Base path/deployment that may stop receiving some traffic. + $ref: >- + #/components/schemas/GoogleCloudApigeeV1DeploymentChangeReportRoutingDeployment + environmentGroup: + type: string + description: Name of the environment group affected by this routing change. + description: + description: Human-readable description of this routing change. type: string + shouldSequenceRollout: + type: boolean + description: >- + Set to `true` if using sequenced rollout would make this routing + change safer. **Note**: This does not necessarily imply that + automated sequenced rollout mode is supported for the operation. + toDeployment: + description: >- + Base path/deployment that may start receiving that traffic. May be + null if no deployment is able to receive the traffic. + $ref: >- + #/components/schemas/GoogleCloudApigeeV1DeploymentChangeReportRoutingDeployment + type: object + description: >- + Describes a potential routing change that may occur as a result of some + deployment operation. GoogleCloudApigeeV1UpdateError: id: GoogleCloudApigeeV1UpdateError - description: Details on why a resource update failed in the runtime. - type: object properties: resource: description: >- @@ -3664,8 +3835,6 @@ components: instances. type: string code: - description: Status code. - type: string enumDescriptions: - 'Not an error; returned on success. HTTP Mapping: 200 OK' - >- @@ -3767,6 +3936,7 @@ components: - >- Unrecoverable data loss or corruption. HTTP Mapping: 500 Internal Server Error + description: Status code. enum: - OK - CANCELLED @@ -3785,529 +3955,445 @@ components: - INTERNAL - UNAVAILABLE - DATA_LOSS + type: string message: - description: User-friendly error message. type: string - GoogleCloudApigeeV1ReportInstanceStatusResponse: - id: GoogleCloudApigeeV1ReportInstanceStatusResponse - description: Placeholder for future enhancements to status reporting protocol + description: User-friendly error message. type: object - properties: {} - GoogleCloudApigeeV1CanaryEvaluation: - id: GoogleCloudApigeeV1CanaryEvaluation - description: >- - CanaryEvaluation represents the canary analysis between two versions of - the runtime that is serving requests. + description: Details on why a resource update failed in the runtime. + GoogleCloudApigeeV1ReferenceConfig: type: object + id: GoogleCloudApigeeV1ReferenceConfig properties: - name: - description: Output only. Name of the canary evalution. - readOnly: true - type: string - createTime: - description: Output only. Create time of the canary evaluation. - readOnly: true - type: string - format: google-datetime - startTime: - description: Required. Start time for the canary evaluation's analysis. + resourceName: + description: >- + Name of the referenced resource in the following format: + `organizations/{org}/environments/{env}/keystores/{keystore}` Only + references to keystore resources are supported. type: string - format: google-datetime - endTime: - description: Required. End time for the evaluation's analysis. + name: type: string - format: google-datetime - metricLabels: description: >- - Required. Labels used to filter the metrics used for a canary - evaluation. - $ref: '#/components/schemas/GoogleCloudApigeeV1CanaryEvaluationMetricLabels' - control: - description: Required. The stable version that is serving requests. - type: string - treatment: - description: Required. The newer version that is serving requests. - type: string - verdict: - description: >- - Output only. The resulting verdict of the canary evaluations: NONE, - PASS, or FAIL. - readOnly: true - type: string - enumDescriptions: - - Verdict is not available yet. - - No verdict reached. - - Evaluation is not good. - - Evaluation is good. - enum: - - VERDICT_UNSPECIFIED - - NONE - - FAIL - - PASS - state: - description: Output only. The current state of the canary evaluation. - readOnly: true - type: string - enumDescriptions: - - No state has been specified. - - The canary evaluation is still in progress. - - The canary evaluation has finished. - enum: - - STATE_UNSPECIFIED - - RUNNING - - SUCCEEDED - GoogleCloudApigeeV1CanaryEvaluationMetricLabels: - id: GoogleCloudApigeeV1CanaryEvaluationMetricLabels - description: Labels that can be used to filter Apigee metrics. + Name of the reference in the following format: + `organizations/{org}/environments/{env}/references/{reference}` + GoogleCloudApigeeV1ResourceFile: + description: Metadata about a resource file. type: object + id: GoogleCloudApigeeV1ResourceFile properties: - env: - description: The environment ID associated with the metrics. - type: string - location: - description: Required. The location associated with the metrics. - type: string - instance_id: - description: >- - Required. The instance ID associated with the metrics. In Apigee - Hybrid, the value is configured during installation. + type: type: string - GoogleCloudApigeeV1RuntimeConfig: - id: GoogleCloudApigeeV1RuntimeConfig - description: >- - Runtime configuration for the organization. Response for - GetRuntimeConfig. - type: object - properties: + description: Resource file type. {{ resource_file_type }} name: - description: >- - Name of the resource in the following format: - `organizations/{org}/runtimeConfig`. type: string - analyticsBucket: - description: Cloud Storage bucket used for uploading Analytics records. + description: ID of the resource file. + GoogleCloudApigeeV1Session: + properties: + id: type: string - traceBucket: - description: Cloud Storage bucket used for uploading Trace records. + description: The debug session ID. + timestampMs: type: string - tenantProjectId: + format: int64 description: >- - Output only. Tenant project ID associated with the Apigee - organization. The tenant project is used to host Google-managed - resources that are dedicated to this Apigee organization. Clients - have limited access to resources within the tenant project used to - support Apigee runtime instances. Access to the tenant project is - managed using SetSyncAuthorization. It can be empty if the tenant - project hasn't been created yet. - readOnly: true - type: string - GoogleCloudApigeeV1ListSharedFlowsResponse: - id: GoogleCloudApigeeV1ListSharedFlowsResponse + The first transaction creation timestamp in millisecond, recorded by + UAP. type: object - properties: - sharedFlows: - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1SharedFlow' - GoogleCloudApigeeV1SharedFlow: - id: GoogleCloudApigeeV1SharedFlow - description: The metadata describing a shared flow + description: Session carries the debug session id and its creation time. + id: GoogleCloudApigeeV1Session + GoogleLongrunningOperation: + id: GoogleLongrunningOperation type: object + description: >- + This resource represents a long-running operation that is the result of + a network API call. properties: - metaData: - description: Metadata describing the shared flow. - $ref: '#/components/schemas/GoogleCloudApigeeV1EntityMetadata' + response: + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object name: - description: The ID of the shared flow. - type: string - revision: - description: A list of revisions of this shared flow. - type: array - items: - type: string - latestRevisionId: - description: The id of the most recently created revision for this shared flow. type: string - space: description: >- - Optional. The ID of the space associated with this shared flow. Any - IAM policies applied to the space will control access to this shared - flow. To learn how Spaces can be used to manage resources, read the - [Apigee Spaces - Overview](https://cloud.google.com/apigee/docs/api-platform/system-administration/spaces/apigee-spaces-overview). - type: string - GoogleCloudApigeeV1SharedFlowRevision: - id: GoogleCloudApigeeV1SharedFlowRevision - description: The metadata describing a shared flow revision. - type: object - properties: - configurationVersion: + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + done: description: >- - The version of the configuration schema to which this shared flow - conforms. The only supported value currently is majorVersion 4 and - minorVersion 0. This setting may be used in the future to enable - evolution of the shared flow format. - $ref: '#/components/schemas/GoogleCloudApigeeV1ConfigVersion' - contextInfo: - description: A textual description of the shared flow revision. - type: string - createdAt: + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + error: description: >- - Time at which this shared flow revision was created, in milliseconds - since epoch. - type: string - format: int64 - displayName: - description: The human readable name of this shared flow. - type: string - description: - description: Description of the shared flow revision. - type: string - entityMetaDataAsProperties: - description: A Key-Value map of metadata about this shared flow revision. + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/GoogleRpcStatus' + metadata: type: object - additionalProperties: - type: string - lastModifiedAt: description: >- - Time at which this shared flow revision was most recently modified, - in milliseconds since epoch. - type: string - format: int64 - revision: - description: The resource ID of this revision. - type: string - name: - description: The resource ID of the parent shared flow. + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + GoogleLongrunningListOperationsResponse: + properties: + nextPageToken: type: string - policies: - description: A list of policy names included in this shared flow revision. + description: The standard List next-page token. + operations: type: array - items: - type: string - resourceFiles: - description: The resource files included in this shared flow revision. - $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceFiles' - resources: description: >- - A list of the resources included in this shared flow revision - formatted as "{type}://{name}". - type: array + A list of operations that matches the specified filter in the + request. items: - type: string - sharedFlows: - description: >- - A list of the shared flow names included in this shared flow - revision. - type: array + $ref: '#/components/schemas/GoogleLongrunningOperation' + unreachable: items: type: string - type: - description: The string "Application" - type: string - GoogleCloudApigeeV1MoveSharedFlowRequest: - id: GoogleCloudApigeeV1MoveSharedFlowRequest - description: Moves a Shared Flow to a different space. - type: object - properties: - space: + type: array description: >- - Optional. Resource ID of the space to move the shared flow to. If - unspecified, the shared flow will be moved to the organization - level. - type: string - GoogleCloudApigeeV1Space: - id: GoogleCloudApigeeV1Space - description: Organization space resource. + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + id: GoogleLongrunningListOperationsResponse + type: object + description: The response message for Operations.ListOperations. + GoogleCloudApigeeV1ConfigVersion: + description: >- + Version of the API proxy configuration schema. Currently, only 4.0 is + supported. type: object + id: GoogleCloudApigeeV1ConfigVersion properties: - name: - description: >- - Output only. Identifier. Id of the space. This field is used as the - resource name, and must follow [AIP-122](https://google.aip.dev/122) - guidelines. - readOnly: true + minorVersion: + type: integer + description: Minor version of the API proxy configuration schema. + format: int32 + majorVersion: + format: int32 + description: Major version of the API proxy configuration schema. + type: integer + GoogleCloudApigeeV1RuntimeTraceConfig: + properties: + endpoint: type: string - displayName: - description: Optional. Display name of the space. + description: Endpoint of the exporter. + exporter: + description: >- + Exporter that is used to view the distributed trace captured using + OpenCensus. An exporter sends traces to any backend that is capable + of consuming them. Recorded spans can be exported by registered + exporters. + enum: + - EXPORTER_UNSPECIFIED + - JAEGER + - CLOUD_TRACE type: string - createTime: - description: Output only. Create timestamp of the space. - readOnly: true + enumDescriptions: + - Exporter unspecified + - Jaeger exporter + - Cloudtrace exporter + revisionId: + description: >- + Revision number which can be used by the runtime to detect if the + trace config has changed between two versions. type: string - format: google-datetime - updateTime: - description: Output only. Last modified timestamp of the space. - readOnly: true + name: type: string + description: >- + Name of the trace config in the following format: + `organizations/{org}/environment/{env}/traceConfig` + samplingConfig: + $ref: '#/components/schemas/GoogleCloudApigeeV1RuntimeTraceSamplingConfig' + description: Trace configuration for all API proxies in an environment. + revisionCreateTime: + description: The timestamp that the revision was created or updated. format: google-datetime - GoogleCloudApigeeV1ListSpacesResponse: - id: GoogleCloudApigeeV1ListSpacesResponse + type: string + overrides: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1RuntimeTraceConfigOverride' + description: List of trace configuration overrides for spicific API proxies. + type: array + type: object description: >- - A response to a ListSpaces request containing the list of organization - spaces and a page token for the next page. + NEXT ID: 8 RuntimeTraceConfig defines the configurations for distributed + trace in an environment. + id: GoogleCloudApigeeV1RuntimeTraceConfig + GoogleCloudApigeeV1ScoreComponentRecommendationActionActionContext: type: object properties: - spaces: - description: List of Apigee organization spaces. - type: array + documentationLink: + description: Documentation link for the action. + type: string + description: Action context are all the relevant details for the action. + id: GoogleCloudApigeeV1ScoreComponentRecommendationActionActionContext + GoogleCloudApigeeV1TlsInfo: + id: GoogleCloudApigeeV1TlsInfo + description: TLS configuration information for virtual hosts and TargetServers. + properties: + keyStore: + description: >- + Required if `client_auth_enabled` is true. The resource ID of the + keystore. + type: string + keyAlias: + description: >- + Required if `client_auth_enabled` is true. The resource ID for the + alias containing the private key and cert. + type: string + enforce: + description: TLS is strictly enforced. + type: boolean + ignoreValidationErrors: + type: boolean + description: >- + If true, Edge ignores TLS certificate errors. Valid when configuring + TLS for target servers and target endpoints, and when configuring + virtual hosts that use 2-way TLS. When used with a target + endpoint/target server, if the backend system uses SNI and returns a + cert with a subject Distinguished Name (DN) that does not match the + hostname, there is no way to ignore the error and the connection + fails. + commonName: + description: The TLS Common Name of the certificate. + $ref: '#/components/schemas/GoogleCloudApigeeV1TlsInfoCommonName' + ciphers: items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Space' - nextPageToken: + type: string description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. + The SSL/TLS cipher suites to be used. For programmable proxies, it + must be one of the cipher suite names listed in: + http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#ciphersuites. + For configurable proxies, it must follow the configuration specified + in: + https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration. + This setting has no effect for configurable proxies when negotiating + TLS 1.3. + type: array + enabled: + type: boolean + description: >- + Required. Enables TLS. If false, neither one-way nor two-way TLS + will be enabled. + trustStore: + description: The resource ID of the truststore. type: string - GoogleCloudApigeeV1TraceConfigOverride: - id: GoogleCloudApigeeV1TraceConfigOverride - description: A representation of a configuration override. + protocols: + description: The TLS versioins to be used. + type: array + items: + type: string + clientAuthEnabled: + description: Optional. Enables two-way TLS. + type: boolean type: object + GoogleCloudApigeeV1MoveApiProxyRequest: properties: - name: - description: >- - ID of the trace configuration override specified as a - system-generated UUID. - type: string - apiProxy: + space: description: >- - ID of the API proxy that will have its trace configuration - overridden. + Optional. Resource ID of the space to move the proxy to. If + unspecified, the proxy will be moved to the organization level. type: string - samplingConfig: - description: Trace configuration to override. - $ref: '#/components/schemas/GoogleCloudApigeeV1TraceSamplingConfig' - GoogleCloudApigeeV1ListTraceConfigOverridesResponse: - id: GoogleCloudApigeeV1ListTraceConfigOverridesResponse - description: Response for ListTraceConfigOverrides. + description: Moves an API Proxy to a different Space. type: object + id: GoogleCloudApigeeV1MoveApiProxyRequest + GoogleCloudApigeeV1ListEnvironmentGroupsResponse: + id: GoogleCloudApigeeV1ListEnvironmentGroupsResponse properties: - traceConfigOverrides: - description: List all trace configuration overrides in an environment. + environmentGroups: + description: EnvironmentGroups in the specified organization. type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfigOverride' + $ref: '#/components/schemas/GoogleCloudApigeeV1EnvironmentGroup' nextPageToken: - description: >- - Token value that can be passed as `page_token` to retrieve the next - page of content. type: string - GoogleCloudApigeeV1Stats: - id: GoogleCloudApigeeV1Stats - description: Encapsulates a `stats` response. + description: >- + Page token that you can include in a ListEnvironmentGroups request + to retrieve the next page. If omitted, no subsequent pages exist. + type: object + description: Response for ListEnvironmentGroups. + GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestIncludeAll: + type: object + id: >- + GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestIncludeAll + description: Message for include_all_resources option. + properties: {} + GoogleCloudApigeeV1App: type: object properties: - environments: - description: List of query results on the environment level. + lastModifiedAt: + format: int64 + description: Output only. Last modified time as milliseconds since epoch. + type: string + readOnly: true + companyName: + description: Name of the company that owns the app. + type: string + scopes: + items: + type: string type: array + description: >- + Scopes to apply to the app. The specified scope names must already + exist on the API product that you associate with the app. + apiProducts: items: - $ref: '#/components/schemas/GoogleCloudApigeeV1StatsEnvironmentStats' - hosts: - description: List of query results grouped by host. + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProductRef' + description: List of API products associated with the app. type: array + keyExpiresIn: + description: >- + Duration, in milliseconds, of the consumer key that will be + generated for the app. The default value, -1, indicates an infinite + validity period. Once set, the expiration can't be updated. json + key: keyExpiresIn + type: string + format: int64 + credentials: items: - $ref: '#/components/schemas/GoogleCloudApigeeV1StatsHostStats' - metaData: - description: Metadata information. - $ref: '#/components/schemas/GoogleCloudApigeeV1Metadata' - GoogleCloudApigeeV1StatsEnvironmentStats: - id: GoogleCloudApigeeV1StatsEnvironmentStats - description: >- - Encapsulates the environment wrapper: ``` "environments": [ { "metrics": - [ { "name": "sum(message_count)", "values": [ "2.52056245E8" ] } ], - "name": "prod" } ]``` - type: object - properties: + $ref: '#/components/schemas/GoogleCloudApigeeV1Credential' + type: array + readOnly: true + description: >- + Output only. Set of credentials for the app. Credentials are API + key/secret pairs associated with API products. name: - description: Name of the environment. + description: Name of the app. type: string - metrics: - description: >- - In the final response, only one of the following fields will be - present based on the dimensions provided. If no dimensions are - provided, then only top-level metrics is provided. If dimensions are - included, then there will be a top-level dimensions field under - environments which will contain metrics values and the dimension - name. Example: ``` "environments": [ { "dimensions": [ { "metrics": - [ { "name": "sum(message_count)", "values": [ "2.14049521E8" ] } ], - "name": "nit_proxy" } ], "name": "prod" } ]``` or ```"environments": - [ { "metrics": [ { "name": "sum(message_count)", "values": [ - "2.19026331E8" ] } ], "name": "prod" } ]``` List of metric values. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Metric' - dimensions: - description: List of metrics grouped under dimensions. + attributes: type: array + description: List of attributes. items: - $ref: '#/components/schemas/GoogleCloudApigeeV1DimensionMetric' - GoogleCloudApigeeV1Metric: - id: GoogleCloudApigeeV1Metric - description: >- - Encapsulates the metric data point. For example: ```{ "name": - "sum(message_count)", "values" : [ { "timestamp": 1549004400000, - "value": "39.0" }, { "timestamp" : 1548997200000, "value" : "0.0" } ] - }``` or ```{ "name": "sum(message_count)", "values" : ["39.0"] }``` - type: object - properties: - name: - description: Metric name. + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + developerEmail: type: string - values: - description: >- - List of metric values. Possible value formats include: - `"values":["39.0"]` or `"values":[ { "value": "39.0", "timestamp": - 1232434354} ]` - type: array - items: - type: any - GoogleCloudApigeeV1DimensionMetric: - id: GoogleCloudApigeeV1DimensionMetric - description: Encapsulates a metric grouped by dimension. - type: object - properties: - name: + description: Email of the developer. + callbackUrl: description: >- - Comma joined dimension names. E.g. "dim1_name,dim2_name". - Deprecated. If name already has comma before join, we may get wrong - splits. Please use individual_names. - deprecated: true + Callback URL used by OAuth 2.0 authorization servers to communicate + authorization codes back to apps. type: string - individualNames: - description: Individual dimension names. E.g. ["dim1_name", "dim2_name"]. - type: array - items: - type: string - metrics: - description: List of metrics. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Metric' - GoogleCloudApigeeV1StatsHostStats: - id: GoogleCloudApigeeV1StatsHostStats - description: >- - Encapsulates the hostname wrapper: ``` "hosts": [ { "metrics": [ { - "name": "sum(message_count)", "values": [ "2.52056245E8" ] } ], "name": - "example.com" } ]``` + status: + description: Status of the credential. + type: string + createdAt: + type: string + format: int64 + description: Output only. Unix time when the app was created. + readOnly: true + developerId: + description: ID of the developer. + type: string + appGroup: + description: Name of the AppGroup + type: string + appId: + description: ID of the app. + type: string + id: GoogleCloudApigeeV1App + GoogleCloudApigeeV1KeyValueMap: + id: GoogleCloudApigeeV1KeyValueMap type: object properties: name: - description: Hostname used in query. + description: Required. ID of the key value map. type: string - metrics: + maskedValues: description: >- - In the final response, only one of the following fields will be - present based on the dimensions provided. If no dimensions are - provided, then only the top-level metrics are provided. If - dimensions are included, then there will be a top-level dimensions - field under hostnames which will contain metrics values and the - dimension name. Example: ``` "hosts": [ { "dimensions": [ { - "metrics": [ { "name": "sum(message_count)", "values": [ - "2.14049521E8" ] } ], "name": "nit_proxy" } ], "name": "example.com" - } ]``` OR ```"hosts": [ { "metrics": [ { "name": - "sum(message_count)", "values": [ "2.19026331E8" ] } ], "name": - "example.com" } ]``` List of metric values. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Metric' - dimensions: - description: List of metrics grouped under dimensions. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1DimensionMetric' - GoogleCloudApigeeV1Metadata: - id: GoogleCloudApigeeV1Metadata - description: Encapsulates additional information about query execution. - type: object - properties: - errors: - description: List of error messages as strings. - type: array - items: - type: string - notices: + Optional. Flag that specifies whether entry values will be masked + when returned. + type: boolean + encrypted: + type: boolean description: >- - List of additional information such as data source, if result was - truncated. For example: ``` "notices": [ "Source:Postgres", "PG - Host:uappg0rw.e2e.apigeeks.net", "query served - by:4b64601e-40de-4eb1-bfb9-eeee7ac929ed", "Table used: - edge.api.uapgroup2.agg_api" ]``` - type: array - items: - type: string - GoogleCloudApigeeV1OptimizedStats: - id: GoogleCloudApigeeV1OptimizedStats - description: Encapsulates a response format for JavaScript Optimized Scenario. + Required. Flag that specifies whether entry values will be + encrypted. This field is retained for backward compatibility and the + value of encrypted will always be `true`. Apigee X and hybrid do not + support unencrypted key value maps. + description: Collection of key/value string pairs. + GoogleCloudApigeeV1OperationMetadataProgress: + id: GoogleCloudApigeeV1OperationMetadataProgress type: object properties: - Response: - description: >- - Wraps the `stats` response for JavaScript Optimized Scenario with a - response key. For example: ```{ "Response": { "TimeUnit": [], - "metaData": { "errors": [], "notices": [ "Source:Postgres", "Table - used: edge.api.aaxgroup001.agg_api", "PG - Host:ruappg08-ro.production.apigeeks.net", "query served - by:80c4ebca-6a10-4a2e-8faf-c60c1ee306ca" ] }, "resultTruncated": - false, "stats": { "data": [ { "identifier": { "names": [ "apiproxy" - ], "values": [ "sirjee" ] }, "metric": [ { "env": "prod", "name": - "sum(message_count)", "values": [ 36.0 ] }, { "env": "prod", "name": - "sum(is_error)", "values": [ 36.0 ] } ] } ] } } }``` - $ref: '#/components/schemas/GoogleCloudApigeeV1OptimizedStatsResponse' - GoogleCloudApigeeV1OptimizedStatsResponse: - id: GoogleCloudApigeeV1OptimizedStatsResponse - description: Encapsulates a response format for JavaScript Optimized Scenario. + percentDone: + format: int32 + description: The percentage of the operation progress. + type: integer + state: + enumDescriptions: + - '' + - '' + - '' + - '' + type: string + enum: + - STATE_UNSPECIFIED + - NOT_STARTED + - IN_PROGRESS + - FINISHED + description: State of the operation. + description: + type: string + description: Description of the operation's progress. + details: + additionalProperties: + type: any + description: Properties of the object. + type: object + description: The additional details of the progress. + description: Information about operation progress. + GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendationRecommendationLink: + description: The format for a link in the recommendation. type: object properties: - TimeUnit: - description: >- - List of time unit values. Time unit refers to an epoch timestamp - value. - type: array - items: - type: string - format: int64 - metaData: - description: Metadata information about the query executed. - $ref: '#/components/schemas/GoogleCloudApigeeV1Metadata' - resultTruncated: - description: >- - Boolean flag that indicates whether the results were truncated based - on the limit parameter. - type: boolean - stats: - description: '`stats` results.' - $ref: '#/components/schemas/GoogleCloudApigeeV1OptimizedStatsNode' - GoogleCloudApigeeV1OptimizedStatsNode: - id: GoogleCloudApigeeV1OptimizedStatsNode + uri: + type: string + description: The link itself. + text: + description: 'The text of the url. (ie: "Learn more")' + type: string + id: >- + GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendationRecommendationLink + GoogleCloudApigeeV1ProfileConfigMediation: + properties: {} description: >- - Encapsulates a data node as represented below: ``` { "identifier": { - "names": [ "apiproxy" ], "values": [ "sirjee" ] }, "metric": [ { "env": - "prod", "name": "sum(message_count)", "values": [ 36.0 ] } ] }``` or ``` - { "env": "prod", "name": "sum(message_count)", "values": [ 36.0 ] }``` - Depending on whether a dimension is present in the query or not the data - node type can be a simple metric value or dimension identifier with list - of metrics. + By default, following policies will be included: - OASValidation - + SOAPMessageValidation + id: GoogleCloudApigeeV1ProfileConfigMediation type: object - properties: - data: - description: List of data values. - type: array - items: - type: any GoogleCloudApigeeV1Schema: - id: GoogleCloudApigeeV1Schema - description: Response for Schema call type: object + description: Response for Schema call + id: GoogleCloudApigeeV1Schema properties: dimensions: - description: List of schema fields grouped as dimensions. - type: array items: $ref: '#/components/schemas/GoogleCloudApigeeV1SchemaSchemaElement' + description: List of schema fields grouped as dimensions. + type: array metrics: + type: array description: >- List of schema fields grouped as dimensions that can be used with an aggregate function such as `sum`, `avg`, `min`, and `max`. - type: array items: $ref: '#/components/schemas/GoogleCloudApigeeV1SchemaSchemaElement' meta: @@ -4317,2229 +4403,2277 @@ components: type: array items: type: string - GoogleCloudApigeeV1SchemaSchemaElement: - id: GoogleCloudApigeeV1SchemaSchemaElement - description: Message type for the schema element - type: object - properties: - name: - description: Name of the field. - type: string - properties: - description: >- - Properties for the schema field. For example: { "createTime": - "2016-02-26T10:23:09.592Z", "custom": "false", "type": "string" } - $ref: '#/components/schemas/GoogleCloudApigeeV1SchemaSchemaProperty' - GoogleCloudApigeeV1SchemaSchemaProperty: - id: GoogleCloudApigeeV1SchemaSchemaProperty - description: Properties for the schema field. + GoogleCloudApigeeV1ProfileConfigThreat: + properties: {} + description: >- + By default, following policies will be included: - XMLThreatProtection - + JSONThreatProtection type: object + id: GoogleCloudApigeeV1ProfileConfigThreat + GoogleCloudApigeeV1DnsZone: properties: createTime: - description: >- - Time the field was created in RFC3339 string form. For example: - `2016-02-26T10:23:09.592Z`. - type: string - custom: - description: >- - Flag that specifies whether the field is standard in the dataset or - a custom field created by the customer. `true` indicates that it is - a custom field. type: string - type: - description: Data type of the field. - type: string - GoogleCloudApigeeV1ApiProduct: - id: GoogleCloudApigeeV1ApiProduct - type: object - properties: - name: - description: >- - Internal name of the API product. Characters you can use in the name - are restricted to: `A-Z0-9._\-$ %`. **Note:** The internal name - cannot be edited when updating the API product. + description: Output only. The time that this resource was created on the server. + format: google-datetime + readOnly: true + updateTime: + description: Output only. The time that this resource was updated on the server. type: string - displayName: - description: >- - Name displayed in the UI or developer portal to developers - registering for API access. + readOnly: true + format: google-datetime + peeringConfig: + description: DNS PEERING zone configuration. + $ref: '#/components/schemas/GoogleCloudApigeeV1DnsZonePeeringConfig' + state: type: string - approvalType: + readOnly: true description: >- - Flag that specifies how API keys are approved to access the APIs - defined by the API product. If set to `manual`, the consumer key is - generated and returned in "pending" state. In this case, the API - keys won't work until they have been explicitly approved. If set to - `auto`, the consumer key is generated and returned in "approved" - state and can be used immediately. **Note:** Typically, `auto` is - used to provide access to free or trial API products that provide - limited quota or capabilities. + Output only. State of the DNS Peering. Values other than `ACTIVE` + mean the resource is not ready to use. + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + - UPDATING + enumDescriptions: + - Resource is in an unspecified state. + - Resource is being created. + - Resource is provisioned and ready to use. + - The resource is being deleted. + - The resource is being updated. + description: type: string - attributes: description: >- - Array of attributes that may be used to extend the default API - product profile with customer-specific metadata. You can specify a - maximum of 18 attributes. Use this property to specify the access - level of the API product as either `public`, `private`, or - `internal`. Only products marked `public` are available to - developers in the Apigee developer portal. For example, you can set - a product to `internal` while it is in development and then change - access to `public` when it is ready to release on the portal. API - products marked as `private` do not appear on the portal, but can be - accessed by external developers. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' - description: + Required. Description of the resource. String of at most 1024 + characters associated with this resource for the user's convenience. + domain: description: >- - Description of the API product. Include key information about the - API product that is not captured by other fields. + Required. The domain name for hosts in this private zone, for + instance "example.com.". type: string - apiResources: + name: description: >- - Comma-separated list of API resources to be bundled in the API - product. By default, the resource paths are mapped from the - `proxy.pathsuffix` variable. The proxy path suffix is defined as the - URI fragment following the ProxyEndpoint base path. For example, if - the `apiResources` element is defined to be `/forecastrss` and the - base path defined for the API proxy is `/weather`, then only - requests to `/weather/forecastrss` are permitted by the API product. - You can select a specific path, or you can select all subpaths with - the following wildcard: - `/**`: Indicates that all sub-URIs are - included. - `/*` : Indicates that only URIs one level down are - included. By default, / supports the same resources as /** as well - as the base path defined by the API proxy. For example, if the base - path of the API proxy is `/v1/weatherapikey`, then the API product - supports requests to `/v1/weatherapikey` and to any sub-URIs, such - as `/v1/weatherapikey/forecastrss`, `/v1/weatherapikey/region/CA`, - and so on. For more information, see Managing API products. - type: array + Identifier. Unique name for the resource. Defined by the server + Format: "organizations/{organization}/dnsZones/{dns_zone}". + type: string + description: >- + A DNS zone is a resource under an Apigee organization that is used to + create a DNS peering with Apigee's network. DNS peering will let Apigee + instances resolve the hostnames created in a peered network. + id: GoogleCloudApigeeV1DnsZone + type: object + GoogleCloudApigeeV1Query: + properties: + metrics: items: - type: string - environments: - description: >- - Comma-separated list of environment names to which the API product - is bound. Requests to environments that are not listed are rejected. - By specifying one or more environments, you can bind the resources - listed in the API product to a specific environment, preventing - developers from accessing those resources through API proxies - deployed in another environment. This setting is used, for example, - to prevent resources associated with API proxies in `prod` from - being accessed by API proxies deployed in `test`. + $ref: '#/components/schemas/GoogleCloudApigeeV1QueryMetric' type: array + description: A list of Metrics. + envgroupHostname: + type: string + description: >- + Hostname needs to be specified if query intends to run at host + level. This field is only allowed when query is submitted by + CreateHostAsyncQuery where analytics data will be grouped by + organization and hostname. + dimensions: items: type: string - proxies: description: >- - Comma-separated list of API proxy names to which this API product is - bound. By specifying API proxies, you can associate resources in the - API product with specific API proxies, preventing developers from - accessing those resources through other API proxies. Apigee rejects - requests to API proxies that are not listed. **Note:** The API proxy - names must already exist in the specified environment as they will - be validated upon creation. + A list of dimensions. + https://docs.apigee.com/api-platform/analytics/analytics-reference#dimensions type: array - items: - type: string - quota: + limit: + type: integer + format: int32 + description: Maximum number of rows that can be returned in the result. + csvDelimiter: description: >- - Number of request messages permitted per app by this API product for - the specified `quotaInterval` and `quotaTimeUnit`. For example, a - `quota` of 50, for a `quotaInterval` of 12 and a `quotaTimeUnit` of - hours means 50 requests are allowed every 12 hours. + Delimiter used in the CSV file, if `outputFormat` is set to `csv`. + Defaults to the `,` (comma) character. Supported delimiter + characters include comma (`,`), pipe (`|`), and tab (`\t`). type: string - quotaInterval: + timeRange: + type: any description: >- - Time interval over which the number of request messages is - calculated. + Required. Time range for the query. Can use the following predefined + strings to specify the time range: `last60minutes` `last24hours` + `last7days` Or, specify the timeRange as a structure describing + start and end timestamps in the ISO format: yyyy-mm-ddThh:mm:ssZ. + Example: "timeRange": { "start": "2018-07-29T00:13:00Z", "end": + "2018-08-01T00:18:00Z" } + filter: type: string - quotaTimeUnit: description: >- - Time unit defined for the `quotaInterval`. Valid values include - `minute`, `hour`, `day`, or `month`. + Boolean expression that can be used to filter data. Filter + expressions can be combined using AND/OR terms and should be fully + parenthesized to avoid ambiguity. See Analytics metrics, dimensions, + and filters reference + https://docs.apigee.com/api-platform/analytics/analytics-reference + for more information on the fields available to filter on. For more + information on the tokens that you use to build filter expressions, + see Filter expression syntax. + https://docs.apigee.com/api-platform/analytics/asynch-reports-api#filter-expression-syntax + groupByTimeUnit: type: string - scopes: description: >- - Comma-separated list of OAuth scopes that are validated at runtime. - Apigee validates that the scopes in any access token presented match - the scopes defined in the OAuth policy associated with the API - product. - type: array - items: - type: string - createdAt: - description: >- - Response only. Creation time of this environment as milliseconds - since epoch. + Time unit used to group the result set. Valid values include: + second, minute, hour, day, week, or month. If a query includes + groupByTimeUnit, then the result is an aggregation based on the + specified time unit and the resultant timestamp does not include + milliseconds precision. If a query omits groupByTimeUnit, then the + resultant timestamp includes milliseconds precision. + reportDefinitionId: + description: Asynchronous Report ID. type: string - format: int64 - lastModifiedAt: - description: >- - Response only. Modified time of this environment as milliseconds - since epoch. + outputFormat: type: string - format: int64 - operationGroup: - description: >- - Configuration used to group Apigee proxies or remote services with - resources, method types, and quotas. The resource refers to the - resource URI (excluding the base path). With this grouping, the API - product creator is able to fine-tune and give precise control over - which REST methods have access to specific resources and how many - calls can be made (using the `quota` setting). **Note:** The - `api_resources` setting cannot be specified for both the API product - and operation group; otherwise the call will fail. - $ref: '#/components/schemas/GoogleCloudApigeeV1OperationGroup' - graphqlOperationGroup: - description: >- - Configuration used to group Apigee proxies or remote services with - graphQL operation name, graphQL operation type and quotas. This - grouping allows us to precisely set quota for a particular - combination of graphQL name and operation type for a particular - proxy request. If graphQL name is not set, this would imply quota - will be applied on all graphQL requests matching the operation type. - $ref: '#/components/schemas/GoogleCloudApigeeV1GraphQLOperationGroup' - grpcOperationGroup: description: >- - Optional. Configuration used to group Apigee proxies with gRPC - services and method names. This grouping allows us to set quota for - a particular proxy with the gRPC service name and method. If a - method name is not set, this implies quota and authorization are - applied to all gRPC methods implemented by that proxy for that - particular gRPC service. - $ref: '#/components/schemas/GoogleCloudApigeeV1GrpcOperationGroup' - quotaCounterScope: + Valid values include: `csv` or `json`. Defaults to `json`. Note: + Configure the delimiter for CSV output using the csvDelimiter + property. + name: + type: string + description: Asynchronous Query Name. + type: object + id: GoogleCloudApigeeV1Query + GoogleCloudApigeeV1DataCollectorConfig: + properties: + name: description: >- - Scope of the quota decides how the quota counter gets applied and - evaluate for quota violation. If the Scope is set as PROXY, then all - the operations defined for the APIproduct that are associated with - the same proxy will share the same quota counter set at the - APIproduct level, making it a global counter at a proxy level. If - the Scope is set as OPERATION, then each operations get the counter - set at the API product dedicated, making it a local counter. Note - that, the QuotaCounterScope applies only when an operation does not - have dedicated quota set for itself. + Name of the data collector in the following format: + `organizations/{org}/datacollectors/{datacollector}` type: string - enumDescriptions: - - >- - When quota is not explicitly defined for each - operation(REST/GraphQL), the limits set at product level will be - used as a local counter for quota evaluation by all the - operations, independent of proxy association. - - >- - When quota is not explicitly defined for each - operation(REST/GraphQL), set at product level will be used as a - global counter for quota evaluation by all the operations - associated with a particular proxy. - - >- - When quota is not explicitly defined for each - operation(REST/GraphQL), the limits set at product level will be - used as a local counter for quota evaluation by all the - operations, independent of proxy association. This behavior mimics - the same as QUOTA_COUNTER_SCOPE_UNSPECIFIED. + type: enum: - - QUOTA_COUNTER_SCOPE_UNSPECIFIED - - PROXY - - OPERATION - space: - description: >- - Optional. The resource ID of the parent Space. If not set, the - parent resource will be the Organization. To learn how Spaces can be - used to manage resources, read the [Apigee Spaces - Overview](https://cloud.google.com/apigee/docs/api-platform/system-administration/spaces/apigee-spaces-overview). + - TYPE_UNSPECIFIED + - INTEGER + - FLOAT + - STRING + - BOOLEAN + - DATETIME + enumDescriptions: + - For future compatibility. + - For integer values. + - For float values. + - For string values. + - For boolean values. + - For datetime values. type: string - GoogleCloudApigeeV1Attribute: - id: GoogleCloudApigeeV1Attribute - description: Key-value pair to store extra metadata. + description: Data type accepted by the data collector. type: object + id: GoogleCloudApigeeV1DataCollectorConfig + description: Data collector and its configuration. + GoogleCloudApigeeV1ListSecurityMonitoringConditionsResponse: properties: - name: - description: API key of the attribute. - type: string - value: - description: Value of the attribute. + securityMonitoringConditions: + description: List of security monitoring conditions in the organization. + items: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityMonitoringCondition + type: array + nextPageToken: type: string - GoogleCloudApigeeV1OperationGroup: - id: GoogleCloudApigeeV1OperationGroup - description: >- - List of operation configuration details associated with Apigee API - proxies or remote services. Remote services are non-Apigee proxies, such - as Istio-Envoy. + description: >- + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. + id: GoogleCloudApigeeV1ListSecurityMonitoringConditionsResponse type: object + description: Response for ListSecurityMonitoringConditions. + GoogleCloudApigeeV1DocumentationFile: properties: - operationConfigs: - description: >- - Required. List of operation configurations for either Apigee API - proxies or other remote services that are associated with this API - product. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1OperationConfig' - operationConfigType: + displayName: description: >- - Flag that specifes whether the configuration is for Apigee API proxy - or a remote service. Valid values include `proxy` or - `remoteservice`. Defaults to `proxy`. Set to `proxy` when Apigee API - proxies are associated with the API product. Set to `remoteservice` - when non-Apigee proxies like Istio-Envoy are associated with the API - product. + Required. A display name for the file, shown in the management UI. + Max length is 255 characters. type: string - GoogleCloudApigeeV1OperationConfig: - id: GoogleCloudApigeeV1OperationConfig - description: >- - Binds the resources in an API proxy or remote service with the allowed - REST methods and associated quota enforcement. + contents: + type: string + description: Required. The file contents. The max size is 4 MB. + format: byte + type: object + description: Documentation file contents for a catalog item. + id: GoogleCloudApigeeV1DocumentationFile + GoogleCloudApigeeV1ListAppGroupAppsResponse: + description: Response for ListAppGroupApps type: object properties: - apiSource: - description: >- - Required. Name of the API proxy or remote service with which the - resources, methods, and quota are associated. + nextPageToken: type: string - operations: description: >- - List of resource/method pairs for the API proxy or remote service to - which quota will applied. **Note**: Currently, you can specify only - a single resource/method pair. The call will fail if more than one - resource/method pair is provided. - type: array + Token that can be sent as `next_page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + appGroupApps: items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Operation' - quota: - description: >- - Quota parameters to be enforced for the resources, methods, and API - source combination. If none are specified, quota enforcement will - not be done. - $ref: '#/components/schemas/GoogleCloudApigeeV1Quota' - attributes: - description: Custom attributes associated with the operation. + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupApp' + type: array + description: List of AppGroup apps and their credentials. + id: GoogleCloudApigeeV1ListAppGroupAppsResponse + GoogleCloudApigeeV1DeveloperBalance: + properties: + wallets: type: array + description: >- + Output only. List of all wallets. Each individual wallet stores the + account balance for a particular currency. items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' - GoogleCloudApigeeV1Operation: - id: GoogleCloudApigeeV1Operation - description: >- - Represents the pairing of REST resource path and the actions (verbs) - allowed on the resource path. + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperBalanceWallet' + readOnly: true type: object + id: GoogleCloudApigeeV1DeveloperBalance + description: Account balance for the developer. + GoogleCloudApigeeV1DeploymentConfig: properties: - resource: + endpoints: + additionalProperties: + type: string + type: object description: >- - Required. REST resource path associated with the API proxy or remote - service. + A mapping from basepaths to proxy endpoint names in this proxy. Not + populated for shared flows. + proxyUid: + type: string + description: Unique ID of the API proxy revision. + name: type: string - methods: description: >- - methods refers to the REST verbs as in - https://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html. When none - specified, all verb types are allowed. + Name of the API or shared flow revision to be deployed in the + following format: `organizations/{org}/apis/{api}/revisions/{rev}` + or `organizations/{org}/sharedflows/{sharedflow}/revisions/{rev}` + attributes: + type: object + additionalProperties: + type: string + description: Additional key-value metadata for the deployment. + serviceAccount: + type: string + description: >- + The service account identity associated with this deployment. If + non-empty, will be in the following format: + `projects/-/serviceAccounts/{account_email}` + deploymentGroups: + description: >- + The list of deployment groups in which this proxy should be + deployed. Not currently populated for shared flows. type: array items: type: string - GoogleCloudApigeeV1Quota: - id: GoogleCloudApigeeV1Quota - description: >- - Quota contains the essential parameters needed that can be applied on - the resources, methods, API source combination associated with this API - product. While Quota is optional, setting it prevents requests from - exceeding the provisioned parameters. - type: object - properties: - limit: - description: >- - Required. Upper limit allowed for the time interval and time unit - specified. Requests exceeding this limit will be rejected. + location: + description: Location of the API proxy bundle as a URI. type: string - interval: - description: >- - Required. Time interval over which the number of request messages is - calculated. + basePath: + description: Base path where the application will be hosted. Defaults to "/". type: string - timeUnit: + uid: description: >- - Time unit defined for the `interval`. Valid values include `minute`, - `hour`, `day`, or `month`. If `limit` and `interval` are valid, the - default value is `hour`; otherwise, the default is null. + Unique ID. The ID will only change if the deployment is deleted and + recreated. type: string - GoogleCloudApigeeV1GraphQLOperationGroup: - id: GoogleCloudApigeeV1GraphQLOperationGroup - description: >- - List of graphQL operation configuration details associated with Apigee - API proxies or remote services. Remote services are non-Apigee proxies, - such as Istio-Envoy. type: object + id: GoogleCloudApigeeV1DeploymentConfig + description: 'NEXT ID: 11' + GoogleCloudApigeeV1Stats: + type: object + id: GoogleCloudApigeeV1Stats + description: Encapsulates a `stats` response. properties: - operationConfigs: - description: >- - Required. List of operation configurations for either Apigee API - proxies or other remote services that are associated with this API - product. + environments: + description: List of query results on the environment level. type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1GraphQLOperationConfig' - operationConfigType: - description: >- - Flag that specifies whether the configuration is for Apigee API - proxy or a remote service. Valid values include `proxy` or - `remoteservice`. Defaults to `proxy`. Set to `proxy` when Apigee API - proxies are associated with the API product. Set to `remoteservice` - when non-Apigee proxies like Istio-Envoy are associated with the API - product. - type: string - GoogleCloudApigeeV1GraphQLOperationConfig: - id: GoogleCloudApigeeV1GraphQLOperationConfig - description: >- - Binds the resources in a proxy or remote service with the GraphQL - operation and its associated quota enforcement. + $ref: '#/components/schemas/GoogleCloudApigeeV1StatsEnvironmentStats' + hosts: + description: List of query results grouped by host. + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1StatsHostStats' + metaData: + $ref: '#/components/schemas/GoogleCloudApigeeV1Metadata' + description: Metadata information. + GoogleCloudApigeeV1DebugSession: + id: GoogleCloudApigeeV1DebugSession type: object properties: - apiSource: + timeout: + type: string description: >- - Required. Name of the API proxy endpoint or remote service with - which the GraphQL operation and quota are associated. + Optional. The time in seconds after which this DebugSession should + end. This value will override the value in query param, if both are + provided. + format: int64 + validity: + format: int32 + type: integer + description: >- + Optional. The length of time, in seconds, that this debug session is + valid, starting from when it's received in the control plane. Min = + 1, Max = 15, Default = 10. + name: type: string - operations: + description: A unique ID for this DebugSession. + tracesize: description: >- - Required. List of GraphQL name/operation type pairs for the proxy or - remote service to which quota will be applied. If only operation - types are specified, the quota will be applied to all GraphQL - requests irrespective of the GraphQL name. **Note**: Currently, you - can specify only a single GraphQLOperation. Specifying more than one - will cause the operation to fail. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1GraphQLOperation' - quota: + Optional. The maximum number of bytes captured from the response + payload. Min = 0, Max = 5120, Default = 5120. + type: integer + format: int32 + createTime: + type: string description: >- - Quota parameters to be enforced for the resources, methods, and API - source combination. If none are specified, quota enforcement will - not be done. - $ref: '#/components/schemas/GoogleCloudApigeeV1Quota' - attributes: - description: Custom attributes associated with the operation. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' - GoogleCloudApigeeV1GraphQLOperation: - id: GoogleCloudApigeeV1GraphQLOperation - description: >- - Represents the pairing of GraphQL operation types and the GraphQL - operation name. - type: object - properties: - operationTypes: + Output only. The first transaction creation timestamp, recorded by + UAP. + format: google-datetime + readOnly: true + count: description: >- - Required. GraphQL operation types. Valid values include `query` or - `mutation`. **Note**: Apigee does not currently support - `subscription` types. - type: array - items: - type: string - operation: + Optional. The number of request to be traced. Min = 1, Max = 15, + Default = 10. + type: integer + format: int32 + filter: description: >- - GraphQL operation name. The name and operation type will be used to - apply quotas. If no name is specified, the quota will be applied to - all GraphQL operations irrespective of their operation names in the - payload. + Optional. A conditional statement which is evaluated against the + request message to determine if it should be traced. Syntax matches + that of on API Proxy bundle flow Condition. type: string - GoogleCloudApigeeV1GrpcOperationGroup: - id: GoogleCloudApigeeV1GrpcOperationGroup - description: >- - List of gRPC operation configuration details associated with Apigee API - proxies. - type: object - properties: - operationConfigs: - description: >- - Required. List of operation configurations for either Apigee API - proxies that are associated with this API product. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1GrpcOperationConfig' - GoogleCloudApigeeV1GrpcOperationConfig: - id: GoogleCloudApigeeV1GrpcOperationConfig - description: >- - Binds the resources in a proxy or remote service with the gRPC operation - and its associated quota enforcement. - type: object + GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestApiHubApiArray: + description: Message for the array of API Hub APIs. properties: - apiSource: - description: >- - Required. Name of the API proxy with which the gRPC operation and - quota are associated. - type: string - methods: + apis: description: >- - List of unqualified gRPC method names for the proxy to which quota - will be applied. If this field is empty, the Quota will apply to all - operations on the gRPC service defined on the proxy. Example: Given - a proxy that is configured to serve com.petstore.PetService, the - methods com.petstore.PetService.ListPets and - com.petstore.PetService.GetPet would be specified here as simply - ["ListPets", "GetPet"]. - type: array + Required. The array of API Hub API IDs. Format: + `projects/{project}/locations/{location}/apis/{api}` items: type: string - quota: - description: >- - Quota parameters to be enforced for the methods and API source - combination. If none are specified, quota enforcement will not be - done. - $ref: '#/components/schemas/GoogleCloudApigeeV1Quota' - attributes: - description: Custom attributes associated with the operation. type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' - service: - description: >- - Required. gRPC Service name associated to be associated with the API - proxy, on which quota rules can be applied upon. - type: string - GoogleCloudApigeeV1MoveApiProductRequest: - id: GoogleCloudApigeeV1MoveApiProductRequest - description: Moves API product to a different space. + type: object + id: >- + GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestApiHubApiArray + GoogleCloudApigeeV1Organization: type: object properties: - space: + authorizedNetwork: description: >- - Optional. Resource ID of the space to move the API product to. If - unspecified, the API product will be moved to the organization - level. + Optional. Compute Engine network used for Service Networking to be + peered with Apigee runtime instances. See [Getting started with the + Service Networking + API](https://cloud.google.com/service-infrastructure/docs/service-networking/getting-started). + Valid only when [RuntimeType](#RuntimeType) is set to `CLOUD`. The + value must be set before the creation of a runtime instance and can + be updated only when there are no runtime instances. For example: + `default`. When changing authorizedNetwork, you must reconfigure VPC + peering. After VPC peering with previous network is deleted, [run + the following + command](https://cloud.google.com/sdk/gcloud/reference/services/vpc-peerings/delete): + `gcloud services vpc-peerings delete --network=NETWORK`, where + `NETWORK` is the name of the previous network. This will delete the + previous Service Networking. Otherwise, you will get the following + error: `The resource 'projects/...-tp' is already linked to another + shared VPC host 'projects/...-tp`. Apigee also supports shared VPC + (that is, the host network project is not the same as the one that + is peering with Apigee). See [Shared VPC + overview](https://cloud.google.com/vpc/docs/shared-vpc). To use a + shared VPC network, use the following format: + `projects/{host-project-id}/{region}/networks/{network-name}`. For + example: `projects/my-sharedvpc-host/global/networks/mynetwork` + **Note:** Not supported for Apigee hybrid. type: string - GoogleCloudApigeeV1ListApiProductsResponse: - id: GoogleCloudApigeeV1ListApiProductsResponse - type: object - properties: - apiProduct: - description: Lists all API product names defined for an organization. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProduct' - GoogleCloudApigeeV1Attributes: - id: GoogleCloudApigeeV1Attributes - type: object - properties: - attribute: - description: List of attributes. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' - GoogleCloudApigeeV1App: - id: GoogleCloudApigeeV1App - type: object - properties: - appId: - description: ID of the app. + runtimeDatabaseEncryptionKeyName: type: string - attributes: - description: List of attributes. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' - callbackUrl: description: >- - Callback URL used by OAuth 2.0 authorization servers to communicate - authorization codes back to apps. - type: string - createdAt: - description: Output only. Unix time when the app was created. - readOnly: true + Optional. Cloud KMS key name used for encrypting the data that is + stored and replicated across runtime instances. Update is not + allowed after the organization is created. If not specified or + [RuntimeType](#RuntimeType) is `TRIAL`, a Google-Managed encryption + key will be used. For example: + "projects/foo/locations/us/keyRings/bar/cryptoKeys/baz". **Note:** + Not supported for Apigee hybrid. + portalDisabled: + description: Optional. Configuration for the Portals settings. + type: boolean + controlPlaneEncryptionKeyName: + description: >- + Optional. Cloud KMS key name used for encrypting control plane data + that is stored in a multi region. Only used for the data residency + region "US" or "EU". If not specified or [BillingType](#BillingType) + is `EVALUATION`, a Google-Managed encryption key will be used. + Format: `projects/*/locations/*/keyRings/*/cryptoKeys/*` type: string - format: int64 - credentials: + subscriptionType: + deprecated: true + enumDescriptions: + - Subscription type not specified. + - Full subscription to Apigee has been purchased. + - >- + Subscription to Apigee is free, limited, and used for evaluation + purposes only. + enum: + - SUBSCRIPTION_TYPE_UNSPECIFIED + - PAID + - TRIAL description: >- - Output only. Set of credentials for the app. Credentials are API - key/secret pairs associated with API products. + Output only. DEPRECATED: This will eventually be replaced by + BillingType. Subscription type of the Apigee organization. Valid + values include trial (free, limited, and for evaluation purposes + only) or paid (full subscription has been purchased). See [Apigee + pricing](https://cloud.google.com/apigee/pricing/). readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Credential' - companyName: - description: Name of the company that owns the app. type: string - developerId: - description: ID of the developer. + displayName: + description: >- + Optional. Display name for the Apigee organization. Unused, but + reserved for future use. type: string - lastModifiedAt: - description: Output only. Last modified time as milliseconds since epoch. + addonsConfig: + $ref: '#/components/schemas/GoogleCloudApigeeV1AddonsConfig' + description: Optional. Addon configurations of the Apigee organization. + caCertificate: readOnly: true + format: byte type: string - format: int64 - name: - description: Name of the app. - type: string - scopes: description: >- - Scopes to apply to the app. The specified scope names must already - exist on the API product that you associate with the app. + Output only. Base64-encoded public certificate for the root CA of + the Apigee organization. Valid only when [RuntimeType](#RuntimeType) + is `CLOUD`. + state: + type: string + readOnly: true + enumDescriptions: + - Resource is in an unspecified state. + - Resource is being created. + - Resource is provisioned and ready to use. + - The resource is being deleted. + - The resource is being updated. + description: >- + Output only. State of the organization. Values other than ACTIVE + means the resource is not ready to use. + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + - UPDATING + type: + enum: + - TYPE_UNSPECIFIED + - TYPE_TRIAL + - TYPE_PAID + - TYPE_INTERNAL + description: Not used by Apigee. + type: string + enumDescriptions: + - Subscription type not specified. + - >- + Subscription to Apigee is free, limited, and used for evaluation + purposes only. + - >- + Full subscription to Apigee has been purchased. See [Apigee + pricing](https://cloud.google.com/apigee/pricing/). + - For internal users only. + networkEgressRestricted: + description: >- + Optional. Flag that specifies if internet egress is restricted for + VPC Service Controls. Valid only when runtime_type is `CLOUD` and + disable_vpc_peering is `true`. + type: boolean + attributes: + description: Not used by Apigee. type: array items: type: string - status: - description: Status of the credential. + lastModifiedAt: type: string - apiProducts: - description: List of API products associated with the app. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProductRef' - keyExpiresIn: + format: int64 description: >- - Duration, in milliseconds, of the consumer key that will be - generated for the app. The default value, -1, indicates an infinite - validity period. Once set, the expiration can't be updated. json - key: keyExpiresIn + Output only. Time that the Apigee organization was last modified in + milliseconds since epoch. + readOnly: true + apigeeProjectId: + readOnly: true + description: >- + Output only. Apigee Project ID associated with the organization. Use + this project to allowlist Apigee in the Service Attachment when + using private service connect with Apigee. type: string - format: int64 - developerEmail: - description: Email of the developer. + apiConsumerDataEncryptionKeyName: + description: >- + Optional. Cloud KMS key name used for encrypting API consumer data. + If not specified or [BillingType](#BillingType) is `EVALUATION`, a + Google-Managed encryption key will be used. Format: + `projects/*/locations/*/keyRings/*/cryptoKeys/*` type: string - appGroup: - description: Name of the AppGroup + billingType: + enumDescriptions: + - Billing type not specified. + - A pre-paid subscription to Apigee. + - Free and limited access to Apigee for evaluation purposes only. + - Access to Apigee using a Pay-As-You-Go plan. + description: >- + Optional. Billing type of the Apigee organization. See [Apigee + pricing](https://cloud.google.com/apigee/pricing). + enum: + - BILLING_TYPE_UNSPECIFIED + - SUBSCRIPTION + - EVALUATION + - PAYG type: string - GoogleCloudApigeeV1Credential: - id: GoogleCloudApigeeV1Credential - type: object - properties: - apiProducts: - description: List of API products this credential can be used for. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProductRef' - attributes: - description: List of attributes associated with this credential. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' - consumerKey: - description: Consumer key. + subscriptionPlan: + readOnly: true + description: >- + Output only. Subscription plan that the customer has purchased. + Output only. + enum: + - SUBSCRIPTION_PLAN_UNSPECIFIED + - SUBSCRIPTION_2021 + - SUBSCRIPTION_2024 type: string - consumerSecret: - description: Secret key. + enumDescriptions: + - Subscription plan not specified. + - Traditional subscription plan. + - >- + New subscription plan that provides standard proxy and scaled + proxy implementation. + properties: + description: Optional. Properties defined in the Apigee organization profile. + $ref: '#/components/schemas/GoogleCloudApigeeV1Properties' + disableVpcPeering: + type: boolean + description: >- + Optional. Flag that specifies whether the VPC Peering through + Private Google Access should be disabled between the consumer + network and Apigee. Valid only when RuntimeType is set to CLOUD. + Required if an authorizedNetwork on the consumer project is not + provided, in which case the flag should be set to true. The value + must be set before the creation of any Apigee runtime instance and + can be updated only when there are no runtime instances. **Note:** + Apigee will be deprecating the vpc peering model that requires you + to provide 'authorizedNetwork', by making the non-peering model as + the default way of provisioning Apigee organization in future. So, + this will be a temporary flag to enable the transition. Not + supported for Apigee hybrid. + apiConsumerDataLocation: + description: >- + Optional. This field is needed only for customers using non-default + data residency regions. Apigee stores some control plane data only + in single region. This field determines which single region Apigee + should use. For example: "us-west1" when control plane is in US or + "europe-west2" when control plane is in EU. type: string - expiresAt: - description: Time the credential will expire in milliseconds since epoch. + runtimeType: + enumDescriptions: + - Runtime type not specified. + - Google-managed Apigee runtime. + - User-managed Apigee hybrid runtime. type: string - format: int64 - issuedAt: - description: Time the credential was issued in milliseconds since epoch. + enum: + - RUNTIME_TYPE_UNSPECIFIED + - CLOUD + - HYBRID + description: >- + Required. Runtime type of the Apigee organization based on the + Apigee subscription purchased. + createdAt: + readOnly: true type: string format: int64 - scopes: description: >- - List of scopes to apply to the app. Specified scopes must already - exist on the API product that you associate with the app. - type: array + Output only. Time that the Apigee organization was created in + milliseconds since epoch. + customerName: + type: string + description: Not used by Apigee. + environments: items: type: string - status: + readOnly: true + type: array + description: Output only. List of environments in the Apigee organization. + name: + readOnly: true + description: Output only. Name of the Apigee organization. + type: string + description: + type: string + description: Optional. Description of the Apigee organization. + projectId: + description: Output only. Project ID associated with the Apigee organization. + type: string + readOnly: true + analyticsRegion: + deprecated: true description: >- - Status of the credential. Valid values include `approved` or - `revoked`. + Required. DEPRECATED: This field will eventually be deprecated and + replaced with a differently-named field. Primary Google Cloud region + for analytics data storage. For valid values, see [Create an Apigee + organization](https://cloud.google.com/apigee/docs/api-platform/get-started/create-org). + type: string + expiresAt: + readOnly: true + type: string + format: int64 + description: >- + Output only. Time that the Apigee organization is scheduled for + deletion. + id: GoogleCloudApigeeV1Organization + GoogleCloudApigeeV1EnvironmentConfigClientIPResolutionConfigHeaderIndexAlgorithm: + description: Resolves the client ip based on a custom header. + id: >- + GoogleCloudApigeeV1EnvironmentConfigClientIPResolutionConfigHeaderIndexAlgorithm + properties: + ipHeaderIndex: + description: >- + The index of the ip in the header. (By default, value is 0 if + missing) + type: integer + format: int32 + ipHeaderName: + description: The name of the header to extract the client ip from. type: string - GoogleCloudApigeeV1ApiProductRef: - id: GoogleCloudApigeeV1ApiProductRef type: object + GoogleCloudApigeeV1ListApiCategoriesResponse: properties: - apiproduct: - description: Name of the API product. + requestId: type: string + description: Unique ID of the request. status: - description: Status of the API product. Valid values are `approved` or `revoked`. type: string - GoogleCloudApigeeV1ListAppsResponse: - id: GoogleCloudApigeeV1ListAppsResponse - type: object - properties: - app: + description: Status of the operation. + errorCode: + type: string + description: Unique error code for the request, if any. + data: + description: The API category resources. type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1App' - nextPageToken: - description: >- - Token that can be sent as `next_page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiCategory' + message: + description: Description of the operation. type: string - totalSize: - description: Total count of Apps. - type: integer + type: object + description: 'The response for `ListApiCategoriesRequest`. Next ID: 6' + id: GoogleCloudApigeeV1ListApiCategoriesResponse + GoogleCloudApigeeV1EnvironmentGroupConfig: + type: object + properties: + location: + description: >- + When this message appears in the top-level IngressConfig, this field + will be populated in lieu of the inlined routing_rules and hostnames + fields. Some URL for downloading the full EnvironmentGroupConfig for + this group. + type: string + uid: + description: >- + A unique id for the environment group config that will only change + if the environment group is deleted and recreated. + type: string + name: + type: string + description: >- + Name of the environment group in the following format: + `organizations/{org}/envgroups/{envgroup}`. + revisionId: + description: >- + Revision id that defines the ordering of the EnvironmentGroupConfig + resource. The higher the revision, the more recently the + configuration was deployed. + format: int64 + type: string + routingRules: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1RoutingRule' + description: >- + Ordered list of routing rules defining how traffic to this + environment group's hostnames should be routed to different + environments. + type: array + hostnames: + type: array + items: + type: string + description: Host names for the environment group. + endpointChainingRules: + description: A list of proxies in each deployment group for proxy chaining calls. + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1EndpointChainingRule' + id: GoogleCloudApigeeV1EnvironmentGroupConfig + description: >- + EnvironmentGroupConfig is a revisioned snapshot of an EnvironmentGroup + and its associated routing rules. + GoogleCloudApigeeV1ListAppsResponse: + properties: + app: + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1App' + nextPageToken: + description: >- + Token that can be sent as `next_page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + totalSize: format: int32 - GoogleCloudApigeeV1Query: - id: GoogleCloudApigeeV1Query + type: integer + description: Total count of Apps. type: object + id: GoogleCloudApigeeV1ListAppsResponse + GoogleCloudApigeeV1GetSyncAuthorizationRequest: + type: object + id: GoogleCloudApigeeV1GetSyncAuthorizationRequest + description: Request for GetSyncAuthorization. + properties: {} + GoogleCloudApigeeV1OptimizedStatsNode: + description: >- + Encapsulates a data node as represented below: ``` { "identifier": { + "names": [ "apiproxy" ], "values": [ "sirjee" ] }, "metric": [ { "env": + "prod", "name": "sum(message_count)", "values": [ 36.0 ] } ] }``` or ``` + { "env": "prod", "name": "sum(message_count)", "values": [ 36.0 ] }``` + Depending on whether a dimension is present in the query or not the data + node type can be a simple metric value or dimension identifier with list + of metrics. properties: - metrics: - description: A list of Metrics. + data: + description: List of data values. type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1QueryMetric' - dimensions: + type: any + id: GoogleCloudApigeeV1OptimizedStatsNode + type: object + GoogleCloudApigeeV1TraceConfig: + type: object + properties: + endpoint: + type: string + description: Required. Endpoint of the exporter. + exporter: + enum: + - EXPORTER_UNSPECIFIED + - JAEGER + - CLOUD_TRACE + type: string + enumDescriptions: + - Exporter unspecified + - Jaeger exporter + - Cloudtrace exporter description: >- - A list of dimensions. - https://docs.apigee.com/api-platform/analytics/analytics-reference#dimensions + Required. Exporter that is used to view the distributed trace + captured using OpenCensus. An exporter sends traces to any backend + that is capable of consuming them. Recorded spans can be exported by + registered exporters. + samplingConfig: + $ref: '#/components/schemas/GoogleCloudApigeeV1TraceSamplingConfig' + description: >- + Distributed trace configuration for all API proxies in an + environment. You can also override the configuration for a specific + API proxy using the distributed trace configuration overrides API. + id: GoogleCloudApigeeV1TraceConfig + description: >- + TraceConfig defines the configurations in an environment of distributed + trace. + GoogleCloudApigeeV1IntegrationConfig: + description: Configuration for the Integration add-on. + type: object + properties: + enabled: + type: boolean + description: Flag that specifies whether the Integration add-on is enabled. + id: GoogleCloudApigeeV1IntegrationConfig + GoogleCloudApigeeV1ListApiDebugSessionsResponse: + id: GoogleCloudApigeeV1ListApiDebugSessionsResponse + properties: + sessions: type: array items: - type: string - timeRange: + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDebugSession' description: >- - Required. Time range for the query. Can use the following predefined - strings to specify the time range: `last60minutes` `last24hours` - `last7days` Or, specify the timeRange as a structure describing - start and end timestamps in the ISO format: yyyy-mm-ddThh:mm:ssZ. - Example: "timeRange": { "start": "2018-07-29T00:13:00Z", "end": - "2018-08-01T00:18:00Z" } - type: any - filter: + Session info that includes debug session ID, environment ID, api + proxy revision ID and the first transaction creation timestamp. + nextPageToken: description: >- - Boolean expression that can be used to filter data. Filter - expressions can be combined using AND/OR terms and should be fully - parenthesized to avoid ambiguity. See Analytics metrics, dimensions, - and filters reference - https://docs.apigee.com/api-platform/analytics/analytics-reference - for more information on the fields available to filter on. For more - information on the tokens that you use to build filter expressions, - see Filter expression syntax. - https://docs.apigee.com/api-platform/analytics/asynch-reports-api#filter-expression-syntax + Page token that you can include in a ListApiDebugSessionsRequest to + retrieve the next page. If omitted, no subsequent pages exist. type: string - groupByTimeUnit: - description: >- - Time unit used to group the result set. Valid values include: - second, minute, hour, day, week, or month. If a query includes - groupByTimeUnit, then the result is an aggregation based on the - specified time unit and the resultant timestamp does not include - milliseconds precision. If a query omits groupByTimeUnit, then the - resultant timestamp includes milliseconds precision. + description: Response for ListApiDebugSessions. + type: object + GoogleCloudApigeeV1ArchiveDeployment: + id: GoogleCloudApigeeV1ArchiveDeployment + properties: + createdAt: type: string - limit: - description: Maximum number of rows that can be returned in the result. - type: integer - format: int32 - outputFormat: description: >- - Valid values include: `csv` or `json`. Defaults to `json`. Note: - Configure the delimiter for CSV output using the csvDelimiter - property. + Output only. The time at which the Archive Deployment was created in + milliseconds since the epoch. + format: int64 + readOnly: true + updatedAt: + readOnly: true + format: int64 type: string - csvDelimiter: description: >- - Delimiter used in the CSV file, if `outputFormat` is set to `csv`. - Defaults to the `,` (comma) character. Supported delimiter - characters include comma (`,`), pipe (`|`), and tab (`\t`). - type: string - envgroupHostname: + Output only. The time at which the Archive Deployment was updated in + milliseconds since the epoch. + gcsUri: description: >- - Hostname needs to be specified if query intends to run at host - level. This field is only allowed when query is submitted by - CreateHostAsyncQuery where analytics data will be grouped by - organization and hostname. + Input only. The Google Cloud Storage signed URL returned from + GenerateUploadUrl and used to upload the Archive zip file. type: string - reportDefinitionId: - description: Asynchronous Report ID. + labels: + type: object + description: >- + User-supplied key-value pairs used to organize ArchiveDeployments. + Label keys must be between 1 and 63 characters long, have a UTF-8 + encoding of maximum 128 bytes, and must conform to the following + PCRE regular expression: \p{Ll}\p{Lo}{0,62} Label values must be + between 1 and 63 characters long, have a UTF-8 encoding of maximum + 128 bytes, and must conform to the following PCRE regular + expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can + be associated with a given store. + additionalProperties: + type: string + operation: type: string + description: >- + Output only. A reference to the LRO that created this Archive + Deployment in the following format: + `organizations/{org}/operations/{id}` + readOnly: true name: - description: Asynchronous Query Name. + description: >- + Name of the Archive Deployment in the following format: + `organizations/{org}/environments/{env}/archiveDeployments/{id}`. type: string - GoogleCloudApigeeV1QueryMetric: - id: GoogleCloudApigeeV1QueryMetric - description: >- - More info about Metric: - https://docs.apigee.com/api-platform/analytics/analytics-reference#metrics + description: Archive Deployment information. type: object + GoogleCloudApigeeV1CustomReport: + id: GoogleCloudApigeeV1CustomReport properties: - name: - description: Required. Metric name. + filter: + description: This field contains the filter expression type: string - function: - description: 'Aggregation function: avg, min, max, or sum.' + toTime: type: string - alias: + description: 'Legacy field: not used. Contains the end time for the report' + lastModifiedAt: description: >- - Alias for the metric. Alias will be used to replace metric name in - query results. - type: string - operator: - description: One of `+`, `-`, `/`, `%`, `*`. - type: string - value: - description: Operand value should be provided when operator is set. - type: string - GoogleCloudApigeeV1AsyncQuery: - id: GoogleCloudApigeeV1AsyncQuery - type: object - properties: - self: - description: >- - Self link of the query. Example: - `/organizations/myorg/environments/myenv/queries/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd` - or following format if query is running at host level: - `/organizations/myorg/hostQueries/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd` - type: string - state: - description: Query state could be "enqueued", "running", "completed", "failed". - type: string - created: - description: Creation time of the query. - type: string - updated: - description: Last updated timestamp for the query. - type: string - result: - description: Result is available only after the query is completed. - $ref: '#/components/schemas/GoogleCloudApigeeV1AsyncQueryResult' - resultRows: - description: ResultRows is available only after the query is completed. + Output only. Modified time of this entity as milliseconds since + epoch. json key: lastModifiedAt type: string + readOnly: true format: int64 - resultFileSize: - description: ResultFileSize is available only after the query is completed. - type: string - executionTime: - description: ExecutionTime is available only after the query is completed. - type: string - error: - description: Error is set when query fails. - type: string - queryParams: - description: >- - Contains information like metrics, dimenstions etc of the - AsyncQuery. - $ref: '#/components/schemas/GoogleCloudApigeeV1QueryMetadata' - reportDefinitionId: - description: Asynchronous Report ID. - type: string name: - description: Asynchronous Query Name. - type: string - envgroupHostname: - description: Hostname is available only when query is executed at host level. - type: string - GoogleCloudApigeeV1AsyncQueryResult: - id: GoogleCloudApigeeV1AsyncQueryResult - type: object - properties: - self: description: >- - Self link of the query results. Example: - `/organizations/myorg/environments/myenv/queries/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd/result` - or following format if query is running at host level: - `/organizations/myorg/hostQueries/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd/result` - type: string - expires: - description: Query result will be unaccessable after this time. + Required. Unique identifier for the report T his is a legacy field + used to encode custom report unique id type: string - GoogleCloudApigeeV1QueryMetadata: - id: GoogleCloudApigeeV1QueryMetadata - type: object - properties: + properties: + type: array + description: This field contains report properties such as ui metadata etc. + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1ReportProperty' metrics: - description: >- - Metrics of the AsyncQuery. Example: - ["name:message_count,func:sum,alias:sum_message_count"] + description: Required. This contains the list of metrics type: array items: - type: string - dimensions: - description: Dimensions of the AsyncQuery. + $ref: '#/components/schemas/GoogleCloudApigeeV1CustomReportMetric' + topk: + type: string + description: >- + Legacy field: not used. This field contains the top k parameter + value for restricting the result + comments: type: array + description: >- + Legacy field: not used. This field contains a list of comments + associated with custom report items: type: string - startTimestamp: - description: Start timestamp of the query range. - type: string - endTimestamp: - description: End timestamp of the query range. - type: string - outputFormat: - description: Output format. + limit: + description: >- + Legacy field: not used This field contains the limit for the result + retrieved type: string - timeUnit: - description: Query GroupBy time unit. + displayName: type: string - GoogleCloudApigeeV1GetAsyncQueryResultUrlResponse: - id: GoogleCloudApigeeV1GetAsyncQueryResultUrlResponse - description: The response for GetAsyncQueryResultUrl - type: object - properties: - urls: - description: The list of Signed URLs generated by the CreateAsyncQuery request + description: This is the display name for the report + sortByCols: + description: 'Legacy field: not used much. Contains the list of sort by columns' type: array items: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1GetAsyncQueryResultUrlResponseURLInfo - GoogleCloudApigeeV1GetAsyncQueryResultUrlResponseURLInfo: - id: GoogleCloudApigeeV1GetAsyncQueryResultUrlResponseURLInfo - description: A Signed URL and the relevant metadata associated with it. - type: object - properties: - uri: - description: >- - The signed URL of the JSON data. Will be of the form - `https://storage.googleapis.com/example-bucket/cat.jpeg?X-Goog-Algorithm= - GOOG4-RSA-SHA256&X-Goog-Credential=example%40example-project.iam.gserviceaccount - .com%2F20181026%2Fus-central1%2Fstorage%2Fgoog4_request&X-Goog-Date=20181026T18 - 1309Z&X-Goog-Expires=900&X-Goog-SignedHeaders=host&X-Goog-Signature=247a2aa45f16 - 9edf4d187d54e7cc46e4731b1e6273242c4f4c39a1d2507a0e58706e25e3a85a7dbb891d62afa849 - 6def8e260c1db863d9ace85ff0a184b894b117fe46d1225c82f2aa19efd52cf21d3e2022b3b868dc - c1aca2741951ed5bf3bb25a34f5e9316a2841e8ff4c530b22ceaa1c5ce09c7cbb5732631510c2058 - 0e61723f5594de3aea497f195456a2ff2bdd0d13bad47289d8611b6f9cfeef0c46c91a455b94e90a - 66924f722292d21e24d31dcfb38ce0c0f353ffa5a9756fc2a9f2b40bc2113206a81e324fc4fd6823 - a29163fa845c8ae7eca1fcf6e5bb48b3200983c56c5ca81fffb151cca7402beddfc4a76b13344703 - 2ea7abedc098d2eb14a7` + type: string + chartType: type: string - md5: - description: The MD5 Hash of the JSON data + description: This field contains the chart type for the report + timeUnit: type: string - sizeBytes: - description: The size of the returned file in bytes + description: This field contains the time unit of aggregation for the report + environment: + readOnly: true + description: Output only. Environment name type: string - format: int64 - GoogleCloudApigeeV1ListAsyncQueriesResponse: - id: GoogleCloudApigeeV1ListAsyncQueriesResponse - description: The response for ListAsyncQueries. - type: object - properties: - queries: - description: The asynchronous queries belong to requested resource name. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1AsyncQuery' - GoogleCloudApigeeV1AsyncQueryResultView: - id: GoogleCloudApigeeV1AsyncQueryResultView - type: object - properties: - metadata: - description: >- - Metadata contains information like metrics, dimenstions etc of the - AsyncQuery. - $ref: '#/components/schemas/GoogleCloudApigeeV1QueryMetadata' - rows: - description: >- - Rows of query result. Each row is a JSON object. Example: - {sum(message_count): 1, developer_app: "(not set)",…} - type: array - items: - type: any - state: - description: State of retrieving ResultView. + fromTime: type: string - code: - description: Error code when there is a failure. - type: integer - format: int32 - error: - description: Error message when there is a failure. + description: 'Legacy field: not used. Contains the from time for the report' + offset: + description: 'Legacy field: not used. This field contains the offset for the data' type: string - GoogleCloudApigeeV1CustomReport: - id: GoogleCloudApigeeV1CustomReport - type: object - properties: - name: - description: >- - Required. Unique identifier for the report T his is a legacy field - used to encode custom report unique id + lastViewedAt: type: string - displayName: - description: This is the display name for the report + description: >- + Output only. Last viewed time of this entity as milliseconds since + epoch + readOnly: true + format: int64 + organization: + description: Output only. Organization name + readOnly: true type: string - metrics: - description: Required. This contains the list of metrics - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1CustomReportMetric' dimensions: + items: + type: string + type: array description: This contains the list of dimensions for the report + tags: type: array + description: >- + Legacy field: not used. This field contains a list of tags + associated with custom report items: type: string - filter: - description: This field contains the filter expression - type: string createdAt: description: 'Output only. Unix time when the app was created json key: createdAt' readOnly: true type: string format: int64 - lastModifiedAt: + sortOrder: description: >- - Output only. Modified time of this entity as milliseconds since - epoch. json key: lastModifiedAt - readOnly: true + Legacy field: not used much. Contains the sort order for the sort + columns type: string - format: int64 - properties: - description: This field contains report properties such as ui metadata etc. - type: array + type: object + GoogleCloudApigeeV1DebugMask: + type: object + properties: + faultXPaths: items: - $ref: '#/components/schemas/GoogleCloudApigeeV1ReportProperty' - chartType: - description: This field contains the chart type for the report - type: string - timeUnit: - description: This field contains the time unit of aggregation for the report - type: string - sortByCols: - description: 'Legacy field: not used much. Contains the list of sort by columns' + type: string + type: array + description: >- + List of XPaths that specify the XML elements to be filtered from XML + payloads in error flows. + requestJSONPaths: + description: >- + List of JSON paths that specify the JSON elements to be filtered + from JSON request message payloads. + type: array + items: + type: string + faultJSONPaths: type: array items: type: string - sortOrder: description: >- - Legacy field: not used much. Contains the sort order for the sort - columns - type: string - fromTime: - description: 'Legacy field: not used. Contains the from time for the report' + List of JSON paths that specify the JSON elements to be filtered + from JSON payloads in error flows. + variables: + description: List of variables that should be masked from the debug output. + items: + type: string + type: array + responseXPaths: + type: array + items: + type: string + description: >- + List of XPaths that specify the XML elements to be filtered from XML + response message payloads. + responseJSONPaths: + items: + type: string + description: >- + List of JSON paths that specify the JSON elements to be filtered + from JSON response message payloads. + type: array + namespaces: + additionalProperties: + type: string + type: object + description: Map of namespaces to URIs. + requestXPaths: + type: array + items: + type: string + description: >- + List of XPaths that specify the XML elements to be filtered from XML + request message payloads. + name: + description: Name of the debug mask. type: string - toTime: - description: 'Legacy field: not used. Contains the end time for the report' + id: GoogleCloudApigeeV1DebugMask + GoogleCloudApigeeV1TargetServerConfig: + type: object + properties: + host: + description: Host name of the target server. type: string - offset: - description: 'Legacy field: not used. This field contains the offset for the data' + enabled: + type: boolean + description: >- + Whether the target server is enabled. An empty/omitted value for + this field should be interpreted as true. + name: type: string - limit: description: >- - Legacy field: not used This field contains the limit for the result - retrieved + Target server revision name in the following format: + `organizations/{org}/environments/{env}/targetservers/{targetserver}/revisions/{rev}` + port: + description: Port number for the target server. + format: int32 + type: integer + protocol: + type: string + enum: + - PROTOCOL_UNSPECIFIED + - HTTP + - HTTP2 + - GRPC_TARGET + - GRPC + - EXTERNAL_CALLOUT + enumDescriptions: + - UNSPECIFIED defaults to HTTP for backwards compatibility. + - The TargetServer uses HTTP. + - The TargetSever uses HTTP2. + - The TargetServer uses GRPC. + - >- + GRPC TargetServer to be used in ExternalCallout Policy. Prefer to + use EXTERNAL_CALLOUT instead. TODO(b/266125112) deprecate once + EXTERNAL _CALLOUT generally available. + - The TargetServer is to be used in the ExternalCallout Policy + description: The protocol used by this target server. + tlsInfo: + description: TLS settings for the target server. + $ref: '#/components/schemas/GoogleCloudApigeeV1TlsInfoConfig' + id: GoogleCloudApigeeV1TargetServerConfig + GoogleCloudApigeeV1Subscription: + type: object + id: GoogleCloudApigeeV1Subscription + description: Pub/Sub subscription of an environment. + properties: + name: type: string - topk: description: >- - Legacy field: not used. This field contains the top k parameter - value for restricting the result + Full name of the Pub/Sub subcription. Use the following structure in + your request: `subscription "projects/foo/subscription/bar"` + GoogleCloudApigeeV1MetricAggregation: + description: The optionally aggregated metric to query with its ordering. + id: GoogleCloudApigeeV1MetricAggregation + properties: + aggregation: + description: Aggregation function associated with the metric. + enumDescriptions: + - Unspecified Aggregation function. + - Average. + - Summation. + - Min. + - Max. + - Count distinct + enum: + - AGGREGATION_FUNCTION_UNSPECIFIED + - AVG + - SUM + - MIN + - MAX + - COUNT_DISTINCT type: string - organization: - description: Output only. Organization name - readOnly: true + name: + description: Name of the metric type: string - environment: - description: Output only. Environment name - readOnly: true + order: type: string - lastViewedAt: + enumDescriptions: + - Unspecified order. Default is Descending. + - Ascending sort order. + - Descending sort order. + enum: + - ORDER_UNSPECIFIED + - ASCENDING + - DESCENDING description: >- - Output only. Last viewed time of this entity as milliseconds since - epoch - readOnly: true + Ordering for this aggregation in the result. For time series this is + ignored since the ordering of points depends only on the timestamp, + not the values. + type: object + GoogleCloudApigeeV1TraceConfigOverride: + type: object + id: GoogleCloudApigeeV1TraceConfigOverride + description: A representation of a configuration override. + properties: + name: type: string - format: int64 - tags: description: >- - Legacy field: not used. This field contains a list of tags - associated with custom report - type: array - items: - type: string - comments: + ID of the trace configuration override specified as a + system-generated UUID. + samplingConfig: + description: Trace configuration to override. + $ref: '#/components/schemas/GoogleCloudApigeeV1TraceSamplingConfig' + apiProxy: + type: string description: >- - Legacy field: not used. This field contains a list of comments - associated with custom report - type: array - items: - type: string - GoogleCloudApigeeV1CustomReportMetric: - id: GoogleCloudApigeeV1CustomReportMetric - description: >- - This encapsulates a metric property of the form sum(message_count) where - name is message_count and function is sum - type: object + ID of the API proxy that will have its trace configuration + overridden. + GoogleCloudApigeeV1Attribute: + description: Key-value pair to store extra metadata. + id: GoogleCloudApigeeV1Attribute properties: name: - description: name of the metric + description: API key of the attribute. type: string - function: - description: aggregate function + value: type: string - GoogleCloudApigeeV1ReportProperty: - id: GoogleCloudApigeeV1ReportProperty + description: Value of the attribute. + type: object + GoogleCloudApigeeV1ComputeEnvironmentScoresResponse: + id: GoogleCloudApigeeV1ComputeEnvironmentScoresResponse type: object + description: Response for ComputeEnvironmentScores. properties: - property: - description: name of the property + nextPageToken: type: string - value: - description: property values + description: >- + A page token, received from a previous `ComputeScore` call. Provide + this to retrieve the subsequent page. + scores: type: array + description: List of scores. One score per day. items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' - GoogleCloudApigeeV1ListCustomReportsResponse: - id: GoogleCloudApigeeV1ListCustomReportsResponse - description: This message encapsulates a list of custom report definitions + $ref: '#/components/schemas/GoogleCloudApigeeV1Score' + GoogleCloudApigeeV1LlmOperation: type: object + id: GoogleCloudApigeeV1LlmOperation + description: >- + Represents the pairing of REST resource path, model and the actions + (verbs) allowed on the resource path. properties: - qualifier: + methods: + description: >- + Optional. methods refers to the REST verbs as in + https://httpwg.org/specs/rfc9110.html For example: GET, POST, PUT, + DELETE, etc. They need to be in uppercase. When none specified, all + verb types are allowed. type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1CustomReport' - GoogleCloudApigeeV1DeleteCustomReportResponse: - id: GoogleCloudApigeeV1DeleteCustomReportResponse + type: string + resource: + description: >- + Required. REST resource path associated with the API proxy or remote + service. + type: string + model: + description: Required. LLM model name associated with the API proxy + type: string + GoogleCloudApigeeV1AccessLoggingConfig: + id: GoogleCloudApigeeV1AccessLoggingConfig type: object + description: >- + Access logging configuration enables customers to ship the access logs + from the tenant projects to their own project's cloud logging. The + feature is at the instance level ad disabled by default. It can be + enabled during CreateInstance or UpdateInstance. properties: - message: - description: The response contains only a message field. + enabled: + description: >- + Optional. Boolean flag that specifies whether the customer access + log feature is enabled. + type: boolean + filter: + description: >- + Optional. Ship the access log entries that match the status_code + defined in the filter. The status_code is the only + expected/supported filter field. (Ex: status_code) The filter will + parse it to the Common Expression Language semantics for expression + evaluation to build the filter condition. (Ex: "filter": status_code + >= 200 && status_code < 300 ) type: string - GoogleCloudApigeeV1ExportRequest: - id: GoogleCloudApigeeV1ExportRequest - description: Request body for [CreateExportRequest] + GoogleCloudApigeeV1ListApiProductsResponse: type: object properties: - name: - description: Required. Display name of the export job. - type: string - description: - description: Optional. Description of the export job. + apiProduct: + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProduct' + description: Lists all API product names defined for an organization. + id: GoogleCloudApigeeV1ListApiProductsResponse + GoogleCloudApigeeV1ListEnvironmentResourcesResponse: + properties: + resourceFile: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceFile' + description: List of resources files. + type: array + description: Response for ListEnvironmentResources + type: object + id: GoogleCloudApigeeV1ListEnvironmentResourcesResponse + GoogleCloudApigeeV1QueryTimeSeriesStatsResponse: + description: >- + Represents security stats result as a collection of time series + sequences. + type: object + id: GoogleCloudApigeeV1QueryTimeSeriesStatsResponse + properties: + values: + items: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1QueryTimeSeriesStatsResponseSequence + description: Results of the query returned as a JSON array. + type: array + nextPageToken: + description: Next page token. type: string - dateRange: - description: Required. Date range of the data to export. - $ref: '#/components/schemas/GoogleCloudApigeeV1DateRange' - outputFormat: + columns: + type: array + items: + type: string description: >- - Optional. Output format of the export. Valid values include: `csv` - or `json`. Defaults to `json`. Note: Configure the delimiter for CSV - output using the `csvDelimiter` property. - type: string - csvDelimiter: + Column names corresponding to the same order as the inner values in + the stats field. + GoogleCloudApigeeV1ListSpacesResponse: + id: GoogleCloudApigeeV1ListSpacesResponse + properties: + nextPageToken: description: >- - Optional. Delimiter used in the CSV file, if `outputFormat` is set - to `csv`. Defaults to the `,` (comma) character. Supported delimiter - characters include comma (`,`), pipe (`|`), and tab (`\t`). - type: string - datastoreName: - description: Required. Name of the preconfigured datastore. + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. type: string - GoogleCloudApigeeV1DateRange: - id: GoogleCloudApigeeV1DateRange - description: Date range of the data to export. + spaces: + type: array + description: List of Apigee organization spaces. + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Space' type: object + description: >- + A response to a ListSpaces request containing the list of organization + spaces and a page token for the next page. + GoogleCloudApigeeV1Point: properties: - start: - description: >- - Required. Start date of the data to export in the format - `yyyy-mm-dd`. The date range begins at 00:00:00 UTC on the start - date. - type: string - end: - description: >- - Required. End date (exclusive) of the data to export in the format - `yyyy-mm-dd`. The date range ends at 00:00:00 UTC on the end date- - which will not be in the output. + id: + description: Name of a step in the transaction. type: string - GoogleCloudApigeeV1Export: - id: GoogleCloudApigeeV1Export - description: Details of an export job. + results: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Result' + description: List of results extracted from a given debug point. + type: array + description: >- + Point is a group of information collected by runtime plane at critical + points of the message flow of the processed API request. This is a list + of supported point IDs, categorized to three major buckets. For each + category, debug points that we are currently supporting are listed + below: - Flow status debug points: StateChange FlowInfo Condition + Execution DebugMask Error - Flow control debug points: FlowCallout + Paused Resumed FlowReturn BreakFlow Error - Runtime debug points: + ScriptExecutor FlowCalloutStepDefinition CustomTarget StepDefinition + Oauth2ServicePoint RaiseFault NodeJS The detail information of the given + debug point is stored in a list of results. type: object + id: GoogleCloudApigeeV1Point + GoogleIamV1TestIamPermissionsResponse: + description: Response message for `TestIamPermissions` method. properties: - self: + permissions: description: >- - Output only. Self link of the export job. A URI that can be used to - retrieve the status of an export job. Example: - `/organizations/myorg/environments/myenv/analytics/exports/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd` - readOnly: true - type: string - name: - description: Display name of the export job. + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + type: array + items: + type: string + id: GoogleIamV1TestIamPermissionsResponse + type: object + GoogleCloudApigeeV1Reference: + type: object + description: >- + A Reference configuration. References must refer to a keystore that also + exists in the parent environment. + properties: + resourceType: type: string + description: >- + The type of resource referred to by this reference. Valid values are + 'KeyStore' or 'TrustStore'. description: - description: Description of the export job. + description: Optional. A human-readable description of this reference. type: string - datastoreName: + name: description: >- - Name of the datastore that is the destination of the export job - [datastore] + Required. The resource id of this reference. Values must match the + regular expression [\w\s\-.]+. type: string - created: - description: Output only. Time the export job was created. - readOnly: true + refers: + description: >- + Required. The id of the resource to which this reference refers. + Must be the id of a resource that exists in the parent environment + and is of the given resource_type. type: string - updated: - description: Output only. Time the export job was last updated. - readOnly: true + id: GoogleCloudApigeeV1Reference + GoogleCloudApigeeV1TlsInfoCommonName: + type: object + properties: + value: + description: The TLS Common Name string of the certificate. type: string - executionTime: + wildcardMatch: description: >- - Output only. Execution time for this export job. If the job is still - in progress, it will be set to the amount of time that has elapsed - since`created`, in seconds. Else, it will set to (`updated` - - `created`), in seconds. - readOnly: true - type: string - state: + Indicates whether the cert should be matched against as a wildcard + cert. + type: boolean + id: GoogleCloudApigeeV1TlsInfoCommonName + GoogleCloudApigeeV1GraphQLOperationGroup: + properties: + operationConfigType: description: >- - Output only. Status of the export job. Valid values include - `enqueued`, `running`, `completed`, and `failed`. - readOnly: true - type: string - error: - description: Output only. Error is set when export fails - readOnly: true + Flag that specifies whether the configuration is for Apigee API + proxy or a remote service. Valid values include `proxy` or + `remoteservice`. Defaults to `proxy`. Set to `proxy` when Apigee API + proxies are associated with the API product. Set to `remoteservice` + when non-Apigee proxies like Istio-Envoy are associated with the API + product. type: string - GoogleCloudApigeeV1ListExportsResponse: - id: GoogleCloudApigeeV1ListExportsResponse - description: The response for ListExports - type: object - properties: - exports: - description: Details of the export jobs. + operationConfigs: + description: >- + Required. List of operation configurations for either Apigee API + proxies or other remote services that are associated with this API + product. type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Export' - GoogleCloudApigeeV1Datastore: - id: GoogleCloudApigeeV1Datastore + $ref: '#/components/schemas/GoogleCloudApigeeV1GraphQLOperationConfig' + type: object description: >- - The data store defines the connection to export data repository (Cloud - Storage, BigQuery), including the credentials used to access the data - repository. + List of graphQL operation configuration details associated with Apigee + API proxies or remote services. Remote services are non-Apigee proxies, + such as Istio-Envoy. + id: GoogleCloudApigeeV1GraphQLOperationGroup + GoogleRpcStatus: type: object + id: GoogleRpcStatus properties: - self: - description: >- - Output only. Resource link of Datastore. Example: - `/organizations/{org}/analytics/datastores/{uuid}` - readOnly: true - type: string - displayName: - description: Required. Display name in UI - type: string - org: - description: Output only. Organization that the datastore belongs to - readOnly: true - type: string - targetType: - description: Destination storage type. Supported types `gcs` or `bigquery`. - type: string - createTime: + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer + details: + type: array + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - Output only. Datastore create time, in milliseconds since the epoch - of 1970-01-01T00:00:00Z - readOnly: true + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + message: type: string - format: int64 - lastUpdateTime: description: >- - Output only. Datastore last update time, in milliseconds since the - epoch of 1970-01-01T00:00:00Z - readOnly: true - type: string - format: int64 - datastoreConfig: - description: Datastore Configurations. - $ref: '#/components/schemas/GoogleCloudApigeeV1DatastoreConfig' - GoogleCloudApigeeV1DatastoreConfig: - id: GoogleCloudApigeeV1DatastoreConfig - description: Configuration detail for datastore - type: object + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + GoogleCloudApigeeV1AliasRevisionConfig: properties: - projectId: - description: Required. Google Cloud project in which the datastore exists - type: string - bucketName: - description: Name of the Cloud Storage bucket. Required for `gcs` target_type. - type: string - path: - description: Path of Cloud Storage bucket Required for `gcs` target_type. - type: string - datasetName: - description: BigQuery dataset name Required for `bigquery` target_type. - type: string - tablePrefix: - description: Prefix of BigQuery table Required for `bigquery` target_type. + location: + description: Location of the alias file. For example, a Google Cloud Storage URI. type: string - GoogleCloudApigeeV1TestDatastoreResponse: - id: GoogleCloudApigeeV1TestDatastoreResponse - description: The response for TestDatastore - type: object - properties: - state: - description: Output only. It could be `completed` or `failed` - readOnly: true + type: + enumDescriptions: + - Alias type is not specified. + - Certificate. + - Key/certificate pair. + enum: + - ALIAS_TYPE_UNSPECIFIED + - CERT + - KEY_CERT type: string - error: - description: Output only. Error message of test connection failure - readOnly: true + name: type: string - GoogleCloudApigeeV1ListDatastoresResponse: - id: GoogleCloudApigeeV1ListDatastoresResponse - description: The response for ListDatastores - type: object - properties: - datastores: - description: A list of datastores - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Datastore' - GoogleCloudApigeeV1DeveloperAppKey: - id: GoogleCloudApigeeV1DeveloperAppKey + description: >- + Name of the alias revision included in the keystore in the following + format: + `organizations/{org}/environments/{env}/keystores/{keystore}/aliases/{alias}/revisions/{rev}` + id: GoogleCloudApigeeV1AliasRevisionConfig type: object + GoogleCloudApigeeV1DatastoreConfig: properties: - apiProducts: - description: >- - List of API products for which the credential can be used. **Note**: - Do not specify the list of API products when creating a consumer key - and secret for a developer app. Instead, use the - UpdateDeveloperAppKey API to make the association after the consumer - key and secret are created. - type: array - items: - type: any - attributes: - description: List of attributes associated with the credential. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' - consumerKey: - description: Consumer key. - type: string - consumerSecret: - description: Secret key. + tablePrefix: type: string - expiresAt: - description: Time the developer app expires in milliseconds since epoch. + description: Prefix of BigQuery table Required for `bigquery` target_type. + path: type: string - format: int64 - issuedAt: - description: Time the developer app was created in milliseconds since epoch. + description: Path of Cloud Storage bucket Required for `gcs` target_type. + datasetName: + description: BigQuery dataset name Required for `bigquery` target_type. type: string - format: int64 - scopes: - description: >- - Scopes to apply to the app. The specified scope names must already - be defined for the API product that you associate with the app. - type: array - items: - type: string - status: - description: >- - Status of the credential. Valid values include `approved` or - `revoked`. + bucketName: type: string - expiresInSeconds: - description: >- - Input only. Expiration time, in seconds, for the consumer key. If - not set or left to the default value of `-1`, the API key never - expires. The expiration time can't be updated after it is set. + description: Name of the Cloud Storage bucket. Required for `gcs` target_type. + projectId: + description: Required. Google Cloud project in which the datastore exists type: string - format: int64 - GoogleCloudApigeeV1DeveloperApp: - id: GoogleCloudApigeeV1DeveloperApp type: object + description: Configuration detail for datastore + id: GoogleCloudApigeeV1DatastoreConfig + GoogleCloudApigeeV1DeveloperApp: properties: - appId: - description: >- - ID of the developer app. This ID is not user specified but is - automatically generated on app creation. appId is a UUID. - type: string - attributes: - description: List of attributes for the developer app. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' callbackUrl: description: >- Callback URL used by OAuth 2.0 authorization servers to communicate authorization codes back to developer apps. type: string - createdAt: - description: >- - Output only. Time the developer app was created in milliseconds - since epoch. - readOnly: true - type: string - format: int64 credentials: - description: >- - Output only. Set of credentials for the developer app consisting of - the consumer key/secret pairs associated with the API products. - readOnly: true type: array + readOnly: true items: $ref: '#/components/schemas/GoogleCloudApigeeV1Credential' - developerId: - description: ID of the developer. - type: string - lastModifiedAt: description: >- - Output only. Time the developer app was modified in milliseconds - since epoch. - readOnly: true + Output only. Set of credentials for the developer app consisting of + the consumer key/secret pairs associated with the API products. + appFamily: type: string + description: Developer app family. + keyExpiresIn: + description: >- + Expiration time, in milliseconds, for the consumer key that is + generated for the developer app. If not set or left to the default + value of `-1`, the API key never expires. The expiration time can't + be updated after it is set. format: int64 - name: - description: Name of the developer app. type: string scopes: + items: + type: string description: >- Scopes to apply to the developer app. The specified scopes must already exist for the API product that you associate with the developer app. type: array - items: - type: string + name: + type: string + description: Name of the developer app. + appId: + description: >- + ID of the developer app. This ID is not user specified but is + automatically generated on app creation. appId is a UUID. + type: string status: + type: string description: >- Status of the credential. Valid values include `approved` or `revoked`. - type: string - keyExpiresIn: - description: >- - Expiration time, in milliseconds, for the consumer key that is - generated for the developer app. If not set or left to the default - value of `-1`, the API key never expires. The expiration time can't - be updated after it is set. - type: string - format: int64 - appFamily: - description: Developer app family. + developerId: + description: ID of the developer. type: string apiProducts: description: List of API products associated with the developer app. type: array items: type: string - GoogleCloudApigeeV1ListDeveloperAppsResponse: - id: GoogleCloudApigeeV1ListDeveloperAppsResponse - type: object - properties: - app: - description: List of developer apps and their credentials. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' - GoogleCloudApigeeV1Developer: - id: GoogleCloudApigeeV1Developer - type: object - properties: - email: - description: >- - Required. Email address of the developer. This value is used to - uniquely identify the developer in Apigee hybrid. Note that the - email address has to be in lowercase only. - type: string - firstName: - description: Required. First name of the developer. - type: string - lastName: - description: Required. Last name of the developer. + createdAt: type: string - userName: - description: Required. User name of the developer. Not used by Apigee hybrid. + format: int64 + readOnly: true + description: >- + Output only. Time the developer app was created in milliseconds + since epoch. + lastModifiedAt: + format: int64 type: string - attributes: + readOnly: true description: >- - Optional. Developer attributes (name/value pairs). The custom - attribute limit is 18. + Output only. Time the developer app was modified in milliseconds + since epoch. + attributes: + description: List of attributes for the developer app. type: array items: $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + id: GoogleCloudApigeeV1DeveloperApp + type: object + GoogleCloudApigeeV1Developer: + type: object + id: GoogleCloudApigeeV1Developer + properties: apps: - description: List of apps associated with the developer. - type: array items: type: string - companies: - description: List of companies associated with the developer. + description: List of apps associated with the developer. type: array - items: - type: string - developerId: - description: >- - ID of the developer. **Note**: IDs are generated internally by - Apigee and are not guaranteed to stay the same over time. + appFamily: + description: Developer app family. + type: string + lastModifiedAt: type: string - organizationName: description: >- - Output only. Name of the Apigee organization in which the developer - resides. + Output only. Time at which the developer was last modified in + milliseconds since epoch. readOnly: true + format: int64 + developerId: + description: >- + ID of the developer. **Note**: IDs are generated internally by + Apigee and are not guaranteed to stay the same over time. type: string status: + type: string + readOnly: true description: >- Output only. Status of the developer. Valid values are `active` and `inactive`. - readOnly: true + lastName: type: string - createdAt: - description: >- - Output only. Time at which the developer was created in milliseconds - since epoch. - readOnly: true + description: Required. Last name of the developer. + userName: + description: Required. User name of the developer. Not used by Apigee hybrid. type: string - format: int64 - lastModifiedAt: + attributes: + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' description: >- - Output only. Time at which the developer was last modified in - milliseconds since epoch. + Optional. Developer attributes (name/value pairs). The custom + attribute limit is 18. + organizationName: + description: >- + Output only. Name of the Apigee organization in which the developer + resides. + type: string readOnly: true + email: + description: >- + Required. Email address of the developer. This value is used to + uniquely identify the developer in Apigee hybrid. Note that the + email address has to be in lowercase only. + type: string + firstName: + description: Required. First name of the developer. + type: string + companies: + description: List of companies associated with the developer. + items: + type: string + type: array + createdAt: type: string format: int64 + readOnly: true + description: >- + Output only. Time at which the developer was created in milliseconds + since epoch. accessType: - description: Access type. - type: string - appFamily: - description: Developer app family. type: string - GoogleCloudApigeeV1ListOfDevelopersResponse: - id: GoogleCloudApigeeV1ListOfDevelopersResponse - type: object + description: Access type. + GoogleCloudApigeeV1ListApiProxiesResponse: properties: - developer: - description: List of developers. + proxies: type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Developer' - GoogleCloudApigeeV1DeveloperMonetizationConfig: - id: GoogleCloudApigeeV1DeveloperMonetizationConfig - description: Monetization configuration for the developer. + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxy' + type: object + id: GoogleCloudApigeeV1ListApiProxiesResponse + GoogleCloudApigeeV1OASDocumentation: type: object properties: - billingType: - description: Billing type. + format: type: string - enumDescriptions: - - The default/unset value. - - >- - Developer pays in advance for the use of APIs and the charged - amount is deducted from their account balance. - - >- - Developer does not maintain an account balance. The API provider - bills the developer for API usage. enum: - - BILLING_TYPE_UNSPECIFIED - - PREPAID - - POSTPAID - GoogleCloudApigeeV1DeveloperBalance: - id: GoogleCloudApigeeV1DeveloperBalance - description: Account balance for the developer. + - FORMAT_UNSPECIFIED + - YAML + - JSON + description: Output only. The format of the input specification file contents. + enumDescriptions: + - The format is not available. + - YAML format. + - JSON format. + readOnly: true + spec: + description: >- + Required. The documentation file contents for the OpenAPI + Specification. JSON and YAML file formats are supported. + $ref: '#/components/schemas/GoogleCloudApigeeV1DocumentationFile' + description: OpenAPI Specification documentation for a catalog item. + id: GoogleCloudApigeeV1OASDocumentation + GoogleCloudApigeeV1DeploymentChangeReport: type: object + description: >- + Response for GenerateDeployChangeReport and + GenerateUndeployChangeReport. This report contains any validation + failures that would cause the deployment to be rejected, as well changes + and conflicts in routing that may occur due to the new deployment. The + existence of a routing warning does not necessarily imply that the + deployment request is bad, if the desired state of the deployment + request is to effect a routing change. The primary purposes of the + routing messages are: 1) To inform users of routing changes that may + have an effect on traffic currently being routed to other existing + deployments. 2) To warn users if some base path in the proxy will not + receive traffic due to an existing deployment having already claimed + that base path. The presence of routing conflicts/changes will not cause + non-dry-run DeployApiProxy/UndeployApiProxy requests to be rejected. properties: - wallets: - description: >- - Output only. List of all wallets. Each individual wallet stores the - account balance for a particular currency. - readOnly: true + routingConflicts: + description: All base path conflicts detected for a deployment request. + items: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1DeploymentChangeReportRoutingConflict + type: array + routingChanges: + description: All routing changes that may result from a deployment request. type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperBalanceWallet' - GoogleCloudApigeeV1DeveloperBalanceWallet: - id: GoogleCloudApigeeV1DeveloperBalanceWallet - description: Wallet used to manage an account balance for a particular currency. - type: object - properties: - balance: - description: >- - Current remaining balance of the developer for a particular - currency. - $ref: '#/components/schemas/GoogleTypeMoney' - lastCreditTime: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1DeploymentChangeReportRoutingChange + validationErrors: + $ref: '#/components/schemas/GoogleRpcPreconditionFailure' description: >- - Output only. Time at which the developer last added credit to the - account in milliseconds since epoch. - readOnly: true - type: string - format: int64 - GoogleTypeMoney: - id: GoogleTypeMoney - description: Represents an amount of money with its currency type. + Validation errors that would cause the deployment change request to + be rejected. + id: GoogleCloudApigeeV1DeploymentChangeReport + GoogleCloudApigeeV1APIProductAssociation: type: object + id: GoogleCloudApigeeV1APIProductAssociation properties: - currencyCode: - description: The three-letter currency code defined in ISO 4217. - type: string - units: + status: description: >- - The whole units of the amount. For example if `currencyCode` is - `"USD"`, then 1 unit is one US dollar. + The API product credential associated status. Valid values are + `approved` or `revoked`. type: string - format: int64 - nanos: - description: >- - Number of nano (10^-9) units of the amount. The value must be - between -999,999,999 and +999,999,999 inclusive. If `units` is - positive, `nanos` must be positive or zero. If `units` is zero, - `nanos` can be positive, zero, or negative. If `units` is negative, - `nanos` must be negative or zero. For example $-1.75 is represented - as `units`=-1 and `nanos`=-750,000,000. - type: integer - format: int32 - GoogleCloudApigeeV1CreditDeveloperBalanceRequest: - id: GoogleCloudApigeeV1CreditDeveloperBalanceRequest - description: Request for CreditDeveloperBalance. - type: object - properties: - transactionAmount: - description: >- - The amount of money to be credited. The wallet corresponding to the - currency specified within `transaction_amount` will be updated. For - example, if you specified `currency_code` within - `transaction_amount` as "USD", then the amount would be added to the - wallet which has the "USD" currency or if no such wallet exists, a - new wallet will be created with the "USD" currency. - $ref: '#/components/schemas/GoogleTypeMoney' - transactionId: - description: >- - Each transaction_id uniquely identifies a credit balance request. If - multiple requests are received with the same transaction_id, only - one of them will be considered. + apiproduct: + description: API product to be associated with the credential. type: string - GoogleCloudApigeeV1AdjustDeveloperBalanceRequest: - id: GoogleCloudApigeeV1AdjustDeveloperBalanceRequest - description: Request for AdjustDeveloperBalance. - type: object - properties: - adjustment: - description: >- - * A positive value of `adjustment` means that that the API provider - wants to adjust the balance for an under-charged developer i.e. the - balance of the developer will decrease. * A negative value of - `adjustment` means that that the API provider wants to adjust the - balance for an over-charged developer i.e. the balance of the - developer will increase. - $ref: '#/components/schemas/GoogleTypeMoney' - GoogleCloudApigeeV1AppGroup: - id: GoogleCloudApigeeV1AppGroup description: >- - AppGroup contains the request/response fields representing the logical - grouping of apps. Note that appgroup_id, create_time and update_time - cannot be changed by the user, and gets updated by the system. The name - and the organization once provided cannot be edited subsequently. + APIProductAssociation has the API product and its administrative state + association. + GoogleCloudApigeeV1SecurityReportQueryMetric: + id: GoogleCloudApigeeV1SecurityReportQueryMetric type: object + description: Metric of the Query properties: - appGroupId: - description: Output only. Internal identifier that cannot be edited - readOnly: true - type: string - name: + alias: description: >- - Immutable. Name of the AppGroup. Characters you can use in the name - are restricted to: A-Z0-9._\-$ %. + Alias for the metric. Alias will be used to replace metric name in + query results. type: string - channelUri: - description: A reference to the associated storefront/marketplace. + operator: + description: One of `+`, `-`, `/`, `%`, `*`. type: string - channelId: - description: channel identifier identifies the owner maintaing this grouping. + name: + description: Required. Metric name. type: string - displayName: - description: app group name displayed in the UI - type: string - organization: - description: Immutable. the org the app group is created - type: string - status: - description: >- - Valid values are `active` or `inactive`. Note that the status of the - AppGroup should be updated via UpdateAppGroupRequest by setting the - action as `active` or `inactive`. - type: string - attributes: - description: A list of attributes - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' - createdAt: - description: Output only. Created time as milliseconds since epoch. - readOnly: true + value: type: string - format: int64 - lastModifiedAt: - description: Output only. Modified time as milliseconds since epoch. - readOnly: true + description: Operand value should be provided when operator is set. + aggregationFunction: type: string - format: int64 - GoogleCloudApigeeV1ListAppGroupsResponse: - id: GoogleCloudApigeeV1ListAppGroupsResponse - description: >- - ListAppGroupsResponse contains the 0 or more AppGroups, along with the - optional page token and the total count of apps. + description: 'Aggregation function: avg, min, max, or sum.' + GoogleCloudApigeeV1ListSecurityProfileRevisionsResponse: type: object properties: - appGroups: - description: List of AppGroups. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroup' nextPageToken: - description: >- - Token that can be sent as `next_page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. type: string - totalSize: - description: Total count of AppGroups. - type: integer - format: int32 - GoogleCloudApigeeV1AppGroupApp: - id: GoogleCloudApigeeV1AppGroupApp + description: >- + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. + securityProfiles: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfile' + type: array + description: >- + List of security profile revisions. The revisions may be attached or + unattached to any environment. + description: Response for ListSecurityProfileRevisions. + id: GoogleCloudApigeeV1ListSecurityProfileRevisionsResponse + GoogleApiHttpBody: description: >- - Response for [GetAppGroupApp].[AppGroupApps.GetAppGroupApp], - [CreateAppGroupAppRequest].[AppGroupApp.CreateAppGroupAppRequest] and - [DeleteAppGroupApp].[AppGroupApp.DeleteAppGroupApp] - type: object + Message that represents an arbitrary HTTP body. It should only be used + for payload formats that can't be represented as JSON, such as raw + binary or an HTML page. This message can be used both in streaming and + non-streaming API methods in the request as well as the response. It can + be used as a top-level request field, which is convenient if one wants + to extract parameters from either the URL or HTTP template into the + request fields and also want access to the raw HTTP body. Example: + message GetResourceRequest { // A unique request id. string request_id = + 1; // The raw HTTP body is bound to this field. google.api.HttpBody + http_body = 2; } service ResourceService { rpc + GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc + UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } + Example with streaming methods: service CaldavService { rpc + GetCalendar(stream google.api.HttpBody) returns (stream + google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) + returns (stream google.api.HttpBody); } Use of this type only changes + how the request and response bodies are handled, all other features will + continue to work unchanged. properties: - appId: - description: Immutable. ID of the AppGroup app. + data: + description: The HTTP request/response body as raw binary. + format: byte type: string - attributes: - description: List of attributes for the AppGroup app. + extensions: type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' - callbackUrl: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - Callback URL used by OAuth 2.0 authorization servers to communicate - authorization codes back to AppGroup apps. + Application specific response metadata. Must be set in the first + response for streaming APIs. + contentType: type: string - createdAt: description: >- - Output only. Time the AppGroup app was created in milliseconds since - epoch. - readOnly: true + The HTTP Content-Type header value specifying the content type of + the body. + id: GoogleApiHttpBody + type: object + GoogleCloudApigeeV1ApiProxyRevision: + id: GoogleCloudApigeeV1ApiProxyRevision + type: object + description: API proxy revision. + properties: + name: type: string - format: int64 - credentials: - description: >- - Output only. Set of credentials for the AppGroup app consisting of - the consumer key/secret pairs associated with the API products. - readOnly: true + description: Name of the API proxy. + integrationEndpoints: type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Credential' - lastModifiedAt: + type: string description: >- - Output only. Time the AppGroup app was modified in milliseconds - since epoch. - readOnly: true + List of IntegrationEndpoints in the '/integration-endpoints' + directory of the API proxy. This is a 'manifest' setting designed to + provide visibility into the contents of the API proxy. + teams: + description: List of the teams included in the API proxy revision. + items: + type: string + type: array + displayName: + description: Human-readable name of the API proxy. type: string + lastModifiedAt: format: int64 - name: - description: >- - Immutable. Name of the AppGroup app whose resource name format is of - syntax (organizations/*/appgroups/*/apps/*). type: string - scopes: description: >- - Scopes to apply to the AppGroup app. The specified scopes must - already exist for the API product that you associate with the - AppGroup app. - type: array + Time that the API proxy revision was last modified in milliseconds + since epoch. + policies: + description: List of policy names included in the API proxy revision.. items: type: string - status: - description: Status of the App. Valid values include `approved` or `revoked`. - type: string - keyExpiresIn: - description: >- - Immutable. Expiration time, in seconds, for the consumer key that is - generated for the AppGroup app. If not set or left to the default - value of `-1`, the API key never expires. The expiration time can't - be updated after it is set. - type: string - format: int64 - apiProducts: - description: List of API products associated with the AppGroup app. + type: array + targetEndpoints: type: array items: type: string - appGroup: description: >- - Immutable. Name of the parent AppGroup whose resource name format is - of syntax (organizations/*/appgroups/*). - type: string - GoogleCloudApigeeV1ListAppGroupAppsResponse: - id: GoogleCloudApigeeV1ListAppGroupAppsResponse - description: Response for ListAppGroupApps - type: object - properties: - appGroupApps: - description: List of AppGroup apps and their credentials. - type: array + List of TargetEndpoints in the `/targets` directory of the API + proxy. Typically, this element is included only when the API proxy + was created using the Edge UI. This is a 'manifest' setting designed + to provide visibility into the contents of the API proxy. + entityMetaDataAsProperties: + description: Metadata describing the API proxy revision as a key-value map. + type: object + additionalProperties: + type: string + sharedFlows: + description: List of the shared flows included in the API proxy revision. items: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupApp' - nextPageToken: + type: string + type: array + archive: + readOnly: true description: >- - Token that can be sent as `next_page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Output only. The archive that generated this proxy revision. This + field is only present on proxy revisions that were generated by an + archive. Proxies generated by archives cannot be updated, deleted, + or deployed to other environments. Format: + `organizations/*/environments/*/archiveDeployments/*` + type: string + description: + type: string + description: Description of the API proxy revision. + spec: type: string - GoogleCloudApigeeV1AppGroupAppKey: - id: GoogleCloudApigeeV1AppGroupAppKey - description: >- - AppGroupAppKey contains all the information associated with the - credentials. - type: object - properties: - apiProducts: description: >- - Output only. List of API products and its status for which the - credential can be used. **Note**: Use - UpdateAppGroupAppKeyApiProductRequest API to make the association - after the consumer key and secret are created. - readOnly: true - type: array + OpenAPI Specification that is associated with the API proxy. The + value is set to a URL or to a path in the specification store. + targetServers: items: - $ref: '#/components/schemas/GoogleCloudApigeeV1APIProductAssociation' - attributes: - description: List of attributes associated with the credential. + type: string type: array + description: >- + List of TargetServers referenced in any TargetEndpoint in the API + proxy. Typically, you will see this element only when the API proxy + was created using the Edge UI. This is a 'manifest' setting designed + to provide visibility into the contents of the API proxy. + proxies: + description: List of proxy names included in the API proxy revision. items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' - consumerKey: - description: Immutable. Consumer key. + type: string + type: array + revision: + description: API proxy revision. type: string - consumerSecret: - description: Secret key. + contextInfo: type: string - expiresAt: + description: Revision number, app name, and organization for the API proxy. + proxyEndpoints: + items: + type: string description: >- - Output only. Time the AppGroup app expires in milliseconds since - epoch. - readOnly: true - type: string + List of ProxyEndpoints in the `/proxies` directory of the API proxy. + Typically, this element is included only when the API proxy was + created using the Edge UI. This is a 'manifest' setting designed to + provide visibility into the contents of the API proxy. + type: array + hasExtensiblePolicy: + description: >- + Output only. This field will be marked as true if revision contains + any policies marked as extensible. + type: boolean + readOnly: true + resourceFiles: + description: List of resource files included in the API proxy revision. + $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceFiles' + createdAt: format: int64 - issuedAt: + type: string description: >- - Output only. Time the AppGroup app was created in milliseconds since + Time that the API proxy revision was created in milliseconds since epoch. - readOnly: true + type: type: string - format: int64 - scopes: description: >- - Scopes to apply to the app. The specified scope names must already - be defined for the API product that you associate with the app. + Type. Set to `Application`. Maintained for compatibility with the + Apigee Edge API. + targets: + description: List of the targets included in the API proxy revision. type: array items: type: string - status: + resources: + type: array description: >- - Status of the credential. Valid values include `approved` or - `revoked`. - type: string - expiresInSeconds: + List of the resources included in the API proxy revision formatted + as "{type}://{name}". + items: + type: string + configurationVersion: description: >- - Immutable. Expiration time, in seconds, for the consumer key. If not - set or left to the default value of `-1`, the API key never expires. - The expiration time can't be updated after it is set. + Version of the API proxy configuration schema to which the API proxy + conforms. Currently, the only supported value is 4.0 + (`majorVersion.minorVersion`). This setting may be used in the + future to track the evolution of the API proxy format. + $ref: '#/components/schemas/GoogleCloudApigeeV1ConfigVersion' + basepaths: + description: Base URL of the API proxy. + items: + type: string + type: array + GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendationRecommendation: + properties: + description: type: string - format: int64 - GoogleCloudApigeeV1APIProductAssociation: - id: GoogleCloudApigeeV1APIProductAssociation - description: >- - APIProductAssociation has the API product and its administrative state - association. + description: The description of the recommendation. + link: + description: The link for the recommendation. + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendationRecommendationLink + description: The format of the assessment recommendation. + id: >- + GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendationRecommendation + type: object + GoogleCloudApigeeV1EnableSecurityActionRequest: + description: Message to enable a disabled SecurityAction. type: object + id: GoogleCloudApigeeV1EnableSecurityActionRequest + properties: {} + GoogleCloudApigeeV1SecurityAssessmentResult: properties: - apiproduct: - description: API product to be associated with the credential. - type: string - status: + scoringResult: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityAssessmentResultScoringResult + description: The result of the assessment. + resource: + description: The assessed resource. + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityAssessmentResultResource + createTime: description: >- - The API product credential associated status. Valid values are - `approved` or `revoked`. + The time of the assessment of this resource. This could lag behind + `assessment_time` due to caching within the backend. type: string - GoogleCloudApigeeV1UpdateAppGroupAppKeyRequest: - id: GoogleCloudApigeeV1UpdateAppGroupAppKeyRequest - description: Request for UpdateAppGroupAppKey + format: google-datetime + error: + description: The error status if scoring fails. + $ref: '#/components/schemas/GoogleRpcStatus' + type: object + id: GoogleCloudApigeeV1SecurityAssessmentResult + description: The security assessment result for one resource. + GoogleCloudApigeeV1SecurityActionAllow: type: object + description: >- + Message that should be set in case of an Allow Action. This does not + have any fields. + id: GoogleCloudApigeeV1SecurityActionAllow + properties: {} + GoogleCloudApigeeV1InstanceDeploymentStatus: properties: - action: - description: >- - Approve or revoke the consumer key by setting this value to - `approve` or `revoke` respectively. The `Content-Type` header, if - set, must be set to `application/octet-stream`, with empty body. + deployedRevisions: + type: array + description: Revisions currently deployed in MPs. + items: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1InstanceDeploymentStatusDeployedRevision + instance: + description: ID of the instance reporting the status. type: string - appGroupAppKey: - description: >- - Note that only Scopes and Attributes of the AppGroupAppKey can be - amended. Scopes and Attributes mentioned in the request will be - inserted and the existing scopes and attributes will be removed. - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupAppKey' - apiProducts: + deployedRoutes: description: >- - The list of API products that will be associated with the - credential. This list will be appended to the existing list of - associated API Products for this App Key. Duplicates will be - ignored. + Current routes deployed in the ingress routing table. A route which + is missing will appear in `missing_routes`. type: array items: - type: string - GoogleCloudApigeeV1DeveloperSubscription: - id: GoogleCloudApigeeV1DeveloperSubscription - description: Structure of a DeveloperSubscription. + $ref: >- + #/components/schemas/GoogleCloudApigeeV1InstanceDeploymentStatusDeployedRoute type: object + id: GoogleCloudApigeeV1InstanceDeploymentStatus + description: The status of a deployment as reported by a single instance. + GoogleCloudApigeeV1GraphQLOperationConfig: + type: object + description: >- + Binds the resources in a proxy or remote service with the GraphQL + operation and its associated quota enforcement. properties: - name: - description: Output only. Name of the API product subscription. - readOnly: true - type: string - apiproduct: + quota: + $ref: '#/components/schemas/GoogleCloudApigeeV1Quota' description: >- - Name of the API product for which the developer is purchasing a - subscription. - type: string - startTime: + Quota parameters to be enforced for the resources, methods, and API + source combination. If none are specified, quota enforcement will + not be done. + attributes: + type: array + description: Custom attributes associated with the operation. + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + operations: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1GraphQLOperation' description: >- - Time when the API product subscription starts in milliseconds since - epoch. + Required. List of GraphQL name/operation type pairs for the proxy or + remote service to which quota will be applied. If only operation + types are specified, the quota will be applied to all GraphQL + requests irrespective of the GraphQL name. **Note**: Currently, you + can specify only a single GraphQLOperation. Specifying more than one + will cause the operation to fail. + type: array + apiSource: type: string - format: int64 - endTime: description: >- - Time when the API product subscription ends in milliseconds since - epoch. - type: string - format: int64 - createdAt: + Required. Name of the API proxy endpoint or remote service with + which the GraphQL operation and quota are associated. + id: GoogleCloudApigeeV1GraphQLOperationConfig + GoogleCloudApigeeV1EntityMetadata: + type: object + properties: + lastModifiedAt: description: >- - Output only. Time when the API product subscription was created in + Time at which the API proxy was most recently modified, in milliseconds since epoch. - readOnly: true + format: int64 type: string + createdAt: format: int64 - lastModifiedAt: description: >- - Output only. Time when the API product subscription was last - modified in milliseconds since epoch. - readOnly: true + Time at which the API proxy was created, in milliseconds since + epoch. type: string - format: int64 - GoogleCloudApigeeV1ListDeveloperSubscriptionsResponse: - id: GoogleCloudApigeeV1ListDeveloperSubscriptionsResponse - description: Response for ListDeveloperSubscriptions. - type: object + subType: + description: The type of entity described + type: string + id: GoogleCloudApigeeV1EntityMetadata + description: Metadata common to many entities in this API. + GoogleCloudApigeeV1EnvironmentClientIPResolutionConfigHeaderIndexAlgorithm: + description: Resolves the client ip based on a custom header. properties: - developerSubscriptions: - description: List of all subscriptions. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperSubscription' - nextStartKey: + ipHeaderIndex: + format: int32 description: >- - Value that can be sent as `startKey` to retrieve the next page of - content. If this field is omitted, there are no subsequent pages. + Required. The index of the ip in the header. Positive indices 0, 1, + 2, 3 chooses indices from the left (first ips) Negative indices -1, + -2, -3 chooses indices from the right (last ips) + type: integer + ipHeaderName: + description: >- + Required. The name of the header to extract the client ip from. We + are currently only supporting the X-Forwarded-For header. type: string - GoogleCloudApigeeV1ExpireDeveloperSubscriptionRequest: - id: GoogleCloudApigeeV1ExpireDeveloperSubscriptionRequest - description: Request for ExpireDeveloperSubscription. + id: >- + GoogleCloudApigeeV1EnvironmentClientIPResolutionConfigHeaderIndexAlgorithm type: object - properties: {} - GoogleCloudApigeeV1SecurityReportQuery: - id: GoogleCloudApigeeV1SecurityReportQuery - description: Body structure when user makes a request to create a security report. + GoogleCloudApigeeV1ScheduledMaintenance: + description: Scheduled maintenance information for an instance. + id: GoogleCloudApigeeV1ScheduledMaintenance type: object properties: - metrics: - description: A list of Metrics. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReportQueryMetric' - dimensions: - description: >- - A list of dimensions. - https://docs.apigee.com/api-platform/analytics/analytics-reference#dimensions - type: array + startTime: + format: google-datetime + readOnly: true + type: string + description: Output only. The start time (UTC) of the scheduled maintenance. + GoogleCloudApigeeV1SecurityActionConditionConfig: + type: object + id: GoogleCloudApigeeV1SecurityActionConditionConfig + description: >- + The following are a list of conditions. A valid SecurityAction must + contain at least one condition. Within a condition, each element is + ORed. Across conditions elements are ANDed. For example if a + SecurityAction has the following: ip_address_ranges: ["ip1", "ip2"] and + bot_reasons: ["Flooder", "Robot Abuser"] then this is interpreted as: + enforce the action if the incoming request has ((ip_address_ranges = + "ip1" OR ip_address_ranges = "ip2") AND (bot_reasons="Flooder" OR + bot_reasons="Robot Abuser")). Conditions other than ip_address_ranges + and bot_reasons cannot be ANDed. + properties: + asns: items: + format: int64 type: string - timeRange: description: >- - Required. Time range for the query. Can use the following predefined - strings to specify the time range: `last60minutes` `last24hours` - `last7days` Or, specify the timeRange as a structure describing - start and end timestamps in the ISO format: yyyy-mm-ddThh:mm:ssZ. - Example: "timeRange": { "start": "2018-07-29T00:13:00Z", "end": - "2018-08-01T00:18:00Z" } - type: any - filter: + Optional. A list of ASN numbers to act on, e.g. 23. + https://en.wikipedia.org/wiki/Autonomous_system_(Internet) This uses + int64 instead of uint32 because of + https://linter.aip.dev/141/forbidden-types. + type: array + developers: + items: + type: string + description: Optional. A list of developers. Limit 1000 per action. + type: array + regionCodes: + type: array + items: + type: string description: >- - Boolean expression that can be used to filter data. Filter - expressions can be combined using AND/OR terms and should be fully - parenthesized to avoid ambiguity. See Analytics metrics, dimensions, - and filters reference - https://docs.apigee.com/api-platform/analytics/analytics-reference - for more information on the fields available to filter on. For more - information on the tokens that you use to build filter expressions, - see Filter expression syntax. - https://docs.apigee.com/api-platform/analytics/asynch-reports-api#filter-expression-syntax - type: string - groupByTimeUnit: + Optional. A list of countries/region codes to act on, e.g. US. This + follows https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2. + httpMethods: + items: + type: string + type: array description: >- - Time unit used to group the result set. Valid values include: - second, minute, hour, day, week, or month. If a query includes - groupByTimeUnit, then the result is an aggregation based on the - specified time unit and the resultant timestamp does not include - milliseconds precision. If a query omits groupByTimeUnit, then the - resultant timestamp includes milliseconds precision. - type: string - limit: - description: Maximum number of rows that can be returned in the result. - type: integer - format: int32 - mimeType: + Optional. Act only on particular HTTP methods. E.g. A read-only API + can block POST/PUT/DELETE methods. Accepted values are: GET, HEAD, + POST, PUT, DELETE, CONNECT, OPTIONS, TRACE and PATCH. + userAgents: + items: + type: string + type: array description: >- - Valid values include: `csv` or `json`. Defaults to `json`. Note: - Configure the delimiter for CSV output using the csvDelimiter - property. - type: string - csvDelimiter: + Optional. A list of user agents to deny. We look for exact matches. + Limit 50 per action. + developerApps: + type: array + items: + type: string + description: Optional. A list of developer apps. Limit 1000 per action. + ipAddressRanges: description: >- - Delimiter used in the CSV file, if `outputFormat` is set to `csv`. - Defaults to the `,` (comma) character. Supported delimiter - characters include comma (`,`), pipe (`|`), and tab (`\t`). - type: string - envgroupHostname: + Optional. A list of IP addresses. This could be either IPv4 or IPv6. + Limited to 100 per action. + items: + type: string + type: array + apiKeys: + type: array + description: Optional. A list of API keys. Limit 1000 per action. + items: + type: string + botReasons: description: >- - Hostname needs to be specified if query intends to run at host - level. This field is only allowed when query is submitted by - CreateHostSecurityReport where analytics data will be grouped by - organization and hostname. - type: string - reportDefinitionId: - description: Report Definition ID. - type: string - displayName: - description: Security Report display name which users can specify. - type: string - GoogleCloudApigeeV1SecurityReportQueryMetric: - id: GoogleCloudApigeeV1SecurityReportQueryMetric - description: Metric of the Query + Optional. A list of Bot Reasons. Current options: Flooder, Brute + Guessor, Static Content Scraper, OAuth Abuser, Robot Abuser, + TorListRule, Advanced Anomaly Detection, Advanced API Scraper, + Search Engine Crawlers, Public Clouds, Public Cloud AWS, Public + Cloud Azure, and Public Cloud Google. + items: + type: string + type: array + apiProducts: + items: + type: string + description: Optional. A list of API Products. Limit 1000 per action. + type: array + accessTokens: + description: Optional. A list of access_tokens. Limit 1000 per action. + items: + type: string + type: array + GoogleCloudApigeeV1GrpcOperationGroup: type: object + description: >- + List of gRPC operation configuration details associated with Apigee API + proxies. properties: - name: - description: Required. Metric name. - type: string - aggregationFunction: - description: 'Aggregation function: avg, min, max, or sum.' - type: string - alias: + operationConfigs: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1GrpcOperationConfig' + type: array description: >- - Alias for the metric. Alias will be used to replace metric name in - query results. - type: string - operator: - description: One of `+`, `-`, `/`, `%`, `*`. - type: string - value: - description: Operand value should be provided when operator is set. - type: string - GoogleCloudApigeeV1SecurityReport: - id: GoogleCloudApigeeV1SecurityReport - description: >- - SecurityReport saves all the information about the created security - report. + Required. List of operation configurations for either Apigee API + proxies that are associated with this API product. + id: GoogleCloudApigeeV1GrpcOperationGroup + GoogleCloudApigeeV1Attributes: type: object properties: - self: - description: >- - Self link of the query. Example: - `/organizations/myorg/environments/myenv/securityReports/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd` - or following format if query is running at host level: - `/organizations/myorg/hostSecurityReports/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd` - type: string - state: + attribute: + type: array + description: List of attributes. + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + id: GoogleCloudApigeeV1Attributes + GoogleCloudApigeeV1DateRange: + description: Date range of the data to export. + id: GoogleCloudApigeeV1DateRange + type: object + properties: + start: description: >- - Query state could be "enqueued", "running", "completed", "expired" - and "failed". - type: string - created: - description: Creation time of the query. - type: string - updated: - description: Output only. Last updated timestamp for the query. - readOnly: true - type: string - result: - description: Result is available only after the query is completed. - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReportResultMetadata' - resultRows: - description: ResultRows is available only after the query is completed. - type: string - format: int64 - resultFileSize: - description: ResultFileSize is available only after the query is completed. - type: string - executionTime: - description: ExecutionTime is available only after the query is completed. + Required. Start date of the data to export in the format + `yyyy-mm-dd`. The date range begins at 00:00:00 UTC on the start + date. type: string - error: - description: Error is set when query fails. + end: type: string - queryParams: description: >- - Contains information like metrics, dimenstions etc of the Security - Report. - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReportMetadata' - reportDefinitionId: - description: Report Definition ID. - type: string - displayName: - description: Display Name specified by the user. - type: string - envgroupHostname: - description: Hostname is available only when query is executed at host level. - type: string - GoogleCloudApigeeV1SecurityReportResultMetadata: - id: GoogleCloudApigeeV1SecurityReportResultMetadata - description: Contains informations about the security report results. + Required. End date (exclusive) of the data to export in the format + `yyyy-mm-dd`. The date range ends at 00:00:00 UTC on the end date- + which will not be in the output. + GoogleCloudApigeeV1ListTraceConfigOverridesResponse: + id: GoogleCloudApigeeV1ListTraceConfigOverridesResponse type: object properties: - self: + traceConfigOverrides: + description: List all trace configuration overrides in an environment. + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfigOverride' + nextPageToken: description: >- - Self link of the query results. Example: - `/organizations/myorg/environments/myenv/securityReports/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd/result` - or following format if query is running at host level: - `/organizations/myorg/hostSecurityReports/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd/result` + Token value that can be passed as `page_token` to retrieve the next + page of content. type: string - expires: - description: >- - Output only. Expire_time is set to 7 days after report creation. - Query result will be unaccessable after this time. Example: - "2021-05-04T13:38:52-07:00" - readOnly: true - type: string - GoogleCloudApigeeV1SecurityReportMetadata: - id: GoogleCloudApigeeV1SecurityReportMetadata - description: Metadata for the security report. + description: Response for ListTraceConfigOverrides. + GoogleCloudApigeeV1TraceSamplingConfig: type: object + id: GoogleCloudApigeeV1TraceSamplingConfig properties: - metrics: + samplingRate: description: >- - Metrics of the SecurityReport. Example: - ["name:bot_count,func:sum,alias:sum_bot_count"] - type: array - items: - type: string - dimensions: - description: Dimensions of the SecurityReport. - type: array - items: - type: string - startTimestamp: - description: Start timestamp of the query range. - type: string - format: google-datetime - endTimestamp: - description: End timestamp of the query range. - type: string - format: google-datetime - mimeType: - description: MIME type / Output format. - type: string - timeUnit: - description: 'Query GroupBy time unit. Example: "seconds", "minute", "hour"' + Field sampling rate. This value is only applicable when using the + PROBABILITY sampler. The supported values are > 0 and <= 0.5. + format: float + type: number + sampler: + enumDescriptions: + - Sampler unspecified. + - >- + OFF means distributed trace is disabled, or the sampling + probability is 0. + - >- + PROBABILITY means traces are captured on a probability that + defined by sampling_rate. The sampling rate is limited to 0 to 0.5 + when this is set. type: string - GoogleCloudApigeeV1SecurityReportResultView: - id: GoogleCloudApigeeV1SecurityReportResultView - description: The response for security report result view APIs. - type: object + description: Sampler of distributed tracing. OFF is the default value. + enum: + - SAMPLER_UNSPECIFIED + - 'OFF' + - PROBABILITY + description: >- + TraceSamplingConfig represents the detail settings of distributed + tracing. Only the fields that are defined in the distributed trace + configuration can be overridden using the distribute trace configuration + override APIs. + GoogleCloudApigeeV1ApiProxy: properties: - metadata: + readOnly: + type: boolean description: >- - Metadata contains information like metrics, dimenstions etc of the - security report. - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReportMetadata' - rows: + Output only. Whether this proxy is read-only. A read-only proxy + cannot have new revisions created through calls to + CreateApiProxyRevision. A proxy is read-only if it was generated by + an archive. + readOnly: true + space: description: >- - Rows of security report result. Each row is a JSON object. Example: - {sum(message_count): 1, developer_app: "(not set)",…} - type: array - items: - type: any - state: - description: State of retrieving ResultView. - type: string - code: - description: Error code when there is a failure. - type: integer - format: int32 - error: - description: Error message when there is a failure. + Optional. The id of the space this proxy is associated with. Any IAM + policies applied to the space will control access to this proxy. To + learn how Spaces can be used to manage resources, read the [Apigee + Spaces + Overview](https://cloud.google.com/apigee/docs/api-platform/system-administration/spaces/apigee-spaces-overview). type: string - GoogleCloudApigeeV1ListSecurityReportsResponse: - id: GoogleCloudApigeeV1ListSecurityReportsResponse - description: The response for SecurityReports. - type: object - properties: - securityReports: - description: The security reports belong to requested resource name. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReport' - nextPageToken: - description: >- - If the number of security reports exceeded the page size requested, - the token can be used to fetch the next page in a subsequent call. - If the response is the last page and there are no more reports to - return this field is left empty. + apiProxyType: type: string - GoogleCloudApigeeV1QueryTabularStatsRequest: - id: GoogleCloudApigeeV1QueryTabularStatsRequest - description: >- - Request payload representing the query to be run for fetching security - statistics as rows. - type: object - properties: - dimensions: - description: Required. List of dimension names to group the aggregations by. - type: array + description: Output only. The type of the API proxy. + enumDescriptions: + - API proxy type not specified. + - >- + Programmable API Proxies enable you to develop APIs with highly + flexible behavior using bundled policy configuration and one or + more programming languages to describe complex sequential and/or + conditional flows of logic. + - >- + Configurable API Proxies enable you to develop efficient APIs + using simple configuration while complex execution control flow + logic is handled by Apigee. This type only works with the ARCHIVE + deployment type and cannot be combined with the PROXY deployment + type. + readOnly: true + enum: + - API_PROXY_TYPE_UNSPECIFIED + - PROGRAMMABLE + - CONFIGURABLE + revision: items: type: string - metrics: - description: Required. List of metrics and their aggregations. + readOnly: true + description: Output only. List of revisions defined for the API proxy. type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1MetricAggregation' - filter: - description: >- - Filter further on specific dimension values. Follows the same - grammar as custom report's filter expressions. Example, apiproxy eq - 'foobar'. - https://cloud.google.com/apigee/docs/api-platform/analytics/analytics-reference#filters - type: string - timeRange: - description: Time range for the stats. - $ref: '#/components/schemas/GoogleTypeInterval' - pageSize: - description: Page size represents the number of rows. - type: integer - format: int32 - pageToken: - description: Identifies a sequence of rows. - type: string - GoogleCloudApigeeV1MetricAggregation: - id: GoogleCloudApigeeV1MetricAggregation - description: The optionally aggregated metric to query with its ordering. - type: object - properties: - name: - description: Name of the metric - type: string - aggregation: - description: Aggregation function associated with the metric. + metaData: + $ref: '#/components/schemas/GoogleCloudApigeeV1EntityMetadata' + description: Output only. Metadata describing the API proxy. + readOnly: true + latestRevisionId: + readOnly: true type: string - enumDescriptions: - - Unspecified Aggregation function. - - Average. - - Summation. - - Min. - - Max. - - Count distinct - enum: - - AGGREGATION_FUNCTION_UNSPECIFIED - - AVG - - SUM - - MIN - - MAX - - COUNT_DISTINCT - order: description: >- - Ordering for this aggregation in the result. For time series this is - ignored since the ordering of points depends only on the timestamp, - not the values. + Output only. The id of the most recently created revision for this + api proxy. + name: + readOnly: true type: string - enumDescriptions: - - Unspecified order. Default is Descending. - - Ascending sort order. - - Descending sort order. - enum: - - ORDER_UNSPECIFIED - - ASCENDING - - DESCENDING + description: Output only. Name of the API proxy. + labels: + additionalProperties: + type: string + description: User labels applied to this API Proxy. + type: object + description: Metadata describing the API proxy + id: GoogleCloudApigeeV1ApiProxy + type: object GoogleTypeInterval: id: GoogleTypeInterval description: >- @@ -6548,2687 +6682,3043 @@ components: end. When the start equals the end, the interval is empty (matches no time). When both start and end are unspecified, the interval matches any time. - type: object properties: startTime: + type: string + format: google-datetime description: >- Optional. Inclusive start of the interval. If specified, a Timestamp matching this interval will have to be the same or after the start. + endTime: type: string format: google-datetime - endTime: description: >- Optional. Exclusive end of the interval. If specified, a Timestamp matching this interval will have to be before the end. - type: string - format: google-datetime - GoogleCloudApigeeV1QueryTabularStatsResponse: - id: GoogleCloudApigeeV1QueryTabularStatsResponse - description: >- - Encapsulates two kinds of stats that are results of the dimensions and - aggregations requested. - Tabular rows. - Time series data. Example of - tabular rows, Represents security stats results as a row of flat values. + type: object + GoogleCloudApigeeV1DisableSecurityActionRequest: + properties: {} + type: object + description: Message to disable an enabled SecurityAction. + id: GoogleCloudApigeeV1DisableSecurityActionRequest + GoogleCloudApigeeV1ListDeploymentsResponse: type: object properties: - values: - description: Resultant rows from the executed query. - type: array + deployments: + description: List of deployments. items: - type: array - items: - type: any - columns: - description: >- - Column names corresponding to the same order as the inner values in - the stats field. + $ref: '#/components/schemas/GoogleCloudApigeeV1Deployment' type: array - items: - type: string - nextPageToken: - description: Next page token. - type: string - GoogleCloudApigeeV1QueryTimeSeriesStatsRequest: - id: GoogleCloudApigeeV1QueryTimeSeriesStatsRequest - description: >- - QueryTimeSeriesStatsRequest represents a query that returns a collection - of time series sequences grouped by their values. + id: GoogleCloudApigeeV1ListDeploymentsResponse + GoogleTypeTimeOfDay: + id: GoogleTypeTimeOfDay type: object properties: - dimensions: - description: >- - List of dimension names to group the aggregations by. If no - dimensions are passed, a single trend line representing the - requested metric aggregations grouped by environment is returned. - type: array - items: - type: string - metrics: - description: Required. List of metrics and their aggregations. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1MetricAggregation' - filter: + nanos: description: >- - Filter further on specific dimension values. Follows the same - grammar as custom report's filter expressions. Example, apiproxy eq - 'foobar'. - https://cloud.google.com/apigee/docs/api-platform/analytics/analytics-reference#filters - type: string - windowSize: - description: Time buckets to group the stats by. - type: string - enumDescriptions: - - Unspecified window size. Default is 1 hour. - - 1 Minute window - - 1 Hour window - - 1 Day window - - 1 Month window - enum: - - WINDOW_SIZE_UNSPECIFIED - - MINUTE - - HOUR - - DAY - - MONTH - timeRange: - description: Required. Time range for the stats. - $ref: '#/components/schemas/GoogleTypeInterval' - timestampOrder: + Fractions of seconds, in nanoseconds. Must be greater than or equal + to 0 and less than or equal to 999,999,999. + type: integer + format: int32 + hours: + format: int32 description: >- - Order the sequences in increasing or decreasing order of timestamps. - Default is descending order of timestamps (latest first). - type: string - enumDescriptions: - - Unspecified order. Default is Descending. - - Ascending sort order. - - Descending sort order. - enum: - - ORDER_UNSPECIFIED - - ASCENDING - - DESCENDING - pageSize: + Hours of a day in 24 hour format. Must be greater than or equal to 0 + and typically must be less than or equal to 23. An API may choose to + allow the value "24:00:00" for scenarios like business closing time. + type: integer + minutes: description: >- - Page size represents the number of time series sequences, one per - unique set of dimensions and their values. + Minutes of an hour. Must be greater than or equal to 0 and less than + or equal to 59. type: integer format: int32 - pageToken: + seconds: description: >- - Page token stands for a specific collection of time series - sequences. - type: string - GoogleCloudApigeeV1QueryTimeSeriesStatsResponse: - id: GoogleCloudApigeeV1QueryTimeSeriesStatsResponse + Seconds of a minute. Must be greater than or equal to 0 and + typically must be less than or equal to 59. An API may allow the + value 60 if it allows leap-seconds. + type: integer + format: int32 description: >- - Represents security stats result as a collection of time series - sequences. - type: object + Represents a time of day. The date and time zone are either not + significant or are specified elsewhere. An API may choose to allow leap + seconds. Related types are google.type.Date and + `google.protobuf.Timestamp`. + GoogleCloudApigeeV1SecurityReportResultView: + description: The response for security report result view APIs. + id: GoogleCloudApigeeV1SecurityReportResultView properties: - values: - description: Results of the query returned as a JSON array. - type: array + rows: items: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1QueryTimeSeriesStatsResponseSequence - columns: + type: any description: >- - Column names corresponding to the same order as the inner values in - the stats field. + Rows of security report result. Each row is a JSON object. Example: + {sum(message_count): 1, developer_app: "(not set)",…} type: array - items: - type: string - nextPageToken: - description: Next page token. + state: type: string - GoogleCloudApigeeV1QueryTimeSeriesStatsResponseSequence: - id: GoogleCloudApigeeV1QueryTimeSeriesStatsResponseSequence - description: A sequence of time series. + description: State of retrieving ResultView. + metadata: + description: >- + Metadata contains information like metrics, dimenstions etc of the + security report. + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReportMetadata' + error: + type: string + description: Error message when there is a failure. + code: + format: int32 + type: integer + description: Error code when there is a failure. type: object + GoogleCloudApigeeV1DeleteCustomReportResponse: + id: GoogleCloudApigeeV1DeleteCustomReportResponse properties: - dimensions: - description: >- - Map of dimensions and their values that uniquely identifies a time - series sequence. - type: object - additionalProperties: - type: string - points: - description: List of points. First value of each inner list is a timestamp. - type: array - items: - type: array - items: - type: any - GoogleCloudApigeeV1SecurityProfile: - id: GoogleCloudApigeeV1SecurityProfile - description: Represents a SecurityProfile resource. + message: + description: The response contains only a message field. + type: string type: object + GoogleCloudApigeeV1ApiDoc: + id: GoogleCloudApigeeV1ApiDoc + description: >- + `ApiDoc` represents an API catalog item. Catalog items are used in two + ways in a portal: - Users can browse and interact with a visual + representation of the API documentation - The `api_product_name` field + provides a link to a backing [API product] + (/apigee/docs/reference/apis/apigee/rest/v1/organizations.apiproducts). + Through this link, portal users can create and manage developer apps + linked to one or more API products. properties: - name: + siteId: + type: string + description: Output only. The ID of the parent portal. + readOnly: true + graphqlEndpointUrl: description: >- - Immutable. Name of the security profile resource. Format: - organizations/{org}/securityProfiles/{profile} + Optional. DEPRECATED: manage documentation through the + `getDocumentation` and `updateDocumentation` methods type: string - displayName: - description: 'DEPRECATED: DO NOT USE Display name of the security profile.' deprecated: true + published: + description: >- + Optional. Denotes whether the catalog item is published to the + portal or is in a draft state. When the parent portal is enrolled in + the [audience management + feature](https://cloud.google.com/apigee/docs/api-platform/publish/portal/portal-audience#enrolling_in_the_beta_release_of_the_audience_management_feature), + the visibility can be set to public on creation by setting the + anonAllowed flag to true or further managed in the management UI + (see [Manage the visibility of an API in your + portal](https://cloud.google.com/apigee/docs/api-platform/publish/portal/publish-apis#visibility)) + before it can be visible to any users. If not enrolled in the + audience management feature, the visibility is managed by the + `anonAllowed` flag. + type: boolean + imageUrl: + description: >- + Optional. Location of the image used for the catalog item in the + catalog. This can be either an image with an external URL or a file + path for [image files stored in the + portal](/apigee/docs/api-platform/publish/portal/portal-files"), for + example, `/files/book-tree.jpg`. When specifying the URL of an + external image, the image won't be uploaded to your assets; + additionally, loading the image in the integrated portal will be + subject to its availability, which may be blocked or restricted by + [content security + policies](/apigee/docs/api-platform/publish/portal/csp). Max length + of file path is 2,083 characters. type: string - revisionId: - description: Output only. Revision ID of the security profile. - readOnly: true + graphqlSchemaDisplayName: + description: >- + Optional. DEPRECATED: manage documentation through the + `getDocumentation` and `updateDocumentation` methods type: string - format: int64 - revisionCreateTime: - description: Output only. The time when revision was created. - readOnly: true + deprecated: true + apiProductName: + description: >- + Required. Immutable. The `name` field of the associated [API + product](/apigee/docs/reference/apis/apigee/rest/v1/organizations.apiproducts). + A portal may have only one catalog item associated with a given API + product. type: string - format: google-datetime - revisionUpdateTime: - description: Output only. The time when revision was updated. - readOnly: true + edgeAPIProductName: type: string - format: google-datetime - revisionPublishTime: description: >- - Output only. DEPRECATED: DO NOT USE The time when revision was - published. Once published, the security profile revision cannot be - updated further and can be attached to environments. + Optional. Immutable. DEPRECATED: use the `apiProductName` field + instead + description: + description: >- + Optional. Description of the catalog item. Max length is 10,000 + characters. + type: string + id: + description: Output only. The ID of the catalog item. readOnly: true - deprecated: true type: string - format: google-datetime - scoringConfigs: - description: List of profile scoring configs in this revision. - type: array + format: int64 + categoryIds: items: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityProfileScoringConfig - environments: - description: List of environments attached to security profile. + type: string + description: >- + Optional. The IDs of the API categories to which this catalog item + belongs. type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfileEnvironment' - maxScore: + requireCallbackUrl: description: >- - Output only. Maximum security score that can be generated by this - profile. - readOnly: true - type: integer - format: int32 - minScore: + Optional. Whether a callback URL is required when this catalog + item's API product is enabled in a developer app. When true, a + portal user will be required to input a URL when managing the app + (this is typically used for the app's OAuth flow). + type: boolean + modified: description: >- - Output only. Minimum security score that can be generated by this - profile. + Output only. Time the catalog item was last modified in milliseconds + since epoch. + type: string readOnly: true - type: integer - format: int32 - profileConfig: + format: int64 + anonAllowed: description: >- - Required. Customized profile configuration that computes the - security score. - $ref: '#/components/schemas/GoogleCloudApigeeV1ProfileConfig' - description: - description: Description of the security profile. - type: string - GoogleCloudApigeeV1SecurityProfileScoringConfig: - id: GoogleCloudApigeeV1SecurityProfileScoringConfig - description: Security configurations to manage scoring. - type: object - properties: - title: - description: Title of the config. + Optional. Boolean flag that manages user access to the catalog item. + When true, the catalog item has public visibility and can be viewed + anonymously; otherwise, only registered users may view it. Note: + when the parent portal is enrolled in the [audience management + feature](https://cloud.google.com/apigee/docs/api-platform/publish/portal/portal-audience#enrolling_in_the_beta_release_of_the_audience_management_feature), + and this flag is set to false, visibility is set to an indeterminate + state and must be explicitly specified in the management UI (see + [Manage the visibility of an API in your + portal](https://cloud.google.com/apigee/docs/api-platform/publish/portal/publish-apis#visibility)). + Additionally, when enrolled in the audience management feature, + updates to this flag will be ignored as visibility permissions must + be updated in the management UI. + type: boolean + specId: + description: 'Optional. DEPRECATED: DO NOT USE' type: string - scorePath: - description: Path of the component config used for scoring. + deprecated: true + graphqlSchema: + deprecated: true type: string - description: - description: Description of the config. + description: >- + Optional. DEPRECATED: manage documentation through the + `getDocumentation` and `updateDocumentation` methods + title: type: string - GoogleCloudApigeeV1SecurityProfileEnvironment: - id: GoogleCloudApigeeV1SecurityProfileEnvironment - description: >- - Environment information of attached environments. Scoring an environment - is enabled only if it is attached to a security profile. + description: >- + Required. The user-facing name of the catalog item. `title` must be + a non-empty string with a max length of 255 characters. + visibility: + description: 'Optional. DEPRECATED: use the `published` field instead' + type: boolean + type: object + GoogleCloudApigeeV1MoveApiProductRequest: type: object properties: - environment: - description: Output only. Name of the environment. - readOnly: true + space: type: string - attachTime: description: >- - Output only. Time at which environment was attached to the security - profile. + Optional. Resource ID of the space to move the API product to. If + unspecified, the API product will be moved to the organization + level. + description: Moves API product to a different space. + id: GoogleCloudApigeeV1MoveApiProductRequest + GoogleCloudApigeeV1EnvironmentGroupAttachment: + properties: + name: + description: ID of the environment group attachment. + type: string + createdAt: readOnly: true + description: >- + Output only. The time at which the environment group attachment was + created as milliseconds since epoch. + format: int64 type: string - format: google-datetime - GoogleCloudApigeeV1ProfileConfig: - id: GoogleCloudApigeeV1ProfileConfig + environment: + type: string + description: Required. ID of the attached environment. + environmentGroupId: + description: Output only. ID of the environment group. + type: string + readOnly: true description: >- - ProfileConfig defines a set of categories and policies which will be - used to compute security score. + EnvironmentGroupAttachment is a resource which defines an attachment of + an environment to an environment group. + id: GoogleCloudApigeeV1EnvironmentGroupAttachment type: object + EdgeConfigstoreBundleBadBundle: properties: - categories: - description: List of categories of profile config. + violations: + description: Describes all precondition violations. type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1ProfileConfigCategory' - GoogleCloudApigeeV1ProfileConfigCategory: - id: GoogleCloudApigeeV1ProfileConfigCategory - description: >- - Advanced API Security provides security profile that scores the - following categories. - type: object - properties: - abuse: - description: >- - Checks for abuse, which includes any requests sent to the API for - purposes other than what it is intended for, such as high volumes of - requests, data scraping, and abuse related to authorization. - $ref: '#/components/schemas/GoogleCloudApigeeV1ProfileConfigAbuse' - mediation: - description: Checks to see if you have a mediation policy in place. - $ref: '#/components/schemas/GoogleCloudApigeeV1ProfileConfigMediation' - authorization: - description: Checks to see if you have an authorization policy in place. - $ref: '#/components/schemas/GoogleCloudApigeeV1ProfileConfigAuthorization' - threat: - description: Checks to see if you have a threat protection policy in place. - $ref: '#/components/schemas/GoogleCloudApigeeV1ProfileConfigThreat' - mtls: - description: Checks to see if you have configured mTLS for the target server. - $ref: '#/components/schemas/GoogleCloudApigeeV1ProfileConfigMTLS' - cors: - description: Checks to see if you have CORS policy in place. - $ref: '#/components/schemas/GoogleCloudApigeeV1ProfileConfigCORS' - GoogleCloudApigeeV1ProfileConfigAbuse: - id: GoogleCloudApigeeV1ProfileConfigAbuse - description: >- - Checks for abuse, which includes any requests sent to the API for - purposes other than what it is intended for, such as high volumes of - requests, data scraping, and abuse related to authorization. - type: object - properties: {} - GoogleCloudApigeeV1ProfileConfigMediation: - id: GoogleCloudApigeeV1ProfileConfigMediation - description: >- - By default, following policies will be included: - OASValidation - - SOAPMessageValidation - type: object - properties: {} - GoogleCloudApigeeV1ProfileConfigAuthorization: - id: GoogleCloudApigeeV1ProfileConfigAuthorization - description: >- - By default, following policies will be included: - JWS - JWT - OAuth - - BasicAuth - APIKey - type: object - properties: {} - GoogleCloudApigeeV1ProfileConfigThreat: - id: GoogleCloudApigeeV1ProfileConfigThreat - description: >- - By default, following policies will be included: - XMLThreatProtection - - JSONThreatProtection - type: object - properties: {} - GoogleCloudApigeeV1ProfileConfigMTLS: - id: GoogleCloudApigeeV1ProfileConfigMTLS - description: Checks to see if you have configured mTLS for the target server. - type: object - properties: {} - GoogleCloudApigeeV1ProfileConfigCORS: - id: GoogleCloudApigeeV1ProfileConfigCORS - description: Checks to see if you have CORS policy in place. + $ref: '#/components/schemas/EdgeConfigstoreBundleBadBundleViolation' + description: Describes why a bundle is invalid. Intended for use in error details. + id: EdgeConfigstoreBundleBadBundle type: object - properties: {} - GoogleCloudApigeeV1ListSecurityProfilesResponse: - id: GoogleCloudApigeeV1ListSecurityProfilesResponse - description: Response for ListSecurityProfiles. + GoogleCloudApigeeV1ListDeveloperSubscriptionsResponse: + description: Response for ListDeveloperSubscriptions. type: object properties: - securityProfiles: + nextStartKey: + type: string description: >- - List of security profiles in the organization. The profiles may be - attached or unattached to any environment. This will return latest - revision of each profile. - type: array + Value that can be sent as `startKey` to retrieve the next page of + content. If this field is omitted, there are no subsequent pages. + developerSubscriptions: items: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfile' - nextPageToken: - description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudApigeeV1ListSecurityProfileRevisionsResponse: - id: GoogleCloudApigeeV1ListSecurityProfileRevisionsResponse - description: Response for ListSecurityProfileRevisions. + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperSubscription' + description: List of all subscriptions. + type: array + id: GoogleCloudApigeeV1ListDeveloperSubscriptionsResponse + GoogleCloudApigeeV1ListAsyncQueriesResponse: type: object + description: The response for ListAsyncQueries. properties: - securityProfiles: - description: >- - List of security profile revisions. The revisions may be attached or - unattached to any environment. + queries: type: array + description: The asynchronous queries belong to requested resource name. items: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfile' - nextPageToken: - description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudApigeeV1SecurityProfileEnvironmentAssociation: - id: GoogleCloudApigeeV1SecurityProfileEnvironmentAssociation - description: Represents a SecurityProfileEnvironmentAssociation resource. - type: object + $ref: '#/components/schemas/GoogleCloudApigeeV1AsyncQuery' + id: GoogleCloudApigeeV1ListAsyncQueriesResponse + GoogleCloudApigeeV1SecurityAssessmentResultScoringResult: + description: The result of the assessment. properties: - name: - description: Immutable. Name of the environment that the profile is attached to. - type: string - securityProfileRevisionId: - description: 'DEPRECATED: DO NOT USE Revision ID of the security profile.' - deprecated: true - type: string - format: int64 - attachTime: + failedAssessmentPerWeight: + type: object description: >- - Output only. The time when environment was attached to the security - profile. - readOnly: true + The number of failed assessments grouped by its weight. Keys are one + of the following: "MAJOR", "MODERATE", "MINOR". + additionalProperties: + format: int32 + type: integer + severity: type: string - format: google-datetime - GoogleCloudApigeeV1ComputeEnvironmentScoresRequest: - id: GoogleCloudApigeeV1ComputeEnvironmentScoresRequest - description: Request for ComputeEnvironmentScores. - type: object - properties: - timeRange: - description: >- - Required. Time range for score calculation. At most 14 days of - scores will be returned, and both the start and end dates must be - within the last 90 days. - $ref: '#/components/schemas/GoogleTypeInterval' - filters: + enum: + - SEVERITY_UNSPECIFIED + - LOW + - MEDIUM + - HIGH + - MINIMAL + enumDescriptions: + - Severity is not defined. + - Severity is low. + - Severity is medium. + - Severity is high. + - Severity is minimal + assessmentRecommendations: + type: object description: >- - Optional. Filters are used to filter scored components. Return all - the components if no filter is mentioned. Example: [{ "scorePath": - "/org@myorg/envgroup@myenvgroup/env@myenv/proxies/proxy@myproxy/source" - }, { "scorePath": - "/org@myorg/envgroup@myenvgroup/env@myenv/proxies/proxy@myproxy/target", - }] This will return components with path: - "/org@myorg/envgroup@myenvgroup/env@myenv/proxies/proxy@myproxy/source" - OR - "/org@myorg/envgroup@myenvgroup/env@myenv/proxies/proxy@myproxy/target" - type: array - items: + The recommendations of the assessment. The key is the "name" of the + assessment (not display_name), and the value are the + recommendations. + additionalProperties: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ComputeEnvironmentScoresRequestFilter - pageSize: - description: >- - Optional. The maximum number of subcomponents to be returned in a - single page. The service may return fewer than this value. If - unspecified, at most 100 subcomponents will be returned in a single - page. - type: integer + #/components/schemas/GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendation + score: + description: The security score of the assessment. format: int32 - pageToken: - description: >- - Optional. A token that can be sent as `page_token` to retrieve the - next page. If this field is omitted, there are no subsequent pages. + type: integer + dataUpdateTime: type: string - GoogleCloudApigeeV1ComputeEnvironmentScoresRequestFilter: - id: GoogleCloudApigeeV1ComputeEnvironmentScoresRequestFilter - description: >- - Filter scores by component path. Used custom filter instead of AIP-160 - as the use cases are highly constrained and predictable. - type: object - properties: - scorePath: + format: google-datetime description: >- - Optional. Return scores for this component. Example: - "/org@myorg/envgroup@myenvgroup/env@myenv/proxies/proxy@myproxy/source" - type: string - GoogleCloudApigeeV1ComputeEnvironmentScoresResponse: - id: GoogleCloudApigeeV1ComputeEnvironmentScoresResponse - description: Response for ComputeEnvironmentScores. + The time when resource data was last fetched for this resource. This + time may be different than when the resource was actually updated + due to lag in data collection. + id: GoogleCloudApigeeV1SecurityAssessmentResultScoringResult type: object + GoogleCloudApigeeV1SchemaSchemaProperty: + id: GoogleCloudApigeeV1SchemaSchemaProperty + description: Properties for the schema field. properties: - scores: - description: List of scores. One score per day. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Score' - nextPageToken: + custom: description: >- - A page token, received from a previous `ComputeScore` call. Provide - this to retrieve the subsequent page. + Flag that specifies whether the field is standard in the dataset or + a custom field created by the customer. `true` indicates that it is + a custom field. type: string - GoogleCloudApigeeV1Score: - id: GoogleCloudApigeeV1Score - description: Represents Security Score. + type: + description: Data type of the field. + type: string + createTime: + type: string + description: >- + Time the field was created in RFC3339 string form. For example: + `2016-02-26T10:23:09.592Z`. type: object - properties: - timeRange: - description: Start and end time for the score. - $ref: '#/components/schemas/GoogleTypeInterval' - component: - description: Component containing score, recommendations and actions. - $ref: '#/components/schemas/GoogleCloudApigeeV1ScoreComponent' - subcomponents: - description: List of all the drilldown score components. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1ScoreComponent' - GoogleCloudApigeeV1ScoreComponent: - id: GoogleCloudApigeeV1ScoreComponent - description: Component is an individual security element that is scored. + GoogleRpcPreconditionFailureViolation: + id: GoogleRpcPreconditionFailureViolation type: object properties: - score: - description: Score for the component. - type: integer - format: int32 - scorePath: - description: >- - Path of the component. Example: - /org@myorg/envgroup@myenvgroup/proxies/proxy@myproxy + description: type: string - recommendations: - description: List of recommendations to improve API security. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ScoreComponentRecommendation - dataCaptureTime: description: >- - Time in the requested time period when data was last captured to - compute the score. + A description of how the precondition failed. Developers can use + this description to understand how to fix the failure. For example: + "Terms of service not accepted". + subject: type: string - format: google-datetime - calculateTime: - description: Time when score was calculated. + description: >- + The subject, relative to the type, that failed. For example, + "google.com/cloud" relative to the "TOS" type would indicate which + terms of service is being referenced. + type: + description: >- + The type of PreconditionFailure. We recommend using a + service-specific enum type to define the supported precondition + violation subjects. For example, "TOS" for "Terms of Service + violation". type: string - format: google-datetime - drilldownPaths: - description: List of paths for next components. + description: A message type used to describe a single precondition failure. + GoogleCloudApigeeV1Operation: + id: GoogleCloudApigeeV1Operation + type: object + description: >- + Represents the pairing of REST resource path and the actions (verbs) + allowed on the resource path. + properties: + methods: type: array + description: >- + methods refers to the REST verbs as in + https://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html. When none + specified, all verb types are allowed. items: type: string - GoogleCloudApigeeV1ScoreComponentRecommendation: - id: GoogleCloudApigeeV1ScoreComponentRecommendation - description: Recommendation based on security concerns and score. - type: object + resource: + type: string + description: >- + Required. REST resource path associated with the API proxy or remote + service. + GoogleCloudApigeeV1ApiDocResponse: + description: The catalog item resource wrapped with response status, error_code, etc. properties: - title: - description: Title represents recommendation title. + status: type: string - description: - description: Description of the recommendation. + description: Status of the operation. + requestId: + description: Unique ID of the request. type: string - impact: - description: >- - Potential impact of this recommendation on the overall score. This - denotes how important this recommendation is to improve the score. - type: integer - format: int32 - actions: - description: Actions for the recommendation to improve the security score. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ScoreComponentRecommendationAction - GoogleCloudApigeeV1ScoreComponentRecommendationAction: - id: GoogleCloudApigeeV1ScoreComponentRecommendationAction - description: Action to improve security score. + message: + type: string + description: Description of the operation. + errorCode: + type: string + description: Unique error code for the request, if any. + data: + description: The catalog item resource. + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDoc' + type: object + id: GoogleCloudApigeeV1ApiDocResponse + GoogleCloudApigeeV1CreditDeveloperBalanceRequest: type: object + id: GoogleCloudApigeeV1CreditDeveloperBalanceRequest + description: Request for CreditDeveloperBalance. properties: - description: - description: Description of the action. + transactionAmount: + $ref: '#/components/schemas/GoogleTypeMoney' + description: >- + The amount of money to be credited. The wallet corresponding to the + currency specified within `transaction_amount` will be updated. For + example, if you specified `currency_code` within + `transaction_amount` as "USD", then the amount would be added to the + wallet which has the "USD" currency or if no such wallet exists, a + new wallet will be created with the "USD" currency. + transactionId: type: string - actionContext: - description: Action context for the action. - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ScoreComponentRecommendationActionActionContext - GoogleCloudApigeeV1ScoreComponentRecommendationActionActionContext: - id: GoogleCloudApigeeV1ScoreComponentRecommendationActionActionContext - description: Action context are all the relevant details for the action. + description: >- + Each transaction_id uniquely identifies a credit balance request. If + multiple requests are received with the same transaction_id, only + one of them will be considered. + GoogleCloudApigeeV1GetAsyncQueryResultUrlResponse: + description: The response for GetAsyncQueryResultUrl type: object properties: - documentationLink: - description: Documentation link for the action. - type: string - GoogleCloudApigeeV1SecurityIncident: - id: GoogleCloudApigeeV1SecurityIncident - description: Represents an SecurityIncident resource. + urls: + items: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1GetAsyncQueryResultUrlResponseURLInfo + type: array + description: The list of Signed URLs generated by the CreateAsyncQuery request + id: GoogleCloudApigeeV1GetAsyncQueryResultUrlResponse + GoogleCloudApigeeV1SecurityActionsConfig: type: object + id: GoogleCloudApigeeV1SecurityActionsConfig properties: + enabled: + description: >- + The flag that controls whether this feature is enabled. This is + `unset` by default. When this flag is `false`, even if individual + rules are enabled, no SecurityActions will be enforced. + type: boolean name: + type: string description: >- - Immutable. Name of the security incident resource. Format: - organizations/{org}/environments/{environment}/securityIncidents/{incident} - Example: - organizations/apigee-org/environments/dev/securityIncidents/1234-5678-9101-1111 - type: string - displayName: - description: Optional. Display name of the security incident. + This is a singleton resource, the name will always be set by + SecurityActions and any user input will be ignored. The name is + always: + `organizations/{org}/environments/{env}/security_actions_config` + updateTime: + format: google-datetime type: string - firstDetectedTime: - description: >- - Output only. The time when events associated with the incident were - first detected. + description: Output only. The update time for configuration. readOnly: true - type: string - format: google-datetime - lastDetectedTime: + description: >- + SecurityActionsConfig reflects the current state of the SecurityActions + feature. This is a singleton resource: https://google.aip.dev/156 + GoogleCloudApigeeV1GenerateDownloadUrlResponse: + id: GoogleCloudApigeeV1GenerateDownloadUrlResponse + properties: + downloadUri: description: >- - Output only. The time when events associated with the incident were - last detected. - readOnly: true + The Google Cloud Storage signed URL that can be used to download the + Archive zip file. type: string - format: google-datetime - detectionTypes: - description: >- - Output only. Detection types which are part of the incident. - Examples: Flooder, OAuth Abuser, Static Content Scraper, Anomaly - Detection. + description: Response for GenerateDownloadUrl method. + type: object + GoogleCloudApigeeV1NatAddress: + id: GoogleCloudApigeeV1NatAddress + description: >- + Apigee NAT(network address translation) address. A NAT address is a + static external IP address used for Internet egress traffic. + type: object + properties: + ipAddress: + description: Output only. The static IPV4 address. readOnly: true - type: array - items: - type: string - trafficCount: - description: Total traffic detected as part of the incident. type: string - format: int64 - riskLevel: - description: Output only. Risk level of the incident. + state: readOnly: true - type: string - enumDescriptions: - - Risk Level Unspecified. - - Risk level of the incident is low. - - Risk level of the incident is moderate. - - Risk level of the incident is severe. - enum: - - RISK_LEVEL_UNSPECIFIED - - LOW - - MODERATE - - SEVERE - observability: - description: Optional. Indicates if the user archived this incident. - type: string - enumDescriptions: - - The incident observability is unspecified. - - >- - The incident is currently active. Can change to this status from - archived. - - >- - The incident is currently archived and was archived by the - customer. enum: - - OBSERVABILITY_UNSPECIFIED + - STATE_UNSPECIFIED + - CREATING + - RESERVED - ACTIVE - - ARCHIVED - lastObservabilityChangeTime: - description: >- - Output only. The time when the incident observability was last - changed. - readOnly: true + - DELETING type: string - format: google-datetime - GoogleCloudApigeeV1ListSecurityIncidentsResponse: - id: GoogleCloudApigeeV1ListSecurityIncidentsResponse - description: Response for ListSecurityIncidents. - type: object - properties: - securityIncidents: - description: List of security incidents in the organization - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityIncident' - nextPageToken: - description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. + description: Output only. State of the nat address. + enumDescriptions: + - The resource is in an unspecified state. + - The NAT address is being created. + - The NAT address is reserved but not yet used for Internet egress. + - The NAT address is active and used for Internet egress. + - The NAT address is being deleted. + name: + description: Required. Resource ID of the NAT address. type: string - GoogleCloudApigeeV1BatchUpdateSecurityIncidentsRequest: - id: GoogleCloudApigeeV1BatchUpdateSecurityIncidentsRequest - description: Request for BatchUpdateSecurityIncident. - type: object - properties: - requests: - description: >- - Optional. Required. The request message specifying the resources to - update. A maximum of 1000 can be modified in a batch. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1UpdateSecurityIncidentRequest - GoogleCloudApigeeV1UpdateSecurityIncidentRequest: - id: GoogleCloudApigeeV1UpdateSecurityIncidentRequest - description: Request for UpdateSecurityIncident. + GoogleCloudApigeeV1GetAsyncQueryResultUrlResponseURLInfo: type: object + id: GoogleCloudApigeeV1GetAsyncQueryResultUrlResponseURLInfo properties: - securityIncident: - description: >- - Required. The security incident to update. Must contain all existing - populated fields of the current incident. - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityIncident' - updateMask: - description: >- - Required. The list of fields to update. Allowed fields are: - LINT.IfChange(allowed_update_fields_comment) - observability - LINT.ThenChange() + sizeBytes: + description: The size of the returned file in bytes + format: int64 type: string - format: google-fieldmask - GoogleCloudApigeeV1BatchUpdateSecurityIncidentsResponse: - id: GoogleCloudApigeeV1BatchUpdateSecurityIncidentsResponse - description: Response for BatchUpdateSecurityIncident. - type: object - properties: - securityIncidents: - description: Output only. Updated security incidents - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityIncident' - GoogleCloudApigeeV1SecurityActionsConfig: - id: GoogleCloudApigeeV1SecurityActionsConfig - description: >- - SecurityActionsConfig reflects the current state of the SecurityActions - feature. This is a singleton resource: https://google.aip.dev/156 - type: object - properties: - name: - description: >- - This is a singleton resource, the name will always be set by - SecurityActions and any user input will be ignored. The name is - always: - `organizations/{org}/environments/{env}/security_actions_config` + md5: + description: The MD5 Hash of the JSON data type: string - enabled: + uri: description: >- - The flag that controls whether this feature is enabled. This is - `unset` by default. When this flag is `false`, even if individual - rules are enabled, no SecurityActions will be enforced. - type: boolean - updateTime: - description: Output only. The update time for configuration. - readOnly: true + The signed URL of the JSON data. Will be of the form + `https://storage.googleapis.com/example-bucket/cat.jpeg?X-Goog-Algorithm= + GOOG4-RSA-SHA256&X-Goog-Credential=example%40example-project.iam.gserviceaccount + .com%2F20181026%2Fus-central1%2Fstorage%2Fgoog4_request&X-Goog-Date=20181026T18 + 1309Z&X-Goog-Expires=900&X-Goog-SignedHeaders=host&X-Goog-Signature=247a2aa45f16 + 9edf4d187d54e7cc46e4731b1e6273242c4f4c39a1d2507a0e58706e25e3a85a7dbb891d62afa849 + 6def8e260c1db863d9ace85ff0a184b894b117fe46d1225c82f2aa19efd52cf21d3e2022b3b868dc + c1aca2741951ed5bf3bb25a34f5e9316a2841e8ff4c530b22ceaa1c5ce09c7cbb5732631510c2058 + 0e61723f5594de3aea497f195456a2ff2bdd0d13bad47289d8611b6f9cfeef0c46c91a455b94e90a + 66924f722292d21e24d31dcfb38ce0c0f353ffa5a9756fc2a9f2b40bc2113206a81e324fc4fd6823 + a29163fa845c8ae7eca1fcf6e5bb48b3200983c56c5ca81fffb151cca7402beddfc4a76b13344703 + 2ea7abedc098d2eb14a7` type: string - format: google-datetime - GoogleCloudApigeeV1SecurityAction: - id: GoogleCloudApigeeV1SecurityAction - description: >- - A SecurityAction is rule that can be enforced at an environment level. - The result is one of: - A denied API call - An explicitly allowed API - call - A flagged API call (HTTP headers added before the target receives - it) At least one condition is required to create a SecurityAction. + description: A Signed URL and the relevant metadata associated with it. + GoogleCloudApigeeV1RatePlan: + description: Rate plan details. type: object properties: - name: - description: >- - Immutable. This field is ignored during creation as per AIP-133. - Please set the `security_action_id` field in the - CreateSecurityActionRequest when creating a new SecurityAction. - Format: - organizations/{org}/environments/{env}/securityActions/{security_action} - type: string - description: - description: >- - Optional. An optional user provided description of the - SecurityAction. - type: string state: - description: >- - Required. Only an ENABLED SecurityAction is enforced. An ENABLED - SecurityAction past its expiration time will not be enforced. + description: Current state of the rate plan (draft or published). + enum: + - STATE_UNSPECIFIED + - DRAFT + - PUBLISHED + enumDescriptions: + - State of the rate plan is not specified. + - Rate plan is in draft mode and only visible to API providers. + - >- + Rate plan is published and will become visible to developers for + the configured duration (between `startTime` and `endTime`). + type: string + revenueShareType: type: string enumDescriptions: + - Revenue share type is not specified. - >- - The default value. This only exists for forward compatibility. A - create request with this value will be rejected. + Fixed percentage of the total revenue will be shared. The + percentage to be shared can be configured by the API provider. - >- - An ENABLED SecurityAction is actively enforced if the - `expiration_time` is in the future. - - A disabled SecurityAction is never enforced. + Amount of revenue shared depends on the number of API calls. The + API call volume ranges and the revenue share percentage for each + volume can be configured by the API provider. **Note**: Not + supported by Apigee at this time. enum: - - STATE_UNSPECIFIED - - ENABLED - - DISABLED - allow: - description: Allow a request through if it matches this SecurityAction. - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityActionAllow' - deny: - description: Deny a request through if it matches this SecurityAction. - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityActionDeny' - flag: - description: Flag a request through if it matches this SecurityAction. - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityActionFlag' - expireTime: - description: The expiration for this SecurityAction. + - REVENUE_SHARE_TYPE_UNSPECIFIED + - FIXED + - VOLUME_BANDED + description: Method used to calculate the revenue that is shared with developers. + description: type: string - format: google-datetime - ttl: - description: Input only. The TTL for this SecurityAction. + description: Description of the rate plan. + fixedFeeFrequency: + description: Frequency at which the fixed fee is charged. + format: int32 + type: integer + paymentFundingModel: + enum: + - PAYMENT_FUNDING_MODEL_UNSPECIFIED + - PREPAID + - POSTPAID + enumDescriptions: + - Billing account type not specified. + - >- + Prepaid billing account type. Developer pays in advance for the + use of your API products. Funds are deducted from their prepaid + account balance. **Note**: Not supported by Apigee at this time. + - >- + Postpaid billing account type. Developer is billed through an + invoice after using your API products. + description: >- + DEPRECATED: This field is no longer supported and will eventually be + removed when Apigee Hybrid 1.5/1.6 is no longer supported. Instead, + use the `billingType` field inside `DeveloperMonetizationConfig` + resource. Flag that specifies the billing account type, prepaid or + postpaid. + deprecated: true + type: string + consumptionPricingType: + type: string + description: Pricing model used for consumption-based charges. + enum: + - CONSUMPTION_PRICING_TYPE_UNSPECIFIED + - FIXED_PER_UNIT + - BANDED + - TIERED + - STAIRSTEP + enumDescriptions: + - Pricing model not specified. This is the default. + - Fixed rate charged for each API call. + - >- + Variable rate charged for each API call based on price tiers. + Example: * 1-100 calls cost $2 per call * 101-200 calls cost $1.50 + per call * 201-300 calls cost $1 per call * Total price for 50 + calls: 50 x $2 = $100 * Total price for 150 calls: 100 x $2 + 50 x + $1.5 = $275 * Total price for 250 calls: 100 x $2 + 100 x $1.5 + + 50 x $1 = $400. + - '**Note**: Not supported by Apigee at this time.' + - '**Note**: Not supported by Apigee at this time.' + apiproduct: + type: string + description: Name of the API product that the rate plan is associated with. + lastModifiedAt: type: string - format: google-duration - createTime: - description: Output only. The create time for this SecurityAction. readOnly: true + format: int64 + description: >- + Output only. Time the rate plan was last modified in milliseconds + since epoch. + billingPeriod: type: string - format: google-datetime - updateTime: + description: Frequency at which the customer will be billed. + enum: + - BILLING_PERIOD_UNSPECIFIED + - WEEKLY + - MONTHLY + enumDescriptions: + - Billing period not specified. + - >- + Weekly billing period. **Note**: Not supported by Apigee at this + time. + - Monthly billing period. + endTime: + format: int64 description: >- - Output only. The update time for this SecurityAction. This reflects - when this SecurityAction changed states. - readOnly: true + Time when the rate plan will expire in milliseconds since epoch. Set + to 0 or `null` to indicate that the rate plan should never expire. + type: string + currencyCode: type: string - format: google-datetime - apiProxies: description: >- - Optional. If unset, this would apply to all proxies in the - environment. If set, this action is enforced only if at least one - proxy in the repeated list is deployed at the time of enforcement. - If set, several restrictions are enforced on SecurityActions. There - can be at most 100 enabled actions with proxies set in an env. - Several other restrictions apply on conditions and are detailed - later. + Currency to be used for billing. Consists of a three-letter code as + defined by the [ISO 4217](https://en.wikipedia.org/wiki/ISO_4217) + standard. + startTime: + type: string + description: Time when the rate plan becomes active in milliseconds since epoch. + format: int64 + createdAt: + type: string + format: int64 + description: >- + Output only. Time that the rate plan was created in milliseconds + since epoch. + readOnly: true + setupFee: + $ref: '#/components/schemas/GoogleTypeMoney' + description: Initial, one-time fee paid when purchasing the API product. + name: + description: Output only. Name of the rate plan. + readOnly: true + type: string + revenueShareRates: type: array items: - type: string - conditionConfig: - description: >- - Required. A valid SecurityAction must contain at least one - condition. - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityActionConditionConfig - GoogleCloudApigeeV1SecurityActionAllow: - id: GoogleCloudApigeeV1SecurityActionAllow - description: >- - Message that should be set in case of an Allow Action. This does not - have any fields. - type: object - properties: {} - GoogleCloudApigeeV1SecurityActionDeny: - id: GoogleCloudApigeeV1SecurityActionDeny - description: Message that should be set in case of a Deny Action. - type: object - properties: - responseCode: - description: Optional. The HTTP response code if the Action = DENY. - type: integer - format: int32 - GoogleCloudApigeeV1SecurityActionFlag: - id: GoogleCloudApigeeV1SecurityActionFlag - description: The message that should be set in the case of a Flag action. - type: object - properties: - headers: + $ref: '#/components/schemas/GoogleCloudApigeeV1RevenueShareRange' + description: Details of the revenue sharing model. + displayName: + type: string + description: Display name of the rate plan. + consumptionPricingRates: description: >- - Optional. A list of HTTP headers to be sent to the target in case of - a FLAG SecurityAction. Limit 5 headers per SecurityAction. At least - one is mandatory. - type: array + API call volume ranges and the fees charged when the total number of + API calls is within a given range. The method used to calculate the + final fee depends on the selected pricing model. For example, if the + pricing model is `BANDED` and the ranges are defined as follows: ``` + { "start": 1, "end": 100, "fee": 2 }, { "start": 101, "end": 200, + "fee": 1.50 }, { "start": 201, "end": 0, "fee": 1 }, } ``` Then the + following fees would be charged based on the total number of API + calls (assuming the currency selected is `USD`): * 50 calls cost 50 + x $2 = $100 * 150 calls cost 100 x $2 + 50 x $1.5 = $275 * 250 calls + cost 100 x $2 + 100 x $1.5 + 50 x $1 = $400 * 500 calls cost 100 x + $2 + 100 x $1.5 + 300 x $1 = $650 items: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityActionHttpHeader' - GoogleCloudApigeeV1SecurityActionHttpHeader: - id: GoogleCloudApigeeV1SecurityActionHttpHeader - description: An HTTP header. - type: object + $ref: '#/components/schemas/GoogleCloudApigeeV1RateRange' + type: array + fixedRecurringFee: + description: >- + Fixed amount that is charged at a defined interval and billed in + advance of use of the API product. The fee will be prorated for the + first billing period. + $ref: '#/components/schemas/GoogleTypeMoney' + id: GoogleCloudApigeeV1RatePlan + GoogleCloudApigeeV1AppGroupAppKey: properties: - name: - description: The header name to be sent to the target. + expiresInSeconds: type: string - value: - description: The header value to be sent to the target. + format: int64 + description: >- + Immutable. Expiration time, in seconds, for the consumer key. If not + set or left to the default value of `-1`, the API key never expires. + The expiration time can't be updated after it is set. + expiresAt: + readOnly: true type: string - GoogleCloudApigeeV1SecurityActionConditionConfig: - id: GoogleCloudApigeeV1SecurityActionConditionConfig - description: >- - The following are a list of conditions. A valid SecurityAction must - contain at least one condition. Within a condition, each element is - ORed. Across conditions elements are ANDed. For example if a - SecurityAction has the following: ip_address_ranges: ["ip1", "ip2"] and - bot_reasons: ["Flooder", "Robot Abuser"] then this is interpreted as: - enforce the action if the incoming request has ((ip_address_ranges = - "ip1" OR ip_address_ranges = "ip2") AND (bot_reasons="Flooder" OR - bot_reasons="Robot Abuser")). Conditions other than ip_address_ranges - and bot_reasons cannot be ANDed. - type: object - properties: - ipAddressRanges: + format: int64 description: >- - Optional. A list of IP addresses. This could be either IPv4 or IPv6. - Limited to 100 per action. - type: array - items: - type: string - botReasons: + Output only. Time the AppGroup app expires in milliseconds since + epoch. + status: + type: string description: >- - Optional. A list of Bot Reasons. Current options: Flooder, Brute - Guessor, Static Content Scraper, OAuth Abuser, Robot Abuser, - TorListRule, Advanced Anomaly Detection, Advanced API Scraper, - Search Engine Crawlers, Public Clouds, Public Cloud AWS, Public - Cloud Azure, and Public Cloud Google. - type: array - items: - type: string - httpMethods: + Status of the credential. Valid values include `approved` or + `revoked`. + issuedAt: description: >- - Optional. Act only on particular HTTP methods. E.g. A read-only API - can block POST/PUT/DELETE methods. Accepted values are: GET, HEAD, - POST, PUT, DELETE, CONNECT, OPTIONS, TRACE and PATCH. - type: array + Output only. Time the AppGroup app was created in milliseconds since + epoch. + type: string + readOnly: true + format: int64 + scopes: + description: >- + Scopes to apply to the app. The specified scope names must already + be defined for the API product that you associate with the app. items: type: string - apiKeys: - description: Optional. A list of API keys. Limit 1000 per action. type: array - items: - type: string - accessTokens: - description: Optional. A list of access_tokens. Limit 1000 per action. - type: array - items: - type: string apiProducts: - description: Optional. A list of API Products. Limit 1000 per action. + description: >- + Output only. List of API products and its status for which the + credential can be used. **Note**: Use + UpdateAppGroupAppKeyApiProductRequest API to make the association + after the consumer key and secret are created. + readOnly: true type: array items: - type: string - developerApps: - description: Optional. A list of developer apps. Limit 1000 per action. + $ref: '#/components/schemas/GoogleCloudApigeeV1APIProductAssociation' + attributes: type: array + description: List of attributes associated with the credential. items: - type: string - developers: - description: Optional. A list of developers. Limit 1000 per action. - type: array + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + consumerKey: + description: Immutable. Consumer key. + type: string + consumerSecret: + description: Secret key. + type: string + id: GoogleCloudApigeeV1AppGroupAppKey + type: object + description: >- + AppGroupAppKey contains all the information associated with the + credentials. + GoogleCloudApigeeV1ListHybridIssuersResponse: + id: GoogleCloudApigeeV1ListHybridIssuersResponse + type: object + properties: + issuers: items: - type: string - userAgents: - description: >- - Optional. A list of user agents to deny. We look for exact matches. - Limit 50 per action. + $ref: '#/components/schemas/GoogleCloudApigeeV1ServiceIssuersMapping' + description: Lists of hybrid services and its trusted issuer email ids. type: array - items: - type: string - regionCodes: + GoogleCloudApigeeV1SecurityProfile: + id: GoogleCloudApigeeV1SecurityProfile + description: Represents a SecurityProfile resource. + type: object + properties: + name: description: >- - Optional. A list of countries/region codes to act on, e.g. US. This - follows https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2. + Immutable. Name of the security profile resource. Format: + organizations/{org}/securityProfiles/{profile} + type: string + revisionPublishTime: + type: string + description: >- + Output only. DEPRECATED: DO NOT USE The time when revision was + published. Once published, the security profile revision cannot be + updated further and can be attached to environments. + readOnly: true + deprecated: true + format: google-datetime + environments: type: array + description: List of environments attached to security profile. items: - type: string - asns: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfileEnvironment' + displayName: + description: 'DEPRECATED: DO NOT USE Display name of the security profile.' + deprecated: true + type: string + maxScore: + readOnly: true description: >- - Optional. A list of ASN numbers to act on, e.g. 23. - https://en.wikipedia.org/wiki/Autonomous_system_(Internet) This uses - int64 instead of uint32 because of - https://linter.aip.dev/141/forbidden-types. - type: array + Output only. Maximum security score that can be generated by this + profile. + type: integer + format: int32 + minScore: + format: int32 + description: >- + Output only. Minimum security score that can be generated by this + profile. + readOnly: true + type: integer + scoringConfigs: + description: List of profile scoring configs in this revision. items: - type: string - format: int64 + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityProfileScoringConfig + type: array + description: + description: Description of the security profile. + type: string + revisionUpdateTime: + description: Output only. The time when revision was updated. + type: string + readOnly: true + format: google-datetime + revisionCreateTime: + readOnly: true + format: google-datetime + description: Output only. The time when revision was created. + type: string + profileConfig: + description: >- + Required. Customized profile configuration that computes the + security score. + $ref: '#/components/schemas/GoogleCloudApigeeV1ProfileConfig' + revisionId: + readOnly: true + type: string + description: Output only. Revision ID of the security profile. + format: int64 GoogleCloudApigeeV1ListSecurityActionsResponse: - id: GoogleCloudApigeeV1ListSecurityActionsResponse description: >- Contains a list of SecurityActions in response to a ListSecurityActionRequest. - type: object properties: + nextPageToken: + type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. securityActions: description: The SecurityActions for the specified environment. - type: array items: $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityAction' + type: array + type: object + id: GoogleCloudApigeeV1ListSecurityActionsResponse + GoogleCloudApigeeV1ListDnsZonesResponse: + description: Response for list DNS zones. + properties: nextPageToken: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Page token that you can include in an `ListDnsZones` request to + retrieve the next page. If omitted, no subsequent pages exist. type: string - GoogleCloudApigeeV1EnableSecurityActionRequest: - id: GoogleCloudApigeeV1EnableSecurityActionRequest - description: Message to enable a disabled SecurityAction. + dnsZones: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1DnsZone' + type: array + description: DNS zones in a given organization. type: object - properties: {} - GoogleCloudApigeeV1DisableSecurityActionRequest: - id: GoogleCloudApigeeV1DisableSecurityActionRequest - description: Message to disable an enabled SecurityAction. + id: GoogleCloudApigeeV1ListDnsZonesResponse + GoogleCloudApigeeV1BatchUpdateSecurityIncidentsResponse: + properties: + securityIncidents: + description: Output only. Updated security incidents + readOnly: true + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityIncident' type: object - properties: {} - GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequest: - id: GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequest - description: Request for BatchComputeSecurityAssessmentResults. + description: Response for BatchUpdateSecurityIncident. + id: GoogleCloudApigeeV1BatchUpdateSecurityIncidentsResponse + GoogleCloudApigeeV1ListDatastoresResponse: type: object + id: GoogleCloudApigeeV1ListDatastoresResponse properties: - profile: - description: Required. Name of the profile that is used for computation. - type: string - scope: + datastores: + description: A list of datastores + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Datastore' + description: The response for ListDatastores + GoogleCloudApigeeV1RuntimeApiSecurityConfig: + description: Runtime configuration for the API Security add-on. + id: GoogleCloudApigeeV1RuntimeApiSecurityConfig + type: object + properties: + enabled: + type: boolean + description: If the API Security is enabled or not. + GoogleCloudApigeeV1FlowHookConfig: + type: object + properties: + continueOnError: description: >- - Required. Scope of the resources for the computation. For Apigee, - the environment is the scope of the resources. + Flag that specifies whether the flow should abort after an error in + the flow hook. Defaults to `true` (continue on error). + type: boolean + sharedFlowName: type: string - includeAllResources: - description: Include all resources under the scope. - $ref: >- - #/components/schemas/GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestIncludeAll - include: - description: Include only these resources. - $ref: >- - #/components/schemas/GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestResourceArray - pageSize: - description: >- - Optional. The maximum number of results to return. The service may - return fewer than this value. If unspecified, at most 50 results - will be returned. - type: integer - format: int32 - pageToken: description: >- - Optional. A page token, received from a previous - `BatchComputeSecurityAssessmentResults` call. Provide this to - retrieve the subsequent page. + Name of the shared flow to invoke in the following format: + `organizations/{org}/sharedflows/{sharedflow}` + name: type: string - GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestIncludeAll: - id: >- - GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestIncludeAll - description: Message for include_all_resources option. + description: >- + Name of the flow hook in the following format: + `organizations/{org}/environments/{env}/flowhooks/{point}`. Valid + `point` values include: `PreProxyFlowHook`, `PostProxyFlowHook`, + `PreTargetFlowHook`, and `PostTargetFlowHook` + id: GoogleCloudApigeeV1FlowHookConfig + GoogleProtobufEmpty: type: object properties: {} - GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestResourceArray: - id: >- - GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestResourceArray description: >- - Message for the array of resources. For Apigee, the proxies are - resources. - type: object + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: GoogleProtobufEmpty + GoogleCloudApigeeV1ResourceStatus: properties: - resources: - description: >- - Required. The array of resources. For Apigee, the proxies are - resources. - type: array + revisions: items: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestResourceArrayResource - GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestResourceArrayResource: - id: >- - GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestResourceArrayResource - description: Resource for which we are computing security assessment. - type: object - properties: - type: - description: Required. Type of this resource. - type: string - enumDescriptions: - - ResourceType not specified. - - Resource is an Apigee Proxy. - enum: - - RESOURCE_TYPE_UNSPECIFIED - - API_PROXY - name: - description: Required. Name of this resource. - type: string - GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsResponse: - id: GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsResponse - description: Response for BatchComputeSecurityAssessmentResults. - type: object - properties: - securityAssessmentResults: - description: Default sort order is by resource name in alphabetic order. + $ref: '#/components/schemas/GoogleCloudApigeeV1RevisionStatus' type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityAssessmentResult' - assessmentTime: - description: The time of the assessment api call. + description: Revisions of the resource currently deployed in the instance. + uid: + description: >- + The uid of the resource. In the unexpected case that the instance + has multiple uids for the same name, they should be reported under + separate ResourceStatuses. type: string - format: google-datetime - nextPageToken: + totalReplicas: + description: The total number of replicas that should have this resource. + format: int32 + type: integer + resource: description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is blank, there are no subsequent pages. + The resource name. Currently only two resources are supported: + EnvironmentGroup - organizations/{org}/envgroups/{envgroup} + EnvironmentConfig - + organizations/{org}/environments/{environment}/deployedConfig type: string - GoogleCloudApigeeV1SecurityAssessmentResult: - id: GoogleCloudApigeeV1SecurityAssessmentResult - description: The security assessment result for one resource. + description: The status of a resource loaded in the runtime. + id: GoogleCloudApigeeV1ResourceStatus type: object + GoogleCloudApigeeV1SecurityIncident: + description: Represents an SecurityIncident resource. + id: GoogleCloudApigeeV1SecurityIncident properties: - resource: - description: The assessed resource. - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityAssessmentResultResource - createTime: + firstDetectedTime: + format: google-datetime + type: string + readOnly: true description: >- - The time of the assessment of this resource. This could lag behind - `assessment_time` due to caching within the backend. + Output only. The time when events associated with the incident were + first detected. + lastObservabilityChangeTime: + readOnly: true + description: >- + Output only. The time when the incident observability was last + changed. type: string format: google-datetime - scoringResult: - description: The result of the assessment. - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityAssessmentResultScoringResult - error: - description: The error status if scoring fails. - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudApigeeV1SecurityAssessmentResultResource: - id: GoogleCloudApigeeV1SecurityAssessmentResultResource - description: Resource for which we are computing security assessment. - type: object - properties: - type: - description: Required. Type of this resource. + detectionTypes: + description: >- + Output only. Detection types which are part of the incident. + Examples: Flooder, OAuth Abuser, Static Content Scraper, Anomaly + Detection. + type: array + readOnly: true + items: + type: string + trafficCount: type: string - enumDescriptions: - - ResourceType not specified. - - Resource is an Apigee Proxy. - enum: - - RESOURCE_TYPE_UNSPECIFIED - - API_PROXY + format: int64 + description: Total traffic detected as part of the incident. name: - description: Required. Name of this resource. type: string - resourceRevisionId: description: >- - The revision id for the resource. In case of Apigee, this is proxy - revision id. + Immutable. Name of the security incident resource. Format: + organizations/{org}/environments/{environment}/securityIncidents/{incident} + Example: + organizations/apigee-org/environments/dev/securityIncidents/1234-5678-9101-1111 + displayName: type: string - GoogleCloudApigeeV1SecurityAssessmentResultScoringResult: - id: GoogleCloudApigeeV1SecurityAssessmentResultScoringResult - description: The result of the assessment. - type: object - properties: - score: - description: The security score of the assessment. - type: integer - format: int32 - severity: + description: Optional. Display name of the security incident. + lastDetectedTime: + type: string + format: google-datetime + description: >- + Output only. The time when events associated with the incident were + last detected. + readOnly: true + observability: + enumDescriptions: + - The incident observability is unspecified. + - >- + The incident is currently active. Can change to this status from + archived. + - >- + The incident is currently archived and was archived by the + customer. + enum: + - OBSERVABILITY_UNSPECIFIED + - ACTIVE + - ARCHIVED + description: Optional. Indicates if the user archived this incident. type: string + riskLevel: + readOnly: true + description: Output only. Risk level of the incident. enumDescriptions: - - Severity is not defined. - - Severity is low. - - Severity is medium. - - Severity is high. - - Severity is minimal + - Risk Level Unspecified. + - Risk level of the incident is low. + - Risk level of the incident is moderate. + - Risk level of the incident is severe. enum: - - SEVERITY_UNSPECIFIED + - RISK_LEVEL_UNSPECIFIED - LOW - - MEDIUM - - HIGH - - MINIMAL - failedAssessmentPerWeight: - description: >- - The number of failed assessments grouped by its weight. Keys are one - of the following: "MAJOR", "MODERATE", "MINOR". - type: object + - MODERATE + - SEVERE + type: string + type: object + GoogleCloudApigeeV1GenerateDownloadUrlRequest: + description: Request for GenerateDownloadUrl method. + id: GoogleCloudApigeeV1GenerateDownloadUrlRequest + properties: {} + type: object + GoogleCloudApigeeV1QueryTimeSeriesStatsResponseSequence: + properties: + dimensions: additionalProperties: - type: integer - format: int32 - assessmentRecommendations: + type: string description: >- - The recommendations of the assessment. The key is the "name" of the - assessment (not display_name), and the value are the - recommendations. + Map of dimensions and their values that uniquely identifies a time + series sequence. type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendation - dataUpdateTime: - description: >- - The time when resource data was last fetched for this resource. This - time may be different than when the resource was actually updated - due to lag in data collection. + points: + description: List of points. First value of each inner list is a timestamp. + items: + items: + type: any + type: array + type: array + type: object + description: A sequence of time series. + id: GoogleCloudApigeeV1QueryTimeSeriesStatsResponseSequence + GoogleCloudApigeeV1DeveloperMonetizationConfig: + description: Monetization configuration for the developer. + id: GoogleCloudApigeeV1DeveloperMonetizationConfig + type: object + properties: + billingType: type: string - format: google-datetime - GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendation: - id: >- - GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendation - description: The message format of a recommendation from the assessment. + enum: + - BILLING_TYPE_UNSPECIFIED + - PREPAID + - POSTPAID + enumDescriptions: + - The default/unset value. + - >- + Developer pays in advance for the use of APIs and the charged + amount is deducted from their account balance. + - >- + Developer does not maintain an account balance. The API provider + bills the developer for API usage. + description: Billing type. + GoogleCloudApigeeV1SecurityProfileEnvironmentAssociation: + id: GoogleCloudApigeeV1SecurityProfileEnvironmentAssociation type: object properties: - displayName: - description: The display name of the assessment. + name: + description: Immutable. Name of the environment that the profile is attached to. type: string - weight: - description: The weight of the assessment which was set in the profile. + securityProfileRevisionId: + format: int64 + deprecated: true + description: 'DEPRECATED: DO NOT USE Revision ID of the security profile.' type: string - enumDescriptions: - - The weight is unspecified. - - The weight is minor. - - The weight is moderate. - - The weight is major. - enum: - - WEIGHT_UNSPECIFIED - - MINOR - - MODERATE - - MAJOR - scoreImpact: + attachTime: + format: google-datetime description: >- - Score impact indicates the impact on the overall score if the - assessment were to pass. - type: integer + Output only. The time when environment was attached to the security + profile. + readOnly: true + type: string + description: Represents a SecurityProfileEnvironmentAssociation resource. + GoogleCloudApigeeV1ListAppGroupsResponse: + description: >- + ListAppGroupsResponse contains the 0 or more AppGroups, along with the + optional page token and the total count of apps. + type: object + id: GoogleCloudApigeeV1ListAppGroupsResponse + properties: + totalSize: format: int32 - verdict: - description: Verdict indicates the assessment result. + description: Total count of AppGroups. + type: integer + nextPageToken: type: string - enumDescriptions: - - The verdict is unspecified. - - The assessment has passed. - - The assessment has failed. - enum: - - VERDICT_UNSPECIFIED - - PASS - - FAIL - recommendations: - description: The recommended steps of the assessment. - type: array + description: >- + Token that can be sent as `next_page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + appGroups: items: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendationRecommendation - GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendationRecommendation: - id: >- - GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendationRecommendation - description: The format of the assessment recommendation. - type: object + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroup' + description: List of AppGroups. + type: array + GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequest: + description: Request for BatchComputeSecurityAssessmentResults. properties: - description: - description: The description of the recommendation. + apiHubGateways: + description: >- + An array of API Hub Gateways to assess. A maximum of 3 gateways can + be assessed. + $ref: >- + #/components/schemas/GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestApiHubGatewayArray + include: + description: Include only these resources. + $ref: >- + #/components/schemas/GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestResourceArray + profile: type: string - link: - description: The link for the recommendation. + description: Required. Name of the profile that is used for computation. + includeAllResources: $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendationRecommendationLink - GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendationRecommendationLink: - id: >- - GoogleCloudApigeeV1SecurityAssessmentResultScoringResultAssessmentRecommendationRecommendationLink - description: The format for a link in the recommendation. - type: object - properties: - text: - description: 'The text of the url. (ie: "Learn more")' + #/components/schemas/GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestIncludeAll + description: Include all resources under the scope. + pageSize: + type: integer + format: int32 + description: >- + Optional. The maximum number of results to return. The service may + return fewer than this value. If unspecified, at most 50 results + will be returned. + apiHubApis: + description: >- + An array of API Hub APIs to assess. A maximum of 1 API can be + assessed. + $ref: >- + #/components/schemas/GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestApiHubApiArray + pageToken: type: string - uri: - description: The link itself. + description: >- + Optional. A page token, received from a previous + `BatchComputeSecurityAssessmentResults` call. Provide this to + retrieve the subsequent page. + scope: + description: >- + Optional. Scope of the resources for the computation. When computing + scores for Apigee proxies, the scope should be set to the + environment of the resources. When computing scores for API Hub + deployments, api_hub_scope should be set instead. type: string - GoogleCloudApigeeV1SecurityProfileV2: - id: GoogleCloudApigeeV1SecurityProfileV2 - description: Security profile for risk assessment version 2. type: object + id: GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequest + GoogleCloudApigeeV1CustomReportMetric: + description: >- + This encapsulates a metric property of the form sum(message_count) where + name is message_count and function is sum + id: GoogleCloudApigeeV1CustomReportMetric properties: name: - description: >- - Identifier. Name of the security profile v2 resource. Format: - organizations/{org}/securityProfilesV2/{profile} - type: string - description: - description: Optional. The description of the security profile. - type: string - createTime: - description: Output only. The time of the security profile creation. - readOnly: true + description: name of the metric type: string - format: google-datetime - updateTime: - description: Output only. The time of the security profile update. - readOnly: true + function: type: string - format: google-datetime - profileAssessmentConfigs: - description: >- - Required. The configuration for each assessment in this profile. Key - is the name/id of the assessment. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityProfileV2ProfileAssessmentConfig - googleDefined: - description: Output only. Whether the security profile is google defined. - readOnly: true - type: boolean - GoogleCloudApigeeV1SecurityProfileV2ProfileAssessmentConfig: - id: GoogleCloudApigeeV1SecurityProfileV2ProfileAssessmentConfig - description: The configuration definition for a specific assessment. + description: aggregate function type: object - properties: - weight: - description: The weight of the assessment. - type: string - enumDescriptions: - - The weight is unspecified. - - The weight is minor. - - The weight is moderate. - - The weight is major. - enum: - - WEIGHT_UNSPECIFIED - - MINOR - - MODERATE - - MAJOR - GoogleCloudApigeeV1ListSecurityProfilesV2Response: - id: GoogleCloudApigeeV1ListSecurityProfilesV2Response - description: Response for ListSecurityProfilesV2. + GoogleCloudApigeeV1SharedFlowRevision: type: object properties: - securityProfilesV2: - description: List of security profiles in the organization. + policies: type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfileV2' - nextPageToken: - description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. + type: string + description: A list of policy names included in this shared flow revision. + createdAt: type: string - GoogleCloudApigeeV1SecurityMonitoringCondition: - id: GoogleCloudApigeeV1SecurityMonitoringCondition - description: Security monitoring condition for risk assessment version 2. - type: object - properties: - name: description: >- - Identifier. Name of the security monitoring condition resource. - Format: - organizations/{org}/securityMonitoringConditions/{security_monitoring_condition} + Time at which this shared flow revision was created, in milliseconds + since epoch. + format: int64 + revision: type: string - createTime: - description: Output only. The time of the security monitoring condition creation. - readOnly: true + description: The resource ID of this revision. + sharedFlows: + type: array + items: + type: string + description: >- + A list of the shared flow names included in this shared flow + revision. + type: type: string - format: google-datetime - updateTime: - description: Output only. The time of the security monitoring condition update. - readOnly: true + description: The string "Application" + resourceFiles: + $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceFiles' + description: The resource files included in this shared flow revision. + lastModifiedAt: type: string - format: google-datetime - profile: description: >- - Required. ID of security profile of the security monitoring - condition. + Time at which this shared flow revision was most recently modified, + in milliseconds since epoch. + format: int64 + contextInfo: type: string - scope: - description: >- - Required. Scope of the security monitoring condition. For Apigee, - the environment is the scope of the resources. + description: A textual description of the shared flow revision. + displayName: type: string - includeAllResources: - description: Include all resources under the scope. - $ref: >- - #/components/schemas/GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestIncludeAll - include: - description: Include only these resources. - $ref: >- - #/components/schemas/GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequestResourceArray - totalMonitoredResources: + description: The human readable name of this shared flow. + entityMetaDataAsProperties: + additionalProperties: + type: string + description: A Key-Value map of metadata about this shared flow revision. + type: object + configurationVersion: description: >- - Output only. Total number of monitored resources within this - condition. - readOnly: true - type: integer - format: int32 - totalDeployedResources: - description: Output only. Total number of deployed resources within scope. - readOnly: true - type: integer - format: int32 - GoogleCloudApigeeV1ListSecurityMonitoringConditionsResponse: - id: GoogleCloudApigeeV1ListSecurityMonitoringConditionsResponse - description: Response for ListSecurityMonitoringConditions. - type: object - properties: - securityMonitoringConditions: - description: List of security monitoring conditions in the organization. + The version of the configuration schema to which this shared flow + conforms. The only supported value currently is majorVersion 4 and + minorVersion 0. This setting may be used in the future to enable + evolution of the shared flow format. + $ref: '#/components/schemas/GoogleCloudApigeeV1ConfigVersion' + resources: + description: >- + A list of the resources included in this shared flow revision + formatted as "{type}://{name}". type: array items: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityMonitoringCondition - nextPageToken: - description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. + type: string + name: type: string - GoogleCloudApigeeV1SecuritySettings: - id: GoogleCloudApigeeV1SecuritySettings - description: >- - SecuritySettings reflects the current state of the SecuritySettings - feature. + description: The resource ID of the parent shared flow. + description: + type: string + description: Description of the shared flow revision. + description: The metadata describing a shared flow revision. + id: GoogleCloudApigeeV1SharedFlowRevision + GoogleCloudApigeeV1ApiCategoryResponse: + description: The API category resource wrapped with response status, error_code, etc. + id: GoogleCloudApigeeV1ApiCategoryResponse type: object properties: - name: - description: >- - Identifier. Full resource name is always - `organizations/{org}/securitySettings`. + requestId: type: string - mlRetrainingFeedbackEnabled: - description: >- - Optional. If true the user consents to the use of ML models for - Abuse detection. - type: boolean - GoogleCloudApigeeV1KeyValueMap: - id: GoogleCloudApigeeV1KeyValueMap - description: Collection of key/value string pairs. + description: Unique ID of the request. + data: + description: The API category resource. + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiCategory' + message: + description: Description of the operation. + type: string + status: + description: Status of the operation. + type: string + errorCode: + type: string + description: Unique error code for the request, if any. + GoogleCloudApigeeV1FlowHook: type: object + id: GoogleCloudApigeeV1FlowHook properties: - name: - description: Required. ID of the key value map. + flowHookPoint: type: string - encrypted: description: >- - Required. Flag that specifies whether entry values will be - encrypted. This field is retained for backward compatibility and the - value of encrypted will always be `true`. Apigee X and hybrid do not - support unencrypted key value maps. + Output only. Where in the API call flow the flow hook is invoked. + Must be one of `PreProxyFlowHook`, `PostProxyFlowHook`, + `PreTargetFlowHook`, or `PostTargetFlowHook`. + readOnly: true + continueOnError: type: boolean - GoogleCloudApigeeV1KeyValueEntry: - id: GoogleCloudApigeeV1KeyValueEntry - description: >- - Key value map pair where the value represents the data associated with - the corresponding key. **Note**: Supported for Apigee hybrid 1.8.x and - higher. - type: object - properties: - name: - description: >- - Resource URI that can be used to identify the scope of the key value - map entries. - type: string - value: description: >- - Required. Data or payload that is being retrieved and associated - with the unique key. + Optional. Flag that specifies whether execution should continue if + the flow hook throws an exception. Set to `true` to continue + execution. Set to `false` to stop execution if the flow hook throws + an exception. Defaults to `true`. + description: type: string - GoogleCloudApigeeV1ListKeyValueEntriesResponse: - id: GoogleCloudApigeeV1ListKeyValueEntriesResponse - description: >- - The request structure for listing key value map keys and its - corresponding values. - type: object - properties: - keyValueEntries: - description: One or more key value map keys and values. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' - nextPageToken: + description: Description of the flow hook. + sharedFlow: description: >- - Token that can be sent as `next_page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Shared flow attached to this flow hook, or empty if there is none + attached. type: string - GoogleCloudApigeeV1RatePlan: - id: GoogleCloudApigeeV1RatePlan - description: Rate plan details. + GoogleCloudApigeeV1Space: type: object + description: Organization space resource. properties: - name: - description: Output only. Name of the rate plan. + createTime: + format: google-datetime readOnly: true - type: string - apiproduct: - description: Name of the API product that the rate plan is associated with. + description: Output only. Create timestamp of the space. type: string displayName: - description: Display name of the rate plan. type: string - description: - description: Description of the rate plan. + description: Optional. Display name of the space. + name: + description: >- + Output only. Identifier. Id of the space. This field is used as the + resource name, and must follow [AIP-122](https://google.aip.dev/122) + guidelines. + readOnly: true type: string - billingPeriod: - description: Frequency at which the customer will be billed. + updateTime: type: string - enumDescriptions: - - Billing period not specified. - - >- - Weekly billing period. **Note**: Not supported by Apigee at this - time. - - Monthly billing period. - enum: - - BILLING_PERIOD_UNSPECIFIED - - WEEKLY - - MONTHLY - paymentFundingModel: - description: >- - DEPRECATED: This field is no longer supported and will eventually be - removed when Apigee Hybrid 1.5/1.6 is no longer supported. Instead, - use the `billingType` field inside `DeveloperMonetizationConfig` - resource. Flag that specifies the billing account type, prepaid or - postpaid. - deprecated: true + readOnly: true + description: Output only. Last modified timestamp of the space. + format: google-datetime + id: GoogleCloudApigeeV1Space + GoogleCloudApigeeV1RuntimeAnalyticsConfig: + type: object + id: GoogleCloudApigeeV1RuntimeAnalyticsConfig + properties: + billingPipelineEnabled: + description: If Runtime should send billing data to AX or not. + type: boolean + enabled: + type: boolean + description: If the Analytics is enabled or not. + description: Runtime configuration for the Analytics add-on. + GoogleIamV1AuditLogConfig: + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + properties: + logType: type: string - enumDescriptions: - - Billing account type not specified. - - >- - Prepaid billing account type. Developer pays in advance for the - use of your API products. Funds are deducted from their prepaid - account balance. **Note**: Not supported by Apigee at this time. - - >- - Postpaid billing account type. Developer is billed through an - invoice after using your API products. enum: - - PAYMENT_FUNDING_MODEL_UNSPECIFIED - - PREPAID - - POSTPAID - currencyCode: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + description: The log type that this config enables. + exemptedMembers: + items: + type: string description: >- - Currency to be used for billing. Consists of a three-letter code as - defined by the [ISO 4217](https://en.wikipedia.org/wiki/ISO_4217) - standard. + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + type: array + type: object + id: GoogleIamV1AuditLogConfig + GoogleCloudApigeeV1QueryTimeSeriesStatsRequest: + description: >- + QueryTimeSeriesStatsRequest represents a query that returns a collection + of time series sequences grouped by their values. + properties: + pageToken: type: string - setupFee: - description: Initial, one-time fee paid when purchasing the API product. - $ref: '#/components/schemas/GoogleTypeMoney' - fixedRecurringFee: description: >- - Fixed amount that is charged at a defined interval and billed in - advance of use of the API product. The fee will be prorated for the - first billing period. - $ref: '#/components/schemas/GoogleTypeMoney' - fixedFeeFrequency: - description: Frequency at which the fixed fee is charged. - type: integer - format: int32 - consumptionPricingType: - description: Pricing model used for consumption-based charges. + Page token stands for a specific collection of time series + sequences. + filter: + description: >- + Filter further on specific dimension values. Follows the same + grammar as custom report's filter expressions. Example, apiproxy eq + 'foobar'. + https://cloud.google.com/apigee/docs/api-platform/analytics/analytics-reference#filters type: string - enumDescriptions: - - Pricing model not specified. This is the default. - - Fixed rate charged for each API call. - - >- - Variable rate charged for each API call based on price tiers. - Example: * 1-100 calls cost $2 per call * 101-200 calls cost $1.50 - per call * 201-300 calls cost $1 per call * Total price for 50 - calls: 50 x $2 = $100 * Total price for 150 calls: 100 x $2 + 50 x - $1.5 = $275 * Total price for 250 calls: 100 x $2 + 100 x $1.5 + - 50 x $1 = $400. - - '**Note**: Not supported by Apigee at this time.' - - '**Note**: Not supported by Apigee at this time.' + metrics: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1MetricAggregation' + description: Required. List of metrics and their aggregations. + type: array + timestampOrder: enum: - - CONSUMPTION_PRICING_TYPE_UNSPECIFIED - - FIXED_PER_UNIT - - BANDED - - TIERED - - STAIRSTEP - consumptionPricingRates: + - ORDER_UNSPECIFIED + - ASCENDING + - DESCENDING + enumDescriptions: + - Unspecified order. Default is Descending. + - Ascending sort order. + - Descending sort order. + type: string description: >- - API call volume ranges and the fees charged when the total number of - API calls is within a given range. The method used to calculate the - final fee depends on the selected pricing model. For example, if the - pricing model is `BANDED` and the ranges are defined as follows: ``` - { "start": 1, "end": 100, "fee": 2 }, { "start": 101, "end": 200, - "fee": 1.50 }, { "start": 201, "end": 0, "fee": 1 }, } ``` Then the - following fees would be charged based on the total number of API - calls (assuming the currency selected is `USD`): * 50 calls cost 50 - x $2 = $100 * 150 calls cost 100 x $2 + 50 x $1.5 = $275 * 250 calls - cost 100 x $2 + 100 x $1.5 + 50 x $1 = $400 * 500 calls cost 100 x - $2 + 100 x $1.5 + 300 x $1 = $650 - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1RateRange' - revenueShareType: - description: Method used to calculate the revenue that is shared with developers. - type: string - enumDescriptions: - - Revenue share type is not specified. - - >- - Fixed percentage of the total revenue will be shared. The - percentage to be shared can be configured by the API provider. - - >- - Amount of revenue shared depends on the number of API calls. The - API call volume ranges and the revenue share percentage for each - volume can be configured by the API provider. **Note**: Not - supported by Apigee at this time. - enum: - - REVENUE_SHARE_TYPE_UNSPECIFIED - - FIXED - - VOLUME_BANDED - revenueShareRates: - description: Details of the revenue sharing model. + Order the sequences in increasing or decreasing order of timestamps. + Default is descending order of timestamps (latest first). + dimensions: + description: >- + List of dimension names to group the aggregations by. If no + dimensions are passed, a single trend line representing the + requested metric aggregations grouped by environment is returned. type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1RevenueShareRange' - state: - description: Current state of the rate plan (draft or published). - type: string + type: string + timeRange: + description: Required. Time range for the stats. + $ref: '#/components/schemas/GoogleTypeInterval' + windowSize: + description: Time buckets to group the stats by. enumDescriptions: - - State of the rate plan is not specified. - - Rate plan is in draft mode and only visible to API providers. - - >- - Rate plan is published and will become visible to developers for - the configured duration (between `startTime` and `endTime`). + - Unspecified window size. Default is 1 hour. + - 1 Minute window + - 1 Hour window + - 1 Day window + - 1 Month window enum: - - STATE_UNSPECIFIED - - DRAFT - - PUBLISHED - startTime: - description: Time when the rate plan becomes active in milliseconds since epoch. - type: string - format: int64 - endTime: - description: >- - Time when the rate plan will expire in milliseconds since epoch. Set - to 0 or `null` to indicate that the rate plan should never expire. - type: string - format: int64 - createdAt: - description: >- - Output only. Time that the rate plan was created in milliseconds - since epoch. - readOnly: true + - WINDOW_SIZE_UNSPECIFIED + - MINUTE + - HOUR + - DAY + - MONTH type: string - format: int64 - lastModifiedAt: + pageSize: description: >- - Output only. Time the rate plan was last modified in milliseconds - since epoch. - readOnly: true - type: string - format: int64 - GoogleCloudApigeeV1RateRange: - id: GoogleCloudApigeeV1RateRange + Page size represents the number of time series sequences, one per + unique set of dimensions and their values. + format: int32 + type: integer + type: object + id: GoogleCloudApigeeV1QueryTimeSeriesStatsRequest + GoogleCloudApigeeV1Result: description: >- - API call volume range and the fees charged when the total number of API - calls is within the range. + Result is short for "action result", could be different types identified + by "action_result" field. Supported types: 1. DebugInfo : generic debug + info collected by runtime recorded as a list of properties. For example, + the contents could be virtual host info, state change result, or + execution metadata. Required fields : properties, timestamp 2. + RequestMessage: information of a http request. Contains headers, request + URI and http methods type.Required fields : headers, uri, verb 3. + ResponseMessage: information of a http response. Contains headers, + reason phrase and http status code. Required fields : headers, + reasonPhrase, statusCode 4. ErrorMessage: information of a http error + message. Contains detail error message, reason phrase and status code. + Required fields : content, headers, reasonPhrase, statusCode 5. + VariableAccess: a list of variable access actions, can be Get, Set and + Remove. Required fields : accessList + id: GoogleCloudApigeeV1Result type: object properties: - start: - description: >- - Starting value of the range. Set to 0 or `null` for the initial - range of values. + reasonPhrase: + description: HTTP response phrase type: string - format: int64 - end: + accessList: description: >- - Ending value of the range. Set to 0 or `null` for the last range of - values. + A list of variable access actions agaist the api proxy. Supported + values: Get, Set, Remove. + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Access' + ActionResult: type: string - format: int64 - fee: description: >- - Fee to charge when total number of API calls falls within this - range. - $ref: '#/components/schemas/GoogleTypeMoney' - GoogleCloudApigeeV1RevenueShareRange: - id: GoogleCloudApigeeV1RevenueShareRange - description: >- - API call volume range and the percentage of revenue to share with the - developer when the total number of API calls is within the range. - type: object - properties: - start: + Type of the action result. Can be one of the five: DebugInfo, + RequestMessage, ResponseMessage, ErrorMessage, VariableAccess + content: description: >- - Starting value of the range. Set to 0 or `null` for the initial - range of values. + Error message content. for example, "content" : + "{\"fault\":{\"faultstring\":\"API timed + out\",\"detail\":{\"errorcode\":\"flow.APITimedOut\"}}}" type: string - format: int64 - end: - description: >- - Ending value of the range. Set to 0 or `null` for the last range of - values. + statusCode: + description: HTTP response code type: string - format: int64 - sharePercentage: - description: >- - Percentage of the revenue to be shared with the developer. For - example, to share 21 percent of the total revenue with the - developer, set this value to 21. Specify a decimal number with a - maximum of two digits following the decimal point. - type: number - format: double - GoogleCloudApigeeV1ListRatePlansResponse: - id: GoogleCloudApigeeV1ListRatePlansResponse - description: Response for ListRatePlans. - type: object - properties: - ratePlans: - description: List of rate plans in an organization. + verb: + description: HTTP method verb + type: string + properties: + description: Name value pairs used for DebugInfo ActionResult. + $ref: '#/components/schemas/GoogleCloudApigeeV1Properties' + headers: type: array + description: >- + A list of HTTP headers. for example, '"headers" : [ { "name" : + "Content-Length", "value" : "83" }, { "name" : "Content-Type", + "value" : "application/json" } ]' items: - $ref: '#/components/schemas/GoogleCloudApigeeV1RatePlan' - nextStartKey: + $ref: '#/components/schemas/GoogleCloudApigeeV1Property' + uRI: description: >- - Value that can be sent as `startKey` to retrieve the next page of - content. If this field is omitted, there are no subsequent pages. + The relative path of the api proxy. for example, `"uRI" : + "/iloveapis"` type: string - GoogleCloudApigeeV1DebugSession: - id: GoogleCloudApigeeV1DebugSession - type: object - properties: - name: - description: A unique ID for this DebugSession. + timestamp: type: string - validity: - description: >- - Optional. The length of time, in seconds, that this debug session is - valid, starting from when it's received in the control plane. Min = - 1, Max = 15, Default = 10. - type: integer - format: int32 - count: - description: >- - Optional. The number of request to be traced. Min = 1, Max = 15, - Default = 10. - type: integer - format: int32 - tracesize: description: >- - Optional. The maximum number of bytes captured from the response - payload. Min = 0, Max = 5120, Default = 5120. - type: integer - format: int32 - filter: + Timestamp of when the result is recorded. Its format is dd-mm-yy + hh:mm:ss:xxx. For example, `"timestamp" : "12-08-19 00:31:59:960"` + GoogleCloudApigeeV1ConnectorsPlatformConfig: + id: GoogleCloudApigeeV1ConnectorsPlatformConfig + type: object + description: Configuration for the Connectors Platform add-on. + properties: + enabled: + type: boolean description: >- - Optional. A conditional statement which is evaluated against the - request message to determine if it should be traced. Syntax matches - that of on API Proxy bundle flow Condition. - type: string - timeout: + Flag that specifies whether the Connectors Platform add-on is + enabled. + expiresAt: + readOnly: true description: >- - Optional. The time in seconds after which this DebugSession should - end. This value will override the value in query param, if both are - provided. - type: string + Output only. Time at which the Connectors Platform add-on expires in + milliseconds since epoch. If unspecified, the add-on will never + expire. format: int64 - createTime: - description: >- - Output only. The first transaction creation timestamp, recorded by - UAP. - readOnly: true type: string - format: google-datetime - GoogleCloudApigeeV1ListDebugSessionsResponse: - id: GoogleCloudApigeeV1ListDebugSessionsResponse + GoogleCloudApigeeV1Certificate: + id: GoogleCloudApigeeV1Certificate type: object properties: - sessions: - description: >- - Session info that includes debug session ID and the first - transaction creation timestamp. - type: array + certInfo: items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Session' - nextPageToken: - description: >- - Page token that you can include in a ListDebugSessionsRequest to - retrieve the next page. If omitted, no subsequent pages exist. - type: string - GoogleCloudApigeeV1Session: - id: GoogleCloudApigeeV1Session - description: Session carries the debug session id and its creation time. - type: object + $ref: '#/components/schemas/GoogleCloudApigeeV1CertInfo' + description: Chain of certificates under this name. + type: array + GoogleCloudApigeeV1Environment: properties: - id: - description: The debug session ID. + apiProxyType: type: string - timestampMs: + enumDescriptions: + - API proxy type not specified. + - >- + Programmable API Proxies enable you to develop APIs with highly + flexible behavior using bundled policy configuration and one or + more programming languages to describe complex sequential and/or + conditional flows of logic. + - >- + Configurable API Proxies enable you to develop efficient APIs + using simple configuration while complex execution control flow + logic is handled by Apigee. This type only works with the ARCHIVE + deployment type and cannot be combined with the PROXY deployment + type. description: >- - The first transaction creation timestamp in millisecond, recorded by - UAP. - type: string + Optional. API Proxy type supported by the environment. The type can + be set when creating the Environment and cannot be changed. + enum: + - API_PROXY_TYPE_UNSPECIFIED + - PROGRAMMABLE + - CONFIGURABLE + createdAt: + readOnly: true format: int64 - GoogleCloudApigeeV1ListApiDebugSessionsResponse: - id: GoogleCloudApigeeV1ListApiDebugSessionsResponse - description: Response for ListApiDebugSessions. - type: object - properties: - sessions: description: >- - Session info that includes debug session ID, environment ID, api - proxy revision ID and the first transaction creation timestamp. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDebugSession' - nextPageToken: - description: >- - Page token that you can include in a ListApiDebugSessionsRequest to - retrieve the next page. If omitted, no subsequent pages exist. - type: string - GoogleCloudApigeeV1ApiDebugSession: - id: GoogleCloudApigeeV1ApiDebugSession - description: Session carries the debug session id and its creation time. - type: object - properties: - id: - description: The debug session ID. - type: string - apiProxyRevisionId: - description: The revision ID of the deployed API proxy. - type: string - environmentId: - description: The environment ID of the deployed API proxy. + Output only. Creation time of this environment as milliseconds since + epoch. type: string - createTime: - description: >- - The first transaction creation timestamp in millisecond, recorded by - UAP. + description: + description: Optional. Description of the environment. type: string - format: google-datetime - GoogleCloudApigeeV1DebugSessionTransaction: - id: GoogleCloudApigeeV1DebugSessionTransaction - description: >- - A transaction contains all of the debug information of the entire - message flow of an API call processed by the runtime plane. The - information is collected and recorded at critical points of the message - flow in the runtime apiproxy. - type: object - properties: - completed: - description: Flag indicating whether a transaction is completed or not + hasAttachedFlowHooks: type: boolean - point: + forwardProxyUri: description: >- - List of debug data collected by runtime plane at various defined - points in the flow. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Point' - GoogleCloudApigeeV1Point: - id: GoogleCloudApigeeV1Point - description: >- - Point is a group of information collected by runtime plane at critical - points of the message flow of the processed API request. This is a list - of supported point IDs, categorized to three major buckets. For each - category, debug points that we are currently supporting are listed - below: - Flow status debug points: StateChange FlowInfo Condition - Execution DebugMask Error - Flow control debug points: FlowCallout - Paused Resumed FlowReturn BreakFlow Error - Runtime debug points: - ScriptExecutor FlowCalloutStepDefinition CustomTarget StepDefinition - Oauth2ServicePoint RaiseFault NodeJS The detail information of the given - debug point is stored in a list of results. - type: object - properties: - id: - description: Name of a step in the transaction. + Optional. URI of the forward proxy to be applied to the runtime + instances in this environment. Must be in the format of + {scheme}://{hostname}:{port}. Note that the only supported scheme is + "http". The port must be supplied. To remove a forward proxy + setting, update the field to an empty value. Note: At this time, PUT + operations to add forwardProxyUri to an existing environment fail if + the environment has nodeConfig set up. To successfully add the + forwardProxyUri setting in this case, include the NodeConfig details + with the request. type: string - results: - description: List of results extracted from a given debug point. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Result' - GoogleCloudApigeeV1Result: - id: GoogleCloudApigeeV1Result - description: >- - Result is short for "action result", could be different types identified - by "action_result" field. Supported types: 1. DebugInfo : generic debug - info collected by runtime recorded as a list of properties. For example, - the contents could be virtual host info, state change result, or - execution metadata. Required fields : properties, timestamp 2. - RequestMessage: information of a http request. Contains headers, request - URI and http methods type.Required fields : headers, uri, verb 3. - ResponseMessage: information of a http response. Contains headers, - reason phrase and http status code. Required fields : headers, - reasonPhrase, statusCode 4. ErrorMessage: information of a http error - message. Contains detail error message, reason phrase and status code. - Required fields : content, headers, reasonPhrase, statusCode 5. - VariableAccess: a list of variable access actions, can be Get, Set and - Remove. Required fields : accessList - type: object - properties: - ActionResult: + nodeConfig: + $ref: '#/components/schemas/GoogleCloudApigeeV1NodeConfig' + description: Optional. NodeConfig of the environment. + state: description: >- - Type of the action result. Can be one of the five: DebugInfo, - RequestMessage, ResponseMessage, ErrorMessage, VariableAccess + Output only. State of the environment. Values other than ACTIVE + means the resource is not ready to use. type: string + enumDescriptions: + - Resource is in an unspecified state. + - Resource is being created. + - Resource is provisioned and ready to use. + - The resource is being deleted. + - The resource is being updated. + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + - UPDATING + readOnly: true properties: - description: Name value pairs used for DebugInfo ActionResult. $ref: '#/components/schemas/GoogleCloudApigeeV1Properties' - timestamp: - description: >- - Timestamp of when the result is recorded. Its format is dd-mm-yy - hh:mm:ss:xxx. For example, `"timestamp" : "12-08-19 00:31:59:960"` - type: string - headers: description: >- - A list of HTTP headers. for example, '"headers" : [ { "name" : - "Content-Length", "value" : "83" }, { "name" : "Content-Type", - "value" : "application/json" } ]' - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Property' - uRI: + Optional. Key-value pairs that may be used for customizing the + environment. + clientIpResolutionConfig: description: >- - The relative path of the api proxy. for example, `"uRI" : - "/iloveapis"` - type: string - verb: - description: HTTP method verb + Optional. The algorithm to resolve IP. This will affect Analytics, + API Security, and other features that use the client ip. To remove a + client ip resolution config, update the field to an empty value. + Example: '{ "clientIpResolutionConfig" = {} }' For more information, + see: + https://cloud.google.com/apigee/docs/api-platform/system-administration/client-ip-resolution. + $ref: >- + #/components/schemas/GoogleCloudApigeeV1EnvironmentClientIPResolutionConfig + lastModifiedAt: + readOnly: true type: string - accessList: description: >- - A list of variable access actions agaist the api proxy. Supported - values: Get, Set, Remove. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1Access' - reasonPhrase: - description: HTTP response phrase + Output only. Last modification time of this environment as + milliseconds since epoch. + format: int64 + displayName: type: string - statusCode: - description: HTTP response code + description: Optional. Display name for this environment. + type: + enumDescriptions: + - Environment type not specified. + - >- + This is the default type. Base environment has limited capacity + and capabilities and are usually used when you are getting started + with Apigee or while experimenting. Refer to Apigee's public + documentation for more details. + - >- + Intermediate environment supports API management features and + higher capacity than Base environment. Refer to Apigee's public + documentation for more details. + - >- + Comprehensive environment supports advanced capabilites and even + higher capacity than Intermediate environment. Refer to Apigee's + public documentation for more details. + enum: + - ENVIRONMENT_TYPE_UNSPECIFIED + - BASE + - INTERMEDIATE + - COMPREHENSIVE + description: Optional. EnvironmentType selected for the environment. type: string - content: + name: description: >- - Error message content. for example, "content" : - "{\"fault\":{\"faultstring\":\"API timed - out\",\"detail\":{\"errorcode\":\"flow.APITimedOut\"}}}" + Required. Name of the environment. Values must match the regular + expression `^[.\\p{Alnum}-_]{1,255}$` type: string - GoogleCloudApigeeV1Access: - id: GoogleCloudApigeeV1Access - type: object - properties: - Get: - $ref: '#/components/schemas/GoogleCloudApigeeV1AccessGet' - Set: - $ref: '#/components/schemas/GoogleCloudApigeeV1AccessSet' - Remove: - $ref: '#/components/schemas/GoogleCloudApigeeV1AccessRemove' - GoogleCloudApigeeV1AccessGet: - id: GoogleCloudApigeeV1AccessGet - description: >- - Get action. For example, "Get" : { "name" : "target.name", "value" : - "default" } + deploymentType: + description: >- + Optional. Deployment type supported by the environment. The + deployment type can be set when creating the environment and cannot + be changed. When you enable archive deployment, you will be + **prevented from performing** a [subset of + actions](/apigee/docs/api-platform/local-development/overview#prevented-actions) + within the environment, including: * Managing the deployment of API + proxy or shared flow revisions * Creating, updating, or deleting + resource files * Creating, updating, or deleting target servers + enum: + - DEPLOYMENT_TYPE_UNSPECIFIED + - PROXY + - ARCHIVE + type: string + enumDescriptions: + - Deployment type not specified. + - >- + Proxy deployment enables you to develop and deploy API proxies + using Apigee on Google Cloud. This cannot currently be combined + with the CONFIGURABLE API proxy type. + - >- + Archive deployment enables you to develop API proxies locally then + deploy an archive of your API proxy configuration to an + environment in Apigee on Google Cloud. You will be prevented from + performing a [subset of + actions](/apigee/docs/api-platform/local-development/overview#prevented-actions) + within the environment. type: object + id: GoogleCloudApigeeV1Environment + GoogleCloudApigeeV1DeveloperAppKey: + id: GoogleCloudApigeeV1DeveloperAppKey properties: - name: + scopes: + description: >- + Scopes to apply to the app. The specified scope names must already + be defined for the API product that you associate with the app. + type: array + items: + type: string + status: + description: >- + Status of the credential. Valid values include `approved` or + `revoked`. type: string - value: + issuedAt: + description: Time the developer app was created in milliseconds since epoch. + format: int64 type: string - GoogleCloudApigeeV1AccessSet: - id: GoogleCloudApigeeV1AccessSet - description: >- - Set action. For example, "Set" : { "name" : "target.name", "success" : - true, "value" : "default" } - type: object - properties: - name: + expiresInSeconds: + format: int64 + description: >- + Input only. Expiration time, in seconds, for the consumer key. If + not set or left to the default value of `-1`, the API key never + expires. The expiration time can't be updated after it is set. type: string - success: - type: boolean - value: + expiresAt: type: string - GoogleCloudApigeeV1AccessRemove: - id: GoogleCloudApigeeV1AccessRemove - description: >- - Remove action. For example, "Remove" : { "name" : "target.name", - "success" : true } - type: object - properties: - name: + description: Time the developer app expires in milliseconds since epoch. + format: int64 + apiProducts: + description: >- + List of API products for which the credential can be used. **Note**: + Do not specify the list of API products when creating a consumer key + and secret for a developer app. Instead, use the + UpdateDeveloperAppKey API to make the association after the consumer + key and secret are created. + type: array + items: + type: any + consumerKey: type: string - success: - type: boolean - GoogleCloudApigeeV1ApiCategory: - id: GoogleCloudApigeeV1ApiCategory + description: Consumer key. + attributes: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + description: List of attributes associated with the credential. + type: array + consumerSecret: + description: Secret key. + type: string + type: object + GoogleCloudApigeeV1DeploymentGroupConfig: description: >- - `ApiCategory` represents an API category. [Catalog - items](/apigee/docs/reference/apis/apigee/rest/v1/organizations.sites.apidocs) - can be tagged with API categories; users viewing the API catalog in the - portal will have the option to browse the catalog by category. + DeploymentGroupConfig represents a deployment group that should be + present in a particular environment. + id: GoogleCloudApigeeV1DeploymentGroupConfig type: object properties: - siteId: - description: Name of the portal. + uid: + description: >- + Unique ID. The ID will only change if the deployment group is + deleted and recreated. type: string name: - description: Name of the category. - type: string - id: - description: ID of the category (a UUID). type: string - updateTime: - description: Time the category was last modified in milliseconds since epoch. + description: >- + Name of the deployment group in the following format: + `organizations/{org}/environments/{env}/deploymentGroups/{group}`. + revisionId: + description: >- + Revision number which can be used by the runtime to detect if the + deployment group has changed between two versions. type: string format: int64 - GoogleCloudApigeeV1ApiCategoryResponse: - id: GoogleCloudApigeeV1ApiCategoryResponse - description: The API category resource wrapped with response status, error_code, etc. - type: object - properties: - status: - description: Status of the operation. - type: string - message: - description: Description of the operation. - type: string - requestId: - description: Unique ID of the request. - type: string - errorCode: - description: Unique error code for the request, if any. + deploymentGroupType: + enum: + - DEPLOYMENT_GROUP_TYPE_UNSPECIFIED + - STANDARD + - EXTENSIBLE type: string - data: - description: The API category resource. - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiCategory' - GoogleCloudApigeeV1DeleteResponse: - id: GoogleCloudApigeeV1DeleteResponse - description: Response for certain delete operations. - type: object + enumDescriptions: + - Unspecified type + - Standard type + - Extensible Type + description: >- + Type of the deployment group, which will be either Standard or + Extensible. + GoogleCloudApigeeV1OperationConfig: properties: - status: - description: Status of the operation. - type: string - message: - description: Description of the operation. - type: string - requestId: - description: Unique ID of the request. - type: string - errorCode: - description: Unique error code for the request, if any. - type: string - gcpResource: - description: Google Cloud name of deleted resource. + operations: + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Operation' + description: >- + List of resource/method pairs for the API proxy or remote service to + which quota will applied. **Note**: Currently, you can specify only + a single resource/method pair. The call will fail if more than one + resource/method pair is provided. + attributes: + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + description: Custom attributes associated with the operation. + apiSource: + description: >- + Required. Name of the API proxy or remote service with which the + resources, methods, and quota are associated. type: string - GoogleCloudApigeeV1ListApiCategoriesResponse: - id: GoogleCloudApigeeV1ListApiCategoriesResponse - description: 'The response for `ListApiCategoriesRequest`. Next ID: 6' + quota: + description: >- + Quota parameters to be enforced for the resources, methods, and API + source combination. If none are specified, quota enforcement will + not be done. + $ref: '#/components/schemas/GoogleCloudApigeeV1Quota' + description: >- + Binds the resources in an API proxy or remote service with the allowed + REST methods and associated quota enforcement. + id: GoogleCloudApigeeV1OperationConfig type: object + GoogleIamV1Policy: + id: GoogleIamV1Policy properties: - status: - description: Status of the operation. - type: string - message: - description: Description of the operation. - type: string - requestId: - description: Unique ID of the request. - type: string - errorCode: - description: Unique error code for the request, if any. - type: string - data: - description: The API category resources. + bindings: type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiCategory' - GoogleCloudApigeeV1ApiDocResponse: - id: GoogleCloudApigeeV1ApiDocResponse - description: The catalog item resource wrapped with response status, error_code, etc. - type: object - properties: - status: - description: Status of the operation. - type: string - message: - description: Description of the operation. - type: string - requestId: - description: Unique ID of the request. - type: string - errorCode: - description: Unique error code for the request, if any. + $ref: '#/components/schemas/GoogleIamV1Binding' + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + etag: type: string - data: - description: The catalog item resource. - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDoc' - GoogleCloudApigeeV1ApiDoc: - id: GoogleCloudApigeeV1ApiDoc + format: byte + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + version: + format: int32 + type: integer + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + auditConfigs: + type: array + items: + $ref: '#/components/schemas/GoogleIamV1AuditConfig' + description: Specifies cloud audit logging configuration for this policy. + type: object description: >- - `ApiDoc` represents an API catalog item. Catalog items are used in two - ways in a portal: - Users can browse and interact with a visual - representation of the API documentation - The `api_product_name` field - provides a link to a backing [API product] - (/apigee/docs/reference/apis/apigee/rest/v1/organizations.apiproducts). - Through this link, portal users can create and manage developer apps - linked to one or more API products. + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + GoogleCloudApigeeV1SecurityAssessmentResultResource: type: object + id: GoogleCloudApigeeV1SecurityAssessmentResultResource properties: - siteId: - description: Output only. The ID of the parent portal. - readOnly: true - type: string - id: - description: Output only. The ID of the catalog item. - readOnly: true + resourceRevisionId: type: string - format: int64 - title: description: >- - Required. The user-facing name of the catalog item. `title` must be - a non-empty string with a max length of 255 characters. + The revision id for the resource. In case of Apigee, this is proxy + revision id. + name: type: string - description: description: >- - Optional. Description of the catalog item. Max length is 10,000 - characters. + Required. Name of this resource. For an Apigee API Proxy, this + should be the id of the API proxy. For an API Hub Deployment, this + should be the id of the deployment. + type: + description: Required. Type of this resource. + enum: + - RESOURCE_TYPE_UNSPECIFIED + - API_PROXY + - API_HUB_DEPLOYMENT type: string - published: - description: >- - Optional. Denotes whether the catalog item is published to the - portal or is in a draft state. When the parent portal is enrolled in - the [audience management - feature](https://cloud.google.com/apigee/docs/api-platform/publish/portal/portal-audience#enrolling_in_the_beta_release_of_the_audience_management_feature), - the visibility can be set to public on creation by setting the - anonAllowed flag to true or further managed in the management UI - (see [Manage the visibility of an API in your - portal](https://cloud.google.com/apigee/docs/api-platform/publish/portal/publish-apis#visibility)) - before it can be visible to any users. If not enrolled in the - audience management feature, the visibility is managed by the - `anonAllowed` flag. - type: boolean - anonAllowed: + enumDescriptions: + - ResourceType not specified. + - Resource is an Apigee Proxy. + - Resource is an API Hub deployment. + apiHubDeploymentDetails: + description: Output only. Additional details for the API Hub deployment. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityAssessmentResultResourceApiHubDeploymentDetails + description: Resource for which we are computing security assessment. + GoogleCloudApigeeV1UpdateAppGroupAppKeyRequest: + properties: + apiProducts: description: >- - Optional. Boolean flag that manages user access to the catalog item. - When true, the catalog item has public visibility and can be viewed - anonymously; otherwise, only registered users may view it. Note: - when the parent portal is enrolled in the [audience management - feature](https://cloud.google.com/apigee/docs/api-platform/publish/portal/portal-audience#enrolling_in_the_beta_release_of_the_audience_management_feature), - and this flag is set to false, visibility is set to an indeterminate - state and must be explicitly specified in the management UI (see - [Manage the visibility of an API in your - portal](https://cloud.google.com/apigee/docs/api-platform/publish/portal/publish-apis#visibility)). - Additionally, when enrolled in the audience management feature, - updates to this flag will be ignored as visibility permissions must - be updated in the management UI. - type: boolean - apiProductName: + The list of API products that will be associated with the + credential. This list will be appended to the existing list of + associated API Products for this App Key. Duplicates will be + ignored. + type: array + items: + type: string + action: description: >- - Required. Immutable. The `name` field of the associated [API - product](/apigee/docs/reference/apis/apigee/rest/v1/organizations.apiproducts). - A portal may have only one catalog item associated with a given API - product. + Approve or revoke the consumer key by setting this value to + `approve` or `revoke` respectively. The `Content-Type` header, if + set, must be set to `application/octet-stream`, with empty body. type: string - requireCallbackUrl: - description: >- - Optional. Whether a callback URL is required when this catalog - item's API product is enabled in a developer app. When true, a - portal user will be required to input a URL when managing the app - (this is typically used for the app's OAuth flow). - type: boolean - imageUrl: + appGroupAppKey: + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupAppKey' description: >- - Optional. Location of the image used for the catalog item in the - catalog. This can be either an image with an external URL or a file - path for [image files stored in the - portal](/apigee/docs/api-platform/publish/portal/portal-files"), for - example, `/files/book-tree.jpg`. When specifying the URL of an - external image, the image won't be uploaded to your assets; - additionally, loading the image in the integrated portal will be - subject to its availability, which may be blocked or restricted by - [content security - policies](/apigee/docs/api-platform/publish/portal/csp). Max length - of file path is 2,083 characters. - type: string - categoryIds: + Note that only Scopes and Attributes of the AppGroupAppKey can be + amended. Scopes and Attributes mentioned in the request will be + inserted and the existing scopes and attributes will be removed. + type: object + id: GoogleCloudApigeeV1UpdateAppGroupAppKeyRequest + description: Request for UpdateAppGroupAppKey + GoogleCloudApigeeV1DebugSessionTransaction: + properties: + point: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Point' + type: array description: >- - Optional. The IDs of the API categories to which this catalog item - belongs. + List of debug data collected by runtime plane at various defined + points in the flow. + completed: + type: boolean + description: Flag indicating whether a transaction is completed or not + description: >- + A transaction contains all of the debug information of the entire + message flow of an API call processed by the runtime plane. The + information is collected and recorded at critical points of the message + flow in the runtime apiproxy. + id: GoogleCloudApigeeV1DebugSessionTransaction + type: object + GoogleCloudApigeeV1ActivateNatAddressRequest: + description: Request for ActivateNatAddressRequest. Activate the nat address request. + type: object + id: GoogleCloudApigeeV1ActivateNatAddressRequest + properties: {} + GoogleCloudApigeeV1QueryMetadata: + id: GoogleCloudApigeeV1QueryMetadata + properties: + dimensions: type: array items: type: string - modified: + description: Dimensions of the AsyncQuery. + metrics: + items: + type: string description: >- - Output only. Time the catalog item was last modified in milliseconds - since epoch. - readOnly: true + Metrics of the AsyncQuery. Example: + ["name:message_count,func:sum,alias:sum_message_count"] + type: array + timeUnit: type: string - format: int64 - visibility: - description: 'Optional. DEPRECATED: use the `published` field instead' - type: boolean - edgeAPIProductName: - description: >- - Optional. Immutable. DEPRECATED: use the `apiProductName` field - instead + description: Query GroupBy time unit. + endTimestamp: type: string - specId: - description: 'Optional. DEPRECATED: DO NOT USE' - deprecated: true + description: End timestamp of the query range. + startTimestamp: type: string - graphqlSchema: - description: >- - Optional. DEPRECATED: manage documentation through the - `getDocumentation` and `updateDocumentation` methods - deprecated: true + description: Start timestamp of the query range. + outputFormat: type: string - graphqlEndpointUrl: + description: Output format. + type: object + GoogleCloudApigeeV1SecurityReport: + id: GoogleCloudApigeeV1SecurityReport + properties: + reportDefinitionId: + description: Report Definition ID. + type: string + result: + description: Result is available only after the query is completed. + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReportResultMetadata' + displayName: + type: string + description: Display Name specified by the user. + state: description: >- - Optional. DEPRECATED: manage documentation through the - `getDocumentation` and `updateDocumentation` methods - deprecated: true + Query state could be "enqueued", "running", "completed", "expired" + and "failed". type: string - graphqlSchemaDisplayName: + resultRows: + type: string + format: int64 + description: ResultRows is available only after the query is completed. + created: + type: string + description: Creation time of the query. + self: description: >- - Optional. DEPRECATED: manage documentation through the - `getDocumentation` and `updateDocumentation` methods - deprecated: true + Self link of the query. Example: + `/organizations/myorg/environments/myenv/securityReports/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd` + or following format if query is running at host level: + `/organizations/myorg/hostSecurityReports/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd` type: string - GoogleCloudApigeeV1ListApiDocsResponse: - id: GoogleCloudApigeeV1ListApiDocsResponse - type: object - properties: - status: - description: Status of the operation. + executionTime: + description: ExecutionTime is available only after the query is completed. type: string - message: - description: Description of the operation. + envgroupHostname: type: string - requestId: - description: Unique ID of the request. + description: Hostname is available only when query is executed at host level. + updated: + readOnly: true + description: Output only. Last updated timestamp for the query. type: string - errorCode: - description: Unique error code for the request, if any. + error: + description: Error is set when query fails. type: string - data: - description: The catalog item resources. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDoc' - nextPageToken: + queryParams: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Contains information like metrics, dimenstions etc of the Security + Report. + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReportMetadata' + resultFileSize: type: string - GoogleCloudApigeeV1ApiDocDocumentation: - id: GoogleCloudApigeeV1ApiDocDocumentation - description: The documentation for a catalog item. - type: object - properties: - oasDocumentation: - description: Optional. OpenAPI Specification documentation. - $ref: '#/components/schemas/GoogleCloudApigeeV1OASDocumentation' - graphqlDocumentation: - description: Optional. GraphQL documentation. - $ref: '#/components/schemas/GoogleCloudApigeeV1GraphqlDocumentation' - GoogleCloudApigeeV1OASDocumentation: - id: GoogleCloudApigeeV1OASDocumentation - description: OpenAPI Specification documentation for a catalog item. + description: ResultFileSize is available only after the query is completed. + description: >- + SecurityReport saves all the information about the created security + report. type: object + GoogleCloudApigeeV1ComputeEnvironmentScoresRequest: + id: GoogleCloudApigeeV1ComputeEnvironmentScoresRequest properties: - spec: + timeRange: + $ref: '#/components/schemas/GoogleTypeInterval' description: >- - Required. The documentation file contents for the OpenAPI - Specification. JSON and YAML file formats are supported. - $ref: '#/components/schemas/GoogleCloudApigeeV1DocumentationFile' - format: - description: Output only. The format of the input specification file contents. - readOnly: true + Required. Time range for score calculation. At most 14 days of + scores will be returned, and both the start and end dates must be + within the last 90 days. + filters: + type: array + description: >- + Optional. Filters are used to filter scored components. Return all + the components if no filter is mentioned. Example: [{ "scorePath": + "/org@myorg/envgroup@myenvgroup/env@myenv/proxies/proxy@myproxy/source" + }, { "scorePath": + "/org@myorg/envgroup@myenvgroup/env@myenv/proxies/proxy@myproxy/target", + }] This will return components with path: + "/org@myorg/envgroup@myenvgroup/env@myenv/proxies/proxy@myproxy/source" + OR + "/org@myorg/envgroup@myenvgroup/env@myenv/proxies/proxy@myproxy/target" + items: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ComputeEnvironmentScoresRequestFilter + pageToken: + description: >- + Optional. A token that can be sent as `page_token` to retrieve the + next page. If this field is omitted, there are no subsequent pages. type: string - enumDescriptions: - - The format is not available. - - YAML format. - - JSON format. - enum: - - FORMAT_UNSPECIFIED - - YAML - - JSON - GoogleCloudApigeeV1DocumentationFile: - id: GoogleCloudApigeeV1DocumentationFile - description: Documentation file contents for a catalog item. + pageSize: + type: integer + description: >- + Optional. The maximum number of subcomponents to be returned in a + single page. The service may return fewer than this value. If + unspecified, at most 100 subcomponents will be returned in a single + page. + format: int32 + type: object + description: Request for ComputeEnvironmentScores. + GoogleCloudApigeeV1ServiceIssuersMapping: type: object properties: - displayName: - description: >- - Required. A display name for the file, shown in the management UI. - Max length is 255 characters. - type: string - contents: - description: Required. The file contents. The max size is 4 MB. + emailIds: + description: List of trusted issuer email ids. + type: array + items: + type: string + service: + description: String indicating the Apigee service name. type: string - format: byte - GoogleCloudApigeeV1GraphqlDocumentation: - id: GoogleCloudApigeeV1GraphqlDocumentation - description: GraphQL documentation for a catalog item. + id: GoogleCloudApigeeV1ServiceIssuersMapping + GoogleCloudApigeeV1ListInstanceAttachmentsResponse: + description: Response for ListInstanceAttachments. type: object + id: GoogleCloudApigeeV1ListInstanceAttachmentsResponse properties: - schema: - description: Required. The documentation file contents for the GraphQL schema. - $ref: '#/components/schemas/GoogleCloudApigeeV1DocumentationFile' - endpointUri: - description: >- - Required. The GraphQL endpoint URI to be queried by API consumers. - Max length is 2,083 characters. + nextPageToken: type: string - GoogleCloudApigeeV1ApiDocDocumentationResponse: - id: GoogleCloudApigeeV1ApiDocDocumentationResponse - description: >- - The catalog item documentation wrapped with response status, error_code, - etc. - type: object + description: >- + Page token that you can include in a ListInstanceAttachments request + to retrieve the next page of content. If omitted, no subsequent + pages exist. + attachments: + description: Attachments for the instance. + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1InstanceAttachment' + GoogleCloudApigeeV1SecurityReportMetadata: properties: - status: - description: Output only. Status of the operation. - readOnly: true + startTimestamp: type: string - message: - description: Output only. Description of the operation. - readOnly: true + format: google-datetime + description: Start timestamp of the query range. + timeUnit: + description: 'Query GroupBy time unit. Example: "seconds", "minute", "hour"' type: string - requestId: - description: Output only. Unique ID of the request. - readOnly: true + mimeType: + description: MIME type / Output format. type: string - errorCode: - description: Output only. Unique error code for the request, if any. - readOnly: true + endTimestamp: + format: google-datetime + description: End timestamp of the query range. type: string - data: - description: Output only. The documentation resource. - readOnly: true - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDocDocumentation' - GoogleCloudApigeeV1InstanceAttachment: - id: GoogleCloudApigeeV1InstanceAttachment - description: >- - InstanceAttachment represents the installation of an environment onto an - instance. + dimensions: + description: Dimensions of the SecurityReport. + type: array + items: + type: string + metrics: + items: + type: string + description: >- + Metrics of the SecurityReport. Example: + ["name:bot_count,func:sum,alias:sum_bot_count"] + type: array + description: Metadata for the security report. + id: GoogleCloudApigeeV1SecurityReportMetadata type: object + GoogleCloudApigeeV1InstanceAttachment: properties: - name: - description: Output only. ID of the attachment. - readOnly: true - type: string environment: description: ID of the attached environment. type: string createdAt: + type: string + format: int64 description: >- Output only. Time the attachment was created in milliseconds since epoch. readOnly: true + name: + description: Output only. ID of the attachment. + readOnly: true type: string - format: int64 - GoogleCloudApigeeV1ListInstanceAttachmentsResponse: - id: GoogleCloudApigeeV1ListInstanceAttachmentsResponse - description: Response for ListInstanceAttachments. + type: object + description: >- + InstanceAttachment represents the installation of an environment onto an + instance. + id: GoogleCloudApigeeV1InstanceAttachment + GoogleCloudApigeeV1CertInfo: type: object properties: - attachments: - description: Attachments for the instance. + expiryDate: + description: X.509 `notAfter` validity period in milliseconds since epoch. + type: string + format: int64 + basicConstraints: + description: X.509 basic constraints extension. + type: string + issuer: + type: string + description: X.509 issuer. + subjectAlternativeNames: + description: X.509 subject alternative names (SANs) extension. type: array items: - $ref: '#/components/schemas/GoogleCloudApigeeV1InstanceAttachment' - nextPageToken: + type: string + publicKey: + type: string + description: Public key component of the X.509 subject public key info. + serialNumber: + type: string + description: X.509 serial number. + isValid: + type: string description: >- - Page token that you can include in a ListInstanceAttachments request - to retrieve the next page of content. If omitted, no subsequent - pages exist. + Flag that specifies whether the certificate is valid. Flag is set to + `Yes` if the certificate is valid, `No` if expired, or `Not yet` if + not yet valid. + validFrom: + description: X.509 `notBefore` validity period in milliseconds since epoch. + format: int64 type: string - GoogleCloudApigeeV1EndpointAttachment: - id: GoogleCloudApigeeV1EndpointAttachment - description: >- - Apigee endpoint attachment. For more information, see [Southbound - networking patterns] - (https://cloud.google.com/apigee/docs/api-platform/architecture/southbound-networking-patterns-endpoints). + sigAlgName: + description: X.509 signatureAlgorithm. + type: string + version: + description: X.509 version. + type: integer + format: int32 + subject: + type: string + description: X.509 subject. + id: GoogleCloudApigeeV1CertInfo + description: X.509 certificate as defined in RFC 5280. + GoogleCloudApigeeV1ApiProduct: type: object + id: GoogleCloudApigeeV1ApiProduct properties: - name: + lastModifiedAt: description: >- - Name of the endpoint attachment. Use the following structure in your - request: - `organizations/{org}/endpointAttachments/{endpoint_attachment}` - type: string - serviceAttachment: - description: 'Format: projects/*/regions/*/serviceAttachments/*' + Response only. Modified time of this environment as milliseconds + since epoch. + format: int64 type: string - location: - description: Required. Location of the endpoint attachment. + quota: + description: >- + Number of request messages permitted per app by this API product for + the specified `quotaInterval` and `quotaTimeUnit`. For example, a + `quota` of 50, for a `quotaInterval` of 12 and a `quotaTimeUnit` of + hours means 50 requests are allowed every 12 hours. type: string - host: + description: description: >- - Output only. Host that can be used in either the HTTP target - endpoint directly or as the host in target server. - readOnly: true + Description of the API product. Include key information about the + API product that is not captured by other fields. type: string - state: + attributes: description: >- - Output only. State of the endpoint attachment. Values other than - `ACTIVE` mean the resource is not ready to use. - readOnly: true + Array of attributes that may be used to extend the default API + product profile with customer-specific metadata. You can specify a + maximum of 18 attributes. Use this property to specify the access + level of the API product as either `public`, `private`, or + `internal`. Only products marked `public` are available to + developers in the Apigee developer portal. For example, you can set + a product to `internal` while it is in development and then change + access to `public` when it is ready to release on the portal. API + products marked as `private` do not appear on the portal, but can be + accessed by external developers. + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + llmQuotaTimeUnit: type: string - enumDescriptions: - - Resource is in an unspecified state. - - Resource is being created. - - Resource is provisioned and ready to use. - - The resource is being deleted. - - The resource is being updated. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - - UPDATING - connectionState: description: >- - Output only. State of the endpoint attachment connection to the - service attachment. - readOnly: true + Optional. Time unit defined for the `llm_quota_interval`. Valid + values include `minute`, `hour`, `day`, or `month`. + grpcOperationGroup: + description: >- + Optional. Configuration used to group Apigee proxies with gRPC + services and method names. This grouping allows us to set quota for + a particular proxy with the gRPC service name and method. If a + method name is not set, this implies quota and authorization are + applied to all gRPC methods implemented by that proxy for that + particular gRPC service. + $ref: '#/components/schemas/GoogleCloudApigeeV1GrpcOperationGroup' + environments: + description: >- + Comma-separated list of environment names to which the API product + is bound. Requests to environments that are not listed are rejected. + By specifying one or more environments, you can bind the resources + listed in the API product to a specific environment, preventing + developers from accessing those resources through API proxies + deployed in another environment. This setting is used, for example, + to prevent resources associated with API proxies in `prod` from + being accessed by API proxies deployed in `test`. + items: + type: string + type: array + quotaCounterScope: type: string enumDescriptions: - - The connection state has not been set. - >- - The connection state is unavailable at this time, possibly because - the endpoint attachment is currently being provisioned. - - The connection is pending acceptance by the PSC producer. - - The connection has been accepted by the PSC producer. - - The connection has been rejected by the PSC producer. + When quota is not explicitly defined for each + operation(REST/GraphQL), the limits set at product level will be + used as a local counter for quota evaluation by all the + operations, independent of proxy association. - >- - The connection has been closed by the PSC producer and will not - serve traffic going forward. + When quota is not explicitly defined for each + operation(REST/GraphQL), set at product level will be used as a + global counter for quota evaluation by all the operations + associated with a particular proxy. - >- - The connection has been frozen by the PSC producer and will not - serve traffic. + When quota is not explicitly defined for each + operation(REST/GraphQL), the limits set at product level will be + used as a local counter for quota evaluation by all the + operations, independent of proxy association. This behavior mimics + the same as QUOTA_COUNTER_SCOPE_UNSPECIFIED. - >- - The connection has been accepted by the PSC producer, but it is - not ready to serve the traffic due to producer side issues. + When quota is not explicitly defined for each + operation(REST/GraphQL), the limits set at product level will be + used as a global counter for quota evaluation by all the + operations. + description: >- + Scope of the quota decides how the quota counter gets applied and + evaluate for quota violation. If the Scope is set as PROXY, then all + the operations defined for the APIproduct that are associated with + the same proxy will share the same quota counter set at the + APIproduct level, making it a global counter at a proxy level. If + the Scope is set as OPERATION, then each operations get the counter + set at the API product dedicated, making it a local counter. Note + that, the QuotaCounterScope applies only when an operation does not + have dedicated quota set for itself. enum: - - CONNECTION_STATE_UNSPECIFIED - - UNAVAILABLE - - PENDING - - ACCEPTED - - REJECTED - - CLOSED - - FROZEN - - NEEDS_ATTENTION - GoogleCloudApigeeV1ListEndpointAttachmentsResponse: - id: GoogleCloudApigeeV1ListEndpointAttachmentsResponse - description: Response for ListEndpointAttachments method. - type: object - properties: - endpointAttachments: - description: Endpoint attachments in the specified organization. + - QUOTA_COUNTER_SCOPE_UNSPECIFIED + - PROXY + - OPERATION + - PRODUCT + proxies: type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1EndpointAttachment' - nextPageToken: description: >- - Page token that you can include in an `ListEndpointAttachments` - request to retrieve the next page. If omitted, no subsequent pages - exist. - type: string - GoogleCloudApigeeV1ListNatAddressesResponse: - id: GoogleCloudApigeeV1ListNatAddressesResponse - description: Response for ListNatAddresses. - type: object - properties: - natAddresses: - description: List of NAT Addresses for the instance. + Comma-separated list of API proxy names to which this API product is + bound. By specifying API proxies, you can associate resources in the + API product with specific API proxies, preventing developers from + accessing those resources through other API proxies. Apigee rejects + requests to API proxies that are not listed. **Note:** The API proxy + names must already exist in the specified environment as they will + be validated upon creation. + items: + type: string + apiResources: type: array + description: >- + Comma-separated list of API resources to be bundled in the API + product. By default, the resource paths are mapped from the + `proxy.pathsuffix` variable. The proxy path suffix is defined as the + URI fragment following the ProxyEndpoint base path. For example, if + the `apiResources` element is defined to be `/forecastrss` and the + base path defined for the API proxy is `/weather`, then only + requests to `/weather/forecastrss` are permitted by the API product. + You can select a specific path, or you can select all subpaths with + the following wildcard: - `/**`: Indicates that all sub-URIs are + included. - `/*` : Indicates that only URIs one level down are + included. By default, / supports the same resources as /** as well + as the base path defined by the API proxy. For example, if the base + path of the API proxy is `/v1/weatherapikey`, then the API product + supports requests to `/v1/weatherapikey` and to any sub-URIs, such + as `/v1/weatherapikey/forecastrss`, `/v1/weatherapikey/region/CA`, + and so on. For more information, see Managing API products. items: - $ref: '#/components/schemas/GoogleCloudApigeeV1NatAddress' - nextPageToken: + type: string + space: description: >- - Page token that you can include in a ListNatAddresses request to - retrieve the next page of content. If omitted, no subsequent pages - exist. + Optional. The resource ID of the parent Space. If not set, the + parent resource will be the Organization. To learn how Spaces can be + used to manage resources, read the [Apigee Spaces + Overview](https://cloud.google.com/apigee/docs/api-platform/system-administration/spaces/apigee-spaces-overview). type: string - GoogleCloudApigeeV1NatAddress: - id: GoogleCloudApigeeV1NatAddress - description: >- - Apigee NAT(network address translation) address. A NAT address is a - static external IP address used for Internet egress traffic. - type: object - properties: - name: - description: Required. Resource ID of the NAT address. - type: string - ipAddress: - description: Output only. The static IPV4 address. - readOnly: true - type: string - state: - description: Output only. State of the nat address. - readOnly: true + llmQuota: type: string - enumDescriptions: - - The resource is in an unspecified state. - - The NAT address is being created. - - The NAT address is reserved but not yet used for Internet egress. - - The NAT address is active and used for Internet egress. - - The NAT address is being deleted. - enum: - - STATE_UNSPECIFIED - - CREATING - - RESERVED - - ACTIVE - - DELETING - GoogleCloudApigeeV1ActivateNatAddressRequest: - id: GoogleCloudApigeeV1ActivateNatAddressRequest - description: Request for ActivateNatAddressRequest. Activate the nat address request. - type: object - properties: {} - GoogleCloudApigeeV1ProvisionOrganizationRequest: - id: GoogleCloudApigeeV1ProvisionOrganizationRequest - description: Request for ProvisionOrganization. - type: object - properties: - authorizedNetwork: description: >- - Compute Engine network used for Service Networking to be peered with - Apigee runtime instances. See [Getting started with the Service - Networking - API](https://cloud.google.com/service-infrastructure/docs/service-networking/getting-started). - Apigee also supports shared VPC (that is, the host network project - is not the same as the one that is peering with Apigee). See [Shared - VPC overview](https://cloud.google.com/vpc/docs/shared-vpc). To use - a shared VPC network, use the following format: - `projects/{host-project-id}/{region}/networks/{network-name}`. For - example: `projects/my-sharedvpc-host/global/networks/mynetwork` + Optional. Number of LLM tokens permitted per app by this API product + for the specified `llm_quota_interval` and `llm_quota_time_unit`. + For example, an `llm_quota` of 50,000, for an `llm_quota_interval` + of 12 and an `llm_quota_time_unit` of hours means 50,000 llm tokens + are allowed to be used every 12 hours. + quotaInterval: type: string - disableVpcPeering: description: >- - Optional. Flag that specifies whether the VPC Peering through - Private Google Access should be disabled between the consumer - network and Apigee. Required if an authorizedNetwork on the consumer - project is not provided, in which case the flag should be set to - true. The value must be set before the creation of any Apigee - runtime instance and can be updated only when there are no runtime - instances. **Note:** Apigee will be deprecating the vpc peering - model that requires you to provide 'authorizedNetwork', by making - the non-peering model as the default way of provisioning Apigee - organization in future. So, this will be a temporary flag to enable - the transition. Not supported for Apigee hybrid. - type: boolean - analyticsRegion: + Time interval over which the number of request messages is + calculated. + operationGroup: description: >- - Primary Cloud Platform region for analytics data storage. For valid - values, see [Create an - organization](https://cloud.google.com/apigee/docs/hybrid/latest/precog-provision). - Defaults to `us-west1`. + Configuration used to group Apigee proxies or remote services with + resources, method types, and quotas. The resource refers to the + resource URI (excluding the base path). With this grouping, the API + product creator is able to fine-tune and give precise control over + which REST methods have access to specific resources and how many + calls can be made (using the `quota` setting). **Note:** The + `api_resources` setting cannot be specified for both the API product + and operation group; otherwise the call will fail. + $ref: '#/components/schemas/GoogleCloudApigeeV1OperationGroup' + createdAt: type: string - runtimeLocation: + format: int64 description: >- - Cloud Platform location for the runtime instance. Defaults to zone - `us-west1-a`. If a region is provided, `EVAL` organizations will use - the region for automatically selecting a zone for the runtime - instance. + Response only. Creation time of this environment as milliseconds + since epoch. + approvalType: type: string - GoogleCloudApigeeV1DnsZone: - id: GoogleCloudApigeeV1DnsZone - description: >- - A DNS zone is a resource under an Apigee organization that is used to - create a DNS peering with Apigee's network. DNS peering will let Apigee - instances resolve the hostnames created in a peered network. - type: object - properties: - name: description: >- - Identifier. Unique name for the resource. Defined by the server - Format: "organizations/{organization}/dnsZones/{dns_zone}". - type: string - createTime: - description: Output only. The time that this resource was created on the server. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time that this resource was updated on the server. - readOnly: true - type: string - format: google-datetime - description: + Flag that specifies how API keys are approved to access the APIs + defined by the API product. If set to `manual`, the consumer key is + generated and returned in "pending" state. In this case, the API + keys won't work until they have been explicitly approved. If set to + `auto`, the consumer key is generated and returned in "approved" + state and can be used immediately. **Note:** Typically, `auto` is + used to provide access to free or trial API products that provide + limited quota or capabilities. + llmOperationGroup: description: >- - Required. Description of the resource. String of at most 1024 - characters associated with this resource for the user's convenience. + Optional. Configuration used to group Apigee proxies with resources, + method types, LLM model and quotas. The resource refers to the + resource URI (excluding the base path). With this grouping, the API + product creator is able to fine-tune and give precise control over + which REST methods have access to specific resources, specific LLM + model and how many calls can be made (using the `quota` setting). + **Note:** The `api_resources` setting cannot be specified for both + the API product and llm operation group; otherwise the call will + fail. + $ref: '#/components/schemas/GoogleCloudApigeeV1LlmOperationGroup' + quotaTimeUnit: type: string - domain: description: >- - Required. The domain name for hosts in this private zone, for - instance "example.com.". - type: string - peeringConfig: - description: DNS PEERING zone configuration. - $ref: '#/components/schemas/GoogleCloudApigeeV1DnsZonePeeringConfig' - state: + Time unit defined for the `quotaInterval`. Valid values include + `minute`, `hour`, `day`, or `month`. + llmQuotaInterval: description: >- - Output only. State of the DNS Peering. Values other than `ACTIVE` - mean the resource is not ready to use. - readOnly: true + Optional. Time interval over which the number of tokens from LLM + responses is calculated. type: string - enumDescriptions: - - Resource is in an unspecified state. - - Resource is being created. - - Resource is provisioned and ready to use. - - The resource is being deleted. - - The resource is being updated. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - - UPDATING - GoogleCloudApigeeV1DnsZonePeeringConfig: - id: GoogleCloudApigeeV1DnsZonePeeringConfig - description: Fields for DNS PEERING zone. - type: object - properties: - targetProjectId: + scopes: + type: array description: >- - Required. The ID of the project that contains the producer VPC - network. + Comma-separated list of OAuth scopes that are validated at runtime. + Apigee validates that the scopes in any access token presented match + the scopes defined in the OAuth policy associated with the API + product. + items: + type: string + name: type: string - targetNetworkId: description: >- - Required. The VPC network where the records for that private DNS - zone's namespace are available. Apigee will be performing DNS - peering with this VPC network. + Internal name of the API product. Characters you can use in the name + are restricted to: `A-Z0-9._\-$ %`. **Note:** The internal name + cannot be edited when updating the API product. + graphqlOperationGroup: + $ref: '#/components/schemas/GoogleCloudApigeeV1GraphQLOperationGroup' + description: >- + Configuration used to group Apigee proxies or remote services with + graphQL operation name, graphQL operation type and quotas. This + grouping allows us to precisely set quota for a particular + combination of graphQL name and operation type for a particular + proxy request. If graphQL name is not set, this would imply quota + will be applied on all graphQL requests matching the operation type. + displayName: + description: >- + Name displayed in the UI or developer portal to developers + registering for API access. type: string - GoogleCloudApigeeV1ListDnsZonesResponse: - id: GoogleCloudApigeeV1ListDnsZonesResponse - description: Response for list DNS zones. - type: object + GoogleCloudApigeeV1SecuritySettings: properties: - dnsZones: - description: DNS zones in a given organization. - type: array - items: - $ref: '#/components/schemas/GoogleCloudApigeeV1DnsZone' - nextPageToken: + mlRetrainingFeedbackEnabled: + type: boolean description: >- - Page token that you can include in an `ListDnsZones` request to - retrieve the next page. If omitted, no subsequent pages exist. + Optional. If true the user consents to the use of ML models for + Abuse detection. + name: + description: >- + Identifier. Full resource name is always + `organizations/{org}/securitySettings`. type: string - EdgeConfigstoreBundleBadBundle: - id: EdgeConfigstoreBundleBadBundle - description: Describes why a bundle is invalid. Intended for use in error details. + id: GoogleCloudApigeeV1SecuritySettings + type: object + description: >- + SecuritySettings reflects the current state of the SecuritySettings + feature. + GoogleCloudApigeeV1AdvancedApiOpsConfig: + id: GoogleCloudApigeeV1AdvancedApiOpsConfig type: object properties: - violations: - description: Describes all precondition violations. - type: array - items: - $ref: '#/components/schemas/EdgeConfigstoreBundleBadBundleViolation' - EdgeConfigstoreBundleBadBundleViolation: - id: EdgeConfigstoreBundleBadBundleViolation - description: A message type used to describe a single bundle validation error. + enabled: + description: Flag that specifies whether the Advanced API Ops add-on is enabled. + type: boolean + description: Configuration for the Advanced API Ops add-on. + GoogleCloudApigeeV1Keystore: + id: GoogleCloudApigeeV1Keystore + description: Datastore for Certificates and Aliases. type: object properties: - filename: + aliases: + items: + type: string + readOnly: true + description: Output only. Aliases in this keystore. + type: array + name: description: >- - The filename (including relative path from the bundle root) in which - the error occurred. - type: string - description: - description: A description of why the bundle is invalid and how to fix it. + Required. Resource ID for this keystore. Values must match the + regular expression `[\w[:space:].-]{1,255}`. type: string - GoogleCloudApigeeV1OperationMetadata: - id: GoogleCloudApigeeV1OperationMetadata - description: Metadata describing an Operation. + GoogleCloudApigeeV1OptimizedStats: + description: Encapsulates a response format for JavaScript Optimized Scenario. type: object + id: GoogleCloudApigeeV1OptimizedStats properties: - operationType: + Response: + description: >- + Wraps the `stats` response for JavaScript Optimized Scenario with a + response key. For example: ```{ "Response": { "TimeUnit": [], + "metaData": { "errors": [], "notices": [ "Source:Postgres", "Table + used: edge.api.aaxgroup001.agg_api", "PG + Host:ruappg08-ro.production.apigeeks.net", "query served + by:80c4ebca-6a10-4a2e-8faf-c60c1ee306ca" ] }, "resultTruncated": + false, "stats": { "data": [ { "identifier": { "names": [ "apiproxy" + ], "values": [ "sirjee" ] }, "metric": [ { "env": "prod", "name": + "sum(message_count)", "values": [ 36.0 ] }, { "env": "prod", "name": + "sum(is_error)", "values": [ 36.0 ] } ] } ] } } }``` + $ref: '#/components/schemas/GoogleCloudApigeeV1OptimizedStatsResponse' + GoogleCloudApigeeV1AsyncQueryResult: + properties: + expires: + type: string + description: Query result will be unaccessable after this time. + self: + type: string + description: >- + Self link of the query results. Example: + `/organizations/myorg/environments/myenv/queries/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd/result` + or following format if query is running at host level: + `/organizations/myorg/hostQueries/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd/result` + id: GoogleCloudApigeeV1AsyncQueryResult + type: object + GoogleCloudApigeeV1ListSecurityFeedbackResponse: + type: object + description: Response for ListSecurityFeedback + properties: + securityFeedback: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityFeedback' + description: List of SecurityFeedback reports. + type: array + nextPageToken: + type: string + description: >- + A token that can be sent as `page_token` in + `ListSecurityFeedbackRequest` to retrieve the next page. If this + field is omitted, there are no subsequent pages. + id: GoogleCloudApigeeV1ListSecurityFeedbackResponse + GoogleCloudApigeeV1SyncAuthorization: + type: object + id: GoogleCloudApigeeV1SyncAuthorization + properties: + etag: + format: byte + type: string + description: >- + Entity tag (ETag) used for optimistic concurrency control as a way + to help prevent simultaneous updates from overwriting each other. + For example, when you call + [getSyncAuthorization](organizations/getSyncAuthorization) an ETag + is returned in the response. Pass that ETag when calling the + [setSyncAuthorization](organizations/setSyncAuthorization) to ensure + that you are updating the correct version. If you don't pass the + ETag in the call to `setSyncAuthorization`, then the existing + authorization is overwritten indiscriminately. **Note**: We strongly + recommend that you use the ETag in the read-modify-write cycle to + avoid race conditions. + identities: + type: array + description: >- + Required. Array of service accounts to grant access to control plane + resources, each specified using the following format: + `serviceAccount:` service-account-name. The service-account-name is + formatted like an email address. For example: + `my-synchronizer-manager-service_account@my_project_id.iam.gserviceaccount.com` + You might specify multiple service accounts, for example, if you + have multiple environments and wish to assign a unique service + account to each one. The service accounts must have **Apigee + Synchronizer Manager** role. See also [Create service + accounts](https://cloud.google.com/apigee/docs/hybrid/latest/sa-about#create-the-service-accounts). + items: + type: string + GoogleCloudApigeeV1SecurityProfileV2ProfileAssessmentConfigApiHubGatewayTypeArray: + type: object + id: >- + GoogleCloudApigeeV1SecurityProfileV2ProfileAssessmentConfigApiHubGatewayTypeArray + properties: + gatewayTypes: + description: Required. The array of API Hub Gateway Types. + items: + enum: + - API_HUB_GATEWAY_TYPE_UNSPECIFIED + - APIGEE_X + - APIGEE_HYBRID + - APIGEE_EDGE + - APIGEE_OPDK + enumDescriptions: + - Gateway type is not specified. + - Gateway is Apigee X for API Hub. + - Gateway is Apigee Hybrid for API Hub. + - Gateway is Apigee Edge for API Hub. + - Gateway is Apigee OPDK for API Hub. + type: string + type: array + description: Message for the array of API Hub Gateway Types. + GoogleCloudApigeeV1Export: + type: object + properties: + created: + description: Output only. Time the export job was created. + readOnly: true + type: string + state: + readOnly: true + type: string + description: >- + Output only. Status of the export job. Valid values include + `enqueued`, `running`, `completed`, and `failed`. + self: + description: >- + Output only. Self link of the export job. A URI that can be used to + retrieve the status of an export job. Example: + `/organizations/myorg/environments/myenv/analytics/exports/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd` + readOnly: true + type: string + executionTime: + readOnly: true + description: >- + Output only. Execution time for this export job. If the job is still + in progress, it will be set to the amount of time that has elapsed + since`created`, in seconds. Else, it will set to (`updated` - + `created`), in seconds. + type: string + name: + type: string + description: Display name of the export job. + error: + description: Output only. Error is set when export fails + type: string + readOnly: true + updated: + type: string + readOnly: true + description: Output only. Time the export job was last updated. + datastoreName: + type: string + description: >- + Name of the datastore that is the destination of the export job + [datastore] + description: + description: Description of the export job. + type: string + description: Details of an export job. + id: GoogleCloudApigeeV1Export + GoogleCloudApigeeV1TestDatastoreResponse: + id: GoogleCloudApigeeV1TestDatastoreResponse + properties: + state: + description: Output only. It could be `completed` or `failed` + readOnly: true + type: string + error: + readOnly: true + description: Output only. Error message of test connection failure + type: string + type: object + description: The response for TestDatastore + GoogleCloudApigeeV1LlmOperationConfig: + id: GoogleCloudApigeeV1LlmOperationConfig + description: >- + Binds the resources in an API proxy or remote service with the allowed + REST methods and associated quota enforcement. + type: object + properties: + llmOperations: + description: >- + Required. List of resource/method/model for the API proxy to which + quota will applied. **Note**: Currently, you can specify only a + single resource/method/model mapping. The call will fail if more + than one resource/method/model mappings are provided. + type: array + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1LlmOperation' + llmTokenQuota: + description: >- + Required. LLM token Quota parameters to be enforced for the + resources, methods, and API source & LLM model combination. If none + are specified, quota enforcement will not be done. + $ref: '#/components/schemas/GoogleCloudApigeeV1LlmTokenQuota' + apiSource: + description: >- + Required. Name of the API proxy or remote service with which the + resources, methods, and quota are associated. + type: string + attributes: + type: array + description: Optional. Custom attributes associated with the operation. + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + GoogleCloudApigeeV1SetAddonEnablementRequest: + type: object + properties: + apiSecurityEnabled: + type: boolean + description: If the API Security should be enabled in the environment. + analyticsEnabled: + description: If the Analytics should be enabled in the environment. + type: boolean + description: Request for SetAddonEnablement. + id: GoogleCloudApigeeV1SetAddonEnablementRequest + GoogleCloudApigeeV1ListSecurityReportsResponse: + id: GoogleCloudApigeeV1ListSecurityReportsResponse + description: The response for SecurityReports. + type: object + properties: + nextPageToken: + type: string + description: >- + If the number of security reports exceeded the page size requested, + the token can be used to fetch the next page in a subsequent call. + If the response is the last page and there are no more reports to + return this field is left empty. + securityReports: + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReport' + type: array + description: The security reports belong to requested resource name. + GoogleCloudApigeeV1SecurityActionFlag: + id: GoogleCloudApigeeV1SecurityActionFlag + description: The message that should be set in the case of a Flag action. + properties: + headers: + description: >- + Optional. A list of HTTP headers to be sent to the target in case of + a FLAG SecurityAction. Limit 5 headers per SecurityAction. At least + one is mandatory. + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityActionHttpHeader' + type: array + type: object + GoogleCloudApigeeV1ListSecurityIncidentsResponse: + properties: + securityIncidents: + description: List of security incidents in the organization + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityIncident' + type: array + nextPageToken: + description: >- + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. + type: string + description: Response for ListSecurityIncidents. + id: GoogleCloudApigeeV1ListSecurityIncidentsResponse + type: object + GoogleCloudApigeeV1QueryTabularStatsRequest: + type: object + description: >- + Request payload representing the query to be run for fetching security + statistics as rows. + id: GoogleCloudApigeeV1QueryTabularStatsRequest + properties: + dimensions: + type: array + items: + type: string + description: Required. List of dimension names to group the aggregations by. + filter: + description: >- + Filter further on specific dimension values. Follows the same + grammar as custom report's filter expressions. Example, apiproxy eq + 'foobar'. + https://cloud.google.com/apigee/docs/api-platform/analytics/analytics-reference#filters + type: string + pageToken: + type: string + description: Identifies a sequence of rows. + metrics: + description: Required. List of metrics and their aggregations. + items: + $ref: '#/components/schemas/GoogleCloudApigeeV1MetricAggregation' + type: array + timeRange: + description: Time range for the stats. + $ref: '#/components/schemas/GoogleTypeInterval' + pageSize: + format: int32 + type: integer + description: Page size represents the number of rows. + GoogleCloudApigeeV1ComputeEnvironmentScoresRequestFilter: + id: GoogleCloudApigeeV1ComputeEnvironmentScoresRequestFilter + description: >- + Filter scores by component path. Used custom filter instead of AIP-160 + as the use cases are highly constrained and predictable. + properties: + scorePath: + type: string + description: >- + Optional. Return scores for this component. Example: + "/org@myorg/envgroup@myenvgroup/env@myenv/proxies/proxy@myproxy/source" + type: object + GoogleCloudApigeeV1ProfileConfigMTLS: + type: object + description: Checks to see if you have configured mTLS for the target server. + properties: {} + id: GoogleCloudApigeeV1ProfileConfigMTLS + GoogleIamV1SetIamPolicyRequest: + type: object + description: Request message for `SetIamPolicy` method. + properties: + updateMask: + format: google-fieldmask + description: >- + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + type: string + policy: + description: >- + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/GoogleIamV1Policy' + id: GoogleIamV1SetIamPolicyRequest + GoogleCloudApigeeV1GenerateUploadUrlResponse: + properties: + uploadUri: + description: >- + The Google Cloud Storage signed URL that can be used to upload a new + Archive zip file. + type: string + description: Response for GenerateUploadUrl method. + type: object + id: GoogleCloudApigeeV1GenerateUploadUrlResponse + GoogleCloudApigeeV1ApiCategory: + type: object + id: GoogleCloudApigeeV1ApiCategory + properties: + siteId: + type: string + description: Name of the portal. + name: + type: string + description: Name of the category. + updateTime: + description: Time the category was last modified in milliseconds since epoch. + type: string + format: int64 + id: + description: ID of the category (a UUID). + type: string + description: >- + `ApiCategory` represents an API category. [Catalog + items](/apigee/docs/reference/apis/apigee/rest/v1/organizations.sites.apidocs) + can be tagged with API categories; users viewing the API catalog in the + portal will have the option to browse the catalog by category. + GoogleCloudApigeeV1InstanceDeploymentStatusDeployedRevision: + description: Revisions deployed in the MPs. + properties: + revision: + description: API proxy revision reported as deployed. + type: string + percentage: + description: Percentage of MP replicas reporting this revision. + format: int32 + type: integer + id: GoogleCloudApigeeV1InstanceDeploymentStatusDeployedRevision + type: object + GoogleCloudApigeeV1Alias: + id: GoogleCloudApigeeV1Alias + properties: + certsInfo: + $ref: '#/components/schemas/GoogleCloudApigeeV1Certificate' + description: Chain of certificates under this alias. + alias: + type: string + description: >- + Resource ID for this alias. Values must match the regular expression + `[^/]{1,255}`. + type: + description: Type of alias. type: string enumDescriptions: - - '' - - '' - - '' - - '' + - Alias type is not specified. + - Certificate. + - Key/certificate pair. enum: - - OPERATION_TYPE_UNSPECIFIED - - INSERT - - DELETE - - UPDATE - targetResourceName: - description: Name of the resource for which the operation is operating on. + - ALIAS_TYPE_UNSPECIFIED + - CERT + - KEY_CERT + type: object + description: Reference to a certificate or key/certificate pair. + GoogleCloudApigeeV1EnvironmentGroup: + description: >- + EnvironmentGroup configuration. An environment group is used to group + one or more Apigee environments under a single host name. + properties: + name: type: string - state: + description: ID of the environment group. + lastModifiedAt: + readOnly: true type: string - enumDescriptions: - - '' - - '' - - '' - - '' + format: int64 + description: >- + Output only. The time at which the environment group was last + updated as milliseconds since epoch. + state: enum: - STATE_UNSPECIFIED - - NOT_STARTED - - IN_PROGRESS - - FINISHED - progress: - description: Progress of the operation. - $ref: '#/components/schemas/GoogleCloudApigeeV1OperationMetadataProgress' - warnings: - description: Warnings encountered while executing the operation. + - CREATING + - ACTIVE + - DELETING + - UPDATING + type: string + readOnly: true + enumDescriptions: + - Resource is in an unspecified state. + - Resource is being created. + - Resource is provisioned and ready to use. + - The resource is being deleted. + - The resource is being updated. + description: >- + Output only. State of the environment group. Values other than + ACTIVE means the resource is not ready to use. + hostnames: + description: Required. Host names for this environment group. type: array items: type: string - GoogleCloudApigeeV1OperationMetadataProgress: - id: GoogleCloudApigeeV1OperationMetadataProgress - description: Information about operation progress. + createdAt: + format: int64 + description: >- + Output only. The time at which the environment group was created as + milliseconds since epoch. + type: string + readOnly: true + type: object + id: GoogleCloudApigeeV1EnvironmentGroup + GoogleCloudApigeeV1EndpointAttachment: + id: GoogleCloudApigeeV1EndpointAttachment type: object properties: - description: - description: Description of the operation's progress. + serviceAttachment: type: string + description: 'Format: projects/*/regions/*/serviceAttachments/*' state: - description: State of the operation. + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + - UPDATING + description: >- + Output only. State of the endpoint attachment. Values other than + `ACTIVE` mean the resource is not ready to use. + readOnly: true + enumDescriptions: + - Resource is in an unspecified state. + - Resource is being created. + - Resource is provisioned and ready to use. + - The resource is being deleted. + - The resource is being updated. + type: string + name: + type: string + description: >- + Name of the endpoint attachment. Use the following structure in your + request: + `organizations/{org}/endpointAttachments/{endpoint_attachment}` + connectionState: + readOnly: true + description: >- + Output only. State of the endpoint attachment connection to the + service attachment. type: string enumDescriptions: - - '' - - '' - - '' - - '' + - The connection state has not been set. + - >- + The connection state is unavailable at this time, possibly because + the endpoint attachment is currently being provisioned. + - The connection is pending acceptance by the PSC producer. + - The connection has been accepted by the PSC producer. + - The connection has been rejected by the PSC producer. + - >- + The connection has been closed by the PSC producer and will not + serve traffic going forward. + - >- + The connection has been frozen by the PSC producer and will not + serve traffic. + - >- + The connection has been accepted by the PSC producer, but it is + not ready to serve the traffic due to producer side issues. enum: - - STATE_UNSPECIFIED - - NOT_STARTED - - IN_PROGRESS - - FINISHED - percentDone: - description: The percentage of the operation progress. - type: integer - format: int32 - details: - description: The additional details of the progress. - type: object - additionalProperties: - type: any - description: Properties of the object. + - CONNECTION_STATE_UNSPECIFIED + - UNAVAILABLE + - PENDING + - ACCEPTED + - REJECTED + - CLOSED + - FROZEN + - NEEDS_ATTENTION + host: + readOnly: true + description: >- + Output only. Host that can be used in either the HTTP target + endpoint directly or as the host in target server. + type: string + location: + type: string + description: Required. Location of the endpoint attachment. + description: >- + Apigee endpoint attachment. For more information, see [Southbound + networking patterns] + (https://cloud.google.com/apigee/docs/api-platform/architecture/southbound-networking-patterns-endpoints). parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string fields: description: Selector specifying which fields to include in a partial response. in: query @@ -9244,10 +9734,25 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' + access_token: + description: OAuth access token. in: query - name: oauth_token + name: access_token schema: type: string prettyPrint: @@ -9256,6 +9761,12 @@ components: name: prettyPrint schema: type: boolean + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -9265,27 +9776,28 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + alt: + description: Data format for response. in: query - name: upload_protocol + name: alt schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + enum: + - json + - media + - proto + callback: + description: JSONP in: query - name: uploadType + name: callback schema: type: string - _.xgafv: - description: V1 error format. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: $.xgafv + name: oauth_token schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: issuers: id: google.apigee.issuers @@ -9311,15 +9823,16 @@ components: name: organizations title: Organizations methods: - organizations_list: + projects_provision_organization: operation: - $ref: '#/paths/~1v1~1organizations/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}:provisionOrganization/post' response: mediaType: application/json openAPIDocKey: '200' - organizations_create: + organizations_set_sync_authorization: operation: - $ref: '#/paths/~1v1~1organizations/post' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}:setSyncAuthorization/post response: mediaType: application/json openAPIDocKey: '200' @@ -9341,10 +9854,15 @@ components: response: mediaType: application/json openAPIDocKey: '200' - organizations_set_sync_authorization: + organizations_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}:setSyncAuthorization/post + $ref: '#/paths/~1v1~1organizations/get' + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_create: + operation: + $ref: '#/paths/~1v1~1organizations/post' response: mediaType: application/json openAPIDocKey: '200' @@ -9361,12 +9879,6 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_provision_organization: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}:provisionOrganization/post' - response: - mediaType: application/json - openAPIDocKey: '200' sqlVerbs: select: - $ref: >- @@ -9383,26 +9895,6 @@ components: delete: - $ref: >- #/components/x-stackQL-resources/organizations/methods/organizations_delete - sync_authorization: - id: google.apigee.sync_authorization - name: sync_authorization - title: Sync_authorization - methods: - organizations_get_sync_authorization: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}:getSyncAuthorization/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/sync_authorization/methods/organizations_get_sync_authorization - insert: [] - update: [] - replace: [] - delete: [] control_plane_access: id: google.apigee.control_plane_access name: control_plane_access @@ -9432,6 +9924,25 @@ components: #/components/x-stackQL-resources/control_plane_access/methods/organizations_update_control_plane_access replace: [] delete: [] + runtime_config: + id: google.apigee.runtime_config + name: runtime_config + title: Runtime_config + methods: + organizations_get_runtime_config: + operation: + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1runtimeConfig/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/runtime_config/methods/organizations_get_runtime_config + insert: [] + update: [] + replace: [] + delete: [] project_mapping: id: google.apigee.project_mapping name: project_mapping @@ -9452,3877 +9963,4277 @@ components: update: [] replace: [] delete: [] - ingress_config: - id: google.apigee.ingress_config - name: ingress_config - title: Ingress_config + security_settings: + id: google.apigee.security_settings + name: security_settings + title: Security_settings methods: - organizations_get_deployed_ingress_config: + organizations_get_security_settings: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1deployedIngressConfig/get + #/paths/~1v1~1organizations~1{organizationsId}~1securitySettings/get + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_update_security_settings: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1securitySettings/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/ingress_config/methods/organizations_get_deployed_ingress_config + #/components/x-stackQL-resources/security_settings/methods/organizations_get_security_settings + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/security_settings/methods/organizations_update_security_settings + replace: [] + delete: [] + sync_authorization: + id: google.apigee.sync_authorization + name: sync_authorization + title: Sync_authorization + methods: + organizations_get_sync_authorization: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}:getSyncAuthorization/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/sync_authorization/methods/organizations_get_sync_authorization insert: [] update: [] replace: [] delete: [] - runtime_config: - id: google.apigee.runtime_config - name: runtime_config - title: Runtime_config + ingress_config: + id: google.apigee.ingress_config + name: ingress_config + title: Ingress_config methods: - organizations_get_runtime_config: + organizations_get_deployed_ingress_config: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1runtimeConfig/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1deployedIngressConfig/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/runtime_config/methods/organizations_get_runtime_config + #/components/x-stackQL-resources/ingress_config/methods/organizations_get_deployed_ingress_config insert: [] update: [] replace: [] delete: [] - security_settings: - id: google.apigee.security_settings - name: security_settings - title: Security_settings + developers: + id: google.apigee.developers + name: developers + title: Developers methods: - organizations_get_security_settings: + organizations_developers_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securitySettings/get + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_update_security_settings: + organizations_developers_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securitySettings/patch + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}/put + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_developers_set_developer_status: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}/post + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_developers_delete: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_developers_create: + operation: + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1developers/post' + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_developers_list: + operation: + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1developers/get' + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_developers_attributes: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1attributes/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/security_settings/methods/organizations_get_security_settings - insert: [] - update: + #/components/x-stackQL-resources/developers/methods/organizations_developers_get - $ref: >- - #/components/x-stackQL-resources/security_settings/methods/organizations_update_security_settings - replace: [] - delete: [] - apis: - id: google.apigee.apis - name: apis - title: Apis + #/components/x-stackQL-resources/developers/methods/organizations_developers_list + insert: + - $ref: >- + #/components/x-stackQL-resources/developers/methods/organizations_developers_create + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/developers/methods/organizations_developers_update + delete: + - $ref: >- + #/components/x-stackQL-resources/developers/methods/organizations_developers_delete + developers_monetization_config: + id: google.apigee.developers_monetization_config + name: developers_monetization_config + title: Developers_monetization_config methods: - organizations_apis_list: + organizations_developers_get_monetization_config: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1apis/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1monetizationConfig/get response: mediaType: application/json openAPIDocKey: '200' - organizations_apis_create: + organizations_developers_update_monetization_config: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1apis/post' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1monetizationConfig/put response: mediaType: application/json openAPIDocKey: '200' - organizations_apis_patch: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/developers_monetization_config/methods/organizations_developers_get_monetization_config + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/developers_monetization_config/methods/organizations_developers_update_monetization_config + delete: [] + attributes: + id: google.apigee.attributes + name: attributes + title: Attributes + methods: + organizations_developers_attributes_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_apis_get: - operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}/get' + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1attributes/get response: mediaType: application/json openAPIDocKey: '200' - organizations_apis_delete: + organizations_developers_apps_attributes_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1attributes~1{attributesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_apis_move: + organizations_developers_apps_attributes_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}:move/post + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1attributes~1{attributesId}/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/apis/methods/organizations_apis_get - - $ref: >- - #/components/x-stackQL-resources/apis/methods/organizations_apis_list - insert: - - $ref: >- - #/components/x-stackQL-resources/apis/methods/organizations_apis_create - update: - - $ref: >- - #/components/x-stackQL-resources/apis/methods/organizations_apis_patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/apis/methods/organizations_apis_delete - revisions_api_proxy_revision: - id: google.apigee.revisions_api_proxy_revision - name: revisions_api_proxy_revision - title: Revisions_api_proxy_revision - methods: - organizations_apis_revisions_update_api_proxy_revision: + organizations_developers_apps_attributes_update_developer_app_attribute: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1revisions~1{revisionsId}/post + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1attributes~1{attributesId}/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/revisions_api_proxy_revision/methods/organizations_apis_revisions_update_api_proxy_revision - replace: [] - delete: [] - revisions: - id: google.apigee.revisions - name: revisions - title: Revisions - methods: - organizations_apis_revisions_get: + organizations_developers_apps_attributes_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1revisions~1{revisionsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1attributes/get response: mediaType: application/json openAPIDocKey: '200' - organizations_apis_revisions_delete: + organizations_developers_attributes_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1revisions~1{revisionsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1attributes~1{attributesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_apis_revisions_deploy: + organizations_developers_attributes_update_developer_attribute: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1deployments/post + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1attributes~1{attributesId}/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_apis_revisions_undeploy: + organizations_developers_attributes_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1deployments/delete + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1attributes~1{attributesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_sharedflows_revisions_deploy: + organizations_apiproducts_attributes_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1sharedflows~1{sharedflowsId}~1revisions~1{revisionsId}~1deployments/post + #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1attributes/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_sharedflows_revisions_undeploy: + organizations_apiproducts_attributes_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1sharedflows~1{sharedflowsId}~1revisions~1{revisionsId}~1deployments/delete + #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1attributes~1{attributesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_sharedflows_revisions_get: + organizations_apiproducts_attributes_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sharedflows~1{sharedflowsId}~1revisions~1{revisionsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1attributes~1{attributesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_sharedflows_revisions_delete: + organizations_apiproducts_attributes_update_api_product_attribute: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sharedflows~1{sharedflowsId}~1revisions~1{revisionsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1attributes~1{attributesId}/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/revisions/methods/organizations_apis_revisions_get + #/components/x-stackQL-resources/attributes/methods/organizations_developers_apps_attributes_get - $ref: >- - #/components/x-stackQL-resources/revisions/methods/organizations_sharedflows_revisions_get + #/components/x-stackQL-resources/attributes/methods/organizations_developers_apps_attributes_list + - $ref: >- + #/components/x-stackQL-resources/attributes/methods/organizations_developers_attributes_get + - $ref: >- + #/components/x-stackQL-resources/attributes/methods/organizations_apiproducts_attributes_get + - $ref: >- + #/components/x-stackQL-resources/attributes/methods/organizations_developers_attributes_list + - $ref: >- + #/components/x-stackQL-resources/attributes/methods/organizations_apiproducts_attributes_list insert: [] update: [] replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/revisions/methods/organizations_apis_revisions_delete + #/components/x-stackQL-resources/attributes/methods/organizations_developers_apps_attributes_delete - $ref: >- - #/components/x-stackQL-resources/revisions/methods/organizations_sharedflows_revisions_delete - deployments: - id: google.apigee.deployments - name: deployments - title: Deployments + #/components/x-stackQL-resources/attributes/methods/organizations_developers_attributes_delete + - $ref: >- + #/components/x-stackQL-resources/attributes/methods/organizations_apiproducts_attributes_delete + developers_balance: + id: google.apigee.developers_balance + name: developers_balance + title: Developers_balance methods: - organizations_apis_revisions_deployments_list: + organizations_developers_get_balance: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1deployments/get + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1balance/get response: mediaType: application/json openAPIDocKey: '200' - organizations_apis_deployments_list: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/developers_balance/methods/organizations_developers_get_balance + insert: [] + update: [] + replace: [] + delete: [] + subscriptions: + id: google.apigee.subscriptions + name: subscriptions + title: Subscriptions + methods: + organizations_developers_subscriptions_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1deployments/get + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1subscriptions~1{subscriptionsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_apis_revisions_deployments_generate_deploy_change_report: + organizations_developers_subscriptions_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1deployments:generateDeployChangeReport/post + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1subscriptions/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_apis_revisions_deployments_generate_undeploy_change_report: + organizations_developers_subscriptions_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1deployments:generateUndeployChangeReport/post + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1subscriptions/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_apis_deployments_list: + organizations_developers_subscriptions_expire: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1deployments/get + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1subscriptions~1{subscriptionsId}:expire/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_sharedflows_deployments_list: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/subscriptions/methods/organizations_developers_subscriptions_get + - $ref: >- + #/components/x-stackQL-resources/subscriptions/methods/organizations_developers_subscriptions_list + insert: + - $ref: >- + #/components/x-stackQL-resources/subscriptions/methods/organizations_developers_subscriptions_create + update: [] + replace: [] + delete: [] + balance: + id: google.apigee.balance + name: balance + title: Balance + methods: + organizations_developers_balance_credit: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1sharedflows~1{sharedflowsId}~1deployments/get + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1balance:credit/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_deployments_list: + organizations_developers_balance_adjust: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1deployments/get + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1balance:adjust/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_deployments_get: + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + keys: + id: google.apigee.keys + name: keys + title: Keys + methods: + organizations_developers_apps_keys_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1deployments~1{deploymentsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1keys~1{keysId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_deployments_list: + organizations_developers_apps_keys_replace_developer_app_key: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1deployments/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1keys~1{keysId}/put response: mediaType: application/json openAPIDocKey: '200' - organizations_sharedflows_deployments_list: + organizations_developers_apps_keys_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sharedflows~1{sharedflowsId}~1deployments/get + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1keys~1{keysId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_sharedflows_revisions_deployments_list: + organizations_developers_apps_keys_update_developer_app_key: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sharedflows~1{sharedflowsId}~1revisions~1{revisionsId}~1deployments/get + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1keys~1{keysId}/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/organizations_apis_revisions_deployments_list - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/organizations_environments_apis_deployments_list - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/organizations_environments_sharedflows_deployments_list - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/organizations_environments_deployments_get - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/organizations_sharedflows_revisions_deployments_list - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/organizations_apis_deployments_list - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/organizations_environments_deployments_list - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/organizations_sharedflows_deployments_list - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/organizations_deployments_list - insert: [] - update: [] - replace: [] - delete: [] - keyvaluemaps: - id: google.apigee.keyvaluemaps - name: keyvaluemaps - title: Keyvaluemaps - methods: - organizations_apis_keyvaluemaps_create: + organizations_developers_apps_keys_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1keyvaluemaps/post + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1keys/post response: mediaType: application/json openAPIDocKey: '200' - organizations_apis_keyvaluemaps_delete: + organizations_developers_apps_keys_create_create: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1keys~1create/post + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_developers_apps_keys_apiproducts_delete: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1keys~1{keysId}~1apiproducts~1{apiproductsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_developers_apps_keys_apiproducts_update_developer_app_key_api_product: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1keyvaluemaps~1{keyvaluemapsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1keys~1{keysId}~1apiproducts~1{apiproductsId}/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_keyvaluemaps_create: + organizations_appgroups_apps_keys_update_app_group_app_key: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keyvaluemaps/post + #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}~1keys~1{keysId}/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_keyvaluemaps_delete: + organizations_appgroups_apps_keys_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keyvaluemaps~1{keyvaluemapsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}~1keys~1{keysId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_keyvaluemaps_create: + organizations_appgroups_apps_keys_get: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1keyvaluemaps/post' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}~1keys~1{keysId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_keyvaluemaps_delete: + organizations_appgroups_apps_keys_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1keyvaluemaps~1{keyvaluemapsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}~1keys/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] - insert: + select: - $ref: >- - #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_apis_keyvaluemaps_create + #/components/x-stackQL-resources/keys/methods/organizations_developers_apps_keys_get - $ref: >- - #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_environments_keyvaluemaps_create + #/components/x-stackQL-resources/keys/methods/organizations_appgroups_apps_keys_get + insert: - $ref: >- - #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_keyvaluemaps_create + #/components/x-stackQL-resources/keys/methods/organizations_developers_apps_keys_create + - $ref: >- + #/components/x-stackQL-resources/keys/methods/organizations_appgroups_apps_keys_create update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/keys/methods/organizations_developers_apps_keys_replace_developer_app_key delete: - $ref: >- - #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_apis_keyvaluemaps_delete + #/components/x-stackQL-resources/keys/methods/organizations_developers_apps_keys_apiproducts_delete - $ref: >- - #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_environments_keyvaluemaps_delete + #/components/x-stackQL-resources/keys/methods/organizations_developers_apps_keys_delete - $ref: >- - #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_keyvaluemaps_delete - entries: - id: google.apigee.entries - name: entries - title: Entries + #/components/x-stackQL-resources/keys/methods/organizations_appgroups_apps_keys_delete + apps: + id: google.apigee.apps + name: apps + title: Apps methods: - organizations_apis_keyvaluemaps_entries_get: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_apis_keyvaluemaps_entries_delete: + organizations_developers_apps_attributes: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1attributes/post response: mediaType: application/json openAPIDocKey: '200' - organizations_apis_keyvaluemaps_entries_update: + organizations_developers_apps_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/put + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_apis_keyvaluemaps_entries_create: + organizations_developers_apps_generate_key_pair_or_update_developer_app_status: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1keyvaluemaps~1{keyvaluemapsId}~1entries/post + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}/post response: mediaType: application/json openAPIDocKey: '200' - organizations_apis_keyvaluemaps_entries_list: + organizations_developers_apps_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1keyvaluemaps~1{keyvaluemapsId}~1entries/get + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}/put response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.keyValueEntries - organizations_environments_keyvaluemaps_entries_get: + organizations_developers_apps_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_keyvaluemaps_entries_delete: + organizations_developers_apps_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_keyvaluemaps_entries_update: + organizations_developers_apps_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/put + #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_keyvaluemaps_entries_create: + organizations_appgroups_apps_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries/post + #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}/put response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_keyvaluemaps_entries_list: + organizations_appgroups_apps_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries/get + #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.keyValueEntries - organizations_keyvaluemaps_entries_get: + organizations_appgroups_apps_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_keyvaluemaps_entries_delete: + organizations_appgroups_apps_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps/get response: mediaType: application/json openAPIDocKey: '200' - organizations_keyvaluemaps_entries_update: + objectKey: $.appGroupApps + organizations_appgroups_apps_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/put + #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps/post response: mediaType: application/json openAPIDocKey: '200' - organizations_keyvaluemaps_entries_create: + organizations_apps_get: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries/post + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1apps~1{appsId}/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_keyvaluemaps_entries_list: + organizations_apps_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries/get + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1apps/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.keyValueEntries + objectKey: $.app sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/entries/methods/organizations_apis_keyvaluemaps_entries_get + #/components/x-stackQL-resources/apps/methods/organizations_developers_apps_get - $ref: >- - #/components/x-stackQL-resources/entries/methods/organizations_environments_keyvaluemaps_entries_get + #/components/x-stackQL-resources/apps/methods/organizations_appgroups_apps_get - $ref: >- - #/components/x-stackQL-resources/entries/methods/organizations_apis_keyvaluemaps_entries_list + #/components/x-stackQL-resources/apps/methods/organizations_developers_apps_list - $ref: >- - #/components/x-stackQL-resources/entries/methods/organizations_environments_keyvaluemaps_entries_list + #/components/x-stackQL-resources/apps/methods/organizations_appgroups_apps_list - $ref: >- - #/components/x-stackQL-resources/entries/methods/organizations_keyvaluemaps_entries_get + #/components/x-stackQL-resources/apps/methods/organizations_apps_get - $ref: >- - #/components/x-stackQL-resources/entries/methods/organizations_keyvaluemaps_entries_list + #/components/x-stackQL-resources/apps/methods/organizations_apps_list insert: - $ref: >- - #/components/x-stackQL-resources/entries/methods/organizations_apis_keyvaluemaps_entries_create + #/components/x-stackQL-resources/apps/methods/organizations_developers_apps_create - $ref: >- - #/components/x-stackQL-resources/entries/methods/organizations_environments_keyvaluemaps_entries_create + #/components/x-stackQL-resources/apps/methods/organizations_appgroups_apps_create + update: [] + replace: - $ref: >- - #/components/x-stackQL-resources/entries/methods/organizations_keyvaluemaps_entries_create + #/components/x-stackQL-resources/apps/methods/organizations_developers_apps_update + - $ref: >- + #/components/x-stackQL-resources/apps/methods/organizations_appgroups_apps_update + delete: + - $ref: >- + #/components/x-stackQL-resources/apps/methods/organizations_developers_apps_delete + - $ref: >- + #/components/x-stackQL-resources/apps/methods/organizations_appgroups_apps_delete + spaces_iam_policies: + id: google.apigee.spaces_iam_policies + name: spaces_iam_policies + title: Spaces_iam_policies + methods: + organizations_spaces_test_iam_permissions: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1spaces~1{spacesId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_spaces_get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1spaces~1{spacesId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + organizations_spaces_set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1spaces~1{spacesId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/spaces_iam_policies/methods/organizations_spaces_get_iam_policy + insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/entries/methods/organizations_apis_keyvaluemaps_entries_update + #/components/x-stackQL-resources/spaces_iam_policies/methods/organizations_spaces_set_iam_policy + delete: [] + spaces: + id: google.apigee.spaces + name: spaces + title: Spaces + methods: + organizations_spaces_get: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1spaces~1{spacesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_spaces_delete: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1spaces~1{spacesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_spaces_patch: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1spaces~1{spacesId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_spaces_list: + operation: + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1spaces/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.spaces + organizations_spaces_create: + operation: + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1spaces/post' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: - $ref: >- - #/components/x-stackQL-resources/entries/methods/organizations_environments_keyvaluemaps_entries_update + #/components/x-stackQL-resources/spaces/methods/organizations_spaces_get - $ref: >- - #/components/x-stackQL-resources/entries/methods/organizations_keyvaluemaps_entries_update - delete: + #/components/x-stackQL-resources/spaces/methods/organizations_spaces_list + insert: - $ref: >- - #/components/x-stackQL-resources/entries/methods/organizations_apis_keyvaluemaps_entries_delete + #/components/x-stackQL-resources/spaces/methods/organizations_spaces_create + update: - $ref: >- - #/components/x-stackQL-resources/entries/methods/organizations_environments_keyvaluemaps_entries_delete + #/components/x-stackQL-resources/spaces/methods/organizations_spaces_patch + replace: [] + delete: - $ref: >- - #/components/x-stackQL-resources/entries/methods/organizations_keyvaluemaps_entries_delete - debugsessions: - id: google.apigee.debugsessions - name: debugsessions - title: Debugsessions + #/components/x-stackQL-resources/spaces/methods/organizations_spaces_delete + attachments: + id: google.apigee.attachments + name: attachments + title: Attachments methods: - organizations_apis_debugsessions_list: + organizations_envgroups_attachments_get: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1envgroups~1{envgroupsId}~1attachments~1{attachmentsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_envgroups_attachments_delete: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1envgroups~1{envgroupsId}~1attachments~1{attachmentsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_envgroups_attachments_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1debugsessions/get + #/paths/~1v1~1organizations~1{organizationsId}~1envgroups~1{envgroupsId}~1attachments/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sessions - organizations_environments_apis_revisions_debugsessions_create: + organizations_envgroups_attachments_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1debugsessions/post + #/paths/~1v1~1organizations~1{organizationsId}~1envgroups~1{envgroupsId}~1attachments/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_apis_revisions_debugsessions_list: + objectKey: $.environmentGroupAttachments + organizations_instances_attachments_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1debugsessions/get + #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1attachments~1{attachmentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sessions - organizations_environments_apis_revisions_debugsessions_get: + organizations_instances_attachments_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1debugsessions~1{debugsessionsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1attachments~1{attachmentsId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/debugsessions/methods/organizations_environments_apis_revisions_debugsessions_get - - $ref: >- - #/components/x-stackQL-resources/debugsessions/methods/organizations_environments_apis_revisions_debugsessions_list - - $ref: >- - #/components/x-stackQL-resources/debugsessions/methods/organizations_apis_debugsessions_list - insert: - - $ref: >- - #/components/x-stackQL-resources/debugsessions/methods/organizations_environments_apis_revisions_debugsessions_create - update: [] - replace: [] - delete: [] - operations: - id: google.apigee.operations - name: operations - title: Operations - methods: - organizations_operations_list: + organizations_instances_attachments_list: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1operations/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1attachments/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - organizations_operations_get: + objectKey: $.attachments + organizations_instances_attachments_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1attachments/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/operations/methods/organizations_operations_get + #/components/x-stackQL-resources/attachments/methods/organizations_envgroups_attachments_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/organizations_operations_list - insert: [] + #/components/x-stackQL-resources/attachments/methods/organizations_instances_attachments_get + - $ref: >- + #/components/x-stackQL-resources/attachments/methods/organizations_envgroups_attachments_list + - $ref: >- + #/components/x-stackQL-resources/attachments/methods/organizations_instances_attachments_list + insert: + - $ref: >- + #/components/x-stackQL-resources/attachments/methods/organizations_envgroups_attachments_create + - $ref: >- + #/components/x-stackQL-resources/attachments/methods/organizations_instances_attachments_create update: [] replace: [] - delete: [] - datacollectors: - id: google.apigee.datacollectors - name: datacollectors - title: Datacollectors + delete: + - $ref: >- + #/components/x-stackQL-resources/attachments/methods/organizations_envgroups_attachments_delete + - $ref: >- + #/components/x-stackQL-resources/attachments/methods/organizations_instances_attachments_delete + envgroups: + id: google.apigee.envgroups + name: envgroups + title: Envgroups methods: - organizations_datacollectors_create: + organizations_envgroups_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1datacollectors/post + #/paths/~1v1~1organizations~1{organizationsId}~1envgroups~1{envgroupsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_datacollectors_list: + organizations_envgroups_get: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1datacollectors/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1envgroups~1{envgroupsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.dataCollectors - organizations_datacollectors_get: + organizations_envgroups_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1datacollectors~1{datacollectorsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1envgroups~1{envgroupsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_datacollectors_patch: + organizations_envgroups_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1datacollectors~1{datacollectorsId}/patch + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1envgroups/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_datacollectors_delete: + objectKey: $.environmentGroups + organizations_envgroups_create: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1datacollectors~1{datacollectorsId}/delete + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1envgroups/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/datacollectors/methods/organizations_datacollectors_get + #/components/x-stackQL-resources/envgroups/methods/organizations_envgroups_get - $ref: >- - #/components/x-stackQL-resources/datacollectors/methods/organizations_datacollectors_list + #/components/x-stackQL-resources/envgroups/methods/organizations_envgroups_list insert: - $ref: >- - #/components/x-stackQL-resources/datacollectors/methods/organizations_datacollectors_create + #/components/x-stackQL-resources/envgroups/methods/organizations_envgroups_create update: - $ref: >- - #/components/x-stackQL-resources/datacollectors/methods/organizations_datacollectors_patch + #/components/x-stackQL-resources/envgroups/methods/organizations_envgroups_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/datacollectors/methods/organizations_datacollectors_delete - environments_debugmask: - id: google.apigee.environments_debugmask - name: environments_debugmask - title: Environments_debugmask + #/components/x-stackQL-resources/envgroups/methods/organizations_envgroups_delete + envgroup_config: + id: google.apigee.envgroup_config + name: envgroup_config + title: Envgroup_config methods: - organizations_environments_get_debugmask: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1debugmask/get - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_environments_update_debugmask: + organizations_envgroups_get_deployed_ingress_config: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1debugmask/patch + #/paths/~1v1~1organizations~1{organizationsId}~1envgroups~1{envgroupsId}~1deployedIngressConfig/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/environments_debugmask/methods/organizations_environments_get_debugmask + #/components/x-stackQL-resources/envgroup_config/methods/organizations_envgroups_get_deployed_ingress_config insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/environments_debugmask/methods/organizations_environments_update_debugmask + update: [] replace: [] delete: [] - environments_trace_config: - id: google.apigee.environments_trace_config - name: environments_trace_config - title: Environments_trace_config + security_profiles_v2: + id: google.apigee.security_profiles_v2 + name: security_profiles_v2 + title: Security_profiles_v2 methods: - organizations_environments_get_trace_config: + organizations_security_profiles_v2_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1traceConfig/get + #/paths/~1v1~1organizations~1{organizationsId}~1securityProfilesV2~1{securityProfilesV2Id}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_update_trace_config: + organizations_security_profiles_v2_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1traceConfig/patch + #/paths/~1v1~1organizations~1{organizationsId}~1securityProfilesV2~1{securityProfilesV2Id}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_security_profiles_v2_delete: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1securityProfilesV2~1{securityProfilesV2Id}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_security_profiles_v2_create: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1securityProfilesV2/post + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_security_profiles_v2_list: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1securityProfilesV2/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.securityProfilesV2 sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/environments_trace_config/methods/organizations_environments_get_trace_config - insert: [] + #/components/x-stackQL-resources/security_profiles_v2/methods/organizations_security_profiles_v2_get + - $ref: >- + #/components/x-stackQL-resources/security_profiles_v2/methods/organizations_security_profiles_v2_list + insert: + - $ref: >- + #/components/x-stackQL-resources/security_profiles_v2/methods/organizations_security_profiles_v2_create update: - $ref: >- - #/components/x-stackQL-resources/environments_trace_config/methods/organizations_environments_update_trace_config + #/components/x-stackQL-resources/security_profiles_v2/methods/organizations_security_profiles_v2_patch replace: [] - delete: [] - environments: - id: google.apigee.environments - name: environments - title: Environments + delete: + - $ref: >- + #/components/x-stackQL-resources/security_profiles_v2/methods/organizations_security_profiles_v2_delete + security_monitoring_conditions: + id: google.apigee.security_monitoring_conditions + name: security_monitoring_conditions + title: Security_monitoring_conditions methods: - organizations_environments_create: + organizations_security_monitoring_conditions_list: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1environments/post' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1securityMonitoringConditions/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_delete: + objectKey: $.securityMonitoringConditions + organizations_security_monitoring_conditions_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1securityMonitoringConditions/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_get: + organizations_security_monitoring_conditions_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1securityMonitoringConditions~1{securityMonitoringConditionsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_update_environment: + organizations_security_monitoring_conditions_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}/post + #/paths/~1v1~1organizations~1{organizationsId}~1securityMonitoringConditions~1{securityMonitoringConditionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_update: + organizations_security_monitoring_conditions_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}/put + #/paths/~1v1~1organizations~1{organizationsId}~1securityMonitoringConditions~1{securityMonitoringConditionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_modify_environment: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/security_monitoring_conditions/methods/organizations_security_monitoring_conditions_get + - $ref: >- + #/components/x-stackQL-resources/security_monitoring_conditions/methods/organizations_security_monitoring_conditions_list + insert: + - $ref: >- + #/components/x-stackQL-resources/security_monitoring_conditions/methods/organizations_security_monitoring_conditions_create + update: + - $ref: >- + #/components/x-stackQL-resources/security_monitoring_conditions/methods/organizations_security_monitoring_conditions_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/security_monitoring_conditions/methods/organizations_security_monitoring_conditions_delete + datastores: + id: google.apigee.datastores + name: datastores + title: Datastores + methods: + organizations_analytics_datastores_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1analytics~1datastores/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_subscribe: + organizations_analytics_datastores_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}:subscribe/post + #/paths/~1v1~1organizations~1{organizationsId}~1analytics~1datastores/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_unsubscribe: + organizations_analytics_datastores_test: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}:unsubscribe/post + #/paths/~1v1~1organizations~1{organizationsId}~1analytics~1datastores:test/post response: mediaType: application/json openAPIDocKey: '200' - organizations_security_profiles_environments_create: + organizations_analytics_datastores_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles~1{securityProfilesId}~1environments/post + #/paths/~1v1~1organizations~1{organizationsId}~1analytics~1datastores~1{datastoresId}/put response: mediaType: application/json openAPIDocKey: '200' - organizations_security_profiles_environments_delete: + organizations_analytics_datastores_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles~1{securityProfilesId}~1environments~1{environmentsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1analytics~1datastores~1{datastoresId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_security_profiles_environments_compute_environment_scores: + organizations_analytics_datastores_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles~1{securityProfilesId}~1environments~1{environmentsId}:computeEnvironmentScores/post + #/paths/~1v1~1organizations~1{organizationsId}~1analytics~1datastores~1{datastoresId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/environments/methods/organizations_environments_get - insert: - - $ref: >- - #/components/x-stackQL-resources/environments/methods/organizations_security_profiles_environments_create + #/components/x-stackQL-resources/datastores/methods/organizations_analytics_datastores_get - $ref: >- - #/components/x-stackQL-resources/environments/methods/organizations_environments_create - update: + #/components/x-stackQL-resources/datastores/methods/organizations_analytics_datastores_list + insert: - $ref: >- - #/components/x-stackQL-resources/environments/methods/organizations_environments_update_environment + #/components/x-stackQL-resources/datastores/methods/organizations_analytics_datastores_create + update: [] replace: - $ref: >- - #/components/x-stackQL-resources/environments/methods/organizations_environments_update + #/components/x-stackQL-resources/datastores/methods/organizations_analytics_datastores_update delete: - $ref: >- - #/components/x-stackQL-resources/environments/methods/organizations_security_profiles_environments_delete - - $ref: >- - #/components/x-stackQL-resources/environments/methods/organizations_environments_delete - environment_config: - id: google.apigee.environment_config - name: environment_config - title: Environment_config + #/components/x-stackQL-resources/datastores/methods/organizations_analytics_datastores_delete + entries: + id: google.apigee.entries + name: entries + title: Entries methods: - organizations_environments_get_deployed_config: + organizations_apis_keyvaluemaps_entries_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1deployedConfig/get + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/put response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/environment_config/methods/organizations_environments_get_deployed_config - insert: [] - update: [] - replace: [] - delete: [] - api_security_runtime_config: - id: google.apigee.api_security_runtime_config - name: api_security_runtime_config - title: Api_security_runtime_config - methods: - organizations_environments_get_api_security_runtime_config: + organizations_apis_keyvaluemaps_entries_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apiSecurityRuntimeConfig/get + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/api_security_runtime_config/methods/organizations_environments_get_api_security_runtime_config - insert: [] - update: [] - replace: [] - delete: [] - environments_iam_policies: - id: google.apigee.environments_iam_policies - name: environments_iam_policies - title: Environments_iam_policies - methods: - organizations_environments_set_iam_policy: + organizations_apis_keyvaluemaps_entries_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}:setIamPolicy/post + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_get_iam_policy: + organizations_apis_keyvaluemaps_entries_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}:getIamPolicy/get + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1keyvaluemaps~1{keyvaluemapsId}~1entries/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - organizations_environments_test_iam_permissions: + objectKey: $.keyValueEntries + organizations_apis_keyvaluemaps_entries_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}:testIamPermissions/post + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1keyvaluemaps~1{keyvaluemapsId}~1entries/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/environments_iam_policies/methods/organizations_environments_get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/environments_iam_policies/methods/organizations_environments_set_iam_policy - delete: [] - addons_config: - id: google.apigee.addons_config - name: addons_config - title: Addons_config - methods: - organizations_environments_get_addons_config: + organizations_environments_keyvaluemaps_entries_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1addonsConfig/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_addons_config_set_addon_enablement: + organizations_environments_keyvaluemaps_entries_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1addonsConfig:setAddonEnablement/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/put response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/addons_config/methods/organizations_environments_get_addons_config - insert: [] - update: [] - replace: [] - delete: [] - security_actions_config: - id: google.apigee.security_actions_config - name: security_actions_config - title: Security_actions_config - methods: - organizations_environments_get_security_actions_config: + organizations_environments_keyvaluemaps_entries_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActionsConfig/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_update_security_actions_config: + organizations_environments_keyvaluemaps_entries_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActionsConfig/patch + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/security_actions_config/methods/organizations_environments_get_security_actions_config - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/security_actions_config/methods/organizations_environments_update_security_actions_config - replace: [] - delete: [] - resourcefiles: - id: google.apigee.resourcefiles - name: resourcefiles - title: Resourcefiles - methods: - organizations_environments_resourcefiles_create: + objectKey: $.keyValueEntries + organizations_environments_keyvaluemaps_entries_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1resourcefiles/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_resourcefiles_list: + organizations_keyvaluemaps_entries_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1resourcefiles/get + #/paths/~1v1~1organizations~1{organizationsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_resourcefiles_update: + organizations_keyvaluemaps_entries_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1resourcefiles~1{type}~1{name}/put + #/paths/~1v1~1organizations~1{organizationsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_resourcefiles_get: + organizations_keyvaluemaps_entries_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1resourcefiles~1{type}~1{name}/get + #/paths/~1v1~1organizations~1{organizationsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries~1{entriesId}/put response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_resourcefiles_delete: + organizations_keyvaluemaps_entries_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1resourcefiles~1{type}~1{name}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_resourcefiles_list_environment_resources: + organizations_keyvaluemaps_entries_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1resourcefiles~1{type}/get + #/paths/~1v1~1organizations~1{organizationsId}~1keyvaluemaps~1{keyvaluemapsId}~1entries/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.keyValueEntries sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/resourcefiles/methods/organizations_environments_resourcefiles_get + #/components/x-stackQL-resources/entries/methods/organizations_apis_keyvaluemaps_entries_get - $ref: >- - #/components/x-stackQL-resources/resourcefiles/methods/organizations_environments_resourcefiles_list_environment_resources + #/components/x-stackQL-resources/entries/methods/organizations_environments_keyvaluemaps_entries_get - $ref: >- - #/components/x-stackQL-resources/resourcefiles/methods/organizations_environments_resourcefiles_list + #/components/x-stackQL-resources/entries/methods/organizations_apis_keyvaluemaps_entries_list + - $ref: >- + #/components/x-stackQL-resources/entries/methods/organizations_environments_keyvaluemaps_entries_list + - $ref: >- + #/components/x-stackQL-resources/entries/methods/organizations_keyvaluemaps_entries_get + - $ref: >- + #/components/x-stackQL-resources/entries/methods/organizations_keyvaluemaps_entries_list insert: - $ref: >- - #/components/x-stackQL-resources/resourcefiles/methods/organizations_environments_resourcefiles_create + #/components/x-stackQL-resources/entries/methods/organizations_apis_keyvaluemaps_entries_create + - $ref: >- + #/components/x-stackQL-resources/entries/methods/organizations_environments_keyvaluemaps_entries_create + - $ref: >- + #/components/x-stackQL-resources/entries/methods/organizations_keyvaluemaps_entries_create update: [] replace: - $ref: >- - #/components/x-stackQL-resources/resourcefiles/methods/organizations_environments_resourcefiles_update + #/components/x-stackQL-resources/entries/methods/organizations_apis_keyvaluemaps_entries_update + - $ref: >- + #/components/x-stackQL-resources/entries/methods/organizations_environments_keyvaluemaps_entries_update + - $ref: >- + #/components/x-stackQL-resources/entries/methods/organizations_keyvaluemaps_entries_update delete: - $ref: >- - #/components/x-stackQL-resources/resourcefiles/methods/organizations_environments_resourcefiles_delete - archive_deployments: - id: google.apigee.archive_deployments - name: archive_deployments - title: Archive_deployments + #/components/x-stackQL-resources/entries/methods/organizations_apis_keyvaluemaps_entries_delete + - $ref: >- + #/components/x-stackQL-resources/entries/methods/organizations_environments_keyvaluemaps_entries_delete + - $ref: >- + #/components/x-stackQL-resources/entries/methods/organizations_keyvaluemaps_entries_delete + keyvaluemaps: + id: google.apigee.keyvaluemaps + name: keyvaluemaps + title: Keyvaluemaps methods: - organizations_environments_archive_deployments_get: + organizations_apis_keyvaluemaps_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1archiveDeployments~1{archiveDeploymentsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1keyvaluemaps~1{keyvaluemapsId}/put response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_archive_deployments_patch: + organizations_apis_keyvaluemaps_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1archiveDeployments~1{archiveDeploymentsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1keyvaluemaps~1{keyvaluemapsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_archive_deployments_delete: + organizations_apis_keyvaluemaps_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1archiveDeployments~1{archiveDeploymentsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1keyvaluemaps~1{keyvaluemapsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_archive_deployments_list: + organizations_apis_keyvaluemaps_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1archiveDeployments/get + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1keyvaluemaps/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.archiveDeployments - organizations_environments_archive_deployments_create: + organizations_environments_keyvaluemaps_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1archiveDeployments/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keyvaluemaps/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_archive_deployments_generate_upload_url: + organizations_environments_keyvaluemaps_update: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keyvaluemaps~1{keyvaluemapsId}/put + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_environments_keyvaluemaps_get: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keyvaluemaps~1{keyvaluemapsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_environments_keyvaluemaps_delete: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keyvaluemaps~1{keyvaluemapsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_keyvaluemaps_create: + operation: + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1keyvaluemaps/post' + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_keyvaluemaps_delete: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1keyvaluemaps~1{keyvaluemapsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_keyvaluemaps_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1archiveDeployments:generateUploadUrl/post + #/paths/~1v1~1organizations~1{organizationsId}~1keyvaluemaps~1{keyvaluemapsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_archive_deployments_generate_download_url: + organizations_keyvaluemaps_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1archiveDeployments~1{archiveDeploymentsId}:generateDownloadUrl/post + #/paths/~1v1~1organizations~1{organizationsId}~1keyvaluemaps~1{keyvaluemapsId}/put response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/archive_deployments/methods/organizations_environments_archive_deployments_get + #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_apis_keyvaluemaps_get - $ref: >- - #/components/x-stackQL-resources/archive_deployments/methods/organizations_environments_archive_deployments_list + #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_environments_keyvaluemaps_get + - $ref: >- + #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_keyvaluemaps_get insert: - $ref: >- - #/components/x-stackQL-resources/archive_deployments/methods/organizations_environments_archive_deployments_create - update: + #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_apis_keyvaluemaps_create - $ref: >- - #/components/x-stackQL-resources/archive_deployments/methods/organizations_environments_archive_deployments_patch - replace: [] + #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_environments_keyvaluemaps_create + - $ref: >- + #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_keyvaluemaps_create + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_apis_keyvaluemaps_update + - $ref: >- + #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_environments_keyvaluemaps_update + - $ref: >- + #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_keyvaluemaps_update delete: - $ref: >- - #/components/x-stackQL-resources/archive_deployments/methods/organizations_environments_archive_deployments_delete - revisions_deployments: - id: google.apigee.revisions_deployments - name: revisions_deployments - title: Revisions_deployments + #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_apis_keyvaluemaps_delete + - $ref: >- + #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_environments_keyvaluemaps_delete + - $ref: >- + #/components/x-stackQL-resources/keyvaluemaps/methods/organizations_keyvaluemaps_delete + deployments: + id: google.apigee.deployments + name: deployments + title: Deployments methods: - organizations_environments_apis_revisions_get_deployments: + organizations_apis_deployments_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1deployments/get + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1deployments/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_sharedflows_revisions_get_deployments: + organizations_apis_revisions_deployments_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1sharedflows~1{sharedflowsId}~1revisions~1{revisionsId}~1deployments/get + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1deployments/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/revisions_deployments/methods/organizations_environments_apis_revisions_get_deployments - - $ref: >- - #/components/x-stackQL-resources/revisions_deployments/methods/organizations_environments_sharedflows_revisions_get_deployments - insert: [] - update: [] - replace: [] - delete: [] - debugsession_data: - id: google.apigee.debugsession_data - name: debugsession_data - title: Debugsession_data - methods: - organizations_environments_apis_revisions_debugsessions_delete_data: + organizations_environments_sharedflows_deployments_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1debugsessions~1{debugsessionsId}~1data/delete + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1sharedflows~1{sharedflowsId}~1deployments/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_apis_revisions_debugsessions_data_get: + organizations_environments_apis_revisions_deployments_generate_undeploy_change_report: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1debugsessions~1{debugsessionsId}~1data~1{dataId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1deployments:generateUndeployChangeReport/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/debugsession_data/methods/organizations_environments_apis_revisions_debugsessions_data_get - insert: [] - update: [] - replace: [] - delete: [] - deployments_iam_policies: - id: google.apigee.deployments_iam_policies - name: deployments_iam_policies - title: Deployments_iam_policies - methods: - organizations_environments_deployments_set_iam_policy: + organizations_environments_apis_revisions_deployments_generate_deploy_change_report: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1deployments~1{deploymentsId}:setIamPolicy/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1deployments:generateDeployChangeReport/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_deployments_get_iam_policy: + organizations_environments_apis_deployments_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1deployments~1{deploymentsId}:getIamPolicy/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1deployments/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - organizations_environments_deployments_test_iam_permissions: + organizations_environments_deployments_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1deployments~1{deploymentsId}:testIamPermissions/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1deployments~1{deploymentsId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/deployments_iam_policies/methods/organizations_environments_deployments_get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/deployments_iam_policies/methods/organizations_environments_deployments_set_iam_policy - delete: [] - flowhooks: - id: google.apigee.flowhooks - name: flowhooks - title: Flowhooks - methods: - organizations_environments_flowhooks_get: + organizations_environments_deployments_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1flowhooks~1{flowhooksId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1deployments/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_flowhooks_attach_shared_flow_to_flow_hook: + organizations_deployments_list: + operation: + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1deployments/get' + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_sharedflows_deployments_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1flowhooks~1{flowhooksId}/put + #/paths/~1v1~1organizations~1{organizationsId}~1sharedflows~1{sharedflowsId}~1deployments/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_flowhooks_detach_shared_flow_from_flow_hook: + organizations_sharedflows_revisions_deployments_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1flowhooks~1{flowhooksId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1sharedflows~1{sharedflowsId}~1revisions~1{revisionsId}~1deployments/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/flowhooks/methods/organizations_environments_flowhooks_get + #/components/x-stackQL-resources/deployments/methods/organizations_apis_revisions_deployments_list + - $ref: >- + #/components/x-stackQL-resources/deployments/methods/organizations_environments_sharedflows_deployments_list + - $ref: >- + #/components/x-stackQL-resources/deployments/methods/organizations_environments_apis_deployments_list + - $ref: >- + #/components/x-stackQL-resources/deployments/methods/organizations_environments_deployments_get + - $ref: >- + #/components/x-stackQL-resources/deployments/methods/organizations_sharedflows_revisions_deployments_list + - $ref: >- + #/components/x-stackQL-resources/deployments/methods/organizations_apis_deployments_list + - $ref: >- + #/components/x-stackQL-resources/deployments/methods/organizations_environments_deployments_list + - $ref: >- + #/components/x-stackQL-resources/deployments/methods/organizations_sharedflows_deployments_list + - $ref: >- + #/components/x-stackQL-resources/deployments/methods/organizations_deployments_list insert: [] update: [] replace: [] delete: [] - keystores: - id: google.apigee.keystores - name: keystores - title: Keystores + revisions: + id: google.apigee.revisions + name: revisions + title: Revisions methods: - organizations_environments_keystores_create: + organizations_apis_revisions_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores/post + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1revisions~1{revisionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_keystores_delete: + organizations_apis_revisions_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores~1{keystoresId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1revisions~1{revisionsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_keystores_get: + organizations_environments_sharedflows_revisions_undeploy: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores~1{keystoresId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1sharedflows~1{sharedflowsId}~1revisions~1{revisionsId}~1deployments/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/keystores/methods/organizations_environments_keystores_get - insert: - - $ref: >- - #/components/x-stackQL-resources/keystores/methods/organizations_environments_keystores_create - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/keystores/methods/organizations_environments_keystores_delete - aliases: - id: google.apigee.aliases - name: aliases - title: Aliases - methods: - organizations_environments_keystores_aliases_create: + organizations_environments_sharedflows_revisions_deploy: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores~1{keystoresId}~1aliases/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1sharedflows~1{sharedflowsId}~1revisions~1{revisionsId}~1deployments/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_keystores_aliases_get: + organizations_environments_apis_revisions_undeploy: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores~1{keystoresId}~1aliases~1{aliasesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1deployments/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_keystores_aliases_delete: + organizations_environments_apis_revisions_deploy: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores~1{keystoresId}~1aliases~1{aliasesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1deployments/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_keystores_aliases_update: + organizations_sharedflows_revisions_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores~1{keystoresId}~1aliases~1{aliasesId}/put + #/paths/~1v1~1organizations~1{organizationsId}~1sharedflows~1{sharedflowsId}~1revisions~1{revisionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_keystores_aliases_csr: + organizations_sharedflows_revisions_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores~1{keystoresId}~1aliases~1{aliasesId}~1csr/get + #/paths/~1v1~1organizations~1{organizationsId}~1sharedflows~1{sharedflowsId}~1revisions~1{revisionsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/aliases/methods/organizations_environments_keystores_aliases_get - insert: + #/components/x-stackQL-resources/revisions/methods/organizations_apis_revisions_get - $ref: >- - #/components/x-stackQL-resources/aliases/methods/organizations_environments_keystores_aliases_create + #/components/x-stackQL-resources/revisions/methods/organizations_sharedflows_revisions_get + insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/aliases/methods/organizations_environments_keystores_aliases_update + replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/aliases/methods/organizations_environments_keystores_aliases_delete - aliases_certificate: - id: google.apigee.aliases_certificate - name: aliases_certificate - title: Aliases_certificate + #/components/x-stackQL-resources/revisions/methods/organizations_apis_revisions_delete + - $ref: >- + #/components/x-stackQL-resources/revisions/methods/organizations_sharedflows_revisions_delete + revisions_api_proxy_revision: + id: google.apigee.revisions_api_proxy_revision + name: revisions_api_proxy_revision + title: Revisions_api_proxy_revision methods: - organizations_environments_keystores_aliases_get_certificate: + organizations_apis_revisions_update_api_proxy_revision: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores~1{keystoresId}~1aliases~1{aliasesId}~1certificate/get + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1revisions~1{revisionsId}/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/aliases_certificate/methods/organizations_environments_keystores_aliases_get_certificate + select: [] insert: [] - update: [] + update: + - $ref: >- + #/components/x-stackQL-resources/revisions_api_proxy_revision/methods/organizations_apis_revisions_update_api_proxy_revision replace: [] delete: [] - targetservers: - id: google.apigee.targetservers - name: targetservers - title: Targetservers + debugsessions: + id: google.apigee.debugsessions + name: debugsessions + title: Debugsessions methods: - organizations_environments_targetservers_create: + organizations_apis_debugsessions_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1targetservers/post + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}~1debugsessions/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_targetservers_delete: + objectKey: $.sessions + organizations_environments_apis_revisions_debugsessions_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1targetservers~1{targetserversId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1debugsessions~1{debugsessionsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_targetservers_get: + organizations_environments_apis_revisions_debugsessions_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1targetservers~1{targetserversId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1debugsessions/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_targetservers_update: + objectKey: $.sessions + organizations_environments_apis_revisions_debugsessions_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1targetservers~1{targetserversId}/put + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1debugsessions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/targetservers/methods/organizations_environments_targetservers_get - insert: + #/components/x-stackQL-resources/debugsessions/methods/organizations_environments_apis_revisions_debugsessions_get - $ref: >- - #/components/x-stackQL-resources/targetservers/methods/organizations_environments_targetservers_create - update: [] - replace: + #/components/x-stackQL-resources/debugsessions/methods/organizations_environments_apis_revisions_debugsessions_list - $ref: >- - #/components/x-stackQL-resources/targetservers/methods/organizations_environments_targetservers_update - delete: + #/components/x-stackQL-resources/debugsessions/methods/organizations_apis_debugsessions_list + insert: - $ref: >- - #/components/x-stackQL-resources/targetservers/methods/organizations_environments_targetservers_delete - references: - id: google.apigee.references - name: references - title: References + #/components/x-stackQL-resources/debugsessions/methods/organizations_environments_apis_revisions_debugsessions_create + update: [] + replace: [] + delete: [] + apis: + id: google.apigee.apis + name: apis + title: Apis methods: - organizations_environments_references_create: + organizations_apis_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1references/post + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1apis/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_references_delete: + organizations_apis_create: + operation: + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1apis/post' + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_apis_move: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1references~1{referencesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}:move/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_references_get: + organizations_apis_get: + operation: + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_apis_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1references~1{referencesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_references_update: + organizations_apis_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1references~1{referencesId}/put + #/paths/~1v1~1organizations~1{organizationsId}~1apis~1{apisId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/references/methods/organizations_environments_references_get + #/components/x-stackQL-resources/apis/methods/organizations_apis_get + - $ref: >- + #/components/x-stackQL-resources/apis/methods/organizations_apis_list insert: - $ref: >- - #/components/x-stackQL-resources/references/methods/organizations_environments_references_create - update: [] - replace: + #/components/x-stackQL-resources/apis/methods/organizations_apis_create + update: - $ref: >- - #/components/x-stackQL-resources/references/methods/organizations_environments_references_update + #/components/x-stackQL-resources/apis/methods/organizations_apis_patch + replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/references/methods/organizations_environments_references_delete - overrides: - id: google.apigee.overrides - name: overrides - title: Overrides + #/components/x-stackQL-resources/apis/methods/organizations_apis_delete + queries: + id: google.apigee.queries + name: queries + title: Queries methods: - organizations_environments_trace_config_overrides_create: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1traceConfig~1overrides/post - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_environments_trace_config_overrides_list: + organizations_environments_queries_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1traceConfig~1overrides/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1queries~1{queriesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.traceConfigOverrides - organizations_environments_trace_config_overrides_get: + organizations_environments_queries_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1traceConfig~1overrides~1{overridesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1queries/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_trace_config_overrides_patch: + organizations_environments_queries_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1traceConfig~1overrides~1{overridesId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1queries/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_trace_config_overrides_delete: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/queries/methods/organizations_environments_queries_get + - $ref: >- + #/components/x-stackQL-resources/queries/methods/organizations_environments_queries_list + insert: + - $ref: >- + #/components/x-stackQL-resources/queries/methods/organizations_environments_queries_create + update: [] + replace: [] + delete: [] + queries_resulturl: + id: google.apigee.queries_resulturl + name: queries_resulturl + title: Queries_resulturl + methods: + organizations_environments_queries_get_resulturl: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1traceConfig~1overrides~1{overridesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1queries~1{queriesId}~1resulturl/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/overrides/methods/organizations_environments_trace_config_overrides_get - - $ref: >- - #/components/x-stackQL-resources/overrides/methods/organizations_environments_trace_config_overrides_list - insert: - - $ref: >- - #/components/x-stackQL-resources/overrides/methods/organizations_environments_trace_config_overrides_create - update: - - $ref: >- - #/components/x-stackQL-resources/overrides/methods/organizations_environments_trace_config_overrides_patch + #/components/x-stackQL-resources/queries_resulturl/methods/organizations_environments_queries_get_resulturl + insert: [] + update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/overrides/methods/organizations_environments_trace_config_overrides_delete - stats: - id: google.apigee.stats - name: stats - title: Stats + delete: [] + queries_result: + id: google.apigee.queries_result + name: queries_result + title: Queries_result methods: - organizations_environments_stats_get: + organizations_environments_queries_get_result: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1stats~1{statsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1queries~1{queriesId}~1result/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/stats/methods/organizations_environments_stats_get + #/components/x-stackQL-resources/queries_result/methods/organizations_environments_queries_get_result insert: [] update: [] replace: [] delete: [] - optimized_stats: - id: google.apigee.optimized_stats - name: optimized_stats - title: Optimized_stats + addons_config: + id: google.apigee.addons_config + name: addons_config + title: Addons_config methods: - organizations_environments_optimized_stats_get: + organizations_environments_addons_config_set_addon_enablement: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1optimizedStats~1{optimizedStatsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1addonsConfig:setAddonEnablement/post response: mediaType: application/json openAPIDocKey: '200' - organizations_optimized_host_stats_get: + organizations_environments_get_addons_config: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1optimizedHostStats~1{optimizedHostStatsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1addonsConfig/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/optimized_stats/methods/organizations_environments_optimized_stats_get - - $ref: >- - #/components/x-stackQL-resources/optimized_stats/methods/organizations_optimized_host_stats_get + #/components/x-stackQL-resources/addons_config/methods/organizations_environments_get_addons_config insert: [] update: [] replace: [] delete: [] - admin_schemav2: - id: google.apigee.admin_schemav2 - name: admin_schemav2 - title: Admin_schemav2 + keystores: + id: google.apigee.keystores + name: keystores + title: Keystores methods: - organizations_environments_analytics_admin_get_schemav2: + organizations_environments_keystores_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1analytics~1admin~1schemav2/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores~1{keystoresId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_environments_keystores_get: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores~1{keystoresId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_environments_keystores_create: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/admin_schemav2/methods/organizations_environments_analytics_admin_get_schemav2 - insert: [] + #/components/x-stackQL-resources/keystores/methods/organizations_environments_keystores_get + insert: + - $ref: >- + #/components/x-stackQL-resources/keystores/methods/organizations_environments_keystores_create update: [] replace: [] - delete: [] - exports: - id: google.apigee.exports - name: exports - title: Exports + delete: + - $ref: >- + #/components/x-stackQL-resources/keystores/methods/organizations_environments_keystores_delete + aliases: + id: google.apigee.aliases + name: aliases + title: Aliases methods: - organizations_environments_analytics_exports_create: + organizations_environments_keystores_aliases_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1analytics~1exports/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores~1{keystoresId}~1aliases~1{aliasesId}/put response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_analytics_exports_list: + organizations_environments_keystores_aliases_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1analytics~1exports/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores~1{keystoresId}~1aliases~1{aliasesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_analytics_exports_get: + organizations_environments_keystores_aliases_get: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores~1{keystoresId}~1aliases~1{aliasesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_environments_keystores_aliases_create: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores~1{keystoresId}~1aliases/post + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_environments_keystores_aliases_csr: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores~1{keystoresId}~1aliases~1{aliasesId}~1csr/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/aliases/methods/organizations_environments_keystores_aliases_get + insert: + - $ref: >- + #/components/x-stackQL-resources/aliases/methods/organizations_environments_keystores_aliases_create + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/aliases/methods/organizations_environments_keystores_aliases_update + delete: + - $ref: >- + #/components/x-stackQL-resources/aliases/methods/organizations_environments_keystores_aliases_delete + aliases_certificate: + id: google.apigee.aliases_certificate + name: aliases_certificate + title: Aliases_certificate + methods: + organizations_environments_keystores_aliases_get_certificate: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1analytics~1exports~1{exportsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1keystores~1{keystoresId}~1aliases~1{aliasesId}~1certificate/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/exports/methods/organizations_environments_analytics_exports_get - - $ref: >- - #/components/x-stackQL-resources/exports/methods/organizations_environments_analytics_exports_list - insert: - - $ref: >- - #/components/x-stackQL-resources/exports/methods/organizations_environments_analytics_exports_create + #/components/x-stackQL-resources/aliases_certificate/methods/organizations_environments_keystores_aliases_get_certificate + insert: [] update: [] replace: [] delete: [] - queries: - id: google.apigee.queries - name: queries - title: Queries + security_reports: + id: google.apigee.security_reports + name: security_reports + title: Security_reports methods: - organizations_environments_queries_create: + organizations_environments_security_reports_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1queries/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityReports/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_queries_list: + objectKey: $.securityReports + organizations_environments_security_reports_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1queries/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityReports/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_queries_get: + organizations_environments_security_reports_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1queries~1{queriesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityReports~1{securityReportsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/queries/methods/organizations_environments_queries_get + #/components/x-stackQL-resources/security_reports/methods/organizations_environments_security_reports_get - $ref: >- - #/components/x-stackQL-resources/queries/methods/organizations_environments_queries_list + #/components/x-stackQL-resources/security_reports/methods/organizations_environments_security_reports_list insert: - $ref: >- - #/components/x-stackQL-resources/queries/methods/organizations_environments_queries_create + #/components/x-stackQL-resources/security_reports/methods/organizations_environments_security_reports_create update: [] replace: [] delete: [] - queries_result: - id: google.apigee.queries_result - name: queries_result - title: Queries_result + security_reports_result_view: + id: google.apigee.security_reports_result_view + name: security_reports_result_view + title: Security_reports_result_view methods: - organizations_environments_queries_get_result: + organizations_environments_security_reports_get_result_view: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1queries~1{queriesId}~1result/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityReports~1{securityReportsId}~1resultView/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/queries_result/methods/organizations_environments_queries_get_result + #/components/x-stackQL-resources/security_reports_result_view/methods/organizations_environments_security_reports_get_result_view insert: [] update: [] replace: [] delete: [] - queries_resulturl: - id: google.apigee.queries_resulturl - name: queries_resulturl - title: Queries_resulturl + security_reports_result: + id: google.apigee.security_reports_result + name: security_reports_result + title: Security_reports_result methods: - organizations_environments_queries_get_resulturl: + organizations_environments_security_reports_get_result: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1queries~1{queriesId}~1resulturl/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityReports~1{securityReportsId}~1result/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/queries_resulturl/methods/organizations_environments_queries_get_resulturl + #/components/x-stackQL-resources/security_reports_result/methods/organizations_environments_security_reports_get_result insert: [] update: [] replace: [] delete: [] - caches: - id: google.apigee.caches - name: caches - title: Caches + security_actions: + id: google.apigee.security_actions + name: security_actions + title: Security_actions methods: - organizations_environments_caches_delete: + organizations_environments_security_actions_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1caches~1{cachesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActions/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/caches/methods/organizations_environments_caches_delete - security_reports: - id: google.apigee.security_reports - name: security_reports - title: Security_reports - methods: - organizations_environments_security_reports_create: + objectKey: $.securityActions + organizations_environments_security_actions_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityReports/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActions/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_security_reports_list: + organizations_environments_security_actions_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityReports/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActions~1{securityActionsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.securityReports - organizations_environments_security_reports_get: + organizations_environments_security_actions_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityReports~1{securityReportsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActions~1{securityActionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/security_reports/methods/organizations_environments_security_reports_get - - $ref: >- - #/components/x-stackQL-resources/security_reports/methods/organizations_environments_security_reports_list - insert: - - $ref: >- - #/components/x-stackQL-resources/security_reports/methods/organizations_environments_security_reports_create - update: [] - replace: [] - delete: [] - security_reports_result: - id: google.apigee.security_reports_result - name: security_reports_result - title: Security_reports_result - methods: - organizations_environments_security_reports_get_result: + organizations_environments_security_actions_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityReports~1{securityReportsId}~1result/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActions~1{securityActionsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_environments_security_actions_disable: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActions~1{securityActionsId}:disable/post + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_environments_security_actions_enable: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActions~1{securityActionsId}:enable/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/security_reports_result/methods/organizations_environments_security_reports_get_result - insert: [] - update: [] + #/components/x-stackQL-resources/security_actions/methods/organizations_environments_security_actions_get + - $ref: >- + #/components/x-stackQL-resources/security_actions/methods/organizations_environments_security_actions_list + insert: + - $ref: >- + #/components/x-stackQL-resources/security_actions/methods/organizations_environments_security_actions_create + update: + - $ref: >- + #/components/x-stackQL-resources/security_actions/methods/organizations_environments_security_actions_patch replace: [] - delete: [] - security_reports_result_view: - id: google.apigee.security_reports_result_view - name: security_reports_result_view - title: Security_reports_result_view + delete: + - $ref: >- + #/components/x-stackQL-resources/security_actions/methods/organizations_environments_security_actions_delete + caches: + id: google.apigee.caches + name: caches + title: Caches methods: - organizations_environments_security_reports_get_result_view: + organizations_environments_caches_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityReports~1{securityReportsId}~1resultView/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1caches~1{cachesId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/security_reports_result_view/methods/organizations_environments_security_reports_get_result_view + select: [] insert: [] update: [] replace: [] - delete: [] - security_stats: - id: google.apigee.security_stats - name: security_stats - title: Security_stats + delete: + - $ref: >- + #/components/x-stackQL-resources/caches/methods/organizations_environments_caches_delete + revisions_deployments: + id: google.apigee.revisions_deployments + name: revisions_deployments + title: Revisions_deployments methods: - organizations_environments_security_stats_query_tabular_stats: + organizations_environments_sharedflows_revisions_get_deployments: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityStats:queryTabularStats/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1sharedflows~1{sharedflowsId}~1revisions~1{revisionsId}~1deployments/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_security_stats_query_time_series_stats: + organizations_environments_apis_revisions_get_deployments: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityStats:queryTimeSeriesStats/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1deployments/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] + select: + - $ref: >- + #/components/x-stackQL-resources/revisions_deployments/methods/organizations_environments_sharedflows_revisions_get_deployments + - $ref: >- + #/components/x-stackQL-resources/revisions_deployments/methods/organizations_environments_apis_revisions_get_deployments insert: [] update: [] replace: [] delete: [] - security_incidents: - id: google.apigee.security_incidents - name: security_incidents - title: Security_incidents + references: + id: google.apigee.references + name: references + title: References methods: - organizations_environments_security_incidents_get: + organizations_environments_references_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityIncidents~1{securityIncidentsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1references~1{referencesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_security_incidents_patch: + organizations_environments_references_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityIncidents~1{securityIncidentsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1references~1{referencesId}/put response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_security_incidents_list: + organizations_environments_references_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityIncidents/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1references~1{referencesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.securityIncidents - organizations_environments_security_incidents_batch_update: + organizations_environments_references_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityIncidents:batchUpdate/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1references/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/security_incidents/methods/organizations_environments_security_incidents_get + #/components/x-stackQL-resources/references/methods/organizations_environments_references_get + insert: - $ref: >- - #/components/x-stackQL-resources/security_incidents/methods/organizations_environments_security_incidents_list - insert: [] - update: + #/components/x-stackQL-resources/references/methods/organizations_environments_references_create + update: [] + replace: - $ref: >- - #/components/x-stackQL-resources/security_incidents/methods/organizations_environments_security_incidents_patch + #/components/x-stackQL-resources/references/methods/organizations_environments_references_update + delete: - $ref: >- - #/components/x-stackQL-resources/security_incidents/methods/organizations_environments_security_incidents_batch_update - replace: [] - delete: [] - security_actions: - id: google.apigee.security_actions - name: security_actions - title: Security_actions - methods: - organizations_environments_security_actions_create: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActions/post - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_environments_security_actions_list: + #/components/x-stackQL-resources/references/methods/organizations_environments_references_delete + resourcefiles: + id: google.apigee.resourcefiles + name: resourcefiles + title: Resourcefiles + methods: + organizations_environments_resourcefiles_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActions/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1resourcefiles~1{type}~1{name}/put response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.securityActions - organizations_environments_security_actions_get: + organizations_environments_resourcefiles_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActions~1{securityActionsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1resourcefiles~1{type}~1{name}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_security_actions_patch: + organizations_environments_resourcefiles_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActions~1{securityActionsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1resourcefiles~1{type}~1{name}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_security_actions_delete: + organizations_environments_resourcefiles_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActions~1{securityActionsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1resourcefiles/get response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_security_actions_enable: + organizations_environments_resourcefiles_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActions~1{securityActionsId}:enable/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1resourcefiles/post response: mediaType: application/json openAPIDocKey: '200' - organizations_environments_security_actions_disable: + organizations_environments_resourcefiles_list_environment_resources: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActions~1{securityActionsId}:disable/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1resourcefiles~1{type}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/security_actions/methods/organizations_environments_security_actions_get + #/components/x-stackQL-resources/resourcefiles/methods/organizations_environments_resourcefiles_get - $ref: >- - #/components/x-stackQL-resources/security_actions/methods/organizations_environments_security_actions_list + #/components/x-stackQL-resources/resourcefiles/methods/organizations_environments_resourcefiles_list_environment_resources + - $ref: >- + #/components/x-stackQL-resources/resourcefiles/methods/organizations_environments_resourcefiles_list insert: - $ref: >- - #/components/x-stackQL-resources/security_actions/methods/organizations_environments_security_actions_create - update: + #/components/x-stackQL-resources/resourcefiles/methods/organizations_environments_resourcefiles_create + update: [] + replace: - $ref: >- - #/components/x-stackQL-resources/security_actions/methods/organizations_environments_security_actions_patch - replace: [] + #/components/x-stackQL-resources/resourcefiles/methods/organizations_environments_resourcefiles_update delete: - $ref: >- - #/components/x-stackQL-resources/security_actions/methods/organizations_environments_security_actions_delete - envgroups: - id: google.apigee.envgroups - name: envgroups - title: Envgroups + #/components/x-stackQL-resources/resourcefiles/methods/organizations_environments_resourcefiles_delete + optimized_stats: + id: google.apigee.optimized_stats + name: optimized_stats + title: Optimized_stats methods: - organizations_envgroups_create: + organizations_environments_optimized_stats_get: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1envgroups/post' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1optimizedStats~1{optimizedStatsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_envgroups_list: + organizations_optimized_host_stats_get: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1envgroups/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1optimizedHostStats~1{optimizedHostStatsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.environmentGroups - organizations_envgroups_get: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/optimized_stats/methods/organizations_environments_optimized_stats_get + - $ref: >- + #/components/x-stackQL-resources/optimized_stats/methods/organizations_optimized_host_stats_get + insert: [] + update: [] + replace: [] + delete: [] + targetservers: + id: google.apigee.targetservers + name: targetservers + title: Targetservers + methods: + organizations_environments_targetservers_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1envgroups~1{envgroupsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1targetservers~1{targetserversId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_envgroups_patch: + organizations_environments_targetservers_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1envgroups~1{envgroupsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1targetservers~1{targetserversId}/put response: mediaType: application/json openAPIDocKey: '200' - organizations_envgroups_delete: + organizations_environments_targetservers_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1envgroups~1{envgroupsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1targetservers~1{targetserversId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_environments_targetservers_create: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1targetservers/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/envgroups/methods/organizations_envgroups_get - - $ref: >- - #/components/x-stackQL-resources/envgroups/methods/organizations_envgroups_list + #/components/x-stackQL-resources/targetservers/methods/organizations_environments_targetservers_get insert: - $ref: >- - #/components/x-stackQL-resources/envgroups/methods/organizations_envgroups_create - update: + #/components/x-stackQL-resources/targetservers/methods/organizations_environments_targetservers_create + update: [] + replace: - $ref: >- - #/components/x-stackQL-resources/envgroups/methods/organizations_envgroups_patch - replace: [] + #/components/x-stackQL-resources/targetservers/methods/organizations_environments_targetservers_update delete: - $ref: >- - #/components/x-stackQL-resources/envgroups/methods/organizations_envgroups_delete - envgroup_config: - id: google.apigee.envgroup_config - name: envgroup_config - title: Envgroup_config + #/components/x-stackQL-resources/targetservers/methods/organizations_environments_targetservers_delete + stats: + id: google.apigee.stats + name: stats + title: Stats methods: - organizations_envgroups_get_deployed_ingress_config: + organizations_environments_stats_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1envgroups~1{envgroupsId}~1deployedIngressConfig/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1stats~1{statsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/envgroup_config/methods/organizations_envgroups_get_deployed_ingress_config + #/components/x-stackQL-resources/stats/methods/organizations_environments_stats_get insert: [] update: [] replace: [] delete: [] - attachments: - id: google.apigee.attachments - name: attachments - title: Attachments + debugsession_data: + id: google.apigee.debugsession_data + name: debugsession_data + title: Debugsession_data methods: - organizations_envgroups_attachments_create: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1envgroups~1{envgroupsId}~1attachments/post - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_envgroups_attachments_list: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1envgroups~1{envgroupsId}~1attachments/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.environmentGroupAttachments - organizations_envgroups_attachments_get: + organizations_environments_apis_revisions_debugsessions_data_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1envgroups~1{envgroupsId}~1attachments~1{attachmentsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1debugsessions~1{debugsessionsId}~1data~1{dataId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_envgroups_attachments_delete: + organizations_environments_apis_revisions_debugsessions_delete_data: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1envgroups~1{envgroupsId}~1attachments~1{attachmentsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apis~1{apisId}~1revisions~1{revisionsId}~1debugsessions~1{debugsessionsId}~1data/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_instances_attachments_create: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/debugsession_data/methods/organizations_environments_apis_revisions_debugsessions_data_get + insert: [] + update: [] + replace: [] + delete: [] + security_incidents: + id: google.apigee.security_incidents + name: security_incidents + title: Security_incidents + methods: + organizations_environments_security_incidents_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1attachments/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityIncidents/get response: mediaType: application/json openAPIDocKey: '200' - organizations_instances_attachments_list: + objectKey: $.securityIncidents + organizations_environments_security_incidents_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1attachments/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityIncidents~1{securityIncidentsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.attachments - organizations_instances_attachments_get: + organizations_environments_security_incidents_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1attachments~1{attachmentsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityIncidents~1{securityIncidentsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_instances_attachments_delete: + organizations_environments_security_incidents_batch_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1attachments~1{attachmentsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityIncidents:batchUpdate/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/attachments/methods/organizations_envgroups_attachments_get - - $ref: >- - #/components/x-stackQL-resources/attachments/methods/organizations_instances_attachments_get - - $ref: >- - #/components/x-stackQL-resources/attachments/methods/organizations_envgroups_attachments_list + #/components/x-stackQL-resources/security_incidents/methods/organizations_environments_security_incidents_get - $ref: >- - #/components/x-stackQL-resources/attachments/methods/organizations_instances_attachments_list - insert: + #/components/x-stackQL-resources/security_incidents/methods/organizations_environments_security_incidents_list + insert: [] + update: - $ref: >- - #/components/x-stackQL-resources/attachments/methods/organizations_envgroups_attachments_create + #/components/x-stackQL-resources/security_incidents/methods/organizations_environments_security_incidents_patch - $ref: >- - #/components/x-stackQL-resources/attachments/methods/organizations_instances_attachments_create - update: [] + #/components/x-stackQL-resources/security_incidents/methods/organizations_environments_security_incidents_batch_update replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/attachments/methods/organizations_envgroups_attachments_delete - - $ref: >- - #/components/x-stackQL-resources/attachments/methods/organizations_instances_attachments_delete - instances: - id: google.apigee.instances - name: instances - title: Instances + delete: [] + deployments_iam_policies: + id: google.apigee.deployments_iam_policies + name: deployments_iam_policies + title: Deployments_iam_policies methods: - organizations_instances_create: - operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1instances/post' - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_instances_list: - operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1instances/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.instances - organizations_instances_delete: + organizations_environments_deployments_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1deployments~1{deploymentsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - organizations_instances_get: + objectKey: $.bindings + organizations_environments_deployments_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1deployments~1{deploymentsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - organizations_instances_patch: + organizations_environments_deployments_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1deployments~1{deploymentsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - organizations_instances_report_status: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/deployments_iam_policies/methods/organizations_environments_deployments_get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/deployments_iam_policies/methods/organizations_environments_deployments_set_iam_policy + delete: [] + admin_schemav2: + id: google.apigee.admin_schemav2 + name: admin_schemav2 + title: Admin_schemav2 + methods: + organizations_environments_analytics_admin_get_schemav2: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}:reportStatus/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1analytics~1admin~1schemav2/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/instances/methods/organizations_instances_get - - $ref: >- - #/components/x-stackQL-resources/instances/methods/organizations_instances_list - insert: - - $ref: >- - #/components/x-stackQL-resources/instances/methods/organizations_instances_create - update: - - $ref: >- - #/components/x-stackQL-resources/instances/methods/organizations_instances_patch + #/components/x-stackQL-resources/admin_schemav2/methods/organizations_environments_analytics_admin_get_schemav2 + insert: [] + update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/instances/methods/organizations_instances_delete - canaryevaluations: - id: google.apigee.canaryevaluations - name: canaryevaluations - title: Canaryevaluations + delete: [] + exports: + id: google.apigee.exports + name: exports + title: Exports methods: - organizations_instances_canaryevaluations_create: + organizations_environments_analytics_exports_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1canaryevaluations/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1analytics~1exports/get response: mediaType: application/json openAPIDocKey: '200' - organizations_instances_canaryevaluations_get: + organizations_environments_analytics_exports_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1canaryevaluations~1{canaryevaluationsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1analytics~1exports/post + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_environments_analytics_exports_get: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1analytics~1exports~1{exportsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/canaryevaluations/methods/organizations_instances_canaryevaluations_get + #/components/x-stackQL-resources/exports/methods/organizations_environments_analytics_exports_get + - $ref: >- + #/components/x-stackQL-resources/exports/methods/organizations_environments_analytics_exports_list insert: - $ref: >- - #/components/x-stackQL-resources/canaryevaluations/methods/organizations_instances_canaryevaluations_create + #/components/x-stackQL-resources/exports/methods/organizations_environments_analytics_exports_create update: [] replace: [] delete: [] - nat_addresses: - id: google.apigee.nat_addresses - name: nat_addresses - title: Nat_addresses + overrides: + id: google.apigee.overrides + name: overrides + title: Overrides methods: - organizations_instances_nat_addresses_list: + organizations_environments_trace_config_overrides_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1natAddresses/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1traceConfig~1overrides~1{overridesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.natAddresses - organizations_instances_nat_addresses_create: + organizations_environments_trace_config_overrides_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1natAddresses/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1traceConfig~1overrides~1{overridesId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_instances_nat_addresses_get: + organizations_environments_trace_config_overrides_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1natAddresses~1{natAddressesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1traceConfig~1overrides~1{overridesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_instances_nat_addresses_delete: + organizations_environments_trace_config_overrides_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1natAddresses~1{natAddressesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1traceConfig~1overrides/get response: mediaType: application/json openAPIDocKey: '200' - organizations_instances_nat_addresses_activate: + objectKey: $.traceConfigOverrides + organizations_environments_trace_config_overrides_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1natAddresses~1{natAddressesId}:activate/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1traceConfig~1overrides/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/nat_addresses/methods/organizations_instances_nat_addresses_get + #/components/x-stackQL-resources/overrides/methods/organizations_environments_trace_config_overrides_get - $ref: >- - #/components/x-stackQL-resources/nat_addresses/methods/organizations_instances_nat_addresses_list + #/components/x-stackQL-resources/overrides/methods/organizations_environments_trace_config_overrides_list insert: - $ref: >- - #/components/x-stackQL-resources/nat_addresses/methods/organizations_instances_nat_addresses_create - update: [] + #/components/x-stackQL-resources/overrides/methods/organizations_environments_trace_config_overrides_create + update: + - $ref: >- + #/components/x-stackQL-resources/overrides/methods/organizations_environments_trace_config_overrides_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/nat_addresses/methods/organizations_instances_nat_addresses_delete - sharedflows: - id: google.apigee.sharedflows - name: sharedflows - title: Sharedflows + #/components/x-stackQL-resources/overrides/methods/organizations_environments_trace_config_overrides_delete + security_stats: + id: google.apigee.security_stats + name: security_stats + title: Security_stats methods: - organizations_sharedflows_list: + organizations_environments_security_stats_query_tabular_stats: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1sharedflows/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityStats:queryTabularStats/post response: mediaType: application/json openAPIDocKey: '200' - organizations_sharedflows_create: + organizations_environments_security_stats_query_time_series_stats: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1sharedflows/post' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityStats:queryTimeSeriesStats/post response: mediaType: application/json openAPIDocKey: '200' - organizations_sharedflows_get: + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + flowhooks: + id: google.apigee.flowhooks + name: flowhooks + title: Flowhooks + methods: + organizations_environments_flowhooks_attach_shared_flow_to_flow_hook: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sharedflows~1{sharedflowsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1flowhooks~1{flowhooksId}/put response: mediaType: application/json openAPIDocKey: '200' - organizations_sharedflows_delete: + organizations_environments_flowhooks_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sharedflows~1{sharedflowsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1flowhooks~1{flowhooksId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_sharedflows_move: + organizations_environments_flowhooks_detach_shared_flow_from_flow_hook: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sharedflows~1{sharedflowsId}:move/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1flowhooks~1{flowhooksId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/sharedflows/methods/organizations_sharedflows_get - - $ref: >- - #/components/x-stackQL-resources/sharedflows/methods/organizations_sharedflows_list - insert: - - $ref: >- - #/components/x-stackQL-resources/sharedflows/methods/organizations_sharedflows_create - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/sharedflows/methods/organizations_sharedflows_delete - revisions_shared_flow_revision: - id: google.apigee.revisions_shared_flow_revision - name: revisions_shared_flow_revision - title: Revisions_shared_flow_revision - methods: - organizations_sharedflows_revisions_update_shared_flow_revision: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sharedflows~1{sharedflowsId}~1revisions~1{revisionsId}/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: [] + #/components/x-stackQL-resources/flowhooks/methods/organizations_environments_flowhooks_get insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/revisions_shared_flow_revision/methods/organizations_sharedflows_revisions_update_shared_flow_revision + update: [] replace: [] delete: [] - spaces: - id: google.apigee.spaces - name: spaces - title: Spaces + archive_deployments: + id: google.apigee.archive_deployments + name: archive_deployments + title: Archive_deployments methods: - organizations_spaces_create: - operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1spaces/post' - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_spaces_list: + organizations_environments_archive_deployments_list: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1spaces/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1archiveDeployments/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.spaces - organizations_spaces_get: + objectKey: $.archiveDeployments + organizations_environments_archive_deployments_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1spaces~1{spacesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1archiveDeployments/post response: mediaType: application/json openAPIDocKey: '200' - organizations_spaces_patch: + organizations_environments_archive_deployments_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1spaces~1{spacesId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1archiveDeployments~1{archiveDeploymentsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_spaces_delete: + organizations_environments_archive_deployments_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1spaces~1{spacesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1archiveDeployments~1{archiveDeploymentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/spaces/methods/organizations_spaces_get - - $ref: >- - #/components/x-stackQL-resources/spaces/methods/organizations_spaces_list - insert: - - $ref: >- - #/components/x-stackQL-resources/spaces/methods/organizations_spaces_create - update: - - $ref: >- - #/components/x-stackQL-resources/spaces/methods/organizations_spaces_patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/spaces/methods/organizations_spaces_delete - spaces_iam_policies: - id: google.apigee.spaces_iam_policies - name: spaces_iam_policies - title: Spaces_iam_policies - methods: - organizations_spaces_set_iam_policy: + organizations_environments_archive_deployments_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1spaces~1{spacesId}:setIamPolicy/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1archiveDeployments~1{archiveDeploymentsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_spaces_get_iam_policy: + organizations_environments_archive_deployments_generate_download_url: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1spaces~1{spacesId}:getIamPolicy/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1archiveDeployments~1{archiveDeploymentsId}:generateDownloadUrl/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - organizations_spaces_test_iam_permissions: + organizations_environments_archive_deployments_generate_upload_url: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1spaces~1{spacesId}:testIamPermissions/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1archiveDeployments:generateUploadUrl/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/spaces_iam_policies/methods/organizations_spaces_get_iam_policy - insert: [] - update: [] - replace: + #/components/x-stackQL-resources/archive_deployments/methods/organizations_environments_archive_deployments_get - $ref: >- - #/components/x-stackQL-resources/spaces_iam_policies/methods/organizations_spaces_set_iam_policy - delete: [] - host_stats: - id: google.apigee.host_stats - name: host_stats - title: Host_stats + #/components/x-stackQL-resources/archive_deployments/methods/organizations_environments_archive_deployments_list + insert: + - $ref: >- + #/components/x-stackQL-resources/archive_deployments/methods/organizations_environments_archive_deployments_create + update: + - $ref: >- + #/components/x-stackQL-resources/archive_deployments/methods/organizations_environments_archive_deployments_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/archive_deployments/methods/organizations_environments_archive_deployments_delete + environment_config: + id: google.apigee.environment_config + name: environment_config + title: Environment_config methods: - organizations_host_stats_get: + organizations_environments_get_deployed_config: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1hostStats~1{hostStatsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1deployedConfig/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/host_stats/methods/organizations_host_stats_get + #/components/x-stackQL-resources/environment_config/methods/organizations_environments_get_deployed_config insert: [] update: [] replace: [] delete: [] - apiproducts: - id: google.apigee.apiproducts - name: apiproducts - title: Apiproducts + security_actions_config: + id: google.apigee.security_actions_config + name: security_actions_config + title: Security_actions_config methods: - organizations_apiproducts_create: - operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1apiproducts/post' - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_apiproducts_list: - operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1apiproducts/get' - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_apiproducts_delete: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_apiproducts_get: + organizations_environments_get_security_actions_config: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActionsConfig/get response: mediaType: application/json openAPIDocKey: '200' - organizations_apiproducts_update: + organizations_environments_update_security_actions_config: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}/put + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1securityActionsConfig/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_apiproducts_move: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/security_actions_config/methods/organizations_environments_get_security_actions_config + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/security_actions_config/methods/organizations_environments_update_security_actions_config + replace: [] + delete: [] + environments_debugmask: + id: google.apigee.environments_debugmask + name: environments_debugmask + title: Environments_debugmask + methods: + organizations_environments_get_debugmask: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}:move/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1debugmask/get response: mediaType: application/json openAPIDocKey: '200' - organizations_apiproducts_attributes: + organizations_environments_update_debugmask: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1attributes/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1debugmask/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_appgroups_apps_keys_apiproducts_update_app_group_app_key_api_product: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/environments_debugmask/methods/organizations_environments_get_debugmask + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/environments_debugmask/methods/organizations_environments_update_debugmask + replace: [] + delete: [] + environments_trace_config: + id: google.apigee.environments_trace_config + name: environments_trace_config + title: Environments_trace_config + methods: + organizations_environments_update_trace_config: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}~1keys~1{keysId}~1apiproducts~1{apiproductsId}/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1traceConfig/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_appgroups_apps_keys_apiproducts_delete: + organizations_environments_get_trace_config: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}~1keys~1{keysId}~1apiproducts~1{apiproductsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1traceConfig/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/apiproducts/methods/organizations_apiproducts_get - - $ref: >- - #/components/x-stackQL-resources/apiproducts/methods/organizations_apiproducts_list - insert: - - $ref: >- - #/components/x-stackQL-resources/apiproducts/methods/organizations_apiproducts_create - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/apiproducts/methods/organizations_apiproducts_update - delete: - - $ref: >- - #/components/x-stackQL-resources/apiproducts/methods/organizations_appgroups_apps_keys_apiproducts_delete + #/components/x-stackQL-resources/environments_trace_config/methods/organizations_environments_get_trace_config + insert: [] + update: - $ref: >- - #/components/x-stackQL-resources/apiproducts/methods/organizations_apiproducts_delete - attributes: - id: google.apigee.attributes - name: attributes - title: Attributes + #/components/x-stackQL-resources/environments_trace_config/methods/organizations_environments_update_trace_config + replace: [] + delete: [] + api_security_runtime_config: + id: google.apigee.api_security_runtime_config + name: api_security_runtime_config + title: Api_security_runtime_config methods: - organizations_apiproducts_attributes_list: + organizations_environments_get_api_security_runtime_config: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1attributes/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}~1apiSecurityRuntimeConfig/get response: mediaType: application/json openAPIDocKey: '200' - organizations_apiproducts_attributes_get: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/api_security_runtime_config/methods/organizations_environments_get_api_security_runtime_config + insert: [] + update: [] + replace: [] + delete: [] + environments: + id: google.apigee.environments + name: environments + title: Environments + methods: + organizations_environments_update_environment: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1attributes~1{attributesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}/post response: mediaType: application/json openAPIDocKey: '200' - organizations_apiproducts_attributes_update_api_product_attribute: + organizations_environments_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1attributes~1{attributesId}/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_apiproducts_attributes_delete: + organizations_environments_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1attributes~1{attributesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}/put response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_attributes_list: + organizations_environments_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1attributes/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_apps_attributes_list: + organizations_environments_modify_environment: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1attributes/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_apps_attributes_get: + organizations_environments_create: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1attributes~1{attributesId}/get + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1environments/post' response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_apps_attributes_update_developer_app_attribute: + organizations_environments_subscribe: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1attributes~1{attributesId}/post + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}:subscribe/post response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_apps_attributes_delete: + organizations_environments_unsubscribe: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1attributes~1{attributesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}:unsubscribe/post response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_attributes_get: + organizations_security_profiles_environments_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1attributes~1{attributesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles~1{securityProfilesId}~1environments/post response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_attributes_delete: + organizations_security_profiles_environments_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1attributes~1{attributesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles~1{securityProfilesId}~1environments~1{environmentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_attributes_update_developer_attribute: + organizations_security_profiles_environments_compute_environment_scores: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1attributes~1{attributesId}/post + #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles~1{securityProfilesId}~1environments~1{environmentsId}:computeEnvironmentScores/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/attributes/methods/organizations_developers_apps_attributes_get - - $ref: >- - #/components/x-stackQL-resources/attributes/methods/organizations_apiproducts_attributes_get + #/components/x-stackQL-resources/environments/methods/organizations_environments_get + insert: - $ref: >- - #/components/x-stackQL-resources/attributes/methods/organizations_developers_apps_attributes_list + #/components/x-stackQL-resources/environments/methods/organizations_security_profiles_environments_create - $ref: >- - #/components/x-stackQL-resources/attributes/methods/organizations_developers_attributes_get + #/components/x-stackQL-resources/environments/methods/organizations_environments_create + update: - $ref: >- - #/components/x-stackQL-resources/attributes/methods/organizations_apiproducts_attributes_list + #/components/x-stackQL-resources/environments/methods/organizations_environments_update_environment + replace: - $ref: >- - #/components/x-stackQL-resources/attributes/methods/organizations_developers_attributes_list - insert: [] - update: [] - replace: [] + #/components/x-stackQL-resources/environments/methods/organizations_environments_update delete: - $ref: >- - #/components/x-stackQL-resources/attributes/methods/organizations_developers_apps_attributes_delete - - $ref: >- - #/components/x-stackQL-resources/attributes/methods/organizations_apiproducts_attributes_delete + #/components/x-stackQL-resources/environments/methods/organizations_security_profiles_environments_delete - $ref: >- - #/components/x-stackQL-resources/attributes/methods/organizations_developers_attributes_delete - rateplans: - id: google.apigee.rateplans - name: rateplans - title: Rateplans + #/components/x-stackQL-resources/environments/methods/organizations_environments_delete + environments_iam_policies: + id: google.apigee.environments_iam_policies + name: environments_iam_policies + title: Environments_iam_policies methods: - organizations_apiproducts_rateplans_create: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1rateplans/post - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_apiproducts_rateplans_list: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1rateplans/get - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_apiproducts_rateplans_get: + organizations_environments_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1rateplans~1{rateplansId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - organizations_apiproducts_rateplans_update: + organizations_environments_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1rateplans~1{rateplansId}/put + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - organizations_apiproducts_rateplans_delete: + organizations_environments_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1rateplans~1{rateplansId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1environments~1{environmentsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/rateplans/methods/organizations_apiproducts_rateplans_get - - $ref: >- - #/components/x-stackQL-resources/rateplans/methods/organizations_apiproducts_rateplans_list - insert: - - $ref: >- - #/components/x-stackQL-resources/rateplans/methods/organizations_apiproducts_rateplans_create + #/components/x-stackQL-resources/environments_iam_policies/methods/organizations_environments_get_iam_policy + insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/rateplans/methods/organizations_apiproducts_rateplans_update - delete: - - $ref: >- - #/components/x-stackQL-resources/rateplans/methods/organizations_apiproducts_rateplans_delete - apps: - id: google.apigee.apps - name: apps - title: Apps + #/components/x-stackQL-resources/environments_iam_policies/methods/organizations_environments_set_iam_policy + delete: [] + reports: + id: google.apigee.reports + name: reports + title: Reports methods: - organizations_apps_get: + organizations_reports_create: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1apps~1{appsId}/get' + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1reports/post' response: mediaType: application/json openAPIDocKey: '200' - organizations_apps_list: + organizations_reports_list: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1apps/get' + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1reports/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.app - organizations_developers_apps_generate_key_pair_or_update_developer_app_status: + organizations_reports_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}/post + #/paths/~1v1~1organizations~1{organizationsId}~1reports~1{reportsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_apps_delete: + organizations_reports_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1reports~1{reportsId}/put response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_apps_get: + organizations_reports_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1reports~1{reportsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_apps_update: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/reports/methods/organizations_reports_get + - $ref: >- + #/components/x-stackQL-resources/reports/methods/organizations_reports_list + insert: + - $ref: >- + #/components/x-stackQL-resources/reports/methods/organizations_reports_create + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/reports/methods/organizations_reports_update + delete: + - $ref: >- + #/components/x-stackQL-resources/reports/methods/organizations_reports_delete + apiproducts: + id: google.apigee.apiproducts + name: apiproducts + title: Apiproducts + methods: + organizations_appgroups_apps_keys_apiproducts_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}/put + #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}~1keys~1{keysId}~1apiproducts~1{apiproductsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_apps_create: + organizations_appgroups_apps_keys_apiproducts_update_app_group_app_key_api_product: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps/post + #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}~1keys~1{keysId}~1apiproducts~1{apiproductsId}/post response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_apps_list: + organizations_apiproducts_attributes: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps/get + #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1attributes/post response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_apps_attributes: + organizations_apiproducts_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1attributes/post + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1apiproducts/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_appgroups_apps_create: + organizations_apiproducts_create: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps/post + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1apiproducts/post' response: mediaType: application/json openAPIDocKey: '200' - organizations_appgroups_apps_list: + organizations_apiproducts_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps/get + #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.appGroupApps - organizations_appgroups_apps_delete: + organizations_apiproducts_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_appgroups_apps_get: + organizations_apiproducts_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}/put response: mediaType: application/json openAPIDocKey: '200' - organizations_appgroups_apps_update: + organizations_apiproducts_move: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}/put + #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}:move/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/apps/methods/organizations_developers_apps_get - - $ref: >- - #/components/x-stackQL-resources/apps/methods/organizations_appgroups_apps_get - - $ref: >- - #/components/x-stackQL-resources/apps/methods/organizations_apps_get - - $ref: >- - #/components/x-stackQL-resources/apps/methods/organizations_developers_apps_list - - $ref: >- - #/components/x-stackQL-resources/apps/methods/organizations_appgroups_apps_list + #/components/x-stackQL-resources/apiproducts/methods/organizations_apiproducts_get - $ref: >- - #/components/x-stackQL-resources/apps/methods/organizations_apps_list + #/components/x-stackQL-resources/apiproducts/methods/organizations_apiproducts_list insert: - $ref: >- - #/components/x-stackQL-resources/apps/methods/organizations_developers_apps_create - - $ref: >- - #/components/x-stackQL-resources/apps/methods/organizations_appgroups_apps_create + #/components/x-stackQL-resources/apiproducts/methods/organizations_apiproducts_create update: [] replace: - $ref: >- - #/components/x-stackQL-resources/apps/methods/organizations_developers_apps_update - - $ref: >- - #/components/x-stackQL-resources/apps/methods/organizations_appgroups_apps_update + #/components/x-stackQL-resources/apiproducts/methods/organizations_apiproducts_update delete: - $ref: >- - #/components/x-stackQL-resources/apps/methods/organizations_developers_apps_delete - - $ref: >- - #/components/x-stackQL-resources/apps/methods/organizations_appgroups_apps_delete - host_queries: - id: google.apigee.host_queries - name: host_queries - title: Host_queries - methods: - organizations_host_queries_create: - operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1hostQueries/post' - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_host_queries_list: - operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1hostQueries/get' - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_host_queries_get: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1hostQueries~1{hostQueriesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/host_queries/methods/organizations_host_queries_get - - $ref: >- - #/components/x-stackQL-resources/host_queries/methods/organizations_host_queries_list - insert: + #/components/x-stackQL-resources/apiproducts/methods/organizations_appgroups_apps_keys_apiproducts_delete - $ref: >- - #/components/x-stackQL-resources/host_queries/methods/organizations_host_queries_create - update: [] - replace: [] - delete: [] - host_queries_result: - id: google.apigee.host_queries_result - name: host_queries_result - title: Host_queries_result + #/components/x-stackQL-resources/apiproducts/methods/organizations_apiproducts_delete + appgroups: + id: google.apigee.appgroups + name: appgroups + title: Appgroups methods: - organizations_host_queries_get_result: + organizations_appgroups_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1hostQueries~1{hostQueriesId}~1result/get + #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/host_queries_result/methods/organizations_host_queries_get_result - insert: [] - update: [] - replace: [] - delete: [] - host_queries_result_view: - id: google.apigee.host_queries_result_view - name: host_queries_result_view - title: Host_queries_result_view - methods: - organizations_host_queries_get_result_view: + organizations_appgroups_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1hostQueries~1{hostQueriesId}~1resultView/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/host_queries_result_view/methods/organizations_host_queries_get_result_view - insert: [] - update: [] - replace: [] - delete: [] - reports: - id: google.apigee.reports - name: reports - title: Reports - methods: - organizations_reports_create: - operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1reports/post' - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_reports_list: - operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1reports/get' + #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}/put response: mediaType: application/json openAPIDocKey: '200' - organizations_reports_get: + organizations_appgroups_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1reports~1{reportsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_reports_update: + organizations_appgroups_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1reports~1{reportsId}/put + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1appgroups/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_reports_delete: + objectKey: $.appGroups + organizations_appgroups_create: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1reports~1{reportsId}/delete + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1appgroups/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/reports/methods/organizations_reports_get + #/components/x-stackQL-resources/appgroups/methods/organizations_appgroups_get - $ref: >- - #/components/x-stackQL-resources/reports/methods/organizations_reports_list + #/components/x-stackQL-resources/appgroups/methods/organizations_appgroups_list insert: - $ref: >- - #/components/x-stackQL-resources/reports/methods/organizations_reports_create + #/components/x-stackQL-resources/appgroups/methods/organizations_appgroups_create update: [] replace: - $ref: >- - #/components/x-stackQL-resources/reports/methods/organizations_reports_update + #/components/x-stackQL-resources/appgroups/methods/organizations_appgroups_update delete: - $ref: >- - #/components/x-stackQL-resources/reports/methods/organizations_reports_delete - datastores: - id: google.apigee.datastores - name: datastores - title: Datastores + #/components/x-stackQL-resources/appgroups/methods/organizations_appgroups_delete + security_profiles: + id: google.apigee.security_profiles + name: security_profiles + title: Security_profiles methods: - organizations_analytics_datastores_create: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1analytics~1datastores/post - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_analytics_datastores_list: + organizations_security_profiles_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1analytics~1datastores/get + #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles~1{securityProfilesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_analytics_datastores_test: + organizations_security_profiles_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1analytics~1datastores:test/post + #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles~1{securityProfilesId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_analytics_datastores_delete: + organizations_security_profiles_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1analytics~1datastores~1{datastoresId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles~1{securityProfilesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_analytics_datastores_get: + organizations_security_profiles_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1analytics~1datastores~1{datastoresId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles/post response: mediaType: application/json openAPIDocKey: '200' - organizations_analytics_datastores_update: + organizations_security_profiles_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1analytics~1datastores~1{datastoresId}/put + #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.securityProfiles sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/datastores/methods/organizations_analytics_datastores_get + #/components/x-stackQL-resources/security_profiles/methods/organizations_security_profiles_get - $ref: >- - #/components/x-stackQL-resources/datastores/methods/organizations_analytics_datastores_list + #/components/x-stackQL-resources/security_profiles/methods/organizations_security_profiles_list insert: - $ref: >- - #/components/x-stackQL-resources/datastores/methods/organizations_analytics_datastores_create - update: [] - replace: + #/components/x-stackQL-resources/security_profiles/methods/organizations_security_profiles_create + update: - $ref: >- - #/components/x-stackQL-resources/datastores/methods/organizations_analytics_datastores_update + #/components/x-stackQL-resources/security_profiles/methods/organizations_security_profiles_patch + replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/datastores/methods/organizations_analytics_datastores_delete - developers: - id: google.apigee.developers - name: developers - title: Developers + #/components/x-stackQL-resources/security_profiles/methods/organizations_security_profiles_delete + security_profiles_revisions: + id: google.apigee.security_profiles_revisions + name: security_profiles_revisions + title: Security_profiles_revisions methods: - organizations_developers_create: - operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1developers/post' - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_developers_list: + organizations_security_profiles_list_revisions: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1developers/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles~1{securityProfilesId}:listRevisions/get response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_update: + objectKey: $.securityProfiles + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/security_profiles_revisions/methods/organizations_security_profiles_list_revisions + insert: [] + update: [] + replace: [] + delete: [] + sharedflows: + id: google.apigee.sharedflows + name: sharedflows + title: Sharedflows + methods: + organizations_sharedflows_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}/put + #/paths/~1v1~1organizations~1{organizationsId}~1sharedflows~1{sharedflowsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_get: + organizations_sharedflows_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1sharedflows~1{sharedflowsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_delete: + organizations_sharedflows_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}/delete + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1sharedflows/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_set_developer_status: + organizations_sharedflows_create: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}/post + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1sharedflows/post' response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_attributes: + organizations_sharedflows_move: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1attributes/post + #/paths/~1v1~1organizations~1{organizationsId}~1sharedflows~1{sharedflowsId}:move/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/developers/methods/organizations_developers_get + #/components/x-stackQL-resources/sharedflows/methods/organizations_sharedflows_get - $ref: >- - #/components/x-stackQL-resources/developers/methods/organizations_developers_list + #/components/x-stackQL-resources/sharedflows/methods/organizations_sharedflows_list insert: - $ref: >- - #/components/x-stackQL-resources/developers/methods/organizations_developers_create + #/components/x-stackQL-resources/sharedflows/methods/organizations_sharedflows_create update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/developers/methods/organizations_developers_update + replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/developers/methods/organizations_developers_delete - developers_monetization_config: - id: google.apigee.developers_monetization_config - name: developers_monetization_config - title: Developers_monetization_config + #/components/x-stackQL-resources/sharedflows/methods/organizations_sharedflows_delete + revisions_shared_flow_revision: + id: google.apigee.revisions_shared_flow_revision + name: revisions_shared_flow_revision + title: Revisions_shared_flow_revision methods: - organizations_developers_get_monetization_config: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1monetizationConfig/get - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_developers_update_monetization_config: + organizations_sharedflows_revisions_update_shared_flow_revision: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1monetizationConfig/put + #/paths/~1v1~1organizations~1{organizationsId}~1sharedflows~1{sharedflowsId}~1revisions~1{revisionsId}/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/developers_monetization_config/methods/organizations_developers_get_monetization_config + select: [] insert: [] - update: [] - replace: + update: - $ref: >- - #/components/x-stackQL-resources/developers_monetization_config/methods/organizations_developers_update_monetization_config + #/components/x-stackQL-resources/revisions_shared_flow_revision/methods/organizations_sharedflows_revisions_update_shared_flow_revision + replace: [] delete: [] - developers_balance: - id: google.apigee.developers_balance - name: developers_balance - title: Developers_balance + host_stats: + id: google.apigee.host_stats + name: host_stats + title: Host_stats methods: - organizations_developers_get_balance: + organizations_host_stats_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1balance/get + #/paths/~1v1~1organizations~1{organizationsId}~1hostStats~1{hostStatsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/developers_balance/methods/organizations_developers_get_balance + #/components/x-stackQL-resources/host_stats/methods/organizations_host_stats_get insert: [] update: [] replace: [] delete: [] - keys: - id: google.apigee.keys - name: keys - title: Keys + dns_zones: + id: google.apigee.dns_zones + name: dns_zones + title: Dns_zones methods: - organizations_developers_apps_keys_create: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1keys/post - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_developers_apps_keys_update_developer_app_key: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1keys~1{keysId}/post - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_developers_apps_keys_replace_developer_app_key: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1keys~1{keysId}/put - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_developers_apps_keys_delete: + organizations_dns_zones_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1keys~1{keysId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1dnsZones~1{dnsZonesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_apps_keys_get: + organizations_dns_zones_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1keys~1{keysId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1dnsZones~1{dnsZonesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_apps_keys_create_create: + organizations_dns_zones_create: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1keys~1create/post + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1dnsZones/post' response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_apps_keys_apiproducts_delete: + organizations_dns_zones_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1keys~1{keysId}~1apiproducts~1{apiproductsId}/delete + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1dnsZones/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_apps_keys_apiproducts_update_developer_app_key_api_product: + objectKey: $.dnsZones + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/dns_zones/methods/organizations_dns_zones_get + - $ref: >- + #/components/x-stackQL-resources/dns_zones/methods/organizations_dns_zones_list + insert: + - $ref: >- + #/components/x-stackQL-resources/dns_zones/methods/organizations_dns_zones_create + update: [] + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/dns_zones/methods/organizations_dns_zones_delete + datacollectors: + id: google.apigee.datacollectors + name: datacollectors + title: Datacollectors + methods: + organizations_datacollectors_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1apps~1{appsId}~1keys~1{keysId}~1apiproducts~1{apiproductsId}/post + #/paths/~1v1~1organizations~1{organizationsId}~1datacollectors~1{datacollectorsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_appgroups_apps_keys_create: + organizations_datacollectors_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}~1keys/post + #/paths/~1v1~1organizations~1{organizationsId}~1datacollectors~1{datacollectorsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_appgroups_apps_keys_delete: + organizations_datacollectors_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}~1keys~1{keysId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1datacollectors~1{datacollectorsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_appgroups_apps_keys_get: + organizations_datacollectors_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}~1keys~1{keysId}/get + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1datacollectors/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_appgroups_apps_keys_update_app_group_app_key: + objectKey: $.dataCollectors + organizations_datacollectors_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}~1apps~1{appsId}~1keys~1{keysId}/post + #/paths/~1v1~1organizations~1{organizationsId}~1datacollectors/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/keys/methods/organizations_developers_apps_keys_get + #/components/x-stackQL-resources/datacollectors/methods/organizations_datacollectors_get - $ref: >- - #/components/x-stackQL-resources/keys/methods/organizations_appgroups_apps_keys_get + #/components/x-stackQL-resources/datacollectors/methods/organizations_datacollectors_list insert: - $ref: >- - #/components/x-stackQL-resources/keys/methods/organizations_developers_apps_keys_create - - $ref: >- - #/components/x-stackQL-resources/keys/methods/organizations_appgroups_apps_keys_create - update: [] - replace: + #/components/x-stackQL-resources/datacollectors/methods/organizations_datacollectors_create + update: - $ref: >- - #/components/x-stackQL-resources/keys/methods/organizations_developers_apps_keys_replace_developer_app_key + #/components/x-stackQL-resources/datacollectors/methods/organizations_datacollectors_patch + replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/keys/methods/organizations_developers_apps_keys_apiproducts_delete - - $ref: >- - #/components/x-stackQL-resources/keys/methods/organizations_developers_apps_keys_delete - - $ref: >- - #/components/x-stackQL-resources/keys/methods/organizations_appgroups_apps_keys_delete - balance: - id: google.apigee.balance - name: balance - title: Balance + #/components/x-stackQL-resources/datacollectors/methods/organizations_datacollectors_delete + apicategories: + id: google.apigee.apicategories + name: apicategories + title: Apicategories methods: - organizations_developers_balance_credit: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1balance:credit/post - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_developers_balance_adjust: + organizations_sites_apicategories_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1balance:adjust/post + #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apicategories/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - subscriptions: - id: google.apigee.subscriptions - name: subscriptions - title: Subscriptions - methods: - organizations_developers_subscriptions_create: + organizations_sites_apicategories_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1subscriptions/post + #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apicategories/post response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_subscriptions_list: + organizations_sites_apicategories_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1subscriptions/get + #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apicategories~1{apicategoriesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_subscriptions_get: + organizations_sites_apicategories_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1subscriptions~1{subscriptionsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apicategories~1{apicategoriesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_developers_subscriptions_expire: + organizations_sites_apicategories_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1developers~1{developersId}~1subscriptions~1{subscriptionsId}:expire/post + #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apicategories~1{apicategoriesId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/subscriptions/methods/organizations_developers_subscriptions_get + #/components/x-stackQL-resources/apicategories/methods/organizations_sites_apicategories_get - $ref: >- - #/components/x-stackQL-resources/subscriptions/methods/organizations_developers_subscriptions_list + #/components/x-stackQL-resources/apicategories/methods/organizations_sites_apicategories_list insert: - $ref: >- - #/components/x-stackQL-resources/subscriptions/methods/organizations_developers_subscriptions_create - update: [] + #/components/x-stackQL-resources/apicategories/methods/organizations_sites_apicategories_create + update: + - $ref: >- + #/components/x-stackQL-resources/apicategories/methods/organizations_sites_apicategories_patch replace: [] - delete: [] - appgroups: - id: google.apigee.appgroups - name: appgroups - title: Appgroups + delete: + - $ref: >- + #/components/x-stackQL-resources/apicategories/methods/organizations_sites_apicategories_delete + apidocs: + id: google.apigee.apidocs + name: apidocs + title: Apidocs methods: - organizations_appgroups_create: + organizations_sites_apidocs_update: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1appgroups/post' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apidocs~1{apidocsId}/put response: mediaType: application/json openAPIDocKey: '200' - organizations_appgroups_list: + organizations_sites_apidocs_delete: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1appgroups/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apidocs~1{apidocsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.appGroups - organizations_appgroups_get: + organizations_sites_apidocs_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apidocs~1{apidocsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_appgroups_delete: + organizations_sites_apidocs_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apidocs/post response: mediaType: application/json openAPIDocKey: '200' - organizations_appgroups_update: + organizations_sites_apidocs_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1appgroups~1{appgroupsId}/put + #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apidocs/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.data sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/appgroups/methods/organizations_appgroups_get + #/components/x-stackQL-resources/apidocs/methods/organizations_sites_apidocs_get - $ref: >- - #/components/x-stackQL-resources/appgroups/methods/organizations_appgroups_list + #/components/x-stackQL-resources/apidocs/methods/organizations_sites_apidocs_list insert: - $ref: >- - #/components/x-stackQL-resources/appgroups/methods/organizations_appgroups_create + #/components/x-stackQL-resources/apidocs/methods/organizations_sites_apidocs_create update: [] replace: - $ref: >- - #/components/x-stackQL-resources/appgroups/methods/organizations_appgroups_update + #/components/x-stackQL-resources/apidocs/methods/organizations_sites_apidocs_update delete: - $ref: >- - #/components/x-stackQL-resources/appgroups/methods/organizations_appgroups_delete - host_security_reports: - id: google.apigee.host_security_reports - name: host_security_reports - title: Host_security_reports + #/components/x-stackQL-resources/apidocs/methods/organizations_sites_apidocs_delete + apidocs_documentation: + id: google.apigee.apidocs_documentation + name: apidocs_documentation + title: Apidocs_documentation methods: - organizations_host_security_reports_create: + organizations_sites_apidocs_update_documentation: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1hostSecurityReports/post + #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apidocs~1{apidocsId}~1documentation/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_host_security_reports_list: + organizations_sites_apidocs_get_documentation: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1hostSecurityReports/get + #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apidocs~1{apidocsId}~1documentation/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.securityReports - organizations_host_security_reports_get: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/apidocs_documentation/methods/organizations_sites_apidocs_get_documentation + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/apidocs_documentation/methods/organizations_sites_apidocs_update_documentation + replace: [] + delete: [] + host_queries: + id: google.apigee.host_queries + name: host_queries + title: Host_queries + methods: + organizations_host_queries_list: + operation: + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1hostQueries/get' + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_host_queries_create: + operation: + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1hostQueries/post' + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_host_queries_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1hostSecurityReports~1{hostSecurityReportsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1hostQueries~1{hostQueriesId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/host_security_reports/methods/organizations_host_security_reports_get + #/components/x-stackQL-resources/host_queries/methods/organizations_host_queries_get - $ref: >- - #/components/x-stackQL-resources/host_security_reports/methods/organizations_host_security_reports_list + #/components/x-stackQL-resources/host_queries/methods/organizations_host_queries_list insert: - $ref: >- - #/components/x-stackQL-resources/host_security_reports/methods/organizations_host_security_reports_create + #/components/x-stackQL-resources/host_queries/methods/organizations_host_queries_create update: [] replace: [] delete: [] - host_security_reports_result: - id: google.apigee.host_security_reports_result - name: host_security_reports_result - title: Host_security_reports_result + host_queries_result: + id: google.apigee.host_queries_result + name: host_queries_result + title: Host_queries_result methods: - organizations_host_security_reports_get_result: + organizations_host_queries_get_result: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1hostSecurityReports~1{hostSecurityReportsId}~1result/get + #/paths/~1v1~1organizations~1{organizationsId}~1hostQueries~1{hostQueriesId}~1result/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/host_security_reports_result/methods/organizations_host_security_reports_get_result + #/components/x-stackQL-resources/host_queries_result/methods/organizations_host_queries_get_result insert: [] update: [] replace: [] delete: [] - host_security_reports_result_view: - id: google.apigee.host_security_reports_result_view - name: host_security_reports_result_view - title: Host_security_reports_result_view + host_queries_result_view: + id: google.apigee.host_queries_result_view + name: host_queries_result_view + title: Host_queries_result_view methods: - organizations_host_security_reports_get_result_view: + organizations_host_queries_get_result_view: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1hostSecurityReports~1{hostSecurityReportsId}~1resultView/get + #/paths/~1v1~1organizations~1{organizationsId}~1hostQueries~1{hostQueriesId}~1resultView/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/host_security_reports_result_view/methods/organizations_host_security_reports_get_result_view + #/components/x-stackQL-resources/host_queries_result_view/methods/organizations_host_queries_get_result_view insert: [] update: [] replace: [] delete: [] - security_profiles: - id: google.apigee.security_profiles - name: security_profiles - title: Security_profiles + instances: + id: google.apigee.instances + name: instances + title: Instances methods: - organizations_security_profiles_create: + organizations_instances_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles/post + #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_security_profiles_list: + organizations_instances_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles/get + #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.securityProfiles - organizations_security_profiles_patch: + organizations_instances_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles~1{securityProfilesId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_security_profiles_delete: + organizations_instances_report_status: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles~1{securityProfilesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}:reportStatus/post response: mediaType: application/json openAPIDocKey: '200' - organizations_security_profiles_get: + organizations_instances_create: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles~1{securityProfilesId}/get + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1instances/post' + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_instances_list: + operation: + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1instances/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.instances sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/security_profiles/methods/organizations_security_profiles_get + #/components/x-stackQL-resources/instances/methods/organizations_instances_get - $ref: >- - #/components/x-stackQL-resources/security_profiles/methods/organizations_security_profiles_list + #/components/x-stackQL-resources/instances/methods/organizations_instances_list insert: - $ref: >- - #/components/x-stackQL-resources/security_profiles/methods/organizations_security_profiles_create + #/components/x-stackQL-resources/instances/methods/organizations_instances_create update: - $ref: >- - #/components/x-stackQL-resources/security_profiles/methods/organizations_security_profiles_patch + #/components/x-stackQL-resources/instances/methods/organizations_instances_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/security_profiles/methods/organizations_security_profiles_delete - security_profiles_revisions: - id: google.apigee.security_profiles_revisions - name: security_profiles_revisions - title: Security_profiles_revisions - methods: - organizations_security_profiles_list_revisions: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityProfiles~1{securityProfilesId}:listRevisions/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.securityProfiles - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/security_profiles_revisions/methods/organizations_security_profiles_list_revisions - insert: [] - update: [] - replace: [] - delete: [] - security_profiles_v2: - id: google.apigee.security_profiles_v2 - name: security_profiles_v2 - title: Security_profiles_v2 + #/components/x-stackQL-resources/instances/methods/organizations_instances_delete + nat_addresses: + id: google.apigee.nat_addresses + name: nat_addresses + title: Nat_addresses methods: - organizations_security_profiles_v2_create: + organizations_instances_nat_addresses_activate: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityProfilesV2/post + #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1natAddresses~1{natAddressesId}:activate/post response: mediaType: application/json openAPIDocKey: '200' - organizations_security_profiles_v2_list: + organizations_instances_nat_addresses_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityProfilesV2/get + #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1natAddresses~1{natAddressesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.securityProfilesV2 - organizations_security_profiles_v2_get: + organizations_instances_nat_addresses_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityProfilesV2~1{securityProfilesV2Id}/get + #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1natAddresses~1{natAddressesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_security_profiles_v2_patch: + organizations_instances_nat_addresses_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityProfilesV2~1{securityProfilesV2Id}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1natAddresses/post response: mediaType: application/json openAPIDocKey: '200' - organizations_security_profiles_v2_delete: + organizations_instances_nat_addresses_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityProfilesV2~1{securityProfilesV2Id}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1natAddresses/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.natAddresses sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/security_profiles_v2/methods/organizations_security_profiles_v2_get + #/components/x-stackQL-resources/nat_addresses/methods/organizations_instances_nat_addresses_get - $ref: >- - #/components/x-stackQL-resources/security_profiles_v2/methods/organizations_security_profiles_v2_list + #/components/x-stackQL-resources/nat_addresses/methods/organizations_instances_nat_addresses_list insert: - $ref: >- - #/components/x-stackQL-resources/security_profiles_v2/methods/organizations_security_profiles_v2_create - update: - - $ref: >- - #/components/x-stackQL-resources/security_profiles_v2/methods/organizations_security_profiles_v2_patch + #/components/x-stackQL-resources/nat_addresses/methods/organizations_instances_nat_addresses_create + update: [] replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/security_profiles_v2/methods/organizations_security_profiles_v2_delete - security_monitoring_conditions: - id: google.apigee.security_monitoring_conditions - name: security_monitoring_conditions - title: Security_monitoring_conditions + #/components/x-stackQL-resources/nat_addresses/methods/organizations_instances_nat_addresses_delete + canaryevaluations: + id: google.apigee.canaryevaluations + name: canaryevaluations + title: Canaryevaluations methods: - organizations_security_monitoring_conditions_create: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityMonitoringConditions/post - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_security_monitoring_conditions_list: + organizations_instances_canaryevaluations_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityMonitoringConditions/get + #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1canaryevaluations/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.securityMonitoringConditions - organizations_security_monitoring_conditions_get: + organizations_instances_canaryevaluations_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityMonitoringConditions~1{securityMonitoringConditionsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1instances~1{instancesId}~1canaryevaluations~1{canaryevaluationsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_security_monitoring_conditions_patch: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/canaryevaluations/methods/organizations_instances_canaryevaluations_get + insert: + - $ref: >- + #/components/x-stackQL-resources/canaryevaluations/methods/organizations_instances_canaryevaluations_create + update: [] + replace: [] + delete: [] + operations: + id: google.apigee.operations + name: operations + title: Operations + methods: + organizations_operations_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityMonitoringConditions~1{securityMonitoringConditionsId}/patch + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1operations/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_security_monitoring_conditions_delete: + objectKey: $.operations + organizations_operations_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityMonitoringConditions~1{securityMonitoringConditionsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/security_monitoring_conditions/methods/organizations_security_monitoring_conditions_get - - $ref: >- - #/components/x-stackQL-resources/security_monitoring_conditions/methods/organizations_security_monitoring_conditions_list - insert: - - $ref: >- - #/components/x-stackQL-resources/security_monitoring_conditions/methods/organizations_security_monitoring_conditions_create - update: + #/components/x-stackQL-resources/operations/methods/organizations_operations_get - $ref: >- - #/components/x-stackQL-resources/security_monitoring_conditions/methods/organizations_security_monitoring_conditions_patch + #/components/x-stackQL-resources/operations/methods/organizations_operations_list + insert: [] + update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/security_monitoring_conditions/methods/organizations_security_monitoring_conditions_delete - apicategories: - id: google.apigee.apicategories - name: apicategories - title: Apicategories + delete: [] + host_security_reports_result: + id: google.apigee.host_security_reports_result + name: host_security_reports_result + title: Host_security_reports_result methods: - organizations_sites_apicategories_create: + organizations_host_security_reports_get_result: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apicategories/post + #/paths/~1v1~1organizations~1{organizationsId}~1hostSecurityReports~1{hostSecurityReportsId}~1result/get response: mediaType: application/json openAPIDocKey: '200' - organizations_sites_apicategories_list: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/host_security_reports_result/methods/organizations_host_security_reports_get_result + insert: [] + update: [] + replace: [] + delete: [] + host_security_reports: + id: google.apigee.host_security_reports + name: host_security_reports + title: Host_security_reports + methods: + organizations_host_security_reports_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apicategories/get + #/paths/~1v1~1organizations~1{organizationsId}~1hostSecurityReports/post response: mediaType: application/json openAPIDocKey: '200' - organizations_sites_apicategories_delete: + organizations_host_security_reports_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apicategories~1{apicategoriesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1hostSecurityReports/get response: mediaType: application/json openAPIDocKey: '200' - organizations_sites_apicategories_patch: + objectKey: $.securityReports + organizations_host_security_reports_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apicategories~1{apicategoriesId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1hostSecurityReports~1{hostSecurityReportsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_sites_apicategories_get: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/host_security_reports/methods/organizations_host_security_reports_get + - $ref: >- + #/components/x-stackQL-resources/host_security_reports/methods/organizations_host_security_reports_list + insert: + - $ref: >- + #/components/x-stackQL-resources/host_security_reports/methods/organizations_host_security_reports_create + update: [] + replace: [] + delete: [] + host_security_reports_result_view: + id: google.apigee.host_security_reports_result_view + name: host_security_reports_result_view + title: Host_security_reports_result_view + methods: + organizations_host_security_reports_get_result_view: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apicategories~1{apicategoriesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1hostSecurityReports~1{hostSecurityReportsId}~1resultView/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/apicategories/methods/organizations_sites_apicategories_get - - $ref: >- - #/components/x-stackQL-resources/apicategories/methods/organizations_sites_apicategories_list - insert: - - $ref: >- - #/components/x-stackQL-resources/apicategories/methods/organizations_sites_apicategories_create - update: - - $ref: >- - #/components/x-stackQL-resources/apicategories/methods/organizations_sites_apicategories_patch + #/components/x-stackQL-resources/host_security_reports_result_view/methods/organizations_host_security_reports_get_result_view + insert: [] + update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/apicategories/methods/organizations_sites_apicategories_delete - apidocs: - id: google.apigee.apidocs - name: apidocs - title: Apidocs + delete: [] + security_feedback: + id: google.apigee.security_feedback + name: security_feedback + title: Security_feedback methods: - organizations_sites_apidocs_get: + organizations_security_feedback_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apidocs~1{apidocsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1securityFeedback~1{securityFeedbackId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_sites_apidocs_update: + organizations_security_feedback_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apidocs~1{apidocsId}/put + #/paths/~1v1~1organizations~1{organizationsId}~1securityFeedback~1{securityFeedbackId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_sites_apidocs_delete: + organizations_security_feedback_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apidocs~1{apidocsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1securityFeedback~1{securityFeedbackId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_sites_apidocs_create: + organizations_security_feedback_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apidocs/post + #/paths/~1v1~1organizations~1{organizationsId}~1securityFeedback/post response: mediaType: application/json openAPIDocKey: '200' - organizations_sites_apidocs_list: + organizations_security_feedback_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apidocs/get + #/paths/~1v1~1organizations~1{organizationsId}~1securityFeedback/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.data + objectKey: $.securityFeedback sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/apidocs/methods/organizations_sites_apidocs_get + #/components/x-stackQL-resources/security_feedback/methods/organizations_security_feedback_get - $ref: >- - #/components/x-stackQL-resources/apidocs/methods/organizations_sites_apidocs_list + #/components/x-stackQL-resources/security_feedback/methods/organizations_security_feedback_list insert: - $ref: >- - #/components/x-stackQL-resources/apidocs/methods/organizations_sites_apidocs_create - update: [] - replace: + #/components/x-stackQL-resources/security_feedback/methods/organizations_security_feedback_create + update: - $ref: >- - #/components/x-stackQL-resources/apidocs/methods/organizations_sites_apidocs_update + #/components/x-stackQL-resources/security_feedback/methods/organizations_security_feedback_patch + replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/apidocs/methods/organizations_sites_apidocs_delete - apidocs_documentation: - id: google.apigee.apidocs_documentation - name: apidocs_documentation - title: Apidocs_documentation + #/components/x-stackQL-resources/security_feedback/methods/organizations_security_feedback_delete + rateplans: + id: google.apigee.rateplans + name: rateplans + title: Rateplans methods: - organizations_sites_apidocs_update_documentation: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apidocs~1{apidocsId}~1documentation/patch - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_sites_apidocs_get_documentation: + organizations_apiproducts_rateplans_update: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sites~1{sitesId}~1apidocs~1{apidocsId}~1documentation/get + #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1rateplans~1{rateplansId}/put response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/apidocs_documentation/methods/organizations_sites_apidocs_get_documentation - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/apidocs_documentation/methods/organizations_sites_apidocs_update_documentation - replace: [] - delete: [] - endpoint_attachments: - id: google.apigee.endpoint_attachments - name: endpoint_attachments - title: Endpoint_attachments - methods: - organizations_endpoint_attachments_create: + organizations_apiproducts_rateplans_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1endpointAttachments/post + #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1rateplans~1{rateplansId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_endpoint_attachments_list: + organizations_apiproducts_rateplans_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1endpointAttachments/get + #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1rateplans~1{rateplansId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.endpointAttachments - organizations_endpoint_attachments_get: + organizations_apiproducts_rateplans_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1endpointAttachments~1{endpointAttachmentsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1rateplans/post response: mediaType: application/json openAPIDocKey: '200' - organizations_endpoint_attachments_delete: + organizations_apiproducts_rateplans_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1endpointAttachments~1{endpointAttachmentsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1apiproducts~1{apiproductsId}~1rateplans/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/endpoint_attachments/methods/organizations_endpoint_attachments_get + #/components/x-stackQL-resources/rateplans/methods/organizations_apiproducts_rateplans_get - $ref: >- - #/components/x-stackQL-resources/endpoint_attachments/methods/organizations_endpoint_attachments_list + #/components/x-stackQL-resources/rateplans/methods/organizations_apiproducts_rateplans_list insert: - $ref: >- - #/components/x-stackQL-resources/endpoint_attachments/methods/organizations_endpoint_attachments_create + #/components/x-stackQL-resources/rateplans/methods/organizations_apiproducts_rateplans_create update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/rateplans/methods/organizations_apiproducts_rateplans_update delete: - $ref: >- - #/components/x-stackQL-resources/endpoint_attachments/methods/organizations_endpoint_attachments_delete - dns_zones: - id: google.apigee.dns_zones - name: dns_zones - title: Dns_zones + #/components/x-stackQL-resources/rateplans/methods/organizations_apiproducts_rateplans_delete + endpoint_attachments: + id: google.apigee.endpoint_attachments + name: endpoint_attachments + title: Endpoint_attachments methods: - organizations_dns_zones_create: + organizations_endpoint_attachments_list: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1dnsZones/post' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1endpointAttachments/get response: mediaType: application/json openAPIDocKey: '200' - organizations_dns_zones_list: + objectKey: $.endpointAttachments + organizations_endpoint_attachments_create: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1dnsZones/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1endpointAttachments/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.dnsZones - organizations_dns_zones_get: + organizations_endpoint_attachments_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1dnsZones~1{dnsZonesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1endpointAttachments~1{endpointAttachmentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_dns_zones_delete: + organizations_endpoint_attachments_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1dnsZones~1{dnsZonesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1endpointAttachments~1{endpointAttachmentsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/dns_zones/methods/organizations_dns_zones_get + #/components/x-stackQL-resources/endpoint_attachments/methods/organizations_endpoint_attachments_get - $ref: >- - #/components/x-stackQL-resources/dns_zones/methods/organizations_dns_zones_list + #/components/x-stackQL-resources/endpoint_attachments/methods/organizations_endpoint_attachments_list insert: - $ref: >- - #/components/x-stackQL-resources/dns_zones/methods/organizations_dns_zones_create + #/components/x-stackQL-resources/endpoint_attachments/methods/organizations_endpoint_attachments_create update: [] replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/dns_zones/methods/organizations_dns_zones_delete + #/components/x-stackQL-resources/endpoint_attachments/methods/organizations_endpoint_attachments_delete paths: /v1/hybrid/issuers: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/oauth_token' + get: + description: >- + Lists hybrid services and its trusted issuers service account ids. This + api is authenticated and unauthorized(allow all the users) and used by + runtime authn-authz service to query control plane's issuer service + account ids. + operationId: apigee.hybrid.issuers.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListHybridIssuersResponse + parameters: [] + /v1/projects/{projectsId}:provisionOrganization: + parameters: *ref_1 + post: + description: >- + Provisions a new Apigee organization with a functioning runtime. This is + the standard way to create trial organizations for a free Apigee trial. + operationId: apigee.projects.provisionOrganization + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ProvisionOrganizationRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}:setSyncAuthorization: + parameters: *ref_1 + post: + description: >- + Sets the permissions required to allow the Synchronizer to download + environment data from the control plane. You must call this API to + enable proper functioning of hybrid. Pass the ETag when calling + `setSyncAuthorization` to ensure that you are updating the correct + version. To get an ETag, call + [getSyncAuthorization](getSyncAuthorization). If you don't pass the ETag + in the call to `setSyncAuthorization`, then the existing authorization + is overwritten indiscriminately. For more information, see [Configure + the + Synchronizer](https://cloud.google.com/apigee/docs/hybrid/latest/synchronizer-access). + **Note**: Available to Apigee hybrid only. + operationId: apigee.organizations.setSyncAuthorization + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1SyncAuthorization' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1SyncAuthorization' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/controlPlaneAccess: + parameters: *ref_1 + get: + description: >- + Lists the service accounts allowed to access Apigee control plane + directly for limited functionality. **Note**: Available to Apigee hybrid + only. + operationId: apigee.organizations.getControlPlaneAccess + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1ControlPlaneAccess' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + patch: + description: >- + Updates the permissions required to allow Apigee runtime-plane + components access to the control plane. Currently, the permissions + required are to: 1. Allow runtime components to publish analytics data + to the control plane. **Note**: Available to Apigee hybrid only. + operationId: apigee.organizations.updateControlPlaneAccess + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1ControlPlaneAccess' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/organizations/{organizationsId}/runtimeConfig: + parameters: *ref_1 + get: + description: Get runtime config for an organization. + operationId: apigee.organizations.getRuntimeConfig + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1RuntimeConfig' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}: + parameters: *ref_1 + get: + description: >- + Gets the profile for an Apigee organization. See [Understanding + organizations](https://cloud.google.com/apigee/docs/api-platform/fundamentals/organization-structure). + operationId: apigee.organizations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1Organization' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + put: + description: >- + Updates the properties for an Apigee organization. No other fields in + the organization profile will be updated. + operationId: apigee.organizations.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1Organization' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1Organization' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + delete: + description: >- + Delete an Apigee organization. For organizations with BillingType + EVALUATION, an immediate deletion is performed. For paid organizations + (Subscription or Pay-as-you-go), a soft-deletion is performed. The + organization can be restored within the soft-deletion period, which is + specified using the `retention` field in the request or by filing a + support ticket with Apigee. During the data retention period specified + in the request, the Apigee organization cannot be recreated in the same + Google Cloud project. **IMPORTANT: The default data retention setting + for this operation is 7 days. To permanently delete the organization in + 24 hours, set the retention parameter to `MINIMUM`.** + operationId: apigee.organizations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + - in: query + name: retention + schema: + type: string + /v1/organizations/{organizationsId}:getProjectMapping: + parameters: *ref_1 + get: + description: Gets the project ID and region for an Apigee organization. + operationId: apigee.organizations.getProjectMapping + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1OrganizationProjectMapping + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + /v1/organizations: + parameters: *ref_1 get: description: >- - Lists hybrid services and its trusted issuers service account ids. This - api is authenticated and unauthorized(allow all the users) and used by - runtime authn-authz service to query control plane's issuer service - account ids. - operationId: apigee.hybrid.issuers.list + Lists the Apigee organizations and associated Google Cloud projects that + you have permission to access. See [Understanding + organizations](https://cloud.google.com/apigee/docs/api-platform/fundamentals/organization-structure). + operationId: apigee.organizations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13335,16 +14246,194 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListHybridIssuersResponse + #/components/schemas/GoogleCloudApigeeV1ListOrganizationsResponse parameters: [] - /v1/organizations: + post: + description: >- + Creates an Apigee organization. See [Create an Apigee + organization](https://cloud.google.com/apigee/docs/api-platform/get-started/create-org). + operationId: apigee.organizations.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1Organization' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: query + name: parent + schema: + type: string + /v1/organizations/{organizationsId}/securitySettings: + parameters: *ref_1 + get: + description: GetSecuritySettings gets the security settings for API Security. + operationId: apigee.organizations.getSecuritySettings + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecuritySettings' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + patch: + description: >- + UpdateSecuritySettings updates the current security settings for API + Security. + operationId: apigee.organizations.updateSecuritySettings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecuritySettings' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecuritySettings' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/organizations/{organizationsId}:setAddons: + parameters: *ref_1 + post: + description: >- + Configures the add-ons for the Apigee organization. The existing add-on + configuration will be fully replaced. + operationId: apigee.organizations.setAddons + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1SetAddonsRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}:getSyncAuthorization: + parameters: *ref_1 + post: + description: >- + Lists the service accounts with the permissions required to allow the + Synchronizer to download environment data from the control plane. An + ETag is returned in the response to `getSyncAuthorization`. Pass that + ETag when calling [setSyncAuthorization](setSyncAuthorization) to ensure + that you are updating the correct version. If you don't pass the ETag in + the call to `setSyncAuthorization`, then the existing authorization is + overwritten indiscriminately. For more information, see [Configure the + Synchronizer](https://cloud.google.com/apigee/docs/hybrid/latest/synchronizer-access). + **Note**: Available to Apigee hybrid only. + operationId: apigee.organizations.getSyncAuthorization + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1GetSyncAuthorizationRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1SyncAuthorization' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/deployedIngressConfig: + parameters: *ref_1 + get: + description: Gets the deployed ingress configuration for an organization. + operationId: apigee.organizations.getDeployedIngressConfig + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1IngressConfig' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + - in: query + name: view + schema: + type: string + /v1/organizations/{organizationsId}/developers/{developersId}: parameters: *ref_1 get: description: >- - Lists the Apigee organizations and associated Google Cloud projects that - you have permission to access. See [Understanding - organizations](https://cloud.google.com/apigee/docs/api-platform/fundamentals/organization-structure). - operationId: apigee.organizations.list + Returns the developer details, including the developer's name, email + address, apps, and other information. **Note**: The response includes + only the first 100 developer apps. + operationId: apigee.organizations.developers.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13356,19 +14445,39 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListOrganizationsResponse - parameters: [] - post: + $ref: '#/components/schemas/GoogleCloudApigeeV1Developer' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + - in: path + name: developersId + required: true + schema: + type: string + - in: query + name: action + schema: + type: string + put: description: >- - Creates an Apigee organization. See [Create an Apigee - organization](https://cloud.google.com/apigee/docs/api-platform/get-started/create-org). - operationId: apigee.organizations.create + Updates a developer. This API replaces the existing developer details + with those specified in the request. Include or exclude any existing + details that you want to retain or delete, respectively. The custom + attribute limit is 18. **Note**: OAuth access tokens and Key Management + Service (KMS) entities (apps, developers, and API products) are cached + for 180 seconds (current default). Any custom attributes associated with + these entities are cached for at least 180 seconds after the entity is + accessed at runtime. Therefore, an `ExpiresIn` element on the OAuthV2 + policy won't be able to expire an access token in less than 180 seconds. + operationId: apigee.organizations.developers.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Organization' + $ref: '#/components/schemas/GoogleCloudApigeeV1Developer' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13380,19 +14489,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudApigeeV1Developer' parameters: - - in: query - name: parent + - in: path + name: organizationsId + required: true schema: type: string - /v1/organizations/{organizationsId}: - parameters: *ref_1 - get: + - in: path + name: developersId + required: true + schema: + type: string + post: description: >- - Gets the profile for an Apigee organization. See [Understanding - organizations](https://cloud.google.com/apigee/docs/api-platform/fundamentals/organization-structure). - operationId: apigee.organizations.get + Sets the status of a developer. A developer is `active` by default. If + you set a developer's status to `inactive`, the API keys assigned to the + developer apps are no longer valid even though the API keys are set to + `approved`. Inactive developers can still sign in to the developer + portal and create apps; however, any new API keys generated during app + creation won't work. To set the status of a developer, set the `action` + query parameter to `active` or `inactive`, and the `Content-Type` header + to `application/octet-stream`. If successful, the API call returns the + following HTTP status code: `204 No Content` + operationId: apigee.organizations.developers.setDeveloperStatus security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13404,23 +14524,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Organization' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId required: true schema: type: string - put: + - in: path + name: developersId + required: true + schema: + type: string + - in: query + name: action + schema: + type: string + delete: description: >- - Updates the properties for an Apigee organization. No other fields in - the organization profile will be updated. - operationId: apigee.organizations.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Organization' + Deletes a developer. All apps and API keys associated with the developer + are also removed. **Warning**: This API will permanently delete the + developer and related artifacts. To avoid permanently deleting + developers and their artifacts, set the developer status to `inactive` + using the SetDeveloperStatus API. **Note**: The delete operation is + asynchronous. The developer is deleted immediately, but its associated + resources, such as apps and API keys, may take anywhere from a few + seconds to a few minutes to be deleted. + operationId: apigee.organizations.developers.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13432,26 +14562,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Organization' + $ref: '#/components/schemas/GoogleCloudApigeeV1Developer' parameters: - in: path name: organizationsId required: true schema: type: string - delete: - description: >- - Delete an Apigee organization. For organizations with BillingType - EVALUATION, an immediate deletion is performed. For paid organizations - (Subscription or Pay-as-you-go), a soft-deletion is performed. The - organization can be restored within the soft-deletion period, which is - specified using the `retention` field in the request or by filing a - support ticket with Apigee. During the data retention period specified - in the request, the Apigee organization cannot be recreated in the same - Google Cloud project. **IMPORTANT: The default data retention setting - for this operation is 7 days. To permanently delete the organization in - 24 hours, set the retention parameter to `MINIMUM`.** - operationId: apigee.organizations.delete + - in: path + name: developersId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/developers/{developersId}/monetizationConfig: + parameters: *ref_1 + get: + description: Gets the monetization configuration for the developer. + operationId: apigee.organizations.developers.getMonetizationConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13463,37 +14590,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1DeveloperMonetizationConfig parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: retention + - in: path + name: developersId + required: true schema: type: string - /v1/organizations/{organizationsId}:getSyncAuthorization: - parameters: *ref_1 - post: - description: >- - Lists the service accounts with the permissions required to allow the - Synchronizer to download environment data from the control plane. An - ETag is returned in the response to `getSyncAuthorization`. Pass that - ETag when calling [setSyncAuthorization](setSyncAuthorization) to ensure - that you are updating the correct version. If you don't pass the ETag in - the call to `setSyncAuthorization`, then the existing authorization is - overwritten indiscriminately. For more information, see [Configure the - Synchronizer](https://cloud.google.com/apigee/docs/hybrid/latest/synchronizer-access). - **Note**: Available to Apigee hybrid only. - operationId: apigee.organizations.getSyncAuthorization + put: + description: Updates the monetization configuration for the developer. + operationId: apigee.organizations.developers.updateMonetizationConfig requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1GetSyncAuthorizationRequest + #/components/schemas/GoogleCloudApigeeV1DeveloperMonetizationConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13505,34 +14623,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SyncAuthorization' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1DeveloperMonetizationConfig parameters: - in: path name: organizationsId required: true schema: type: string - /v1/organizations/{organizationsId}:setSyncAuthorization: + - in: path + name: developersId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/developers: parameters: *ref_1 post: description: >- - Sets the permissions required to allow the Synchronizer to download - environment data from the control plane. You must call this API to - enable proper functioning of hybrid. Pass the ETag when calling - `setSyncAuthorization` to ensure that you are updating the correct - version. To get an ETag, call - [getSyncAuthorization](getSyncAuthorization). If you don't pass the ETag - in the call to `setSyncAuthorization`, then the existing authorization - is overwritten indiscriminately. For more information, see [Configure - the - Synchronizer](https://cloud.google.com/apigee/docs/hybrid/latest/synchronizer-access). - **Note**: Available to Apigee hybrid only. - operationId: apigee.organizations.setSyncAuthorization + Creates a developer. Once created, the developer can register an app and + obtain an API key. At creation time, a developer is set as `active`. To + change the developer status, use the SetDeveloperStatus API. + operationId: apigee.organizations.developers.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SyncAuthorization' + $ref: '#/components/schemas/GoogleCloudApigeeV1Developer' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13544,21 +14660,22 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SyncAuthorization' + $ref: '#/components/schemas/GoogleCloudApigeeV1Developer' parameters: - in: path name: organizationsId required: true schema: type: string - /v1/organizations/{organizationsId}/controlPlaneAccess: - parameters: *ref_1 get: description: >- - Lists the service accounts allowed to access Apigee control plane - directly for limited functionality. **Note**: Available to Apigee hybrid - only. - operationId: apigee.organizations.getControlPlaneAccess + Lists all developers in an organization by email address. By default, + the response does not include company developers. Set the + `includeCompany` query parameter to `true` to include company + developers. **Note**: A maximum of 1000 developers are returned in the + response. You paginate the list of developers returned using the + `startKey` and `count` query parameters. + operationId: apigee.organizations.developers.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13570,25 +14687,59 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ControlPlaneAccess' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListOfDevelopersResponse parameters: - in: path name: organizationsId required: true schema: type: string - patch: + - in: query + name: count + schema: + type: string + format: int64 + - in: query + name: includeCompany + schema: + type: boolean + - in: query + name: expand + schema: + type: boolean + - in: query + name: ids + schema: + type: string + - in: query + name: app + schema: + type: string + - in: query + name: startKey + schema: + type: string + /v1/organizations/{organizationsId}/developers/{developersId}/attributes: + parameters: *ref_1 + post: description: >- - Updates the permissions required to allow Apigee runtime-plane - components access to the control plane. Currently, the permissions - required are to: 1. Allow runtime components to publish analytics data - to the control plane. **Note**: Available to Apigee hybrid only. - operationId: apigee.organizations.updateControlPlaneAccess + Updates developer attributes. This API replaces the existing attributes + with those specified in the request. Add new attributes, and include or + exclude any existing attributes that you want to retain or remove, + respectively. The custom attribute limit is 18. **Note**: OAuth access + tokens and Key Management Service (KMS) entities (apps, developers, and + API products) are cached for 180 seconds (default). Any custom + attributes associated with these entities are cached for at least 180 + seconds after the entity is accessed at runtime. Therefore, an + `ExpiresIn` element on the OAuthV2 policy won't be able to expire an + access token in less than 180 seconds. + operationId: apigee.organizations.developers.attributes requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ControlPlaneAccess' + $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13600,30 +14751,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: developersId + required: true schema: type: string - format: google-fieldmask - /v1/organizations/{organizationsId}:setAddons: - parameters: *ref_1 - post: - description: >- - Configures the add-ons for the Apigee organization. The existing add-on - configuration will be fully replaced. - operationId: apigee.organizations.setAddons - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SetAddonsRequest' + get: + description: Returns a list of all developer attributes. + operationId: apigee.organizations.developers.attributes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13635,18 +14777,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' parameters: - in: path name: organizationsId required: true schema: type: string - /v1/organizations/{organizationsId}:getProjectMapping: + - in: path + name: developersId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/developers/{developersId}/balance: parameters: *ref_1 get: - description: Gets the project ID and region for an Apigee organization. - operationId: apigee.organizations.getProjectMapping + description: Gets the account balance for the developer. + operationId: apigee.organizations.developers.getBalance security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13658,19 +14805,23 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1OrganizationProjectMapping + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperBalance' parameters: - in: path name: organizationsId required: true schema: type: string - /v1/organizations/{organizationsId}/deployedIngressConfig: + - in: path + name: developersId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/developers/{developersId}/subscriptions/{subscriptionsId}: parameters: *ref_1 get: - description: Gets the deployed ingress configuration for an organization. - operationId: apigee.organizations.getDeployedIngressConfig + description: Gets details for an API product subscription. + operationId: apigee.organizations.developers.subscriptions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13682,22 +14833,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1IngressConfig' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperSubscription' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: view + - in: path + name: developersId + required: true schema: type: string - /v1/organizations/{organizationsId}/runtimeConfig: + - in: path + name: subscriptionsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/developers/{developersId}/subscriptions: parameters: *ref_1 - get: - description: Get runtime config for an organization. - operationId: apigee.organizations.getRuntimeConfig + post: + description: 'Creates a subscription to an API product. ' + operationId: apigee.organizations.developers.subscriptions.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperSubscription' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13709,18 +14871,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1RuntimeConfig' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperSubscription' parameters: - in: path name: organizationsId required: true schema: type: string - /v1/organizations/{organizationsId}/securitySettings: - parameters: *ref_1 + - in: path + name: developersId + required: true + schema: + type: string get: - description: GetSecuritySettings gets the security settings for API Security. - operationId: apigee.organizations.getSecuritySettings + description: Lists all API product subscriptions for a developer. + operationId: apigee.organizations.developers.subscriptions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13732,23 +14897,39 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecuritySettings' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListDeveloperSubscriptionsResponse parameters: - in: path name: organizationsId required: true schema: type: string - patch: - description: >- - UpdateSecuritySettings updates the current security settings for API - Security. - operationId: apigee.organizations.updateSecuritySettings + - in: path + name: developersId + required: true + schema: + type: string + - in: query + name: startKey + schema: + type: string + - in: query + name: count + schema: + type: integer + format: int32 + /v1/organizations/{organizationsId}/developers/{developersId}/subscriptions/{subscriptionsId}:expire: + parameters: *ref_1 + post: + description: Expires an API product subscription immediately. + operationId: apigee.organizations.developers.subscriptions.expire requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecuritySettings' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ExpireDeveloperSubscriptionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13760,29 +14941,34 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecuritySettings' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperSubscription' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: developersId + required: true schema: type: string - format: google-fieldmask - /v1/organizations/{organizationsId}/apis: + - in: path + name: subscriptionsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/developers/{developersId}/balance:credit: parameters: *ref_1 - get: - description: >- - Lists the names of all API proxies in an organization. The names - returned correspond to the names defined in the configuration files for - each API proxy. If the resource has the `space` attribute set, the - response may not return all resources. To learn more, read the [Apigee - Spaces - Overview](https://cloud.google.com/apigee/docs/api-platform/system-administration/spaces/apigee-spaces-overview). - operationId: apigee.organizations.apis.list + post: + description: Credits the account balance for the developer. + operationId: apigee.organizations.developers.balance.credit + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1CreditDeveloperBalanceRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13794,48 +14980,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ListApiProxiesResponse' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperBalance' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: includeRevisions - schema: - type: boolean - - in: query - name: includeMetaData - schema: - type: boolean - - in: query - name: space + - in: path + name: developersId + required: true schema: type: string + /v1/organizations/{organizationsId}/developers/{developersId}/balance:adjust: + parameters: *ref_1 post: description: >- - Creates an API proxy. The API proxy created will not be accessible at - runtime until it is deployed to an environment. Create a new API proxy - by setting the `name` query parameter to the name of the API proxy. - Import an API proxy configuration bundle stored in zip format on your - local machine to your organization by doing the following: * Set the - `name` query parameter to the name of the API proxy. * Set the `action` - query parameter to `import`. * Set the `Content-Type` header to - `multipart/form-data`. * Pass as a file the name of API proxy - configuration bundle stored in zip format on your local machine using - the `file` form field. **Note**: To validate the API proxy configuration - bundle only without importing it, set the `action` query parameter to - `validate`. When importing an API proxy configuration bundle, if the API - proxy does not exist, it will be created. If the API proxy exists, then - a new revision is created. Invalid API proxy configurations are - rejected, and a list of validation errors is returned to the client. - operationId: apigee.organizations.apis.create + Adjust the prepaid balance for the developer. This API will be used in + scenarios where the developer has been under-charged or over-charged. + operationId: apigee.organizations.developers.balance.adjust requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1AdjustDeveloperBalanceRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13847,39 +15016,72 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxyRevision' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperBalance' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: name + - in: path + name: developersId + required: true schema: type: string - - in: query - name: action + /v1/organizations/{organizationsId}/developers/{developersId}/apps/{appsId}/keys/{keysId}: + parameters: *ref_1 + get: + description: >- + Gets details for a consumer key for a developer app, including the key + and secret value, associated API products, and other information. + operationId: apigee.organizations.developers.apps.keys.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' + parameters: + - in: path + name: organizationsId + required: true schema: type: string - - in: query - name: validate + - in: path + name: developersId + required: true schema: - type: boolean - - in: query - name: space + type: string + - in: path + name: appsId + required: true schema: type: string - /v1/organizations/{organizationsId}/apis/{apisId}: - parameters: *ref_1 - patch: - description: Updates an existing API proxy. - operationId: apigee.organizations.apis.patch + - in: path + name: keysId + required: true + schema: + type: string + put: + description: >- + Updates the scope of an app. This API replaces the existing scopes with + those specified in the request. Include or exclude any existing scopes + that you want to retain or delete, respectively. The specified scopes + must already be defined for the API products associated with the app. + This API sets the `scopes` element under the `apiProducts` element in + the attributes of the app. + operationId: apigee.organizations.developers.apps.keys.replaceDeveloperAppKey requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxy' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13891,7 +15093,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxy' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' parameters: - in: path name: organizationsId @@ -13899,18 +15101,30 @@ paths: schema: type: string - in: path - name: apisId + name: developersId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: appsId + required: true schema: type: string - format: google-fieldmask - get: - description: Gets an API proxy including a list of existing revisions. - operationId: apigee.organizations.apis.get + - in: path + name: keysId + required: true + schema: + type: string + delete: + description: >- + Deletes an app's consumer key and removes all API products associated + with the app. After the consumer key is deleted, it cannot be used to + access any APIs. **Note**: After you delete a consumer key, you may want + to: 1. Create a new consumer key and secret for the developer app using + the CreateDeveloperAppKey API, and subsequently add an API product to + the key using the UpdateDeveloperAppKey API. 2. Delete the developer + app, if it is no longer required. + operationId: apigee.organizations.developers.apps.keys.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13922,7 +15136,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxy' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' parameters: - in: path name: organizationsId @@ -13930,16 +15144,38 @@ paths: schema: type: string - in: path - name: apisId + name: developersId required: true schema: type: string - delete: + - in: path + name: appsId + required: true + schema: + type: string + - in: path + name: keysId + required: true + schema: + type: string + post: description: >- - Deletes an API proxy and all associated endpoints, policies, resources, - and revisions. The API proxy must be undeployed before you can delete - it. - operationId: apigee.organizations.apis.delete + Adds an API product to a developer app key, enabling the app that holds + the key to access the API resources bundled in the API product. In + addition, you can add attributes and scopes associated with the API + product to the developer app key. The status of the key can be updated + via "action" Query Parameter. None of the other fields can be updated + via this API. This API replaces the existing attributes with those + specified in the request. Include or exclude any existing attributes + that you want to retain or delete, respectively. None of the other + fields can be updated. You can use the same key to access all API + products associated with the app. + operationId: apigee.organizations.developers.apps.keys.updateDeveloperAppKey + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13951,7 +15187,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxy' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' parameters: - in: path name: organizationsId @@ -13959,20 +15195,48 @@ paths: schema: type: string - in: path - name: apisId + name: developersId required: true schema: type: string - /v1/organizations/{organizationsId}/apis/{apisId}:move: + - in: path + name: appsId + required: true + schema: + type: string + - in: path + name: keysId + required: true + schema: + type: string + - in: query + name: action + schema: + type: string + /v1/organizations/{organizationsId}/developers/{developersId}/apps/{appsId}/keys: parameters: *ref_1 post: - description: Moves an API proxy to a different space. - operationId: apigee.organizations.apis.move + description: >- + Creates a custom consumer key and secret for a developer app. This is + particularly useful if you want to migrate existing consumer keys and + secrets to Apigee from another system. Consumer keys and secrets can + contain letters, numbers, underscores, and hyphens. No other special + characters are allowed. To avoid service disruptions, a consumer key and + secret should not exceed 2 KBs each. **Note**: When creating the + consumer key and secret, an association to API products will not be + made. Therefore, you should not specify the associated API products in + your request. Instead, use the UpdateDeveloperAppKey API to make the + association after the consumer key and secret are created. If a consumer + key and secret already exist, you can keep them or delete them using the + DeleteDeveloperAppKey API. **Note**: All keys start out with + status=approved, even if status=revoked is passed when the key is + created. To revoke a key, use the UpdateDeveloperAppKey API. + operationId: apigee.organizations.developers.apps.keys.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1MoveApiProxyRequest' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13984,7 +15248,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxy' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' parameters: - in: path name: organizationsId @@ -13992,26 +15256,39 @@ paths: schema: type: string - in: path - name: apisId + name: developersId required: true schema: type: string - /v1/organizations/{organizationsId}/apis/{apisId}/revisions/{revisionsId}: + - in: path + name: appsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/developers/{developersId}/apps/{appsId}/keys/create: parameters: *ref_1 post: description: >- - Updates an existing API proxy revision by uploading the API proxy - configuration bundle as a zip file from your local machine. You can - update only API proxy revisions that have never been deployed. After - deployment, an API proxy revision becomes immutable, even if it is - undeployed. Set the `Content-Type` header to either - `multipart/form-data` or `application/octet-stream`. - operationId: apigee.organizations.apis.revisions.updateApiProxyRevision + Creates a custom consumer key and secret for a developer app. This is + particularly useful if you want to migrate existing consumer keys and + secrets to Apigee from another system. Consumer keys and secrets can + contain letters, numbers, underscores, and hyphens. No other special + characters are allowed. To avoid service disruptions, a consumer key and + secret should not exceed 2 KBs each. **Note**: When creating the + consumer key and secret, an association to API products will not be + made. Therefore, you should not specify the associated API products in + your request. Instead, use the UpdateDeveloperAppKey API to make the + association after the consumer key and secret are created. If a consumer + key and secret already exist, you can keep them or delete them using the + DeleteDeveloperAppKey API. **Note**: All keys start out with + status=approved, even if status=revoked is passed when the key is + created. To revoke a key, use the UpdateDeveloperAppKey API. + operationId: apigee.organizations.developers.apps.keys.create.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14023,7 +15300,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxyRevision' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' parameters: - in: path name: organizationsId @@ -14031,29 +15308,24 @@ paths: schema: type: string - in: path - name: apisId + name: developersId required: true schema: type: string - in: path - name: revisionsId + name: appsId required: true schema: type: string - - in: query - name: validate - schema: - type: boolean - get: + /v1/organizations/{organizationsId}/developers/{developersId}/apps/{appsId}/keys/{keysId}/apiproducts/{apiproductsId}: + parameters: *ref_1 + delete: description: >- - Gets an API proxy revision. To download the API proxy configuration - bundle for the specified revision as a zip file, set the `format` query - parameter to `bundle`. If you are using curl, specify `-o filename.zip` - to save the output to a file; otherwise, it displays to `stdout`. Then, - develop the API proxy configuration locally and upload the updated API - proxy configuration revision, as described in - [updateApiProxyRevision](updateApiProxyRevision). - operationId: apigee.organizations.apis.revisions.get + Removes an API product from an app's consumer key. After the API product + is removed, the app cannot access the API resources defined in that API + product. **Note**: The consumer key is not removed, only its association + with the API product. + operationId: apigee.organizations.developers.apps.keys.apiproducts.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14065,7 +15337,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' parameters: - in: path name: organizationsId @@ -14073,25 +15345,35 @@ paths: schema: type: string - in: path - name: apisId + name: developersId required: true schema: type: string - in: path - name: revisionsId + name: appsId required: true schema: type: string - - in: query - name: format + - in: path + name: keysId + required: true schema: type: string - delete: + - in: path + name: apiproductsId + required: true + schema: + type: string + post: description: >- - Deletes an API proxy revision and all policies, resources, endpoints, - and revisions associated with it. The API proxy revision must be - undeployed before you can delete it. - operationId: apigee.organizations.apis.revisions.delete + Approves or revokes the consumer key for an API product. After a + consumer key is approved, the app can use it to access APIs. A consumer + key that is revoked or pending cannot be used to access an API. Any + access tokens associated with a revoked consumer key will remain active. + However, Apigee checks the status of the consumer key and if set to + `revoked` will not allow access to the API. + operationId: >- + apigee.organizations.developers.apps.keys.apiproducts.updateDeveloperAppKeyApiProduct security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14103,7 +15385,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxyRevision' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -14111,20 +15393,34 @@ paths: schema: type: string - in: path - name: apisId + name: developersId required: true schema: type: string - in: path - name: revisionsId + name: appsId required: true schema: type: string - /v1/organizations/{organizationsId}/apis/{apisId}/revisions/{revisionsId}/deployments: + - in: path + name: keysId + required: true + schema: + type: string + - in: path + name: apiproductsId + required: true + schema: + type: string + - in: query + name: action + schema: + type: string + /v1/organizations/{organizationsId}/developers/{developersId}/apps/{appsId}/attributes/{attributesId}: parameters: *ref_1 get: - description: Lists all deployments of an API proxy revision. - operationId: apigee.organizations.apis.revisions.deployments.list + description: Returns a developer app attribute. + operationId: apigee.organizations.developers.apps.attributes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14136,8 +15432,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListDeploymentsResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' parameters: - in: path name: organizationsId @@ -14145,20 +15440,23 @@ paths: schema: type: string - in: path - name: apisId + name: developersId required: true schema: type: string - in: path - name: revisionsId + name: appsId required: true schema: type: string - /v1/organizations/{organizationsId}/apis/{apisId}/deployments: - parameters: *ref_1 - get: - description: Lists all deployments of an API proxy. - operationId: apigee.organizations.apis.deployments.list + - in: path + name: attributesId + required: true + schema: + type: string + delete: + description: Deletes a developer app attribute. + operationId: apigee.organizations.developers.apps.attributes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14170,8 +15468,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListDeploymentsResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' parameters: - in: path name: organizationsId @@ -14179,20 +15476,36 @@ paths: schema: type: string - in: path - name: apisId + name: developersId + required: true + schema: + type: string + - in: path + name: appsId + required: true + schema: + type: string + - in: path + name: attributesId required: true schema: type: string - /v1/organizations/{organizationsId}/apis/{apisId}/keyvaluemaps: - parameters: *ref_1 post: - description: Creates a key value map in an API proxy. - operationId: apigee.organizations.apis.keyvaluemaps.create + description: >- + Updates a developer app attribute. **Note**: OAuth access tokens and Key + Management Service (KMS) entities (apps, developers, and API products) + are cached for 180 seconds (current default). Any custom attributes + associated with these entities are cached for at least 180 seconds after + the entity is accessed at runtime. Therefore, an `ExpiresIn` element on + the OAuthV2 policy won't be able to expire an access token in less than + 180 seconds. + operationId: >- + apigee.organizations.developers.apps.attributes.updateDeveloperAppAttribute requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14204,7 +15517,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' parameters: - in: path name: organizationsId @@ -14212,15 +15525,25 @@ paths: schema: type: string - in: path - name: apisId + name: developersId required: true schema: type: string - /v1/organizations/{organizationsId}/apis/{apisId}/keyvaluemaps/{keyvaluemapsId}: + - in: path + name: appsId + required: true + schema: + type: string + - in: path + name: attributesId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/developers/{developersId}/apps/{appsId}/attributes: parameters: *ref_1 - delete: - description: Deletes a key value map from an API proxy. - operationId: apigee.organizations.apis.keyvaluemaps.delete + get: + description: Returns a list of all developer app attributes. + operationId: apigee.organizations.developers.apps.attributes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14232,7 +15555,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' + $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' parameters: - in: path name: organizationsId @@ -14240,23 +15563,25 @@ paths: schema: type: string - in: path - name: apisId + name: developersId required: true schema: type: string - in: path - name: keyvaluemapsId + name: appsId required: true schema: type: string - /v1/organizations/{organizationsId}/apis/{apisId}/keyvaluemaps/{keyvaluemapsId}/entries/{entriesId}: - parameters: *ref_1 - get: + post: description: >- - Get the key value entry value for a key value map scoped to an - organization, environment, or API proxy. **Note**: Supported for Apigee - hybrid 1.8.x and higher. - operationId: apigee.organizations.apis.keyvaluemaps.entries.get + Updates attributes for a developer app. This API replaces the current + attributes with those specified in the request. + operationId: apigee.organizations.developers.apps.attributes + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14268,7 +15593,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' parameters: - in: path name: organizationsId @@ -14276,28 +15601,24 @@ paths: schema: type: string - in: path - name: apisId - required: true - schema: - type: string - - in: path - name: keyvaluemapsId + name: developersId required: true schema: type: string - in: path - name: entriesId + name: appsId required: true schema: type: string + /v1/organizations/{organizationsId}/developers/{developersId}/apps/{appsId}: + parameters: *ref_1 delete: description: >- - Deletes a key value entry from a key value map scoped to an - organization, environment, or API proxy. **Notes:** * After you delete - the key value entry, the policy consuming the entry will continue to - function with its cached values for a few minutes. This is expected - behavior. * Supported for Apigee hybrid 1.8.x and higher. - operationId: apigee.organizations.apis.keyvaluemaps.entries.delete + Deletes a developer app. **Note**: The delete operation is asynchronous. + The developer app is deleted immediately, but its associated resources, + such as app keys or access tokens, may take anywhere from a few seconds + to a few minutes to be deleted. + operationId: apigee.organizations.developers.apps.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14309,7 +15630,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' parameters: - in: path name: organizationsId @@ -14317,30 +15638,49 @@ paths: schema: type: string - in: path - name: apisId - required: true - schema: - type: string - - in: path - name: keyvaluemapsId + name: developersId required: true schema: type: string - in: path - name: entriesId + name: appsId required: true schema: type: string - put: + post: description: >- - Update key value entry scoped to an organization, environment, or API - proxy for an existing key. - operationId: apigee.organizations.apis.keyvaluemaps.entries.update + Manages access to a developer app by enabling you to: * Approve or + revoke a developer app * Generate a new consumer key and secret for a + developer app To approve or revoke a developer app, set the `action` + query parameter to `approve` or `revoke`, respectively, and the + `Content-Type` header to `application/octet-stream`. If a developer app + is revoked, none of its API keys are valid for API calls even though the + keys are still approved. If successful, the API call returns the + following HTTP status code: `204 No Content` To generate a new consumer + key and secret for a developer app, pass the new key/secret details. + Rather than replace an existing key, this API generates a new key. In + this case, multiple key pairs may be associated with a single developer + app. Each key pair has an independent status (`approve` or `revoke`) and + expiration time. Any approved, non-expired key can be used in an API + call. For example, if you're using API key rotation, you can generate + new keys with expiration times that overlap keys that are going to + expire. You might also generate a new consumer key/secret if the + security of the original key/secret is compromised. The `keyExpiresIn` + property defines the expiration time for the API key in milliseconds. If + you don't set this property or set it to `-1`, the API key never + expires. **Notes**: * When generating a new key/secret, this API + replaces the existing attributes, notes, and callback URLs with those + specified in the request. Include or exclude any existing information + that you want to retain or delete, respectively. * To migrate existing + consumer keys and secrets to hybrid from another system, see the + CreateDeveloperAppKey API. + operationId: >- + apigee.organizations.developers.apps.generateKeyPairOrUpdateDeveloperAppStatus requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14352,7 +15692,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' parameters: - in: path name: organizationsId @@ -14360,33 +15700,37 @@ paths: schema: type: string - in: path - name: apisId + name: developersId required: true schema: type: string - in: path - name: keyvaluemapsId + name: appsId required: true schema: type: string - - in: path - name: entriesId - required: true + - in: query + name: action schema: type: string - /v1/organizations/{organizationsId}/apis/{apisId}/keyvaluemaps/{keyvaluemapsId}/entries: - parameters: *ref_1 - post: + put: description: >- - Creates key value entries in a key value map scoped to an organization, - environment, or API proxy. **Note**: Supported for Apigee hybrid 1.8.x - and higher. - operationId: apigee.organizations.apis.keyvaluemaps.entries.create + Updates the details for a developer app. In addition, you can add an API + product to a developer app and automatically generate an API key for the + app to use when calling APIs in the API product. If you want to use an + existing API key for the API product, add the API product to the API key + using the UpdateDeveloperAppKey API. Using this API, you cannot update + the following: * App name as it is the primary key used to identify the + app and cannot be changed. * Scopes associated with the app. Instead, + use the ReplaceDeveloperAppKey API. This API replaces the existing + attributes with those specified in the request. Include or exclude any + existing attributes that you want to retain or delete, respectively. + operationId: apigee.organizations.developers.apps.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14398,7 +15742,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' parameters: - in: path name: organizationsId @@ -14406,21 +15750,18 @@ paths: schema: type: string - in: path - name: apisId + name: developersId required: true schema: type: string - in: path - name: keyvaluemapsId + name: appsId required: true schema: type: string get: - description: >- - Lists key value entries for key values maps scoped to an organization, - environment, or API proxy. **Note**: Supported for Apigee hybrid 1.8.x - and higher. - operationId: apigee.organizations.apis.keyvaluemaps.entries.list + description: Returns the details for a developer app. + operationId: apigee.organizations.developers.apps.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14432,8 +15773,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListKeyValueEntriesResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' parameters: - in: path name: organizationsId @@ -14441,29 +15781,33 @@ paths: schema: type: string - in: path - name: apisId + name: developersId required: true schema: type: string - in: path - name: keyvaluemapsId + name: appsId required: true schema: type: string - in: query - name: pageSize + name: entity schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: query schema: type: string - /v1/organizations/{organizationsId}/apis/{apisId}/debugsessions: + /v1/organizations/{organizationsId}/developers/{developersId}/apps: parameters: *ref_1 get: - description: Lists debug sessions that are currently active in the given API Proxy. - operationId: apigee.organizations.apis.debugsessions.list + description: >- + Lists all apps created by a developer in an Apigee organization. + Optionally, you can request an expanded view of the developer apps. A + maximum of 100 developer apps are returned per API call. You can + paginate the list of deveoper apps returned using the `startKey` and + `count` query parameters. + operationId: apigee.organizations.developers.apps.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14476,7 +15820,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListApiDebugSessionsResponse + #/components/schemas/GoogleCloudApigeeV1ListDeveloperAppsResponse parameters: - in: path name: organizationsId @@ -14484,65 +15828,41 @@ paths: schema: type: string - in: path - name: apisId + name: developersId required: true schema: type: string - in: query - name: pageSize + name: expand schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken - schema: - type: string - /v1/organizations/{organizationsId}/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: apigee.organizations.operations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' - parameters: - - in: path - name: organizationsId - required: true + name: startKey schema: type: string - in: query - name: filter + name: count schema: type: string + format: int64 - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: shallowExpand schema: - type: string - /v1/organizations/{organizationsId}/operations/{operationsId}: - parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: apigee.organizations.operations.get + type: boolean + post: + description: >- + Creates an app associated with a developer. This API associates the + developer app with the specified API product and auto-generates an API + key for the app to use in calls to API proxies inside that API product. + The `name` is the unique ID of the app that you can use in API calls. + The `DisplayName` (set as an attribute) appears in the UI. If you don't + set the `DisplayName` attribute, the `name` appears in the UI. + operationId: apigee.organizations.developers.apps.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14554,7 +15874,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' parameters: - in: path name: organizationsId @@ -14562,20 +15882,15 @@ paths: schema: type: string - in: path - name: operationsId + name: developersId required: true schema: type: string - /v1/organizations/{organizationsId}/datacollectors: + /v1/organizations/{organizationsId}/developers/{developersId}/attributes/{attributesId}: parameters: *ref_1 - post: - description: Creates a new data collector. - operationId: apigee.organizations.datacollectors.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DataCollector' + get: + description: Returns the value of the specified developer attribute. + operationId: apigee.organizations.developers.attributes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14587,20 +15902,37 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DataCollector' + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: dataCollectorId + - in: path + name: developersId + required: true schema: type: string - get: - description: Lists all data collectors. - operationId: apigee.organizations.datacollectors.list + - in: path + name: attributesId + required: true + schema: + type: string + post: + description: >- + Updates a developer attribute. **Note**: OAuth access tokens and Key + Management Service (KMS) entities (apps, developers, and API products) + are cached for 180 seconds (default). Any custom attributes associated + with these entities are cached for at least 180 seconds after the entity + is accessed at runtime. Therefore, an `ExpiresIn` element on the OAuthV2 + policy won't be able to expire an access token in less than 180 seconds. + operationId: apigee.organizations.developers.attributes.updateDeveloperAttribute + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14612,28 +15944,26 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListDataCollectorsResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: pageSize + - in: path + name: developersId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: attributesId + required: true schema: type: string - /v1/organizations/{organizationsId}/datacollectors/{datacollectorsId}: - parameters: *ref_1 - get: - description: Gets a data collector. - operationId: apigee.organizations.datacollectors.get + delete: + description: Deletes a developer attribute. + operationId: apigee.organizations.developers.attributes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14645,7 +15975,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DataCollector' + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' parameters: - in: path name: organizationsId @@ -14653,18 +15983,25 @@ paths: schema: type: string - in: path - name: datacollectorsId + name: developersId required: true schema: type: string - patch: - description: Updates a data collector. - operationId: apigee.organizations.datacollectors.patch + - in: path + name: attributesId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/spaces/{spacesId}:testIamPermissions: + parameters: *ref_1 + post: + description: Callers don't need any permissions. + operationId: apigee.organizations.spaces.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DataCollector' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14676,7 +16013,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DataCollector' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: organizationsId @@ -14684,18 +16021,15 @@ paths: schema: type: string - in: path - name: datacollectorsId + name: spacesId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a data collector. - operationId: apigee.organizations.datacollectors.delete + /v1/organizations/{organizationsId}/spaces/{spacesId}: + parameters: *ref_1 + get: + description: Get a space under an Organization. + operationId: apigee.organizations.spaces.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14707,7 +16041,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudApigeeV1Space' parameters: - in: path name: organizationsId @@ -14715,15 +16049,13 @@ paths: schema: type: string - in: path - name: datacollectorsId + name: spacesId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/debugmask: - parameters: *ref_1 - get: - description: Gets the debug mask singleton resource for an environment. - operationId: apigee.organizations.environments.getDebugmask + delete: + description: Deletes an organization space. + operationId: apigee.organizations.spaces.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14735,7 +16067,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DebugMask' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -14743,18 +16075,18 @@ paths: schema: type: string - in: path - name: environmentsId + name: spacesId required: true schema: type: string patch: - description: Updates the debug mask singleton resource for an environment. - operationId: apigee.organizations.environments.updateDebugmask + description: Updates a space. + operationId: apigee.organizations.spaces.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DebugMask' + $ref: '#/components/schemas/GoogleCloudApigeeV1Space' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14766,7 +16098,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DebugMask' + $ref: '#/components/schemas/GoogleCloudApigeeV1Space' parameters: - in: path name: organizationsId @@ -14774,7 +16106,7 @@ paths: schema: type: string - in: path - name: environmentsId + name: spacesId required: true schema: type: string @@ -14783,15 +16115,11 @@ paths: schema: type: string format: google-fieldmask - - in: query - name: replaceRepeatedFields - schema: - type: boolean - /v1/organizations/{organizationsId}/environments/{environmentsId}/traceConfig: + /v1/organizations/{organizationsId}/spaces/{spacesId}:getIamPolicy: parameters: *ref_1 get: - description: Get distributed trace configuration in an environment. - operationId: apigee.organizations.environments.getTraceConfig + description: Callers must have apigee.spaces.getIamPolicy. + operationId: apigee.organizations.spaces.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14803,7 +16131,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfig' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: organizationsId @@ -14811,22 +16139,20 @@ paths: schema: type: string - in: path - name: environmentsId + name: spacesId required: true schema: type: string - patch: - description: >- - Updates the trace configurations in an environment. Note that the - repeated fields have replace semantics when included in the field mask - and that they will be overwritten by the value of the fields in the - request body. - operationId: apigee.organizations.environments.updateTraceConfig - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfig' + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/organizations/{organizationsId}/spaces: + parameters: *ref_1 + get: + description: Lists spaces under an organization. + operationId: apigee.organizations.spaces.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14838,33 +16164,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfig' + $ref: '#/components/schemas/GoogleCloudApigeeV1ListSpacesResponse' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - /v1/organizations/{organizationsId}/environments: - parameters: *ref_1 post: - description: Creates an environment in an organization. - operationId: apigee.organizations.environments.create + description: Create a space under an organization. + operationId: apigee.organizations.spaces.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Environment' + $ref: '#/components/schemas/GoogleCloudApigeeV1Space' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14876,7 +16199,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudApigeeV1Space' parameters: - in: path name: organizationsId @@ -14884,18 +16207,19 @@ paths: schema: type: string - in: query - name: name + name: spaceId schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}: + /v1/organizations/{organizationsId}/spaces/{spacesId}:setIamPolicy: parameters: *ref_1 - delete: - description: >- - Deletes an environment from an organization. **Warning: You must delete - all key value maps and key value entries before you delete an - environment.** Otherwise, if you re-create the environment the key value - map entry operations will encounter encryption/decryption discrepancies. - operationId: apigee.organizations.environments.delete + post: + description: IAM META APIs Callers must have apigee.spaces.setIamPolicy. + operationId: apigee.organizations.spaces.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14907,7 +16231,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: organizationsId @@ -14915,13 +16239,15 @@ paths: schema: type: string - in: path - name: environmentsId + name: spacesId required: true schema: type: string + /v1/organizations/{organizationsId}/envgroups/{envgroupsId}/attachments/{attachmentsId}: + parameters: *ref_1 get: - description: Gets environment details. - operationId: apigee.organizations.environments.get + description: Gets an environment group attachment. + operationId: apigee.organizations.envgroups.attachments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14933,32 +16259,27 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Environment' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1EnvironmentGroupAttachment parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true - schema: - type: string - post: - description: >- - Updates an existing environment. When updating properties, you must pass - all existing properties to the API, even if they are not being changed. - If you omit properties from the payload, the properties are removed. To - get the current list of properties for the environment, use the [Get - Environment API](get). **Note**: Both `PUT` and `POST` methods are - supported for updating an existing environment. - operationId: apigee.organizations.environments.updateEnvironment - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Environment' + - in: path + name: envgroupsId + required: true + schema: + type: string + - in: path + name: attachmentsId + required: true + schema: + type: string + delete: + description: Deletes an environment group attachment. + operationId: apigee.organizations.envgroups.attachments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14970,7 +16291,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Environment' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -14978,24 +16299,26 @@ paths: schema: type: string - in: path - name: environmentsId + name: envgroupsId required: true schema: type: string - put: - description: >- - Updates an existing environment. When updating properties, you must pass - all existing properties to the API, even if they are not being changed. - If you omit properties from the payload, the properties are removed. To - get the current list of properties for the environment, use the [Get - Environment API](get). **Note**: Both `PUT` and `POST` methods are - supported for updating an existing environment. - operationId: apigee.organizations.environments.update + - in: path + name: attachmentsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/envgroups/{envgroupsId}/attachments: + parameters: *ref_1 + post: + description: Creates a new attachment of an environment to an environment group. + operationId: apigee.organizations.envgroups.attachments.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Environment' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1EnvironmentGroupAttachment security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15007,7 +16330,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Environment' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -15015,20 +16338,13 @@ paths: schema: type: string - in: path - name: environmentsId + name: envgroupsId required: true schema: type: string - patch: - description: >- - Updates properties for an Apigee environment with patch semantics using - a field mask. **Note:** Not supported for Apigee hybrid. - operationId: apigee.organizations.environments.modifyEnvironment - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Environment' + get: + description: Lists all attachments of an environment group. + operationId: apigee.organizations.envgroups.attachments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15040,7 +16356,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListEnvironmentGroupAttachmentsResponse parameters: - in: path name: organizationsId @@ -15048,20 +16365,24 @@ paths: schema: type: string - in: path - name: environmentsId + name: envgroupsId required: true schema: type: string - in: query - name: updateMask + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - format: google-fieldmask - /v1/organizations/{organizationsId}/environments/{environmentsId}/deployedConfig: + /v1/organizations/{organizationsId}/envgroups/{envgroupsId}: parameters: *ref_1 - get: - description: Gets the deployed configuration for an environment. - operationId: apigee.organizations.environments.getDeployedConfig + delete: + description: Deletes an environment group. + operationId: apigee.organizations.envgroups.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15073,7 +16394,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1EnvironmentConfig' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -15081,18 +16402,13 @@ paths: schema: type: string - in: path - name: environmentsId + name: envgroupsId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/apiSecurityRuntimeConfig: - parameters: *ref_1 get: - description: >- - Gets the API Security runtime configuration for an environment. This - named ApiSecurityRuntimeConfig to prevent conflicts with - ApiSecurityConfig from addon config. - operationId: apigee.organizations.environments.getApiSecurityRuntimeConfig + description: Gets an environment group. + operationId: apigee.organizations.envgroups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15104,8 +16420,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ApiSecurityRuntimeConfig + $ref: '#/components/schemas/GoogleCloudApigeeV1EnvironmentGroup' parameters: - in: path name: organizationsId @@ -15113,26 +16428,18 @@ paths: schema: type: string - in: path - name: environmentsId + name: envgroupsId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the IAM policy on an environment, if the policy already exists it - will be replaced. For more information, see [Manage users, roles, and - permissions using the - API](https://cloud.google.com/apigee/docs/api-platform/system-administration/manage-users-roles). - You must have the `apigee.environments.setIamPolicy` permission to call - this API. - operationId: apigee.organizations.environments.setIamPolicy + patch: + description: Updates an environment group. + operationId: apigee.organizations.envgroups.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + $ref: '#/components/schemas/GoogleCloudApigeeV1EnvironmentGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15144,7 +16451,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -15152,20 +16459,20 @@ paths: schema: type: string - in: path - name: environmentsId + name: envgroupsId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}:getIamPolicy: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/organizations/{organizationsId}/envgroups: parameters: *ref_1 get: - description: >- - Gets the IAM policy on an environment. For more information, see [Manage - users, roles, and permissions using the - API](https://cloud.google.com/apigee/docs/api-platform/system-administration/manage-users-roles). - You must have the `apigee.environments.getIamPolicy` permission to call - this API. - operationId: apigee.organizations.environments.getIamPolicy + description: Lists all environment groups. + operationId: apigee.organizations.envgroups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15177,37 +16484,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListEnvironmentGroupsResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true - schema: - type: string - in: query - name: options.requestedPolicyVersion + name: pageSize schema: type: integer format: int32 - /v1/organizations/{organizationsId}/environments/{environmentsId}:testIamPermissions: - parameters: *ref_1 + - in: query + name: pageToken + schema: + type: string post: - description: >- - Tests the permissions of a user on an environment, and returns a subset - of permissions that the user has on the environment. If the environment - does not exist, an empty permission set is returned (a NOT_FOUND error - is not returned). - operationId: apigee.organizations.environments.testIamPermissions + description: Creates a new environment group. + operationId: apigee.organizations.envgroups.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' + $ref: '#/components/schemas/GoogleCloudApigeeV1EnvironmentGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15219,26 +16520,22 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true + - in: query + name: name schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}:subscribe: + /v1/organizations/{organizationsId}/envgroups/{envgroupsId}/deployedIngressConfig: parameters: *ref_1 - post: - description: >- - Creates a subscription for the environment's Pub/Sub topic. The server - will assign a random name for this subscription. The "name" and - "push_config" must *not* be specified. - operationId: apigee.organizations.environments.subscribe + get: + description: Gets the deployed ingress configuration for an environment group. + operationId: apigee.organizations.envgroups.getDeployedIngressConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15250,7 +16547,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Subscription' + $ref: '#/components/schemas/GoogleCloudApigeeV1EnvironmentGroupConfig' parameters: - in: path name: organizationsId @@ -15258,20 +16555,19 @@ paths: schema: type: string - in: path - name: environmentsId + name: envgroupsId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}:unsubscribe: + - in: query + name: view + schema: + type: string + /v1/organizations/{organizationsId}/securityProfilesV2/{securityProfilesV2Id}: parameters: *ref_1 - post: - description: Deletes a subscription for the environment's Pub/Sub topic. - operationId: apigee.organizations.environments.unsubscribe - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Subscription' + get: + description: Get a security profile v2. + operationId: apigee.organizations.securityProfilesV2.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15283,7 +16579,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfileV2' parameters: - in: path name: organizationsId @@ -15291,15 +16587,22 @@ paths: schema: type: string - in: path - name: environmentsId + name: securityProfilesV2Id required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/addonsConfig: - parameters: *ref_1 - get: - description: Gets the add-ons config of an environment. - operationId: apigee.organizations.environments.getAddonsConfig + - in: query + name: riskAssessmentType + schema: + type: string + patch: + description: Update a security profile V2. + operationId: apigee.organizations.securityProfilesV2.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfileV2' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15311,7 +16614,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AddonsConfig' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfileV2' parameters: - in: path name: organizationsId @@ -15319,17 +16622,18 @@ paths: schema: type: string - in: path - name: environmentsId + name: securityProfilesV2Id required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/securityActionsConfig: - parameters: *ref_1 - get: - description: >- - GetSecurityActionConfig returns the current SecurityActions - configuration. - operationId: apigee.organizations.environments.getSecurityActionsConfig + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Delete a security profile v2. + operationId: apigee.organizations.securityProfilesV2.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15341,7 +16645,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityActionsConfig' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -15349,21 +16653,24 @@ paths: schema: type: string - in: path - name: environmentsId + name: securityProfilesV2Id required: true schema: type: string - patch: - description: >- - UpdateSecurityActionConfig updates the current SecurityActions - configuration. This method is used to enable/disable the feature at the - environment level. - operationId: apigee.organizations.environments.updateSecurityActionsConfig + - in: query + name: riskAssessmentType + schema: + type: string + /v1/organizations/{organizationsId}/securityProfilesV2: + parameters: *ref_1 + post: + description: Create a security profile v2. + operationId: apigee.organizations.securityProfilesV2.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityActionsConfig' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfileV2' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15375,37 +16682,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityActionsConfig' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfileV2' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true - schema: - type: string - in: query - name: updateMask + name: securityProfileV2Id schema: type: string - format: google-fieldmask - /v1/organizations/{organizationsId}/environments/{environmentsId}/resourcefiles: - parameters: *ref_1 - post: - description: >- - Creates a resource file. Specify the `Content-Type` as - `application/octet-stream` or `multipart/form-data`. For more - information about resource files, see [Resource - files](https://cloud.google.com/apigee/docs/api-platform/develop/resource-files). - operationId: apigee.organizations.environments.resourcefiles.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + get: + description: List security profiles v2. + operationId: apigee.organizations.securityProfilesV2.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15417,32 +16707,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceFile' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListSecurityProfilesV2Response parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: type + name: pageToken schema: type: string - in: query - name: name + name: riskAssessmentType schema: type: string + /v1/organizations/{organizationsId}/securityMonitoringConditions: + parameters: *ref_1 get: - description: >- - Lists all resource files, optionally filtering by type. For more - information about resource files, see [Resource - files](https://cloud.google.com/apigee/docs/api-platform/develop/resource-files). - operationId: apigee.organizations.environments.resourcefiles.list + description: List security monitoring conditions. + operationId: apigee.organizations.securityMonitoringConditions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15455,36 +16745,35 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListEnvironmentResourcesResponse + #/components/schemas/GoogleCloudApigeeV1ListSecurityMonitoringConditionsResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - in: query - name: type + name: filter schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/resourcefiles/{type}/{name}: - parameters: *ref_1 - put: - description: >- - Updates a resource file. Specify the `Content-Type` as - `application/octet-stream` or `multipart/form-data`. For more - information about resource files, see [Resource - files](https://cloud.google.com/apigee/docs/api-platform/develop/resource-files). - operationId: apigee.organizations.environments.resourcefiles.update + post: + description: Create a security monitoring condition. + operationId: apigee.organizations.securityMonitoringConditions.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityMonitoringCondition security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15496,34 +16785,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceFile' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityMonitoringCondition parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true - schema: - type: string - - in: path - name: type - required: true - schema: - type: string - - in: path - name: name - required: true + - in: query + name: securityMonitoringConditionId schema: type: string + /v1/organizations/{organizationsId}/securityMonitoringConditions/{securityMonitoringConditionsId}: + parameters: *ref_1 get: - description: >- - Gets the contents of a resource file. For more information about - resource files, see [Resource - files](https://cloud.google.com/apigee/docs/api-platform/develop/resource-files). - operationId: apigee.organizations.environments.resourcefiles.get + description: Get a security monitoring condition. + operationId: apigee.organizations.securityMonitoringConditions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15535,7 +16813,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityMonitoringCondition parameters: - in: path name: organizationsId @@ -15543,26 +16822,13 @@ paths: schema: type: string - in: path - name: environmentsId - required: true - schema: - type: string - - in: path - name: type - required: true - schema: - type: string - - in: path - name: name + name: securityMonitoringConditionsId required: true schema: type: string delete: - description: >- - Deletes a resource file. For more information about resource files, see - [Resource - files](https://cloud.google.com/apigee/docs/api-platform/develop/resource-files). - operationId: apigee.organizations.environments.resourcefiles.delete + description: Delete a security monitoring condition. + operationId: apigee.organizations.securityMonitoringConditions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15574,7 +16840,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceFile' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -15582,28 +16848,19 @@ paths: schema: type: string - in: path - name: environmentsId - required: true - schema: - type: string - - in: path - name: type - required: true - schema: - type: string - - in: path - name: name + name: securityMonitoringConditionsId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/resourcefiles/{type}: - parameters: *ref_1 - get: - description: >- - Lists all resource files, optionally filtering by type. For more - information about resource files, see [Resource - files](https://cloud.google.com/apigee/docs/api-platform/develop/resource-files). - operationId: apigee.organizations.environments.resourcefiles.listEnvironmentResources + patch: + description: Update a security monitoring condition. + operationId: apigee.organizations.securityMonitoringConditions.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityMonitoringCondition security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15616,7 +16873,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListEnvironmentResourcesResponse + #/components/schemas/GoogleCloudApigeeV1SecurityMonitoringCondition parameters: - in: path name: organizationsId @@ -15624,20 +16881,25 @@ paths: schema: type: string - in: path - name: environmentsId + name: securityMonitoringConditionsId required: true schema: type: string - - in: path - name: type - required: true + - in: query + name: updateMask schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/archiveDeployments/{archiveDeploymentsId}: + format: google-fieldmask + /v1/organizations/{organizationsId}/analytics/datastores: parameters: *ref_1 - get: - description: Gets the specified ArchiveDeployment. - operationId: apigee.organizations.environments.archiveDeployments.get + post: + description: Create a Datastore for an org + operationId: apigee.organizations.analytics.datastores.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1Datastore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15649,33 +16911,51 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ArchiveDeployment' + $ref: '#/components/schemas/GoogleCloudApigeeV1Datastore' parameters: - in: path name: organizationsId required: true schema: type: string + get: + description: List Datastores + operationId: apigee.organizations.analytics.datastores.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1ListDatastoresResponse' + parameters: - in: path - name: environmentsId + name: organizationsId required: true schema: type: string - - in: path - name: archiveDeploymentsId - required: true + - in: query + name: targetType schema: type: string - patch: + /v1/organizations/{organizationsId}/analytics/datastores:test: + parameters: *ref_1 + post: description: >- - Updates an existing ArchiveDeployment. Labels can modified but most of - the other fields are not modifiable. - operationId: apigee.organizations.environments.archiveDeployments.patch + Test if Datastore configuration is correct. This includes checking if + credentials provided by customer have required permissions in target + destination storage + operationId: apigee.organizations.analytics.datastores.test requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ArchiveDeployment' + $ref: '#/components/schemas/GoogleCloudApigeeV1Datastore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15687,31 +16967,49 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ArchiveDeployment' + $ref: '#/components/schemas/GoogleCloudApigeeV1TestDatastoreResponse' parameters: - in: path name: organizationsId required: true schema: type: string + /v1/organizations/{organizationsId}/analytics/datastores/{datastoresId}: + parameters: *ref_1 + put: + description: Update a Datastore + operationId: apigee.organizations.analytics.datastores.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1Datastore' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1Datastore' + parameters: - in: path - name: environmentsId + name: organizationsId required: true schema: type: string - in: path - name: archiveDeploymentsId + name: datastoresId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes an archive deployment. - operationId: apigee.organizations.environments.archiveDeployments.delete + delete: + description: Delete a Datastore from an org. + operationId: apigee.organizations.analytics.datastores.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15731,20 +17029,13 @@ paths: schema: type: string - in: path - name: environmentsId - required: true - schema: - type: string - - in: path - name: archiveDeploymentsId + name: datastoresId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/archiveDeployments: - parameters: *ref_1 get: - description: Lists the ArchiveDeployments in the specified Environment. - operationId: apigee.organizations.environments.archiveDeployments.list + description: Get a Datastore + operationId: apigee.organizations.analytics.datastores.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15756,8 +17047,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListArchiveDeploymentsResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1Datastore' parameters: - in: path name: organizationsId @@ -15765,31 +17055,22 @@ paths: schema: type: string - in: path - name: environmentsId + name: datastoresId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - post: - description: Creates a new ArchiveDeployment. - operationId: apigee.organizations.environments.archiveDeployments.create + /v1/organizations/{organizationsId}/apis/{apisId}/keyvaluemaps/{keyvaluemapsId}/entries/{entriesId}: + parameters: *ref_1 + put: + description: >- + Update key value entry scoped to an organization, environment, or API + proxy for an existing key. + operationId: apigee.organizations.apis.keyvaluemaps.entries.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ArchiveDeployment' + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15801,7 +17082,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' parameters: - in: path name: organizationsId @@ -15809,32 +17090,26 @@ paths: schema: type: string - in: path - name: environmentsId + name: apisId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/archiveDeployments:generateUploadUrl: - parameters: *ref_1 - post: + - in: path + name: keyvaluemapsId + required: true + schema: + type: string + - in: path + name: entriesId + required: true + schema: + type: string + get: description: >- - Generates a signed URL for uploading an Archive zip file to Google Cloud - Storage. Once the upload is complete, the signed URL should be passed to - CreateArchiveDeployment. When uploading to the generated signed URL, - please follow these restrictions: * Source file type should be a zip - file. * Source file size should not exceed 1GB limit. * No credentials - should be attached - the signed URLs provide access to the target bucket - using internal service identity; if credentials were attached, the - identity from the credentials would be used, but that identity does not - have permissions to upload files to the URL. When making a HTTP PUT - request, these two headers need to be specified: * `content-type: - application/zip` * `x-goog-content-length-range: 0,1073741824` And this - header SHOULD NOT be specified: * `Authorization: Bearer YOUR_TOKEN` - operationId: apigee.organizations.environments.archiveDeployments.generateUploadUrl - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1GenerateUploadUrlRequest' + Get the key value entry value for a key value map scoped to an + organization, environment, or API proxy. **Note**: Supported for Apigee + hybrid 1.8.x and higher. + operationId: apigee.organizations.apis.keyvaluemaps.entries.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15846,8 +17121,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1GenerateUploadUrlResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' parameters: - in: path name: organizationsId @@ -15855,25 +17129,28 @@ paths: schema: type: string - in: path - name: environmentsId + name: apisId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/archiveDeployments/{archiveDeploymentsId}:generateDownloadUrl: - parameters: *ref_1 - post: + - in: path + name: keyvaluemapsId + required: true + schema: + type: string + - in: path + name: entriesId + required: true + schema: + type: string + delete: description: >- - Generates a signed URL for downloading the original zip file used to - create an Archive Deployment. The URL is only valid for a limited period - and should be used within minutes after generation. Each call returns a - new upload URL. - operationId: apigee.organizations.environments.archiveDeployments.generateDownloadUrl - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1GenerateDownloadUrlRequest + Deletes a key value entry from a key value map scoped to an + organization, environment, or API proxy. **Notes:** * After you delete + the key value entry, the policy consuming the entry will continue to + function with its cached values for a few minutes. This is expected + behavior. * Supported for Apigee hybrid 1.8.x and higher. + operationId: apigee.organizations.apis.keyvaluemaps.entries.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15885,8 +17162,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1GenerateDownloadUrlResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' parameters: - in: path name: organizationsId @@ -15894,38 +17170,28 @@ paths: schema: type: string - in: path - name: environmentsId + name: apisId required: true schema: type: string - in: path - name: archiveDeploymentsId + name: keyvaluemapsId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/apis/{apisId}/revisions/{revisionsId}/deployments: + - in: path + name: entriesId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/apis/{apisId}/keyvaluemaps/{keyvaluemapsId}/entries: parameters: *ref_1 - post: + get: description: >- - Deploys a revision of an API proxy. If another revision of the same API - proxy revision is currently deployed, set the `override` parameter to - `true` to have this revision replace the currently deployed revision. - You cannot invoke an API proxy until it has been deployed to an - environment. After you deploy an API proxy revision, you cannot edit it. - To edit the API proxy, you must create and deploy a new revision. For a - request path - `organizations/{org}/environments/{env}/apis/{api}/revisions/{rev}/deployments`, - two permissions are required: * `apigee.deployments.create` on the - resource `organizations/{org}/environments/{env}` * - `apigee.proxyrevisions.deploy` on the resource - `organizations/{org}/apis/{api}/revisions/{rev}` All successful API - proxy deployments to Apigee are [zero-downtime - deployments](https://cloud.google.com/apigee/docs/api-platform/deploy/ui-deploy-overview#zero-downtime-deployment). - Apigee hybrid validates the dependencies between shared flows and API - proxies at deployment time. For example, if the Flow Callout policy in - an API proxy references a shared flow that either doesn't exist or isn't - deployed, the API proxy deployment fails. - operationId: apigee.organizations.environments.apis.revisions.deploy + Lists key value entries for key values maps scoped to an organization, + environment, or API proxy. **Note**: Supported for Apigee hybrid 1.8.x + and higher. + operationId: apigee.organizations.apis.keyvaluemaps.entries.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15937,49 +17203,44 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Deployment' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListKeyValueEntriesResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true - schema: - type: string - in: path name: apisId required: true schema: type: string - in: path - name: revisionsId + name: keyvaluemapsId required: true schema: type: string - in: query - name: override - schema: - type: boolean - - in: query - name: sequencedRollout + name: pageToken schema: - type: boolean + type: string - in: query - name: serviceAccount + name: pageSize schema: - type: string - delete: + type: integer + format: int32 + post: description: >- - Undeploys an API proxy revision from an environment. For a request path - `organizations/{org}/environments/{env}/apis/{api}/revisions/{rev}/deployments`, - two permissions are required: * `apigee.deployments.delete` on the - resource `organizations/{org}/environments/{env}` * - `apigee.proxyrevisions.undeploy` on the resource - `organizations/{org}/apis/{api}/revisions/{rev}` - operationId: apigee.organizations.environments.apis.revisions.undeploy + Creates key value entries in a key value map scoped to an organization, + environment, or API proxy. **Note**: Supported for Apigee hybrid 1.8.x + and higher. + operationId: apigee.organizations.apis.keyvaluemaps.entries.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15991,37 +17252,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true - schema: - type: string - in: path name: apisId required: true schema: type: string - in: path - name: revisionsId + name: keyvaluemapsId required: true schema: type: string - - in: query - name: sequencedRollout - schema: - type: boolean - get: + /v1/organizations/{organizationsId}/apis/{apisId}/keyvaluemaps/{keyvaluemapsId}: + parameters: *ref_1 + put: description: >- - Gets the deployment of an API proxy revision and actual state reported - by runtime pods. - operationId: apigee.organizations.environments.apis.revisions.getDeployments + Update the key value map scoped to an organization, environment, or API + proxy. + operationId: apigee.organizations.apis.keyvaluemaps.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16033,47 +17292,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Deployment' + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true - schema: - type: string - in: path name: apisId required: true schema: type: string - in: path - name: revisionsId + name: keyvaluemapsId required: true schema: - type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/apis/{apisId}/revisions/{revisionsId}/deployments:generateDeployChangeReport: - parameters: *ref_1 - post: - description: >- - Generates a report for a dry run analysis of a DeployApiProxy request - without committing the deployment. In addition to the standard - validations performed when adding deployments, additional analysis will - be done to detect possible traffic routing changes that would result - from this deployment being created. Any potential routing conflicts or - unsafe changes will be reported in the response. This routing analysis - is not performed for a non-dry-run DeployApiProxy request. For a request - path - `organizations/{org}/environments/{env}/apis/{api}/revisions/{rev}/deployments:generateDeployChangeReport`, - two permissions are required: * `apigee.deployments.create` on the - resource `organizations/{org}/environments/{env}` * - `apigee.proxyrevisions.deploy` on the resource - `organizations/{org}/apis/{api}/revisions/{rev}` - operationId: >- - apigee.organizations.environments.apis.revisions.deployments.generateDeployChangeReport + type: string + delete: + description: Deletes a key value map from an API proxy. + operationId: apigee.organizations.apis.keyvaluemaps.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16085,50 +17323,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeploymentChangeReport' + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true - schema: - type: string - in: path name: apisId required: true schema: type: string - in: path - name: revisionsId + name: keyvaluemapsId required: true schema: type: string - - in: query - name: override - schema: - type: boolean - /v1/organizations/{organizationsId}/environments/{environmentsId}/apis/{apisId}/revisions/{revisionsId}/deployments:generateUndeployChangeReport: - parameters: *ref_1 - post: + get: description: >- - Generates a report for a dry run analysis of an UndeployApiProxy request - without committing the undeploy. In addition to the standard validations - performed when removing deployments, additional analysis will be done to - detect possible traffic routing changes that would result from this - deployment being removed. Any potential routing conflicts or unsafe - changes will be reported in the response. This routing analysis is not - performed for a non-dry-run UndeployApiProxy request. For a request path - `organizations/{org}/environments/{env}/apis/{api}/revisions/{rev}/deployments:generateUndeployChangeReport`, - two permissions are required: * `apigee.deployments.delete` on the - resource `organizations/{org}/environments/{env}` * - `apigee.proxyrevisions.undeploy` on the resource - `organizations/{org}/apis/{api}/revisions/{rev}` - operationId: >- - apigee.organizations.environments.apis.revisions.deployments.generateUndeployChangeReport + Get the key value map scoped to an organization, environment, or API + proxy. + operationId: apigee.organizations.apis.keyvaluemaps.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16140,38 +17356,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeploymentChangeReport' + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true - schema: - type: string - in: path name: apisId required: true schema: type: string - in: path - name: revisionsId + name: keyvaluemapsId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/apis/{apisId}/revisions/{revisionsId}/debugsessions: + /v1/organizations/{organizationsId}/apis/{apisId}/keyvaluemaps: parameters: *ref_1 post: - description: Creates a debug session for a deployed API Proxy revision. - operationId: apigee.organizations.environments.apis.revisions.debugsessions.create + description: Creates a key value map in an API proxy. + operationId: apigee.organizations.apis.keyvaluemaps.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DebugSession' + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16183,38 +17394,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DebugSession' + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true - schema: - type: string - in: path name: apisId required: true schema: type: string - - in: path - name: revisionsId - required: true - schema: - type: string - - in: query - name: timeout - schema: - type: string - format: int64 + /v1/organizations/{organizationsId}/apis/{apisId}/deployments: + parameters: *ref_1 get: - description: >- - Lists debug sessions that are currently active in the given API Proxy - revision. - operationId: apigee.organizations.environments.apis.revisions.debugsessions.list + description: Lists all deployments of an API proxy. + operationId: apigee.organizations.apis.deployments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16227,42 +17423,26 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListDebugSessionsResponse + #/components/schemas/GoogleCloudApigeeV1ListDeploymentsResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true - schema: - type: string - in: path name: apisId required: true schema: type: string - - in: path - name: revisionsId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/apis/{apisId}/revisions/{revisionsId}/debugsessions/{debugsessionsId}: + /v1/organizations/{organizationsId}/apis/{apisId}/revisions/{revisionsId}: parameters: *ref_1 - get: - description: Retrieves a debug session. - operationId: apigee.organizations.environments.apis.revisions.debugsessions.get + delete: + description: >- + Deletes an API proxy revision and all policies, resources, endpoints, + and revisions associated with it. The API proxy revision must be + undeployed before you can delete it. + operationId: apigee.organizations.apis.revisions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16274,18 +17454,13 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DebugSession' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxyRevision' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true - schema: - type: string - in: path name: apisId required: true @@ -16296,20 +17471,20 @@ paths: required: true schema: type: string - - in: path - name: debugsessionsId - required: true - schema: - type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/apis/{apisId}/revisions/{revisionsId}/debugsessions/{debugsessionsId}/data: - parameters: *ref_1 - delete: + post: description: >- - Deletes the data from a debug session. This does not cancel the debug - session or prevent further data from being collected if the session is - still active in runtime pods. - operationId: >- - apigee.organizations.environments.apis.revisions.debugsessions.deleteData + Updates an existing API proxy revision by uploading the API proxy + configuration bundle as a zip file from your local machine. You can + update only API proxy revisions that have never been deployed. After + deployment, an API proxy revision becomes immutable, even if it is + undeployed. Set the `Content-Type` header to either + `multipart/form-data` or `application/octet-stream`. + operationId: apigee.organizations.apis.revisions.updateApiProxyRevision + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleApiHttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16321,18 +17496,13 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxyRevision' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true - schema: - type: string - in: path name: apisId required: true @@ -16343,16 +17513,20 @@ paths: required: true schema: type: string - - in: path - name: debugsessionsId - required: true + - in: query + name: validate schema: - type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/apis/{apisId}/revisions/{revisionsId}/debugsessions/{debugsessionsId}/data/{dataId}: - parameters: *ref_1 + type: boolean get: - description: Gets the debug data from a transaction. - operationId: apigee.organizations.environments.apis.revisions.debugsessions.data.get + description: >- + Gets an API proxy revision. To download the API proxy configuration + bundle for the specified revision as a zip file, set the `format` query + parameter to `bundle`. If you are using curl, specify `-o filename.zip` + to save the output to a file; otherwise, it displays to `stdout`. Then, + develop the API proxy configuration locally and upload the updated API + proxy configuration revision, as described in + [updateApiProxyRevision](updateApiProxyRevision). + operationId: apigee.organizations.apis.revisions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16364,19 +17538,13 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1DebugSessionTransaction + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true - schema: - type: string - in: path name: apisId required: true @@ -16387,21 +17555,15 @@ paths: required: true schema: type: string - - in: path - name: debugsessionsId - required: true - schema: - type: string - - in: path - name: dataId - required: true + - in: query + name: format schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/apis/{apisId}/deployments: + /v1/organizations/{organizationsId}/apis/{apisId}/revisions/{revisionsId}/deployments: parameters: *ref_1 get: - description: Lists all deployments of an API proxy in an environment. - operationId: apigee.organizations.environments.apis.deployments.list + description: Lists all deployments of an API proxy revision. + operationId: apigee.organizations.apis.revisions.deployments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16422,30 +17584,20 @@ paths: schema: type: string - in: path - name: environmentsId + name: apisId required: true schema: type: string - in: path - name: apisId + name: revisionsId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/sharedflows/{sharedflowsId}/revisions/{revisionsId}/deployments: + /v1/organizations/{organizationsId}/apis/{apisId}/debugsessions: parameters: *ref_1 - post: - description: >- - Deploys a revision of a shared flow. If another revision of the same - shared flow is currently deployed, set the `override` parameter to - `true` to have this revision replace the currently deployed revision. - You cannot use a shared flow until it has been deployed to an - environment. For a request path - `organizations/{org}/environments/{env}/sharedflows/{sf}/revisions/{rev}/deployments`, - two permissions are required: * `apigee.deployments.create` on the - resource `organizations/{org}/environments/{env}` * - `apigee.sharedflowrevisions.deploy` on the resource - `organizations/{org}/sharedflows/{sf}/revisions/{rev}` - operationId: apigee.organizations.environments.sharedflows.revisions.deploy + get: + description: Lists debug sessions that are currently active in the given API Proxy. + operationId: apigee.organizations.apis.debugsessions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16457,7 +17609,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Deployment' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListApiDebugSessionsResponse parameters: - in: path name: organizationsId @@ -16465,37 +17618,30 @@ paths: schema: type: string - in: path - name: environmentsId - required: true - schema: - type: string - - in: path - name: sharedflowsId - required: true - schema: - type: string - - in: path - name: revisionsId + name: apisId required: true schema: type: string - in: query - name: override + name: pageSize schema: - type: boolean + type: integer + format: int32 - in: query - name: serviceAccount + name: pageToken schema: type: string - delete: + /v1/organizations/{organizationsId}/apis: + parameters: *ref_1 + get: description: >- - Undeploys a shared flow revision from an environment. For a request path - `organizations/{org}/environments/{env}/sharedflows/{sf}/revisions/{rev}/deployments`, - two permissions are required: * `apigee.deployments.delete` on the - resource `organizations/{org}/environments/{env}` * - `apigee.sharedflowrevisions.undeploy` on the resource - `organizations/{org}/sharedflows/{sf}/revisions/{rev}` - operationId: apigee.organizations.environments.sharedflows.revisions.undeploy + Lists the names of all API proxies in an organization. The names + returned correspond to the names defined in the configuration files for + each API proxy. If the resource has the `space` attribute set, the + response may not return all resources. To learn more, read the [Apigee + Spaces + Overview](https://cloud.google.com/apigee/docs/api-platform/system-administration/spaces/apigee-spaces-overview). + operationId: apigee.organizations.apis.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16507,33 +17653,48 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudApigeeV1ListApiProxiesResponse' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true + - in: query + name: includeMetaData schema: - type: string - - in: path - name: sharedflowsId - required: true + type: boolean + - in: query + name: space schema: type: string - - in: path - name: revisionsId - required: true + - in: query + name: includeRevisions schema: - type: string - get: + type: boolean + post: description: >- - Gets the deployment of a shared flow revision and actual state reported - by runtime pods. - operationId: apigee.organizations.environments.sharedflows.revisions.getDeployments + Creates an API proxy. The API proxy created will not be accessible at + runtime until it is deployed to an environment. Create a new API proxy + by setting the `name` query parameter to the name of the API proxy. + Import an API proxy configuration bundle stored in zip format on your + local machine to your organization by doing the following: * Set the + `name` query parameter to the name of the API proxy. * Set the `action` + query parameter to `import`. * Set the `Content-Type` header to + `multipart/form-data`. * Pass as a file the name of API proxy + configuration bundle stored in zip format on your local machine using + the `file` form field. **Note**: To validate the API proxy configuration + bundle only without importing it, set the `action` query parameter to + `validate`. When importing an API proxy configuration bundle, if the API + proxy does not exist, it will be created. If the API proxy exists, then + a new revision is created. Invalid API proxy configurations are + rejected, and a list of validation errors is returned to the client. + operationId: apigee.organizations.apis.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleApiHttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16545,33 +17706,39 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Deployment' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxyRevision' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: environmentsId - required: true + - in: query + name: action schema: type: string - - in: path - name: sharedflowsId - required: true + - in: query + name: validate + schema: + type: boolean + - in: query + name: name schema: type: string - - in: path - name: revisionsId - required: true + - in: query + name: space schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/sharedflows/{sharedflowsId}/deployments: + /v1/organizations/{organizationsId}/apis/{apisId}:move: parameters: *ref_1 - get: - description: Lists all deployments of a shared flow in an environment. - operationId: apigee.organizations.environments.sharedflows.deployments.list + post: + description: Moves an API proxy to a different space. + operationId: apigee.organizations.apis.move + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1MoveApiProxyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16583,8 +17750,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListDeploymentsResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxy' parameters: - in: path name: organizationsId @@ -16592,20 +17758,15 @@ paths: schema: type: string - in: path - name: environmentsId - required: true - schema: - type: string - - in: path - name: sharedflowsId + name: apisId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/deployments: + /v1/organizations/{organizationsId}/apis/{apisId}: parameters: *ref_1 get: - description: Lists all deployments of API proxies or shared flows in an environment. - operationId: apigee.organizations.environments.deployments.list + description: Gets an API proxy including a list of existing revisions. + operationId: apigee.organizations.apis.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16617,8 +17778,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListDeploymentsResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxy' parameters: - in: path name: organizationsId @@ -16626,21 +17786,16 @@ paths: schema: type: string - in: path - name: environmentsId + name: apisId required: true schema: type: string - - in: query - name: sharedFlows - schema: - type: boolean - /v1/organizations/{organizationsId}/environments/{environmentsId}/deployments/{deploymentsId}: - parameters: *ref_1 - get: + delete: description: >- - Gets a particular deployment of Api proxy or a shared flow in an - environment - operationId: apigee.organizations.environments.deployments.get + Deletes an API proxy and all associated endpoints, policies, resources, + and revisions. The API proxy must be undeployed before you can delete + it. + operationId: apigee.organizations.apis.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16652,7 +17807,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Deployment' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxy' parameters: - in: path name: organizationsId @@ -16660,31 +17815,18 @@ paths: schema: type: string - in: path - name: environmentsId - required: true - schema: - type: string - - in: path - name: deploymentsId + name: apisId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/deployments/{deploymentsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the IAM policy on a deployment, if the policy already exists it - will be replaced. For more information, see [Manage users, roles, and - permissions using the - API](https://cloud.google.com/apigee/docs/api-platform/system-administration/manage-users-roles). - You must have the `apigee.deployments.setIamPolicy` permission to call - this API. - operationId: apigee.organizations.environments.deployments.setIamPolicy + patch: + description: Updates an existing API proxy. + operationId: apigee.organizations.apis.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16696,7 +17838,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProxy' parameters: - in: path name: organizationsId @@ -16704,25 +17846,23 @@ paths: schema: type: string - in: path - name: environmentsId + name: apisId required: true schema: type: string - - in: path - name: deploymentsId - required: true + - in: query + name: updateMask schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/deployments/{deploymentsId}:getIamPolicy: + format: google-fieldmask + /v1/organizations/{organizationsId}/environments/{environmentsId}/queries/{queriesId}: parameters: *ref_1 get: description: >- - Gets the IAM policy on a deployment. For more information, see [Manage - users, roles, and permissions using the - API](https://cloud.google.com/apigee/docs/api-platform/system-administration/manage-users-roles). - You must have the `apigee.deployments.getIamPolicy` permission to call - this API. - operationId: apigee.organizations.environments.deployments.getIamPolicy + Get query status If the query is still in progress, the `state` is set + to "running" After the query has completed successfully, `state` is set + to "completed" + operationId: apigee.organizations.environments.queries.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16734,7 +17874,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleCloudApigeeV1AsyncQuery' parameters: - in: path name: organizationsId @@ -16747,29 +17887,18 @@ paths: schema: type: string - in: path - name: deploymentsId + name: queriesId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/organizations/{organizationsId}/environments/{environmentsId}/deployments/{deploymentsId}:testIamPermissions: + /v1/organizations/{organizationsId}/environments/{environmentsId}/queries/{queriesId}/resulturl: parameters: *ref_1 - post: + get: description: >- - Tests the permissions of a user on a deployment, and returns a subset of - permissions that the user has on the deployment. If the deployment does - not exist, an empty permission set is returned (a NOT_FOUND error is not - returned). - operationId: apigee.organizations.environments.deployments.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' + After the query is completed, use this API to retrieve the results. If + the request succeeds, and there is a non-zero result set, the result is + sent to the client as a list of urls to JSON files. + operationId: apigee.organizations.environments.queries.getResulturl security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16781,7 +17910,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1GetAsyncQueryResultUrlResponse parameters: - in: path name: organizationsId @@ -16794,18 +17924,15 @@ paths: schema: type: string - in: path - name: deploymentsId + name: queriesId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/flowhooks/{flowhooksId}: + /v1/organizations/{organizationsId}/environments/{environmentsId}/queries: parameters: *ref_1 get: - description: >- - Returns the name of the shared flow attached to the specified flow hook. - If there's no shared flow attached to the flow hook, the API does not - return an error; it simply does not return a name in the response. - operationId: apigee.organizations.environments.flowhooks.get + description: Return a list of Asynchronous Queries + operationId: apigee.organizations.environments.queries.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16817,7 +17944,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1FlowHook' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListAsyncQueriesResponse parameters: - in: path name: organizationsId @@ -16829,19 +17957,42 @@ paths: required: true schema: type: string - - in: path - name: flowhooksId - required: true + - in: query + name: submittedBy schema: type: string - put: - description: Attaches a shared flow to a flow hook. - operationId: apigee.organizations.environments.flowhooks.attachSharedFlowToFlowHook + - in: query + name: inclQueriesWithoutReport + schema: + type: string + - in: query + name: status + schema: + type: string + - in: query + name: dataset + schema: + type: string + - in: query + name: to + schema: + type: string + - in: query + name: from + schema: + type: string + post: + description: >- + Submit a query to be processed in the background. If the submission of + the query succeeds, the API returns a 201 status and an ID that refer to + the query. In addition to the HTTP status 201, the `state` of "enqueued" + means that the request succeeded. + operationId: apigee.organizations.environments.queries.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1FlowHook' + $ref: '#/components/schemas/GoogleCloudApigeeV1Query' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16853,7 +18004,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1FlowHook' + $ref: '#/components/schemas/GoogleCloudApigeeV1AsyncQuery' parameters: - in: path name: organizationsId @@ -16865,14 +18016,16 @@ paths: required: true schema: type: string - - in: path - name: flowhooksId - required: true - schema: - type: string - delete: - description: Detaches a shared flow from a flow hook. - operationId: apigee.organizations.environments.flowhooks.detachSharedFlowFromFlowHook + /v1/organizations/{organizationsId}/environments/{environmentsId}/queries/{queriesId}/result: + parameters: *ref_1 + get: + description: >- + After the query is completed, use this API to retrieve the results. If + the request succeeds, and there is a non-zero result set, the result is + downloaded to the client as a zipped JSON file. The name of the + downloaded file will be: OfflineQueryResult-.zip Example: + `OfflineQueryResult-9cfc0d85-0f30-46d6-ae6f-318d0cb961bd.zip` + operationId: apigee.organizations.environments.queries.getResult security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16884,7 +18037,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1FlowHook' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: organizationsId @@ -16897,25 +18050,21 @@ paths: schema: type: string - in: path - name: flowhooksId + name: queriesId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/keystores: + /v1/organizations/{organizationsId}/environments/{environmentsId}/addonsConfig:setAddonEnablement: parameters: *ref_1 post: - description: >- - Creates a keystore or truststore. - Keystore: Contains certificates and - their associated keys. - Truststore: Contains trusted certificates used - to validate a server's certificate. These certificates are typically - self-signed certificates or certificates that are not signed by a - trusted CA. - operationId: apigee.organizations.environments.keystores.create + description: Updates an add-on enablement status of an environment. + operationId: apigee.organizations.environments.addonsConfig.setAddonEnablement requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Keystore' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SetAddonEnablementRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16927,7 +18076,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Keystore' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -16939,10 +18088,6 @@ paths: required: true schema: type: string - - in: query - name: name - schema: - type: string /v1/organizations/{organizationsId}/environments/{environmentsId}/keystores/{keystoresId}: parameters: *ref_1 delete: @@ -17007,28 +18152,21 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/keystores/{keystoresId}/aliases: + /v1/organizations/{organizationsId}/environments/{environmentsId}/keystores: parameters: *ref_1 post: description: >- - Creates an alias from a key/certificate pair. The structure of the - request is controlled by the `format` query parameter: - `keycertfile` - - Separate PEM-encoded key and certificate files are uploaded. Set - `Content-Type: multipart/form-data` and include the `keyFile`, - `certFile`, and `password` (if keys are encrypted) fields in the request - body. If uploading to a truststore, omit `keyFile`. - `pkcs12` - A - PKCS12 file is uploaded. Set `Content-Type: multipart/form-data`, - provide the file in the `file` field, and include the `password` field - if the file is encrypted in the request body. - `selfsignedcert` - A new - private key and certificate are generated. Set `Content-Type: - application/json` and include CertificateGenerationSpec in the request - body. - operationId: apigee.organizations.environments.keystores.aliases.create + Creates a keystore or truststore. - Keystore: Contains certificates and + their associated keys. - Truststore: Contains trusted certificates used + to validate a server's certificate. These certificates are typically + self-signed certificates or certificates that are not signed by a + trusted CA. + operationId: apigee.organizations.environments.keystores.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleCloudApigeeV1Keystore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17040,7 +18178,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Alias' + $ref: '#/components/schemas/GoogleCloudApigeeV1Keystore' parameters: - in: path name: organizationsId @@ -17052,36 +18190,22 @@ paths: required: true schema: type: string - - in: path - name: keystoresId - required: true - schema: - type: string - - in: query - name: alias - schema: - type: string - - in: query - name: format - schema: - type: string - - in: query - name: ignoreExpiryValidation - schema: - type: boolean - in: query - name: _password + name: name schema: type: string - - in: query - name: ignoreNewlineValidation - schema: - type: boolean /v1/organizations/{organizationsId}/environments/{environmentsId}/keystores/{keystoresId}/aliases/{aliasesId}: parameters: *ref_1 - get: - description: Gets an alias. - operationId: apigee.organizations.environments.keystores.aliases.get + put: + description: >- + Updates the certificate in an alias. The updated certificate must be in + PEM- or DER-encoded X.509 format. + operationId: apigee.organizations.environments.keystores.aliases.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleApiHttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17115,6 +18239,14 @@ paths: required: true schema: type: string + - in: query + name: ignoreNewlineValidation + schema: + type: boolean + - in: query + name: ignoreExpiryValidation + schema: + type: boolean delete: description: Deletes an alias. operationId: apigee.organizations.environments.keystores.aliases.delete @@ -17151,16 +18283,9 @@ paths: required: true schema: type: string - put: - description: >- - Updates the certificate in an alias. The updated certificate must be in - PEM- or DER-encoded X.509 format. - operationId: apigee.organizations.environments.keystores.aliases.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + get: + description: Gets an alias. + operationId: apigee.organizations.environments.keystores.aliases.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17194,21 +18319,28 @@ paths: required: true schema: type: string - - in: query - name: ignoreExpiryValidation - schema: - type: boolean - - in: query - name: ignoreNewlineValidation - schema: - type: boolean - /v1/organizations/{organizationsId}/environments/{environmentsId}/keystores/{keystoresId}/aliases/{aliasesId}/csr: + /v1/organizations/{organizationsId}/environments/{environmentsId}/keystores/{keystoresId}/aliases: parameters: *ref_1 - get: + post: description: >- - Generates a PKCS #10 Certificate Signing Request for the private key in - an alias. - operationId: apigee.organizations.environments.keystores.aliases.csr + Creates an alias from a key/certificate pair. The structure of the + request is controlled by the `format` query parameter: - `keycertfile` - + Separate PEM-encoded key and certificate files are uploaded. Set + `Content-Type: multipart/form-data` and include the `keyFile`, + `certFile`, and `password` (if keys are encrypted) fields in the request + body. If uploading to a truststore, omit `keyFile`. - `pkcs12` - A + PKCS12 file is uploaded. Set `Content-Type: multipart/form-data`, + provide the file in the `file` field, and include the `password` field + if the file is encrypted in the request body. - `selfsignedcert` - A new + private key and certificate are generated. Set `Content-Type: + application/json` and include CertificateGenerationSpec in the request + body. + operationId: apigee.organizations.environments.keystores.aliases.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleApiHttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17220,7 +18352,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleCloudApigeeV1Alias' parameters: - in: path name: organizationsId @@ -17237,9 +18369,24 @@ paths: required: true schema: type: string - - in: path - name: aliasesId - required: true + - in: query + name: ignoreExpiryValidation + schema: + type: boolean + - in: query + name: _password + schema: + type: string + - in: query + name: format + schema: + type: string + - in: query + name: ignoreNewlineValidation + schema: + type: boolean + - in: query + name: alias schema: type: string /v1/organizations/{organizationsId}/environments/{environmentsId}/keystores/{keystoresId}/aliases/{aliasesId}/certificate: @@ -17280,16 +18427,13 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/targetservers: + /v1/organizations/{organizationsId}/environments/{environmentsId}/keystores/{keystoresId}/aliases/{aliasesId}/csr: parameters: *ref_1 - post: - description: Creates a TargetServer in the specified environment. - operationId: apigee.organizations.environments.targetservers.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1TargetServer' + get: + description: >- + Generates a PKCS #10 Certificate Signing Request for the private key in + an alias. + operationId: apigee.organizations.environments.keystores.aliases.csr security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17301,7 +18445,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1TargetServer' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: organizationsId @@ -17313,48 +18457,21 @@ paths: required: true schema: type: string - - in: query - name: name - schema: - type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/targetservers/{targetserversId}: - parameters: *ref_1 - delete: - description: >- - Deletes a TargetServer from an environment. Returns the deleted - TargetServer resource. - operationId: apigee.organizations.environments.targetservers.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1TargetServer' - parameters: - - in: path - name: organizationsId - required: true - schema: - type: string - in: path - name: environmentsId + name: keystoresId required: true schema: type: string - in: path - name: targetserversId + name: aliasesId required: true schema: type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/securityReports: + parameters: *ref_1 get: - description: Gets a TargetServer resource. - operationId: apigee.organizations.environments.targetservers.get + description: Return a list of Security Reports + operationId: apigee.organizations.environments.securityReports.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17366,7 +18483,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1TargetServer' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListSecurityReportsResponse parameters: - in: path name: organizationsId @@ -17378,22 +18496,47 @@ paths: required: true schema: type: string - - in: path - name: targetserversId - required: true + - in: query + name: dataset + schema: + type: string + - in: query + name: from + schema: + type: string + - in: query + name: status + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: to + schema: + type: string + - in: query + name: submittedBy + schema: + type: string + - in: query + name: pageToken schema: type: string - put: + post: description: >- - Updates an existing TargetServer. Note that this operation has PUT - semantics; it will replace the entirety of the existing TargetServer - with the resource in the request body. - operationId: apigee.organizations.environments.targetservers.update + Submit a report request to be processed in the background. If the + submission succeeds, the API returns a 200 status and an ID that refer + to the report request. In addition to the HTTP status 200, the `state` + of "enqueued" means that the request succeeded. + operationId: apigee.organizations.environments.securityReports.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1TargetServer' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReportQuery' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17405,7 +18548,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1TargetServer' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReport' parameters: - in: path name: organizationsId @@ -17417,22 +18560,14 @@ paths: required: true schema: type: string - - in: path - name: targetserversId - required: true - schema: - type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/addonsConfig:setAddonEnablement: + /v1/organizations/{organizationsId}/environments/{environmentsId}/securityReports/{securityReportsId}: parameters: *ref_1 - post: - description: Updates an add-on enablement status of an environment. - operationId: apigee.organizations.environments.addonsConfig.setAddonEnablement - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SetAddonEnablementRequest + get: + description: >- + Get security report status If the query is still in progress, the + `state` is set to "running" After the query has completed successfully, + `state` is set to "completed" + operationId: apigee.organizations.environments.securityReports.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17444,7 +18579,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReport' parameters: - in: path name: organizationsId @@ -17456,16 +18591,18 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/references: + - in: path + name: securityReportsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/securityReports/{securityReportsId}/resultView: parameters: *ref_1 - post: - description: Creates a Reference in the specified environment. - operationId: apigee.organizations.environments.references.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Reference' + get: + description: >- + After the query is completed, use this API to view the query result when + result size is small. + operationId: apigee.organizations.environments.securityReports.getResultView security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17477,7 +18614,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Reference' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityReportResultView parameters: - in: path name: organizationsId @@ -17489,13 +18627,21 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/references/{referencesId}: + - in: path + name: securityReportsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/securityReports/{securityReportsId}/result: parameters: *ref_1 - delete: + get: description: >- - Deletes a Reference from an environment. Returns the deleted Reference - resource. - operationId: apigee.organizations.environments.references.delete + After the query is completed, use this API to retrieve the results as + file. If the request succeeds, and there is a non-zero result set, the + result is downloaded to the client as a zipped JSON file. The name of + the downloaded file will be: OfflineQueryResult-.zip Example: + `OfflineQueryResult-9cfc0d85-0f30-46d6-ae6f-318d0cb961bd.zip` + operationId: apigee.organizations.environments.securityReports.getResult security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17507,7 +18653,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Reference' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: organizationsId @@ -17520,13 +18666,17 @@ paths: schema: type: string - in: path - name: referencesId + name: securityReportsId required: true schema: type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/securityActions: + parameters: *ref_1 get: - description: Gets a Reference resource. - operationId: apigee.organizations.environments.references.get + description: >- + Returns a list of SecurityActions. This returns both enabled and + disabled actions. + operationId: apigee.organizations.environments.securityActions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17538,7 +18688,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Reference' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListSecurityActionsResponse parameters: - in: path name: organizationsId @@ -17550,22 +18701,27 @@ paths: required: true schema: type: string - - in: path - name: referencesId - required: true + - in: query + name: pageToken schema: type: string - put: - description: >- - Updates an existing Reference. Note that this operation has PUT - semantics; it will replace the entirety of the existing Reference with - the resource in the request body. - operationId: apigee.organizations.environments.references.update + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + post: + description: CreateSecurityAction creates a SecurityAction. + operationId: apigee.organizations.environments.securityActions.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Reference' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityAction' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17577,7 +18733,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Reference' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityAction' parameters: - in: path name: organizationsId @@ -17589,25 +18745,15 @@ paths: required: true schema: type: string - - in: path - name: referencesId - required: true + - in: query + name: securityActionId schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/traceConfig/overrides: + /v1/organizations/{organizationsId}/environments/{environmentsId}/securityActions/{securityActionsId}: parameters: *ref_1 - post: - description: >- - Creates a trace configuration override. The response contains a - system-generated UUID, that can be used to view, update, or delete the - configuration override. Use the List API to view the existing trace - configuration overrides. - operationId: apigee.organizations.environments.traceConfig.overrides.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfigOverride' + get: + description: Get a SecurityAction by name. + operationId: apigee.organizations.environments.securityActions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17619,7 +18765,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfigOverride' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityAction' parameters: - in: path name: organizationsId @@ -17631,11 +18777,14 @@ paths: required: true schema: type: string - get: - description: >- - Lists all of the distributed trace configuration overrides in an - environment. - operationId: apigee.organizations.environments.traceConfig.overrides.list + - in: path + name: securityActionsId + required: true + schema: + type: string + delete: + description: Delete a SecurityAction. + operationId: apigee.organizations.environments.securityActions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17647,8 +18796,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListTraceConfigOverridesResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -17660,20 +18808,19 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: securityActionsId + required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/traceConfig/overrides/{overridesId}: - parameters: *ref_1 - get: - description: Gets a trace configuration override. - operationId: apigee.organizations.environments.traceConfig.overrides.get + patch: + description: Update a SecurityAction. + operationId: apigee.organizations.environments.securityActions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityAction' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17685,7 +18832,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfigOverride' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityAction' parameters: - in: path name: organizationsId @@ -17698,22 +18845,30 @@ paths: schema: type: string - in: path - name: overridesId + name: securityActionsId required: true schema: type: string - patch: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/organizations/{organizationsId}/environments/{environmentsId}/securityActions/{securityActionsId}:disable: + parameters: *ref_1 + post: description: >- - Updates a distributed trace configuration override. Note that the - repeated fields have replace semantics when included in the field mask - and that they will be overwritten by the value of the fields in the - request body. - operationId: apigee.organizations.environments.traceConfig.overrides.patch + Disable a SecurityAction. The `state` of the SecurityAction after + disabling is `DISABLED`. `DisableSecurityAction` can be called on + SecurityActions in the state `ENABLED`; SecurityActions in a different + state (including `DISABLED`) return an error. + operationId: apigee.organizations.environments.securityActions.disable requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfigOverride' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1DisableSecurityActionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17725,7 +18880,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfigOverride' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityAction' parameters: - in: path name: organizationsId @@ -17738,18 +18893,25 @@ paths: schema: type: string - in: path - name: overridesId + name: securityActionsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a distributed trace configuration override. - operationId: apigee.organizations.environments.traceConfig.overrides.delete + /v1/organizations/{organizationsId}/environments/{environmentsId}/securityActions/{securityActionsId}:enable: + parameters: *ref_1 + post: + description: >- + Enable a SecurityAction. The `state` of the SecurityAction after + enabling is `ENABLED`. `EnableSecurityAction` can be called on + SecurityActions in the state `DISABLED`; SecurityActions in a different + state (including `ENABLED) return an error. + operationId: apigee.organizations.environments.securityActions.enable + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1EnableSecurityActionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17761,7 +18923,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityAction' parameters: - in: path name: organizationsId @@ -17774,21 +18936,15 @@ paths: schema: type: string - in: path - name: overridesId + name: securityActionsId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/stats/{statsId}: + /v1/organizations/{organizationsId}/environments/{environmentsId}/caches/{cachesId}: parameters: *ref_1 - get: - description: >- - Retrieve metrics grouped by dimensions. The types of metrics you can - retrieve include traffic, message counts, API call latency, response - size, and cache hits and counts. Dimensions let you view metrics in - meaningful groups. You can optionally pass dimensions as path parameters - to the `stats` API. If dimensions are not specified, the metrics are - computed on the entire set of data for the given time range. - operationId: apigee.organizations.environments.stats.get + delete: + description: Deletes a cache. + operationId: apigee.organizations.environments.caches.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17800,7 +18956,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Stats' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -17813,75 +18969,21 @@ paths: schema: type: string - in: path - name: statsId + name: cachesId required: true schema: type: string - - in: query - name: select - schema: - type: string - - in: query - name: timeUnit - schema: - type: string - - in: query - name: timeRange - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: sort - schema: - type: string - - in: query - name: sortby - schema: - type: string - - in: query - name: aggTable - schema: - type: string - - in: query - name: limit - schema: - type: string - - in: query - name: offset - schema: - type: string - - in: query - name: topk - schema: - type: string - - in: query - name: tsAscending - schema: - type: boolean - - in: query - name: realtime - schema: - type: boolean - - in: query - name: sonar - schema: - type: boolean - - in: query - name: tzo - schema: - type: string - - in: query - name: accuracy - schema: - type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/optimizedStats/{optimizedStatsId}: + /v1/organizations/{organizationsId}/environments/{environmentsId}/sharedflows/{sharedflowsId}/revisions/{revisionsId}/deployments: parameters: *ref_1 - get: - description: Similar to GetStats except that the response is less verbose. - operationId: apigee.organizations.environments.optimizedStats.get + delete: + description: >- + Undeploys a shared flow revision from an environment. For a request path + `organizations/{org}/environments/{env}/sharedflows/{sf}/revisions/{rev}/deployments`, + two permissions are required: * `apigee.deployments.delete` on the + resource `organizations/{org}/environments/{env}` * + `apigee.sharedflowrevisions.undeploy` on the resource + `organizations/{org}/sharedflows/{sf}/revisions/{rev}` + operationId: apigee.organizations.environments.sharedflows.revisions.undeploy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17893,7 +18995,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1OptimizedStats' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -17906,79 +19008,20 @@ paths: schema: type: string - in: path - name: optimizedStatsId + name: sharedflowsId required: true schema: type: string - - in: query - name: select - schema: - type: string - - in: query - name: timeUnit - schema: - type: string - - in: query - name: timeRange - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: sort - schema: - type: string - - in: query - name: sortby - schema: - type: string - - in: query - name: aggTable - schema: - type: string - - in: query - name: limit - schema: - type: string - - in: query - name: offset - schema: - type: string - - in: query - name: topk - schema: - type: string - - in: query - name: tsAscending - schema: - type: boolean - - in: query - name: realtime - schema: - type: boolean - - in: query - name: sonar - schema: - type: boolean - - in: query - name: tzo - schema: - type: string - - in: query - name: accuracy + - in: path + name: revisionsId + required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/analytics/admin/schemav2: - parameters: *ref_1 get: description: >- - Gets a list of metrics and dimensions that can be used to create - analytics queries and reports. Each schema element contains the name of - the field, its associated type, and a flag indicating whether it is a - standard or custom field. - operationId: apigee.organizations.environments.analytics.admin.getSchemav2 + Gets the deployment of a shared flow revision and actual state reported + by runtime pods. + operationId: apigee.organizations.environments.sharedflows.revisions.getDeployments security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17990,7 +19033,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Schema' + $ref: '#/components/schemas/GoogleCloudApigeeV1Deployment' parameters: - in: path name: organizationsId @@ -18002,28 +19045,29 @@ paths: required: true schema: type: string - - in: query - name: type + - in: path + name: sharedflowsId + required: true schema: type: string - - in: query - name: disableCache + - in: path + name: revisionsId + required: true schema: - type: boolean - /v1/organizations/{organizationsId}/environments/{environmentsId}/analytics/exports: - parameters: *ref_1 + type: string post: description: >- - Submit a data export job to be processed in the background. If the - request is successful, the API returns a 201 status, a URI that can be - used to retrieve the status of the export job, and the `state` value of - "enqueued". - operationId: apigee.organizations.environments.analytics.exports.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ExportRequest' + Deploys a revision of a shared flow. If another revision of the same + shared flow is currently deployed, set the `override` parameter to + `true` to have this revision replace the currently deployed revision. + You cannot use a shared flow until it has been deployed to an + environment. For a request path + `organizations/{org}/environments/{env}/sharedflows/{sf}/revisions/{rev}/deployments`, + two permissions are required: * `apigee.deployments.create` on the + resource `organizations/{org}/environments/{env}` * + `apigee.sharedflowrevisions.deploy` on the resource + `organizations/{org}/sharedflows/{sf}/revisions/{rev}` + operationId: apigee.organizations.environments.sharedflows.revisions.deploy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18035,7 +19079,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Export' + $ref: '#/components/schemas/GoogleCloudApigeeV1Deployment' parameters: - in: path name: organizationsId @@ -18047,43 +19091,29 @@ paths: required: true schema: type: string - get: - description: >- - Lists the details and status of all analytics export jobs belonging to - the parent organization and environment. - operationId: apigee.organizations.environments.analytics.exports.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ListExportsResponse' - parameters: - in: path - name: organizationsId + name: sharedflowsId required: true schema: type: string - in: path - name: environmentsId + name: revisionsId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/analytics/exports/{exportsId}: + - in: query + name: serviceAccount + schema: + type: string + - in: query + name: override + schema: + type: boolean + /v1/organizations/{organizationsId}/environments/{environmentsId}/sharedflows/{sharedflowsId}/deployments: parameters: *ref_1 get: - description: >- - Gets the details and status of an analytics export job. If the export - job is still in progress, its `state` is set to "running". After the - export job has completed successfully, its `state` is set to - "completed". If the export job fails, its `state` is set to `failed`. - operationId: apigee.organizations.environments.analytics.exports.get + description: Lists all deployments of a shared flow in an environment. + operationId: apigee.organizations.environments.sharedflows.deployments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18095,7 +19125,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Export' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListDeploymentsResponse parameters: - in: path name: organizationsId @@ -18108,24 +19139,17 @@ paths: schema: type: string - in: path - name: exportsId + name: sharedflowsId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/queries: + /v1/organizations/{organizationsId}/environments/{environmentsId}/references/{referencesId}: parameters: *ref_1 - post: + delete: description: >- - Submit a query to be processed in the background. If the submission of - the query succeeds, the API returns a 201 status and an ID that refer to - the query. In addition to the HTTP status 201, the `state` of "enqueued" - means that the request succeeded. - operationId: apigee.organizations.environments.queries.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Query' + Deletes a Reference from an environment. Returns the deleted Reference + resource. + operationId: apigee.organizations.environments.references.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18137,7 +19161,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AsyncQuery' + $ref: '#/components/schemas/GoogleCloudApigeeV1Reference' parameters: - in: path name: organizationsId @@ -18149,9 +19173,22 @@ paths: required: true schema: type: string - get: - description: Return a list of Asynchronous Queries - operationId: apigee.organizations.environments.queries.list + - in: path + name: referencesId + required: true + schema: + type: string + put: + description: >- + Updates an existing Reference. Note that this operation has PUT + semantics; it will replace the entirety of the existing Reference with + the resource in the request body. + operationId: apigee.organizations.environments.references.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1Reference' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18163,8 +19200,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListAsyncQueriesResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1Reference' parameters: - in: path name: organizationsId @@ -18176,38 +19212,14 @@ paths: required: true schema: type: string - - in: query - name: submittedBy - schema: - type: string - - in: query - name: status - schema: - type: string - - in: query - name: from - schema: - type: string - - in: query - name: to - schema: - type: string - - in: query - name: dataset - schema: - type: string - - in: query - name: inclQueriesWithoutReport + - in: path + name: referencesId + required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/queries/{queriesId}: - parameters: *ref_1 get: - description: >- - Get query status If the query is still in progress, the `state` is set - to "running" After the query has completed successfully, `state` is set - to "completed" - operationId: apigee.organizations.environments.queries.get + description: Gets a Reference resource. + operationId: apigee.organizations.environments.references.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18219,7 +19231,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AsyncQuery' + $ref: '#/components/schemas/GoogleCloudApigeeV1Reference' parameters: - in: path name: organizationsId @@ -18232,20 +19244,20 @@ paths: schema: type: string - in: path - name: queriesId + name: referencesId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/queries/{queriesId}/result: + /v1/organizations/{organizationsId}/environments/{environmentsId}/references: parameters: *ref_1 - get: - description: >- - After the query is completed, use this API to retrieve the results. If - the request succeeds, and there is a non-zero result set, the result is - downloaded to the client as a zipped JSON file. The name of the - downloaded file will be: OfflineQueryResult-.zip Example: - `OfflineQueryResult-9cfc0d85-0f30-46d6-ae6f-318d0cb961bd.zip` - operationId: apigee.organizations.environments.queries.getResult + post: + description: Creates a Reference in the specified environment. + operationId: apigee.organizations.environments.references.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1Reference' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18257,7 +19269,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleCloudApigeeV1Reference' parameters: - in: path name: organizationsId @@ -18269,19 +19281,16 @@ paths: required: true schema: type: string - - in: path - name: queriesId - required: true - schema: - type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/queries/{queriesId}/resulturl: + /v1/organizations/{organizationsId}/environments/{environmentsId}/keyvaluemaps/{keyvaluemapsId}/entries/{entriesId}: parameters: *ref_1 - get: + delete: description: >- - After the query is completed, use this API to retrieve the results. If - the request succeeds, and there is a non-zero result set, the result is - sent to the client as a list of urls to JSON files. - operationId: apigee.organizations.environments.queries.getResulturl + Deletes a key value entry from a key value map scoped to an + organization, environment, or API proxy. **Notes:** * After you delete + the key value entry, the policy consuming the entry will continue to + function with its cached values for a few minutes. This is expected + behavior. * Supported for Apigee hybrid 1.8.x and higher. + operationId: apigee.organizations.environments.keyvaluemaps.entries.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18293,8 +19302,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1GetAsyncQueryResultUrlResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' parameters: - in: path name: organizationsId @@ -18307,15 +19315,25 @@ paths: schema: type: string - in: path - name: queriesId + name: keyvaluemapsId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/caches/{cachesId}: - parameters: *ref_1 - delete: - description: Deletes a cache. - operationId: apigee.organizations.environments.caches.delete + - in: path + name: entriesId + required: true + schema: + type: string + put: + description: >- + Update key value entry scoped to an organization, environment, or API + proxy for an existing key. + operationId: apigee.organizations.environments.keyvaluemaps.entries.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18327,7 +19345,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' parameters: - in: path name: organizationsId @@ -18340,24 +19358,21 @@ paths: schema: type: string - in: path - name: cachesId + name: keyvaluemapsId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/securityReports: - parameters: *ref_1 - post: + - in: path + name: entriesId + required: true + schema: + type: string + get: description: >- - Submit a report request to be processed in the background. If the - submission succeeds, the API returns a 200 status and an ID that refer - to the report request. In addition to the HTTP status 200, the `state` - of "enqueued" means that the request succeeded. - operationId: apigee.organizations.environments.securityReports.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReportQuery' + Get the key value entry value for a key value map scoped to an + organization, environment, or API proxy. **Note**: Supported for Apigee + hybrid 1.8.x and higher. + operationId: apigee.organizations.environments.keyvaluemaps.entries.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18369,7 +19384,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReport' + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' parameters: - in: path name: organizationsId @@ -18381,9 +19396,24 @@ paths: required: true schema: type: string + - in: path + name: keyvaluemapsId + required: true + schema: + type: string + - in: path + name: entriesId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/keyvaluemaps/{keyvaluemapsId}/entries: + parameters: *ref_1 get: - description: Return a list of Security Reports - operationId: apigee.organizations.environments.securityReports.list + description: >- + Lists key value entries for key values maps scoped to an organization, + environment, or API proxy. **Note**: Supported for Apigee hybrid 1.8.x + and higher. + operationId: apigee.organizations.environments.keyvaluemaps.entries.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18396,7 +19426,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListSecurityReportsResponse + #/components/schemas/GoogleCloudApigeeV1ListKeyValueEntriesResponse parameters: - in: path name: organizationsId @@ -18408,24 +19438,13 @@ paths: required: true schema: type: string - - in: query - name: submittedBy - schema: - type: string - - in: query - name: status - schema: - type: string - - in: query - name: from - schema: - type: string - - in: query - name: to + - in: path + name: keyvaluemapsId + required: true schema: type: string - in: query - name: dataset + name: pageToken schema: type: string - in: query @@ -18433,18 +19452,17 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/securityReports/{securityReportsId}: - parameters: *ref_1 - get: + post: description: >- - Get security report status If the query is still in progress, the - `state` is set to "running" After the query has completed successfully, - `state` is set to "completed" - operationId: apigee.organizations.environments.securityReports.get + Creates key value entries in a key value map scoped to an organization, + environment, or API proxy. **Note**: Supported for Apigee hybrid 1.8.x + and higher. + operationId: apigee.organizations.environments.keyvaluemaps.entries.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18456,7 +19474,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReport' + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' parameters: - in: path name: organizationsId @@ -18469,20 +19487,20 @@ paths: schema: type: string - in: path - name: securityReportsId + name: keyvaluemapsId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/securityReports/{securityReportsId}/result: + /v1/organizations/{organizationsId}/environments/{environmentsId}/keyvaluemaps: parameters: *ref_1 - get: - description: >- - After the query is completed, use this API to retrieve the results as - file. If the request succeeds, and there is a non-zero result set, the - result is downloaded to the client as a zipped JSON file. The name of - the downloaded file will be: OfflineQueryResult-.zip Example: - `OfflineQueryResult-9cfc0d85-0f30-46d6-ae6f-318d0cb961bd.zip` - operationId: apigee.organizations.environments.securityReports.getResult + post: + description: Creates a key value map in an environment. + operationId: apigee.organizations.environments.keyvaluemaps.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18494,7 +19512,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' parameters: - in: path name: organizationsId @@ -18506,18 +19524,18 @@ paths: required: true schema: type: string - - in: path - name: securityReportsId - required: true - schema: - type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/securityReports/{securityReportsId}/resultView: + /v1/organizations/{organizationsId}/environments/{environmentsId}/keyvaluemaps/{keyvaluemapsId}: parameters: *ref_1 - get: + put: description: >- - After the query is completed, use this API to view the query result when - result size is small. - operationId: apigee.organizations.environments.securityReports.getResultView + Update the key value map scoped to an organization, environment, or API + proxy. + operationId: apigee.organizations.environments.keyvaluemaps.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18529,8 +19547,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityReportResultView + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' parameters: - in: path name: organizationsId @@ -18543,20 +19560,15 @@ paths: schema: type: string - in: path - name: securityReportsId + name: keyvaluemapsId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/securityStats:queryTabularStats: - parameters: *ref_1 - post: - description: Retrieve security statistics as tabular rows. - operationId: apigee.organizations.environments.securityStats.queryTabularStats - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1QueryTabularStatsRequest' + get: + description: >- + Get the key value map scoped to an organization, environment, or API + proxy. + operationId: apigee.organizations.environments.keyvaluemaps.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18568,8 +19580,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1QueryTabularStatsResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' parameters: - in: path name: organizationsId @@ -18581,17 +19592,14 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/securityStats:queryTimeSeriesStats: - parameters: *ref_1 - post: - description: Retrieve security statistics as a collection of time series. - operationId: apigee.organizations.environments.securityStats.queryTimeSeriesStats - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1QueryTimeSeriesStatsRequest + - in: path + name: keyvaluemapsId + required: true + schema: + type: string + delete: + description: Deletes a key value map from an environment. + operationId: apigee.organizations.environments.keyvaluemaps.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18603,8 +19611,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1QueryTimeSeriesStatsResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' parameters: - in: path name: organizationsId @@ -18616,14 +19623,25 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/securityIncidents/{securityIncidentsId}: + - in: path + name: keyvaluemapsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/resourcefiles/{type}/{name}: parameters: *ref_1 - get: + put: description: >- - GetSecurityIncident gets the specified security incident. Returns - NOT_FOUND if security incident is not present for the specified - organization and environment. - operationId: apigee.organizations.environments.securityIncidents.get + Updates a resource file. Specify the `Content-Type` as + `application/octet-stream` or `multipart/form-data`. For more + information about resource files, see [Resource + files](https://cloud.google.com/apigee/docs/api-platform/develop/resource-files). + operationId: apigee.organizations.environments.resourcefiles.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleApiHttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18635,7 +19653,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityIncident' + $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceFile' parameters: - in: path name: organizationsId @@ -18648,18 +19666,21 @@ paths: schema: type: string - in: path - name: securityIncidentsId + name: type required: true schema: type: string - patch: - description: UpdateSecurityIncidents updates an existing security incident. - operationId: apigee.organizations.environments.securityIncidents.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityIncident' + - in: path + name: name + required: true + schema: + type: string + delete: + description: >- + Deletes a resource file. For more information about resource files, see + [Resource + files](https://cloud.google.com/apigee/docs/api-platform/develop/resource-files). + operationId: apigee.organizations.environments.resourcefiles.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18671,7 +19692,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityIncident' + $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceFile' parameters: - in: path name: organizationsId @@ -18684,22 +19705,21 @@ paths: schema: type: string - in: path - name: securityIncidentsId + name: type required: true schema: type: string - - in: query - name: updateMask + - in: path + name: name + required: true schema: type: string - format: google-fieldmask - /v1/organizations/{organizationsId}/environments/{environmentsId}/securityIncidents: - parameters: *ref_1 get: description: >- - ListSecurityIncidents lists all the security incident associated with - the environment. - operationId: apigee.organizations.environments.securityIncidents.list + Gets the contents of a resource file. For more information about + resource files, see [Resource + files](https://cloud.google.com/apigee/docs/api-platform/develop/resource-files). + operationId: apigee.organizations.environments.resourcefiles.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18711,8 +19731,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListSecurityIncidentsResponse + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: organizationsId @@ -18724,32 +19743,24 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: type + required: true schema: type: string - - in: query - name: filter + - in: path + name: name + required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/securityIncidents:batchUpdate: + /v1/organizations/{organizationsId}/environments/{environmentsId}/resourcefiles: parameters: *ref_1 - post: + get: description: >- - BatchUpdateSecurityIncident updates multiple existing security - incidents. - operationId: apigee.organizations.environments.securityIncidents.batchUpdate - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1BatchUpdateSecurityIncidentsRequest + Lists all resource files, optionally filtering by type. For more + information about resource files, see [Resource + files](https://cloud.google.com/apigee/docs/api-platform/develop/resource-files). + operationId: apigee.organizations.environments.resourcefiles.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18762,7 +19773,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1BatchUpdateSecurityIncidentsResponse + #/components/schemas/GoogleCloudApigeeV1ListEnvironmentResourcesResponse parameters: - in: path name: organizationsId @@ -18774,16 +19785,22 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/securityActions: - parameters: *ref_1 + - in: query + name: type + schema: + type: string post: - description: CreateSecurityAction creates a SecurityAction. - operationId: apigee.organizations.environments.securityActions.create + description: >- + Creates a resource file. Specify the `Content-Type` as + `application/octet-stream` or `multipart/form-data`. For more + information about resource files, see [Resource + files](https://cloud.google.com/apigee/docs/api-platform/develop/resource-files). + operationId: apigee.organizations.environments.resourcefiles.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityAction' + $ref: '#/components/schemas/GoogleApiHttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18795,7 +19812,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityAction' + $ref: '#/components/schemas/GoogleCloudApigeeV1ResourceFile' parameters: - in: path name: organizationsId @@ -18808,14 +19825,21 @@ paths: schema: type: string - in: query - name: securityActionId + name: name + schema: + type: string + - in: query + name: type schema: type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/resourcefiles/{type}: + parameters: *ref_1 get: description: >- - Returns a list of SecurityActions. This returns both enabled and - disabled actions. - operationId: apigee.organizations.environments.securityActions.list + Lists all resource files, optionally filtering by type. For more + information about resource files, see [Resource + files](https://cloud.google.com/apigee/docs/api-platform/develop/resource-files). + operationId: apigee.organizations.environments.resourcefiles.listEnvironmentResources security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18828,7 +19852,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListSecurityActionsResponse + #/components/schemas/GoogleCloudApigeeV1ListEnvironmentResourcesResponse parameters: - in: path name: organizationsId @@ -18840,24 +19864,16 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: type + required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/securityActions/{securityActionsId}: + /v1/organizations/{organizationsId}/environments/{environmentsId}/optimizedStats/{optimizedStatsId}: parameters: *ref_1 get: - description: Get a SecurityAction by name. - operationId: apigee.organizations.environments.securityActions.get + description: Similar to GetStats except that the response is less verbose. + operationId: apigee.organizations.environments.optimizedStats.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18869,7 +19885,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityAction' + $ref: '#/components/schemas/GoogleCloudApigeeV1OptimizedStats' parameters: - in: path name: organizationsId @@ -18882,54 +19898,77 @@ paths: schema: type: string - in: path - name: securityActionsId + name: optimizedStatsId required: true schema: type: string - patch: - description: Update a SecurityAction. - operationId: apigee.organizations.environments.securityActions.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityAction' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityAction' - parameters: - - in: path - name: organizationsId - required: true + - in: query + name: sort + schema: + type: string + - in: query + name: tsAscending + schema: + type: boolean + - in: query + name: offset + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: limit + schema: + type: string + - in: query + name: realtime + schema: + type: boolean + - in: query + name: sortby + schema: + type: string + - in: query + name: sonar + schema: + type: boolean + - in: query + name: tzo schema: type: string - - in: path - name: environmentsId - required: true + - in: query + name: accuracy schema: type: string - - in: path - name: securityActionsId - required: true + - in: query + name: select schema: type: string - in: query - name: updateMask + name: timeUnit schema: type: string - format: google-fieldmask + - in: query + name: aggTable + schema: + type: string + - in: query + name: topk + schema: + type: string + - in: query + name: timeRange + schema: + type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/targetservers/{targetserversId}: + parameters: *ref_1 delete: - description: Delete a SecurityAction. - operationId: apigee.organizations.environments.securityActions.delete + description: >- + Deletes a TargetServer from an environment. Returns the deleted + TargetServer resource. + operationId: apigee.organizations.environments.targetservers.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18941,7 +19980,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudApigeeV1TargetServer' parameters: - in: path name: organizationsId @@ -18954,25 +19993,21 @@ paths: schema: type: string - in: path - name: securityActionsId + name: targetserversId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/securityActions/{securityActionsId}:enable: - parameters: *ref_1 - post: + put: description: >- - Enable a SecurityAction. The `state` of the SecurityAction after - enabling is `ENABLED`. `EnableSecurityAction` can be called on - SecurityActions in the state `DISABLED`; SecurityActions in a different - state (including `ENABLED) return an error. - operationId: apigee.organizations.environments.securityActions.enable + Updates an existing TargetServer. Note that this operation has PUT + semantics; it will replace the entirety of the existing TargetServer + with the resource in the request body. + operationId: apigee.organizations.environments.targetservers.update requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1EnableSecurityActionRequest + $ref: '#/components/schemas/GoogleCloudApigeeV1TargetServer' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18984,7 +20019,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityAction' + $ref: '#/components/schemas/GoogleCloudApigeeV1TargetServer' parameters: - in: path name: organizationsId @@ -18997,25 +20032,13 @@ paths: schema: type: string - in: path - name: securityActionsId + name: targetserversId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/securityActions/{securityActionsId}:disable: - parameters: *ref_1 - post: - description: >- - Disable a SecurityAction. The `state` of the SecurityAction after - disabling is `DISABLED`. `DisableSecurityAction` can be called on - SecurityActions in the state `ENABLED`; SecurityActions in a different - state (including `DISABLED`) return an error. - operationId: apigee.organizations.environments.securityActions.disable - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1DisableSecurityActionRequest + get: + description: Gets a TargetServer resource. + operationId: apigee.organizations.environments.targetservers.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19027,7 +20050,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityAction' + $ref: '#/components/schemas/GoogleCloudApigeeV1TargetServer' parameters: - in: path name: organizationsId @@ -19040,20 +20063,20 @@ paths: schema: type: string - in: path - name: securityActionsId + name: targetserversId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/keyvaluemaps: + /v1/organizations/{organizationsId}/environments/{environmentsId}/targetservers: parameters: *ref_1 post: - description: Creates a key value map in an environment. - operationId: apigee.organizations.environments.keyvaluemaps.create + description: Creates a TargetServer in the specified environment. + operationId: apigee.organizations.environments.targetservers.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' + $ref: '#/components/schemas/GoogleCloudApigeeV1TargetServer' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19065,7 +20088,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' + $ref: '#/components/schemas/GoogleCloudApigeeV1TargetServer' parameters: - in: path name: organizationsId @@ -19077,11 +20100,21 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/keyvaluemaps/{keyvaluemapsId}: + - in: query + name: name + schema: + type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/stats/{statsId}: parameters: *ref_1 - delete: - description: Deletes a key value map from an environment. - operationId: apigee.organizations.environments.keyvaluemaps.delete + get: + description: >- + Retrieve metrics grouped by dimensions. The types of metrics you can + retrieve include traffic, message counts, API call latency, response + size, and cache hits and counts. Dimensions let you view metrics in + meaningful groups. You can optionally pass dimensions as path parameters + to the `stats` API. If dimensions are not specified, the metrics are + computed on the entire set of data for the given time range. + operationId: apigee.organizations.environments.stats.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19093,7 +20126,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' + $ref: '#/components/schemas/GoogleCloudApigeeV1Stats' parameters: - in: path name: organizationsId @@ -19106,18 +20139,88 @@ paths: schema: type: string - in: path - name: keyvaluemapsId + name: statsId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/keyvaluemaps/{keyvaluemapsId}/entries/{entriesId}: + - in: query + name: timeUnit + schema: + type: string + - in: query + name: offset + schema: + type: string + - in: query + name: accuracy + schema: + type: string + - in: query + name: aggTable + schema: + type: string + - in: query + name: topk + schema: + type: string + - in: query + name: realtime + schema: + type: boolean + - in: query + name: sort + schema: + type: string + - in: query + name: timeRange + schema: + type: string + - in: query + name: tsAscending + schema: + type: boolean + - in: query + name: sortby + schema: + type: string + - in: query + name: tzo + schema: + type: string + - in: query + name: sonar + schema: + type: boolean + - in: query + name: select + schema: + type: string + - in: query + name: limit + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/apis/{apisId}/revisions/{revisionsId}/deployments:generateUndeployChangeReport: parameters: *ref_1 - get: + post: description: >- - Get the key value entry value for a key value map scoped to an - organization, environment, or API proxy. **Note**: Supported for Apigee - hybrid 1.8.x and higher. - operationId: apigee.organizations.environments.keyvaluemaps.entries.get + Generates a report for a dry run analysis of an UndeployApiProxy request + without committing the undeploy. In addition to the standard validations + performed when removing deployments, additional analysis will be done to + detect possible traffic routing changes that would result from this + deployment being removed. Any potential routing conflicts or unsafe + changes will be reported in the response. This routing analysis is not + performed for a non-dry-run UndeployApiProxy request. For a request path + `organizations/{org}/environments/{env}/apis/{api}/revisions/{rev}/deployments:generateUndeployChangeReport`, + two permissions are required: * `apigee.deployments.delete` on the + resource `organizations/{org}/environments/{env}` * + `apigee.proxyrevisions.undeploy` on the resource + `organizations/{org}/apis/{api}/revisions/{rev}` + operationId: >- + apigee.organizations.environments.apis.revisions.deployments.generateUndeployChangeReport security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19129,7 +20232,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeploymentChangeReport' parameters: - in: path name: organizationsId @@ -19142,23 +20245,34 @@ paths: schema: type: string - in: path - name: keyvaluemapsId + name: apisId required: true schema: type: string - in: path - name: entriesId + name: revisionsId required: true schema: type: string - delete: + /v1/organizations/{organizationsId}/environments/{environmentsId}/apis/{apisId}/revisions/{revisionsId}/deployments:generateDeployChangeReport: + parameters: *ref_1 + post: description: >- - Deletes a key value entry from a key value map scoped to an - organization, environment, or API proxy. **Notes:** * After you delete - the key value entry, the policy consuming the entry will continue to - function with its cached values for a few minutes. This is expected - behavior. * Supported for Apigee hybrid 1.8.x and higher. - operationId: apigee.organizations.environments.keyvaluemaps.entries.delete + Generates a report for a dry run analysis of a DeployApiProxy request + without committing the deployment. In addition to the standard + validations performed when adding deployments, additional analysis will + be done to detect possible traffic routing changes that would result + from this deployment being created. Any potential routing conflicts or + unsafe changes will be reported in the response. This routing analysis + is not performed for a non-dry-run DeployApiProxy request. For a request + path + `organizations/{org}/environments/{env}/apis/{api}/revisions/{rev}/deployments:generateDeployChangeReport`, + two permissions are required: * `apigee.deployments.create` on the + resource `organizations/{org}/environments/{env}` * + `apigee.proxyrevisions.deploy` on the resource + `organizations/{org}/apis/{api}/revisions/{rev}` + operationId: >- + apigee.organizations.environments.apis.revisions.deployments.generateDeployChangeReport security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19170,7 +20284,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeploymentChangeReport' parameters: - in: path name: organizationsId @@ -19183,25 +20297,24 @@ paths: schema: type: string - in: path - name: keyvaluemapsId + name: apisId required: true schema: type: string - in: path - name: entriesId + name: revisionsId required: true schema: type: string - put: - description: >- - Update key value entry scoped to an organization, environment, or API - proxy for an existing key. - operationId: apigee.organizations.environments.keyvaluemaps.entries.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + - in: query + name: override + schema: + type: boolean + /v1/organizations/{organizationsId}/environments/{environmentsId}/apis/{apisId}/revisions/{revisionsId}/debugsessions/{debugsessionsId}/data/{dataId}: + parameters: *ref_1 + get: + description: Gets the debug data from a transaction. + operationId: apigee.organizations.environments.apis.revisions.debugsessions.data.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19213,7 +20326,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1DebugSessionTransaction parameters: - in: path name: organizationsId @@ -19226,28 +20340,34 @@ paths: schema: type: string - in: path - name: keyvaluemapsId + name: apisId required: true schema: type: string - in: path - name: entriesId + name: revisionsId required: true schema: type: string - /v1/organizations/{organizationsId}/environments/{environmentsId}/keyvaluemaps/{keyvaluemapsId}/entries: + - in: path + name: debugsessionsId + required: true + schema: + type: string + - in: path + name: dataId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/apis/{apisId}/revisions/{revisionsId}/debugsessions/{debugsessionsId}/data: parameters: *ref_1 - post: + delete: description: >- - Creates key value entries in a key value map scoped to an organization, - environment, or API proxy. **Note**: Supported for Apigee hybrid 1.8.x - and higher. - operationId: apigee.organizations.environments.keyvaluemaps.entries.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + Deletes the data from a debug session. This does not cancel the debug + session or prevent further data from being collected if the session is + still active in runtime pods. + operationId: >- + apigee.organizations.environments.apis.revisions.debugsessions.deleteData security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19259,7 +20379,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -19272,16 +20392,25 @@ paths: schema: type: string - in: path - name: keyvaluemapsId + name: apisId + required: true + schema: + type: string + - in: path + name: revisionsId + required: true + schema: + type: string + - in: path + name: debugsessionsId required: true schema: type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/apis/{apisId}/revisions/{revisionsId}/debugsessions/{debugsessionsId}: + parameters: *ref_1 get: - description: >- - Lists key value entries for key values maps scoped to an organization, - environment, or API proxy. **Note**: Supported for Apigee hybrid 1.8.x - and higher. - operationId: apigee.organizations.environments.keyvaluemaps.entries.list + description: Retrieves a debug session. + operationId: apigee.organizations.environments.apis.revisions.debugsessions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19293,8 +20422,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListKeyValueEntriesResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1DebugSession' parameters: - in: path name: organizationsId @@ -19307,24 +20435,27 @@ paths: schema: type: string - in: path - name: keyvaluemapsId + name: apisId required: true schema: type: string - - in: query - name: pageSize + - in: path + name: revisionsId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: debugsessionsId + required: true schema: type: string - /v1/organizations/{organizationsId}/deployments: + /v1/organizations/{organizationsId}/environments/{environmentsId}/apis/{apisId}/revisions/{revisionsId}/debugsessions: parameters: *ref_1 get: - description: Lists all deployments of API proxies or shared flows. - operationId: apigee.organizations.deployments.list + description: >- + Lists debug sessions that are currently active in the given API Proxy + revision. + operationId: apigee.organizations.environments.apis.revisions.debugsessions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19337,85 +20468,45 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListDeploymentsResponse + #/components/schemas/GoogleCloudApigeeV1ListDebugSessionsResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: sharedFlows - schema: - type: boolean - /v1/organizations/{organizationsId}/envgroups: - parameters: *ref_1 - post: - description: Creates a new environment group. - operationId: apigee.organizations.envgroups.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1EnvironmentGroup' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - in: path - name: organizationsId + name: environmentsId required: true schema: type: string - - in: query - name: name + - in: path + name: apisId + required: true schema: type: string - get: - description: Lists all environment groups. - operationId: apigee.organizations.envgroups.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListEnvironmentGroupsResponse - parameters: - in: path - name: organizationsId + name: revisionsId required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/organizations/{organizationsId}/envgroups/{envgroupsId}: - parameters: *ref_1 - get: - description: Gets an environment group. - operationId: apigee.organizations.envgroups.get + post: + description: Creates a debug session for a deployed API Proxy revision. + operationId: apigee.organizations.environments.apis.revisions.debugsessions.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1DebugSession' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19427,7 +20518,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1EnvironmentGroup' + $ref: '#/components/schemas/GoogleCloudApigeeV1DebugSession' parameters: - in: path name: organizationsId @@ -19435,49 +20526,36 @@ paths: schema: type: string - in: path - name: envgroupsId + name: environmentsId required: true schema: type: string - patch: - description: Updates an environment group. - operationId: apigee.organizations.envgroups.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1EnvironmentGroup' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - in: path - name: organizationsId + name: apisId required: true schema: type: string - in: path - name: envgroupsId + name: revisionsId required: true schema: type: string - in: query - name: updateMask + name: timeout schema: type: string - format: google-fieldmask + format: int64 + /v1/organizations/{organizationsId}/environments/{environmentsId}/apis/{apisId}/revisions/{revisionsId}/deployments: + parameters: *ref_1 delete: - description: Deletes an environment group. - operationId: apigee.organizations.envgroups.delete + description: >- + Undeploys an API proxy revision from an environment. For a request path + `organizations/{org}/environments/{env}/apis/{api}/revisions/{rev}/deployments`, + two permissions are required: * `apigee.deployments.delete` on the + resource `organizations/{org}/environments/{env}` * + `apigee.proxyrevisions.undeploy` on the resource + `organizations/{org}/apis/{api}/revisions/{rev}` + operationId: apigee.organizations.environments.apis.revisions.undeploy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19489,7 +20567,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -19497,53 +20575,45 @@ paths: schema: type: string - in: path - name: envgroupsId + name: environmentsId required: true schema: type: string - /v1/organizations/{organizationsId}/envgroups/{envgroupsId}/deployedIngressConfig: - parameters: *ref_1 - get: - description: Gets the deployed ingress configuration for an environment group. - operationId: apigee.organizations.envgroups.getDeployedIngressConfig - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1EnvironmentGroupConfig' - parameters: - in: path - name: organizationsId + name: apisId required: true schema: type: string - in: path - name: envgroupsId + name: revisionsId required: true schema: type: string - in: query - name: view + name: sequencedRollout schema: - type: string - /v1/organizations/{organizationsId}/envgroups/{envgroupsId}/attachments: - parameters: *ref_1 + type: boolean post: - description: Creates a new attachment of an environment to an environment group. - operationId: apigee.organizations.envgroups.attachments.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1EnvironmentGroupAttachment + description: >- + Deploys a revision of an API proxy. If another revision of the same API + proxy revision is currently deployed, set the `override` parameter to + `true` to have this revision replace the currently deployed revision. + You cannot invoke an API proxy until it has been deployed to an + environment. After you deploy an API proxy revision, you cannot edit it. + To edit the API proxy, you must create and deploy a new revision. For a + request path + `organizations/{org}/environments/{env}/apis/{api}/revisions/{rev}/deployments`, + two permissions are required: * `apigee.deployments.create` on the + resource `organizations/{org}/environments/{env}` * + `apigee.proxyrevisions.deploy` on the resource + `organizations/{org}/apis/{api}/revisions/{rev}` All successful API + proxy deployments to Apigee are [zero-downtime + deployments](https://cloud.google.com/apigee/docs/api-platform/deploy/ui-deploy-overview#zero-downtime-deployment). + Apigee hybrid validates the dependencies between shared flows and API + proxies at deployment time. For example, if the Flow Callout policy in + an API proxy references a shared flow that either doesn't exist or isn't + deployed, the API proxy deployment fails. + operationId: apigee.organizations.environments.apis.revisions.deploy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19555,7 +20625,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudApigeeV1Deployment' parameters: - in: path name: organizationsId @@ -19563,51 +20633,37 @@ paths: schema: type: string - in: path - name: envgroupsId + name: environmentsId required: true schema: type: string - get: - description: Lists all attachments of an environment group. - operationId: apigee.organizations.envgroups.attachments.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListEnvironmentGroupAttachmentsResponse - parameters: - in: path - name: organizationsId + name: apisId required: true schema: type: string - in: path - name: envgroupsId + name: revisionsId required: true schema: type: string - in: query - name: pageSize + name: override schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: sequencedRollout + schema: + type: boolean + - in: query + name: serviceAccount schema: type: string - /v1/organizations/{organizationsId}/envgroups/{envgroupsId}/attachments/{attachmentsId}: - parameters: *ref_1 get: - description: Gets an environment group attachment. - operationId: apigee.organizations.envgroups.attachments.get + description: >- + Gets the deployment of an API proxy revision and actual state reported + by runtime pods. + operationId: apigee.organizations.environments.apis.revisions.getDeployments security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19619,8 +20675,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1EnvironmentGroupAttachment + $ref: '#/components/schemas/GoogleCloudApigeeV1Deployment' parameters: - in: path name: organizationsId @@ -19628,18 +20683,25 @@ paths: schema: type: string - in: path - name: envgroupsId + name: environmentsId required: true schema: type: string - in: path - name: attachmentsId + name: apisId required: true schema: type: string - delete: - description: Deletes an environment group attachment. - operationId: apigee.organizations.envgroups.attachments.delete + - in: path + name: revisionsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/apis/{apisId}/deployments: + parameters: *ref_1 + get: + description: Lists all deployments of an API proxy in an environment. + operationId: apigee.organizations.environments.apis.deployments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19651,7 +20713,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListDeploymentsResponse parameters: - in: path name: organizationsId @@ -19659,28 +20722,22 @@ paths: schema: type: string - in: path - name: envgroupsId + name: environmentsId required: true schema: type: string - in: path - name: attachmentsId + name: apisId required: true schema: type: string - /v1/organizations/{organizationsId}/instances: + /v1/organizations/{organizationsId}/environments/{environmentsId}/securityIncidents: parameters: *ref_1 - post: + get: description: >- - Creates an Apigee runtime instance. The instance is accessible from the - authorized network configured on the organization. **Note:** Not - supported for Apigee hybrid. - operationId: apigee.organizations.instances.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Instance' + ListSecurityIncidents lists all the security incident associated with + the environment. + operationId: apigee.organizations.environments.securityIncidents.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19692,33 +20749,16 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListSecurityIncidentsResponse parameters: - in: path name: organizationsId required: true schema: type: string - get: - description: >- - Lists all Apigee runtime instances for the organization. **Note:** Not - supported for Apigee hybrid. - operationId: apigee.organizations.instances.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ListInstancesResponse' - parameters: - in: path - name: organizationsId + name: environmentsId required: true schema: type: string @@ -19731,14 +20771,18 @@ paths: name: pageToken schema: type: string - /v1/organizations/{organizationsId}/instances/{instancesId}: + - in: query + name: filter + schema: + type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/securityIncidents/{securityIncidentsId}: parameters: *ref_1 - delete: + get: description: >- - Deletes an Apigee runtime instance. The instance stops serving requests - and the runtime data is deleted. **Note:** Not supported for Apigee - hybrid. - operationId: apigee.organizations.instances.delete + GetSecurityIncident gets the specified security incident. Returns + NOT_FOUND if security incident is not present for the specified + organization and environment. + operationId: apigee.organizations.environments.securityIncidents.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19750,7 +20794,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityIncident' parameters: - in: path name: organizationsId @@ -19758,49 +20802,23 @@ paths: schema: type: string - in: path - name: instancesId - required: true - schema: - type: string - get: - description: >- - Gets the details for an Apigee runtime instance. **Note:** Not supported - for Apigee hybrid. - operationId: apigee.organizations.instances.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Instance' - parameters: - - in: path - name: organizationsId + name: environmentsId required: true schema: type: string - in: path - name: instancesId + name: securityIncidentsId required: true schema: type: string patch: - description: >- - Updates an Apigee runtime instance. You can update the fields described - in NodeConfig. No other fields will be updated. **Note:** Not supported - for Apigee hybrid. - operationId: apigee.organizations.instances.patch + description: UpdateSecurityIncidents updates an existing security incident. + operationId: apigee.organizations.environments.securityIncidents.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Instance' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityIncident' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19812,7 +20830,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityIncident' parameters: - in: path name: organizationsId @@ -19820,7 +20838,12 @@ paths: schema: type: string - in: path - name: instancesId + name: environmentsId + required: true + schema: + type: string + - in: path + name: securityIncidentsId required: true schema: type: string @@ -19829,17 +20852,19 @@ paths: schema: type: string format: google-fieldmask - /v1/organizations/{organizationsId}/instances/{instancesId}:reportStatus: + /v1/organizations/{organizationsId}/environments/{environmentsId}/securityIncidents:batchUpdate: parameters: *ref_1 post: - description: Reports the latest status for a runtime instance. - operationId: apigee.organizations.instances.reportStatus + description: >- + BatchUpdateSecurityIncident updates multiple existing security + incidents. + operationId: apigee.organizations.environments.securityIncidents.batchUpdate requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ReportInstanceStatusRequest + #/components/schemas/GoogleCloudApigeeV1BatchUpdateSecurityIncidentsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19852,40 +20877,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ReportInstanceStatusResponse - parameters: - - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: instancesId - required: true - schema: - type: string - /v1/organizations/{organizationsId}/instances/{instancesId}/canaryevaluations: - parameters: *ref_1 - post: - description: Creates a new canary evaluation for an organization. - operationId: apigee.organizations.instances.canaryevaluations.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1CanaryEvaluation' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + #/components/schemas/GoogleCloudApigeeV1BatchUpdateSecurityIncidentsResponse parameters: - in: path name: organizationsId @@ -19893,15 +20885,17 @@ paths: schema: type: string - in: path - name: instancesId + name: environmentsId required: true schema: type: string - /v1/organizations/{organizationsId}/instances/{instancesId}/canaryevaluations/{canaryevaluationsId}: + /v1/organizations/{organizationsId}/environments/{environmentsId}/deployments/{deploymentsId}: parameters: *ref_1 get: - description: Gets a CanaryEvaluation for an organization. - operationId: apigee.organizations.instances.canaryevaluations.get + description: >- + Gets a particular deployment of Api proxy or a shared flow in an + environment + operationId: apigee.organizations.environments.deployments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19913,7 +20907,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1CanaryEvaluation' + $ref: '#/components/schemas/GoogleCloudApigeeV1Deployment' parameters: - in: path name: organizationsId @@ -19921,27 +20915,25 @@ paths: schema: type: string - in: path - name: instancesId + name: environmentsId required: true schema: type: string - in: path - name: canaryevaluationsId + name: deploymentsId required: true schema: - type: string - /v1/organizations/{organizationsId}/instances/{instancesId}/attachments: - parameters: *ref_1 - post: - description: >- - Creates a new attachment of an environment to an instance. **Note:** Not - supported for Apigee hybrid. - operationId: apigee.organizations.instances.attachments.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1InstanceAttachment' + type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/deployments/{deploymentsId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the IAM policy on a deployment. For more information, see [Manage + users, roles, and permissions using the + API](https://cloud.google.com/apigee/docs/api-platform/system-administration/manage-users-roles). + You must have the `apigee.deployments.getIamPolicy` permission to call + this API. + operationId: apigee.organizations.environments.deployments.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19953,7 +20945,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: organizationsId @@ -19961,15 +20953,25 @@ paths: schema: type: string - in: path - name: instancesId + name: environmentsId + required: true + schema: + type: string + - in: path + name: deploymentsId required: true schema: type: string + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/organizations/{organizationsId}/environments/{environmentsId}/deployments: + parameters: *ref_1 get: - description: >- - Lists all attachments to an instance. **Note:** Not supported for Apigee - hybrid. - operationId: apigee.organizations.instances.attachments.list + description: Lists all deployments of API proxies or shared flows in an environment. + operationId: apigee.organizations.environments.deployments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19982,7 +20984,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListInstanceAttachmentsResponse + #/components/schemas/GoogleCloudApigeeV1ListDeploymentsResponse parameters: - in: path name: organizationsId @@ -19990,24 +20992,30 @@ paths: schema: type: string - in: path - name: instancesId + name: environmentsId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: sharedFlows schema: - type: string - /v1/organizations/{organizationsId}/instances/{instancesId}/attachments/{attachmentsId}: + type: boolean + /v1/organizations/{organizationsId}/environments/{environmentsId}/deployments/{deploymentsId}:setIamPolicy: parameters: *ref_1 - get: - description: Gets an attachment. **Note:** Not supported for Apigee hybrid. - operationId: apigee.organizations.instances.attachments.get + post: + description: >- + Sets the IAM policy on a deployment, if the policy already exists it + will be replaced. For more information, see [Manage users, roles, and + permissions using the + API](https://cloud.google.com/apigee/docs/api-platform/system-administration/manage-users-roles). + You must have the `apigee.deployments.setIamPolicy` permission to call + this API. + operationId: apigee.organizations.environments.deployments.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20019,7 +21027,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1InstanceAttachment' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: organizationsId @@ -20027,18 +21035,29 @@ paths: schema: type: string - in: path - name: instancesId + name: environmentsId required: true schema: type: string - in: path - name: attachmentsId + name: deploymentsId required: true schema: type: string - delete: - description: Deletes an attachment. **Note:** Not supported for Apigee hybrid. - operationId: apigee.organizations.instances.attachments.delete + /v1/organizations/{organizationsId}/environments/{environmentsId}/deployments/{deploymentsId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Tests the permissions of a user on a deployment, and returns a subset of + permissions that the user has on the deployment. If the deployment does + not exist, an empty permission set is returned (a NOT_FOUND error is not + returned). + operationId: apigee.organizations.environments.deployments.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20050,7 +21069,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: organizationsId @@ -20058,22 +21077,24 @@ paths: schema: type: string - in: path - name: instancesId + name: environmentsId required: true schema: type: string - in: path - name: attachmentsId + name: deploymentsId required: true schema: type: string - /v1/organizations/{organizationsId}/instances/{instancesId}/natAddresses: + /v1/organizations/{organizationsId}/environments/{environmentsId}/analytics/admin/schemav2: parameters: *ref_1 get: description: >- - Lists the NAT addresses for an Apigee instance. **Note:** Not supported - for Apigee hybrid. - operationId: apigee.organizations.instances.natAddresses.list + Gets a list of metrics and dimensions that can be used to create + analytics queries and reports. Each schema element contains the name of + the field, its associated type, and a flag indicating whether it is a + standard or custom field. + operationId: apigee.organizations.environments.analytics.admin.getSchemav2 security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20085,8 +21106,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListNatAddressesResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1Schema' parameters: - in: path name: organizationsId @@ -20094,33 +21114,25 @@ paths: schema: type: string - in: path - name: instancesId + name: environmentsId required: true schema: type: string - in: query - name: pageSize + name: disableCache schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: type schema: type: string - post: + /v1/organizations/{organizationsId}/environments/{environmentsId}/analytics/exports: + parameters: *ref_1 + get: description: >- - Creates a NAT address. The address is created in the RESERVED state and - a static external IP address will be provisioned. At this time, the - instance will not use this IP address for Internet egress traffic. The - address can be activated for use once any required firewall IP - whitelisting has been completed. **Note:** Not supported for Apigee - hybrid. - operationId: apigee.organizations.instances.natAddresses.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1NatAddress' + Lists the details and status of all analytics export jobs belonging to + the parent organization and environment. + operationId: apigee.organizations.environments.analytics.exports.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20132,7 +21144,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudApigeeV1ListExportsResponse' parameters: - in: path name: organizationsId @@ -20140,17 +21152,22 @@ paths: schema: type: string - in: path - name: instancesId + name: environmentsId required: true schema: type: string - /v1/organizations/{organizationsId}/instances/{instancesId}/natAddresses/{natAddressesId}: - parameters: *ref_1 - get: + post: description: >- - Gets the details of a NAT address. **Note:** Not supported for Apigee - hybrid. - operationId: apigee.organizations.instances.natAddresses.get + Submit a data export job to be processed in the background. If the + request is successful, the API returns a 201 status, a URI that can be + used to retrieve the status of the export job, and the `state` value of + "enqueued". + operationId: apigee.organizations.environments.analytics.exports.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1ExportRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20162,7 +21179,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1NatAddress' + $ref: '#/components/schemas/GoogleCloudApigeeV1Export' parameters: - in: path name: organizationsId @@ -20170,21 +21187,19 @@ paths: schema: type: string - in: path - name: instancesId - required: true - schema: - type: string - - in: path - name: natAddressesId + name: environmentsId required: true schema: type: string - delete: + /v1/organizations/{organizationsId}/environments/{environmentsId}/analytics/exports/{exportsId}: + parameters: *ref_1 + get: description: >- - Deletes the NAT address. Connections that are actively using the address - are drained before it is removed. **Note:** Not supported for Apigee - hybrid. - operationId: apigee.organizations.instances.natAddresses.delete + Gets the details and status of an analytics export job. If the export + job is still in progress, its `state` is set to "running". After the + export job has completed successfully, its `state` is set to + "completed". If the export job fails, its `state` is set to `failed`. + operationId: apigee.organizations.environments.analytics.exports.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20196,7 +21211,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudApigeeV1Export' parameters: - in: path name: organizationsId @@ -20204,28 +21219,20 @@ paths: schema: type: string - in: path - name: instancesId + name: environmentsId required: true schema: type: string - in: path - name: natAddressesId + name: exportsId required: true schema: type: string - /v1/organizations/{organizationsId}/instances/{instancesId}/natAddresses/{natAddressesId}:activate: + /v1/organizations/{organizationsId}/environments/{environmentsId}/traceConfig/overrides/{overridesId}: parameters: *ref_1 - post: - description: >- - Activates the NAT address. The Apigee instance can now use this for - Internet egress traffic. **Note:** Not supported for Apigee hybrid. - operationId: apigee.organizations.instances.natAddresses.activate - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ActivateNatAddressRequest + delete: + description: Deletes a distributed trace configuration override. + operationId: apigee.organizations.environments.traceConfig.overrides.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20237,7 +21244,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -20245,24 +21252,27 @@ paths: schema: type: string - in: path - name: instancesId + name: environmentsId required: true schema: type: string - in: path - name: natAddressesId + name: overridesId required: true schema: type: string - /v1/organizations/{organizationsId}/sharedflows: - parameters: *ref_1 - get: + patch: description: >- - Lists all shared flows in the organization. If the resource has the - `space` attribute set, the response may not return all resources. To - learn more, read the [Apigee Spaces - Overview](https://cloud.google.com/apigee/docs/api-platform/system-administration/spaces/apigee-spaces-overview). - operationId: apigee.organizations.sharedflows.list + Updates a distributed trace configuration override. Note that the + repeated fields have replace semantics when included in the field mask + and that they will be overwritten by the value of the fields in the + request body. + operationId: apigee.organizations.environments.traceConfig.overrides.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfigOverride' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20274,39 +21284,31 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListSharedFlowsResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfigOverride' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: includeRevisions - schema: - type: boolean - - in: query - name: includeMetaData - schema: - type: boolean - - in: query - name: space - schema: - type: string - post: - description: >- - Uploads a ZIP-formatted shared flow configuration bundle to an - organization. If the shared flow already exists, this creates a new - revision of it. If the shared flow does not exist, this creates it. Once - imported, the shared flow revision must be deployed before it can be - accessed at runtime. The size limit of a shared flow bundle is 15 MB. - operationId: apigee.organizations.sharedflows.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + - in: path + name: environmentsId + required: true + schema: + type: string + - in: path + name: overridesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets a trace configuration override. + operationId: apigee.organizations.environments.traceConfig.overrides.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20318,30 +21320,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SharedFlowRevision' + $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfigOverride' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: action - schema: - type: string - - in: query - name: name + - in: path + name: environmentsId + required: true schema: type: string - - in: query - name: space + - in: path + name: overridesId + required: true schema: type: string - /v1/organizations/{organizationsId}/sharedflows/{sharedflowsId}: + /v1/organizations/{organizationsId}/environments/{environmentsId}/traceConfig/overrides: parameters: *ref_1 get: - description: Gets a shared flow by name, including a list of its revisions. - operationId: apigee.organizations.sharedflows.get + description: >- + Lists all of the distributed trace configuration overrides in an + environment. + operationId: apigee.organizations.environments.traceConfig.overrides.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20353,7 +21355,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SharedFlow' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListTraceConfigOverridesResponse parameters: - in: path name: organizationsId @@ -20361,15 +21364,31 @@ paths: schema: type: string - in: path - name: sharedflowsId + name: environmentsId required: true schema: type: string - delete: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: description: >- - Deletes a shared flow and all it's revisions. The shared flow must be - undeployed before you can delete it. - operationId: apigee.organizations.sharedflows.delete + Creates a trace configuration override. The response contains a + system-generated UUID, that can be used to view, update, or delete the + configuration override. Use the List API to view the existing trace + configuration overrides. + operationId: apigee.organizations.environments.traceConfig.overrides.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfigOverride' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20381,7 +21400,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SharedFlow' + $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfigOverride' parameters: - in: path name: organizationsId @@ -20389,20 +21408,20 @@ paths: schema: type: string - in: path - name: sharedflowsId + name: environmentsId required: true schema: type: string - /v1/organizations/{organizationsId}/sharedflows/{sharedflowsId}:move: + /v1/organizations/{organizationsId}/environments/{environmentsId}/securityStats:queryTabularStats: parameters: *ref_1 post: - description: Moves an shared flow to a different space. - operationId: apigee.organizations.sharedflows.move + description: Retrieve security statistics as tabular rows. + operationId: apigee.organizations.environments.securityStats.queryTabularStats requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1MoveSharedFlowRequest' + $ref: '#/components/schemas/GoogleCloudApigeeV1QueryTabularStatsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20414,7 +21433,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SharedFlow' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1QueryTabularStatsResponse parameters: - in: path name: organizationsId @@ -20422,15 +21442,21 @@ paths: schema: type: string - in: path - name: sharedflowsId + name: environmentsId required: true schema: type: string - /v1/organizations/{organizationsId}/sharedflows/{sharedflowsId}/deployments: + /v1/organizations/{organizationsId}/environments/{environmentsId}/securityStats:queryTimeSeriesStats: parameters: *ref_1 - get: - description: Lists all deployments of a shared flow. - operationId: apigee.organizations.sharedflows.deployments.list + post: + description: Retrieve security statistics as a collection of time series. + operationId: apigee.organizations.environments.securityStats.queryTimeSeriesStats + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1QueryTimeSeriesStatsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20443,7 +21469,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListDeploymentsResponse + #/components/schemas/GoogleCloudApigeeV1QueryTimeSeriesStatsResponse parameters: - in: path name: organizationsId @@ -20451,25 +21477,20 @@ paths: schema: type: string - in: path - name: sharedflowsId + name: environmentsId required: true schema: type: string - /v1/organizations/{organizationsId}/sharedflows/{sharedflowsId}/revisions/{revisionsId}: + /v1/organizations/{organizationsId}/environments/{environmentsId}/flowhooks/{flowhooksId}: parameters: *ref_1 - post: - description: >- - Updates a shared flow revision. This operation is only allowed on - revisions which have never been deployed. After deployment a revision - becomes immutable, even if it becomes undeployed. The payload is a - ZIP-formatted shared flow. Content type must be either - multipart/form-data or application/octet-stream. - operationId: apigee.organizations.sharedflows.revisions.updateSharedFlowRevision + put: + description: Attaches a shared flow to a flow hook. + operationId: apigee.organizations.environments.flowhooks.attachSharedFlowToFlowHook requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleCloudApigeeV1FlowHook' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20481,7 +21502,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SharedFlowRevision' + $ref: '#/components/schemas/GoogleCloudApigeeV1FlowHook' parameters: - in: path name: organizationsId @@ -20489,29 +21510,21 @@ paths: schema: type: string - in: path - name: sharedflowsId + name: environmentsId required: true schema: type: string - in: path - name: revisionsId + name: flowhooksId required: true schema: type: string - - in: query - name: validate - schema: - type: boolean get: description: >- - Gets a revision of a shared flow. To download the shared flow - configuration bundle for the specified revision as a zip file, set the - `format` query parameter to `bundle`. If you are using curl, specify `-o - filename.zip` to save the output to a file; otherwise, it displays to - `stdout`. Then, develop the shared flow configuration locally and upload - the updated sharedFlow configuration revision, as described in - [updateSharedFlowRevision](updateSharedFlowRevision). - operationId: apigee.organizations.sharedflows.revisions.get + Returns the name of the shared flow attached to the specified flow hook. + If there's no shared flow attached to the flow hook, the API does not + return an error; it simply does not return a name in the response. + operationId: apigee.organizations.environments.flowhooks.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20523,7 +21536,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleCloudApigeeV1FlowHook' parameters: - in: path name: organizationsId @@ -20531,24 +21544,18 @@ paths: schema: type: string - in: path - name: sharedflowsId + name: environmentsId required: true schema: type: string - in: path - name: revisionsId + name: flowhooksId required: true schema: type: string - - in: query - name: format - schema: - type: string delete: - description: >- - Deletes a shared flow and all associated policies, resources, and - revisions. You must undeploy the shared flow before deleting it. - operationId: apigee.organizations.sharedflows.revisions.delete + description: Detaches a shared flow from a flow hook. + operationId: apigee.organizations.environments.flowhooks.detachSharedFlowFromFlowHook security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20560,7 +21567,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SharedFlowRevision' + $ref: '#/components/schemas/GoogleCloudApigeeV1FlowHook' parameters: - in: path name: organizationsId @@ -20568,20 +21575,20 @@ paths: schema: type: string - in: path - name: sharedflowsId + name: environmentsId required: true schema: type: string - in: path - name: revisionsId + name: flowhooksId required: true schema: type: string - /v1/organizations/{organizationsId}/sharedflows/{sharedflowsId}/revisions/{revisionsId}/deployments: + /v1/organizations/{organizationsId}/environments/{environmentsId}/archiveDeployments: parameters: *ref_1 get: - description: Lists all deployments of a shared flow revision. - operationId: apigee.organizations.sharedflows.revisions.deployments.list + description: Lists the ArchiveDeployments in the specified Environment. + operationId: apigee.organizations.environments.archiveDeployments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20594,7 +21601,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListDeploymentsResponse + #/components/schemas/GoogleCloudApigeeV1ListArchiveDeploymentsResponse parameters: - in: path name: organizationsId @@ -20602,25 +21609,31 @@ paths: schema: type: string - in: path - name: sharedflowsId + name: environmentsId required: true schema: type: string - - in: path - name: revisionsId - required: true + - in: query + name: pageToken schema: type: string - /v1/organizations/{organizationsId}/spaces: - parameters: *ref_1 + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 post: - description: Create a space under an organization. - operationId: apigee.organizations.spaces.create + description: Creates a new ArchiveDeployment. + operationId: apigee.organizations.environments.archiveDeployments.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Space' + $ref: '#/components/schemas/GoogleCloudApigeeV1ArchiveDeployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20632,20 +21645,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Space' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: spaceId + - in: path + name: environmentsId + required: true schema: type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/archiveDeployments/{archiveDeploymentsId}: + parameters: *ref_1 get: - description: Lists spaces under an organization. - operationId: apigee.organizations.spaces.list + description: Gets the specified ArchiveDeployment. + operationId: apigee.organizations.environments.archiveDeployments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20657,27 +21673,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ListSpacesResponse' + $ref: '#/components/schemas/GoogleCloudApigeeV1ArchiveDeployment' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: pageSize + - in: path + name: environmentsId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: archiveDeploymentsId + required: true schema: type: string - /v1/organizations/{organizationsId}/spaces/{spacesId}: - parameters: *ref_1 - get: - description: Get a space under an Organization. - operationId: apigee.organizations.spaces.get + delete: + description: Deletes an archive deployment. + operationId: apigee.organizations.environments.archiveDeployments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20689,7 +21704,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Space' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -20697,18 +21712,25 @@ paths: schema: type: string - in: path - name: spacesId + name: environmentsId + required: true + schema: + type: string + - in: path + name: archiveDeploymentsId required: true schema: type: string patch: - description: Updates a space. - operationId: apigee.organizations.spaces.patch + description: >- + Updates an existing ArchiveDeployment. Labels can modified but most of + the other fields are not modifiable. + operationId: apigee.organizations.environments.archiveDeployments.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Space' + $ref: '#/components/schemas/GoogleCloudApigeeV1ArchiveDeployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20720,7 +21742,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Space' + $ref: '#/components/schemas/GoogleCloudApigeeV1ArchiveDeployment' parameters: - in: path name: organizationsId @@ -20728,7 +21750,12 @@ paths: schema: type: string - in: path - name: spacesId + name: environmentsId + required: true + schema: + type: string + - in: path + name: archiveDeploymentsId required: true schema: type: string @@ -20737,9 +21764,21 @@ paths: schema: type: string format: google-fieldmask - delete: - description: Deletes an organization space. - operationId: apigee.organizations.spaces.delete + /v1/organizations/{organizationsId}/environments/{environmentsId}/archiveDeployments/{archiveDeploymentsId}:generateDownloadUrl: + parameters: *ref_1 + post: + description: >- + Generates a signed URL for downloading the original zip file used to + create an Archive Deployment. The URL is only valid for a limited period + and should be used within minutes after generation. Each call returns a + new upload URL. + operationId: apigee.organizations.environments.archiveDeployments.generateDownloadUrl + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1GenerateDownloadUrlRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20751,7 +21790,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1GenerateDownloadUrlResponse parameters: - in: path name: organizationsId @@ -20759,20 +21799,37 @@ paths: schema: type: string - in: path - name: spacesId + name: environmentsId required: true schema: type: string - /v1/organizations/{organizationsId}/spaces/{spacesId}:setIamPolicy: + - in: path + name: archiveDeploymentsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/archiveDeployments:generateUploadUrl: parameters: *ref_1 post: - description: IAM META APIs Callers must have apigee.spaces.setIamPolicy. - operationId: apigee.organizations.spaces.setIamPolicy + description: >- + Generates a signed URL for uploading an Archive zip file to Google Cloud + Storage. Once the upload is complete, the signed URL should be passed to + CreateArchiveDeployment. When uploading to the generated signed URL, + please follow these restrictions: * Source file type should be a zip + file. * Source file size should not exceed 1GB limit. * No credentials + should be attached - the signed URLs provide access to the target bucket + using internal service identity; if credentials were attached, the + identity from the credentials would be used, but that identity does not + have permissions to upload files to the URL. When making a HTTP PUT + request, these two headers need to be specified: * `content-type: + application/zip` * `x-goog-content-length-range: 0,1073741824` And this + header SHOULD NOT be specified: * `Authorization: Bearer YOUR_TOKEN` + operationId: apigee.organizations.environments.archiveDeployments.generateUploadUrl requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + $ref: '#/components/schemas/GoogleCloudApigeeV1GenerateUploadUrlRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20784,7 +21841,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1GenerateUploadUrlResponse parameters: - in: path name: organizationsId @@ -20792,15 +21850,15 @@ paths: schema: type: string - in: path - name: spacesId + name: environmentsId required: true schema: type: string - /v1/organizations/{organizationsId}/spaces/{spacesId}:getIamPolicy: + /v1/organizations/{organizationsId}/environments/{environmentsId}/deployedConfig: parameters: *ref_1 get: - description: Callers must have apigee.spaces.getIamPolicy. - operationId: apigee.organizations.spaces.getIamPolicy + description: Gets the deployed configuration for an environment. + operationId: apigee.organizations.environments.getDeployedConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20812,7 +21870,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleCloudApigeeV1EnvironmentConfig' parameters: - in: path name: organizationsId @@ -20820,25 +21878,17 @@ paths: schema: type: string - in: path - name: spacesId + name: environmentsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/organizations/{organizationsId}/spaces/{spacesId}:testIamPermissions: + /v1/organizations/{organizationsId}/environments/{environmentsId}/securityActionsConfig: parameters: *ref_1 - post: - description: Callers don't need any permissions. - operationId: apigee.organizations.spaces.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' + get: + description: >- + GetSecurityActionConfig returns the current SecurityActions + configuration. + operationId: apigee.organizations.environments.getSecurityActionsConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20850,7 +21900,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityActionsConfig' parameters: - in: path name: organizationsId @@ -20858,21 +21908,21 @@ paths: schema: type: string - in: path - name: spacesId + name: environmentsId required: true schema: type: string - /v1/organizations/{organizationsId}/hostStats/{hostStatsId}: - parameters: *ref_1 - get: + patch: description: >- - Retrieve metrics grouped by dimensions in host level. The types of - metrics you can retrieve include traffic, message counts, API call - latency, response size, and cache hits and counts. Dimensions let you - view metrics in meaningful groups. You can optionally pass dimensions as - path parameters to the `stats` API. If dimensions are not specified, the - metrics are computed on the entire set of data for the given time range. - operationId: apigee.organizations.hostStats.get + UpdateSecurityActionConfig updates the current SecurityActions + configuration. This method is used to enable/disable the feature at the + environment level. + operationId: apigee.organizations.environments.updateSecurityActionsConfig + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityActionsConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20884,7 +21934,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Stats' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityActionsConfig' parameters: - in: path name: organizationsId @@ -20892,71 +21942,20 @@ paths: schema: type: string - in: path - name: hostStatsId + name: environmentsId required: true schema: type: string - in: query - name: select - schema: - type: string - - in: query - name: timeUnit - schema: - type: string - - in: query - name: timeRange - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: sort - schema: - type: string - - in: query - name: sortby - schema: - type: string - - in: query - name: limit - schema: - type: string - - in: query - name: offset - schema: - type: string - - in: query - name: topk - schema: - type: string - - in: query - name: tsAscending - schema: - type: boolean - - in: query - name: realtime - schema: - type: boolean - - in: query - name: tzo - schema: - type: string - - in: query - name: accuracy - schema: - type: string - - in: query - name: envgroupHostname + name: updateMask schema: type: string - /v1/organizations/{organizationsId}/optimizedHostStats/{optimizedHostStatsId}: + format: google-fieldmask + /v1/organizations/{organizationsId}/environments/{environmentsId}/debugmask: parameters: *ref_1 get: - description: Similar to GetHostStats except that the response is less verbose. - operationId: apigee.organizations.optimizedHostStats.get + description: Gets the debug mask singleton resource for an environment. + operationId: apigee.organizations.environments.getDebugmask security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -20968,7 +21967,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1OptimizedStats' + $ref: '#/components/schemas/GoogleCloudApigeeV1DebugMask' parameters: - in: path name: organizationsId @@ -20976,94 +21975,18 @@ paths: schema: type: string - in: path - name: optimizedHostStatsId + name: environmentsId required: true schema: type: string - - in: query - name: select - schema: - type: string - - in: query - name: timeUnit - schema: - type: string - - in: query - name: timeRange - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: sort - schema: - type: string - - in: query - name: sortby - schema: - type: string - - in: query - name: limit - schema: - type: string - - in: query - name: offset - schema: - type: string - - in: query - name: topk - schema: - type: string - - in: query - name: tsAscending - schema: - type: boolean - - in: query - name: realtime - schema: - type: boolean - - in: query - name: tzo - schema: - type: string - - in: query - name: accuracy - schema: - type: string - - in: query - name: envgroupHostname - schema: - type: string - /v1/organizations/{organizationsId}/apiproducts: - parameters: *ref_1 - post: - description: >- - Creates an API product in an organization. You create API products after - you have proxied backend services using API proxies. An API product is a - collection of API resources combined with quota settings and metadata - that you can use to deliver customized and productized API bundles to - your developer community. This metadata can include: - Scope - - Environments - API proxies - Extensible profile API products enable you - repackage APIs on the fly, without having to do any additional coding or - configuration. Apigee recommends that you start with a simple API - product including only required elements. You then provision credentials - to apps to enable them to start testing your APIs. After you have - authentication and authorization working against a simple API product, - you can iterate to create finer-grained API products, defining different - sets of API resources for each API product. **WARNING:** - If you don't - specify an API proxy in the request body, *any* app associated with the - product can make calls to *any* API in your entire organization. - If - you don't specify an environment in the request body, the product allows - access to all environments. For more information, see What is an API - product? - operationId: apigee.organizations.apiproducts.create + patch: + description: Updates the debug mask singleton resource for an environment. + operationId: apigee.organizations.environments.updateDebugmask requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProduct' + $ref: '#/components/schemas/GoogleCloudApigeeV1DebugMask' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21075,23 +21998,41 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProduct' + $ref: '#/components/schemas/GoogleCloudApigeeV1DebugMask' parameters: - in: path name: organizationsId required: true schema: type: string - get: + - in: path + name: environmentsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: replaceRepeatedFields + schema: + type: boolean + /v1/organizations/{organizationsId}/environments/{environmentsId}/traceConfig: + parameters: *ref_1 + patch: description: >- - Lists all API product names for an organization. Filter the list by - passing an `attributename` and `attibutevalue`. The maximum number of - API products returned is 1000. You can paginate the list of API products - returned using the `startKey` and `count` query parameters. If the - resource has the `space` attribute set, the response may not return all - resources. To learn more, read the [Apigee Spaces - Overview](https://cloud.google.com/apigee/docs/api-platform/system-administration/spaces/apigee-spaces-overview). - operationId: apigee.organizations.apiproducts.list + Updates the trace configurations in an environment. Note that the + repeated fields have replace semantics when included in the field mask + and that they will be overwritten by the value of the fields in the + request body. + operationId: apigee.organizations.environments.updateTraceConfig + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21103,52 +22044,26 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListApiProductsResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfig' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: attributename - schema: - type: string - - in: query - name: attributevalue - schema: - type: string - - in: query - name: expand - schema: - type: boolean - - in: query - name: startKey - schema: - type: string - - in: query - name: count + - in: path + name: environmentsId + required: true schema: type: string - format: int64 - in: query - name: space + name: updateMask schema: type: string - /v1/organizations/{organizationsId}/apiproducts/{apiproductsId}: - parameters: *ref_1 - delete: - description: >- - Deletes an API product from an organization. Deleting an API product - causes app requests to the resource URIs defined in the API product to - fail. Ensure that you create a new API product to serve existing apps, - unless your intention is to disable access to the resources defined in - the API product. The API product name required in the request URL is the - internal name of the product, not the display name. While they may be - the same, it depends on whether the API product was created via the UI - or the API. View the list of API products to verify the internal name. - operationId: apigee.organizations.apiproducts.delete + format: google-fieldmask + get: + description: Get distributed trace configuration in an environment. + operationId: apigee.organizations.environments.getTraceConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21160,7 +22075,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProduct' + $ref: '#/components/schemas/GoogleCloudApigeeV1TraceConfig' parameters: - in: path name: organizationsId @@ -21168,18 +22083,18 @@ paths: schema: type: string - in: path - name: apiproductsId + name: environmentsId required: true schema: type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/apiSecurityRuntimeConfig: + parameters: *ref_1 get: description: >- - Gets configuration details for an API product. The API product name - required in the request URL is the internal name of the product, not the - display name. While they may be the same, it depends on whether the API - product was created via the UI or the API. View the list of API products - to verify the internal name. - operationId: apigee.organizations.apiproducts.get + Gets the API Security runtime configuration for an environment. This + named ApiSecurityRuntimeConfig to prevent conflicts with + ApiSecurityConfig from addon config. + operationId: apigee.organizations.environments.getApiSecurityRuntimeConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21191,7 +22106,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProduct' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ApiSecurityRuntimeConfig parameters: - in: path name: organizationsId @@ -21199,25 +22115,26 @@ paths: schema: type: string - in: path - name: apiproductsId + name: environmentsId required: true schema: type: string - put: + /v1/organizations/{organizationsId}/environments/{environmentsId}: + parameters: *ref_1 + post: description: >- - Updates an existing API product. You must include all required values, - whether or not you are updating them, as well as any optional values - that you are updating. The API product name required in the request URL - is the internal name of the product, not the display name. While they - may be the same, it depends on whether the API product was created via - UI or API. View the list of API products to identify their internal - names. - operationId: apigee.organizations.apiproducts.update + Updates an existing environment. When updating properties, you must pass + all existing properties to the API, even if they are not being changed. + If you omit properties from the payload, the properties are removed. To + get the current list of properties for the environment, use the [Get + Environment API](get). **Note**: Both `PUT` and `POST` methods are + supported for updating an existing environment. + operationId: apigee.organizations.environments.updateEnvironment requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProduct' + $ref: '#/components/schemas/GoogleCloudApigeeV1Environment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21229,7 +22146,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProduct' + $ref: '#/components/schemas/GoogleCloudApigeeV1Environment' parameters: - in: path name: organizationsId @@ -21237,20 +22154,13 @@ paths: schema: type: string - in: path - name: apiproductsId + name: environmentsId required: true schema: type: string - /v1/organizations/{organizationsId}/apiproducts/{apiproductsId}:move: - parameters: *ref_1 - post: - description: Moves an API product to a different space. - operationId: apigee.organizations.apiproducts.move - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1MoveApiProductRequest' + get: + description: Gets environment details. + operationId: apigee.organizations.environments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21262,7 +22172,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProduct' + $ref: '#/components/schemas/GoogleCloudApigeeV1Environment' parameters: - in: path name: organizationsId @@ -21270,31 +22180,24 @@ paths: schema: type: string - in: path - name: apiproductsId + name: environmentsId required: true schema: type: string - /v1/organizations/{organizationsId}/apiproducts/{apiproductsId}/attributes: - parameters: *ref_1 - post: + put: description: >- - Updates or creates API product attributes. This API **replaces** the - current list of attributes with the attributes specified in the request - body. In this way, you can update existing attributes, add new - attributes, or delete existing attributes by omitting them from the - request body. **Note**: OAuth access tokens and Key Management Service - (KMS) entities (apps, developers, and API products) are cached for 180 - seconds (current default). Any custom attributes associated with - entities also get cached for at least 180 seconds after entity is - accessed during runtime. In this case, the `ExpiresIn` element on the - OAuthV2 policy won't be able to expire an access token in less than 180 - seconds. - operationId: apigee.organizations.apiproducts.attributes + Updates an existing environment. When updating properties, you must pass + all existing properties to the API, even if they are not being changed. + If you omit properties from the payload, the properties are removed. To + get the current list of properties for the environment, use the [Get + Environment API](get). **Note**: Both `PUT` and `POST` methods are + supported for updating an existing environment. + operationId: apigee.organizations.environments.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' + $ref: '#/components/schemas/GoogleCloudApigeeV1Environment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21306,7 +22209,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' + $ref: '#/components/schemas/GoogleCloudApigeeV1Environment' parameters: - in: path name: organizationsId @@ -21314,13 +22217,17 @@ paths: schema: type: string - in: path - name: apiproductsId + name: environmentsId required: true schema: type: string - get: - description: Lists all API product attributes. - operationId: apigee.organizations.apiproducts.attributes.list + delete: + description: >- + Deletes an environment from an organization. **Warning: You must delete + all key value maps and key value entries before you delete an + environment.** Otherwise, if you re-create the environment the key value + map entry operations will encounter encryption/decryption discrepancies. + operationId: apigee.organizations.environments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21332,7 +22239,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -21340,15 +22247,20 @@ paths: schema: type: string - in: path - name: apiproductsId + name: environmentsId required: true schema: type: string - /v1/organizations/{organizationsId}/apiproducts/{apiproductsId}/attributes/{attributesId}: - parameters: *ref_1 - get: - description: Gets the value of an API product attribute. - operationId: apigee.organizations.apiproducts.attributes.get + patch: + description: >- + Updates properties for an Apigee environment with patch semantics using + a field mask. **Note:** Not supported for Apigee hybrid. + operationId: apigee.organizations.environments.modifyEnvironment + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1Environment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21360,7 +22272,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -21368,30 +22280,31 @@ paths: schema: type: string - in: path - name: apiproductsId + name: environmentsId required: true schema: type: string - - in: path - name: attributesId - required: true + - in: query + name: updateMask schema: type: string + format: google-fieldmask + /v1/organizations/{organizationsId}/environments/{environmentsId}:setIamPolicy: + parameters: *ref_1 post: description: >- - Updates the value of an API product attribute. **Note**: OAuth access - tokens and Key Management Service (KMS) entities (apps, developers, and - API products) are cached for 180 seconds (current default). Any custom - attributes associated with entities also get cached for at least 180 - seconds after entity is accessed during runtime. In this case, the - `ExpiresIn` element on the OAuthV2 policy won't be able to expire an - access token in less than 180 seconds. - operationId: apigee.organizations.apiproducts.attributes.updateApiProductAttribute + Sets the IAM policy on an environment, if the policy already exists it + will be replaced. For more information, see [Manage users, roles, and + permissions using the + API](https://cloud.google.com/apigee/docs/api-platform/system-administration/manage-users-roles). + You must have the `apigee.environments.setIamPolicy` permission to call + this API. + operationId: apigee.organizations.environments.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21403,7 +22316,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: organizationsId @@ -21411,18 +22324,24 @@ paths: schema: type: string - in: path - name: apiproductsId - required: true - schema: - type: string - - in: path - name: attributesId + name: environmentsId required: true schema: type: string - delete: - description: Deletes an API product attribute. - operationId: apigee.organizations.apiproducts.attributes.delete + /v1/organizations/{organizationsId}/environments/{environmentsId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Tests the permissions of a user on an environment, and returns a subset + of permissions that the user has on the environment. If the environment + does not exist, an empty permission set is returned (a NOT_FOUND error + is not returned). + operationId: apigee.organizations.environments.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21434,7 +22353,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: organizationsId @@ -21442,35 +22361,20 @@ paths: schema: type: string - in: path - name: apiproductsId - required: true - schema: - type: string - - in: path - name: attributesId + name: environmentsId required: true schema: type: string - /v1/organizations/{organizationsId}/apiproducts/{apiproductsId}/rateplans: + /v1/organizations/{organizationsId}/environments: parameters: *ref_1 post: - description: >- - Create a rate plan that is associated with an API product in an - organization. Using rate plans, API product owners can monetize their - API products by configuring one or more of the following: - Billing - frequency - Initial setup fees for using an API product - Payment - funding model (postpaid only) - Fixed recurring or consumption-based - charges for using an API product - Revenue sharing with developer - partners An API product can have multiple rate plans associated with it - but *only one* rate plan can be active at any point of time. **Note: - From the developer's perspective, they purchase API products not rate - plans. - operationId: apigee.organizations.apiproducts.rateplans.create + description: Creates an environment in an organization. + operationId: apigee.organizations.environments.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1RatePlan' + $ref: '#/components/schemas/GoogleCloudApigeeV1Environment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21482,21 +22386,22 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1RatePlan' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: apiproductsId - required: true + - in: query + name: name schema: type: string + /v1/organizations/{organizationsId}/environments/{environmentsId}/addonsConfig: + parameters: *ref_1 get: - description: Lists all the rate plans for an API product. - operationId: apigee.organizations.apiproducts.rateplans.list + description: Gets the add-ons config of an environment. + operationId: apigee.organizations.environments.getAddonsConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21508,7 +22413,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ListRatePlansResponse' + $ref: '#/components/schemas/GoogleCloudApigeeV1AddonsConfig' parameters: - in: path name: organizationsId @@ -21516,36 +22421,18 @@ paths: schema: type: string - in: path - name: apiproductsId + name: environmentsId required: true schema: type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: startKey - schema: - type: string - - in: query - name: count - schema: - type: integer - format: int32 - - in: query - name: expand - schema: - type: boolean - - in: query - name: state - schema: - type: string - /v1/organizations/{organizationsId}/apiproducts/{apiproductsId}/rateplans/{rateplansId}: + /v1/organizations/{organizationsId}/environments/{environmentsId}:subscribe: parameters: *ref_1 - get: - description: Gets the details of a rate plan. - operationId: apigee.organizations.apiproducts.rateplans.get + post: + description: >- + Creates a subscription for the environment's Pub/Sub topic. The server + will assign a random name for this subscription. The "name" and + "push_config" must *not* be specified. + operationId: apigee.organizations.environments.subscribe security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21557,7 +22444,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1RatePlan' + $ref: '#/components/schemas/GoogleCloudApigeeV1Subscription' parameters: - in: path name: organizationsId @@ -21565,23 +22452,20 @@ paths: schema: type: string - in: path - name: apiproductsId - required: true - schema: - type: string - - in: path - name: rateplansId + name: environmentsId required: true schema: type: string - put: - description: Updates an existing rate plan. - operationId: apigee.organizations.apiproducts.rateplans.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1RatePlan' + /v1/organizations/{organizationsId}/environments/{environmentsId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the IAM policy on an environment. For more information, see [Manage + users, roles, and permissions using the + API](https://cloud.google.com/apigee/docs/api-platform/system-administration/manage-users-roles). + You must have the `apigee.environments.getIamPolicy` permission to call + this API. + operationId: apigee.organizations.environments.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21593,7 +22477,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1RatePlan' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: organizationsId @@ -21601,18 +22485,25 @@ paths: schema: type: string - in: path - name: apiproductsId + name: environmentsId required: true schema: type: string - - in: path - name: rateplansId - required: true + - in: query + name: options.requestedPolicyVersion schema: - type: string - delete: - description: Deletes a rate plan. - operationId: apigee.organizations.apiproducts.rateplans.delete + type: integer + format: int32 + /v1/organizations/{organizationsId}/environments/{environmentsId}:unsubscribe: + parameters: *ref_1 + post: + description: Deletes a subscription for the environment's Pub/Sub topic. + operationId: apigee.organizations.environments.unsubscribe + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1Subscription' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21624,7 +22515,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1RatePlan' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -21632,20 +22523,27 @@ paths: schema: type: string - in: path - name: apiproductsId - required: true - schema: - type: string - - in: path - name: rateplansId + name: environmentsId required: true schema: type: string - /v1/organizations/{organizationsId}/apps/{appsId}: + /v1/organizations/{organizationsId}/reports: parameters: *ref_1 - get: - description: Gets the app profile for the specified app ID. - operationId: apigee.organizations.apps.get + post: + description: >- + Creates a Custom Report for an Organization. A Custom Report provides + Apigee Customers to create custom dashboards in addition to the standard + dashboards which are provided. The Custom Report in its simplest form + contains specifications about metrics, dimensions and filters. It is + important to note that the custom report by itself does not provide an + executable entity. The Edge UI converts the custom report definition + into an analytics query and displays the result in a chart. + operationId: apigee.organizations.reports.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1CustomReport' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21657,26 +22555,16 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1App' + $ref: '#/components/schemas/GoogleCloudApigeeV1CustomReport' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: appsId - required: true - schema: - type: string - /v1/organizations/{organizationsId}/apps: - parameters: *ref_1 get: - description: >- - Lists IDs of apps within an organization that have the specified app - status (approved or revoked) or are of the specified app type (developer - or company). - operationId: apigee.organizations.apps.list + description: Return a list of Custom Reports + operationId: apigee.organizations.reports.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21688,77 +22576,54 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ListAppsResponse' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListCustomReportsResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: status - schema: - type: string - - in: query - name: apptype - schema: - type: string - - in: query - name: includeCred - schema: - type: boolean - - in: query - name: startKey - schema: - type: string - - in: query - name: rows - schema: - type: string - format: int64 - in: query name: expand schema: type: boolean - - in: query - name: ids - schema: - type: string - - in: query - name: keyStatus - schema: - type: string - - in: query - name: apiProduct - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - /v1/organizations/{organizationsId}/hostQueries: + /v1/organizations/{organizationsId}/reports/{reportsId}: parameters: *ref_1 - post: - description: >- - Submit a query at host level to be processed in the background. If the - submission of the query succeeds, the API returns a 201 status and an ID - that refer to the query. In addition to the HTTP status 201, the `state` - of "enqueued" means that the request succeeded. - operationId: apigee.organizations.hostQueries.create + get: + description: Retrieve a custom report definition. + operationId: apigee.organizations.reports.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1CustomReport' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + - in: path + name: reportsId + required: true + schema: + type: string + put: + description: Update an existing custom report definition + operationId: apigee.organizations.reports.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Query' + $ref: '#/components/schemas/GoogleCloudApigeeV1CustomReport' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21770,16 +22635,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AsyncQuery' + $ref: '#/components/schemas/GoogleCloudApigeeV1CustomReport' parameters: - in: path name: organizationsId required: true schema: type: string - get: - description: Return a list of Asynchronous Queries at host level. - operationId: apigee.organizations.hostQueries.list + - in: path + name: reportsId + required: true + schema: + type: string + delete: + description: Deletes an existing custom report definition + operationId: apigee.organizations.reports.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21792,49 +22662,107 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListAsyncQueriesResponse + #/components/schemas/GoogleCloudApigeeV1DeleteCustomReportResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: submittedBy + - in: path + name: reportsId + required: true schema: type: string - - in: query - name: status + /v1/organizations/{organizationsId}/appgroups/{appgroupsId}/apps/{appsId}: + parameters: *ref_1 + put: + description: >- + Updates the details for an AppGroup app. In addition, you can add an API + product to an AppGroup app and automatically generate an API key for the + app to use when calling APIs in the API product. If you want to use an + existing API key for the API product, add the API product to the API key + using the UpdateAppGroupAppKey API. Using this API, you cannot update + the app name, as it is the primary key used to identify the app and + cannot be changed. This API replaces the existing attributes with those + specified in the request. Include or exclude any existing attributes + that you want to retain or delete, respectively. + operationId: apigee.organizations.appgroups.apps.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupApp' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupApp' + parameters: + - in: path + name: organizationsId + required: true schema: type: string - - in: query - name: from + - in: path + name: appgroupsId + required: true schema: type: string - - in: query - name: to + - in: path + name: appsId + required: true schema: type: string - in: query - name: dataset + name: action schema: type: string - - in: query - name: inclQueriesWithoutReport + delete: + description: >- + Deletes an AppGroup app. **Note**: The delete operation is asynchronous. + The AppGroup app is deleted immediately, but its associated resources, + such as app keys or access tokens, may take anywhere from a few seconds + to a few minutes to be deleted. + operationId: apigee.organizations.appgroups.apps.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupApp' + parameters: + - in: path + name: organizationsId + required: true schema: type: string - - in: query - name: envgroupHostname + - in: path + name: appgroupsId + required: true + schema: + type: string + - in: path + name: appsId + required: true schema: type: string - /v1/organizations/{organizationsId}/hostQueries/{hostQueriesId}: - parameters: *ref_1 get: - description: >- - Get status of a query submitted at host level. If the query is still in - progress, the `state` is set to "running" After the query has completed - successfully, `state` is set to "completed" - operationId: apigee.organizations.hostQueries.get + description: Returns the details for an AppGroup app. + operationId: apigee.organizations.appgroups.apps.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21846,7 +22774,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AsyncQuery' + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupApp' parameters: - in: path name: organizationsId @@ -21854,20 +22782,25 @@ paths: schema: type: string - in: path - name: hostQueriesId + name: appgroupsId required: true schema: type: string - /v1/organizations/{organizationsId}/hostQueries/{hostQueriesId}/result: + - in: path + name: appsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/appgroups/{appgroupsId}/apps: parameters: *ref_1 get: description: >- - After the query is completed, use this API to retrieve the results. If - the request succeeds, and there is a non-zero result set, the result is - downloaded to the client as a zipped JSON file. The name of the - downloaded file will be: OfflineQueryResult-.zip Example: - `OfflineQueryResult-9cfc0d85-0f30-46d6-ae6f-318d0cb961bd.zip` - operationId: apigee.organizations.hostQueries.getResult + Lists all apps created by an AppGroup in an Apigee organization. + Optionally, you can request an expanded view of the AppGroup apps. Lists + all AppGroupApps in an AppGroup. A maximum of 1000 AppGroup apps are + returned in the response if PageSize is not specified, or if the + PageSize is greater than 1000. + operationId: apigee.organizations.appgroups.apps.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21879,7 +22812,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListAppGroupAppsResponse parameters: - in: path name: organizationsId @@ -21887,15 +22821,32 @@ paths: schema: type: string - in: path - name: hostQueriesId + name: appgroupsId required: true schema: type: string - /v1/organizations/{organizationsId}/hostQueries/{hostQueriesId}/resultView: - parameters: *ref_1 - get: - description: '' - operationId: apigee.organizations.hostQueries.getResultView + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: >- + Creates an app and associates it with an AppGroup. This API associates + the AppGroup app with the specified API product and auto-generates an + API key for the app to use in calls to API proxies inside that API + product. The `name` is the unique ID of the app that you can use in API + calls. + operationId: apigee.organizations.appgroups.apps.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupApp' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21907,7 +22858,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AsyncQueryResultView' + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupApp' parameters: - in: path name: organizationsId @@ -21915,27 +22866,28 @@ paths: schema: type: string - in: path - name: hostQueriesId + name: appgroupsId required: true schema: type: string - /v1/organizations/{organizationsId}/reports: + /v1/organizations/{organizationsId}/appgroups/{appgroupsId}/apps/{appsId}/keys/{keysId}: parameters: *ref_1 post: description: >- - Creates a Custom Report for an Organization. A Custom Report provides - Apigee Customers to create custom dashboards in addition to the standard - dashboards which are provided. The Custom Report in its simplest form - contains specifications about metrics, dimensions and filters. It is - important to note that the custom report by itself does not provide an - executable entity. The Edge UI converts the custom report definition - into an analytics query and displays the result in a chart. - operationId: apigee.organizations.reports.create + Adds an API product to an AppGroupAppKey, enabling the app that holds + the key to access the API resources bundled in the API product. In + addition, you can add attributes and scopes to the AppGroupAppKey. This + API replaces the existing attributes with those specified in the + request. Include or exclude any existing attributes that you want to + retain or delete, respectively. You can use the same key to access all + API products associated with the app. + operationId: apigee.organizations.appgroups.apps.keys.updateAppGroupAppKey requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1CustomReport' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1UpdateAppGroupAppKeyRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21947,16 +22899,34 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1CustomReport' + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupAppKey' parameters: - in: path name: organizationsId required: true schema: type: string - get: - description: Return a list of Custom Reports - operationId: apigee.organizations.reports.list + - in: path + name: appgroupsId + required: true + schema: + type: string + - in: path + name: appsId + required: true + schema: + type: string + - in: path + name: keysId + required: true + schema: + type: string + delete: + description: >- + Deletes an app's consumer key and removes all API products associated + with the app. After the consumer key is deleted, it cannot be used to + access any APIs. + operationId: apigee.organizations.appgroups.apps.keys.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21968,23 +22938,33 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListCustomReportsResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupAppKey' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: expand + - in: path + name: appgroupsId + required: true schema: - type: boolean - /v1/organizations/{organizationsId}/reports/{reportsId}: - parameters: *ref_1 - get: - description: Retrieve a custom report definition. - operationId: apigee.organizations.reports.get + type: string + - in: path + name: appsId + required: true + schema: + type: string + - in: path + name: keysId + required: true + schema: + type: string + get: + description: >- + Gets details for a consumer key for a AppGroup app, including the key + and secret value, associated API products, and other information. + operationId: apigee.organizations.appgroups.apps.keys.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -21996,7 +22976,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1CustomReport' + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupAppKey' parameters: - in: path name: organizationsId @@ -22004,18 +22984,42 @@ paths: schema: type: string - in: path - name: reportsId + name: appgroupsId required: true schema: type: string - put: - description: Update an existing custom report definition - operationId: apigee.organizations.reports.update + - in: path + name: appsId + required: true + schema: + type: string + - in: path + name: keysId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/appgroups/{appgroupsId}/apps/{appsId}/keys: + parameters: *ref_1 + post: + description: >- + Creates a custom consumer key and secret for a AppGroup app. This is + particularly useful if you want to migrate existing consumer keys and + secrets to Apigee from another system. Consumer keys and secrets can + contain letters, numbers, underscores, and hyphens. No other special + characters are allowed. To avoid service disruptions, a consumer key and + secret should not exceed 2 KBs each. **Note**: When creating the + consumer key and secret, an association to API products will not be + made. Therefore, you should not specify the associated API products in + your request. Instead, use the UpdateAppGroupAppKey API to make the + association after the consumer key and secret are created. If a consumer + key and secret already exist, you can keep them or delete them using the + DeleteAppGroupAppKey API. + operationId: apigee.organizations.appgroups.apps.keys.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1CustomReport' + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupAppKey' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22027,7 +23031,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1CustomReport' + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupAppKey' parameters: - in: path name: organizationsId @@ -22035,13 +23039,24 @@ paths: schema: type: string - in: path - name: reportsId + name: appgroupsId + required: true + schema: + type: string + - in: path + name: appsId required: true schema: type: string + /v1/organizations/{organizationsId}/appgroups/{appgroupsId}/apps/{appsId}/keys/{keysId}/apiproducts/{apiproductsId}: + parameters: *ref_1 delete: - description: Deletes an existing custom report definition - operationId: apigee.organizations.reports.delete + description: >- + Removes an API product from an app's consumer key. After the API product + is removed, the app cannot access the API resources defined in that API + product. **Note**: The consumer key is not removed, only its association + with the API product. + operationId: apigee.organizations.appgroups.apps.keys.apiproducts.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22053,8 +23068,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1DeleteCustomReportResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupAppKey' parameters: - in: path name: organizationsId @@ -22062,20 +23076,35 @@ paths: schema: type: string - in: path - name: reportsId + name: appgroupsId + required: true + schema: + type: string + - in: path + name: appsId + required: true + schema: + type: string + - in: path + name: keysId + required: true + schema: + type: string + - in: path + name: apiproductsId required: true schema: type: string - /v1/organizations/{organizationsId}/analytics/datastores: - parameters: *ref_1 post: - description: Create a Datastore for an org - operationId: apigee.organizations.analytics.datastores.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Datastore' + description: >- + Approves or revokes the consumer key for an API product. After a + consumer key is approved, the app can use it to access APIs. A consumer + key that is revoked or pending cannot be used to access an API. Any + access tokens associated with a revoked consumer key will remain active. + However, Apigee checks the status of the consumer key and if set to + `revoked` will not allow access to the API. + operationId: >- + apigee.organizations.appgroups.apps.keys.apiproducts.updateAppGroupAppKeyApiProduct security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22087,16 +23116,44 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Datastore' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId required: true schema: type: string + - in: path + name: appgroupsId + required: true + schema: + type: string + - in: path + name: appsId + required: true + schema: + type: string + - in: path + name: keysId + required: true + schema: + type: string + - in: path + name: apiproductsId + required: true + schema: + type: string + - in: query + name: action + schema: + type: string + /v1/organizations/{organizationsId}/appgroups/{appgroupsId}: + parameters: *ref_1 get: - description: List Datastores - operationId: apigee.organizations.analytics.datastores.list + description: >- + Returns the AppGroup details for the provided AppGroup name in the + request URI. + operationId: apigee.organizations.appgroups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22108,30 +23165,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ListDatastoresResponse' + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroup' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: targetType + - in: path + name: appgroupsId + required: true schema: type: string - /v1/organizations/{organizationsId}/analytics/datastores:test: - parameters: *ref_1 - post: + put: description: >- - Test if Datastore configuration is correct. This includes checking if - credentials provided by customer have required permissions in target - destination storage - operationId: apigee.organizations.analytics.datastores.test + Updates an AppGroup. This API replaces the existing AppGroup details + with those specified in the request. Include or exclude any existing + details that you want to retain or delete, respectively. Note that the + state of the AppGroup should be updated using `action`, and not via + AppGroup. + operationId: apigee.organizations.appgroups.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Datastore' + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22143,44 +23201,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1TestDatastoreResponse' + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroup' parameters: - in: path name: organizationsId required: true schema: type: string - /v1/organizations/{organizationsId}/analytics/datastores/{datastoresId}: - parameters: *ref_1 - delete: - description: Delete a Datastore from an org. - operationId: apigee.organizations.analytics.datastores.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' - parameters: - in: path - name: organizationsId + name: appgroupsId required: true schema: type: string - - in: path - name: datastoresId - required: true + - in: query + name: action schema: type: string - get: - description: Get a Datastore - operationId: apigee.organizations.analytics.datastores.get + delete: + description: >- + Deletes an AppGroup. All app and API keys associations with the AppGroup + are also removed. **Warning**: This API will permanently delete the + AppGroup and related artifacts. **Note**: The delete operation is + asynchronous. The AppGroup is deleted immediately, but its associated + resources, such as apps and API keys, may take anywhere from a few + seconds to a few minutes to be deleted. + operationId: apigee.organizations.appgroups.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22192,7 +23237,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Datastore' + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroup' parameters: - in: path name: organizationsId @@ -22200,18 +23245,18 @@ paths: schema: type: string - in: path - name: datastoresId + name: appgroupsId required: true schema: type: string - put: - description: Update a Datastore - operationId: apigee.organizations.analytics.datastores.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Datastore' + /v1/organizations/{organizationsId}/appgroups: + parameters: *ref_1 + get: + description: >- + Lists all AppGroups in an organization. A maximum of 1000 AppGroups are + returned in the response if PageSize is not specified, or if the + PageSize is greater than 1000. + operationId: apigee.organizations.appgroups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22223,31 +23268,37 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Datastore' + $ref: '#/components/schemas/GoogleCloudApigeeV1ListAppGroupsResponse' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: datastoresId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter schema: type: string - /v1/organizations/{organizationsId}/developers: - parameters: *ref_1 post: description: >- - Creates a developer. Once created, the developer can register an app and - obtain an API key. At creation time, a developer is set as `active`. To - change the developer status, use the SetDeveloperStatus API. - operationId: apigee.organizations.developers.create + Creates an AppGroup. Once created, user can register apps under the + AppGroup to obtain secret key and password. At creation time, the + AppGroup's state is set as `active`. + operationId: apigee.organizations.appgroups.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Developer' + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22259,22 +23310,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Developer' + $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroup' parameters: - in: path name: organizationsId required: true schema: type: string + /v1/organizations/{organizationsId}/optimizedHostStats/{optimizedHostStatsId}: + parameters: *ref_1 get: - description: >- - Lists all developers in an organization by email address. By default, - the response does not include company developers. Set the - `includeCompany` query parameter to `true` to include company - developers. **Note**: A maximum of 1000 developers are returned in the - response. You paginate the list of developers returned using the - `startKey` and `count` query parameters. - operationId: apigee.organizations.developers.list + description: Similar to GetHostStats except that the response is less verbose. + operationId: apigee.organizations.optimizedHostStats.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22286,58 +23333,79 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListOfDevelopersResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1OptimizedStats' parameters: - in: path name: organizationsId required: true schema: type: string + - in: path + name: optimizedHostStatsId + required: true + schema: + type: string - in: query - name: expand + name: realtime schema: type: boolean - in: query - name: startKey + name: topk schema: type: string - in: query - name: count + name: sort schema: type: string - format: int64 - in: query - name: ids + name: tzo schema: type: string - in: query - name: includeCompany + name: offset + schema: + type: string + - in: query + name: timeUnit + schema: + type: string + - in: query + name: timeRange + schema: + type: string + - in: query + name: limit + schema: + type: string + - in: query + name: select + schema: + type: string + - in: query + name: tsAscending schema: type: boolean - in: query - name: app + name: filter schema: type: string - /v1/organizations/{organizationsId}/developers/{developersId}: + - in: query + name: accuracy + schema: + type: string + - in: query + name: sortby + schema: + type: string + - in: query + name: envgroupHostname + schema: + type: string + /v1/organizations/{organizationsId}/apps/{appsId}: parameters: *ref_1 - put: - description: >- - Updates a developer. This API replaces the existing developer details - with those specified in the request. Include or exclude any existing - details that you want to retain or delete, respectively. The custom - attribute limit is 18. **Note**: OAuth access tokens and Key Management - Service (KMS) entities (apps, developers, and API products) are cached - for 180 seconds (current default). Any custom attributes associated with - these entities are cached for at least 180 seconds after the entity is - accessed at runtime. Therefore, an `ExpiresIn` element on the OAuthV2 - policy won't be able to expire an access token in less than 180 seconds. - operationId: apigee.organizations.developers.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Developer' + get: + description: Gets the app profile for the specified app ID. + operationId: apigee.organizations.apps.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22349,7 +23417,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Developer' + $ref: '#/components/schemas/GoogleCloudApigeeV1App' parameters: - in: path name: organizationsId @@ -22357,16 +23425,18 @@ paths: schema: type: string - in: path - name: developersId + name: appsId required: true schema: type: string + /v1/organizations/{organizationsId}/apps: + parameters: *ref_1 get: description: >- - Returns the developer details, including the developer's name, email - address, apps, and other information. **Note**: The response includes - only the first 100 developer apps. - operationId: apigee.organizations.developers.get + Lists IDs of apps within an organization that have the specified app + status (approved or revoked) or are of the specified app type (developer + or company). + operationId: apigee.organizations.apps.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22378,33 +23448,68 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Developer' + $ref: '#/components/schemas/GoogleCloudApigeeV1ListAppsResponse' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: developersId - required: true + - in: query + name: apptype schema: type: string - in: query - name: action + name: startKey schema: type: string - delete: - description: >- - Deletes a developer. All apps and API keys associated with the developer - are also removed. **Warning**: This API will permanently delete the - developer and related artifacts. To avoid permanently deleting - developers and their artifacts, set the developer status to `inactive` - using the SetDeveloperStatus API. **Note**: The delete operation is - asynchronous. The developer is deleted immediately, but its associated - resources, such as apps and API keys, may take anywhere from a few - seconds to a few minutes to be deleted. - operationId: apigee.organizations.developers.delete + - in: query + name: keyStatus + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: includeCred + schema: + type: boolean + - in: query + name: apiProduct + schema: + type: string + - in: query + name: rows + schema: + type: string + format: int64 + - in: query + name: expand + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: ids + schema: + type: string + - in: query + name: status + schema: + type: string + /v1/organizations/{organizationsId}/deployments: + parameters: *ref_1 + get: + description: Lists all deployments of API proxies or shared flows. + operationId: apigee.organizations.deployments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22416,30 +23521,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Developer' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListDeploymentsResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: developersId - required: true + - in: query + name: sharedFlows schema: - type: string - post: - description: >- - Sets the status of a developer. A developer is `active` by default. If - you set a developer's status to `inactive`, the API keys assigned to the - developer apps are no longer valid even though the API keys are set to - `approved`. Inactive developers can still sign in to the developer - portal and create apps; however, any new API keys generated during app - creation won't work. To set the status of a developer, set the `action` - query parameter to `active` or `inactive`, and the `Content-Type` header - to `application/octet-stream`. If successful, the API call returns the - following HTTP status code: `204 No Content` - operationId: apigee.organizations.developers.setDeveloperStatus + type: boolean + /v1/organizations/{organizationsId}/securityProfiles/{securityProfilesId}: + parameters: *ref_1 + delete: + description: DeleteSecurityProfile delete a profile with all its revisions. + operationId: apigee.organizations.securityProfiles.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22459,34 +23557,18 @@ paths: schema: type: string - in: path - name: developersId + name: securityProfilesId required: true schema: type: string - - in: query - name: action - schema: - type: string - /v1/organizations/{organizationsId}/developers/{developersId}/attributes: - parameters: *ref_1 - post: - description: >- - Updates developer attributes. This API replaces the existing attributes - with those specified in the request. Add new attributes, and include or - exclude any existing attributes that you want to retain or remove, - respectively. The custom attribute limit is 18. **Note**: OAuth access - tokens and Key Management Service (KMS) entities (apps, developers, and - API products) are cached for 180 seconds (default). Any custom - attributes associated with these entities are cached for at least 180 - seconds after the entity is accessed at runtime. Therefore, an - `ExpiresIn` element on the OAuthV2 policy won't be able to expire an - access token in less than 180 seconds. - operationId: apigee.organizations.developers.attributes + patch: + description: UpdateSecurityProfile update the metadata of security profile. + operationId: apigee.organizations.securityProfiles.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfile' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22498,7 +23580,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfile' parameters: - in: path name: organizationsId @@ -22506,13 +23588,21 @@ paths: schema: type: string - in: path - name: developersId + name: securityProfilesId required: true schema: type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: Returns a list of all developer attributes. - operationId: apigee.organizations.developers.attributes.list + description: >- + GetSecurityProfile gets the specified security profile. Returns + NOT_FOUND if security profile is not present for the specified + organization. + operationId: apigee.organizations.securityProfiles.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22524,7 +23614,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfile' parameters: - in: path name: organizationsId @@ -22532,15 +23622,17 @@ paths: schema: type: string - in: path - name: developersId + name: securityProfilesId required: true schema: type: string - /v1/organizations/{organizationsId}/developers/{developersId}/monetizationConfig: + /v1/organizations/{organizationsId}/securityProfiles/{securityProfilesId}:listRevisions: parameters: *ref_1 get: - description: Gets the monetization configuration for the developer. - operationId: apigee.organizations.developers.getMonetizationConfig + description: >- + ListSecurityProfileRevisions lists all the revisions of the security + profile. + operationId: apigee.organizations.securityProfiles.listRevisions security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22553,7 +23645,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1DeveloperMonetizationConfig + #/components/schemas/GoogleCloudApigeeV1ListSecurityProfileRevisionsResponse parameters: - in: path name: organizationsId @@ -22561,19 +23653,29 @@ paths: schema: type: string - in: path - name: developersId + name: securityProfilesId required: true schema: type: string - put: - description: Updates the monetization configuration for the developer. - operationId: apigee.organizations.developers.updateMonetizationConfig + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/organizations/{organizationsId}/securityProfiles: + parameters: *ref_1 + post: + description: CreateSecurityProfile create a new custom security profile. + operationId: apigee.organizations.securityProfiles.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1DeveloperMonetizationConfig + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfile' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22585,24 +23687,22 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1DeveloperMonetizationConfig + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfile' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: developersId - required: true + - in: query + name: securityProfileId schema: type: string - /v1/organizations/{organizationsId}/developers/{developersId}/balance: - parameters: *ref_1 get: - description: Gets the account balance for the developer. - operationId: apigee.organizations.developers.getBalance + description: >- + ListSecurityProfiles lists all the security profiles associated with the + org including attached and unattached profiles. + operationId: apigee.organizations.securityProfiles.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22614,54 +23714,36 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperBalance' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListSecurityProfilesResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: developersId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/organizations/{organizationsId}/developers/{developersId}/apps/{appsId}: + /v1/organizations/{organizationsId}/securityProfiles/{securityProfilesId}/environments: parameters: *ref_1 post: description: >- - Manages access to a developer app by enabling you to: * Approve or - revoke a developer app * Generate a new consumer key and secret for a - developer app To approve or revoke a developer app, set the `action` - query parameter to `approve` or `revoke`, respectively, and the - `Content-Type` header to `application/octet-stream`. If a developer app - is revoked, none of its API keys are valid for API calls even though the - keys are still approved. If successful, the API call returns the - following HTTP status code: `204 No Content` To generate a new consumer - key and secret for a developer app, pass the new key/secret details. - Rather than replace an existing key, this API generates a new key. In - this case, multiple key pairs may be associated with a single developer - app. Each key pair has an independent status (`approve` or `revoke`) and - expiration time. Any approved, non-expired key can be used in an API - call. For example, if you're using API key rotation, you can generate - new keys with expiration times that overlap keys that are going to - expire. You might also generate a new consumer key/secret if the - security of the original key/secret is compromised. The `keyExpiresIn` - property defines the expiration time for the API key in milliseconds. If - you don't set this property or set it to `-1`, the API key never - expires. **Notes**: * When generating a new key/secret, this API - replaces the existing attributes, notes, and callback URLs with those - specified in the request. Include or exclude any existing information - that you want to retain or delete, respectively. * To migrate existing - consumer keys and secrets to hybrid from another system, see the - CreateDeveloperAppKey API. - operationId: >- - apigee.organizations.developers.apps.generateKeyPairOrUpdateDeveloperAppStatus + CreateSecurityProfileEnvironmentAssociation creates profile environment + association i.e. attaches environment to security profile. + operationId: apigee.organizations.securityProfiles.environments.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityProfileEnvironmentAssociation security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22673,7 +23755,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1SecurityProfileEnvironmentAssociation parameters: - in: path name: organizationsId @@ -22681,26 +23764,17 @@ paths: schema: type: string - in: path - name: developersId - required: true - schema: - type: string - - in: path - name: appsId + name: securityProfilesId required: true schema: type: string - - in: query - name: action - schema: - type: string + /v1/organizations/{organizationsId}/securityProfiles/{securityProfilesId}/environments/{environmentsId}: + parameters: *ref_1 delete: description: >- - Deletes a developer app. **Note**: The delete operation is asynchronous. - The developer app is deleted immediately, but its associated resources, - such as app keys or access tokens, may take anywhere from a few seconds - to a few minutes to be deleted. - operationId: apigee.organizations.developers.apps.delete + DeleteSecurityProfileEnvironmentAssociation removes profile environment + association i.e. detaches environment from security profile. + operationId: apigee.organizations.securityProfiles.environments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22712,7 +23786,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -22720,18 +23794,29 @@ paths: schema: type: string - in: path - name: developersId + name: securityProfilesId required: true schema: type: string - in: path - name: appsId + name: environmentsId required: true schema: type: string - get: - description: Returns the details for a developer app. - operationId: apigee.organizations.developers.apps.get + /v1/organizations/{organizationsId}/securityProfiles/{securityProfilesId}/environments/{environmentsId}:computeEnvironmentScores: + parameters: *ref_1 + post: + description: >- + ComputeEnvironmentScores calculates scores for requested time range for + the specified security profile and environment. + operationId: >- + apigee.organizations.securityProfiles.environments.computeEnvironmentScores + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ComputeEnvironmentScoresRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22743,7 +23828,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ComputeEnvironmentScoresResponse parameters: - in: path name: organizationsId @@ -22751,41 +23837,20 @@ paths: schema: type: string - in: path - name: developersId + name: securityProfilesId required: true schema: type: string - in: path - name: appsId + name: environmentsId required: true schema: type: string - - in: query - name: query - schema: - type: string - - in: query - name: entity - schema: - type: string - put: - description: >- - Updates the details for a developer app. In addition, you can add an API - product to a developer app and automatically generate an API key for the - app to use when calling APIs in the API product. If you want to use an - existing API key for the API product, add the API product to the API key - using the UpdateDeveloperAppKey API. Using this API, you cannot update - the following: * App name as it is the primary key used to identify the - app and cannot be changed. * Scopes associated with the app. Instead, - use the ReplaceDeveloperAppKey API. This API replaces the existing - attributes with those specified in the request. Include or exclude any - existing attributes that you want to retain or delete, respectively. - operationId: apigee.organizations.developers.apps.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' + /v1/organizations/{organizationsId}/sharedflows/{sharedflowsId}: + parameters: *ref_1 + get: + description: Gets a shared flow by name, including a list of its revisions. + operationId: apigee.organizations.sharedflows.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22797,7 +23862,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' + $ref: '#/components/schemas/GoogleCloudApigeeV1SharedFlow' parameters: - in: path name: organizationsId @@ -22805,31 +23870,15 @@ paths: schema: type: string - in: path - name: developersId - required: true - schema: - type: string - - in: path - name: appsId + name: sharedflowsId required: true schema: type: string - /v1/organizations/{organizationsId}/developers/{developersId}/apps: - parameters: *ref_1 - post: + delete: description: >- - Creates an app associated with a developer. This API associates the - developer app with the specified API product and auto-generates an API - key for the app to use in calls to API proxies inside that API product. - The `name` is the unique ID of the app that you can use in API calls. - The `DisplayName` (set as an attribute) appears in the UI. If you don't - set the `DisplayName` attribute, the `name` appears in the UI. - operationId: apigee.organizations.developers.apps.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' + Deletes a shared flow and all it's revisions. The shared flow must be + undeployed before you can delete it. + operationId: apigee.organizations.sharedflows.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22841,7 +23890,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperApp' + $ref: '#/components/schemas/GoogleCloudApigeeV1SharedFlow' parameters: - in: path name: organizationsId @@ -22849,18 +23898,19 @@ paths: schema: type: string - in: path - name: developersId + name: sharedflowsId required: true schema: type: string + /v1/organizations/{organizationsId}/sharedflows: + parameters: *ref_1 get: description: >- - Lists all apps created by a developer in an Apigee organization. - Optionally, you can request an expanded view of the developer apps. A - maximum of 100 developer apps are returned per API call. You can - paginate the list of deveoper apps returned using the `startKey` and - `count` query parameters. - operationId: apigee.organizations.developers.apps.list + Lists all shared flows in the organization. If the resource has the + `space` attribute set, the response may not return all resources. To + learn more, read the [Apigee Spaces + Overview](https://cloud.google.com/apigee/docs/api-platform/system-administration/spaces/apigee-spaces-overview). + operationId: apigee.organizations.sharedflows.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22873,47 +23923,78 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListDeveloperAppsResponse + #/components/schemas/GoogleCloudApigeeV1ListSharedFlowsResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: developersId - required: true + - in: query + name: includeMetaData schema: - type: string + type: boolean - in: query - name: expand + name: includeRevisions schema: type: boolean - in: query - name: count + name: space + schema: + type: string + post: + description: >- + Uploads a ZIP-formatted shared flow configuration bundle to an + organization. If the shared flow already exists, this creates a new + revision of it. If the shared flow does not exist, this creates it. Once + imported, the shared flow revision must be deployed before it can be + accessed at runtime. The size limit of a shared flow bundle is 15 MB. + operationId: apigee.organizations.sharedflows.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleApiHttpBody' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1SharedFlowRevision' + parameters: + - in: path + name: organizationsId + required: true schema: type: string - format: int64 - in: query - name: startKey + name: space schema: type: string - in: query - name: shallowExpand + name: action schema: - type: boolean - /v1/organizations/{organizationsId}/developers/{developersId}/apps/{appsId}/attributes: + type: string + - in: query + name: name + schema: + type: string + /v1/organizations/{organizationsId}/sharedflows/{sharedflowsId}:move: parameters: *ref_1 post: - description: >- - Updates attributes for a developer app. This API replaces the current - attributes with those specified in the request. - operationId: apigee.organizations.developers.apps.attributes + description: Moves an shared flow to a different space. + operationId: apigee.organizations.sharedflows.move requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' + $ref: '#/components/schemas/GoogleCloudApigeeV1MoveSharedFlowRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22925,7 +24006,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' + $ref: '#/components/schemas/GoogleCloudApigeeV1SharedFlow' parameters: - in: path name: organizationsId @@ -22933,18 +24014,15 @@ paths: schema: type: string - in: path - name: developersId - required: true - schema: - type: string - - in: path - name: appsId + name: sharedflowsId required: true schema: type: string + /v1/organizations/{organizationsId}/sharedflows/{sharedflowsId}/deployments: + parameters: *ref_1 get: - description: Returns a list of all developer app attributes. - operationId: apigee.organizations.developers.apps.attributes.list + description: Lists all deployments of a shared flow. + operationId: apigee.organizations.sharedflows.deployments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -22956,7 +24034,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListDeploymentsResponse parameters: - in: path name: organizationsId @@ -22964,39 +24043,17 @@ paths: schema: type: string - in: path - name: developersId - required: true - schema: - type: string - - in: path - name: appsId + name: sharedflowsId required: true schema: type: string - /v1/organizations/{organizationsId}/developers/{developersId}/apps/{appsId}/keys: + /v1/organizations/{organizationsId}/sharedflows/{sharedflowsId}/revisions/{revisionsId}: parameters: *ref_1 - post: + delete: description: >- - Creates a custom consumer key and secret for a developer app. This is - particularly useful if you want to migrate existing consumer keys and - secrets to Apigee from another system. Consumer keys and secrets can - contain letters, numbers, underscores, and hyphens. No other special - characters are allowed. To avoid service disruptions, a consumer key and - secret should not exceed 2 KBs each. **Note**: When creating the - consumer key and secret, an association to API products will not be - made. Therefore, you should not specify the associated API products in - your request. Instead, use the UpdateDeveloperAppKey API to make the - association after the consumer key and secret are created. If a consumer - key and secret already exist, you can keep them or delete them using the - DeleteDeveloperAppKey API. **Note**: All keys start out with - status=approved, even if status=revoked is passed when the key is - created. To revoke a key, use the UpdateDeveloperAppKey API. - operationId: apigee.organizations.developers.apps.keys.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' + Deletes a shared flow and all associated policies, resources, and + revisions. You must undeploy the shared flow before deleting it. + operationId: apigee.organizations.sharedflows.revisions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23008,7 +24065,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' + $ref: '#/components/schemas/GoogleCloudApigeeV1SharedFlowRevision' parameters: - in: path name: organizationsId @@ -23016,35 +24073,28 @@ paths: schema: type: string - in: path - name: developersId + name: sharedflowsId required: true schema: type: string - in: path - name: appsId + name: revisionsId required: true schema: type: string - /v1/organizations/{organizationsId}/developers/{developersId}/apps/{appsId}/keys/{keysId}: - parameters: *ref_1 post: description: >- - Adds an API product to a developer app key, enabling the app that holds - the key to access the API resources bundled in the API product. In - addition, you can add attributes and scopes associated with the API - product to the developer app key. The status of the key can be updated - via "action" Query Parameter. None of the other fields can be updated - via this API. This API replaces the existing attributes with those - specified in the request. Include or exclude any existing attributes - that you want to retain or delete, respectively. None of the other - fields can be updated. You can use the same key to access all API - products associated with the app. - operationId: apigee.organizations.developers.apps.keys.updateDeveloperAppKey + Updates a shared flow revision. This operation is only allowed on + revisions which have never been deployed. After deployment a revision + becomes immutable, even if it becomes undeployed. The payload is a + ZIP-formatted shared flow. Content type must be either + multipart/form-data or application/octet-stream. + operationId: apigee.organizations.sharedflows.revisions.updateSharedFlowRevision requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' + $ref: '#/components/schemas/GoogleApiHttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23056,7 +24106,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' + $ref: '#/components/schemas/GoogleCloudApigeeV1SharedFlowRevision' parameters: - in: path name: organizationsId @@ -23064,38 +24114,29 @@ paths: schema: type: string - in: path - name: developersId - required: true - schema: - type: string - - in: path - name: appsId + name: sharedflowsId required: true schema: type: string - in: path - name: keysId + name: revisionsId required: true schema: type: string - in: query - name: action + name: validate schema: - type: string - put: + type: boolean + get: description: >- - Updates the scope of an app. This API replaces the existing scopes with - those specified in the request. Include or exclude any existing scopes - that you want to retain or delete, respectively. The specified scopes - must already be defined for the API products associated with the app. - This API sets the `scopes` element under the `apiProducts` element in - the attributes of the app. - operationId: apigee.organizations.developers.apps.keys.replaceDeveloperAppKey - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' + Gets a revision of a shared flow. To download the shared flow + configuration bundle for the specified revision as a zip file, set the + `format` query parameter to `bundle`. If you are using curl, specify `-o + filename.zip` to save the output to a file; otherwise, it displays to + `stdout`. Then, develop the shared flow configuration locally and upload + the updated sharedFlow configuration revision, as described in + [updateSharedFlowRevision](updateSharedFlowRevision). + operationId: apigee.organizations.sharedflows.revisions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23107,7 +24148,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: organizationsId @@ -23115,30 +24156,24 @@ paths: schema: type: string - in: path - name: developersId + name: sharedflowsId required: true schema: type: string - in: path - name: appsId + name: revisionsId required: true schema: type: string - - in: path - name: keysId - required: true + - in: query + name: format schema: type: string - delete: - description: >- - Deletes an app's consumer key and removes all API products associated - with the app. After the consumer key is deleted, it cannot be used to - access any APIs. **Note**: After you delete a consumer key, you may want - to: 1. Create a new consumer key and secret for the developer app using - the CreateDeveloperAppKey API, and subsequently add an API product to - the key using the UpdateDeveloperAppKey API. 2. Delete the developer - app, if it is no longer required. - operationId: apigee.organizations.developers.apps.keys.delete + /v1/organizations/{organizationsId}/sharedflows/{sharedflowsId}/revisions/{revisionsId}/deployments: + parameters: *ref_1 + get: + description: Lists all deployments of a shared flow revision. + operationId: apigee.organizations.sharedflows.revisions.deployments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23150,7 +24185,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListDeploymentsResponse parameters: - in: path name: organizationsId @@ -23158,25 +24194,26 @@ paths: schema: type: string - in: path - name: developersId - required: true - schema: - type: string - - in: path - name: appsId + name: sharedflowsId required: true schema: type: string - in: path - name: keysId + name: revisionsId required: true schema: type: string + /v1/organizations/{organizationsId}/hostStats/{hostStatsId}: + parameters: *ref_1 get: description: >- - Gets details for a consumer key for a developer app, including the key - and secret value, associated API products, and other information. - operationId: apigee.organizations.developers.apps.keys.get + Retrieve metrics grouped by dimensions in host level. The types of + metrics you can retrieve include traffic, message counts, API call + latency, response size, and cache hits and counts. Dimensions let you + view metrics in meaningful groups. You can optionally pass dimensions as + path parameters to the `stats` API. If dimensions are not specified, the + metrics are computed on the entire set of data for the given time range. + operationId: apigee.organizations.hostStats.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23188,7 +24225,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' + $ref: '#/components/schemas/GoogleCloudApigeeV1Stats' parameters: - in: path name: organizationsId @@ -23196,44 +24233,71 @@ paths: schema: type: string - in: path - name: developersId + name: hostStatsId required: true schema: type: string - - in: path - name: appsId - required: true + - in: query + name: accuracy schema: type: string - - in: path - name: keysId - required: true + - in: query + name: timeRange schema: type: string - /v1/organizations/{organizationsId}/developers/{developersId}/apps/{appsId}/keys/create: - parameters: *ref_1 - post: - description: >- - Creates a custom consumer key and secret for a developer app. This is - particularly useful if you want to migrate existing consumer keys and - secrets to Apigee from another system. Consumer keys and secrets can - contain letters, numbers, underscores, and hyphens. No other special - characters are allowed. To avoid service disruptions, a consumer key and - secret should not exceed 2 KBs each. **Note**: When creating the - consumer key and secret, an association to API products will not be - made. Therefore, you should not specify the associated API products in - your request. Instead, use the UpdateDeveloperAppKey API to make the - association after the consumer key and secret are created. If a consumer - key and secret already exist, you can keep them or delete them using the - DeleteDeveloperAppKey API. **Note**: All keys start out with - status=approved, even if status=revoked is passed when the key is - created. To revoke a key, use the UpdateDeveloperAppKey API. - operationId: apigee.organizations.developers.apps.keys.create.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' + - in: query + name: timeUnit + schema: + type: string + - in: query + name: sort + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: topk + schema: + type: string + - in: query + name: offset + schema: + type: string + - in: query + name: limit + schema: + type: string + - in: query + name: realtime + schema: + type: boolean + - in: query + name: envgroupHostname + schema: + type: string + - in: query + name: tzo + schema: + type: string + - in: query + name: sortby + schema: + type: string + - in: query + name: select + schema: + type: string + - in: query + name: tsAscending + schema: + type: boolean + /v1/organizations/{organizationsId}/dnsZones/{dnsZonesId}: + parameters: *ref_1 + delete: + description: Deletes a previously created DNS zone. + operationId: apigee.organizations.dnsZones.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23245,7 +24309,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -23253,24 +24317,13 @@ paths: schema: type: string - in: path - name: developersId - required: true - schema: - type: string - - in: path - name: appsId + name: dnsZonesId required: true schema: type: string - /v1/organizations/{organizationsId}/developers/{developersId}/apps/{appsId}/keys/{keysId}/apiproducts/{apiproductsId}: - parameters: *ref_1 - delete: - description: >- - Removes an API product from an app's consumer key. After the API product - is removed, the app cannot access the API resources defined in that API - product. **Note**: The consumer key is not removed, only its association - with the API product. - operationId: apigee.organizations.developers.apps.keys.apiproducts.delete + get: + description: Fetches the representation of an existing DNS zone. + operationId: apigee.organizations.dnsZones.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23282,7 +24335,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperAppKey' + $ref: '#/components/schemas/GoogleCloudApigeeV1DnsZone' parameters: - in: path name: organizationsId @@ -23290,35 +24343,20 @@ paths: schema: type: string - in: path - name: developersId - required: true - schema: - type: string - - in: path - name: appsId - required: true - schema: - type: string - - in: path - name: keysId - required: true - schema: - type: string - - in: path - name: apiproductsId + name: dnsZonesId required: true schema: type: string + /v1/organizations/{organizationsId}/dnsZones: + parameters: *ref_1 post: - description: >- - Approves or revokes the consumer key for an API product. After a - consumer key is approved, the app can use it to access APIs. A consumer - key that is revoked or pending cannot be used to access an API. Any - access tokens associated with a revoked consumer key will remain active. - However, Apigee checks the status of the consumer key and if set to - `revoked` will not allow access to the API. - operationId: >- - apigee.organizations.developers.apps.keys.apiproducts.updateDeveloperAppKeyApiProduct + description: Creates a new DNS zone. + operationId: apigee.organizations.dnsZones.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1DnsZone' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23330,42 +24368,52 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: developersId - required: true - schema: - type: string - - in: path - name: appsId - required: true + - in: query + name: dnsZoneId schema: type: string + get: + description: Enumerates DNS zones that have been created but not yet deleted. + operationId: apigee.organizations.dnsZones.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1ListDnsZonesResponse' + parameters: - in: path - name: keysId + name: organizationsId required: true schema: type: string - - in: path - name: apiproductsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: action + name: pageToken schema: type: string - /v1/organizations/{organizationsId}/developers/{developersId}/apps/{appsId}/attributes/{attributesId}: + /v1/organizations/{organizationsId}/datacollectors/{datacollectorsId}: parameters: *ref_1 - get: - description: Returns a developer app attribute. - operationId: apigee.organizations.developers.apps.attributes.get + delete: + description: Deletes a data collector. + operationId: apigee.organizations.datacollectors.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23377,7 +24425,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -23385,36 +24433,18 @@ paths: schema: type: string - in: path - name: developersId - required: true - schema: - type: string - - in: path - name: appsId - required: true - schema: - type: string - - in: path - name: attributesId + name: datacollectorsId required: true schema: type: string - post: - description: >- - Updates a developer app attribute. **Note**: OAuth access tokens and Key - Management Service (KMS) entities (apps, developers, and API products) - are cached for 180 seconds (current default). Any custom attributes - associated with these entities are cached for at least 180 seconds after - the entity is accessed at runtime. Therefore, an `ExpiresIn` element on - the OAuthV2 policy won't be able to expire an access token in less than - 180 seconds. - operationId: >- - apigee.organizations.developers.apps.attributes.updateDeveloperAppAttribute + patch: + description: Updates a data collector. + operationId: apigee.organizations.datacollectors.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + $ref: '#/components/schemas/GoogleCloudApigeeV1DataCollector' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23426,7 +24456,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + $ref: '#/components/schemas/GoogleCloudApigeeV1DataCollector' parameters: - in: path name: organizationsId @@ -23434,23 +24464,18 @@ paths: schema: type: string - in: path - name: developersId - required: true - schema: - type: string - - in: path - name: appsId + name: datacollectorsId required: true schema: type: string - - in: path - name: attributesId - required: true + - in: query + name: updateMask schema: type: string - delete: - description: Deletes a developer app attribute. - operationId: apigee.organizations.developers.apps.attributes.delete + format: google-fieldmask + get: + description: Gets a data collector. + operationId: apigee.organizations.datacollectors.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23462,7 +24487,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + $ref: '#/components/schemas/GoogleCloudApigeeV1DataCollector' parameters: - in: path name: organizationsId @@ -23470,25 +24495,51 @@ paths: schema: type: string - in: path - name: developersId + name: datacollectorsId required: true schema: type: string + /v1/organizations/{organizationsId}/datacollectors: + parameters: *ref_1 + get: + description: Lists all data collectors. + operationId: apigee.organizations.datacollectors.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListDataCollectorsResponse + parameters: - in: path - name: appsId + name: organizationsId required: true schema: type: string - - in: path - name: attributesId - required: true + - in: query + name: pageToken schema: type: string - /v1/organizations/{organizationsId}/developers/{developersId}/attributes/{attributesId}: - parameters: *ref_1 - get: - description: Returns the value of the specified developer attribute. - operationId: apigee.organizations.developers.attributes.get + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a new data collector. + operationId: apigee.organizations.datacollectors.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1DataCollector' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23500,26 +24551,52 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + $ref: '#/components/schemas/GoogleCloudApigeeV1DataCollector' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: developersId - required: true + - in: query + name: dataCollectorId schema: type: string + /v1/organizations/{organizationsId}/securityAssessmentResults:batchCompute: + parameters: *ref_1 + post: + description: Compute RAV2 security scores for a set of resources. + operationId: apigee.organizations.securityAssessmentResults.batchCompute + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsResponse + parameters: - in: path - name: attributesId + name: organizationsId required: true schema: type: string - delete: - description: Deletes a developer attribute. - operationId: apigee.organizations.developers.attributes.delete + /v1/organizations/{organizationsId}/sites/{sitesId}/apicategories: + parameters: *ref_1 + get: + description: Returns the API categories associated with a portal. + operationId: apigee.organizations.sites.apicategories.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23531,7 +24608,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListApiCategoriesResponse parameters: - in: path name: organizationsId @@ -23539,29 +24617,18 @@ paths: schema: type: string - in: path - name: developersId - required: true - schema: - type: string - - in: path - name: attributesId + name: sitesId required: true schema: type: string post: - description: >- - Updates a developer attribute. **Note**: OAuth access tokens and Key - Management Service (KMS) entities (apps, developers, and API products) - are cached for 180 seconds (default). Any custom attributes associated - with these entities are cached for at least 180 seconds after the entity - is accessed at runtime. Therefore, an `ExpiresIn` element on the OAuthV2 - policy won't be able to expire an access token in less than 180 seconds. - operationId: apigee.organizations.developers.attributes.updateDeveloperAttribute + description: Creates a new API category. + operationId: apigee.organizations.sites.apicategories.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiCategory' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23573,7 +24640,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiCategoryResponse' parameters: - in: path name: organizationsId @@ -23581,26 +24648,15 @@ paths: schema: type: string - in: path - name: developersId - required: true - schema: - type: string - - in: path - name: attributesId + name: sitesId required: true schema: type: string - /v1/organizations/{organizationsId}/developers/{developersId}/balance:credit: + /v1/organizations/{organizationsId}/sites/{sitesId}/apicategories/{apicategoriesId}: parameters: *ref_1 - post: - description: Credits the account balance for the developer. - operationId: apigee.organizations.developers.balance.credit - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1CreditDeveloperBalanceRequest + get: + description: Gets an API category. + operationId: apigee.organizations.sites.apicategories.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23612,7 +24668,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperBalance' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiCategoryResponse' parameters: - in: path name: organizationsId @@ -23620,23 +24676,18 @@ paths: schema: type: string - in: path - name: developersId + name: sitesId required: true schema: type: string - /v1/organizations/{organizationsId}/developers/{developersId}/balance:adjust: - parameters: *ref_1 - post: - description: >- - Adjust the prepaid balance for the developer. This API will be used in - scenarios where the developer has been under-charged or over-charged. - operationId: apigee.organizations.developers.balance.adjust - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1AdjustDeveloperBalanceRequest + - in: path + name: apicategoriesId + required: true + schema: + type: string + delete: + description: Deletes an API category. + operationId: apigee.organizations.sites.apicategories.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23648,7 +24699,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperBalance' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeleteResponse' parameters: - in: path name: organizationsId @@ -23656,20 +24707,23 @@ paths: schema: type: string - in: path - name: developersId + name: sitesId required: true schema: type: string - /v1/organizations/{organizationsId}/developers/{developersId}/subscriptions: - parameters: *ref_1 - post: - description: 'Creates a subscription to an API product. ' - operationId: apigee.organizations.developers.subscriptions.create + - in: path + name: apicategoriesId + required: true + schema: + type: string + patch: + description: Updates an API category. + operationId: apigee.organizations.sites.apicategories.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperSubscription' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiCategory' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23681,7 +24735,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperSubscription' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiCategoryResponse' parameters: - in: path name: organizationsId @@ -23689,13 +24743,25 @@ paths: schema: type: string - in: path - name: developersId + name: sitesId required: true schema: type: string - get: - description: Lists all API product subscriptions for a developer. - operationId: apigee.organizations.developers.subscriptions.list + - in: path + name: apicategoriesId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/sites/{sitesId}/apidocs/{apidocsId}: + parameters: *ref_1 + put: + description: Updates a catalog item. + operationId: apigee.organizations.sites.apidocs.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDoc' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23707,8 +24773,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListDeveloperSubscriptionsResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDocResponse' parameters: - in: path name: organizationsId @@ -23716,24 +24781,18 @@ paths: schema: type: string - in: path - name: developersId + name: sitesId required: true schema: type: string - - in: query - name: startKey + - in: path + name: apidocsId + required: true schema: type: string - - in: query - name: count - schema: - type: integer - format: int32 - /v1/organizations/{organizationsId}/developers/{developersId}/subscriptions/{subscriptionsId}: - parameters: *ref_1 - get: - description: Gets details for an API product subscription. - operationId: apigee.organizations.developers.subscriptions.get + delete: + description: Deletes a catalog item. + operationId: apigee.organizations.sites.apidocs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23745,7 +24804,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperSubscription' + $ref: '#/components/schemas/GoogleCloudApigeeV1DeleteResponse' parameters: - in: path name: organizationsId @@ -23753,26 +24812,18 @@ paths: schema: type: string - in: path - name: developersId + name: sitesId required: true schema: type: string - in: path - name: subscriptionsId + name: apidocsId required: true schema: type: string - /v1/organizations/{organizationsId}/developers/{developersId}/subscriptions/{subscriptionsId}:expire: - parameters: *ref_1 - post: - description: Expires an API product subscription immediately. - operationId: apigee.organizations.developers.subscriptions.expire - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ExpireDeveloperSubscriptionRequest + get: + description: Gets a catalog item. + operationId: apigee.organizations.sites.apidocs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23784,7 +24835,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeveloperSubscription' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDocResponse' parameters: - in: path name: organizationsId @@ -23792,28 +24843,25 @@ paths: schema: type: string - in: path - name: developersId + name: sitesId required: true schema: type: string - in: path - name: subscriptionsId + name: apidocsId required: true schema: type: string - /v1/organizations/{organizationsId}/appgroups: + /v1/organizations/{organizationsId}/sites/{sitesId}/apidocs: parameters: *ref_1 post: - description: >- - Creates an AppGroup. Once created, user can register apps under the - AppGroup to obtain secret key and password. At creation time, the - AppGroup's state is set as `active`. - operationId: apigee.organizations.appgroups.create + description: Creates a new catalog item. + operationId: apigee.organizations.sites.apidocs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroup' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDoc' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23825,19 +24873,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroup' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDocResponse' parameters: - in: path name: organizationsId required: true schema: type: string + - in: path + name: sitesId + required: true + schema: + type: string get: - description: >- - Lists all AppGroups in an organization. A maximum of 1000 AppGroups are - returned in the response if PageSize is not specified, or if the - PageSize is greater than 1000. - operationId: apigee.organizations.appgroups.list + description: Returns the catalog items associated with a portal. + operationId: apigee.organizations.sites.apidocs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23849,15 +24899,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ListAppGroupsResponse' + $ref: '#/components/schemas/GoogleCloudApigeeV1ListApiDocsResponse' parameters: - in: path name: organizationsId required: true schema: type: string + - in: path + name: sitesId + required: true + schema: + type: string - in: query - name: filter + name: pageToken schema: type: string - in: query @@ -23865,17 +24920,18 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/organizations/{organizationsId}/appgroups/{appgroupsId}: + /v1/organizations/{organizationsId}/sites/{sitesId}/apidocs/{apidocsId}/documentation: parameters: *ref_1 - get: + patch: description: >- - Returns the AppGroup details for the provided AppGroup name in the - request URI. - operationId: apigee.organizations.appgroups.get + Updates the documentation for the specified catalog item. Note that the + documentation file contents will not be populated in the return message. + operationId: apigee.organizations.sites.apidocs.updateDocumentation + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDocDocumentation' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23887,7 +24943,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroup' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ApiDocDocumentationResponse parameters: - in: path name: organizationsId @@ -23895,19 +24952,18 @@ paths: schema: type: string - in: path - name: appgroupsId + name: sitesId required: true schema: type: string - delete: - description: >- - Deletes an AppGroup. All app and API keys associations with the AppGroup - are also removed. **Warning**: This API will permanently delete the - AppGroup and related artifacts. **Note**: The delete operation is - asynchronous. The AppGroup is deleted immediately, but its associated - resources, such as apps and API keys, may take anywhere from a few - seconds to a few minutes to be deleted. - operationId: apigee.organizations.appgroups.delete + - in: path + name: apidocsId + required: true + schema: + type: string + get: + description: Gets the documentation for the specified catalog item. + operationId: apigee.organizations.sites.apidocs.getDocumentation security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23919,7 +24975,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroup' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ApiDocDocumentationResponse parameters: - in: path name: organizationsId @@ -23927,23 +24984,20 @@ paths: schema: type: string - in: path - name: appgroupsId + name: sitesId required: true schema: type: string - put: - description: >- - Updates an AppGroup. This API replaces the existing AppGroup details - with those specified in the request. Include or exclude any existing - details that you want to retain or delete, respectively. Note that the - state of the AppGroup should be updated using `action`, and not via - AppGroup. - operationId: apigee.organizations.appgroups.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroup' + - in: path + name: apidocsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/hostQueries: + parameters: *ref_1 + get: + description: Return a list of Asynchronous Queries at host level. + operationId: apigee.organizations.hostQueries.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23955,37 +25009,54 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroup' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListAsyncQueriesResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: appgroupsId - required: true + - in: query + name: envgroupHostname schema: type: string - in: query - name: action + name: inclQueriesWithoutReport + schema: + type: string + - in: query + name: from + schema: + type: string + - in: query + name: submittedBy + schema: + type: string + - in: query + name: status + schema: + type: string + - in: query + name: dataset + schema: + type: string + - in: query + name: to schema: type: string - /v1/organizations/{organizationsId}/appgroups/{appgroupsId}/apps: - parameters: *ref_1 post: description: >- - Creates an app and associates it with an AppGroup. This API associates - the AppGroup app with the specified API product and auto-generates an - API key for the app to use in calls to API proxies inside that API - product. The `name` is the unique ID of the app that you can use in API - calls. - operationId: apigee.organizations.appgroups.apps.create + Submit a query at host level to be processed in the background. If the + submission of the query succeeds, the API returns a 201 status and an ID + that refer to the query. In addition to the HTTP status 201, the `state` + of "enqueued" means that the request succeeded. + operationId: apigee.organizations.hostQueries.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupApp' + $ref: '#/components/schemas/GoogleCloudApigeeV1Query' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -23997,26 +25068,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupApp' + $ref: '#/components/schemas/GoogleCloudApigeeV1AsyncQuery' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: appgroupsId - required: true - schema: - type: string + /v1/organizations/{organizationsId}/hostQueries/{hostQueriesId}: + parameters: *ref_1 get: description: >- - Lists all apps created by an AppGroup in an Apigee organization. - Optionally, you can request an expanded view of the AppGroup apps. Lists - all AppGroupApps in an AppGroup. A maximum of 1000 AppGroup apps are - returned in the response if PageSize is not specified, or if the - PageSize is greater than 1000. - operationId: apigee.organizations.appgroups.apps.list + Get status of a query submitted at host level. If the query is still in + progress, the `state` is set to "running" After the query has completed + successfully, `state` is set to "completed" + operationId: apigee.organizations.hostQueries.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24028,8 +25094,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListAppGroupAppsResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1AsyncQuery' parameters: - in: path name: organizationsId @@ -24037,28 +25102,20 @@ paths: schema: type: string - in: path - name: appgroupsId + name: hostQueriesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/organizations/{organizationsId}/appgroups/{appgroupsId}/apps/{appsId}: + /v1/organizations/{organizationsId}/hostQueries/{hostQueriesId}/result: parameters: *ref_1 - delete: + get: description: >- - Deletes an AppGroup app. **Note**: The delete operation is asynchronous. - The AppGroup app is deleted immediately, but its associated resources, - such as app keys or access tokens, may take anywhere from a few seconds - to a few minutes to be deleted. - operationId: apigee.organizations.appgroups.apps.delete + After the query is completed, use this API to retrieve the results. If + the request succeeds, and there is a non-zero result set, the result is + downloaded to the client as a zipped JSON file. The name of the + downloaded file will be: OfflineQueryResult-.zip Example: + `OfflineQueryResult-9cfc0d85-0f30-46d6-ae6f-318d0cb961bd.zip` + operationId: apigee.organizations.hostQueries.getResult security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24070,7 +25127,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupApp' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: organizationsId @@ -24078,18 +25135,15 @@ paths: schema: type: string - in: path - name: appgroupsId - required: true - schema: - type: string - - in: path - name: appsId + name: hostQueriesId required: true schema: type: string + /v1/organizations/{organizationsId}/hostQueries/{hostQueriesId}/resultView: + parameters: *ref_1 get: - description: Returns the details for an AppGroup app. - operationId: apigee.organizations.appgroups.apps.get + description: '' + operationId: apigee.organizations.hostQueries.getResultView security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24101,7 +25155,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupApp' + $ref: '#/components/schemas/GoogleCloudApigeeV1AsyncQueryResultView' parameters: - in: path name: organizationsId @@ -24109,32 +25163,17 @@ paths: schema: type: string - in: path - name: appgroupsId - required: true - schema: - type: string - - in: path - name: appsId + name: hostQueriesId required: true schema: type: string - put: + /v1/organizations/{organizationsId}/instances/{instancesId}: + parameters: *ref_1 + get: description: >- - Updates the details for an AppGroup app. In addition, you can add an API - product to an AppGroup app and automatically generate an API key for the - app to use when calling APIs in the API product. If you want to use an - existing API key for the API product, add the API product to the API key - using the UpdateAppGroupAppKey API. Using this API, you cannot update - the app name, as it is the primary key used to identify the app and - cannot be changed. This API replaces the existing attributes with those - specified in the request. Include or exclude any existing attributes - that you want to retain or delete, respectively. - operationId: apigee.organizations.appgroups.apps.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupApp' + Gets the details for an Apigee runtime instance. **Note:** Not supported + for Apigee hybrid. + operationId: apigee.organizations.instances.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24146,7 +25185,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupApp' + $ref: '#/components/schemas/GoogleCloudApigeeV1Instance' parameters: - in: path name: organizationsId @@ -24154,41 +25193,21 @@ paths: schema: type: string - in: path - name: appgroupsId - required: true - schema: - type: string - - in: path - name: appsId + name: instancesId required: true schema: type: string - - in: query - name: action - schema: - type: string - /v1/organizations/{organizationsId}/appgroups/{appgroupsId}/apps/{appsId}/keys: - parameters: *ref_1 - post: + patch: description: >- - Creates a custom consumer key and secret for a AppGroup app. This is - particularly useful if you want to migrate existing consumer keys and - secrets to Apigee from another system. Consumer keys and secrets can - contain letters, numbers, underscores, and hyphens. No other special - characters are allowed. To avoid service disruptions, a consumer key and - secret should not exceed 2 KBs each. **Note**: When creating the - consumer key and secret, an association to API products will not be - made. Therefore, you should not specify the associated API products in - your request. Instead, use the UpdateAppGroupAppKey API to make the - association after the consumer key and secret are created. If a consumer - key and secret already exist, you can keep them or delete them using the - DeleteAppGroupAppKey API. - operationId: apigee.organizations.appgroups.apps.keys.create + Updates an Apigee runtime instance. You can update the fields described + in NodeConfig. No other fields will be updated. **Note:** Not supported + for Apigee hybrid. + operationId: apigee.organizations.instances.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupAppKey' + $ref: '#/components/schemas/GoogleCloudApigeeV1Instance' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24200,7 +25219,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupAppKey' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -24208,61 +25227,21 @@ paths: schema: type: string - in: path - name: appgroupsId + name: instancesId required: true schema: type: string - - in: path - name: appsId - required: true + - in: query + name: updateMask schema: type: string - /v1/organizations/{organizationsId}/appgroups/{appgroupsId}/apps/{appsId}/keys/{keysId}: - parameters: *ref_1 + format: google-fieldmask delete: description: >- - Deletes an app's consumer key and removes all API products associated - with the app. After the consumer key is deleted, it cannot be used to - access any APIs. - operationId: apigee.organizations.appgroups.apps.keys.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupAppKey' - parameters: - - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: appgroupsId - required: true - schema: - type: string - - in: path - name: appsId - required: true - schema: - type: string - - in: path - name: keysId - required: true - schema: - type: string - get: - description: >- - Gets details for a consumer key for a AppGroup app, including the key - and secret value, associated API products, and other information. - operationId: apigee.organizations.appgroups.apps.keys.get + Deletes an Apigee runtime instance. The instance stops serving requests + and the runtime data is deleted. **Note:** Not supported for Apigee + hybrid. + operationId: apigee.organizations.instances.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24274,7 +25253,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupAppKey' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -24282,36 +25261,21 @@ paths: schema: type: string - in: path - name: appgroupsId - required: true - schema: - type: string - - in: path - name: appsId - required: true - schema: - type: string - - in: path - name: keysId + name: instancesId required: true schema: type: string + /v1/organizations/{organizationsId}/instances/{instancesId}:reportStatus: + parameters: *ref_1 post: - description: >- - Adds an API product to an AppGroupAppKey, enabling the app that holds - the key to access the API resources bundled in the API product. In - addition, you can add attributes and scopes to the AppGroupAppKey. This - API replaces the existing attributes with those specified in the - request. Include or exclude any existing attributes that you want to - retain or delete, respectively. You can use the same key to access all - API products associated with the app. - operationId: apigee.organizations.appgroups.apps.keys.updateAppGroupAppKey + description: Reports the latest status for a runtime instance. + operationId: apigee.organizations.instances.reportStatus requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1UpdateAppGroupAppKeyRequest + #/components/schemas/GoogleCloudApigeeV1ReportInstanceStatusRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24323,7 +25287,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupAppKey' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ReportInstanceStatusResponse parameters: - in: path name: organizationsId @@ -24331,32 +25296,23 @@ paths: schema: type: string - in: path - name: appgroupsId - required: true - schema: - type: string - - in: path - name: appsId - required: true - schema: - type: string - - in: path - name: keysId + name: instancesId required: true schema: type: string - /v1/organizations/{organizationsId}/appgroups/{appgroupsId}/apps/{appsId}/keys/{keysId}/apiproducts/{apiproductsId}: + /v1/organizations/{organizationsId}/instances: parameters: *ref_1 post: description: >- - Approves or revokes the consumer key for an API product. After a - consumer key is approved, the app can use it to access APIs. A consumer - key that is revoked or pending cannot be used to access an API. Any - access tokens associated with a revoked consumer key will remain active. - However, Apigee checks the status of the consumer key and if set to - `revoked` will not allow access to the API. - operationId: >- - apigee.organizations.appgroups.apps.keys.apiproducts.updateAppGroupAppKeyApiProduct + Creates an Apigee runtime instance. The instance is accessible from the + authorized network configured on the organization. **Note:** Not + supported for Apigee hybrid. + operationId: apigee.organizations.instances.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1Instance' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24368,44 +25324,58 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId required: true schema: type: string + get: + description: >- + Lists all Apigee runtime instances for the organization. **Note:** Not + supported for Apigee hybrid. + operationId: apigee.organizations.instances.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1ListInstancesResponse' + parameters: - in: path - name: appgroupsId - required: true - schema: - type: string - - in: path - name: appsId - required: true - schema: - type: string - - in: path - name: keysId + name: organizationsId required: true schema: type: string - - in: path - name: apiproductsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: action + name: pageToken schema: type: string - delete: + /v1/organizations/{organizationsId}/instances/{instancesId}/natAddresses/{natAddressesId}:activate: + parameters: *ref_1 + post: description: >- - Removes an API product from an app's consumer key. After the API product - is removed, the app cannot access the API resources defined in that API - product. **Note**: The consumer key is not removed, only its association - with the API product. - operationId: apigee.organizations.appgroups.apps.keys.apiproducts.delete + Activates the NAT address. The Apigee instance can now use this for + Internet egress traffic. **Note:** Not supported for Apigee hybrid. + operationId: apigee.organizations.instances.natAddresses.activate + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ActivateNatAddressRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24417,7 +25387,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1AppGroupAppKey' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -24425,39 +25395,23 @@ paths: schema: type: string - in: path - name: appgroupsId - required: true - schema: - type: string - - in: path - name: appsId - required: true - schema: - type: string - - in: path - name: keysId + name: instancesId required: true schema: type: string - in: path - name: apiproductsId + name: natAddressesId required: true schema: type: string - /v1/organizations/{organizationsId}/hostSecurityReports: + /v1/organizations/{organizationsId}/instances/{instancesId}/natAddresses/{natAddressesId}: parameters: *ref_1 - post: + delete: description: >- - Submit a query at host level to be processed in the background. If the - submission of the query succeeds, the API returns a 201 status and an ID - that refer to the query. In addition to the HTTP status 201, the `state` - of "enqueued" means that the request succeeded. - operationId: apigee.organizations.hostSecurityReports.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReportQuery' + Deletes the NAT address. Connections that are actively using the address + are drained before it is removed. **Note:** Not supported for Apigee + hybrid. + operationId: apigee.organizations.instances.natAddresses.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24469,16 +25423,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReport' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId required: true schema: type: string + - in: path + name: instancesId + required: true + schema: + type: string + - in: path + name: natAddressesId + required: true + schema: + type: string get: - description: Return a list of Security Reports at host level. - operationId: apigee.organizations.hostSecurityReports.list + description: >- + Gets the details of a NAT address. **Note:** Not supported for Apigee + hybrid. + operationId: apigee.organizations.instances.natAddresses.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24490,55 +25456,39 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListSecurityReportsResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1NatAddress' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: submittedBy - schema: - type: string - - in: query - name: status - schema: - type: string - - in: query - name: from - schema: - type: string - - in: query - name: to - schema: - type: string - - in: query - name: dataset - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: instancesId + required: true schema: type: string - - in: query - name: envgroupHostname + - in: path + name: natAddressesId + required: true schema: type: string - /v1/organizations/{organizationsId}/hostSecurityReports/{hostSecurityReportsId}: + /v1/organizations/{organizationsId}/instances/{instancesId}/natAddresses: parameters: *ref_1 - get: + post: description: >- - Get status of a query submitted at host level. If the query is still in - progress, the `state` is set to "running" After the query has completed - successfully, `state` is set to "completed" - operationId: apigee.organizations.hostSecurityReports.get + Creates a NAT address. The address is created in the RESERVED state and + a static external IP address will be provisioned. At this time, the + instance will not use this IP address for Internet egress traffic. The + address can be activated for use once any required firewall IP + whitelisting has been completed. **Note:** Not supported for Apigee + hybrid. + operationId: apigee.organizations.instances.natAddresses.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1NatAddress' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24550,7 +25500,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReport' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -24558,20 +25508,15 @@ paths: schema: type: string - in: path - name: hostSecurityReportsId + name: instancesId required: true schema: type: string - /v1/organizations/{organizationsId}/hostSecurityReports/{hostSecurityReportsId}/result: - parameters: *ref_1 get: description: >- - After the query is completed, use this API to retrieve the results. If - the request succeeds, and there is a non-zero result set, the result is - downloaded to the client as a zipped JSON file. The name of the - downloaded file will be: OfflineQueryResult-.zip Example: - `OfflineQueryResult-9cfc0d85-0f30-46d6-ae6f-318d0cb961bd.zip` - operationId: apigee.organizations.hostSecurityReports.getResult + Lists the NAT addresses for an Apigee instance. **Note:** Not supported + for Apigee hybrid. + operationId: apigee.organizations.instances.natAddresses.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24583,7 +25528,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListNatAddressesResponse parameters: - in: path name: organizationsId @@ -24591,17 +25537,24 @@ paths: schema: type: string - in: path - name: hostSecurityReportsId + name: instancesId required: true schema: type: string - /v1/organizations/{organizationsId}/hostSecurityReports/{hostSecurityReportsId}/resultView: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/organizations/{organizationsId}/instances/{instancesId}/attachments/{attachmentsId}: parameters: *ref_1 - get: - description: >- - After the query is completed, use this API to view the query result when - result size is small. - operationId: apigee.organizations.hostSecurityReports.getResultView + delete: + description: Deletes an attachment. **Note:** Not supported for Apigee hybrid. + operationId: apigee.organizations.instances.attachments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24613,8 +25566,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityReportResultView + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -24622,20 +25574,18 @@ paths: schema: type: string - in: path - name: hostSecurityReportsId + name: instancesId required: true schema: type: string - /v1/organizations/{organizationsId}/securityProfiles: - parameters: *ref_1 - post: - description: CreateSecurityProfile create a new custom security profile. - operationId: apigee.organizations.securityProfiles.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfile' + - in: path + name: attachmentsId + required: true + schema: + type: string + get: + description: Gets an attachment. **Note:** Not supported for Apigee hybrid. + operationId: apigee.organizations.instances.attachments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24647,22 +25597,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfile' + $ref: '#/components/schemas/GoogleCloudApigeeV1InstanceAttachment' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: securityProfileId + - in: path + name: instancesId + required: true + schema: + type: string + - in: path + name: attachmentsId + required: true schema: type: string + /v1/organizations/{organizationsId}/instances/{instancesId}/attachments: + parameters: *ref_1 get: description: >- - ListSecurityProfiles lists all the security profiles associated with the - org including attached and unattached profiles. - operationId: apigee.organizations.securityProfiles.list + Lists all attachments to an instance. **Note:** Not supported for Apigee + hybrid. + operationId: apigee.organizations.instances.attachments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24675,32 +25633,37 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListSecurityProfilesResponse + #/components/schemas/GoogleCloudApigeeV1ListInstanceAttachmentsResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: pageSize + - in: path + name: instancesId + required: true schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - /v1/organizations/{organizationsId}/securityProfiles/{securityProfilesId}: - parameters: *ref_1 - patch: - description: UpdateSecurityProfile update the metadata of security profile. - operationId: apigee.organizations.securityProfiles.patch + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: >- + Creates a new attachment of an environment to an instance. **Note:** Not + supported for Apigee hybrid. + operationId: apigee.organizations.instances.attachments.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfile' + $ref: '#/components/schemas/GoogleCloudApigeeV1InstanceAttachment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24712,7 +25675,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfile' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -24720,18 +25683,20 @@ paths: schema: type: string - in: path - name: securityProfilesId + name: instancesId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: DeleteSecurityProfile delete a profile with all its revisions. - operationId: apigee.organizations.securityProfiles.delete + /v1/organizations/{organizationsId}/instances/{instancesId}/canaryevaluations: + parameters: *ref_1 + post: + description: Creates a new canary evaluation for an organization. + operationId: apigee.organizations.instances.canaryevaluations.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1CanaryEvaluation' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24743,7 +25708,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -24751,16 +25716,15 @@ paths: schema: type: string - in: path - name: securityProfilesId + name: instancesId required: true schema: type: string + /v1/organizations/{organizationsId}/instances/{instancesId}/canaryevaluations/{canaryevaluationsId}: + parameters: *ref_1 get: - description: >- - GetSecurityProfile gets the specified security profile. Returns - NOT_FOUND if security profile is not present for the specified - organization. - operationId: apigee.organizations.securityProfiles.get + description: Gets a CanaryEvaluation for an organization. + operationId: apigee.organizations.instances.canaryevaluations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24772,7 +25736,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfile' + $ref: '#/components/schemas/GoogleCloudApigeeV1CanaryEvaluation' parameters: - in: path name: organizationsId @@ -24780,17 +25744,22 @@ paths: schema: type: string - in: path - name: securityProfilesId + name: instancesId required: true schema: type: string - /v1/organizations/{organizationsId}/securityProfiles/{securityProfilesId}:listRevisions: + - in: path + name: canaryevaluationsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/operations: parameters: *ref_1 get: description: >- - ListSecurityProfileRevisions lists all the revisions of the security - profile. - operationId: apigee.organizations.securityProfiles.listRevisions + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: apigee.organizations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24802,41 +25771,38 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListSecurityProfileRevisionsResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: securityProfilesId - required: true - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string - in: query name: pageToken schema: type: string - /v1/organizations/{organizationsId}/securityProfiles/{securityProfilesId}/environments: + /v1/organizations/{organizationsId}/operations/{operationsId}: parameters: *ref_1 - post: + get: description: >- - CreateSecurityProfileEnvironmentAssociation creates profile environment - association i.e. attaches environment to security profile. - operationId: apigee.organizations.securityProfiles.environments.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityProfileEnvironmentAssociation + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: apigee.organizations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24848,8 +25814,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityProfileEnvironmentAssociation + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -24857,17 +25822,20 @@ paths: schema: type: string - in: path - name: securityProfilesId + name: operationsId required: true schema: type: string - /v1/organizations/{organizationsId}/securityProfiles/{securityProfilesId}/environments/{environmentsId}: + /v1/organizations/{organizationsId}/hostSecurityReports/{hostSecurityReportsId}/result: parameters: *ref_1 - delete: + get: description: >- - DeleteSecurityProfileEnvironmentAssociation removes profile environment - association i.e. detaches environment from security profile. - operationId: apigee.organizations.securityProfiles.environments.delete + After the query is completed, use this API to retrieve the results. If + the request succeeds, and there is a non-zero result set, the result is + downloaded to the client as a zipped JSON file. The name of the + downloaded file will be: OfflineQueryResult-.zip Example: + `OfflineQueryResult-9cfc0d85-0f30-46d6-ae6f-318d0cb961bd.zip` + operationId: apigee.organizations.hostSecurityReports.getResult security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24879,7 +25847,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: organizationsId @@ -24887,29 +25855,24 @@ paths: schema: type: string - in: path - name: securityProfilesId - required: true - schema: - type: string - - in: path - name: environmentsId + name: hostSecurityReportsId required: true schema: type: string - /v1/organizations/{organizationsId}/securityProfiles/{securityProfilesId}/environments/{environmentsId}:computeEnvironmentScores: + /v1/organizations/{organizationsId}/hostSecurityReports: parameters: *ref_1 post: description: >- - ComputeEnvironmentScores calculates scores for requested time range for - the specified security profile and environment. - operationId: >- - apigee.organizations.securityProfiles.environments.computeEnvironmentScores + Submit a query at host level to be processed in the background. If the + submission of the query succeeds, the API returns a 201 status and an ID + that refer to the query. In addition to the HTTP status 201, the `state` + of "enqueued" means that the request succeeded. + operationId: apigee.organizations.hostSecurityReports.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ComputeEnvironmentScoresRequest + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReportQuery' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24921,35 +25884,16 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ComputeEnvironmentScoresResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReport' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: securityProfilesId - required: true - schema: - type: string - - in: path - name: environmentsId - required: true - schema: - type: string - /v1/organizations/{organizationsId}/securityAssessmentResults:batchCompute: - parameters: *ref_1 - post: - description: Compute RAV2 security scores for a set of resources. - operationId: apigee.organizations.securityAssessmentResults.batchCompute - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsRequest + get: + description: Return a list of Security Reports at host level. + operationId: apigee.organizations.hostSecurityReports.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24962,23 +25906,54 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1BatchComputeSecurityAssessmentResultsResponse + #/components/schemas/GoogleCloudApigeeV1ListSecurityReportsResponse parameters: - in: path name: organizationsId required: true schema: - type: string - /v1/organizations/{organizationsId}/securityProfilesV2: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: status + schema: + type: string + - in: query + name: submittedBy + schema: + type: string + - in: query + name: dataset + schema: + type: string + - in: query + name: envgroupHostname + schema: + type: string + - in: query + name: to + schema: + type: string + - in: query + name: from + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/organizations/{organizationsId}/hostSecurityReports/{hostSecurityReportsId}: parameters: *ref_1 - post: - description: Create a security profile v2. - operationId: apigee.organizations.securityProfilesV2.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfileV2' + get: + description: >- + Get status of a query submitted at host level. If the query is still in + progress, the `state` is set to "running" After the query has completed + successfully, `state` is set to "completed" + operationId: apigee.organizations.hostSecurityReports.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -24990,20 +25965,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfileV2' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityReport' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: securityProfileV2Id + - in: path + name: hostSecurityReportsId + required: true schema: type: string + /v1/organizations/{organizationsId}/hostSecurityReports/{hostSecurityReportsId}/resultView: + parameters: *ref_1 get: - description: List security profiles v2. - operationId: apigee.organizations.securityProfilesV2.list + description: >- + After the query is completed, use this API to view the query result when + result size is small. + operationId: apigee.organizations.hostSecurityReports.getResultView security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25016,27 +25996,26 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListSecurityProfilesV2Response + #/components/schemas/GoogleCloudApigeeV1SecurityReportResultView parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: hostSecurityReportsId + required: true schema: type: string - /v1/organizations/{organizationsId}/securityProfilesV2/{securityProfilesV2Id}: + /v1/organizations/{organizationsId}/keyvaluemaps/{keyvaluemapsId}/entries/{entriesId}: parameters: *ref_1 get: - description: Get a security profile v2. - operationId: apigee.organizations.securityProfilesV2.get + description: >- + Get the key value entry value for a key value map scoped to an + organization, environment, or API proxy. **Note**: Supported for Apigee + hybrid 1.8.x and higher. + operationId: apigee.organizations.keyvaluemaps.entries.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25048,7 +26027,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfileV2' + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' parameters: - in: path name: organizationsId @@ -25056,18 +26035,23 @@ paths: schema: type: string - in: path - name: securityProfilesV2Id + name: keyvaluemapsId required: true schema: type: string - patch: - description: Update a security profile V2. - operationId: apigee.organizations.securityProfilesV2.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfileV2' + - in: path + name: entriesId + required: true + schema: + type: string + delete: + description: >- + Deletes a key value entry from a key value map scoped to an + organization, environment, or API proxy. **Notes:** * After you delete + the key value entry, the policy consuming the entry will continue to + function with its cached values for a few minutes. This is expected + behavior. * Supported for Apigee hybrid 1.8.x and higher. + operationId: apigee.organizations.keyvaluemaps.entries.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25079,7 +26063,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityProfileV2' + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' parameters: - in: path name: organizationsId @@ -25087,18 +26071,25 @@ paths: schema: type: string - in: path - name: securityProfilesV2Id + name: keyvaluemapsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: entriesId + required: true schema: type: string - format: google-fieldmask - delete: - description: Delete a security profile v2. - operationId: apigee.organizations.securityProfilesV2.delete + put: + description: >- + Update key value entry scoped to an organization, environment, or API + proxy for an existing key. + operationId: apigee.organizations.keyvaluemaps.entries.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25110,7 +26101,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' parameters: - in: path name: organizationsId @@ -25118,21 +26109,28 @@ paths: schema: type: string - in: path - name: securityProfilesV2Id + name: keyvaluemapsId required: true schema: type: string - /v1/organizations/{organizationsId}/securityMonitoringConditions: + - in: path + name: entriesId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/keyvaluemaps/{keyvaluemapsId}/entries: parameters: *ref_1 post: - description: Create a security monitoring condition. - operationId: apigee.organizations.securityMonitoringConditions.create + description: >- + Creates key value entries in a key value map scoped to an organization, + environment, or API proxy. **Note**: Supported for Apigee hybrid 1.8.x + and higher. + operationId: apigee.organizations.keyvaluemaps.entries.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityMonitoringCondition + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25144,21 +26142,24 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityMonitoringCondition + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: securityMonitoringConditionId + - in: path + name: keyvaluemapsId + required: true schema: type: string get: - description: List security monitoring conditions. - operationId: apigee.organizations.securityMonitoringConditions.list + description: >- + Lists key value entries for key values maps scoped to an organization, + environment, or API proxy. **Note**: Supported for Apigee hybrid 1.8.x + and higher. + operationId: apigee.organizations.keyvaluemaps.entries.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25171,13 +26172,18 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListSecurityMonitoringConditionsResponse + #/components/schemas/GoogleCloudApigeeV1ListKeyValueEntriesResponse parameters: - in: path name: organizationsId required: true schema: type: string + - in: path + name: keyvaluemapsId + required: true + schema: + type: string - in: query name: pageSize schema: @@ -25187,15 +26193,16 @@ paths: name: pageToken schema: type: string - - in: query - name: filter - schema: - type: string - /v1/organizations/{organizationsId}/securityMonitoringConditions/{securityMonitoringConditionsId}: + /v1/organizations/{organizationsId}/keyvaluemaps: parameters: *ref_1 - get: - description: Get a security monitoring condition. - operationId: apigee.organizations.securityMonitoringConditions.get + post: + description: Creates a key value map in an organization. + operationId: apigee.organizations.keyvaluemaps.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25207,28 +26214,18 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityMonitoringCondition + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: securityMonitoringConditionsId - required: true - schema: - type: string - patch: - description: Update a security monitoring condition. - operationId: apigee.organizations.securityMonitoringConditions.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityMonitoringCondition + /v1/organizations/{organizationsId}/keyvaluemaps/{keyvaluemapsId}: + parameters: *ref_1 + delete: + description: Deletes a key value map from an organization. + operationId: apigee.organizations.keyvaluemaps.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25240,8 +26237,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1SecurityMonitoringCondition + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' parameters: - in: path name: organizationsId @@ -25249,18 +26245,15 @@ paths: schema: type: string - in: path - name: securityMonitoringConditionsId + name: keyvaluemapsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Delete a security monitoring condition. - operationId: apigee.organizations.securityMonitoringConditions.delete + get: + description: >- + Get the key value map scoped to an organization, environment, or API + proxy. + operationId: apigee.organizations.keyvaluemaps.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25272,7 +26265,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' parameters: - in: path name: organizationsId @@ -25280,15 +26273,15 @@ paths: schema: type: string - in: path - name: securityMonitoringConditionsId + name: keyvaluemapsId required: true schema: type: string - /v1/organizations/{organizationsId}/keyvaluemaps: - parameters: *ref_1 - post: - description: Creates a key value map in an organization. - operationId: apigee.organizations.keyvaluemaps.create + put: + description: >- + Update the key value map scoped to an organization, environment, or API + proxy. + operationId: apigee.organizations.keyvaluemaps.update requestBody: content: application/json: @@ -25312,42 +26305,16 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/keyvaluemaps/{keyvaluemapsId}: - parameters: *ref_1 - delete: - description: Deletes a key value map from an organization. - operationId: apigee.organizations.keyvaluemaps.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueMap' - parameters: - - in: path - name: organizationsId - required: true - schema: - type: string - in: path name: keyvaluemapsId required: true schema: type: string - /v1/organizations/{organizationsId}/keyvaluemaps/{keyvaluemapsId}/entries/{entriesId}: + /v1/organizations/{organizationsId}/securityFeedback/{securityFeedbackId}: parameters: *ref_1 get: - description: >- - Get the key value entry value for a key value map scoped to an - organization, environment, or API proxy. **Note**: Supported for Apigee - hybrid 1.8.x and higher. - operationId: apigee.organizations.keyvaluemaps.entries.get + description: Gets a specific customer feedback report. + operationId: apigee.organizations.securityFeedback.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25359,7 +26326,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityFeedback' parameters: - in: path name: organizationsId @@ -25367,23 +26334,18 @@ paths: schema: type: string - in: path - name: keyvaluemapsId - required: true - schema: - type: string - - in: path - name: entriesId + name: securityFeedbackId required: true schema: - type: string - delete: - description: >- - Deletes a key value entry from a key value map scoped to an - organization, environment, or API proxy. **Notes:** * After you delete - the key value entry, the policy consuming the entry will continue to - function with its cached values for a few minutes. This is expected - behavior. * Supported for Apigee hybrid 1.8.x and higher. - operationId: apigee.organizations.keyvaluemaps.entries.delete + type: string + patch: + description: Updates a specific feedback report. + operationId: apigee.organizations.securityFeedback.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityFeedback' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25395,7 +26357,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityFeedback' parameters: - in: path name: organizationsId @@ -25403,25 +26365,20 @@ paths: schema: type: string - in: path - name: keyvaluemapsId + name: securityFeedbackId required: true schema: type: string - - in: path - name: entriesId - required: true + - in: query + name: updateMask schema: type: string - put: + format: google-fieldmask + delete: description: >- - Update key value entry scoped to an organization, environment, or API - proxy for an existing key. - operationId: apigee.organizations.keyvaluemaps.entries.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + Deletes a specific feedback report. Used for "undo" of a feedback + submission. + operationId: apigee.organizations.securityFeedback.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25433,7 +26390,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -25441,28 +26398,20 @@ paths: schema: type: string - in: path - name: keyvaluemapsId - required: true - schema: - type: string - - in: path - name: entriesId + name: securityFeedbackId required: true schema: type: string - /v1/organizations/{organizationsId}/keyvaluemaps/{keyvaluemapsId}/entries: + /v1/organizations/{organizationsId}/securityFeedback: parameters: *ref_1 post: - description: >- - Creates key value entries in a key value map scoped to an organization, - environment, or API proxy. **Note**: Supported for Apigee hybrid 1.8.x - and higher. - operationId: apigee.organizations.keyvaluemaps.entries.create + description: Creates a new report containing customer feedback. + operationId: apigee.organizations.securityFeedback.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityFeedback' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25474,24 +26423,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1KeyValueEntry' + $ref: '#/components/schemas/GoogleCloudApigeeV1SecurityFeedback' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: keyvaluemapsId - required: true + - in: query + name: securityFeedbackId schema: type: string get: - description: >- - Lists key value entries for key values maps scoped to an organization, - environment, or API proxy. **Note**: Supported for Apigee hybrid 1.8.x - and higher. - operationId: apigee.organizations.keyvaluemaps.entries.list + description: Lists all feedback reports which have already been submitted. + operationId: apigee.organizations.securityFeedback.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25504,16 +26449,15 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListKeyValueEntriesResponse + #/components/schemas/GoogleCloudApigeeV1ListSecurityFeedbackResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: keyvaluemapsId - required: true + - in: query + name: pageToken schema: type: string - in: query @@ -25521,20 +26465,16 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/organizations/{organizationsId}/sites/{sitesId}/apicategories: + /v1/organizations/{organizationsId}/apiproducts/{apiproductsId}/rateplans/{rateplansId}: parameters: *ref_1 - post: - description: Creates a new API category. - operationId: apigee.organizations.sites.apicategories.create + put: + description: Updates an existing rate plan. + operationId: apigee.organizations.apiproducts.rateplans.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiCategory' + $ref: '#/components/schemas/GoogleCloudApigeeV1RatePlan' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25546,7 +26486,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiCategoryResponse' + $ref: '#/components/schemas/GoogleCloudApigeeV1RatePlan' parameters: - in: path name: organizationsId @@ -25554,13 +26494,18 @@ paths: schema: type: string - in: path - name: sitesId + name: apiproductsId + required: true + schema: + type: string + - in: path + name: rateplansId required: true schema: type: string get: - description: Returns the API categories associated with a portal. - operationId: apigee.organizations.sites.apicategories.list + description: Gets the details of a rate plan. + operationId: apigee.organizations.apiproducts.rateplans.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25572,8 +26517,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListApiCategoriesResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1RatePlan' parameters: - in: path name: organizationsId @@ -25581,15 +26525,18 @@ paths: schema: type: string - in: path - name: sitesId + name: apiproductsId + required: true + schema: + type: string + - in: path + name: rateplansId required: true schema: type: string - /v1/organizations/{organizationsId}/sites/{sitesId}/apicategories/{apicategoriesId}: - parameters: *ref_1 delete: - description: Deletes an API category. - operationId: apigee.organizations.sites.apicategories.delete + description: Deletes a rate plan. + operationId: apigee.organizations.apiproducts.rateplans.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25601,7 +26548,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeleteResponse' + $ref: '#/components/schemas/GoogleCloudApigeeV1RatePlan' parameters: - in: path name: organizationsId @@ -25609,23 +26556,35 @@ paths: schema: type: string - in: path - name: sitesId + name: apiproductsId required: true schema: type: string - in: path - name: apicategoriesId + name: rateplansId required: true schema: type: string - patch: - description: Updates an API category. - operationId: apigee.organizations.sites.apicategories.patch + /v1/organizations/{organizationsId}/apiproducts/{apiproductsId}/rateplans: + parameters: *ref_1 + post: + description: >- + Create a rate plan that is associated with an API product in an + organization. Using rate plans, API product owners can monetize their + API products by configuring one or more of the following: - Billing + frequency - Initial setup fees for using an API product - Payment + funding model (postpaid only) - Fixed recurring or consumption-based + charges for using an API product - Revenue sharing with developer + partners An API product can have multiple rate plans associated with it + but *only one* rate plan can be active at any point of time. **Note: + From the developer's perspective, they purchase API products not rate + plans. + operationId: apigee.organizations.apiproducts.rateplans.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiCategory' + $ref: '#/components/schemas/GoogleCloudApigeeV1RatePlan' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25637,7 +26596,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiCategoryResponse' + $ref: '#/components/schemas/GoogleCloudApigeeV1RatePlan' parameters: - in: path name: organizationsId @@ -25645,18 +26604,13 @@ paths: schema: type: string - in: path - name: sitesId - required: true - schema: - type: string - - in: path - name: apicategoriesId + name: apiproductsId required: true schema: type: string get: - description: Gets an API category. - operationId: apigee.organizations.sites.apicategories.get + description: Lists all the rate plans for an API product. + operationId: apigee.organizations.apiproducts.rateplans.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25668,7 +26622,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiCategoryResponse' + $ref: '#/components/schemas/GoogleCloudApigeeV1ListRatePlansResponse' parameters: - in: path name: organizationsId @@ -25676,20 +26630,36 @@ paths: schema: type: string - in: path - name: sitesId + name: apiproductsId required: true schema: type: string - - in: path - name: apicategoriesId - required: true + - in: query + name: count + schema: + type: integer + format: int32 + - in: query + name: startKey schema: type: string - /v1/organizations/{organizationsId}/sites/{sitesId}/apidocs/{apidocsId}: + - in: query + name: expand + schema: + type: boolean + - in: query + name: state + schema: + type: string + - in: query + name: orderBy + schema: + type: string + /v1/organizations/{organizationsId}/apiproducts/{apiproductsId}/attributes: parameters: *ref_1 get: - description: Gets a catalog item. - operationId: apigee.organizations.sites.apidocs.get + description: Lists all API product attributes. + operationId: apigee.organizations.apiproducts.attributes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25701,7 +26671,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDocResponse' + $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' parameters: - in: path name: organizationsId @@ -25709,23 +26679,29 @@ paths: schema: type: string - in: path - name: sitesId - required: true - schema: - type: string - - in: path - name: apidocsId + name: apiproductsId required: true schema: type: string - put: - description: Updates a catalog item. - operationId: apigee.organizations.sites.apidocs.update + post: + description: >- + Updates or creates API product attributes. This API **replaces** the + current list of attributes with the attributes specified in the request + body. In this way, you can update existing attributes, add new + attributes, or delete existing attributes by omitting them from the + request body. **Note**: OAuth access tokens and Key Management Service + (KMS) entities (apps, developers, and API products) are cached for 180 + seconds (current default). Any custom attributes associated with + entities also get cached for at least 180 seconds after entity is + accessed during runtime. In this case, the `ExpiresIn` element on the + OAuthV2 policy won't be able to expire an access token in less than 180 + seconds. + operationId: apigee.organizations.apiproducts.attributes requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDoc' + $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25737,7 +26713,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDocResponse' + $ref: '#/components/schemas/GoogleCloudApigeeV1Attributes' parameters: - in: path name: organizationsId @@ -25745,18 +26721,15 @@ paths: schema: type: string - in: path - name: sitesId - required: true - schema: - type: string - - in: path - name: apidocsId + name: apiproductsId required: true schema: type: string + /v1/organizations/{organizationsId}/apiproducts/{apiproductsId}/attributes/{attributesId}: + parameters: *ref_1 delete: - description: Deletes a catalog item. - operationId: apigee.organizations.sites.apidocs.delete + description: Deletes an API product attribute. + operationId: apigee.organizations.apiproducts.attributes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25768,7 +26741,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DeleteResponse' + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' parameters: - in: path name: organizationsId @@ -25776,51 +26749,18 @@ paths: schema: type: string - in: path - name: sitesId - required: true - schema: - type: string - - in: path - name: apidocsId - required: true - schema: - type: string - /v1/organizations/{organizationsId}/sites/{sitesId}/apidocs: - parameters: *ref_1 - post: - description: Creates a new catalog item. - operationId: apigee.organizations.sites.apidocs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDoc' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDocResponse' - parameters: - - in: path - name: organizationsId + name: apiproductsId required: true schema: type: string - in: path - name: sitesId + name: attributesId required: true schema: type: string get: - description: Returns the catalog items associated with a portal. - operationId: apigee.organizations.sites.apidocs.list + description: Gets the value of an API product attribute. + operationId: apigee.organizations.apiproducts.attributes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25832,7 +26772,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ListApiDocsResponse' + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' parameters: - in: path name: organizationsId @@ -25840,31 +26780,30 @@ paths: schema: type: string - in: path - name: sitesId + name: apiproductsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: attributesId + required: true schema: type: string - /v1/organizations/{organizationsId}/sites/{sitesId}/apidocs/{apidocsId}/documentation: - parameters: *ref_1 - patch: + post: description: >- - Updates the documentation for the specified catalog item. Note that the - documentation file contents will not be populated in the return message. - operationId: apigee.organizations.sites.apidocs.updateDocumentation + Updates the value of an API product attribute. **Note**: OAuth access + tokens and Key Management Service (KMS) entities (apps, developers, and + API products) are cached for 180 seconds (current default). Any custom + attributes associated with entities also get cached for at least 180 + seconds after entity is accessed during runtime. In this case, the + `ExpiresIn` element on the OAuthV2 policy won't be able to expire an + access token in less than 180 seconds. + operationId: apigee.organizations.apiproducts.attributes.updateApiProductAttribute requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ApiDocDocumentation' + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25876,8 +26815,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ApiDocDocumentationResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1Attribute' parameters: - in: path name: organizationsId @@ -25885,18 +26823,27 @@ paths: schema: type: string - in: path - name: sitesId + name: apiproductsId required: true schema: type: string - in: path - name: apidocsId + name: attributesId required: true schema: type: string + /v1/organizations/{organizationsId}/apiproducts: + parameters: *ref_1 get: - description: Gets the documentation for the specified catalog item. - operationId: apigee.organizations.sites.apidocs.getDocumentation + description: >- + Lists all API product names for an organization. Filter the list by + passing an `attributename` and `attibutevalue`. The maximum number of + API products returned is 1000. You can paginate the list of API products + returned using the `startKey` and `count` query parameters. If the + resource has the `space` attribute set, the response may not return all + resources. To learn more, read the [Apigee Spaces + Overview](https://cloud.google.com/apigee/docs/api-platform/system-administration/spaces/apigee-spaces-overview). + operationId: apigee.organizations.apiproducts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25909,35 +26856,64 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudApigeeV1ApiDocDocumentationResponse + #/components/schemas/GoogleCloudApigeeV1ListApiProductsResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: sitesId - required: true + - in: query + name: attributevalue schema: type: string - - in: path - name: apidocsId - required: true + - in: query + name: startKey schema: type: string - /v1/organizations/{organizationsId}/endpointAttachments: - parameters: *ref_1 + - in: query + name: space + schema: + type: string + - in: query + name: attributename + schema: + type: string + - in: query + name: expand + schema: + type: boolean + - in: query + name: count + schema: + type: string + format: int64 post: description: >- - Creates an endpoint attachment. **Note:** Not supported for Apigee - hybrid. - operationId: apigee.organizations.endpointAttachments.create + Creates an API product in an organization. You create API products after + you have proxied backend services using API proxies. An API product is a + collection of API resources combined with quota settings and metadata + that you can use to deliver customized and productized API bundles to + your developer community. This metadata can include: - Scope - + Environments - API proxies - Extensible profile API products enable you + repackage APIs on the fly, without having to do any additional coding or + configuration. Apigee recommends that you start with a simple API + product including only required elements. You then provision credentials + to apps to enable them to start testing your APIs. After you have + authentication and authorization working against a simple API product, + you can iterate to create finer-grained API products, defining different + sets of API resources for each API product. **WARNING:** - If you don't + specify an API proxy in the request body, *any* app associated with the + product can make calls to *any* API in your entire organization. - If + you don't specify an environment in the request body, the product allows + access to all environments. For more information, see What is an API + product? + operationId: apigee.organizations.apiproducts.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1EndpointAttachment' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProduct' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25949,20 +26925,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProduct' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: endpointAttachmentId - schema: - type: string + /v1/organizations/{organizationsId}/apiproducts/{apiproductsId}: + parameters: *ref_1 get: - description: Lists the endpoint attachments in an organization. - operationId: apigee.organizations.endpointAttachments.list + description: >- + Gets configuration details for an API product. The API product name + required in the request URL is the internal name of the product, not the + display name. While they may be the same, it depends on whether the API + product was created via the UI or the API. View the list of API products + to verify the internal name. + operationId: apigee.organizations.apiproducts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -25974,28 +26953,29 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ListEndpointAttachmentsResponse + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProduct' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: apiproductsId + required: true schema: type: string - /v1/organizations/{organizationsId}/endpointAttachments/{endpointAttachmentsId}: - parameters: *ref_1 - get: - description: Gets the endpoint attachment. - operationId: apigee.organizations.endpointAttachments.get + delete: + description: >- + Deletes an API product from an organization. Deleting an API product + causes app requests to the resource URIs defined in the API product to + fail. Ensure that you create a new API product to serve existing apps, + unless your intention is to disable access to the resources defined in + the API product. The API product name required in the request URL is the + internal name of the product, not the display name. While they may be + the same, it depends on whether the API product was created via the UI + or the API. View the list of API products to verify the internal name. + operationId: apigee.organizations.apiproducts.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -26007,7 +26987,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1EndpointAttachment' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProduct' parameters: - in: path name: organizationsId @@ -26015,13 +26995,25 @@ paths: schema: type: string - in: path - name: endpointAttachmentsId + name: apiproductsId required: true schema: type: string - delete: - description: Deletes an endpoint attachment. - operationId: apigee.organizations.endpointAttachments.delete + put: + description: >- + Updates an existing API product. You must include all required values, + whether or not you are updating them, as well as any optional values + that you are updating. The API product name required in the request URL + is the internal name of the product, not the display name. While they + may be the same, it depends on whether the API product was created via + UI or API. View the list of API products to identify their internal + names. + operationId: apigee.organizations.apiproducts.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProduct' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -26033,7 +27025,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProduct' parameters: - in: path name: organizationsId @@ -26041,20 +27033,20 @@ paths: schema: type: string - in: path - name: endpointAttachmentsId + name: apiproductsId required: true schema: type: string - /v1/organizations/{organizationsId}/dnsZones: + /v1/organizations/{organizationsId}/apiproducts/{apiproductsId}:move: parameters: *ref_1 post: - description: Creates a new DNS zone. - operationId: apigee.organizations.dnsZones.create + description: Moves an API product to a different space. + operationId: apigee.organizations.apiproducts.move requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DnsZone' + $ref: '#/components/schemas/GoogleCloudApigeeV1MoveApiProductRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -26066,20 +27058,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudApigeeV1ApiProduct' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: dnsZoneId + - in: path + name: apiproductsId + required: true schema: type: string + /v1/organizations/{organizationsId}/endpointAttachments: + parameters: *ref_1 get: - description: Enumerates DNS zones that have been created but not yet deleted. - operationId: apigee.organizations.dnsZones.list + description: Lists the endpoint attachments in an organization. + operationId: apigee.organizations.endpointAttachments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -26091,7 +27086,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1ListDnsZonesResponse' + $ref: >- + #/components/schemas/GoogleCloudApigeeV1ListEndpointAttachmentsResponse parameters: - in: path name: organizationsId @@ -26107,11 +27103,16 @@ paths: name: pageToken schema: type: string - /v1/organizations/{organizationsId}/dnsZones/{dnsZonesId}: - parameters: *ref_1 - get: - description: Fetches the representation of an existing DNS zone. - operationId: apigee.organizations.dnsZones.get + post: + description: >- + Creates an endpoint attachment. **Note:** Not supported for Apigee + hybrid. + operationId: apigee.organizations.endpointAttachments.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApigeeV1EndpointAttachment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -26123,21 +27124,22 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudApigeeV1DnsZone' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: dnsZonesId - required: true + - in: query + name: endpointAttachmentId schema: type: string + /v1/organizations/{organizationsId}/endpointAttachments/{endpointAttachmentsId}: + parameters: *ref_1 delete: - description: Deletes a previously created DNS zone. - operationId: apigee.organizations.dnsZones.delete + description: Deletes an endpoint attachment. + operationId: apigee.organizations.endpointAttachments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -26157,23 +27159,13 @@ paths: schema: type: string - in: path - name: dnsZonesId + name: endpointAttachmentsId required: true schema: type: string - /v1/projects/{projectsId}:provisionOrganization: - parameters: *ref_1 - post: - description: >- - Provisions a new Apigee organization with a functioning runtime. This is - the standard way to create trial organizations for a free Apigee trial. - operationId: apigee.projects.provisionOrganization - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudApigeeV1ProvisionOrganizationRequest + get: + description: Gets the endpoint attachment. + operationId: apigee.organizations.endpointAttachments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -26185,10 +27177,15 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudApigeeV1EndpointAttachment' parameters: - in: path - name: projectsId + name: organizationsId + required: true + schema: + type: string + - in: path + name: endpointAttachmentsId required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/apigeeregistry.yaml b/providers/src/googleapis.com/v00.00.00000/services/apigeeregistry.yaml index 3f5c82d6..f4ab763b 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/apigeeregistry.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/apigeeregistry.yaml @@ -8,7 +8,7 @@ info: description: '' version: v1 x-discovery-doc-revision: '20231204' - x-generated-date: '2025-08-28' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/apigee/docs/api-hub/what-is-api-hub servers: @@ -34,330 +34,164 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object - properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status + Policy: + id: Policy description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer + version: format: int32 - message: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + type: integer + bindings: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - Instance: - id: Instance - description: >- - An Instance represents the instance resources of the Registry. - Currently, only one instance is allowed for each project. - type: object - properties: - name: - description: >- - Format: `projects/*/locations/*/instance`. Currently only - `locations/global` is supported. - type: string - createTime: - description: Output only. Creation timestamp. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Last update timestamp. - readOnly: true - type: string - format: google-datetime - state: - description: Output only. The current state of the Instance. - readOnly: true - type: string - enumDescriptions: - - The default value. This value is used if the state is omitted. - - The Instance has not been initialized or has been deleted. - - The Instance is being created. - - The Instance has been created and is ready for use. - - The Instance is being updated. - - The Instance is being deleted. - - The Instance encountered an error during a state change. - enum: - - STATE_UNSPECIFIED - - INACTIVE - - CREATING - - ACTIVE - - UPDATING - - DELETING - - FAILED - stateMessage: - description: >- - Output only. Extra information of Instance.State if the state is - `FAILED`. - readOnly: true - type: string - config: - description: Required. Config of the Instance. - $ref: '#/components/schemas/Config' - build: - description: Output only. Build info of the Instance if it's in `ACTIVE` state. - readOnly: true - $ref: '#/components/schemas/Build' - Config: - id: Config - description: Available configurations to provision an Instance. - type: object - properties: - location: - description: Output only. The GCP location where the Instance resides. - readOnly: true - type: string - cmekKeyName: - description: >- - Required. The Customer Managed Encryption Key (CMEK) used for data - encryption. The CMEK name should follow the format of - `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, - where the `location` must match InstanceConfig.location. - type: string - Build: - id: Build - description: Build information of the Instance if it's in `ACTIVE` state. - type: object - properties: - repo: + $ref: '#/components/schemas/Binding' + etag: description: >- - Output only. Path of the open source repository: - github.com/apigee/registry. - readOnly: true - type: string - commitId: - description: Output only. Commit ID of the latest commit in the build. - readOnly: true - type: string - commitTime: - description: Output only. Commit time of the latest commit in the build. - readOnly: true + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. type: string - format: google-datetime - ListApisResponse: - id: ListApisResponse - description: Response message for ListApis. + format: byte type: object + Binding: + description: Associates `members`, or principals, with a `role`. + id: Binding properties: - apis: - description: The APIs from the specified publisher. + members: type: array items: - $ref: '#/components/schemas/Api' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - Api: - id: Api - description: >- - A top-level description of an API. Produced by producers and are - commitments to provide services. - type: object - properties: - name: - description: Resource name. - type: string - displayName: - description: Human-meaningful name. - type: string - description: - description: A detailed description. - type: string - createTime: - description: Output only. Creation timestamp. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Last update timestamp. - readOnly: true - type: string - format: google-datetime - availability: - description: >- - A user-definable description of the availability of this service. - Format: free-form, but we expect single words that describe - availability, e.g., "NONE", "TESTING", "PREVIEW", "GENERAL", - "DEPRECATED", "SHUTDOWN". - type: string - recommendedVersion: - description: >- - The recommended version of the API. Format: - `projects/{project}/locations/{location}/apis/{api}/versions/{version}` - type: string - recommendedDeployment: - description: >- - The recommended deployment of the API. Format: - `projects/{project}/locations/{location}/apis/{api}/deployments/{deployment}` - type: string - labels: - description: >- - Labels attach identifying metadata to resources. Identifying - metadata can be used to filter list operations. Label keys and - values can be no longer than 64 characters (Unicode codepoints), can - only contain lowercase letters, numeric characters, underscores, and - dashes. International characters are allowed. No more than 64 user - labels can be associated with one resource (System labels are - excluded). See https://goo.gl/xmQnxf for more information and - examples of labels. System reserved label keys are prefixed with - `apigeeregistry.googleapis.com/` and cannot be changed. - type: object - additionalProperties: type: string - annotations: description: >- - Annotations attach non-identifying metadata to resources. Annotation - keys and values are less restricted than those of labels, but should - be generally used for small values of broad interest. Larger, topic- - specific metadata should be stored in Artifacts. - type: object - additionalProperties: - type: string - ListApiVersionsResponse: - id: ListApiVersionsResponse - description: Response message for ListApiVersions. - type: object - properties: - apiVersions: - description: The versions from the specified publisher. - type: array - items: - $ref: '#/components/schemas/ApiVersion' - nextPageToken: + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. + condition: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + role: type: string + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. + type: object ApiVersion: id: ApiVersion - description: >- - Describes a particular version of an API. ApiVersions are what consumers - actually use. - type: object properties: name: description: Resource name. type: string - displayName: - description: Human-meaningful name. - type: string - description: - description: A detailed description. - type: string - createTime: - description: Output only. Creation timestamp. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Last update timestamp. - readOnly: true - type: string - format: google-datetime state: description: >- A user-definable description of the lifecycle phase of this API @@ -376,142 +210,246 @@ components: excluded). See https://goo.gl/xmQnxf for more information and examples of labels. System reserved label keys are prefixed with `apigeeregistry.googleapis.com/` and cannot be changed. - type: object additionalProperties: type: string + type: object annotations: + type: object description: >- Annotations attach non-identifying metadata to resources. Annotation keys and values are less restricted than those of labels, but should be generally used for small values of broad interest. Larger, topic- specific metadata should be stored in Artifacts. - type: object additionalProperties: type: string + description: + description: A detailed description. + type: string + updateTime: + format: google-datetime + type: string + readOnly: true + description: Output only. Last update timestamp. primarySpec: + type: string description: >- The primary spec for this version. Format: projects/{project}/locations/{location}/apis/{api}/versions/{version}/specs/{spec} + createTime: + readOnly: true + description: Output only. Creation timestamp. type: string - ListApiSpecsResponse: - id: ListApiSpecsResponse - description: Response message for ListApiSpecs. + format: google-datetime + displayName: + description: Human-meaningful name. + type: string + type: object + description: >- + Describes a particular version of an API. ApiVersions are what consumers + actually use. + ListApiVersionsResponse: + id: ListApiVersionsResponse type: object properties: - apiSpecs: - description: The specs from the specified publisher. + apiVersions: type: array + description: The versions from the specified publisher. items: - $ref: '#/components/schemas/ApiSpec' + $ref: '#/components/schemas/ApiVersion' nextPageToken: + type: string description: >- A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. - type: string - ApiSpec: - id: ApiSpec + description: Response message for ListApiVersions. + ApiDeployment: description: >- - Describes a version of an API in a structured way. ApiSpecs provide - formal descriptions that consumers can use to use a version. ApiSpec - resources are intended to be fully-resolved descriptions of an - ApiVersion. When specs consist of multiple files, these should be - bundled together (e.g., in a zip archive) and stored as a unit. Multiple - specs can exist to provide representations in different API description - formats. Synchronization of these representations would be provided by - tooling and background services. - type: object + Describes a service running at particular address that provides a + particular version of an API. ApiDeployments have revisions which + correspond to different configurations of a single deployment in time. + Revision identifiers should be updated whenever the served API spec or + endpoint address changes. + id: ApiDeployment properties: name: + type: string description: Resource name. + endpointUri: type: string - filename: description: >- - A possibly-hierarchical name used to refer to the spec from other - specs. + The address where the deployment is serving. Changes to this value + will update the revision. + revisionUpdateTime: + readOnly: true + description: >- + Output only. Last update timestamp: when the represented revision + was last modified. + format: google-datetime + type: string + labels: + description: >- + Labels attach identifying metadata to resources. Identifying + metadata can be used to filter list operations. Label keys and + values can be no longer than 64 characters (Unicode codepoints), can + only contain lowercase letters, numeric characters, underscores and + dashes. International characters are allowed. No more than 64 user + labels can be associated with one resource (System labels are + excluded). See https://goo.gl/xmQnxf for more information and + examples of labels. System reserved label keys are prefixed with + `apigeeregistry.googleapis.com/` and cannot be changed. + additionalProperties: + type: string + type: object + revisionCreateTime: + type: string + format: google-datetime + description: >- + Output only. Revision creation timestamp; when the represented + revision was created. + readOnly: true + accessGuidance: + description: >- + Text briefly describing how to access the endpoint. Changes to this + value will not affect the revision. type: string + annotations: + description: >- + Annotations attach non-identifying metadata to resources. Annotation + keys and values are less restricted than those of labels, but should + be generally used for small values of broad interest. Larger, topic- + specific metadata should be stored in Artifacts. + additionalProperties: + type: string + type: object description: + type: string description: A detailed description. + externalChannelUri: + description: >- + The address of the external channel of the API (e.g., the Developer + Portal). Changes to this value will not affect the revision. type: string revisionId: description: >- - Output only. Immutable. The revision ID of the spec. A new revision - is committed whenever the spec contents are changed. The format is - an 8-character hexadecimal string. - readOnly: true + Output only. Immutable. The revision ID of the deployment. A new + revision is committed whenever the deployment contents are changed. + The format is an 8-character hexadecimal string. type: string + readOnly: true createTime: - description: Output only. Creation timestamp; when the spec resource was created. readOnly: true - type: string format: google-datetime - revisionCreateTime: description: >- - Output only. Revision creation timestamp; when the represented - revision was created. - readOnly: true + Output only. Creation timestamp; when the deployment resource was + created. type: string - format: google-datetime - revisionUpdateTime: + intendedAudience: description: >- - Output only. Last update timestamp: when the represented revision - was last modified. - readOnly: true + Text briefly identifying the intended audience of the API. Changes + to this value will not affect the revision. type: string - format: google-datetime - mimeType: + apiSpecRevision: description: >- - A style (format) descriptor for this spec that is specified as a - [Media Type](https://en.wikipedia.org/wiki/Media_type). Possible - values include `application/vnd.apigee.proto`, - `application/vnd.apigee.openapi`, and - `application/vnd.apigee.graphql`, with possible suffixes - representing compression types. These hypothetical names are defined - in the vendor tree defined in RFC6838 - (https://tools.ietf.org/html/rfc6838) and are not final. Content - types can specify compression. Currently only GZip compression is - supported (indicated with "+gzip"). + The full resource name (including revision ID) of the spec of the + API being served by the deployment. Changes to this value will + update the revision. Format: + `projects/{project}/locations/{location}/apis/{api}/versions/{version}/specs/{spec@revision}` + type: string + displayName: + description: Human-meaningful name. + type: string + type: object + ListApiDeploymentsResponse: + properties: + nextPageToken: type: string - sizeBytes: description: >- - Output only. The size of the spec file in bytes. If the spec is - gzipped, this is the size of the uncompressed spec. - readOnly: true - type: integer - format: int32 - hash: + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + apiDeployments: + items: + $ref: '#/components/schemas/ApiDeployment' + type: array + description: The deployments from the specified publisher. + description: Response message for ListApiDeployments. + id: ListApiDeploymentsResponse + type: object + ListLocationsResponse: + description: The response message for Locations.ListLocations. + id: ListLocationsResponse + type: object + properties: + nextPageToken: + description: The standard List next-page token. + type: string + locations: + type: array description: >- - Output only. A SHA-256 hash of the spec's contents. If the spec is - gzipped, this is the hash of the uncompressed spec. - readOnly: true + A list of locations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Location' + ListApiSpecRevisionsResponse: + description: Response message for ListApiSpecRevisionsResponse. + properties: + nextPageToken: + description: >- + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. type: string - sourceUri: + apiSpecs: + items: + $ref: '#/components/schemas/ApiSpec' + description: The revisions of the spec. + type: array + type: object + id: ListApiSpecRevisionsResponse + Api: + properties: + recommendedVersion: description: >- - The original source URI of the spec (if one exists). This is an - external location that can be used for reference purposes but which - may not be authoritative since this external resource may change - after the spec is retrieved. + The recommended version of the API. Format: + `projects/{project}/locations/{location}/apis/{api}/versions/{version}` + type: string + availability: type: string - contents: description: >- - Input only. The contents of the spec. Provided by API callers when - specs are created or updated. To access the contents of a spec, use - GetApiSpecContents. + A user-definable description of the availability of this service. + Format: free-form, but we expect single words that describe + availability, e.g., "NONE", "TESTING", "PREVIEW", "GENERAL", + "DEPRECATED", "SHUTDOWN". + description: + description: A detailed description. type: string - format: byte labels: + additionalProperties: + type: string description: >- Labels attach identifying metadata to resources. Identifying metadata can be used to filter list operations. Label keys and values can be no longer than 64 characters (Unicode codepoints), can - only contain lowercase letters, numeric characters, underscores and + only contain lowercase letters, numeric characters, underscores, and dashes. International characters are allowed. No more than 64 user labels can be associated with one resource (System labels are excluded). See https://goo.gl/xmQnxf for more information and examples of labels. System reserved label keys are prefixed with `apigeeregistry.googleapis.com/` and cannot be changed. type: object - additionalProperties: - type: string + recommendedDeployment: + description: >- + The recommended deployment of the API. Format: + `projects/{project}/locations/{location}/apis/{api}/deployments/{deployment}` + type: string + updateTime: + type: string + format: google-datetime + description: Output only. Last update timestamp. + readOnly: true + createTime: + description: Output only. Creation timestamp. + format: google-datetime + readOnly: true + type: string annotations: description: >- Annotations attach non-identifying metadata to resources. Annotation @@ -521,8 +459,55 @@ components: type: object additionalProperties: type: string + name: + description: Resource name. + type: string + displayName: + type: string + description: Human-meaningful name. + id: Api + description: >- + A top-level description of an API. Produced by producers and are + commitments to provide services. + type: object + TagApiSpecRevisionRequest: + id: TagApiSpecRevisionRequest + properties: + tag: + description: >- + Required. The tag to apply. The tag should be at most 40 characters, + and match `a-z{3,39}`. + type: string + type: object + description: Request message for TagApiSpecRevision. + Build: + properties: + commitId: + type: string + description: Output only. Commit ID of the latest commit in the build. + readOnly: true + repo: + type: string + readOnly: true + description: >- + Output only. Path of the open source repository: + github.com/apigee/registry. + commitTime: + description: Output only. Commit time of the latest commit in the build. + format: google-datetime + type: string + readOnly: true + id: Build + type: object + description: Build information of the Instance if it's in `ACTIVE` state. + CancelOperationRequest: + id: CancelOperationRequest + properties: {} + description: The request message for Operations.CancelOperation. + type: object HttpBody: id: HttpBody + type: object description: >- Message that represents an arbitrary HTTP body. It should only be used for payload formats that can't be represented as JSON, such as raw @@ -542,152 +527,258 @@ components: returns (stream google.api.HttpBody); } Use of this type only changes how the request and response bodies are handled, all other features will continue to work unchanged. - type: object properties: + data: + format: byte + description: The HTTP request/response body as raw binary. + type: string contentType: + type: string description: >- The HTTP Content-Type header value specifying the content type of the body. - type: string - data: - description: The HTTP request/response body as raw binary. - type: string - format: byte extensions: description: >- Application specific response metadata. Must be set in the first response for streaming APIs. - type: array items: type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - TagApiSpecRevisionRequest: - id: TagApiSpecRevisionRequest - description: Request message for TagApiSpecRevision. - type: object + type: array + ListOperationsResponse: + description: The response message for Operations.ListOperations. + id: ListOperationsResponse properties: - tag: - description: >- - Required. The tag to apply. The tag should be at most 40 characters, - and match `a-z{3,39}`. + nextPageToken: type: string - ListApiSpecRevisionsResponse: - id: ListApiSpecRevisionsResponse - description: Response message for ListApiSpecRevisionsResponse. - type: object - properties: - apiSpecs: - description: The revisions of the spec. - type: array + description: The standard List next-page token. + operations: items: - $ref: '#/components/schemas/ApiSpec' - nextPageToken: + $ref: '#/components/schemas/Operation' + type: array description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. - type: string - RollbackApiSpecRequest: - id: RollbackApiSpecRequest - description: Request message for RollbackApiSpec. + A list of operations that matches the specified filter in the + request. type: object + OperationMetadata: + type: object + description: Represents the metadata of the long-running operation. + id: OperationMetadata properties: - revisionId: + createTime: + description: The time the operation was created. + format: google-datetime + type: string + apiVersion: + description: API version used to start the operation. + type: string + verb: + description: Name of the verb executed by the operation. + type: string + endTime: + type: string + format: google-datetime + description: The time the operation finished running. + cancellationRequested: description: >- - Required. The revision ID to roll back to. It must be a revision of - the same spec. Example: `c7cfa2a8` + Identifies whether the user has requested cancellation of the + operation. Operations that have successfully been cancelled have + Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. + type: boolean + statusMessage: type: string - ListApiDeploymentsResponse: - id: ListApiDeploymentsResponse - description: Response message for ListApiDeployments. - type: object + description: Human-readable status of the operation, if any. + target: + description: Server-defined resource path for the target of the operation. + type: string + Location: + id: Location properties: - apiDeployments: - description: The deployments from the specified publisher. - type: array - items: - $ref: '#/components/schemas/ApiDeployment' - nextPageToken: + name: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` type: string - ApiDeployment: - id: ApiDeployment - description: >- - Describes a service running at particular address that provides a - particular version of an API. ApiDeployments have revisions which - correspond to different configurations of a single deployment in time. - Revision identifiers should be updated whenever the served API spec or - endpoint address changes. + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + metadata: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + labels: + type: object + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + additionalProperties: + type: string + description: A resource that represents a Google Cloud location. + type: object + Expr: + id: Expr type: object + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. properties: - name: - description: Resource name. + location: type: string - displayName: - description: Human-meaningful name. + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + expression: + description: >- + Textual representation of an expression in Common Expression + Language syntax. type: string description: - description: A detailed description. type: string - revisionId: description: >- - Output only. Immutable. The revision ID of the deployment. A new - revision is committed whenever the deployment contents are changed. - The format is an 8-character hexadecimal string. + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + title: + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + type: string + TestIamPermissionsRequest: + id: TestIamPermissionsRequest + type: object + description: Request message for `TestIamPermissions` method. + properties: + permissions: + type: array + items: + type: string + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + Instance: + type: object + id: Instance + description: >- + An Instance represents the instance resources of the Registry. + Currently, only one instance is allowed for each project. + properties: + build: readOnly: true - type: string - createTime: - description: >- - Output only. Creation timestamp; when the deployment resource was - created. + description: Output only. Build info of the Instance if it's in `ACTIVE` state. + $ref: '#/components/schemas/Build' + updateTime: readOnly: true + format: google-datetime + description: Output only. Last update timestamp. type: string + createTime: + description: Output only. Creation timestamp. format: google-datetime - revisionCreateTime: - description: >- - Output only. Revision creation timestamp; when the represented - revision was created. readOnly: true type: string - format: google-datetime - revisionUpdateTime: + stateMessage: description: >- - Output only. Last update timestamp: when the represented revision - was last modified. + Output only. Extra information of Instance.State if the state is + `FAILED`. readOnly: true type: string - format: google-datetime - apiSpecRevision: - description: >- - The full resource name (including revision ID) of the spec of the - API being served by the deployment. Changes to this value will - update the revision. Format: - `projects/{project}/locations/{location}/apis/{api}/versions/{version}/specs/{spec@revision}` + config: + $ref: '#/components/schemas/Config' + description: Required. Config of the Instance. + name: type: string - endpointUri: description: >- - The address where the deployment is serving. Changes to this value - will update the revision. + Format: `projects/*/locations/*/instance`. Currently only + `locations/global` is supported. + state: + description: Output only. The current state of the Instance. + enumDescriptions: + - The default value. This value is used if the state is omitted. + - The Instance has not been initialized or has been deleted. + - The Instance is being created. + - The Instance has been created and is ready for use. + - The Instance is being updated. + - The Instance is being deleted. + - The Instance encountered an error during a state change. + enum: + - STATE_UNSPECIFIED + - INACTIVE + - CREATING + - ACTIVE + - UPDATING + - DELETING + - FAILED + readOnly: true + type: string + Artifact: + description: >- + Artifacts of resources. Artifacts are unique (single-value) per resource + and are used to store metadata that is too large or numerous to be + stored directly on the resource. Since artifacts are stored separately + from parent resources, they should generally be used for metadata that + is needed infrequently, i.e., not for display in primary views of the + resource but perhaps displayed or downloaded upon request. The + `ListArtifacts` method allows artifacts to be quickly enumerated and + checked for presence without downloading their (potentially-large) + contents. + type: object + id: Artifact + properties: + contents: type: string - externalChannelUri: description: >- - The address of the external channel of the API (e.g., the Developer - Portal). Changes to this value will not affect the revision. + Input only. The contents of the artifact. Provided by API callers + when artifacts are created or replaced. To access the contents of an + artifact, use GetArtifactContents. + format: byte + name: type: string - intendedAudience: + description: Resource name. + hash: description: >- - Text briefly identifying the intended audience of the API. Changes - to this value will not affect the revision. + Output only. A SHA-256 hash of the artifact's contents. If the + artifact is gzipped, this is the hash of the uncompressed artifact. + readOnly: true type: string - accessGuidance: + mimeType: description: >- - Text briefly describing how to access the endpoint. Changes to this - value will not affect the revision. + A content type specifier for the artifact. Content type specifiers + are Media Types (https://en.wikipedia.org/wiki/Media_type) with a + possible "schema" parameter that specifies a schema for the stored + information. Content types can specify compression. Currently only + GZip compression is supported (indicated with "+gzip"). type: string labels: + type: object description: >- Labels attach identifying metadata to resources. Identifying metadata can be used to filter list operations. Label keys and @@ -697,124 +788,113 @@ components: labels can be associated with one resource (System labels are excluded). See https://goo.gl/xmQnxf for more information and examples of labels. System reserved label keys are prefixed with - `apigeeregistry.googleapis.com/` and cannot be changed. - type: object + "registry.googleapis.com/" and cannot be changed. additionalProperties: type: string + createTime: + format: google-datetime + type: string + readOnly: true + description: Output only. Creation timestamp. annotations: + additionalProperties: + type: string + type: object description: >- Annotations attach non-identifying metadata to resources. Annotation keys and values are less restricted than those of labels, but should be generally used for small values of broad interest. Larger, topic- specific metadata should be stored in Artifacts. - type: object - additionalProperties: - type: string + updateTime: + description: Output only. Last update timestamp. + type: string + readOnly: true + format: google-datetime + sizeBytes: + readOnly: true + description: >- + Output only. The size of the artifact in bytes. If the artifact is + gzipped, this is the size of the uncompressed artifact. + type: integer + format: int32 TagApiDeploymentRevisionRequest: - id: TagApiDeploymentRevisionRequest - description: Request message for TagApiDeploymentRevision. type: object + description: Request message for TagApiDeploymentRevision. properties: tag: description: >- Required. The tag to apply. The tag should be at most 40 characters, and match `a-z{3,39}`. type: string - ListApiDeploymentRevisionsResponse: - id: ListApiDeploymentRevisionsResponse - description: Response message for ListApiDeploymentRevisionsResponse. - type: object - properties: - apiDeployments: - description: The revisions of the deployment. - type: array - items: - $ref: '#/components/schemas/ApiDeployment' - nextPageToken: - description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. - type: string - RollbackApiDeploymentRequest: - id: RollbackApiDeploymentRequest - description: Request message for RollbackApiDeployment. + id: TagApiDeploymentRevisionRequest + ApiSpec: + id: ApiSpec type: object properties: - revisionId: - description: >- - Required. The revision ID to roll back to. It must be a revision of - the same deployment. Example: `c7cfa2a8` + sourceUri: type: string - ListArtifactsResponse: - id: ListArtifactsResponse - description: Response message for ListArtifacts. - type: object - properties: - artifacts: - description: The artifacts from the specified publisher. - type: array - items: - $ref: '#/components/schemas/Artifact' - nextPageToken: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - Artifact: - id: Artifact - description: >- - Artifacts of resources. Artifacts are unique (single-value) per resource - and are used to store metadata that is too large or numerous to be - stored directly on the resource. Since artifacts are stored separately - from parent resources, they should generally be used for metadata that - is needed infrequently, i.e., not for display in primary views of the - resource but perhaps displayed or downloaded upon request. The - `ListArtifacts` method allows artifacts to be quickly enumerated and - checked for presence without downloading their (potentially-large) - contents. - type: object - properties: - name: - description: Resource name. - type: string + The original source URI of the spec (if one exists). This is an + external location that can be used for reference purposes but which + may not be authoritative since this external resource may change + after the spec is retrieved. createTime: - description: Output only. Creation timestamp. - readOnly: true - type: string format: google-datetime - updateTime: - description: Output only. Last update timestamp. - readOnly: true + description: Output only. Creation timestamp; when the spec resource was created. type: string - format: google-datetime + readOnly: true mimeType: + type: string description: >- - A content type specifier for the artifact. Content type specifiers - are Media Types (https://en.wikipedia.org/wiki/Media_type) with a - possible "schema" parameter that specifies a schema for the stored - information. Content types can specify compression. Currently only - GZip compression is supported (indicated with "+gzip"). + A style (format) descriptor for this spec that is specified as a + [Media Type](https://en.wikipedia.org/wiki/Media_type). Possible + values include `application/vnd.apigee.proto`, + `application/vnd.apigee.openapi`, and + `application/vnd.apigee.graphql`, with possible suffixes + representing compression types. These hypothetical names are defined + in the vendor tree defined in RFC6838 + (https://tools.ietf.org/html/rfc6838) and are not final. Content + types can specify compression. Currently only GZip compression is + supported (indicated with "+gzip"). + contents: + format: byte type: string - sizeBytes: description: >- - Output only. The size of the artifact in bytes. If the artifact is - gzipped, this is the size of the uncompressed artifact. + Input only. The contents of the spec. Provided by API callers when + specs are created or updated. To access the contents of a spec, use + GetApiSpecContents. + revisionUpdateTime: + description: >- + Output only. Last update timestamp: when the represented revision + was last modified. + type: string readOnly: true - type: integer - format: int32 - hash: + format: google-datetime + filename: description: >- - Output only. A SHA-256 hash of the artifact's contents. If the - artifact is gzipped, this is the hash of the uncompressed artifact. + A possibly-hierarchical name used to refer to the spec from other + specs. + type: string + revisionCreateTime: readOnly: true + format: google-datetime type: string - contents: description: >- - Input only. The contents of the artifact. Provided by API callers - when artifacts are created or replaced. To access the contents of an - artifact, use GetArtifactContents. + Output only. Revision creation timestamp; when the represented + revision was created. + hash: + description: >- + Output only. A SHA-256 hash of the spec's contents. If the spec is + gzipped, this is the hash of the uncompressed spec. type: string - format: byte + readOnly: true + sizeBytes: + format: int32 + description: >- + Output only. The size of the spec file in bytes. If the spec is + gzipped, this is the size of the uncompressed spec. + readOnly: true + type: integer labels: description: >- Labels attach identifying metadata to resources. Identifying @@ -825,72 +905,42 @@ components: labels can be associated with one resource (System labels are excluded). See https://goo.gl/xmQnxf for more information and examples of labels. System reserved label keys are prefixed with - "registry.googleapis.com/" and cannot be changed. - type: object + `apigeeregistry.googleapis.com/` and cannot be changed. additionalProperties: type: string + type: object annotations: + type: object description: >- Annotations attach non-identifying metadata to resources. Annotation keys and values are less restricted than those of labels, but should be generally used for small values of broad interest. Larger, topic- specific metadata should be stored in Artifacts. - type: object additionalProperties: type: string - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object - properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + description: Resource name. type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + description: type: string - displayName: + description: A detailed description. + revisionId: + readOnly: true description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + Output only. Immutable. The revision ID of the spec. A new revision + is committed whenever the spec contents are changed. The format is + an 8-character hexadecimal string. type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + description: >- + Describes a version of an API in a structured way. ApiSpecs provide + formal descriptions that consumers can use to use a version. ApiSpec + resources are intended to be fully-resolved descriptions of an + ApiVersion. When specs consist of multiple files, these should be + bundled together (e.g., in a zip archive) and stored as a unit. Multiple + specs can exist to provide representations in different API description + formats. Synchronization of these representations would be provided by + tooling and background services. SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object properties: policy: description: >- @@ -899,287 +949,230 @@ components: a valid policy but certain Google Cloud services (such as Projects) might reject them. $ref: '#/components/schemas/Policy' - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). type: object + description: Request message for `SetIamPolicy` method. + id: SetIamPolicyRequest + ListArtifactsResponse: properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + nextPageToken: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + artifacts: type: array + description: The artifacts from the specified publisher. items: - $ref: '#/components/schemas/Binding' - etag: + $ref: '#/components/schemas/Artifact' + id: ListArtifactsResponse + description: Response message for ListArtifacts. + type: object + RollbackApiSpecRequest: + type: object + properties: + revisionId: description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + Required. The revision ID to roll back to. It must be a revision of + the same spec. Example: `c7cfa2a8` type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. - type: object + id: RollbackApiSpecRequest + description: Request message for RollbackApiSpec. + Status: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + id: Status properties: - role: + details: description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + message: type: string - members: description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + type: object + ListApiSpecsResponse: + id: ListApiSpecsResponse + type: object + description: Response message for ListApiSpecs. + properties: + nextPageToken: + type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + apiSpecs: type: array + description: The specs from the specified publisher. items: - type: string - condition: + $ref: '#/components/schemas/ApiSpec' + ListApiDeploymentRevisionsResponse: + properties: + nextPageToken: description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. + type: string + apiDeployments: + description: The revisions of the deployment. + items: + $ref: '#/components/schemas/ApiDeployment' + type: array + type: object + id: ListApiDeploymentRevisionsResponse + description: Response message for ListApiDeploymentRevisionsResponse. + Operation: description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + This resource represents a long-running operation that is the result of + a network API call. type: object + id: Operation properties: - expression: + name: description: >- - Textual representation of an expression in Common Expression - Language syntax. + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string - title: + done: + type: boolean description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. - type: string - description: + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + metadata: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + error: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + response: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object TestIamPermissionsResponse: - id: TestIamPermissionsResponse description: Response message for `TestIamPermissions` method. type: object + id: TestIamPermissionsResponse properties: permissions: + items: + type: string + type: array description: >- A subset of `TestPermissionsRequest.permissions` that the caller is allowed. - type: array - items: - type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. + Empty: + type: object + properties: {} + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + Config: type: object + id: Config properties: - createTime: - description: The time the operation was created. - type: string - format: google-datetime - endTime: - description: The time the operation finished running. + location: + readOnly: true + description: Output only. The GCP location where the Instance resides. type: string - format: google-datetime - target: - description: Server-defined resource path for the target of the operation. + cmekKeyName: type: string - verb: - description: Name of the verb executed by the operation. + description: >- + Required. The Customer Managed Encryption Key (CMEK) used for data + encryption. The CMEK name should follow the format of + `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, + where the `location` must match InstanceConfig.location. + description: Available configurations to provision an Instance. + RollbackApiDeploymentRequest: + id: RollbackApiDeploymentRequest + type: object + description: Request message for RollbackApiDeployment. + properties: + revisionId: + description: >- + Required. The revision ID to roll back to. It must be a revision of + the same deployment. Example: `c7cfa2a8` type: string - statusMessage: - description: Human-readable status of the operation, if any. + ListApisResponse: + type: object + id: ListApisResponse + properties: + apis: + type: array + description: The APIs from the specified publisher. + items: + $ref: '#/components/schemas/Api' + nextPageToken: type: string - cancellationRequested: description: >- - Identifies whether the user has requested cancellation of the - operation. Operations that have successfully been cancelled have - Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - type: boolean - apiVersion: - description: API version used to start the operation. - type: string + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + description: Response message for ListApis. parameters: - access_token: - description: OAuth access token. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: access_token + name: quotaUser schema: type: string - alt: - description: Data format for response. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: alt + name: uploadType schema: type: string - enum: - - json - - media - - proto callback: description: JSONP in: query name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string key: description: >- API key. Your API key identifies your project and provides you with API @@ -1189,25 +1182,32 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + alt: + description: Data format for response. in: query - name: quotaUser + name: alt + schema: + type: string + enum: + - json + - media + - proto + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token schema: type: string upload_protocol: @@ -1216,10 +1216,10 @@ components: name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + access_token: + description: OAuth access token. in: query - name: uploadType + name: access_token schema: type: string _.xgafv: @@ -1237,19 +1237,19 @@ components: name: locations title: Locations methods: - projects_locations_list: + projects_locations_get: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.locations - projects_locations_get: + projects_locations_list: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.locations sqlVerbs: select: - $ref: >- @@ -1260,898 +1260,844 @@ components: update: [] replace: [] delete: [] - operations: - id: google.apigeeregistry.operations - name: operations - title: Operations + artifacts_iam_policies: + id: google.apigeeregistry.artifacts_iam_policies + name: artifacts_iam_policies + title: Artifacts_iam_policies methods: - projects_locations_operations_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_operations_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_operations_delete: + projects_locations_artifacts_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts~1{artifactsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_operations_cancel: + projects_locations_artifacts_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts~1{artifactsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_list - insert: [] - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_delete - instances: - id: google.apigeeregistry.instances - name: instances - title: Instances - methods: - projects_locations_instances_create: + objectKey: $.bindings + projects_locations_artifacts_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts~1{artifactsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_instances_delete: + projects_locations_apis_artifacts_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts~1{artifactsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_instances_get: + objectKey: $.bindings + projects_locations_apis_artifacts_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts~1{artifactsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/instances/methods/projects_locations_instances_get - insert: - - $ref: >- - #/components/x-stackQL-resources/instances/methods/projects_locations_instances_create - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/instances/methods/projects_locations_instances_delete - instances_iam_policies: - id: google.apigeeregistry.instances_iam_policies - name: instances_iam_policies - title: Instances_iam_policies - methods: - projects_locations_instances_set_iam_policy: + projects_locations_apis_artifacts_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts~1{artifactsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_instances_get_iam_policy: + projects_locations_apis_versions_specs_artifacts_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts~1{artifactsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - projects_locations_instances_test_iam_permissions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/instances_iam_policies/methods/projects_locations_instances_get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/instances_iam_policies/methods/projects_locations_instances_set_iam_policy - delete: [] - apis: - id: google.apigeeregistry.apis - name: apis - title: Apis - methods: - projects_locations_apis_list: + projects_locations_apis_versions_specs_artifacts_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts~1{artifactsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.apis - projects_locations_apis_create: + projects_locations_apis_versions_specs_artifacts_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts~1{artifactsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_get: + projects_locations_apis_versions_artifacts_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts~1{artifactsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_patch: + projects_locations_apis_versions_artifacts_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts~1{artifactsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_delete: + projects_locations_apis_versions_artifacts_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts~1{artifactsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/apis/methods/projects_locations_apis_get - - $ref: >- - #/components/x-stackQL-resources/apis/methods/projects_locations_apis_list - insert: - - $ref: >- - #/components/x-stackQL-resources/apis/methods/projects_locations_apis_create - update: + #/components/x-stackQL-resources/artifacts_iam_policies/methods/projects_locations_apis_versions_specs_artifacts_get_iam_policy - $ref: >- - #/components/x-stackQL-resources/apis/methods/projects_locations_apis_patch - replace: [] - delete: + #/components/x-stackQL-resources/artifacts_iam_policies/methods/projects_locations_apis_versions_artifacts_get_iam_policy - $ref: >- - #/components/x-stackQL-resources/apis/methods/projects_locations_apis_delete - apis_iam_policies: - id: google.apigeeregistry.apis_iam_policies - name: apis_iam_policies - title: Apis_iam_policies - methods: - projects_locations_apis_set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_apis_get_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}:getIamPolicy/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_apis_test_iam_permissions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: + #/components/x-stackQL-resources/artifacts_iam_policies/methods/projects_locations_apis_artifacts_get_iam_policy - $ref: >- - #/components/x-stackQL-resources/apis_iam_policies/methods/projects_locations_apis_get_iam_policy + #/components/x-stackQL-resources/artifacts_iam_policies/methods/projects_locations_artifacts_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/apis_iam_policies/methods/projects_locations_apis_set_iam_policy + #/components/x-stackQL-resources/artifacts_iam_policies/methods/projects_locations_apis_versions_specs_artifacts_set_iam_policy + - $ref: >- + #/components/x-stackQL-resources/artifacts_iam_policies/methods/projects_locations_apis_versions_artifacts_set_iam_policy + - $ref: >- + #/components/x-stackQL-resources/artifacts_iam_policies/methods/projects_locations_apis_artifacts_set_iam_policy + - $ref: >- + #/components/x-stackQL-resources/artifacts_iam_policies/methods/projects_locations_artifacts_set_iam_policy delete: [] - versions: - id: google.apigeeregistry.versions - name: versions - title: Versions + artifacts: + id: google.apigeeregistry.artifacts + name: artifacts + title: Artifacts methods: - projects_locations_apis_versions_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.apiVersions - projects_locations_apis_versions_create: + projects_locations_artifacts_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts~1{artifactsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_get: + projects_locations_artifacts_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts~1{artifactsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_patch: + projects_locations_artifacts_replace_artifact: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts~1{artifactsId}/put response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_delete: + projects_locations_artifacts_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts/get response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/versions/methods/projects_locations_apis_versions_get - - $ref: >- - #/components/x-stackQL-resources/versions/methods/projects_locations_apis_versions_list - insert: - - $ref: >- - #/components/x-stackQL-resources/versions/methods/projects_locations_apis_versions_create - update: - - $ref: >- - #/components/x-stackQL-resources/versions/methods/projects_locations_apis_versions_patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/versions/methods/projects_locations_apis_versions_delete - versions_iam_policies: - id: google.apigeeregistry.versions_iam_policies - name: versions_iam_policies - title: Versions_iam_policies - methods: - projects_locations_apis_versions_set_iam_policy: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.artifacts + projects_locations_artifacts_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_get_iam_policy: + projects_locations_apis_artifacts_replace_artifact: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts~1{artifactsId}/put response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_apis_versions_test_iam_permissions: + projects_locations_apis_artifacts_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts~1{artifactsId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/versions_iam_policies/methods/projects_locations_apis_versions_get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/versions_iam_policies/methods/projects_locations_apis_versions_set_iam_policy - delete: [] - specs: - id: google.apigeeregistry.specs - name: specs - title: Specs - methods: - projects_locations_apis_versions_specs_list: + projects_locations_apis_artifacts_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts~1{artifactsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.apiSpecs - projects_locations_apis_versions_specs_create: + projects_locations_apis_artifacts_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_specs_get: + projects_locations_apis_artifacts_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_specs_patch: + objectKey: $.artifacts + projects_locations_apis_versions_specs_artifacts_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts~1{artifactsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_specs_delete: + projects_locations_apis_versions_specs_artifacts_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts~1{artifactsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_specs_tag_revision: + projects_locations_apis_versions_specs_artifacts_replace_artifact: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}:tagRevision/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts~1{artifactsId}/put response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_specs_rollback: + projects_locations_apis_versions_specs_artifacts_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}:rollback/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/specs/methods/projects_locations_apis_versions_specs_get - - $ref: >- - #/components/x-stackQL-resources/specs/methods/projects_locations_apis_versions_specs_list - insert: - - $ref: >- - #/components/x-stackQL-resources/specs/methods/projects_locations_apis_versions_specs_create - update: - - $ref: >- - #/components/x-stackQL-resources/specs/methods/projects_locations_apis_versions_specs_patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/specs/methods/projects_locations_apis_versions_specs_delete - specs_contents: - id: google.apigeeregistry.specs_contents - name: specs_contents - title: Specs_contents - methods: - projects_locations_apis_versions_specs_get_contents: + projects_locations_apis_versions_specs_artifacts_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}:getContents/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/specs_contents/methods/projects_locations_apis_versions_specs_get_contents - insert: [] - update: [] - replace: [] - delete: [] - spec_revisions: - id: google.apigeeregistry.spec_revisions - name: spec_revisions - title: Spec_revisions - methods: - projects_locations_apis_versions_specs_list_revisions: + objectKey: $.artifacts + projects_locations_apis_versions_artifacts_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}:listRevisions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.apiSpecs - projects_locations_apis_versions_specs_delete_revision: + objectKey: $.artifacts + projects_locations_apis_versions_artifacts_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}:deleteRevision/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/spec_revisions/methods/projects_locations_apis_versions_specs_list_revisions - insert: [] - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/spec_revisions/methods/projects_locations_apis_versions_specs_delete_revision - specs_iam_policies: - id: google.apigeeregistry.specs_iam_policies - name: specs_iam_policies - title: Specs_iam_policies - methods: - projects_locations_apis_versions_specs_set_iam_policy: + projects_locations_apis_versions_artifacts_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts~1{artifactsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_specs_get_iam_policy: + projects_locations_apis_versions_artifacts_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts~1{artifactsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_apis_versions_specs_test_iam_permissions: + projects_locations_apis_versions_artifacts_replace_artifact: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts~1{artifactsId}/put response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/specs_iam_policies/methods/projects_locations_apis_versions_specs_get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/specs_iam_policies/methods/projects_locations_apis_versions_specs_set_iam_policy - delete: [] - artifacts: - id: google.apigeeregistry.artifacts - name: artifacts - title: Artifacts - methods: - projects_locations_apis_versions_specs_artifacts_list: + projects_locations_apis_deployments_artifacts_replace_artifact: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}~1artifacts~1{artifactsId}/put response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.artifacts - projects_locations_apis_versions_specs_artifacts_create: + projects_locations_apis_deployments_artifacts_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}~1artifacts~1{artifactsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_specs_artifacts_get: + projects_locations_apis_deployments_artifacts_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts~1{artifactsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}~1artifacts~1{artifactsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_specs_artifacts_replace_artifact: + projects_locations_apis_deployments_artifacts_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts~1{artifactsId}/put + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}~1artifacts/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_specs_artifacts_delete: + projects_locations_apis_deployments_artifacts_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts~1{artifactsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}~1artifacts/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_artifacts_list: + objectKey: $.artifacts + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_specs_artifacts_get + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_specs_artifacts_list + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_artifacts_get + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_deployments_artifacts_get + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_artifacts_get + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_artifacts_list + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_deployments_artifacts_list + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_artifacts_get + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_artifacts_list + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_artifacts_list + insert: + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_specs_artifacts_create + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_artifacts_create + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_deployments_artifacts_create + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_artifacts_create + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_artifacts_create + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_specs_artifacts_replace_artifact + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_artifacts_replace_artifact + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_deployments_artifacts_replace_artifact + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_artifacts_replace_artifact + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_artifacts_replace_artifact + delete: + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_specs_artifacts_delete + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_artifacts_delete + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_deployments_artifacts_delete + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_artifacts_delete + - $ref: >- + #/components/x-stackQL-resources/artifacts/methods/projects_locations_artifacts_delete + artifacts_contents: + id: google.apigeeregistry.artifacts_contents + name: artifacts_contents + title: Artifacts_contents + methods: + projects_locations_artifacts_get_contents: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts~1{artifactsId}:getContents/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.artifacts - projects_locations_apis_versions_artifacts_create: + projects_locations_apis_artifacts_get_contents: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts~1{artifactsId}:getContents/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_artifacts_get: + projects_locations_apis_versions_specs_artifacts_get_contents: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts~1{artifactsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts~1{artifactsId}:getContents/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_artifacts_replace_artifact: + projects_locations_apis_versions_artifacts_get_contents: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts~1{artifactsId}:getContents/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_apis_deployments_artifacts_get_contents: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts~1{artifactsId}/put + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}~1artifacts~1{artifactsId}:getContents/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_artifacts_delete: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/artifacts_contents/methods/projects_locations_apis_versions_specs_artifacts_get_contents + - $ref: >- + #/components/x-stackQL-resources/artifacts_contents/methods/projects_locations_apis_versions_artifacts_get_contents + - $ref: >- + #/components/x-stackQL-resources/artifacts_contents/methods/projects_locations_apis_deployments_artifacts_get_contents + - $ref: >- + #/components/x-stackQL-resources/artifacts_contents/methods/projects_locations_apis_artifacts_get_contents + - $ref: >- + #/components/x-stackQL-resources/artifacts_contents/methods/projects_locations_artifacts_get_contents + insert: [] + update: [] + replace: [] + delete: [] + instances_iam_policies: + id: google.apigeeregistry.instances_iam_policies + name: instances_iam_policies + title: Instances_iam_policies + methods: + projects_locations_instances_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts~1{artifactsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_deployments_artifacts_list: + projects_locations_instances_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}~1artifacts/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.artifacts - projects_locations_apis_deployments_artifacts_create: + projects_locations_instances_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}~1artifacts/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_deployments_artifacts_get: + objectKey: $.bindings + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/instances_iam_policies/methods/projects_locations_instances_get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/instances_iam_policies/methods/projects_locations_instances_set_iam_policy + delete: [] + instances: + id: google.apigeeregistry.instances + name: instances + title: Instances + methods: + projects_locations_instances_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}~1artifacts~1{artifactsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_deployments_artifacts_replace_artifact: + projects_locations_instances_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}~1artifacts~1{artifactsId}/put + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_deployments_artifacts_delete: + projects_locations_instances_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}~1artifacts~1{artifactsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_artifacts_list: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/instances/methods/projects_locations_instances_get + insert: + - $ref: >- + #/components/x-stackQL-resources/instances/methods/projects_locations_instances_create + update: [] + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/instances/methods/projects_locations_instances_delete + apis: + id: google.apigeeregistry.apis + name: apis + title: Apis + methods: + projects_locations_apis_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.artifacts - projects_locations_apis_artifacts_create: + projects_locations_apis_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_artifacts_get: + projects_locations_apis_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts~1{artifactsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_artifacts_replace_artifact: + projects_locations_apis_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts~1{artifactsId}/put + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_artifacts_delete: + objectKey: $.apis + projects_locations_apis_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts~1{artifactsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_artifacts_list: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/apis/methods/projects_locations_apis_get + - $ref: >- + #/components/x-stackQL-resources/apis/methods/projects_locations_apis_list + insert: + - $ref: >- + #/components/x-stackQL-resources/apis/methods/projects_locations_apis_create + update: + - $ref: >- + #/components/x-stackQL-resources/apis/methods/projects_locations_apis_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/apis/methods/projects_locations_apis_delete + apis_iam_policies: + id: google.apigeeregistry.apis_iam_policies + name: apis_iam_policies + title: Apis_iam_policies + methods: + projects_locations_apis_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.artifacts - projects_locations_artifacts_create: + projects_locations_apis_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_artifacts_get: + objectKey: $.bindings + projects_locations_apis_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts~1{artifactsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_artifacts_replace_artifact: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/apis_iam_policies/methods/projects_locations_apis_get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/apis_iam_policies/methods/projects_locations_apis_set_iam_policy + delete: [] + spec_revisions: + id: google.apigeeregistry.spec_revisions + name: spec_revisions + title: Spec_revisions + methods: + projects_locations_apis_versions_specs_list_revisions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts~1{artifactsId}/put + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}:listRevisions/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_artifacts_delete: + objectKey: $.apiSpecs + projects_locations_apis_versions_specs_delete_revision: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts~1{artifactsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}:deleteRevision/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_specs_artifacts_get - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_specs_artifacts_list - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_artifacts_get - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_deployments_artifacts_get - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_artifacts_list - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_deployments_artifacts_list - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_artifacts_get - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_artifacts_list - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_artifacts_get - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_artifacts_list - insert: - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_specs_artifacts_create - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_artifacts_create - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_deployments_artifacts_create - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_artifacts_create - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_artifacts_create + #/components/x-stackQL-resources/spec_revisions/methods/projects_locations_apis_versions_specs_list_revisions + insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_specs_artifacts_replace_artifact - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_artifacts_replace_artifact - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_deployments_artifacts_replace_artifact - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_artifacts_replace_artifact - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_artifacts_replace_artifact + replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_specs_artifacts_delete - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_versions_artifacts_delete - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_deployments_artifacts_delete - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_apis_artifacts_delete - - $ref: >- - #/components/x-stackQL-resources/artifacts/methods/projects_locations_artifacts_delete - artifacts_contents: - id: google.apigeeregistry.artifacts_contents - name: artifacts_contents - title: Artifacts_contents + #/components/x-stackQL-resources/spec_revisions/methods/projects_locations_apis_versions_specs_delete_revision + specs: + id: google.apigeeregistry.specs + name: specs + title: Specs methods: - projects_locations_apis_versions_specs_artifacts_get_contents: + projects_locations_apis_versions_specs_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts~1{artifactsId}:getContents/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_artifacts_get_contents: + projects_locations_apis_versions_specs_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts~1{artifactsId}:getContents/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_deployments_artifacts_get_contents: + projects_locations_apis_versions_specs_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}~1artifacts~1{artifactsId}:getContents/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_artifacts_get_contents: + projects_locations_apis_versions_specs_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts~1{artifactsId}:getContents/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.apiSpecs + projects_locations_apis_versions_specs_create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_apis_versions_specs_rollback: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}:rollback/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_artifacts_get_contents: + projects_locations_apis_versions_specs_tag_revision: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts~1{artifactsId}:getContents/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}:tagRevision/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/artifacts_contents/methods/projects_locations_apis_versions_specs_artifacts_get_contents - - $ref: >- - #/components/x-stackQL-resources/artifacts_contents/methods/projects_locations_apis_versions_artifacts_get_contents + #/components/x-stackQL-resources/specs/methods/projects_locations_apis_versions_specs_get - $ref: >- - #/components/x-stackQL-resources/artifacts_contents/methods/projects_locations_apis_deployments_artifacts_get_contents + #/components/x-stackQL-resources/specs/methods/projects_locations_apis_versions_specs_list + insert: - $ref: >- - #/components/x-stackQL-resources/artifacts_contents/methods/projects_locations_apis_artifacts_get_contents + #/components/x-stackQL-resources/specs/methods/projects_locations_apis_versions_specs_create + update: - $ref: >- - #/components/x-stackQL-resources/artifacts_contents/methods/projects_locations_artifacts_get_contents - insert: [] - update: [] + #/components/x-stackQL-resources/specs/methods/projects_locations_apis_versions_specs_patch replace: [] - delete: [] - artifacts_iam_policies: - id: google.apigeeregistry.artifacts_iam_policies - name: artifacts_iam_policies - title: Artifacts_iam_policies + delete: + - $ref: >- + #/components/x-stackQL-resources/specs/methods/projects_locations_apis_versions_specs_delete + specs_contents: + id: google.apigeeregistry.specs_contents + name: specs_contents + title: Specs_contents methods: - projects_locations_apis_versions_specs_artifacts_set_iam_policy: + projects_locations_apis_versions_specs_get_contents: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts~1{artifactsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}:getContents/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_specs_artifacts_get_iam_policy: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/specs_contents/methods/projects_locations_apis_versions_specs_get_contents + insert: [] + update: [] + replace: [] + delete: [] + specs_iam_policies: + id: google.apigeeregistry.specs_iam_policies + name: specs_iam_policies + title: Specs_iam_policies + methods: + projects_locations_apis_versions_specs_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts~1{artifactsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - projects_locations_apis_versions_specs_artifacts_test_iam_permissions: + projects_locations_apis_versions_specs_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}~1artifacts~1{artifactsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_artifacts_set_iam_policy: + projects_locations_apis_versions_specs_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts~1{artifactsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_versions_artifacts_get_iam_policy: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/specs_iam_policies/methods/projects_locations_apis_versions_specs_get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/specs_iam_policies/methods/projects_locations_apis_versions_specs_set_iam_policy + delete: [] + versions: + id: google.apigeeregistry.versions + name: versions + title: Versions + methods: + projects_locations_apis_versions_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts~1{artifactsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_apis_versions_artifacts_test_iam_permissions: + projects_locations_apis_versions_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1artifacts~1{artifactsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_artifacts_set_iam_policy: + projects_locations_apis_versions_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts~1{artifactsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_artifacts_get_iam_policy: + projects_locations_apis_versions_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts~1{artifactsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_apis_artifacts_test_iam_permissions: + objectKey: $.apiVersions + projects_locations_apis_versions_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1artifacts~1{artifactsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_artifacts_set_iam_policy: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/versions/methods/projects_locations_apis_versions_get + - $ref: >- + #/components/x-stackQL-resources/versions/methods/projects_locations_apis_versions_list + insert: + - $ref: >- + #/components/x-stackQL-resources/versions/methods/projects_locations_apis_versions_create + update: + - $ref: >- + #/components/x-stackQL-resources/versions/methods/projects_locations_apis_versions_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/versions/methods/projects_locations_apis_versions_delete + versions_iam_policies: + id: google.apigeeregistry.versions_iam_policies + name: versions_iam_policies + title: Versions_iam_policies + methods: + projects_locations_apis_versions_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts~1{artifactsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_artifacts_get_iam_policy: + projects_locations_apis_versions_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts~1{artifactsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - projects_locations_artifacts_test_iam_permissions: + projects_locations_apis_versions_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1artifacts~1{artifactsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/artifacts_iam_policies/methods/projects_locations_apis_versions_specs_artifacts_get_iam_policy - - $ref: >- - #/components/x-stackQL-resources/artifacts_iam_policies/methods/projects_locations_apis_versions_artifacts_get_iam_policy - - $ref: >- - #/components/x-stackQL-resources/artifacts_iam_policies/methods/projects_locations_apis_artifacts_get_iam_policy - - $ref: >- - #/components/x-stackQL-resources/artifacts_iam_policies/methods/projects_locations_artifacts_get_iam_policy + #/components/x-stackQL-resources/versions_iam_policies/methods/projects_locations_apis_versions_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/artifacts_iam_policies/methods/projects_locations_apis_versions_specs_artifacts_set_iam_policy - - $ref: >- - #/components/x-stackQL-resources/artifacts_iam_policies/methods/projects_locations_apis_versions_artifacts_set_iam_policy - - $ref: >- - #/components/x-stackQL-resources/artifacts_iam_policies/methods/projects_locations_apis_artifacts_set_iam_policy - - $ref: >- - #/components/x-stackQL-resources/artifacts_iam_policies/methods/projects_locations_artifacts_set_iam_policy + #/components/x-stackQL-resources/versions_iam_policies/methods/projects_locations_apis_versions_set_iam_policy delete: [] deployments: id: google.apigeeregistry.deployments name: deployments title: Deployments methods: - projects_locations_apis_deployments_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.apiDeployments projects_locations_apis_deployments_create: operation: $ref: >- @@ -2159,13 +2105,14 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_deployments_get: + projects_locations_apis_deployments_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.apiDeployments projects_locations_apis_deployments_patch: operation: $ref: >- @@ -2180,10 +2127,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_deployments_tag_revision: + projects_locations_apis_deployments_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}:tagRevision/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -2194,6 +2141,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + projects_locations_apis_deployments_tag_revision: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}:tagRevision/post + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: >- @@ -2252,21 +2206,21 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apis_deployments_get_iam_policy: + projects_locations_apis_deployments_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_apis_deployments_test_iam_permissions: + projects_locations_apis_deployments_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1deployments~1{deploymentsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- @@ -2277,43 +2231,52 @@ components: - $ref: >- #/components/x-stackQL-resources/deployments_iam_policies/methods/projects_locations_apis_deployments_set_iam_policy delete: [] - runtime_iam_policies: - id: google.apigeeregistry.runtime_iam_policies - name: runtime_iam_policies - title: Runtime_iam_policies + operations: + id: google.apigeeregistry.operations + name: operations + title: Operations methods: - projects_locations_runtime_set_iam_policy: + projects_locations_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1runtime:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_runtime_get_iam_policy: + projects_locations_operations_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1runtime:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_runtime_test_iam_permissions: + projects_locations_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1runtime:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.operations + projects_locations_operations_cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/runtime_iam_policies/methods/projects_locations_runtime_get_iam_policy + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_list insert: [] update: [] - replace: + replace: [] + delete: - $ref: >- - #/components/x-stackQL-resources/runtime_iam_policies/methods/projects_locations_runtime_set_iam_policy - delete: [] + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_delete documents_iam_policies: id: google.apigeeregistry.documents_iam_policies name: documents_iam_policies @@ -2329,78 +2292,79 @@ components: projects_locations_documents_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + projects_locations_documents_test_iam_permissions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/documents_iam_policies/methods/projects_locations_documents_get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/documents_iam_policies/methods/projects_locations_documents_set_iam_policy + delete: [] + runtime_iam_policies: + id: google.apigeeregistry.runtime_iam_policies + name: runtime_iam_policies + title: Runtime_iam_policies + methods: + projects_locations_runtime_get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1runtime:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + projects_locations_runtime_set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1runtime:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_documents_test_iam_permissions: + projects_locations_runtime_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1runtime:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/documents_iam_policies/methods/projects_locations_documents_get_iam_policy + #/components/x-stackQL-resources/runtime_iam_policies/methods/projects_locations_runtime_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/documents_iam_policies/methods/projects_locations_documents_set_iam_policy + #/components/x-stackQL-resources/runtime_iam_policies/methods/projects_locations_runtime_set_iam_policy delete: [] paths: - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/_.xgafv' - get: - description: Lists information about the supported locations for this service. - operationId: apigeeregistry.projects.locations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListLocationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 get: description: Gets information about a location. operationId: apigeeregistry.projects.locations.get @@ -2427,13 +2391,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + /v1/projects/{projectsId}/locations: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: apigeeregistry.projects.locations.operations.list + description: Lists information about the supported locations for this service. + operationId: apigeeregistry.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2445,20 +2407,19 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: filter schema: type: string - in: query - name: filter + name: pageToken schema: type: string - in: query @@ -2466,100 +2427,19 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: apigeeregistry.projects.locations.operations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: apigeeregistry.projects.locations.operations.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Empty' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/artifacts/{artifactsId}:setIamPolicy: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - 1, corresponding to `Code.CANCELLED`. - operationId: apigeeregistry.projects.locations.operations.cancel + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: apigeeregistry.projects.locations.artifacts.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2571,7 +2451,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2584,20 +2464,17 @@ paths: schema: type: string - in: path - name: operationsId + name: artifactsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances: + /v1/projects/{projectsId}/locations/{locationsId}/artifacts/{artifactsId}:getIamPolicy: parameters: *ref_1 - post: - description: Provisions instance resources for the Registry. - operationId: apigeeregistry.projects.locations.instances.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Instance' + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: apigeeregistry.projects.locations.artifacts.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2609,7 +2486,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2621,46 +2498,21 @@ paths: required: true schema: type: string - - in: query - name: instanceId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}: - parameters: *ref_1 - delete: - description: Deletes the Registry instance. - operationId: apigeeregistry.projects.locations.instances.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - in: path - name: locationsId + name: artifactsId required: true schema: type: string - - in: path - name: instancesId - required: true + - in: query + name: options.requestedPolicyVersion schema: - type: string + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/artifacts/{artifactsId}: + parameters: *ref_1 get: - description: Gets details of a single Instance. - operationId: apigeeregistry.projects.locations.instances.get + description: Returns a specified artifact. + operationId: apigeeregistry.projects.locations.artifacts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2672,7 +2524,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Instance' + $ref: '#/components/schemas/Artifact' parameters: - in: path name: projectsId @@ -2685,23 +2537,13 @@ paths: schema: type: string - in: path - name: instancesId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: apigeeregistry.projects.locations.instances.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + name: artifactsId + required: true + schema: + type: string + delete: + description: Removes a specified artifact. + operationId: apigeeregistry.projects.locations.artifacts.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2713,7 +2555,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2726,17 +2568,18 @@ paths: schema: type: string - in: path - name: instancesId + name: artifactsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:getIamPolicy: - parameters: *ref_1 - get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: apigeeregistry.projects.locations.instances.getIamPolicy + put: + description: Used to replace a specified artifact. + operationId: apigeeregistry.projects.locations.artifacts.replaceArtifact + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Artifact' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2748,7 +2591,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Artifact' parameters: - in: path name: projectsId @@ -2761,30 +2604,19 @@ paths: schema: type: string - in: path - name: instancesId + name: artifactsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/artifacts/{artifactsId}:getContents: parameters: *ref_1 - post: + get: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: apigeeregistry.projects.locations.instances.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + Returns the contents of a specified artifact. If artifacts are stored + with GZip compression, the default behavior is to return the artifact + uncompressed (the mime_type response field indicates the exact format + returned). + operationId: apigeeregistry.projects.locations.artifacts.getContents security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2796,7 +2628,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -2809,15 +2641,15 @@ paths: schema: type: string - in: path - name: instancesId + name: artifactsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis: + /v1/projects/{projectsId}/locations/{locationsId}/artifacts: parameters: *ref_1 get: - description: Returns matching APIs. - operationId: apigeeregistry.projects.locations.apis.list + description: Returns matching artifacts. + operationId: apigeeregistry.projects.locations.artifacts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2829,7 +2661,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListApisResponse' + $ref: '#/components/schemas/ListArtifactsResponse' parameters: - in: path name: projectsId @@ -2842,30 +2674,30 @@ paths: schema: type: string - in: query - name: pageSize + name: orderBy schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - in: query - name: filter + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: orderBy + name: filter schema: type: string post: - description: Creates a specified API. - operationId: apigeeregistry.projects.locations.apis.create + description: Creates a specified artifact. + operationId: apigeeregistry.projects.locations.artifacts.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Api' + $ref: '#/components/schemas/Artifact' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2877,7 +2709,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Api' + $ref: '#/components/schemas/Artifact' parameters: - in: path name: projectsId @@ -2890,14 +2722,24 @@ paths: schema: type: string - in: query - name: apiId + name: artifactId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}: + /v1/projects/{projectsId}/locations/{locationsId}/artifacts/{artifactsId}:testIamPermissions: parameters: *ref_1 - get: - description: Returns a specified API. - operationId: apigeeregistry.projects.locations.apis.get + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: apigeeregistry.projects.locations.artifacts.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2909,7 +2751,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Api' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -2922,18 +2764,23 @@ paths: schema: type: string - in: path - name: apisId + name: artifactsId required: true schema: type: string - patch: - description: Used to modify a specified API. - operationId: apigeeregistry.projects.locations.apis.patch + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: apigeeregistry.projects.locations.instances.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/Api' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2945,7 +2792,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Api' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2958,22 +2805,46 @@ paths: schema: type: string - in: path - name: apisId + name: instancesId required: true schema: type: string - - in: query - name: updateMask + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}: + parameters: *ref_1 + delete: + description: Deletes the Registry instance. + operationId: apigeeregistry.projects.locations.instances.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true schema: type: string - format: google-fieldmask - - in: query - name: allowMissing + - in: path + name: locationsId + required: true schema: - type: boolean - delete: - description: Removes a specified API and all of the resources that it owns. - operationId: apigeeregistry.projects.locations.apis.delete + type: string + - in: path + name: instancesId + required: true + schema: + type: string + get: + description: Gets details of a single Instance. + operationId: apigeeregistry.projects.locations.instances.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2985,7 +2856,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Instance' parameters: - in: path name: projectsId @@ -2998,27 +2869,25 @@ paths: schema: type: string - in: path - name: apisId + name: instancesId required: true schema: type: string - - in: query - name: force - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:testIamPermissions: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: apigeeregistry.projects.locations.apis.setIamPolicy + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: apigeeregistry.projects.locations.instances.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3030,7 +2899,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -3043,17 +2912,17 @@ paths: schema: type: string - in: path - name: apisId + name: instancesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:getIamPolicy: parameters: *ref_1 get: description: >- Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. - operationId: apigeeregistry.projects.locations.apis.getIamPolicy + operationId: apigeeregistry.projects.locations.instances.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3078,7 +2947,7 @@ paths: schema: type: string - in: path - name: apisId + name: instancesId required: true schema: type: string @@ -3087,21 +2956,16 @@ paths: schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/instances: parameters: *ref_1 post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: apigeeregistry.projects.locations.apis.testIamPermissions + description: Provisions instance resources for the Registry. + operationId: apigeeregistry.projects.locations.instances.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/Instance' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3113,7 +2977,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3125,16 +2989,15 @@ paths: required: true schema: type: string - - in: path - name: apisId - required: true + - in: query + name: instanceId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}: parameters: *ref_1 get: - description: Returns matching versions. - operationId: apigeeregistry.projects.locations.apis.versions.list + description: Returns a specified API. + operationId: apigeeregistry.projects.locations.apis.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3146,7 +3009,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListApiVersionsResponse' + $ref: '#/components/schemas/Api' parameters: - in: path name: projectsId @@ -3163,31 +3026,14 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - post: - description: Creates a specified version. - operationId: apigeeregistry.projects.locations.apis.versions.create + patch: + description: Used to modify a specified API. + operationId: apigeeregistry.projects.locations.apis.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/ApiVersion' + $ref: '#/components/schemas/Api' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3199,7 +3045,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApiVersion' + $ref: '#/components/schemas/Api' parameters: - in: path name: projectsId @@ -3217,14 +3063,17 @@ paths: schema: type: string - in: query - name: apiVersionId + name: allowMissing + schema: + type: boolean + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}: - parameters: *ref_1 - get: - description: Returns a specified version. - operationId: apigeeregistry.projects.locations.apis.versions.get + format: google-fieldmask + delete: + description: Removes a specified API and all of the resources that it owns. + operationId: apigeeregistry.projects.locations.apis.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3236,7 +3085,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApiVersion' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -3253,19 +3102,23 @@ paths: required: true schema: type: string - - in: path - name: versionsId - required: true + - in: query + name: force schema: - type: string - patch: - description: Used to modify a specified version. - operationId: apigeeregistry.projects.locations.apis.versions.patch + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: apigeeregistry.projects.locations.apis.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/ApiVersion' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3277,7 +3130,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApiVersion' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -3294,23 +3147,11 @@ paths: required: true schema: type: string - - in: path - name: versionsId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: allowMissing - schema: - type: boolean - delete: - description: Removes a specified version and all of the resources that it owns. - operationId: apigeeregistry.projects.locations.apis.versions.delete + /v1/projects/{projectsId}/locations/{locationsId}/apis: + parameters: *ref_1 + get: + description: Returns matching APIs. + operationId: apigeeregistry.projects.locations.apis.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3322,7 +3163,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListApisResponse' parameters: - in: path name: projectsId @@ -3334,33 +3175,31 @@ paths: required: true schema: type: string - - in: path - name: apisId - required: true + - in: query + name: orderBy schema: type: string - - in: path - name: versionsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: force + name: pageSize schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}:setIamPolicy: - parameters: *ref_1 + type: integer + format: int32 + - in: query + name: filter + schema: + type: string post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: apigeeregistry.projects.locations.apis.versions.setIamPolicy + description: Creates a specified API. + operationId: apigeeregistry.projects.locations.apis.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/Api' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3372,7 +3211,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Api' parameters: - in: path name: projectsId @@ -3384,23 +3223,17 @@ paths: required: true schema: type: string - - in: path - name: apisId - required: true - schema: - type: string - - in: path - name: versionsId - required: true + - in: query + name: apiId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}:getIamPolicy: parameters: *ref_1 get: description: >- Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. - operationId: apigeeregistry.projects.locations.apis.versions.getIamPolicy + operationId: apigeeregistry.projects.locations.apis.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3429,17 +3262,12 @@ paths: required: true schema: type: string - - in: path - name: versionsId - required: true - schema: - type: string - in: query name: options.requestedPolicyVersion schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}:testIamPermissions: parameters: *ref_1 post: description: >- @@ -3448,7 +3276,7 @@ paths: not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. - operationId: apigeeregistry.projects.locations.apis.versions.testIamPermissions + operationId: apigeeregistry.projects.locations.apis.testIamPermissions requestBody: content: application/json: @@ -3482,16 +3310,13 @@ paths: required: true schema: type: string - - in: path - name: versionsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/artifacts/{artifactsId}:getIamPolicy: parameters: *ref_1 get: - description: Returns matching specs. - operationId: apigeeregistry.projects.locations.apis.versions.specs.list + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: apigeeregistry.projects.locations.apis.artifacts.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3503,7 +3328,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListApiSpecsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -3521,35 +3346,28 @@ paths: schema: type: string - in: path - name: versionsId + name: artifactsId required: true schema: type: string - in: query - name: pageSize + name: options.requestedPolicyVersion schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/artifacts/{artifactsId}:setIamPolicy: + parameters: *ref_1 post: - description: Creates a specified spec. - operationId: apigeeregistry.projects.locations.apis.versions.specs.create + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: apigeeregistry.projects.locations.apis.artifacts.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/ApiSpec' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3561,7 +3379,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApiSpec' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -3579,19 +3397,20 @@ paths: schema: type: string - in: path - name: versionsId + name: artifactsId required: true schema: type: string - - in: query - name: apiSpecId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/artifacts/{artifactsId}: parameters: *ref_1 - get: - description: Returns a specified spec. - operationId: apigeeregistry.projects.locations.apis.versions.specs.get + put: + description: Used to replace a specified artifact. + operationId: apigeeregistry.projects.locations.apis.artifacts.replaceArtifact + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Artifact' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3603,7 +3422,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApiSpec' + $ref: '#/components/schemas/Artifact' parameters: - in: path name: projectsId @@ -3621,23 +3440,13 @@ paths: schema: type: string - in: path - name: versionsId - required: true - schema: - type: string - - in: path - name: specsId + name: artifactsId required: true schema: type: string - patch: - description: Used to modify a specified spec. - operationId: apigeeregistry.projects.locations.apis.versions.specs.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ApiSpec' + get: + description: Returns a specified artifact. + operationId: apigeeregistry.projects.locations.apis.artifacts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3649,7 +3458,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApiSpec' + $ref: '#/components/schemas/Artifact' parameters: - in: path name: projectsId @@ -3667,29 +3476,56 @@ paths: schema: type: string - in: path - name: versionsId + name: artifactsId required: true schema: type: string + delete: + description: Removes a specified artifact. + operationId: apigeeregistry.projects.locations.apis.artifacts.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: - in: path - name: specsId + name: projectsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: locationsId + required: true schema: type: string - format: google-fieldmask - - in: query - name: allowMissing + - in: path + name: apisId + required: true schema: - type: boolean - delete: - description: >- - Removes a specified spec, all revisions, and all child resources (e.g., - artifacts). - operationId: apigeeregistry.projects.locations.apis.versions.specs.delete + type: string + - in: path + name: artifactsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/artifacts: + parameters: *ref_1 + post: + description: Creates a specified artifact. + operationId: apigeeregistry.projects.locations.apis.artifacts.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Artifact' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3701,7 +3537,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Artifact' parameters: - in: path name: projectsId @@ -3718,28 +3554,13 @@ paths: required: true schema: type: string - - in: path - name: versionsId - required: true - schema: - type: string - - in: path - name: specsId - required: true - schema: - type: string - in: query - name: force + name: artifactId schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:getContents: - parameters: *ref_1 + type: string get: - description: >- - Returns the contents of a specified spec. If specs are stored with GZip - compression, the default behavior is to return the spec uncompressed - (the mime_type response field indicates the exact format returned). - operationId: apigeeregistry.projects.locations.apis.versions.specs.getContents + description: Returns matching artifacts. + operationId: apigeeregistry.projects.locations.apis.artifacts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3751,7 +3572,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/ListArtifactsResponse' parameters: - in: path name: projectsId @@ -3768,26 +3589,38 @@ paths: required: true schema: type: string - - in: path - name: versionsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy schema: type: string - - in: path - name: specsId - required: true + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:tagRevision: + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/artifacts/{artifactsId}:testIamPermissions: parameters: *ref_1 post: - description: Adds a tag to a specified revision of a spec. - operationId: apigeeregistry.projects.locations.apis.versions.specs.tagRevision + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: apigeeregistry.projects.locations.apis.artifacts.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/TagApiSpecRevisionRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3799,7 +3632,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApiSpec' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -3817,22 +3650,19 @@ paths: schema: type: string - in: path - name: versionsId - required: true - schema: - type: string - - in: path - name: specsId + name: artifactsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:listRevisions: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/artifacts/{artifactsId}:getContents: parameters: *ref_1 get: description: >- - Lists all revisions of a spec. Revisions are returned in descending - order of revision creation time. - operationId: apigeeregistry.projects.locations.apis.versions.specs.listRevisions + Returns the contents of a specified artifact. If artifacts are stored + with GZip compression, the default behavior is to return the artifact + uncompressed (the mime_type response field indicates the exact format + returned). + operationId: apigeeregistry.projects.locations.apis.artifacts.getContents security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3844,7 +3674,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListApiSpecRevisionsResponse' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -3862,40 +3692,18 @@ paths: schema: type: string - in: path - name: versionsId - required: true - schema: - type: string - - in: path - name: specsId + name: artifactsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:rollback: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}/artifacts/{artifactsId}:getIamPolicy: parameters: *ref_1 - post: + get: description: >- - Sets the current revision to a specified prior revision. Note that this - creates a new revision with a new revision ID. - operationId: apigeeregistry.projects.locations.apis.versions.specs.rollback - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RollbackApiSpecRequest' + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: >- + apigeeregistry.projects.locations.apis.versions.specs.artifacts.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3907,7 +3715,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApiSpec' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -3934,11 +3742,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:deleteRevision: + - in: path + name: artifactsId + required: true + schema: + type: string + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}/artifacts/{artifactsId}: parameters: *ref_1 delete: - description: Deletes a revision of a spec. - operationId: apigeeregistry.projects.locations.apis.versions.specs.deleteRevision + description: Removes a specified artifact. + operationId: apigeeregistry.projects.locations.apis.versions.specs.artifacts.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3950,7 +3768,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApiSpec' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -3977,19 +3795,14 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: apigeeregistry.projects.locations.apis.versions.specs.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + - in: path + name: artifactsId + required: true + schema: + type: string + get: + description: Returns a specified artifact. + operationId: apigeeregistry.projects.locations.apis.versions.specs.artifacts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4001,7 +3814,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Artifact' parameters: - in: path name: projectsId @@ -4028,13 +3841,20 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:getIamPolicy: - parameters: *ref_1 - get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: apigeeregistry.projects.locations.apis.versions.specs.getIamPolicy + - in: path + name: artifactsId + required: true + schema: + type: string + put: + description: Used to replace a specified artifact. + operationId: >- + apigeeregistry.projects.locations.apis.versions.specs.artifacts.replaceArtifact + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Artifact' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4046,7 +3866,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Artifact' parameters: - in: path name: projectsId @@ -4073,26 +3893,21 @@ paths: required: true schema: type: string - - in: query - name: options.requestedPolicyVersion + - in: path + name: artifactsId + required: true schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:testIamPermissions: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}/artifacts/{artifactsId}:getContents: parameters: *ref_1 - post: + get: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: apigeeregistry.projects.locations.apis.versions.specs.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + Returns the contents of a specified artifact. If artifacts are stored + with GZip compression, the default behavior is to return the artifact + uncompressed (the mime_type response field indicates the exact format + returned). + operationId: >- + apigeeregistry.projects.locations.apis.versions.specs.artifacts.getContents security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4104,7 +3919,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -4131,11 +3946,27 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}/artifacts: + - in: path + name: artifactsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}/artifacts/{artifactsId}:testIamPermissions: parameters: *ref_1 - get: - description: Returns matching artifacts. - operationId: apigeeregistry.projects.locations.apis.versions.specs.artifacts.list + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: >- + apigeeregistry.projects.locations.apis.versions.specs.artifacts.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4147,7 +3978,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListArtifactsResponse' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -4174,23 +4005,13 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: artifactsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}/artifacts: + parameters: *ref_1 post: description: Creates a specified artifact. operationId: apigeeregistry.projects.locations.apis.versions.specs.artifacts.create @@ -4241,11 +4062,9 @@ paths: name: artifactId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}/artifacts/{artifactsId}: - parameters: *ref_1 get: - description: Returns a specified artifact. - operationId: apigeeregistry.projects.locations.apis.versions.specs.artifacts.get + description: Returns matching artifacts. + operationId: apigeeregistry.projects.locations.apis.versions.specs.artifacts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4257,7 +4076,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Artifact' + $ref: '#/components/schemas/ListArtifactsResponse' parameters: - in: path name: projectsId @@ -4284,20 +4103,37 @@ paths: required: true schema: type: string - - in: path - name: artifactsId - required: true + - in: query + name: filter schema: type: string - put: - description: Used to replace a specified artifact. + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}/artifacts/{artifactsId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. operationId: >- - apigeeregistry.projects.locations.apis.versions.specs.artifacts.replaceArtifact + apigeeregistry.projects.locations.apis.versions.specs.artifacts.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/Artifact' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4309,7 +4145,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Artifact' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -4341,9 +4177,13 @@ paths: required: true schema: type: string - delete: - description: Removes a specified artifact. - operationId: apigeeregistry.projects.locations.apis.versions.specs.artifacts.delete + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:listRevisions: + parameters: *ref_1 + get: + description: >- + Lists all revisions of a spec. Revisions are returned in descending + order of revision creation time. + operationId: apigeeregistry.projects.locations.apis.versions.specs.listRevisions security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4355,7 +4195,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListApiSpecRevisionsResponse' parameters: - in: path name: projectsId @@ -4382,21 +4222,26 @@ paths: required: true schema: type: string - - in: path - name: artifactsId - required: true + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}/artifacts/{artifactsId}:getContents: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}: parameters: *ref_1 - get: + delete: description: >- - Returns the contents of a specified artifact. If artifacts are stored - with GZip compression, the default behavior is to return the artifact - uncompressed (the mime_type response field indicates the exact format - returned). - operationId: >- - apigeeregistry.projects.locations.apis.versions.specs.artifacts.getContents + Removes a specified spec, all revisions, and all child resources (e.g., + artifacts). + operationId: apigeeregistry.projects.locations.apis.versions.specs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4408,7 +4253,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -4435,25 +4280,18 @@ paths: required: true schema: type: string - - in: path - name: artifactsId - required: true + - in: query + name: force schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}/artifacts/{artifactsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: >- - apigeeregistry.projects.locations.apis.versions.specs.artifacts.setIamPolicy + type: boolean + patch: + description: Used to modify a specified spec. + operationId: apigeeregistry.projects.locations.apis.versions.specs.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/ApiSpec' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4465,7 +4303,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ApiSpec' parameters: - in: path name: projectsId @@ -4492,19 +4330,18 @@ paths: required: true schema: type: string - - in: path - name: artifactsId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}/artifacts/{artifactsId}:getIamPolicy: - parameters: *ref_1 + format: google-fieldmask + - in: query + name: allowMissing + schema: + type: boolean get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: >- - apigeeregistry.projects.locations.apis.versions.specs.artifacts.getIamPolicy + description: Returns a specified spec. + operationId: apigeeregistry.projects.locations.apis.versions.specs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4516,7 +4353,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ApiSpec' parameters: - in: path name: projectsId @@ -4543,32 +4380,14 @@ paths: required: true schema: type: string - - in: path - name: artifactsId - required: true - schema: - type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}/artifacts/{artifactsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:getContents: parameters: *ref_1 - post: + get: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: >- - apigeeregistry.projects.locations.apis.versions.specs.artifacts.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + Returns the contents of a specified spec. If specs are stored with GZip + compression, the default behavior is to return the spec uncompressed + (the mime_type response field indicates the exact format returned). + operationId: apigeeregistry.projects.locations.apis.versions.specs.getContents security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4580,7 +4399,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -4607,16 +4426,11 @@ paths: required: true schema: type: string - - in: path - name: artifactsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/artifacts: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs: parameters: *ref_1 get: - description: Returns matching artifacts. - operationId: apigeeregistry.projects.locations.apis.versions.artifacts.list + description: Returns matching specs. + operationId: apigeeregistry.projects.locations.apis.versions.specs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4628,7 +4442,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListArtifactsResponse' + $ref: '#/components/schemas/ListApiSpecsResponse' parameters: - in: path name: projectsId @@ -4651,12 +4465,7 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: orderBy schema: type: string - in: query @@ -4664,17 +4473,22 @@ paths: schema: type: string - in: query - name: orderBy + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string post: - description: Creates a specified artifact. - operationId: apigeeregistry.projects.locations.apis.versions.artifacts.create + description: Creates a specified spec. + operationId: apigeeregistry.projects.locations.apis.versions.specs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Artifact' + $ref: '#/components/schemas/ApiSpec' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4686,7 +4500,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Artifact' + $ref: '#/components/schemas/ApiSpec' parameters: - in: path name: projectsId @@ -4709,14 +4523,64 @@ paths: schema: type: string - in: query - name: artifactId + name: apiSpecId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/artifacts/{artifactsId}: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:deleteRevision: parameters: *ref_1 - get: - description: Returns a specified artifact. - operationId: apigeeregistry.projects.locations.apis.versions.artifacts.get + delete: + description: Deletes a revision of a spec. + operationId: apigeeregistry.projects.locations.apis.versions.specs.deleteRevision + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ApiSpec' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: apisId + required: true + schema: + type: string + - in: path + name: versionsId + required: true + schema: + type: string + - in: path + name: specsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:rollback: + parameters: *ref_1 + post: + description: >- + Sets the current revision to a specified prior revision. Note that this + creates a new revision with a new revision ID. + operationId: apigeeregistry.projects.locations.apis.versions.specs.rollback + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RollbackApiSpecRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4728,7 +4592,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Artifact' + $ref: '#/components/schemas/ApiSpec' parameters: - in: path name: projectsId @@ -4751,19 +4615,20 @@ paths: schema: type: string - in: path - name: artifactsId + name: specsId required: true schema: type: string - put: - description: Used to replace a specified artifact. - operationId: >- - apigeeregistry.projects.locations.apis.versions.artifacts.replaceArtifact + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:tagRevision: + parameters: *ref_1 + post: + description: Adds a tag to a specified revision of a spec. + operationId: apigeeregistry.projects.locations.apis.versions.specs.tagRevision requestBody: content: application/json: schema: - $ref: '#/components/schemas/Artifact' + $ref: '#/components/schemas/TagApiSpecRevisionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4775,7 +4640,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Artifact' + $ref: '#/components/schemas/ApiSpec' parameters: - in: path name: projectsId @@ -4798,13 +4663,17 @@ paths: schema: type: string - in: path - name: artifactsId + name: specsId required: true schema: type: string - delete: - description: Removes a specified artifact. - operationId: apigeeregistry.projects.locations.apis.versions.artifacts.delete + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: apigeeregistry.projects.locations.apis.versions.specs.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4816,7 +4685,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -4839,19 +4708,30 @@ paths: schema: type: string - in: path - name: artifactsId + name: specsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/artifacts/{artifactsId}:getContents: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:testIamPermissions: parameters: *ref_1 - get: + post: description: >- - Returns the contents of a specified artifact. If artifacts are stored - with GZip compression, the default behavior is to return the artifact - uncompressed (the mime_type response field indicates the exact format - returned). - operationId: apigeeregistry.projects.locations.apis.versions.artifacts.getContents + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: apigeeregistry.projects.locations.apis.versions.specs.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4863,7 +4743,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -4886,18 +4766,18 @@ paths: schema: type: string - in: path - name: artifactsId + name: specsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/artifacts/{artifactsId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:setIamPolicy: parameters: *ref_1 post: description: >- Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. - operationId: apigeeregistry.projects.locations.apis.versions.artifacts.setIamPolicy + operationId: apigeeregistry.projects.locations.apis.versions.specs.setIamPolicy requestBody: content: application/json: @@ -4937,17 +4817,15 @@ paths: schema: type: string - in: path - name: artifactsId + name: specsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/artifacts/{artifactsId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/artifacts: parameters: *ref_1 get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: apigeeregistry.projects.locations.apis.versions.artifacts.getIamPolicy + description: Returns matching artifacts. + operationId: apigeeregistry.projects.locations.apis.versions.artifacts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4959,7 +4837,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListArtifactsResponse' parameters: - in: path name: projectsId @@ -4981,16 +4859,68 @@ paths: required: true schema: type: string - - in: path - name: artifactsId - required: true + - in: query + name: orderBy schema: type: string - in: query - name: options.requestedPolicyVersion + name: filter + schema: + type: string + - in: query + name: pageSize schema: type: integer format: int32 + - in: query + name: pageToken + schema: + type: string + post: + description: Creates a specified artifact. + operationId: apigeeregistry.projects.locations.apis.versions.artifacts.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Artifact' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Artifact' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: apisId + required: true + schema: + type: string + - in: path + name: versionsId + required: true + schema: + type: string + - in: query + name: artifactId + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/artifacts/{artifactsId}:testIamPermissions: parameters: *ref_1 post: @@ -5045,11 +4975,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/artifacts/{artifactsId}: parameters: *ref_1 - get: - description: Returns matching deployments. - operationId: apigeeregistry.projects.locations.apis.deployments.list + delete: + description: Removes a specified artifact. + operationId: apigeeregistry.projects.locations.apis.versions.artifacts.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5061,7 +4991,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListApiDeploymentsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -5078,31 +5008,19 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: versionsId + required: true schema: type: string - - in: query - name: orderBy + - in: path + name: artifactsId + required: true schema: type: string - post: - description: Creates a specified deployment. - operationId: apigeeregistry.projects.locations.apis.deployments.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ApiDeployment' + get: + description: Returns a specified artifact. + operationId: apigeeregistry.projects.locations.apis.versions.artifacts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5114,7 +5032,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApiDeployment' + $ref: '#/components/schemas/Artifact' parameters: - in: path name: projectsId @@ -5131,15 +5049,25 @@ paths: required: true schema: type: string - - in: query - name: apiDeploymentId + - in: path + name: versionsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}: - parameters: *ref_1 - get: - description: Returns a specified deployment. - operationId: apigeeregistry.projects.locations.apis.deployments.get + - in: path + name: artifactsId + required: true + schema: + type: string + put: + description: Used to replace a specified artifact. + operationId: >- + apigeeregistry.projects.locations.apis.versions.artifacts.replaceArtifact + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Artifact' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5151,7 +5079,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApiDeployment' + $ref: '#/components/schemas/Artifact' parameters: - in: path name: projectsId @@ -5169,18 +5097,28 @@ paths: schema: type: string - in: path - name: deploymentsId + name: versionsId required: true schema: type: string - patch: - description: Used to modify a specified deployment. - operationId: apigeeregistry.projects.locations.apis.deployments.patch + - in: path + name: artifactsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/artifacts/{artifactsId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: apigeeregistry.projects.locations.apis.versions.artifacts.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/ApiDeployment' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5192,7 +5130,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApiDeployment' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -5210,24 +5148,22 @@ paths: schema: type: string - in: path - name: deploymentsId + name: versionsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: artifactsId + required: true schema: type: string - format: google-fieldmask - - in: query - name: allowMissing - schema: - type: boolean - delete: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/artifacts/{artifactsId}:getIamPolicy: + parameters: *ref_1 + get: description: >- - Removes a specified deployment, all revisions, and all child resources - (e.g., artifacts). - operationId: apigeeregistry.projects.locations.apis.deployments.delete + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: apigeeregistry.projects.locations.apis.versions.artifacts.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5239,7 +5175,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -5257,24 +5193,29 @@ paths: schema: type: string - in: path - name: deploymentsId + name: versionsId + required: true + schema: + type: string + - in: path + name: artifactsId required: true schema: type: string - in: query - name: force + name: options.requestedPolicyVersion schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}:tagRevision: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/artifacts/{artifactsId}:getContents: parameters: *ref_1 - post: - description: Adds a tag to a specified revision of a deployment. - operationId: apigeeregistry.projects.locations.apis.deployments.tagRevision - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TagApiDeploymentRevisionRequest' + get: + description: >- + Returns the contents of a specified artifact. If artifacts are stored + with GZip compression, the default behavior is to return the artifact + uncompressed (the mime_type response field indicates the exact format + returned). + operationId: apigeeregistry.projects.locations.apis.versions.artifacts.getContents security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5286,7 +5227,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApiDeployment' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -5304,17 +5245,25 @@ paths: schema: type: string - in: path - name: deploymentsId + name: versionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}:listRevisions: + - in: path + name: artifactsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}: parameters: *ref_1 - get: - description: >- - Lists all revisions of a deployment. Revisions are returned in - descending order of revision creation time. - operationId: apigeeregistry.projects.locations.apis.deployments.listRevisions + patch: + description: Used to modify a specified version. + operationId: apigeeregistry.projects.locations.apis.versions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ApiVersion' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5326,7 +5275,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListApiDeploymentRevisionsResponse' + $ref: '#/components/schemas/ApiVersion' parameters: - in: path name: projectsId @@ -5344,35 +5293,22 @@ paths: schema: type: string - in: path - name: deploymentsId + name: versionsId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: updateMask schema: type: string + format: google-fieldmask - in: query - name: filter + name: allowMissing schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}:rollback: - parameters: *ref_1 - post: - description: >- - Sets the current revision to a specified prior revision. Note that this - creates a new revision with a new revision ID. - operationId: apigeeregistry.projects.locations.apis.deployments.rollback - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RollbackApiDeploymentRequest' + type: boolean + get: + description: Returns a specified version. + operationId: apigeeregistry.projects.locations.apis.versions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5384,7 +5320,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApiDeployment' + $ref: '#/components/schemas/ApiVersion' parameters: - in: path name: projectsId @@ -5402,15 +5338,13 @@ paths: schema: type: string - in: path - name: deploymentsId + name: versionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}:deleteRevision: - parameters: *ref_1 delete: - description: Deletes a revision of a deployment. - operationId: apigeeregistry.projects.locations.apis.deployments.deleteRevision + description: Removes a specified version and all of the resources that it owns. + operationId: apigeeregistry.projects.locations.apis.versions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5422,7 +5356,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApiDeployment' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -5440,23 +5374,29 @@ paths: schema: type: string - in: path - name: deploymentsId + name: versionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}:setIamPolicy: + - in: query + name: force + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}:testIamPermissions: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: apigeeregistry.projects.locations.apis.deployments.setIamPolicy + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: apigeeregistry.projects.locations.apis.versions.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5468,7 +5408,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -5486,17 +5426,17 @@ paths: schema: type: string - in: path - name: deploymentsId + name: versionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}:getIamPolicy: parameters: *ref_1 get: description: >- Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. - operationId: apigeeregistry.projects.locations.apis.deployments.getIamPolicy + operationId: apigeeregistry.projects.locations.apis.versions.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5526,7 +5466,7 @@ paths: schema: type: string - in: path - name: deploymentsId + name: versionsId required: true schema: type: string @@ -5535,21 +5475,19 @@ paths: schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}:setIamPolicy: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: apigeeregistry.projects.locations.apis.deployments.testIamPermissions + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: apigeeregistry.projects.locations.apis.versions.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5561,7 +5499,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -5579,15 +5517,15 @@ paths: schema: type: string - in: path - name: deploymentsId + name: versionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}/artifacts: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions: parameters: *ref_1 get: - description: Returns matching artifacts. - operationId: apigeeregistry.projects.locations.apis.deployments.artifacts.list + description: Returns matching versions. + operationId: apigeeregistry.projects.locations.apis.versions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5599,7 +5537,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListArtifactsResponse' + $ref: '#/components/schemas/ListApiVersionsResponse' parameters: - in: path name: projectsId @@ -5616,36 +5554,31 @@ paths: required: true schema: type: string - - in: path - name: deploymentsId - required: true - schema: - type: string - in: query - name: pageSize + name: filter schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - in: query - name: filter + name: orderBy schema: type: string - in: query - name: orderBy + name: pageSize schema: - type: string + type: integer + format: int32 post: - description: Creates a specified artifact. - operationId: apigeeregistry.projects.locations.apis.deployments.artifacts.create + description: Creates a specified version. + operationId: apigeeregistry.projects.locations.apis.versions.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Artifact' + $ref: '#/components/schemas/ApiVersion' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5657,7 +5590,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Artifact' + $ref: '#/components/schemas/ApiVersion' parameters: - in: path name: projectsId @@ -5674,20 +5607,20 @@ paths: required: true schema: type: string - - in: path - name: deploymentsId - required: true - schema: - type: string - in: query - name: artifactId + name: apiVersionId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}/artifacts/{artifactsId}: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments: parameters: *ref_1 - get: - description: Returns a specified artifact. - operationId: apigeeregistry.projects.locations.apis.deployments.artifacts.get + post: + description: Creates a specified deployment. + operationId: apigeeregistry.projects.locations.apis.deployments.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ApiDeployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5699,7 +5632,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Artifact' + $ref: '#/components/schemas/ApiDeployment' parameters: - in: path name: projectsId @@ -5716,25 +5649,65 @@ paths: required: true schema: type: string + - in: query + name: apiDeploymentId + schema: + type: string + get: + description: Returns matching deployments. + operationId: apigeeregistry.projects.locations.apis.deployments.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListApiDeploymentsResponse' + parameters: - in: path - name: deploymentsId + name: projectsId required: true schema: type: string - in: path - name: artifactsId + name: locationsId required: true schema: type: string - put: - description: Used to replace a specified artifact. - operationId: >- - apigeeregistry.projects.locations.apis.deployments.artifacts.replaceArtifact - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Artifact' + - in: path + name: apisId + required: true + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}:listRevisions: + parameters: *ref_1 + get: + description: >- + Lists all revisions of a deployment. Revisions are returned in + descending order of revision creation time. + operationId: apigeeregistry.projects.locations.apis.deployments.listRevisions security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5746,7 +5719,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Artifact' + $ref: '#/components/schemas/ListApiDeploymentRevisionsResponse' parameters: - in: path name: projectsId @@ -5768,14 +5741,29 @@ paths: required: true schema: type: string - - in: path - name: artifactsId - required: true + - in: query + name: pageToken schema: type: string - delete: - description: Removes a specified artifact. - operationId: apigeeregistry.projects.locations.apis.deployments.artifacts.delete + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}: + parameters: *ref_1 + patch: + description: Used to modify a specified deployment. + operationId: apigeeregistry.projects.locations.apis.deployments.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ApiDeployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5787,7 +5775,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ApiDeployment' parameters: - in: path name: projectsId @@ -5809,20 +5797,20 @@ paths: required: true schema: type: string - - in: path - name: artifactsId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}/artifacts/{artifactsId}:getContents: - parameters: *ref_1 - get: + format: google-fieldmask + - in: query + name: allowMissing + schema: + type: boolean + delete: description: >- - Returns the contents of a specified artifact. If artifacts are stored - with GZip compression, the default behavior is to return the artifact - uncompressed (the mime_type response field indicates the exact format - returned). - operationId: apigeeregistry.projects.locations.apis.deployments.artifacts.getContents + Removes a specified deployment, all revisions, and all child resources + (e.g., artifacts). + operationId: apigeeregistry.projects.locations.apis.deployments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5834,7 +5822,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -5856,16 +5844,13 @@ paths: required: true schema: type: string - - in: path - name: artifactsId - required: true + - in: query + name: force schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/artifacts: - parameters: *ref_1 + type: boolean get: - description: Returns matching artifacts. - operationId: apigeeregistry.projects.locations.apis.artifacts.list + description: Returns a specified deployment. + operationId: apigeeregistry.projects.locations.apis.deployments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5877,7 +5862,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListArtifactsResponse' + $ref: '#/components/schemas/ApiDeployment' parameters: - in: path name: projectsId @@ -5894,31 +5879,24 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: deploymentsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}:setIamPolicy: + parameters: *ref_1 post: - description: Creates a specified artifact. - operationId: apigeeregistry.projects.locations.apis.artifacts.create + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: apigeeregistry.projects.locations.apis.deployments.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/Artifact' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5930,7 +5908,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Artifact' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -5947,15 +5925,16 @@ paths: required: true schema: type: string - - in: query - name: artifactId + - in: path + name: deploymentsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/artifacts/{artifactsId}: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}:deleteRevision: parameters: *ref_1 - get: - description: Returns a specified artifact. - operationId: apigeeregistry.projects.locations.apis.artifacts.get + delete: + description: Deletes a revision of a deployment. + operationId: apigeeregistry.projects.locations.apis.deployments.deleteRevision security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5967,7 +5946,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Artifact' + $ref: '#/components/schemas/ApiDeployment' parameters: - in: path name: projectsId @@ -5985,54 +5964,25 @@ paths: schema: type: string - in: path - name: artifactsId + name: deploymentsId required: true schema: type: string - put: - description: Used to replace a specified artifact. - operationId: apigeeregistry.projects.locations.apis.artifacts.replaceArtifact + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: apigeeregistry.projects.locations.apis.deployments.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/Artifact' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Artifact' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: apisId - required: true - schema: - type: string - - in: path - name: artifactsId - required: true - schema: - type: string - delete: - description: Removes a specified artifact. - operationId: apigeeregistry.projects.locations.apis.artifacts.delete + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6044,7 +5994,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -6062,19 +6012,22 @@ paths: schema: type: string - in: path - name: artifactsId + name: deploymentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/artifacts/{artifactsId}:getContents: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}:rollback: parameters: *ref_1 - get: + post: description: >- - Returns the contents of a specified artifact. If artifacts are stored - with GZip compression, the default behavior is to return the artifact - uncompressed (the mime_type response field indicates the exact format - returned). - operationId: apigeeregistry.projects.locations.apis.artifacts.getContents + Sets the current revision to a specified prior revision. Note that this + creates a new revision with a new revision ID. + operationId: apigeeregistry.projects.locations.apis.deployments.rollback + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RollbackApiDeploymentRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6086,7 +6039,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/ApiDeployment' parameters: - in: path name: projectsId @@ -6104,23 +6057,20 @@ paths: schema: type: string - in: path - name: artifactsId + name: deploymentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/artifacts/{artifactsId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}:tagRevision: parameters: *ref_1 post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: apigeeregistry.projects.locations.apis.artifacts.setIamPolicy + description: Adds a tag to a specified revision of a deployment. + operationId: apigeeregistry.projects.locations.apis.deployments.tagRevision requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/TagApiDeploymentRevisionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6132,7 +6082,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ApiDeployment' parameters: - in: path name: projectsId @@ -6150,17 +6100,17 @@ paths: schema: type: string - in: path - name: artifactsId + name: deploymentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/artifacts/{artifactsId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}:getIamPolicy: parameters: *ref_1 get: description: >- Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. - operationId: apigeeregistry.projects.locations.apis.artifacts.getIamPolicy + operationId: apigeeregistry.projects.locations.apis.deployments.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6190,7 +6140,7 @@ paths: schema: type: string - in: path - name: artifactsId + name: deploymentsId required: true schema: type: string @@ -6199,21 +6149,17 @@ paths: schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/artifacts/{artifactsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}/artifacts/{artifactsId}: parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: apigeeregistry.projects.locations.apis.artifacts.testIamPermissions + put: + description: Used to replace a specified artifact. + operationId: >- + apigeeregistry.projects.locations.apis.deployments.artifacts.replaceArtifact requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/Artifact' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6225,7 +6171,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Artifact' parameters: - in: path name: projectsId @@ -6242,16 +6188,19 @@ paths: required: true schema: type: string + - in: path + name: deploymentsId + required: true + schema: + type: string - in: path name: artifactsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/artifacts: - parameters: *ref_1 get: - description: Returns matching artifacts. - operationId: apigeeregistry.projects.locations.artifacts.list + description: Returns a specified artifact. + operationId: apigeeregistry.projects.locations.apis.deployments.artifacts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6263,7 +6212,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListArtifactsResponse' + $ref: '#/components/schemas/Artifact' parameters: - in: path name: projectsId @@ -6275,31 +6224,24 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: apisId + required: true schema: type: string - - in: query - name: filter + - in: path + name: deploymentsId + required: true schema: type: string - - in: query - name: orderBy + - in: path + name: artifactsId + required: true schema: type: string - post: - description: Creates a specified artifact. - operationId: apigeeregistry.projects.locations.artifacts.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Artifact' + delete: + description: Removes a specified artifact. + operationId: apigeeregistry.projects.locations.apis.deployments.artifacts.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6311,7 +6253,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Artifact' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -6323,15 +6265,30 @@ paths: required: true schema: type: string - - in: query - name: artifactId + - in: path + name: apisId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/artifacts/{artifactsId}: + - in: path + name: deploymentsId + required: true + schema: + type: string + - in: path + name: artifactsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}/artifacts/{artifactsId}:getContents: parameters: *ref_1 get: - description: Returns a specified artifact. - operationId: apigeeregistry.projects.locations.artifacts.get + description: >- + Returns the contents of a specified artifact. If artifacts are stored + with GZip compression, the default behavior is to return the artifact + uncompressed (the mime_type response field indicates the exact format + returned). + operationId: apigeeregistry.projects.locations.apis.deployments.artifacts.getContents security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6343,7 +6300,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Artifact' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -6355,14 +6312,26 @@ paths: required: true schema: type: string + - in: path + name: apisId + required: true + schema: + type: string + - in: path + name: deploymentsId + required: true + schema: + type: string - in: path name: artifactsId required: true schema: type: string - put: - description: Used to replace a specified artifact. - operationId: apigeeregistry.projects.locations.artifacts.replaceArtifact + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/deployments/{deploymentsId}/artifacts: + parameters: *ref_1 + post: + description: Creates a specified artifact. + operationId: apigeeregistry.projects.locations.apis.deployments.artifacts.create requestBody: content: application/json: @@ -6392,13 +6361,22 @@ paths: schema: type: string - in: path - name: artifactsId + name: apisId required: true schema: type: string - delete: - description: Removes a specified artifact. - operationId: apigeeregistry.projects.locations.artifacts.delete + - in: path + name: deploymentsId + required: true + schema: + type: string + - in: query + name: artifactId + schema: + type: string + get: + description: Returns matching artifacts. + operationId: apigeeregistry.projects.locations.apis.deployments.artifacts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6410,7 +6388,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListArtifactsResponse' parameters: - in: path name: projectsId @@ -6423,19 +6401,40 @@ paths: schema: type: string - in: path - name: artifactsId + name: apisId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/artifacts/{artifactsId}:getContents: + - in: path + name: deploymentsId + required: true + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: description: >- - Returns the contents of a specified artifact. If artifacts are stored - with GZip compression, the default behavior is to return the artifact - uncompressed (the mime_type response field indicates the exact format - returned). - operationId: apigeeregistry.projects.locations.artifacts.getContents + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: apigeeregistry.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6447,7 +6446,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6460,23 +6459,17 @@ paths: schema: type: string - in: path - name: artifactsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/artifacts/{artifactsId}:setIamPolicy: - parameters: *ref_1 - post: + delete: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: apigeeregistry.projects.locations.artifacts.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: apigeeregistry.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6488,7 +6481,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -6501,17 +6494,17 @@ paths: schema: type: string - in: path - name: artifactsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/artifacts/{artifactsId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 get: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: apigeeregistry.projects.locations.artifacts.getIamPolicy + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: apigeeregistry.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6523,7 +6516,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -6535,31 +6528,38 @@ paths: required: true schema: type: string - - in: path - name: artifactsId - required: true - schema: - type: string - in: query - name: options.requestedPolicyVersion + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/artifacts/{artifactsId}:testIamPermissions: + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: apigeeregistry.projects.locations.artifacts.testIamPermissions + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + 1, corresponding to `Code.CANCELLED`. + operationId: apigeeregistry.projects.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6571,7 +6571,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -6584,18 +6584,18 @@ paths: schema: type: string - in: path - name: artifactsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/runtime:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/documents:setIamPolicy: parameters: *ref_1 post: description: >- Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. - operationId: apigeeregistry.projects.locations.runtime.setIamPolicy + operationId: apigeeregistry.projects.locations.documents.setIamPolicy requestBody: content: application/json: @@ -6624,13 +6624,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/runtime:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/documents:getIamPolicy: parameters: *ref_1 get: description: >- Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. - operationId: apigeeregistry.projects.locations.runtime.getIamPolicy + operationId: apigeeregistry.projects.locations.documents.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6659,7 +6659,7 @@ paths: schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/runtime:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/documents:testIamPermissions: parameters: *ref_1 post: description: >- @@ -6668,7 +6668,7 @@ paths: not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. - operationId: apigeeregistry.projects.locations.runtime.testIamPermissions + operationId: apigeeregistry.projects.locations.documents.testIamPermissions requestBody: content: application/json: @@ -6697,19 +6697,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/documents:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/runtime:getIamPolicy: parameters: *ref_1 - post: + get: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: apigeeregistry.projects.locations.documents.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: apigeeregistry.projects.locations.runtime.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6733,13 +6727,24 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/documents:getIamPolicy: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/runtime:setIamPolicy: parameters: *ref_1 - get: + post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: apigeeregistry.projects.locations.documents.getIamPolicy + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: apigeeregistry.projects.locations.runtime.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6763,12 +6768,7 @@ paths: required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/documents:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/runtime:testIamPermissions: parameters: *ref_1 post: description: >- @@ -6777,7 +6777,7 @@ paths: not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. - operationId: apigeeregistry.projects.locations.documents.testIamPermissions + operationId: apigeeregistry.projects.locations.runtime.testIamPermissions requestBody: content: application/json: diff --git a/providers/src/googleapis.com/v00.00.00000/services/apihub.yaml b/providers/src/googleapis.com/v00.00.00000/services/apihub.yaml index 687ceee6..962d39c6 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/apihub.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/apihub.yaml @@ -7,8 +7,8 @@ info: title: API hub API description: '' version: v1 - x-discovery-doc-revision: '20250731' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251205' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/apigee/docs/api-hub/what-is-api-hub servers: @@ -49,6 +49,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + items: + type: string GoogleLongrunningOperation: id: GoogleLongrunningOperation description: >- @@ -145,6 +154,211 @@ components: description: The request message for Operations.CancelOperation. type: object properties: {} + GoogleCloudApihubV1Addon: + id: GoogleCloudApihubV1Addon + description: Addon resource. + type: object + properties: + name: + description: >- + Identifier. The name of the addon to enable. Format: + `projects/{project}/locations/{location}/addons/{addon}`. + type: string + displayName: + description: Required. The display name of the addon. + type: string + description: + description: Optional. The description of the addon. + type: string + dataSource: + description: >- + Required. The data source on which the addon operates. This + determines which field in the `config` oneof is used. + type: string + enumDescriptions: + - The data source of the addon is not specified. + - Addon operates on data collected from specific plugin instances. + - Addon operates on all data in the API hub. + enum: + - DATA_SOURCE_UNSPECIFIED + - PLUGIN_INSTANCE + - ALL_DATA + createTime: + description: Output only. The time at which the addon was created. + readOnly: true + type: string + format: google-datetime + updateTime: + description: Output only. The time at which the addon was last updated. + readOnly: true + type: string + format: google-datetime + config: + description: Required. The configuration of the addon. + $ref: '#/components/schemas/GoogleCloudApihubV1AddonConfig' + state: + description: Output only. The state of the addon. + readOnly: true + type: string + enumDescriptions: + - The addon state is not specified. + - The addon is active. + - The addon is being updated. + - The addon is in error state. + - The addon is inactive. + enum: + - ADDON_STATE_UNSPECIFIED + - ACTIVE + - UPDATING + - ERROR + - INACTIVE + GoogleCloudApihubV1AddonConfig: + id: GoogleCloudApihubV1AddonConfig + description: Configuration for the addon. + type: object + properties: + gatewayPluginAddonConfig: + description: Configuration for gateway plugin addons. + $ref: '#/components/schemas/GoogleCloudApihubV1GatewayPluginAddonConfig' + allDataAddonConfig: + description: Configuration for addons which act on all data in the API hub. + $ref: '#/components/schemas/GoogleCloudApihubV1AllDataAddonConfig' + GoogleCloudApihubV1GatewayPluginAddonConfig: + id: GoogleCloudApihubV1GatewayPluginAddonConfig + description: >- + Configuration for gateway plugin addons. This is used to specify the + list of gateway plugin configs for which the addon is enabled. + type: object + properties: + gatewayPluginConfigs: + description: >- + Required. The list of gateway plugin configs for which the addon is + enabled. Each gateway plugin config should have a unique plugin + instance. + type: array + items: + $ref: '#/components/schemas/GoogleCloudApihubV1GatewayPluginConfig' + GoogleCloudApihubV1GatewayPluginConfig: + id: GoogleCloudApihubV1GatewayPluginConfig + description: >- + Configuration for a gateway plugin. This is used to specify configs for + different gateways. + type: object + properties: + apigeeXHybridConfig: + description: Configuration for Apigee X and Apigee Hybrid gateways. + $ref: '#/components/schemas/GoogleCloudApihubV1ApigeeXHybridConfig' + apigeeEdgeConfig: + description: Configuration for Apigee Edge gateways. + $ref: '#/components/schemas/GoogleCloudApihubV1ApigeeEdgeConfig' + apigeeOpdkConfig: + description: Configuration for Apigee OPDK gateways. + $ref: '#/components/schemas/GoogleCloudApihubV1ApigeeOPDKConfig' + pluginInstance: + description: >- + Required. The name of the gateway plugin instance for which the + config is to be specified. Format: + projects/{project}/locations/{location}/plugins/{plugin}/pluginInstances/{plugin_instance} + type: string + GoogleCloudApihubV1ApigeeXHybridConfig: + id: GoogleCloudApihubV1ApigeeXHybridConfig + description: >- + Configuration for Apigee X and Apigee Hybrid gateways. Applicability of + a filter is determined by the filter being provided. If none of the + filters are provided the addon will be enabled for all data brought in + by the gateway plugin instance. + type: object + properties: + environmentFilter: + description: >- + Optional. The filter to apply on the resources managed by the + gateway plugin instance. If provided this filter applies environment + specific filtering. + $ref: '#/components/schemas/GoogleCloudApihubV1EnvironmentFilter' + GoogleCloudApihubV1EnvironmentFilter: + id: GoogleCloudApihubV1EnvironmentFilter + description: Filter for environments. + type: object + properties: + allEnvironments: + description: >- + Optional. Indicates if this filter should match all environments or + only a subset of environments. If set to true, all environments are + matched. + type: boolean + environments: + description: >- + Optional. If provided, only environments in this list are matched. + This field is ignored if `all_environments` is true. + type: array + items: + type: string + GoogleCloudApihubV1ApigeeEdgeConfig: + id: GoogleCloudApihubV1ApigeeEdgeConfig + description: >- + Configuration for Apigee Edge gateways. Applicability of a filter is + determined by the filter being provided. If none of the filters are + provided the addon will be enabled for all data brought in by the + gateway plugin instance. + type: object + properties: + environmentFilter: + description: >- + Optional. The filter to apply on the resources managed by the + gateway plugin instance. If provided this filter applies environment + specific filtering. + $ref: '#/components/schemas/GoogleCloudApihubV1EnvironmentFilter' + GoogleCloudApihubV1ApigeeOPDKConfig: + id: GoogleCloudApihubV1ApigeeOPDKConfig + description: >- + Configuration for Apigee OPDK gateways. Applicability of a filter is + determined by the filter being provided. If none of the filters are + provided the addon will be enabled for all data brought in by the + gateway plugin instance. + type: object + properties: + environmentFilter: + description: >- + Optional. The filter to apply on the resources managed by the + gateway plugin instance. If provided this filter applies environment + specific filtering. + $ref: '#/components/schemas/GoogleCloudApihubV1EnvironmentFilter' + GoogleCloudApihubV1AllDataAddonConfig: + id: GoogleCloudApihubV1AllDataAddonConfig + description: >- + Configuration for addons which act on all data in the API hub. This is + used to specify if the addon is enabled for all data in the API hub. + type: object + properties: + enabled: + description: Required. If true, the addon is enabled for all data in the API hub. + type: boolean + GoogleCloudApihubV1ManageAddonConfigRequest: + id: GoogleCloudApihubV1ManageAddonConfigRequest + description: The ManageAddonConfig method's request. + type: object + properties: + config: + description: >- + Required. The config of the addon to be managed. This config will + replace the config present in the addon. The type of the config + should match the config type already present in the addon. + $ref: '#/components/schemas/GoogleCloudApihubV1AddonConfig' + GoogleCloudApihubV1ListAddonsResponse: + id: GoogleCloudApihubV1ListAddonsResponse + description: The ListAddons method's response. + type: object + properties: + addons: + description: The list of addons. + type: array + items: + $ref: '#/components/schemas/GoogleCloudApihubV1Addon' + nextPageToken: + description: >- + A token to retrieve the next page of results, or empty if there are + no more results in the list. + type: string GoogleCloudApihubV1Plugin: id: GoogleCloudApihubV1Plugin description: A plugin resource in the API Hub. @@ -226,7 +440,10 @@ components: actions will be disabled from API hub's UI. $ref: '#/components/schemas/GoogleCloudApihubV1HostingService' actionsConfig: - description: Required. The configuration of actions supported by the plugin. + description: >- + Optional. The configuration of actions supported by the plugin. + **REQUIRED**: This field must be provided when creating or updating + a Plugin. The server will reject requests if this field is missing. type: array items: $ref: '#/components/schemas/GoogleCloudApihubV1PluginActionConfig' @@ -702,6 +919,14 @@ components: case of non gcp based plugins. This field will be a required field for Google provided on-ramp plugins. type: string + sourceEnvironmentsConfig: + description: >- + Optional. The source environment's config present in the gateway + instance linked to the plugin instance. The key is the + `source_environment` name from the SourceEnvironment message. + type: object + additionalProperties: + $ref: '#/components/schemas/GoogleCloudApihubV1SourceEnvironment' GoogleCloudApihubV1AuthConfig: id: GoogleCloudApihubV1AuthConfig description: AuthConfig represents the authentication information. @@ -1032,6 +1257,13 @@ components: readOnly: true type: string format: google-datetime + resultMetadata: + description: >- + Output only. The result metadata of the last execution of the plugin + instance. This will be a string representation of a JSON object and + will be available on successful execution. + readOnly: true + type: string GoogleCloudApihubV1CurationConfig: id: GoogleCloudApihubV1CurationConfig description: The curation information for this plugin instance. @@ -1087,6 +1319,34 @@ components: projects/{project}/topics/{topic} readOnly: true type: string + GoogleCloudApihubV1SourceEnvironment: + id: GoogleCloudApihubV1SourceEnvironment + description: Message representing the source environment details. + type: object + properties: + sourceEnvironment: + description: >- + Required. The name of the environment at the source. This should map + to Deployment. + type: string + sourceEnvironmentUri: + description: >- + The location where additional information about source environments + can be found. The location should be relative path of the + environment manifest with respect to a plugin instance. + type: string + createTime: + description: >- + Optional. The time at which the environment was created at the + source. + type: string + format: google-datetime + updateTime: + description: >- + Optional. The time at which the environment was last updated at the + source. + type: string + format: google-datetime GoogleCloudApihubV1ExecutePluginInstanceActionRequest: id: GoogleCloudApihubV1ExecutePluginInstanceActionRequest description: The ExecutePluginInstanceAction method's request. @@ -1134,6 +1394,51 @@ components: actionId: description: Required. The action id to disable. type: string + GoogleCloudApihubV1ManagePluginInstanceSourceDataRequest: + id: GoogleCloudApihubV1ManagePluginInstanceSourceDataRequest + description: The ManagePluginInstanceSourceData method's request. + type: object + properties: + dataType: + description: Required. Type of data to be managed. + type: string + enumDescriptions: + - Default unspecified type. + - Proxy deployment manifest. + - Environment manifest. + - Proxy bundle. + - Shared flow bundle. + enum: + - DATA_TYPE_UNSPECIFIED + - PROXY_DEPLOYMENT_MANIFEST + - ENVIRONMENT_MANIFEST + - PROXY_BUNDLE + - SHARED_FLOW_BUNDLE + action: + description: Required. Action to be performed. + type: string + enumDescriptions: + - Default unspecified action. + - Upload or upsert data. + - Delete data. + enum: + - ACTION_UNSPECIFIED + - UPLOAD + - DELETE + relativePath: + description: >- + Required. Relative path of data being managed for a given plugin + instance. + type: string + data: + description: Required. Data to be managed. + type: string + format: byte + GoogleCloudApihubV1ManagePluginInstanceSourceDataResponse: + id: GoogleCloudApihubV1ManagePluginInstanceSourceDataResponse + description: The ManagePluginInstanceSourceData method's response. + type: object + properties: {} GoogleCloudApihubV1Api: id: GoogleCloudApihubV1Api description: An API resource in the API Hub. @@ -1254,7 +1559,10 @@ components: object, not a directory. $ref: '#/components/schemas/GoogleCloudApihubV1AttributeValues' fingerprint: - description: Optional. Fingerprint of the API resource. + description: >- + Optional. Fingerprint of the API resource. This must be unique for + each API resource. It can neither be unset nor be updated to an + existing fingerprint of another API resource. type: string sourceMetadata: description: >- @@ -1594,6 +1902,12 @@ components: type: array items: $ref: '#/components/schemas/GoogleCloudApihubV1SourceMetadata' + additionalSpecContents: + description: Output only. The additional spec contents for the spec. + readOnly: true + type: array + items: + $ref: '#/components/schemas/GoogleCloudApihubV1AdditionalSpecContent' GoogleCloudApihubV1SpecContents: id: GoogleCloudApihubV1SpecContents description: The spec contents. @@ -1789,6 +2103,52 @@ components: description: Required. Count of issues with the given severity. type: integer format: int32 + GoogleCloudApihubV1AdditionalSpecContent: + id: GoogleCloudApihubV1AdditionalSpecContent + description: >- + The additional spec content for the spec. This contains the metadata and + the last update time for the additional spec content. + type: object + properties: + specContentType: + description: Required. The type of the spec content. + type: string + enumDescriptions: + - >- + Unspecified spec content type. Defaults to spec content uploaded + by the user. + - The spec content type for boosted spec. + enum: + - SPEC_CONTENT_TYPE_UNSPECIFIED + - BOOSTED_SPEC_CONTENT + specContents: + description: Optional. The additional spec contents. + $ref: '#/components/schemas/GoogleCloudApihubV1SpecContents' + createTime: + description: Output only. The time at which the spec content was created. + readOnly: true + type: string + format: google-datetime + updateTime: + description: Output only. The time at which the spec content was last updated. + readOnly: true + type: string + format: google-datetime + labels: + description: >- + Optional. The labels of the spec content e.g. specboost addon + version. + type: object + additionalProperties: + type: string + GoogleCloudApihubV1FetchAdditionalSpecContentResponse: + id: GoogleCloudApihubV1FetchAdditionalSpecContentResponse + description: The FetchAdditionalSpecContent method's response. + type: object + properties: + additionalSpecContent: + description: The additional spec content. + $ref: '#/components/schemas/GoogleCloudApihubV1AdditionalSpecContent' GoogleCloudApihubV1ListSpecsResponse: id: GoogleCloudApihubV1ListSpecsResponse description: The ListSpecs method's response. @@ -1872,6 +2232,9 @@ components: httpOperation: description: The HTTP Operation. $ref: '#/components/schemas/GoogleCloudApihubV1HttpOperation' + mcpTool: + description: The MCP Tool Operation. + $ref: '#/components/schemas/GoogleCloudApihubV1McpTool' description: description: >- Optional. Description of the operation behavior. For OpenAPI spec, @@ -1942,6 +2305,81 @@ components: Optional. A short description for the path applicable to all operations. type: string + GoogleCloudApihubV1McpTool: + id: GoogleCloudApihubV1McpTool + description: Details describing an MCP Tool. + type: object + properties: + name: + description: >- + Required. The name of the tool, unique within its parent scope + (version). + type: string + title: + description: Optional. Optional title for the tool. + type: string + description: + description: Optional. Description of what the tool does. + type: string + annotations: + description: Optional. Optional annotations for the tool. + $ref: '#/components/schemas/GoogleCloudApihubV1ToolAnnotations' + inputSchema: + description: >- + Optional. Input schema for the operation. This can be parsed only + from MCP schema type. + $ref: '#/components/schemas/GoogleCloudApihubV1OperationSchema' + outputSchema: + description: >- + Optional. Output schema for the operation. This can be parsed only + from MCP schema type. + $ref: '#/components/schemas/GoogleCloudApihubV1OperationSchema' + GoogleCloudApihubV1ToolAnnotations: + id: GoogleCloudApihubV1ToolAnnotations + description: Annotations for a Tool. + type: object + properties: + title: + description: >- + Optional. A human-readable title for the tool (if different from + Tool.title). + type: string + readOnlyHint: + description: Optional. Hint indicating if the tool is read-only. + type: boolean + destructiveHint: + description: >- + Optional. Hint indicating if the tool may have destructive side + effects. + type: boolean + idempotentHint: + description: Optional. Hint indicating if the tool is idempotent. + type: boolean + openWorldHint: + description: >- + Optional. Hint indicating if the tool interacts with the open world + (e.g., internet). + type: boolean + additionalHints: + description: >- + Optional. Additional hints which may help tools and not covered in + defaults. + type: object + additionalProperties: + type: string + GoogleCloudApihubV1OperationSchema: + id: GoogleCloudApihubV1OperationSchema + description: The operation schema needed for an operation. + type: object + properties: + jsonSchema: + description: >- + The JSON schema. Only valid JSON is accepted but semantic validation + of schema is not supported right now. + type: object + additionalProperties: + type: any + description: Properties of the object. GoogleCloudApihubV1ListApiOperationsResponse: id: GoogleCloudApihubV1ListApiOperationsResponse description: The ListApiOperations method's response. @@ -2504,6 +2942,70 @@ components: A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. type: string + GoogleCloudApihubV1RetrieveApiViewsResponse: + id: GoogleCloudApihubV1RetrieveApiViewsResponse + description: The RetrieveApiViews method's response. + type: object + properties: + apiViews: + description: The list of API views. + type: array + items: + $ref: '#/components/schemas/GoogleCloudApihubV1ApiView' + nextPageToken: + description: Next page token. + type: string + GoogleCloudApihubV1ApiView: + id: GoogleCloudApihubV1ApiView + description: The view of an API. + type: object + properties: + mcpServerView: + description: Output only. MCP server view. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudApihubV1FlattenedApiVersionDeploymentView + mcpToolView: + description: Output only. MCP tools view. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudApihubV1FlattenedApiVersionOperationDeploymentView + GoogleCloudApihubV1FlattenedApiVersionDeploymentView: + id: GoogleCloudApihubV1FlattenedApiVersionDeploymentView + description: >- + A flattened view of an API, its version and one of the linked + deployments. + type: object + properties: + api: + description: The API. + $ref: '#/components/schemas/GoogleCloudApihubV1Api' + version: + description: The version. + $ref: '#/components/schemas/GoogleCloudApihubV1Version' + deployment: + description: The deployment. + $ref: '#/components/schemas/GoogleCloudApihubV1Deployment' + GoogleCloudApihubV1FlattenedApiVersionOperationDeploymentView: + id: GoogleCloudApihubV1FlattenedApiVersionOperationDeploymentView + description: >- + A flattened view of an API, its version, one of its operations and one + of the linked deployments. If there are no deployments linked to the + operation then the result will be empty. + type: object + properties: + api: + description: The API. + $ref: '#/components/schemas/GoogleCloudApihubV1Api' + version: + description: The version. + $ref: '#/components/schemas/GoogleCloudApihubV1Version' + apiOperation: + description: The API operation. + $ref: '#/components/schemas/GoogleCloudApihubV1ApiOperation' + deployment: + description: The deployment. + $ref: '#/components/schemas/GoogleCloudApihubV1Deployment' GoogleCloudApihubV1Dependency: id: GoogleCloudApihubV1Dependency description: >- @@ -3812,6 +4314,26 @@ components: update: [] replace: [] delete: [] + api_views: + id: google.apihub.api_views + name: api_views + title: Api_views + methods: + retrieve_api_views: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:retrieveApiViews/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/api_views/methods/retrieve_api_views + insert: [] + update: [] + replace: [] + delete: [] operations: id: google.apihub.operations name: operations @@ -3871,6 +4393,41 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + addons: + id: google.apihub.addons + name: addons + title: Addons + methods: + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addons~1{addonsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + manage_config: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addons~1{addonsId}:manageConfig/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addons/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.addons + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/addons/methods/get' + - $ref: '#/components/x-stackQL-resources/addons/methods/list' + insert: [] + update: [] + replace: [] + delete: [] plugins: id: google.apihub.plugins name: plugins @@ -4020,6 +4577,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + manage_source_data: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1plugins~1{pluginsId}~1instances~1{instancesId}:manageSourceData/post + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/instances/methods/get' @@ -4234,6 +4798,26 @@ components: update: [] replace: [] delete: [] + specs_additional_spec_content: + id: google.apihub.specs_additional_spec_content + name: specs_additional_spec_content + title: Specs_additional_spec_content + methods: + fetch_additional_spec_content: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1apis~1{apisId}~1versions~1{versionsId}~1specs~1{specsId}:fetchAdditionalSpecContent/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/specs_additional_spec_content/methods/fetch_additional_spec_content + insert: [] + update: [] + replace: [] + delete: [] definitions: id: google.apihub.definitions name: definitions @@ -4748,6 +5332,52 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}:retrieveApiViews: + parameters: *ref_1 + get: + description: Retrieve API views. + operationId: apihub.projects.locations.retrieveApiViews + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApihubV1RetrieveApiViewsResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: view + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}:collectApiData: parameters: *ref_1 post: @@ -4923,6 +5553,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: @@ -5041,6 +5675,121 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/addons/{addonsId}: + parameters: *ref_1 + get: + description: Get an addon. + operationId: apihub.projects.locations.addons.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApihubV1Addon' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: addonsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/addons/{addonsId}:manageConfig: + parameters: *ref_1 + post: + description: >- + Manage addon config. This RPC is used for managing the config of the + addon. Calling this RPC moves the addon into an updating state until the + long-running operation succeeds. + operationId: apihub.projects.locations.addons.manageConfig + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApihubV1ManageAddonConfigRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: addonsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/addons: + parameters: *ref_1 + get: + description: List addons. + operationId: apihub.projects.locations.addons.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudApihubV1ListAddonsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/plugins/{pluginsId}: parameters: *ref_1 get: @@ -5683,6 +6432,51 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/plugins/{pluginsId}/instances/{instancesId}:manageSourceData: + parameters: *ref_1 + post: + description: Manages data for a given plugin instance. + operationId: apihub.projects.locations.plugins.instances.manageSourceData + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApihubV1ManagePluginInstanceSourceDataRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApihubV1ManagePluginInstanceSourceDataResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: pluginsId + required: true + schema: + type: string + - in: path + name: instancesId + required: true + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/plugins/{pluginsId}/styleGuide:contents: parameters: *ref_1 get: @@ -5832,9 +6626,9 @@ paths: Update an API resource in the API hub. The following fields in the API can be updated: * display_name * description * owner * documentation * target_user * team * business_unit * maturity_level * api_style * - attributes The update_mask should be used to specify the fields being - updated. Updating the owner field requires complete owner message and - updates both owner and email fields. + attributes * fingerprint The update_mask should be used to specify the + fields being updated. Updating the owner field requires complete owner + message and updates both owner and email fields. operationId: apihub.projects.locations.apis.patch requestBody: content: @@ -6433,6 +7227,54 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:fetchAdditionalSpecContent: + parameters: *ref_1 + get: + description: Fetch additional spec content. + operationId: apihub.projects.locations.apis.versions.specs.fetchAdditionalSpecContent + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudApihubV1FetchAdditionalSpecContentResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: apisId + required: true + schema: + type: string + - in: path + name: versionsId + required: true + schema: + type: string + - in: path + name: specsId + required: true + schema: + type: string + - in: query + name: specContentType + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/apis/{apisId}/versions/{versionsId}/specs/{specsId}:lint: parameters: *ref_1 post: @@ -6632,11 +7474,20 @@ paths: Update an operation in an API version. The following fields in the ApiOperation resource can be updated: * details.description * details.documentation * details.http_operation.path * - details.http_operation.method * details.deprecated * attributes The - update_mask should be used to specify the fields being updated. An - operation can be updated only if the operation was created via - CreateApiOperation API. If the operation was created by parsing the - spec, then it can be edited by updating the spec. + details.http_operation.method * details.deprecated * attributes * + details.mcp_tool.title * details.mcp_tool.description * + details.mcp_tool.input_schema * details.mcp_tool.output_schema * + details.input_schema * details.output_schema * + details.mcp_tool.annotations.title * + details.mcp_tool.annotations.read_only_hint * + details.mcp_tool.annotations.destructive_hint * + details.mcp_tool.annotations.idempotent_hint * + details.mcp_tool.annotations.open_world_hint * + details.mcp_tool.annotations.additional_hints The update_mask should be + used to specify the fields being updated. An operation can be updated + only if the operation was created via CreateApiOperation API. If the + operation was created by parsing the spec, then it can be edited by + updating the spec. operationId: apihub.projects.locations.apis.versions.operations.patch requestBody: content: @@ -8043,7 +8894,10 @@ paths: /v1/projects/{projectsId}/locations/{locationsId}/apiHubInstances/{apiHubInstancesId}: parameters: *ref_1 delete: - description: Deletes the API hub instance. + description: >- + Deletes the API hub instance. Deleting the API hub instance will also + result in the removal of all associated runtime project attachments and + the host project registration. operationId: apihub.projects.locations.apiHubInstances.delete security: - Oauth2: diff --git a/providers/src/googleapis.com/v00.00.00000/services/apikeys.yaml b/providers/src/googleapis.com/v00.00.00000/services/apikeys.yaml index b94514e8..8caab72c 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/apikeys.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/apikeys.yaml @@ -7,8 +7,8 @@ info: title: API Keys API description: Manages the API keys associated with developer projects. version: v2 - x-discovery-doc-revision: '20250619' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251202' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/api-keys/docs servers: @@ -22,12 +22,12 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 - https://www.googleapis.com/auth/cloud-platform: >- - See, edit, configure, and delete your Google Cloud data and see - the email address for your Google Account. https://www.googleapis.com/auth/cloud-platform.read-only: >- View your data across Google Cloud services and see the email address of your Google Account + https://www.googleapis.com/auth/cloud-platform: >- + See, edit, configure, and delete your Google Cloud data and see + the email address for your Google Account. Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -37,164 +37,172 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - V2BrowserKeyRestrictions: - id: V2BrowserKeyRestrictions - properties: - allowedReferrers: - type: array - items: - type: string - description: >- - A list of regular expressions for the referrer URLs that are allowed - to make API calls with this key. - description: The HTTP referrers (websites) that are allowed to use the key. - type: object - V2IosKeyRestrictions: - id: V2IosKeyRestrictions + V2ApiTarget: type: object - description: The iOS apps that are allowed to use the key. + description: >- + A restriction for a specific service and optionally one or multiple + specific methods. Both fields are case insensitive. + id: V2ApiTarget properties: - allowedBundleIds: + methods: items: type: string type: array description: >- - A list of bundle IDs that are allowed when making API calls with - this key. + Optional. List of one or more methods that can be called. If empty, + all methods for the service are allowed. A wildcard (*) can be used + as the last symbol. Valid examples: + `google.cloud.translate.v2.TranslateService.GetSupportedLanguage` + `TranslateText` `Get*` `translate.googleapis.com.Get*` + service: + description: >- + The service for this restriction. It should be the canonical service + name, for example: `translate.googleapis.com`. You can use [`gcloud + services + list`](https://cloud.google.com/sdk/gcloud/reference/services/list) + to get a list of services that are enabled in the project. + type: string V2Key: description: The representation of a key managed by the API Keys API. + type: object + id: V2Key properties: - deleteTime: - description: >- - Output only. A timestamp when this key was deleted. If the resource - is not deleted, this must be empty. - format: google-datetime - readOnly: true - type: string updateTime: - readOnly: true description: >- Output only. A timestamp identifying the time this key was last updated. - type: string + readOnly: true format: google-datetime - serviceAccountEmail: + type: string + keyString: + type: string + readOnly: true description: >- - Optional. The email address of [the service - account](https://cloud.google.com/iam/docs/service-accounts) the key - is bound to. + Output only. An encrypted and signed value held by this key. This + field can be accessed only through the `GetKeyString` method. + displayName: type: string + description: >- + Human-readable display name of this key that you can modify. The + maximum length is 63 characters. name: readOnly: true + type: string description: >- Output only. The resource name of the key. The `name` has the form: `projects//locations/global/keys/`. For example: `projects/123456867718/locations/global/keys/b7ff1f9f-8275-410a-94dd-3855ee9b5dd2` NOTE: Key is a global resource; hence the only supported value for location is `global`. + deleteTime: + readOnly: true + format: google-datetime + description: >- + Output only. A timestamp when this key was deleted. If the resource + is not deleted, this must be empty. + type: string + createTime: + description: >- + Output only. A timestamp identifying the time this key was + originally created. + type: string + readOnly: true + format: google-datetime + serviceAccountEmail: + description: >- + Optional. The email address of [the service + account](https://cloud.google.com/iam/docs/service-accounts) the key + is bound to. type: string annotations: - additionalProperties: - type: string + type: object description: >- Annotations is an unstructured key-value map stored with a policy that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. - type: object - keyString: + additionalProperties: + type: string + uid: + description: Output only. Unique id in UUID4 format. type: string readOnly: true - description: >- - Output only. An encrypted and signed value held by this key. This - field can be accessed only through the `GetKeyString` method. restrictions: description: Key restrictions. $ref: '#/components/schemas/V2Restrictions' - createTime: - type: string - description: >- - Output only. A timestamp identifying the time this key was - originally created. - format: google-datetime - readOnly: true - uid: - description: Output only. Unique id in UUID4 format. - readOnly: true - type: string etag: description: >- Output only. A checksum computed by the server based on the current value of the Key resource. This may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. See https://google.aip.dev/154. - type: string readOnly: true - displayName: type: string + V2IosKeyRestrictions: + id: V2IosKeyRestrictions + properties: + allowedBundleIds: + items: + type: string + type: array description: >- - Human-readable display name of this key that you can modify. The - maximum length is 63 characters. - type: object - id: V2Key - V2GetKeyStringResponse: - description: Response message for `GetKeyString` method. + A list of bundle IDs that are allowed when making API calls with + this key. type: object - id: V2GetKeyStringResponse - properties: - keyString: - description: An encrypted and signed value of the key. - type: string - V2LookupKeyResponse: - description: Response message for `LookupKey` method. - id: V2LookupKeyResponse + description: The iOS apps that are allowed to use the key. + V2BrowserKeyRestrictions: properties: - name: - description: >- - The resource name of the API key. If the API key has been purged, - resource name is empty. - type: string - parent: - type: string + allowedReferrers: + items: + type: string description: >- - The project that owns the key with the value specified in the - request. + A list of regular expressions for the referrer URLs that are allowed + to make API calls with this key. + type: array + description: The HTTP referrers (websites) that are allowed to use the key. type: object - V2AndroidKeyRestrictions: - id: V2AndroidKeyRestrictions + id: V2BrowserKeyRestrictions + V2ListKeysResponse: type: object + id: V2ListKeysResponse properties: - allowedApplications: + keys: type: array + description: A list of API keys. items: - $ref: '#/components/schemas/V2AndroidApplication' - description: >- - A list of Android applications that are allowed to make API calls - with this key. - description: The Android apps that are allowed to use the key. - Status: + $ref: '#/components/schemas/V2Key' + nextPageToken: + type: string + description: The pagination token for the next page of results. + description: Response message for `ListKeys` method. + V2UndeleteKeyRequest: + properties: {} type: object + id: V2UndeleteKeyRequest + description: Request message for `UndeleteKey` method. + Status: properties: message: - type: string description: >- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. + type: string + code: + format: int32 + type: integer + description: The status code, which should be an enum value of google.rpc.Code. details: items: additionalProperties: - description: Properties of the object. Contains field @type with type URL. type: any + description: Properties of the object. Contains field @type with type URL. type: object - type: array description: >- A list of messages that carry the error details. There is a common set of message types for APIs to use. - code: - format: int32 - description: The status code, which should be an enum value of google.rpc.Code. - type: integer + type: array + id: Status description: >- The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It @@ -203,57 +211,67 @@ components: details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). - id: Status - V2UndeleteKeyRequest: type: object - description: Request message for `UndeleteKey` method. - id: V2UndeleteKeyRequest - properties: {} - V2Restrictions: - id: V2Restrictions - description: Describes the restrictions on the key. + V2GetKeyStringResponse: + properties: + keyString: + type: string + description: An encrypted and signed value of the key. + type: object + id: V2GetKeyStringResponse + description: Response message for `GetKeyString` method. + V2AndroidApplication: type: object properties: - serverKeyRestrictions: - $ref: '#/components/schemas/V2ServerKeyRestrictions' - description: The IP addresses of callers that are allowed to use the key. - iosKeyRestrictions: - $ref: '#/components/schemas/V2IosKeyRestrictions' - description: The iOS apps that are allowed to use the key. - androidKeyRestrictions: - $ref: '#/components/schemas/V2AndroidKeyRestrictions' - description: The Android apps that are allowed to use the key. - browserKeyRestrictions: - description: The HTTP referrers (websites) that are allowed to use the key. - $ref: '#/components/schemas/V2BrowserKeyRestrictions' - apiTargets: + packageName: + description: The package name of the application. + type: string + sha1Fingerprint: description: >- - A restriction for a specific service and optionally one or more - specific methods. Requests are allowed if they match any of these - restrictions. If no restrictions are specified, all targets are - allowed. - type: array - items: - $ref: '#/components/schemas/V2ApiTarget' + The SHA1 fingerprint of the application. For example, both sha1 + formats are acceptable : + DA:39:A3:EE:5E:6B:4B:0D:32:55:BF:EF:95:60:18:90:AF:D8:07:09 or + DA39A3EE5E6B4B0D3255BFEF95601890AFD80709. Output format is the + latter. + type: string + description: Identifier of an Android application for key use. + id: V2AndroidApplication Operation: id: Operation + description: >- + This resource represents a long-running operation that is the result of + a network API call. properties: - error: - $ref: '#/components/schemas/Status' + metadata: description: >- - The error result of the operation in case of failure or - cancellation. + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. name: + type: string description: >- The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`. - type: string + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + error: + $ref: '#/components/schemas/Status' + description: >- + The error result of the operation in case of failure or + cancellation. response: - additionalProperties: - description: Properties of the object. Contains field @type with type URL. - type: any description: >- The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is @@ -264,137 +282,111 @@ components: original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. type: object - metadata: - type: object additionalProperties: - type: any description: Properties of the object. Contains field @type with type URL. + type: any + type: object + V2AndroidKeyRestrictions: + description: The Android apps that are allowed to use the key. + properties: + allowedApplications: description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean + A list of Android applications that are allowed to make API calls + with this key. + type: array + items: + $ref: '#/components/schemas/V2AndroidApplication' type: object - description: >- - This resource represents a long-running operation that is the result of - a network API call. - V2AndroidApplication: - description: Identifier of an Android application for key use. + id: V2AndroidKeyRestrictions + V2LookupKeyResponse: type: object - id: V2AndroidApplication + description: Response message for `LookupKey` method. properties: - packageName: - description: The package name of the application. + parent: type: string - sha1Fingerprint: description: >- - The SHA1 fingerprint of the application. For example, both sha1 - formats are acceptable : - DA:39:A3:EE:5E:6B:4B:0D:32:55:BF:EF:95:60:18:90:AF:D8:07:09 or - DA39A3EE5E6B4B0D3255BFEF95601890AFD80709. Output format is the - latter. + The project that owns the key with the value specified in the + request. + name: type: string - V2ApiTarget: - description: >- - A restriction for a specific service and optionally one or multiple - specific methods. Both fields are case insensitive. + description: >- + The resource name of the API key. If the API key has been purged, + resource name is empty. + id: V2LookupKeyResponse + V2Restrictions: + description: Describes the restrictions on the key. + type: object properties: - service: + browserKeyRestrictions: + $ref: '#/components/schemas/V2BrowserKeyRestrictions' + description: The HTTP referrers (websites) that are allowed to use the key. + apiTargets: description: >- - The service for this restriction. It should be the canonical service - name, for example: `translate.googleapis.com`. You can use [`gcloud - services - list`](https://cloud.google.com/sdk/gcloud/reference/services/list) - to get a list of services that are enabled in the project. - type: string - methods: + A restriction for a specific service and optionally one or more + specific methods. Requests are allowed if they match any of these + restrictions. If no restrictions are specified, all targets are + allowed. items: - type: string + $ref: '#/components/schemas/V2ApiTarget' type: array - description: >- - Optional. List of one or more methods that can be called. If empty, - all methods for the service are allowed. A wildcard (*) can be used - as the last symbol. Valid examples: - `google.cloud.translate.v2.TranslateService.GetSupportedLanguage` - `TranslateText` `Get*` `translate.googleapis.com.Get*` - type: object - id: V2ApiTarget + androidKeyRestrictions: + $ref: '#/components/schemas/V2AndroidKeyRestrictions' + description: The Android apps that are allowed to use the key. + serverKeyRestrictions: + description: The IP addresses of callers that are allowed to use the key. + $ref: '#/components/schemas/V2ServerKeyRestrictions' + iosKeyRestrictions: + description: The iOS apps that are allowed to use the key. + $ref: '#/components/schemas/V2IosKeyRestrictions' + id: V2Restrictions V2ServerKeyRestrictions: description: The IP addresses of callers that are allowed to use the key. - id: V2ServerKeyRestrictions properties: allowedIps: items: type: string - type: array description: >- A list of the caller IP addresses that are allowed to make API calls with this key. - type: object - V2ListKeysResponse: - id: V2ListKeysResponse - type: object - properties: - keys: type: array - items: - $ref: '#/components/schemas/V2Key' - description: A list of API keys. - nextPageToken: - description: The pagination token for the next page of results. - type: string - description: Response message for `ListKeys` method. + id: V2ServerKeyRestrictions + type: object parameters: - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string - access_token: - description: OAuth access token. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: access_token + name: quotaUser schema: type: string - callback: - description: JSONP + alt: + description: Data format for response. in: query - name: callback + name: alt schema: type: string + enum: + - json + - media + - proto prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: key + name: upload_protocol + schema: + type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields schema: type: string _.xgafv: @@ -406,31 +398,39 @@ components: enum: - '1' - '2' - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: quotaUser + name: uploadType schema: type: string - alt: - description: Data format for response. + access_token: + description: OAuth access token. in: query - name: alt + name: access_token + schema: + type: string + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key schema: type: string - enum: - - json - - media - - proto oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string + callback: + description: JSONP + in: query + name: callback + schema: + type: string x-stackQL-resources: keys: id: google.apikeys.keys @@ -443,49 +443,49 @@ components: response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1keys/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1keys~1{keysId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.keys - create: + delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1keys/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1keys~1{keysId}/delete response: mediaType: application/json openAPIDocKey: '200' - undelete: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1keys~1{keysId}:undelete/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1keys~1{keysId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + undelete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1keys~1{keysId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1keys~1{keysId}:undelete/post response: mediaType: application/json openAPIDocKey: '200' - delete: + create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1keys~1{keysId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1keys/post response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1keys~1{keysId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1keys/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.keys sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/keys/methods/get' @@ -538,17 +538,17 @@ components: paths: /v2/keys:lookupKey: parameters: &ref_1 + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/_.xgafv' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/callback' get: description: >- Find the parent project and resource name of the API key that matches @@ -577,30 +577,31 @@ paths: name: keyString schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/keys: + /v2/projects/{projectsId}/locations/{locationsId}/keys/{keysId}: parameters: *ref_1 - get: + patch: description: >- - Lists the API keys owned by a project. The key string of the API key - isn't included in the response. NOTE: Key is a global resource; hence - the only supported value for location is `global`. - operationId: apikeys.projects.locations.keys.list + Patches the modifiable fields of an API key. The key string of the API + key isn't included in the response. NOTE: Key is a global resource; + hence the only supported value for location is `global`. + operationId: apikeys.projects.locations.keys.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/V2Key' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/V2ListKeysResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -612,29 +613,23 @@ paths: required: true schema: type: string - - in: query - name: pageToken + - in: path + name: keysId + required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: showDeleted + name: updateMask schema: - type: boolean - post: + type: string + format: google-fieldmask + delete: description: >- - Creates a new API key. NOTE: Key is a global resource; hence the only - supported value for location is `global`. - operationId: apikeys.projects.locations.keys.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/V2Key' + Deletes an API key. Deleted key can be retrieved within 30 days of + deletion. Afterward, key will be purged from the project. NOTE: Key is a + global resource; hence the only supported value for location is + `global`. + operationId: apikeys.projects.locations.keys.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -658,35 +653,37 @@ paths: required: true schema: type: string + - in: path + name: keysId + required: true + schema: + type: string - in: query - name: keyId + name: etag schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/keys/{keysId}:undelete: - parameters: *ref_1 - post: + get: description: >- - Undeletes an API key which was deleted within 30 days. NOTE: Key is a - global resource; hence the only supported value for location is - `global`. - operationId: apikeys.projects.locations.keys.undelete - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/V2UndeleteKeyRequest' + Gets the metadata for an API key. The key string of the API key isn't + included in the response. NOTE: Key is a global resource; hence the only + supported value for location is `global`. + operationId: apikeys.projects.locations.keys.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/V2Key' parameters: - in: path name: projectsId @@ -703,14 +700,13 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/keys/{keysId}: + /v2/projects/{projectsId}/locations/{locationsId}/keys/{keysId}/keyString: parameters: *ref_1 get: description: >- - Gets the metadata for an API key. The key string of the API key isn't - included in the response. NOTE: Key is a global resource; hence the only - supported value for location is `global`. - operationId: apikeys.projects.locations.keys.get + Get the key string for an API key. NOTE: Key is a global resource; hence + the only supported value for location is `global`. + operationId: apikeys.projects.locations.keys.getKeyString security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -726,7 +722,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/V2Key' + $ref: '#/components/schemas/V2GetKeyStringResponse' parameters: - in: path name: projectsId @@ -743,13 +739,19 @@ paths: required: true schema: type: string - delete: + /v2/projects/{projectsId}/locations/{locationsId}/keys/{keysId}:undelete: + parameters: *ref_1 + post: description: >- - Deletes an API key. Deleted key can be retrieved within 30 days of - deletion. Afterward, key will be purged from the project. NOTE: Key is a + Undeletes an API key which was deleted within 30 days. NOTE: Key is a global resource; hence the only supported value for location is `global`. - operationId: apikeys.projects.locations.keys.delete + operationId: apikeys.projects.locations.keys.undelete + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/V2UndeleteKeyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -778,16 +780,13 @@ paths: required: true schema: type: string - - in: query - name: etag - schema: - type: string - patch: + /v2/projects/{projectsId}/locations/{locationsId}/keys: + parameters: *ref_1 + post: description: >- - Patches the modifiable fields of an API key. The key string of the API - key isn't included in the response. NOTE: Key is a global resource; - hence the only supported value for location is `global`. - operationId: apikeys.projects.locations.keys.patch + Creates a new API key. NOTE: Key is a global resource; hence the only + supported value for location is `global`. + operationId: apikeys.projects.locations.keys.create requestBody: content: application/json: @@ -816,23 +815,16 @@ paths: required: true schema: type: string - - in: path - name: keysId - required: true - schema: - type: string - in: query - name: updateMask + name: keyId schema: type: string - format: google-fieldmask - /v2/projects/{projectsId}/locations/{locationsId}/keys/{keysId}/keyString: - parameters: *ref_1 get: description: >- - Get the key string for an API key. NOTE: Key is a global resource; hence + Lists the API keys owned by a project. The key string of the API key + isn't included in the response. NOTE: Key is a global resource; hence the only supported value for location is `global`. - operationId: apikeys.projects.locations.keys.getKeyString + operationId: apikeys.projects.locations.keys.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -848,7 +840,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/V2GetKeyStringResponse' + $ref: '#/components/schemas/V2ListKeysResponse' parameters: - in: path name: projectsId @@ -860,11 +852,19 @@ paths: required: true schema: type: string - - in: path - name: keysId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string + - in: query + name: showDeleted + schema: + type: boolean /v2/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/apim.yaml b/providers/src/googleapis.com/v00.00.00000/services/apim.yaml index 0b63ce65..d48a509c 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/apim.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/apim.yaml @@ -9,8 +9,8 @@ info: Enables users to discover shadow APIs in existing Google Cloud infrastructure. version: v1alpha - x-discovery-doc-revision: '20250820' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251203' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/apigee/ servers: @@ -51,6 +51,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -1332,6 +1341,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1alpha/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/appengine.yaml b/providers/src/googleapis.com/v00.00.00000/services/appengine.yaml index c923005d..b0d2f247 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/appengine.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/appengine.yaml @@ -7,8 +7,8 @@ info: title: App Engine Admin API description: Provisions and manages developers' App Engine applications. version: v1 - x-discovery-doc-revision: '20250824' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251110' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/appengine/docs/admin-api/ servers: @@ -53,6 +53,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets ListOperationsRequest.return_partial_success and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -2122,14 +2131,16 @@ components: properties: name: description: >- - Full path to the AuthorizedCertificate resource in the API. Example: - apps/myapp/authorizedCertificates/12345.@OutputOnly + Output only. Full path to the AuthorizedCertificate resource in the + API. Example: apps/myapp/authorizedCertificates/12345.@OutputOnly + readOnly: true type: string id: description: >- - Relative name of the certificate. This is a unique value - autogenerated on AuthorizedCertificate resource creation. Example: - 12345.@OutputOnly + Output only. Relative name of the certificate. This is a unique + value autogenerated on AuthorizedCertificate resource creation. + Example: 12345.@OutputOnly + readOnly: true type: string displayName: description: >- @@ -2138,9 +2149,10 @@ components: type: string domainNames: description: >- - Topmost applicable domains of this certificate. This certificate - applies to these domains and their subdomains. Example: + Output only. Topmost applicable domains of this certificate. This + certificate applies to these domains and their subdomains. Example: example.com.@OutputOnly + readOnly: true type: array items: type: string @@ -2167,14 +2179,15 @@ components: $ref: '#/components/schemas/ManagedCertificate' visibleDomainMappings: description: >- - The full paths to user visible Domain Mapping resources that have - this certificate mapped. Example: + Output only. The full paths to user visible Domain Mapping resources + that have this certificate mapped. Example: apps/myapp/domainMappings/example.com.This may not represent the full list of mapped domain mappings if the user does not have VIEWER permissions on all of the applications that have this certificate mapped. See domain_mappings_count for a complete count.Only returned by GET or LIST requests when specifically requested by the view=FULL_CERTIFICATE option.@OutputOnly + readOnly: true type: array items: type: string @@ -2278,8 +2291,9 @@ components: properties: name: description: >- - Full path to the DomainMapping resource in the API. Example: - apps/myapp/domainMapping/example.com.@OutputOnly + Output only. Full path to the DomainMapping resource in the API. + Example: apps/myapp/domainMapping/example.com.@OutputOnly + readOnly: true type: string id: description: >- @@ -2293,9 +2307,11 @@ components: $ref: '#/components/schemas/SslSettings' resourceRecords: description: >- - The resource records required to configure this domain mapping. - These records must be added to the domain's DNS configuration in - order to serve the application via this domain mapping.@OutputOnly + Output only. The resource records required to configure this domain + mapping. These records must be added to the domain's DNS + configuration in order to serve the application via this domain + mapping.@OutputOnly + readOnly: true type: array items: $ref: '#/components/schemas/ResourceRecord' @@ -2336,14 +2352,15 @@ components: - MANUAL pendingManagedCertificateId: description: >- - ID of the managed AuthorizedCertificate resource currently being - provisioned, if applicable. Until the new managed certificate has - been successfully provisioned, the previous SSL state will be - preserved. Once the provisioning process completes, the - certificate_id field will reflect the new managed certificate and - this field will be left empty. To remove SSL support while there is - still a pending managed certificate, clear the certificate_id field - with an UpdateDomainMappingRequest.@OutputOnly + Output only. ID of the managed AuthorizedCertificate resource + currently being provisioned, if applicable. Until the new managed + certificate has been successfully provisioned, the previous SSL + state will be preserved. Once the provisioning process completes, + the certificate_id field will reflect the new managed certificate + and this field will be left empty. To remove SSL support while there + is still a pending managed certificate, clear the certificate_id + field with an UpdateDomainMappingRequest.@OutputOnly + readOnly: true type: string ResourceRecord: id: ResourceRecord @@ -3430,7 +3447,8 @@ components: methods: list: operation: - $ref: '#/paths/~1v1~1apps~1{appsId}~1domainMappings/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1domainMappings/get response: mediaType: application/json openAPIDocKey: '200' @@ -3452,14 +3470,14 @@ components: patch: operation: $ref: >- - #/paths/~1v1~1apps~1{appsId}~1domainMappings~1{domainMappingsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1domainMappings~1{domainMappingsId}/patch response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1apps~1{appsId}~1domainMappings~1{domainMappingsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1domainMappings~1{domainMappingsId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -3732,6 +3750,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/apps/{appsId}/operations/{operationsId}: parameters: *ref_1 get: @@ -5563,6 +5585,99 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}/domainMappings: + parameters: *ref_1 + get: + description: Lists the domain mappings on an application. + operationId: appengine.projects.locations.applications.domainMappings.list + security: + - Oauth2: + - https://www.googleapis.com/auth/appengine.admin + Oauth2c: + - https://www.googleapis.com/auth/appengine.admin + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListDomainMappingsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: applicationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + post: + description: >- + Maps a domain to an application. A user must be authorized to administer + a domain in order to map it to an application. For a list of available + authorized domains, see AuthorizedDomains.ListAuthorizedDomains. + operationId: appengine.projects.locations.applications.domainMappings.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DomainMapping' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: applicationsId + required: true + schema: + type: string + - in: query + name: overrideStrategy + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}/domainMappings/{domainMappingsId}: parameters: *ref_1 get: @@ -5609,14 +5724,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}/domainMappings: - parameters: *ref_1 - post: + patch: description: >- - Maps a domain to an application. A user must be authorized to administer - a domain in order to map it to an application. For a list of available - authorized domains, see AuthorizedDomains.ListAuthorizedDomains. - operationId: appengine.projects.locations.applications.domainMappings.create + Updates the specified domain mapping. To map an SSL certificate to a + domain mapping, update certificate_id to point to an + AuthorizedCertificate resource. A user must be authorized to administer + the associated domain in order to update a DomainMapping resource. + operationId: appengine.projects.locations.applications.domainMappings.patch requestBody: content: application/json: @@ -5650,7 +5764,52 @@ paths: required: true schema: type: string + - in: path + name: domainMappingsId + required: true + schema: + type: string - in: query - name: overrideStrategy + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: >- + Deletes the specified domain mapping. A user must be authorized to + administer the associated domain in order to delete a DomainMapping + resource. + operationId: appengine.projects.locations.applications.domainMappings.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: applicationsId + required: true + schema: + type: string + - in: path + name: domainMappingsId + required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/apphub.yaml b/providers/src/googleapis.com/v00.00.00000/services/apphub.yaml index c717c7ed..38a411f1 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/apphub.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/apphub.yaml @@ -7,8 +7,8 @@ info: title: App Hub API description: '' version: v1 - x-discovery-doc-revision: '20250820' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251114' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/app-hub/docs/ servers: @@ -34,125 +34,18 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + TestIamPermissionsResponse: type: object + id: TestIamPermissionsResponse properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array + permissions: items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + type: string type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - LookupServiceProjectAttachmentResponse: - id: LookupServiceProjectAttachmentResponse - description: Response for LookupServiceProjectAttachment. - type: object - properties: - serviceProjectAttachment: - description: Service project attachment for a project if exists, empty otherwise. - $ref: '#/components/schemas/ServiceProjectAttachment' + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + description: Response message for `TestIamPermissions` method. ServiceProjectAttachment: id: ServiceProjectAttachment description: >- @@ -164,31 +57,12 @@ components: projects. type: object properties: - name: - description: >- - Identifier. The resource name of a ServiceProjectAttachment. Format: - `"projects/{host-project-id}/locations/global/serviceProjectAttachments/{service-project-id}."` - type: string - serviceProject: - description: >- - Required. Immutable. Service project name in the format: - `"projects/abc"` or `"projects/123"`. As input, project name with - either project id or number are accepted. As output, this field will - contain project number. - type: string createTime: - description: Output only. Create time. readOnly: true - type: string format: google-datetime - uid: - description: >- - Output only. A globally unique identifier (in UUID4 format) for the - `ServiceProjectAttachment`. - readOnly: true type: string + description: Output only. Create time. state: - description: Output only. ServiceProjectAttachment state. readOnly: true type: string enumDescriptions: @@ -199,275 +73,138 @@ components: Workloads under the corresponding ServiceProjectAttachment is ready for registration. - The ServiceProjectAttachment is being deleted. + description: Output only. ServiceProjectAttachment state. enum: - STATE_UNSPECIFIED - CREATING - ACTIVE - DELETING - ListServiceProjectAttachmentsResponse: - id: ListServiceProjectAttachmentsResponse - description: Response for ListServiceProjectAttachments. - type: object - properties: - serviceProjectAttachments: - description: List of service project attachments. - type: array - items: - $ref: '#/components/schemas/ServiceProjectAttachment' - nextPageToken: - description: A token identifying a page of results the server should return. + name: type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - DetachServiceProjectAttachmentRequest: - id: DetachServiceProjectAttachmentRequest - description: Request for DetachServiceProjectAttachment. - type: object - properties: {} + description: >- + Identifier. The resource name of a ServiceProjectAttachment. Format: + `"projects/{host-project-id}/locations/global/serviceProjectAttachments/{service-project-id}."` + serviceProject: + description: >- + Required. Immutable. Service project name in the format: + `"projects/abc"` or `"projects/123"`. As input, project name with + either project id or number are accepted. As output, this field will + contain project number. + type: string + uid: + type: string + description: >- + Output only. A globally unique identifier (in UUID4 format) for the + `ServiceProjectAttachment`. + readOnly: true DetachServiceProjectAttachmentResponse: - id: DetachServiceProjectAttachmentResponse description: Response for DetachServiceProjectAttachment. - type: object properties: {} - ListDiscoveredServicesResponse: - id: ListDiscoveredServicesResponse - description: Response for ListDiscoveredServices. type: object - properties: - discoveredServices: - description: List of Discovered Services. - type: array - items: - $ref: '#/components/schemas/DiscoveredService' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - DiscoveredService: - id: DiscoveredService - description: >- - DiscoveredService is a network or API interface that exposes some - functionality to clients for consumption over the network. A discovered - service can be registered to a App Hub service. + id: DetachServiceProjectAttachmentResponse + LookupServiceProjectAttachmentResponse: type: object + description: Response for LookupServiceProjectAttachment. properties: - name: - description: >- - Identifier. The resource name of the discovered service. Format: - `"projects/{host-project-id}/locations/{location}/discoveredServices/{uuid}"` - type: string - serviceReference: - description: >- - Output only. Reference to an underlying networking resource that can - comprise a Service. These are immutable. - readOnly: true - $ref: '#/components/schemas/ServiceReference' - serviceProperties: - description: >- - Output only. Properties of an underlying compute resource that can - comprise a Service. These are immutable. - readOnly: true - $ref: '#/components/schemas/ServiceProperties' - ServiceReference: - id: ServiceReference - description: >- - Reference to an underlying networking resource that can comprise a - Service. - type: object + serviceProjectAttachment: + description: Service project attachment for a project if exists, empty otherwise. + $ref: '#/components/schemas/ServiceProjectAttachment' + id: LookupServiceProjectAttachmentResponse + Identity: + id: Identity + description: The identity associated with a service or workload. properties: - uri: - description: >- - Output only. The underlying resource URI. For example, URI of - Forwarding Rule, URL Map, and Backend Service. + principal: readOnly: true + description: >- + Output only. Principal of the identity. Supported formats: * + `sa://my-sa@xxxx.iam.gserviceaccount.com` for GCP Service Account * + `principal://POOL_ID.global.PROJECT_NUMBER.workload.id.goog/ns/NAMESPACE_ID/sa/MANAGED_IDENTITY_ID` + for Managed Workload Identity type: string - ServiceProperties: - id: ServiceProperties - description: Properties of an underlying cloud resource that can comprise a Service. type: object + ReconciliationOperationMetadata: + type: object + description: >- + Operation metadata returned by the CLH during resource state + reconciliation. properties: - gcpProject: - description: >- - Output only. The service project identifier that the underlying - cloud resource resides in. - readOnly: true - type: string - location: - description: >- - Output only. The location that the underlying resource resides in, - for example, us-west1. - readOnly: true - type: string - zone: - description: >- - Output only. The location that the underlying resource resides in if - it is zonal, for example, us-west1-a). - readOnly: true - type: string - LookupDiscoveredServiceResponse: - id: LookupDiscoveredServiceResponse - description: Response for LookupDiscoveredService. - type: object - properties: - discoveredService: - description: Discovered Service if exists, empty otherwise. - $ref: '#/components/schemas/DiscoveredService' - ListServicesResponse: - id: ListServicesResponse - description: Response for ListServices. - type: object - properties: - services: - description: List of Services. - type: array - items: - $ref: '#/components/schemas/Service' - nextPageToken: - description: A token identifying a page of results the server should return. + deleteResource: + description: DEPRECATED. Use exclusive_action instead. + deprecated: true + type: boolean + exclusiveAction: type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - Service: - id: Service - description: >- - Service is an App Hub data model that contains a discovered service, - which represents a network or API interface that exposes some - functionality to clients for consumption over the network. - type: object + enum: + - UNKNOWN_REPAIR_ACTION + - DELETE + - RETRY + description: Excluisive action returned by the CLH. + enumDescriptions: + - Unknown repair action. + - >- + The resource has to be deleted. When using this bit, the CLH + should fail the operation. DEPRECATED. Instead use DELETE_RESOURCE + OperationSignal in SideChannel. + - >- + This resource could not be repaired but the repair should be tried + again at a later time. This can happen if there is a dependency + that needs to be resolved first- e.g. if a parent resource must be + repaired before a child resource. + enumDeprecated: + - false + - true + - false + id: ReconciliationOperationMetadata + Boundary: + id: Boundary + description: Application management boundary. properties: name: - description: >- - Identifier. The resource name of a Service. Format: - `"projects/{host-project-id}/locations/{location}/applications/{application-id}/services/{service-id}"` - type: string - displayName: - description: >- - Optional. User-defined name for the Service. Can have a maximum - length of 63 characters. type: string - description: - description: >- - Optional. User-defined description of a Service. Can have a maximum - length of 2048 characters. - type: string - serviceReference: - description: >- - Output only. Reference to an underlying networking resource that can - comprise a Service. These are immutable. - readOnly: true - $ref: '#/components/schemas/ServiceReference' - serviceProperties: - description: >- - Output only. Properties of an underlying compute resource that can - comprise a Service. These are immutable. - readOnly: true - $ref: '#/components/schemas/ServiceProperties' - attributes: - description: Optional. Consumer provided attributes. - $ref: '#/components/schemas/Attributes' - discoveredService: description: >- - Required. Immutable. The resource name of the original discovered - service. + Identifier. The resource name of the boundary. Format: + "projects/{project}/locations/{location}/boundary" + type: + enum: + - TYPE_UNSPECIFIED + - AUTOMATIC + - MANUAL + - MANAGED_AUTOMATIC type: string - createTime: - description: Output only. Create time. + enumDescriptions: + - Unspecified type. + - >- + The Boundary automatically includes all descendants of the CRM + node. + - The list of projects within the Boundary is managed by the user. + - >- + The Boundary automatically includes all descendants of the CRM + node, which is set via App Management folder capability. + description: Output only. Boundary type. readOnly: true + crmNode: type: string - format: google-datetime + description: >- + Optional. The resource name of the CRM node being attached to the + boundary. Format: `projects/{project-number}` or + `projects/{project-id}` updateTime: - description: Output only. Update time. - readOnly: true type: string format: google-datetime - uid: - description: >- - Output only. A universally unique identifier (UUID) for the - `Service` in the UUID4 format. + description: Output only. Update time. readOnly: true - type: string - state: - description: Output only. Service state. + createTime: readOnly: true type: string - enumDescriptions: - - Unspecified state. - - The service is being created. - - The service is ready. - - The service is being deleted. - - The underlying networking resources have been deleted. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - - DETACHED - Attributes: - id: Attributes - description: Consumer provided attributes. - type: object - properties: - criticality: - description: Optional. User-defined criticality information. - $ref: '#/components/schemas/Criticality' - environment: - description: Optional. User-defined environment information. - $ref: '#/components/schemas/Environment' - developerOwners: - description: Optional. Developer team that owns development and coding. - type: array - items: - $ref: '#/components/schemas/ContactInfo' - operatorOwners: - description: Optional. Operator team that ensures runtime and operations. - type: array - items: - $ref: '#/components/schemas/ContactInfo' - businessOwners: - description: >- - Optional. Business team that ensures user needs are met and value is - delivered - type: array - items: - $ref: '#/components/schemas/ContactInfo' - Criticality: - id: Criticality - description: Criticality of the Application, Service, or Workload + format: google-datetime + description: Output only. Create time. type: object - properties: - type: - description: Required. Criticality Type. - type: string - enumDescriptions: - - Unspecified type. - - Mission critical service, application or workload. - - High impact. - - Medium impact. - - Low impact. - enum: - - TYPE_UNSPECIFIED - - MISSION_CRITICAL - - HIGH - - MEDIUM - - LOW Environment: - id: Environment - description: Environment of the Application, Service, or Workload type: object + id: Environment properties: type: - description: Required. Environment Type. - type: string enumDescriptions: - Unspecified type. - Production environment. @@ -480,9 +217,10 @@ components: - STAGING - TEST - DEVELOPMENT + description: Required. Environment Type. + type: string + description: Environment of the Application, Service, or Workload ContactInfo: - id: ContactInfo - description: Contact information of stakeholders. type: object properties: displayName: @@ -491,286 +229,292 @@ components: characters. type: string email: - description: Required. Email address of the contacts. type: string - ListDiscoveredWorkloadsResponse: - id: ListDiscoveredWorkloadsResponse - description: Response for ListDiscoveredWorkloads. - type: object + description: Required. Email address of the contacts. + description: Contact information of stakeholders. + id: ContactInfo + ListServicesResponse: + description: Response for ListServices. properties: - discoveredWorkloads: - description: List of Discovered Workloads. - type: array - items: - $ref: '#/components/schemas/DiscoveredWorkload' nextPageToken: - description: A token identifying a page of results the server should return. type: string - unreachable: - description: Locations that could not be reached. + description: A token identifying a page of results the server should return. + services: + description: List of Services. type: array + items: + $ref: '#/components/schemas/Service' + unreachable: items: type: string - DiscoveredWorkload: - id: DiscoveredWorkload - description: >- - DiscoveredWorkload is a binary deployment (such as managed instance - groups (MIGs) and GKE deployments) that performs the smallest logical - subset of business functionality. A discovered workload can be - registered to an App Hub Workload. + description: Locations that could not be reached. + type: array + id: ListServicesResponse + type: object + WorkloadProperties: + id: WorkloadProperties type: object properties: - name: + identity: + $ref: '#/components/schemas/Identity' + readOnly: true + description: Output only. The identity associated with the workload. + location: description: >- - Identifier. The resource name of the discovered workload. Format: - `"projects/{host-project-id}/locations/{location}/discoveredWorkloads/{uuid}"` + Output only. The location that the underlying compute resource + resides in (for example, us-west1). + readOnly: true type: string - workloadReference: - description: >- - Output only. Reference of an underlying compute resource represented - by the Workload. These are immutable. + extendedMetadata: + type: object readOnly: true - $ref: '#/components/schemas/WorkloadReference' - workloadProperties: description: >- - Output only. Properties of an underlying compute resource - represented by the Workload. These are immutable. - readOnly: true - $ref: '#/components/schemas/WorkloadProperties' - WorkloadReference: - id: WorkloadReference - description: Reference of an underlying compute resource represented by the Workload. - type: object - properties: - uri: - description: Output only. The underlying compute resource uri. + Output only. Additional metadata specific to the resource type. The + key is a string that identifies the type of metadata and the value + is the metadata contents specific to that type. Key format: + `apphub.googleapis.com/{metadataType}` + additionalProperties: + $ref: '#/components/schemas/ExtendedMetadata' + gcpProject: + description: >- + Output only. The service project identifier that the underlying + cloud resource resides in. Empty for non-cloud resources. readOnly: true type: string - WorkloadProperties: - id: WorkloadProperties - description: >- - Properties of an underlying compute resource represented by the - Workload. - type: object - properties: - gcpProject: - description: >- - Output only. The service project identifier that the underlying - cloud resource resides in. Empty for non-cloud resources. - readOnly: true + zone: type: string - location: - description: >- - Output only. The location that the underlying compute resource - resides in (for example, us-west1). readOnly: true - type: string - zone: description: >- Output only. The location that the underlying compute resource resides in if it is zonal (for example, us-west1-a). + functionalType: readOnly: true - type: string - LookupDiscoveredWorkloadResponse: - id: LookupDiscoveredWorkloadResponse - description: Response for LookupDiscoveredWorkload. - type: object - properties: - discoveredWorkload: - description: Discovered Workload if exists, empty otherwise. - $ref: '#/components/schemas/DiscoveredWorkload' - ListWorkloadsResponse: - id: ListWorkloadsResponse - description: Response for ListWorkloads. + description: Output only. The type of the workload. + $ref: '#/components/schemas/FunctionalType' + description: >- + Properties of an underlying compute resource represented by the + Workload. + RegistrationType: + id: RegistrationType + description: The registration type of a service. type: object properties: - workloads: - description: List of Workloads. - type: array - items: - $ref: '#/components/schemas/Workload' - nextPageToken: - description: A token identifying a page of results the server should return. + type: + readOnly: true + enum: + - TYPE_UNSPECIFIED + - EXCLUSIVE + - SHARED type: string - unreachable: - description: Locations that could not be reached. + description: Output only. The registration type of a service. + enumDescriptions: + - Unspecified registration type. Defaults to EXCLUSIVE. + - The service can only be registered to one application. + - The service can be registered to multiple applications. + TestIamPermissionsRequest: + id: TestIamPermissionsRequest + description: Request message for `TestIamPermissions` method. + properties: + permissions: type: array + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). items: type: string - Workload: - id: Workload + type: object + Empty: description: >- - Workload is an App Hub data model that contains a discovered workload, - which represents a binary deployment (such as managed instance groups - (MIGs) and GKE deployments) that performs the smallest logical subset of - business functionality. + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: Empty type: object + properties: {} + Attributes: + id: Attributes properties: - name: - description: >- - Identifier. The resource name of the Workload. Format: - `"projects/{host-project-id}/locations/{location}/applications/{application-id}/workloads/{workload-id}"` - type: string - displayName: - description: >- - Optional. User-defined name for the Workload. Can have a maximum - length of 63 characters. - type: string - description: - description: >- - Optional. User-defined description of a Workload. Can have a maximum - length of 2048 characters. - type: string - workloadReference: - description: >- - Output only. Reference of an underlying compute resource represented - by the Workload. These are immutable. - readOnly: true - $ref: '#/components/schemas/WorkloadReference' - workloadProperties: - description: >- - Output only. Properties of an underlying compute resource - represented by the Workload. These are immutable. - readOnly: true - $ref: '#/components/schemas/WorkloadProperties' - discoveredWorkload: - description: >- - Required. Immutable. The resource name of the original discovered - workload. - type: string - attributes: - description: Optional. Consumer provided attributes. - $ref: '#/components/schemas/Attributes' - createTime: - description: Output only. Create time. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Update time. - readOnly: true - type: string - format: google-datetime - uid: + operatorOwners: + description: Optional. Operator team that ensures runtime and operations. + items: + $ref: '#/components/schemas/ContactInfo' + type: array + developerOwners: + description: Optional. Developer team that owns development and coding. + type: array + items: + $ref: '#/components/schemas/ContactInfo' + environment: + $ref: '#/components/schemas/Environment' + description: Optional. User-defined environment information. + businessOwners: + items: + $ref: '#/components/schemas/ContactInfo' + type: array description: >- - Output only. A universally unique identifier (UUID) for the - `Workload` in the UUID4 format. - readOnly: true - type: string - state: - description: Output only. Workload state. - readOnly: true - type: string - enumDescriptions: - - Unspecified state. - - The Workload is being created. - - The Workload is ready. - - The Workload is being deleted. - - The underlying compute resources have been deleted. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - - DETACHED - ListApplicationsResponse: - id: ListApplicationsResponse - description: Response for ListApplications. + Optional. Business team that ensures user needs are met and value is + delivered + criticality: + description: Optional. User-defined criticality information. + $ref: '#/components/schemas/Criticality' + description: Consumer provided attributes. + type: object + ListDiscoveredServicesResponse: + description: Response for ListDiscoveredServices. type: object properties: - applications: - description: List of Applications. + unreachable: + items: + type: string type: array + description: Locations that could not be reached. + discoveredServices: items: - $ref: '#/components/schemas/Application' + $ref: '#/components/schemas/DiscoveredService' + description: List of Discovered Services. + type: array nextPageToken: - description: A token identifying a page of results the server should return. type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - Application: - id: Application - description: >- - Application defines the governance boundary for App Hub entities that - perform a logical end-to-end business function. App Hub supports - application level IAM permission to align with governance requirements. + description: A token identifying a page of results the server should return. + id: ListDiscoveredServicesResponse + SetIamPolicyRequest: type: object + id: SetIamPolicyRequest + description: Request message for `SetIamPolicy` method. properties: - name: - description: >- - Identifier. The resource name of an Application. Format: - `"projects/{host-project-id}/locations/{location}/applications/{application-id}"` - type: string - displayName: + policy: description: >- - Optional. User-defined name for the Application. Can have a maximum - length of 63 characters. - type: string - description: + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' + updateMask: description: >- - Optional. User-defined description of an Application. Can have a - maximum length of 2048 characters. + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` type: string - attributes: - description: Optional. Consumer provided attributes. - $ref: '#/components/schemas/Attributes' - createTime: - description: Output only. Create time. + format: google-fieldmask + ExtendedMetadata: + type: object + properties: + metadataStruct: + description: Output only. The metadata contents. + additionalProperties: + description: Properties of the object. + type: any + type: object readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Update time. + description: Additional metadata for a Service or Workload. + id: ExtendedMetadata + ServiceReference: + properties: + uri: readOnly: true type: string - format: google-datetime - scope: description: >- - Required. Immutable. Defines what data can be included into this - Application. Limits which Services and Workloads can be registered. - $ref: '#/components/schemas/Scope' - uid: - description: >- - Output only. A universally unique identifier (in UUID4 format) for - the `Application`. - readOnly: true - type: string - state: - description: Output only. Application state. - readOnly: true - type: string - enumDescriptions: - - Unspecified state. - - The Application is being created. - - The Application is ready to register Services and Workloads. - - The Application is being deleted. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - Scope: - id: Scope - description: Scope of an application. + Output only. The underlying resource URI. For example, URI of + Forwarding Rule, URL Map, and Backend Service. + id: ServiceReference + type: object + description: >- + Reference to an underlying networking resource that can comprise a + Service. + Binding: + id: Binding + description: Associates `members`, or principals, with a `role`. type: object properties: - type: - description: Required. Scope Type. + members: + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + type: array + items: + type: string + condition: + $ref: '#/components/schemas/Expr' + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + role: + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). type: string - enumDescriptions: - - Unspecified type. - - Regional type. - - Global type. - enum: - - TYPE_UNSPECIFIED - - REGIONAL - - GLOBAL ListLocationsResponse: id: ListLocationsResponse - description: The response message for Locations.ListLocations. type: object properties: locations: @@ -781,64 +525,20 @@ components: items: $ref: '#/components/schemas/Location' nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. + description: The standard List next-page token. + description: The response message for Locations.ListLocations. + WorkloadReference: type: object + id: WorkloadReference + description: Reference of an underlying compute resource represented by the Workload. properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: - description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` + uri: + description: Output only. The underlying compute resource uri. type: string - format: google-fieldmask + readOnly: true Policy: - id: Policy + type: object description: >- An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of @@ -873,9 +573,10 @@ components: timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). - type: object + id: Policy properties: version: + type: integer description: >- Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any @@ -893,9 +594,9 @@ components: specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer format: int32 bindings: + type: array description: >- Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when @@ -906,15 +607,16 @@ components: For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`. - type: array items: $ref: '#/components/schemas/Binding' auditConfigs: description: Specifies cloud audit logging configuration for this policy. - type: array items: $ref: '#/components/schemas/AuditConfig' + type: array etag: + format: byte + type: string description: >- `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each @@ -928,98 +630,513 @@ components: `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. - type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + Status: + id: Status type: object + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). properties: - role: + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer + details: description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: array + message: type: string - members: description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + ListDiscoveredWorkloadsResponse: + properties: + nextPageToken: + type: string + description: A token identifying a page of results the server should return. + discoveredWorkloads: + items: + $ref: '#/components/schemas/DiscoveredWorkload' + type: array + description: List of Discovered Workloads. + unreachable: + type: array + description: Locations that could not be reached. + items: + type: string + id: ListDiscoveredWorkloadsResponse + description: Response for ListDiscoveredWorkloads. + type: object + DiscoveredWorkload: + description: >- + DiscoveredWorkload is a binary deployment (such as managed instance + groups (MIGs) and GKE deployments) that performs the smallest logical + subset of business functionality. A discovered workload can be + registered to an App Hub Workload. + properties: + name: + description: >- + Identifier. The resource name of the discovered workload. Format: + `"projects/{host-project-id}/locations/{location}/discoveredWorkloads/{uuid}"` + type: string + workloadProperties: + description: >- + Output only. Properties of an underlying compute resource + represented by the Workload. These are immutable. + $ref: '#/components/schemas/WorkloadProperties' + readOnly: true + workloadReference: + description: >- + Output only. Reference of an underlying compute resource represented + by the Workload. These are immutable. + readOnly: true + $ref: '#/components/schemas/WorkloadReference' + id: DiscoveredWorkload + type: object + Workload: + description: >- + Workload is an App Hub data model that contains a discovered workload, + which represents a binary deployment (such as managed instance groups + (MIGs) and GKE deployments) that performs the smallest logical subset of + business functionality. + type: object + properties: + uid: + description: >- + Output only. A universally unique identifier (UUID) for the + `Workload` in the UUID4 format. + type: string + readOnly: true + workloadReference: + readOnly: true + $ref: '#/components/schemas/WorkloadReference' + description: >- + Output only. Reference of an underlying compute resource represented + by the Workload. These are immutable. + workloadProperties: + readOnly: true + description: >- + Output only. Properties of an underlying compute resource + represented by the Workload. These are immutable. + $ref: '#/components/schemas/WorkloadProperties' + name: + type: string + description: >- + Identifier. The resource name of the Workload. Format: + `"projects/{host-project-id}/locations/{location}/applications/{application-id}/workloads/{workload-id}"` + attributes: + description: Optional. Consumer provided attributes. + $ref: '#/components/schemas/Attributes' + updateTime: + format: google-datetime + description: Output only. Update time. + type: string + readOnly: true + createTime: + type: string + description: Output only. Create time. + format: google-datetime + readOnly: true + state: + readOnly: true + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + - DETACHED + type: string + description: Output only. Workload state. + enumDescriptions: + - Unspecified state. + - The Workload is being created. + - The Workload is ready. + - The Workload is being deleted. + - The underlying compute resources have been deleted. + displayName: + description: >- + Optional. User-defined name for the Workload. Can have a maximum + length of 63 characters. + type: string + description: + type: string + description: >- + Optional. User-defined description of a Workload. Can have a maximum + length of 2048 characters. + discoveredWorkload: + description: >- + Required. Immutable. The resource name of the original discovered + workload. + type: string + id: Workload + LookupDiscoveredWorkloadResponse: + description: Response for LookupDiscoveredWorkload. + properties: + discoveredWorkload: + description: Discovered Workload if exists, empty otherwise. + $ref: '#/components/schemas/DiscoveredWorkload' + type: object + id: LookupDiscoveredWorkloadResponse + Service: + description: >- + Service is an App Hub data model that contains a discovered service, + which represents a network or API interface that exposes some + functionality to clients for consumption over the network. + type: object + id: Service + properties: + updateTime: + readOnly: true + format: google-datetime + description: Output only. Update time. + type: string + attributes: + description: Optional. Consumer provided attributes. + $ref: '#/components/schemas/Attributes' + serviceReference: + description: >- + Output only. Reference to an underlying networking resource that can + comprise a Service. These are immutable. + $ref: '#/components/schemas/ServiceReference' + readOnly: true + displayName: + type: string + description: >- + Optional. User-defined name for the Service. Can have a maximum + length of 63 characters. + createTime: + type: string + format: google-datetime + description: Output only. Create time. + readOnly: true + uid: + type: string + readOnly: true + description: >- + Output only. A universally unique identifier (UUID) for the + `Service` in the UUID4 format. + state: + readOnly: true + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + - DETACHED + enumDescriptions: + - Unspecified state. + - The service is being created. + - The service is ready. + - The service is being deleted. + - The underlying networking resources have been deleted. + type: string + description: Output only. Service state. + name: + description: >- + Identifier. The resource name of a Service. Format: + `"projects/{host-project-id}/locations/{location}/applications/{application-id}/services/{service-id}"` + type: string + serviceProperties: + readOnly: true + $ref: '#/components/schemas/ServiceProperties' + description: >- + Output only. Properties of an underlying compute resource that can + comprise a Service. These are immutable. + discoveredService: + description: >- + Required. Immutable. The resource name of the original discovered + service. + type: string + description: + type: string + description: >- + Optional. User-defined description of a Service. Can have a maximum + length of 2048 characters. + ServiceProperties: + properties: + functionalType: + readOnly: true + description: Output only. The type of the service. + $ref: '#/components/schemas/FunctionalType' + identity: + $ref: '#/components/schemas/Identity' + readOnly: true + description: Output only. The identity associated with the service. + gcpProject: + type: string + readOnly: true + description: >- + Output only. The service project identifier that the underlying + cloud resource resides in. + extendedMetadata: + additionalProperties: + $ref: '#/components/schemas/ExtendedMetadata' + readOnly: true + type: object + description: >- + Output only. Additional metadata specific to the resource type. The + key is a string that identifies the type of metadata and the value + is the metadata contents specific to that type. Key format: + `apphub.googleapis.com/{metadataType}` + zone: + readOnly: true + description: >- + Output only. The location that the underlying resource resides in if + it is zonal, for example, us-west1-a). + type: string + registrationType: + readOnly: true + description: Output only. The registration type of the service. + $ref: '#/components/schemas/RegistrationType' + location: + description: >- + Output only. The location that the underlying resource resides in, + for example, us-west1. + type: string + readOnly: true + type: object + id: ServiceProperties + description: Properties of an underlying cloud resource that can comprise a Service. + Location: + type: object + description: A resource that represents a Google Cloud location. + id: Location + properties: + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + type: string + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + labels: + type: object + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + additionalProperties: + type: string + locationId: + type: string + description: 'The canonical id for this location. For example: `"us-east1"`.' + metadata: + description: >- + Service-specific metadata. For example the available capacity at the + given location. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + Scope: + type: object + id: Scope + description: Scope of an application. + properties: + type: + description: Required. Scope Type. + type: string + enumDescriptions: + - Unspecified type. + - Regional type. + - Global type. + enum: + - TYPE_UNSPECIFIED + - REGIONAL + - GLOBAL + ListWorkloadsResponse: + type: object + description: Response for ListWorkloads. + id: ListWorkloadsResponse + properties: + unreachable: + description: Locations that could not be reached. type: array items: type: string - condition: + workloads: + type: array + description: List of Workloads. + items: + $ref: '#/components/schemas/Workload' + nextPageToken: + description: A token identifying a page of results the server should return. + type: string + ListApplicationsResponse: + description: Response for ListApplications. + type: object + id: ListApplicationsResponse + properties: + nextPageToken: + type: string + description: A token identifying a page of results the server should return. + applications: + description: List of Applications. + items: + $ref: '#/components/schemas/Application' + type: array + unreachable: + description: Locations that could not be reached. + items: + type: string + type: array + Operation: + description: >- + This resource represents a long-running operation that is the result of + a network API call. + id: Operation + type: object + properties: + error: description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + metadata: + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + response: + type: object + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + name: + type: string + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + ListServiceProjectAttachmentsResponse: + description: Response for ListServiceProjectAttachments. + type: object + id: ListServiceProjectAttachmentsResponse + properties: + serviceProjectAttachments: + description: List of service project attachments. + items: + $ref: '#/components/schemas/ServiceProjectAttachment' + type: array + nextPageToken: + type: string + description: A token identifying a page of results the server should return. + unreachable: + description: Locations that could not be reached. + items: + type: string + type: array + LookupDiscoveredServiceResponse: + properties: + discoveredService: + description: Discovered Service if exists, empty otherwise. + $ref: '#/components/schemas/DiscoveredService' + id: LookupDiscoveredServiceResponse + description: Response for LookupDiscoveredService. + type: object + DiscoveredService: + id: DiscoveredService + properties: + serviceReference: + $ref: '#/components/schemas/ServiceReference' + readOnly: true + description: >- + Output only. Reference to an underlying networking resource that can + comprise a Service. These are immutable. + serviceProperties: + readOnly: true + description: >- + Output only. Properties of an underlying compute resource that can + comprise a Service. These are immutable. + $ref: '#/components/schemas/ServiceProperties' + name: + description: >- + Identifier. The resource name of the discovered service. Format: + `"projects/{host-project-id}/locations/{location}/discoveredServices/{uuid}"` + type: string + description: >- + DiscoveredService is a network or API interface that exposes some + functionality to clients for consumption over the network. A discovered + service can be registered to a App Hub service. + type: object + AuditConfig: + id: AuditConfig + properties: + auditLogConfigs: + items: + $ref: '#/components/schemas/AuditLogConfig' + type: array + description: The configuration for logging of each type of permission. + service: + description: >- + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + type: string + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + type: object + CancelOperationRequest: + properties: {} + id: CancelOperationRequest + type: object + description: The request message for Operations.CancelOperation. Expr: - id: Expr + type: object description: >- Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of @@ -1037,64 +1154,174 @@ components: string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. + id: Expr + properties: + title: + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + type: string + expression: + type: string + description: >- + Textual representation of an expression in Common Expression + Language syntax. + location: + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: string + description: + type: string + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + Criticality: + properties: + type: + description: Required. Criticality Type. + enumDescriptions: + - Unspecified type. + - Mission critical service, application or workload. + - High impact. + - Medium impact. + - Low impact. + enum: + - TYPE_UNSPECIFIED + - MISSION_CRITICAL + - HIGH + - MEDIUM + - LOW + type: string + id: Criticality + description: Criticality of the Application, Service, or Workload + type: object + DetachServiceProjectAttachmentRequest: + properties: {} + type: object + id: DetachServiceProjectAttachmentRequest + description: Request for DetachServiceProjectAttachment. + Application: type: object properties: - expression: + name: description: >- - Textual representation of an expression in Common Expression - Language syntax. + Identifier. The resource name of an Application. Format: + `"projects/{host-project-id}/locations/{location}/applications/{application-id}"` type: string - title: + createTime: + description: Output only. Create time. + readOnly: true + format: google-datetime + type: string + displayName: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + Optional. User-defined name for the Application. Can have a maximum + length of 63 characters. type: string - description: + uid: + readOnly: true description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + Output only. A universally unique identifier (in UUID4 format) for + the `Application`. type: string - location: + state: + type: string + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + description: Output only. Application state. + readOnly: true + enumDescriptions: + - Unspecified state. + - The Application is being created. + - The Application is ready to register Services and Workloads. + - The Application is being deleted. + updateTime: + description: Output only. Update time. + readOnly: true + format: google-datetime + type: string + attributes: + $ref: '#/components/schemas/Attributes' + description: Optional. Consumer provided attributes. + scope: + $ref: '#/components/schemas/Scope' description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + Required. Immutable. Defines what data can be included into this + Application. Limits which Services and Workloads can be registered. + description: + description: >- + Optional. User-defined description of an Application. Can have a + maximum length of 2048 characters. type: string - AuditConfig: - id: AuditConfig description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + Application defines the governance boundary for App Hub entities that + perform a logical end-to-end business function. App Hub supports + application level IAM permission to align with governance requirements. + id: Application + FunctionalType: + description: The functional type of a service or workload. + id: FunctionalType + properties: + type: + enumDescriptions: + - Unspecified type. + - Agent type. + - MCP Server type. + enum: + - TYPE_UNSPECIFIED + - AGENT + - MCP_SERVER + readOnly: true + description: Output only. The functional type of a service or workload. + type: string + type: object + OperationMetadata: + description: Represents the metadata of the long-running operation. type: object properties: - service: + requestedCancellation: + type: boolean description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have been cancelled successfully + have google.longrunning.Operation.error value with a + google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. + readOnly: true + statusMessage: type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/AuditLogConfig' + description: Output only. Human-readable status of the operation, if any. + readOnly: true + target: + description: >- + Output only. Server-defined resource path for the target of the + operation. + readOnly: true + type: string + endTime: + description: Output only. The time the operation finished running. + readOnly: true + format: google-datetime + type: string + apiVersion: + description: Output only. API version used to start the operation. + type: string + readOnly: true + verb: + type: string + readOnly: true + description: Output only. Name of the verb executed by the operation. + createTime: + readOnly: true + type: string + format: google-datetime + description: Output only. The time the operation was created. + id: OperationMetadata AuditLogConfig: - id: AuditLogConfig description: >- Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ @@ -1104,8 +1331,6 @@ components: type: object properties: logType: - description: The log type that this config enables. - type: string enumDescriptions: - Default case. Should never be this. - 'Admin reads. Example: CloudIAM getIamPolicy' @@ -1116,163 +1341,111 @@ components: - ADMIN_READ - DATA_WRITE - DATA_READ + description: The log type that this config enables. + type: string exemptedMembers: - description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: - type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: - description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). type: array items: type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object - properties: - permissions: description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - ReconciliationOperationMetadata: - id: ReconciliationOperationMetadata - description: >- - Operation metadata returned by the CLH during resource state - reconciliation. - type: object - properties: - deleteResource: - description: DEPRECATED. Use exclusive_action instead. - deprecated: true - type: boolean - exclusiveAction: - description: Excluisive action returned by the CLH. - type: string - enumDescriptions: - - Unknown repair action. - - >- - The resource has to be deleted. When using this bit, the CLH - should fail the operation. DEPRECATED. Instead use DELETE_RESOURCE - OperationSignal in SideChannel. - - >- - This resource could not be repaired but the repair should be tried - again at a later time. This can happen if there is a dependency - that needs to be resolved first- e.g. if a parent resource must be - repaired before a child resource. - enumDeprecated: - - false - - true - - false - enum: - - UNKNOWN_REPAIR_ACTION - - DELETE - - RETRY - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. - type: object + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + id: AuditLogConfig + ListOperationsResponse: properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - target: - description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true - type: string - requestedCancellation: - description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been cancelled successfully - have google.longrunning.Operation.error value with a - google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + items: + type: string + type: array + nextPageToken: + description: The standard List next-page token. type: string + operations: + type: array + description: >- + A list of operations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Operation' + type: object + id: ListOperationsResponse + description: The response message for Operations.ListOperations. parameters: - access_token: - description: OAuth access token. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: access_token + name: key schema: type: string - alt: - description: Data format for response. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: alt + name: fields + schema: + type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv schema: type: string enum: - - json - - media - - proto + - '1' + - '2' + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string callback: description: JSONP in: query name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + alt: + description: Data format for response. in: query - name: fields + name: alt schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + enum: + - json + - media + - proto + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: key + name: prettyPrint schema: - type: string + type: boolean oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + access_token: + description: OAuth access token. in: query - name: prettyPrint + name: access_token schema: - type: boolean + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -1282,27 +1455,6 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - _.xgafv: - description: V1 error format. - in: query - name: $.xgafv - schema: - type: string - enum: - - '1' - - '2' x-stackQL-resources: locations: id: google.apphub.locations @@ -1344,374 +1496,401 @@ components: update: [] replace: [] delete: [] - operations: - id: google.apphub.operations - name: operations - title: Operations + boundary: + id: google.apphub.boundary + name: boundary + title: Boundary methods: - list: + get_boundary: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1boundary/get + response: + mediaType: application/json + openAPIDocKey: '200' + update_boundary: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1boundary/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/boundary/methods/get_boundary' + insert: [] + update: + - $ref: '#/components/x-stackQL-resources/boundary/methods/update_boundary' + replace: [] + delete: [] + discovered_workloads: + id: google.apphub.discovered_workloads + name: discovered_workloads + title: Discovered_workloads + methods: get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveredWorkloads~1{discoveredWorkloadsId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveredWorkloads/get response: mediaType: application/json openAPIDocKey: '200' - cancel: + objectKey: $.discoveredWorkloads + lookup: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveredWorkloads:lookup/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' + - $ref: '#/components/x-stackQL-resources/discovered_workloads/methods/get' + - $ref: '#/components/x-stackQL-resources/discovered_workloads/methods/list' insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - service_project_attachments: - id: google.apphub.service_project_attachments - name: service_project_attachments - title: Service_project_attachments + delete: [] + applications: + id: google.apphub.applications + name: applications + title: Applications methods: - list: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceProjectAttachments/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.serviceProjectAttachments - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceProjectAttachments/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.applications get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceProjectAttachments~1{serviceProjectAttachmentsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}/get response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceProjectAttachments~1{serviceProjectAttachmentsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/service_project_attachments/methods/get - - $ref: >- - #/components/x-stackQL-resources/service_project_attachments/methods/list + - $ref: '#/components/x-stackQL-resources/applications/methods/get' + - $ref: '#/components/x-stackQL-resources/applications/methods/list' insert: - - $ref: >- - #/components/x-stackQL-resources/service_project_attachments/methods/create - update: [] + - $ref: '#/components/x-stackQL-resources/applications/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/applications/methods/patch' replace: [] delete: - - $ref: >- - #/components/x-stackQL-resources/service_project_attachments/methods/delete - discovered_services: - id: google.apphub.discovered_services - name: discovered_services - title: Discovered_services + - $ref: '#/components/x-stackQL-resources/applications/methods/delete' + applications_iam_policies: + id: google.apphub.applications_iam_policies + name: applications_iam_policies + title: Applications_iam_policies methods: - list: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveredServices/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.discoveredServices - get: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveredServices~1{discoveredServicesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - lookup: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveredServices:lookup/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/discovered_services/methods/get' - - $ref: '#/components/x-stackQL-resources/discovered_services/methods/list' + - $ref: >- + #/components/x-stackQL-resources/applications_iam_policies/methods/get_iam_policy insert: [] update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/applications_iam_policies/methods/set_iam_policy delete: [] - discovered_workloads: - id: google.apphub.discovered_workloads - name: discovered_workloads - title: Discovered_workloads + workloads: + id: google.apphub.workloads + name: workloads + title: Workloads methods: + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1workloads/post + response: + mediaType: application/json + openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveredWorkloads/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1workloads/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.discoveredWorkloads + objectKey: $.unreachable get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveredWorkloads~1{discoveredWorkloadsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1workloads~1{workloadsId}/get response: mediaType: application/json openAPIDocKey: '200' - lookup: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveredWorkloads:lookup/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1workloads~1{workloadsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1workloads~1{workloadsId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/discovered_workloads/methods/get' - - $ref: '#/components/x-stackQL-resources/discovered_workloads/methods/list' - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/workloads/methods/get' + - $ref: '#/components/x-stackQL-resources/workloads/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/workloads/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/workloads/methods/patch' replace: [] - delete: [] - applications: - id: google.apphub.applications - name: applications - title: Applications + delete: + - $ref: '#/components/x-stackQL-resources/workloads/methods/delete' + services: + id: google.apphub.services + name: services + title: Services methods: - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1services~1{servicesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.applications - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1services~1{servicesId}/delete response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1services~1{servicesId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1services/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.services + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1services/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/applications/methods/get' - - $ref: '#/components/x-stackQL-resources/applications/methods/list' + - $ref: '#/components/x-stackQL-resources/services/methods/get' + - $ref: '#/components/x-stackQL-resources/services/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/applications/methods/create' + - $ref: '#/components/x-stackQL-resources/services/methods/create' update: - - $ref: '#/components/x-stackQL-resources/applications/methods/patch' + - $ref: '#/components/x-stackQL-resources/services/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/applications/methods/delete' - applications_iam_policies: - id: google.apphub.applications_iam_policies - name: applications_iam_policies - title: Applications_iam_policies + - $ref: '#/components/x-stackQL-resources/services/methods/delete' + discovered_services: + id: google.apphub.discovered_services + name: discovered_services + title: Discovered_services methods: - set_iam_policy: + lookup: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveredServices:lookup/get response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveredServices~1{discoveredServicesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveredServices/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/applications_iam_policies/methods/get_iam_policy + - $ref: '#/components/x-stackQL-resources/discovered_services/methods/get' + - $ref: '#/components/x-stackQL-resources/discovered_services/methods/list' insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/applications_iam_policies/methods/set_iam_policy + replace: [] delete: [] - services: - id: google.apphub.services - name: services - title: Services + operations: + id: google.apphub.operations + name: operations + title: Operations methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1services/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.services - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1services/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1services~1{servicesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1services~1{servicesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1services~1{servicesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/services/methods/get' - - $ref: '#/components/x-stackQL-resources/services/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/services/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/services/methods/patch' + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' + insert: [] + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/services/methods/delete' - workloads: - id: google.apphub.workloads - name: workloads - title: Workloads + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + service_project_attachments: + id: google.apphub.service_project_attachments + name: service_project_attachments + title: Service_project_attachments methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1workloads/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.workloads create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1workloads/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceProjectAttachments/post response: mediaType: application/json openAPIDocKey: '200' - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1workloads~1{workloadsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceProjectAttachments/get response: mediaType: application/json openAPIDocKey: '200' - patch: + objectKey: $.serviceProjectAttachments + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1workloads~1{workloadsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceProjectAttachments~1{serviceProjectAttachmentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1applications~1{applicationsId}~1workloads~1{workloadsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceProjectAttachments~1{serviceProjectAttachmentsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/workloads/methods/get' - - $ref: '#/components/x-stackQL-resources/workloads/methods/list' + - $ref: >- + #/components/x-stackQL-resources/service_project_attachments/methods/get + - $ref: >- + #/components/x-stackQL-resources/service_project_attachments/methods/list insert: - - $ref: '#/components/x-stackQL-resources/workloads/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/workloads/methods/patch' + - $ref: >- + #/components/x-stackQL-resources/service_project_attachments/methods/create + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/workloads/methods/delete' + - $ref: >- + #/components/x-stackQL-resources/service_project_attachments/methods/delete paths: /v1/projects/{projectsId}/locations/{locationsId}:lookupServiceProjectAttachment: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/quotaUser' get: description: >- Lists a service project attachment for a given service project. You can @@ -1777,11 +1956,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}/boundary: parameters: *ref_1 get: - description: Lists information about the supported locations for this service. - operationId: apphub.projects.locations.list + description: Gets a Boundary. + operationId: apphub.projects.locations.getBoundary security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1793,35 +1972,63 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/Boundary' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: pageSize + patch: + description: Updates a Boundary. + operationId: apphub.projects.locations.updateBoundary + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Boundary' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true schema: - type: integer - format: int32 + type: string + - in: path + name: locationsId + required: true + schema: + type: string - in: query - name: pageToken + name: requestId schema: type: string - in: query - name: extraLocationTypes + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}: + format: google-fieldmask + /v1/projects/{projectsId}/locations: parameters: *ref_1 get: - description: Gets information about a location. - operationId: apphub.projects.locations.get + description: Lists information about the supported locations for this service. + operationId: apphub.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1833,25 +2040,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + - in: query + name: extraLocationTypes + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: apphub.projects.locations.operations.list + description: Gets information about a location. + operationId: apphub.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1863,7 +2080,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId @@ -1875,27 +2092,11 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/discoveredWorkloads/{discoveredWorkloadsId}: parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: apphub.projects.locations.operations.get + description: Gets a Discovered Workload in a host project and location. + operationId: apphub.projects.locations.discoveredWorkloads.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1907,7 +2108,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/DiscoveredWorkload' parameters: - in: path name: projectsId @@ -1920,17 +2121,17 @@ paths: schema: type: string - in: path - name: operationsId + name: discoveredWorkloadsId required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/discoveredWorkloads: + parameters: *ref_1 + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: apphub.projects.locations.operations.delete + Lists Discovered Workloads that can be added to an Application in a host + project and location. + operationId: apphub.projects.locations.discoveredWorkloads.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1942,7 +2143,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListDiscoveredWorkloadsResponse' parameters: - in: path name: projectsId @@ -1954,30 +2155,30 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/discoveredWorkloads:lookup: parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: apphub.projects.locations.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + Lists a Discovered Workload in a host project and location, with a given + resource URI. + operationId: apphub.projects.locations.discoveredWorkloads.lookup security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1989,7 +2190,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/LookupDiscoveredWorkloadResponse' parameters: - in: path name: projectsId @@ -2001,16 +2202,20 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: uri schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceProjectAttachments: + /v1/projects/{projectsId}/locations/{locationsId}/applications: parameters: *ref_1 - get: - description: Lists service projects attached to the host project. - operationId: apphub.projects.locations.serviceProjectAttachments.list + post: + description: Creates an Application in a host project and location. + operationId: apphub.projects.locations.applications.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Application' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2022,7 +2227,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListServiceProjectAttachmentsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2035,30 +2240,16 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: applicationId schema: type: string - post: - description: Attaches a service project to the host project. - operationId: apphub.projects.locations.serviceProjectAttachments.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ServiceProjectAttachment' + get: + description: Lists Applications in a host project and location. + operationId: apphub.projects.locations.applications.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2070,7 +2261,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListApplicationsResponse' parameters: - in: path name: projectsId @@ -2083,18 +2274,27 @@ paths: schema: type: string - in: query - name: serviceProjectAttachmentId + name: filter schema: type: string - in: query - name: requestId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceProjectAttachments/{serviceProjectAttachmentsId}: + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}: parameters: *ref_1 get: - description: Gets a service project attachment. - operationId: apphub.projects.locations.serviceProjectAttachments.get + description: Gets an Application in a host project and location. + operationId: apphub.projects.locations.applications.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2106,7 +2306,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ServiceProjectAttachment' + $ref: '#/components/schemas/Application' parameters: - in: path name: projectsId @@ -2119,13 +2319,13 @@ paths: schema: type: string - in: path - name: serviceProjectAttachmentsId + name: applicationsId required: true schema: type: string delete: - description: Deletes a service project attachment. - operationId: apphub.projects.locations.serviceProjectAttachments.delete + description: Deletes an Application in a host project and location. + operationId: apphub.projects.locations.applications.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2150,7 +2350,7 @@ paths: schema: type: string - in: path - name: serviceProjectAttachmentsId + name: applicationsId required: true schema: type: string @@ -2158,13 +2358,14 @@ paths: name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/discoveredServices: - parameters: *ref_1 - get: - description: >- - Lists Discovered Services that can be added to an Application in a host - project and location. - operationId: apphub.projects.locations.discoveredServices.list + patch: + description: Updates an Application in a host project and location. + operationId: apphub.projects.locations.applications.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Application' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2176,7 +2377,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDiscoveredServicesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2188,28 +2389,35 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: applicationsId + required: true schema: type: string - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/discoveredServices/{discoveredServicesId}: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}:testIamPermissions: parameters: *ref_1 - get: - description: Gets a Discovered Service in a host project and location. - operationId: apphub.projects.locations.discoveredServices.get + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: apphub.projects.locations.applications.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2221,7 +2429,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DiscoveredService' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -2234,17 +2442,23 @@ paths: schema: type: string - in: path - name: discoveredServicesId + name: applicationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/discoveredServices:lookup: + /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}:setIamPolicy: parameters: *ref_1 - get: + post: description: >- - Lists a Discovered Service in a host project and location, with a given - resource URI. - operationId: apphub.projects.locations.discoveredServices.lookup + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: apphub.projects.locations.applications.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2256,7 +2470,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LookupDiscoveredServiceResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2268,17 +2482,18 @@ paths: required: true schema: type: string - - in: query - name: uri + - in: path + name: applicationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/discoveredWorkloads: + /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}:getIamPolicy: parameters: *ref_1 get: description: >- - Lists Discovered Workloads that can be added to an Application in a host - project and location. - operationId: apphub.projects.locations.discoveredWorkloads.list + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: apphub.projects.locations.applications.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2290,7 +2505,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDiscoveredWorkloadsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2302,28 +2517,26 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: applicationsId + required: true schema: type: string - in: query - name: orderBy + name: options.requestedPolicyVersion schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/discoveredWorkloads/{discoveredWorkloadsId}: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}/workloads: parameters: *ref_1 - get: - description: Gets a Discovered Workload in a host project and location. - operationId: apphub.projects.locations.discoveredWorkloads.get + post: + description: Creates a Workload in an Application. + operationId: apphub.projects.locations.applications.workloads.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Workload' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2335,7 +2548,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DiscoveredWorkload' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2348,17 +2561,21 @@ paths: schema: type: string - in: path - name: discoveredWorkloadsId + name: applicationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/discoveredWorkloads:lookup: - parameters: *ref_1 + - in: query + name: workloadId + schema: + type: string + - in: query + name: requestId + schema: + type: string get: - description: >- - Lists a Discovered Workload in a host project and location, with a given - resource URI. - operationId: apphub.projects.locations.discoveredWorkloads.lookup + description: Lists Workloads in an Application. + operationId: apphub.projects.locations.applications.workloads.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2370,7 +2587,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LookupDiscoveredWorkloadResponse' + $ref: '#/components/schemas/ListWorkloadsResponse' parameters: - in: path name: projectsId @@ -2382,15 +2599,33 @@ paths: required: true schema: type: string + - in: path + name: applicationsId + required: true + schema: + type: string - in: query - name: uri + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/applications: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}/workloads/{workloadsId}: parameters: *ref_1 get: - description: Lists Applications in a host project and location. - operationId: apphub.projects.locations.applications.list + description: Gets a Workload in an Application. + operationId: apphub.projects.locations.applications.workloads.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2402,7 +2637,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListApplicationsResponse' + $ref: '#/components/schemas/Workload' parameters: - in: path name: projectsId @@ -2414,31 +2649,24 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: applicationsId + required: true schema: type: string - - in: query - name: orderBy + - in: path + name: workloadsId + required: true schema: type: string - post: - description: Creates an Application in a host project and location. - operationId: apphub.projects.locations.applications.create + patch: + description: Updates a Workload in an Application. + operationId: apphub.projects.locations.applications.workloads.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Application' + $ref: '#/components/schemas/Workload' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2462,19 +2690,28 @@ paths: required: true schema: type: string + - in: path + name: applicationsId + required: true + schema: + type: string + - in: path + name: workloadsId + required: true + schema: + type: string - in: query - name: applicationId + name: updateMask schema: type: string + format: google-fieldmask - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}: - parameters: *ref_1 - get: - description: Gets an Application in a host project and location. - operationId: apphub.projects.locations.applications.get + delete: + description: Deletes a Workload from an Application. + operationId: apphub.projects.locations.applications.workloads.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2486,7 +2723,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Application' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2503,14 +2740,25 @@ paths: required: true schema: type: string + - in: path + name: workloadsId + required: true + schema: + type: string + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}/services/{servicesId}: + parameters: *ref_1 patch: - description: Updates an Application in a host project and location. - operationId: apphub.projects.locations.applications.patch + description: Updates a Service in an Application. + operationId: apphub.projects.locations.applications.services.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Application' + $ref: '#/components/schemas/Service' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2539,6 +2787,11 @@ paths: required: true schema: type: string + - in: path + name: servicesId + required: true + schema: + type: string - in: query name: updateMask schema: @@ -2549,8 +2802,8 @@ paths: schema: type: string delete: - description: Deletes an Application in a host project and location. - operationId: apphub.projects.locations.applications.delete + description: Deletes a Service from an Application. + operationId: apphub.projects.locations.applications.services.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2579,23 +2832,18 @@ paths: required: true schema: type: string + - in: path + name: servicesId + required: true + schema: + type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: apphub.projects.locations.applications.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + get: + description: Gets a Service in an Application. + operationId: apphub.projects.locations.applications.services.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2607,7 +2855,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Service' parameters: - in: path name: projectsId @@ -2624,13 +2872,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}:getIamPolicy: + - in: path + name: servicesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}/services: parameters: *ref_1 get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: apphub.projects.locations.applications.getIamPolicy + description: Lists Services in an Application. + operationId: apphub.projects.locations.applications.services.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2642,7 +2893,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListServicesResponse' parameters: - in: path name: projectsId @@ -2660,25 +2911,30 @@ paths: schema: type: string - in: query - name: options.requestedPolicyVersion + name: pageToken + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}:testIamPermissions: - parameters: *ref_1 post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: apphub.projects.locations.applications.testIamPermissions + description: Creates a Service in an Application. + operationId: apphub.projects.locations.applications.services.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/Service' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2690,7 +2946,50 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: applicationsId + required: true + schema: + type: string + - in: query + name: serviceId + schema: + type: string + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/discoveredServices:lookup: + parameters: *ref_1 + get: + description: >- + Lists a Discovered Service in a host project and location, with a given + resource URI. + operationId: apphub.projects.locations.discoveredServices.lookup + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/LookupDiscoveredServiceResponse' parameters: - in: path name: projectsId @@ -2702,16 +3001,15 @@ paths: required: true schema: type: string - - in: path - name: applicationsId - required: true + - in: query + name: uri schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}/services: + /v1/projects/{projectsId}/locations/{locationsId}/discoveredServices/{discoveredServicesId}: parameters: *ref_1 get: - description: Lists Services in an Application. - operationId: apphub.projects.locations.applications.services.list + description: Gets a Discovered Service in a host project and location. + operationId: apphub.projects.locations.discoveredServices.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2723,7 +3021,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListServicesResponse' + $ref: '#/components/schemas/DiscoveredService' parameters: - in: path name: projectsId @@ -2736,35 +3034,17 @@ paths: schema: type: string - in: path - name: applicationsId + name: discoveredServicesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - post: - description: Creates a Service in an Application. - operationId: apphub.projects.locations.applications.services.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Service' + /v1/projects/{projectsId}/locations/{locationsId}/discoveredServices: + parameters: *ref_1 + get: + description: >- + Lists Discovered Services that can be added to an Application in a host + project and location. + operationId: apphub.projects.locations.discoveredServices.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2776,7 +3056,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListDiscoveredServicesResponse' parameters: - in: path name: projectsId @@ -2788,24 +3068,32 @@ paths: required: true schema: type: string - - in: path - name: applicationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy schema: type: string - in: query - name: serviceId + name: filter schema: type: string - in: query - name: requestId + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}/services/{servicesId}: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - get: - description: Gets a Service in an Application. - operationId: apphub.projects.locations.applications.services.get + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: apphub.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2817,7 +3105,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Service' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2830,23 +3118,16 @@ paths: schema: type: string - in: path - name: applicationsId - required: true - schema: - type: string - - in: path - name: servicesId + name: operationsId required: true schema: type: string - patch: - description: Updates a Service in an Application. - operationId: apphub.projects.locations.applications.services.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Service' + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: apphub.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2871,27 +3152,29 @@ paths: schema: type: string - in: path - name: applicationsId - required: true - schema: - type: string - - in: path - name: servicesId + name: operationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId - schema: - type: string - delete: - description: Deletes a Service from an Application. - operationId: apphub.projects.locations.applications.services.delete + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: apphub.projects.locations.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2903,7 +3186,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2916,24 +3199,17 @@ paths: schema: type: string - in: path - name: applicationsId - required: true - schema: - type: string - - in: path - name: servicesId + name: operationsId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}/workloads: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 get: - description: Lists Workloads in an Application. - operationId: apphub.projects.locations.applications.workloads.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: apphub.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2945,7 +3221,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListWorkloadsResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -2957,36 +3233,33 @@ paths: required: true schema: type: string - - in: path - name: applicationsId - required: true - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: returnPartialSuccess schema: - type: string + type: boolean - in: query - name: filter + name: pageToken schema: type: string - in: query - name: orderBy + name: filter schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/serviceProjectAttachments: + parameters: *ref_1 post: - description: Creates a Workload in an Application. - operationId: apphub.projects.locations.applications.workloads.create + description: Attaches a service project to the host project. + operationId: apphub.projects.locations.serviceProjectAttachments.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Workload' + $ref: '#/components/schemas/ServiceProjectAttachment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3010,24 +3283,17 @@ paths: required: true schema: type: string - - in: path - name: applicationsId - required: true - schema: - type: string - in: query - name: workloadId + name: serviceProjectAttachmentId schema: type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/applications/{applicationsId}/workloads/{workloadsId}: - parameters: *ref_1 get: - description: Gets a Workload in an Application. - operationId: apphub.projects.locations.applications.workloads.get + description: Lists service projects attached to the host project. + operationId: apphub.projects.locations.serviceProjectAttachments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3039,7 +3305,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Workload' + $ref: '#/components/schemas/ListServiceProjectAttachmentsResponse' parameters: - in: path name: projectsId @@ -3051,24 +3317,28 @@ paths: required: true schema: type: string - - in: path - name: applicationsId - required: true + - in: query + name: filter schema: type: string - - in: path - name: workloadsId - required: true + - in: query + name: pageToken schema: type: string - patch: - description: Updates a Workload in an Application. - operationId: apphub.projects.locations.applications.workloads.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Workload' + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/serviceProjectAttachments/{serviceProjectAttachmentsId}: + parameters: *ref_1 + delete: + description: Deletes a service project attachment. + operationId: apphub.projects.locations.serviceProjectAttachments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3093,27 +3363,17 @@ paths: schema: type: string - in: path - name: applicationsId - required: true - schema: - type: string - - in: path - name: workloadsId + name: serviceProjectAttachmentsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - in: query name: requestId schema: type: string - delete: - description: Deletes a Workload from an Application. - operationId: apphub.projects.locations.applications.workloads.delete + get: + description: Gets a service project attachment. + operationId: apphub.projects.locations.serviceProjectAttachments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3125,7 +3385,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ServiceProjectAttachment' parameters: - in: path name: projectsId @@ -3138,16 +3398,7 @@ paths: schema: type: string - in: path - name: applicationsId - required: true - schema: - type: string - - in: path - name: workloadsId + name: serviceProjectAttachmentsId required: true schema: type: string - - in: query - name: requestId - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/areainsights.yaml b/providers/src/googleapis.com/v00.00.00000/services/areainsights.yaml index 89b3e1a1..777cd78b 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/areainsights.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/areainsights.yaml @@ -7,8 +7,8 @@ info: title: Places Aggregate API description: Places Aggregate API. version: v1 - x-discovery-doc-revision: '20250826' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251208' + x-generated-date: '2025-12-10' externalDocs: url: https://developers.google.com/maps/documentation/places-aggregate/overview servers: @@ -34,18 +34,149 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ComputeInsightsRequest: - id: ComputeInsightsRequest - description: Request for the ComputeInsights RPC. + Circle: + id: Circle + properties: + latLng: + $ref: '#/components/schemas/LatLng' + description: The latitude and longitude of the center of the circle. + radius: + format: int32 + description: Optional. The radius of the circle in meters + type: integer + place: + description: >- + **Format:** Must be in the format `places/PLACE_ID`, where + `PLACE_ID` is the unique identifier of a place. For example: + `places/ChIJgUbEo8cfqokR5lP9_Wh_DaM`. + type: string + description: A circle is defined by a center point and radius in meters. + type: object + ComputeInsightsResponse: type: object + description: Response for the ComputeInsights RPC. + id: ComputeInsightsResponse properties: - insights: + placeInsights: + items: + $ref: '#/components/schemas/PlaceInsight' + description: Result for Insights.INSIGHT_PLACES. + type: array + count: + format: int64 + description: Result for Insights.INSIGHT_COUNT. + type: string + LocationFilter: + id: LocationFilter + type: object + properties: + region: + description: Area as region. + $ref: '#/components/schemas/Region' + customArea: + $ref: '#/components/schemas/CustomArea' + description: Custom area specified by a polygon. + circle: + description: Area as a circle. + $ref: '#/components/schemas/Circle' + description: Location filters. Specifies the area of interest for the insight. + Region: + type: object + properties: + place: description: >- - Required. Insights to compute. Currently only INSIGHT_COUNT and - INSIGHT_PLACES are supported. + The [place + ID](https://developers.google.com/maps/documentation/places/web-service/place-id) + of the geographic region. Not all region types are supported; see + documentation for details. **Format:** Must be in the format + `places/PLACE_ID`, where `PLACE_ID` is the unique identifier of a + place. For example: `places/ChIJPV4oX_65j4ARVW8IJ6IJUYs`. + type: string + description: >- + A region is a geographic boundary such as: cities, postal codes, + counties, states, etc. + id: Region + TypeFilter: + description: >- + Place type filters. Only Place types from [Table + a](https://developers.google.com/maps/documentation/places/web-service/place-types#table-a) + are supported. A place can only have a single primary type associated + with it. For example, the primary type might be "mexican_restaurant" or + "steak_house". Use included_primary_types and excluded_primary_types to + filter the results on a place's primary type. A place can also have + multiple type values associated with it. For example a restaurant might + have the following types: "seafood_restaurant", "restaurant", "food", + "point_of_interest", "establishment". Use included_types and + excluded_types to filter the results on the list of types associated + with a place. If a search is specified with multiple type restrictions, + only places that satisfy all of the restrictions are returned. For + example, if you specify {"included_types": ["restaurant"], + "excluded_primary_types": ["steak_house"]}, the returned places provide + "restaurant" related services but do not operate primarily as a + "steak_house". If there are any conflicting types, i.e. a type appears + in both included_types and excluded_types types or + included_primary_types and excluded_primary_types, an INVALID_ARGUMENT + error is returned. One of included_types or included_primary_types must + be set. + id: TypeFilter + properties: + includedTypes: + description: Optional. Included Place types. + items: + type: string + type: array + includedPrimaryTypes: + description: Optional. Included primary Place types. + type: array + items: + type: string + excludedPrimaryTypes: + description: Optional. Excluded primary Place types. + items: + type: string type: array + excludedTypes: + description: Optional. Excluded Place types. items: type: string + type: array + type: object + CustomArea: + description: Custom Area. + id: CustomArea + type: object + properties: + polygon: + description: Required. The custom area represented as a polygon + $ref: '#/components/schemas/Polygon' + RatingFilter: + properties: + minRating: + description: >- + Optional. Restricts results to places whose average user rating is + greater than or equal to min_rating. Values must be between 1.0 and + 5.0. + format: float + type: number + maxRating: + type: number + format: float + description: >- + Optional. Restricts results to places whose average user rating is + strictly less than or equal to max_rating. Values must be between + 1.0 and 5.0. + description: Average user rating filters. + type: object + id: RatingFilter + ComputeInsightsRequest: + id: ComputeInsightsRequest + properties: + filter: + description: Required. Insight filter. + $ref: '#/components/schemas/Filter' + insights: + type: array + items: enumDescriptions: - Not Specified. - >- @@ -71,32 +202,46 @@ components: { "minRating": 4.0 } } } ``` Example response: ``` { "placeInsights": [ {"place": "places/ABC"}, {"place": "places/PQR"}, {"place": "places/XYZ"} ] } ``` + type: string enum: - INSIGHT_UNSPECIFIED - INSIGHT_COUNT - INSIGHT_PLACES - filter: - description: Required. Insight filter. - $ref: '#/components/schemas/Filter' + description: >- + Required. Insights to compute. Currently only INSIGHT_COUNT and + INSIGHT_PLACES are supported. + type: object + description: Request for the ComputeInsights RPC. Filter: - id: Filter description: Filters for the ComputeInsights RPC. - type: object properties: - locationFilter: + priceLevels: + items: + type: string + enum: + - PRICE_LEVEL_UNSPECIFIED + - PRICE_LEVEL_FREE + - PRICE_LEVEL_INEXPENSIVE + - PRICE_LEVEL_MODERATE + - PRICE_LEVEL_EXPENSIVE + - PRICE_LEVEL_VERY_EXPENSIVE + enumDescriptions: + - Not specified. This value should not be used. + - Place provides free services. + - Place provides inexpensive services. + - Place provides moderately priced services. + - Place provides expensive services. + - Place provides very expensive services. + type: array description: >- - Required. Restricts results to places which are located in the area - specified by location filters. - $ref: '#/components/schemas/LocationFilter' - typeFilter: - description: Required. Place type filters. - $ref: '#/components/schemas/TypeFilter' + Optional. Restricts results to places whose price level is included + on this list. If `price_levels` is not set, all price levels are + included in the results. operatingStatus: description: >- Optional. Restricts results to places whose operating status is included on this list. If operating_status is not set, OPERATING_STATUS_OPERATIONAL is used as default. - type: array items: type: string enumDescriptions: @@ -111,109 +256,24 @@ components: - OPERATING_STATUS_OPERATIONAL - OPERATING_STATUS_PERMANENTLY_CLOSED - OPERATING_STATUS_TEMPORARILY_CLOSED - priceLevels: - description: >- - Optional. Restricts results to places whose price level is included - on this list. If `price_levels` is not set, all price levels are - included in the results. type: array - items: - type: string - enumDescriptions: - - Not specified. This value should not be used. - - Place provides free services. - - Place provides inexpensive services. - - Place provides moderately priced services. - - Place provides expensive services. - - Place provides very expensive services. - enum: - - PRICE_LEVEL_UNSPECIFIED - - PRICE_LEVEL_FREE - - PRICE_LEVEL_INEXPENSIVE - - PRICE_LEVEL_MODERATE - - PRICE_LEVEL_EXPENSIVE - - PRICE_LEVEL_VERY_EXPENSIVE + locationFilter: + $ref: '#/components/schemas/LocationFilter' + description: >- + Required. Restricts results to places which are located in the area + specified by location filters. + typeFilter: + description: Required. Place type filters. + $ref: '#/components/schemas/TypeFilter' ratingFilter: description: >- Optional. Restricts results to places whose average user ratings are in the range specified by rating_filter. If rating_filter is not set, all ratings are included in the result. $ref: '#/components/schemas/RatingFilter' - LocationFilter: - id: LocationFilter - description: Location filters. Specifies the area of interest for the insight. - type: object - properties: - circle: - description: Area as a circle. - $ref: '#/components/schemas/Circle' - region: - description: Area as region. - $ref: '#/components/schemas/Region' - customArea: - description: Custom area specified by a polygon. - $ref: '#/components/schemas/CustomArea' - Circle: - id: Circle - description: A circle is defined by a center point and radius in meters. - type: object - properties: - latLng: - description: The latitude and longitude of the center of the circle. - $ref: '#/components/schemas/LatLng' - place: - description: >- - **Format:** Must be in the format `places/PLACE_ID`, where - `PLACE_ID` is the unique identifier of a place. For example: - `places/ChIJgUbEo8cfqokR5lP9_Wh_DaM`. - type: string - radius: - description: Optional. The radius of the circle in meters - type: integer - format: int32 - LatLng: - id: LatLng - description: >- - An object that represents a latitude/longitude pair. This is expressed - as a pair of doubles to represent degrees latitude and degrees - longitude. Unless specified otherwise, this object must conform to the - WGS84 standard. Values must be within normalized ranges. - type: object - properties: - latitude: - description: The latitude in degrees. It must be in the range [-90.0, +90.0]. - type: number - format: double - longitude: - description: The longitude in degrees. It must be in the range [-180.0, +180.0]. - type: number - format: double - Region: - id: Region - description: >- - A region is a geographic boundary such as: cities, postal codes, - counties, states, etc. - type: object - properties: - place: - description: >- - The [place - ID](https://developers.google.com/maps/documentation/places/web-service/place-id) - of the geographic region. Not all region types are supported; see - documentation for details. **Format:** Must be in the format - `places/PLACE_ID`, where `PLACE_ID` is the unique identifier of a - place. For example: `places/ChIJPV4oX_65j4ARVW8IJ6IJUYs`. - type: string - CustomArea: - id: CustomArea - description: Custom Area. + id: Filter type: object - properties: - polygon: - description: Required. The custom area represented as a polygon - $ref: '#/components/schemas/Polygon' Polygon: - id: Polygon description: >- A polygon is represented by a series of connected coordinates in an counterclockwise ordered sequence. The coordinates form a closed loop @@ -224,104 +284,44 @@ components: type: object properties: coordinates: - description: Optional. The coordinates that define the polygon. type: array + description: Optional. The coordinates that define the polygon. items: $ref: '#/components/schemas/LatLng' - TypeFilter: - id: TypeFilter + id: Polygon + LatLng: description: >- - Place type filters. Only Place types from [Table - a](https://developers.google.com/maps/documentation/places/web-service/place-types#table-a) - are supported. A place can only have a single primary type associated - with it. For example, the primary type might be "mexican_restaurant" or - "steak_house". Use included_primary_types and excluded_primary_types to - filter the results on a place's primary type. A place can also have - multiple type values associated with it. For example a restaurant might - have the following types: "seafood_restaurant", "restaurant", "food", - "point_of_interest", "establishment". Use included_types and - excluded_types to filter the results on the list of types associated - with a place. If a search is specified with multiple type restrictions, - only places that satisfy all of the restrictions are returned. For - example, if you specify {"included_types": ["restaurant"], - "excluded_primary_types": ["steak_house"]}, the returned places provide - "restaurant" related services but do not operate primarily as a - "steak_house". If there are any conflicting types, i.e. a type appears - in both included_types and excluded_types types or - included_primary_types and excluded_primary_types, an INVALID_ARGUMENT - error is returned. One of included_types or included_primary_types must - be set. - type: object - properties: - includedTypes: - description: Optional. Included Place types. - type: array - items: - type: string - excludedTypes: - description: Optional. Excluded Place types. - type: array - items: - type: string - includedPrimaryTypes: - description: Optional. Included primary Place types. - type: array - items: - type: string - excludedPrimaryTypes: - description: Optional. Excluded primary Place types. - type: array - items: - type: string - RatingFilter: - id: RatingFilter - description: Average user rating filters. - type: object + An object that represents a latitude/longitude pair. This is expressed + as a pair of doubles to represent degrees latitude and degrees + longitude. Unless specified otherwise, this object must conform to the + WGS84 standard. Values must be within normalized ranges. properties: - minRating: - description: >- - Optional. Restricts results to places whose average user rating is - greater than or equal to min_rating. Values must be between 1.0 and - 5.0. + longitude: + description: The longitude in degrees. It must be in the range [-180.0, +180.0]. type: number - format: float - maxRating: - description: >- - Optional. Restricts results to places whose average user rating is - strictly less than or equal to max_rating. Values must be between - 1.0 and 5.0. + format: double + latitude: + format: double type: number - format: float - ComputeInsightsResponse: - id: ComputeInsightsResponse - description: Response for the ComputeInsights RPC. + description: The latitude in degrees. It must be in the range [-90.0, +90.0]. + id: LatLng type: object - properties: - count: - description: Result for Insights.INSIGHT_COUNT. - type: string - format: int64 - placeInsights: - description: Result for Insights.INSIGHT_PLACES. - type: array - items: - $ref: '#/components/schemas/PlaceInsight' PlaceInsight: id: PlaceInsight - description: Holds information about a place type: object + description: Holds information about a place properties: place: + type: string description: >- The unique identifier of the place. This resource name can be used to retrieve details about the place using the [Places API](https://developers.google.com/maps/documentation/places/web-service/reference/rest/v1/places/get). - type: string parameters: - access_token: - description: OAuth access token. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: access_token + name: uploadType schema: type: string alt: @@ -334,16 +334,19 @@ components: - json - media - proto - callback: - description: JSONP + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: callback + name: upload_protocol schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: fields + name: quotaUser schema: type: string key: @@ -355,37 +358,28 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: oauth_token + name: fields schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + callback: + description: JSONP in: query - name: quotaUser + name: callback schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: upload_protocol + name: oauth_token schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + access_token: + description: OAuth access token. in: query - name: uploadType + name: access_token schema: type: string _.xgafv: @@ -397,6 +391,12 @@ components: enum: - '1' - '2' + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean x-stackQL-resources: areainsights: id: google.areainsights.areainsights @@ -418,17 +418,17 @@ components: paths: /v1:computeInsights: parameters: - - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/prettyPrint' post: description: >- This method lets you retrieve insights about areas using a variety of diff --git a/providers/src/googleapis.com/v00.00.00000/services/artifactregistry.yaml b/providers/src/googleapis.com/v00.00.00000/services/artifactregistry.yaml index da6c47ea..84abcb54 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/artifactregistry.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/artifactregistry.yaml @@ -9,8 +9,8 @@ info: Store and manage build artifacts in a scalable and integrated service built on Google infrastructure. version: v1 - x-discovery-doc-revision: '20250730' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251029' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/artifacts/docs/ servers: @@ -24,12 +24,12 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 - https://www.googleapis.com/auth/cloud-platform: >- - See, edit, configure, and delete your Google Cloud data and see - the email address for your Google Account. https://www.googleapis.com/auth/cloud-platform.read-only: >- View your data across Google Cloud services and see the email address of your Google Account + https://www.googleapis.com/auth/cloud-platform: >- + See, edit, configure, and delete your Google Cloud data and see + the email address for your Google Account. Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -39,980 +39,967 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object + ImportYumArtifactsGcsSource: + description: Google Cloud Storage location where the artifacts currently reside. + id: ImportYumArtifactsGcsSource properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. + useWildcards: type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + Supports URI wildcards for matching multiple objects from a single + URI. + uris: type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ListDockerImagesResponse: - id: ListDockerImagesResponse - description: The response from listing docker images. + type: string + description: Cloud Storage paths URI (e.g., gs://my_bucket//my_object). type: object - properties: - dockerImages: - description: The docker images returned. - type: array - items: - $ref: '#/components/schemas/DockerImage' - nextPageToken: - description: >- - The token to retrieve the next page of artifacts, or empty if there - are no more artifacts to return. - type: string - DockerImage: - id: DockerImage - description: >- - DockerImage represents a docker artifact. The following fields are - returned as untyped metadata in the Version resource, using camelcase - keys (i.e. metadata.imageSizeBytes): * imageSizeBytes * mediaType * - buildTime + Attachment: type: object properties: - name: + target: description: >- - Required. registry_location, project_id, repository_name and image - id forms a unique image - name:`projects//locations//repositories//dockerImages/`. For - example, - "projects/test-project/locations/us-west4/repositories/test-repo/dockerImages/ - nginx@sha256:e9954c1fc875017be1c3e36eca16be2d9e9bccc4bf072163515467d6a823c7cf", - where "us-west4" is the registry_location, "test-project" is the - project_id, "test-repo" is the repository_name and - "nginx@sha256:e9954c1fc875017be1c3e36eca16be2d9e9bccc4bf072163515467d6a823c7cf" - is the image's digest. + Required. The target the attachment is for, can be a Version, + Package or Repository. E.g. + `projects/p1/locations/us-central1/repositories/repo1/packages/p1/versions/v1`. type: string - uri: + name: description: >- - Required. URL to access the image. Example: - us-west4-docker.pkg.dev/test-project/test-repo/nginx@sha256:e9954c1fc875017be1c3e36eca16be2d9e9bccc4bf072163515467d6a823c7cf + The name of the attachment. E.g. + `projects/p1/locations/us/repositories/repo/attachments/sbom`. type: string - tags: - description: Tags attached to this image. - type: array + files: items: type: string - imageSizeBytes: + type: array description: >- - Calculated size of the image. This field is returned as the - 'metadata.imageSizeBytes' field in the Version resource. + Required. The files that belong to this attachment. If the file ID + part contains slashes, they are escaped. E.g. + `projects/p1/locations/us-central1/repositories/repo1/files/sha:`. + createTime: + format: google-datetime type: string - format: int64 - uploadTime: - description: Time the image was uploaded. + readOnly: true + description: Output only. The time when the attachment was created. + updateTime: type: string format: google-datetime - mediaType: + description: Output only. The time when the attachment was last updated. + readOnly: true + type: + description: Type of attachment. E.g. `application/vnd.spdx+json` + type: string + attachmentNamespace: description: >- - Media type of this image, e.g. - "application/vnd.docker.distribution.manifest.v2+json". This field - is returned as the 'metadata.mediaType' field in the Version - resource. + The namespace this attachment belongs to. E.g. If an attachment is + created by artifact analysis, namespace is set to + `artifactanalysis.googleapis.com`. type: string - buildTime: + ociVersionName: description: >- - The time this image was built. This field is returned as the - 'metadata.buildTime' field in the Version resource. The build time - is returned to the client as an RFC 3339 string, which can be easily - used with the JavaScript Date constructor. + Output only. The name of the OCI version that this attachment + created. Only populated for Docker attachments. E.g. + `projects/p1/locations/us-central1/repositories/repo1/packages/p1/versions/v1`. type: string - format: google-datetime - updateTime: - description: Output only. The time when the docker image was last updated. readOnly: true - type: string - format: google-datetime - ListMavenArtifactsResponse: - id: ListMavenArtifactsResponse - description: The response from listing maven artifacts. + annotations: + additionalProperties: + type: string + type: object + description: >- + Optional. User annotations. These attributes can only be set and + used by the user, and not by Artifact Registry. See + https://google.aip.dev/128#annotations for more details such as + format and size limitations. + id: Attachment + description: >- + An Attachment refers to additional metadata that can be attached to + artifacts in Artifact Registry. An attachment consists of one or more + files. + Empty: + id: Empty + type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + properties: {} + MavenRepository: + id: MavenRepository type: object properties: - mavenArtifacts: - description: The maven artifacts returned. - type: array - items: - $ref: '#/components/schemas/MavenArtifact' - nextPageToken: + customRepository: + $ref: >- + #/components/schemas/GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigMavenRepositoryCustomRepository + description: Customer-specified remote repository. + publicRepository: + enumDescriptions: + - Unspecified repository. + - Maven Central. description: >- - The token to retrieve the next page of artifacts, or empty if there - are no more artifacts to return. + One of the publicly available Maven repositories supported by + Artifact Registry. type: string - MavenArtifact: - id: MavenArtifact - description: MavenArtifact represents a maven artifact. + enum: + - PUBLIC_REPOSITORY_UNSPECIFIED + - MAVEN_CENTRAL + description: Configuration for a Maven remote repository. + GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryPublicRepository: + id: >- + GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryPublicRepository + description: >- + Publicly available Apt repositories constructed from a common repository + base and a custom repository path. type: object properties: - name: + repositoryBase: + enumDescriptions: + - Unspecified repository base. + - Debian. + - Ubuntu LTS/Pro. + - Archived Debian. + description: A common public repository base for Apt. + type: string + enum: + - REPOSITORY_BASE_UNSPECIFIED + - DEBIAN + - UBUNTU + - DEBIAN_SNAPSHOT + repositoryPath: description: >- - Required. registry_location, project_id, repository_name and - maven_artifact forms a unique artifact For example, - "projects/test-project/locations/us-west4/repositories/test-repo/mavenArtifacts/ - com.google.guava:guava:31.0-jre", where "us-west4" is the - registry_location, "test-project" is the project_id, "test-repo" is - the repository_name and "com.google.guava:guava:31.0-jre" is the - maven artifact. - type: string - pomUri: - description: >- - Required. URL to access the pom file of the artifact. Example: - us-west4-maven.pkg.dev/test-project/test-repo/com/google/guava/guava/31.0/guava-31.0.pom - type: string - groupId: - description: 'Group ID for the artifact. Example: com.google.guava' + A custom field to define a path to a specific repository from the + base. type: string - artifactId: - description: Artifact ID for the artifact. + GenericArtifact: + properties: + name: type: string + description: >- + Resource name of the generic artifact. project, location, + repository, package_id and version_id create a unique generic + artifact. i.e. + "projects/test-project/locations/us-west4/repositories/test-repo/ + genericArtifacts/package_id:version_id" version: - description: Version of this artifact. + description: The version of the generic artifact. type: string createTime: - description: Output only. Time the artifact was created. readOnly: true - type: string format: google-datetime + type: string + description: Output only. The time when the Generic module is created. updateTime: - description: Output only. Time the artifact was updated. + format: google-datetime + description: Output only. The time when the Generic module is updated. readOnly: true type: string - format: google-datetime - ListNpmPackagesResponse: - id: ListNpmPackagesResponse - description: The response from listing npm packages. type: object - properties: - npmPackages: - description: The npm packages returned. - type: array - items: - $ref: '#/components/schemas/NpmPackage' - nextPageToken: - description: >- - The token to retrieve the next page of artifacts, or empty if there - are no more artifacts to return. - type: string - NpmPackage: - id: NpmPackage - description: NpmPackage represents an npm artifact. + description: GenericArtifact represents a generic artifact + id: GenericArtifact + UploadAptArtifactRequest: + description: The request to upload an artifact. + type: object + properties: {} + id: UploadAptArtifactRequest + UpstreamPolicy: + id: UpstreamPolicy type: object + description: Artifact policy configuration for the repository contents. properties: - name: - description: >- - Required. registry_location, project_id, repository_name and - npm_package forms a unique package For example, - "projects/test-project/locations/us-west4/repositories/test-repo/npmPackages/ - npm_test:1.0.0", where "us-west4" is the registry_location, - "test-project" is the project_id, "test-repo" is the repository_name - and npm_test:1.0.0" is the npm package. - type: string - packageName: - description: Package for the artifact. + id: type: string - version: - description: Version of this package. + description: The user-provided ID of the upstream policy. + repository: + description: >- + A reference to the repository resource, for example: + `projects/p1/locations/us-central1/repositories/repo1`. type: string - tags: - description: Tags attached to this package. - type: array - items: - type: string - createTime: - description: Output only. Time the package was created. - readOnly: true + priority: + format: int32 + type: integer + description: >- + Entries with a greater priority value take precedence in the pull + order. + VPCSCConfig: + description: The Artifact Registry VPC SC config that apply to a Project. + properties: + vpcscPolicy: + enumDescriptions: + - >- + VPCSC_POLICY_UNSPECIFIED - the VPS SC policy is not defined. When + VPS SC policy is not defined - the Service will use the default + behavior (VPCSC_DENY). + - >- + VPCSC_DENY - repository will block the requests to the Upstreams + for the Remote Repositories if the resource is in the perimeter. + - >- + VPCSC_ALLOW - repository will allow the requests to the Upstreams + for the Remote Repositories if the resource is in the perimeter. type: string - format: google-datetime - updateTime: - description: Output only. Time the package was updated. - readOnly: true + enum: + - VPCSC_POLICY_UNSPECIFIED + - DENY + - ALLOW + description: >- + The project per location VPC SC policy that defines the VPC SC + behavior for the Remote Repository (Allow/Deny). + name: type: string - format: google-datetime - ListPythonPackagesResponse: - id: ListPythonPackagesResponse - description: The response from listing python packages. + description: >- + The name of the project's VPC SC Config. Always of the form: + projects/{projectID}/locations/{location}/vpcscConfig In update + request: never set In response: always set + id: VPCSCConfig type: object + ImportGoogetArtifactsErrorInfo: + id: ImportGoogetArtifactsErrorInfo properties: - pythonPackages: - description: The python packages returned. + gcsSource: + description: Google Cloud Storage location requested. + $ref: '#/components/schemas/ImportGoogetArtifactsGcsSource' + error: + $ref: '#/components/schemas/Status' + description: The detailed error status. + type: object + description: Error information explaining why a package was not imported. + UploadGoModuleMediaResponse: + type: object + description: The response to upload a Go module. + id: UploadGoModuleMediaResponse + properties: + operation: + description: Operation to be returned to the user. + $ref: '#/components/schemas/Operation' + UploadGoogetArtifactResponse: + id: UploadGoogetArtifactResponse + properties: + googetArtifacts: + description: The GooGet artifacts updated. type: array items: - $ref: '#/components/schemas/PythonPackage' + $ref: '#/components/schemas/GoogetArtifact' + description: >- + The response of the completed artifact upload operation. This response + is contained in the Operation and available to users. + type: object + ListNpmPackagesResponse: + type: object + description: The response from listing npm packages. + properties: nextPageToken: + type: string description: >- The token to retrieve the next page of artifacts, or empty if there are no more artifacts to return. + npmPackages: + description: The npm packages returned. + items: + $ref: '#/components/schemas/NpmPackage' + type: array + id: ListNpmPackagesResponse + GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigDockerRepositoryCustomRepository: + properties: + uri: + description: >- + An http/https uri reference to the custom remote repository, for ex: + "https://registry-1.docker.io". type: string - PythonPackage: - id: PythonPackage - description: PythonPackage represents a python artifact. + id: >- + GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigDockerRepositoryCustomRepository + type: object + description: Customer-specified publicly available remote repository. + NpmRepository: + description: Configuration for a Npm remote repository. type: object + id: NpmRepository properties: - name: + publicRepository: + enum: + - PUBLIC_REPOSITORY_UNSPECIFIED + - NPMJS description: >- - Required. registry_location, project_id, repository_name and - python_package forms a unique package - name:`projects//locations//repository//pythonPackages/`. For - example, - "projects/test-project/locations/us-west4/repositories/test-repo/pythonPackages/ - python_package:1.0.0", where "us-west4" is the registry_location, - "test-project" is the project_id, "test-repo" is the repository_name - and python_package:1.0.0" is the python package. + One of the publicly available Npm repositories supported by Artifact + Registry. type: string + enumDescriptions: + - Unspecified repository. + - npmjs. + customRepository: + description: Customer-specified remote repository. + $ref: >- + #/components/schemas/GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigNpmRepositoryCustomRepository + UploadGenericArtifactMetadata: + id: UploadGenericArtifactMetadata + properties: {} + description: The operation metadata for uploading generic artifacts. + type: object + GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigPythonRepositoryCustomRepository: + properties: uri: description: >- - Required. URL to access the package. Example: - us-west4-python.pkg.dev/test-project/test-repo/python_package/file-name-1.0.0.tar.gz - type: string - packageName: - description: Package for the artifact. - type: string - version: - description: Version of this package. - type: string - createTime: - description: Output only. Time the package was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Time the package was updated. - readOnly: true + An http/https uri reference to the upstream remote repository, for + ex: "https://my.python.registry/". type: string - format: google-datetime - ImportAptArtifactsRequest: - id: ImportAptArtifactsRequest - description: The request to import new apt artifacts. type: object - properties: - gcsSource: - description: Google Cloud Storage location where input content is located. - $ref: '#/components/schemas/ImportAptArtifactsGcsSource' - ImportAptArtifactsGcsSource: - id: ImportAptArtifactsGcsSource - description: Google Cloud Storage location where the artifacts currently reside. + description: Customer-specified publicly available remote repository. + id: >- + GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigPythonRepositoryCustomRepository + ExportedFile: + id: ExportedFile type: object properties: - uris: - description: Cloud Storage paths URI (e.g., gs://my_bucket//my_object). - type: array - items: - type: string - useWildcards: + gcsObjectPath: description: >- - Supports URI wildcards for matching multiple objects from a single - URI. - type: boolean - ImportYumArtifactsRequest: - id: ImportYumArtifactsRequest - description: The request to import new yum artifacts. - type: object - properties: - gcsSource: - description: Google Cloud Storage location where input content is located. - $ref: '#/components/schemas/ImportYumArtifactsGcsSource' - ImportYumArtifactsGcsSource: - id: ImportYumArtifactsGcsSource - description: Google Cloud Storage location where the artifacts currently reside. - type: object - properties: - uris: - description: Cloud Storage paths URI (e.g., gs://my_bucket//my_object). - type: array + Cloud Storage Object path of the exported file. Examples: + `dst_bucket/file1`, `dst_bucket/sub_dir/file1` + type: string + hashes: items: - type: string - useWildcards: + $ref: '#/components/schemas/Hash' + description: The hashes of the file content. + type: array + name: + type: string description: >- - Supports URI wildcards for matching multiple objects from a single - URI. - type: boolean - ImportGoogetArtifactsRequest: - id: ImportGoogetArtifactsRequest - description: The request to import new googet artifacts. - type: object - properties: - gcsSource: - description: Google Cloud Storage location where input content is located. - $ref: '#/components/schemas/ImportGoogetArtifactsGcsSource' - ImportGoogetArtifactsGcsSource: - id: ImportGoogetArtifactsGcsSource - description: Google Cloud Storage location where the artifacts currently reside. + Name of the exported artifact file. Format: + `projects/p1/locations/us/repositories/repo1/files/file1` + description: The exported artifact file. + ListPackagesResponse: type: object properties: - uris: - description: Cloud Storage paths URI (e.g., `gs://my_bucket/my_object`). + packages: type: array items: - type: string - useWildcards: + $ref: '#/components/schemas/Package' + description: The packages returned. + nextPageToken: description: >- - Supports URI wildcards for matching multiple objects from a single - URI. - type: boolean - UploadAptArtifactRequest: - id: UploadAptArtifactRequest - description: The request to upload an artifact. + The token to retrieve the next page of packages, or empty if there + are no more packages to return. + type: string + description: The response from listing packages. + id: ListPackagesResponse + UpstreamCredentials: + properties: + usernamePasswordCredentials: + description: Use username and password to access the remote repository. + $ref: '#/components/schemas/UsernamePasswordCredentials' type: object - properties: {} + id: UpstreamCredentials + description: The credentials to access the remote repository. UploadAptArtifactMediaResponse: id: UploadAptArtifactMediaResponse - description: The response to upload an artifact. - type: object - properties: - operation: - description: Operation to be returned to the user. - $ref: '#/components/schemas/Operation' - UploadYumArtifactRequest: - id: UploadYumArtifactRequest - description: The request to upload an artifact. type: object - properties: {} - UploadYumArtifactMediaResponse: - id: UploadYumArtifactMediaResponse description: The response to upload an artifact. - type: object properties: operation: - description: Operation to be returned to the user. $ref: '#/components/schemas/Operation' - UploadGenericArtifactRequest: - id: UploadGenericArtifactRequest + description: Operation to be returned to the user. + Operation: + id: Operation description: >- - The request to upload a generic artifact. The created GenericArtifact - will have the resource name - {parent}/genericArtifacts/package_id:version_id. The created file will - have the resource name {parent}/files/package_id:version_id:filename. + This resource represents a long-running operation that is the result of + a network API call. type: object properties: - packageId: + done: + type: boolean description: >- - The ID of the package of the generic artifact. If the package does - not exist, a new package will be created. The `package_id` should - start and end with a letter or number, only contain letters, - numbers, hyphens, underscores, and periods, and not exceed 256 - characters. - type: string - versionId: + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object description: >- - The ID of the version of the generic artifact. If the version does - not exist, a new version will be created. The version_id must start - and end with a letter or number, can only contain lowercase letters, - numbers, the following characters [-.+~:], i.e.[a-z0-9-.+~:] and - cannot exceed a total of 128 characters. Creating a version called - `latest` is not allowed. - type: string - filename: + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + error: description: >- - The name of the file of the generic artifact to be uploaded. E.g. - `example-file.zip` The filename is limited to letters, numbers, and - url safe characters, i.e. [a-zA-Z0-9-_.~@]. + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + response: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string - UploadGenericArtifactMediaResponse: - id: UploadGenericArtifactMediaResponse - description: The response to upload a generic artifact. - type: object - properties: - operation: - description: Operation that will be returned to the user. - $ref: '#/components/schemas/Operation' - UploadKfpArtifactRequest: - id: UploadKfpArtifactRequest - description: The request to upload an artifact. + ImportAptArtifactsGcsSource: + description: Google Cloud Storage location where the artifacts currently reside. + id: ImportAptArtifactsGcsSource type: object properties: - tags: - description: Tags to be created with the version. + uris: type: array + description: Cloud Storage paths URI (e.g., gs://my_bucket//my_object). items: type: string - description: - description: Description of the package version. - type: string - UploadKfpArtifactMediaResponse: - id: UploadKfpArtifactMediaResponse - description: The response to upload an artifact. - type: object + useWildcards: + type: boolean + description: >- + Supports URI wildcards for matching multiple objects from a single + URI. + ExportArtifactMetadata: + description: The LRO metadata for exporting an artifact. + id: ExportArtifactMetadata properties: - operation: - description: Operation that will be returned to the user. - $ref: '#/components/schemas/Operation' - UploadGoModuleRequest: - id: UploadGoModuleRequest - description: The request to upload a Go module. - type: object - properties: {} - UploadGoModuleMediaResponse: - id: UploadGoModuleMediaResponse - description: The response to upload a Go module. + exportedFiles: + items: + $ref: '#/components/schemas/ExportedFile' + type: array + description: The exported artifact files. type: object - properties: - operation: - description: Operation to be returned to the user. - $ref: '#/components/schemas/Operation' - UploadGoogetArtifactRequest: - id: UploadGoogetArtifactRequest - description: The request to upload an artifact. + UploadYumArtifactMediaResponse: type: object - properties: {} - UploadGoogetArtifactMediaResponse: - id: UploadGoogetArtifactMediaResponse description: The response to upload an artifact. - type: object properties: operation: description: Operation to be returned to the user. $ref: '#/components/schemas/Operation' - ListRepositoriesResponse: - id: ListRepositoriesResponse - description: The response from listing repositories. - type: object - properties: - repositories: - description: The repositories returned. - type: array - items: - $ref: '#/components/schemas/Repository' - nextPageToken: - description: >- - The token to retrieve the next page of repositories, or empty if - there are no more repositories to return. - type: string - Repository: - id: Repository - description: A Repository for storing artifacts with a specific format. - type: object + id: UploadYumArtifactMediaResponse + ProjectSettings: + description: The Artifact Registry settings that apply to a Project. properties: - mavenConfig: - description: >- - Maven repository config contains repository level configuration for - the repositories of maven type. - $ref: '#/components/schemas/MavenRepositoryConfig' - dockerConfig: + pullPercent: description: >- - Docker repository config contains repository level configuration for - the repositories of docker type. - $ref: '#/components/schemas/DockerRepositoryConfig' - virtualRepositoryConfig: - description: Configuration specific for a Virtual Repository. - $ref: '#/components/schemas/VirtualRepositoryConfig' - remoteRepositoryConfig: - description: Configuration specific for a Remote Repository. - $ref: '#/components/schemas/RemoteRepositoryConfig' + The percentage of pull traffic to redirect from GCR to AR when using + partial redirection. + format: int32 + type: integer name: + type: string description: >- - The name of the repository, for example: - `projects/p1/locations/us-central1/repositories/repo1`. For each - location in a project, repository names must be unique. - type: string - format: - description: Optional. The format of packages that are stored in the repository. - type: string - enumDescriptions: - - Unspecified package format. - - Docker package format. - - Maven package format. - - NPM package format. - - APT package format. - - YUM package format. - - GooGet package format. - - Python package format. - - Kubeflow Pipelines package format. - - Go package format. - - Generic package format. + The name of the project's settings. Always of the form: + projects/{project-id}/projectSettings In update request: never set + In response: always set + legacyRedirectionState: enum: - - FORMAT_UNSPECIFIED - - DOCKER - - MAVEN - - NPM - - APT - - YUM - - GOOGET - - PYTHON - - KFP - - GO - - GENERIC - description: - description: The user-provided description of the repository. + - REDIRECTION_STATE_UNSPECIFIED + - REDIRECTION_FROM_GCR_IO_DISABLED + - REDIRECTION_FROM_GCR_IO_ENABLED + - REDIRECTION_FROM_GCR_IO_FINALIZED + - REDIRECTION_FROM_GCR_IO_ENABLED_AND_COPYING + - REDIRECTION_FROM_GCR_IO_PARTIAL_AND_COPYING + description: The redirection state of the legacy repositories in this project. + enumDescriptions: + - No redirection status has been set. + - Redirection is disabled. + - Redirection is enabled. + - >- + Redirection is enabled, and has been finalized so cannot be + reverted. + - Redirection is enabled and missing images are copied from GCR + - >- + Redirection is partially enabled and missing images are copied + from GCR + enumDeprecated: + - false + - false + - false + - true + - false + - false type: string - labels: - description: >- - Labels with user-defined metadata. This field may contain up to 64 - entries. Label keys and values may be no longer than 63 characters. - Label keys must begin with a lowercase letter and may only contain - lowercase letters, numeric characters, underscores, and dashes. + type: object + id: ProjectSettings + Version: + properties: + annotations: type: object + description: Optional. Client specified annotations. additionalProperties: type: string - createTime: - description: Output only. The time when the repository was created. - readOnly: true + description: + description: Optional. Description of the version, as specified in its metadata. type: string - format: google-datetime updateTime: - description: Output only. The time when the repository was last updated. - readOnly: true type: string + description: The time when the version was last updated. format: google-datetime - kmsKeyName: + name: description: >- - The Cloud KMS resource name of the customer managed encryption key - that's used to encrypt the contents of the Repository. Has the form: - `projects/my-project/locations/my-region/keyRings/my-kr/cryptoKeys/my-key`. - This value may not be changed after the Repository has been created. - type: string - mode: - description: Optional. The mode of the repository. + The name of the version, for example: + `projects/p1/locations/us-central1/repositories/repo1/packages/pkg1/versions/art1`. + If the package or version ID parts contain slashes, the slashes are + escaped. type: string - enumDescriptions: - - Unspecified mode. - - A standard repository storing artifacts. - - A virtual repository to serve artifacts from one or more sources. - - A remote repository to serve artifacts from a remote source. - - An AOSS repository provides artifacts from AOSS upstreams. - - Replacement of AOSS_REPOSITORY. - enum: - - MODE_UNSPECIFIED - - STANDARD_REPOSITORY - - VIRTUAL_REPOSITORY - - REMOTE_REPOSITORY - - AOSS_REPOSITORY - - ASSURED_OSS_REPOSITORY - cleanupPolicies: - description: >- - Optional. Cleanup policies for this repository. Cleanup policies - indicate when certain package versions can be automatically deleted. - Map keys are policy IDs supplied by users during policy creation. - They must unique within a repository and be under 128 characters in - length. + metadata: type: object + readOnly: true + description: >- + Output only. Repository-specific Metadata stored against this + version. The fields returned are defined by the underlying + repository-specific resource. Currently, the resources could be: + DockerImage MavenArtifact additionalProperties: - $ref: '#/components/schemas/CleanupPolicy' - sizeBytes: + type: any + description: Properties of the object. + relatedTags: description: >- - Output only. The size, in bytes, of all artifact storage in this - repository. Repositories that are generally available or in public - preview use this to calculate storage costs. - readOnly: true + Output only. A list of related tags. Will contain up to 100 tags + that reference this version. + type: array + items: + $ref: '#/components/schemas/Tag' + createTime: + format: google-datetime + description: The time when the version was created. + type: string + id: Version + description: >- + The body of a version resource. A version resource represents a + collection of components, such as files and other data. This may + correspond to a version in many package management schemes. + type: object + ImportAptArtifactsRequest: + properties: + gcsSource: + $ref: '#/components/schemas/ImportAptArtifactsGcsSource' + description: Google Cloud Storage location where input content is located. + description: The request to import new apt artifacts. + id: ImportAptArtifactsRequest + type: object + MavenArtifact: + properties: + version: + type: string + description: Version of this artifact. + artifactId: + description: Artifact ID for the artifact. + type: string + groupId: + type: string + description: 'Group ID for the artifact. Example: com.google.guava' + name: type: string - format: int64 - satisfiesPzs: - description: Output only. Whether or not this repository satisfies PZS. - readOnly: true - type: boolean - cleanupPolicyDryRun: - description: >- - Optional. If true, the cleanup pipeline is prevented from deleting - versions in this repository. - type: boolean - vulnerabilityScanningConfig: description: >- - Optional. Config and state for vulnerability scanning of resources - within this Repository. - $ref: '#/components/schemas/VulnerabilityScanningConfig' - disallowUnspecifiedMode: + Required. registry_location, project_id, repository_name and + maven_artifact forms a unique artifact For example, + "projects/test-project/locations/us-west4/repositories/test-repo/mavenArtifacts/ + com.google.guava:guava:31.0-jre", where "us-west4" is the + registry_location, "test-project" is the project_id, "test-repo" is + the repository_name and "com.google.guava:guava:31.0-jre" is the + maven artifact. + pomUri: description: >- - Optional. If this is true, an unspecified repo type will be treated - as error rather than defaulting to standard. - type: boolean - satisfiesPzi: - description: Output only. Whether or not this repository satisfies PZI. + Required. URL to access the pom file of the artifact. Example: + us-west4-maven.pkg.dev/test-project/test-repo/com/google/guava/guava/31.0/guava-31.0.pom + type: string + updateTime: readOnly: true - type: boolean - registryUri: - description: >- - Output only. The repository endpoint, for example: - `us-docker.pkg.dev/my-proj/my-repo`. + format: google-datetime + description: Output only. Time the artifact was updated. + type: string + createTime: readOnly: true type: string - MavenRepositoryConfig: - id: MavenRepositoryConfig - description: >- - MavenRepositoryConfig is maven related repository details. Provides - additional configuration details for repositories of the maven format - type. + format: google-datetime + description: Output only. Time the artifact was created. + description: MavenArtifact represents a maven artifact. + type: object + id: MavenArtifact + YumArtifact: + description: A detailed representation of a Yum artifact. + id: YumArtifact type: object properties: - allowSnapshotOverwrites: - description: >- - The repository with this flag will allow publishing the same - snapshot versions. - type: boolean - versionPolicy: - description: Version policy defines the versions that the registry will accept. + name: + description: Output only. The Artifact Registry resource name of the artifact. + readOnly: true + type: string + architecture: + readOnly: true type: string + description: Output only. Operating system architecture of the artifact. + packageType: + readOnly: true + description: Output only. An artifact is a binary or source package. enumDescriptions: - - >- - VERSION_POLICY_UNSPECIFIED - the version policy is not defined. - When the version policy is not defined, no validation is performed - for the versions. - - RELEASE - repository will accept only Release versions. - - SNAPSHOT - repository will accept only Snapshot versions. + - Package type is not specified. + - Binary package (.rpm). + - Source package (.srpm). enum: - - VERSION_POLICY_UNSPECIFIED - - RELEASE - - SNAPSHOT - DockerRepositoryConfig: - id: DockerRepositoryConfig - description: >- - DockerRepositoryConfig is docker related repository details. Provides - additional configuration details for repositories of the docker format - type. - type: object - properties: - immutableTags: - description: >- - The repository which enabled this flag prevents all tags from being - modified, moved or deleted. This does not prevent tags from being - created. - type: boolean - VirtualRepositoryConfig: - id: VirtualRepositoryConfig - description: Virtual repository configuration. - type: object - properties: - upstreamPolicies: - description: >- - Policies that configure the upstream artifacts distributed by the - Virtual Repository. Upstream policies cannot be set on a standard - repository. - type: array - items: - $ref: '#/components/schemas/UpstreamPolicy' - UpstreamPolicy: - id: UpstreamPolicy - description: Artifact policy configuration for the repository contents. - type: object - properties: - id: - description: The user-provided ID of the upstream policy. + - PACKAGE_TYPE_UNSPECIFIED + - BINARY + - SOURCE type: string - repository: - description: >- - A reference to the repository resource, for example: - `projects/p1/locations/us-central1/repositories/repo1`. + packageName: + readOnly: true type: string - priority: - description: >- - Entries with a greater priority value take precedence in the pull - order. - type: integer - format: int32 + description: Output only. The yum package name of the artifact. + ImportAptArtifactsErrorInfo: + type: object + id: ImportAptArtifactsErrorInfo + properties: + error: + $ref: '#/components/schemas/Status' + description: The detailed error status. + gcsSource: + description: Google Cloud Storage location requested. + $ref: '#/components/schemas/ImportAptArtifactsGcsSource' + description: Error information explaining why a package was not imported. RemoteRepositoryConfig: - id: RemoteRepositoryConfig - description: Remote repository configuration. type: object + description: Remote repository configuration. + id: RemoteRepositoryConfig properties: - dockerRepository: - description: Specific settings for a Docker remote repository. - $ref: '#/components/schemas/DockerRepository' - mavenRepository: - description: Specific settings for a Maven remote repository. - $ref: '#/components/schemas/MavenRepository' + pythonRepository: + $ref: '#/components/schemas/PythonRepository' + description: Specific settings for a Python remote repository. npmRepository: description: Specific settings for an Npm remote repository. $ref: '#/components/schemas/NpmRepository' - pythonRepository: - description: Specific settings for a Python remote repository. - $ref: '#/components/schemas/PythonRepository' - aptRepository: - description: Specific settings for an Apt remote repository. - $ref: '#/components/schemas/AptRepository' + upstreamCredentials: + $ref: '#/components/schemas/UpstreamCredentials' + description: Optional. The credentials used to access the remote repository. + dockerRepository: + description: Specific settings for a Docker remote repository. + $ref: '#/components/schemas/DockerRepository' + description: + description: The description of the remote source. + type: string yumRepository: description: Specific settings for a Yum remote repository. $ref: '#/components/schemas/YumRepository' + aptRepository: + description: Specific settings for an Apt remote repository. + $ref: '#/components/schemas/AptRepository' + mavenRepository: + description: Specific settings for a Maven remote repository. + $ref: '#/components/schemas/MavenRepository' commonRepository: description: >- Common remote repository settings. Used as the remote repository upstream URL. $ref: '#/components/schemas/CommonRemoteRepository' - description: - description: The description of the remote source. - type: string - upstreamCredentials: - description: Optional. The credentials used to access the remote repository. - $ref: '#/components/schemas/UpstreamCredentials' disableUpstreamValidation: + type: boolean description: >- Input only. A create/update remote repo option to avoid making a HEAD/GET request to validate a remote repo and any supplied upstream credentials. - type: boolean + Expr: + type: object + id: Expr + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + properties: + description: + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + title: + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + type: string + expression: + type: string + description: >- + Textual representation of an expression in Common Expression + Language syntax. + location: + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: string DockerRepository: id: DockerRepository description: Configuration for a Docker remote repository. - type: object properties: publicRepository: - description: >- - One of the publicly available Docker repositories supported by - Artifact Registry. - type: string enumDescriptions: - Unspecified repository. - Docker Hub. enum: - PUBLIC_REPOSITORY_UNSPECIFIED - DOCKER_HUB + type: string + description: >- + One of the publicly available Docker repositories supported by + Artifact Registry. customRepository: - description: Customer-specified remote repository. $ref: >- #/components/schemas/GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigDockerRepositoryCustomRepository - GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigDockerRepositoryCustomRepository: - id: >- - GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigDockerRepositoryCustomRepository - description: Customer-specified publicly available remote repository. + description: Customer-specified remote repository. type: object - properties: - uri: - description: >- - An http/https uri reference to the custom remote repository, for ex: - "https://registry-1.docker.io". - type: string - MavenRepository: - id: MavenRepository - description: Configuration for a Maven remote repository. + VirtualRepositoryConfig: type: object + description: Virtual repository configuration. properties: - publicRepository: + upstreamPolicies: + type: array + items: + $ref: '#/components/schemas/UpstreamPolicy' description: >- - One of the publicly available Maven repositories supported by - Artifact Registry. - type: string - enumDescriptions: - - Unspecified repository. - - Maven Central. - enum: - - PUBLIC_REPOSITORY_UNSPECIFIED - - MAVEN_CENTRAL + Policies that configure the upstream artifacts distributed by the + Virtual Repository. Upstream policies cannot be set on a standard + repository. + id: VirtualRepositoryConfig + AptRepository: + properties: customRepository: description: Customer-specified remote repository. $ref: >- - #/components/schemas/GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigMavenRepositoryCustomRepository - GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigMavenRepositoryCustomRepository: - id: >- - GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigMavenRepositoryCustomRepository - description: Customer-specified publicly available remote repository. - type: object - properties: - uri: - description: >- - An http/https uri reference to the upstream remote repository, for - ex: "https://my.maven.registry/". - type: string - NpmRepository: - id: NpmRepository - description: Configuration for a Npm remote repository. - type: object - properties: + #/components/schemas/GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryCustomRepository publicRepository: description: >- - One of the publicly available Npm repositories supported by Artifact + One of the publicly available Apt repositories supported by Artifact Registry. - type: string - enumDescriptions: - - Unspecified repository. - - npmjs. - enum: - - PUBLIC_REPOSITORY_UNSPECIFIED - - NPMJS - customRepository: - description: Customer-specified remote repository. $ref: >- - #/components/schemas/GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigNpmRepositoryCustomRepository - GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigNpmRepositoryCustomRepository: - id: >- - GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigNpmRepositoryCustomRepository - description: Customer-specified publicly available remote repository. + #/components/schemas/GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryPublicRepository + description: Configuration for an Apt remote repository. + id: AptRepository type: object + CleanupPolicy: + id: CleanupPolicy properties: - uri: + mostRecentVersions: + $ref: '#/components/schemas/CleanupPolicyMostRecentVersions' description: >- - An http/https uri reference to the upstream remote repository, for - ex: "https://my.npm.registry/". + Policy condition for retaining a minimum number of versions. May + only be specified with a Keep action. + condition: + $ref: '#/components/schemas/CleanupPolicyCondition' + description: Policy condition for matching versions. + action: + enumDescriptions: + - Action not specified. + - Delete action. + - Keep action. type: string - PythonRepository: - id: PythonRepository - description: Configuration for a Python remote repository. + description: Policy action. + enum: + - ACTION_UNSPECIFIED + - DELETE + - KEEP + id: + description: The user-provided ID of the cleanup policy. + type: string + description: Artifact policy configuration for repository cleanup policies. + type: object + BatchDeleteVersionsMetadata: + description: The metadata of an LRO from deleting multiple versions. + id: BatchDeleteVersionsMetadata type: object properties: - publicRepository: + failedVersions: + description: The versions the operation failed to delete. + type: array + items: + type: string + UsernamePasswordCredentials: + id: UsernamePasswordCredentials + description: Username and password credentials. + properties: + username: + description: The username to access the remote repository. + type: string + passwordSecretVersion: description: >- - One of the publicly available Python repositories supported by - Artifact Registry. + The Secret Manager key version that holds the password to access the + remote repository. Must be in the format of + `projects/{project}/secrets/{secret}/versions/{version}`. type: string - enumDescriptions: - - Unspecified repository. - - PyPI. - enum: - - PUBLIC_REPOSITORY_UNSPECIFIED - - PYPI - customRepository: - description: Customer-specified remote repository. - $ref: >- - #/components/schemas/GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigPythonRepositoryCustomRepository - GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigPythonRepositoryCustomRepository: - id: >- - GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigPythonRepositoryCustomRepository - description: Customer-specified publicly available remote repository. type: object + OperationMetadata: + type: object + description: Metadata type for longrunning-operations, currently empty. + properties: {} + id: OperationMetadata + UploadGenericArtifactMediaResponse: properties: - uri: - description: >- - An http/https uri reference to the upstream remote repository, for - ex: "https://my.python.registry/". + operation: + $ref: '#/components/schemas/Operation' + description: Operation that will be returned to the user. + id: UploadGenericArtifactMediaResponse + description: The response to upload a generic artifact. + type: object + UploadYumArtifactRequest: + description: The request to upload an artifact. + type: object + id: UploadYumArtifactRequest + properties: {} + ImportYumArtifactsResponse: + properties: + errors: + description: Detailed error info for packages that were not imported. + type: array + items: + $ref: '#/components/schemas/ImportYumArtifactsErrorInfo' + yumArtifacts: + type: array + description: The yum artifacts imported. + items: + $ref: '#/components/schemas/YumArtifact' + description: The response message from importing YUM artifacts. + type: object + id: ImportYumArtifactsResponse + ImportYumArtifactsMetadata: + type: object + id: ImportYumArtifactsMetadata + properties: {} + description: The operation metadata for importing artifacts. + Hash: + id: Hash + type: object + description: A hash of file content. + properties: + type: + enum: + - HASH_TYPE_UNSPECIFIED + - SHA256 + - MD5 + description: The algorithm used to compute the hash value. + enumDescriptions: + - Unspecified. + - SHA256 hash. + - MD5 hash. type: string - AptRepository: - id: AptRepository - description: Configuration for an Apt remote repository. + value: + description: The hash value. + format: byte + type: string + ListRulesResponse: + description: The response from listing rules. type: object + id: ListRulesResponse properties: - publicRepository: + nextPageToken: + type: string description: >- - One of the publicly available Apt repositories supported by Artifact - Registry. - $ref: >- - #/components/schemas/GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryPublicRepository - customRepository: - description: Customer-specified remote repository. - $ref: >- - #/components/schemas/GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryCustomRepository - GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryPublicRepository: - id: >- - GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryPublicRepository - description: >- - Publicly available Apt repositories constructed from a common repository - base and a custom repository path. - type: object + The token to retrieve the next page of rules, or empty if there are + no more rules to return. + rules: + items: + $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1Rule' + type: array + description: The rules returned. + Tag: properties: - repositoryBase: - description: A common public repository base for Apt. + version: type: string - enumDescriptions: - - Unspecified repository base. - - Debian. - - Ubuntu LTS/Pro. - - Archived Debian. - enum: - - REPOSITORY_BASE_UNSPECIFIED - - DEBIAN - - UBUNTU - - DEBIAN_SNAPSHOT - repositoryPath: description: >- - A custom field to define a path to a specific repository from the - base. + The name of the version the tag refers to, for example: + `projects/p1/locations/us-central1/repositories/repo1/packages/pkg1/versions/sha256:5243811` + If the package or version ID parts contain slashes, the slashes are + escaped. + name: + description: >- + The name of the tag, for example: + "projects/p1/locations/us-central1/repositories/repo1/packages/pkg1/tags/tag1". + If the package part contains slashes, the slashes are escaped. The + tag part can only have characters in [a-zA-Z0-9\-._~:@], anything + else must be URL encoded. type: string - GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryCustomRepository: - id: >- - GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryCustomRepository - description: Customer-specified publicly available remote repository. type: object + description: >- + Tags point to a version and represent an alternative name that can be + used to access the version. + id: Tag + KfpArtifact: + type: object + id: KfpArtifact properties: - uri: + version: description: >- - An http/https uri reference to the upstream remote repository, for - ex: "https://my.apt.registry/". + The version associated with the KFP artifact. Must follow the + Semantic Versioning standard. type: string - YumRepository: - id: YumRepository - description: Configuration for a Yum remote repository. + name: + readOnly: true + description: >- + Output only. Resource name of the KFP artifact. Since users don't + directly interact with this resource, the name will be derived from + the associated version. For example, when version = + ".../versions/sha256:abcdef...", the name will be + ".../kfpArtifacts/sha256:abcdef...". + type: string + description: A detailed representation of a KFP artifact. + UploadGenericArtifactRequest: type: object properties: - publicRepository: + filename: + type: string description: >- - One of the publicly available Yum repositories supported by Artifact - Registry. - $ref: >- - #/components/schemas/GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigYumRepositoryPublicRepository - customRepository: - description: Customer-specified remote repository. - $ref: >- - #/components/schemas/GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigYumRepositoryCustomRepository - GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigYumRepositoryPublicRepository: - id: >- - GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigYumRepositoryPublicRepository + The name of the file of the generic artifact to be uploaded. E.g. + `example-file.zip` The filename is limited to letters, numbers, and + url safe characters, i.e. [a-zA-Z0-9-_.~@]. + packageId: + description: >- + The ID of the package of the generic artifact. If the package does + not exist, a new package will be created. The `package_id` should + start and end with a letter or number, only contain letters, + numbers, hyphens, underscores, and periods, and not exceed 256 + characters. + type: string + versionId: + description: >- + The ID of the version of the generic artifact. If the version does + not exist, a new version will be created. The version_id must start + and end with a letter or number, can only contain lowercase letters, + numbers, the following characters [-.+~:], i.e.[a-z0-9-.+~:] and + cannot exceed a total of 128 characters. Creating a version called + `latest` is not allowed. + type: string + id: UploadGenericArtifactRequest description: >- - Publicly available Yum repositories constructed from a common repository - base and a custom repository path. + The request to upload a generic artifact. The created GenericArtifact + will have the resource name + {parent}/genericArtifacts/package_id:version_id. The created file will + have the resource name {parent}/files/package_id:version_id:filename. + UploadFileMediaResponse: type: object + properties: + operation: + description: Operation that will be returned to the user. + $ref: '#/components/schemas/Operation' + description: The response to upload a generic artifact. + id: UploadFileMediaResponse + GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigYumRepositoryPublicRepository: properties: repositoryBase: - description: A common public repository base for Yum. type: string + description: A common public repository base for Yum. enumDescriptions: - Unspecified repository base. - CentOS. @@ -1034,6 +1021,12 @@ components: A custom field to define a path to a specific repository from the base. type: string + description: >- + Publicly available Yum repositories constructed from a common repository + base and a custom repository path. + id: >- + GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigYumRepositoryPublicRepository + type: object GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigYumRepositoryCustomRepository: id: >- GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigYumRepositoryCustomRepository @@ -1041,666 +1034,818 @@ components: type: object properties: uri: + type: string description: >- An http/https uri reference to the upstream remote repository, for ex: "https://my.yum.registry/". + ListDockerImagesResponse: + properties: + dockerImages: + type: array + items: + $ref: '#/components/schemas/DockerImage' + description: The docker images returned. + nextPageToken: + description: >- + The token to retrieve the next page of artifacts, or empty if there + are no more artifacts to return. type: string - CommonRemoteRepository: - id: CommonRemoteRepository - description: Common remote repository settings type. - type: object - properties: - uri: - description: Required. A common public repository base for remote repository. - type: string - UpstreamCredentials: - id: UpstreamCredentials - description: The credentials to access the remote repository. - type: object - properties: - usernamePasswordCredentials: - description: Use username and password to access the remote repository. - $ref: '#/components/schemas/UsernamePasswordCredentials' - UsernamePasswordCredentials: - id: UsernamePasswordCredentials - description: Username and password credentials. - type: object - properties: - username: - description: The username to access the remote repository. - type: string - passwordSecretVersion: - description: >- - The Secret Manager key version that holds the password to access the - remote repository. Must be in the format of - `projects/{project}/secrets/{secret}/versions/{version}`. - type: string - CleanupPolicy: - id: CleanupPolicy - description: Artifact policy configuration for repository cleanup policies. - type: object - properties: - condition: - description: Policy condition for matching versions. - $ref: '#/components/schemas/CleanupPolicyCondition' - mostRecentVersions: - description: >- - Policy condition for retaining a minimum number of versions. May - only be specified with a Keep action. - $ref: '#/components/schemas/CleanupPolicyMostRecentVersions' - id: - description: The user-provided ID of the cleanup policy. - type: string - action: - description: Policy action. - type: string - enumDescriptions: - - Action not specified. - - Delete action. - - Keep action. - enum: - - ACTION_UNSPECIFIED - - DELETE - - KEEP - CleanupPolicyCondition: - id: CleanupPolicyCondition - description: >- - CleanupPolicyCondition is a set of conditions attached to a - CleanupPolicy. If multiple entries are set, all must be satisfied for - the condition to be satisfied. + description: The response from listing docker images. + id: ListDockerImagesResponse type: object + ListVersionsResponse: + id: ListVersionsResponse properties: - tagState: - description: Match versions by tag status. - type: string - enumDescriptions: - - Tag status not specified. - - Applies to tagged versions only. - - Applies to untagged versions only. - - Applies to all versions. - enum: - - TAG_STATE_UNSPECIFIED - - TAGGED - - UNTAGGED - - ANY - tagPrefixes: - description: Match versions by tag prefix. Applied on any prefix match. - type: array - items: - type: string - versionNamePrefixes: - description: Match versions by version name prefix. Applied on any prefix match. - type: array + versions: items: - type: string - packageNamePrefixes: - description: Match versions by package prefix. Applied on any prefix match. + $ref: '#/components/schemas/Version' + description: The versions returned. type: array - items: - type: string - olderThan: - description: Match versions older than a duration. - type: string - format: google-duration - newerThan: - description: Match versions newer than a duration. + nextPageToken: type: string - format: google-duration - CleanupPolicyMostRecentVersions: - id: CleanupPolicyMostRecentVersions - description: >- - CleanupPolicyMostRecentVersions is an alternate condition of a - CleanupPolicy for retaining a minimum number of versions. + description: >- + The token to retrieve the next page of versions, or empty if there + are no more versions to return. type: object - properties: - packageNamePrefixes: - description: List of package name prefixes that will apply this rule. - type: array - items: - type: string - keepCount: - description: Minimum number of versions to keep. - type: integer - format: int32 + description: The response from listing versions. VulnerabilityScanningConfig: - id: VulnerabilityScanningConfig description: >- Config on whether to perform vulnerability scanning for resources in this repository, as well as output fields describing current state. + id: VulnerabilityScanningConfig type: object properties: - enablementConfig: - description: >- - Optional. Config for whether this repository has vulnerability - scanning disabled. - type: string - enumDescriptions: - - Not set. This will be treated as INHERITED. - - Scanning is Enabled, but dependent on API enablement. - - >- - No automatic vulnerability scanning will be performed for this - repository. - enum: - - ENABLEMENT_CONFIG_UNSPECIFIED - - INHERITED - - DISABLED lastEnableTime: - description: Output only. The last time this repository config was enabled. - readOnly: true type: string + readOnly: true format: google-datetime + description: Output only. The last time this repository config was enabled. enablementState: - description: >- - Output only. State of feature enablement, combining repository - enablement config and API enablement state. - readOnly: true - type: string enumDescriptions: - Enablement state is unclear. - Repository does not support vulnerability scanning. - Vulnerability scanning is disabled for this repository. - Vulnerability scanning is active for this repository. + readOnly: true enum: - ENABLEMENT_STATE_UNSPECIFIED - SCANNING_UNSUPPORTED - SCANNING_DISABLED - SCANNING_ACTIVE + type: string + description: >- + Output only. State of feature enablement, combining repository + enablement config and API enablement state. + enablementConfig: + enumDescriptions: + - >- + Not set. This will be treated as INHERITED for Docker repositories + and DISABLED for non-Docker repositories. + - Scanning is Enabled, but dependent on API enablement. + - >- + No automatic vulnerability scanning will be performed for this + repository. + enum: + - ENABLEMENT_CONFIG_UNSPECIFIED + - INHERITED + - DISABLED + type: string + description: >- + Optional. Config for whether this repository has vulnerability + scanning disabled. enablementStateReason: - description: Output only. Reason for the repository state. - readOnly: true type: string - ListPackagesResponse: - id: ListPackagesResponse - description: The response from listing packages. + readOnly: true + description: Output only. Reason for the repository state. + ImportYumArtifactsErrorInfo: type: object + id: ImportYumArtifactsErrorInfo + description: Error information explaining why a package was not imported. properties: - packages: - description: The packages returned. - type: array - items: - $ref: '#/components/schemas/Package' - nextPageToken: + gcsSource: + $ref: '#/components/schemas/ImportYumArtifactsGcsSource' + description: Google Cloud Storage location requested. + error: + $ref: '#/components/schemas/Status' + description: The detailed error status. + SetIamPolicyRequest: + properties: + policy: + $ref: '#/components/schemas/Policy' description: >- - The token to retrieve the next page of packages, or empty if there - are no more packages to return. - type: string - Package: - id: Package - description: Packages are named collections of versions. + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + description: Request message for `SetIamPolicy` method. + id: SetIamPolicyRequest + type: object + DockerRepositoryConfig: type: object + description: >- + DockerRepositoryConfig is docker related repository details. Provides + additional configuration details for repositories of the docker format + type. properties: - name: + immutableTags: + type: boolean description: >- - The name of the package, for example: - `projects/p1/locations/us-central1/repositories/repo1/packages/pkg1`. - If the package ID part contains slashes, the slashes are escaped. - type: string - displayName: - description: The display name of the package. + The repository which enabled this flag prevents all tags from being + modified, moved or deleted. This does not prevent tags from being + created. + id: DockerRepositoryConfig + GoogleDevtoolsArtifactregistryV1Rule: + description: >- + A rule defines the deny or allow action of the operation it applies to + and the conditions required for the rule to apply. You can set one rule + for an entire repository and one rule for each package within. + type: object + properties: + operation: + enum: + - OPERATION_UNSPECIFIED + - DOWNLOAD type: string - createTime: - description: The time when the package was created. + enumDescriptions: + - Operation not specified. + - Download operation. + name: + description: >- + The name of the rule, for example: + `projects/p1/locations/us-central1/repositories/repo1/rules/rule1`. type: string - format: google-datetime - updateTime: + condition: description: >- - The time when the package was last updated. This includes publishing - a new version of the package. + Optional. A CEL expression for conditions that must be met in order + for the rule to apply. If not provided, the rule matches all + objects. + $ref: '#/components/schemas/Expr' + packageId: type: string - format: google-datetime - annotations: - description: Optional. Client specified annotations. - type: object - additionalProperties: - type: string - ListVersionsResponse: - id: ListVersionsResponse - description: The response from listing versions. + description: >- + The package ID the rule applies to. If empty, this rule applies to + all packages inside the repository. + action: + enum: + - ACTION_UNSPECIFIED + - ALLOW + - DENY + enumDescriptions: + - Action not specified. + - Allow the operation. + - Deny the operation. + description: The action this rule takes. + type: string + id: GoogleDevtoolsArtifactregistryV1Rule + UploadFileRequest: + properties: + fileId: + description: >- + Optional. The ID of the file. If left empty will default to sha256 + digest of the content uploaded. + type: string + type: object + description: The request to upload a file. + id: UploadFileRequest + CleanupPolicyMostRecentVersions: type: object + id: CleanupPolicyMostRecentVersions properties: - versions: - description: The versions returned. - type: array + packageNamePrefixes: + description: List of package name prefixes that will apply this rule. items: - $ref: '#/components/schemas/Version' - nextPageToken: - description: >- - The token to retrieve the next page of versions, or empty if there - are no more versions to return. + type: string + type: array + keepCount: + format: int32 + description: Minimum number of versions to keep. + type: integer + description: >- + CleanupPolicyMostRecentVersions is an alternate condition of a + CleanupPolicy for retaining a minimum number of versions. + UploadGoogetArtifactMetadata: + id: UploadGoogetArtifactMetadata + type: object + description: The operation metadata for uploading artifacts. + properties: {} + CommonRemoteRepository: + id: CommonRemoteRepository + properties: + uri: type: string - Version: - id: Version + description: Required. A common public repository base for remote repository. + type: object + description: Common remote repository settings type. + UploadAptArtifactResponse: description: >- - The body of a version resource. A version resource represents a - collection of components, such as files and other data. This may - correspond to a version in many package management schemes. + The response of the completed artifact upload operation. This response + is contained in the Operation and available to users. + id: UploadAptArtifactResponse + properties: + aptArtifacts: + items: + $ref: '#/components/schemas/AptArtifact' + description: The Apt artifacts updated. + type: array type: object + ExportArtifactRequest: + description: The request for exporting an artifact to a destination. + type: object + id: ExportArtifactRequest properties: - name: + gcsPath: description: >- - The name of the version, for example: - `projects/p1/locations/us-central1/repositories/repo1/packages/pkg1/versions/art1`. - If the package or version ID parts contain slashes, the slashes are - escaped. - type: string - description: - description: Optional. Description of the version, as specified in its metadata. - type: string - createTime: - description: The time when the version was created. + The Cloud Storage path to export the artifact to. Should start with + the bucket name, and optionally have a directory path. Examples: + `dst_bucket`, `dst_bucket/sub_dir`. Existing objects with the same + path will be overwritten. type: string - format: google-datetime - updateTime: - description: The time when the version was last updated. + sourceTag: type: string - format: google-datetime - relatedTags: description: >- - Output only. A list of related tags. Will contain up to 100 tags - that reference this version. - type: array - items: - $ref: '#/components/schemas/Tag' - metadata: + The artifact tag to export. + Format:projects/{project}/locations/{location}/repositories/{repository}/packages/{package}/tags/{tag} + sourceVersion: description: >- - Output only. Repository-specific Metadata stored against this - version. The fields returned are defined by the underlying - repository-specific resource. Currently, the resources could be: - DockerImage MavenArtifact - readOnly: true - type: object - additionalProperties: - type: any - description: Properties of the object. - annotations: - description: Optional. Client specified annotations. - type: object - additionalProperties: - type: string - Tag: - id: Tag - description: >- - Tags point to a version and represent an alternative name that can be - used to access the version. - type: object + The artifact version to export. Format: + projects/{project}/locations/{location}/repositories/{repository}/packages/{package}/versions/{version} + type: string + PythonRepository: + description: Configuration for a Python remote repository. + id: PythonRepository properties: - name: - description: >- - The name of the tag, for example: - "projects/p1/locations/us-central1/repositories/repo1/packages/pkg1/tags/tag1". - If the package part contains slashes, the slashes are escaped. The - tag part can only have characters in [a-zA-Z0-9\-._~:@], anything - else must be URL encoded. + customRepository: + $ref: >- + #/components/schemas/GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigPythonRepositoryCustomRepository + description: Customer-specified remote repository. + publicRepository: + enum: + - PUBLIC_REPOSITORY_UNSPECIFIED + - PYPI type: string - version: + enumDescriptions: + - Unspecified repository. + - PyPI. description: >- - The name of the version the tag refers to, for example: - `projects/p1/locations/us-central1/repositories/repo1/packages/pkg1/versions/sha256:5243811` - If the package or version ID parts contain slashes, the slashes are - escaped. - type: string - BatchDeleteVersionsRequest: - id: BatchDeleteVersionsRequest - description: The request to delete multiple versions across a repository. + One of the publicly available Python repositories supported by + Artifact Registry. + type: object + ImportGoogetArtifactsGcsSource: type: object properties: - names: + useWildcards: + type: boolean description: >- - Required. The names of the versions to delete. The maximum number of - versions deleted per batch is determined by the service and is - dependent on the available resources in the region. + Supports URI wildcards for matching multiple objects from a single + URI. + uris: type: array + description: Cloud Storage paths URI (e.g., `gs://my_bucket/my_object`). items: type: string - validateOnly: - description: >- - If true, the request is performed without deleting data, following - AIP-163. - type: boolean - ListFilesResponse: - id: ListFilesResponse - description: The response from listing files. - type: object + id: ImportGoogetArtifactsGcsSource + description: Google Cloud Storage location where the artifacts currently reside. + ListPythonPackagesResponse: properties: - files: - description: The files returned. - type: array + pythonPackages: + description: The python packages returned. items: - $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1File' + $ref: '#/components/schemas/PythonPackage' + type: array nextPageToken: - description: >- - The token to retrieve the next page of files, or empty if there are - no more files to return. type: string - GoogleDevtoolsArtifactregistryV1File: - id: GoogleDevtoolsArtifactregistryV1File - description: >- - Files store content that is potentially associated with Packages or - Versions. + description: >- + The token to retrieve the next page of artifacts, or empty if there + are no more artifacts to return. + description: The response from listing python packages. + id: ListPythonPackagesResponse + type: object + ImportYumArtifactsRequest: type: object properties: - name: - description: >- - The name of the file, for example: - `projects/p1/locations/us-central1/repositories/repo1/files/a%2Fb%2Fc.txt`. - If the file ID part contains slashes, they are escaped. - type: string - sizeBytes: - description: The size of the File in bytes. + gcsSource: + $ref: '#/components/schemas/ImportYumArtifactsGcsSource' + description: Google Cloud Storage location where input content is located. + id: ImportYumArtifactsRequest + description: The request to import new yum artifacts. + NpmPackage: + id: NpmPackage + type: object + properties: + version: + description: Version of this package. type: string - format: int64 - hashes: - description: The hashes of the file content. - type: array - items: - $ref: '#/components/schemas/Hash' createTime: - description: Output only. The time when the File was created. - readOnly: true + description: Output only. Time the package was created. type: string + readOnly: true format: google-datetime + tags: + type: array + items: + type: string + description: Tags attached to this package. updateTime: - description: Output only. The time when the File was last updated. - readOnly: true type: string format: google-datetime - owner: - description: The name of the Package or Version that owns this file, if any. + readOnly: true + description: Output only. Time the package was updated. + packageName: + description: Package for the artifact. type: string - fetchTime: + name: description: >- - Output only. The time when the last attempt to refresh the file's - data was made. Only set when the repository is remote. - readOnly: true + Required. registry_location, project_id, repository_name and + npm_package forms a unique package For example, + "projects/test-project/locations/us-west4/repositories/test-repo/npmPackages/ + npm_test:1.0.0", where "us-west4" is the registry_location, + "test-project" is the project_id, "test-repo" is the repository_name + and npm_test:1.0.0" is the npm package. type: string - format: google-datetime - annotations: - description: Optional. Client specified annotations. - type: object - additionalProperties: - type: string - Hash: - id: Hash - description: A hash of file content. + description: NpmPackage represents an npm artifact. + UploadGoogetArtifactRequest: + properties: {} + description: The request to upload an artifact. type: object - properties: - type: - description: The algorithm used to compute the hash value. - type: string - enumDescriptions: - - Unspecified. - - SHA256 hash. - - MD5 hash. - enum: - - HASH_TYPE_UNSPECIFIED - - SHA256 - - MD5 - value: - description: The hash value. - type: string - format: byte - DownloadFileResponse: - id: DownloadFileResponse - description: The response to download a file. + id: UploadGoogetArtifactRequest + ImportGoogetArtifactsResponse: + id: ImportGoogetArtifactsResponse type: object + properties: + googetArtifacts: + items: + $ref: '#/components/schemas/GoogetArtifact' + description: The GooGet artifacts updated. + type: array + errors: + items: + $ref: '#/components/schemas/ImportGoogetArtifactsErrorInfo' + description: Detailed error info for packages that were not imported. + type: array + description: The response message from importing artifacts. + UploadKfpArtifactMetadata: + description: The operation metadata for uploading KFP artifacts. properties: {} - UploadFileRequest: - id: UploadFileRequest - description: The request to upload a file. type: object + id: UploadKfpArtifactMetadata + YumRepository: + type: object + description: Configuration for a Yum remote repository. properties: - fileId: + publicRepository: + $ref: >- + #/components/schemas/GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigYumRepositoryPublicRepository description: >- - Optional. The ID of the file. If left empty will default to sha256 - digest of the content uploaded. - type: string - UploadFileMediaResponse: - id: UploadFileMediaResponse - description: The response to upload a generic artifact. + One of the publicly available Yum repositories supported by Artifact + Registry. + customRepository: + $ref: >- + #/components/schemas/GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigYumRepositoryCustomRepository + description: Customer-specified remote repository. + id: YumRepository + UploadYumArtifactResponse: + id: UploadYumArtifactResponse type: object + description: >- + The response of the completed artifact upload operation. This response + is contained in the Operation and available to users. properties: - operation: - description: Operation that will be returned to the user. - $ref: '#/components/schemas/Operation' - ListTagsResponse: - id: ListTagsResponse - description: The response from listing tags. - type: object + yumArtifacts: + items: + $ref: '#/components/schemas/YumArtifact' + description: The Yum artifacts updated. + type: array + GoogleDevtoolsArtifactregistryV1File: + id: GoogleDevtoolsArtifactregistryV1File + description: >- + Files store content that is potentially associated with Packages or + Versions. properties: - tags: - description: The tags returned. + fetchTime: + type: string + readOnly: true + format: google-datetime + description: >- + Output only. The time when the last attempt to refresh the file's + data was made. Only set when the repository is remote. + annotations: + type: object + description: Optional. Client specified annotations. + additionalProperties: + type: string + createTime: + description: Output only. The time when the File was created. + type: string + format: google-datetime + readOnly: true + owner: + type: string + description: The name of the Package or Version that owns this file, if any. + updateTime: + format: google-datetime + readOnly: true + type: string + description: Output only. The time when the File was last updated. + hashes: type: array items: - $ref: '#/components/schemas/Tag' - nextPageToken: + $ref: '#/components/schemas/Hash' + description: The hashes of the file content. + name: description: >- - The token to retrieve the next page of tags, or empty if there are - no more tags to return. + The name of the file, for example: + `projects/p1/locations/us-central1/repositories/repo1/files/a%2Fb%2Fc.txt`. + If the file ID part contains slashes, they are escaped. type: string - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + sizeBytes: + format: int64 + type: string + description: The size of the File in bytes. type: object - properties: {} - GoogleDevtoolsArtifactregistryV1Rule: - id: GoogleDevtoolsArtifactregistryV1Rule + CleanupPolicyCondition: description: >- - A rule defines the deny or allow action of the operation it applies to - and the conditions required for the rule to apply. You can set one rule - for an entire repository and one rule for each package within. - type: object + CleanupPolicyCondition is a set of conditions attached to a + CleanupPolicy. If multiple entries are set, all must be satisfied for + the condition to be satisfied. properties: - name: - description: >- - The name of the rule, for example: - `projects/p1/locations/us-central1/repositories/repo1/rules/rule1`. + tagPrefixes: + type: array + items: + type: string + description: Match versions by tag prefix. Applied on any prefix match. + packageNamePrefixes: + description: Match versions by package prefix. Applied on any prefix match. + type: array + items: + type: string + olderThan: type: string - action: - description: The action this rule takes. + description: Match versions older than a duration. + format: google-duration + newerThan: + description: Match versions newer than a duration. type: string - enumDescriptions: - - Action not specified. - - Allow the operation. - - Deny the operation. - enum: - - ACTION_UNSPECIFIED - - ALLOW - - DENY - operation: + format: google-duration + versionNamePrefixes: + type: array + description: Match versions by version name prefix. Applied on any prefix match. + items: + type: string + tagState: type: string - enumDescriptions: - - Operation not specified. - - Download operation. enum: - - OPERATION_UNSPECIFIED - - DOWNLOAD - condition: - description: >- - Optional. A CEL expression for conditions that must be met in order - for the rule to apply. If not provided, the rule matches all - objects. - $ref: '#/components/schemas/Expr' - packageId: - description: >- - The package ID the rule applies to. If empty, this rule applies to - all packages inside the repository. - type: string - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + - TAG_STATE_UNSPECIFIED + - TAGGED + - UNTAGGED + - ANY + enumDescriptions: + - Tag status not specified. + - Applies to tagged versions only. + - Applies to untagged versions only. + - Applies to all versions. + description: Match versions by tag status. type: object + id: CleanupPolicyCondition + DockerImage: properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. + uploadTime: + description: Time the image was uploaded. type: string - title: + format: google-datetime + uri: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + Required. URL to access the image. Example: + us-west4-docker.pkg.dev/test-project/test-repo/nginx@sha256:e9954c1fc875017be1c3e36eca16be2d9e9bccc4bf072163515467d6a823c7cf type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + updateTime: type: string - location: - description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + readOnly: true + format: google-datetime + description: Output only. The time when the docker image was last updated. + imageSizeBytes: + type: string + description: >- + Calculated size of the image. This field is returned as the + 'metadata.imageSizeBytes' field in the Version resource. + format: int64 + name: + description: >- + Required. registry_location, project_id, repository_name and image + id forms a unique image + name:`projects//locations//repositories//dockerImages/`. For + example, + "projects/test-project/locations/us-west4/repositories/test-repo/dockerImages/ + nginx@sha256:e9954c1fc875017be1c3e36eca16be2d9e9bccc4bf072163515467d6a823c7cf", + where "us-west4" is the registry_location, "test-project" is the + project_id, "test-repo" is the repository_name and + "nginx@sha256:e9954c1fc875017be1c3e36eca16be2d9e9bccc4bf072163515467d6a823c7cf" + is the image's digest. + type: string + tags: + items: + type: string + description: Tags attached to this image. + type: array + buildTime: + format: google-datetime + type: string + description: >- + The time this image was built. This field is returned as the + 'metadata.buildTime' field in the Version resource. The build time + is returned to the client as an RFC 3339 string, which can be easily + used with the JavaScript Date constructor. + mediaType: + description: >- + Media type of this image, e.g. + "application/vnd.docker.distribution.manifest.v2+json". This field + is returned as the 'metadata.mediaType' field in the Version + resource. type: string - ListRulesResponse: - id: ListRulesResponse - description: The response from listing rules. type: object + description: >- + DockerImage represents a docker artifact. The following fields are + returned as untyped metadata in the Version resource, using camelcase + keys (i.e. metadata.imageSizeBytes): * imageSizeBytes * mediaType * + buildTime + id: DockerImage + BatchDeleteVersionsRequest: + type: object + id: BatchDeleteVersionsRequest + description: The request to delete multiple versions across a repository. properties: - rules: - description: The rules returned. + names: + items: + type: string + description: >- + Required. The names of the versions to delete. The maximum number of + versions deleted per batch is determined by the service and is + dependent on the available resources in the region. type: array + validateOnly: + description: >- + If true, the request is performed without deleting data, following + AIP-163. + type: boolean + ImportGoogetArtifactsMetadata: + description: The operation metadata for importing artifacts. + id: ImportGoogetArtifactsMetadata + properties: {} + type: object + GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigMavenRepositoryCustomRepository: + properties: + uri: + type: string + description: >- + An http/https uri reference to the upstream remote repository, for + ex: "https://my.maven.registry/". + type: object + id: >- + GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigMavenRepositoryCustomRepository + description: Customer-specified publicly available remote repository. + ListMavenArtifactsResponse: + properties: + nextPageToken: + description: >- + The token to retrieve the next page of artifacts, or empty if there + are no more artifacts to return. + type: string + mavenArtifacts: items: - $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1Rule' + $ref: '#/components/schemas/MavenArtifact' + type: array + description: The maven artifacts returned. + type: object + id: ListMavenArtifactsResponse + description: The response from listing maven artifacts. + UploadGoModuleRequest: + type: object + id: UploadGoModuleRequest + properties: {} + description: The request to upload a Go module. + Location: + type: object + description: A resource that represents a Google Cloud location. + properties: + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + type: string + locationId: + type: string + description: 'The canonical id for this location. For example: `"us-east1"`.' + labels: + type: object + additionalProperties: + type: string + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + description: >- + Service-specific metadata. For example the available capacity at the + given location. + id: Location + ImportAptArtifactsResponse: + id: ImportAptArtifactsResponse + description: The response message from importing APT artifacts. + properties: + aptArtifacts: + description: The Apt artifacts imported. + type: array + items: + $ref: '#/components/schemas/AptArtifact' + errors: + items: + $ref: '#/components/schemas/ImportAptArtifactsErrorInfo' + type: array + description: Detailed error info for packages that were not imported. + type: object + ListTagsResponse: + properties: + tags: + description: The tags returned. + type: array + items: + $ref: '#/components/schemas/Tag' nextPageToken: + type: string description: >- - The token to retrieve the next page of rules, or empty if there are - no more rules to return. + The token to retrieve the next page of tags, or empty if there are + no more tags to return. + type: object + description: The response from listing tags. + id: ListTagsResponse + GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryCustomRepository: + type: object + description: Customer-specified publicly available remote repository. + id: >- + GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryCustomRepository + properties: + uri: + description: >- + An http/https uri reference to the upstream remote repository, for + ex: "https://my.apt.registry/". type: string - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. + ListLocationsResponse: type: object + id: ListLocationsResponse properties: - policy: + nextPageToken: + description: The standard List next-page token. + type: string + locations: + type: array + items: + $ref: '#/components/schemas/Location' description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + A list of locations that matches the specified filter in the + request. + description: The response message for Locations.ListLocations. + ImportAptArtifactsMetadata: + id: ImportAptArtifactsMetadata type: object + properties: {} + description: The operation metadata for importing artifacts. + Status: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). properties: - version: + message: description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + code: type: integer format: int32 - bindings: + description: The status code, which should be an enum value of google.rpc.Code. + details: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array + A list of messages that carry the error details. There is a common + set of message types for APIs to use. items: - $ref: '#/components/schemas/Binding' - etag: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: array + type: object + id: Status + GoModule: + id: GoModule + description: GoModule represents a Go module. + properties: + createTime: + readOnly: true + description: Output only. The time when the Go module is created. + type: string + format: google-datetime + version: description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + The version of the Go module. Must be a valid canonical version as + defined in https://go.dev/ref/mod#glos-canonical-version. type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + updateTime: + readOnly: true + description: Output only. The time when the Go module is updated. + type: string + format: google-datetime + name: + description: The resource name of a Go module. + type: string + type: object + ExportArtifactResponse: + type: object + properties: + exportedVersion: + $ref: '#/components/schemas/Version' + description: >- + The exported version. Should be the same as the request version with + fingerprint resource name. + description: The response for exporting an artifact to a destination. + id: ExportArtifactResponse + UploadKfpArtifactMediaResponse: + id: UploadKfpArtifactMediaResponse + description: The response to upload an artifact. + properties: + operation: + description: Operation that will be returned to the user. + $ref: '#/components/schemas/Operation' + type: object + AptArtifact: type: object + id: AptArtifact + description: >- + A detailed representation of an Apt artifact. Information in the record + is derived from the archive's control file. See + https://www.debian.org/doc/debian-policy/ch-controlfields.html + properties: + name: + readOnly: true + type: string + description: Output only. The Artifact Registry resource name of the artifact. + packageName: + type: string + readOnly: true + description: Output only. The Apt package name of the artifact. + packageType: + enum: + - PACKAGE_TYPE_UNSPECIFIED + - BINARY + - SOURCE + type: string + readOnly: true + enumDescriptions: + - Package type is not specified. + - Binary package. + - Source package. + description: Output only. An artifact is a binary or source package. + controlFile: + type: string + format: byte + readOnly: true + description: Output only. Contents of the artifact's control metadata file. + architecture: + type: string + description: Output only. Operating system architecture of the artifact. + readOnly: true + component: + readOnly: true + type: string + description: Output only. Repository component of the artifact. + Binding: properties: - role: + condition: + $ref: '#/components/schemas/Expr' description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). members: + type: array description: >- Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A @@ -1757,587 +1902,511 @@ components: `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: - description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object - properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - ProjectSettings: - id: ProjectSettings - description: The Artifact Registry settings that apply to a Project. - type: object - properties: - name: - description: >- - The name of the project's settings. Always of the form: - projects/{project-id}/projectSettings In update request: never set - In response: always set - type: string - legacyRedirectionState: - description: The redirection state of the legacy repositories in this project. - type: string - enumDescriptions: - - No redirection status has been set. - - Redirection is disabled. - - Redirection is enabled. - - >- - Redirection is enabled, and has been finalized so cannot be - reverted. - - Redirection is enabled and missing images are copied from GCR - - >- - Redirection is partially enabled and missing images are copied - from GCR - enumDeprecated: - - false - - false - - false - - true - - false - - false - enum: - - REDIRECTION_STATE_UNSPECIFIED - - REDIRECTION_FROM_GCR_IO_DISABLED - - REDIRECTION_FROM_GCR_IO_ENABLED - - REDIRECTION_FROM_GCR_IO_FINALIZED - - REDIRECTION_FROM_GCR_IO_ENABLED_AND_COPYING - - REDIRECTION_FROM_GCR_IO_PARTIAL_AND_COPYING - pullPercent: - description: >- - The percentage of pull traffic to redirect from GCR to AR when using - partial redirection. - type: integer - format: int32 - VPCSCConfig: - id: VPCSCConfig - description: The Artifact Registry VPC SC config that apply to a Project. - type: object - properties: - name: - description: >- - The name of the project's VPC SC Config. Always of the form: - projects/{projectID}/locations/{location}/vpcscConfig In update - request: never set In response: always set - type: string - vpcscPolicy: - description: >- - The project per location VPC SC policy that defines the VPC SC - behavior for the Remote Repository (Allow/Deny). - type: string - enumDescriptions: - - >- - VPCSC_POLICY_UNSPECIFIED - the VPS SC policy is not defined. When - VPS SC policy is not defined - the Service will use the default - behavior (VPCSC_DENY). - - >- - VPCSC_DENY - repository will block the requests to the Upstreams - for the Remote Repositories if the resource is in the perimeter. - - >- - VPCSC_ALLOW - repository will allow the requests to the Upstreams - for the Remote Repositories if the resource is in the perimeter. - enum: - - VPCSC_POLICY_UNSPECIFIED - - DENY - - ALLOW - ListAttachmentsResponse: - id: ListAttachmentsResponse - description: The response from listing attachments. - type: object - properties: - attachments: - description: The attachments returned. - type: array - items: - $ref: '#/components/schemas/Attachment' - nextPageToken: - description: >- - The token to retrieve the next page of attachments, or empty if - there are no more attachments to return. - type: string - Attachment: - id: Attachment - description: >- - An Attachment refers to additional metadata that can be attached to - artifacts in Artifact Registry. An attachment consists of one or more - files. - type: object - properties: - name: - description: >- - The name of the attachment. E.g. - `projects/p1/locations/us/repositories/repo/attachments/sbom`. - type: string - target: - description: >- - Required. The target the attachment is for, can be a Version, - Package or Repository. E.g. - `projects/p1/locations/us-central1/repositories/repo1/packages/p1/versions/v1`. - type: string - type: - description: Type of attachment. E.g. `application/vnd.spdx+json` - type: string - attachmentNamespace: - description: >- - The namespace this attachment belongs to. E.g. If an attachment is - created by artifact analysis, namespace is set to - `artifactanalysis.googleapis.com`. - type: string - annotations: - description: >- - Optional. User annotations. These attributes can only be set and - used by the user, and not by Artifact Registry. See - https://google.aip.dev/128#annotations for more details such as - format and size limitations. - type: object - additionalProperties: - type: string - createTime: - description: Output only. The time when the attachment was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time when the attachment was last updated. - readOnly: true - type: string - format: google-datetime - files: - description: >- - Required. The files that belong to this attachment. If the file ID - part contains slashes, they are escaped. E.g. - `projects/p1/locations/us-central1/repositories/repo1/files/sha:`. - type: array - items: - type: string - ociVersionName: - description: >- - Output only. The name of the OCI version that this attachment - created. Only populated for Docker attachments. E.g. - `projects/p1/locations/us-central1/repositories/repo1/packages/p1/versions/v1`. - readOnly: true - type: string - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object - properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + items: type: string - metadata: + role: description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ImportAptArtifactsResponse: - id: ImportAptArtifactsResponse - description: The response message from importing APT artifacts. + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + type: string type: object + id: Binding + description: Associates `members`, or principals, with a `role`. + UploadGoogetArtifactMediaResponse: + description: The response to upload an artifact. properties: - aptArtifacts: - description: The Apt artifacts imported. - type: array - items: - $ref: '#/components/schemas/AptArtifact' - errors: - description: Detailed error info for packages that were not imported. - type: array - items: - $ref: '#/components/schemas/ImportAptArtifactsErrorInfo' - AptArtifact: - id: AptArtifact - description: >- - A detailed representation of an Apt artifact. Information in the record - is derived from the archive's control file. See - https://www.debian.org/doc/debian-policy/ch-controlfields.html + operation: + description: Operation to be returned to the user. + $ref: '#/components/schemas/Operation' + type: object + id: UploadGoogetArtifactMediaResponse + Repository: + id: Repository + description: A Repository for storing artifacts with a specific format. type: object properties: - name: - description: Output only. The Artifact Registry resource name of the artifact. - readOnly: true + kmsKeyName: + description: >- + The Cloud KMS resource name of the customer managed encryption key + that's used to encrypt the contents of the Repository. Has the form: + `projects/my-project/locations/my-region/keyRings/my-kr/cryptoKeys/my-key`. + This value may not be changed after the Repository has been created. type: string - packageName: - description: Output only. The Apt package name of the artifact. - readOnly: true + mavenConfig: + $ref: '#/components/schemas/MavenRepositoryConfig' + description: >- + Maven repository config contains repository level configuration for + the repositories of maven type. + name: + description: >- + The name of the repository, for example: + `projects/p1/locations/us-central1/repositories/repo1`. For each + location in a project, repository names must be unique. type: string - packageType: - description: Output only. An artifact is a binary or source package. - readOnly: true + createTime: type: string - enumDescriptions: - - Package type is not specified. - - Binary package. - - Source package. - enum: - - PACKAGE_TYPE_UNSPECIFIED - - BINARY - - SOURCE - architecture: - description: Output only. Operating system architecture of the artifact. + description: Output only. The time when the repository was created. readOnly: true + format: google-datetime + disallowUnspecifiedMode: + type: boolean + description: >- + Optional. If this is true, an unspecified repo type will be treated + as error rather than defaulting to standard. + sizeBytes: + description: >- + Output only. The size, in bytes, of all artifact storage in this + repository. Repositories that are generally available or in public + preview use this to calculate storage costs. + format: int64 type: string - component: - description: Output only. Repository component of the artifact. readOnly: true - type: string - controlFile: - description: Output only. Contents of the artifact's control metadata file. + cleanupPolicyDryRun: + description: >- + Optional. If true, the cleanup pipeline is prevented from deleting + versions in this repository. + type: boolean + satisfiesPzi: + type: boolean readOnly: true + description: Output only. Whether or not this repository satisfies PZI. + updateTime: + description: Output only. The time when the repository was last updated. type: string - format: byte - ImportAptArtifactsErrorInfo: - id: ImportAptArtifactsErrorInfo - description: Error information explaining why a package was not imported. - type: object - properties: - gcsSource: - description: Google Cloud Storage location requested. - $ref: '#/components/schemas/ImportAptArtifactsGcsSource' - error: - description: The detailed error status. - $ref: '#/components/schemas/Status' - ImportAptArtifactsMetadata: - id: ImportAptArtifactsMetadata - description: The operation metadata for importing artifacts. - type: object - properties: {} - UploadAptArtifactResponse: - id: UploadAptArtifactResponse - description: >- - The response of the completed artifact upload operation. This response - is contained in the Operation and available to users. - type: object - properties: - aptArtifacts: - description: The Apt artifacts updated. - type: array - items: - $ref: '#/components/schemas/AptArtifact' - UploadAptArtifactMetadata: - id: UploadAptArtifactMetadata - description: The operation metadata for uploading artifacts. - type: object - properties: {} - ImportYumArtifactsResponse: - id: ImportYumArtifactsResponse - description: The response message from importing YUM artifacts. - type: object - properties: - yumArtifacts: - description: The yum artifacts imported. - type: array - items: - $ref: '#/components/schemas/YumArtifact' - errors: - description: Detailed error info for packages that were not imported. - type: array - items: - $ref: '#/components/schemas/ImportYumArtifactsErrorInfo' - YumArtifact: - id: YumArtifact - description: A detailed representation of a Yum artifact. - type: object - properties: - name: - description: Output only. The Artifact Registry resource name of the artifact. readOnly: true + format: google-datetime + remoteRepositoryConfig: + description: Configuration specific for a Remote Repository. + $ref: '#/components/schemas/RemoteRepositoryConfig' + description: type: string - packageName: - description: Output only. The yum package name of the artifact. - readOnly: true + description: The user-provided description of the repository. + labels: + description: >- + Labels with user-defined metadata. This field may contain up to 64 + entries. Label keys and values may be no longer than 63 characters. + Label keys must begin with a lowercase letter and may only contain + lowercase letters, numeric characters, underscores, and dashes. + additionalProperties: + type: string + type: object + dockerConfig: + $ref: '#/components/schemas/DockerRepositoryConfig' + description: >- + Docker repository config contains repository level configuration for + the repositories of docker type. + registryUri: type: string - packageType: - description: Output only. An artifact is a binary or source package. readOnly: true + description: >- + Output only. The repository endpoint, for example: + `us-docker.pkg.dev/my-proj/my-repo`. + format: type: string enumDescriptions: - - Package type is not specified. - - Binary package (.rpm). - - Source package (.srpm). + - Unspecified package format. + - Docker package format. + - Maven package format. + - NPM package format. + - APT package format. + - YUM package format. + - GooGet package format. + - Python package format. + - Kubeflow Pipelines package format. + - Go package format. + - Generic package format. + - Ruby package format. enum: - - PACKAGE_TYPE_UNSPECIFIED - - BINARY - - SOURCE - architecture: - description: Output only. Operating system architecture of the artifact. + - FORMAT_UNSPECIFIED + - DOCKER + - MAVEN + - NPM + - APT + - YUM + - GOOGET + - PYTHON + - KFP + - GO + - GENERIC + - RUBY + description: Optional. The format of packages that are stored in the repository. + vulnerabilityScanningConfig: + description: >- + Optional. Config and state for vulnerability scanning of resources + within this Repository. + $ref: '#/components/schemas/VulnerabilityScanningConfig' + satisfiesPzs: + type: boolean + description: Output only. Whether or not this repository satisfies PZS. readOnly: true + virtualRepositoryConfig: + description: Configuration specific for a Virtual Repository. + $ref: '#/components/schemas/VirtualRepositoryConfig' + cleanupPolicies: + description: >- + Optional. Cleanup policies for this repository. Cleanup policies + indicate when certain package versions can be automatically deleted. + Map keys are policy IDs supplied by users during policy creation. + They must unique within a repository and be under 128 characters in + length. + type: object + additionalProperties: + $ref: '#/components/schemas/CleanupPolicy' + mode: + enum: + - MODE_UNSPECIFIED + - STANDARD_REPOSITORY + - VIRTUAL_REPOSITORY + - REMOTE_REPOSITORY + - AOSS_REPOSITORY + - ASSURED_OSS_REPOSITORY + description: Optional. The mode of the repository. type: string - ImportYumArtifactsErrorInfo: - id: ImportYumArtifactsErrorInfo - description: Error information explaining why a package was not imported. + enumDescriptions: + - Unspecified mode. + - A standard repository storing artifacts. + - A virtual repository to serve artifacts from one or more sources. + - A remote repository to serve artifacts from a remote source. + - An AOSS repository provides artifacts from AOSS upstreams. + - Replacement of AOSS_REPOSITORY. + ImportGoogetArtifactsRequest: + id: ImportGoogetArtifactsRequest type: object + description: The request to import new googet artifacts. properties: gcsSource: - description: Google Cloud Storage location requested. - $ref: '#/components/schemas/ImportYumArtifactsGcsSource' - error: - description: The detailed error status. - $ref: '#/components/schemas/Status' - ImportYumArtifactsMetadata: - id: ImportYumArtifactsMetadata - description: The operation metadata for importing artifacts. - type: object - properties: {} - UploadYumArtifactResponse: - id: UploadYumArtifactResponse - description: >- - The response of the completed artifact upload operation. This response - is contained in the Operation and available to users. - type: object + $ref: '#/components/schemas/ImportGoogetArtifactsGcsSource' + description: Google Cloud Storage location where input content is located. + ListAttachmentsResponse: properties: - yumArtifacts: - description: The Yum artifacts updated. + nextPageToken: + type: string + description: >- + The token to retrieve the next page of attachments, or empty if + there are no more attachments to return. + attachments: type: array items: - $ref: '#/components/schemas/YumArtifact' - UploadYumArtifactMetadata: - id: UploadYumArtifactMetadata - description: The operation metadata for uploading artifacts. + $ref: '#/components/schemas/Attachment' + description: The attachments returned. + id: ListAttachmentsResponse + description: The response from listing attachments. type: object - properties: {} - ImportGoogetArtifactsResponse: - id: ImportGoogetArtifactsResponse - description: The response message from importing artifacts. + ListRepositoriesResponse: + id: ListRepositoriesResponse type: object properties: - googetArtifacts: - description: The GooGet artifacts updated. - type: array + repositories: items: - $ref: '#/components/schemas/GoogetArtifact' - errors: - description: Detailed error info for packages that were not imported. + $ref: '#/components/schemas/Repository' + description: The repositories returned. + type: array + nextPageToken: + type: string + description: >- + The token to retrieve the next page of repositories, or empty if + there are no more repositories to return. + description: The response from listing repositories. + TestIamPermissionsRequest: + description: Request message for `TestIamPermissions` method. + properties: + permissions: + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). type: array items: - $ref: '#/components/schemas/ImportGoogetArtifactsErrorInfo' - GoogetArtifact: - id: GoogetArtifact - description: A detailed representation of a GooGet artifact. + type: string type: object + id: TestIamPermissionsRequest + GoogetArtifact: properties: - name: - description: Output only. The Artifact Registry resource name of the artifact. - readOnly: true + architecture: type: string + readOnly: true + description: Output only. Operating system architecture of the artifact. packageName: + type: string description: Output only. The GooGet package name of the artifact. readOnly: true - type: string - architecture: - description: Output only. Operating system architecture of the artifact. + name: + description: Output only. The Artifact Registry resource name of the artifact. readOnly: true type: string - ImportGoogetArtifactsErrorInfo: - id: ImportGoogetArtifactsErrorInfo - description: Error information explaining why a package was not imported. - type: object - properties: - gcsSource: - description: Google Cloud Storage location requested. - $ref: '#/components/schemas/ImportGoogetArtifactsGcsSource' - error: - description: The detailed error status. - $ref: '#/components/schemas/Status' - ImportGoogetArtifactsMetadata: - id: ImportGoogetArtifactsMetadata - description: The operation metadata for importing artifacts. type: object - properties: {} - UploadGoogetArtifactResponse: - id: UploadGoogetArtifactResponse - description: >- - The response of the completed artifact upload operation. This response - is contained in the Operation and available to users. + description: A detailed representation of a GooGet artifact. + id: GoogetArtifact + GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigNpmRepositoryCustomRepository: type: object + description: Customer-specified publicly available remote repository. + id: >- + GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigNpmRepositoryCustomRepository properties: - googetArtifacts: - description: The GooGet artifacts updated. + uri: + description: >- + An http/https uri reference to the upstream remote repository, for + ex: "https://my.npm.registry/". + type: string + UploadKfpArtifactRequest: + id: UploadKfpArtifactRequest + properties: + tags: + description: Tags to be created with the version. type: array items: - $ref: '#/components/schemas/GoogetArtifact' - UploadGoogetArtifactMetadata: - id: UploadGoogetArtifactMetadata - description: The operation metadata for uploading artifacts. - type: object - properties: {} - KfpArtifact: - id: KfpArtifact - description: A detailed representation of a KFP artifact. + type: string + description: + description: Description of the package version. + type: string type: object + description: The request to upload an artifact. + ListFilesResponse: + description: The response from listing files. properties: - name: - description: >- - Output only. Resource name of the KFP artifact. Since users don't - directly interact with this resource, the name will be derived from - the associated version. For example, when version = - ".../versions/sha256:abcdef...", the name will be - ".../kfpArtifacts/sha256:abcdef...". - readOnly: true + files: + type: array + items: + $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1File' + description: The files returned. + nextPageToken: type: string - version: description: >- - The version associated with the KFP artifact. Must follow the - Semantic Versioning standard. - type: string - UploadKfpArtifactMetadata: - id: UploadKfpArtifactMetadata - description: The operation metadata for uploading KFP artifacts. + The token to retrieve the next page of files, or empty if there are + no more files to return. type: object + id: ListFilesResponse + UploadYumArtifactMetadata: properties: {} - GenericArtifact: - id: GenericArtifact - description: GenericArtifact represents a generic artifact type: object + description: The operation metadata for uploading artifacts. + id: UploadYumArtifactMetadata + MavenRepositoryConfig: properties: - name: + allowSnapshotOverwrites: description: >- - Resource name of the generic artifact. project, location, - repository, package_id and version_id create a unique generic - artifact. i.e. - "projects/test-project/locations/us-west4/repositories/test-repo/ - genericArtifacts/package_id:version_id" + The repository with this flag will allow publishing the same + snapshot versions. + type: boolean + versionPolicy: + description: Version policy defines the versions that the registry will accept. type: string + enumDescriptions: + - >- + VERSION_POLICY_UNSPECIFIED - the version policy is not defined. + When the version policy is not defined, no validation is performed + for the versions. + - RELEASE - repository will accept only Release versions. + - SNAPSHOT - repository will accept only Snapshot versions. + enum: + - VERSION_POLICY_UNSPECIFIED + - RELEASE + - SNAPSHOT + description: >- + MavenRepositoryConfig is maven related repository details. Provides + additional configuration details for repositories of the maven format + type. + id: MavenRepositoryConfig + type: object + PythonPackage: + id: PythonPackage + properties: version: - description: The version of the generic artifact. + description: Version of this package. type: string - createTime: - description: Output only. The time when the Generic module is created. + updateTime: + description: Output only. Time the package was updated. readOnly: true type: string format: google-datetime - updateTime: - description: Output only. The time when the Generic module is updated. + createTime: + description: Output only. Time the package was created. + format: google-datetime readOnly: true type: string - format: google-datetime - UploadGenericArtifactMetadata: - id: UploadGenericArtifactMetadata - description: The operation metadata for uploading generic artifacts. + name: + type: string + description: >- + Required. registry_location, project_id, repository_name and + python_package forms a unique package + name:`projects//locations//repository//pythonPackages/`. For + example, + "projects/test-project/locations/us-west4/repositories/test-repo/pythonPackages/ + python_package:1.0.0", where "us-west4" is the registry_location, + "test-project" is the project_id, "test-repo" is the repository_name + and python_package:1.0.0" is the python package. + packageName: + description: Package for the artifact. + type: string + uri: + description: >- + Required. URL to access the package. Example: + us-west4-python.pkg.dev/test-project/test-repo/python_package/file-name-1.0.0.tar.gz + type: string + description: PythonPackage represents a python artifact. + type: object + TestIamPermissionsResponse: + description: Response message for `TestIamPermissions` method. + properties: + permissions: + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + items: + type: string + type: array + type: object + id: TestIamPermissionsResponse + DownloadFileResponse: + description: The response to download a file. type: object properties: {} - GoModule: - id: GoModule - description: GoModule represents a Go module. + id: DownloadFileResponse + Package: type: object + id: Package + description: Packages are named collections of versions. properties: + createTime: + description: The time when the package was created. + format: google-datetime + type: string + annotations: + description: Optional. Client specified annotations. + additionalProperties: + type: string + type: object name: - description: The resource name of a Go module. type: string - version: description: >- - The version of the Go module. Must be a valid canonical version as - defined in https://go.dev/ref/mod#glos-canonical-version. - type: string - createTime: - description: Output only. The time when the Go module is created. - readOnly: true - type: string - format: google-datetime + The name of the package, for example: + `projects/p1/locations/us-central1/repositories/repo1/packages/pkg1`. + If the package ID part contains slashes, the slashes are escaped. updateTime: - description: Output only. The time when the Go module is updated. - readOnly: true - type: string + description: >- + The time when the package was last updated. This includes publishing + a new version of the package. format: google-datetime + type: string + displayName: + description: The display name of the package. + type: string UploadGoModuleMetadata: id: UploadGoModuleMetadata + properties: {} description: The operation metadata for uploading go modules. type: object - properties: {} - OperationMetadata: - id: OperationMetadata - description: Metadata type for longrunning-operations, currently empty. + UploadAptArtifactMetadata: + description: The operation metadata for uploading artifacts. + id: UploadAptArtifactMetadata type: object properties: {} - BatchDeleteVersionsMetadata: - id: BatchDeleteVersionsMetadata - description: The metadata of an LRO from deleting multiple versions. + Policy: type: object properties: - failedVersions: - description: The versions the operation failed to delete. + bindings: type: array + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. items: - type: string + $ref: '#/components/schemas/Binding' + version: + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + type: integer + format: int32 + etag: + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + type: string + format: byte + id: Policy + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). parameters: - access_token: - description: OAuth access token. + _.xgafv: + description: V1 error format. in: query - name: access_token + name: $.xgafv schema: type: string + enum: + - '1' + - '2' alt: description: Data format for response. in: query @@ -2348,16 +2417,22 @@ components: - json - media - proto - callback: - description: JSONP + access_token: + description: OAuth access token. in: query - name: callback + name: access_token schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: fields + name: prettyPrint + schema: + type: boolean + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol schema: type: string key: @@ -2369,18 +2444,18 @@ components: name: key schema: type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -2390,238 +2465,162 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + callback: + description: JSONP in: query - name: uploadType + name: callback schema: type: string - _.xgafv: - description: V1 error format. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: $.xgafv + name: fields schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: - project_settings: - id: google.artifactregistry.project_settings - name: project_settings - title: Project_settings - methods: - get_project_settings: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1projectSettings/get' - response: - mediaType: application/json - openAPIDocKey: '200' - update_project_settings: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1projectSettings/patch' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/project_settings/methods/get_project_settings - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/project_settings/methods/update_project_settings - replace: [] - delete: [] - vpcsc_config: - id: google.artifactregistry.vpcsc_config - name: vpcsc_config - title: Vpcsc_config + generic_artifacts: + id: google.artifactregistry.generic_artifacts + name: generic_artifacts + title: Generic_artifacts methods: - get_vpcsc_config: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vpcscConfig/get - response: - mediaType: application/json - openAPIDocKey: '200' - update_vpcsc_config: + upload: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vpcscConfig/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1genericArtifacts:create/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/vpcsc_config/methods/get_vpcsc_config + select: [] insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/vpcsc_config/methods/update_vpcsc_config + update: [] replace: [] delete: [] - locations: - id: google.artifactregistry.locations - name: locations - title: Locations + yum_artifacts: + id: google.artifactregistry.yum_artifacts + name: yum_artifacts + title: Yum_artifacts methods: - list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations - get: + upload: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1yumArtifacts:create/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - operations: - id: google.artifactregistry.operations - name: operations - title: Operations - methods: - get: + import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1yumArtifacts:import/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' + select: [] insert: [] update: [] replace: [] delete: [] - repositories: - id: google.artifactregistry.repositories - name: repositories - title: Repositories + rules: + id: google.artifactregistry.rules + name: rules + title: Rules methods: - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1rules~1{rulesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.repositories - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1rules~1{rulesId}/delete response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1rules~1{rulesId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1rules/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1rules/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.rules sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/repositories/methods/get' - - $ref: '#/components/x-stackQL-resources/repositories/methods/list' + - $ref: '#/components/x-stackQL-resources/rules/methods/get' + - $ref: '#/components/x-stackQL-resources/rules/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/repositories/methods/create' + - $ref: '#/components/x-stackQL-resources/rules/methods/create' update: - - $ref: '#/components/x-stackQL-resources/repositories/methods/patch' + - $ref: '#/components/x-stackQL-resources/rules/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/repositories/methods/delete' - repositories_iam_policies: - id: google.artifactregistry.repositories_iam_policies - name: repositories_iam_policies - title: Repositories_iam_policies + - $ref: '#/components/x-stackQL-resources/rules/methods/delete' + maven_artifacts: + id: google.artifactregistry.maven_artifacts + name: maven_artifacts + title: Maven_artifacts methods: - set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - get_iam_policy: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1mavenArtifacts~1{mavenArtifactsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1mavenArtifacts/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.mavenArtifacts sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/repositories_iam_policies/methods/get_iam_policy + - $ref: '#/components/x-stackQL-resources/maven_artifacts/methods/get' + - $ref: '#/components/x-stackQL-resources/maven_artifacts/methods/list' insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/repositories_iam_policies/methods/set_iam_policy + replace: [] delete: [] docker_images: id: google.artifactregistry.docker_images name: docker_images title: Docker_images methods: - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1dockerImages/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1dockerImages~1{dockerImagesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.dockerImages - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1dockerImages~1{dockerImagesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1dockerImages/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.dockerImages sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/docker_images/methods/get' @@ -2630,276 +2629,218 @@ components: update: [] replace: [] delete: [] - maven_artifacts: - id: google.artifactregistry.maven_artifacts - name: maven_artifacts - title: Maven_artifacts + go_modules: + id: google.artifactregistry.go_modules + name: go_modules + title: Go_modules methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1mavenArtifacts/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.mavenArtifacts - get: + upload: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1mavenArtifacts~1{mavenArtifactsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1goModules:create/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/maven_artifacts/methods/get' - - $ref: '#/components/x-stackQL-resources/maven_artifacts/methods/list' + select: [] insert: [] update: [] replace: [] delete: [] - npm_packages: - id: google.artifactregistry.npm_packages - name: npm_packages - title: Npm_packages + files: + id: google.artifactregistry.files + name: files + title: Files methods: - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1npmPackages/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1files~1{filesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.npmPackages - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1npmPackages~1{npmPackagesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1files~1{filesId}/patch response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/npm_packages/methods/get' - - $ref: '#/components/x-stackQL-resources/npm_packages/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - python_packages: - id: google.artifactregistry.python_packages - name: python_packages - title: Python_packages - methods: - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pythonPackages/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1files~1{filesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.pythonPackages - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pythonPackages~1{pythonPackagesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1files/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/python_packages/methods/get' - - $ref: '#/components/x-stackQL-resources/python_packages/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - apt_artifacts: - id: google.artifactregistry.apt_artifacts - name: apt_artifacts - title: Apt_artifacts - methods: - import: + objectKey: $.files + upload: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1aptArtifacts:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1files:upload/post response: mediaType: application/json openAPIDocKey: '200' - upload: + download: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1aptArtifacts:create/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1files~1{filesId}:download/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] + select: + - $ref: '#/components/x-stackQL-resources/files/methods/get' + - $ref: '#/components/x-stackQL-resources/files/methods/list' insert: [] - update: [] + update: + - $ref: '#/components/x-stackQL-resources/files/methods/patch' replace: [] - delete: [] - yum_artifacts: - id: google.artifactregistry.yum_artifacts - name: yum_artifacts - title: Yum_artifacts + delete: + - $ref: '#/components/x-stackQL-resources/files/methods/delete' + attachments: + id: google.artifactregistry.attachments + name: attachments + title: Attachments methods: - import: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1yumArtifacts:import/post - response: - mediaType: application/json - openAPIDocKey: '200' - upload: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1yumArtifacts:create/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1attachments/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - googet_artifacts: - id: google.artifactregistry.googet_artifacts - name: googet_artifacts - title: Googet_artifacts - methods: - import: + objectKey: $.attachments + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1googetArtifacts:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1attachments/post response: mediaType: application/json openAPIDocKey: '200' - upload: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1googetArtifacts:create/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1attachments~1{attachmentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - generic_artifacts: - id: google.artifactregistry.generic_artifacts - name: generic_artifacts - title: Generic_artifacts - methods: - upload: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1genericArtifacts:create/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1attachments~1{attachmentsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] - insert: [] + select: + - $ref: '#/components/x-stackQL-resources/attachments/methods/get' + - $ref: '#/components/x-stackQL-resources/attachments/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/attachments/methods/create' update: [] replace: [] - delete: [] - kfp_artifacts: - id: google.artifactregistry.kfp_artifacts - name: kfp_artifacts - title: Kfp_artifacts + delete: + - $ref: '#/components/x-stackQL-resources/attachments/methods/delete' + python_packages: + id: google.artifactregistry.python_packages + name: python_packages + title: Python_packages methods: - upload: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1kfpArtifacts:create/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pythonPackages/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - go_modules: - id: google.artifactregistry.go_modules - name: go_modules - title: Go_modules - methods: - upload: + objectKey: $.pythonPackages + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1goModules:create/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pythonPackages~1{pythonPackagesId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] + select: + - $ref: '#/components/x-stackQL-resources/python_packages/methods/get' + - $ref: '#/components/x-stackQL-resources/python_packages/methods/list' insert: [] update: [] replace: [] delete: [] - packages: - id: google.artifactregistry.packages - name: packages - title: Packages + tags: + id: google.artifactregistry.tags + name: tags + title: Tags methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1tags/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.packages - get: + objectKey: $.tags + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1tags/post + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1tags~1{tagsId}/patch response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1tags~1{tagsId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1tags~1{tagsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/packages/methods/get' - - $ref: '#/components/x-stackQL-resources/packages/methods/list' - insert: [] + - $ref: '#/components/x-stackQL-resources/tags/methods/get' + - $ref: '#/components/x-stackQL-resources/tags/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/tags/methods/create' update: - - $ref: '#/components/x-stackQL-resources/packages/methods/patch' + - $ref: '#/components/x-stackQL-resources/tags/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/packages/methods/delete' + - $ref: '#/components/x-stackQL-resources/tags/methods/delete' versions: id: google.artifactregistry.versions name: versions title: Versions methods: - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1versions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1versions~1{versionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.versions get: operation: $ref: >- @@ -2907,27 +2848,28 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1versions~1{versionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1versions~1{versionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + batch_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1versions~1{versionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1versions:batchDelete/post response: mediaType: application/json openAPIDocKey: '200' - batch_delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1versions:batchDelete/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1versions/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.versions sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/versions/methods/get' @@ -2939,259 +2881,370 @@ components: delete: - $ref: '#/components/x-stackQL-resources/versions/methods/delete' - $ref: '#/components/x-stackQL-resources/versions/methods/batch_delete' - tags: - id: google.artifactregistry.tags - name: tags - title: Tags + packages: + id: google.artifactregistry.packages + name: packages + title: Packages methods: - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1tags/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tags - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1tags/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}/delete response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1tags~1{tagsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1tags~1{tagsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.packages + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/packages/methods/get' + - $ref: '#/components/x-stackQL-resources/packages/methods/list' + insert: [] + update: + - $ref: '#/components/x-stackQL-resources/packages/methods/patch' + replace: [] delete: + - $ref: '#/components/x-stackQL-resources/packages/methods/delete' + kfp_artifacts: + id: google.artifactregistry.kfp_artifacts + name: kfp_artifacts + title: Kfp_artifacts + methods: + upload: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1packages~1{packagesId}~1tags~1{tagsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1kfpArtifacts:create/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/tags/methods/get' - - $ref: '#/components/x-stackQL-resources/tags/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/tags/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/tags/methods/patch' + select: [] + insert: [] + update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/tags/methods/delete' - files: - id: google.artifactregistry.files - name: files - title: Files + delete: [] + googet_artifacts: + id: google.artifactregistry.googet_artifacts + name: googet_artifacts + title: Googet_artifacts + methods: + import: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1googetArtifacts:import/post + response: + mediaType: application/json + openAPIDocKey: '200' + upload: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1googetArtifacts:create/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + apt_artifacts: + id: google.artifactregistry.apt_artifacts + name: apt_artifacts + title: Apt_artifacts + methods: + upload: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1aptArtifacts:create/post + response: + mediaType: application/json + openAPIDocKey: '200' + import: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1aptArtifacts:import/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + npm_packages: + id: google.artifactregistry.npm_packages + name: npm_packages + title: Npm_packages + methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1npmPackages/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.npmPackages + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1npmPackages~1{npmPackagesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/npm_packages/methods/get' + - $ref: '#/components/x-stackQL-resources/npm_packages/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + repositories: + id: google.artifactregistry.repositories + name: repositories + title: Repositories methods: - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1files/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.files - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1files~1{filesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1files~1{filesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1files~1{filesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories/post response: mediaType: application/json openAPIDocKey: '200' - download: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1files~1{filesId}:download/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories/get response: mediaType: application/json openAPIDocKey: '200' - upload: + objectKey: $.repositories + export_artifact: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1files:upload/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:exportArtifact/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/files/methods/get' - - $ref: '#/components/x-stackQL-resources/files/methods/list' - insert: [] + - $ref: '#/components/x-stackQL-resources/repositories/methods/get' + - $ref: '#/components/x-stackQL-resources/repositories/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/repositories/methods/create' update: - - $ref: '#/components/x-stackQL-resources/files/methods/patch' + - $ref: '#/components/x-stackQL-resources/repositories/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/files/methods/delete' - rules: - id: google.artifactregistry.rules - name: rules - title: Rules + - $ref: '#/components/x-stackQL-resources/repositories/methods/delete' + repositories_iam_policies: + id: google.artifactregistry.repositories_iam_policies + name: repositories_iam_policies + title: Repositories_iam_policies methods: - create: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1rules/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - list: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1rules/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.rules + get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/repositories_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/repositories_iam_policies/methods/set_iam_policy + delete: [] + operations: + id: google.artifactregistry.operations + name: operations + title: Operations + methods: get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1rules~1{rulesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + insert: [] + update: [] + replace: [] + delete: [] + vpcsc_config: + id: google.artifactregistry.vpcsc_config + name: vpcsc_config + title: Vpcsc_config + methods: + update_vpcsc_config: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1rules~1{rulesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vpcscConfig/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + get_vpcsc_config: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1rules~1{rulesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vpcscConfig/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/rules/methods/get' - - $ref: '#/components/x-stackQL-resources/rules/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/rules/methods/create' + - $ref: >- + #/components/x-stackQL-resources/vpcsc_config/methods/get_vpcsc_config + insert: [] update: - - $ref: '#/components/x-stackQL-resources/rules/methods/patch' + - $ref: >- + #/components/x-stackQL-resources/vpcsc_config/methods/update_vpcsc_config replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/rules/methods/delete' - attachments: - id: google.artifactregistry.attachments - name: attachments - title: Attachments + delete: [] + locations: + id: google.artifactregistry.locations + name: locations + title: Locations methods: - list: + get: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1attachments/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.attachments - create: + list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1attachments/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' - get: + objectKey: $.locations + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + project_settings: + id: google.artifactregistry.project_settings + name: project_settings + title: Project_settings + methods: + get_project_settings: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1attachments~1{attachmentsId}/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1projectSettings/get' response: mediaType: application/json openAPIDocKey: '200' - delete: + update_project_settings: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1attachments~1{attachmentsId}/delete + $ref: '#/paths/~1v1~1projects~1{projectsId}~1projectSettings/patch' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/attachments/methods/get' - - $ref: '#/components/x-stackQL-resources/attachments/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/attachments/methods/create' - update: [] + - $ref: >- + #/components/x-stackQL-resources/project_settings/methods/get_project_settings + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/project_settings/methods/update_project_settings replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/attachments/methods/delete' + delete: [] paths: - /v1/projects/{projectsId}/projectSettings: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/genericArtifacts:create: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - get: - description: Retrieves the Settings for the Project. - operationId: artifactregistry.projects.getProjectSettings - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ProjectSettings' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - patch: - description: Updates the Settings for the Project. - operationId: artifactregistry.projects.updateProjectSettings + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/fields' + post: + description: >- + Directly uploads a Generic artifact. The returned operation will + complete once the resources are uploaded. Package, version, and file + resources are created based on the uploaded artifact. Uploaded artifacts + that conflict with existing resources will raise an `ALREADY_EXISTS` + error. + operationId: artifactregistry.projects.locations.repositories.genericArtifacts.upload requestBody: content: application/json: schema: - $ref: '#/components/schemas/ProjectSettings' + $ref: '#/components/schemas/UploadGenericArtifactRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3203,39 +3256,49 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ProjectSettings' + $ref: '#/components/schemas/UploadGenericArtifactMediaResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: locationsId + required: true schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/vpcscConfig: + - in: path + name: repositoriesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/yumArtifacts:create: parameters: *ref_1 - get: - description: Retrieves the VPCSC Config for the Project. - operationId: artifactregistry.projects.locations.getVpcscConfig + post: + description: >- + Directly uploads a Yum artifact. The returned Operation will complete + once the resources are uploaded. Package, Version, and File resources + are created based on the imported artifact. Imported artifacts that + conflict with existing resources are ignored. + operationId: artifactregistry.projects.locations.repositories.yumArtifacts.upload + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UploadYumArtifactRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/VPCSCConfig' + $ref: '#/components/schemas/UploadYumArtifactMediaResponse' parameters: - in: path name: projectsId @@ -3247,14 +3310,25 @@ paths: required: true schema: type: string - patch: - description: Updates the VPCSC Config for the Project. - operationId: artifactregistry.projects.locations.updateVpcscConfig + - in: path + name: repositoriesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/yumArtifacts:import: + parameters: *ref_1 + post: + description: >- + Imports Yum (RPM) artifacts. The returned Operation will complete once + the resources are imported. Package, Version, and File resources are + created based on the imported artifacts. Imported artifacts that + conflict with existing resources are ignored. + operationId: artifactregistry.projects.locations.repositories.yumArtifacts.import requestBody: content: application/json: schema: - $ref: '#/components/schemas/VPCSCConfig' + $ref: '#/components/schemas/ImportYumArtifactsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3266,7 +3340,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VPCSCConfig' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3278,76 +3352,74 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: repositoriesId + required: true schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/rules/{rulesId}: parameters: *ref_1 - get: - description: Lists information about the supported locations for this service. - operationId: artifactregistry.projects.locations.list + patch: + description: Updates a rule. + operationId: artifactregistry.projects.locations.repositories.rules.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1Rule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1Rule' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: pageSize + - in: path + name: repositoriesId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: rulesId + required: true schema: type: string - in: query - name: extraLocationTypes + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 - get: - description: Gets information about a location. - operationId: artifactregistry.projects.locations.get + format: google-fieldmask + delete: + description: Deletes a rule. + operationId: artifactregistry.projects.locations.repositories.rules.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -3359,51 +3431,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: artifactregistry.projects.locations.operations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - in: path - name: locationsId + name: repositoriesId required: true schema: type: string - in: path - name: operationsId + name: rulesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories: - parameters: *ref_1 get: - description: Lists repositories. - operationId: artifactregistry.projects.locations.repositories.list + description: Gets a rule. + operationId: artifactregistry.projects.locations.repositories.rules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3419,7 +3459,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRepositoriesResponse' + $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1Rule' parameters: - in: path name: projectsId @@ -3431,34 +3471,26 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: repositoriesId + required: true schema: type: string - - in: query - name: orderBy + - in: path + name: rulesId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/rules: + parameters: *ref_1 post: - description: >- - Creates a repository. The returned Operation will finish once the - repository has been created. Its response will be the created - Repository. - operationId: artifactregistry.projects.locations.repositories.create + description: Creates a rule. + operationId: artifactregistry.projects.locations.repositories.rules.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Repository' + $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1Rule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3470,7 +3502,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1Rule' parameters: - in: path name: projectsId @@ -3482,15 +3514,18 @@ paths: required: true schema: type: string + - in: path + name: repositoriesId + required: true + schema: + type: string - in: query - name: repositoryId + name: ruleId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}: - parameters: *ref_1 get: - description: Gets a repository. - operationId: artifactregistry.projects.locations.repositories.get + description: Lists rules. + operationId: artifactregistry.projects.locations.repositories.rules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3506,7 +3541,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Repository' + $ref: '#/components/schemas/ListRulesResponse' parameters: - in: path name: projectsId @@ -3523,26 +3558,36 @@ paths: required: true schema: type: string - patch: - description: Updates a repository. - operationId: artifactregistry.projects.locations.repositories.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Repository' + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/mavenArtifacts/{mavenArtifactsId}: + parameters: *ref_1 + get: + description: Gets a maven artifact. + operationId: artifactregistry.projects.locations.repositories.mavenArtifacts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Repository' + $ref: '#/components/schemas/MavenArtifact' parameters: - in: path name: projectsId @@ -3559,29 +3604,32 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: mavenArtifactsId + required: true schema: type: string - format: google-fieldmask - delete: - description: >- - Deletes a repository and all of its contents. The returned Operation - will finish once the repository has been deleted. It will not have any - Operation metadata and will return a google.protobuf.Empty response. - operationId: artifactregistry.projects.locations.repositories.delete + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/mavenArtifacts: + parameters: *ref_1 + get: + description: Lists maven artifacts. + operationId: artifactregistry.projects.locations.repositories.mavenArtifacts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListMavenArtifactsResponse' parameters: - in: path name: projectsId @@ -3598,28 +3646,36 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:setIamPolicy: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/dockerImages/{dockerImagesId}: parameters: *ref_1 - post: - description: Updates the IAM policy for a given resource. - operationId: artifactregistry.projects.locations.repositories.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + get: + description: Gets a docker image. + operationId: artifactregistry.projects.locations.repositories.dockerImages.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/DockerImage' parameters: - in: path name: projectsId @@ -3636,11 +3692,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:getIamPolicy: + - in: path + name: dockerImagesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/dockerImages: parameters: *ref_1 get: - description: Gets the IAM policy for a given resource. - operationId: artifactregistry.projects.locations.repositories.getIamPolicy + description: Lists docker images. + operationId: artifactregistry.projects.locations.repositories.dockerImages.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3656,7 +3717,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListDockerImagesResponse' parameters: - in: path name: projectsId @@ -3674,36 +3735,43 @@ paths: schema: type: string - in: query - name: options.requestedPolicyVersion + name: orderBy + schema: + type: string + - in: query + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:testIamPermissions: + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/goModules:create: parameters: *ref_1 post: - description: Tests if the caller has a list of permissions on a resource. - operationId: artifactregistry.projects.locations.repositories.testIamPermissions + description: >- + Directly uploads a Go module. The returned Operation will complete once + the Go module is uploaded. Package, Version, and File resources are + created based on the uploaded Go module. + operationId: artifactregistry.projects.locations.repositories.goModules.upload requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/UploadGoModuleRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/UploadGoModuleMediaResponse' parameters: - in: path name: projectsId @@ -3720,27 +3788,26 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/dockerImages: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/files/{filesId}: parameters: *ref_1 - get: - description: Lists docker images. - operationId: artifactregistry.projects.locations.repositories.dockerImages.list + delete: + description: >- + Deletes a file and all of its content. It is only allowed on generic + repositories. The returned operation will complete once the file has + been deleted. + operationId: artifactregistry.projects.locations.repositories.files.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListDockerImagesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3757,40 +3824,31 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy + - in: path + name: filesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/dockerImages/{dockerImagesId}: - parameters: *ref_1 - get: - description: Gets a docker image. - operationId: artifactregistry.projects.locations.repositories.dockerImages.get + patch: + description: Updates a file. + operationId: artifactregistry.projects.locations.repositories.files.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1File' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/DockerImage' + $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1File' parameters: - in: path name: projectsId @@ -3808,15 +3866,18 @@ paths: schema: type: string - in: path - name: dockerImagesId + name: filesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/mavenArtifacts: - parameters: *ref_1 + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: Lists maven artifacts. - operationId: artifactregistry.projects.locations.repositories.mavenArtifacts.list + description: Gets a file. + operationId: artifactregistry.projects.locations.repositories.files.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3832,7 +3893,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListMavenArtifactsResponse' + $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1File' parameters: - in: path name: projectsId @@ -3849,20 +3910,16 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: filesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/mavenArtifacts/{mavenArtifactsId}: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/files: parameters: *ref_1 get: - description: Gets a maven artifact. - operationId: artifactregistry.projects.locations.repositories.mavenArtifacts.get + description: Lists files. + operationId: artifactregistry.projects.locations.repositories.files.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3878,7 +3935,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/MavenArtifact' + $ref: '#/components/schemas/ListFilesResponse' parameters: - in: path name: projectsId @@ -3895,32 +3952,47 @@ paths: required: true schema: type: string - - in: path - name: mavenArtifactsId - required: true + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/npmPackages: + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/files:upload: parameters: *ref_1 - get: - description: Lists npm packages. - operationId: artifactregistry.projects.locations.repositories.npmPackages.list + post: + description: >- + Directly uploads a file to a repository. The returned Operation will + complete once the resources are uploaded. + operationId: artifactregistry.projects.locations.repositories.files.upload + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UploadFileRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListNpmPackagesResponse' + $ref: '#/components/schemas/UploadFileMediaResponse' parameters: - in: path name: projectsId @@ -3937,20 +4009,11 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/npmPackages/{npmPackagesId}: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/files/{filesId}:download: parameters: *ref_1 get: - description: Gets a npm package. - operationId: artifactregistry.projects.locations.repositories.npmPackages.get + description: Download a file. + operationId: artifactregistry.projects.locations.repositories.files.download security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3966,7 +4029,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NpmPackage' + $ref: '#/components/schemas/DownloadFileResponse' parameters: - in: path name: projectsId @@ -3984,15 +4047,15 @@ paths: schema: type: string - in: path - name: npmPackagesId + name: filesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pythonPackages: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/attachments: parameters: *ref_1 get: - description: Lists python packages. - operationId: artifactregistry.projects.locations.repositories.pythonPackages.list + description: Lists attachments. + operationId: artifactregistry.projects.locations.repositories.attachments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4008,7 +4071,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListPythonPackagesResponse' + $ref: '#/components/schemas/ListAttachmentsResponse' parameters: - in: path name: projectsId @@ -4025,36 +4088,42 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pythonPackages/{pythonPackagesId}: - parameters: *ref_1 - get: - description: Gets a python package. - operationId: artifactregistry.projects.locations.repositories.pythonPackages.get + post: + description: >- + Creates an attachment. The returned Operation will finish once the + attachment has been created. Its response will be the created + attachment. + operationId: artifactregistry.projects.locations.repositories.attachments.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Attachment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/PythonPackage' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4071,25 +4140,18 @@ paths: required: true schema: type: string - - in: path - name: pythonPackagesId - required: true + - in: query + name: attachmentId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/aptArtifacts:import: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/attachments/{attachmentsId}: parameters: *ref_1 - post: + delete: description: >- - Imports Apt artifacts. The returned Operation will complete once the - resources are imported. Package, Version, and File resources are created - based on the imported artifacts. Imported artifacts that conflict with - existing resources are ignored. - operationId: artifactregistry.projects.locations.repositories.aptArtifacts.import - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ImportAptArtifactsRequest' + Deletes an attachment. The returned Operation will finish once the + attachments has been deleted. It will not have any Operation metadata + and will return a `google.protobuf.Empty` response. + operationId: artifactregistry.projects.locations.repositories.attachments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4118,32 +4180,30 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/aptArtifacts:create: - parameters: *ref_1 - post: - description: >- - Directly uploads an Apt artifact. The returned Operation will complete - once the resources are uploaded. Package, Version, and File resources - are created based on the imported artifact. Imported artifacts that - conflict with existing resources are ignored. - operationId: artifactregistry.projects.locations.repositories.aptArtifacts.upload - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UploadAptArtifactRequest' + - in: path + name: attachmentsId + required: true + schema: + type: string + get: + description: Gets an attachment. + operationId: artifactregistry.projects.locations.repositories.attachments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/UploadAptArtifactMediaResponse' + $ref: '#/components/schemas/Attachment' parameters: - in: path name: projectsId @@ -4160,32 +4220,32 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/yumArtifacts:import: + - in: path + name: attachmentsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pythonPackages: parameters: *ref_1 - post: - description: >- - Imports Yum (RPM) artifacts. The returned Operation will complete once - the resources are imported. Package, Version, and File resources are - created based on the imported artifacts. Imported artifacts that - conflict with existing resources are ignored. - operationId: artifactregistry.projects.locations.repositories.yumArtifacts.import - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ImportYumArtifactsRequest' + get: + description: Lists python packages. + operationId: artifactregistry.projects.locations.repositories.pythonPackages.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListPythonPackagesResponse' parameters: - in: path name: projectsId @@ -4202,32 +4262,36 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/yumArtifacts:create: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pythonPackages/{pythonPackagesId}: parameters: *ref_1 - post: - description: >- - Directly uploads a Yum artifact. The returned Operation will complete - once the resources are uploaded. Package, Version, and File resources - are created based on the imported artifact. Imported artifacts that - conflict with existing resources are ignored. - operationId: artifactregistry.projects.locations.repositories.yumArtifacts.upload - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UploadYumArtifactRequest' + get: + description: Gets a python package. + operationId: artifactregistry.projects.locations.repositories.pythonPackages.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/UploadYumArtifactMediaResponse' + $ref: '#/components/schemas/PythonPackage' parameters: - in: path name: projectsId @@ -4244,32 +4308,32 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/googetArtifacts:import: + - in: path + name: pythonPackagesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/packages/{packagesId}/tags: parameters: *ref_1 - post: - description: >- - Imports GooGet artifacts. The returned Operation will complete once the - resources are imported. Package, Version, and File resources are created - based on the imported artifacts. Imported artifacts that conflict with - existing resources are ignored. - operationId: artifactregistry.projects.locations.repositories.googetArtifacts.import - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ImportGoogetArtifactsRequest' + get: + description: Lists tags. + operationId: artifactregistry.projects.locations.repositories.packages.tags.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListTagsResponse' parameters: - in: path name: projectsId @@ -4286,20 +4350,32 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/googetArtifacts:create: - parameters: *ref_1 + - in: path + name: packagesId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string post: - description: >- - Directly uploads a GooGet artifact. The returned Operation will complete - once the resources are uploaded. Package, Version, and File resources - are created based on the imported artifact. Imported artifacts that - conflict with existing resources are ignored. - operationId: artifactregistry.projects.locations.repositories.googetArtifacts.upload + description: Creates a tag. + operationId: artifactregistry.projects.locations.repositories.packages.tags.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/UploadGoogetArtifactRequest' + $ref: '#/components/schemas/Tag' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4311,7 +4387,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UploadGoogetArtifactMediaResponse' + $ref: '#/components/schemas/Tag' parameters: - in: path name: projectsId @@ -4328,21 +4404,25 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/genericArtifacts:create: + - in: path + name: packagesId + required: true + schema: + type: string + - in: query + name: tagId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/packages/{packagesId}/tags/{tagsId}: parameters: *ref_1 - post: - description: >- - Directly uploads a Generic artifact. The returned operation will - complete once the resources are uploaded. Package, version, and file - resources are created based on the uploaded artifact. Uploaded artifacts - that conflict with existing resources will raise an `ALREADY_EXISTS` - error. - operationId: artifactregistry.projects.locations.repositories.genericArtifacts.upload + patch: + description: Updates a tag. + operationId: artifactregistry.projects.locations.repositories.packages.tags.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/UploadGenericArtifactRequest' + $ref: '#/components/schemas/Tag' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4354,7 +4434,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UploadGenericArtifactMediaResponse' + $ref: '#/components/schemas/Tag' parameters: - in: path name: projectsId @@ -4371,20 +4451,24 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/kfpArtifacts:create: - parameters: *ref_1 - post: - description: >- - Directly uploads a KFP artifact. The returned Operation will complete - once the resource is uploaded. Package, Version, and File resources will - be created based on the uploaded artifact. Uploaded artifacts that - conflict with existing resources will be overwritten. - operationId: artifactregistry.projects.locations.repositories.kfpArtifacts.upload - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UploadKfpArtifactRequest' + - in: path + name: packagesId + required: true + schema: + type: string + - in: path + name: tagsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a tag. + operationId: artifactregistry.projects.locations.repositories.packages.tags.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4396,7 +4480,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UploadKfpArtifactMediaResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -4413,31 +4497,35 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/goModules:create: - parameters: *ref_1 - post: - description: >- - Directly uploads a Go module. The returned Operation will complete once - the Go module is uploaded. Package, Version, and File resources are - created based on the uploaded Go module. - operationId: artifactregistry.projects.locations.repositories.goModules.upload - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UploadGoModuleRequest' + - in: path + name: packagesId + required: true + schema: + type: string + - in: path + name: tagsId + required: true + schema: + type: string + get: + description: Gets a tag. + operationId: artifactregistry.projects.locations.repositories.packages.tags.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/UploadGoModuleMediaResponse' + $ref: '#/components/schemas/Tag' parameters: - in: path name: projectsId @@ -4454,27 +4542,36 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/packages: + - in: path + name: packagesId + required: true + schema: + type: string + - in: path + name: tagsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/packages/{packagesId}/versions/{versionsId}: parameters: *ref_1 - get: - description: Lists packages. - operationId: artifactregistry.projects.locations.repositories.packages.list + delete: + description: >- + Deletes a version and all of its content. The returned operation will + complete once the version has been deleted. + operationId: >- + artifactregistry.projects.locations.repositories.packages.versions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListPackagesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4490,29 +4587,24 @@ paths: name: repositoriesId required: true schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: packagesId + required: true schema: type: string - - in: query - name: filter + - in: path + name: versionsId + required: true schema: type: string - in: query - name: orderBy + name: force schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/packages/{packagesId}: - parameters: *ref_1 + type: boolean get: - description: Gets a package. - operationId: artifactregistry.projects.locations.repositories.packages.get + description: Gets a version + operationId: artifactregistry.projects.locations.repositories.packages.versions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4528,7 +4620,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Package' + $ref: '#/components/schemas/Version' parameters: - in: path name: projectsId @@ -4550,11 +4642,23 @@ paths: required: true schema: type: string - delete: - description: >- - Deletes a package and all of its versions and tags. The returned - operation will complete once the package has been deleted. - operationId: artifactregistry.projects.locations.repositories.packages.delete + - in: path + name: versionsId + required: true + schema: + type: string + - in: query + name: view + schema: + type: string + patch: + description: Updates a version. + operationId: artifactregistry.projects.locations.repositories.packages.versions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Version' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4566,7 +4670,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Version' parameters: - in: path name: projectsId @@ -4588,14 +4692,29 @@ paths: required: true schema: type: string - patch: - description: Updates a package. - operationId: artifactregistry.projects.locations.repositories.packages.patch + - in: path + name: versionsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/packages/{packagesId}/versions:batchDelete: + parameters: *ref_1 + post: + description: >- + Deletes multiple versions across a repository. The returned operation + will complete once the versions have been deleted. + operationId: >- + artifactregistry.projects.locations.repositories.packages.versions.batchDelete requestBody: content: application/json: schema: - $ref: '#/components/schemas/Package' + $ref: '#/components/schemas/BatchDeleteVersionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4607,7 +4726,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Package' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4629,11 +4748,6 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/packages/{packagesId}/versions: parameters: *ref_1 get: @@ -4677,47 +4791,48 @@ paths: schema: type: string - in: query - name: pageSize + name: view schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: orderBy schema: type: string - in: query - name: view + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: orderBy + name: pageToken schema: type: string - in: query name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/packages/{packagesId}/versions/{versionsId}: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/packages/{packagesId}: parameters: *ref_1 - get: - description: Gets a version - operationId: artifactregistry.projects.locations.repositories.packages.versions.get + patch: + description: Updates a package. + operationId: artifactregistry.projects.locations.repositories.packages.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Package' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Version' + $ref: '#/components/schemas/Package' parameters: - in: path name: projectsId @@ -4739,21 +4854,16 @@ paths: required: true schema: type: string - - in: path - name: versionsId - required: true - schema: - type: string - in: query - name: view + name: updateMask schema: type: string + format: google-fieldmask delete: description: >- - Deletes a version and all of its content. The returned operation will - complete once the version has been deleted. - operationId: >- - artifactregistry.projects.locations.repositories.packages.versions.delete + Deletes a package and all of its versions and tags. The returned + operation will complete once the package has been deleted. + operationId: artifactregistry.projects.locations.repositories.packages.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4787,35 +4897,25 @@ paths: required: true schema: type: string - - in: path - name: versionsId - required: true - schema: - type: string - - in: query - name: force - schema: - type: boolean - patch: - description: Updates a version. - operationId: artifactregistry.projects.locations.repositories.packages.versions.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Version' + get: + description: Gets a package. + operationId: artifactregistry.projects.locations.repositories.packages.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Version' + $ref: '#/components/schemas/Package' parameters: - in: path name: projectsId @@ -4837,41 +4937,27 @@ paths: required: true schema: type: string - - in: path - name: versionsId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/packages/{packagesId}/versions:batchDelete: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/packages: parameters: *ref_1 - post: - description: >- - Deletes multiple versions across a repository. The returned operation - will complete once the versions have been deleted. - operationId: >- - artifactregistry.projects.locations.repositories.packages.versions.batchDelete - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BatchDeleteVersionsRequest' + get: + description: Lists packages. + operationId: artifactregistry.projects.locations.repositories.packages.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListPackagesResponse' parameters: - in: path name: projectsId @@ -4888,32 +4974,49 @@ paths: required: true schema: type: string - - in: path - name: packagesId - required: true + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/packages/{packagesId}/tags: + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/kfpArtifacts:create: parameters: *ref_1 - get: - description: Lists tags. - operationId: artifactregistry.projects.locations.repositories.packages.tags.list + post: + description: >- + Directly uploads a KFP artifact. The returned Operation will complete + once the resource is uploaded. Package, Version, and File resources will + be created based on the uploaded artifact. Uploaded artifacts that + conflict with existing resources will be overwritten. + operationId: artifactregistry.projects.locations.repositories.kfpArtifacts.upload + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UploadKfpArtifactRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListTagsResponse' + $ref: '#/components/schemas/UploadKfpArtifactMediaResponse' parameters: - in: path name: projectsId @@ -4930,32 +5033,20 @@ paths: required: true schema: type: string - - in: path - name: packagesId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/googetArtifacts:import: + parameters: *ref_1 post: - description: Creates a tag. - operationId: artifactregistry.projects.locations.repositories.packages.tags.create + description: >- + Imports GooGet artifacts. The returned Operation will complete once the + resources are imported. Package, Version, and File resources are created + based on the imported artifacts. Imported artifacts that conflict with + existing resources are ignored. + operationId: artifactregistry.projects.locations.repositories.googetArtifacts.import requestBody: content: application/json: schema: - $ref: '#/components/schemas/Tag' + $ref: '#/components/schemas/ImportGoogetArtifactsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4967,7 +5058,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Tag' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4984,36 +5075,32 @@ paths: required: true schema: type: string - - in: path - name: packagesId - required: true - schema: - type: string - - in: query - name: tagId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/packages/{packagesId}/tags/{tagsId}: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/googetArtifacts:create: parameters: *ref_1 - get: - description: Gets a tag. - operationId: artifactregistry.projects.locations.repositories.packages.tags.get + post: + description: >- + Directly uploads a GooGet artifact. The returned Operation will complete + once the resources are uploaded. Package, Version, and File resources + are created based on the imported artifact. Imported artifacts that + conflict with existing resources are ignored. + operationId: artifactregistry.projects.locations.repositories.googetArtifacts.upload + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UploadGoogetArtifactRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Tag' + $ref: '#/components/schemas/UploadGoogetArtifactMediaResponse' parameters: - in: path name: projectsId @@ -5030,24 +5117,20 @@ paths: required: true schema: type: string - - in: path - name: packagesId - required: true - schema: - type: string - - in: path - name: tagsId - required: true - schema: - type: string - patch: - description: Updates a tag. - operationId: artifactregistry.projects.locations.repositories.packages.tags.patch + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/aptArtifacts:create: + parameters: *ref_1 + post: + description: >- + Directly uploads an Apt artifact. The returned Operation will complete + once the resources are uploaded. Package, Version, and File resources + are created based on the imported artifact. Imported artifacts that + conflict with existing resources are ignored. + operationId: artifactregistry.projects.locations.repositories.aptArtifacts.upload requestBody: content: application/json: schema: - $ref: '#/components/schemas/Tag' + $ref: '#/components/schemas/UploadAptArtifactRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5059,7 +5142,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Tag' + $ref: '#/components/schemas/UploadAptArtifactMediaResponse' parameters: - in: path name: projectsId @@ -5076,36 +5159,69 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/aptArtifacts:import: + parameters: *ref_1 + post: + description: >- + Imports Apt artifacts. The returned Operation will complete once the + resources are imported. Package, Version, and File resources are created + based on the imported artifacts. Imported artifacts that conflict with + existing resources are ignored. + operationId: artifactregistry.projects.locations.repositories.aptArtifacts.import + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ImportAptArtifactsRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: - in: path - name: packagesId + name: projectsId required: true schema: type: string - in: path - name: tagsId + name: locationsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: repositoriesId + required: true schema: type: string - format: google-fieldmask - delete: - description: Deletes a tag. - operationId: artifactregistry.projects.locations.repositories.packages.tags.delete + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/npmPackages: + parameters: *ref_1 + get: + description: Lists npm packages. + operationId: artifactregistry.projects.locations.repositories.npmPackages.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListNpmPackagesResponse' parameters: - in: path name: projectsId @@ -5122,21 +5238,20 @@ paths: required: true schema: type: string - - in: path - name: packagesId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: tagsId - required: true + - in: query + name: pageSize schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/files: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/npmPackages/{npmPackagesId}: parameters: *ref_1 get: - description: Lists files. - operationId: artifactregistry.projects.locations.repositories.files.list + description: Gets a npm package. + operationId: artifactregistry.projects.locations.repositories.npmPackages.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5152,7 +5267,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListFilesResponse' + $ref: '#/components/schemas/NpmPackage' parameters: - in: path name: projectsId @@ -5169,28 +5284,16 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy + - in: path + name: npmPackagesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/files/{filesId}: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}: parameters: *ref_1 get: - description: Gets a file. - operationId: artifactregistry.projects.locations.repositories.files.get + description: Gets a repository. + operationId: artifactregistry.projects.locations.repositories.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5206,7 +5309,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1File' + $ref: '#/components/schemas/Repository' parameters: - in: path name: projectsId @@ -5223,17 +5326,12 @@ paths: required: true schema: type: string - - in: path - name: filesId - required: true - schema: - type: string delete: description: >- - Deletes a file and all of its content. It is only allowed on generic - repositories. The returned operation will complete once the file has - been deleted. - operationId: artifactregistry.projects.locations.repositories.files.delete + Deletes a repository and all of its contents. The returned Operation + will finish once the repository has been deleted. It will not have any + Operation metadata and will return a google.protobuf.Empty response. + operationId: artifactregistry.projects.locations.repositories.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5262,19 +5360,14 @@ paths: required: true schema: type: string - - in: path - name: filesId - required: true - schema: - type: string patch: - description: Updates a file. - operationId: artifactregistry.projects.locations.repositories.files.patch + description: Updates a repository. + operationId: artifactregistry.projects.locations.repositories.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1File' + $ref: '#/components/schemas/Repository' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5286,7 +5379,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1File' + $ref: '#/components/schemas/Repository' parameters: - in: path name: projectsId @@ -5303,21 +5396,21 @@ paths: required: true schema: type: string - - in: path - name: filesId - required: true - schema: - type: string - in: query name: updateMask schema: type: string format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/files/{filesId}:download: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:testIamPermissions: parameters: *ref_1 - get: - description: Download a file. - operationId: artifactregistry.projects.locations.repositories.files.download + post: + description: Tests if the caller has a list of permissions on a resource. + operationId: artifactregistry.projects.locations.repositories.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5333,7 +5426,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DownloadFileResponse' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -5350,35 +5443,65 @@ paths: required: true schema: type: string - - in: path - name: filesId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/files:upload: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:setIamPolicy: parameters: *ref_1 post: - description: >- - Directly uploads a file to a repository. The returned Operation will - complete once the resources are uploaded. - operationId: artifactregistry.projects.locations.repositories.files.upload + description: Updates the IAM policy for a given resource. + operationId: artifactregistry.projects.locations.repositories.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/UploadFileRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Policy' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: repositoriesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:getIamPolicy: + parameters: *ref_1 + get: + description: Gets the IAM policy for a given resource. + operationId: artifactregistry.projects.locations.repositories.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/UploadFileMediaResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -5395,16 +5518,24 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/rules: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/repositories: parameters: *ref_1 post: - description: Creates a rule. - operationId: artifactregistry.projects.locations.repositories.rules.create + description: >- + Creates a repository. The returned Operation will finish once the + repository has been created. Its response will be the created + Repository. + operationId: artifactregistry.projects.locations.repositories.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1Rule' + $ref: '#/components/schemas/Repository' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5416,7 +5547,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1Rule' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5428,18 +5559,13 @@ paths: required: true schema: type: string - - in: path - name: repositoriesId - required: true - schema: - type: string - in: query - name: ruleId + name: repositoryId schema: type: string get: - description: Lists rules. - operationId: artifactregistry.projects.locations.repositories.rules.list + description: Lists repositories. + operationId: artifactregistry.projects.locations.repositories.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5455,7 +5581,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRulesResponse' + $ref: '#/components/schemas/ListRepositoriesResponse' parameters: - in: path name: projectsId @@ -5467,9 +5593,12 @@ paths: required: true schema: type: string - - in: path - name: repositoriesId - required: true + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter schema: type: string - in: query @@ -5481,27 +5610,28 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/rules/{rulesId}: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:exportArtifact: parameters: *ref_1 - get: - description: Gets a rule. - operationId: artifactregistry.projects.locations.repositories.rules.get + post: + description: Exports an artifact. + operationId: artifactregistry.projects.locations.repositories.exportArtifact + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ExportArtifactRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1Rule' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5518,19 +5648,56 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: artifactregistry.projects.locations.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: rulesId + name: locationsId + required: true + schema: + type: string + - in: path + name: operationsId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/vpcscConfig: + parameters: *ref_1 patch: - description: Updates a rule. - operationId: artifactregistry.projects.locations.repositories.rules.patch + description: Updates the VPCSC Config for the Project. + operationId: artifactregistry.projects.locations.updateVpcscConfig requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1Rule' + $ref: '#/components/schemas/VPCSCConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5542,7 +5709,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleDevtoolsArtifactregistryV1Rule' + $ref: '#/components/schemas/VPCSCConfig' parameters: - in: path name: projectsId @@ -5554,36 +5721,30 @@ paths: required: true schema: type: string - - in: path - name: repositoriesId - required: true - schema: - type: string - - in: path - name: rulesId - required: true - schema: - type: string - in: query name: updateMask schema: type: string format: google-fieldmask - delete: - description: Deletes a rule. - operationId: artifactregistry.projects.locations.repositories.rules.delete + get: + description: Retrieves the VPCSC Config for the Project. + operationId: artifactregistry.projects.locations.getVpcscConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/VPCSCConfig' parameters: - in: path name: projectsId @@ -5595,21 +5756,11 @@ paths: required: true schema: type: string - - in: path - name: repositoriesId - required: true - schema: - type: string - - in: path - name: rulesId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/attachments: + /v1/projects/{projectsId}/locations/{locationsId}: parameters: *ref_1 get: - description: Lists attachments. - operationId: artifactregistry.projects.locations.repositories.attachments.list + description: Gets information about a location. + operationId: artifactregistry.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5625,7 +5776,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAttachmentsResponse' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId @@ -5637,72 +5788,55 @@ paths: required: true schema: type: string - - in: path - name: repositoriesId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - post: - description: >- - Creates an attachment. The returned Operation will finish once the - attachment has been created. Its response will be the created - attachment. - operationId: artifactregistry.projects.locations.repositories.attachments.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Attachment' + /v1/projects/{projectsId}/locations: + parameters: *ref_1 + get: + description: Lists information about the supported locations for this service. + operationId: artifactregistry.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - - in: path - name: repositoriesId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: attachmentId + name: extraLocationTypes schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/attachments/{attachmentsId}: + /v1/projects/{projectsId}/projectSettings: parameters: *ref_1 get: - description: Gets an attachment. - operationId: artifactregistry.projects.locations.repositories.attachments.get + description: Retrieves the Settings for the Project. + operationId: artifactregistry.projects.getProjectSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5718,34 +5852,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Attachment' + $ref: '#/components/schemas/ProjectSettings' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: repositoriesId - required: true - schema: - type: string - - in: path - name: attachmentsId - required: true - schema: - type: string - delete: - description: >- - Deletes an attachment. The returned Operation will finish once the - attachments has been deleted. It will not have any Operation metadata - and will return a `google.protobuf.Empty` response. - operationId: artifactregistry.projects.locations.repositories.attachments.delete + patch: + description: Updates the Settings for the Project. + operationId: artifactregistry.projects.updateProjectSettings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ProjectSettings' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5757,25 +5878,15 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ProjectSettings' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: repositoriesId - required: true - schema: - type: string - - in: path - name: attachmentsId - required: true + - in: query + name: updateMask schema: type: string + format: google-fieldmask diff --git a/providers/src/googleapis.com/v00.00.00000/services/assuredworkloads.yaml b/providers/src/googleapis.com/v00.00.00000/services/assuredworkloads.yaml index 16e65d61..d174ea17 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/assuredworkloads.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/assuredworkloads.yaml @@ -7,8 +7,8 @@ info: title: Assured Workloads API description: '' version: v1 - x-discovery-doc-revision: '20250821' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251023' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/learnmoreurl servers: @@ -34,513 +34,176 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleLongrunningListOperationsResponse: - id: GoogleLongrunningListOperationsResponse - description: The response message for Operations.ListOperations. + GoogleCloudAssuredworkloadsV1ApplyWorkloadUpdateRequest: type: object properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/GoogleLongrunningOperation' - nextPageToken: - description: The standard List next-page token. + action: + description: The action to be performed on the update. + enumDescriptions: + - Unspecified value. + - The update is applied. + enum: + - WORKLOAD_UPDATE_ACTION_UNSPECIFIED + - APPLY type: string - GoogleLongrunningOperation: - id: GoogleLongrunningOperation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + description: Request to apply update to a workload. + id: GoogleCloudAssuredworkloadsV1ApplyWorkloadUpdateRequest + GoogleCloudAssuredworkloadsV1OrgPolicyPolicyRule: type: object + description: A rule used to express this policy. properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. + enforce: type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/GoogleRpcStatus' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleRpcStatus: - id: GoogleRpcStatus - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object + description: BooleanPolicy only. + denyAll: + description: ListPolicy only when all values are denied. + type: boolean + values: + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1OrgPolicyPolicyRuleStringValues + description: ListPolicy only when custom values are specified. + allowAll: + description: ListPolicy only when all values are allowed. + type: boolean + id: GoogleCloudAssuredworkloadsV1OrgPolicyPolicyRule + GoogleCloudAssuredworkloadsV1AcknowledgeViolationRequest: properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + comment: + type: string description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + Required. Business justification explaining the need for violation + acknowledgement + acknowledgeType: + enumDescriptions: + - Acknowledge type unspecified. + - Acknowledge only the specific violation. + - >- + Acknowledge specified orgPolicy violation and also associated + resource violations. + enum: + - ACKNOWLEDGE_TYPE_UNSPECIFIED + - SINGLE_VIOLATION + - EXISTING_CHILD_RESOURCE_VIOLATIONS + description: Optional. Acknowledge type of specified violation. type: string - details: + nonCompliantOrgPolicy: + type: string + deprecated: true description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + Optional. This field is deprecated and will be removed in future + version of the API. Name of the OrgPolicy which was modified with + non-compliant change and resulted in this violation. Format: + projects/{project_number}/policies/{constraint_name} + folders/{folder_id}/policies/{constraint_name} + organizations/{organization_id}/policies/{constraint_name} + description: Request for acknowledging the violation + id: GoogleCloudAssuredworkloadsV1AcknowledgeViolationRequest + type: object + GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsConsole: + description: Remediation instructions to resolve violation via cloud console + properties: + steps: type: array + description: Steps to resolve violation via cloud console items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleCloudAssuredworkloadsV1Workload: - id: GoogleCloudAssuredworkloadsV1Workload + type: string + additionalLinks: + description: Additional urls for more information about steps + type: array + items: + type: string + consoleUris: + description: Link to console page where violations can be resolved + items: + type: string + type: array + id: GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsConsole + type: object + GoogleCloudAssuredworkloadsV1MoveAnalysisGroup: description: >- - A Workload object for managing highly regulated workloads of cloud - customers. + Represents a logical group of checks performed for an asset. If + successful, the group contains the analysis result, otherwise it + contains an error with the failure reason. + properties: + analysisResult: + $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1MoveAnalysisResult' + description: Result of a successful analysis. + displayName: + type: string + description: Name of the analysis group. + error: + description: Error details for a failed analysis. + $ref: '#/components/schemas/GoogleRpcStatus' type: object + id: GoogleCloudAssuredworkloadsV1MoveAnalysisGroup + GoogleCloudAssuredworkloadsV1WorkloadUpdate: + type: object + id: GoogleCloudAssuredworkloadsV1WorkloadUpdate properties: + updateTime: + type: string + format: google-datetime + description: The time the update was last updated. + createTime: + description: The time the update was created. + type: string + format: google-datetime + state: + enum: + - STATE_UNSPECIFIED + - AVAILABLE + - APPLIED + - WITHDRAWN + type: string + readOnly: true + description: Output only. The state of the update. + enumDescriptions: + - Unspecified. + - The update is available to be applied. + - The update has been applied. + - The update has been withdrawn by the service. + details: + $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1UpdateDetails' + description: The details of the update. name: description: >- - Optional. The resource name of the workload. Format: - organizations/{organization}/locations/{location}/workloads/{workload} - Read-only. + Output only. Immutable. Identifier. Resource name of the + WorkloadUpdate. Format: + organizations/{organization}/locations/{location}/workloads/{workload}/updates/{update} type: string + readOnly: true + description: >- + A workload update is a change to the workload's compliance + configuration. + GoogleCloudAssuredworkloadsV1WorkloadResourceSettings: + id: GoogleCloudAssuredworkloadsV1WorkloadResourceSettings + description: Represent the custom settings for the resources to be created. + type: object + properties: displayName: description: >- - Required. The user-assigned display name of the Workload. When - present it must be between 4 to 30 characters. Allowed characters - are: lowercase and uppercase letters, numbers, hyphen, and spaces. - Example: My Workload + User-assigned resource display name. If not empty it will be used to + create a resource with the specified name. + type: string + resourceId: type: string - resources: - description: >- - Output only. The resources associated with this workload. These - resources will be created when creating the workload. If any of the - projects already exist, the workload creation will fail. Always read - only. - readOnly: true - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadResourceInfo - complianceRegime: description: >- - Required. Immutable. Compliance Regime associated with this - workload. + Resource identifier. For a project this represents project_id. If + the project is already taken, the workload creation will fail. For + KeyRing, this represents the keyring_id. For a folder, don't set + this value as folder_id is assigned by Google. + resourceType: type: string - enumDescriptions: - - Unknown compliance regime. - - Information protection as per DoD IL4 requirements. - - Criminal Justice Information Services (CJIS) Security policies. - - FedRAMP High data protection controls - - FedRAMP Moderate data protection controls - - Assured Workloads For US Regions data protection controls - - >- - [DEPRECATED] Health Insurance Portability and Accountability Act - controls - - '[DEPRECATED] Health Information Trust Alliance controls' - - Assured Workloads For EU Regions and Support controls - - Assured Workloads For Canada Regions and Support controls - - International Traffic in Arms Regulations - - Assured Workloads for Australia Regions and Support controls - - Assured Workloads for Partners; - - Assured Workloads for Israel Regions - - Assured Workloads for Israel Regions - - Assured Workloads for Canada Protected B regime - - Information protection as per DoD IL5 requirements. - - Information protection as per DoD IL2 requirements. - - Assured Workloads for Japan Regions - - Assured Workloads Sovereign Controls KSA - - Assured Workloads for Regional Controls - - Healthcare and Life Science Controls - - Healthcare and Life Science Controls with US Support - - Internal Revenue Service 1075 controls - - Canada Controlled Goods - - Australia Data Boundary and Support - - Canada Data Boundary and Support - - Data Boundary for Canada Controlled Goods - - Data Boundary for Canada Protected B - - Data Boundary for CJIS - - Data Boundary for FedRAMP High - - Data Boundary for FedRAMP Moderate - - Data Boundary for IL2 - - Data Boundary for IL4 - - Data Boundary for IL5 - - Data Boundary for IRS Publication 1075 - - Data Boundary for ITAR - - Data Boundary for EU Regions and Support - - Data Boundary for Israel Regions - - Data Boundary for US Regions and Support - - Data Boundary for US Healthcare and Life Sciences - - Data Boundary for US Healthcare and Life Sciences with Support - - KSA Data Boundary with Access Justifications - - Regional Data Boundary - - JAPAN Data Boundary - enumDeprecated: - - false - - false - - false - - false - - false - - false - - true - - true - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - enum: - - COMPLIANCE_REGIME_UNSPECIFIED - - IL4 - - CJIS - - FEDRAMP_HIGH - - FEDRAMP_MODERATE - - US_REGIONAL_ACCESS - - HIPAA - - HITRUST - - EU_REGIONS_AND_SUPPORT - - CA_REGIONS_AND_SUPPORT - - ITAR - - AU_REGIONS_AND_US_SUPPORT - - ASSURED_WORKLOADS_FOR_PARTNERS - - ISR_REGIONS - - ISR_REGIONS_AND_SUPPORT - - CA_PROTECTED_B - - IL5 - - IL2 - - JP_REGIONS_AND_SUPPORT - - KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS - - REGIONAL_CONTROLS - - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS - - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_US_SUPPORT - - IRS_1075 - - CANADA_CONTROLLED_GOODS - - AUSTRALIA_DATA_BOUNDARY_AND_SUPPORT - - CANADA_DATA_BOUNDARY_AND_SUPPORT - - DATA_BOUNDARY_FOR_CANADA_CONTROLLED_GOODS - - DATA_BOUNDARY_FOR_CANADA_PROTECTED_B - - DATA_BOUNDARY_FOR_CJIS - - DATA_BOUNDARY_FOR_FEDRAMP_HIGH - - DATA_BOUNDARY_FOR_FEDRAMP_MODERATE - - DATA_BOUNDARY_FOR_IL2 - - DATA_BOUNDARY_FOR_IL4 - - DATA_BOUNDARY_FOR_IL5 - - DATA_BOUNDARY_FOR_IRS_PUBLICATION_1075 - - DATA_BOUNDARY_FOR_ITAR - - EU_DATA_BOUNDARY_AND_SUPPORT - - ISRAEL_DATA_BOUNDARY_AND_SUPPORT - - US_DATA_BOUNDARY_AND_SUPPORT - - US_DATA_BOUNDARY_FOR_HEALTHCARE_AND_LIFE_SCIENCES - - US_DATA_BOUNDARY_FOR_HEALTHCARE_AND_LIFE_SCIENCES_WITH_SUPPORT - - KSA_DATA_BOUNDARY_WITH_ACCESS_JUSTIFICATIONS - - REGIONAL_DATA_BOUNDARY - - JAPAN_DATA_BOUNDARY - createTime: - description: Output only. Immutable. The Workload creation timestamp. - readOnly: true - type: string - format: google-datetime - billingAccount: - description: >- - Optional. The billing account used for the resources which are - direct children of workload. This billing account is initially - associated with the resources created as part of Workload creation. - After the initial creation of these resources, the customer can - change the assigned billing account. The resource name has the form - `billingAccounts/{billing_account_id}`. For example, - `billingAccounts/012345-567890-ABCDEF`. - type: string - etag: - description: >- - Optional. ETag of the workload, it is calculated on the basis of the - Workload contents. It will be used in Update & Delete operations. - type: string - labels: - description: Optional. Labels applied to the workload. - type: object - additionalProperties: - type: string - provisionedResourcesParent: - description: >- - Input only. The parent resource for the resources managed by this - Assured Workload. May be either empty or a folder resource which is - a child of the Workload parent. If not specified all resources are - created under the parent organization. Format: folders/{folder_id} - type: string - kmsSettings: - description: >- - Input only. Settings used to create a CMEK crypto key. When set, a - project with a KMS CMEK key is provisioned. This field is deprecated - as of Feb 28, 2022. In order to create a Keyring, callers should - specify, ENCRYPTION_KEYS_PROJECT or KEYRING in - ResourceSettings.resource_type field. - deprecated: true - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadKMSSettings - resourceSettings: - description: >- - Input only. Resource properties that are used to customize workload - resources. These properties (such as custom project id) will be used - to create workload resources if possible. This field is optional. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadResourceSettings - kajEnrollmentState: - description: >- - Output only. Represents the KAJ enrollment state of the given - workload. - readOnly: true - type: string - enumDescriptions: - - Default State for KAJ Enrollment. - - Pending State for KAJ Enrollment. - - Complete State for KAJ Enrollment. - enum: - - KAJ_ENROLLMENT_STATE_UNSPECIFIED - - KAJ_ENROLLMENT_STATE_PENDING - - KAJ_ENROLLMENT_STATE_COMPLETE - enableSovereignControls: - description: >- - Optional. Indicates the sovereignty status of the given workload. - Currently meant to be used by Europe/Canada customers. - type: boolean - saaEnrollmentResponse: - description: >- - Output only. Represents the SAA enrollment response of the given - workload. SAA enrollment response is queried during GetWorkload - call. In failure cases, user friendly error message is shown in SAA - details page. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadSaaEnrollmentResponse - complianceStatus: - description: Output only. Count of active Violations in the Workload. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadComplianceStatus - compliantButDisallowedServices: - description: >- - Output only. Urls for services which are compliant for this Assured - Workload, but which are currently disallowed by the - ResourceUsageRestriction org policy. Invoke RestrictAllowedResources - endpoint to allow your project developers to use these services in - their environment. - readOnly: true - type: array - items: - type: string - partner: - description: Optional. Partner regime associated with this workload. - type: string - enumDescriptions: - - '' - - Enum representing S3NS (Thales) partner. - - Enum representing T_SYSTEM (TSI) partner. - - Enum representing SIA_MINSAIT (Indra) partner. - - Enum representing PSN (TIM) partner. - - Enum representing CNTXT (Kingdom of Saudi Arabia) partner. - - >- - Enum representing CNTXT (Kingdom of Saudi Arabia) partner offering - without EKM. - enum: - - PARTNER_UNSPECIFIED - - LOCAL_CONTROLS_BY_S3NS - - SOVEREIGN_CONTROLS_BY_T_SYSTEMS - - SOVEREIGN_CONTROLS_BY_SIA_MINSAIT - - SOVEREIGN_CONTROLS_BY_PSN - - SOVEREIGN_CONTROLS_BY_CNTXT - - SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM - partnerPermissions: - description: >- - Optional. Permissions granted to the AW Partner SA account for the - customer workload - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions - partnerServicesBillingAccount: - description: >- - Optional. Billing account necessary for purchasing services from - Sovereign Partners. This field is required for creating - SIA/PSN/CNTXT partner workloads. The caller should have - 'billing.resourceAssociations.create' IAM permission on this - billing-account. The format of this string is - billingAccounts/AAAAAA-BBBBBB-CCCCCC - type: string - violationNotificationsEnabled: - description: >- - Optional. Indicates whether the e-mail notification for a violation - is enabled for a workload. This value will be by default True, and - if not present will be considered as true. This should only be - updated via updateWorkload call. Any Changes to this field during - the createWorkload call will not be honored. This will always be - true while creating the workload. - type: boolean - ekmProvisioningResponse: - description: >- - Output only. Represents the Ekm Provisioning State of the given - workload. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadEkmProvisioningResponse - resourceMonitoringEnabled: - description: >- - Output only. Indicates whether resource monitoring is enabled for - workload or not. It is true when Resource feed is subscribed to AWM - topic and AWM Service Agent Role is binded to AW Service Account for - resource Assured workload. - readOnly: true - type: boolean - workloadOptions: - description: Optional. Options to be set for the given created workload. - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadWorkloadOptions - GoogleCloudAssuredworkloadsV1WorkloadResourceInfo: - id: GoogleCloudAssuredworkloadsV1WorkloadResourceInfo - description: Represent the resources that are children of this Workload. - type: object - properties: - resourceId: description: >- - Output only. Resource identifier. For a project this represents - project_number. - readOnly: true - type: string - format: int64 - resourceType: - description: Indicates the type of resource. - type: string - enumDescriptions: - - Unknown resource type. - - >- - Deprecated. Existing workloads will continue to support this, but - new CreateWorkloadRequests should not specify this as an input - value. - - Consumer Folder. - - Consumer project containing encryption keys. - - Keyring resource that hosts encryption keys. + Indicates the type of resource. This field should be specified to + correspond the id to the right project type (CONSUMER_PROJECT or + ENCRYPTION_KEYS_PROJECT) enumDeprecated: - false - true - false - false - false - enum: - - RESOURCE_TYPE_UNSPECIFIED - - CONSUMER_PROJECT - - CONSUMER_FOLDER - - ENCRYPTION_KEYS_PROJECT - - KEYRING - GoogleCloudAssuredworkloadsV1WorkloadKMSSettings: - id: GoogleCloudAssuredworkloadsV1WorkloadKMSSettings - deprecated: true - description: Settings specific to the Key Management Service. - type: object - properties: - nextRotationTime: - description: >- - Required. Input only. Immutable. The time at which the Key - Management Service will automatically create a new version of the - crypto key and mark it as the primary. - type: string - format: google-datetime - rotationPeriod: - description: >- - Required. Input only. Immutable. [next_rotation_time] will be - advanced by this period when the Key Management Service - automatically rotates a key. Must be at least 24 hours and at most - 876,000 hours. - type: string - format: google-duration - GoogleCloudAssuredworkloadsV1WorkloadResourceSettings: - id: GoogleCloudAssuredworkloadsV1WorkloadResourceSettings - description: Represent the custom settings for the resources to be created. - type: object - properties: - resourceId: - description: >- - Resource identifier. For a project this represents project_id. If - the project is already taken, the workload creation will fail. For - KeyRing, this represents the keyring_id. For a folder, don't set - this value as folder_id is assigned by Google. - type: string - resourceType: - description: >- - Indicates the type of resource. This field should be specified to - correspond the id to the right project type (CONSUMER_PROJECT or - ENCRYPTION_KEYS_PROJECT) - type: string enumDescriptions: - Unknown resource type. - >- @@ -550,129 +213,48 @@ components: - Consumer Folder. - Consumer project containing encryption keys. - Keyring resource that hosts encryption keys. - enumDeprecated: - - false - - true - - false - - false - - false enum: - RESOURCE_TYPE_UNSPECIFIED - CONSUMER_PROJECT - CONSUMER_FOLDER - ENCRYPTION_KEYS_PROJECT - KEYRING - displayName: - description: >- - User-assigned resource display name. If not empty it will be used to - create a resource with the specified name. + GoogleCloudAssuredworkloadsV1MoveImpact: + description: Represents the impact of moving the asset to the target. + properties: + detail: type: string - GoogleCloudAssuredworkloadsV1WorkloadSaaEnrollmentResponse: - id: GoogleCloudAssuredworkloadsV1WorkloadSaaEnrollmentResponse - description: Signed Access Approvals (SAA) enrollment response. + description: Explanation of the impact. + id: GoogleCloudAssuredworkloadsV1MoveImpact + type: object + GoogleCloudAssuredworkloadsV1AnalyzeWorkloadMoveResponse: + id: GoogleCloudAssuredworkloadsV1AnalyzeWorkloadMoveResponse type: object properties: - setupStatus: - description: Output only. Indicates SAA enrollment status of a given workload. - readOnly: true - type: string - enumDescriptions: - - Unspecified. - - SAA enrollment pending. - - SAA enrollment comopleted. - enum: - - SETUP_STATE_UNSPECIFIED - - STATUS_PENDING - - STATUS_COMPLETE - setupErrors: - description: Indicates SAA enrollment setup error if any. + assetMoveAnalyses: type: array + description: List of analysis results for each asset in scope. items: - type: string - enumDescriptions: - - Unspecified. - - >- - Invalid states for all customers, to be redirected to AA UI for - additional details. - - Returned when there is not an EKM key configured. - - >- - Returned when there are no enrolled services or the customer is - enrolled in CAA only for a subset of services. - - >- - Returned when exception was encountered during evaluation of - other criteria. - enum: - - SETUP_ERROR_UNSPECIFIED - - ERROR_INVALID_BASE_SETUP - - ERROR_MISSING_EXTERNAL_SIGNING_KEY - - ERROR_NOT_ALL_SERVICES_ENROLLED - - ERROR_SETUP_CHECK_FAILED - GoogleCloudAssuredworkloadsV1WorkloadComplianceStatus: - id: GoogleCloudAssuredworkloadsV1WorkloadComplianceStatus - description: Represents the Compliance Status of this workload - type: object - properties: - activeViolationCount: - description: Number of current orgPolicy violations which are not acknowledged. - type: integer - format: int32 - acknowledgedViolationCount: - description: Number of current orgPolicy violations which are acknowledged. - type: integer - format: int32 - activeResourceViolationCount: - description: Number of current resource violations which are acknowledged. - type: integer - format: int32 - acknowledgedResourceViolationCount: - description: Number of current resource violations which are not acknowledged. - type: integer - format: int32 - GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions: - id: GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1AssetMoveAnalysis + nextPageToken: + description: The next page token. Is empty if the last page is reached. + type: string description: >- - Permissions granted to the AW Partner SA account for the customer - workload - type: object - properties: - dataLogsViewer: - description: >- - Optional. Allow the partner to view inspectability logs and - monitoring violations. - type: boolean - serviceAccessApprover: - description: Optional. Allow partner to view access approval logs. - type: boolean - assuredWorkloadsMonitoring: - description: Optional. Allow partner to view violation alerts. - type: boolean - accessTransparencyLogsSupportCaseViewer: - description: Optional. Allow partner to view support case details for an AXT log - type: boolean + Response containing the analysis results for the hypothetical resource + move. GoogleCloudAssuredworkloadsV1WorkloadEkmProvisioningResponse: - id: GoogleCloudAssuredworkloadsV1WorkloadEkmProvisioningResponse - description: External key management systems(EKM) Provisioning response - type: object properties: - ekmProvisioningState: - description: >- - Output only. Indicates Ekm enrollment Provisioning of a given - workload. - readOnly: true + ekmProvisioningErrorDomain: type: string - enumDescriptions: - - Default State for Ekm Provisioning - - Pending State for Ekm Provisioning - - Failed State for Ekm Provisioning - - Completed State for Ekm Provisioning enum: - - EKM_PROVISIONING_STATE_UNSPECIFIED - - EKM_PROVISIONING_STATE_PENDING - - EKM_PROVISIONING_STATE_FAILED - - EKM_PROVISIONING_STATE_COMPLETED - ekmProvisioningErrorDomain: + - EKM_PROVISIONING_ERROR_DOMAIN_UNSPECIFIED + - UNSPECIFIED_ERROR + - GOOGLE_SERVER_ERROR + - EXTERNAL_USER_ERROR + - EXTERNAL_PARTNER_ERROR + - TIMEOUT_ERROR description: Indicates Ekm provisioning error if any. - type: string enumDescriptions: - No error domain - Error but domain is unspecified. @@ -682,14 +264,12 @@ components: resource. - Error occurred within the partner's provisioning cluster. - Resource wasn't provisioned in the required 7 day time period - enum: - - EKM_PROVISIONING_ERROR_DOMAIN_UNSPECIFIED - - UNSPECIFIED_ERROR - - GOOGLE_SERVER_ERROR - - EXTERNAL_USER_ERROR - - EXTERNAL_PARTNER_ERROR - - TIMEOUT_ERROR ekmProvisioningErrorMapping: + enum: + - EKM_PROVISIONING_ERROR_MAPPING_UNSPECIFIED + - INVALID_SERVICE_ACCOUNT + - MISSING_METRICS_SCOPE_ADMIN_PERMISSION + - MISSING_EKM_CONNECTION_ADMIN_PERMISSION description: Detailed error message if Ekm provisioning fails type: string enumDescriptions: @@ -697,38 +277,93 @@ components: - Service account is used is invalid. - Iam permission monitoring.MetricsScopeAdmin wasn't applied. - Iam permission cloudkms.ekmConnectionsAdmin wasn't applied. + ekmProvisioningState: + type: string + description: >- + Output only. Indicates Ekm enrollment Provisioning of a given + workload. enum: - - EKM_PROVISIONING_ERROR_MAPPING_UNSPECIFIED - - INVALID_SERVICE_ACCOUNT - - MISSING_METRICS_SCOPE_ADMIN_PERMISSION - - MISSING_EKM_CONNECTION_ADMIN_PERMISSION - GoogleCloudAssuredworkloadsV1WorkloadWorkloadOptions: - id: GoogleCloudAssuredworkloadsV1WorkloadWorkloadOptions - description: Options to be set for the given created workload. + - EKM_PROVISIONING_STATE_UNSPECIFIED + - EKM_PROVISIONING_STATE_PENDING + - EKM_PROVISIONING_STATE_FAILED + - EKM_PROVISIONING_STATE_COMPLETED + enumDescriptions: + - Default State for Ekm Provisioning + - Pending State for Ekm Provisioning + - Failed State for Ekm Provisioning + - Completed State for Ekm Provisioning + readOnly: true + id: GoogleCloudAssuredworkloadsV1WorkloadEkmProvisioningResponse + description: External key management systems(EKM) Provisioning response + type: object + GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesResponse: + description: Response for restricting the list of allowed resources. + id: GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesResponse + type: object + properties: {} + GoogleLongrunningOperation: + description: >- + This resource represents a long-running operation that is the result of + a network API call. + id: GoogleLongrunningOperation type: object properties: - kajEnrollmentType: - description: Optional. Specifies type of KAJ Enrollment if provided. + name: type: string - enumDescriptions: - - KAJ Enrollment type is unspecified - - >- - KAT sets External, Hardware, and Software key feature logging only - to TRUE. - enum: - - KAJ_ENROLLMENT_TYPE_UNSPECIFIED - - KEY_ACCESS_TRANSPARENCY_OFF + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + response: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + metadata: + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + error: + $ref: '#/components/schemas/GoogleRpcStatus' + description: >- + The error result of the operation in case of failure or + cancellation. + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesRequest: id: GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesRequest + type: object description: >- Request for restricting list of available resources in Workload environment. - type: object properties: restrictionType: - description: >- - Required. The type of restriction for using gcp products in the - Workload environment. + enum: + - RESTRICTION_TYPE_UNSPECIFIED + - ALLOW_ALL_GCP_RESOURCES + - ALLOW_COMPLIANT_RESOURCES + - APPEND_COMPLIANT_RESOURCES type: string enumDescriptions: - Unknown restriction type. @@ -745,817 +380,1191 @@ components: compliant resources to the existing list of compliant resources. Effective org-policy of the Folder is considered to ensure there is no disruption to the existing customer workflows. - enum: - - RESTRICTION_TYPE_UNSPECIFIED - - ALLOW_ALL_GCP_RESOURCES - - ALLOW_COMPLIANT_RESOURCES - - APPEND_COMPLIANT_RESOURCES - GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesResponse: - id: GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesResponse - description: Response for restricting the list of allowed resources. + description: >- + Required. The type of restriction for using gcp products in the + Workload environment. + GoogleProtobufEmpty: type: object properties: {} - GoogleProtobufEmpty: id: GoogleProtobufEmpty description: >- A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + GoogleCloudAssuredworkloadsV1WorkloadWorkloadOptions: type: object - properties: {} - GoogleCloudAssuredworkloadsV1AnalyzeWorkloadMoveResponse: - id: GoogleCloudAssuredworkloadsV1AnalyzeWorkloadMoveResponse - description: >- - Response containing the analysis results for the hypothetical resource - move. + description: Options to be set for the given created workload. + properties: + kajEnrollmentType: + type: string + enumDescriptions: + - KAJ Enrollment type is unspecified + - >- + KAT sets External, Hardware, and Software key feature logging only + to TRUE. + description: Optional. Specifies type of KAJ Enrollment if provided. + enum: + - KAJ_ENROLLMENT_TYPE_UNSPECIFIED + - KEY_ACCESS_TRANSPARENCY_OFF + id: GoogleCloudAssuredworkloadsV1WorkloadWorkloadOptions + GoogleCloudAssuredworkloadsV1Violation: type: object properties: - assetMoveAnalyses: - description: List of analysis results for each asset in scope. - type: array + state: + enumDescriptions: + - Unspecified state. + - Violation is resolved. + - Violation is Unresolved + - Violation is Exception + type: string + readOnly: true + description: Output only. State of the violation + enum: + - STATE_UNSPECIFIED + - RESOLVED + - UNRESOLVED + - EXCEPTION + remediation: + description: Output only. Compliance violation remediation + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1ViolationRemediation + resourceName: + type: string + readOnly: true + description: >- + Optional. Output only. Name of the resource like + //storage.googleapis.com/myprojectxyz-testbucket. Empty for + org-policy violations. + parentProjectNumber: + type: string + readOnly: true + description: >- + Optional. Output only. Parent project number where resource is + present. Empty for org-policy violations. + description: + readOnly: true + description: >- + Output only. Description for the Violation. e.g. OrgPolicy + gcp.resourceLocations has non compliant value. + type: string + auditLogLink: + description: >- + Output only. Immutable. Audit Log Link for violated resource Format: + https://console.cloud.google.com/logs/query;query={logName}{protoPayload.resourceName}{timeRange}{folder} + readOnly: true + type: string + acknowledged: + type: boolean + description: A boolean that indicates if the violation is acknowledged + associatedOrgPolicyViolationId: + readOnly: true + type: string + description: >- + Optional. Output only. Violation Id of the org-policy violation due + to which the resource violation is caused. Empty for org-policy + violations. + beginTime: + type: string + format: google-datetime + description: Output only. Time of the event which triggered the Violation. + readOnly: true + name: + type: string + description: >- + Output only. Immutable. Name of the Violation. Format: + organizations/{organization}/locations/{location}/workloads/{workload_id}/violations/{violations_id} + readOnly: true + violationType: + enumDescriptions: + - Unspecified type. + - Org Policy Violation. + - Resource Violation. + description: Output only. Type of the violation + type: string + readOnly: true + enum: + - VIOLATION_TYPE_UNSPECIFIED + - ORG_POLICY + - RESOURCE + resourceType: + type: string + readOnly: true + description: >- + Optional. Output only. Type of the resource like + compute.googleapis.com/Disk, etc. Empty for org-policy violations. + orgPolicyConstraint: + deprecated: true + description: >- + Output only. Immutable. The org-policy-constraint that was + incorrectly changed, which resulted in this violation. + type: string + readOnly: true + nonCompliantOrgPolicy: + type: string + readOnly: true + description: >- + Output only. Immutable. Name of the OrgPolicy which was modified + with non-compliant change and resulted this violation. Format: + projects/{project_number}/policies/{constraint_name} + folders/{folder_id}/policies/{constraint_name} + organizations/{organization_id}/policies/{constraint_name} + exceptionAuditLogLink: + type: string + description: >- + Output only. Immutable. Audit Log link to find business + justification provided for violation exception. Format: + https://console.cloud.google.com/logs/query;query={logName}{protoPayload.resourceName}{protoPayload.methodName}{timeRange}{organization} + readOnly: true + category: + readOnly: true + type: string + description: >- + Output only. Category under which this violation is mapped. e.g. + Location, Service Usage, Access, Encryption, etc. + exceptionContexts: + description: >- + Output only. List of all the exception detail added for the + violation. items: $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1AssetMoveAnalysis - nextPageToken: - description: The next page token. Is empty if the last page is reached. + #/components/schemas/GoogleCloudAssuredworkloadsV1ViolationExceptionContext + type: array + readOnly: true + resolveTime: + description: >- + Output only. Time of the event which fixed the Violation. If the + violation is ACTIVE this will be empty. type: string - GoogleCloudAssuredworkloadsV1AssetMoveAnalysis: - id: GoogleCloudAssuredworkloadsV1AssetMoveAnalysis - description: Represents move analysis results for an asset. - type: object + readOnly: true + format: google-datetime + acknowledgementTime: + format: google-datetime + type: string + description: >- + Optional. Timestamp when this violation was acknowledged first. + Check exception_contexts to find the last time the violation was + acknowledged when there are more than one violations. This field + will be absent when acknowledged field is marked as false. + updateTime: + type: string + format: google-datetime + readOnly: true + description: Output only. The last time when the Violation record was updated. + id: GoogleCloudAssuredworkloadsV1Violation + description: Workload monitoring Violation. + GoogleCloudAssuredworkloadsV1OrgPolicy: + id: GoogleCloudAssuredworkloadsV1OrgPolicy properties: - asset: + reset: description: >- - The full resource name of the asset being analyzed. Example: - //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1 + Ignores policies set above this resource and restores to the + `constraint_default` value. `reset` can only be true when `rules` is + empty and `inherit` is false. + type: boolean + constraint: + description: >- + The constraint name of the OrgPolicy. e.g. + "constraints/gcp.resourceLocations". type: string - assetType: + inherit: + type: boolean description: >- - Type of the asset being analyzed. Possible values will be among the - ones listed - [here](https://cloud.google.com/asset-inventory/docs/supported-asset-types). + If `inherit` is true, policy rules of the lowest ancestor in the + resource hierarchy chain are inherited. If it is false, policy rules + are not inherited. + resource: + description: >- + Resource that the OrgPolicy attaches to. Format: folders/123" + projects/123". type: string - analysisGroups: - description: List of eligible analyses performed for the asset. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1MoveAnalysisGroup - GoogleCloudAssuredworkloadsV1MoveAnalysisGroup: - id: GoogleCloudAssuredworkloadsV1MoveAnalysisGroup + rule: + description: The rule of the OrgPolicy. + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1OrgPolicyPolicyRule + type: object description: >- - Represents a logical group of checks performed for an asset. If - successful, the group contains the analysis result, otherwise it - contains an error with the failure reason. + This assured workload service object is used to represent the org policy + attached to a resource. It servces the same purpose as the + orgpolicy.v2.Policy object but with functionality that is limited to + what is supported by Assured Workloads(e.g. only one rule under one + OrgPolicy object, no conditions, etc). + GoogleCloudAssuredworkloadsV1OrgPolicyUpdate: type: object properties: - analysisResult: - description: Result of a successful analysis. - $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1MoveAnalysisResult' - error: - description: Error details for a failed analysis. - $ref: '#/components/schemas/GoogleRpcStatus' - displayName: - description: Name of the analysis group. - type: string - GoogleCloudAssuredworkloadsV1MoveAnalysisResult: - id: GoogleCloudAssuredworkloadsV1MoveAnalysisResult - description: Represents the successful move analysis results for a group. - type: object + suggestedPolicy: + description: The suggested org policy that replaces the applied policy. + $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1OrgPolicy' + appliedPolicy: + description: The org policy currently applied on the assured workload resource. + $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1OrgPolicy' + id: GoogleCloudAssuredworkloadsV1OrgPolicyUpdate + description: >- + Represents an update for an org policy control applied on an Assured + Workload resource. The inherited org policy is not considered. + GoogleCloudAssuredworkloadsV1WorkloadKMSSettings: + id: GoogleCloudAssuredworkloadsV1WorkloadKMSSettings + deprecated: true properties: - warnings: + nextRotationTime: + format: google-datetime + type: string description: >- - List of warnings. These are risks that may or may not result in - compliance violations. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1MoveImpact' - blockers: + Required. Input only. Immutable. The time at which the Key + Management Service will automatically create a new version of the + crypto key and mark it as the primary. + rotationPeriod: + format: google-duration + type: string description: >- - List of blockers. If not resolved, these will result in compliance - violations in the target. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1MoveImpact' - GoogleCloudAssuredworkloadsV1MoveImpact: - id: GoogleCloudAssuredworkloadsV1MoveImpact - description: Represents the impact of moving the asset to the target. + Required. Input only. Immutable. [next_rotation_time] will be + advanced by this period when the Key Management Service + automatically rotates a key. Must be at least 24 hours and at most + 876,000 hours. type: object - properties: - detail: - description: Explanation of the impact. - type: string + description: Settings specific to the Key Management Service. GoogleCloudAssuredworkloadsV1ListWorkloadsResponse: - id: GoogleCloudAssuredworkloadsV1ListWorkloadsResponse - description: Response of ListWorkloads endpoint. - type: object properties: workloads: - description: List of Workloads under a given parent. type: array items: $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1Workload' + description: List of Workloads under a given parent. nextPageToken: description: The next page token. Return empty if reached the last page. type: string - GoogleCloudAssuredworkloadsV1ListViolationsResponse: - id: GoogleCloudAssuredworkloadsV1ListViolationsResponse - description: Response of ListViolations endpoint. + id: GoogleCloudAssuredworkloadsV1ListWorkloadsResponse type: object + description: Response of ListWorkloads endpoint. + GoogleCloudAssuredworkloadsV1Workload: + id: GoogleCloudAssuredworkloadsV1Workload properties: - violations: - description: List of Violations under a Workload. - type: array - items: - $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1Violation' - nextPageToken: - description: The next page token. Returns empty if reached the last page. + billingAccount: type: string - GoogleCloudAssuredworkloadsV1Violation: - id: GoogleCloudAssuredworkloadsV1Violation - description: Workload monitoring Violation. - type: object - properties: - name: description: >- - Output only. Immutable. Name of the Violation. Format: - organizations/{organization}/locations/{location}/workloads/{workload_id}/violations/{violations_id} - readOnly: true + Optional. The billing account used for the resources which are + direct children of workload. This billing account is initially + associated with the resources created as part of Workload creation. + After the initial creation of these resources, the customer can + change the assigned billing account. The resource name has the form + `billingAccounts/{billing_account_id}`. For example, + `billingAccounts/012345-567890-ABCDEF`. + complianceRegime: type: string - description: + enumDescriptions: + - Unknown compliance regime. + - Information protection as per DoD IL4 requirements. + - Criminal Justice Information Services (CJIS) Security policies. + - FedRAMP High data protection controls + - FedRAMP Moderate data protection controls + - Assured Workloads For US Regions data protection controls + - >- + [DEPRECATED] Health Insurance Portability and Accountability Act + controls + - '[DEPRECATED] Health Information Trust Alliance controls' + - Assured Workloads For EU Regions and Support controls + - Assured Workloads For Canada Regions and Support controls + - International Traffic in Arms Regulations + - Assured Workloads for Australia Regions and Support controls + - Assured Workloads for Partners; + - Assured Workloads for Israel Regions + - Assured Workloads for Israel Regions + - Assured Workloads for Canada Protected B regime + - Information protection as per DoD IL5 requirements. + - Information protection as per DoD IL2 requirements. + - Assured Workloads for Japan Regions + - Assured Workloads Sovereign Controls KSA + - Assured Workloads for Regional Controls + - Healthcare and Life Science Controls + - Healthcare and Life Science Controls with US Support + - Internal Revenue Service 1075 controls + - Canada Controlled Goods + - Australia Data Boundary and Support + - Canada Data Boundary and Support + - Data Boundary for Canada Controlled Goods + - Data Boundary for Canada Protected B + - Data Boundary for CJIS + - Data Boundary for FedRAMP High + - Data Boundary for FedRAMP Moderate + - Data Boundary for IL2 + - Data Boundary for IL4 + - Data Boundary for IL5 + - Data Boundary for IRS Publication 1075 + - Data Boundary for ITAR + - Data Boundary for EU Regions and Support + - Data Boundary for Israel Regions + - Data Boundary for US Regions and Support + - Data Boundary for US Healthcare and Life Sciences + - Data Boundary for US Healthcare and Life Sciences with Support + - KSA Data Boundary with Access Justifications + - Regional Data Boundary + - JAPAN Data Boundary description: >- - Output only. Description for the Violation. e.g. OrgPolicy - gcp.resourceLocations has non compliant value. - readOnly: true - type: string - beginTime: - description: Output only. Time of the event which triggered the Violation. + Required. Immutable. Compliance Regime associated with this + workload. + enumDeprecated: + - false + - false + - false + - false + - false + - false + - true + - true + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + enum: + - COMPLIANCE_REGIME_UNSPECIFIED + - IL4 + - CJIS + - FEDRAMP_HIGH + - FEDRAMP_MODERATE + - US_REGIONAL_ACCESS + - HIPAA + - HITRUST + - EU_REGIONS_AND_SUPPORT + - CA_REGIONS_AND_SUPPORT + - ITAR + - AU_REGIONS_AND_US_SUPPORT + - ASSURED_WORKLOADS_FOR_PARTNERS + - ISR_REGIONS + - ISR_REGIONS_AND_SUPPORT + - CA_PROTECTED_B + - IL5 + - IL2 + - JP_REGIONS_AND_SUPPORT + - KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS + - REGIONAL_CONTROLS + - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS + - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_US_SUPPORT + - IRS_1075 + - CANADA_CONTROLLED_GOODS + - AUSTRALIA_DATA_BOUNDARY_AND_SUPPORT + - CANADA_DATA_BOUNDARY_AND_SUPPORT + - DATA_BOUNDARY_FOR_CANADA_CONTROLLED_GOODS + - DATA_BOUNDARY_FOR_CANADA_PROTECTED_B + - DATA_BOUNDARY_FOR_CJIS + - DATA_BOUNDARY_FOR_FEDRAMP_HIGH + - DATA_BOUNDARY_FOR_FEDRAMP_MODERATE + - DATA_BOUNDARY_FOR_IL2 + - DATA_BOUNDARY_FOR_IL4 + - DATA_BOUNDARY_FOR_IL5 + - DATA_BOUNDARY_FOR_IRS_PUBLICATION_1075 + - DATA_BOUNDARY_FOR_ITAR + - EU_DATA_BOUNDARY_AND_SUPPORT + - ISRAEL_DATA_BOUNDARY_AND_SUPPORT + - US_DATA_BOUNDARY_AND_SUPPORT + - US_DATA_BOUNDARY_FOR_HEALTHCARE_AND_LIFE_SCIENCES + - US_DATA_BOUNDARY_FOR_HEALTHCARE_AND_LIFE_SCIENCES_WITH_SUPPORT + - KSA_DATA_BOUNDARY_WITH_ACCESS_JUSTIFICATIONS + - REGIONAL_DATA_BOUNDARY + - JAPAN_DATA_BOUNDARY + complianceStatus: + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadComplianceStatus + description: Output only. Count of active Violations in the Workload. readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The last time when the Violation record was updated. + kajEnrollmentState: + enumDescriptions: + - Default State for KAJ Enrollment. + - Pending State for KAJ Enrollment. + - Complete State for KAJ Enrollment. readOnly: true + description: >- + Output only. Represents the KAJ enrollment state of the given + workload. + enum: + - KAJ_ENROLLMENT_STATE_UNSPECIFIED + - KAJ_ENROLLMENT_STATE_PENDING + - KAJ_ENROLLMENT_STATE_COMPLETE type: string - format: google-datetime - resolveTime: + partnerPermissions: + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions description: >- - Output only. Time of the event which fixed the Violation. If the - violation is ACTIVE this will be empty. + Optional. Permissions granted to the AW Partner SA account for the + customer workload + resourceMonitoringEnabled: readOnly: true - type: string - format: google-datetime - category: + type: boolean description: >- - Output only. Category under which this violation is mapped. e.g. - Location, Service Usage, Access, Encryption, etc. + Output only. Indicates whether resource monitoring is enabled for + workload or not. It is true when Resource feed is subscribed to AWM + topic and AWM Service Agent Role is binded to AW Service Account for + resource Assured workload. + kmsSettings: + description: >- + Input only. Settings used to create a CMEK crypto key. When set, a + project with a KMS CMEK key is provisioned. This field is deprecated + as of Feb 28, 2022. In order to create a Keyring, callers should + specify, ENCRYPTION_KEYS_PROJECT or KEYRING in + ResourceSettings.resource_type field. + deprecated: true + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadKMSSettings + violationNotificationsEnabled: + type: boolean + description: >- + Optional. Indicates whether the e-mail notification for a violation + is enabled for a workload. This value will be by default True, and + if not present will be considered as true. This should only be + updated via updateWorkload call. Any Changes to this field during + the createWorkload call will not be honored. This will always be + true while creating the workload. + saaEnrollmentResponse: readOnly: true + description: >- + Output only. Represents the SAA enrollment response of the given + workload. SAA enrollment response is queried during GetWorkload + call. In failure cases, user friendly error message is shown in SAA + details page. + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadSaaEnrollmentResponse + provisionedResourcesParent: type: string - state: - description: Output only. State of the violation - readOnly: true + description: >- + Input only. The parent resource for the resources managed by this + Assured Workload. May be either empty or a folder resource which is + a child of the Workload parent. If not specified all resources are + created under the parent organization. Format: folders/{folder_id} + partner: type: string + description: Optional. Partner regime associated with this workload. enumDescriptions: - - Unspecified state. - - Violation is resolved. - - Violation is Unresolved - - Violation is Exception + - '' + - Enum representing S3NS (Thales) partner. + - Enum representing T_SYSTEM (TSI) partner. + - Enum representing SIA_MINSAIT (Indra) partner. + - Enum representing PSN (TIM) partner. + - Enum representing CNTXT (Kingdom of Saudi Arabia) partner. + - >- + Enum representing CNTXT (Kingdom of Saudi Arabia) partner offering + without EKM. enum: - - STATE_UNSPECIFIED - - RESOLVED - - UNRESOLVED - - EXCEPTION - orgPolicyConstraint: - description: >- - Output only. Immutable. The org-policy-constraint that was - incorrectly changed, which resulted in this violation. - readOnly: true - deprecated: true + - PARTNER_UNSPECIFIED + - LOCAL_CONTROLS_BY_S3NS + - SOVEREIGN_CONTROLS_BY_T_SYSTEMS + - SOVEREIGN_CONTROLS_BY_SIA_MINSAIT + - SOVEREIGN_CONTROLS_BY_PSN + - SOVEREIGN_CONTROLS_BY_CNTXT + - SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM + name: type: string - auditLogLink: description: >- - Output only. Immutable. Audit Log Link for violated resource Format: - https://console.cloud.google.com/logs/query;query={logName}{protoPayload.resourceName}{timeRange}{folder} + Optional. The resource name of the workload. Format: + organizations/{organization}/locations/{location}/workloads/{workload} + Read-only. + workloadOptions: + description: Optional. Options to be set for the given created workload. + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadWorkloadOptions + compliantButDisallowedServices: + description: >- + Output only. Urls for services which are compliant for this Assured + Workload, but which are currently disallowed by the + ResourceUsageRestriction org policy. Invoke RestrictAllowedResources + endpoint to allow your project developers to use these services in + their environment. + type: array + items: + type: string readOnly: true - type: string - nonCompliantOrgPolicy: + resources: description: >- - Output only. Immutable. Name of the OrgPolicy which was modified - with non-compliant change and resulted this violation. Format: - projects/{project_number}/policies/{constraint_name} - folders/{folder_id}/policies/{constraint_name} - organizations/{organization_id}/policies/{constraint_name} + Output only. The resources associated with this workload. These + resources will be created when creating the workload. If any of the + projects already exist, the workload creation will fail. Always read + only. + type: array readOnly: true + items: + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadResourceInfo + partnerServicesBillingAccount: type: string - remediation: - description: Output only. Compliance violation remediation - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1ViolationRemediation - acknowledged: - description: A boolean that indicates if the violation is acknowledged - type: boolean - acknowledgementTime: description: >- - Optional. Timestamp when this violation was acknowledged first. - Check exception_contexts to find the last time the violation was - acknowledged when there are more than one violations. This field - will be absent when acknowledged field is marked as false. - type: string - format: google-datetime - exceptionAuditLogLink: + Optional. Billing account necessary for purchasing services from + Sovereign Partners. This field is required for creating + SIA/PSN/CNTXT partner workloads. The caller should have + 'billing.resourceAssociations.create' IAM permission on this + billing-account. The format of this string is + billingAccounts/AAAAAA-BBBBBB-CCCCCC + enableSovereignControls: description: >- - Output only. Immutable. Audit Log link to find business - justification provided for violation exception. Format: - https://console.cloud.google.com/logs/query;query={logName}{protoPayload.resourceName}{protoPayload.methodName}{timeRange}{organization} + Optional. Indicates the sovereignty status of the given workload. + Currently meant to be used by Europe/Canada customers. + type: boolean + createTime: + format: google-datetime readOnly: true + description: Output only. Immutable. The Workload creation timestamp. type: string - exceptionContexts: + labels: + type: object + description: Optional. Labels applied to the workload. + additionalProperties: + type: string + ekmProvisioningResponse: description: >- - Output only. List of all the exception detail added for the - violation. + Output only. Represents the Ekm Provisioning State of the given + workload. readOnly: true + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadEkmProvisioningResponse + etag: + description: >- + Optional. ETag of the workload, it is calculated on the basis of the + Workload contents. It will be used in Update & Delete operations. + type: string + resourceSettings: type: array + description: >- + Input only. Resource properties that are used to customize workload + resources. These properties (such as custom project id) will be used + to create workload resources if possible. This field is optional. items: $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1ViolationExceptionContext - violationType: - description: Output only. Type of the violation + #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadResourceSettings + displayName: + description: >- + Required. The user-assigned display name of the Workload. When + present it must be between 4 to 30 characters. Allowed characters + are: lowercase and uppercase letters, numbers, hyphen, and spaces. + Example: My Workload + type: string + type: object + description: >- + A Workload object for managing highly regulated workloads of cloud + customers. + GoogleCloudAssuredworkloadsV1WorkloadSaaEnrollmentResponse: + properties: + setupStatus: readOnly: true type: string enumDescriptions: - - Unspecified type. - - Org Policy Violation. - - Resource Violation. + - Unspecified. + - SAA enrollment pending. + - SAA enrollment comopleted. + description: Output only. Indicates SAA enrollment status of a given workload. enum: - - VIOLATION_TYPE_UNSPECIFIED - - ORG_POLICY - - RESOURCE - associatedOrgPolicyViolationId: - description: >- - Optional. Output only. Violation Id of the org-policy violation due - to which the resource violation is caused. Empty for org-policy - violations. - readOnly: true - type: string - parentProjectNumber: + - SETUP_STATE_UNSPECIFIED + - STATUS_PENDING + - STATUS_COMPLETE + setupErrors: + items: + type: string + enum: + - SETUP_ERROR_UNSPECIFIED + - ERROR_INVALID_BASE_SETUP + - ERROR_MISSING_EXTERNAL_SIGNING_KEY + - ERROR_NOT_ALL_SERVICES_ENROLLED + - ERROR_SETUP_CHECK_FAILED + enumDescriptions: + - Unspecified. + - >- + Invalid states for all customers, to be redirected to AA UI for + additional details. + - Returned when there is not an EKM key configured. + - >- + Returned when there are no enrolled services or the customer is + enrolled in CAA only for a subset of services. + - >- + Returned when exception was encountered during evaluation of + other criteria. + description: Indicates SAA enrollment setup error if any. + type: array + type: object + description: Signed Access Approvals (SAA) enrollment response. + id: GoogleCloudAssuredworkloadsV1WorkloadSaaEnrollmentResponse + GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsGcloud: + description: Remediation instructions to resolve violation via gcloud cli + id: GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsGcloud + properties: + gcloudCommands: + type: array + items: + type: string + description: Gcloud command to resolve violation + additionalLinks: + description: Additional urls for more information about steps + items: + type: string + type: array + steps: + type: array + items: + type: string + description: Steps to resolve violation via gcloud cli + type: object + GoogleCloudAssuredworkloadsV1MutatePartnerPermissionsRequest: + properties: + partnerPermissions: + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions + description: Required. The partner permissions to be updated. + etag: description: >- - Optional. Output only. Parent project number where resource is - present. Empty for org-policy violations. - readOnly: true + Optional. The etag of the workload. If this is provided, it must + match the server's etag. type: string - resourceType: - description: >- - Optional. Output only. Type of the resource like - compute.googleapis.com/Disk, etc. Empty for org-policy violations. - readOnly: true + updateMask: type: string - resourceName: + format: google-fieldmask description: >- - Optional. Output only. Name of the resource like - //storage.googleapis.com/myprojectxyz-testbucket. Empty for - org-policy violations. - readOnly: true - type: string - GoogleCloudAssuredworkloadsV1ViolationRemediation: - id: GoogleCloudAssuredworkloadsV1ViolationRemediation + Required. The list of fields to be updated. E.g. update_mask { + paths: "partner_permissions.data_logs_viewer"} + id: GoogleCloudAssuredworkloadsV1MutatePartnerPermissionsRequest + description: Request for updating permission settings for a partner workload. + type: object + GoogleCloudAssuredworkloadsV1EnableResourceMonitoringResponse: + description: Response for EnableResourceMonitoring endpoint. + properties: {} + id: GoogleCloudAssuredworkloadsV1EnableResourceMonitoringResponse + type: object + GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions: description: >- - Represents remediation guidance to resolve compliance violation for - AssuredWorkload + Permissions granted to the AW Partner SA account for the customer + workload + id: GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions type: object properties: - instructions: - description: Required. Remediation instructions to resolve violations - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1ViolationRemediationInstructions - compliantValues: + serviceAccessApprover: + description: Optional. Allow partner to view access approval logs. + type: boolean + dataLogsViewer: + type: boolean description: >- - Values that can resolve the violation For example: for list org - policy violations, this will either be the list of allowed or denied - values + Optional. Allow the partner to view inspectability logs and + monitoring violations. + assuredWorkloadsMonitoring: + type: boolean + description: Optional. Allow partner to view violation alerts. + accessTransparencyLogsSupportCaseViewer: + description: Optional. Allow partner to view support case details for an AXT log + type: boolean + GoogleCloudAssuredworkloadsV1AcknowledgeViolationResponse: + properties: {} + type: object + id: GoogleCloudAssuredworkloadsV1AcknowledgeViolationResponse + description: Response for violation acknowledgement + GoogleCloudAssuredworkloadsV1MoveAnalysisResult: + description: Represents the successful move analysis results for a group. + properties: + warnings: + items: + $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1MoveImpact' type: array + description: >- + List of warnings. These are risks that may or may not result in + compliance violations. + blockers: items: - type: string - remediationType: + $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1MoveImpact' + type: array description: >- - Output only. Reemediation type based on the type of org policy - values violated - readOnly: true - type: string - enumDescriptions: - - Unspecified remediation type - - Remediation type for boolean org policy - - >- - Remediation type for list org policy which have allowed values in - the monitoring rule - - >- - Remediation type for list org policy which have denied values in - the monitoring rule - - Remediation type for gcp.restrictCmekCryptoKeyProjects - - Remediation type for resource violation. - - >- - Remediation type for resource violation due to - gcp.restrictNonCmekServices - enum: - - REMEDIATION_TYPE_UNSPECIFIED - - REMEDIATION_BOOLEAN_ORG_POLICY_VIOLATION - - REMEDIATION_LIST_ALLOWED_VALUES_ORG_POLICY_VIOLATION - - REMEDIATION_LIST_DENIED_VALUES_ORG_POLICY_VIOLATION - - REMEDIATION_RESTRICT_CMEK_CRYPTO_KEY_PROJECTS_ORG_POLICY_VIOLATION - - REMEDIATION_RESOURCE_VIOLATION - - REMEDIATION_RESOURCE_VIOLATION_NON_CMEK_SERVICES - GoogleCloudAssuredworkloadsV1ViolationRemediationInstructions: - id: GoogleCloudAssuredworkloadsV1ViolationRemediationInstructions - description: Instructions to remediate violation + List of blockers. If not resolved, these will result in compliance + violations in the target. type: object + id: GoogleCloudAssuredworkloadsV1MoveAnalysisResult + GoogleCloudAssuredworkloadsV1WorkloadComplianceStatus: + description: Represents the Compliance Status of this workload + id: GoogleCloudAssuredworkloadsV1WorkloadComplianceStatus properties: - gcloudInstructions: - description: Remediation instructions to resolve violation via gcloud cli - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsGcloud - consoleInstructions: - description: Remediation instructions to resolve violation via cloud console - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsConsole - GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsGcloud: - id: GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsGcloud - description: Remediation instructions to resolve violation via gcloud cli + activeViolationCount: + description: Number of current orgPolicy violations which are not acknowledged. + format: int32 + type: integer + activeResourceViolationCount: + format: int32 + type: integer + description: Number of current resource violations which are acknowledged. + acknowledgedResourceViolationCount: + format: int32 + description: Number of current resource violations which are not acknowledged. + type: integer + acknowledgedViolationCount: + format: int32 + description: Number of current orgPolicy violations which are acknowledged. + type: integer type: object + GoogleCloudAssuredworkloadsV1AssetMoveAnalysis: + description: Represents move analysis results for an asset. properties: - gcloudCommands: - description: Gcloud command to resolve violation + asset: + type: string + description: >- + The full resource name of the asset being analyzed. Example: + //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1 + analysisGroups: + description: List of eligible analyses performed for the asset. type: array items: - type: string - steps: - description: Steps to resolve violation via gcloud cli + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1MoveAnalysisGroup + assetType: + type: string + description: >- + Type of the asset being analyzed. Possible values will be among the + ones listed + [here](https://cloud.google.com/asset-inventory/docs/supported-asset-types). + id: GoogleCloudAssuredworkloadsV1AssetMoveAnalysis + type: object + GoogleCloudAssuredworkloadsV1ApplyWorkloadUpdateResponse: + description: Response for ApplyWorkloadUpdate endpoint. + id: GoogleCloudAssuredworkloadsV1ApplyWorkloadUpdateResponse + type: object + properties: + appliedUpdate: + description: The update that was applied. + $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadUpdate' + GoogleCloudAssuredworkloadsV1EnableComplianceUpdatesResponse: + id: GoogleCloudAssuredworkloadsV1EnableComplianceUpdatesResponse + type: object + description: Response for EnableComplianceUpdates endpoint. + properties: {} + GoogleRpcStatus: + type: object + properties: + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer + details: type: array + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. items: - type: string - additionalLinks: - description: Additional urls for more information about steps + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + id: GoogleRpcStatus + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + GoogleCloudAssuredworkloadsV1ListWorkloadUpdatesResponse: + id: GoogleCloudAssuredworkloadsV1ListWorkloadUpdatesResponse + description: Response of listing the compliance updates per workload with pagination. + properties: + nextPageToken: + type: string + description: The next page token. Return empty if reached the last page. + workloadUpdates: type: array + description: The list of workload updates for a given workload. items: - type: string - GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsConsole: - id: GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsConsole - description: Remediation instructions to resolve violation via cloud console + $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadUpdate' type: object + GoogleLongrunningListOperationsResponse: properties: - consoleUris: - description: Link to console page where violations can be resolved - type: array - items: - type: string - steps: - description: Steps to resolve violation via cloud console - type: array + unreachable: items: type: string - additionalLinks: - description: Additional urls for more information about steps type: array - items: - type: string - GoogleCloudAssuredworkloadsV1ViolationExceptionContext: - id: GoogleCloudAssuredworkloadsV1ViolationExceptionContext - description: Violation exception detail. - type: object - properties: - comment: description: >- - Business justification provided towards the acknowledgement of the - violation. - type: string - acknowledgementTime: - description: Timestamp when the violation was acknowledged. + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + nextPageToken: type: string - format: google-datetime - userName: + description: The standard List next-page token. + operations: + type: array + items: + $ref: '#/components/schemas/GoogleLongrunningOperation' description: >- - Name of the user (or service account) who acknowledged the - violation. - type: string - GoogleCloudAssuredworkloadsV1AcknowledgeViolationRequest: - id: GoogleCloudAssuredworkloadsV1AcknowledgeViolationRequest - description: Request for acknowledging the violation + A list of operations that matches the specified filter in the + request. + description: The response message for Operations.ListOperations. + type: object + id: GoogleLongrunningListOperationsResponse + GoogleCloudAssuredworkloadsV1CreateWorkloadOperationMetadata: + id: GoogleCloudAssuredworkloadsV1CreateWorkloadOperationMetadata type: object properties: - comment: - description: >- - Required. Business justification explaining the need for violation - acknowledgement + parent: + description: Optional. The parent of the workload. type: string - nonCompliantOrgPolicy: - description: >- - Optional. This field is deprecated and will be removed in future - version of the API. Name of the OrgPolicy which was modified with - non-compliant change and resulted in this violation. Format: - projects/{project_number}/policies/{constraint_name} - folders/{folder_id}/policies/{constraint_name} - organizations/{organization_id}/policies/{constraint_name} - deprecated: true + createTime: + format: google-datetime type: string - acknowledgeType: - description: Optional. Acknowledge type of specified violation. + description: Optional. Time when the operation was created. + complianceRegime: type: string enumDescriptions: - - Acknowledge type unspecified. - - Acknowledge only the specific violation. + - Unknown compliance regime. + - Information protection as per DoD IL4 requirements. + - Criminal Justice Information Services (CJIS) Security policies. + - FedRAMP High data protection controls + - FedRAMP Moderate data protection controls + - Assured Workloads For US Regions data protection controls - >- - Acknowledge specified orgPolicy violation and also associated - resource violations. + [DEPRECATED] Health Insurance Portability and Accountability Act + controls + - '[DEPRECATED] Health Information Trust Alliance controls' + - Assured Workloads For EU Regions and Support controls + - Assured Workloads For Canada Regions and Support controls + - International Traffic in Arms Regulations + - Assured Workloads for Australia Regions and Support controls + - Assured Workloads for Partners; + - Assured Workloads for Israel Regions + - Assured Workloads for Israel Regions + - Assured Workloads for Canada Protected B regime + - Information protection as per DoD IL5 requirements. + - Information protection as per DoD IL2 requirements. + - Assured Workloads for Japan Regions + - Assured Workloads Sovereign Controls KSA + - Assured Workloads for Regional Controls + - Healthcare and Life Science Controls + - Healthcare and Life Science Controls with US Support + - Internal Revenue Service 1075 controls + - Canada Controlled Goods + - Australia Data Boundary and Support + - Canada Data Boundary and Support + - Data Boundary for Canada Controlled Goods + - Data Boundary for Canada Protected B + - Data Boundary for CJIS + - Data Boundary for FedRAMP High + - Data Boundary for FedRAMP Moderate + - Data Boundary for IL2 + - Data Boundary for IL4 + - Data Boundary for IL5 + - Data Boundary for IRS Publication 1075 + - Data Boundary for ITAR + - Data Boundary for EU Regions and Support + - Data Boundary for Israel Regions + - Data Boundary for US Regions and Support + - Data Boundary for US Healthcare and Life Sciences + - Data Boundary for US Healthcare and Life Sciences with Support + - KSA Data Boundary with Access Justifications + - Regional Data Boundary + - JAPAN Data Boundary + description: >- + Optional. Compliance controls that should be applied to the + resources managed by the workload. enum: - - ACKNOWLEDGE_TYPE_UNSPECIFIED - - SINGLE_VIOLATION - - EXISTING_CHILD_RESOURCE_VIOLATIONS - GoogleCloudAssuredworkloadsV1AcknowledgeViolationResponse: - id: GoogleCloudAssuredworkloadsV1AcknowledgeViolationResponse - description: Response for violation acknowledgement + - COMPLIANCE_REGIME_UNSPECIFIED + - IL4 + - CJIS + - FEDRAMP_HIGH + - FEDRAMP_MODERATE + - US_REGIONAL_ACCESS + - HIPAA + - HITRUST + - EU_REGIONS_AND_SUPPORT + - CA_REGIONS_AND_SUPPORT + - ITAR + - AU_REGIONS_AND_US_SUPPORT + - ASSURED_WORKLOADS_FOR_PARTNERS + - ISR_REGIONS + - ISR_REGIONS_AND_SUPPORT + - CA_PROTECTED_B + - IL5 + - IL2 + - JP_REGIONS_AND_SUPPORT + - KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS + - REGIONAL_CONTROLS + - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS + - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_US_SUPPORT + - IRS_1075 + - CANADA_CONTROLLED_GOODS + - AUSTRALIA_DATA_BOUNDARY_AND_SUPPORT + - CANADA_DATA_BOUNDARY_AND_SUPPORT + - DATA_BOUNDARY_FOR_CANADA_CONTROLLED_GOODS + - DATA_BOUNDARY_FOR_CANADA_PROTECTED_B + - DATA_BOUNDARY_FOR_CJIS + - DATA_BOUNDARY_FOR_FEDRAMP_HIGH + - DATA_BOUNDARY_FOR_FEDRAMP_MODERATE + - DATA_BOUNDARY_FOR_IL2 + - DATA_BOUNDARY_FOR_IL4 + - DATA_BOUNDARY_FOR_IL5 + - DATA_BOUNDARY_FOR_IRS_PUBLICATION_1075 + - DATA_BOUNDARY_FOR_ITAR + - EU_DATA_BOUNDARY_AND_SUPPORT + - ISRAEL_DATA_BOUNDARY_AND_SUPPORT + - US_DATA_BOUNDARY_AND_SUPPORT + - US_DATA_BOUNDARY_FOR_HEALTHCARE_AND_LIFE_SCIENCES + - US_DATA_BOUNDARY_FOR_HEALTHCARE_AND_LIFE_SCIENCES_WITH_SUPPORT + - KSA_DATA_BOUNDARY_WITH_ACCESS_JUSTIFICATIONS + - REGIONAL_DATA_BOUNDARY + - JAPAN_DATA_BOUNDARY + enumDeprecated: + - false + - false + - false + - false + - false + - false + - true + - true + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + displayName: + description: Optional. The display name of the workload. + type: string + description: Operation metadata to give request details of CreateWorkload. + GoogleCloudAssuredworkloadsV1UpdateDetails: + id: GoogleCloudAssuredworkloadsV1UpdateDetails type: object - properties: {} - GoogleCloudAssuredworkloadsV1MutatePartnerPermissionsRequest: - id: GoogleCloudAssuredworkloadsV1MutatePartnerPermissionsRequest - description: Request for updating permission settings for a partner workload. + description: The details of the update. + properties: + orgPolicyUpdate: + description: Update to one org policy, e.g. gcp.resourceLocation. + $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1OrgPolicyUpdate' + GoogleCloudAssuredworkloadsV1ViolationExceptionContext: type: object properties: - partnerPermissions: - description: Required. The partner permissions to be updated. - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions - updateMask: + userName: + type: string description: >- - Required. The list of fields to be updated. E.g. update_mask { - paths: "partner_permissions.data_logs_viewer"} + Name of the user (or service account) who acknowledged the + violation. + acknowledgementTime: + format: google-datetime + description: Timestamp when the violation was acknowledged. type: string - format: google-fieldmask - etag: + comment: description: >- - Optional. The etag of the workload. If this is provided, it must - match the server's etag. + Business justification provided towards the acknowledgement of the + violation. type: string - GoogleCloudAssuredworkloadsV1EnableResourceMonitoringResponse: - id: GoogleCloudAssuredworkloadsV1EnableResourceMonitoringResponse - description: Response for EnableResourceMonitoring endpoint. - type: object - properties: {} - GoogleCloudAssuredworkloadsV1EnableComplianceUpdatesResponse: - id: GoogleCloudAssuredworkloadsV1EnableComplianceUpdatesResponse - description: Response for EnableComplianceUpdates endpoint. - type: object - properties: {} - GoogleCloudAssuredworkloadsV1ListWorkloadUpdatesResponse: - id: GoogleCloudAssuredworkloadsV1ListWorkloadUpdatesResponse - description: Response of listing the compliance updates per workload with pagination. + id: GoogleCloudAssuredworkloadsV1ViolationExceptionContext + description: Violation exception detail. + GoogleCloudAssuredworkloadsV1ListViolationsResponse: + id: GoogleCloudAssuredworkloadsV1ListViolationsResponse + description: Response of ListViolations endpoint. type: object properties: - workloadUpdates: - description: The list of workload updates for a given workload. + violations: type: array items: - $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadUpdate' + $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1Violation' + description: List of Violations under a Workload. nextPageToken: - description: The next page token. Return empty if reached the last page. - type: string - GoogleCloudAssuredworkloadsV1WorkloadUpdate: - id: GoogleCloudAssuredworkloadsV1WorkloadUpdate - description: >- - A workload update is a change to the workload's compliance - configuration. - type: object - properties: - name: - description: >- - Output only. Immutable. Identifier. Resource name of the - WorkloadUpdate. Format: - organizations/{organization}/locations/{location}/workloads/{workload}/updates/{update} - readOnly: true - type: string - state: - description: Output only. The state of the update. - readOnly: true - type: string - enumDescriptions: - - Unspecified. - - The update is available to be applied. - - The update has been applied. - - The update has been withdrawn by the service. - enum: - - STATE_UNSPECIFIED - - AVAILABLE - - APPLIED - - WITHDRAWN - createTime: - description: The time the update was created. - type: string - format: google-datetime - updateTime: - description: The time the update was last updated. + description: The next page token. Returns empty if reached the last page. type: string - format: google-datetime - details: - description: The details of the update. - $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1UpdateDetails' - GoogleCloudAssuredworkloadsV1UpdateDetails: - id: GoogleCloudAssuredworkloadsV1UpdateDetails - description: The details of the update. - type: object - properties: - orgPolicyUpdate: - description: Update to one org policy, e.g. gcp.resourceLocation. - $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1OrgPolicyUpdate' - GoogleCloudAssuredworkloadsV1OrgPolicyUpdate: - id: GoogleCloudAssuredworkloadsV1OrgPolicyUpdate - description: >- - Represents an update for an org policy control applied on an Assured - Workload resource. The inherited org policy is not considered. + GoogleCloudAssuredworkloadsV1ViolationRemediation: + id: GoogleCloudAssuredworkloadsV1ViolationRemediation type: object - properties: - appliedPolicy: - description: The org policy currently applied on the assured workload resource. - $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1OrgPolicy' - suggestedPolicy: - description: The suggested org policy that replaces the applied policy. - $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1OrgPolicy' - GoogleCloudAssuredworkloadsV1OrgPolicy: - id: GoogleCloudAssuredworkloadsV1OrgPolicy description: >- - This assured workload service object is used to represent the org policy - attached to a resource. It servces the same purpose as the - orgpolicy.v2.Policy object but with functionality that is limited to - what is supported by Assured Workloads(e.g. only one rule under one - OrgPolicy object, no conditions, etc). - type: object + Represents remediation guidance to resolve compliance violation for + AssuredWorkload properties: - resource: - description: >- - Resource that the OrgPolicy attaches to. Format: folders/123" - projects/123". + remediationType: type: string - constraint: + enum: + - REMEDIATION_TYPE_UNSPECIFIED + - REMEDIATION_BOOLEAN_ORG_POLICY_VIOLATION + - REMEDIATION_LIST_ALLOWED_VALUES_ORG_POLICY_VIOLATION + - REMEDIATION_LIST_DENIED_VALUES_ORG_POLICY_VIOLATION + - REMEDIATION_RESTRICT_CMEK_CRYPTO_KEY_PROJECTS_ORG_POLICY_VIOLATION + - REMEDIATION_RESOURCE_VIOLATION + - REMEDIATION_RESOURCE_VIOLATION_NON_CMEK_SERVICES + enumDescriptions: + - Unspecified remediation type + - Remediation type for boolean org policy + - >- + Remediation type for list org policy which have allowed values in + the monitoring rule + - >- + Remediation type for list org policy which have denied values in + the monitoring rule + - Remediation type for gcp.restrictCmekCryptoKeyProjects + - Remediation type for resource violation. + - >- + Remediation type for resource violation due to + gcp.restrictNonCmekServices description: >- - The constraint name of the OrgPolicy. e.g. - "constraints/gcp.resourceLocations". - type: string - rule: - description: The rule of the OrgPolicy. + Output only. Reemediation type based on the type of org policy + values violated + readOnly: true + instructions: + description: Required. Remediation instructions to resolve violations $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1OrgPolicyPolicyRule - inherit: - description: >- - If `inherit` is true, policy rules of the lowest ancestor in the - resource hierarchy chain are inherited. If it is false, policy rules - are not inherited. - type: boolean - reset: + #/components/schemas/GoogleCloudAssuredworkloadsV1ViolationRemediationInstructions + compliantValues: + items: + type: string + type: array description: >- - Ignores policies set above this resource and restores to the - `constraint_default` value. `reset` can only be true when `rules` is - empty and `inherit` is false. - type: boolean - GoogleCloudAssuredworkloadsV1OrgPolicyPolicyRule: - id: GoogleCloudAssuredworkloadsV1OrgPolicyPolicyRule - description: A rule used to express this policy. - type: object - properties: - values: - description: ListPolicy only when custom values are specified. - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1OrgPolicyPolicyRuleStringValues - allowAll: - description: ListPolicy only when all values are allowed. - type: boolean - denyAll: - description: ListPolicy only when all values are denied. - type: boolean - enforce: - description: BooleanPolicy only. - type: boolean + Values that can resolve the violation For example: for list org + policy violations, this will either be the list of allowed or denied + values GoogleCloudAssuredworkloadsV1OrgPolicyPolicyRuleStringValues: - id: GoogleCloudAssuredworkloadsV1OrgPolicyPolicyRuleStringValues - description: The values allowed for a ListPolicy. - type: object properties: allowedValues: + items: + type: string description: List of values allowed at this resource. type: array + deniedValues: items: type: string - deniedValues: description: List of values denied at this resource. type: array - items: - type: string - GoogleCloudAssuredworkloadsV1ApplyWorkloadUpdateRequest: - id: GoogleCloudAssuredworkloadsV1ApplyWorkloadUpdateRequest - description: Request to apply update to a workload. type: object - properties: - action: - description: The action to be performed on the update. - type: string - enumDescriptions: - - Unspecified value. - - The update is applied. - enum: - - WORKLOAD_UPDATE_ACTION_UNSPECIFIED - - APPLY - GoogleCloudAssuredworkloadsV1CreateWorkloadOperationMetadata: - id: GoogleCloudAssuredworkloadsV1CreateWorkloadOperationMetadata - description: Operation metadata to give request details of CreateWorkload. + description: The values allowed for a ListPolicy. + id: GoogleCloudAssuredworkloadsV1OrgPolicyPolicyRuleStringValues + GoogleCloudAssuredworkloadsV1ViolationRemediationInstructions: + id: GoogleCloudAssuredworkloadsV1ViolationRemediationInstructions type: object properties: - createTime: - description: Optional. Time when the operation was created. - type: string - format: google-datetime - displayName: - description: Optional. The display name of the workload. - type: string - parent: - description: Optional. The parent of the workload. + gcloudInstructions: + description: Remediation instructions to resolve violation via gcloud cli + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsGcloud + consoleInstructions: + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsConsole + description: Remediation instructions to resolve violation via cloud console + description: Instructions to remediate violation + GoogleCloudAssuredworkloadsV1WorkloadResourceInfo: + description: Represent the resources that are children of this Workload. + properties: + resourceId: type: string - complianceRegime: description: >- - Optional. Compliance controls that should be applied to the - resources managed by the workload. - type: string - enumDescriptions: - - Unknown compliance regime. - - Information protection as per DoD IL4 requirements. - - Criminal Justice Information Services (CJIS) Security policies. - - FedRAMP High data protection controls - - FedRAMP Moderate data protection controls - - Assured Workloads For US Regions data protection controls - - >- - [DEPRECATED] Health Insurance Portability and Accountability Act - controls - - '[DEPRECATED] Health Information Trust Alliance controls' - - Assured Workloads For EU Regions and Support controls - - Assured Workloads For Canada Regions and Support controls - - International Traffic in Arms Regulations - - Assured Workloads for Australia Regions and Support controls - - Assured Workloads for Partners; - - Assured Workloads for Israel Regions - - Assured Workloads for Israel Regions - - Assured Workloads for Canada Protected B regime - - Information protection as per DoD IL5 requirements. - - Information protection as per DoD IL2 requirements. - - Assured Workloads for Japan Regions - - Assured Workloads Sovereign Controls KSA - - Assured Workloads for Regional Controls - - Healthcare and Life Science Controls - - Healthcare and Life Science Controls with US Support - - Internal Revenue Service 1075 controls - - Canada Controlled Goods - - Australia Data Boundary and Support - - Canada Data Boundary and Support - - Data Boundary for Canada Controlled Goods - - Data Boundary for Canada Protected B - - Data Boundary for CJIS - - Data Boundary for FedRAMP High - - Data Boundary for FedRAMP Moderate - - Data Boundary for IL2 - - Data Boundary for IL4 - - Data Boundary for IL5 - - Data Boundary for IRS Publication 1075 - - Data Boundary for ITAR - - Data Boundary for EU Regions and Support - - Data Boundary for Israel Regions - - Data Boundary for US Regions and Support - - Data Boundary for US Healthcare and Life Sciences - - Data Boundary for US Healthcare and Life Sciences with Support - - KSA Data Boundary with Access Justifications - - Regional Data Boundary - - JAPAN Data Boundary + Output only. Resource identifier. For a project this represents + project_number. + format: int64 + readOnly: true + resourceType: enumDeprecated: - - false - - false - - false - - false - - false - false - true - - true - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - false - false - false + description: Indicates the type of resource. + enumDescriptions: + - Unknown resource type. + - >- + Deprecated. Existing workloads will continue to support this, but + new CreateWorkloadRequests should not specify this as an input + value. + - Consumer Folder. + - Consumer project containing encryption keys. + - Keyring resource that hosts encryption keys. + type: string enum: - - COMPLIANCE_REGIME_UNSPECIFIED - - IL4 - - CJIS - - FEDRAMP_HIGH - - FEDRAMP_MODERATE - - US_REGIONAL_ACCESS - - HIPAA - - HITRUST - - EU_REGIONS_AND_SUPPORT - - CA_REGIONS_AND_SUPPORT - - ITAR - - AU_REGIONS_AND_US_SUPPORT - - ASSURED_WORKLOADS_FOR_PARTNERS - - ISR_REGIONS - - ISR_REGIONS_AND_SUPPORT - - CA_PROTECTED_B - - IL5 - - IL2 - - JP_REGIONS_AND_SUPPORT - - KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS - - REGIONAL_CONTROLS - - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS - - HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_US_SUPPORT - - IRS_1075 - - CANADA_CONTROLLED_GOODS - - AUSTRALIA_DATA_BOUNDARY_AND_SUPPORT - - CANADA_DATA_BOUNDARY_AND_SUPPORT - - DATA_BOUNDARY_FOR_CANADA_CONTROLLED_GOODS - - DATA_BOUNDARY_FOR_CANADA_PROTECTED_B - - DATA_BOUNDARY_FOR_CJIS - - DATA_BOUNDARY_FOR_FEDRAMP_HIGH - - DATA_BOUNDARY_FOR_FEDRAMP_MODERATE - - DATA_BOUNDARY_FOR_IL2 - - DATA_BOUNDARY_FOR_IL4 - - DATA_BOUNDARY_FOR_IL5 - - DATA_BOUNDARY_FOR_IRS_PUBLICATION_1075 - - DATA_BOUNDARY_FOR_ITAR - - EU_DATA_BOUNDARY_AND_SUPPORT - - ISRAEL_DATA_BOUNDARY_AND_SUPPORT - - US_DATA_BOUNDARY_AND_SUPPORT - - US_DATA_BOUNDARY_FOR_HEALTHCARE_AND_LIFE_SCIENCES - - US_DATA_BOUNDARY_FOR_HEALTHCARE_AND_LIFE_SCIENCES_WITH_SUPPORT - - KSA_DATA_BOUNDARY_WITH_ACCESS_JUSTIFICATIONS - - REGIONAL_DATA_BOUNDARY - - JAPAN_DATA_BOUNDARY - GoogleCloudAssuredworkloadsV1ApplyWorkloadUpdateResponse: - id: GoogleCloudAssuredworkloadsV1ApplyWorkloadUpdateResponse - description: Response for ApplyWorkloadUpdate endpoint. + - RESOURCE_TYPE_UNSPECIFIED + - CONSUMER_PROJECT + - CONSUMER_FOLDER + - ENCRYPTION_KEYS_PROJECT + - KEYRING type: object - properties: - appliedUpdate: - description: The update that was applied. - $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1WorkloadUpdate' + id: GoogleCloudAssuredworkloadsV1WorkloadResourceInfo GoogleCloudAssuredworkloadsV1ApplyWorkloadUpdateOperationMetadata: - id: GoogleCloudAssuredworkloadsV1ApplyWorkloadUpdateOperationMetadata description: Operation metadata to give request details of ApplyWorkloadUpdate. - type: object properties: updateName: description: Required. The resource name of the update type: string createTime: description: Optional. Output only. The time the operation was created. - readOnly: true - type: string format: google-datetime - action: - description: Optional. The time the operation was created. type: string + readOnly: true + action: enumDescriptions: - Unspecified value. - The update is applied. + description: Optional. The time the operation was created. enum: - WORKLOAD_UPDATE_ACTION_UNSPECIFIED - APPLY + type: string + id: GoogleCloudAssuredworkloadsV1ApplyWorkloadUpdateOperationMetadata + type: object parameters: - access_token: - description: OAuth access token. + callback: + description: JSONP in: query - name: access_token + name: callback schema: type: string alt: @@ -1568,18 +1577,6 @@ components: - json - media - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string key: description: >- API key. Your API key identifies your project and provides you with API @@ -1589,25 +1586,10 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: quotaUser + name: uploadType schema: type: string upload_protocol: @@ -1616,10 +1598,10 @@ components: name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + access_token: + description: OAuth access token. in: query - name: uploadType + name: access_token schema: type: string _.xgafv: @@ -1631,59 +1613,57 @@ components: enum: - '1' - '2' + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string x-stackQL-resources: - operations: - id: google.assuredworkloads.operations - name: operations - title: Operations - methods: - list: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - get: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] workloads: id: google.assuredworkloads.workloads name: workloads title: Workloads methods: - create: + analyze_workload_move: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}:analyzeWorkloadMove/get response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.workloads - patch: + get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -1694,45 +1674,46 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get: + create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads/post response: mediaType: application/json openAPIDocKey: '200' - restrict_allowed_resources: + list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}:restrictAllowedResources/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads/get response: mediaType: application/json openAPIDocKey: '200' - analyze_workload_move: + objectKey: $.workloads + restrict_allowed_resources: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}:analyzeWorkloadMove/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}:restrictAllowedResources/post response: mediaType: application/json openAPIDocKey: '200' - mutate_partner_permissions: + enable_resource_monitoring: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}:mutatePartnerPermissions/patch + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}:enableResourceMonitoring/post response: mediaType: application/json openAPIDocKey: '200' - enable_resource_monitoring: + enable_compliance_updates: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}:enableResourceMonitoring/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}:enableComplianceUpdates/put response: mediaType: application/json openAPIDocKey: '200' - enable_compliance_updates: + mutate_partner_permissions: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}:enableComplianceUpdates/put + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}:mutatePartnerPermissions/patch response: mediaType: application/json openAPIDocKey: '200' @@ -1752,14 +1733,13 @@ components: name: violations title: Violations methods: - list: + acknowledge: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}~1violations/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}~1violations~1{violationsId}:acknowledge/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.violations get: operation: $ref: >- @@ -1767,13 +1747,14 @@ components: response: mediaType: application/json openAPIDocKey: '200' - acknowledge: + list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}~1violations~1{violationsId}:acknowledge/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1workloads~1{workloadsId}~1violations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.violations sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/violations/methods/get' @@ -1809,25 +1790,54 @@ components: update: [] replace: [] delete: [] + operations: + id: google.assuredworkloads.operations + name: operations + title: Operations + methods: + list: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + get: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' + insert: [] + update: [] + replace: [] + delete: [] paths: - /v1/organizations/{organizationsId}/locations/{locationsId}/operations: + /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}:analyzeWorkloadMove: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/oauth_token' get: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: assuredworkloads.organizations.locations.operations.list + Analyzes a hypothetical move of a source resource to a target workload + to surface compliance risks. The analysis is best effort and is not + guaranteed to be exhaustive. + operationId: assuredworkloads.organizations.locations.workloads.analyzeWorkloadMove security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1839,7 +1849,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1AnalyzeWorkloadMoveResponse parameters: - in: path name: organizationsId @@ -1851,60 +1862,36 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: workloadsId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: assuredworkloads.organizations.locations.operations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: organizationsId - required: true + - in: query + name: assetTypes schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: project schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize schema: - type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/workloads: + type: integer + format: int32 + /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}: parameters: *ref_1 - post: - description: Creates Assured Workload. - operationId: assuredworkloads.organizations.locations.workloads.create + patch: + description: >- + Updates an existing workload. Currently allows updating of workload + display_name and labels. For force updates don't set etag field in the + Workload. Only one update operation per workload can be in progress. + operationId: assuredworkloads.organizations.locations.workloads.patch requestBody: content: application/json: @@ -1921,7 +1908,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1Workload' parameters: - in: path name: organizationsId @@ -1933,13 +1920,19 @@ paths: required: true schema: type: string + - in: path + name: workloadsId + required: true + schema: + type: string - in: query - name: externalId + name: updateMask schema: type: string + format: google-fieldmask get: - description: Lists Assured Workloads under a CRM Node. - operationId: assuredworkloads.organizations.locations.workloads.list + description: Gets Assured Workload associated with a CRM Node + operationId: assuredworkloads.organizations.locations.workloads.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1951,8 +1944,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1ListWorkloadsResponse + $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1Workload' parameters: - in: path name: organizationsId @@ -1964,32 +1956,20 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: workloadsId + required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}: - parameters: *ref_1 - patch: + delete: description: >- - Updates an existing workload. Currently allows updating of workload - display_name and labels. For force updates don't set etag field in the - Workload. Only one update operation per workload can be in progress. - operationId: assuredworkloads.organizations.locations.workloads.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1Workload' + Deletes the workload. Make sure that workload's direct children are + already in a deleted state, otherwise the request will fail with a + FAILED_PRECONDITION error. In addition to + assuredworkloads.workload.delete permission, the user should also have + orgpolicy.policy.set permission on the deleted folder to remove Assured + Workloads OrgPolicies. + operationId: assuredworkloads.organizations.locations.workloads.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2001,7 +1981,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1Workload' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -2017,21 +1997,21 @@ paths: name: workloadsId required: true schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: >- - Deletes the workload. Make sure that workload's direct children are - already in a deleted state, otherwise the request will fail with a - FAILED_PRECONDITION error. In addition to - assuredworkloads.workload.delete permission, the user should also have - orgpolicy.policy.set permission on the deleted folder to remove Assured - Workloads OrgPolicies. - operationId: assuredworkloads.organizations.locations.workloads.delete + type: string + - in: query + name: etag + schema: + type: string + /v1/organizations/{organizationsId}/locations/{locationsId}/workloads: + parameters: *ref_1 + post: + description: Creates Assured Workload. + operationId: assuredworkloads.organizations.locations.workloads.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1Workload' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2043,7 +2023,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -2055,18 +2035,13 @@ paths: required: true schema: type: string - - in: path - name: workloadsId - required: true - schema: - type: string - in: query - name: etag + name: externalId schema: type: string get: - description: Gets Assured Workload associated with a CRM Node - operationId: assuredworkloads.organizations.locations.workloads.get + description: Lists Assured Workloads under a CRM Node. + operationId: assuredworkloads.organizations.locations.workloads.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2078,7 +2053,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1Workload' + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1ListWorkloadsResponse parameters: - in: path name: organizationsId @@ -2090,9 +2066,17 @@ paths: required: true schema: type: string - - in: path - name: workloadsId - required: true + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}:restrictAllowedResources: @@ -2142,14 +2126,12 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}:analyzeWorkloadMove: + /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}:enableResourceMonitoring: parameters: *ref_1 - get: - description: >- - Analyzes a hypothetical move of a source resource to a target workload - to surface compliance risks. The analysis is best effort and is not - guaranteed to be exhaustive. - operationId: assuredworkloads.organizations.locations.workloads.analyzeWorkloadMove + post: + description: Enable resource violation monitoring for a workload. + operationId: >- + assuredworkloads.organizations.locations.workloads.enableResourceMonitoring security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2162,7 +2144,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1AnalyzeWorkloadMoveResponse + #/components/schemas/GoogleCloudAssuredworkloadsV1EnableResourceMonitoringResponse parameters: - in: path name: organizationsId @@ -2179,21 +2161,46 @@ paths: required: true schema: type: string - - in: query - name: project + /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}:enableComplianceUpdates: + parameters: *ref_1 + put: + description: >- + This endpoint enables Assured Workloads service to offer compliance + updates for the folder based assured workload. It sets up an Assured + Workloads Service Agent, having permissions to read compliance controls + (for example: Org Policies) applied on the workload. The caller must + have `resourcemanager.folders.getIamPolicy` and + `resourcemanager.folders.setIamPolicy` permissions on the assured + workload folder. + operationId: >- + assuredworkloads.organizations.locations.workloads.enableComplianceUpdates + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1EnableComplianceUpdatesResponse + parameters: + - in: path + name: organizationsId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: assetTypes + - in: path + name: workloadsId + required: true schema: type: string /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}:mutatePartnerPermissions: @@ -2239,12 +2246,22 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}:enableResourceMonitoring: + /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}/violations/{violationsId}:acknowledge: parameters: *ref_1 post: - description: Enable resource violation monitoring for a workload. + description: >- + Acknowledges an existing violation. By acknowledging a violation, users + acknowledge the existence of a compliance violation in their workload + and decide to ignore it due to a valid business justification. + Acknowledgement is a permanent operation and it cannot be reverted. operationId: >- - assuredworkloads.organizations.locations.workloads.enableResourceMonitoring + assuredworkloads.organizations.locations.workloads.violations.acknowledge + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1AcknowledgeViolationRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2257,7 +2274,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1EnableResourceMonitoringResponse + #/components/schemas/GoogleCloudAssuredworkloadsV1AcknowledgeViolationResponse parameters: - in: path name: organizationsId @@ -2274,19 +2291,16 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}:enableComplianceUpdates: + - in: path + name: violationsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}/violations/{violationsId}: parameters: *ref_1 - put: - description: >- - This endpoint enables Assured Workloads service to offer compliance - updates for the folder based assured workload. It sets up an Assured - Workloads Service Agent, having permissions to read compliance controls - (for example: Org Policies) applied on the workload. The caller must - have `resourcemanager.folders.getIamPolicy` and - `resourcemanager.folders.setIamPolicy` permissions on the assured - workload folder. - operationId: >- - assuredworkloads.organizations.locations.workloads.enableComplianceUpdates + get: + description: Retrieves Assured Workload Violation based on ID. + operationId: assuredworkloads.organizations.locations.workloads.violations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2298,8 +2312,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1EnableComplianceUpdatesResponse + $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1Violation' parameters: - in: path name: organizationsId @@ -2316,6 +2329,11 @@ paths: required: true schema: type: string + - in: path + name: violationsId + required: true + schema: + type: string /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}/violations: parameters: *ref_1 get: @@ -2356,33 +2374,33 @@ paths: schema: type: string - in: query - name: interval.startTime - schema: - type: string - format: google-datetime - - in: query - name: interval.endTime + name: pageToken schema: type: string - format: google-datetime - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: interval.endTime + schema: + type: string + format: google-datetime + - in: query + name: interval.startTime schema: type: string + format: google-datetime - in: query name: filter schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}/violations/{violationsId}: + /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}/updates: parameters: *ref_1 get: - description: Retrieves Assured Workload Violation based on ID. - operationId: assuredworkloads.organizations.locations.workloads.violations.get + description: This endpoint lists all updates for the given workload. + operationId: assuredworkloads.organizations.locations.workloads.updates.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2394,7 +2412,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudAssuredworkloadsV1Violation' + $ref: >- + #/components/schemas/GoogleCloudAssuredworkloadsV1ListWorkloadUpdatesResponse parameters: - in: path name: organizationsId @@ -2411,27 +2430,26 @@ paths: required: true schema: type: string - - in: path - name: violationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}/violations/{violationsId}:acknowledge: + /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}/updates/{updatesId}:apply: parameters: *ref_1 post: - description: >- - Acknowledges an existing violation. By acknowledging a violation, users - acknowledge the existence of a compliance violation in their workload - and decide to ignore it due to a valid business justification. - Acknowledgement is a permanent operation and it cannot be reverted. - operationId: >- - assuredworkloads.organizations.locations.workloads.violations.acknowledge + description: This endpoint creates a new operation to apply the given update. + operationId: assuredworkloads.organizations.locations.workloads.updates.apply requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1AcknowledgeViolationRequest + #/components/schemas/GoogleCloudAssuredworkloadsV1ApplyWorkloadUpdateRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2443,8 +2461,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1AcknowledgeViolationResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: organizationsId @@ -2462,15 +2479,17 @@ paths: schema: type: string - in: path - name: violationsId + name: updatesId required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}/updates: + /v1/organizations/{organizationsId}/locations/{locationsId}/operations: parameters: *ref_1 get: - description: This endpoint lists all updates for the given workload. - operationId: assuredworkloads.organizations.locations.workloads.updates.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: assuredworkloads.organizations.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2482,8 +2501,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1ListWorkloadUpdatesResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: organizationsId @@ -2495,31 +2513,31 @@ paths: required: true schema: type: string - - in: path - name: workloadsId - required: true + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}/updates/{updatesId}:apply: + /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - post: - description: This endpoint creates a new operation to apply the given update. - operationId: assuredworkloads.organizations.locations.workloads.updates.apply - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudAssuredworkloadsV1ApplyWorkloadUpdateRequest + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: assuredworkloads.organizations.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2544,12 +2562,7 @@ paths: schema: type: string - in: path - name: workloadsId - required: true - schema: - type: string - - in: path - name: updatesId + name: operationsId required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/backupdr.yaml b/providers/src/googleapis.com/v00.00.00000/services/backupdr.yaml index f381cd84..be903bb2 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/backupdr.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/backupdr.yaml @@ -7,8 +7,8 @@ info: title: Backup and DR Service API description: '' version: v1 - x-discovery-doc-revision: '20250825' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251130' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/backup-disaster-recovery servers: @@ -381,6 +381,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -520,6 +529,38 @@ components: readOnly: true type: string format: google-datetime + endReason: + description: Output only. The reason for ending the trial. + readOnly: true + type: string + enumDescriptions: + - End reason not set. + - >- + Trial is deliberately ended by the user to transition to paid + usage. + - Trial is discontinued before expiration. + enum: + - END_REASON_UNSPECIFIED + - MOVE_TO_PAID + - DISCONTINUED + EndTrialRequest: + id: EndTrialRequest + description: Request message for ending a trial. + type: object + properties: + endReason: + description: Required. The reason for ending the trial. + type: string + enumDescriptions: + - End reason not set. + - >- + Trial is deliberately ended by the user to transition to paid + usage. + - Trial is discontinued before expiration. + enum: + - END_REASON_UNSPECIFIED + - MOVE_TO_PAID + - DISCONTINUED ListManagementServersResponse: id: ListManagementServersResponse description: Response message for listing management servers. @@ -798,9 +839,35 @@ components: description: >- Required. The default and minimum enforced retention for each backup within the backup vault. The enforced retention for each backup can - be extended. + be extended. Note: Longer minimum enforced retention period impacts + potential storage costs post introductory trial. We recommend + starting with a short duration of 3 days or less. type: string format: google-duration + backupRetentionInheritance: + description: >- + Optional. Setting for how a backup's enforced retention end time is + inherited. + type: string + enumDescriptions: + - >- + Inheritance behavior not set. This will default to + `INHERIT_VAULT_RETENTION`. + - >- + The enforced retention end time of a backup will be inherited from + the backup vault's `backup_minimum_enforced_retention_duration` + field. This is the default behavior. + - >- + The enforced retention end time of a backup will always match the + expire time of the backup. If this is set, the backup's enforced + retention end time will be set to match the expire time during + creation of the backup. When updating, the ERET and expire time + must be updated together and have the same value. Invalid update + requests will be rejected by the server. + enum: + - BACKUP_RETENTION_INHERITANCE_UNSPECIFIED + - INHERIT_VAULT_RETENTION + - MATCH_BACKUP_EXPIRE_TIME deletable: description: >- Output only. Set to true when there are no backups nested under this @@ -893,6 +960,24 @@ components: - WITHIN_ORGANIZATION - UNRESTRICTED - WITHIN_ORG_BUT_UNRESTRICTED_FOR_BA + encryptionConfig: + description: Optional. The encryption config of the backup vault. + $ref: '#/components/schemas/EncryptionConfig' + EncryptionConfig: + id: EncryptionConfig + description: >- + Message describing the EncryptionConfig of backup vault. This determines + how data within the vault is encrypted at rest. + type: object + properties: + kmsKeyName: + description: >- + Optional. The Cloud KMS key name to encrypt backups in this backup + vault. Must be in the same region as the vault. Some workload + backups like compute disk backups may use their inherited source key + instead. Format: + projects/{project}/locations/{location}/keyRings/{ring}/cryptoKeys/{key} + type: string ListBackupVaultsResponse: id: ListBackupVaultsResponse description: Response message for listing BackupVaults. @@ -1199,6 +1284,15 @@ components: level. readOnly: true $ref: '#/components/schemas/CloudSqlInstanceDataSourceProperties' + alloyDbClusterDatasourceProperties: + description: >- + Output only. AlloyDBClusterDataSourceProperties has a subset of + AlloyDB cluster properties that are useful at the Datasource level. + Currently none of its child properties are auditable. If new + auditable properties are added, the AUDIT annotation should be + added. + readOnly: true + $ref: '#/components/schemas/AlloyDBClusterDataSourceProperties' diskDatasourceProperties: description: >- DiskDataSourceProperties has a subset of Disk properties that are @@ -1258,6 +1352,19 @@ components: `db-custom-1-3840` readOnly: true type: string + AlloyDBClusterDataSourceProperties: + id: AlloyDBClusterDataSourceProperties + description: >- + AlloyDBClusterDataSourceProperties represents the properties of a + AlloyDB cluster resource that are stored in the DataSource. . + type: object + properties: + name: + description: >- + Output only. Name of the AlloyDB cluster backed up by the + datasource. + readOnly: true + type: string DiskDataSourceProperties: id: DiskDataSourceProperties description: >- @@ -1583,6 +1690,31 @@ components: description: Optional. The backup can not be deleted before this time. type: string format: google-datetime + backupRetentionInheritance: + description: >- + Output only. Setting for how the enforced retention end time is + inherited. This value is copied from this backup's BackupVault. + readOnly: true + type: string + enumDescriptions: + - >- + Inheritance behavior not set. This will default to + `INHERIT_VAULT_RETENTION`. + - >- + The enforced retention end time of a backup will be inherited from + the backup vault's `backup_minimum_enforced_retention_duration` + field. This is the default behavior. + - >- + The enforced retention end time of a backup will always match the + expire time of the backup. If this is set, the backup's enforced + retention end time will be set to match the expire time during + creation of the backup. When updating, the ERET and expire time + must be updated together and have the same value. Invalid update + requests will be rejected by the server. + enum: + - BACKUP_RETENTION_INHERITANCE_UNSPECIFIED + - INHERIT_VAULT_RETENTION + - MATCH_BACKUP_EXPIRE_TIME expireTime: description: Optional. When this backup is automatically expired. type: string @@ -1644,6 +1776,10 @@ components: description: Output only. Backup Appliance specific backup properties. readOnly: true $ref: '#/components/schemas/BackupApplianceBackupProperties' + alloyDbBackupProperties: + description: Output only. AlloyDB specific backup properties. + readOnly: true + $ref: '#/components/schemas/AlloyDbClusterBackupProperties' diskBackupProperties: description: Output only. Disk specific backup properties. readOnly: true @@ -1681,6 +1817,20 @@ components: description: Optional. Output only. Reserved for future use. readOnly: true type: boolean + gcpResource: + description: >- + Output only. Unique identifier of the GCP resource that is being + backed up. + readOnly: true + $ref: '#/components/schemas/BackupGcpResource' + kmsKeyVersions: + description: >- + Optional. Output only. The list of KMS key versions used to encrypt + the backup. + readOnly: true + type: array + items: + type: string BackupLock: id: BackupLock description: >- @@ -2484,12 +2634,22 @@ components: projects/{project}/instances/{instance} readOnly: true type: string + instanceCreateTime: + description: Output only. The instance creation timestamp. + readOnly: true + type: string + format: google-datetime instanceTier: description: >- Output only. The tier (or machine type) for this instance. Example: `db-custom-1-3840` readOnly: true type: string + instanceDeleteTime: + description: Output only. The instance delete timestamp. + readOnly: true + type: string + format: google-datetime BackupApplianceBackupProperties: id: BackupApplianceBackupProperties description: >- @@ -2519,6 +2679,34 @@ components: description: Optional. The latest timestamp of data available in this Backup. type: string format: google-datetime + AlloyDbClusterBackupProperties: + id: AlloyDbClusterBackupProperties + description: >- + AlloyDbClusterBackupProperties represents AlloyDB cluster backup + properties. . + type: object + properties: + description: + description: An optional text description for the backup. + type: string + storedBytes: + description: Output only. Storage usage of this particular backup + readOnly: true + type: string + format: int64 + chainId: + description: >- + Output only. The chain id of this backup. Backups belonging to the + same chain are sharing the same chain id. This property is + calculated and maintained by BackupDR. + readOnly: true + type: string + databaseVersion: + description: >- + Output only. The PostgreSQL major version of the AlloyDB cluster + when the backup was taken. + readOnly: true + type: string DiskBackupProperties: id: DiskBackupProperties description: DiskBackupProperties represents the properties of a Disk backup. @@ -2635,6 +2823,37 @@ components: this backup in case of scheduled backup or used for on demand backup. type: string + BackupGcpResource: + id: BackupGcpResource + description: Minimum details to identify a Google Cloud resource for a backup. + type: object + properties: + gcpResourcename: + description: Name of the Google Cloud resource. + type: string + location: + description: 'Location of the resource: //"global"/"unspecified".' + type: string + type: + description: >- + Type of the resource. Use the Unified Resource Type, eg. + compute.googleapis.com/Instance. + type: string + FetchBackupsForResourceTypeResponse: + id: FetchBackupsForResourceTypeResponse + description: Response for the FetchBackupsForResourceType method. + type: object + properties: + backups: + description: The Backups from the specified parent. + type: array + items: + $ref: '#/components/schemas/Backup' + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string RestoreBackupRequest: id: RestoreBackupRequest description: Request message for restoring from a Backup. @@ -2670,6 +2889,18 @@ components: diskRestoreProperties: description: Disk properties to be overridden during restore. $ref: '#/components/schemas/DiskRestoreProperties' + clearOverridesFieldMask: + description: >- + Optional. A field mask used to clear server-side default values for + fields within the `instance_properties` oneof. When a field in this + mask is cleared, the server will not apply its default logic (like + inheriting a value from the source) for that field. The most common + current use case is clearing default encryption keys. Examples of + field mask paths: - Compute Instance Disks: + `compute_instance_restore_properties.disks.*.disk_encryption_key` - + Single Disk: `disk_restore_properties.disk_encryption_key` + type: string + format: google-fieldmask ComputeInstanceTargetEnvironment: id: ComputeInstanceTargetEnvironment description: >- @@ -3146,6 +3377,13 @@ components: type: array items: $ref: '#/components/schemas/BackupRule' + maxCustomOnDemandRetentionDays: + description: >- + Optional. Optional field to configure the maximum number of days for + which a backup can be retained. This field is only applicable for + on-demand backups taken with custom retention value. + type: integer + format: int32 state: description: Output only. The `State` for the `BackupPlan`. readOnly: true @@ -3235,7 +3473,9 @@ components: equal to minimum enforced retention of the backup vault. Minimum value is 1 and maximum value is 36159 for custom retention on-demand backup. Minimum and maximum values are workload specific for all - other rules. + other rules. Note: Longer retention can lead to higher storage costs + post introductory trial. We recommend starting with a short duration + of 3 days or less. type: integer format: int32 standardSchedule: @@ -3761,6 +4001,19 @@ components: with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000). type: string + customRetentionDays: + description: >- + Optional. The duration for which backup data will be kept, while + taking an on-demand backup with custom retention. It is defined in + "days". It is mutually exclusive with rule_id. This field is + required if rule_id is not provided. + type: integer + format: int32 + labels: + description: Optional. Labels to be applied on the backup. + type: object + additionalProperties: + type: string DataSourceReference: id: DataSourceReference description: DataSourceReference is a reference to a DataSource resource. @@ -3813,6 +4066,13 @@ components: with. readOnly: true $ref: '#/components/schemas/DataSourceGcpResourceInfo' + totalStoredBytes: + description: >- + Output only. Total size of the storage used by all backup resources + for the referenced datasource. + readOnly: true + type: string + format: int64 DataSourceBackupConfigInfo: id: DataSourceBackupConfigInfo description: Information of backup configuration on the DataSource. @@ -3900,6 +4160,26 @@ components: `db-custom-1-3840` readOnly: true type: string + ListDataSourceReferencesResponse: + id: ListDataSourceReferencesResponse + description: Response for the ListDataSourceReferences method. + type: object + properties: + dataSourceReferences: + description: The DataSourceReferences from the specified parent. + type: array + items: + $ref: '#/components/schemas/DataSourceReference' + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + unreachable: + description: Locations that could not be reached. + type: array + items: + type: string FetchDataSourceReferencesForResourceTypeResponse: id: FetchDataSourceReferencesForResourceTypeResponse description: Response for the FetchDataSourceReferencesForResourceType method. @@ -4011,10 +4291,14 @@ components: - Resource type not set. - Cloud SQL instance. - Compute Engine VM. + - Compute Engine Disk. + - Compute Engine Regional Disk. enum: - RESOURCE_TYPE_UNSPECIFIED - CLOUD_SQL_INSTANCE - COMPUTE_ENGINE_VM + - COMPUTE_ENGINE_DISK + - COMPUTE_ENGINE_REGIONAL_DISK targetResourceLabels: description: Labels associated with the target resource. type: object @@ -4373,10 +4657,12 @@ components: - '' - '' - '' + - '' enum: - FEATURE_UNSPECIFIED - MANAGEMENT_SERVER - COMPUTE_INSTANCE + - PROTECTION_SUMMARY parameters: access_token: description: OAuth access token. @@ -4477,6 +4763,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + end: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1trial:end/post + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/trial/methods/get_trial' @@ -4868,6 +5161,26 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/backups/methods/delete' + backups_for_resource_type: + id: google.backupdr.backups_for_resource_type + name: backups_for_resource_type + title: Backups_for_resource_type + methods: + fetch_for_resource_type: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults~1{backupVaultsId}~1dataSources~1{dataSourcesId}~1backups:fetchForResourceType/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/backups_for_resource_type/methods/fetch_for_resource_type + insert: [] + update: [] + replace: [] + delete: [] backup_plans: id: google.backupdr.backup_plans name: backup_plans @@ -5031,6 +5344,14 @@ components: response: mediaType: application/json openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataSourceReferences/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.dataSourceReferences fetch_for_resource_type: operation: $ref: >- @@ -5042,6 +5363,8 @@ components: select: - $ref: >- #/components/x-stackQL-resources/data_source_references/methods/get + - $ref: >- + #/components/x-stackQL-resources/data_source_references/methods/list - $ref: >- #/components/x-stackQL-resources/data_source_references/methods/fetch_for_resource_type insert: [] @@ -5529,6 +5852,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: @@ -5680,6 +6007,39 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/trial:end: + parameters: *ref_1 + post: + description: Ends the trial for a project + operationId: backupdr.projects.locations.trial.end + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EndTrialRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Trial' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/backupVaults: parameters: *ref_1 post: @@ -6473,6 +6833,70 @@ paths: name: view schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/backupVaults/{backupVaultsId}/dataSources/{dataSourcesId}/backups:fetchForResourceType: + parameters: *ref_1 + get: + description: Fetch Backups for a given resource type. + operationId: >- + backupdr.projects.locations.backupVaults.dataSources.backups.fetchForResourceType + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/FetchBackupsForResourceTypeResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: backupVaultsId + required: true + schema: + type: string + - in: path + name: dataSourcesId + required: true + schema: + type: string + - in: query + name: resourceType + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: view + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/backupVaults/{backupVaultsId}/dataSources/{dataSourcesId}/backups/{backupsId}: parameters: *ref_1 get: @@ -7259,6 +7683,51 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/dataSourceReferences: + parameters: *ref_1 + get: + description: Lists DataSourceReferences for a given project and location. + operationId: backupdr.projects.locations.dataSourceReferences.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListDataSourceReferencesResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/dataSourceReferences:fetchForResourceType: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/baremetalsolution.yaml b/providers/src/googleapis.com/v00.00.00000/services/baremetalsolution.yaml index bd15029f..f24131f8 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/baremetalsolution.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/baremetalsolution.yaml @@ -9,8 +9,8 @@ info: Provides ways to manage Bare Metal Solution hardware installed in a regional extension located near a Google Cloud data center. version: v2 - x-discovery-doc-revision: '20250528' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251008' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/bare-metal servers: @@ -36,1209 +36,937 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListInstancesResponse: - id: ListInstancesResponse - description: Response message for the list of servers. - type: object - properties: - instances: - description: The list of servers. - type: array - items: - $ref: '#/components/schemas/Instance' - nextPageToken: - description: A token identifying a page of results from the server. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - Instance: - id: Instance - description: A server. - type: object + SSHKey: properties: name: - description: >- - Immutable. The resource name of this `Instance`. Resource names are - schemeless URIs that follow the conventions in - https://cloud.google.com/apis/design/resource_names. Format: - `projects/{project}/locations/{location}/instances/{instance}` type: string - id: description: >- - Output only. An identifier for the `Instance`, generated by the - backend. + Output only. The name of this SSH key. Currently, the only valid + value for the location is "global". readOnly: true + publicKey: + description: The public SSH key. This must be in OpenSSH .authorized_keys format. type: string - createTime: - description: Output only. Create a time stamp. - readOnly: true + type: object + description: >- + An SSH key, used for authorizing with the interactive serial console + feature. + id: SSHKey + ProvisioningQuota: + type: object + properties: + gcpService: + description: The gcp service of the provisioning quota. type: string - format: google-datetime - updateTime: - description: Output only. Update a time stamp. - readOnly: true + availableCount: + description: The available count of the provisioning quota. + format: int32 + type: integer + serverCount: + format: int64 type: string - format: google-datetime - machineType: - description: >- - Immutable. The server type. [Available server - types](https://cloud.google.com/bare-metal/docs/bms-planning#server_configurations) + description: Server count. + networkBandwidth: + description: Network bandwidth, Gbps type: string - state: - description: Output only. The state of the server. - readOnly: true + format: int64 + assetType: type: string enumDescriptions: - - The server is in an unknown state. - - The server is being provisioned. - - The server is running. - - The server has been deleted. - - The server is being updated. - - The server is starting. - - The server is stopping. - - The server is shutdown. + - The unspecified type. + - The server asset type. + - The storage asset type. + - The network asset type. enum: - - STATE_UNSPECIFIED - - PROVISIONING - - RUNNING - - DELETED - - UPDATING - - STARTING - - STOPPING - - SHUTDOWN - hyperthreadingEnabled: - description: >- - True if you enable hyperthreading for the server, otherwise false. - The default value is false. - type: boolean - labels: - description: Labels as key value pairs. - type: object - additionalProperties: - type: string - luns: - description: Immutable. List of LUNs associated with this server. - type: array - items: - $ref: '#/components/schemas/Lun' - volumes: - description: >- - Input only. List of Volumes to attach to this Instance on creation. - This field won't be populated in Get/List responses. - type: array - items: - $ref: '#/components/schemas/Volume' - networks: - description: Output only. List of networks associated with this server. - readOnly: true - type: array - items: - $ref: '#/components/schemas/Network' - interactiveSerialConsoleEnabled: - description: >- - Output only. True if the interactive serial console feature is - enabled for the instance, false otherwise. The default value is - false. + - ASSET_TYPE_UNSPECIFIED + - ASSET_TYPE_SERVER + - ASSET_TYPE_STORAGE + - ASSET_TYPE_NETWORK + description: The asset type of this provisioning quota. + name: readOnly: true + description: Output only. The name of the provisioning quota. + type: string + location: + description: The specific location of the provisioining quota. + type: string + instanceQuota: + description: Instance quota. + $ref: '#/components/schemas/InstanceQuota' + storageGib: + format: int64 + type: string + description: Storage size (GB). + description: A provisioning quota for a given project. + id: ProvisioningQuota + NetworkConfig: + id: NetworkConfig + properties: + type: + type: string + description: The type of this network, either Client or Private. + enum: + - TYPE_UNSPECIFIED + - CLIENT + - PRIVATE + enumDescriptions: + - Unspecified value. + - Client network, that is a network peered to a GCP VPC. + - Private network, that is a network local to the BMS POD. + jumboFramesEnabled: type: boolean - osImage: - description: The OS image currently installed on the server. + description: The JumboFramesEnabled option for customer to set. + serviceCidr: + enum: + - SERVICE_CIDR_UNSPECIFIED + - DISABLED + - HIGH_26 + - HIGH_27 + - HIGH_28 + description: Service CIDR, if any. + type: string + enumDescriptions: + - Unspecified value. + - Services are disabled for the given network. + - Use the highest /26 block of the network to host services. + - Use the highest /27 block of the network to host services. + - Use the highest /28 block of the network to host services. + id: type: string - pod: description: >- - Immutable. Pod name. Pod is an independent part of infrastructure. - Instance can only be connected to the assets (networks, volumes) - allocated in the same pod. + A transient unique identifier to identify a volume within an + ProvisioningConfig request. + userNote: type: string - networkTemplate: description: >- - Instance network template name. For eg, bondaa-bondaa, bondab-nic, - etc. Generally, the template name follows the syntax of "bond" or - "nic". + User note field, it can be used by customers to add additional + information for the BMS Ops team . + gcpService: type: string - logicalInterfaces: description: >- - List of logical interfaces for the instance. The number of logical - interfaces will be the same as number of hardware bond/nic on the - chosen network template. For the non-multivlan configurations (for - eg, existing servers) that use existing default network template - (bondaa-bondaa), both the Instance.networks field and the - Instance.logical_interfaces fields will be filled to ensure backward - compatibility. For the others, only Instance.logical_interfaces will - be filled. + The GCP service of the network. Available gcp_service are in + https://cloud.google.com/bare-metal/docs/bms-planning. + vrf: + description: >- + Optional. The name of a pre-existing Vrf that the network should be + attached to. Format is `vrfs/{vrf}`. If vrf is specified, + vlan_attachments must be empty. + type: string + vlanAttachments: + description: >- + List of VLAN attachments. As of now there are always 2 attachments, + but it is going to change in the future (multi vlan). Use only one + of vlan_attachments or vrf type: array items: - $ref: >- - #/components/schemas/GoogleCloudBaremetalsolutionV2LogicalInterface - loginInfo: - description: Output only. Text field about info for logging in. - readOnly: true - type: string - workloadProfile: - description: The workload profile for the instance. + $ref: '#/components/schemas/IntakeVlanAttachment' + bandwidth: + enum: + - BANDWIDTH_UNSPECIFIED + - BW_1_GBPS + - BW_2_GBPS + - BW_5_GBPS + - BW_10_GBPS + description: Interconnect bandwidth. Set only when type is CLIENT. type: string enumDescriptions: - - The workload profile is in an unknown state. - - The workload profile is generic. - - The workload profile is hana. - enum: - - WORKLOAD_PROFILE_UNSPECIFIED - - WORKLOAD_PROFILE_GENERIC - - WORKLOAD_PROFILE_HANA - firmwareVersion: - description: Output only. The firmware version for the instance. + - Unspecified value. + - 1 Gbps. + - 2 Gbps. + - 5 Gbps. + - 10 Gbps. + name: + type: string readOnly: true + description: Output only. The name of the network config. + cidr: + description: CIDR range of the network. type: string - sshKeys: - description: Optional. List of SSH Keys used during instance provisioning. - type: array - items: - type: string - kmsKeyVersion: + vlanSameProject: + description: Whether the VLAN attachment pair is located in the same project. + type: boolean + description: Configuration parameters for a new network. + type: object + GoogleCloudBaremetalsolutionV2ServerNetworkTemplateLogicalInterface: + id: GoogleCloudBaremetalsolutionV2ServerNetworkTemplateLogicalInterface + description: Logical interface. + properties: + required: + description: If true, interface must have network connected. + type: boolean + type: + enum: + - INTERFACE_TYPE_UNSPECIFIED + - BOND + - NIC + type: string + enumDescriptions: + - Unspecified value. + - Bond interface type. + - NIC interface type. + description: Interface type. + name: description: >- - Optional. Name of the KMS crypto key version used to encrypt the - initial passwords. The key has to have ASYMMETRIC_DECRYPT purpose. - Format is - `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}/cryptoKeyVersions/{version}`. + Interface name. This is not a globally unique identifier. Name is + unique only inside the ServerNetworkTemplate. This is of syntax or + and forms part of the network template name. type: string - Lun: - id: Lun - description: A storage volume logical unit number (LUN). + type: object + NfsShare: type: object properties: - name: - description: Output only. The name of the LUN. + labels: + additionalProperties: + type: string + type: object + description: Labels as key value pairs. + requestedSizeGib: + format: int64 + description: The requested size, in GiB. + type: string + nfsShareId: readOnly: true + description: >- + Output only. An identifier for the NFS share, generated by the + backend. This field will be deprecated in the future, use `id` + instead. type: string id: - description: An identifier for the LUN, generated by the backend. - type: string - state: - description: The state of this storage volume. - type: string - enumDescriptions: - - The LUN is in an unknown state. - - The LUN is being created. - - The LUN is being updated. - - The LUN is ready for use. - - The LUN has been requested to be deleted. - - >- - The LUN is in cool off state. It will be deleted after - `expire_time`. - enum: - - STATE_UNSPECIFIED - - CREATING - - UPDATING - - READY - - DELETING - - COOL_OFF - sizeGb: - description: The size of this LUN, in GiB. type: string - format: int64 - multiprotocolType: description: >- - The LUN multiprotocol type ensures the characteristics of the LUN - are optimized for each operating system. - type: string - enumDescriptions: - - Server has no OS specified. - - Server with Linux OS. - enum: - - MULTIPROTOCOL_TYPE_UNSPECIFIED - - LINUX - storageVolume: - description: Display the storage volume for this LUN. + Output only. An identifier for the NFS share, generated by the + backend. This is the same value as nfs_share_id and will replace it + in the future. + readOnly: true + name: type: string - shareable: - description: Display if this LUN can be shared between multiple physical servers. - type: boolean - bootLun: - description: Display if this LUN is a boot LUN. - type: boolean + description: Immutable. The name of the NFS share. storageType: - description: The storage type for this LUN. - type: string - enumDescriptions: - - The storage type for this LUN is unknown. - - This storage type for this LUN is SSD. - - This storage type for this LUN is HDD. enum: - STORAGE_TYPE_UNSPECIFIED - SSD - HDD - wwid: - description: The WWID for this LUN. - type: string - expireTime: - description: >- - Output only. Time after which LUN will be fully deleted. It is - filled only for LUNs in COOL_OFF state. - readOnly: true - type: string - format: google-datetime - instances: - description: Output only. Instances this Lun is attached to. - readOnly: true - type: array - items: - type: string - Volume: - id: Volume - description: A storage volume. - type: object - properties: - name: - description: >- - Output only. The resource name of this `Volume`. Resource names are - schemeless URIs that follow the conventions in - https://cloud.google.com/apis/design/resource_names. Format: - `projects/{project}/locations/{location}/volumes/{volume}` - readOnly: true - type: string - id: - description: An identifier for the `Volume`, generated by the backend. - type: string - storageType: - description: The storage type for this volume. type: string enumDescriptions: - The storage type for this volume is unknown. - The storage type for this volume is SSD. - This storage type for this volume is HDD. - enum: - - STORAGE_TYPE_UNSPECIFIED - - SSD - - HDD + description: Immutable. The storage type of the underlying volume. state: - description: The state of this storage volume. + description: Output only. The state of the NFS share. + readOnly: true type: string enumDescriptions: - - The storage volume is in an unknown state. - - The storage volume is being created. - - The storage volume is ready for use. - - The storage volume has been requested to be deleted. - - The storage volume is being updated. - - >- - The storage volume is in cool off state. It will be deleted after - `expire_time`. + - The share is in an unknown state. + - The share has been provisioned. + - The NFS Share is being created. + - The NFS Share is being updated. + - The NFS Share has been requested to be deleted. enum: - STATE_UNSPECIFIED + - PROVISIONED - CREATING - - READY - - DELETING - UPDATING - - COOL_OFF - requestedSizeGib: - description: The requested size of this storage volume, in GiB. - type: string - format: int64 - originallyRequestedSizeGib: - description: Originally requested size, in GiB. + - DELETING + pod: type: string - format: int64 - currentSizeGib: description: >- - The current size of this storage volume, in GiB, including space - reserved for snapshots. This size might be different than the - requested size if the storage volume has been configured with auto - grow or auto shrink. - type: string - format: int64 - emergencySizeGib: + Immutable. Pod name. Pod is an independent part of infrastructure. + NFSShare can only be connected to the assets (networks, instances) + allocated in the same pod. + volume: description: >- - Additional emergency size that was requested for this Volume, in - GiB. current_size_gib includes this value. + Output only. The underlying volume of the share. Created + automatically during provisioning. + readOnly: true type: string - format: int64 - maxSizeGib: - description: Maximum size volume can be expanded to in case of evergency, in GiB. + allowedClients: + items: + $ref: '#/components/schemas/AllowedClient' + type: array + description: List of allowed access points. + description: An NFS share. + id: NfsShare + ListSSHKeysResponse: + type: object + id: ListSSHKeysResponse + properties: + sshKeys: + items: + $ref: '#/components/schemas/SSHKey' + type: array + description: The SSH keys registered in the project. + nextPageToken: type: string - format: int64 - autoGrownSizeGib: description: >- - The size, in GiB, that this storage volume has expanded as a result - of an auto grow policy. In the absence of auto-grow, the value is 0. - type: string - format: int64 - remainingSpaceGib: + Token to retrieve the next page of results, or empty if there are no + more results in the list. + description: Message for response of ListSSHKeys. + SnapshotReservationDetail: + properties: + reservedSpacePercent: description: >- - The space remaining in the storage volume for new LUNs, in GiB, - excluding space reserved for snapshots. + Percent of the total Volume size reserved for snapshot copies. + Enabling snapshots requires reserving 20% or more of the storage + volume space for snapshots. Maximum reserved space for snapshots is + 40%. Setting this field will effectively set snapshot_enabled to + true. + type: integer + format: int32 + reservedSpaceRemainingGib: type: string format: int64 - snapshotReservationDetail: description: >- - Details about snapshot space reservation and usage on the storage - volume. - $ref: '#/components/schemas/SnapshotReservationDetail' - snapshotAutoDeleteBehavior: - description: The behavior to use when snapshot reserved space is full. + The amount, in GiB, of available space in this storage volume's + reserved snapshot space. + reservedSpaceGib: + format: int64 type: string - enumDescriptions: - - The unspecified behavior. - - >- - Don't delete any snapshots. This disables new snapshot creation, - as long as the snapshot reserved space is full. - - Delete the oldest snapshots first. - - Delete the newest snapshots first. - enum: - - SNAPSHOT_AUTO_DELETE_BEHAVIOR_UNSPECIFIED - - DISABLED - - OLDEST_FIRST - - NEWEST_FIRST - labels: - description: Labels as key value pairs. - type: object - additionalProperties: - type: string - snapshotEnabled: - description: Whether snapshots are enabled. - type: boolean - pod: - description: >- - Immutable. Pod name. Pod is an independent part of infrastructure. - Volume can only be connected to the instances allocated in the same - pod. - type: string - protocol: - description: Output only. Storage protocol for the Volume. - readOnly: true - type: string - enumDescriptions: - - Value is not specified. - - Fibre Channel protocol. - - >- - NFS protocol means Volume is a NFS Share volume. Such volumes - cannot be manipulated via Volumes API. - enum: - - PROTOCOL_UNSPECIFIED - - FIBRE_CHANNEL - - NFS - bootVolume: - description: >- - Output only. Whether this volume is a boot volume. A boot volume is - one which contains a boot LUN. - readOnly: true - type: boolean - performanceTier: - description: Immutable. Performance tier of the Volume. Default is SHARED. - type: string - enumDescriptions: - - Value is not specified. - - Regular volumes, shared aggregates. - - Assigned aggregates. - - High throughput aggregates. - - QoS 2.0 high performance storage. - enum: - - VOLUME_PERFORMANCE_TIER_UNSPECIFIED - - VOLUME_PERFORMANCE_TIER_SHARED - - VOLUME_PERFORMANCE_TIER_ASSIGNED - - VOLUME_PERFORMANCE_TIER_HT - - VOLUME_PERFORMANCE_TIER_QOS2_PERFORMANCE - notes: - description: >- - Input only. User-specified notes for new Volume. Used to provision - Volumes that require manual intervention. - type: string - workloadProfile: - description: The workload profile for the volume. - type: string - enumDescriptions: - - The workload profile is in an unknown state. - - The workload profile is generic. - - The workload profile is hana. - enum: - - WORKLOAD_PROFILE_UNSPECIFIED - - GENERIC - - HANA - expireTime: - description: >- - Output only. Time after which volume will be fully deleted. It is - filled only for volumes in COOLOFF state. - readOnly: true - type: string - format: google-datetime - instances: - description: >- - Output only. Instances this Volume is attached to. This field is set - only in Get requests. - readOnly: true - type: array - items: - type: string - attached: - description: >- - Output only. Is the Volume attached at at least one instance. This - field is a lightweight counterpart of `instances` field. It is - filled in List responses as well. - readOnly: true - type: boolean - SnapshotReservationDetail: - id: SnapshotReservationDetail - description: >- - Details about snapshot space reservation and usage on the storage - volume. - type: object - properties: - reservedSpaceGib: description: >- The space on this storage volume reserved for snapshots, shown in GiB. - type: string - format: int64 reservedSpaceUsedPercent: + format: int32 + type: integer description: >- The percent of snapshot space on this storage volume actually being used by the snapshot copies. This value might be higher than 100% if the snapshot copies have overflowed into the data portion of the storage volume. - type: integer - format: int32 - reservedSpaceRemainingGib: - description: >- - The amount, in GiB, of available space in this storage volume's - reserved snapshot space. - type: string - format: int64 - reservedSpacePercent: - description: >- - Percent of the total Volume size reserved for snapshot copies. - Enabling snapshots requires reserving 20% or more of the storage - volume space for snapshots. Maximum reserved space for snapshots is - 40%. Setting this field will effectively set snapshot_enabled to - true. - type: integer - format: int32 - Network: - id: Network - description: A Network. + type: object + id: SnapshotReservationDetail + description: >- + Details about snapshot space reservation and usage on the storage + volume. + LogicalNetworkInterface: + id: LogicalNetworkInterface + description: Each logical network interface is effectively a network and IP pair. type: object properties: - name: - description: >- - Output only. The resource name of this `Network`. Resource names are - schemeless URIs that follow the conventions in - https://cloud.google.com/apis/design/resource_names. Format: - `projects/{project}/locations/{location}/networks/{network}` - readOnly: true + network: + description: Name of the network type: string id: - description: An identifier for the `Network`, generated by the backend. type: string - type: - description: The type of this network. + description: An identifier for the `Network`, generated by the backend. + ipAddress: type: string + description: IP address in the network + networkType: enumDescriptions: - Unspecified value. - Client network, a network peered to a Google Cloud VPC. - >- Private network, a network local to the Bare Metal Solution environment. + type: string enum: - TYPE_UNSPECIFIED - CLIENT - PRIVATE - ipAddress: - description: IP address configured. - type: string - macAddress: - description: List of physical interfaces. - type: array - items: - type: string - state: - description: The Network state. + description: Type of network. + defaultGateway: + description: >- + Whether this interface is the default gateway for the instance. Only + one interface can be the default gateway for the instance. + type: boolean + ResetInstanceResponse: + type: object + description: Response message from resetting a server. + id: ResetInstanceResponse + properties: {} + RenameNfsShareRequest: + description: Message requesting rename of a server. + properties: + newNfsshareId: + description: Required. The new `id` of the nfsshare. type: string - enumDescriptions: - - The Network is in an unknown state. - - The Network is provisioning. - - The Network has been provisioned. - - The Network is being deprovisioned. - - The Network is being updated. - enum: - - STATE_UNSPECIFIED - - PROVISIONING - - PROVISIONED - - DEPROVISIONING - - UPDATING - vlanId: - description: The vlan id of the Network. + type: object + id: RenameNfsShareRequest + UserAccount: + description: User account provisioned for the customer. + id: UserAccount + type: object + properties: + encryptedPassword: + description: Encrypted initial password value. type: string - cidr: - description: The cidr of the Network. + kmsKeyVersion: type: string - vrf: + description: KMS CryptoKey Version used to encrypt the password. + ReimageInstanceRequest: + type: object + description: Message requesting to perform reimage operation on a server. + id: ReimageInstanceRequest + properties: + kmsKeyVersion: description: >- - The Vrf for the Network. Use this only if a new Vrf needs to be - created. - $ref: '#/components/schemas/VRF' - vrfAttachment: + Optional. Name of the KMS crypto key version used to encrypt the + initial passwords. The key has to have ASYMMETRIC_DECRYPT purpose. + Format is + `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}/cryptoKeyVersions/{version}`. + type: string + osImage: description: >- - Optional. The name of a pre-existing Vrf that the network should be - attached to. Format is `vrfs/{vrf}`. + Required. The OS image code of the image which will be used in the + reimage operation. type: string - labels: - description: Labels as key value pairs. - type: object - additionalProperties: + sshKeys: + type: array + items: type: string - servicesCidr: - description: IP range for reserved for services (e.g. NFS). + description: Optional. List of SSH Keys used during reimaging an instance. + ListProvisioningQuotasResponse: + type: object + description: Response message for the list of provisioning quotas. + id: ListProvisioningQuotasResponse + properties: + nextPageToken: type: string - reservations: description: >- - List of IP address reservations in this network. When updating this - field, an error will be generated if a reservation conflicts with an - IP address already allocated to a physical server. - type: array + Token to retrieve the next page of results, or empty if there are no + more results in the list. + provisioningQuotas: items: - $ref: '#/components/schemas/NetworkAddressReservation' - pod: - description: >- - Immutable. Pod name. Pod is an independent part of infrastructure. - Network can only be connected to the assets (instances, nfsshares) - allocated in the same pod. - type: string - mountPoints: - description: Input only. List of mount points to attach the network to. + $ref: '#/components/schemas/ProvisioningQuota' + description: The provisioning quotas registered in this project. type: array + ListNetworkUsageResponse: + properties: + networks: items: - $ref: '#/components/schemas/NetworkMountPoint' - jumboFramesEnabled: - description: Whether network uses standard frames or jumbo ones. - type: boolean - gatewayIp: - description: Output only. Gateway ip address. - readOnly: true - type: string - VRF: - id: VRF - description: A network VRF. + $ref: '#/components/schemas/NetworkUsage' + type: array + description: Networks with IPs. + id: ListNetworkUsageResponse + description: Response with Networks with IPs type: object + ListLunsResponse: + type: object + id: ListLunsResponse properties: - name: - description: The name of the VRF. - type: string - state: - description: The possible state of VRF. - type: string - enumDescriptions: - - The unspecified state. - - The vrf is provisioning. - - The vrf is provisioned. - enum: - - STATE_UNSPECIFIED - - PROVISIONING - - PROVISIONED - qosPolicy: - description: >- - The QOS policy applied to this VRF. The value is only meaningful - when all the vlan attachments have the same QoS. This field should - not be used for new integrations, use vlan attachment level qos - instead. The field is left for backward-compatibility. - $ref: '#/components/schemas/QosPolicy' - vlanAttachments: - description: The list of VLAN attachments for the VRF. + unreachable: + description: Locations that could not be reached. type: array items: - $ref: '#/components/schemas/VlanAttachment' - QosPolicy: - id: QosPolicy - description: QOS policy parameters. - type: object - properties: - bandwidthGbps: - description: The bandwidth permitted by the QOS policy, in gbps. - type: number - format: double - VlanAttachment: - id: VlanAttachment - description: VLAN attachment details. - type: object + type: string + luns: + type: array + description: The list of luns. + items: + $ref: '#/components/schemas/Lun' + nextPageToken: + type: string + description: A token identifying a page of results from the server. + description: Response message containing the list of storage volume luns. + VolumeSnapshot: + description: A snapshot of a volume. Only boot volumes can have snapshots. properties: - peerVlanId: - description: The peer vlan ID of the attachment. + storageVolume: + readOnly: true type: string - format: int64 - peerIp: - description: The peer IP of the attachment. + description: Output only. The name of the volume which this snapshot belongs to. + createTime: + format: google-datetime + readOnly: true + description: Output only. The creation time of the snapshot. type: string - routerIp: - description: The router IP of the attachment. + name: + description: The name of the snapshot. type: string - pairingKey: - description: Input only. Pairing key. + description: + description: The description of the snapshot. type: string - qosPolicy: - description: >- - The QOS policy applied to this VLAN attachment. This value should be - preferred to using qos at vrf level. - $ref: '#/components/schemas/QosPolicy' id: - description: Immutable. The identifier of the attachment within vrf. type: string - interconnectAttachment: + readOnly: true description: >- - Optional. The name of the vlan attachment within vrf. This is of the - form - projects/{project_number}/regions/{region}/interconnectAttachments/{interconnect_attachment} + Output only. An identifier for the snapshot, generated by the + backend. + type: + readOnly: true type: string - NetworkAddressReservation: - id: NetworkAddressReservation - description: A reservation of one or more addresses in a network. + enum: + - SNAPSHOT_TYPE_UNSPECIFIED + - AD_HOC + - SCHEDULED + description: >- + Output only. The type of the snapshot which indicates whether it was + scheduled or manual/ad-hoc. + enumDescriptions: + - Type is not specified. + - Snapshot was taken manually by user. + - Snapshot was taken automatically as a part of a snapshot schedule. type: object + id: VolumeSnapshot + SubmitProvisioningConfigRequest: properties: - startAddress: - description: >- - The first address of this reservation block. Must be specified as a - single IPv4 address, e.g. 10.1.2.2. + provisioningConfig: + $ref: '#/components/schemas/ProvisioningConfig' + description: Required. The ProvisioningConfig to create. + email: type: string - endAddress: description: >- - The last address of this reservation block, inclusive. I.e., for - cases when reservations are only single addresses, end_address and - start_address will be the same. Must be specified as a single IPv4 - address, e.g. 10.1.2.2. - type: string - note: - description: A note about this reservation, intended for human consumption. - type: string - NetworkMountPoint: - id: NetworkMountPoint - description: Mount point for a network. + Optional. Email provided to send a confirmation with provisioning + config to. type: object + description: Request for SubmitProvisioningConfig. + id: SubmitProvisioningConfigRequest + ProvisioningConfig: + id: ProvisioningConfig properties: - instance: - description: Instance to attach network to. + statusMessage: type: string - logicalInterface: - description: Logical interface to detach from. + description: Optional status messages associated with the FAILED state. + networks: + type: array + description: Networks to be created. + items: + $ref: '#/components/schemas/NetworkConfig' + location: type: string - defaultGateway: - description: Network should be a default gateway. - type: boolean - ipAddress: - description: Ip address of the server. + description: >- + Optional. Location name of this ProvisioningConfig. It is optional + only for Intake UI transition period. + handoverServiceAccount: type: string - GoogleCloudBaremetalsolutionV2LogicalInterface: - id: GoogleCloudBaremetalsolutionV2LogicalInterface - description: >- - Each logical interface represents a logical abstraction of the - underlying physical interface (for eg. bond, nic) of the instance. Each - logical interface can effectively map to multiple network-IP pairs and - still be mapped to one underlying physical interface. - type: object - properties: - logicalNetworkInterfaces: - description: List of logical network interfaces within a logical interface. + description: >- + A service account to enable customers to access instance credentials + upon handover. + cloudConsoleUri: + type: string + description: >- + Output only. URI to Cloud Console UI view of this provisioning + config. + readOnly: true + instances: + description: Instances to be created. + items: + $ref: '#/components/schemas/InstanceConfig' type: array + updateTime: + type: string + description: Output only. Last update timestamp. + format: google-datetime + readOnly: true + volumes: items: - $ref: '#/components/schemas/LogicalNetworkInterface' + $ref: '#/components/schemas/VolumeConfig' + description: Volumes to be created. + type: array name: + readOnly: true description: >- - Interface name. This is of syntax or and forms part of the network - template name. + Output only. The system-generated name of the provisioning config. + This follows the UUID format. type: string - interfaceIndex: - description: >- - The index of the logical interface mapping to the index of the - hardware bond or nic on the chosen network template. This field is - deprecated. - deprecated: true - type: integer - format: int32 - LogicalNetworkInterface: - id: LogicalNetworkInterface - description: Each logical network interface is effectively a network and IP pair. - type: object - properties: - network: - description: Name of the network + customId: + description: Optional. The user-defined identifier of the provisioning config. type: string - ipAddress: - description: IP address in the network + pod: + description: >- + Optional. Pod name. Pod is an independent part of infrastructure. + Instance can be connected to the assets (networks, volumes, + nfsshares) allocated in the same pod only. type: string - defaultGateway: + email: description: >- - Whether this interface is the default gateway for the instance. Only - one interface can be the default gateway for the instance. - type: boolean - networkType: - description: Type of network. + Email provided to send a confirmation with provisioning config to. + Deprecated in favour of email field in request messages. type: string + deprecated: true + ticketId: + description: A generated ticket id to track provisioning request. + type: string + vpcScEnabled: + type: boolean + description: If true, VPC SC is enabled for the cluster. + state: + readOnly: true enumDescriptions: - - Unspecified value. - - Client network, a network peered to a Google Cloud VPC. + - State wasn't specified. + - ProvisioningConfig is a draft and can be freely modified. + - ProvisioningConfig was already submitted and cannot be modified. - >- - Private network, a network local to the Bare Metal Solution - environment. + ProvisioningConfig was in the provisioning state. Initially this + state comes from the work order table in big query when SNOW is + used. Later this field can be set by the work order API. + - ProvisioningConfig was provisioned, meaning the resources exist. + - >- + ProvisioningConfig was validated. A validation tool will be run to + set this state. + - ProvisioningConfig was canceled. + - The request is submitted for provisioning, with error return. enum: - - TYPE_UNSPECIFIED - - CLIENT - - PRIVATE - id: - description: An identifier for the `Network`, generated by the backend. + - STATE_UNSPECIFIED + - DRAFT + - SUBMITTED + - PROVISIONING + - PROVISIONED + - VALIDATED + - CANCELLED + - FAILED + description: Output only. State of ProvisioningConfig. type: string - LoadInstanceAuthInfoResponse: - id: LoadInstanceAuthInfoResponse - description: Response for LoadInstanceAuthInfo. + description: A provisioning configuration. type: object + VRF: properties: - userAccounts: - description: Map of username to the user account info. - type: object - additionalProperties: - $ref: '#/components/schemas/UserAccount' - sshKeys: - description: List of ssh keys. + vlanAttachments: + description: The list of VLAN attachments for the VRF. type: array items: - $ref: '#/components/schemas/SSHKey' - UserAccount: - id: UserAccount - description: User account provisioned for the customer. - type: object - properties: - encryptedPassword: - description: Encrypted initial password value. - type: string - kmsKeyVersion: - description: KMS CryptoKey Version used to encrypt the password. - type: string - SSHKey: - id: SSHKey - description: >- - An SSH key, used for authorizing with the interactive serial console - feature. - type: object - properties: - name: + $ref: '#/components/schemas/VlanAttachment' + qosPolicy: description: >- - Output only. The name of this SSH key. Currently, the only valid - value for the location is "global". - readOnly: true + The QOS policy applied to this VRF. The value is only meaningful + when all the vlan attachments have the same QoS. This field should + not be used for new integrations, use vlan attachment level qos + instead. The field is left for backward-compatibility. + $ref: '#/components/schemas/QosPolicy' + name: + description: The name of the VRF. type: string - publicKey: - description: The public SSH key. This must be in OpenSSH .authorized_keys format. + state: + enumDescriptions: + - The unspecified state. + - The vrf is provisioning. + - The vrf is provisioned. + description: The possible state of VRF. + enum: + - STATE_UNSPECIFIED + - PROVISIONING + - PROVISIONED type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. type: object + id: VRF + description: A network VRF. + NetworkUsage: properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + network: + description: Network. + $ref: '#/components/schemas/Network' + usedIps: + items: + type: string + type: array + description: All used IP addresses in this network. + id: NetworkUsage + description: Network with all used IP addresses. + type: object + ListNfsSharesResponse: + id: ListNfsSharesResponse + description: Response message containing the list of NFS shares. type: object properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + nfsShares: + description: The list of NFS shares. type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ReimageInstanceRequest: - id: ReimageInstanceRequest - description: Message requesting to perform reimage operation on a server. + $ref: '#/components/schemas/NfsShare' + unreachable: + items: + type: string + description: Locations that could not be reached. + type: array + nextPageToken: + description: A token identifying a page of results from the server. + type: string + ListInstancesResponse: + id: ListInstancesResponse + description: Response message for the list of servers. type: object properties: - osImage: - description: >- - Required. The OS image code of the image which will be used in the - reimage operation. - type: string - kmsKeyVersion: - description: >- - Optional. Name of the KMS crypto key version used to encrypt the - initial passwords. The key has to have ASYMMETRIC_DECRYPT purpose. - Format is - `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}/cryptoKeyVersions/{version}`. - type: string - sshKeys: - description: Optional. List of SSH Keys used during reimaging an instance. + unreachable: + description: Locations that could not be reached. type: array items: type: string - EnableHyperthreadingRequest: - id: EnableHyperthreadingRequest - description: >- - Message requesting to perform enable hyperthreading operation on a - server. - type: object - properties: {} + instances: + items: + $ref: '#/components/schemas/Instance' + description: The list of servers. + type: array + nextPageToken: + type: string + description: A token identifying a page of results from the server. DisableHyperthreadingRequest: + type: object id: DisableHyperthreadingRequest description: >- Message requesting to perform disable hyperthreading operation on a server. - type: object properties: {} - RenameInstanceRequest: - id: RenameInstanceRequest - description: Message requesting rename of a server. - type: object + GoogleCloudBaremetalsolutionV2LogicalInterface: properties: - newInstanceId: - description: Required. The new `id` of the instance. + name: + description: >- + Interface name. This is of syntax or and forms part of the network + template name. type: string - ResetInstanceRequest: - id: ResetInstanceRequest - description: Message requesting to reset a server. - type: object - properties: {} - StartInstanceRequest: - id: StartInstanceRequest - description: Message requesting to start a server. + logicalNetworkInterfaces: + description: List of logical network interfaces within a logical interface. + items: + $ref: '#/components/schemas/LogicalNetworkInterface' + type: array + interfaceIndex: + type: integer + deprecated: true + format: int32 + description: >- + The index of the logical interface mapping to the index of the + hardware bond or nic on the chosen network template. This field is + deprecated. type: object - properties: {} - StopInstanceRequest: - id: StopInstanceRequest - description: Message requesting to stop a server. - type: object - properties: {} - EnableInteractiveSerialConsoleRequest: - id: EnableInteractiveSerialConsoleRequest - description: Message for enabling the interactive serial console on an instance. - type: object - properties: {} - DisableInteractiveSerialConsoleRequest: - id: DisableInteractiveSerialConsoleRequest - description: Message for disabling the interactive serial console on an instance. - type: object - properties: {} - DetachLunRequest: - id: DetachLunRequest - description: Message for detach specific LUN from an Instance. - type: object - properties: - lun: - description: Required. Name of the Lun to detach. - type: string - skipReboot: - description: If true, performs lun unmapping without instance reboot. - type: boolean - ListSSHKeysResponse: - id: ListSSHKeysResponse - description: Message for response of ListSSHKeys. - type: object - properties: - sshKeys: - description: The SSH keys registered in the project. - type: array - items: - $ref: '#/components/schemas/SSHKey' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string - Empty: - id: Empty description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object + Each logical interface represents a logical abstraction of the + underlying physical interface (for eg. bond, nic) of the instance. Each + logical interface can effectively map to multiple network-IP pairs and + still be mapped to one underlying physical interface. + id: GoogleCloudBaremetalsolutionV2LogicalInterface + EnableHyperthreadingRequest: properties: {} - ListVolumesResponse: - id: ListVolumesResponse - description: Response message containing the list of storage volumes. - type: object - properties: - volumes: - description: The list of storage volumes. - type: array - items: - $ref: '#/components/schemas/Volume' - nextPageToken: - description: A token identifying a page of results from the server. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - RenameVolumeRequest: - id: RenameVolumeRequest - description: Message requesting rename of a server. - type: object - properties: - newVolumeId: - description: Required. The new `id` of the volume. - type: string - EvictVolumeRequest: - id: EvictVolumeRequest - description: Request for skip volume cooloff and delete it. + description: >- + Message requesting to perform enable hyperthreading operation on a + server. + id: EnableHyperthreadingRequest type: object - properties: {} ResizeVolumeRequest: - id: ResizeVolumeRequest - description: Request for emergency resize Volume. type: object + description: Request for emergency resize Volume. + id: ResizeVolumeRequest properties: sizeGib: description: New Volume size, in GiB. type: string format: int64 + StartInstanceRequest: + description: Message requesting to start a server. + type: object + id: StartInstanceRequest + properties: {} + StopInstanceResponse: + properties: {} + description: Response message from stopping a server. + id: StopInstanceResponse + type: object ListNetworksResponse: - id: ListNetworksResponse - description: Response message containing the list of networks. type: object + description: Response message containing the list of networks. + id: ListNetworksResponse properties: networks: - description: The list of networks. - type: array items: $ref: '#/components/schemas/Network' + type: array + description: The list of networks. nextPageToken: - description: A token identifying a page of results from the server. type: string + description: A token identifying a page of results from the server. unreachable: description: Locations that could not be reached. type: array items: type: string - ListNetworkUsageResponse: - id: ListNetworkUsageResponse - description: Response with Networks with IPs + LoadInstanceAuthInfoResponse: + description: Response for LoadInstanceAuthInfo. type: object properties: - networks: - description: Networks with IPs. + userAccounts: + description: Map of username to the user account info. + type: object + additionalProperties: + $ref: '#/components/schemas/UserAccount' + sshKeys: + description: List of ssh keys. type: array items: - $ref: '#/components/schemas/NetworkUsage' - NetworkUsage: - id: NetworkUsage - description: Network with all used IP addresses. - type: object + $ref: '#/components/schemas/SSHKey' + id: LoadInstanceAuthInfoResponse + LunRange: + id: LunRange + description: A LUN(Logical Unit Number) range. properties: - network: - description: Network. - $ref: '#/components/schemas/Network' - usedIps: - description: All used IP addresses in this network. - type: array - items: - type: string - VolumeSnapshot: - id: VolumeSnapshot - description: A snapshot of a volume. Only boot volumes can have snapshots. + quantity: + format: int32 + type: integer + description: Number of LUNs to create. + sizeGb: + type: integer + description: The requested size of each LUN, in GB. + format: int32 type: object + InstanceConfig: + id: InstanceConfig properties: - name: - description: The name of the snapshot. + logicalInterfaces: + items: + $ref: >- + #/components/schemas/GoogleCloudBaremetalsolutionV2LogicalInterface + type: array + description: >- + List of logical interfaces for the instance. The number of logical + interfaces will be the same as number of hardware bond/nic on the + chosen network template. Filled if InstanceConfig.multivlan_config + is true. + userNote: type: string - id: description: >- - Output only. An identifier for the snapshot, generated by the - backend. - readOnly: true + User note field, it can be used by customers to add additional + information for the BMS Ops team . + networkTemplate: + description: >- + Server network template name. Filled if + InstanceConfig.multivlan_config is true. type: string - description: - description: The description of the snapshot. + instanceType: + description: >- + Instance type. [Available + types](https://cloud.google.com/bare-metal/docs/bms-planning#server_configurations) type: string - createTime: - description: Output only. The creation time of the snapshot. - readOnly: true + osImage: type: string - format: google-datetime - storageVolume: - description: Output only. The name of the volume which this snapshot belongs to. - readOnly: true + description: >- + OS image to initialize the instance. [Available + images](https://cloud.google.com/bare-metal/docs/bms-planning#server_configurations) + kmsKeyVersion: type: string - type: description: >- - Output only. The type of the snapshot which indicates whether it was - scheduled or manual/ad-hoc. - readOnly: true + Name of the KMS crypto key version used to encrypt the initial + passwords. The key has to have ASYMMETRIC_DECRYPT purpose. + hyperthreading: + description: >- + Whether the instance should be provisioned with Hyperthreading + enabled. + type: boolean + clientNetwork: + description: >- + Client network address. Filled if InstanceConfig.multivlan_config is + false. + deprecated: true + $ref: '#/components/schemas/NetworkAddress' + id: type: string - enumDescriptions: - - Type is not specified. - - Snapshot was taken manually by user. - - Snapshot was taken automatically as a part of a snapshot schedule. - enum: - - SNAPSHOT_TYPE_UNSPECIFIED - - AD_HOC - - SCHEDULED - RestoreVolumeSnapshotRequest: - id: RestoreVolumeSnapshotRequest - description: Message for restoring a volume snapshot. - type: object - properties: {} - ListVolumeSnapshotsResponse: - id: ListVolumeSnapshotsResponse - description: Response message containing the list of volume snapshots. - type: object - properties: - volumeSnapshots: - description: The list of snapshots. - type: array - items: - $ref: '#/components/schemas/VolumeSnapshot' - nextPageToken: - description: A token identifying a page of results from the server. + deprecated: true + description: >- + A transient unique identifier to identify an instance within an + ProvisioningConfig request. + name: + description: The name of the instance config. type: string - unreachable: - description: Locations that could not be reached. - type: array + sshKeyNames: items: type: string - ListLunsResponse: - id: ListLunsResponse - description: Response message containing the list of storage volume luns. - type: object - properties: - luns: - description: The list of luns. + description: Optional. List of names of ssh keys used to provision the instance. type: array - items: - $ref: '#/components/schemas/Lun' - nextPageToken: - description: A token identifying a page of results from the server. + networkConfig: type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - EvictLunRequest: - id: EvictLunRequest - description: Request for skip lun cooloff and delete it. + enum: + - NETWORKCONFIG_UNSPECIFIED + - SINGLE_VLAN + - MULTI_VLAN + description: The type of network configuration on the instance. + enumDescriptions: + - The unspecified network configuration. + - Instance part of single client network and single private network. + - >- + Instance part of multiple (or single) client networks and private + networks. + accountNetworksEnabled: + type: boolean + description: >- + If true networks can be from different projects of the same vendor + account. + privateNetwork: + $ref: '#/components/schemas/NetworkAddress' + deprecated: true + description: >- + Private network address, if any. Filled if + InstanceConfig.multivlan_config is false. + description: Configuration parameters for a new instance. type: object - properties: {} - NfsShare: - id: NfsShare - description: An NFS share. + NetworkAddressReservation: + description: A reservation of one or more addresses in a network. type: object + id: NetworkAddressReservation properties: - name: - description: Immutable. The name of the NFS share. + note: type: string - nfsShareId: + description: A note about this reservation, intended for human consumption. + startAddress: description: >- - Output only. An identifier for the NFS share, generated by the - backend. This field will be deprecated in the future, use `id` - instead. - readOnly: true + The first address of this reservation block. Must be specified as a + single IPv4 address, e.g. 10.1.2.2. type: string - id: + endAddress: description: >- - Output only. An identifier for the NFS share, generated by the - backend. This is the same value as nfs_share_id and will replace it - in the future. - readOnly: true + The last address of this reservation block, inclusive. I.e., for + cases when reservations are only single addresses, end_address and + start_address will be the same. Must be specified as a single IPv4 + address, e.g. 10.1.2.2. type: string - state: - description: Output only. The state of the NFS share. - readOnly: true + OSImage: + properties: + supportedNetworkTemplates: + items: + type: string + type: array + description: Network templates that can be used with this OS Image. + description: type: string - enumDescriptions: - - The share is in an unknown state. - - The share has been provisioned. - - The NFS Share is being created. - - The NFS Share is being updated. - - The NFS Share has been requested to be deleted. - enum: - - STATE_UNSPECIFIED - - PROVISIONED - - CREATING - - UPDATING - - DELETING - volume: - description: >- - Output only. The underlying volume of the share. Created - automatically during provisioning. + description: OS Image description. + name: readOnly: true + description: Output only. OS Image's unique name. type: string - allowedClients: - description: List of allowed access points. + applicableInstanceTypes: type: array items: - $ref: '#/components/schemas/AllowedClient' - labels: - description: Labels as key value pairs. - type: object - additionalProperties: type: string - requestedSizeGib: - description: The requested size, in GiB. + description: >- + Instance types this image is applicable to. [Available + types](https://cloud.google.com/bare-metal/docs/bms-planning#server_configurations) + code: + description: OS Image code. type: string - format: int64 - storageType: - description: Immutable. The storage type of the underlying volume. + type: object + description: Operation System image. + id: OSImage + IntakeVlanAttachment: + type: object + properties: + pairingKey: + description: Attachment pairing key. + type: string + id: + description: Identifier of the VLAN attachment. type: string + description: A GCP vlan attachment. + id: IntakeVlanAttachment + RenameVolumeRequest: + type: object + description: Message requesting rename of a server. + id: RenameVolumeRequest + properties: + newVolumeId: + type: string + description: Required. The new `id` of the volume. + Volume: + id: Volume + type: object + properties: + id: + description: An identifier for the `Volume`, generated by the backend. + type: string + instances: + items: + type: string + description: >- + Output only. Instances this Volume is attached to. This field is set + only in Get requests. + readOnly: true + type: array + storageType: enumDescriptions: - The storage type for this volume is unknown. - The storage type for this volume is SSD. @@ -1247,834 +975,1099 @@ components: - STORAGE_TYPE_UNSPECIFIED - SSD - HDD - pod: - description: >- - Immutable. Pod name. Pod is an independent part of infrastructure. - NFSShare can only be connected to the assets (networks, instances) - allocated in the same pod. type: string - AllowedClient: - id: AllowedClient - description: Represents an 'access point' for the share. - type: object - properties: - network: - description: The network the access point sits on. + description: The storage type for this volume. + originallyRequestedSizeGib: + description: Originally requested size, in GiB. type: string - shareIp: + format: int64 + snapshotReservationDetail: description: >- - Output only. The IP address of the share on this network. Assigned - automatically during provisioning based on the network's - services_cidr. - readOnly: true + Details about snapshot space reservation and usage on the storage + volume. + $ref: '#/components/schemas/SnapshotReservationDetail' + state: + enum: + - STATE_UNSPECIFIED + - CREATING + - READY + - DELETING + - UPDATING + - COOL_OFF + description: The state of this storage volume. type: string - allowedClientsCidr: - description: The subnet of IP addresses permitted to access the share. + enumDescriptions: + - The storage volume is in an unknown state. + - The storage volume is being created. + - The storage volume is ready for use. + - The storage volume has been requested to be deleted. + - The storage volume is being updated. + - >- + The storage volume is in cool off state. It will be deleted after + `expire_time`. + remainingSpaceGib: + format: int64 + description: >- + The space remaining in the storage volume for new LUNs, in GiB, + excluding space reserved for snapshots. type: string - mountPermissions: - description: Mount permissions. + protocol: type: string + readOnly: true + description: Output only. Storage protocol for the Volume. enumDescriptions: - - Permissions were not specified. - - NFS share can be mount with read-only permissions. - - NFS share can be mount with read-write permissions. + - Value is not specified. + - Fibre Channel protocol. + - >- + NFS protocol means Volume is a NFS Share volume. Such volumes + cannot be manipulated via Volumes API. enum: - - MOUNT_PERMISSIONS_UNSPECIFIED - - READ - - READ_WRITE - allowDev: - description: Allow dev flag. Which controls whether to allow creation of devices. - type: boolean - allowSuid: - description: Allow the setuid flag. - type: boolean - noRootSquash: - description: >- - Disable root squashing, which is a feature of NFS. Root squash is a - special mapping of the remote superuser (root) identity when using - identity authentication. - type: boolean - nfsPath: - description: >- - Output only. The path to access NFS, in format shareIP:/InstanceID - InstanceID is the generated ID instead of customer provided name. - example like "10.0.0.0:/g123456789-nfs001" - readOnly: true + - PROTOCOL_UNSPECIFIED + - FIBRE_CHANNEL + - NFS + performanceTier: + enum: + - VOLUME_PERFORMANCE_TIER_UNSPECIFIED + - VOLUME_PERFORMANCE_TIER_SHARED + - VOLUME_PERFORMANCE_TIER_ASSIGNED + - VOLUME_PERFORMANCE_TIER_HT + - VOLUME_PERFORMANCE_TIER_QOS2_PERFORMANCE type: string - ListNfsSharesResponse: - id: ListNfsSharesResponse - description: Response message containing the list of NFS shares. - type: object - properties: - nfsShares: - description: The list of NFS shares. - type: array - items: - $ref: '#/components/schemas/NfsShare' - nextPageToken: - description: A token identifying a page of results from the server. + enumDescriptions: + - Value is not specified. + - Regular volumes, shared aggregates. + - Assigned aggregates. + - High throughput aggregates. + - QoS 2.0 high performance storage. + description: Immutable. Performance tier of the Volume. Default is SHARED. + emergencySizeGib: type: string - unreachable: - description: Locations that could not be reached. - type: array - items: + description: >- + Additional emergency size that was requested for this Volume, in + GiB. current_size_gib includes this value. + format: int64 + requestedSizeGib: + description: The requested size of this storage volume, in GiB. + format: int64 + type: string + notes: + description: >- + Input only. User-specified notes for new Volume. Used to provision + Volumes that require manual intervention. + type: string + bootVolume: + type: boolean + readOnly: true + description: >- + Output only. Whether this volume is a boot volume. A boot volume is + one which contains a boot LUN. + labels: + additionalProperties: type: string - RenameNfsShareRequest: - id: RenameNfsShareRequest - description: Message requesting rename of a server. - type: object - properties: - newNfsshareId: - description: Required. The new `id` of the nfsshare. + description: Labels as key value pairs. + type: object + snapshotAutoDeleteBehavior: + enum: + - SNAPSHOT_AUTO_DELETE_BEHAVIOR_UNSPECIFIED + - DISABLED + - OLDEST_FIRST + - NEWEST_FIRST + enumDescriptions: + - The unspecified behavior. + - >- + Don't delete any snapshots. This disables new snapshot creation, + as long as the snapshot reserved space is full. + - Delete the oldest snapshots first. + - Delete the newest snapshots first. type: string - ListProvisioningQuotasResponse: - id: ListProvisioningQuotasResponse - description: Response message for the list of provisioning quotas. + description: The behavior to use when snapshot reserved space is full. + expireTime: + readOnly: true + description: >- + Output only. Time after which volume will be fully deleted. It is + filled only for volumes in COOLOFF state. + format: google-datetime + type: string + maxSizeGib: + type: string + description: Maximum size volume can be expanded to in case of evergency, in GiB. + format: int64 + autoGrownSizeGib: + description: >- + The size, in GiB, that this storage volume has expanded as a result + of an auto grow policy. In the absence of auto-grow, the value is 0. + format: int64 + type: string + workloadProfile: + enum: + - WORKLOAD_PROFILE_UNSPECIFIED + - GENERIC + - HANA + type: string + enumDescriptions: + - The workload profile is in an unknown state. + - The workload profile is generic. + - The workload profile is hana. + description: The workload profile for the volume. + snapshotEnabled: + type: boolean + description: Whether snapshots are enabled. + pod: + type: string + description: >- + Immutable. Pod name. Pod is an independent part of infrastructure. + Volume can only be connected to the instances allocated in the same + pod. + currentSizeGib: + format: int64 + description: >- + The current size of this storage volume, in GiB, including space + reserved for snapshots. This size might be different than the + requested size if the storage volume has been configured with auto + grow or auto shrink. + type: string + attached: + description: >- + Output only. Is the Volume attached at at least one instance. This + field is a lightweight counterpart of `instances` field. It is + filled in List responses as well. + type: boolean + readOnly: true + name: + description: >- + Output only. The resource name of this `Volume`. Resource names are + schemeless URIs that follow the conventions in + https://cloud.google.com/apis/design/resource_names. Format: + `projects/{project}/locations/{location}/volumes/{volume}` + type: string + readOnly: true + description: A storage volume. + StartInstanceResponse: + description: Response message from starting a server. + type: object + id: StartInstanceResponse + properties: {} + ListVolumesResponse: type: object + id: ListVolumesResponse properties: - provisioningQuotas: - description: The provisioning quotas registered in this project. + unreachable: type: array items: - $ref: '#/components/schemas/ProvisioningQuota' + type: string + description: Locations that could not be reached. nextPageToken: + description: A token identifying a page of results from the server. + type: string + volumes: + description: The list of storage volumes. + type: array + items: + $ref: '#/components/schemas/Volume' + description: Response message containing the list of storage volumes. + Status: + properties: + code: + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + details: + type: array description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + message: type: string - ProvisioningQuota: - id: ProvisioningQuota - description: A provisioning quota for a given project. + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: object + id: Status + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + Lun: + type: object + id: Lun + description: A storage volume logical unit number (LUN). properties: + sizeGb: + description: The size of this LUN, in GiB. + format: int64 + type: string + bootLun: + type: boolean + description: Display if this LUN is a boot LUN. + wwid: + type: string + description: The WWID for this LUN. name: - description: Output only. The name of the provisioning quota. readOnly: true + description: Output only. The name of the LUN. type: string - assetType: - description: The asset type of this provisioning quota. + shareable: + type: boolean + description: Display if this LUN can be shared between multiple physical servers. + instances: + type: array + readOnly: true + items: + type: string + description: Output only. Instances this Lun is attached to. + id: + description: An identifier for the LUN, generated by the backend. type: string - enumDescriptions: - - The unspecified type. - - The server asset type. - - The storage asset type. - - The network asset type. - enum: - - ASSET_TYPE_UNSPECIFIED - - ASSET_TYPE_SERVER - - ASSET_TYPE_STORAGE - - ASSET_TYPE_NETWORK - gcpService: - description: The gcp service of the provisioning quota. + expireTime: type: string - location: - description: The specific location of the provisioining quota. + readOnly: true + format: google-datetime + description: >- + Output only. Time after which LUN will be fully deleted. It is + filled only for LUNs in COOL_OFF state. + state: + enum: + - STATE_UNSPECIFIED + - CREATING + - UPDATING + - READY + - DELETING + - COOL_OFF + enumDescriptions: + - The LUN is in an unknown state. + - The LUN is being created. + - The LUN is being updated. + - The LUN is ready for use. + - The LUN has been requested to be deleted. + - >- + The LUN is in cool off state. It will be deleted after + `expire_time`. + description: The state of this storage volume. type: string - availableCount: - description: The available count of the provisioning quota. - type: integer - format: int32 - instanceQuota: - description: Instance quota. - $ref: '#/components/schemas/InstanceQuota' - serverCount: - description: Server count. + multiprotocolType: + description: >- + The LUN multiprotocol type ensures the characteristics of the LUN + are optimized for each operating system. + enumDescriptions: + - Server has no OS specified. + - Server with Linux OS. type: string - format: int64 - networkBandwidth: - description: Network bandwidth, Gbps + enum: + - MULTIPROTOCOL_TYPE_UNSPECIFIED + - LINUX + storageVolume: + description: Display the storage volume for this LUN. type: string - format: int64 - storageGib: - description: Storage size (GB). + storageType: + enumDescriptions: + - The storage type for this LUN is unknown. + - This storage type for this LUN is SSD. + - This storage type for this LUN is HDD. + description: The storage type for this LUN. type: string - format: int64 - InstanceQuota: - id: InstanceQuota - description: A resource budget. + enum: + - STORAGE_TYPE_UNSPECIFIED + - SSD + - HDD + DisableInteractiveSerialConsoleResponse: + properties: {} + type: object + id: DisableInteractiveSerialConsoleResponse + description: Message for response of DisableInteractiveSerialConsole. + NfsExport: + id: NfsExport + description: A NFS export entry. type: object properties: - name: - description: Output only. The name of the instance quota. - readOnly: true + allowDev: + description: Allow dev flag in NfsShare AllowedClientsRequest. + type: boolean + machineId: + description: >- + Either a single machine, identified by an ID, or a comma-separated + list of machine IDs. type: string - instanceType: - description: 'Instance type. Deprecated: use gcp_service.' - deprecated: true + networkId: type: string - gcpService: - description: The gcp service of the provisioning quota. + description: Network to use to publish the export. + permissions: + enumDescriptions: + - Unspecified value. + - Read-only permission. + - Read-write permission. + description: Export permissions. + enum: + - PERMISSIONS_UNSPECIFIED + - READ_ONLY + - READ_WRITE type: string - location: - description: Location where the quota applies. + cidr: type: string - availableMachineCount: + description: A CIDR range. + allowSuid: + type: boolean + description: Allow the setuid flag. + noRootSquash: description: >- - Number of machines than can be created for the given location and - instance_type. - type: integer - format: int32 - SubmitProvisioningConfigRequest: - id: SubmitProvisioningConfigRequest - description: Request for SubmitProvisioningConfig. + Disable root squashing, which is a feature of NFS. Root squash is a + special mapping of the remote superuser (root) identity when using + identity authentication. + type: boolean + Operation: + description: >- + This resource represents a long-running operation that is the result of + a network API call. + id: Operation type: object properties: - provisioningConfig: - description: Required. The ProvisioningConfig to create. - $ref: '#/components/schemas/ProvisioningConfig' - email: + done: + type: boolean description: >- - Optional. Email provided to send a confirmation with provisioning - config to. - type: string - ProvisioningConfig: - id: ProvisioningConfig - description: A provisioning configuration. - type: object - properties: + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. name: - description: >- - Output only. The system-generated name of the provisioning config. - This follows the UUID format. - readOnly: true - type: string - instances: - description: Instances to be created. - type: array - items: - $ref: '#/components/schemas/InstanceConfig' - networks: - description: Networks to be created. - type: array - items: - $ref: '#/components/schemas/NetworkConfig' - volumes: - description: Volumes to be created. - type: array - items: - $ref: '#/components/schemas/VolumeConfig' - ticketId: - description: A generated ticket id to track provisioning request. type: string - handoverServiceAccount: description: >- - A service account to enable customers to access instance credentials - upon handover. - type: string - email: + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + metadata: + type: object description: >- - Email provided to send a confirmation with provisioning config to. - Deprecated in favour of email field in request messages. - deprecated: true - type: string - state: - description: Output only. State of ProvisioningConfig. - readOnly: true + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + response: + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + error: + $ref: '#/components/schemas/Status' + description: >- + The error result of the operation in case of failure or + cancellation. + RenameNetworkRequest: + type: object + properties: + newNetworkId: type: string + description: Required. The new `id` of the network. + description: Message requesting rename of a server. + id: RenameNetworkRequest + VolumeConfig: + id: VolumeConfig + description: Configuration parameters for a new volume. + properties: + type: + description: The type of this Volume. enumDescriptions: - - State wasn't specified. - - ProvisioningConfig is a draft and can be freely modified. - - ProvisioningConfig was already submitted and cannot be modified. - - >- - ProvisioningConfig was in the provisioning state. Initially this - state comes from the work order table in big query when SNOW is - used. Later this field can be set by the work order API. - - ProvisioningConfig was provisioned, meaning the resources exist. - - >- - ProvisioningConfig was validated. A validation tool will be run to - set this state. - - ProvisioningConfig was canceled. - - The request is submitted for provisioning, with error return. + - The unspecified type. + - This Volume is on flash. + - This Volume is on disk. + type: string enum: - - STATE_UNSPECIFIED - - DRAFT - - SUBMITTED - - PROVISIONING - - PROVISIONED - - VALIDATED - - CANCELLED - - FAILED - location: + - TYPE_UNSPECIFIED + - FLASH + - DISK + machineIds: + type: array description: >- - Optional. Location name of this ProvisioningConfig. It is optional - only for Intake UI transition period. + Machine ids connected to this volume. Set only when protocol is + PROTOCOL_FC. + items: + type: string + userNote: type: string - updateTime: - description: Output only. Last update timestamp. + description: >- + User note field, it can be used by customers to add additional + information for the BMS Ops team . + name: + type: string + description: Output only. The name of the volume config. readOnly: true + snapshotsEnabled: + type: boolean + description: Whether snapshots should be enabled. + nfsExports: + items: + $ref: '#/components/schemas/NfsExport' + description: NFS exports. Set only when protocol is PROTOCOL_NFS. + type: array + lunRanges: + items: + $ref: '#/components/schemas/LunRange' + type: array + description: LUN ranges to be configured. Set only when protocol is PROTOCOL_FC. + protocol: type: string - format: google-datetime - cloudConsoleUri: + enum: + - PROTOCOL_UNSPECIFIED + - PROTOCOL_FC + - PROTOCOL_NFS + description: Volume protocol. + enumDescriptions: + - Unspecified value. + - Fibre channel. + - Network file system. + sizeGb: + description: The requested size of this volume, in GB. + format: int32 + type: integer + gcpService: description: >- - Output only. URI to Cloud Console UI view of this provisioning - config. - readOnly: true - type: string - vpcScEnabled: - description: If true, VPC SC is enabled for the cluster. - type: boolean - statusMessage: - description: Optional status messages associated with the FAILED state. + The GCP service of the storage volume. Available gcp_service are in + https://cloud.google.com/bare-metal/docs/bms-planning. type: string - customId: - description: Optional. The user-defined identifier of the provisioning config. + performanceTier: type: string - pod: + enum: + - VOLUME_PERFORMANCE_TIER_UNSPECIFIED + - VOLUME_PERFORMANCE_TIER_SHARED + - VOLUME_PERFORMANCE_TIER_ASSIGNED + - VOLUME_PERFORMANCE_TIER_HT + - VOLUME_PERFORMANCE_TIER_QOS2_PERFORMANCE + enumDescriptions: + - Value is not specified. + - Regular volumes, shared aggregates. + - Assigned aggregates. + - High throughput aggregates. + - QoS 2.0 high performance storage. + description: Performance tier of the Volume. Default is SHARED. + id: description: >- - Optional. Pod name. Pod is an independent part of infrastructure. - Instance can be connected to the assets (networks, volumes, - nfsshares) allocated in the same pod only. + A transient unique identifier to identify a volume within an + ProvisioningConfig request. type: string - InstanceConfig: - id: InstanceConfig - description: Configuration parameters for a new instance. + type: object + ListVolumeSnapshotsResponse: type: object properties: - name: - description: The name of the instance config. + nextPageToken: + description: A token identifying a page of results from the server. type: string - id: + unreachable: + items: + type: string + type: array + description: Locations that could not be reached. + volumeSnapshots: + description: The list of snapshots. + items: + $ref: '#/components/schemas/VolumeSnapshot' + type: array + description: Response message containing the list of volume snapshots. + id: ListVolumeSnapshotsResponse + DisableInteractiveSerialConsoleRequest: + type: object + description: Message for disabling the interactive serial console on an instance. + id: DisableInteractiveSerialConsoleRequest + properties: {} + EvictLunRequest: + id: EvictLunRequest + description: Request for skip lun cooloff and delete it. + properties: {} + type: object + Empty: + type: object + properties: {} + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: Empty + Location: + description: A resource that represents a Google Cloud location. + properties: + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + labels: + additionalProperties: + type: string description: >- - A transient unique identifier to identify an instance within an - ProvisioningConfig request. - deprecated: true + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + type: object + name: type: string - instanceType: description: >- - Instance type. [Available - types](https://cloud.google.com/bare-metal/docs/bms-planning#server_configurations) + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + displayName: type: string - hyperthreading: description: >- - Whether the instance should be provisioned with Hyperthreading - enabled. - type: boolean - osImage: + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object description: >- - OS image to initialize the instance. [Available - images](https://cloud.google.com/bare-metal/docs/bms-planning#server_configurations) + Service-specific metadata. For example the available capacity at the + given location. + id: Location + type: object + InstanceQuota: + id: InstanceQuota + type: object + description: A resource budget. + properties: + location: + description: Location where the quota applies. type: string - clientNetwork: - description: >- - Client network address. Filled if InstanceConfig.multivlan_config is - false. - deprecated: true - $ref: '#/components/schemas/NetworkAddress' - privateNetwork: + name: + readOnly: true + type: string + description: Output only. The name of the instance quota. + availableMachineCount: + format: int32 description: >- - Private network address, if any. Filled if - InstanceConfig.multivlan_config is false. + Number of machines than can be created for the given location and + instance_type. + type: integer + instanceType: deprecated: true - $ref: '#/components/schemas/NetworkAddress' - userNote: - description: >- - User note field, it can be used by customers to add additional - information for the BMS Ops team . + description: 'Instance type. Deprecated: use gcp_service.' type: string - accountNetworksEnabled: - description: >- - If true networks can be from different projects of the same vendor - account. + gcpService: + type: string + description: The gcp service of the provisioning quota. + EnableInteractiveSerialConsoleResponse: + id: EnableInteractiveSerialConsoleResponse + properties: {} + description: Message for response of EnableInteractiveSerialConsole. + type: object + DetachLunRequest: + type: object + properties: + skipReboot: + description: If true, performs lun unmapping without instance reboot. type: boolean - networkConfig: - description: The type of network configuration on the instance. + lun: + description: Required. Name of the Lun to detach. type: string - enumDescriptions: - - The unspecified network configuration. - - Instance part of single client network and single private network. - - >- - Instance part of multiple (or single) client networks and private - networks. - enum: - - NETWORKCONFIG_UNSPECIFIED - - SINGLE_VLAN - - MULTI_VLAN - networkTemplate: - description: >- - Server network template name. Filled if - InstanceConfig.multivlan_config is true. + description: Message for detach specific LUN from an Instance. + id: DetachLunRequest + NetworkAddress: + description: A network. + id: NetworkAddress + properties: + address: + description: IPv4 address to be assigned to the server. type: string - logicalInterfaces: - description: >- - List of logical interfaces for the instance. The number of logical - interfaces will be the same as number of hardware bond/nic on the - chosen network template. Filled if InstanceConfig.multivlan_config - is true. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudBaremetalsolutionV2LogicalInterface - sshKeyNames: - description: Optional. List of names of ssh keys used to provision the instance. - type: array - items: - type: string - kmsKeyVersion: + existingNetworkId: + type: string + description: Name of the existing network to use. + networkId: description: >- - Name of the KMS crypto key version used to encrypt the initial - passwords. The key has to have ASYMMETRIC_DECRYPT purpose. + Id of the network to use, within the same ProvisioningConfig + request. type: string - NetworkAddress: - id: NetworkAddress - description: A network. + type: object + RestoreVolumeSnapshotRequest: + type: object + description: Message for restoring a volume snapshot. + id: RestoreVolumeSnapshotRequest + properties: {} + VlanAttachment: + description: VLAN attachment details. type: object properties: - networkId: + pairingKey: + description: Input only. Pairing key. + type: string + interconnectAttachment: + description: >- + Optional. The name of the vlan attachment within vrf. This is of the + form + projects/{project_number}/regions/{region}/interconnectAttachments/{interconnect_attachment} + type: string + peerVlanId: + description: The peer vlan ID of the attachment. + format: int64 + type: string + qosPolicy: + $ref: '#/components/schemas/QosPolicy' description: >- - Id of the network to use, within the same ProvisioningConfig - request. + The QOS policy applied to this VLAN attachment. This value should be + preferred to using qos at vrf level. + id: + description: Immutable. The identifier of the attachment within vrf. type: string - address: - description: IPv4 address to be assigned to the server. + peerIp: + description: The peer IP of the attachment. type: string - existingNetworkId: - description: Name of the existing network to use. + routerIp: + description: The router IP of the attachment. type: string - NetworkConfig: - id: NetworkConfig - description: Configuration parameters for a new network. + id: VlanAttachment + ServerNetworkTemplate: type: object + description: Network template. + id: ServerNetworkTemplate properties: + logicalInterfaces: + type: array + description: Logical interfaces. + items: + $ref: >- + #/components/schemas/GoogleCloudBaremetalsolutionV2ServerNetworkTemplateLogicalInterface name: - description: Output only. The name of the network config. readOnly: true - type: string - id: description: >- - A transient unique identifier to identify a volume within an - ProvisioningConfig request. + Output only. Template's unique name. The full resource name follows + the pattern: + `projects/{project}/locations/{location}/serverNetworkTemplate/{server_network_template}` + Generally, the {server_network_template} follows the syntax of + "bond" or "nic". type: string - type: - description: The type of this network, either Client or Private. + applicableInstanceTypes: + description: Instance types this template is applicable to. + items: + type: string + type: array + Instance: + properties: + state: + readOnly: true type: string - enumDescriptions: - - Unspecified value. - - Client network, that is a network peered to a GCP VPC. - - Private network, that is a network local to the BMS POD. + description: Output only. The state of the server. enum: - - TYPE_UNSPECIFIED - - CLIENT - - PRIVATE - bandwidth: - description: Interconnect bandwidth. Set only when type is CLIENT. - type: string + - STATE_UNSPECIFIED + - PROVISIONING + - RUNNING + - DELETED + - UPDATING + - STARTING + - STOPPING + - SHUTDOWN enumDescriptions: - - Unspecified value. - - 1 Gbps. - - 2 Gbps. - - 5 Gbps. - - 10 Gbps. - enum: - - BANDWIDTH_UNSPECIFIED - - BW_1_GBPS - - BW_2_GBPS - - BW_5_GBPS - - BW_10_GBPS - vlanAttachments: - description: >- - List of VLAN attachments. As of now there are always 2 attachments, - but it is going to change in the future (multi vlan). Use only one - of vlan_attachments or vrf + - The server is in an unknown state. + - The server is being provisioned. + - The server is running. + - The server has been deleted. + - The server is being updated. + - The server is starting. + - The server is stopping. + - The server is shutdown. + sshKeys: type: array + description: Optional. List of SSH Keys used during instance provisioning. items: - $ref: '#/components/schemas/IntakeVlanAttachment' - vrf: + type: string + volumes: + type: array description: >- - Optional. The name of a pre-existing Vrf that the network should be - attached to. Format is `vrfs/{vrf}`. If vrf is specified, - vlan_attachments must be empty. - type: string - cidr: - description: CIDR range of the network. - type: string - serviceCidr: - description: Service CIDR, if any. + Input only. List of Volumes to attach to this Instance on creation. + This field won't be populated in Get/List responses. + items: + $ref: '#/components/schemas/Volume' + loginInfo: + description: Output only. Text field about info for logging in. type: string - enumDescriptions: - - Unspecified value. - - Services are disabled for the given network. - - Use the highest /26 block of the network to host services. - - Use the highest /27 block of the network to host services. - - Use the highest /28 block of the network to host services. - enum: - - SERVICE_CIDR_UNSPECIFIED - - DISABLED - - HIGH_26 - - HIGH_27 - - HIGH_28 - userNote: - description: >- - User note field, it can be used by customers to add additional - information for the BMS Ops team . + readOnly: true + name: type: string - gcpService: description: >- - The GCP service of the network. Available gcp_service are in - https://cloud.google.com/bare-metal/docs/bms-planning. - type: string - vlanSameProject: - description: Whether the VLAN attachment pair is located in the same project. - type: boolean - jumboFramesEnabled: - description: The JumboFramesEnabled option for customer to set. - type: boolean - IntakeVlanAttachment: - id: IntakeVlanAttachment - description: A GCP vlan attachment. - type: object - properties: - id: - description: Identifier of the VLAN attachment. + Immutable. The resource name of this `Instance`. Resource names are + schemeless URIs that follow the conventions in + https://cloud.google.com/apis/design/resource_names. Format: + `projects/{project}/locations/{location}/instances/{instance}` + updateTime: + description: Output only. Update a time stamp. + format: google-datetime + readOnly: true type: string - pairingKey: - description: Attachment pairing key. + pod: type: string - VolumeConfig: - id: VolumeConfig - description: Configuration parameters for a new volume. - type: object - properties: - name: - description: Output only. The name of the volume config. - readOnly: true + description: >- + Immutable. Pod name. Pod is an independent part of infrastructure. + Instance can only be connected to the assets (networks, volumes) + allocated in the same pod. + luns: + description: Immutable. List of LUNs associated with this server. + type: array + items: + $ref: '#/components/schemas/Lun' + workloadProfile: + description: The workload profile for the instance. + enum: + - WORKLOAD_PROFILE_UNSPECIFIED + - WORKLOAD_PROFILE_GENERIC + - WORKLOAD_PROFILE_HANA type: string + enumDescriptions: + - The workload profile is in an unknown state. + - The workload profile is generic. + - The workload profile is hana. + logicalInterfaces: + description: >- + List of logical interfaces for the instance. The number of logical + interfaces will be the same as number of hardware bond/nic on the + chosen network template. For the non-multivlan configurations (for + eg, existing servers) that use existing default network template + (bondaa-bondaa), both the Instance.networks field and the + Instance.logical_interfaces fields will be filled to ensure backward + compatibility. For the others, only Instance.logical_interfaces will + be filled. + items: + $ref: >- + #/components/schemas/GoogleCloudBaremetalsolutionV2LogicalInterface + type: array id: description: >- - A transient unique identifier to identify a volume within an - ProvisioningConfig request. + Output only. An identifier for the `Instance`, generated by the + backend. type: string - snapshotsEnabled: - description: Whether snapshots should be enabled. - type: boolean - type: - description: The type of this Volume. + readOnly: true + osImage: + description: The OS image currently installed on the server. type: string - enumDescriptions: - - The unspecified type. - - This Volume is on flash. - - This Volume is on disk. - enum: - - TYPE_UNSPECIFIED - - FLASH - - DISK - protocol: - description: Volume protocol. + machineType: type: string - enumDescriptions: - - Unspecified value. - - Fibre channel. - - Network file system. - enum: - - PROTOCOL_UNSPECIFIED - - PROTOCOL_FC - - PROTOCOL_NFS - sizeGb: - description: The requested size of this volume, in GB. - type: integer - format: int32 - lunRanges: - description: LUN ranges to be configured. Set only when protocol is PROTOCOL_FC. - type: array - items: - $ref: '#/components/schemas/LunRange' - machineIds: description: >- - Machine ids connected to this volume. Set only when protocol is - PROTOCOL_FC. + Immutable. The server type. [Available server + types](https://cloud.google.com/bare-metal/docs/bms-planning#server_configurations) + createTime: + format: google-datetime + type: string + description: Output only. Create a time stamp. + readOnly: true + networks: + readOnly: true type: array + description: Output only. List of networks associated with this server. items: + $ref: '#/components/schemas/Network' + labels: + additionalProperties: type: string - nfsExports: - description: NFS exports. Set only when protocol is PROTOCOL_NFS. - type: array - items: - $ref: '#/components/schemas/NfsExport' - userNote: + type: object + description: Labels as key value pairs. + interactiveSerialConsoleEnabled: description: >- - User note field, it can be used by customers to add additional - information for the BMS Ops team . - type: string - gcpService: + Output only. True if the interactive serial console feature is + enabled for the instance, false otherwise. The default value is + false. + type: boolean + readOnly: true + hyperthreadingEnabled: description: >- - The GCP service of the storage volume. Available gcp_service are in - https://cloud.google.com/bare-metal/docs/bms-planning. + True if you enable hyperthreading for the server, otherwise false. + The default value is false. + type: boolean + kmsKeyVersion: + description: >- + Optional. Name of the KMS crypto key version used to encrypt the + initial passwords. The key has to have ASYMMETRIC_DECRYPT purpose. + Format is + `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}/cryptoKeyVersions/{version}`. type: string - performanceTier: - description: Performance tier of the Volume. Default is SHARED. + firmwareVersion: + readOnly: true type: string - enumDescriptions: - - Value is not specified. - - Regular volumes, shared aggregates. - - Assigned aggregates. - - High throughput aggregates. - - QoS 2.0 high performance storage. - enum: - - VOLUME_PERFORMANCE_TIER_UNSPECIFIED - - VOLUME_PERFORMANCE_TIER_SHARED - - VOLUME_PERFORMANCE_TIER_ASSIGNED - - VOLUME_PERFORMANCE_TIER_HT - - VOLUME_PERFORMANCE_TIER_QOS2_PERFORMANCE - LunRange: - id: LunRange - description: A LUN(Logical Unit Number) range. + description: Output only. The firmware version for the instance. + networkTemplate: + type: string + description: >- + Instance network template name. For eg, bondaa-bondaa, bondab-nic, + etc. Generally, the template name follows the syntax of "bond" or + "nic". + type: object + id: Instance + description: A server. + EnableInteractiveSerialConsoleRequest: + id: EnableInteractiveSerialConsoleRequest + properties: {} type: object + description: Message for enabling the interactive serial console on an instance. + QosPolicy: + id: QosPolicy + description: QOS policy parameters. properties: - quantity: - description: Number of LUNs to create. - type: integer - format: int32 - sizeGb: - description: The requested size of each LUN, in GB. - type: integer - format: int32 - NfsExport: - id: NfsExport - description: A NFS export entry. + bandwidthGbps: + format: double + type: number + description: The bandwidth permitted by the QOS policy, in gbps. + type: object + ListLocationsResponse: + description: The response message for Locations.ListLocations. + id: ListLocationsResponse type: object properties: - networkId: - description: Network to use to publish the export. + nextPageToken: + description: The standard List next-page token. type: string - machineId: + locations: description: >- - Either a single machine, identified by an ID, or a comma-separated - list of machine IDs. + A list of locations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Location' + type: array + NetworkMountPoint: + properties: + instance: + description: Instance to attach network to. type: string - cidr: - description: A CIDR range. + defaultGateway: + description: Network should be a default gateway. + type: boolean + logicalInterface: + description: Logical interface to detach from. type: string - permissions: - description: Export permissions. + ipAddress: type: string - enumDescriptions: - - Unspecified value. - - Read-only permission. - - Read-write permission. - enum: - - PERMISSIONS_UNSPECIFIED - - READ_ONLY - - READ_WRITE - noRootSquash: - description: >- - Disable root squashing, which is a feature of NFS. Root squash is a - special mapping of the remote superuser (root) identity when using - identity authentication. - type: boolean - allowSuid: - description: Allow the setuid flag. - type: boolean - allowDev: - description: Allow dev flag in NfsShare AllowedClientsRequest. - type: boolean + description: Ip address of the server. + type: object + id: NetworkMountPoint + description: Mount point for a network. SubmitProvisioningConfigResponse: - id: SubmitProvisioningConfigResponse description: Response for SubmitProvisioningConfig. type: object + id: SubmitProvisioningConfigResponse properties: provisioningConfig: description: The submitted provisioning config. $ref: '#/components/schemas/ProvisioningConfig' - RenameNetworkRequest: - id: RenameNetworkRequest - description: Message requesting rename of a server. - type: object - properties: - newNetworkId: - description: Required. The new `id` of the network. - type: string ListOSImagesResponse: - id: ListOSImagesResponse - description: Request for getting all available OS images. type: object + id: ListOSImagesResponse properties: + nextPageToken: + type: string + description: >- + Token to retrieve the next page of results, or empty if there are no + more results in the list. osImages: description: The OS images available. type: array items: $ref: '#/components/schemas/OSImage' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string - OSImage: - id: OSImage - description: Operation System image. + description: Request for getting all available OS images. + ResetInstanceRequest: + id: ResetInstanceRequest + type: object + properties: {} + description: Message requesting to reset a server. + RenameInstanceRequest: type: object + id: RenameInstanceRequest + description: Message requesting rename of a server. properties: - name: - description: Output only. OS Image's unique name. - readOnly: true - type: string - code: - description: OS Image code. + newInstanceId: type: string - description: - description: OS Image description. + description: Required. The new `id` of the instance. + Network: + properties: + mountPoints: + description: Input only. List of mount points to attach the network to. + type: array + items: + $ref: '#/components/schemas/NetworkMountPoint' + pod: + description: >- + Immutable. Pod name. Pod is an independent part of infrastructure. + Network can only be connected to the assets (instances, nfsshares) + allocated in the same pod. type: string - applicableInstanceTypes: + vrfAttachment: description: >- - Instance types this image is applicable to. [Available - types](https://cloud.google.com/bare-metal/docs/bms-planning#server_configurations) + Optional. The name of a pre-existing Vrf that the network should be + attached to. Format is `vrfs/{vrf}`. + type: string + macAddress: type: array + description: List of physical interfaces. items: type: string - supportedNetworkTemplates: - description: Network templates that can be used with this OS Image. - type: array - items: + labels: + type: object + additionalProperties: type: string - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object - properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. + description: Labels as key value pairs. + jumboFramesEnabled: + type: boolean + description: Whether network uses standard frames or jumbo ones. + type: + enumDescriptions: + - Unspecified value. + - Client network, a network peered to a Google Cloud VPC. + - >- + Private network, a network local to the Bare Metal Solution + environment. + type: string + description: The type of this network. + enum: + - TYPE_UNSPECIFIED + - CLIENT + - PRIVATE + servicesCidr: + type: string + description: IP range for reserved for services (e.g. NFS). + state: + enum: + - STATE_UNSPECIFIED + - PROVISIONING + - PROVISIONED + - DEPROVISIONING + - UPDATING + description: The Network state. type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: + enumDescriptions: + - The Network is in an unknown state. + - The Network is provisioning. + - The Network has been provisioned. + - The Network is being deprovisioned. + - The Network is being updated. name: + type: string description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + Output only. The resource name of this `Network`. Resource names are + schemeless URIs that follow the conventions in + https://cloud.google.com/apis/design/resource_names. Format: + `projects/{project}/locations/{location}/networks/{network}` + readOnly: true + id: + description: An identifier for the `Network`, generated by the backend. type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + gatewayIp: type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + description: Output only. Gateway ip address. + readOnly: true + cidr: type: string - labels: + description: The cidr of the Network. + ipAddress: + description: IP address configured. + type: string + vrf: + $ref: '#/components/schemas/VRF' description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: + The Vrf for the Network. Use this only if a new Vrf needs to be + created. + reservations: description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ResetInstanceResponse: - id: ResetInstanceResponse - description: Response message from resetting a server. + List of IP address reservations in this network. When updating this + field, an error will be generated if a reservation conflicts with an + IP address already allocated to a physical server. + items: + $ref: '#/components/schemas/NetworkAddressReservation' + type: array + vlanId: + description: The vlan id of the Network. + type: string + description: A Network. type: object + id: Network + StopInstanceRequest: properties: {} - ServerNetworkTemplate: - id: ServerNetworkTemplate - description: Network template. + description: Message requesting to stop a server. + id: StopInstanceRequest type: object - properties: - name: - description: >- - Output only. Template's unique name. The full resource name follows - the pattern: - `projects/{project}/locations/{location}/serverNetworkTemplate/{server_network_template}` - Generally, the {server_network_template} follows the syntax of - "bond" or "nic". - readOnly: true - type: string - applicableInstanceTypes: - description: Instance types this template is applicable to. - type: array - items: - type: string - logicalInterfaces: - description: Logical interfaces. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudBaremetalsolutionV2ServerNetworkTemplateLogicalInterface - GoogleCloudBaremetalsolutionV2ServerNetworkTemplateLogicalInterface: - id: GoogleCloudBaremetalsolutionV2ServerNetworkTemplateLogicalInterface - description: Logical interface. + EvictVolumeRequest: + type: object + properties: {} + id: EvictVolumeRequest + description: Request for skip volume cooloff and delete it. + AllowedClient: + description: Represents an 'access point' for the share. type: object properties: - name: + nfsPath: + type: string + readOnly: true description: >- - Interface name. This is not a globally unique identifier. Name is - unique only inside the ServerNetworkTemplate. This is of syntax or - and forms part of the network template name. + Output only. The path to access NFS, in format shareIP:/InstanceID + InstanceID is the generated ID instead of customer provided name. + example like "10.0.0.0:/g123456789-nfs001" + noRootSquash: + type: boolean + description: >- + Disable root squashing, which is a feature of NFS. Root squash is a + special mapping of the remote superuser (root) identity when using + identity authentication. + allowDev: + type: boolean + description: Allow dev flag. Which controls whether to allow creation of devices. + allowedClientsCidr: + description: The subnet of IP addresses permitted to access the share. type: string - type: - description: Interface type. + allowSuid: + description: Allow the setuid flag. + type: boolean + network: type: string + description: The network the access point sits on. + mountPermissions: enumDescriptions: - - Unspecified value. - - Bond interface type. - - NIC interface type. + - Permissions were not specified. + - NFS share can be mount with read-only permissions. + - NFS share can be mount with read-write permissions. + description: Mount permissions. enum: - - INTERFACE_TYPE_UNSPECIFIED - - BOND - - NIC - required: - description: If true, interface must have network connected. - type: boolean - StartInstanceResponse: - id: StartInstanceResponse - description: Response message from starting a server. - type: object - properties: {} - StopInstanceResponse: - id: StopInstanceResponse - description: Response message from stopping a server. - type: object - properties: {} - EnableInteractiveSerialConsoleResponse: - id: EnableInteractiveSerialConsoleResponse - description: Message for response of EnableInteractiveSerialConsole. - type: object - properties: {} - DisableInteractiveSerialConsoleResponse: - id: DisableInteractiveSerialConsoleResponse - description: Message for response of DisableInteractiveSerialConsole. - type: object - properties: {} + - MOUNT_PERMISSIONS_UNSPECIFIED + - READ + - READ_WRITE + type: string + shareIp: + type: string + readOnly: true + description: >- + Output only. The IP address of the share on this network. Assigned + automatically during provisioning based on the network's + services_cidr. + id: AllowedClient parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: alt + name: upload_protocol schema: type: string - enum: - - json - - media - - proto - callback: - description: JSONP + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: callback + name: oauth_token schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: fields + name: quotaUser schema: type: string key: @@ -2086,31 +2079,25 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + _.xgafv: + description: V1 error format. in: query - name: oauth_token + name: $.xgafv schema: type: string + enum: + - '1' + - '2' prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + access_token: + description: OAuth access token. in: query - name: upload_protocol + name: access_token schema: type: string uploadType: @@ -2119,246 +2106,237 @@ components: name: uploadType schema: type: string - _.xgafv: - description: V1 error format. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: $.xgafv + name: fields schema: type: string - enum: - - '1' - - '2' + callback: + description: JSONP + in: query + name: callback + schema: + type: string + alt: + description: Data format for response. + in: query + name: alt + schema: + type: string + enum: + - json + - media + - proto x-stackQL-resources: - locations: - id: google.baremetalsolution.locations - name: locations - title: Locations + os_images: + id: google.baremetalsolution.os_images + name: os_images + title: Os_images methods: - list: + get: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1locations/get' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1osImages~1{osImagesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.locations - get: + list: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}/get' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1osImages/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.osImages sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' + - $ref: '#/components/x-stackQL-resources/os_images/methods/get' + - $ref: '#/components/x-stackQL-resources/os_images/methods/list' insert: [] update: [] replace: [] delete: [] - instances: - id: google.baremetalsolution.instances - name: instances - title: Instances + ssh_keys: + id: google.baremetalsolution.ssh_keys + name: ssh_keys + title: Ssh_keys methods: list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.instances - get: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - load_auth_info: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:loadAuthInfo/get - response: - mediaType: application/json - openAPIDocKey: '200' - reimage: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:reimage/post - response: - mediaType: application/json - openAPIDocKey: '200' - enable_hyperthreading: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:enableHyperthreading/post - response: - mediaType: application/json - openAPIDocKey: '200' - disable_hyperthreading: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:disableHyperthreading/post - response: - mediaType: application/json - openAPIDocKey: '200' - rename: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:rename/post - response: - mediaType: application/json - openAPIDocKey: '200' - reset: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:reset/post - response: - mediaType: application/json - openAPIDocKey: '200' - start: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:start/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1sshKeys/get response: mediaType: application/json openAPIDocKey: '200' - stop: + objectKey: $.sshKeys + create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:stop/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1sshKeys/post response: mediaType: application/json openAPIDocKey: '200' - enable_interactive_serial_console: + delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:enableInteractiveSerialConsole/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1sshKeys~1{sshKeysId}/delete response: mediaType: application/json openAPIDocKey: '200' - disable_interactive_serial_console: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/ssh_keys/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/ssh_keys/methods/create' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/ssh_keys/methods/delete' + operations: + id: google.baremetalsolution.operations + name: operations + title: Operations + methods: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:disableInteractiveSerialConsole/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - detach_lun: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + insert: [] + update: [] + replace: [] + delete: [] + provisioning_quotas: + id: google.baremetalsolution.provisioning_quotas + name: provisioning_quotas + title: Provisioning_quotas + methods: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:detachLun/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1provisioningQuotas/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.provisioningQuotas sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/instances/methods/get' - - $ref: '#/components/x-stackQL-resources/instances/methods/list' + - $ref: '#/components/x-stackQL-resources/provisioning_quotas/methods/list' insert: [] - update: - - $ref: '#/components/x-stackQL-resources/instances/methods/patch' + update: [] replace: [] delete: [] - ssh_keys: - id: google.baremetalsolution.ssh_keys - name: ssh_keys - title: Ssh_keys + provisioning_configs: + id: google.baremetalsolution.provisioning_configs + name: provisioning_configs + title: Provisioning_configs methods: - list: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1sshKeys/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1provisioningConfigs~1{provisioningConfigsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1provisioningConfigs~1{provisioningConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sshKeys create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1sshKeys/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1provisioningConfigs/post response: mediaType: application/json openAPIDocKey: '200' - delete: + submit: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1sshKeys~1{sshKeysId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1provisioningConfigs:submit/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/ssh_keys/methods/list' + - $ref: '#/components/x-stackQL-resources/provisioning_configs/methods/get' insert: - - $ref: '#/components/x-stackQL-resources/ssh_keys/methods/create' - update: [] + - $ref: >- + #/components/x-stackQL-resources/provisioning_configs/methods/create + update: + - $ref: >- + #/components/x-stackQL-resources/provisioning_configs/methods/patch replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/ssh_keys/methods/delete' - volumes: - id: google.baremetalsolution.volumes - name: volumes - title: Volumes + delete: [] + networks: + id: google.baremetalsolution.networks + name: networks + title: Networks methods: - list: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.volumes - get: + rename: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1networks~1{networksId}:rename/post response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1networks~1{networksId}/patch response: mediaType: application/json openAPIDocKey: '200' - rename: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}:rename/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1networks~1{networksId}/get response: mediaType: application/json openAPIDocKey: '200' - evict: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}:evict/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1networks/get response: mediaType: application/json openAPIDocKey: '200' - resize: + objectKey: $.networks + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/networks/methods/get' + - $ref: '#/components/x-stackQL-resources/networks/methods/list' + insert: [] + update: + - $ref: '#/components/x-stackQL-resources/networks/methods/patch' + replace: [] + delete: [] + network_usage: + id: google.baremetalsolution.network_usage + name: network_usage + title: Network_usage + methods: + list_network_usage: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}:resize/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1networks:listNetworkUsage/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/volumes/methods/get' - - $ref: '#/components/x-stackQL-resources/volumes/methods/list' + - $ref: >- + #/components/x-stackQL-resources/network_usage/methods/list_network_usage insert: [] - update: - - $ref: '#/components/x-stackQL-resources/volumes/methods/patch' + update: [] replace: [] delete: [] snapshots: @@ -2366,39 +2344,39 @@ components: name: snapshots title: Snapshots methods: - create: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1snapshots/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1snapshots~1{snapshotsId}/get response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1snapshots/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1snapshots~1{snapshotsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.volumeSnapshots - restore_volume_snapshot: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1snapshots~1{snapshotsId}:restoreVolumeSnapshot/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1snapshots/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.volumeSnapshots + create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1snapshots~1{snapshotsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1snapshots/post response: mediaType: application/json openAPIDocKey: '200' - get: + restore_volume_snapshot: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1snapshots~1{snapshotsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1snapshots~1{snapshotsId}:restoreVolumeSnapshot/post response: mediaType: application/json openAPIDocKey: '200' @@ -2417,10 +2395,10 @@ components: name: luns title: Luns methods: - get: + evict: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1luns~1{lunsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1luns~1{lunsId}:evict/post response: mediaType: application/json openAPIDocKey: '200' @@ -2432,10 +2410,10 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.luns - evict: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1luns~1{lunsId}:evict/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1luns~1{lunsId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -2447,256 +2425,278 @@ components: update: [] replace: [] delete: [] - networks: - id: google.baremetalsolution.networks - name: networks - title: Networks + volumes: + id: google.baremetalsolution.volumes + name: volumes + title: Volumes methods: - list: + resize: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1networks/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}:resize/post + response: + mediaType: application/json + openAPIDocKey: '200' + evict: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}:evict/post + response: + mediaType: application/json + openAPIDocKey: '200' + rename: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}:rename/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.networks get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1networks~1{networksId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}/get response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1networks~1{networksId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}/patch response: mediaType: application/json openAPIDocKey: '200' - rename: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1networks~1{networksId}:rename/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1volumes/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.volumes sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/networks/methods/get' - - $ref: '#/components/x-stackQL-resources/networks/methods/list' + - $ref: '#/components/x-stackQL-resources/volumes/methods/get' + - $ref: '#/components/x-stackQL-resources/volumes/methods/list' insert: [] update: - - $ref: '#/components/x-stackQL-resources/networks/methods/patch' + - $ref: '#/components/x-stackQL-resources/volumes/methods/patch' replace: [] delete: [] - network_usage: - id: google.baremetalsolution.network_usage - name: network_usage - title: Network_usage + instances: + id: google.baremetalsolution.instances + name: instances + title: Instances methods: - list_network_usage: + enable_hyperthreading: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1networks:listNetworkUsage/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:enableHyperthreading/post + response: + mediaType: application/json + openAPIDocKey: '200' + disable_interactive_serial_console: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:disableInteractiveSerialConsole/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.instances + reimage: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:reimage/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/network_usage/methods/list_network_usage - insert: [] - update: [] - replace: [] - delete: [] - nfs_shares: - id: google.baremetalsolution.nfs_shares - name: nfs_shares - title: Nfs_shares - methods: get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1nfsShares~1{nfsSharesId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/get response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1nfsShares~1{nfsSharesId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + detach_lun: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1nfsShares~1{nfsSharesId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:detachLun/post response: mediaType: application/json openAPIDocKey: '200' - list: + load_auth_info: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1nfsShares/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:loadAuthInfo/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.nfsShares - create: + enable_interactive_serial_console: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1nfsShares/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:enableInteractiveSerialConsole/post response: mediaType: application/json openAPIDocKey: '200' - rename: + disable_hyperthreading: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1nfsShares~1{nfsSharesId}:rename/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:disableHyperthreading/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/nfs_shares/methods/get' - - $ref: '#/components/x-stackQL-resources/nfs_shares/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/nfs_shares/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/nfs_shares/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/nfs_shares/methods/delete' - provisioning_quotas: - id: google.baremetalsolution.provisioning_quotas - name: provisioning_quotas - title: Provisioning_quotas - methods: - list: + start: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1provisioningQuotas/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:start/post + response: + mediaType: application/json + openAPIDocKey: '200' + reset: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:reset/post + response: + mediaType: application/json + openAPIDocKey: '200' + stop: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:stop/post + response: + mediaType: application/json + openAPIDocKey: '200' + rename: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:rename/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.provisioningQuotas sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/provisioning_quotas/methods/list' + - $ref: '#/components/x-stackQL-resources/instances/methods/get' + - $ref: '#/components/x-stackQL-resources/instances/methods/list' insert: [] - update: [] + update: + - $ref: '#/components/x-stackQL-resources/instances/methods/patch' replace: [] delete: [] - provisioning_configs: - id: google.baremetalsolution.provisioning_configs - name: provisioning_configs - title: Provisioning_configs + nfs_shares: + id: google.baremetalsolution.nfs_shares + name: nfs_shares + title: Nfs_shares methods: - submit: + delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1provisioningConfigs:submit/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1nfsShares~1{nfsSharesId}/delete response: mediaType: application/json openAPIDocKey: '200' - get: + patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1provisioningConfigs~1{provisioningConfigsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1nfsShares~1{nfsSharesId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1provisioningConfigs~1{provisioningConfigsId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1nfsShares~1{nfsSharesId}/get response: mediaType: application/json openAPIDocKey: '200' create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1provisioningConfigs/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1nfsShares/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/provisioning_configs/methods/get' - insert: - - $ref: >- - #/components/x-stackQL-resources/provisioning_configs/methods/create - update: - - $ref: >- - #/components/x-stackQL-resources/provisioning_configs/methods/patch - replace: [] - delete: [] - operations: - id: google.baremetalsolution.operations - name: operations - title: Operations - methods: - get: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1nfsShares/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.nfsShares + rename: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1nfsShares~1{nfsSharesId}:rename/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/nfs_shares/methods/get' + - $ref: '#/components/x-stackQL-resources/nfs_shares/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/nfs_shares/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/nfs_shares/methods/patch' replace: [] - delete: [] - os_images: - id: google.baremetalsolution.os_images - name: os_images - title: Os_images + delete: + - $ref: '#/components/x-stackQL-resources/nfs_shares/methods/delete' + locations: + id: google.baremetalsolution.locations + name: locations + title: Locations methods: list: operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1osImages/get + $ref: '#/paths/~1v2~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.osImages + objectKey: $.locations get: operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1osImages~1{osImagesId}/get + $ref: '#/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/os_images/methods/get' - - $ref: '#/components/x-stackQL-resources/os_images/methods/list' + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' insert: [] update: [] replace: [] delete: [] paths: - /v2/projects/{projectsId}/locations: + /v2/projects/{projectsId}/locations/{locationsId}/osImages/{osImagesId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/alt' get: - description: Lists information about the supported locations for this service. - operationId: baremetalsolution.projects.locations.list + description: Get details of a single OS image. + operationId: baremetalsolution.projects.locations.osImages.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2708,63 +2708,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/OSImage' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 - get: - description: Gets information about a location. - operationId: baremetalsolution.projects.locations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Location' - parameters: - in: path - name: projectsId + name: locationsId required: true schema: type: string - in: path - name: locationsId + name: osImagesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances: + /v2/projects/{projectsId}/locations/{locationsId}/osImages: parameters: *ref_1 get: - description: List servers in a given project and location. - operationId: baremetalsolution.projects.locations.instances.list + description: Retrieves the list of OS images which are currently approved. + operationId: baremetalsolution.projects.locations.osImages.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2776,7 +2741,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInstancesResponse' + $ref: '#/components/schemas/ListOSImagesResponse' parameters: - in: path name: projectsId @@ -2788,24 +2753,22 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: type: string - in: query - name: filter + name: pageSize schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}: + type: integer + format: int32 + /v2/projects/{projectsId}/locations/{locationsId}/sshKeys: parameters: *ref_1 get: - description: Get details about a single server. - operationId: baremetalsolution.projects.locations.instances.get + description: >- + Lists the public SSH keys registered for the specified project. These + SSH keys are used only for the interactive serial console feature. + operationId: baremetalsolution.projects.locations.sshKeys.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2817,7 +2780,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Instance' + $ref: '#/components/schemas/ListSSHKeysResponse' parameters: - in: path name: projectsId @@ -2829,19 +2792,25 @@ paths: required: true schema: type: string - - in: path - name: instancesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - patch: - description: Update details of a single server. - operationId: baremetalsolution.projects.locations.instances.patch + post: + description: >- + Register a public SSH key in the specified project for use with the + interactive serial console feature. + operationId: baremetalsolution.projects.locations.sshKeys.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Instance' + $ref: '#/components/schemas/SSHKey' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2853,7 +2822,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/SSHKey' parameters: - in: path name: projectsId @@ -2865,21 +2834,15 @@ paths: required: true schema: type: string - - in: path - name: instancesId - required: true - schema: - type: string - in: query - name: updateMask + name: sshKeyId schema: type: string - format: google-fieldmask - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:loadAuthInfo: + /v2/projects/{projectsId}/locations/{locationsId}/sshKeys/{sshKeysId}: parameters: *ref_1 - get: - description: Load auth info for a server. - operationId: baremetalsolution.projects.locations.instances.loadAuthInfo + delete: + description: Deletes a public SSH key registered in the specified project. + operationId: baremetalsolution.projects.locations.sshKeys.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2891,7 +2854,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LoadInstanceAuthInfoResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2904,20 +2867,15 @@ paths: schema: type: string - in: path - name: instancesId + name: sshKeysId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:reimage: + /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Perform reimage operation on a single server. - operationId: baremetalsolution.projects.locations.instances.reimage - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ReimageInstanceRequest' + get: + description: Get details about an operation. + operationId: baremetalsolution.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2942,20 +2900,15 @@ paths: schema: type: string - in: path - name: instancesId + name: operationsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:enableHyperthreading: + /v2/projects/{projectsId}/locations/{locationsId}/provisioningQuotas: parameters: *ref_1 - post: - description: Perform enable hyperthreading operation on a single server. - operationId: baremetalsolution.projects.locations.instances.enableHyperthreading - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/EnableHyperthreadingRequest' + get: + description: List the budget details to provision resources on a given project. + operationId: baremetalsolution.projects.locations.provisioningQuotas.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2967,7 +2920,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListProvisioningQuotasResponse' parameters: - in: path name: projectsId @@ -2979,21 +2932,20 @@ paths: required: true schema: type: string - - in: path - name: instancesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:disableHyperthreading: + /v2/projects/{projectsId}/locations/{locationsId}/provisioningConfigs/{provisioningConfigsId}: parameters: *ref_1 - post: - description: Perform disable hyperthreading operation on a single server. - operationId: baremetalsolution.projects.locations.instances.disableHyperthreading - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DisableHyperthreadingRequest' + get: + description: Get ProvisioningConfig by name. + operationId: baremetalsolution.projects.locations.provisioningConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3005,7 +2957,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ProvisioningConfig' parameters: - in: path name: projectsId @@ -3018,22 +2970,18 @@ paths: schema: type: string - in: path - name: instancesId + name: provisioningConfigsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:rename: - parameters: *ref_1 - post: - description: >- - RenameInstance sets a new name for an instance. Use with caution, - previous names become immediately invalidated. - operationId: baremetalsolution.projects.locations.instances.rename + patch: + description: Update existing ProvisioningConfig. + operationId: baremetalsolution.projects.locations.provisioningConfigs.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/RenameInstanceRequest' + $ref: '#/components/schemas/ProvisioningConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3045,7 +2993,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Instance' + $ref: '#/components/schemas/ProvisioningConfig' parameters: - in: path name: projectsId @@ -3058,22 +3006,29 @@ paths: schema: type: string - in: path - name: instancesId + name: provisioningConfigsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:reset: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: email + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/provisioningConfigs: parameters: *ref_1 post: - description: >- - Perform an ungraceful, hard reset on a server. Equivalent to shutting - the power off and then turning it back on. - operationId: baremetalsolution.projects.locations.instances.reset + description: Create new ProvisioningConfig. + operationId: baremetalsolution.projects.locations.provisioningConfigs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/ResetInstanceRequest' + $ref: '#/components/schemas/ProvisioningConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3085,7 +3040,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ProvisioningConfig' parameters: - in: path name: projectsId @@ -3097,21 +3052,20 @@ paths: required: true schema: type: string - - in: path - name: instancesId - required: true + - in: query + name: email schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:start: + /v2/projects/{projectsId}/locations/{locationsId}/provisioningConfigs:submit: parameters: *ref_1 post: - description: Starts a server that was shutdown. - operationId: baremetalsolution.projects.locations.instances.start + description: Submit a provisioning configuration for a given project. + operationId: baremetalsolution.projects.locations.provisioningConfigs.submit requestBody: content: application/json: schema: - $ref: '#/components/schemas/StartInstanceRequest' + $ref: '#/components/schemas/SubmitProvisioningConfigRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3123,7 +3077,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/SubmitProvisioningConfigResponse' parameters: - in: path name: projectsId @@ -3135,21 +3089,18 @@ paths: required: true schema: type: string - - in: path - name: instancesId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:stop: + /v2/projects/{projectsId}/locations/{locationsId}/networks/{networksId}:rename: parameters: *ref_1 - post: - description: Stop a running server. - operationId: baremetalsolution.projects.locations.instances.stop + post: + description: >- + RenameNetwork sets a new name for a network. Use with caution, previous + names become immediately invalidated. + operationId: baremetalsolution.projects.locations.networks.rename requestBody: content: application/json: schema: - $ref: '#/components/schemas/StopInstanceRequest' + $ref: '#/components/schemas/RenameNetworkRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3161,7 +3112,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Network' parameters: - in: path name: projectsId @@ -3174,21 +3125,20 @@ paths: schema: type: string - in: path - name: instancesId + name: networksId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:enableInteractiveSerialConsole: + /v2/projects/{projectsId}/locations/{locationsId}/networks/{networksId}: parameters: *ref_1 - post: - description: Enable the interactive serial console feature on an instance. - operationId: >- - baremetalsolution.projects.locations.instances.enableInteractiveSerialConsole + patch: + description: Update details of a single network. + operationId: baremetalsolution.projects.locations.networks.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/EnableInteractiveSerialConsoleRequest' + $ref: '#/components/schemas/Network' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3213,21 +3163,18 @@ paths: schema: type: string - in: path - name: instancesId + name: networksId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:disableInteractiveSerialConsole: - parameters: *ref_1 - post: - description: Disable the interactive serial console feature on an instance. - operationId: >- - baremetalsolution.projects.locations.instances.disableInteractiveSerialConsole - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DisableInteractiveSerialConsoleRequest' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Get details of a single network. + operationId: baremetalsolution.projects.locations.networks.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3239,7 +3186,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Network' parameters: - in: path name: projectsId @@ -3252,20 +3199,17 @@ paths: schema: type: string - in: path - name: instancesId + name: networksId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:detachLun: + /v2/projects/{projectsId}/locations/{locationsId}/networks:listNetworkUsage: parameters: *ref_1 - post: - description: Detach LUN from Instance. - operationId: baremetalsolution.projects.locations.instances.detachLun - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DetachLunRequest' + get: + description: >- + List all Networks (and used IPs for each Network) in the vendor account + associated with the specified project. + operationId: baremetalsolution.projects.locations.networks.listNetworkUsage security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3277,7 +3221,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListNetworkUsageResponse' parameters: - in: path name: projectsId @@ -3289,18 +3233,11 @@ paths: required: true schema: type: string - - in: path - name: instancesId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/sshKeys: + /v2/projects/{projectsId}/locations/{locationsId}/networks: parameters: *ref_1 get: - description: >- - Lists the public SSH keys registered for the specified project. These - SSH keys are used only for the interactive serial console feature. - operationId: baremetalsolution.projects.locations.sshKeys.list + description: List network in a given project and location. + operationId: baremetalsolution.projects.locations.networks.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3312,7 +3249,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSSHKeysResponse' + $ref: '#/components/schemas/ListNetworksResponse' parameters: - in: path name: projectsId @@ -3333,16 +3270,17 @@ paths: name: pageToken schema: type: string - post: + - in: query + name: filter + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/snapshots/{snapshotsId}: + parameters: *ref_1 + get: description: >- - Register a public SSH key in the specified project for use with the - interactive serial console feature. - operationId: baremetalsolution.projects.locations.sshKeys.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SSHKey' + Returns the specified snapshot resource. Returns INVALID_ARGUMENT if + called for a non-boot volume. + operationId: baremetalsolution.projects.locations.volumes.snapshots.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3354,7 +3292,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SSHKey' + $ref: '#/components/schemas/VolumeSnapshot' parameters: - in: path name: projectsId @@ -3366,15 +3304,21 @@ paths: required: true schema: type: string - - in: query - name: sshKeyId + - in: path + name: volumesId + required: true + schema: + type: string + - in: path + name: snapshotsId + required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/sshKeys/{sshKeysId}: - parameters: *ref_1 delete: - description: Deletes a public SSH key registered in the specified project. - operationId: baremetalsolution.projects.locations.sshKeys.delete + description: >- + Deletes a volume snapshot. Returns INVALID_ARGUMENT if called for a + non-boot volume. + operationId: baremetalsolution.projects.locations.volumes.snapshots.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3399,15 +3343,23 @@ paths: schema: type: string - in: path - name: sshKeysId + name: volumesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/volumes: + - in: path + name: snapshotsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/snapshots: parameters: *ref_1 get: - description: List storage volumes in a given project and location. - operationId: baremetalsolution.projects.locations.volumes.list + description: >- + Retrieves the list of snapshots for the specified volume. Returns a + response with an empty list of snapshots if called for a non-boot + volume. + operationId: baremetalsolution.projects.locations.volumes.snapshots.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3419,7 +3371,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListVolumesResponse' + $ref: '#/components/schemas/ListVolumeSnapshotsResponse' parameters: - in: path name: projectsId @@ -3431,6 +3383,11 @@ paths: required: true schema: type: string + - in: path + name: volumesId + required: true + schema: + type: string - in: query name: pageSize schema: @@ -3440,15 +3397,16 @@ paths: name: pageToken schema: type: string - - in: query - name: filter - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}: - parameters: *ref_1 - get: - description: Get details of a single storage volume. - operationId: baremetalsolution.projects.locations.volumes.get + post: + description: >- + Takes a snapshot of a boot volume. Returns INVALID_ARGUMENT if called + for a non-boot volume. + operationId: baremetalsolution.projects.locations.volumes.snapshots.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/VolumeSnapshot' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3460,7 +3418,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Volume' + $ref: '#/components/schemas/VolumeSnapshot' parameters: - in: path name: projectsId @@ -3477,14 +3435,19 @@ paths: required: true schema: type: string - patch: - description: Update details of a single storage volume. - operationId: baremetalsolution.projects.locations.volumes.patch + /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/snapshots/{snapshotsId}:restoreVolumeSnapshot: + parameters: *ref_1 + post: + description: >- + Uses the specified snapshot to restore its parent volume. Returns + INVALID_ARGUMENT if called for a non-boot volume. + operationId: >- + baremetalsolution.projects.locations.volumes.snapshots.restoreVolumeSnapshot requestBody: content: application/json: schema: - $ref: '#/components/schemas/Volume' + $ref: '#/components/schemas/RestoreVolumeSnapshotRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3513,23 +3476,21 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: snapshotsId + required: true schema: type: string - format: google-fieldmask - /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}:rename: + /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/luns/{lunsId}:evict: parameters: *ref_1 post: - description: >- - RenameVolume sets a new name for a volume. Use with caution, previous - names become immediately invalidated. - operationId: baremetalsolution.projects.locations.volumes.rename + description: Skips lun's cooloff and deletes it now. Lun must be in cooloff state. + operationId: baremetalsolution.projects.locations.volumes.luns.evict requestBody: content: application/json: schema: - $ref: '#/components/schemas/RenameVolumeRequest' + $ref: '#/components/schemas/EvictLunRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3541,7 +3502,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Volume' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3558,18 +3519,16 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}:evict: + - in: path + name: lunsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/luns: parameters: *ref_1 - post: - description: >- - Skips volume's cooloff and deletes it now. Volume must be in cooloff - state. - operationId: baremetalsolution.projects.locations.volumes.evict - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/EvictVolumeRequest' + get: + description: List storage volume luns for given storage volume. + operationId: baremetalsolution.projects.locations.volumes.luns.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3581,7 +3540,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListLunsResponse' parameters: - in: path name: projectsId @@ -3598,16 +3557,20 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}:resize: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/luns/{lunsId}: parameters: *ref_1 - post: - description: Emergency Volume resize. - operationId: baremetalsolution.projects.locations.volumes.resize - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ResizeVolumeRequest' + get: + description: Get details of a single storage logical unit number(LUN). + operationId: baremetalsolution.projects.locations.volumes.luns.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3619,7 +3582,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Lun' parameters: - in: path name: projectsId @@ -3636,18 +3599,21 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/snapshots: + - in: path + name: lunsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}:resize: parameters: *ref_1 post: - description: >- - Takes a snapshot of a boot volume. Returns INVALID_ARGUMENT if called - for a non-boot volume. - operationId: baremetalsolution.projects.locations.volumes.snapshots.create + description: Emergency Volume resize. + operationId: baremetalsolution.projects.locations.volumes.resize requestBody: content: application/json: schema: - $ref: '#/components/schemas/VolumeSnapshot' + $ref: '#/components/schemas/ResizeVolumeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3659,7 +3625,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VolumeSnapshot' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3676,12 +3642,18 @@ paths: required: true schema: type: string - get: + /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}:evict: + parameters: *ref_1 + post: description: >- - Retrieves the list of snapshots for the specified volume. Returns a - response with an empty list of snapshots if called for a non-boot - volume. - operationId: baremetalsolution.projects.locations.volumes.snapshots.list + Skips volume's cooloff and deletes it now. Volume must be in cooloff + state. + operationId: baremetalsolution.projects.locations.volumes.evict + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EvictVolumeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3693,7 +3665,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListVolumeSnapshotsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3710,28 +3682,18 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/snapshots/{snapshotsId}:restoreVolumeSnapshot: + /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}:rename: parameters: *ref_1 post: description: >- - Uses the specified snapshot to restore its parent volume. Returns - INVALID_ARGUMENT if called for a non-boot volume. - operationId: >- - baremetalsolution.projects.locations.volumes.snapshots.restoreVolumeSnapshot + RenameVolume sets a new name for a volume. Use with caution, previous + names become immediately invalidated. + operationId: baremetalsolution.projects.locations.volumes.rename requestBody: content: application/json: schema: - $ref: '#/components/schemas/RestoreVolumeSnapshotRequest' + $ref: '#/components/schemas/RenameVolumeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3743,7 +3705,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Volume' parameters: - in: path name: projectsId @@ -3760,18 +3722,11 @@ paths: required: true schema: type: string - - in: path - name: snapshotsId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/snapshots/{snapshotsId}: + /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}: parameters: *ref_1 - delete: - description: >- - Deletes a volume snapshot. Returns INVALID_ARGUMENT if called for a - non-boot volume. - operationId: baremetalsolution.projects.locations.volumes.snapshots.delete + get: + description: Get details of a single storage volume. + operationId: baremetalsolution.projects.locations.volumes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3783,7 +3738,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Volume' parameters: - in: path name: projectsId @@ -3800,16 +3755,14 @@ paths: required: true schema: type: string - - in: path - name: snapshotsId - required: true - schema: - type: string - get: - description: >- - Returns the specified snapshot resource. Returns INVALID_ARGUMENT if - called for a non-boot volume. - operationId: baremetalsolution.projects.locations.volumes.snapshots.get + patch: + description: Update details of a single storage volume. + operationId: baremetalsolution.projects.locations.volumes.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Volume' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3821,7 +3774,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VolumeSnapshot' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3838,16 +3791,16 @@ paths: required: true schema: type: string - - in: path - name: snapshotsId - required: true + - in: query + name: updateMask schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/luns/{lunsId}: + format: google-fieldmask + /v2/projects/{projectsId}/locations/{locationsId}/volumes: parameters: *ref_1 get: - description: Get details of a single storage logical unit number(LUN). - operationId: baremetalsolution.projects.locations.volumes.luns.get + description: List storage volumes in a given project and location. + operationId: baremetalsolution.projects.locations.volumes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3859,7 +3812,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Lun' + $ref: '#/components/schemas/ListVolumesResponse' parameters: - in: path name: projectsId @@ -3871,21 +3824,29 @@ paths: required: true schema: type: string - - in: path - name: volumesId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: lunsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/luns: + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:enableHyperthreading: parameters: *ref_1 - get: - description: List storage volume luns for given storage volume. - operationId: baremetalsolution.projects.locations.volumes.luns.list + post: + description: Perform enable hyperthreading operation on a single server. + operationId: baremetalsolution.projects.locations.instances.enableHyperthreading + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EnableHyperthreadingRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3897,7 +3858,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLunsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3910,29 +3871,21 @@ paths: schema: type: string - in: path - name: volumesId + name: instancesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/luns/{lunsId}:evict: + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:disableInteractiveSerialConsole: parameters: *ref_1 post: - description: Skips lun's cooloff and deletes it now. Lun must be in cooloff state. - operationId: baremetalsolution.projects.locations.volumes.luns.evict + description: Disable the interactive serial console feature on an instance. + operationId: >- + baremetalsolution.projects.locations.instances.disableInteractiveSerialConsole requestBody: content: application/json: schema: - $ref: '#/components/schemas/EvictLunRequest' + $ref: '#/components/schemas/DisableInteractiveSerialConsoleRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3957,20 +3910,15 @@ paths: schema: type: string - in: path - name: volumesId - required: true - schema: - type: string - - in: path - name: lunsId + name: instancesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/networks: + /v2/projects/{projectsId}/locations/{locationsId}/instances: parameters: *ref_1 get: - description: List network in a given project and location. - operationId: baremetalsolution.projects.locations.networks.list + description: List servers in a given project and location. + operationId: baremetalsolution.projects.locations.instances.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3982,7 +3930,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListNetworksResponse' + $ref: '#/components/schemas/ListInstancesResponse' parameters: - in: path name: projectsId @@ -3994,6 +3942,10 @@ paths: required: true schema: type: string + - in: query + name: filter + schema: + type: string - in: query name: pageSize schema: @@ -4003,17 +3955,16 @@ paths: name: pageToken schema: type: string - - in: query - name: filter - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/networks:listNetworkUsage: + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:reimage: parameters: *ref_1 - get: - description: >- - List all Networks (and used IPs for each Network) in the vendor account - associated with the specified project. - operationId: baremetalsolution.projects.locations.networks.listNetworkUsage + post: + description: Perform reimage operation on a single server. + operationId: baremetalsolution.projects.locations.instances.reimage + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ReimageInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4025,7 +3976,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListNetworkUsageResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4037,11 +3988,16 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/networks/{networksId}: + - in: path + name: instancesId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}: parameters: *ref_1 get: - description: Get details of a single network. - operationId: baremetalsolution.projects.locations.networks.get + description: Get details about a single server. + operationId: baremetalsolution.projects.locations.instances.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4053,7 +4009,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Network' + $ref: '#/components/schemas/Instance' parameters: - in: path name: projectsId @@ -4066,18 +4022,18 @@ paths: schema: type: string - in: path - name: networksId + name: instancesId required: true schema: type: string patch: - description: Update details of a single network. - operationId: baremetalsolution.projects.locations.networks.patch + description: Update details of a single server. + operationId: baremetalsolution.projects.locations.instances.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Network' + $ref: '#/components/schemas/Instance' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4102,7 +4058,7 @@ paths: schema: type: string - in: path - name: networksId + name: instancesId required: true schema: type: string @@ -4111,18 +4067,16 @@ paths: schema: type: string format: google-fieldmask - /v2/projects/{projectsId}/locations/{locationsId}/networks/{networksId}:rename: + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:detachLun: parameters: *ref_1 post: - description: >- - RenameNetwork sets a new name for a network. Use with caution, previous - names become immediately invalidated. - operationId: baremetalsolution.projects.locations.networks.rename + description: Detach LUN from Instance. + operationId: baremetalsolution.projects.locations.instances.detachLun requestBody: content: application/json: schema: - $ref: '#/components/schemas/RenameNetworkRequest' + $ref: '#/components/schemas/DetachLunRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4134,7 +4088,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Network' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4147,15 +4101,54 @@ paths: schema: type: string - in: path - name: networksId + name: instancesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/nfsShares/{nfsSharesId}: + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:loadAuthInfo: parameters: *ref_1 get: - description: Get details of a single NFS share. - operationId: baremetalsolution.projects.locations.nfsShares.get + description: Load auth info for a server. + operationId: baremetalsolution.projects.locations.instances.loadAuthInfo + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/LoadInstanceAuthInfoResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: instancesId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:enableInteractiveSerialConsole: + parameters: *ref_1 + post: + description: Enable the interactive serial console feature on an instance. + operationId: >- + baremetalsolution.projects.locations.instances.enableInteractiveSerialConsole + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EnableInteractiveSerialConsoleRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4167,7 +4160,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NfsShare' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4180,18 +4173,20 @@ paths: schema: type: string - in: path - name: nfsSharesId + name: instancesId required: true schema: type: string - patch: - description: Update details of a single NFS share. - operationId: baremetalsolution.projects.locations.nfsShares.patch + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:disableHyperthreading: + parameters: *ref_1 + post: + description: Perform disable hyperthreading operation on a single server. + operationId: baremetalsolution.projects.locations.instances.disableHyperthreading requestBody: content: application/json: schema: - $ref: '#/components/schemas/NfsShare' + $ref: '#/components/schemas/DisableHyperthreadingRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4216,18 +4211,20 @@ paths: schema: type: string - in: path - name: nfsSharesId + name: instancesId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Delete an NFS share. The underlying volume is automatically deleted. - operationId: baremetalsolution.projects.locations.nfsShares.delete + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:start: + parameters: *ref_1 + post: + description: Starts a server that was shutdown. + operationId: baremetalsolution.projects.locations.instances.start + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/StartInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4252,15 +4249,22 @@ paths: schema: type: string - in: path - name: nfsSharesId + name: instancesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/nfsShares: + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:reset: parameters: *ref_1 - get: - description: List NFS shares. - operationId: baremetalsolution.projects.locations.nfsShares.list + post: + description: >- + Perform an ungraceful, hard reset on a server. Equivalent to shutting + the power off and then turning it back on. + operationId: baremetalsolution.projects.locations.instances.reset + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ResetInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4272,7 +4276,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListNfsSharesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4284,27 +4288,21 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: instancesId + required: true schema: type: string + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:stop: + parameters: *ref_1 post: - description: Create an NFS share. - operationId: baremetalsolution.projects.locations.nfsShares.create + description: Stop a running server. + operationId: baremetalsolution.projects.locations.instances.stop requestBody: content: application/json: schema: - $ref: '#/components/schemas/NfsShare' + $ref: '#/components/schemas/StopInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4328,18 +4326,23 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/nfsShares/{nfsSharesId}:rename: + - in: path + name: instancesId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:rename: parameters: *ref_1 post: description: >- - RenameNfsShare sets a new name for an nfsshare. Use with caution, + RenameInstance sets a new name for an instance. Use with caution, previous names become immediately invalidated. - operationId: baremetalsolution.projects.locations.nfsShares.rename + operationId: baremetalsolution.projects.locations.instances.rename requestBody: content: application/json: schema: - $ref: '#/components/schemas/RenameNfsShareRequest' + $ref: '#/components/schemas/RenameInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4351,7 +4354,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NfsShare' + $ref: '#/components/schemas/Instance' parameters: - in: path name: projectsId @@ -4364,15 +4367,15 @@ paths: schema: type: string - in: path - name: nfsSharesId + name: instancesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/provisioningQuotas: + /v2/projects/{projectsId}/locations/{locationsId}/nfsShares/{nfsSharesId}: parameters: *ref_1 - get: - description: List the budget details to provision resources on a given project. - operationId: baremetalsolution.projects.locations.provisioningQuotas.list + delete: + description: Delete an NFS share. The underlying volume is automatically deleted. + operationId: baremetalsolution.projects.locations.nfsShares.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4384,7 +4387,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListProvisioningQuotasResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4396,25 +4399,19 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: nfsSharesId + required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/provisioningConfigs:submit: - parameters: *ref_1 - post: - description: Submit a provisioning configuration for a given project. - operationId: baremetalsolution.projects.locations.provisioningConfigs.submit + patch: + description: Update details of a single NFS share. + operationId: baremetalsolution.projects.locations.nfsShares.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SubmitProvisioningConfigRequest' + $ref: '#/components/schemas/NfsShare' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4426,7 +4423,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SubmitProvisioningConfigResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4438,11 +4435,19 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/provisioningConfigs/{provisioningConfigsId}: - parameters: *ref_1 + - in: path + name: nfsSharesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: Get ProvisioningConfig by name. - operationId: baremetalsolution.projects.locations.provisioningConfigs.get + description: Get details of a single NFS share. + operationId: baremetalsolution.projects.locations.nfsShares.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4454,7 +4459,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ProvisioningConfig' + $ref: '#/components/schemas/NfsShare' parameters: - in: path name: projectsId @@ -4467,18 +4472,20 @@ paths: schema: type: string - in: path - name: provisioningConfigsId + name: nfsSharesId required: true schema: type: string - patch: - description: Update existing ProvisioningConfig. - operationId: baremetalsolution.projects.locations.provisioningConfigs.patch + /v2/projects/{projectsId}/locations/{locationsId}/nfsShares: + parameters: *ref_1 + post: + description: Create an NFS share. + operationId: baremetalsolution.projects.locations.nfsShares.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/ProvisioningConfig' + $ref: '#/components/schemas/NfsShare' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4490,7 +4497,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ProvisioningConfig' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4502,30 +4509,9 @@ paths: required: true schema: type: string - - in: path - name: provisioningConfigsId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: email - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/provisioningConfigs: - parameters: *ref_1 - post: - description: Create new ProvisioningConfig. - operationId: baremetalsolution.projects.locations.provisioningConfigs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ProvisioningConfig' + get: + description: List NFS shares. + operationId: baremetalsolution.projects.locations.nfsShares.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4537,7 +4523,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ProvisioningConfig' + $ref: '#/components/schemas/ListNfsSharesResponse' parameters: - in: path name: projectsId @@ -4550,14 +4536,30 @@ paths: schema: type: string - in: query - name: email + name: filter schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/nfsShares/{nfsSharesId}:rename: parameters: *ref_1 - get: - description: Get details about an operation. - operationId: baremetalsolution.projects.locations.operations.get + post: + description: >- + RenameNfsShare sets a new name for an nfsshare. Use with caution, + previous names become immediately invalidated. + operationId: baremetalsolution.projects.locations.nfsShares.rename + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RenameNfsShareRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4569,7 +4571,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/NfsShare' parameters: - in: path name: projectsId @@ -4582,15 +4584,15 @@ paths: schema: type: string - in: path - name: operationsId + name: nfsSharesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/osImages: + /v2/projects/{projectsId}/locations: parameters: *ref_1 get: - description: Retrieves the list of OS images which are currently approved. - operationId: baremetalsolution.projects.locations.osImages.list + description: Lists information about the supported locations for this service. + operationId: baremetalsolution.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4602,18 +4604,13 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOSImagesResponse' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true - schema: - type: string - in: query name: pageSize schema: @@ -4623,11 +4620,19 @@ paths: name: pageToken schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/osImages/{osImagesId}: + - in: query + name: extraLocationTypes + schema: + type: string + - in: query + name: filter + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}: parameters: *ref_1 get: - description: Get details of a single OS image. - operationId: baremetalsolution.projects.locations.osImages.get + description: Gets information about a location. + operationId: baremetalsolution.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4639,7 +4644,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/OSImage' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId @@ -4651,8 +4656,3 @@ paths: required: true schema: type: string - - in: path - name: osImagesId - required: true - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/batch.yaml b/providers/src/googleapis.com/v00.00.00000/services/batch.yaml index f76f67f3..797d9603 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/batch.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/batch.yaml @@ -7,8 +7,8 @@ info: title: Batch API description: An API to manage the running of Batch resources on Google Cloud Platform. version: v1 - x-discovery-doc-revision: '20250813' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251112' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/batch/ servers: @@ -34,884 +34,907 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + ReportAgentStateResponse: + id: ReportAgentStateResponse type: object + description: Response to ReportAgentStateRequest. properties: - operations: + useBatchMonitoredResource: description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + If true, the cloud logging for batch agent will use + batch.googleapis.com/Job as monitored resource for Batch job related + logging. + type: boolean + defaultReportInterval: + format: google-duration type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + description: Default report interval override + minReportInterval: + type: string + format: google-duration + description: Minimum report interval override + tasks: + items: + $ref: '#/components/schemas/AgentTask' + type: array + description: Tasks assigned to the agent + ActionCondition: + id: ActionCondition + description: Conditions for actions to deal with task failures. type: object properties: - name: + exitCodes: + type: array + items: + format: int32 + type: integer description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + Exit codes of a task execution. If there are more than 1 exit codes, + when task executes with any of the exit code in the list, the + condition is met and the action will be executed. + AgentMetadata: + id: AgentMetadata + properties: + machineType: type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. + description: Optional. machine type of the VM + instanceId: + format: uint64 + type: string + description: GCP instance ID (go/instance-id). + version: + type: string + description: agent binary version running on VM + creationTime: + description: When the VM agent started. Use agent_startup_time instead. + type: string + deprecated: true + format: google-datetime + osRelease: + description: parsed contents of /etc/os-release type: object additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + type: string + instance: + type: string + description: GCP instance name (go/instance-name). + creator: description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. + Full name of the entity that created this vm. For MIG, this path is: + projects/{project}/regions/{region}/InstanceGroupManagers/{igm} The + value is retrieved from the vm metadata key of "created-by". + type: string + imageVersion: + type: string + description: image version for the VM that this agent is installed on. + instancePreemptionNoticeReceived: type: boolean - error: + description: If the GCP instance has received preemption notice. + zone: + description: Agent zone. + type: string + description: VM Agent Metadata. + type: object + NetworkInterface: + description: A network interface. + type: object + id: NetworkInterface + properties: + subnetwork: + type: string description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + The URL of an existing subnetwork resource in the network. You can + specify the subnetwork as a full or partial URL. For example, the + following are all valid URLs: * + https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/subnetworks/{subnetwork} + * projects/{project}/regions/{region}/subnetworks/{subnetwork} * + regions/{region}/subnetworks/{subnetwork} + noExternalIpAddress: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + Default is false (with an external IP address). Required if no + external public IP address is attached to the VM. If no external + public IP address, additional configuration is required to allow the + VM to access Google Services. See + https://cloud.google.com/vpc/docs/configure-private-google-access + and https://cloud.google.com/nat/docs/gce-example#create-nat for + more information. + type: boolean + network: + description: >- + The URL of an existing network resource. You can specify the network + as a full or partial URL. For example, the following are all valid + URLs: * + https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network} + * projects/{project}/global/networks/{network} * + global/networks/{network} + type: string + AgentTaskInfo: type: object properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + runnable: + type: string + format: int64 description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + The highest index of a runnable started by the agent for this task. + The runnables are indexed from 1. Value 0 is undefined. + taskId: type: string - details: + description: ID of the Task + taskStatus: + $ref: '#/components/schemas/TaskStatus' description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty + The status of the Task. If we need agent specific fields we should + fork the public TaskStatus into an agent specific one. Or add them + below. + description: Task Info + id: AgentTaskInfo + LifecyclePolicy: + id: LifecyclePolicy description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - Job: - id: Job - description: The Cloud Batch Job description. - type: object + LifecyclePolicy describes how to deal with task failures based on + different conditions. properties: - name: + actionCondition: + $ref: '#/components/schemas/ActionCondition' description: >- - Output only. Job name. For example: - "projects/123456/locations/us-central1/jobs/job01". - readOnly: true - type: string - uid: - description: Output only. A system generated unique ID for the Job. - readOnly: true + Conditions that decide why a task failure is dealt with a specific + action. + action: + enum: + - ACTION_UNSPECIFIED + - RETRY_TASK + - FAIL_TASK type: string - priority: description: >- - Priority of the Job. The valid value range is [0, 100). Default - value is 0. Higher value indicates higher priority. A job with - higher priority value is more likely to run earlier if all other - requirements are satisfied. - type: string - format: int64 - taskGroups: + Action to execute when ActionCondition is true. When RETRY_TASK is + specified, we will retry failed tasks if we notice any exit code + match and fail tasks if no match is found. Likewise, when FAIL_TASK + is specified, we will fail tasks if we notice any exit code match + and retry tasks if no match is found. + enumDescriptions: + - Action unspecified. + - Action that tasks in the group will be scheduled to re-execute. + - Action that tasks in the group will be stopped immediately. + type: object + AgentTaskLoggingOption: + properties: + labels: + type: object + additionalProperties: + type: string description: >- - Required. TaskGroups in the Job. Only one TaskGroup is supported - now. - type: array - items: - $ref: '#/components/schemas/TaskGroup' - allocationPolicy: - description: Compute resource allocation for all TaskGroups in the Job. - $ref: '#/components/schemas/AllocationPolicy' - labels: + Labels to be added to the log entry. Now only cloud logging is + supported. + type: object + description: AgentTaskLoggingOption contains the options for the logging of the task. + id: AgentTaskLoggingOption + TaskGroupStatus: + type: object + description: Aggregated task status for a TaskGroup. + properties: + counts: description: >- - Custom labels to apply to the job and any Cloud Logging - [LogEntry](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) - that it generates. Use labels to group and describe the resources - they are applied to. Batch automatically applies predefined labels - and supports multiple `labels` fields for each job, which each let - you apply custom labels to various resources. Label names that start - with "goog-" or "google-" are reserved for predefined labels. For - more information about labels with Batch, see [Organize resources - using - labels](https://cloud.google.com/batch/docs/organize-resources-using-labels). + Count of task in each state in the TaskGroup. The map key is task + state name. type: object additionalProperties: type: string - status: - description: Output only. Job status. It is read only for users. - readOnly: true - $ref: '#/components/schemas/JobStatus' - createTime: - description: Output only. When the Job was created. - readOnly: true + format: int64 + instances: + type: array + description: Status of instances allocated for the TaskGroup. + items: + $ref: '#/components/schemas/InstanceStatus' + id: TaskGroupStatus + NetworkPolicy: + properties: + networkInterfaces: + items: + $ref: '#/components/schemas/NetworkInterface' + type: array + description: Network configurations. + description: NetworkPolicy describes VM instance network configurations. + type: object + id: NetworkPolicy + AgentScript: + type: object + description: Script runnable representation on the agent side. + id: AgentScript + properties: + path: + description: >- + Script file path on the host VM. To specify an interpreter, please + add a `#!`(also known as [shebang + line](https://en.wikipedia.org/wiki/Shebang_(Unix))) as the first + line of the file.(For example, to execute the script using bash, + `#!/bin/bash` should be the first line of the file. To execute the + script using`Python3`, `#!/usr/bin/env python3` should be the first + line of the file.) Otherwise, the file will by default be executed + by `/bin/sh`. type: string - format: google-datetime - updateTime: - description: Output only. The last time the Job was updated. - readOnly: true + text: type: string - format: google-datetime - logsPolicy: - description: Log preservation policy for the Job. - $ref: '#/components/schemas/LogsPolicy' - notifications: - description: Notification configurations. + description: >- + Shell script text. To specify an interpreter, please add a `#!\n` at + the beginning of the text.(For example, to execute the script using + bash, `#!/bin/bash\n` should be added. To execute the script + using`Python3`, `#!/usr/bin/env python3\n` should be added.) + Otherwise, the script will by default be executed by `/bin/sh`. + ListTasksResponse: + id: ListTasksResponse + properties: + nextPageToken: + description: Next page token. + type: string + unreachable: type: array items: - $ref: '#/components/schemas/JobNotification' + type: string + description: Locations that could not be reached. + tasks: + type: array + items: + $ref: '#/components/schemas/Task' + description: Tasks. + description: ListTasks Response. + type: object + KMSEnvMap: + id: KMSEnvMap + properties: + keyName: + type: string + description: >- + The name of the KMS key that will be used to decrypt the cipher + text. + cipherText: + description: The value of the cipherText response from the `encrypt` method. + type: string + type: object + ListLocationsResponse: + properties: + nextPageToken: + type: string + description: The standard List next-page token. + locations: + items: + $ref: '#/components/schemas/Location' + type: array + description: >- + A list of locations that matches the specified filter in the + request. + type: object + id: ListLocationsResponse + description: The response message for Locations.ListLocations. + InstancePolicyOrTemplate: + id: InstancePolicyOrTemplate + type: object + properties: + installOpsAgent: + description: >- + Optional. Set this field true if you want Batch to install Ops Agent + on your behalf. Default is false. + type: boolean + installGpuDrivers: + type: boolean + description: >- + Set this field true if you want Batch to help fetch drivers from a + third party location and install them for GPUs specified in + `policy.accelerators` or `instance_template` on your behalf. Default + is false. For Container-Optimized Image cases, Batch will install + the accelerator driver following milestones of + https://cloud.google.com/container-optimized-os/docs/release-notes. + For non Container-Optimized Image cases, following + https://github.com/GoogleCloudPlatform/compute-gpu-installation/blob/main/linux/install_gpu_driver.py. + instanceTemplate: + description: >- + Name of an instance template used to create VMs. Named the field as + 'instance_template' instead of 'template' to avoid C++ keyword + conflict. Batch only supports global instance templates from the + same project as the job. You can specify the global instance + template as a full or partial URL. + type: string + blockProjectSshKeys: + description: >- + Optional. Set this field to `true` if you want Batch to block + project-level SSH keys from accessing this job's VMs. Alternatively, + you can configure the job to specify a VM instance template that + blocks project-level SSH keys. In either case, Batch blocks + project-level SSH keys while creating the VMs for this job. Batch + allows project-level SSH keys for a job's VMs only if all the + following are true: + This field is undefined or set to `false`. + + The job's VM instance template (if any) doesn't block project-level + SSH keys. Notably, you can override this behavior by manually + updating a VM to block or allow project-level SSH keys. For more + information about blocking project-level SSH keys, see the Compute + Engine documentation: + https://cloud.google.com/compute/docs/connect/restrict-ssh-keys#block-keys + type: boolean + policy: + description: InstancePolicy. + $ref: '#/components/schemas/InstancePolicy' + description: >- + InstancePolicyOrTemplate lets you define the type of resources to use + for this job either with an InstancePolicy or an instance template. If + undefined, Batch picks the type of VM to use and doesn't include + optional VM resources such as GPUs and extra disks. + InstanceStatus: + id: InstanceStatus + type: object + properties: + machineType: + type: string + description: The Compute Engine machine type. + taskPack: + description: The max number of tasks can be assigned to this instance type. + type: string + format: int64 + bootDisk: + description: The VM boot disk. + $ref: '#/components/schemas/Disk' + provisioningModel: + type: string + enumDescriptions: + - Unspecified. + - Standard VM. + - SPOT VM. + - >- + Preemptible VM (PVM). Above SPOT VM is the preferable model for + preemptible VM instances: the old preemptible VM model (indicated + by this field) is the older model, and has been migrated to use + the SPOT model as the underlying technology. This old model will + still be supported. + - >- + Bound to the lifecycle of the reservation in which it is + provisioned. + - >- + Instance is provisioned with DWS Flex Start and has limited max + run duration. + description: The VM instance provisioning model. + enum: + - PROVISIONING_MODEL_UNSPECIFIED + - STANDARD + - SPOT + - PREEMPTIBLE + - RESERVATION_BOUND + - FLEX_START + enumDeprecated: + - false + - false + - false + - true + - false + - false + description: VM instance status. TaskGroup: id: TaskGroup - description: A TaskGroup defines one or more Tasks that all share the same TaskSpec. - type: object properties: name: + readOnly: true description: >- Output only. TaskGroup name. The system generates this field based on parent Job name. For example: "projects/123456/locations/us-west1/jobs/job01/taskGroups/group01". - readOnly: true - type: string - taskSpec: - description: Required. Tasks in the group share the same task spec. - $ref: '#/components/schemas/TaskSpec' - taskCount: - description: Number of Tasks in the TaskGroup. Default is 1. type: string - format: int64 parallelism: description: >- Max number of tasks that can run in parallel. Default to min(task_count, parallel tasks per job limit). See: [Job Limits](https://cloud.google.com/batch/quotas#job_limits). Field parallelism must be 1 if the scheduling_policy is IN_ORDER. + format: int64 type: string + taskCount: format: int64 - schedulingPolicy: - description: >- - Scheduling policy for Tasks in the TaskGroup. The default value is - AS_SOON_AS_POSSIBLE. type: string - enumDescriptions: - - Unspecified. - - >- - Run Tasks as soon as resources are available. Tasks might be - executed in parallel depending on parallelism and task_count - values. - - Run Tasks sequentially with increased task index. - enum: - - SCHEDULING_POLICY_UNSPECIFIED - - AS_SOON_AS_POSSIBLE - - IN_ORDER - taskEnvironments: - description: >- - An array of environment variable mappings, which are passed to Tasks - with matching indices. If task_environments is used then task_count - should not be specified in the request (and will be ignored). Task - count will be the length of task_environments. Tasks get a - BATCH_TASK_INDEX and BATCH_TASK_COUNT environment variable, in - addition to any environment variables set in task_environments, - specifying the number of Tasks in the Task's parent TaskGroup, and - the specific Task's index in the TaskGroup (0 through - BATCH_TASK_COUNT - 1). - type: array - items: - $ref: '#/components/schemas/Environment' + description: Number of Tasks in the TaskGroup. Default is 1. taskCountPerNode: + format: int64 + type: string description: >- Max number of tasks that can be run on a VM at the same time. If not specified, the system will decide a value based on available compute resources on a VM and task requirements. - type: string - format: int64 + taskSpec: + $ref: '#/components/schemas/TaskSpec' + description: Required. Tasks in the group share the same task spec. requireHostsFile: + type: boolean description: >- When true, Batch will populate a file with a list of all VMs assigned to the TaskGroup and set the BATCH_HOSTS_FILE environment variable to the path of that file. Defaults to false. The host file supports up to 1000 VMs. - type: boolean + schedulingPolicy: + enum: + - SCHEDULING_POLICY_UNSPECIFIED + - AS_SOON_AS_POSSIBLE + - IN_ORDER + description: >- + Scheduling policy for Tasks in the TaskGroup. The default value is + AS_SOON_AS_POSSIBLE. + type: string + enumDescriptions: + - Unspecified. + - >- + Run Tasks as soon as resources are available. Tasks might be + executed in parallel depending on parallelism and task_count + values. + - Run Tasks sequentially with increased task index. permissiveSsh: description: >- When true, Batch will configure SSH to allow passwordless login between VMs running the Batch tasks in the same TaskGroup. type: boolean runAsNonRoot: + type: boolean description: >- Optional. If not set or set to false, Batch uses the root user to execute runnables. If set to true, Batch runs the runnables using a non-root user. Currently, the non-root user Batch used is generated by OS Login. For more information, see [About OS Login](https://cloud.google.com/compute/docs/oslogin). - type: boolean - TaskSpec: - id: TaskSpec - description: Spec of a task + taskEnvironments: + items: + $ref: '#/components/schemas/Environment' + type: array + description: >- + An array of environment variable mappings, which are passed to Tasks + with matching indices. If task_environments is used then task_count + should not be specified in the request (and will be ignored). Task + count will be the length of task_environments. Tasks get a + BATCH_TASK_INDEX and BATCH_TASK_COUNT environment variable, in + addition to any environment variables set in task_environments, + specifying the number of Tasks in the Task's parent TaskGroup, and + the specific Task's index in the TaskGroup (0 through + BATCH_TASK_COUNT - 1). + description: A TaskGroup defines one or more Tasks that all share the same TaskSpec. type: object + JobNotification: properties: - runnables: - description: >- - Required. The sequence of one or more runnables (executable scripts, - executable containers, and/or barriers) for each task in this task - group to run. Each task runs this list of runnables in order. For a - task to succeed, all of its script and container runnables each must - meet at least one of the following conditions: + The runnable exited - with a zero status. + The runnable didn't finish, but you enabled - its `background` subfield. + The runnable exited with a non-zero - status, but you enabled its `ignore_exit_status` subfield. - type: array - items: - $ref: '#/components/schemas/Runnable' - computeResource: - description: ComputeResource requirements. - $ref: '#/components/schemas/ComputeResource' - maxRunDuration: + message: + $ref: '#/components/schemas/Message' description: >- - Maximum duration the task should run before being automatically - retried (if enabled) or automatically failed. Format the value of - this field as a time limit in seconds followed by `s`—for example, - `3600s` for 1 hour. The field accepts any value between 0 and the - maximum listed for the `Duration` field type at - https://protobuf.dev/reference/protobuf/google.protobuf/#duration; - however, the actual maximum run time for a job will be limited to - the maximum run time for a job listed at - https://cloud.google.com/batch/quotas#max-job-duration. + The attribute requirements of messages to be sent to this Pub/Sub + topic. Without this field, no message will be sent. + pubsubTopic: type: string - format: google-duration - maxRetryCount: - description: >- - Maximum number of retries on failures. The default, 0, which means - never retry. The valid value range is [0, 10]. - type: integer - format: int32 - lifecyclePolicies: description: >- - Lifecycle management schema when any task in a task group is failed. - Currently we only support one lifecycle policy. When the lifecycle - policy condition is met, the action in the policy will execute. If - task execution result does not meet with the defined lifecycle - policy, we consider it as the default policy. Default policy means - if the exit code is 0, exit task. If task ends with non-zero exit - code, retry the task with max_retry_count. - type: array - items: - $ref: '#/components/schemas/LifecyclePolicy' - environments: - description: 'Deprecated: please use environment(non-plural) instead.' - deprecated: true - type: object - additionalProperties: - type: string - volumes: - description: Volumes to mount before running Tasks using this TaskSpec. - type: array - items: - $ref: '#/components/schemas/Volume' - environment: - description: Environment variables to set before running the Task. - $ref: '#/components/schemas/Environment' - Runnable: - id: Runnable - description: >- - Runnable describes instructions for executing a specific script or - container as part of a Task. + The Pub/Sub topic where notifications for the job, like state + changes, will be published. If undefined, no Pub/Sub notifications + are sent for this job. Specify the topic using the following format: + `projects/{project}/topics/{topic}`. Notably, if you want to specify + a Pub/Sub topic that is in a different project than the job, your + administrator must grant your project's Batch service agent + permission to publish to that topic. For more information about + configuring Pub/Sub notifications for a job, see + https://cloud.google.com/batch/docs/enable-notifications. type: object + id: JobNotification + description: Notification configurations. + ComputeResource: properties: - container: - description: Container runnable. - $ref: '#/components/schemas/Container' - script: - description: Script runnable. - $ref: '#/components/schemas/Script' - barrier: - description: Barrier runnable. - $ref: '#/components/schemas/Barrier' - displayName: + memoryMib: description: >- - Optional. DisplayName is an optional field that can be provided by - the caller. If provided, it will be used in logs and other outputs - to identify the script, making it easier for users to understand the - logs. If not provided the index of the runnable will be used for - outputs. + Memory in MiB. `memoryMib` defines the amount of memory per task in + MiB units. If undefined, the default value is `2000`. If you also + define the VM's machine type using the `machineType` in + [InstancePolicy](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicy) + field or inside the `instanceTemplate` in the + [InstancePolicyOrTemplate](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicyortemplate) + field, make sure the memory resources for both fields are compatible + with each other and with how many tasks you want to allow to run on + the same VM at the same time. For example, if you specify the + `n2-standard-2` machine type, which has 8 GiB each, you are + recommended to set `memoryMib` to no more than `8192`, or you are + recommended to run two tasks on the same VM if you set `memoryMib` + to `4096` or less. + format: int64 type: string - ignoreExitStatus: - description: >- - Normally, a runnable that returns a non-zero exit status fails and - causes the task to fail. However, you can set this field to `true` - to allow the task to continue executing its other runnables even if - this runnable fails. - type: boolean - background: - description: >- - Normally, a runnable that doesn't exit causes its task to fail. - However, you can set this field to `true` to configure a background - runnable. Background runnables are allowed continue running in the - background while the task executes subsequent runnables. For - example, background runnables are useful for providing services to - other runnables or providing debugging-support tools like SSH - servers. Specifically, background runnables are killed automatically - (if they have not already exited) a short time after all foreground - runnables have completed. Even though this is likely to result in a - non-zero exit status for the background runnable, these automatic - kills are not treated as task failures. - type: boolean - alwaysRun: - description: >- - By default, after a Runnable fails, no further Runnable are - executed. This flag indicates that this Runnable must be run even if - the Task has already failed. This is useful for Runnables that copy - output files off of the VM or for debugging. The always_run flag - does not override the Task's overall max_run_duration. If the - max_run_duration has expired then no further Runnables will execute, - not even always_run Runnables. - type: boolean - environment: + bootDiskMib: + description: Extra boot disk size in MiB for each task. + type: string + format: int64 + cpuMilli: description: >- - Environment variables for this Runnable (overrides variables set for - the whole Task or TaskGroup). - $ref: '#/components/schemas/Environment' - timeout: - description: Timeout for this Runnable. + The milliCPU count. `cpuMilli` defines the amount of CPU resources + per task in milliCPU units. For example, `1000` corresponds to 1 + vCPU per task. If undefined, the default value is `2000`. If you + also define the VM's machine type using the `machineType` in + [InstancePolicy](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicy) + field or inside the `instanceTemplate` in the + [InstancePolicyOrTemplate](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicyortemplate) + field, make sure the CPU resources for both fields are compatible + with each other and with how many tasks you want to allow to run on + the same VM at the same time. For example, if you specify the + `n2-standard-2` machine type, which has 2 vCPUs each, you are + recommended to set `cpuMilli` no more than `2000`, or you are + recommended to run two tasks on the same VM if you set `cpuMilli` to + `1000` or less. + format: int64 type: string - format: google-duration - labels: - description: Labels for this Runnable. - type: object - additionalProperties: - type: string - Container: - id: Container - description: Container runnable. type: object + id: ComputeResource + description: >- + Compute resource requirements. ComputeResource defines the amount of + resources required for each task. Make sure your tasks have enough + resources to successfully run. If you also define the types of resources + for a job to use with the + [InstancePolicyOrTemplate](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicyortemplate) + field, make sure both fields are compatible with each other. + ReportAgentStateRequest: properties: - imageUri: - description: Required. The URI to pull the container image from. - type: string - commands: - description: >- - Required for some container images. Overrides the `CMD` specified in - the container. If there is an `ENTRYPOINT` (either in the container - image or with the `entrypoint` field below) then these commands are - appended as arguments to the `ENTRYPOINT`. - type: array - items: + metadata: + $ref: '#/components/schemas/AgentMetadata' + description: Agent metadata. + agentTimingInfo: + description: Agent timing info. + $ref: '#/components/schemas/AgentTimingInfo' + agentInfo: + description: Agent info. + $ref: '#/components/schemas/AgentInfo' + description: >- + Request to report agent's state. The Request itself implies the agent is + healthy. + id: ReportAgentStateRequest + type: object + Volume: + type: object + properties: + deviceName: + type: string + description: >- + Device name of an attached disk volume, which should align with a + device_name specified by + job.allocation_policy.instances[0].policy.disks[i].device_name or + defined by the given instance template in + job.allocation_policy.instances[0].instance_template. + nfs: + description: >- + A Network File System (NFS) volume. For example, a Filestore file + share. + $ref: '#/components/schemas/NFS' + mountOptions: + description: >- + Mount options vary based on the type of storage volume: * For a + Cloud Storage bucket, all the mount options provided by the + [`gcsfuse` tool](https://cloud.google.com/storage/docs/gcsfuse-cli) + are supported. * For an existing persistent disk, all mount options + provided by the [`mount` + command](https://man7.org/linux/man-pages/man8/mount.8.html) except + writing are supported. This is due to restrictions of [multi-writer + mode](https://cloud.google.com/compute/docs/disks/sharing-disks-between-vms). + * For any other disk or a Network File System (NFS), all the mount + options provided by the `mount` command are supported. + items: type: string - entrypoint: + type: array + gcs: + description: A Google Cloud Storage (GCS) volume. + $ref: '#/components/schemas/GCS' + mountPath: + type: string + description: The mount path for the volume, e.g. /mnt/disks/share. + description: Volume describes a volume and parameters for it to be mounted to a VM. + id: Volume + Status: + type: object + properties: + details: + type: array description: >- - Required for some container images. Overrides the `ENTRYPOINT` - specified in the container. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + message: + type: string + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + format: int32 + id: Status + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + AttachedDisk: + description: >- + A new or an existing persistent disk (PD) or a local ssd attached to a + VM instance. + type: object + properties: + deviceName: + description: >- + Device name that the guest operating system will see. It is used by + Runnable.volumes field to mount disks. So please specify the + device_name if you want Batch to help mount the disk, and it should + match the device_name field in volumes. + type: string + existingDisk: + description: Name of an existing PD. + type: string + newDisk: + $ref: '#/components/schemas/Disk' + id: AttachedDisk + AgentContainer: + id: AgentContainer + description: Container runnable representation on the agent side. + properties: + imageUri: type: string + description: The URI to pull the container image from. volumes: + items: + type: string + type: array description: >- Volumes to mount (bind mount) from the host machine files or - directories into the container, formatted to match `--volume` option - for the `docker run` command—for example, `/foo:/bar` or - `/foo:/bar:ro`. If the `TaskSpec.Volumes` field is specified but - this field is not, Batch will mount each volume from the host - machine to the container with the same mount path by default. In - this case, the default mount option for containers will be read-only - (`ro`) for existing persistent disks and read-write (`rw`) for other - volume types, regardless of the original mount options specified in - `TaskSpec.Volumes`. If you need different mount settings, you can - explicitly configure them in this field. + directories into the container, formatted to match docker run's + --volume option, e.g. /foo:/bar, or /foo:/bar:ro + commands: + description: >- + Overrides the `CMD` specified in the container. If there is an + ENTRYPOINT (either in the container image or with the entrypoint + field below) then commands are appended as arguments to the + ENTRYPOINT. type: array items: type: string options: description: >- - Required for some container images. Arbitrary additional options to - include in the `docker run` command when running this container—for - example, `--network host`. For the `--volume` option, use the - `volumes` field for the container. - type: string - blockExternalNetwork: - description: >- - If set to true, external network access to and from container will - be blocked, containers that are with block_external_network as true - can still communicate with each other, network cannot be specified - in the `container.options` field. - type: boolean - username: - description: >- - Required if the container image is from a private Docker registry. - The username to login to the Docker registry that contains the - image. You can either specify the username directly by using plain - text or specify an encrypted username by using a Secret Manager - secret: `projects/*/secrets/*/versions/*`. However, using a secret - is recommended for enhanced security. Caution: If you specify the - username using plain text, you risk the username being exposed to - any users who can view the job or its logs. To avoid this risk, - specify a secret that contains the username instead. Learn more - about [Secret - Manager](https://cloud.google.com/secret-manager/docs/) and [using - Secret Manager with - Batch](https://cloud.google.com/batch/docs/create-run-job-secret-manager). + Arbitrary additional options to include in the "docker run" command + when running this container, e.g. "--network host". type: string - password: - description: >- - Required if the container image is from a private Docker registry. - The password to login to the Docker registry that contains the - image. For security, it is strongly recommended to specify an - encrypted password by using a Secret Manager secret: - `projects/*/secrets/*/versions/*`. Warning: If you specify the - password using plain text, you risk the password being exposed to - any users who can view the job or its logs. To avoid this risk, - specify a secret that contains the password instead. Learn more - about [Secret - Manager](https://cloud.google.com/secret-manager/docs/) and [using - Secret Manager with - Batch](https://cloud.google.com/batch/docs/create-run-job-secret-manager). + entrypoint: + description: Overrides the `ENTRYPOINT` specified in the container. type: string - enableImageStreaming: - description: >- - Optional. If set to true, this container runnable uses Image - streaming. Use Image streaming to allow the runnable to initialize - without waiting for the entire container image to download, which - can significantly reduce startup time for large container images. - When `enableImageStreaming` is set to true, the container runtime is - [containerd](https://containerd.io/) instead of Docker. - Additionally, this container runnable only supports the following - `container` subfields: `imageUri`, `commands[]`, `entrypoint`, and - `volumes[]`; any other `container` subfields are ignored. For more - information about the requirements and limitations for using Image - streaming with Batch, see the [`image-streaming` sample on - GitHub](https://github.com/GoogleCloudPlatform/batch-samples/tree/main/api-samples/image-streaming). - type: boolean - Script: - id: Script - description: Script runnable. type: object + AgentInfo: properties: - path: - description: >- - The path to a script file that is accessible from the host VM(s). - Unless the script file supports the default `#!/bin/sh` shell - interpreter, you must specify an interpreter by including a [shebang - line](https://en.wikipedia.org/wiki/Shebang_(Unix) as the first line - of the file. For example, to execute the script using bash, include - `#!/bin/bash` as the first line of the file. Alternatively, to - execute the script using Python3, include `#!/usr/bin/env python3` - as the first line of the file. + jobId: + description: Optional. The assigned Job ID type: string - text: - description: >- - The text for a script. Unless the script text supports the default - `#!/bin/sh` shell interpreter, you must specify an interpreter by - including a [shebang - line](https://en.wikipedia.org/wiki/Shebang_(Unix) at the beginning - of the text. For example, to execute the script using bash, include - `#!/bin/bash\n` at the beginning of the text. Alternatively, to - execute the script using Python3, include `#!/usr/bin/env python3\n` - at the beginning of the text. + taskGroupId: + description: The assigned task group ID. + type: string + state: + enum: + - AGENT_STATE_UNSPECIFIED + - AGENT_STARTING + - AGENT_RUNNING + - AGENT_STOPPED + description: Agent state. + enumDescriptions: + - Unspecified state. + - The agent is starting on the VM instance. + - >- + The agent is running. The agent in the RUNNING state can never go + back to the STARTING state. + - The agent has stopped, either on request or due to a failure. + type: string + reportTime: type: string + description: When the AgentInfo is generated. + format: google-datetime + tasks: + description: Task Info. + items: + $ref: '#/components/schemas/AgentTaskInfo' + type: array + type: object + description: VM Agent Info. + id: AgentInfo Barrier: + type: object id: Barrier description: >- A barrier runnable automatically blocks the execution of subsequent runnables until all the tasks in the task group reach the barrier. - type: object properties: name: description: >- Barriers are identified by their index in runnable list. Names are not required, but if present should be an identifier. type: string - Environment: - id: Environment + AgentTask: + id: AgentTask description: >- - An Environment describes a collection of environment variables to set - when executing Tasks. - type: object - properties: - variables: - description: A map of environment variable names to values. - type: object - additionalProperties: - type: string - secretVariables: - description: >- - A map of environment variable names to Secret Manager secret names. - The VM will access the named secrets to set the value of each - environment variable. - type: object - additionalProperties: - type: string - encryptedVariables: - description: >- - An encrypted JSON dictionary where the key/value pairs correspond to - environment variable names and their values. - $ref: '#/components/schemas/KMSEnvMap' - KMSEnvMap: - id: KMSEnvMap + TODO(b/182501497) The message needs to be redefined when the Agent API + server updates data in storage per the backend design. type: object properties: - keyName: - description: >- - The name of the KMS key that will be used to decrypt the cipher - text. + taskSource: + enumDescriptions: + - Unspecified task source. + - >- + The AgentTask from this source is generated by Batch server. E.g. + all the VMActions are from this source. When Batch Agent execute + AgentTask from BATCH_INTERNAL, it will log stdout/err with + "batch_agent_logs" log name. + - >- + The AgentTask from this source is provided by Batch users. When + Batch Agent execute AgentTask from USER, it will log stdout/err + with "batch_task_logs" log name. type: string - cipherText: - description: The value of the cipherText response from the `encrypt` method. + description: TaskSource represents the source of the task. + enum: + - TASK_SOURCE_UNSPECIFIED + - BATCH_INTERNAL + - USER + intendedState: type: string - ComputeResource: - id: ComputeResource - description: >- - Compute resource requirements. ComputeResource defines the amount of - resources required for each task. Make sure your tasks have enough - resources to successfully run. If you also define the types of resources - for a job to use with the - [InstancePolicyOrTemplate](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicyortemplate) - field, make sure both fields are compatible with each other. - type: object - properties: - cpuMilli: + enumDescriptions: + - Unspecified state. + - Assigned state (includes running and finished). + - The agent should cancel the execution of this task. + - Delete task from agent storage, stop reporting its state. + description: The intended state of the task. + enum: + - INTENDED_STATE_UNSPECIFIED + - ASSIGNED + - CANCELLED + - DELETED + spec: + $ref: '#/components/schemas/TaskSpec' description: >- - The milliCPU count. `cpuMilli` defines the amount of CPU resources - per task in milliCPU units. For example, `1000` corresponds to 1 - vCPU per task. If undefined, the default value is `2000`. If you - also define the VM's machine type using the `machineType` in - [InstancePolicy](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicy) - field or inside the `instanceTemplate` in the - [InstancePolicyOrTemplate](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicyortemplate) - field, make sure the CPU resources for both fields are compatible - with each other and with how many tasks you want to allow to run on - the same VM at the same time. For example, if you specify the - `n2-standard-2` machine type, which has 2 vCPUs each, you are - recommended to set `cpuMilli` no more than `2000`, or you are - recommended to run two tasks on the same VM if you set `cpuMilli` to - `1000` or less. + Task Spec. This field will be replaced by agent_task_spec below in + future. + reachedBarrier: + description: The highest barrier reached by all tasks in the task's TaskGroup. type: string format: int64 - memoryMib: + status: + $ref: '#/components/schemas/TaskStatus' + description: Task status. + agentTaskSpec: description: >- - Memory in MiB. `memoryMib` defines the amount of memory per task in - MiB units. If undefined, the default value is `2000`. If you also - define the VM's machine type using the `machineType` in - [InstancePolicy](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicy) - field or inside the `instanceTemplate` in the - [InstancePolicyOrTemplate](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicyortemplate) - field, make sure the memory resources for both fields are compatible - with each other and with how many tasks you want to allow to run on - the same VM at the same time. For example, if you specify the - `n2-standard-2` machine type, which has 8 GiB each, you are - recommended to set `memoryMib` to no more than `8192`, or you are - recommended to run two tasks on the same VM if you set `memoryMib` - to `4096` or less. - type: string - format: int64 - bootDiskMib: - description: Extra boot disk size in MiB for each task. + AgentTaskSpec is the taskSpec representation between Agent and CLH + communication. This field will replace the TaskSpec field above in + future to have a better separation between user-facaing API and + internal API. + $ref: '#/components/schemas/AgentTaskSpec' + task: type: string - format: int64 - LifecyclePolicy: - id: LifecyclePolicy - description: >- - LifecyclePolicy describes how to deal with task failures based on - different conditions. - type: object + description: Task name. + ListJobsResponse: + description: ListJob Response. properties: - action: - description: >- - Action to execute when ActionCondition is true. When RETRY_TASK is - specified, we will retry failed tasks if we notice any exit code - match and fail tasks if no match is found. Likewise, when FAIL_TASK - is specified, we will fail tasks if we notice any exit code match - and retry tasks if no match is found. + nextPageToken: type: string - enumDescriptions: - - Action unspecified. - - Action that tasks in the group will be scheduled to re-execute. - - Action that tasks in the group will be stopped immediately. - enum: - - ACTION_UNSPECIFIED - - RETRY_TASK - - FAIL_TASK - actionCondition: - description: >- - Conditions that decide why a task failure is dealt with a specific - action. - $ref: '#/components/schemas/ActionCondition' - ActionCondition: - id: ActionCondition - description: Conditions for actions to deal with task failures. - type: object - properties: - exitCodes: - description: >- - Exit codes of a task execution. If there are more than 1 exit codes, - when task executes with any of the exit code in the list, the - condition is met and the action will be executed. + description: Next page token. + jobs: + description: Jobs. + items: + $ref: '#/components/schemas/Job' type: array + unreachable: + description: Locations that could not be reached. items: - type: integer - format: int32 - Volume: - id: Volume - description: Volume describes a volume and parameters for it to be mounted to a VM. + type: string + type: array type: object + id: ListJobsResponse + AgentTaskSpec: properties: - nfs: + loggingOption: + $ref: '#/components/schemas/AgentTaskLoggingOption' + description: Logging option for the task. + userAccount: description: >- - A Network File System (NFS) volume. For example, a Filestore file - share. - $ref: '#/components/schemas/NFS' - gcs: - description: A Google Cloud Storage (GCS) volume. - $ref: '#/components/schemas/GCS' - deviceName: + User account on the VM to run the runnables in the agentTaskSpec. If + not set, the runnable will be run under root user. + $ref: '#/components/schemas/AgentTaskUserAccount' + environment: + description: Environment variables to set before running the Task. + $ref: '#/components/schemas/AgentEnvironment' + maxRunDuration: description: >- - Device name of an attached disk volume, which should align with a - device_name specified by - job.allocation_policy.instances[0].policy.disks[i].device_name or - defined by the given instance template in - job.allocation_policy.instances[0].instance_template. - type: string - mountPath: - description: The mount path for the volume, e.g. /mnt/disks/share. + Maximum duration the task should run before being automatically + retried (if enabled) or automatically failed. Format the value of + this field as a time limit in seconds followed by `s`—for example, + `3600s` for 1 hour. The field accepts any value between 0 and the + maximum listed for the `Duration` field type at + https://protobuf.dev/reference/protobuf/google.protobuf/#duration; + however, the actual maximum run time for a job will be limited to + the maximum run time for a job listed at + https://cloud.google.com/batch/quotas#max-job-duration. type: string - mountOptions: - description: >- - Mount options vary based on the type of storage volume: * For a - Cloud Storage bucket, all the mount options provided by the - [`gcsfuse` tool](https://cloud.google.com/storage/docs/gcsfuse-cli) - are supported. * For an existing persistent disk, all mount options - provided by the [`mount` - command](https://man7.org/linux/man-pages/man8/mount.8.html) except - writing are supported. This is due to restrictions of [multi-writer - mode](https://cloud.google.com/compute/docs/disks/sharing-disks-between-vms). - * For any other disk or a Network File System (NFS), all the mount - options provided by the `mount` command are supported. - type: array + format: google-duration + runnables: items: - type: string - NFS: - id: NFS - description: Represents an NFS volume. + $ref: '#/components/schemas/AgentTaskRunnable' + type: array + description: AgentTaskRunnable is runanbles that will be executed on the agent. type: object + description: >- + AgentTaskSpec is the user's TaskSpec representation between Agent and + CLH communication. + id: AgentTaskSpec + AgentKMSEnvMap: properties: - server: - description: The IP address of the NFS. + keyName: + description: >- + The name of the KMS key that will be used to decrypt the cipher + text. type: string - remotePath: - description: Remote source path exported from the NFS, e.g., "/share". + cipherText: type: string - GCS: - id: GCS - description: Represents a Google Cloud Storage volume. + description: The value of the cipherText response from the `encrypt` method. + description: >- + AgentKMSEnvMap contains the encrypted key/value pair to be used in the + environment on the Agent side. type: object - properties: - remotePath: - description: >- - Remote path, either a bucket name or a subdirectory of a bucket, - e.g.: bucket_name, bucket_name/subdirectory/ - type: string - AllocationPolicy: - id: AllocationPolicy - description: >- - A Job's resource allocation policy describes when, where, and how - compute resources should be allocated for the Job. - type: object - properties: - location: - description: Location where compute resources should be allocated for the Job. - $ref: '#/components/schemas/LocationPolicy' - instances: - description: >- - Describe instances that can be created by this AllocationPolicy. - Only instances[0] is supported now. - type: array - items: - $ref: '#/components/schemas/InstancePolicyOrTemplate' - serviceAccount: - description: >- - Defines the service account for Batch-created VMs. If omitted, the - [default Compute Engine service - account](https://cloud.google.com/compute/docs/access/service-accounts#default_service_account) - is used. Must match the service account specified in any used - instance template configured in the Batch job. Includes the - following fields: * email: The service account's email address. If - not set, the default Compute Engine service account is used. * - scopes: Additional OAuth scopes to grant the service account, beyond - the default cloud-platform scope. (list of strings) - $ref: '#/components/schemas/ServiceAccount' - labels: - description: >- - Custom labels to apply to the job and all the Compute Engine - resources that both are created by this allocation policy and - support labels. Use labels to group and describe the resources they - are applied to. Batch automatically applies predefined labels and - supports multiple `labels` fields for each job, which each let you - apply custom labels to various resources. Label names that start - with "goog-" or "google-" are reserved for predefined labels. For - more information about labels with Batch, see [Organize resources - using - labels](https://cloud.google.com/batch/docs/organize-resources-using-labels). - type: object - additionalProperties: - type: string - network: - description: >- - The network policy. If you define an instance template in the - `InstancePolicyOrTemplate` field, Batch will use the network - settings in the instance template instead of this field. - $ref: '#/components/schemas/NetworkPolicy' - placement: - description: The placement policy. - $ref: '#/components/schemas/PlacementPolicy' - tags: - description: >- - Optional. Tags applied to the VM instances. The tags identify valid - sources or targets for network firewalls. Each tag must be 1-63 - characters long, and comply with - [RFC1035](https://www.ietf.org/rfc/rfc1035.txt). - type: array - items: - type: string - LocationPolicy: - id: LocationPolicy - type: object - properties: - allowedLocations: - description: >- - A list of allowed location names represented by internal URLs. Each - location can be a region or a zone. Only one region or multiple - zones in one region is supported now. For example, - ["regions/us-central1"] allow VMs in any zones in region - us-central1. ["zones/us-central1-a", "zones/us-central1-c"] only - allow VMs in zones us-central1-a and us-central1-c. Mixing locations - from different regions would cause errors. For example, - ["regions/us-central1", "zones/us-central1-a", - "zones/us-central1-b", "zones/us-west1-a"] contains locations from - two distinct regions: us-central1 and us-west1. This combination - will trigger an error. - type: array - items: - type: string - InstancePolicyOrTemplate: - id: InstancePolicyOrTemplate - description: >- - InstancePolicyOrTemplate lets you define the type of resources to use - for this job either with an InstancePolicy or an instance template. If - undefined, Batch picks the type of VM to use and doesn't include - optional VM resources such as GPUs and extra disks. - type: object - properties: - policy: - description: InstancePolicy. - $ref: '#/components/schemas/InstancePolicy' - instanceTemplate: - description: >- - Name of an instance template used to create VMs. Named the field as - 'instance_template' instead of 'template' to avoid C++ keyword - conflict. Batch only supports global instance templates from the - same project as the job. You can specify the global instance - template as a full or partial URL. - type: string - installGpuDrivers: - description: >- - Set this field true if you want Batch to help fetch drivers from a - third party location and install them for GPUs specified in - `policy.accelerators` or `instance_template` on your behalf. Default - is false. For Container-Optimized Image cases, Batch will install - the accelerator driver following milestones of - https://cloud.google.com/container-optimized-os/docs/release-notes. - For non Container-Optimized Image cases, following - https://github.com/GoogleCloudPlatform/compute-gpu-installation/blob/main/linux/install_gpu_driver.py. - type: boolean - installOpsAgent: - description: >- - Optional. Set this field true if you want Batch to install Ops Agent - on your behalf. Default is false. - type: boolean - blockProjectSshKeys: - description: >- - Optional. Set this field to `true` if you want Batch to block - project-level SSH keys from accessing this job's VMs. Alternatively, - you can configure the job to specify a VM instance template that - blocks project-level SSH keys. In either case, Batch blocks - project-level SSH keys while creating the VMs for this job. Batch - allows project-level SSH keys for a job's VMs only if all the - following are true: + This field is undefined or set to `false`. + - The job's VM instance template (if any) doesn't block project-level - SSH keys. Notably, you can override this behavior by manually - updating a VM to block or allow project-level SSH keys. For more - information about blocking project-level SSH keys, see the Compute - Engine documentation: - https://cloud.google.com/compute/docs/connect/restrict-ssh-keys#block-keys - type: boolean + id: AgentKMSEnvMap InstancePolicy: - id: InstancePolicy description: >- InstancePolicy describes an instance type and resources attached to each VM created by this InstancePolicy. type: object properties: machineType: - description: The Compute Engine machine type. type: string + description: The Compute Engine machine type. minCpuPlatform: + type: string description: >- The minimum CPU platform. See https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform. + reservation: + description: >- + Optional. If not specified (default), VMs will consume any + applicable reservation. If "NO_RESERVATION" is specified, VMs will + not consume any reservation. Otherwise, if specified, VMs will + consume only the specified reservation. type: string + accelerators: + items: + $ref: '#/components/schemas/Accelerator' + description: The accelerators attached to each VM instance. + type: array + disks: + description: >- + Non-boot disks to be attached for each VM created by this + InstancePolicy. New disks will be deleted when the VM is deleted. A + non-boot disk is a disk that can be of a device with a file system + or a raw storage drive that is not ready for data storage and + accessing. + type: array + items: + $ref: '#/components/schemas/AttachedDisk' + bootDisk: + description: >- + Boot disk to be created and attached to each VM by this + InstancePolicy. Boot disk will be deleted when the VM is deleted. + Batch API now only supports booting from image. + $ref: '#/components/schemas/Disk' provisioningModel: - description: The provisioning model. type: string + description: The provisioning model. + enum: + - PROVISIONING_MODEL_UNSPECIFIED + - STANDARD + - SPOT + - PREEMPTIBLE + - RESERVATION_BOUND + - FLEX_START + enumDeprecated: + - false + - false + - false + - true + - false + - false enumDescriptions: - Unspecified. - Standard VM. @@ -925,572 +948,478 @@ components: - >- Bound to the lifecycle of the reservation in which it is provisioned. - enumDeprecated: - - false - - false - - false - - true - - false + - >- + Instance is provisioned with DWS Flex Start and has limited max + run duration. + id: InstancePolicy + LogsPolicy: + id: LogsPolicy + properties: + destination: + enumDescriptions: + - (Default) Logs are not preserved. + - >- + Logs are streamed to Cloud Logging. Optionally, you can configure + additional settings in the `cloudLoggingOption` field. + - Logs are saved to the file path specified in the `logsPath` field. + description: If and where logs should be saved. enum: - - PROVISIONING_MODEL_UNSPECIFIED - - STANDARD - - SPOT - - PREEMPTIBLE - - RESERVATION_BOUND - accelerators: - description: The accelerators attached to each VM instance. - type: array - items: - $ref: '#/components/schemas/Accelerator' - bootDisk: - description: >- - Boot disk to be created and attached to each VM by this - InstancePolicy. Boot disk will be deleted when the VM is deleted. - Batch API now only supports booting from image. - $ref: '#/components/schemas/Disk' - disks: - description: >- - Non-boot disks to be attached for each VM created by this - InstancePolicy. New disks will be deleted when the VM is deleted. A - non-boot disk is a disk that can be of a device with a file system - or a raw storage drive that is not ready for data storage and - accessing. - type: array - items: - $ref: '#/components/schemas/AttachedDisk' - reservation: - description: >- - Optional. If not specified (default), VMs will consume any - applicable reservation. If "NO_RESERVATION" is specified, VMs will - not consume any reservation. Otherwise, if specified, VMs will - consume only the specified reservation. + - DESTINATION_UNSPECIFIED + - CLOUD_LOGGING + - PATH type: string - Accelerator: - id: Accelerator - description: >- - Accelerator describes Compute Engine accelerators to be attached to the - VM. - type: object - properties: - type: + cloudLoggingOption: + $ref: '#/components/schemas/CloudLoggingOption' description: >- - The accelerator type. For example, "nvidia-tesla-t4". See `gcloud - compute accelerator-types list`. + Optional. When `destination` is set to `CLOUD_LOGGING`, you can + optionally set this field to configure additional settings for Cloud + Logging. + logsPath: type: string - count: - description: The number of accelerators of this type. - type: string - format: int64 - installGpuDrivers: - description: 'Deprecated: please use instances[0].install_gpu_drivers instead.' - deprecated: true - type: boolean - driverVersion: description: >- - Optional. The NVIDIA GPU driver version that should be installed for - this type. You can define the specific driver version such as - "470.103.01", following the driver version requirements in - https://cloud.google.com/compute/docs/gpus/install-drivers-gpu#minimum-driver. - Batch will install the specific accelerator driver if qualified. - type: string - Disk: - id: Disk + When `destination` is set to `PATH`, you must set this field to the + path where you want logs to be saved. This path can point to a local + directory on the VM or (if congifured) a directory under the mount + path of any Cloud Storage bucket, network file system (NFS), or + writable persistent disk that is mounted to the job. For example, if + the job has a bucket with `mountPath` set to `/mnt/disks/my-bucket`, + you can write logs to the root directory of the `remotePath` of that + bucket by setting this field to `/mnt/disks/my-bucket/`. + type: object description: >- - A new persistent disk or a local ssd. A VM can only have one local SSD - setting but multiple local SSD partitions. See - https://cloud.google.com/compute/docs/disks#pdspecs and - https://cloud.google.com/compute/docs/disks#localssds. + LogsPolicy describes if and how a job's logs are preserved. Logs include + information that is automatically written by the Batch service agent and + any information that you configured the job's runnables to write to the + `stdout` or `stderr` streams. + AgentEnvironment: + description: >- + AgentEnvironment is the Environment representation between Agent and CLH + communication. The environment is used in both task level and agent + level. + properties: + variables: + type: object + additionalProperties: + type: string + description: A map of environment variable names to values. + encryptedVariables: + description: >- + An encrypted JSON dictionary where the key/value pairs correspond to + environment variable names and their values. + $ref: '#/components/schemas/AgentKMSEnvMap' + secretVariables: + description: >- + A map of environment variable names to Secret Manager secret names. + The VM will access the named secrets to set the value of each + environment variable. + type: object + additionalProperties: + type: string type: object + id: AgentEnvironment + Job: properties: - image: + labels: description: >- - URL for a VM image to use as the data source for this disk. For - example, the following are all valid URLs: * Specify the image by - its family name: - projects/{project}/global/images/family/{image_family} * Specify the - image version: projects/{project}/global/images/{image_version} You - can also use Batch customized image in short names. The following - image values are supported for a boot disk: * `batch-debian`: use - Batch Debian images. * `batch-cos`: use Batch Container-Optimized - images. * `batch-hpc-rocky`: use Batch HPC Rocky Linux images. + Custom labels to apply to the job and any Cloud Logging + [LogEntry](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) + that it generates. Use labels to group and describe the resources + they are applied to. Batch automatically applies predefined labels + and supports multiple `labels` fields for each job, which each let + you apply custom labels to various resources. Label names that start + with "goog-" or "google-" are reserved for predefined labels. For + more information about labels with Batch, see [Organize resources + using + labels](https://cloud.google.com/batch/docs/organize-resources-using-labels). + type: object + additionalProperties: + type: string + updateTime: type: string - snapshot: - description: >- - Name of a snapshot used as the data source. Snapshot is not - supported as boot disk now. + description: Output only. The last time the Job was updated. + format: google-datetime + readOnly: true + uid: + description: Output only. A system generated unique ID for the Job. + readOnly: true type: string - type: + name: description: >- - Disk type as shown in `gcloud compute disk-types list`. For example, - local SSD uses type "local-ssd". Persistent disks and boot disks use - "pd-balanced", "pd-extreme", "pd-ssd" or "pd-standard". If not - specified, "pd-standard" will be used as the default type for - non-boot disks, "pd-balanced" will be used as the default type for - boot disks. + Output only. Job name. For example: + "projects/123456/locations/us-central1/jobs/job01". + readOnly: true type: string - sizeGb: + logsPolicy: + $ref: '#/components/schemas/LogsPolicy' + description: Log preservation policy for the Job. + taskGroups: + items: + $ref: '#/components/schemas/TaskGroup' + type: array description: >- - Disk size in GB. **Non-Boot Disk**: If the `type` specifies a - persistent disk, this field is ignored if `data_source` is set as - `image` or `snapshot`. If the `type` specifies a local SSD, this - field should be a multiple of 375 GB, otherwise, the final size will - be the next greater multiple of 375 GB. **Boot Disk**: Batch will - calculate the boot disk size based on source image and task - requirements if you do not speicify the size. If both this field and - the `boot_disk_mib` field in task spec's `compute_resource` are - defined, Batch will only honor this field. Also, this field should - be no smaller than the source disk's size when the `data_source` is - set as `snapshot` or `image`. For example, if you set an image as - the `data_source` field and the image's default disk size 30 GB, you - can only use this field to make the disk larger or equal to 30 GB. - type: string + Required. TaskGroups in the Job. Only one TaskGroup is supported + now. + priority: format: int64 - diskInterface: description: >- - Local SSDs are available through both "SCSI" and "NVMe" interfaces. - If not indicated, "NVMe" will be the default one for local ssds. - This field is ignored for persistent disks as the interface is - chosen automatically. See - https://cloud.google.com/compute/docs/disks/persistent-disks#choose_an_interface. + Priority of the Job. The valid value range is [0, 100). Default + value is 0. Higher value indicates higher priority. A job with + higher priority value is more likely to run earlier if all other + requirements are satisfied. type: string - AttachedDisk: - id: AttachedDisk - description: >- - A new or an existing persistent disk (PD) or a local ssd attached to a - VM instance. + notifications: + items: + $ref: '#/components/schemas/JobNotification' + type: array + description: Notification configurations. + allocationPolicy: + $ref: '#/components/schemas/AllocationPolicy' + description: Compute resource allocation for all TaskGroups in the Job. + createTime: + readOnly: true + format: google-datetime + description: Output only. When the Job was created. + type: string + status: + readOnly: true + $ref: '#/components/schemas/JobStatus' + description: Output only. Job status. It is read only for users. + type: object + description: The Cloud Batch Job description. + id: Job + StatusEvent: type: object + description: Status event. properties: - newDisk: - $ref: '#/components/schemas/Disk' - existingDisk: - description: Name of an existing PD. + eventTime: + description: The time this event occurred. type: string - deviceName: + format: google-datetime + description: + type: string + description: Description of the event. + type: + type: string + description: Type of the event. + taskExecution: description: >- - Device name that the guest operating system will see. It is used by - Runnable.volumes field to mount disks. So please specify the - device_name if you want Batch to help mount the disk, and it should - match the device_name field in volumes. + Task Execution. This field is only defined for task-level status + events where the task fails. + $ref: '#/components/schemas/TaskExecution' + taskState: + enumDescriptions: + - Unknown state. + - The Task is created and waiting for resources. + - The Task is assigned to at least one VM. + - The Task is running. + - The Task has failed. + - The Task has succeeded. + - The Task has not been executed when the Job finishes. type: string - ServiceAccount: - id: ServiceAccount - description: Carries information about a Google Cloud service account. + enum: + - STATE_UNSPECIFIED + - PENDING + - ASSIGNED + - RUNNING + - FAILED + - SUCCEEDED + - UNEXECUTED + description: Task State. This field is only defined for task-level status events. + id: StatusEvent + CancelOperationRequest: + description: The request message for Operations.CancelOperation. + properties: {} type: object - properties: - email: - description: Email address of the service account. - type: string - scopes: - description: List of scopes to be enabled for this service account. - type: array - items: - type: string - NetworkPolicy: - id: NetworkPolicy - description: NetworkPolicy describes VM instance network configurations. + id: CancelOperationRequest + CloudLoggingOption: type: object properties: - networkInterfaces: - description: Network configurations. - type: array - items: - $ref: '#/components/schemas/NetworkInterface' - NetworkInterface: - id: NetworkInterface - description: A network interface. + useGenericTaskMonitoredResource: + type: boolean + description: >- + Optional. Set this field to `true` to change the [monitored resource + type](https://cloud.google.com/monitoring/api/resources) for Cloud + Logging logs generated by this Batch job from the + [`batch.googleapis.com/Job`](https://cloud.google.com/monitoring/api/resources#tag_batch.googleapis.com/Job) + type to the formerly used + [`generic_task`](https://cloud.google.com/monitoring/api/resources#tag_generic_task) + type. + id: CloudLoggingOption + description: >- + `CloudLoggingOption` contains additional settings for Cloud Logging logs + generated by Batch job. + AllocationPolicy: + description: >- + A Job's resource allocation policy describes when, where, and how + compute resources should be allocated for the Job. type: object properties: - network: - description: >- - The URL of an existing network resource. You can specify the network - as a full or partial URL. For example, the following are all valid - URLs: * - https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network} - * projects/{project}/global/networks/{network} * - global/networks/{network} - type: string - subnetwork: + location: + description: Location where compute resources should be allocated for the Job. + $ref: '#/components/schemas/LocationPolicy' + labels: + type: object + additionalProperties: + type: string description: >- - The URL of an existing subnetwork resource in the network. You can - specify the subnetwork as a full or partial URL. For example, the - following are all valid URLs: * - https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/subnetworks/{subnetwork} - * projects/{project}/regions/{region}/subnetworks/{subnetwork} * - regions/{region}/subnetworks/{subnetwork} - type: string - noExternalIpAddress: + Custom labels to apply to the job and all the Compute Engine + resources that both are created by this allocation policy and + support labels. Use labels to group and describe the resources they + are applied to. Batch automatically applies predefined labels and + supports multiple `labels` fields for each job, which each let you + apply custom labels to various resources. Label names that start + with "goog-" or "google-" are reserved for predefined labels. For + more information about labels with Batch, see [Organize resources + using + labels](https://cloud.google.com/batch/docs/organize-resources-using-labels). + placement: + description: The placement policy. + $ref: '#/components/schemas/PlacementPolicy' + network: + $ref: '#/components/schemas/NetworkPolicy' description: >- - Default is false (with an external IP address). Required if no - external public IP address is attached to the VM. If no external - public IP address, additional configuration is required to allow the - VM to access Google Services. See - https://cloud.google.com/vpc/docs/configure-private-google-access - and https://cloud.google.com/nat/docs/gce-example#create-nat for - more information. - type: boolean - PlacementPolicy: - id: PlacementPolicy + The network policy. If you define an instance template in the + `InstancePolicyOrTemplate` field, Batch will use the network + settings in the instance template instead of this field. + serviceAccount: + $ref: '#/components/schemas/ServiceAccount' + description: >- + Defines the service account for Batch-created VMs. If omitted, the + [default Compute Engine service + account](https://cloud.google.com/compute/docs/access/service-accounts#default_service_account) + is used. Must match the service account specified in any used + instance template configured in the Batch job. Includes the + following fields: * email: The service account's email address. If + not set, the default Compute Engine service account is used. * + scopes: Additional OAuth scopes to grant the service account, beyond + the default cloud-platform scope. (list of strings) + instances: + items: + $ref: '#/components/schemas/InstancePolicyOrTemplate' + description: >- + Describe instances that can be created by this AllocationPolicy. + Only instances[0] is supported now. + type: array + tags: + type: array + items: + type: string + description: >- + Optional. Tags applied to the VM instances. The tags identify valid + sources or targets for network firewalls. Each tag must be 1-63 + characters long, and comply with + [RFC1035](https://www.ietf.org/rfc/rfc1035.txt). + id: AllocationPolicy + Accelerator: + id: Accelerator description: >- - PlacementPolicy describes a group placement policy for the VMs - controlled by this AllocationPolicy. - type: object + Accelerator describes Compute Engine accelerators to be attached to the + VM. properties: - collocation: + type: + type: string description: >- - UNSPECIFIED vs. COLLOCATED (default UNSPECIFIED). Use COLLOCATED - when you want VMs to be located close to each other for low network - latency between the VMs. No placement policy will be generated when - collocation is UNSPECIFIED. + The accelerator type. For example, "nvidia-tesla-t4". See `gcloud + compute accelerator-types list`. + driverVersion: type: string - maxDistance: description: >- - When specified, causes the job to fail if more than max_distance - logical switches are required between VMs. Batch uses the most - compact possible placement of VMs even when max_distance is not - specified. An explicit max_distance makes that level of compactness - a strict requirement. Not yet implemented + Optional. The NVIDIA GPU driver version that should be installed for + this type. You can define the specific driver version such as + "470.103.01", following the driver version requirements in + https://cloud.google.com/compute/docs/gpus/install-drivers-gpu#minimum-driver. + Batch will install the specific accelerator driver if qualified. + installGpuDrivers: + deprecated: true + description: 'Deprecated: please use instances[0].install_gpu_drivers instead.' + type: boolean + count: + description: The number of accelerators of this type. type: string format: int64 - JobStatus: - id: JobStatus - description: Job status. + type: object + Script: + description: Script runnable. + id: Script type: object properties: - state: - description: Job state + text: type: string - enumDescriptions: - - Job state unspecified. - - >- - Job is admitted (validated and persisted) and waiting for - resources. - - >- - Job is scheduled to run as soon as resource allocation is ready. - The resource allocation may happen at a later time but with a high - chance to succeed. - - >- - Resource allocation has been successful. At least one Task in the - Job is RUNNING. - - All Tasks in the Job have finished successfully. - - At least one Task in the Job has failed. - - >- - The Job will be deleted, but has not been deleted yet. Typically - this is because resources used by the Job are still being cleaned - up. - - >- - The Job cancellation is in progress, this is because the resources - used by the Job are still being cleaned up. - - >- - The Job has been cancelled, the task executions were stopped and - the resources were cleaned up. - enum: - - STATE_UNSPECIFIED - - QUEUED - - SCHEDULED - - RUNNING - - SUCCEEDED - - FAILED - - DELETION_IN_PROGRESS - - CANCELLATION_IN_PROGRESS - - CANCELLED - statusEvents: - description: Job status events - type: array - items: - $ref: '#/components/schemas/StatusEvent' - taskGroups: description: >- - Aggregated task status for each TaskGroup in the Job. The map key is - TaskGroup ID. - type: object - additionalProperties: - $ref: '#/components/schemas/TaskGroupStatus' - runDuration: - description: The duration of time that the Job spent in status RUNNING. + The text for a script. Unless the script text supports the default + `#!/bin/sh` shell interpreter, you must specify an interpreter by + including a [shebang + line](https://en.wikipedia.org/wiki/Shebang_(Unix) at the beginning + of the text. For example, to execute the script using bash, include + `#!/bin/bash\n` at the beginning of the text. Alternatively, to + execute the script using Python3, include `#!/usr/bin/env python3\n` + at the beginning of the text. + path: + description: >- + The path to a script file that is accessible from the host VM(s). + Unless the script file supports the default `#!/bin/sh` shell + interpreter, you must specify an interpreter by including a [shebang + line](https://en.wikipedia.org/wiki/Shebang_(Unix) as the first line + of the file. For example, to execute the script using bash, include + `#!/bin/bash` as the first line of the file. Alternatively, to + execute the script using Python3, include `#!/usr/bin/env python3` + as the first line of the file. + type: string + GCS: + description: Represents a Google Cloud Storage volume. + properties: + remotePath: + description: >- + Remote path, either a bucket name or a subdirectory of a bucket, + e.g.: bucket_name, bucket_name/subdirectory/ type: string - format: google-duration - StatusEvent: - id: StatusEvent - description: Status event. type: object + id: GCS + OperationMetadata: properties: - type: - description: Type of the event. + requestedCancellation: + description: >- + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have google.longrunning.Operation.error value with a + google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. + type: boolean + readOnly: true + verb: + description: Output only. Name of the verb executed by the operation. type: string - description: - description: Description of the event. + readOnly: true + apiVersion: type: string - eventTime: - description: The time this event occurred. + readOnly: true + description: Output only. API version used to start the operation. + endTime: + description: Output only. The time the operation finished running. + readOnly: true + format: google-datetime + type: string + createTime: + readOnly: true type: string + description: Output only. The time the operation was created. format: google-datetime - taskExecution: + statusMessage: + type: string + readOnly: true + description: Output only. Human-readable status of the operation, if any. + target: description: >- - Task Execution. This field is only defined for task-level status - events where the task fails. - $ref: '#/components/schemas/TaskExecution' - taskState: - description: Task State. This field is only defined for task-level status events. + Output only. Server-defined resource path for the target of the + operation. + readOnly: true type: string - enumDescriptions: - - Unknown state. - - The Task is created and waiting for resources. - - The Task is assigned to at least one VM. - - The Task is running. - - The Task has failed. - - The Task has succeeded. - - The Task has not been executed when the Job finishes. - enum: - - STATE_UNSPECIFIED - - PENDING - - ASSIGNED - - RUNNING - - FAILED - - SUCCEEDED - - UNEXECUTED - TaskExecution: - id: TaskExecution - description: >- - This Task Execution field includes detail information for task execution - procedures, based on StatusEvent types. + description: Represents the metadata of the long-running operation. + id: OperationMetadata type: object - properties: - exitCode: - description: >- - The exit code of a finished task. If the task succeeded, the exit - code will be 0. If the task failed but not due to the following - reasons, the exit code will be 50000. Otherwise, it can be from - different sources: * Batch known failures: - https://cloud.google.com/batch/docs/troubleshooting#reserved-exit-codes. - * Batch runnable execution failures; you can rely on Batch logs to - further diagnose: - https://cloud.google.com/batch/docs/analyze-job-using-logs. If there - are multiple runnables failures, Batch only exposes the first error. - type: integer - format: int32 - TaskGroupStatus: - id: TaskGroupStatus - description: Aggregated task status for a TaskGroup. + Location: type: object properties: - counts: - description: >- - Count of task in each state in the TaskGroup. The map key is task - state name. + labels: type: object additionalProperties: type: string - format: int64 - instances: - description: Status of instances allocated for the TaskGroup. - type: array - items: - $ref: '#/components/schemas/InstanceStatus' - InstanceStatus: - id: InstanceStatus - description: VM instance status. - type: object - properties: - machineType: - description: The Compute Engine machine type. - type: string - provisioningModel: - description: The VM instance provisioning model. - type: string - enumDescriptions: - - Unspecified. - - Standard VM. - - SPOT VM. - - >- - Preemptible VM (PVM). Above SPOT VM is the preferable model for - preemptible VM instances: the old preemptible VM model (indicated - by this field) is the older model, and has been migrated to use - the SPOT model as the underlying technology. This old model will - still be supported. - - >- - Bound to the lifecycle of the reservation in which it is - provisioned. - enumDeprecated: - - false - - false - - false - - true - - false - enum: - - PROVISIONING_MODEL_UNSPECIFIED - - STANDARD - - SPOT - - PREEMPTIBLE - - RESERVATION_BOUND - taskPack: - description: The max number of tasks can be assigned to this instance type. + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + displayName: type: string - format: int64 - bootDisk: - description: The VM boot disk. - $ref: '#/components/schemas/Disk' - LogsPolicy: - id: LogsPolicy - description: >- - LogsPolicy describes if and how a job's logs are preserved. Logs include - information that is automatically written by the Batch service agent and - any information that you configured the job's runnables to write to the - `stdout` or `stderr` streams. - type: object - properties: - destination: - description: If and where logs should be saved. + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + name: type: string - enumDescriptions: - - (Default) Logs are not preserved. - - >- - Logs are streamed to Cloud Logging. Optionally, you can configure - additional settings in the `cloudLoggingOption` field. - - Logs are saved to the file path specified in the `logsPath` field. - enum: - - DESTINATION_UNSPECIFIED - - CLOUD_LOGGING - - PATH - logsPath: description: >- - When `destination` is set to `PATH`, you must set this field to the - path where you want logs to be saved. This path can point to a local - directory on the VM or (if congifured) a directory under the mount - path of any Cloud Storage bucket, network file system (NFS), or - writable persistent disk that is mounted to the job. For example, if - the job has a bucket with `mountPath` set to `/mnt/disks/my-bucket`, - you can write logs to the root directory of the `remotePath` of that - bucket by setting this field to `/mnt/disks/my-bucket/`. + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + locationId: type: string - cloudLoggingOption: + description: 'The canonical id for this location. For example: `"us-east1"`.' + metadata: description: >- - Optional. When `destination` is set to `CLOUD_LOGGING`, you can - optionally set this field to configure additional settings for Cloud - Logging. - $ref: '#/components/schemas/CloudLoggingOption' - CloudLoggingOption: - id: CloudLoggingOption - description: >- - `CloudLoggingOption` contains additional settings for Cloud Logging logs - generated by Batch job. - type: object + Service-specific metadata. For example the available capacity at the + given location. + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + id: Location + description: A resource that represents a Google Cloud location. + TaskSpec: properties: - useGenericTaskMonitoredResource: + maxRetryCount: + format: int32 + type: integer description: >- - Optional. Set this field to `true` to change the [monitored resource - type](https://cloud.google.com/monitoring/api/resources) for Cloud - Logging logs generated by this Batch job from the - [`batch.googleapis.com/Job`](https://cloud.google.com/monitoring/api/resources#tag_batch.googleapis.com/Job) - type to the formerly used - [`generic_task`](https://cloud.google.com/monitoring/api/resources#tag_generic_task) - type. - type: boolean - JobNotification: - id: JobNotification - description: Notification configurations. - type: object - properties: - pubsubTopic: + Maximum number of retries on failures. The default, 0, which means + never retry. The valid value range is [0, 10]. + runnables: description: >- - The Pub/Sub topic where notifications for the job, like state - changes, will be published. If undefined, no Pub/Sub notifications - are sent for this job. Specify the topic using the following format: - `projects/{project}/topics/{topic}`. Notably, if you want to specify - a Pub/Sub topic that is in a different project than the job, your - administrator must grant your project's Batch service agent - permission to publish to that topic. For more information about - configuring Pub/Sub notifications for a job, see - https://cloud.google.com/batch/docs/enable-notifications. + Required. The sequence of one or more runnables (executable scripts, + executable containers, and/or barriers) for each task in this task + group to run. Each task runs this list of runnables in order. For a + task to succeed, all of its script and container runnables each must + meet at least one of the following conditions: + The runnable exited + with a zero status. + The runnable didn't finish, but you enabled + its `background` subfield. + The runnable exited with a non-zero + status, but you enabled its `ignore_exit_status` subfield. + items: + $ref: '#/components/schemas/Runnable' + type: array + volumes: + type: array + items: + $ref: '#/components/schemas/Volume' + description: Volumes to mount before running Tasks using this TaskSpec. + maxRunDuration: type: string - message: + format: google-duration description: >- - The attribute requirements of messages to be sent to this Pub/Sub - topic. Without this field, no message will be sent. - $ref: '#/components/schemas/Message' - Message: - id: Message - description: >- - Message details. Describe the conditions under which messages will be - sent. If no attribute is defined, no message will be sent by default. - One message should specify either the job or the task level attributes, - but not both. For example, job level: JOB_STATE_CHANGED and/or a - specified new_job_state; task level: TASK_STATE_CHANGED and/or a - specified new_task_state. - type: object - properties: - type: - description: The message type. - type: string - enumDescriptions: - - Unspecified. - - Notify users that the job state has changed. - - Notify users that the task state has changed. - enum: - - TYPE_UNSPECIFIED - - JOB_STATE_CHANGED - - TASK_STATE_CHANGED - newJobState: - description: The new job state. - type: string - enumDescriptions: - - Job state unspecified. - - >- - Job is admitted (validated and persisted) and waiting for - resources. - - >- - Job is scheduled to run as soon as resource allocation is ready. - The resource allocation may happen at a later time but with a high - chance to succeed. - - >- - Resource allocation has been successful. At least one Task in the - Job is RUNNING. - - All Tasks in the Job have finished successfully. - - At least one Task in the Job has failed. - - >- - The Job will be deleted, but has not been deleted yet. Typically - this is because resources used by the Job are still being cleaned - up. - - >- - The Job cancellation is in progress, this is because the resources - used by the Job are still being cleaned up. - - >- - The Job has been cancelled, the task executions were stopped and - the resources were cleaned up. - enum: - - STATE_UNSPECIFIED - - QUEUED - - SCHEDULED - - RUNNING - - SUCCEEDED - - FAILED - - DELETION_IN_PROGRESS - - CANCELLATION_IN_PROGRESS - - CANCELLED - newTaskState: - description: The new task state. - type: string - enumDescriptions: - - Unknown state. - - The Task is created and waiting for resources. - - The Task is assigned to at least one VM. - - The Task is running. - - The Task has failed. - - The Task has succeeded. - - The Task has not been executed when the Job finishes. - enum: - - STATE_UNSPECIFIED - - PENDING - - ASSIGNED - - RUNNING - - FAILED - - SUCCEEDED - - UNEXECUTED - CancelJobRequest: - id: CancelJobRequest - description: CancelJob Request. + Maximum duration the task should run before being automatically + retried (if enabled) or automatically failed. Format the value of + this field as a time limit in seconds followed by `s`—for example, + `3600s` for 1 hour. The field accepts any value between 0 and the + maximum listed for the `Duration` field type at + https://protobuf.dev/reference/protobuf/google.protobuf/#duration; + however, the actual maximum run time for a job will be limited to + the maximum run time for a job listed at + https://cloud.google.com/batch/quotas#max-job-duration. + lifecyclePolicies: + items: + $ref: '#/components/schemas/LifecyclePolicy' + description: >- + Lifecycle management schema when any task in a task group is failed. + Currently we only support one lifecycle policy. When the lifecycle + policy condition is met, the action in the policy will execute. If + task execution result does not meet with the defined lifecycle + policy, we consider it as the default policy. Default policy means + if the exit code is 0, exit task. If task ends with non-zero exit + code, retry the task with max_retry_count. + type: array + computeResource: + $ref: '#/components/schemas/ComputeResource' + description: ComputeResource requirements. + environment: + $ref: '#/components/schemas/Environment' + description: Environment variables to set before running the Task. + environments: + deprecated: true + additionalProperties: + type: string + type: object + description: 'Deprecated: please use environment(non-plural) instead.' type: object + description: Spec of a task + id: TaskSpec + CancelJobRequest: properties: requestId: + type: string description: >- Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server @@ -1504,200 +1433,142 @@ components: creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000). - type: string - ListJobsResponse: - id: ListJobsResponse - description: ListJob Response. type: object - properties: - jobs: - description: Jobs. - type: array - items: - $ref: '#/components/schemas/Job' - nextPageToken: - description: Next page token. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string + description: CancelJob Request. + id: CancelJobRequest Task: - id: Task - description: A Cloud Batch task. - type: object properties: name: + type: string description: >- Task name. The name is generated from the parent TaskGroup name and 'id' field. For example: "projects/123456/locations/us-west1/jobs/job01/taskGroups/group01/tasks/task01". - type: string status: description: Task Status. $ref: '#/components/schemas/TaskStatus' - TaskStatus: - id: TaskStatus - description: Status of a task. + id: Task type: object + description: A Cloud Batch task. + Operation: + description: >- + This resource represents a long-running operation that is the result of + a network API call. + id: Operation properties: - state: - description: Task state. + response: + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + error: + $ref: '#/components/schemas/Status' + description: >- + The error result of the operation in case of failure or + cancellation. + metadata: + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + name: type: string - enumDescriptions: - - Unknown state. - - The Task is created and waiting for resources. - - The Task is assigned to at least one VM. - - The Task is running. - - The Task has failed. - - The Task has succeeded. - - The Task has not been executed when the Job finishes. - enum: - - STATE_UNSPECIFIED - - PENDING - - ASSIGNED - - RUNNING - - FAILED - - SUCCEEDED - - UNEXECUTED - statusEvents: - description: Detailed info about why the state is reached. - type: array - items: - $ref: '#/components/schemas/StatusEvent' - ListTasksResponse: - id: ListTasksResponse - description: ListTasks Response. + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: object + ServiceAccount: properties: - tasks: - description: Tasks. - type: array - items: - $ref: '#/components/schemas/Task' - nextPageToken: - description: Next page token. + email: type: string - unreachable: - description: Locations that could not be reached. + description: Email address of the service account. + scopes: type: array items: type: string - ReportAgentStateRequest: - id: ReportAgentStateRequest - description: >- - Request to report agent's state. The Request itself implies the agent is - healthy. + description: List of scopes to be enabled for this service account. type: object - properties: - metadata: - description: Agent metadata. - $ref: '#/components/schemas/AgentMetadata' - agentInfo: - description: Agent info. - $ref: '#/components/schemas/AgentInfo' - agentTimingInfo: - description: Agent timing info. - $ref: '#/components/schemas/AgentTimingInfo' - AgentMetadata: - id: AgentMetadata - description: VM Agent Metadata. + description: Carries information about a Google Cloud service account. + id: ServiceAccount + TaskExecution: + id: TaskExecution type: object + description: >- + This Task Execution field includes detail information for task execution + procedures, based on StatusEvent types. properties: - zone: - description: Agent zone. - type: string - instance: - description: GCP instance name (go/instance-name). - type: string - instanceId: - description: GCP instance ID (go/instance-id). - type: string - format: uint64 - creationTime: - description: When the VM agent started. Use agent_startup_time instead. - deprecated: true - type: string - format: google-datetime - creator: + exitCode: description: >- - Full name of the entity that created this vm. For MIG, this path is: - projects/{project}/regions/{region}/InstanceGroupManagers/{igm} The - value is retrieved from the vm metadata key of "created-by". - type: string - version: - description: agent binary version running on VM - type: string - osRelease: - description: parsed contents of /etc/os-release - type: object - additionalProperties: - type: string - imageVersion: - description: image version for the VM that this agent is installed on. - type: string - instancePreemptionNoticeReceived: - description: If the GCP instance has received preemption notice. - type: boolean - machineType: - description: Optional. machine type of the VM - type: string - AgentInfo: - id: AgentInfo - description: VM Agent Info. - type: object + The exit code of a finished task. If the task succeeded, the exit + code will be 0. If the task failed but not due to the following + reasons, the exit code will be 50000. Otherwise, it can be from + different sources: * Batch known failures: + https://cloud.google.com/batch/docs/troubleshooting#reserved-exit-codes. + * Batch runnable execution failures; you can rely on Batch logs to + further diagnose: + https://cloud.google.com/batch/docs/analyze-job-using-logs. If there + are multiple runnables failures, Batch only exposes the first error. + type: integer + format: int32 + NFS: + description: Represents an NFS volume. properties: - state: - description: Agent state. - type: string - enumDescriptions: - - Unspecified state. - - The agent is starting on the VM instance. - - >- - The agent is running. The agent in the RUNNING state can never go - back to the STARTING state. - - The agent has stopped, either on request or due to a failure. - enum: - - AGENT_STATE_UNSPECIFIED - - AGENT_STARTING - - AGENT_RUNNING - - AGENT_STOPPED - jobId: - description: Optional. The assigned Job ID - type: string - tasks: - description: Task Info. - type: array - items: - $ref: '#/components/schemas/AgentTaskInfo' - reportTime: - description: When the AgentInfo is generated. + remotePath: type: string - format: google-datetime - taskGroupId: - description: The assigned task group ID. + description: Remote source path exported from the NFS, e.g., "/share". + server: type: string - AgentTaskInfo: - id: AgentTaskInfo - description: Task Info + description: The IP address of the NFS. + id: NFS + type: object + Environment: type: object + id: Environment properties: - taskId: - description: ID of the Task - type: string - taskStatus: + secretVariables: + type: object description: >- - The status of the Task. If we need agent specific fields we should - fork the public TaskStatus into an agent specific one. Or add them - below. - $ref: '#/components/schemas/TaskStatus' - runnable: + A map of environment variable names to Secret Manager secret names. + The VM will access the named secrets to set the value of each + environment variable. + additionalProperties: + type: string + encryptedVariables: + $ref: '#/components/schemas/KMSEnvMap' description: >- - The highest index of a runnable started by the agent for this task. - The runnables are indexed from 1. Value 0 is undefined. - type: string - format: int64 + An encrypted JSON dictionary where the key/value pairs correspond to + environment variable names and their values. + variables: + additionalProperties: + type: string + description: A map of environment variable names to values. + type: object + description: >- + An Environment describes a collection of environment variables to set + when executing Tasks. AgentTimingInfo: id: AgentTimingInfo description: VM timing information @@ -1709,157 +1580,228 @@ components: format: google-datetime scriptStartupTime: description: Startup time of the Batch VM script. - type: string format: google-datetime + type: string agentStartupTime: - description: Agent startup time type: string + description: Agent startup time format: google-datetime - ReportAgentStateResponse: - id: ReportAgentStateResponse - description: Response to ReportAgentStateRequest. + Runnable: + id: Runnable type: object properties: - tasks: - description: Tasks assigned to the agent - type: array - items: - $ref: '#/components/schemas/AgentTask' - minReportInterval: - description: Minimum report interval override + script: + $ref: '#/components/schemas/Script' + description: Script runnable. + labels: + additionalProperties: + type: string + description: Labels for this Runnable. + type: object + environment: + description: >- + Environment variables for this Runnable (overrides variables set for + the whole Task or TaskGroup). + $ref: '#/components/schemas/Environment' + background: + type: boolean + description: >- + Normally, a runnable that doesn't exit causes its task to fail. + However, you can set this field to `true` to configure a background + runnable. Background runnables are allowed continue running in the + background while the task executes subsequent runnables. For + example, background runnables are useful for providing services to + other runnables or providing debugging-support tools like SSH + servers. Specifically, background runnables are killed automatically + (if they have not already exited) a short time after all foreground + runnables have completed. Even though this is likely to result in a + non-zero exit status for the background runnable, these automatic + kills are not treated as task failures. + container: + description: Container runnable. + $ref: '#/components/schemas/Container' + alwaysRun: + type: boolean + description: >- + By default, after a Runnable fails, no further Runnable are + executed. This flag indicates that this Runnable must be run even if + the Task has already failed. This is useful for Runnables that copy + output files off of the VM or for debugging. The always_run flag + does not override the Task's overall max_run_duration. If the + max_run_duration has expired then no further Runnables will execute, + not even always_run Runnables. + timeout: type: string format: google-duration - defaultReportInterval: - description: Default report interval override + description: Timeout for this Runnable. + barrier: + description: Barrier runnable. + $ref: '#/components/schemas/Barrier' + displayName: + description: >- + Optional. DisplayName is an optional field that can be provided by + the caller. If provided, it will be used in logs and other outputs + to identify the script, making it easier for users to understand the + logs. If not provided the index of the runnable will be used for + outputs. type: string - format: google-duration - useBatchMonitoredResource: + ignoreExitStatus: description: >- - If true, the cloud logging for batch agent will use - batch.googleapis.com/Job as monitored resource for Batch job related - logging. + Normally, a runnable that returns a non-zero exit status fails and + causes the task to fail. However, you can set this field to `true` + to allow the task to continue executing its other runnables even if + this runnable fails. type: boolean - AgentTask: - id: AgentTask description: >- - TODO(b/182501497) The message needs to be redefined when the Agent API - server updates data in storage per the backend design. + Runnable describes instructions for executing a specific script or + container as part of a Task. + TaskStatus: type: object properties: - task: - description: Task name. - type: string - spec: - description: >- - Task Spec. This field will be replaced by agent_task_spec below in - future. - $ref: '#/components/schemas/TaskSpec' - agentTaskSpec: - description: >- - AgentTaskSpec is the taskSpec representation between Agent and CLH - communication. This field will replace the TaskSpec field above in - future to have a better separation between user-facaing API and - internal API. - $ref: '#/components/schemas/AgentTaskSpec' - status: - description: Task status. - $ref: '#/components/schemas/TaskStatus' - intendedState: - description: The intended state of the task. + statusEvents: + description: Detailed info about why the state is reached. + type: array + items: + $ref: '#/components/schemas/StatusEvent' + state: type: string + description: Task state. enumDescriptions: - - Unspecified state. - - Assigned state (includes running and finished). - - The agent should cancel the execution of this task. - - Delete task from agent storage, stop reporting its state. + - Unknown state. + - The Task is created and waiting for resources. + - The Task is assigned to at least one VM. + - The Task is running. + - The Task has failed. + - The Task has succeeded. + - The Task has not been executed when the Job finishes. enum: - - INTENDED_STATE_UNSPECIFIED + - STATE_UNSPECIFIED + - PENDING - ASSIGNED - - CANCELLED - - DELETED - reachedBarrier: - description: The highest barrier reached by all tasks in the task's TaskGroup. + - RUNNING + - FAILED + - SUCCEEDED + - UNEXECUTED + description: Status of a task. + id: TaskStatus + Container: + id: Container + properties: + commands: + items: + type: string + description: >- + Required for some container images. Overrides the `CMD` specified in + the container. If there is an `ENTRYPOINT` (either in the container + image or with the `entrypoint` field below) then these commands are + appended as arguments to the `ENTRYPOINT`. + type: array + entrypoint: + description: >- + Required for some container images. Overrides the `ENTRYPOINT` + specified in the container. type: string - format: int64 - taskSource: - description: TaskSource represents the source of the task. + username: type: string - enumDescriptions: - - Unspecified task source. - - >- - The AgentTask from this source is generated by Batch server. E.g. - all the VMActions are from this source. When Batch Agent execute - AgentTask from BATCH_INTERNAL, it will log stdout/err with - "batch_agent_logs" log name. - - >- - The AgentTask from this source is provided by Batch users. When - Batch Agent execute AgentTask from USER, it will log stdout/err - with "batch_task_logs" log name. - enum: - - TASK_SOURCE_UNSPECIFIED - - BATCH_INTERNAL - - USER - AgentTaskSpec: - id: AgentTaskSpec - description: >- - AgentTaskSpec is the user's TaskSpec representation between Agent and - CLH communication. - type: object - properties: - runnables: - description: AgentTaskRunnable is runanbles that will be executed on the agent. + description: >- + Required if the container image is from a private Docker registry. + The username to login to the Docker registry that contains the + image. You can either specify the username directly by using plain + text or specify an encrypted username by using a Secret Manager + secret: `projects/*/secrets/*/versions/*`. However, using a secret + is recommended for enhanced security. Caution: If you specify the + username using plain text, you risk the username being exposed to + any users who can view the job or its logs. To avoid this risk, + specify a secret that contains the username instead. Learn more + about [Secret + Manager](https://cloud.google.com/secret-manager/docs/) and [using + Secret Manager with + Batch](https://cloud.google.com/batch/docs/create-run-job-secret-manager). + enableImageStreaming: + description: >- + Optional. If set to true, this container runnable uses Image + streaming. Use Image streaming to allow the runnable to initialize + without waiting for the entire container image to download, which + can significantly reduce startup time for large container images. + When `enableImageStreaming` is set to true, the container runtime is + [containerd](https://containerd.io/) instead of Docker. + Additionally, this container runnable only supports the following + `container` subfields: `imageUri`, `commands[]`, `entrypoint`, and + `volumes[]`; any other `container` subfields are ignored. For more + information about the requirements and limitations for using Image + streaming with Batch, see the [`image-streaming` sample on + GitHub](https://github.com/GoogleCloudPlatform/batch-samples/tree/main/api-samples/image-streaming). + type: boolean + imageUri: + type: string + description: Required. The URI to pull the container image from. + volumes: type: array + description: >- + Volumes to mount (bind mount) from the host machine files or + directories into the container, formatted to match `--volume` option + for the `docker run` command—for example, `/foo:/bar` or + `/foo:/bar:ro`. If the `TaskSpec.Volumes` field is specified but + this field is not, Batch will mount each volume from the host + machine to the container with the same mount path by default. In + this case, the default mount option for containers will be read-only + (`ro`) for existing persistent disks and read-write (`rw`) for other + volume types, regardless of the original mount options specified in + `TaskSpec.Volumes`. If you need different mount settings, you can + explicitly configure them in this field. items: - $ref: '#/components/schemas/AgentTaskRunnable' - maxRunDuration: + type: string + password: description: >- - Maximum duration the task should run before being automatically - retried (if enabled) or automatically failed. Format the value of - this field as a time limit in seconds followed by `s`—for example, - `3600s` for 1 hour. The field accepts any value between 0 and the - maximum listed for the `Duration` field type at - https://protobuf.dev/reference/protobuf/google.protobuf/#duration; - however, the actual maximum run time for a job will be limited to - the maximum run time for a job listed at - https://cloud.google.com/batch/quotas#max-job-duration. + Required if the container image is from a private Docker registry. + The password to login to the Docker registry that contains the + image. For security, it is strongly recommended to specify an + encrypted password by using a Secret Manager secret: + `projects/*/secrets/*/versions/*`. Warning: If you specify the + password using plain text, you risk the password being exposed to + any users who can view the job or its logs. To avoid this risk, + specify a secret that contains the password instead. Learn more + about [Secret + Manager](https://cloud.google.com/secret-manager/docs/) and [using + Secret Manager with + Batch](https://cloud.google.com/batch/docs/create-run-job-secret-manager). type: string - format: google-duration - environment: - description: Environment variables to set before running the Task. - $ref: '#/components/schemas/AgentEnvironment' - userAccount: + blockExternalNetwork: description: >- - User account on the VM to run the runnables in the agentTaskSpec. If - not set, the runnable will be run under root user. - $ref: '#/components/schemas/AgentTaskUserAccount' - loggingOption: - description: Logging option for the task. - $ref: '#/components/schemas/AgentTaskLoggingOption' + If set to true, external network access to and from container will + be blocked, containers that are with block_external_network as true + can still communicate with each other, network cannot be specified + in the `container.options` field. + type: boolean + options: + description: >- + Required for some container images. Arbitrary additional options to + include in the `docker run` command when running this container—for + example, `--network host`. For the `--volume` option, use the + `volumes` field for the container. + type: string + type: object + description: Container runnable. AgentTaskRunnable: - id: AgentTaskRunnable description: >- AgentTaskRunnable is the Runnable representation between Agent and CLH communication. - type: object + id: AgentTaskRunnable properties: - container: - description: Container runnable. - $ref: '#/components/schemas/AgentContainer' - script: - description: Script runnable. - $ref: '#/components/schemas/AgentScript' - ignoreExitStatus: - description: >- - Normally, a non-zero exit status causes the Task to fail. This flag - allows execution of other Runnables to continue instead. - type: boolean background: + type: boolean description: >- This flag allows a Runnable to continue running in the background while the Task executes subsequent Runnables. This is useful to provide services to other Runnables (or to provide debugging support tools like SSH servers). - type: boolean + timeout: + format: google-duration + type: string + description: Timeout for this Runnable. + container: + description: Container runnable. + $ref: '#/components/schemas/AgentContainer' alwaysRun: description: >- By default, after a Runnable fails, no further Runnable are @@ -1870,119 +1812,128 @@ components: max_run_duration has expired then no further Runnables will execute, not even always_run Runnables. type: boolean + ignoreExitStatus: + description: >- + Normally, a non-zero exit status causes the Task to fail. This flag + allows execution of other Runnables to continue instead. + type: boolean environment: description: >- Environment variables for this Runnable (overrides variables set for the whole Task or TaskGroup). $ref: '#/components/schemas/AgentEnvironment' - timeout: - description: Timeout for this Runnable. - type: string - format: google-duration - AgentContainer: - id: AgentContainer - description: Container runnable representation on the agent side. + script: + description: Script runnable. + $ref: '#/components/schemas/AgentScript' type: object + Empty: + id: Empty + type: object + properties: {} + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + Message: + id: Message properties: - imageUri: - description: The URI to pull the container image from. + newTaskState: type: string - commands: - description: >- - Overrides the `CMD` specified in the container. If there is an - ENTRYPOINT (either in the container image or with the entrypoint - field below) then commands are appended as arguments to the - ENTRYPOINT. - type: array - items: - type: string - entrypoint: - description: Overrides the `ENTRYPOINT` specified in the container. + enumDescriptions: + - Unknown state. + - The Task is created and waiting for resources. + - The Task is assigned to at least one VM. + - The Task is running. + - The Task has failed. + - The Task has succeeded. + - The Task has not been executed when the Job finishes. + enum: + - STATE_UNSPECIFIED + - PENDING + - ASSIGNED + - RUNNING + - FAILED + - SUCCEEDED + - UNEXECUTED + description: The new task state. + newJobState: type: string - volumes: - description: >- - Volumes to mount (bind mount) from the host machine files or - directories into the container, formatted to match docker run's - --volume option, e.g. /foo:/bar, or /foo:/bar:ro - type: array - items: - type: string - options: - description: >- - Arbitrary additional options to include in the "docker run" command - when running this container, e.g. "--network host". + enum: + - STATE_UNSPECIFIED + - QUEUED + - SCHEDULED + - RUNNING + - SUCCEEDED + - FAILED + - DELETION_IN_PROGRESS + - CANCELLATION_IN_PROGRESS + - CANCELLED + enumDescriptions: + - Job state unspecified. + - >- + Job is admitted (validated and persisted) and waiting for + resources. + - >- + Job is scheduled to run as soon as resource allocation is ready. + The resource allocation may happen at a later time but with a high + chance to succeed. + - >- + Resource allocation has been successful. At least one Task in the + Job is RUNNING. + - All Tasks in the Job have finished successfully. + - At least one Task in the Job has failed. + - >- + The Job will be deleted, but has not been deleted yet. Typically + this is because resources used by the Job are still being cleaned + up. + - >- + The Job cancellation is in progress, this is because the resources + used by the Job are still being cleaned up. + - >- + The Job has been cancelled, the task executions were stopped and + the resources were cleaned up. + description: The new job state. + type: + enumDescriptions: + - Unspecified. + - Notify users that the job state has changed. + - Notify users that the task state has changed. + enum: + - TYPE_UNSPECIFIED + - JOB_STATE_CHANGED + - TASK_STATE_CHANGED + description: The message type. type: string - AgentScript: - id: AgentScript - description: Script runnable representation on the agent side. type: object - properties: - path: - description: >- - Script file path on the host VM. To specify an interpreter, please - add a `#!`(also known as [shebang - line](https://en.wikipedia.org/wiki/Shebang_(Unix))) as the first - line of the file.(For example, to execute the script using bash, - `#!/bin/bash` should be the first line of the file. To execute the - script using`Python3`, `#!/usr/bin/env python3` should be the first - line of the file.) Otherwise, the file will by default be executed - by `/bin/sh`. - type: string - text: - description: >- - Shell script text. To specify an interpreter, please add a `#!\n` at - the beginning of the text.(For example, to execute the script using - bash, `#!/bin/bash\n` should be added. To execute the script - using`Python3`, `#!/usr/bin/env python3\n` should be added.) - Otherwise, the script will by default be executed by `/bin/sh`. - type: string - AgentEnvironment: - id: AgentEnvironment description: >- - AgentEnvironment is the Environment representation between Agent and CLH - communication. The environment is used in both task level and agent - level. + Message details. Describe the conditions under which messages will be + sent. If no attribute is defined, no message will be sent by default. + One message should specify either the job or the task level attributes, + but not both. For example, job level: JOB_STATE_CHANGED and/or a + specified new_job_state; task level: TASK_STATE_CHANGED and/or a + specified new_task_state. + LocationPolicy: type: object properties: - variables: - description: A map of environment variable names to values. - type: object - additionalProperties: - type: string - secretVariables: - description: >- - A map of environment variable names to Secret Manager secret names. - The VM will access the named secrets to set the value of each - environment variable. - type: object - additionalProperties: + allowedLocations: + items: type: string - encryptedVariables: - description: >- - An encrypted JSON dictionary where the key/value pairs correspond to - environment variable names and their values. - $ref: '#/components/schemas/AgentKMSEnvMap' - AgentKMSEnvMap: - id: AgentKMSEnvMap - description: >- - AgentKMSEnvMap contains the encrypted key/value pair to be used in the - environment on the Agent side. - type: object - properties: - keyName: + type: array description: >- - The name of the KMS key that will be used to decrypt the cipher - text. - type: string - cipherText: - description: The value of the cipherText response from the `encrypt` method. - type: string + A list of allowed location names represented by internal URLs. Each + location can be a region or a zone. Only one region or multiple + zones in one region is supported now. For example, + ["regions/us-central1"] allow VMs in any zones in region + us-central1. ["zones/us-central1-a", "zones/us-central1-c"] only + allow VMs in zones us-central1-a and us-central1-c. Mixing locations + from different regions would cause errors. For example, + ["regions/us-central1", "zones/us-central1-a", + "zones/us-central1-b", "zones/us-west1-a"] contains locations from + two distinct regions: us-central1 and us-west1. This combination + will trigger an error. + id: LocationPolicy AgentTaskUserAccount: - id: AgentTaskUserAccount - description: >- - AgentTaskUserAccount contains the information of a POSIX account on the - guest os which is used to execute the runnables. - type: object properties: uid: description: >- @@ -1996,135 +1947,181 @@ components: to the user account. type: string format: int64 - AgentTaskLoggingOption: - id: AgentTaskLoggingOption - description: AgentTaskLoggingOption contains the options for the logging of the task. + id: AgentTaskUserAccount + description: >- + AgentTaskUserAccount contains the information of a POSIX account on the + guest os which is used to execute the runnables. type: object + JobStatus: + description: Job status. properties: - labels: - description: >- - Labels to be added to the log entry. Now only cloud logging is - supported. + taskGroups: type: object + description: >- + Aggregated task status for each TaskGroup in the Job. The map key is + TaskGroup ID. additionalProperties: - type: string - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. + $ref: '#/components/schemas/TaskGroupStatus' + runDuration: + type: string + format: google-duration + description: The duration of time that the Job spent in status RUNNING. + state: + enum: + - STATE_UNSPECIFIED + - QUEUED + - SCHEDULED + - RUNNING + - SUCCEEDED + - FAILED + - DELETION_IN_PROGRESS + - CANCELLATION_IN_PROGRESS + - CANCELLED + enumDescriptions: + - Job state unspecified. + - >- + Job is admitted (validated and persisted) and waiting for + resources. + - >- + Job is scheduled to run as soon as resource allocation is ready. + The resource allocation may happen at a later time but with a high + chance to succeed. + - >- + Resource allocation has been successful. At least one Task in the + Job is RUNNING. + - All Tasks in the Job have finished successfully. + - At least one Task in the Job has failed. + - >- + The Job will be deleted, but has not been deleted yet. Typically + this is because resources used by the Job are still being cleaned + up. + - >- + The Job cancellation is in progress, this is because the resources + used by the Job are still being cleaned up. + - >- + The Job has been cancelled, the task executions were stopped and + the resources were cleaned up. + description: Job state + type: string + statusEvents: + description: Job status events + type: array + items: + $ref: '#/components/schemas/StatusEvent' type: object + id: JobStatus + ListOperationsResponse: + id: ListOperationsResponse properties: - locations: + unreachable: + items: + type: string description: >- - A list of locations that matches the specified filter in the - request. + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. type: array + operations: items: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/Operation' + type: array + description: >- + A list of operations that matches the specified filter in the + request. nextPageToken: - description: The standard List next-page token. type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + description: The standard List next-page token. type: object + description: The response message for Operations.ListOperations. + PlacementPolicy: + id: PlacementPolicy + description: >- + PlacementPolicy describes a group placement policy for the VMs + controlled by this AllocationPolicy. properties: - name: + maxDistance: + format: int64 description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + When specified, causes the job to fail if more than max_distance + logical switches are required between VMs. Batch uses the most + compact possible placement of VMs even when max_distance is not + specified. An explicit max_distance makes that level of compactness + a strict requirement. Not yet implemented type: string - displayName: + collocation: description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + UNSPECIFIED vs. COLLOCATED (default UNSPECIFIED). Use COLLOCATED + when you want VMs to be located close to each other for low network + latency between the VMs. No placement policy will be generated when + collocation is UNSPECIFIED. type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. type: object + Disk: + id: Disk + type: object + description: >- + A new persistent disk or a local ssd. A VM can only have one local SSD + setting but multiple local SSD partitions. See + https://cloud.google.com/compute/docs/disks#pdspecs and + https://cloud.google.com/compute/docs/disks#localssds. properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + image: + description: >- + URL for a VM image to use as the data source for this disk. For + example, the following are all valid URLs: * Specify the image by + its family name: + projects/{project}/global/images/family/{image_family} * Specify the + image version: projects/{project}/global/images/{image_version} You + can also use Batch customized image in short names. The following + image values are supported for a boot disk: * `batch-debian`: use + Batch Debian images. * `batch-cos`: use Batch Container-Optimized + images. * `batch-hpc-rocky`: use Batch HPC Rocky Linux images. type: string - format: google-datetime - target: + diskInterface: description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true + Local SSDs are available through both "SCSI" and "NVMe" interfaces. + If not indicated, "NVMe" will be the default one for local ssds. + This field is ignored for persistent disks as the interface is + chosen automatically. See + https://cloud.google.com/compute/docs/disks/persistent-disks#choose_an_interface. type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true + snapshot: + description: >- + Name of a snapshot used as the data source. Snapshot is not + supported as boot disk now. type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true + type: + description: >- + Disk type as shown in `gcloud compute disk-types list`. For example, + local SSD uses type "local-ssd". Persistent disks and boot disks use + "pd-balanced", "pd-extreme", "pd-ssd" or "pd-standard". If not + specified, "pd-standard" will be used as the default type for + non-boot disks, "pd-balanced" will be used as the default type for + boot disks. type: string - requestedCancellation: + sizeGb: description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have google.longrunning.Operation.error value with a - google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + Disk size in GB. **Non-Boot Disk**: If the `type` specifies a + persistent disk, this field is ignored if `data_source` is set as + `image` or `snapshot`. If the `type` specifies a local SSD, this + field should be a multiple of 375 GB, otherwise, the final size will + be the next greater multiple of 375 GB. **Boot Disk**: Batch will + calculate the boot disk size based on source image and task + requirements if you do not speicify the size. If both this field and + the `boot_disk_mib` field in task spec's `compute_resource` are + defined, Batch will only honor this field. Also, this field should + be no smaller than the source disk's size when the `data_source` is + set as `snapshot` or `image`. For example, if you set an image as + the `data_source` field and the image's default disk size 30 GB, you + can only use this field to make the disk larger or equal to 30 GB. type: string + format: int64 parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: fields + name: uploadType schema: type: string key: @@ -2142,12 +2139,30 @@ components: name: oauth_token schema: type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + callback: + description: JSONP + in: query + name: callback + schema: + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -2157,18 +2172,16 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + alt: + description: Data format for response. in: query - name: uploadType + name: alt schema: type: string + enum: + - json + - media + - proto _.xgafv: description: V1 error format. in: query @@ -2178,6 +2191,12 @@ components: enum: - '1' - '2' + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string x-stackQL-resources: locations: id: google.batch.locations @@ -2205,69 +2224,54 @@ components: update: [] replace: [] delete: [] - operations: - id: google.batch.operations - name: operations - title: Operations + tasks: + id: google.batch.tasks + name: tasks + title: Tasks methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}~1taskGroups~1{taskGroupsId}~1tasks~1{tasksId}/get response: mediaType: application/json openAPIDocKey: '200' - cancel: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}~1taskGroups~1{taskGroupsId}~1tasks/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.tasks sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' + - $ref: '#/components/x-stackQL-resources/tasks/methods/get' + - $ref: '#/components/x-stackQL-resources/tasks/methods/list' insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + delete: [] jobs: id: google.batch.jobs name: jobs title: Jobs methods: - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs/get response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.jobs + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.jobs get: operation: $ref: >- @@ -2299,66 +2303,81 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/jobs/methods/delete' - tasks: - id: google.batch.tasks - name: tasks - title: Tasks + agent_state_report: + id: google.batch.agent_state_report + name: agent_state_report + title: Agent_state_report methods: - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}~1taskGroups~1{taskGroupsId}~1tasks~1{tasksId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - list: + report: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}~1taskGroups~1{taskGroupsId}~1tasks/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1state:report/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tasks sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/tasks/methods/get' - - $ref: '#/components/x-stackQL-resources/tasks/methods/list' + select: [] insert: [] update: [] replace: [] delete: [] - agent_state_report: - id: google.batch.agent_state_report - name: agent_state_report - title: Agent_state_report + operations: + id: google.batch.operations + name: operations + title: Operations methods: - report: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1state:report/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' insert: [] update: [] replace: [] - delete: [] + delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' paths: /v1/projects/{projectsId}/locations: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/access_token' get: description: Lists information about the supported locations for this service. operationId: batch.projects.locations.list @@ -2381,7 +2400,11 @@ paths: schema: type: string - in: query - name: filter + name: pageToken + schema: + type: string + - in: query + name: extraLocationTypes schema: type: string - in: query @@ -2390,11 +2413,7 @@ paths: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes + name: filter schema: type: string /v1/projects/{projectsId}/locations/{locationsId}: @@ -2425,92 +2444,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: batch.projects.locations.operations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListOperationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}/taskGroups/{taskGroupsId}/tasks/{tasksId}: parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: batch.projects.locations.operations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: batch.projects.locations.operations.delete + description: Return a single Task. + operationId: batch.projects.locations.jobs.taskGroups.tasks.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2522,7 +2460,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Task' parameters: - in: path name: projectsId @@ -2535,29 +2473,25 @@ paths: schema: type: string - in: path - name: operationsId + name: jobsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + - in: path + name: taskGroupsId + required: true + schema: + type: string + - in: path + name: tasksId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}/taskGroups/{taskGroupsId}/tasks: parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: batch.projects.locations.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + get: + description: List Tasks associated with a job. + operationId: batch.projects.locations.jobs.taskGroups.tasks.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2569,7 +2503,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListTasksResponse' parameters: - in: path name: projectsId @@ -2582,20 +2516,33 @@ paths: schema: type: string - in: path - name: operationsId + name: jobsId + required: true + schema: + type: string + - in: path + name: taskGroupsId required: true schema: type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 /v1/projects/{projectsId}/locations/{locationsId}/jobs: parameters: *ref_1 - post: - description: Create a Job. - operationId: batch.projects.locations.jobs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Job' + get: + description: List all Jobs for a project within a region. + operationId: batch.projects.locations.jobs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2607,7 +2554,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Job' + $ref: '#/components/schemas/ListJobsResponse' parameters: - in: path name: projectsId @@ -2620,16 +2567,30 @@ paths: schema: type: string - in: query - name: jobId + name: pageToken schema: type: string - in: query - name: requestId + name: filter schema: type: string - get: - description: List all Jobs for a project within a region. - operationId: batch.projects.locations.jobs.list + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Create a Job. + operationId: batch.projects.locations.jobs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Job' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2641,7 +2602,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListJobsResponse' + $ref: '#/components/schemas/Job' parameters: - in: path name: projectsId @@ -2654,20 +2615,11 @@ paths: schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + name: jobId schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: requestId schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}: @@ -2735,11 +2687,11 @@ paths: schema: type: string - in: query - name: reason + name: requestId schema: type: string - in: query - name: requestId + name: reason schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}:cancel: @@ -2780,11 +2732,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}/taskGroups/{taskGroupsId}/tasks/{tasksId}: + /v1/projects/{projectsId}/locations/{locationsId}/state:report: parameters: *ref_1 - get: - description: Return a single Task. - operationId: batch.projects.locations.jobs.taskGroups.tasks.get + post: + description: Report agent's state, e.g. agent status and tasks information + operationId: batch.projects.locations.state.report + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ReportAgentStateRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2796,7 +2753,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Task' + $ref: '#/components/schemas/ReportAgentStateResponse' parameters: - in: path name: projectsId @@ -2808,26 +2765,72 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: batch.projects.locations.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListOperationsResponse' + parameters: - in: path - name: jobsId + name: projectsId required: true schema: type: string - in: path - name: taskGroupsId + name: locationsId required: true schema: type: string - - in: path - name: tasksId - required: true + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}/taskGroups/{taskGroupsId}/tasks: + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: - description: List Tasks associated with a job. - operationId: batch.projects.locations.jobs.taskGroups.tasks.list + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: batch.projects.locations.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2839,7 +2842,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTasksResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2852,38 +2855,53 @@ paths: schema: type: string - in: path - name: jobsId + name: operationsId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: batch.projects.locations.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: - in: path - name: taskGroupsId + name: projectsId required: true schema: type: string - - in: query - name: filter + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/state:report: - parameters: *ref_1 - post: - description: Report agent's state, e.g. agent status and tasks information - operationId: batch.projects.locations.state.report - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ReportAgentStateRequest' + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: batch.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2895,7 +2913,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ReportAgentStateResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2907,3 +2925,8 @@ paths: required: true schema: type: string + - in: path + name: operationsId + required: true + schema: + type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/beyondcorp.yaml b/providers/src/googleapis.com/v00.00.00000/services/beyondcorp.yaml index 0498190e..79fe1307 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/beyondcorp.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/beyondcorp.yaml @@ -6,13 +6,15 @@ info: email: info@stackql.io title: BeyondCorp API description: >- - Beyondcorp Enterprise provides identity and context aware access controls - for enterprise resources and enables zero-trust access. Using the Beyondcorp - Enterprise APIs, enterprises can set up multi-cloud and on-prem connectivity - solutions. + Chrome Enterprise Premium is a secure enterprise browsing solution that + provides secure access to applications and resources, and offers integrated + threat and data protection. It adds an extra layer of security to safeguard + your Chrome browser environment, including Data Loss Prevention (DLP), + real-time URL and file scanning, and Context-Aware Access for SaaS and web + apps. version: v1 - x-discovery-doc-revision: '20250805' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251029' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/ servers: @@ -38,35 +40,95 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleLongrunningListOperationsResponse: - id: GoogleLongrunningListOperationsResponse - description: The response message for Operations.ListOperations. + GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscoveryApiGatewayOperationDescriptor: type: object + description: API operation descriptor. + id: >- + GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscoveryApiGatewayOperationDescriptor properties: - operations: + path: + description: Required. Contains the URI path fragment where HTTP request is sent. + type: string + GoogleCloudLocationListLocationsResponse: + properties: + nextPageToken: + description: The standard List next-page token. + type: string + locations: description: >- - A list of operations that matches the specified filter in the + A list of locations that matches the specified filter in the request. type: array items: - $ref: '#/components/schemas/GoogleLongrunningOperation' - nextPageToken: - description: The standard List next-page token. + $ref: '#/components/schemas/GoogleCloudLocationLocation' + type: object + id: GoogleCloudLocationListLocationsResponse + description: The response message for Locations.ListLocations. + Tunnelv1ProtoTunnelerError: + properties: + retryable: + type: boolean + description: >- + retryable isn't used for now, but we may want to reuse it in the + future. + err: type: string - GoogleLongrunningOperation: - id: GoogleLongrunningOperation + description: Original raw error + type: object + id: Tunnelv1ProtoTunnelerError description: >- - This resource represents a long-running operation that is the result of - a network API call. + TunnelerError is an error proto for errors returned by the connection + manager. + GoogleCloudBeyondcorpAppconnectorsV1ResolveInstanceConfigResponse: + properties: + instanceConfig: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1AppConnectorInstanceConfig + description: AppConnectorInstanceConfig. + description: Response message for BeyondCorp.ResolveInstanceConfig. type: object + id: GoogleCloudBeyondcorpAppconnectorsV1ResolveInstanceConfigResponse + GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedGroupInfo: properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + outputType: + description: Optional. The output type of the delegated group information. + enumDescriptions: + - The unspecified output type. + - Protobuf output type. + - JSON output type. + - Explicitly disable header output. + enum: + - OUTPUT_TYPE_UNSPECIFIED + - PROTOBUF + - JSON + - NONE type: string + id: >- + GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedGroupInfo + description: The delegated group configuration details. + type: object + GoogleLongrunningOperation: + id: GoogleLongrunningOperation + properties: + response: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + error: + $ref: '#/components/schemas/GoogleRpcStatus' + description: >- + The error result of the operation in case of failure or + cancellation. metadata: description: >- Service-specific metadata associated with the operation. It @@ -74,1196 +136,1009 @@ components: create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any. - type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. + type: object done: description: >- If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available. type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/GoogleRpcStatus' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleRpcStatus: - id: GoogleRpcStatus - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + name: type: string - details: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - GoogleLongrunningCancelOperationRequest: - id: GoogleLongrunningCancelOperationRequest - description: The request message for Operations.CancelOperation. + This resource represents a long-running operation that is the result of + a network API call. type: object + CloudSecurityZerotrustApplinkAppConnectorProtoConnectorDetails: + description: ConnectorDetails reflects the details of a connector. properties: {} - GoogleCloudBeyondcorpAppconnectionsV1ListAppConnectionsResponse: - id: GoogleCloudBeyondcorpAppconnectionsV1ListAppConnectionsResponse - description: Response message for BeyondCorp.ListAppConnections. type: object + id: CloudSecurityZerotrustApplinkAppConnectorProtoConnectorDetails + GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway: properties: - appConnections: - description: A list of BeyondCorp AppConnections in the project. - type: array + serviceDiscovery: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscovery + description: Optional. Settings related to the Service Discovery. + externalIps: + readOnly: true items: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1AppConnection - nextPageToken: + type: string description: >- - A token to retrieve the next page of results, or empty if there are - no more results in the list. - type: string - unreachable: - description: A list of locations that could not be reached. + Output only. IP addresses that will be used for establishing + connection to the endpoints. type: array - items: - type: string - GoogleCloudBeyondcorpAppconnectionsV1AppConnection: - id: GoogleCloudBeyondcorpAppconnectionsV1AppConnection - description: >- - A BeyondCorp AppConnection resource represents a BeyondCorp protected - AppConnection to a remote application. It creates all the necessary GCP - components needed for creating a BeyondCorp protected AppConnection. - Multiple connectors can be authorised for a single AppConnection. - type: object - properties: + state: + type: string + enumDescriptions: + - Default value. This value is unused. + - SecurityGateway is being created. + - SecurityGateway is being updated. + - SecurityGateway is being deleted. + - SecurityGateway is running. + - SecurityGateway is down and may be restored in the future. + - >- + SecurityGateway encountered an error and is in an indeterministic + state. + readOnly: true + enum: + - STATE_UNSPECIFIED + - CREATING + - UPDATING + - DELETING + - RUNNING + - DOWN + - ERROR + description: Output only. The operational state of the SecurityGateway. name: + type: string + description: Identifier. Name of the resource. + displayName: description: >- - Required. Unique resource name of the AppConnection. The name is - ignored when creating a AppConnection. + Optional. An arbitrary user-provided name for the SecurityGateway. + Cannot exceed 64 characters. type: string - createTime: - description: Output only. Timestamp when the resource was created. - readOnly: true + delegatingServiceAccount: + description: >- + Output only. Service account used for operations that involve + resources in consumer projects. type: string - format: google-datetime + readOnly: true + proxyProtocolConfig: + description: Optional. Shared proxy configuration for all apps. + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ProxyProtocolConfig updateTime: - description: Output only. Timestamp when the resource was last modified. readOnly: true type: string format: google-datetime - labels: - description: Optional. Resource labels to represent user provided metadata. - type: object + description: Output only. Timestamp when the resource was last modified. + hubs: additionalProperties: - type: string - displayName: - description: >- - Optional. An arbitrary user-provided name for the AppConnection. - Cannot exceed 64 characters. - type: string - uid: + $ref: '#/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1Hub' + type: object description: >- - Output only. A unique identifier for the instance generated by the - system. + Optional. Map of Hubs that represents regional data path deployment + with GCP region as a key. + createTime: + description: Output only. Timestamp when the resource was created. readOnly: true + format: google-datetime type: string - type: - description: >- - Required. The type of network connectivity used by the - AppConnection. + description: The information about a security gateway resource. + id: GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway + type: object + GoogleCloudBeyondcorpSecuritygatewaysV1EndpointMatcher: + properties: + hostname: type: string - enumDescriptions: - - Default value. This value is unused. - - >- - TCP Proxy based BeyondCorp AppConnection. API will default to this - if unset. - enum: - - TYPE_UNSPECIFIED - - TCP_PROXY - applicationEndpoint: - description: >- - Required. Address of the remote application endpoint for the - BeyondCorp AppConnection. - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1AppConnectionApplicationEndpoint - connectors: - description: >- - Optional. List of [google.cloud.beyondcorp.v1main.Connector.name] - that are authorised to be associated with this AppConnection. + description: Required. Hostname of the application. + ports: type: array + description: Required. The ports of the application. items: - type: string - state: - description: Output only. The current state of the AppConnection. - readOnly: true - type: string - enumDescriptions: - - Default value. This value is unused. - - AppConnection is being created. - - AppConnection has been created. - - AppConnection's configuration is being updated. - - AppConnection is being deleted. - - >- - AppConnection is down and may be restored in the future. This - happens when CCFE sends ProjectState = OFF. - enum: - - STATE_UNSPECIFIED - - CREATING - - CREATED - - UPDATING - - DELETING - - DOWN - gateway: - description: Optional. Gateway used by the AppConnection. - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGateway - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - GoogleCloudBeyondcorpAppconnectionsV1AppConnectionApplicationEndpoint: - id: GoogleCloudBeyondcorpAppconnectionsV1AppConnectionApplicationEndpoint - description: ApplicationEndpoint represents a remote application endpoint. - type: object - properties: - host: - description: Required. Hostname or IP address of the remote application endpoint. - type: string - port: - description: Required. Port of the remote application endpoint. - type: integer - format: int32 - GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGateway: - id: GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGateway + format: int32 + type: integer description: >- - Gateway represents a user facing component that serves as an entrance to - enable connectivity. + EndpointMatcher contains the information of the endpoint that will match + the application. + id: GoogleCloudBeyondcorpSecuritygatewaysV1EndpointMatcher + type: object + GoogleCloudLocationLocation: + id: GoogleCloudLocationLocation type: object + description: A resource that represents a Google Cloud location. properties: - type: - description: Required. The type of hosting used by the gateway. - type: string - enumDescriptions: - - Default value. This value is unused. - - Gateway hosted in a GCP regional managed instance group. - enum: - - TYPE_UNSPECIFIED - - GCP_REGIONAL_MIG - uri: - description: Output only. Server-defined URI for this resource. - readOnly: true + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` type: string - ingressPort: + labels: + additionalProperties: + type: string + type: object description: >- - Output only. Ingress port reserved on the gateways for this - AppConnection, if not specified or zero, the default port is 19443. - readOnly: true - type: integer - format: int32 - appGateway: + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + metadata: description: >- - Required. AppGateway name in following format: - `projects/{project_id}/locations/{location_id}/appgateways/{gateway_id}` - type: string - l7psc: - description: Output only. L7 private service connection for this resource. - readOnly: true + Service-specific metadata. For example the available capacity at the + given location. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + locationId: type: string - GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponse: - id: GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponse - description: Response message for BeyondCorp.ResolveAppConnections. - type: object - properties: - appConnectionDetails: - description: A list of BeyondCorp AppConnections with details in the project. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponseAppConnectionDetails - nextPageToken: + description: 'The canonical id for this location. For example: `"us-east1"`.' + displayName: description: >- - A token to retrieve the next page of results, or empty if there are - no more results in the list. + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". type: string - unreachable: - description: A list of locations that could not be reached. - type: array - items: - type: string - GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponseAppConnectionDetails: + GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedDeviceInfo: id: >- - GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponseAppConnectionDetails - description: Details of the AppConnection. - type: object - properties: - appConnection: - description: A BeyondCorp AppConnection in the project. - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1AppConnection - recentMigVms: - description: >- - If type=GCP_REGIONAL_MIG, contains most recent VM instances, like - `https://www.googleapis.com/compute/v1/projects/{project_id}/zones/{zone_id}/instances/{instance_id}`. - type: array - items: - type: string - GoogleCloudBeyondcorpAppconnectorsV1ListAppConnectorsResponse: - id: GoogleCloudBeyondcorpAppconnectorsV1ListAppConnectorsResponse - description: Response message for BeyondCorp.ListAppConnectors. + GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedDeviceInfo type: object + description: The delegated device information configuration. properties: - appConnectors: - description: A list of BeyondCorp AppConnectors in the project. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1AppConnector - nextPageToken: - description: >- - A token to retrieve the next page of results, or empty if there are - no more results in the list. + outputType: + description: Optional. The output type details for the delegated device. + enum: + - OUTPUT_TYPE_UNSPECIFIED + - PROTOBUF + - JSON + - NONE + enumDescriptions: + - The unspecified output type. + - Protobuf output type. + - JSON output type. + - Explicitly disable header output. type: string - unreachable: - description: A list of locations that could not be reached. - type: array - items: - type: string - GoogleCloudBeyondcorpAppconnectorsV1AppConnector: - id: GoogleCloudBeyondcorpAppconnectorsV1AppConnector - description: >- - A BeyondCorp connector resource that represents an application facing - component deployed proximal to and with direct access to the application - instances. It is used to establish connectivity between the remote - enterprise environment and GCP. It initiates connections to the - applications and can proxy the data from users over the connection. - type: object + AppGatewayOperationMetadata: + id: AppGatewayOperationMetadata + description: Represents the metadata of the long-running operation. properties: - name: + requestedCancellation: + readOnly: true description: >- - Required. Unique resource name of the AppConnector. The name is - ignored when creating a AppConnector. - type: string + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have google.longrunning.Operation.error value with a + google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. + type: boolean createTime: - description: Output only. Timestamp when the resource was created. - readOnly: true type: string format: google-datetime - updateTime: - description: Output only. Timestamp when the resource was last modified. readOnly: true + description: Output only. The time the operation was created. + target: type: string - format: google-datetime - labels: - description: Optional. Resource labels to represent user provided metadata. - type: object - additionalProperties: - type: string - displayName: + readOnly: true description: >- - Optional. An arbitrary user-provided name for the AppConnector. - Cannot exceed 64 characters. + Output only. Server-defined resource path for the target of the + operation. + apiVersion: + description: Output only. API version used to start the operation. type: string - uid: - description: >- - Output only. A unique identifier for the instance generated by the - system. + readOnly: true + statusMessage: readOnly: true type: string - state: - description: Output only. The current state of the AppConnector. + description: Output only. Human-readable status of the operation, if any. + verb: readOnly: true + description: Output only. Name of the verb executed by the operation. type: string - enumDescriptions: - - Default value. This value is unused. - - AppConnector is being created. - - AppConnector has been created. - - AppConnector's configuration is being updated. - - AppConnector is being deleted. - - >- - AppConnector is down and may be restored in the future. This - happens when CCFE sends ProjectState = OFF. - enum: - - STATE_UNSPECIFIED - - CREATING - - CREATED - - UPDATING - - DELETING - - DOWN - principalInfo: - description: >- - Required. Principal information about the Identity of the - AppConnector. - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfo - resourceInfo: - description: Optional. Resource info of the connector. - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo - GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfo: - id: GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfo - description: PrincipalInfo represents an Identity oneof. + endTime: + description: Output only. The time the operation finished running. + readOnly: true + type: string + format: google-datetime type: object - properties: - serviceAccount: - description: A GCP service account. - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfoServiceAccount - GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfoServiceAccount: - id: >- - GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfoServiceAccount - description: ServiceAccount represents a GCP service account. + GoogleIamV1Policy: + id: GoogleIamV1Policy type: object - properties: - email: - description: Email address of the service account. - type: string - GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo: - id: GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo description: >- - ResourceInfo represents the information/status of an app connector - resource. Such as: - remote_agent - container - runtime - appgateway - - appconnector - appconnection - tunnel - logagent - type: object + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). properties: - id: - description: Required. Unique Id for the resource. + etag: type: string - status: + format: byte description: >- - Overall health status. Overall status is derived based on the status - of each sub level resources. - type: string - enumDescriptions: - - 'Health status is unknown: not initialized or failed to retrieve.' - - The resource is healthy. - - The resource is unhealthy. - - The resource is unresponsive. - - Some sub-resources are UNHEALTHY. - enum: - - HEALTH_STATUS_UNSPECIFIED - - HEALTHY - - UNHEALTHY - - UNRESPONSIVE - - DEGRADED - resource: - description: Specific details for the resource. This is for internal use only. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - time: + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + auditConfigs: + description: Specifies cloud audit logging configuration for this policy. + items: + $ref: '#/components/schemas/GoogleIamV1AuditConfig' + type: array + bindings: description: >- - The timestamp to collect the info. It is suggested to be set by the - topmost level resource only. - type: string - format: google-datetime - sub: - description: List of Info for the sub level resources. + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. type: array items: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo - GoogleCloudBeyondcorpAppconnectorsV1ResolveInstanceConfigResponse: - id: GoogleCloudBeyondcorpAppconnectorsV1ResolveInstanceConfigResponse - description: Response message for BeyondCorp.ResolveInstanceConfig. - type: object - properties: - instanceConfig: - description: AppConnectorInstanceConfig. - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1AppConnectorInstanceConfig - GoogleCloudBeyondcorpAppconnectorsV1AppConnectorInstanceConfig: - id: GoogleCloudBeyondcorpAppconnectorsV1AppConnectorInstanceConfig - description: >- - AppConnectorInstanceConfig defines the instance config of a - AppConnector. - type: object - properties: - sequenceNumber: + $ref: '#/components/schemas/GoogleIamV1Binding' + version: + type: integer description: >- - Required. A monotonically increasing number generated and maintained - by the API provider. Every time a config changes in the backend, the - sequenceNumber should be bumped up to reflect the change. + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + format: int32 + GoogleCloudBeyondcorpAppconnectionsV1AppConnectionOperationMetadata: + description: Represents the metadata of the long-running operation. + properties: + createTime: + description: Output only. The time the operation was created. + format: google-datetime + readOnly: true type: string - format: int64 - instanceConfig: - description: The SLM instance agent configuration. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - notificationConfig: + statusMessage: + description: Output only. Human-readable status of the operation, if any. + readOnly: true + type: string + verb: + readOnly: true + description: Output only. Name of the verb executed by the operation. + type: string + target: description: >- - NotificationConfig defines the notification mechanism that the - remote instance should subscribe to in order to receive - notification. - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1NotificationConfig - imageConfig: + Output only. Server-defined resource path for the target of the + operation. + readOnly: true + type: string + endTime: + description: Output only. The time the operation finished running. + type: string + readOnly: true + format: google-datetime + apiVersion: + description: Output only. API version used to start the operation. + type: string + readOnly: true + requestedCancellation: description: >- - ImageConfig defines the GCR images to run for the remote agent's - control plane. - $ref: '#/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1ImageConfig' - GoogleCloudBeyondcorpAppconnectorsV1NotificationConfig: - id: GoogleCloudBeyondcorpAppconnectorsV1NotificationConfig - description: NotificationConfig defines the mechanisms to notify instance agent. + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have google.longrunning.Operation.error value with a + google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. + readOnly: true + type: boolean + id: GoogleCloudBeyondcorpAppconnectionsV1AppConnectionOperationMetadata + type: object + GoogleCloudBeyondcorpSecuritygatewaysV1InternetGateway: type: object + id: GoogleCloudBeyondcorpSecuritygatewaysV1InternetGateway + description: Represents the Internet Gateway configuration. properties: - pubsubNotification: - description: Cloud Pub/Sub Configuration to receive notifications. - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1NotificationConfigCloudPubSubNotificationConfig - GoogleCloudBeyondcorpAppconnectorsV1NotificationConfigCloudPubSubNotificationConfig: - id: >- - GoogleCloudBeyondcorpAppconnectorsV1NotificationConfigCloudPubSubNotificationConfig - description: The configuration for Pub/Sub messaging for the AppConnector. + assignedIps: + type: array + description: Output only. List of IP addresses assigned to the Cloud NAT. + readOnly: true + items: + type: string + GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstreamExternal: + description: Endpoints to forward traffic to. type: object + id: GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstreamExternal properties: - pubsubSubscription: - description: >- - The Pub/Sub subscription the AppConnector uses to receive - notifications. - type: string - GoogleCloudBeyondcorpAppconnectorsV1ImageConfig: - id: GoogleCloudBeyondcorpAppconnectorsV1ImageConfig - description: ImageConfig defines the control plane images to run. + endpoints: + items: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1Endpoint + description: Required. List of the endpoints to forward traffic to. + type: array + GoogleCloudBeyondcorpConnectorsV1alphaContainerHealthDetails: type: object properties: - targetImage: - description: >- - The initial image the remote agent will attempt to run for the - control plane. Format would be a gcr image path, e.g.: - gcr.io/PROJECT-ID/my-image:tag1 + extendedStatus: + description: The extended status. Such as ExitCode, StartedAt, FinishedAt, etc. + type: object + additionalProperties: + type: string + currentConfigVersion: type: string - stableImage: + description: The version of the current config. + errorMsg: + description: The latest error message. + type: string + expectedConfigVersion: + description: The version of the expected config. + type: string + description: ContainerHealthDetails reflects the health details of a container. + id: GoogleCloudBeyondcorpConnectorsV1alphaContainerHealthDetails + GoogleCloudBeyondcorpSecuritygatewaysV1EgressPolicy: + description: Routing policy information. + properties: + regions: + description: Required. List of the regions where the application sends traffic. + items: + type: string + type: array + id: GoogleCloudBeyondcorpSecuritygatewaysV1EgressPolicy + type: object + GoogleCloudBeyondcorpSecuritygatewaysV1Hub: + type: object + description: >- + The Hub message contains information pertaining to the regional data + path deployments. + properties: + internetGateway: + description: Optional. Internet Gateway configuration. + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1InternetGateway + id: GoogleCloudBeyondcorpSecuritygatewaysV1Hub + GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponseAppConnectionDetails: + type: object + description: Details of the AppConnection. + properties: + recentMigVms: description: >- - The stable image that the remote agent will fallback to if the - target image fails. Format would be a gcr image path, e.g.: - gcr.io/PROJECT-ID/my-image:tag1 + If type=GCP_REGIONAL_MIG, contains most recent VM instances, like + `https://www.googleapis.com/compute/v1/projects/{project_id}/zones/{zone_id}/instances/{instance_id}`. + type: array + items: + type: string + appConnection: + description: A BeyondCorp AppConnection in the project. + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1AppConnection + id: >- + GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponseAppConnectionDetails + GoogleIamV1SetIamPolicyRequest: + description: Request message for `SetIamPolicy` method. + properties: + updateMask: + description: >- + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + format: google-fieldmask type: string - GoogleCloudBeyondcorpAppconnectorsV1ReportStatusRequest: - id: GoogleCloudBeyondcorpAppconnectorsV1ReportStatusRequest - description: Request report the connector status. + policy: + description: >- + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/GoogleIamV1Policy' + id: GoogleIamV1SetIamPolicyRequest + type: object + GoogleCloudBeyondcorpAppconnectorsV1NotificationConfig: + description: NotificationConfig defines the mechanisms to notify instance agent. type: object + id: GoogleCloudBeyondcorpAppconnectorsV1NotificationConfig properties: - resourceInfo: - description: Required. Resource info of the connector. + pubsubNotification: $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo - requestId: + #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1NotificationConfigCloudPubSubNotificationConfig + description: Cloud Pub/Sub Configuration to receive notifications. + GoogleCloudBeyondcorpAppconnectorsV1ImageConfig: + description: ImageConfig defines the control plane images to run. + id: GoogleCloudBeyondcorpAppconnectorsV1ImageConfig + properties: + stableImage: description: >- - Optional. An optional request ID to identify requests. Specify a - unique request ID so that if you must retry your request, the server - will know to ignore the request if it has already been completed. - The server will guarantee that for at least 60 minutes since the - first request. For example, consider a situation where you make an - initial request and the request times out. If you make the request - again with the same request ID, the server can check if original - operation with the same request ID was received, and if so, will - ignore the second request. This prevents clients from accidentally - creating duplicate commitments. The request ID must be a valid UUID - with the exception that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). + The stable image that the remote agent will fallback to if the + target image fails. Format would be a gcr image path, e.g.: + gcr.io/PROJECT-ID/my-image:tag1 + type: string + targetImage: type: string - validateOnly: description: >- - Optional. If set, validates request by executing a dry-run which - would not alter the resource in any way. - type: boolean - ListAppGatewaysResponse: - id: ListAppGatewaysResponse - description: Response message for BeyondCorp.ListAppGateways. + The initial image the remote agent will attempt to run for the + control plane. Format would be a gcr image path, e.g.: + gcr.io/PROJECT-ID/my-image:tag1 + type: object + GoogleCloudBeyondcorpSecuritygatewaysV1ListApplicationsResponse: + id: GoogleCloudBeyondcorpSecuritygatewaysV1ListApplicationsResponse + description: Message for response to listing Applications. type: object properties: - appGateways: - description: A list of BeyondCorp AppGateways in the project. - type: array - items: - $ref: '#/components/schemas/AppGateway' nextPageToken: + type: string description: >- A token to retrieve the next page of results, or empty if there are no more results in the list. - type: string + applications: + description: A list of BeyondCorp Application in the project. + items: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1Application + type: array unreachable: + type: array description: A list of locations that could not be reached. + items: + type: string + GoogleCloudBeyondcorpSecuritygatewaysV1ListSecurityGatewaysResponse: + description: Message for response to listing SecurityGateways. + id: GoogleCloudBeyondcorpSecuritygatewaysV1ListSecurityGatewaysResponse + properties: + unreachable: type: array items: type: string - AppGateway: - id: AppGateway - description: >- - A BeyondCorp AppGateway resource represents a BeyondCorp protected - AppGateway to a remote application. It creates all the necessary GCP - components needed for creating a BeyondCorp protected AppGateway. - Multiple connectors can be authorised for a single AppGateway. + description: A list of locations that could not be reached. + nextPageToken: + type: string + description: >- + A token to retrieve the next page of results, or empty if there are + no more results in the list. + securityGateways: + description: A list of BeyondCorp SecurityGateway in the project. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway type: object + GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGatewayOperationMetadata: + description: Represents the metadata of the long-running operation. properties: - name: - description: >- - Required. Unique resource name of the AppGateway. The name is - ignored when creating an AppGateway. + verb: + description: Output only. Name of the verb executed by the operation. + readOnly: true + type: string + apiVersion: + readOnly: true + description: Output only. API version used to start the operation. type: string createTime: - description: Output only. Timestamp when the resource was created. readOnly: true type: string format: google-datetime - updateTime: - description: Output only. Timestamp when the resource was last modified. + description: Output only. The time the operation was created. + endTime: + description: Output only. The time the operation finished running. readOnly: true type: string format: google-datetime - labels: - description: Optional. Resource labels to represent user provided metadata. - type: object - additionalProperties: - type: string - displayName: + requestedCancellation: + readOnly: true + type: boolean description: >- - Optional. An arbitrary user-provided name for the AppGateway. Cannot - exceed 64 characters. - type: string - uid: + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have been cancelled successfully + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. + target: description: >- - Output only. A unique identifier for the instance generated by the - system. - readOnly: true - type: string - type: - description: Required. The type of network connectivity used by the AppGateway. + Output only. Server-defined resource path for the target of the + operation. type: string - enumDescriptions: - - Default value. This value is unused. - - >- - TCP Proxy based BeyondCorp Connection. API will default to this if - unset. - enum: - - TYPE_UNSPECIFIED - - TCP_PROXY - state: - description: Output only. The current state of the AppGateway. readOnly: true + statusMessage: + description: Output only. Human-readable status of the operation, if any. type: string - enumDescriptions: - - Default value. This value is unused. - - AppGateway is being created. - - AppGateway has been created. - - AppGateway's configuration is being updated. - - AppGateway is being deleted. - - >- - AppGateway is down and may be restored in the future. This happens - when CCFE sends ProjectState = OFF. - enum: - - STATE_UNSPECIFIED - - CREATING - - CREATED - - UPDATING - - DELETING - - DOWN - uri: - description: Output only. Server-defined URI for this resource. readOnly: true + id: GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGatewayOperationMetadata + type: object + CloudSecurityZerotrustApplinkAppConnectorProtoConnectionConfig: + description: ConnectionConfig represents a Connection Configuration object. + id: CloudSecurityZerotrustApplinkAppConnectorProtoConnectionConfig + properties: + name: type: string - allocatedConnections: - description: Output only. A list of connections allocated for the Gateway - readOnly: true - type: array - items: - $ref: '#/components/schemas/AllocatedConnection' - hostType: - description: Required. The type of hosting used by the AppGateway. + description: >- + name is the unique ID for each connection. TODO(b/190732451) returns + connection name from user-specified name in config. Now, name = + ${application_name}:${application_endpoint} + applicationEndpoint: type: string - enumDescriptions: - - Default value. This value is unused. - - AppGateway hosted in a GCP regional managed instance group. - enum: - - HOST_TYPE_UNSPECIFIED - - GCP_REGIONAL_MIG - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - AllocatedConnection: - id: AllocatedConnection - description: Allocated connection of the AppGateway. - type: object - properties: - pscUri: - description: Required. The PSC uri of an allocated connection + description: >- + application_endpoint is the endpoint of the application the form of + host:port. For example, "localhost:80". + project: + description: project represents the consumer project the connection belongs to. type: string - ingressPort: - description: Required. The ingress port of an allocated connection + userPort: type: integer + description: >- + user_port specifies the reserved port on gateways for user + connections. format: int32 - GoogleCloudBeyondcorpSecuritygatewaysV1ListSecurityGatewaysResponse: - id: GoogleCloudBeyondcorpSecuritygatewaysV1ListSecurityGatewaysResponse - description: Message for response to listing SecurityGateways. - type: object - properties: - securityGateways: - description: A list of BeyondCorp SecurityGateway in the project. - type: array + tunnelsPerGateway: + description: >- + tunnels_per_gateway reflects the number of tunnels between a + connector and a gateway. + format: uint32 + type: integer + gateway: items: $ref: >- - #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway - nextPageToken: + #/components/schemas/CloudSecurityZerotrustApplinkAppConnectorProtoGateway description: >- - A token to retrieve the next page of results, or empty if there are - no more results in the list. - type: string - unreachable: - description: A list of locations that could not be reached. + gateway lists all instances running a gateway in GCP. They all + connect to a connector on the host. type: array - items: - type: string - GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway: - id: GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway - description: The information about a security gateway resource. - type: object - properties: - name: - description: Identifier. Name of the resource. - type: string - createTime: - description: Output only. Timestamp when the resource was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when the resource was last modified. - readOnly: true + applicationName: type: string - format: google-datetime - displayName: description: >- - Optional. An arbitrary user-provided name for the SecurityGateway. - Cannot exceed 64 characters. - type: string - externalIps: + application_name represents the given name of the application the + connection is connecting with. + type: object + GoogleCloudBeyondcorpAppconnectorsV1alphaRemoteAgentDetails: + type: object + id: GoogleCloudBeyondcorpAppconnectorsV1alphaRemoteAgentDetails + properties: {} + description: RemoteAgentDetails reflects the details of a remote agent. + GoogleCloudBeyondcorpAppconnectorsV1AppConnectorInstanceConfig: + properties: + sequenceNumber: description: >- - Output only. IP addresses that will be used for establishing - connection to the endpoints. - readOnly: true - type: array - items: - type: string - state: - description: Output only. The operational state of the SecurityGateway. - readOnly: true + Required. A monotonically increasing number generated and maintained + by the API provider. Every time a config changes in the backend, the + sequenceNumber should be bumped up to reflect the change. type: string - enumDescriptions: - - Default value. This value is unused. - - SecurityGateway is being created. - - SecurityGateway is being updated. - - SecurityGateway is being deleted. - - SecurityGateway is running. - - SecurityGateway is down and may be restored in the future. - - >- - SecurityGateway encountered an error and is in an indeterministic - state. - enum: - - STATE_UNSPECIFIED - - CREATING - - UPDATING - - DELETING - - RUNNING - - DOWN - - ERROR - hubs: - description: >- - Optional. Map of Hubs that represents regional data path deployment - with GCP region as a key. + format: int64 + instanceConfig: type: object additionalProperties: - $ref: '#/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1Hub' - delegatingServiceAccount: + type: any + description: Properties of the object. Contains field @type with type URL. + description: The SLM instance agent configuration. + imageConfig: description: >- - Output only. Service account used for operations that involve - resources in consumer projects. - readOnly: true - type: string - GoogleCloudBeyondcorpSecuritygatewaysV1Hub: - id: GoogleCloudBeyondcorpSecuritygatewaysV1Hub + ImageConfig defines the GCR images to run for the remote agent's + control plane. + $ref: '#/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1ImageConfig' + notificationConfig: + description: >- + NotificationConfig defines the notification mechanism that the + remote instance should subscribe to in order to receive + notification. + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1NotificationConfig description: >- - The Hub message contains information pertaining to the regional data - path deployments. + AppConnectorInstanceConfig defines the instance config of a + AppConnector. + id: GoogleCloudBeyondcorpAppconnectorsV1AppConnectorInstanceConfig type: object + GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscoveryApiGateway: + description: If Service Discovery is done through API, defines its settings. properties: - internetGateway: - description: Optional. Internet Gateway configuration. + resourceOverride: + description: >- + Required. Enables fetching resource model updates to alter service + behavior per Chrome profile. $ref: >- - #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1InternetGateway - GoogleCloudBeyondcorpSecuritygatewaysV1InternetGateway: - id: GoogleCloudBeyondcorpSecuritygatewaysV1InternetGateway - description: Represents the Internet Gateway configuration. + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscoveryApiGatewayOperationDescriptor + id: GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscoveryApiGateway type: object - properties: - assignedIps: - description: Output only. List of IP addresses assigned to the Cloud NAT. - readOnly: true - type: array - items: - type: string - GoogleCloudBeyondcorpSecuritygatewaysV1ListApplicationsResponse: - id: GoogleCloudBeyondcorpSecuritygatewaysV1ListApplicationsResponse - description: Message for response to listing Applications. + ListAppGatewaysResponse: type: object + id: ListAppGatewaysResponse + description: Response message for BeyondCorp.ListAppGateways. properties: - applications: - description: A list of BeyondCorp Application in the project. + appGateways: + description: A list of BeyondCorp AppGateways in the project. type: array items: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1Application + $ref: '#/components/schemas/AppGateway' nextPageToken: + type: string description: >- A token to retrieve the next page of results, or empty if there are no more results in the list. - type: string unreachable: - description: A list of locations that could not be reached. - type: array items: type: string - GoogleCloudBeyondcorpSecuritygatewaysV1Application: - id: GoogleCloudBeyondcorpSecuritygatewaysV1Application - description: The information about an application resource. + description: A list of locations that could not be reached. + type: array + GoogleCloudBeyondcorpConnectorsV1alphaRemoteAgentDetails: + id: GoogleCloudBeyondcorpConnectorsV1alphaRemoteAgentDetails type: object + properties: {} + description: RemoteAgentDetails reflects the details of a remote agent. + GoogleCloudBeyondcorpAppconnectionsV1alphaAppConnectionOperationMetadata: properties: - name: - description: Identifier. Name of the resource. + endTime: type: string - endpointMatchers: + description: Output only. The time the operation finished running. + readOnly: true + format: google-datetime + verb: + readOnly: true + description: Output only. Name of the verb executed by the operation. + type: string + requestedCancellation: description: >- - Required. Endpoint matchers associated with an application. A - combination of hostname and ports as endpoint matchers is used to - match the application. Match conditions for OR logic. An array of - match conditions to allow for multiple matching criteria. The rule - is considered a match if one of the conditions is met. The - conditions can be one of the following combinations (Hostname), - (Hostname & Ports) EXAMPLES: Hostname - ("*.example.com"), - ("xyz.example.com") Hostname and Ports - ("example.com" and "22"), - ("example.com" and "22,33") etc - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1EndpointMatcher - createTime: - description: Output only. Timestamp when the resource was created. + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have google.longrunning.Operation.error value with a + google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. + type: boolean readOnly: true + createTime: + description: Output only. The time the operation was created. type: string format: google-datetime - updateTime: - description: Output only. Timestamp when the resource was last modified. + readOnly: true + target: readOnly: true type: string - format: google-datetime - displayName: description: >- - Optional. An arbitrary user-provided name for the application - resource. Cannot exceed 64 characters. + Output only. Server-defined resource path for the target of the + operation. + statusMessage: + description: Output only. Human-readable status of the operation, if any. type: string - upstreams: - description: Optional. Which upstream resources to forward traffic to. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstream - GoogleCloudBeyondcorpSecuritygatewaysV1EndpointMatcher: - id: GoogleCloudBeyondcorpSecuritygatewaysV1EndpointMatcher - description: >- - EndpointMatcher contains the information of the endpoint that will match - the application. + readOnly: true + apiVersion: + description: Output only. API version used to start the operation. + readOnly: true + type: string + description: Represents the metadata of the long-running operation. type: object - properties: - hostname: - description: Required. Hostname of the application. - type: string - ports: - description: Optional. Ports of the application. - type: array - items: - type: integer - format: int32 - GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstream: - id: GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstream - description: Which upstream resource to forward traffic to. + id: GoogleCloudBeyondcorpAppconnectionsV1alphaAppConnectionOperationMetadata + AllocatedConnection: + id: AllocatedConnection type: object + description: Allocated connection of the AppGateway. properties: - network: - description: Network to forward traffic to. - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstreamNetwork - egressPolicy: - description: Optional. Routing policy information. - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1EgressPolicy - GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstreamNetwork: - id: GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstreamNetwork - description: Network to forward traffic to. - type: object + pscUri: + type: string + description: Required. The PSC uri of an allocated connection + ingressPort: + description: Required. The ingress port of an allocated connection + format: int32 + type: integer + GoogleCloudBeyondcorpPartnerservicesV1alphaPartnerServiceOperationMetadata: + id: >- + GoogleCloudBeyondcorpPartnerservicesV1alphaPartnerServiceOperationMetadata properties: - name: + target: + type: string description: >- - Required. Network name is of the format: - `projects/{project}/global/networks/{network} + Output only. Server-defined resource path for the target of the + operation. + readOnly: true + apiVersion: type: string - GoogleCloudBeyondcorpSecuritygatewaysV1EgressPolicy: - id: GoogleCloudBeyondcorpSecuritygatewaysV1EgressPolicy - description: Routing policy information. + description: Output only. API version used to start the operation. + readOnly: true + statusMessage: + readOnly: true + type: string + description: Output only. Human-readable status of the operation, if any. + verb: + readOnly: true + description: Output only. Name of the verb executed by the operation. + type: string + createTime: + readOnly: true + type: string + description: Output only. The time the operation was created. + format: google-datetime + requestedCancellation: + readOnly: true + type: boolean + description: >- + Output only. Identifies whether the caller has requested + cancellation of the operation. Operations that have successfully + been cancelled have Operation.error value with a + google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. + endTime: + readOnly: true + type: string + format: google-datetime + description: Output only. The time the operation finished running. + type: object + deprecated: true + description: Represents the metadata of the long-running operation. + GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscovery: + description: Settings related to the Service Discovery. type: object properties: - regions: - description: Required. List of the regions where the application sends traffic. - type: array - items: - type: string - GoogleCloudLocationListLocationsResponse: - id: GoogleCloudLocationListLocationsResponse - description: The response message for Locations.ListLocations. + apiGateway: + description: Required. External API configuration. + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscoveryApiGateway + id: GoogleCloudBeyondcorpSecuritygatewaysV1ServiceDiscovery + GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfo: + description: PrincipalInfo represents an Identity oneof. + properties: + serviceAccount: + description: A GCP service account. + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfoServiceAccount + type: object + id: GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfo + GoogleIamV1AuditLogConfig: + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. type: object properties: - locations: + exemptedMembers: description: >- - A list of locations that matches the specified filter in the - request. + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. type: array items: - $ref: '#/components/schemas/GoogleCloudLocationLocation' - nextPageToken: - description: The standard List next-page token. + type: string + logType: + description: The log type that this config enables. + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ type: string - GoogleCloudLocationLocation: - id: GoogleCloudLocationLocation - description: A resource that represents a Google Cloud location. + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + id: GoogleIamV1AuditLogConfig + AppGateway: + description: >- + A BeyondCorp AppGateway resource represents a BeyondCorp protected + AppGateway to a remote application. It creates all the necessary GCP + components needed for creating a BeyondCorp protected AppGateway. + Multiple connectors can be authorised for a single AppGateway. type: object properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + satisfiesPzi: + description: Output only. Reserved for future use. + type: boolean + readOnly: true + createTime: type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + readOnly: true + description: Output only. Timestamp when the resource was created. + format: google-datetime + uri: + readOnly: true + description: Output only. Server-defined URI for this resource. + type: string + updateTime: + type: string + description: Output only. Timestamp when the resource was last modified. + readOnly: true + format: google-datetime + uid: type: string - displayName: description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + Output only. A unique identifier for the instance generated by the + system. + readOnly: true + name: type: string - labels: description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} + Required. Unique resource name of the AppGateway. The name is + ignored when creating an AppGateway. + labels: + description: Optional. Resource labels to represent user provided metadata. type: object additionalProperties: type: string - metadata: + satisfiesPzs: + type: boolean + readOnly: true + description: Output only. Reserved for future use. + displayName: description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleIamV1SetIamPolicyRequest: - id: GoogleIamV1SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object + Optional. An arbitrary user-provided name for the AppGateway. Cannot + exceed 64 characters. + type: string + state: + readOnly: true + enumDescriptions: + - Default value. This value is unused. + - AppGateway is being created. + - AppGateway has been created. + - AppGateway's configuration is being updated. + - AppGateway is being deleted. + - >- + AppGateway is down and may be restored in the future. This happens + when CCFE sends ProjectState = OFF. + enum: + - STATE_UNSPECIFIED + - CREATING + - CREATED + - UPDATING + - DELETING + - DOWN + description: Output only. The current state of the AppGateway. + type: string + type: + type: string + enum: + - TYPE_UNSPECIFIED + - TCP_PROXY + description: Required. The type of network connectivity used by the AppGateway. + enumDescriptions: + - Default value. This value is unused. + - >- + TCP Proxy based BeyondCorp Connection. API will default to this if + unset. + hostType: + enum: + - HOST_TYPE_UNSPECIFIED + - GCP_REGIONAL_MIG + type: string + description: Required. The type of hosting used by the AppGateway. + enumDescriptions: + - Default value. This value is unused. + - AppGateway hosted in a GCP regional managed instance group. + allocatedConnections: + description: Output only. A list of connections allocated for the Gateway + type: array + items: + $ref: '#/components/schemas/AllocatedConnection' + readOnly: true + id: AppGateway + GoogleCloudBeyondcorpConnectionsV1alphaConnectionOperationMetadata: + id: GoogleCloudBeyondcorpConnectionsV1alphaConnectionOperationMetadata + description: Represents the metadata of the long-running operation. properties: - policy: + createTime: + readOnly: true + type: string + description: Output only. The time the operation was created. + format: google-datetime + statusMessage: + type: string + readOnly: true + description: Output only. Human-readable status of the operation, if any. + requestedCancellation: description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/GoogleIamV1Policy' - updateMask: - description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. + readOnly: true + type: boolean + verb: + readOnly: true + description: Output only. Name of the verb executed by the operation. type: string - format: google-fieldmask - GoogleIamV1Policy: - id: GoogleIamV1Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). - type: object - properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: - description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/GoogleIamV1Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. - type: array - items: - $ref: '#/components/schemas/GoogleIamV1AuditConfig' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + apiVersion: + readOnly: true + description: Output only. API version used to start the operation. type: string - format: byte - GoogleIamV1Binding: - id: GoogleIamV1Binding - description: Associates `members`, or principals, with a `role`. - type: object - properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + endTime: + readOnly: true + description: Output only. The time the operation finished running. type: string - members: - description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: + format: google-datetime + target: description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/GoogleTypeExpr' - GoogleTypeExpr: - id: GoogleTypeExpr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + Output only. Server-defined resource path for the target of the + operation. + readOnly: true + type: string type: object + GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGateway: + id: GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGateway + type: object + description: >- + Gateway represents a user facing component that serves as an entrance to + enable connectivity. properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. + type: + description: Required. The type of hosting used by the gateway. + enum: + - TYPE_UNSPECIFIED + - GCP_REGIONAL_MIG type: string - title: - description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + enumDescriptions: + - Default value. This value is unused. + - Gateway hosted in a GCP regional managed instance group. + appGateway: type: string - description: description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: + Required. AppGateway name in following format: + `projects/{project_id}/locations/{location_id}/appgateways/{gateway_id}` + ingressPort: + format: int32 + readOnly: true description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + Output only. Ingress port reserved on the gateways for this + AppConnection, if not specified or zero, the default port is 19443. + type: integer + l7psc: + description: Output only. L7 private service connection for this resource. + type: string + readOnly: true + uri: + description: Output only. Server-defined URI for this resource. + readOnly: true type: string GoogleIamV1AuditConfig: id: GoogleIamV1AuditConfig + properties: + auditLogConfigs: + type: array + description: The configuration for logging of each type of permission. + items: + $ref: '#/components/schemas/GoogleIamV1AuditLogConfig' + service: + description: >- + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + type: string + type: object description: >- Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if @@ -1282,140 +1157,347 @@ components: enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging. - type: object + GoogleCloudBeyondcorpAppconnectionsV1AppConnection: properties: - service: + state: + readOnly: true + description: Output only. The current state of the AppConnection. + enum: + - STATE_UNSPECIFIED + - CREATING + - CREATED + - UPDATING + - DELETING + - DOWN + type: string + enumDescriptions: + - Default value. This value is unused. + - AppConnection is being created. + - AppConnection has been created. + - AppConnection's configuration is being updated. + - AppConnection is being deleted. + - >- + AppConnection is down and may be restored in the future. This + happens when CCFE sends ProjectState = OFF. + uid: + readOnly: true + type: string description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. + Output only. A unique identifier for the instance generated by the + system. + satisfiesPzi: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + labels: + type: object + description: Optional. Resource labels to represent user provided metadata. + additionalProperties: + type: string + updateTime: + description: Output only. Timestamp when the resource was last modified. + readOnly: true + format: google-datetime type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array + connectors: + description: >- + Optional. List of [google.cloud.beyondcorp.v1main.Connector.name] + that are authorised to be associated with this AppConnection. items: - $ref: '#/components/schemas/GoogleIamV1AuditLogConfig' - GoogleIamV1AuditLogConfig: - id: GoogleIamV1AuditLogConfig + type: string + type: array + type: + enumDescriptions: + - Default value. This value is unused. + - >- + TCP Proxy based BeyondCorp AppConnection. API will default to this + if unset. + description: >- + Required. The type of network connectivity used by the + AppConnection. + type: string + enum: + - TYPE_UNSPECIFIED + - TCP_PROXY + applicationEndpoint: + description: >- + Required. Address of the remote application endpoint for the + BeyondCorp AppConnection. + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1AppConnectionApplicationEndpoint + satisfiesPzs: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + name: + type: string + description: >- + Required. Unique resource name of the AppConnection. The name is + ignored when creating a AppConnection. + gateway: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGateway + description: Optional. Gateway used by the AppConnection. + createTime: + type: string + description: Output only. Timestamp when the resource was created. + format: google-datetime + readOnly: true + displayName: + description: >- + Optional. An arbitrary user-provided name for the AppConnection. + Cannot exceed 64 characters. + type: string + type: object description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. + A BeyondCorp AppConnection resource represents a BeyondCorp protected + AppConnection to a remote application. It creates all the necessary GCP + components needed for creating a BeyondCorp protected AppConnection. + Multiple connectors can be authorised for a single AppConnection. + id: GoogleCloudBeyondcorpAppconnectionsV1AppConnection + GoogleCloudBeyondcorpAppconnectorsV1RemoteAgentDetails: type: object + id: GoogleCloudBeyondcorpAppconnectorsV1RemoteAgentDetails + properties: {} + description: RemoteAgentDetails reflects the details of a remote agent. + GoogleCloudBeyondcorpAppgatewaysV1alphaAppGatewayOperationMetadata: + id: GoogleCloudBeyondcorpAppgatewaysV1alphaAppGatewayOperationMetadata properties: - logType: - description: The log type that this config enables. + apiVersion: type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: + readOnly: true + description: Output only. API version used to start the operation. + endTime: + type: string + format: google-datetime + description: Output only. The time the operation finished running. + readOnly: true + statusMessage: + type: string + readOnly: true + description: Output only. Human-readable status of the operation, if any. + verb: + readOnly: true + type: string + description: Output only. Name of the verb executed by the operation. + target: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: - type: string - GoogleIamV1TestIamPermissionsRequest: - id: GoogleIamV1TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. + Output only. Server-defined resource path for the target of the + operation. + type: string + readOnly: true + requestedCancellation: + type: boolean + readOnly: true + description: >- + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have google.longrunning.Operation.error value with a + google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. + createTime: + readOnly: true + type: string + description: Output only. The time the operation was created. + format: google-datetime + description: Represents the metadata of the long-running operation. type: object + GoogleCloudBeyondcorpAppconnectorsV1AppConnectorOperationMetadata: properties: - permissions: + verb: + type: string + readOnly: true + description: Output only. Name of the verb executed by the operation. + apiVersion: + description: Output only. API version used to start the operation. + type: string + readOnly: true + statusMessage: + readOnly: true + description: Output only. Human-readable status of the operation, if any. + type: string + target: description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - GoogleIamV1TestIamPermissionsResponse: - id: GoogleIamV1TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. + Output only. Server-defined resource path for the target of the + operation. + readOnly: true + type: string + requestedCancellation: + description: >- + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have google.longrunning.Operation.error value with a + google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. + type: boolean + readOnly: true + createTime: + format: google-datetime + description: Output only. The time the operation was created. + readOnly: true + type: string + endTime: + type: string + description: Output only. The time the operation finished running. + format: google-datetime + readOnly: true + type: object + id: GoogleCloudBeyondcorpAppconnectorsV1AppConnectorOperationMetadata + description: Represents the metadata of the long-running operation. + Empty: + properties: {} + id: Empty type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + GoogleCloudBeyondcorpAppconnectorsV1ContainerHealthDetails: + id: GoogleCloudBeyondcorpAppconnectorsV1ContainerHealthDetails + description: ContainerHealthDetails reflects the health details of a container. properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: + extendedStatus: + description: The extended status. Such as ExitCode, StartedAt, FinishedAt, etc. + type: object + additionalProperties: type: string - Tunnelv1ProtoTunnelerInfo: - id: Tunnelv1ProtoTunnelerInfo + currentConfigVersion: + description: The version of the current config. + type: string + errorMsg: + type: string + description: The latest error message. + expectedConfigVersion: + type: string + description: The version of the expected config. + type: object + GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo: description: >- - TunnelerInfo contains metadata about tunneler launched by connection - manager. + ResourceInfo represents the information/status of an app connector + resource. Such as: - remote_agent - container - runtime - appgateway - + appconnector - appconnection - tunnel - logagent type: object properties: - totalRetryCount: - description: >- - total_retry_count stores the total number of times the tunneler has - been retried by tunManager. - type: integer - format: uint32 - backoffRetryCount: - description: >- - backoff_retry_count stores the number of times the tunneler has been - retried by tunManager for current backoff sequence. Gets reset to 0 - if time difference between 2 consecutive retries exceeds - backoffRetryResetTime. - type: integer - format: uint32 - latestErr: - description: >- - latest_err stores the Error for the latest tunneler failure. Gets - reset everytime the tunneler is retried by tunManager. - $ref: '#/components/schemas/Tunnelv1ProtoTunnelerError' - latestRetryTime: + status: + enum: + - HEALTH_STATUS_UNSPECIFIED + - HEALTHY + - UNHEALTHY + - UNRESPONSIVE + - DEGRADED description: >- - latest_retry_time stores the time when the tunneler was last - restarted. + Overall health status. Overall status is derived based on the status + of each sub level resources. type: string + enumDescriptions: + - 'Health status is unknown: not initialized or failed to retrieve.' + - The resource is healthy. + - The resource is unhealthy. + - The resource is unresponsive. + - Some sub-resources are UNHEALTHY. + time: + description: >- + The timestamp to collect the info. It is suggested to be set by the + topmost level resource only. format: google-datetime + type: string + sub: + description: List of Info for the sub level resources. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo + resource: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: Specific details for the resource. This is for internal use only. + type: object id: - description: id is the unique id of a tunneler. type: string - Tunnelv1ProtoTunnelerError: - id: Tunnelv1ProtoTunnelerError - description: >- - TunnelerError is an error proto for errors returned by the connection - manager. - type: object + description: Required. Unique Id for the resource. + id: GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo + GoogleCloudBeyondcorpSecuritygatewaysV1Application: properties: - retryable: + updateTime: + readOnly: true + type: string + description: Output only. Timestamp when the resource was last modified. + format: google-datetime + endpointMatchers: + items: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1EndpointMatcher description: >- - retryable isn't used for now, but we may want to reuse it in the - future. - type: boolean - err: - description: Original raw error + Optional. An array of conditions to match the application's network + endpoint. Each element in the array is an EndpointMatcher object, + which defines a specific combination of a hostname pattern and one + or more ports. The application is considered matched if at least one + of the EndpointMatcher conditions in this array is met (the + conditions are combined using OR logic). Each EndpointMatcher must + contain a hostname pattern, such as "example.com", and one or more + port numbers specified as a string, such as "443". Hostname and port + number examples: "*.example.com", "443" "example.com" and "22" + "example.com" and "22,33" + type: array + schema: type: string - CloudSecurityZerotrustApplinkLogagentProtoLogAgentDetails: - id: CloudSecurityZerotrustApplinkLogagentProtoLogAgentDetails - description: LogAgentDetails reflects the details of a log agent. + enum: + - SCHEMA_UNSPECIFIED + - PROXY_GATEWAY + - API_GATEWAY + description: Optional. Type of the external application. + enumDescriptions: + - Default value. This value is unused. + - >- + Proxy which routes traffic to actual applications, like Netscaler + Gateway. + - >- + Service Discovery API endpoint when Service Discovery is enabled + in Gateway. + createTime: + type: string + description: Output only. Timestamp when the resource was created. + format: google-datetime + readOnly: true + upstreams: + items: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstream + type: array + description: Optional. Which upstream resources to forward traffic to. + name: + description: Identifier. Name of the resource. + type: string + displayName: + description: >- + Optional. An arbitrary user-provided name for the application + resource. Cannot exceed 64 characters. + type: string + description: The information about an application resource. + id: GoogleCloudBeyondcorpSecuritygatewaysV1Application type: object - properties: {} - GoogleCloudBeyondcorpAppconnectionsV1alphaAppConnectionOperationMetadata: - id: GoogleCloudBeyondcorpAppconnectionsV1alphaAppConnectionOperationMetadata + GoogleCloudBeyondcorpAppconnectorsV1alphaAppConnectorOperationMetadata: description: Represents the metadata of the long-running operation. + id: GoogleCloudBeyondcorpAppconnectorsV1alphaAppConnectorOperationMetadata type: object properties: + apiVersion: + description: Output only. API version used to start the operation. + type: string + readOnly: true createTime: + format: google-datetime + readOnly: true description: Output only. The time the operation was created. + type: string + statusMessage: readOnly: true + description: Output only. Human-readable status of the operation, if any. type: string - format: google-datetime + verb: + type: string + readOnly: true + description: Output only. Name of the verb executed by the operation. endTime: description: Output only. The time the operation finished running. readOnly: true @@ -1425,348 +1507,551 @@ components: description: >- Output only. Server-defined resource path for the target of the operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. readOnly: true - type: string requestedCancellation: + readOnly: true description: >- Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have google.longrunning.Operation.error value with a - google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - readOnly: true + google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. type: boolean + GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponse: + id: GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponse + properties: + nextPageToken: + description: >- + A token to retrieve the next page of results, or empty if there are + no more results in the list. + type: string + appConnectionDetails: + type: array + description: A list of BeyondCorp AppConnections with details in the project. + items: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponseAppConnectionDetails + unreachable: + items: + type: string + description: A list of locations that could not be reached. + type: array + description: Response message for BeyondCorp.ResolveAppConnections. + type: object + GoogleCloudBeyondcorpPartnerservicesV1mainPartnerServiceOperationMetadata: + type: object + properties: + createTime: + readOnly: true + type: string + format: google-datetime + description: Output only. The time the operation was created. + target: + type: string + readOnly: true + description: >- + Output only. Server-defined resource path for the target of the + operation. + endTime: + type: string + readOnly: true + description: Output only. The time the operation finished running. + format: google-datetime + verb: + description: Output only. Name of the verb executed by the operation. + type: string + readOnly: true apiVersion: + type: string description: Output only. API version used to start the operation. readOnly: true + statusMessage: + readOnly: true type: string - GoogleCloudBeyondcorpAppconnectionsV1AppConnectionOperationMetadata: - id: GoogleCloudBeyondcorpAppconnectionsV1AppConnectionOperationMetadata + description: Output only. Human-readable status of the operation, if any. + requestedCancellation: + type: boolean + readOnly: true + description: >- + Output only. Identifies whether the caller has requested + cancellation of the operation. Operations that have successfully + been cancelled have Operation.error value with a + google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. + deprecated: true + id: >- + GoogleCloudBeyondcorpPartnerservicesV1mainPartnerServiceOperationMetadata description: Represents the metadata of the long-running operation. + GoogleTypeExpr: + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + type: object + properties: + expression: + type: string + description: >- + Textual representation of an expression in Common Expression + Language syntax. + description: + type: string + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + location: + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: string + title: + type: string + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + id: GoogleTypeExpr + Tunnelv1ProtoTunnelerInfo: + id: Tunnelv1ProtoTunnelerInfo type: object properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string + backoffRetryCount: + type: integer + description: >- + backoff_retry_count stores the number of times the tunneler has been + retried by tunManager for current backoff sequence. Gets reset to 0 + if time difference between 2 consecutive retries exceeds + backoffRetryResetTime. + format: uint32 + latestRetryTime: format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true type: string - format: google-datetime - target: description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true + latest_retry_time stores the time when the tunneler was last + restarted. + totalRetryCount: + description: >- + total_retry_count stores the total number of times the tunneler has + been retried by tunManager. + format: uint32 + type: integer + id: + description: id is the unique id of a tunneler. type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true + latestErr: + description: >- + latest_err stores the Error for the latest tunneler failure. Gets + reset everytime the tunneler is retried by tunManager. + $ref: '#/components/schemas/Tunnelv1ProtoTunnelerError' + description: >- + TunnelerInfo contains metadata about tunneler launched by connection + manager. + GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstream: + description: Which upstream resource to forward traffic to. + id: GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstream + properties: + external: + description: List of the external endpoints to forward traffic to. + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstreamExternal + egressPolicy: + description: Optional. Routing policy information. + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1EgressPolicy + proxyProtocol: + description: Optional. Enables proxy protocol configuration for the upstream. + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ProxyProtocolConfig + network: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstreamNetwork + description: Network to forward traffic to. + type: object + GoogleCloudBeyondcorpAppconnectorsV1alphaContainerHealthDetails: + properties: + currentConfigVersion: type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true + description: The version of the current config. + extendedStatus: + description: The extended status. Such as ExitCode, StartedAt, FinishedAt, etc. + additionalProperties: + type: string + type: object + expectedConfigVersion: type: string - requestedCancellation: - description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have google.longrunning.Operation.error value with a - google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + description: The version of the expected config. + errorMsg: + description: The latest error message. type: string - GoogleCloudBeyondcorpAppconnectorsV1alphaAppConnectorOperationMetadata: - id: GoogleCloudBeyondcorpAppconnectorsV1alphaAppConnectorOperationMetadata - description: Represents the metadata of the long-running operation. + id: GoogleCloudBeyondcorpAppconnectorsV1alphaContainerHealthDetails type: object + description: ContainerHealthDetails reflects the health details of a container. + GoogleCloudBeyondcorpConnectorsV1alphaConnectorOperationMetadata: properties: + apiVersion: + readOnly: true + description: Output only. API version used to start the operation. + type: string createTime: description: Output only. The time the operation was created. readOnly: true - type: string format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true type: string - format: google-datetime - target: + requestedCancellation: + type: boolean description: >- - Output only. Server-defined resource path for the target of the - operation. + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. readOnly: true - type: string verb: description: Output only. Name of the verb executed by the operation. - readOnly: true type: string + readOnly: true statusMessage: description: Output only. Human-readable status of the operation, if any. readOnly: true type: string - requestedCancellation: - description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have google.longrunning.Operation.error value with a - google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string - GoogleCloudBeyondcorpAppconnectorsV1AppConnectorOperationMetadata: - id: GoogleCloudBeyondcorpAppconnectorsV1AppConnectorOperationMetadata - description: Represents the metadata of the long-running operation. - type: object - properties: - createTime: - description: Output only. The time the operation was created. + endTime: readOnly: true - type: string format: google-datetime - endTime: description: Output only. The time the operation finished running. - readOnly: true type: string - format: google-datetime target: + readOnly: true description: >- Output only. Server-defined resource path for the target of the operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true - type: string - requestedCancellation: - description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have google.longrunning.Operation.error value with a - google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true type: string - GoogleCloudBeyondcorpAppconnectorsV1alphaRemoteAgentDetails: - id: GoogleCloudBeyondcorpAppconnectorsV1alphaRemoteAgentDetails - description: RemoteAgentDetails reflects the details of a remote agent. + id: GoogleCloudBeyondcorpConnectorsV1alphaConnectorOperationMetadata type: object + description: Represents the metadata of the long-running operation. + GoogleLongrunningCancelOperationRequest: properties: {} - GoogleCloudBeyondcorpAppconnectorsV1RemoteAgentDetails: - id: GoogleCloudBeyondcorpAppconnectorsV1RemoteAgentDetails - description: RemoteAgentDetails reflects the details of a remote agent. type: object + id: GoogleLongrunningCancelOperationRequest + description: The request message for Operations.CancelOperation. + CloudSecurityZerotrustApplinkLogagentProtoLogAgentDetails: properties: {} - GoogleCloudBeyondcorpAppconnectorsV1alphaContainerHealthDetails: - id: GoogleCloudBeyondcorpAppconnectorsV1alphaContainerHealthDetails - description: ContainerHealthDetails reflects the health details of a container. + description: LogAgentDetails reflects the details of a log agent. type: object + id: CloudSecurityZerotrustApplinkLogagentProtoLogAgentDetails + GoogleCloudBeyondcorpSecuritygatewaysV1ProxyProtocolConfig: properties: - expectedConfigVersion: - description: The version of the expected config. - type: string - currentConfigVersion: - description: The version of the current config. - type: string - extendedStatus: - description: The extended status. Such as ExitCode, StartedAt, FinishedAt, etc. + contextualHeaders: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeaders + description: Optional. Configuration for the contextual headers. + allowedClientHeaders: + items: + type: string + type: array + description: Optional. List of the allowed client header names. + metadataHeaders: type: object additionalProperties: type: string - errorMsg: - description: The latest error message. + description: >- + Optional. Custom resource specific headers along with the values. + The names should conform to RFC 9110: >Field names can contain + alphanumeric characters, hyphens, and periods, can contain only + ASCII-printable characters and tabs, and must start with a letter. + clientIp: + description: >- + Optional. Client IP configuration. The client IP address is included + if true. + type: boolean + gatewayIdentity: type: string - GoogleCloudBeyondcorpAppconnectorsV1ContainerHealthDetails: - id: GoogleCloudBeyondcorpAppconnectorsV1ContainerHealthDetails - description: ContainerHealthDetails reflects the health details of a container. + enumDescriptions: + - Unspecified gateway identity. + - >- + Resource name for gateway identity, in the format: + projects/{project_id}/locations/{location_id}/securityGateways/{security_gateway_id} + enum: + - GATEWAY_IDENTITY_UNSPECIFIED + - RESOURCE_NAME + description: Optional. The security gateway identity configuration. + id: GoogleCloudBeyondcorpSecuritygatewaysV1ProxyProtocolConfig + description: The configuration for the proxy. type: object + GoogleIamV1TestIamPermissionsRequest: properties: - expectedConfigVersion: - description: The version of the expected config. - type: string - currentConfigVersion: - description: The version of the current config. - type: string - extendedStatus: - description: The extended status. Such as ExitCode, StartedAt, FinishedAt, etc. - type: object - additionalProperties: + permissions: + items: type: string - errorMsg: - description: The latest error message. - type: string - CloudSecurityZerotrustApplinkAppConnectorProtoConnectorDetails: - id: CloudSecurityZerotrustApplinkAppConnectorProtoConnectorDetails - description: ConnectorDetails reflects the details of a connector. + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + type: array type: object - properties: {} - CloudSecurityZerotrustApplinkAppConnectorProtoConnectionConfig: - id: CloudSecurityZerotrustApplinkAppConnectorProtoConnectionConfig - description: ConnectionConfig represents a Connection Configuration object. + description: Request message for `TestIamPermissions` method. + id: GoogleIamV1TestIamPermissionsRequest + GoogleCloudBeyondcorpAppconnectorsV1ListAppConnectorsResponse: + description: Response message for BeyondCorp.ListAppConnectors. + id: GoogleCloudBeyondcorpAppconnectorsV1ListAppConnectorsResponse type: object properties: - name: - description: >- - name is the unique ID for each connection. TODO(b/190732451) returns - connection name from user-specified name in config. Now, name = - ${application_name}:${application_endpoint} - type: string - project: - description: project represents the consumer project the connection belongs to. - type: string - applicationName: - description: >- - application_name represents the given name of the application the - connection is connecting with. - type: string - applicationEndpoint: + nextPageToken: description: >- - application_endpoint is the endpoint of the application the form of - host:port. For example, "localhost:80". + A token to retrieve the next page of results, or empty if there are + no more results in the list. type: string - gateway: - description: >- - gateway lists all instances running a gateway in GCP. They all - connect to a connector on the host. + unreachable: + description: A list of locations that could not be reached. + items: + type: string + type: array + appConnectors: type: array items: $ref: >- - #/components/schemas/CloudSecurityZerotrustApplinkAppConnectorProtoGateway - tunnelsPerGateway: - description: >- - tunnels_per_gateway reflects the number of tunnels between a - connector and a gateway. - type: integer - format: uint32 - userPort: - description: >- - user_port specifies the reserved port on gateways for user - connections. - type: integer - format: int32 - CloudSecurityZerotrustApplinkAppConnectorProtoGateway: - id: CloudSecurityZerotrustApplinkAppConnectorProtoGateway - description: Gateway represents a GCE VM Instance endpoint for use by IAP TCP. + #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1AppConnector + description: A list of BeyondCorp AppConnectors in the project. + GoogleCloudBeyondcorpAppconnectorsV1AppConnector: + description: >- + A BeyondCorp connector resource that represents an application facing + component deployed proximal to and with direct access to the application + instances. It is used to establish connectivity between the remote + enterprise environment and GCP. It initiates connections to the + applications and can proxy the data from users over the connection. type: object + id: GoogleCloudBeyondcorpAppconnectorsV1AppConnector properties: - selfLink: - description: >- - self_link is the gateway URL in the form - https://www.googleapis.com/compute/${version}/projects/${project}/zones/${zone}/instances/${instance} - type: string - project: + displayName: description: >- - project is the tenant project the gateway belongs to. Different from - the project in the connection, it is a BeyondCorpAPI internally - created project to manage all the gateways. It is sharing the same - network with the consumer project user owned. It is derived from the - gateway URL. For example, project=${project} assuming a gateway URL. - https://www.googleapis.com/compute/${version}/projects/${project}/zones/${zone}/instances/${instance} + Optional. An arbitrary user-provided name for the AppConnector. + Cannot exceed 64 characters. type: string - zone: - description: >- - zone represents the zone the instance belongs. It is derived from - the gateway URL. For example, zone=${zone} assuming a gateway URL. - https://www.googleapis.com/compute/${version}/projects/${project}/zones/${zone}/instances/${instance} + resourceInfo: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo + description: Optional. Resource info of the connector. + updateTime: + readOnly: true type: string + format: google-datetime + description: Output only. Timestamp when the resource was last modified. name: description: >- - name is the name of an instance running a gateway. It is the unique - ID for a gateway. All gateways under the same connection have the - same prefix. It is derived from the gateway URL. For example, - name=${instance} assuming a gateway URL. - https://www.googleapis.com/compute/${version}/projects/${project}/zones/${zone}/instances/${instance} + Required. Unique resource name of the AppConnector. The name is + ignored when creating a AppConnector. type: string - interface: - description: >- - interface specifies the network interface of the gateway to connect - to. + state: + enum: + - STATE_UNSPECIFIED + - CREATING + - CREATED + - UPDATING + - DELETING + - DOWN type: string - port: - description: >- - port specifies the port of the gateway for tunnel connections from - the connectors. - type: integer - format: uint32 - GoogleCloudBeyondcorpAppgatewaysV1alphaAppGatewayOperationMetadata: - id: GoogleCloudBeyondcorpAppgatewaysV1alphaAppGatewayOperationMetadata - description: Represents the metadata of the long-running operation. - type: object - properties: + enumDescriptions: + - Default value. This value is unused. + - AppConnector is being created. + - AppConnector has been created. + - AppConnector's configuration is being updated. + - AppConnector is being deleted. + - >- + AppConnector is down and may be restored in the future. This + happens when CCFE sends ProjectState = OFF. + description: Output only. The current state of the AppConnector. + readOnly: true createTime: - description: Output only. The time the operation was created. readOnly: true - type: string format: google-datetime - endTime: - description: Output only. The time the operation finished running. + description: Output only. Timestamp when the resource was created. + type: string + labels: + description: Optional. Resource labels to represent user provided metadata. + type: object + additionalProperties: + type: string + uid: readOnly: true type: string - format: google-datetime - target: description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true + Output only. A unique identifier for the instance generated by the + system. + principalInfo: + description: >- + Required. Principal information about the Identity of the + AppConnector. + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfo + GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfoServiceAccount: + description: ServiceAccount represents a GCP service account. + type: object + id: >- + GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfoServiceAccount + properties: + email: + description: Email address of the service account. type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true + GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstreamNetwork: + description: Network to forward traffic to. + type: object + id: GoogleCloudBeyondcorpSecuritygatewaysV1ApplicationUpstreamNetwork + properties: + name: + description: >- + Required. Network name is of the format: + `projects/{project}/global/networks/{network} type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true + GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeaders: + properties: + outputType: + enum: + - OUTPUT_TYPE_UNSPECIFIED + - PROTOBUF + - JSON + - NONE type: string - requestedCancellation: + enumDescriptions: + - The unspecified output type. + - Protobuf output type. + - JSON output type. + - Explicitly disable header output. + description: Optional. Default output type for all enabled headers. + userInfo: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedUserInfo + description: Optional. User details. + groupInfo: + description: Optional. Group details. + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedGroupInfo + deviceInfo: + description: Optional. The device information configuration. + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedDeviceInfo + type: object + description: Contextual headers configuration. + id: GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeaders + GoogleIamV1Binding: + type: object + id: GoogleIamV1Binding + description: Associates `members`, or principals, with a `role`. + properties: + members: + type: array description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have google.longrunning.Operation.error value with a - google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + items: + type: string + role: + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + type: string + condition: + $ref: '#/components/schemas/GoogleTypeExpr' + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + GoogleCloudBeyondcorpSecuritygatewaysV1Endpoint: + description: Internet Gateway endpoint to forward traffic to. + properties: + hostname: + description: Required. Hostname of the endpoint. type: string - AppGatewayOperationMetadata: - id: AppGatewayOperationMetadata - description: Represents the metadata of the long-running operation. + port: + type: integer + format: int32 + description: Required. Port of the endpoint. type: object + id: GoogleCloudBeyondcorpSecuritygatewaysV1Endpoint + GoogleCloudBeyondcorpSecuritygatewaysV1alphaSecurityGatewayOperationMetadata: + description: Represents the metadata of the long-running operation. + id: >- + GoogleCloudBeyondcorpSecuritygatewaysV1alphaSecurityGatewayOperationMetadata properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + apiVersion: + description: Output only. API version used to start the operation. type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. readOnly: true - type: string - format: google-datetime target: description: >- Output only. Server-defined resource path for the target of the @@ -1775,297 +2060,235 @@ components: type: string verb: description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true type: string - requestedCancellation: - description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have google.longrunning.Operation.error value with a - google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. readOnly: true - type: string - GoogleCloudBeyondcorpConnectionsV1alphaConnectionOperationMetadata: - id: GoogleCloudBeyondcorpConnectionsV1alphaConnectionOperationMetadata - description: Represents the metadata of the long-running operation. - type: object - properties: createTime: description: Output only. The time the operation was created. readOnly: true type: string format: google-datetime endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string format: google-datetime - target: - description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true + description: Output only. The time the operation finished running. type: string - verb: - description: Output only. Name of the verb executed by the operation. readOnly: true - type: string statusMessage: description: Output only. Human-readable status of the operation, if any. - readOnly: true type: string + readOnly: true requestedCancellation: description: >- Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled + of the operation. Operations that have been cancelled successfully have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. readOnly: true type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string - GoogleCloudBeyondcorpConnectorsV1alphaConnectorOperationMetadata: - id: GoogleCloudBeyondcorpConnectorsV1alphaConnectorOperationMetadata - description: Represents the metadata of the long-running operation. type: object + GoogleCloudBeyondcorpAppconnectorsV1ReportStatusRequest: properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - target: - description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true - type: string - requestedCancellation: + validateOnly: description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true + Optional. If set, validates request by executing a dry-run which + would not alter the resource in any way. type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + resourceInfo: + description: Required. Resource info of the connector. + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo + requestId: + description: >- + Optional. An optional request ID to identify requests. Specify a + unique request ID so that if you must retry your request, the server + will know to ignore the request if it has already been completed. + The server will guarantee that for at least 60 minutes since the + first request. For example, consider a situation where you make an + initial request and the request times out. If you make the request + again with the same request ID, the server can check if original + operation with the same request ID was received, and if so, will + ignore the second request. This prevents clients from accidentally + creating duplicate commitments. The request ID must be a valid UUID + with the exception that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). type: string - GoogleCloudBeyondcorpConnectorsV1alphaRemoteAgentDetails: - id: GoogleCloudBeyondcorpConnectorsV1alphaRemoteAgentDetails - description: RemoteAgentDetails reflects the details of a remote agent. + description: Request report the connector status. type: object - properties: {} - GoogleCloudBeyondcorpConnectorsV1alphaContainerHealthDetails: - id: GoogleCloudBeyondcorpConnectorsV1alphaContainerHealthDetails - description: ContainerHealthDetails reflects the health details of a container. + id: GoogleCloudBeyondcorpAppconnectorsV1ReportStatusRequest + GoogleCloudBeyondcorpAppconnectorsV1NotificationConfigCloudPubSubNotificationConfig: + id: >- + GoogleCloudBeyondcorpAppconnectorsV1NotificationConfigCloudPubSubNotificationConfig type: object + description: The configuration for Pub/Sub messaging for the AppConnector. properties: - expectedConfigVersion: - description: The version of the expected config. - type: string - currentConfigVersion: - description: The version of the current config. - type: string - extendedStatus: - description: The extended status. Such as ExitCode, StartedAt, FinishedAt, etc. - type: object - additionalProperties: - type: string - errorMsg: - description: The latest error message. + pubsubSubscription: + description: >- + The Pub/Sub subscription the AppConnector uses to receive + notifications. type: string - GoogleCloudBeyondcorpPartnerservicesV1mainPartnerServiceOperationMetadata: - id: >- - GoogleCloudBeyondcorpPartnerservicesV1mainPartnerServiceOperationMetadata - description: Represents the metadata of the long-running operation. + GoogleLongrunningListOperationsResponse: + description: The response message for Operations.ListOperations. type: object + id: GoogleLongrunningListOperationsResponse properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - target: + unreachable: + type: array description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true - type: string - requestedCancellation: + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + items: + type: string + operations: + type: array + items: + $ref: '#/components/schemas/GoogleLongrunningOperation' description: >- - Output only. Identifies whether the caller has requested - cancellation of the operation. Operations that have successfully - been cancelled have Operation.error value with a - google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + A list of operations that matches the specified filter in the + request. + nextPageToken: + description: The standard List next-page token. type: string - GoogleCloudBeyondcorpPartnerservicesV1alphaPartnerServiceOperationMetadata: - id: >- - GoogleCloudBeyondcorpPartnerservicesV1alphaPartnerServiceOperationMetadata - description: Represents the metadata of the long-running operation. + GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedUserInfo: type: object + description: The configuration information for the delegated user. + id: >- + GoogleCloudBeyondcorpSecuritygatewaysV1ContextualHeadersDelegatedUserInfo properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - target: - description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true + outputType: + description: Optional. The delegated user's information. + enumDescriptions: + - The unspecified output type. + - Protobuf output type. + - JSON output type. + - Explicitly disable header output. type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true + enum: + - OUTPUT_TYPE_UNSPECIFIED + - PROTOBUF + - JSON + - NONE + GoogleCloudBeyondcorpAppconnectionsV1AppConnectionApplicationEndpoint: + description: ApplicationEndpoint represents a remote application endpoint. + id: GoogleCloudBeyondcorpAppconnectionsV1AppConnectionApplicationEndpoint + type: object + properties: + port: + format: int32 + description: Required. Port of the remote application endpoint. + type: integer + host: + description: Required. Hostname or IP address of the remote application endpoint. type: string - requestedCancellation: + GoogleRpcStatus: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + properties: + details: description: >- - Output only. Identifies whether the caller has requested - cancellation of the operation. Operations that have successfully - been cancelled have Operation.error value with a - google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + code: + type: integer + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - GoogleCloudBeyondcorpSecuritygatewaysV1alphaSecurityGatewayOperationMetadata: - id: >- - GoogleCloudBeyondcorpSecuritygatewaysV1alphaSecurityGatewayOperationMetadata - description: Represents the metadata of the long-running operation. + id: GoogleRpcStatus type: object + CloudSecurityZerotrustApplinkAppConnectorProtoGateway: + description: Gateway represents a GCE VM Instance endpoint for use by IAP TCP. + id: CloudSecurityZerotrustApplinkAppConnectorProtoGateway properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + interface: + description: >- + interface specifies the network interface of the gateway to connect + to. type: string - format: google-datetime - target: + project: description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true + project is the tenant project the gateway belongs to. Different from + the project in the connection, it is a BeyondCorpAPI internally + created project to manage all the gateways. It is sharing the same + network with the consumer project user owned. It is derived from the + gateway URL. For example, project=${project} assuming a gateway URL. + https://www.googleapis.com/compute/${version}/projects/${project}/zones/${zone}/instances/${instance} type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true + selfLink: type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true + description: >- + self_link is the gateway URL in the form + https://www.googleapis.com/compute/${version}/projects/${project}/zones/${zone}/instances/${instance} + zone: + description: >- + zone represents the zone the instance belongs. It is derived from + the gateway URL. For example, zone=${zone} assuming a gateway URL. + https://www.googleapis.com/compute/${version}/projects/${project}/zones/${zone}/instances/${instance} type: string - requestedCancellation: + port: + type: integer + format: uint32 description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been cancelled successfully - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + port specifies the port of the gateway for tunnel connections from + the connectors. + name: + description: >- + name is the name of an instance running a gateway. It is the unique + ID for a gateway. All gateways under the same connection have the + same prefix. It is derived from the gateway URL. For example, + name=${instance} assuming a gateway URL. + https://www.googleapis.com/compute/${version}/projects/${project}/zones/${zone}/instances/${instance} type: string - GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGatewayOperationMetadata: - id: GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGatewayOperationMetadata - description: Represents the metadata of the long-running operation. type: object + GoogleCloudBeyondcorpAppconnectionsV1ListAppConnectionsResponse: + description: Response message for BeyondCorp.ListAppConnections. properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - target: + nextPageToken: description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true + A token to retrieve the next page of results, or empty if there are + no more results in the list. type: string - requestedCancellation: + appConnections: + description: A list of BeyondCorp AppConnections in the project. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1AppConnection + unreachable: + type: array + description: A list of locations that could not be reached. + items: + type: string + type: object + id: GoogleCloudBeyondcorpAppconnectionsV1ListAppConnectionsResponse + GoogleIamV1TestIamPermissionsResponse: + id: GoogleIamV1TestIamPermissionsResponse + description: Response message for `TestIamPermissions` method. + type: object + properties: + permissions: + type: array description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been cancelled successfully - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + items: + type: string parameters: access_token: description: OAuth access token. @@ -2073,22 +2296,6 @@ components: name: access_token schema: type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string fields: description: Selector specifying which fields to include in a partial response. in: query @@ -2104,6 +2311,25 @@ components: name: key schema: type: string + alt: + description: Data format for response. + in: query + name: alt + schema: + type: string + enum: + - json + - media + - proto + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' oauth_token: description: OAuth 2.0 token for the current user. in: query @@ -2116,6 +2342,12 @@ components: name: prettyPrint schema: type: boolean + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -2125,636 +2357,630 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - _.xgafv: - description: V1 error format. + callback: + description: JSONP in: query - name: $.xgafv + name: callback schema: - type: string - enum: - - '1' - - '2' - x-stackQL-resources: - locations: - id: google.beyondcorp.locations - name: locations - title: Locations - methods: - projects_locations_list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations - projects_locations_get: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/locations/methods/projects_locations_get - - $ref: >- - #/components/x-stackQL-resources/locations/methods/projects_locations_list - insert: [] - update: [] - replace: [] - delete: [] + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + x-stackQL-resources: operations: id: google.beyondcorp.operations name: operations title: Operations methods: - projects_locations_operations_list: + organizations_locations_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_locations_operations_get: + organizations_locations_operations_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_operations_delete: + organizations_locations_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_operations_cancel: + objectKey: $.unreachable + organizations_locations_operations_cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_operations_list: + projects_locations_operations_cancel: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - organizations_locations_operations_get: + projects_locations_operations_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_operations_delete: + objectKey: $.unreachable + projects_locations_operations_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_operations_cancel: + projects_locations_operations_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/organizations_locations_operations_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_list + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/organizations_locations_operations_list + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_list insert: [] update: [] replace: [] delete: - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_delete - $ref: >- #/components/x-stackQL-resources/operations/methods/organizations_locations_operations_delete - app_connections: - id: google.beyondcorp.app_connections - name: app_connections - title: App_connections + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_delete + app_connectors_iam_policies: + id: google.beyondcorp.app_connectors_iam_policies + name: app_connectors_iam_policies + title: App_connectors_iam_policies methods: - projects_locations_app_connections_list: + projects_locations_app_connectors_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors~1{appConnectorsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.appConnections - projects_locations_app_connections_create: + projects_locations_app_connectors_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors~1{appConnectorsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_app_connections_get: + objectKey: $.bindings + projects_locations_app_connectors_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections~1{appConnectionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors~1{appConnectorsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_app_connections_patch: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/app_connectors_iam_policies/methods/projects_locations_app_connectors_get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/app_connectors_iam_policies/methods/projects_locations_app_connectors_set_iam_policy + delete: [] + app_connectors: + id: google.beyondcorp.app_connectors + name: app_connectors + title: App_connectors + methods: + projects_locations_app_connectors_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections~1{appConnectionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_app_connections_delete: + objectKey: $.appConnectors + projects_locations_app_connectors_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections~1{appConnectionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_app_connections_resolve: + projects_locations_app_connectors_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections:resolve/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors~1{appConnectorsId}/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/app_connections/methods/projects_locations_app_connections_get - - $ref: >- - #/components/x-stackQL-resources/app_connections/methods/projects_locations_app_connections_list - insert: - - $ref: >- - #/components/x-stackQL-resources/app_connections/methods/projects_locations_app_connections_create - update: - - $ref: >- - #/components/x-stackQL-resources/app_connections/methods/projects_locations_app_connections_patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/app_connections/methods/projects_locations_app_connections_delete - app_connections_iam_policies: - id: google.beyondcorp.app_connections_iam_policies - name: app_connections_iam_policies - title: App_connections_iam_policies - methods: - projects_locations_app_connections_set_iam_policy: + projects_locations_app_connectors_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections~1{appConnectionsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors~1{appConnectorsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_app_connections_get_iam_policy: + projects_locations_app_connectors_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections~1{appConnectionsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors~1{appConnectorsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_app_connections_test_iam_permissions: + projects_locations_app_connectors_report_status: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections~1{appConnectionsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors~1{appConnectorsId}:reportStatus/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_app_connectors_resolve_instance_config: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors~1{appConnectorsId}:resolveInstanceConfig/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/app_connections_iam_policies/methods/projects_locations_app_connections_get_iam_policy - insert: [] - update: [] - replace: + #/components/x-stackQL-resources/app_connectors/methods/projects_locations_app_connectors_get - $ref: >- - #/components/x-stackQL-resources/app_connections_iam_policies/methods/projects_locations_app_connections_set_iam_policy - delete: [] - app_connectors: - id: google.beyondcorp.app_connectors - name: app_connectors - title: App_connectors + #/components/x-stackQL-resources/app_connectors/methods/projects_locations_app_connectors_list + insert: + - $ref: >- + #/components/x-stackQL-resources/app_connectors/methods/projects_locations_app_connectors_create + update: + - $ref: >- + #/components/x-stackQL-resources/app_connectors/methods/projects_locations_app_connectors_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/app_connectors/methods/projects_locations_app_connectors_delete + applications: + id: google.beyondcorp.applications + name: applications + title: Applications methods: - projects_locations_app_connectors_list: + projects_locations_security_gateways_applications_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}~1applications~1{applicationsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.appConnectors - projects_locations_app_connectors_create: + projects_locations_security_gateways_applications_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}~1applications~1{applicationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_app_connectors_get: + projects_locations_security_gateways_applications_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors~1{appConnectorsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}~1applications~1{applicationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_app_connectors_patch: + projects_locations_security_gateways_applications_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors~1{appConnectorsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}~1applications/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_app_connectors_delete: + projects_locations_security_gateways_applications_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors~1{appConnectorsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}~1applications/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_app_connectors_resolve_instance_config: + objectKey: $.applications + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/applications/methods/projects_locations_security_gateways_applications_get + - $ref: >- + #/components/x-stackQL-resources/applications/methods/projects_locations_security_gateways_applications_list + insert: + - $ref: >- + #/components/x-stackQL-resources/applications/methods/projects_locations_security_gateways_applications_create + update: + - $ref: >- + #/components/x-stackQL-resources/applications/methods/projects_locations_security_gateways_applications_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/applications/methods/projects_locations_security_gateways_applications_delete + applications_iam_policies: + id: google.beyondcorp.applications_iam_policies + name: applications_iam_policies + title: Applications_iam_policies + methods: + projects_locations_security_gateways_applications_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors~1{appConnectorsId}:resolveInstanceConfig/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}~1applications~1{applicationsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_app_connectors_report_status: + projects_locations_security_gateways_applications_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors~1{appConnectorsId}:reportStatus/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}~1applications~1{applicationsId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + projects_locations_security_gateways_applications_set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}~1applications~1{applicationsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/app_connectors/methods/projects_locations_app_connectors_get - - $ref: >- - #/components/x-stackQL-resources/app_connectors/methods/projects_locations_app_connectors_list - insert: - - $ref: >- - #/components/x-stackQL-resources/app_connectors/methods/projects_locations_app_connectors_create - update: - - $ref: >- - #/components/x-stackQL-resources/app_connectors/methods/projects_locations_app_connectors_patch - replace: [] - delete: + #/components/x-stackQL-resources/applications_iam_policies/methods/projects_locations_security_gateways_applications_get_iam_policy + insert: [] + update: [] + replace: - $ref: >- - #/components/x-stackQL-resources/app_connectors/methods/projects_locations_app_connectors_delete - app_connectors_iam_policies: - id: google.beyondcorp.app_connectors_iam_policies - name: app_connectors_iam_policies - title: App_connectors_iam_policies + #/components/x-stackQL-resources/applications_iam_policies/methods/projects_locations_security_gateways_applications_set_iam_policy + delete: [] + security_gateways_iam_policies: + id: google.beyondcorp.security_gateways_iam_policies + name: security_gateways_iam_policies + title: Security_gateways_iam_policies methods: - projects_locations_app_connectors_set_iam_policy: + projects_locations_security_gateways_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors~1{appConnectorsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_app_connectors_get_iam_policy: + objectKey: $.bindings + projects_locations_security_gateways_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors~1{appConnectorsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_app_connectors_test_iam_permissions: + projects_locations_security_gateways_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnectors~1{appConnectorsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/app_connectors_iam_policies/methods/projects_locations_app_connectors_get_iam_policy + #/components/x-stackQL-resources/security_gateways_iam_policies/methods/projects_locations_security_gateways_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/app_connectors_iam_policies/methods/projects_locations_app_connectors_set_iam_policy + #/components/x-stackQL-resources/security_gateways_iam_policies/methods/projects_locations_security_gateways_set_iam_policy delete: [] - app_gateways: - id: google.beyondcorp.app_gateways - name: app_gateways - title: App_gateways + security_gateways: + id: google.beyondcorp.security_gateways + name: security_gateways + title: Security_gateways methods: - projects_locations_app_gateways_list: + projects_locations_security_gateways_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appGateways/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.appGateways - projects_locations_app_gateways_create: + projects_locations_security_gateways_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appGateways/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_app_gateways_get: + objectKey: $.unreachable + projects_locations_security_gateways_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appGateways~1{appGatewaysId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_app_gateways_delete: + projects_locations_security_gateways_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appGateways~1{appGatewaysId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_security_gateways_delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/app_gateways/methods/projects_locations_app_gateways_get + #/components/x-stackQL-resources/security_gateways/methods/projects_locations_security_gateways_get - $ref: >- - #/components/x-stackQL-resources/app_gateways/methods/projects_locations_app_gateways_list + #/components/x-stackQL-resources/security_gateways/methods/projects_locations_security_gateways_list insert: - $ref: >- - #/components/x-stackQL-resources/app_gateways/methods/projects_locations_app_gateways_create - update: [] + #/components/x-stackQL-resources/security_gateways/methods/projects_locations_security_gateways_create + update: + - $ref: >- + #/components/x-stackQL-resources/security_gateways/methods/projects_locations_security_gateways_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/app_gateways/methods/projects_locations_app_gateways_delete - app_gateways_iam_policies: - id: google.beyondcorp.app_gateways_iam_policies - name: app_gateways_iam_policies - title: App_gateways_iam_policies + #/components/x-stackQL-resources/security_gateways/methods/projects_locations_security_gateways_delete + app_connections: + id: google.beyondcorp.app_connections + name: app_connections + title: App_connections methods: - projects_locations_app_gateways_set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appGateways~1{appGatewaysId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_app_gateways_get_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appGateways~1{appGatewaysId}:getIamPolicy/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_app_gateways_test_iam_permissions: + projects_locations_app_connections_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appGateways~1{appGatewaysId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/app_gateways_iam_policies/methods/projects_locations_app_gateways_get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/app_gateways_iam_policies/methods/projects_locations_app_gateways_set_iam_policy - delete: [] - security_gateways: - id: google.beyondcorp.security_gateways - name: security_gateways - title: Security_gateways - methods: - projects_locations_security_gateways_list: + objectKey: $.appConnections + projects_locations_app_connections_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.securityGateways - projects_locations_security_gateways_create: + projects_locations_app_connections_resolve: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections:resolve/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_security_gateways_get: + projects_locations_app_connections_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections~1{appConnectionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_security_gateways_patch: + projects_locations_app_connections_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections~1{appConnectionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_security_gateways_delete: + projects_locations_app_connections_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections~1{appConnectionsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/security_gateways/methods/projects_locations_security_gateways_get + #/components/x-stackQL-resources/app_connections/methods/projects_locations_app_connections_get - $ref: >- - #/components/x-stackQL-resources/security_gateways/methods/projects_locations_security_gateways_list + #/components/x-stackQL-resources/app_connections/methods/projects_locations_app_connections_list insert: - $ref: >- - #/components/x-stackQL-resources/security_gateways/methods/projects_locations_security_gateways_create + #/components/x-stackQL-resources/app_connections/methods/projects_locations_app_connections_create update: - $ref: >- - #/components/x-stackQL-resources/security_gateways/methods/projects_locations_security_gateways_patch + #/components/x-stackQL-resources/app_connections/methods/projects_locations_app_connections_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/security_gateways/methods/projects_locations_security_gateways_delete - security_gateways_iam_policies: - id: google.beyondcorp.security_gateways_iam_policies - name: security_gateways_iam_policies - title: Security_gateways_iam_policies + #/components/x-stackQL-resources/app_connections/methods/projects_locations_app_connections_delete + app_connections_iam_policies: + id: google.beyondcorp.app_connections_iam_policies + name: app_connections_iam_policies + title: App_connections_iam_policies methods: - projects_locations_security_gateways_set_iam_policy: + projects_locations_app_connections_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections~1{appConnectionsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_security_gateways_get_iam_policy: + projects_locations_app_connections_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections~1{appConnectionsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - projects_locations_security_gateways_test_iam_permissions: + projects_locations_app_connections_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appConnections~1{appConnectionsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/security_gateways_iam_policies/methods/projects_locations_security_gateways_get_iam_policy + #/components/x-stackQL-resources/app_connections_iam_policies/methods/projects_locations_app_connections_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/security_gateways_iam_policies/methods/projects_locations_security_gateways_set_iam_policy + #/components/x-stackQL-resources/app_connections_iam_policies/methods/projects_locations_app_connections_set_iam_policy delete: [] - applications: - id: google.beyondcorp.applications - name: applications - title: Applications + app_gateways_iam_policies: + id: google.beyondcorp.app_gateways_iam_policies + name: app_gateways_iam_policies + title: App_gateways_iam_policies methods: - projects_locations_security_gateways_applications_list: + projects_locations_app_gateways_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}~1applications/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appGateways~1{appGatewaysId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.applications - projects_locations_security_gateways_applications_create: + projects_locations_app_gateways_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}~1applications/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appGateways~1{appGatewaysId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_security_gateways_applications_get: + objectKey: $.bindings + projects_locations_app_gateways_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}~1applications~1{applicationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appGateways~1{appGatewaysId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_security_gateways_applications_patch: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/app_gateways_iam_policies/methods/projects_locations_app_gateways_get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/app_gateways_iam_policies/methods/projects_locations_app_gateways_set_iam_policy + delete: [] + app_gateways: + id: google.beyondcorp.app_gateways + name: app_gateways + title: App_gateways + methods: + projects_locations_app_gateways_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}~1applications~1{applicationsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appGateways/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_security_gateways_applications_delete: + projects_locations_app_gateways_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}~1applications~1{applicationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appGateways/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.appGateways + projects_locations_app_gateways_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appGateways~1{appGatewaysId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_app_gateways_delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appGateways~1{appGatewaysId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/applications/methods/projects_locations_security_gateways_applications_get + #/components/x-stackQL-resources/app_gateways/methods/projects_locations_app_gateways_get - $ref: >- - #/components/x-stackQL-resources/applications/methods/projects_locations_security_gateways_applications_list + #/components/x-stackQL-resources/app_gateways/methods/projects_locations_app_gateways_list insert: - $ref: >- - #/components/x-stackQL-resources/applications/methods/projects_locations_security_gateways_applications_create - update: - - $ref: >- - #/components/x-stackQL-resources/applications/methods/projects_locations_security_gateways_applications_patch + #/components/x-stackQL-resources/app_gateways/methods/projects_locations_app_gateways_create + update: [] replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/applications/methods/projects_locations_security_gateways_applications_delete - applications_iam_policies: - id: google.beyondcorp.applications_iam_policies - name: applications_iam_policies - title: Applications_iam_policies + #/components/x-stackQL-resources/app_gateways/methods/projects_locations_app_gateways_delete + locations: + id: google.beyondcorp.locations + name: locations + title: Locations methods: - projects_locations_security_gateways_applications_set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}~1applications~1{applicationsId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_security_gateways_applications_get_iam_policy: + projects_locations_list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}~1applications~1{applicationsId}:getIamPolicy/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_security_gateways_applications_test_iam_permissions: + objectKey: $.locations + projects_locations_get: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1securityGateways~1{securityGatewaysId}~1applications~1{applicationsId}:testIamPermissions/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/applications_iam_policies/methods/projects_locations_security_gateways_applications_get_iam_policy + #/components/x-stackQL-resources/locations/methods/projects_locations_get + - $ref: >- + #/components/x-stackQL-resources/locations/methods/projects_locations_list insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/applications_iam_policies/methods/projects_locations_security_gateways_applications_set_iam_policy + replace: [] delete: [] paths: - /v1/projects/{projectsId}/locations: + /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}: parameters: &ref_1 - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' get: - description: Lists information about the supported locations for this service. - operationId: beyondcorp.projects.locations.list + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: beyondcorp.organizations.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2766,35 +2992,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudLocationListLocationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: extraLocationTypes + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 - get: - description: Gets information about a location. - operationId: beyondcorp.projects.locations.get + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: beyondcorp.organizations.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2806,10 +3027,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudLocationLocation' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -2818,13 +3039,18 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/locations/{locationsId}/operations: parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: beyondcorp.projects.locations.operations.list + operationId: beyondcorp.organizations.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2839,7 +3065,7 @@ paths: $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -2848,62 +3074,42 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: beyondcorp.projects.locations.operations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId - required: true + name: filter schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: returnPartialSuccess schema: - type: string - - in: path - name: operationsId - required: true + type: boolean + - in: query + name: pageToken schema: type: string - delete: + /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: beyondcorp.projects.locations.operations.delete + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: beyondcorp.organizations.locations.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2918,7 +3124,7 @@ paths: $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -2932,25 +3138,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}:testIamPermissions: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: beyondcorp.projects.locations.operations.cancel + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: beyondcorp.projects.locations.appConnectors.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2962,7 +3164,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -2975,15 +3177,15 @@ paths: schema: type: string - in: path - name: operationsId + name: appConnectorsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/appConnections: + /v1/projects/{projectsId}/locations/{locationsId}/appConnectors: parameters: *ref_1 get: - description: Lists AppConnections in a given project and location. - operationId: beyondcorp.projects.locations.appConnections.list + description: Lists AppConnectors in a given project and location. + operationId: beyondcorp.projects.locations.appConnectors.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2996,7 +3198,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1ListAppConnectionsResponse + #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1ListAppConnectorsResponse parameters: - in: path name: projectsId @@ -3009,31 +3211,31 @@ paths: schema: type: string - in: query - name: pageSize + name: filter schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: orderBy schema: type: string - in: query - name: filter + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: orderBy + name: pageToken schema: type: string post: - description: Creates a new AppConnection in a given project and location. - operationId: beyondcorp.projects.locations.appConnections.create + description: Creates a new AppConnector in a given project and location. + operationId: beyondcorp.projects.locations.appConnectors.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1AppConnection + #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1AppConnector security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3058,22 +3260,22 @@ paths: schema: type: string - in: query - name: appConnectionId - schema: - type: string - - in: query - name: requestId + name: appConnectorId schema: type: string - in: query name: validateOnly schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/appConnections/{appConnectionsId}: + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}: parameters: *ref_1 - get: - description: Gets details of a single AppConnection. - operationId: beyondcorp.projects.locations.appConnections.get + delete: + description: Deletes a single AppConnector. + operationId: beyondcorp.projects.locations.appConnectors.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3085,8 +3287,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1AppConnection + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -3099,19 +3300,21 @@ paths: schema: type: string - in: path - name: appConnectionsId + name: appConnectorsId required: true schema: type: string - patch: - description: Updates the parameters of a single AppConnection. - operationId: beyondcorp.projects.locations.appConnections.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1AppConnection + - in: query + name: requestId + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean + get: + description: Gets details of a single AppConnector. + operationId: beyondcorp.projects.locations.appConnectors.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3123,7 +3326,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1AppConnector parameters: - in: path name: projectsId @@ -3131,35 +3335,24 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: appConnectionsId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId + name: locationsId + required: true schema: type: string - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: allowMissing + - in: path + name: appConnectorsId + required: true schema: - type: boolean - delete: - description: Deletes a single AppConnection. - operationId: beyondcorp.projects.locations.appConnections.delete + type: string + patch: + description: Updates the parameters of a single AppConnector. + operationId: beyondcorp.projects.locations.appConnectors.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1AppConnector security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3184,7 +3377,7 @@ paths: schema: type: string - in: path - name: appConnectionsId + name: appConnectorsId required: true schema: type: string @@ -3192,17 +3385,22 @@ paths: name: requestId schema: type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask - in: query name: validateOnly schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/appConnections:resolve: + /v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}:getIamPolicy: parameters: *ref_1 get: description: >- - Resolves AppConnections details for a given AppConnector. An internal - method called by a connector to find AppConnections to connect to. - operationId: beyondcorp.projects.locations.appConnections.resolve + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: beyondcorp.projects.locations.appConnectors.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3214,8 +3412,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponse + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -3227,27 +3424,24 @@ paths: required: true schema: type: string - - in: query - name: appConnectorId + - in: path + name: appConnectorsId + required: true schema: type: string - in: query - name: pageSize + name: options.requestedPolicyVersion schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/appConnections/{appConnectionsId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}:setIamPolicy: parameters: *ref_1 post: description: >- Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. - operationId: beyondcorp.projects.locations.appConnections.setIamPolicy + operationId: beyondcorp.projects.locations.appConnectors.setIamPolicy requestBody: content: application/json: @@ -3277,17 +3471,21 @@ paths: schema: type: string - in: path - name: appConnectionsId + name: appConnectorsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/appConnections/{appConnectionsId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}:reportStatus: parameters: *ref_1 - get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: beyondcorp.projects.locations.appConnections.getIamPolicy + post: + description: Report status for a given connector. + operationId: beyondcorp.projects.locations.appConnectors.reportStatus + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1ReportStatusRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3299,7 +3497,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -3312,30 +3510,17 @@ paths: schema: type: string - in: path - name: appConnectionsId + name: appConnectorsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/appConnections/{appConnectionsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}:resolveInstanceConfig: parameters: *ref_1 - post: + get: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: beyondcorp.projects.locations.appConnections.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' + Gets instance configuration for a given AppConnector. An internal method + called by a AppConnector to get its container config. + operationId: beyondcorp.projects.locations.appConnectors.resolveInstanceConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3347,7 +3532,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1ResolveInstanceConfigResponse parameters: - in: path name: projectsId @@ -3360,15 +3546,21 @@ paths: schema: type: string - in: path - name: appConnectionsId + name: appConnectorsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/appConnectors: + /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications/{applicationsId}: parameters: *ref_1 - get: - description: Lists AppConnectors in a given project and location. - operationId: beyondcorp.projects.locations.appConnectors.list + patch: + description: Updates the parameters of a single Application. + operationId: beyondcorp.projects.locations.securityGateways.applications.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1Application security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3380,8 +3572,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1ListAppConnectorsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -3393,32 +3584,28 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: securityGatewaysId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: applicationsId + required: true schema: type: string - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: updateMask schema: type: string - post: - description: Creates a new AppConnector in a given project and location. - operationId: beyondcorp.projects.locations.appConnectors.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1AppConnector + format: google-fieldmask + delete: + description: Deletes a single application. + operationId: beyondcorp.projects.locations.securityGateways.applications.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3442,8 +3629,14 @@ paths: required: true schema: type: string - - in: query - name: appConnectorId + - in: path + name: securityGatewaysId + required: true + schema: + type: string + - in: path + name: applicationsId + required: true schema: type: string - in: query @@ -3454,11 +3647,9 @@ paths: name: validateOnly schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}: - parameters: *ref_1 get: - description: Gets details of a single AppConnector. - operationId: beyondcorp.projects.locations.appConnectors.get + description: Gets details of a single Application. + operationId: beyondcorp.projects.locations.securityGateways.applications.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3471,7 +3662,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1AppConnector + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1Application parameters: - in: path name: projectsId @@ -3484,19 +3675,31 @@ paths: schema: type: string - in: path - name: appConnectorsId + name: securityGatewaysId required: true schema: type: string - patch: - description: Updates the parameters of a single AppConnector. - operationId: beyondcorp.projects.locations.appConnectors.patch + - in: path + name: applicationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications/{applicationsId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: >- + beyondcorp.projects.locations.securityGateways.applications.testIamPermissions requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1AppConnector + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3508,7 +3711,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -3521,26 +3724,71 @@ paths: schema: type: string - in: path - name: appConnectorsId + name: securityGatewaysId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: applicationsId + required: true schema: type: string - format: google-fieldmask - - in: query - name: requestId + /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications/{applicationsId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: beyondcorp.projects.locations.securityGateways.applications.getIamPolicy + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1Policy' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: securityGatewaysId + required: true + schema: + type: string + - in: path + name: applicationsId + required: true schema: type: string - in: query - name: validateOnly + name: options.requestedPolicyVersion schema: - type: boolean - delete: - description: Deletes a single AppConnector. - operationId: beyondcorp.projects.locations.appConnectors.delete + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications: + parameters: *ref_1 + post: + description: Creates a new Application in a given project and location. + operationId: beyondcorp.projects.locations.securityGateways.applications.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1Application security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3565,25 +3813,21 @@ paths: schema: type: string - in: path - name: appConnectorsId + name: securityGatewaysId required: true schema: type: string - in: query - name: requestId + name: applicationId schema: type: string - in: query - name: validateOnly + name: requestId schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}:resolveInstanceConfig: - parameters: *ref_1 + type: string get: - description: >- - Gets instance configuration for a given AppConnector. An internal method - called by a AppConnector to get its container config. - operationId: beyondcorp.projects.locations.appConnectors.resolveInstanceConfig + description: Lists Applications in a given project and location. + operationId: beyondcorp.projects.locations.securityGateways.applications.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3596,7 +3840,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1ResolveInstanceConfigResponse + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ListApplicationsResponse parameters: - in: path name: projectsId @@ -3609,57 +3853,35 @@ paths: schema: type: string - in: path - name: appConnectorsId + name: securityGatewaysId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}:reportStatus: - parameters: *ref_1 - post: - description: Report status for a given connector. - operationId: beyondcorp.projects.locations.appConnectors.reportStatus - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpAppconnectorsV1ReportStatusRequest - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: orderBy schema: type: string - - in: path - name: appConnectorsId - required: true + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications/{applicationsId}:setIamPolicy: parameters: *ref_1 post: description: >- Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. - operationId: beyondcorp.projects.locations.appConnectors.setIamPolicy + operationId: beyondcorp.projects.locations.securityGateways.applications.setIamPolicy requestBody: content: application/json: @@ -3689,17 +3911,22 @@ paths: schema: type: string - in: path - name: appConnectorsId + name: securityGatewaysId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}:getIamPolicy: + - in: path + name: applicationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}:getIamPolicy: parameters: *ref_1 get: description: >- Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. - operationId: beyondcorp.projects.locations.appConnectors.getIamPolicy + operationId: beyondcorp.projects.locations.securityGateways.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3724,7 +3951,7 @@ paths: schema: type: string - in: path - name: appConnectorsId + name: securityGatewaysId required: true schema: type: string @@ -3733,21 +3960,17 @@ paths: schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/appConnectors/{appConnectorsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/securityGateways: parameters: *ref_1 post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: beyondcorp.projects.locations.appConnectors.testIamPermissions + description: Creates a new Security Gateway in a given project and location. + operationId: beyondcorp.projects.locations.securityGateways.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3759,7 +3982,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -3771,16 +3994,17 @@ paths: required: true schema: type: string - - in: path - name: appConnectorsId - required: true + - in: query + name: securityGatewayId + schema: + type: string + - in: query + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/appGateways: - parameters: *ref_1 get: - description: Lists AppGateways in a given project and location. - operationId: beyondcorp.projects.locations.appGateways.list + description: Lists SecurityGateways in a given project and location. + operationId: beyondcorp.projects.locations.securityGateways.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3792,7 +4016,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAppGatewaysResponse' + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ListSecurityGatewaysResponse parameters: - in: path name: projectsId @@ -3821,14 +4046,17 @@ paths: name: orderBy schema: type: string - post: - description: Creates a new AppGateway in a given project and location. - operationId: beyondcorp.projects.locations.appGateways.create + /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}: + parameters: *ref_1 + patch: + description: Updates the parameters of a single SecurityGateway. + operationId: beyondcorp.projects.locations.securityGateways.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/AppGateway' + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3852,23 +4080,23 @@ paths: required: true schema: type: string - - in: query - name: appGatewayId + - in: path + name: securityGatewaysId + required: true schema: type: string - in: query - name: requestId + name: updateMask schema: type: string + format: google-fieldmask - in: query - name: validateOnly + name: requestId schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/appGateways/{appGatewaysId}: - parameters: *ref_1 + type: string get: - description: Gets details of a single AppGateway. - operationId: beyondcorp.projects.locations.appGateways.get + description: Gets details of a single SecurityGateway. + operationId: beyondcorp.projects.locations.securityGateways.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3880,7 +4108,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AppGateway' + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway parameters: - in: path name: projectsId @@ -3893,13 +4122,13 @@ paths: schema: type: string - in: path - name: appGatewaysId + name: securityGatewaysId required: true schema: type: string delete: - description: Deletes a single AppGateway. - operationId: beyondcorp.projects.locations.appGateways.delete + description: Deletes a single SecurityGateway. + operationId: beyondcorp.projects.locations.securityGateways.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3924,26 +4153,26 @@ paths: schema: type: string - in: path - name: appGatewaysId + name: securityGatewaysId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - in: query name: validateOnly schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/appGateways/{appGatewaysId}:setIamPolicy: + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}:setIamPolicy: parameters: *ref_1 post: description: >- Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. - operationId: beyondcorp.projects.locations.appGateways.setIamPolicy + operationId: beyondcorp.projects.locations.securityGateways.setIamPolicy requestBody: content: application/json: @@ -3973,17 +4202,25 @@ paths: schema: type: string - in: path - name: appGatewaysId + name: securityGatewaysId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/appGateways/{appGatewaysId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}:testIamPermissions: parameters: *ref_1 - get: + post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: beyondcorp.projects.locations.appGateways.getIamPolicy + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: beyondcorp.projects.locations.securityGateways.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3995,7 +4232,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -4008,30 +4245,29 @@ paths: schema: type: string - in: path - name: appGatewaysId + name: securityGatewaysId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/appGateways/{appGatewaysId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: beyondcorp.projects.locations.appGateways.testIamPermissions + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: beyondcorp.projects.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' + $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4043,7 +4279,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -4056,15 +4292,17 @@ paths: schema: type: string - in: path - name: appGatewaysId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/securityGateways: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 get: - description: Lists SecurityGateways in a given project and location. - operationId: beyondcorp.projects.locations.securityGateways.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: beyondcorp.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4076,8 +4314,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ListSecurityGatewaysResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -4100,21 +4337,21 @@ paths: type: string - in: query name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - post: - description: Creates a new Security Gateway in a given project and location. - operationId: beyondcorp.projects.locations.securityGateways.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: beyondcorp.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4126,7 +4363,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -4138,19 +4375,17 @@ paths: required: true schema: type: string - - in: query - name: securityGatewayId - schema: - type: string - - in: query - name: requestId + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}: - parameters: *ref_1 get: - description: Gets details of a single SecurityGateway. - operationId: beyondcorp.projects.locations.securityGateways.get + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: beyondcorp.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4162,8 +4397,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -4176,19 +4410,15 @@ paths: schema: type: string - in: path - name: securityGatewaysId + name: operationsId required: true schema: type: string - patch: - description: Updates the parameters of a single SecurityGateway. - operationId: beyondcorp.projects.locations.securityGateways.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1SecurityGateway + /v1/projects/{projectsId}/locations/{locationsId}/appConnections: + parameters: *ref_1 + get: + description: Lists AppConnections in a given project and location. + operationId: beyondcorp.projects.locations.appConnections.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4200,7 +4430,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1ListAppConnectionsResponse parameters: - in: path name: projectsId @@ -4212,23 +4443,32 @@ paths: required: true schema: type: string - - in: path - name: securityGatewaysId - required: true + - in: query + name: filter schema: type: string - in: query - name: updateMask + name: orderBy schema: type: string - format: google-fieldmask - in: query - name: requestId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - delete: - description: Deletes a single SecurityGateway. - operationId: beyondcorp.projects.locations.securityGateways.delete + post: + description: Creates a new AppConnection in a given project and location. + operationId: beyondcorp.projects.locations.appConnections.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1AppConnection security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4252,27 +4492,26 @@ paths: required: true schema: type: string - - in: path - name: securityGatewaysId - required: true + - in: query + name: validateOnly schema: - type: string + type: boolean - in: query - name: requestId + name: appConnectionId schema: type: string - in: query - name: validateOnly + name: requestId schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}:setIamPolicy: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/appConnections/{appConnectionsId}:setIamPolicy: parameters: *ref_1 post: description: >- Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. - operationId: beyondcorp.projects.locations.securityGateways.setIamPolicy + operationId: beyondcorp.projects.locations.appConnections.setIamPolicy requestBody: content: application/json: @@ -4302,17 +4541,17 @@ paths: schema: type: string - in: path - name: securityGatewaysId + name: appConnectionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/appConnections:resolve: parameters: *ref_1 get: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: beyondcorp.projects.locations.securityGateways.getIamPolicy + Resolves AppConnections details for a given AppConnector. An internal + method called by a connector to find AppConnections to connect to. + operationId: beyondcorp.projects.locations.appConnections.resolve security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4324,7 +4563,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1ResolveAppConnectionsResponse parameters: - in: path name: projectsId @@ -4336,64 +4576,30 @@ paths: required: true schema: type: string - - in: path - name: securityGatewaysId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: options.requestedPolicyVersion + name: appConnectorId + schema: + type: string + - in: query + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/appConnections/{appConnectionsId}: parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: beyondcorp.projects.locations.securityGateways.testIamPermissions + patch: + description: Updates the parameters of a single AppConnection. + operationId: beyondcorp.projects.locations.appConnections.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: securityGatewaysId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications: - parameters: *ref_1 - get: - description: Lists Applications in a given project and location. - operationId: beyondcorp.projects.locations.securityGateways.applications.list + $ref: >- + #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1AppConnection security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4405,8 +4611,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1ListApplicationsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -4419,36 +4624,30 @@ paths: schema: type: string - in: path - name: securityGatewaysId + name: appConnectionsId required: true schema: type: string - in: query - name: pageSize + name: validateOnly schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: allowMissing schema: - type: string + type: boolean - in: query - name: filter + name: updateMask schema: type: string + format: google-fieldmask - in: query - name: orderBy + name: requestId schema: type: string - post: - description: Creates a new Application in a given project and location. - operationId: beyondcorp.projects.locations.securityGateways.applications.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1Application + delete: + description: Deletes a single AppConnection. + operationId: beyondcorp.projects.locations.appConnections.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4473,23 +4672,21 @@ paths: schema: type: string - in: path - name: securityGatewaysId + name: appConnectionsId required: true schema: type: string - in: query - name: applicationId + name: validateOnly schema: - type: string + type: boolean - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications/{applicationsId}: - parameters: *ref_1 get: - description: Gets details of a single Application. - operationId: beyondcorp.projects.locations.securityGateways.applications.get + description: Gets details of a single AppConnection. + operationId: beyondcorp.projects.locations.appConnections.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4502,7 +4699,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1Application + #/components/schemas/GoogleCloudBeyondcorpAppconnectionsV1AppConnection parameters: - in: path name: projectsId @@ -4515,24 +4712,17 @@ paths: schema: type: string - in: path - name: securityGatewaysId - required: true - schema: - type: string - - in: path - name: applicationsId + name: appConnectionsId required: true schema: type: string - patch: - description: Updates the parameters of a single Application. - operationId: beyondcorp.projects.locations.securityGateways.applications.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudBeyondcorpSecuritygatewaysV1Application + /v1/projects/{projectsId}/locations/{locationsId}/appConnections/{appConnectionsId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: beyondcorp.projects.locations.appConnections.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4544,7 +4734,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -4557,27 +4747,30 @@ paths: schema: type: string - in: path - name: securityGatewaysId - required: true - schema: - type: string - - in: path - name: applicationsId + name: appConnectionsId required: true schema: type: string - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId + name: options.requestedPolicyVersion schema: - type: string - delete: - description: Deletes a single application. - operationId: beyondcorp.projects.locations.securityGateways.applications.delete + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/appConnections/{appConnectionsId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: beyondcorp.projects.locations.appConnections.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4589,7 +4782,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -4602,36 +4795,25 @@ paths: schema: type: string - in: path - name: securityGatewaysId - required: true - schema: - type: string - - in: path - name: applicationsId + name: appConnectionsId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - - in: query - name: validateOnly - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications/{applicationsId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/appGateways/{appGatewaysId}:testIamPermissions: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: beyondcorp.projects.locations.securityGateways.applications.setIamPolicy + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: beyondcorp.projects.locations.appGateways.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4643,7 +4825,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -4656,22 +4838,17 @@ paths: schema: type: string - in: path - name: securityGatewaysId - required: true - schema: - type: string - - in: path - name: applicationsId + name: appGatewaysId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications/{applicationsId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/appGateways/{appGatewaysId}:getIamPolicy: parameters: *ref_1 get: description: >- Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. - operationId: beyondcorp.projects.locations.securityGateways.applications.getIamPolicy + operationId: beyondcorp.projects.locations.appGateways.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4696,12 +4873,7 @@ paths: schema: type: string - in: path - name: securityGatewaysId - required: true - schema: - type: string - - in: path - name: applicationsId + name: appGatewaysId required: true schema: type: string @@ -4710,22 +4882,16 @@ paths: schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/securityGateways/{securityGatewaysId}/applications/{applicationsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/appGateways: parameters: *ref_1 post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: >- - beyondcorp.projects.locations.securityGateways.applications.testIamPermissions + description: Creates a new AppGateway in a given project and location. + operationId: beyondcorp.projects.locations.appGateways.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' + $ref: '#/components/schemas/AppGateway' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4737,7 +4903,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -4749,23 +4915,21 @@ paths: required: true schema: type: string - - in: path - name: securityGatewaysId - required: true + - in: query + name: requestId schema: type: string - - in: path - name: applicationsId - required: true + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: appGatewayId schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/operations: - parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: beyondcorp.organizations.locations.operations.list + description: Lists AppGateways in a given project and location. + operationId: beyondcorp.projects.locations.appGateways.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4777,10 +4941,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/ListAppGatewaysResponse' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -4789,10 +4953,6 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: @@ -4802,14 +4962,19 @@ paths: name: pageToken schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}: + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/appGateways/{appGatewaysId}: parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: beyondcorp.organizations.locations.operations.get + description: Gets details of a single AppGateway. + operationId: beyondcorp.projects.locations.appGateways.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4821,10 +4986,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/AppGateway' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -4834,17 +4999,13 @@ paths: schema: type: string - in: path - name: operationsId + name: appGatewaysId required: true schema: type: string delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: beyondcorp.organizations.locations.operations.delete + description: Deletes a single AppGateway. + operationId: beyondcorp.projects.locations.appGateways.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4856,10 +5017,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -4869,29 +5030,31 @@ paths: schema: type: string - in: path - name: operationsId + name: appGatewaysId required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}:cancel: + - in: query + name: requestId + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/appGateways/{appGatewaysId}:setIamPolicy: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: beyondcorp.organizations.locations.operations.cancel + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: beyondcorp.projects.locations.appGateways.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4903,10 +5066,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -4916,7 +5079,75 @@ paths: schema: type: string - in: path - name: operationsId + name: appGatewaysId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations: + parameters: *ref_1 + get: + description: Lists information about the supported locations for this service. + operationId: beyondcorp.projects.locations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudLocationListLocationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: query + name: extraLocationTypes + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}: + parameters: *ref_1 + get: + description: Gets information about a location. + operationId: beyondcorp.projects.locations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudLocationLocation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/biglake.yaml b/providers/src/googleapis.com/v00.00.00000/services/biglake.yaml index a3d7bbc5..dcc82012 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/biglake.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/biglake.yaml @@ -10,8 +10,8 @@ info: managed, and highly available metastore for open-source data that can be used for querying Apache Iceberg tables in BigQuery. version: v1 - x-discovery-doc-revision: '20250820' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251129' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/bigquery/ servers: @@ -40,259 +40,583 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - Catalog: - id: Catalog - description: Catalog is the container of databases. - type: object + ListTablesResponse: + id: ListTablesResponse properties: - name: - description: >- - Output only. The resource name. Format: - projects/{project_id_or_number}/locations/{location_id}/catalogs/{catalog_id} - readOnly: true - type: string - createTime: - description: Output only. The creation time of the catalog. - readOnly: true + nextPageToken: type: string - format: google-datetime - updateTime: - description: Output only. The last modification time of the catalog. - readOnly: true + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + tables: + items: + $ref: '#/components/schemas/Table' + description: The tables from the specified database. + type: array + type: object + description: Response message for the ListTables method. + RenameTableRequest: + properties: + newName: type: string - format: google-datetime - deleteTime: description: >- - Output only. The deletion time of the catalog. Only set after the - catalog is deleted. - readOnly: true + Required. The new `name` for the specified table, must be in the + same database. Format: + projects/{project_id_or_number}/locations/{location_id}/catalogs/{catalog_id}/databases/{database_id}/tables/{table_id} + description: Request message for the RenameTable method in MetastoreService + type: object + id: RenameTableRequest + Binding: + type: object + description: Associates `members`, or principals, with a `role`. + id: Binding + properties: + role: + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). type: string - format: google-datetime - expireTime: + members: + items: + type: string description: >- - Output only. The time when this catalog is considered expired. Only - set after the catalog is deleted. - readOnly: true + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + type: array + condition: + $ref: '#/components/schemas/Expr' + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + HiveTableOptions: + properties: + parameters: + additionalProperties: + type: string + type: object + description: Stores user supplied Hive table parameters. + tableType: type: string - format: google-datetime - ListCatalogsResponse: - id: ListCatalogsResponse - description: Response message for the ListCatalogs method. + description: Hive table type. For example, MANAGED_TABLE, EXTERNAL_TABLE. + storageDescriptor: + $ref: '#/components/schemas/StorageDescriptor' + description: Stores physical storage information of the data. + description: Options of a Hive table. + id: HiveTableOptions type: object + ListCatalogsResponse: properties: + nextPageToken: + type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. catalogs: - description: The catalogs from the specified project. type: array items: $ref: '#/components/schemas/Catalog' - nextPageToken: + description: The catalogs from the specified project. + type: object + description: Response message for the ListCatalogs method. + id: ListCatalogsResponse + AuditConfig: + type: object + properties: + auditLogConfigs: + type: array + items: + $ref: '#/components/schemas/AuditLogConfig' + description: The configuration for logging of each type of permission. + service: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. type: string + id: AuditConfig + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. Database: - id: Database description: Database is the container of tables. type: object + id: Database properties: - hiveOptions: - description: Options of a Hive database. - $ref: '#/components/schemas/HiveDatabaseOptions' name: description: >- Output only. The resource name. Format: projects/{project_id_or_number}/locations/{location_id}/catalogs/{catalog_id}/databases/{database_id} - readOnly: true type: string + readOnly: true createTime: - description: Output only. The creation time of the database. readOnly: true + description: Output only. The creation time of the database. type: string format: google-datetime + hiveOptions: + $ref: '#/components/schemas/HiveDatabaseOptions' + description: Options of a Hive database. updateTime: - description: Output only. The last modification time of the database. - readOnly: true type: string - format: google-datetime - deleteTime: - description: >- - Output only. The deletion time of the database. Only set after the - database is deleted. readOnly: true - type: string + description: Output only. The last modification time of the database. format: google-datetime expireTime: + type: string + format: google-datetime + readOnly: true description: >- Output only. The time when this database is considered expired. Only set after the database is deleted. - readOnly: true - type: string - format: google-datetime type: + enum: + - TYPE_UNSPECIFIED + - HIVE description: The database type. - type: string enumDescriptions: - The type is not specified. - >- Represents a database storing tables compatible with Hive Metastore tables. - enum: - - TYPE_UNSPECIFIED - - HIVE - HiveDatabaseOptions: - id: HiveDatabaseOptions - description: Options of a Hive database. + type: string + deleteTime: + description: >- + Output only. The deletion time of the database. Only set after the + database is deleted. + readOnly: true + format: google-datetime + type: string + SetIamPolicyRequest: + id: SetIamPolicyRequest type: object + description: Request message for `SetIamPolicy` method. properties: - locationUri: + updateMask: description: >- - Cloud Storage folder URI where the database data is stored, starting - with "gs://". + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + format: google-fieldmask type: string - parameters: - description: Stores user supplied Hive database parameters. - type: object - additionalProperties: - type: string - ListDatabasesResponse: - id: ListDatabasesResponse - description: Response message for the ListDatabases method. - type: object + policy: + $ref: '#/components/schemas/Policy' + description: >- + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + AuditLogConfig: properties: - databases: - description: The databases from the specified catalog. + exemptedMembers: type: array - items: - $ref: '#/components/schemas/Database' - nextPageToken: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + items: + type: string + logType: + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ type: string - Table: - id: Table - description: Represents a table. + description: The log type that this config enables. + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. type: object + id: AuditLogConfig + Table: properties: - hiveOptions: - description: Options of a Hive table. - $ref: '#/components/schemas/HiveTableOptions' name: + type: string + readOnly: true description: >- Output only. The resource name. Format: projects/{project_id_or_number}/locations/{location_id}/catalogs/{catalog_id}/databases/{database_id}/tables/{table_id} - readOnly: true - type: string createTime: - description: Output only. The creation time of the table. - readOnly: true - type: string format: google-datetime - updateTime: - description: Output only. The last modification time of the table. - readOnly: true type: string - format: google-datetime + readOnly: true + description: Output only. The creation time of the table. deleteTime: + type: string description: >- Output only. The deletion time of the table. Only set after the table is deleted. + format: google-datetime readOnly: true + etag: type: string - format: google-datetime + description: >- + The checksum of a table object computed by the server based on the + value of other fields. It may be sent on update requests to ensure + the client has an up-to-date value before proceeding. It is only + checked for update table operations. expireTime: + type: string + format: google-datetime description: >- Output only. The time when this table is considered expired. Only set after the table is deleted. readOnly: true - type: string - format: google-datetime type: description: The table type. - type: string - enumDescriptions: - - The type is not specified. - - Represents a table compatible with Hive Metastore tables. enum: - TYPE_UNSPECIFIED - HIVE - etag: - description: >- - The checksum of a table object computed by the server based on the - value of other fields. It may be sent on update requests to ensure - the client has an up-to-date value before proceeding. It is only - checked for update table operations. + enumDescriptions: + - The type is not specified. + - Represents a table compatible with Hive Metastore tables. type: string - HiveTableOptions: - id: HiveTableOptions - description: Options of a Hive table. + updateTime: + format: google-datetime + readOnly: true + type: string + description: Output only. The last modification time of the table. + hiveOptions: + description: Options of a Hive table. + $ref: '#/components/schemas/HiveTableOptions' type: object + description: Represents a table. + id: Table + SerDeInfo: properties: - parameters: - description: Stores user supplied Hive table parameters. - type: object - additionalProperties: - type: string - tableType: - description: Hive table type. For example, MANAGED_TABLE, EXTERNAL_TABLE. + serializationLib: type: string - storageDescriptor: - description: Stores physical storage information of the data. - $ref: '#/components/schemas/StorageDescriptor' - StorageDescriptor: - id: StorageDescriptor - description: Stores physical storage information of the data. + description: The fully qualified Java class name of the serialization library. + description: Serializer and deserializer information. type: object + id: SerDeInfo + StorageDescriptor: properties: - locationUri: - description: >- - Cloud Storage folder URI where the table data is stored, starting - with "gs://". - type: string inputFormat: description: The fully qualified Java class name of the input format. type: string + serdeInfo: + $ref: '#/components/schemas/SerDeInfo' + description: Serializer and deserializer information. outputFormat: description: The fully qualified Java class name of the output format. type: string - serdeInfo: - description: Serializer and deserializer information. - $ref: '#/components/schemas/SerDeInfo' - SerDeInfo: - id: SerDeInfo - description: Serializer and deserializer information. + locationUri: + description: >- + Cloud Storage folder URI where the table data is stored, starting + with "gs://". + type: string + id: StorageDescriptor + description: Stores physical storage information of the data. + type: object + Catalog: type: object properties: - serializationLib: - description: The fully qualified Java class name of the serialization library. + createTime: + description: Output only. The creation time of the catalog. type: string - RenameTableRequest: - id: RenameTableRequest - description: Request message for the RenameTable method in MetastoreService - type: object + readOnly: true + format: google-datetime + deleteTime: + readOnly: true + type: string + description: >- + Output only. The deletion time of the catalog. Only set after the + catalog is deleted. + format: google-datetime + updateTime: + description: Output only. The last modification time of the catalog. + format: google-datetime + type: string + readOnly: true + name: + description: >- + Output only. The resource name. Format: + projects/{project_id_or_number}/locations/{location_id}/catalogs/{catalog_id} + readOnly: true + type: string + expireTime: + description: >- + Output only. The time when this catalog is considered expired. Only + set after the catalog is deleted. + readOnly: true + format: google-datetime + type: string + description: Catalog is the container of databases. + id: Catalog + Policy: properties: - newName: + bindings: + type: array + items: + $ref: '#/components/schemas/Binding' description: >- - Required. The new `name` for the specified table, must be in the - same database. Format: - projects/{project_id_or_number}/locations/{location_id}/catalogs/{catalog_id}/databases/{database_id}/tables/{table_id} + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + auditConfigs: + items: + $ref: '#/components/schemas/AuditConfig' + description: Specifies cloud audit logging configuration for this policy. + type: array + version: + format: int32 + type: integer + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + etag: type: string - ListTablesResponse: - id: ListTablesResponse - description: Response message for the ListTables method. + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + format: byte + type: object + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + id: Policy + ListDatabasesResponse: + id: ListDatabasesResponse type: object properties: - tables: - description: The tables from the specified database. + databases: + description: The databases from the specified catalog. type: array items: - $ref: '#/components/schemas/Table' + $ref: '#/components/schemas/Database' nextPageToken: description: >- A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. type: string + description: Response message for the ListDatabases method. + HiveDatabaseOptions: + description: Options of a Hive database. + id: HiveDatabaseOptions + properties: + locationUri: + description: >- + Cloud Storage folder URI where the database data is stored, starting + with "gs://". + type: string + parameters: + description: Stores user supplied Hive database parameters. + additionalProperties: + type: string + type: object + type: object + Expr: + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + type: object + properties: + expression: + description: >- + Textual representation of an expression in Common Expression + Language syntax. + type: string + location: + type: string + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + title: + type: string + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + description: + type: string + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + id: Expr parameters: + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string access_token: description: OAuth access token. in: query @@ -309,39 +633,21 @@ components: - json - media - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string - oauth_token: - description: OAuth 2.0 token for the current user. + _.xgafv: + description: V1 error format. in: query - name: oauth_token + name: $.xgafv schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean + enum: + - '1' + - '2' quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -351,62 +657,122 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: upload_protocol + name: prettyPrint schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + type: boolean + callback: + description: JSONP in: query - name: uploadType + name: callback schema: type: string - _.xgafv: - description: V1 error format. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: $.xgafv + name: key schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: + namespaces_iam_policies: + id: google.biglake.namespaces_iam_policies + name: namespaces_iam_policies + title: Namespaces_iam_policies + methods: + get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1catalogs~1{catalogsId}~1namespaces~1{namespacesId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1catalogs~1{catalogsId}~1namespaces~1{namespacesId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/namespaces_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/namespaces_iam_policies/methods/set_iam_policy + delete: [] + catalogs_iam_policies: + id: google.biglake.catalogs_iam_policies + name: catalogs_iam_policies + title: Catalogs_iam_policies + methods: + set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1catalogs~1{catalogsId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1catalogs~1{catalogsId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/catalogs_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/catalogs_iam_policies/methods/set_iam_policy + delete: [] catalogs: id: google.biglake.catalogs name: catalogs title: Catalogs methods: - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}/get response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.catalogs - delete: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs/post response: mediaType: application/json openAPIDocKey: '200' - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.catalogs sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/catalogs/methods/get' @@ -417,139 +783,181 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/catalogs/methods/delete' - databases: - id: google.biglake.databases - name: databases - title: Databases + tables: + id: google.biglake.tables + name: tables + title: Tables methods: - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}~1tables/get response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.tables + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}~1tables/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.databases - delete: + rename: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}~1tables~1{tablesId}:rename/post response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}~1tables~1{tablesId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}~1tables~1{tablesId}/delete response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}~1tables~1{tablesId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/databases/methods/get' - - $ref: '#/components/x-stackQL-resources/databases/methods/list' + - $ref: '#/components/x-stackQL-resources/tables/methods/get' + - $ref: '#/components/x-stackQL-resources/tables/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/databases/methods/create' + - $ref: '#/components/x-stackQL-resources/tables/methods/create' update: - - $ref: '#/components/x-stackQL-resources/databases/methods/patch' + - $ref: '#/components/x-stackQL-resources/tables/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/databases/methods/delete' - tables: - id: google.biglake.tables - name: tables - title: Tables + - $ref: '#/components/x-stackQL-resources/tables/methods/delete' + databases: + id: google.biglake.databases + name: databases + title: Databases methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}~1tables/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}~1tables/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tables delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}~1tables~1{tablesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}~1tables~1{tablesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}~1tables~1{tablesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases/post response: mediaType: application/json openAPIDocKey: '200' - rename: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases~1{databasesId}~1tables~1{tablesId}:rename/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1databases/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.databases sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/tables/methods/get' - - $ref: '#/components/x-stackQL-resources/tables/methods/list' + - $ref: '#/components/x-stackQL-resources/databases/methods/get' + - $ref: '#/components/x-stackQL-resources/databases/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/tables/methods/create' + - $ref: '#/components/x-stackQL-resources/databases/methods/create' update: - - $ref: '#/components/x-stackQL-resources/tables/methods/patch' + - $ref: '#/components/x-stackQL-resources/databases/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/tables/methods/delete' + - $ref: '#/components/x-stackQL-resources/databases/methods/delete' paths: - /v1/projects/{projectsId}/locations/{locationsId}/catalogs: + /v1/projects/{projectsId}/catalogs/{catalogsId}/namespaces/{namespacesId}:getIamPolicy: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/key' + get: + description: Gets the IAM policy for the specified Catalog. + operationId: biglake.projects.catalogs.namespaces.getIamPolicy + security: + - Oauth2: + - https://www.googleapis.com/auth/bigquery + Oauth2c: + - https://www.googleapis.com/auth/bigquery + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Policy' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: catalogsId + required: true + schema: + type: string + - in: path + name: namespacesId + required: true + schema: + type: string + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/catalogs/{catalogsId}/namespaces/{namespacesId}:setIamPolicy: + parameters: *ref_1 post: - description: Creates a new catalog. - operationId: biglake.projects.locations.catalogs.create + description: Sets the IAM policy for the specified catalog. + operationId: biglake.projects.catalogs.namespaces.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/Catalog' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -565,7 +973,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Catalog' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -573,17 +981,57 @@ paths: schema: type: string - in: path - name: locationsId + name: catalogsId required: true schema: type: string - - in: query - name: catalogId + - in: path + name: namespacesId + required: true + schema: + type: string + /v1/projects/{projectsId}/catalogs/{catalogsId}:setIamPolicy: + parameters: *ref_1 + post: + description: Sets the IAM policy for the specified catalog. + operationId: biglake.projects.catalogs.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/bigquery + Oauth2c: + - https://www.googleapis.com/auth/bigquery + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Policy' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: catalogsId + required: true schema: type: string + /v1/projects/{projectsId}/catalogs/{catalogsId}:getIamPolicy: + parameters: *ref_1 get: - description: List all catalogs in a specified project. - operationId: biglake.projects.locations.catalogs.list + description: Gets the IAM policy for the specified Catalog. + operationId: biglake.projects.catalogs.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -599,7 +1047,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListCatalogsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -607,24 +1055,20 @@ paths: schema: type: string - in: path - name: locationsId + name: catalogsId required: true schema: type: string - in: query - name: pageSize + name: options.requestedPolicyVersion schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string /v1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}: - parameters: *ref_1 - delete: - description: Deletes an existing catalog specified by the catalog ID. - operationId: biglake.projects.locations.catalogs.delete + parameters: *ref_1 + get: + description: Gets the catalog specified by the resource name. + operationId: biglake.projects.locations.catalogs.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -657,9 +1101,9 @@ paths: required: true schema: type: string - get: - description: Gets the catalog specified by the resource name. - operationId: biglake.projects.locations.catalogs.get + delete: + description: Deletes an existing catalog specified by the catalog ID. + operationId: biglake.projects.locations.catalogs.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -692,16 +1136,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/databases: + /v1/projects/{projectsId}/locations/{locationsId}/catalogs: parameters: *ref_1 post: - description: Creates a new database. - operationId: biglake.projects.locations.catalogs.databases.create + description: Creates a new catalog. + operationId: biglake.projects.locations.catalogs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Database' + $ref: '#/components/schemas/Catalog' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -717,7 +1161,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Database' + $ref: '#/components/schemas/Catalog' parameters: - in: path name: projectsId @@ -729,18 +1173,13 @@ paths: required: true schema: type: string - - in: path - name: catalogsId - required: true - schema: - type: string - in: query - name: databaseId + name: catalogId schema: type: string get: - description: List all databases in a specified catalog. - operationId: biglake.projects.locations.catalogs.databases.list + description: List all catalogs in a specified project. + operationId: biglake.projects.locations.catalogs.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -756,7 +1195,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDatabasesResponse' + $ref: '#/components/schemas/ListCatalogsResponse' parameters: - in: path name: projectsId @@ -768,9 +1207,8 @@ paths: required: true schema: type: string - - in: path - name: catalogsId - required: true + - in: query + name: pageToken schema: type: string - in: query @@ -778,15 +1216,11 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/databases/{databasesId}: + /v1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/databases/{databasesId}/tables: parameters: *ref_1 - delete: - description: Deletes an existing database specified by the database ID. - operationId: biglake.projects.locations.catalogs.databases.delete + get: + description: List all tables in a specified database. + operationId: biglake.projects.locations.catalogs.databases.tables.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -802,7 +1236,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Database' + $ref: '#/components/schemas/ListTablesResponse' parameters: - in: path name: projectsId @@ -824,14 +1258,27 @@ paths: required: true schema: type: string - patch: - description: Updates an existing database specified by the database ID. - operationId: biglake.projects.locations.catalogs.databases.patch + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: view + schema: + type: string + - in: query + name: pageToken + schema: + type: string + post: + description: Creates a new table. + operationId: biglake.projects.locations.catalogs.databases.tables.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Database' + $ref: '#/components/schemas/Table' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -847,7 +1294,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Database' + $ref: '#/components/schemas/Table' parameters: - in: path name: projectsId @@ -870,13 +1317,19 @@ paths: schema: type: string - in: query - name: updateMask + name: tableId schema: type: string - format: google-fieldmask - get: - description: Gets the database specified by the resource name. - operationId: biglake.projects.locations.catalogs.databases.get + /v1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/databases/{databasesId}/tables/{tablesId}:rename: + parameters: *ref_1 + post: + description: Renames an existing table specified by the table ID. + operationId: biglake.projects.locations.catalogs.databases.tables.rename + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RenameTableRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -892,7 +1345,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Database' + $ref: '#/components/schemas/Table' parameters: - in: path name: projectsId @@ -914,11 +1367,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/databases/{databasesId}/tables: + - in: path + name: tablesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/databases/{databasesId}/tables/{tablesId}: parameters: *ref_1 - post: - description: Creates a new table. - operationId: biglake.projects.locations.catalogs.databases.tables.create + patch: + description: Updates an existing table specified by the table ID. + operationId: biglake.projects.locations.catalogs.databases.tables.patch requestBody: content: application/json: @@ -961,13 +1419,19 @@ paths: required: true schema: type: string + - in: path + name: tablesId + required: true + schema: + type: string - in: query - name: tableId + name: updateMask schema: type: string - get: - description: List all tables in a specified database. - operationId: biglake.projects.locations.catalogs.databases.tables.list + format: google-fieldmask + delete: + description: Deletes an existing table specified by the table ID. + operationId: biglake.projects.locations.catalogs.databases.tables.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -983,7 +1447,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTablesResponse' + $ref: '#/components/schemas/Table' parameters: - in: path name: projectsId @@ -1005,24 +1469,14 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: view + - in: path + name: tablesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/databases/{databasesId}/tables/{tablesId}: - parameters: *ref_1 - delete: - description: Deletes an existing table specified by the table ID. - operationId: biglake.projects.locations.catalogs.databases.tables.delete + get: + description: Gets the table specified by the resource name. + operationId: biglake.projects.locations.catalogs.databases.tables.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -1065,14 +1519,16 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/databases/{databasesId}: + parameters: *ref_1 patch: - description: Updates an existing table specified by the table ID. - operationId: biglake.projects.locations.catalogs.databases.tables.patch + description: Updates an existing database specified by the database ID. + operationId: biglake.projects.locations.catalogs.databases.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Table' + $ref: '#/components/schemas/Database' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -1088,7 +1544,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Table' + $ref: '#/components/schemas/Database' parameters: - in: path name: projectsId @@ -1110,19 +1566,14 @@ paths: required: true schema: type: string - - in: path - name: tablesId - required: true - schema: - type: string - in: query name: updateMask schema: type: string format: google-fieldmask - get: - description: Gets the table specified by the resource name. - operationId: biglake.projects.locations.catalogs.databases.tables.get + delete: + description: Deletes an existing database specified by the database ID. + operationId: biglake.projects.locations.catalogs.databases.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -1138,7 +1589,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Table' + $ref: '#/components/schemas/Database' parameters: - in: path name: projectsId @@ -1160,21 +1611,56 @@ paths: required: true schema: type: string + get: + description: Gets the database specified by the resource name. + operationId: biglake.projects.locations.catalogs.databases.get + security: + - Oauth2: + - https://www.googleapis.com/auth/bigquery + Oauth2c: + - https://www.googleapis.com/auth/bigquery + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Database' + parameters: - in: path - name: tablesId + name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/databases/{databasesId}/tables/{tablesId}:rename: + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: catalogsId + required: true + schema: + type: string + - in: path + name: databasesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/databases: parameters: *ref_1 post: - description: Renames an existing table specified by the table ID. - operationId: biglake.projects.locations.catalogs.databases.tables.rename + description: Creates a new database. + operationId: biglake.projects.locations.catalogs.databases.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/RenameTableRequest' + $ref: '#/components/schemas/Database' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -1190,7 +1676,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Table' + $ref: '#/components/schemas/Database' parameters: - in: path name: projectsId @@ -1207,13 +1693,51 @@ paths: required: true schema: type: string + - in: query + name: databaseId + schema: + type: string + get: + description: List all databases in a specified catalog. + operationId: biglake.projects.locations.catalogs.databases.list + security: + - Oauth2: + - https://www.googleapis.com/auth/bigquery + Oauth2c: + - https://www.googleapis.com/auth/bigquery + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListDatabasesResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: databasesId + name: locationsId required: true schema: type: string - in: path - name: tablesId + name: catalogsId required: true schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/bigquery.yaml b/providers/src/googleapis.com/v00.00.00000/services/bigquery.yaml index 751de3ce..46d38e2d 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/bigquery.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/bigquery.yaml @@ -7,8 +7,8 @@ info: title: BigQuery API description: A data platform for customers to create, manage, share and query data. version: v2 - x-discovery-doc-revision: '20250713' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20250928' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/bigquery/ servers: @@ -22,23 +22,23 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 - https://www.googleapis.com/auth/bigquery: >- - View and manage your data in Google BigQuery and see the email - address for your Google Account - https://www.googleapis.com/auth/bigquery.insertdata: Insert data into Google BigQuery + https://www.googleapis.com/auth/devstorage.read_write: >- + Manage your data in Cloud Storage and see the email address of + your Google Account + https://www.googleapis.com/auth/devstorage.read_only: View your data in Google Cloud Storage https://www.googleapis.com/auth/cloud-platform: >- See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account. https://www.googleapis.com/auth/cloud-platform.read-only: >- View your data across Google Cloud services and see the email address of your Google Account + https://www.googleapis.com/auth/bigquery: >- + View and manage your data in Google BigQuery and see the email + address for your Google Account https://www.googleapis.com/auth/devstorage.full_control: >- Manage your data and permissions in Cloud Storage and see the email address for your Google Account - https://www.googleapis.com/auth/devstorage.read_only: View your data in Google Cloud Storage - https://www.googleapis.com/auth/devstorage.read_write: >- - Manage your data in Cloud Storage and see the email address of - your Google Account + https://www.googleapis.com/auth/bigquery.insertdata: Insert data into Google BigQuery Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -48,65 +48,42 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - AggregateClassificationMetrics: - description: >- - Aggregate metrics for classification/classifier models. For multi-class - models, the metrics are either macro-averaged or micro-averaged. When - macro-averaged, the metrics are calculated for each label and then an - unweighted average is taken of those values. When micro-averaged, the - metric is calculated globally by counting the total number of correctly - predicted rows. - id: AggregateClassificationMetrics + UndeleteDatasetRequest: + id: UndeleteDatasetRequest properties: - accuracy: - description: >- - Accuracy is the fraction of predictions given the correct label. For - multiclass this is a micro-averaged metric. - format: double - type: number - f1Score: - description: >- - The F1 score is an average of recall and precision. For multiclass - this is a macro-averaged metric. - format: double - type: number - logLoss: - description: Logarithmic Loss. For multiclass this is a macro-averaged metric. - format: double - type: number - precision: - description: >- - Precision is the fraction of actual positive predictions that had - positive actual labels. For multiclass this is a macro-averaged - metric treating each class as a binary classifier. - format: double - type: number - recall: - description: >- - Recall is the fraction of actual positive labels that were given a - positive prediction. For multiclass this is a macro-averaged metric. - format: double - type: number - rocAuc: - description: >- - Area Under a ROC Curve. For multiclass this is a macro-averaged - metric. - format: double - type: number - threshold: + deletionTime: + type: string description: >- - Threshold at which the metrics are computed. For binary - classification models this is the positive class threshold. For - multi-class classification models this is the confidence threshold. - format: double - type: number + Optional. The exact time when the dataset was deleted. If not + specified, the most recently deleted version is undeleted. + Undeleting a dataset using deletion time is not supported. + format: google-datetime + description: Request format for undeleting a dataset. + type: object + ModelReference: type: object + description: Id path of a model. + id: ModelReference + properties: + datasetId: + description: Required. The ID of the dataset containing this model. + type: string + modelId: + description: >- + Required. The ID of the model. The ID must contain only letters + (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is + 1,024 characters. + type: string + projectId: + type: string + description: Required. The ID of the project containing this model. AggregationThresholdPolicy: - description: >- - Represents privacy policy associated with "aggregation threshold" - method. - id: AggregationThresholdPolicy + type: object properties: + threshold: + format: int64 + description: Optional. The threshold for the "aggregation threshold" policy. + type: string privacyUnitColumns: description: >- Optional. The privacy unit column(s) associated with this policy. @@ -118,4048 +95,4064 @@ components: items: type: string type: array - threshold: - description: Optional. The threshold for the "aggregation threshold" policy. - format: int64 - type: string - type: object - Argument: - description: Input/output argument of a function or a stored procedure. - id: Argument + id: AggregationThresholdPolicy + description: >- + Represents privacy policy associated with "aggregation threshold" + method. + GetIamPolicyRequest: + id: GetIamPolicyRequest properties: - argumentKind: - description: Optional. Defaults to FIXED_TYPE. - enum: - - ARGUMENT_KIND_UNSPECIFIED - - FIXED_TYPE - - ANY_TYPE - enumDescriptions: - - Default value. - - >- - The argument is a variable with fully specified type, which can be - a struct or an array, but not a table. - - >- - The argument is any type, including struct or array, but not a - table. - type: string - dataType: - $ref: '#/components/schemas/StandardSqlDataType' - description: Set if argument_kind == FIXED_TYPE. - isAggregate: - description: >- - Optional. Whether the argument is an aggregate function parameter. - Must be Unset for routine types other than AGGREGATE_FUNCTION. For - AGGREGATE_FUNCTION, if set to false, it is equivalent to adding "NOT - AGGREGATE" clause in DDL; Otherwise, it is equivalent to omitting - "NOT AGGREGATE" clause in DDL. - type: boolean - mode: - description: >- - Optional. Specifies whether the argument is input or output. Can be - set for procedures only. - enum: - - MODE_UNSPECIFIED - - IN - - OUT - - INOUT - enumDescriptions: - - Default value. - - The argument is input-only. - - The argument is output-only. - - The argument is both an input and an output. - type: string - name: + options: + $ref: '#/components/schemas/GetPolicyOptions' description: >- - Optional. The name of this argument. Can be absent for function - return argument. - type: string - type: object - ArimaCoefficients: - description: Arima coefficients. - id: ArimaCoefficients - properties: - autoRegressiveCoefficients: - description: Auto-regressive coefficients, an array of double. - items: - format: double - type: number - type: array - interceptCoefficient: - description: Intercept coefficient, just a double not an array. - format: double - type: number - movingAverageCoefficients: - description: Moving-average coefficients, an array of double. - items: - format: double - type: number - type: array - type: object - ArimaFittingMetrics: - description: ARIMA model fitting metrics. - id: ArimaFittingMetrics - properties: - aic: - description: AIC. - format: double - type: number - logLikelihood: - description: Log-likelihood. - format: double - type: number - variance: - description: Variance. - format: double - type: number + OPTIONAL: A `GetPolicyOptions` object for specifying options to + `GetIamPolicy`. + description: Request message for `GetIamPolicy` method. type: object - ArimaForecastingMetrics: - description: Model evaluation metrics for ARIMA forecasting models. - id: ArimaForecastingMetrics + JsonValue: + type: any + id: JsonValue + JobConfigurationLoad: + description: >- + JobConfigurationLoad contains the configuration properties for loading + data into a destination table. + id: JobConfigurationLoad properties: - arimaFittingMetrics: - deprecated: true - description: Arima model fitting metrics. - items: - $ref: '#/components/schemas/ArimaFittingMetrics' - type: array - arimaSingleModelForecastingMetrics: - description: >- - Repeated as there can be many metric sets (one for each model) in - auto-arima and the large-scale case. - items: - $ref: '#/components/schemas/ArimaSingleModelForecastingMetrics' - type: array - hasDrift: - deprecated: true + sourceUris: description: >- - Whether Arima model fitted with drift or not. It is always false - when d is not 1. + [Required] The fully-qualified URIs that point to your data in + Google Cloud. For Google Cloud Storage URIs: Each URI can contain + one '*' wildcard character and it must come after the 'bucket' name. + Size limits related to load jobs apply to external data sources. For + Google Cloud Bigtable URIs: Exactly one URI can be specified and it + has be a fully specified and valid HTTPS URL for a Google Cloud + Bigtable table. For Google Cloud Datastore backups: Exactly one URI + can be specified. Also, the '*' wildcard character is not allowed. items: - type: boolean + type: string type: array - nonSeasonalOrder: - deprecated: true - description: Non-seasonal order. - items: - $ref: '#/components/schemas/ArimaOrder' + destinationTable: + description: '[Required] The destination table to load the data into.' + $ref: '#/components/schemas/TableReference' + decimalTargetTypes: type: array - seasonalPeriods: - deprecated: true description: >- - Seasonal periods. Repeated because multiple periods are supported - for one time series. - items: - enum: - - SEASONAL_PERIOD_TYPE_UNSPECIFIED - - NO_SEASONALITY - - DAILY - - WEEKLY - - MONTHLY - - QUARTERLY - - YEARLY - enumDescriptions: - - Unspecified seasonal period. - - No seasonality - - Daily period, 24 hours. - - Weekly period, 7 days. - - Monthly period, 30 days or irregular. - - Quarterly period, 90 days or irregular. - - Yearly period, 365 days or irregular. - type: string - type: array - timeSeriesId: - deprecated: true - description: Id to differentiate different time series for the large-scale case. + Defines the list of possible SQL data types to which the source + decimal values are converted. This list and the precision and the + scale parameters of the decimal field determine the target type. In + the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it + is in the specified list and if it supports the precision and the + scale. STRING supports all precision and scale values. If none of + the listed types supports the precision and the scale, the type + supporting the widest range in the specified list is picked, and if + a value exceeds the supported range when reading the data, an error + will be thrown. Example: Suppose the value of this field is + ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: * (38,9) -> + NUMERIC; * (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer + digits); * (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional + digits); * (76,38) -> BIGNUMERIC; * (77,38) -> BIGNUMERIC (error if + value exceeds supported range). This field cannot contain duplicate + types. The order of the types in this field is ignored. For example, + ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] + and NUMERIC always takes precedence over BIGNUMERIC. Defaults to + ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file + formats. items: + enum: + - DECIMAL_TARGET_TYPE_UNSPECIFIED + - NUMERIC + - BIGNUMERIC + - STRING type: string - type: array - type: object - ArimaModelInfo: - description: Arima model information. - id: ArimaModelInfo - properties: - arimaCoefficients: - $ref: '#/components/schemas/ArimaCoefficients' - description: Arima coefficients. - arimaFittingMetrics: - $ref: '#/components/schemas/ArimaFittingMetrics' - description: Arima fitting metrics. - hasDrift: - description: >- - Whether Arima model fitted with drift or not. It is always false - when d is not 1. - type: boolean - hasHolidayEffect: + enumDescriptions: + - Invalid type. + - Decimal values could be converted to NUMERIC type. + - Decimal values could be converted to BIGNUMERIC type. + - Decimal values could be converted to STRING type. + hivePartitioningOptions: + $ref: '#/components/schemas/HivePartitioningOptions' description: >- - If true, holiday_effect is a part of time series decomposition - result. - type: boolean - hasSpikesAndDips: + Optional. When set, configures hive partitioning support. Not all + storage formats support hive partitioning -- requesting hive + partitioning on an unsupported format will lead to an error, as will + providing an invalid specification. + preserveAsciiControlCharacters: description: >- - If true, spikes_and_dips is a part of time series decomposition - result. - type: boolean - hasStepChanges: - description: If true, step_changes is a part of time series decomposition result. + Optional. When sourceFormat is set to "CSV", this indicates whether + the embedded ASCII control characters (the first 32 characters in + the ASCII-table, from '\x00' to '\x1F') are preserved. type: boolean - nonSeasonalOrder: - $ref: '#/components/schemas/ArimaOrder' - description: Non-seasonal order. - seasonalPeriods: + writeDisposition: + type: string description: >- - Seasonal periods. Repeated because multiple periods are supported - for one time series. - items: - enum: - - SEASONAL_PERIOD_TYPE_UNSPECIFIED - - NO_SEASONALITY - - DAILY - - WEEKLY - - MONTHLY - - QUARTERLY - - YEARLY - enumDescriptions: - - Unspecified seasonal period. - - No seasonality - - Daily period, 24 hours. - - Weekly period, 7 days. - - Monthly period, 30 days or irregular. - - Quarterly period, 90 days or irregular. - - Yearly period, 365 days or irregular. - type: string - type: array - timeSeriesId: + Optional. Specifies the action that occurs if the destination table + already exists. The following values are supported: * + WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the + data, removes the constraints and uses the schema from the load job. + * WRITE_TRUNCATE_DATA: If the table already exists, BigQuery + overwrites the data, but keeps the constraints and schema of the + existing table. * WRITE_APPEND: If the table already exists, + BigQuery appends the data to the table. * WRITE_EMPTY: If the table + already exists and contains data, a 'duplicate' error is returned in + the job result. The default value is WRITE_APPEND. Each action is + atomic and only occurs if BigQuery is able to complete the job + successfully. Creation, truncation and append actions occur as one + atomic update upon job completion. + jsonExtension: description: >- - The time_series_id value for this time series. It will be one of the - unique values from the time_series_id_column specified during ARIMA - model training. Only present when time_series_id_column training - option was used. + Optional. Load option to be used together with source_format + newline-delimited JSON to indicate that a variant of JSON is being + loaded. To load newline-delimited GeoJSON, specify GEOJSON (and + source_format must be set to NEWLINE_DELIMITED_JSON). type: string - timeSeriesIds: + enumDescriptions: + - >- + The default if provided value is not one included in the enum, or + the value is not specified. The source format is parsed without + any modification. + - >- + Use GeoJSON variant of JSON. See + https://tools.ietf.org/html/rfc7946. + enum: + - JSON_EXTENSION_UNSPECIFIED + - GEOJSON + timePartitioning: description: >- - The tuple of time_series_ids identifying this time series. It will - be one of the unique tuples of values present in the - time_series_id_columns specified during ARIMA model training. Only - present when time_series_id_columns training option was used and the - order of values here are same as the order of - time_series_id_columns. - items: - type: string - type: array - type: object - ArimaOrder: - description: Arima order, can be used for both non-seasonal and seasonal parts. - id: ArimaOrder - properties: - d: - description: Order of the differencing part. - format: int64 - type: string - p: - description: Order of the autoregressive part. - format: int64 + Time-based partitioning specification for the destination table. + Only one of timePartitioning and rangePartitioning should be + specified. + $ref: '#/components/schemas/TimePartitioning' + sourceColumnMatch: + enumDescriptions: + - >- + Uses sensible defaults based on how the schema is provided. If + autodetect is used, then columns are matched by name. Otherwise, + columns are matched by position. This is done to keep the behavior + backward-compatible. + - >- + Matches by position. This assumes that the columns are ordered the + same way as the schema. + - >- + Matches by name. This reads the header row as column names and + reorders columns to match the field names in the schema. + enum: + - SOURCE_COLUMN_MATCH_UNSPECIFIED + - POSITION + - NAME type: string - q: - description: Order of the moving-average part. - format: int64 + description: >- + Optional. Controls the strategy used to match loaded columns to the + schema. If not set, a sensible default is chosen based on how the + schema is provided. If autodetect is used, then columns are matched + by name. Otherwise, columns are matched by position. This is done to + keep the behavior backward-compatible. + schemaInline: type: string - type: object - ArimaResult: - description: >- - (Auto-)arima fitting result. Wrap everything in ArimaResult for easier - refactoring if we want to use model-specific iteration results. - id: ArimaResult - properties: - arimaModelInfo: description: >- - This message is repeated because there are multiple arima models - fitted in auto-arima. For non-auto-arima model, its size is one. + [Deprecated] The inline schema. For CSV schemas, specify as + "Field1:Type1[,Field2:Type2]*". For example, "foo:STRING, + bar:INTEGER, baz:FLOAT". + schemaUpdateOptions: items: - $ref: '#/components/schemas/ArimaModelInfo' + type: string + description: >- + Allows the schema of the destination table to be updated as a side + effect of the load job if a schema is autodetected or supplied in + the job configuration. Schema update options are supported in three + cases: when writeDisposition is WRITE_APPEND; when writeDisposition + is WRITE_TRUNCATE_DATA; when writeDisposition is WRITE_TRUNCATE and + the destination table is a partition of a table, specified by + partition decorators. For normal tables, WRITE_TRUNCATE will always + overwrite the schema. One or more of the following values are + specified: * ALLOW_FIELD_ADDITION: allow adding a nullable field to + the schema. * ALLOW_FIELD_RELAXATION: allow relaxing a required + field in the original schema to nullable. + type: array + projectionFields: type: array - seasonalPeriods: description: >- - Seasonal periods. Repeated because multiple periods are supported - for one time series. + If sourceFormat is set to "DATASTORE_BACKUP", indicates which entity + properties to load into BigQuery from a Cloud Datastore backup. + Property names are case sensitive and must be top-level properties. + If no properties are specified, BigQuery loads all properties. If + any named property isn't found in the Cloud Datastore backup, an + invalid error is returned in the job result. items: - enum: - - SEASONAL_PERIOD_TYPE_UNSPECIFIED - - NO_SEASONALITY - - DAILY - - WEEKLY - - MONTHLY - - QUARTERLY - - YEARLY - enumDescriptions: - - Unspecified seasonal period. - - No seasonality - - Daily period, 24 hours. - - Weekly period, 7 days. - - Monthly period, 30 days or irregular. - - Quarterly period, 90 days or irregular. - - Yearly period, 365 days or irregular. type: string - type: array - type: object - ArimaSingleModelForecastingMetrics: - description: Model evaluation metrics for a single ARIMA forecasting model. - id: ArimaSingleModelForecastingMetrics - properties: - arimaFittingMetrics: - $ref: '#/components/schemas/ArimaFittingMetrics' - description: Arima fitting metrics. - hasDrift: + createSession: description: >- - Is arima model fitted with drift or not. It is always false when d - is not 1. + Optional. If this property is true, the job creates a new session + using a randomly generated session_id. To continue using a created + session with subsequent queries, pass the existing session + identifier as a `ConnectionProperty` value. The session identifier + is returned as part of the `SessionInfo` message within the query + statistics. The new session's location will be set to + `Job.JobReference.location` if it is present, otherwise it's set to + the default location based on existing routing logic. type: boolean - hasHolidayEffect: + connectionProperties: + type: array + items: + $ref: '#/components/schemas/ConnectionProperty' description: >- - If true, holiday_effect is a part of time series decomposition - result. - type: boolean - hasSpikesAndDips: + Optional. Connection properties which can modify the load job + behavior. Currently, only the 'session_id' connection property is + supported, and is used to resolve _SESSION appearing as the dataset + id. + autodetect: description: >- - If true, spikes_and_dips is a part of time series decomposition - result. - type: boolean - hasStepChanges: - description: If true, step_changes is a part of time series decomposition result. + Optional. Indicates if we should automatically infer the options and + schema for CSV and JSON sources. type: boolean - nonSeasonalOrder: - $ref: '#/components/schemas/ArimaOrder' - description: Non-seasonal order. - seasonalPeriods: - description: >- - Seasonal periods. Repeated because multiple periods are supported - for one time series. - items: - enum: - - SEASONAL_PERIOD_TYPE_UNSPECIFIED - - NO_SEASONALITY - - DAILY - - WEEKLY - - MONTHLY - - QUARTERLY - - YEARLY - enumDescriptions: - - Unspecified seasonal period. - - No seasonality - - Daily period, 24 hours. - - Weekly period, 7 days. - - Monthly period, 30 days or irregular. - - Quarterly period, 90 days or irregular. - - Yearly period, 365 days or irregular. - type: string - type: array - timeSeriesId: + nullMarker: description: >- - The time_series_id value for this time series. It will be one of the - unique values from the time_series_id_column specified during ARIMA - model training. Only present when time_series_id_column training - option was used. + Optional. Specifies a string that represents a null value in a CSV + file. For example, if you specify "\N", BigQuery interprets "\N" as + a null value when loading a CSV file. The default value is the empty + string. If you set this property to a custom value, BigQuery throws + an error if an empty string is present for all data types except for + STRING and BYTE. For STRING and BYTE columns, BigQuery interprets + the empty string as an empty value. type: string - timeSeriesIds: - description: >- - The tuple of time_series_ids identifying this time series. It will - be one of the unique tuples of values present in the - time_series_id_columns specified during ARIMA model training. Only - present when time_series_id_columns training option was used and the - order of values here are same as the order of - time_series_id_columns. - items: - type: string + nullMarkers: type: array - type: object - AuditConfig: - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. - id: AuditConfig - properties: - auditLogConfigs: - description: The configuration for logging of each type of permission. items: - $ref: '#/components/schemas/AuditLogConfig' - type: array - service: + type: string description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - type: object - AuditLogConfig: - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - id: AuditLogConfig - properties: - exemptedMembers: + Optional. A list of strings represented as SQL NULL value in a CSV + file. null_marker and null_markers can't be set at the same time. If + null_marker is set, null_markers has to be not set. If null_markers + is set, null_marker has to be not set. If both null_marker and + null_markers are set at the same time, a user error would be thrown. + Any strings listed in null_markers, including empty string would be + interpreted as SQL NULL. This applies to all column types. + timeZone: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - items: - type: string - type: array - logType: - description: The log type that this config enables. - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' + Optional. Default time zone that will apply when parsing timestamp + values that have no specific time zone. + type: string + createDisposition: type: string - type: object - AvroOptions: - description: Options for external data sources. - id: AvroOptions - properties: - useAvroLogicalTypes: description: >- - Optional. If sourceFormat is set to "AVRO", indicates whether to - interpret logical types as the corresponding BigQuery data type (for - example, TIMESTAMP), instead of using the raw type (for example, - INTEGER). - type: boolean - type: object - BatchDeleteRowAccessPoliciesRequest: - description: Request message for the BatchDeleteRowAccessPoliciesRequest method. - id: BatchDeleteRowAccessPoliciesRequest - properties: - force: + Optional. Specifies whether the job is allowed to create new tables. + The following values are supported: * CREATE_IF_NEEDED: If the table + does not exist, BigQuery creates the table. * CREATE_NEVER: The + table must already exist. If it does not, a 'notFound' error is + returned in the job result. The default value is CREATE_IF_NEEDED. + Creation, truncation and append actions occur as one atomic update + upon job completion. + datetimeFormat: + description: Optional. Date format used for parsing DATETIME values. + type: string + dateFormat: + type: string + description: Optional. Date format used for parsing DATE values. + skipLeadingRows: description: >- - If set to true, it deletes the row access policy even if it's the - last row access policy on the table and the deletion will widen the - access rather narrowing it. + Optional. The number of rows at the top of a CSV file that BigQuery + will skip when loading the data. The default value is 0. This + property is useful if you have header rows in the file that should + be skipped. When autodetect is on, the behavior is the following: * + skipLeadingRows unspecified - Autodetect tries to detect headers in + the first row. If they are not detected, the row is read as data. + Otherwise data is read starting from the second row. * + skipLeadingRows is 0 - Instructs autodetect that there are no + headers and data should be read starting from the first row. * + skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to + detect headers in row N. If headers are not detected, row N is just + skipped. Otherwise row N is used to extract column names for the + detected schema. + format: int32 + type: integer + timeFormat: + description: Optional. Date format used for parsing TIME values. + type: string + allowQuotedNewlines: type: boolean - policyIds: - description: Required. Policy IDs of the row access policies. - items: - type: string - type: array - type: object - BiEngineReason: - description: Reason why BI Engine didn't accelerate the query (or sub-query). - id: BiEngineReason - properties: - code: description: >- - Output only. High-level BI Engine reason for partial or disabled - acceleration - enum: - - CODE_UNSPECIFIED - - NO_RESERVATION - - INSUFFICIENT_RESERVATION - - UNSUPPORTED_SQL_TEXT - - INPUT_TOO_LARGE - - OTHER_REASON - - TABLE_EXCLUDED + Indicates if BigQuery should allow quoted data sections that contain + newline characters in a CSV file. The default value is false. + columnNameCharacterMap: + type: string enumDescriptions: - - BiEngineReason not specified. - - No reservation available for BI Engine acceleration. - - Not enough memory available for BI Engine acceleration. + - Unspecified column name character map. + - Support flexible column name and reject invalid column names. - >- - This particular SQL text is not supported for acceleration by BI - Engine. - - Input too large for acceleration by BI Engine. + Support alphanumeric + underscore characters and names must start + with a letter or underscore. Invalid column names will be + normalized. - >- - Catch-all code for all other cases for partial or disabled - acceleration. - - One or more tables were not eligible for BI Engine acceleration. - readOnly: true - type: string - message: + Support flexible column name. Invalid column names will be + normalized. description: >- - Output only. Free form human-readable reason for partial or disabled - acceleration. - readOnly: true + Optional. Character map supported for column names in CSV/Parquet + loads. Defaults to STRICT and can be overridden by Project Config + Service. Using this option with unsupporting load formats will + result in an error. + enum: + - COLUMN_NAME_CHARACTER_MAP_UNSPECIFIED + - STRICT + - V1 + - V2 + maxBadRecords: + description: >- + Optional. The maximum number of bad records that BigQuery can ignore + when running the job. If the number of bad records exceeds this + value, an invalid error is returned in the job result. The default + value is 0, which requires that all records are valid. This is only + supported for CSV and NEWLINE_DELIMITED_JSON file formats. + format: int32 + type: integer + allowJaggedRows: + description: >- + Optional. Accept rows that are missing trailing optional columns. + The missing values are treated as nulls. If false, records with + missing trailing columns are treated as bad records, and if there + are too many bad records, an invalid error is returned in the job + result. The default value is false. Only applicable to CSV, ignored + for other formats. + type: boolean + quote: + pattern: .? type: string - type: object - BiEngineStatistics: - description: >- - Statistics for a BI Engine specific query. Populated as part of - JobStatistics2 - id: BiEngineStatistics - properties: - accelerationMode: + default: '"' description: >- - Output only. Specifies which mode of BI Engine acceleration was - performed (if any). - enum: - - BI_ENGINE_ACCELERATION_MODE_UNSPECIFIED - - BI_ENGINE_DISABLED - - PARTIAL_INPUT - - FULL_INPUT - - FULL_QUERY - enumDescriptions: - - BiEngineMode type not specified. - - >- - BI Engine acceleration was attempted but disabled. - bi_engine_reasons specifies a more detailed reason. - - >- - Some inputs were accelerated using BI Engine. See - bi_engine_reasons for why parts of the query were not accelerated. - - All of the query inputs were accelerated using BI Engine. - - All of the query was accelerated using BI Engine. - readOnly: true + Optional. The value that is used to quote data sections in a CSV + file. BigQuery converts the string to ISO-8859-1 encoding, and then + uses the first byte of the encoded string to split the data in its + raw, binary state. The default value is a double-quote ('"'). If + your data does not contain quoted sections, set the property value + to an empty string. If your data contains quoted newline characters, + you must also set the allowQuotedNewlines property to true. To + include the specific quote character within a quoted value, precede + it with an additional matching quote character. For example, if you + want to escape the default character ' " ', use ' "" '. @default " + destinationEncryptionConfiguration: + $ref: '#/components/schemas/EncryptionConfiguration' + description: Custom encryption configuration (e.g., Cloud KMS keys) + destinationTableProperties: + description: >- + Optional. [Experimental] Properties with which to create the + destination table if it is new. + $ref: '#/components/schemas/DestinationTableProperties' + ignoreUnknownValues: + description: >- + Optional. Indicates if BigQuery should allow extra values that are + not represented in the table schema. If true, the extra values are + ignored. If false, records with extra columns are treated as bad + records, and if there are too many bad records, an invalid error is + returned in the job result. The default value is false. The + sourceFormat property determines what BigQuery treats as an extra + value: CSV: Trailing columns JSON: Named values that don't match any + column names in the table schema Avro, Parquet, ORC: Fields in the + file schema that don't exist in the table schema. + type: boolean + schemaInlineFormat: type: string - biEngineMode: + description: '[Deprecated] The format of the schemaInline property.' + copyFilesOnly: + type: boolean description: >- - Output only. Specifies which mode of BI Engine acceleration was - performed (if any). - enum: - - ACCELERATION_MODE_UNSPECIFIED - - DISABLED - - PARTIAL - - FULL - enumDescriptions: - - BiEngineMode type not specified. - - >- - BI Engine disabled the acceleration. bi_engine_reasons specifies a - more detailed reason. - - >- - Part of the query was accelerated using BI Engine. See - bi_engine_reasons for why parts of the query were not accelerated. - - All of the query was accelerated using BI Engine. - readOnly: true + Optional. [Experimental] Configures the load job to copy files + directly to the destination BigLake managed table, bypassing file + content reading and rewriting. Copying files only is supported when + all the following are true: * `source_uris` are located in the same + Cloud Storage location as the destination table's `storage_uri` + location. * `source_format` is `PARQUET`. * `destination_table` is + an existing BigLake managed table. The table's schema does not have + flexible column names. The table's columns do not have type + parameters other than precision and scale. * No options other than + the above are specified. + timestampFormat: + description: Optional. Date format used for parsing TIMESTAMP values. type: string - biEngineReasons: + sourceFormat: description: >- - In case of DISABLED or PARTIAL bi_engine_mode, these contain the - explanatory reasons as to why BI Engine could not accelerate. In - case the full query was accelerated, this field is not populated. + Optional. The format of the data files. For CSV files, specify + "CSV". For datastore backups, specify "DATASTORE_BACKUP". For + newline-delimited JSON, specify "NEWLINE_DELIMITED_JSON". For Avro, + specify "AVRO". For parquet, specify "PARQUET". For orc, specify + "ORC". The default value is CSV. + type: string + timestampTargetPrecision: + description: >- + Precisions (maximum number of total digits in base 10) for seconds + of TIMESTAMP types that are allowed to the destination table for + autodetection mode. Available for the formats: CSV. For the CSV + Format, Possible values include: Not Specified, [], or [6]: + timestamp(6) for all auto detected TIMESTAMP columns [6, 12]: + timestamp(6) for all auto detected TIMESTAMP columns that have less + than 6 digits of subseconds. timestamp(12) for all auto detected + TIMESTAMP columns that have more than 6 digits of subseconds. [12]: + timestamp(12) for all auto detected TIMESTAMP columns. The order of + the elements in this array is ignored. Inputs that have higher + precision than the highest target precision in this array will be + truncated. items: - $ref: '#/components/schemas/BiEngineReason' + type: integer + format: int32 type: array - type: object - BigLakeConfiguration: - description: >- - Configuration for BigQuery tables for Apache Iceberg (formerly BigLake - managed tables.) - id: BigLakeConfiguration - properties: - connectionId: + referenceFileSchemaUri: description: >- - Optional. The connection specifying the credentials to be used to - read and write to external storage, such as Cloud Storage. The - connection_id can have the form - `{project}.{location}.{connection_id}` or - `projects/{project}/locations/{location}/connections/{connection_id}". + Optional. The user can provide a reference file with the reader + schema. This file is only loaded if it is part of source URIs, but + is not loaded otherwise. It is enabled for the following formats: + AVRO, PARQUET, ORC. type: string - fileFormat: - description: Optional. The file format the table data is stored in. + fileSetSpecType: enum: - - FILE_FORMAT_UNSPECIFIED - - PARQUET + - FILE_SET_SPEC_TYPE_FILE_SYSTEM_MATCH + - FILE_SET_SPEC_TYPE_NEW_LINE_DELIMITED_MANIFEST enumDescriptions: - - Default Value. - - Apache Parquet format. - type: string - storageUri: + - >- + This option expands source URIs by listing files from the object + store. It is the default behavior if FileSetSpecType is not set. + - >- + This option indicates that the provided URIs are newline-delimited + manifest files, with one URI per line. Wildcard URIs are not + supported. description: >- - Optional. The fully qualified location prefix of the external folder - where table data is stored. The '*' wildcard character is not - allowed. The URI should be in the format - `gs://bucket/path_to_table/` + Optional. Specifies how source URIs are interpreted for constructing + the file set to load. By default, source URIs are expanded against + the underlying storage. You can also specify manifest files to + control how the file set is constructed. This option is only + applicable to object storage systems. type: string - tableFormat: + parquetOptions: description: >- - Optional. The table format the metadata only snapshots are stored - in. - enum: - - TABLE_FORMAT_UNSPECIFIED - - ICEBERG - enumDescriptions: - - Default Value. - - Apache Iceberg format. - type: string - type: object - BigQueryModelTraining: - id: BigQueryModelTraining - properties: - currentIteration: - description: Deprecated. - format: int32 - type: integer - expectedTotalIterations: - description: Deprecated. - format: int64 - type: string - type: object - BigtableColumn: - description: Information related to a Bigtable column. - id: BigtableColumn - properties: - encoding: + Optional. Additional properties to set if sourceFormat is set to + PARQUET. + $ref: '#/components/schemas/ParquetOptions' + useAvroLogicalTypes: description: >- - Optional. The encoding of the values when the type is not STRING. - Acceptable encoding values are: TEXT - indicates values are - alphanumeric text strings. BINARY - indicates values are encoded - using HBase Bytes.toBytes family of functions. 'encoding' can also - be set at the column family level. However, the setting at this - level takes precedence if 'encoding' is set at both levels. + Optional. If sourceFormat is set to "AVRO", indicates whether to + interpret logical types as the corresponding BigQuery data type (for + example, TIMESTAMP), instead of using the raw type (for example, + INTEGER). + type: boolean + fieldDelimiter: type: string - fieldName: description: >- - Optional. If the qualifier is not a valid BigQuery field identifier - i.e. does not match a-zA-Z*, a valid identifier must be provided as - the column field name and is used as field name in queries. - type: string - onlyReadLatest: + Optional. The separator character for fields in a CSV file. The + separator is interpreted as a single byte. For files encoded in + ISO-8859-1, any single character can be used as a separator. For + files encoded in UTF-8, characters represented in decimal range + 1-127 (U+0001-U+007F) can be used without any modification. UTF-8 + characters encoded with multiple bytes (i.e. U+0080 and above) will + have only the first byte used for separating fields. The remaining + bytes will be treated as a part of the field. BigQuery also supports + the escape sequence "\t" (U+0009) to specify a tab separator. The + default value is comma (",", U+002C). + rangePartitioning: description: >- - Optional. If this is set, only the latest version of value in this - column are exposed. 'onlyReadLatest' can also be set at the column - family level. However, the setting at this level takes precedence if - 'onlyReadLatest' is set at both levels. - type: boolean - qualifierEncoded: + Range partitioning specification for the destination table. Only one + of timePartitioning and rangePartitioning should be specified. + $ref: '#/components/schemas/RangePartitioning' + schema: + $ref: '#/components/schemas/TableSchema' description: >- - [Required] Qualifier of the column. Columns in the parent column - family that has this exact qualifier are exposed as `.` field. If - the qualifier is valid UTF-8 string, it can be specified in the - qualifier_string field. Otherwise, a base-64 encoded value must be - set to qualifier_encoded. The column field name is the same as the - column qualifier. However, if the qualifier is not a valid BigQuery - field identifier i.e. does not match a-zA-Z*, a valid identifier - must be provided as field_name. - format: byte - type: string - qualifierString: - description: Qualifier string. - type: string - type: + Optional. The schema for the destination table. The schema can be + omitted if the destination table already exists, or if you're + loading data from Google Cloud Datastore. + encoding: description: >- - Optional. The type to convert the value in cells of this column. The - values are expected to be encoded using HBase Bytes.toBytes function - when using the BINARY encoding value. Following BigQuery types are - allowed (case-sensitive): * BYTES * STRING * INTEGER * FLOAT * - BOOLEAN * JSON Default type is BYTES. 'type' can also be set at the - column family level. However, the setting at this level takes - precedence if 'type' is set at both levels. + Optional. The character encoding of the data. The supported values + are UTF-8, ISO-8859-1, UTF-16BE, UTF-16LE, UTF-32BE, and UTF-32LE. + The default value is UTF-8. BigQuery decodes the data after the raw, + binary data has been split using the values of the `quote` and + `fieldDelimiter` properties. If you don't specify an encoding, or if + you specify a UTF-8 encoding when the CSV file is not UTF-8 encoded, + BigQuery attempts to convert the data to UTF-8. Generally, your data + loads successfully, but it may not match byte-for-byte what you + expect. To avoid this, specify the correct encoding by using the + `--encoding` flag. If BigQuery can't convert a character other than + the ASCII `0` character, BigQuery converts the character to the + standard Unicode replacement character: �. type: string + clustering: + $ref: '#/components/schemas/Clustering' + description: Clustering specification for the destination table. type: object - BigtableColumnFamily: - description: Information related to a Bigtable column family. - id: BigtableColumnFamily + ConfusionMatrix: + description: Confusion matrix for multi-class classification models. properties: - columns: + confidenceThreshold: + format: double + type: number description: >- - Optional. Lists of columns that should be exposed as individual - fields as opposed to a list of (column name, value) pairs. All - columns whose qualifier matches a qualifier in this list can be - accessed as `.`. Other columns can be accessed as a list through the - `.Column` field. - items: - $ref: '#/components/schemas/BigtableColumn' + Confidence threshold used when computing the entries of the + confusion matrix. + rows: type: array - encoding: + items: + $ref: '#/components/schemas/Row' + description: One row per actual label. + type: object + id: ConfusionMatrix + ModelExtractOptions: + id: ModelExtractOptions + description: Options related to model extraction. + type: object + properties: + trialId: description: >- - Optional. The encoding of the values when the type is not STRING. - Acceptable encoding values are: TEXT - indicates values are - alphanumeric text strings. BINARY - indicates values are encoded - using HBase Bytes.toBytes family of functions. This can be - overridden for a specific column by listing that column in 'columns' - and specifying an encoding for it. - type: string - familyId: - description: Identifier of the column family. + The 1-based ID of the trial to be exported from a hyperparameter + tuning model. If not specified, the trial with id = + [Model](https://cloud.google.com/bigquery/docs/reference/rest/v2/models#resource:-model).defaultTrialId + is exported. This field is ignored for models not trained with + hyperparameter tuning. + format: int64 type: string - onlyReadLatest: + StoredColumnsUnusedReason: + id: StoredColumnsUnusedReason + properties: + uncoveredColumns: + items: + type: string description: >- - Optional. If this is set only the latest version of value are - exposed for all columns in this column family. This can be - overridden for a specific column by listing that column in 'columns' - and specifying a different setting for that column. - type: boolean - type: + Specifies which columns were not covered by the stored columns for + the specified code up to 20 columns. This is populated when the code + is STORED_COLUMNS_COVER_INSUFFICIENT and BASE_TABLE_HAS_CLS. + type: array + code: + enum: + - CODE_UNSPECIFIED + - STORED_COLUMNS_COVER_INSUFFICIENT + - BASE_TABLE_HAS_RLS + - BASE_TABLE_HAS_CLS + - UNSUPPORTED_PREFILTER + - INTERNAL_ERROR + - OTHER_REASON + enumDescriptions: + - Default value. + - If stored columns do not fully cover the columns. + - If the base table has RLS (Row Level Security). + - If the base table has CLS (Column Level Security). + - If the provided prefilter is not supported. + - If an internal error is preventing stored columns from being used. + - >- + Indicates that the reason stored columns cannot be used in the + query is not covered by any of the other StoredColumnsUnusedReason + options. description: >- - Optional. The type to convert the value in cells of this column - family. The values are expected to be encoded using HBase - Bytes.toBytes function when using the BINARY encoding value. - Following BigQuery types are allowed (case-sensitive): * BYTES * - STRING * INTEGER * FLOAT * BOOLEAN * JSON Default type is BYTES. - This can be overridden for a specific column by listing that column - in 'columns' and specifying a type for it. + Specifies the high-level reason for the unused scenario, each reason + must have a code associated. + type: string + message: + description: Specifies the detailed description for the scenario. type: string + description: If the stored column was not used, explain why. type: object - BigtableOptions: - description: Options specific to Google Cloud Bigtable data sources. - id: BigtableOptions + JobConfiguration: + id: JobConfiguration properties: - columnFamilies: + extract: + description: '[Pick one] Configures an extract job.' + $ref: '#/components/schemas/JobConfigurationExtract' + copy: + description: '[Pick one] Copies a table.' + $ref: '#/components/schemas/JobConfigurationTableCopy' + load: + description: '[Pick one] Configures a load job.' + $ref: '#/components/schemas/JobConfigurationLoad' + reservation: description: >- - Optional. List of column families to expose in the table schema - along with their types. This list restricts the column families that - can be referenced in queries and specifies their value types. You - can use this list to do type conversions - see the 'type' field for - more details. If you leave this list empty, all column families are - present in the table schema and their values are read as BYTES. - During a query only the column families referenced in that query are - read from Bigtable. - items: - $ref: '#/components/schemas/BigtableColumnFamily' - type: array - ignoreUnspecifiedColumnFamilies: + Optional. The reservation that job would use. User can specify a + reservation to execute the job. If reservation is not set, + reservation is determined based on the rules defined by the + reservation assignments. The expected format is + `projects/{project}/locations/{location}/reservations/{reservation}`. + type: string + labels: description: >- - Optional. If field is true, then the column families that are not - specified in columnFamilies list are not exposed in the table - schema. Otherwise, they are read with BYTES type values. The default - value is false. - type: boolean - outputColumnFamiliesAsJson: + The labels associated with this job. You can use these to organize + and group your jobs. Label keys and values can be no longer than 63 + characters, can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. Label + values are optional. Label keys must start with a letter and each + label in the list must have a different key. + type: object + additionalProperties: + type: string + jobTimeoutMs: + type: string description: >- - Optional. If field is true, then each column family will be read as - a single JSON column. Otherwise they are read as a repeated cell - structure containing timestamp/value tuples. The default value is - false. - type: boolean - readRowkeyAsString: + Optional. Job timeout in milliseconds relative to the job creation + time. If this time limit is exceeded, BigQuery attempts to stop the + job, but might not always succeed in canceling it before the job + completes. For example, a job that takes more than 60 seconds to + complete has a better chance of being stopped than a job that takes + 10 seconds to complete. + format: int64 + jobType: description: >- - Optional. If field is true, then the rowkey column families will be - read and converted to string. Otherwise they are read with BYTES - type values and users need to manually cast them with CAST if - necessary. The default value is false. + Output only. The type of the job. Can be QUERY, LOAD, EXTRACT, COPY + or UNKNOWN. + type: string + query: + description: '[Pick one] Configures a query job.' + $ref: '#/components/schemas/JobConfigurationQuery' + maxSlots: + format: int32 + description: >- + Optional. A target limit on the rate of slot consumption by this + job. If set to a value > 0, BigQuery will attempt to limit the rate + of slot consumption by this job to keep it below the configured + limit, even if the job is eligible for more slots based on fair + scheduling. The unused slots will be available for other jobs and + queries to use. Note: This feature is not yet generally available. + type: integer + dryRun: + description: >- + Optional. If set, don't actually run this job. A valid query will + return a mostly empty response with some processing statistics, + while an invalid query will return the same error it would if it + wasn't a dry run. Behavior of non-query jobs is undefined. type: boolean type: object - BinaryClassificationMetrics: - description: Evaluation metrics for binary classification/classifier models. - id: BinaryClassificationMetrics + SystemVariables: + description: System variables given to a query. + type: object + id: SystemVariables properties: - aggregateClassificationMetrics: - $ref: '#/components/schemas/AggregateClassificationMetrics' - description: Aggregate classification metrics. - binaryConfusionMatrixList: - description: Binary confusion matrix at multiple thresholds. - items: - $ref: '#/components/schemas/BinaryConfusionMatrix' - type: array - negativeLabel: - description: Label representing the negative class. - type: string - positiveLabel: - description: Label representing the positive class. - type: string + values: + readOnly: true + description: Output only. Value for each system variable. + additionalProperties: + description: Properties of the object. + type: any + type: object + types: + type: object + readOnly: true + description: Output only. Data type for each system variable. + additionalProperties: + $ref: '#/components/schemas/StandardSqlDataType' + HparamSearchSpaces: + description: >- + Hyperparameter search spaces. These should be a subset of + training_options. type: object - BinaryConfusionMatrix: - description: Confusion matrix for binary classification models. - id: BinaryConfusionMatrix + id: HparamSearchSpaces properties: - accuracy: - description: The fraction of predictions given the correct label. - format: double - type: number - f1Score: - description: The equally weighted average of recall and precision. - format: double - type: number - falseNegatives: - description: Number of false samples predicted as false. - format: int64 - type: string - falsePositives: - description: Number of false samples predicted as true. - format: int64 - type: string - positiveClassThreshold: - description: Threshold value used when computing each of the following metric. - format: double - type: number - precision: + hiddenUnits: + $ref: '#/components/schemas/IntArrayHparamSearchSpace' + description: Hidden units for neural network models. + l2Reg: + $ref: '#/components/schemas/DoubleHparamSearchSpace' + description: L2 regularization coefficient. + walsAlpha: description: >- - The fraction of actual positive predictions that had positive actual - labels. - format: double - type: number - recall: + Hyperparameter for matrix factoration when implicit feedback type is + specified. + $ref: '#/components/schemas/DoubleHparamSearchSpace' + numFactors: + $ref: '#/components/schemas/IntHparamSearchSpace' + description: Number of latent factors to train on. + boosterType: + $ref: '#/components/schemas/StringHparamSearchSpace' + description: Booster type for boosted tree models. + subsample: + $ref: '#/components/schemas/DoubleHparamSearchSpace' description: >- - The fraction of actual positive labels that were given a positive - prediction. - format: double - type: number - trueNegatives: - description: Number of true samples predicted as false. - format: int64 - type: string - truePositives: - description: Number of true samples predicted as true. - format: int64 + Subsample the training data to grow tree to prevent overfitting for + boosted tree models. + numClusters: + description: Number of clusters for k-means. + $ref: '#/components/schemas/IntHparamSearchSpace' + minSplitLoss: + $ref: '#/components/schemas/DoubleHparamSearchSpace' + description: Minimum split loss for boosted tree models. + l1Reg: + $ref: '#/components/schemas/DoubleHparamSearchSpace' + description: L1 regularization coefficient. + activationFn: + $ref: '#/components/schemas/StringHparamSearchSpace' + description: Activation functions of neural network models. + colsampleBylevel: + description: Subsample ratio of columns for each level for boosted tree models. + $ref: '#/components/schemas/DoubleHparamSearchSpace' + batchSize: + description: Mini batch sample size. + $ref: '#/components/schemas/IntHparamSearchSpace' + colsampleBytree: + description: >- + Subsample ratio of columns when constructing each tree for boosted + tree models. + $ref: '#/components/schemas/DoubleHparamSearchSpace' + dropout: + description: >- + Dropout probability for dnn model training and boosted tree models + using dart booster. + $ref: '#/components/schemas/DoubleHparamSearchSpace' + minTreeChildWeight: + description: >- + Minimum sum of instance weight needed in a child for boosted tree + models. + $ref: '#/components/schemas/IntHparamSearchSpace' + optimizer: + description: Optimizer of TF models. + $ref: '#/components/schemas/StringHparamSearchSpace' + maxTreeDepth: + $ref: '#/components/schemas/IntHparamSearchSpace' + description: Maximum depth of a tree for boosted tree models. + numParallelTree: + $ref: '#/components/schemas/IntHparamSearchSpace' + description: Number of parallel trees for boosted tree models. + learnRate: + $ref: '#/components/schemas/DoubleHparamSearchSpace' + description: Learning rate of training jobs. + treeMethod: + $ref: '#/components/schemas/StringHparamSearchSpace' + description: Tree construction algorithm for boosted tree models. + dartNormalizeType: + description: Dart normalization type for boosted tree models. + $ref: '#/components/schemas/StringHparamSearchSpace' + colsampleBynode: + $ref: '#/components/schemas/DoubleHparamSearchSpace' + description: >- + Subsample ratio of columns for each node(split) for boosted tree + models. + TableDataInsertAllResponse: + id: TableDataInsertAllResponse + description: Describes the format of a streaming insert response. + properties: + insertErrors: + type: array + description: Describes specific errors encountered while processing the request. + items: + properties: + errors: + items: + $ref: '#/components/schemas/ErrorProto' + description: Error information for the row indicated by the index property. + type: array + index: + type: integer + description: The index of the row that error applies to. + format: uint32 + type: object + description: Error details about a single row's insertion. + kind: type: string + description: Returns "bigquery#tableDataInsertAllResponse". + default: bigquery#tableDataInsertAllResponse type: object - Binding: - description: Associates `members`, or principals, with a `role`. - id: Binding + ViewDefinition: properties: - condition: - $ref: '#/components/schemas/Expr' - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - members: - description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + foreignDefinitions: + description: Optional. Foreign view representations. + type: array items: - type: string + $ref: '#/components/schemas/ForeignViewDefinition' + useExplicitColumnNames: + description: >- + True if the column names are explicitly specified. For example by + using the 'CREATE VIEW v(c1, c2) AS ...' syntax. Can only be set for + GoogleSQL views. + type: boolean + userDefinedFunctionResources: type: array - role: + description: Describes user-defined function resources used in the query. + items: + $ref: '#/components/schemas/UserDefinedFunctionResource' + useLegacySql: description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + Specifies whether to use BigQuery's legacy SQL for this view. The + default value is true. If set to false, the view will use BigQuery's + GoogleSQL: https://cloud.google.com/bigquery/sql-reference/ Queries + and views that reference this view must use the same flag value. A + wrapper is used here because the default value is True. + type: boolean + privacyPolicy: + $ref: '#/components/schemas/PrivacyPolicy' + description: Optional. Specifies the privacy policy for the view. + query: + description: >- + Required. A query that BigQuery executes when the view is + referenced. type: string type: object - BqmlIterationResult: - id: BqmlIterationResult + description: Describes the definition of a logical view. + id: ViewDefinition + DataFormatOptions: + type: object properties: - durationMs: - description: Deprecated. - format: int64 + timestampOutputFormat: + enum: + - TIMESTAMP_OUTPUT_FORMAT_UNSPECIFIED + - FLOAT64 + - INT64 + - ISO8601_STRING + enumDescriptions: + - Corresponds to default API output behavior, which is FLOAT64. + - Timestamp is output as float64 seconds since Unix epoch. + - Timestamp is output as int64 microseconds since Unix epoch. + - >- + Timestamp is output as ISO 8601 String + ("YYYY-MM-DDTHH:MM:SS.FFFFFFFFFFFFZ"). + description: >- + Optional. The API output format for a timestamp. This offers more + explicit control over the timestamp output format as compared to the + existing `use_int64_timestamp` option. type: string - evalLoss: - description: Deprecated. - format: double - type: number - index: - description: Deprecated. + useInt64Timestamp: + description: Optional. Output timestamp as usec int64. Default is false. + type: boolean + description: Options for data format adjustments. + id: DataFormatOptions + QueryParameterType: + id: QueryParameterType + description: The type of a query parameter. + type: object + properties: + rangeElementType: + $ref: '#/components/schemas/QueryParameterType' + description: Optional. The element type of the range, if this is a range. + timestampPrecision: + description: >- + Optional. Precision (maximum number of total digits in base 10) for + seconds of TIMESTAMP type. Possible values include: * 6 (Default, + for TIMESTAMP type with microsecond precision) * 12 (For TIMESTAMP + type with picosecond precision) + default: '6' + format: int64 + type: string + type: + type: string + description: Required. The top level type of this field. + structTypes: + type: array + description: >- + Optional. The types of the fields of this struct, in order, if this + is a struct. + items: + type: object + description: The type of a struct parameter. + properties: + name: + type: string + description: Optional. The name of this field. + description: + description: Optional. Human-oriented description of the field. + type: string + type: + description: Required. The type of this field. + $ref: '#/components/schemas/QueryParameterType' + arrayType: + $ref: '#/components/schemas/QueryParameterType' + description: Optional. The type of the array's elements, if this is an array. + TableDataList: + id: TableDataList + type: object + properties: + pageToken: + description: >- + A token used for paging results. Providing this token instead of the + startIndex parameter can help you retrieve stable results when an + underlying table is changing. + type: string + totalRows: + format: int64 + type: string + description: >- + Total rows of the entire table. In order to show default value 0 we + have to present it as string. + rows: + items: + $ref: '#/components/schemas/TableRow' + type: array + description: Rows of results. + etag: + description: A hash of this page of results. + type: string + kind: + default: bigquery#tableDataList + type: string + description: The resource type of the response. + SparkStatistics: + properties: + kmsKeyName: + type: string + description: >- + Output only. The Cloud KMS encryption key that is used to protect + the resources created by the Spark job. If the Spark procedure uses + the invoker security mode, the Cloud KMS encryption key is either + inferred from the provided system variable, + `@@spark_proc_properties.kms_key_name`, or the default key of the + BigQuery job's project (if the CMEK organization policy is + enforced). Otherwise, the Cloud KMS key is either inferred from the + Spark connection associated with the procedure (if it is provided), + or from the default key of the Spark connection's project if the + CMEK organization policy is enforced. Example: * + `projects/[kms_project_id]/locations/[region]/keyRings/[key_region]/cryptoKeys/[key]` + readOnly: true + loggingInfo: + $ref: '#/components/schemas/SparkLoggingInfo' + description: >- + Output only. Logging info is used to generate a link to Cloud + Logging. + readOnly: true + sparkJobId: + description: Output only. Spark job ID if a Spark job is created successfully. + type: string + readOnly: true + sparkJobLocation: + readOnly: true + description: >- + Output only. Location where the Spark job is executed. A location is + selected by BigQueury for jobs configured to run in a multi-region. + type: string + gcsStagingBucket: + type: string + readOnly: true + description: >- + Output only. The Google Cloud Storage bucket that is used as the + default file system by the Spark application. This field is only + filled when the Spark procedure uses the invoker security mode. The + `gcsStagingBucket` bucket is inferred from the + `@@spark_proc_properties.staging_bucket` system variable (if it is + provided). Otherwise, BigQuery creates a default staging bucket for + the job and returns the bucket name in this field. Example: * + `gs://[bucket_name]` + endpoints: + readOnly: true + type: object + description: >- + Output only. Endpoints returned from Dataproc. Key list: - + history_server_endpoint: A link to Spark job UI. + additionalProperties: + type: string + description: Statistics for a BigSpark query. Populated as part of JobStatistics2 + type: object + id: SparkStatistics + GetPolicyOptions: + id: GetPolicyOptions + description: Encapsulates settings provided to GetIamPolicy. + properties: + requestedPolicyVersion: format: int32 + description: >- + Optional. The maximum policy version that will be used to format the + policy. Valid values are 0, 1, and 3. Requests specifying an invalid + value will be rejected. Requests for policies with any conditional + role bindings must specify version 3. Policies with no conditional + role bindings may specify any valid value or leave the field unset. + The policy in the response might use the policy version that you + specified, or it might use a lower policy version. For example, if + you specify version 3, but the policy has no conditional role + bindings, the response uses version 1. To learn which resources + support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). type: integer - learnRate: - description: Deprecated. - format: double - type: number - trainingLoss: - description: Deprecated. - format: double - type: number type: object + QueryInfo: + id: QueryInfo + description: Query optimization information for a QUERY job. + properties: + optimizationDetails: + readOnly: true + type: object + additionalProperties: + type: any + description: Properties of the object. + description: Output only. Information about query optimizations. + type: object + SetIamPolicyRequest: + description: Request message for `SetIamPolicy` method. + properties: + updateMask: + format: google-fieldmask + type: string + description: >- + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + policy: + $ref: '#/components/schemas/Policy' + description: >- + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + type: object + id: SetIamPolicyRequest + ForeignTypeInfo: + description: >- + Metadata about the foreign data type definition such as the system in + which the type is defined. + properties: + typeSystem: + type: string + description: Required. Specifies the system which defines the foreign data type. + enumDescriptions: + - TypeSystem not specified. + - Represents Hive data types. + enum: + - TYPE_SYSTEM_UNSPECIFIED + - HIVE + type: object + id: ForeignTypeInfo BqmlTrainingRun: id: BqmlTrainingRun + type: object properties: - iterationResults: + startTime: + format: date-time description: Deprecated. + type: string + iterationResults: + type: array items: $ref: '#/components/schemas/BqmlIterationResult' - type: array - startTime: description: Deprecated. - format: date-time - type: string state: description: Deprecated. type: string trainingOptions: description: Deprecated. properties: - earlyStop: + warmStart: type: boolean - l1Reg: - format: double - type: number - l2Reg: - format: double - type: number - learnRate: + minRelProgress: format: double type: number - learnRateStrategy: - type: string + earlyStop: + type: boolean lineSearchInitLearnRate: format: double type: number maxIteration: format: int64 type: string - minRelProgress: + learnRate: format: double type: number - warmStart: - type: boolean - type: object - type: object - CategoricalValue: - description: Representative value of a categorical feature. - id: CategoricalValue + l1Reg: + format: double + type: number + l2Reg: + type: number + format: double + learnRateStrategy: + type: string + type: object + ArimaOrder: + id: ArimaOrder properties: - categoryCounts: - description: >- - Counts of all categories for the categorical feature. If there are - more than ten categories, we return top ten (by count) and return - one more CategoryCount with category "_OTHER_" and count as - aggregate counts of remaining categories. - items: - $ref: '#/components/schemas/CategoryCount' - type: array + p: + type: string + format: int64 + description: Order of the autoregressive part. + q: + description: Order of the moving-average part. + format: int64 + type: string + d: + type: string + description: Order of the differencing part. + format: int64 + description: Arima order, can be used for both non-seasonal and seasonal parts. + type: object + SerDeInfo: + id: SerDeInfo type: object - CategoryCount: - description: Represents the count of a single category within the cluster. - id: CategoryCount properties: - category: - description: The name of category. + serializationLibrary: + description: >- + Required. Specifies a fully-qualified class name of the + serialization library that is responsible for the translation of + data between table representation and the underlying low-level input + and output format structures. The maximum length is 256 characters. type: string - count: + parameters: + type: object + additionalProperties: + type: string description: >- - The count of training samples matching the category within the - cluster. - format: int64 + Optional. Key-value pairs that define the initialization parameters + for the serialization library. Maximum size 10 Kib. + name: + description: Optional. Name of the SerDe. The maximum length is 256 characters. type: string + description: Serializer and deserializer information. + DataSplitResult: + description: >- + Data split result. This contains references to the training and + evaluation data tables that were used to train the model. type: object - CloneDefinition: - description: Information about base table and clone time of a table clone. - id: CloneDefinition + id: DataSplitResult properties: - baseTableReference: + testTable: $ref: '#/components/schemas/TableReference' - description: Required. Reference describing the ID of the table that was cloned. - cloneTime: + description: Table reference of the test data after split. + evaluationTable: + description: Table reference of the evaluation data after split. + $ref: '#/components/schemas/TableReference' + trainingTable: + $ref: '#/components/schemas/TableReference' + description: Table reference of the training data after split. + GetQueryResultsResponse: + description: Response object of GetQueryResults. + properties: + totalRows: + format: uint64 + type: string description: >- - Required. The time at which the base table was cloned. This value is - reported in the JSON response using RFC3339 format. - format: date-time + The total number of rows in the complete query result set, which can + be more than the number of rows in this single page of results. + Present only when the query completes successfully. + cacheHit: + description: Whether the query result was fetched from the query cache. + type: boolean + errors: + readOnly: true + type: array + items: + $ref: '#/components/schemas/ErrorProto' + description: >- + Output only. The first errors or warnings encountered during the + running of the job. The final message includes the number of errors + that caused the process to stop. Errors here do not necessarily mean + that the job has completed or was unsuccessful. For more information + about error messages, see [Error + messages](https://cloud.google.com/bigquery/docs/error-messages). + numDmlAffectedRows: type: string - type: object - Cluster: - description: Message containing the information about one cluster. - id: Cluster - properties: - centroidId: - description: Centroid id. + description: >- + Output only. The number of rows affected by a DML statement. Present + only for DML statements INSERT, UPDATE or DELETE. format: int64 + readOnly: true + totalBytesProcessed: type: string - count: - description: Count of training data rows that were assigned to this cluster. + description: The total number of bytes processed for this query. format: int64 + pageToken: + description: >- + A token used for paging results. When this token is non-empty, it + indicates additional results are available. type: string - featureValues: - description: Values of highly variant features for this cluster. + etag: + description: A hash of this response. + type: string + kind: + default: bigquery#getQueryResultsResponse + description: The resource type of the response. + type: string + jobComplete: + description: >- + Whether the query has completed or not. If rows or totalRows are + present, this will always be true. If this is false, totalRows will + not be available. + type: boolean + schema: + description: >- + The schema of the results. Present only when the query completes + successfully. + $ref: '#/components/schemas/TableSchema' + jobReference: + description: >- + Reference to the BigQuery Job that was created to run the query. + This field will be present even if the original request timed out, + in which case GetQueryResults can be used to read the results once + the query has completed. Since this API only returns the first page + of results, subsequent pages can be fetched via the same mechanism + (GetQueryResults). + $ref: '#/components/schemas/JobReference' + rows: items: - $ref: '#/components/schemas/FeatureValue' + $ref: '#/components/schemas/TableRow' type: array + description: >- + An object with as many results as can be contained within the + maximum permitted reply size. To get any additional rows, you can + call GetQueryResults and specify the jobReference returned above. + Present only when the query completes successfully. The REST-based + representation of this data leverages a series of JSON f,v objects + for indicating fields and values. type: object - ClusterInfo: - description: Information about a single cluster for clustering model. - id: ClusterInfo + id: GetQueryResultsResponse + QueryParameter: properties: - centroidId: - description: Centroid id. - format: int64 - type: string - clusterRadius: + parameterType: + $ref: '#/components/schemas/QueryParameterType' + description: Required. The type of this parameter. + name: description: >- - Cluster radius, the average distance from centroid to each point - assigned to the cluster. - format: double - type: number - clusterSize: - description: Cluster size, the total number of points assigned to the cluster. - format: int64 + Optional. If unset, this is a positional parameter. Otherwise, + should be unique within a query. type: string + parameterValue: + description: Required. The value of this parameter. + $ref: '#/components/schemas/QueryParameterValue' + description: A parameter given to a query. + id: QueryParameter type: object - Clustering: - description: Configures table clustering. - id: Clustering + HivePartitioningOptions: properties: fields: - description: >- - One or more fields on which data should be clustered. Only - top-level, non-repeated, simple-type fields are supported. The - ordering of the clustering fields should be prioritized from most to - least important for filtering purposes. For additional information, - see [Introduction to clustered - tables](https://cloud.google.com/bigquery/docs/clustered-tables#limitations). - items: - type: string type: array - type: object - ClusteringMetrics: - description: Evaluation metrics for clustering models. - id: ClusteringMetrics - properties: - clusters: - description: Information for all clusters. items: - $ref: '#/components/schemas/Cluster' - type: array - daviesBouldinIndex: - description: Davies-Bouldin index. - format: double - type: number - meanSquaredDistance: + type: string description: >- - Mean of squared distances between each sample to its cluster - centroid. - format: double - type: number - type: object - ConfusionMatrix: - description: Confusion matrix for multi-class classification models. - id: ConfusionMatrix - properties: - confidenceThreshold: + Output only. For permanent external tables, this field is populated + with the hive partition keys in the order they were inferred. The + types of the partition keys can be deduced by checking the table + schema (which will include the partition keys). Not every API will + populate this field in the output. For example, Tables.Get will + populate it, but Tables.List will not contain this field. + readOnly: true + sourceUriPrefix: description: >- - Confidence threshold used when computing the entries of the - confusion matrix. - format: double - type: number - rows: - description: One row per actual label. - items: - $ref: '#/components/schemas/Row' - type: array - type: object - ConnectionProperty: - description: >- - A connection-level property to customize query behavior. Under JDBC, - these correspond directly to connection properties passed to the - DriverManager. Under ODBC, these correspond to properties in the - connection string. Currently supported connection properties: * - **dataset_project_id**: represents the default project for datasets that - are used in the query. Setting the system variable - `@@dataset_project_id` achieves the same behavior. For more information - about system variables, see: - https://cloud.google.com/bigquery/docs/reference/system-variables * - **time_zone**: represents the default timezone used to run the query. * - **session_id**: associates the query with a given session. * - **query_label**: associates the query with a given job label. If set, - all subsequent queries in a script or session will have this label. For - the format in which a you can specify a query label, see labels in the - JobConfiguration resource type: - https://cloud.google.com/bigquery/docs/reference/rest/v2/Job#jobconfiguration - * **service_account**: indicates the service account to use to run a - continuous query. If set, the query job uses the service account to - access Google Cloud resources. Service account access is bounded by the - IAM permissions that you have granted to the service account. Additional - properties are allowed, but ignored. Specifying multiple connection - properties with the same key returns an error. - id: ConnectionProperty - properties: - key: - description: The key of the property to set. - type: string - value: - description: The value of the property to set. - type: string - type: object - CsvOptions: - description: Information related to a CSV data source. - id: CsvOptions - properties: - allowJaggedRows: - description: >- - Optional. Indicates if BigQuery should accept rows that are missing - trailing optional columns. If true, BigQuery treats missing trailing - columns as null values. If false, records with missing trailing - columns are treated as bad records, and if there are too many bad - records, an invalid error is returned in the job result. The default - value is false. - type: boolean - allowQuotedNewlines: - description: >- - Optional. Indicates if BigQuery should allow quoted data sections - that contain newline characters in a CSV file. The default value is - false. - type: boolean - encoding: - description: >- - Optional. The character encoding of the data. The supported values - are UTF-8, ISO-8859-1, UTF-16BE, UTF-16LE, UTF-32BE, and UTF-32LE. - The default value is UTF-8. BigQuery decodes the data after the raw, - binary data has been split using the values of the quote and - fieldDelimiter properties. + Optional. When hive partition detection is requested, a common + prefix for all source uris must be required. The prefix must end + immediately before the partition key encoding begins. For example, + consider files following this data layout: + gs://bucket/path_to_table/dt=2019-06-01/country=USA/id=7/file.avro + gs://bucket/path_to_table/dt=2019-05-31/country=CA/id=3/file.avro + When hive partitioning is requested with either AUTO or STRINGS + detection, the common prefix can be either of + gs://bucket/path_to_table or gs://bucket/path_to_table/. CUSTOM + detection requires encoding the partitioning schema immediately + after the common prefix. For CUSTOM, any of * + gs://bucket/path_to_table/{dt:DATE}/{country:STRING}/{id:INTEGER} * + gs://bucket/path_to_table/{dt:STRING}/{country:STRING}/{id:INTEGER} + * gs://bucket/path_to_table/{dt:DATE}/{country:STRING}/{id:STRING} + would all be valid source URI prefixes. type: string - fieldDelimiter: + mode: description: >- - Optional. The separator character for fields in a CSV file. The - separator is interpreted as a single byte. For files encoded in - ISO-8859-1, any single character can be used as a separator. For - files encoded in UTF-8, characters represented in decimal range - 1-127 (U+0001-U+007F) can be used without any modification. UTF-8 - characters encoded with multiple bytes (i.e. U+0080 and above) will - have only the first byte used for separating fields. The remaining - bytes will be treated as a part of the field. BigQuery also supports - the escape sequence "\t" (U+0009) to specify a tab separator. The - default value is comma (",", U+002C). + Optional. When set, what mode of hive partitioning to use when + reading data. The following modes are supported: * AUTO: + automatically infer partition key name(s) and type(s). * STRINGS: + automatically infer partition key name(s). All types are strings. * + CUSTOM: partition key schema is encoded in the source URI prefix. + Not all storage formats support hive partitioning. Requesting hive + partitioning on an unsupported format will lead to an error. + Currently supported formats are: JSON, CSV, ORC, Avro and Parquet. type: string - nullMarker: + requirePartitionFilter: + type: boolean description: >- - Optional. Specifies a string that represents a null value in a CSV - file. For example, if you specify "\N", BigQuery interprets "\N" as - a null value when querying a CSV file. The default value is the - empty string. If you set this property to a custom value, BigQuery - throws an error if an empty string is present for all data types - except for STRING and BYTE. For STRING and BYTE columns, BigQuery - interprets the empty string as an empty value. + Optional. If set to true, queries over this table require a + partition filter that can be used for partition elimination to be + specified. Note that this field should only be true when creating a + permanent external table or querying a temporary external table. + Hive-partitioned loads with require_partition_filter explicitly set + to true will fail. + default: 'false' + type: object + id: HivePartitioningOptions + description: Options for configuring hive partitioning detect. + ListRowAccessPoliciesResponse: + id: ListRowAccessPoliciesResponse + properties: + nextPageToken: + description: A token to request the next page of results. type: string - nullMarkers: - description: >- - Optional. A list of strings represented as SQL NULL value in a CSV - file. null_marker and null_markers can't be set at the same time. If - null_marker is set, null_markers has to be not set. If null_markers - is set, null_marker has to be not set. If both null_marker and - null_markers are set at the same time, a user error would be thrown. - Any strings listed in null_markers, including empty string would be - interpreted as SQL NULL. This applies to all column types. + rowAccessPolicies: + description: Row access policies on the requested table. items: - type: string + $ref: '#/components/schemas/RowAccessPolicy' type: array - preserveAsciiControlCharacters: - description: >- - Optional. Indicates if the embedded ASCII control characters (the - first 32 characters in the ASCII-table, from '\x00' to '\x1F') are - preserved. - type: boolean - quote: - default: '"' - description: >- - Optional. The value that is used to quote data sections in a CSV - file. BigQuery converts the string to ISO-8859-1 encoding, and then - uses the first byte of the encoded string to split the data in its - raw, binary state. The default value is a double-quote ("). If your - data does not contain quoted sections, set the property value to an - empty string. If your data contains quoted newline characters, you - must also set the allowQuotedNewlines property to true. To include - the specific quote character within a quoted value, precede it with - an additional matching quote character. For example, if you want to - escape the default character ' " ', use ' "" '. - pattern: .? - type: string - skipLeadingRows: - description: >- - Optional. The number of rows at the top of a CSV file that BigQuery - will skip when reading the data. The default value is 0. This - property is useful if you have header rows in the file that should - be skipped. When autodetect is on, the behavior is the following: * - skipLeadingRows unspecified - Autodetect tries to detect headers in - the first row. If they are not detected, the row is read as data. - Otherwise data is read starting from the second row. * - skipLeadingRows is 0 - Instructs autodetect that there are no - headers and data should be read starting from the first row. * - skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to - detect headers in row N. If headers are not detected, row N is just - skipped. Otherwise row N is used to extract column names for the - detected schema. - format: int64 - type: string - sourceColumnMatch: - description: >- - Optional. Controls the strategy used to match loaded columns to the - schema. If not set, a sensible default is chosen based on how the - schema is provided. If autodetect is used, then columns are matched - by name. Otherwise, columns are matched by position. This is done to - keep the behavior backward-compatible. Acceptable values are: - POSITION - matches by position. This assumes that the columns are - ordered the same way as the schema. NAME - matches by name. This - reads the header row as column names and reorders columns to match - the field names in the schema. - type: string + description: Response message for the ListRowAccessPolicies method. type: object - DataFormatOptions: - description: Options for data format adjustments. - id: DataFormatOptions + LinkedDatasetMetadata: + type: object + id: LinkedDatasetMetadata properties: - timestampOutputFormat: + linkState: description: >- - Optional. The API output format for a timestamp. This offers more - explicit control over the timestamp output format as compared to the - existing `use_int64_timestamp` option. - enum: - - TIMESTAMP_OUTPUT_FORMAT_UNSPECIFIED - - FLOAT64 - - INT64 - - ISO8601_STRING + Output only. Specifies whether Linked Dataset is currently in a + linked state or not. enumDescriptions: - - Corresponds to default API output behavior, which is FLOAT64. - - Timestamp is output as float64 seconds since Unix epoch. - - Timestamp is output as int64 microseconds since Unix epoch. + - The default value. Default to the LINKED state. - >- - Timestamp is output as ISO 8601 String - ("YYYY-MM-DDTHH:MM:SS.FFFFFFFFFFFFZ"). + Normal Linked Dataset state. Data is queryable via the Linked + Dataset. + - >- + Data publisher or owner has unlinked this Linked Dataset. It means + you can no longer query or see the data in the Linked Dataset. type: string - useInt64Timestamp: - description: Optional. Output timestamp as usec int64. Default is false. - type: boolean - type: object - DataMaskingStatistics: - description: Statistics for data-masking. - id: DataMaskingStatistics - properties: - dataMaskingApplied: - description: Whether any accessed data was protected by the data masking. - type: boolean + enum: + - LINK_STATE_UNSPECIFIED + - LINKED + - UNLINKED + readOnly: true + description: Metadata about the Linked Dataset. + Entry: type: object - DataPolicyOption: - description: >- - Data policy option proto, it currently supports name only, will support - precedence later. - id: DataPolicyOption + id: Entry + description: A single entry in the confusion matrix. properties: - name: + predictedLabel: description: >- - Data policy resource name in the form of - projects/project_id/locations/location_id/dataPolicies/data_policy_id. + The predicted label. For confidence_threshold > 0, we will also add + an entry indicating the number of items under the confidence + threshold. type: string - type: object - DataSplitResult: - description: >- - Data split result. This contains references to the training and - evaluation data tables that were used to train the model. - id: DataSplitResult + itemCount: + format: int64 + description: Number of items being predicted as this label. + type: string + DatasetList: + id: DatasetList properties: - evaluationTable: - $ref: '#/components/schemas/TableReference' - description: Table reference of the evaluation data after split. - testTable: - $ref: '#/components/schemas/TableReference' - description: Table reference of the test data after split. - trainingTable: - $ref: '#/components/schemas/TableReference' - description: Table reference of the training data after split. - type: object - Dataset: - description: Represents a BigQuery dataset. - id: Dataset - properties: - access: + etag: + type: string description: >- - Optional. An array of objects that define dataset access for one or - more entities. You can set this property when inserting or updating - a dataset in order to control who is allowed to access the data. If - unspecified at dataset creation time, BigQuery adds default dataset - access for the following entities: access.specialGroup: - projectReaders; access.role: READER; access.specialGroup: - projectWriters; access.role: WRITER; access.specialGroup: - projectOwners; access.role: OWNER; access.userByEmail: [dataset - creator email]; access.role: OWNER; If you patch a dataset, then - this field is overwritten by the patched dataset's access field. To - add entities, you must supply the entire existing access array in - addition to any new entities that you want to add. + Output only. A hash value of the results page. You can use this + property to determine if the page has changed since the last + request. + readOnly: true + datasets: items: - description: An object that defines dataset access for an entity. properties: - condition: - $ref: '#/components/schemas/Expr' - description: >- - Optional. condition for the binding. If CEL expression in this - field is true, this access binding will be considered - dataset: - $ref: '#/components/schemas/DatasetAccessEntry' - description: >- - [Pick one] A grant authorizing all resources of a particular - type in a particular dataset access to this dataset. Only - views are supported for now. The role field is not required - when this field is set. If that dataset is deleted and - re-created, its access needs to be granted again via an update - operation. - domain: - description: >- - [Pick one] A domain to grant access to. Any users signed in - with the domain specified will be granted the specified - access. Example: "example.com". Maps to IAM policy member - "domain:DOMAIN". - type: string - groupByEmail: + labels: description: >- - [Pick one] An email address of a Google Group to grant access - to. Maps to IAM policy member "group:GROUP". + The labels associated with this dataset. You can use these to + organize and group your datasets. + additionalProperties: + type: string + type: object + id: type: string - iamMember: + description: The fully-qualified, unique, opaque ID of the dataset. + datasetReference: + $ref: '#/components/schemas/DatasetReference' description: >- - [Pick one] Some other type of member that appears in the IAM - Policy but isn't a user, group, domain, or special group. - type: string - role: + The dataset reference. Use this property to access specific + parts of the dataset's ID, such as project ID or dataset ID. + kind: description: >- - An IAM role ID that should be granted to the user, group, or - domain specified in this access entry. The following legacy - mappings will be applied: * `OWNER`: - `roles/bigquery.dataOwner` * `WRITER`: - `roles/bigquery.dataEditor` * `READER`: - `roles/bigquery.dataViewer` This field will accept any of the - above formats, but will return only the legacy format. For - example, if you set this field to "roles/bigquery.dataOwner", - it will be returned back as "OWNER". + The resource type. This property always returns the value + "bigquery#dataset" type: string - routine: - $ref: '#/components/schemas/RoutineReference' - description: >- - [Pick one] A routine from a different dataset to grant access - to. Queries executed against that routine will have read - access to views/tables/routines in this dataset. Only UDF is - supported for now. The role field is not required when this - field is set. If that routine is updated by any user, access - to the routine needs to be granted again via an update - operation. - specialGroup: + friendlyName: description: >- - [Pick one] A special group to grant access to. Possible values - include: * projectOwners: Owners of the enclosing project. * - projectReaders: Readers of the enclosing project. * - projectWriters: Writers of the enclosing project. * - allAuthenticatedUsers: All authenticated BigQuery users. Maps - to similarly-named IAM members. + An alternate name for the dataset. The friendly name is purely + decorative in nature. type: string - userByEmail: + externalDatasetReference: description: >- - [Pick one] An email address of a user to grant access to. For - example: fred@example.com. Maps to IAM policy member - "user:EMAIL" or "serviceAccount:EMAIL". + Output only. Reference to a read-only external dataset defined + in data catalogs outside of BigQuery. Filled out when the + dataset type is EXTERNAL. + $ref: '#/components/schemas/ExternalDatasetReference' + readOnly: true + location: + description: The geographic location where the dataset resides. type: string - view: - $ref: '#/components/schemas/TableReference' - description: >- - [Pick one] A view from a different dataset to grant access to. - Queries executed against that view will have read access to - views/tables/routines in this dataset. The role field is not - required when this field is set. If that view is updated by - any user, access to the view needs to be granted again via an - update operation. + description: >- + A dataset resource with only a subset of fields, to be returned in + a list of datasets. type: object type: array - creationTime: description: >- - Output only. The time when this dataset was created, in milliseconds - since the epoch. - format: int64 - readOnly: true - type: string - datasetReference: - $ref: '#/components/schemas/DatasetReference' - description: Required. A reference that identifies the dataset. - defaultCollation: + An array of the dataset resources in the project. Each resource + contains basic information. For full information about a particular + dataset resource, use the Datasets: get method. This property is + omitted when there are no datasets in the project. + nextPageToken: description: >- - Optional. Defines the default collation specification of future - tables created in the dataset. If a table is created in this dataset - without table-level default collation, then the table inherits the - dataset default collation, which is applied to the string fields - that do not have explicit collation specified. A change to this - field affects only tables created afterwards, and does not alter the - existing tables. The following values are supported: * 'und:ci': - undetermined locale, case insensitive. * '': empty string. Default - to case-sensitive behavior. + A token that can be used to request the next results page. This + property is omitted on the final results page. type: string - defaultEncryptionConfiguration: - $ref: '#/components/schemas/EncryptionConfiguration' + unreachable: description: >- - The default encryption key for all tables in the dataset. After this - property is set, the encryption key of all newly-created tables in - the dataset is set to this value unless the table creation request - or query explicitly overrides the key. - defaultPartitionExpirationMs: + A list of skipped locations that were unreachable. For more + information about BigQuery locations, see: + https://cloud.google.com/bigquery/docs/locations. Example: + "europe-west5" + type: array + items: + type: string + kind: description: >- - This default partition expiration, expressed in milliseconds. When - new time-partitioned tables are created in a dataset where this - property is set, the table will inherit this value, propagated as - the `TimePartitioning.expirationMs` property on the new table. If - you set `TimePartitioning.expirationMs` explicitly when creating a - table, the `defaultPartitionExpirationMs` of the containing dataset - is ignored. When creating a partitioned table, if - `defaultPartitionExpirationMs` is set, the - `defaultTableExpirationMs` value is ignored and the table will not - be inherit a table expiration deadline. - format: int64 + Output only. The resource type. This property always returns the + value "bigquery#datasetList" + readOnly: true + default: bigquery#datasetList type: string - defaultRoundingMode: - description: >- - Optional. Defines the default rounding mode specification of new - tables created within this dataset. During table creation, if this - field is specified, the table within this dataset will inherit the - default rounding mode of the dataset. Setting the default rounding - mode on a table overrides this option. Existing tables in the - dataset are unaffected. If columns are defined during that table - creation, they will immediately inherit the table's default rounding - mode, unless otherwise specified. - enum: - - ROUNDING_MODE_UNSPECIFIED - - ROUND_HALF_AWAY_FROM_ZERO - - ROUND_HALF_EVEN + description: Response format for a page of results when listing datasets. + type: object + SearchStatistics: + type: object + properties: + indexUsageMode: + description: Specifies the index usage mode for the query. enumDescriptions: - - Unspecified will default to using ROUND_HALF_AWAY_FROM_ZERO. + - Index usage mode not specified. - >- - ROUND_HALF_AWAY_FROM_ZERO rounds half values away from zero when - applying precision and scale upon writing of NUMERIC and - BIGNUMERIC values. For Scale: 0 1.1, 1.2, 1.3, 1.4 => 1 1.5, 1.6, - 1.7, 1.8, 1.9 => 2 + No search indexes were used in the search query. See + [`indexUnusedReasons`] + (/bigquery/docs/reference/rest/v2/Job#IndexUnusedReason) for + detailed reasons. - >- - ROUND_HALF_EVEN rounds half values to the nearest even value when - applying precision and scale upon writing of NUMERIC and - BIGNUMERIC values. For Scale: 0 1.1, 1.2, 1.3, 1.4 => 1 1.5 => 2 - 1.6, 1.7, 1.8, 1.9 => 2 2.5 => 2 + Part of the search query used search indexes. See + [`indexUnusedReasons`] + (/bigquery/docs/reference/rest/v2/Job#IndexUnusedReason) for why + other parts of the query did not use search indexes. + - The entire search query used search indexes. + enum: + - INDEX_USAGE_MODE_UNSPECIFIED + - UNUSED + - PARTIALLY_USED + - FULLY_USED type: string - defaultTableExpirationMs: + indexUnusedReasons: + items: + $ref: '#/components/schemas/IndexUnusedReason' + type: array description: >- - Optional. The default lifetime of all tables in the dataset, in - milliseconds. The minimum lifetime value is 3600000 milliseconds - (one hour). To clear an existing default expiration with a PATCH - request, set to 0. Once this property is set, all newly-created - tables in the dataset will have an expirationTime property set to - the creation time plus the value in this property, and changing the - value will only affect new tables, not existing ones. When the - expirationTime for a given table is reached, that table will be - deleted automatically. If a table's expirationTime is modified or - removed before the table expires, or if you provide an explicit - expirationTime when creating a table, that value takes precedence - over the default expiration time indicated by this property. - format: int64 - type: string - description: - description: Optional. A user-friendly description of the dataset. - type: string - etag: - description: Output only. A hash of the resource. - readOnly: true - type: string - externalCatalogDatasetOptions: - $ref: '#/components/schemas/ExternalCatalogDatasetOptions' - description: >- - Optional. Options defining open source compatible datasets living in - the BigQuery catalog. Contains metadata of open source database, - schema or namespace represented by the current dataset. - externalDatasetReference: - $ref: '#/components/schemas/ExternalDatasetReference' + When `indexUsageMode` is `UNUSED` or `PARTIALLY_USED`, this field + explains why indexes were not used in all or part of the search + query. If `indexUsageMode` is `FULLY_USED`, this field is not + populated. + indexPruningStats: description: >- - Optional. Reference to a read-only external dataset defined in data - catalogs outside of BigQuery. Filled out when the dataset type is - EXTERNAL. - friendlyName: - description: Optional. A descriptive name for the dataset. + Search index pruning statistics, one for each base table that has a + search index. If a base table does not have a search index or the + index does not help with pruning on the base table, then there is no + pruning statistics for that table. + items: + $ref: '#/components/schemas/IndexPruningStats' + type: array + id: SearchStatistics + description: Statistics for a search query. Populated as part of JobStatistics2. + BigQueryModelTraining: + id: BigQueryModelTraining + properties: + expectedTotalIterations: + description: Deprecated. + format: int64 type: string - id: + currentIteration: + description: Deprecated. + type: integer + format: int32 + type: object + JobStatistics: + id: JobStatistics + properties: + endTime: description: >- - Output only. The fully-qualified unique name of the dataset in the - format projectId:datasetId. The dataset name without the project - name is given in the datasetId field. When creating a new dataset, - leave this field blank, and instead specify the datasetId field. + Output only. End time of this job, in milliseconds since the epoch. + This field will be present whenever a job is in the DONE state. + type: string + readOnly: true + format: int64 + parentJobId: readOnly: true + description: >- + Output only. If this is a child job, specifies the job ID of the + parent. type: string - isCaseInsensitive: + rowLevelSecurityStatistics: + readOnly: true description: >- - Optional. TRUE if the dataset and its table names are - case-insensitive, otherwise FALSE. By default, this is FALSE, which - means the dataset and its table names are case-sensitive. This field - does not affect routine references. - type: boolean - kind: - default: bigquery#dataset - description: Output only. The resource type. + Output only. Statistics for row-level security. Present only for + query and extract jobs. + $ref: '#/components/schemas/RowLevelSecurityStatistics' + scriptStatistics: readOnly: true - type: string - labels: - additionalProperties: - type: string description: >- - The labels associated with this dataset. You can use these to - organize and group your datasets. You can set this property when - inserting or updating a dataset. See [Creating and Updating Dataset - Labels](https://cloud.google.com/bigquery/docs/creating-managing-labels#creating_and_updating_dataset_labels) - for more information. - type: object - lastModifiedTime: + Output only. If this a child job of a script, specifies information + about the context of this job within the script. + $ref: '#/components/schemas/ScriptStatistics' + load: + readOnly: true + description: Output only. Statistics for a load job. + $ref: '#/components/schemas/JobStatistics3' + completionRatio: + type: number description: >- - Output only. The date when this dataset was last modified, in - milliseconds since the epoch. - format: int64 + Output only. [TrustedTester] Job progress (0.0 -> 1.0) for LOAD and + EXTRACT jobs. + format: double + readOnly: true + query: + readOnly: true + $ref: '#/components/schemas/JobStatistics2' + description: Output only. Statistics for a query job. + reservation_id: readOnly: true + description: >- + Output only. Name of the primary reservation assigned to this job. + Note that this could be different than reservations reported in the + reservation usage field if parent reservations were used to execute + this job. type: string - linkedDatasetMetadata: - $ref: '#/components/schemas/LinkedDatasetMetadata' + edition: description: >- - Output only. Metadata about the LinkedDataset. Filled out when the - dataset type is LINKED. + Output only. Name of edition corresponding to the reservation for + this job at the time of this update. + enum: + - RESERVATION_EDITION_UNSPECIFIED + - STANDARD + - ENTERPRISE + - ENTERPRISE_PLUS + type: string + enumDescriptions: + - Default value, which will be treated as ENTERPRISE. + - Standard edition. + - Enterprise edition. + - Enterprise Plus edition. readOnly: true - linkedDatasetSource: - $ref: '#/components/schemas/LinkedDatasetSource' + creationTime: + readOnly: true + format: int64 + type: string description: >- - Optional. The source dataset reference when the dataset is of type - LINKED. For all other dataset types it is not set. This field cannot - be updated once it is set. Any attempt to update this field using - Update and Patch API Operations will be ignored. - location: + Output only. Creation time of this job, in milliseconds since the + epoch. This field will be present on all jobs. + quotaDeferments: + items: + type: string + description: Output only. Quotas which delayed this job's start time. + readOnly: true + type: array + finalExecutionDurationMs: + readOnly: true + type: string description: >- - The geographic location where the dataset should reside. See - https://cloud.google.com/bigquery/docs/locations for supported - locations. + Output only. The duration in milliseconds of the execution of the + final attempt of this job, as BigQuery may internally re-attempt to + execute the job. + format: int64 + totalBytesProcessed: + description: Output only. Total bytes processed for the job. + format: int64 type: string - maxTimeTravelHours: + readOnly: true + startTime: description: >- - Optional. Defines the time travel window in hours. The value can be - from 48 to 168 hours (2 to 7 days). The default value is 168 hours - if this is not set. + Output only. Start time of this job, in milliseconds since the + epoch. This field will be present when the job transitions from the + PENDING state to either RUNNING or DONE. format: int64 + readOnly: true type: string - resourceTags: - additionalProperties: - type: string + dataMaskingStatistics: + readOnly: true description: >- - Optional. The [tags](https://cloud.google.com/bigquery/docs/tags) - attached to this dataset. Tag keys are globally unique. Tag key is - expected to be in the namespaced format, for example - "123456789012/environment" where 123456789012 is the ID of the - parent organization or project resource for this tag key. Tag value - is expected to be the short name, for example "Production". See [Tag - definitions](https://cloud.google.com/iam/docs/tags-access-control#definitions) - for more details. - type: object - restrictions: - $ref: '#/components/schemas/RestrictionConfig' + Output only. Statistics for data-masking. Present only for query and + extract jobs. + $ref: '#/components/schemas/DataMaskingStatistics' + transactionInfo: + $ref: '#/components/schemas/TransactionInfo' description: >- - Optional. Output only. Restriction config for all tables and - dataset. If set, restrict certain accesses on the dataset and all - its tables based on the config. See [Data - egress](https://cloud.google.com/bigquery/docs/analytics-hub-introduction#data_egress) - for more details. + Output only. [Alpha] Information of the multi-statement transaction + if this job is part of one. This property is only expected on a + child job or a job that is in a session. A script parent job is not + part of the transaction started in the script. readOnly: true - satisfiesPzi: - description: Output only. Reserved for future use. + extract: + $ref: '#/components/schemas/JobStatistics4' readOnly: true - type: boolean - satisfiesPzs: - description: Output only. Reserved for future use. + description: Output only. Statistics for an extract job. + totalSlotMs: + type: string + format: int64 readOnly: true - type: boolean - selfLink: - description: >- - Output only. A URL that can be used to access the resource again. - You can use this URL in Get or Update requests to the resource. + description: Output only. Slot-milliseconds for the job. + copy: readOnly: true + description: Output only. Statistics for a copy job. + $ref: '#/components/schemas/JobStatistics5' + numChildJobs: + format: int64 + readOnly: true + description: Output only. Number of child jobs executed. type: string - storageBillingModel: - description: Optional. Updates storage_billing_model for the dataset. - enum: - - STORAGE_BILLING_MODEL_UNSPECIFIED - - LOGICAL - - PHYSICAL - enumDescriptions: - - Value not set. - - Billing for logical bytes. - - Billing for physical bytes. - type: string - tags: - deprecated: true + reservationGroupPath: + items: + type: string + type: array + readOnly: true description: >- - Output only. Tags for the dataset. To provide tags as inputs, use - the `resourceTags` field. + Output only. The reservation group path of the reservation assigned + to this job. This field has a limit of 10 nested reservation groups. + This is to maintain consistency between reservatins info schema and + jobs info schema. The first reservation group is the root + reservation group and the last is the leaf or lowest level + reservation group. + sessionInfo: + description: Output only. Information of the session if this job is part of one. + $ref: '#/components/schemas/SessionInfo' + readOnly: true + reservationUsage: + readOnly: true + deprecated: true items: - description: >- - A global tag managed by Resource Manager. - https://cloud.google.com/iam/docs/tags-access-control#definitions + type: object properties: - tagKey: + name: description: >- - Required. The namespaced friendly name of the tag key, e.g. - "12345/environment" where 12345 is org id. + Reservation name or "unreserved" for on-demand resource usage + and multi-statement queries. type: string - tagValue: + slotMs: description: >- - Required. The friendly short name of the tag value, e.g. - "production". - type: string - type: object - readOnly: true - type: array - type: + Total slot milliseconds used by the reservation for a + particular job. + type: string + format: int64 + description: Job resource usage breakdown by reservation. description: >- - Output only. Same as `type` in `ListFormatDataset`. The type of the - dataset, one of: * DEFAULT - only accessible by owner and authorized - accounts, * PUBLIC - accessible by everyone, * LINKED - linked - dataset, * EXTERNAL - dataset with definition in external metadata - catalog. - readOnly: true - type: string + Output only. Job resource usage breakdown by reservation. This field + reported misleading information and will no longer be populated. + type: array type: object - DatasetAccessEntry: - description: >- - Grants all resources of particular types in a particular dataset read - access to the current dataset. Similar to how individually authorized - views work, updates to any resource granted through its dataset - (including creation of new resources) requires read permission to - referenced resources, plus write permission to the authorizing dataset. - id: DatasetAccessEntry + description: Statistics for a single job execution. + ListRoutinesResponse: + description: Describes the format of a single result page when listing routines. + id: ListRoutinesResponse properties: - dataset: - $ref: '#/components/schemas/DatasetReference' - description: The dataset this entry applies to - targetTypes: - description: >- - Which resources in the dataset this entry applies to. Currently, - only views are supported, but additional target types may be added - in the future. + nextPageToken: + type: string + description: A token to request the next page of results. + routines: items: - enum: - - TARGET_TYPE_UNSPECIFIED - - VIEWS - - ROUTINES - enumDescriptions: - - Do not use. You must set a target type explicitly. - - This entry applies to views in the dataset. - - This entry applies to routines in the dataset. - type: string + $ref: '#/components/schemas/Routine' type: array + description: >- + Routines in the requested dataset. Unless read_mask is set in the + request, only the following fields are populated: etag, project_id, + dataset_id, routine_id, routine_type, creation_time, + last_modified_time, language, and remote_function_options. type: object - DatasetList: - description: Response format for a page of results when listing datasets. - id: DatasetList + JobStatistics4: + id: JobStatistics4 properties: - datasets: + inputBytes: + format: int64 description: >- - An array of the dataset resources in the project. Each resource - contains basic information. For full information about a particular - dataset resource, use the Datasets: get method. This property is - omitted when there are no datasets in the project. + Output only. Number of user bytes extracted into the result. This is + the byte count as computed by BigQuery for billing purposes and + doesn't have any relationship with the number of actual result bytes + extracted in the desired format. + readOnly: true + type: string + timeline: + type: array items: - description: >- - A dataset resource with only a subset of fields, to be returned in - a list of datasets. - properties: - datasetReference: - $ref: '#/components/schemas/DatasetReference' - description: >- - The dataset reference. Use this property to access specific - parts of the dataset's ID, such as project ID or dataset ID. - externalDatasetReference: - $ref: '#/components/schemas/ExternalDatasetReference' - description: >- - Output only. Reference to a read-only external dataset defined - in data catalogs outside of BigQuery. Filled out when the - dataset type is EXTERNAL. - readOnly: true - friendlyName: - description: >- - An alternate name for the dataset. The friendly name is purely - decorative in nature. - type: string - id: - description: The fully-qualified, unique, opaque ID of the dataset. - type: string - kind: - description: >- - The resource type. This property always returns the value - "bigquery#dataset" - type: string - labels: - additionalProperties: - type: string - description: >- - The labels associated with this dataset. You can use these to - organize and group your datasets. - type: object - location: - description: The geographic location where the dataset resides. - type: string - type: object + $ref: '#/components/schemas/QueryTimelineSample' + description: Output only. Describes a timeline of job execution. + readOnly: true + destinationUriFileCounts: + readOnly: true type: array - etag: description: >- - Output only. A hash value of the results page. You can use this - property to determine if the page has changed since the last - request. - readOnly: true + Output only. Number of files per destination URI or URI pattern + specified in the extract configuration. These values will be in the + same order as the URIs specified in the 'destinationUris' field. + items: + format: int64 + type: string + type: object + description: Statistics for an extract job. + UserDefinedFunctionResource: + id: UserDefinedFunctionResource + type: object + description: ' This is used for defining User Defined Function (UDF) resources only when using legacy SQL. Users of GoogleSQL should leverage either DDL (e.g. CREATE [TEMPORARY] FUNCTION ... ) or the Routines API to define UDF resources. For additional information on migrating, see: https://cloud.google.com/bigquery/docs/reference/standard-sql/migrating-from-legacy-sql#differences_in_user-defined_javascript_functions' + properties: + inlineCode: type: string - kind: - default: bigquery#datasetList description: >- - Output only. The resource type. This property always returns the - value "bigquery#datasetList" - readOnly: true - type: string - nextPageToken: + [Pick one] An inline resource that contains code for a user-defined + function (UDF). Providing a inline code resource is equivalent to + providing a URI for a file containing the same code. + resourceUri: description: >- - A token that can be used to request the next results page. This - property is omitted on the final results page. + [Pick one] A code resource to load from a Google Cloud Storage URI + (gs://bucket/path). type: string - unreachable: + BigtableOptions: + properties: + ignoreUnspecifiedColumnFamilies: description: >- - A list of skipped locations that were unreachable. For more - information about BigQuery locations, see: - https://cloud.google.com/bigquery/docs/locations. Example: - "europe-west5" + Optional. If field is true, then the column families that are not + specified in columnFamilies list are not exposed in the table + schema. Otherwise, they are read with BYTES type values. The default + value is false. + type: boolean + readRowkeyAsString: + type: boolean + description: >- + Optional. If field is true, then the rowkey column families will be + read and converted to string. Otherwise they are read with BYTES + type values and users need to manually cast them with CAST if + necessary. The default value is false. + columnFamilies: + description: >- + Optional. List of column families to expose in the table schema + along with their types. This list restricts the column families that + can be referenced in queries and specifies their value types. You + can use this list to do type conversions - see the 'type' field for + more details. If you leave this list empty, all column families are + present in the table schema and their values are read as BYTES. + During a query only the column families referenced in that query are + read from Bigtable. items: - type: string + $ref: '#/components/schemas/BigtableColumnFamily' type: array + outputColumnFamiliesAsJson: + description: >- + Optional. If field is true, then each column family will be read as + a single JSON column. Otherwise they are read as a repeated cell + structure containing timestamp/value tuples. The default value is + false. + type: boolean + id: BigtableOptions type: object - DatasetReference: - description: Identifier for a dataset. - id: DatasetReference + description: Options specific to Google Cloud Bigtable data sources. + QueryTimelineSample: + type: object + description: Summary of the state of query execution at a given time. properties: - datasetId: + shuffleRamUsageRatio: description: >- - Required. A unique ID for this dataset, without the project name. - The ID must contain only letters (a-z, A-Z), numbers (0-9), or - underscores (_). The maximum length is 1,024 characters. - type: string - projectId: - description: Optional. The ID of the project containing this dataset. + Total shuffle usage ratio in shuffle RAM per reservation of this + query. This will be provided for reservation customers only. + type: number + format: double + activeUnits: type: string - type: object - DestinationTableProperties: - description: Properties for the destination table. - id: DestinationTableProperties - properties: - description: + format: int64 description: >- - Optional. The description for the destination table. This will only - be used if the destination table is newly created. If the table - already exists and a value different than the current description is - provided, the job will fail. + Total number of active workers. This does not correspond directly to + slot usage. This is the largest value observed since the last + sample. + estimatedRunnableUnits: + description: >- + Units of work that can be scheduled immediately. Providing + additional slots for these units of work will accelerate the query, + if no other query in the reservation needs additional slots. type: string - expirationTime: - description: Internal use only. - format: date-time + format: int64 + elapsedMs: + format: int64 + description: Milliseconds elapsed since the start of query execution. type: string - friendlyName: - description: >- - Optional. Friendly name for the destination table. If the table - already exists, it should be same as the existing friendly name. + totalSlotMs: + description: Cumulative slot-ms consumed by the query. type: string - labels: - additionalProperties: - type: string + format: int64 + pendingUnits: description: >- - Optional. The labels associated with this table. You can use these - to organize and group your tables. This will only be used if the - destination table is newly created. If the table already exists and - labels are different than the current labels are provided, the job - will fail. - type: object + Total units of work remaining for the query. This number can be + revised (increased or decreased) while the query is running. + type: string + format: int64 + completedUnits: + type: string + format: int64 + description: Total parallel units of work completed by this query. + id: QueryTimelineSample + ExportDataStatistics: + id: ExportDataStatistics + description: >- + Statistics for the EXPORT DATA statement as part of Query Job. EXTRACT + JOB statistics are populated in JobStatistics4. type: object - DifferentialPrivacyPolicy: - description: Represents privacy policy associated with "differential privacy" method. - id: DifferentialPrivacyPolicy properties: - deltaBudget: + fileCount: description: >- - Optional. The total delta budget for all queries against the - privacy-protected view. Each subscriber query against this view - charges the amount of delta that is pre-defined by the contributor - through the privacy policy delta_per_query field. If there is - sufficient budget, then the subscriber query attempts to complete. - It might still fail due to other reasons, in which case the charge - is refunded. If there is insufficient budget the query is rejected. - There might be multiple charge attempts if a single query references - multiple views. In this case there must be sufficient budget for all - charges or the query is rejected and charges are refunded in best - effort. The budget does not have a refresh policy and can only be - updated via ALTER VIEW or circumvented by creating a new view that - can be queried with a fresh budget. - format: double - type: number - deltaBudgetRemaining: + Number of destination files generated in case of EXPORT DATA + statement only. + type: string + format: int64 + rowCount: description: >- - Output only. The delta budget remaining. If budget is exhausted, no - more queries are allowed. Note that the budget for queries that are - in progress is deducted before the query executes. If the query - fails or is cancelled then the budget is refunded. In this case the - amount of budget remaining can increase. + [Alpha] Number of destination rows generated in case of EXPORT DATA + statement only. + format: int64 + type: string + ListModelsResponse: + description: Response format for a single page when listing BigQuery ML models. + properties: + models: + description: >- + Models in the requested dataset. Only the following fields are + populated: model_reference, model_type, creation_time, + last_modified_time and labels. + type: array + items: + $ref: '#/components/schemas/Model' + nextPageToken: + description: A token to request the next page of results. + type: string + id: ListModelsResponse + type: object + AggregateClassificationMetrics: + id: AggregateClassificationMetrics + properties: + precision: + description: >- + Precision is the fraction of actual positive predictions that had + positive actual labels. For multiclass this is a macro-averaged + metric treating each class as a binary classifier. format: double - readOnly: true type: number - deltaPerQuery: + f1Score: description: >- - Optional. The delta value that is used per query. Delta represents - the probability that any row will fail to be epsilon differentially - private. Indicates the risk associated with exposing aggregate rows - in the result of a query. + The F1 score is an average of recall and precision. For multiclass + this is a macro-averaged metric. format: double type: number - epsilonBudget: - description: >- - Optional. The total epsilon budget for all queries against the - privacy-protected view. Each subscriber query against this view - charges the amount of epsilon they request in their query. If there - is sufficient budget, then the subscriber query attempts to - complete. It might still fail due to other reasons, in which case - the charge is refunded. If there is insufficient budget the query is - rejected. There might be multiple charge attempts if a single query - references multiple views. In this case there must be sufficient - budget for all charges or the query is rejected and charges are - refunded in best effort. The budget does not have a refresh policy - and can only be updated via ALTER VIEW or circumvented by creating a - new view that can be queried with a fresh budget. + logLoss: + type: number + description: Logarithmic Loss. For multiclass this is a macro-averaged metric. format: double + accuracy: type: number - epsilonBudgetRemaining: description: >- - Output only. The epsilon budget remaining. If budget is exhausted, - no more queries are allowed. Note that the budget for queries that - are in progress is deducted before the query executes. If the query - fails or is cancelled then the budget is refunded. In this case the - amount of budget remaining can increase. + Accuracy is the fraction of predictions given the correct label. For + multiclass this is a micro-averaged metric. format: double - readOnly: true + rocAuc: type: number - maxEpsilonPerQuery: description: >- - Optional. The maximum epsilon value that a query can consume. If the - subscriber specifies epsilon as a parameter in a SELECT query, it - must be less than or equal to this value. The epsilon parameter - controls the amount of noise that is added to the groups — a higher - epsilon means less noise. + Area Under a ROC Curve. For multiclass this is a macro-averaged + metric. format: double + recall: type: number - maxGroupsContributed: - description: >- - Optional. The maximum groups contributed value that is used per - query. Represents the maximum number of groups to which each - protected entity can contribute. Changing this value does not - improve or worsen privacy. The best value for accuracy and utility - depends on the query and data. - format: int64 - type: string - privacyUnitColumn: + format: double description: >- - Optional. The privacy unit column associated with this policy. - Differential privacy policies can only have one privacy unit column - per data source object (table, view). - type: string - type: object - DimensionalityReductionMetrics: - description: Model evaluation metrics for dimensionality reduction models. - id: DimensionalityReductionMetrics - properties: - totalExplainedVarianceRatio: + Recall is the fraction of actual positive labels that were given a + positive prediction. For multiclass this is a macro-averaged metric. + threshold: description: >- - Total percentage of variance explained by the selected principal - components. - format: double + Threshold at which the metrics are computed. For binary + classification models this is the positive class threshold. For + multi-class classification models this is the confidence threshold. type: number + format: double + description: >- + Aggregate metrics for classification/classifier models. For multi-class + models, the metrics are either macro-averaged or micro-averaged. When + macro-averaged, the metrics are calculated for each label and then an + unweighted average is taken of those values. When micro-averaged, the + metric is calculated globally by counting the total number of correctly + predicted rows. type: object - DmlStatistics: - description: Detailed statistics for DML statements - id: DmlStatistics + JsonObject: + additionalProperties: + $ref: '#/components/schemas/JsonValue' + id: JsonObject + description: Represents a single JSON object. + type: object + TableReplicationInfo: + type: object + id: TableReplicationInfo + description: >- + Replication info of a table created using `AS REPLICA` DDL like: `CREATE + MATERIALIZED VIEW mv1 AS REPLICA OF src_mv` properties: - deletedRowCount: - description: >- - Output only. Number of deleted Rows. populated by DML DELETE, MERGE - and TRUNCATE statements. - format: int64 - readOnly: true + replicationStatus: + enum: + - REPLICATION_STATUS_UNSPECIFIED + - ACTIVE + - SOURCE_DELETED + - PERMISSION_DENIED + - UNSUPPORTED_CONFIGURATION + description: Optional. Output only. Replication status of configured replication. type: string - insertedRowCount: - description: >- - Output only. Number of inserted Rows. Populated by DML INSERT and - MERGE statements - format: int64 + enumDescriptions: + - Default value. + - Replication is Active with no errors. + - Source object is deleted. + - Source revoked replication permissions. + - Source configuration doesn’t allow replication. readOnly: true + replicationIntervalMs: + description: >- + Optional. Specifies the interval at which the source table is polled + for updates. It's Optional. If not specified, default replication + interval would be applied. type: string - updatedRowCount: + format: int64 + replicatedSourceLastRefreshTime: description: >- - Output only. Number of updated Rows. Populated by DML UPDATE and - MERGE statements. + Optional. Output only. If source is a materialized view, this field + signifies the last refresh time of the source. format: int64 - readOnly: true type: string - type: object - DoubleCandidates: - description: Discrete candidates of a double hyperparameter. - id: DoubleCandidates + readOnly: true + sourceTable: + $ref: '#/components/schemas/TableReference' + description: Required. Source table reference that is replicated. + replicationError: + readOnly: true + $ref: '#/components/schemas/ErrorProto' + description: >- + Optional. Output only. Replication error that will permanently + stopped table replication. + Cluster: properties: - candidates: - description: Candidates for the double parameter in increasing order. - items: - format: double - type: number + featureValues: + description: Values of highly variant features for this cluster. type: array + items: + $ref: '#/components/schemas/FeatureValue' + count: + type: string + format: int64 + description: Count of training data rows that were assigned to this cluster. + centroidId: + type: string + description: Centroid id. + format: int64 + description: Message containing the information about one cluster. + id: Cluster type: object - DoubleHparamSearchSpace: - description: Search space for a double hyperparameter. - id: DoubleHparamSearchSpace + ScriptStackFrame: properties: - candidates: - $ref: '#/components/schemas/DoubleCandidates' - description: Candidates of the double hyperparameter. - range: - $ref: '#/components/schemas/DoubleRange' - description: Range of the double hyperparameter. - type: object - DoubleRange: - description: Range of a double hyperparameter. - id: DoubleRange - properties: - max: - description: Max value of the double parameter. - format: double - type: number - min: - description: Min value of the double parameter. - format: double - type: number - type: object - EncryptionConfiguration: - description: Configuration for Cloud KMS encryption settings. - id: EncryptionConfiguration - properties: - kmsKeyName: - description: >- - Optional. Describes the Cloud KMS encryption key that will be used - to protect destination BigQuery table. The BigQuery Service Account - associated with your project requires access to this encryption key. - type: string - type: object - Entry: - description: A single entry in the confusion matrix. - id: Entry - properties: - itemCount: - description: Number of items being predicted as this label. - format: int64 + startColumn: + readOnly: true + type: integer + description: Output only. One-based start column. + format: int32 + endLine: + readOnly: true + type: integer + format: int32 + description: Output only. One-based end line. + text: type: string - predictedLabel: - description: >- - The predicted label. For confidence_threshold > 0, we will also add - an entry indicating the number of items under the confidence - threshold. + description: Output only. Text of the current statement/expression. + readOnly: true + endColumn: + description: Output only. One-based end column. + format: int32 + readOnly: true + type: integer + procedureId: type: string - type: object - ErrorProto: - description: Error details. - id: ErrorProto - properties: - debugInfo: description: >- - Debugging information. This property is internal to Google and - should not be used. - type: string - location: - description: Specifies where the error occurred, if present. - type: string - message: - description: A human-readable description of the error. - type: string - reason: - description: A short error code that summarizes the error. - type: string + Output only. Name of the active procedure, empty if in a top-level + script. + readOnly: true + startLine: + format: int32 + type: integer + description: Output only. One-based start line. + readOnly: true type: object - EvaluationMetrics: + id: ScriptStackFrame description: >- - Evaluation metrics of a model. These are either computed on all training - data or just the eval data based on whether eval data was used during - training. These are not present for imported models. - id: EvaluationMetrics - properties: - arimaForecastingMetrics: - $ref: '#/components/schemas/ArimaForecastingMetrics' - description: Populated for ARIMA models. - binaryClassificationMetrics: - $ref: '#/components/schemas/BinaryClassificationMetrics' - description: Populated for binary classification/classifier models. - clusteringMetrics: - $ref: '#/components/schemas/ClusteringMetrics' - description: Populated for clustering models. - dimensionalityReductionMetrics: - $ref: '#/components/schemas/DimensionalityReductionMetrics' - description: >- - Evaluation metrics when the model is a dimensionality reduction - model, which currently includes PCA. - multiClassClassificationMetrics: - $ref: '#/components/schemas/MultiClassClassificationMetrics' - description: Populated for multi-class classification/classifier models. - rankingMetrics: - $ref: '#/components/schemas/RankingMetrics' - description: Populated for implicit feedback type matrix factorization models. - regressionMetrics: - $ref: '#/components/schemas/RegressionMetrics' - description: >- - Populated for regression models and explicit feedback type matrix - factorization models. + Represents the location of the statement/expression being evaluated. + Line and column numbers are defined as follows: - Line and column + numbers start with one. That is, line 1 column 1 denotes the start of + the script. - When inside a stored procedure, all line/column numbers + are relative to the procedure body, not the script in which the + procedure was defined. - Start/end positions exclude leading/trailing + comments and whitespace. The end position always ends with a ";", when + present. - Multi-byte Unicode characters are treated as just one column. + - If the original script (or procedure definition) contains TAB + characters, a tab "snaps" the indentation forward to the nearest + multiple of 8 characters, plus 1. For example, a TAB on column 1, 2, 3, + 4, 5, 6 , or 8 will advance the next character to column 9. A TAB on + column 9, 10, 11, 12, 13, 14, 15, or 16 will advance the next character + to column 17. + IndexPruningStats: + id: IndexPruningStats type: object - ExplainQueryStage: - description: A single stage of query execution. - id: ExplainQueryStage properties: - completedParallelInputs: - description: Number of parallel input segments completed. + postIndexPruningParallelInputCount: + description: The number of parallel inputs after index pruning. format: int64 type: string - computeMode: - description: Output only. Compute mode for this stage. - enum: - - COMPUTE_MODE_UNSPECIFIED - - BIGQUERY - - BI_ENGINE - enumDescriptions: - - ComputeMode type not specified. - - This stage was processed using BigQuery slots. - - This stage was processed using BI Engine compute. - readOnly: true - type: string - computeMsAvg: - description: Milliseconds the average shard spent on CPU-bound tasks. + baseTable: + $ref: '#/components/schemas/TableReference' + description: The base table reference. + preIndexPruningParallelInputCount: format: int64 type: string - computeMsMax: - description: Milliseconds the slowest shard spent on CPU-bound tasks. - format: int64 + description: The number of parallel inputs before index pruning. + description: Statistics for index pruning. + TrainingOptions: + id: TrainingOptions + type: object + properties: + isTestColumn: type: string - computeRatioAvg: - description: Relative amount of time the average shard spent on CPU-bound tasks. - format: double - type: number - computeRatioMax: - description: Relative amount of time the slowest shard spent on CPU-bound tasks. + description: >- + Name of the column used to determine the rows corresponding to + control and test. Applies to contribution analysis models. + xgboostVersion: + type: string + description: User-selected XGBoost versions for training of XGBoost models. + budgetHours: format: double type: number - endMs: - description: Stage end time represented as milliseconds since the epoch. - format: int64 - type: string - id: - description: Unique ID for the stage within the plan. - format: int64 - type: string - inputStages: - description: IDs for stages that are inputs to this stage. + description: Budget in hours for AutoML training. + vertexAiModelVersionAliases: items: - format: int64 type: string type: array - name: - description: Human-readable name for the stage. - type: string - parallelInputs: - description: Number of parallel input segments to be processed - format: int64 - type: string - readMsAvg: - description: Milliseconds the average shard spent reading input. - format: int64 - type: string - readMsMax: - description: Milliseconds the slowest shard spent reading input. - format: int64 - type: string - readRatioAvg: - description: Relative amount of time the average shard spent reading input. - format: double - type: number - readRatioMax: - description: Relative amount of time the slowest shard spent reading input. - format: double - type: number - recordsRead: - description: Number of records read into the stage. - format: int64 - type: string - recordsWritten: - description: Number of records written by the stage. - format: int64 - type: string - shuffleOutputBytes: - description: Total number of bytes written to shuffle. - format: int64 - type: string - shuffleOutputBytesSpilled: - description: Total number of bytes written to shuffle and spilled to disk. - format: int64 - type: string - slotMs: - description: Slot-milliseconds used by the stage. - format: int64 + description: >- + The version aliases to apply in Vertex AI model registry. Always + overwrite if the version aliases exists in a existing model. + labelClassWeights: + additionalProperties: + format: double + type: number + description: >- + Weights associated with each label class, for rebalancing the + training data. Only applicable for classification models. + type: object + reservationAffinityType: + enum: + - RESERVATION_AFFINITY_TYPE_UNSPECIFIED + - NO_RESERVATION + - ANY_RESERVATION + - SPECIFIC_RESERVATION + description: >- + Specifies the reservation affinity type used to configure a Vertex + AI resource. The default value is `NO_RESERVATION`. type: string - startMs: - description: Stage start time represented as milliseconds since the epoch. + enumDescriptions: + - Default value. + - No reservation. + - Any reservation. + - Specific reservation. + minTimeSeriesLength: format: int64 type: string - status: - description: Current status for this stage. - type: string - steps: description: >- - List of operations within the stage in dependency order - (approximately chronological). - items: - $ref: '#/components/schemas/ExplainQueryStep' - type: array - waitMsAvg: - description: Milliseconds the average shard spent waiting to be scheduled. + The minimum number of time points in a time series that are used in + modeling the trend component of the time series. If you use this + option you must also set the `timeSeriesLengthFraction` option. This + training option ensures that enough time points are available when + you use `timeSeriesLengthFraction` in trend modeling. This is + particularly important when forecasting multiple time series in a + single query using `timeSeriesIdColumn`. If the total number of time + points is less than the `minTimeSeriesLength` value, then the query + uses all available time points. + hparamTuningObjectives: + type: array + items: + enumDescriptions: + - Unspecified evaluation metric. + - >- + Mean absolute error. mean_absolute_error = AVG(ABS(label - + predicted)) + - >- + Mean squared error. mean_squared_error = AVG(POW(label - + predicted, 2)) + - >- + Mean squared log error. mean_squared_log_error = AVG(POW(LN(1 + + label) - LN(1 + predicted), 2)) + - >- + Mean absolute error. median_absolute_error = + APPROX_QUANTILES(absolute_error, 2)[OFFSET(1)] + - >- + R^2 score. This corresponds to r2_score in ML.EVALUATE. + r_squared = 1 - SUM(squared_error)/(COUNT(label)*VAR_POP(label)) + - >- + Explained variance. explained_variance = 1 - + VAR_POP(label_error)/VAR_POP(label) + - >- + Precision is the fraction of actual positive predictions that + had positive actual labels. For multiclass this is a + macro-averaged metric treating each class as a binary + classifier. + - >- + Recall is the fraction of actual positive labels that were given + a positive prediction. For multiclass this is a macro-averaged + metric. + - >- + Accuracy is the fraction of predictions given the correct label. + For multiclass this is a globally micro-averaged metric. + - >- + The F1 score is an average of recall and precision. For + multiclass this is a macro-averaged metric. + - >- + Logarithmic Loss. For multiclass this is a macro-averaged + metric. + - >- + Area Under an ROC Curve. For multiclass this is a macro-averaged + metric. + - Davies-Bouldin Index. + - Mean Average Precision. + - Normalized Discounted Cumulative Gain. + - Average Rank. + type: string + enum: + - HPARAM_TUNING_OBJECTIVE_UNSPECIFIED + - MEAN_ABSOLUTE_ERROR + - MEAN_SQUARED_ERROR + - MEAN_SQUARED_LOG_ERROR + - MEDIAN_ABSOLUTE_ERROR + - R_SQUARED + - EXPLAINED_VARIANCE + - PRECISION + - RECALL + - ACCURACY + - F1_SCORE + - LOG_LOSS + - ROC_AUC + - DAVIES_BOULDIN_INDEX + - MEAN_AVERAGE_PRECISION + - NORMALIZED_DISCOUNTED_CUMULATIVE_GAIN + - AVERAGE_RANK + description: The target evaluation metrics to optimize the hyperparameters for. + numFactors: format: int64 + description: Num factors specified for matrix factorization models. type: string - waitMsMax: - description: Milliseconds the slowest shard spent waiting to be scheduled. - format: int64 + itemColumn: + description: Item column specified for matrix factorization models. type: string - waitRatioAvg: + earlyStop: description: >- - Relative amount of time the average shard spent waiting to be - scheduled. + Whether to stop early when the loss doesn't improve significantly + any more (compared to min_relative_progress). Used only for + iterative training algorithms. + type: boolean + numPrincipalComponents: + description: >- + Number of principal components to keep in the PCA model. Must be <= + the number of features. + type: string + format: int64 + timeSeriesLengthFraction: + description: >- + The fraction of the interpolated length of the time series that's + used to model the time series trend component. All of the time + points of the time series are used to model the non-trend component. + This training option accelerates modeling training without + sacrificing much forecasting accuracy. You can use this option with + `minTimeSeriesLength` but not with `maxTimeSeriesLength`. format: double type: number - waitRatioMax: + modelUri: + type: string description: >- - Relative amount of time the slowest shard spent waiting to be - scheduled. + Google Cloud Storage URI from which the model was imported. Only + applicable for imported models. + distanceType: + description: Distance type for clustering models. + enum: + - DISTANCE_TYPE_UNSPECIFIED + - EUCLIDEAN + - COSINE + enumDescriptions: + - Default value. + - Eculidean distance. + - Cosine distance. + type: string + treeMethod: + enumDescriptions: + - Unspecified tree method. + - Use heuristic to choose the fastest method. + - Exact greedy algorithm. + - >- + Approximate greedy algorithm using quantile sketch and gradient + histogram. + - Fast histogram optimized approximate greedy algorithm. + enum: + - TREE_METHOD_UNSPECIFIED + - AUTO + - EXACT + - APPROX + - HIST + description: Tree construction algorithm for boosted tree models. + type: string + horizon: + type: string + format: int64 + description: The number of periods ahead that need to be forecasted. + minRelativeProgress: format: double + description: >- + When early_stop is true, stops training when accuracy improvement is + less than 'min_relative_progress'. Used only for iterative training + algorithms. type: number - writeMsAvg: - description: Milliseconds the average shard spent on writing output. - format: int64 - type: string - writeMsMax: - description: Milliseconds the slowest shard spent on writing output. + maxReplicaCount: format: int64 + description: >- + The maximum number of machine replicas that will be deployed on an + endpoint. The default value is equal to min_replica_count. type: string - writeRatioAvg: - description: Relative amount of time the average shard spent on writing output. - format: double + dropout: type: number - writeRatioMax: - description: Relative amount of time the slowest shard spent on writing output. + description: Dropout probability for dnn models. format: double - type: number - type: object - ExplainQueryStep: - description: An operation within a stage. - id: ExplainQueryStep - properties: - kind: - description: Machine-readable operation type. - type: string - substeps: - description: Human-readable description of the step(s). + nonSeasonalOrder: + $ref: '#/components/schemas/ArimaOrder' + description: >- + A specification of the non-seasonal part of the ARIMA model: the + three components (p, d, q) are the AR order, the degree of + differencing, and the MA order. + reservationAffinityValues: + type: array items: type: string - type: array - type: object - Explanation: - description: Explanation for a single feature. - id: Explanation - properties: - attribution: - description: Attribution of feature. - format: double - type: number - featureName: description: >- - The full feature name. For non-numerical features, will be formatted - like `.`. Overall size of feature name will always be truncated to - first 120 characters. + Corresponds to the label values of a reservation resource used by + Vertex AI. This must be the full resource name of the reservation or + reservation block. + contributionMetric: + description: >- + The contribution metric. Applies to contribution analysis models. + Allowed formats supported are for summable and summable ratio + contribution metrics. These include expressions such as `SUM(x)` or + `SUM(x)/SUM(y)`, where x and y are column names from the base table. + type: string + feedbackType: type: string - type: object - ExportDataStatistics: - description: >- - Statistics for the EXPORT DATA statement as part of Query Job. EXTRACT - JOB statistics are populated in JobStatistics4. - id: ExportDataStatistics - properties: - fileCount: description: >- - Number of destination files generated in case of EXPORT DATA - statement only. + Feedback type that specifies which algorithm to run for matrix + factorization. + enumDescriptions: + - Default value. + - Use weighted-als for implicit feedback problems. + - Use nonweighted-als for explicit feedback problems. + enum: + - FEEDBACK_TYPE_UNSPECIFIED + - IMPLICIT + - EXPLICIT + trendSmoothingWindowSize: + description: >- + Smoothing window size for the trend component. When a positive value + is specified, a center moving average smoothing is applied on the + history trend. When the smoothing window is out of the boundary at + the beginning or the end of the trend, the first element or the last + element is padded to fill the smoothing window before the average is + applied. format: int64 type: string - rowCount: + inputLabelColumns: + type: array + items: + type: string + description: Name of input label columns in training data. + dataSplitEvalFraction: + format: double + type: number description: >- - [Alpha] Number of destination rows generated in case of EXPORT DATA - statement only. - format: int64 + The fraction of evaluation data over the whole input data. The rest + of data will be used as training data. The format should be double. + Accurate to two decimal places. Default value is 0.2. + huggingFaceModelId: type: string - type: object - Expr: - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - id: Expr - properties: - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + description: The id of a Hugging Face model. For example, `google/gemma-2-2b-it`. + batchSize: type: string - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. + description: Batch size for dnn models. + format: int64 + pcaSolver: + enum: + - UNSPECIFIED + - FULL + - RANDOMIZED + - AUTO + enumDescriptions: + - Default value. + - Full eigen-decoposition. + - Randomized SVD. + - Auto. + description: The solver for PCA. type: string - location: + autoClassWeights: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - title: + Whether to calculate class weights automatically based on the + popularity of each label. + type: boolean + learnRate: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + Learning rate in training. Used only for iterative training + algorithms. + format: double + type: number + numParallelTree: type: string - type: object - ExternalCatalogDatasetOptions: - description: >- - Options defining open source compatible datasets living in the BigQuery - catalog. Contains metadata of open source database, schema, or namespace - represented by the current dataset. - id: ExternalCatalogDatasetOptions - properties: - defaultStorageLocationUri: + format: int64 description: >- - Optional. The storage location URI for all tables in the dataset. - Equivalent to hive metastore's database locationUri. Maximum length - of 1024 characters. + Number of parallel trees constructed during each iteration for + boosted tree models. + l1RegActivation: + description: L1 regularization coefficient to activations. + type: number + format: double + standardizeFeatures: + description: Whether to standardize numerical features. Default to true. + type: boolean + learnRateStrategy: + enum: + - LEARN_RATE_STRATEGY_UNSPECIFIED + - LINE_SEARCH + - CONSTANT + enumDescriptions: + - Default value. + - Use line search to determine learning rate. + - Use a constant learning rate. + description: The strategy to determine learn rate for the current iteration. type: string - parameters: - additionalProperties: - type: string + colsampleBynode: + type: number description: >- - Optional. A map of key value pairs defining the parameters and - properties of the open source schema. Maximum size of 2MiB. - type: object - type: object - ExternalCatalogTableOptions: - description: >- - Metadata about open source compatible table. The fields contained in - these options correspond to Hive metastore's table-level properties. - id: ExternalCatalogTableOptions - properties: - connectionId: + Subsample ratio of columns for each node(split) for boosted tree + models. + format: double + enableGlobalExplain: + description: If true, enable global explanation during training. + type: boolean + subsample: + format: double description: >- - Optional. A connection ID that specifies the credentials to be used - to read external storage, such as Azure Blob, Cloud Storage, or - Amazon S3. This connection is needed to read the open source table - from BigQuery. The connection_id format must be either `..` or - `projects//locations//connections/`. + Subsample fraction of the training data to grow tree to prevent + overfitting for boosted tree models. + type: number + autoArimaMaxOrder: type: string - parameters: - additionalProperties: - type: string - description: >- - Optional. A map of the key-value pairs defining the parameters and - properties of the open source table. Corresponds with Hive metastore - table parameters. Maximum size of 4MiB. - type: object - storageDescriptor: - $ref: '#/components/schemas/StorageDescriptor' - description: >- - Optional. A storage descriptor containing information about the - physical storage of this table. - type: object - ExternalDataConfiguration: - id: ExternalDataConfiguration - properties: - autodetect: + description: The max value of the sum of non-seasonal p and q. + format: int64 + categoryEncodingMethod: + description: Categorical feature encoding method. + type: string + enum: + - ENCODING_METHOD_UNSPECIFIED + - ONE_HOT_ENCODING + - LABEL_ENCODING + - DUMMY_ENCODING + enumDescriptions: + - Unspecified encoding method. + - Applies one-hot encoding. + - Applies label encoding. + - Applies dummy encoding. + numClusters: + description: Number of clusters for clustering models. + format: int64 + type: string + minTreeChildWeight: + type: string + format: int64 description: >- - Try to detect schema and format options automatically. Any option - specified explicitly will be honored. - type: boolean - avroOptions: - $ref: '#/components/schemas/AvroOptions' + Minimum sum of instance weight needed in a child for boosted tree + models. + maxIterations: + type: string + format: int64 description: >- - Optional. Additional properties to set if sourceFormat is set to - AVRO. - bigtableOptions: - $ref: '#/components/schemas/BigtableOptions' - description: Optional. Additional options if sourceFormat is set to BIGTABLE. - compression: + The maximum number of iterations in training. Used only for + iterative training algorithms. + instanceWeightColumn: description: >- - Optional. The compression type of the data source. Possible values - include GZIP and NONE. The default value is NONE. This setting is - ignored for Google Cloud Bigtable, Google Cloud Datastore backups, - Avro, ORC and Parquet formats. An empty string is an invalid value. + Name of the instance weight column for training data. This column + isn't be used as a feature. type: string - connectionId: - description: >- - Optional. The connection specifying the credentials to be used to - read external storage, such as Azure Blob, Cloud Storage, or S3. The - connection_id can have the form - `{project_id}.{location_id};{connection_id}` or - `projects/{project_id}/locations/{location_id}/connections/{connection_id}`. + machineType: + description: The type of the machine used to deploy and serve the model. type: string - csvOptions: - $ref: '#/components/schemas/CsvOptions' + timeSeriesDataColumn: + type: string + description: Column to be designated as time series data for ARIMA model. + lossType: + type: string + description: Type of loss function used during training run. + enum: + - LOSS_TYPE_UNSPECIFIED + - MEAN_SQUARED_LOSS + - MEAN_LOG_LOSS + enumDescriptions: + - Default value. + - Mean squared loss, used for linear regression. + - Mean log loss, used for logistic regression. + adjustStepChanges: description: >- - Optional. Additional properties to set if sourceFormat is set to - CSV. - dateFormat: + If true, detect step changes and make data adjustment in the input + time series. + type: boolean + colsampleBytree: + format: double description: >- - Optional. Format used to parse DATE values. Supports C-style and - SQL-style values. + Subsample ratio of columns when constructing each tree for boosted + tree models. + type: number + boosterType: + enumDescriptions: + - Unspecified booster type. + - Gbtree booster. + - Dart booster. + description: Booster type for boosted tree models. type: string - datetimeFormat: + enum: + - BOOSTER_TYPE_UNSPECIFIED + - GBTREE + - DART + timeSeriesTimestampColumn: + description: Column to be designated as time series timestamp for ARIMA model. + type: string + forecastLimitUpperBound: + format: double description: >- - Optional. Format used to parse DATETIME values. Supports C-style and - SQL-style values. + The forecast limit upper bound that was used during ARIMA model + training with limits. + type: number + dartNormalizeType: + enum: + - DART_NORMALIZE_TYPE_UNSPECIFIED + - TREE + - FOREST type: string - decimalTargetTypes: + enumDescriptions: + - Unspecified dart normalize type. + - New trees have the same weight of each of dropped trees. + - New trees have the same weight of sum of dropped trees. description: >- - Defines the list of possible SQL data types to which the source - decimal values are converted. This list and the precision and the - scale parameters of the decimal field determine the target type. In - the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it - is in the specified list and if it supports the precision and the - scale. STRING supports all precision and scale values. If none of - the listed types supports the precision and the scale, the type - supporting the widest range in the specified list is picked, and if - a value exceeds the supported range when reading the data, an error - will be thrown. Example: Suppose the value of this field is - ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: * (38,9) -> - NUMERIC; * (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer - digits); * (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional - digits); * (76,38) -> BIGNUMERIC; * (77,38) -> BIGNUMERIC (error if - value exceeds supported range). This field cannot contain duplicate - types. The order of the types in this field is ignored. For example, - ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] - and NUMERIC always takes precedence over BIGNUMERIC. Defaults to - ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file - formats. - items: - enum: - - DECIMAL_TARGET_TYPE_UNSPECIFIED - - NUMERIC - - BIGNUMERIC - - STRING - enumDescriptions: - - Invalid type. - - Decimal values could be converted to NUMERIC type. - - Decimal values could be converted to BIGNUMERIC type. - - Decimal values could be converted to STRING type. - type: string - type: array - fileSetSpecType: - description: >- - Optional. Specifies how source URIs are interpreted for constructing - the file set to load. By default source URIs are expanded against - the underlying storage. Other options include specifying manifest - files. Only applicable to object storage systems. - enum: - - FILE_SET_SPEC_TYPE_FILE_SYSTEM_MATCH - - FILE_SET_SPEC_TYPE_NEW_LINE_DELIMITED_MANIFEST - enumDescriptions: - - >- - This option expands source URIs by listing files from the object - store. It is the default behavior if FileSetSpecType is not set. - - >- - This option indicates that the provided URIs are newline-delimited - manifest files, with one URI per line. Wildcard URIs are not - supported. - type: string - googleSheetsOptions: - $ref: '#/components/schemas/GoogleSheetsOptions' - description: >- - Optional. Additional options if sourceFormat is set to - GOOGLE_SHEETS. - hivePartitioningOptions: - $ref: '#/components/schemas/HivePartitioningOptions' - description: >- - Optional. When set, configures hive partitioning support. Not all - storage formats support hive partitioning -- requesting hive - partitioning on an unsupported format will lead to an error, as will - providing an invalid specification. - ignoreUnknownValues: - description: >- - Optional. Indicates if BigQuery should allow extra values that are - not represented in the table schema. If true, the extra values are - ignored. If false, records with extra columns are treated as bad - records, and if there are too many bad records, an invalid error is - returned in the job result. The default value is false. The - sourceFormat property determines what BigQuery treats as an extra - value: CSV: Trailing columns JSON: Named values that don't match any - column names Google Cloud Bigtable: This setting is ignored. Google - Cloud Datastore backups: This setting is ignored. Avro: This setting - is ignored. ORC: This setting is ignored. Parquet: This setting is - ignored. - type: boolean - jsonExtension: - description: >- - Optional. Load option to be used together with source_format - newline-delimited JSON to indicate that a variant of JSON is being - loaded. To load newline-delimited GeoJSON, specify GEOJSON (and - source_format must be set to NEWLINE_DELIMITED_JSON). - enum: - - JSON_EXTENSION_UNSPECIFIED - - GEOJSON - enumDescriptions: - - >- - The default if provided value is not one included in the enum, or - the value is not specified. The source format is parsed without - any modification. - - >- - Use GeoJSON variant of JSON. See - https://tools.ietf.org/html/rfc7946. - type: string - jsonOptions: - $ref: '#/components/schemas/JsonOptions' - description: >- - Optional. Additional properties to set if sourceFormat is set to - JSON. - maxBadRecords: - description: >- - Optional. The maximum number of bad records that BigQuery can ignore - when reading data. If the number of bad records exceeds this value, - an invalid error is returned in the job result. The default value is - 0, which requires that all records are valid. This setting is - ignored for Google Cloud Bigtable, Google Cloud Datastore backups, - Avro, ORC and Parquet formats. - format: int32 - type: integer - metadataCacheMode: + Type of normalization algorithm for boosted tree models using dart + booster. + forecastLimitLowerBound: description: >- - Optional. Metadata Cache Mode for the table. Set this to enable - caching of metadata from external data source. + The forecast limit lower bound that was used during ARIMA model + training with limits. To see more details of the algorithm: + https://otexts.com/fpp2/limits.html + type: number + format: double + l2Regularization: + type: number + format: double + description: L2 regularization coefficient. + optimizationStrategy: enum: - - METADATA_CACHE_MODE_UNSPECIFIED - - AUTOMATIC - - MANUAL - enumDescriptions: - - Unspecified metadata cache mode. - - >- - Set this mode to trigger automatic background refresh of metadata - cache from the external source. Queries will use the latest - available cache version within the table's maxStaleness interval. - - >- - Set this mode to enable triggering manual refresh of the metadata - cache from external source. Queries will use the latest manually - triggered cache version within the table's maxStaleness interval. + - OPTIMIZATION_STRATEGY_UNSPECIFIED + - BATCH_GRADIENT_DESCENT + - NORMAL_EQUATION + description: Optimization strategy for training linear regression models. type: string - objectMetadata: - description: >- - Optional. ObjectMetadata is used to create Object Tables. Object - Tables contain a listing of objects (with their metadata) found at - the source_uris. If ObjectMetadata is set, source_format should be - omitted. Currently SIMPLE is the only supported Object Metadata - type. - enum: - - OBJECT_METADATA_UNSPECIFIED - - DIRECTORY - - SIMPLE enumDescriptions: - - Unspecified by default. - - A synonym for `SIMPLE`. - - Directory listing of objects. - type: string - parquetOptions: - $ref: '#/components/schemas/ParquetOptions' - description: >- - Optional. Additional properties to set if sourceFormat is set to - PARQUET. - referenceFileSchemaUri: - description: >- - Optional. When creating an external table, the user can provide a - reference file with the table schema. This is enabled for the - following formats: AVRO, PARQUET, ORC. - type: string - schema: - $ref: '#/components/schemas/TableSchema' - description: >- - Optional. The schema for the data. Schema is required for CSV and - JSON formats if autodetect is not on. Schema is disallowed for - Google Cloud Bigtable, Cloud Datastore backups, Avro, ORC and - Parquet formats. - sourceFormat: - description: >- - [Required] The data format. For CSV files, specify "CSV". For Google - sheets, specify "GOOGLE_SHEETS". For newline-delimited JSON, specify - "NEWLINE_DELIMITED_JSON". For Avro files, specify "AVRO". For Google - Cloud Datastore backups, specify "DATASTORE_BACKUP". For Apache - Iceberg tables, specify "ICEBERG". For ORC files, specify "ORC". For - Parquet files, specify "PARQUET". [Beta] For Google Cloud Bigtable, - specify "BIGTABLE". + - Default value. + - Uses an iterative batch gradient descent algorithm. + - Uses a normal equation to solve linear regression problem. + userColumn: + description: User column specified for matrix factorization models. type: string - sourceUris: - description: >- - [Required] The fully-qualified URIs that point to your data in - Google Cloud. For Google Cloud Storage URIs: Each URI can contain - one '*' wildcard character and it must come after the 'bucket' name. - Size limits related to load jobs apply to external data sources. For - Google Cloud Bigtable URIs: Exactly one URI can be specified and it - has be a fully specified and valid HTTPS URL for a Google Cloud - Bigtable table. For Google Cloud Datastore backups, exactly one URI - can be specified. Also, the '*' wildcard character is not allowed. + timeSeriesIdColumns: items: type: string type: array - timeFormat: - description: >- - Optional. Format used to parse TIME values. Supports C-style and - SQL-style values. - type: string - timeZone: - description: >- - Optional. Time zone used when parsing timestamp values that do not - have specific time zone information (e.g. 2024-04-20 12:34:56). The - expected format is a IANA timezone string (e.g. - America/Los_Angeles). - type: string - timestampFormat: - description: >- - Optional. Format used to parse TIMESTAMP values. Supports C-style - and SQL-style values. - type: string - type: object - ExternalDatasetReference: - description: Configures the access a dataset defined in an external metadata storage. - id: ExternalDatasetReference - properties: - connection: - description: >- - Required. The connection id that is used to access the - external_source. Format: - projects/{project_id}/locations/{location_id}/connections/{connection_id} - type: string - externalSource: - description: Required. External source that backs this dataset. - type: string - type: object - ExternalRuntimeOptions: - description: Options for the runtime of the external system. - id: ExternalRuntimeOptions - properties: - containerCpu: - description: >- - Optional. Amount of CPU provisioned for a Python UDF container - instance. For more information, see [Configure container limits for - Python - UDFs](https://cloud.google.com/bigquery/docs/user-defined-functions-python#configure-container-limits) - format: double - type: number - containerMemory: description: >- - Optional. Amount of memory provisioned for a Python UDF container - instance. Format: {number}{unit} where unit is one of "M", "G", "Mi" - and "Gi" (e.g. 1G, 512Mi). If not specified, the default value is - 512Mi. For more information, see [Configure container limits for - Python - UDFs](https://cloud.google.com/bigquery/docs/user-defined-functions-python#configure-container-limits) - type: string - maxBatchingRows: + The time series id columns that were used during ARIMA model + training. + holidayRegions: description: >- - Optional. Maximum number of rows in each batch sent to the external - runtime. If absent or if 0, BigQuery dynamically decides the number - of rows in a batch. + A list of geographical regions that are used for time series + modeling. + type: array + items: + type: string + enumDescriptions: + - Holiday region unspecified. + - Global. + - North America. + - >- + Japan and Asia Pacific: Korea, Greater China, India, Australia, + and New Zealand. + - Europe, the Middle East and Africa. + - Latin America and the Caribbean. + - United Arab Emirates + - Argentina + - Austria + - Australia + - Belgium + - Brazil + - Canada + - Switzerland + - Chile + - China + - Colombia + - Czechoslovakia + - Czech Republic + - Germany + - Denmark + - Algeria + - Ecuador + - Estonia + - Egypt + - Spain + - Finland + - France + - Great Britain (United Kingdom) + - Greece + - Hong Kong + - Hungary + - Indonesia + - Ireland + - Israel + - India + - Iran + - Italy + - Japan + - Korea (South) + - Latvia + - Morocco + - Mexico + - Malaysia + - Nigeria + - Netherlands + - Norway + - New Zealand + - Peru + - Philippines + - Pakistan + - Poland + - Portugal + - Romania + - Serbia + - Russian Federation + - Saudi Arabia + - Sweden + - Singapore + - Slovenia + - Slovakia + - Thailand + - Turkey + - Taiwan + - Ukraine + - United States + - Venezuela + - Vietnam + - South Africa + enum: + - HOLIDAY_REGION_UNSPECIFIED + - GLOBAL + - NA + - JAPAC + - EMEA + - LAC + - AE + - AR + - AT + - AU + - BE + - BR + - CA + - CH + - CL + - CN + - CO + - CS + - CZ + - DE + - DK + - DZ + - EC + - EE + - EG + - ES + - FI + - FR + - GB + - GR + - HK + - HU + - ID + - IE + - IL + - IN + - IR + - IT + - JP + - KR + - LV + - MA + - MX + - MY + - NG + - NL + - 'NO' + - NZ + - PE + - PH + - PK + - PL + - PT + - RO + - RS + - RU + - SA + - SE + - SG + - SI + - SK + - TH + - TR + - TW + - UA + - US + - VE + - VN + - ZA + maxTreeDepth: + type: string + format: int64 + description: Maximum depth of a tree for boosted tree models. + numTrials: + description: Number of trials to run this hyperparameter tuning job. format: int64 type: string - runtimeConnection: + calculatePValues: + type: boolean description: >- - Optional. Fully qualified name of the connection whose service - account will be used to execute the code in the container. Format: - ```"projects/{project_id}/locations/{location_id}/connections/{connection_id}"``` - type: string - runtimeVersion: - description: 'Optional. Language runtime version. Example: `python-3.11`.' + Whether or not p-value test should be computed for this model. Only + available for linear and logistic regression models. + modelGardenModelName: type: string - type: object - ExternalServiceCost: - description: >- - The external service cost is a portion of the total cost, these costs - are not additive with total_bytes_billed. Moreover, this field only - track external service costs that will show up as BigQuery costs (e.g. - training BigQuery ML job with google cloud CAIP or Automl Tables - services), not other costs which may be accrued by running the query - (e.g. reading from Bigtable or Cloud Storage). The external service - costs with different billing sku (e.g. CAIP job is charged based on VM - usage) are converted to BigQuery billed_bytes and slot_ms with - equivalent amount of US dollars. Services may not directly correlate to - these metrics, but these are the equivalents for billing purposes. - Output only. - id: ExternalServiceCost - properties: - billingMethod: description: >- - The billing method used for the external job. This field is only - used when billed on the services sku, set to "SERVICES_SKU". - Otherwise, it is unspecified for backward compatibility. - type: string - bytesBilled: - description: External service cost in terms of bigquery bytes billed. - format: int64 - type: string - bytesProcessed: - description: External service cost in terms of bigquery bytes processed. - format: int64 - type: string - externalService: - description: External service name. + The name of a Vertex model garden publisher model. Format is + `publishers/{publisher}/models/{model}@{optional_version_id}`. + warmStart: + type: boolean + description: Whether to train a model from the last checkpoint. + modelRegistry: + enumDescriptions: + - Default value. + - Vertex AI. + description: The model registry. type: string - reservedSlotCount: + enum: + - MODEL_REGISTRY_UNSPECIFIED + - VERTEX_AI + scaleFeatures: + type: boolean description: >- - Non-preemptable reserved slots used for external job. For example, - reserved slots for Cloua AI Platform job are the VM usages converted - to BigQuery slot with equivalent mount of price. - format: int64 + If true, scale the feature values by dividing the feature standard + deviation. Currently only apply to PCA. + endpointIdleTtl: type: string - slotMs: - description: External service cost in terms of bigquery slot milliseconds. + format: google-duration + description: >- + The idle TTL of the endpoint before the resources get destroyed. The + default value is 6.5 hours. + sampledShapleyNumPaths: + description: Number of paths for the sampled Shapley explain method. format: int64 type: string - type: object - FeatureValue: - description: Representative value of a single feature within the cluster. - id: FeatureValue - properties: - categoricalValue: - $ref: '#/components/schemas/CategoricalValue' - description: The categorical feature value. - featureColumn: - description: The feature column name. - type: string - numericalValue: + approxGlobalFeatureContrib: + type: boolean description: >- - The numerical feature value. This is the centroid value for this - feature. - format: double - type: number - type: object - ForeignTypeInfo: - description: >- - Metadata about the foreign data type definition such as the system in - which the type is defined. - id: ForeignTypeInfo - properties: - typeSystem: - description: Required. Specifies the system which defines the foreign data type. + Whether to use approximate feature contribution method in XGBoost + model explanation for global explain. + colorSpace: enum: - - TYPE_SYSTEM_UNSPECIFIED - - HIVE - enumDescriptions: - - TypeSystem not specified. - - Represents Hive data types. - type: string - type: object - ForeignViewDefinition: - description: >- - A view can be represented in multiple ways. Each representation has its - own dialect. This message stores the metadata required for these - representations. - id: ForeignViewDefinition - properties: - dialect: - description: Optional. Represents the dialect of the query. + - COLOR_SPACE_UNSPECIFIED + - RGB + - HSV + - YIQ + - YUV + - GRAYSCALE + description: >- + Enums for color space, used for processing images in Object Table. + See more details at + https://www.tensorflow.org/io/tutorials/colorspace. + enumDescriptions: + - Unspecified color space + - RGB + - HSV + - YIQ + - YUV + - GRAYSCALE type: string - query: - description: Required. The query that defines the view. + dataSplitMethod: + description: The data split type for training and evaluation, e.g. RANDOM. type: string - type: object - GetIamPolicyRequest: - description: Request message for `GetIamPolicy` method. - id: GetIamPolicyRequest - properties: - options: - $ref: '#/components/schemas/GetPolicyOptions' - description: >- - OPTIONAL: A `GetPolicyOptions` object for specifying options to - `GetIamPolicy`. - type: object - GetPolicyOptions: - description: Encapsulates settings provided to GetIamPolicy. - id: GetPolicyOptions - properties: - requestedPolicyVersion: + enumDescriptions: + - Default value. + - Splits data randomly. + - Splits data with the user provided tags. + - Splits data sequentially. + - Data split will be skipped. + - >- + Splits data automatically: Uses NO_SPLIT if the data size is + small. Otherwise uses RANDOM. + enum: + - DATA_SPLIT_METHOD_UNSPECIFIED + - RANDOM + - CUSTOM + - SEQUENTIAL + - NO_SPLIT + - AUTO_SPLIT + minSplitLoss: + format: double + type: number + description: Minimum split loss for boosted tree models. + l1Regularization: + format: double + type: number + description: L1 regularization coefficient. + pcaExplainedVarianceRatio: + type: number description: >- - Optional. The maximum policy version that will be used to format the - policy. Valid values are 0, 1, and 3. Requests specifying an invalid - value will be rejected. Requests for policies with any conditional - role bindings must specify version 3. Policies with no conditional - role bindings may specify any valid value or leave the field unset. - The policy in the response might use the policy version that you - specified, or it might use a lower policy version. For example, if - you specify version 3, but the policy has no conditional role - bindings, the response uses version 1. To learn which resources - support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - format: int32 - type: integer - type: object - GetQueryResultsResponse: - description: Response object of GetQueryResults. - id: GetQueryResultsResponse - properties: - cacheHit: - description: Whether the query result was fetched from the query cache. - type: boolean - errors: + The minimum ratio of cumulative explained variance that needs to be + given by the PCA model. + format: double + reservationAffinityKey: description: >- - Output only. The first errors or warnings encountered during the - running of the job. The final message includes the number of errors - that caused the process to stop. Errors here do not necessarily mean - that the job has completed or was unsuccessful. For more information - about error messages, see [Error - messages](https://cloud.google.com/bigquery/docs/error-messages). - items: - $ref: '#/components/schemas/ErrorProto' - readOnly: true - type: array - etag: - description: A hash of this response. + Corresponds to the label key of a reservation resource used by + Vertex AI. To target a SPECIFIC_RESERVATION by name, use + `compute.googleapis.com/reservation-name` as the key and specify the + name of your reservation as its value. type: string - jobComplete: - description: >- - Whether the query has completed or not. If rows or totalRows are - present, this will always be true. If this is false, totalRows will - not be available. - type: boolean - jobReference: - $ref: '#/components/schemas/JobReference' + hiddenUnits: + description: Hidden units for dnn models. + type: array + items: + format: int64 + type: string + maxTimeSeriesLength: description: >- - Reference to the BigQuery Job that was created to run the query. - This field will be present even if the original request timed out, - in which case GetQueryResults can be used to read the results once - the query has completed. Since this API only returns the first page - of results, subsequent pages can be fetched via the same mechanism - (GetQueryResults). - kind: - default: bigquery#getQueryResultsResponse - description: The resource type of the response. + The maximum number of time points in a time series that can be used + in modeling the trend component of the time series. Don't use this + option with the `timeSeriesLengthFraction` or `minTimeSeriesLength` + options. + format: int64 type: string - numDmlAffectedRows: - description: >- - Output only. The number of rows affected by a DML statement. Present - only for DML statements INSERT, UPDATE or DELETE. + activationFn: + type: string + description: Activation function of the neural nets. + maxParallelTrials: format: int64 - readOnly: true type: string - pageToken: + description: Maximum number of trials to run in parallel. + autoArima: + type: boolean + description: Whether to enable auto ARIMA or not. + includeDrift: + description: Include drift when fitting an ARIMA model. + type: boolean + walsAlpha: + format: double + type: number description: >- - A token used for paging results. When this token is non-empty, it - indicates additional results are available. - type: string - rows: + Hyperparameter for matrix factoration when implicit feedback type is + specified. + dimensionIdColumns: description: >- - An object with as many results as can be contained within the - maximum permitted reply size. To get any additional rows, you can - call GetQueryResults and specify the jobReference returned above. - Present only when the query completes successfully. The REST-based - representation of this data leverages a series of JSON f,v objects - for indicating fields and values. - items: - $ref: '#/components/schemas/TableRow' + Optional. Names of the columns to slice on. Applies to contribution + analysis models. type: array - schema: - $ref: '#/components/schemas/TableSchema' - description: >- - The schema of the results. Present only when the query completes - successfully. - totalBytesProcessed: - description: The total number of bytes processed for this query. - format: int64 + items: + type: string + cleanSpikesAndDips: + description: If true, clean spikes and dips in the input time series. + type: boolean + dataFrequency: + enum: + - DATA_FREQUENCY_UNSPECIFIED + - AUTO_FREQUENCY + - YEARLY + - QUARTERLY + - MONTHLY + - WEEKLY + - DAILY + - HOURLY + - PER_MINUTE + description: The data frequency of a time series. type: string - totalRows: + enumDescriptions: + - Default value. + - Automatically inferred from timestamps. + - Yearly data. + - Quarterly data. + - Monthly data. + - Weekly data. + - Daily data. + - Hourly data. + - Per-minute data. + dataSplitColumn: description: >- - The total number of rows in the complete query result set, which can - be more than the number of rows in this single page of results. - Present only when the query completes successfully. - format: uint64 - type: string - type: object - GetServiceAccountResponse: - description: Response object of GetServiceAccount - id: GetServiceAccountResponse - properties: - email: - description: The service account email address. + The column to split data with. This column won't be used as a + feature. 1. When data_split_method is CUSTOM, the corresponding + column should be boolean. The rows with true value tag are eval + data, and the false are training data. 2. When data_split_method is + SEQ, the first DATA_SPLIT_EVAL_FRACTION rows (from smallest to + largest) in the corresponding column are used as training data, and + the rest are eval data. It respects the order in Orderable data + types: + https://cloud.google.com/bigquery/docs/reference/standard-sql/data-types#data_type_properties type: string - kind: - default: bigquery#getServiceAccountResponse - description: The resource type of the response. + autoArimaMinOrder: type: string - type: object - GlobalExplanation: - description: >- - Global explanations containing the top most important features after - training. - id: GlobalExplanation - properties: - classLabel: + description: The min value of the sum of non-seasonal p and q. + format: int64 + holidayRegion: description: >- - Class label for this set of global explanations. Will be empty/null - for binary logistic and linear regression models. Sorted - alphabetically in descending order. + The geographical region based on which the holidays are considered + in time series modeling. If a valid value is specified, then holiday + effects modeling is enabled. type: string - explanations: - description: >- - A list of the top global explanations. Sorted by absolute value of - attribution in descending order. - items: - $ref: '#/components/schemas/Explanation' - type: array - type: object - GoogleSheetsOptions: - description: Options specific to Google Sheets data sources. - id: GoogleSheetsOptions - properties: - range: + enumDescriptions: + - Holiday region unspecified. + - Global. + - North America. + - >- + Japan and Asia Pacific: Korea, Greater China, India, Australia, + and New Zealand. + - Europe, the Middle East and Africa. + - Latin America and the Caribbean. + - United Arab Emirates + - Argentina + - Austria + - Australia + - Belgium + - Brazil + - Canada + - Switzerland + - Chile + - China + - Colombia + - Czechoslovakia + - Czech Republic + - Germany + - Denmark + - Algeria + - Ecuador + - Estonia + - Egypt + - Spain + - Finland + - France + - Great Britain (United Kingdom) + - Greece + - Hong Kong + - Hungary + - Indonesia + - Ireland + - Israel + - India + - Iran + - Italy + - Japan + - Korea (South) + - Latvia + - Morocco + - Mexico + - Malaysia + - Nigeria + - Netherlands + - Norway + - New Zealand + - Peru + - Philippines + - Pakistan + - Poland + - Portugal + - Romania + - Serbia + - Russian Federation + - Saudi Arabia + - Sweden + - Singapore + - Slovenia + - Slovakia + - Thailand + - Turkey + - Taiwan + - Ukraine + - United States + - Venezuela + - Vietnam + - South Africa + enum: + - HOLIDAY_REGION_UNSPECIFIED + - GLOBAL + - NA + - JAPAC + - EMEA + - LAC + - AE + - AR + - AT + - AU + - BE + - BR + - CA + - CH + - CL + - CN + - CO + - CS + - CZ + - DE + - DK + - DZ + - EC + - EE + - EG + - ES + - FI + - FR + - GB + - GR + - HK + - HU + - ID + - IE + - IL + - IN + - IR + - IT + - JP + - KR + - LV + - MA + - MX + - MY + - NG + - NL + - 'NO' + - NZ + - PE + - PH + - PK + - PL + - PT + - RO + - RS + - RU + - SA + - SE + - SG + - SI + - SK + - TH + - TR + - TW + - UA + - US + - VE + - VN + - ZA + kmeansInitializationColumn: description: >- - Optional. Range of a sheet to query from. Only used when non-empty. - Typical format: sheet_name!top_left_cell_id:bottom_right_cell_id For - example: sheet1!A1:B20 + The column used to provide the initial centroids for kmeans + algorithm when kmeans_initialization_method is CUSTOM. type: string - skipLeadingRows: + integratedGradientsNumSteps: description: >- - Optional. The number of rows at the top of a sheet that BigQuery - will skip when reading the data. The default value is 0. This - property is useful if you have header rows that should be skipped. - When autodetect is on, the behavior is the following: * - skipLeadingRows unspecified - Autodetect tries to detect headers in - the first row. If they are not detected, the row is read as data. - Otherwise data is read starting from the second row. * - skipLeadingRows is 0 - Instructs autodetect that there are no - headers and data should be read starting from the first row. * - skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to - detect headers in row N. If headers are not detected, row N is just - skipped. Otherwise row N is used to extract column names for the - detected schema. - format: int64 + Number of integral steps for the integrated gradients explain + method. type: string - type: object - HighCardinalityJoin: - description: High cardinality join detailed information. - id: HighCardinalityJoin - properties: - leftRows: - description: Output only. Count of left input rows. format: int64 - readOnly: true + tfVersion: + description: >- + Based on the selected TF version, the corresponding docker image is + used to train external models. type: string - outputRows: - description: Output only. Count of the output rows. - format: int64 - readOnly: true + timeSeriesIdColumn: + description: The time series id column that was used during ARIMA model training. type: string - rightRows: - description: Output only. Count of right input rows. - format: int64 - readOnly: true + optimizer: type: string - stepIndex: - description: >- - Output only. The index of the join operator in the ExplainQueryStep - lists. - format: int32 - readOnly: true - type: integer - type: object - HivePartitioningOptions: - description: Options for configuring hive partitioning detect. - id: HivePartitioningOptions - properties: - fields: - description: >- - Output only. For permanent external tables, this field is populated - with the hive partition keys in the order they were inferred. The - types of the partition keys can be deduced by checking the table - schema (which will include the partition keys). Not every API will - populate this field in the output. For example, Tables.Get will - populate it, but Tables.List will not contain this field. - items: - type: string - readOnly: true - type: array - mode: - description: >- - Optional. When set, what mode of hive partitioning to use when - reading data. The following modes are supported: * AUTO: - automatically infer partition key name(s) and type(s). * STRINGS: - automatically infer partition key name(s). All types are strings. * - CUSTOM: partition key schema is encoded in the source URI prefix. - Not all storage formats support hive partitioning. Requesting hive - partitioning on an unsupported format will lead to an error. - Currently supported formats are: JSON, CSV, ORC, Avro and Parquet. + description: Optimizer used for training the neural nets. + minReplicaCount: type: string - requirePartitionFilter: - default: 'false' description: >- - Optional. If set to true, queries over this table require a - partition filter that can be used for partition elimination to be - specified. Note that this field should only be true when creating a - permanent external table or querying a temporary external table. - Hive-partitioned loads with require_partition_filter explicitly set - to true will fail. + The minimum number of machine replicas that will be always deployed + on an endpoint. This value must be greater than or equal to 1. The + default value is 1. + format: int64 + fitIntercept: + description: Whether the model should include intercept during model training. type: boolean - sourceUriPrefix: + minAprioriSupport: description: >- - Optional. When hive partition detection is requested, a common - prefix for all source uris must be required. The prefix must end - immediately before the partition key encoding begins. For example, - consider files following this data layout: - gs://bucket/path_to_table/dt=2019-06-01/country=USA/id=7/file.avro - gs://bucket/path_to_table/dt=2019-05-31/country=CA/id=3/file.avro - When hive partitioning is requested with either AUTO or STRINGS - detection, the common prefix can be either of - gs://bucket/path_to_table or gs://bucket/path_to_table/. CUSTOM - detection requires encoding the partitioning schema immediately - after the common prefix. For CUSTOM, any of * - gs://bucket/path_to_table/{dt:DATE}/{country:STRING}/{id:INTEGER} * - gs://bucket/path_to_table/{dt:STRING}/{country:STRING}/{id:INTEGER} - * gs://bucket/path_to_table/{dt:DATE}/{country:STRING}/{id:STRING} - would all be valid source URI prefixes. - type: string - type: object - HparamSearchSpaces: - description: >- - Hyperparameter search spaces. These should be a subset of - training_options. - id: HparamSearchSpaces - properties: - activationFn: - $ref: '#/components/schemas/StringHparamSearchSpace' - description: Activation functions of neural network models. - batchSize: - $ref: '#/components/schemas/IntHparamSearchSpace' - description: Mini batch sample size. - boosterType: - $ref: '#/components/schemas/StringHparamSearchSpace' - description: Booster type for boosted tree models. - colsampleBylevel: - $ref: '#/components/schemas/DoubleHparamSearchSpace' - description: Subsample ratio of columns for each level for boosted tree models. - colsampleBynode: - $ref: '#/components/schemas/DoubleHparamSearchSpace' - description: >- - Subsample ratio of columns for each node(split) for boosted tree - models. - colsampleBytree: - $ref: '#/components/schemas/DoubleHparamSearchSpace' - description: >- - Subsample ratio of columns when constructing each tree for boosted - tree models. - dartNormalizeType: - $ref: '#/components/schemas/StringHparamSearchSpace' - description: Dart normalization type for boosted tree models. - dropout: - $ref: '#/components/schemas/DoubleHparamSearchSpace' - description: >- - Dropout probability for dnn model training and boosted tree models - using dart booster. - hiddenUnits: - $ref: '#/components/schemas/IntArrayHparamSearchSpace' - description: Hidden units for neural network models. - l1Reg: - $ref: '#/components/schemas/DoubleHparamSearchSpace' - description: L1 regularization coefficient. - l2Reg: - $ref: '#/components/schemas/DoubleHparamSearchSpace' - description: L2 regularization coefficient. - learnRate: - $ref: '#/components/schemas/DoubleHparamSearchSpace' - description: Learning rate of training jobs. - maxTreeDepth: - $ref: '#/components/schemas/IntHparamSearchSpace' - description: Maximum depth of a tree for boosted tree models. - minSplitLoss: - $ref: '#/components/schemas/DoubleHparamSearchSpace' - description: Minimum split loss for boosted tree models. - minTreeChildWeight: - $ref: '#/components/schemas/IntHparamSearchSpace' - description: >- - Minimum sum of instance weight needed in a child for boosted tree + The apriori support minimum. Applies to contribution analysis models. - numClusters: - $ref: '#/components/schemas/IntHparamSearchSpace' - description: Number of clusters for k-means. - numFactors: - $ref: '#/components/schemas/IntHparamSearchSpace' - description: Number of latent factors to train on. - numParallelTree: - $ref: '#/components/schemas/IntHparamSearchSpace' - description: Number of parallel trees for boosted tree models. - optimizer: - $ref: '#/components/schemas/StringHparamSearchSpace' - description: Optimizer of TF models. - subsample: - $ref: '#/components/schemas/DoubleHparamSearchSpace' - description: >- - Subsample the training data to grow tree to prevent overfitting for - boosted tree models. - treeMethod: - $ref: '#/components/schemas/StringHparamSearchSpace' - description: Tree construction algorithm for boosted tree models. - walsAlpha: - $ref: '#/components/schemas/DoubleHparamSearchSpace' - description: >- - Hyperparameter for matrix factoration when implicit feedback type is - specified. - type: object - HparamTuningTrial: - description: >- - Training info of a trial in [hyperparameter - tuning](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview) - models. - id: HparamTuningTrial - properties: - endTimeMs: - description: Ending time of the trial. - format: int64 - type: string - errorMessage: - description: Error message for FAILED and INFEASIBLE trial. - type: string - evalLoss: - description: Loss computed on the eval data at the end of trial. format: double type: number - evaluationMetrics: - $ref: '#/components/schemas/EvaluationMetrics' - description: >- - Evaluation metrics of this trial calculated on the test data. Empty - in Job API. - hparamTuningEvaluationMetrics: - $ref: '#/components/schemas/EvaluationMetrics' + initialLearnRate: + type: number + format: double description: >- - Hyperparameter tuning evaluation metrics of this trial calculated on - the eval data. Unlike evaluation_metrics, only the fields - corresponding to the hparam_tuning_objectives are set. - hparams: - $ref: '#/components/schemas/TrainingOptions' - description: The hyperprameters selected for this trial. - startTimeMs: - description: Starting time of the trial. - format: int64 + Specifies the initial learning rate for the line search learn rate + strategy. + kmeansInitializationMethod: + description: The method used to initialize the centroids for kmeans algorithm. type: string - status: - description: The status of the trial. enum: - - TRIAL_STATUS_UNSPECIFIED - - NOT_STARTED - - RUNNING - - SUCCEEDED - - FAILED - - INFEASIBLE - - STOPPED_EARLY + - KMEANS_INITIALIZATION_METHOD_UNSPECIFIED + - RANDOM + - CUSTOM + - KMEANS_PLUS_PLUS enumDescriptions: - - Default value. - - Scheduled but not started. - - Running state. - - The trial succeeded. - - The trial failed. - - The trial is infeasible due to the invalid params. - - Trial stopped early because it's not promising. - type: string - trainingLoss: - description: Loss computed on the training data at the end of trial. + - Unspecified initialization method. + - Initializes the centroids randomly. + - >- + Initializes the centroids using data specified in + kmeans_initialization_column. + - Initializes with kmeans++. + colsampleBylevel: + description: Subsample ratio of columns for each level for boosted tree models. format: double type: number - trialId: - description: 1-based index of the trial. - format: int64 - type: string + decomposeTimeSeries: + type: boolean + description: If true, perform decompose time series and save the results. + description: Options used in model training. + ArimaResult: type: object - IndexUnusedReason: description: >- - Reason about why no search index was used in the search query (or - sub-query). - id: IndexUnusedReason + (Auto-)arima fitting result. Wrap everything in ArimaResult for easier + refactoring if we want to use model-specific iteration results. + id: ArimaResult + properties: + seasonalPeriods: + items: + enumDescriptions: + - Unspecified seasonal period. + - No seasonality + - Daily period, 24 hours. + - Weekly period, 7 days. + - Monthly period, 30 days or irregular. + - Quarterly period, 90 days or irregular. + - Yearly period, 365 days or irregular. + - Hourly period, 1 hour. + type: string + enum: + - SEASONAL_PERIOD_TYPE_UNSPECIFIED + - NO_SEASONALITY + - DAILY + - WEEKLY + - MONTHLY + - QUARTERLY + - YEARLY + - HOURLY + type: array + description: >- + Seasonal periods. Repeated because multiple periods are supported + for one time series. + arimaModelInfo: + description: >- + This message is repeated because there are multiple arima models + fitted in auto-arima. For non-auto-arima model, its size is one. + items: + $ref: '#/components/schemas/ArimaModelInfo' + type: array + ExplainQueryStep: + properties: + substeps: + description: Human-readable description of the step(s). + items: + type: string + type: array + kind: + description: Machine-readable operation type. + type: string + id: ExplainQueryStep + description: An operation within a stage. + type: object + StoredColumnsUsage: properties: + storedColumnsUnusedReasons: + type: array + description: If stored columns were not used, explain why. + items: + $ref: '#/components/schemas/StoredColumnsUnusedReason' baseTable: $ref: '#/components/schemas/TableReference' + description: Specifies the base table. + isQueryAccelerated: + description: Specifies whether the query was accelerated with stored columns. + type: boolean + id: StoredColumnsUsage + description: Indicates the stored columns usage in the query. + type: object + DifferentialPrivacyPolicy: + id: DifferentialPrivacyPolicy + properties: + deltaBudget: + format: double description: >- - Specifies the base table involved in the reason that no search index - was used. - code: - description: >- - Specifies the high-level reason for the scenario when no search - index was used. - enum: - - CODE_UNSPECIFIED - - INDEX_CONFIG_NOT_AVAILABLE - - PENDING_INDEX_CREATION - - BASE_TABLE_TRUNCATED - - INDEX_CONFIG_MODIFIED - - TIME_TRAVEL_QUERY - - NO_PRUNING_POWER - - UNINDEXED_SEARCH_FIELDS - - UNSUPPORTED_SEARCH_PATTERN - - OPTIMIZED_WITH_MATERIALIZED_VIEW - - SECURED_BY_DATA_MASKING - - MISMATCHED_TEXT_ANALYZER - - BASE_TABLE_TOO_SMALL - - BASE_TABLE_TOO_LARGE - - ESTIMATED_PERFORMANCE_GAIN_TOO_LOW - - COLUMN_METADATA_INDEX_NOT_USED - - NOT_SUPPORTED_IN_STANDARD_EDITION - - INDEX_SUPPRESSED_BY_FUNCTION_OPTION - - QUERY_CACHE_HIT - - STALE_INDEX - - INTERNAL_ERROR - - OTHER_REASON - enumDescriptions: - - Code not specified. - - Indicates the search index configuration has not been created. - - Indicates the search index creation has not been completed. - - >- - Indicates the base table has been truncated (rows have been - removed from table with TRUNCATE TABLE statement) since the last - time the search index was refreshed. - - >- - Indicates the search index configuration has been changed since - the last time the search index was refreshed. - - >- - Indicates the search query accesses data at a timestamp before the - last time the search index was refreshed. - - >- - Indicates the usage of search index will not contribute to any - pruning improvement for the search function, e.g. when the search - predicate is in a disjunction with other non-search predicates. - - >- - Indicates the search index does not cover all fields in the search - function. - - >- - Indicates the search index does not support the given search query - pattern. - - >- - Indicates the query has been optimized by using a materialized - view. - - >- - Indicates the query has been secured by data masking, and thus - search indexes are not applicable. - - >- - Indicates that the search index and the search function call do - not have the same text analyzer. - - >- - Indicates the base table is too small (below a certain threshold). - The index does not provide noticeable search performance gains - when the base table is too small. - - >- - Indicates that the total size of indexed base tables in your - organization exceeds your region's limit and the index is not used - in the query. To index larger base tables, you can use your own - reservation for index-management jobs. - - >- - Indicates that the estimated performance gain from using the - search index is too low for the given search query. - - >- - Indicates that the column metadata index (which the search index - depends on) is not used. User can refer to the [column metadata - index - usage](https://cloud.google.com/bigquery/docs/metadata-indexing-managed-tables#view_column_metadata_index_usage) - for more details on why it was not used. - - >- - Indicates that search indexes can not be used for search query - with STANDARD edition. - - >- - Indicates that an option in the search function that cannot make - use of the index has been selected. - - >- - Indicates that the query was cached, and thus the search index was - not used. - - The index cannot be used in the search query because it is stale. - - >- - Indicates an internal error that causes the search index to be - unused. - - >- - Indicates that the reason search indexes cannot be used in the - query is not covered by any of the other IndexUnusedReason - options. - type: string - indexName: - description: Specifies the name of the unused search index, if available. + Optional. The total delta budget for all queries against the + privacy-protected view. Each subscriber query against this view + charges the amount of delta that is pre-defined by the contributor + through the privacy policy delta_per_query field. If there is + sufficient budget, then the subscriber query attempts to complete. + It might still fail due to other reasons, in which case the charge + is refunded. If there is insufficient budget the query is rejected. + There might be multiple charge attempts if a single query references + multiple views. In this case there must be sufficient budget for all + charges or the query is rejected and charges are refunded in best + effort. The budget does not have a refresh policy and can only be + updated via ALTER VIEW or circumvented by creating a new view that + can be queried with a fresh budget. + type: number + privacyUnitColumn: + description: >- + Optional. The privacy unit column associated with this policy. + Differential privacy policies can only have one privacy unit column + per data source object (table, view). type: string - message: + deltaPerQuery: + type: number description: >- - Free form human-readable reason for the scenario when no search - index was used. + Optional. The delta value that is used per query. Delta represents + the probability that any row will fail to be epsilon differentially + private. Indicates the risk associated with exposing aggregate rows + in the result of a query. + format: double + epsilonBudgetRemaining: + description: >- + Output only. The epsilon budget remaining. If budget is exhausted, + no more queries are allowed. Note that the budget for queries that + are in progress is deducted before the query executes. If the query + fails or is cancelled then the budget is refunded. In this case the + amount of budget remaining can increase. + format: double + readOnly: true + type: number + epsilonBudget: + description: >- + Optional. The total epsilon budget for all queries against the + privacy-protected view. Each subscriber query against this view + charges the amount of epsilon they request in their query. If there + is sufficient budget, then the subscriber query attempts to + complete. It might still fail due to other reasons, in which case + the charge is refunded. If there is insufficient budget the query is + rejected. There might be multiple charge attempts if a single query + references multiple views. In this case there must be sufficient + budget for all charges or the query is rejected and charges are + refunded in best effort. The budget does not have a refresh policy + and can only be updated via ALTER VIEW or circumvented by creating a + new view that can be queried with a fresh budget. + format: double + type: number + maxGroupsContributed: + format: int64 type: string - type: object - InputDataChange: - description: Details about the input data change insight. - id: InputDataChange - properties: - recordsReadDiffPercentage: description: >- - Output only. Records read difference percentage compared to a - previous run. - format: float + Optional. The maximum groups contributed value that is used per + query. Represents the maximum number of groups to which each + protected entity can contribute. Changing this value does not + improve or worsen privacy. The best value for accuracy and utility + depends on the query and data. + deltaBudgetRemaining: + description: >- + Output only. The delta budget remaining. If budget is exhausted, no + more queries are allowed. Note that the budget for queries that are + in progress is deducted before the query executes. If the query + fails or is cancelled then the budget is refunded. In this case the + amount of budget remaining can increase. readOnly: true type: number + format: double + maxEpsilonPerQuery: + type: number + description: >- + Optional. The maximum epsilon value that a query can consume. If the + subscriber specifies epsilon as a parameter in a SELECT query, it + must be less than or equal to this value. The epsilon parameter + controls the amount of noise that is added to the groups — a higher + epsilon means less noise. + format: double type: object - IntArray: - description: An array of int. - id: IntArray - properties: - elements: - description: Elements in the int array. - items: - format: int64 - type: string - type: array + description: Represents privacy policy associated with "differential privacy" method. + EvaluationMetrics: type: object + properties: + dimensionalityReductionMetrics: + $ref: '#/components/schemas/DimensionalityReductionMetrics' + description: >- + Evaluation metrics when the model is a dimensionality reduction + model, which currently includes PCA. + binaryClassificationMetrics: + description: Populated for binary classification/classifier models. + $ref: '#/components/schemas/BinaryClassificationMetrics' + rankingMetrics: + $ref: '#/components/schemas/RankingMetrics' + description: Populated for implicit feedback type matrix factorization models. + arimaForecastingMetrics: + description: Populated for ARIMA models. + $ref: '#/components/schemas/ArimaForecastingMetrics' + multiClassClassificationMetrics: + $ref: '#/components/schemas/MultiClassClassificationMetrics' + description: Populated for multi-class classification/classifier models. + clusteringMetrics: + description: Populated for clustering models. + $ref: '#/components/schemas/ClusteringMetrics' + regressionMetrics: + $ref: '#/components/schemas/RegressionMetrics' + description: >- + Populated for regression models and explicit feedback type matrix + factorization models. + description: >- + Evaluation metrics of a model. These are either computed on all training + data or just the eval data based on whether eval data was used during + training. These are not present for imported models. + id: EvaluationMetrics IntArrayHparamSearchSpace: - description: Search space for int array. - id: IntArrayHparamSearchSpace properties: candidates: - description: Candidates for the int array parameter. - items: - $ref: '#/components/schemas/IntArray' type: array - type: object - IntCandidates: - description: Discrete candidates of an int hyperparameter. - id: IntCandidates - properties: - candidates: - description: Candidates for the int parameter in increasing order. items: - format: int64 - type: string - type: array - type: object - IntHparamSearchSpace: - description: Search space for an int hyperparameter. - id: IntHparamSearchSpace - properties: - candidates: - $ref: '#/components/schemas/IntCandidates' - description: Candidates of the int hyperparameter. - range: - $ref: '#/components/schemas/IntRange' - description: Range of the int hyperparameter. + $ref: '#/components/schemas/IntArray' + description: Candidates for the int array parameter. type: object - IntRange: - description: Range of an int hyperparameter. - id: IntRange + description: Search space for int array. + id: IntArrayHparamSearchSpace + TimePartitioning: properties: - max: - description: Max value of the int parameter. - format: int64 + type: + type: string + description: >- + Required. The supported types are DAY, HOUR, MONTH, and YEAR, which + will generate one partition per day, hour, month, and year, + respectively. + expirationMs: type: string - min: - description: Min value of the int parameter. format: int64 + description: >- + Optional. Number of milliseconds for which to keep the storage for a + partition. A wrapper is used here because 0 is an invalid value. + field: type: string + description: >- + Optional. If not set, the table is partitioned by pseudo column + '_PARTITIONTIME'; if set, the table is partitioned by this field. + The field must be a top-level TIMESTAMP or DATE field. Its mode must + be NULLABLE or REQUIRED. A wrapper is used here because an empty + string is an invalid value. + requirePartitionFilter: + type: boolean + default: 'false' + deprecated: true + description: >- + If set to true, queries over this table require a partition filter + that can be used for partition elimination to be specified. This + field is deprecated; please set the field with the same name on the + table itself instead. This field needs a wrapper because we want to + output the default value, false, if the user explicitly set it. + id: TimePartitioning type: object - IterationResult: - description: Information about a single iteration of the training run. - id: IterationResult + ModelDefinition: properties: - arimaResult: - $ref: '#/components/schemas/ArimaResult' - description: Arima result. - clusterInfos: - description: Information about top clusters for clustering models. - items: - $ref: '#/components/schemas/ClusterInfo' - type: array - durationMs: - description: Time taken to run the iteration in milliseconds. - format: int64 - type: string - evalLoss: - description: Loss computed on the eval data at the end of iteration. - format: double - type: number - index: - description: Index of the iteration, 0 based. - format: int32 - type: integer - learnRate: - description: Learn rate used for this iteration. - format: double - type: number - principalComponentInfos: - description: The information of the principal components. + modelOptions: + properties: + modelType: + type: string + lossType: + type: string + labels: + items: + type: string + type: array + description: Deprecated. + type: object + trainingRuns: items: - $ref: '#/components/schemas/PrincipalComponentInfo' + $ref: '#/components/schemas/BqmlTrainingRun' type: array - trainingLoss: - description: Loss computed on the training data at the end of iteration. - format: double - type: number + description: Deprecated. type: object - Job: - id: Job + id: ModelDefinition + SparkLoggingInfo: properties: - configuration: - $ref: '#/components/schemas/JobConfiguration' - description: Required. Describes the job configuration. - etag: - description: Output only. A hash of this resource. - readOnly: true - type: string - id: - description: Output only. Opaque ID field of the job. - readOnly: true - type: string - jobCreationReason: - $ref: '#/components/schemas/JobCreationReason' - description: Output only. The reason why a Job was created. - readOnly: true - jobReference: - $ref: '#/components/schemas/JobReference' - description: Optional. Reference describing the unique-per-user name of the job. - kind: - default: bigquery#job - description: Output only. The type of the resource. - readOnly: true - type: string - principal_subject: - description: >- - Output only. [Full-projection-only] String representation of - identity of requesting party. Populated for both first- and - third-party identities. Only present for APIs that support - third-party identities. - readOnly: true + projectId: type: string - selfLink: - description: Output only. A URL that can be used to access the resource again. readOnly: true + description: Output only. Project ID where the Spark logs were written. + resourceType: type: string - statistics: - $ref: '#/components/schemas/JobStatistics' - description: >- - Output only. Information about the job, including starting time and - ending time of the job. - readOnly: true - status: - $ref: '#/components/schemas/JobStatus' - description: >- - Output only. The status of this job. Examine this value when polling - an asynchronous job to see if the job is complete. readOnly: true - user_email: - description: Output only. Email address of the user who ran the job. - readOnly: true - type: string + description: Output only. Resource type used for logging. + id: SparkLoggingInfo + description: Spark job logs can be filtered by these fields in Cloud Logging. type: object JobCancelResponse: - description: Describes format of a jobs cancellation response. id: JobCancelResponse + type: object + description: Describes format of a jobs cancellation response. properties: - job: - $ref: '#/components/schemas/Job' - description: The final state of the job. kind: - default: bigquery#jobCancelResponse - description: The resource type of the response. type: string + description: The resource type of the response. + default: bigquery#jobCancelResponse + job: + description: The final state of the job. + $ref: '#/components/schemas/Job' + MaterializedView: type: object - JobConfiguration: - id: JobConfiguration + description: A materialized view considered for a query job. properties: - copy: - $ref: '#/components/schemas/JobConfigurationTableCopy' - description: '[Pick one] Copies a table.' - dryRun: - description: >- - Optional. If set, don't actually run this job. A valid query will - return a mostly empty response with some processing statistics, - while an invalid query will return the same error it would if it - wasn't a dry run. Behavior of non-query jobs is undefined. - type: boolean - extract: - $ref: '#/components/schemas/JobConfigurationExtract' - description: '[Pick one] Configures an extract job.' - jobTimeoutMs: + tableReference: + description: The candidate materialized view. + $ref: '#/components/schemas/TableReference' + estimatedBytesSaved: description: >- - Optional. Job timeout in milliseconds. If this time limit is - exceeded, BigQuery will attempt to stop a longer job, but may not - always succeed in canceling it before the job completes. For - example, a job that takes more than 60 seconds to complete has a - better chance of being stopped than a job that takes 10 seconds to - complete. + If present, specifies a best-effort estimation of the bytes saved by + using the materialized view rather than its base tables. + type: string format: int64 + rejectedReason: + enum: + - REJECTED_REASON_UNSPECIFIED + - NO_DATA + - COST + - BASE_TABLE_TRUNCATED + - BASE_TABLE_DATA_CHANGE + - BASE_TABLE_PARTITION_EXPIRATION_CHANGE + - BASE_TABLE_EXPIRED_PARTITION + - BASE_TABLE_INCOMPATIBLE_METADATA_CHANGE + - TIME_ZONE + - OUT_OF_TIME_TRAVEL_WINDOW + - BASE_TABLE_FINE_GRAINED_SECURITY_POLICY + - BASE_TABLE_TOO_STALE + enumDescriptions: + - Default unspecified value. + - View has no cached data because it has not refreshed yet. + - >- + The estimated cost of the view is more expensive than another view + or the base table. Note: The estimate cost might not match the + billed cost. + - View has no cached data because a base table is truncated. + - >- + View is invalidated because of a data change in one or more base + tables. It could be any recent change if the + [`maxStaleness`](https://cloud.google.com/bigquery/docs/reference/rest/v2/tables#Table.FIELDS.max_staleness) + option is not set for the view, or otherwise any change outside of + the staleness window. + - >- + View is invalidated because a base table's partition expiration + has changed. + - View is invalidated because a base table's partition has expired. + - >- + View is invalidated because a base table has an incompatible + metadata change. + - >- + View is invalidated because it was refreshed with a time zone + other than that of the current job. + - View is outside the time travel window. + - >- + View is inaccessible to the user because of a fine-grained + security policy on one of its base tables. + - >- + One of the view's base tables is too stale. For example, the + cached metadata of a BigLake external table needs to be updated. type: string - jobType: description: >- - Output only. The type of the job. Can be QUERY, LOAD, EXTRACT, COPY - or UNKNOWN. + If present, specifies the reason why the materialized view was not + chosen for the query. + chosen: + description: >- + Whether the materialized view is chosen for the query. A + materialized view can be chosen to rewrite multiple parts of the + same query. If a materialized view is chosen to rewrite any part of + the query, then this field is true, even if the materialized view + was not chosen to rewrite others parts. + type: boolean + id: MaterializedView + ExternalCatalogTableOptions: + type: object + properties: + connectionId: + description: >- + Optional. A connection ID that specifies the credentials to be used + to read external storage, such as Azure Blob, Cloud Storage, or + Amazon S3. This connection is needed to read the open source table + from BigQuery. The connection_id format must be either `..` or + `projects//locations//connections/`. type: string - labels: + storageDescriptor: + description: >- + Optional. A storage descriptor containing information about the + physical storage of this table. + $ref: '#/components/schemas/StorageDescriptor' + parameters: additionalProperties: type: string + type: object description: >- - The labels associated with this job. You can use these to organize - and group your jobs. Label keys and values can be no longer than 63 - characters, can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. Label - values are optional. Label keys must start with a letter and each - label in the list must have a different key. - type: object - load: - $ref: '#/components/schemas/JobConfigurationLoad' - description: '[Pick one] Configures a load job.' - query: - $ref: '#/components/schemas/JobConfigurationQuery' - description: '[Pick one] Configures a query job.' - reservation: - description: >- - Optional. The reservation that job would use. User can specify a - reservation to execute the job. If reservation is not set, - reservation is determined based on the rules defined by the - reservation assignments. The expected format is - `projects/{project}/locations/{location}/reservations/{reservation}`. - type: string - type: object - JobConfigurationExtract: + Optional. A map of the key-value pairs defining the parameters and + properties of the open source table. Corresponds with Hive metastore + table parameters. Maximum size of 4MiB. description: >- - JobConfigurationExtract configures a job that exports data from a - BigQuery table into Google Cloud Storage. - id: JobConfigurationExtract + Metadata about open source compatible table. The fields contained in + these options correspond to Hive metastore's table-level properties. + id: ExternalCatalogTableOptions + Argument: + description: Input/output argument of a function or a stored procedure. properties: - compression: - description: >- - Optional. The compression type to use for exported files. Possible - values include DEFLATE, GZIP, NONE, SNAPPY, and ZSTD. The default - value is NONE. Not all compression formats are support for all file - formats. DEFLATE is only supported for Avro. ZSTD is only supported - for Parquet. Not applicable when extracting models. + argumentKind: + enum: + - ARGUMENT_KIND_UNSPECIFIED + - FIXED_TYPE + - ANY_TYPE + enumDescriptions: + - Default value. + - >- + The argument is a variable with fully specified type, which can be + a struct or an array, but not a table. + - >- + The argument is any type, including struct or array, but not a + table. + description: Optional. Defaults to FIXED_TYPE. type: string - destinationFormat: + isAggregate: description: >- - Optional. The exported file format. Possible values include CSV, - NEWLINE_DELIMITED_JSON, PARQUET, or AVRO for tables and - ML_TF_SAVED_MODEL or ML_XGBOOST_BOOSTER for models. The default - value for tables is CSV. Tables with nested or repeated fields - cannot be exported as CSV. The default value for models is - ML_TF_SAVED_MODEL. - type: string - destinationUri: + Optional. Whether the argument is an aggregate function parameter. + Must be Unset for routine types other than AGGREGATE_FUNCTION. For + AGGREGATE_FUNCTION, if set to false, it is equivalent to adding "NOT + AGGREGATE" clause in DDL; Otherwise, it is equivalent to omitting + "NOT AGGREGATE" clause in DDL. + type: boolean + name: description: >- - [Pick one] DEPRECATED: Use destinationUris instead, passing only one - URI as necessary. The fully-qualified Google Cloud Storage URI where - the extracted table should be written. + Optional. The name of this argument. Can be absent for function + return argument. type: string - destinationUris: - description: >- - [Pick one] A list of fully-qualified Google Cloud Storage URIs where - the extracted table should be written. - items: - type: string - type: array - fieldDelimiter: + mode: description: >- - Optional. When extracting data in CSV format, this defines the - delimiter to use between fields in the exported data. Default is - ','. Not applicable when extracting models. + Optional. Specifies whether the argument is input or output. Can be + set for procedures only. + enumDescriptions: + - Default value. + - The argument is input-only. + - The argument is output-only. + - The argument is both an input and an output. type: string - modelExtractOptions: - $ref: '#/components/schemas/ModelExtractOptions' - description: >- - Optional. Model extract options only applicable when extracting - models. - printHeader: - default: 'true' - description: >- - Optional. Whether to print out a header row in the results. Default - is true. Not applicable when extracting models. - type: boolean - sourceModel: - $ref: '#/components/schemas/ModelReference' - description: A reference to the model being exported. - sourceTable: - $ref: '#/components/schemas/TableReference' - description: A reference to the table being exported. - useAvroLogicalTypes: - description: >- - Whether to use logical types when extracting to AVRO format. Not - applicable when extracting models. - type: boolean + enum: + - MODE_UNSPECIFIED + - IN + - OUT + - INOUT + dataType: + $ref: '#/components/schemas/StandardSqlDataType' + description: Set if argument_kind == FIXED_TYPE. + id: Argument type: object - JobConfigurationLoad: + AuditConfig: + id: AuditConfig description: >- - JobConfigurationLoad contains the configuration properties for loading - data into a destination table. - id: JobConfigurationLoad + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. properties: - allowJaggedRows: - description: >- - Optional. Accept rows that are missing trailing optional columns. - The missing values are treated as nulls. If false, records with - missing trailing columns are treated as bad records, and if there - are too many bad records, an invalid error is returned in the job - result. The default value is false. Only applicable to CSV, ignored - for other formats. - type: boolean - allowQuotedNewlines: + auditLogConfigs: + type: array + items: + $ref: '#/components/schemas/AuditLogConfig' + description: The configuration for logging of each type of permission. + service: description: >- - Indicates if BigQuery should allow quoted data sections that contain - newline characters in a CSV file. The default value is false. - type: boolean - autodetect: + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + type: string + type: object + HighCardinalityJoin: + description: High cardinality join detailed information. + id: HighCardinalityJoin + type: object + properties: + stepIndex: + format: int32 + readOnly: true + type: integer description: >- - Optional. Indicates if we should automatically infer the options and - schema for CSV and JSON sources. - type: boolean - clustering: - $ref: '#/components/schemas/Clustering' - description: Clustering specification for the destination table. - columnNameCharacterMap: + Output only. The index of the join operator in the ExplainQueryStep + lists. + leftRows: + readOnly: true + description: Output only. Count of left input rows. + format: int64 + type: string + outputRows: + description: Output only. Count of the output rows. + type: string + format: int64 + readOnly: true + rightRows: + readOnly: true + description: Output only. Count of right input rows. + format: int64 + type: string + PrivacyPolicy: + properties: + joinRestrictionPolicy: + $ref: '#/components/schemas/JoinRestrictionPolicy' description: >- - Optional. Character map supported for column names in CSV/Parquet - loads. Defaults to STRICT and can be overridden by Project Config - Service. Using this option with unsupporting load formats will - result in an error. - enum: - - COLUMN_NAME_CHARACTER_MAP_UNSPECIFIED - - STRICT - - V1 - - V2 - enumDescriptions: - - Unspecified column name character map. - - Support flexible column name and reject invalid column names. - - >- - Support alphanumeric + underscore characters and names must start - with a letter or underscore. Invalid column names will be - normalized. - - >- - Support flexible column name. Invalid column names will be - normalized. + Optional. Join restriction policy is outside of the one of policies, + since this policy can be set along with other policies. This policy + gives data providers the ability to enforce joins on the + 'join_allowed_columns' when data is queried from a privacy protected + view. + differentialPrivacyPolicy: + $ref: '#/components/schemas/DifferentialPrivacyPolicy' + description: Optional. Policy used for differential privacy. + aggregationThresholdPolicy: + $ref: '#/components/schemas/AggregationThresholdPolicy' + description: Optional. Policy used for aggregation thresholds. + description: >- + Represents privacy policy that contains the privacy requirements + specified by the data owner. Currently, this is only supported on views. + id: PrivacyPolicy + type: object + RowAccessPolicyReference: + description: Id path of a row access policy. + type: object + id: RowAccessPolicyReference + properties: + tableId: + type: string + description: Required. The ID of the table containing this row access policy. + policyId: type: string - connectionProperties: description: >- - Optional. Connection properties which can modify the load job - behavior. Currently, only the 'session_id' connection property is - supported, and is used to resolve _SESSION appearing as the dataset - id. - items: - $ref: '#/components/schemas/ConnectionProperty' - type: array - copyFilesOnly: - description: >- - Optional. [Experimental] Configures the load job to copy files - directly to the destination BigLake managed table, bypassing file - content reading and rewriting. Copying files only is supported when - all the following are true: * `source_uris` are located in the same - Cloud Storage location as the destination table's `storage_uri` - location. * `source_format` is `PARQUET`. * `destination_table` is - an existing BigLake managed table. The table's schema does not have - flexible column names. The table's columns do not have type - parameters other than precision and scale. * No options other than - the above are specified. - type: boolean - createDisposition: - description: >- - Optional. Specifies whether the job is allowed to create new tables. - The following values are supported: * CREATE_IF_NEEDED: If the table - does not exist, BigQuery creates the table. * CREATE_NEVER: The - table must already exist. If it does not, a 'notFound' error is - returned in the job result. The default value is CREATE_IF_NEEDED. - Creation, truncation and append actions occur as one atomic update - upon job completion. + Required. The ID of the row access policy. The ID must contain only + letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum + length is 256 characters. + projectId: + description: Required. The ID of the project containing this row access policy. type: string - createSession: + datasetId: + description: Required. The ID of the dataset containing this row access policy. + type: string + BiEngineStatistics: + id: BiEngineStatistics + type: object + properties: + accelerationMode: + enum: + - BI_ENGINE_ACCELERATION_MODE_UNSPECIFIED + - BI_ENGINE_DISABLED + - PARTIAL_INPUT + - FULL_INPUT + - FULL_QUERY description: >- - Optional. If this property is true, the job creates a new session - using a randomly generated session_id. To continue using a created - session with subsequent queries, pass the existing session - identifier as a `ConnectionProperty` value. The session identifier - is returned as part of the `SessionInfo` message within the query - statistics. The new session's location will be set to - `Job.JobReference.location` if it is present, otherwise it's set to - the default location based on existing routing logic. - type: boolean - dateFormat: - description: Optional. Date format used for parsing DATE values. + Output only. Specifies which mode of BI Engine acceleration was + performed (if any). type: string - datetimeFormat: - description: Optional. Date format used for parsing DATETIME values. + enumDescriptions: + - BiEngineMode type not specified. + - >- + BI Engine acceleration was attempted but disabled. + bi_engine_reasons specifies a more detailed reason. + - >- + Some inputs were accelerated using BI Engine. See + bi_engine_reasons for why parts of the query were not accelerated. + - All of the query inputs were accelerated using BI Engine. + - All of the query was accelerated using BI Engine. + readOnly: true + biEngineMode: + readOnly: true + description: >- + Output only. Specifies which mode of BI Engine acceleration was + performed (if any). type: string - decimalTargetTypes: + enumDescriptions: + - BiEngineMode type not specified. + - >- + BI Engine disabled the acceleration. bi_engine_reasons specifies a + more detailed reason. + - >- + Part of the query was accelerated using BI Engine. See + bi_engine_reasons for why parts of the query were not accelerated. + - All of the query was accelerated using BI Engine. + enum: + - ACCELERATION_MODE_UNSPECIFIED + - DISABLED + - PARTIAL + - FULL + biEngineReasons: description: >- - Defines the list of possible SQL data types to which the source - decimal values are converted. This list and the precision and the - scale parameters of the decimal field determine the target type. In - the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it - is in the specified list and if it supports the precision and the - scale. STRING supports all precision and scale values. If none of - the listed types supports the precision and the scale, the type - supporting the widest range in the specified list is picked, and if - a value exceeds the supported range when reading the data, an error - will be thrown. Example: Suppose the value of this field is - ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: * (38,9) -> - NUMERIC; * (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer - digits); * (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional - digits); * (76,38) -> BIGNUMERIC; * (77,38) -> BIGNUMERIC (error if - value exceeds supported range). This field cannot contain duplicate - types. The order of the types in this field is ignored. For example, - ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] - and NUMERIC always takes precedence over BIGNUMERIC. Defaults to - ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file - formats. + In case of DISABLED or PARTIAL bi_engine_mode, these contain the + explanatory reasons as to why BI Engine could not accelerate. In + case the full query was accelerated, this field is not populated. items: - enum: - - DECIMAL_TARGET_TYPE_UNSPECIFIED - - NUMERIC - - BIGNUMERIC - - STRING - enumDescriptions: - - Invalid type. - - Decimal values could be converted to NUMERIC type. - - Decimal values could be converted to BIGNUMERIC type. - - Decimal values could be converted to STRING type. - type: string + $ref: '#/components/schemas/BiEngineReason' type: array - destinationEncryptionConfiguration: - $ref: '#/components/schemas/EncryptionConfiguration' - description: Custom encryption configuration (e.g., Cloud KMS keys) - destinationTable: - $ref: '#/components/schemas/TableReference' - description: '[Required] The destination table to load the data into.' - destinationTableProperties: - $ref: '#/components/schemas/DestinationTableProperties' + description: >- + Statistics for a BI Engine specific query. Populated as part of + JobStatistics2 + ClusterInfo: + properties: + clusterRadius: + format: double description: >- - Optional. [Experimental] Properties with which to create the - destination table if it is new. - encoding: + Cluster radius, the average distance from centroid to each point + assigned to the cluster. + type: number + centroidId: + description: Centroid id. + format: int64 + type: string + clusterSize: + type: string + format: int64 + description: Cluster size, the total number of points assigned to the cluster. + id: ClusterInfo + type: object + description: Information about a single cluster for clustering model. + ProjectReference: + id: ProjectReference + properties: + projectId: description: >- - Optional. The character encoding of the data. The supported values - are UTF-8, ISO-8859-1, UTF-16BE, UTF-16LE, UTF-32BE, and UTF-32LE. - The default value is UTF-8. BigQuery decodes the data after the raw, - binary data has been split using the values of the `quote` and - `fieldDelimiter` properties. If you don't specify an encoding, or if - you specify a UTF-8 encoding when the CSV file is not UTF-8 encoded, - BigQuery attempts to convert the data to UTF-8. Generally, your data - loads successfully, but it may not match byte-for-byte what you - expect. To avoid this, specify the correct encoding by using the - `--encoding` flag. If BigQuery can't convert a character other than - the ASCII `0` character, BigQuery converts the character to the - standard Unicode replacement character: �. + Required. ID of the project. Can be either the numeric ID or the + assigned ID of the project. type: string - fieldDelimiter: + description: A unique reference to a project. + type: object + TransformColumn: + description: Information about a single transform column. + properties: + transformSql: + description: Output only. The SQL expression used in the column transform. + type: string + readOnly: true + type: + $ref: '#/components/schemas/StandardSqlDataType' + description: Output only. Data type of the column after the transform. + readOnly: true + name: + description: Output only. Name of the column. + readOnly: true + type: string + type: object + id: TransformColumn + StandardSqlField: + type: object + id: StandardSqlField + description: A field or a column. + properties: + type: description: >- - Optional. The separator character for fields in a CSV file. The - separator is interpreted as a single byte. For files encoded in - ISO-8859-1, any single character can be used as a separator. For - files encoded in UTF-8, characters represented in decimal range - 1-127 (U+0001-U+007F) can be used without any modification. UTF-8 - characters encoded with multiple bytes (i.e. U+0080 and above) will - have only the first byte used for separating fields. The remaining - bytes will be treated as a part of the field. BigQuery also supports - the escape sequence "\t" (U+0009) to specify a tab separator. The - default value is comma (",", U+002C). + Optional. The type of this parameter. Absent if not explicitly + specified (e.g., CREATE FUNCTION statement can omit the return type; + in this case the output parameter does not have this "type" field). + $ref: '#/components/schemas/StandardSqlDataType' + name: + description: Optional. The name of this field. Can be absent for struct fields. type: string - fileSetSpecType: + StandardSqlDataType: + id: StandardSqlDataType + properties: + typeKind: description: >- - Optional. Specifies how source URIs are interpreted for constructing - the file set to load. By default, source URIs are expanded against - the underlying storage. You can also specify manifest files to - control how the file set is constructed. This option is only - applicable to object storage systems. - enum: - - FILE_SET_SPEC_TYPE_FILE_SYSTEM_MATCH - - FILE_SET_SPEC_TYPE_NEW_LINE_DELIMITED_MANIFEST + Required. The top level type of this field. Can be any GoogleSQL + data type (e.g., "INT64", "DATE", "ARRAY"). enumDescriptions: + - Invalid type. + - Encoded as a string in decimal format. + - Encoded as a boolean "false" or "true". + - Encoded as a number, or string "NaN", "Infinity" or "-Infinity". + - Encoded as a string value. + - Encoded as a base64 string per RFC 4648, section 4. - >- - This option expands source URIs by listing files from the object - store. It is the default behavior if FileSetSpecType is not set. + Encoded as an RFC 3339 timestamp with mandatory "Z" time zone + string: 1985-04-12T23:20:50.52Z + - 'Encoded as RFC 3339 full-date format string: 1985-04-12' + - 'Encoded as RFC 3339 partial-time format string: 23:20:50.52' - >- - This option indicates that the provided URIs are newline-delimited - manifest files, with one URI per line. Wildcard URIs are not - supported. - type: string - hivePartitioningOptions: - $ref: '#/components/schemas/HivePartitioningOptions' - description: >- - Optional. When set, configures hive partitioning support. Not all - storage formats support hive partitioning -- requesting hive - partitioning on an unsupported format will lead to an error, as will - providing an invalid specification. - ignoreUnknownValues: - description: >- - Optional. Indicates if BigQuery should allow extra values that are - not represented in the table schema. If true, the extra values are - ignored. If false, records with extra columns are treated as bad - records, and if there are too many bad records, an invalid error is - returned in the job result. The default value is false. The - sourceFormat property determines what BigQuery treats as an extra - value: CSV: Trailing columns JSON: Named values that don't match any - column names in the table schema Avro, Parquet, ORC: Fields in the - file schema that don't exist in the table schema. - type: boolean - jsonExtension: - description: >- - Optional. Load option to be used together with source_format - newline-delimited JSON to indicate that a variant of JSON is being - loaded. To load newline-delimited GeoJSON, specify GEOJSON (and - source_format must be set to NEWLINE_DELIMITED_JSON). - enum: - - JSON_EXTENSION_UNSPECIFIED - - GEOJSON - enumDescriptions: + Encoded as RFC 3339 full-date "T" partial-time: + 1985-04-12T23:20:50.52 + - 'Encoded as fully qualified 3 part: 0-5 15 2:30:45.6' + - Encoded as WKT + - Encoded as a decimal string. + - Encoded as a decimal string. + - Encoded as a string. + - Encoded as a list with types matching Type.array_type. - >- - The default if provided value is not one included in the enum, or - the value is not specified. The source format is parsed without - any modification. + Encoded as a list with fields of type Type.struct_type[i]. List is + used because a JSON object cannot have duplicate field names. - >- - Use GeoJSON variant of JSON. See - https://tools.ietf.org/html/rfc7946. + Encoded as a pair with types matching range_element_type. Pairs + must begin with "[", end with ")", and be separated by ", ". + enum: + - TYPE_KIND_UNSPECIFIED + - INT64 + - BOOL + - FLOAT64 + - STRING + - BYTES + - TIMESTAMP + - DATE + - TIME + - DATETIME + - INTERVAL + - GEOGRAPHY + - NUMERIC + - BIGNUMERIC + - JSON + - ARRAY + - STRUCT + - RANGE type: string - maxBadRecords: - description: >- - Optional. The maximum number of bad records that BigQuery can ignore - when running the job. If the number of bad records exceeds this - value, an invalid error is returned in the job result. The default - value is 0, which requires that all records are valid. This is only - supported for CSV and NEWLINE_DELIMITED_JSON file formats. - format: int32 - type: integer - nullMarker: - description: >- - Optional. Specifies a string that represents a null value in a CSV - file. For example, if you specify "\N", BigQuery interprets "\N" as - a null value when loading a CSV file. The default value is the empty - string. If you set this property to a custom value, BigQuery throws - an error if an empty string is present for all data types except for - STRING and BYTE. For STRING and BYTE columns, BigQuery interprets - the empty string as an empty value. + arrayElementType: + $ref: '#/components/schemas/StandardSqlDataType' + description: The type of the array's elements, if type_kind = "ARRAY". + rangeElementType: + $ref: '#/components/schemas/StandardSqlDataType' + description: The type of the range's elements, if type_kind = "RANGE". + structType: + $ref: '#/components/schemas/StandardSqlStructType' + description: The fields of this struct, in order, if type_kind = "STRUCT". + type: object + description: >- + The data type of a variable such as a function argument. Examples + include: * INT64: `{"typeKind": "INT64"}` * ARRAY: { "typeKind": + "ARRAY", "arrayElementType": {"typeKind": "STRING"} } * STRUCT>: { + "typeKind": "STRUCT", "structType": { "fields": [ { "name": "x", "type": + {"typeKind": "STRING"} }, { "name": "y", "type": { "typeKind": "ARRAY", + "arrayElementType": {"typeKind": "DATE"} } } ] } } * RANGE: { + "typeKind": "RANGE", "rangeElementType": {"typeKind": "DATE"} } + PrincipalComponentInfo: + type: object + properties: + principalComponentId: + description: Id of the principal component. type: string - nullMarkers: - description: >- - Optional. A list of strings represented as SQL NULL value in a CSV - file. null_marker and null_markers can't be set at the same time. If - null_marker is set, null_markers has to be not set. If null_markers - is set, null_marker has to be not set. If both null_marker and - null_markers are set at the same time, a user error would be thrown. - Any strings listed in null_markers, including empty string would be - interpreted as SQL NULL. This applies to all column types. - items: - type: string - type: array - parquetOptions: - $ref: '#/components/schemas/ParquetOptions' - description: >- - Optional. Additional properties to set if sourceFormat is set to - PARQUET. - preserveAsciiControlCharacters: + format: int64 + explainedVariance: + type: number description: >- - Optional. When sourceFormat is set to "CSV", this indicates whether - the embedded ASCII control characters (the first 32 characters in - the ASCII-table, from '\x00' to '\x1F') are preserved. - type: boolean - projectionFields: + Explained variance by this principal component, which is simply the + eigenvalue. + format: double + explainedVarianceRatio: + description: Explained_variance over the total explained variance. + type: number + format: double + cumulativeExplainedVarianceRatio: description: >- - If sourceFormat is set to "DATASTORE_BACKUP", indicates which entity - properties to load into BigQuery from a Cloud Datastore backup. - Property names are case sensitive and must be top-level properties. - If no properties are specified, BigQuery loads all properties. If - any named property isn't found in the Cloud Datastore backup, an - invalid error is returned in the job result. + The explained_variance is pre-ordered in the descending order to + compute the cumulative explained variance ratio. + type: number + format: double + description: >- + Principal component infos, used only for eigen decomposition based + models, e.g., PCA. Ordered by explained_variance in the descending + order. + id: PrincipalComponentInfo + MetadataCacheStatistics: + id: MetadataCacheStatistics + properties: + tableMetadataCacheUsage: items: - type: string + $ref: '#/components/schemas/TableMetadataCacheUsage' type: array - quote: - default: '"' description: >- - Optional. The value that is used to quote data sections in a CSV - file. BigQuery converts the string to ISO-8859-1 encoding, and then - uses the first byte of the encoded string to split the data in its - raw, binary state. The default value is a double-quote ('"'). If - your data does not contain quoted sections, set the property value - to an empty string. If your data contains quoted newline characters, - you must also set the allowQuotedNewlines property to true. To - include the specific quote character within a quoted value, precede - it with an additional matching quote character. For example, if you - want to escape the default character ' " ', use ' "" '. @default " - pattern: .? + Set for the Metadata caching eligible tables referenced in the + query. + type: object + description: Statistics for metadata caching in queried tables. + QueryRequest: + properties: + kind: + default: bigquery#queryRequest + description: The resource type of the request. type: string - rangePartitioning: - $ref: '#/components/schemas/RangePartitioning' - description: >- - Range partitioning specification for the destination table. Only one - of timePartitioning and rangePartitioning should be specified. - referenceFileSchemaUri: + location: description: >- - Optional. The user can provide a reference file with the reader - schema. This file is only loaded if it is part of source URIs, but - is not loaded otherwise. It is enabled for the following formats: - AVRO, PARQUET, ORC. + The geographic location where the job should run. For more + information, see how to [specify + locations](https://cloud.google.com/bigquery/docs/locations#specify_locations). type: string - schema: - $ref: '#/components/schemas/TableSchema' - description: >- - Optional. The schema for the destination table. The schema can be - omitted if the destination table already exists, or if you're - loading data from Google Cloud Datastore. - schemaInline: + jobTimeoutMs: description: >- - [Deprecated] The inline schema. For CSV schemas, specify as - "Field1:Type1[,Field2:Type2]*". For example, "foo:STRING, - bar:INTEGER, baz:FLOAT". - type: string - schemaInlineFormat: - description: '[Deprecated] The format of the schemaInline property.' + Optional. Job timeout in milliseconds. If this time limit is + exceeded, BigQuery will attempt to stop a longer job, but may not + always succeed in canceling it before the job completes. For + example, a job that takes more than 60 seconds to complete has a + better chance of being stopped than a job that takes 10 seconds to + complete. This timeout applies to the query even if a job does not + need to be created. + format: int64 type: string - schemaUpdateOptions: + query: description: >- - Allows the schema of the destination table to be updated as a side - effect of the load job if a schema is autodetected or supplied in - the job configuration. Schema update options are supported in two - cases: when writeDisposition is WRITE_APPEND; when writeDisposition - is WRITE_TRUNCATE and the destination table is a partition of a - table, specified by partition decorators. For normal tables, - WRITE_TRUNCATE will always overwrite the schema. One or more of the - following values are specified: * ALLOW_FIELD_ADDITION: allow adding - a nullable field to the schema. * ALLOW_FIELD_RELAXATION: allow - relaxing a required field in the original schema to nullable. + Required. A query string to execute, using Google Standard SQL or + legacy SQL syntax. Example: "SELECT COUNT(f1) FROM + myProjectId.myDatasetId.myTableId". + type: string + formatOptions: + $ref: '#/components/schemas/DataFormatOptions' + description: Optional. Output format adjustments. + queryParameters: items: - type: string + $ref: '#/components/schemas/QueryParameter' + description: Query parameters for GoogleSQL queries. type: array - skipLeadingRows: - description: >- - Optional. The number of rows at the top of a CSV file that BigQuery - will skip when loading the data. The default value is 0. This - property is useful if you have header rows in the file that should - be skipped. When autodetect is on, the behavior is the following: * - skipLeadingRows unspecified - Autodetect tries to detect headers in - the first row. If they are not detected, the row is read as data. - Otherwise data is read starting from the second row. * - skipLeadingRows is 0 - Instructs autodetect that there are no - headers and data should be read starting from the first row. * - skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to - detect headers in row N. If headers are not detected, row N is just - skipped. Otherwise row N is used to extract column names for the - detected schema. + maxSlots: format: int32 + description: >- + Optional. A target limit on the rate of slot consumption by this + query. If set to a value > 0, BigQuery will attempt to limit the + rate of slot consumption by this query to keep it below the + configured limit, even if the query is eligible for more slots based + on fair scheduling. The unused slots will be available for other + jobs and queries to use. Note: This feature is not yet generally + available. type: integer - sourceColumnMatch: + preserveNulls: + deprecated: true + type: boolean + description: This property is deprecated. + createSession: description: >- - Optional. Controls the strategy used to match loaded columns to the - schema. If not set, a sensible default is chosen based on how the - schema is provided. If autodetect is used, then columns are matched - by name. Otherwise, columns are matched by position. This is done to - keep the behavior backward-compatible. + Optional. If true, creates a new session using a randomly generated + session_id. If false, runs query with an existing session_id passed + in ConnectionProperty, otherwise runs query in non-session mode. The + session location will be set to QueryRequest.location if it is + present, otherwise it's set to the default location based on + existing routing logic. + type: boolean + timeoutMs: + format: uint32 + type: integer + description: >- + Optional. Optional: Specifies the maximum amount of time, in + milliseconds, that the client is willing to wait for the query to + complete. By default, this limit is 10 seconds (10,000 + milliseconds). If the query is complete, the jobComplete field in + the response is true. If the query has not yet completed, + jobComplete is false. You can request a longer timeout period in the + timeoutMs field. However, the call is not guaranteed to wait for the + specified timeout; it typically returns after around 200 seconds + (200,000 milliseconds), even if the query is not complete. If + jobComplete is false, you can continue to wait for the query to + complete by calling the getQueryResults method until the jobComplete + field in the getQueryResults response is true. + useLegacySql: + default: 'true' + description: >- + Specifies whether to use BigQuery's legacy SQL dialect for this + query. The default value is true. If set to false, the query will + use BigQuery's GoogleSQL: + https://cloud.google.com/bigquery/sql-reference/ When useLegacySql + is set to false, the value of flattenResults is ignored; query will + be run as if flattenResults is false. + type: boolean + parameterMode: + description: >- + GoogleSQL only. Set to POSITIONAL to use positional (?) query + parameters or to NAMED to use named (@myparam) query parameters in + this query. + type: string + jobCreationMode: enum: - - SOURCE_COLUMN_MATCH_UNSPECIFIED - - POSITION - - NAME + - JOB_CREATION_MODE_UNSPECIFIED + - JOB_CREATION_REQUIRED + - JOB_CREATION_OPTIONAL + type: string + description: >- + Optional. If not set, jobs are always required. If set, the query + request will follow the behavior described JobCreationMode. enumDescriptions: + - If unspecified JOB_CREATION_REQUIRED is the default. + - Default. Job creation is always required. - >- - Uses sensible defaults based on how the schema is provided. If - autodetect is used, then columns are matched by name. Otherwise, - columns are matched by position. This is done to keep the behavior - backward-compatible. - - >- - Matches by position. This assumes that the columns are ordered the - same way as the schema. - - >- - Matches by name. This reads the header row as column names and - reorders columns to match the field names in the schema. + Job creation is optional. Returning immediate results is + prioritized. BigQuery will automatically determine if a Job needs + to be created. The conditions under which BigQuery can decide to + not create a Job are subject to change. If Job creation is + required, JOB_CREATION_REQUIRED mode should be used, which is the + default. + maximumBytesBilled: type: string - sourceFormat: description: >- - Optional. The format of the data files. For CSV files, specify - "CSV". For datastore backups, specify "DATASTORE_BACKUP". For - newline-delimited JSON, specify "NEWLINE_DELIMITED_JSON". For Avro, - specify "AVRO". For parquet, specify "PARQUET". For orc, specify - "ORC". The default value is CSV. + Optional. Limits the bytes billed for this query. Queries with bytes + billed above this limit will fail (without incurring a charge). If + unspecified, the project default is used. + format: int64 + useQueryCache: + default: 'true' + type: boolean + description: >- + Optional. Whether to look for the result in the query cache. The + query cache is a best-effort cache that will be flushed whenever + tables in the query are modified. The default value is true. + requestId: + description: >- + Optional. A unique user provided identifier to ensure idempotent + behavior for queries. Note that this is different from the job_id. + It has the following properties: 1. It is case-sensitive, limited to + up to 36 ASCII characters. A UUID is recommended. 2. Read only + queries can ignore this token since they are nullipotent by + definition. 3. For the purposes of idempotency ensured by the + request_id, a request is considered duplicate of another only if + they have the same request_id and are actually duplicates. When + determining whether a request is a duplicate of another request, all + parameters in the request that may affect the result are considered. + For example, query, connection_properties, query_parameters, + use_legacy_sql are parameters that affect the result and are + considered when determining whether a request is a duplicate, but + properties like timeout_ms don't affect the result and are thus not + considered. Dry run query requests are never considered duplicate of + another request. 4. When a duplicate mutating query request is + detected, it returns: a. the results of the mutation if it completes + successfully within the timeout. b. the running operation if it is + still in progress at the end of the timeout. 5. Its lifetime is + limited to 15 minutes. In other words, if two requests are sent with + the same request_id, but more than 15 minutes apart, idempotency is + not guaranteed. type: string - sourceUris: + maxResults: + format: uint32 description: >- - [Required] The fully-qualified URIs that point to your data in - Google Cloud. For Google Cloud Storage URIs: Each URI can contain - one '*' wildcard character and it must come after the 'bucket' name. - Size limits related to load jobs apply to external data sources. For - Google Cloud Bigtable URIs: Exactly one URI can be specified and it - has be a fully specified and valid HTTPS URL for a Google Cloud - Bigtable table. For Google Cloud Datastore backups: Exactly one URI - can be specified. Also, the '*' wildcard character is not allowed. + Optional. The maximum number of rows of data to return per page of + results. Setting this flag to a small value such as 1000 and then + paging through results might improve reliability when the query + result set is large. In addition to this limit, responses are also + limited to 10 MB. By default, there is no maximum row count, and + only the byte limit applies. + type: integer + continuous: + description: >- + [Optional] Specifies whether the query should be executed as a + continuous query. The default value is false. + type: boolean + connectionProperties: items: - type: string + $ref: '#/components/schemas/ConnectionProperty' + description: Optional. Connection properties which can modify the query behavior. type: array - timeFormat: - description: Optional. Date format used for parsing TIME values. - type: string - timePartitioning: - $ref: '#/components/schemas/TimePartitioning' + destinationEncryptionConfiguration: + description: Optional. Custom encryption configuration (e.g., Cloud KMS keys) + $ref: '#/components/schemas/EncryptionConfiguration' + defaultDataset: description: >- - Time-based partitioning specification for the destination table. - Only one of timePartitioning and rangePartitioning should be - specified. - timeZone: + Optional. Specifies the default datasetId and projectId to assume + for any unqualified table names in the query. If not set, all table + names in the query string must be qualified in the format + 'datasetId.tableId'. + $ref: '#/components/schemas/DatasetReference' + writeIncrementalResults: description: >- - Optional. Default time zone that will apply when parsing timestamp - values that have no specific time zone. - type: string - timestampFormat: - description: Optional. Date format used for parsing TIMESTAMP values. - type: string - useAvroLogicalTypes: + Optional. This is only supported for SELECT query. If set, the query + is allowed to write results incrementally to the temporary result + table. This may incur a performance penalty. This option cannot be + used with Legacy SQL. This feature is not yet available. + type: boolean + labels: + additionalProperties: + type: string description: >- - Optional. If sourceFormat is set to "AVRO", indicates whether to - interpret logical types as the corresponding BigQuery data type (for - example, TIMESTAMP), instead of using the raw type (for example, - INTEGER). + Optional. The labels associated with this query. Labels can be used + to organize and group query jobs. Label keys and values can be no + longer than 63 characters, can only contain lowercase letters, + numeric characters, underscores and dashes. International characters + are allowed. Label keys must start with a letter and each label in + the list must have a different key. + type: object + dryRun: type: boolean - writeDisposition: description: >- - Optional. Specifies the action that occurs if the destination table - already exists. The following values are supported: * - WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the - data, removes the constraints and uses the schema from the load job. - * WRITE_TRUNCATE_DATA: If the table already exists, BigQuery - overwrites the data, but keeps the constraints and schema of the - existing table. * WRITE_APPEND: If the table already exists, - BigQuery appends the data to the table. * WRITE_EMPTY: If the table - already exists and contains data, a 'duplicate' error is returned in - the job result. The default value is WRITE_APPEND. Each action is - atomic and only occurs if BigQuery is able to complete the job - successfully. Creation, truncation and append actions occur as one - atomic update upon job completion. + Optional. If set to true, BigQuery doesn't run the job. Instead, if + the query is valid, BigQuery returns statistics about the job such + as how many bytes would be processed. If the query is invalid, an + error returns. The default value is false. + reservation: + description: >- + Optional. The reservation that jobs.query request would use. User + can specify a reservation to execute the job.query. The expected + format is + `projects/{project}/locations/{location}/reservations/{reservation}`. type: string + id: QueryRequest + type: object + description: Describes the format of the jobs.query request. + StandardSqlTableType: + type: object + description: A table type + id: StandardSqlTableType + properties: + columns: + items: + $ref: '#/components/schemas/StandardSqlField' + type: array + description: The columns in this table type + FeatureValue: + description: Representative value of a single feature within the cluster. type: object + id: FeatureValue + properties: + featureColumn: + type: string + description: The feature column name. + numericalValue: + type: number + description: >- + The numerical feature value. This is the centroid value for this + feature. + format: double + categoricalValue: + $ref: '#/components/schemas/CategoricalValue' + description: The categorical feature value. JobConfigurationQuery: + type: object description: JobConfigurationQuery configures a BigQuery query job. id: JobConfigurationQuery properties: - allowLargeResults: - default: 'false' - description: >- - Optional. If true and query uses legacy SQL dialect, allows the - query to produce arbitrarily large result tables at a slight cost in - performance. Requires destinationTable to be set. For GoogleSQL - queries, this flag is ignored and large results are always allowed. - However, you must still set destinationTable when result size - exceeds the allowed maximum response size. - type: boolean clustering: $ref: '#/components/schemas/Clustering' description: Clustering specification for the destination table. - connectionProperties: - description: Connection properties which can modify the query behavior. - items: - $ref: '#/components/schemas/ConnectionProperty' - type: array - continuous: + useLegacySql: description: >- - [Optional] Specifies whether the query should be executed as a - continuous query. The default value is false. + Optional. Specifies whether to use BigQuery's legacy SQL dialect for + this query. The default value is true. If set to false, the query + will use BigQuery's GoogleSQL: + https://cloud.google.com/bigquery/sql-reference/ When useLegacySql + is set to false, the value of flattenResults is ignored; query will + be run as if flattenResults is false. + default: 'true' type: boolean - createDisposition: - description: >- - Optional. Specifies whether the job is allowed to create new tables. - The following values are supported: * CREATE_IF_NEEDED: If the table - does not exist, BigQuery creates the table. * CREATE_NEVER: The - table must already exist. If it does not, a 'notFound' error is - returned in the job result. The default value is CREATE_IF_NEEDED. - Creation, truncation and append actions occur as one atomic update - upon job completion. + maximumBytesBilled: + format: int64 type: string - createSession: description: >- - If this property is true, the job creates a new session using a - randomly generated session_id. To continue using a created session - with subsequent queries, pass the existing session identifier as a - `ConnectionProperty` value. The session identifier is returned as - part of the `SessionInfo` message within the query statistics. The - new session's location will be set to `Job.JobReference.location` if - it is present, otherwise it's set to the default location based on - existing routing logic. - type: boolean - defaultDataset: - $ref: '#/components/schemas/DatasetReference' + Limits the bytes billed for this job. Queries that will have bytes + billed beyond this limit will fail (without incurring a charge). If + unspecified, this will be set to your project default. + rangePartitioning: + $ref: '#/components/schemas/RangePartitioning' description: >- - Optional. Specifies the default dataset to use for unqualified table - names in the query. This setting does not alter behavior of - unqualified dataset names. Setting the system variable - `@@dataset_id` achieves the same behavior. See - https://cloud.google.com/bigquery/docs/reference/system-variables - for more information on system variables. - destinationEncryptionConfiguration: - $ref: '#/components/schemas/EncryptionConfiguration' - description: Custom encryption configuration (e.g., Cloud KMS keys) - destinationTable: - $ref: '#/components/schemas/TableReference' + Range partitioning specification for the destination table. Only one + of timePartitioning and rangePartitioning should be specified. + tableDefinitions: + additionalProperties: + $ref: '#/components/schemas/ExternalDataConfiguration' description: >- - Optional. Describes the table where the query results should be - stored. This property must be set for large results that exceed the - maximum response size. For queries that produce anonymous (cached) - results, this field will be populated by BigQuery. - flattenResults: - default: 'true' + Optional. You can specify external table definitions, which operate + as ephemeral tables that can be queried. These definitions are + configured using a JSON map, where the string key represents the + table identifier, and the value is the corresponding external data + configuration object. + type: object + writeIncrementalResults: description: >- - Optional. If true and query uses legacy SQL dialect, flattens all - nested and repeated fields in the query results. allowLargeResults - must be true if this is set to false. For GoogleSQL queries, this - flag is ignored and results are never flattened. + Optional. This is only supported for a SELECT query using a + temporary table. If set, the query is allowed to write results + incrementally to the temporary result table. This may incur a + performance penalty. This option cannot be used with Legacy SQL. + This feature is not yet available. type: boolean maximumBillingTier: default: '1' + format: int32 description: >- Optional. [Deprecated] Maximum billing tier allowed for this query. The billing tier controls the amount of compute resources allotted @@ -4171,61 +4164,35 @@ components: billed byte amount can be multiplied by an amount up to this number! Most users should not need to alter this setting, and we recommend that you avoid introducing new uses of it. - format: int32 type: integer - maximumBytesBilled: - description: >- - Limits the bytes billed for this job. Queries that will have bytes - billed beyond this limit will fail (without incurring a charge). If - unspecified, this will be set to your project default. - format: int64 - type: string - parameterMode: - description: >- - GoogleSQL only. Set to POSITIONAL to use positional (?) query - parameters or to NAMED to use named (@myparam) query parameters in - this query. - type: string - preserveNulls: - description: '[Deprecated] This property is deprecated.' + allowLargeResults: + default: 'false' type: boolean + description: >- + Optional. If true and query uses legacy SQL dialect, allows the + query to produce arbitrarily large result tables at a slight cost in + performance. Requires destinationTable to be set. For GoogleSQL + queries, this flag is ignored and large results are always allowed. + However, you must still set destinationTable when result size + exceeds the allowed maximum response size. priority: description: >- Optional. Specifies a priority for the query. Possible values include INTERACTIVE and BATCH. The default value is INTERACTIVE. type: string - query: + destinationTable: + $ref: '#/components/schemas/TableReference' description: >- - [Required] SQL query text to execute. The useLegacySql field can be - used to indicate whether the query uses legacy SQL or GoogleSQL. + Optional. Describes the table where the query results should be + stored. This property must be set for large results that exceed the + maximum response size. For queries that produce anonymous (cached) + results, this field will be populated by BigQuery. + parameterMode: type: string - queryParameters: - description: Query parameters for GoogleSQL queries. - items: - $ref: '#/components/schemas/QueryParameter' - type: array - rangePartitioning: - $ref: '#/components/schemas/RangePartitioning' - description: >- - Range partitioning specification for the destination table. Only one - of timePartitioning and rangePartitioning should be specified. - schemaUpdateOptions: description: >- - Allows the schema of the destination table to be updated as a side - effect of the query job. Schema update options are supported in two - cases: when writeDisposition is WRITE_APPEND; when writeDisposition - is WRITE_TRUNCATE and the destination table is a partition of a - table, specified by partition decorators. For normal tables, - WRITE_TRUNCATE will always overwrite the schema. One or more of the - following values are specified: * ALLOW_FIELD_ADDITION: allow adding - a nullable field to the schema. * ALLOW_FIELD_RELAXATION: allow - relaxing a required field in the original schema to nullable. - items: - type: string - type: array - scriptOptions: - $ref: '#/components/schemas/ScriptOptions' - description: Options controlling the execution of scripts. + GoogleSQL only. Set to POSITIONAL to use positional (?) query + parameters or to NAMED to use named (@myparam) query parameters in + this query. systemVariables: $ref: '#/components/schemas/SystemVariables' description: >- @@ -4234,34 +4201,7 @@ components: from the system default. "@@" prefix is not included in the name of the System variables. readOnly: true - tableDefinitions: - additionalProperties: - $ref: '#/components/schemas/ExternalDataConfiguration' - description: >- - Optional. You can specify external table definitions, which operate - as ephemeral tables that can be queried. These definitions are - configured using a JSON map, where the string key represents the - table identifier, and the value is the corresponding external data - configuration object. - type: object - timePartitioning: - $ref: '#/components/schemas/TimePartitioning' - description: >- - Time-based partitioning specification for the destination table. - Only one of timePartitioning and rangePartitioning should be - specified. - useLegacySql: - default: 'true' - description: >- - Optional. Specifies whether to use BigQuery's legacy SQL dialect for - this query. The default value is true. If set to false, the query - will use BigQuery's GoogleSQL: - https://cloud.google.com/bigquery/sql-reference/ When useLegacySql - is set to false, the value of flattenResults is ignored; query will - be run as if flattenResults is false. - type: boolean useQueryCache: - default: 'true' description: >- Optional. Whether to look for the result in the query cache. The query cache is a best-effort cache that will be flushed whenever @@ -4269,11 +4209,30 @@ components: available when a query does not have a destination table specified. The default value is true. type: boolean - userDefinedFunctionResources: - description: Describes user-defined function resources used in the query. + default: 'true' + connectionProperties: + description: Connection properties which can modify the query behavior. items: - $ref: '#/components/schemas/UserDefinedFunctionResource' + $ref: '#/components/schemas/ConnectionProperty' type: array + createDisposition: + description: >- + Optional. Specifies whether the job is allowed to create new tables. + The following values are supported: * CREATE_IF_NEEDED: If the table + does not exist, BigQuery creates the table. * CREATE_NEVER: The + table must already exist. If it does not, a 'notFound' error is + returned in the job result. The default value is CREATE_IF_NEEDED. + Creation, truncation and append actions occur as one atomic update + upon job completion. + type: string + query: + type: string + description: >- + [Required] SQL query text to execute. The useLegacySql field can be + used to indicate whether the query uses legacy SQL or GoogleSQL. + destinationEncryptionConfiguration: + $ref: '#/components/schemas/EncryptionConfiguration' + description: Custom encryption configuration (e.g., Cloud KMS keys) writeDisposition: description: >- Optional. Specifies the action that occurs if the destination table @@ -4290,879 +4249,905 @@ components: successfully. Creation, truncation and append actions occur as one atomic update upon job completion. type: string - writeIncrementalResults: + defaultDataset: + $ref: '#/components/schemas/DatasetReference' description: >- - Optional. This is only supported for a SELECT query using a - temporary table. If set, the query is allowed to write results - incrementally to the temporary result table. This may incur a - performance penalty. This option cannot be used with Legacy SQL. - This feature is not yet available. + Optional. Specifies the default dataset to use for unqualified table + names in the query. This setting does not alter behavior of + unqualified dataset names. Setting the system variable + `@@dataset_id` achieves the same behavior. See + https://cloud.google.com/bigquery/docs/reference/system-variables + for more information on system variables. + queryParameters: + type: array + description: Query parameters for GoogleSQL queries. + items: + $ref: '#/components/schemas/QueryParameter' + continuous: + description: >- + [Optional] Specifies whether the query should be executed as a + continuous query. The default value is false. + type: boolean + createSession: type: boolean - type: object - JobConfigurationTableCopy: - description: >- - JobConfigurationTableCopy configures a job that copies data from one - table to another. For more information on copying tables, see [Copy a - table](https://cloud.google.com/bigquery/docs/managing-tables#copy-table). - id: JobConfigurationTableCopy - properties: - createDisposition: description: >- - Optional. Specifies whether the job is allowed to create new tables. - The following values are supported: * CREATE_IF_NEEDED: If the table - does not exist, BigQuery creates the table. * CREATE_NEVER: The - table must already exist. If it does not, a 'notFound' error is - returned in the job result. The default value is CREATE_IF_NEEDED. - Creation, truncation and append actions occur as one atomic update - upon job completion. - type: string - destinationEncryptionConfiguration: - $ref: '#/components/schemas/EncryptionConfiguration' - description: Custom encryption configuration (e.g., Cloud KMS keys). - destinationExpirationTime: + If this property is true, the job creates a new session using a + randomly generated session_id. To continue using a created session + with subsequent queries, pass the existing session identifier as a + `ConnectionProperty` value. The session identifier is returned as + part of the `SessionInfo` message within the query statistics. The + new session's location will be set to `Job.JobReference.location` if + it is present, otherwise it's set to the default location based on + existing routing logic. + schemaUpdateOptions: description: >- - Optional. The time when the destination table expires. Expired - tables will be deleted and their storage reclaimed. - format: google-datetime - type: string - destinationTable: - $ref: '#/components/schemas/TableReference' - description: '[Required] The destination table.' - operationType: - description: Optional. Supported operation types in table copy job. - enum: - - OPERATION_TYPE_UNSPECIFIED - - COPY - - SNAPSHOT - - RESTORE - - CLONE - enumDescriptions: - - Unspecified operation type. - - The source and destination table have the same table type. - - >- - The source table type is TABLE and the destination table type is - SNAPSHOT. - - >- - The source table type is SNAPSHOT and the destination table type - is TABLE. - - >- - The source and destination table have the same table type, but - only bill for unique data. - type: string - sourceTable: - $ref: '#/components/schemas/TableReference' - description: '[Pick one] Source table to copy.' - sourceTables: - description: '[Pick one] Source tables to copy.' + Allows the schema of the destination table to be updated as a side + effect of the query job. Schema update options are supported in + three cases: when writeDisposition is WRITE_APPEND; when + writeDisposition is WRITE_TRUNCATE_DATA; when writeDisposition is + WRITE_TRUNCATE and the destination table is a partition of a table, + specified by partition decorators. For normal tables, WRITE_TRUNCATE + will always overwrite the schema. One or more of the following + values are specified: * ALLOW_FIELD_ADDITION: allow adding a + nullable field to the schema. * ALLOW_FIELD_RELAXATION: allow + relaxing a required field in the original schema to nullable. items: - $ref: '#/components/schemas/TableReference' + type: string type: array - writeDisposition: + flattenResults: + type: boolean + default: 'true' description: >- - Optional. Specifies the action that occurs if the destination table - already exists. The following values are supported: * - WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the - table data and uses the schema and table constraints from the source - table. * WRITE_APPEND: If the table already exists, BigQuery appends - the data to the table. * WRITE_EMPTY: If the table already exists - and contains data, a 'duplicate' error is returned in the job - result. The default value is WRITE_EMPTY. Each action is atomic and - only occurs if BigQuery is able to complete the job successfully. - Creation, truncation and append actions occur as one atomic update - upon job completion. - type: string + Optional. If true and query uses legacy SQL dialect, flattens all + nested and repeated fields in the query results. allowLargeResults + must be true if this is set to false. For GoogleSQL queries, this + flag is ignored and results are never flattened. + timePartitioning: + description: >- + Time-based partitioning specification for the destination table. + Only one of timePartitioning and rangePartitioning should be + specified. + $ref: '#/components/schemas/TimePartitioning' + preserveNulls: + description: '[Deprecated] This property is deprecated.' + type: boolean + scriptOptions: + $ref: '#/components/schemas/ScriptOptions' + description: Options controlling the execution of scripts. + userDefinedFunctionResources: + type: array + items: + $ref: '#/components/schemas/UserDefinedFunctionResource' + description: Describes user-defined function resources used in the query. + ScriptStatistics: type: object - JobCreationReason: - description: >- - Reason about why a Job was created from a - [`jobs.query`](https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs/query) - method when used with `JOB_CREATION_OPTIONAL` Job creation mode. For - [`jobs.insert`](https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs/insert) - method calls it will always be `REQUESTED`. - id: JobCreationReason + description: Job statistics specific to the child job of a script. properties: - code: - description: Output only. Specifies the high level reason why a Job was created. + stackFrames: + type: array + items: + $ref: '#/components/schemas/ScriptStackFrame' + description: >- + Stack trace showing the line/column/procedure name of each frame on + the stack at the point where the current evaluation happened. The + leaf frame is first, the primary script is last. Never empty. + evaluationKind: enum: - - CODE_UNSPECIFIED - - REQUESTED - - LONG_RUNNING - - LARGE_RESULTS - - OTHER + - EVALUATION_KIND_UNSPECIFIED + - STATEMENT + - EXPRESSION enumDescriptions: - - Reason is not specified. - - Job creation was requested. - - >- - The query request ran beyond a system defined timeout specified by - the [timeoutMs field in the - QueryRequest](https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs/query#queryrequest). - As a result it was considered a long running operation for which a - job was created. - - The results from the query cannot fit in the response. - - >- - BigQuery has determined that the query needs to be executed as a - Job. - readOnly: true + - Default value. + - The statement appears directly in the script. + - The statement evaluates an expression that appears in the script. + description: Whether this child job was a statement or expression. type: string - type: object - JobList: - description: JobList is the response format for a jobs.list call. - id: JobList + id: ScriptStatistics + DataPolicyOption: + description: >- + Data policy option. For more information, see [Mask data by applying + data policies to a + column](https://cloud.google.com/bigquery/docs/column-data-masking#data-policies-on-column/). + id: DataPolicyOption properties: - etag: - description: A hash of this page of results. - type: string - jobs: - description: List of jobs that were requested. - items: - description: >- - ListFormatJob is a partial projection of job information returned - as part of a jobs.list response. - properties: - configuration: - $ref: '#/components/schemas/JobConfiguration' - description: Required. Describes the job configuration. - errorResult: - $ref: '#/components/schemas/ErrorProto' - description: >- - A result object that will be present only if the job has - failed. - id: - description: Unique opaque ID of the job. - type: string - jobReference: - $ref: '#/components/schemas/JobReference' - description: Unique opaque ID of the job. - kind: - description: The resource type. - type: string - principal_subject: - description: >- - [Full-projection-only] String representation of identity of - requesting party. Populated for both first- and third-party - identities. Only present for APIs that support third-party - identities. - type: string - state: - description: >- - Running state of the job. When the state is DONE, errorResult - can be checked to determine whether the job succeeded or - failed. - type: string - statistics: - $ref: '#/components/schemas/JobStatistics' - description: >- - Output only. Information about the job, including starting - time and ending time of the job. - readOnly: true - status: - $ref: '#/components/schemas/JobStatus' - description: '[Full-projection-only] Describes the status of this job.' - user_email: - description: >- - [Full-projection-only] Email address of the user who ran the - job. - type: string - type: object - type: array - kind: - default: bigquery#jobList - description: The resource type of the response. - type: string - nextPageToken: - description: A token to request the next page of results. + name: + description: >- + Data policy resource name in the form of + projects/project_id/locations/location_id/dataPolicies/data_policy_id. type: string - unreachable: + type: object + TableSchema: + properties: + foreignTypeInfo: + $ref: '#/components/schemas/ForeignTypeInfo' description: >- - A list of skipped locations that were unreachable. For more - information about BigQuery locations, see: - https://cloud.google.com/bigquery/docs/locations. Example: - "europe-west5" - items: - type: string + Optional. Specifies metadata of the foreign data type definition in + field schema (TableFieldSchema.foreign_type_definition). + fields: type: array + description: Describes the fields in a table. + items: + $ref: '#/components/schemas/TableFieldSchema' + id: TableSchema + description: Schema of a table type: object - JobReference: - description: A job reference is a fully qualified identifier for referring to a job. - id: JobReference + DimensionalityReductionMetrics: + type: object + description: Model evaluation metrics for dimensionality reduction models. + id: DimensionalityReductionMetrics properties: - jobId: + totalExplainedVarianceRatio: + type: number description: >- - Required. The ID of the job. The ID must contain only letters (a-z, - A-Z), numbers (0-9), underscores (_), or dashes (-). The maximum - length is 1,024 characters. + Total percentage of variance explained by the selected principal + components. + format: double + DestinationTableProperties: + id: DestinationTableProperties + description: Properties for the destination table. + properties: + expirationTime: + format: date-time + description: Internal use only. type: string - location: + labels: + type: object description: >- - Optional. The geographic location of the job. The default value is - US. For more information about BigQuery locations, see: - https://cloud.google.com/bigquery/docs/locations + Optional. The labels associated with this table. You can use these + to organize and group your tables. This will only be used if the + destination table is newly created. If the table already exists and + labels are different than the current labels are provided, the job + will fail. + additionalProperties: + type: string + friendlyName: + description: >- + Optional. Friendly name for the destination table. If the table + already exists, it should be same as the existing friendly name. type: string - projectId: - description: Required. The ID of the project containing this job. + description: + description: >- + Optional. The description for the destination table. This will only + be used if the destination table is newly created. If the table + already exists and a value different than the current description is + provided, the job will fail. type: string type: object - JobStatistics: - description: Statistics for a single job execution. - id: JobStatistics + CloneDefinition: properties: - completionRatio: - description: >- - Output only. [TrustedTester] Job progress (0.0 -> 1.0) for LOAD and - EXTRACT jobs. - format: double - readOnly: true - type: number - copy: - $ref: '#/components/schemas/JobStatistics5' - description: Output only. Statistics for a copy job. - readOnly: true - creationTime: - description: >- - Output only. Creation time of this job, in milliseconds since the - epoch. This field will be present on all jobs. - format: int64 - readOnly: true - type: string - dataMaskingStatistics: - $ref: '#/components/schemas/DataMaskingStatistics' - description: >- - Output only. Statistics for data-masking. Present only for query and - extract jobs. - readOnly: true - edition: + baseTableReference: + description: Required. Reference describing the ID of the table that was cloned. + $ref: '#/components/schemas/TableReference' + cloneTime: description: >- - Output only. Name of edition corresponding to the reservation for - this job at the time of this update. - enum: - - RESERVATION_EDITION_UNSPECIFIED - - STANDARD - - ENTERPRISE - - ENTERPRISE_PLUS - enumDescriptions: - - Default value, which will be treated as ENTERPRISE. - - Standard edition. - - Enterprise edition. - - Enterprise Plus edition. - readOnly: true + Required. The time at which the base table was cloned. This value is + reported in the JSON response using RFC3339 format. + format: date-time type: string - endTime: - description: >- - Output only. End time of this job, in milliseconds since the epoch. - This field will be present whenever a job is in the DONE state. - format: int64 - readOnly: true + type: object + id: CloneDefinition + description: Information about base table and clone time of a table clone. + ForeignViewDefinition: + id: ForeignViewDefinition + properties: + dialect: type: string - extract: - $ref: '#/components/schemas/JobStatistics4' - description: Output only. Statistics for an extract job. - readOnly: true - finalExecutionDurationMs: - description: >- - Output only. The duration in milliseconds of the execution of the - final attempt of this job, as BigQuery may internally re-attempt to - execute the job. - format: int64 - readOnly: true + description: Optional. Represents the dialect of the query. + query: type: string - load: - $ref: '#/components/schemas/JobStatistics3' - description: Output only. Statistics for a load job. - readOnly: true - numChildJobs: - description: Output only. Number of child jobs executed. - format: int64 - readOnly: true + description: Required. The query that defines the view. + description: >- + A view can be represented in multiple ways. Each representation has its + own dialect. This message stores the metadata required for these + representations. + type: object + DatasetReference: + id: DatasetReference + description: Identifier for a dataset. + properties: + projectId: type: string - parentJobId: + description: Optional. The ID of the project containing this dataset. + datasetId: description: >- - Output only. If this is a child job, specifies the job ID of the - parent. - readOnly: true + Required. A unique ID for this dataset, without the project name. + The ID must contain only letters (a-z, A-Z), numbers (0-9), or + underscores (_). The maximum length is 1,024 characters. type: string - query: - $ref: '#/components/schemas/JobStatistics2' - description: Output only. Statistics for a query job. - readOnly: true - quotaDeferments: - description: Output only. Quotas which delayed this job's start time. + type: object + MultiClassClassificationMetrics: + id: MultiClassClassificationMetrics + properties: + confusionMatrixList: + description: Confusion matrix at different thresholds. + type: array items: - type: string - readOnly: true + $ref: '#/components/schemas/ConfusionMatrix' + aggregateClassificationMetrics: + description: Aggregate classification metrics. + $ref: '#/components/schemas/AggregateClassificationMetrics' + type: object + description: Evaluation metrics for multi-class classification/classifier models. + TestIamPermissionsResponse: + description: Response message for `TestIamPermissions` method. + properties: + permissions: type: array - reservationUsage: - deprecated: true description: >- - Output only. Job resource usage breakdown by reservation. This field - reported misleading information and will no longer be populated. + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. items: - description: Job resource usage breakdown by reservation. - properties: - name: - description: >- - Reservation name or "unreserved" for on-demand resource usage - and multi-statement queries. - type: string - slotMs: - description: >- - Total slot milliseconds used by the reservation for a - particular job. - format: int64 - type: string - type: object - readOnly: true - type: array - reservation_id: + type: string + type: object + id: TestIamPermissionsResponse + ArimaModelInfo: + properties: + hasStepChanges: + description: If true, step_changes is a part of time series decomposition result. + type: boolean + arimaCoefficients: + $ref: '#/components/schemas/ArimaCoefficients' + description: Arima coefficients. + hasHolidayEffect: + type: boolean description: >- - Output only. Name of the primary reservation assigned to this job. - Note that this could be different than reservations reported in the - reservation usage field if parent reservations were used to execute - this job. - readOnly: true + If true, holiday_effect is a part of time series decomposition + result. + arimaFittingMetrics: + $ref: '#/components/schemas/ArimaFittingMetrics' + description: Arima fitting metrics. + timeSeriesId: type: string - rowLevelSecurityStatistics: - $ref: '#/components/schemas/RowLevelSecurityStatistics' description: >- - Output only. Statistics for row-level security. Present only for - query and extract jobs. - readOnly: true - scriptStatistics: - $ref: '#/components/schemas/ScriptStatistics' + The time_series_id value for this time series. It will be one of the + unique values from the time_series_id_column specified during ARIMA + model training. Only present when time_series_id_column training + option was used. + timeSeriesIds: + type: array + items: + type: string description: >- - Output only. If this a child job of a script, specifies information - about the context of this job within the script. - readOnly: true - sessionInfo: - $ref: '#/components/schemas/SessionInfo' - description: Output only. Information of the session if this job is part of one. - readOnly: true - startTime: + The tuple of time_series_ids identifying this time series. It will + be one of the unique tuples of values present in the + time_series_id_columns specified during ARIMA model training. Only + present when time_series_id_columns training option was used and the + order of values here are same as the order of + time_series_id_columns. + seasonalPeriods: description: >- - Output only. Start time of this job, in milliseconds since the - epoch. This field will be present when the job transitions from the - PENDING state to either RUNNING or DONE. - format: int64 - readOnly: true - type: string - totalBytesProcessed: - description: Output only. Total bytes processed for the job. - format: int64 - readOnly: true - type: string - totalSlotMs: - description: Output only. Slot-milliseconds for the job. - format: int64 - readOnly: true - type: string - transactionInfo: - $ref: '#/components/schemas/TransactionInfo' + Seasonal periods. Repeated because multiple periods are supported + for one time series. + items: + enumDescriptions: + - Unspecified seasonal period. + - No seasonality + - Daily period, 24 hours. + - Weekly period, 7 days. + - Monthly period, 30 days or irregular. + - Quarterly period, 90 days or irregular. + - Yearly period, 365 days or irregular. + - Hourly period, 1 hour. + type: string + enum: + - SEASONAL_PERIOD_TYPE_UNSPECIFIED + - NO_SEASONALITY + - DAILY + - WEEKLY + - MONTHLY + - QUARTERLY + - YEARLY + - HOURLY + type: array + hasSpikesAndDips: description: >- - Output only. [Alpha] Information of the multi-statement transaction - if this job is part of one. This property is only expected on a - child job or a job that is in a session. A script parent job is not - part of the transaction started in the script. - readOnly: true + If true, spikes_and_dips is a part of time series decomposition + result. + type: boolean + nonSeasonalOrder: + $ref: '#/components/schemas/ArimaOrder' + description: Non-seasonal order. + hasDrift: + type: boolean + description: >- + Whether Arima model fitted with drift or not. It is always false + when d is not 1. + description: Arima model information. type: object - JobStatistics2: - description: Statistics for a query job. - id: JobStatistics2 + id: ArimaModelInfo + TransactionInfo: + type: object + description: '[Alpha] Information of a multi-statement transaction.' properties: - biEngineStatistics: - $ref: '#/components/schemas/BiEngineStatistics' - description: Output only. BI Engine specific Statistics. - readOnly: true - billingTier: - description: >- - Output only. Billing tier for the job. This is a BigQuery-specific - concept which is not related to the Google Cloud notion of "free - tier". The value here is a measure of the query's resource - consumption relative to the amount of data scanned. For on-demand - queries, the limit is 100, and all queries within this limit are - billed at the standard on-demand rates. On-demand queries that - exceed this limit will fail with a billingTierLimitExceeded error. - format: int32 - readOnly: true - type: integer - cacheHit: - description: >- - Output only. Whether the query result was fetched from the query - cache. - readOnly: true - type: boolean - dclTargetDataset: - $ref: '#/components/schemas/DatasetReference' - description: Output only. Referenced dataset for DCL statement. - readOnly: true - dclTargetTable: - $ref: '#/components/schemas/TableReference' - description: Output only. Referenced table for DCL statement. - readOnly: true - dclTargetView: - $ref: '#/components/schemas/TableReference' - description: Output only. Referenced view for DCL statement. - readOnly: true - ddlAffectedRowAccessPolicyCount: - description: >- - Output only. The number of row access policies affected by a DDL - statement. Present only for DROP ALL ROW ACCESS POLICIES queries. - format: int64 + transactionId: readOnly: true + description: Output only. [Alpha] Id of the transaction. type: string - ddlDestinationTable: - $ref: '#/components/schemas/TableReference' - description: >- - Output only. The table after rename. Present only for ALTER TABLE - RENAME TO query. - readOnly: true - ddlOperationPerformed: - description: >- - Output only. The DDL operation performed, possibly dependent on the - pre-existence of the DDL target. - readOnly: true + id: TransactionInfo + ExternalRuntimeOptions: + description: Options for the runtime of the external system. + type: object + id: ExternalRuntimeOptions + properties: + runtimeVersion: + description: 'Optional. Language runtime version. Example: `python-3.11`.' + type: string + maxBatchingRows: type: string - ddlTargetDataset: - $ref: '#/components/schemas/DatasetReference' - description: >- - Output only. The DDL target dataset. Present only for - CREATE/ALTER/DROP SCHEMA(dataset) queries. - readOnly: true - ddlTargetRoutine: - $ref: '#/components/schemas/RoutineReference' description: >- - Output only. [Beta] The DDL target routine. Present only for - CREATE/DROP FUNCTION/PROCEDURE queries. - readOnly: true - ddlTargetRowAccessPolicy: - $ref: '#/components/schemas/RowAccessPolicyReference' + Optional. Maximum number of rows in each batch sent to the external + runtime. If absent or if 0, BigQuery dynamically decides the number + of rows in a batch. + format: int64 + containerCpu: + type: number description: >- - Output only. The DDL target row access policy. Present only for - CREATE/DROP ROW ACCESS POLICY queries. - readOnly: true - ddlTargetTable: - $ref: '#/components/schemas/TableReference' + Optional. Amount of CPU provisioned for a Python UDF container + instance. For more information, see [Configure container limits for + Python + UDFs](https://cloud.google.com/bigquery/docs/user-defined-functions-python#configure-container-limits) + format: double + runtimeConnection: + type: string description: >- - Output only. The DDL target table. Present only for CREATE/DROP - TABLE/VIEW and DROP ALL ROW ACCESS POLICIES queries. - readOnly: true - dmlStats: - $ref: '#/components/schemas/DmlStatistics' + Optional. Fully qualified name of the connection whose service + account will be used to execute the code in the container. Format: + ```"projects/{project_id}/locations/{location_id}/connections/{connection_id}"``` + containerMemory: description: >- - Output only. Detailed statistics for DML statements INSERT, UPDATE, - DELETE, MERGE or TRUNCATE. - readOnly: true - estimatedBytesProcessed: - description: Output only. The original estimate of bytes processed for the job. - format: int64 - readOnly: true + Optional. Amount of memory provisioned for a Python UDF container + instance. Format: {number}{unit} where unit is one of "M", "G", "Mi" + and "Gi" (e.g. 1G, 512Mi). If not specified, the default value is + 512Mi. For more information, see [Configure container limits for + Python + UDFs](https://cloud.google.com/bigquery/docs/user-defined-functions-python#configure-container-limits) + type: string + PythonOptions: + type: object + properties: + entryPoint: type: string - exportDataStatistics: - $ref: '#/components/schemas/ExportDataStatistics' - description: Output only. Stats for EXPORT DATA statement. - readOnly: true - externalServiceCosts: description: >- - Output only. Job cost breakdown as bigquery internal cost and - external service costs. + Required. The name of the function defined in Python code as the + entry point when the Python UDF is invoked. + packages: items: - $ref: '#/components/schemas/ExternalServiceCost' - readOnly: true - type: array - loadQueryStatistics: - $ref: '#/components/schemas/LoadQueryStatistics' - description: Output only. Statistics for a LOAD query. - readOnly: true - materializedViewStatistics: - $ref: '#/components/schemas/MaterializedViewStatistics' - description: Output only. Statistics of materialized views of a query job. - readOnly: true - metadataCacheStatistics: - $ref: '#/components/schemas/MetadataCacheStatistics' + type: string description: >- - Output only. Statistics of metadata cache usage in a query for - BigLake tables. - readOnly: true - mlStatistics: - $ref: '#/components/schemas/MlStatistics' - description: Output only. Statistics of a BigQuery ML training job. - readOnly: true - modelTraining: - $ref: '#/components/schemas/BigQueryModelTraining' - description: Deprecated. - modelTrainingCurrentIteration: - description: Deprecated. - format: int32 - type: integer - modelTrainingExpectedTotalIteration: - description: Deprecated. - format: int64 + Optional. A list of Python package names along with versions to be + installed. Example: ["pandas>=2.1", "google-cloud-translate==3.11"]. + For more information, see [Use third-party + packages](https://cloud.google.com/bigquery/docs/user-defined-functions-python#third-party-packages). + type: array + id: PythonOptions + description: Options for a user-defined Python function. + ErrorProto: + type: object + description: Error details. + id: ErrorProto + properties: + location: type: string - numDmlAffectedRows: + description: Specifies where the error occurred, if present. + message: + type: string + description: A human-readable description of the error. + debugInfo: description: >- - Output only. The number of rows affected by a DML statement. Present - only for DML statements INSERT, UPDATE or DELETE. - format: int64 - readOnly: true + Debugging information. This property is internal to Google and + should not be used. type: string - performanceInsights: - $ref: '#/components/schemas/PerformanceInsights' - description: Output only. Performance insights. - readOnly: true - queryInfo: - $ref: '#/components/schemas/QueryInfo' - description: Output only. Query optimization information for a QUERY job. + reason: + description: A short error code that summarizes the error. + type: string + ArimaFittingMetrics: + properties: + variance: + description: Variance. + type: number + format: double + logLikelihood: + description: Log-likelihood. + format: double + type: number + aic: + type: number + format: double + description: AIC. + id: ArimaFittingMetrics + type: object + description: ARIMA model fitting metrics. + PerformanceInsights: + description: Performance insights for the job. + id: PerformanceInsights + type: object + properties: + stagePerformanceChangeInsights: readOnly: true - queryPlan: - description: Output only. Describes execution plan for the query. items: - $ref: '#/components/schemas/ExplainQueryStage' - readOnly: true + $ref: '#/components/schemas/StagePerformanceChangeInsight' + description: >- + Output only. Query stage performance insights compared to previous + runs, for diagnosing performance regression. type: array - referencedRoutines: - description: Output only. Referenced routines for the job. - items: - $ref: '#/components/schemas/RoutineReference' + stagePerformanceStandaloneInsights: readOnly: true - type: array - referencedTables: - description: Output only. Referenced tables for the job. items: - $ref: '#/components/schemas/TableReference' - readOnly: true + $ref: '#/components/schemas/StagePerformanceStandaloneInsight' type: array - reservationUsage: - deprecated: true description: >- - Output only. Job resource usage breakdown by reservation. This field - reported misleading information and will no longer be populated. - items: - description: Job resource usage breakdown by reservation. - properties: - name: - description: >- - Reservation name or "unreserved" for on-demand resource usage - and multi-statement queries. - type: string - slotMs: - description: >- - Total slot milliseconds used by the reservation for a - particular job. - format: int64 - type: string - type: object - readOnly: true - type: array - schema: - $ref: '#/components/schemas/TableSchema' - description: >- - Output only. The schema of the results. Present only for successful - dry run of non-legacy SQL queries. - readOnly: true - searchStatistics: - $ref: '#/components/schemas/SearchStatistics' - description: Output only. Search query specific statistics. - readOnly: true - sparkStatistics: - $ref: '#/components/schemas/SparkStatistics' - description: Output only. Statistics of a Spark procedure job. - readOnly: true - statementType: - description: >- - Output only. The type of query statement, if valid. Possible values: - * `SELECT`: - [`SELECT`](https://cloud.google.com/bigquery/docs/reference/standard-sql/query-syntax#select_list) - statement. * `ASSERT`: - [`ASSERT`](https://cloud.google.com/bigquery/docs/reference/standard-sql/debugging-statements#assert) - statement. * `INSERT`: - [`INSERT`](https://cloud.google.com/bigquery/docs/reference/standard-sql/dml-syntax#insert_statement) - statement. * `UPDATE`: - [`UPDATE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/dml-syntax#update_statement) - statement. * `DELETE`: - [`DELETE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-manipulation-language) - statement. * `MERGE`: - [`MERGE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-manipulation-language) - statement. * `CREATE_TABLE`: [`CREATE - TABLE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_table_statement) - statement, without `AS SELECT`. * `CREATE_TABLE_AS_SELECT`: [`CREATE - TABLE AS - SELECT`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_table_statement) - statement. * `CREATE_VIEW`: [`CREATE - VIEW`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_view_statement) - statement. * `CREATE_MODEL`: [`CREATE - MODEL`](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-create#create_model_statement) - statement. * `CREATE_MATERIALIZED_VIEW`: [`CREATE MATERIALIZED - VIEW`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_materialized_view_statement) - statement. * `CREATE_FUNCTION`: [`CREATE - FUNCTION`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_function_statement) - statement. * `CREATE_TABLE_FUNCTION`: [`CREATE TABLE - FUNCTION`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_table_function_statement) - statement. * `CREATE_PROCEDURE`: [`CREATE - PROCEDURE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_procedure) - statement. * `CREATE_ROW_ACCESS_POLICY`: [`CREATE ROW ACCESS - POLICY`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_row_access_policy_statement) - statement. * `CREATE_SCHEMA`: [`CREATE - SCHEMA`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_schema_statement) - statement. * `CREATE_SNAPSHOT_TABLE`: [`CREATE SNAPSHOT - TABLE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_snapshot_table_statement) - statement. * `CREATE_SEARCH_INDEX`: [`CREATE SEARCH - INDEX`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_search_index_statement) - statement. * `DROP_TABLE`: [`DROP - TABLE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_table_statement) - statement. * `DROP_EXTERNAL_TABLE`: [`DROP EXTERNAL - TABLE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_external_table_statement) - statement. * `DROP_VIEW`: [`DROP - VIEW`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_view_statement) - statement. * `DROP_MODEL`: [`DROP - MODEL`](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-drop-model) - statement. * `DROP_MATERIALIZED_VIEW`: [`DROP MATERIALIZED - VIEW`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_materialized_view_statement) - statement. * `DROP_FUNCTION` : [`DROP - FUNCTION`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_function_statement) - statement. * `DROP_TABLE_FUNCTION` : [`DROP TABLE - FUNCTION`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_table_function) - statement. * `DROP_PROCEDURE`: [`DROP - PROCEDURE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_procedure_statement) - statement. * `DROP_SEARCH_INDEX`: [`DROP SEARCH - INDEX`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_search_index) - statement. * `DROP_SCHEMA`: [`DROP - SCHEMA`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_schema_statement) - statement. * `DROP_SNAPSHOT_TABLE`: [`DROP SNAPSHOT - TABLE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_snapshot_table_statement) - statement. * `DROP_ROW_ACCESS_POLICY`: [`DROP [ALL] ROW ACCESS - POLICY|POLICIES`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_row_access_policy_statement) - statement. * `ALTER_TABLE`: [`ALTER - TABLE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#alter_table_set_options_statement) - statement. * `ALTER_VIEW`: [`ALTER - VIEW`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#alter_view_set_options_statement) - statement. * `ALTER_MATERIALIZED_VIEW`: [`ALTER MATERIALIZED - VIEW`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#alter_materialized_view_set_options_statement) - statement. * `ALTER_SCHEMA`: [`ALTER - SCHEMA`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#alter_schema_set_options_statement) - statement. * `SCRIPT`: - [`SCRIPT`](https://cloud.google.com/bigquery/docs/reference/standard-sql/procedural-language). - * `TRUNCATE_TABLE`: [`TRUNCATE - TABLE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/dml-syntax#truncate_table_statement) - statement. * `CREATE_EXTERNAL_TABLE`: [`CREATE EXTERNAL - TABLE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_external_table_statement) - statement. * `EXPORT_DATA`: [`EXPORT - DATA`](https://cloud.google.com/bigquery/docs/reference/standard-sql/other-statements#export_data_statement) - statement. * `EXPORT_MODEL`: [`EXPORT - MODEL`](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-export-model) - statement. * `LOAD_DATA`: [`LOAD - DATA`](https://cloud.google.com/bigquery/docs/reference/standard-sql/other-statements#load_data_statement) - statement. * `CALL`: - [`CALL`](https://cloud.google.com/bigquery/docs/reference/standard-sql/procedural-language#call) - statement. - readOnly: true - type: string - timeline: - description: Output only. Describes a timeline of job execution. - items: - $ref: '#/components/schemas/QueryTimelineSample' - readOnly: true - type: array - totalBytesBilled: - description: >- - Output only. If the project is configured to use on-demand pricing, - then this field contains the total bytes billed for the job. If the - project is configured to use flat-rate pricing, then you are not - billed for bytes and this field is informational only. - format: int64 - readOnly: true - type: string - totalBytesProcessed: - description: Output only. Total bytes processed for the job. - format: int64 - readOnly: true - type: string - totalBytesProcessedAccuracy: + Output only. Standalone query stage performance insights, for + exploring potential improvements. + avgPreviousExecutionMs: description: >- - Output only. For dry-run jobs, totalBytesProcessed is an estimate - and this field specifies the accuracy of the estimate. Possible - values can be: UNKNOWN: accuracy of the estimate is unknown. - PRECISE: estimate is precise. LOWER_BOUND: estimate is lower bound - of what the query would cost. UPPER_BOUND: estimate is upper bound - of what the query would cost. + Output only. Average execution ms of previous runs. Indicates the + job ran slow compared to previous executions. To find previous + executions, use INFORMATION_SCHEMA tables and filter jobs with same + query hash. readOnly: true - type: string - totalPartitionsProcessed: - description: >- - Output only. Total number of partitions processed from all - partitioned tables referenced in the job. format: int64 - readOnly: true type: string - totalServicesSkuSlotMs: + ExternalCatalogDatasetOptions: + type: object + id: ExternalCatalogDatasetOptions + description: >- + Options defining open source compatible datasets living in the BigQuery + catalog. Contains metadata of open source database, schema, or namespace + represented by the current dataset. + properties: + parameters: description: >- - Output only. Total slot-milliseconds for the job that run on - external services and billed on the service SKU. This field is only - populated for jobs that have external service costs, and is the - total of the usage for costs whose billing method is "SERVICES_SKU". - format: int64 - readOnly: true - type: string - totalSlotMs: - description: Output only. Slot-milliseconds for the job. - format: int64 - readOnly: true - type: string - transferredBytes: + Optional. A map of key value pairs defining the parameters and + properties of the open source schema. Maximum size of 2MiB. + additionalProperties: + type: string + type: object + defaultStorageLocationUri: description: >- - Output only. Total bytes transferred for cross-cloud queries such as - Cross Cloud Transfer and CREATE TABLE AS SELECT (CTAS). - format: int64 - readOnly: true + Optional. The storage location URI for all tables in the dataset. + Equivalent to hive metastore's database locationUri. Maximum length + of 1024 characters. type: string - undeclaredQueryParameters: - description: >- - Output only. GoogleSQL only: list of undeclared query parameters - detected during a dry run validation. - items: - $ref: '#/components/schemas/QueryParameter' - readOnly: true - type: array - vectorSearchStatistics: - $ref: '#/components/schemas/VectorSearchStatistics' - description: Output only. Vector Search query specific statistics. - readOnly: true + CsvOptions: + description: Information related to a CSV data source. type: object - JobStatistics3: - description: Statistics for a load job. - id: JobStatistics3 + id: CsvOptions properties: - badRecords: + preserveAsciiControlCharacters: + type: boolean description: >- - Output only. The number of bad records encountered. Note that if the - job has failed because of more bad records encountered than the - maximum allowed in the load job configuration, then this number can - be less than the total number of bad records present in the input - data. - format: int64 - readOnly: true + Optional. Indicates if the embedded ASCII control characters (the + first 32 characters in the ASCII-table, from '\x00' to '\x1F') are + preserved. + nullMarker: + description: >- + Optional. Specifies a string that represents a null value in a CSV + file. For example, if you specify "\N", BigQuery interprets "\N" as + a null value when querying a CSV file. The default value is the + empty string. If you set this property to a custom value, BigQuery + throws an error if an empty string is present for all data types + except for STRING and BYTE. For STRING and BYTE columns, BigQuery + interprets the empty string as an empty value. type: string - inputFileBytes: - description: Output only. Number of bytes of source data in a load job. - format: int64 - readOnly: true + skipLeadingRows: type: string - inputFiles: - description: Output only. Number of source files in a load job. format: int64 - readOnly: true - type: string - outputBytes: description: >- - Output only. Size of the loaded data in bytes. Note that while a - load job is in the running state, this value may change. - format: int64 - readOnly: true + Optional. The number of rows at the top of a CSV file that BigQuery + will skip when reading the data. The default value is 0. This + property is useful if you have header rows in the file that should + be skipped. When autodetect is on, the behavior is the following: * + skipLeadingRows unspecified - Autodetect tries to detect headers in + the first row. If they are not detected, the row is read as data. + Otherwise data is read starting from the second row. * + skipLeadingRows is 0 - Instructs autodetect that there are no + headers and data should be read starting from the first row. * + skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to + detect headers in row N. If headers are not detected, row N is just + skipped. Otherwise row N is used to extract column names for the + detected schema. + fieldDelimiter: type: string - outputRows: description: >- - Output only. Number of rows imported in a load job. Note that while - an import job is in the running state, this value may change. - format: int64 - readOnly: true + Optional. The separator character for fields in a CSV file. The + separator is interpreted as a single byte. For files encoded in + ISO-8859-1, any single character can be used as a separator. For + files encoded in UTF-8, characters represented in decimal range + 1-127 (U+0001-U+007F) can be used without any modification. UTF-8 + characters encoded with multiple bytes (i.e. U+0080 and above) will + have only the first byte used for separating fields. The remaining + bytes will be treated as a part of the field. BigQuery also supports + the escape sequence "\t" (U+0009) to specify a tab separator. The + default value is comma (",", U+002C). + allowQuotedNewlines: + type: boolean + description: >- + Optional. Indicates if BigQuery should allow quoted data sections + that contain newline characters in a CSV file. The default value is + false. + encoding: + description: >- + Optional. The character encoding of the data. The supported values + are UTF-8, ISO-8859-1, UTF-16BE, UTF-16LE, UTF-32BE, and UTF-32LE. + The default value is UTF-8. BigQuery decodes the data after the raw, + binary data has been split using the values of the quote and + fieldDelimiter properties. type: string - timeline: - description: Output only. Describes a timeline of job execution. - items: - $ref: '#/components/schemas/QueryTimelineSample' - readOnly: true - type: array - type: object - JobStatistics4: - description: Statistics for an extract job. - id: JobStatistics4 - properties: - destinationUriFileCounts: + sourceColumnMatch: description: >- - Output only. Number of files per destination URI or URI pattern - specified in the extract configuration. These values will be in the - same order as the URIs specified in the 'destinationUris' field. + Optional. Controls the strategy used to match loaded columns to the + schema. If not set, a sensible default is chosen based on how the + schema is provided. If autodetect is used, then columns are matched + by name. Otherwise, columns are matched by position. This is done to + keep the behavior backward-compatible. Acceptable values are: + POSITION - matches by position. This assumes that the columns are + ordered the same way as the schema. NAME - matches by name. This + reads the header row as column names and reorders columns to match + the field names in the schema. + type: string + quote: + default: '"' + type: string + pattern: .? + description: >- + Optional. The value that is used to quote data sections in a CSV + file. BigQuery converts the string to ISO-8859-1 encoding, and then + uses the first byte of the encoded string to split the data in its + raw, binary state. The default value is a double-quote ("). If your + data does not contain quoted sections, set the property value to an + empty string. If your data contains quoted newline characters, you + must also set the allowQuotedNewlines property to true. To include + the specific quote character within a quoted value, precede it with + an additional matching quote character. For example, if you want to + escape the default character ' " ', use ' "" '. + nullMarkers: + description: >- + Optional. A list of strings represented as SQL NULL value in a CSV + file. null_marker and null_markers can't be set at the same time. If + null_marker is set, null_markers has to be not set. If null_markers + is set, null_marker has to be not set. If both null_marker and + null_markers are set at the same time, a user error would be thrown. + Any strings listed in null_markers, including empty string would be + interpreted as SQL NULL. This applies to all column types. items: - format: int64 type: string - readOnly: true type: array - inputBytes: + allowJaggedRows: + type: boolean description: >- - Output only. Number of user bytes extracted into the result. This is - the byte count as computed by BigQuery for billing purposes and - doesn't have any relationship with the number of actual result bytes - extracted in the desired format. - format: int64 - readOnly: true + Optional. Indicates if BigQuery should accept rows that are missing + trailing optional columns. If true, BigQuery treats missing trailing + columns as null values. If false, records with missing trailing + columns are treated as bad records, and if there are too many bad + records, an invalid error is returned in the job result. The default + value is false. + TableList: + properties: + etag: + description: A hash of this page of results. type: string - timeline: - description: Output only. Describes a timeline of job execution. + tables: items: - $ref: '#/components/schemas/QueryTimelineSample' - readOnly: true + properties: + tableReference: + $ref: '#/components/schemas/TableReference' + description: A reference uniquely identifying table. + kind: + description: The resource type. + type: string + creationTime: + description: >- + Output only. The time when this table was created, in + milliseconds since the epoch. + format: int64 + readOnly: true + type: string + expirationTime: + format: int64 + description: >- + The time when this table expires, in milliseconds since the + epoch. If not present, the table will persist indefinitely. + Expired tables will be deleted and their storage reclaimed. + type: string + type: + description: The type of table. + type: string + rangePartitioning: + $ref: '#/components/schemas/RangePartitioning' + description: The range partitioning for this table. + view: + properties: + privacyPolicy: + description: Specifies the privacy policy for the view. + $ref: '#/components/schemas/PrivacyPolicy' + useLegacySql: + type: boolean + description: >- + True if view is defined in legacy SQL dialect, false if in + GoogleSQL. + type: object + description: Information about a logical view. + clustering: + description: Clustering specification for this table, if configured. + $ref: '#/components/schemas/Clustering' + labels: + type: object + description: >- + The labels associated with this table. You can use these to + organize and group your tables. + additionalProperties: + type: string + friendlyName: + description: The user-friendly name for this table. + type: string + timePartitioning: + description: The time-based partitioning for this table. + $ref: '#/components/schemas/TimePartitioning' + requirePartitionFilter: + type: boolean + description: >- + Optional. If set to true, queries including this table must + specify a partition filter. This filter is used for partition + elimination. + default: 'false' + id: + description: An opaque ID of the table. + type: string + type: object + description: Tables in the requested dataset. type: array + kind: + default: bigquery#tableList + type: string + description: The type of list. + totalItems: + description: The total number of tables in the dataset. + type: integer + format: int32 + nextPageToken: + type: string + description: A token to request the next page of results. + id: TableList type: object - JobStatistics5: - description: Statistics for a copy job. - id: JobStatistics5 + description: Partial projection of the metadata for a given table in a list response. + IntRange: + description: Range of an int hyperparameter. properties: - copiedLogicalBytes: - description: >- - Output only. Number of logical bytes copied to the destination - table. - format: int64 - readOnly: true + max: + description: Max value of the int parameter. type: string - copiedRows: - description: Output only. Number of rows copied to the destination table. format: int64 - readOnly: true + min: type: string + format: int64 + description: Min value of the int parameter. + id: IntRange type: object - JobStatus: - id: JobStatus + Expr: + id: Expr + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. properties: - errorResult: - $ref: '#/components/schemas/ErrorProto' + expression: + type: string description: >- - Output only. Final error result of the job. If present, indicates - that the job has completed and was unsuccessful. - readOnly: true - errors: + Textual representation of an expression in Common Expression + Language syntax. + location: + type: string description: >- - Output only. The first errors encountered during the running of the - job. The final message includes the number of errors that caused the - process to stop. Errors here do not necessarily mean that the job - has not completed or was unsuccessful. - items: - $ref: '#/components/schemas/ErrorProto' - readOnly: true - type: array - state: + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + title: + type: string description: >- - Output only. Running state of the job. Valid states include - 'PENDING', 'RUNNING', and 'DONE'. - readOnly: true + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + description: type: string - type: object - JoinRestrictionPolicy: - description: >- - Represents privacy policy associated with "join restrictions". Join - restriction gives data providers the ability to enforce joins on the - 'join_allowed_columns' when data is queried from a privacy protected - view. - id: JoinRestrictionPolicy + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: object + MaterializedViewStatistics: + id: MaterializedViewStatistics + type: object properties: - joinAllowedColumns: + materializedView: + items: + $ref: '#/components/schemas/MaterializedView' description: >- - Optional. The only columns that joins are allowed on. This field is - must be specified for join_conditions JOIN_ANY and JOIN_ALL and it - cannot be set for JOIN_BLOCKED. + Materialized views considered for the query job. Only certain + materialized views are used. For a detailed list, see the child + message. If many materialized views are considered, then the list + might be incomplete. + type: array + description: Statistics of materialized views considered in a query job. + RowLevelSecurityStatistics: + description: Statistics for row-level security. + id: RowLevelSecurityStatistics + properties: + rowLevelSecurityApplied: + description: Whether any accessed data was protected by row access policies. + type: boolean + type: object + Explanation: + id: Explanation + type: object + description: Explanation for a single feature. + properties: + featureName: + type: string + description: >- + The full feature name. For non-numerical features, will be formatted + like `.`. Overall size of feature name will always be truncated to + first 120 characters. + attribution: + format: double + type: number + description: Attribution of feature. + CategoryCount: + properties: + count: + format: int64 + description: >- + The count of training samples matching the category within the + cluster. + type: string + category: + description: The name of category. + type: string + description: Represents the count of a single category within the cluster. + id: CategoryCount + type: object + TableDataInsertAllRequest: + description: Request for sending a single streaming insert. + type: object + properties: + templateSuffix: + description: >- + Optional. If specified, treats the destination table as a base + template, and inserts the rows into an instance table named + "{destination}{templateSuffix}". BigQuery will manage creation of + the instance table, using the schema of the base template table. See + https://cloud.google.com/bigquery/streaming-data-into-bigquery#template-tables + for considerations when working with templates tables. + type: string + traceId: + description: >- + Optional. Unique request trace id. Used for debugging purposes only. + It is case-sensitive, limited to up to 36 ASCII characters. A UUID + is recommended. + type: string + rows: + type: array + items: + description: Data for a single insertion row. + type: object + properties: + json: + $ref: '#/components/schemas/JsonObject' + description: Data for a single row. + insertId: + description: >- + Insertion ID for best-effort deduplication. This feature is + not recommended, and users seeking stronger insertion + semantics are encouraged to use other mechanisms such as the + BigQuery Write API. + type: string + ignoreUnknownValues: + type: boolean + description: >- + Optional. Accept rows that contain values that do not match the + schema. The unknown values are ignored. Default is false, which + treats unknown values as errors. + kind: + description: >- + Optional. The resource type of the response. The value is not + checked at the backend. Historically, it has been set to + "bigquery#tableDataInsertAllRequest" but you are not required to set + it. + default: bigquery#tableDataInsertAllRequest + type: string + skipInvalidRows: + type: boolean + description: >- + Optional. Insert all valid rows of a request, even if invalid rows + exist. The default value is false, which causes the entire request + to fail if any invalid rows exist. + id: TableDataInsertAllRequest + ArimaSingleModelForecastingMetrics: + description: Model evaluation metrics for a single ARIMA forecasting model. + type: object + properties: + arimaFittingMetrics: + description: Arima fitting metrics. + $ref: '#/components/schemas/ArimaFittingMetrics' + hasDrift: + description: >- + Is arima model fitted with drift or not. It is always false when d + is not 1. + type: boolean + hasStepChanges: + description: If true, step_changes is a part of time series decomposition result. + type: boolean + hasHolidayEffect: + description: >- + If true, holiday_effect is a part of time series decomposition + result. + type: boolean + timeSeriesId: + description: >- + The time_series_id value for this time series. It will be one of the + unique values from the time_series_id_column specified during ARIMA + model training. Only present when time_series_id_column training + option was used. + type: string + hasSpikesAndDips: + description: >- + If true, spikes_and_dips is a part of time series decomposition + result. + type: boolean + nonSeasonalOrder: + $ref: '#/components/schemas/ArimaOrder' + description: Non-seasonal order. + timeSeriesIds: + description: >- + The tuple of time_series_ids identifying this time series. It will + be one of the unique tuples of values present in the + time_series_id_columns specified during ARIMA model training. Only + present when time_series_id_columns training option was used and the + order of values here are same as the order of + time_series_id_columns. + type: array items: type: string + seasonalPeriods: + items: + type: string + enum: + - SEASONAL_PERIOD_TYPE_UNSPECIFIED + - NO_SEASONALITY + - DAILY + - WEEKLY + - MONTHLY + - QUARTERLY + - YEARLY + - HOURLY + enumDescriptions: + - Unspecified seasonal period. + - No seasonality + - Daily period, 24 hours. + - Weekly period, 7 days. + - Monthly period, 30 days or irregular. + - Quarterly period, 90 days or irregular. + - Yearly period, 365 days or irregular. + - Hourly period, 1 hour. type: array - joinCondition: description: >- - Optional. Specifies if a join is required or not on queries for the - view. Default is JOIN_CONDITION_UNSPECIFIED. + Seasonal periods. Repeated because multiple periods are supported + for one time series. + id: ArimaSingleModelForecastingMetrics + JoinRestrictionPolicy: + properties: + joinCondition: + type: string enum: - JOIN_CONDITION_UNSPECIFIED - JOIN_ANY @@ -5179,718 +5164,587 @@ components: A join is not required, but if present it is only permitted on 'join_allowed_columns' - Joins are blocked for all queries. - type: string - type: object - JsonObject: - additionalProperties: - $ref: '#/components/schemas/JsonValue' - description: Represents a single JSON object. - id: JsonObject - type: object - JsonOptions: - description: Json Options for load and make external tables. - id: JsonOptions - properties: - encoding: description: >- - Optional. The character encoding of the data. The supported values - are UTF-8, UTF-16BE, UTF-16LE, UTF-32BE, and UTF-32LE. The default - value is UTF-8. - type: string + Optional. Specifies if a join is required or not on queries for the + view. Default is JOIN_CONDITION_UNSPECIFIED. + joinAllowedColumns: + type: array + items: + type: string + description: >- + Optional. The only columns that joins are allowed on. This field is + must be specified for join_conditions JOIN_ANY and JOIN_ALL and it + cannot be set for JOIN_BLOCKED. + description: >- + Represents privacy policy associated with "join restrictions". Join + restriction gives data providers the ability to enforce joins on the + 'join_allowed_columns' when data is queried from a privacy protected + view. + type: object + id: JoinRestrictionPolicy + JobCreationReason: + description: >- + Reason about why a Job was created from a + [`jobs.query`](https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs/query) + method when used with `JOB_CREATION_OPTIONAL` Job creation mode. For + [`jobs.insert`](https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs/insert) + method calls it will always be `REQUESTED`. + id: JobCreationReason type: object - JsonValue: - id: JsonValue - type: any - LinkedDatasetMetadata: - description: Metadata about the Linked Dataset. - id: LinkedDatasetMetadata properties: - linkState: - description: >- - Output only. Specifies whether Linked Dataset is currently in a - linked state or not. + code: + readOnly: true enum: - - LINK_STATE_UNSPECIFIED - - LINKED - - UNLINKED + - CODE_UNSPECIFIED + - REQUESTED + - LONG_RUNNING + - LARGE_RESULTS + - OTHER + description: Output only. Specifies the high level reason why a Job was created. enumDescriptions: - - The default value. Default to the LINKED state. + - Reason is not specified. + - Job creation was requested. - >- - Normal Linked Dataset state. Data is queryable via the Linked - Dataset. + The query request ran beyond a system defined timeout specified by + the [timeoutMs field in the + QueryRequest](https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs/query#queryrequest). + As a result it was considered a long running operation for which a + job was created. + - The results from the query cannot fit in the response. - >- - Data publisher or owner has unlinked this Linked Dataset. It means - you can no longer query or see the data in the Linked Dataset. - readOnly: true + BigQuery has determined that the query needs to be executed as a + Job. type: string - type: object - LinkedDatasetSource: - description: A dataset source type which refers to another BigQuery dataset. - id: LinkedDatasetSource + TableCell: + id: TableCell properties: - sourceDataset: - $ref: '#/components/schemas/DatasetReference' - description: >- - The source dataset reference contains project numbers and not - project ids. + v: + type: any type: object - ListModelsResponse: - description: Response format for a single page when listing BigQuery ML models. - id: ListModelsResponse + QueryResponse: properties: - models: - description: >- - Models in the requested dataset. Only the following fields are - populated: model_reference, model_type, creation_time, - last_modified_time and labels. + cacheHit: + description: Whether the query result was fetched from the query cache. + type: boolean + errors: items: - $ref: '#/components/schemas/Model' + $ref: '#/components/schemas/ErrorProto' + readOnly: true type: array - nextPageToken: - description: A token to request the next page of results. - type: string - type: object - ListRoutinesResponse: - description: Describes the format of a single result page when listing routines. - id: ListRoutinesResponse - properties: - nextPageToken: - description: A token to request the next page of results. + description: >- + Output only. The first errors or warnings encountered during the + running of the job. The final message includes the number of errors + that caused the process to stop. Errors here do not necessarily mean + that the job has completed or was unsuccessful. For more information + about error messages, see [Error + messages](https://cloud.google.com/bigquery/docs/error-messages). + pageToken: + description: >- + A token used for paging results. A non-empty token indicates that + additional results are available. To see additional results, query + the + [`jobs.getQueryResults`](https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs/getQueryResults) + method. For more information, see [Paging through table + data](https://cloud.google.com/bigquery/docs/paging-results). type: string - routines: + schema: + $ref: '#/components/schemas/TableSchema' description: >- - Routines in the requested dataset. Unless read_mask is set in the - request, only the following fields are populated: etag, project_id, - dataset_id, routine_id, routine_type, creation_time, - last_modified_time, language, and remote_function_options. + The schema of the results. Present only when the query completes + successfully. + jobComplete: + description: >- + Whether the query has completed or not. If rows or totalRows are + present, this will always be true. If this is false, totalRows will + not be available. + type: boolean + jobCreationReason: + $ref: '#/components/schemas/JobCreationReason' + description: >- + Optional. The reason why a Job was created. Only relevant when a + job_reference is present in the response. If job_reference is not + present it will always be unset. + rows: items: - $ref: '#/components/schemas/Routine' + $ref: '#/components/schemas/TableRow' type: array - type: object - ListRowAccessPoliciesResponse: - description: Response message for the ListRowAccessPolicies method. - id: ListRowAccessPoliciesResponse - properties: - nextPageToken: - description: A token to request the next page of results. + description: >- + An object with as many results as can be contained within the + maximum permitted reply size. To get any additional rows, you can + call GetQueryResults and specify the jobReference returned above. + dmlStats: + readOnly: true + description: >- + Output only. Detailed statistics for DML statements INSERT, UPDATE, + DELETE, MERGE or TRUNCATE. + $ref: '#/components/schemas/DmlStatistics' + location: + description: >- + Output only. The geographic location of the query. For more + information about BigQuery locations, see: + https://cloud.google.com/bigquery/docs/locations + readOnly: true type: string - rowAccessPolicies: - description: Row access policies on the requested table. - items: - $ref: '#/components/schemas/RowAccessPolicy' - type: array - type: object - LoadQueryStatistics: - description: Statistics for a LOAD query. - id: LoadQueryStatistics - properties: - badRecords: + jobReference: description: >- - Output only. The number of bad records encountered while processing - a LOAD query. Note that if the job has failed because of more bad - records encountered than the maximum allowed in the load job - configuration, then this number can be less than the total number of - bad records present in the input data. + Reference to the Job that was created to run the query. This field + will be present even if the original request timed out, in which + case GetQueryResults can be used to read the results once the query + has completed. Since this API only returns the first page of + results, subsequent pages can be fetched via the same mechanism + (GetQueryResults). If job_creation_mode was set to + `JOB_CREATION_OPTIONAL` and the query completes without creating a + job, this field will be empty. + $ref: '#/components/schemas/JobReference' + totalBytesProcessed: + description: >- + The total number of bytes processed for this query. If this query + was a dry run, this is the number of bytes that would be processed + if the query were run. + type: string format: int64 - readOnly: true + kind: + description: The resource type. + type: string + default: bigquery#queryResponse + totalRows: type: string - bytesTransferred: - deprecated: true description: >- - Output only. This field is deprecated. The number of bytes of source - data copied over the network for a `LOAD` query. `transferred_bytes` - has the canonical value for physical transferred bytes, which is - used for BigQuery Omni billing. + The total number of rows in the complete query result set, which can + be more than the number of rows in this single page of results. + format: uint64 + totalSlotMs: + type: string + description: Output only. Number of slot ms the user is actually billed for. format: int64 readOnly: true + queryId: type: string - inputFileBytes: - description: Output only. Number of bytes of source data in a LOAD query. + description: Auto-generated ID for the query. + creationTime: format: int64 + type: string + description: >- + Output only. Creation time of this query, in milliseconds since the + epoch. This field will be present on all queries. readOnly: true + totalBytesBilled: type: string - inputFiles: - description: Output only. Number of source files in a LOAD query. format: int64 readOnly: true - type: string - outputBytes: description: >- - Output only. Size of the loaded data in bytes. Note that while a - LOAD query is in the running state, this value may change. + Output only. If the project is configured to use on-demand pricing, + then this field contains the total bytes billed for the job. If the + project is configured to use flat-rate pricing, then you are not + billed for bytes and this field is informational only. + endTime: format: int64 + description: >- + Output only. End time of this query, in milliseconds since the + epoch. This field will be present whenever a query job is in the + DONE state. readOnly: true type: string - outputRows: + startTime: + readOnly: true + format: int64 description: >- - Output only. Number of rows imported in a LOAD query. Note that - while a LOAD query is in the running state, this value may change. + Output only. Start time of this query, in milliseconds since the + epoch. This field will be present when the query job transitions + from the PENDING state to either RUNNING or DONE. + type: string + numDmlAffectedRows: + type: string format: int64 + description: >- + Output only. The number of rows affected by a DML statement. Present + only for DML statements INSERT, UPDATE or DELETE. + readOnly: true + sessionInfo: + description: Output only. Information of the session if this job is part of one. + $ref: '#/components/schemas/SessionInfo' readOnly: true - type: string type: object - LocationMetadata: - description: >- - BigQuery-specific metadata about a location. This will be set on - google.cloud.location.Location.metadata in Cloud Location API responses. - id: LocationMetadata + id: QueryResponse + BinaryConfusionMatrix: properties: - legacyLocationId: - description: >- - The legacy BigQuery location ID, e.g. “EU” for the “europe” - location. This is for any API consumers that need the legacy “US” - and “EU” locations. + trueNegatives: + description: Number of true samples predicted as false. + format: int64 type: string - type: object - MaterializedView: - description: A materialized view considered for a query job. - id: MaterializedView - properties: - chosen: - description: >- - Whether the materialized view is chosen for the query. A - materialized view can be chosen to rewrite multiple parts of the - same query. If a materialized view is chosen to rewrite any part of - the query, then this field is true, even if the materialized view - was not chosen to rewrite others parts. - type: boolean - estimatedBytesSaved: - description: >- - If present, specifies a best-effort estimation of the bytes saved by - using the materialized view rather than its base tables. + truePositives: format: int64 type: string - rejectedReason: + description: Number of true samples predicted as true. + positiveClassThreshold: + type: number + format: double + description: Threshold value used when computing each of the following metric. + recall: description: >- - If present, specifies the reason why the materialized view was not - chosen for the query. - enum: - - REJECTED_REASON_UNSPECIFIED - - NO_DATA - - COST - - BASE_TABLE_TRUNCATED - - BASE_TABLE_DATA_CHANGE - - BASE_TABLE_PARTITION_EXPIRATION_CHANGE - - BASE_TABLE_EXPIRED_PARTITION - - BASE_TABLE_INCOMPATIBLE_METADATA_CHANGE - - TIME_ZONE - - OUT_OF_TIME_TRAVEL_WINDOW - - BASE_TABLE_FINE_GRAINED_SECURITY_POLICY - - BASE_TABLE_TOO_STALE - enumDescriptions: - - Default unspecified value. - - View has no cached data because it has not refreshed yet. - - >- - The estimated cost of the view is more expensive than another view - or the base table. Note: The estimate cost might not match the - billed cost. - - View has no cached data because a base table is truncated. - - >- - View is invalidated because of a data change in one or more base - tables. It could be any recent change if the - [`maxStaleness`](https://cloud.google.com/bigquery/docs/reference/rest/v2/tables#Table.FIELDS.max_staleness) - option is not set for the view, or otherwise any change outside of - the staleness window. - - >- - View is invalidated because a base table's partition expiration - has changed. - - View is invalidated because a base table's partition has expired. - - >- - View is invalidated because a base table has an incompatible - metadata change. - - >- - View is invalidated because it was refreshed with a time zone - other than that of the current job. - - View is outside the time travel window. - - >- - View is inaccessible to the user because of a fine-grained - security policy on one of its base tables. - - >- - One of the view's base tables is too stale. For example, the - cached metadata of a BigLake external table needs to be updated. + The fraction of actual positive labels that were given a positive + prediction. + type: number + format: double + falseNegatives: type: string - tableReference: - $ref: '#/components/schemas/TableReference' - description: The candidate materialized view. + description: Number of false samples predicted as false. + format: int64 + falsePositives: + format: int64 + description: Number of false samples predicted as true. + type: string + accuracy: + description: The fraction of predictions given the correct label. + format: double + type: number + precision: + description: >- + The fraction of actual positive predictions that had positive actual + labels. + type: number + format: double + f1Score: + type: number + description: The equally weighted average of recall and precision. + format: double + id: BinaryConfusionMatrix + type: object + description: Confusion matrix for binary classification models. + RowAccessPolicy: + description: >- + Represents access on a subset of rows on the specified table, defined by + its filter predicate. Access to the subset of rows is controlled by its + IAM policy. type: object - MaterializedViewDefinition: - description: Definition and configuration of a materialized view. - id: MaterializedViewDefinition properties: - allowNonIncrementalDefinition: - description: >- - Optional. This option declares the intention to construct a - materialized view that isn't refreshed incrementally. - Non-incremental materialized views support an expanded range of SQL - queries. The `allow_non_incremental_definition` option can't be - changed after the materialized view is created. - type: boolean - enableRefresh: - description: >- - Optional. Enable automatic refresh of the materialized view when the - base table is updated. The default value is "true". - type: boolean - lastRefreshTime: - description: >- - Output only. The time when this materialized view was last - refreshed, in milliseconds since the epoch. - format: int64 + rowAccessPolicyReference: + $ref: '#/components/schemas/RowAccessPolicyReference' + description: Required. Reference describing the ID of this row access policy. + etag: readOnly: true type: string - maxStaleness: + description: Output only. A hash of this resource. + creationTime: description: >- - [Optional] Max staleness of data that could be returned when - materizlized view is queried (formatted as Google SQL Interval - type). - format: byte + Output only. The time when this row access policy was created, in + milliseconds since the epoch. + format: google-datetime type: string - query: - description: Required. A query whose results are persisted. + readOnly: true + lastModifiedTime: + description: >- + Output only. The time when this row access policy was last modified, + in milliseconds since the epoch. + readOnly: true + format: google-datetime type: string - refreshIntervalMs: + grantees: description: >- - Optional. The maximum frequency at which this materialized view will - be refreshed. The default value is "1800000" (30 minutes). - format: int64 + Optional. Input only. The optional list of iam_member users or + groups that specifies the initial members that the row-level access + policy should be created with. grantees types: - + "user:alice@example.com": An email address that represents a + specific Google account. - + "serviceAccount:my-other-app@appspot.gserviceaccount.com": An email + address that represents a service account. - + "group:admins@example.com": An email address that represents a + Google group. - "domain:example.com":The Google Workspace domain + (primary) that represents all the users of that domain. - + "allAuthenticatedUsers": A special identifier that represents all + service accounts and all users on the internet who have + authenticated with a Google Account. This identifier includes + accounts that aren't connected to a Google Workspace or Cloud + Identity domain, such as personal Gmail accounts. Users who aren't + authenticated, such as anonymous visitors, aren't included. - + "allUsers":A special identifier that represents anyone who is on the + internet, including authenticated and unauthenticated users. Because + BigQuery requires authentication before a user can access the + service, allUsers includes only authenticated users. + type: array + items: + type: string + filterPredicate: type: string - type: object - MaterializedViewStatistics: - description: Statistics of materialized views considered in a query job. - id: MaterializedViewStatistics + description: >- + Required. A SQL boolean expression that represents the rows defined + by this row access policy, similar to the boolean expression in a + WHERE clause of a SELECT query on a table. References to other + tables, routines, and temporary functions are not supported. + Examples: region="EU" date_field = CAST('2019-9-27' as DATE) + nullable_field is not NULL numeric_field BETWEEN 1.0 AND 5.0 + id: RowAccessPolicy + AuditLogConfig: + id: AuditLogConfig properties: - materializedView: + logType: + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + type: string + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + description: The log type that this config enables. + exemptedMembers: + type: array description: >- - Materialized views considered for the query job. Only certain - materialized views are used. For a detailed list, see the child - message. If many materialized views are considered, then the list - might be incomplete. + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. items: - $ref: '#/components/schemas/MaterializedView' - type: array - type: object - MaterializedViewStatus: + type: string description: >- - Status of a materialized view. The last refresh timestamp status is - omitted here, but is present in the MaterializedViewDefinition message. - id: MaterializedViewStatus - properties: - lastRefreshStatus: - $ref: '#/components/schemas/ErrorProto' - description: >- - Output only. Error result of the last automatic refresh. If present, - indicates that the last automatic refresh was unsuccessful. - readOnly: true - refreshWatermark: - description: >- - Output only. Refresh watermark of materialized view. The base - tables' data were collected into the materialized view cache until - this time. - format: google-datetime - readOnly: true - type: string + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + type: object + IntCandidates: + id: IntCandidates + description: Discrete candidates of an int hyperparameter. type: object - MetadataCacheStatistics: - description: Statistics for metadata caching in queried tables. - id: MetadataCacheStatistics properties: - tableMetadataCacheUsage: - description: >- - Set for the Metadata caching eligible tables referenced in the - query. + candidates: items: - $ref: '#/components/schemas/TableMetadataCacheUsage' + format: int64 + type: string + description: Candidates for the int parameter in increasing order. type: array + JsonOptions: + description: Json Options for load and make external tables. + id: JsonOptions type: object - MlStatistics: - description: Job statistics specific to a BigQuery ML training job. - id: MlStatistics properties: - hparamTrials: + encoding: + type: string description: >- - Output only. Trials of a [hyperparameter tuning - job](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview) - sorted by trial_id. - items: - $ref: '#/components/schemas/HparamTuningTrial' - readOnly: true - type: array - iterationResults: + Optional. The character encoding of the data. The supported values + are UTF-8, UTF-16BE, UTF-16LE, UTF-32BE, and UTF-32LE. The default + value is UTF-8. + LinkedDatasetSource: + properties: + sourceDataset: description: >- - Results for all completed iterations. Empty for [hyperparameter - tuning - jobs](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview). - items: - $ref: '#/components/schemas/IterationResult' + The source dataset reference contains project numbers and not + project ids. + $ref: '#/components/schemas/DatasetReference' + type: object + id: LinkedDatasetSource + description: A dataset source type which refers to another BigQuery dataset. + CategoricalValue: + id: CategoricalValue + properties: + categoryCounts: type: array - maxIterations: + items: + $ref: '#/components/schemas/CategoryCount' description: >- - Output only. Maximum number of iterations specified as - max_iterations in the 'CREATE MODEL' query. The actual number of - iterations may be less than this number due to early stop. - format: int64 - readOnly: true - type: string - modelType: - description: Output only. The type of the model that is being trained. - enum: - - MODEL_TYPE_UNSPECIFIED - - LINEAR_REGRESSION - - LOGISTIC_REGRESSION - - KMEANS - - MATRIX_FACTORIZATION - - DNN_CLASSIFIER - - TENSORFLOW - - DNN_REGRESSOR - - XGBOOST - - BOOSTED_TREE_REGRESSOR - - BOOSTED_TREE_CLASSIFIER - - ARIMA - - AUTOML_REGRESSOR - - AUTOML_CLASSIFIER - - PCA - - DNN_LINEAR_COMBINED_CLASSIFIER - - DNN_LINEAR_COMBINED_REGRESSOR - - AUTOENCODER - - ARIMA_PLUS - - ARIMA_PLUS_XREG - - RANDOM_FOREST_REGRESSOR - - RANDOM_FOREST_CLASSIFIER - - TENSORFLOW_LITE - - ONNX - - TRANSFORM_ONLY - - CONTRIBUTION_ANALYSIS - enumDescriptions: - - Default value. - - Linear regression model. - - Logistic regression based classification model. - - K-means clustering model. - - Matrix factorization model. - - DNN classifier model. - - An imported TensorFlow model. - - DNN regressor model. - - An imported XGBoost model. - - Boosted tree regressor model. - - Boosted tree classifier model. - - ARIMA model. - - AutoML Tables regression model. - - AutoML Tables classification model. - - Prinpical Component Analysis model. - - Wide-and-deep classifier model. - - Wide-and-deep regressor model. - - Autoencoder model. - - New name for the ARIMA model. - - ARIMA with external regressors. - - Random forest regressor model. - - Random forest classifier model. - - An imported TensorFlow Lite model. - - An imported ONNX model. - - >- - Model to capture the columns and logic in the TRANSFORM clause - along with statistics useful for ML analytic functions. - - The contribution analysis model. - readOnly: true - type: string - trainingType: - description: Output only. Training type of the job. - enum: - - TRAINING_TYPE_UNSPECIFIED - - SINGLE_TRAINING - - HPARAM_TUNING - enumDescriptions: - - Unspecified training type. - - Single training with fixed parameter space. - - >- - [Hyperparameter tuning - training](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview). - readOnly: true - type: string + Counts of all categories for the categorical feature. If there are + more than ten categories, we return top ten (by count) and return + one more CategoryCount with category "_OTHER_" and count as + aggregate counts of remaining categories. + description: Representative value of a categorical feature. type: object - Model: - id: Model + ExternalServiceCost: properties: - bestTrialId: - deprecated: true - description: The best trial_id across all training runs. - format: int64 + slotMs: type: string - creationTime: - description: >- - Output only. The time when this model was created, in millisecs - since the epoch. format: int64 - readOnly: true + description: External service cost in terms of bigquery slot milliseconds. + externalService: type: string - defaultTrialId: - description: >- - Output only. The default trial_id to use in TVFs when the trial_id - is not passed in. For single-objective [hyperparameter - tuning](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview) - models, this is the best trial ID. For multi-objective - [hyperparameter - tuning](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview) - models, this is the smallest trial ID among all Pareto optimal - trials. + description: External service name. + bytesProcessed: format: int64 - readOnly: true type: string - description: - description: Optional. A user-friendly description of this model. + description: External service cost in terms of bigquery bytes processed. + bytesBilled: + format: int64 + description: External service cost in terms of bigquery bytes billed. type: string - encryptionConfiguration: - $ref: '#/components/schemas/EncryptionConfiguration' + billingMethod: description: >- - Custom encryption configuration (e.g., Cloud KMS keys). This shows - the encryption configuration of the model data while stored in - BigQuery storage. This field can be used with PatchModel to update - encryption key for an already encrypted model. - etag: - description: Output only. A hash of this resource. - readOnly: true + The billing method used for the external job. This field, set to + `SERVICES_SKU`, is only used when billing under the services SKU. + Otherwise, it is unspecified for backward compatibility. type: string - expirationTime: - description: >- - Optional. The time when this model expires, in milliseconds since - the epoch. If not present, the model will persist indefinitely. - Expired models will be deleted and their storage reclaimed. The - defaultTableExpirationMs property of the encapsulating dataset can - be used to set a default expirationTime on newly created models. + reservedSlotCount: format: int64 - type: string - featureColumns: description: >- - Output only. Input feature columns for the model inference. If the - model is trained with TRANSFORM clause, these are the input of the - TRANSFORM clause. - items: - $ref: '#/components/schemas/StandardSqlField' - readOnly: true - type: array - friendlyName: - description: Optional. A descriptive name for this model. + Non-preemptable reserved slots used for external job. For example, + reserved slots for Cloua AI Platform job are the VM usages converted + to BigQuery slot with equivalent mount of price. type: string - hparamSearchSpaces: - $ref: '#/components/schemas/HparamSearchSpaces' - description: Output only. All hyperparameter search spaces in this model. - readOnly: true - hparamTrials: - description: >- - Output only. Trials of a [hyperparameter - tuning](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview) - model sorted by trial_id. - items: - $ref: '#/components/schemas/HparamTuningTrial' - readOnly: true + description: >- + The external service cost is a portion of the total cost, these costs + are not additive with total_bytes_billed. Moreover, this field only + track external service costs that will show up as BigQuery costs (e.g. + training BigQuery ML job with google cloud CAIP or Automl Tables + services), not other costs which may be accrued by running the query + (e.g. reading from Bigtable or Cloud Storage). The external service + costs with different billing sku (e.g. CAIP job is charged based on VM + usage) are converted to BigQuery billed_bytes and slot_ms with + equivalent amount of US dollars. Services may not directly correlate to + these metrics, but these are the equivalents for billing purposes. + Output only. + type: object + id: ExternalServiceCost + PartitioningDefinition: + id: PartitioningDefinition + description: >- + The partitioning information, which includes managed table, external + table and metastore partitioned table partition information. + type: object + properties: + partitionedColumn: type: array - labelColumns: - description: >- - Output only. Label columns that were used to train this model. The - output of the model will have a "predicted_" prefix to these - columns. items: - $ref: '#/components/schemas/StandardSqlField' - readOnly: true - type: array - labels: - additionalProperties: - type: string - description: >- - The labels associated with this model. You can use these to organize - and group your models. Label keys and values can be no longer than - 63 characters, can only contain lowercase letters, numeric - characters, underscores and dashes. International characters are - allowed. Label values are optional. Label keys must start with a - letter and each label in the list must have a different key. - type: object - lastModifiedTime: + $ref: '#/components/schemas/PartitionedColumn' description: >- - Output only. The time when this model was last modified, in - millisecs since the epoch. - format: int64 - readOnly: true - type: string - location: + Optional. Details about each partitioning column. This field is + output only for all partitioning types other than metastore + partitioned tables. BigQuery native tables only support 1 + partitioning column. Other table types may support 0, 1 or more + partitioning columns. For metastore partitioned tables, the order + must match the definition order in the Hive Metastore, where it must + match the physical layout of the table. For example, CREATE TABLE + a_table(id BIGINT, name STRING) PARTITIONED BY (city STRING, state + STRING). In this case the values must be ['city', 'state'] in that + order. + DoubleHparamSearchSpace: + type: object + description: Search space for a double hyperparameter. + properties: + candidates: + description: Candidates of the double hyperparameter. + $ref: '#/components/schemas/DoubleCandidates' + range: + description: Range of the double hyperparameter. + $ref: '#/components/schemas/DoubleRange' + id: DoubleHparamSearchSpace + RangeValue: + properties: + start: + $ref: '#/components/schemas/QueryParameterValue' description: >- - Output only. The geographic location where the model resides. This - value is inherited from the dataset. - readOnly: true - type: string - modelReference: - $ref: '#/components/schemas/ModelReference' - description: Required. Unique identifier for this model. - modelType: - description: Output only. Type of the model resource. - enum: - - MODEL_TYPE_UNSPECIFIED - - LINEAR_REGRESSION - - LOGISTIC_REGRESSION - - KMEANS - - MATRIX_FACTORIZATION - - DNN_CLASSIFIER - - TENSORFLOW - - DNN_REGRESSOR - - XGBOOST - - BOOSTED_TREE_REGRESSOR - - BOOSTED_TREE_CLASSIFIER - - ARIMA - - AUTOML_REGRESSOR - - AUTOML_CLASSIFIER - - PCA - - DNN_LINEAR_COMBINED_CLASSIFIER - - DNN_LINEAR_COMBINED_REGRESSOR - - AUTOENCODER - - ARIMA_PLUS - - ARIMA_PLUS_XREG - - RANDOM_FOREST_REGRESSOR - - RANDOM_FOREST_CLASSIFIER - - TENSORFLOW_LITE - - ONNX - - TRANSFORM_ONLY - - CONTRIBUTION_ANALYSIS - enumDescriptions: - - Default value. - - Linear regression model. - - Logistic regression based classification model. - - K-means clustering model. - - Matrix factorization model. - - DNN classifier model. - - An imported TensorFlow model. - - DNN regressor model. - - An imported XGBoost model. - - Boosted tree regressor model. - - Boosted tree classifier model. - - ARIMA model. - - AutoML Tables regression model. - - AutoML Tables classification model. - - Prinpical Component Analysis model. - - Wide-and-deep classifier model. - - Wide-and-deep regressor model. - - Autoencoder model. - - New name for the ARIMA model. - - ARIMA with external regressors. - - Random forest regressor model. - - Random forest classifier model. - - An imported TensorFlow Lite model. - - An imported ONNX model. - - >- - Model to capture the columns and logic in the TRANSFORM clause - along with statistics useful for ML analytic functions. - - The contribution analysis model. - readOnly: true - type: string - optimalTrialIds: - description: >- - Output only. For single-objective [hyperparameter - tuning](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview) - models, it only contains the best trial. For multi-objective - [hyperparameter - tuning](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview) - models, it contains all Pareto optimal trials sorted by trial_id. - items: - format: int64 - type: string - readOnly: true - type: array - remoteModelInfo: - $ref: '#/components/schemas/RemoteModelInfo' - description: Output only. Remote model info - readOnly: true - trainingRuns: - description: Information for all training runs in increasing order of start_time. - items: - $ref: '#/components/schemas/TrainingRun' - type: array - transformColumns: + Optional. The start value of the range. A missing value represents + an unbounded start. + end: + $ref: '#/components/schemas/QueryParameterValue' description: >- - Output only. This field will be populated if a TRANSFORM clause was - used to train a model. TRANSFORM clause (if used) takes - feature_columns as input and outputs transform_columns. - transform_columns then are used to train the model. - items: - $ref: '#/components/schemas/TransformColumn' - readOnly: true - type: array + Optional. The end value of the range. A missing value represents an + unbounded end. + description: Represents the value of a range. type: object - ModelDefinition: - id: ModelDefinition - properties: - modelOptions: - description: Deprecated. - properties: - labels: - items: - type: string - type: array - lossType: - type: string - modelType: - type: string - type: object - trainingRuns: - description: Deprecated. - items: - $ref: '#/components/schemas/BqmlTrainingRun' - type: array + id: RangeValue + StorageDescriptor: type: object - ModelExtractOptions: - description: Options related to model extraction. - id: ModelExtractOptions + id: StorageDescriptor properties: - trialId: + locationUri: + type: string description: >- - The 1-based ID of the trial to be exported from a hyperparameter - tuning model. If not specified, the trial with id = - [Model](https://cloud.google.com/bigquery/docs/reference/rest/v2/models#resource:-model).defaultTrialId - is exported. This field is ignored for models not trained with - hyperparameter tuning. - format: int64 + Optional. The physical location of the table (e.g. + `gs://spark-dataproc-data/pangea-data/case_sensitive/` or + `gs://spark-dataproc-data/pangea-data/*`). The maximum length is + 2056 bytes. + outputFormat: + description: >- + Optional. Specifies the fully qualified class name of the + OutputFormat (e.g. + "org.apache.hadoop.hive.ql.io.orc.OrcOutputFormat"). The maximum + length is 128 characters. type: string + inputFormat: + type: string + description: >- + Optional. Specifies the fully qualified class name of the + InputFormat (e.g. + "org.apache.hadoop.hive.ql.io.orc.OrcInputFormat"). The maximum + length is 128 characters. + serdeInfo: + $ref: '#/components/schemas/SerDeInfo' + description: Optional. Serializer and deserializer information. + description: >- + Contains information about how a table's data is stored and accessed by + open source query engines. + RemoteFunctionOptions: + id: RemoteFunctionOptions + description: Options for a remote user-defined function. type: object - ModelReference: - description: Id path of a model. - id: ModelReference properties: - datasetId: - description: Required. The ID of the dataset containing this model. + userDefinedContext: + description: >- + User-defined context as a set of key/value pairs, which will be sent + as function invocation context together with batched arguments in + the requests to the remote service. The total number of bytes of + keys and values must be less than 8KB. + type: object + additionalProperties: + type: string + maxBatchingRows: + format: int64 + description: >- + Max number of rows in each batch sent to the remote service. If + absent or if 0, BigQuery dynamically decides the number of rows in a + batch. type: string - modelId: + connection: description: >- - Required. The ID of the model. The ID must contain only letters - (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is - 1,024 characters. + Fully qualified name of the user-provided connection object which + holds the authentication information to send requests to the remote + service. Format: + ```"projects/{projectId}/locations/{locationId}/connections/{connectionId}"``` type: string - projectId: - description: Required. The ID of the project containing this model. + endpoint: + description: >- + Endpoint of the user-provided remote service, e.g. + ```https://us-east1-my_gcf_project.cloudfunctions.net/remote_add``` type: string + AvroOptions: type: object - MultiClassClassificationMetrics: - description: Evaluation metrics for multi-class classification/classifier models. - id: MultiClassClassificationMetrics + id: AvroOptions + description: Options for external data sources. properties: - aggregateClassificationMetrics: - $ref: '#/components/schemas/AggregateClassificationMetrics' - description: Aggregate classification metrics. - confusionMatrixList: - description: Confusion matrix at different thresholds. - items: - $ref: '#/components/schemas/ConfusionMatrix' + useAvroLogicalTypes: + description: >- + Optional. If sourceFormat is set to "AVRO", indicates whether to + interpret logical types as the corresponding BigQuery data type (for + example, TIMESTAMP), instead of using the raw type (for example, + INTEGER). + type: boolean + Row: + type: object + description: A single row in the confusion matrix. + properties: + actualLabel: + type: string + description: The original label of this row. + entries: type: array + description: Info describing predicted label distribution. + items: + $ref: '#/components/schemas/Entry' + id: Row + TableRow: type: object - ParquetOptions: - description: Parquet Options for load and make external tables. - id: ParquetOptions properties: - enableListInference: - description: >- - Optional. Indicates whether to use schema inference specifically for - Parquet LIST logical type. - type: boolean - enumAsString: + f: description: >- - Optional. Indicates whether to infer Parquet ENUM logical type as - STRING instead of BYTES by default. - type: boolean + Represents a single row in the result set, consisting of one or more + fields. + items: + $ref: '#/components/schemas/TableCell' + type: array + id: TableRow + ParquetOptions: + properties: mapTargetType: - description: Optional. Indicates how to represent a Parquet map if present. enum: - MAP_TARGET_TYPE_UNSPECIFIED - ARRAY_OF_STRUCT @@ -5902,2571 +5756,2273 @@ components: In this mode, the map will have the following schema: repeated struct map_field_name { key value }. type: string + description: Optional. Indicates how to represent a Parquet map if present. + enableListInference: + description: >- + Optional. Indicates whether to use schema inference specifically for + Parquet LIST logical type. + type: boolean + enumAsString: + description: >- + Optional. Indicates whether to infer Parquet ENUM logical type as + STRING instead of BYTES by default. + type: boolean type: object - PartitionSkew: - description: Partition skew detailed information. - id: PartitionSkew - properties: - skewSources: - description: Output only. Source stages which produce skewed data. - items: - $ref: '#/components/schemas/SkewSource' - readOnly: true - type: array - type: object - PartitionedColumn: - description: The partitioning column information. - id: PartitionedColumn - properties: - field: - description: Required. The name of the partition column. - type: string + id: ParquetOptions + description: Parquet Options for load and make external tables. + ArimaForecastingMetrics: type: object - PartitioningDefinition: - description: >- - The partitioning information, which includes managed table, external - table and metastore partitioned table partition information. - id: PartitioningDefinition properties: - partitionedColumn: + seasonalPeriods: description: >- - Optional. Details about each partitioning column. This field is - output only for all partitioning types other than metastore - partitioned tables. BigQuery native tables only support 1 - partitioning column. Other table types may support 0, 1 or more - partitioning columns. For metastore partitioned tables, the order - must match the definition order in the Hive Metastore, where it must - match the physical layout of the table. For example, CREATE TABLE - a_table(id BIGINT, name STRING) PARTITIONED BY (city STRING, state - STRING). In this case the values must be ['city', 'state'] in that - order. + Seasonal periods. Repeated because multiple periods are supported + for one time series. + deprecated: true + type: array items: - $ref: '#/components/schemas/PartitionedColumn' + type: string + enumDescriptions: + - Unspecified seasonal period. + - No seasonality + - Daily period, 24 hours. + - Weekly period, 7 days. + - Monthly period, 30 days or irregular. + - Quarterly period, 90 days or irregular. + - Yearly period, 365 days or irregular. + - Hourly period, 1 hour. + enum: + - SEASONAL_PERIOD_TYPE_UNSPECIFIED + - NO_SEASONALITY + - DAILY + - WEEKLY + - MONTHLY + - QUARTERLY + - YEARLY + - HOURLY + arimaFittingMetrics: + description: Arima model fitting metrics. + items: + $ref: '#/components/schemas/ArimaFittingMetrics' + deprecated: true type: array - type: object - PerformanceInsights: - description: Performance insights for the job. - id: PerformanceInsights - properties: - avgPreviousExecutionMs: - description: >- - Output only. Average execution ms of previous runs. Indicates the - job ran slow compared to previous executions. To find previous - executions, use INFORMATION_SCHEMA tables and filter jobs with same - query hash. - format: int64 - readOnly: true - type: string - stagePerformanceChangeInsights: + arimaSingleModelForecastingMetrics: description: >- - Output only. Query stage performance insights compared to previous - runs, for diagnosing performance regression. + Repeated as there can be many metric sets (one for each model) in + auto-arima and the large-scale case. items: - $ref: '#/components/schemas/StagePerformanceChangeInsight' - readOnly: true + $ref: '#/components/schemas/ArimaSingleModelForecastingMetrics' + type: array + hasDrift: type: array - stagePerformanceStandaloneInsights: description: >- - Output only. Standalone query stage performance insights, for - exploring potential improvements. + Whether Arima model fitted with drift or not. It is always false + when d is not 1. items: - $ref: '#/components/schemas/StagePerformanceStandaloneInsight' - readOnly: true + type: boolean + deprecated: true + nonSeasonalOrder: + description: Non-seasonal order. type: array - type: object - Policy: - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). - id: Policy - properties: - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. items: - $ref: '#/components/schemas/AuditConfig' + $ref: '#/components/schemas/ArimaOrder' + deprecated: true + timeSeriesId: + items: + type: string + description: Id to differentiate different time series for the large-scale case. + deprecated: true type: array - bindings: + description: Model evaluation metrics for ARIMA forecasting models. + id: ArimaForecastingMetrics + DatasetAccessEntry: + properties: + targetTypes: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. + Which resources in the dataset this entry applies to. Currently, + only views are supported, but additional target types may be added + in the future. items: - $ref: '#/components/schemas/Binding' + type: string + enum: + - TARGET_TYPE_UNSPECIFIED + - VIEWS + - ROUTINES + enumDescriptions: + - Do not use. You must set a target type explicitly. + - This entry applies to views in the dataset. + - This entry applies to routines in the dataset. type: array - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - format: byte - type: string - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - format: int32 - type: integer - type: object - PrincipalComponentInfo: + dataset: + description: The dataset this entry applies to + $ref: '#/components/schemas/DatasetReference' + id: DatasetAccessEntry description: >- - Principal component infos, used only for eigen decomposition based - models, e.g., PCA. Ordered by explained_variance in the descending - order. - id: PrincipalComponentInfo + Grants all resources of particular types in a particular dataset read + access to the current dataset. Similar to how individually authorized + views work, updates to any resource granted through its dataset + (including creation of new resources) requires read permission to + referenced resources, plus write permission to the authorizing dataset. + type: object + SnapshotDefinition: properties: - cumulativeExplainedVarianceRatio: + baseTableReference: + $ref: '#/components/schemas/TableReference' description: >- - The explained_variance is pre-ordered in the descending order to - compute the cumulative explained variance ratio. - format: double - type: number - explainedVariance: + Required. Reference describing the ID of the table that was + snapshot. + snapshotTime: description: >- - Explained variance by this principal component, which is simply the - eigenvalue. - format: double - type: number - explainedVarianceRatio: - description: Explained_variance over the total explained variance. - format: double - type: number - principalComponentId: - description: Id of the principal component. - format: int64 + Required. The time at which the base table was snapshot. This value + is reported in the JSON response using RFC3339 format. type: string + format: date-time + description: Information about base table and snapshot time of the snapshot. + id: SnapshotDefinition type: object - PrivacyPolicy: - description: >- - Represents privacy policy that contains the privacy requirements - specified by the data owner. Currently, this is only supported on views. - id: PrivacyPolicy - properties: - aggregationThresholdPolicy: - $ref: '#/components/schemas/AggregationThresholdPolicy' - description: Optional. Policy used for aggregation thresholds. - differentialPrivacyPolicy: - $ref: '#/components/schemas/DifferentialPrivacyPolicy' - description: Optional. Policy used for differential privacy. - joinRestrictionPolicy: - $ref: '#/components/schemas/JoinRestrictionPolicy' - description: >- - Optional. Join restriction policy is outside of the one of policies, - since this policy can be set along with other policies. This policy - gives data providers the ability to enforce joins on the - 'join_allowed_columns' when data is queried from a privacy protected - view. + ExternalDatasetReference: + id: ExternalDatasetReference type: object - ProjectList: - description: Response object of ListProjects - id: ProjectList + description: Configures the access a dataset defined in an external metadata storage. properties: - etag: - description: A hash of the page of results. - type: string - kind: - default: bigquery#projectList - description: The resource type of the response. - type: string - nextPageToken: - description: Use this token to request the next page of results. + connection: type: string - projects: - description: Projects to which the user has at least READ access. - items: - description: Information about a single project. - properties: - friendlyName: - description: >- - A descriptive name for this project. A wrapper is used here - because friendlyName can be set to the empty string. - type: string - id: - description: An opaque ID of this project. - type: string - kind: - description: The resource type. - type: string - numericId: - description: The numeric ID of this project. - format: uint64 - type: string - projectReference: - $ref: '#/components/schemas/ProjectReference' - description: A unique reference to this project. - type: object - type: array - totalItems: - description: >- - The total number of projects in the page. A wrapper is used here - because the field should still be in the response when the value is - 0. - format: int32 - type: integer - type: object - ProjectReference: - description: A unique reference to a project. - id: ProjectReference - properties: - projectId: description: >- - Required. ID of the project. Can be either the numeric ID or the - assigned ID of the project. + Required. The connection id that is used to access the + external_source. Format: + projects/{project_id}/locations/{location_id}/connections/{connection_id} + externalSource: type: string + description: Required. External source that backs this dataset. + StringHparamSearchSpace: + id: StringHparamSearchSpace type: object - PythonOptions: - description: Options for a user-defined Python function. - id: PythonOptions properties: - entryPoint: - description: >- - Required. The name of the function defined in Python code as the - entry point when the Python UDF is invoked. - type: string - packages: - description: >- - Optional. A list of Python package names along with versions to be - installed. Example: ["pandas>=2.1", "google-cloud-translate==3.11"]. - For more information, see [Use third-party - packages](https://cloud.google.com/bigquery/docs/user-defined-functions-python#third-party-packages). + candidates: items: type: string + description: Canididates for the string or enum parameter in lower case. type: array - type: object - QueryInfo: - description: Query optimization information for a QUERY job. - id: QueryInfo - properties: - optimizationDetails: - additionalProperties: - description: Properties of the object. - type: any - description: Output only. Information about query optimizations. - readOnly: true - type: object - type: object - QueryParameter: - description: A parameter given to a query. - id: QueryParameter + description: Search space for string and enum. + IterationResult: + id: IterationResult + description: Information about a single iteration of the training run. properties: - name: - description: >- - Optional. If unset, this is a positional parameter. Otherwise, - should be unique within a query. + arimaResult: + description: Arima result. + $ref: '#/components/schemas/ArimaResult' + index: + description: Index of the iteration, 0 based. + format: int32 + type: integer + learnRate: + format: double + description: Learn rate used for this iteration. + type: number + evalLoss: + type: number + description: Loss computed on the eval data at the end of iteration. + format: double + durationMs: type: string - parameterType: - $ref: '#/components/schemas/QueryParameterType' - description: Required. The type of this parameter. - parameterValue: - $ref: '#/components/schemas/QueryParameterValue' - description: Required. The value of this parameter. - type: object - QueryParameterType: - description: The type of a query parameter. - id: QueryParameterType - properties: - arrayType: - $ref: '#/components/schemas/QueryParameterType' - description: Optional. The type of the array's elements, if this is an array. - rangeElementType: - $ref: '#/components/schemas/QueryParameterType' - description: Optional. The element type of the range, if this is a range. - structTypes: - description: >- - Optional. The types of the fields of this struct, in order, if this - is a struct. - items: - description: The type of a struct parameter. - properties: - description: - description: Optional. Human-oriented description of the field. - type: string - name: - description: Optional. The name of this field. - type: string - type: - $ref: '#/components/schemas/QueryParameterType' - description: Required. The type of this field. - type: object - type: array - timestampPrecision: - default: '6' - description: >- - Optional. Precision (maximum number of total digits in base 10) for - seconds of TIMESTAMP type. Possible values include: * 6 (Default, - for TIMESTAMP type with microsecond precision) * 12 (For TIMESTAMP - type with picosecond precision) format: int64 - type: string - type: - description: Required. The top level type of this field. - type: string - type: object - QueryParameterValue: - description: The value of a query parameter. - id: QueryParameterValue - properties: - arrayValues: - description: Optional. The array values, if this is an array type. + description: Time taken to run the iteration in milliseconds. + principalComponentInfos: + description: The information of the principal components. items: - $ref: '#/components/schemas/QueryParameterValue' + $ref: '#/components/schemas/PrincipalComponentInfo' type: array - rangeValue: - $ref: '#/components/schemas/RangeValue' - description: Optional. The range value, if this is a range type. - structValues: - additionalProperties: - $ref: '#/components/schemas/QueryParameterValue' - description: The struct field values. - type: object - value: - description: Optional. The value of this value, if a simple scalar type. - type: string + clusterInfos: + type: array + description: Information about top clusters for clustering models. + items: + $ref: '#/components/schemas/ClusterInfo' + trainingLoss: + type: number + description: Loss computed on the training data at the end of iteration. + format: double type: object - QueryRequest: - description: Describes the format of the jobs.query request. - id: QueryRequest + JobConfigurationExtract: properties: - connectionProperties: - description: Optional. Connection properties which can modify the query behavior. - items: - $ref: '#/components/schemas/ConnectionProperty' + destinationUri: + description: >- + [Pick one] DEPRECATED: Use destinationUris instead, passing only one + URI as necessary. The fully-qualified Google Cloud Storage URI where + the extracted table should be written. + type: string + destinationUris: type: array - continuous: + items: + type: string description: >- - [Optional] Specifies whether the query should be executed as a - continuous query. The default value is false. - type: boolean - createSession: + [Pick one] A list of fully-qualified Google Cloud Storage URIs where + the extracted table should be written. + destinationFormat: + type: string description: >- - Optional. If true, creates a new session using a randomly generated - session_id. If false, runs query with an existing session_id passed - in ConnectionProperty, otherwise runs query in non-session mode. The - session location will be set to QueryRequest.location if it is - present, otherwise it's set to the default location based on - existing routing logic. + Optional. The exported file format. Possible values include CSV, + NEWLINE_DELIMITED_JSON, PARQUET, or AVRO for tables and + ML_TF_SAVED_MODEL or ML_XGBOOST_BOOSTER for models. The default + value for tables is CSV. Tables with nested or repeated fields + cannot be exported as CSV. The default value for models is + ML_TF_SAVED_MODEL. + sourceModel: + $ref: '#/components/schemas/ModelReference' + description: A reference to the model being exported. + compression: + type: string + description: >- + Optional. The compression type to use for exported files. Possible + values include DEFLATE, GZIP, NONE, SNAPPY, and ZSTD. The default + value is NONE. Not all compression formats are support for all file + formats. DEFLATE is only supported for Avro. ZSTD is only supported + for Parquet. Not applicable when extracting models. + sourceTable: + description: A reference to the table being exported. + $ref: '#/components/schemas/TableReference' + printHeader: type: boolean - defaultDataset: - $ref: '#/components/schemas/DatasetReference' + default: 'true' description: >- - Optional. Specifies the default datasetId and projectId to assume - for any unqualified table names in the query. If not set, all table - names in the query string must be qualified in the format - 'datasetId.tableId'. - destinationEncryptionConfiguration: - $ref: '#/components/schemas/EncryptionConfiguration' - description: Optional. Custom encryption configuration (e.g., Cloud KMS keys) - dryRun: + Optional. Whether to print out a header row in the results. Default + is true. Not applicable when extracting models. + modelExtractOptions: + $ref: '#/components/schemas/ModelExtractOptions' description: >- - Optional. If set to true, BigQuery doesn't run the job. Instead, if - the query is valid, BigQuery returns statistics about the job such - as how many bytes would be processed. If the query is invalid, an - error returns. The default value is false. + Optional. Model extract options only applicable when extracting + models. + useAvroLogicalTypes: + description: >- + Whether to use logical types when extracting to AVRO format. Not + applicable when extracting models. type: boolean - formatOptions: - $ref: '#/components/schemas/DataFormatOptions' - description: Optional. Output format adjustments. - jobCreationMode: + fieldDelimiter: description: >- - Optional. If not set, jobs are always required. If set, the query - request will follow the behavior described JobCreationMode. - enum: - - JOB_CREATION_MODE_UNSPECIFIED - - JOB_CREATION_REQUIRED - - JOB_CREATION_OPTIONAL - enumDescriptions: - - If unspecified JOB_CREATION_REQUIRED is the default. - - Default. Job creation is always required. - - >- - Job creation is optional. Returning immediate results is - prioritized. BigQuery will automatically determine if a Job needs - to be created. The conditions under which BigQuery can decide to - not create a Job are subject to change. If Job creation is - required, JOB_CREATION_REQUIRED mode should be used, which is the - default. + Optional. When extracting data in CSV format, this defines the + delimiter to use between fields in the exported data. Default is + ','. Not applicable when extracting models. type: string - jobTimeoutMs: + description: >- + JobConfigurationExtract configures a job that exports data from a + BigQuery table into Google Cloud Storage. + type: object + id: JobConfigurationExtract + VectorSearchStatistics: + type: object + id: VectorSearchStatistics + description: >- + Statistics for a vector search query. Populated as part of + JobStatistics2. + properties: + indexUnusedReasons: + items: + $ref: '#/components/schemas/IndexUnusedReason' + type: array description: >- - Optional. Job timeout in milliseconds. If this time limit is - exceeded, BigQuery will attempt to stop a longer job, but may not - always succeed in canceling it before the job completes. For - example, a job that takes more than 60 seconds to complete has a - better chance of being stopped than a job that takes 10 seconds to - complete. This timeout applies to the query even if a job does not - need to be created. - format: int64 - type: string - kind: - default: bigquery#queryRequest - description: The resource type of the request. + When `indexUsageMode` is `UNUSED` or `PARTIALLY_USED`, this field + explains why indexes were not used in all or part of the vector + search query. If `indexUsageMode` is `FULLY_USED`, this field is not + populated. + indexUsageMode: type: string - labels: - additionalProperties: - type: string + enumDescriptions: + - Index usage mode not specified. + - >- + No vector indexes were used in the vector search query. See + [`indexUnusedReasons`] + (/bigquery/docs/reference/rest/v2/Job#IndexUnusedReason) for + detailed reasons. + - >- + Part of the vector search query used vector indexes. See + [`indexUnusedReasons`] + (/bigquery/docs/reference/rest/v2/Job#IndexUnusedReason) for why + other parts of the query did not use vector indexes. + - The entire vector search query used vector indexes. + description: Specifies the index usage mode for the query. + enum: + - INDEX_USAGE_MODE_UNSPECIFIED + - UNUSED + - PARTIALLY_USED + - FULLY_USED + storedColumnsUsages: + type: array + items: + $ref: '#/components/schemas/StoredColumnsUsage' description: >- - Optional. The labels associated with this query. Labels can be used - to organize and group query jobs. Label keys and values can be no - longer than 63 characters, can only contain lowercase letters, - numeric characters, underscores and dashes. International characters - are allowed. Label keys must start with a letter and each label in - the list must have a different key. - type: object + Specifies the usage of stored columns in the query when stored + columns are used in the query. + JobReference: + properties: location: - description: >- - The geographic location where the job should run. For more - information, see how to [specify - locations](https://cloud.google.com/bigquery/docs/locations#specify_locations). - type: string - maxResults: - description: >- - Optional. The maximum number of rows of data to return per page of - results. Setting this flag to a small value such as 1000 and then - paging through results might improve reliability when the query - result set is large. In addition to this limit, responses are also - limited to 10 MB. By default, there is no maximum row count, and - only the byte limit applies. - format: uint32 - type: integer - maximumBytesBilled: - description: >- - Optional. Limits the bytes billed for this query. Queries with bytes - billed above this limit will fail (without incurring a charge). If - unspecified, the project default is used. - format: int64 type: string - parameterMode: description: >- - GoogleSQL only. Set to POSITIONAL to use positional (?) query - parameters or to NAMED to use named (@myparam) query parameters in - this query. + Optional. The geographic location of the job. The default value is + US. For more information about BigQuery locations, see: + https://cloud.google.com/bigquery/docs/locations + jobId: type: string - preserveNulls: - deprecated: true - description: This property is deprecated. - type: boolean - query: description: >- - Required. A query string to execute, using Google Standard SQL or - legacy SQL syntax. Example: "SELECT COUNT(f1) FROM - myProjectId.myDatasetId.myTableId". + Required. The ID of the job. The ID must contain only letters (a-z, + A-Z), numbers (0-9), underscores (_), or dashes (-). The maximum + length is 1,024 characters. + projectId: + description: Required. The ID of the project containing this job. type: string - queryParameters: - description: Query parameters for GoogleSQL queries. - items: - $ref: '#/components/schemas/QueryParameter' - type: array - requestId: + description: A job reference is a fully qualified identifier for referring to a job. + type: object + id: JobReference + BiEngineReason: + description: Reason why BI Engine didn't accelerate the query (or sub-query). + properties: + code: description: >- - Optional. A unique user provided identifier to ensure idempotent - behavior for queries. Note that this is different from the job_id. - It has the following properties: 1. It is case-sensitive, limited to - up to 36 ASCII characters. A UUID is recommended. 2. Read only - queries can ignore this token since they are nullipotent by - definition. 3. For the purposes of idempotency ensured by the - request_id, a request is considered duplicate of another only if - they have the same request_id and are actually duplicates. When - determining whether a request is a duplicate of another request, all - parameters in the request that may affect the result are considered. - For example, query, connection_properties, query_parameters, - use_legacy_sql are parameters that affect the result and are - considered when determining whether a request is a duplicate, but - properties like timeout_ms don't affect the result and are thus not - considered. Dry run query requests are never considered duplicate of - another request. 4. When a duplicate mutating query request is - detected, it returns: a. the results of the mutation if it completes - successfully within the timeout. b. the running operation if it is - still in progress at the end of the timeout. 5. Its lifetime is - limited to 15 minutes. In other words, if two requests are sent with - the same request_id, but more than 15 minutes apart, idempotency is - not guaranteed. + Output only. High-level BI Engine reason for partial or disabled + acceleration + enum: + - CODE_UNSPECIFIED + - NO_RESERVATION + - INSUFFICIENT_RESERVATION + - UNSUPPORTED_SQL_TEXT + - INPUT_TOO_LARGE + - OTHER_REASON + - TABLE_EXCLUDED type: string - reservation: - description: >- - Optional. The reservation that jobs.query request would use. User - can specify a reservation to execute the job.query. The expected - format is - `projects/{project}/locations/{location}/reservations/{reservation}`. + enumDescriptions: + - BiEngineReason not specified. + - No reservation available for BI Engine acceleration. + - Not enough memory available for BI Engine acceleration. + - >- + This particular SQL text is not supported for acceleration by BI + Engine. + - Input too large for acceleration by BI Engine. + - >- + Catch-all code for all other cases for partial or disabled + acceleration. + - One or more tables were not eligible for BI Engine acceleration. + readOnly: true + message: type: string - timeoutMs: description: >- - Optional. Optional: Specifies the maximum amount of time, in - milliseconds, that the client is willing to wait for the query to - complete. By default, this limit is 10 seconds (10,000 - milliseconds). If the query is complete, the jobComplete field in - the response is true. If the query has not yet completed, - jobComplete is false. You can request a longer timeout period in the - timeoutMs field. However, the call is not guaranteed to wait for the - specified timeout; it typically returns after around 200 seconds - (200,000 milliseconds), even if the query is not complete. If - jobComplete is false, you can continue to wait for the query to - complete by calling the getQueryResults method until the jobComplete - field in the getQueryResults response is true. - format: uint32 - type: integer - useLegacySql: - default: 'true' - description: >- - Specifies whether to use BigQuery's legacy SQL dialect for this - query. The default value is true. If set to false, the query will - use BigQuery's GoogleSQL: - https://cloud.google.com/bigquery/sql-reference/ When useLegacySql - is set to false, the value of flattenResults is ignored; query will - be run as if flattenResults is false. - type: boolean - useQueryCache: - default: 'true' - description: >- - Optional. Whether to look for the result in the query cache. The - query cache is a best-effort cache that will be flushed whenever - tables in the query are modified. The default value is true. - type: boolean - writeIncrementalResults: - description: >- - Optional. This is only supported for SELECT query. If set, the query - is allowed to write results incrementally to the temporary result - table. This may incur a performance penalty. This option cannot be - used with Legacy SQL. This feature is not yet available. - type: boolean + Output only. Free form human-readable reason for partial or disabled + acceleration. + readOnly: true + id: BiEngineReason type: object - QueryResponse: - id: QueryResponse + TableReference: properties: - cacheHit: - description: Whether the query result was fetched from the query cache. - type: boolean - creationTime: + tableId: description: >- - Output only. Creation time of this query, in milliseconds since the - epoch. This field will be present on all queries. - format: int64 + Required. The ID of the table. The ID can contain Unicode characters + in category L (letter), M (mark), N (number), Pc (connector, + including underscore), Pd (dash), and Zs (space). For more + information, see [General + Category](https://wikipedia.org/wiki/Unicode_character_property#General_Category). + The maximum length is 1,024 characters. Certain operations allow + suffixing of the table ID with a partition decorator, such as + `sample_table$20190123`. + type: string + datasetId: + description: Required. The ID of the dataset containing this table. + type: string + projectId: + description: Required. The ID of the project containing this table. + type: string + type: object + id: TableReference + RestrictionConfig: + type: object + id: RestrictionConfig + properties: + type: readOnly: true + enum: + - RESTRICTION_TYPE_UNSPECIFIED + - RESTRICTED_DATA_EGRESS + type: string + description: Output only. Specifies the type of dataset/table restriction. + enumDescriptions: + - Should never be used. + - >- + Restrict data egress. See [Data + egress](https://cloud.google.com/bigquery/docs/analytics-hub-introduction#data_egress) + for more details. + BigtableColumn: + properties: + encoding: type: string - dmlStats: - $ref: '#/components/schemas/DmlStatistics' description: >- - Output only. Detailed statistics for DML statements INSERT, UPDATE, - DELETE, MERGE or TRUNCATE. - readOnly: true - endTime: + Optional. The encoding of the values when the type is not STRING. + Acceptable encoding values are: TEXT - indicates values are + alphanumeric text strings. BINARY - indicates values are encoded + using HBase Bytes.toBytes family of functions. 'encoding' can also + be set at the column family level. However, the setting at this + level takes precedence if 'encoding' is set at both levels. + fieldName: + type: string description: >- - Output only. End time of this query, in milliseconds since the - epoch. This field will be present whenever a query job is in the - DONE state. - format: int64 - readOnly: true + Optional. If the qualifier is not a valid BigQuery field identifier + i.e. does not match a-zA-Z*, a valid identifier must be provided as + the column field name and is used as field name in queries. + type: type: string - errors: description: >- - Output only. The first errors or warnings encountered during the - running of the job. The final message includes the number of errors - that caused the process to stop. Errors here do not necessarily mean - that the job has completed or was unsuccessful. For more information - about error messages, see [Error - messages](https://cloud.google.com/bigquery/docs/error-messages). - items: - $ref: '#/components/schemas/ErrorProto' - readOnly: true - type: array - jobComplete: + Optional. The type to convert the value in cells of this column. The + values are expected to be encoded using HBase Bytes.toBytes function + when using the BINARY encoding value. Following BigQuery types are + allowed (case-sensitive): * BYTES * STRING * INTEGER * FLOAT * + BOOLEAN * JSON Default type is BYTES. 'type' can also be set at the + column family level. However, the setting at this level takes + precedence if 'type' is set at both levels. + onlyReadLatest: description: >- - Whether the query has completed or not. If rows or totalRows are - present, this will always be true. If this is false, totalRows will - not be available. + Optional. If this is set, only the latest version of value in this + column are exposed. 'onlyReadLatest' can also be set at the column + family level. However, the setting at this level takes precedence if + 'onlyReadLatest' is set at both levels. type: boolean - jobCreationReason: - $ref: '#/components/schemas/JobCreationReason' - description: >- - Optional. The reason why a Job was created. Only relevant when a - job_reference is present in the response. If job_reference is not - present it will always be unset. - jobReference: - $ref: '#/components/schemas/JobReference' + qualifierEncoded: description: >- - Reference to the Job that was created to run the query. This field - will be present even if the original request timed out, in which - case GetQueryResults can be used to read the results once the query - has completed. Since this API only returns the first page of - results, subsequent pages can be fetched via the same mechanism - (GetQueryResults). If job_creation_mode was set to - `JOB_CREATION_OPTIONAL` and the query completes without creating a - job, this field will be empty. - kind: - default: bigquery#queryResponse - description: The resource type. + [Required] Qualifier of the column. Columns in the parent column + family that has this exact qualifier are exposed as `.` field. If + the qualifier is valid UTF-8 string, it can be specified in the + qualifier_string field. Otherwise, a base-64 encoded value must be + set to qualifier_encoded. The column field name is the same as the + column qualifier. However, if the qualifier is not a valid BigQuery + field identifier i.e. does not match a-zA-Z*, a valid identifier + must be provided as field_name. + format: byte type: string - location: - description: >- - Output only. The geographic location of the query. For more - information about BigQuery locations, see: - https://cloud.google.com/bigquery/docs/locations - readOnly: true + qualifierString: + description: Qualifier string. type: string - numDmlAffectedRows: + type: object + id: BigtableColumn + description: Information related to a Bigtable column. + ClusteringMetrics: + id: ClusteringMetrics + properties: + clusters: + description: Information for all clusters. + items: + $ref: '#/components/schemas/Cluster' + type: array + daviesBouldinIndex: + format: double + description: Davies-Bouldin index. + type: number + meanSquaredDistance: + format: double + type: number description: >- - Output only. The number of rows affected by a DML statement. Present - only for DML statements INSERT, UPDATE or DELETE. - format: int64 + Mean of squared distances between each sample to its cluster + centroid. + type: object + description: Evaluation metrics for clustering models. + Table: + properties: + encryptionConfiguration: + description: Custom encryption configuration (e.g., Cloud KMS keys). + $ref: '#/components/schemas/EncryptionConfiguration' + numActivePhysicalBytes: readOnly: true - type: string - pageToken: description: >- - A token used for paging results. A non-empty token indicates that - additional results are available. To see additional results, query - the - [`jobs.getQueryResults`](https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs/getQueryResults) - method. For more information, see [Paging through table - data](https://cloud.google.com/bigquery/docs/paging-results). - type: string - queryId: - description: Auto-generated ID for the query. + Output only. Number of physical bytes less than 90 days old. This + data is not kept in real time, and might be delayed by a few seconds + to a few minutes. + format: int64 type: string - rows: - description: >- - An object with as many results as can be contained within the - maximum permitted reply size. To get any additional rows, you can - call GetQueryResults and specify the jobReference returned above. - items: - $ref: '#/components/schemas/TableRow' - type: array schema: $ref: '#/components/schemas/TableSchema' + description: Optional. Describes the schema of this table. + streamingBuffer: + $ref: '#/components/schemas/Streamingbuffer' description: >- - The schema of the results. Present only when the query completes - successfully. - sessionInfo: - $ref: '#/components/schemas/SessionInfo' - description: Output only. Information of the session if this job is part of one. + Output only. Contains information regarding this table's streaming + buffer, if one is present. This field will be absent if the table is + not being streamed to or if there is no data in the streaming + buffer. readOnly: true - startTime: + tableReplicationInfo: description: >- - Output only. Start time of this query, in milliseconds since the - epoch. This field will be present when the query job transitions - from the PENDING state to either RUNNING or DONE. - format: int64 + Optional. Table replication info for table created `AS REPLICA` DDL + like: `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv` + $ref: '#/components/schemas/TableReplicationInfo' + replicas: readOnly: true - type: string - totalBytesBilled: description: >- - Output only. If the project is configured to use on-demand pricing, - then this field contains the total bytes billed for the job. If the - project is configured to use flat-rate pricing, then you are not - billed for bytes and this field is informational only. - format: int64 + Optional. Output only. Table references of all replicas currently + active on the table. + type: array + items: + $ref: '#/components/schemas/TableReference' + numBytes: readOnly: true - type: string - totalBytesProcessed: description: >- - The total number of bytes processed for this query. If this query - was a dry run, this is the number of bytes that would be processed - if the query were run. + Output only. The size of this table in logical bytes, excluding any + data in the streaming buffer. format: int64 type: string - totalRows: - description: >- - The total number of rows in the complete query result set, which can - be more than the number of rows in this single page of results. - format: uint64 - type: string - totalSlotMs: - description: Output only. Number of slot ms the user is actually billed for. - format: int64 + numActiveLogicalBytes: + description: Output only. Number of logical bytes that are less than 90 days old. readOnly: true - type: string - type: object - QueryTimelineSample: - description: Summary of the state of query execution at a given time. - id: QueryTimelineSample - properties: - activeUnits: - description: >- - Total number of active workers. This does not correspond directly to - slot usage. This is the largest value observed since the last - sample. format: int64 type: string - completedUnits: - description: Total parallel units of work completed by this query. + numTotalPhysicalBytes: format: int64 type: string - elapsedMs: - description: Milliseconds elapsed since the start of query execution. - format: int64 + description: >- + Output only. The physical size of this table in bytes. This also + includes storage used for time travel. This data is not kept in real + time, and might be delayed by a few seconds to a few minutes. + readOnly: true + defaultCollation: type: string - estimatedRunnableUnits: description: >- - Units of work that can be scheduled immediately. Providing - additional slots for these units of work will accelerate the query, - if no other query in the reservation needs additional slots. - format: int64 + Optional. Defines the default collation specification of new STRING + fields in the table. During table creation or update, if a STRING + field is added to this table without explicit collation specified, + then the table inherits the table default collation. A change to + this field affects only fields added afterwards, and does not alter + the existing fields. The following values are supported: * 'und:ci': + undetermined locale, case insensitive. * '': empty string. Default + to case-sensitive behavior. + numTotalLogicalBytes: type: string - pendingUnits: + readOnly: true description: >- - Total units of work remaining for the query. This number can be - revised (increased or decreased) while the query is running. + Output only. Total number of logical bytes in the table or + materialized view. format: int64 + type: + description: >- + Output only. Describes the table type. The following values are + supported: * `TABLE`: A normal BigQuery table. * `VIEW`: A virtual + table defined by a SQL query. * `EXTERNAL`: A table that references + data stored in an external storage system, such as Google Cloud + Storage. * `MATERIALIZED_VIEW`: A precomputed view defined by a SQL + query. * `SNAPSHOT`: An immutable BigQuery table that preserves the + contents of a base table at a particular time. See additional + information on [table + snapshots](https://cloud.google.com/bigquery/docs/table-snapshots-intro). + The default value is `TABLE`. + readOnly: true type: string - shuffleRamUsageRatio: + materializedView: + description: Optional. The materialized view definition. + $ref: '#/components/schemas/MaterializedViewDefinition' + timePartitioning: + description: If specified, configures time-based partitioning for this table. + $ref: '#/components/schemas/TimePartitioning' + snapshotDefinition: + $ref: '#/components/schemas/SnapshotDefinition' + readOnly: true description: >- - Total shuffle usage ratio in shuffle RAM per reservation of this - query. This will be provided for reservation customers only. - format: double - type: number - totalSlotMs: - description: Cumulative slot-ms consumed by the query. + Output only. Contains information about the snapshot. This value is + set via snapshot creation. + labels: + additionalProperties: + type: string + type: object + description: >- + The labels associated with this table. You can use these to organize + and group your tables. Label keys and values can be no longer than + 63 characters, can only contain lowercase letters, numeric + characters, underscores and dashes. International characters are + allowed. Label values are optional. Label keys must start with a + letter and each label in the list must have a different key. + requirePartitionFilter: + default: 'false' + description: >- + Optional. If set to true, queries over this table require a + partition filter that can be used for partition elimination to be + specified. + type: boolean + id: + description: Output only. An opaque ID uniquely identifying the table. + readOnly: true + type: string + expirationTime: format: int64 type: string - type: object - RangePartitioning: - id: RangePartitioning - properties: - field: description: >- - Required. The name of the column to partition the table on. It must - be a top-level, INT64 column whose mode is NULLABLE or REQUIRED. + Optional. The time when this table expires, in milliseconds since + the epoch. If not present, the table will persist indefinitely. + Expired tables will be deleted and their storage reclaimed. The + defaultTableExpirationMs property of the encapsulating dataset can + be used to set a default expirationTime on newly created tables. + partitionDefinition: + description: >- + Optional. The partition information for all table formats, including + managed partitioned tables, hive partitioned tables, iceberg + partitioned, and metastore partitioned tables. This field is only + populated for metastore partitioned tables. For other table formats, + this is an output only field. + $ref: '#/components/schemas/PartitioningDefinition' + rangePartitioning: + description: If specified, configures range partitioning for this table. + $ref: '#/components/schemas/RangePartitioning' + selfLink: + description: Output only. A URL that can be used to access this resource again. + type: string + readOnly: true + location: type: string - range: - description: '[Experimental] Defines the ranges for range partitioning.' - properties: - end: - description: '[Experimental] The end of range partitioning, exclusive.' - format: int64 - type: string - interval: - description: '[Experimental] The width of each interval.' - format: int64 - type: string - start: - description: '[Experimental] The start of range partitioning, inclusive.' - format: int64 - type: string - type: object - type: object - RangeValue: - description: Represents the value of a range. - id: RangeValue - properties: - end: - $ref: '#/components/schemas/QueryParameterValue' description: >- - Optional. The end value of the range. A missing value represents an - unbounded end. - start: - $ref: '#/components/schemas/QueryParameterValue' + Output only. The geographic location where the table resides. This + value is inherited from the dataset. + readOnly: true + numRows: + readOnly: true + type: string + format: uint64 description: >- - Optional. The start value of the range. A missing value represents - an unbounded start. - type: object - RankingMetrics: - description: >- - Evaluation metrics used by weighted-ALS models specified by - feedback_type=implicit. - id: RankingMetrics - properties: - averageRank: + Output only. The number of rows of data in this table, excluding any + data in the streaming buffer. + tableReference: + description: Required. Reference describing the ID of this table. + $ref: '#/components/schemas/TableReference' + defaultRoundingMode: + enumDescriptions: + - Unspecified will default to using ROUND_HALF_AWAY_FROM_ZERO. + - >- + ROUND_HALF_AWAY_FROM_ZERO rounds half values away from zero when + applying precision and scale upon writing of NUMERIC and + BIGNUMERIC values. For Scale: 0 1.1, 1.2, 1.3, 1.4 => 1 1.5, 1.6, + 1.7, 1.8, 1.9 => 2 + - >- + ROUND_HALF_EVEN rounds half values to the nearest even value when + applying precision and scale upon writing of NUMERIC and + BIGNUMERIC values. For Scale: 0 1.1, 1.2, 1.3, 1.4 => 1 1.5 => 2 + 1.6, 1.7, 1.8, 1.9 => 2 2.5 => 2 + type: string description: >- - Determines the goodness of a ranking by computing the percentile - rank from the predicted confidence and dividing it by the original - rank. - format: double - type: number - meanAveragePrecision: + Optional. Defines the default rounding mode specification of new + decimal fields (NUMERIC OR BIGNUMERIC) in the table. During table + creation or update, if a decimal field is added to this table + without an explicit rounding mode specified, then the field inherits + the table default rounding mode. Changing this field doesn't affect + existing fields. + enum: + - ROUNDING_MODE_UNSPECIFIED + - ROUND_HALF_AWAY_FROM_ZERO + - ROUND_HALF_EVEN + numLongTermBytes: + readOnly: true + format: int64 description: >- - Calculates a precision per user for all the items by ranking them - and then averages all the precisions across all the users. - format: double - type: number - meanSquaredError: + Output only. The number of logical bytes in the table that are + considered "long-term storage". + type: string + numLongTermPhysicalBytes: + type: string + readOnly: true description: >- - Similar to the mean squared error computed in regression and - explicit recommendation models except instead of computing the - rating directly, the output from evaluate is computed against a - preference which is 1 or 0 depending on if the rating exists or not. - format: double - type: number - normalizedDiscountedCumulativeGain: + Output only. Number of physical bytes more than 90 days old. This + data is not kept in real time, and might be delayed by a few seconds + to a few minutes. + format: int64 + creationTime: + format: int64 description: >- - A metric to determine the goodness of a ranking calculated from the - predicted confidence by comparing it to an ideal rank measured by - the original ratings. - format: double - type: number - type: object - RegressionMetrics: - description: >- - Evaluation metrics for regression and explicit feedback type matrix - factorization models. - id: RegressionMetrics - properties: - meanAbsoluteError: - description: Mean absolute error. - format: double - type: number - meanSquaredError: - description: Mean squared error. - format: double - type: number - meanSquaredLogError: - description: Mean squared log error. - format: double - type: number - medianAbsoluteError: - description: Median absolute error. - format: double - type: number - rSquared: - description: R^2 score. This corresponds to r2_score in ML.EVALUATE. - format: double - type: number - type: object - RemoteFunctionOptions: - description: Options for a remote user-defined function. - id: RemoteFunctionOptions - properties: - connection: - description: >- - Fully qualified name of the user-provided connection object which - holds the authentication information to send requests to the remote - service. Format: - ```"projects/{projectId}/locations/{locationId}/connections/{connectionId}"``` + Output only. The time when this table was created, in milliseconds + since the epoch. + readOnly: true type: string - endpoint: - description: >- - Endpoint of the user-provided remote service, e.g. - ```https://us-east1-my_gcf_project.cloudfunctions.net/remote_add``` + etag: + description: Output only. A hash of this resource. type: string - maxBatchingRows: - description: >- - Max number of rows in each batch sent to the remote service. If - absent or if 0, BigQuery dynamically decides the number of rows in a - batch. - format: int64 + readOnly: true + description: type: string - userDefinedContext: - additionalProperties: - type: string + description: Optional. A user-friendly description of this table. + tableConstraints: + $ref: '#/components/schemas/TableConstraints' + description: Optional. Tables Primary Key and Foreign Key information + numPhysicalBytes: + type: string + readOnly: true + format: int64 description: >- - User-defined context as a set of key/value pairs, which will be sent - as function invocation context together with batched arguments in - the requests to the remote service. The total number of bytes of - keys and values must be less than 8KB. - type: object - type: object - RemoteModelInfo: - description: Remote Model Info - id: RemoteModelInfo - properties: - connection: + Output only. The physical size of this table in bytes. This includes + storage used for time travel. + biglakeConfiguration: description: >- - Output only. Fully qualified name of the user-provided connection - object of the remote model. Format: - ```"projects/{project_id}/locations/{location_id}/connections/{connection_id}"``` + Optional. Specifies the configuration of a BigQuery table for Apache + Iceberg. + $ref: '#/components/schemas/BigLakeConfiguration' + materializedViewStatus: readOnly: true - type: string - endpoint: - description: Output only. The endpoint for remote model. + description: Output only. The materialized view status. + $ref: '#/components/schemas/MaterializedViewStatus' + numCurrentPhysicalBytes: readOnly: true - type: string - maxBatchingRows: description: >- - Output only. Max number of rows in each batch sent to the remote - service. If unset, the number of rows in each batch is set - dynamically. + Output only. Number of physical bytes used by current live data + storage. This data is not kept in real time, and might be delayed by + a few seconds to a few minutes. format: int64 - readOnly: true type: string - remoteModelVersion: - description: Output only. The model version for LLM. - readOnly: true + numLongTermLogicalBytes: type: string - remoteServiceType: - description: Output only. The remote service type for remote model. - enum: - - REMOTE_SERVICE_TYPE_UNSPECIFIED - - CLOUD_AI_TRANSLATE_V3 - - CLOUD_AI_VISION_V1 - - CLOUD_AI_NATURAL_LANGUAGE_V1 - - CLOUD_AI_SPEECH_TO_TEXT_V2 - enumDescriptions: - - Unspecified remote service type. - - >- - V3 Cloud AI Translation API. See more details at [Cloud - Translation API] - (https://cloud.google.com/translate/docs/reference/rest). - - >- - V1 Cloud AI Vision API See more details at [Cloud Vision API] - (https://cloud.google.com/vision/docs/reference/rest). - - >- - V1 Cloud AI Natural Language API. See more details at [REST - Resource: - documents](https://cloud.google.com/natural-language/docs/reference/rest/v1/documents). - - >- - V2 Speech-to-Text API. See more details at [Google Cloud - Speech-to-Text V2 - API](https://cloud.google.com/speech-to-text/v2/docs) + format: int64 readOnly: true + description: Output only. Number of logical bytes that are more than 90 days old. + friendlyName: type: string - speechRecognizer: - description: >- - Output only. The name of the speech recognizer to use for speech - recognition. The expected format is - `projects/{project}/locations/{location}/recognizers/{recognizer}`. - Customers can specify this field at model creation. If not - specified, a default recognizer `projects/{model - project}/locations/global/recognizers/_` will be used. See more - details at - [recognizers](https://cloud.google.com/speech-to-text/v2/docs/reference/rest/v2/projects.locations.recognizers) - readOnly: true + description: Optional. A descriptive name for this table. + numPartitions: type: string - type: object - RestrictionConfig: - id: RestrictionConfig - properties: - type: - description: Output only. Specifies the type of dataset/table restriction. - enum: - - RESTRICTION_TYPE_UNSPECIFIED - - RESTRICTED_DATA_EGRESS - enumDescriptions: - - Should never be used. - - >- - Restrict data egress. See [Data - egress](https://cloud.google.com/bigquery/docs/analytics-hub-introduction#data_egress) - for more details. + description: >- + Output only. The number of partitions present in the table or + materialized view. This data is not kept in real time, and might be + delayed by a few seconds to a few minutes. readOnly: true - type: string - type: object - Routine: - description: A user-defined function or a stored procedure. - id: Routine - properties: - arguments: - description: Optional. - items: - $ref: '#/components/schemas/Argument' - type: array - creationTime: + format: int64 + clustering: + $ref: '#/components/schemas/Clustering' description: >- - Output only. The time when this routine was created, in milliseconds - since the epoch. + Clustering specification for the table. Must be specified with + time-based partitioning, data in the table will be first partitioned + and subsequently clustered. + resourceTags: + additionalProperties: + type: string + type: object + description: >- + [Optional] The tags associated with this table. Tag keys are + globally unique. See additional information on + [tags](https://cloud.google.com/iam/docs/tags-access-control#definitions). + An object containing a list of "key": value pairs. The key is the + namespaced friendly name of the tag key, e.g. "12345/environment" + where 12345 is parent id. The value is the friendly short name of + the tag value, e.g. "production". + numTimeTravelPhysicalBytes: + description: >- + Output only. Number of physical bytes used by time travel storage + (deleted or changed data). This data is not kept in real time, and + might be delayed by a few seconds to a few minutes. + type: string format: int64 readOnly: true - type: string - dataGovernanceType: + maxStaleness: description: >- - Optional. If set to `DATA_MASKING`, the function is validated and - made available as a masking function. For more information, see - [Create custom masking - routines](https://cloud.google.com/bigquery/docs/user-defined-functions#custom-mask). - enum: - - DATA_GOVERNANCE_TYPE_UNSPECIFIED - - DATA_MASKING - enumDescriptions: - - The data governance type is unspecified. - - The data governance type is data masking. + Optional. The maximum staleness of data that could be returned when + the table (or stale MV) is queried. Staleness encoded as a string + encoding of sql IntervalValue type. type: string - definitionBody: + restrictions: + $ref: '#/components/schemas/RestrictionConfig' description: >- - Required. The body of the routine. For functions, this is the - expression in the AS clause. If language=SQL, it is the substring - inside (but excluding) the parentheses. For example, for the - function created with the following statement: `CREATE FUNCTION - JoinLines(x string, y string) as (concat(x, "\n", y))` The - definition_body is `concat(x, "\n", y)` (\n is not replaced with - linebreak). If language=JAVASCRIPT, it is the evaluated string in - the AS clause. For example, for the function created with the - following statement: `CREATE FUNCTION f() RETURNS STRING LANGUAGE js - AS 'return "\n";\n'` The definition_body is `return "\n";\n` Note - that both \n are replaced with linebreaks. + Optional. Output only. Restriction config for table. If set, + restrict certain accesses on the table based on the config. See + [Data + egress](https://cloud.google.com/bigquery/docs/analytics-hub-introduction#data_egress) + for more details. + readOnly: true + lastModifiedTime: + description: >- + Output only. The time when this table was last modified, in + milliseconds since the epoch. + readOnly: true + format: uint64 type: string - description: - description: Optional. The description of the routine, if defined. + model: + $ref: '#/components/schemas/ModelDefinition' + description: Deprecated. + view: + description: Optional. The view definition. + $ref: '#/components/schemas/ViewDefinition' + kind: + description: The type of resource ID. + default: bigquery#table type: string - determinismLevel: - description: Optional. The determinism level of the JavaScript UDF, if defined. - enum: - - DETERMINISM_LEVEL_UNSPECIFIED - - DETERMINISTIC - - NOT_DETERMINISTIC - enumDescriptions: - - The determinism of the UDF is unspecified. - - >- - The UDF is deterministic, meaning that 2 function calls with the - same inputs always produce the same result, even across 2 query - runs. - - The UDF is not deterministic. - type: string - etag: - description: Output only. A hash of this resource. + cloneDefinition: readOnly: true - type: string - externalRuntimeOptions: - $ref: '#/components/schemas/ExternalRuntimeOptions' + $ref: '#/components/schemas/CloneDefinition' description: >- - Optional. Options for the runtime of the external system executing - the routine. This field is only applicable for Python UDFs. - [Preview](https://cloud.google.com/products/#product-launch-stages) - importedLibraries: + Output only. Contains information about the clone. This value is set + via the clone operation. + externalDataConfiguration: description: >- - Optional. If language = "JAVASCRIPT", this field stores the path of - the imported JAVASCRIPT libraries. - items: - type: string - type: array - language: + Optional. Describes the data format, location, and other properties + of a table stored outside of BigQuery. By defining these properties, + the data source can then be queried as if it were a standard + BigQuery table. + $ref: '#/components/schemas/ExternalDataConfiguration' + externalCatalogTableOptions: + $ref: '#/components/schemas/ExternalCatalogTableOptions' + description: Optional. Options defining open source compatible table. + managedTableType: description: >- - Optional. Defaults to "SQL" if remote_function_options field is - absent, not set otherwise. + Optional. If set, overrides the default managed table type + configured in the dataset. enum: - - LANGUAGE_UNSPECIFIED - - SQL - - JAVASCRIPT - - PYTHON - - JAVA - - SCALA + - MANAGED_TABLE_TYPE_UNSPECIFIED + - NATIVE + - BIGLAKE enumDescriptions: - - Default value. - - SQL language. - - JavaScript language. - - Python language. - - Java language. - - Scala language. + - No managed table type specified. + - The managed table is a native BigQuery table. + - >- + The managed table is a BigLake table for Apache Iceberg in + BigQuery. type: string - lastModifiedTime: + id: Table + type: object + GlobalExplanation: + type: object + id: GlobalExplanation + description: >- + Global explanations containing the top most important features after + training. + properties: + classLabel: description: >- - Output only. The time when this routine was last modified, in - milliseconds since the epoch. - format: int64 - readOnly: true + Class label for this set of global explanations. Will be empty/null + for binary logistic and linear regression models. Sorted + alphabetically in descending order. type: string - pythonOptions: - $ref: '#/components/schemas/PythonOptions' - description: >- - Optional. Options for the Python UDF. - [Preview](https://cloud.google.com/products/#product-launch-stages) - remoteFunctionOptions: - $ref: '#/components/schemas/RemoteFunctionOptions' - description: Optional. Remote function specific options. - returnTableType: - $ref: '#/components/schemas/StandardSqlTableType' - description: >- - Optional. Can be set only if routine_type = "TABLE_VALUED_FUNCTION". - If absent, the return table type is inferred from definition_body at - query time in each query that references this routine. If present, - then the columns in the evaluated table result will be cast to match - the column types specified in return table type, at query time. - returnType: - $ref: '#/components/schemas/StandardSqlDataType' + explanations: + items: + $ref: '#/components/schemas/Explanation' description: >- - Optional if language = "SQL"; required otherwise. Cannot be set if - routine_type = "TABLE_VALUED_FUNCTION". If absent, the return type - is inferred from definition_body at query time in each query that - references this routine. If present, then the evaluated result will - be cast to the specified returned type at query time. For example, - for the functions created with the following statements: * `CREATE - FUNCTION Add(x FLOAT64, y FLOAT64) RETURNS FLOAT64 AS (x + y);` * - `CREATE FUNCTION Increment(x FLOAT64) AS (Add(x, 1));` * `CREATE - FUNCTION Decrement(x FLOAT64) RETURNS FLOAT64 AS (Add(x, -1));` The - return_type is `{type_kind: "FLOAT64"}` for `Add` and `Decrement`, - and is absent for `Increment` (inferred as FLOAT64 at query time). - Suppose the function `Add` is replaced by `CREATE OR REPLACE - FUNCTION Add(x INT64, y INT64) AS (x + y);` Then the inferred return - type of `Increment` is automatically changed to INT64 at query time, - while the return type of `Decrement` remains FLOAT64. - routineReference: - $ref: '#/components/schemas/RoutineReference' - description: Required. Reference describing the ID of this routine. - routineType: - description: Required. The type of routine. - enum: - - ROUTINE_TYPE_UNSPECIFIED - - SCALAR_FUNCTION - - PROCEDURE - - TABLE_VALUED_FUNCTION - - AGGREGATE_FUNCTION + A list of the top global explanations. Sorted by absolute value of + attribution in descending order. + type: array + HparamTuningTrial: + properties: + hparams: + description: The hyperprameters selected for this trial. + $ref: '#/components/schemas/TrainingOptions' + startTimeMs: + description: Starting time of the trial. + format: int64 + type: string + status: + type: string + description: The status of the trial. enumDescriptions: - Default value. - - Non-built-in persistent scalar function. - - Stored procedure. - - Non-built-in persistent TVF. - - Non-built-in persistent aggregate function. - type: string - securityMode: - description: >- - Optional. The security mode of the routine, if defined. If not - defined, the security mode is automatically determined from the - routine's configuration. + - Scheduled but not started. + - Running state. + - The trial succeeded. + - The trial failed. + - The trial is infeasible due to the invalid params. + - Trial stopped early because it's not promising. enum: - - SECURITY_MODE_UNSPECIFIED - - DEFINER - - INVOKER - enumDescriptions: - - The security mode of the routine is unspecified. - - >- - The routine is to be executed with the privileges of the user who - defines it. - - >- - The routine is to be executed with the privileges of the user who - invokes it. + - TRIAL_STATUS_UNSPECIFIED + - NOT_STARTED + - RUNNING + - SUCCEEDED + - FAILED + - INFEASIBLE + - STOPPED_EARLY + endTimeMs: type: string - sparkOptions: - $ref: '#/components/schemas/SparkOptions' - description: Optional. Spark specific options. - strictMode: + format: int64 + description: Ending time of the trial. + hparamTuningEvaluationMetrics: + $ref: '#/components/schemas/EvaluationMetrics' description: >- - Optional. Use this option to catch many common errors. Error - checking is not exhaustive, and successfully creating a procedure - doesn't guarantee that the procedure will successfully execute at - runtime. If `strictMode` is set to `TRUE`, the procedure body is - further checked for errors such as non-existent tables or columns. - The `CREATE PROCEDURE` statement fails if the body fails any of - these checks. If `strictMode` is set to `FALSE`, the procedure body - is checked only for syntax. For procedures that invoke themselves - recursively, specify `strictMode=FALSE` to avoid non-existent - procedure errors during validation. Default value is `TRUE`. - type: boolean - type: object - RoutineReference: - description: Id path of a routine. - id: RoutineReference - properties: - datasetId: - description: Required. The ID of the dataset containing this routine. - type: string - projectId: - description: Required. The ID of the project containing this routine. + Hyperparameter tuning evaluation metrics of this trial calculated on + the eval data. Unlike evaluation_metrics, only the fields + corresponding to the hparam_tuning_objectives are set. + evalLoss: + type: number + format: double + description: Loss computed on the eval data at the end of trial. + trainingLoss: + description: Loss computed on the training data at the end of trial. + format: double + type: number + errorMessage: type: string - routineId: + description: Error message for FAILED and INFEASIBLE trial. + evaluationMetrics: + $ref: '#/components/schemas/EvaluationMetrics' description: >- - Required. The ID of the routine. The ID must contain only letters - (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is - 256 characters. + Evaluation metrics of this trial calculated on the test data. Empty + in Job API. + trialId: + description: 1-based index of the trial. + format: int64 type: string type: object - Row: - description: A single row in the confusion matrix. - id: Row + id: HparamTuningTrial + description: >- + Training info of a trial in [hyperparameter + tuning](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview) + models. + IntArray: properties: - actualLabel: - description: The original label of this row. - type: string - entries: - description: Info describing predicted label distribution. - items: - $ref: '#/components/schemas/Entry' + elements: type: array - type: object - RowAccessPolicy: - description: >- - Represents access on a subset of rows on the specified table, defined by - its filter predicate. Access to the subset of rows is controlled by its - IAM policy. - id: RowAccessPolicy + items: + type: string + format: int64 + description: Elements in the int array. + description: An array of int. + id: IntArray + type: object + SparkOptions: + id: SparkOptions + type: object + description: Options for a user-defined Spark routine. properties: - creationTime: - description: >- - Output only. The time when this row access policy was created, in - milliseconds since the epoch. - format: google-datetime - readOnly: true + mainClass: type: string - etag: - description: Output only. A hash of this resource. - readOnly: true + description: >- + The fully qualified name of a class in jar_uris, for example, + com.example.wordcount. Exactly one of main_class and main_jar_uri + field should be set for Java/Scala language type. + runtimeVersion: type: string - filterPredicate: description: >- - Required. A SQL boolean expression that represents the rows defined - by this row access policy, similar to the boolean expression in a - WHERE clause of a SELECT query on a table. References to other - tables, routines, and temporary functions are not supported. - Examples: region="EU" date_field = CAST('2019-9-27' as DATE) - nullable_field is not NULL numeric_field BETWEEN 1.0 AND 5.0 + Runtime version. If not specified, the default runtime version is + used. + fileUris: + items: + type: string + description: >- + Files to be placed in the working directory of each executor. For + more information about Apache Spark, see [Apache + Spark](https://spark.apache.org/docs/latest/index.html). + type: array + containerImage: + type: string + description: Custom container image for the runtime environment. + connection: type: string - grantees: description: >- - Optional. Input only. The optional list of iam_member users or - groups that specifies the initial members that the row-level access - policy should be created with. grantees types: - - "user:alice@example.com": An email address that represents a - specific Google account. - - "serviceAccount:my-other-app@appspot.gserviceaccount.com": An email - address that represents a service account. - - "group:admins@example.com": An email address that represents a - Google group. - "domain:example.com":The Google Workspace domain - (primary) that represents all the users of that domain. - - "allAuthenticatedUsers": A special identifier that represents all - service accounts and all users on the internet who have - authenticated with a Google Account. This identifier includes - accounts that aren't connected to a Google Workspace or Cloud - Identity domain, such as personal Gmail accounts. Users who aren't - authenticated, such as anonymous visitors, aren't included. - - "allUsers":A special identifier that represents anyone who is on the - internet, including authenticated and unauthenticated users. Because - BigQuery requires authentication before a user can access the - service, allUsers includes only authenticated users. + Fully qualified name of the user-provided Spark connection object. + Format: + ```"projects/{project_id}/locations/{location_id}/connections/{connection_id}"``` + jarUris: + description: >- + JARs to include on the driver and executor CLASSPATH. For more + information about Apache Spark, see [Apache + Spark](https://spark.apache.org/docs/latest/index.html). items: type: string type: array - lastModifiedTime: + mainFileUri: description: >- - Output only. The time when this row access policy was last modified, - in milliseconds since the epoch. - format: google-datetime - readOnly: true + The main file/jar URI of the Spark application. Exactly one of the + definition_body field and the main_file_uri field must be set for + Python. Exactly one of main_class and main_file_uri field should be + set for Java/Scala language type. type: string - rowAccessPolicyReference: - $ref: '#/components/schemas/RowAccessPolicyReference' - description: Required. Reference describing the ID of this row access policy. + pyFileUris: + items: + type: string + description: >- + Python files to be placed on the PYTHONPATH for PySpark application. + Supported file types: `.py`, `.egg`, and `.zip`. For more + information about Apache Spark, see [Apache + Spark](https://spark.apache.org/docs/latest/index.html). + type: array + properties: + additionalProperties: + type: string + type: object + description: >- + Configuration properties as a set of key/value pairs, which will be + passed on to the Spark application. For more information, see + [Apache Spark](https://spark.apache.org/docs/latest/index.html) and + the [procedure option + list](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#procedure_option_list). + archiveUris: + description: >- + Archive files to be extracted into the working directory of each + executor. For more information about Apache Spark, see [Apache + Spark](https://spark.apache.org/docs/latest/index.html). + type: array + items: + type: string + DoubleRange: + properties: + min: + type: number + format: double + description: Min value of the double parameter. + max: + type: number + format: double + description: Max value of the double parameter. type: object - RowAccessPolicyReference: - description: Id path of a row access policy. - id: RowAccessPolicyReference + description: Range of a double hyperparameter. + id: DoubleRange + InputDataChange: + id: InputDataChange + description: Details about the input data change insight. properties: - datasetId: - description: Required. The ID of the dataset containing this row access policy. - type: string - policyId: + recordsReadDiffPercentage: description: >- - Required. The ID of the row access policy. The ID must contain only - letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum - length is 256 characters. - type: string - projectId: - description: Required. The ID of the project containing this row access policy. - type: string - tableId: - description: Required. The ID of the table containing this row access policy. - type: string + Output only. Records read difference percentage compared to a + previous run. + format: float + type: number + readOnly: true type: object - RowLevelSecurityStatistics: - description: Statistics for row-level security. - id: RowLevelSecurityStatistics - properties: - rowLevelSecurityApplied: - description: Whether any accessed data was protected by row access policies. - type: boolean + JobStatistics5: type: object - ScriptOptions: - description: Options related to script execution. - id: ScriptOptions + description: Statistics for a copy job. properties: - keyResultStatement: - description: >- - Determines which statement in the script represents the "key - result", used to populate the schema and query results of the script - job. Default is LAST. - enum: - - KEY_RESULT_STATEMENT_KIND_UNSPECIFIED - - LAST - - FIRST_SELECT - enumDescriptions: - - Default value. - - The last result determines the key result. - - The first SELECT statement determines the key result. + copiedLogicalBytes: type: string - statementByteBudget: + readOnly: true description: >- - Limit on the number of bytes billed per statement. Exceeding this - budget results in an error. + Output only. Number of logical bytes copied to the destination + table. format: int64 - type: string - statementTimeoutMs: - description: Timeout period for each statement in a script. + copiedRows: format: int64 + description: Output only. Number of rows copied to the destination table. type: string + readOnly: true + id: JobStatistics5 + RemoteModelInfo: type: object - ScriptStackFrame: - description: >- - Represents the location of the statement/expression being evaluated. - Line and column numbers are defined as follows: - Line and column - numbers start with one. That is, line 1 column 1 denotes the start of - the script. - When inside a stored procedure, all line/column numbers - are relative to the procedure body, not the script in which the - procedure was defined. - Start/end positions exclude leading/trailing - comments and whitespace. The end position always ends with a ";", when - present. - Multi-byte Unicode characters are treated as just one column. - - If the original script (or procedure definition) contains TAB - characters, a tab "snaps" the indentation forward to the nearest - multiple of 8 characters, plus 1. For example, a TAB on column 1, 2, 3, - 4, 5, 6 , or 8 will advance the next character to column 9. A TAB on - column 9, 10, 11, 12, 13, 14, 15, or 16 will advance the next character - to column 17. - id: ScriptStackFrame + id: RemoteModelInfo properties: - endColumn: - description: Output only. One-based end column. - format: int32 + remoteServiceType: + enumDescriptions: + - Unspecified remote service type. + - >- + V3 Cloud AI Translation API. See more details at [Cloud + Translation API] + (https://cloud.google.com/translate/docs/reference/rest). + - >- + V1 Cloud AI Vision API See more details at [Cloud Vision API] + (https://cloud.google.com/vision/docs/reference/rest). + - >- + V1 Cloud AI Natural Language API. See more details at [REST + Resource: + documents](https://cloud.google.com/natural-language/docs/reference/rest/v1/documents). + - >- + V2 Speech-to-Text API. See more details at [Google Cloud + Speech-to-Text V2 + API](https://cloud.google.com/speech-to-text/v2/docs) + type: string + description: Output only. The remote service type for remote model. readOnly: true - type: integer - endLine: - description: Output only. One-based end line. - format: int32 + enum: + - REMOTE_SERVICE_TYPE_UNSPECIFIED + - CLOUD_AI_TRANSLATE_V3 + - CLOUD_AI_VISION_V1 + - CLOUD_AI_NATURAL_LANGUAGE_V1 + - CLOUD_AI_SPEECH_TO_TEXT_V2 + remoteModelVersion: + description: Output only. The model version for LLM. + type: string readOnly: true - type: integer - procedureId: + connection: + type: string description: >- - Output only. Name of the active procedure, empty if in a top-level - script. + Output only. Fully qualified name of the user-provided connection + object of the remote model. Format: + ```"projects/{project_id}/locations/{location_id}/connections/{connection_id}"``` readOnly: true - type: string - startColumn: - description: Output only. One-based start column. - format: int32 + speechRecognizer: + description: >- + Output only. The name of the speech recognizer to use for speech + recognition. The expected format is + `projects/{project}/locations/{location}/recognizers/{recognizer}`. + Customers can specify this field at model creation. If not + specified, a default recognizer `projects/{model + project}/locations/global/recognizers/_` will be used. See more + details at + [recognizers](https://cloud.google.com/speech-to-text/v2/docs/reference/rest/v2/projects.locations.recognizers) readOnly: true - type: integer - startLine: - description: Output only. One-based start line. - format: int32 + type: string + endpoint: + type: string readOnly: true - type: integer - text: - description: Output only. Text of the current statement/expression. + description: Output only. The endpoint for remote model. + maxBatchingRows: + description: >- + Output only. Max number of rows in each batch sent to the remote + service. If unset, the number of rows in each batch is set + dynamically. readOnly: true type: string - type: object - ScriptStatistics: - description: Job statistics specific to the child job of a script. - id: ScriptStatistics + format: int64 + description: Remote Model Info + PartitionedColumn: properties: - evaluationKind: - description: Whether this child job was a statement or expression. - enum: - - EVALUATION_KIND_UNSPECIFIED - - STATEMENT - - EXPRESSION - enumDescriptions: - - Default value. - - The statement appears directly in the script. - - The statement evaluates an expression that appears in the script. + field: + description: Required. The name of the partition column. type: string - stackFrames: - description: >- - Stack trace showing the line/column/procedure name of each frame on - the stack at the point where the current evaluation happened. The - leaf frame is first, the primary script is last. Never empty. - items: - $ref: '#/components/schemas/ScriptStackFrame' - type: array type: object - SearchStatistics: - description: Statistics for a search query. Populated as part of JobStatistics2. - id: SearchStatistics + description: The partitioning column information. + id: PartitionedColumn + LocationMetadata: + id: LocationMetadata + description: >- + BigQuery-specific metadata about a location. This will be set on + google.cloud.location.Location.metadata in Cloud Location API responses. + type: object properties: - indexUnusedReasons: + legacyLocationId: description: >- - When `indexUsageMode` is `UNUSED` or `PARTIALLY_USED`, this field - explains why indexes were not used in all or part of the search - query. If `indexUsageMode` is `FULLY_USED`, this field is not - populated. - items: - $ref: '#/components/schemas/IndexUnusedReason' - type: array - indexUsageMode: - description: Specifies the index usage mode for the query. - enum: - - INDEX_USAGE_MODE_UNSPECIFIED - - UNUSED - - PARTIALLY_USED - - FULLY_USED - enumDescriptions: - - Index usage mode not specified. - - >- - No search indexes were used in the search query. See - [`indexUnusedReasons`] - (/bigquery/docs/reference/rest/v2/Job#IndexUnusedReason) for - detailed reasons. - - >- - Part of the search query used search indexes. See - [`indexUnusedReasons`] - (/bigquery/docs/reference/rest/v2/Job#IndexUnusedReason) for why - other parts of the query did not use search indexes. - - The entire search query used search indexes. + The legacy BigQuery location ID, e.g. “EU” for the “europe” + location. This is for any API consumers that need the legacy “US” + and “EU” locations. type: string + Model: + id: Model type: object - SerDeInfo: - description: Serializer and deserializer information. - id: SerDeInfo properties: - name: - description: Optional. Name of the SerDe. The maximum length is 256 characters. - type: string - parameters: - additionalProperties: - type: string + optimalTrialIds: + type: array description: >- - Optional. Key-value pairs that define the initialization parameters - for the serialization library. Maximum size 10 Kib. - type: object - serializationLibrary: + Output only. For single-objective [hyperparameter + tuning](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview) + models, it only contains the best trial. For multi-objective + [hyperparameter + tuning](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview) + models, it contains all Pareto optimal trials sorted by trial_id. + items: + type: string + format: int64 + readOnly: true + transformColumns: + readOnly: true + type: array description: >- - Required. Specifies a fully-qualified class name of the - serialization library that is responsible for the translation of - data between table representation and the underlying low-level input - and output format structures. The maximum length is 256 characters. + Output only. This field will be populated if a TRANSFORM clause was + used to train a model. TRANSFORM clause (if used) takes + feature_columns as input and outputs transform_columns. + transform_columns then are used to train the model. + items: + $ref: '#/components/schemas/TransformColumn' + lastModifiedTime: + format: int64 type: string - type: object - SessionInfo: - description: '[Preview] Information related to sessions.' - id: SessionInfo - properties: - sessionId: - description: Output only. The id of the session. readOnly: true - type: string - type: object - SetIamPolicyRequest: - description: Request message for `SetIamPolicy` method. - id: SetIamPolicyRequest - properties: - policy: - $ref: '#/components/schemas/Policy' description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - updateMask: - description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` - format: google-fieldmask - type: string - type: object - SkewSource: - description: Details about source stages which produce skewed data. - id: SkewSource - properties: - stageId: - description: Output only. Stage id of the skew source stage. - format: int64 + Output only. The time when this model was last modified, in + millisecs since the epoch. + hparamSearchSpaces: + $ref: '#/components/schemas/HparamSearchSpaces' + readOnly: true + description: Output only. All hyperparameter search spaces in this model. + creationTime: readOnly: true type: string - type: object - SnapshotDefinition: - description: Information about base table and snapshot time of the snapshot. - id: SnapshotDefinition - properties: - baseTableReference: - $ref: '#/components/schemas/TableReference' - description: >- - Required. Reference describing the ID of the table that was - snapshot. - snapshotTime: + format: int64 description: >- - Required. The time at which the base table was snapshot. This value - is reported in the JSON response using RFC3339 format. - format: date-time + Output only. The time when this model was created, in millisecs + since the epoch. + etag: type: string - type: object - SparkLoggingInfo: - description: Spark job logs can be filtered by these fields in Cloud Logging. - id: SparkLoggingInfo - properties: - projectId: - description: Output only. Project ID where the Spark logs were written. + description: Output only. A hash of this resource. readOnly: true - type: string - resourceType: - description: Output only. Resource type used for logging. + featureColumns: + description: >- + Output only. Input feature columns for the model inference. If the + model is trained with TRANSFORM clause, these are the input of the + TRANSFORM clause. + type: array readOnly: true + items: + $ref: '#/components/schemas/StandardSqlField' + bestTrialId: + description: The best trial_id across all training runs. type: string - type: object - SparkOptions: - description: Options for a user-defined Spark routine. - id: SparkOptions - properties: - archiveUris: - description: >- - Archive files to be extracted into the working directory of each - executor. For more information about Apache Spark, see [Apache - Spark](https://spark.apache.org/docs/latest/index.html). + format: int64 + deprecated: true + friendlyName: + description: Optional. A descriptive name for this model. + type: string + remoteModelInfo: + $ref: '#/components/schemas/RemoteModelInfo' + readOnly: true + description: Output only. Remote model info + trainingRuns: + description: Information for all training runs in increasing order of start_time. items: - type: string + $ref: '#/components/schemas/TrainingRun' type: array - connection: + labelColumns: description: >- - Fully qualified name of the user-provided Spark connection object. - Format: - ```"projects/{project_id}/locations/{location_id}/connections/{connection_id}"``` - type: string - containerImage: - description: Custom container image for the runtime environment. - type: string - fileUris: - description: >- - Files to be placed in the working directory of each executor. For - more information about Apache Spark, see [Apache - Spark](https://spark.apache.org/docs/latest/index.html). + Output only. Label columns that were used to train this model. The + output of the model will have a "predicted_" prefix to these + columns. items: - type: string + $ref: '#/components/schemas/StandardSqlField' type: array - jarUris: + readOnly: true + hparamTrials: description: >- - JARs to include on the driver and executor CLASSPATH. For more - information about Apache Spark, see [Apache - Spark](https://spark.apache.org/docs/latest/index.html). + Output only. Trials of a [hyperparameter + tuning](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview) + model sorted by trial_id. items: - type: string + $ref: '#/components/schemas/HparamTuningTrial' + readOnly: true type: array - mainClass: + labels: description: >- - The fully qualified name of a class in jar_uris, for example, - com.example.wordcount. Exactly one of main_class and main_jar_uri - field should be set for Java/Scala language type. + The labels associated with this model. You can use these to organize + and group your models. Label keys and values can be no longer than + 63 characters, can only contain lowercase letters, numeric + characters, underscores and dashes. International characters are + allowed. Label values are optional. Label keys must start with a + letter and each label in the list must have a different key. + additionalProperties: + type: string + type: object + modelReference: + description: Required. Unique identifier for this model. + $ref: '#/components/schemas/ModelReference' + expirationTime: + format: int64 + description: >- + Optional. The time when this model expires, in milliseconds since + the epoch. If not present, the model will persist indefinitely. + Expired models will be deleted and their storage reclaimed. The + defaultTableExpirationMs property of the encapsulating dataset can + be used to set a default expirationTime on newly created models. type: string - mainFileUri: + defaultTrialId: + type: string + readOnly: true description: >- - The main file/jar URI of the Spark application. Exactly one of the - definition_body field and the main_file_uri field must be set for - Python. Exactly one of main_class and main_file_uri field should be - set for Java/Scala language type. + Output only. The default trial_id to use in TVFs when the trial_id + is not passed in. For single-objective [hyperparameter + tuning](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview) + models, this is the best trial ID. For multi-objective + [hyperparameter + tuning](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview) + models, this is the smallest trial ID among all Pareto optimal + trials. + format: int64 + description: + description: Optional. A user-friendly description of this model. type: string - properties: - additionalProperties: - type: string + location: + readOnly: true description: >- - Configuration properties as a set of key/value pairs, which will be - passed on to the Spark application. For more information, see - [Apache Spark](https://spark.apache.org/docs/latest/index.html) and - the [procedure option - list](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#procedure_option_list). - type: object - pyFileUris: + Output only. The geographic location where the model resides. This + value is inherited from the dataset. + type: string + encryptionConfiguration: description: >- - Python files to be placed on the PYTHONPATH for PySpark application. - Supported file types: `.py`, `.egg`, and `.zip`. For more - information about Apache Spark, see [Apache - Spark](https://spark.apache.org/docs/latest/index.html). - items: - type: string + Custom encryption configuration (e.g., Cloud KMS keys). This shows + the encryption configuration of the model data while stored in + BigQuery storage. This field can be used with PatchModel to update + encryption key for an already encrypted model. + $ref: '#/components/schemas/EncryptionConfiguration' + modelType: + type: string + enum: + - MODEL_TYPE_UNSPECIFIED + - LINEAR_REGRESSION + - LOGISTIC_REGRESSION + - KMEANS + - MATRIX_FACTORIZATION + - DNN_CLASSIFIER + - TENSORFLOW + - DNN_REGRESSOR + - XGBOOST + - BOOSTED_TREE_REGRESSOR + - BOOSTED_TREE_CLASSIFIER + - ARIMA + - AUTOML_REGRESSOR + - AUTOML_CLASSIFIER + - PCA + - DNN_LINEAR_COMBINED_CLASSIFIER + - DNN_LINEAR_COMBINED_REGRESSOR + - AUTOENCODER + - ARIMA_PLUS + - ARIMA_PLUS_XREG + - RANDOM_FOREST_REGRESSOR + - RANDOM_FOREST_CLASSIFIER + - TENSORFLOW_LITE + - ONNX + - TRANSFORM_ONLY + - CONTRIBUTION_ANALYSIS + readOnly: true + enumDescriptions: + - Default value. + - Linear regression model. + - Logistic regression based classification model. + - K-means clustering model. + - Matrix factorization model. + - DNN classifier model. + - An imported TensorFlow model. + - DNN regressor model. + - An imported XGBoost model. + - Boosted tree regressor model. + - Boosted tree classifier model. + - ARIMA model. + - AutoML Tables regression model. + - AutoML Tables classification model. + - Prinpical Component Analysis model. + - Wide-and-deep classifier model. + - Wide-and-deep regressor model. + - Autoencoder model. + - New name for the ARIMA model. + - ARIMA with external regressors. + - Random forest regressor model. + - Random forest classifier model. + - An imported TensorFlow Lite model. + - An imported ONNX model. + - >- + Model to capture the columns and logic in the TRANSFORM clause + along with statistics useful for ML analytic functions. + - The contribution analysis model. + description: Output only. Type of the model resource. + BinaryClassificationMetrics: + properties: + positiveLabel: + description: Label representing the positive class. + type: string + binaryConfusionMatrixList: type: array - runtimeVersion: - description: >- - Runtime version. If not specified, the default runtime version is - used. + items: + $ref: '#/components/schemas/BinaryConfusionMatrix' + description: Binary confusion matrix at multiple thresholds. + negativeLabel: + description: Label representing the negative class. type: string + aggregateClassificationMetrics: + description: Aggregate classification metrics. + $ref: '#/components/schemas/AggregateClassificationMetrics' + id: BinaryClassificationMetrics type: object - SparkStatistics: - description: Statistics for a BigSpark query. Populated as part of JobStatistics2 - id: SparkStatistics + description: Evaluation metrics for binary classification/classifier models. + IncrementalResultStats: + description: >- + Statistics related to Incremental Query Results. Populated as part of + JobStatistics2. This feature is not yet available. + type: object + id: IncrementalResultStats properties: - endpoints: - additionalProperties: - type: string + resultSetLastModifyTime: + type: string + format: google-datetime description: >- - Output only. Endpoints returned from Dataproc. Key list: - - history_server_endpoint: A link to Spark job UI. - readOnly: true - type: object - gcsStagingBucket: + The time at which the result table's contents were modified. May be + absent if no results have been written or the query has completed. + resultSetLastReplaceTime: description: >- - Output only. The Google Cloud Storage bucket that is used as the - default file system by the Spark application. This field is only - filled when the Spark procedure uses the invoker security mode. The - `gcsStagingBucket` bucket is inferred from the - `@@spark_proc_properties.staging_bucket` system variable (if it is - provided). Otherwise, BigQuery creates a default staging bucket for - the job and returns the bucket name in this field. Example: * - `gs://[bucket_name]` - readOnly: true + The time at which the result table's contents were completely + replaced. May be absent if no results have been written or the query + has completed. type: string - kmsKeyName: + format: google-datetime + disabledReason: + enum: + - DISABLED_REASON_UNSPECIFIED + - OTHER + enumDescriptions: + - Disabled reason not specified. + - Some other reason. description: >- - Output only. The Cloud KMS encryption key that is used to protect - the resources created by the Spark job. If the Spark procedure uses - the invoker security mode, the Cloud KMS encryption key is either - inferred from the provided system variable, - `@@spark_proc_properties.kms_key_name`, or the default key of the - BigQuery job's project (if the CMEK organization policy is - enforced). Otherwise, the Cloud KMS key is either inferred from the - Spark connection associated with the procedure (if it is provided), - or from the default key of the Spark connection's project if the - CMEK organization policy is enforced. Example: * - `projects/[kms_project_id]/locations/[region]/keyRings/[key_region]/cryptoKeys/[key]` + Reason why incremental query results are/were not written by the + query. + type: string + Streamingbuffer: + properties: + oldestEntryTime: readOnly: true + format: uint64 + description: >- + Output only. Contains the timestamp of the oldest entry in the + streaming buffer, in milliseconds since the epoch, if the streaming + buffer is available. type: string - loggingInfo: - $ref: '#/components/schemas/SparkLoggingInfo' + estimatedRows: description: >- - Output only. Logging info is used to generate a link to Cloud - Logging. + Output only. A lower-bound estimate of the number of rows currently + in the streaming buffer. + type: string + format: uint64 readOnly: true - sparkJobId: - description: Output only. Spark job ID if a Spark job is created successfully. + estimatedBytes: readOnly: true type: string - sparkJobLocation: + format: uint64 description: >- - Output only. Location where the Spark job is executed. A location is - selected by BigQueury for jobs configured to run in a multi-region. - readOnly: true - type: string + Output only. A lower-bound estimate of the number of bytes currently + in the streaming buffer. + type: object + id: Streamingbuffer + DataMaskingStatistics: type: object - StagePerformanceChangeInsight: - description: >- - Performance insights compared to the previous executions for a specific - stage. - id: StagePerformanceChangeInsight properties: - inputDataChange: - $ref: '#/components/schemas/InputDataChange' - description: Output only. Input data change insight of the query stage. - readOnly: true - stageId: - description: Output only. The stage id that the insight mapped to. - format: int64 - readOnly: true - type: string - type: object - StagePerformanceStandaloneInsight: - description: Standalone performance insights for a specific stage. - id: StagePerformanceStandaloneInsight - properties: - biEngineReasons: - description: >- - Output only. If present, the stage had the following reasons for - being disqualified from BI Engine execution. - items: - $ref: '#/components/schemas/BiEngineReason' - readOnly: true - type: array - highCardinalityJoins: - description: Output only. High cardinality joins in the stage. - items: - $ref: '#/components/schemas/HighCardinalityJoin' - readOnly: true - type: array - insufficientShuffleQuota: - description: Output only. True if the stage has insufficient shuffle quota. - readOnly: true - type: boolean - partitionSkew: - $ref: '#/components/schemas/PartitionSkew' - description: Output only. Partition skew in the stage. - readOnly: true - slotContention: - description: Output only. True if the stage has a slot contention issue. - readOnly: true + dataMaskingApplied: type: boolean - stageId: - description: Output only. The stage id that the insight mapped to. - format: int64 - readOnly: true - type: string - type: object - StandardSqlDataType: - description: >- - The data type of a variable such as a function argument. Examples - include: * INT64: `{"typeKind": "INT64"}` * ARRAY: { "typeKind": - "ARRAY", "arrayElementType": {"typeKind": "STRING"} } * STRUCT>: { - "typeKind": "STRUCT", "structType": { "fields": [ { "name": "x", "type": - {"typeKind": "STRING"} }, { "name": "y", "type": { "typeKind": "ARRAY", - "arrayElementType": {"typeKind": "DATE"} } } ] } } * RANGE: { - "typeKind": "RANGE", "rangeElementType": {"typeKind": "DATE"} } - id: StandardSqlDataType + description: Whether any accessed data was protected by the data masking. + description: Statistics for data-masking. + id: DataMaskingStatistics + IndexUnusedReason: properties: - arrayElementType: - $ref: '#/components/schemas/StandardSqlDataType' - description: The type of the array's elements, if type_kind = "ARRAY". - rangeElementType: - $ref: '#/components/schemas/StandardSqlDataType' - description: The type of the range's elements, if type_kind = "RANGE". - structType: - $ref: '#/components/schemas/StandardSqlStructType' - description: The fields of this struct, in order, if type_kind = "STRUCT". - typeKind: + baseTable: description: >- - Required. The top level type of this field. Can be any GoogleSQL - data type (e.g., "INT64", "DATE", "ARRAY"). - enum: - - TYPE_KIND_UNSPECIFIED - - INT64 - - BOOL - - FLOAT64 - - STRING - - BYTES - - TIMESTAMP - - DATE - - TIME - - DATETIME - - INTERVAL - - GEOGRAPHY - - NUMERIC - - BIGNUMERIC - - JSON - - ARRAY - - STRUCT - - RANGE + Specifies the base table involved in the reason that no search index + was used. + $ref: '#/components/schemas/TableReference' + message: + description: >- + Free form human-readable reason for the scenario when no search + index was used. + type: string + indexName: + type: string + description: Specifies the name of the unused search index, if available. + code: enumDescriptions: - - Invalid type. - - Encoded as a string in decimal format. - - Encoded as a boolean "false" or "true". - - Encoded as a number, or string "NaN", "Infinity" or "-Infinity". - - Encoded as a string value. - - Encoded as a base64 string per RFC 4648, section 4. + - Code not specified. + - Indicates the search index configuration has not been created. + - Indicates the search index creation has not been completed. - >- - Encoded as an RFC 3339 timestamp with mandatory "Z" time zone - string: 1985-04-12T23:20:50.52Z - - 'Encoded as RFC 3339 full-date format string: 1985-04-12' - - 'Encoded as RFC 3339 partial-time format string: 23:20:50.52' + Indicates the base table has been truncated (rows have been + removed from table with TRUNCATE TABLE statement) since the last + time the search index was refreshed. - >- - Encoded as RFC 3339 full-date "T" partial-time: - 1985-04-12T23:20:50.52 - - 'Encoded as fully qualified 3 part: 0-5 15 2:30:45.6' - - Encoded as WKT - - Encoded as a decimal string. - - Encoded as a decimal string. - - Encoded as a string. - - Encoded as a list with types matching Type.array_type. + Indicates the search index configuration has been changed since + the last time the search index was refreshed. - >- - Encoded as a list with fields of type Type.struct_type[i]. List is - used because a JSON object cannot have duplicate field names. + Indicates the search query accesses data at a timestamp before the + last time the search index was refreshed. - >- - Encoded as a pair with types matching range_element_type. Pairs - must begin with "[", end with ")", and be separated by ", ". - type: string - type: object - StandardSqlField: - description: A field or a column. - id: StandardSqlField - properties: - name: - description: Optional. The name of this field. Can be absent for struct fields. + Indicates the usage of search index will not contribute to any + pruning improvement for the search function, e.g. when the search + predicate is in a disjunction with other non-search predicates. + - >- + Indicates the search index does not cover all fields in the search + function. + - >- + Indicates the search index does not support the given search query + pattern. + - >- + Indicates the query has been optimized by using a materialized + view. + - >- + Indicates the query has been secured by data masking, and thus + search indexes are not applicable. + - >- + Indicates that the search index and the search function call do + not have the same text analyzer. + - >- + Indicates the base table is too small (below a certain threshold). + The index does not provide noticeable search performance gains + when the base table is too small. + - >- + Indicates that the total size of indexed base tables in your + organization exceeds your region's limit and the index is not used + in the query. To index larger base tables, you can use your own + reservation for index-management jobs. + - >- + Indicates that the estimated performance gain from using the + search index is too low for the given search query. + - >- + Indicates that the column metadata index (which the search index + depends on) is not used. User can refer to the [column metadata + index + usage](https://cloud.google.com/bigquery/docs/metadata-indexing-managed-tables#view_column_metadata_index_usage) + for more details on why it was not used. + - >- + Indicates that search indexes can not be used for search query + with STANDARD edition. + - >- + Indicates that an option in the search function that cannot make + use of the index has been selected. + - >- + Indicates that the query was cached, and thus the search index was + not used. + - The index cannot be used in the search query because it is stale. + - >- + Indicates an internal error that causes the search index to be + unused. + - >- + Indicates that the reason search indexes cannot be used in the + query is not covered by any of the other IndexUnusedReason + options. + enum: + - CODE_UNSPECIFIED + - INDEX_CONFIG_NOT_AVAILABLE + - PENDING_INDEX_CREATION + - BASE_TABLE_TRUNCATED + - INDEX_CONFIG_MODIFIED + - TIME_TRAVEL_QUERY + - NO_PRUNING_POWER + - UNINDEXED_SEARCH_FIELDS + - UNSUPPORTED_SEARCH_PATTERN + - OPTIMIZED_WITH_MATERIALIZED_VIEW + - SECURED_BY_DATA_MASKING + - MISMATCHED_TEXT_ANALYZER + - BASE_TABLE_TOO_SMALL + - BASE_TABLE_TOO_LARGE + - ESTIMATED_PERFORMANCE_GAIN_TOO_LOW + - COLUMN_METADATA_INDEX_NOT_USED + - NOT_SUPPORTED_IN_STANDARD_EDITION + - INDEX_SUPPRESSED_BY_FUNCTION_OPTION + - QUERY_CACHE_HIT + - STALE_INDEX + - INTERNAL_ERROR + - OTHER_REASON type: string - type: - $ref: '#/components/schemas/StandardSqlDataType' description: >- - Optional. The type of this parameter. Absent if not explicitly - specified (e.g., CREATE FUNCTION statement can omit the return type; - in this case the output parameter does not have this "type" field). + Specifies the high-level reason for the scenario when no search + index was used. type: object + description: >- + Reason about why no search index was used in the search query (or + sub-query). + id: IndexUnusedReason StandardSqlStructType: - description: The representation of a SQL STRUCT type. - id: StandardSqlStructType properties: fields: - description: Fields within the struct. items: $ref: '#/components/schemas/StandardSqlField' + description: Fields within the struct. type: array + id: StandardSqlStructType + description: The representation of a SQL STRUCT type. type: object - StandardSqlTableType: - description: A table type - id: StandardSqlTableType - properties: - columns: - description: The columns in this table type - items: - $ref: '#/components/schemas/StandardSqlField' - type: array + EncryptionConfiguration: type: object - StorageDescriptor: - description: >- - Contains information about how a table's data is stored and accessed by - open source query engines. - id: StorageDescriptor + id: EncryptionConfiguration properties: - inputFormat: + kmsKeyName: + type: string description: >- - Optional. Specifies the fully qualified class name of the - InputFormat (e.g. - "org.apache.hadoop.hive.ql.io.orc.OrcInputFormat"). The maximum - length is 128 characters. - type: string - locationUri: - description: >- - Optional. The physical location of the table (e.g. - `gs://spark-dataproc-data/pangea-data/case_sensitive/` or - `gs://spark-dataproc-data/pangea-data/*`). The maximum length is - 2056 bytes. - type: string - outputFormat: - description: >- - Optional. Specifies the fully qualified class name of the - OutputFormat (e.g. - "org.apache.hadoop.hive.ql.io.orc.OrcOutputFormat"). The maximum - length is 128 characters. - type: string - serdeInfo: - $ref: '#/components/schemas/SerDeInfo' - description: Optional. Serializer and deserializer information. + Optional. Describes the Cloud KMS encryption key that will be used + to protect destination BigQuery table. The BigQuery Service Account + associated with your project requires access to this encryption key. + description: Configuration for Cloud KMS encryption settings. + Job: type: object - StoredColumnsUnusedReason: - description: If the stored column was not used, explain why. - id: StoredColumnsUnusedReason properties: - code: - description: >- - Specifies the high-level reason for the unused scenario, each reason - must have a code associated. - enum: - - CODE_UNSPECIFIED - - STORED_COLUMNS_COVER_INSUFFICIENT - - BASE_TABLE_HAS_RLS - - BASE_TABLE_HAS_CLS - - UNSUPPORTED_PREFILTER - - INTERNAL_ERROR - - OTHER_REASON - enumDescriptions: - - Default value. - - If stored columns do not fully cover the columns. - - If the base table has RLS (Row Level Security). - - If the base table has CLS (Column Level Security). - - If the provided prefilter is not supported. - - If an internal error is preventing stored columns from being used. - - >- - Indicates that the reason stored columns cannot be used in the - query is not covered by any of the other StoredColumnsUnusedReason - options. - type: string - message: - description: Specifies the detailed description for the scenario. + jobCreationReason: + description: Output only. The reason why a Job was created. + $ref: '#/components/schemas/JobCreationReason' + readOnly: true + kind: type: string - uncoveredColumns: + default: bigquery#job + readOnly: true + description: Output only. The type of the resource. + statistics: + readOnly: true + $ref: '#/components/schemas/JobStatistics' description: >- - Specifies which columns were not covered by the stored columns for - the specified code up to 20 columns. This is populated when the code - is STORED_COLUMNS_COVER_INSUFFICIENT and BASE_TABLE_HAS_CLS. - items: - type: string - type: array - type: object - StoredColumnsUsage: - description: Indicates the stored columns usage in the query. - id: StoredColumnsUsage - properties: - baseTable: - $ref: '#/components/schemas/TableReference' - description: Specifies the base table. - isQueryAccelerated: - description: Specifies whether the query was accelerated with stored columns. - type: boolean - storedColumnsUnusedReasons: - description: If stored columns were not used, explain why. - items: - $ref: '#/components/schemas/StoredColumnsUnusedReason' - type: array - type: object - Streamingbuffer: - id: Streamingbuffer - properties: - estimatedBytes: + Output only. Information about the job, including starting time and + ending time of the job. + configuration: + $ref: '#/components/schemas/JobConfiguration' + description: Required. Describes the job configuration. + status: description: >- - Output only. A lower-bound estimate of the number of bytes currently - in the streaming buffer. - format: uint64 + Output only. The status of this job. Examine this value when polling + an asynchronous job to see if the job is complete. readOnly: true + $ref: '#/components/schemas/JobStatus' + etag: + description: Output only. A hash of this resource. type: string - estimatedRows: - description: >- - Output only. A lower-bound estimate of the number of rows currently - in the streaming buffer. - format: uint64 readOnly: true + jobReference: + $ref: '#/components/schemas/JobReference' + description: Optional. Reference describing the unique-per-user name of the job. + user_email: + readOnly: true + description: Output only. Email address of the user who ran the job. type: string - oldestEntryTime: + selfLink: + description: Output only. A URL that can be used to access the resource again. + type: string + readOnly: true + id: + description: Output only. Opaque ID field of the job. + type: string + readOnly: true + principal_subject: description: >- - Output only. Contains the timestamp of the oldest entry in the - streaming buffer, in milliseconds since the epoch, if the streaming - buffer is available. - format: uint64 + Output only. [Full-projection-only] String representation of + identity of requesting party. Populated for both first- and + third-party identities. Only present for APIs that support + third-party identities. readOnly: true type: string + id: Job + GetServiceAccountResponse: + id: GetServiceAccountResponse + properties: + email: + description: The service account email address. + type: string + kind: + default: bigquery#getServiceAccountResponse + type: string + description: The resource type of the response. + type: object + description: Response object of GetServiceAccount + IntHparamSearchSpace: + id: IntHparamSearchSpace + description: Search space for an int hyperparameter. type: object - StringHparamSearchSpace: - description: Search space for string and enum. - id: StringHparamSearchSpace properties: candidates: - description: Canididates for the string or enum parameter in lower case. - items: - type: string - type: array - type: object - SystemVariables: - description: System variables given to a query. - id: SystemVariables + $ref: '#/components/schemas/IntCandidates' + description: Candidates of the int hyperparameter. + range: + $ref: '#/components/schemas/IntRange' + description: Range of the int hyperparameter. + LoadQueryStatistics: properties: - types: - additionalProperties: - $ref: '#/components/schemas/StandardSqlDataType' - description: Output only. Data type for each system variable. + inputFileBytes: readOnly: true - type: object - values: - additionalProperties: - description: Properties of the object. - type: any - description: Output only. Value for each system variable. + type: string + description: Output only. Number of bytes of source data in a LOAD query. + format: int64 + outputBytes: readOnly: true - type: object - type: object - Table: - id: Table - properties: - biglakeConfiguration: - $ref: '#/components/schemas/BigLakeConfiguration' - description: >- - Optional. Specifies the configuration of a BigQuery table for Apache - Iceberg. - cloneDefinition: - $ref: '#/components/schemas/CloneDefinition' + type: string description: >- - Output only. Contains information about the clone. This value is set - via the clone operation. + Output only. Size of the loaded data in bytes. Note that while a + LOAD query is in the running state, this value may change. + format: int64 + inputFiles: + description: Output only. Number of source files in a LOAD query. + type: string readOnly: true - clustering: - $ref: '#/components/schemas/Clustering' - description: >- - Clustering specification for the table. Must be specified with - time-based partitioning, data in the table will be first partitioned - and subsequently clustered. - creationTime: + format: int64 + bytesTransferred: description: >- - Output only. The time when this table was created, in milliseconds - since the epoch. + Output only. This field is deprecated. The number of bytes of source + data copied over the network for a `LOAD` query. `transferred_bytes` + has the canonical value for physical transferred bytes, which is + used for BigQuery Omni billing. + type: string + readOnly: true format: int64 + deprecated: true + outputRows: + type: string readOnly: true + description: >- + Output only. Number of rows imported in a LOAD query. Note that + while a LOAD query is in the running state, this value may change. + format: int64 + badRecords: type: string - defaultCollation: + readOnly: true + format: int64 description: >- - Optional. Defines the default collation specification of new STRING - fields in the table. During table creation or update, if a STRING - field is added to this table without explicit collation specified, - then the table inherits the table default collation. A change to - this field affects only fields added afterwards, and does not alter - the existing fields. The following values are supported: * 'und:ci': - undetermined locale, case insensitive. * '': empty string. Default - to case-sensitive behavior. + Output only. The number of bad records encountered while processing + a LOAD query. Note that if the job has failed because of more bad + records encountered than the maximum allowed in the load job + configuration, then this number can be less than the total number of + bad records present in the input data. + description: Statistics for a LOAD query. + id: LoadQueryStatistics + type: object + ScriptOptions: + id: ScriptOptions + properties: + statementTimeoutMs: type: string - defaultRoundingMode: + description: Timeout period for each statement in a script. + format: int64 + keyResultStatement: description: >- - Optional. Defines the default rounding mode specification of new - decimal fields (NUMERIC OR BIGNUMERIC) in the table. During table - creation or update, if a decimal field is added to this table - without an explicit rounding mode specified, then the field inherits - the table default rounding mode. Changing this field doesn't affect - existing fields. - enum: - - ROUNDING_MODE_UNSPECIFIED - - ROUND_HALF_AWAY_FROM_ZERO - - ROUND_HALF_EVEN + Determines which statement in the script represents the "key + result", used to populate the schema and query results of the script + job. Default is LAST. enumDescriptions: - - Unspecified will default to using ROUND_HALF_AWAY_FROM_ZERO. - - >- - ROUND_HALF_AWAY_FROM_ZERO rounds half values away from zero when - applying precision and scale upon writing of NUMERIC and - BIGNUMERIC values. For Scale: 0 1.1, 1.2, 1.3, 1.4 => 1 1.5, 1.6, - 1.7, 1.8, 1.9 => 2 - - >- - ROUND_HALF_EVEN rounds half values to the nearest even value when - applying precision and scale upon writing of NUMERIC and - BIGNUMERIC values. For Scale: 0 1.1, 1.2, 1.3, 1.4 => 1 1.5 => 2 - 1.6, 1.7, 1.8, 1.9 => 2 2.5 => 2 - type: string - description: - description: Optional. A user-friendly description of this table. - type: string - encryptionConfiguration: - $ref: '#/components/schemas/EncryptionConfiguration' - description: Custom encryption configuration (e.g., Cloud KMS keys). - etag: - description: Output only. A hash of this resource. - readOnly: true + - Default value. + - The last result determines the key result. + - The first SELECT statement determines the key result. type: string - expirationTime: + enum: + - KEY_RESULT_STATEMENT_KIND_UNSPECIFIED + - LAST + - FIRST_SELECT + statementByteBudget: description: >- - Optional. The time when this table expires, in milliseconds since - the epoch. If not present, the table will persist indefinitely. - Expired tables will be deleted and their storage reclaimed. The - defaultTableExpirationMs property of the encapsulating dataset can - be used to set a default expirationTime on newly created tables. + Limit on the number of bytes billed per statement. Exceeding this + budget results in an error. format: int64 type: string - externalCatalogTableOptions: - $ref: '#/components/schemas/ExternalCatalogTableOptions' - description: Optional. Options defining open source compatible table. - externalDataConfiguration: - $ref: '#/components/schemas/ExternalDataConfiguration' - description: >- - Optional. Describes the data format, location, and other properties - of a table stored outside of BigQuery. By defining these properties, - the data source can then be queried as if it were a standard - BigQuery table. - friendlyName: - description: Optional. A descriptive name for this table. - type: string - id: - description: Output only. An opaque ID uniquely identifying the table. - readOnly: true - type: string - kind: - default: bigquery#table - description: The type of resource ID. - type: string - labels: - additionalProperties: - type: string - description: >- - The labels associated with this table. You can use these to organize - and group your tables. Label keys and values can be no longer than - 63 characters, can only contain lowercase letters, numeric - characters, underscores and dashes. International characters are - allowed. Label values are optional. Label keys must start with a - letter and each label in the list must have a different key. - type: object - lastModifiedTime: - description: >- - Output only. The time when this table was last modified, in - milliseconds since the epoch. - format: uint64 + description: Options related to script execution. + type: object + JobStatistics3: + type: object + properties: + inputFileBytes: + format: int64 + description: Output only. Number of bytes of source data in a load job. readOnly: true type: string - location: - description: >- - Output only. The geographic location where the table resides. This - value is inherited from the dataset. + inputFiles: + format: int64 readOnly: true + description: Output only. Number of source files in a load job. type: string - managedTableType: + outputBytes: + format: int64 description: >- - Optional. If set, overrides the default managed table type - configured in the dataset. - enum: - - MANAGED_TABLE_TYPE_UNSPECIFIED - - NATIVE - - BIGLAKE - enumDescriptions: - - No managed table type specified. - - The managed table is a native BigQuery table. - - >- - The managed table is a BigLake table for Apache Iceberg in - BigQuery. + Output only. Size of the loaded data in bytes. Note that while a + load job is in the running state, this value may change. type: string - materializedView: - $ref: '#/components/schemas/MaterializedViewDefinition' - description: Optional. The materialized view definition. - materializedViewStatus: - $ref: '#/components/schemas/MaterializedViewStatus' - description: Output only. The materialized view status. readOnly: true - maxStaleness: - description: >- - Optional. The maximum staleness of data that could be returned when - the table (or stale MV) is queried. Staleness encoded as a string - encoding of sql IntervalValue type. + outputRows: type: string - model: - $ref: '#/components/schemas/ModelDefinition' - description: Deprecated. - numActiveLogicalBytes: - description: Output only. Number of logical bytes that are less than 90 days old. - format: int64 readOnly: true - type: string - numActivePhysicalBytes: description: >- - Output only. Number of physical bytes less than 90 days old. This - data is not kept in real time, and might be delayed by a few seconds - to a few minutes. + Output only. Number of rows imported in a load job. Note that while + an import job is in the running state, this value may change. format: int64 - readOnly: true + badRecords: type: string - numBytes: - description: >- - Output only. The size of this table in logical bytes, excluding any - data in the streaming buffer. format: int64 readOnly: true - type: string - numCurrentPhysicalBytes: description: >- - Output only. Number of physical bytes used by current live data - storage. This data is not kept in real time, and might be delayed by - a few seconds to a few minutes. - format: int64 + Output only. The number of bad records encountered. Note that if the + job has failed because of more bad records encountered than the + maximum allowed in the load job configuration, then this number can + be less than the total number of bad records present in the input + data. + timeline: + type: array + items: + $ref: '#/components/schemas/QueryTimelineSample' + description: Output only. Describes a timeline of job execution. readOnly: true - type: string - numLongTermBytes: + id: JobStatistics3 + description: Statistics for a load job. + TrainingRun: + description: Information about a single training query run for the model. + type: object + id: TrainingRun + properties: + modelLevelGlobalExplanation: + readOnly: true + $ref: '#/components/schemas/GlobalExplanation' description: >- - Output only. The number of logical bytes in the table that are - considered "long-term storage". - format: int64 + Output only. Global explanation contains the explanation of top + features on the model level. Applies to both regression and + classification models. + evaluationMetrics: readOnly: true + description: >- + Output only. The evaluation metrics over training/eval data that + were computed at the end of training. + $ref: '#/components/schemas/EvaluationMetrics' + startTime: + format: google-datetime type: string - numLongTermLogicalBytes: - description: Output only. Number of logical bytes that are more than 90 days old. - format: int64 + description: Output only. The start time of this training run. readOnly: true + vertexAiModelVersion: type: string - numLongTermPhysicalBytes: description: >- - Output only. Number of physical bytes more than 90 days old. This - data is not kept in real time, and might be delayed by a few seconds - to a few minutes. - format: int64 + Output only. The model version in the [Vertex AI Model + Registry](https://cloud.google.com/vertex-ai/docs/model-registry/introduction) + for this training run. readOnly: true - type: string - numPartitions: + vertexAiModelId: description: >- - Output only. The number of partitions present in the table or - materialized view. This data is not kept in real time, and might be - delayed by a few seconds to a few minutes. - format: int64 - readOnly: true + The model id in the [Vertex AI Model + Registry](https://cloud.google.com/vertex-ai/docs/model-registry/introduction) + for this training run. type: string - numPhysicalBytes: + trainingOptions: description: >- - Output only. The physical size of this table in bytes. This includes - storage used for time travel. - format: int64 + Output only. Options that were used for this training run, includes + user specified and default options that were used. readOnly: true - type: string - numRows: + $ref: '#/components/schemas/TrainingOptions' + results: + type: array + items: + $ref: '#/components/schemas/IterationResult' description: >- - Output only. The number of rows of data in this table, excluding any - data in the streaming buffer. - format: uint64 + Output only. Output of each iteration run, results.size() <= + max_iterations. readOnly: true - type: string - numTimeTravelPhysicalBytes: - description: >- - Output only. Number of physical bytes used by time travel storage - (deleted or changed data). This data is not kept in real time, and - might be delayed by a few seconds to a few minutes. - format: int64 + classLevelGlobalExplanations: readOnly: true - type: string - numTotalLogicalBytes: description: >- - Output only. Total number of logical bytes in the table or - materialized view. - format: int64 + Output only. Global explanation contains the explanation of top + features on the class level. Applies to classification models only. + items: + $ref: '#/components/schemas/GlobalExplanation' + type: array + dataSplitResult: readOnly: true - type: string - numTotalPhysicalBytes: description: >- - Output only. The physical size of this table in bytes. This also - includes storage used for time travel. This data is not kept in real - time, and might be delayed by a few seconds to a few minutes. - format: int64 + Output only. Data split result of the training run. Only set when + the input data is actually split. + $ref: '#/components/schemas/DataSplitResult' + trainingStartTime: readOnly: true - type: string - partitionDefinition: - $ref: '#/components/schemas/PartitioningDefinition' - description: >- - Optional. The partition information for all table formats, including - managed partitioned tables, hive partitioned tables, iceberg - partitioned, and metastore partitioned tables. This field is only - populated for metastore partitioned tables. For other table formats, - this is an output only field. - rangePartitioning: - $ref: '#/components/schemas/RangePartitioning' - description: If specified, configures range partitioning for this table. - replicas: + format: int64 + deprecated: true description: >- - Optional. Output only. Table references of all replicas currently - active on the table. - items: - $ref: '#/components/schemas/TableReference' + Output only. The start time of this training run, in milliseconds + since epoch. + type: string + StagePerformanceStandaloneInsight: + type: object + description: Standalone performance insights for a specific stage. + id: StagePerformanceStandaloneInsight + properties: + stageId: + type: string + description: Output only. The stage id that the insight mapped to. + readOnly: true + format: int64 + partitionSkew: + description: Output only. Partition skew in the stage. + $ref: '#/components/schemas/PartitionSkew' + readOnly: true + highCardinalityJoins: + description: Output only. High cardinality joins in the stage. readOnly: true type: array - requirePartitionFilter: - default: 'false' - description: >- - Optional. If set to true, queries over this table require a - partition filter that can be used for partition elimination to be - specified. + items: + $ref: '#/components/schemas/HighCardinalityJoin' + insufficientShuffleQuota: type: boolean - resourceTags: - additionalProperties: - type: string - description: >- - [Optional] The tags associated with this table. Tag keys are - globally unique. See additional information on - [tags](https://cloud.google.com/iam/docs/tags-access-control#definitions). - An object containing a list of "key": value pairs. The key is the - namespaced friendly name of the tag key, e.g. "12345/environment" - where 12345 is parent id. The value is the friendly short name of - the tag value, e.g. "production". - type: object - restrictions: - $ref: '#/components/schemas/RestrictionConfig' - description: >- - Optional. Output only. Restriction config for table. If set, - restrict certain accesses on the table based on the config. See - [Data - egress](https://cloud.google.com/bigquery/docs/analytics-hub-introduction#data_egress) - for more details. + description: Output only. True if the stage has insufficient shuffle quota. readOnly: true - schema: - $ref: '#/components/schemas/TableSchema' - description: Optional. Describes the schema of this table. - selfLink: - description: Output only. A URL that can be used to access this resource again. + slotContention: + description: Output only. True if the stage has a slot contention issue. readOnly: true - type: string - snapshotDefinition: - $ref: '#/components/schemas/SnapshotDefinition' - description: >- - Output only. Contains information about the snapshot. This value is - set via snapshot creation. + type: boolean + biEngineReasons: + items: + $ref: '#/components/schemas/BiEngineReason' readOnly: true - streamingBuffer: - $ref: '#/components/schemas/Streamingbuffer' description: >- - Output only. Contains information regarding this table's streaming - buffer, if one is present. This field will be absent if the table is - not being streamed to or if there is no data in the streaming - buffer. + Output only. If present, the stage had the following reasons for + being disqualified from BI Engine execution. + type: array + ArimaCoefficients: + type: object + properties: + autoRegressiveCoefficients: + type: array + description: Auto-regressive coefficients, an array of double. + items: + format: double + type: number + movingAverageCoefficients: + description: Moving-average coefficients, an array of double. + type: array + items: + type: number + format: double + interceptCoefficient: + type: number + description: Intercept coefficient, just a double not an array. + format: double + description: Arima coefficients. + id: ArimaCoefficients + SessionInfo: + description: '[Preview] Information related to sessions.' + type: object + properties: + sessionId: + description: Output only. The id of the session. readOnly: true - tableConstraints: - $ref: '#/components/schemas/TableConstraints' - description: Optional. Tables Primary Key and Foreign Key information - tableReference: - $ref: '#/components/schemas/TableReference' - description: Required. Reference describing the ID of this table. - tableReplicationInfo: - $ref: '#/components/schemas/TableReplicationInfo' + type: string + id: SessionInfo + DmlStatistics: + properties: + deletedRowCount: description: >- - Optional. Table replication info for table created `AS REPLICA` DDL - like: `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv` - timePartitioning: - $ref: '#/components/schemas/TimePartitioning' - description: If specified, configures time-based partitioning for this table. - type: + Output only. Number of deleted Rows. populated by DML DELETE, MERGE + and TRUNCATE statements. + type: string + readOnly: true + format: int64 + insertedRowCount: + readOnly: true + format: int64 + type: string description: >- - Output only. Describes the table type. The following values are - supported: * `TABLE`: A normal BigQuery table. * `VIEW`: A virtual - table defined by a SQL query. * `EXTERNAL`: A table that references - data stored in an external storage system, such as Google Cloud - Storage. * `MATERIALIZED_VIEW`: A precomputed view defined by a SQL - query. * `SNAPSHOT`: An immutable BigQuery table that preserves the - contents of a base table at a particular time. See additional - information on [table - snapshots](https://cloud.google.com/bigquery/docs/table-snapshots-intro). - The default value is `TABLE`. + Output only. Number of inserted Rows. Populated by DML INSERT and + MERGE statements + updatedRowCount: + format: int64 readOnly: true type: string - view: - $ref: '#/components/schemas/ViewDefinition' - description: Optional. The view definition. + description: >- + Output only. Number of updated Rows. Populated by DML UPDATE and + MERGE statements. type: object - TableCell: - id: TableCell + id: DmlStatistics + description: Detailed statistics for DML statements + DoubleCandidates: + description: Discrete candidates of a double hyperparameter. + id: DoubleCandidates properties: - v: - type: any + candidates: + items: + format: double + type: number + description: Candidates for the double parameter in increasing order. + type: array + type: object + JobList: type: object - TableConstraints: - description: The TableConstraints defines the primary key and foreign key. - id: TableConstraints properties: - foreignKeys: + unreachable: + items: + type: string description: >- - Optional. Present only if the table has a foreign key. The foreign - key is not enforced. + A list of skipped locations that were unreachable. For more + information about BigQuery locations, see: + https://cloud.google.com/bigquery/docs/locations. Example: + "europe-west5" + type: array + nextPageToken: + description: A token to request the next page of results. + type: string + etag: + type: string + description: A hash of this page of results. + kind: + description: The resource type of the response. + type: string + default: bigquery#jobList + jobs: items: - description: Represents a foreign key constraint on a table's columns. + description: >- + ListFormatJob is a partial projection of job information returned + as part of a jobs.list response. + type: object properties: - columnReferences: - description: Required. The columns that compose the foreign key. - items: - description: The pair of the foreign key column and primary key column. - properties: - referencedColumn: - description: >- - Required. The column in the primary key that are - referenced by the referencing_column. - type: string - referencingColumn: - description: Required. The column that composes the foreign key. - type: string - type: object - type: array - name: - description: Optional. Set only if the foreign key constraint is named. + configuration: + $ref: '#/components/schemas/JobConfiguration' + description: Required. Describes the job configuration. + id: type: string - referencedTable: - properties: - datasetId: - type: string - projectId: - type: string - tableId: - type: string - type: object - type: object - type: array - primaryKey: - description: Represents the primary key constraint on a table's columns. + description: Unique opaque ID of the job. + statistics: + description: >- + Output only. Information about the job, including starting + time and ending time of the job. + readOnly: true + $ref: '#/components/schemas/JobStatistics' + errorResult: + description: >- + A result object that will be present only if the job has + failed. + $ref: '#/components/schemas/ErrorProto' + user_email: + description: >- + [Full-projection-only] Email address of the user who ran the + job. + type: string + jobReference: + description: Unique opaque ID of the job. + $ref: '#/components/schemas/JobReference' + status: + $ref: '#/components/schemas/JobStatus' + description: '[Full-projection-only] Describes the status of this job.' + kind: + description: The resource type. + type: string + principal_subject: + description: >- + [Full-projection-only] String representation of identity of + requesting party. Populated for both first- and third-party + identities. Only present for APIs that support third-party + identities. + type: string + state: + description: >- + Running state of the job. When the state is DONE, errorResult + can be checked to determine whether the job succeeded or + failed. + type: string + type: array + description: List of jobs that were requested. + id: JobList + description: JobList is the response format for a jobs.list call. + PruningStats: + id: PruningStats + type: object + description: The column metadata index pruning statistics. + properties: + postCmetaPruningParallelInputCount: + description: The number of parallel inputs matched. + format: int64 + type: string + postCmetaPruningPartitionCount: + description: The number of partitions matched. + type: string + format: int64 + preCmetaPruningParallelInputCount: + description: The number of parallel inputs scanned. + format: int64 + type: string + TableConstraints: + properties: + primaryKey: properties: columns: + items: + type: string description: >- Required. The columns that are composed of the primary key constraint. - items: - type: string type: array + description: Represents the primary key constraint on a table's columns. type: object - type: object - TableDataInsertAllRequest: - description: Request for sending a single streaming insert. - id: TableDataInsertAllRequest - properties: - ignoreUnknownValues: - description: >- - Optional. Accept rows that contain values that do not match the - schema. The unknown values are ignored. Default is false, which - treats unknown values as errors. - type: boolean - kind: - default: bigquery#tableDataInsertAllRequest + foreignKeys: description: >- - Optional. The resource type of the response. The value is not - checked at the backend. Historically, it has been set to - "bigquery#tableDataInsertAllRequest" but you are not required to set - it. - type: string - rows: - items: - description: Data for a single insertion row. - properties: - insertId: - description: >- - Insertion ID for best-effort deduplication. This feature is - not recommended, and users seeking stronger insertion - semantics are encouraged to use other mechanisms such as the - BigQuery Write API. - type: string - json: - $ref: '#/components/schemas/JsonObject' - description: Data for a single row. - type: object + Optional. Present only if the table has a foreign key. The foreign + key is not enforced. type: array - skipInvalidRows: - description: >- - Optional. Insert all valid rows of a request, even if invalid rows - exist. The default value is false, which causes the entire request - to fail if any invalid rows exist. - type: boolean - templateSuffix: - description: >- - Optional. If specified, treats the destination table as a base - template, and inserts the rows into an instance table named - "{destination}{templateSuffix}". BigQuery will manage creation of - the instance table, using the schema of the base template table. See - https://cloud.google.com/bigquery/streaming-data-into-bigquery#template-tables - for considerations when working with templates tables. - type: string - traceId: - description: >- - Optional. Unique request trace id. Used for debugging purposes only. - It is case-sensitive, limited to up to 36 ASCII characters. A UUID - is recommended. - type: string - type: object - TableDataInsertAllResponse: - description: Describes the format of a streaming insert response. - id: TableDataInsertAllResponse - properties: - insertErrors: - description: Describes specific errors encountered while processing the request. items: - description: Error details about a single row's insertion. properties: - errors: - description: Error information for the row indicated by the index property. + name: + description: Optional. Set only if the foreign key constraint is named. + type: string + columnReferences: items: - $ref: '#/components/schemas/ErrorProto' + description: The pair of the foreign key column and primary key column. + type: object + properties: + referencedColumn: + description: >- + Required. The column in the primary key that are + referenced by the referencing_column. + type: string + referencingColumn: + description: Required. The column that composes the foreign key. + type: string + description: Required. The columns that compose the foreign key. type: array - index: - description: The index of the row that error applies to. - format: uint32 - type: integer + referencedTable: + type: object + properties: + projectId: + type: string + datasetId: + type: string + tableId: + type: string type: object - type: array - kind: - default: bigquery#tableDataInsertAllResponse - description: Returns "bigquery#tableDataInsertAllResponse". - type: string + description: Represents a foreign key constraint on a table's columns. type: object - TableDataList: - id: TableDataList + id: TableConstraints + description: The TableConstraints defines the primary key and foreign key. + TableMetadataCacheUsage: + description: >- + Table level detail on the usage of metadata caching. Only set for + Metadata caching eligible tables referenced in the query. properties: - etag: - description: A hash of this page of results. + explanation: type: string - kind: - default: bigquery#tableDataList - description: The resource type of the response. + description: >- + Free form human-readable reason metadata caching was unused for the + job. + unusedReason: + enum: + - UNUSED_REASON_UNSPECIFIED + - EXCEEDED_MAX_STALENESS + - METADATA_CACHING_NOT_ENABLED + - OTHER_REASON type: string - pageToken: + description: Reason for not using metadata caching for the table. + enumDescriptions: + - Unused reasons not specified. + - Metadata cache was outside the table's maxStaleness. + - >- + Metadata caching feature is not enabled. [Update BigLake tables] + (/bigquery/docs/create-cloud-storage-table-biglake#update-biglake-tables) + to enable the metadata caching. + - Other unknown reason. + tableType: description: >- - A token used for paging results. Providing this token instead of the - startIndex parameter can help you retrieve stable results when an - underlying table is changing. + [Table + type](https://cloud.google.com/bigquery/docs/reference/rest/v2/tables#Table.FIELDS.type). type: string - rows: - description: Rows of results. - items: - $ref: '#/components/schemas/TableRow' - type: array - totalRows: + tableReference: + $ref: '#/components/schemas/TableReference' + description: Metadata caching eligible table referenced in the query. + pruningStats: + $ref: '#/components/schemas/PruningStats' + description: The column metadata index pruning statistics. + staleness: description: >- - Total rows of the entire table. In order to show default value 0 we - have to present it as string. - format: int64 + Duration since last refresh as of this job for managed tables + (indicates metadata cache staleness as seen by this job). + format: google-duration type: string + id: TableMetadataCacheUsage type: object - TableFieldSchema: - description: A field in TableSchema - id: TableFieldSchema + RoutineReference: properties: - categories: - description: Deprecated. - properties: - names: - description: Deprecated. - items: - type: string - type: array - type: object - collation: - description: >- - Optional. Field collation can be set only when the type of field is - STRING. The following values are supported: * 'und:ci': undetermined - locale, case insensitive. * '': empty string. Default to - case-sensitive behavior. + projectId: + description: Required. The ID of the project containing this routine. type: string - dataPolicies: - description: Optional. Data policy options, will replace the data_policies. - items: - $ref: '#/components/schemas/DataPolicyOption' - type: array - defaultValueExpression: + routineId: description: >- - Optional. A SQL expression to specify the [default value] - (https://cloud.google.com/bigquery/docs/default-values) for this - field. + Required. The ID of the routine. The ID must contain only letters + (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is + 256 characters. type: string - description: - description: >- - Optional. The field description. The maximum length is 1,024 - characters. + datasetId: type: string - fields: + description: Required. The ID of the dataset containing this routine. + id: RoutineReference + description: Id path of a routine. + type: object + BigtableColumnFamily: + id: BigtableColumnFamily + properties: + columns: description: >- - Optional. Describes the nested schema fields if the type property is - set to RECORD. - items: - $ref: '#/components/schemas/TableFieldSchema' + Optional. Lists of columns that should be exposed as individual + fields as opposed to a list of (column name, value) pairs. All + columns whose qualifier matches a qualifier in this list can be + accessed as `.`. Other columns can be accessed as a list through the + `.Column` field. type: array - foreignTypeDefinition: + items: + $ref: '#/components/schemas/BigtableColumn' + onlyReadLatest: description: >- - Optional. Definition of the foreign data type. Only valid for - top-level schema fields (not nested fields). If the type is FOREIGN, - this field is required. + Optional. If this is set only the latest version of value are + exposed for all columns in this column family. This can be + overridden for a specific column by listing that column in 'columns' + and specifying a different setting for that column. + type: boolean + type: + description: >- + Optional. The type to convert the value in cells of this column + family. The values are expected to be encoded using HBase + Bytes.toBytes function when using the BINARY encoding value. + Following BigQuery types are allowed (case-sensitive): * BYTES * + STRING * INTEGER * FLOAT * BOOLEAN * JSON Default type is BYTES. + This can be overridden for a specific column by listing that column + in 'columns' and specifying a type for it. type: string - maxLength: + familyId: + type: string + description: Identifier of the column family. + encoding: description: >- - Optional. Maximum length of values of this field for STRINGS or - BYTES. If max_length is not specified, no maximum length constraint - is imposed on this field. If type = "STRING", then max_length - represents the maximum UTF-8 length of strings in this field. If - type = "BYTES", then max_length represents the maximum number of - bytes in this field. It is invalid to set this field if type ≠ - "STRING" and ≠ "BYTES". + Optional. The encoding of the values when the type is not STRING. + Acceptable encoding values are: TEXT - indicates values are + alphanumeric text strings. BINARY - indicates values are encoded + using HBase Bytes.toBytes family of functions. This can be + overridden for a specific column by listing that column in 'columns' + and specifying an encoding for it. + type: string + description: Information related to a Bigtable column family. + type: object + SkewSource: + id: SkewSource + description: Details about source stages which produce skewed data. + properties: + stageId: + description: Output only. Stage id of the skew source stage. + type: string format: int64 + readOnly: true + type: object + ProjectList: + id: ProjectList + type: object + description: Response object of ListProjects + properties: + nextPageToken: + description: Use this token to request the next page of results. type: string - mode: - description: >- - Optional. The field mode. Possible values include NULLABLE, REQUIRED - and REPEATED. The default value is NULLABLE. + projects: + description: Projects to which the user has at least READ access. + type: array + items: + description: Information about a single project. + type: object + properties: + friendlyName: + description: >- + A descriptive name for this project. A wrapper is used here + because friendlyName can be set to the empty string. + type: string + numericId: + description: The numeric ID of this project. + format: uint64 + type: string + projectReference: + $ref: '#/components/schemas/ProjectReference' + description: A unique reference to this project. + id: + description: An opaque ID of this project. + type: string + kind: + description: The resource type. + type: string + kind: type: string - name: + description: The resource type of the response. + default: bigquery#projectList + totalItems: + type: integer + format: int32 description: >- - Required. The field name. The name must contain only letters (a-z, - A-Z), numbers (0-9), or underscores (_), and must start with a - letter or underscore. The maximum length is 300 characters. + The total number of projects in the page. A wrapper is used here + because the field should still be in the response when the value is + 0. + etag: + type: string + description: A hash of the page of results. + StagePerformanceChangeInsight: + description: >- + Performance insights compared to the previous executions for a specific + stage. + id: StagePerformanceChangeInsight + type: object + properties: + inputDataChange: + description: Output only. Input data change insight of the query stage. + readOnly: true + $ref: '#/components/schemas/InputDataChange' + stageId: + readOnly: true type: string + description: Output only. The stage id that the insight mapped to. + format: int64 + TableFieldSchema: + id: TableFieldSchema + properties: policyTags: - description: >- - Optional. The policy tags attached to this field, used for - field-level access control. If not set, defaults to empty - policy_tags. properties: names: + type: array description: >- A list of policy tag resource names. For example, "projects/1/locations/eu/taxonomies/2/policyTags/3". At most 1 policy tag is currently allowed. items: type: string - type: array + description: >- + Optional. The policy tags attached to this field, used for + field-level access control. If not set, defaults to empty + policy_tags. type: object + fields: + type: array + description: >- + Optional. Describes the nested schema fields if the type property is + set to RECORD. + items: + $ref: '#/components/schemas/TableFieldSchema' precision: + format: int64 + type: string description: >- Optional. Precision (maximum number of total digits in base 10) and scale (maximum number of digits in the fractional part in base 10) @@ -8486,25 +8042,29 @@ components: scale is interpreted to be equal to zero): * If type = "NUMERIC": 1 ≤ precision ≤ 29. * If type = "BIGNUMERIC": 1 ≤ precision ≤ 38. If scale is specified but not precision, then it is invalid. - format: int64 - type: string - rangeElementType: - description: Represents the type of a field element. + categories: properties: - type: - description: >- - Required. The type of a field element. For more information, see - TableFieldSchema.type. - type: string + names: + type: array + description: Deprecated. + items: + type: string type: object - roundingMode: + description: Deprecated. + mode: description: >- - Optional. Specifies the rounding mode to be used when storing values - of NUMERIC and BIGNUMERIC type. - enum: - - ROUNDING_MODE_UNSPECIFIED - - ROUND_HALF_AWAY_FROM_ZERO - - ROUND_HALF_EVEN + Optional. The field mode. Possible values include NULLABLE, REQUIRED + and REPEATED. The default value is NULLABLE. + type: string + type: + description: >- + Required. The field data type. Possible values include: * STRING * + BYTES * INTEGER (or INT64) * FLOAT (or FLOAT64) * BOOLEAN (or BOOL) + * TIMESTAMP * DATE * TIME * DATETIME * GEOGRAPHY * NUMERIC * + BIGNUMERIC * JSON * RECORD (or STRUCT) * RANGE Use of RECORD/STRUCT + indicates that the field contains a nested schema. + type: string + roundingMode: enumDescriptions: - Unspecified will default to using ROUND_HALF_AWAY_FROM_ZERO. - >- @@ -8517,1512 +8077,2163 @@ components: applying precision and scale upon writing of NUMERIC and BIGNUMERIC values. For Scale: 0 1.1, 1.2, 1.3, 1.4 => 1 1.5 => 2 1.6, 1.7, 1.8, 1.9 => 2 2.5 => 2 + description: >- + Optional. Specifies the rounding mode to be used when storing values + of NUMERIC and BIGNUMERIC type. + type: string + enum: + - ROUNDING_MODE_UNSPECIFIED + - ROUND_HALF_AWAY_FROM_ZERO + - ROUND_HALF_EVEN + description: type: string + description: >- + Optional. The field description. The maximum length is 1,024 + characters. scale: + type: string description: Optional. See documentation for precision. format: int64 + collation: type: string - type: description: >- - Required. The field data type. Possible values include: * STRING * - BYTES * INTEGER (or INT64) * FLOAT (or FLOAT64) * BOOLEAN (or BOOL) - * TIMESTAMP * DATE * TIME * DATETIME * GEOGRAPHY * NUMERIC * - BIGNUMERIC * JSON * RECORD (or STRUCT) * RANGE Use of RECORD/STRUCT - indicates that the field contains a nested schema. - type: string - type: object - TableList: - description: Partial projection of the metadata for a given table in a list response. - id: TableList - properties: - etag: - description: A hash of this page of results. + Optional. Field collation can be set only when the type of field is + STRING. The following values are supported: * 'und:ci': undetermined + locale, case insensitive. * '': empty string. Default to + case-sensitive behavior. + defaultValueExpression: type: string - kind: - default: bigquery#tableList - description: The type of list. + description: >- + Optional. A SQL expression to specify the [default value] + (https://cloud.google.com/bigquery/docs/default-values) for this + field. + maxLength: type: string - nextPageToken: - description: A token to request the next page of results. + description: >- + Optional. Maximum length of values of this field for STRINGS or + BYTES. If max_length is not specified, no maximum length constraint + is imposed on this field. If type = "STRING", then max_length + represents the maximum UTF-8 length of strings in this field. If + type = "BYTES", then max_length represents the maximum number of + bytes in this field. It is invalid to set this field if type ≠ + "STRING" and ≠ "BYTES". + format: int64 + timestampPrecision: type: string - tables: - description: Tables in the requested dataset. - items: - properties: - clustering: - $ref: '#/components/schemas/Clustering' - description: Clustering specification for this table, if configured. - creationTime: - description: >- - Output only. The time when this table was created, in - milliseconds since the epoch. - format: int64 - readOnly: true - type: string - expirationTime: - description: >- - The time when this table expires, in milliseconds since the - epoch. If not present, the table will persist indefinitely. - Expired tables will be deleted and their storage reclaimed. - format: int64 - type: string - friendlyName: - description: The user-friendly name for this table. - type: string - id: - description: An opaque ID of the table. - type: string - kind: - description: The resource type. - type: string - labels: - additionalProperties: - type: string - description: >- - The labels associated with this table. You can use these to - organize and group your tables. - type: object - rangePartitioning: - $ref: '#/components/schemas/RangePartitioning' - description: The range partitioning for this table. - requirePartitionFilter: - default: 'false' - description: >- - Optional. If set to true, queries including this table must - specify a partition filter. This filter is used for partition - elimination. - type: boolean - tableReference: - $ref: '#/components/schemas/TableReference' - description: A reference uniquely identifying table. - timePartitioning: - $ref: '#/components/schemas/TimePartitioning' - description: The time-based partitioning for this table. - type: - description: The type of table. - type: string - view: - description: Information about a logical view. - properties: - privacyPolicy: - $ref: '#/components/schemas/PrivacyPolicy' - description: Specifies the privacy policy for the view. - useLegacySql: - description: >- - True if view is defined in legacy SQL dialect, false if in - GoogleSQL. - type: boolean - type: object - type: object - type: array - totalItems: - description: The total number of tables in the dataset. - format: int32 - type: integer - type: object - TableMetadataCacheUsage: - description: >- - Table level detail on the usage of metadata caching. Only set for - Metadata caching eligible tables referenced in the query. - id: TableMetadataCacheUsage - properties: - explanation: + default: '6' + format: int64 description: >- - Free form human-readable reason metadata caching was unused for the - job. - type: string - staleness: + Optional. Precision (maximum number of total digits in base 10) for + seconds of TIMESTAMP type. Possible values include: * 6 (Default, + for TIMESTAMP type with microsecond precision) * 12 (For TIMESTAMP + type with picosecond precision) + name: description: >- - Duration since last refresh as of this job for managed tables - (indicates metadata cache staleness as seen by this job). - format: google-duration + Required. The field name. The name must contain only letters (a-z, + A-Z), numbers (0-9), or underscores (_), and must start with a + letter or underscore. The maximum length is 300 characters. type: string - tableReference: - $ref: '#/components/schemas/TableReference' - description: Metadata caching eligible table referenced in the query. - tableType: + rangeElementType: + description: Represents the type of a field element. + properties: + type: + description: >- + Required. The type of a field element. For more information, see + TableFieldSchema.type. + type: string + type: object + foreignTypeDefinition: description: >- - [Table - type](https://cloud.google.com/bigquery/docs/reference/rest/v2/tables#Table.FIELDS.type). + Optional. Definition of the foreign data type. Only valid for + top-level schema fields (not nested fields). If the type is FOREIGN, + this field is required. type: string - unusedReason: - description: Reason for not using metadata caching for the table. + dataPolicies: + items: + $ref: '#/components/schemas/DataPolicyOption' + description: >- + Optional. Data policies attached to this field, used for field-level + access control. + type: array + description: A field in TableSchema + type: object + JobConfigurationTableCopy: + type: object + properties: + sourceTables: + type: array + items: + $ref: '#/components/schemas/TableReference' + description: '[Pick one] Source tables to copy.' + destinationTable: + $ref: '#/components/schemas/TableReference' + description: '[Required] The destination table.' + operationType: enum: - - UNUSED_REASON_UNSPECIFIED - - EXCEEDED_MAX_STALENESS - - METADATA_CACHING_NOT_ENABLED - - OTHER_REASON + - OPERATION_TYPE_UNSPECIFIED + - COPY + - SNAPSHOT + - RESTORE + - CLONE + description: Optional. Supported operation types in table copy job. enumDescriptions: - - Unused reasons not specified. - - Metadata cache was outside the table's maxStaleness. + - Unspecified operation type. + - The source and destination table have the same table type. - >- - Metadata caching feature is not enabled. [Update BigLake tables] - (/bigquery/docs/create-cloud-storage-table-biglake#update-biglake-tables) - to enable the metadata caching. - - Other unknown reason. + The source table type is TABLE and the destination table type is + SNAPSHOT. + - >- + The source table type is SNAPSHOT and the destination table type + is TABLE. + - >- + The source and destination table have the same table type, but + only bill for unique data. type: string - type: object - TableReference: - id: TableReference - properties: - datasetId: - description: Required. The ID of the dataset containing this table. + writeDisposition: + description: >- + Optional. Specifies the action that occurs if the destination table + already exists. The following values are supported: * + WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the + table data and uses the schema and table constraints from the source + table. * WRITE_APPEND: If the table already exists, BigQuery appends + the data to the table. * WRITE_EMPTY: If the table already exists + and contains data, a 'duplicate' error is returned in the job + result. The default value is WRITE_EMPTY. Each action is atomic and + only occurs if BigQuery is able to complete the job successfully. + Creation, truncation and append actions occur as one atomic update + upon job completion. type: string - projectId: - description: Required. The ID of the project containing this table. + createDisposition: type: string - tableId: description: >- - Required. The ID of the table. The ID can contain Unicode characters - in category L (letter), M (mark), N (number), Pc (connector, - including underscore), Pd (dash), and Zs (space). For more - information, see [General - Category](https://wikipedia.org/wiki/Unicode_character_property#General_Category). - The maximum length is 1,024 characters. Certain operations allow - suffixing of the table ID with a partition decorator, such as - `sample_table$20190123`. + Optional. Specifies whether the job is allowed to create new tables. + The following values are supported: * CREATE_IF_NEEDED: If the table + does not exist, BigQuery creates the table. * CREATE_NEVER: The + table must already exist. If it does not, a 'notFound' error is + returned in the job result. The default value is CREATE_IF_NEEDED. + Creation, truncation and append actions occur as one atomic update + upon job completion. + destinationEncryptionConfiguration: + description: Custom encryption configuration (e.g., Cloud KMS keys). + $ref: '#/components/schemas/EncryptionConfiguration' + sourceTable: + description: '[Pick one] Source table to copy.' + $ref: '#/components/schemas/TableReference' + destinationExpirationTime: + format: google-datetime + description: >- + Optional. The time when the destination table expires. Expired + tables will be deleted and their storage reclaimed. type: string - type: object - TableReplicationInfo: description: >- - Replication info of a table created using `AS REPLICA` DDL like: `CREATE - MATERIALIZED VIEW mv1 AS REPLICA OF src_mv` - id: TableReplicationInfo + JobConfigurationTableCopy configures a job that copies data from one + table to another. For more information on copying tables, see [Copy a + table](https://cloud.google.com/bigquery/docs/managing-tables#copy-table). + id: JobConfigurationTableCopy + Binding: properties: - replicatedSourceLastRefreshTime: - description: >- - Optional. Output only. If source is a materialized view, this field - signifies the last refresh time of the source. - format: int64 - readOnly: true + role: type: string - replicationError: - $ref: '#/components/schemas/ErrorProto' description: >- - Optional. Output only. Replication error that will permanently - stopped table replication. - readOnly: true - replicationIntervalMs: + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + members: + type: array description: >- - Optional. Specifies the interval at which the source table is polled - for updates. It's Optional. If not specified, default replication - interval would be applied. - format: int64 - type: string - replicationStatus: - description: Optional. Output only. Replication status of configured replication. - enum: - - REPLICATION_STATUS_UNSPECIFIED - - ACTIVE - - SOURCE_DELETED - - PERMISSION_DENIED - - UNSUPPORTED_CONFIGURATION - enumDescriptions: - - Default value. - - Replication is Active with no errors. - - Source object is deleted. - - Source revoked replication permissions. - - Source configuration doesn’t allow replication. - readOnly: true - type: string - sourceTable: - $ref: '#/components/schemas/TableReference' - description: Required. Source table reference that is replicated. + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + items: + type: string + condition: + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' type: object - TableRow: - id: TableRow + description: Associates `members`, or principals, with a `role`. + id: Binding + Policy: + id: Policy properties: - f: + bindings: description: >- - Represents a single row in the result set, consisting of one or more - fields. + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. items: - $ref: '#/components/schemas/TableCell' + $ref: '#/components/schemas/Binding' type: array - type: object - TableSchema: - description: Schema of a table - id: TableSchema - properties: - fields: - description: Describes the fields in a table. + etag: + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + format: byte + type: string + auditConfigs: items: - $ref: '#/components/schemas/TableFieldSchema' + $ref: '#/components/schemas/AuditConfig' + description: Specifies cloud audit logging configuration for this policy. type: array - foreignTypeInfo: - $ref: '#/components/schemas/ForeignTypeInfo' + version: + type: integer + format: int32 description: >- - Optional. Specifies metadata of the foreign data type definition in - field schema (TableFieldSchema.foreign_type_definition). + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). type: object - TestIamPermissionsRequest: - description: Request message for `TestIamPermissions` method. - id: TestIamPermissionsRequest + RegressionMetrics: + description: >- + Evaluation metrics for regression and explicit feedback type matrix + factorization models. properties: - permissions: - description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - items: - type: string - type: array + rSquared: + format: double + type: number + description: R^2 score. This corresponds to r2_score in ML.EVALUATE. + meanSquaredError: + description: Mean squared error. + format: double + type: number + meanAbsoluteError: + type: number + description: Mean absolute error. + format: double + meanSquaredLogError: + type: number + description: Mean squared log error. + format: double + medianAbsoluteError: + description: Median absolute error. + format: double + type: number + id: RegressionMetrics type: object - TestIamPermissionsResponse: - description: Response message for `TestIamPermissions` method. - id: TestIamPermissionsResponse + RankingMetrics: + description: >- + Evaluation metrics used by weighted-ALS models specified by + feedback_type=implicit. properties: - permissions: + normalizedDiscountedCumulativeGain: description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - items: - type: string - type: array - type: object - TimePartitioning: - id: TimePartitioning - properties: - expirationMs: + A metric to determine the goodness of a ranking calculated from the + predicted confidence by comparing it to an ideal rank measured by + the original ratings. + format: double + type: number + averageRank: + format: double description: >- - Optional. Number of milliseconds for which to keep the storage for a - partition. A wrapper is used here because 0 is an invalid value. - format: int64 - type: string - field: + Determines the goodness of a ranking by computing the percentile + rank from the predicted confidence and dividing it by the original + rank. + type: number + meanAveragePrecision: description: >- - Optional. If not set, the table is partitioned by pseudo column - '_PARTITIONTIME'; if set, the table is partitioned by this field. - The field must be a top-level TIMESTAMP or DATE field. Its mode must - be NULLABLE or REQUIRED. A wrapper is used here because an empty - string is an invalid value. - type: string - requirePartitionFilter: - default: 'false' - deprecated: true - description: >- - If set to true, queries over this table require a partition filter - that can be used for partition elimination to be specified. This - field is deprecated; please set the field with the same name on the - table itself instead. This field needs a wrapper because we want to - output the default value, false, if the user explicitly set it. - type: boolean - type: + Calculates a precision per user for all the items by ranking them + and then averages all the precisions across all the users. + type: number + format: double + meanSquaredError: + type: number + format: double description: >- - Required. The supported types are DAY, HOUR, MONTH, and YEAR, which - will generate one partition per day, hour, month, and year, - respectively. - type: string + Similar to the mean squared error computed in regression and + explicit recommendation models except instead of computing the + rating directly, the output from evaluate is computed against a + preference which is 1 or 0 depending on if the rating exists or not. + id: RankingMetrics type: object - TrainingOptions: - description: Options used in model training. - id: TrainingOptions + BatchDeleteRowAccessPoliciesRequest: + description: Request message for the BatchDeleteRowAccessPoliciesRequest method. + type: object + id: BatchDeleteRowAccessPoliciesRequest properties: - activationFn: - description: Activation function of the neural nets. - type: string - adjustStepChanges: - description: >- - If true, detect step changes and make data adjustment in the input - time series. - type: boolean - approxGlobalFeatureContrib: - description: >- - Whether to use approximate feature contribution method in XGBoost - model explanation for global explain. - type: boolean - autoArima: - description: Whether to enable auto ARIMA or not. + policyIds: + description: Required. Policy IDs of the row access policies. + type: array + items: + type: string + force: type: boolean - autoArimaMaxOrder: - description: The max value of the sum of non-seasonal p and q. - format: int64 - type: string - autoArimaMinOrder: - description: The min value of the sum of non-seasonal p and q. - format: int64 - type: string - autoClassWeights: description: >- - Whether to calculate class weights automatically based on the - popularity of each label. - type: boolean - batchSize: - description: Batch size for dnn models. - format: int64 - type: string - boosterType: - description: Booster type for boosted tree models. - enum: - - BOOSTER_TYPE_UNSPECIFIED - - GBTREE - - DART + If set to true, it deletes the row access policy even if it's the + last row access policy on the table and the deletion will widen the + access rather narrowing it. + ExternalDataConfiguration: + properties: + objectMetadata: enumDescriptions: - - Unspecified booster type. - - Gbtree booster. - - Dart booster. + - Unspecified by default. + - A synonym for `SIMPLE`. + - Directory listing of objects. type: string - budgetHours: - description: Budget in hours for AutoML training. - format: double - type: number - calculatePValues: description: >- - Whether or not p-value test should be computed for this model. Only - available for linear and logistic regression models. - type: boolean - categoryEncodingMethod: - description: Categorical feature encoding method. + Optional. ObjectMetadata is used to create Object Tables. Object + Tables contain a listing of objects (with their metadata) found at + the source_uris. If ObjectMetadata is set, source_format should be + omitted. Currently SIMPLE is the only supported Object Metadata + type. enum: - - ENCODING_METHOD_UNSPECIFIED - - ONE_HOT_ENCODING - - LABEL_ENCODING - - DUMMY_ENCODING - enumDescriptions: - - Unspecified encoding method. - - Applies one-hot encoding. - - Applies label encoding. - - Applies dummy encoding. - type: string - cleanSpikesAndDips: - description: If true, clean spikes and dips in the input time series. - type: boolean - colorSpace: + - OBJECT_METADATA_UNSPECIFIED + - DIRECTORY + - SIMPLE + maxBadRecords: description: >- - Enums for color space, used for processing images in Object Table. - See more details at - https://www.tensorflow.org/io/tutorials/colorspace. - enum: - - COLOR_SPACE_UNSPECIFIED - - RGB - - HSV - - YIQ - - YUV - - GRAYSCALE - enumDescriptions: - - Unspecified color space - - RGB - - HSV - - YIQ - - YUV - - GRAYSCALE - type: string - colsampleBylevel: - description: Subsample ratio of columns for each level for boosted tree models. - format: double - type: number - colsampleBynode: + Optional. The maximum number of bad records that BigQuery can ignore + when reading data. If the number of bad records exceeds this value, + an invalid error is returned in the job result. The default value is + 0, which requires that all records are valid. This setting is + ignored for Google Cloud Bigtable, Google Cloud Datastore backups, + Avro, ORC and Parquet formats. + type: integer + format: int32 + csvOptions: + $ref: '#/components/schemas/CsvOptions' description: >- - Subsample ratio of columns for each node(split) for boosted tree - models. - format: double - type: number - colsampleBytree: + Optional. Additional properties to set if sourceFormat is set to + CSV. + timestampTargetPrecision: + items: + format: int32 + type: integer description: >- - Subsample ratio of columns when constructing each tree for boosted - tree models. - format: double - type: number - contributionMetric: + Precisions (maximum number of total digits in base 10) for seconds + of TIMESTAMP types that are allowed to the destination table for + autodetection mode. Available for the formats: CSV. For the CSV + Format, Possible values include: Not Specified, [], or [6]: + timestamp(6) for all auto detected TIMESTAMP columns [6, 12]: + timestamp(6) for all auto detected TIMESTAMP columns that have less + than 6 digits of subseconds. timestamp(12) for all auto detected + TIMESTAMP columns that have more than 6 digits of subseconds. [12]: + timestamp(12) for all auto detected TIMESTAMP columns. The order of + the elements in this array is ignored. Inputs that have higher + precision than the highest target precision in this array will be + truncated. + type: array + googleSheetsOptions: description: >- - The contribution metric. Applies to contribution analysis models. - Allowed formats supported are for summable and summable ratio - contribution metrics. These include expressions such as `SUM(x)` or - `SUM(x)/SUM(y)`, where x and y are column names from the base table. + Optional. Additional options if sourceFormat is set to + GOOGLE_SHEETS. + $ref: '#/components/schemas/GoogleSheetsOptions' + referenceFileSchemaUri: type: string - dartNormalizeType: description: >- - Type of normalization algorithm for boosted tree models using dart - booster. - enum: - - DART_NORMALIZE_TYPE_UNSPECIFIED - - TREE - - FOREST - enumDescriptions: - - Unspecified dart normalize type. - - New trees have the same weight of each of dropped trees. - - New trees have the same weight of sum of dropped trees. + Optional. When creating an external table, the user can provide a + reference file with the table schema. This is enabled for the + following formats: AVRO, PARQUET, ORC. + connectionId: type: string - dataFrequency: - description: The data frequency of a time series. + description: >- + Optional. The connection specifying the credentials to be used to + read external storage, such as Azure Blob, Cloud Storage, or S3. The + connection_id can have the form + `{project_id}.{location_id};{connection_id}` or + `projects/{project_id}/locations/{location_id}/connections/{connection_id}`. + metadataCacheMode: + description: >- + Optional. Metadata Cache Mode for the table. Set this to enable + caching of metadata from external data source. enum: - - DATA_FREQUENCY_UNSPECIFIED - - AUTO_FREQUENCY - - YEARLY - - QUARTERLY - - MONTHLY - - WEEKLY - - DAILY - - HOURLY - - PER_MINUTE + - METADATA_CACHE_MODE_UNSPECIFIED + - AUTOMATIC + - MANUAL enumDescriptions: - - Default value. - - Automatically inferred from timestamps. - - Yearly data. - - Quarterly data. - - Monthly data. - - Weekly data. - - Daily data. - - Hourly data. - - Per-minute data. - type: string - dataSplitColumn: - description: >- - The column to split data with. This column won't be used as a - feature. 1. When data_split_method is CUSTOM, the corresponding - column should be boolean. The rows with true value tag are eval - data, and the false are training data. 2. When data_split_method is - SEQ, the first DATA_SPLIT_EVAL_FRACTION rows (from smallest to - largest) in the corresponding column are used as training data, and - the rest are eval data. It respects the order in Orderable data - types: - https://cloud.google.com/bigquery/docs/reference/standard-sql/data-types#data_type_properties + - Unspecified metadata cache mode. + - >- + Set this mode to trigger automatic background refresh of metadata + cache from the external source. Queries will use the latest + available cache version within the table's maxStaleness interval. + - >- + Set this mode to enable triggering manual refresh of the metadata + cache from external source. Queries will use the latest manually + triggered cache version within the table's maxStaleness interval. type: string - dataSplitEvalFraction: + decimalTargetTypes: + type: array description: >- - The fraction of evaluation data over the whole input data. The rest - of data will be used as training data. The format should be double. - Accurate to two decimal places. Default value is 0.2. - format: double - type: number - dataSplitMethod: - description: The data split type for training and evaluation, e.g. RANDOM. - enum: - - DATA_SPLIT_METHOD_UNSPECIFIED - - RANDOM - - CUSTOM - - SEQUENTIAL - - NO_SPLIT - - AUTO_SPLIT + Defines the list of possible SQL data types to which the source + decimal values are converted. This list and the precision and the + scale parameters of the decimal field determine the target type. In + the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it + is in the specified list and if it supports the precision and the + scale. STRING supports all precision and scale values. If none of + the listed types supports the precision and the scale, the type + supporting the widest range in the specified list is picked, and if + a value exceeds the supported range when reading the data, an error + will be thrown. Example: Suppose the value of this field is + ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: * (38,9) -> + NUMERIC; * (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer + digits); * (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional + digits); * (76,38) -> BIGNUMERIC; * (77,38) -> BIGNUMERIC (error if + value exceeds supported range). This field cannot contain duplicate + types. The order of the types in this field is ignored. For example, + ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] + and NUMERIC always takes precedence over BIGNUMERIC. Defaults to + ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file + formats. + items: + enumDescriptions: + - Invalid type. + - Decimal values could be converted to NUMERIC type. + - Decimal values could be converted to BIGNUMERIC type. + - Decimal values could be converted to STRING type. + enum: + - DECIMAL_TARGET_TYPE_UNSPECIFIED + - NUMERIC + - BIGNUMERIC + - STRING + type: string + ignoreUnknownValues: + description: >- + Optional. Indicates if BigQuery should allow extra values that are + not represented in the table schema. If true, the extra values are + ignored. If false, records with extra columns are treated as bad + records, and if there are too many bad records, an invalid error is + returned in the job result. The default value is false. The + sourceFormat property determines what BigQuery treats as an extra + value: CSV: Trailing columns JSON: Named values that don't match any + column names Google Cloud Bigtable: This setting is ignored. Google + Cloud Datastore backups: This setting is ignored. Avro: This setting + is ignored. ORC: This setting is ignored. Parquet: This setting is + ignored. + type: boolean + jsonOptions: + $ref: '#/components/schemas/JsonOptions' + description: >- + Optional. Additional properties to set if sourceFormat is set to + JSON. + compression: + type: string + description: >- + Optional. The compression type of the data source. Possible values + include GZIP and NONE. The default value is NONE. This setting is + ignored for Google Cloud Bigtable, Google Cloud Datastore backups, + Avro, ORC and Parquet formats. An empty string is an invalid value. + dateFormat: + type: string + description: >- + Optional. Format used to parse DATE values. Supports C-style and + SQL-style values. + timeZone: + description: >- + Optional. Time zone used when parsing timestamp values that do not + have specific time zone information (e.g. 2024-04-20 12:34:56). The + expected format is a IANA timezone string (e.g. + America/Los_Angeles). + type: string + timestampFormat: + type: string + description: >- + Optional. Format used to parse TIMESTAMP values. Supports C-style + and SQL-style values. + jsonExtension: + description: >- + Optional. Load option to be used together with source_format + newline-delimited JSON to indicate that a variant of JSON is being + loaded. To load newline-delimited GeoJSON, specify GEOJSON (and + source_format must be set to NEWLINE_DELIMITED_JSON). enumDescriptions: - - Default value. - - Splits data randomly. - - Splits data with the user provided tags. - - Splits data sequentially. - - Data split will be skipped. - >- - Splits data automatically: Uses NO_SPLIT if the data size is - small. Otherwise uses RANDOM. + The default if provided value is not one included in the enum, or + the value is not specified. The source format is parsed without + any modification. + - >- + Use GeoJSON variant of JSON. See + https://tools.ietf.org/html/rfc7946. type: string - decomposeTimeSeries: - description: If true, perform decompose time series and save the results. - type: boolean - dimensionIdColumns: + enum: + - JSON_EXTENSION_UNSPECIFIED + - GEOJSON + timeFormat: description: >- - Optional. Names of the columns to slice on. Applies to contribution - analysis models. + Optional. Format used to parse TIME values. Supports C-style and + SQL-style values. + type: string + sourceFormat: + description: >- + [Required] The data format. For CSV files, specify "CSV". For Google + sheets, specify "GOOGLE_SHEETS". For newline-delimited JSON, specify + "NEWLINE_DELIMITED_JSON". For Avro files, specify "AVRO". For Google + Cloud Datastore backups, specify "DATASTORE_BACKUP". For Apache + Iceberg tables, specify "ICEBERG". For ORC files, specify "ORC". For + Parquet files, specify "PARQUET". [Beta] For Google Cloud Bigtable, + specify "BIGTABLE". + type: string + sourceUris: + type: array + description: >- + [Required] The fully-qualified URIs that point to your data in + Google Cloud. For Google Cloud Storage URIs: Each URI can contain + one '*' wildcard character and it must come after the 'bucket' name. + Size limits related to load jobs apply to external data sources. For + Google Cloud Bigtable URIs: Exactly one URI can be specified and it + has be a fully specified and valid HTTPS URL for a Google Cloud + Bigtable table. For Google Cloud Datastore backups, exactly one URI + can be specified. Also, the '*' wildcard character is not allowed. items: type: string - type: array - distanceType: - description: Distance type for clustering models. - enum: - - DISTANCE_TYPE_UNSPECIFIED - - EUCLIDEAN - - COSINE - enumDescriptions: - - Default value. - - Eculidean distance. - - Cosine distance. - type: string - dropout: - description: Dropout probability for dnn models. - format: double - type: number - earlyStop: + autodetect: description: >- - Whether to stop early when the loss doesn't improve significantly - any more (compared to min_relative_progress). Used only for - iterative training algorithms. - type: boolean - enableGlobalExplain: - description: If true, enable global explanation during training. + Try to detect schema and format options automatically. Any option + specified explicitly will be honored. type: boolean - feedbackType: + avroOptions: + $ref: '#/components/schemas/AvroOptions' description: >- - Feedback type that specifies which algorithm to run for matrix - factorization. - enum: - - FEEDBACK_TYPE_UNSPECIFIED - - IMPLICIT - - EXPLICIT + Optional. Additional properties to set if sourceFormat is set to + AVRO. + parquetOptions: + description: >- + Optional. Additional properties to set if sourceFormat is set to + PARQUET. + $ref: '#/components/schemas/ParquetOptions' + fileSetSpecType: + description: >- + Optional. Specifies how source URIs are interpreted for constructing + the file set to load. By default source URIs are expanded against + the underlying storage. Other options include specifying manifest + files. Only applicable to object storage systems. enumDescriptions: - - Default value. - - Use weighted-als for implicit feedback problems. - - Use nonweighted-als for explicit feedback problems. + - >- + This option expands source URIs by listing files from the object + store. It is the default behavior if FileSetSpecType is not set. + - >- + This option indicates that the provided URIs are newline-delimited + manifest files, with one URI per line. Wildcard URIs are not + supported. + enum: + - FILE_SET_SPEC_TYPE_FILE_SYSTEM_MATCH + - FILE_SET_SPEC_TYPE_NEW_LINE_DELIMITED_MANIFEST type: string - fitIntercept: - description: Whether the model should include intercept during model training. - type: boolean - forecastLimitLowerBound: + hivePartitioningOptions: + $ref: '#/components/schemas/HivePartitioningOptions' description: >- - The forecast limit lower bound that was used during ARIMA model - training with limits. To see more details of the algorithm: - https://otexts.com/fpp2/limits.html - format: double - type: number - forecastLimitUpperBound: + Optional. When set, configures hive partitioning support. Not all + storage formats support hive partitioning -- requesting hive + partitioning on an unsupported format will lead to an error, as will + providing an invalid specification. + datetimeFormat: + type: string description: >- - The forecast limit upper bound that was used during ARIMA model - training with limits. - format: double - type: number - hiddenUnits: - description: Hidden units for dnn models. - items: - format: int64 - type: string - type: array - holidayRegion: + Optional. Format used to parse DATETIME values. Supports C-style and + SQL-style values. + schema: description: >- - The geographical region based on which the holidays are considered - in time series modeling. If a valid value is specified, then holiday - effects modeling is enabled. - enum: - - HOLIDAY_REGION_UNSPECIFIED - - GLOBAL - - NA - - JAPAC - - EMEA - - LAC - - AE - - AR - - AT - - AU - - BE - - BR - - CA - - CH - - CL - - CN - - CO - - CS - - CZ - - DE - - DK - - DZ - - EC - - EE - - EG - - ES - - FI - - FR - - GB - - GR - - HK - - HU - - ID - - IE - - IL - - IN - - IR - - IT - - JP - - KR - - LV - - MA - - MX - - MY - - NG - - NL - - 'NO' - - NZ - - PE - - PH - - PK - - PL - - PT - - RO - - RS - - RU - - SA - - SE - - SG - - SI - - SK - - TH - - TR - - TW - - UA - - US - - VE - - VN - - ZA + Optional. The schema for the data. Schema is required for CSV and + JSON formats if autodetect is not on. Schema is disallowed for + Google Cloud Bigtable, Cloud Datastore backups, Avro, ORC and + Parquet formats. + $ref: '#/components/schemas/TableSchema' + bigtableOptions: + $ref: '#/components/schemas/BigtableOptions' + description: Optional. Additional options if sourceFormat is set to BIGTABLE. + type: object + id: ExternalDataConfiguration + RangePartitioning: + properties: + field: + description: >- + Required. The name of the column to partition the table on. It must + be a top-level, INT64 column whose mode is NULLABLE or REQUIRED. + type: string + range: + description: '[Experimental] Defines the ranges for range partitioning.' + type: object + properties: + end: + description: '[Experimental] The end of range partitioning, exclusive.' + format: int64 + type: string + start: + type: string + description: '[Experimental] The start of range partitioning, inclusive.' + format: int64 + interval: + format: int64 + type: string + description: '[Experimental] The width of each interval.' + id: RangePartitioning + type: object + JobStatus: + properties: + state: + type: string + description: >- + Output only. Running state of the job. Valid states include + 'PENDING', 'RUNNING', and 'DONE'. + readOnly: true + errors: + items: + $ref: '#/components/schemas/ErrorProto' + description: >- + Output only. The first errors encountered during the running of the + job. The final message includes the number of errors that caused the + process to stop. Errors here do not necessarily mean that the job + has not completed or was unsuccessful. + readOnly: true + type: array + errorResult: + description: >- + Output only. Final error result of the job. If present, indicates + that the job has completed and was unsuccessful. + readOnly: true + $ref: '#/components/schemas/ErrorProto' + id: JobStatus + type: object + ExplainQueryStage: + type: object + description: A single stage of query execution. + id: ExplainQueryStage + properties: + waitRatioAvg: + type: number + description: >- + Relative amount of time the average shard spent waiting to be + scheduled. + format: double + startMs: + format: int64 + type: string + description: Stage start time represented as milliseconds since the epoch. + inputStages: + type: array + description: IDs for stages that are inputs to this stage. + items: + format: int64 + type: string + name: + description: Human-readable name for the stage. + type: string + computeMsMax: + type: string + description: Milliseconds the slowest shard spent on CPU-bound tasks. + format: int64 + recordsWritten: + description: Number of records written by the stage. + type: string + format: int64 + writeRatioMax: + format: double + type: number + description: Relative amount of time the slowest shard spent on writing output. + endMs: + type: string + format: int64 + description: Stage end time represented as milliseconds since the epoch. + waitMsMax: + description: Milliseconds the slowest shard spent waiting to be scheduled. + type: string + format: int64 + steps: + description: >- + List of operations within the stage in dependency order + (approximately chronological). + type: array + items: + $ref: '#/components/schemas/ExplainQueryStep' + readMsAvg: + format: int64 + type: string + description: Milliseconds the average shard spent reading input. + completedParallelInputs: + description: Number of parallel input segments completed. + format: int64 + type: string + readMsMax: + format: int64 + type: string + description: Milliseconds the slowest shard spent reading input. + status: + type: string + description: Current status for this stage. + writeMsMax: + description: Milliseconds the slowest shard spent on writing output. + format: int64 + type: string + waitRatioMax: + description: >- + Relative amount of time the slowest shard spent waiting to be + scheduled. + type: number + format: double + computeMsAvg: + description: Milliseconds the average shard spent on CPU-bound tasks. + type: string + format: int64 + readRatioAvg: + description: Relative amount of time the average shard spent reading input. + type: number + format: double + shuffleOutputBytesSpilled: + description: Total number of bytes written to shuffle and spilled to disk. + format: int64 + type: string + slotMs: + format: int64 + type: string + description: Slot-milliseconds used by the stage. + parallelInputs: + description: Number of parallel input segments to be processed + type: string + format: int64 + writeRatioAvg: + type: number + format: double + description: Relative amount of time the average shard spent on writing output. + writeMsAvg: + format: int64 + description: Milliseconds the average shard spent on writing output. + type: string + id: + description: Unique ID for the stage within the plan. + format: int64 + type: string + computeRatioMax: + format: double + description: Relative amount of time the slowest shard spent on CPU-bound tasks. + type: number + computeRatioAvg: + type: number + description: Relative amount of time the average shard spent on CPU-bound tasks. + format: double + recordsRead: + format: int64 + description: Number of records read into the stage. + type: string + computeMode: + type: string + description: Output only. Compute mode for this stage. + readOnly: true enumDescriptions: - - Holiday region unspecified. - - Global. - - North America. - - >- - Japan and Asia Pacific: Korea, Greater China, India, Australia, - and New Zealand. - - Europe, the Middle East and Africa. - - Latin America and the Caribbean. - - United Arab Emirates - - Argentina - - Austria - - Australia - - Belgium - - Brazil - - Canada - - Switzerland - - Chile - - China - - Colombia - - Czechoslovakia - - Czech Republic - - Germany - - Denmark - - Algeria - - Ecuador - - Estonia - - Egypt - - Spain - - Finland - - France - - Great Britain (United Kingdom) - - Greece - - Hong Kong - - Hungary - - Indonesia - - Ireland - - Israel - - India - - Iran - - Italy - - Japan - - Korea (South) - - Latvia - - Morocco - - Mexico - - Malaysia - - Nigeria - - Netherlands - - Norway - - New Zealand - - Peru - - Philippines - - Pakistan - - Poland - - Portugal - - Romania - - Serbia - - Russian Federation - - Saudi Arabia - - Sweden - - Singapore - - Slovenia - - Slovakia - - Thailand - - Turkey - - Taiwan - - Ukraine - - United States - - Venezuela - - Vietnam - - South Africa + - ComputeMode type not specified. + - This stage was processed using BigQuery slots. + - This stage was processed using BI Engine compute. + enum: + - COMPUTE_MODE_UNSPECIFIED + - BIGQUERY + - BI_ENGINE + waitMsAvg: + format: int64 + type: string + description: Milliseconds the average shard spent waiting to be scheduled. + readRatioMax: + description: Relative amount of time the slowest shard spent reading input. + format: double + type: number + shuffleOutputBytes: + type: string + format: int64 + description: Total number of bytes written to shuffle. + ConnectionProperty: + type: object + properties: + value: + description: The value of the property to set. + type: string + key: + description: The key of the property to set. + type: string + id: ConnectionProperty + description: >- + A connection-level property to customize query behavior. Under JDBC, + these correspond directly to connection properties passed to the + DriverManager. Under ODBC, these correspond to properties in the + connection string. Currently supported connection properties: * + **dataset_project_id**: represents the default project for datasets that + are used in the query. Setting the system variable + `@@dataset_project_id` achieves the same behavior. For more information + about system variables, see: + https://cloud.google.com/bigquery/docs/reference/system-variables * + **time_zone**: represents the default timezone used to run the query. * + **session_id**: associates the query with a given session. * + **query_label**: associates the query with a given job label. If set, + all subsequent queries in a script or session will have this label. For + the format in which a you can specify a query label, see labels in the + JobConfiguration resource type: + https://cloud.google.com/bigquery/docs/reference/rest/v2/Job#jobconfiguration + * **service_account**: indicates the service account to use to run a + continuous query. If set, the query job uses the service account to + access Google Cloud resources. Service account access is bounded by the + IAM permissions that you have granted to the service account. Additional + properties are allowed, but ignored. Specifying multiple connection + properties with the same key returns an error. + MaterializedViewDefinition: + id: MaterializedViewDefinition + properties: + maxStaleness: + type: string + format: byte + description: >- + [Optional] Max staleness of data that could be returned when + materizlized view is queried (formatted as Google SQL Interval + type). + query: + description: Required. A query whose results are persisted. type: string - holidayRegions: + lastRefreshTime: description: >- - A list of geographical regions that are used for time series - modeling. + Output only. The time when this materialized view was last + refreshed, in milliseconds since the epoch. + type: string + format: int64 + readOnly: true + refreshIntervalMs: + description: >- + Optional. The maximum frequency at which this materialized view will + be refreshed. The default value is "1800000" (30 minutes). + type: string + format: int64 + enableRefresh: + description: >- + Optional. Enable automatic refresh of the materialized view when the + base table is updated. The default value is "true". + type: boolean + allowNonIncrementalDefinition: + description: >- + Optional. This option declares the intention to construct a + materialized view that isn't refreshed incrementally. + Non-incremental materialized views support an expanded range of SQL + queries. The `allow_non_incremental_definition` option can't be + changed after the materialized view is created. + type: boolean + description: Definition and configuration of a materialized view. + type: object + Clustering: + type: object + properties: + fields: + description: >- + One or more fields on which data should be clustered. Only + top-level, non-repeated, simple-type fields are supported. The + ordering of the clustering fields should be prioritized from most to + least important for filtering purposes. For additional information, + see [Introduction to clustered + tables](https://cloud.google.com/bigquery/docs/clustered-tables#limitations). items: - enum: - - HOLIDAY_REGION_UNSPECIFIED - - GLOBAL - - NA - - JAPAC - - EMEA - - LAC - - AE - - AR - - AT - - AU - - BE - - BR - - CA - - CH - - CL - - CN - - CO - - CS - - CZ - - DE - - DK - - DZ - - EC - - EE - - EG - - ES - - FI - - FR - - GB - - GR - - HK - - HU - - ID - - IE - - IL - - IN - - IR - - IT - - JP - - KR - - LV - - MA - - MX - - MY - - NG - - NL - - 'NO' - - NZ - - PE - - PH - - PK - - PL - - PT - - RO - - RS - - RU - - SA - - SE - - SG - - SI - - SK - - TH - - TR - - TW - - UA - - US - - VE - - VN - - ZA - enumDescriptions: - - Holiday region unspecified. - - Global. - - North America. - - >- - Japan and Asia Pacific: Korea, Greater China, India, Australia, - and New Zealand. - - Europe, the Middle East and Africa. - - Latin America and the Caribbean. - - United Arab Emirates - - Argentina - - Austria - - Australia - - Belgium - - Brazil - - Canada - - Switzerland - - Chile - - China - - Colombia - - Czechoslovakia - - Czech Republic - - Germany - - Denmark - - Algeria - - Ecuador - - Estonia - - Egypt - - Spain - - Finland - - France - - Great Britain (United Kingdom) - - Greece - - Hong Kong - - Hungary - - Indonesia - - Ireland - - Israel - - India - - Iran - - Italy - - Japan - - Korea (South) - - Latvia - - Morocco - - Mexico - - Malaysia - - Nigeria - - Netherlands - - Norway - - New Zealand - - Peru - - Philippines - - Pakistan - - Poland - - Portugal - - Romania - - Serbia - - Russian Federation - - Saudi Arabia - - Sweden - - Singapore - - Slovenia - - Slovakia - - Thailand - - Turkey - - Taiwan - - Ukraine - - United States - - Venezuela - - Vietnam - - South Africa type: string type: array - horizon: - description: The number of periods ahead that need to be forecasted. + id: Clustering + description: Configures table clustering. + MlStatistics: + id: MlStatistics + type: object + properties: + modelType: + enum: + - MODEL_TYPE_UNSPECIFIED + - LINEAR_REGRESSION + - LOGISTIC_REGRESSION + - KMEANS + - MATRIX_FACTORIZATION + - DNN_CLASSIFIER + - TENSORFLOW + - DNN_REGRESSOR + - XGBOOST + - BOOSTED_TREE_REGRESSOR + - BOOSTED_TREE_CLASSIFIER + - ARIMA + - AUTOML_REGRESSOR + - AUTOML_CLASSIFIER + - PCA + - DNN_LINEAR_COMBINED_CLASSIFIER + - DNN_LINEAR_COMBINED_REGRESSOR + - AUTOENCODER + - ARIMA_PLUS + - ARIMA_PLUS_XREG + - RANDOM_FOREST_REGRESSOR + - RANDOM_FOREST_CLASSIFIER + - TENSORFLOW_LITE + - ONNX + - TRANSFORM_ONLY + - CONTRIBUTION_ANALYSIS + readOnly: true + enumDescriptions: + - Default value. + - Linear regression model. + - Logistic regression based classification model. + - K-means clustering model. + - Matrix factorization model. + - DNN classifier model. + - An imported TensorFlow model. + - DNN regressor model. + - An imported XGBoost model. + - Boosted tree regressor model. + - Boosted tree classifier model. + - ARIMA model. + - AutoML Tables regression model. + - AutoML Tables classification model. + - Prinpical Component Analysis model. + - Wide-and-deep classifier model. + - Wide-and-deep regressor model. + - Autoencoder model. + - New name for the ARIMA model. + - ARIMA with external regressors. + - Random forest regressor model. + - Random forest classifier model. + - An imported TensorFlow Lite model. + - An imported ONNX model. + - >- + Model to capture the columns and logic in the TRANSFORM clause + along with statistics useful for ML analytic functions. + - The contribution analysis model. + type: string + description: Output only. The type of the model that is being trained. + hparamTrials: + items: + $ref: '#/components/schemas/HparamTuningTrial' + description: >- + Output only. Trials of a [hyperparameter tuning + job](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview) + sorted by trial_id. + type: array + readOnly: true + iterationResults: + items: + $ref: '#/components/schemas/IterationResult' + description: >- + Results for all completed iterations. Empty for [hyperparameter + tuning + jobs](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview). + type: array + maxIterations: + readOnly: true + description: >- + Output only. Maximum number of iterations specified as + max_iterations in the 'CREATE MODEL' query. The actual number of + iterations may be less than this number due to early stop. format: int64 type: string - hparamTuningObjectives: - description: The target evaluation metrics to optimize the hyperparameters for. + trainingType: + enum: + - TRAINING_TYPE_UNSPECIFIED + - SINGLE_TRAINING + - HPARAM_TUNING + description: Output only. Training type of the job. + enumDescriptions: + - Unspecified training type. + - Single training with fixed parameter space. + - >- + [Hyperparameter tuning + training](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-hp-tuning-overview). + type: string + readOnly: true + description: Job statistics specific to a BigQuery ML training job. + BigLakeConfiguration: + id: BigLakeConfiguration + type: object + properties: + tableFormat: + enum: + - TABLE_FORMAT_UNSPECIFIED + - ICEBERG + description: >- + Optional. The table format the metadata only snapshots are stored + in. + enumDescriptions: + - Default Value. + - Apache Iceberg format. + type: string + storageUri: + type: string + description: >- + Optional. The fully qualified location prefix of the external folder + where table data is stored. The '*' wildcard character is not + allowed. The URI should be in the format + `gs://bucket/path_to_table/` + connectionId: + description: >- + Optional. The connection specifying the credentials to be used to + read and write to external storage, such as Cloud Storage. The + connection_id can have the form + `{project}.{location}.{connection_id}` or + `projects/{project}/locations/{location}/connections/{connection_id}". + type: string + fileFormat: + enumDescriptions: + - Default Value. + - Apache Parquet format. + type: string + description: Optional. The file format the table data is stored in. + enum: + - FILE_FORMAT_UNSPECIFIED + - PARQUET + description: >- + Configuration for BigQuery tables for Apache Iceberg (formerly BigLake + managed tables.) + GoogleSheetsOptions: + description: Options specific to Google Sheets data sources. + id: GoogleSheetsOptions + type: object + properties: + skipLeadingRows: + description: >- + Optional. The number of rows at the top of a sheet that BigQuery + will skip when reading the data. The default value is 0. This + property is useful if you have header rows that should be skipped. + When autodetect is on, the behavior is the following: * + skipLeadingRows unspecified - Autodetect tries to detect headers in + the first row. If they are not detected, the row is read as data. + Otherwise data is read starting from the second row. * + skipLeadingRows is 0 - Instructs autodetect that there are no + headers and data should be read starting from the first row. * + skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to + detect headers in row N. If headers are not detected, row N is just + skipped. Otherwise row N is used to extract column names for the + detected schema. + type: string + format: int64 + range: + type: string + description: >- + Optional. Range of a sheet to query from. Only used when non-empty. + Typical format: sheet_name!top_left_cell_id:bottom_right_cell_id For + example: sheet1!A1:B20 + PartitionSkew: + type: object + description: Partition skew detailed information. + id: PartitionSkew + properties: + skewSources: + type: array + items: + $ref: '#/components/schemas/SkewSource' + readOnly: true + description: Output only. Source stages which produce skewed data. + TestIamPermissionsRequest: + id: TestIamPermissionsRequest + type: object + description: Request message for `TestIamPermissions` method. + properties: + permissions: items: - enum: - - HPARAM_TUNING_OBJECTIVE_UNSPECIFIED - - MEAN_ABSOLUTE_ERROR - - MEAN_SQUARED_ERROR - - MEAN_SQUARED_LOG_ERROR - - MEDIAN_ABSOLUTE_ERROR - - R_SQUARED - - EXPLAINED_VARIANCE - - PRECISION - - RECALL - - ACCURACY - - F1_SCORE - - LOG_LOSS - - ROC_AUC - - DAVIES_BOULDIN_INDEX - - MEAN_AVERAGE_PRECISION - - NORMALIZED_DISCOUNTED_CUMULATIVE_GAIN - - AVERAGE_RANK - enumDescriptions: - - Unspecified evaluation metric. - - >- - Mean absolute error. mean_absolute_error = AVG(ABS(label - - predicted)) - - >- - Mean squared error. mean_squared_error = AVG(POW(label - - predicted, 2)) - - >- - Mean squared log error. mean_squared_log_error = AVG(POW(LN(1 + - label) - LN(1 + predicted), 2)) - - >- - Mean absolute error. median_absolute_error = - APPROX_QUANTILES(absolute_error, 2)[OFFSET(1)] - - >- - R^2 score. This corresponds to r2_score in ML.EVALUATE. - r_squared = 1 - SUM(squared_error)/(COUNT(label)*VAR_POP(label)) - - >- - Explained variance. explained_variance = 1 - - VAR_POP(label_error)/VAR_POP(label) - - >- - Precision is the fraction of actual positive predictions that - had positive actual labels. For multiclass this is a - macro-averaged metric treating each class as a binary - classifier. - - >- - Recall is the fraction of actual positive labels that were given - a positive prediction. For multiclass this is a macro-averaged - metric. - - >- - Accuracy is the fraction of predictions given the correct label. - For multiclass this is a globally micro-averaged metric. - - >- - The F1 score is an average of recall and precision. For - multiclass this is a macro-averaged metric. - - >- - Logarithmic Loss. For multiclass this is a macro-averaged - metric. - - >- - Area Under an ROC Curve. For multiclass this is a macro-averaged - metric. - - Davies-Bouldin Index. - - Mean Average Precision. - - Normalized Discounted Cumulative Gain. - - Average Rank. type: string + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). type: array - includeDrift: - description: Include drift when fitting an ARIMA model. + JobStatistics2: + type: object + properties: + estimatedBytesProcessed: + readOnly: true + description: Output only. The original estimate of bytes processed for the job. + type: string + format: int64 + totalBytesProcessedAccuracy: + type: string + description: >- + Output only. For dry-run jobs, totalBytesProcessed is an estimate + and this field specifies the accuracy of the estimate. Possible + values can be: UNKNOWN: accuracy of the estimate is unknown. + PRECISE: estimate is precise. LOWER_BOUND: estimate is lower bound + of what the query would cost. UPPER_BOUND: estimate is upper bound + of what the query would cost. + readOnly: true + searchStatistics: + $ref: '#/components/schemas/SearchStatistics' + description: Output only. Search query specific statistics. + readOnly: true + ddlOperationPerformed: + description: >- + Output only. The DDL operation performed, possibly dependent on the + pre-existence of the DDL target. + readOnly: true + type: string + timeline: + items: + $ref: '#/components/schemas/QueryTimelineSample' + description: Output only. Describes a timeline of job execution. + type: array + readOnly: true + dmlStats: + description: >- + Output only. Detailed statistics for DML statements INSERT, UPDATE, + DELETE, MERGE or TRUNCATE. + readOnly: true + $ref: '#/components/schemas/DmlStatistics' + biEngineStatistics: + $ref: '#/components/schemas/BiEngineStatistics' + readOnly: true + description: Output only. BI Engine specific Statistics. + mlStatistics: + $ref: '#/components/schemas/MlStatistics' + readOnly: true + description: Output only. Statistics of a BigQuery ML training job. + cacheHit: + description: >- + Output only. Whether the query result was fetched from the query + cache. + readOnly: true type: boolean - initialLearnRate: + exportDataStatistics: + $ref: '#/components/schemas/ExportDataStatistics' + description: Output only. Stats for EXPORT DATA statement. + readOnly: true + materializedViewStatistics: + readOnly: true + $ref: '#/components/schemas/MaterializedViewStatistics' + description: Output only. Statistics of materialized views of a query job. + dclTargetDataset: + readOnly: true + $ref: '#/components/schemas/DatasetReference' + description: Output only. Referenced dataset for DCL statement. + performanceInsights: + description: Output only. Performance insights. + readOnly: true + $ref: '#/components/schemas/PerformanceInsights' + ddlTargetTable: + $ref: '#/components/schemas/TableReference' description: >- - Specifies the initial learning rate for the line search learn rate - strategy. - format: double - type: number - inputLabelColumns: - description: Name of input label columns in training data. + Output only. The DDL target table. Present only for CREATE/DROP + TABLE/VIEW and DROP ALL ROW ACCESS POLICIES queries. + readOnly: true + modelTrainingCurrentIteration: + type: integer + description: Deprecated. + format: int32 + vectorSearchStatistics: + readOnly: true + $ref: '#/components/schemas/VectorSearchStatistics' + description: Output only. Vector Search query specific statistics. + undeclaredQueryParameters: items: - type: string + $ref: '#/components/schemas/QueryParameter' + readOnly: true type: array - instanceWeightColumn: - description: >- - Name of the instance weight column for training data. This column - isn't be used as a feature. - type: string - integratedGradientsNumSteps: description: >- - Number of integral steps for the integrated gradients explain - method. + Output only. GoogleSQL only: list of undeclared query parameters + detected during a dry run validation. + totalBytesProcessed: format: int64 + description: Output only. Total bytes processed for the job. type: string - isTestColumn: - description: >- - Name of the column used to determine the rows corresponding to - control and test. Applies to contribution analysis models. - type: string - itemColumn: - description: Item column specified for matrix factorization models. + readOnly: true + modelTrainingExpectedTotalIteration: type: string - kmeansInitializationColumn: + description: Deprecated. + format: int64 + loadQueryStatistics: + description: Output only. Statistics for a LOAD query. + readOnly: true + $ref: '#/components/schemas/LoadQueryStatistics' + transferredBytes: description: >- - The column used to provide the initial centroids for kmeans - algorithm when kmeans_initialization_method is CUSTOM. + Output only. Total bytes transferred for cross-cloud queries such as + Cross Cloud Transfer and CREATE TABLE AS SELECT (CTAS). + readOnly: true type: string - kmeansInitializationMethod: - description: The method used to initialize the centroids for kmeans algorithm. - enum: - - KMEANS_INITIALIZATION_METHOD_UNSPECIFIED - - RANDOM - - CUSTOM - - KMEANS_PLUS_PLUS - enumDescriptions: - - Unspecified initialization method. - - Initializes the centroids randomly. - - >- - Initializes the centroids using data specified in - kmeans_initialization_column. - - Initializes with kmeans++. + format: int64 + schema: + $ref: '#/components/schemas/TableSchema' + readOnly: true + description: >- + Output only. The schema of the results. Present only for successful + dry run of non-legacy SQL queries. + ddlTargetRowAccessPolicy: + readOnly: true + description: >- + Output only. The DDL target row access policy. Present only for + CREATE/DROP ROW ACCESS POLICY queries. + $ref: '#/components/schemas/RowAccessPolicyReference' + ddlDestinationTable: + $ref: '#/components/schemas/TableReference' + description: >- + Output only. The table after rename. Present only for ALTER TABLE + RENAME TO query. + readOnly: true + queryPlan: + type: array + description: Output only. Describes execution plan for the query. + readOnly: true + items: + $ref: '#/components/schemas/ExplainQueryStage' + modelTraining: + description: Deprecated. + $ref: '#/components/schemas/BigQueryModelTraining' + dclTargetTable: + readOnly: true + $ref: '#/components/schemas/TableReference' + description: Output only. Referenced table for DCL statement. + queryInfo: + readOnly: true + $ref: '#/components/schemas/QueryInfo' + description: Output only. Query optimization information for a QUERY job. + referencedTables: + items: + $ref: '#/components/schemas/TableReference' + description: Output only. Referenced tables for the job. + type: array + readOnly: true + referencedRoutines: + readOnly: true + description: Output only. Referenced routines for the job. + items: + $ref: '#/components/schemas/RoutineReference' + type: array + statementType: + readOnly: true type: string - l1RegActivation: - description: L1 regularization coefficient to activations. - format: double - type: number - l1Regularization: - description: L1 regularization coefficient. - format: double - type: number - l2Regularization: - description: L2 regularization coefficient. - format: double - type: number - labelClassWeights: - additionalProperties: - format: double - type: number description: >- - Weights associated with each label class, for rebalancing the - training data. Only applicable for classification models. - type: object - learnRate: + Output only. The type of query statement, if valid. Possible values: + * `SELECT`: + [`SELECT`](https://cloud.google.com/bigquery/docs/reference/standard-sql/query-syntax#select_list) + statement. * `ASSERT`: + [`ASSERT`](https://cloud.google.com/bigquery/docs/reference/standard-sql/debugging-statements#assert) + statement. * `INSERT`: + [`INSERT`](https://cloud.google.com/bigquery/docs/reference/standard-sql/dml-syntax#insert_statement) + statement. * `UPDATE`: + [`UPDATE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/dml-syntax#update_statement) + statement. * `DELETE`: + [`DELETE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-manipulation-language) + statement. * `MERGE`: + [`MERGE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-manipulation-language) + statement. * `CREATE_TABLE`: [`CREATE + TABLE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_table_statement) + statement, without `AS SELECT`. * `CREATE_TABLE_AS_SELECT`: [`CREATE + TABLE AS + SELECT`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_table_statement) + statement. * `CREATE_VIEW`: [`CREATE + VIEW`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_view_statement) + statement. * `CREATE_MODEL`: [`CREATE + MODEL`](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-create#create_model_statement) + statement. * `CREATE_MATERIALIZED_VIEW`: [`CREATE MATERIALIZED + VIEW`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_materialized_view_statement) + statement. * `CREATE_FUNCTION`: [`CREATE + FUNCTION`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_function_statement) + statement. * `CREATE_TABLE_FUNCTION`: [`CREATE TABLE + FUNCTION`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_table_function_statement) + statement. * `CREATE_PROCEDURE`: [`CREATE + PROCEDURE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_procedure) + statement. * `CREATE_ROW_ACCESS_POLICY`: [`CREATE ROW ACCESS + POLICY`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_row_access_policy_statement) + statement. * `CREATE_SCHEMA`: [`CREATE + SCHEMA`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_schema_statement) + statement. * `CREATE_SNAPSHOT_TABLE`: [`CREATE SNAPSHOT + TABLE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_snapshot_table_statement) + statement. * `CREATE_SEARCH_INDEX`: [`CREATE SEARCH + INDEX`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_search_index_statement) + statement. * `DROP_TABLE`: [`DROP + TABLE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_table_statement) + statement. * `DROP_EXTERNAL_TABLE`: [`DROP EXTERNAL + TABLE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_external_table_statement) + statement. * `DROP_VIEW`: [`DROP + VIEW`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_view_statement) + statement. * `DROP_MODEL`: [`DROP + MODEL`](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-drop-model) + statement. * `DROP_MATERIALIZED_VIEW`: [`DROP MATERIALIZED + VIEW`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_materialized_view_statement) + statement. * `DROP_FUNCTION` : [`DROP + FUNCTION`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_function_statement) + statement. * `DROP_TABLE_FUNCTION` : [`DROP TABLE + FUNCTION`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_table_function) + statement. * `DROP_PROCEDURE`: [`DROP + PROCEDURE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_procedure_statement) + statement. * `DROP_SEARCH_INDEX`: [`DROP SEARCH + INDEX`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_search_index) + statement. * `DROP_SCHEMA`: [`DROP + SCHEMA`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_schema_statement) + statement. * `DROP_SNAPSHOT_TABLE`: [`DROP SNAPSHOT + TABLE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_snapshot_table_statement) + statement. * `DROP_ROW_ACCESS_POLICY`: [`DROP [ALL] ROW ACCESS + POLICY|POLICIES`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#drop_row_access_policy_statement) + statement. * `ALTER_TABLE`: [`ALTER + TABLE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#alter_table_set_options_statement) + statement. * `ALTER_VIEW`: [`ALTER + VIEW`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#alter_view_set_options_statement) + statement. * `ALTER_MATERIALIZED_VIEW`: [`ALTER MATERIALIZED + VIEW`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#alter_materialized_view_set_options_statement) + statement. * `ALTER_SCHEMA`: [`ALTER + SCHEMA`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#alter_schema_set_options_statement) + statement. * `SCRIPT`: + [`SCRIPT`](https://cloud.google.com/bigquery/docs/reference/standard-sql/procedural-language). + * `TRUNCATE_TABLE`: [`TRUNCATE + TABLE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/dml-syntax#truncate_table_statement) + statement. * `CREATE_EXTERNAL_TABLE`: [`CREATE EXTERNAL + TABLE`](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#create_external_table_statement) + statement. * `EXPORT_DATA`: [`EXPORT + DATA`](https://cloud.google.com/bigquery/docs/reference/standard-sql/other-statements#export_data_statement) + statement. * `EXPORT_MODEL`: [`EXPORT + MODEL`](https://cloud.google.com/bigquery-ml/docs/reference/standard-sql/bigqueryml-syntax-export-model) + statement. * `LOAD_DATA`: [`LOAD + DATA`](https://cloud.google.com/bigquery/docs/reference/standard-sql/other-statements#load_data_statement) + statement. * `CALL`: + [`CALL`](https://cloud.google.com/bigquery/docs/reference/standard-sql/procedural-language#call) + statement. + metadataCacheStatistics: + readOnly: true description: >- - Learning rate in training. Used only for iterative training - algorithms. - format: double - type: number - learnRateStrategy: - description: The strategy to determine learn rate for the current iteration. - enum: - - LEARN_RATE_STRATEGY_UNSPECIFIED - - LINE_SEARCH - - CONSTANT - enumDescriptions: - - Default value. - - Use line search to determine learning rate. - - Use a constant learning rate. + Output only. Statistics of metadata cache usage in a query for + BigLake tables. + $ref: '#/components/schemas/MetadataCacheStatistics' + externalServiceCosts: + type: array + items: + $ref: '#/components/schemas/ExternalServiceCost' + description: >- + Output only. Job cost breakdown as bigquery internal cost and + external service costs. + readOnly: true + totalServicesSkuSlotMs: + format: int64 + description: >- + Output only. Total slot milliseconds for the job that ran on + external services and billed on the services SKU. This field is only + populated for jobs that have external service costs, and is the + total of the usage for costs whose billing method is + `"SERVICES_SKU"`. type: string - lossType: - description: Type of loss function used during training run. - enum: - - LOSS_TYPE_UNSPECIFIED - - MEAN_SQUARED_LOSS - - MEAN_LOG_LOSS - enumDescriptions: - - Default value. - - Mean squared loss, used for linear regression. - - Mean log loss, used for logistic regression. + readOnly: true + billingTier: + type: integer + readOnly: true + description: >- + Output only. Billing tier for the job. This is a BigQuery-specific + concept which is not related to the Google Cloud notion of "free + tier". The value here is a measure of the query's resource + consumption relative to the amount of data scanned. For on-demand + queries, the limit is 100, and all queries within this limit are + billed at the standard on-demand rates. On-demand queries that + exceed this limit will fail with a billingTierLimitExceeded error. + format: int32 + numDmlAffectedRows: + readOnly: true type: string - maxIterations: description: >- - The maximum number of iterations in training. Used only for - iterative training algorithms. + Output only. The number of rows affected by a DML statement. Present + only for DML statements INSERT, UPDATE or DELETE. format: int64 - type: string - maxParallelTrials: - description: Maximum number of trials to run in parallel. + sparkStatistics: + $ref: '#/components/schemas/SparkStatistics' + readOnly: true + description: Output only. Statistics of a Spark procedure job. + reservationUsage: + items: + type: object + description: Job resource usage breakdown by reservation. + properties: + name: + description: >- + Reservation name or "unreserved" for on-demand resource usage + and multi-statement queries. + type: string + slotMs: + format: int64 + type: string + description: >- + Total slot milliseconds used by the reservation for a + particular job. + deprecated: true + description: >- + Output only. Job resource usage breakdown by reservation. This field + reported misleading information and will no longer be populated. + type: array + readOnly: true + ddlTargetRoutine: + readOnly: true + $ref: '#/components/schemas/RoutineReference' + description: >- + Output only. [Beta] The DDL target routine. Present only for + CREATE/DROP FUNCTION/PROCEDURE queries. + ddlAffectedRowAccessPolicyCount: + description: >- + Output only. The number of row access policies affected by a DDL + statement. Present only for DROP ALL ROW ACCESS POLICIES queries. format: int64 type: string - maxTimeSeriesLength: + readOnly: true + ddlTargetDataset: description: >- - The maximum number of time points in a time series that can be used - in modeling the trend component of the time series. Don't use this - option with the `timeSeriesLengthFraction` or `minTimeSeriesLength` - options. - format: int64 + Output only. The DDL target dataset. Present only for + CREATE/ALTER/DROP SCHEMA(dataset) queries. + readOnly: true + $ref: '#/components/schemas/DatasetReference' + dclTargetView: + readOnly: true + $ref: '#/components/schemas/TableReference' + description: Output only. Referenced view for DCL statement. + totalSlotMs: type: string - maxTreeDepth: - description: Maximum depth of a tree for boosted tree models. + description: Output only. Slot-milliseconds for the job. + format: int64 + readOnly: true + totalPartitionsProcessed: + readOnly: true format: int64 type: string - minAprioriSupport: description: >- - The apriori support minimum. Applies to contribution analysis - models. - format: double - type: number - minRelativeProgress: + Output only. Total number of partitions processed from all + partitioned tables referenced in the job. + incrementalResultStats: + readOnly: true + $ref: '#/components/schemas/IncrementalResultStats' description: >- - When early_stop is true, stops training when accuracy improvement is - less than 'min_relative_progress'. Used only for iterative training - algorithms. - format: double - type: number - minSplitLoss: - description: Minimum split loss for boosted tree models. - format: double - type: number - minTimeSeriesLength: + Output only. Statistics related to incremental query results, if + enabled for the query. This feature is not yet available. + totalBytesBilled: + readOnly: true description: >- - The minimum number of time points in a time series that are used in - modeling the trend component of the time series. If you use this - option you must also set the `timeSeriesLengthFraction` option. This - training option ensures that enough time points are available when - you use `timeSeriesLengthFraction` in trend modeling. This is - particularly important when forecasting multiple time series in a - single query using `timeSeriesIdColumn`. If the total number of time - points is less than the `minTimeSeriesLength` value, then the query - uses all available time points. - format: int64 + Output only. If the project is configured to use on-demand pricing, + then this field contains the total bytes billed for the job. If the + project is configured to use flat-rate pricing, then you are not + billed for bytes and this field is informational only. type: string - minTreeChildWeight: - description: >- - Minimum sum of instance weight needed in a child for boosted tree - models. format: int64 + description: Statistics for a query job. + id: JobStatistics2 + Routine: + id: Routine + type: object + description: A user-defined function or a stored procedure. + properties: + etag: + description: Output only. A hash of this resource. + readOnly: true type: string - modelRegistry: - description: The model registry. + language: + description: >- + Optional. Defaults to "SQL" if remote_function_options field is + absent, not set otherwise. enum: - - MODEL_REGISTRY_UNSPECIFIED - - VERTEX_AI + - LANGUAGE_UNSPECIFIED + - SQL + - JAVASCRIPT + - PYTHON + - JAVA + - SCALA enumDescriptions: - Default value. - - Vertex AI. - type: string - modelUri: - description: >- - Google Cloud Storage URI from which the model was imported. Only - applicable for imported models. + - SQL language. + - JavaScript language. + - Python language. + - Java language. + - Scala language. type: string - nonSeasonalOrder: - $ref: '#/components/schemas/ArimaOrder' + externalRuntimeOptions: + $ref: '#/components/schemas/ExternalRuntimeOptions' description: >- - A specification of the non-seasonal part of the ARIMA model: the - three components (p, d, q) are the AR order, the degree of - differencing, and the MA order. - numClusters: - description: Number of clusters for clustering models. - format: int64 - type: string - numFactors: - description: Num factors specified for matrix factorization models. + Optional. Options for the runtime of the external system executing + the routine. This field is only applicable for Python UDFs. + [Preview](https://cloud.google.com/products/#product-launch-stages) + creationTime: format: int64 - type: string - numParallelTree: description: >- - Number of parallel trees constructed during each iteration for - boosted tree models. - format: int64 + Output only. The time when this routine was created, in milliseconds + since the epoch. + readOnly: true type: string - numPrincipalComponents: + returnType: + $ref: '#/components/schemas/StandardSqlDataType' description: >- - Number of principal components to keep in the PCA model. Must be <= - the number of features. - format: int64 - type: string - numTrials: - description: Number of trials to run this hyperparameter tuning job. - format: int64 + Optional if language = "SQL"; required otherwise. Cannot be set if + routine_type = "TABLE_VALUED_FUNCTION". If absent, the return type + is inferred from definition_body at query time in each query that + references this routine. If present, then the evaluated result will + be cast to the specified returned type at query time. For example, + for the functions created with the following statements: * `CREATE + FUNCTION Add(x FLOAT64, y FLOAT64) RETURNS FLOAT64 AS (x + y);` * + `CREATE FUNCTION Increment(x FLOAT64) AS (Add(x, 1));` * `CREATE + FUNCTION Decrement(x FLOAT64) RETURNS FLOAT64 AS (Add(x, -1));` The + return_type is `{type_kind: "FLOAT64"}` for `Add` and `Decrement`, + and is absent for `Increment` (inferred as FLOAT64 at query time). + Suppose the function `Add` is replaced by `CREATE OR REPLACE + FUNCTION Add(x INT64, y INT64) AS (x + y);` Then the inferred return + type of `Increment` is automatically changed to INT64 at query time, + while the return type of `Decrement` remains FLOAT64. + sparkOptions: + $ref: '#/components/schemas/SparkOptions' + description: Optional. Spark specific options. + returnTableType: + $ref: '#/components/schemas/StandardSqlTableType' + description: >- + Optional. Can be set only if routine_type = "TABLE_VALUED_FUNCTION". + If absent, the return table type is inferred from definition_body at + query time in each query that references this routine. If present, + then the columns in the evaluated table result will be cast to match + the column types specified in return table type, at query time. + importedLibraries: + items: + type: string + description: >- + Optional. If language = "JAVASCRIPT", this field stores the path of + the imported JAVASCRIPT libraries. + type: array + pythonOptions: + description: >- + Optional. Options for the Python UDF. + [Preview](https://cloud.google.com/products/#product-launch-stages) + $ref: '#/components/schemas/PythonOptions' + lastModifiedTime: type: string - optimizationStrategy: - description: Optimization strategy for training linear regression models. - enum: - - OPTIMIZATION_STRATEGY_UNSPECIFIED - - BATCH_GRADIENT_DESCENT - - NORMAL_EQUATION + description: >- + Output only. The time when this routine was last modified, in + milliseconds since the epoch. + readOnly: true + format: int64 + remoteFunctionOptions: + description: Optional. Remote function specific options. + $ref: '#/components/schemas/RemoteFunctionOptions' + securityMode: + description: >- + Optional. The security mode of the routine, if defined. If not + defined, the security mode is automatically determined from the + routine's configuration. enumDescriptions: - - Default value. - - Uses an iterative batch gradient descent algorithm. - - Uses a normal equation to solve linear regression problem. + - The security mode of the routine is unspecified. + - >- + The routine is to be executed with the privileges of the user who + defines it. + - >- + The routine is to be executed with the privileges of the user who + invokes it. type: string - optimizer: - description: Optimizer used for training the neural nets. + enum: + - SECURITY_MODE_UNSPECIFIED + - DEFINER + - INVOKER + routineType: type: string - pcaExplainedVarianceRatio: - description: >- - The minimum ratio of cumulative explained variance that needs to be - given by the PCA model. - format: double - type: number - pcaSolver: - description: The solver for PCA. + description: Required. The type of routine. enum: - - UNSPECIFIED - - FULL - - RANDOMIZED - - AUTO + - ROUTINE_TYPE_UNSPECIFIED + - SCALAR_FUNCTION + - PROCEDURE + - TABLE_VALUED_FUNCTION + - AGGREGATE_FUNCTION enumDescriptions: - Default value. - - Full eigen-decoposition. - - Randomized SVD. - - Auto. + - Non-built-in persistent scalar function. + - Stored procedure. + - Non-built-in persistent TVF. + - Non-built-in persistent aggregate function. + determinismLevel: + enum: + - DETERMINISM_LEVEL_UNSPECIFIED + - DETERMINISTIC + - NOT_DETERMINISTIC + description: Optional. The determinism level of the JavaScript UDF, if defined. type: string - sampledShapleyNumPaths: - description: Number of paths for the sampled Shapley explain method. - format: int64 + enumDescriptions: + - The determinism of the UDF is unspecified. + - >- + The UDF is deterministic, meaning that 2 function calls with the + same inputs always produce the same result, even across 2 query + runs. + - The UDF is not deterministic. + description: type: string - scaleFeatures: - description: >- - If true, scale the feature values by dividing the feature standard - deviation. Currently only apply to PCA. - type: boolean - standardizeFeatures: - description: Whether to standardize numerical features. Default to true. + description: Optional. The description of the routine, if defined. + strictMode: type: boolean - subsample: description: >- - Subsample fraction of the training data to grow tree to prevent - overfitting for boosted tree models. - format: double - type: number - tfVersion: + Optional. Use this option to catch many common errors. Error + checking is not exhaustive, and successfully creating a procedure + doesn't guarantee that the procedure will successfully execute at + runtime. If `strictMode` is set to `TRUE`, the procedure body is + further checked for errors such as non-existent tables or columns. + The `CREATE PROCEDURE` statement fails if the body fails any of + these checks. If `strictMode` is set to `FALSE`, the procedure body + is checked only for syntax. For procedures that invoke themselves + recursively, specify `strictMode=FALSE` to avoid non-existent + procedure errors during validation. Default value is `TRUE`. + arguments: + type: array + items: + $ref: '#/components/schemas/Argument' + description: Optional. + routineReference: + $ref: '#/components/schemas/RoutineReference' + description: Required. Reference describing the ID of this routine. + definitionBody: description: >- - Based on the selected TF version, the corresponding docker image is - used to train external models. - type: string - timeSeriesDataColumn: - description: Column to be designated as time series data for ARIMA model. + Required. The body of the routine. For functions, this is the + expression in the AS clause. If `language = "SQL"`, it is the + substring inside (but excluding) the parentheses. For example, for + the function created with the following statement: `CREATE FUNCTION + JoinLines(x string, y string) as (concat(x, "\n", y))` The + definition_body is `concat(x, "\n", y)` (\n is not replaced with + linebreak). If `language="JAVASCRIPT"`, it is the evaluated string + in the AS clause. For example, for the function created with the + following statement: `CREATE FUNCTION f() RETURNS STRING LANGUAGE js + AS 'return "\n";\n'` The definition_body is `return "\n";\n` Note + that both \n are replaced with linebreaks. If `definition_body` + references another routine, then that routine must be fully + qualified with its project ID. type: string - timeSeriesIdColumn: - description: The time series id column that was used during ARIMA model training. + dataGovernanceType: + enumDescriptions: + - The data governance type is unspecified. + - The data governance type is data masking. type: string - timeSeriesIdColumns: + enum: + - DATA_GOVERNANCE_TYPE_UNSPECIFIED + - DATA_MASKING description: >- - The time series id columns that were used during ARIMA model - training. + Optional. If set to `DATA_MASKING`, the function is validated and + made available as a masking function. For more information, see + [Create custom masking + routines](https://cloud.google.com/bigquery/docs/user-defined-functions#custom-mask). + QueryParameterValue: + id: QueryParameterValue + description: The value of a query parameter. + type: object + properties: + arrayValues: + description: Optional. The array values, if this is an array type. items: - type: string + $ref: '#/components/schemas/QueryParameterValue' type: array - timeSeriesLengthFraction: + structValues: + additionalProperties: + $ref: '#/components/schemas/QueryParameterValue' + type: object + description: The struct field values. + value: + description: Optional. The value of this value, if a simple scalar type. + type: string + rangeValue: + description: Optional. The range value, if this is a range type. + $ref: '#/components/schemas/RangeValue' + MaterializedViewStatus: + id: MaterializedViewStatus + description: >- + Status of a materialized view. The last refresh timestamp status is + omitted here, but is present in the MaterializedViewDefinition message. + type: object + properties: + refreshWatermark: + format: google-datetime + type: string description: >- - The fraction of the interpolated length of the time series that's - used to model the time series trend component. All of the time - points of the time series are used to model the non-trend component. - This training option accelerates modeling training without - sacrificing much forecasting accuracy. You can use this option with - `minTimeSeriesLength` but not with `maxTimeSeriesLength`. + Output only. Refresh watermark of materialized view. The base + tables' data were collected into the materialized view cache until + this time. + readOnly: true + lastRefreshStatus: + $ref: '#/components/schemas/ErrorProto' + description: >- + Output only. Error result of the last automatic refresh. If present, + indicates that the last automatic refresh was unsuccessful. + readOnly: true + BqmlIterationResult: + properties: + learnRate: format: double + description: Deprecated. type: number - timeSeriesTimestampColumn: - description: Column to be designated as time series timestamp for ARIMA model. - type: string - treeMethod: - description: Tree construction algorithm for boosted tree models. - enum: - - TREE_METHOD_UNSPECIFIED - - AUTO - - EXACT - - APPROX - - HIST - enumDescriptions: - - Unspecified tree method. - - Use heuristic to choose the fastest method. - - Exact greedy algorithm. - - >- - Approximate greedy algorithm using quantile sketch and gradient - histogram. - - Fast histogram optimized approximate greedy algorithm. + evalLoss: + format: double + description: Deprecated. + type: number + index: + format: int32 + type: integer + description: Deprecated. + trainingLoss: + format: double + description: Deprecated. + type: number + durationMs: type: string - trendSmoothingWindowSize: - description: >- - Smoothing window size for the trend component. When a positive value - is specified, a center moving average smoothing is applied on the - history trend. When the smoothing window is out of the boundary at - the beginning or the end of the trend, the first element or the last - element is padded to fill the smoothing window before the average is - applied. + description: Deprecated. format: int64 - type: string - userColumn: - description: User column specified for matrix factorization models. - type: string - vertexAiModelVersionAliases: + type: object + id: BqmlIterationResult + Dataset: + description: Represents a BigQuery dataset. + properties: + externalDatasetReference: + $ref: '#/components/schemas/ExternalDatasetReference' description: >- - The version aliases to apply in Vertex AI model registry. Always - overwrite if the version aliases exists in a existing model. - items: - type: string - type: array - walsAlpha: + Optional. Reference to a read-only external dataset defined in data + catalogs outside of BigQuery. Filled out when the dataset type is + EXTERNAL. + resourceTags: + type: object description: >- - Hyperparameter for matrix factoration when implicit feedback type is - specified. - format: double - type: number - warmStart: - description: Whether to train a model from the last checkpoint. - type: boolean - xgboostVersion: - description: User-selected XGBoost versions for training of XGBoost models. + Optional. The [tags](https://cloud.google.com/bigquery/docs/tags) + attached to this dataset. Tag keys are globally unique. Tag key is + expected to be in the namespaced format, for example + "123456789012/environment" where 123456789012 is the ID of the + parent organization or project resource for this tag key. Tag value + is expected to be the short name, for example "Production". See [Tag + definitions](https://cloud.google.com/iam/docs/tags-access-control#definitions) + for more details. + additionalProperties: + type: string + id: type: string - type: object - TrainingRun: - description: Information about a single training query run for the model. - id: TrainingRun - properties: - classLevelGlobalExplanations: description: >- - Output only. Global explanation contains the explanation of top - features on the class level. Applies to classification models only. - items: - $ref: '#/components/schemas/GlobalExplanation' + Output only. The fully-qualified unique name of the dataset in the + format projectId:datasetId. The dataset name without the project + name is given in the datasetId field. When creating a new dataset, + leave this field blank, and instead specify the datasetId field. readOnly: true - type: array - dataSplitResult: - $ref: '#/components/schemas/DataSplitResult' + defaultCollation: description: >- - Output only. Data split result of the training run. Only set when - the input data is actually split. + Optional. Defines the default collation specification of future + tables created in the dataset. If a table is created in this dataset + without table-level default collation, then the table inherits the + dataset default collation, which is applied to the string fields + that do not have explicit collation specified. A change to this + field affects only tables created afterwards, and does not alter the + existing tables. The following values are supported: * 'und:ci': + undetermined locale, case insensitive. * '': empty string. Default + to case-sensitive behavior. + type: string + lastModifiedTime: + type: string readOnly: true - evaluationMetrics: - $ref: '#/components/schemas/EvaluationMetrics' + format: int64 description: >- - Output only. The evaluation metrics over training/eval data that - were computed at the end of training. + Output only. The date when this dataset was last modified, in + milliseconds since the epoch. + creationTime: + type: string + format: int64 readOnly: true - modelLevelGlobalExplanation: - $ref: '#/components/schemas/GlobalExplanation' description: >- - Output only. Global explanation contains the explanation of top - features on the model level. Applies to both regression and - classification models. - readOnly: true - results: + Output only. The time when this dataset was created, in milliseconds + since the epoch. + defaultTableExpirationMs: description: >- - Output only. Output of each iteration run, results.size() <= - max_iterations. - items: - $ref: '#/components/schemas/IterationResult' + Optional. The default lifetime of all tables in the dataset, in + milliseconds. The minimum lifetime value is 3600000 milliseconds + (one hour). To clear an existing default expiration with a PATCH + request, set to 0. Once this property is set, all newly-created + tables in the dataset will have an expirationTime property set to + the creation time plus the value in this property, and changing the + value will only affect new tables, not existing ones. When the + expirationTime for a given table is reached, that table will be + deleted automatically. If a table's expirationTime is modified or + removed before the table expires, or if you provide an explicit + expirationTime when creating a table, that value takes precedence + over the default expiration time indicated by this property. + type: string + format: int64 + defaultRoundingMode: + type: string + description: >- + Optional. Defines the default rounding mode specification of new + tables created within this dataset. During table creation, if this + field is specified, the table within this dataset will inherit the + default rounding mode of the dataset. Setting the default rounding + mode on a table overrides this option. Existing tables in the + dataset are unaffected. If columns are defined during that table + creation, they will immediately inherit the table's default rounding + mode, unless otherwise specified. + enumDescriptions: + - Unspecified will default to using ROUND_HALF_AWAY_FROM_ZERO. + - >- + ROUND_HALF_AWAY_FROM_ZERO rounds half values away from zero when + applying precision and scale upon writing of NUMERIC and + BIGNUMERIC values. For Scale: 0 1.1, 1.2, 1.3, 1.4 => 1 1.5, 1.6, + 1.7, 1.8, 1.9 => 2 + - >- + ROUND_HALF_EVEN rounds half values to the nearest even value when + applying precision and scale upon writing of NUMERIC and + BIGNUMERIC values. For Scale: 0 1.1, 1.2, 1.3, 1.4 => 1 1.5 => 2 + 1.6, 1.7, 1.8, 1.9 => 2 2.5 => 2 + enum: + - ROUNDING_MODE_UNSPECIFIED + - ROUND_HALF_AWAY_FROM_ZERO + - ROUND_HALF_EVEN + defaultEncryptionConfiguration: + description: >- + The default encryption key for all tables in the dataset. After this + property is set, the encryption key of all newly-created tables in + the dataset is set to this value unless the table creation request + or query explicitly overrides the key. + $ref: '#/components/schemas/EncryptionConfiguration' + kind: readOnly: true - type: array - startTime: - description: Output only. The start time of this training run. - format: google-datetime + description: Output only. The resource type. + default: bigquery#dataset + type: string + etag: readOnly: true + description: Output only. A hash of the resource. type: string - trainingOptions: - $ref: '#/components/schemas/TrainingOptions' + maxTimeTravelHours: + format: int64 description: >- - Output only. Options that were used for this training run, includes - user specified and default options that were used. - readOnly: true - trainingStartTime: - deprecated: true + Optional. Defines the time travel window in hours. The value can be + from 48 to 168 hours (2 to 7 days). The default value is 168 hours + if this is not set. + type: string + friendlyName: + type: string + description: Optional. A descriptive name for the dataset. + access: + items: + properties: + groupByEmail: + description: >- + [Pick one] An email address of a Google Group to grant access + to. Maps to IAM policy member "group:GROUP". + type: string + userByEmail: + description: >- + [Pick one] An email address of a user to grant access to. For + example: fred@example.com. Maps to IAM policy member + "user:EMAIL" or "serviceAccount:EMAIL". + type: string + specialGroup: + description: >- + [Pick one] A special group to grant access to. Possible values + include: * projectOwners: Owners of the enclosing project. * + projectReaders: Readers of the enclosing project. * + projectWriters: Writers of the enclosing project. * + allAuthenticatedUsers: All authenticated BigQuery users. Maps + to similarly-named IAM members. + type: string + view: + description: >- + [Pick one] A view from a different dataset to grant access to. + Queries executed against that view will have read access to + views/tables/routines in this dataset. The role field is not + required when this field is set. If that view is updated by + any user, access to the view needs to be granted again via an + update operation. + $ref: '#/components/schemas/TableReference' + routine: + description: >- + [Pick one] A routine from a different dataset to grant access + to. Queries executed against that routine will have read + access to views/tables/routines in this dataset. Only UDF is + supported for now. The role field is not required when this + field is set. If that routine is updated by any user, access + to the routine needs to be granted again via an update + operation. + $ref: '#/components/schemas/RoutineReference' + dataset: + description: >- + [Pick one] A grant authorizing all resources of a particular + type in a particular dataset access to this dataset. Only + views are supported for now. The role field is not required + when this field is set. If that dataset is deleted and + re-created, its access needs to be granted again via an update + operation. + $ref: '#/components/schemas/DatasetAccessEntry' + iamMember: + type: string + description: >- + [Pick one] Some other type of member that appears in the IAM + Policy but isn't a user, group, domain, or special group. + domain: + type: string + description: >- + [Pick one] A domain to grant access to. Any users signed in + with the domain specified will be granted the specified + access. Example: "example.com". Maps to IAM policy member + "domain:DOMAIN". + role: + description: >- + An IAM role ID that should be granted to the user, group, or + domain specified in this access entry. The following legacy + mappings will be applied: * `OWNER`: + `roles/bigquery.dataOwner` * `WRITER`: + `roles/bigquery.dataEditor` * `READER`: + `roles/bigquery.dataViewer` This field will accept any of the + above formats, but will return only the legacy format. For + example, if you set this field to "roles/bigquery.dataOwner", + it will be returned back as "OWNER". + type: string + condition: + description: >- + Optional. condition for the binding. If CEL expression in this + field is true, this access binding will be considered + $ref: '#/components/schemas/Expr' + type: object + description: An object that defines dataset access for an entity. + type: array description: >- - Output only. The start time of this training run, in milliseconds - since epoch. - format: int64 - readOnly: true + Optional. An array of objects that define dataset access for one or + more entities. You can set this property when inserting or updating + a dataset in order to control who is allowed to access the data. If + unspecified at dataset creation time, BigQuery adds default dataset + access for the following entities: access.specialGroup: + projectReaders; access.role: READER; access.specialGroup: + projectWriters; access.role: WRITER; access.specialGroup: + projectOwners; access.role: OWNER; access.userByEmail: [dataset + creator email]; access.role: OWNER; If you patch a dataset, then + this field is overwritten by the patched dataset's access field. To + add entities, you must supply the entire existing access array in + addition to any new entities that you want to add. + defaultPartitionExpirationMs: type: string - vertexAiModelId: + format: int64 description: >- - The model id in the [Vertex AI Model - Registry](https://cloud.google.com/vertex-ai/docs/model-registry/introduction) - for this training run. + This default partition expiration, expressed in milliseconds. When + new time-partitioned tables are created in a dataset where this + property is set, the table will inherit this value, propagated as + the `TimePartitioning.expirationMs` property on the new table. If + you set `TimePartitioning.expirationMs` explicitly when creating a + table, the `defaultPartitionExpirationMs` of the containing dataset + is ignored. When creating a partitioned table, if + `defaultPartitionExpirationMs` is set, the + `defaultTableExpirationMs` value is ignored and the table will not + be inherit a table expiration deadline. + selfLink: type: string - vertexAiModelVersion: description: >- - Output only. The model version in the [Vertex AI Model - Registry](https://cloud.google.com/vertex-ai/docs/model-registry/introduction) - for this training run. + Output only. A URL that can be used to access the resource again. + You can use this URL in Get or Update requests to the resource. readOnly: true - type: string - type: object - TransactionInfo: - description: '[Alpha] Information of a multi-statement transaction.' - id: TransactionInfo - properties: - transactionId: - description: Output only. [Alpha] Id of the transaction. + isCaseInsensitive: + description: >- + Optional. TRUE if the dataset and its table names are + case-insensitive, otherwise FALSE. By default, this is FALSE, which + means the dataset and its table names are case-sensitive. This field + does not affect routine references. + type: boolean + datasetReference: + description: Required. A reference that identifies the dataset. + $ref: '#/components/schemas/DatasetReference' + linkedDatasetMetadata: + $ref: '#/components/schemas/LinkedDatasetMetadata' readOnly: true - type: string - type: object - TransformColumn: - description: Information about a single transform column. - id: TransformColumn - properties: - name: - description: Output only. Name of the column. + description: >- + Output only. Metadata about the LinkedDataset. Filled out when the + dataset type is LINKED. + satisfiesPzs: readOnly: true - type: string - transformSql: - description: Output only. The SQL expression used in the column transform. + description: Output only. Reserved for future use. + type: boolean + restrictions: + description: >- + Optional. Output only. Restriction config for all tables and + dataset. If set, restrict certain accesses on the dataset and all + its tables based on the config. See [Data + egress](https://cloud.google.com/bigquery/docs/analytics-hub-introduction#data_egress) + for more details. + $ref: '#/components/schemas/RestrictionConfig' readOnly: true + storageBillingModel: + description: Optional. Updates storage_billing_model for the dataset. type: string + enumDescriptions: + - Value not set. + - Billing for logical bytes. + - Billing for physical bytes. + enum: + - STORAGE_BILLING_MODEL_UNSPECIFIED + - LOGICAL + - PHYSICAL + satisfiesPzi: + readOnly: true + type: boolean + description: Output only. Reserved for future use. type: - $ref: '#/components/schemas/StandardSqlDataType' - description: Output only. Data type of the column after the transform. readOnly: true - type: object - UndeleteDatasetRequest: - description: Request format for undeleting a dataset. - id: UndeleteDatasetRequest - properties: - deletionTime: - description: >- - Optional. The exact time when the dataset was deleted. If not - specified, the most recently deleted version is undeleted. - Undeleting a dataset using deletion time is not supported. - format: google-datetime - type: string - type: object - UserDefinedFunctionResource: - description: ' This is used for defining User Defined Function (UDF) resources only when using legacy SQL. Users of GoogleSQL should leverage either DDL (e.g. CREATE [TEMPORARY] FUNCTION ... ) or the Routines API to define UDF resources. For additional information on migrating, see: https://cloud.google.com/bigquery/docs/reference/standard-sql/migrating-from-legacy-sql#differences_in_user-defined_javascript_functions' - id: UserDefinedFunctionResource - properties: - inlineCode: - description: >- - [Pick one] An inline resource that contains code for a user-defined - function (UDF). Providing a inline code resource is equivalent to - providing a URI for a file containing the same code. type: string - resourceUri: description: >- - [Pick one] A code resource to load from a Google Cloud Storage URI - (gs://bucket/path). - type: string - type: object - VectorSearchStatistics: - description: >- - Statistics for a vector search query. Populated as part of - JobStatistics2. - id: VectorSearchStatistics - properties: - indexUnusedReasons: + Output only. Same as `type` in `ListFormatDataset`. The type of the + dataset, one of: * DEFAULT - only accessible by owner and authorized + accounts, * PUBLIC - accessible by everyone, * LINKED - linked + dataset, * EXTERNAL - dataset with definition in external metadata + catalog. + labels: + type: object description: >- - When `indexUsageMode` is `UNUSED` or `PARTIALLY_USED`, this field - explains why indexes were not used in all or part of the vector - search query. If `indexUsageMode` is `FULLY_USED`, this field is not - populated. - items: - $ref: '#/components/schemas/IndexUnusedReason' - type: array - indexUsageMode: - description: Specifies the index usage mode for the query. - enum: - - INDEX_USAGE_MODE_UNSPECIFIED - - UNUSED - - PARTIALLY_USED - - FULLY_USED - enumDescriptions: - - Index usage mode not specified. - - >- - No vector indexes were used in the vector search query. See - [`indexUnusedReasons`] - (/bigquery/docs/reference/rest/v2/Job#IndexUnusedReason) for - detailed reasons. - - >- - Part of the vector search query used vector indexes. See - [`indexUnusedReasons`] - (/bigquery/docs/reference/rest/v2/Job#IndexUnusedReason) for why - other parts of the query did not use vector indexes. - - The entire vector search query used vector indexes. + The labels associated with this dataset. You can use these to + organize and group your datasets. You can set this property when + inserting or updating a dataset. See [Creating and Updating Dataset + Labels](https://cloud.google.com/bigquery/docs/creating-managing-labels#creating_and_updating_dataset_labels) + for more information. + additionalProperties: + type: string + location: type: string - storedColumnsUsages: description: >- - Specifies the usage of stored columns in the query when stored - columns are used in the query. - items: - $ref: '#/components/schemas/StoredColumnsUsage' - type: array - type: object - ViewDefinition: - description: Describes the definition of a logical view. - id: ViewDefinition - properties: - foreignDefinitions: - description: Optional. Foreign view representations. + The geographic location where the dataset should reside. See + https://cloud.google.com/bigquery/docs/locations for supported + locations. + tags: items: - $ref: '#/components/schemas/ForeignViewDefinition' + description: >- + A global tag managed by Resource Manager. + https://cloud.google.com/iam/docs/tags-access-control#definitions + type: object + properties: + tagValue: + description: >- + Required. The friendly short name of the tag value, e.g. + "production". + type: string + tagKey: + type: string + description: >- + Required. The namespaced friendly name of the tag key, e.g. + "12345/environment" where 12345 is org id. + readOnly: true + deprecated: true type: array - privacyPolicy: - $ref: '#/components/schemas/PrivacyPolicy' - description: Optional. Specifies the privacy policy for the view. - query: description: >- - Required. A query that BigQuery executes when the view is - referenced. - type: string - useExplicitColumnNames: + Output only. Tags for the dataset. To provide tags as inputs, use + the `resourceTags` field. + externalCatalogDatasetOptions: description: >- - True if the column names are explicitly specified. For example by - using the 'CREATE VIEW v(c1, c2) AS ...' syntax. Can only be set for - GoogleSQL views. - type: boolean - useLegacySql: + Optional. Options defining open source compatible datasets living in + the BigQuery catalog. Contains metadata of open source database, + schema or namespace represented by the current dataset. + $ref: '#/components/schemas/ExternalCatalogDatasetOptions' + linkedDatasetSource: description: >- - Specifies whether to use BigQuery's legacy SQL for this view. The - default value is true. If set to false, the view will use BigQuery's - GoogleSQL: https://cloud.google.com/bigquery/sql-reference/ Queries - and views that reference this view must use the same flag value. A - wrapper is used here because the default value is True. - type: boolean - userDefinedFunctionResources: - description: Describes user-defined function resources used in the query. - items: - $ref: '#/components/schemas/UserDefinedFunctionResource' - type: array + Optional. The source dataset reference when the dataset is of type + LINKED. For all other dataset types it is not set. This field cannot + be updated once it is set. Any attempt to update this field using + Update and Patch API Operations will be ignored. + $ref: '#/components/schemas/LinkedDatasetSource' + description: + description: Optional. A user-friendly description of the dataset. + type: string + id: Dataset type: object parameters: - _.xgafv: - description: V1 error format. - in: query - name: $.xgafv - schema: - type: string - enum: - - '1' - - '2' - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: alt + name: upload_protocol schema: type: string - enum: - - json - - media - - proto callback: description: JSONP in: query name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string key: description: >- API key. Your API key identifies your project and provides you with API @@ -10031,19 +10242,34 @@ components: in: query name: key schema: - type: string + type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + _.xgafv: + description: V1 error format. in: query - name: prettyPrint + name: $.xgafv schema: - type: boolean + type: string + enum: + - '1' + - '2' + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -10059,10 +10285,20 @@ components: name: uploadType schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + alt: + description: Data format for response. in: query - name: upload_protocol + name: alt + schema: + type: string + enum: + - json + - media + - proto + access_token: + description: OAuth access token. + in: query + name: access_token schema: type: string x-stackQL-resources: @@ -10071,15 +10307,16 @@ components: name: datasets title: Datasets methods: - delete: + list: operation: - $ref: '#/paths/~1projects~1{projectId}~1datasets~1{+datasetId}/delete' + $ref: '#/paths/~1projects~1{projectId}~1datasets/get' response: mediaType: application/json openAPIDocKey: '200' - get: + objectKey: $.datasets + insert: operation: - $ref: '#/paths/~1projects~1{projectId}~1datasets~1{+datasetId}/get' + $ref: '#/paths/~1projects~1{projectId}~1datasets/post' response: mediaType: application/json openAPIDocKey: '200' @@ -10089,9 +10326,9 @@ components: response: mediaType: application/json openAPIDocKey: '200' - undelete: + delete: operation: - $ref: '#/paths/~1projects~1{projectId}~1datasets~1{+datasetId}/post' + $ref: '#/paths/~1projects~1{projectId}~1datasets~1{+datasetId}/delete' response: mediaType: application/json openAPIDocKey: '200' @@ -10101,19 +10338,18 @@ components: response: mediaType: application/json openAPIDocKey: '200' - insert: + get: operation: - $ref: '#/paths/~1projects~1{projectId}~1datasets/post' + $ref: '#/paths/~1projects~1{projectId}~1datasets~1{+datasetId}/get' response: mediaType: application/json openAPIDocKey: '200' - list: + undelete: operation: - $ref: '#/paths/~1projects~1{projectId}~1datasets/get' + $ref: '#/paths/~1projects~1{projectId}~1datasets~1{+datasetId}/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.datasets sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/datasets/methods/get' @@ -10126,48 +10362,75 @@ components: - $ref: '#/components/x-stackQL-resources/datasets/methods/update' delete: - $ref: '#/components/x-stackQL-resources/datasets/methods/delete' - jobs: - id: google.bigquery.jobs - name: jobs - title: Jobs + tabledata: + id: google.bigquery.tabledata + name: tabledata + title: Tabledata methods: - cancel: + list: operation: - $ref: '#/paths/~1projects~1{projectId}~1jobs~1{+jobId}~1cancel/post' + $ref: >- + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}~1data/get response: mediaType: application/json openAPIDocKey: '200' - delete: + insert_all: operation: - $ref: '#/paths/~1projects~1{projectId}~1jobs~1{+jobId}~1delete/delete' + $ref: >- + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}~1insertAll/post response: mediaType: application/json openAPIDocKey: '200' - get: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/tabledata/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/tabledata/methods/insert_all' + update: [] + replace: [] + delete: [] + jobs: + id: google.bigquery.jobs + name: jobs + title: Jobs + methods: + list: operation: - $ref: '#/paths/~1projects~1{projectId}~1jobs~1{+jobId}/get' + $ref: '#/paths/~1projects~1{projectId}~1jobs/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable insert: operation: $ref: '#/paths/~1projects~1{projectId}~1jobs/post' response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: - $ref: '#/paths/~1projects~1{projectId}~1jobs/get' + $ref: '#/paths/~1projects~1{projectId}~1jobs~1{+jobId}~1delete/delete' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.jobs query: operation: $ref: '#/paths/~1projects~1{projectId}~1queries/post' response: mediaType: application/json openAPIDocKey: '200' + get: + operation: + $ref: '#/paths/~1projects~1{projectId}~1jobs~1{+jobId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + cancel: + operation: + $ref: '#/paths/~1projects~1{projectId}~1jobs~1{+jobId}~1cancel/post' + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/jobs/methods/get' @@ -10209,17 +10472,17 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get: + patch: operation: $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1models~1{+modelId}/get + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1models~1{+modelId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + get: operation: $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1models~1{+modelId}/patch + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1models~1{+modelId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -10241,269 +10504,377 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/models/methods/delete' - service_account: - id: google.bigquery.service_account - name: service_account - title: Service_account - methods: - get_service_account: - operation: - $ref: '#/paths/~1projects~1{projectId}~1serviceAccount/get' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/service_account/methods/get_service_account - insert: [] - update: [] - replace: [] - delete: [] - projects: - id: google.bigquery.projects - name: projects - title: Projects + routines_iam_policies: + id: google.bigquery.routines_iam_policies + name: routines_iam_policies + title: Routines_iam_policies methods: - list: + set_iam_policy: operation: - $ref: '#/paths/~1projects/get' + $ref: '#/paths/~1{resource}/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.projects sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/projects/methods/list' + select: [] insert: [] update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/routines_iam_policies/methods/set_iam_policy delete: [] - routines: - id: google.bigquery.routines - name: routines - title: Routines + row_access_policies: + id: google.bigquery.row_access_policies + name: row_access_policies + title: Row_access_policies methods: - delete: + get: operation: $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1routines~1{+routineId}/delete + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}~1rowAccessPolicies~1{+policyId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + update: operation: $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1routines~1{+routineId}/get + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}~1rowAccessPolicies~1{+policyId}/put response: mediaType: application/json openAPIDocKey: '200' - update: + delete: operation: $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1routines~1{+routineId}/put + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}~1rowAccessPolicies~1{+policyId}/delete response: mediaType: application/json openAPIDocKey: '200' - insert: + list: operation: $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1routines/post + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}~1rowAccessPolicies/get response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.rowAccessPolicies + insert: operation: $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1routines/get + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}~1rowAccessPolicies/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.routines sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/routines/methods/get' - - $ref: '#/components/x-stackQL-resources/routines/methods/list' + - $ref: '#/components/x-stackQL-resources/row_access_policies/methods/get' + - $ref: '#/components/x-stackQL-resources/row_access_policies/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/routines/methods/insert' + - $ref: >- + #/components/x-stackQL-resources/row_access_policies/methods/insert update: [] replace: - - $ref: '#/components/x-stackQL-resources/routines/methods/update' + - $ref: >- + #/components/x-stackQL-resources/row_access_policies/methods/update delete: - - $ref: '#/components/x-stackQL-resources/routines/methods/delete' - tables_iam_policies: - id: google.bigquery.tables_iam_policies - name: tables_iam_policies - title: Tables_iam_policies + - $ref: >- + #/components/x-stackQL-resources/row_access_policies/methods/delete + tables: + id: google.bigquery.tables + name: tables + title: Tables methods: - test_iam_permissions: + update: operation: - $ref: '#/paths/~1{resource}/post' + $ref: >- + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}/put response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - row_access_policies: - id: google.bigquery.row_access_policies - name: row_access_policies - title: Row_access_policies - methods: - insert: + delete: operation: $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}~1rowAccessPolicies/post + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}~1rowAccessPolicies/get + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.rowAccessPolicies - delete: + get: operation: $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}~1rowAccessPolicies~1{+policyId}/delete + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + list: operation: $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}~1rowAccessPolicies~1{+policyId}/get + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables/get response: mediaType: application/json openAPIDocKey: '200' - update: + objectKey: $.tables + insert: operation: $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}~1rowAccessPolicies~1{+policyId}/put + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/row_access_policies/methods/get' - - $ref: '#/components/x-stackQL-resources/row_access_policies/methods/list' + - $ref: '#/components/x-stackQL-resources/tables/methods/get' + - $ref: '#/components/x-stackQL-resources/tables/methods/list' insert: - - $ref: >- - #/components/x-stackQL-resources/row_access_policies/methods/insert - update: [] + - $ref: '#/components/x-stackQL-resources/tables/methods/insert' + update: + - $ref: '#/components/x-stackQL-resources/tables/methods/patch' replace: - - $ref: >- - #/components/x-stackQL-resources/row_access_policies/methods/update + - $ref: '#/components/x-stackQL-resources/tables/methods/update' delete: - - $ref: >- - #/components/x-stackQL-resources/row_access_policies/methods/delete - tabledata: - id: google.bigquery.tabledata - name: tabledata - title: Tabledata + - $ref: '#/components/x-stackQL-resources/tables/methods/delete' + routines: + id: google.bigquery.routines + name: routines + title: Routines methods: - insert_all: - operation: - $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}~1insertAll/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: + update: operation: $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}~1data/get + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1routines~1{+routineId}/put response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/tabledata/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/tabledata/methods/insert_all' - update: [] - replace: [] - delete: [] - tables: - id: google.bigquery.tables - name: tables - title: Tables - methods: delete: operation: $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}/delete + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1routines~1{+routineId}/delete response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}/get + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1routines~1{+routineId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + insert: operation: $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}/patch + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1routines/post response: mediaType: application/json openAPIDocKey: '200' - update: + list: operation: $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables~1{+tableId}/put + #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1routines/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.routines + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/routines/methods/get' + - $ref: '#/components/x-stackQL-resources/routines/methods/list' insert: + - $ref: '#/components/x-stackQL-resources/routines/methods/insert' + update: [] + replace: + - $ref: '#/components/x-stackQL-resources/routines/methods/update' + delete: + - $ref: '#/components/x-stackQL-resources/routines/methods/delete' + service_account: + id: google.bigquery.service_account + name: service_account + title: Service_account + methods: + get_service_account: operation: - $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables/post + $ref: '#/paths/~1projects~1{projectId}~1serviceAccount/get' response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/service_account/methods/get_service_account + insert: [] + update: [] + replace: [] + delete: [] + projects: + id: google.bigquery.projects + name: projects + title: Projects + methods: list: operation: - $ref: >- - #/paths/~1projects~1{projectId}~1datasets~1{+datasetId}~1tables/get + $ref: '#/paths/~1projects/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tables + objectKey: $.projects sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/tables/methods/get' - - $ref: '#/components/x-stackQL-resources/tables/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/tables/methods/insert' - update: - - $ref: '#/components/x-stackQL-resources/tables/methods/patch' - replace: - - $ref: '#/components/x-stackQL-resources/tables/methods/update' - delete: - - $ref: '#/components/x-stackQL-resources/tables/methods/delete' + - $ref: '#/components/x-stackQL-resources/projects/methods/list' + insert: [] + update: [] + replace: [] + delete: [] paths: - /projects/{projectId}/datasets/{+datasetId}: + /projects/{projectId}/datasets: parameters: &ref_1 - - $ref: '#/components/parameters/_.xgafv' - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/access_token' + get: + description: >- + Lists all datasets in the specified project to which the user has been + granted the READER dataset role. + operationId: bigquery.datasets.list + security: + - Oauth2: + - https://www.googleapis.com/auth/bigquery + Oauth2c: + - https://www.googleapis.com/auth/bigquery + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/DatasetList' + parameters: + - in: path + name: projectId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: all + schema: + type: boolean + - in: query + name: maxResults + schema: + type: integer + format: uint32 + post: + description: Creates a new empty dataset. + operationId: bigquery.datasets.insert + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Dataset' + security: + - Oauth2: + - https://www.googleapis.com/auth/bigquery + Oauth2c: + - https://www.googleapis.com/auth/bigquery + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Dataset' + parameters: + - in: path + name: projectId + required: true + schema: + type: string + - in: query + name: accessPolicyVersion + schema: + type: integer + format: int32 + /projects/{projectId}/datasets/{+datasetId}: + parameters: *ref_1 + patch: + description: >- + Updates information in an existing dataset. The update method replaces + the entire dataset resource, whereas the patch method only replaces + fields that are provided in the submitted dataset resource. This method + supports RFC5789 patch semantics. + operationId: bigquery.datasets.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Dataset' + security: + - Oauth2: + - https://www.googleapis.com/auth/bigquery + Oauth2c: + - https://www.googleapis.com/auth/bigquery + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Dataset' + parameters: + - in: path + name: projectId + required: true + schema: + type: string + - in: path + name: +datasetId + required: true + schema: + type: string + - in: query + name: updateMode + schema: + type: string + - in: query + name: accessPolicyVersion + schema: + type: integer + format: int32 delete: description: >- Deletes the dataset specified by the datasetId value. Before you can @@ -10538,22 +10909,26 @@ paths: name: deleteContents schema: type: boolean - get: - description: Returns the dataset specified by datasetID. - operationId: bigquery.datasets.get + put: + description: >- + Updates information in an existing dataset. The update method replaces + the entire dataset resource, whereas the patch method only replaces + fields that are provided in the submitted dataset resource. + operationId: bigquery.datasets.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Dataset' security: - Oauth2: - https://www.googleapis.com/auth/bigquery Oauth2c: - https://www.googleapis.com/auth/bigquery - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only + - https://www.googleapis.com/auth/cloud-platform Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response @@ -10578,21 +10953,12 @@ paths: type: integer format: int32 - in: query - name: datasetView + name: updateMode schema: type: string - patch: - description: >- - Updates information in an existing dataset. The update method replaces - the entire dataset resource, whereas the patch method only replaces - fields that are provided in the submitted dataset resource. This method - supports RFC5789 patch semantics. - operationId: bigquery.datasets.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Dataset' + get: + description: Returns the dataset specified by datasetID. + operationId: bigquery.datasets.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -10602,6 +10968,10 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response @@ -10620,15 +10990,15 @@ paths: required: true schema: type: string + - in: query + name: datasetView + schema: + type: string - in: query name: accessPolicyVersion schema: type: integer format: int32 - - in: query - name: updateMode - schema: - type: string post: description: >- Undeletes a dataset which is within time travel window based on @@ -10667,17 +11037,11 @@ paths: required: true schema: type: string - put: - description: >- - Updates information in an existing dataset. The update method replaces - the entire dataset resource, whereas the patch method only replaces - fields that are provided in the submitted dataset resource. - operationId: bigquery.datasets.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Dataset' + /projects/{projectId}/datasets/{+datasetId}/tables/{+tableId}/data: + parameters: *ref_1 + get: + description: List the content of a table in rows. + operationId: bigquery.tabledata.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -10687,13 +11051,17 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Dataset' + $ref: '#/components/schemas/TableDataList' parameters: - in: path name: projectId @@ -10705,30 +11073,58 @@ paths: required: true schema: type: string + - in: path + name: +tableId + required: true + schema: + type: string - in: query - name: accessPolicyVersion + name: formatOptions.useInt64Timestamp schema: - type: integer - format: int32 + type: boolean - in: query - name: updateMode + name: startIndex schema: type: string - /projects/{projectId}/datasets: + format: uint64 + - in: query + name: formatOptions.timestampOutputFormat + schema: + type: string + - in: query + name: selectedFields + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: maxResults + schema: + type: integer + format: uint32 + /projects/{projectId}/datasets/{+datasetId}/tables/{+tableId}/insertAll: parameters: *ref_1 post: - description: Creates a new empty dataset. - operationId: bigquery.datasets.insert + description: >- + Streams data into BigQuery one record at a time without needing to run a + load job. + operationId: bigquery.tabledata.insertAll requestBody: content: application/json: schema: - $ref: '#/components/schemas/Dataset' + $ref: '#/components/schemas/TableDataInsertAllRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery Oauth2c: - https://www.googleapis.com/auth/bigquery + - Oauth2: + - https://www.googleapis.com/auth/bigquery.insertdata + Oauth2c: + - https://www.googleapis.com/auth/bigquery.insertdata - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -10739,23 +11135,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Dataset' + $ref: '#/components/schemas/TableDataInsertAllResponse' parameters: - in: path name: projectId required: true schema: type: string - - in: query - name: accessPolicyVersion + - in: path + name: +datasetId + required: true schema: - type: integer - format: int32 + type: string + - in: path + name: +tableId + required: true + schema: + type: string + /projects/{projectId}/jobs: + parameters: *ref_1 get: description: >- - Lists all datasets in the specified project to which the user has been - granted the READER dataset role. - operationId: bigquery.datasets.list + Lists all jobs that you started in the specified project. Job + information is available for a six month period after creation. The job + list is sorted in reverse chronological order, by job creation time. + Requires the Can View project role, or the Is Owner project role if you + set the allUsers property. + operationId: bigquery.jobs.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -10775,7 +11181,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DatasetList' + $ref: '#/components/schemas/JobList' parameters: - in: path name: projectId @@ -10783,11 +11189,16 @@ paths: schema: type: string - in: query - name: all + name: stateFilter schema: - type: boolean + type: string - in: query - name: filter + name: maxCreationTime + schema: + type: string + format: uint64 + - in: query + name: parentJobId schema: type: string - in: query @@ -10796,55 +11207,37 @@ paths: type: integer format: uint32 - in: query - name: pageToken + name: minCreationTime schema: type: string - /projects/{projectId}/jobs/{+jobId}/cancel: - parameters: *ref_1 - post: - description: >- - Requests that a job be cancelled. This call will return immediately, and - the client will need to poll for the job status to see if the cancel - completed successfully. Cancelled jobs may still incur costs. - operationId: bigquery.jobs.cancel - security: - - Oauth2: - - https://www.googleapis.com/auth/bigquery - Oauth2c: - - https://www.googleapis.com/auth/bigquery - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/JobCancelResponse' - parameters: - - in: path - name: projectId - required: true + format: uint64 + - in: query + name: pageToken schema: type: string - - in: path - name: +jobId - required: true + - in: query + name: projection schema: type: string - in: query - name: location + name: allUsers schema: - type: string - /projects/{projectId}/jobs/{+jobId}/delete: - parameters: *ref_1 - delete: + type: boolean + post: description: >- - Requests the deletion of the metadata of a job. This call returns when - the job's metadata is deleted. - operationId: bigquery.jobs.delete + Starts a new asynchronous job. This API has two different kinds of + endpoint URIs, as this method supports a variety of use cases. * The + *Metadata* URI is used for most interactions, as it accepts the job + configuration directly. * The *Upload* URI is ONLY for the case when + you're sending both a load job configuration and a data stream together. + In this case, the Upload URI accepts the job configuration and the data + as two distinct multipart MIME parts. + operationId: bigquery.jobs.insert + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Job' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -10854,45 +11247,18 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - responses: - '204': - description: No Content - parameters: - - in: path - name: projectId - required: true - schema: - type: string - - in: path - name: +jobId - required: true - schema: - type: string - - in: query - name: location - schema: - type: string - /projects/{projectId}/jobs/{+jobId}: - parameters: *ref_1 - get: - description: >- - Returns information about a specific job. Job information is available - for a six month period after creation. Requires that you're the person - who ran the job, or have the Is Owner project role. - operationId: bigquery.jobs.get - security: - Oauth2: - - https://www.googleapis.com/auth/bigquery + - https://www.googleapis.com/auth/devstorage.full_control Oauth2c: - - https://www.googleapis.com/auth/bigquery + - https://www.googleapis.com/auth/devstorage.full_control - Oauth2: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/devstorage.read_only Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/devstorage.read_only - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only + - https://www.googleapis.com/auth/devstorage.read_write Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only + - https://www.googleapis.com/auth/devstorage.read_write responses: '200': description: Successful response @@ -10906,20 +11272,13 @@ paths: required: true schema: type: string - - in: path - name: +jobId - required: true - schema: - type: string - - in: query - name: location - schema: - type: string - /projects/{projectId}/queries/{+jobId}: + /projects/{projectId}/jobs/{+jobId}/delete: parameters: *ref_1 - get: - description: RPC to get the results of a query job. - operationId: bigquery.jobs.getQueryResults + delete: + description: >- + Requests the deletion of the metadata of a job. This call returns when + the job's metadata is deleted. + operationId: bigquery.jobs.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -10929,17 +11288,9 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GetQueryResultsResponse' + '204': + description: No Content parameters: - in: path name: projectId @@ -10951,54 +11302,22 @@ paths: required: true schema: type: string - - in: query - name: formatOptions.timestampOutputFormat - schema: - type: string - - in: query - name: formatOptions.useInt64Timestamp - schema: - type: boolean - in: query name: location schema: type: string - - in: query - name: maxResults - schema: - type: integer - format: uint32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: startIndex - schema: - type: string - format: uint64 - - in: query - name: timeoutMs - schema: - type: integer - format: uint32 - /projects/{projectId}/jobs: + /projects/{projectId}/queries: parameters: *ref_1 post: description: >- - Starts a new asynchronous job. This API has two different kinds of - endpoint URIs, as this method supports a variety of use cases. * The - *Metadata* URI is used for most interactions, as it accepts the job - configuration directly. * The *Upload* URI is ONLY for the case when - you're sending both a load job configuration and a data stream together. - In this case, the Upload URI accepts the job configuration and the data - as two distinct multipart MIME parts. - operationId: bigquery.jobs.insert + Runs a BigQuery SQL query synchronously and returns query results if the + query completes within a specified timeout. + operationId: bigquery.jobs.query requestBody: content: application/json: schema: - $ref: '#/components/schemas/Job' + $ref: '#/components/schemas/QueryRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -11009,38 +11328,27 @@ paths: Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/devstorage.full_control - Oauth2c: - - https://www.googleapis.com/auth/devstorage.full_control - - Oauth2: - - https://www.googleapis.com/auth/devstorage.read_only - Oauth2c: - - https://www.googleapis.com/auth/devstorage.read_only - - Oauth2: - - https://www.googleapis.com/auth/devstorage.read_write + - https://www.googleapis.com/auth/cloud-platform.read-only Oauth2c: - - https://www.googleapis.com/auth/devstorage.read_write + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Job' + $ref: '#/components/schemas/QueryResponse' parameters: - in: path name: projectId required: true schema: type: string + /projects/{projectId}/queries/{+jobId}: + parameters: *ref_1 get: - description: >- - Lists all jobs that you started in the specified project. Job - information is available for a six month period after creation. The job - list is sorted in reverse chronological order, by job creation time. - Requires the Can View project role, or the Is Owner project role if you - set the allUsers property. - operationId: bigquery.jobs.list + description: RPC to get the results of a query job. + operationId: bigquery.jobs.getQueryResults security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -11060,60 +11368,57 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/JobList' + $ref: '#/components/schemas/GetQueryResultsResponse' parameters: - in: path name: projectId required: true schema: type: string - - in: query - name: allUsers + - in: path + name: +jobId + required: true schema: - type: boolean + type: string - in: query - name: maxCreationTime + name: pageToken schema: type: string - format: uint64 - in: query - name: maxResults + name: location schema: - type: integer - format: uint32 + type: string - in: query - name: minCreationTime + name: formatOptions.useInt64Timestamp schema: - type: string - format: uint64 + type: boolean - in: query - name: pageToken + name: startIndex schema: type: string + format: uint64 - in: query - name: parentJobId + name: formatOptions.timestampOutputFormat schema: type: string - in: query - name: projection + name: timeoutMs schema: - type: string + type: integer + format: uint32 - in: query - name: stateFilter + name: maxResults schema: - type: string - /projects/{projectId}/queries: + type: integer + format: uint32 + /projects/{projectId}/jobs/{+jobId}: parameters: *ref_1 - post: + get: description: >- - Runs a BigQuery SQL query synchronously and returns query results if the - query completes within a specified timeout. - operationId: bigquery.jobs.query - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/QueryRequest' + Returns information about a specific job. Job information is available + for a six month period after creation. Requires that you're the person + who ran the job, or have the Is Owner project role. + operationId: bigquery.jobs.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -11133,18 +11438,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/QueryResponse' + $ref: '#/components/schemas/Job' parameters: - in: path name: projectId required: true schema: type: string - /projects/{projectId}/datasets/{+datasetId}/models/{+modelId}: + - in: path + name: +jobId + required: true + schema: + type: string + - in: query + name: location + schema: + type: string + /projects/{projectId}/jobs/{+jobId}/cancel: parameters: *ref_1 - delete: - description: Deletes the model specified by modelId from the dataset. - operationId: bigquery.models.delete + post: + description: >- + Requests that a job be cancelled. This call will return immediately, and + the client will need to poll for the job status to see if the cancel + completed successfully. Cancelled jobs may still incur costs. + operationId: bigquery.jobs.cancel security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -11155,8 +11472,12 @@ paths: Oauth2c: - https://www.googleapis.com/auth/cloud-platform responses: - '204': - description: No Content + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/JobCancelResponse' parameters: - in: path name: projectId @@ -11164,18 +11485,19 @@ paths: schema: type: string - in: path - name: +datasetId + name: +jobId required: true schema: type: string - - in: path - name: +modelId - required: true + - in: query + name: location schema: type: string - get: - description: Gets the specified model resource by model ID. - operationId: bigquery.models.get + /projects/{projectId}/datasets/{+datasetId}/models/{+modelId}: + parameters: *ref_1 + delete: + description: Deletes the model specified by modelId from the dataset. + operationId: bigquery.models.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -11185,17 +11507,9 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Model' + '204': + description: No Content parameters: - in: path name: projectId @@ -11252,14 +11566,9 @@ paths: required: true schema: type: string - /projects/{projectId}/datasets/{+datasetId}/models: - parameters: *ref_1 get: - description: >- - Lists all models in the specified dataset. Requires the READER dataset - role. After retrieving the list of models, you can get information about - a particular model by calling the models.get method. - operationId: bigquery.models.list + description: Gets the specified model resource by model ID. + operationId: bigquery.models.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -11279,7 +11588,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListModelsResponse' + $ref: '#/components/schemas/Model' parameters: - in: path name: projectId @@ -11291,22 +11600,19 @@ paths: required: true schema: type: string - - in: query - name: maxResults - schema: - type: integer - format: uint32 - - in: query - name: pageToken + - in: path + name: +modelId + required: true schema: type: string - /projects/{projectId}/serviceAccount: + /projects/{projectId}/datasets/{+datasetId}/models: parameters: *ref_1 get: description: >- - RPC to get the service account for a project used for interactions with - Google Cloud KMS - operationId: bigquery.projects.getServiceAccount + Lists all models in the specified dataset. Requires the READER dataset + role. After retrieving the list of models, you can get information about + a particular model by calling the models.get method. + operationId: bigquery.models.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -11326,57 +11632,40 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GetServiceAccountResponse' + $ref: '#/components/schemas/ListModelsResponse' parameters: - in: path name: projectId required: true schema: type: string - /projects: - parameters: *ref_1 - get: - description: >- - RPC to list projects to which the user has been granted any project - role. Users of this method are encouraged to consider the [Resource - Manager](https://cloud.google.com/resource-manager/docs/) API, which - provides the underlying data for this method and has more capabilities. - operationId: bigquery.projects.list - security: - - Oauth2: - - https://www.googleapis.com/auth/bigquery - Oauth2c: - - https://www.googleapis.com/auth/bigquery - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ProjectList' - parameters: - - in: query - name: maxResults + - in: path + name: +datasetId + required: true schema: - type: integer - format: uint32 + type: string - in: query name: pageToken schema: type: string - /projects/{projectId}/datasets/{+datasetId}/routines/{+routineId}: + - in: query + name: maxResults + schema: + type: integer + format: uint32 + /{resource}: parameters: *ref_1 - delete: - description: Deletes the routine specified by routineId from the dataset. - operationId: bigquery.routines.delete + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: bigquery.routines.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -11387,27 +11676,23 @@ paths: Oauth2c: - https://www.googleapis.com/auth/cloud-platform responses: - '204': - description: No Content + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Policy' parameters: - in: path - name: projectId - required: true - schema: - type: string - - in: path - name: +datasetId - required: true - schema: - type: string - - in: path - name: +routineId + name: resource required: true schema: type: string + /projects/{projectId}/datasets/{+datasetId}/tables/{+tableId}/rowAccessPolicies/{+policyId}: + parameters: *ref_1 get: - description: Gets the specified routine resource by routine ID. - operationId: bigquery.routines.get + description: Gets the specified row access policy by policy ID. + operationId: bigquery.rowAccessPolicies.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -11427,7 +11712,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Routine' + $ref: '#/components/schemas/RowAccessPolicy' parameters: - in: path name: projectId @@ -11440,25 +11725,23 @@ paths: schema: type: string - in: path - name: +routineId + name: +tableId required: true schema: type: string - - in: query - name: readMask + - in: path + name: +policyId + required: true schema: type: string - format: google-fieldmask put: - description: >- - Updates information in an existing routine. The update method replaces - the entire Routine resource. - operationId: bigquery.routines.update + description: Updates a row access policy. + operationId: bigquery.rowAccessPolicies.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/Routine' + $ref: '#/components/schemas/RowAccessPolicy' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -11474,7 +11757,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Routine' + $ref: '#/components/schemas/RowAccessPolicy' parameters: - in: path name: projectId @@ -11487,61 +11770,18 @@ paths: schema: type: string - in: path - name: +routineId + name: +tableId required: true schema: type: string - /{resource}: - parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: bigquery.tables.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/bigquery - Oauth2c: - - https://www.googleapis.com/auth/bigquery - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' - parameters: - in: path - name: resource + name: +policyId required: true schema: type: string - /projects/{projectId}/datasets/{+datasetId}/routines: - parameters: *ref_1 - post: - description: Creates a new routine in the dataset. - operationId: bigquery.routines.insert - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Routine' + delete: + description: Deletes a row access policy. + operationId: bigquery.rowAccessPolicies.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -11552,12 +11792,8 @@ paths: Oauth2c: - https://www.googleapis.com/auth/cloud-platform responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Routine' + '204': + description: No Content parameters: - in: path name: projectId @@ -11569,11 +11805,25 @@ paths: required: true schema: type: string + - in: path + name: +tableId + required: true + schema: + type: string + - in: path + name: +policyId + required: true + schema: + type: string + - in: query + name: force + schema: + type: boolean + /projects/{projectId}/datasets/{+datasetId}/tables/{+tableId}/rowAccessPolicies: + parameters: *ref_1 get: - description: >- - Lists all routines in the specified dataset. Requires the READER dataset - role. - operationId: bigquery.routines.list + description: Lists all row access policies on the specified table. + operationId: bigquery.rowAccessPolicies.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -11593,7 +11843,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRoutinesResponse' + $ref: '#/components/schemas/ListRowAccessPoliciesResponse' parameters: - in: path name: projectId @@ -11605,26 +11855,20 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: +tableId + required: true schema: type: string - - in: query - name: maxResults - schema: - type: integer - format: uint32 - in: query name: pageToken schema: type: string - in: query - name: readMask + name: pageSize schema: - type: string - format: google-fieldmask - /projects/{projectId}/datasets/{+datasetId}/tables/{+tableId}/rowAccessPolicies: - parameters: *ref_1 + type: integer + format: int32 post: description: Creates a row access policy. operationId: bigquery.rowAccessPolicies.insert @@ -11642,10 +11886,6 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response @@ -11669,9 +11909,19 @@ paths: required: true schema: type: string - get: - description: Lists all row access policies on the specified table. - operationId: bigquery.rowAccessPolicies.list + /projects/{projectId}/datasets/{+datasetId}/tables/{+tableId}: + parameters: *ref_1 + put: + description: >- + Updates information in an existing table. The update method replaces the + entire Table resource, whereas the patch method only replaces fields + that are provided in the submitted Table resource. + operationId: bigquery.tables.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Table' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -11681,17 +11931,13 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListRowAccessPoliciesResponse' + $ref: '#/components/schemas/Table' parameters: - in: path name: projectId @@ -11709,19 +11955,14 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: autodetect_schema schema: - type: string - /projects/{projectId}/datasets/{+datasetId}/tables/{+tableId}/rowAccessPolicies/{+policyId}: - parameters: *ref_1 + type: boolean delete: - description: Deletes a row access policy. - operationId: bigquery.rowAccessPolicies.delete + description: >- + Deletes the table specified by tableId from the dataset. If the table + contains data, all the data will be deleted. + operationId: bigquery.tables.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -11731,10 +11972,6 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '204': description: No Content @@ -11754,18 +11991,60 @@ paths: required: true schema: type: string + patch: + description: >- + Updates information in an existing table. The update method replaces the + entire table resource, whereas the patch method only replaces fields + that are provided in the submitted table resource. This method supports + RFC5789 patch semantics. + operationId: bigquery.tables.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Table' + security: + - Oauth2: + - https://www.googleapis.com/auth/bigquery + Oauth2c: + - https://www.googleapis.com/auth/bigquery + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Table' + parameters: + - in: path + name: projectId + required: true + schema: + type: string - in: path - name: +policyId + name: +datasetId + required: true + schema: + type: string + - in: path + name: +tableId required: true schema: type: string - in: query - name: force + name: autodetect_schema schema: type: boolean get: - description: Gets the specified row access policy by policy ID. - operationId: bigquery.rowAccessPolicies.get + description: >- + Gets the specified table resource by table ID. This method does not + return the data in the table, it only returns the table resource, which + describes the structure of this table. + operationId: bigquery.tables.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -11785,7 +12064,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RowAccessPolicy' + $ref: '#/components/schemas/Table' parameters: - in: path name: projectId @@ -11802,19 +12081,21 @@ paths: required: true schema: type: string - - in: path - name: +policyId - required: true + - in: query + name: selectedFields schema: type: string - put: - description: Updates a row access policy. - operationId: bigquery.rowAccessPolicies.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RowAccessPolicy' + - in: query + name: view + schema: + type: string + /projects/{projectId}/datasets/{+datasetId}/tables: + parameters: *ref_1 + get: + description: >- + Lists all tables in the specified dataset. Requires the READER dataset + role. + operationId: bigquery.tables.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -11834,7 +12115,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RowAccessPolicy' + $ref: '#/components/schemas/TableList' parameters: - in: path name: projectId @@ -11846,37 +12127,28 @@ paths: required: true schema: type: string - - in: path - name: +tableId - required: true + - in: query + name: maxResults schema: - type: string - - in: path - name: +policyId - required: true + type: integer + format: uint32 + - in: query + name: pageToken schema: type: string - /projects/{projectId}/datasets/{+datasetId}/tables/{+tableId}/insertAll: - parameters: *ref_1 post: - description: >- - Streams data into BigQuery one record at a time without needing to run a - load job. - operationId: bigquery.tabledata.insertAll + description: Creates a new, empty table in the dataset. + operationId: bigquery.tables.insert requestBody: content: application/json: schema: - $ref: '#/components/schemas/TableDataInsertAllRequest' + $ref: '#/components/schemas/Table' security: - Oauth2: - https://www.googleapis.com/auth/bigquery Oauth2c: - https://www.googleapis.com/auth/bigquery - - Oauth2: - - https://www.googleapis.com/auth/bigquery.insertdata - Oauth2c: - - https://www.googleapis.com/auth/bigquery.insertdata - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -11887,7 +12159,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TableDataInsertAllResponse' + $ref: '#/components/schemas/Table' parameters: - in: path name: projectId @@ -11899,16 +12171,18 @@ paths: required: true schema: type: string - - in: path - name: +tableId - required: true - schema: - type: string - /projects/{projectId}/datasets/{+datasetId}/tables/{+tableId}/data: + /projects/{projectId}/datasets/{+datasetId}/routines/{+routineId}: parameters: *ref_1 - get: - description: List the content of a table in rows. - operationId: bigquery.tabledata.list + put: + description: >- + Updates information in an existing routine. The update method replaces + the entire Routine resource. + operationId: bigquery.routines.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Routine' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -11918,17 +12192,13 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/TableDataList' + $ref: '#/components/schemas/Routine' parameters: - in: path name: projectId @@ -11941,43 +12211,13 @@ paths: schema: type: string - in: path - name: +tableId + name: +routineId required: true schema: type: string - - in: query - name: formatOptions.timestampOutputFormat - schema: - type: string - - in: query - name: formatOptions.useInt64Timestamp - schema: - type: boolean - - in: query - name: maxResults - schema: - type: integer - format: uint32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: selectedFields - schema: - type: string - - in: query - name: startIndex - schema: - type: string - format: uint64 - /projects/{projectId}/datasets/{+datasetId}/tables/{+tableId}: - parameters: *ref_1 delete: - description: >- - Deletes the table specified by tableId from the dataset. If the table - contains data, all the data will be deleted. - operationId: bigquery.tables.delete + description: Deletes the routine specified by routineId from the dataset. + operationId: bigquery.routines.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -12002,16 +12242,13 @@ paths: schema: type: string - in: path - name: +tableId + name: +routineId required: true schema: type: string get: - description: >- - Gets the specified table resource by table ID. This method does not - return the data in the table, it only returns the table resource, which - describes the structure of this table. - operationId: bigquery.tables.get + description: Gets the specified routine resource by routine ID. + operationId: bigquery.routines.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -12031,7 +12268,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Table' + $ref: '#/components/schemas/Routine' parameters: - in: path name: projectId @@ -12044,30 +12281,25 @@ paths: schema: type: string - in: path - name: +tableId + name: +routineId required: true schema: type: string - in: query - name: selectedFields - schema: - type: string - - in: query - name: view + name: readMask schema: type: string - patch: - description: >- - Updates information in an existing table. The update method replaces the - entire table resource, whereas the patch method only replaces fields - that are provided in the submitted table resource. This method supports - RFC5789 patch semantics. - operationId: bigquery.tables.patch + format: google-fieldmask + /projects/{projectId}/datasets/{+datasetId}/routines: + parameters: *ref_1 + post: + description: Creates a new routine in the dataset. + operationId: bigquery.routines.insert requestBody: content: application/json: schema: - $ref: '#/components/schemas/Table' + $ref: '#/components/schemas/Routine' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -12083,7 +12315,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Table' + $ref: '#/components/schemas/Routine' parameters: - in: path name: projectId @@ -12095,26 +12327,11 @@ paths: required: true schema: type: string - - in: path - name: +tableId - required: true - schema: - type: string - - in: query - name: autodetect_schema - schema: - type: boolean - put: + get: description: >- - Updates information in an existing table. The update method replaces the - entire Table resource, whereas the patch method only replaces fields - that are provided in the submitted Table resource. - operationId: bigquery.tables.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Table' + Lists all routines in the specified dataset. Requires the READER dataset + role. + operationId: bigquery.routines.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -12124,13 +12341,17 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Table' + $ref: '#/components/schemas/ListRoutinesResponse' parameters: - in: path name: projectId @@ -12142,25 +12363,31 @@ paths: required: true schema: type: string - - in: path - name: +tableId - required: true + - in: query + name: maxResults + schema: + type: integer + format: uint32 + - in: query + name: pageToken schema: type: string - in: query - name: autodetect_schema + name: readMask schema: - type: boolean - /projects/{projectId}/datasets/{+datasetId}/tables: + type: string + format: google-fieldmask + - in: query + name: filter + schema: + type: string + /projects/{projectId}/serviceAccount: parameters: *ref_1 - post: - description: Creates a new, empty table in the dataset. - operationId: bigquery.tables.insert - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Table' + get: + description: >- + RPC to get the service account for a project used for interactions with + Google Cloud KMS + operationId: bigquery.projects.getServiceAccount security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -12170,29 +12397,32 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Table' + $ref: '#/components/schemas/GetServiceAccountResponse' parameters: - in: path name: projectId required: true schema: type: string - - in: path - name: +datasetId - required: true - schema: - type: string + /projects: + parameters: *ref_1 get: description: >- - Lists all tables in the specified dataset. Requires the READER dataset - role. - operationId: bigquery.tables.list + RPC to list projects to which the user has been granted any project + role. Users of this method are encouraged to consider the [Resource + Manager](https://cloud.google.com/resource-manager/docs/) API, which + provides the underlying data for this method and has more capabilities. + operationId: bigquery.projects.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -12212,16 +12442,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TableList' + $ref: '#/components/schemas/ProjectList' parameters: - - in: path - name: projectId - required: true - schema: - type: string - - in: path - name: +datasetId - required: true + - in: query + name: pageToken schema: type: string - in: query @@ -12229,7 +12453,3 @@ paths: schema: type: integer format: uint32 - - in: query - name: pageToken - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/bigqueryconnection.yaml b/providers/src/googleapis.com/v00.00.00000/services/bigqueryconnection.yaml index ec5ee37c..625a17ad 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/bigqueryconnection.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/bigqueryconnection.yaml @@ -7,8 +7,8 @@ info: title: BigQuery Connection API description: Allows users to manage BigQuery connections to external data sources. version: v1 - x-discovery-doc-revision: '20250713' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251026' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/bigquery/docs/connections-api-intro servers: @@ -37,278 +37,222 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - Connection: - id: Connection - description: >- - Configuration parameters to establish connection with an external data - source, except the credential attributes. + ConnectorConfigurationPrivateServiceConnect: type: object + description: Private Service Connect configuration. properties: - name: - description: >- - Output only. The resource name of the connection in the form of: - `projects/{project_id}/locations/{location_id}/connections/{connection_id}` - readOnly: true - type: string - friendlyName: - description: User provided display name for the connection. - type: string - description: - description: User provided description. - type: string - cloudSql: - description: Cloud SQL properties. - $ref: '#/components/schemas/CloudSqlProperties' - aws: - description: Amazon Web Services (AWS) properties. - $ref: '#/components/schemas/AwsProperties' - azure: - description: Azure properties. - $ref: '#/components/schemas/AzureProperties' - cloudSpanner: - description: Cloud Spanner properties. - $ref: '#/components/schemas/CloudSpannerProperties' - cloudResource: - description: Cloud Resource properties. - $ref: '#/components/schemas/CloudResourceProperties' - spark: - description: Spark properties. - $ref: '#/components/schemas/SparkProperties' - salesforceDataCloud: - description: >- - Optional. Salesforce DataCloud properties. This field is intended - for use only by Salesforce partner projects. This field contains - properties for your Salesforce DataCloud connection. - $ref: '#/components/schemas/SalesforceDataCloudProperties' - configuration: - description: Optional. Connector configuration. - $ref: '#/components/schemas/ConnectorConfiguration' - creationTime: - description: Output only. The creation timestamp of the connection. - readOnly: true - type: string - format: int64 - lastModifiedTime: - description: Output only. The last update timestamp of the connection. - readOnly: true - type: string - format: int64 - hasCredential: - description: Output only. True, if credential is configured for this connection. - readOnly: true - type: boolean - kmsKeyName: + networkAttachment: description: >- - Optional. The Cloud KMS key that is used for credentials encryption. - If omitted, internal Google owned encryption keys are used. Example: - `projects/[kms_project_id]/locations/[region]/keyRings/[key_region]/cryptoKeys/[key]` + Required. Network Attachment name in the format of + `projects/{project}/regions/{region}/networkAttachments/{networkattachment}`. type: string - CloudSqlProperties: - id: CloudSqlProperties - description: Connection properties specific to the Cloud SQL. + id: ConnectorConfigurationPrivateServiceConnect + ConnectorConfigurationAuthentication: type: object + description: Client authentication. properties: - instanceId: - description: Cloud SQL instance ID in the form `project:location:instance`. - type: string - database: - description: Database name. - type: string - type: - description: Type of the Cloud SQL database. - type: string - enumDescriptions: - - Unspecified database type. - - Cloud SQL for PostgreSQL. - - Cloud SQL for MySQL. - enum: - - DATABASE_TYPE_UNSPECIFIED - - POSTGRES - - MYSQL - credential: - description: Input only. Cloud SQL credential. - $ref: '#/components/schemas/CloudSqlCredential' - serviceAccountId: - description: >- - Output only. The account ID of the service used for the purpose of - this connection. When the connection is used in the context of an - operation in BigQuery, this service account will serve as the - identity being used for connecting to the CloudSQL instance - specified in this connection. + usernamePassword: + $ref: '#/components/schemas/ConnectorConfigurationUsernamePassword' + description: Username/password authentication. + serviceAccount: readOnly: true + description: >- + Output only. Google-managed service account associated with this + connection, e.g., + `service-{project_number}@gcp-sa-bigqueryconnection.iam.gserviceaccount.com`. + BigQuery jobs using this connection will act as `service_account` + identity while connecting to the datasource. type: string - CloudSqlCredential: - id: CloudSqlCredential - description: Credential info for the Cloud SQL. - type: object + id: ConnectorConfigurationAuthentication + ConnectorConfigurationUsernamePassword: properties: username: - description: The username for the credential. type: string + description: Required. Username. password: - description: The password for the credential. + $ref: '#/components/schemas/ConnectorConfigurationSecret' + description: Required. Password. + description: Username and Password authentication. + id: ConnectorConfigurationUsernamePassword + type: object + ConnectorConfigurationEndpoint: + id: ConnectorConfigurationEndpoint + description: Remote endpoint specification. + type: object + properties: + hostPort: type: string + description: >- + Host and port in a format of `hostname:port` as defined in + https://www.ietf.org/rfc/rfc3986.html#section-3.2.2 and + https://www.ietf.org/rfc/rfc3986.html#section-3.2.3. AwsProperties: - id: AwsProperties - description: Connection properties specific to Amazon Web Services (AWS). type: object properties: accessRole: + $ref: '#/components/schemas/AwsAccessRole' description: >- Authentication using Google owned service account to assume into customer's AWS IAM Role. - $ref: '#/components/schemas/AwsAccessRole' - AwsAccessRole: - id: AwsAccessRole + id: AwsProperties + description: Connection properties specific to Amazon Web Services (AWS). + AuditLogConfig: description: >- - Authentication method for Amazon Web Services (AWS) that uses Google - owned Google service account to assume into customer's AWS IAM Role. + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. type: object properties: - iamRoleId: - description: >- - The user’s AWS IAM Role that trusts the Google-owned AWS IAM user - Connection. - type: string - identity: + exemptedMembers: + items: + type: string description: >- - A unique Google-owned and Google-generated identity for the - Connection. This identity will be used to access the user's AWS IAM - Role. + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + type: array + logType: type: string - AzureProperties: - id: AzureProperties - description: Container for connection properties specific to Azure. + description: The log type that this config enables. + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + id: AuditLogConfig + SparkProperties: type: object properties: - application: - description: Output only. The name of the Azure Active Directory Application. - readOnly: true - type: string - clientId: - description: >- - Output only. The client id of the Azure Active Directory - Application. - readOnly: true - type: string - objectId: + serviceAccountId: description: >- - Output only. The object id of the Azure Active Directory - Application. + Output only. The account ID of the service created for the purpose + of this connection. The service account does not have any + permissions associated with it when it is created. After creation, + customers delegate permissions to the service account. When the + connection is used in the context of a stored procedure for Apache + Spark in BigQuery, the service account is used to connect to the + desired resources in Google Cloud. The account ID is in the form of: + bqcx--@gcp-sa-bigquery-consp.iam.gserviceaccount.com readOnly: true type: string - customerTenantId: - description: The id of customer's directory that host the data. - type: string - redirectUri: - description: >- - The URL user will be redirected to after granting consent during - connection setup. - type: string - federatedApplicationClientId: - description: >- - The client ID of the user's Azure Active Directory Application used - for a federated connection. - type: string - identity: + sparkHistoryServerConfig: + $ref: '#/components/schemas/SparkHistoryServerConfig' + description: Optional. Spark History Server configuration for the connection. + metastoreServiceConfig: + $ref: '#/components/schemas/MetastoreServiceConfig' description: >- - Output only. A unique Google-owned and Google-generated identity for - the Connection. This identity will be used to access the user's - Azure Active Directory Application. - readOnly: true - type: string - CloudSpannerProperties: - id: CloudSpannerProperties - description: Connection properties specific to Cloud Spanner. + Optional. Dataproc Metastore Service configuration for the + connection. + id: SparkProperties + description: >- + Container for connection properties to execute stored procedures for + Apache Spark. + AuditConfig: type: object + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + id: AuditConfig properties: - database: - description: Cloud Spanner database in the form `project/instance/database' - type: string - useParallelism: - description: If parallelism should be used when reading from Cloud Spanner - type: boolean - maxParallelism: - description: >- - Allows setting max parallelism per query when executing on Spanner - independent compute resources. If unspecified, default values of - parallelism are chosen that are dependent on the Cloud Spanner - instance configuration. REQUIRES: `use_parallelism` must be set. - REQUIRES: `use_data_boost` must be set. - type: integer - format: int32 - useServerlessAnalytics: - description: >- - Deprecated: prefer use_data_boost instead. If the serverless - analytics service should be used to read data from Cloud Spanner. - Note: `use_parallelism` must be set when using serverless analytics. - deprecated: true - type: boolean - useDataBoost: - description: >- - If set, the request will be executed via Spanner independent compute - resources. REQUIRES: `use_parallelism` must be set. - type: boolean - databaseRole: + service: description: >- - Optional. Cloud Spanner database role for fine-grained access - control. The Cloud Spanner admin should have provisioned the - database role with appropriate permissions, such as `SELECT` and - `INSERT`. Other users should only use roles provided by their Cloud - Spanner admins. For more details, see [About fine-grained access - control] (https://cloud.google.com/spanner/docs/fgac-about). - REQUIRES: The database role name must start with a letter, and can - only contain letters, numbers, and underscores. + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. type: string - CloudResourceProperties: - id: CloudResourceProperties + auditLogConfigs: + type: array + items: + $ref: '#/components/schemas/AuditLogConfig' + description: The configuration for logging of each type of permission. + Connection: + id: Connection description: >- - Container for connection properties for delegation of access to GCP - resources. + Configuration parameters to establish connection with an external data + source, except the credential attributes. type: object properties: - serviceAccountId: + azure: + $ref: '#/components/schemas/AzureProperties' + description: Azure properties. + cloudSql: + $ref: '#/components/schemas/CloudSqlProperties' + description: Cloud SQL properties. + configuration: + $ref: '#/components/schemas/ConnectorConfiguration' + description: Optional. Connector configuration. + description: + description: User provided description. + type: string + kmsKeyName: + type: string description: >- - Output only. The account ID of the service created for the purpose - of this connection. The service account does not have any - permissions associated with it when it is created. After creation, - customers delegate permissions to the service account. When the - connection is used in the context of an operation in BigQuery, the - service account will be used to connect to the desired resources in - GCP. The account ID is in the form of: - @gcp-sa-bigquery-cloudresource.iam.gserviceaccount.com + Optional. The Cloud KMS key that is used for credentials encryption. + If omitted, internal Google owned encryption keys are used. Example: + `projects/[kms_project_id]/locations/[region]/keyRings/[key_region]/cryptoKeys/[key]` + creationTime: + format: int64 + description: Output only. The creation timestamp of the connection. + readOnly: true + type: string + friendlyName: + description: User provided display name for the connection. + type: string + aws: + description: Amazon Web Services (AWS) properties. + $ref: '#/components/schemas/AwsProperties' + cloudResource: + $ref: '#/components/schemas/CloudResourceProperties' + description: Cloud Resource properties. + spark: + $ref: '#/components/schemas/SparkProperties' + description: Spark properties. + lastModifiedTime: readOnly: true + description: Output only. The last update timestamp of the connection. + format: int64 type: string - SparkProperties: - id: SparkProperties - description: >- - Container for connection properties to execute stored procedures for - Apache Spark. - type: object - properties: - serviceAccountId: + cloudSpanner: + $ref: '#/components/schemas/CloudSpannerProperties' + description: Cloud Spanner properties. + salesforceDataCloud: + $ref: '#/components/schemas/SalesforceDataCloudProperties' description: >- - Output only. The account ID of the service created for the purpose - of this connection. The service account does not have any - permissions associated with it when it is created. After creation, - customers delegate permissions to the service account. When the - connection is used in the context of a stored procedure for Apache - Spark in BigQuery, the service account is used to connect to the - desired resources in Google Cloud. The account ID is in the form of: - bqcx--@gcp-sa-bigquery-consp.iam.gserviceaccount.com + Optional. Salesforce DataCloud properties. This field is intended + for use only by Salesforce partner projects. This field contains + properties for your Salesforce DataCloud connection. + name: readOnly: true type: string - metastoreServiceConfig: description: >- - Optional. Dataproc Metastore Service configuration for the - connection. - $ref: '#/components/schemas/MetastoreServiceConfig' - sparkHistoryServerConfig: - description: Optional. Spark History Server configuration for the connection. - $ref: '#/components/schemas/SparkHistoryServerConfig' + Output only. The resource name of the connection in the form of: + `projects/{project_id}/locations/{location_id}/connections/{connection_id}` + hasCredential: + readOnly: true + type: boolean + description: Output only. True, if credential is configured for this connection. MetastoreServiceConfig: - id: MetastoreServiceConfig - description: Configuration of the Dataproc Metastore Service. type: object properties: metastoreService: @@ -317,23 +261,39 @@ components: Example: * `projects/[project_id]/locations/[region]/services/[service_id]` type: string - SparkHistoryServerConfig: - id: SparkHistoryServerConfig - description: Configuration of the Spark History Server. + description: Configuration of the Dataproc Metastore Service. + id: MetastoreServiceConfig + AwsAccessRole: type: object + description: >- + Authentication method for Amazon Web Services (AWS) that uses Google + owned Google service account to assume into customer's AWS IAM Role. properties: - dataprocCluster: + identity: description: >- - Optional. Resource name of an existing Dataproc Cluster to act as a - Spark History Server for the connection. Example: * - `projects/[project_id]/regions/[region]/clusters/[cluster_name]` + A unique Google-owned and Google-generated identity for the + Connection. This identity will be used to access the user's AWS IAM + Role. + type: string + iamRoleId: + description: >- + The user’s AWS IAM Role that trusts the Google-owned AWS IAM user + Connection. type: string + id: AwsAccessRole + Empty: + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + properties: {} SalesforceDataCloudProperties: - id: SalesforceDataCloudProperties description: >- Connection properties specific to Salesforce DataCloud. This is intended for use only by Salesforce partner projects. - type: object properties: instanceUri: description: The URL to the user's Salesforce DataCloud instance. @@ -342,164 +302,138 @@ components: description: >- Output only. A unique Google-owned and Google-generated service account identity for the connection. - readOnly: true type: string + readOnly: true tenantId: - description: The ID of the user's Salesforce tenant. - type: string - ConnectorConfiguration: - id: ConnectorConfiguration - description: Represents concrete parameter values for Connector Configuration. - type: object - properties: - connectorId: - description: >- - Required. Immutable. The ID of the Connector these parameters are - configured for. type: string - endpoint: - description: >- - Specifies how to reach the remote system this connection is pointing - to. - $ref: '#/components/schemas/ConnectorConfigurationEndpoint' - authentication: - description: Client authentication. - $ref: '#/components/schemas/ConnectorConfigurationAuthentication' - network: - description: Networking configuration. - $ref: '#/components/schemas/ConnectorConfigurationNetwork' - asset: - description: Data asset. - $ref: '#/components/schemas/ConnectorConfigurationAsset' - ConnectorConfigurationEndpoint: - id: ConnectorConfigurationEndpoint - description: Remote endpoint specification. + description: The ID of the user's Salesforce tenant. + id: SalesforceDataCloudProperties type: object - properties: - hostPort: - description: >- - Host and port in a format of `hostname:port` as defined in - https://www.ietf.org/rfc/rfc3986.html#section-3.2.2 and - https://www.ietf.org/rfc/rfc3986.html#section-3.2.3. - type: string - ConnectorConfigurationAuthentication: - id: ConnectorConfigurationAuthentication - description: Client authentication. + CloudSqlProperties: + id: CloudSqlProperties type: object + description: Connection properties specific to the Cloud SQL. properties: - usernamePassword: - description: Username/password authentication. - $ref: '#/components/schemas/ConnectorConfigurationUsernamePassword' - serviceAccount: + serviceAccountId: description: >- - Output only. Google-managed service account associated with this - connection, e.g., - `service-{project_number}@gcp-sa-bigqueryconnection.iam.gserviceaccount.com`. - BigQuery jobs using this connection will act as `service_account` - identity while connecting to the datasource. - readOnly: true - type: string - ConnectorConfigurationUsernamePassword: - id: ConnectorConfigurationUsernamePassword - description: Username and Password authentication. - type: object - properties: - username: - description: Required. Username. - type: string - password: - description: Required. Password. - $ref: '#/components/schemas/ConnectorConfigurationSecret' - ConnectorConfigurationSecret: - id: ConnectorConfigurationSecret - description: Secret value parameter. - type: object - properties: - plaintext: - description: Input only. Secret as plaintext. + Output only. The account ID of the service used for the purpose of + this connection. When the connection is used in the context of an + operation in BigQuery, this service account will serve as the + identity being used for connecting to the CloudSQL instance + specified in this connection. type: string - secretType: - description: >- - Output only. Indicates type of secret. Can be used to check type of - stored secret value even if it's `INPUT_ONLY`. readOnly: true + credential: + description: Input only. Cloud SQL credential. + $ref: '#/components/schemas/CloudSqlCredential' + database: type: string + description: Database name. + type: enumDescriptions: - - '' - - '' + - Unspecified database type. + - Cloud SQL for PostgreSQL. + - Cloud SQL for MySQL. + type: string + description: Type of the Cloud SQL database. enum: - - SECRET_TYPE_UNSPECIFIED - - PLAINTEXT - ConnectorConfigurationNetwork: - id: ConnectorConfigurationNetwork - description: Network related configuration. - type: object - properties: - privateServiceConnect: - description: Private Service Connect networking configuration. - $ref: '#/components/schemas/ConnectorConfigurationPrivateServiceConnect' - ConnectorConfigurationPrivateServiceConnect: - id: ConnectorConfigurationPrivateServiceConnect - description: Private Service Connect configuration. - type: object - properties: - networkAttachment: - description: >- - Required. Network Attachment name in the format of - `projects/{project}/regions/{region}/networkAttachments/{networkattachment}`. + - DATABASE_TYPE_UNSPECIFIED + - POSTGRES + - MYSQL + instanceId: + description: Cloud SQL instance ID in the form `project:location:instance`. type: string - ConnectorConfigurationAsset: - id: ConnectorConfigurationAsset - description: >- - Data Asset - a resource within instance of the system, reachable under - specified endpoint. For example a database name in a SQL DB. + Binding: + description: Associates `members`, or principals, with a `role`. type: object properties: - database: - description: Name of the database. - type: string - googleCloudResource: + role: description: >- - Full Google Cloud resource name - - https://cloud.google.com/apis/design/resource_names#full_resource_name. - Example: `//library.googleapis.com/shelves/shelf1/books/book2` - type: string - ListConnectionsResponse: - id: ListConnectionsResponse - description: The response for ConnectionService.ListConnections. - type: object - properties: - nextPageToken: - description: Next page token. + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). type: string - connections: - description: List of connections. - type: array + members: items: - $ref: '#/components/schemas/Connection' - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - GetIamPolicyRequest: - id: GetIamPolicyRequest - description: Request message for `GetIamPolicy` method. - type: object - properties: - options: + type: string + type: array + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + condition: description: >- - OPTIONAL: A `GetPolicyOptions` object for specifying options to - `GetIamPolicy`. - $ref: '#/components/schemas/GetPolicyOptions' + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + id: Binding GetPolicyOptions: - id: GetPolicyOptions - description: Encapsulates settings provided to GetIamPolicy. type: object + id: GetPolicyOptions properties: requestedPolicyVersion: description: >- @@ -514,10 +448,31 @@ components: bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer format: int32 + type: integer + description: Encapsulates settings provided to GetIamPolicy. + ConnectorConfigurationSecret: + description: Secret value parameter. + properties: + plaintext: + type: string + description: Input only. Secret as plaintext. + secretType: + readOnly: true + enum: + - SECRET_TYPE_UNSPECIFIED + - PLAINTEXT + type: string + description: >- + Output only. Indicates type of secret. Can be used to check type of + stored secret value even if it's `INPUT_ONLY`. + enumDescriptions: + - '' + - '' + type: object + id: ConnectorConfigurationSecret Policy: - id: Policy + type: object description: >- An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of @@ -552,9 +507,11 @@ components: timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). - type: object + id: Policy properties: version: + format: int32 + type: integer description: >- Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any @@ -572,28 +529,14 @@ components: specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: - description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' auditConfigs: description: Specifies cloud audit logging configuration for this policy. - type: array items: $ref: '#/components/schemas/AuditConfig' + type: array etag: + type: string + format: byte description: >- `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each @@ -607,122 +550,108 @@ components: `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. - type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + bindings: + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + items: + $ref: '#/components/schemas/Binding' + type: array + ConnectorConfigurationAsset: + description: >- + Data Asset - a resource within instance of the system, reachable under + specified endpoint. For example a database name in a SQL DB. type: object + id: ConnectorConfigurationAsset properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + database: + description: Name of the database. type: string - members: + googleCloudResource: description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + Full Google Cloud resource name - + https://cloud.google.com/apis/design/resource_names#full_resource_name. + Example: `//library.googleapis.com/shelves/shelf1/books/book2` + type: string + TestIamPermissionsRequest: + id: TestIamPermissionsRequest + description: Request message for `TestIamPermissions` method. + type: object + properties: + permissions: type: array - items: - type: string - condition: description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + items: + type: string + ListConnectionsResponse: + properties: + connections: + items: + $ref: '#/components/schemas/Connection' + type: array + description: List of connections. + nextPageToken: + description: Next page token. + type: string + id: ListConnectionsResponse + description: The response for ConnectionService.ListConnections. + type: object + AzureProperties: type: object + id: AzureProperties + description: Container for connection properties specific to Azure. properties: - expression: + customerTenantId: + type: string + description: The id of customer's directory that host the data. + application: + type: string + readOnly: true + description: Output only. The name of the Azure Active Directory Application. + clientId: + readOnly: true description: >- - Textual representation of an expression in Common Expression - Language syntax. + Output only. The client id of the Azure Active Directory + Application. type: string + federatedApplicationClientId: + description: >- + The client ID of the user's Azure Active Directory Application used + for a federated connection. + type: string + objectId: + description: >- + Output only. The object id of the Azure Active Directory + Application. + readOnly: true + type: string + redirectUri: + description: >- + The URL user will be redirected to after granting consent during + connection setup. + type: string + identity: + description: >- + Output only. A unique Google-owned and Google-generated identity for + the Connection. This identity will be used to access the user's + Azure Active Directory Application. + type: string + readOnly: true + Expr: + type: object + id: Expr + properties: title: description: >- Optional. Title for the expression, i.e. a short string describing @@ -730,82 +659,72 @@ components: expression. type: string description: + type: string description: >- Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. - type: string location: description: >- Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. type: string - AuditConfig: - id: AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. - type: object - properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. + expression: type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig + description: >- + Textual representation of an expression in Common Expression + Language syntax. description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + CloudResourceProperties: + description: >- + Container for connection properties for delegation of access to GCP + resources. + id: CloudResourceProperties type: object properties: - logType: - description: The log type that this config enables. + serviceAccountId: + readOnly: true type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array + Output only. The account ID of the service created for the purpose + of this connection. The service account does not have any + permissions associated with it when it is created. After creation, + customers delegate permissions to the service account. When the + connection is used in the context of an operation in BigQuery, the + service account will be used to connect to the desired resources in + GCP. The account ID is in the form of: + @gcp-sa-bigquery-cloudresource.iam.gserviceaccount.com + TestIamPermissionsResponse: + properties: + permissions: items: type: string + type: array + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + id: TestIamPermissionsResponse + description: Response message for `TestIamPermissions` method. + type: object SetIamPolicyRequest: + type: object id: SetIamPolicyRequest description: Request message for `SetIamPolicy` method. - type: object properties: policy: description: >- @@ -815,39 +734,120 @@ components: might reject them. $ref: '#/components/schemas/Policy' updateMask: + format: google-fieldmask description: >- OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"` type: string - format: google-fieldmask - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. + SparkHistoryServerConfig: + properties: + dataprocCluster: + description: >- + Optional. Resource name of an existing Dataproc Cluster to act as a + Spark History Server for the connection. Example: * + `projects/[project_id]/regions/[region]/clusters/[cluster_name]` + type: string + description: Configuration of the Spark History Server. + type: object + id: SparkHistoryServerConfig + CloudSpannerProperties: + type: object + id: CloudSpannerProperties + description: Connection properties specific to Cloud Spanner. + properties: + useParallelism: + type: boolean + description: If parallelism should be used when reading from Cloud Spanner + useDataBoost: + type: boolean + description: >- + If set, the request will be executed via Spanner independent compute + resources. REQUIRES: `use_parallelism` must be set. + maxParallelism: + format: int32 + type: integer + description: >- + Allows setting max parallelism per query when executing on Spanner + independent compute resources. If unspecified, default values of + parallelism are chosen that are dependent on the Cloud Spanner + instance configuration. REQUIRES: `use_parallelism` must be set. + REQUIRES: `use_data_boost` must be set. + database: + description: Cloud Spanner database in the form `project/instance/database' + type: string + databaseRole: + description: >- + Optional. Cloud Spanner database role for fine-grained access + control. The Cloud Spanner admin should have provisioned the + database role with appropriate permissions, such as `SELECT` and + `INSERT`. Other users should only use roles provided by their Cloud + Spanner admins. For more details, see [About fine-grained access + control] (https://cloud.google.com/spanner/docs/fgac-about). + REQUIRES: The database role name must start with a letter, and can + only contain letters, numbers, and underscores. + type: string + useServerlessAnalytics: + description: >- + Deprecated: prefer use_data_boost instead. If the serverless + analytics service should be used to read data from Cloud Spanner. + Note: `use_parallelism` must be set when using serverless analytics. + type: boolean + deprecated: true + ConnectorConfiguration: + properties: + asset: + $ref: '#/components/schemas/ConnectorConfigurationAsset' + description: Data asset. + connectorId: + description: >- + Required. Immutable. The ID of the Connector these parameters are + configured for. + type: string + endpoint: + $ref: '#/components/schemas/ConnectorConfigurationEndpoint' + description: >- + Specifies how to reach the remote system this connection is pointing + to. + authentication: + description: Client authentication. + $ref: '#/components/schemas/ConnectorConfigurationAuthentication' + network: + $ref: '#/components/schemas/ConnectorConfigurationNetwork' + description: Networking configuration. + id: ConnectorConfiguration + type: object + description: Represents concrete parameter values for Connector Configuration. + CloudSqlCredential: + description: Credential info for the Cloud SQL. + type: object + properties: + password: + type: string + description: The password for the credential. + username: + type: string + description: The username for the credential. + id: CloudSqlCredential + ConnectorConfigurationNetwork: + id: ConnectorConfigurationNetwork type: object properties: - permissions: - description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object + privateServiceConnect: + description: Private Service Connect networking configuration. + $ref: '#/components/schemas/ConnectorConfigurationPrivateServiceConnect' + description: Network related configuration. + GetIamPolicyRequest: properties: - permissions: + options: + $ref: '#/components/schemas/GetPolicyOptions' description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string + OPTIONAL: A `GetPolicyOptions` object for specifying options to + `GetIamPolicy`. + id: GetIamPolicyRequest + type: object + description: Request message for `GetIamPolicy` method. parameters: access_token: description: OAuth access token. @@ -855,6 +855,12 @@ components: name: access_token schema: type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string alt: description: Data format for response. in: query @@ -865,16 +871,22 @@ components: - json - media - proto - callback: - description: JSONP + _.xgafv: + description: V1 error format. in: query - name: callback + name: $.xgafv schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + enum: + - '1' + - '2' + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: fields + name: quotaUser schema: type: string key: @@ -886,25 +898,10 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + callback: + description: JSONP in: query - name: quotaUser + name: callback schema: type: string upload_protocol: @@ -913,34 +910,30 @@ components: name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: uploadType + name: oauth_token schema: type: string - _.xgafv: - description: V1 error format. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: $.xgafv + name: fields schema: type: string - enum: - - '1' - - '2' + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean x-stackQL-resources: connections: id: google.bigqueryconnection.connections name: connections title: Connections methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections/post - response: - mediaType: application/json - openAPIDocKey: '200' list: operation: $ref: >- @@ -949,10 +942,10 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.connections - get: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections/post response: mediaType: application/json openAPIDocKey: '200' @@ -970,6 +963,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/connections/methods/get' @@ -986,14 +986,13 @@ components: name: connections_iam_policies title: Connections_iam_policies methods: - get_iam_policy: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings set_iam_policy: operation: $ref: >- @@ -1001,13 +1000,14 @@ components: response: mediaType: application/json openAPIDocKey: '200' - test_iam_permissions: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- @@ -1022,24 +1022,19 @@ paths: /v1/projects/{projectsId}/locations/{locationsId}/connections: parameters: &ref_1 - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - post: - description: Creates a new connection. - operationId: bigqueryconnection.projects.locations.connections.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Connection' + get: + description: Returns a list of connections in the given project. + operationId: bigqueryconnection.projects.locations.connections.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -1055,7 +1050,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Connection' + $ref: '#/components/schemas/ListConnectionsResponse' parameters: - in: path name: projectsId @@ -1068,12 +1063,22 @@ paths: schema: type: string - in: query - name: connectionId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - get: - description: Returns a list of connections in the given project. - operationId: bigqueryconnection.projects.locations.connections.list + post: + description: Creates a new connection. + operationId: bigqueryconnection.projects.locations.connections.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Connection' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -1089,7 +1094,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListConnectionsResponse' + $ref: '#/components/schemas/Connection' parameters: - in: path name: projectsId @@ -1102,19 +1107,21 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: connectionId schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}: parameters: *ref_1 - get: - description: Returns specified connection. - operationId: bigqueryconnection.projects.locations.connections.get + patch: + description: >- + Updates the specified connection. For security reasons, also resets + credential if connection properties are in the update field mask. + operationId: bigqueryconnection.projects.locations.connections.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Connection' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -1147,16 +1154,14 @@ paths: required: true schema: type: string - patch: - description: >- - Updates the specified connection. For security reasons, also resets - credential if connection properties are in the update field mask. - operationId: bigqueryconnection.projects.locations.connections.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Connection' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes connection and associated credential. + operationId: bigqueryconnection.projects.locations.connections.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -1172,7 +1177,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Connection' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -1189,14 +1194,9 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes connection and associated credential. - operationId: bigqueryconnection.projects.locations.connections.delete + get: + description: Returns specified connection. + operationId: bigqueryconnection.projects.locations.connections.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -1212,7 +1212,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Connection' parameters: - in: path name: projectsId @@ -1229,18 +1229,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:testIamPermissions: parameters: *ref_1 post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: bigqueryconnection.projects.locations.connections.getIamPolicy + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: bigqueryconnection.projects.locations.connections.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -1256,7 +1259,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -1318,21 +1321,18 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:getIamPolicy: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: bigqueryconnection.projects.locations.connections.testIamPermissions + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: bigqueryconnection.projects.locations.connections.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -1348,7 +1348,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId diff --git a/providers/src/googleapis.com/v00.00.00000/services/bigquerydatapolicy.yaml b/providers/src/googleapis.com/v00.00.00000/services/bigquerydatapolicy.yaml index ceb863e4..f4dfa314 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/bigquerydatapolicy.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/bigquerydatapolicy.yaml @@ -6,9 +6,9 @@ info: email: info@stackql.io title: BigQuery Data Policy API description: Allows users to manage BigQuery data policies. - version: v1 - x-discovery-doc-revision: '20250808' - x-generated-date: '2025-08-28' + version: v2 + x-discovery-doc-revision: '20251112' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/bigquery/docs/column-data-masking servers: @@ -37,51 +37,113 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: + CreateDataPolicyRequest: + id: CreateDataPolicyRequest + description: Request message for the CreateDataPolicy method. + type: object + properties: + dataPolicyId: + description: >- + Required. User-assigned (human readable) ID of the data policy that + needs to be unique within a project. Used as {data_policy_id} in + part of the resource name. + type: string + dataPolicy: + description: >- + Required. The data policy to create. The `name` field does not need + to be provided for the data policy creation. + $ref: '#/components/schemas/DataPolicy' DataPolicy: id: DataPolicy description: Represents the label-policy binding. type: object properties: - policyTag: - description: >- - Policy tag resource name, in the format of - `projects/{project_number}/locations/{location_id}/taxonomies/{taxonomy_id}/policyTags/{policyTag_id}`. - type: string dataMaskingPolicy: - description: The data masking policy that specifies the data masking rule to use. + description: >- + Optional. The data masking policy that specifies the data masking + rule to use. It must be set if the data policy type is + DATA_MASKING_POLICY. $ref: '#/components/schemas/DataMaskingPolicy' name: description: >- - Output only. Resource name of this data policy, in the format of + Identifier. Resource name of this data policy, in the format of `projects/{project_number}/locations/{location_id}/dataPolicies/{data_policy_id}`. + type: string + dataPolicyId: + description: >- + Output only. User-assigned (human readable) ID of the data policy + that needs to be unique within a project. Used as {data_policy_id} + in part of the resource name. readOnly: true type: string + etag: + description: >- + The etag for this Data Policy. This field is used for + UpdateDataPolicy calls. If Data Policy exists, this field is + required and must match the server's etag. It will also be populated + in the response of GetDataPolicy, CreateDataPolicy, and + UpdateDataPolicy calls. + type: string dataPolicyType: - description: Required. Data policy type. Type of data policy. + description: Required. Type of data policy. type: string enumDescriptions: - Default value for the data policy type. This should not be used. + - Used to create a data policy for data masking. + - Used to create a data policy for raw data access. - >- Used to create a data policy for column-level security, without - data masking. - - Used to create a data policy for data masking. + data masking. This is deprecated in V2 api and only present to + support GET and LIST operations for V1 data policies in V2 api. enum: - DATA_POLICY_TYPE_UNSPECIFIED - - COLUMN_LEVEL_SECURITY_POLICY - DATA_MASKING_POLICY - dataPolicyId: + - RAW_DATA_ACCESS_POLICY + - COLUMN_LEVEL_SECURITY_POLICY + policyTag: + description: >- + Output only. Policy tag resource name, in the format of + `projects/{project_number}/locations/{location_id}/taxonomies/{taxonomy_id}/policyTags/{policyTag_id}`. + policy_tag is supported only for V1 data policies. + readOnly: true + type: string + grantees: description: >- - User-assigned (human readable) ID of the data policy that needs to - be unique within a project. Used as {data_policy_id} in part of the - resource name. + Optional. The list of IAM principals that have Fine Grained Access + to the underlying data goverened by this data policy. Uses the [IAM + V2 principal + syntax](https://cloud.google.com/iam/docs/principal-identifiers#v2) + Only supports principal types users, groups, serviceaccounts, + cloudidentity. This field is supported in V2 Data Policy only. In + case of V1 data policies (i.e. verion = 1 and policy_tag is set), + this field is not populated. + type: array + items: + type: string + version: + description: Output only. The version of the Data Policy resource. + readOnly: true type: string + enumDescriptions: + - >- + Default value for the data policy version. This should not be + used. + - >- + V1 data policy version. V1 Data Policies will be present in V2 + List api response, but can not be created/updated/deleted from V2 + api. + - V2 data policy version. + enum: + - VERSION_UNSPECIFIED + - V1 + - V2 DataMaskingPolicy: id: DataMaskingPolicy - description: The data masking policy that is used to specify data masking rule. + description: The policy used to specify data masking rule. type: object properties: predefinedExpression: - description: A predefined masking expression. + description: Optional. A predefined masking expression. type: string enumDescriptions: - >- @@ -112,15 +174,23 @@ components: follows: * Syntax-valid email address: Replace username with XXXXX. For example, cloudysanfrancisco@gmail.com becomes XXXXX@gmail.com. * Syntax-invalid email address: Apply SHA-256 - hash. For more information, see Email mask. + hash. For more information, see [Email + mask](https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options). - >- Masking expression to only show the *year* of `Date`, `DateTime` and `TimeStamp`. For example, with the year 2076: * DATE : 2076-01-01 * DATETIME : 2076-01-01T00:00:00 * TIMESTAMP : 2076-01-01 00:00:00 UTC Truncation occurs according to the UTC time zone. To change this, adjust the default time zone using the - `time_zone` system variable. For more information, see the System - variables reference. + `time_zone` system variable. For more information, see [System + variables + reference](https://cloud.google.com/bigquery/docs/reference/system-variables). + - >- + Masking expression that uses hashing to mask column data. It + differs from SHA256 in that a unique random value is generated for + each query and is added to the hash input, resulting in the hash / + masked result to be different for each query. Hence the name + "random hash". enum: - PREDEFINED_EXPRESSION_UNSPECIFIED - SHA256 @@ -130,20 +200,45 @@ components: - FIRST_FOUR_CHARACTERS - EMAIL_MASK - DATE_YEAR_MASK + - RANDOM_HASH routine: description: >- - The name of the BigQuery routine that contains the custom masking - routine, in the format of + Optional. The name of the BigQuery routine that contains the custom + masking routine, in the format of `projects/{project_number}/datasets/{dataset_id}/routines/{routine_id}`. type: string - RenameDataPolicyRequest: - id: RenameDataPolicyRequest - description: Request message for the RenameDataPolicy method. + AddGranteesRequest: + id: AddGranteesRequest + description: Request message for the AddGrantees method. type: object properties: - newDataPolicyId: - description: Required. The new data policy id. - type: string + grantees: + description: >- + Required. IAM principal that should be granted Fine Grained Access + to the underlying data goverened by the data policy. The target data + policy is determined by the `data_policy` field. Uses the [IAM V2 + principal + syntax](https://cloud.google.com/iam/docs/principal-identifiers#v2). + Supported principal types: * User * Group * Service account + type: array + items: + type: string + RemoveGranteesRequest: + id: RemoveGranteesRequest + description: Request message for the RemoveGrantees method. + type: object + properties: + grantees: + description: >- + Required. IAM principal that should be revoked from Fine Grained + Access to the underlying data goverened by the data policy. The + target data policy is determined by the `data_policy` field. Uses + the [IAM V2 principal + syntax](https://cloud.google.com/iam/docs/principal-identifiers#v2). + Supported principal types: * User * Group * Service account + type: array + items: + type: string Empty: id: Empty description: >- @@ -619,14 +714,14 @@ components: create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies/get response: mediaType: application/json openAPIDocKey: '200' @@ -634,28 +729,21 @@ components: patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies~1{dataPoliciesId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies~1{dataPoliciesId}/patch response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies~1{dataPoliciesId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies~1{dataPoliciesId}/delete response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies~1{dataPoliciesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - rename: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies~1{dataPoliciesId}:rename/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies~1{dataPoliciesId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -670,6 +758,35 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/data_policies/methods/delete' + data_policies_grantees: + id: google.bigquerydatapolicy.data_policies_grantees + name: data_policies_grantees + title: Data_policies_grantees + methods: + add_grantees: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies~1{dataPoliciesId}:addGrantees/post + response: + mediaType: application/json + openAPIDocKey: '200' + remove_grantees: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies~1{dataPoliciesId}:removeGrantees/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: + - $ref: >- + #/components/x-stackQL-resources/data_policies_grantees/methods/add_grantees + update: [] + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/data_policies_grantees/methods/remove_grantees data_policies_iam_policies: id: google.bigquerydatapolicy.data_policies_iam_policies name: data_policies_iam_policies @@ -678,7 +795,7 @@ components: get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies~1{dataPoliciesId}:getIamPolicy/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies~1{dataPoliciesId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' @@ -686,14 +803,14 @@ components: set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies~1{dataPoliciesId}:setIamPolicy/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies~1{dataPoliciesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies~1{dataPoliciesId}:testIamPermissions/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dataPolicies~1{dataPoliciesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' @@ -708,7 +825,7 @@ components: #/components/x-stackQL-resources/data_policies_iam_policies/methods/set_iam_policy delete: [] paths: - /v1/projects/{projectsId}/locations/{locationsId}/dataPolicies: + /v2/projects/{projectsId}/locations/{locationsId}/dataPolicies: parameters: &ref_1 - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/alt' @@ -723,14 +840,14 @@ paths: - $ref: '#/components/parameters/_.xgafv' post: description: >- - Creates a new data policy under a project with the given `dataPolicyId` - (used as the display name), policy tag, and data policy type. + Creates a new data policy under a project with the given + `data_policy_id` (used as the display name), and data policy type. operationId: bigquerydatapolicy.projects.locations.dataPolicies.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/DataPolicy' + $ref: '#/components/schemas/CreateDataPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -801,18 +918,20 @@ paths: name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataPolicies/{dataPoliciesId}: + /v2/projects/{projectsId}/locations/{locationsId}/dataPolicies/{dataPoliciesId}:addGrantees: parameters: *ref_1 - patch: + post: description: >- - Updates the metadata for an existing data policy. The target data policy - can be specified by the resource name. - operationId: bigquerydatapolicy.projects.locations.dataPolicies.patch + Adds new grantees to a data policy. The new grantees will be added to + the existing grantees. If the request contains a duplicate grantee, the + grantee will be ignored. If the request contains a grantee that already + exists, the grantee will be ignored. + operationId: bigquerydatapolicy.projects.locations.dataPolicies.addGrantees requestBody: content: application/json: schema: - $ref: '#/components/schemas/DataPolicy' + $ref: '#/components/schemas/AddGranteesRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -845,18 +964,63 @@ paths: required: true schema: type: string - - in: query - name: updateMask + /v2/projects/{projectsId}/locations/{locationsId}/dataPolicies/{dataPoliciesId}:removeGrantees: + parameters: *ref_1 + post: + description: >- + Removes grantees from a data policy. The grantees will be removed from + the existing grantees. If the request contains a grantee that does not + exist, the grantee will be ignored. + operationId: bigquerydatapolicy.projects.locations.dataPolicies.removeGrantees + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RemoveGranteesRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/bigquery + Oauth2c: + - https://www.googleapis.com/auth/bigquery + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/DataPolicy' + parameters: + - in: path + name: projectsId + required: true schema: type: string - format: google-fieldmask - - in: query - name: allowMissing + - in: path + name: locationsId + required: true schema: - type: boolean - delete: - description: Deletes the data policy specified by its resource name. - operationId: bigquerydatapolicy.projects.locations.dataPolicies.delete + type: string + - in: path + name: dataPoliciesId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/dataPolicies/{dataPoliciesId}: + parameters: *ref_1 + patch: + description: >- + Updates the metadata for an existing data policy. The target data policy + can be specified by the resource name. + operationId: bigquerydatapolicy.projects.locations.dataPolicies.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DataPolicy' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -872,7 +1036,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/DataPolicy' parameters: - in: path name: projectsId @@ -890,12 +1054,17 @@ paths: schema: type: string - in: query - name: force + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: allowMissing schema: type: boolean - get: - description: Gets the data policy specified by its resource name. - operationId: bigquerydatapolicy.projects.locations.dataPolicies.get + delete: + description: Deletes the data policy specified by its resource name. + operationId: bigquerydatapolicy.projects.locations.dataPolicies.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -911,7 +1080,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DataPolicy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -928,16 +1097,9 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataPolicies/{dataPoliciesId}:rename: - parameters: *ref_1 - post: - description: Renames the id (display name) of the specified data policy. - operationId: bigquerydatapolicy.projects.locations.dataPolicies.rename - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RenameDataPolicyRequest' + get: + description: Gets the data policy specified by its resource name. + operationId: bigquerydatapolicy.projects.locations.dataPolicies.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -970,7 +1132,7 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataPolicies/{dataPoliciesId}:getIamPolicy: + /v2/projects/{projectsId}/locations/{locationsId}/dataPolicies/{dataPoliciesId}:getIamPolicy: parameters: *ref_1 post: description: Gets the IAM policy for the specified data policy. @@ -1012,7 +1174,7 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataPolicies/{dataPoliciesId}:setIamPolicy: + /v2/projects/{projectsId}/locations/{locationsId}/dataPolicies/{dataPoliciesId}:setIamPolicy: parameters: *ref_1 post: description: Sets the IAM policy for the specified data policy. @@ -1054,7 +1216,7 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataPolicies/{dataPoliciesId}:testIamPermissions: + /v2/projects/{projectsId}/locations/{locationsId}/dataPolicies/{dataPoliciesId}:testIamPermissions: parameters: *ref_1 post: description: Returns the caller's permission on the specified data policy resource. diff --git a/providers/src/googleapis.com/v00.00.00000/services/bigquerydatatransfer.yaml b/providers/src/googleapis.com/v00.00.00000/services/bigquerydatatransfer.yaml index 522a5a76..7430929a 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/bigquerydatatransfer.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/bigquerydatatransfer.yaml @@ -9,8 +9,8 @@ info: Schedule queries or transfer external data from SaaS applications to Google BigQuery on a regular basis. version: v1 - x-discovery-doc-revision: '20250821' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251109' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/bigquery-transfer/ servers: @@ -426,6 +426,21 @@ components: the latest config failure. readOnly: true $ref: '#/components/schemas/Status' + managedTableType: + description: The classification of the destination table. + type: string + enumDescriptions: + - Type unspecified. This defaults to `NATIVE` table. + - >- + The managed table is a native BigQuery table. This is the default + value. + - >- + The managed table is a BigQuery table for Apache Iceberg (formerly + BigLake managed tables), with a BigLake configuration. + enum: + - MANAGED_TABLE_TYPE_UNSPECIFIED + - NATIVE + - BIGLAKE ScheduleOptions: id: ScheduleOptions description: Options customizing the data transfer schedule. diff --git a/providers/src/googleapis.com/v00.00.00000/services/bigqueryreservation.yaml b/providers/src/googleapis.com/v00.00.00000/services/bigqueryreservation.yaml index 8f88240b..5e5bd4eb 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/bigqueryreservation.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/bigqueryreservation.yaml @@ -7,8 +7,8 @@ info: title: BigQuery Reservation API description: A service to modify your BigQuery reservations. version: v1 - x-discovery-doc-revision: '20250812' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251130' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/bigquery/ servers: @@ -22,12 +22,12 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 - https://www.googleapis.com/auth/bigquery: >- - View and manage your data in Google BigQuery and see the email - address for your Google Account https://www.googleapis.com/auth/cloud-platform: >- See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account. + https://www.googleapis.com/auth/bigquery: >- + View and manage your data in Google BigQuery and see the email + address for your Google Account Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -37,402 +37,281 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - Reservation: - id: Reservation - description: A reservation is a mechanism used to guarantee slots to users. + SearchAllAssignmentsResponse: type: object + description: The response for ReservationService.SearchAllAssignments. + id: SearchAllAssignmentsResponse properties: - name: + assignments: + items: + $ref: '#/components/schemas/Assignment' + type: array + description: List of assignments visible to the user. + nextPageToken: description: >- - Identifier. The resource name of the reservation, e.g., - `projects/*/locations/*/reservations/team1-prod`. The reservation_id - must only contain lower case alphanumeric characters or dashes. It - must start with a letter and must not end with a dash. Its maximum - length is 64 characters. + Token to retrieve the next page of results, or empty if there are no + more results in the list. type: string - slotCapacity: + Status: + properties: + code: + type: integer + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + details: + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any description: >- - Optional. Baseline slots available to this reservation. A slot is a - unit of computational power in BigQuery, and serves as the unit of - parallelism. Queries using this reservation might use more slots - during runtime if ignore_idle_slots is set to false, or autoscaling - is enabled. The total slot_capacity of the reservation and its - siblings may exceed the total slot_count of capacity commitments. In - that case, the exceeding slots will be charged with the autoscale - SKU. You can increase the number of baseline slots in a reservation - every few minutes. If you want to decrease your baseline slots, you - are limited to once an hour if you have recently changed your - baseline slot capacity and your baseline slots exceed your committed - slots. Otherwise, you can decrease your baseline slots every few - minutes. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + message: type: string - format: int64 - ignoreIdleSlots: description: >- - Optional. If false, any query or pipeline job using this reservation - will use idle slots from other reservations within the same admin - project. If true, a query or pipeline job using this reservation - will execute with the slot capacity specified in the slot_capacity - field at most. - type: boolean - autoscale: - description: Optional. The configuration parameters for the auto scaling feature. - $ref: '#/components/schemas/Autoscale' - concurrency: + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: object + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + id: Status + TableReference: + properties: + projectId: + description: Optional. The assigned project ID of the project. + type: string + tableId: + description: Optional. The ID of the table in the above dataset. + type: string + datasetId: + type: string + description: Optional. The ID of the dataset in the above project. + description: >- + Fully qualified reference to BigQuery table. Internally stored as + google.cloud.bi.v1.BqTableReference. + id: TableReference + type: object + ListReservationGroupsResponse: + type: object + id: ListReservationGroupsResponse + description: The response for ReservationService.ListReservationGroups. + properties: + reservationGroups: + description: List of reservations visible to the user. + items: + $ref: '#/components/schemas/ReservationGroup' + type: array + nextPageToken: + type: string description: >- - Optional. Job concurrency target which sets a soft upper bound on - the number of jobs that can run concurrently in this reservation. - This is a soft target due to asynchronous nature of the system and - various optimizations for small queries. Default value is 0 which - means that concurrency target will be automatically computed by the - system. NOTE: this field is exposed as target job concurrency in the - Information Schema, DDL and BigQuery CLI. + Token to retrieve the next page of results, or empty if there are no + more results in the list. + SplitCapacityCommitmentResponse: + description: The response for ReservationService.SplitCapacityCommitment. + type: object + properties: + first: + description: First capacity commitment, result of a split. + $ref: '#/components/schemas/CapacityCommitment' + second: + $ref: '#/components/schemas/CapacityCommitment' + description: Second capacity commitment, result of a split. + id: SplitCapacityCommitmentResponse + ListCapacityCommitmentsResponse: + properties: + capacityCommitments: + items: + $ref: '#/components/schemas/CapacityCommitment' + type: array + description: List of capacity commitments visible to the user. + nextPageToken: type: string - format: int64 - creationTime: - description: Output only. Creation time of the reservation. + description: >- + Token to retrieve the next page of results, or empty if there are no + more results in the list. + type: object + id: ListCapacityCommitmentsResponse + description: The response for ReservationService.ListCapacityCommitments. + CapacityCommitment: + id: CapacityCommitment + description: >- + Capacity commitment is a way to purchase compute capacity for BigQuery + jobs (in the form of slots) with some committed period of usage. Annual + commitments renew by default. Commitments can be removed after their + commitment end time passes. In order to remove annual commitment, its + plan needs to be changed to monthly or flex first. A capacity commitment + resource exists as a child resource of the admin project. + properties: + failureStatus: readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Last update time of the reservation. + $ref: '#/components/schemas/Status' + description: >- + Output only. For FAILED commitment plan, provides the reason of + failure. + isFlatRate: + readOnly: true + description: >- + Output only. If true, the commitment is a flat-rate commitment, + otherwise, it's an edition commitment. + type: boolean + state: readOnly: true + enumDescriptions: + - Invalid state value. + - >- + Capacity commitment is pending provisioning. Pending capacity + commitment does not contribute to the project's slot_capacity. + - >- + Once slots are provisioned, capacity commitment becomes active. + slot_count is added to the project's slot_capacity. + - Capacity commitment is failed to be activated by the backend. + description: Output only. State of the commitment. + enum: + - STATE_UNSPECIFIED + - PENDING + - ACTIVE + - FAILED + type: string + slotCount: type: string + description: Optional. Number of slots in this commitment. + format: int64 + commitmentEndTime: + readOnly: true + description: >- + Output only. The end of the current commitment period. It is + applicable only for ACTIVE capacity commitments. Note after renewal, + commitment_end_time is the time the renewed commitment expires. So + itwould be at a time after commitment_start_time + committed period, + because we don't change commitment_start_time , format: google-datetime + type: string multiRegionAuxiliary: + deprecated: true description: >- - Applicable only for reservations located within one of the BigQuery - multi-regions (US or EU). If set to true, this reservation is placed + Applicable only for commitments located within one of the BigQuery + multi-regions (US or EU). If set to true, this commitment is placed in the organization's secondary region which is designated for - disaster recovery purposes. If false, this reservation is placed in + disaster recovery purposes. If false, this commitment is placed in the organization's default region. NOTE: this is a preview feature. Project must be allow-listed in order to set this field. - deprecated: true type: boolean - edition: - description: Optional. Edition of the reservation. - type: string - enumDescriptions: - - Default value, which will be treated as ENTERPRISE. - - Standard edition. - - Enterprise edition. - - Enterprise Plus edition. + plan: enum: - - EDITION_UNSPECIFIED - - STANDARD - - ENTERPRISE - - ENTERPRISE_PLUS - primaryLocation: - description: >- - Output only. The current location of the reservation's primary - replica. This field is only set for reservations using the managed - disaster recovery feature. - readOnly: true - type: string - secondaryLocation: - description: >- - Optional. The current location of the reservation's secondary - replica. This field is only set for reservations using the managed - disaster recovery feature. Users can set this in create reservation - calls to create a failover reservation or in update reservation - calls to convert a non-failover reservation to a failover - reservation(or vice versa). - type: string - originalPrimaryLocation: - description: >- - Output only. The location where the reservation was originally - created. This is set only during the failover reservation's - creation. All billing charges for the failover reservation will be - applied to this location. - readOnly: true - type: string - maxSlots: - description: >- - Optional. The overall max slots for the reservation, covering - slot_capacity (baseline), idle slots (if ignore_idle_slots is false) - and scaled slots. If present, the reservation won't use more than - the specified number of slots, even if there is demand and supply - (from idle slots). NOTE: capping a reservation's idle slot usage is - best effort and its usage may exceed the max_slots value. However, - in terms of autoscale.current_slots (which accounts for the - additional added slots), it will never exceed the max_slots - - baseline. This field must be set together with the scaling_mode enum - value, otherwise the request will be rejected with error code - `google.rpc.Code.INVALID_ARGUMENT`. If the max_slots and - scaling_mode are set, the autoscale or autoscale.max_slots field - must be unset. Otherwise the request will be rejected with error - code `google.rpc.Code.INVALID_ARGUMENT`. However, the autoscale - field may still be in the output. The autopscale.max_slots will - always show as 0 and the autoscaler.current_slots will represent the - current slots from autoscaler excluding idle slots. For example, if - the max_slots is 1000 and scaling_mode is AUTOSCALE_ONLY, then in - the output, the autoscaler.max_slots will be 0 and the - autoscaler.current_slots may be any value between 0 and 1000. If the - max_slots is 1000, scaling_mode is ALL_SLOTS, the baseline is 100 - and idle slots usage is 200, then in the output, the - autoscaler.max_slots will be 0 and the autoscaler.current_slots will - not be higher than 700. If the max_slots is 1000, scaling_mode is - IDLE_SLOTS_ONLY, then in the output, the autoscaler field will be - null. If the max_slots and scaling_mode are set, then the - ignore_idle_slots field must be aligned with the scaling_mode enum - value.(See details in ScalingMode comments). Otherwise the request - will be rejected with error code `google.rpc.Code.INVALID_ARGUMENT`. - Please note, the max_slots is for user to manage the part of slots - greater than the baseline. Therefore, we don't allow users to set - max_slots smaller or equal to the baseline as it will not be - meaningful. If the field is present and slot_capacity>=max_slots, - requests will be rejected with error code - `google.rpc.Code.INVALID_ARGUMENT`. Please note that if max_slots is - set to 0, we will treat it as unset. Customers can set max_slots to - 0 and set scaling_mode to SCALING_MODE_UNSPECIFIED to disable the - max_slots feature. - type: string - format: int64 - scalingMode: - description: >- - Optional. The scaling mode for the reservation. If the field is - present but max_slots is not present, requests will be rejected with - error code `google.rpc.Code.INVALID_ARGUMENT`. + - COMMITMENT_PLAN_UNSPECIFIED + - FLEX + - FLEX_FLAT_RATE + - TRIAL + - MONTHLY + - MONTHLY_FLAT_RATE + - ANNUAL + - ANNUAL_FLAT_RATE + - THREE_YEAR + - NONE + enumDeprecated: + - false + - false + - true + - true + - false + - true + - false + - true + - false + - false type: string + description: Optional. Capacity commitment commitment plan. enumDescriptions: - - Default value of ScalingMode. - >- - The reservation will scale up only using slots from autoscaling. - It will not use any idle slots even if there may be some - available. The upper limit that autoscaling can scale up to will - be max_slots - baseline. For example, if max_slots is 1000, - baseline is 200 and customer sets ScalingMode to AUTOSCALE_ONLY, - then autoscalerg will scale up to 800 slots and no idle slots will - be used. Please note, in this mode, the ignore_idle_slots field - must be set to true. Otherwise the request will be rejected with + Invalid plan value. Requests with this value will be rejected with error code `google.rpc.Code.INVALID_ARGUMENT`. - >- - The reservation will scale up using only idle slots contributed by - other reservations or from unassigned commitments. If no idle - slots are available it will not scale up further. If the idle - slots which it is using are reclaimed by the contributing - reservation(s) it may be forced to scale down. The max idle slots - the reservation can be max_slots - baseline capacity. For example, - if max_slots is 1000, baseline is 200 and customer sets - ScalingMode to IDLE_SLOTS_ONLY, 1. if there are 1000 idle slots - available in other reservations, the reservation will scale up to - 1000 slots with 200 baseline and 800 idle slots. 2. if there are - 500 idle slots available in other reservations, the reservation - will scale up to 700 slots with 200 baseline and 300 idle slots. - Please note, in this mode, the reservation might not be able to - scale up to max_slots. Please note, in this mode, the - ignore_idle_slots field must be set to false. Otherwise the - request will be rejected with error code - `google.rpc.Code.INVALID_ARGUMENT`. + Flex commitments have committed period of 1 minute after becoming + ACTIVE. After that, they are not in a committed period anymore and + can be removed any time. - >- - The reservation will scale up using all slots available to it. It - will use idle slots contributed by other reservations or from - unassigned commitments first. If no idle slots are available it - will scale up using autoscaling. For example, if max_slots is - 1000, baseline is 200 and customer sets ScalingMode to ALL_SLOTS, - 1. if there are 800 idle slots available in other reservations, - the reservation will scale up to 1000 slots with 200 baseline and - 800 idle slots. 2. if there are 500 idle slots available in other - reservations, the reservation will scale up to 1000 slots with 200 - baseline, 500 idle slots and 300 autoscaling slots. 3. if there - are no idle slots available in other reservations, it will scale - up to 1000 slots with 200 baseline and 800 autoscaling slots. - Please note, in this mode, the ignore_idle_slots field must be set - to false. Otherwise the request will be rejected with error code - `google.rpc.Code.INVALID_ARGUMENT`. - enum: - - SCALING_MODE_UNSPECIFIED - - AUTOSCALE_ONLY - - IDLE_SLOTS_ONLY - - ALL_SLOTS - labels: - description: >- - Optional. The labels associated with this reservation. You can use - these to organize and group your reservations. You can set this - property when you create or update a reservation. - type: object - additionalProperties: - type: string - reservationGroup: - description: >- - Optional. The reservation group that this reservation belongs to. - You can set this property when you create or update a reservation. - Reservations do not need to belong to a reservation group. Format: - projects/{project}/locations/{location}/reservationGroups/{reservation_group} - or just {reservation_group} - type: string - replicationStatus: - description: >- - Output only. The Disaster Recovery(DR) replication status of the - reservation. This is only available for the primary replicas of - DR/failover reservations and provides information about the both the - staleness of the secondary and the last error encountered while - trying to replicate changes from the primary to the secondary. If - this field is blank, it means that the reservation is either not a - DR reservation or the reservation is a DR secondary or that any - replication operations on the reservation have succeeded. - readOnly: true - $ref: '#/components/schemas/ReplicationStatus' - Autoscale: - id: Autoscale - description: Auto scaling settings. - type: object - properties: - currentSlots: - description: >- - Output only. The slot capacity added to this reservation when - autoscale happens. Will be between [0, max_slots]. Note: after users - reduce max_slots, it may take a while before it can be propagated, - so current_slots may stay in the original value and could be larger - than max_slots for that brief period (less than one minute) - readOnly: true - type: string - format: int64 - maxSlots: - description: Optional. Number of slots to be scaled when needed. - type: string - format: int64 - ReplicationStatus: - id: ReplicationStatus - description: Disaster Recovery(DR) replication status of the reservation. - type: object - properties: - error: - description: >- - Output only. The last error encountered while trying to replicate - changes from the primary to the secondary. This field is only - available if the replication has not succeeded since. - readOnly: true - $ref: '#/components/schemas/Status' - lastErrorTime: - description: >- - Output only. The time at which the last error was encountered while - trying to replicate changes from the primary to the secondary. This - field is only available if the replication has not succeeded since. - readOnly: true + Same as FLEX, should only be used if flat-rate commitments are + still available. + - >- + Trial commitments have a committed period of 182 days after + becoming ACTIVE. After that, they are converted to a new + commitment based on the `renewal_plan`. Default `renewal_plan` for + Trial commitment is Flex so that it can be deleted right after + committed period ends. + - >- + Monthly commitments have a committed period of 30 days after + becoming ACTIVE. After that, they are not in a committed period + anymore and can be removed any time. + - >- + Same as MONTHLY, should only be used if flat-rate commitments are + still available. + - >- + Annual commitments have a committed period of 365 days after + becoming ACTIVE. After that they are converted to a new commitment + based on the renewal_plan. + - >- + Same as ANNUAL, should only be used if flat-rate commitments are + still available. + - >- + 3-year commitments have a committed period of 1095(3 * 365) days + after becoming ACTIVE. After that they are converted to a new + commitment based on the renewal_plan. + - >- + Should only be used for `renewal_plan` and is only meaningful if + edition is specified to values other than EDITION_UNSPECIFIED. + Otherwise CreateCapacityCommitmentRequest or + UpdateCapacityCommitmentRequest will be rejected with error code + `google.rpc.Code.INVALID_ARGUMENT`. If the renewal_plan is NONE, + capacity commitment will be removed at the end of its commitment + period. + edition: type: string - format: google-datetime - lastReplicationTime: - description: >- - Output only. A timestamp corresponding to the last change on the - primary that was successfully replicated to the secondary. + description: Optional. Edition of the capacity commitment. + enum: + - EDITION_UNSPECIFIED + - STANDARD + - ENTERPRISE + - ENTERPRISE_PLUS + enumDescriptions: + - Default value, which will be treated as ENTERPRISE. + - Standard edition. + - Enterprise edition. + - Enterprise Plus edition. + commitmentStartTime: readOnly: true type: string - format: google-datetime - softFailoverStartTime: description: >- - Output only. The time at which a soft failover for the reservation - and its associated datasets was initiated. After this field is set, - all subsequent changes to the reservation will be rejected unless a - hard failover overrides this operation. This field will be cleared - once the failover is complete. - readOnly: true - type: string + Output only. The start of the current commitment period. It is + applicable only for ACTIVE capacity commitments. Note after the + commitment is renewed, commitment_start_time won't be changed. It + refers to the start time of the original commitment. format: google-datetime - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ListReservationsResponse: - id: ListReservationsResponse - description: The response for ReservationService.ListReservations. - type: object - properties: - reservations: - description: List of reservations visible to the user. - type: array - items: - $ref: '#/components/schemas/Reservation' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - FailoverReservationRequest: - id: FailoverReservationRequest - description: The request for ReservationService.FailoverReservation. - type: object - properties: - failoverMode: - description: Optional. failover mode for the failover operation. - type: string - enumDescriptions: - - Invalid value. - - >- - When customers initiate a soft failover, BigQuery will wait until - all committed writes are replicated to the secondary. - - >- - When customers initiate a hard failover, BigQuery will not wait - until all committed writes are replicated to the secondary. There - can be data loss for hard failover. + renewalPlan: enum: - - FAILOVER_MODE_UNSPECIFIED - - SOFT - - HARD - CapacityCommitment: - id: CapacityCommitment - description: >- - Capacity commitment is a way to purchase compute capacity for BigQuery - jobs (in the form of slots) with some committed period of usage. Annual - commitments renew by default. Commitments can be removed after their - commitment end time passes. In order to remove annual commitment, its - plan needs to be changed to monthly or flex first. A capacity commitment - resource exists as a child resource of the admin project. - type: object - properties: - name: - description: >- - Output only. The resource name of the capacity commitment, e.g., - `projects/myproject/locations/US/capacityCommitments/123` The - commitment_id must only contain lower case alphanumeric characters - or dashes. It must start with a letter and must not end with a dash. - Its maximum length is 64 characters. - readOnly: true - type: string - slotCount: - description: Optional. Number of slots in this commitment. - type: string - format: int64 - plan: - description: Optional. Capacity commitment commitment plan. - type: string + - COMMITMENT_PLAN_UNSPECIFIED + - FLEX + - FLEX_FLAT_RATE + - TRIAL + - MONTHLY + - MONTHLY_FLAT_RATE + - ANNUAL + - ANNUAL_FLAT_RATE + - THREE_YEAR + - NONE + description: >- + Optional. The plan this capacity commitment is converted to after + commitment_end_time passes. Once the plan is changed, committed + period is extended according to commitment plan. Only applicable for + ANNUAL and TRIAL commitments. enumDescriptions: - >- Invalid plan value. Requests with this value will be rejected with @@ -476,6 +355,7 @@ components: `google.rpc.Code.INVALID_ARGUMENT`. If the renewal_plan is NONE, capacity commitment will be removed at the end of its commitment period. + type: string enumDeprecated: - false - false @@ -487,437 +367,570 @@ components: - true - false - false - enum: - - COMMITMENT_PLAN_UNSPECIFIED - - FLEX - - FLEX_FLAT_RATE - - TRIAL - - MONTHLY - - MONTHLY_FLAT_RATE - - ANNUAL - - ANNUAL_FLAT_RATE - - THREE_YEAR - - NONE - state: - description: Output only. State of the commitment. + name: readOnly: true + description: >- + Output only. The resource name of the capacity commitment, e.g., + `projects/myproject/locations/US/capacityCommitments/123` The + commitment_id must only contain lower case alphanumeric characters + or dashes. It must start with a letter and must not end with a dash. + Its maximum length is 64 characters. + type: string + type: object + SearchAssignmentsResponse: + properties: + nextPageToken: + description: >- + Token to retrieve the next page of results, or empty if there are no + more results in the list. type: string + assignments: + description: List of assignments visible to the user. + type: array + items: + $ref: '#/components/schemas/Assignment' + id: SearchAssignmentsResponse + type: object + description: The response for ReservationService.SearchAssignments. + Empty: + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + id: Empty + properties: {} + Assignment: + type: object + description: >- + An assignment allows a project to submit jobs of a certain type using + slots from the specified reservation. + id: Assignment + properties: + enableGeminiInBigquery: + description: >- + Optional. This field controls if "Gemini in BigQuery" + (https://cloud.google.com/gemini/docs/bigquery/overview) features + should be enabled for this reservation assignment, which is not on + by default. "Gemini in BigQuery" has a distinct compliance posture + from BigQuery. If this field is set to true, the assignment job type + is QUERY, and the parent reservation edition is ENTERPRISE_PLUS, + then the assignment will give the grantee project/organization + access to "Gemini in BigQuery" features. + type: boolean + state: + description: Output only. State of the assignment. + readOnly: true + enum: + - STATE_UNSPECIFIED + - PENDING + - ACTIVE enumDescriptions: - Invalid state value. - >- - Capacity commitment is pending provisioning. Pending capacity - commitment does not contribute to the project's slot_capacity. + Queries from assignee will be executed as on-demand, if related + assignment is pending. + - Assignment is ready. + type: string + schedulingPolicy: + $ref: '#/components/schemas/SchedulingPolicy' + description: >- + Optional. The scheduling policy to use for jobs and queries of this + assignee when running under the associated reservation. The + scheduling policy controls how the reservation's resources are + distributed. This overrides the default scheduling policy specified + on the reservation. This feature is not yet generally available. + assignee: + type: string + description: >- + Optional. The resource which will use the reservation. E.g. + `projects/myproject`, `folders/123`, or `organizations/456`. + jobType: + enumDescriptions: - >- - Once slots are provisioned, capacity commitment becomes active. - slot_count is added to the project's slot_capacity. - - Capacity commitment is failed to be activated by the backend. + Invalid type. Requests with this value will be rejected with error + code `google.rpc.Code.INVALID_ARGUMENT`. + - >- + Pipeline (load/export) jobs from the project will use the + reservation. + - Query jobs from the project will use the reservation. + - >- + BigQuery ML jobs that use services external to BigQuery for model + training. These jobs will not utilize idle slots from other + reservations. + - >- + Background jobs that BigQuery runs for the customers in the + background. + - >- + Continuous SQL jobs will use this reservation. Reservations with + continuous assignments cannot be mixed with non-continuous + assignments. + - >- + Finer granularity background jobs for capturing changes in a + source database and streaming them into BigQuery. Reservations + with this job type take priority over a default BACKGROUND + reservation assignment (if it exists). + - >- + Finer granularity background jobs for refreshing cached metadata + for BigQuery tables. Reservations with this job type take priority + over a default BACKGROUND reservation assignment (if it exists). + - >- + Finer granularity background jobs for refreshing search indexes + upon BigQuery table columns. Reservations with this job type take + priority over a default BACKGROUND reservation assignment (if it + exists). + type: string + description: Optional. Which type of jobs will use the reservation. enum: - - STATE_UNSPECIFIED - - PENDING - - ACTIVE - - FAILED - commitmentStartTime: + - JOB_TYPE_UNSPECIFIED + - PIPELINE + - QUERY + - ML_EXTERNAL + - BACKGROUND + - CONTINUOUS + - BACKGROUND_CHANGE_DATA_CAPTURE + - BACKGROUND_COLUMN_METADATA_INDEX + - BACKGROUND_SEARCH_INDEX_REFRESH + name: description: >- - Output only. The start of the current commitment period. It is - applicable only for ACTIVE capacity commitments. Note after the - commitment is renewed, commitment_start_time won't be changed. It - refers to the start time of the original commitment. + Output only. Name of the resource. E.g.: + `projects/myproject/locations/US/reservations/team1-prod/assignments/123`. + The assignment_id must only contain lower case alphanumeric + characters or dashes and the max length is 64 characters. + type: string readOnly: true + BiReservation: + type: object + properties: + preferredTables: + description: Optional. Preferred tables to use BI capacity for. + type: array + items: + $ref: '#/components/schemas/TableReference' + size: + description: Optional. Size of a reservation, in bytes. type: string + format: int64 + updateTime: format: google-datetime - commitmentEndTime: + type: string + readOnly: true + description: Output only. The last update timestamp of a reservation. + name: description: >- - Output only. The end of the current commitment period. It is - applicable only for ACTIVE capacity commitments. Note after renewal, - commitment_end_time is the time the renewed commitment expires. So - itwould be at a time after commitment_start_time + committed period, - because we don't change commitment_start_time , + Identifier. The resource name of the singleton BI reservation. + Reservation names have the form + `projects/{project_id}/locations/{location_id}/biReservation`. + type: string + id: BiReservation + description: Represents a BI Reservation. + AuditLogConfig: + id: AuditLogConfig + type: object + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + properties: + exemptedMembers: + description: >- + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + items: + type: string + type: array + logType: + description: The log type that this config enables. + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + type: string + AuditConfig: + type: object + id: AuditConfig + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + properties: + auditLogConfigs: + items: + $ref: '#/components/schemas/AuditLogConfig' + type: array + description: The configuration for logging of each type of permission. + service: + type: string + description: >- + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + Reservation: + type: object + id: Reservation + description: A reservation is a mechanism used to guarantee slots to users. + properties: + primaryLocation: + description: >- + Output only. The current location of the reservation's primary + replica. This field is only set for reservations using the managed + disaster recovery feature. + type: string + readOnly: true + replicationStatus: + $ref: '#/components/schemas/ReplicationStatus' + description: >- + Output only. The Disaster Recovery(DR) replication status of the + reservation. This is only available for the primary replicas of + DR/failover reservations and provides information about the both the + staleness of the secondary and the last error encountered while + trying to replicate changes from the primary to the secondary. If + this field is blank, it means that the reservation is either not a + DR reservation or the reservation is a DR secondary or that any + replication operations on the reservation have succeeded. readOnly: true + labels: + type: object + additionalProperties: + type: string + description: >- + Optional. The labels associated with this reservation. You can use + these to organize and group your reservations. You can set this + property when you create or update a reservation. + name: + description: >- + Identifier. The resource name of the reservation, e.g., + `projects/*/locations/*/reservations/team1-prod`. The reservation_id + must only contain lower case alphanumeric characters or dashes. It + must start with a letter and must not end with a dash. Its maximum + length is 64 characters. type: string + creationTime: + description: Output only. Creation time of the reservation. format: google-datetime - failureStatus: - description: >- - Output only. For FAILED commitment plan, provides the reason of - failure. readOnly: true - $ref: '#/components/schemas/Status' - renewalPlan: - description: >- - Optional. The plan this capacity commitment is converted to after - commitment_end_time passes. Once the plan is changed, committed - period is extended according to commitment plan. Only applicable for - ANNUAL and TRIAL commitments. type: string - enumDescriptions: - - >- - Invalid plan value. Requests with this value will be rejected with - error code `google.rpc.Code.INVALID_ARGUMENT`. - - >- - Flex commitments have committed period of 1 minute after becoming - ACTIVE. After that, they are not in a committed period anymore and - can be removed any time. - - >- - Same as FLEX, should only be used if flat-rate commitments are - still available. - - >- - Trial commitments have a committed period of 182 days after - becoming ACTIVE. After that, they are converted to a new - commitment based on the `renewal_plan`. Default `renewal_plan` for - Trial commitment is Flex so that it can be deleted right after - committed period ends. - - >- - Monthly commitments have a committed period of 30 days after - becoming ACTIVE. After that, they are not in a committed period - anymore and can be removed any time. - - >- - Same as MONTHLY, should only be used if flat-rate commitments are - still available. - - >- - Annual commitments have a committed period of 365 days after - becoming ACTIVE. After that they are converted to a new commitment - based on the renewal_plan. - - >- - Same as ANNUAL, should only be used if flat-rate commitments are - still available. - - >- - 3-year commitments have a committed period of 1095(3 * 365) days - after becoming ACTIVE. After that they are converted to a new - commitment based on the renewal_plan. - - >- - Should only be used for `renewal_plan` and is only meaningful if - edition is specified to values other than EDITION_UNSPECIFIED. - Otherwise CreateCapacityCommitmentRequest or - UpdateCapacityCommitmentRequest will be rejected with error code - `google.rpc.Code.INVALID_ARGUMENT`. If the renewal_plan is NONE, - capacity commitment will be removed at the end of its commitment - period. - enumDeprecated: - - false - - false - - true - - true - - false - - true - - false - - true - - false - - false - enum: - - COMMITMENT_PLAN_UNSPECIFIED - - FLEX - - FLEX_FLAT_RATE - - TRIAL - - MONTHLY - - MONTHLY_FLAT_RATE - - ANNUAL - - ANNUAL_FLAT_RATE - - THREE_YEAR - - NONE multiRegionAuxiliary: + deprecated: true + type: boolean description: >- - Applicable only for commitments located within one of the BigQuery - multi-regions (US or EU). If set to true, this commitment is placed + Applicable only for reservations located within one of the BigQuery + multi-regions (US or EU). If set to true, this reservation is placed in the organization's secondary region which is designated for - disaster recovery purposes. If false, this commitment is placed in + disaster recovery purposes. If false, this reservation is placed in the organization's default region. NOTE: this is a preview feature. Project must be allow-listed in order to set this field. - deprecated: true - type: boolean - edition: - description: Optional. Edition of the capacity commitment. + schedulingPolicy: + description: >- + Optional. The scheduling policy to use for jobs and queries running + under this reservation. The scheduling policy controls how the + reservation's resources are distributed. This feature is not yet + generally available. + $ref: '#/components/schemas/SchedulingPolicy' + autoscale: + description: Optional. The configuration parameters for the auto scaling feature. + $ref: '#/components/schemas/Autoscale' + secondaryLocation: + description: >- + Optional. The current location of the reservation's secondary + replica. This field is only set for reservations using the managed + disaster recovery feature. Users can set this in create reservation + calls to create a failover reservation or in update reservation + calls to convert a non-failover reservation to a failover + reservation(or vice versa). type: string - enumDescriptions: - - Default value, which will be treated as ENTERPRISE. - - Standard edition. - - Enterprise edition. - - Enterprise Plus edition. + edition: enum: - EDITION_UNSPECIFIED - STANDARD - ENTERPRISE - ENTERPRISE_PLUS - isFlatRate: + enumDescriptions: + - Default value, which will be treated as ENTERPRISE. + - Standard edition. + - Enterprise edition. + - Enterprise Plus edition. + description: Optional. Edition of the reservation. + type: string + originalPrimaryLocation: description: >- - Output only. If true, the commitment is a flat-rate commitment, - otherwise, it's an edition commitment. + Output only. The location where the reservation was originally + created. This is set only during the failover reservation's + creation. All billing charges for the failover reservation will be + applied to this location. readOnly: true - type: boolean - ListCapacityCommitmentsResponse: - id: ListCapacityCommitmentsResponse - description: The response for ReservationService.ListCapacityCommitments. - type: object - properties: - capacityCommitments: - description: List of capacity commitments visible to the user. - type: array - items: - $ref: '#/components/schemas/CapacityCommitment' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string - SplitCapacityCommitmentRequest: - id: SplitCapacityCommitmentRequest - description: The request for ReservationService.SplitCapacityCommitment. - type: object - properties: - slotCount: - description: Number of slots in the capacity commitment after the split. type: string - format: int64 - SplitCapacityCommitmentResponse: - id: SplitCapacityCommitmentResponse - description: The response for ReservationService.SplitCapacityCommitment. - type: object - properties: - first: - description: First capacity commitment, result of a split. - $ref: '#/components/schemas/CapacityCommitment' - second: - description: Second capacity commitment, result of a split. - $ref: '#/components/schemas/CapacityCommitment' - MergeCapacityCommitmentsRequest: - id: MergeCapacityCommitmentsRequest - description: The request for ReservationService.MergeCapacityCommitments. - type: object - properties: - capacityCommitmentIds: - description: >- - Ids of capacity commitments to merge. These capacity commitments - must exist under admin project and location specified in the parent. - ID is the last portion of capacity commitment name e.g., 'abc' for - projects/myproject/locations/US/capacityCommitments/abc - type: array - items: - type: string - capacityCommitmentId: + reservationGroup: description: >- - Optional. The optional resulting capacity commitment ID. Capacity - commitment name will be generated automatically if this field is - empty. This field must only contain lower case alphanumeric - characters or dashes. The first and last character cannot be a dash. - Max length is 64 characters. + Optional. The reservation group that this reservation belongs to. + You can set this property when you create or update a reservation. + Reservations do not need to belong to a reservation group. Format: + projects/{project}/locations/{location}/reservationGroups/{reservation_group} + or just {reservation_group} type: string - Assignment: - id: Assignment - description: >- - An assignment allows a project to submit jobs of a certain type using - slots from the specified reservation. - type: object - properties: - name: - description: >- - Output only. Name of the resource. E.g.: - `projects/myproject/locations/US/reservations/team1-prod/assignments/123`. - The assignment_id must only contain lower case alphanumeric - characters or dashes and the max length is 64 characters. + updateTime: + description: Output only. Last update time of the reservation. readOnly: true + format: google-datetime type: string - assignee: + maxSlots: + type: string + format: int64 + description: >- + Optional. The overall max slots for the reservation, covering + slot_capacity (baseline), idle slots (if ignore_idle_slots is false) + and scaled slots. If present, the reservation won't use more than + the specified number of slots, even if there is demand and supply + (from idle slots). NOTE: capping a reservation's idle slot usage is + best effort and its usage may exceed the max_slots value. However, + in terms of autoscale.current_slots (which accounts for the + additional added slots), it will never exceed the max_slots - + baseline. This field must be set together with the scaling_mode enum + value, otherwise the request will be rejected with error code + `google.rpc.Code.INVALID_ARGUMENT`. If the max_slots and + scaling_mode are set, the autoscale or autoscale.max_slots field + must be unset. Otherwise the request will be rejected with error + code `google.rpc.Code.INVALID_ARGUMENT`. However, the autoscale + field may still be in the output. The autopscale.max_slots will + always show as 0 and the autoscaler.current_slots will represent the + current slots from autoscaler excluding idle slots. For example, if + the max_slots is 1000 and scaling_mode is AUTOSCALE_ONLY, then in + the output, the autoscaler.max_slots will be 0 and the + autoscaler.current_slots may be any value between 0 and 1000. If the + max_slots is 1000, scaling_mode is ALL_SLOTS, the baseline is 100 + and idle slots usage is 200, then in the output, the + autoscaler.max_slots will be 0 and the autoscaler.current_slots will + not be higher than 700. If the max_slots is 1000, scaling_mode is + IDLE_SLOTS_ONLY, then in the output, the autoscaler field will be + null. If the max_slots and scaling_mode are set, then the + ignore_idle_slots field must be aligned with the scaling_mode enum + value.(See details in ScalingMode comments). Otherwise the request + will be rejected with error code `google.rpc.Code.INVALID_ARGUMENT`. + Please note, the max_slots is for user to manage the part of slots + greater than the baseline. Therefore, we don't allow users to set + max_slots smaller or equal to the baseline as it will not be + meaningful. If the field is present and slot_capacity>=max_slots, + requests will be rejected with error code + `google.rpc.Code.INVALID_ARGUMENT`. Please note that if max_slots is + set to 0, we will treat it as unset. Customers can set max_slots to + 0 and set scaling_mode to SCALING_MODE_UNSPECIFIED to disable the + max_slots feature. + ignoreIdleSlots: + type: boolean description: >- - Optional. The resource which will use the reservation. E.g. - `projects/myproject`, `folders/123`, or `organizations/456`. - type: string - jobType: - description: Optional. Which type of jobs will use the reservation. + Optional. If false, any query or pipeline job using this reservation + will use idle slots from other reservations within the same admin + project. If true, a query or pipeline job using this reservation + will execute with the slot capacity specified in the slot_capacity + field at most. + slotCapacity: type: string + description: >- + Optional. Baseline slots available to this reservation. A slot is a + unit of computational power in BigQuery, and serves as the unit of + parallelism. Queries using this reservation might use more slots + during runtime if ignore_idle_slots is set to false, or autoscaling + is enabled. The total slot_capacity of the reservation and its + siblings may exceed the total slot_count of capacity commitments. In + that case, the exceeding slots will be charged with the autoscale + SKU. You can increase the number of baseline slots in a reservation + every few minutes. If you want to decrease your baseline slots, you + are limited to once an hour if you have recently changed your + baseline slot capacity and your baseline slots exceed your committed + slots. Otherwise, you can decrease your baseline slots every few + minutes. + format: int64 + scalingMode: + enum: + - SCALING_MODE_UNSPECIFIED + - AUTOSCALE_ONLY + - IDLE_SLOTS_ONLY + - ALL_SLOTS + description: >- + Optional. The scaling mode for the reservation. If the field is + present but max_slots is not present, requests will be rejected with + error code `google.rpc.Code.INVALID_ARGUMENT`. enumDescriptions: + - Default value of ScalingMode. - >- - Invalid type. Requests with this value will be rejected with error - code `google.rpc.Code.INVALID_ARGUMENT`. - - >- - Pipeline (load/export) jobs from the project will use the - reservation. - - Query jobs from the project will use the reservation. - - >- - BigQuery ML jobs that use services external to BigQuery for model - training. These jobs will not utilize idle slots from other - reservations. + The reservation will scale up only using slots from autoscaling. + It will not use any idle slots even if there may be some + available. The upper limit that autoscaling can scale up to will + be max_slots - baseline. For example, if max_slots is 1000, + baseline is 200 and customer sets ScalingMode to AUTOSCALE_ONLY, + then autoscalerg will scale up to 800 slots and no idle slots will + be used. Please note, in this mode, the ignore_idle_slots field + must be set to true. Otherwise the request will be rejected with + error code `google.rpc.Code.INVALID_ARGUMENT`. - >- - Background jobs that BigQuery runs for the customers in the - background. + The reservation will scale up using only idle slots contributed by + other reservations or from unassigned commitments. If no idle + slots are available it will not scale up further. If the idle + slots which it is using are reclaimed by the contributing + reservation(s) it may be forced to scale down. The max idle slots + the reservation can be max_slots - baseline capacity. For example, + if max_slots is 1000, baseline is 200 and customer sets + ScalingMode to IDLE_SLOTS_ONLY, 1. if there are 1000 idle slots + available in other reservations, the reservation will scale up to + 1000 slots with 200 baseline and 800 idle slots. 2. if there are + 500 idle slots available in other reservations, the reservation + will scale up to 700 slots with 200 baseline and 300 idle slots. + Please note, in this mode, the reservation might not be able to + scale up to max_slots. Please note, in this mode, the + ignore_idle_slots field must be set to false. Otherwise the + request will be rejected with error code + `google.rpc.Code.INVALID_ARGUMENT`. - >- - Continuous SQL jobs will use this reservation. Reservations with - continuous assignments cannot be mixed with non-continuous - assignments. - enum: - - JOB_TYPE_UNSPECIFIED - - PIPELINE - - QUERY - - ML_EXTERNAL - - BACKGROUND - - CONTINUOUS - state: - description: Output only. State of the assignment. - readOnly: true + The reservation will scale up using all slots available to it. It + will use idle slots contributed by other reservations or from + unassigned commitments first. If no idle slots are available it + will scale up using autoscaling. For example, if max_slots is + 1000, baseline is 200 and customer sets ScalingMode to ALL_SLOTS, + 1. if there are 800 idle slots available in other reservations, + the reservation will scale up to 1000 slots with 200 baseline and + 800 idle slots. 2. if there are 500 idle slots available in other + reservations, the reservation will scale up to 1000 slots with 200 + baseline, 500 idle slots and 300 autoscaling slots. 3. if there + are no idle slots available in other reservations, it will scale + up to 1000 slots with 200 baseline and 800 autoscaling slots. + Please note, in this mode, the ignore_idle_slots field must be set + to false. Otherwise the request will be rejected with error code + `google.rpc.Code.INVALID_ARGUMENT`. type: string - enumDescriptions: - - Invalid state value. - - >- - Queries from assignee will be executed as on-demand, if related - assignment is pending. - - Assignment is ready. - enum: - - STATE_UNSPECIFIED - - PENDING - - ACTIVE - enableGeminiInBigquery: + concurrency: + type: string + format: int64 description: >- - Optional. This field controls if "Gemini in BigQuery" - (https://cloud.google.com/gemini/docs/bigquery/overview) features - should be enabled for this reservation assignment, which is not on - by default. "Gemini in BigQuery" has a distinct compliance posture - from BigQuery. If this field is set to true, the assignment job type - is QUERY, and the parent reservation edition is ENTERPRISE_PLUS, - then the assignment will give the grantee project/organization - access to "Gemini in BigQuery" features. - type: boolean - ListAssignmentsResponse: - id: ListAssignmentsResponse - description: The response for ReservationService.ListAssignments. - type: object + Optional. Job concurrency target which sets a soft upper bound on + the number of jobs that can run concurrently in this reservation. + This is a soft target due to asynchronous nature of the system and + various optimizations for small queries. Default value is 0 which + means that concurrency target will be automatically computed by the + system. NOTE: this field is exposed as target job concurrency in the + Information Schema, DDL and BigQuery CLI. + SchedulingPolicy: properties: - assignments: - description: List of assignments visible to the user. - type: array - items: - $ref: '#/components/schemas/Assignment' - nextPageToken: + concurrency: description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. + Optional. If present and > 0, the reservation will attempt to limit + the concurrency of jobs running for any particular project within it + to the given value. This feature is not yet generally available. type: string - SearchAssignmentsResponse: - id: SearchAssignmentsResponse - description: The response for ReservationService.SearchAssignments. - type: object - properties: - assignments: - description: List of assignments visible to the user. - type: array - items: - $ref: '#/components/schemas/Assignment' - nextPageToken: + format: int64 + maxSlots: + format: int64 description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. + Optional. If present and > 0, the reservation will attempt to limit + the slot consumption of queries running for any particular project + within it to the given value. This feature is not yet generally + available. type: string - SearchAllAssignmentsResponse: - id: SearchAllAssignmentsResponse - description: The response for ReservationService.SearchAllAssignments. type: object - properties: - assignments: - description: List of assignments visible to the user. - type: array - items: - $ref: '#/components/schemas/Assignment' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string - MoveAssignmentRequest: - id: MoveAssignmentRequest + id: SchedulingPolicy description: >- - The request for ReservationService.MoveAssignment. **Note**: - "bigquery.reservationAssignments.create" permission is required on the - destination_id. **Note**: "bigquery.reservationAssignments.create" and - "bigquery.reservationAssignments.delete" permission are required on the - related assignee. + The scheduling policy controls how a reservation's resources are + distributed. + Expr: + id: Expr + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. type: object properties: - destinationId: + expression: description: >- - The new reservation ID, e.g.: - `projects/myotherproject/locations/US/reservations/team2-prod` + Textual representation of an expression in Common Expression + Language syntax. type: string - assignmentId: + description: description: >- - The optional assignment ID. A new assignment name is generated if - this field is empty. This field can contain only lowercase - alphanumeric characters or dashes. Max length is 64 characters. + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. type: string - BiReservation: - id: BiReservation - description: Represents a BI Reservation. - type: object - properties: - name: + location: description: >- - Identifier. The resource name of the singleton BI reservation. - Reservation names have the form - `projects/{project_id}/locations/{location_id}/biReservation`. - type: string - updateTime: - description: Output only. The last update timestamp of a reservation. - readOnly: true + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. type: string - format: google-datetime - size: - description: Optional. Size of a reservation, in bytes. + title: + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. type: string - format: int64 - preferredTables: - description: Optional. Preferred tables to use BI capacity for. + TestIamPermissionsResponse: + description: Response message for `TestIamPermissions` method. + type: object + properties: + permissions: + items: + type: string + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. type: array - items: - $ref: '#/components/schemas/TableReference' - TableReference: - id: TableReference - description: >- - Fully qualified reference to BigQuery table. Internally stored as - google.cloud.bi.v1.BqTableReference. + id: TestIamPermissionsResponse + ListReservationsResponse: + description: The response for ReservationService.ListReservations. + id: ListReservationsResponse type: object properties: - projectId: - description: Optional. The assigned project ID of the project. - type: string - datasetId: - description: Optional. The ID of the dataset in the above project. - type: string - tableId: - description: Optional. The ID of the table in the above dataset. + nextPageToken: + description: >- + Token to retrieve the next page of results, or empty if there are no + more results in the list. type: string + reservations: + description: List of reservations visible to the user. + items: + $ref: '#/components/schemas/Reservation' + type: array Policy: id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). type: object properties: + auditConfigs: + items: + $ref: '#/components/schemas/AuditConfig' + description: Specifies cloud audit logging configuration for this policy. + type: array version: description: >- Specifies the format of the policy. Valid values are `0`, `1`, and @@ -939,6 +952,7 @@ components: type: integer format: int32 bindings: + type: array description: >- Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when @@ -949,14 +963,8 @@ components: For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`. - type: array items: $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. - type: array - items: - $ref: '#/components/schemas/AuditConfig' etag: description: >- `etag` is used for optimistic concurrency control as a way to help @@ -973,21 +981,200 @@ components: the conditions in the version `3` policy are lost. type: string format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + MoveAssignmentRequest: type: object + description: >- + The request for ReservationService.MoveAssignment. **Note**: + "bigquery.reservationAssignments.create" permission is required on the + destination_id. **Note**: "bigquery.reservationAssignments.create" and + "bigquery.reservationAssignments.delete" permission are required on the + related assignee. + id: MoveAssignmentRequest properties: - role: + assignmentId: + type: string description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + The optional assignment ID. A new assignment name is generated if + this field is empty. This field can contain only lowercase + alphanumeric characters or dashes. Max length is 64 characters. + destinationId: + description: >- + The new reservation ID, e.g.: + `projects/myotherproject/locations/US/reservations/team2-prod` + type: string + ReservationGroup: + id: ReservationGroup + properties: + name: + type: string + description: >- + Identifier. The resource name of the reservation group, e.g., + `projects/*/locations/*/reservationGroups/team1-prod`. The + reservation_group_id must only contain lower case alphanumeric + characters or dashes. It must start with a letter and must not end + with a dash. Its maximum length is 64 characters. + type: object + description: A reservation group is a container for reservations. + Autoscale: + type: object + properties: + currentSlots: + description: >- + Output only. The slot capacity added to this reservation when + autoscale happens. Will be between [0, max_slots]. Note: after users + reduce max_slots, it may take a while before it can be propagated, + so current_slots may stay in the original value and could be larger + than max_slots for that brief period (less than one minute) + type: string + readOnly: true + format: int64 + maxSlots: + description: Optional. Number of slots to be scaled when needed. + type: string + format: int64 + id: Autoscale + description: Auto scaling settings. + TestIamPermissionsRequest: + properties: + permissions: + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + type: array + items: + type: string + type: object + id: TestIamPermissionsRequest + description: Request message for `TestIamPermissions` method. + FailoverReservationRequest: + properties: + failoverMode: + enum: + - FAILOVER_MODE_UNSPECIFIED + - SOFT + - HARD + description: >- + Optional. A parameter that determines how writes that are pending + replication are handled after a failover is initiated. If not + specified, HARD failover mode is used by default. + type: string + enumDescriptions: + - Invalid value. + - >- + When customers initiate a soft failover, BigQuery will wait until + all committed writes are replicated to the secondary. This mode + requires both regions to be available for the failover to succeed + and prevents data loss. + - >- + When customers initiate a hard failover, BigQuery will not wait + until all committed writes are replicated to the secondary. There + can be data loss for hard failover. + description: The request for ReservationService.FailoverReservation. + type: object + id: FailoverReservationRequest + ReplicationStatus: + type: object + id: ReplicationStatus + description: Disaster Recovery(DR) replication status of the reservation. + properties: + error: + readOnly: true + description: >- + Output only. The last error encountered while trying to replicate + changes from the primary to the secondary. This field is only + available if the replication has not succeeded since. + $ref: '#/components/schemas/Status' + softFailoverStartTime: + readOnly: true + format: google-datetime + type: string + description: >- + Output only. The time at which a soft failover for the reservation + and its associated datasets was initiated. After this field is set, + all subsequent changes to the reservation will be rejected unless a + hard failover overrides this operation. This field will be cleared + once the failover is complete. + lastErrorTime: + description: >- + Output only. The time at which the last error was encountered while + trying to replicate changes from the primary to the secondary. This + field is only available if the replication has not succeeded since. + readOnly: true + format: google-datetime + type: string + lastReplicationTime: + format: google-datetime + description: >- + Output only. A timestamp corresponding to the last change on the + primary that was successfully replicated to the secondary. + type: string + readOnly: true + ListAssignmentsResponse: + description: The response for ReservationService.ListAssignments. + type: object + id: ListAssignmentsResponse + properties: + nextPageToken: + description: >- + Token to retrieve the next page of results, or empty if there are no + more results in the list. type: string + assignments: + items: + $ref: '#/components/schemas/Assignment' + type: array + description: List of assignments visible to the user. + Binding: + properties: + condition: + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' members: + type: array description: >- Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A @@ -1047,249 +1234,84 @@ components: `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array items: type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - type: object - properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string - title: - description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. - type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + role: type: string - location: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - AuditConfig: - id: AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + description: Associates `members`, or principals, with a `role`. + type: object + id: Binding + SplitCapacityCommitmentRequest: type: object properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. + slotCount: + format: int64 type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - type: object + description: Number of slots in the capacity commitment after the split. + description: The request for ReservationService.SplitCapacityCommitment. + id: SplitCapacityCommitmentRequest + MergeCapacityCommitmentsRequest: + id: MergeCapacityCommitmentsRequest + description: The request for ReservationService.MergeCapacityCommitments. properties: - logType: - description: The log type that this config enables. + capacityCommitmentId: + description: >- + Optional. The optional resulting capacity commitment ID. Capacity + commitment name will be generated automatically if this field is + empty. This field must only contain lower case alphanumeric + characters or dashes. The first and last character cannot be a dash. + Max length is 64 characters. type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: + capacityCommitmentIds: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. + Ids of capacity commitments to merge. These capacity commitments + must exist under admin project and location specified in the parent. + ID is the last portion of capacity commitment name e.g., 'abc' for + projects/myproject/locations/US/capacityCommitments/abc type: array items: type: string + type: object SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. type: object + description: Request message for `SetIamPolicy` method. properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' updateMask: + format: google-fieldmask + type: string description: >- OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"` - type: string - format: google-fieldmask - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: - description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object - properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - ReservationGroup: - id: ReservationGroup - description: A reservation group is a container for reservations. - type: object - properties: - name: - description: >- - Identifier. The resource name of the reservation group, e.g., - `projects/*/locations/*/reservationGroups/team1-prod`. The - reservation_group_id must only contain lower case alphanumeric - characters or dashes. It must start with a letter and must not end - with a dash. Its maximum length is 64 characters. - type: string - ListReservationGroupsResponse: - id: ListReservationGroupsResponse - description: The response for ReservationService.ListReservationGroups. - type: object - properties: - reservationGroups: - description: List of reservations visible to the user. - type: array - items: - $ref: '#/components/schemas/ReservationGroup' - nextPageToken: + policy: + $ref: '#/components/schemas/Policy' description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string - parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + id: SetIamPolicyRequest + parameters: + callback: + description: JSONP in: query - name: key + name: callback schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: oauth_token + name: upload_protocol schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -1299,12 +1321,16 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + alt: + description: Data format for response. in: query - name: upload_protocol + name: alt schema: type: string + enum: + - json + - media + - proto uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query @@ -1320,81 +1346,59 @@ components: enum: - '1' - '2' + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string x-stackQL-resources: - locations: - id: google.bigqueryreservation.locations - name: locations - title: Locations - methods: - search_assignments: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:searchAssignments/get - response: - mediaType: application/json - openAPIDocKey: '200' - search_all_assignments: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:searchAllAssignments/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - bi_reservation: - id: google.bigqueryreservation.bi_reservation - name: bi_reservation - title: Bi_reservation - methods: - get_bi_reservation: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1biReservation/get - response: - mediaType: application/json - openAPIDocKey: '200' - update_bi_reservation: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1biReservation/patch - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/bi_reservation/methods/get_bi_reservation - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/bi_reservation/methods/update_bi_reservation - replace: [] - delete: [] reservations: id: google.bigqueryreservation.reservations name: reservations title: Reservations methods: - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.reservations get: operation: $ref: >- @@ -1402,17 +1406,18 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations/get response: mediaType: application/json openAPIDocKey: '200' - patch: + objectKey: $.reservations + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations/post response: mediaType: application/json openAPIDocKey: '200' @@ -1439,6 +1444,13 @@ components: name: reservations_iam_policies title: Reservations_iam_policies methods: + test_iam_permissions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' get_iam_policy: operation: $ref: >- @@ -1454,43 +1466,72 @@ components: response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/reservations_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/reservations_iam_policies/methods/set_iam_policy + delete: [] + assignments_iam_policies: + id: google.bigqueryreservation.assignments_iam_policies + name: assignments_iam_policies + title: Assignments_iam_policies + methods: test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}~1assignments~1{assignmentsId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}~1assignments~1{assignmentsId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}~1assignments~1{assignmentsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/reservations_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/assignments_iam_policies/methods/get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/reservations_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/assignments_iam_policies/methods/set_iam_policy delete: [] assignments: id: google.bigqueryreservation.assignments name: assignments title: Assignments methods: - create: + move: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}~1assignments/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}~1assignments~1{assignmentsId}:move/post response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}~1assignments/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}~1assignments~1{assignmentsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.assignments delete: operation: $ref: >- @@ -1498,17 +1539,18 @@ components: response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}~1assignments~1{assignmentsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}~1assignments/get response: mediaType: application/json openAPIDocKey: '200' - move: + objectKey: $.assignments + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}~1assignments~1{assignmentsId}:move/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}~1assignments/post response: mediaType: application/json openAPIDocKey: '200' @@ -1522,63 +1564,25 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/assignments/methods/delete' - assignments_iam_policies: - id: google.bigqueryreservation.assignments_iam_policies - name: assignments_iam_policies - title: Assignments_iam_policies - methods: - get_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}~1assignments~1{assignmentsId}:getIamPolicy/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}~1assignments~1{assignmentsId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - test_iam_permissions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservations~1{reservationsId}~1assignments~1{assignmentsId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/assignments_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/assignments_iam_policies/methods/set_iam_policy - delete: [] capacity_commitments: id: google.bigqueryreservation.capacity_commitments name: capacity_commitments title: Capacity_commitments methods: - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1capacityCommitments/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1capacityCommitments~1{capacityCommitmentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1capacityCommitments/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1capacityCommitments~1{capacityCommitmentsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.capacityCommitments get: operation: $ref: >- @@ -1586,31 +1590,32 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: + merge: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1capacityCommitments~1{capacityCommitmentsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1capacityCommitments:merge/post response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1capacityCommitments~1{capacityCommitmentsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1capacityCommitments/get response: mediaType: application/json openAPIDocKey: '200' - split: + objectKey: $.capacityCommitments + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1capacityCommitments~1{capacityCommitmentsId}:split/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1capacityCommitments/post response: mediaType: application/json openAPIDocKey: '200' - merge: + split: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1capacityCommitments:merge/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1capacityCommitments~1{capacityCommitmentsId}:split/post response: mediaType: application/json openAPIDocKey: '200' @@ -1633,35 +1638,35 @@ components: name: reservation_groups title: Reservation_groups methods: - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservationGroups/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservationGroups~1{reservationGroupsId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservationGroups/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservationGroups~1{reservationGroupsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.reservationGroups - get: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservationGroups~1{reservationGroupsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservationGroups/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservationGroups~1{reservationGroupsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reservationGroups/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.reservationGroups sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/reservation_groups/methods/get' @@ -1672,179 +1677,79 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/reservation_groups/methods/delete' + bi_reservation: + id: google.bigqueryreservation.bi_reservation + name: bi_reservation + title: Bi_reservation + methods: + get_bi_reservation: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1biReservation/get + response: + mediaType: application/json + openAPIDocKey: '200' + update_bi_reservation: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1biReservation/patch + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/bi_reservation/methods/get_bi_reservation + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/bi_reservation/methods/update_bi_reservation + replace: [] + delete: [] + locations: + id: google.bigqueryreservation.locations + name: locations + title: Locations + methods: + search_all_assignments: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:searchAllAssignments/get + response: + mediaType: application/json + openAPIDocKey: '200' + search_assignments: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:searchAssignments/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] paths: - /v1/projects/{projectsId}/locations/{locationsId}:searchAssignments: + /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' - get: - description: >- - Deprecated: Looks up assignments for a specified resource for a - particular region. If the request is about a project: 1. Assignments - created on the project will be returned if they exist. 2. Otherwise - assignments created on the closest ancestor will be returned. 3. - Assignments for different JobTypes will all be returned. The same logic - applies if the request is about a folder. If the request is about an - organization, then assignments created on the organization will be - returned (organization doesn't have ancestors). Comparing to - ListAssignments, there are some behavior differences: 1. permission on - the assignee will be verified in this API. 2. Hierarchy lookup - (project->folder->organization) happens in this API. 3. Parent here is - `projects/*/locations/*`, instead of - `projects/*/locations/*reservations/*`. **Note** "-" cannot be used for - projects nor locations. - operationId: bigqueryreservation.projects.locations.searchAssignments - security: - - Oauth2: - - https://www.googleapis.com/auth/bigquery - Oauth2c: - - https://www.googleapis.com/auth/bigquery - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/SearchAssignmentsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: query - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}:searchAllAssignments: - parameters: *ref_1 - get: - description: >- - Looks up assignments for a specified resource for a particular region. - If the request is about a project: 1. Assignments created on the project - will be returned if they exist. 2. Otherwise assignments created on the - closest ancestor will be returned. 3. Assignments for different JobTypes - will all be returned. The same logic applies if the request is about a - folder. If the request is about an organization, then assignments - created on the organization will be returned (organization doesn't have - ancestors). Comparing to ListAssignments, there are some behavior - differences: 1. permission on the assignee will be verified in this API. - 2. Hierarchy lookup (project->folder->organization) happens in this API. - 3. Parent here is `projects/*/locations/*`, instead of - `projects/*/locations/*reservations/*`. - operationId: bigqueryreservation.projects.locations.searchAllAssignments - security: - - Oauth2: - - https://www.googleapis.com/auth/bigquery - Oauth2c: - - https://www.googleapis.com/auth/bigquery - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/SearchAllAssignmentsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: query - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/biReservation: - parameters: *ref_1 - get: - description: Retrieves a BI reservation. - operationId: bigqueryreservation.projects.locations.getBiReservation - security: - - Oauth2: - - https://www.googleapis.com/auth/bigquery - Oauth2c: - - https://www.googleapis.com/auth/bigquery - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/BiReservation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - patch: + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/fields' + delete: description: >- - Updates a BI reservation. Only fields specified in the `field_mask` are - updated. A singleton BI reservation always exists with default size 0. - In order to reserve BI capacity it needs to be updated to an amount - greater than 0. In order to release BI capacity reservation size must be - set to 0. - operationId: bigqueryreservation.projects.locations.updateBiReservation - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BiReservation' + Deletes a reservation. Returns `google.rpc.Code.FAILED_PRECONDITION` + when reservation has assignments. + operationId: bigqueryreservation.projects.locations.reservations.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -1860,7 +1765,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BiReservation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -1872,16 +1777,14 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: reservationsId + required: true schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/reservations: - parameters: *ref_1 - post: - description: Creates a new reservation resource. - operationId: bigqueryreservation.projects.locations.reservations.create + patch: + description: Updates an existing reservation resource. + operationId: bigqueryreservation.projects.locations.reservations.patch requestBody: content: application/json: @@ -1914,13 +1817,19 @@ paths: required: true schema: type: string + - in: path + name: reservationsId + required: true + schema: + type: string - in: query - name: reservationId + name: updateMask schema: type: string + format: google-fieldmask get: - description: Lists all the reservations for the project in the specified location. - operationId: bigqueryreservation.projects.locations.reservations.list + description: Returns information about the reservation. + operationId: bigqueryreservation.projects.locations.reservations.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -1936,7 +1845,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListReservationsResponse' + $ref: '#/components/schemas/Reservation' parameters: - in: path name: projectsId @@ -1948,20 +1857,16 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: reservationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/reservations: parameters: *ref_1 get: - description: Returns information about the reservation. - operationId: bigqueryreservation.projects.locations.reservations.get + description: Lists all the reservations for the project in the specified location. + operationId: bigqueryreservation.projects.locations.reservations.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -1977,7 +1882,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Reservation' + $ref: '#/components/schemas/ListReservationsResponse' parameters: - in: path name: projectsId @@ -1989,16 +1894,23 @@ paths: required: true schema: type: string - - in: path - name: reservationsId - required: true + - in: query + name: pageToken schema: type: string - delete: - description: >- - Deletes a reservation. Returns `google.rpc.Code.FAILED_PRECONDITION` - when reservation has assignments. - operationId: bigqueryreservation.projects.locations.reservations.delete + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a new reservation resource. + operationId: bigqueryreservation.projects.locations.reservations.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Reservation' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2014,7 +1926,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Reservation' parameters: - in: path name: projectsId @@ -2026,19 +1938,25 @@ paths: required: true schema: type: string - - in: path - name: reservationsId - required: true + - in: query + name: reservationId schema: type: string - patch: - description: Updates an existing reservation resource. - operationId: bigqueryreservation.projects.locations.reservations.patch + /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}:failoverReservation: + parameters: *ref_1 + post: + description: >- + Fail over a reservation to the secondary location. The operation should + be done in the current secondary location, which will be promoted to the + new primary location for the reservation. Attempting to failover a + reservation in the current primary location will fail with the error + code `google.rpc.Code.FAILED_PRECONDITION`. + operationId: bigqueryreservation.projects.locations.reservations.failoverReservation requestBody: content: application/json: schema: - $ref: '#/components/schemas/Reservation' + $ref: '#/components/schemas/FailoverReservationRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2071,26 +1989,19 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}:failoverReservation: + /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}:testIamPermissions: parameters: *ref_1 post: description: >- - Fail over a reservation to the secondary location. The operation should - be done in the current secondary location, which will be promoted to the - new primary location for the reservation. Attempting to failover a - reservation in the current primary location will fail with the error - code `google.rpc.Code.FAILED_PRECONDITION`. - operationId: bigqueryreservation.projects.locations.reservations.failoverReservation + Gets your permissions on a resource. Returns an empty set of permissions + if the resource doesn't exist. Supported resources are: - Reservations + No Google IAM permissions are required to call this method. + operationId: bigqueryreservation.projects.locations.reservations.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/FailoverReservationRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2106,7 +2017,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Reservation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -2220,14 +2131,15 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}/assignments/{assignmentsId}:testIamPermissions: parameters: *ref_1 post: description: >- Gets your permissions on a resource. Returns an empty set of permissions if the resource doesn't exist. Supported resources are: - Reservations No Google IAM permissions are required to call this method. - operationId: bigqueryreservation.projects.locations.reservations.testIamPermissions + operationId: >- + bigqueryreservation.projects.locations.reservations.assignments.testIamPermissions requestBody: content: application/json: @@ -2265,39 +2177,78 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}/assignments: + - in: path + name: assignmentsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}/assignments/{assignmentsId}:setIamPolicy: parameters: *ref_1 post: description: >- - Creates an assignment object which allows the given project to submit - jobs of a certain type using slots from the specified reservation. - Currently a resource (project, folder, organization) can only have one - assignment per each (job_type, location) combination, and that - reservation will be used for all jobs of the matching type. Different - assignments can be created on different levels of the projects, folders - or organization hierarchy. During query execution, the assignment is - looked up at the project, folder and organization levels in that order. - The first assignment found is applied to the query. When creating - assignments, it does not matter if other assignments exist at higher - levels. Example: * The organization `organizationA` contains two - projects, `project1` and `project2`. * Assignments for all three - entities (`organizationA`, `project1`, and `project2`) could all be - created and mapped to the same or different reservations. "None" - assignments represent an absence of the assignment. Projects assigned to - None use on-demand pricing. To create a "None" assignment, use "none" as - a reservation_id in the parent. Example parent: - `projects/myproject/locations/US/reservations/none`. Returns - `google.rpc.Code.PERMISSION_DENIED` if user does not have - 'bigquery.admin' permissions on the project using the reservation and - the project that owns this reservation. Returns - `google.rpc.Code.INVALID_ARGUMENT` when location of the assignment does - not match location of the reservation. - operationId: bigqueryreservation.projects.locations.reservations.assignments.create + Sets an access control policy for a resource. Replaces any existing + policy. Supported resources are: - Reservations To call this method, you + must have the following Google IAM permissions: - + `bigqueryreservation.reservations.setIamPolicy` to set policies on + reservations. + operationId: >- + bigqueryreservation.projects.locations.reservations.assignments.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/Assignment' + $ref: '#/components/schemas/SetIamPolicyRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/bigquery + Oauth2c: + - https://www.googleapis.com/auth/bigquery + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Policy' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: reservationsId + required: true + schema: + type: string + - in: path + name: assignmentsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}/assignments/{assignmentsId}:move: + parameters: *ref_1 + post: + description: >- + Moves an assignment under a new reservation. This differs from removing + an existing assignment and recreating a new one by providing a + transactional change that ensures an assignee always has an associated + reservation. + operationId: bigqueryreservation.projects.locations.reservations.assignments.move + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/MoveAssignmentRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2330,23 +2281,79 @@ paths: required: true schema: type: string - - in: query - name: assignmentId + - in: path + name: assignmentsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}/assignments/{assignmentsId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. May return: * + A`NOT_FOUND` error if the resource doesn't exist or you don't have the + permission to view it. * An empty policy if the resource exists but + doesn't have a set policy. Supported resources are: - Reservations - + ReservationAssignments To call this method, you must have the following + Google IAM permissions: - + `bigqueryreservation.reservations.getIamPolicy` to get policies on + reservations. + operationId: >- + bigqueryreservation.projects.locations.reservations.assignments.getIamPolicy + security: + - Oauth2: + - https://www.googleapis.com/auth/bigquery + Oauth2c: + - https://www.googleapis.com/auth/bigquery + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Policy' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: reservationsId + required: true + schema: + type: string + - in: path + name: assignmentsId + required: true schema: type: string - get: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}/assignments/{assignmentsId}: + parameters: *ref_1 + patch: description: >- - Lists assignments. Only explicitly created assignments will be returned. - Example: * Organization `organizationA` contains two projects, - `project1` and `project2`. * Reservation `res1` exists and was created - previously. * CreateAssignment was used previously to define the - following associations between entities and reservations: `` and `` In - this example, ListAssignments will just return the above two assignments - for reservation `res1`, and no expansion/merge will happen. The wildcard - "-" can be used for reservations in the request. In that case all - assignments belongs to the specified project and location will be - listed. **Note** "-" cannot be used for projects nor locations. - operationId: bigqueryreservation.projects.locations.reservations.assignments.list + Updates an existing assignment. Only the `priority` field can be + updated. + operationId: bigqueryreservation.projects.locations.reservations.assignments.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Assignment' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2362,7 +2369,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAssignmentsResponse' + $ref: '#/components/schemas/Assignment' parameters: - in: path name: projectsId @@ -2379,17 +2386,16 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: assignmentsId + required: true schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}/assignments/{assignmentsId}: - parameters: *ref_1 + format: google-fieldmask delete: description: >- Deletes a assignment. No expansion will happen. Example: * Organization @@ -2438,16 +2444,21 @@ paths: required: true schema: type: string - patch: + /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}/assignments: + parameters: *ref_1 + get: description: >- - Updates an existing assignment. Only the `priority` field can be - updated. - operationId: bigqueryreservation.projects.locations.reservations.assignments.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Assignment' + Lists assignments. Only explicitly created assignments will be returned. + Example: * Organization `organizationA` contains two projects, + `project1` and `project2`. * Reservation `res1` exists and was created + previously. * CreateAssignment was used previously to define the + following associations between entities and reservations: `` and `` In + this example, ListAssignments will just return the above two assignments + for reservation `res1`, and no expansion/merge will happen. The wildcard + "-" can be used for reservations in the request. In that case all + assignments belongs to the specified project and location will be + listed. **Note** "-" cannot be used for projects nor locations. + operationId: bigqueryreservation.projects.locations.reservations.assignments.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2463,7 +2474,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Assignment' + $ref: '#/components/schemas/ListAssignmentsResponse' parameters: - in: path name: projectsId @@ -2480,30 +2491,46 @@ paths: required: true schema: type: string - - in: path - name: assignmentsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}/assignments/{assignmentsId}:move: - parameters: *ref_1 post: description: >- - Moves an assignment under a new reservation. This differs from removing - an existing assignment and recreating a new one by providing a - transactional change that ensures an assignee always has an associated - reservation. - operationId: bigqueryreservation.projects.locations.reservations.assignments.move + Creates an assignment object which allows the given project to submit + jobs of a certain type using slots from the specified reservation. + Currently a resource (project, folder, organization) can only have one + assignment per each (job_type, location) combination, and that + reservation will be used for all jobs of the matching type. Different + assignments can be created on different levels of the projects, folders + or organization hierarchy. During query execution, the assignment is + looked up at the project, folder and organization levels in that order. + The first assignment found is applied to the query. When creating + assignments, it does not matter if other assignments exist at higher + levels. Example: * The organization `organizationA` contains two + projects, `project1` and `project2`. * Assignments for all three + entities (`organizationA`, `project1`, and `project2`) could all be + created and mapped to the same or different reservations. "None" + assignments represent an absence of the assignment. Projects assigned to + None use on-demand pricing. To create a "None" assignment, use "none" as + a reservation_id in the parent. Example parent: + `projects/myproject/locations/US/reservations/none`. Returns + `google.rpc.Code.PERMISSION_DENIED` if user does not have + 'bigquery.admin' permissions on the project using the reservation and + the project that owns this reservation. Returns + `google.rpc.Code.INVALID_ARGUMENT` when location of the assignment does + not match location of the reservation. + operationId: bigqueryreservation.projects.locations.reservations.assignments.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/MoveAssignmentRequest' + $ref: '#/components/schemas/Assignment' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2536,25 +2563,18 @@ paths: required: true schema: type: string - - in: path - name: assignmentsId - required: true + - in: query + name: assignmentId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}/assignments/{assignmentsId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/capacityCommitments/{capacityCommitmentsId}: parameters: *ref_1 - get: + delete: description: >- - Gets the access control policy for a resource. May return: * - A`NOT_FOUND` error if the resource doesn't exist or you don't have the - permission to view it. * An empty policy if the resource exists but - doesn't have a set policy. Supported resources are: - Reservations - - ReservationAssignments To call this method, you must have the following - Google IAM permissions: - - `bigqueryreservation.reservations.getIamPolicy` to get policies on - reservations. - operationId: >- - bigqueryreservation.projects.locations.reservations.assignments.getIamPolicy + Deletes a capacity commitment. Attempting to delete capacity commitment + before its commitment_end_time will fail with the error code + `google.rpc.Code.FAILED_PRECONDITION`. + operationId: bigqueryreservation.projects.locations.capacityCommitments.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2570,7 +2590,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2583,36 +2603,27 @@ paths: schema: type: string - in: path - name: reservationsId - required: true - schema: - type: string - - in: path - name: assignmentsId + name: capacityCommitmentsId required: true schema: type: string - in: query - name: options.requestedPolicyVersion + name: force schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}/assignments/{assignmentsId}:setIamPolicy: - parameters: *ref_1 - post: + type: boolean + patch: description: >- - Sets an access control policy for a resource. Replaces any existing - policy. Supported resources are: - Reservations To call this method, you - must have the following Google IAM permissions: - - `bigqueryreservation.reservations.setIamPolicy` to set policies on - reservations. - operationId: >- - bigqueryreservation.projects.locations.reservations.assignments.setIamPolicy + Updates an existing capacity commitment. Only `plan` and `renewal_plan` + fields can be updated. Plan can only be changed to a plan of a longer + commitment period. Attempting to change to a plan with shorter + commitment period will fail with the error code + `google.rpc.Code.FAILED_PRECONDITION`. + operationId: bigqueryreservation.projects.locations.capacityCommitments.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/CapacityCommitment' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2628,7 +2639,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/CapacityCommitment' parameters: - in: path name: projectsId @@ -2641,29 +2652,18 @@ paths: schema: type: string - in: path - name: reservationsId + name: capacityCommitmentsId required: true schema: type: string - - in: path - name: assignmentsId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/reservations/{reservationsId}/assignments/{assignmentsId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Gets your permissions on a resource. Returns an empty set of permissions - if the resource doesn't exist. Supported resources are: - Reservations - No Google IAM permissions are required to call this method. - operationId: >- - bigqueryreservation.projects.locations.reservations.assignments.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + format: google-fieldmask + get: + description: Returns information about the capacity commitment. + operationId: bigqueryreservation.projects.locations.capacityCommitments.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2679,7 +2679,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/CapacityCommitment' parameters: - in: path name: projectsId @@ -2692,25 +2692,25 @@ paths: schema: type: string - in: path - name: reservationsId - required: true - schema: - type: string - - in: path - name: assignmentsId + name: capacityCommitmentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/capacityCommitments: + /v1/projects/{projectsId}/locations/{locationsId}/capacityCommitments:merge: parameters: *ref_1 post: - description: Creates a new capacity commitment resource. - operationId: bigqueryreservation.projects.locations.capacityCommitments.create + description: >- + Merges capacity commitments of the same plan into a single commitment. + The resulting capacity commitment has the greater commitment_end_time + out of the to-be-merged capacity commitments. Attempting to merge + capacity commitments of different plan will fail with the error code + `google.rpc.Code.FAILED_PRECONDITION`. + operationId: bigqueryreservation.projects.locations.capacityCommitments.merge requestBody: content: application/json: schema: - $ref: '#/components/schemas/CapacityCommitment' + $ref: '#/components/schemas/MergeCapacityCommitmentsRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2738,17 +2738,55 @@ paths: required: true schema: type: string - - in: query - name: enforceSingleAdminProjectPerOrg + /v1/projects/{projectsId}/locations/{locationsId}/capacityCommitments: + parameters: *ref_1 + get: + description: Lists all the capacity commitments for the admin project. + operationId: bigqueryreservation.projects.locations.capacityCommitments.list + security: + - Oauth2: + - https://www.googleapis.com/auth/bigquery + Oauth2c: + - https://www.googleapis.com/auth/bigquery + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListCapacityCommitmentsResponse' + parameters: + - in: path + name: projectsId + required: true schema: - type: boolean + type: string + - in: path + name: locationsId + required: true + schema: + type: string - in: query - name: capacityCommitmentId + name: pageToken schema: type: string - get: - description: Lists all the capacity commitments for the admin project. - operationId: bigqueryreservation.projects.locations.capacityCommitments.list + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a new capacity commitment resource. + operationId: bigqueryreservation.projects.locations.capacityCommitments.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CapacityCommitment' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2764,7 +2802,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListCapacityCommitmentsResponse' + $ref: '#/components/schemas/CapacityCommitment' parameters: - in: path name: projectsId @@ -2777,19 +2815,29 @@ paths: schema: type: string - in: query - name: pageSize + name: enforceSingleAdminProjectPerOrg schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: capacityCommitmentId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/capacityCommitments/{capacityCommitmentsId}: + /v1/projects/{projectsId}/locations/{locationsId}/capacityCommitments/{capacityCommitmentsId}:split: parameters: *ref_1 - get: - description: Returns information about the capacity commitment. - operationId: bigqueryreservation.projects.locations.capacityCommitments.get + post: + description: >- + Splits capacity commitment to two commitments of the same plan and + `commitment_end_time`. A common use case is to enable downgrading + commitments. For example, in order to downgrade from 10000 slots to + 8000, you might split a 10000 capacity commitment into commitments of + 2000 and 8000. Then, you delete the first one after the commitment end + time passes. + operationId: bigqueryreservation.projects.locations.capacityCommitments.split + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SplitCapacityCommitmentRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2805,7 +2853,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CapacityCommitment' + $ref: '#/components/schemas/SplitCapacityCommitmentResponse' parameters: - in: path name: projectsId @@ -2822,12 +2870,13 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/reservationGroups/{reservationGroupsId}: + parameters: *ref_1 delete: description: >- - Deletes a capacity commitment. Attempting to delete capacity commitment - before its commitment_end_time will fail with the error code - `google.rpc.Code.FAILED_PRECONDITION`. - operationId: bigqueryreservation.projects.locations.capacityCommitments.delete + Deletes a reservation. Returns `google.rpc.Code.FAILED_PRECONDITION` + when reservation has assignments. + operationId: bigqueryreservation.projects.locations.reservationGroups.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2856,27 +2905,13 @@ paths: schema: type: string - in: path - name: capacityCommitmentsId + name: reservationGroupsId required: true schema: type: string - - in: query - name: force - schema: - type: boolean - patch: - description: >- - Updates an existing capacity commitment. Only `plan` and `renewal_plan` - fields can be updated. Plan can only be changed to a plan of a longer - commitment period. Attempting to change to a plan with shorter - commitment period will fail with the error code - `google.rpc.Code.FAILED_PRECONDITION`. - operationId: bigqueryreservation.projects.locations.capacityCommitments.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CapacityCommitment' + get: + description: Returns information about the reservation group. + operationId: bigqueryreservation.projects.locations.reservationGroups.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2892,7 +2927,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CapacityCommitment' + $ref: '#/components/schemas/ReservationGroup' parameters: - in: path name: projectsId @@ -2905,31 +2940,20 @@ paths: schema: type: string - in: path - name: capacityCommitmentsId + name: reservationGroupsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/capacityCommitments/{capacityCommitmentsId}:split: + /v1/projects/{projectsId}/locations/{locationsId}/reservationGroups: parameters: *ref_1 post: - description: >- - Splits capacity commitment to two commitments of the same plan and - `commitment_end_time`. A common use case is to enable downgrading - commitments. For example, in order to downgrade from 10000 slots to - 8000, you might split a 10000 capacity commitment into commitments of - 2000 and 8000. Then, you delete the first one after the commitment end - time passes. - operationId: bigqueryreservation.projects.locations.capacityCommitments.split + description: Creates a new reservation group. + operationId: bigqueryreservation.projects.locations.reservationGroups.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SplitCapacityCommitmentRequest' + $ref: '#/components/schemas/ReservationGroup' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2945,7 +2969,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SplitCapacityCommitmentResponse' + $ref: '#/components/schemas/ReservationGroup' parameters: - in: path name: projectsId @@ -2957,26 +2981,15 @@ paths: required: true schema: type: string - - in: path - name: capacityCommitmentsId - required: true + - in: query + name: reservationGroupId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/capacityCommitments:merge: - parameters: *ref_1 - post: + get: description: >- - Merges capacity commitments of the same plan into a single commitment. - The resulting capacity commitment has the greater commitment_end_time - out of the to-be-merged capacity commitments. Attempting to merge - capacity commitments of different plan will fail with the error code - `google.rpc.Code.FAILED_PRECONDITION`. - operationId: bigqueryreservation.projects.locations.capacityCommitments.merge - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/MergeCapacityCommitmentsRequest' + Lists all the reservation groups for the project in the specified + location. + operationId: bigqueryreservation.projects.locations.reservationGroups.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -2992,7 +3005,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CapacityCommitment' + $ref: '#/components/schemas/ListReservationGroupsResponse' parameters: - in: path name: projectsId @@ -3004,16 +3017,20 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/reservationGroups: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/biReservation: parameters: *ref_1 - post: - description: Creates a new reservation group. - operationId: bigqueryreservation.projects.locations.reservationGroups.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ReservationGroup' + get: + description: Retrieves a BI reservation. + operationId: bigqueryreservation.projects.locations.getBiReservation security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3029,7 +3046,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ReservationGroup' + $ref: '#/components/schemas/BiReservation' parameters: - in: path name: projectsId @@ -3041,15 +3058,19 @@ paths: required: true schema: type: string - - in: query - name: reservationGroupId - schema: - type: string - get: + patch: description: >- - Lists all the reservation groups for the project in the specified - location. - operationId: bigqueryreservation.projects.locations.reservationGroups.list + Updates a BI reservation. Only fields specified in the `field_mask` are + updated. A singleton BI reservation always exists with default size 0. + In order to reserve BI capacity it needs to be updated to an amount + greater than 0. In order to release BI capacity reservation size must be + set to 0. + operationId: bigqueryreservation.projects.locations.updateBiReservation + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BiReservation' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3065,7 +3086,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListReservationGroupsResponse' + $ref: '#/components/schemas/BiReservation' parameters: - in: path name: projectsId @@ -3078,19 +3099,27 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/reservationGroups/{reservationGroupsId}: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}:searchAllAssignments: parameters: *ref_1 get: - description: Returns information about the reservation group. - operationId: bigqueryreservation.projects.locations.reservationGroups.get + description: >- + Looks up assignments for a specified resource for a particular region. + If the request is about a project: 1. Assignments created on the project + will be returned if they exist. 2. Otherwise assignments created on the + closest ancestor will be returned. 3. Assignments for different JobTypes + will all be returned. The same logic applies if the request is about a + folder. If the request is about an organization, then assignments + created on the organization will be returned (organization doesn't have + ancestors). Comparing to ListAssignments, there are some behavior + differences: 1. permission on the assignee will be verified in this API. + 2. Hierarchy lookup (project->folder->organization) happens in this API. + 3. Parent here is `projects/*/locations/*`, instead of + `projects/*/locations/*reservations/*`. + operationId: bigqueryreservation.projects.locations.searchAllAssignments security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3106,7 +3135,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ReservationGroup' + $ref: '#/components/schemas/SearchAllAssignmentsResponse' parameters: - in: path name: projectsId @@ -3118,16 +3147,38 @@ paths: required: true schema: type: string - - in: path - name: reservationGroupsId - required: true + - in: query + name: pageToken schema: type: string - delete: + - in: query + name: query + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}:searchAssignments: + parameters: *ref_1 + get: description: >- - Deletes a reservation. Returns `google.rpc.Code.FAILED_PRECONDITION` - when reservation has assignments. - operationId: bigqueryreservation.projects.locations.reservationGroups.delete + Deprecated: Looks up assignments for a specified resource for a + particular region. If the request is about a project: 1. Assignments + created on the project will be returned if they exist. 2. Otherwise + assignments created on the closest ancestor will be returned. 3. + Assignments for different JobTypes will all be returned. The same logic + applies if the request is about a folder. If the request is about an + organization, then assignments created on the organization will be + returned (organization doesn't have ancestors). Comparing to + ListAssignments, there are some behavior differences: 1. permission on + the assignee will be verified in this API. 2. Hierarchy lookup + (project->folder->organization) happens in this API. 3. Parent here is + `projects/*/locations/*`, instead of + `projects/*/locations/*reservations/*`. **Note** "-" cannot be used for + projects nor locations. + operationId: bigqueryreservation.projects.locations.searchAssignments security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3143,7 +3194,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/SearchAssignmentsResponse' parameters: - in: path name: projectsId @@ -3155,8 +3206,16 @@ paths: required: true schema: type: string - - in: path - name: reservationGroupsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: query schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/bigtableadmin.yaml b/providers/src/googleapis.com/v00.00.00000/services/bigtableadmin.yaml index ad9593a3..5717fc44 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/bigtableadmin.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/bigtableadmin.yaml @@ -7,8 +7,8 @@ info: title: Cloud Bigtable Admin API description: Administer your Cloud Bigtable tables and instances. version: v2 - x-discovery-doc-revision: '20250811' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251113' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/bigtable/ servers: @@ -22,19 +22,19 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 - https://www.googleapis.com/auth/bigtable.admin: Administer your Cloud Bigtable tables and clusters - https://www.googleapis.com/auth/bigtable.admin.cluster: Administer your Cloud Bigtable clusters - https://www.googleapis.com/auth/bigtable.admin.instance: Administer your Cloud Bigtable clusters - https://www.googleapis.com/auth/bigtable.admin.table: Administer your Cloud Bigtable tables - https://www.googleapis.com/auth/cloud-bigtable.admin: Administer your Cloud Bigtable tables and clusters https://www.googleapis.com/auth/cloud-bigtable.admin.cluster: Administer your Cloud Bigtable clusters - https://www.googleapis.com/auth/cloud-bigtable.admin.table: Administer your Cloud Bigtable tables - https://www.googleapis.com/auth/cloud-platform: >- - See, edit, configure, and delete your Google Cloud data and see - the email address for your Google Account. https://www.googleapis.com/auth/cloud-platform.read-only: >- View your data across Google Cloud services and see the email address of your Google Account + https://www.googleapis.com/auth/cloud-bigtable.admin: Administer your Cloud Bigtable tables and clusters + https://www.googleapis.com/auth/bigtable.admin.cluster: Administer your Cloud Bigtable clusters + https://www.googleapis.com/auth/cloud-platform: >- + See, edit, configure, and delete your Google Cloud data and see + the email address for your Google Account. + https://www.googleapis.com/auth/bigtable.admin.instance: Administer your Cloud Bigtable clusters + https://www.googleapis.com/auth/bigtable.admin.table: Administer your Cloud Bigtable tables + https://www.googleapis.com/auth/bigtable.admin: Administer your Cloud Bigtable tables and clusters + https://www.googleapis.com/auth/cloud-bigtable.admin.table: Administer your Cloud Bigtable tables Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -44,250 +44,320 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object + CopyBackupMetadata: properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + name: type: string - Operation: - id: Operation + description: >- + The name of the backup being created through the copy operation. + Values are of the form `projects//instances//clusters//backups/`. + sourceBackupInfo: + $ref: '#/components/schemas/BackupInfo' + description: Information about the source backup that is being copied from. + progress: + description: The progress of the CopyBackup operation. + $ref: '#/components/schemas/OperationProgress' description: >- - This resource represents a long-running operation that is the result of - a network API call. + Metadata type for the google.longrunning.Operation returned by + CopyBackup. + type: object + id: CopyBackupMetadata + GoogleBigtableAdminV2TypeAggregateSum: + type: object + properties: {} + description: >- + Computes the sum of the input values. Allowed input: `Int64` State: same + as input + id: GoogleBigtableAdminV2TypeAggregateSum + Table: + description: >- + A collection of user data indexed by row, column, and timestamp. Each + table is served using the resources of its parent cluster. type: object properties: - name: + restoreInfo: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: + Output only. If this table was restored from another data source + (e.g. a backup), this field will be populated with information about + the restore. + $ref: '#/components/schemas/RestoreInfo' + readOnly: true + changeStreamConfig: + $ref: '#/components/schemas/ChangeStreamConfig' description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. + If specified, enable the change stream on this table. Otherwise, the + change stream is disabled and the change stream is not retained. + clusterStates: type: object additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + $ref: '#/components/schemas/ClusterState' + readOnly: true description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + Output only. Map from cluster ID to per-cluster table state. If it + could not be determined whether or not the table has data in a + particular cluster (for example, if its zone is unavailable), then + there will be an entry for the cluster with UNKNOWN + `replication_status`. Views: `REPLICATION_VIEW`, `ENCRYPTION_VIEW`, + `FULL` + rowKeySchema: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + The row key schema for this table. The schema is used to decode the + raw row key bytes into a structured format. The order of field + declarations in this schema is important, as it reflects how the raw + row key bytes are structured. Currently, this only affects how the + key is read via a GoogleSQL query from the ExecuteQuery API. For a + SQL query, the _key column is still read as raw bytes. But queries + can reference the key fields by name, which will be decoded from + _key using provided type and encoding. Queries that reference key + fields will fail if they encounter an invalid row key. For example, + if _key = "some_id#2024-04-30#\x00\x13\x00\xf3" with the following + schema: { fields { field_name: "id" type { string { encoding: + utf8_bytes {} } } } fields { field_name: "date" type { string { + encoding: utf8_bytes {} } } } fields { field_name: "product_code" + type { int64 { encoding: big_endian_bytes {} } } } encoding { + delimited_bytes { delimiter: "#" } } } The decoded key parts would + be: id = "some_id", date = "2024-04-30", product_code = 1245427 The + query "SELECT _key, product_code FROM table" will return two + columns: /------------------------------------------------------\ | + _key | product_code | | + --------------------------------------|--------------| | + "some_id#2024-04-30#\x00\x13\x00\xf3" | 1245427 | + \------------------------------------------------------/ The schema + has the following invariants: (1) The decoded field values are + order-preserved. For read, the field values will be decoded in + sorted mode from the raw bytes. (2) Every field in the schema must + specify a non-empty name. (3) Every field must specify a type with + an associated encoding. The type is limited to scalar types only: + Array, Map, Aggregate, and Struct are not allowed. (4) The field + names must not collide with existing column family names and + reserved keywords "_key" and "_timestamp". The following update + operations are allowed for row_key_schema: - Update from an empty + schema to a new schema. - Remove the existing schema. This operation + requires setting the `ignore_warnings` flag to `true`, since it + might be a backward incompatible change. Without the flag, the + update request will fail with an INVALID_ARGUMENT error. Any other + row key schema update operation (e.g. update existing schema columns + names or types) is currently unsupported. + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeStruct' + stats: + $ref: '#/components/schemas/TableStats' description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object + Output only. Only available with STATS_VIEW, this includes summary + statistics about the entire table contents. For statistics about a + specific column family, see ColumnFamilyStats in the mapped + ColumnFamily collection above. + readOnly: true + columnFamilies: additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: + $ref: '#/components/schemas/ColumnFamily' description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - CreateInstanceRequest: - id: CreateInstanceRequest - description: Request message for BigtableInstanceAdmin.CreateInstance. - type: object - properties: - parent: + The column families configured for this table, mapped by column + family ID. Views: `SCHEMA_VIEW`, `STATS_VIEW`, `FULL` + type: object + automatedBackupPolicy: + $ref: '#/components/schemas/AutomatedBackupPolicy' description: >- - Required. The unique name of the project in which to create the new - instance. Values are of the form `projects/{project}`. - type: string - instanceId: + If specified, automated backups are enabled for this table. + Otherwise, automated backups are disabled. + granularity: description: >- - Required. The ID to be used when referring to the new instance - within its project, e.g., just `myinstance` rather than - `projects/myproject/instances/myinstance`. + Immutable. The granularity (i.e. `MILLIS`) at which timestamps are + stored in this table. Timestamps not matching the granularity will + be rejected. If unspecified at creation time, the value will be set + to `MILLIS`. Views: `SCHEMA_VIEW`, `FULL`. type: string - instance: - description: >- - Required. The instance to create. Fields marked `OutputOnly` must be - left blank. - $ref: '#/components/schemas/Instance' - clusters: - description: >- - Required. The clusters to be created within the instance, mapped by - desired cluster ID, e.g., just `mycluster` rather than - `projects/myproject/instances/myinstance/clusters/mycluster`. Fields - marked `OutputOnly` must be left blank. - type: object - additionalProperties: - $ref: '#/components/schemas/Cluster' - Instance: - id: Instance - description: >- - A collection of Bigtable Tables and the resources that serve them. All - tables in an instance are served from all Clusters in the instance. - type: object - properties: + enumDescriptions: + - >- + The user did not specify a granularity. Should not be returned. + When specified during table creation, MILLIS will be used. + - The table keeps data versioned at a granularity of 1ms. + enum: + - TIMESTAMP_GRANULARITY_UNSPECIFIED + - MILLIS name: description: >- - The unique name of the instance. Values are of the form - `projects/{project}/instances/a-z+[a-z0-9]`. + The unique name of the table. Values are of the form + `projects/{project}/instances/{instance}/tables/_a-zA-Z0-9*`. Views: + `NAME_ONLY`, `SCHEMA_VIEW`, `REPLICATION_VIEW`, `STATS_VIEW`, `FULL` type: string - displayName: + deletionProtection: description: >- - Required. The descriptive name for this instance as it appears in - UIs. Can be changed at any time, but should be kept globally unique - to avoid confusion. - type: string - state: - description: Output only. The current state of the instance. - readOnly: true + Set to true to make the table protected against data loss. i.e. + deleting the following resources through Admin APIs are prohibited: + * The table. * The column families in the table. * The instance + containing the table. Note one can still delete the data stored in + the table through Data APIs. + type: boolean + tieredStorageConfig: + $ref: '#/components/schemas/TieredStorageConfig' + description: >- + Rules to specify what data is stored in each storage tier. Different + tiers store data differently, providing different trade-offs between + cost and performance. Different parts of a table can be stored + separately on different tiers. If a config is specified, tiered + storage is enabled for this table. Otherwise, tiered storage is + disabled. Only SSD instances can configure tiered storage. + id: Table + GoogleBigtableAdminV2TypeStringEncodingUtf8Bytes: + id: GoogleBigtableAdminV2TypeStringEncodingUtf8Bytes + properties: + nullEscapeChar: + description: >- + Single-character escape sequence used to support NULL values. If + set, allows NULL values to be encoded as the empty string "". The + actual empty string, or any value where every character equals + `null_escape_char`, has one more `null_escape_char` appended. If + `null_escape_char` is set and does not equal the ASCII null + character `0x00`, then the encoding will not support sorted mode. . type: string - enumDescriptions: - - The state of the instance could not be determined. - - >- - The instance has been successfully created and can serve requests - to its tables. - - >- - The instance is currently being created, and may be destroyed if - the creation process encounters an error. - enum: - - STATE_NOT_KNOWN - - READY - - CREATING - type: - description: The type of the instance. Defaults to `PRODUCTION`. + type: object + description: >- + UTF-8 encoding. Sorted mode: - All values are supported. - Code point + order is preserved. Distinct mode: all values are supported. Compatible + with: - BigQuery `TEXT` encoding - HBase `Bytes.toBytes` - Java + `String#getBytes(StandardCharsets.UTF_8)` + PartialUpdateClusterRequest: + description: Request message for BigtableInstanceAdmin.PartialUpdateCluster. + type: object + id: PartialUpdateClusterRequest + properties: + updateMask: + format: google-fieldmask + description: Required. The subset of Cluster fields which should be replaced. type: string - enumDescriptions: - - >- - The type of the instance is unspecified. If set when creating an - instance, a `PRODUCTION` instance will be created. If set when - updating an instance, the type will be left unchanged. - - >- - An instance meant for production use. `serve_nodes` must be set on - the cluster. - - >- - DEPRECATED: Prefer PRODUCTION for all use cases, as it no longer - enforces a higher minimum node count than DEVELOPMENT. - enum: - - TYPE_UNSPECIFIED - - PRODUCTION - - DEVELOPMENT - labels: + cluster: + $ref: '#/components/schemas/Cluster' description: >- - Labels are a flexible and lightweight mechanism for organizing cloud - resources into groups that reflect a customer's organizational needs - and deployment strategies. They can be used to filter resources and - aggregate metrics. * Label keys must be between 1 and 63 characters - long and must conform to the regular expression: - `\p{Ll}\p{Lo}{0,62}`. * Label values must be between 0 and 63 - characters long and must conform to the regular expression: - `[\p{Ll}\p{Lo}\p{N}_-]{0,63}`. * No more than 64 labels can be - associated with a given resource. * Keys and values must both be - under 128 bytes. - type: object - additionalProperties: - type: string - createTime: + Required. The Cluster which contains the partial updates to be + applied, subject to the update_mask. + GoogleBigtableAdminV2TypeArray: + properties: + elementType: + description: The type of the elements in the array. This must not be `Array`. + $ref: '#/components/schemas/Type' + description: >- + An ordered list of elements of a given type. Values of type `Array` are + stored in `Value.array_value`. + id: GoogleBigtableAdminV2TypeArray + type: object + RestoreTableRequest: + description: The request for RestoreTable. + type: object + properties: + tableId: description: >- - Output only. A commit timestamp representing when this Instance was - created. For instances created before this field was added (August - 2021), this value is `seconds: 0, nanos: 1`. - readOnly: true + Required. The id of the table to create and restore to. This table + must not already exist. The `table_id` appended to `parent` forms + the full table name of the form `projects//instances//tables/`. + type: string + backup: type: string - format: google-datetime - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - tags: description: >- - Optional. Input only. Immutable. Tag keys/values directly bound to - this resource. For example: - "123/environment": "production", - - "123/costCenter": "marketing" Tags and Labels (above) are both used - to bind metadata to resources, with different use-cases. See - https://cloud.google.com/resource-manager/docs/tags/tags-overview - for an in-depth overview on the difference between tags and labels. - type: object - additionalProperties: - type: string - Cluster: - id: Cluster + Name of the backup from which to restore. Values are of the form + `projects//instances//clusters//backups/`. + id: RestoreTableRequest + GoogleBigtableAdminV2TypeStructEncodingDelimitedBytes: + type: object + properties: + delimiter: + description: >- + Byte sequence used to delimit concatenated fields. The delimiter + must contain at least 1 character and at most 50 characters. + format: byte + type: string + id: GoogleBigtableAdminV2TypeStructEncodingDelimitedBytes description: >- - A resizable group of nodes in a particular cloud location, capable of - serving all Tables in the parent Instance. + Fields are encoded independently and concatenated with a configurable + `delimiter` in between. A struct with no fields defined is encoded as a + single `delimiter`. Sorted mode: - Fields are encoded in sorted mode. - + Encoded field values must not contain any bytes <= `delimiter[0]` - + Element-wise order is preserved: `A < B` if `A[0] < B[0]`, or if `A[0] + == B[0] && A[1] < B[1]`, etc. Strict prefixes sort first. - This + encoding does not support `DESC` field ordering. Distinct mode: - Fields + are encoded in distinct mode. - Encoded field values must not contain + `delimiter[0]`. + CreateAuthorizedViewRequest: type: object properties: - name: + authorizedViewId: + type: string description: >- - The unique name of the cluster. Values are of the form - `projects/{project}/instances/{instance}/clusters/a-z*`. + Required. The id of the AuthorizedView to create. This + AuthorizedView must not already exist. The `authorized_view_id` + appended to `parent` forms the full AuthorizedView name of the form + `projects/{project}/instances/{instance}/tables/{table}/authorizedView/{authorized_view}`. + parent: + description: >- + Required. This is the name of the table the AuthorizedView belongs + to. Values are of the form + `projects/{project}/instances/{instance}/tables/{table}`. + type: string + authorizedView: + description: Required. The AuthorizedView to create. + $ref: '#/components/schemas/AuthorizedView' + id: CreateAuthorizedViewRequest + description: The request for CreateAuthorizedView + ListBackupsResponse: + properties: + backups: + items: + $ref: '#/components/schemas/Backup' + type: array + description: The list of matching backups. + nextPageToken: type: string + description: >- + `next_page_token` can be sent in a subsequent ListBackups call to + fetch more of the matching backups. + description: The response for ListBackups. + id: ListBackupsResponse + type: object + Cluster: + id: Cluster + properties: + clusterConfig: + $ref: '#/components/schemas/ClusterConfig' + description: Configuration for this cluster. location: + type: string description: >- Immutable. The location where this cluster's nodes and storage reside. For best performance, clients should be located as close as possible to this cluster. Currently only zones are supported, so values should be of the form `projects/{project}/locations/{zone}`. + serveNodes: + description: >- + The number of nodes in the cluster. If no value is set, Cloud + Bigtable automatically allocates nodes based on your data footprint + and optimized for 50% storage utilization. + format: int32 + type: integer + name: + description: >- + The unique name of the cluster. Values are of the form + `projects/{project}/instances/{instance}/clusters/a-z*`. type: string + nodeScalingFactor: + type: string + enumDescriptions: + - No node scaling specified. Defaults to NODE_SCALING_FACTOR_1X. + - The cluster is running with a scaling factor of 1. + - >- + The cluster is running with a scaling factor of 2. All node count + values must be in increments of 2 with this scaling factor + enabled, otherwise an INVALID_ARGUMENT error will be returned. + description: Immutable. The node scaling factor of this cluster. + enum: + - NODE_SCALING_FACTOR_UNSPECIFIED + - NODE_SCALING_FACTOR_1X + - NODE_SCALING_FACTOR_2X + encryptionConfig: + description: Immutable. The encryption configuration for CMEK-protected clusters. + $ref: '#/components/schemas/EncryptionConfig' state: + type: string description: Output only. The current state of the cluster. readOnly: true - type: string enumDescriptions: - The state of the cluster could not be determined. - >- @@ -312,489 +382,125 @@ components: - CREATING - RESIZING - DISABLED - serveNodes: - description: >- - The number of nodes in the cluster. If no value is set, Cloud - Bigtable automatically allocates nodes based on your data footprint - and optimized for 50% storage utilization. - type: integer - format: int32 - nodeScalingFactor: - description: Immutable. The node scaling factor of this cluster. - type: string + defaultStorageType: enumDescriptions: - - No node scaling specified. Defaults to NODE_SCALING_FACTOR_1X. - - The cluster is running with a scaling factor of 1. - - >- - The cluster is running with a scaling factor of 2. All node count - values must be in increments of 2 with this scaling factor - enabled, otherwise an INVALID_ARGUMENT error will be returned. - enum: - - NODE_SCALING_FACTOR_UNSPECIFIED - - NODE_SCALING_FACTOR_1X - - NODE_SCALING_FACTOR_2X - clusterConfig: - description: Configuration for this cluster. - $ref: '#/components/schemas/ClusterConfig' - defaultStorageType: - description: >- - Immutable. The type of storage used by this cluster to serve its - parent instance's tables, unless explicitly overridden. - type: string - enumDescriptions: - - The user did not specify a storage type. - - Flash (SSD) storage should be used. - - Magnetic drive (HDD) storage should be used. + - The user did not specify a storage type. + - Flash (SSD) storage should be used. + - Magnetic drive (HDD) storage should be used. + type: string enum: - STORAGE_TYPE_UNSPECIFIED - SSD - HDD - encryptionConfig: - description: Immutable. The encryption configuration for CMEK-protected clusters. - $ref: '#/components/schemas/EncryptionConfig' - ClusterConfig: - id: ClusterConfig - description: Configuration for a cluster. - type: object - properties: - clusterAutoscalingConfig: - description: Autoscaling configuration for this cluster. - $ref: '#/components/schemas/ClusterAutoscalingConfig' - ClusterAutoscalingConfig: - id: ClusterAutoscalingConfig - description: Autoscaling config for a cluster. - type: object - properties: - autoscalingLimits: - description: Required. Autoscaling limits for this cluster. - $ref: '#/components/schemas/AutoscalingLimits' - autoscalingTargets: - description: Required. Autoscaling targets for this cluster. - $ref: '#/components/schemas/AutoscalingTargets' - AutoscalingLimits: - id: AutoscalingLimits - description: Limits for the number of nodes a Cluster can autoscale up/down to. + description: >- + Immutable. The type of storage used by this cluster to serve its + parent instance's tables, unless explicitly overridden. type: object - properties: - minServeNodes: - description: Required. Minimum number of nodes to scale down to. - type: integer - format: int32 - maxServeNodes: - description: Required. Maximum number of nodes to scale up to. - type: integer - format: int32 - AutoscalingTargets: - id: AutoscalingTargets description: >- - The Autoscaling targets for a Cluster. These determine the recommended - nodes. + A resizable group of nodes in a particular cloud location, capable of + serving all Tables in the parent Instance. + GoogleBigtableAdminV2TypeInt64EncodingOrderedCodeBytes: type: object - properties: - cpuUtilizationPercent: - description: >- - The cpu utilization that the Autoscaler should be trying to achieve. - This number is on a scale from 0 (no utilization) to 100 (total - utilization), and is limited between 10 and 80, otherwise it will - return INVALID_ARGUMENT error. - type: integer - format: int32 - storageUtilizationGibPerNode: - description: >- - The storage utilization that the Autoscaler should be trying to - achieve. This number is limited between 2560 (2.5TiB) and 5120 - (5TiB) for a SSD cluster and between 8192 (8TiB) and 16384 (16TiB) - for an HDD cluster, otherwise it will return INVALID_ARGUMENT error. - If this value is set to 0, it will be treated as if it were set to - the default value: 2560 for SSD, 8192 for HDD. - type: integer - format: int32 - EncryptionConfig: - id: EncryptionConfig + properties: {} description: >- - Cloud Key Management Service (Cloud KMS) settings for a CMEK-protected - cluster. - type: object - properties: - kmsKeyName: - description: >- - Describes the Cloud KMS encryption key that will be used to protect - the destination Bigtable cluster. The requirements for this key are: - 1) The Cloud Bigtable service account associated with the project - that contains this cluster must be granted the - `cloudkms.cryptoKeyEncrypterDecrypter` role on the CMEK key. 2) Only - regional keys can be used and the region of the CMEK key must match - the region of the cluster. Values are of the form - `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}` - type: string - ListInstancesResponse: - id: ListInstancesResponse - description: Response message for BigtableInstanceAdmin.ListInstances. + Encodes the value in a variable length binary format of up to 10 bytes. + Values that are closer to zero use fewer bytes. Sorted mode: all values + are supported. Distinct mode: all values are supported. + id: GoogleBigtableAdminV2TypeInt64EncodingOrderedCodeBytes + ModifyColumnFamiliesRequest: + id: ModifyColumnFamiliesRequest type: object + description: >- + Request message for + google.bigtable.admin.v2.BigtableTableAdmin.ModifyColumnFamilies properties: - instances: - description: The list of requested instances. - type: array + modifications: items: - $ref: '#/components/schemas/Instance' - failedLocations: - description: >- - Locations from which Instance information could not be retrieved, - due to an outage or some other transient condition. Instances whose - Clusters are all in one of the failed locations may be missing from - `instances`, and Instances with at least one Cluster in a failed - location may only have partial information returned. Values are of - the form `projects//locations/` + $ref: '#/components/schemas/Modification' type: array - items: - type: string - nextPageToken: - description: 'DEPRECATED: This field is unused and ignored.' - type: string - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + description: >- + Required. Modifications to be atomically applied to the specified + table's families. Entries are applied in order, meaning that earlier + modifications can be masked by later ones (in the case of repeated + updates to the same family, for example). + ignoreWarnings: + type: boolean + description: >- + Optional. If true, ignore safety checks when modifying the column + families. + UpdateAppProfileMetadata: type: object + description: The metadata for the Operation returned by UpdateAppProfile. properties: {} - ListClustersResponse: - id: ListClustersResponse - description: Response message for BigtableInstanceAdmin.ListClusters. + id: UpdateAppProfileMetadata + CreateInstanceMetadata: + id: CreateInstanceMetadata + description: The metadata for the Operation returned by CreateInstance. type: object properties: - clusters: - description: The list of requested clusters. - type: array - items: - $ref: '#/components/schemas/Cluster' - failedLocations: + finishTime: + type: string + format: google-datetime description: >- - Locations from which Cluster information could not be retrieved, due - to an outage or some other transient condition. Clusters from these - locations may be missing from `clusters`, or may only have partial - information returned. Values are of the form `projects//locations/` - type: array - items: - type: string - nextPageToken: - description: 'DEPRECATED: This field is unused and ignored.' + The time at which the operation failed or was completed + successfully. + originalRequest: + description: >- + The request that prompted the initiation of this CreateInstance + operation. + $ref: '#/components/schemas/CreateInstanceRequest' + requestTime: type: string - AppProfile: - id: AppProfile - description: >- - A configuration object describing how Cloud Bigtable should treat - traffic from a particular end user application. + format: google-datetime + description: The time at which the original request was received. + UpdateTableMetadata: type: object + description: Metadata type for the operation returned by UpdateTable. properties: name: - description: >- - The unique name of the app profile, up to 50 characters long. Values - are of the form - `projects/{project}/instances/{instance}/appProfiles/_a-zA-Z0-9*`. + description: The name of the table being updated. type: string - etag: + requestTime: + type: string + format: google-datetime + description: The time at which the original request was received. + startTime: + deprecated: true + format: google-datetime description: >- - Strongly validated etag for optimistic concurrency control. Preserve - the value returned from `GetAppProfile` when calling - `UpdateAppProfile` to fail the request if there has been a - modification in the mean time. The `update_mask` of the request need - not include `etag` for this protection to apply. See - [Wikipedia](https://en.wikipedia.org/wiki/HTTP_ETag) and [RFC - 7232](https://tools.ietf.org/html/rfc7232#section-2.3) for more - details. + The time at which this operation started. DEPRECATED: Use + request_time instead. type: string - description: - description: Long form description of the use case for this AppProfile. + endTime: type: string - multiClusterRoutingUseAny: - description: Use a multi-cluster routing policy. - $ref: '#/components/schemas/MultiClusterRoutingUseAny' - singleClusterRouting: - description: Use a single-cluster routing policy. - $ref: '#/components/schemas/SingleClusterRouting' - priority: - description: >- - This field has been deprecated in favor of - `standard_isolation.priority`. If you set this field, - `standard_isolation.priority` will be set instead. The priority of - requests sent using this app profile. + format: google-datetime deprecated: true - type: string - enumDescriptions: - - >- - Default value. Mapped to PRIORITY_HIGH (the legacy behavior) on - creation. - - '' - - '' - - '' - enum: - - PRIORITY_UNSPECIFIED - - PRIORITY_LOW - - PRIORITY_MEDIUM - - PRIORITY_HIGH - standardIsolation: - description: >- - The standard options used for isolating this app profile's traffic - from other use cases. - $ref: '#/components/schemas/StandardIsolation' - dataBoostIsolationReadOnly: description: >- - Specifies that this app profile is intended for read-only usage via - the Data Boost feature. - $ref: '#/components/schemas/DataBoostIsolationReadOnly' - MultiClusterRoutingUseAny: - id: MultiClusterRoutingUseAny - description: >- - Read/write requests are routed to the nearest cluster in the instance, - and will fail over to the nearest cluster that is available in the event - of transient errors or delays. Clusters in a region are considered - equidistant. Choosing this option sacrifices read-your-writes - consistency to improve availability. - type: object - properties: - clusterIds: + If set, the time at which this operation finished or was canceled. + DEPRECATED: Use finish_time instead. + finishTime: description: >- - The set of clusters to route to. The order is ignored; clusters will - be tried in order of distance. If left empty, all clusters are - eligible. - type: array - items: - type: string - rowAffinity: - description: >- - Row affinity sticky routing based on the row key of the request. - Requests that span multiple rows are routed non-deterministically. - $ref: '#/components/schemas/RowAffinity' - RowAffinity: - id: RowAffinity - description: >- - If enabled, Bigtable will route the request based on the row key of the - request, rather than randomly. Instead, each row key will be assigned to - a cluster, and will stick to that cluster. If clusters are added or - removed, then this may affect which row keys stick to which clusters. To - avoid this, users can use a cluster group to specify which clusters are - to be used. In this case, new clusters that are not a part of the - cluster group will not be routed to, and routing will be unaffected by - the new cluster. Moreover, clusters specified in the cluster group - cannot be deleted unless removed from the cluster group. - type: object - properties: {} - SingleClusterRouting: - id: SingleClusterRouting - description: >- - Unconditionally routes all read/write requests to a specific cluster. - This option preserves read-your-writes consistency but does not improve - availability. - type: object - properties: - clusterId: - description: The cluster to which read/write requests should be routed. - type: string - allowTransactionalWrites: - description: >- - Whether or not `CheckAndMutateRow` and `ReadModifyWriteRow` requests - are allowed by this app profile. It is unsafe to send these requests - to the same table/row/column in multiple clusters. - type: boolean - StandardIsolation: - id: StandardIsolation - description: >- - Standard options for isolating this app profile's traffic from other use - cases. - type: object - properties: - priority: - description: The priority of requests sent using this app profile. - type: string - enumDescriptions: - - >- - Default value. Mapped to PRIORITY_HIGH (the legacy behavior) on - creation. - - '' - - '' - - '' - enum: - - PRIORITY_UNSPECIFIED - - PRIORITY_LOW - - PRIORITY_MEDIUM - - PRIORITY_HIGH - DataBoostIsolationReadOnly: - id: DataBoostIsolationReadOnly - description: >- - Data Boost is a serverless compute capability that lets you run - high-throughput read jobs and queries on your Bigtable data, without - impacting the performance of the clusters that handle your application - traffic. Data Boost supports read-only use cases with single-cluster - routing. - type: object - properties: - computeBillingOwner: - description: The Compute Billing Owner for this Data Boost App Profile. - type: string - enumDescriptions: - - Unspecified value. - - >- - The host Cloud Project containing the targeted Bigtable Instance / - Table pays for compute. - enum: - - COMPUTE_BILLING_OWNER_UNSPECIFIED - - HOST_PAYS - ListAppProfilesResponse: - id: ListAppProfilesResponse - description: Response message for BigtableInstanceAdmin.ListAppProfiles. - type: object - properties: - appProfiles: - description: The list of requested app profiles. - type: array - items: - $ref: '#/components/schemas/AppProfile' - nextPageToken: - description: >- - Set if not all app profiles could be returned in a single response. - Pass this value to `page_token` in another request to get the next - page of results. - type: string - failedLocations: - description: >- - Locations from which AppProfile information could not be retrieved, - due to an outage or some other transient condition. AppProfiles from - these locations may be missing from `app_profiles`. Values are of - the form `projects//locations/` - type: array - items: - type: string - GetIamPolicyRequest: - id: GetIamPolicyRequest - description: Request message for `GetIamPolicy` method. - type: object - properties: - options: - description: >- - OPTIONAL: A `GetPolicyOptions` object for specifying options to - `GetIamPolicy`. - $ref: '#/components/schemas/GetPolicyOptions' - GetPolicyOptions: - id: GetPolicyOptions - description: Encapsulates settings provided to GetIamPolicy. - type: object - properties: - requestedPolicyVersion: - description: >- - Optional. The maximum policy version that will be used to format the - policy. Valid values are 0, 1, and 3. Requests specifying an invalid - value will be rejected. Requests for policies with any conditional - role bindings must specify version 3. Policies with no conditional - role bindings may specify any valid value or leave the field unset. - The policy in the response might use the policy version that you - specified, or it might use a lower policy version. For example, if - you specify version 3, but the policy has no conditional role - bindings, the response uses version 1. To learn which resources - support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). - type: object - properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: - description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. - type: array - items: - $ref: '#/components/schemas/AuditConfig' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + The time at which the operation failed or was completed + successfully. + format: google-datetime type: string - format: byte + id: UpdateTableMetadata Binding: id: Binding - description: Associates `members`, or principals, with a `role`. type: object + description: Associates `members`, or principals, with a `role`. properties: + condition: + $ref: '#/components/schemas/Expr' + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). role: description: >- Role that is assigned to the list of `members`, or principals. For @@ -867,842 +573,846 @@ components: type: array items: type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + Union: + id: Union type: object properties: - expression: + rules: + items: + $ref: '#/components/schemas/GcRule' + description: Delete cells which would be deleted by any element of `rules`. + type: array + description: A GcRule which deletes cells matching any of the given rules. + CreateSchemaBundleMetadata: + properties: + finishTime: + format: google-datetime description: >- - Textual representation of an expression in Common Expression - Language syntax. + The time at which the operation failed or was completed + successfully. type: string - title: - description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + requestTime: + description: The time at which the original request was received. type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + format: google-datetime + name: type: string - location: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - AuditConfig: - id: AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + The unique name identifying this schema bundle. Values are of the + form + `projects/{project}/instances/{instance}/tables/{table}/schemaBundles/{schema_bundle}` + description: The metadata for the Operation returned by CreateSchemaBundle. + id: CreateSchemaBundleMetadata type: object - properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/AuditLogConfig' AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - type: object properties: logType: - description: The log type that this config enables. - type: string enumDescriptions: - Default case. Should never be this. - 'Admin reads. Example: CloudIAM getIamPolicy' - 'Data writes. Example: CloudSQL Users create' - 'Data reads. Example: CloudSQL Users list' + type: string enum: - LOG_TYPE_UNSPECIFIED - ADMIN_READ - DATA_WRITE - DATA_READ + description: The log type that this config enables. exemptedMembers: + items: + type: string description: >- Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members. type: array - items: - type: string - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. type: object + id: AuditLogConfig + CreateClusterRequest: properties: - policy: + clusterId: + type: string description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: + Required. The ID to be used when referring to the new cluster within + its instance, e.g., just `mycluster` rather than + `projects/myproject/instances/myinstance/clusters/mycluster`. + cluster: + $ref: '#/components/schemas/Cluster' description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` - type: string - format: google-fieldmask - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: + Required. The cluster to be created. Fields marked `OutputOnly` must + be left blank. + parent: description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. + Required. The unique name of the instance in which to create the new + cluster. Values are of the form + `projects/{project}/instances/{instance}`. + type: string + description: Request message for BigtableInstanceAdmin.CreateCluster. type: object - properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - ListHotTabletsResponse: - id: ListHotTabletsResponse - description: Response message for BigtableInstanceAdmin.ListHotTablets. + id: CreateClusterRequest + CopyBackupRequest: type: object properties: - hotTablets: + backupId: description: >- - List of hot tablets in the tables of the requested cluster that fall - within the requested time range. Hot tablets are ordered by node cpu - usage percent. If there are multiple hot tablets that correspond to - the same tablet within a 15-minute interval, only the hot tablet - with the highest node cpu usage will be included in the response. - type: array - items: - $ref: '#/components/schemas/HotTablet' - nextPageToken: + Required. The id of the new backup. The `backup_id` along with + `parent` are combined as {parent}/backups/{backup_id} to create the + full backup name, of the form: + `projects/{project}/instances/{instance}/clusters/{cluster}/backups/{backup_id}`. + This string must be between 1 and 50 characters in length and match + the regex _a-zA-Z0-9*. + type: string + sourceBackup: + type: string description: >- - Set if not all hot tablets could be returned in a single response. - Pass this value to `page_token` in another request to get the next - page of results. + Required. The source backup to be copied from. The source backup + needs to be in READY state for it to be copied. Copying a copied + backup is not allowed. Once CopyBackup is in progress, the source + backup cannot be deleted or cleaned up on expiration until + CopyBackup is finished. Values are of the form: + `projects//instances//clusters//backups/`. + expireTime: + format: google-datetime type: string - HotTablet: - id: HotTablet - description: >- - A tablet is a defined by a start and end key and is explained in - https://cloud.google.com/bigtable/docs/overview#architecture and - https://cloud.google.com/bigtable/docs/performance#optimization. A Hot - tablet is a tablet that exhibits high average cpu usage during the time - interval from start time to end time. + description: >- + Required. Required. The expiration time of the copied backup with + microsecond granularity that must be at least 6 hours and at most 30 + days from the time the request is received. Once the `expire_time` + has passed, Cloud Bigtable will delete the backup and free the + resources used by the backup. + description: The request for CopyBackup. + id: CopyBackupRequest + BackupInfo: + description: Information about a backup. type: object + id: BackupInfo properties: - name: + endTime: + format: google-datetime description: >- - The unique name of the hot tablet. Values are of the form - `projects/{project}/instances/{instance}/clusters/{cluster}/hotTablets/[a-zA-Z0-9_-]*`. + Output only. This time that the backup was finished. Row data in the + backup will be no newer than this timestamp. type: string - tableName: + readOnly: true + sourceBackup: description: >- - Name of the table that contains the tablet. Values are of the form - `projects/{project}/instances/{instance}/tables/_a-zA-Z0-9*`. - type: string - startTime: - description: Output only. The start time of the hot tablet. + Output only. Name of the backup from which this backup was copied. + If a backup is not created by copying a backup, this field will be + empty. Values are of the form: + projects//instances//clusters//backups/ readOnly: true type: string + startTime: format: google-datetime - endTime: - description: Output only. The end time of the hot tablet. + description: >- + Output only. The time that the backup was started. Row data in the + backup will be no older than this timestamp. readOnly: true type: string - format: google-datetime - startKey: - description: Tablet Start Key (inclusive). - type: string - endKey: - description: Tablet End Key (inclusive). + sourceTable: type: string - nodeCpuUsagePercent: - description: >- - Output only. The average CPU usage spent by a node on this tablet - over the start_time to end_time time range. The percentage is the - amount of CPU used by the node to serve the tablet, from 0% (tablet - was not interacted with) to 100% (the node spent all cycles serving - the hot tablet). readOnly: true - type: number - format: float - LogicalView: - id: LogicalView - description: A SQL logical view object that can be referenced in SQL queries. + description: Output only. Name of the table the backup was created from. + backup: + readOnly: true + description: Output only. Name of the backup. + type: string + CreateMaterializedViewMetadata: + description: The metadata for the Operation returned by CreateMaterializedView. + id: CreateMaterializedViewMetadata type: object properties: - name: + originalRequest: + $ref: '#/components/schemas/CreateMaterializedViewRequest' description: >- - Identifier. The unique name of the logical view. Format: - `projects/{project}/instances/{instance}/logicalViews/{logical_view}` - type: string - query: - description: Required. The logical view's select query. - type: string - etag: + The request that prompted the initiation of this + CreateMaterializedView operation. + finishTime: description: >- - Optional. The etag for this logical view. This may be sent on update - requests to ensure that the client has an up-to-date value before - proceeding. The server returns an ABORTED error on a mismatched - etag. + The time at which the operation failed or was completed + successfully. type: string - deletionProtection: - description: >- - Optional. Set to true to make the LogicalView protected against - deletion. - type: boolean - ListLogicalViewsResponse: - id: ListLogicalViewsResponse - description: Response message for BigtableInstanceAdmin.ListLogicalViews. - type: object - properties: - logicalViews: - description: The list of requested logical views. - type: array - items: - $ref: '#/components/schemas/LogicalView' - nextPageToken: + format: google-datetime + startTime: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + The time at which this operation started. DEPRECATED: Use + request_time instead. + format: google-datetime + deprecated: true type: string - MaterializedView: - id: MaterializedView - description: A materialized view object that can be referenced in SQL queries. - type: object - properties: - name: + endTime: description: >- - Identifier. The unique name of the materialized view. Format: - `projects/{project}/instances/{instance}/materializedViews/{materialized_view}` - type: string - query: - description: Required. Immutable. The materialized view's select query. + If set, the time at which this operation finished or was canceled. + DEPRECATED: Use finish_time instead. + deprecated: true + format: google-datetime type: string - etag: - description: >- - Optional. The etag for this materialized view. This may be sent on - update requests to ensure that the client has an up-to-date value - before proceeding. The server returns an ABORTED error on a - mismatched etag. + requestTime: + description: The time at which the original request was received. + format: google-datetime type: string - deletionProtection: - description: Set to true to make the MaterializedView protected against deletion. - type: boolean - ListMaterializedViewsResponse: - id: ListMaterializedViewsResponse - description: Response message for BigtableInstanceAdmin.ListMaterializedViews. + TieredStorageRule: + description: Rule to specify what data is stored in a storage tier. type: object properties: - materializedViews: - description: The list of requested materialized views. - type: array - items: - $ref: '#/components/schemas/MaterializedView' - nextPageToken: + includeIfOlderThan: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Include cells older than the given age. For the infrequent access + tier, this value must be at least 30 days. + format: google-duration type: string - CreateTableRequest: - id: CreateTableRequest + id: TieredStorageRule + GoogleBigtableAdminV2AuthorizedViewSubsetView: description: >- - Request message for - google.bigtable.admin.v2.BigtableTableAdmin.CreateTable - type: object + Defines a simple AuthorizedView that is a subset of the underlying + Table. + id: GoogleBigtableAdminV2AuthorizedViewSubsetView properties: - tableId: - description: >- - Required. The name by which the new table should be referred to - within the parent instance, e.g., `foobar` rather than - `{parent}/tables/foobar`. Maximum 50 characters. - type: string - table: - description: Required. The Table to create. - $ref: '#/components/schemas/Table' - initialSplits: + familySubsets: description: >- - The optional list of row keys that will be used to initially split - the table into several tablets (tablets are similar to HBase - regions). Given two split keys, `s1` and `s2`, three tablets will be - created, spanning the key ranges: `[, s1), [s1, s2), [s2, )`. - Example: * Row keys := `["a", "apple", "custom", "customer_1", - "customer_2",` `"other", "zz"]` * initial_split_keys := `["apple", - "customer_1", "customer_2", "other"]` * Key assignment: - Tablet 1 - `[, apple) => {"a"}.` - Tablet 2 `[apple, customer_1) => {"apple", - "custom"}.` - Tablet 3 `[customer_1, customer_2) => {"customer_1"}.` - - Tablet 4 `[customer_2, other) => {"customer_2"}.` - Tablet 5 - `[other, ) => {"other", "zz"}.` + Map from column family name to the columns in this family to be + included in the AuthorizedView. + type: object + additionalProperties: + $ref: >- + #/components/schemas/GoogleBigtableAdminV2AuthorizedViewFamilySubsets + rowPrefixes: type: array + description: >- + Row prefixes to be included in the AuthorizedView. To provide access + to all rows, include the empty string as a prefix (""). items: - $ref: '#/components/schemas/Split' - Table: - id: Table + format: byte + type: string + type: object + ColumnFamilyStats: description: >- - A collection of user data indexed by row, column, and timestamp. Each - table is served using the resources of its parent cluster. + Approximate statistics related to a single column family within a table. + This information may change rapidly, interpreting these values at a + point in time may already preset out-of-date information. Everything + below is approximate, unless otherwise specified. type: object properties: - name: + averageCellsPerColumn: + type: number description: >- - The unique name of the table. Values are of the form - `projects/{project}/instances/{instance}/tables/_a-zA-Z0-9*`. Views: - `NAME_ONLY`, `SCHEMA_VIEW`, `REPLICATION_VIEW`, `STATS_VIEW`, `FULL` + How many cells are present per column qualifier in this column + family, averaged over all rows containing any column in the column + family. e.g. For column family "family" in a table with 3 rows: * A + row with 3 cells in "family:col" and 1 cell in "other:col" (3 cells + / 1 column in "family") * A row with 1 cell in "family:col", 7 cells + in "family:other_col", and 7 cells in "other:data" (8 cells / 2 + columns in "family") * A row with 3 cells in "other:col" (0 columns + in "family", "family" not present) would report (3 + 8 + 0)/(1 + 2 + + 0) = 3.66 in this field. + format: double + logicalDataBytes: + description: >- + How much space the data in the column family occupies. This is + roughly how many bytes would be needed to read the contents of the + entire column family (e.g. by streaming all contents out). type: string - clusterStates: + format: int64 + averageColumnsPerRow: description: >- - Output only. Map from cluster ID to per-cluster table state. If it - could not be determined whether or not the table has data in a - particular cluster (for example, if its zone is unavailable), then - there will be an entry for the cluster with UNKNOWN - `replication_status`. Views: `REPLICATION_VIEW`, `ENCRYPTION_VIEW`, - `FULL` - readOnly: true - type: object - additionalProperties: - $ref: '#/components/schemas/ClusterState' - columnFamilies: + How many column qualifiers are present in this column family, + averaged over all rows in the table. e.g. For column family "family" + in a table with 3 rows: * A row with cells in "family:col" and + "other:col" (1 column in "family") * A row with cells in + "family:col", "family:other_col", and "other:data" (2 columns in + "family") * A row with cells in "other:col" (0 columns in "family", + "family" not present) would report (1 + 2 + 0)/3 = 1.5 in this + field. + format: double + type: number + id: ColumnFamilyStats + ListAppProfilesResponse: + description: Response message for BigtableInstanceAdmin.ListAppProfiles. + id: ListAppProfilesResponse + properties: + nextPageToken: description: >- - The column families configured for this table, mapped by column - family ID. Views: `SCHEMA_VIEW`, `STATS_VIEW`, `FULL` - type: object - additionalProperties: - $ref: '#/components/schemas/ColumnFamily' - granularity: + Set if not all app profiles could be returned in a single response. + Pass this value to `page_token` in another request to get the next + page of results. + type: string + appProfiles: + type: array + description: The list of requested app profiles. + items: + $ref: '#/components/schemas/AppProfile' + failedLocations: + type: array description: >- - Immutable. The granularity (i.e. `MILLIS`) at which timestamps are - stored in this table. Timestamps not matching the granularity will - be rejected. If unspecified at creation time, the value will be set - to `MILLIS`. Views: `SCHEMA_VIEW`, `FULL`. + Locations from which AppProfile information could not be retrieved, + due to an outage or some other transient condition. AppProfiles from + these locations may be missing from `app_profiles`. Values are of + the form `projects//locations/` + items: + type: string + type: object + GcRule: + properties: + maxAge: + format: google-duration type: string - enumDescriptions: - - >- - The user did not specify a granularity. Should not be returned. - When specified during table creation, MILLIS will be used. - - The table keeps data versioned at a granularity of 1ms. - enum: - - TIMESTAMP_GRANULARITY_UNSPECIFIED - - MILLIS - restoreInfo: description: >- - Output only. If this table was restored from another data source - (e.g. a backup), this field will be populated with information about - the restore. - readOnly: true - $ref: '#/components/schemas/RestoreInfo' - changeStreamConfig: + Delete cells in a column older than the given age. Values must be at + least one millisecond, and will be truncated to microsecond + granularity. + maxNumVersions: + description: Delete all cells in a column except the most recent N. + type: integer + format: int32 + union: + $ref: '#/components/schemas/Union' + description: Delete cells that would be deleted by any nested rule. + intersection: + description: Delete cells that would be deleted by every nested rule. + $ref: '#/components/schemas/Intersection' + id: GcRule + type: object + description: Rule for determining which cells to delete during garbage collection. + ClusterConfig: + properties: + clusterAutoscalingConfig: + $ref: '#/components/schemas/ClusterAutoscalingConfig' + description: Autoscaling configuration for this cluster. + type: object + description: Configuration for a cluster. + id: ClusterConfig + UpdateInstanceMetadata: + id: UpdateInstanceMetadata + properties: + requestTime: + format: google-datetime + type: string + description: The time at which the original request was received. + finishTime: + type: string description: >- - If specified, enable the change stream on this table. Otherwise, the - change stream is disabled and the change stream is not retained. - $ref: '#/components/schemas/ChangeStreamConfig' - deletionProtection: + The time at which the operation failed or was completed + successfully. + format: google-datetime + originalRequest: description: >- - Set to true to make the table protected against data loss. i.e. - deleting the following resources through Admin APIs are prohibited: - * The table. * The column families in the table. * The instance - containing the table. Note one can still delete the data stored in - the table through Data APIs. + The request that prompted the initiation of this UpdateInstance + operation. + $ref: '#/components/schemas/PartialUpdateInstanceRequest' + description: The metadata for the Operation returned by UpdateInstance. + type: object + GoogleBigtableAdminV2TypeAggregateMin: + properties: {} + type: object + description: >- + Computes the min of the input values. Allowed input: `Int64` State: same + as input + id: GoogleBigtableAdminV2TypeAggregateMin + PartialUpdateInstanceRequest: + type: object + description: Request message for BigtableInstanceAdmin.PartialUpdateInstance. + id: PartialUpdateInstanceRequest + properties: + updateMask: + format: google-fieldmask + type: string + description: >- + Required. The subset of Instance fields which should be replaced. + Must be explicitly set. + instance: + $ref: '#/components/schemas/Instance' + description: >- + Required. The Instance which will (partially) replace the current + value. + RestoreTableMetadata: + description: Metadata type for the long-running operation returned by RestoreTable. + id: RestoreTableMetadata + properties: + sourceType: + enum: + - RESTORE_SOURCE_TYPE_UNSPECIFIED + - BACKUP + type: string + description: The type of the restore source. + enumDescriptions: + - No restore associated. + - A backup was used as the source of the restore. + progress: + description: The progress of the RestoreTable operation. + $ref: '#/components/schemas/OperationProgress' + name: + type: string + description: Name of the table being created and restored to. + backupInfo: + $ref: '#/components/schemas/BackupInfo' + optimizeTableOperationName: + type: string + description: >- + If exists, the name of the long-running operation that will be used + to track the post-restore optimization process to optimize the + performance of the restored table. The metadata type of the + long-running operation is OptimizeRestoredTableMetadata. The + response type is Empty. This long-running operation may be + automatically created by the system if applicable after the + RestoreTable long-running operation completes successfully. This + operation may not be created if the table is already optimized or + the restore was not successful. + type: object + GoogleBigtableAdminV2TypeAggregateHyperLogLogPlusPlusUniqueCount: + id: GoogleBigtableAdminV2TypeAggregateHyperLogLogPlusPlusUniqueCount + type: object + description: >- + Computes an approximate unique count over the input values. When using + raw data as input, be careful to use a consistent encoding. Otherwise + the same value encoded differently could count more than once, or two + distinct values could count as identical. Input: Any, or omit for Raw + State: TBD Special state conversions: `Int64` (the unique count + estimate) + properties: {} + AuthorizedView: + description: An Authorized View of a Cloud Bigtable Table. + properties: + name: + description: >- + Identifier. The name of this AuthorizedView. Values are of the form + `projects/{project}/instances/{instance}/tables/{table}/authorizedViews/{authorized_view}` + type: string + subsetView: + description: >- + An AuthorizedView permitting access to an explicit subset of a + Table. + $ref: '#/components/schemas/GoogleBigtableAdminV2AuthorizedViewSubsetView' + deletionProtection: type: boolean - stats: description: >- - Output only. Only available with STATS_VIEW, this includes summary - statistics about the entire table contents. For statistics about a - specific column family, see ColumnFamilyStats in the mapped - ColumnFamily collection above. - readOnly: true - $ref: '#/components/schemas/TableStats' - automatedBackupPolicy: + Set to true to make the AuthorizedView protected against deletion. + The parent Table and containing Instance cannot be deleted if an + AuthorizedView has this bit set. + etag: description: >- - If specified, automated backups are enabled for this table. - Otherwise, automated backups are disabled. - $ref: '#/components/schemas/AutomatedBackupPolicy' - tieredStorageConfig: + The etag for this AuthorizedView. If this is provided on update, it + must match the server's etag. The server returns ABORTED error on a + mismatched etag. + type: string + id: AuthorizedView + type: object + GoogleBigtableAdminV2TypeTimestampEncoding: + id: GoogleBigtableAdminV2TypeTimestampEncoding + description: Rules used to convert to or from lower level types. + type: object + properties: + unixMicrosInt64: + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeInt64Encoding' description: >- - Rules to specify what data is stored in each storage tier. Different - tiers store data differently, providing different trade-offs between - cost and performance. Different parts of a table can be stored - separately on different tiers. If a config is specified, tiered - storage is enabled for this table. Otherwise, tiered storage is - disabled. Only SSD instances can configure tiered storage. - $ref: '#/components/schemas/TieredStorageConfig' - rowKeySchema: + Encodes the number of microseconds since the Unix epoch using the + given `Int64` encoding. Values must be microsecond-aligned. + Compatible with: - Java `Instant.truncatedTo()` with + `ChronoUnit.MICROS` + GoogleBigtableAdminV2TypeBytesEncodingRaw: + properties: + escapeNulls: description: >- - The row key schema for this table. The schema is used to decode the - raw row key bytes into a structured format. The order of field - declarations in this schema is important, as it reflects how the raw - row key bytes are structured. Currently, this only affects how the - key is read via a GoogleSQL query from the ExecuteQuery API. For a - SQL query, the _key column is still read as raw bytes. But queries - can reference the key fields by name, which will be decoded from - _key using provided type and encoding. Queries that reference key - fields will fail if they encounter an invalid row key. For example, - if _key = "some_id#2024-04-30#\x00\x13\x00\xf3" with the following - schema: { fields { field_name: "id" type { string { encoding: - utf8_bytes {} } } } fields { field_name: "date" type { string { - encoding: utf8_bytes {} } } } fields { field_name: "product_code" - type { int64 { encoding: big_endian_bytes {} } } } encoding { - delimited_bytes { delimiter: "#" } } } The decoded key parts would - be: id = "some_id", date = "2024-04-30", product_code = 1245427 The - query "SELECT _key, product_code FROM table" will return two - columns: /------------------------------------------------------\ | - _key | product_code | | - --------------------------------------|--------------| | - "some_id#2024-04-30#\x00\x13\x00\xf3" | 1245427 | - \------------------------------------------------------/ The schema - has the following invariants: (1) The decoded field values are - order-preserved. For read, the field values will be decoded in - sorted mode from the raw bytes. (2) Every field in the schema must - specify a non-empty name. (3) Every field must specify a type with - an associated encoding. The type is limited to scalar types only: - Array, Map, Aggregate, and Struct are not allowed. (4) The field - names must not collide with existing column family names and - reserved keywords "_key" and "_timestamp". The following update - operations are allowed for row_key_schema: - Update from an empty - schema to a new schema. - Remove the existing schema. This operation - requires setting the `ignore_warnings` flag to `true`, since it - might be a backward incompatible change. Without the flag, the - update request will fail with an INVALID_ARGUMENT error. Any other - row key schema update operation (e.g. update existing schema columns - names or types) is currently unsupported. - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeStruct' - ClusterState: - id: ClusterState - description: The state of a table's data in a particular cluster. + If set, allows NULL values to be encoded as the empty string "". The + actual empty string, or any value which only contains the null byte + `0x00`, has one more null byte appended. + type: boolean + id: GoogleBigtableAdminV2TypeBytesEncodingRaw type: object + description: >- + Leaves the value as-is. Sorted mode: all values are supported. Distinct + mode: all values are supported. + UpdateLogicalViewMetadata: + id: UpdateLogicalViewMetadata + description: The metadata for the Operation returned by UpdateLogicalView. properties: - replicationState: - description: Output only. The state of replication for the table in this cluster. - readOnly: true + endTime: + format: google-datetime + description: 'DEPRECATED: Use finish_time instead.' type: string - enumDescriptions: - - The replication state of the table is unknown in this cluster. - - >- - The cluster was recently created, and the table must finish - copying over pre-existing data from other clusters before it can - begin receiving live replication updates and serving Data API - requests. - - >- - The table is temporarily unable to serve Data API requests from - this cluster due to planned internal maintenance. - - >- - The table is temporarily unable to serve Data API requests from - this cluster due to unplanned or emergency maintenance. - - >- - The table can serve Data API requests from this cluster. Depending - on replication delay, reads may not immediately reflect the state - of the table in other clusters. - - >- - The table is fully created and ready for use after a restore, and - is being optimized for performance. When optimizations are - complete, the table will transition to `READY` state. - enum: - - STATE_NOT_KNOWN - - INITIALIZING - - PLANNED_MAINTENANCE - - UNPLANNED_MAINTENANCE - - READY - - READY_OPTIMIZING - encryptionInfo: + deprecated: true + finishTime: + format: google-datetime description: >- - Output only. The encryption information for the table in this - cluster. If the encryption key protecting this resource is customer - managed, then its version can be rotated in Cloud Key Management - Service (Cloud KMS). The primary version of the key and its status - will be reflected here when changes propagate from Cloud KMS. - readOnly: true + The time at which the operation failed or was completed + successfully. + type: string + startTime: + format: google-datetime + deprecated: true + description: 'DEPRECATED: Use request_time instead.' + type: string + requestTime: + format: google-datetime + type: string + description: The time at which the original request was received. + originalRequest: + description: >- + The request that prompted the initiation of this UpdateLogicalView + operation. + $ref: '#/components/schemas/UpdateLogicalViewRequest' + type: object + ListClustersResponse: + description: Response message for BigtableInstanceAdmin.ListClusters. + properties: + nextPageToken: + description: 'DEPRECATED: This field is unused and ignored.' + deprecated: true + type: string + clusters: type: array + description: The list of requested clusters. items: - $ref: '#/components/schemas/EncryptionInfo' - EncryptionInfo: - id: EncryptionInfo + $ref: '#/components/schemas/Cluster' + failedLocations: + type: array + description: >- + Locations from which Cluster information could not be retrieved, due + to an outage or some other transient condition. Clusters from these + locations may be missing from `clusters`, or may only have partial + information returned. Values are of the form `projects//locations/` + items: + type: string + id: ListClustersResponse + type: object + ListOperationsResponse: + id: ListOperationsResponse + type: object + properties: + nextPageToken: + description: The standard List next-page token. + type: string + operations: + items: + $ref: '#/components/schemas/Operation' + description: >- + A list of operations that matches the specified filter in the + request. + type: array + unreachable: + items: + type: string + type: array + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + description: The response message for Operations.ListOperations. + DataBoostReadLocalWrites: description: >- - Encryption information for a given resource. If this resource is - protected with customer managed encryption, the in-use Cloud Key - Management Service (Cloud KMS) key version is specified along with its - status. + Checks that all writes before the consistency token was generated in the + same cluster are readable by Databoost. type: object + id: DataBoostReadLocalWrites + properties: {} + AppProfile: properties: - encryptionType: - description: Output only. The type of encryption used to protect this resource. - readOnly: true + singleClusterRouting: + description: Use a single-cluster routing policy. + $ref: '#/components/schemas/SingleClusterRouting' + dataBoostIsolationReadOnly: + description: >- + Specifies that this app profile is intended for read-only usage via + the Data Boost feature. + $ref: '#/components/schemas/DataBoostIsolationReadOnly' + description: + description: Long form description of the use case for this AppProfile. type: string - enumDescriptions: - - >- - Encryption type was not specified, though data at rest remains - encrypted. - - >- - The data backing this resource is encrypted at rest with a key - that is fully managed by Google. No key version or status will be - populated. This is the default state. - - >- - The data backing this resource is encrypted at rest with a key - that is managed by the customer. The in-use version of the key and - its status are populated for CMEK-protected tables. CMEK-protected - backups are pinned to the key version that was in use at the time - the backup was taken. This key version is populated but its status - is not tracked and is reported as `UNKNOWN`. - enum: - - ENCRYPTION_TYPE_UNSPECIFIED - - GOOGLE_DEFAULT_ENCRYPTION - - CUSTOMER_MANAGED_ENCRYPTION - encryptionStatus: + standardIsolation: description: >- - Output only. The status of encrypt/decrypt calls on underlying data - for this resource. Regardless of status, the existing data is always - encrypted at rest. - readOnly: true - $ref: '#/components/schemas/Status' - kmsKeyVersion: + The standard options used for isolating this app profile's traffic + from other use cases. + $ref: '#/components/schemas/StandardIsolation' + name: description: >- - Output only. The version of the Cloud KMS key specified in the - parent cluster that is in use for the data underlying this table. - readOnly: true + The unique name of the app profile, up to 50 characters long. Values + are of the form + `projects/{project}/instances/{instance}/appProfiles/_a-zA-Z0-9*`. + type: string + multiClusterRoutingUseAny: + description: Use a multi-cluster routing policy. + $ref: '#/components/schemas/MultiClusterRoutingUseAny' + etag: + description: >- + Strongly validated etag for optimistic concurrency control. Preserve + the value returned from `GetAppProfile` when calling + `UpdateAppProfile` to fail the request if there has been a + modification in the mean time. The `update_mask` of the request need + not include `etag` for this protection to apply. See + [Wikipedia](https://en.wikipedia.org/wiki/HTTP_ETag) and [RFC + 7232](https://tools.ietf.org/html/rfc7232#section-2.3) for more + details. type: string - ColumnFamily: - id: ColumnFamily - description: A set of columns within a table which share a common configuration. + priority: + enum: + - PRIORITY_UNSPECIFIED + - PRIORITY_LOW + - PRIORITY_MEDIUM + - PRIORITY_HIGH + enumDescriptions: + - >- + Default value. Mapped to PRIORITY_HIGH (the legacy behavior) on + creation. + - '' + - '' + - '' + type: string + deprecated: true + description: >- + This field has been deprecated in favor of + `standard_isolation.priority`. If you set this field, + `standard_isolation.priority` will be set instead. The priority of + requests sent using this app profile. type: object + description: >- + A configuration object describing how Cloud Bigtable should treat + traffic from a particular end user application. + id: AppProfile + MaterializedView: + description: A materialized view object that can be referenced in SQL queries. properties: - gcRule: + etag: description: >- - Garbage collection rule specified as a protobuf. Must serialize to - at most 500 bytes. NOTE: Garbage collection executes - opportunistically in the background, and so it's possible for reads - to return a cell even if it matches the active GC expression for its - family. - $ref: '#/components/schemas/GcRule' - stats: + Optional. The etag for this materialized view. This may be sent on + update requests to ensure that the client has an up-to-date value + before proceeding. The server returns an ABORTED error on a + mismatched etag. Views: `SCHEMA_VIEW`, `REPLICATION_VIEW`, `FULL`. + type: string + query: description: >- - Output only. Only available with STATS_VIEW, this includes summary - statistics about column family contents. For statistics over an - entire table, see TableStats above. + Required. Immutable. The materialized view's select query. Views: + `SCHEMA_VIEW`, `FULL`. + type: string + clusterStates: readOnly: true - $ref: '#/components/schemas/ColumnFamilyStats' - valueType: + type: object + additionalProperties: + $ref: >- + #/components/schemas/GoogleBigtableAdminV2MaterializedViewClusterState description: >- - The type of data stored in each of this family's cell values, - including its full encoding. If omitted, the family only serves raw - untyped bytes. For now, only the `Aggregate` type is supported. - `Aggregate` can only be set at family creation and is immutable - afterwards. If `value_type` is `Aggregate`, written data must be - compatible with: * `value_type.input_type` for `AddInput` mutations - $ref: '#/components/schemas/Type' - GcRule: - id: GcRule - description: Rule for determining which cells to delete during garbage collection. - type: object - properties: - maxNumVersions: - description: Delete all cells in a column except the most recent N. - type: integer - format: int32 - maxAge: + Output only. Map from cluster ID to per-cluster materialized view + state. If it could not be determined whether or not the materialized + view has data in a particular cluster (for example, if its zone is + unavailable), then there will be an entry for the cluster with + `STATE_NOT_KNOWN` state. Views: `REPLICATION_VIEW`, `FULL`. + name: description: >- - Delete cells in a column older than the given age. Values must be at - least one millisecond, and will be truncated to microsecond - granularity. + Identifier. The unique name of the materialized view. Format: + `projects/{project}/instances/{instance}/materializedViews/{materialized_view}` + Views: `SCHEMA_VIEW`, `REPLICATION_VIEW`, `FULL`. type: string - format: google-duration - intersection: - description: Delete cells that would be deleted by every nested rule. - $ref: '#/components/schemas/Intersection' - union: - description: Delete cells that would be deleted by any nested rule. - $ref: '#/components/schemas/Union' - Intersection: - id: Intersection - description: A GcRule which deletes cells matching all of the given rules. - type: object - properties: - rules: + deletionProtection: + type: boolean description: >- - Only delete cells which would be deleted by every element of - `rules`. - type: array - items: - $ref: '#/components/schemas/GcRule' - Union: - id: Union - description: A GcRule which deletes cells matching any of the given rules. - type: object - properties: - rules: - description: Delete cells which would be deleted by any element of `rules`. - type: array - items: - $ref: '#/components/schemas/GcRule' - ColumnFamilyStats: - id: ColumnFamilyStats - description: >- - Approximate statistics related to a single column family within a table. - This information may change rapidly, interpreting these values at a - point in time may already preset out-of-date information. Everything - below is approximate, unless otherwise specified. + Set to true to make the MaterializedView protected against deletion. + Views: `SCHEMA_VIEW`, `REPLICATION_VIEW`, `FULL`. + id: MaterializedView type: object + TableProgress: properties: - averageColumnsPerRow: - description: >- - How many column qualifiers are present in this column family, - averaged over all rows in the table. e.g. For column family "family" - in a table with 3 rows: * A row with cells in "family:col" and - "other:col" (1 column in "family") * A row with cells in - "family:col", "family:other_col", and "other:data" (2 columns in - "family") * A row with cells in "other:col" (0 columns in "family", - "family" not present) would report (1 + 2 + 0)/3 = 1.5 in this - field. - type: number - format: double - averageCellsPerColumn: - description: >- - How many cells are present per column qualifier in this column - family, averaged over all rows containing any column in the column - family. e.g. For column family "family" in a table with 3 rows: * A - row with 3 cells in "family:col" and 1 cell in "other:col" (3 cells - / 1 column in "family") * A row with 1 cell in "family:col", 7 cells - in "family:other_col", and 7 cells in "other:data" (8 cells / 2 - columns in "family") * A row with 3 cells in "other:col" (0 columns - in "family", "family" not present) would report (3 + 8 + 0)/(1 + 2 + - 0) = 3.66 in this field. - type: number - format: double - logicalDataBytes: + estimatedCopiedBytes: + format: int64 + type: string description: >- - How much space the data in the column family occupies. This is - roughly how many bytes would be needed to read the contents of the - entire column family (e.g. by streaming all contents out). + Estimate of the number of bytes copied so far for this table. This + will eventually reach 'estimated_size_bytes' unless the table copy + is CANCELLED. + state: + type: string + enum: + - STATE_UNSPECIFIED + - PENDING + - COPYING + - COMPLETED + - CANCELLED + enumDescriptions: + - '' + - The table has not yet begun copying to the new cluster. + - The table is actively being copied to the new cluster. + - The table has been fully copied to the new cluster. + - >- + The table was deleted before it finished copying to the new + cluster. Note that tables deleted after completion will stay + marked as COMPLETED, not CANCELLED. + estimatedSizeBytes: type: string + description: Estimate of the size of the table to be copied. format: int64 - Type: - id: Type - description: >- - `Type` represents the type of data that is written to, read from, or - stored in Bigtable. It is heavily based on the GoogleSQL standard to - help maintain familiarity and consistency across products and features. - For compatibility with Bigtable's existing untyped APIs, each `Type` - includes an `Encoding` which describes how to convert to or from the - underlying data. Each encoding can operate in one of two modes: - - Sorted: In this mode, Bigtable guarantees that `Encode(X) <= Encode(Y)` - if and only if `X <= Y`. This is useful anywhere sort order is - important, for example when encoding keys. - Distinct: In this mode, - Bigtable guarantees that if `X != Y` then `Encode(X) != Encode(Y)`. - However, the converse is not guaranteed. For example, both "{'foo': '1', - 'bar': '2'}" and "{'bar': '2', 'foo': '1'}" are valid encodings of the - same JSON value. The API clearly documents which mode is used wherever - an encoding can be configured. Each encoding also documents which values - are supported in which modes. For example, when encoding INT64 as a - numeric STRING, negative numbers cannot be encoded in sorted mode. This - is because `INT64(1) > INT64(-1)`, but `STRING("-00001") > - STRING("00001")`. type: object - properties: - bytesType: - description: Bytes - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeBytes' - stringType: - description: String - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeString' - int64Type: - description: Int64 - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeInt64' - float32Type: - description: Float32 - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeFloat32' - float64Type: - description: Float64 - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeFloat64' - boolType: - description: Bool - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeBool' - timestampType: - description: Timestamp - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeTimestamp' - dateType: - description: Date - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeDate' - aggregateType: - description: Aggregate - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeAggregate' - structType: - description: Struct - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeStruct' - arrayType: - description: Array - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeArray' - mapType: - description: Map - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeMap' - protoType: - description: Proto - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeProto' - enumType: - description: Enum - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeEnum' - GoogleBigtableAdminV2TypeBytes: - id: GoogleBigtableAdminV2TypeBytes - description: Bytes Values of type `Bytes` are stored in `Value.bytes_value`. + description: Progress info for copying a table's data to the new cluster. + id: TableProgress + EncryptionInfo: type: object + id: EncryptionInfo + properties: + encryptionType: + enum: + - ENCRYPTION_TYPE_UNSPECIFIED + - GOOGLE_DEFAULT_ENCRYPTION + - CUSTOMER_MANAGED_ENCRYPTION + enumDescriptions: + - >- + Encryption type was not specified, though data at rest remains + encrypted. + - >- + The data backing this resource is encrypted at rest with a key + that is fully managed by Google. No key version or status will be + populated. This is the default state. + - >- + The data backing this resource is encrypted at rest with a key + that is managed by the customer. The in-use version of the key and + its status are populated for CMEK-protected tables. CMEK-protected + backups are pinned to the key version that was in use at the time + the backup was taken. This key version is populated but its status + is not tracked and is reported as `UNKNOWN`. + description: Output only. The type of encryption used to protect this resource. + type: string + readOnly: true + kmsKeyVersion: + description: >- + Output only. The version of the Cloud KMS key specified in the + parent cluster that is in use for the data underlying this table. + readOnly: true + type: string + encryptionStatus: + readOnly: true + description: >- + Output only. The status of encrypt/decrypt calls on underlying data + for this resource. Regardless of status, the existing data is always + encrypted at rest. + $ref: '#/components/schemas/Status' + description: >- + Encryption information for a given resource. If this resource is + protected with customer managed encryption, the in-use Cloud Key + Management Service (Cloud KMS) key version is specified along with its + status. + PartialUpdateClusterMetadata: + id: PartialUpdateClusterMetadata properties: - encoding: - description: The encoding to use when converting to or from lower level types. - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeBytesEncoding' - GoogleBigtableAdminV2TypeBytesEncoding: - id: GoogleBigtableAdminV2TypeBytesEncoding - description: Rules used to convert to or from lower level types. + originalRequest: + description: The original request for PartialUpdateCluster. + $ref: '#/components/schemas/PartialUpdateClusterRequest' + requestTime: + type: string + description: The time at which the original request was received. + format: google-datetime + finishTime: + type: string + description: >- + The time at which the operation failed or was completed + successfully. + format: google-datetime + description: The metadata for the Operation returned by PartialUpdateCluster. type: object - properties: - raw: - description: Use `Raw` encoding. - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeBytesEncodingRaw' - GoogleBigtableAdminV2TypeBytesEncodingRaw: - id: GoogleBigtableAdminV2TypeBytesEncodingRaw + GoogleBigtableAdminV2TypeStructEncodingOrderedCodeBytes: description: >- - Leaves the value as-is. Sorted mode: all values are supported. Distinct - mode: all values are supported. + Fields are encoded independently, then escaped and delimited by appling + the following rules in order: - While the last remaining field is `ASC` + or `UNSPECIFIED`, and encodes to the empty string "", remove it. - In + each remaining field, replace all null bytes `0x00` with the fixed byte + pair `{0x00, 0xFF}`. - If any remaining field encodes to the empty + string "", replace it with the fixed byte pair `{0x00, 0x00}`. - Append + the fixed byte pair `{0x00, 0x01}` to each remaining field, except for + the last remaining field if it is `ASC`. - Bitwise negate all `DESC` + fields. - Concatenate the results, or emit the fixed byte pair `{0x00, + 0x00}` if there are no remaining fields to concatenate. Examples: ``` - + STRUCT() -> "\00\00" - STRUCT("") -> "\00\00" - STRUCT("", "") -> + "\00\00" - STRUCT("", "B") -> "\00\00" + "\00\01" + "B" - STRUCT("A", + "") -> "A" - STRUCT("", "B", "") -> "\00\00" + "\00\01" + "B" - + STRUCT("A", "", "C") -> "A" + "\00\01" + "\00\00" + "\00\01" + "C" ``` + Examples for struct with `DESC` fields: ``` - STRUCT("" DESC) -> + "\xFF\xFF" + "\xFF\xFE" - STRUCT("" DESC, "") -> "\xFF\xFF" + "\xFF\xFE" + - STRUCT("" DESC, "", "") -> "\xFF\xFF" + "\xFF\xFE" - STRUCT("" DESC, + "A") -> "\xFF\xFF" + "\xFF\xFE" + "A" - STRUCT("A", "" DESC, "") -> "A" + + "\00\01" + "\xFF\xFF" + "\xFF\xFE" - STRUCT("", "A" DESC) -> + "\x00\x00" + "\x00\x01" + "\xBE" + "\xFF\xFE" ``` Since null bytes are + always escaped, this encoding can cause size blowup for encodings like + `Int64.BigEndianBytes` that are likely to produce many such bytes. + Sorted mode: - Fields are encoded in sorted mode. - All values supported + by the field encodings are allowed. - Fields with unset or `UNSPECIFIED` + order are treated as `ASC`. - Element-wise order is preserved: `A < B` + if `A[0] < B[0]`, or if `A[0] == B[0] && A[1] < B[1]`, etc. Strict + prefixes sort first. Distinct mode: - Fields are encoded in distinct + mode. - All values supported by the field encodings are allowed. + properties: {} + id: GoogleBigtableAdminV2TypeStructEncodingOrderedCodeBytes type: object - properties: - escapeNulls: - description: >- - If set, allows NULL values to be encoded as the empty string "". The - actual empty string, or any value which only contains the null byte - 0x00, has one more null byte appended. - type: boolean - GoogleBigtableAdminV2TypeString: - id: GoogleBigtableAdminV2TypeString - description: String Values of type `String` are stored in `Value.string_value`. + GoogleBigtableAdminV2TypeBool: + properties: {} + id: GoogleBigtableAdminV2TypeBool + description: bool Values of type `Bool` are stored in `Value.bool_value`. type: object + ListMaterializedViewsResponse: properties: - encoding: - description: The encoding to use when converting to or from lower level types. - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeStringEncoding' - GoogleBigtableAdminV2TypeStringEncoding: - id: GoogleBigtableAdminV2TypeStringEncoding - description: Rules used to convert to or from lower level types. + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + materializedViews: + type: array + items: + $ref: '#/components/schemas/MaterializedView' + description: The list of requested materialized views. + description: Response message for BigtableInstanceAdmin.ListMaterializedViews. + id: ListMaterializedViewsResponse type: object - properties: - utf8Raw: - description: 'Deprecated: if set, converts to an empty `utf8_bytes`.' - deprecated: true - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeStringEncodingUtf8Raw' - utf8Bytes: - description: Use `Utf8Bytes` encoding. - $ref: >- - #/components/schemas/GoogleBigtableAdminV2TypeStringEncodingUtf8Bytes GoogleBigtableAdminV2TypeStringEncodingUtf8Raw: - id: GoogleBigtableAdminV2TypeStringEncodingUtf8Raw - deprecated: true - description: 'Deprecated: prefer the equivalent `Utf8Bytes`.' type: object + deprecated: true properties: {} - GoogleBigtableAdminV2TypeStringEncodingUtf8Bytes: - id: GoogleBigtableAdminV2TypeStringEncodingUtf8Bytes - description: >- - UTF-8 encoding. Sorted mode: - All values are supported. - Code point - order is preserved. Distinct mode: all values are supported. Compatible - with: - BigQuery `TEXT` encoding - HBase `Bytes.toBytes` - Java - `String#getBytes(StandardCharsets.UTF_8)` - type: object + id: GoogleBigtableAdminV2TypeStringEncodingUtf8Raw + description: 'Deprecated: prefer the equivalent `Utf8Bytes`.' + UpdateLogicalViewRequest: + id: UpdateLogicalViewRequest + description: Request message for BigtableInstanceAdmin.UpdateLogicalView. properties: - nullEscapeChar: + logicalView: + $ref: '#/components/schemas/LogicalView' description: >- - Single-character escape sequence used to support NULL values. If - set, allows NULL values to be encoded as the empty string "". The - actual empty string, or any value where every character equals - `null_escape_char`, has one more `null_escape_char` appended. If - `null_escape_char` is set and does not equal the ASCII null - character 0x00, then the encoding will not support sorted mode. . + Required. The logical view to update. The logical view's `name` + field is used to identify the view to update. Format: + `projects/{project}/instances/{instance}/logicalViews/{logical_view}`. + updateMask: + format: google-fieldmask + description: Optional. The list of fields to update. type: string - GoogleBigtableAdminV2TypeInt64: - id: GoogleBigtableAdminV2TypeInt64 - description: Int64 Values of type `Int64` are stored in `Value.int_value`. type: object + GetIamPolicyRequest: properties: - encoding: - description: The encoding to use when converting to or from lower level types. - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeInt64Encoding' - GoogleBigtableAdminV2TypeInt64Encoding: - id: GoogleBigtableAdminV2TypeInt64Encoding - description: Rules used to convert to or from lower level types. + options: + description: >- + OPTIONAL: A `GetPolicyOptions` object for specifying options to + `GetIamPolicy`. + $ref: '#/components/schemas/GetPolicyOptions' + type: object + description: Request message for `GetIamPolicy` method. + id: GetIamPolicyRequest + GoogleBigtableAdminV2TypeStructField: type: object + id: GoogleBigtableAdminV2TypeStructField properties: - bigEndianBytes: - description: Use `BigEndianBytes` encoding. - $ref: >- - #/components/schemas/GoogleBigtableAdminV2TypeInt64EncodingBigEndianBytes - orderedCodeBytes: - description: Use `OrderedCodeBytes` encoding. - $ref: >- - #/components/schemas/GoogleBigtableAdminV2TypeInt64EncodingOrderedCodeBytes + type: + description: The type of values in this field. + $ref: '#/components/schemas/Type' + fieldName: + type: string + description: >- + The field name (optional). Fields without a `field_name` are + considered anonymous and cannot be referenced by name. + description: A struct field and its type. GoogleBigtableAdminV2TypeInt64EncodingBigEndianBytes: + properties: + bytesType: + description: 'Deprecated: ignored if set.' + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeBytes' + deprecated: true id: GoogleBigtableAdminV2TypeInt64EncodingBigEndianBytes description: >- Encodes the value as an 8-byte big-endian two's complement value. Sorted @@ -1711,703 +1421,974 @@ components: `Bytes.toBytes` - Java `ByteBuffer.putLong()` with `ByteOrder.BIG_ENDIAN` type: object + MultiClusterRoutingUseAny: + id: MultiClusterRoutingUseAny properties: - bytesType: - description: 'Deprecated: ignored if set.' - deprecated: true - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeBytes' - GoogleBigtableAdminV2TypeInt64EncodingOrderedCodeBytes: - id: GoogleBigtableAdminV2TypeInt64EncodingOrderedCodeBytes - description: >- - Encodes the value in a variable length binary format of up to 10 bytes. - Values that are closer to zero use fewer bytes. Sorted mode: all values - are supported. Distinct mode: all values are supported. - type: object - properties: {} - GoogleBigtableAdminV2TypeFloat32: - id: GoogleBigtableAdminV2TypeFloat32 - description: Float32 Values of type `Float32` are stored in `Value.float_value`. + clusterIds: + type: array + items: + type: string + description: >- + The set of clusters to route to. The order is ignored; clusters will + be tried in order of distance. If left empty, all clusters are + eligible. + rowAffinity: + $ref: '#/components/schemas/RowAffinity' + description: >- + Row affinity sticky routing based on the row key of the request. + Requests that span multiple rows are routed non-deterministically. type: object - properties: {} + description: >- + Read/write requests are routed to the nearest cluster in the instance, + and will fail over to the nearest cluster that is available in the event + of transient errors or delays. Clusters in a region are considered + equidistant. Choosing this option sacrifices read-your-writes + consistency to improve availability. GoogleBigtableAdminV2TypeFloat64: - id: GoogleBigtableAdminV2TypeFloat64 + properties: {} description: Float64 Values of type `Float64` are stored in `Value.float_value`. + id: GoogleBigtableAdminV2TypeFloat64 type: object - properties: {} - GoogleBigtableAdminV2TypeBool: - id: GoogleBigtableAdminV2TypeBool - description: bool Values of type `Bool` are stored in `Value.bool_value`. + EncryptionConfig: + id: EncryptionConfig type: object - properties: {} - GoogleBigtableAdminV2TypeTimestamp: - id: GoogleBigtableAdminV2TypeTimestamp description: >- - Timestamp Values of type `Timestamp` are stored in - `Value.timestamp_value`. + Cloud Key Management Service (Cloud KMS) settings for a CMEK-protected + cluster. + properties: + kmsKeyName: + type: string + description: >- + Describes the Cloud KMS encryption key that will be used to protect + the destination Bigtable cluster. The requirements for this key are: + 1) The Cloud Bigtable service account associated with the project + that contains this cluster must be granted the + `cloudkms.cryptoKeyEncrypterDecrypter` role on the CMEK key. 2) Only + regional keys can be used and the region of the CMEK key must match + the region of the cluster. Values are of the form + `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}` + LogicalView: + type: object + properties: + name: + description: >- + Identifier. The unique name of the logical view. Format: + `projects/{project}/instances/{instance}/logicalViews/{logical_view}` + type: string + etag: + type: string + description: >- + Optional. The etag for this logical view. This may be sent on update + requests to ensure that the client has an up-to-date value before + proceeding. The server returns an ABORTED error on a mismatched + etag. + query: + description: Required. The logical view's select query. + type: string + deletionProtection: + description: >- + Optional. Set to true to make the LogicalView protected against + deletion. + type: boolean + description: A SQL logical view object that can be referenced in SQL queries. + id: LogicalView + GoogleBigtableAdminV2TypeProto: + description: >- + A protobuf message type. Values of type `Proto` are stored in + `Value.bytes_value`. + id: GoogleBigtableAdminV2TypeProto + properties: + messageName: + type: string + description: >- + The fully qualified name of the protobuf message, including package. + In the format of "foo.bar.Message". + schemaBundleId: + type: string + description: The ID of the schema bundle that this proto is defined in. type: object + GoogleBigtableAdminV2MaterializedViewClusterState: + type: object + id: GoogleBigtableAdminV2MaterializedViewClusterState + description: The state of a materialized view's data in a particular cluster. properties: - encoding: - description: The encoding to use when converting to or from lower level types. - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeTimestampEncoding' - GoogleBigtableAdminV2TypeTimestampEncoding: - id: GoogleBigtableAdminV2TypeTimestampEncoding + replicationState: + description: Output only. The state of the materialized view in this cluster. + readOnly: true + type: string + enumDescriptions: + - The state of the materialized view is unknown in this cluster. + - >- + The cluster or view was recently created, and the materialized + view must finish backfilling before it can begin serving Data API + requests. + - >- + The materialized view can serve Data API requests from this + cluster. Depending on materialization and replication delay, reads + may not immediately reflect the state of the materialized view in + other clusters. + enum: + - STATE_NOT_KNOWN + - INITIALIZING + - READY + GoogleBigtableAdminV2TypeInt64Encoding: + properties: + orderedCodeBytes: + description: Use `OrderedCodeBytes` encoding. + $ref: >- + #/components/schemas/GoogleBigtableAdminV2TypeInt64EncodingOrderedCodeBytes + bigEndianBytes: + description: Use `BigEndianBytes` encoding. + $ref: >- + #/components/schemas/GoogleBigtableAdminV2TypeInt64EncodingBigEndianBytes + id: GoogleBigtableAdminV2TypeInt64Encoding description: Rules used to convert to or from lower level types. type: object + UpdateClusterMetadata: properties: - unixMicrosInt64: + requestTime: + description: The time at which the original request was received. + type: string + format: google-datetime + finishTime: description: >- - Encodes the number of microseconds since the Unix epoch using the - given `Int64` encoding. Values must be microsecond-aligned. - Compatible with: - Java `Instant.truncatedTo()` with - `ChronoUnit.MICROS` - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeInt64Encoding' - GoogleBigtableAdminV2TypeDate: - id: GoogleBigtableAdminV2TypeDate - description: Date Values of type `Date` are stored in `Value.date_value`. + The time at which the operation failed or was completed + successfully. + type: string + format: google-datetime + originalRequest: + description: >- + The request that prompted the initiation of this UpdateCluster + operation. + $ref: '#/components/schemas/Cluster' type: object - properties: {} - GoogleBigtableAdminV2TypeAggregate: - id: GoogleBigtableAdminV2TypeAggregate - description: >- - A value that combines incremental updates into a summarized value. Data - is never directly written or read using type `Aggregate`. Writes provide - either the `input_type` or `state_type`, and reads always return the - `state_type` . + description: The metadata for the Operation returned by UpdateCluster. + id: UpdateClusterMetadata + GoogleBigtableAdminV2TypeEnum: type: object + id: GoogleBigtableAdminV2TypeEnum properties: - inputType: - description: >- - Type of the inputs that are accumulated by this `Aggregate`. Use - `AddInput` mutations to accumulate new inputs. - $ref: '#/components/schemas/Type' - stateType: + schemaBundleId: + description: The ID of the schema bundle that this enum is defined in. + type: string + enumName: description: >- - Output only. Type that holds the internal accumulator state for the - `Aggregate`. This is a function of the `input_type` and `aggregator` - chosen. - readOnly: true - $ref: '#/components/schemas/Type' - sum: - description: Sum aggregator. - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeAggregateSum' - hllppUniqueCount: - description: HyperLogLogPlusPlusUniqueCount aggregator. - $ref: >- - #/components/schemas/GoogleBigtableAdminV2TypeAggregateHyperLogLogPlusPlusUniqueCount - max: - description: Max aggregator. - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeAggregateMax' - min: - description: Min aggregator. - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeAggregateMin' - GoogleBigtableAdminV2TypeAggregateSum: - id: GoogleBigtableAdminV2TypeAggregateSum + The fully qualified name of the protobuf enum message, including + package. In the format of "foo.bar.EnumMessage". + type: string description: >- - Computes the sum of the input values. Allowed input: `Int64` State: same - as input + A protobuf enum type. Values of type `Enum` are stored in + `Value.int_value`. + ListInstancesResponse: + id: ListInstancesResponse + description: Response message for BigtableInstanceAdmin.ListInstances. + properties: + instances: + items: + $ref: '#/components/schemas/Instance' + type: array + description: The list of requested instances. + failedLocations: + items: + type: string + type: array + description: >- + Locations from which Instance information could not be retrieved, + due to an outage or some other transient condition. Instances whose + Clusters are all in one of the failed locations may be missing from + `instances`, and Instances with at least one Cluster in a failed + location may only have partial information returned. Values are of + the form `projects//locations/` + nextPageToken: + description: 'DEPRECATED: This field is unused and ignored.' + type: string + deprecated: true type: object - properties: {} - GoogleBigtableAdminV2TypeAggregateHyperLogLogPlusPlusUniqueCount: - id: GoogleBigtableAdminV2TypeAggregateHyperLogLogPlusPlusUniqueCount - description: >- - Computes an approximate unique count over the input values. When using - raw data as input, be careful to use a consistent encoding. Otherwise - the same value encoded differently could count more than once, or two - distinct values could count as identical. Input: Any, or omit for Raw - State: TBD Special state conversions: `Int64` (the unique count - estimate) + SingleClusterRouting: type: object - properties: {} - GoogleBigtableAdminV2TypeAggregateMax: - id: GoogleBigtableAdminV2TypeAggregateMax + properties: + clusterId: + type: string + description: The cluster to which read/write requests should be routed. + allowTransactionalWrites: + description: >- + Whether or not `CheckAndMutateRow` and `ReadModifyWriteRow` requests + are allowed by this app profile. It is unsafe to send these requests + to the same table/row/column in multiple clusters. + type: boolean description: >- - Computes the max of the input values. Allowed input: `Int64` State: same - as input + Unconditionally routes all read/write requests to a specific cluster. + This option preserves read-your-writes consistency but does not improve + availability. + id: SingleClusterRouting + ListLocationsResponse: + id: ListLocationsResponse + properties: + locations: + type: array + description: >- + A list of locations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Location' + nextPageToken: + description: The standard List next-page token. + type: string type: object - properties: {} - GoogleBigtableAdminV2TypeAggregateMin: - id: GoogleBigtableAdminV2TypeAggregateMin - description: >- - Computes the min of the input values. Allowed input: `Int64` State: same - as input + description: The response message for Locations.ListLocations. + AutomatedBackupPolicy: + id: AutomatedBackupPolicy type: object - properties: {} - GoogleBigtableAdminV2TypeStruct: - id: GoogleBigtableAdminV2TypeStruct - description: >- - A structured data value, consisting of fields which map to dynamically - typed values. Values of type `Struct` are stored in `Value.array_value` - where entries are in the same order and number as `field_types`. + description: Defines an automated backup policy for a table + properties: + frequency: + format: google-duration + type: string + description: >- + How frequently automated backups should occur. The only supported + value at this time is 24 hours. An undefined frequency is treated as + 24 hours. + retentionPeriod: + type: string + description: >- + Required. How long the automated backups should be retained. Values + must be at least 3 days and at most 90 days. + format: google-duration + CreateClusterMetadata: type: object properties: - fields: - description: The names and types of the fields in this struct. - type: array - items: - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeStructField' - encoding: - description: The encoding to use when converting to or from lower level types. - $ref: '#/components/schemas/GoogleBigtableAdminV2TypeStructEncoding' - GoogleBigtableAdminV2TypeStructField: - id: GoogleBigtableAdminV2TypeStructField - description: A struct field and its type. + originalRequest: + description: >- + The request that prompted the initiation of this CreateCluster + operation. + $ref: '#/components/schemas/CreateClusterRequest' + tables: + type: object + additionalProperties: + $ref: '#/components/schemas/TableProgress' + description: >- + Keys: the full `name` of each table that existed in the instance + when CreateCluster was first called, i.e. + `projects//instances//tables/`. Any table added to the instance by a + later API call will be created in the new cluster by that API call, + not this one. Values: information on how much of a table's data has + been copied to the newly-created cluster so far. + finishTime: + format: google-datetime + type: string + description: >- + The time at which the operation failed or was completed + successfully. + requestTime: + format: google-datetime + type: string + description: The time at which the original request was received. + description: The metadata for the Operation returned by CreateCluster. + id: CreateClusterMetadata + UpdateSchemaBundleMetadata: + description: The metadata for the Operation returned by UpdateSchemaBundle. type: object + id: UpdateSchemaBundleMetadata properties: - fieldName: + requestTime: + description: The time at which the original request was received. + type: string + format: google-datetime + finishTime: + format: google-datetime description: >- - The field name (optional). Fields without a `field_name` are - considered anonymous and cannot be referenced by name. + The time at which the operation failed or was completed + successfully. type: string - type: - description: The type of values in this field. - $ref: '#/components/schemas/Type' - GoogleBigtableAdminV2TypeStructEncoding: - id: GoogleBigtableAdminV2TypeStructEncoding - description: Rules used to convert to or from lower level types. + name: + type: string + description: >- + The unique name identifying this schema bundle. Values are of the + form + `projects/{project}/instances/{instance}/tables/{table}/schemaBundles/{schema_bundle}` + UndeleteTableRequest: type: object - properties: - singleton: - description: Use `Singleton` encoding. - $ref: >- - #/components/schemas/GoogleBigtableAdminV2TypeStructEncodingSingleton - delimitedBytes: - description: Use `DelimitedBytes` encoding. - $ref: >- - #/components/schemas/GoogleBigtableAdminV2TypeStructEncodingDelimitedBytes - orderedCodeBytes: - description: User `OrderedCodeBytes` encoding. - $ref: >- - #/components/schemas/GoogleBigtableAdminV2TypeStructEncodingOrderedCodeBytes - GoogleBigtableAdminV2TypeStructEncodingSingleton: - id: GoogleBigtableAdminV2TypeStructEncodingSingleton + id: UndeleteTableRequest description: >- - Uses the encoding of `fields[0].type` as-is. Only valid if `fields.size - == 1`. - type: object + Request message for + google.bigtable.admin.v2.BigtableTableAdmin.UndeleteTable properties: {} - GoogleBigtableAdminV2TypeStructEncodingDelimitedBytes: - id: GoogleBigtableAdminV2TypeStructEncodingDelimitedBytes - description: >- - Fields are encoded independently and concatenated with a configurable - `delimiter` in between. A struct with no fields defined is encoded as a - single `delimiter`. Sorted mode: - Fields are encoded in sorted mode. - - Encoded field values must not contain any bytes <= `delimiter[0]` - - Element-wise order is preserved: `A < B` if `A[0] < B[0]`, or if `A[0] - == B[0] && A[1] < B[1]`, etc. Strict prefixes sort first. Distinct mode: - - Fields are encoded in distinct mode. - Encoded field values must not - contain `delimiter[0]`. + ProtoSchema: + id: ProtoSchema type: object + description: Represents a protobuf schema. properties: - delimiter: + protoDescriptors: description: >- - Byte sequence used to delimit concatenated fields. The delimiter - must contain at least 1 character and at most 50 characters. + Required. Contains a protobuf-serialized + [google.protobuf.FileDescriptorSet](https://github.com/protocolbuffers/protobuf/blob/main/src/google/protobuf/descriptor.proto), + which could include multiple proto files. To generate it, + [install](https://grpc.io/docs/protoc-installation/) and run + `protoc` with `--include_imports` and `--descriptor_set_out`. For + example, to generate for moon/shot/app.proto, run ``` $protoc + --proto_path=/app_path --proto_path=/lib_path \ --include_imports \ + --descriptor_set_out=descriptors.pb \ moon/shot/app.proto ``` For + more details, see protobuffer [self + description](https://developers.google.com/protocol-buffers/docs/techniques#self-description). type: string format: byte - GoogleBigtableAdminV2TypeStructEncodingOrderedCodeBytes: - id: GoogleBigtableAdminV2TypeStructEncodingOrderedCodeBytes - description: >- - Fields are encoded independently and concatenated with the fixed byte - pair {0x00, 0x01} in between. Any null (0x00) byte in an encoded field - is replaced by the fixed byte pair {0x00, 0xFF}. Fields that encode to - the empty string "" have special handling: - If *every* field encodes to - "", or if the STRUCT has no fields defined, then the STRUCT is encoded - as the fixed byte pair {0x00, 0x00}. - Otherwise, the STRUCT only - encodes until the last non-empty field, omitting any trailing empty - fields. Any empty fields that aren't omitted are replaced with the fixed - byte pair {0x00, 0x00}. Examples: - STRUCT() -> "\00\00" - STRUCT("") -> - "\00\00" - STRUCT("", "") -> "\00\00" - STRUCT("", "B") -> "\00\00" + - "\00\01" + "B" - STRUCT("A", "") -> "A" - STRUCT("", "B", "") -> - "\00\00" + "\00\01" + "B" - STRUCT("A", "", "C") -> "A" + "\00\01" + - "\00\00" + "\00\01" + "C" Since null bytes are always escaped, this - encoding can cause size blowup for encodings like `Int64.BigEndianBytes` - that are likely to produce many such bytes. Sorted mode: - Fields are - encoded in sorted mode. - All values supported by the field encodings - are allowed - Element-wise order is preserved: `A < B` if `A[0] < B[0]`, - or if `A[0] == B[0] && A[1] < B[1]`, etc. Strict prefixes sort first. - Distinct mode: - Fields are encoded in distinct mode. - All values - supported by the field encodings are allowed. - type: object - properties: {} - GoogleBigtableAdminV2TypeArray: - id: GoogleBigtableAdminV2TypeArray - description: >- - An ordered list of elements of a given type. Values of type `Array` are - stored in `Value.array_value`. - type: object - properties: - elementType: - description: The type of the elements in the array. This must not be `Array`. - $ref: '#/components/schemas/Type' - GoogleBigtableAdminV2TypeMap: - id: GoogleBigtableAdminV2TypeMap - description: >- - A mapping of keys to values of a given type. Values of type `Map` are - stored in a `Value.array_value` where each entry is another - `Value.array_value` with two elements (the key and the value, in that - order). Normally encoded Map values won't have repeated keys, however, - clients are expected to handle the case in which they do. If the same - key appears multiple times, the _last_ value takes precedence. + Location: type: object + description: A resource that represents a Google Cloud location. + id: Location properties: - keyType: + displayName: description: >- - The type of a map key. Only `Bytes`, `String`, and `Int64` are - allowed as key types. - $ref: '#/components/schemas/Type' - valueType: - description: The type of the values in a map. - $ref: '#/components/schemas/Type' - GoogleBigtableAdminV2TypeProto: - id: GoogleBigtableAdminV2TypeProto - description: >- - A protobuf message type. Values of type `Proto` are stored in - `Value.bytes_value`. - type: object - properties: - schemaBundleId: - description: The ID of the schema bundle that this proto is defined in. + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". type: string - messageName: + labels: description: >- - The fully qualified name of the protobuf message, including package. - In the format of "foo.bar.Message". + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + type: object + additionalProperties: + type: string + metadata: + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' type: string - GoogleBigtableAdminV2TypeEnum: - id: GoogleBigtableAdminV2TypeEnum - description: >- - A protobuf enum type. Values of type `Enum` are stored in - `Value.int_value`. + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + type: string + AutoscalingLimits: type: object properties: - schemaBundleId: - description: The ID of the schema bundle that this enum is defined in. + minServeNodes: + description: Required. Minimum number of nodes to scale down to. + type: integer + format: int32 + maxServeNodes: + description: Required. Maximum number of nodes to scale up to. + type: integer + format: int32 + id: AutoscalingLimits + description: Limits for the number of nodes a Cluster can autoscale up/down to. + Modification: + description: A create, update, or delete of a particular column family. + properties: + update: + description: >- + Update an existing column family to the specified schema, or fail if + no column family exists with the given ID. + $ref: '#/components/schemas/ColumnFamily' + drop: + description: >- + Drop (delete) the column family with the given ID, or fail if no + such family exists. + type: boolean + create: + description: >- + Create a new column family with the specified schema, or fail if one + already exists with the given ID. + $ref: '#/components/schemas/ColumnFamily' + updateMask: type: string - enumName: description: >- - The fully qualified name of the protobuf enum message, including - package. In the format of "foo.bar.EnumMessage". + Optional. A mask specifying which fields (e.g. `gc_rule`) in the + `update` mod should be updated, ignored for other modification + types. If unset or empty, we treat it as updating `gc_rule` to be + backward compatible. + format: google-fieldmask + id: type: string - RestoreInfo: - id: RestoreInfo - description: Information about a table restore. + description: The ID of the column family to be modified. type: object + id: Modification + GenerateConsistencyTokenResponse: properties: - sourceType: - description: The type of the restore source. + consistencyToken: + description: The generated consistency token. type: string - enumDescriptions: - - No restore associated. - - A backup was used as the source of the restore. - enum: - - RESTORE_SOURCE_TYPE_UNSPECIFIED - - BACKUP - backupInfo: + type: object + id: GenerateConsistencyTokenResponse + description: >- + Response message for + google.bigtable.admin.v2.BigtableTableAdmin.GenerateConsistencyToken + HotTablet: + properties: + endTime: + format: google-datetime + readOnly: true + type: string + description: Output only. The end time of the hot tablet. + startTime: + format: google-datetime + description: Output only. The start time of the hot tablet. + type: string + readOnly: true + startKey: + description: Tablet Start Key (inclusive). + type: string + nodeCpuUsagePercent: + type: number description: >- - Information about the backup used to restore the table. The backup - may no longer exist. - $ref: '#/components/schemas/BackupInfo' - BackupInfo: - id: BackupInfo - description: Information about a backup. + Output only. The average CPU usage spent by a node on this tablet + over the start_time to end_time time range. The percentage is the + amount of CPU used by the node to serve the tablet, from 0% (tablet + was not interacted with) to 100% (the node spent all cycles serving + the hot tablet). + format: float + readOnly: true + endKey: + type: string + description: Tablet End Key (inclusive). + tableName: + type: string + description: >- + Name of the table that contains the tablet. Values are of the form + `projects/{project}/instances/{instance}/tables/_a-zA-Z0-9*`. + name: + type: string + description: >- + The unique name of the hot tablet. Values are of the form + `projects/{project}/instances/{instance}/clusters/{cluster}/hotTablets/[a-zA-Z0-9_-]*`. + description: >- + A tablet is a defined by a start and end key and is explained in + https://cloud.google.com/bigtable/docs/overview#architecture and + https://cloud.google.com/bigtable/docs/performance#optimization. A Hot + tablet is a tablet that exhibits high average cpu usage during the time + interval from start time to end time. + id: HotTablet type: object + OperationProgress: properties: - backup: - description: Output only. Name of the backup. - readOnly: true - type: string - startTime: + progressPercent: + format: int32 description: >- - Output only. The time that the backup was started. Row data in the - backup will be no older than this timestamp. - readOnly: true + Percent completion of the operation. Values are between 0 and 100 + inclusive. + type: integer + startTime: + description: Time the request was received. type: string format: google-datetime endTime: - description: >- - Output only. This time that the backup was finished. Row data in the - backup will be no newer than this timestamp. - readOnly: true - type: string format: google-datetime - sourceTable: - description: Output only. Name of the table the backup was created from. - readOnly: true type: string - sourceBackup: description: >- - Output only. Name of the backup from which this backup was copied. - If a backup is not created by copying a backup, this field will be - empty. Values are of the form: - projects//instances//clusters//backups/ - readOnly: true - type: string - ChangeStreamConfig: - id: ChangeStreamConfig - description: Change stream configuration. + If set, the time at which this operation failed or was completed + successfully. type: object - properties: - retentionPeriod: - description: >- - How long the change stream should be retained. Change stream data - older than the retention period will not be returned when reading - the change stream from the table. Values must be at least 1 day and - at most 7 days, and will be truncated to microsecond granularity. - type: string - format: google-duration - TableStats: - id: TableStats description: >- - Approximate statistics related to a table. These statistics are - calculated infrequently, while simultaneously, data in the table can - change rapidly. Thus the values reported here (e.g. row count) are very - likely out-of date, even the instant they are received in this API. - Thus, only treat these values as approximate. IMPORTANT: Everything - below is approximate, unless otherwise specified. + Encapsulates progress related information for a Cloud Bigtable long + running operation. + id: OperationProgress + ListAuthorizedViewsResponse: type: object properties: - rowCount: - description: How many rows are in the table. + nextPageToken: type: string - format: int64 - averageColumnsPerRow: description: >- - How many (column family, column qualifier) combinations are present - per row in the table, averaged over all rows in the table. e.g. A - table with 2 rows: * A row with cells in "family:col" and - "other:col" (2 distinct columns) * A row with cells in "family:col", - "family:other_col", and "other:data" (3 distinct columns) would - report (2 + 3)/2 = 2.5 in this field. - type: number - format: double - averageCellsPerColumn: + Set if not all tables could be returned in a single response. Pass + this value to `page_token` in another request to get the next page + of results. + authorizedViews: + type: array + description: The AuthorizedViews present in the requested table. + items: + $ref: '#/components/schemas/AuthorizedView' + description: >- + Response message for + google.bigtable.admin.v2.BigtableTableAdmin.ListAuthorizedViews + id: ListAuthorizedViewsResponse + UpdateAuthorizedViewRequest: + id: UpdateAuthorizedViewRequest + description: The request for UpdateAuthorizedView. + type: object + properties: + ignoreWarnings: + type: boolean description: >- - How many cells are present per column (column family, column - qualifier) combinations, averaged over all columns in all rows in - the table. e.g. A table with 2 rows: * A row with 3 cells in - "family:col" and 1 cell in "other:col" (4 cells / 2 columns) * A row - with 1 cell in "family:col", 7 cells in "family:other_col", and 7 - cells in "other:data" (15 cells / 3 columns) would report (4 + - 15)/(2 + 3) = 3.8 in this field. - type: number - format: double - logicalDataBytes: + Optional. If true, ignore the safety checks when updating the + AuthorizedView. + authorizedView: description: >- - This is roughly how many bytes would be needed to read the entire - table (e.g. by streaming all contents out). + Required. The AuthorizedView to update. The `name` in + `authorized_view` is used to identify the AuthorizedView. + AuthorizedView name must in this format: + `projects/{project}/instances/{instance}/tables/{table}/authorizedViews/{authorized_view}`. + $ref: '#/components/schemas/AuthorizedView' + updateMask: + format: google-fieldmask type: string - format: int64 - AutomatedBackupPolicy: - id: AutomatedBackupPolicy - description: Defines an automated backup policy for a table + description: >- + Optional. The list of fields to update. A mask specifying which + fields in the AuthorizedView resource should be updated. This mask + is relative to the AuthorizedView resource, not to the request + message. A field will be overwritten if it is in the mask. If empty, + all fields set in the request will be overwritten. A special value + `*` means to overwrite all fields (including fields not set in the + request). + UpdateAuthorizedViewMetadata: + id: UpdateAuthorizedViewMetadata + description: >- + Metadata for the google.longrunning.Operation returned by + UpdateAuthorizedView. type: object properties: - retentionPeriod: + originalRequest: description: >- - Required. How long the automated backups should be retained. Values - must be at least 3 days and at most 90 days. + The request that prompted the initiation of this + UpdateAuthorizedView operation. + $ref: '#/components/schemas/UpdateAuthorizedViewRequest' + finishTime: type: string - format: google-duration - frequency: description: >- - How frequently automated backups should occur. The only supported - value at this time is 24 hours. An undefined frequency is treated as - 24 hours. + The time at which the operation failed or was completed + successfully. + format: google-datetime + requestTime: + description: The time at which the original request was received. + format: google-datetime type: string - format: google-duration + GoogleBigtableAdminV2TypeStringEncoding: + properties: + utf8Raw: + deprecated: true + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeStringEncodingUtf8Raw' + description: 'Deprecated: if set, converts to an empty `utf8_bytes`.' + utf8Bytes: + $ref: >- + #/components/schemas/GoogleBigtableAdminV2TypeStringEncodingUtf8Bytes + description: Use `Utf8Bytes` encoding. + description: Rules used to convert to or from lower level types. + id: GoogleBigtableAdminV2TypeStringEncoding + type: object + ClusterAutoscalingConfig: + properties: + autoscalingTargets: + $ref: '#/components/schemas/AutoscalingTargets' + description: Required. Autoscaling targets for this cluster. + autoscalingLimits: + description: Required. Autoscaling limits for this cluster. + $ref: '#/components/schemas/AutoscalingLimits' + id: ClusterAutoscalingConfig + type: object + description: Autoscaling config for a cluster. + Split: + description: An initial split point for a newly created table. + type: object + properties: + key: + description: Row key to use as an initial tablet boundary. + format: byte + type: string + id: Split TieredStorageConfig: id: TieredStorageConfig - description: >- - Config for tiered storage. A valid config must have a valid - TieredStorageRule. Otherwise the whole TieredStorageConfig must be - unset. By default all data is stored in the SSD tier (only SSD instances - can configure tiered storage). type: object properties: infrequentAccess: + $ref: '#/components/schemas/TieredStorageRule' description: >- Rule to specify what data is stored in the infrequent access(IA) tier. The IA tier allows storing more data per node with reduced performance. - $ref: '#/components/schemas/TieredStorageRule' - TieredStorageRule: - id: TieredStorageRule - description: Rule to specify what data is stored in a storage tier. - type: object + description: >- + Config for tiered storage. A valid config must have a valid + TieredStorageRule. Otherwise the whole TieredStorageConfig must be + unset. By default all data is stored in the SSD tier (only SSD instances + can configure tiered storage). + SchemaBundle: + id: SchemaBundle properties: - includeIfOlderThan: + protoSchema: + description: Schema for Protobufs. + $ref: '#/components/schemas/ProtoSchema' + name: description: >- - Include cells older than the given age. For the infrequent access - tier, this value must be at least 30 days. + Identifier. The unique name identifying this schema bundle. Values + are of the form + `projects/{project}/instances/{instance}/tables/{table}/schemaBundles/{schema_bundle}` type: string - format: google-duration - Split: - id: Split - description: An initial split point for a newly created table. + etag: + description: >- + Optional. The etag for this schema bundle. This may be sent on + update and delete requests to ensure the client has an up-to-date + value before proceeding. The server returns an ABORTED error on a + mismatched etag. + type: string + description: A named collection of related schemas. + type: object + StandardReadRemoteWrites: + description: >- + Checks that all writes before the consistency token was generated are + replicated in every cluster and readable. + id: StandardReadRemoteWrites + properties: {} type: object + CreateMaterializedViewRequest: properties: - key: - description: Row key to use as an initial tablet boundary. + materializedViewId: + description: >- + Required. The ID to use for the materialized view, which will become + the final component of the materialized view's resource name. type: string - format: byte - ListTablesResponse: - id: ListTablesResponse - description: >- - Response message for - google.bigtable.admin.v2.BigtableTableAdmin.ListTables + materializedView: + $ref: '#/components/schemas/MaterializedView' + description: Required. The materialized view to create. + parent: + type: string + description: >- + Required. The parent instance where this materialized view will be + created. Format: `projects/{project}/instances/{instance}`. + type: object + description: Request message for BigtableInstanceAdmin.CreateMaterializedView. + id: CreateMaterializedViewRequest + Operation: + id: Operation type: object properties: - tables: - description: The tables present in the requested instance. - type: array - items: - $ref: '#/components/schemas/Table' - nextPageToken: + error: description: >- - Set if not all tables could be returned in a single response. Pass - this value to `page_token` in another request to get the next page - of results. + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + response: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + name: type: string - UndeleteTableRequest: - id: UndeleteTableRequest + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + metadata: + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object description: >- - Request message for - google.bigtable.admin.v2.BigtableTableAdmin.UndeleteTable + This resource represents a long-running operation that is the result of + a network API call. + GoogleBigtableAdminV2TypeMap: + description: >- + A mapping of keys to values of a given type. Values of type `Map` are + stored in a `Value.array_value` where each entry is another + `Value.array_value` with two elements (the key and the value, in that + order). Normally encoded Map values won't have repeated keys, however, + clients are expected to handle the case in which they do. If the same + key appears multiple times, the _last_ value takes precedence. + properties: + valueType: + $ref: '#/components/schemas/Type' + description: The type of the values in a map. + keyType: + $ref: '#/components/schemas/Type' + description: >- + The type of a map key. Only `Bytes`, `String`, and `Int64` are + allowed as key types. + id: GoogleBigtableAdminV2TypeMap type: object + GoogleBigtableAdminV2TypeAggregateMax: properties: {} - AuthorizedView: - id: AuthorizedView - description: An Authorized View of a Cloud Bigtable Table. type: object + id: GoogleBigtableAdminV2TypeAggregateMax + description: >- + Computes the max of the input values. Allowed input: `Int64` State: same + as input + CheckConsistencyRequest: + description: >- + Request message for + google.bigtable.admin.v2.BigtableTableAdmin.CheckConsistency properties: - name: + dataBoostReadLocalWrites: + $ref: '#/components/schemas/DataBoostReadLocalWrites' description: >- - Identifier. The name of this AuthorizedView. Values are of the form - `projects/{project}/instances/{instance}/tables/{table}/authorizedViews/{authorized_view}` - type: string - subsetView: + Checks that reads using an app profile with + `DataBoostIsolationReadOnly` can see all writes committed before the + token was created, but only if the read and write target the same + cluster. + consistencyToken: description: >- - An AuthorizedView permitting access to an explicit subset of a + Required. The token created using GenerateConsistencyToken for the Table. - $ref: '#/components/schemas/GoogleBigtableAdminV2AuthorizedViewSubsetView' - etag: - description: >- - The etag for this AuthorizedView. If this is provided on update, it - must match the server's etag. The server returns ABORTED error on a - mismatched etag. type: string - deletionProtection: + standardReadRemoteWrites: description: >- - Set to true to make the AuthorizedView protected against deletion. - The parent Table and containing Instance cannot be deleted if an - AuthorizedView has this bit set. - type: boolean - GoogleBigtableAdminV2AuthorizedViewSubsetView: - id: GoogleBigtableAdminV2AuthorizedViewSubsetView - description: >- - Defines a simple AuthorizedView that is a subset of the underlying - Table. + Checks that reads using an app profile with `StandardIsolation` can + see all writes committed before the token was created, even if the + read and write target different clusters. + $ref: '#/components/schemas/StandardReadRemoteWrites' type: object + id: CheckConsistencyRequest + GoogleBigtableAdminV2TypeTimestamp: + type: object + id: GoogleBigtableAdminV2TypeTimestamp properties: - rowPrefixes: - description: >- - Row prefixes to be included in the AuthorizedView. To provide access - to all rows, include the empty string as a prefix (""). - type: array - items: - type: string - format: byte - familySubsets: + encoding: + description: The encoding to use when converting to or from lower level types. + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeTimestampEncoding' + description: >- + Timestamp Values of type `Timestamp` are stored in + `Value.timestamp_value`. + ChangeStreamConfig: + properties: + retentionPeriod: + format: google-duration description: >- - Map from column family name to the columns in this family to be - included in the AuthorizedView. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleBigtableAdminV2AuthorizedViewFamilySubsets - GoogleBigtableAdminV2AuthorizedViewFamilySubsets: - id: GoogleBigtableAdminV2AuthorizedViewFamilySubsets - description: Subsets of a column family that are included in this AuthorizedView. + How long the change stream should be retained. Change stream data + older than the retention period will not be returned when reading + the change stream from the table. Values must be at least 1 day and + at most 7 days, and will be truncated to microsecond granularity. + type: string + id: ChangeStreamConfig + description: Change stream configuration. type: object + SetIamPolicyRequest: + id: SetIamPolicyRequest properties: - qualifiers: + updateMask: + type: string + format: google-fieldmask description: >- - Individual exact column qualifiers to be included in the - AuthorizedView. - type: array - items: - type: string - format: byte - qualifierPrefixes: + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + policy: + $ref: '#/components/schemas/Policy' description: >- - Prefixes for qualifiers to be included in the AuthorizedView. Every - qualifier starting with one of these prefixes is included in the - AuthorizedView. To provide access to all qualifiers, include the - empty string as a prefix (""). - type: array - items: - type: string - format: byte - ListAuthorizedViewsResponse: - id: ListAuthorizedViewsResponse + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + description: Request message for `SetIamPolicy` method. + type: object + ListTablesResponse: description: >- Response message for - google.bigtable.admin.v2.BigtableTableAdmin.ListAuthorizedViews - type: object + google.bigtable.admin.v2.BigtableTableAdmin.ListTables properties: - authorizedViews: - description: The AuthorizedViews present in the requested table. + tables: type: array + description: The tables present in the requested instance. items: - $ref: '#/components/schemas/AuthorizedView' + $ref: '#/components/schemas/Table' nextPageToken: description: >- Set if not all tables could be returned in a single response. Pass this value to `page_token` in another request to get the next page of results. type: string - ModifyColumnFamiliesRequest: - id: ModifyColumnFamiliesRequest - description: >- - Request message for - google.bigtable.admin.v2.BigtableTableAdmin.ModifyColumnFamilies - type: object - properties: - modifications: - description: >- - Required. Modifications to be atomically applied to the specified - table's families. Entries are applied in order, meaning that earlier - modifications can be masked by later ones (in the case of repeated - updates to the same family, for example). - type: array - items: - $ref: '#/components/schemas/Modification' - ignoreWarnings: - description: >- - Optional. If true, ignore safety checks when modifying the column - families. - type: boolean - Modification: - id: Modification - description: A create, update, or delete of a particular column family. + id: ListTablesResponse type: object + GoogleBigtableAdminV2TypeAggregate: properties: - id: - description: The ID of the column family to be modified. - type: string - create: - description: >- - Create a new column family with the specified schema, or fail if one - already exists with the given ID. - $ref: '#/components/schemas/ColumnFamily' - update: - description: >- - Update an existing column family to the specified schema, or fail if - no column family exists with the given ID. - $ref: '#/components/schemas/ColumnFamily' - drop: + hllppUniqueCount: + $ref: >- + #/components/schemas/GoogleBigtableAdminV2TypeAggregateHyperLogLogPlusPlusUniqueCount + description: HyperLogLogPlusPlusUniqueCount aggregator. + min: + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeAggregateMin' + description: Min aggregator. + stateType: + $ref: '#/components/schemas/Type' description: >- - Drop (delete) the column family with the given ID, or fail if no - such family exists. - type: boolean - updateMask: + Output only. Type that holds the internal accumulator state for the + `Aggregate`. This is a function of the `input_type` and `aggregator` + chosen. + readOnly: true + max: + description: Max aggregator. + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeAggregateMax' + inputType: description: >- - Optional. A mask specifying which fields (e.g. `gc_rule`) in the - `update` mod should be updated, ignored for other modification - types. If unset or empty, we treat it as updating `gc_rule` to be - backward compatible. - type: string - format: google-fieldmask - DropRowRangeRequest: - id: DropRowRangeRequest + Type of the inputs that are accumulated by this `Aggregate`. Use + `AddInput` mutations to accumulate new inputs. + $ref: '#/components/schemas/Type' + sum: + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeAggregateSum' + description: Sum aggregator. + id: GoogleBigtableAdminV2TypeAggregate + type: object description: >- - Request message for - google.bigtable.admin.v2.BigtableTableAdmin.DropRowRange + A value that combines incremental updates into a summarized value. Data + is never directly written or read using type `Aggregate`. Writes provide + either the `input_type` or `state_type`, and reads always return the + `state_type` . + OptimizeRestoredTableMetadata: + description: >- + Metadata type for the long-running operation used to track the progress + of optimizations performed on a newly restored table. This long-running + operation is automatically created by the system after the successful + completion of a table restore, and cannot be cancelled. type: object + id: OptimizeRestoredTableMetadata properties: - rowKeyPrefix: - description: >- - Delete all rows that start with this row key prefix. Prefix cannot - be zero length. + name: + description: Name of the restored table being optimized. type: string - format: byte - deleteAllDataFromTable: - description: Delete all rows in the table. Setting this to false is a no-op. - type: boolean + progress: + $ref: '#/components/schemas/OperationProgress' + description: The progress of the post-restore optimizations. + GoogleBigtableAdminV2TypeStructEncodingSingleton: + type: object + description: >- + Uses the encoding of `fields[0].type` as-is. Only valid if `fields.size + == 1`. This encoding does not support `DESC` field ordering. + properties: {} + id: GoogleBigtableAdminV2TypeStructEncodingSingleton + GoogleBigtableAdminV2TypeStructEncoding: + properties: + orderedCodeBytes: + $ref: >- + #/components/schemas/GoogleBigtableAdminV2TypeStructEncodingOrderedCodeBytes + description: User `OrderedCodeBytes` encoding. + singleton: + $ref: >- + #/components/schemas/GoogleBigtableAdminV2TypeStructEncodingSingleton + description: Use `Singleton` encoding. + delimitedBytes: + description: Use `DelimitedBytes` encoding. + $ref: >- + #/components/schemas/GoogleBigtableAdminV2TypeStructEncodingDelimitedBytes + type: object + id: GoogleBigtableAdminV2TypeStructEncoding + description: Rules used to convert to or from lower level types. GenerateConsistencyTokenRequest: + type: object + properties: {} id: GenerateConsistencyTokenRequest description: >- Request message for google.bigtable.admin.v2.BigtableTableAdmin.GenerateConsistencyToken + GetPolicyOptions: + properties: + requestedPolicyVersion: + description: >- + Optional. The maximum policy version that will be used to format the + policy. Valid values are 0, 1, and 3. Requests specifying an invalid + value will be rejected. Requests for policies with any conditional + role bindings must specify version 3. Policies with no conditional + role bindings may specify any valid value or leave the field unset. + The policy in the response might use the policy version that you + specified, or it might use a lower policy version. For example, if + you specify version 3, but the policy has no conditional role + bindings, the response uses version 1. To learn which resources + support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + format: int32 + type: integer type: object - properties: {} - GenerateConsistencyTokenResponse: - id: GenerateConsistencyTokenResponse - description: >- - Response message for - google.bigtable.admin.v2.BigtableTableAdmin.GenerateConsistencyToken + id: GetPolicyOptions + description: Encapsulates settings provided to GetIamPolicy. + TestIamPermissionsResponse: + id: TestIamPermissionsResponse type: object + description: Response message for `TestIamPermissions` method. properties: - consistencyToken: - description: The generated consistency token. - type: string - CheckConsistencyRequest: - id: CheckConsistencyRequest - description: >- - Request message for - google.bigtable.admin.v2.BigtableTableAdmin.CheckConsistency + permissions: + type: array + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + items: + type: string + ListSchemaBundlesResponse: + id: ListSchemaBundlesResponse type: object properties: - consistencyToken: - description: >- - Required. The token created using GenerateConsistencyToken for the - Table. + schemaBundles: + description: The schema bundles from the specified table. + type: array + items: + $ref: '#/components/schemas/SchemaBundle' + nextPageToken: type: string - standardReadRemoteWrites: - description: >- - Checks that reads using an app profile with `StandardIsolation` can - see all writes committed before the token was created, even if the - read and write target different clusters. - $ref: '#/components/schemas/StandardReadRemoteWrites' - dataBoostReadLocalWrites: description: >- - Checks that reads using an app profile with - `DataBoostIsolationReadOnly` can see all writes committed before the - token was created, but only if the read and write target the same - cluster. - $ref: '#/components/schemas/DataBoostReadLocalWrites' - StandardReadRemoteWrites: - id: StandardReadRemoteWrites - description: >- - Checks that all writes before the consistency token was generated are - replicated in every cluster and readable. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + description: The response for ListSchemaBundles. + RowAffinity: type: object + id: RowAffinity properties: {} - DataBoostReadLocalWrites: - id: DataBoostReadLocalWrites description: >- - Checks that all writes before the consistency token was generated in the - same cluster are readable by Databoost. + If enabled, Bigtable will route the request based on the row key of the + request, rather than randomly. Instead, each row key will be assigned to + a cluster, and will stick to that cluster. If clusters are added or + removed, then this may affect which row keys stick to which clusters. To + avoid this, users can use a cluster group to specify which clusters are + to be used. In this case, new clusters that are not a part of the + cluster group will not be routed to, and routing will be unaffected by + the new cluster. Moreover, clusters specified in the cluster group + cannot be deleted unless removed from the cluster group. + StandardIsolation: type: object - properties: {} - CheckConsistencyResponse: - id: CheckConsistencyResponse + id: StandardIsolation + properties: + priority: + description: The priority of requests sent using this app profile. + enum: + - PRIORITY_UNSPECIFIED + - PRIORITY_LOW + - PRIORITY_MEDIUM + - PRIORITY_HIGH + enumDescriptions: + - >- + Default value. Mapped to PRIORITY_HIGH (the legacy behavior) on + creation. + - '' + - '' + - '' + type: string description: >- - Response message for - google.bigtable.admin.v2.BigtableTableAdmin.CheckConsistency + Standard options for isolating this app profile's traffic from other use + cases. + GoogleBigtableAdminV2TypeDate: + properties: {} + description: Date Values of type `Date` are stored in `Value.date_value`. type: object - properties: - consistent: - description: >- - True only if the token is consistent. A token is consistent if - replication has caught up with the restrictions specified in the - request. - type: boolean + id: GoogleBigtableAdminV2TypeDate Backup: id: Backup - description: A backup of a Cloud Bigtable table. - type: object properties: + sizeBytes: + type: string + readOnly: true + description: Output only. Size of the backup in bytes. + format: int64 name: description: >- A globally unique identifier for the backup which cannot be changed. @@ -2418,70 +2399,59 @@ components: identified by the prefix of the backup name of the form `projects/{project}/instances/{instance}/clusters/{cluster}`. type: string - sourceTable: - description: >- - Required. Immutable. Name of the table from which this backup was - created. This needs to be in the same instance as the backup. Values - are of the form - `projects/{project}/instances/{instance}/tables/{source_table}`. - type: string sourceBackup: + readOnly: true + type: string description: >- Output only. Name of the backup from which this backup was copied. If a backup is not created by copying a backup, this field will be empty. Values are of the form: projects//instances//clusters//backups/ + encryptionInfo: readOnly: true - type: string + description: Output only. The encryption information for the backup. + $ref: '#/components/schemas/EncryptionInfo' expireTime: + format: google-datetime + type: string description: >- Required. The expiration time of the backup. When creating a backup or updating its `expire_time`, the value must be greater than the backup creation time by: - At least 6 hours - At most 90 days Once the `expire_time` has passed, Cloud Bigtable will delete the backup. + sourceTable: + description: >- + Required. Immutable. Name of the table from which this backup was + created. This needs to be in the same instance as the backup. Values + are of the form + `projects/{project}/instances/{instance}/tables/{source_table}`. type: string - format: google-datetime startTime: + readOnly: true + type: string + format: google-datetime description: >- Output only. `start_time` is the time that the backup was started (i.e. approximately the time the CreateBackup request is received). The row data in this backup will be no older than this timestamp. - readOnly: true - type: string + hotToStandardTime: format: google-datetime - endTime: + type: string description: >- - Output only. `end_time` is the time that the backup was finished. - The row data in the backup will be no newer than this timestamp. - readOnly: true + The time at which the hot backup will be converted to a standard + backup. Once the `hot_to_standard_time` has passed, Cloud Bigtable + will convert the hot backup to a standard backup. This value must be + greater than the backup creation time by: - At least 24 hours This + field only applies for hot backups. When creating or updating a + standard backup, attempting to set this field will fail the request. + endTime: type: string format: google-datetime - sizeBytes: - description: Output only. Size of the backup in bytes. - readOnly: true - type: string - format: int64 - state: - description: Output only. The current state of the backup. - readOnly: true - type: string - enumDescriptions: - - Not specified. - - >- - The pending backup is still being created. Operations on the - backup may fail with `FAILED_PRECONDITION` in this state. - - The backup is complete and ready for use. - enum: - - STATE_UNSPECIFIED - - CREATING - - READY - encryptionInfo: - description: Output only. The encryption information for the backup. readOnly: true - $ref: '#/components/schemas/EncryptionInfo' + description: >- + Output only. `end_time` is the time that the backup was finished. + The row data in the backup will be no newer than this timestamp. backupType: - description: Indicates the backup type of the backup. - type: string enumDescriptions: - Not specified. - >- @@ -2497,766 +2467,962 @@ components: - BACKUP_TYPE_UNSPECIFIED - STANDARD - HOT - hotToStandardTime: - description: >- - The time at which the hot backup will be converted to a standard - backup. Once the `hot_to_standard_time` has passed, Cloud Bigtable - will convert the hot backup to a standard backup. This value must be - greater than the backup creation time by: - At least 24 hours This - field only applies for hot backups. When creating or updating a - standard backup, attempting to set this field will fail the request. type: string - format: google-datetime - ListBackupsResponse: - id: ListBackupsResponse - description: The response for ListBackups. - type: object - properties: - backups: - description: The list of matching backups. - type: array - items: - $ref: '#/components/schemas/Backup' - nextPageToken: - description: >- - `next_page_token` can be sent in a subsequent ListBackups call to - fetch more of the matching backups. + description: Indicates the backup type of the backup. + state: + description: Output only. The current state of the backup. type: string - RestoreTableRequest: - id: RestoreTableRequest - description: The request for RestoreTable. + readOnly: true + enumDescriptions: + - Not specified. + - >- + The pending backup is still being created. Operations on the + backup may fail with `FAILED_PRECONDITION` in this state. + - The backup is complete and ready for use. + enum: + - STATE_UNSPECIFIED + - CREATING + - READY + description: A backup of a Cloud Bigtable table. + type: object + CreateAuthorizedViewMetadata: type: object + description: The metadata for the Operation returned by CreateAuthorizedView. + id: CreateAuthorizedViewMetadata properties: - tableId: + finishTime: + format: google-datetime description: >- - Required. The id of the table to create and restore to. This table - must not already exist. The `table_id` appended to `parent` forms - the full table name of the form `projects//instances//tables/`. + The time at which the operation failed or was completed + successfully. type: string - backup: - description: >- - Name of the backup from which to restore. Values are of the form - `projects//instances//clusters//backups/`. + requestTime: + format: google-datetime + description: The time at which the original request was received. type: string - CopyBackupRequest: - id: CopyBackupRequest - description: The request for CopyBackup. - type: object + originalRequest: + $ref: '#/components/schemas/CreateAuthorizedViewRequest' + description: >- + The request that prompted the initiation of this + CreateAuthorizedView operation. + CreateLogicalViewRequest: properties: - backupId: + logicalView: + description: Required. The logical view to create. + $ref: '#/components/schemas/LogicalView' + parent: description: >- - Required. The id of the new backup. The `backup_id` along with - `parent` are combined as {parent}/backups/{backup_id} to create the - full backup name, of the form: - `projects/{project}/instances/{instance}/clusters/{cluster}/backups/{backup_id}`. - This string must be between 1 and 50 characters in length and match - the regex _a-zA-Z0-9*. + Required. The parent instance where this logical view will be + created. Format: `projects/{project}/instances/{instance}`. type: string - sourceBackup: - description: >- - Required. The source backup to be copied from. The source backup - needs to be in READY state for it to be copied. Copying a copied - backup is not allowed. Once CopyBackup is in progress, the source - backup cannot be deleted or cleaned up on expiration until - CopyBackup is finished. Values are of the form: - `projects//instances//clusters//backups/`. + logicalViewId: type: string - expireTime: description: >- - Required. Required. The expiration time of the copied backup with - microsecond granularity that must be at least 6 hours and at most 30 - days from the time the request is received. Once the `expire_time` - has passed, Cloud Bigtable will delete the backup and free the - resources used by the backup. - type: string - format: google-datetime - SchemaBundle: - id: SchemaBundle - description: A named collection of related schemas. + Required. The ID to use for the logical view, which will become the + final component of the logical view's resource name. + id: CreateLogicalViewRequest + type: object + description: Request message for BigtableInstanceAdmin.CreateLogicalView. + ColumnFamily: type: object properties: - name: + gcRule: + $ref: '#/components/schemas/GcRule' description: >- - Identifier. The unique name identifying this schema bundle. Values - are of the form - `projects/{project}/instances/{instance}/tables/{table}/schemaBundles/{schema_bundle}` - type: string - protoSchema: - description: Schema for Protobufs. - $ref: '#/components/schemas/ProtoSchema' - etag: + Garbage collection rule specified as a protobuf. Must serialize to + at most 500 bytes. NOTE: Garbage collection executes + opportunistically in the background, and so it's possible for reads + to return a cell even if it matches the active GC expression for its + family. + valueType: description: >- - Optional. The etag for this schema bundle. This may be sent on - update and delete requests to ensure the client has an up-to-date - value before proceeding. The server returns an ABORTED error on a - mismatched etag. - type: string - ProtoSchema: - id: ProtoSchema - description: Represents a protobuf schema. - type: object - properties: - protoDescriptors: + The type of data stored in each of this family's cell values, + including its full encoding. If omitted, the family only serves raw + untyped bytes. For now, only the `Aggregate` type is supported. + `Aggregate` can only be set at family creation and is immutable + afterwards. This field is mutually exclusive with `sql_type`. If + `value_type` is `Aggregate`, written data must be compatible with: * + `value_type.input_type` for `AddInput` mutations + $ref: '#/components/schemas/Type' + stats: description: >- - Required. Contains a protobuf-serialized - [google.protobuf.FileDescriptorSet](https://github.com/protocolbuffers/protobuf/blob/main/src/google/protobuf/descriptor.proto), - which could include multiple proto files. To generate it, - [install](https://grpc.io/docs/protoc-installation/) and run - `protoc` with `--include_imports` and `--descriptor_set_out`. For - example, to generate for moon/shot/app.proto, run ``` $protoc - --proto_path=/app_path --proto_path=/lib_path \ --include_imports \ - --descriptor_set_out=descriptors.pb \ moon/shot/app.proto ``` For - more details, see protobuffer [self - description](https://developers.google.com/protocol-buffers/docs/techniques#self-description). - type: string - format: byte - ListSchemaBundlesResponse: - id: ListSchemaBundlesResponse - description: The response for ListSchemaBundles. + Output only. Only available with STATS_VIEW, this includes summary + statistics about column family contents. For statistics over an + entire table, see TableStats above. + $ref: '#/components/schemas/ColumnFamilyStats' + readOnly: true + id: ColumnFamily + description: A set of columns within a table which share a common configuration. + Intersection: + id: Intersection type: object + description: A GcRule which deletes cells matching all of the given rules. properties: - schemaBundles: - description: The schema bundles from the specified table. + rules: + description: >- + Only delete cells which would be deleted by every element of + `rules`. + items: + $ref: '#/components/schemas/GcRule' type: array + Policy: + properties: + bindings: items: - $ref: '#/components/schemas/SchemaBundle' - nextPageToken: + $ref: '#/components/schemas/Binding' + type: array description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + etag: + format: byte + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. type: string - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. + auditConfigs: + type: array + items: + $ref: '#/components/schemas/AuditConfig' + description: Specifies cloud audit logging configuration for this policy. + version: + type: integer + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + format: int32 type: object - properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + id: Policy + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + AutoscalingTargets: + description: >- + The Autoscaling targets for a Cluster. These determine the recommended + nodes. + id: AutoscalingTargets type: object properties: - name: + storageUtilizationGibPerNode: + type: integer description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: + The storage utilization that the Autoscaler should be trying to + achieve. This number is limited between 2560 (2.5TiB) and 5120 + (5TiB) for a SSD cluster and between 8192 (8TiB) and 16384 (16TiB) + for an HDD cluster, otherwise it will return INVALID_ARGUMENT error. + If this value is set to 0, it will be treated as if it were set to + the default value: 2560 for SSD, 8192 for HDD. + format: int32 + cpuUtilizationPercent: + type: integer description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: + The cpu utilization that the Autoscaler should be trying to achieve. + This number is on a scale from 0 (no utilization) to 100 (total + utilization), and is limited between 10 and 80, otherwise it will + return INVALID_ARGUMENT error. + format: int32 + CreateInstanceRequest: + description: Request message for BigtableInstanceAdmin.CreateInstance. + properties: + instance: + $ref: '#/components/schemas/Instance' description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} + Required. The instance to create. Fields marked `OutputOnly` must be + left blank. + clusters: type: object - additionalProperties: - type: string - metadata: description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object + Required. The clusters to be created within the instance, mapped by + desired cluster ID, e.g., just `mycluster` rather than + `projects/myproject/instances/myinstance/clusters/mycluster`. Fields + marked `OutputOnly` must be left blank. additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - CreateInstanceMetadata: - id: CreateInstanceMetadata - description: The metadata for the Operation returned by CreateInstance. - type: object - properties: - originalRequest: + $ref: '#/components/schemas/Cluster' + instanceId: description: >- - The request that prompted the initiation of this CreateInstance - operation. - $ref: '#/components/schemas/CreateInstanceRequest' - requestTime: - description: The time at which the original request was received. + Required. The ID to be used when referring to the new instance + within its project, e.g., just `myinstance` rather than + `projects/myproject/instances/myinstance`. type: string - format: google-datetime - finishTime: - description: >- - The time at which the operation failed or was completed - successfully. + parent: type: string - format: google-datetime - UpdateInstanceMetadata: - id: UpdateInstanceMetadata - description: The metadata for the Operation returned by UpdateInstance. + description: >- + Required. The unique name of the project in which to create the new + instance. Values are of the form `projects/{project}`. type: object + id: CreateInstanceRequest + GoogleBigtableAdminV2TypeBytes: + description: Bytes Values of type `Bytes` are stored in `Value.bytes_value`. properties: - originalRequest: - description: >- - The request that prompted the initiation of this UpdateInstance - operation. - $ref: '#/components/schemas/PartialUpdateInstanceRequest' - requestTime: - description: The time at which the original request was received. - type: string - format: google-datetime - finishTime: - description: >- - The time at which the operation failed or was completed - successfully. - type: string - format: google-datetime - PartialUpdateInstanceRequest: - id: PartialUpdateInstanceRequest - description: Request message for BigtableInstanceAdmin.PartialUpdateInstance. + encoding: + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeBytesEncoding' + description: The encoding to use when converting to or from lower level types. type: object + id: GoogleBigtableAdminV2TypeBytes + CreateTableRequest: + description: >- + Request message for + google.bigtable.admin.v2.BigtableTableAdmin.CreateTable properties: - instance: + tableId: + type: string description: >- - Required. The Instance which will (partially) replace the current - value. - $ref: '#/components/schemas/Instance' - updateMask: + Required. The name by which the new table should be referred to + within the parent instance, e.g., `foobar` rather than + `{parent}/tables/foobar`. Maximum 50 characters. + table: + description: Required. The Table to create. + $ref: '#/components/schemas/Table' + initialSplits: description: >- - Required. The subset of Instance fields which should be replaced. - Must be explicitly set. - type: string - format: google-fieldmask - CreateClusterMetadata: - id: CreateClusterMetadata - description: The metadata for the Operation returned by CreateCluster. + The optional list of row keys that will be used to initially split + the table into several tablets (tablets are similar to HBase + regions). Given two split keys, `s1` and `s2`, three tablets will be + created, spanning the key ranges: `[, s1), [s1, s2), [s2, )`. + Example: * Row keys := `["a", "apple", "custom", "customer_1", + "customer_2",` `"other", "zz"]` * initial_split_keys := `["apple", + "customer_1", "customer_2", "other"]` * Key assignment: - Tablet 1 + `[, apple) => {"a"}.` - Tablet 2 `[apple, customer_1) => {"apple", + "custom"}.` - Tablet 3 `[customer_1, customer_2) => {"customer_1"}.` + - Tablet 4 `[customer_2, other) => {"customer_2"}.` - Tablet 5 + `[other, ) => {"other", "zz"}.` + type: array + items: + $ref: '#/components/schemas/Split' type: object + id: CreateTableRequest + GoogleBigtableAdminV2AuthorizedViewFamilySubsets: properties: - originalRequest: - description: >- - The request that prompted the initiation of this CreateCluster - operation. - $ref: '#/components/schemas/CreateClusterRequest' - requestTime: - description: The time at which the original request was received. - type: string - format: google-datetime - finishTime: + qualifierPrefixes: + items: + format: byte + type: string + type: array description: >- - The time at which the operation failed or was completed - successfully. - type: string - format: google-datetime - tables: + Prefixes for qualifiers to be included in the AuthorizedView. Every + qualifier starting with one of these prefixes is included in the + AuthorizedView. To provide access to all qualifiers, include the + empty string as a prefix (""). + qualifiers: description: >- - Keys: the full `name` of each table that existed in the instance - when CreateCluster was first called, i.e. - `projects//instances//tables/`. Any table added to the instance by a - later API call will be created in the new cluster by that API call, - not this one. Values: information on how much of a table's data has - been copied to the newly-created cluster so far. - type: object - additionalProperties: - $ref: '#/components/schemas/TableProgress' - CreateClusterRequest: - id: CreateClusterRequest - description: Request message for BigtableInstanceAdmin.CreateCluster. + Individual exact column qualifiers to be included in the + AuthorizedView. + type: array + items: + type: string + format: byte + description: Subsets of a column family that are included in this AuthorizedView. + type: object + id: GoogleBigtableAdminV2AuthorizedViewFamilySubsets + RestoreInfo: + id: RestoreInfo + description: Information about a table restore. type: object properties: - parent: - description: >- - Required. The unique name of the instance in which to create the new - cluster. Values are of the form - `projects/{project}/instances/{instance}`. + sourceType: + description: The type of the restore source. type: string - clusterId: + enum: + - RESTORE_SOURCE_TYPE_UNSPECIFIED + - BACKUP + enumDescriptions: + - No restore associated. + - A backup was used as the source of the restore. + backupInfo: description: >- - Required. The ID to be used when referring to the new cluster within - its instance, e.g., just `mycluster` rather than - `projects/myproject/instances/myinstance/clusters/mycluster`. + Information about the backup used to restore the table. The backup + may no longer exist. + $ref: '#/components/schemas/BackupInfo' + Status: + id: Status + properties: + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - cluster: + details: + items: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + type: array description: >- - Required. The cluster to be created. Fields marked `OutputOnly` must - be left blank. - $ref: '#/components/schemas/Cluster' - TableProgress: - id: TableProgress - description: Progress info for copying a table's data to the new cluster. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: object + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + GoogleBigtableAdminV2TypeInt64: + id: GoogleBigtableAdminV2TypeInt64 type: object properties: - estimatedSizeBytes: - description: Estimate of the size of the table to be copied. - type: string - format: int64 - estimatedCopiedBytes: - description: >- - Estimate of the number of bytes copied so far for this table. This - will eventually reach 'estimated_size_bytes' unless the table copy - is CANCELLED. - type: string - format: int64 - state: - type: string - enumDescriptions: - - '' - - The table has not yet begun copying to the new cluster. - - The table is actively being copied to the new cluster. - - The table has been fully copied to the new cluster. - - >- - The table was deleted before it finished copying to the new - cluster. Note that tables deleted after completion will stay - marked as COMPLETED, not CANCELLED. - enum: - - STATE_UNSPECIFIED - - PENDING - - COPYING - - COMPLETED - - CANCELLED - PartialUpdateClusterMetadata: - id: PartialUpdateClusterMetadata - description: The metadata for the Operation returned by PartialUpdateCluster. + encoding: + description: The encoding to use when converting to or from lower level types. + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeInt64Encoding' + description: Int64 Values of type `Int64` are stored in `Value.int_value`. + GoogleBigtableAdminV2TypeFloat32: + id: GoogleBigtableAdminV2TypeFloat32 + type: object + description: Float32 Values of type `Float32` are stored in `Value.float_value`. + properties: {} + CreateBackupMetadata: + id: CreateBackupMetadata type: object + description: Metadata type for the operation returned by CreateBackup. properties: - requestTime: - description: The time at which the original request was received. + sourceTable: + description: The name of the table the backup is created from. type: string - format: google-datetime finishTime: + type: string description: >- The time at which the operation failed or was completed successfully. - type: string format: google-datetime - originalRequest: - description: The original request for PartialUpdateCluster. - $ref: '#/components/schemas/PartialUpdateClusterRequest' - PartialUpdateClusterRequest: - id: PartialUpdateClusterRequest - description: Request message for BigtableInstanceAdmin.PartialUpdateCluster. - type: object - properties: - cluster: - description: >- - Required. The Cluster which contains the partial updates to be - applied, subject to the update_mask. - $ref: '#/components/schemas/Cluster' - updateMask: - description: Required. The subset of Cluster fields which should be replaced. + endTime: + deprecated: true + format: google-datetime type: string - format: google-fieldmask - UpdateClusterMetadata: - id: UpdateClusterMetadata - description: The metadata for the Operation returned by UpdateCluster. - type: object - properties: - originalRequest: description: >- - The request that prompted the initiation of this UpdateCluster - operation. - $ref: '#/components/schemas/Cluster' + If set, the time at which this operation finished or was cancelled. + DEPRECATED: Use finish_time instead. requestTime: - description: The time at which the original request was received. - type: string - format: google-datetime - finishTime: - description: >- - The time at which the operation failed or was completed - successfully. type: string format: google-datetime - UpdateAppProfileMetadata: - id: UpdateAppProfileMetadata - description: The metadata for the Operation returned by UpdateAppProfile. - type: object - properties: {} - CreateBackupMetadata: - id: CreateBackupMetadata - description: Metadata type for the operation returned by CreateBackup. - type: object - properties: + description: The time at which the original request was received. name: - description: The name of the backup being created. - type: string - sourceTable: - description: The name of the table the backup is created from. type: string + description: The name of the backup being created. startTime: - description: The time at which this operation started. - type: string + deprecated: true format: google-datetime - endTime: - description: If set, the time at which this operation finished or was cancelled. type: string - format: google-datetime - CreateAuthorizedViewMetadata: - id: CreateAuthorizedViewMetadata - description: The metadata for the Operation returned by CreateAuthorizedView. + description: >- + The time at which this operation started. DEPRECATED: Use + request_time instead. + Type: + description: >- + `Type` represents the type of data that is written to, read from, or + stored in Bigtable. It is heavily based on the GoogleSQL standard to + help maintain familiarity and consistency across products and features. + For compatibility with Bigtable's existing untyped APIs, each `Type` + includes an `Encoding` which describes how to convert to or from the + underlying data. Each encoding can operate in one of two modes: - + Sorted: In this mode, Bigtable guarantees that `Encode(X) <= Encode(Y)` + if and only if `X <= Y`. This is useful anywhere sort order is + important, for example when encoding keys. - Distinct: In this mode, + Bigtable guarantees that if `X != Y` then `Encode(X) != Encode(Y)`. + However, the converse is not guaranteed. For example, both `{'foo': '1', + 'bar': '2'}` and `{'bar': '2', 'foo': '1'}` are valid encodings of the + same JSON value. The API clearly documents which mode is used wherever + an encoding can be configured. Each encoding also documents which values + are supported in which modes. For example, when encoding INT64 as a + numeric STRING, negative numbers cannot be encoded in sorted mode. This + is because `INT64(1) > INT64(-1)`, but `STRING("-00001") > + STRING("00001")`. + properties: + structType: + description: Struct + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeStruct' + dateType: + description: Date + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeDate' + timestampType: + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeTimestamp' + description: Timestamp + int64Type: + description: Int64 + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeInt64' + boolType: + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeBool' + description: Bool + bytesType: + description: Bytes + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeBytes' + arrayType: + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeArray' + description: Array + enumType: + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeEnum' + description: Enum + protoType: + description: Proto + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeProto' + stringType: + description: String + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeString' + float32Type: + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeFloat32' + description: Float32 + mapType: + description: Map + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeMap' + float64Type: + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeFloat64' + description: Float64 + aggregateType: + description: Aggregate + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeAggregate' + id: Type + type: object + DataBoostIsolationReadOnly: + id: DataBoostIsolationReadOnly + properties: + computeBillingOwner: + description: The Compute Billing Owner for this Data Boost App Profile. + type: string + enum: + - COMPUTE_BILLING_OWNER_UNSPECIFIED + - HOST_PAYS + enumDescriptions: + - Unspecified value. + - >- + The host Cloud Project containing the targeted Bigtable Instance / + Table pays for compute. + type: object + description: >- + Data Boost is a serverless compute capability that lets you run + high-throughput read jobs and queries on your Bigtable data, without + impacting the performance of the clusters that handle your application + traffic. Data Boost supports read-only use cases with single-cluster + routing. + CreateLogicalViewMetadata: + description: The metadata for the Operation returned by CreateLogicalView. + id: CreateLogicalViewMetadata type: object properties: - originalRequest: - description: >- - The request that prompted the initiation of this - CreateAuthorizedView operation. - $ref: '#/components/schemas/CreateAuthorizedViewRequest' requestTime: description: The time at which the original request was received. - type: string format: google-datetime + type: string + originalRequest: + description: >- + The request that prompted the initiation of this CreateLogicalView + operation. + $ref: '#/components/schemas/CreateLogicalViewRequest' finishTime: + type: string + format: google-datetime description: >- The time at which the operation failed or was completed successfully. + startTime: type: string + deprecated: true format: google-datetime - CreateAuthorizedViewRequest: - id: CreateAuthorizedViewRequest - description: The request for CreateAuthorizedView + description: 'DEPRECATED: Use request_time instead.' + endTime: + type: string + deprecated: true + format: google-datetime + description: 'DEPRECATED: Use finish_time instead.' + GoogleBigtableAdminV2TypeBytesEncoding: + description: Rules used to convert to or from lower level types. + properties: + raw: + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeBytesEncodingRaw' + description: Use `Raw` encoding. + type: object + id: GoogleBigtableAdminV2TypeBytesEncoding + ClusterState: + description: The state of a table's data in a particular cluster. type: object + id: ClusterState properties: - parent: - description: >- - Required. This is the name of the table the AuthorizedView belongs - to. Values are of the form - `projects/{project}/instances/{instance}/tables/{table}`. - type: string - authorizedViewId: + encryptionInfo: + readOnly: true description: >- - Required. The id of the AuthorizedView to create. This - AuthorizedView must not already exist. The `authorized_view_id` - appended to `parent` forms the full AuthorizedView name of the form - `projects/{project}/instances/{instance}/tables/{table}/authorizedView/{authorized_view}`. + Output only. The encryption information for the table in this + cluster. If the encryption key protecting this resource is customer + managed, then its version can be rotated in Cloud Key Management + Service (Cloud KMS). The primary version of the key and its status + will be reflected here when changes propagate from Cloud KMS. + items: + $ref: '#/components/schemas/EncryptionInfo' + type: array + replicationState: + description: Output only. The state of replication for the table in this cluster. + enumDescriptions: + - The replication state of the table is unknown in this cluster. + - >- + The cluster was recently created, and the table must finish + copying over pre-existing data from other clusters before it can + begin receiving live replication updates and serving Data API + requests. + - >- + The table is temporarily unable to serve Data API requests from + this cluster due to planned internal maintenance. + - >- + The table is temporarily unable to serve Data API requests from + this cluster due to unplanned or emergency maintenance. + - >- + The table can serve Data API requests from this cluster. Depending + on replication delay, reads may not immediately reflect the state + of the table in other clusters. + - >- + The table is fully created and ready for use after a restore, and + is being optimized for performance. When optimizations are + complete, the table will transition to `READY` state. + readOnly: true + enum: + - STATE_NOT_KNOWN + - INITIALIZING + - PLANNED_MAINTENANCE + - UNPLANNED_MAINTENANCE + - READY + - READY_OPTIMIZING type: string - authorizedView: - description: Required. The AuthorizedView to create. - $ref: '#/components/schemas/AuthorizedView' - CopyBackupMetadata: - id: CopyBackupMetadata + CheckConsistencyResponse: description: >- - Metadata type for the google.longrunning.Operation returned by - CopyBackup. + Response message for + google.bigtable.admin.v2.BigtableTableAdmin.CheckConsistency + id: CheckConsistencyResponse type: object properties: - name: + consistent: + type: boolean description: >- - The name of the backup being created through the copy operation. - Values are of the form `projects//instances//clusters//backups/`. - type: string - sourceBackupInfo: - description: Information about the source backup that is being copied from. - $ref: '#/components/schemas/BackupInfo' - progress: - description: The progress of the CopyBackup operation. - $ref: '#/components/schemas/OperationProgress' - OperationProgress: - id: OperationProgress - description: >- - Encapsulates progress related information for a Cloud Bigtable long - running operation. + True only if the token is consistent. A token is consistent if + replication has caught up with the restrictions specified in the + request. + UndeleteTableMetadata: type: object + id: UndeleteTableMetadata properties: - progressPercent: - description: >- - Percent completion of the operation. Values are between 0 and 100 - inclusive. - type: integer - format: int32 - startTime: - description: Time the request was received. - type: string - format: google-datetime endTime: description: >- - If set, the time at which this operation failed or was completed - successfully. + If set, the time at which this operation finished or was cancelled. + DEPRECATED: Use finish_time instead. type: string format: google-datetime - RestoreTableMetadata: - id: RestoreTableMetadata - description: Metadata type for the long-running operation returned by RestoreTable. - type: object - properties: + deprecated: true name: - description: Name of the table being created and restored to. type: string - sourceType: - description: The type of the restore source. + description: The name of the table being restored. + startTime: + deprecated: true + format: google-datetime type: string - enumDescriptions: - - No restore associated. - - A backup was used as the source of the restore. - enum: - - RESTORE_SOURCE_TYPE_UNSPECIFIED - - BACKUP - backupInfo: - $ref: '#/components/schemas/BackupInfo' - optimizeTableOperationName: description: >- - If exists, the name of the long-running operation that will be used - to track the post-restore optimization process to optimize the - performance of the restored table. The metadata type of the - long-running operation is OptimizeRestoredTableMetadata. The - response type is Empty. This long-running operation may be - automatically created by the system if applicable after the - RestoreTable long-running operation completes successfully. This - operation may not be created if the table is already optimized or - the restore was not successful. + The time at which this operation started. DEPRECATED: Use + request_time instead. + requestTime: + description: The time at which the original request was received. + format: google-datetime type: string - progress: - description: The progress of the RestoreTable operation. - $ref: '#/components/schemas/OperationProgress' - OptimizeRestoredTableMetadata: - id: OptimizeRestoredTableMetadata - description: >- - Metadata type for the long-running operation used to track the progress - of optimizations performed on a newly restored table. This long-running - operation is automatically created by the system after the successful - completion of a table restore, and cannot be cancelled. - type: object - properties: - name: - description: Name of the restored table being optimized. + finishTime: + format: google-datetime type: string - progress: - description: The progress of the post-restore optimizations. - $ref: '#/components/schemas/OperationProgress' - UndeleteTableMetadata: - id: UndeleteTableMetadata + description: >- + The time at which the operation failed or was completed + successfully. description: >- Metadata type for the operation returned by google.bigtable.admin.v2.BigtableTableAdmin.UndeleteTable. + GoogleBigtableAdminV2TypeString: + description: String Values of type `String` are stored in `Value.string_value`. type: object properties: - name: - description: The name of the table being restored. - type: string - startTime: - description: The time at which this operation started. - type: string - format: google-datetime - endTime: - description: If set, the time at which this operation finished or was cancelled. - type: string - format: google-datetime - UpdateTableMetadata: - id: UpdateTableMetadata - description: Metadata type for the operation returned by UpdateTable. + encoding: + description: The encoding to use when converting to or from lower level types. + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeStringEncoding' + id: GoogleBigtableAdminV2TypeString + Empty: + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + id: Empty + properties: {} + TestIamPermissionsRequest: + description: Request message for `TestIamPermissions` method. + id: TestIamPermissionsRequest type: object properties: - name: - description: The name of the table being updated. - type: string - startTime: - description: The time at which this operation started. - type: string - format: google-datetime - endTime: - description: If set, the time at which this operation finished or was canceled. - type: string - format: google-datetime - UpdateAuthorizedViewMetadata: - id: UpdateAuthorizedViewMetadata - description: >- - Metadata for the google.longrunning.Operation returned by - UpdateAuthorizedView. + permissions: + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + type: array + items: + type: string + TableStats: type: object + description: >- + Approximate statistics related to a table. These statistics are + calculated infrequently, while simultaneously, data in the table can + change rapidly. Thus the values reported here (e.g. row count) are very + likely out-of date, even the instant they are received in this API. + Thus, only treat these values as approximate. IMPORTANT: Everything + below is approximate, unless otherwise specified. properties: - originalRequest: + averageColumnsPerRow: + type: number + format: double description: >- - The request that prompted the initiation of this - UpdateAuthorizedView operation. - $ref: '#/components/schemas/UpdateAuthorizedViewRequest' - requestTime: - description: The time at which the original request was received. + How many (column family, column qualifier) combinations are present + per row in the table, averaged over all rows in the table. e.g. A + table with 2 rows: * A row with cells in "family:col" and + "other:col" (2 distinct columns) * A row with cells in "family:col", + "family:other_col", and "other:data" (3 distinct columns) would + report (2 + 3)/2 = 2.5 in this field. + logicalDataBytes: + format: int64 + description: >- + This is roughly how many bytes would be needed to read the entire + table (e.g. by streaming all contents out). type: string - format: google-datetime - finishTime: + averageCellsPerColumn: description: >- - The time at which the operation failed or was completed - successfully. + How many cells are present per column (column family, column + qualifier) combinations, averaged over all columns in all rows in + the table. e.g. A table with 2 rows: * A row with 3 cells in + "family:col" and 1 cell in "other:col" (4 cells / 2 columns) * A row + with 1 cell in "family:col", 7 cells in "family:other_col", and 7 + cells in "other:data" (15 cells / 3 columns) would report (4 + + 15)/(2 + 3) = 3.8 in this field. + type: number + format: double + rowCount: type: string - format: google-datetime - UpdateAuthorizedViewRequest: - id: UpdateAuthorizedViewRequest - description: The request for UpdateAuthorizedView. - type: object + description: How many rows are in the table. + format: int64 + id: TableStats + DropRowRangeRequest: properties: - authorizedView: - description: >- - Required. The AuthorizedView to update. The `name` in - `authorized_view` is used to identify the AuthorizedView. - AuthorizedView name must in this format: - `projects/{project}/instances/{instance}/tables/{table}/authorizedViews/{authorized_view}`. - $ref: '#/components/schemas/AuthorizedView' - updateMask: - description: >- - Optional. The list of fields to update. A mask specifying which - fields in the AuthorizedView resource should be updated. This mask - is relative to the AuthorizedView resource, not to the request - message. A field will be overwritten if it is in the mask. If empty, - all fields set in the request will be overwritten. A special value - `*` means to overwrite all fields (including fields not set in the - request). + rowKeyPrefix: type: string - format: google-fieldmask - ignoreWarnings: + format: byte description: >- - Optional. If true, ignore the safety checks when updating the - AuthorizedView. + Delete all rows that start with this row key prefix. Prefix cannot + be zero length. + deleteAllDataFromTable: type: boolean - CreateSchemaBundleMetadata: - id: CreateSchemaBundleMetadata - description: The metadata for the Operation returned by CreateSchemaBundle. + description: Delete all rows in the table. Setting this to false is a no-op. + description: >- + Request message for + google.bigtable.admin.v2.BigtableTableAdmin.DropRowRange + id: DropRowRangeRequest + type: object + ListLogicalViewsResponse: + description: Response message for BigtableInstanceAdmin.ListLogicalViews. type: object + id: ListLogicalViewsResponse properties: - name: + nextPageToken: description: >- - The unique name identifying this schema bundle. Values are of the - form - `projects/{project}/instances/{instance}/tables/{table}/schemaBundles/{schema_bundle}` - type: string - startTime: - description: The time at which this operation started. - type: string - format: google-datetime - endTime: - description: If set, the time at which this operation finished or was canceled. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - format: google-datetime - UpdateSchemaBundleMetadata: - id: UpdateSchemaBundleMetadata - description: The metadata for the Operation returned by UpdateSchemaBundle. + logicalViews: + items: + $ref: '#/components/schemas/LogicalView' + description: The list of requested logical views. + type: array + GoogleBigtableAdminV2TypeStruct: + properties: + fields: + description: The names and types of the fields in this struct. + type: array + items: + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeStructField' + encoding: + $ref: '#/components/schemas/GoogleBigtableAdminV2TypeStructEncoding' + description: The encoding to use when converting to or from lower level types. + id: GoogleBigtableAdminV2TypeStruct + type: object + description: >- + A structured data value, consisting of fields which map to dynamically + typed values. Values of type `Struct` are stored in `Value.array_value` + where entries are in the same order and number as `field_types`. + Expr: + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. type: object + id: Expr properties: - name: - description: >- - The unique name identifying this schema bundle. Values are of the - form - `projects/{project}/instances/{instance}/tables/{table}/schemaBundles/{schema_bundle}` - type: string - startTime: - description: The time at which this operation started. + expression: type: string - format: google-datetime - endTime: - description: If set, the time at which this operation finished or was canceled. + description: >- + Textual representation of an expression in Common Expression + Language syntax. + title: type: string - format: google-datetime - CreateLogicalViewMetadata: - id: CreateLogicalViewMetadata - description: The metadata for the Operation returned by CreateLogicalView. - type: object - properties: - originalRequest: description: >- - The request that prompted the initiation of this CreateLogicalView - operation. - $ref: '#/components/schemas/CreateLogicalViewRequest' - startTime: - description: The time at which this operation started. + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + location: type: string - format: google-datetime - endTime: - description: If set, the time at which this operation finished or was canceled. + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + description: type: string - format: google-datetime - CreateLogicalViewRequest: - id: CreateLogicalViewRequest - description: Request message for BigtableInstanceAdmin.CreateLogicalView. - type: object + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + Instance: properties: - parent: + satisfiesPzi: + readOnly: true + type: boolean + description: Output only. Reserved for future use. + state: + enumDescriptions: + - The state of the instance could not be determined. + - >- + The instance has been successfully created and can serve requests + to its tables. + - >- + The instance is currently being created, and may be destroyed if + the creation process encounters an error. + readOnly: true + description: Output only. The current state of the instance. + type: string + enum: + - STATE_NOT_KNOWN + - READY + - CREATING + tags: description: >- - Required. The parent instance where this logical view will be - created. Format: `projects/{project}/instances/{instance}`. + Optional. Input only. Immutable. Tag keys/values directly bound to + this resource. For example: - "123/environment": "production", - + "123/costCenter": "marketing" Tags and Labels (above) are both used + to bind metadata to resources, with different use-cases. See + https://cloud.google.com/resource-manager/docs/tags/tags-overview + for an in-depth overview on the difference between tags and labels. + additionalProperties: + type: string + type: object + displayName: type: string - logicalViewId: description: >- - Required. The ID to use for the logical view, which will become the - final component of the logical view's resource name. + Required. The descriptive name for this instance as it appears in + UIs. Can be changed at any time, but should be kept globally unique + to avoid confusion. + type: + enum: + - TYPE_UNSPECIFIED + - PRODUCTION + - DEVELOPMENT + enumDescriptions: + - >- + The type of the instance is unspecified. If set when creating an + instance, a `PRODUCTION` instance will be created. If set when + updating an instance, the type will be left unchanged. + - >- + An instance meant for production use. `serve_nodes` must be set on + the cluster. + - >- + DEPRECATED: Prefer PRODUCTION for all use cases, as it no longer + enforces a higher minimum node count than DEVELOPMENT. type: string - logicalView: - description: Required. The logical view to create. - $ref: '#/components/schemas/LogicalView' - UpdateLogicalViewMetadata: - id: UpdateLogicalViewMetadata - description: The metadata for the Operation returned by UpdateLogicalView. - type: object - properties: - originalRequest: + description: The type of the instance. Defaults to `PRODUCTION`. + labels: + description: >- + Labels are a flexible and lightweight mechanism for organizing cloud + resources into groups that reflect a customer's organizational needs + and deployment strategies. They can be used to filter resources and + aggregate metrics. * Label keys must be between 1 and 63 characters + long and must conform to the regular expression: + `\p{Ll}\p{Lo}{0,62}`. * Label values must be between 0 and 63 + characters long and must conform to the regular expression: + `[\p{Ll}\p{Lo}\p{N}_-]{0,63}`. * No more than 64 labels can be + associated with a given resource. * Keys and values must both be + under 128 bytes. + type: object + additionalProperties: + type: string + satisfiesPzs: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + createTime: + readOnly: true description: >- - The request that prompted the initiation of this UpdateLogicalView - operation. - $ref: '#/components/schemas/UpdateLogicalViewRequest' - startTime: - description: The time at which this operation was started. - type: string - format: google-datetime - endTime: - description: If set, the time at which this operation finished or was canceled. + Output only. A commit timestamp representing when this Instance was + created. For instances created before this field was added (August + 2021), this value is `seconds: 0, nanos: 1`. type: string format: google-datetime - UpdateLogicalViewRequest: - id: UpdateLogicalViewRequest - description: Request message for BigtableInstanceAdmin.UpdateLogicalView. - type: object - properties: - logicalView: + name: description: >- - Required. The logical view to update. The logical view's `name` - field is used to identify the view to update. Format: - `projects/{project}/instances/{instance}/logicalViews/{logical_view}`. - $ref: '#/components/schemas/LogicalView' - updateMask: - description: Optional. The list of fields to update. + The unique name of the instance. Values are of the form + `projects/{project}/instances/a-z+[a-z0-9]`. type: string - format: google-fieldmask - CreateMaterializedViewMetadata: - id: CreateMaterializedViewMetadata - description: The metadata for the Operation returned by CreateMaterializedView. + id: Instance + description: >- + A collection of Bigtable Tables and the resources that serve them. All + tables in an instance are served from all Clusters in the instance. type: object + ListHotTabletsResponse: + id: ListHotTabletsResponse properties: - originalRequest: + hotTablets: + type: array + items: + $ref: '#/components/schemas/HotTablet' description: >- - The request that prompted the initiation of this - CreateMaterializedView operation. - $ref: '#/components/schemas/CreateMaterializedViewRequest' - startTime: - description: The time at which this operation started. - type: string - format: google-datetime - endTime: - description: If set, the time at which this operation finished or was canceled. + List of hot tablets in the tables of the requested cluster that fall + within the requested time range. Hot tablets are ordered by node cpu + usage percent. If there are multiple hot tablets that correspond to + the same tablet within a 15-minute interval, only the hot tablet + with the highest node cpu usage will be included in the response. + nextPageToken: + description: >- + Set if not all hot tablets could be returned in a single response. + Pass this value to `page_token` in another request to get the next + page of results. type: string - format: google-datetime - CreateMaterializedViewRequest: - id: CreateMaterializedViewRequest - description: Request message for BigtableInstanceAdmin.CreateMaterializedView. type: object + description: Response message for BigtableInstanceAdmin.ListHotTablets. + AuditConfig: + type: object + id: AuditConfig + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. properties: - parent: - description: >- - Required. The parent instance where this materialized view will be - created. Format: `projects/{project}/instances/{instance}`. - type: string - materializedViewId: + service: description: >- - Required. The ID to use for the materialized view, which will become - the final component of the materialized view's resource name. + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. type: string - materializedView: - description: Required. The materialized view to create. - $ref: '#/components/schemas/MaterializedView' + auditLogConfigs: + items: + $ref: '#/components/schemas/AuditLogConfig' + description: The configuration for logging of each type of permission. + type: array parameters: + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string access_token: description: OAuth access token. in: query name: access_token schema: type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string alt: description: Data format for response. in: query @@ -3267,39 +3433,27 @@ components: - json - media - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: fields + name: prettyPrint schema: - type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + type: boolean + _.xgafv: + description: V1 error format. in: query - name: key + name: $.xgafv schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + enum: + - '1' + - '2' + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: oauth_token + name: uploadType schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -3309,486 +3463,439 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: upload_protocol + name: key schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: uploadType + name: fields schema: type: string - _.xgafv: - description: V1 error format. + callback: + description: JSONP in: query - name: $.xgafv + name: callback schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: operations: id: google.bigtableadmin.operations name: operations title: Operations methods: - get: + list: operation: - $ref: '#/paths/~1v2~1operations~1{operationsId}/get' + $ref: '#/paths/~1v2~1operations~1projects~1{projectsId}~1operations/get' response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.operations + get: operation: - $ref: '#/paths/~1v2~1operations~1projects~1{projectsId}~1operations/get' + $ref: '#/paths/~1v2~1operations~1{operationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - $ref: '#/components/x-stackQL-resources/operations/methods/list' + - $ref: '#/components/x-stackQL-resources/operations/methods/get' insert: [] update: [] replace: [] delete: [] - instances: - id: google.bigtableadmin.instances - name: instances - title: Instances + tables: + id: google.bigtableadmin.tables + name: tables + title: Tables methods: - create: - operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1instances/post' - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1instances/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.instances - get: - operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - update: + patch: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}/put' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}/patch response: mediaType: application/json openAPIDocKey: '200' - partial_update_instance: + delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}/patch + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}/delete + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/instances/methods/get' - - $ref: '#/components/x-stackQL-resources/instances/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/instances/methods/create' - update: [] - replace: - - $ref: '#/components/x-stackQL-resources/instances/methods/update' - delete: - - $ref: '#/components/x-stackQL-resources/instances/methods/delete' - instances_iam_policies: - id: google.bigtableadmin.instances_iam_policies - name: instances_iam_policies - title: Instances_iam_policies - methods: - get_iam_policy: + restore: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}:getIamPolicy/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables:restore/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - set_iam_policy: + undelete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}:setIamPolicy/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}:undelete/post response: mediaType: application/json openAPIDocKey: '200' - test_iam_permissions: + generate_consistency_token: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}:testIamPermissions/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}:generateConsistencyToken/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/instances_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/instances_iam_policies/methods/set_iam_policy - delete: [] - clusters: - id: google.bigtableadmin.clusters - name: clusters - title: Clusters - methods: create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters/get + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.clusters - get: + objectKey: $.tables + drop_row_range: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}/get + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}:dropRowRange/post response: mediaType: application/json openAPIDocKey: '200' - update: + check_consistency: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}/put + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}:checkConsistency/post response: mediaType: application/json openAPIDocKey: '200' - partial_update_cluster: + modify_column_families: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}/patch + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}:modifyColumnFamilies/post response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/tables/methods/get' + - $ref: '#/components/x-stackQL-resources/tables/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/tables/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/tables/methods/patch' + replace: [] delete: + - $ref: '#/components/x-stackQL-resources/tables/methods/delete' + tables_iam_policies: + id: google.bigtableadmin.tables_iam_policies + name: tables_iam_policies + title: Tables_iam_policies + methods: + test_iam_permissions: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}/delete + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/clusters/methods/get' - - $ref: '#/components/x-stackQL-resources/clusters/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/clusters/methods/create' - update: [] - replace: - - $ref: '#/components/x-stackQL-resources/clusters/methods/update' - delete: - - $ref: '#/components/x-stackQL-resources/clusters/methods/delete' - hot_tablets: - id: google.bigtableadmin.hot_tablets - name: hot_tablets - title: Hot_tablets - methods: - list: + get_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1hotTablets/get + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}:getIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + set_iam_policy: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.hotTablets sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/hot_tablets/methods/list' + - $ref: >- + #/components/x-stackQL-resources/tables_iam_policies/methods/get_iam_policy insert: [] update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/tables_iam_policies/methods/set_iam_policy delete: [] - backups: - id: google.bigtableadmin.backups - name: backups - title: Backups + authorized_views: + id: google.bigtableadmin.authorized_views + name: authorized_views + title: Authorized_views methods: - create: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups/post - response: - mediaType: application/json - openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups/get + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1authorizedViews/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.backups - get: + objectKey: $.authorizedViews + create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups~1{backupsId}/get + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1authorizedViews/post response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups~1{backupsId}/patch + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1authorizedViews~1{authorizedViewsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups~1{backupsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1authorizedViews~1{authorizedViewsId}/patch response: mediaType: application/json openAPIDocKey: '200' - copy: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups:copy/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1authorizedViews~1{authorizedViewsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/backups/methods/get' - - $ref: '#/components/x-stackQL-resources/backups/methods/list' + - $ref: '#/components/x-stackQL-resources/authorized_views/methods/get' + - $ref: '#/components/x-stackQL-resources/authorized_views/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/backups/methods/create' + - $ref: '#/components/x-stackQL-resources/authorized_views/methods/create' update: - - $ref: '#/components/x-stackQL-resources/backups/methods/patch' + - $ref: '#/components/x-stackQL-resources/authorized_views/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/backups/methods/delete' - backups_iam_policies: - id: google.bigtableadmin.backups_iam_policies - name: backups_iam_policies - title: Backups_iam_policies + - $ref: '#/components/x-stackQL-resources/authorized_views/methods/delete' + authorized_views_iam_policies: + id: google.bigtableadmin.authorized_views_iam_policies + name: authorized_views_iam_policies + title: Authorized_views_iam_policies methods: - get_iam_policy: + set_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups~1{backupsId}:getIamPolicy/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1authorizedViews~1{authorizedViewsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - set_iam_policy: + test_iam_permissions: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups~1{backupsId}:setIamPolicy/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1authorizedViews~1{authorizedViewsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - test_iam_permissions: + get_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups~1{backupsId}:testIamPermissions/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1authorizedViews~1{authorizedViewsId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/backups_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/authorized_views_iam_policies/methods/get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/backups_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/authorized_views_iam_policies/methods/set_iam_policy delete: [] - app_profiles: - id: google.bigtableadmin.app_profiles - name: app_profiles - title: App_profiles + schema_bundles_iam_policies: + id: google.bigtableadmin.schema_bundles_iam_policies + name: schema_bundles_iam_policies + title: Schema_bundles_iam_policies methods: - create: + get_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1appProfiles/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1schemaBundles~1{schemaBundlesId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.bindings + test_iam_permissions: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1appProfiles/get + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1schemaBundles~1{schemaBundlesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.appProfiles - get: + set_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1appProfiles~1{appProfilesId}/get + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1schemaBundles~1{schemaBundlesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - patch: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/schema_bundles_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/schema_bundles_iam_policies/methods/set_iam_policy + delete: [] + schema_bundles: + id: google.bigtableadmin.schema_bundles + name: schema_bundles + title: Schema_bundles + methods: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1appProfiles~1{appProfilesId}/patch + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1schemaBundles~1{schemaBundlesId}/get response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1appProfiles~1{appProfilesId}/delete + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1schemaBundles~1{schemaBundlesId}/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/app_profiles/methods/get' - - $ref: '#/components/x-stackQL-resources/app_profiles/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/app_profiles/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/app_profiles/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/app_profiles/methods/delete' - materialized_views_iam_policies: - id: google.bigtableadmin.materialized_views_iam_policies - name: materialized_views_iam_policies - title: Materialized_views_iam_policies - methods: - get_iam_policy: + patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1materializedViews~1{materializedViewsId}:getIamPolicy/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1schemaBundles~1{schemaBundlesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - set_iam_policy: + create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1materializedViews~1{materializedViewsId}:setIamPolicy/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1schemaBundles/post response: mediaType: application/json openAPIDocKey: '200' - test_iam_permissions: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1materializedViews~1{materializedViewsId}:testIamPermissions/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1schemaBundles/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.schemaBundles sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/materialized_views_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/materialized_views_iam_policies/methods/set_iam_policy - delete: [] - materialized_views: - id: google.bigtableadmin.materialized_views - name: materialized_views - title: Materialized_views + - $ref: '#/components/x-stackQL-resources/schema_bundles/methods/get' + - $ref: '#/components/x-stackQL-resources/schema_bundles/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/schema_bundles/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/schema_bundles/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/schema_bundles/methods/delete' + logical_views: + id: google.bigtableadmin.logical_views + name: logical_views + title: Logical_views methods: - create: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1materializedViews/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1logicalViews~1{logicalViewsId}/get response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1materializedViews/get + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1logicalViews~1{logicalViewsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.materializedViews - get: + delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1materializedViews~1{materializedViewsId}/get + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1logicalViews~1{logicalViewsId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1materializedViews~1{materializedViewsId}/patch + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1logicalViews/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.logicalViews + create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1materializedViews~1{materializedViewsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1logicalViews/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/materialized_views/methods/get' - - $ref: '#/components/x-stackQL-resources/materialized_views/methods/list' + - $ref: '#/components/x-stackQL-resources/logical_views/methods/get' + - $ref: '#/components/x-stackQL-resources/logical_views/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/materialized_views/methods/create' + - $ref: '#/components/x-stackQL-resources/logical_views/methods/create' update: - - $ref: '#/components/x-stackQL-resources/materialized_views/methods/patch' + - $ref: '#/components/x-stackQL-resources/logical_views/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/materialized_views/methods/delete' + - $ref: '#/components/x-stackQL-resources/logical_views/methods/delete' logical_views_iam_policies: id: google.bigtableadmin.logical_views_iam_policies name: logical_views_iam_policies title: Logical_views_iam_policies methods: - get_iam_policy: + test_iam_permissions: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1logicalViews~1{logicalViewsId}:getIamPolicy/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1logicalViews~1{logicalViewsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - set_iam_policy: + get_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1logicalViews~1{logicalViewsId}:setIamPolicy/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1logicalViews~1{logicalViewsId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - test_iam_permissions: + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1logicalViews~1{logicalViewsId}:testIamPermissions/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1logicalViews~1{logicalViewsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' @@ -3802,367 +3909,414 @@ components: - $ref: >- #/components/x-stackQL-resources/logical_views_iam_policies/methods/set_iam_policy delete: [] - logical_views: - id: google.bigtableadmin.logical_views - name: logical_views - title: Logical_views + app_profiles: + id: google.bigtableadmin.app_profiles + name: app_profiles + title: App_profiles methods: - create: + delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1logicalViews/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1appProfiles~1{appProfilesId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1logicalViews/get + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1appProfiles~1{appProfilesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.logicalViews get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1logicalViews~1{logicalViewsId}/get + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1appProfiles~1{appProfilesId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1logicalViews~1{logicalViewsId}/patch + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1appProfiles/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.appProfiles + create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1logicalViews~1{logicalViewsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1appProfiles/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/logical_views/methods/get' - - $ref: '#/components/x-stackQL-resources/logical_views/methods/list' + - $ref: '#/components/x-stackQL-resources/app_profiles/methods/get' + - $ref: '#/components/x-stackQL-resources/app_profiles/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/logical_views/methods/create' + - $ref: '#/components/x-stackQL-resources/app_profiles/methods/create' update: - - $ref: '#/components/x-stackQL-resources/logical_views/methods/patch' + - $ref: '#/components/x-stackQL-resources/app_profiles/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/logical_views/methods/delete' - tables: - id: google.bigtableadmin.tables - name: tables - title: Tables + - $ref: '#/components/x-stackQL-resources/app_profiles/methods/delete' + clusters: + id: google.bigtableadmin.clusters + name: clusters + title: Clusters methods: create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables/get + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.clusters + delete: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tables get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}/get + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + update: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}/patch + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}/put response: mediaType: application/json openAPIDocKey: '200' - delete: + partial_update_cluster: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}/delete + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}/patch response: mediaType: application/json openAPIDocKey: '200' - undelete: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/clusters/methods/get' + - $ref: '#/components/x-stackQL-resources/clusters/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/clusters/methods/create' + update: [] + replace: + - $ref: '#/components/x-stackQL-resources/clusters/methods/update' + delete: + - $ref: '#/components/x-stackQL-resources/clusters/methods/delete' + backups: + id: google.bigtableadmin.backups + name: backups + title: Backups + methods: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}:undelete/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups/get response: mediaType: application/json openAPIDocKey: '200' - modify_column_families: + objectKey: $.backups + create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}:modifyColumnFamilies/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups/post response: mediaType: application/json openAPIDocKey: '200' - drop_row_range: + delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}:dropRowRange/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups~1{backupsId}/delete response: mediaType: application/json openAPIDocKey: '200' - generate_consistency_token: + patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}:generateConsistencyToken/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups~1{backupsId}/patch response: mediaType: application/json openAPIDocKey: '200' - check_consistency: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}:checkConsistency/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups~1{backupsId}/get response: mediaType: application/json openAPIDocKey: '200' - restore: + copy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables:restore/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups:copy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/tables/methods/get' - - $ref: '#/components/x-stackQL-resources/tables/methods/list' + - $ref: '#/components/x-stackQL-resources/backups/methods/get' + - $ref: '#/components/x-stackQL-resources/backups/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/tables/methods/create' + - $ref: '#/components/x-stackQL-resources/backups/methods/create' update: - - $ref: '#/components/x-stackQL-resources/tables/methods/patch' + - $ref: '#/components/x-stackQL-resources/backups/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/tables/methods/delete' - tables_iam_policies: - id: google.bigtableadmin.tables_iam_policies - name: tables_iam_policies - title: Tables_iam_policies + - $ref: '#/components/x-stackQL-resources/backups/methods/delete' + backups_iam_policies: + id: google.bigtableadmin.backups_iam_policies + name: backups_iam_policies + title: Backups_iam_policies methods: - get_iam_policy: + test_iam_permissions: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}:getIamPolicy/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups~1{backupsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings set_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}:setIamPolicy/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups~1{backupsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - test_iam_permissions: + get_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}:testIamPermissions/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1backups~1{backupsId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/tables_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/backups_iam_policies/methods/get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/tables_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/backups_iam_policies/methods/set_iam_policy delete: [] - authorized_views: - id: google.bigtableadmin.authorized_views - name: authorized_views - title: Authorized_views + hot_tablets: + id: google.bigtableadmin.hot_tablets + name: hot_tablets + title: Hot_tablets methods: - create: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1authorizedViews/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1clusters~1{clustersId}~1hotTablets/get response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.hotTablets + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/hot_tablets/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + materialized_views: + id: google.bigtableadmin.materialized_views + name: materialized_views + title: Materialized_views + methods: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1authorizedViews/get + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1materializedViews~1{materializedViewsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.authorizedViews - get: + patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1authorizedViews~1{authorizedViewsId}/get + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1materializedViews~1{materializedViewsId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1authorizedViews~1{authorizedViewsId}/patch + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1materializedViews~1{materializedViewsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1authorizedViews~1{authorizedViewsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1materializedViews/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1materializedViews/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.materializedViews sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/authorized_views/methods/get' - - $ref: '#/components/x-stackQL-resources/authorized_views/methods/list' + - $ref: '#/components/x-stackQL-resources/materialized_views/methods/get' + - $ref: '#/components/x-stackQL-resources/materialized_views/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/authorized_views/methods/create' + - $ref: '#/components/x-stackQL-resources/materialized_views/methods/create' update: - - $ref: '#/components/x-stackQL-resources/authorized_views/methods/patch' + - $ref: '#/components/x-stackQL-resources/materialized_views/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/authorized_views/methods/delete' - authorized_views_iam_policies: - id: google.bigtableadmin.authorized_views_iam_policies - name: authorized_views_iam_policies - title: Authorized_views_iam_policies + - $ref: '#/components/x-stackQL-resources/materialized_views/methods/delete' + materialized_views_iam_policies: + id: google.bigtableadmin.materialized_views_iam_policies + name: materialized_views_iam_policies + title: Materialized_views_iam_policies methods: - get_iam_policy: + set_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1authorizedViews~1{authorizedViewsId}:getIamPolicy/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1materializedViews~1{materializedViewsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - set_iam_policy: + get_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1authorizedViews~1{authorizedViewsId}:setIamPolicy/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1materializedViews~1{materializedViewsId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings test_iam_permissions: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1authorizedViews~1{authorizedViewsId}:testIamPermissions/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1materializedViews~1{materializedViewsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/authorized_views_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/materialized_views_iam_policies/methods/get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/authorized_views_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/materialized_views_iam_policies/methods/set_iam_policy delete: [] - schema_bundles_iam_policies: - id: google.bigtableadmin.schema_bundles_iam_policies - name: schema_bundles_iam_policies - title: Schema_bundles_iam_policies + instances: + id: google.bigtableadmin.instances + name: instances + title: Instances methods: - get_iam_policy: + list: operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1schemaBundles~1{schemaBundlesId}:getIamPolicy/post + $ref: '#/paths/~1v2~1projects~1{projectsId}~1instances/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - set_iam_policy: + objectKey: $.instances + create: operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1schemaBundles~1{schemaBundlesId}:setIamPolicy/post + $ref: '#/paths/~1v2~1projects~1{projectsId}~1instances/post' response: mediaType: application/json openAPIDocKey: '200' - test_iam_permissions: + get: operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1schemaBundles~1{schemaBundlesId}:testIamPermissions/post + $ref: '#/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}/get' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/schema_bundles_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/schema_bundles_iam_policies/methods/set_iam_policy - delete: [] - schema_bundles: - id: google.bigtableadmin.schema_bundles - name: schema_bundles - title: Schema_bundles - methods: - create: + update: + operation: + $ref: '#/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}/put' + response: + mediaType: application/json + openAPIDocKey: '200' + delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1schemaBundles/post + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + partial_update_instance: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1schemaBundles/get + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.schemaBundles - patch: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/instances/methods/get' + - $ref: '#/components/x-stackQL-resources/instances/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/instances/methods/create' + update: [] + replace: + - $ref: '#/components/x-stackQL-resources/instances/methods/update' + delete: + - $ref: '#/components/x-stackQL-resources/instances/methods/delete' + instances_iam_policies: + id: google.bigtableadmin.instances_iam_policies + name: instances_iam_policies + title: Instances_iam_policies + methods: + get_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1schemaBundles~1{schemaBundlesId}/patch + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - get: + objectKey: $.bindings + test_iam_permissions: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1schemaBundles~1{schemaBundlesId}/get + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - delete: + set_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}~1tables~1{tablesId}~1schemaBundles~1{schemaBundlesId}/delete + #/paths/~1v2~1projects~1{projectsId}~1instances~1{instancesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/schema_bundles/methods/get' - - $ref: '#/components/x-stackQL-resources/schema_bundles/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/schema_bundles/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/schema_bundles/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/schema_bundles/methods/delete' + - $ref: >- + #/components/x-stackQL-resources/instances_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/instances_iam_policies/methods/set_iam_policy + delete: [] locations: id: google.bigtableadmin.locations name: locations @@ -4183,25 +4337,24 @@ components: replace: [] delete: [] paths: - /v2/operations/{operationsId}: + /v2/operations/projects/{projectsId}/operations: parameters: &ref_1 + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/callback' get: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: bigtableadmin.operations.get + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: bigtableadmin.operations.projects.operations.list security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -4237,20 +4390,38 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path - name: operationsId + name: projectsId required: true schema: type: string - /v2/operations/projects/{projectsId}/operations: + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/operations/{operationsId}: parameters: *ref_1 get: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: bigtableadmin.operations.projects.operations.list + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: bigtableadmin.operations.get security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -4286,63 +4457,40 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: operationsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v2/projects/{projectsId}/instances: + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}: parameters: *ref_1 - post: - description: >- - Create an instance within a project. Note that exactly one of - Cluster.serve_nodes and - Cluster.cluster_config.cluster_autoscaling_config can be set. If - serve_nodes is set to non-zero, then the cluster is manually scaled. If - cluster_config.cluster_autoscaling_config is non-empty, then autoscaling - is enabled. - operationId: bigtableadmin.projects.instances.create + patch: + description: Updates a specified table. + operationId: bigtableadmin.projects.instances.tables.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/CreateInstanceRequest' + $ref: '#/components/schemas/Table' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4360,81 +4508,92 @@ paths: required: true schema: type: string - get: - description: Lists information about instances in a project. - operationId: bigtableadmin.projects.instances.list + - in: path + name: instancesId + required: true + schema: + type: string + - in: path + name: tablesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: ignoreWarnings + schema: + type: boolean + delete: + description: Permanently deletes a specified table and all of its data. + operationId: bigtableadmin.projects.instances.tables.delete security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListInstancesResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: pageToken + - in: path + name: instancesId + required: true + schema: + type: string + - in: path + name: tablesId + required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}: - parameters: *ref_1 get: - description: Gets information about an instance. - operationId: bigtableadmin.projects.instances.get + description: Gets metadata information about the specified table. + operationId: bigtableadmin.projects.instances.tables.get security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4449,7 +4608,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Instance' + $ref: '#/components/schemas/Table' parameters: - in: path name: projectsId @@ -4461,38 +4620,46 @@ paths: required: true schema: type: string - put: + - in: path + name: tablesId + required: true + schema: + type: string + - in: query + name: view + schema: + type: string + /v2/projects/{projectsId}/instances/{instancesId}/tables:restore: + parameters: *ref_1 + post: description: >- - Updates an instance within a project. This method updates only the - display name and type for an Instance. To update other Instance - properties, such as labels, use PartialUpdateInstance. - operationId: bigtableadmin.projects.instances.update + Create a new table by restoring from a completed backup. The returned + table long-running operation can be used to track the progress of the + operation, and to cancel it. The metadata field type is + RestoreTableMetadata. The response type is Table, if successful. + operationId: bigtableadmin.projects.instances.tables.restore requestBody: content: application/json: schema: - $ref: '#/components/schemas/Instance' + $ref: '#/components/schemas/RestoreTableRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4503,7 +4670,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Instance' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4515,38 +4682,33 @@ paths: required: true schema: type: string - patch: - description: >- - Partially updates an instance within a project. This method can modify - all fields of an Instance and is the preferred way to update an - Instance. - operationId: bigtableadmin.projects.instances.partialUpdateInstance + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}:undelete: + parameters: *ref_1 + post: + description: Restores a specified table which was accidentally deleted. + operationId: bigtableadmin.projects.instances.tables.undelete requestBody: content: application/json: schema: - $ref: '#/components/schemas/Instance' + $ref: '#/components/schemas/UndeleteTableRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4569,35 +4731,40 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: tablesId + required: true schema: type: string - format: google-fieldmask - delete: - description: Delete an instance from a project. - operationId: bigtableadmin.projects.instances.delete + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that the caller has on the specified Bigtable + resource. + operationId: bigtableadmin.projects.instances.tables.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4608,7 +4775,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -4620,39 +4787,42 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}:getIamPolicy: + - in: path + name: tablesId + required: true + schema: + type: string + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}:generateConsistencyToken: parameters: *ref_1 post: description: >- - Gets the access control policy for an instance resource. Returns an - empty policy if an instance exists but does not have a policy set. - operationId: bigtableadmin.projects.instances.getIamPolicy + Generates a consistency token for a Table, which can be used in + CheckConsistency to check whether mutations to the table that finished + before this call started have been replicated. The tokens will be + available for 90 days. + operationId: bigtableadmin.projects.instances.tables.generateConsistencyToken requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/GenerateConsistencyTokenRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4663,7 +4833,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/GenerateConsistencyTokenResponse' parameters: - in: path name: projectsId @@ -4675,39 +4845,40 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}:setIamPolicy: + - in: path + name: tablesId + required: true + schema: + type: string + /v2/projects/{projectsId}/instances/{instancesId}/tables: parameters: *ref_1 post: description: >- - Sets the access control policy on an instance resource. Replaces any - existing policy. - operationId: bigtableadmin.projects.instances.setIamPolicy + Creates a new table in the specified instance. The table can be created + with a full set of initial column families, specified in the request. + operationId: bigtableadmin.projects.instances.tables.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/CreateTableRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4718,7 +4889,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Table' parameters: - in: path name: projectsId @@ -4730,50 +4901,41 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns permissions that the caller has on the specified instance - resource. - operationId: bigtableadmin.projects.instances.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + get: + description: Lists all tables served from a specified instance. + operationId: bigtableadmin.projects.instances.tables.list security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ListTablesResponse' parameters: - in: path name: projectsId @@ -4785,43 +4947,52 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/clusters: - parameters: *ref_1 - post: - description: >- - Creates a cluster within an instance. Note that exactly one of - Cluster.serve_nodes and - Cluster.cluster_config.cluster_autoscaling_config can be set. If - serve_nodes is set to non-zero, then the cluster is manually scaled. If - cluster_config.cluster_autoscaling_config is non-empty, then autoscaling - is enabled. - operationId: bigtableadmin.projects.instances.clusters.create + - in: query + name: view + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}:dropRowRange: + parameters: *ref_1 + post: + description: >- + Permanently drop/delete a row range from a specified table. The request + can specify whether to delete all rows in a table, or only those that + match a particular prefix. Note that row key prefixes used here are + treated as service data. For more information about how service data is + handled, see the [Google Cloud Privacy + Notice](https://cloud.google.com/terms/cloud-privacy-notice). + operationId: bigtableadmin.projects.instances.tables.dropRowRange requestBody: content: application/json: schema: - $ref: '#/components/schemas/Cluster' + $ref: '#/components/schemas/DropRowRangeRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4832,7 +5003,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -4844,49 +5015,51 @@ paths: required: true schema: type: string - - in: query - name: clusterId + - in: path + name: tablesId + required: true schema: type: string - get: - description: Lists information about clusters in an instance. - operationId: bigtableadmin.projects.instances.clusters.list + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}:getIamPolicy: + parameters: *ref_1 + post: + description: >- + Gets the access control policy for a Bigtable resource. Returns an empty + policy if the resource exists but does not have a policy set. + operationId: bigtableadmin.projects.instances.tables.getIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListClustersResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -4898,51 +5071,52 @@ paths: required: true schema: type: string - - in: query - name: pageToken + - in: path + name: tablesId + required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/clusters/{clustersId}: + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}:checkConsistency: parameters: *ref_1 - get: - description: Gets information about a cluster. - operationId: bigtableadmin.projects.instances.clusters.get + post: + description: >- + Checks replication consistency based on a consistency token, that is, if + replication has caught up based on the conditions specified in the token + and the check request. + operationId: bigtableadmin.projects.instances.tables.checkConsistency + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CheckConsistencyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Cluster' + $ref: '#/components/schemas/CheckConsistencyResponse' parameters: - in: path name: projectsId @@ -4955,42 +5129,41 @@ paths: schema: type: string - in: path - name: clustersId + name: tablesId required: true schema: type: string - put: + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}:modifyColumnFamilies: + parameters: *ref_1 + post: description: >- - Updates a cluster within an instance. Note that UpdateCluster does not - support updating cluster_config.cluster_autoscaling_config. In order to - update it, you must use PartialUpdateCluster. - operationId: bigtableadmin.projects.instances.clusters.update + Performs a series of column family modifications on the specified table. + Either all or none of the modifications will occur before this method + returns, but data requests received prior to that point may see a table + where only some modifications have taken effect. + operationId: bigtableadmin.projects.instances.tables.modifyColumnFamilies requestBody: content: application/json: schema: - $ref: '#/components/schemas/Cluster' + $ref: '#/components/schemas/ModifyColumnFamiliesRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -5001,7 +5174,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Table' parameters: - in: path name: projectsId @@ -5014,48 +5187,39 @@ paths: schema: type: string - in: path - name: clustersId + name: tablesId required: true schema: type: string - patch: + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}:setIamPolicy: + parameters: *ref_1 + post: description: >- - Partially updates a cluster within a project. This method is the - preferred way to update a Cluster. To enable and update autoscaling, set - cluster_config.cluster_autoscaling_config. When autoscaling is enabled, - serve_nodes is treated as an OUTPUT_ONLY field, meaning that updates to - it are ignored. Note that an update cannot simultaneously set - serve_nodes to non-zero and cluster_config.cluster_autoscaling_config to - non-empty, and also specify both in the update_mask. To disable - autoscaling, clear cluster_config.cluster_autoscaling_config, and - explicitly set a serve_node count via the update_mask. - operationId: bigtableadmin.projects.instances.clusters.partialUpdateCluster + Sets the access control policy on a Bigtable resource. Replaces any + existing policy. + operationId: bigtableadmin.projects.instances.tables.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/Cluster' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -5066,7 +5230,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -5079,39 +5243,32 @@ paths: schema: type: string - in: path - name: clustersId + name: tablesId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a cluster from an instance. - operationId: bigtableadmin.projects.instances.clusters.delete + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/authorizedViews: + parameters: *ref_1 + get: + description: Lists all AuthorizedViews from a specific table. + operationId: bigtableadmin.projects.instances.tables.authorizedViews.list security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -5122,7 +5279,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListAuthorizedViewsResponse' parameters: - in: path name: projectsId @@ -5135,38 +5292,48 @@ paths: schema: type: string - in: path - name: clustersId + name: tablesId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/clusters/{clustersId}/hotTablets: - parameters: *ref_1 - get: - description: >- - Lists hot tablets in a cluster, within the time range provided. Hot - tablets are ordered based on CPU usage. - operationId: bigtableadmin.projects.instances.clusters.hotTablets.list + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: view + schema: + type: string + - in: query + name: pageToken + schema: + type: string + post: + description: Creates a new AuthorizedView in a table. + operationId: bigtableadmin.projects.instances.tables.authorizedViews.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthorizedView' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -5177,7 +5344,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListHotTabletsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5185,49 +5352,31 @@ paths: schema: type: string - in: path - name: instancesId - required: true - schema: - type: string - - in: path - name: clustersId - required: true - schema: - type: string - - in: query - name: startTime + name: instancesId + required: true schema: type: string - format: google-datetime - - in: query - name: endTime + - in: path + name: tablesId + required: true schema: type: string - format: google-datetime - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query - name: pageToken + name: authorizedViewId schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/clusters/{clustersId}/backups: + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/authorizedViews/{authorizedViewsId}:setIamPolicy: parameters: *ref_1 post: description: >- - Starts creating a new Cloud Bigtable Backup. The returned backup - long-running operation can be used to track creation of the backup. The - metadata field type is CreateBackupMetadata. The response field type is - Backup, if successful. Cancelling the returned operation will stop the - creation and delete the backup. - operationId: bigtableadmin.projects.instances.clusters.backups.create + Sets the access control policy on a Bigtable resource. Replaces any + existing policy. + operationId: bigtableadmin.projects.instances.tables.authorizedViews.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/Backup' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -5255,7 +5404,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -5268,19 +5417,28 @@ paths: schema: type: string - in: path - name: clustersId + name: tablesId required: true schema: type: string - - in: query - name: backupId + - in: path + name: authorizedViewsId + required: true schema: type: string - get: + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/authorizedViews/{authorizedViewsId}:testIamPermissions: + parameters: *ref_1 + post: description: >- - Lists Cloud Bigtable backups. Returns both completed and pending - backups. - operationId: bigtableadmin.projects.instances.clusters.backups.list + Returns permissions that the caller has on the specified Bigtable + resource. + operationId: >- + bigtableadmin.projects.instances.tables.authorizedViews.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -5308,7 +5466,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBackupsResponse' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -5321,32 +5479,20 @@ paths: schema: type: string - in: path - name: clustersId + name: tablesId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: authorizedViewsId + required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/clusters/{clustersId}/backups/{backupsId}: + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/authorizedViews/{authorizedViewsId}: parameters: *ref_1 - get: - description: Gets metadata on a pending or completed Cloud Bigtable Backup. - operationId: bigtableadmin.projects.instances.clusters.backups.get + delete: + description: Permanently deletes a specified AuthorizedView. + operationId: bigtableadmin.projects.instances.tables.authorizedViews.delete security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -5374,7 +5520,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Backup' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -5387,23 +5533,27 @@ paths: schema: type: string - in: path - name: clustersId + name: tablesId required: true schema: type: string - in: path - name: backupsId + name: authorizedViewsId required: true schema: type: string + - in: query + name: etag + schema: + type: string patch: - description: Updates a pending or completed Cloud Bigtable Backup. - operationId: bigtableadmin.projects.instances.clusters.backups.patch + description: Updates an AuthorizedView in a table. + operationId: bigtableadmin.projects.instances.tables.authorizedViews.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Backup' + $ref: '#/components/schemas/AuthorizedView' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -5431,7 +5581,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Backup' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5444,12 +5594,12 @@ paths: schema: type: string - in: path - name: clustersId + name: tablesId required: true schema: type: string - in: path - name: backupsId + name: authorizedViewsId required: true schema: type: string @@ -5458,9 +5608,13 @@ paths: schema: type: string format: google-fieldmask - delete: - description: Deletes a pending or completed Cloud Bigtable backup. - operationId: bigtableadmin.projects.instances.clusters.backups.delete + - in: query + name: ignoreWarnings + schema: + type: boolean + get: + description: Gets information from a specified AuthorizedView. + operationId: bigtableadmin.projects.instances.tables.authorizedViews.get security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -5488,7 +5642,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/AuthorizedView' parameters: - in: path name: projectsId @@ -5501,27 +5655,31 @@ paths: schema: type: string - in: path - name: clustersId + name: tablesId required: true schema: type: string - in: path - name: backupsId + name: authorizedViewsId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/clusters/{clustersId}/backups:copy: + - in: query + name: view + schema: + type: string + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/authorizedViews/{authorizedViewsId}:getIamPolicy: parameters: *ref_1 post: description: >- - Copy a Cloud Bigtable backup to a new backup in the destination cluster - located in the destination instance and project. - operationId: bigtableadmin.projects.instances.clusters.backups.copy + Gets the access control policy for a Bigtable resource. Returns an empty + policy if the resource exists but does not have a policy set. + operationId: bigtableadmin.projects.instances.tables.authorizedViews.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/CopyBackupRequest' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -5549,7 +5707,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -5562,17 +5720,22 @@ paths: schema: type: string - in: path - name: clustersId + name: tablesId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/clusters/{clustersId}/backups/{backupsId}:getIamPolicy: + - in: path + name: authorizedViewsId + required: true + schema: + type: string + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/schemaBundles/{schemaBundlesId}:getIamPolicy: parameters: *ref_1 post: description: >- Gets the access control policy for a Bigtable resource. Returns an empty policy if the resource exists but does not have a policy set. - operationId: bigtableadmin.projects.instances.clusters.backups.getIamPolicy + operationId: bigtableadmin.projects.instances.tables.schemaBundles.getIamPolicy requestBody: content: application/json: @@ -5618,27 +5781,27 @@ paths: schema: type: string - in: path - name: clustersId + name: tablesId required: true schema: type: string - in: path - name: backupsId + name: schemaBundlesId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/clusters/{clustersId}/backups/{backupsId}:setIamPolicy: + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/schemaBundles/{schemaBundlesId}:testIamPermissions: parameters: *ref_1 post: description: >- - Sets the access control policy on a Bigtable resource. Replaces any - existing policy. - operationId: bigtableadmin.projects.instances.clusters.backups.setIamPolicy + Returns permissions that the caller has on the specified Bigtable + resource. + operationId: bigtableadmin.projects.instances.tables.schemaBundles.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -5666,7 +5829,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -5679,27 +5842,20 @@ paths: schema: type: string - in: path - name: clustersId + name: tablesId required: true schema: type: string - in: path - name: backupsId + name: schemaBundlesId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/clusters/{clustersId}/backups/{backupsId}:testIamPermissions: + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/schemaBundles/{schemaBundlesId}: parameters: *ref_1 - post: - description: >- - Returns permissions that the caller has on the specified Bigtable - resource. - operationId: bigtableadmin.projects.instances.clusters.backups.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + get: + description: Gets metadata information about the specified schema bundle. + operationId: bigtableadmin.projects.instances.tables.schemaBundles.get security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -5727,7 +5883,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/SchemaBundle' parameters: - in: path name: projectsId @@ -5740,46 +5896,35 @@ paths: schema: type: string - in: path - name: clustersId + name: tablesId required: true schema: type: string - in: path - name: backupsId + name: schemaBundlesId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/appProfiles: - parameters: *ref_1 - post: - description: Creates an app profile within an instance. - operationId: bigtableadmin.projects.instances.appProfiles.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AppProfile' + delete: + description: Deletes a schema bundle in the specified table. + operationId: bigtableadmin.projects.instances.tables.schemaBundles.delete security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -5790,7 +5935,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AppProfile' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -5802,38 +5947,45 @@ paths: required: true schema: type: string - - in: query - name: appProfileId + - in: path + name: tablesId + required: true + schema: + type: string + - in: path + name: schemaBundlesId + required: true schema: type: string - in: query - name: ignoreWarnings + name: etag schema: - type: boolean - get: - description: Lists information about app profiles in an instance. - operationId: bigtableadmin.projects.instances.appProfiles.list + type: string + patch: + description: Updates a schema bundle in the specified table. + operationId: bigtableadmin.projects.instances.tables.schemaBundles.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SchemaBundle' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -5844,7 +5996,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAppProfilesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5856,56 +6008,63 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: tablesId + required: true schema: - type: integer - format: int32 + type: string + - in: path + name: schemaBundlesId + required: true + schema: + type: string - in: query - name: pageToken + name: updateMask schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/appProfiles/{appProfilesId}: + format: google-fieldmask + - in: query + name: ignoreWarnings + schema: + type: boolean + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/schemaBundles: parameters: *ref_1 - get: - description: Gets information about an app profile. - operationId: bigtableadmin.projects.instances.appProfiles.get + post: + description: Creates a new schema bundle in the specified table. + operationId: bigtableadmin.projects.instances.tables.schemaBundles.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SchemaBundle' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/AppProfile' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5918,39 +6077,34 @@ paths: schema: type: string - in: path - name: appProfilesId + name: tablesId required: true schema: type: string - patch: - description: Updates an app profile within an instance. - operationId: bigtableadmin.projects.instances.appProfiles.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AppProfile' + - in: query + name: schemaBundleId + schema: + type: string + get: + description: Lists all schema bundles associated with the specified table. + operationId: bigtableadmin.projects.instances.tables.schemaBundles.list security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -5961,7 +6115,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListSchemaBundlesResponse' parameters: - in: path name: projectsId @@ -5974,43 +6128,52 @@ paths: schema: type: string - in: path - name: appProfilesId + name: tablesId required: true schema: type: string - in: query - name: updateMask + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - format: google-fieldmask - in: query - name: ignoreWarnings + name: view schema: - type: boolean - delete: - description: Deletes an app profile from an instance. - operationId: bigtableadmin.projects.instances.appProfiles.delete + type: string + /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/schemaBundles/{schemaBundlesId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on a Bigtable resource. Replaces any + existing policy. + operationId: bigtableadmin.projects.instances.tables.schemaBundles.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.cluster - - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.instance + - https://www.googleapis.com/auth/bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster + - https://www.googleapis.com/auth/cloud-bigtable.admin.table - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -6021,7 +6184,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6034,26 +6197,20 @@ paths: schema: type: string - in: path - name: appProfilesId + name: tablesId required: true schema: type: string - - in: query - name: ignoreWarnings + - in: path + name: schemaBundlesId + required: true schema: - type: boolean - /v2/projects/{projectsId}/instances/{instancesId}/materializedViews/{materializedViewsId}:getIamPolicy: + type: string + /v2/projects/{projectsId}/instances/{instancesId}/logicalViews/{logicalViewsId}: parameters: *ref_1 - post: - description: >- - Gets the access control policy for an instance resource. Returns an - empty policy if an instance exists but does not have a policy set. - operationId: bigtableadmin.projects.instances.materializedViews.getIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + get: + description: Gets information about a logical view. + operationId: bigtableadmin.projects.instances.logicalViews.get security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -6085,7 +6242,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/LogicalView' parameters: - in: path name: projectsId @@ -6098,22 +6255,18 @@ paths: schema: type: string - in: path - name: materializedViewsId + name: logicalViewsId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/materializedViews/{materializedViewsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on an instance resource. Replaces any - existing policy. - operationId: bigtableadmin.projects.instances.materializedViews.setIamPolicy + patch: + description: Updates a logical view within an instance. + operationId: bigtableadmin.projects.instances.logicalViews.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/LogicalView' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -6145,7 +6298,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6158,22 +6311,18 @@ paths: schema: type: string - in: path - name: materializedViewsId + name: logicalViewsId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/materializedViews/{materializedViewsId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns permissions that the caller has on the specified instance - resource. - operationId: bigtableadmin.projects.instances.materializedViews.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a logical view from an instance. + operationId: bigtableadmin.projects.instances.logicalViews.delete security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -6205,7 +6354,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -6218,20 +6367,19 @@ paths: schema: type: string - in: path - name: materializedViewsId + name: logicalViewsId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/materializedViews: + - in: query + name: etag + schema: + type: string + /v2/projects/{projectsId}/instances/{instancesId}/logicalViews: parameters: *ref_1 - post: - description: Creates a materialized view within an instance. - operationId: bigtableadmin.projects.instances.materializedViews.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/MaterializedView' + get: + description: Lists information about logical views in an instance. + operationId: bigtableadmin.projects.instances.logicalViews.list security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -6263,7 +6411,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListLogicalViewsResponse' parameters: - in: path name: projectsId @@ -6276,12 +6424,22 @@ paths: schema: type: string - in: query - name: materializedViewId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - get: - description: Lists information about materialized views in an instance. - operationId: bigtableadmin.projects.instances.materializedViews.list + post: + description: Creates a logical view within an instance. + operationId: bigtableadmin.projects.instances.logicalViews.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogicalView' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -6313,7 +6471,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListMaterializedViewsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6326,19 +6484,21 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: logicalViewId schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/materializedViews/{materializedViewsId}: + /v2/projects/{projectsId}/instances/{instancesId}/logicalViews/{logicalViewsId}:testIamPermissions: parameters: *ref_1 - get: - description: Gets information about a materialized view. - operationId: bigtableadmin.projects.instances.materializedViews.get + post: + description: >- + Returns permissions that the caller has on the specified instance + resource. + operationId: bigtableadmin.projects.instances.logicalViews.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -6370,7 +6530,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/MaterializedView' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -6383,18 +6543,22 @@ paths: schema: type: string - in: path - name: materializedViewsId + name: logicalViewsId required: true schema: type: string - patch: - description: Updates a materialized view within an instance. - operationId: bigtableadmin.projects.instances.materializedViews.patch + /v2/projects/{projectsId}/instances/{instancesId}/logicalViews/{logicalViewsId}:getIamPolicy: + parameters: *ref_1 + post: + description: >- + Gets the access control policy for an instance resource. Returns an + empty policy if an instance exists but does not have a policy set. + operationId: bigtableadmin.projects.instances.logicalViews.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/MaterializedView' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -6426,7 +6590,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6439,18 +6603,22 @@ paths: schema: type: string - in: path - name: materializedViewsId + name: logicalViewsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a materialized view from an instance. - operationId: bigtableadmin.projects.instances.materializedViews.delete + /v2/projects/{projectsId}/instances/{instancesId}/logicalViews/{logicalViewsId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on an instance resource. Replaces any + existing policy. + operationId: bigtableadmin.projects.instances.logicalViews.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -6482,7 +6650,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6495,26 +6663,15 @@ paths: schema: type: string - in: path - name: materializedViewsId + name: logicalViewsId required: true schema: type: string - - in: query - name: etag - schema: - type: string - /v2/projects/{projectsId}/instances/{instancesId}/logicalViews/{logicalViewsId}:getIamPolicy: + /v2/projects/{projectsId}/instances/{instancesId}/appProfiles/{appProfilesId}: parameters: *ref_1 - post: - description: >- - Gets the access control policy for an instance resource. Returns an - empty policy if an instance exists but does not have a policy set. - operationId: bigtableadmin.projects.instances.logicalViews.getIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + delete: + description: Deletes an app profile from an instance. + operationId: bigtableadmin.projects.instances.appProfiles.delete security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -6546,7 +6703,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -6559,22 +6716,22 @@ paths: schema: type: string - in: path - name: logicalViewsId + name: appProfilesId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/logicalViews/{logicalViewsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on an instance resource. Replaces any - existing policy. - operationId: bigtableadmin.projects.instances.logicalViews.setIamPolicy + - in: query + name: ignoreWarnings + schema: + type: boolean + patch: + description: Updates an app profile within an instance. + operationId: bigtableadmin.projects.instances.appProfiles.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/AppProfile' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -6606,7 +6763,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6619,22 +6776,22 @@ paths: schema: type: string - in: path - name: logicalViewsId + name: appProfilesId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/logicalViews/{logicalViewsId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns permissions that the caller has on the specified instance - resource. - operationId: bigtableadmin.projects.instances.logicalViews.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: ignoreWarnings + schema: + type: boolean + get: + description: Gets information about an app profile. + operationId: bigtableadmin.projects.instances.appProfiles.get security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -6660,13 +6817,17 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/AppProfile' parameters: - in: path name: projectsId @@ -6679,20 +6840,15 @@ paths: schema: type: string - in: path - name: logicalViewsId + name: appProfilesId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/logicalViews: + /v2/projects/{projectsId}/instances/{instancesId}/appProfiles: parameters: *ref_1 - post: - description: Creates a logical view within an instance. - operationId: bigtableadmin.projects.instances.logicalViews.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogicalView' + get: + description: Lists information about app profiles in an instance. + operationId: bigtableadmin.projects.instances.appProfiles.list security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -6724,7 +6880,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListAppProfilesResponse' parameters: - in: path name: projectsId @@ -6737,12 +6893,22 @@ paths: schema: type: string - in: query - name: logicalViewId + name: pageToken schema: type: string - get: - description: Lists information about logical views in an instance. - operationId: bigtableadmin.projects.instances.logicalViews.list + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates an app profile within an instance. + operationId: bigtableadmin.projects.instances.appProfiles.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AppProfile' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -6774,7 +6940,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLogicalViewsResponse' + $ref: '#/components/schemas/AppProfile' parameters: - in: path name: projectsId @@ -6787,19 +6953,29 @@ paths: schema: type: string - in: query - name: pageSize + name: appProfileId schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: ignoreWarnings schema: - type: string - /v2/projects/{projectsId}/instances/{instancesId}/logicalViews/{logicalViewsId}: + type: boolean + /v2/projects/{projectsId}/instances/{instancesId}/clusters: parameters: *ref_1 - get: - description: Gets information about a logical view. - operationId: bigtableadmin.projects.instances.logicalViews.get + post: + description: >- + Creates a cluster within an instance. Note that exactly one of + Cluster.serve_nodes and + Cluster.cluster_config.cluster_autoscaling_config can be set. If + serve_nodes is set to non-zero, then the cluster is manually scaled. If + cluster_config.cluster_autoscaling_config is non-empty, then autoscaling + is enabled. + operationId: bigtableadmin.projects.instances.clusters.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Cluster' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -6831,7 +7007,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogicalView' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6843,19 +7019,13 @@ paths: required: true schema: type: string - - in: path - name: logicalViewsId - required: true + - in: query + name: clusterId schema: type: string - patch: - description: Updates a logical view within an instance. - operationId: bigtableadmin.projects.instances.logicalViews.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogicalView' + get: + description: Lists information about clusters in an instance. + operationId: bigtableadmin.projects.instances.clusters.list security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -6881,13 +7051,17 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListClustersResponse' parameters: - in: path name: projectsId @@ -6899,19 +7073,15 @@ paths: required: true schema: type: string - - in: path - name: logicalViewsId - required: true - schema: - type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask + /v2/projects/{projectsId}/instances/{instancesId}/clusters/{clustersId}: + parameters: *ref_1 delete: - description: Deletes a logical view from an instance. - operationId: bigtableadmin.projects.instances.logicalViews.delete + description: Deletes a cluster from an instance. + operationId: bigtableadmin.projects.instances.clusters.delete security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -6956,54 +7126,49 @@ paths: schema: type: string - in: path - name: logicalViewsId + name: clustersId required: true schema: type: string - - in: query - name: etag - schema: - type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables: - parameters: *ref_1 - post: - description: >- - Creates a new table in the specified instance. The table can be created - with a full set of initial column families, specified in the request. - operationId: bigtableadmin.projects.instances.tables.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CreateTableRequest' + get: + description: Gets information about a cluster. + operationId: bigtableadmin.projects.instances.clusters.get security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Table' + $ref: '#/components/schemas/Cluster' parameters: - in: path name: projectsId @@ -7015,41 +7180,54 @@ paths: required: true schema: type: string - get: - description: Lists all tables served from a specified instance. - operationId: bigtableadmin.projects.instances.tables.list + - in: path + name: clustersId + required: true + schema: + type: string + put: + description: >- + Updates a cluster within an instance. Note that UpdateCluster does not + support updating cluster_config.cluster_autoscaling_config. In order to + update it, you must use PartialUpdateCluster. + operationId: bigtableadmin.projects.instances.clusters.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Cluster' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListTablesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7061,56 +7239,60 @@ paths: required: true schema: type: string - - in: query - name: view - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: clustersId + required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}: - parameters: *ref_1 - get: - description: Gets metadata information about the specified table. - operationId: bigtableadmin.projects.instances.tables.get + patch: + description: >- + Partially updates a cluster within a project. This method is the + preferred way to update a Cluster. To enable and update autoscaling, set + cluster_config.cluster_autoscaling_config. When autoscaling is enabled, + serve_nodes is treated as an OUTPUT_ONLY field, meaning that updates to + it are ignored. Note that an update cannot simultaneously set + serve_nodes to non-zero and cluster_config.cluster_autoscaling_config to + non-empty, and also specify both in the update_mask. To disable + autoscaling, clear cluster_config.cluster_autoscaling_config, and + explicitly set a serve_node count via the update_mask. + operationId: bigtableadmin.projects.instances.clusters.partialUpdateCluster + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Cluster' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Table' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7123,22 +7305,22 @@ paths: schema: type: string - in: path - name: tablesId + name: clustersId required: true schema: type: string - in: query - name: view + name: updateMask schema: type: string - patch: - description: Updates a specified table. - operationId: bigtableadmin.projects.instances.tables.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Table' + format: google-fieldmask + /v2/projects/{projectsId}/instances/{instancesId}/clusters/{clustersId}/backups: + parameters: *ref_1 + get: + description: >- + Lists Cloud Bigtable backups. Returns both completed and pending + backups. + operationId: bigtableadmin.projects.instances.clusters.backups.list security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -7166,7 +7348,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListBackupsResponse' parameters: - in: path name: projectsId @@ -7179,22 +7361,40 @@ paths: schema: type: string - in: path - name: tablesId + name: clustersId required: true schema: type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - in: query - name: ignoreWarnings + name: pageSize schema: - type: boolean - delete: - description: Permanently deletes a specified table and all of its data. - operationId: bigtableadmin.projects.instances.tables.delete + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + post: + description: >- + Starts creating a new Cloud Bigtable Backup. The returned backup + long-running operation can be used to track creation of the backup. The + metadata field type is CreateBackupMetadata. The response field type is + Backup, if successful. Cancelling the returned operation will stop the + creation and delete the backup. + operationId: bigtableadmin.projects.instances.clusters.backups.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Backup' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -7222,7 +7422,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7235,20 +7435,19 @@ paths: schema: type: string - in: path - name: tablesId + name: clustersId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}:undelete: + - in: query + name: backupId + schema: + type: string + /v2/projects/{projectsId}/instances/{instancesId}/clusters/{clustersId}/backups/{backupsId}: parameters: *ref_1 - post: - description: Restores a specified table which was accidentally deleted. - operationId: bigtableadmin.projects.instances.tables.undelete - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UndeleteTableRequest' + delete: + description: Deletes a pending or completed Cloud Bigtable backup. + operationId: bigtableadmin.projects.instances.clusters.backups.delete security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -7276,7 +7475,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -7289,24 +7488,23 @@ paths: schema: type: string - in: path - name: tablesId + name: clustersId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}:modifyColumnFamilies: - parameters: *ref_1 - post: - description: >- - Performs a series of column family modifications on the specified table. - Either all or none of the modifications will occur before this method - returns, but data requests received prior to that point may see a table - where only some modifications have taken effect. - operationId: bigtableadmin.projects.instances.tables.modifyColumnFamilies + - in: path + name: backupsId + required: true + schema: + type: string + patch: + description: Updates a pending or completed Cloud Bigtable Backup. + operationId: bigtableadmin.projects.instances.clusters.backups.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/ModifyColumnFamiliesRequest' + $ref: '#/components/schemas/Backup' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -7334,7 +7532,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Table' + $ref: '#/components/schemas/Backup' parameters: - in: path name: projectsId @@ -7347,26 +7545,23 @@ paths: schema: type: string - in: path - name: tablesId + name: clustersId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}:dropRowRange: - parameters: *ref_1 - post: - description: >- - Permanently drop/delete a row range from a specified table. The request - can specify whether to delete all rows in a table, or only those that - match a particular prefix. Note that row key prefixes used here are - treated as service data. For more information about how service data is - handled, see the [Google Cloud Privacy - Notice](https://cloud.google.com/terms/cloud-privacy-notice). - operationId: bigtableadmin.projects.instances.tables.dropRowRange - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DropRowRangeRequest' + - in: path + name: backupsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets metadata on a pending or completed Cloud Bigtable Backup. + operationId: bigtableadmin.projects.instances.clusters.backups.get security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -7394,7 +7589,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Backup' parameters: - in: path name: projectsId @@ -7407,24 +7602,27 @@ paths: schema: type: string - in: path - name: tablesId + name: clustersId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}:generateConsistencyToken: + - in: path + name: backupsId + required: true + schema: + type: string + /v2/projects/{projectsId}/instances/{instancesId}/clusters/{clustersId}/backups/{backupsId}:testIamPermissions: parameters: *ref_1 post: description: >- - Generates a consistency token for a Table, which can be used in - CheckConsistency to check whether mutations to the table that finished - before this call started have been replicated. The tokens will be - available for 90 days. - operationId: bigtableadmin.projects.instances.tables.generateConsistencyToken + Returns permissions that the caller has on the specified Bigtable + resource. + operationId: bigtableadmin.projects.instances.clusters.backups.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/GenerateConsistencyTokenRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -7452,7 +7650,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GenerateConsistencyTokenResponse' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -7465,23 +7663,27 @@ paths: schema: type: string - in: path - name: tablesId + name: clustersId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}:checkConsistency: + - in: path + name: backupsId + required: true + schema: + type: string + /v2/projects/{projectsId}/instances/{instancesId}/clusters/{clustersId}/backups/{backupsId}:setIamPolicy: parameters: *ref_1 post: description: >- - Checks replication consistency based on a consistency token, that is, if - replication has caught up based on the conditions specified in the token - and the check request. - operationId: bigtableadmin.projects.instances.tables.checkConsistency + Sets the access control policy on a Bigtable resource. Replaces any + existing policy. + operationId: bigtableadmin.projects.instances.clusters.backups.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/CheckConsistencyRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -7509,7 +7711,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CheckConsistencyResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7522,24 +7724,27 @@ paths: schema: type: string - in: path - name: tablesId + name: clustersId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables:restore: + - in: path + name: backupsId + required: true + schema: + type: string + /v2/projects/{projectsId}/instances/{instancesId}/clusters/{clustersId}/backups/{backupsId}:getIamPolicy: parameters: *ref_1 post: description: >- - Create a new table by restoring from a completed backup. The returned - table long-running operation can be used to track the progress of the - operation, and to cancel it. The metadata field type is - RestoreTableMetadata. The response type is Table, if successful. - operationId: bigtableadmin.projects.instances.tables.restore + Gets the access control policy for a Bigtable resource. Returns an empty + policy if the resource exists but does not have a policy set. + operationId: bigtableadmin.projects.instances.clusters.backups.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/RestoreTableRequest' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -7567,7 +7772,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7579,18 +7784,28 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}:getIamPolicy: + - in: path + name: clustersId + required: true + schema: + type: string + - in: path + name: backupsId + required: true + schema: + type: string + /v2/projects/{projectsId}/instances/{instancesId}/clusters/{clustersId}/backups:copy: parameters: *ref_1 post: description: >- - Gets the access control policy for a Bigtable resource. Returns an empty - policy if the resource exists but does not have a policy set. - operationId: bigtableadmin.projects.instances.tables.getIamPolicy + Copy a Cloud Bigtable backup to a new backup in the destination cluster + located in the destination instance and project. + operationId: bigtableadmin.projects.instances.clusters.backups.copy requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/CopyBackupRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin @@ -7618,7 +7833,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7631,39 +7846,38 @@ paths: schema: type: string - in: path - name: tablesId + name: clustersId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}:setIamPolicy: + /v2/projects/{projectsId}/instances/{instancesId}/clusters/{clustersId}/hotTablets: parameters: *ref_1 - post: + get: description: >- - Sets the access control policy on a Bigtable resource. Replaces any - existing policy. - operationId: bigtableadmin.projects.instances.tables.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + Lists hot tablets in a cluster, within the time range provided. Hot + tablets are ordered based on CPU usage. + operationId: bigtableadmin.projects.instances.clusters.hotTablets.list security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -7674,7 +7888,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListHotTabletsResponse' parameters: - in: path name: projectsId @@ -7687,39 +7901,55 @@ paths: schema: type: string - in: path - name: tablesId + name: clustersId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}:testIamPermissions: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: endTime + schema: + type: string + format: google-datetime + - in: query + name: pageToken + schema: + type: string + - in: query + name: startTime + schema: + type: string + format: google-datetime + /v2/projects/{projectsId}/instances/{instancesId}/materializedViews/{materializedViewsId}: parameters: *ref_1 - post: - description: >- - Returns permissions that the caller has on the specified Bigtable - resource. - operationId: bigtableadmin.projects.instances.tables.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + get: + description: Gets information about a materialized view. + operationId: bigtableadmin.projects.instances.materializedViews.get security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -7730,7 +7960,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/MaterializedView' parameters: - in: path name: projectsId @@ -7743,37 +7973,43 @@ paths: schema: type: string - in: path - name: tablesId + name: materializedViewsId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/authorizedViews: - parameters: *ref_1 - post: - description: Creates a new AuthorizedView in a table. - operationId: bigtableadmin.projects.instances.tables.authorizedViews.create + - in: query + name: view + schema: + type: string + patch: + description: Updates a materialized view within an instance. + operationId: bigtableadmin.projects.instances.materializedViews.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/AuthorizedView' + $ref: '#/components/schemas/MaterializedView' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -7797,34 +8033,39 @@ paths: schema: type: string - in: path - name: tablesId + name: materializedViewsId required: true schema: type: string - in: query - name: authorizedViewId + name: updateMask schema: type: string - get: - description: Lists all AuthorizedViews from a specific table. - operationId: bigtableadmin.projects.instances.tables.authorizedViews.list + format: google-fieldmask + delete: + description: Deletes a materialized view from an instance. + operationId: bigtableadmin.projects.instances.materializedViews.delete security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -7835,7 +8076,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAuthorizedViewsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -7848,45 +8089,47 @@ paths: schema: type: string - in: path - name: tablesId + name: materializedViewsId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: view + name: etag schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/authorizedViews/{authorizedViewsId}: + /v2/projects/{projectsId}/instances/{instancesId}/materializedViews/{materializedViewsId}:setIamPolicy: parameters: *ref_1 - get: - description: Gets information from a specified AuthorizedView. - operationId: bigtableadmin.projects.instances.tables.authorizedViews.get + post: + description: >- + Sets the access control policy on an instance resource. Replaces any + existing policy. + operationId: bigtableadmin.projects.instances.materializedViews.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -7897,7 +8140,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AuthorizedView' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7910,44 +8153,41 @@ paths: schema: type: string - in: path - name: tablesId - required: true - schema: - type: string - - in: path - name: authorizedViewsId + name: materializedViewsId required: true schema: type: string - - in: query - name: view - schema: - type: string - patch: - description: Updates an AuthorizedView in a table. - operationId: bigtableadmin.projects.instances.tables.authorizedViews.patch + /v2/projects/{projectsId}/instances/{instancesId}/materializedViews: + parameters: *ref_1 + post: + description: Creates a materialized view within an instance. + operationId: bigtableadmin.projects.instances.materializedViews.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/AuthorizedView' + $ref: '#/components/schemas/MaterializedView' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin + - https://www.googleapis.com/auth/bigtable.admin + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.cluster + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.cluster - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.instance Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -7970,45 +8210,34 @@ paths: required: true schema: type: string - - in: path - name: tablesId - required: true - schema: - type: string - - in: path - name: authorizedViewsId - required: true - schema: - type: string - in: query - name: updateMask + name: materializedViewId schema: type: string - format: google-fieldmask - - in: query - name: ignoreWarnings - schema: - type: boolean - delete: - description: Permanently deletes a specified AuthorizedView. - operationId: bigtableadmin.projects.instances.tables.authorizedViews.delete + get: + description: Lists information about materialized views in an instance. + operationId: bigtableadmin.projects.instances.materializedViews.list security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -8019,7 +8248,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListMaterializedViewsResponse' parameters: - in: path name: projectsId @@ -8031,27 +8260,26 @@ paths: required: true schema: type: string - - in: path - name: tablesId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: authorizedViewsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: etag + name: view schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/authorizedViews/{authorizedViewsId}:getIamPolicy: + /v2/projects/{projectsId}/instances/{instancesId}/materializedViews/{materializedViewsId}:getIamPolicy: parameters: *ref_1 post: description: >- - Gets the access control policy for a Bigtable resource. Returns an empty - policy if the resource exists but does not have a policy set. - operationId: bigtableadmin.projects.instances.tables.authorizedViews.getIamPolicy + Gets the access control policy for an instance resource. Returns an + empty policy if an instance exists but does not have a policy set. + operationId: bigtableadmin.projects.instances.materializedViews.getIamPolicy requestBody: content: application/json: @@ -8063,17 +8291,21 @@ paths: Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -8097,44 +8329,43 @@ paths: schema: type: string - in: path - name: tablesId - required: true - schema: - type: string - - in: path - name: authorizedViewsId + name: materializedViewsId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/authorizedViews/{authorizedViewsId}:setIamPolicy: + /v2/projects/{projectsId}/instances/{instancesId}/materializedViews/{materializedViewsId}:testIamPermissions: parameters: *ref_1 post: description: >- - Sets the access control policy on a Bigtable resource. Replaces any - existing policy. - operationId: bigtableadmin.projects.instances.tables.authorizedViews.setIamPolicy + Returns permissions that the caller has on the specified instance + resource. + operationId: bigtableadmin.projects.instances.materializedViews.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -8145,7 +8376,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -8158,106 +8389,96 @@ paths: schema: type: string - in: path - name: tablesId - required: true - schema: - type: string - - in: path - name: authorizedViewsId + name: materializedViewsId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/authorizedViews/{authorizedViewsId}:testIamPermissions: + /v2/projects/{projectsId}/instances: parameters: *ref_1 - post: - description: >- - Returns permissions that the caller has on the specified Bigtable - resource. - operationId: >- - bigtableadmin.projects.instances.tables.authorizedViews.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + get: + description: Lists information about instances in a project. + operationId: bigtableadmin.projects.instances.list security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ListInstancesResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: instancesId - required: true - schema: - type: string - - in: path - name: tablesId - required: true - schema: - type: string - - in: path - name: authorizedViewsId - required: true + - in: query + name: pageToken schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/schemaBundles/{schemaBundlesId}:getIamPolicy: - parameters: *ref_1 post: description: >- - Gets the access control policy for a Bigtable resource. Returns an empty - policy if the resource exists but does not have a policy set. - operationId: bigtableadmin.projects.instances.tables.schemaBundles.getIamPolicy + Create an instance within a project. Note that exactly one of + Cluster.serve_nodes and + Cluster.cluster_config.cluster_autoscaling_config can be set. If + serve_nodes is set to non-zero, then the cluster is manually scaled. If + cluster_config.cluster_autoscaling_config is non-empty, then autoscaling + is enabled. + operationId: bigtableadmin.projects.instances.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/CreateInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -8268,68 +8489,54 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: instancesId - required: true - schema: - type: string - - in: path - name: tablesId - required: true - schema: - type: string - - in: path - name: schemaBundlesId - required: true - schema: - type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/schemaBundles/{schemaBundlesId}:setIamPolicy: + /v2/projects/{projectsId}/instances/{instancesId}: parameters: *ref_1 - post: - description: >- - Sets the access control policy on a Bigtable resource. Replaces any - existing policy. - operationId: bigtableadmin.projects.instances.tables.schemaBundles.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + get: + description: Gets information about an instance. + operationId: bigtableadmin.projects.instances.get security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Instance' parameters: - in: path name: projectsId @@ -8337,49 +8544,42 @@ paths: schema: type: string - in: path - name: instancesId - required: true - schema: - type: string - - in: path - name: tablesId - required: true - schema: - type: string - - in: path - name: schemaBundlesId + name: instancesId required: true schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/schemaBundles/{schemaBundlesId}:testIamPermissions: - parameters: *ref_1 - post: + put: description: >- - Returns permissions that the caller has on the specified Bigtable - resource. - operationId: bigtableadmin.projects.instances.tables.schemaBundles.testIamPermissions + Updates an instance within a project. This method updates only the + display name and type for an Instance. To update other Instance + properties, such as labels, use PartialUpdateInstance. + operationId: bigtableadmin.projects.instances.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/Instance' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -8390,7 +8590,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Instance' parameters: - in: path name: projectsId @@ -8402,43 +8602,30 @@ paths: required: true schema: type: string - - in: path - name: tablesId - required: true - schema: - type: string - - in: path - name: schemaBundlesId - required: true - schema: - type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/schemaBundles: - parameters: *ref_1 - post: - description: Creates a new schema bundle in the specified table. - operationId: bigtableadmin.projects.instances.tables.schemaBundles.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SchemaBundle' + delete: + description: Delete an instance from a project. + operationId: bigtableadmin.projects.instances.delete security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -8449,7 +8636,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -8461,35 +8648,38 @@ paths: required: true schema: type: string - - in: path - name: tablesId - required: true - schema: - type: string - - in: query - name: schemaBundleId - schema: - type: string - get: - description: Lists all schema bundles associated with the specified table. - operationId: bigtableadmin.projects.instances.tables.schemaBundles.list + patch: + description: >- + Partially updates an instance within a project. This method can modify + all fields of an Instance and is the preferred way to update an + Instance. + operationId: bigtableadmin.projects.instances.partialUpdateInstance + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Instance' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -8500,7 +8690,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSchemaBundlesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -8512,51 +8702,44 @@ paths: required: true schema: type: string - - in: path - name: tablesId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - in: query - name: view + name: updateMask schema: type: string - /v2/projects/{projectsId}/instances/{instancesId}/tables/{tablesId}/schemaBundles/{schemaBundlesId}: + format: google-fieldmask + /v2/projects/{projectsId}/instances/{instancesId}:getIamPolicy: parameters: *ref_1 - patch: - description: Updates a schema bundle in the specified table. - operationId: bigtableadmin.projects.instances.tables.schemaBundles.patch + post: + description: >- + Gets the access control policy for an instance resource. Returns an + empty policy if an instance exists but does not have a policy set. + operationId: bigtableadmin.projects.instances.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/SchemaBundle' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -8567,7 +8750,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -8579,45 +8762,39 @@ paths: required: true schema: type: string - - in: path - name: tablesId - required: true - schema: - type: string - - in: path - name: schemaBundlesId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: ignoreWarnings - schema: - type: boolean - get: - description: Gets metadata information about the specified schema bundle. - operationId: bigtableadmin.projects.instances.tables.schemaBundles.get + /v2/projects/{projectsId}/instances/{instancesId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that the caller has on the specified instance + resource. + operationId: bigtableadmin.projects.instances.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -8628,7 +8805,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaBundle' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -8640,36 +8817,39 @@ paths: required: true schema: type: string - - in: path - name: tablesId - required: true - schema: - type: string - - in: path - name: schemaBundlesId - required: true - schema: - type: string - delete: - description: Deletes a schema bundle in the specified table. - operationId: bigtableadmin.projects.instances.tables.schemaBundles.delete + /v2/projects/{projectsId}/instances/{instancesId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on an instance resource. Replaces any + existing policy. + operationId: bigtableadmin.projects.instances.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigtable.admin Oauth2c: - https://www.googleapis.com/auth/bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/bigtable.admin.table + - https://www.googleapis.com/auth/bigtable.admin.cluster + - Oauth2: + - https://www.googleapis.com/auth/bigtable.admin.instance + Oauth2c: + - https://www.googleapis.com/auth/bigtable.admin.instance - Oauth2: - https://www.googleapis.com/auth/cloud-bigtable.admin Oauth2c: - https://www.googleapis.com/auth/cloud-bigtable.admin - Oauth2: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster Oauth2c: - - https://www.googleapis.com/auth/cloud-bigtable.admin.table + - https://www.googleapis.com/auth/cloud-bigtable.admin.cluster - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -8680,7 +8860,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -8692,20 +8872,6 @@ paths: required: true schema: type: string - - in: path - name: tablesId - required: true - schema: - type: string - - in: path - name: schemaBundlesId - required: true - schema: - type: string - - in: query - name: etag - schema: - type: string /v2/projects/{projectsId}/locations: parameters: *ref_1 get: @@ -8757,11 +8923,6 @@ paths: name: filter schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: @@ -8770,3 +8931,8 @@ paths: name: extraLocationTypes schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 diff --git a/providers/src/googleapis.com/v00.00.00000/services/billingbudgets.yaml b/providers/src/googleapis.com/v00.00.00000/services/billingbudgets.yaml index dea0573a..02595919 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/billingbudgets.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/billingbudgets.yaml @@ -9,8 +9,8 @@ info: The Cloud Billing Budget API stores Cloud Billing budgets, which define a budget plan and the rules to execute as spend is tracked against that plan. version: v1 - x-discovery-doc-revision: '20250824' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251117' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/billing/docs/how-to/budget-api-overview servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/binaryauthorization.yaml b/providers/src/googleapis.com/v00.00.00000/services/binaryauthorization.yaml index a8e6fe7e..f0afbb6f 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/binaryauthorization.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/binaryauthorization.yaml @@ -11,8 +11,8 @@ info: Kubernetes Engine (GKE), Anthos Service Mesh, Anthos Clusters, and Cloud Run. version: v1 - x-discovery-doc-revision: '20250731' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251205' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/binary-authorization/ servers: @@ -38,497 +38,310 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - EvaluateGkePolicyRequest: - id: EvaluateGkePolicyRequest - description: Request message for PlatformPolicyEvaluationService.EvaluateGkePolicy. - type: object - properties: - resource: - description: Required. JSON or YAML blob representing a Kubernetes resource. - type: object - additionalProperties: - type: any - description: Properties of the object. - EvaluateGkePolicyResponse: - id: EvaluateGkePolicyResponse - description: Response message for PlatformPolicyEvaluationService.EvaluateGkePolicy. - type: object - properties: - verdict: - description: The result of evaluating all Pods in the request. - type: string - enumDescriptions: - - Not specified. This should never be used. - - All Pods in the request conform to the policy. - - At least one Pod does not conform to the policy. - - >- - Encountered at least one error evaluating a Pod and all other Pods - conform to the policy. Non-conformance has precedence over errors. - enum: - - VERDICT_UNSPECIFIED - - CONFORMANT - - NON_CONFORMANT - - ERROR - results: - description: Evaluation result for each Pod contained in the request. - type: array - items: - $ref: '#/components/schemas/PodResult' - PodResult: - id: PodResult - description: Result of evaluating the whole GKE policy for one Pod. - type: object - properties: - podName: - description: The name of the Pod. - type: string - kubernetesNamespace: - description: The Kubernetes namespace of the Pod. - type: string - kubernetesServiceAccount: - description: The Kubernetes service account of the Pod. - type: string - verdict: - description: The result of evaluating this Pod. - type: string - enumDescriptions: - - Not specified. This should never be used. - - All images conform to the policy. - - At least one image does not conform to the policy. - - >- - Encountered at least one error evaluating an image and all other - images with non-error verdicts conform to the policy. - Non-conformance has precedence over errors. - enum: - - POD_VERDICT_UNSPECIFIED - - CONFORMANT - - NON_CONFORMANT - - ERROR - imageResults: - description: Per-image details. - type: array - items: - $ref: '#/components/schemas/ImageResult' - ImageResult: - id: ImageResult - description: Result of evaluating one image. - type: object + ValidateAttestationOccurrenceRequest: properties: - imageUri: - description: Image URI from the request. - type: string - verdict: - description: The result of evaluating this image. - type: string - enumDescriptions: - - Not specified. This should never be used. - - Image conforms to the policy. - - Image does not conform to the policy. - - >- - Error evaluating the image. Non-conformance has precedence over - errors. - enum: - - IMAGE_VERDICT_UNSPECIFIED - - CONFORMANT - - NON_CONFORMANT - - ERROR - allowlistResult: + occurrenceResourceUri: description: >- - If the image was exempted by a top-level allow_pattern, contains the - allowlist pattern that the image name matched. - $ref: '#/components/schemas/AllowlistResult' - checkSetResult: + Required. The URI of the artifact (e.g. container image) that is the + subject of the containing Occurrence. + type: string + attestation: description: >- - If a check set was evaluated, contains the result of the check set. - Empty if there were no check sets. - $ref: '#/components/schemas/CheckSetResult' - explanation: + Required. An AttestationOccurrence to be checked that it can be + verified by the `Attestor`. It does not have to be an existing + entity in Container Analysis. It must otherwise be a valid + `AttestationOccurrence`. + $ref: '#/components/schemas/AttestationOccurrence' + occurrenceNote: description: >- - Explanation of this image result. Only populated if no check sets - were evaluated. + Required. The resource name of the Note to which the containing + Occurrence is associated. type: string - AllowlistResult: - id: AllowlistResult - description: Result of evaluating an image name allowlist. type: object - properties: - matchedPattern: - description: The allowlist pattern that the image matched. - type: string - CheckSetResult: - id: CheckSetResult - description: Result of evaluating one check set. + description: Request message for ValidationHelperV1.ValidateAttestationOccurrence. + id: ValidateAttestationOccurrenceRequest + PlatformPolicy: type: object + description: >- + A Binary Authorization platform policy for deployments on various + platforms. properties: - index: - description: The index of the check set. - type: string - format: int64 - displayName: - description: The name of the check set. + updateTime: + description: Output only. Time when the policy was last updated. type: string - scope: - description: The scope of the check set. - $ref: '#/components/schemas/Scope' - allowlistResult: - description: >- - If the image was exempted by an allow_pattern in the check set, - contains the pattern that the image name matched. - $ref: '#/components/schemas/AllowlistResult' - checkResults: - description: >- - If checks were evaluated, contains the results of evaluating each - check. - $ref: '#/components/schemas/CheckResults' - explanation: + readOnly: true + format: google-datetime + name: description: >- - Explanation of this check set result. Only populated if no checks - were evaluated. + Output only. The relative resource name of the Binary Authorization + platform policy, in the form of `projects/*/platforms/*/policies/*`. type: string - Scope: - id: Scope - description: A scope specifier for `CheckSet` objects. - type: object - properties: - kubernetesServiceAccount: - description: >- - Optional. Matches a single Kubernetes service account, e.g. - `my-namespace:my-service-account`. `kubernetes_service_account` - scope is always more specific than `kubernetes_namespace` scope for - the same namespace. + readOnly: true + description: type: string - kubernetesNamespace: + description: Optional. A description comment about the policy. + etag: description: >- - Optional. Matches all Kubernetes service accounts in the provided - namespace, unless a more specific `kubernetes_service_account` scope - already matched. + Optional. Used to prevent updating the policy when another request + has updated it since it was retrieved. type: string - CheckResults: - id: CheckResults - description: Result of evaluating one or more checks. - type: object - properties: - results: - description: Per-check details. - type: array - items: - $ref: '#/components/schemas/CheckResult' + gkePolicy: + $ref: '#/components/schemas/GkePolicy' + description: Optional. GKE platform-specific policy. + id: PlatformPolicy CheckResult: - id: CheckResult - description: Result of evaluating one check. type: object + id: CheckResult properties: - index: - description: The index of the check. - type: string - format: int64 - displayName: - description: The name of the check. - type: string - type: - description: The type of the check. + evaluationResult: + description: If a check was evaluated, contains the result of the check. + $ref: '#/components/schemas/EvaluationResult' + explanation: type: string + description: Explanation of this check result. allowlistResult: description: >- If the image was exempted by an allow_pattern in the check, contains the pattern that the image name matched. $ref: '#/components/schemas/AllowlistResult' - evaluationResult: - description: If a check was evaluated, contains the result of the check. - $ref: '#/components/schemas/EvaluationResult' - explanation: - description: Explanation of this check result. + type: + description: The type of the check. + type: string + index: + format: int64 + description: The index of the check. + type: string + displayName: + description: The name of the check. type: string - EvaluationResult: - id: EvaluationResult description: Result of evaluating one check. + TestIamPermissionsResponse: + properties: + permissions: + type: array + items: + type: string + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. type: object + id: TestIamPermissionsResponse + description: Response message for `TestIamPermissions` method. + Policy: + description: A policy for container image binary authorization. + id: Policy properties: - verdict: - description: The result of evaluating this check. + etag: + description: >- + Optional. A checksum, returned by the server, that can be sent on + update requests to ensure the policy has an up-to-date value before + attempting to update it. See https://google.aip.dev/154. type: string - enumDescriptions: - - Not specified. This should never be used. - - >- - The check was successfully evaluated and the image satisfied the - check. - - >- - The check was successfully evaluated and the image did not satisfy - the check. - - The check was not successfully evaluated. - enum: - - CHECK_VERDICT_UNSPECIFIED - - CONFORMANT - - NON_CONFORMANT - - ERROR - PlatformPolicy: - id: PlatformPolicy - description: >- - A Binary Authorization platform policy for deployments on various - platforms. - type: object - properties: + istioServiceIdentityAdmissionRules: + type: object + description: >- + Optional. Per-istio-service-identity admission rules. Istio service + identity spec format: `spiffe:///ns//sa/` or `/ns//sa/` e.g. + `spiffe://example.com/ns/test-ns/sa/default` + additionalProperties: + $ref: '#/components/schemas/AdmissionRule' name: description: >- - Output only. The relative resource name of the Binary Authorization - platform policy, in the form of `projects/*/platforms/*/policies/*`. + Output only. The resource name, in the format `projects/*/policy`. + There is at most one policy per project. readOnly: true type: string description: - description: Optional. A description comment about the policy. + description: Optional. A descriptive comment. + type: string + globalPolicyEvaluationMode: + description: >- + Optional. Controls the evaluation of a Google-maintained global + admission policy for common system-level images. Images not covered + by the global policy will be subject to the project admission + policy. This setting has no effect when specified inside a global + admission policy. + enumDescriptions: + - 'Not specified: `DISABLE` is assumed.' + - Enables system policy evaluation. + - Disables system policy evaluation. + enum: + - GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED + - ENABLE + - DISABLE type: string - gkePolicy: - description: Optional. GKE platform-specific policy. - $ref: '#/components/schemas/GkePolicy' updateTime: + format: google-datetime description: Output only. Time when the policy was last updated. readOnly: true type: string - format: google-datetime - etag: + clusterAdmissionRules: + additionalProperties: + $ref: '#/components/schemas/AdmissionRule' + type: object description: >- - Optional. Used to prevent updating the policy when another request - has updated it since it was retrieved. - type: string - GkePolicy: - id: GkePolicy - description: >- - A Binary Authorization policy for a GKE cluster. This is one type of - policy that can occur as a `PlatformPolicy`. - type: object - properties: - imageAllowlist: + Optional. A valid policy has only one of the following rule maps + non-empty, i.e. only one of `cluster_admission_rules`, + `kubernetes_namespace_admission_rules`, + `kubernetes_service_account_admission_rules`, or + `istio_service_identity_admission_rules` can be non-empty. + Per-cluster admission rules. Cluster spec format: + `location.clusterId`. There can be at most one admission rule per + cluster spec. A `location` is either a compute zone (e.g. + us-central1-a) or a region (e.g. us-central1). For `clusterId` + syntax restrictions see + https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. + kubernetesNamespaceAdmissionRules: description: >- - Optional. Images exempted from this policy. If any of the patterns - match the image being evaluated, the rest of the policy will not be - evaluated. - $ref: '#/components/schemas/ImageAllowlist' - checkSets: + Optional. Per-kubernetes-namespace admission rules. K8s namespace + spec format: `[a-z.-]+`, e.g. `some-namespace` + additionalProperties: + $ref: '#/components/schemas/AdmissionRule' + type: object + defaultAdmissionRule: + $ref: '#/components/schemas/AdmissionRule' description: >- - Optional. The `CheckSet` objects to apply, scoped by namespace or - namespace and service account. Exactly one `CheckSet` will be - evaluated for a given Pod (unless the list is empty, in which case - the behavior is "always allow"). If multiple `CheckSet` objects have - scopes that match the namespace and service account of the Pod being - evaluated, only the `CheckSet` with the MOST SPECIFIC scope will - match. `CheckSet` objects must be listed in order of decreasing - specificity, i.e. if a scope matches a given service account (which - must include the namespace), it must come before a `CheckSet` with a - scope matching just that namespace. This property is enforced by - server-side validation. The purpose of this restriction is to ensure - that if more than one `CheckSet` matches a given Pod, the `CheckSet` - that will be evaluated will always be the first in the list to match - (because if any other matches, it must be less specific). If - `check_sets` is empty, the default behavior is to allow all images. - If `check_sets` is non-empty, the last `check_sets` entry must - always be a `CheckSet` with no scope set, i.e. a catchall to handle - any situation not caught by the preceding `CheckSet` objects. - type: array - items: - $ref: '#/components/schemas/CheckSet' - ImageAllowlist: - id: ImageAllowlist - description: Images that are exempted from normal checks based on name pattern only. - type: object - properties: - allowPattern: + Required. Default admission rule for a cluster without a + per-cluster, per- kubernetes-service-account, or + per-istio-service-identity admission rule. + kubernetesServiceAccountAdmissionRules: + type: object description: >- - Required. A disjunction of image patterns to allow. If any of these - patterns match, then the image is considered exempted by this - allowlist. + Optional. Per-kubernetes-service-account admission rules. Service + account spec format: `namespace:serviceaccount`. e.g. + `test-ns:default` + additionalProperties: + $ref: '#/components/schemas/AdmissionRule' + admissionWhitelistPatterns: type: array items: - type: string - CheckSet: - id: CheckSet - description: >- - A conjunction of policy checks, scoped to a particular namespace or - Kubernetes service account. In order for evaluation of a `CheckSet` to - return "allowed" for a given image in a given Pod, one of the following - conditions must be satisfied: * The image is explicitly exempted by an - entry in `image_allowlist`, OR * ALL of the `checks` evaluate to - "allowed". - type: object - properties: - displayName: - description: >- - Optional. A user-provided name for this `CheckSet`. This field has - no effect on the policy evaluation behavior except to improve - readability of messages in evaluation results. - type: string - scope: - description: >- - Optional. The scope to which this `CheckSet` applies. If unset or an - empty string (the default), applies to all namespaces and service - accounts. See the `Scope` message documentation for details on - scoping rules. - $ref: '#/components/schemas/Scope' - imageAllowlist: - description: >- - Optional. Images exempted from this `CheckSet`. If any of the - patterns match the image being evaluated, no checks in the - `CheckSet` will be evaluated. - $ref: '#/components/schemas/ImageAllowlist' - checks: + $ref: '#/components/schemas/AdmissionWhitelistPattern' description: >- - Optional. The checks to apply. The ultimate result of evaluating the - check set will be "allow" if and only if every check in `checks` - evaluates to "allow". If `checks` is empty, the default behavior is - "always allow". - type: array - items: - $ref: '#/components/schemas/Check' + Optional. Admission policy allowlisting. A matching admission + request will always be permitted. This feature is typically used to + exclude Google or third-party infrastructure images from Binary + Authorization policies. + type: object Check: - id: Check description: >- A single check to perform against a Pod. Checks are grouped into `CheckSet` objects, which are defined by the top-level policy. - type: object properties: - displayName: + slsaCheck: + $ref: '#/components/schemas/SlsaCheck' description: >- - Optional. A user-provided name for this check. This field has no - effect on the policy evaluation behavior except to improve - readability of messages in evaluation results. - type: string + Optional. Require that an image was built by a trusted builder (such + as Google Cloud Build), meets requirements for Supply chain Levels + for Software Artifacts (SLSA), and was built from a trusted source + code repostitory. imageAllowlist: description: >- Optional. Images exempted from this check. If any of the patterns match the image url, the check will not be evaluated. $ref: '#/components/schemas/ImageAllowlist' + trustedDirectoryCheck: + $ref: '#/components/schemas/TrustedDirectoryCheck' + description: Optional. Require that an image lives in a trusted directory. + simpleSigningAttestationCheck: + description: >- + Optional. Require a SimpleSigning-type attestation for every image + in the deployment. + $ref: '#/components/schemas/SimpleSigningAttestationCheck' alwaysDeny: + type: boolean description: >- Optional. A special-case check that always denies. Note that this still only applies when the scope of the `CheckSet` applies and the image isn't exempted by an image allowlist. This check is primarily useful for testing, or to set the default behavior for all unmatched scopes to "deny". - type: boolean - simpleSigningAttestationCheck: + displayName: + type: string description: >- - Optional. Require a SimpleSigning-type attestation for every image - in the deployment. - $ref: '#/components/schemas/SimpleSigningAttestationCheck' - trustedDirectoryCheck: - description: Optional. Require that an image lives in a trusted directory. - $ref: '#/components/schemas/TrustedDirectoryCheck' + Optional. A user-provided name for this check. This field has no + effect on the policy evaluation behavior except to improve + readability of messages in evaluation results. imageFreshnessCheck: + $ref: '#/components/schemas/ImageFreshnessCheck' description: >- Optional. Require that an image is no older than a configured expiration time. Image age is determined by its upload time. - $ref: '#/components/schemas/ImageFreshnessCheck' vulnerabilityCheck: description: >- Optional. Require that an image does not contain vulnerabilities that violate the configured rules, such as based on severity levels. $ref: '#/components/schemas/VulnerabilityCheck' - slsaCheck: - description: >- - Optional. Require that an image was built by a trusted builder (such - as Google Cloud Build), meets requirements for Supply chain Levels - for Software Artifacts (SLSA), and was built from a trusted source - code repostitory. - $ref: '#/components/schemas/SlsaCheck' sigstoreSignatureCheck: description: >- Optional. Require that an image was signed by Cosign with a trusted key. This check requires that both the image and signature are stored in Artifact Registry. $ref: '#/components/schemas/SigstoreSignatureCheck' - SimpleSigningAttestationCheck: - id: SimpleSigningAttestationCheck - description: >- - Require a signed [DSSE](https://github.com/secure-systems-lab/dsse) - attestation with type SimpleSigning. + id: Check + type: object + PodResult: type: object properties: - attestationAuthenticators: - description: >- - Required. The authenticators required by this check to verify an - attestation. Typically this is one or more PKIX public keys for - signature verification. Only one authenticator needs to consider an - attestation verified in order for an attestation to be considered - fully authenticated. In otherwords, this list of authenticators is - an "OR" of the authenticator results. At least one authenticator is - required. + imageResults: type: array + description: Per-image details. items: - $ref: '#/components/schemas/AttestationAuthenticator' - containerAnalysisAttestationProjects: - description: >- - Optional. The projects where attestations are stored as Container - Analysis Occurrences, in the format `projects/[PROJECT_ID]`. Only - one attestation needs to successfully verify an image for this check - to pass, so a single verified attestation found in any of - `container_analysis_attestation_projects` is sufficient for the - check to pass. A project ID must be used, not a project number. When - fetching Occurrences from Container Analysis, only - `AttestationOccurrence` kinds are considered. In the future, - additional Occurrence kinds may be added to the query. Maximum - number of `container_analysis_attestation_projects` allowed in each - `SimpleSigningAttestationCheck` is 10. - type: array - items: - type: string - AttestationAuthenticator: - id: AttestationAuthenticator - description: >- - An attestation authenticator that will be used to verify attestations. - Typically this is just a set of public keys. Conceptually, an - authenticator can be treated as always returning either "authenticated" - or "not authenticated" when presented with a signed attestation (almost - always assumed to be a - [DSSE](https://github.com/secure-systems-lab/dsse) attestation). The - details of how an authenticator makes this decision are specific to the - type of 'authenticator' that this message wraps. - type: object - properties: - displayName: - description: >- - Optional. A user-provided name for this `AttestationAuthenticator`. - This field has no effect on the policy evaluation behavior except to - improve readability of messages in evaluation results. + $ref: '#/components/schemas/ImageResult' + verdict: + description: The result of evaluating this Pod. type: string - pkixPublicKeySet: - description: >- - Optional. A set of raw PKIX SubjectPublicKeyInfo format public keys. - If any public key in the set validates the attestation signature, - then the signature is considered authenticated (i.e. any one key is - sufficient to authenticate). - $ref: '#/components/schemas/PkixPublicKeySet' - PkixPublicKeySet: - id: PkixPublicKeySet - description: >- - A bundle of PKIX public keys, used to authenticate attestation - signatures. Generally, a signature is considered to be authenticated by - a `PkixPublicKeySet` if any of the public keys verify it (i.e. it is an - "OR" of the keys). - type: object - properties: - pkixPublicKeys: - description: Required. `pkix_public_keys` must have at least one entry. - type: array - items: - $ref: '#/components/schemas/PkixPublicKey' + enumDescriptions: + - Not specified. This should never be used. + - All images conform to the policy. + - At least one image does not conform to the policy. + - >- + Encountered at least one error evaluating an image and all other + images with non-error verdicts conform to the policy. + Non-conformance has precedence over errors. + enum: + - POD_VERDICT_UNSPECIFIED + - CONFORMANT + - NON_CONFORMANT + - ERROR + kubernetesServiceAccount: + type: string + description: The Kubernetes service account of the Pod. + podName: + type: string + description: The name of the Pod. + kubernetesNamespace: + description: The Kubernetes namespace of the Pod. + type: string + id: PodResult + description: Result of evaluating the whole GKE policy for one Pod. PkixPublicKey: - id: PkixPublicKey - description: >- - A public key in the PkixPublicKey - [format](https://tools.ietf.org/html/rfc5280#section-4.1.2.7). Public - keys of this type are typically textually encoded using the PEM format. - type: object properties: publicKeyPem: + type: string description: >- A PEM-encoded public key, as described in https://tools.ietf.org/html/rfc7468#section-13 - type: string signatureAlgorithm: - description: >- - The signature algorithm used to verify a message against a signature - using this key. These signature algorithm must match the structure - and any object identifiers encoded in `public_key_pem` (i.e. this - algorithm must match that of the public key). + enum: + - SIGNATURE_ALGORITHM_UNSPECIFIED + - RSA_PSS_2048_SHA256 + - RSA_SIGN_PSS_2048_SHA256 + - RSA_PSS_3072_SHA256 + - RSA_SIGN_PSS_3072_SHA256 + - RSA_PSS_4096_SHA256 + - RSA_SIGN_PSS_4096_SHA256 + - RSA_PSS_4096_SHA512 + - RSA_SIGN_PSS_4096_SHA512 + - RSA_SIGN_PKCS1_2048_SHA256 + - RSA_SIGN_PKCS1_3072_SHA256 + - RSA_SIGN_PKCS1_4096_SHA256 + - RSA_SIGN_PKCS1_4096_SHA512 + - ECDSA_P256_SHA256 + - EC_SIGN_P256_SHA256 + - ECDSA_P384_SHA384 + - EC_SIGN_P384_SHA384 + - ECDSA_P521_SHA512 + - EC_SIGN_P521_SHA512 type: string enumDescriptions: - Not specified. @@ -550,27 +363,13 @@ components: - ECDSA on the NIST P-384 curve with a SHA384 digest. - ECDSA on the NIST P-521 curve with a SHA512 digest. - ECDSA on the NIST P-521 curve with a SHA512 digest. - enum: - - SIGNATURE_ALGORITHM_UNSPECIFIED - - RSA_PSS_2048_SHA256 - - RSA_SIGN_PSS_2048_SHA256 - - RSA_PSS_3072_SHA256 - - RSA_SIGN_PSS_3072_SHA256 - - RSA_PSS_4096_SHA256 - - RSA_SIGN_PSS_4096_SHA256 - - RSA_PSS_4096_SHA512 - - RSA_SIGN_PSS_4096_SHA512 - - RSA_SIGN_PKCS1_2048_SHA256 - - RSA_SIGN_PKCS1_3072_SHA256 - - RSA_SIGN_PKCS1_4096_SHA256 - - RSA_SIGN_PKCS1_4096_SHA512 - - ECDSA_P256_SHA256 - - EC_SIGN_P256_SHA256 - - ECDSA_P384_SHA384 - - EC_SIGN_P384_SHA384 - - ECDSA_P521_SHA512 - - EC_SIGN_P521_SHA512 + description: >- + The signature algorithm used to verify a message against a signature + using this key. These signature algorithm must match the structure + and any object identifiers encoded in `public_key_pem` (i.e. this + algorithm must match that of the public key). keyId: + type: string description: >- Optional. The ID of this public key. Signatures verified by Binary Authorization must include the ID of the public key that can be used @@ -584,308 +383,141 @@ components: `AttestorPublicKey`), then this field can either match that value exactly, or be left blank, in which case it behaves exactly as though it is equal to that wrapper value. - type: string - TrustedDirectoryCheck: - id: TrustedDirectoryCheck - description: >- - A trusted directory check, which rejects images that do not come from - the set of user-configured trusted directories. + id: PkixPublicKey type: object - properties: - trustedDirPatterns: - description: >- - Required. List of trusted directory patterns. A pattern is in the - form "registry/path/to/directory". The registry domain part is - defined as two or more dot-separated words, e.g., `us.pkg.dev`, or - `gcr.io`. Additionally, `*` can be used in three ways as wildcards: - 1. leading `*` to match varying prefixes in registry subdomain - (useful for location prefixes); 2. trailing `*` after registry/ to - match varying endings; 3. trailing `**` after registry/ to match "/" - as well. For example: -- `gcr.io/my-project/my-repo` is valid to - match a single directory -- `*-docker.pkg.dev/my-project/my-repo` or - `*.gcr.io/my-project` are valid to match varying prefixes -- - `gcr.io/my-project/*` will match all direct directories in - `my-project` -- `gcr.io/my-project/**` would match all directories - in `my-project` -- `gcr.i*` is not allowed since the registry is not - completely specified -- `sub*domain.gcr.io/nginx` is not valid - because only leading `*` or trailing `*` are allowed. -- - `*pkg.dev/my-project/my-repo` is not valid because leading `*` can - only match subdomain -- `**-docker.pkg.dev` is not valid because one - leading `*` is allowed, and that it cannot match `/` - type: array - items: - type: string - ImageFreshnessCheck: - id: ImageFreshnessCheck description: >- - An image freshness check, which rejects images that were uploaded before - the set number of days ago to the supported repositories. - type: object + A public key in the PkixPublicKey + [format](https://tools.ietf.org/html/rfc5280#section-4.1.2.7). Public + keys of this type are typically textually encoded using the PEM format. + AllowlistResult: properties: - maxUploadAgeDays: - description: >- - Required. The max number of days that is allowed since the image was - uploaded. Must be greater than zero. - type: integer - format: int32 - VulnerabilityCheck: - id: VulnerabilityCheck - description: >- - An image vulnerability check, which rejects images that violate the - configured vulnerability rules. + matchedPattern: + description: The allowlist pattern that the image matched. + type: string + description: Result of evaluating an image name allowlist. + type: object + id: AllowlistResult + ImageAllowlist: + description: Images that are exempted from normal checks based on name pattern only. + id: ImageAllowlist type: object properties: - allowedCves: - description: >- - Optional. A list of specific CVEs to ignore even if the - vulnerability level violates `maximumUnfixableSeverity` or - `maximumFixableSeverity`. CVEs are listed in the format of Container - Analysis note id. For example: - CVE-2021-20305 - CVE-2020-10543 The - CVEs are applicable regardless of note provider project, e.g., an - entry of `CVE-2021-20305` will allow vulnerabilities with a note - name of either `projects/goog-vulnz/notes/CVE-2021-20305` or - `projects/CUSTOM-PROJECT/notes/CVE-2021-20305`. - type: array + allowPattern: items: type: string - blockedCves: description: >- - Optional. A list of specific CVEs to always raise warnings about - even if the vulnerability level meets `maximumUnfixableSeverity` or - `maximumFixableSeverity`. CVEs are listed in the format of Container - Analysis note id. For example: - CVE-2021-20305 - CVE-2020-10543 The - CVEs are applicable regardless of note provider project, e.g., an - entry of `CVE-2021-20305` will block vulnerabilities with a note - name of either `projects/goog-vulnz/notes/CVE-2021-20305` or - `projects/CUSTOM-PROJECT/notes/CVE-2021-20305`. + Required. A disjunction of image patterns to allow. If any of these + patterns match, then the image is considered exempted by this + allowlist. type: array - items: - type: string - maximumUnfixableSeverity: + AttestationAuthenticator: + description: >- + An attestation authenticator that will be used to verify attestations. + Typically this is just a set of public keys. Conceptually, an + authenticator can be treated as always returning either "authenticated" + or "not authenticated" when presented with a signed attestation (almost + always assumed to be a + [DSSE](https://github.com/secure-systems-lab/dsse) attestation). The + details of how an authenticator makes this decision are specific to the + type of 'authenticator' that this message wraps. + properties: + displayName: description: >- - Required. The threshold for severity for which a fix isn't currently - available. This field is required and must be set. + Optional. A user-provided name for this `AttestationAuthenticator`. + This field has no effect on the policy evaluation behavior except to + improve readability of messages in evaluation results. type: string - enumDescriptions: - - Not specified. - - Block any vulnerability. - - Allow only minimal severity. - - Allow only low severity and lower. - - Allow medium severity and lower. - - Allow high severity and lower. - - Allow critical severity and lower. - - Allow all severity, even vulnerability with unspecified severity. - enum: - - MAXIMUM_ALLOWED_SEVERITY_UNSPECIFIED - - BLOCK_ALL - - MINIMAL - - LOW - - MEDIUM - - HIGH - - CRITICAL - - ALLOW_ALL - maximumFixableSeverity: + pkixPublicKeySet: description: >- - Required. The threshold for severity for which a fix is currently - available. This field is required and must be set. - type: string - enumDescriptions: - - Not specified. - - Block any vulnerability. - - Allow only minimal severity. - - Allow only low severity and lower. - - Allow medium severity and lower. - - Allow high severity and lower. - - Allow critical severity and lower. - - Allow all severity, even vulnerability with unspecified severity. - enum: - - MAXIMUM_ALLOWED_SEVERITY_UNSPECIFIED - - BLOCK_ALL - - MINIMAL - - LOW - - MEDIUM - - HIGH - - CRITICAL - - ALLOW_ALL - containerAnalysisVulnerabilityProjects: - description: >- - Optional. The projects where vulnerabilities are stored as Container - Analysis Occurrences. Each project is expressed in the resource - format of `projects/[PROJECT_ID]`, e.g., `projects/my-gcp-project`. - An attempt will be made for each project to fetch vulnerabilities, - and all valid vulnerabilities will be used to check against the - vulnerability policy. If no valid scan is found in all projects - configured here, an error will be returned for the check. Maximum - number of `container_analysis_vulnerability_projects` allowed in - each `VulnerabilityCheck` is 10. - type: array - items: - type: string - SlsaCheck: - id: SlsaCheck - description: >- - A SLSA provenance attestation check, which ensures that images are built - by a trusted builder using source code from its trusted repositories - only. + Optional. A set of raw PKIX SubjectPublicKeyInfo format public keys. + If any public key in the set validates the attestation signature, + then the signature is considered authenticated (i.e. any one key is + sufficient to authenticate). + $ref: '#/components/schemas/PkixPublicKeySet' + id: AttestationAuthenticator type: object - properties: - rules: - description: >- - Specifies a list of verification rules for the SLSA attestations. An - image is considered compliant with the SlsaCheck if any of the rules - are satisfied. - type: array - items: - $ref: '#/components/schemas/VerificationRule' - VerificationRule: - id: VerificationRule - description: >- - Specifies verification rules for evaluating the SLSA attestations - including: which builders to trust, where to fetch the SLSA attestations - generated by those builders, and other builder-specific evaluation rules - such as which source repositories are trusted. An image is considered - verified by the rule if any of the fetched SLSA attestations is - verified. + AttestorPublicKey: type: object properties: - trustedBuilder: - description: >- - Each verification rule is used for evaluation against provenances - generated by a specific builder (group). For some of the builders, - such as the Google Cloud Build, users don't need to explicitly - specify their roots of trust in the policy since the evaluation - service can automatically fetch them based on the builder (group). + comment: + description: Optional. A descriptive comment. This field may be updated. + type: string + asciiArmoredPgpPublicKey: type: string - enumDescriptions: - - Should never happen. - - >- - The whole Google Cloud Build (GCB) builder group, including all - GCB builder types. - enum: - - BUILDER_UNSPECIFIED - - GOOGLE_CLOUD_BUILD - attestationSource: - description: >- - Specifies where to fetch the provenances attestations generated by - the builder (group). - $ref: '#/components/schemas/AttestationSource' - configBasedBuildRequired: description: >- - If true, require the image to be built from a top-level - configuration. `trusted_source_repo_patterns` specifies the - repositories containing this configuration. - type: boolean - trustedSourceRepoPatterns: + ASCII-armored representation of a PGP public key, as the entire + output by the command `gpg --export --armor foo@example.com` (either + LF or CRLF line endings). When using this field, `id` should be left + blank. The Binary Authorization API handlers will calculate the ID + and fill it in automatically. Binary Authorization computes this ID + as the OpenPGP RFC4880 V4 fingerprint, represented as upper-case + hex. If `id` is provided by the caller, it will be overwritten by + the API-calculated ID. + pkixPublicKey: description: >- - List of trusted source code repository URL patterns. These patterns - match the full repository URL without its scheme (e.g. `https://`). - The patterns must not include schemes. For example, the pattern - `source.cloud.google.com/my-project/my-repo-name` matches the - following URLs: - `source.cloud.google.com/my-project/my-repo-name` - - `git+ssh://source.cloud.google.com/my-project/my-repo-name` - - `https://source.cloud.google.com/my-project/my-repo-name` A pattern - matches a URL either exactly or with `*` wildcards. `*` can be used - in only two ways: 1. trailing `*` after hosturi/ to match varying - endings; 2. trailing `**` after hosturi/ to match `/` as well. `*` - and `**` can only be used as wildcards and can only occur at the end - of the pattern after a `/`. (So it's not possible to match a URL - that contains literal `*`.) For example: - - `github.com/my-project/my-repo` is valid to match a single repo - - `github.com/my-project/*` will match all direct repos in - `my-project` - `github.com/**` matches all repos in GitHub - type: array - items: - type: string - customConstraints: + A raw PKIX SubjectPublicKeyInfo format public key. NOTE: `id` may be + explicitly provided by the caller when using this type of public + key, but it MUST be a valid RFC3986 URI. If `id` is left blank, a + default one will be computed based on the digest of the DER encoding + of the public key. + $ref: '#/components/schemas/PkixPublicKey' + id: description: >- - Optional. A CEL expression for specifying custom constraints on the - provenance payload. This can be used when users want to specify - expectations on provenance fields that are not covered by the - general check. For example, users can use this field to require that - certain parameters should never be used during the build process. + The ID of this public key. Signatures verified by Binary + Authorization must include the ID of the public key that can be used + to verify them, and that ID must match the contents of this field + exactly. Additional restrictions on this field can be imposed based + on which public key type is encapsulated. See the documentation on + `public_key` cases below for details. type: string - AttestationSource: - id: AttestationSource - description: Specifies the locations for fetching the provenance attestations. - type: object - properties: - containerAnalysisAttestationProjects: - description: >- - The IDs of the Google Cloud projects that store the SLSA - attestations as Container Analysis Occurrences, in the format - `projects/[PROJECT_ID]`. Maximum number of - `container_analysis_attestation_projects` allowed in each - `AttestationSource` is 10. - type: array - items: - type: string - SigstoreSignatureCheck: - id: SigstoreSignatureCheck description: >- - A Sigstore signature check, which verifies the Sigstore signature - associated with an image. - type: object + An attestor public key that will be used to verify attestations signed + by this attestor. + id: AttestorPublicKey + SlsaCheck: properties: - sigstoreAuthorities: + rules: description: >- - Required. The authorities required by this check to verify the - signature. A signature only needs to be verified by one authority to - pass the check. - type: array + Specifies a list of verification rules for the SLSA attestations. An + image is considered compliant with the SlsaCheck if any of the rules + are satisfied. items: - $ref: '#/components/schemas/SigstoreAuthority' - SigstoreAuthority: - id: SigstoreAuthority - description: >- - A Sigstore authority, used to verify signatures that are created by - Sigstore. An authority is analogous to an attestation authenticator, - verifying that a signature is valid or invalid. - type: object - properties: - displayName: - description: >- - Optional. A user-provided name for this `SigstoreAuthority`. This - field has no effect on the policy evaluation behavior except to - improve readability of messages in evaluation results. - type: string - publicKeySet: - description: >- - Required. A simple set of public keys. A signature is considered - valid if any keys in the set validate the signature. - $ref: '#/components/schemas/SigstorePublicKeySet' - SigstorePublicKeySet: - id: SigstorePublicKeySet - description: >- - A bundle of Sigstore public keys, used to verify Sigstore signatures. A - signature is authenticated by a `SigstorePublicKeySet` if any of the - keys verify it. - type: object - properties: - publicKeys: - description: Required. `public_keys` must have at least one entry. + $ref: '#/components/schemas/VerificationRule' type: array - items: - $ref: '#/components/schemas/SigstorePublicKey' - SigstorePublicKey: - id: SigstorePublicKey + id: SlsaCheck description: >- - A Sigstore public key. `SigstorePublicKey` is the public key material - used to authenticate Sigstore signatures. + A SLSA provenance attestation check, which ensures that images are built + by a trusted builder using source code from its trusted repositories + only. type: object + EvaluationResult: + description: Result of evaluating one check. + id: EvaluationResult properties: - publicKeyPem: - description: The public key material in PEM format. + verdict: + description: The result of evaluating this check. + enum: + - CHECK_VERDICT_UNSPECIFIED + - CONFORMANT + - NON_CONFORMANT + - ERROR type: string + enumDescriptions: + - Not specified. This should never be used. + - >- + The check was successfully evaluated and the image satisfied the + check. + - >- + The check was successfully evaluated and the image did not satisfy + the check. + - The check was not successfully evaluated. + type: object ListPlatformPoliciesResponse: id: ListPlatformPoliciesResponse - description: >- - Response message for - PlatformPolicyManagementService.ListPlatformPolicies. - type: object properties: platformPolicies: - description: The list of platform policies. type: array + description: The list of platform policies. items: $ref: '#/components/schemas/PlatformPolicy' nextPageToken: @@ -895,118 +527,15 @@ components: to the `ListPlatformPolicies` method to retrieve the next page of results. type: string - Empty: - id: Empty description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + Response message for + PlatformPolicyManagementService.ListPlatformPolicies. type: object - properties: {} - Policy: - id: Policy - description: A policy for container image binary authorization. + AdmissionWhitelistPattern: + id: AdmissionWhitelistPattern type: object properties: - name: - description: >- - Output only. The resource name, in the format `projects/*/policy`. - There is at most one policy per project. - readOnly: true - type: string - description: - description: Optional. A descriptive comment. - type: string - globalPolicyEvaluationMode: - description: >- - Optional. Controls the evaluation of a Google-maintained global - admission policy for common system-level images. Images not covered - by the global policy will be subject to the project admission - policy. This setting has no effect when specified inside a global - admission policy. - type: string - enumDescriptions: - - 'Not specified: `DISABLE` is assumed.' - - Enables system policy evaluation. - - Disables system policy evaluation. - enum: - - GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED - - ENABLE - - DISABLE - admissionWhitelistPatterns: - description: >- - Optional. Admission policy allowlisting. A matching admission - request will always be permitted. This feature is typically used to - exclude Google or third-party infrastructure images from Binary - Authorization policies. - type: array - items: - $ref: '#/components/schemas/AdmissionWhitelistPattern' - clusterAdmissionRules: - description: >- - Optional. A valid policy has only one of the following rule maps - non-empty, i.e. only one of `cluster_admission_rules`, - `kubernetes_namespace_admission_rules`, - `kubernetes_service_account_admission_rules`, or - `istio_service_identity_admission_rules` can be non-empty. - Per-cluster admission rules. Cluster spec format: - `location.clusterId`. There can be at most one admission rule per - cluster spec. A `location` is either a compute zone (e.g. - us-central1-a) or a region (e.g. us-central1). For `clusterId` - syntax restrictions see - https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. - type: object - additionalProperties: - $ref: '#/components/schemas/AdmissionRule' - kubernetesNamespaceAdmissionRules: - description: >- - Optional. Per-kubernetes-namespace admission rules. K8s namespace - spec format: `[a-z.-]+`, e.g. `some-namespace` - type: object - additionalProperties: - $ref: '#/components/schemas/AdmissionRule' - kubernetesServiceAccountAdmissionRules: - description: >- - Optional. Per-kubernetes-service-account admission rules. Service - account spec format: `namespace:serviceaccount`. e.g. - `test-ns:default` - type: object - additionalProperties: - $ref: '#/components/schemas/AdmissionRule' - istioServiceIdentityAdmissionRules: - description: >- - Optional. Per-istio-service-identity admission rules. Istio service - identity spec format: `spiffe:///ns//sa/` or `/ns//sa/` e.g. - `spiffe://example.com/ns/test-ns/sa/default` - type: object - additionalProperties: - $ref: '#/components/schemas/AdmissionRule' - defaultAdmissionRule: - description: >- - Required. Default admission rule for a cluster without a - per-cluster, per- kubernetes-service-account, or - per-istio-service-identity admission rule. - $ref: '#/components/schemas/AdmissionRule' - updateTime: - description: Output only. Time when the policy was last updated. - readOnly: true - type: string - format: google-datetime - etag: - description: >- - Optional. A checksum, returned by the server, that can be sent on - update requests to ensure the policy has an up-to-date value before - attempting to update it. See https://google.aip.dev/154. - type: string - AdmissionWhitelistPattern: - id: AdmissionWhitelistPattern - description: >- - An admission allowlist pattern exempts images from checks by admission - rules. - type: object - properties: - namePattern: + namePattern: description: >- An image name pattern to allowlist, in the form `registry/path/to/image`. This supports a trailing `*` wildcard, but @@ -1014,98 +543,83 @@ components: supports a trailing `**` wildcard which matches subdirectories of a given entry. type: string - AdmissionRule: - id: AdmissionRule description: >- - An admission rule specifies either that all container images used in a - pod creation request must be attested to by one or more attestors, that - all pod creations will be allowed, or that all pod creations will be - denied. Images matching an admission allowlist pattern are exempted from - admission rules and will never block a pod creation. - type: object + An admission allowlist pattern exempts images from checks by admission + rules. + CheckSet: properties: - evaluationMode: - description: Required. How this admission rule will be evaluated. + displayName: + description: >- + Optional. A user-provided name for this `CheckSet`. This field has + no effect on the policy evaluation behavior except to improve + readability of messages in evaluation results. type: string - enumDescriptions: - - Do not use. - - This rule allows all pod creations. - - >- - This rule allows a pod creation if all the attestors listed in - `require_attestations_by` have valid attestations for all of the - images in the pod spec. - - This rule denies all pod creations. - enum: - - EVALUATION_MODE_UNSPECIFIED - - ALWAYS_ALLOW - - REQUIRE_ATTESTATION - - ALWAYS_DENY - requireAttestationsBy: + imageAllowlist: description: >- - Optional. The resource names of the attestors that must attest to a - container image, in the format `projects/*/attestors/*`. Each - attestor must exist before a policy can reference it. To add an - attestor to a policy the principal issuing the policy change request - must be able to read the attestor resource. Note: this field must be - non-empty when the `evaluation_mode` field specifies - `REQUIRE_ATTESTATION`, otherwise it must be empty. + Optional. Images exempted from this `CheckSet`. If any of the + patterns match the image being evaluated, no checks in the + `CheckSet` will be evaluated. + $ref: '#/components/schemas/ImageAllowlist' + checks: type: array + description: >- + Optional. The checks to apply. The ultimate result of evaluating the + check set will be "allow" if and only if every check in `checks` + evaluates to "allow". If `checks` is empty, the default behavior is + "always allow". items: - type: string - enforcementMode: + $ref: '#/components/schemas/Check' + scope: + $ref: '#/components/schemas/Scope' description: >- - Required. The action when a pod creation is denied by the admission - rule. - type: string - enumDescriptions: - - Do not use. - - Enforce the admission rule by blocking the pod creation. - - >- - Dryrun mode: Audit logging only. This will allow the pod creation - as if the admission request had specified break-glass. - enum: - - ENFORCEMENT_MODE_UNSPECIFIED - - ENFORCED_BLOCK_AND_AUDIT_LOG - - DRYRUN_AUDIT_LOG_ONLY - Attestor: - id: Attestor + Optional. The scope to which this `CheckSet` applies. If unset or an + empty string (the default), applies to all namespaces and service + accounts. See the `Scope` message documentation for details on + scoping rules. + id: CheckSet + type: object description: >- - An attestor that attests to container image artifacts. An existing - attestor cannot be modified except where indicated. + A conjunction of policy checks, scoped to a particular namespace or + Kubernetes service account. In order for evaluation of a `CheckSet` to + return "allowed" for a given image in a given Pod, one of the following + conditions must be satisfied: * The image is explicitly exempted by an + entry in `image_allowlist`, OR * ALL of the `checks` evaluate to + "allowed". + TrustedDirectoryCheck: + id: TrustedDirectoryCheck type: object properties: - name: - description: >- - Required. The resource name, in the format: - `projects/*/attestors/*`. This field may not be updated. - type: string - description: - description: >- - Optional. A descriptive comment. This field may be updated. The - field may be displayed in chooser dialogs. - type: string - userOwnedGrafeasNote: - description: >- - This specifies how an attestation will be read, and how it will be - used during policy enforcement. - $ref: '#/components/schemas/UserOwnedGrafeasNote' - updateTime: - description: Output only. Time when the attestor was last updated. - readOnly: true - type: string - format: google-datetime - etag: + trustedDirPatterns: + type: array description: >- - Optional. A checksum, returned by the server, that can be sent on - update requests to ensure the attestor has an up-to-date value - before attempting to update it. See https://google.aip.dev/154. - type: string + Required. List of trusted directory patterns. A pattern is in the + form "registry/path/to/directory". The registry domain part is + defined as two or more dot-separated words, e.g., `us.pkg.dev`, or + `gcr.io`. Additionally, `*` can be used in three ways as wildcards: + 1. leading `*` to match varying prefixes in registry subdomain + (useful for location prefixes); 2. trailing `*` after registry/ to + match varying endings; 3. trailing `**` after registry/ to match "/" + as well. For example: -- `gcr.io/my-project/my-repo` is valid to + match a single directory -- `*-docker.pkg.dev/my-project/my-repo` or + `*.gcr.io/my-project` are valid to match varying prefixes -- + `gcr.io/my-project/*` will match all direct directories in + `my-project` -- `gcr.io/my-project/**` would match all directories + in `my-project` -- `gcr.i*` is not allowed since the registry is not + completely specified -- `sub*domain.gcr.io/nginx` is not valid + because only leading `*` or trailing `*` are allowed. -- + `*pkg.dev/my-project/my-repo` is not valid because leading `*` can + only match subdomain -- `**-docker.pkg.dev` is not valid because one + leading `*` is allowed, and that it cannot match `/` + items: + type: string + description: >- + A trusted directory check, which rejects images that do not come from + the set of user-configured trusted directories. UserOwnedGrafeasNote: - id: UserOwnedGrafeasNote + type: object description: >- An user owned Grafeas note references a Grafeas Attestation.Authority Note created by the user. - type: object properties: noteReference: description: >- @@ -1117,17 +631,6 @@ components: image and that links to this Note. Grafeas is an external dependency. type: string - publicKeys: - description: >- - Optional. Public keys that verify attestations signed by this - attestor. This field may be updated. If this field is non-empty, one - of the specified public keys must verify that an attestation was - signed by this attestor for the image specified in the admission - request. If this field is empty, this attestor always returns that - no valid attestations exist. - type: array - items: - $ref: '#/components/schemas/AttestorPublicKey' delegationServiceAccountEmail: description: >- Output only. This field will contain the service account email @@ -1139,128 +642,47 @@ components: is fixed for the lifetime of the attestor, but callers should not make any other assumptions about the service account email; future versions may use an email based on a different naming pattern. - readOnly: true type: string - AttestorPublicKey: - id: AttestorPublicKey - description: >- - An attestor public key that will be used to verify attestations signed - by this attestor. - type: object - properties: - comment: - description: Optional. A descriptive comment. This field may be updated. - type: string - id: - description: >- - The ID of this public key. Signatures verified by Binary - Authorization must include the ID of the public key that can be used - to verify them, and that ID must match the contents of this field - exactly. Additional restrictions on this field can be imposed based - on which public key type is encapsulated. See the documentation on - `public_key` cases below for details. - type: string - asciiArmoredPgpPublicKey: - description: >- - ASCII-armored representation of a PGP public key, as the entire - output by the command `gpg --export --armor foo@example.com` (either - LF or CRLF line endings). When using this field, `id` should be left - blank. The Binary Authorization API handlers will calculate the ID - and fill it in automatically. Binary Authorization computes this ID - as the OpenPGP RFC4880 V4 fingerprint, represented as upper-case - hex. If `id` is provided by the caller, it will be overwritten by - the API-calculated ID. - type: string - pkixPublicKey: + readOnly: true + publicKeys: description: >- - A raw PKIX SubjectPublicKeyInfo format public key. NOTE: `id` may be - explicitly provided by the caller when using this type of public - key, but it MUST be a valid RFC3986 URI. If `id` is left blank, a - default one will be computed based on the digest of the DER encoding - of the public key. - $ref: '#/components/schemas/PkixPublicKey' - ListAttestorsResponse: - id: ListAttestorsResponse - description: Response message for BinauthzManagementServiceV1.ListAttestors. - type: object - properties: - attestors: - description: The list of attestors. + Optional. Public keys that verify attestations signed by this + attestor. This field may be updated. If this field is non-empty, one + of the specified public keys must verify that an attestation was + signed by this attestor for the image specified in the admission + request. If this field is empty, this attestor always returns that + no valid attestations exist. type: array items: - $ref: '#/components/schemas/Attestor' - nextPageToken: - description: >- - A token to retrieve the next page of results. Pass this value in the - ListAttestorsRequest.page_token field in the subsequent call to the - `ListAttestors` method to retrieve the next page of results. - type: string - ValidateAttestationOccurrenceRequest: - id: ValidateAttestationOccurrenceRequest - description: Request message for ValidationHelperV1.ValidateAttestationOccurrence. + $ref: '#/components/schemas/AttestorPublicKey' + id: UserOwnedGrafeasNote + Signature: type: object properties: - attestation: - description: >- - Required. An AttestationOccurrence to be checked that it can be - verified by the `Attestor`. It does not have to be an existing - entity in Container Analysis. It must otherwise be a valid - `AttestationOccurrence`. - $ref: '#/components/schemas/AttestationOccurrence' - occurrenceNote: - description: >- - Required. The resource name of the Note to which the containing - Occurrence is associated. - type: string - occurrenceResourceUri: + publicKeyId: description: >- - Required. The URI of the artifact (e.g. container image) that is the - subject of the containing Occurrence. + The identifier for the public key that verifies this signature. * + The `public_key_id` is required. * The `public_key_id` SHOULD be an + RFC3986 conformant URI. * When possible, the `public_key_id` SHOULD + be an immutable reference, such as a cryptographic digest. Examples + of valid `public_key_id`s: OpenPGP V4 public key fingerprint: * + "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See + https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for + more details on this scheme. RFC6920 digest-named + SubjectPublicKeyInfo (digest of the DER serialization): * + "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" * + "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" type: string - AttestationOccurrence: - id: AttestationOccurrence - description: >- - Occurrence that represents a single "attestation". The authenticity of - an attestation can be verified using the attached signature. If the - verifier trusts the public key of the signer, then verifying the - signature is sufficient to establish trust. In this circumstance, the - authority to which this attestation is attached is primarily useful for - lookup (how to find this attestation if you already know the authority - and artifact to be verified) and intent (for which authority this - attestation was intended to sign. - type: object - properties: - serializedPayload: - description: >- - Required. The serialized payload that is verified by one or more - `signatures`. + signature: type: string format: byte - signatures: - description: >- - One or more signatures over `serialized_payload`. Verifier - implementations should consider this attestation message verified if - at least one `signature` verifies `serialized_payload`. See - `Signature` in common.proto for more details on signature structure - and verification. - type: array - items: - $ref: '#/components/schemas/Signature' - jwts: description: >- - One or more JWTs encoding a self-contained attestation. Each JWT - encodes the payload that it verifies within the JWT itself. Verifier - implementation SHOULD ignore the `serialized_payload` field when - verifying these JWTs. If only JWTs are present on this - AttestationOccurrence, then the `serialized_payload` SHOULD be left - empty. Each JWT SHOULD encode a claim specific to the `resource_uri` - of this Occurrence, but this is not validated by Grafeas metadata - API implementations. The JWT itself is opaque to Grafeas. - type: array - items: - $ref: '#/components/schemas/Jwt' - Signature: - id: Signature + The content of the signature, an opaque bytestring. The payload that + this signature verifies MUST be unambiguously provided with the + Signature during verification. A wrapper message might provide the + payload explicitly. Alternatively, a message might have a canonical + serialization that can always be unambiguously computed to derive + the payload. description: >- Verifiers (e.g. Kritis implementations) MUST verify signatures with respect to the trust anchors defined in policy (e.g. a Kritis policy). @@ -1281,164 +703,627 @@ components: explicitly provided payload (e.g. a `payload` field on the proto message that holds this Signature, or the canonical serialization of the proto message that holds this signature). + id: Signature + CheckSetResult: + id: CheckSetResult + description: Result of evaluating one check set. type: object properties: - signature: + scope: + $ref: '#/components/schemas/Scope' + description: The scope of the check set. + allowlistResult: + $ref: '#/components/schemas/AllowlistResult' description: >- - The content of the signature, an opaque bytestring. The payload that - this signature verifies MUST be unambiguously provided with the - Signature during verification. A wrapper message might provide the - payload explicitly. Alternatively, a message might have a canonical - serialization that can always be unambiguously computed to derive - the payload. - type: string - format: byte - publicKeyId: + If the image was exempted by an allow_pattern in the check set, + contains the pattern that the image name matched. + checkResults: description: >- - The identifier for the public key that verifies this signature. * - The `public_key_id` is required. * The `public_key_id` SHOULD be an - RFC3986 conformant URI. * When possible, the `public_key_id` SHOULD - be an immutable reference, such as a cryptographic digest. Examples - of valid `public_key_id`s: OpenPGP V4 public key fingerprint: * - "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See - https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for - more details on this scheme. RFC6920 digest-named - SubjectPublicKeyInfo (digest of the DER serialization): * - "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" * - "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" + If checks were evaluated, contains the results of evaluating each + check. + $ref: '#/components/schemas/CheckResults' + index: type: string - Jwt: - id: Jwt + format: int64 + description: The index of the check set. + displayName: + description: The name of the check set. + type: string + explanation: + type: string + description: >- + Explanation of this check set result. Only populated if no checks + were evaluated. + SigstorePublicKeySet: + id: SigstorePublicKeySet + properties: + publicKeys: + type: array + items: + $ref: '#/components/schemas/SigstorePublicKey' + description: Required. `public_keys` must have at least one entry. + type: object + description: >- + A bundle of Sigstore public keys, used to verify Sigstore signatures. A + signature is authenticated by a `SigstorePublicKeySet` if any of the + keys verify it. + SimpleSigningAttestationCheck: + description: >- + Require a signed [DSSE](https://github.com/secure-systems-lab/dsse) + attestation with type SimpleSigning. + properties: + containerAnalysisAttestationProjects: + description: >- + Optional. The projects where attestations are stored as Container + Analysis Occurrences, in the format `projects/[PROJECT_ID]`. Only + one attestation needs to successfully verify an image for this check + to pass, so a single verified attestation found in any of + `container_analysis_attestation_projects` is sufficient for the + check to pass. A project ID must be used, not a project number. When + fetching Occurrences from Container Analysis, only + `AttestationOccurrence` kinds are considered. In the future, + additional Occurrence kinds may be added to the query. Maximum + number of `container_analysis_attestation_projects` allowed in each + `SimpleSigningAttestationCheck` is 10. + items: + type: string + type: array + attestationAuthenticators: + type: array + description: >- + Required. The authenticators required by this check to verify an + attestation. Typically this is one or more PKIX public keys for + signature verification. Only one authenticator needs to consider an + attestation verified in order for an attestation to be considered + fully authenticated. In otherwords, this list of authenticators is + an "OR" of the authenticator results. At least one authenticator is + required. + items: + $ref: '#/components/schemas/AttestationAuthenticator' type: object + id: SimpleSigningAttestationCheck + TestIamPermissionsRequest: properties: - compactJwt: + permissions: + items: + type: string + type: array description: >- - The compact encoding of a JWS, which is always three base64 encoded - strings joined by periods. For details, see: - https://tools.ietf.org/html/rfc7515.html#section-3.1 - type: string - ValidateAttestationOccurrenceResponse: - id: ValidateAttestationOccurrenceResponse - description: Response message for ValidationHelperV1.ValidateAttestationOccurrence. + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + type: object + description: Request message for `TestIamPermissions` method. + id: TestIamPermissionsRequest + ImageFreshnessCheck: + type: object + properties: + maxUploadAgeDays: + format: int32 + description: >- + Required. The max number of days that is allowed since the image was + uploaded. Must be greater than zero. + type: integer + description: >- + An image freshness check, which rejects images that were uploaded before + the set number of days ago to the supported repositories. + id: ImageFreshnessCheck + SetIamPolicyRequest: + description: Request message for `SetIamPolicy` method. + type: object + properties: + policy: + description: >- + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/IamPolicy' + id: SetIamPolicyRequest + IamPolicy: + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + properties: + etag: + format: byte + type: string + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + version: + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + type: integer + format: int32 + bindings: + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + type: array + items: + $ref: '#/components/schemas/Binding' + id: IamPolicy + type: object + ValidateAttestationOccurrenceResponse: + id: ValidateAttestationOccurrenceResponse + properties: + denialReason: + type: string + description: The reason for denial if the Attestation couldn't be validated. + result: + enumDescriptions: + - Unspecified. + - The Attestation was able to verified by the Attestor. + - The Attestation was not able to verified by the Attestor. + description: The result of the Attestation validation. + enum: + - RESULT_UNSPECIFIED + - VERIFIED + - ATTESTATION_NOT_VERIFIABLE + type: string + description: Response message for ValidationHelperV1.ValidateAttestationOccurrence. + type: object + GkePolicy: + id: GkePolicy + properties: + imageAllowlist: + $ref: '#/components/schemas/ImageAllowlist' + description: >- + Optional. Images exempted from this policy. If any of the patterns + match the image being evaluated, the rest of the policy will not be + evaluated. + checkSets: + description: >- + Optional. The `CheckSet` objects to apply, scoped by namespace or + namespace and service account. Exactly one `CheckSet` will be + evaluated for a given Pod (unless the list is empty, in which case + the behavior is "always allow"). If multiple `CheckSet` objects have + scopes that match the namespace and service account of the Pod being + evaluated, only the `CheckSet` with the MOST SPECIFIC scope will + match. `CheckSet` objects must be listed in order of decreasing + specificity, i.e. if a scope matches a given service account (which + must include the namespace), it must come before a `CheckSet` with a + scope matching just that namespace. This property is enforced by + server-side validation. The purpose of this restriction is to ensure + that if more than one `CheckSet` matches a given Pod, the `CheckSet` + that will be evaluated will always be the first in the list to match + (because if any other matches, it must be less specific). If + `check_sets` is empty, the default behavior is to allow all images. + If `check_sets` is non-empty, the last `check_sets` entry must + always be a `CheckSet` with no scope set, i.e. a catchall to handle + any situation not caught by the preceding `CheckSet` objects. + type: array + items: + $ref: '#/components/schemas/CheckSet' + type: object + description: >- + A Binary Authorization policy for a GKE cluster. This is one type of + policy that can occur as a `PlatformPolicy`. + PkixPublicKeySet: + properties: + pkixPublicKeys: + type: array + description: Required. `pkix_public_keys` must have at least one entry. + items: + $ref: '#/components/schemas/PkixPublicKey' + type: object + description: >- + A bundle of PKIX public keys, used to authenticate attestation + signatures. Generally, a signature is considered to be authenticated by + a `PkixPublicKeySet` if any of the public keys verify it (i.e. it is an + "OR" of the keys). + id: PkixPublicKeySet + Scope: + id: Scope + description: A scope specifier for `CheckSet` objects. + type: object + properties: + kubernetesServiceAccount: + description: >- + Optional. Matches a single Kubernetes service account, e.g. + `my-namespace:my-service-account`. `kubernetes_service_account` + scope is always more specific than `kubernetes_namespace` scope for + the same namespace. + type: string + kubernetesNamespace: + type: string + description: >- + Optional. Matches all Kubernetes service accounts in the provided + namespace, unless a more specific `kubernetes_service_account` scope + already matched. + ListAttestorsResponse: + properties: + nextPageToken: + description: >- + A token to retrieve the next page of results. Pass this value in the + ListAttestorsRequest.page_token field in the subsequent call to the + `ListAttestors` method to retrieve the next page of results. + type: string + attestors: + items: + $ref: '#/components/schemas/Attestor' + type: array + description: The list of attestors. + id: ListAttestorsResponse + type: object + description: Response message for BinauthzManagementServiceV1.ListAttestors. + AdmissionRule: + id: AdmissionRule + description: >- + An admission rule specifies either that all container images used in a + pod creation request must be attested to by one or more attestors, that + all pod creations will be allowed, or that all pod creations will be + denied. Images matching an admission allowlist pattern are exempted from + admission rules and will never block a pod creation. + properties: + enforcementMode: + description: >- + Required. The action when a pod creation is denied by the admission + rule. + type: string + enum: + - ENFORCEMENT_MODE_UNSPECIFIED + - ENFORCED_BLOCK_AND_AUDIT_LOG + - DRYRUN_AUDIT_LOG_ONLY + enumDescriptions: + - Do not use. + - Enforce the admission rule by blocking the pod creation. + - >- + Dryrun mode: Audit logging only. This will allow the pod creation + as if the admission request had specified break-glass. + evaluationMode: + type: string + description: Required. How this admission rule will be evaluated. + enum: + - EVALUATION_MODE_UNSPECIFIED + - ALWAYS_ALLOW + - REQUIRE_ATTESTATION + - ALWAYS_DENY + enumDescriptions: + - Do not use. + - This rule allows all pod creations. + - >- + This rule allows a pod creation if all the attestors listed in + `require_attestations_by` have valid attestations for all of the + images in the pod spec. + - This rule denies all pod creations. + requireAttestationsBy: + type: array + description: >- + Optional. The resource names of the attestors that must attest to a + container image, in the format `projects/*/attestors/*`. Each + attestor must exist before a policy can reference it. To add an + attestor to a policy the principal issuing the policy change request + must be able to read the attestor resource. Note: this field must be + non-empty when the `evaluation_mode` field specifies + `REQUIRE_ATTESTATION`, otherwise it must be empty. + items: + type: string + type: object + Jwt: + type: object + properties: + compactJwt: + description: >- + The compact encoding of a JWS, which is always three base64 encoded + strings joined by periods. For details, see: + https://tools.ietf.org/html/rfc7515.html#section-3.1 + type: string + id: Jwt + Expr: + type: object + id: Expr + properties: + location: + type: string + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + expression: + description: >- + Textual representation of an expression in Common Expression + Language syntax. + type: string + title: + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + type: string + description: + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + SigstoreAuthority: + type: object + properties: + publicKeySet: + description: >- + Required. A simple set of public keys. A signature is considered + valid if any keys in the set validate the signature. + $ref: '#/components/schemas/SigstorePublicKeySet' + displayName: + type: string + description: >- + Optional. A user-provided name for this `SigstoreAuthority`. This + field has no effect on the policy evaluation behavior except to + improve readability of messages in evaluation results. + description: >- + A Sigstore authority, used to verify signatures that are created by + Sigstore. An authority is analogous to an attestation authenticator, + verifying that a signature is valid or invalid. + id: SigstoreAuthority + VerificationRule: + properties: + attestationSource: + $ref: '#/components/schemas/AttestationSource' + description: >- + Specifies where to fetch the provenances attestations generated by + the builder (group). + customConstraints: + description: >- + Optional. A CEL expression for specifying custom constraints on the + provenance payload. This can be used when users want to specify + expectations on provenance fields that are not covered by the + general check. For example, users can use this field to require that + certain parameters should never be used during the build process. + type: string + configBasedBuildRequired: + type: boolean + description: >- + If true, require the image to be built from a top-level + configuration. `trusted_source_repo_patterns` specifies the + repositories containing this configuration. + trustedBuilder: + type: string + enum: + - BUILDER_UNSPECIFIED + - GOOGLE_CLOUD_BUILD + enumDescriptions: + - Should never happen. + - >- + The whole Google Cloud Build (GCB) builder group, including all + GCB builder types. + description: >- + Each verification rule is used for evaluation against provenances + generated by a specific builder (group). For some of the builders, + such as the Google Cloud Build, users don't need to explicitly + specify their roots of trust in the policy since the evaluation + service can automatically fetch them based on the builder (group). + trustedSourceRepoPatterns: + type: array + description: >- + List of trusted source code repository URL patterns. These patterns + match the full repository URL without its scheme (e.g. `https://`). + The patterns must not include schemes. For example, the pattern + `source.cloud.google.com/my-project/my-repo-name` matches the + following URLs: - `source.cloud.google.com/my-project/my-repo-name` + - `git+ssh://source.cloud.google.com/my-project/my-repo-name` - + `https://source.cloud.google.com/my-project/my-repo-name` A pattern + matches a URL either exactly or with `*` wildcards. `*` can be used + in only two ways: 1. trailing `*` after hosturi/ to match varying + endings; 2. trailing `**` after hosturi/ to match `/` as well. `*` + and `**` can only be used as wildcards and can only occur at the end + of the pattern after a `/`. (So it's not possible to match a URL + that contains literal `*`.) For example: - + `github.com/my-project/my-repo` is valid to match a single repo - + `github.com/my-project/*` will match all direct repos in + `my-project` - `github.com/**` matches all repos in GitHub + items: + type: string + type: object + id: VerificationRule + description: >- + Specifies verification rules for evaluating the SLSA attestations + including: which builders to trust, where to fetch the SLSA attestations + generated by those builders, and other builder-specific evaluation rules + such as which source repositories are trusted. An image is considered + verified by the rule if any of the fetched SLSA attestations is + verified. + EvaluateGkePolicyRequest: + description: Request message for PlatformPolicyEvaluationService.EvaluateGkePolicy. + id: EvaluateGkePolicyRequest type: object properties: - result: - description: The result of the Attestation validation. - type: string - enumDescriptions: - - Unspecified. - - The Attestation was able to verified by the Attestor. - - The Attestation was not able to verified by the Attestor. - enum: - - RESULT_UNSPECIFIED - - VERIFIED - - ATTESTATION_NOT_VERIFIABLE - denialReason: - description: The reason for denial if the Attestation couldn't be validated. - type: string - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. + resource: + type: object + description: Required. JSON or YAML blob representing a Kubernetes resource. + additionalProperties: + description: Properties of the object. + type: any + AttestationSource: + description: Specifies the locations for fetching the provenance attestations. + id: AttestationSource type: object properties: - policy: + containerAnalysisAttestationProjects: + type: array + items: + type: string description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/IamPolicy' - IamPolicy: - id: IamPolicy + The IDs of the Google Cloud projects that store the SLSA + attestations as Container Analysis Occurrences, in the format + `projects/[PROJECT_ID]`. Maximum number of + `container_analysis_attestation_projects` allowed in each + `AttestationSource` is 10. + VulnerabilityCheck: description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + An image vulnerability check, which rejects images that violate the + configured vulnerability rules. type: object properties: - version: + containerAnalysisVulnerabilityProjects: + items: + type: string + type: array description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + Optional. The projects where vulnerabilities are stored as Container + Analysis Occurrences. Each project is expressed in the resource + format of `projects/[PROJECT_ID]`, e.g., `projects/my-gcp-project`. + An attempt will be made for each project to fetch vulnerabilities, + and all valid vulnerabilities will be used to check against the + vulnerability policy. If no valid scan is found in all projects + configured here, an error will be returned for the check. Maximum + number of `container_analysis_vulnerability_projects` allowed in + each `VulnerabilityCheck` is 10. + maximumFixableSeverity: + enum: + - MAXIMUM_ALLOWED_SEVERITY_UNSPECIFIED + - BLOCK_ALL + - MINIMAL + - LOW + - MEDIUM + - HIGH + - CRITICAL + - ALLOW_ALL + enumDescriptions: + - Not specified. + - Block any vulnerability. + - Allow only minimal severity. + - Allow only low severity and lower. + - Allow medium severity and lower. + - Allow high severity and lower. + - Allow critical severity and lower. + - Allow all severity, even vulnerability with unspecified severity. description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. + Required. The threshold for severity for which a fix is currently + available. This field is required and must be set. + type: string + blockedCves: type: array + description: >- + Optional. A list of specific CVEs to always raise warnings about + even if the vulnerability level meets `maximumUnfixableSeverity` or + `maximumFixableSeverity`. CVEs are listed in the format of Container + Analysis note id. For example: - CVE-2021-20305 - CVE-2020-10543 The + CVEs are applicable regardless of note provider project, e.g., an + entry of `CVE-2021-20305` will block vulnerabilities with a note + name of either `projects/goog-vulnz/notes/CVE-2021-20305` or + `projects/CUSTOM-PROJECT/notes/CVE-2021-20305`. items: - $ref: '#/components/schemas/Binding' - etag: + type: string + allowedCves: + type: array description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + Optional. A list of specific CVEs to ignore even if the + vulnerability level violates `maximumUnfixableSeverity` or + `maximumFixableSeverity`. CVEs are listed in the format of Container + Analysis note id. For example: - CVE-2021-20305 - CVE-2020-10543 The + CVEs are applicable regardless of note provider project, e.g., an + entry of `CVE-2021-20305` will allow vulnerabilities with a note + name of either `projects/goog-vulnz/notes/CVE-2021-20305` or + `projects/CUSTOM-PROJECT/notes/CVE-2021-20305`. + items: + type: string + maximumUnfixableSeverity: type: string - format: byte + enum: + - MAXIMUM_ALLOWED_SEVERITY_UNSPECIFIED + - BLOCK_ALL + - MINIMAL + - LOW + - MEDIUM + - HIGH + - CRITICAL + - ALLOW_ALL + enumDescriptions: + - Not specified. + - Block any vulnerability. + - Allow only minimal severity. + - Allow only low severity and lower. + - Allow medium severity and lower. + - Allow high severity and lower. + - Allow critical severity and lower. + - Allow all severity, even vulnerability with unspecified severity. + description: >- + Required. The threshold for severity for which a fix isn't currently + available. This field is required and must be set. + id: VulnerabilityCheck Binding: id: Binding - description: Associates `members`, or principals, with a `role`. type: object properties: role: @@ -1510,124 +1395,244 @@ components: `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + items: + type: string + type: array + condition: + $ref: '#/components/schemas/Expr' + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + description: Associates `members`, or principals, with a `role`. + Empty: + type: object + properties: {} + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + EvaluateGkePolicyResponse: + type: object + properties: + verdict: + enum: + - VERDICT_UNSPECIFIED + - CONFORMANT + - NON_CONFORMANT + - ERROR + enumDescriptions: + - Not specified. This should never be used. + - All Pods in the request conform to the policy. + - At least one Pod does not conform to the policy. + - >- + Encountered at least one error evaluating a Pod and all other Pods + conform to the policy. Non-conformance has precedence over errors. + type: string + description: The result of evaluating all Pods in the request. + results: + description: Evaluation result for each Pod contained in the request. type: array items: - type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr + $ref: '#/components/schemas/PodResult' + id: EvaluateGkePolicyResponse + description: Response message for PlatformPolicyEvaluationService.EvaluateGkePolicy. + Attestor: description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + An attestor that attests to container image artifacts. An existing + attestor cannot be modified except where indicated. type: object properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. + etag: type: string - title: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + Optional. A checksum, returned by the server, that can be sent on + update requests to ensure the attestor has an up-to-date value + before attempting to update it. See https://google.aip.dev/154. + updateTime: type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + description: Output only. Time when the attestor was last updated. + format: google-datetime + readOnly: true + name: type: string - location: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + Required. The resource name, in the format: + `projects/*/attestors/*`. This field may not be updated. + userOwnedGrafeasNote: + description: >- + This specifies how an attestation will be read, and how it will be + used during policy enforcement. + $ref: '#/components/schemas/UserOwnedGrafeasNote' + description: + description: >- + Optional. A descriptive comment. This field may be updated. The + field may be displayed in chooser dialogs. type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. + id: Attestor + CheckResults: + id: CheckResults type: object + description: Result of evaluating one or more checks. properties: - permissions: + results: + description: Per-check details. + type: array + items: + $ref: '#/components/schemas/CheckResult' + AttestationOccurrence: + properties: + jwts: description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). + One or more JWTs encoding a self-contained attestation. Each JWT + encodes the payload that it verifies within the JWT itself. Verifier + implementation SHOULD ignore the `serialized_payload` field when + verifying these JWTs. If only JWTs are present on this + AttestationOccurrence, then the `serialized_payload` SHOULD be left + empty. Each JWT SHOULD encode a claim specific to the `resource_uri` + of this Occurrence, but this is not validated by Grafeas metadata + API implementations. The JWT itself is opaque to Grafeas. + items: + $ref: '#/components/schemas/Jwt' type: array + signatures: + description: >- + One or more signatures over `serialized_payload`. Verifier + implementations should consider this attestation message verified if + at least one `signature` verifies `serialized_payload`. See + `Signature` in common.proto for more details on signature structure + and verification. items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. + $ref: '#/components/schemas/Signature' + type: array + serializedPayload: + description: >- + Required. The serialized payload that is verified by one or more + `signatures`. + type: string + format: byte + type: object + description: >- + Occurrence that represents a single "attestation". The authenticity of + an attestation can be verified using the attached signature. If the + verifier trusts the public key of the signer, then verifying the + signature is sufficient to establish trust. In this circumstance, the + authority to which this attestation is attached is primarily useful for + lookup (how to find this attestation if you already know the authority + and artifact to be verified) and intent (for which authority this + attestation was intended to sign. + id: AttestationOccurrence + ImageResult: + id: ImageResult + description: Result of evaluating one image. + properties: + explanation: + type: string + description: >- + Explanation of this image result. Only populated if no check sets + were evaluated. + allowlistResult: + description: >- + If the image was exempted by a top-level allow_pattern, contains the + allowlist pattern that the image name matched. + $ref: '#/components/schemas/AllowlistResult' + checkSetResult: + $ref: '#/components/schemas/CheckSetResult' + description: >- + If a check set was evaluated, contains the result of the check set. + Empty if there were no check sets. + verdict: + description: The result of evaluating this image. + enum: + - IMAGE_VERDICT_UNSPECIFIED + - CONFORMANT + - NON_CONFORMANT + - ERROR + enumDescriptions: + - Not specified. This should never be used. + - Image conforms to the policy. + - Image does not conform to the policy. + - >- + Error evaluating the image. Non-conformance has precedence over + errors. + type: string + imageUri: + description: Image URI from the request. + type: string type: object + SigstoreSignatureCheck: + description: >- + A Sigstore signature check, which verifies the Sigstore signature + associated with an image. + id: SigstoreSignatureCheck properties: - permissions: + sigstoreAuthorities: + items: + $ref: '#/components/schemas/SigstoreAuthority' description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. + Required. The authorities required by this check to verify the + signature. A signature only needs to be verified by one authority to + pass the check. type: array - items: - type: string + type: object + SigstorePublicKey: + description: >- + A Sigstore public key. `SigstorePublicKey` is the public key material + used to authenticate Sigstore signatures. + id: SigstorePublicKey + properties: + publicKeyPem: + description: The public key material in PEM format. + type: string + type: object parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: alt + name: key schema: type: string - enum: - - json - - media - - proto callback: description: JSONP in: query name: callback schema: type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: key + name: uploadType schema: type: string oauth_token: @@ -1636,12 +1641,12 @@ components: name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: prettyPrint + name: upload_protocol schema: - type: boolean + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -1651,27 +1656,22 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + alt: + description: Data format for response. in: query - name: uploadType + name: alt schema: type: string - _.xgafv: - description: V1 error format. + enum: + - json + - media + - proto + access_token: + description: OAuth access token. in: query - name: $.xgafv + name: access_token schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: policies: id: google.binaryauthorization.policies @@ -1697,39 +1697,39 @@ components: response: mediaType: application/json openAPIDocKey: '200' - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1platforms~1{platformsId}~1policies/post + #/paths/~1v1~1projects~1{projectsId}~1platforms~1{platformsId}~1policies~1{policiesId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1platforms~1{platformsId}~1policies/get + #/paths/~1v1~1projects~1{projectsId}~1platforms~1{platformsId}~1policies~1{policiesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.platformPolicies - get: + replace_platform_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1platforms~1{platformsId}~1policies~1{policiesId}/get + #/paths/~1v1~1projects~1{projectsId}~1platforms~1{platformsId}~1policies~1{policiesId}/put response: mediaType: application/json openAPIDocKey: '200' - replace_platform_policy: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1platforms~1{platformsId}~1policies~1{policiesId}/put + #/paths/~1v1~1projects~1{projectsId}~1platforms~1{platformsId}~1policies/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.platformPolicies + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1platforms~1{platformsId}~1policies~1{policiesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1platforms~1{platformsId}~1policies/post response: mediaType: application/json openAPIDocKey: '200' @@ -1747,40 +1747,75 @@ components: - $ref: '#/components/x-stackQL-resources/policies/methods/update_policy' delete: - $ref: '#/components/x-stackQL-resources/policies/methods/delete' + policy_iam_policies: + id: google.binaryauthorization.policy_iam_policies + name: policy_iam_policies + title: Policy_iam_policies + methods: + test_iam_permissions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1policy:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + set_iam_policy: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1policy:setIamPolicy/post' + response: + mediaType: application/json + openAPIDocKey: '200' + get_iam_policy: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1policy:getIamPolicy/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/policy_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/policy_iam_policies/methods/set_iam_policy + delete: [] attestors: id: google.binaryauthorization.attestors name: attestors title: Attestors methods: - create: + update: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1attestors/post' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1attestors~1{attestorsId}/put' response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1attestors/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1attestors~1{attestorsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.attestors get: operation: $ref: '#/paths/~1v1~1projects~1{projectsId}~1attestors~1{attestorsId}/get' response: mediaType: application/json openAPIDocKey: '200' - update: + list: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1attestors~1{attestorsId}/put' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1attestors/get' response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.attestors + create: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1attestors~1{attestorsId}/delete + $ref: '#/paths/~1v1~1projects~1{projectsId}~1attestors/post' response: mediaType: application/json openAPIDocKey: '200' @@ -1807,10 +1842,10 @@ components: name: attestors_iam_policies title: Attestors_iam_policies methods: - set_iam_policy: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1attestors~1{attestorsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1attestors~1{attestorsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' @@ -1822,10 +1857,10 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - test_iam_permissions: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1attestors~1{attestorsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1attestors~1{attestorsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' @@ -1839,41 +1874,6 @@ components: - $ref: >- #/components/x-stackQL-resources/attestors_iam_policies/methods/set_iam_policy delete: [] - policy_iam_policies: - id: google.binaryauthorization.policy_iam_policies - name: policy_iam_policies - title: Policy_iam_policies - methods: - set_iam_policy: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1policy:setIamPolicy/post' - response: - mediaType: application/json - openAPIDocKey: '200' - get_iam_policy: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1policy:getIamPolicy/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1policy:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/policy_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/policy_iam_policies/methods/set_iam_policy - delete: [] systempolicy_policy: id: google.binaryauthorization.systempolicy_policy name: systempolicy_policy @@ -1896,17 +1896,17 @@ components: paths: /v1/projects/{projectsId}/policy: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/access_token' get: description: >- A policy specifies the attestors that must attest to a container image, @@ -1964,20 +1964,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/platforms/gke/policies/{policiesId}:evaluate: + /v1/projects/{projectsId}/policy:testIamPermissions: parameters: *ref_1 post: description: >- - Evaluates a Kubernetes object versus a GKE platform policy. Returns - `NOT_FOUND` if the policy doesn't exist, `INVALID_ARGUMENT` if the - policy or request is malformed and `PERMISSION_DENIED` if the client - does not have sufficient permissions. - operationId: binaryauthorization.projects.platforms.gke.policies.evaluate + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: binaryauthorization.projects.policy.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/EvaluateGkePolicyRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1989,33 +1990,88 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EvaluateGkePolicyResponse' + $ref: '#/components/schemas/TestIamPermissionsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + /v1/projects/{projectsId}/policy:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: binaryauthorization.projects.policy.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/IamPolicy' parameters: - in: path name: projectsId required: true schema: type: string + /v1/projects/{projectsId}/policy:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: binaryauthorization.projects.policy.getIamPolicy + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/IamPolicy' + parameters: - in: path - name: policiesId + name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/platforms/{platformsId}/policies: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/platforms/gke/policies/{policiesId}:evaluate: parameters: *ref_1 post: description: >- - Creates a platform policy, and returns a copy of it. Returns `NOT_FOUND` - if the project or platform doesn't exist, `INVALID_ARGUMENT` if the - request is malformed, `ALREADY_EXISTS` if the policy already exists, and - `INVALID_ARGUMENT` if the policy contains a platform-specific policy - that does not match the platform value specified in the URL. - operationId: binaryauthorization.projects.platforms.policies.create + Evaluates a Kubernetes object versus a GKE platform policy. Returns + `NOT_FOUND` if the policy doesn't exist, `INVALID_ARGUMENT` if the + policy or request is malformed and `PERMISSION_DENIED` if the client + does not have sufficient permissions. + operationId: binaryauthorization.projects.platforms.gke.policies.evaluate requestBody: content: application/json: schema: - $ref: '#/components/schemas/PlatformPolicy' + $ref: '#/components/schemas/EvaluateGkePolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2027,7 +2083,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PlatformPolicy' + $ref: '#/components/schemas/EvaluateGkePolicyResponse' parameters: - in: path name: projectsId @@ -2035,19 +2091,17 @@ paths: schema: type: string - in: path - name: platformsId + name: policiesId required: true schema: type: string - - in: query - name: policyId - schema: - type: string - get: - description: >- - Lists platform policies owned by a project in the specified platform. - Returns `INVALID_ARGUMENT` if the project or the platform doesn't exist. - operationId: binaryauthorization.projects.platforms.policies.list + /v1/projects/{projectsId}/platforms/{platformsId}/policies/{policiesId}: + parameters: *ref_1 + delete: + description: >- + Deletes a platform policy. Returns `NOT_FOUND` if the policy doesn't + exist. + operationId: binaryauthorization.projects.platforms.policies.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2059,7 +2113,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListPlatformPoliciesResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2071,17 +2125,15 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: policiesId + required: true schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: etag schema: type: string - /v1/projects/{projectsId}/platforms/{platformsId}/policies/{policiesId}: - parameters: *ref_1 get: description: Gets a platform policy. Returns `NOT_FOUND` if the policy doesn't exist. operationId: binaryauthorization.projects.platforms.policies.get @@ -2151,11 +2203,13 @@ paths: required: true schema: type: string - delete: + /v1/projects/{projectsId}/platforms/{platformsId}/policies: + parameters: *ref_1 + get: description: >- - Deletes a platform policy. Returns `NOT_FOUND` if the policy doesn't - exist. - operationId: binaryauthorization.projects.platforms.policies.delete + Lists platform policies owned by a project in the specified platform. + Returns `INVALID_ARGUMENT` if the project or the platform doesn't exist. + operationId: binaryauthorization.projects.platforms.policies.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2167,7 +2221,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListPlatformPoliciesResponse' parameters: - in: path name: projectsId @@ -2179,28 +2233,28 @@ paths: required: true schema: type: string - - in: path - name: policiesId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: etag + name: pageSize schema: - type: string - /v1/projects/{projectsId}/attestors: - parameters: *ref_1 + type: integer + format: int32 post: description: >- - Creates an attestor, and returns a copy of the new attestor. Returns - `NOT_FOUND` if the project does not exist, `INVALID_ARGUMENT` if the - request is malformed, `ALREADY_EXISTS` if the attestor already exists. - operationId: binaryauthorization.projects.attestors.create + Creates a platform policy, and returns a copy of it. Returns `NOT_FOUND` + if the project or platform doesn't exist, `INVALID_ARGUMENT` if the + request is malformed, `ALREADY_EXISTS` if the policy already exists, and + `INVALID_ARGUMENT` if the policy contains a platform-specific policy + that does not match the platform value specified in the URL. + operationId: binaryauthorization.projects.platforms.policies.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Attestor' + $ref: '#/components/schemas/PlatformPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2212,77 +2266,24 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Attestor' + $ref: '#/components/schemas/PlatformPolicy' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: attestorId - schema: - type: string - get: - description: >- - Lists attestors. Returns `INVALID_ARGUMENT` if the project does not - exist. - operationId: binaryauthorization.projects.attestors.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListAttestorsResponse' - parameters: - in: path - name: projectsId + name: platformsId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: policyId schema: type: string /v1/projects/{projectsId}/attestors/{attestorsId}: parameters: *ref_1 - get: - description: Gets an attestor. Returns `NOT_FOUND` if the attestor does not exist. - operationId: binaryauthorization.projects.attestors.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Attestor' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: attestorsId - required: true - schema: - type: string put: description: Updates an attestor. Returns `NOT_FOUND` if the attestor does not exist. operationId: binaryauthorization.projects.attestors.update @@ -2340,18 +2341,9 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/attestors/{attestorsId}:validateAttestationOccurrence: - parameters: *ref_1 - post: - description: >- - Returns whether the given `Attestation` for the given image URI was - signed by the given `Attestor` - operationId: binaryauthorization.projects.attestors.validateAttestationOccurrence - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ValidateAttestationOccurrenceRequest' + get: + description: Gets an attestor. Returns `NOT_FOUND` if the attestor does not exist. + operationId: binaryauthorization.projects.attestors.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2363,7 +2355,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ValidateAttestationOccurrenceResponse' + $ref: '#/components/schemas/Attestor' parameters: - in: path name: projectsId @@ -2375,19 +2367,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/attestors/{attestorsId}:setIamPolicy: + /v1/projects/{projectsId}/attestors: parameters: *ref_1 - post: + get: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: binaryauthorization.projects.attestors.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + Lists attestors. Returns `INVALID_ARGUMENT` if the project does not + exist. + operationId: binaryauthorization.projects.attestors.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2399,25 +2385,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/IamPolicy' + $ref: '#/components/schemas/ListAttestorsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: attestorsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/attestors/{attestorsId}:getIamPolicy: - parameters: *ref_1 - get: + post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: binaryauthorization.projects.attestors.getIamPolicy + Creates an attestor, and returns a copy of the new attestor. Returns + `NOT_FOUND` if the project does not exist, `INVALID_ARGUMENT` if the + request is malformed, `ALREADY_EXISTS` if the attestor already exists. + operationId: binaryauthorization.projects.attestors.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Attestor' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2429,23 +2423,17 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/IamPolicy' + $ref: '#/components/schemas/Attestor' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: attestorsId - required: true - schema: - type: string - in: query - name: options.requestedPolicyVersion + name: attestorId schema: - type: integer - format: int32 + type: string /v1/projects/{projectsId}/attestors/{attestorsId}:testIamPermissions: parameters: *ref_1 post: @@ -2484,19 +2472,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/policy:setIamPolicy: + /v1/projects/{projectsId}/attestors/{attestorsId}:getIamPolicy: parameters: *ref_1 - post: + get: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: binaryauthorization.projects.policy.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: binaryauthorization.projects.attestors.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2515,13 +2497,29 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/policy:getIamPolicy: + - in: path + name: attestorsId + required: true + schema: + type: string + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/attestors/{attestorsId}:setIamPolicy: parameters: *ref_1 - get: + post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: binaryauthorization.projects.policy.getIamPolicy + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: binaryauthorization.projects.attestors.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2540,26 +2538,23 @@ paths: required: true schema: type: string - - in: query - name: options.requestedPolicyVersion + - in: path + name: attestorsId + required: true schema: - type: integer - format: int32 - /v1/projects/{projectsId}/policy:testIamPermissions: + type: string + /v1/projects/{projectsId}/attestors/{attestorsId}:validateAttestationOccurrence: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: binaryauthorization.projects.policy.testIamPermissions + Returns whether the given `Attestation` for the given image URI was + signed by the given `Attestor` + operationId: binaryauthorization.projects.attestors.validateAttestationOccurrence requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/ValidateAttestationOccurrenceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2571,13 +2566,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ValidateAttestationOccurrenceResponse' parameters: - in: path name: projectsId required: true schema: type: string + - in: path + name: attestorsId + required: true + schema: + type: string /v1/locations/{locationsId}/policy: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/blockchainnodeengine.yaml b/providers/src/googleapis.com/v00.00.00000/services/blockchainnodeengine.yaml index 8e1b58a7..e876a61d 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/blockchainnodeengine.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/blockchainnodeengine.yaml @@ -8,7 +8,7 @@ info: description: '' version: v1 x-discovery-doc-revision: '20250514' - x-generated-date: '2025-08-28' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/blockchain-node-engine servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/certificatemanager.yaml b/providers/src/googleapis.com/v00.00.00000/services/certificatemanager.yaml index d6198440..5f1b5d20 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/certificatemanager.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/certificatemanager.yaml @@ -7,8 +7,8 @@ info: title: Certificate Manager API description: '' version: v1 - x-discovery-doc-revision: '20250813' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251204' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/certificate-manager servers: @@ -49,6 +49,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -204,6 +213,11 @@ components: managed: description: If set, contains configuration and state of a managed certificate. $ref: '#/components/schemas/ManagedCertificate' + managedIdentity: + description: >- + If set, contains configuration and state of a managed identity + certificate. + $ref: '#/components/schemas/ManagedIdentityCertificate' sanDnsnames: description: >- Output only. The list of Subject Alternative Names of dnsName type @@ -432,6 +446,159 @@ components: be stable. For programmatic access use FailureReason enum. readOnly: true type: string + attemptTime: + description: Output only. The timestamp, when the authorization attempt was made. + readOnly: true + type: string + format: google-datetime + troubleshooting: + description: >- + Output only. Troubleshooting information for the authorization + attempt. This field is only populated if the authorization attempt + failed. + readOnly: true + $ref: '#/components/schemas/Troubleshooting' + Troubleshooting: + id: Troubleshooting + description: Troubleshooting information for the authorization attempt. + type: object + properties: + issues: + description: >- + Output only. The list of issues discovered during the authorization + attempt. + readOnly: true + type: array + items: + type: string + enumDescriptions: + - Issue is unspecified. + - The resolved CNAME value doesn't match the expected CNAME. + - >- + Domain has A/AAAA records that point to IPs, where the + certificate is not attached. + - >- + Domain has A/AAAA records that point to IPs, where the + certificate is attached, but port 443 is not open. + - Domain doesn't have any A/AAAA records. + - >- + Certificate is not configured to be served from any IPs (e.g. + Certificate is not attached to any load balancer). + enum: + - ISSUE_UNSPECIFIED + - CNAME_MISMATCH + - RESOLVED_TO_NOT_SERVING + - RESOLVED_TO_SERVING_ON_ALT_PORTS + - NO_RESOLVED_IPS + - CERTIFICATE_NOT_ATTACHED + cname: + description: Output only. CNAME troubleshooting information. + readOnly: true + $ref: '#/components/schemas/CNAME' + ips: + description: Output only. IPs troubleshooting information. + readOnly: true + $ref: '#/components/schemas/IPs' + CNAME: + id: CNAME + description: CNAME troubleshooting information. + type: object + properties: + name: + description: >- + Output only. The name of the CNAME record for the domain, equals to + `dns_resource_record.name` in the corresponding `DnsAuthorization`. + readOnly: true + type: string + expectedData: + description: >- + Output only. The expected value of the CNAME record for the domain, + equals to `dns_resource_record.data` in the corresponding + `DnsAuthorization`. + readOnly: true + type: string + resolvedData: + description: >- + Output only. The resolved CNAME chain. Empty list if the CNAME + record for `CNAME.name` is not found. Otherwise the first item is + the value of the CNAME record for `CNAME.name`. If the CNAME chain + is longer, the second item is the value of the CNAME record for the + first item, and so on. + readOnly: true + type: array + items: + type: string + IPs: + id: IPs + description: IPs troubleshooting information. + type: object + properties: + serving: + description: >- + Output only. The list of IP addresses, where the certificate is + attached and port 443 is open. + readOnly: true + type: array + items: + type: string + servingOnAltPorts: + description: >- + Output only. The list of IP addresses, where the certificate is + attached, but port 443 is not open. + readOnly: true + type: array + items: + type: string + resolved: + description: >- + Output only. The list of IP addresses resolved from the domain's + A/AAAA records. Can contain both ipv4 and ipv6 addresses. + readOnly: true + type: array + items: + type: string + ManagedIdentityCertificate: + id: ManagedIdentityCertificate + description: >- + Configuration and state of a Managed Identity Certificate. Certificate + Manager provisions and renews Managed Identity Certificates + automatically, for as long as it's authorized to do so. + type: object + properties: + identity: + description: >- + Required. Immutable. SPIFFE ID of the Managed Identity used for this + certificate. + type: string + state: + description: Output only. State of the managed certificate resource. + readOnly: true + type: string + enumDescriptions: + - State is unspecified. + - >- + Certificate Manager attempts to provision or renew the + certificate. If the process takes longer than expected, consult + the `provisioning_issue` field. + - >- + Multiple certificate provisioning attempts failed and Certificate + Manager gave up. To try again, delete and create a new managed + Certificate resource. For details see the `provisioning_issue` + field. + - >- + The certificate management is working, and a certificate has been + provisioned. + enum: + - STATE_UNSPECIFIED + - PROVISIONING + - FAILED + - ACTIVE + provisioningIssue: + description: >- + Output only. Information about issues with provisioning a managed + certificate. + readOnly: true + $ref: '#/components/schemas/ProvisioningIssue' UsedBy: id: UsedBy description: Defines a resource that uses the certificate. @@ -918,6 +1085,13 @@ components: fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. type: string + spiffeTrustStores: + description: >- + Optional. Defines a mapping from a trust domain to a TrustStore. + This is used for SPIFFE certificate validation. + type: object + additionalProperties: + $ref: '#/components/schemas/TrustStore' trustStores: description: >- Optional. Set of trust stores to perform validation against. This @@ -1664,6 +1838,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/cloudasset.yaml b/providers/src/googleapis.com/v00.00.00000/services/cloudasset.yaml index 417a88ad..f3cdc8a7 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/cloudasset.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/cloudasset.yaml @@ -9,8 +9,8 @@ info: The Cloud Asset API manages the history and inventory of Google Cloud resources. version: v1 - x-discovery-doc-revision: '20250822' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251207' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/asset-inventory/docs/quickstart servers: @@ -36,472 +36,354 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object + IamPolicyAnalysisResult: properties: - name: + accessControlLists: + items: + $ref: '#/components/schemas/GoogleCloudAssetV1AccessControlList' + type: array description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + The access control lists derived from the iam_binding that match or + potentially match resource and access selectors specified in the + request. + attachedResourceFullName: type: string - metadata: description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + The [full resource + name](https://cloud.google.com/asset-inventory/docs/resource-name-format) + of the resource to which the iam_binding policy attaches. + fullyExplored: description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. + Represents whether all analyses on the iam_binding have successfully + finished. type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + iamBinding: + description: The IAM policy binding under analysis. + $ref: '#/components/schemas/Binding' + identityList: + $ref: '#/components/schemas/GoogleCloudAssetV1IdentityList' description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + The identity list derived from members of the iam_binding that match + or potentially match identity selector specified in the request. + id: IamPolicyAnalysisResult type: object + description: >- + IAM Policy analysis result, consisting of one IAM policy binding and + derived access control lists. + GoogleIdentityAccesscontextmanagerV1IngressSource: + description: The source that IngressPolicy authorizes access from. properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + accessLevel: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + An AccessLevel resource name that allow resources within the + ServicePerimeters to be accessed from the internet. AccessLevels + listed must be in the same policy as this ServicePerimeter. + Referencing a nonexistent AccessLevel will cause an error. If no + AccessLevel names are listed, resources within the perimeter can + only be accessed via Google Cloud calls with request origins within + the perimeter. Example: + `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is + specified for `access_level`, then all IngressSources will be + allowed. + type: string + resource: type: string - details: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ExportAssetsRequest: - id: ExportAssetsRequest - description: Export asset request. + A Google Cloud resource that is allowed to ingress the perimeter. + Requests from these resources will be allowed to access perimeter + data. Currently only projects and VPCs are allowed. Project format: + `projects/{project_number}` VPC network format: + `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. + The project may be in any Google Cloud organization, not just the + organization that the perimeter is defined in. `*` is not allowed, + the case of allowing all Google Cloud resources only is not + supported. + id: GoogleIdentityAccesscontextmanagerV1IngressSource + type: object + GoogleCloudAssetV1Constraint: type: object properties: - readTime: - description: >- - Timestamp to take an asset snapshot. This can only be set to a - timestamp between the current time and the current time minus 35 - days (inclusive). If not specified, the current time will be used. - Due to delays in resource data collection and indexing, there is a - volatile window during which running the same query may get - different results. + booleanConstraint: + description: Defines this constraint as being a BooleanConstraint. + $ref: '#/components/schemas/GoogleCloudAssetV1BooleanConstraint' + description: type: string - format: google-datetime - assetTypes: - description: >- - A list of asset types to take a snapshot for. For example: - "compute.googleapis.com/Disk". Regular expressions are also - supported. For example: * "compute.googleapis.com.*" snapshots - resources whose asset type starts with "compute.googleapis.com". * - ".*Instance" snapshots resources whose asset type ends with - "Instance". * ".*Instance.*" snapshots resources whose asset type - contains "Instance". See - [RE2](https://github.com/google/re2/wiki/Syntax) for all supported - regular expression syntax. If the regular expression does not match - any supported asset type, an INVALID_ARGUMENT error will be - returned. If specified, only matching assets will be returned, - otherwise, it will snapshot all asset types. See [Introduction to - Cloud Asset - Inventory](https://cloud.google.com/asset-inventory/docs/overview) - for all supported asset types. - type: array - items: - type: string - contentType: description: >- - Asset content type. If not specified, no content but the asset name - will be returned. + Detailed description of what this `Constraint` controls as well as + how and where it is enforced. + displayName: + description: The human readable name of the constraint. + type: string + listConstraint: + $ref: '#/components/schemas/GoogleCloudAssetV1ListConstraint' + description: Defines this constraint as being a ListConstraint. + constraintDefault: type: string enumDescriptions: - - Unspecified content type. - - Resource metadata. - - The actual IAM policy set on a resource. - - The organization policy set on an asset. - - The Access Context Manager policy set on an asset. - - The runtime OS Inventory information. - - The related resources. + - >- + This is only used for distinguishing unset values and should never + be used. + - >- + Indicate that all values are allowed for list constraints. + Indicate that enforcement is off for boolean constraints. + - >- + Indicate that all values are denied for list constraints. Indicate + that enforcement is on for boolean constraints. + description: >- + The evaluation behavior of this constraint in the absence of + 'Policy'. enum: - - CONTENT_TYPE_UNSPECIFIED - - RESOURCE - - IAM_POLICY - - ORG_POLICY - - ACCESS_POLICY - - OS_INVENTORY - - RELATIONSHIP - outputConfig: + - CONSTRAINT_DEFAULT_UNSPECIFIED + - ALLOW + - DENY + name: + type: string description: >- - Required. Output configuration indicating where the results will be - output to. - $ref: '#/components/schemas/OutputConfig' - relationshipTypes: + The unique name of the constraint. Format of the name should be * + `constraints/{constraint_name}` For example, + `constraints/compute.disableSerialPortAccess`. + description: The definition of a constraint. + id: GoogleCloudAssetV1Constraint + GoogleIdentityAccesscontextmanagerV1AccessPolicy: + type: object + id: GoogleIdentityAccesscontextmanagerV1AccessPolicy + description: >- + `AccessPolicy` is a container for `AccessLevels` (which define the + necessary attributes to use Google Cloud services) and + `ServicePerimeters` (which define regions of services able to freely + pass data within a perimeter). An access policy is globally visible + within an organization, and the restrictions it specifies apply to all + projects within an organization. + properties: + parent: description: >- - A list of relationship types to export, for example: - `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if - content_type=RELATIONSHIP. * If specified: it snapshots specified - relationships. It returns an error if any of the - [relationship_types] doesn't belong to the supported relationship - types of the [asset_types] or if any of the [asset_types] doesn't - belong to the source types of the [relationship_types]. * Otherwise: - it snapshots the supported relationships for all [asset_types] or - returns an error if any of the [asset_types] has no relationship - support. An unspecified asset types field means all supported - asset_types. See [Introduction to Cloud Asset - Inventory](https://cloud.google.com/asset-inventory/docs/overview) - for all supported asset types and relationship types. + Required. The parent of this `AccessPolicy` in the Cloud Resource + Hierarchy. Currently immutable once created. Format: + `organizations/{organization_id}` + type: string + title: + description: Required. Human readable title. Does not affect behavior. + type: string + etag: + readOnly: true + type: string + description: >- + Output only. An opaque identifier for the current version of the + `AccessPolicy`. This will always be a strongly validated etag, + meaning that two Access Policies will be identical if and only if + their etags are identical. Clients should not expect this to be in + any specific format. + scopes: type: array items: type: string - OutputConfig: - id: OutputConfig - description: Output configuration for export assets destination. - type: object - properties: - gcsDestination: - description: Destination on Cloud Storage. - $ref: '#/components/schemas/GcsDestination' - bigqueryDestination: description: >- - Destination on BigQuery. The output table stores the fields in asset - Protobuf as columns in BigQuery. - $ref: '#/components/schemas/BigQueryDestination' - GcsDestination: - id: GcsDestination - description: A Cloud Storage location. - type: object + The scopes of the AccessPolicy. Scopes define which resources a + policy can restrict and where its resources can be referenced. For + example, policy A with `scopes=["folders/123"]` has the following + behavior: - ServicePerimeter can only restrict projects within + `folders/123`. - ServicePerimeter within policy A can only reference + access levels defined within policy A. - Only one policy can include + a given scope; thus, attempting to create a second policy which + includes `folders/123` will result in an error. If no scopes are + provided, then any resource within the organization can be + restricted. Scopes cannot be modified after a policy is created. + Policies can only have a single scope. Format: list of + `folders/{folder_number}` or `projects/{project_number}` + name: + type: string + description: >- + Output only. Identifier. Resource name of the `AccessPolicy`. + Format: `accessPolicies/{access_policy}` + Tag: properties: - uri: + tagValueId: + type: string + description: TagValue ID, in the format of tagValues/{TAG_VALUE_ID}. + tagKeyId: + description: TagKey ID, in the format of tagKeys/{TAG_KEY_ID}. + type: string + tagKey: description: >- - The URI of the Cloud Storage object. It's the same URI that is used - by gsutil. Example: "gs://bucket_name/object_name". See [Viewing and - Editing Object - Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata) - for more information. If the specified Cloud Storage object already - exists and there is no - [hold](https://cloud.google.com/storage/docs/object-holds), it will - be overwritten with the exported result. + TagKey namespaced name, in the format of + {ORG_ID}/{TAG_KEY_SHORT_NAME}. type: string - uriPrefix: + tagValue: description: >- - The URI prefix of all generated Cloud Storage objects. Example: - "gs://bucket_name/object_name_prefix". Each object URI is in format: - "gs://bucket_name/object_name_prefix// and only contains assets for - that type. starts from 0. Example: - "gs://bucket_name/object_name_prefix/compute.googleapis.com/Disk/0" - is the first shard of output objects containing all - compute.googleapis.com/Disk assets. An INVALID_ARGUMENT error will - be returned if file with the same name - "gs://bucket_name/object_name_prefix" already exists. + TagValue namespaced name, in the format of + {ORG_ID}/{TAG_KEY_SHORT_NAME}/{TAG_VALUE_SHORT_NAME}. type: string - BigQueryDestination: - id: BigQueryDestination - description: A BigQuery destination for exporting assets to. + type: object + id: Tag + description: >- + The key and value for a + [tag](https://cloud.google.com/resource-manager/docs/tags/tags-overview). + WindowsUpdatePackage: type: object properties: - dataset: - description: >- - Required. The BigQuery dataset in format - "projects/projectId/datasets/datasetId", to which the snapshot - result should be exported. If this dataset does not exist, the - export call returns an INVALID_ARGUMENT error. Setting the - `contentType` for `exportAssets` determines the - [schema](/asset-inventory/docs/exporting-to-bigquery#bigquery-schema) - of the BigQuery table. Setting `separateTablesPerAssetType` to - `TRUE` also influences the schema. - type: string - table: + supportUrl: description: >- - Required. The BigQuery table to which the snapshot result should be - written. If this table does not exist, a new table with the given - name will be created. + A hyperlink to the language-specific support information for the + update. type: string - force: - description: >- - If the destination table already exists and this flag is `TRUE`, the - table will be overwritten by the contents of assets snapshot. If the - flag is `FALSE` or unset and the destination table already exists, - the export call returns an INVALID_ARGUMENT error. - type: boolean - partitionSpec: - description: >- - [partition_spec] determines whether to export to partitioned - table(s) and how to partition the data. If [partition_spec] is unset - or [partition_spec.partition_key] is unset or - `PARTITION_KEY_UNSPECIFIED`, the snapshot results will be exported - to non-partitioned table(s). [force] will decide whether to - overwrite existing table(s). If [partition_spec] is specified. - First, the snapshot results will be written to partitioned table(s) - with two additional timestamp columns, readTime and requestTime, one - of which will be the partition key. Secondly, in the case when any - destination table already exists, it will first try to update - existing table's schema as necessary by appending additional - columns. Then, if [force] is `TRUE`, the corresponding partition - will be overwritten by the snapshot results (data in different - partitions will remain intact); if [force] is unset or `FALSE`, it - will append the data. An error will be returned if the schema update - or data appension fails. - $ref: '#/components/schemas/PartitionSpec' - separateTablesPerAssetType: + kbArticleIds: description: >- - If this flag is `TRUE`, the snapshot results will be written to one - or multiple tables, each of which contains results of one asset - type. The [force] and [partition_spec] fields will apply to each of - them. Field [table] will be concatenated with "_" and the asset type - names (see - https://cloud.google.com/asset-inventory/docs/supported-asset-types - for supported asset types) to construct per-asset-type table names, - in which all non-alphanumeric characters like "." and "/" will be - substituted by "_". Example: if field [table] is "mytable" and - snapshot results contain "storage.googleapis.com/Bucket" assets, the - corresponding table name will be - "mytable_storage_googleapis_com_Bucket". If any of these tables does - not exist, a new table with the concatenated name will be created. - When [content_type] in the ExportAssetsRequest is `RESOURCE`, the - schema of each table will include RECORD-type columns mapped to the - nested fields in the Asset.resource.data field of that asset type - (up to the 15 nested level BigQuery supports - (https://cloud.google.com/bigquery/docs/nested-repeated#limitations)). - The fields in >15 nested levels will be stored in JSON format string - as a child column of its parent RECORD column. If error occurs when - exporting to any table, the whole export call will return an error - but the export results that already succeed will persist. Example: - if exporting to table_type_A succeeds when exporting to table_type_B - fails during one export call, the results in table_type_A will - persist and there will not be partial results persisting in a table. - type: boolean - PartitionSpec: - id: PartitionSpec - description: Specifications of BigQuery partitioned table as export destination. - type: object - properties: - partitionKey: - description: The partition key for BigQuery partitioned table. + A collection of Microsoft Knowledge Base article IDs that are + associated with the update package. + items: + type: string + type: array + title: type: string - enumDescriptions: - - >- - Unspecified partition key. If used, it means using non-partitioned - table. - - >- - The time when the snapshot is taken. If specified as partition - key, the result table(s) is partitioned by the additional - timestamp column, readTime. If [read_time] in ExportAssetsRequest - is specified, the readTime column's value will be the same as it. - Otherwise, its value will be the current time that is used to take - the snapshot. - - >- - The time when the request is received and started to be processed. - If specified as partition key, the result table(s) is partitioned - by the requestTime column, an additional timestamp column - representing when the request was received. - enum: - - PARTITION_KEY_UNSPECIFIED - - READ_TIME - - REQUEST_TIME - ListAssetsResponse: - id: ListAssetsResponse - description: ListAssets response. - type: object - properties: - readTime: - description: Time the snapshot was taken. + description: The localized title of the update package. + lastDeploymentChangeTime: type: string format: google-datetime - assets: - description: Assets. + description: The last published date of the update, in (UTC) date and time. + revisionNumber: + description: The revision number of this update package. + type: integer + format: int32 + description: + type: string + description: The localized description of the update package. + categories: + items: + $ref: '#/components/schemas/WindowsUpdateCategory' type: array + description: The categories that are associated with this update package. + moreInfoUrls: items: - $ref: '#/components/schemas/Asset' - nextPageToken: + type: string + type: array description: >- - Token to retrieve the next page of results. It expires 72 hours - after the page token for the first page is generated. Set to empty - if there are no remaining results. + A collection of URLs that provide more information about the update + package. + updateId: + description: >- + Gets the identifier of an update package. Stays the same across + revisions. type: string - Asset: - id: Asset + id: WindowsUpdatePackage description: >- - An asset in Google Cloud. An asset can be any resource in the Google - Cloud [resource - hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), - a resource outside the Google Cloud resource hierarchy (such as Google - Kubernetes Engine clusters and objects), or a policy (e.g. IAM policy), - or a relationship (e.g. an INSTANCE_TO_INSTANCEGROUP relationship). See - [Supported asset - types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) - for more information. + Details related to a Windows Update package. Field data and names are + taken from Windows Update API IUpdate Interface: + https://docs.microsoft.com/en-us/windows/win32/api/_wua/ Descriptive + fields like title, and description are localized based on the locale of + the VM being updated. + Operation: type: object + id: Operation properties: - updateTime: - description: >- - The last update timestamp of an asset. update_time is updated when - create/update/delete operation is performed. - type: string - format: google-datetime name: description: >- - The full name of the asset. Example: - `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1` - See [Resource - names](https://cloud.google.com/apis/design/resource_names#full_resource_name) - for more information. + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string - assetType: + error: description: >- - The type of the asset. Example: `compute.googleapis.com/Disk` See - [Supported asset - types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) - for more information. - type: string - resource: - description: A representation of the resource. - $ref: '#/components/schemas/Resource' - iamPolicy: - description: >- - A representation of the IAM policy set on a Google Cloud resource. - There can be a maximum of one IAM policy set on any given resource. - In addition, IAM policies inherit their granted access scope from - any policies set on parent resources in the resource hierarchy. - Therefore, the effectively policy is the union of both the policy - set on this resource and each policy set on all of the resource's - ancestry resource levels in the hierarchy. See [this - topic](https://cloud.google.com/iam/help/allow-policies/inheritance) - for more information. - $ref: '#/components/schemas/Policy' - orgPolicy: - description: >- - A representation of an [organization - policy](https://cloud.google.com/resource-manager/docs/organization-policy/overview#organization_policy). - There can be more than one organization policy with different - constraints set on a given resource. - type: array - items: - $ref: '#/components/schemas/GoogleCloudOrgpolicyV1Policy' - accessPolicy: - description: >- - Also refer to the [access policy user - guide](https://cloud.google.com/access-context-manager/docs/overview#access-policies). - $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1AccessPolicy - accessLevel: - description: >- - Also refer to the [access level user - guide](https://cloud.google.com/access-context-manager/docs/overview#access-levels). - $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1AccessLevel' - servicePerimeter: + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + response: description: >- - Also refer to the [service perimeter user - guide](https://cloud.google.com/vpc-service-controls/docs/overview). - $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1ServicePerimeter - osInventory: + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + done: description: >- - A representation of runtime OS Inventory information. See [this - topic](https://cloud.google.com/compute/docs/instances/os-inventory-management) - for more information. - $ref: '#/components/schemas/Inventory' - relatedAssets: + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + metadata: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any description: >- - DEPRECATED. This field only presents for the purpose of - backward-compatibility. The server will never generate responses - with this field. The related assets of the asset of one relationship - type. One asset only represents one type of relationship. - deprecated: true - $ref: '#/components/schemas/RelatedAssets' - relatedAsset: - description: One related asset of the current asset. - $ref: '#/components/schemas/RelatedAsset' - ancestors: + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + description: >- + This resource represents a long-running operation that is the result of + a network API call. + SearchAllIamPoliciesResponse: + properties: + nextPageToken: description: >- - The ancestry path of an asset in Google Cloud [resource - hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), - represented as a list of relative resource names. An ancestry path - starts with the closest ancestor in the hierarchy and ends at root. - If the asset is a project, folder, or organization, the ancestry - path starts from the asset itself. Example: `["projects/123456789", - "folders/5432", "organizations/1234"]` - type: array - items: - type: string - assetExceptions: - description: The exceptions of a resource. + Set if there are more results than those appearing in this response; + to get the next set of results, call this method again, using this + value as the `page_token`. + type: string + results: type: array + description: >- + A list of IAM policies that match the search query. Related + information such as the associated resource is returned along with + the policy. items: - $ref: '#/components/schemas/AssetException' + $ref: '#/components/schemas/IamPolicySearchResult' + id: SearchAllIamPoliciesResponse + type: object + description: Search all IAM policies response. Resource: id: Resource - description: A representation of a Google Cloud resource. type: object properties: version: description: 'The API version. Example: `v1`' type: string - discoveryDocumentUri: - description: >- - The URL of the discovery document containing the resource's JSON - schema. Example: - `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest` This - value is unspecified for resources that do not have an API based on - a discovery document, such as Cloud Bigtable. - type: string discoveryName: description: >- The JSON schema name listed in the discovery document. Example: `Project` This value is unspecified for resources that do not have an API based on a discovery document, such as Cloud Bigtable. type: string + data: + type: object + additionalProperties: + type: any + description: Properties of the object. + description: >- + The content of the resource, in which some sensitive fields are + removed and may not be present. resourceUrl: + type: string description: >- The REST URL for accessing the resource. An HTTP `GET` request using this URL returns the resource itself. Example: `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-123` This value is unspecified for resources without a REST API. + location: + description: >- + The location of the resource in Google Cloud, such as its zone and + region. For more information, see + https://cloud.google.com/about/locations/. + type: string + discoveryDocumentUri: type: string + description: >- + The URL of the discovery document containing the resource's JSON + schema. Example: + `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest` This + value is unspecified for resources that do not have an API based on + a discovery document, such as Cloud Bigtable. parent: + type: string description: >- The full name of the immediate parent of this resource. See [Resource @@ -511,363 +393,102 @@ components: hierarchy](https://cloud.google.com/iam/docs/overview#policy_hierarchy). Example: `//cloudresourcemanager.googleapis.com/projects/my_project_123` - type: string - data: - description: >- - The content of the resource, in which some sensitive fields are - removed and may not be present. - type: object - additionalProperties: - type: any - description: Properties of the object. - location: - description: >- - The location of the resource in Google Cloud, such as its zone and - region. For more information, see - https://cloud.google.com/about/locations/. - type: string - Policy: - id: Policy + description: A representation of a Google Cloud resource. + GoogleIdentityAccesscontextmanagerV1DevicePolicy: description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). - type: object + `DevicePolicy` specifies device specific restrictions necessary to + acquire a given access level. A `DevicePolicy` specifies requirements + for requests from devices to be granted access levels, it does not do + any enforcement on the device. `DevicePolicy` acts as an AND over all + specified fields, and each repeated field is an OR over its elements. + Any unset fields are ignored. For example, if the proto is { os_type : + DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, + then the DevicePolicy will be true for requests originating from + encrypted Linux desktops and encrypted Windows desktops. properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + requireCorpOwned: + type: boolean + description: Whether the device needs to be corp owned. + requireScreenlock: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. + Whether or not screenlock is required for the DevicePolicy to be + true. Defaults to `false`. + type: boolean + osConstraints: type: array items: - $ref: '#/components/schemas/AuditConfig' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. - type: object - properties: - role: + $ref: >- + #/components/schemas/GoogleIdentityAccesscontextmanagerV1OsConstraint description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string - members: + Allowed OS versions, an empty list allows all types and all + versions. + requireAdminApproval: + description: Whether the device needs to be approved by the customer admin. + type: boolean + allowedEncryptionStatuses: + items: + enum: + - ENCRYPTION_UNSPECIFIED + - ENCRYPTION_UNSUPPORTED + - UNENCRYPTED + - ENCRYPTED + enumDescriptions: + - >- + The encryption status of the device is not specified or not + known. + - The device does not support encryption. + - The device supports encryption, but is currently unencrypted. + - The device is encrypted. + type: string + type: array + description: Allowed encryptions statuses, an empty list allows all statuses. + allowedDeviceManagementLevels: description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + Allowed device management levels, an empty list allows all + management levels. type: array items: + enumDescriptions: + - The device's management level is not specified or not known. + - The device is not managed. + - >- + Basic management is enabled, which is generally limited to + monitoring and wiping the corporate account. + - >- + Complete device management. This includes more thorough + monitoring and the ability to directly manage the device (such + as remote wiping). This can be enabled through the Android + Enterprise Platform. type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + enum: + - MANAGEMENT_UNSPECIFIED + - NONE + - BASIC + - COMPLETE type: object - properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string - title: - description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. - type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: - description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - AuditConfig: - id: AuditConfig + id: GoogleIdentityAccesscontextmanagerV1DevicePolicy + AccessSelector: + id: AccessSelector description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + Specifies roles and/or permissions to analyze, to determine both the + identities possessing them and the resources they control. If multiple + values are specified, results will include roles or permissions matching + any of them. The total number of roles and permissions should be equal + or less than 10. type: object properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. + permissions: type: array + description: Optional. The permissions to appear in result. items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - type: object - properties: - logType: - description: The log type that this config enables. - type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: - description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. + type: string + roles: + description: Optional. The roles to appear in result. type: array items: type: string - GoogleCloudOrgpolicyV1Policy: - id: GoogleCloudOrgpolicyV1Policy - description: >- - Defines a Cloud Organization `Policy` which is used to specify - `Constraints` for configurations of Cloud Platform resources. - type: object - properties: - version: - description: Version of the `Policy`. Default version is 0; - type: integer - format: int32 - constraint: - description: >- - The name of the `Constraint` the `Policy` is configuring, for - example, `constraints/serviceuser.services`. A [list of available - constraints](/resource-manager/docs/organization-policy/org-policy-constraints) - is available. Immutable after creation. - type: string - etag: - description: >- - An opaque tag indicating the current version of the `Policy`, used - for concurrency control. When the `Policy` is returned from either a - `GetPolicy` or a `ListOrgPolicy` request, this `etag` indicates the - version of the current `Policy` to use when executing a - read-modify-write loop. When the `Policy` is returned from a - `GetEffectivePolicy` request, the `etag` will be unset. When the - `Policy` is used in a `SetOrgPolicy` method, use the `etag` value - that was returned from a `GetOrgPolicy` request as part of a - read-modify-write loop for concurrency control. Not setting the - `etag`in a `SetOrgPolicy` request will result in an unconditional - write of the `Policy`. - type: string - format: byte - updateTime: - description: >- - The time stamp the `Policy` was previously updated. This is set by - the server, not specified by the caller, and represents the last - time a call to `SetOrgPolicy` was made for that `Policy`. Any value - set by the client will be ignored. - type: string - format: google-datetime - listPolicy: - description: List of values either allowed or disallowed. - $ref: '#/components/schemas/GoogleCloudOrgpolicyV1ListPolicy' - booleanPolicy: - description: >- - For boolean `Constraints`, whether to enforce the `Constraint` or - not. - $ref: '#/components/schemas/GoogleCloudOrgpolicyV1BooleanPolicy' - restoreDefault: - description: >- - Restores the default behavior of the constraint; independent of - `Constraint` type. - $ref: '#/components/schemas/GoogleCloudOrgpolicyV1RestoreDefault' - GoogleCloudOrgpolicyV1ListPolicy: - id: GoogleCloudOrgpolicyV1ListPolicy + GoogleCloudOrgpolicyV1ListPolicy: + id: GoogleCloudOrgpolicyV1ListPolicy description: >- Used in `policy_type` to specify how `list_policy` behaves at this resource. `ListPolicy` can define specific values and subtrees of Cloud @@ -886,40 +507,28 @@ components: `Policy` if `all_values` is `ALL_VALUES_UNSPECIFIED`. `ALLOW` or `DENY` are used to allow or deny all values. If `all_values` is set to either `ALLOW` or `DENY`, `allowed_values` and `denied_values` must be unset. - type: object properties: allowedValues: description: >- List of values allowed at this resource. Can only be set if `all_values` is set to `ALL_VALUES_UNSPECIFIED`. - type: array items: type: string - deniedValues: - description: >- - List of values denied at this resource. Can only be set if - `all_values` is set to `ALL_VALUES_UNSPECIFIED`. type: array - items: - type: string - allValues: - description: The policy all_values state. - type: string - enumDescriptions: - - Indicates that allowed_values or denied_values must be set. - - A policy with this set allows all values. - - A policy with this set denies all values. - enum: - - ALL_VALUES_UNSPECIFIED - - ALLOW - - DENY suggestedValue: + type: string description: >- Optional. The Google Cloud Console will try to default to a configuration that matches the value specified in this `Policy`. If `suggested_value` is not set, it will inherit the value specified higher in the hierarchy, unless `inherit_from_parent` is `false`. - type: string + deniedValues: + description: >- + List of values denied at this resource. Can only be set if + `all_values` is set to `ALL_VALUES_UNSPECIFIED`. + type: array + items: + type: string inheritFromParent: description: >- Determines the inheritance behavior for this `Policy`. By default, a @@ -988,971 +597,751 @@ components: `projects/P2`, `projects/P3`. The accepted values at `projects/bar` are `organizations/O1`, `folders/F1`, `projects/P1`. type: boolean - GoogleCloudOrgpolicyV1BooleanPolicy: - id: GoogleCloudOrgpolicyV1BooleanPolicy - description: >- - Used in `policy_type` to specify how `boolean_policy` will behave at - this resource. + allValues: + enum: + - ALL_VALUES_UNSPECIFIED + - ALLOW + - DENY + description: The policy all_values state. + type: string + enumDescriptions: + - Indicates that allowed_values or denied_values must be set. + - A policy with this set allows all values. + - A policy with this set denies all values. type: object + GoogleCloudAssetV1Identity: + description: An identity under analysis. + id: GoogleCloudAssetV1Identity properties: - enforced: + name: + type: string description: >- - If `true`, then the `Policy` is enforced. If `false`, then any - configuration is acceptable. Suppose you have a `Constraint` - `constraints/compute.disableSerialPortAccess` with - `constraint_default` set to `ALLOW`. A `Policy` for that - `Constraint` exhibits the following behavior: - If the `Policy` at - this resource has enforced set to `false`, serial port connection - attempts will be allowed. - If the `Policy` at this resource has - enforced set to `true`, serial port connection attempts will be - refused. - If the `Policy` at this resource is `RestoreDefault`, - serial port connection attempts will be allowed. - If no `Policy` is - set at this resource or anywhere higher in the resource hierarchy, - serial port connection attempts will be allowed. - If no `Policy` is - set at this resource, but one exists higher in the resource - hierarchy, the behavior is as if the`Policy` were set at this - resource. The following examples demonstrate the different possible - layerings: Example 1 (nearest `Constraint` wins): - `organizations/foo` has a `Policy` with: {enforced: false} - `projects/bar` has no `Policy` set. The constraint at `projects/bar` - and `organizations/foo` will not be enforced. Example 2 (enforcement - gets replaced): `organizations/foo` has a `Policy` with: {enforced: - false} `projects/bar` has a `Policy` with: {enforced: true} The - constraint at `organizations/foo` is not enforced. The constraint at - `projects/bar` is enforced. Example 3 (RestoreDefault): - `organizations/foo` has a `Policy` with: {enforced: true} - `projects/bar` has a `Policy` with: {RestoreDefault: {}} The - constraint at `organizations/foo` is enforced. The constraint at - `projects/bar` is not enforced, because `constraint_default` for the - `Constraint` is `ALLOW`. - type: boolean - GoogleCloudOrgpolicyV1RestoreDefault: - id: GoogleCloudOrgpolicyV1RestoreDefault - description: >- - Ignores policies set above this resource and restores the - `constraint_default` enforcement behavior of the specific `Constraint` - at this resource. Suppose that `constraint_default` is set to `ALLOW` - for the `Constraint` `constraints/serviceuser.services`. Suppose that - organization foo.com sets a `Policy` at their Organization resource node - that restricts the allowed service activations to deny all service - activations. They could then set a `Policy` with the `policy_type` - `restore_default` on several experimental projects, restoring the - `constraint_default` enforcement of the `Constraint` for only those - projects, allowing those projects to have all services activated. + The identity of members, formatted as appear in an [IAM policy + binding](https://cloud.google.com/iam/reference/rest/v1/Binding). + For example, they might be formatted like the following: - + user:foo@google.com - group:group1@google.com - + serviceAccount:s1@prj1.iam.gserviceaccount.com - + projectOwner:some_project_id - domain:google.com - allUsers + analysisState: + $ref: '#/components/schemas/IamPolicyAnalysisState' + description: The analysis state of this identity. type: object - properties: {} - GoogleIdentityAccesscontextmanagerV1AccessPolicy: - id: GoogleIdentityAccesscontextmanagerV1AccessPolicy + VersionedResource: description: >- - `AccessPolicy` is a container for `AccessLevels` (which define the - necessary attributes to use Google Cloud services) and - `ServicePerimeters` (which define regions of services able to freely - pass data within a perimeter). An access policy is globally visible - within an organization, and the restrictions it specifies apply to all - projects within an organization. + Resource representation as defined by the corresponding service + providing the resource for a given API version. type: object properties: - name: + assetExceptions: + description: The exceptions of a resource. + items: + $ref: '#/components/schemas/AssetException' + type: array + version: description: >- - Output only. Identifier. Resource name of the `AccessPolicy`. - Format: `accessPolicies/{access_policy}` + API version of the resource. Example: If the resource is an instance + provided by Compute Engine v1 API as defined in + `https://cloud.google.com/compute/docs/reference/rest/v1/instances`, + version will be "v1". type: string - parent: + resource: + additionalProperties: + description: Properties of the object. + type: any description: >- - Required. The parent of this `AccessPolicy` in the Cloud Resource - Hierarchy. Currently immutable once created. Format: - `organizations/{organization_id}` - type: string - title: - description: Required. Human readable title. Does not affect behavior. + JSON representation of the resource as defined by the corresponding + service providing this resource. Example: If the resource is an + instance provided by Compute Engine, this field will contain the + JSON representation of the instance as defined by Compute Engine: + `https://cloud.google.com/compute/docs/reference/rest/v1/instances`. + You can find the resource definition for each supported resource + type in this table: + `https://cloud.google.com/asset-inventory/docs/supported-asset-types` + type: object + id: VersionedResource + GoogleIdentityAccesscontextmanagerV1ApiOperation: + id: GoogleIdentityAccesscontextmanagerV1ApiOperation + properties: + serviceName: type: string - scopes: description: >- - The scopes of the AccessPolicy. Scopes define which resources a - policy can restrict and where its resources can be referenced. For - example, policy A with `scopes=["folders/123"]` has the following - behavior: - ServicePerimeter can only restrict projects within - `folders/123`. - ServicePerimeter within policy A can only reference - access levels defined within policy A. - Only one policy can include - a given scope; thus, attempting to create a second policy which - includes `folders/123` will result in an error. If no scopes are - provided, then any resource within the organization can be - restricted. Scopes cannot be modified after a policy is created. - Policies can only have a single scope. Format: list of - `folders/{folder_number}` or `projects/{project_number}` + The name of the API whose methods or permissions the IngressPolicy + or EgressPolicy want to allow. A single ApiOperation with + `service_name` field set to `*` will allow all methods AND + permissions for all services. + methodSelectors: type: array - items: - type: string - etag: description: >- - Output only. An opaque identifier for the current version of the - `AccessPolicy`. This will always be a strongly validated etag, - meaning that two Access Policies will be identical if and only if - their etags are identical. Clients should not expect this to be in - any specific format. - readOnly: true - type: string - GoogleIdentityAccesscontextmanagerV1AccessLevel: - id: GoogleIdentityAccesscontextmanagerV1AccessLevel - description: >- - An `AccessLevel` is a label that can be applied to requests to Google - Cloud services, along with a list of requirements necessary for the - label to be applied. + API methods or permissions to allow. Method or permission must + belong to the service specified by `service_name` field. A single + MethodSelector entry with `*` specified for the `method` field will + allow all methods AND permissions for the service specified in + `service_name`. + items: + $ref: >- + #/components/schemas/GoogleIdentityAccesscontextmanagerV1MethodSelector + type: object + description: Identification for an API Operation. + Feed: type: object properties: - name: + feedOutputConfig: description: >- - Identifier. Resource name for the `AccessLevel`. Format: - `accessPolicies/{access_policy}/accessLevels/{access_level}`. The - `access_level` component must begin with a letter, followed by - alphanumeric characters or `_`. Its maximum length is 50 characters. - After you create an `AccessLevel`, you cannot change its `name`. - type: string - title: - description: Human readable title. Must be unique within the Policy. - type: string - description: - description: >- - Description of the `AccessLevel` and its use. Does not affect - behavior. + Required. Feed output configuration defining where the asset updates + are published to. + $ref: '#/components/schemas/FeedOutputConfig' + contentType: + enum: + - CONTENT_TYPE_UNSPECIFIED + - RESOURCE + - IAM_POLICY + - ORG_POLICY + - ACCESS_POLICY + - OS_INVENTORY + - RELATIONSHIP type: string - basic: - description: A `BasicLevel` composed of `Conditions`. - $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1BasicLevel' - custom: - description: A `CustomLevel` written in the Common Expression Language. - $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1CustomLevel' - GoogleIdentityAccesscontextmanagerV1BasicLevel: - id: GoogleIdentityAccesscontextmanagerV1BasicLevel - description: '`BasicLevel` is an `AccessLevel` using a set of recommended features.' - type: object - properties: - conditions: description: >- - Required. A list of requirements for the `AccessLevel` to be - granted. + Asset content type. If not specified, no content but the asset name + and type will be returned. + enumDescriptions: + - Unspecified content type. + - Resource metadata. + - The actual IAM policy set on a resource. + - The organization policy set on an asset. + - The Access Context Manager policy set on an asset. + - The runtime OS Inventory information. + - The related resources. + relationshipTypes: type: array items: - $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1Condition' - combiningFunction: - description: >- - How the `conditions` list should be combined to determine if a - request is granted this `AccessLevel`. If AND is used, each - `Condition` in `conditions` must be satisfied for the `AccessLevel` - to be applied. If OR is used, at least one `Condition` in - `conditions` must be satisfied for the `AccessLevel` to be applied. - Default behavior is AND. - type: string - enumDescriptions: - - All `Conditions` must be true for the `BasicLevel` to be true. - - >- - If at least one `Condition` is true, then the `BasicLevel` is - true. - enum: - - AND - - OR - GoogleIdentityAccesscontextmanagerV1Condition: - id: GoogleIdentityAccesscontextmanagerV1Condition - description: >- - A condition necessary for an `AccessLevel` to be granted. The Condition - is an AND over its fields. So a Condition is true if: 1) the request IP - is from one of the listed subnetworks AND 2) the originating device - complies with the listed device policy AND 3) all listed access levels - are granted AND 4) the request was sent at a time allowed by the - DateTimeRestriction. - type: object - properties: - ipSubnetworks: + type: string description: >- - CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note - that for a CIDR IP address block, the specified IP address portion - must be properly truncated (i.e. all the host bits must be zero) or - the input is considered malformed. For example, "192.0.2.0/24" is - accepted but "192.0.2.1/24" is not. Similarly, for IPv6, - "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The - originating IP of a request must be in one of the listed subnets in - order for this Condition to be true. If empty, all IP addresses are - allowed. + A list of relationship types to output, for example: + `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if + content_type=RELATIONSHIP. * If specified: it outputs specified + relationship updates on the [asset_names] or the [asset_types]. It + returns an error if any of the [relationship_types] doesn't belong + to the supported relationship types of the [asset_names] or + [asset_types], or any of the [asset_names] or the [asset_types] + doesn't belong to the source types of the [relationship_types]. * + Otherwise: it outputs the supported relationships of the types of + [asset_names] and [asset_types] or returns an error if any of the + [asset_names] or the [asset_types] has no replationship support. See + [Introduction to Cloud Asset + Inventory](https://cloud.google.com/asset-inventory/docs/overview) + for all supported asset types and relationship types. + assetTypes: type: array items: type: string - devicePolicy: description: >- - Device specific restrictions, all restrictions must hold for the - Condition to be true. If not specified, all devices are allowed. - $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1DevicePolicy - requiredAccessLevels: + A list of types of the assets to receive updates. You must specify + either or both of asset_names and asset_types. Only asset updates + matching specified asset_names or asset_types are exported to the + feed. Example: `"compute.googleapis.com/Disk"` For a list of all + supported asset types, see [Supported asset + types](/asset-inventory/docs/supported-asset-types). + name: + type: string description: >- - A list of other access levels defined in the same `Policy`, - referenced by resource name. Referencing an `AccessLevel` which does - not exist is an error. All access levels listed must be granted for - the Condition to be true. Example: - "`accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"` + Required. The format will be + projects/{project_number}/feeds/{client-assigned_feed_identifier} or + folders/{folder_number}/feeds/{client-assigned_feed_identifier} or + organizations/{organization_number}/feeds/{client-assigned_feed_identifier} + The client-assigned feed identifier must be unique within the parent + project/folder/organization. + condition: + $ref: '#/components/schemas/Expr' + description: >- + A condition which determines whether an asset update should be + published. If specified, an asset will be returned only when the + expression evaluates to true. When set, `expression` field in the + `Expr` must be a valid [CEL expression] + (https://github.com/google/cel-spec) on a TemporalAsset with name + `temporal_asset`. Example: a Feed with expression + ("temporal_asset.deleted == true") will only publish Asset + deletions. Other fields of `Expr` are optional. See our [user + guide](https://cloud.google.com/asset-inventory/docs/monitoring-asset-changes-with-condition) + for detailed instructions. + assetNames: + description: >- + A list of the full names of the assets to receive updates. You must + specify either or both of asset_names and asset_types. Only asset + updates matching specified asset_names or asset_types are exported + to the feed. Example: + `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. + For a list of the full names for supported asset types, see + [Resource name format](/asset-inventory/docs/resource-name-format). + items: + type: string type: array + id: Feed + description: >- + An asset feed used to export asset updates to a destinations. An asset + feed filter controls what updates are exported. The asset feed must be + created within a project, organization, or folder. Supported + destinations are: Pub/Sub topics. + GoogleIdentityAccesscontextmanagerV1EgressTo: + id: GoogleIdentityAccesscontextmanagerV1EgressTo + type: object + properties: + roles: items: type: string - negate: description: >- - Whether to negate the Condition. If true, the Condition becomes a - NAND over its non-empty fields. Any non-empty field criteria - evaluating to false will result in the Condition to be satisfied. - Defaults to false. - type: boolean - members: + IAM roles that represent the set of operations that the sources + specified in the corresponding EgressFrom. are allowed to perform in + this ServicePerimeter. + type: array + resources: description: >- - The request must be made by one of the provided user or service - accounts. Groups are not supported. Syntax: `user:{emailid}` - `serviceAccount:{emailid}` If not specified, a request may come from - any user. + A list of resources, currently only projects in the form + `projects/`, that are allowed to be accessed by sources defined in + the corresponding EgressFrom. A request matches if it contains a + resource in this list. If `*` is specified for `resources`, then + this EgressTo rule will authorize access to all resources outside + the perimeter. type: array items: type: string - regions: - description: >- - The request must originate from one of the provided - countries/regions. Must be valid ISO 3166-1 alpha-2 codes. + externalResources: type: array items: type: string - vpcNetworkSources: description: >- - The request must originate from one of the provided VPC networks in - Google Cloud. Cannot specify this field together with - `ip_subnetworks`. + A list of external resources that are allowed to be accessed. Only + AWS and Azure resources are supported. For Amazon S3, the supported + formats are s3://BUCKET_NAME, s3a://BUCKET_NAME, and + s3n://BUCKET_NAME. For Azure Storage, the supported format is + azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request + matches if it contains an external resource in this list (Example: + s3://bucket/path). Currently '*' is not allowed. + operations: type: array items: $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1VpcNetworkSource - GoogleIdentityAccesscontextmanagerV1DevicePolicy: - id: GoogleIdentityAccesscontextmanagerV1DevicePolicy + #/components/schemas/GoogleIdentityAccesscontextmanagerV1ApiOperation + description: >- + A list of ApiOperations allowed to be performed by the sources + specified in the corresponding EgressFrom. A request matches if it + uses an operation/service in this list. description: >- - `DevicePolicy` specifies device specific restrictions necessary to - acquire a given access level. A `DevicePolicy` specifies requirements - for requests from devices to be granted access levels, it does not do - any enforcement on the device. `DevicePolicy` acts as an AND over all - specified fields, and each repeated field is an OR over its elements. - Any unset fields are ignored. For example, if the proto is { os_type : - DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, - then the DevicePolicy will be true for requests originating from - encrypted Linux desktops and encrypted Windows desktops. + Defines the conditions under which an EgressPolicy matches a request. + Conditions are based on information about the ApiOperation intended to + be performed on the `resources` specified. Note that if the destination + of the request is also protected by a ServicePerimeter, then that + ServicePerimeter must have an IngressPolicy which allows access in order + for this request to succeed. The request must match `operations` AND + `resources` fields in order to be allowed egress out of the perimeter. + ResourceSelector: + properties: + fullResourceName: + description: >- + Required. The [full resource name] + (https://cloud.google.com/asset-inventory/docs/resource-name-format) + of a resource of [supported resource + types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types). + type: string + id: ResourceSelector + type: object + description: >- + Specifies the resource to analyze for access policies, which may be set + directly on the resource, or on ancestors such as organizations, folders + or projects. + TimeWindow: + description: A time window specified by its `start_time` and `end_time`. + id: TimeWindow type: object properties: - requireScreenlock: + startTime: + format: google-datetime + type: string + description: Start time of the time window (exclusive). + endTime: + type: string description: >- - Whether or not screenlock is required for the DevicePolicy to be - true. Defaults to `false`. - type: boolean - allowedEncryptionStatuses: - description: Allowed encryptions statuses, an empty list allows all statuses. - type: array - items: - type: string - enumDescriptions: - - >- - The encryption status of the device is not specified or not - known. - - The device does not support encryption. - - The device supports encryption, but is currently unencrypted. - - The device is encrypted. - enum: - - ENCRYPTION_UNSPECIFIED - - ENCRYPTION_UNSUPPORTED - - UNENCRYPTED - - ENCRYPTED - osConstraints: - description: >- - Allowed OS versions, an empty list allows all types and all - versions. - type: array - items: - $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1OsConstraint - allowedDeviceManagementLevels: - description: >- - Allowed device management levels, an empty list allows all - management levels. - type: array - items: - type: string - enumDescriptions: - - The device's management level is not specified or not known. - - The device is not managed. - - >- - Basic management is enabled, which is generally limited to - monitoring and wiping the corporate account. - - >- - Complete device management. This includes more thorough - monitoring and the ability to directly manage the device (such - as remote wiping). This can be enabled through the Android - Enterprise Platform. - enum: - - MANAGEMENT_UNSPECIFIED - - NONE - - BASIC - - COMPLETE - requireAdminApproval: - description: Whether the device needs to be approved by the customer admin. - type: boolean - requireCorpOwned: - description: Whether the device needs to be corp owned. - type: boolean - GoogleIdentityAccesscontextmanagerV1OsConstraint: - id: GoogleIdentityAccesscontextmanagerV1OsConstraint - description: A restriction on the OS type and version of devices making requests. + End time of the time window (inclusive). If not specified, the + current timestamp is used instead. + format: google-datetime + BigQueryDestination: type: object properties: - osType: - description: Required. The allowed OS type. - type: string - enumDescriptions: - - The operating system of the device is not specified or not known. - - A desktop Mac operating system. - - A desktop Windows operating system. - - A desktop Linux operating system. - - A desktop ChromeOS operating system. - - An Android operating system. - - An iOS operating system. - enum: - - OS_UNSPECIFIED - - DESKTOP_MAC - - DESKTOP_WINDOWS - - DESKTOP_LINUX - - DESKTOP_CHROME_OS - - ANDROID - - IOS - minimumVersion: + table: description: >- - The minimum allowed OS version. If not set, any version of this OS - satisfies the constraint. Format: `"major.minor.patch"`. Examples: - `"10.5.301"`, `"9.2.1"`. + Required. The BigQuery table to which the snapshot result should be + written. If this table does not exist, a new table with the given + name will be created. type: string - requireVerifiedChromeOs: + partitionSpec: description: >- - Only allows requests from devices with a verified Chrome OS. - Verifications includes requirements that the device is - enterprise-managed, conformant to domain policies, and the caller - has permission to call the API targeted by the request. + [partition_spec] determines whether to export to partitioned + table(s) and how to partition the data. If [partition_spec] is unset + or [partition_spec.partition_key] is unset or + `PARTITION_KEY_UNSPECIFIED`, the snapshot results will be exported + to non-partitioned table(s). [force] will decide whether to + overwrite existing table(s). If [partition_spec] is specified. + First, the snapshot results will be written to partitioned table(s) + with two additional timestamp columns, readTime and requestTime, one + of which will be the partition key. Secondly, in the case when any + destination table already exists, it will first try to update + existing table's schema as necessary by appending additional + columns. Then, if [force] is `TRUE`, the corresponding partition + will be overwritten by the snapshot results (data in different + partitions will remain intact); if [force] is unset or `FALSE`, it + will append the data. An error will be returned if the schema update + or data appension fails. + $ref: '#/components/schemas/PartitionSpec' + force: type: boolean - GoogleIdentityAccesscontextmanagerV1VpcNetworkSource: - id: GoogleIdentityAccesscontextmanagerV1VpcNetworkSource - description: The originating network source in Google Cloud. - type: object - properties: - vpcSubnetwork: - description: Sub-segment ranges of a VPC network. - $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1VpcSubNetwork - GoogleIdentityAccesscontextmanagerV1VpcSubNetwork: - id: GoogleIdentityAccesscontextmanagerV1VpcSubNetwork - description: Sub-segment ranges inside of a VPC Network. - type: object - properties: - network: description: >- - Required. Network name. If the network is not part of the - organization, the `compute.network.get` permission must be granted - to the caller. Format: - `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME}` - Example: - `//compute.googleapis.com/projects/my-project/global/networks/network-1` - type: string - vpcIpSubnetworks: + If the destination table already exists and this flag is `TRUE`, the + table will be overwritten by the contents of assets snapshot. If the + flag is `FALSE` or unset and the destination table already exists, + the export call returns an INVALID_ARGUMENT error. + separateTablesPerAssetType: description: >- - CIDR block IP subnetwork specification. The IP address must be an - IPv4 address and can be a public or private IP address. Note that - for a CIDR IP address block, the specified IP address portion must - be properly truncated (i.e. all the host bits must be zero) or the - input is considered malformed. For example, "192.0.2.0/24" is - accepted but "192.0.2.1/24" is not. If empty, all IP addresses are - allowed. - type: array - items: - type: string - GoogleIdentityAccesscontextmanagerV1CustomLevel: - id: GoogleIdentityAccesscontextmanagerV1CustomLevel - description: >- - `CustomLevel` is an `AccessLevel` using the Cloud Common Expression - Language to represent the necessary conditions for the level to apply to - a request. See CEL spec at: https://github.com/google/cel-spec - type: object - properties: - expr: - description: Required. A Cloud CEL expression evaluating to a boolean. - $ref: '#/components/schemas/Expr' - GoogleIdentityAccesscontextmanagerV1ServicePerimeter: - id: GoogleIdentityAccesscontextmanagerV1ServicePerimeter - description: >- - `ServicePerimeter` describes a set of Google Cloud resources which can - freely import and export data amongst themselves, but not export outside - of the `ServicePerimeter`. If a request with a source within this - `ServicePerimeter` has a target outside of the `ServicePerimeter`, the - request will be blocked. Otherwise the request is allowed. There are two - types of Service Perimeter - Regular and Bridge. Regular Service - Perimeters cannot overlap, a single Google Cloud project or VPC network - can only belong to a single regular Service Perimeter. Service Perimeter - Bridges can contain only Google Cloud projects as members, a single - Google Cloud project may belong to multiple Service Perimeter Bridges. + If this flag is `TRUE`, the snapshot results will be written to one + or multiple tables, each of which contains results of one asset + type. The [force] and [partition_spec] fields will apply to each of + them. Field [table] will be concatenated with "_" and the asset type + names (see + https://cloud.google.com/asset-inventory/docs/supported-asset-types + for supported asset types) to construct per-asset-type table names, + in which all non-alphanumeric characters like "." and "/" will be + substituted by "_". Example: if field [table] is "mytable" and + snapshot results contain "storage.googleapis.com/Bucket" assets, the + corresponding table name will be + "mytable_storage_googleapis_com_Bucket". If any of these tables does + not exist, a new table with the concatenated name will be created. + When [content_type] in the ExportAssetsRequest is `RESOURCE`, the + schema of each table will include RECORD-type columns mapped to the + nested fields in the Asset.resource.data field of that asset type + (up to the 15 nested level BigQuery supports + (https://cloud.google.com/bigquery/docs/nested-repeated#limitations)). + The fields in >15 nested levels will be stored in JSON format string + as a child column of its parent RECORD column. If error occurs when + exporting to any table, the whole export call will return an error + but the export results that already succeed will persist. Example: + if exporting to table_type_A succeeds when exporting to table_type_B + fails during one export call, the results in table_type_A will + persist and there will not be partial results persisting in a table. + type: boolean + dataset: + description: >- + Required. The BigQuery dataset in format + "projects/projectId/datasets/datasetId", to which the snapshot + result should be exported. If this dataset does not exist, the + export call returns an INVALID_ARGUMENT error. Setting the + `contentType` for `exportAssets` determines the + [schema](/asset-inventory/docs/exporting-to-bigquery#bigquery-schema) + of the BigQuery table. Setting `separateTablesPerAssetType` to + `TRUE` also influences the schema. + type: string + id: BigQueryDestination + description: A BigQuery destination for exporting assets to. + QueryAssetsRequest: type: object + description: QueryAssets request. properties: - name: + outputConfig: + $ref: '#/components/schemas/QueryAssetsOutputConfig' description: >- - Identifier. Resource name for the `ServicePerimeter`. Format: - `accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}`. - The `service_perimeter` component must begin with a letter, followed - by alphanumeric characters or `_`. After you create a - `ServicePerimeter`, you cannot change its `name`. - type: string - title: - description: Human readable title. Must be unique within the Policy. - type: string - description: + Optional. Destination where the query results will be saved. When + this field is specified, the query results won't be saved in the + [QueryAssetsResponse.query_result]. Instead + [QueryAssetsResponse.output_config] will be set. Meanwhile, + [QueryAssetsResponse.job_reference] will be set and can be used to + check the status of the query job when passed to a following + [QueryAssets] API call. + readTime: description: >- - Description of the `ServicePerimeter` and its use. Does not affect - behavior. + Optional. Queries cloud assets as they appeared at the specified + point in time. type: string - perimeterType: + format: google-datetime + jobReference: description: >- - Perimeter type indicator. A single project or VPC network is allowed - to be a member of single regular perimeter, but multiple service - perimeter bridges. A project cannot be a included in a perimeter - bridge without being included in regular perimeter. For perimeter - bridges, the restricted service list as well as access level lists - must be empty. + Optional. Reference to the query job, which is from the + `QueryAssetsResponse` of previous `QueryAssets` call. type: string - enumDescriptions: - - >- - Regular Perimeter. When no value is specified, the perimeter uses - this type. - - Perimeter Bridge. - enum: - - PERIMETER_TYPE_REGULAR - - PERIMETER_TYPE_BRIDGE - status: + readTimeWindow: description: >- - Current ServicePerimeter configuration. Specifies sets of resources, - restricted services and access levels that determine perimeter - content and boundaries. - $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig - spec: + Optional. [start_time] is required. [start_time] must be less than + [end_time] Defaults [end_time] to now if [start_time] is set and + [end_time] isn't. Maximum permitted time range is 7 days. + $ref: '#/components/schemas/TimeWindow' + statement: description: >- - Proposed (or dry run) ServicePerimeter configuration. This - configuration allows to specify and test ServicePerimeter - configuration without enforcing actual access restrictions. Only - allowed to be set when the "use_explicit_dry_run_spec" flag is set. - $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig - useExplicitDryRunSpec: + Optional. A SQL statement that's compatible with [BigQuery + SQL](https://cloud.google.com/bigquery/docs/introduction-sql). + type: string + timeout: description: >- - Use explicit dry run spec flag. Ordinarily, a dry-run spec - implicitly exists for all Service Perimeters, and that spec is - identical to the status for those Service Perimeters. When this flag - is set, it inhibits the generation of the implicit spec, thereby - allowing the user to explicitly provide a configuration ("spec") to - use in a dry-run version of the Service Perimeter. This allows the - user to test changes to the enforced config ("status") without - actually enforcing them. This testing is done through analyzing the - differences between currently enforced and suggested restrictions. - use_explicit_dry_run_spec must bet set to True if any of the fields - in the spec are set to non-default values. - type: boolean - etag: + Optional. Specifies the maximum amount of time that the client is + willing to wait for the query to complete. By default, this limit is + 5 min for the first query, and 1 minute for the following queries. + If the query is complete, the `done` field in the + `QueryAssetsResponse` is true, otherwise false. Like BigQuery + [jobs.query + API](https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs/query#queryrequest) + The call is not guaranteed to wait for the specified timeout; it + typically returns after around 200 seconds (200,000 milliseconds), + even if the query is not complete. The field will be ignored when + [output_config] is specified. + format: google-duration + type: string + pageToken: description: >- - Optional. An opaque identifier for the current version of the - `ServicePerimeter`. This identifier does not follow any specific - format. If an etag is not provided, the operation will be performed - as if a valid etag is provided. + Optional. A page token received from previous `QueryAssets`. The + field will be ignored when [output_config] is specified. type: string - GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig: - id: GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig - description: >- - `ServicePerimeterConfig` specifies a set of Google Cloud resources that - describe specific Service Perimeter configuration. + pageSize: + format: int32 + description: >- + Optional. The maximum number of rows to return in the results. + Responses are limited to 10 MB and 1000 rows. By default, the + maximum row count is 1000. When the byte or row count limit is + reached, the rest of the query results will be paginated. The field + will be ignored when [output_config] is specified. + type: integer + id: QueryAssetsRequest + Expr: type: object + id: Expr + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. properties: - resources: + location: + type: string description: >- - A list of Google Cloud resources that are inside of the service - perimeter. Currently only projects and VPCs are allowed. Project - format: `projects/{project_number}` VPC network format: - `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. - type: array - items: - type: string - accessLevels: + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + title: + type: string description: >- - A list of `AccessLevel` resource names that allow resources within - the `ServicePerimeter` to be accessed from the internet. - `AccessLevels` listed must be in the same policy as this - `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a - syntax error. If no `AccessLevel` names are listed, resources within - the perimeter can only be accessed via Google Cloud calls with - request origins within the perimeter. Example: - `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`. For Service - Perimeter Bridge, must be empty. - type: array - items: - type: string - restrictedServices: + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + description: description: >- - Google Cloud services that are subject to the Service Perimeter - restrictions. For example, if `storage.googleapis.com` is specified, - access to the storage buckets inside the perimeter must meet the - perimeter's access restrictions. - type: array - items: - type: string - vpcAccessibleServices: - description: Configuration for APIs allowed within Perimeter. - $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices - ingressPolicies: + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + expression: + type: string description: >- - List of IngressPolicies to apply to the perimeter. A perimeter may - have multiple IngressPolicies, each of which is evaluated - separately. Access is granted if any Ingress Policy grants it. Must - be empty for a perimeter bridge. - type: array + Textual representation of an expression in Common Expression + Language syntax. + RelatedResources: + properties: + relatedResources: items: - $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1IngressPolicy - egressPolicies: - description: >- - List of EgressPolicies to apply to the perimeter. A perimeter may - have multiple EgressPolicies, each of which is evaluated separately. - Access is granted if any EgressPolicy grants it. Must be empty for a - perimeter bridge. + $ref: '#/components/schemas/RelatedResource' + description: The detailed related resources of the primary resource. type: array - items: - $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1EgressPolicy - GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices: - id: GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices - description: >- - Specifies how APIs are allowed to communicate within the Service - Perimeter. + description: The related resources of the primary resource. type: object + id: RelatedResources + SearchAllResourcesResponse: properties: - enableRestriction: + nextPageToken: description: >- - Whether to restrict API calls within the Service Perimeter to the - list of APIs specified in 'allowed_services'. - type: boolean - allowedServices: + If there are more results than those appearing in this response, + then `next_page_token` is included. To get the next set of results, + call this method again using the value of `next_page_token` as + `page_token`. + type: string + results: description: >- - The list of APIs usable within the Service Perimeter. Must be empty - unless 'enable_restriction' is True. You can specify a list of - individual services, as well as include the 'RESTRICTED-SERVICES' - value, which automatically includes all of the services protected by - the perimeter. - type: array + A list of Resources that match the search query. It contains the + resource standard metadata information. items: - type: string - GoogleIdentityAccesscontextmanagerV1IngressPolicy: - id: GoogleIdentityAccesscontextmanagerV1IngressPolicy - description: >- - Policy for ingress into ServicePerimeter. IngressPolicies match requests - based on `ingress_from` and `ingress_to` stanzas. For an ingress policy - to match, both the `ingress_from` and `ingress_to` stanzas must be - matched. If an IngressPolicy matches a request, the request is allowed - through the perimeter boundary from outside the perimeter. For example, - access from the internet can be allowed either based on an AccessLevel - or, for traffic hosted on Google Cloud, the project of the source - network. For access from private networks, using the project of the - hosting network is required. Individual ingress policies can be limited - by restricting which services and/or actions they match using the - `ingress_to` field. + $ref: '#/components/schemas/ResourceSearchResult' + type: array + description: Search all resources response. type: object + id: SearchAllResourcesResponse + GoogleIdentityAccesscontextmanagerV1MethodSelector: properties: - ingressFrom: + permission: + type: string description: >- - Defines the conditions on the source of a request causing this - IngressPolicy to apply. - $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1IngressFrom' - ingressTo: + A valid Cloud IAM permission for the corresponding `service_name` in + ApiOperation. + method: + type: string description: >- - Defines the conditions on the ApiOperation and request destination - that cause this IngressPolicy to apply. - $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1IngressTo' + A valid method name for the corresponding `service_name` in + ApiOperation. If `*` is used as the value for the `method`, then ALL + methods and permissions are allowed. + id: GoogleIdentityAccesscontextmanagerV1MethodSelector + description: An allowed method or permission of a service specified in ApiOperation. + type: object + GoogleIdentityAccesscontextmanagerV1EgressPolicy: + type: object + id: GoogleIdentityAccesscontextmanagerV1EgressPolicy + properties: + egressFrom: + description: >- + Defines conditions on the source of a request causing this + EgressPolicy to apply. + $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1EgressFrom' + egressTo: + $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1EgressTo' + description: >- + Defines the conditions on the ApiOperation and destination resources + that cause this EgressPolicy to apply. title: description: >- - Optional. Human-readable title for the ingress rule. The title must + Optional. Human-readable title for the egress rule. The title must be unique within the perimeter and can not exceed 100 characters. Within the access policy, the combined length of all rule titles must not exceed 240,000 characters. type: string - GoogleIdentityAccesscontextmanagerV1IngressFrom: - id: GoogleIdentityAccesscontextmanagerV1IngressFrom description: >- - Defines the conditions under which an IngressPolicy matches a request. - Conditions are based on information about the source of the request. The - request must satisfy what is defined in `sources` AND identity related - fields in order to match. - type: object - properties: - sources: - description: Sources that this IngressPolicy authorizes access from. - type: array + Policy for egress from perimeter. EgressPolicies match requests based on + `egress_from` and `egress_to` stanzas. For an EgressPolicy to match, + both `egress_from` and `egress_to` stanzas must be matched. If an + EgressPolicy matches a request, the request is allowed to span the + ServicePerimeter boundary. For example, an EgressPolicy can be used to + allow VMs on networks within the ServicePerimeter to access a defined + set of projects outside the perimeter in certain contexts (e.g. to read + data from a Cloud Storage bucket or query against a BigQuery dataset). + EgressPolicies are concerned with the *resources* that a request relates + as well as the API services and API actions being used. They do not + related to the direction of data movement. More detailed documentation + for this concept can be found in the descriptions of EgressFrom and + EgressTo. + OrgPolicyResult: + description: The organization policy result to the query. + properties: + policyBundle: items: - $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1IngressSource - identities: + $ref: '#/components/schemas/AnalyzerOrgPolicy' description: >- - A list of identities that are allowed access through - [IngressPolicy]. Identities can be an individual user, service - account, Google group, or third-party identity. For third-party - identity, only single identities are supported and other identity - types are not supported. The `v1` identities that have the prefix - `user`, `group`, `serviceAccount`, and `principal` in - https://cloud.google.com/iam/docs/principal-identifiers#v1 are - supported. + The ordered list of all organization policies from the + consolidated_policy.attached_resource. to the scope specified in the + request. If the constraint is defined with default policy, it will + also appear in the list. type: array + project: + type: string + description: >- + The project that this consolidated policy belongs to, in the format + of projects/{PROJECT_NUMBER}. This field is available when the + consolidated policy belongs to a project. + folders: items: type: string - identityType: + type: array description: >- - Specifies the type of identities that are allowed access from - outside the perimeter. If left unspecified, then members of - `identities` field will be allowed access. + The folder(s) that this consolidated policy belongs to, in the + format of folders/{FOLDER_NUMBER}. This field is available when the + consolidated policy belongs (directly or cascadingly) to one or more + folders. + organization: + description: >- + The organization that this consolidated policy belongs to, in the + format of organizations/{ORGANIZATION_NUMBER}. This field is + available when the consolidated policy belongs (directly or + cascadingly) to an organization. type: string - enumDescriptions: - - No blanket identity group specified. - - Authorize access from all identities outside the perimeter. - - Authorize access from all human users outside the perimeter. - - Authorize access from all service accounts outside the perimeter. - enum: - - IDENTITY_TYPE_UNSPECIFIED - - ANY_IDENTITY - - ANY_USER_ACCOUNT - - ANY_SERVICE_ACCOUNT - GoogleIdentityAccesscontextmanagerV1IngressSource: - id: GoogleIdentityAccesscontextmanagerV1IngressSource - description: The source that IngressPolicy authorizes access from. + consolidatedPolicy: + $ref: '#/components/schemas/AnalyzerOrgPolicy' + description: >- + The consolidated organization policy for the analyzed resource. The + consolidated organization policy is computed by merging and + evaluating policy_bundle. The evaluation will respect the + organization policy [hierarchy + rules](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-hierarchy). type: object + id: OrgPolicyResult + RelationshipAttributes: properties: - accessLevel: + type: description: >- - An AccessLevel resource name that allow resources within the - ServicePerimeters to be accessed from the internet. AccessLevels - listed must be in the same policy as this ServicePerimeter. - Referencing a nonexistent AccessLevel will cause an error. If no - AccessLevel names are listed, resources within the perimeter can - only be accessed via Google Cloud calls with request origins within - the perimeter. Example: - `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is - specified for `access_level`, then all IngressSources will be - allowed. + The unique identifier of the relationship type. Example: + `INSTANCE_TO_INSTANCEGROUP` type: string - resource: - description: >- - A Google Cloud resource that is allowed to ingress the perimeter. - Requests from these resources will be allowed to access perimeter - data. Currently only projects and VPCs are allowed. Project format: - `projects/{project_number}` VPC network format: - `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. - The project may be in any Google Cloud organization, not just the - organization that the perimeter is defined in. `*` is not allowed, - the case of allowing all Google Cloud resources only is not - supported. + sourceResourceType: type: string - GoogleIdentityAccesscontextmanagerV1IngressTo: - id: GoogleIdentityAccesscontextmanagerV1IngressTo + description: 'The source asset type. Example: `compute.googleapis.com/Instance`' + action: + type: string + description: The detail of the relationship, e.g. `contains`, `attaches` + targetResourceType: + description: 'The target asset type. Example: `compute.googleapis.com/Disk`' + type: string + id: RelationshipAttributes description: >- - Defines the conditions under which an IngressPolicy matches a request. - Conditions are based on information about the ApiOperation intended to - be performed on the target resource of the request. The request must - satisfy what is defined in `operations` AND `resources` in order to - match. + DEPRECATED. This message only presents for the purpose of + backward-compatibility. The server will never populate this message in + responses. The relationship attributes which include `type`, + `source_resource_type`, `target_resource_type` and `action`. + deprecated: true type: object + ListFeedsResponse: + type: object + id: ListFeedsResponse properties: - operations: - description: >- - A list of ApiOperations allowed to be performed by the sources - specified in corresponding IngressFrom in this ServicePerimeter. - type: array - items: - $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1ApiOperation - resources: - description: >- - A list of resources, currently only projects in the form - `projects/`, protected by this ServicePerimeter that are allowed to - be accessed by sources defined in the corresponding IngressFrom. If - a single `*` is specified, then access to all resources inside the - perimeter are allowed. - type: array + feeds: items: - type: string - roles: - description: >- - IAM roles that represent the set of operations that the sources - specified in the corresponding IngressFrom are allowed to perform in - this ServicePerimeter. + $ref: '#/components/schemas/Feed' type: array - items: - type: string - GoogleIdentityAccesscontextmanagerV1ApiOperation: - id: GoogleIdentityAccesscontextmanagerV1ApiOperation - description: Identification for an API Operation. - type: object + description: A list of feeds. + UpdateFeedRequest: properties: - serviceName: + feed: description: >- - The name of the API whose methods or permissions the IngressPolicy - or EgressPolicy want to allow. A single ApiOperation with - `service_name` field set to `*` will allow all methods AND - permissions for all services. - type: string - methodSelectors: + Required. The new values of feed details. It must match an existing + feed and the field `name` must be in the format of: + projects/project_number/feeds/feed_id or + folders/folder_number/feeds/feed_id or + organizations/organization_number/feeds/feed_id. + $ref: '#/components/schemas/Feed' + updateMask: + format: google-fieldmask description: >- - API methods or permissions to allow. Method or permission must - belong to the service specified by `service_name` field. A single - MethodSelector entry with `*` specified for the `method` field will - allow all methods AND permissions for the service specified in - `service_name`. - type: array - items: - $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1MethodSelector - GoogleIdentityAccesscontextmanagerV1MethodSelector: - id: GoogleIdentityAccesscontextmanagerV1MethodSelector - description: An allowed method or permission of a service specified in ApiOperation. + Required. Only updates the `feed` fields indicated by this mask. The + field mask must not be empty, and it must not contain fields that + are immutable or only set by the server. + type: string + description: Update asset feed request. + id: UpdateFeedRequest + type: object + GoogleIdentityAccesscontextmanagerV1BasicLevel: + id: GoogleIdentityAccesscontextmanagerV1BasicLevel type: object properties: - method: + conditions: + items: + $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1Condition' description: >- - A valid method name for the corresponding `service_name` in - ApiOperation. If `*` is used as the value for the `method`, then ALL - methods and permissions are allowed. - type: string - permission: + Required. A list of requirements for the `AccessLevel` to be + granted. + type: array + combiningFunction: description: >- - A valid Cloud IAM permission for the corresponding `service_name` in - ApiOperation. + How the `conditions` list should be combined to determine if a + request is granted this `AccessLevel`. If AND is used, each + `Condition` in `conditions` must be satisfied for the `AccessLevel` + to be applied. If OR is used, at least one `Condition` in + `conditions` must be satisfied for the `AccessLevel` to be applied. + Default behavior is AND. + enumDescriptions: + - All `Conditions` must be true for the `BasicLevel` to be true. + - >- + If at least one `Condition` is true, then the `BasicLevel` is + true. type: string - GoogleIdentityAccesscontextmanagerV1EgressPolicy: - id: GoogleIdentityAccesscontextmanagerV1EgressPolicy - description: >- - Policy for egress from perimeter. EgressPolicies match requests based on - `egress_from` and `egress_to` stanzas. For an EgressPolicy to match, - both `egress_from` and `egress_to` stanzas must be matched. If an - EgressPolicy matches a request, the request is allowed to span the - ServicePerimeter boundary. For example, an EgressPolicy can be used to - allow VMs on networks within the ServicePerimeter to access a defined - set of projects outside the perimeter in certain contexts (e.g. to read - data from a Cloud Storage bucket or query against a BigQuery dataset). - EgressPolicies are concerned with the *resources* that a request relates - as well as the API services and API actions being used. They do not - related to the direction of data movement. More detailed documentation - for this concept can be found in the descriptions of EgressFrom and - EgressTo. + enum: + - AND + - OR + description: '`BasicLevel` is an `AccessLevel` using a set of recommended features.' + AnalyzerOrgPolicy: type: object properties: - egressFrom: + inheritFromParent: description: >- - Defines conditions on the source of a request causing this - EgressPolicy to apply. - $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1EgressFrom' - egressTo: + If `inherit_from_parent` is true, Rules set higher up in the + hierarchy (up to the closest root) are inherited and present in the + effective policy. If it is false, then no rules are inherited, and + this policy becomes the effective root for evaluation. + type: boolean + appliedResource: + type: string description: >- - Defines the conditions on the ApiOperation and destination resources - that cause this EgressPolicy to apply. - $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1EgressTo' - title: - description: >- - Optional. Human-readable title for the egress rule. The title must - be unique within the perimeter and can not exceed 100 characters. - Within the access policy, the combined length of all rule titles - must not exceed 240,000 characters. - type: string - GoogleIdentityAccesscontextmanagerV1EgressFrom: - id: GoogleIdentityAccesscontextmanagerV1EgressFrom - description: >- - Defines the conditions under which an EgressPolicy matches a request. - Conditions based on information about the source of the request. Note - that if the destination of the request is also protected by a - ServicePerimeter, then that ServicePerimeter must have an IngressPolicy - which allows access in order for this request to succeed. - type: object - properties: - identities: - description: >- - A list of identities that are allowed access through [EgressPolicy]. - Identities can be an individual user, service account, Google group, - or third-party identity. For third-party identity, only single - identities are supported and other identity types are not supported. - The `v1` identities that have the prefix `user`, `group`, - `serviceAccount`, and `principal` in - https://cloud.google.com/iam/docs/principal-identifiers#v1 are - supported. - type: array + The [full resource name] + (https://cloud.google.com/asset-inventory/docs/resource-name-format) + of an organization/folder/project resource where this organization + policy applies to. For any user defined org policies, this field has + the same value as the [attached_resource] field. Only for default + policy, this field has the different value. + rules: items: - type: string - identityType: - description: >- - Specifies the type of identities that are allowed access to outside - the perimeter. If left unspecified, then members of `identities` - field will be allowed access. - type: string - enumDescriptions: - - No blanket identity group specified. - - Authorize access from all identities outside the perimeter. - - Authorize access from all human users outside the perimeter. - - Authorize access from all service accounts outside the perimeter. - enum: - - IDENTITY_TYPE_UNSPECIFIED - - ANY_IDENTITY - - ANY_USER_ACCOUNT - - ANY_SERVICE_ACCOUNT - sources: - description: >- - Sources that this EgressPolicy authorizes access from. If this field - is not empty, then `source_restriction` must be set to - `SOURCE_RESTRICTION_ENABLED`. + $ref: '#/components/schemas/GoogleCloudAssetV1Rule' type: array - items: - $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1EgressSource - sourceRestriction: - description: >- - Whether to enforce traffic restrictions based on `sources` field. If - the `sources` fields is non-empty, then this field must be set to - `SOURCE_RESTRICTION_ENABLED`. - type: string - enumDescriptions: - - >- - Enforcement preference unspecified, will not enforce traffic - restrictions based on `sources` in EgressFrom. - - >- - Enforcement preference enabled, traffic restrictions will be - enforced based on `sources` in EgressFrom. - - >- - Enforcement preference disabled, will not enforce traffic - restrictions based on `sources` in EgressFrom. - enum: - - SOURCE_RESTRICTION_UNSPECIFIED - - SOURCE_RESTRICTION_ENABLED - - SOURCE_RESTRICTION_DISABLED - GoogleIdentityAccesscontextmanagerV1EgressSource: - id: GoogleIdentityAccesscontextmanagerV1EgressSource - description: >- - The source that EgressPolicy authorizes access from inside the - ServicePerimeter to somewhere outside the ServicePerimeter boundaries. - type: object - properties: - accessLevel: + description: List of rules for this organization policy. + reset: description: >- - An AccessLevel resource name that allows protected resources inside - the ServicePerimeters to access outside the ServicePerimeter - boundaries. AccessLevels listed must be in the same policy as this - ServicePerimeter. Referencing a nonexistent AccessLevel will cause - an error. If an AccessLevel name is not specified, only resources - within the perimeter can be accessed through Google Cloud calls with - request origins within the perimeter. Example: - `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is - specified for `access_level`, then all EgressSources will be - allowed. + Ignores policies set above this resource and restores the default + behavior of the constraint at this resource. This field can be set + in policies for either list or boolean constraints. If set, `rules` + must be empty and `inherit_from_parent` must be set to false. + type: boolean + attachedResource: type: string - resource: description: >- - A Google Cloud resource from the service perimeter that you want to - allow to access data outside the perimeter. This field supports only - projects. The project format is `projects/{project_number}`. You - can't use `*` in this field to allow all Google Cloud resources. - type: string - GoogleIdentityAccesscontextmanagerV1EgressTo: - id: GoogleIdentityAccesscontextmanagerV1EgressTo + The [full resource name] + (https://cloud.google.com/asset-inventory/docs/resource-name-format) + of an organization/folder/project resource where this organization + policy is set. Notice that some type of constraints are defined with + default policy. This field will be empty for them. description: >- - Defines the conditions under which an EgressPolicy matches a request. - Conditions are based on information about the ApiOperation intended to - be performed on the `resources` specified. Note that if the destination - of the request is also protected by a ServicePerimeter, then that - ServicePerimeter must have an IngressPolicy which allows access in order - for this request to succeed. The request must match `operations` AND - `resources` fields in order to be allowed egress out of the perimeter. + This organization policy message is a modified version of the one + defined in the Organization Policy system. This message contains several + fields defined in the original organization policy with some new fields + for analysis purpose. + id: AnalyzerOrgPolicy + GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices: + description: >- + Specifies how APIs are allowed to communicate within the Service + Perimeter. + id: GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices type: object properties: - resources: - description: >- - A list of resources, currently only projects in the form - `projects/`, that are allowed to be accessed by sources defined in - the corresponding EgressFrom. A request matches if it contains a - resource in this list. If `*` is specified for `resources`, then - this EgressTo rule will authorize access to all resources outside - the perimeter. - type: array + allowedServices: items: type: string - operations: - description: >- - A list of ApiOperations allowed to be performed by the sources - specified in the corresponding EgressFrom. A request matches if it - uses an operation/service in this list. type: array - items: - $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1ApiOperation - externalResources: description: >- - A list of external resources that are allowed to be accessed. Only - AWS and Azure resources are supported. For Amazon S3, the supported - formats are s3://BUCKET_NAME, s3a://BUCKET_NAME, and - s3n://BUCKET_NAME. For Azure Storage, the supported format is - azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request - matches if it contains an external resource in this list (Example: - s3://bucket/path). Currently '*' is not allowed. - type: array - items: - type: string - roles: + The list of APIs usable within the Service Perimeter. Must be empty + unless 'enable_restriction' is True. You can specify a list of + individual services, as well as include the 'RESTRICTED-SERVICES' + value, which automatically includes all of the services protected by + the perimeter. + enableRestriction: + type: boolean description: >- - IAM roles that represent the set of operations that the sources - specified in the corresponding EgressFrom. are allowed to perform in - this ServicePerimeter. - type: array - items: - type: string - Inventory: - id: Inventory - description: >- - This API resource represents the available inventory data for a Compute - Engine virtual machine (VM) instance at a given point in time. You can - use this API resource to determine the inventory data of your VM. For - more information, see [Information provided by OS inventory - management](https://cloud.google.com/compute/docs/instances/os-inventory-management#data-collected). - type: object + Whether to restrict API calls within the Service Perimeter to the + list of APIs specified in 'allowed_services'. + RelatedResource: + description: The detailed related resource. + id: RelatedResource properties: - name: - description: >- - Output only. The `Inventory` API resource name. Format: - `projects/{project_number}/locations/{location}/instances/{instance_id}/inventory` - readOnly: true + assetType: type: string - osInfo: - description: Base level operating system information for the VM. - $ref: '#/components/schemas/OsInfo' - items: - description: >- - Inventory items related to the VM keyed by an opaque unique - identifier for each inventory item. The identifier is unique to each - distinct and addressable inventory item and will change, when there - is a new package version. - type: object - additionalProperties: - $ref: '#/components/schemas/Item' - updateTime: - description: Output only. Timestamp of the last reported inventory for the VM. - readOnly: true + description: 'The type of the asset. Example: `compute.googleapis.com/Instance`' + fullResourceName: type: string - format: google-datetime + description: >- + The full resource name of the related resource. Example: + `//compute.googleapis.com/projects/my_proj_123/zones/instance/instance123` + type: object OsInfo: - id: OsInfo description: Operating system information for the VM. type: object properties: - hostname: - description: The VM hostname. + version: + description: The version of the operating system. + type: string + kernelRelease: + description: The kernel release of the operating system. type: string longName: description: >- @@ -1962,355 +1351,228 @@ components: shortName: description: The operating system short name. For example, 'windows' or 'debian'. type: string - version: - description: The version of the operating system. - type: string architecture: description: The system architecture of the operating system. type: string + hostname: + type: string + description: The VM hostname. kernelVersion: description: The kernel version of the operating system. type: string - kernelRelease: - description: The kernel release of the operating system. - type: string osconfigAgentVersion: description: The current version of the OS Config agent running on the VM. type: string - Item: - id: Item - description: A single piece of inventory on a VM. + id: OsInfo + Permissions: + description: IAM permissions type: object properties: - id: - description: Identifier for this item, unique across items for this VM. - type: string - originType: - description: The origin of this inventory item. - type: string - enumDescriptions: - - Invalid. An origin type must be specified. - - >- - This inventory item was discovered as the result of the agent - reporting inventory via the reporting API. - enum: - - ORIGIN_TYPE_UNSPECIFIED - - INVENTORY_REPORT - createTime: - description: When this inventory item was first detected. - type: string - format: google-datetime - updateTime: - description: When this inventory item was last modified. - type: string - format: google-datetime - type: - description: The specific type of inventory, correlating to its specific details. - type: string - enumDescriptions: - - Invalid. A type must be specified. - - This represents a package that is installed on the VM. - - This represents an update that is available for a package. - enum: - - TYPE_UNSPECIFIED - - INSTALLED_PACKAGE - - AVAILABLE_PACKAGE - installedPackage: - description: Software package present on the VM instance. - $ref: '#/components/schemas/SoftwarePackage' - availablePackage: - description: Software package available to be installed on the VM instance. - $ref: '#/components/schemas/SoftwarePackage' - SoftwarePackage: - id: SoftwarePackage - description: Software package information of the operating system. + permissions: + type: array + items: + type: string + description: >- + A list of permissions. A sample permission string: + `compute.disk.get`. + id: Permissions + GoogleIdentityAccesscontextmanagerV1VpcNetworkSource: type: object + description: The originating network source in Google Cloud. properties: - yumPackage: - description: >- - Yum package info. For details about the yum package manager, see - https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/ch-yum. - $ref: '#/components/schemas/VersionedPackage' - aptPackage: - description: >- - Details of an APT package. For details about the apt package - manager, see https://wiki.debian.org/Apt. - $ref: '#/components/schemas/VersionedPackage' - zypperPackage: - description: >- - Details of a Zypper package. For details about the Zypper package - manager, see https://en.opensuse.org/SDB:Zypper_manual. - $ref: '#/components/schemas/VersionedPackage' - googetPackage: - description: >- - Details of a Googet package. For details about the googet package - manager, see https://github.com/google/googet. - $ref: '#/components/schemas/VersionedPackage' - zypperPatch: + vpcSubnetwork: + description: Sub-segment ranges of a VPC network. + $ref: >- + #/components/schemas/GoogleIdentityAccesscontextmanagerV1VpcSubNetwork + id: GoogleIdentityAccesscontextmanagerV1VpcNetworkSource + Date: + properties: + month: + format: int32 + type: integer description: >- - Details of a Zypper patch. For details about the Zypper package - manager, see https://en.opensuse.org/SDB:Zypper_manual. - $ref: '#/components/schemas/ZypperPatch' - wuaPackage: + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. + year: description: >- - Details of a Windows Update package. See - https://docs.microsoft.com/en-us/windows/win32/api/_wua/ for - information about Windows Update. - $ref: '#/components/schemas/WindowsUpdatePackage' - qfePackage: + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. + format: int32 + type: integer + day: + type: integer description: >- - Details of a Windows Quick Fix engineering package. See - https://docs.microsoft.com/en-us/windows/win32/cimwin32prov/win32-quickfixengineering - for info in Windows Quick Fix Engineering. - $ref: '#/components/schemas/WindowsQuickFixEngineeringPackage' - cosPackage: - description: Details of a COS package. - $ref: '#/components/schemas/VersionedPackage' - windowsApplication: - description: Details of Windows Application. - $ref: '#/components/schemas/WindowsApplication' - VersionedPackage: - id: VersionedPackage + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. + format: int32 description: >- - Information related to the a standard versioned package. This includes - package info for APT, Yum, Zypper, and Googet package managers. + Represents a whole or partial calendar date, such as a birthday. The + time of day and time zone are either specified elsewhere or are + insignificant. The date is relative to the Gregorian Calendar. This can + represent one of the following: * A full date, with non-zero year, + month, and day values. * A month and day, with a zero year (for example, + an anniversary). * A year on its own, with a zero month and a zero day. + * A year and month, with a zero day (for example, a credit card + expiration date). Related types: * google.type.TimeOfDay * + google.type.DateTime * google.protobuf.Timestamp + id: Date type: object + WindowsUpdateCategory: properties: - packageName: - description: The name of the package. - type: string - architecture: - description: The system architecture this package is intended for. + name: type: string - version: - description: The version of the package. + description: The name of the windows update category. + id: + description: The identifier of the windows update category. type: string - ZypperPatch: - id: ZypperPatch - description: Details related to a Zypper Patch. type: object - properties: - patchName: - description: The name of the patch. - type: string - category: - description: The category of the patch. - type: string - severity: - description: The severity specified for this patch - type: string - summary: - description: Any summary information provided about this patch. - type: string - WindowsUpdatePackage: - id: WindowsUpdatePackage - description: >- - Details related to a Windows Update package. Field data and names are - taken from Windows Update API IUpdate Interface: - https://docs.microsoft.com/en-us/windows/win32/api/_wua/ Descriptive - fields like title, and description are localized based on the locale of - the VM being updated. + description: Categories specified by the Windows Update. + id: WindowsUpdateCategory + ResourceOwners: + id: ResourceOwners type: object properties: - title: - description: The localized title of the update package. - type: string - description: - description: The localized description of the update package. - type: string - categories: - description: The categories that are associated with this update package. - type: array - items: - $ref: '#/components/schemas/WindowsUpdateCategory' - kbArticleIds: - description: >- - A collection of Microsoft Knowledge Base article IDs that are - associated with the update package. + resourceOwners: type: array + description: List of resource owners. items: type: string - supportUrl: - description: >- - A hyperlink to the language-specific support information for the - update. - type: string - moreInfoUrls: + description: The resource owners information. + AnalyzeMoveResponse: + type: object + properties: + moveAnalysis: description: >- - A collection of URLs that provide more information about the update - package. + The list of analyses returned from performing the intended resource + move analysis. The analysis is grouped by different Google Cloud + services. type: array items: - type: string - updateId: - description: >- - Gets the identifier of an update package. Stays the same across - revisions. - type: string - revisionNumber: - description: The revision number of this update package. - type: integer - format: int32 - lastDeploymentChangeTime: - description: The last published date of the update, in (UTC) date and time. - type: string - format: google-datetime - WindowsUpdateCategory: - id: WindowsUpdateCategory - description: Categories specified by the Windows Update. + $ref: '#/components/schemas/MoveAnalysis' + description: The response message for resource move analysis. + id: AnalyzeMoveResponse + Inventory: type: object properties: - id: - description: The identifier of the windows update category. + items: + additionalProperties: + $ref: '#/components/schemas/Item' + type: object + description: >- + Inventory items related to the VM keyed by an opaque unique + identifier for each inventory item. The identifier is unique to each + distinct and addressable inventory item and will change, when there + is a new package version. + updateTime: + format: google-datetime + readOnly: true + description: Output only. Timestamp of the last reported inventory for the VM. type: string name: - description: The name of the windows update category. + description: >- + Output only. The `Inventory` API resource name. Format: + `projects/{project_number}/locations/{location}/instances/{instance_id}/inventory` + readOnly: true type: string - WindowsQuickFixEngineeringPackage: - id: WindowsQuickFixEngineeringPackage + osInfo: + $ref: '#/components/schemas/OsInfo' + description: Base level operating system information for the VM. + id: Inventory description: >- - Information related to a Quick Fix Engineering package. Fields are taken - from Windows QuickFixEngineering Interface and match the source names: - https://docs.microsoft.com/en-us/windows/win32/cimwin32prov/win32-quickfixengineering + This API resource represents the available inventory data for a Compute + Engine virtual machine (VM) instance at a given point in time. You can + use this API resource to determine the inventory data of your VM. For + more information, see [Information provided by OS inventory + management](https://cloud.google.com/compute/docs/instances/os-inventory-management#data-collected). + GoogleCloudAssetV1BigQueryDestination: + description: A BigQuery destination. + id: GoogleCloudAssetV1BigQueryDestination type: object properties: - caption: - description: A short textual description of the QFE update. - type: string - description: - description: A textual description of the QFE update. - type: string - hotFixId: - description: Unique identifier associated with a particular QFE update. - type: string - installTime: + tablePrefix: description: >- - Date that the QFE update was installed. Mapped from installed_on - field. - type: string - format: google-datetime - WindowsApplication: - id: WindowsApplication - description: >- - Contains information about a Windows application that is retrieved from - the Windows Registry. For more information about these fields, see: - https://docs.microsoft.com/en-us/windows/win32/msi/uninstall-registry-key - type: object - properties: - displayName: - description: The name of the application or product. + Required. The prefix of the BigQuery tables to which the analysis + results will be written. Tables will be created based on this + table_prefix if not exist: * _analysis table will contain export + operation's metadata. * _analysis_result will contain all the + IamPolicyAnalysisResult. When [partition_key] is specified, both + tables will be partitioned based on the [partition_key]. type: string - displayVersion: - description: The version of the product or application in string format. + dataset: + description: >- + Required. The BigQuery dataset in format + "projects/projectId/datasets/datasetId", to which the analysis + results should be exported. If this dataset does not exist, the + export call will return an INVALID_ARGUMENT error. type: string - publisher: - description: The name of the manufacturer for the product or application. + partitionKey: + enumDescriptions: + - >- + Unspecified partition key. Tables won't be partitioned using this + option. + - >- + The time when the request is received. If specified as partition + key, the result table(s) is partitioned by the RequestTime column, + an additional timestamp column representing when the request was + received. + enum: + - PARTITION_KEY_UNSPECIFIED + - REQUEST_TIME type: string - installDate: + description: The partition key for BigQuery partitioned table. + writeDisposition: description: >- - The last time this product received service. The value of this - property is replaced each time a patch is applied or removed from - the product or the command-line option is used to repair the - product. - $ref: '#/components/schemas/Date' - helpLink: - description: The internet address for technical support. + Optional. Specifies the action that occurs if the destination table + or partition already exists. The following values are supported: * + WRITE_TRUNCATE: If the table or partition already exists, BigQuery + overwrites the entire table or all the partitions data. * + WRITE_APPEND: If the table or partition already exists, BigQuery + appends the data to the table or the latest partition. * + WRITE_EMPTY: If the table already exists and contains data, an error + is returned. The default value is WRITE_APPEND. Each action is + atomic and only occurs if BigQuery is able to complete the job + successfully. Details are at + https://cloud.google.com/bigquery/docs/loading-data-local#appending_to_or_overwriting_a_table_using_a_local_file. type: string - Date: - id: Date - description: >- - Represents a whole or partial calendar date, such as a birthday. The - time of day and time zone are either specified elsewhere or are - insignificant. The date is relative to the Gregorian Calendar. This can - represent one of the following: * A full date, with non-zero year, - month, and day values. * A month and day, with a zero year (for example, - an anniversary). * A year on its own, with a zero month and a zero day. - * A year and month, with a zero day (for example, a credit card - expiration date). Related types: * google.type.TimeOfDay * - google.type.DateTime * google.protobuf.Timestamp - type: object + GoogleIdentityAccesscontextmanagerV1CustomLevel: properties: - year: - description: >- - Year of the date. Must be from 1 to 9999, or 0 to specify a date - without a year. - type: integer - format: int32 - month: - description: >- - Month of a year. Must be from 1 to 12, or 0 to specify a year - without a month and day. - type: integer - format: int32 - day: - description: >- - Day of a month. Must be from 1 to 31 and valid for the year and - month, or 0 to specify a year by itself or a year and month where - the day isn't significant. - type: integer - format: int32 - RelatedAssets: - id: RelatedAssets - deprecated: true - description: >- - DEPRECATED. This message only presents for the purpose of - backward-compatibility. The server will never populate this message in - responses. The detailed related assets with the `relationship_type`. + expr: + description: Required. A Cloud CEL expression evaluating to a boolean. + $ref: '#/components/schemas/Expr' type: object - properties: - relationshipAttributes: - description: The detailed relationship attributes. - $ref: '#/components/schemas/RelationshipAttributes' - assets: - description: The peer resources of the relationship. - type: array - items: - $ref: '#/components/schemas/RelatedAsset' - RelationshipAttributes: - id: RelationshipAttributes - deprecated: true + id: GoogleIdentityAccesscontextmanagerV1CustomLevel description: >- - DEPRECATED. This message only presents for the purpose of - backward-compatibility. The server will never populate this message in - responses. The relationship attributes which include `type`, - `source_resource_type`, `target_resource_type` and `action`. + `CustomLevel` is an `AccessLevel` using the Cloud Common Expression + Language to represent the necessary conditions for the level to apply to + a request. See CEL spec at: https://github.com/google/cel-spec + AnalyzeIamPolicyLongrunningResponse: + description: A response message for AssetService.AnalyzeIamPolicyLongrunning. + id: AnalyzeIamPolicyLongrunningResponse + properties: {} type: object + FeedOutputConfig: properties: - type: - description: >- - The unique identifier of the relationship type. Example: - `INSTANCE_TO_INSTANCEGROUP` - type: string - sourceResourceType: - description: 'The source asset type. Example: `compute.googleapis.com/Instance`' - type: string - targetResourceType: - description: 'The target asset type. Example: `compute.googleapis.com/Disk`' - type: string - action: - description: The detail of the relationship, e.g. `contains`, `attaches` - type: string - RelatedAsset: - id: RelatedAsset + pubsubDestination: + description: Destination on Pub/Sub. + $ref: '#/components/schemas/PubsubDestination' + type: object + description: Output configuration for asset feed destination. + id: FeedOutputConfig + Asset: + id: Asset + type: object description: >- - An asset identifier in Google Cloud which contains its name, type and - ancestors. An asset can be any resource in the Google Cloud [resource + An asset in Google Cloud. An asset can be any resource in the Google + Cloud [resource hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), a resource outside the Google Cloud resource hierarchy (such as Google - Kubernetes Engine clusters and objects), or a policy (e.g. IAM policy). - See [Supported asset + Kubernetes Engine clusters and objects), or a policy (e.g. IAM policy), + or a relationship (e.g. an INSTANCE_TO_INSTANCEGROUP relationship). See + [Supported asset types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) for more information. - type: object properties: - asset: - description: >- - The full name of the asset. Example: - `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1` - See [Resource - names](https://cloud.google.com/apis/design/resource_names#full_resource_name) - for more information. - type: string assetType: description: >- The type of the asset. Example: `compute.googleapis.com/Disk` See @@ -2318,738 +1580,1257 @@ components: types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) for more information. type: string + relatedAssets: + deprecated: true + $ref: '#/components/schemas/RelatedAssets' + description: >- + DEPRECATED. This field only presents for the purpose of + backward-compatibility. The server will never generate responses + with this field. The related assets of the asset of one relationship + type. One asset only represents one type of relationship. + assetExceptions: + items: + $ref: '#/components/schemas/AssetException' + description: The exceptions of a resource. + type: array + servicePerimeter: + description: >- + Also refer to the [service perimeter user + guide](https://cloud.google.com/vpc-service-controls/docs/overview). + $ref: >- + #/components/schemas/GoogleIdentityAccesscontextmanagerV1ServicePerimeter + iamPolicy: + $ref: '#/components/schemas/Policy' + description: >- + A representation of the IAM policy set on a Google Cloud resource. + There can be a maximum of one IAM policy set on any given resource. + In addition, IAM policies inherit their granted access scope from + any policies set on parent resources in the resource hierarchy. + Therefore, the effectively policy is the union of both the policy + set on this resource and each policy set on all of the resource's + ancestry resource levels in the hierarchy. See [this + topic](https://cloud.google.com/iam/help/allow-policies/inheritance) + for more information. + accessLevel: + description: >- + Also refer to the [access level user + guide](https://cloud.google.com/access-context-manager/docs/overview#access-levels). + $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1AccessLevel' + osInventory: + description: >- + A representation of runtime OS Inventory information. See [this + topic](https://cloud.google.com/compute/docs/instances/os-inventory-management) + for more information. + $ref: '#/components/schemas/Inventory' + updateTime: + type: string + format: google-datetime + description: >- + The last update timestamp of an asset. update_time is updated when + create/update/delete operation is performed. ancestors: + items: + type: string + type: array description: >- - The ancestors of an asset in Google Cloud [resource + The ancestry path of an asset in Google Cloud [resource hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), represented as a list of relative resource names. An ancestry path starts with the closest ancestor in the hierarchy and ends at root. - Example: `["projects/123456789", "folders/5432", - "organizations/1234"]` - type: array + If the asset is a project, folder, or organization, the ancestry + path starts from the asset itself. Example: `["projects/123456789", + "folders/5432", "organizations/1234"]` + orgPolicy: items: - type: string - relationshipType: + $ref: '#/components/schemas/GoogleCloudOrgpolicyV1Policy' + type: array description: >- - The unique identifier of the relationship type. Example: - `INSTANCE_TO_INSTANCEGROUP` - type: string - AssetException: - id: AssetException - description: An exception of an asset. - type: object - properties: - exceptionType: - description: The type of exception. - type: string - enumDescriptions: - - exception_type is not applicable for the current asset. - - The asset content is truncated. - enum: - - EXCEPTION_TYPE_UNSPECIFIED - - TRUNCATION - details: - description: The details of the exception. + A representation of an [organization + policy](https://cloud.google.com/resource-manager/docs/organization-policy/overview#organization_policy). + There can be more than one organization policy with different + constraints set on a given resource. + resource: + description: A representation of the resource. + $ref: '#/components/schemas/Resource' + relatedAsset: + $ref: '#/components/schemas/RelatedAsset' + description: One related asset of the current asset. + name: type: string - BatchGetAssetsHistoryResponse: - id: BatchGetAssetsHistoryResponse - description: Batch get assets history response. + description: >- + The full name of the asset. Example: + `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1` + See [Resource + names](https://cloud.google.com/apis/design/resource_names#full_resource_name) + for more information. + accessPolicy: + description: >- + Also refer to the [access policy user + guide](https://cloud.google.com/access-context-manager/docs/overview#access-policies). + $ref: >- + #/components/schemas/GoogleIdentityAccesscontextmanagerV1AccessPolicy + AnalyzeOrgPolicyGovernedContainersResponse: + id: AnalyzeOrgPolicyGovernedContainersResponse type: object properties: - assets: - description: A list of assets with valid time windows. - type: array + governedContainers: items: - $ref: '#/components/schemas/TemporalAsset' - TemporalAsset: - id: TemporalAsset + $ref: '#/components/schemas/GoogleCloudAssetV1GovernedContainer' + description: The list of the analyzed governed containers. + type: array + constraint: + $ref: '#/components/schemas/AnalyzerOrgPolicyConstraint' + description: The definition of the constraint in the request. + nextPageToken: + description: >- + The page token to fetch the next page for + AnalyzeOrgPolicyGovernedContainersResponse.governed_containers. + type: string description: >- - An asset in Google Cloud and its temporal metadata, including the time - window when it was observed and its status during that window. - type: object + The response message for + AssetService.AnalyzeOrgPolicyGovernedContainers. + PolicyInfo: + id: PolicyInfo + description: The IAM policy and its attached resource. properties: - window: - description: The time window when the asset data and state was observed. - $ref: '#/components/schemas/TimeWindow' - deleted: - description: Whether the asset has been deleted or not. - type: boolean - asset: - description: An asset in Google Cloud. - $ref: '#/components/schemas/Asset' - priorAssetState: - description: State of prior_asset. + policy: + description: The IAM policy that's directly attached to the attached_resource. + $ref: '#/components/schemas/Policy' + attachedResource: + description: The full resource name the policy is directly attached to. type: string - enumDescriptions: - - prior_asset is not applicable for the current asset. - - prior_asset is populated correctly. - - Failed to set prior_asset. - - Current asset is the first known state. - - prior_asset is a deletion. - enum: - - PRIOR_ASSET_STATE_UNSPECIFIED - - PRESENT - - INVALID - - DOES_NOT_EXIST - - DELETED - priorAsset: - description: >- - Prior copy of the asset. Populated if prior_asset_state is PRESENT. - Currently this is only set for responses in Real-Time Feed. - $ref: '#/components/schemas/Asset' - TimeWindow: - id: TimeWindow - description: A time window specified by its `start_time` and `end_time`. type: object + GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedIamPolicy: + id: >- + GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedIamPolicy + description: >- + The IAM policies governed by the organization policies of the + AnalyzeOrgPolicyGovernedAssetsRequest.constraint. properties: - startTime: - description: Start time of the time window (exclusive). + organization: type: string - format: google-datetime - endTime: description: >- - End time of the time window (inclusive). If not specified, the - current timestamp is used instead. + The organization that this IAM policy belongs to, in the format of + organizations/{ORGANIZATION_NUMBER}. This field is available when + the IAM policy belongs (directly or cascadingly) to an organization. + attachedResource: + description: >- + The full resource name of the resource on which this IAM policy is + set. Example: + `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. + See [Cloud Asset Inventory Resource Name + Format](https://cloud.google.com/asset-inventory/docs/resource-name-format) + for more information. type: string - format: google-datetime - CreateFeedRequest: - id: CreateFeedRequest - description: Create asset feed request. - type: object - properties: - feedId: + folders: description: >- - Required. This is the client-assigned asset feed identifier and it - needs to be unique under a specific parent - project/folder/organization. + The folder(s) that this IAM policy belongs to, in the format of + folders/{FOLDER_NUMBER}. This field is available when the IAM policy + belongs (directly or cascadingly) to one or more folders. + items: + type: string + type: array + policy: + description: The IAM policy directly set on the given resource. + $ref: '#/components/schemas/Policy' + assetType: type: string - feed: description: >- - Required. The feed details. The field `name` must be empty and it - will be generated in the format of: - projects/project_number/feeds/feed_id - folders/folder_number/feeds/feed_id - organizations/organization_number/feeds/feed_id - $ref: '#/components/schemas/Feed' - Feed: - id: Feed - description: >- - An asset feed used to export asset updates to a destinations. An asset - feed filter controls what updates are exported. The asset feed must be - created within a project, organization, or folder. Supported - destinations are: Pub/Sub topics. + The asset type of the + AnalyzeOrgPolicyGovernedAssetsResponse.GovernedIamPolicy.attached_resource. + Example: `cloudresourcemanager.googleapis.com/Project` See [Cloud + Asset Inventory Supported Asset + Types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) + for all supported asset types. + project: + description: >- + The project that this IAM policy belongs to, in the format of + projects/{PROJECT_NUMBER}. This field is available when the IAM + policy belongs to a project. + type: string + type: object + GoogleIdentityAccesscontextmanagerV1ServicePerimeter: type: object + description: >- + `ServicePerimeter` describes a set of Google Cloud resources which can + freely import and export data amongst themselves, but not export outside + of the `ServicePerimeter`. If a request with a source within this + `ServicePerimeter` has a target outside of the `ServicePerimeter`, the + request will be blocked. Otherwise the request is allowed. There are two + types of Service Perimeter - Regular and Bridge. Regular Service + Perimeters cannot overlap, a single Google Cloud project or VPC network + can only belong to a single regular Service Perimeter. Service Perimeter + Bridges can contain only Google Cloud projects as members, a single + Google Cloud project may belong to multiple Service Perimeter Bridges. + id: GoogleIdentityAccesscontextmanagerV1ServicePerimeter properties: - name: + spec: + $ref: >- + #/components/schemas/GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig description: >- - Required. The format will be - projects/{project_number}/feeds/{client-assigned_feed_identifier} or - folders/{folder_number}/feeds/{client-assigned_feed_identifier} or - organizations/{organization_number}/feeds/{client-assigned_feed_identifier} - The client-assigned feed identifier must be unique within the parent - project/folder/organization. + Proposed (or dry run) ServicePerimeter configuration. This + configuration allows to specify and test ServicePerimeter + configuration without enforcing actual access restrictions. Only + allowed to be set when the "use_explicit_dry_run_spec" flag is set. + perimeterType: type: string - assetNames: description: >- - A list of the full names of the assets to receive updates. You must - specify either or both of asset_names and asset_types. Only asset - updates matching specified asset_names or asset_types are exported - to the feed. Example: - `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. - For a list of the full names for supported asset types, see - [Resource name format](/asset-inventory/docs/resource-name-format). - type: array - items: - type: string - assetTypes: + Perimeter type indicator. A single project or VPC network is allowed + to be a member of single regular perimeter, but multiple service + perimeter bridges. A project cannot be a included in a perimeter + bridge without being included in regular perimeter. For perimeter + bridges, the restricted service list as well as access level lists + must be empty. + enum: + - PERIMETER_TYPE_REGULAR + - PERIMETER_TYPE_BRIDGE + enumDescriptions: + - >- + Regular Perimeter. When no value is specified, the perimeter uses + this type. + - Perimeter Bridge. + name: description: >- - A list of types of the assets to receive updates. You must specify - either or both of asset_names and asset_types. Only asset updates - matching specified asset_names or asset_types are exported to the - feed. Example: `"compute.googleapis.com/Disk"` For a list of all - supported asset types, see [Supported asset - types](/asset-inventory/docs/supported-asset-types). - type: array - items: - type: string - contentType: + Identifier. Resource name for the `ServicePerimeter`. Format: + `accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}`. + The `service_perimeter` component must begin with a letter, followed + by alphanumeric characters or `_`. After you create a + `ServicePerimeter`, you cannot change its `name`. + type: string + status: description: >- - Asset content type. If not specified, no content but the asset name - and type will be returned. + Current ServicePerimeter configuration. Specifies sets of resources, + restricted services and access levels that determine perimeter + content and boundaries. + $ref: >- + #/components/schemas/GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig + etag: + description: >- + Optional. An opaque identifier for the current version of the + `ServicePerimeter`. This identifier does not follow any specific + format. If an etag is not provided, the operation will be performed + as if a valid etag is provided. type: string - enumDescriptions: - - Unspecified content type. - - Resource metadata. - - The actual IAM policy set on a resource. - - The organization policy set on an asset. - - The Access Context Manager policy set on an asset. - - The runtime OS Inventory information. - - The related resources. + description: + description: >- + Description of the `ServicePerimeter` and its use. Does not affect + behavior. + type: string + useExplicitDryRunSpec: + description: >- + Use explicit dry run spec flag. Ordinarily, a dry-run spec + implicitly exists for all Service Perimeters, and that spec is + identical to the status for those Service Perimeters. When this flag + is set, it inhibits the generation of the implicit spec, thereby + allowing the user to explicitly provide a configuration ("spec") to + use in a dry-run version of the Service Perimeter. This allows the + user to test changes to the enforced config ("status") without + actually enforcing them. This testing is done through analyzing the + differences between currently enforced and suggested restrictions. + use_explicit_dry_run_spec must bet set to True if any of the fields + in the spec are set to non-default values. + type: boolean + title: + description: Human readable title. Must be unique within the Policy. + type: string + VersionedPackage: + description: >- + Information related to the a standard versioned package. This includes + package info for APT, Yum, Zypper, and Googet package managers. + properties: + version: + description: The version of the package. + type: string + packageName: + description: The name of the package. + type: string + architecture: + description: The system architecture this package is intended for. + type: string + type: object + id: VersionedPackage + GoogleCloudAssetV1QueryAssetsOutputConfigBigQueryDestination: + type: object + properties: + writeDisposition: + type: string + description: >- + Specifies the action that occurs if the destination table or + partition already exists. The following values are supported: * + WRITE_TRUNCATE: If the table or partition already exists, BigQuery + overwrites the entire table or all the partitions data. * + WRITE_APPEND: If the table or partition already exists, BigQuery + appends the data to the table or the latest partition. * + WRITE_EMPTY: If the table already exists and contains data, a + 'duplicate' error is returned in the job result. The default value + is WRITE_EMPTY. + dataset: + type: string + description: >- + Required. The BigQuery dataset where the query results will be + saved. It has the format of + "projects/{projectId}/datasets/{datasetId}". + table: + description: >- + Required. The BigQuery table where the query results will be saved. + If this table does not exist, a new table with the given name will + be created. + type: string + description: BigQuery destination. + id: GoogleCloudAssetV1QueryAssetsOutputConfigBigQueryDestination + AttachedResource: + properties: + versionedResources: + description: >- + Versioned resource representations of this attached resource. This + is repeated because there could be multiple versions of the attached + resource representations during version migration. + type: array + items: + $ref: '#/components/schemas/VersionedResource' + assetType: + description: >- + The type of this attached resource. Example: + `osconfig.googleapis.com/Inventory` You can find the supported + attached asset types of each resource in this table: + `https://cloud.google.com/asset-inventory/docs/supported-asset-types` + type: string + type: object + id: AttachedResource + description: >- + Attached resource representation, which is defined by the corresponding + service provider. It represents an attached resource's payload. + AssetEnrichment: + type: object + properties: + resourceOwners: + $ref: '#/components/schemas/ResourceOwners' + description: >- + The resource owners for a resource. Note that this field only + contains the members that have "roles/owner" role in the resource's + IAM Policy. + description: The enhanced metadata information for a resource. + id: AssetEnrichment + MoveImpact: + type: object + description: A message to group impacts of moving the target resource. + id: MoveImpact + properties: + detail: + type: string + description: User friendly impact detail in a free form message. + GoogleCloudAssetV1AccessControlList: + id: GoogleCloudAssetV1AccessControlList + type: object + description: >- + An access control list, derived from the above IAM policy binding, which + contains a set of resources and accesses. May include one item from each + set to compose an access control entry. NOTICE that there could be + multiple access control lists for one IAM policy binding. The access + control lists are created based on resource and access combinations. For + example, assume we have the following cases in one IAM policy binding: - + Permission P1 and P2 apply to resource R1 and R2; - Permission P3 + applies to resource R2 and R3; This will result in the following access + control lists: - AccessControlList 1: [R1, R2], [P1, P2] - + AccessControlList 2: [R2, R3], [P3] + properties: + resources: + items: + $ref: '#/components/schemas/GoogleCloudAssetV1Resource' + type: array + description: >- + The resources that match one of the following conditions: - The + resource_selector, if it is specified in request; - Otherwise, + resources reachable from the policy attached resource. + accesses: + description: >- + The accesses that match one of the following conditions: - The + access_selector, if it is specified in request; - Otherwise, access + specifiers reachable from the policy binding's role. + items: + $ref: '#/components/schemas/GoogleCloudAssetV1Access' + type: array + conditionEvaluation: + $ref: '#/components/schemas/ConditionEvaluation' + description: >- + Condition evaluation for this AccessControlList, if there is a + condition defined in the above IAM policy binding. + resourceEdges: + type: array + description: >- + Resource edges of the graph starting from the policy attached + resource to any descendant resources. The Edge.source_node contains + the full resource name of a parent resource and Edge.target_node + contains the full resource name of a child resource. This field is + present only if the output_resource_edges option is enabled in + request. + items: + $ref: '#/components/schemas/GoogleCloudAssetV1Edge' + QueryAssetsOutputConfig: + type: object + id: QueryAssetsOutputConfig + properties: + bigqueryDestination: + description: BigQuery destination where the query results will be saved. + $ref: >- + #/components/schemas/GoogleCloudAssetV1QueryAssetsOutputConfigBigQueryDestination + description: Output configuration query assets. + RelatedAssets: + description: >- + DEPRECATED. This message only presents for the purpose of + backward-compatibility. The server will never populate this message in + responses. The detailed related assets with the `relationship_type`. + id: RelatedAssets + deprecated: true + type: object + properties: + relationshipAttributes: + description: The detailed relationship attributes. + $ref: '#/components/schemas/RelationshipAttributes' + assets: + items: + $ref: '#/components/schemas/RelatedAsset' + description: The peer resources of the relationship. + type: array + AuditLogConfig: + type: object + id: AuditLogConfig + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + properties: + exemptedMembers: + items: + type: string + description: >- + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + type: array + logType: enum: - - CONTENT_TYPE_UNSPECIFIED - - RESOURCE - - IAM_POLICY - - ORG_POLICY - - ACCESS_POLICY - - OS_INVENTORY - - RELATIONSHIP - feedOutputConfig: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + type: string + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + description: The log type that this config enables. + Binding: + type: object + id: Binding + properties: + members: + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + type: array + items: + type: string + role: + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + type: string + condition: + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + description: Associates `members`, or principals, with a `role`. + GoogleCloudAssetV1GcsDestination: + type: object + id: GoogleCloudAssetV1GcsDestination + description: A Cloud Storage location. + properties: + uri: description: >- - Required. Feed output configuration defining where the asset updates - are published to. - $ref: '#/components/schemas/FeedOutputConfig' - condition: + Required. The URI of the Cloud Storage object. It's the same URI + that is used by gsutil. Example: "gs://bucket_name/object_name". See + [Viewing and Editing Object + Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata) + for more information. If the specified Cloud Storage object already + exists and there is no + [hold](https://cloud.google.com/storage/docs/object-holds), it will + be overwritten with the analysis result. + type: string + GoogleCloudAssetV1p7beta1RelationshipAttributes: + description: >- + The relationship attributes which include `type`, + `source_resource_type`, `target_resource_type` and `action`. + type: object + id: GoogleCloudAssetV1p7beta1RelationshipAttributes + properties: + sourceResourceType: + type: string + description: 'The source asset type. Example: `compute.googleapis.com/Instance`' + action: + type: string + description: The detail of the relationship, e.g. `contains`, `attaches` + targetResourceType: + description: 'The target asset type. Example: `compute.googleapis.com/Disk`' + type: string + type: description: >- - A condition which determines whether an asset update should be - published. If specified, an asset will be returned only when the - expression evaluates to true. When set, `expression` field in the - `Expr` must be a valid [CEL expression] - (https://github.com/google/cel-spec) on a TemporalAsset with name - `temporal_asset`. Example: a Feed with expression - ("temporal_asset.deleted == true") will only publish Asset - deletions. Other fields of `Expr` are optional. See our [user - guide](https://cloud.google.com/asset-inventory/docs/monitoring-asset-changes-with-condition) - for detailed instructions. - $ref: '#/components/schemas/Expr' - relationshipTypes: + The unique identifier of the relationship type. Example: + `INSTANCE_TO_INSTANCEGROUP` + type: string + PubsubDestination: + description: A Pub/Sub destination. + id: PubsubDestination + properties: + topic: + description: >- + The name of the Pub/Sub topic to publish to. Example: + `projects/PROJECT_ID/topics/TOPIC_ID`. + type: string + type: object + Options: + properties: + analyzeServiceAccountImpersonation: + description: >- + Optional. If true, the response will include access analysis from + identities to resources via service account impersonation. This is a + very expensive operation, because many derived queries will be + executed. We highly recommend you use + AssetService.AnalyzeIamPolicyLongrunning RPC instead. For example, + if the request analyzes for which resources user A has permission P, + and there's an IAM policy states user A has + iam.serviceAccounts.getAccessToken permission to a service account + SA, and there's another IAM policy states service account SA has + permission P to a Google Cloud folder F, then user A potentially has + access to the Google Cloud folder F. And those advanced analysis + results will be included in + AnalyzeIamPolicyResponse.service_account_impersonation_analysis. + Another example, if the request analyzes for who has permission P to + a Google Cloud folder F, and there's an IAM policy states user A has + iam.serviceAccounts.actAs permission to a service account SA, and + there's another IAM policy states service account SA has permission + P to the Google Cloud folder F, then user A potentially has access + to the Google Cloud folder F. And those advanced analysis results + will be included in + AnalyzeIamPolicyResponse.service_account_impersonation_analysis. + Only the following permissions are considered in this analysis: * + `iam.serviceAccounts.actAs` * `iam.serviceAccounts.signBlob` * + `iam.serviceAccounts.signJwt` * `iam.serviceAccounts.getAccessToken` + * `iam.serviceAccounts.getOpenIdToken` * + `iam.serviceAccounts.implicitDelegation` Default is false. + type: boolean + outputGroupEdges: + description: >- + Optional. If true, the result will output the relevant membership + relationships between groups and other groups, and between groups + and principals. Default is false. + type: boolean + expandRoles: + type: boolean + description: >- + Optional. If true, the access section of result will expand any + roles appearing in IAM policy bindings to include their permissions. + If IamPolicyAnalysisQuery.access_selector is specified, the access + section of the result will be determined by the selector, and this + flag is not allowed to set. Default is false. + expandResources: + type: boolean + description: >- + Optional. If true and IamPolicyAnalysisQuery.resource_selector is + not specified, the resource section of the result will expand any + resource attached to an IAM policy to include resources lower in the + resource hierarchy. For example, if the request analyzes for which + resources user A has permission P, and the results include an IAM + policy with P on a Google Cloud folder, the results will also + include resources in that folder with permission P. If true and + IamPolicyAnalysisQuery.resource_selector is specified, the resource + section of the result will expand the specified resource to include + resources lower in the resource hierarchy. Only project or lower + resources are supported. Folder and organization resources cannot be + used together with this option. For example, if the request analyzes + for which users have permission P on a Google Cloud project with + this option enabled, the results will include all users who have + permission P on that project or any lower resource. If true, the + default max expansion per resource is 1000 for + AssetService.AnalyzeIamPolicy][] and 100000 for + AssetService.AnalyzeIamPolicyLongrunning][]. Default is false. + expandGroups: + description: >- + Optional. If true, the identities section of the result will expand + any Google groups appearing in an IAM policy binding. If + IamPolicyAnalysisQuery.identity_selector is specified, the identity + in the result will be determined by the selector, and this flag is + not allowed to set. If true, the default max expansion per group is + 1000 for AssetService.AnalyzeIamPolicy][]. Default is false. + type: boolean + outputResourceEdges: + description: >- + Optional. If true, the result will output the relevant parent/child + relationships between resources. Default is false. + type: boolean + id: Options + description: Contains query options. + type: object + TableSchema: + properties: + fields: + description: Describes the fields in a table. + items: + $ref: '#/components/schemas/TableFieldSchema' + type: array + id: TableSchema + type: object + description: BigQuery Compatible table schema. + IamPolicyAnalysisState: + id: IamPolicyAnalysisState + description: >- + Represents the detailed state of an entity under analysis, such as a + resource, an identity or an access. + properties: + code: + type: string + enumDescriptions: + - 'Not an error; returned on success. HTTP Mapping: 200 OK' + - >- + The operation was cancelled, typically by the caller. HTTP + Mapping: 499 Client Closed Request + - >- + Unknown error. For example, this error may be returned when a + `Status` value received from another address space belongs to an + error space that is not known in this address space. Also errors + raised by APIs that do not return enough error information may be + converted to this error. HTTP Mapping: 500 Internal Server Error + - >- + The client specified an invalid argument. Note that this differs + from `FAILED_PRECONDITION`. `INVALID_ARGUMENT` indicates arguments + that are problematic regardless of the state of the system (e.g., + a malformed file name). HTTP Mapping: 400 Bad Request + - >- + The deadline expired before the operation could complete. For + operations that change the state of the system, this error may be + returned even if the operation has completed successfully. For + example, a successful response from a server could have been + delayed long enough for the deadline to expire. HTTP Mapping: 504 + Gateway Timeout + - >- + Some requested entity (e.g., file or directory) was not found. + Note to server developers: if a request is denied for an entire + class of users, such as gradual feature rollout or undocumented + allowlist, `NOT_FOUND` may be used. If a request is denied for + some users within a class of users, such as user-based access + control, `PERMISSION_DENIED` must be used. HTTP Mapping: 404 Not + Found + - >- + The entity that a client attempted to create (e.g., file or + directory) already exists. HTTP Mapping: 409 Conflict + - >- + The caller does not have permission to execute the specified + operation. `PERMISSION_DENIED` must not be used for rejections + caused by exhausting some resource (use `RESOURCE_EXHAUSTED` + instead for those errors). `PERMISSION_DENIED` must not be used if + the caller can not be identified (use `UNAUTHENTICATED` instead + for those errors). This error code does not imply the request is + valid or the requested entity exists or satisfies other + pre-conditions. HTTP Mapping: 403 Forbidden + - >- + The request does not have valid authentication credentials for the + operation. HTTP Mapping: 401 Unauthorized + - >- + Some resource has been exhausted, perhaps a per-user quota, or + perhaps the entire file system is out of space. HTTP Mapping: 429 + Too Many Requests + - >- + The operation was rejected because the system is not in a state + required for the operation's execution. For example, the directory + to be deleted is non-empty, an rmdir operation is applied to a + non-directory, etc. Service implementors can use the following + guidelines to decide between `FAILED_PRECONDITION`, `ABORTED`, and + `UNAVAILABLE`: (a) Use `UNAVAILABLE` if the client can retry just + the failing call. (b) Use `ABORTED` if the client should retry at + a higher level. For example, when a client-specified test-and-set + fails, indicating the client should restart a read-modify-write + sequence. (c) Use `FAILED_PRECONDITION` if the client should not + retry until the system state has been explicitly fixed. For + example, if an "rmdir" fails because the directory is non-empty, + `FAILED_PRECONDITION` should be returned since the client should + not retry unless the files are deleted from the directory. HTTP + Mapping: 400 Bad Request + - >- + The operation was aborted, typically due to a concurrency issue + such as a sequencer check failure or transaction abort. See the + guidelines above for deciding between `FAILED_PRECONDITION`, + `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: 409 Conflict + - >- + The operation was attempted past the valid range. E.g., seeking or + reading past end-of-file. Unlike `INVALID_ARGUMENT`, this error + indicates a problem that may be fixed if the system state changes. + For example, a 32-bit file system will generate `INVALID_ARGUMENT` + if asked to read at an offset that is not in the range [0,2^32-1], + but it will generate `OUT_OF_RANGE` if asked to read from an + offset past the current file size. There is a fair bit of overlap + between `FAILED_PRECONDITION` and `OUT_OF_RANGE`. We recommend + using `OUT_OF_RANGE` (the more specific error) when it applies so + that callers who are iterating through a space can easily look for + an `OUT_OF_RANGE` error to detect when they are done. HTTP + Mapping: 400 Bad Request + - >- + The operation is not implemented or is not supported/enabled in + this service. HTTP Mapping: 501 Not Implemented + - >- + Internal errors. This means that some invariants expected by the + underlying system have been broken. This error code is reserved + for serious errors. HTTP Mapping: 500 Internal Server Error + - >- + The service is currently unavailable. This is most likely a + transient condition, which can be corrected by retrying with a + backoff. Note that it is not always safe to retry non-idempotent + operations. See the guidelines above for deciding between + `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: + 503 Service Unavailable + - >- + Unrecoverable data loss or corruption. HTTP Mapping: 500 Internal + Server Error + enum: + - OK + - CANCELLED + - UNKNOWN + - INVALID_ARGUMENT + - DEADLINE_EXCEEDED + - NOT_FOUND + - ALREADY_EXISTS + - PERMISSION_DENIED + - UNAUTHENTICATED + - RESOURCE_EXHAUSTED + - FAILED_PRECONDITION + - ABORTED + - OUT_OF_RANGE + - UNIMPLEMENTED + - INTERNAL + - UNAVAILABLE + - DATA_LOSS description: >- - A list of relationship types to output, for example: - `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if - content_type=RELATIONSHIP. * If specified: it outputs specified - relationship updates on the [asset_names] or the [asset_types]. It - returns an error if any of the [relationship_types] doesn't belong - to the supported relationship types of the [asset_names] or - [asset_types], or any of the [asset_names] or the [asset_types] - doesn't belong to the source types of the [relationship_types]. * - Otherwise: it outputs the supported relationships of the types of - [asset_names] and [asset_types] or returns an error if any of the - [asset_names] or the [asset_types] has no replationship support. See - [Introduction to Cloud Asset - Inventory](https://cloud.google.com/asset-inventory/docs/overview) - for all supported asset types and relationship types. - type: array - items: - type: string - FeedOutputConfig: - id: FeedOutputConfig - description: Output configuration for asset feed destination. - type: object - properties: - pubsubDestination: - description: Destination on Pub/Sub. - $ref: '#/components/schemas/PubsubDestination' - PubsubDestination: - id: PubsubDestination - description: A Pub/Sub destination. + The Google standard error code that best describes the state. For + example: - OK means the analysis on this entity has been + successfully finished; - PERMISSION_DENIED means an access denied + error is encountered; - DEADLINE_EXCEEDED means the analysis on this + entity hasn't been started in time; + cause: + type: string + description: The human-readable description of the cause of failure. type: object + GoogleCloudOrgpolicyV1Policy: properties: - topic: + listPolicy: + $ref: '#/components/schemas/GoogleCloudOrgpolicyV1ListPolicy' + description: List of values either allowed or disallowed. + restoreDefault: + $ref: '#/components/schemas/GoogleCloudOrgpolicyV1RestoreDefault' description: >- - The name of the Pub/Sub topic to publish to. Example: - `projects/PROJECT_ID/topics/TOPIC_ID`. + Restores the default behavior of the constraint; independent of + `Constraint` type. + constraint: + description: >- + The name of the `Constraint` the `Policy` is configuring, for + example, `constraints/serviceuser.services`. A [list of available + constraints](/resource-manager/docs/organization-policy/org-policy-constraints) + is available. Immutable after creation. type: string - ListFeedsResponse: - id: ListFeedsResponse + etag: + type: string + format: byte + description: >- + An opaque tag indicating the current version of the `Policy`, used + for concurrency control. When the `Policy` is returned from either a + `GetPolicy` or a `ListOrgPolicy` request, this `etag` indicates the + version of the current `Policy` to use when executing a + read-modify-write loop. When the `Policy` is returned from a + `GetEffectivePolicy` request, the `etag` will be unset. When the + `Policy` is used in a `SetOrgPolicy` method, use the `etag` value + that was returned from a `GetOrgPolicy` request as part of a + read-modify-write loop for concurrency control. Not setting the + `etag`in a `SetOrgPolicy` request will result in an unconditional + write of the `Policy`. + updateTime: + type: string + format: google-datetime + description: >- + The time stamp the `Policy` was previously updated. This is set by + the server, not specified by the caller, and represents the last + time a call to `SetOrgPolicy` was made for that `Policy`. Any value + set by the client will be ignored. + booleanPolicy: + $ref: '#/components/schemas/GoogleCloudOrgpolicyV1BooleanPolicy' + description: >- + For boolean `Constraints`, whether to enforce the `Constraint` or + not. + version: + type: integer + description: Version of the `Policy`. Default version is 0; + format: int32 + id: GoogleCloudOrgpolicyV1Policy type: object + description: >- + Defines a Cloud Organization `Policy` which is used to specify + `Constraints` for configurations of Cloud Platform resources. + GoogleCloudAssetV1IdentityList: + description: The identities and group edges. + id: GoogleCloudAssetV1IdentityList properties: - feeds: - description: A list of feeds. - type: array + groupEdges: items: - $ref: '#/components/schemas/Feed' - UpdateFeedRequest: - id: UpdateFeedRequest - description: Update asset feed request. - type: object - properties: - feed: + $ref: '#/components/schemas/GoogleCloudAssetV1Edge' + type: array description: >- - Required. The new values of feed details. It must match an existing - feed and the field `name` must be in the format of: - projects/project_number/feeds/feed_id or - folders/folder_number/feeds/feed_id or - organizations/organization_number/feeds/feed_id. - $ref: '#/components/schemas/Feed' - updateMask: + Group identity edges of the graph starting from the binding's group + members to any node of the identities. The Edge.source_node contains + a group, such as `group:parent@google.com`. The Edge.target_node + contains a member of the group, such as `group:child@google.com` or + `user:foo@google.com`. This field is present only if the + output_group_edges option is enabled in request. + identities: + type: array description: >- - Required. Only updates the `feed` fields indicated by this mask. The - field mask must not be empty, and it must not contain fields that - are immutable or only set by the server. - type: string - format: google-fieldmask - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + Only the identities that match one of the following conditions will + be presented: - The identity_selector, if it is specified in + request; - Otherwise, identities reachable from the policy binding's + members. + items: + $ref: '#/components/schemas/GoogleCloudAssetV1Identity' type: object - properties: {} - SearchAllResourcesResponse: - id: SearchAllResourcesResponse - description: Search all resources response. + GoogleIdentityAccesscontextmanagerV1EgressFrom: type: object + description: >- + Defines the conditions under which an EgressPolicy matches a request. + Conditions based on information about the source of the request. Note + that if the destination of the request is also protected by a + ServicePerimeter, then that ServicePerimeter must have an IngressPolicy + which allows access in order for this request to succeed. properties: - results: + identityType: description: >- - A list of Resources that match the search query. It contains the - resource standard metadata information. - type: array + Specifies the type of identities that are allowed access to outside + the perimeter. If left unspecified, then members of `identities` + field will be allowed access. + enum: + - IDENTITY_TYPE_UNSPECIFIED + - ANY_IDENTITY + - ANY_USER_ACCOUNT + - ANY_SERVICE_ACCOUNT + enumDescriptions: + - No blanket identity group specified. + - Authorize access from all identities outside the perimeter. + - Authorize access from all human users outside the perimeter. + - Authorize access from all service accounts outside the perimeter. + type: string + identities: items: - $ref: '#/components/schemas/ResourceSearchResult' - nextPageToken: + type: string + type: array description: >- - If there are more results than those appearing in this response, - then `next_page_token` is included. To get the next set of results, - call this method again using the value of `next_page_token` as - `page_token`. + A list of identities that are allowed access through [EgressPolicy]. + Identities can be an individual user, service account, Google group, + or third-party identity. For third-party identity, only single + identities are supported and other identity types are not supported. + The `v1` identities that have the prefix `user`, `group`, + `serviceAccount`, and `principal` in + https://cloud.google.com/iam/docs/principal-identifiers#v1 are + supported. + sourceRestriction: type: string - ResourceSearchResult: - id: ResourceSearchResult - description: A result of Resource Search, containing information of a cloud resource. - type: object - properties: - name: + enumDescriptions: + - >- + Enforcement preference unspecified, will not enforce traffic + restrictions based on `sources` in EgressFrom. + - >- + Enforcement preference enabled, traffic restrictions will be + enforced based on `sources` in EgressFrom. + - >- + Enforcement preference disabled, will not enforce traffic + restrictions based on `sources` in EgressFrom. description: >- - The full resource name of this resource. Example: - `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. - See [Cloud Asset Inventory Resource Name - Format](https://cloud.google.com/asset-inventory/docs/resource-name-format) - for more information. To search against the `name`: * Use a field - query. Example: `name:instance1` * Use a free text query. Example: - `instance1` - type: string - assetType: + Whether to enforce traffic restrictions based on `sources` field. If + the `sources` fields is non-empty, then this field must be set to + `SOURCE_RESTRICTION_ENABLED`. + enum: + - SOURCE_RESTRICTION_UNSPECIFIED + - SOURCE_RESTRICTION_ENABLED + - SOURCE_RESTRICTION_DISABLED + sources: description: >- - The type of this resource. Example: `compute.googleapis.com/Disk`. - To search against the `asset_type`: * Specify the `asset_type` field - in your search request. + Sources that this EgressPolicy authorizes access from. If this field + is not empty, then `source_restriction` must be set to + `SOURCE_RESTRICTION_ENABLED`. + items: + $ref: >- + #/components/schemas/GoogleIdentityAccesscontextmanagerV1EgressSource + type: array + id: GoogleIdentityAccesscontextmanagerV1EgressFrom + GoogleCloudAssetV1CustomConstraint: + id: GoogleCloudAssetV1CustomConstraint + properties: + name: type: string - project: description: >- - The project that this resource belongs to, in the form of - projects/{PROJECT_NUMBER}. This field is available when the resource - belongs to a project. To search against `project`: * Use a field - query. Example: `project:12345` * Use a free text query. Example: - `12345` * Specify the `scope` field as this project in your search - request. + Name of the constraint. This is unique within the organization. + Format of the name should be * + `organizations/{organization_id}/customConstraints/{custom_constraint_id}` + Example : + "organizations/123/customConstraints/custom.createOnlyE2TypeVms" + actionType: + enum: + - ACTION_TYPE_UNSPECIFIED + - ALLOW + - DENY + enumDescriptions: + - Unspecified. Will results in user error. + - Allowed action type. + - Deny action type. + description: Allow or deny type. type: string - folders: - description: >- - The folder(s) that this resource belongs to, in the form of - folders/{FOLDER_NUMBER}. This field is available when the resource - belongs to one or more folders. To search against `folders`: * Use a - field query. Example: `folders:(123 OR 456)` * Use a free text - query. Example: `123` * Specify the `scope` field as this folder in - your search request. - type: array + methodTypes: items: + enumDescriptions: + - Unspecified. Will results in user error. + - Constraint applied when creating the resource. + - Constraint applied when updating the resource. + - Constraint applied when deleting the resource. + - Constraint applied when removing an IAM grant. + - Constraint applied when enforcing forced tagging. + enum: + - METHOD_TYPE_UNSPECIFIED + - CREATE + - UPDATE + - DELETE + - REMOVE_GRANT + - GOVERN_TAGS type: string - organization: - description: >- - The organization that this resource belongs to, in the form of - organizations/{ORGANIZATION_NUMBER}. This field is available when - the resource belongs to an organization. To search against - `organization`: * Use a field query. Example: `organization:123` * - Use a free text query. Example: `123` * Specify the `scope` field as - this organization in your search request. - type: string + description: All the operations being applied for this constraint. + type: array displayName: - description: >- - The display name of this resource. This field is available only when - the resource's Protobuf contains it. To search against the - `display_name`: * Use a field query. Example: `displayName:"My - Instance"` * Use a free text query. Example: `"My Instance"` + description: One line display name for the UI. type: string description: - description: >- - One or more paragraphs of text description of this resource. Maximum - length could be up to 1M bytes. This field is available only when - the resource's Protobuf contains it. To search against the - `description`: * Use a field query. Example: `description:"important - instance"` * Use a free text query. Example: `"important instance"` type: string - location: - description: >- - Location can be `global`, regional like `us-east1`, or zonal like - `us-west1-b`. This field is available only when the resource's - Protobuf contains it. To search against the `location`: * Use a - field query. Example: `location:us-west*` * Use a free text query. - Example: `us-west*` + description: Detailed information about this custom policy constraint. + condition: type: string - labels: - description: >- - User labels associated with this resource. See [Labelling and - grouping Google Cloud - resources](https://cloud.google.com/blog/products/gcp/labelling-and-grouping-your-google-cloud-platform-resources) - for more information. This field is available only when the - resource's Protobuf contains it. To search against the `labels`: * - Use a field query: - query on any label's key or value. Example: - `labels:prod` - query by a given label. Example: `labels.env:prod` - - query by a given label's existence. Example: `labels.env:*` * Use a - free text query. Example: `prod` - type: object - additionalProperties: - type: string - networkTags: - description: >- - Network tags associated with this resource. Like labels, network - tags are a type of annotations used to group Google Cloud resources. - See [Labelling Google Cloud - resources](https://cloud.google.com/blog/products/gcp/labelling-and-grouping-your-google-cloud-platform-resources) - for more information. This field is available only when the - resource's Protobuf contains it. To search against the - `network_tags`: * Use a field query. Example: `networkTags:internal` - * Use a free text query. Example: `internal` - type: array - items: - type: string - kmsKey: description: >- - The Cloud KMS - [CryptoKey](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys) - name or - [CryptoKeyVersion](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions) - name. This field only presents for the purpose of backward - compatibility. Use the `kms_keys` field to retrieve Cloud KMS key - information. This field is available only when the resource's - Protobuf contains it and will only be populated for [these resource - types](https://cloud.google.com/asset-inventory/docs/legacy-field-names#resource_types_with_the_to_be_deprecated_kmskey_field) - for backward compatible purposes. To search against the `kms_key`: * - Use a field query. Example: `kmsKey:key` * Use a free text query. - Example: `key` - deprecated: true - type: string - kmsKeys: + Organization Policy condition/expression. For example: + `resource.instanceName.matches("(production|test)_(.+_)?[\d]+")'` + or, `resource.management.auto_upgrade == true` + resourceTypes: description: >- - The Cloud KMS - [CryptoKey](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys) - names or - [CryptoKeyVersion](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions) - names. This field is available only when the resource's Protobuf - contains it. To search against the `kms_keys`: * Use a field query. - Example: `kmsKeys:key` * Use a free text query. Example: `key` + The Resource Instance type on which this policy applies to. Format + will be of the form : "/" Example: * + `compute.googleapis.com/Instance`. type: array items: type: string - createTime: - description: >- - The create timestamp of this resource, at which the resource was - created. The granularity is in seconds. Timestamp.nanos will always - be 0. This field is available only when the resource's Protobuf - contains it. To search against `create_time`: * Use a field query. - - value in seconds since unix epoch. Example: `createTime > - 1609459200` - value in date string. Example: `createTime > - 2021-01-01` - value in date-time string (must be quoted). Example: - `createTime > "2021-01-01T00:00:00"` - type: string - format: google-datetime - updateTime: - description: >- - The last update timestamp of this resource, at which the resource - was last modified or deleted. The granularity is in seconds. - Timestamp.nanos will always be 0. This field is available only when - the resource's Protobuf contains it. To search against - `update_time`: * Use a field query. - value in seconds since unix - epoch. Example: `updateTime < 1609459200` - value in date string. - Example: `updateTime < 2021-01-01` - value in date-time string (must - be quoted). Example: `updateTime < "2021-01-01T00:00:00"` + description: The definition of a custom constraint. + type: object + ListAssetsResponse: + description: ListAssets response. + type: object + properties: + readTime: type: string format: google-datetime - state: - description: >- - The state of this resource. Different resources types have different - state definitions that are mapped from various fields of different - resource types. This field is available only when the resource's - Protobuf contains it. Example: If the resource is an instance - provided by Compute Engine, its state will include PROVISIONING, - STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and - TERMINATED. See `status` definition in [API - Reference](https://cloud.google.com/compute/docs/reference/rest/v1/instances). - If the resource is a project provided by Resource Manager, its state - will include LIFECYCLE_STATE_UNSPECIFIED, ACTIVE, DELETE_REQUESTED - and DELETE_IN_PROGRESS. See `lifecycleState` definition in [API - Reference](https://cloud.google.com/resource-manager/reference/rest/v1/projects). - To search against the `state`: * Use a field query. Example: - `state:RUNNING` * Use a free text query. Example: `RUNNING` - type: string - additionalAttributes: - description: >- - The additional searchable attributes of this resource. The - attributes may vary from one resource type to another. Examples: - `projectId` for Project, `dnsName` for DNS ManagedZone. This field - contains a subset of the resource metadata fields that are returned - by the List or Get APIs provided by the corresponding Google Cloud - service (e.g., Compute Engine). see [API references and supported - searchable - attributes](https://cloud.google.com/asset-inventory/docs/supported-asset-types) - to see which fields are included. You can search values of these - fields through free text search. However, you should not consume the - field programically as the field names and values may change as the - Google Cloud service updates to a new incompatible API version. To - search against the `additional_attributes`: * Use a free text query - to match the attributes values. Example: to search - `additional_attributes = { dnsName: "foobar" }`, you can issue a - query `foobar`. - type: object - additionalProperties: - type: any - description: Properties of the object. - parentFullResourceName: + description: Time the snapshot was taken. + nextPageToken: description: >- - The full resource name of this resource's parent, if it has one. To - search against the `parent_full_resource_name`: * Use a field query. - Example: `parentFullResourceName:"project-name"` * Use a free text - query. Example: `project-name` + Token to retrieve the next page of results. It expires 72 hours + after the page token for the first page is generated. Set to empty + if there are no remaining results. type: string - versionedResources: - description: >- - Versioned resource representations of this resource. This is - repeated because there could be multiple versions of resource - representations during version migration. This `versioned_resources` - field is not searchable. Some attributes of the resource - representations are exposed in `additional_attributes` field, so as - to allow users to search on them. - type: array + assets: + description: Assets. items: - $ref: '#/components/schemas/VersionedResource' - attachedResources: - description: >- - Attached resources of this resource. For example, an OSConfig - Inventory is an attached resource of a Compute Instance. This field - is repeated because a resource could have multiple attached - resources. This `attached_resources` field is not searchable. Some - attributes of the attached resources are exposed in - `additional_attributes` field, so as to allow users to search on - them. + $ref: '#/components/schemas/Asset' type: array - items: - $ref: '#/components/schemas/AttachedResource' - relationships: + id: ListAssetsResponse + GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedAsset: + description: >- + Represents a Google Cloud asset(resource or IAM policy) governed by the + organization policies of the + AnalyzeOrgPolicyGovernedAssetsRequest.constraint. + type: object + id: GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedAsset + properties: + governedResource: + description: >- + A Google Cloud resource governed by the organization policies of the + AnalyzeOrgPolicyGovernedAssetsRequest.constraint. + $ref: >- + #/components/schemas/GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedResource + governedIamPolicy: description: >- - A map of related resources of this resource, keyed by the - relationship type. A relationship type is in the format of - {SourceType}_{ACTION}_{DestType}. Example: `DISK_TO_INSTANCE`, - `DISK_TO_NETWORK`, `INSTANCE_TO_INSTANCEGROUP`. See [supported - relationship - types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#supported_relationship_types). - type: object - additionalProperties: - $ref: '#/components/schemas/RelatedResources' - tagKeys: + An IAM policy governed by the organization policies of the + AnalyzeOrgPolicyGovernedAssetsRequest.constraint. + $ref: >- + #/components/schemas/GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedIamPolicy + consolidatedPolicy: + $ref: '#/components/schemas/AnalyzerOrgPolicy' description: >- - This field is only present for the purpose of backward - compatibility. Use the `tags` field instead. TagKey namespaced - names, in the format of {ORG_ID}/{TAG_KEY_SHORT_NAME}. To search - against the `tagKeys`: * Use a field query. Example: - - `tagKeys:"123456789/env*"` - `tagKeys="123456789/env"` - - `tagKeys:"env"` * Use a free text query. Example: - `env` - deprecated: true + The consolidated policy for the analyzed asset. The consolidated + policy is computed by merging and evaluating + AnalyzeOrgPolicyGovernedAssetsResponse.GovernedAsset.policy_bundle. + The evaluation will respect the organization policy [hierarchy + rules](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-hierarchy). + policyBundle: type: array items: - type: string - tagValues: + $ref: '#/components/schemas/AnalyzerOrgPolicy' description: >- - This field is only present for the purpose of backward - compatibility. Use the `tags` field instead. TagValue namespaced - names, in the format of - {ORG_ID}/{TAG_KEY_SHORT_NAME}/{TAG_VALUE_SHORT_NAME}. To search - against the `tagValues`: * Use a field query. Example: - - `tagValues:"env"` - `tagValues:"env/prod"` - - `tagValues:"123456789/env/prod*"` - `tagValues="123456789/env/prod"` - * Use a free text query. Example: - `prod` - deprecated: true + The ordered list of all organization policies from the + consolidated_policy.attached_resource to the scope specified in the + request. If the constraint is defined with default policy, it will + also appear in the list. + GoogleIdentityAccesscontextmanagerV1IngressTo: + properties: + roles: type: array + description: >- + IAM roles that represent the set of operations that the sources + specified in the corresponding IngressFrom are allowed to perform in + this ServicePerimeter. items: type: string - tagValueIds: - description: >- - This field is only present for the purpose of backward - compatibility. Use the `tags` field instead. TagValue IDs, in the - format of tagValues/{TAG_VALUE_ID}. To search against the - `tagValueIds`: * Use a field query. Example: - - `tagValueIds="tagValues/456"` * Use a free text query. Example: - - `456` - deprecated: true - type: array + resources: items: type: string - tags: - description: >- - The tags directly attached to this resource. To search against the - `tags`: * Use a field query. Example: - `tagKeys:"123456789/env*"` - - `tagKeys="123456789/env"` - `tagKeys:"env"` - - `tagKeyIds="tagKeys/123"` - `tagValues:"env"` - - `tagValues:"env/prod"` - `tagValues:"123456789/env/prod*"` - - `tagValues="123456789/env/prod"` - `tagValueIds="tagValues/456"` * - Use a free text query. Example: - `env/prod` type: array - items: - $ref: '#/components/schemas/Tag' - effectiveTags: description: >- - The effective tags on this resource. All of the tags that are both - attached to and inherited by a resource are collectively called the - effective tags. For more information, see [tag - inheritance](https://cloud.google.com/resource-manager/docs/tags/tags-overview#inheritance). - To search against the `effective_tags`: * Use a field query. - Example: - `effectiveTagKeys:"123456789/env*"` - - `effectiveTagKeys="123456789/env"` - `effectiveTagKeys:"env"` - - `effectiveTagKeyIds="tagKeys/123"` - `effectiveTagValues:"env"` - - `effectiveTagValues:"env/prod"` - - `effectiveTagValues:"123456789/env/prod*"` - - `effectiveTagValues="123456789/env/prod"` - - `effectiveTagValueIds="tagValues/456"` - type: array - items: - $ref: '#/components/schemas/EffectiveTagDetails' - enrichments: + A list of resources, currently only projects in the form + `projects/`, protected by this ServicePerimeter that are allowed to + be accessed by sources defined in the corresponding IngressFrom. If + a single `*` is specified, then access to all resources inside the + perimeter are allowed. + operations: description: >- - Enrichments of the asset. Currently supported enrichment types with - SearchAllResources API: * RESOURCE_OWNERS The corresponding read - masks in order to get the enrichment: * enrichments.resource_owners - The corresponding required permissions: * - cloudasset.assets.searchEnrichmentResourceOwners Example query to - get resource owner enrichment: ``` scope: "projects/my-project" - query: "name: my-project" assetTypes: - "cloudresourcemanager.googleapis.com/Project" readMask: { paths: - "asset_type" paths: "name" paths: "enrichments.resource_owners" } - ``` - type: array + A list of ApiOperations allowed to be performed by the sources + specified in corresponding IngressFrom in this ServicePerimeter. items: - $ref: '#/components/schemas/AssetEnrichment' - parentAssetType: - description: >- - The type of this resource's immediate parent, if there is one. To - search against the `parent_asset_type`: * Use a field query. - Example: - `parentAssetType:"cloudresourcemanager.googleapis.com/Project"` * - Use a free text query. Example: - `cloudresourcemanager.googleapis.com/Project` - type: string - sccSecurityMarks: - description: >- - The actual content of Security Command Center security marks - associated with the asset. To search against SCC SecurityMarks - field: * Use a field query: - query by a given key value pair. - Example: `sccSecurityMarks.foo=bar` - query by a given key's - existence. Example: `sccSecurityMarks.foo:*` - type: object - additionalProperties: - type: string - VersionedResource: - id: VersionedResource + $ref: >- + #/components/schemas/GoogleIdentityAccesscontextmanagerV1ApiOperation + type: array + id: GoogleIdentityAccesscontextmanagerV1IngressTo description: >- - Resource representation as defined by the corresponding service - providing the resource for a given API version. + Defines the conditions under which an IngressPolicy matches a request. + Conditions are based on information about the ApiOperation intended to + be performed on the target resource of the request. The request must + satisfy what is defined in `operations` AND `resources` in order to + match. + type: object + GoogleCloudAssetV1Access: + description: An IAM role or permission under analysis. type: object properties: - version: - description: >- - API version of the resource. Example: If the resource is an instance - provided by Compute Engine v1 API as defined in - `https://cloud.google.com/compute/docs/reference/rest/v1/instances`, - version will be "v1". + analysisState: + description: The analysis state of this access. + $ref: '#/components/schemas/IamPolicyAnalysisState' + role: type: string - resource: - description: >- - JSON representation of the resource as defined by the corresponding - service providing this resource. Example: If the resource is an - instance provided by Compute Engine, this field will contain the - JSON representation of the instance as defined by Compute Engine: - `https://cloud.google.com/compute/docs/reference/rest/v1/instances`. - You can find the resource definition for each supported resource - type in this table: - `https://cloud.google.com/asset-inventory/docs/supported-asset-types` + description: The role. + permission: + description: The permission. + type: string + id: GoogleCloudAssetV1Access + Explanation: + description: Explanation about the IAM policy search result. + properties: + matchedPermissions: type: object + description: >- + The map from roles to their included permissions that match the + permission query (i.e., a query containing + `policy.role.permissions:`). Example: if query + `policy.role.permissions:compute.disk.get` matches a policy binding + that contains owner role, the matched_permissions will be + `{"roles/owner": ["compute.disk.get"]}`. The roles can also be found + in the returned `policy` bindings. Note that the map is populated + only for requests with permission queries. additionalProperties: - type: any - description: Properties of the object. - AttachedResource: - id: AttachedResource - description: >- - Attached resource representation, which is defined by the corresponding - service provider. It represents an attached resource's payload. + $ref: '#/components/schemas/Permissions' + id: Explanation + type: object + AnalyzeIamPolicyResponse: type: object + id: AnalyzeIamPolicyResponse properties: - assetType: + fullyExplored: description: >- - The type of this attached resource. Example: - `osconfig.googleapis.com/Inventory` You can find the supported - attached asset types of each resource in this table: - `https://cloud.google.com/asset-inventory/docs/supported-asset-types` - type: string - versionedResources: + Represents whether all entries in the main_analysis and + service_account_impersonation_analysis have been fully explored to + answer the query in the request. + type: boolean + mainAnalysis: + $ref: '#/components/schemas/IamPolicyAnalysis' + description: The main analysis that matches the original request. + serviceAccountImpersonationAnalysis: + description: >- + The service account impersonation analysis if + IamPolicyAnalysisQuery.Options.analyze_service_account_impersonation + is enabled. + items: + $ref: '#/components/schemas/IamPolicyAnalysis' + type: array + description: A response message for AssetService.AnalyzeIamPolicy. + SoftwarePackage: + description: Software package information of the operating system. + properties: + zypperPatch: + $ref: '#/components/schemas/ZypperPatch' + description: >- + Details of a Zypper patch. For details about the Zypper package + manager, see https://en.opensuse.org/SDB:Zypper_manual. + zypperPackage: + description: >- + Details of a Zypper package. For details about the Zypper package + manager, see https://en.opensuse.org/SDB:Zypper_manual. + $ref: '#/components/schemas/VersionedPackage' + wuaPackage: + description: >- + Details of a Windows Update package. See + https://docs.microsoft.com/en-us/windows/win32/api/_wua/ for + information about Windows Update. + $ref: '#/components/schemas/WindowsUpdatePackage' + windowsApplication: + description: Details of Windows Application. + $ref: '#/components/schemas/WindowsApplication' + googetPackage: + $ref: '#/components/schemas/VersionedPackage' + description: >- + Details of a Googet package. For details about the googet package + manager, see https://github.com/google/googet. + cosPackage: + $ref: '#/components/schemas/VersionedPackage' + description: Details of a COS package. + aptPackage: + $ref: '#/components/schemas/VersionedPackage' + description: >- + Details of an APT package. For details about the apt package + manager, see https://wiki.debian.org/Apt. + qfePackage: description: >- - Versioned resource representations of this attached resource. This - is repeated because there could be multiple versions of the attached - resource representations during version migration. - type: array - items: - $ref: '#/components/schemas/VersionedResource' - RelatedResources: - id: RelatedResources - description: The related resources of the primary resource. + Details of a Windows Quick Fix engineering package. See + https://docs.microsoft.com/en-us/windows/win32/cimwin32prov/win32-quickfixengineering + for info in Windows Quick Fix Engineering. + $ref: '#/components/schemas/WindowsQuickFixEngineeringPackage' + yumPackage: + $ref: '#/components/schemas/VersionedPackage' + description: >- + Yum package info. For details about the yum package manager, see + https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/ch-yum. + id: SoftwarePackage type: object + GoogleCloudAssetV1p7beta1RelatedAssets: properties: - relatedResources: - description: The detailed related resources of the primary resource. + relationshipAttributes: + description: The detailed relation attributes. + $ref: '#/components/schemas/GoogleCloudAssetV1p7beta1RelationshipAttributes' + assets: type: array items: - $ref: '#/components/schemas/RelatedResource' - RelatedResource: - id: RelatedResource - description: The detailed related resource. + $ref: '#/components/schemas/GoogleCloudAssetV1p7beta1RelatedAsset' + description: The peer resources of the relationship. + description: The detailed related assets with the `relationship_type`. + id: GoogleCloudAssetV1p7beta1RelatedAssets type: object - properties: - assetType: - description: 'The type of the asset. Example: `compute.googleapis.com/Instance`' - type: string - fullResourceName: - description: >- - The full resource name of the related resource. Example: - `//compute.googleapis.com/projects/my_proj_123/zones/instance/instance123` - type: string - Tag: - id: Tag + Empty: + id: Empty description: >- - The key and value for a - [tag](https://cloud.google.com/resource-manager/docs/tags/tags-overview). + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + properties: {} type: object - properties: - tagKey: - description: >- - TagKey namespaced name, in the format of - {ORG_ID}/{TAG_KEY_SHORT_NAME}. - type: string - tagKeyId: - description: TagKey ID, in the format of tagKeys/{TAG_KEY_ID}. - type: string - tagValue: - description: >- - TagValue namespaced name, in the format of - {ORG_ID}/{TAG_KEY_SHORT_NAME}/{TAG_VALUE_SHORT_NAME}. - type: string - tagValueId: - description: TagValue ID, in the format of tagValues/{TAG_VALUE_ID}. - type: string EffectiveTagDetails: id: EffectiveTagDetails description: >- The effective tags and the ancestor resources from which they were inherited. - type: object properties: attachedResource: + type: string description: >- The [full resource name](https://cloud.google.com/asset-inventory/docs/resource-name-format) of the ancestor from which effective_tags are inherited, according to [tag inheritance](https://cloud.google.com/resource-manager/docs/tags/tags-overview#inheritance). - type: string effectiveTags: + items: + $ref: '#/components/schemas/Tag' description: >- The effective tags inherited from the attached_resource. Note that tags with the same key but different values may attach to resources @@ -3059,70 +2840,79 @@ components: removed. For more information, see [tag inheritance](https://cloud.google.com/resource-manager/docs/tags/tags-overview#inheritance). type: array - items: - $ref: '#/components/schemas/Tag' - AssetEnrichment: - id: AssetEnrichment - description: The enhanced metadata information for a resource. - type: object - properties: - resourceOwners: - description: >- - The resource owners for a resource. Note that this field only - contains the members that have "roles/owner" role in the resource's - IAM Policy. - $ref: '#/components/schemas/ResourceOwners' - ResourceOwners: - id: ResourceOwners - description: The resource owners information. type: object - properties: - resourceOwners: - description: List of resource owners. - type: array - items: - type: string - SearchAllIamPoliciesResponse: - id: SearchAllIamPoliciesResponse - description: Search all IAM policies response. + QueryAssetsResponse: type: object + id: QueryAssetsResponse properties: - results: + done: description: >- - A list of IAM policies that match the search query. Related - information such as the associated resource is returned along with - the policy. - type: array - items: - $ref: '#/components/schemas/IamPolicySearchResult' - nextPageToken: + The query response, which can be either an `error` or a valid + `response`. If `done` == `false` and the query result is being saved + in an output, the output_config field will be set. If `done` == + `true`, exactly one of `error`, `query_result` or `output_config` + will be set. [done] is unset unless the [QueryAssetsResponse] + contains a [QueryAssetsResponse.job_reference]. + type: boolean + outputConfig: description: >- - Set if there are more results than those appearing in this response; - to get the next set of results, call this method again, using this - value as the `page_token`. + Output configuration, which indicates that instead of being returned + in an API response on the fly, the query result will be saved in a + specific output. + $ref: '#/components/schemas/QueryAssetsOutputConfig' + queryResult: + description: Result of the query. + $ref: '#/components/schemas/QueryResult' + jobReference: + description: Reference to a query job. type: string + error: + $ref: '#/components/schemas/Status' + description: Error status. + description: QueryAssets response. IamPolicySearchResult: id: IamPolicySearchResult - description: A result of IAM Policy search, containing information of an IAM policy. type: object + description: A result of IAM Policy search, containing information of an IAM policy. properties: - resource: - description: >- - The full resource name of the resource associated with this IAM - policy. Example: - `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. - See [Cloud Asset Inventory Resource Name - Format](https://cloud.google.com/asset-inventory/docs/resource-name-format) - for more information. To search against the `resource`: * use a - field query. Example: `resource:organizations/123` - type: string assetType: + type: string description: >- The type of the resource associated with this IAM policy. Example: `compute.googleapis.com/Disk`. To search against the `asset_type`: * specify the `asset_types` field in your search request. - type: string + folders: + type: array + description: >- + The folder(s) that the IAM policy belongs to, in the form of + folders/{FOLDER_NUMBER}. This field is available when the IAM policy + belongs to one or more folders. To search against `folders`: * use a + field query. Example: `folders:(123 OR 456)` * use a free text + query. Example: `123` * specify the `scope` field as this folder in + your search request. + items: + type: string + explanation: + $ref: '#/components/schemas/Explanation' + description: >- + Explanation about the IAM policy search result. It contains + additional information to explain why the search result matches the + query. + policy: + description: >- + The IAM policy directly set on the given resource. Note that the + original IAM policy can contain multiple bindings. This only + contains the bindings that match the given query. For queries that + don't contain a constrain on policies (e.g., an empty query), this + contains all the bindings. To search against the `policy` bindings: + * use a field query: - query by the policy contained members. + Example: `policy:amy@gmail.com` - query by the policy contained + roles. Example: `policy:roles/compute.admin` - query by the policy + contained roles' included permissions. Example: + `policy.role.permissions:compute.instances.create` + $ref: '#/components/schemas/Policy' project: + type: string description: >- The project that the associated Google Cloud resource belongs to, in the form of projects/{PROJECT_NUMBER}. If an IAM policy is set on a @@ -3131,555 +2921,566 @@ components: policy is set on a folder or organization, this field will be empty. To search against the `project`: * specify the `scope` field as this project in your search request. + resource: + description: >- + The full resource name of the resource associated with this IAM + policy. Example: + `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. + See [Cloud Asset Inventory Resource Name + Format](https://cloud.google.com/asset-inventory/docs/resource-name-format) + for more information. To search against the `resource`: * use a + field query. Example: `resource:organizations/123` type: string - folders: + organization: + description: >- + The organization that the IAM policy belongs to, in the form of + organizations/{ORGANIZATION_NUMBER}. This field is available when + the IAM policy belongs to an organization. To search against + `organization`: * use a field query. Example: `organization:123` * + use a free text query. Example: `123` * specify the `scope` field as + this organization in your search request. + type: string + GoogleIdentityAccesscontextmanagerV1OsConstraint: + id: GoogleIdentityAccesscontextmanagerV1OsConstraint + properties: + requireVerifiedChromeOs: + type: boolean + description: >- + Only allows requests from devices with a verified Chrome OS. + Verifications includes requirements that the device is + enterprise-managed, conformant to domain policies, and the caller + has permission to call the API targeted by the request. + minimumVersion: + description: >- + The minimum allowed OS version. If not set, any version of this OS + satisfies the constraint. Format: `"major.minor.patch"`. Examples: + `"10.5.301"`, `"9.2.1"`. + type: string + osType: + type: string + description: Required. The allowed OS type. + enumDescriptions: + - The operating system of the device is not specified or not known. + - A desktop Mac operating system. + - A desktop Windows operating system. + - A desktop Linux operating system. + - A desktop ChromeOS operating system. + - An Android operating system. + - An iOS operating system. + enum: + - OS_UNSPECIFIED + - DESKTOP_MAC + - DESKTOP_WINDOWS + - DESKTOP_LINUX + - DESKTOP_CHROME_OS + - ANDROID + - IOS + description: A restriction on the OS type and version of devices making requests. + type: object + ExportAssetsRequest: + id: ExportAssetsRequest + description: Export asset request. + type: object + properties: + relationshipTypes: + items: + type: string + type: array + description: >- + A list of relationship types to export, for example: + `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if + content_type=RELATIONSHIP. * If specified: it snapshots specified + relationships. It returns an error if any of the + [relationship_types] doesn't belong to the supported relationship + types of the [asset_types] or if any of the [asset_types] doesn't + belong to the source types of the [relationship_types]. * Otherwise: + it snapshots the supported relationships for all [asset_types] or + returns an error if any of the [asset_types] has no relationship + support. An unspecified asset types field means all supported + asset_types. See [Introduction to Cloud Asset + Inventory](https://cloud.google.com/asset-inventory/docs/overview) + for all supported asset types and relationship types. + assetTypes: description: >- - The folder(s) that the IAM policy belongs to, in the form of - folders/{FOLDER_NUMBER}. This field is available when the IAM policy - belongs to one or more folders. To search against `folders`: * use a - field query. Example: `folders:(123 OR 456)` * use a free text - query. Example: `123` * specify the `scope` field as this folder in - your search request. - type: array + A list of asset types to take a snapshot for. For example: + "compute.googleapis.com/Disk". Regular expressions are also + supported. For example: * "compute.googleapis.com.*" snapshots + resources whose asset type starts with "compute.googleapis.com". * + ".*Instance" snapshots resources whose asset type ends with + "Instance". * ".*Instance.*" snapshots resources whose asset type + contains "Instance". See + [RE2](https://github.com/google/re2/wiki/Syntax) for all supported + regular expression syntax. If the regular expression does not match + any supported asset type, an INVALID_ARGUMENT error will be + returned. If specified, only matching assets will be returned, + otherwise, it will snapshot all asset types. See [Introduction to + Cloud Asset + Inventory](https://cloud.google.com/asset-inventory/docs/overview) + for all supported asset types. items: type: string - organization: + type: array + contentType: description: >- - The organization that the IAM policy belongs to, in the form of - organizations/{ORGANIZATION_NUMBER}. This field is available when - the IAM policy belongs to an organization. To search against - `organization`: * use a field query. Example: `organization:123` * - use a free text query. Example: `123` * specify the `scope` field as - this organization in your search request. + Asset content type. If not specified, no content but the asset name + will be returned. type: string - policy: + enum: + - CONTENT_TYPE_UNSPECIFIED + - RESOURCE + - IAM_POLICY + - ORG_POLICY + - ACCESS_POLICY + - OS_INVENTORY + - RELATIONSHIP + enumDescriptions: + - Unspecified content type. + - Resource metadata. + - The actual IAM policy set on a resource. + - The organization policy set on an asset. + - The Access Context Manager policy set on an asset. + - The runtime OS Inventory information. + - The related resources. + outputConfig: description: >- - The IAM policy directly set on the given resource. Note that the - original IAM policy can contain multiple bindings. This only - contains the bindings that match the given query. For queries that - don't contain a constrain on policies (e.g., an empty query), this - contains all the bindings. To search against the `policy` bindings: - * use a field query: - query by the policy contained members. - Example: `policy:amy@gmail.com` - query by the policy contained - roles. Example: `policy:roles/compute.admin` - query by the policy - contained roles' included permissions. Example: - `policy.role.permissions:compute.instances.create` - $ref: '#/components/schemas/Policy' - explanation: + Required. Output configuration indicating where the results will be + output to. + $ref: '#/components/schemas/OutputConfig' + readTime: + type: string description: >- - Explanation about the IAM policy search result. It contains - additional information to explain why the search result matches the - query. - $ref: '#/components/schemas/Explanation' - Explanation: - id: Explanation - description: Explanation about the IAM policy search result. + Timestamp to take an asset snapshot. This can only be set to a + timestamp between the current time and the current time minus 35 + days (inclusive). If not specified, the current time will be used. + Due to delays in resource data collection and indexing, there is a + volatile window during which running the same query may get + different results. + format: google-datetime + GoogleIdentityAccesscontextmanagerV1AccessLevel: type: object properties: - matchedPermissions: + custom: + description: A `CustomLevel` written in the Common Expression Language. + $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1CustomLevel' + name: description: >- - The map from roles to their included permissions that match the - permission query (i.e., a query containing - `policy.role.permissions:`). Example: if query - `policy.role.permissions:compute.disk.get` matches a policy binding - that contains owner role, the matched_permissions will be - `{"roles/owner": ["compute.disk.get"]}`. The roles can also be found - in the returned `policy` bindings. Note that the map is populated - only for requests with permission queries. - type: object - additionalProperties: - $ref: '#/components/schemas/Permissions' - Permissions: - id: Permissions - description: IAM permissions - type: object - properties: - permissions: + Identifier. Resource name for the `AccessLevel`. Format: + `accessPolicies/{access_policy}/accessLevels/{access_level}`. The + `access_level` component must begin with a letter, followed by + alphanumeric characters or `_`. Its maximum length is 50 characters. + After you create an `AccessLevel`, you cannot change its `name`. + type: string + title: + description: Human readable title. Must be unique within the Policy. + type: string + basic: + $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1BasicLevel' + description: A `BasicLevel` composed of `Conditions`. + description: description: >- - A list of permissions. A sample permission string: - `compute.disk.get`. - type: array - items: - type: string - AnalyzeIamPolicyResponse: - id: AnalyzeIamPolicyResponse - description: A response message for AssetService.AnalyzeIamPolicy. + Description of the `AccessLevel` and its use. Does not affect + behavior. + type: string + id: GoogleIdentityAccesscontextmanagerV1AccessLevel + description: >- + An `AccessLevel` is a label that can be applied to requests to Google + Cloud services, along with a list of requirements necessary for the + label to be applied. + GoogleCloudOrgpolicyV1RestoreDefault: + id: GoogleCloudOrgpolicyV1RestoreDefault type: object + description: >- + Ignores policies set above this resource and restores the + `constraint_default` enforcement behavior of the specific `Constraint` + at this resource. Suppose that `constraint_default` is set to `ALLOW` + for the `Constraint` `constraints/serviceuser.services`. Suppose that + organization foo.com sets a `Policy` at their Organization resource node + that restricts the allowed service activations to deny all service + activations. They could then set a `Policy` with the `policy_type` + `restore_default` on several experimental projects, restoring the + `constraint_default` enforcement of the `Constraint` for only those + projects, allowing those projects to have all services activated. + properties: {} + QueryContent: + description: The query content. properties: - mainAnalysis: - description: The main analysis that matches the original request. - $ref: '#/components/schemas/IamPolicyAnalysis' - serviceAccountImpersonationAnalysis: - description: >- - The service account impersonation analysis if - IamPolicyAnalysisQuery.Options.analyze_service_account_impersonation - is enabled. - type: array - items: - $ref: '#/components/schemas/IamPolicyAnalysis' - fullyExplored: + iamPolicyAnalysisQuery: description: >- - Represents whether all entries in the main_analysis and - service_account_impersonation_analysis have been fully explored to - answer the query in the request. - type: boolean - IamPolicyAnalysis: - id: IamPolicyAnalysis - description: An analysis message to group the query and results. - type: object - properties: - analysisQuery: - description: The analysis query. + An IAM Policy Analysis query, which could be used in the + AssetService.AnalyzeIamPolicy RPC or the + AssetService.AnalyzeIamPolicyLongrunning RPC. $ref: '#/components/schemas/IamPolicyAnalysisQuery' - analysisResults: - description: >- - A list of IamPolicyAnalysisResult that matches the analysis query, - or empty if no result is found. - type: array - items: - $ref: '#/components/schemas/IamPolicyAnalysisResult' - fullyExplored: - description: >- - Represents whether all entries in the analysis_results have been - fully explored to answer the query. - type: boolean - nonCriticalErrors: - description: A list of non-critical errors happened during the query handling. - type: array - items: - $ref: '#/components/schemas/IamPolicyAnalysisState' - IamPolicyAnalysisQuery: - id: IamPolicyAnalysisQuery - description: IAM policy analysis query message. + id: QueryContent + type: object + ConditionEvaluation: + description: The condition evaluation. type: object properties: - scope: - description: >- - Required. The relative name of the root asset. Only resources and - IAM policies within the scope will be analyzed. This can only be an - organization number (such as "organizations/123"), a folder number - (such as "folders/123"), a project ID (such as - "projects/my-project-id"), or a project number (such as - "projects/12345"). To know how to get organization ID, visit [here - ](https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). - To know how to get folder or project ID, visit [here - ](https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects). + evaluationValue: + description: The evaluation result. + enum: + - EVALUATION_VALUE_UNSPECIFIED + - 'TRUE' + - 'FALSE' + - CONDITIONAL type: string - resourceSelector: - description: Optional. Specifies a resource for analysis. - $ref: '#/components/schemas/ResourceSelector' - identitySelector: - description: Optional. Specifies an identity for analysis. - $ref: '#/components/schemas/IdentitySelector' - accessSelector: - description: >- - Optional. Specifies roles or permissions for analysis. This is - optional. - $ref: '#/components/schemas/AccessSelector' - options: - description: Optional. The query options. - $ref: '#/components/schemas/Options' - conditionContext: - description: Optional. The hypothetical context for IAM conditions evaluation. - $ref: '#/components/schemas/ConditionContext' - ResourceSelector: - id: ResourceSelector - description: >- - Specifies the resource to analyze for access policies, which may be set - directly on the resource, or on ancestors such as organizations, folders - or projects. + enumDescriptions: + - Reserved for future use. + - The evaluation result is `true`. + - The evaluation result is `false`. + - >- + The evaluation result is `conditional` when the condition + expression contains variables that are either missing input values + or have not been supported by Policy Analyzer yet. + id: ConditionEvaluation + GoogleCloudAssetV1Resource: type: object properties: fullResourceName: description: >- - Required. The [full resource name] - (https://cloud.google.com/asset-inventory/docs/resource-name-format) - of a resource of [supported resource - types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types). + The [full resource + name](https://cloud.google.com/asset-inventory/docs/resource-name-format) type: string - IdentitySelector: - id: IdentitySelector - description: >- - Specifies an identity for which to determine resource access, based on - roles assigned either directly to them or to the groups they belong to, - directly or indirectly. - type: object + analysisState: + description: The analysis state of this resource. + $ref: '#/components/schemas/IamPolicyAnalysisState' + description: A Google Cloud resource under analysis. + id: GoogleCloudAssetV1Resource + GoogleIdentityAccesscontextmanagerV1IngressPolicy: properties: - identity: - description: >- - Required. The identity appear in the form of principals in [IAM - policy - binding](https://cloud.google.com/iam/reference/rest/v1/Binding). - The examples of supported forms are: "user:mike@example.com", - "group:admins@example.com", "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com". Notice - that wildcard characters (such as * and ?) are not supported. You - must give a specific identity. + title: type: string - AccessSelector: - id: AccessSelector + description: >- + Optional. Human-readable title for the ingress rule. The title must + be unique within the perimeter and can not exceed 100 characters. + Within the access policy, the combined length of all rule titles + must not exceed 240,000 characters. + ingressFrom: + description: >- + Defines the conditions on the source of a request causing this + IngressPolicy to apply. + $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1IngressFrom' + ingressTo: + description: >- + Defines the conditions on the ApiOperation and request destination + that cause this IngressPolicy to apply. + $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1IngressTo' description: >- - Specifies roles and/or permissions to analyze, to determine both the - identities possessing them and the resources they control. If multiple - values are specified, results will include roles or permissions matching - any of them. The total number of roles and permissions should be equal - or less than 10. + Policy for ingress into ServicePerimeter. IngressPolicies match requests + based on `ingress_from` and `ingress_to` stanzas. For an ingress policy + to match, both the `ingress_from` and `ingress_to` stanzas must be + matched. If an IngressPolicy matches a request, the request is allowed + through the perimeter boundary from outside the perimeter. For example, + access from the internet can be allowed either based on an AccessLevel + or, for traffic hosted on Google Cloud, the project of the source + network. For access from private networks, using the project of the + hosting network is required. Individual ingress policies can be limited + by restricting which services and/or actions they match using the + `ingress_to` field. type: object - properties: - roles: - description: Optional. The roles to appear in result. - type: array - items: - type: string - permissions: - description: Optional. The permissions to appear in result. - type: array - items: - type: string - Options: - id: Options - description: Contains query options. + id: GoogleIdentityAccesscontextmanagerV1IngressPolicy + GoogleCloudAssetV1p7beta1Asset: + id: GoogleCloudAssetV1p7beta1Asset + description: >- + An asset in Google Cloud. An asset can be any resource in the Google + Cloud [resource + hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), + a resource outside the Google Cloud resource hierarchy (such as Google + Kubernetes Engine clusters and objects), or a policy (e.g. IAM policy). + See [Supported asset + types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) + for more information. type: object properties: - expandGroups: - description: >- - Optional. If true, the identities section of the result will expand - any Google groups appearing in an IAM policy binding. If - IamPolicyAnalysisQuery.identity_selector is specified, the identity - in the result will be determined by the selector, and this flag is - not allowed to set. If true, the default max expansion per group is - 1000 for AssetService.AnalyzeIamPolicy][]. Default is false. - type: boolean - expandRoles: - description: >- - Optional. If true, the access section of result will expand any - roles appearing in IAM policy bindings to include their permissions. - If IamPolicyAnalysisQuery.access_selector is specified, the access - section of the result will be determined by the selector, and this - flag is not allowed to set. Default is false. - type: boolean - expandResources: - description: >- - Optional. If true and IamPolicyAnalysisQuery.resource_selector is - not specified, the resource section of the result will expand any - resource attached to an IAM policy to include resources lower in the - resource hierarchy. For example, if the request analyzes for which - resources user A has permission P, and the results include an IAM - policy with P on a Google Cloud folder, the results will also - include resources in that folder with permission P. If true and - IamPolicyAnalysisQuery.resource_selector is specified, the resource - section of the result will expand the specified resource to include - resources lower in the resource hierarchy. Only project or lower - resources are supported. Folder and organization resources cannot be - used together with this option. For example, if the request analyzes - for which users have permission P on a Google Cloud project with - this option enabled, the results will include all users who have - permission P on that project or any lower resource. If true, the - default max expansion per resource is 1000 for - AssetService.AnalyzeIamPolicy][] and 100000 for - AssetService.AnalyzeIamPolicyLongrunning][]. Default is false. - type: boolean - outputResourceEdges: + servicePerimeter: description: >- - Optional. If true, the result will output the relevant parent/child - relationships between resources. Default is false. - type: boolean - outputGroupEdges: + Please also refer to the [service perimeter user + guide](https://cloud.google.com/vpc-service-controls/docs/overview). + $ref: >- + #/components/schemas/GoogleIdentityAccesscontextmanagerV1ServicePerimeter + resource: + description: A representation of the resource. + $ref: '#/components/schemas/GoogleCloudAssetV1p7beta1Resource' + accessLevel: description: >- - Optional. If true, the result will output the relevant membership - relationships between groups and other groups, and between groups - and principals. Default is false. - type: boolean - analyzeServiceAccountImpersonation: + Please also refer to the [access level user + guide](https://cloud.google.com/access-context-manager/docs/overview#access-levels). + $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1AccessLevel' + accessPolicy: + $ref: >- + #/components/schemas/GoogleIdentityAccesscontextmanagerV1AccessPolicy description: >- - Optional. If true, the response will include access analysis from - identities to resources via service account impersonation. This is a - very expensive operation, because many derived queries will be - executed. We highly recommend you use - AssetService.AnalyzeIamPolicyLongrunning RPC instead. For example, - if the request analyzes for which resources user A has permission P, - and there's an IAM policy states user A has - iam.serviceAccounts.getAccessToken permission to a service account - SA, and there's another IAM policy states service account SA has - permission P to a Google Cloud folder F, then user A potentially has - access to the Google Cloud folder F. And those advanced analysis - results will be included in - AnalyzeIamPolicyResponse.service_account_impersonation_analysis. - Another example, if the request analyzes for who has permission P to - a Google Cloud folder F, and there's an IAM policy states user A has - iam.serviceAccounts.actAs permission to a service account SA, and - there's another IAM policy states service account SA has permission - P to the Google Cloud folder F, then user A potentially has access - to the Google Cloud folder F. And those advanced analysis results - will be included in - AnalyzeIamPolicyResponse.service_account_impersonation_analysis. - Only the following permissions are considered in this analysis: * - `iam.serviceAccounts.actAs` * `iam.serviceAccounts.signBlob` * - `iam.serviceAccounts.signJwt` * `iam.serviceAccounts.getAccessToken` - * `iam.serviceAccounts.getOpenIdToken` * - `iam.serviceAccounts.implicitDelegation` Default is false. - type: boolean - ConditionContext: - id: ConditionContext - description: The IAM conditions context. - type: object - properties: - accessTime: + Please also refer to the [access policy user + guide](https://cloud.google.com/access-context-manager/docs/overview#access-policies). + name: description: >- - The hypothetical access timestamp to evaluate IAM conditions. Note - that this value must not be earlier than the current time; - otherwise, an INVALID_ARGUMENT error will be returned. + The full name of the asset. Example: + `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1` + See [Resource + names](https://cloud.google.com/apis/design/resource_names#full_resource_name) + for more information. type: string - format: google-datetime - IamPolicyAnalysisResult: - id: IamPolicyAnalysisResult - description: >- - IAM Policy analysis result, consisting of one IAM policy binding and - derived access control lists. - type: object - properties: - attachedResourceFullName: + ancestors: + type: array description: >- - The [full resource - name](https://cloud.google.com/asset-inventory/docs/resource-name-format) - of the resource to which the iam_binding policy attaches. - type: string - iamBinding: - description: The IAM policy binding under analysis. - $ref: '#/components/schemas/Binding' - accessControlLists: + The ancestry path of an asset in Google Cloud [resource + hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), + represented as a list of relative resource names. An ancestry path + starts with the closest ancestor in the hierarchy and ends at root. + If the asset is a project, folder, or organization, the ancestry + path starts from the asset itself. Example: `["projects/123456789", + "folders/5432", "organizations/1234"]` + items: + type: string + relatedAssets: description: >- - The access control lists derived from the iam_binding that match or - potentially match resource and access selectors specified in the - request. - type: array + The related assets of the asset of one relationship type. One asset + only represents one type of relationship. + $ref: '#/components/schemas/GoogleCloudAssetV1p7beta1RelatedAssets' + orgPolicy: items: - $ref: '#/components/schemas/GoogleCloudAssetV1AccessControlList' - identityList: + $ref: '#/components/schemas/GoogleCloudOrgpolicyV1Policy' + type: array + description: >- + A representation of an [organization + policy](https://cloud.google.com/resource-manager/docs/organization-policy/overview#organization_policy). + There can be more than one organization policy with different + constraints set on a given resource. + iamPolicy: + $ref: '#/components/schemas/Policy' + description: >- + A representation of the IAM policy set on a Google Cloud resource. + There can be a maximum of one IAM policy set on any given resource. + In addition, IAM policies inherit their granted access scope from + any policies set on parent resources in the resource hierarchy. + Therefore, the effectively policy is the union of both the policy + set on this resource and each policy set on all of the resource's + ancestry resource levels in the hierarchy. See [this + topic](https://cloud.google.com/iam/help/allow-policies/inheritance) + for more information. + updateTime: + format: google-datetime description: >- - The identity list derived from members of the iam_binding that match - or potentially match identity selector specified in the request. - $ref: '#/components/schemas/GoogleCloudAssetV1IdentityList' - fullyExplored: + The last update timestamp of an asset. update_time is updated when + create/update/delete operation is performed. + type: string + assetType: + type: string description: >- - Represents whether all analyses on the iam_binding have successfully - finished. - type: boolean - GoogleCloudAssetV1AccessControlList: - id: GoogleCloudAssetV1AccessControlList - description: >- - An access control list, derived from the above IAM policy binding, which - contains a set of resources and accesses. May include one item from each - set to compose an access control entry. NOTICE that there could be - multiple access control lists for one IAM policy binding. The access - control lists are created based on resource and access combinations. For - example, assume we have the following cases in one IAM policy binding: - - Permission P1 and P2 apply to resource R1 and R2; - Permission P3 - applies to resource R2 and R3; This will result in the following access - control lists: - AccessControlList 1: [R1, R2], [P1, P2] - - AccessControlList 2: [R2, R3], [P3] - type: object + The type of the asset. Example: `compute.googleapis.com/Disk` See + [Supported asset + types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) + for more information. + GoogleCloudAssetV1GovernedContainer: properties: - resources: + folders: description: >- - The resources that match one of the following conditions: - The - resource_selector, if it is specified in request; - Otherwise, - resources reachable from the policy attached resource. + The folder(s) that this resource belongs to, in the format of + folders/{FOLDER_NUMBER}. This field is available when the resource + belongs (directly or cascadingly) to one or more folders. type: array items: - $ref: '#/components/schemas/GoogleCloudAssetV1Resource' - accesses: - description: >- - The accesses that match one of the following conditions: - The - access_selector, if it is specified in request; - Otherwise, access - specifiers reachable from the policy binding's role. - type: array + type: string + policyBundle: items: - $ref: '#/components/schemas/GoogleCloudAssetV1Access' - resourceEdges: + $ref: '#/components/schemas/AnalyzerOrgPolicy' + type: array description: >- - Resource edges of the graph starting from the policy attached - resource to any descendant resources. The Edge.source_node contains - the full resource name of a parent resource and Edge.target_node - contains the full resource name of a child resource. This field is - present only if the output_resource_edges option is enabled in - request. + The ordered list of all organization policies from the + consolidated_policy.attached_resource. to the scope specified in the + request. If the constraint is defined with default policy, it will + also appear in the list. + organization: + type: string + description: >- + The organization that this resource belongs to, in the format of + organizations/{ORGANIZATION_NUMBER}. This field is available when + the resource belongs (directly or cascadingly) to an organization. + effectiveTags: type: array items: - $ref: '#/components/schemas/GoogleCloudAssetV1Edge' - conditionEvaluation: + $ref: '#/components/schemas/EffectiveTagDetails' + description: The effective tags on this resource. + parent: description: >- - Condition evaluation for this AccessControlList, if there is a - condition defined in the above IAM policy binding. - $ref: '#/components/schemas/ConditionEvaluation' - GoogleCloudAssetV1Resource: - id: GoogleCloudAssetV1Resource - description: A Google Cloud resource under analysis. - type: object - properties: + The [full resource name] + (https://cloud.google.com/asset-inventory/docs/resource-name-format) + of the parent of + AnalyzeOrgPolicyGovernedContainersResponse.GovernedContainer.full_resource_name. + type: string fullResourceName: description: >- - The [full resource - name](https://cloud.google.com/asset-inventory/docs/resource-name-format) + The [full resource name] + (https://cloud.google.com/asset-inventory/docs/resource-name-format) + of an organization/folder/project resource. type: string - analysisState: - description: The analysis state of this resource. - $ref: '#/components/schemas/IamPolicyAnalysisState' - IamPolicyAnalysisState: - id: IamPolicyAnalysisState - description: >- - Represents the detailed state of an entity under analysis, such as a - resource, an identity or an access. - type: object - properties: - code: - description: >- - The Google standard error code that best describes the state. For - example: - OK means the analysis on this entity has been - successfully finished; - PERMISSION_DENIED means an access denied - error is encountered; - DEADLINE_EXCEEDED means the analysis on this - entity hasn't been started in time; + project: type: string - enumDescriptions: - - 'Not an error; returned on success. HTTP Mapping: 200 OK' - - >- - The operation was cancelled, typically by the caller. HTTP - Mapping: 499 Client Closed Request - - >- - Unknown error. For example, this error may be returned when a - `Status` value received from another address space belongs to an - error space that is not known in this address space. Also errors - raised by APIs that do not return enough error information may be - converted to this error. HTTP Mapping: 500 Internal Server Error - - >- - The client specified an invalid argument. Note that this differs - from `FAILED_PRECONDITION`. `INVALID_ARGUMENT` indicates arguments - that are problematic regardless of the state of the system (e.g., - a malformed file name). HTTP Mapping: 400 Bad Request - - >- - The deadline expired before the operation could complete. For - operations that change the state of the system, this error may be - returned even if the operation has completed successfully. For - example, a successful response from a server could have been - delayed long enough for the deadline to expire. HTTP Mapping: 504 - Gateway Timeout - - >- - Some requested entity (e.g., file or directory) was not found. - Note to server developers: if a request is denied for an entire - class of users, such as gradual feature rollout or undocumented - allowlist, `NOT_FOUND` may be used. If a request is denied for - some users within a class of users, such as user-based access - control, `PERMISSION_DENIED` must be used. HTTP Mapping: 404 Not - Found - - >- - The entity that a client attempted to create (e.g., file or - directory) already exists. HTTP Mapping: 409 Conflict - - >- - The caller does not have permission to execute the specified - operation. `PERMISSION_DENIED` must not be used for rejections - caused by exhausting some resource (use `RESOURCE_EXHAUSTED` - instead for those errors). `PERMISSION_DENIED` must not be used if - the caller can not be identified (use `UNAUTHENTICATED` instead - for those errors). This error code does not imply the request is - valid or the requested entity exists or satisfies other - pre-conditions. HTTP Mapping: 403 Forbidden - - >- - The request does not have valid authentication credentials for the - operation. HTTP Mapping: 401 Unauthorized - - >- - Some resource has been exhausted, perhaps a per-user quota, or - perhaps the entire file system is out of space. HTTP Mapping: 429 - Too Many Requests - - >- - The operation was rejected because the system is not in a state - required for the operation's execution. For example, the directory - to be deleted is non-empty, an rmdir operation is applied to a - non-directory, etc. Service implementors can use the following - guidelines to decide between `FAILED_PRECONDITION`, `ABORTED`, and - `UNAVAILABLE`: (a) Use `UNAVAILABLE` if the client can retry just - the failing call. (b) Use `ABORTED` if the client should retry at - a higher level. For example, when a client-specified test-and-set - fails, indicating the client should restart a read-modify-write - sequence. (c) Use `FAILED_PRECONDITION` if the client should not - retry until the system state has been explicitly fixed. For - example, if an "rmdir" fails because the directory is non-empty, - `FAILED_PRECONDITION` should be returned since the client should - not retry unless the files are deleted from the directory. HTTP - Mapping: 400 Bad Request - - >- - The operation was aborted, typically due to a concurrency issue - such as a sequencer check failure or transaction abort. See the - guidelines above for deciding between `FAILED_PRECONDITION`, - `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: 409 Conflict - - >- - The operation was attempted past the valid range. E.g., seeking or - reading past end-of-file. Unlike `INVALID_ARGUMENT`, this error - indicates a problem that may be fixed if the system state changes. - For example, a 32-bit file system will generate `INVALID_ARGUMENT` - if asked to read at an offset that is not in the range [0,2^32-1], - but it will generate `OUT_OF_RANGE` if asked to read from an - offset past the current file size. There is a fair bit of overlap - between `FAILED_PRECONDITION` and `OUT_OF_RANGE`. We recommend - using `OUT_OF_RANGE` (the more specific error) when it applies so - that callers who are iterating through a space can easily look for - an `OUT_OF_RANGE` error to detect when they are done. HTTP - Mapping: 400 Bad Request - - >- - The operation is not implemented or is not supported/enabled in - this service. HTTP Mapping: 501 Not Implemented - - >- - Internal errors. This means that some invariants expected by the - underlying system have been broken. This error code is reserved - for serious errors. HTTP Mapping: 500 Internal Server Error - - >- - The service is currently unavailable. This is most likely a - transient condition, which can be corrected by retrying with a - backoff. Note that it is not always safe to retry non-idempotent - operations. See the guidelines above for deciding between - `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: - 503 Service Unavailable - - >- - Unrecoverable data loss or corruption. HTTP Mapping: 500 Internal - Server Error - enum: - - OK - - CANCELLED - - UNKNOWN - - INVALID_ARGUMENT - - DEADLINE_EXCEEDED - - NOT_FOUND - - ALREADY_EXISTS - - PERMISSION_DENIED - - UNAUTHENTICATED - - RESOURCE_EXHAUSTED - - FAILED_PRECONDITION - - ABORTED - - OUT_OF_RANGE - - UNIMPLEMENTED - - INTERNAL - - UNAVAILABLE - - DATA_LOSS - cause: - description: The human-readable description of the cause of failure. + description: >- + The project that this resource belongs to, in the format of + projects/{PROJECT_NUMBER}. This field is available when the resource + belongs to a project. + consolidatedPolicy: + $ref: '#/components/schemas/AnalyzerOrgPolicy' + description: >- + The consolidated organization policy for the analyzed resource. The + consolidated organization policy is computed by merging and + evaluating + AnalyzeOrgPolicyGovernedContainersResponse.GovernedContainer.policy_bundle. + The evaluation will respect the organization policy [hierarchy + rules](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-hierarchy). + type: object + id: GoogleCloudAssetV1GovernedContainer + description: >- + The organization/folder/project resource governed by organization + policies of AnalyzeOrgPolicyGovernedContainersRequest.constraint. + GoogleCloudAssetV1BooleanConstraint: + description: >- + A `Constraint` that is either enforced or not. For example a constraint + `constraints/compute.disableSerialPortAccess`. If it is enforced on a VM + instance, serial port connections will not be opened to that instance. + id: GoogleCloudAssetV1BooleanConstraint + properties: {} + type: object + WindowsQuickFixEngineeringPackage: + properties: + installTime: type: string - GoogleCloudAssetV1Access: - id: GoogleCloudAssetV1Access - description: An IAM role or permission under analysis. + format: google-datetime + description: >- + Date that the QFE update was installed. Mapped from installed_on + field. + description: + type: string + description: A textual description of the QFE update. + caption: + description: A short textual description of the QFE update. + type: string + hotFixId: + description: Unique identifier associated with a particular QFE update. + type: string + description: >- + Information related to a Quick Fix Engineering package. Fields are taken + from Windows QuickFixEngineering Interface and match the source names: + https://docs.microsoft.com/en-us/windows/win32/cimwin32prov/win32-quickfixengineering + type: object + id: WindowsQuickFixEngineeringPackage + AnalyzeOrgPoliciesResponse: + id: AnalyzeOrgPoliciesResponse type: object + description: The response message for AssetService.AnalyzeOrgPolicies. properties: - role: - description: The role. + orgPolicyResults: + description: >- + The organization policies under the AnalyzeOrgPoliciesRequest.scope + with the AnalyzeOrgPoliciesRequest.constraint. + items: + $ref: '#/components/schemas/OrgPolicyResult' + type: array + constraint: + description: The definition of the constraint in the request. + $ref: '#/components/schemas/AnalyzerOrgPolicyConstraint' + nextPageToken: + description: >- + The page token to fetch the next page for + AnalyzeOrgPoliciesResponse.org_policy_results. type: string - permission: - description: The permission. + GoogleIdentityAccesscontextmanagerV1EgressSource: + id: GoogleIdentityAccesscontextmanagerV1EgressSource + type: object + description: >- + The source that EgressPolicy authorizes access from inside the + ServicePerimeter to somewhere outside the ServicePerimeter boundaries. + properties: + resource: + description: >- + A Google Cloud resource from the service perimeter that you want to + allow to access data outside the perimeter. This field supports only + projects. The project format is `projects/{project_number}`. You + can't use `*` in this field to allow all Google Cloud resources. type: string - analysisState: - description: The analysis state of this access. - $ref: '#/components/schemas/IamPolicyAnalysisState' + accessLevel: + description: >- + An AccessLevel resource name that allows protected resources inside + the ServicePerimeters to access outside the ServicePerimeter + boundaries. AccessLevels listed must be in the same policy as this + ServicePerimeter. Referencing a nonexistent AccessLevel will cause + an error. If an AccessLevel name is not specified, only resources + within the perimeter can be accessed through Google Cloud calls with + request origins within the perimeter. Example: + `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is + specified for `access_level`, then all EgressSources will be + allowed. + type: string + SavedQuery: + id: SavedQuery + description: A saved query which can be shared with others or used later. + type: object + properties: + labels: + additionalProperties: + type: string + description: >- + Labels applied on the resource. This value should not contain more + than 10 entries. The key and value of each entry must be non-empty + and fewer than 64 characters. + type: object + lastUpdateTime: + format: google-datetime + type: string + readOnly: true + description: Output only. The last update time of this saved query. + lastUpdater: + description: >- + Output only. The account's email address who has updated this saved + query most recently. + readOnly: true + type: string + creator: + readOnly: true + description: >- + Output only. The account's email address who has created this saved + query. + type: string + content: + $ref: '#/components/schemas/QueryContent' + description: The query content. + name: + description: >- + The resource name of the saved query. The format must be: * + projects/project_number/savedQueries/saved_query_id * + folders/folder_number/savedQueries/saved_query_id * + organizations/organization_number/savedQueries/saved_query_id + type: string + createTime: + description: Output only. The create time of this saved query. + format: google-datetime + readOnly: true + type: string + description: + type: string + description: >- + The description of this saved query. This value should be fewer than + 255 characters. + GoogleCloudAssetV1StringValues: + properties: + allowedValues: + type: array + items: + type: string + description: List of values allowed at this resource. + deniedValues: + items: + type: string + description: List of values denied at this resource. + type: array + description: The string values for the list constraints. + type: object + id: GoogleCloudAssetV1StringValues GoogleCloudAssetV1Edge: id: GoogleCloudAssetV1Edge - description: A directional edge. type: object + description: A directional edge. properties: sourceNode: description: >- @@ -3691,73 +3492,118 @@ components: The target node of the edge. For example, it could be a full resource name for a resource node or an email of an identity. type: string - ConditionEvaluation: - id: ConditionEvaluation - description: The condition evaluation. + GoogleCloudAssetV1p7beta1Resource: type: object + id: GoogleCloudAssetV1p7beta1Resource + description: A representation of a Google Cloud resource. properties: - evaluationValue: - description: The evaluation result. + discoveryName: type: string - enumDescriptions: - - Reserved for future use. - - The evaluation result is `true`. - - The evaluation result is `false`. - - >- - The evaluation result is `conditional` when the condition - expression contains variables that are either missing input values - or have not been supported by Policy Analyzer yet. - enum: - - EVALUATION_VALUE_UNSPECIFIED - - 'TRUE' - - 'FALSE' - - CONDITIONAL - GoogleCloudAssetV1IdentityList: - id: GoogleCloudAssetV1IdentityList - description: The identities and group edges. + description: >- + The JSON schema name listed in the discovery document. Example: + `Project` This value is unspecified for resources that do not have + an API based on a discovery document, such as Cloud Bigtable. + discoveryDocumentUri: + description: >- + The URL of the discovery document containing the resource's JSON + schema. Example: + `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest` This + value is unspecified for resources that do not have an API based on + a discovery document, such as Cloud Bigtable. + type: string + version: + description: 'The API version. Example: `v1`' + type: string + parent: + type: string + description: >- + The full name of the immediate parent of this resource. See + [Resource + Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) + for more information. For Google Cloud assets, this value is the + parent resource defined in the [IAM policy + hierarchy](https://cloud.google.com/iam/docs/overview#policy_hierarchy). + Example: + `//cloudresourcemanager.googleapis.com/projects/my_project_123` For + third-party assets, this field may be set differently. + location: + description: >- + The location of the resource in Google Cloud, such as its zone and + region. For more information, see + https://cloud.google.com/about/locations/. + type: string + data: + type: object + description: >- + The content of the resource, in which some sensitive fields are + removed and may not be present. + additionalProperties: + type: any + description: Properties of the object. + resourceUrl: + type: string + description: >- + The REST URL for accessing the resource. An HTTP `GET` request using + this URL returns the resource itself. Example: + `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-123` + This value is unspecified for resources without a REST API. + GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedResource: + description: >- + The Google Cloud resources governed by the organization policies of the + AnalyzeOrgPolicyGovernedAssetsRequest.constraint. type: object + id: GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedResource properties: - identities: + effectiveTags: + items: + $ref: '#/components/schemas/EffectiveTagDetails' + type: array + description: The effective tags on this resource. + fullResourceName: + description: >- + The [full resource name] + (https://cloud.google.com/asset-inventory/docs/resource-name-format) + of the Google Cloud resource. + type: string + assetType: + description: >- + The asset type of the + AnalyzeOrgPolicyGovernedAssetsResponse.GovernedResource.full_resource_name + Example: `cloudresourcemanager.googleapis.com/Project` See [Cloud + Asset Inventory Supported Asset + Types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) + for all supported asset types. + type: string + project: + description: >- + The project that this resource belongs to, in the format of + projects/{PROJECT_NUMBER}. This field is available when the resource + belongs to a project. + type: string + parent: + description: >- + The [full resource name] + (https://cloud.google.com/asset-inventory/docs/resource-name-format) + of the parent of + AnalyzeOrgPolicyGovernedAssetsResponse.GovernedResource.full_resource_name. + type: string + organization: description: >- - Only the identities that match one of the following conditions will - be presented: - The identity_selector, if it is specified in - request; - Otherwise, identities reachable from the policy binding's - members. - type: array + The organization that this resource belongs to, in the format of + organizations/{ORGANIZATION_NUMBER}. This field is available when + the resource belongs (directly or cascadingly) to an organization. + type: string + folders: items: - $ref: '#/components/schemas/GoogleCloudAssetV1Identity' - groupEdges: - description: >- - Group identity edges of the graph starting from the binding's group - members to any node of the identities. The Edge.source_node contains - a group, such as `group:parent@google.com`. The Edge.target_node - contains a member of the group, such as `group:child@google.com` or - `user:foo@google.com`. This field is present only if the - output_group_edges option is enabled in request. + type: string type: array - items: - $ref: '#/components/schemas/GoogleCloudAssetV1Edge' - GoogleCloudAssetV1Identity: - id: GoogleCloudAssetV1Identity - description: An identity under analysis. - type: object - properties: - name: description: >- - The identity of members, formatted as appear in an [IAM policy - binding](https://cloud.google.com/iam/reference/rest/v1/Binding). - For example, they might be formatted like the following: - - user:foo@google.com - group:group1@google.com - - serviceAccount:s1@prj1.iam.gserviceaccount.com - - projectOwner:some_project_id - domain:google.com - allUsers - type: string - analysisState: - description: The analysis state of this identity. - $ref: '#/components/schemas/IamPolicyAnalysisState' + The folder(s) that this resource belongs to, in the format of + folders/{FOLDER_NUMBER}. This field is available when the resource + belongs (directly or cascadingly) to one or more folders. AnalyzeIamPolicyLongrunningRequest: - id: AnalyzeIamPolicyLongrunningRequest - description: A request message for AssetService.AnalyzeIamPolicyLongrunning. type: object + id: AnalyzeIamPolicyLongrunningRequest properties: analysisQuery: description: Required. The request query. @@ -3782,1033 +3628,1135 @@ components: Required. Output configuration indicating where the results will be output to. $ref: '#/components/schemas/IamPolicyAnalysisOutputConfig' - IamPolicyAnalysisOutputConfig: - id: IamPolicyAnalysisOutputConfig - description: Output configuration for export IAM policy analysis destination. + description: A request message for AssetService.AnalyzeIamPolicyLongrunning. + RelatedAsset: + properties: + asset: + description: >- + The full name of the asset. Example: + `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1` + See [Resource + names](https://cloud.google.com/apis/design/resource_names#full_resource_name) + for more information. + type: string + assetType: + description: >- + The type of the asset. Example: `compute.googleapis.com/Disk` See + [Supported asset + types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) + for more information. + type: string + relationshipType: + description: >- + The unique identifier of the relationship type. Example: + `INSTANCE_TO_INSTANCEGROUP` + type: string + ancestors: + items: + type: string + description: >- + The ancestors of an asset in Google Cloud [resource + hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), + represented as a list of relative resource names. An ancestry path + starts with the closest ancestor in the hierarchy and ends at root. + Example: `["projects/123456789", "folders/5432", + "organizations/1234"]` + type: array + id: RelatedAsset + type: object + description: >- + An asset identifier in Google Cloud which contains its name, type and + ancestors. An asset can be any resource in the Google Cloud [resource + hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), + a resource outside the Google Cloud resource hierarchy (such as Google + Kubernetes Engine clusters and objects), or a policy (e.g. IAM policy). + See [Supported asset + types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) + for more information. + AnalyzeIamPolicyLongrunningMetadata: + description: >- + Represents the metadata of the longrunning operation for the + AnalyzeIamPolicyLongrunning RPC. type: object properties: - gcsDestination: - description: Destination on Cloud Storage. - $ref: '#/components/schemas/GoogleCloudAssetV1GcsDestination' - bigqueryDestination: - description: Destination on BigQuery. - $ref: '#/components/schemas/GoogleCloudAssetV1BigQueryDestination' - GoogleCloudAssetV1GcsDestination: - id: GoogleCloudAssetV1GcsDestination - description: A Cloud Storage location. + createTime: + readOnly: true + type: string + description: Output only. The time the operation was created. + format: google-datetime + id: AnalyzeIamPolicyLongrunningMetadata + AssetException: + description: An exception of an asset. + properties: + exceptionType: + type: string + description: The type of exception. + enumDescriptions: + - exception_type is not applicable for the current asset. + - The asset content is truncated. + enum: + - EXCEPTION_TYPE_UNSPECIFIED + - TRUNCATION + details: + type: string + description: The details of the exception. type: object + id: AssetException + EffectiveIamPolicy: + description: The effective IAM policies on one resource. properties: - uri: + fullResourceName: + type: string description: >- - Required. The URI of the Cloud Storage object. It's the same URI - that is used by gsutil. Example: "gs://bucket_name/object_name". See - [Viewing and Editing Object - Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata) - for more information. If the specified Cloud Storage object already - exists and there is no - [hold](https://cloud.google.com/storage/docs/object-holds), it will - be overwritten with the analysis result. + The [full_resource_name] + (https://cloud.google.com/asset-inventory/docs/resource-name-format) + for which the policies are computed. This is one of the + BatchGetEffectiveIamPoliciesRequest.names the caller provides in the + request. + policies: + description: >- + The effective policies for the full_resource_name. These policies + include the policy set on the full_resource_name and those set on + its parents and ancestors up to the + BatchGetEffectiveIamPoliciesRequest.scope. Note that these policies + are not filtered according to the resource type of the + full_resource_name. These policies are hierarchically ordered by + PolicyInfo.attached_resource starting from full_resource_name itself + to its parents and ancestors, such that policies[i]'s + PolicyInfo.attached_resource is the child of policies[i+1]'s + PolicyInfo.attached_resource, if policies[i+1] exists. + type: array + items: + $ref: '#/components/schemas/PolicyInfo' + id: EffectiveIamPolicy + type: object + CreateFeedRequest: + id: CreateFeedRequest + type: object + properties: + feed: + description: >- + Required. The feed details. The field `name` must be empty and it + will be generated in the format of: + projects/project_number/feeds/feed_id + folders/folder_number/feeds/feed_id + organizations/organization_number/feeds/feed_id + $ref: '#/components/schemas/Feed' + feedId: type: string - GoogleCloudAssetV1BigQueryDestination: - id: GoogleCloudAssetV1BigQueryDestination - description: A BigQuery destination. + description: >- + Required. This is the client-assigned asset feed identifier and it + needs to be unique under a specific parent + project/folder/organization. + description: Create asset feed request. + Status: + id: Status + type: object + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + properties: + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + details: + type: array + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + code: + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + PartitionSpec: + type: object + description: Specifications of BigQuery partitioned table as export destination. + id: PartitionSpec + properties: + partitionKey: + description: The partition key for BigQuery partitioned table. + enumDescriptions: + - >- + Unspecified partition key. If used, it means using non-partitioned + table. + - >- + The time when the snapshot is taken. If specified as partition + key, the result table(s) is partitioned by the additional + timestamp column, readTime. If [read_time] in ExportAssetsRequest + is specified, the readTime column's value will be the same as it. + Otherwise, its value will be the current time that is used to take + the snapshot. + - >- + The time when the request is received and started to be processed. + If specified as partition key, the result table(s) is partitioned + by the requestTime column, an additional timestamp column + representing when the request was received. + type: string + enum: + - PARTITION_KEY_UNSPECIFIED + - READ_TIME + - REQUEST_TIME + AnalyzerOrgPolicyConstraint: + properties: + customConstraint: + description: The definition of the custom constraint. + $ref: '#/components/schemas/GoogleCloudAssetV1CustomConstraint' + googleDefinedConstraint: + description: The definition of the canned constraint defined by Google. + $ref: '#/components/schemas/GoogleCloudAssetV1Constraint' + id: AnalyzerOrgPolicyConstraint + description: The organization policy constraint definition. type: object + TableFieldSchema: + id: TableFieldSchema properties: - dataset: + fields: + items: + $ref: '#/components/schemas/TableFieldSchema' + type: array description: >- - Required. The BigQuery dataset in format - "projects/projectId/datasets/datasetId", to which the analysis - results should be exported. If this dataset does not exist, the - export call will return an INVALID_ARGUMENT error. - type: string - tablePrefix: + Describes the nested schema fields if the type property is set to + RECORD. + field: description: >- - Required. The prefix of the BigQuery tables to which the analysis - results will be written. Tables will be created based on this - table_prefix if not exist: * _analysis table will contain export - operation's metadata. * _analysis_result will contain all the - IamPolicyAnalysisResult. When [partition_key] is specified, both - tables will be partitioned based on the [partition_key]. + The field name. The name must contain only letters (a-z, A-Z), + numbers (0-9), or underscores (_), and must start with a letter or + underscore. The maximum length is 128 characters. type: string - partitionKey: - description: The partition key for BigQuery partitioned table. + type: type: string - enumDescriptions: - - >- - Unspecified partition key. Tables won't be partitioned using this - option. - - >- - The time when the request is received. If specified as partition - key, the result table(s) is partitioned by the RequestTime column, - an additional timestamp column representing when the request was - received. - enum: - - PARTITION_KEY_UNSPECIFIED - - REQUEST_TIME - writeDisposition: description: >- - Optional. Specifies the action that occurs if the destination table - or partition already exists. The following values are supported: * - WRITE_TRUNCATE: If the table or partition already exists, BigQuery - overwrites the entire table or all the partitions data. * - WRITE_APPEND: If the table or partition already exists, BigQuery - appends the data to the table or the latest partition. * - WRITE_EMPTY: If the table already exists and contains data, an error - is returned. The default value is WRITE_APPEND. Each action is - atomic and only occurs if BigQuery is able to complete the job - successfully. Details are at - https://cloud.google.com/bigquery/docs/loading-data-local#appending_to_or_overwriting_a_table_using_a_local_file. + The field data type. Possible values include * STRING * BYTES * + INTEGER * FLOAT * BOOLEAN * TIMESTAMP * DATE * TIME * DATETIME * + GEOGRAPHY, * NUMERIC, * BIGNUMERIC, * RECORD (where RECORD indicates + that the field contains a nested schema). + mode: type: string - AnalyzeMoveResponse: - id: AnalyzeMoveResponse - description: The response message for resource move analysis. + description: >- + The field mode. Possible values include NULLABLE, REQUIRED and + REPEATED. The default value is NULLABLE. type: object + description: A field in TableSchema. + GoogleIdentityAccesscontextmanagerV1IngressFrom: + id: GoogleIdentityAccesscontextmanagerV1IngressFrom properties: - moveAnalysis: + identities: description: >- - The list of analyses returned from performing the intended resource - move analysis. The analysis is grouped by different Google Cloud - services. + A list of identities that are allowed access through + [IngressPolicy]. Identities can be an individual user, service + account, Google group, or third-party identity. For third-party + identity, only single identities are supported and other identity + types are not supported. The `v1` identities that have the prefix + `user`, `group`, `serviceAccount`, and `principal` in + https://cloud.google.com/iam/docs/principal-identifiers#v1 are + supported. + items: + type: string type: array + identityType: + description: >- + Specifies the type of identities that are allowed access from + outside the perimeter. If left unspecified, then members of + `identities` field will be allowed access. + type: string + enum: + - IDENTITY_TYPE_UNSPECIFIED + - ANY_IDENTITY + - ANY_USER_ACCOUNT + - ANY_SERVICE_ACCOUNT + enumDescriptions: + - No blanket identity group specified. + - Authorize access from all identities outside the perimeter. + - Authorize access from all human users outside the perimeter. + - Authorize access from all service accounts outside the perimeter. + sources: items: - $ref: '#/components/schemas/MoveAnalysis' + $ref: >- + #/components/schemas/GoogleIdentityAccesscontextmanagerV1IngressSource + description: Sources that this IngressPolicy authorizes access from. + type: array + description: >- + Defines the conditions under which an IngressPolicy matches a request. + Conditions are based on information about the source of the request. The + request must satisfy what is defined in `sources` AND identity related + fields in order to match. + type: object MoveAnalysis: - id: MoveAnalysis description: A message to group the analysis information. type: object + id: MoveAnalysis properties: displayName: description: >- The user friendly display name of the analysis. E.g. IAM, organization policy etc. type: string - analysis: - description: Analysis result of moving the target resource. - $ref: '#/components/schemas/MoveAnalysisResult' error: description: Description of error encountered when performing the analysis. $ref: '#/components/schemas/Status' - MoveAnalysisResult: - id: MoveAnalysisResult - description: An analysis result including blockers and warnings. - type: object + analysis: + $ref: '#/components/schemas/MoveAnalysisResult' + description: Analysis result of moving the target resource. + IamPolicyAnalysis: properties: - blockers: + fullyExplored: + type: boolean description: >- - Blocking information that would prevent the target resource from - moving to the specified destination at runtime. + Represents whether all entries in the analysis_results have been + fully explored to answer the query. + analysisResults: type: array items: - $ref: '#/components/schemas/MoveImpact' - warnings: + $ref: '#/components/schemas/IamPolicyAnalysisResult' description: >- - Warning information indicating that moving the target resource to - the specified destination might be unsafe. This can include - important policy information and configuration changes, but will not - block moves at runtime. - type: array + A list of IamPolicyAnalysisResult that matches the analysis query, + or empty if no result is found. + analysisQuery: + $ref: '#/components/schemas/IamPolicyAnalysisQuery' + description: The analysis query. + nonCriticalErrors: items: - $ref: '#/components/schemas/MoveImpact' - MoveImpact: - id: MoveImpact - description: A message to group impacts of moving the target resource. - type: object - properties: - detail: - description: User friendly impact detail in a free form message. - type: string - QueryAssetsRequest: - id: QueryAssetsRequest - description: QueryAssets request. - type: object - properties: - statement: - description: >- - Optional. A SQL statement that's compatible with [BigQuery - SQL](https://cloud.google.com/bigquery/docs/introduction-sql). - type: string - jobReference: - description: >- - Optional. Reference to the query job, which is from the - `QueryAssetsResponse` of previous `QueryAssets` call. - type: string - pageSize: - description: >- - Optional. The maximum number of rows to return in the results. - Responses are limited to 10 MB and 1000 rows. By default, the - maximum row count is 1000. When the byte or row count limit is - reached, the rest of the query results will be paginated. The field - will be ignored when [output_config] is specified. - type: integer - format: int32 - pageToken: - description: >- - Optional. A page token received from previous `QueryAssets`. The - field will be ignored when [output_config] is specified. - type: string - timeout: - description: >- - Optional. Specifies the maximum amount of time that the client is - willing to wait for the query to complete. By default, this limit is - 5 min for the first query, and 1 minute for the following queries. - If the query is complete, the `done` field in the - `QueryAssetsResponse` is true, otherwise false. Like BigQuery - [jobs.query - API](https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs/query#queryrequest) - The call is not guaranteed to wait for the specified timeout; it - typically returns after around 200 seconds (200,000 milliseconds), - even if the query is not complete. The field will be ignored when - [output_config] is specified. - type: string - format: google-duration - readTimeWindow: - description: >- - Optional. [start_time] is required. [start_time] must be less than - [end_time] Defaults [end_time] to now if [start_time] is set and - [end_time] isn't. Maximum permitted time range is 7 days. - $ref: '#/components/schemas/TimeWindow' - readTime: - description: >- - Optional. Queries cloud assets as they appeared at the specified - point in time. - type: string - format: google-datetime - outputConfig: - description: >- - Optional. Destination where the query results will be saved. When - this field is specified, the query results won't be saved in the - [QueryAssetsResponse.query_result]. Instead - [QueryAssetsResponse.output_config] will be set. Meanwhile, - [QueryAssetsResponse.job_reference] will be set and can be used to - check the status of the query job when passed to a following - [QueryAssets] API call. - $ref: '#/components/schemas/QueryAssetsOutputConfig' - QueryAssetsOutputConfig: - id: QueryAssetsOutputConfig - description: Output configuration query assets. - type: object - properties: - bigqueryDestination: - description: BigQuery destination where the query results will be saved. - $ref: >- - #/components/schemas/GoogleCloudAssetV1QueryAssetsOutputConfigBigQueryDestination - GoogleCloudAssetV1QueryAssetsOutputConfigBigQueryDestination: - id: GoogleCloudAssetV1QueryAssetsOutputConfigBigQueryDestination - description: BigQuery destination. + $ref: '#/components/schemas/IamPolicyAnalysisState' + description: A list of non-critical errors happened during the query handling. + type: array type: object + description: An analysis message to group the query and results. + id: IamPolicyAnalysis + GcsDestination: properties: - dataset: - description: >- - Required. The BigQuery dataset where the query results will be - saved. It has the format of - "projects/{projectId}/datasets/{datasetId}". - type: string - table: + uri: description: >- - Required. The BigQuery table where the query results will be saved. - If this table does not exist, a new table with the given name will - be created. + The URI of the Cloud Storage object. It's the same URI that is used + by gsutil. Example: "gs://bucket_name/object_name". See [Viewing and + Editing Object + Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata) + for more information. If the specified Cloud Storage object already + exists and there is no + [hold](https://cloud.google.com/storage/docs/object-holds), it will + be overwritten with the exported result. type: string - writeDisposition: - description: >- - Specifies the action that occurs if the destination table or - partition already exists. The following values are supported: * - WRITE_TRUNCATE: If the table or partition already exists, BigQuery - overwrites the entire table or all the partitions data. * - WRITE_APPEND: If the table or partition already exists, BigQuery - appends the data to the table or the latest partition. * - WRITE_EMPTY: If the table already exists and contains data, a - 'duplicate' error is returned in the job result. The default value - is WRITE_EMPTY. + uriPrefix: type: string - QueryAssetsResponse: - id: QueryAssetsResponse - description: QueryAssets response. + description: >- + The URI prefix of all generated Cloud Storage objects. Example: + "gs://bucket_name/object_name_prefix". Each object URI is in format: + "gs://bucket_name/object_name_prefix// and only contains assets for + that type. starts from 0. Example: + "gs://bucket_name/object_name_prefix/compute.googleapis.com/Disk/0" + is the first shard of output objects containing all + compute.googleapis.com/Disk assets. An INVALID_ARGUMENT error will + be returned if file with the same name + "gs://bucket_name/object_name_prefix" already exists. + type: object + description: A Cloud Storage location. + id: GcsDestination + AuditConfig: type: object properties: - jobReference: - description: Reference to a query job. + service: type: string - done: - description: >- - The query response, which can be either an `error` or a valid - `response`. If `done` == `false` and the query result is being saved - in an output, the output_config field will be set. If `done` == - `true`, exactly one of `error`, `query_result` or `output_config` - will be set. [done] is unset unless the [QueryAssetsResponse] - contains a [QueryAssetsResponse.job_reference]. - type: boolean - error: - description: Error status. - $ref: '#/components/schemas/Status' - queryResult: - description: Result of the query. - $ref: '#/components/schemas/QueryResult' - outputConfig: description: >- - Output configuration, which indicates that instead of being returned - in an API response on the fly, the query result will be saved in a - specific output. - $ref: '#/components/schemas/QueryAssetsOutputConfig' - QueryResult: - id: QueryResult + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + auditLogConfigs: + description: The configuration for logging of each type of permission. + items: + $ref: '#/components/schemas/AuditLogConfig' + type: array description: >- - Execution results of the query. The result is formatted as rows - represented by BigQuery compatible [schema]. When pagination is - necessary, it will contains the page token to retrieve the results of - following pages. - type: object + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + id: AuditConfig + ZypperPatch: properties: - rows: - description: Each row hold a query result in the format of `Struct`. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. - schema: - description: Describes the format of the [rows]. - $ref: '#/components/schemas/TableSchema' - nextPageToken: - description: Token to retrieve the next page of the results. + patchName: + description: The name of the patch. type: string - totalRows: - description: Total rows of the whole query results. + summary: + description: Any summary information provided about this patch. + type: string + severity: + description: The severity specified for this patch + type: string + category: + description: The category of the patch. type: string - format: int64 - TableSchema: - id: TableSchema - description: BigQuery Compatible table schema. type: object - properties: - fields: - description: Describes the fields in a table. - type: array - items: - $ref: '#/components/schemas/TableFieldSchema' - TableFieldSchema: - id: TableFieldSchema - description: A field in TableSchema. + id: ZypperPatch + description: Details related to a Zypper Patch. + Item: + id: Item type: object + description: A single piece of inventory on a VM. properties: - field: - description: >- - The field name. The name must contain only letters (a-z, A-Z), - numbers (0-9), or underscores (_), and must start with a letter or - underscore. The maximum length is 128 characters. + originType: + description: The origin of this inventory item. + enumDescriptions: + - Invalid. An origin type must be specified. + - >- + This inventory item was discovered as the result of the agent + reporting inventory via the reporting API. + enum: + - ORIGIN_TYPE_UNSPECIFIED + - INVENTORY_REPORT type: string - type: - description: >- - The field data type. Possible values include * STRING * BYTES * - INTEGER * FLOAT * BOOLEAN * TIMESTAMP * DATE * TIME * DATETIME * - GEOGRAPHY, * NUMERIC, * BIGNUMERIC, * RECORD (where RECORD indicates - that the field contains a nested schema). + createTime: + format: google-datetime + description: When this inventory item was first detected. type: string - mode: - description: >- - The field mode. Possible values include NULLABLE, REQUIRED and - REPEATED. The default value is NULLABLE. + updateTime: + format: google-datetime type: string - fields: - description: >- - Describes the nested schema fields if the type property is set to - RECORD. - type: array - items: - $ref: '#/components/schemas/TableFieldSchema' - SavedQuery: - id: SavedQuery - description: A saved query which can be shared with others or used later. + description: When this inventory item was last modified. + id: + type: string + description: Identifier for this item, unique across items for this VM. + installedPackage: + $ref: '#/components/schemas/SoftwarePackage' + description: Software package present on the VM instance. + type: + enum: + - TYPE_UNSPECIFIED + - INSTALLED_PACKAGE + - AVAILABLE_PACKAGE + type: string + description: The specific type of inventory, correlating to its specific details. + enumDescriptions: + - Invalid. A type must be specified. + - This represents a package that is installed on the VM. + - This represents an update that is available for a package. + availablePackage: + description: Software package available to be installed on the VM instance. + $ref: '#/components/schemas/SoftwarePackage' + ConditionContext: + description: The IAM conditions context. type: object + id: ConditionContext properties: - name: - description: >- - The resource name of the saved query. The format must be: * - projects/project_number/savedQueries/saved_query_id * - folders/folder_number/savedQueries/saved_query_id * - organizations/organization_number/savedQueries/saved_query_id + accessTime: type: string - description: description: >- - The description of this saved query. This value should be fewer than - 255 characters. - type: string - createTime: - description: Output only. The create time of this saved query. - readOnly: true - type: string + The hypothetical access timestamp to evaluate IAM conditions. Note + that this value must not be earlier than the current time; + otherwise, an INVALID_ARGUMENT error will be returned. format: google-datetime - creator: + ResourceSearchResult: + properties: + relationships: + type: object + additionalProperties: + $ref: '#/components/schemas/RelatedResources' description: >- - Output only. The account's email address who has created this saved - query. - readOnly: true + A map of related resources of this resource, keyed by the + relationship type. A relationship type is in the format of + {SourceType}_{ACTION}_{DestType}. Example: `DISK_TO_INSTANCE`, + `DISK_TO_NETWORK`, `INSTANCE_TO_INSTANCEGROUP`. See [supported + relationship + types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#supported_relationship_types). + state: + description: >- + The state of this resource. Different resources types have different + state definitions that are mapped from various fields of different + resource types. This field is available only when the resource's + Protobuf contains it. Example: If the resource is an instance + provided by Compute Engine, its state will include PROVISIONING, + STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and + TERMINATED. See `status` definition in [API + Reference](https://cloud.google.com/compute/docs/reference/rest/v1/instances). + If the resource is a project provided by Resource Manager, its state + will include LIFECYCLE_STATE_UNSPECIFIED, ACTIVE, DELETE_REQUESTED + and DELETE_IN_PROGRESS. See `lifecycleState` definition in [API + Reference](https://cloud.google.com/resource-manager/reference/rest/v1/projects). + To search against the `state`: * Use a field query. Example: + `state:RUNNING` * Use a free text query. Example: `RUNNING` type: string - lastUpdateTime: - description: Output only. The last update time of this saved query. - readOnly: true + folders: + items: + type: string + description: >- + The folder(s) that this resource belongs to, in the form of + folders/{FOLDER_NUMBER}. This field is available when the resource + belongs to one or more folders. To search against `folders`: * Use a + field query. Example: `folders:(123 OR 456)` * Use a free text + query. Example: `123` * Specify the `scope` field as this folder in + your search request. + type: array + updateTime: type: string format: google-datetime - lastUpdater: description: >- - Output only. The account's email address who has updated this saved - query most recently. - readOnly: true - type: string - labels: + The last update timestamp of this resource, at which the resource + was last modified or deleted. The granularity is in seconds. + Timestamp.nanos will always be 0. This field is available only when + the resource's Protobuf contains it. To search against + `update_time`: * Use a field query. - value in seconds since unix + epoch. Example: `updateTime < 1609459200` - value in date string. + Example: `updateTime < 2021-01-01` - value in date-time string (must + be quoted). Example: `updateTime < "2021-01-01T00:00:00"` + description: description: >- - Labels applied on the resource. This value should not contain more - than 10 entries. The key and value of each entry must be non-empty - and fewer than 64 characters. - type: object - additionalProperties: + One or more paragraphs of text description of this resource. Maximum + length could be up to 1M bytes. This field is available only when + the resource's Protobuf contains it. To search against the + `description`: * Use a field query. Example: `description:"important + instance"` * Use a free text query. Example: `"important instance"` + type: string + networkTags: + items: type: string - content: - description: The query content. - $ref: '#/components/schemas/QueryContent' - QueryContent: - id: QueryContent - description: The query content. - type: object - properties: - iamPolicyAnalysisQuery: + type: array description: >- - An IAM Policy Analysis query, which could be used in the - AssetService.AnalyzeIamPolicy RPC or the - AssetService.AnalyzeIamPolicyLongrunning RPC. - $ref: '#/components/schemas/IamPolicyAnalysisQuery' - ListSavedQueriesResponse: - id: ListSavedQueriesResponse - description: Response of listing saved queries. - type: object - properties: - savedQueries: - description: A list of savedQueries. + Network tags associated with this resource. Like labels, network + tags are a type of annotations used to group Google Cloud resources. + See [Labelling Google Cloud + resources](https://cloud.google.com/blog/products/gcp/labelling-and-grouping-your-google-cloud-platform-resources) + for more information. This field is available only when the + resource's Protobuf contains it. To search against the + `network_tags`: * Use a field query. Example: `networkTags:internal` + * Use a free text query. Example: `internal` + attachedResources: type: array - items: - $ref: '#/components/schemas/SavedQuery' - nextPageToken: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Attached resources of this resource. For example, an OSConfig + Inventory is an attached resource of a Compute Instance. This field + is repeated because a resource could have multiple attached + resources. This `attached_resources` field is not searchable. Some + attributes of the attached resources are exposed in + `additional_attributes` field, so as to allow users to search on + them. + items: + $ref: '#/components/schemas/AttachedResource' + kmsKey: type: string - BatchGetEffectiveIamPoliciesResponse: - id: BatchGetEffectiveIamPoliciesResponse - description: A response message for AssetService.BatchGetEffectiveIamPolicies. - type: object - properties: - policyResults: description: >- - The effective policies for a batch of resources. Note that the - results order is the same as the order of - BatchGetEffectiveIamPoliciesRequest.names. When a resource does not - have any effective IAM policies, its corresponding policy_result - will contain empty EffectiveIamPolicy.policies. - type: array + The Cloud KMS + [CryptoKey](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys) + name or + [CryptoKeyVersion](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions) + name. This field only presents for the purpose of backward + compatibility. Use the `kms_keys` field to retrieve Cloud KMS key + information. This field is available only when the resource's + Protobuf contains it and will only be populated for [these resource + types](https://cloud.google.com/asset-inventory/docs/legacy-field-names#resource_types_with_the_to_be_deprecated_kmskey_field) + for backward compatible purposes. To search against the `kms_key`: * + Use a field query. Example: `kmsKey:key` * Use a free text query. + Example: `key` + deprecated: true + versionedResources: items: - $ref: '#/components/schemas/EffectiveIamPolicy' - EffectiveIamPolicy: - id: EffectiveIamPolicy - description: The effective IAM policies on one resource. - type: object - properties: - fullResourceName: + $ref: '#/components/schemas/VersionedResource' description: >- - The [full_resource_name] - (https://cloud.google.com/asset-inventory/docs/resource-name-format) - for which the policies are computed. This is one of the - BatchGetEffectiveIamPoliciesRequest.names the caller provides in the - request. + Versioned resource representations of this resource. This is + repeated because there could be multiple versions of resource + representations during version migration. This `versioned_resources` + field is not searchable. Some attributes of the resource + representations are exposed in `additional_attributes` field, so as + to allow users to search on them. + type: array + location: type: string - policies: description: >- - The effective policies for the full_resource_name. These policies - include the policy set on the full_resource_name and those set on - its parents and ancestors up to the - BatchGetEffectiveIamPoliciesRequest.scope. Note that these policies - are not filtered according to the resource type of the - full_resource_name. These policies are hierarchically ordered by - PolicyInfo.attached_resource starting from full_resource_name itself - to its parents and ancestors, such that policies[i]'s - PolicyInfo.attached_resource is the child of policies[i+1]'s - PolicyInfo.attached_resource, if policies[i+1] exists. + Location can be `global`, regional like `us-east1`, or zonal like + `us-west1-b`. This field is available only when the resource's + Protobuf contains it. To search against the `location`: * Use a + field query. Example: `location:us-west*` * Use a free text query. + Example: `us-west*` + parentAssetType: + type: string + description: >- + The type of this resource's immediate parent, if there is one. To + search against the `parent_asset_type`: * Use a field query. + Example: + `parentAssetType:"cloudresourcemanager.googleapis.com/Project"` * + Use a free text query. Example: + `cloudresourcemanager.googleapis.com/Project` + tagValueIds: + deprecated: true + items: + type: string + description: >- + This field is only present for the purpose of backward + compatibility. Use the `tags` field instead. TagValue IDs, in the + format of tagValues/{TAG_VALUE_ID}. To search against the + `tagValueIds`: * Use a field query. Example: - + `tagValueIds="tagValues/456"` * Use a free text query. Example: - + `456` + type: array + enrichments: + description: >- + Enrichments of the asset. Currently supported enrichment types with + SearchAllResources API: * RESOURCE_OWNERS The corresponding read + masks in order to get the enrichment: * enrichments.resource_owners + The corresponding required permissions: * + cloudasset.assets.searchEnrichmentResourceOwners Example query to + get resource owner enrichment: ``` scope: "projects/my-project" + query: "name: my-project" assetTypes: + "cloudresourcemanager.googleapis.com/Project" readMask: { paths: + "asset_type" paths: "name" paths: "enrichments.resource_owners" } + ``` type: array items: - $ref: '#/components/schemas/PolicyInfo' - PolicyInfo: - id: PolicyInfo - description: The IAM policy and its attached resource. - type: object - properties: - attachedResource: - description: The full resource name the policy is directly attached to. - type: string - policy: - description: The IAM policy that's directly attached to the attached_resource. - $ref: '#/components/schemas/Policy' - AnalyzeOrgPoliciesResponse: - id: AnalyzeOrgPoliciesResponse - description: The response message for AssetService.AnalyzeOrgPolicies. - type: object - properties: - orgPolicyResults: + $ref: '#/components/schemas/AssetEnrichment' + tags: description: >- - The organization policies under the AnalyzeOrgPoliciesRequest.scope - with the AnalyzeOrgPoliciesRequest.constraint. + The tags directly attached to this resource. To search against the + `tags`: * Use a field query. Example: - `tagKeys:"123456789/env*"` - + `tagKeys="123456789/env"` - `tagKeys:"env"` - + `tagKeyIds="tagKeys/123"` - `tagValues:"env"` - + `tagValues:"env/prod"` - `tagValues:"123456789/env/prod*"` - + `tagValues="123456789/env/prod"` - `tagValueIds="tagValues/456"` * + Use a free text query. Example: - `env/prod` type: array items: - $ref: '#/components/schemas/OrgPolicyResult' - constraint: - description: The definition of the constraint in the request. - $ref: '#/components/schemas/AnalyzerOrgPolicyConstraint' - nextPageToken: + $ref: '#/components/schemas/Tag' + labels: description: >- - The page token to fetch the next page for - AnalyzeOrgPoliciesResponse.org_policy_results. - type: string - OrgPolicyResult: - id: OrgPolicyResult - description: The organization policy result to the query. - type: object - properties: - consolidatedPolicy: + User labels associated with this resource. See [Labelling and + grouping Google Cloud + resources](https://cloud.google.com/blog/products/gcp/labelling-and-grouping-your-google-cloud-platform-resources) + for more information. This field is available only when the + resource's Protobuf contains it. To search against the `labels`: * + Use a field query: - query on any label's key or value. Example: + `labels:prod` - query by a given label. Example: `labels.env:prod` - + query by a given label's existence. Example: `labels.env:*` * Use a + free text query. Example: `prod` + additionalProperties: + type: string + type: object + displayName: description: >- - The consolidated organization policy for the analyzed resource. The - consolidated organization policy is computed by merging and - evaluating policy_bundle. The evaluation will respect the - organization policy [hierarchy - rules](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-hierarchy). - $ref: '#/components/schemas/AnalyzerOrgPolicy' - policyBundle: + The display name of this resource. This field is available only when + the resource's Protobuf contains it. To search against the + `display_name`: * Use a field query. Example: `displayName:"My + Instance"` * Use a free text query. Example: `"My Instance"` + type: string + effectiveTags: description: >- - The ordered list of all organization policies from the - consolidated_policy.attached_resource. to the scope specified in the - request. If the constraint is defined with default policy, it will - also appear in the list. + The effective tags on this resource. All of the tags that are both + attached to and inherited by a resource are collectively called the + effective tags. For more information, see [tag + inheritance](https://cloud.google.com/resource-manager/docs/tags/tags-overview#inheritance). + To search against the `effective_tags`: * Use a field query. + Example: - `effectiveTagKeys:"123456789/env*"` - + `effectiveTagKeys="123456789/env"` - `effectiveTagKeys:"env"` - + `effectiveTagKeyIds="tagKeys/123"` - `effectiveTagValues:"env"` - + `effectiveTagValues:"env/prod"` - + `effectiveTagValues:"123456789/env/prod*"` - + `effectiveTagValues="123456789/env/prod"` - + `effectiveTagValueIds="tagValues/456"` type: array items: - $ref: '#/components/schemas/AnalyzerOrgPolicy' - project: - description: >- - The project that this consolidated policy belongs to, in the format - of projects/{PROJECT_NUMBER}. This field is available when the - consolidated policy belongs to a project. - type: string - folders: - description: >- - The folder(s) that this consolidated policy belongs to, in the - format of folders/{FOLDER_NUMBER}. This field is available when the - consolidated policy belongs (directly or cascadingly) to one or more - folders. + $ref: '#/components/schemas/EffectiveTagDetails' + tagKeys: + deprecated: true type: array + description: >- + This field is only present for the purpose of backward + compatibility. Use the `tags` field instead. TagKey namespaced + names, in the format of {ORG_ID}/{TAG_KEY_SHORT_NAME}. To search + against the `tagKeys`: * Use a field query. Example: - + `tagKeys:"123456789/env*"` - `tagKeys="123456789/env"` - + `tagKeys:"env"` * Use a free text query. Example: - `env` items: type: string - organization: - description: >- - The organization that this consolidated policy belongs to, in the - format of organizations/{ORGANIZATION_NUMBER}. This field is - available when the consolidated policy belongs (directly or - cascadingly) to an organization. - type: string - AnalyzerOrgPolicy: - id: AnalyzerOrgPolicy - description: >- - This organization policy message is a modified version of the one - defined in the Organization Policy system. This message contains several - fields defined in the original organization policy with some new fields - for analysis purpose. - type: object - properties: - attachedResource: + assetType: description: >- - The [full resource name] - (https://cloud.google.com/asset-inventory/docs/resource-name-format) - of an organization/folder/project resource where this organization - policy is set. Notice that some type of constraints are defined with - default policy. This field will be empty for them. + The type of this resource. Example: `compute.googleapis.com/Disk`. + To search against the `asset_type`: * Specify the `asset_type` field + in your search request. type: string - appliedResource: + project: description: >- - The [full resource name] - (https://cloud.google.com/asset-inventory/docs/resource-name-format) - of an organization/folder/project resource where this organization - policy applies to. For any user defined org policies, this field has - the same value as the [attached_resource] field. Only for default - policy, this field has the different value. + The project that this resource belongs to, in the form of + projects/{PROJECT_NUMBER}. This field is available when the resource + belongs to a project. To search against `project`: * Use a field + query. Example: `project:12345` * Use a free text query. Example: + `12345` * Specify the `scope` field as this project in your search + request. type: string - rules: - description: List of rules for this organization policy. + tagValues: + deprecated: true type: array - items: - $ref: '#/components/schemas/GoogleCloudAssetV1Rule' - inheritFromParent: - description: >- - If `inherit_from_parent` is true, Rules set higher up in the - hierarchy (up to the closest root) are inherited and present in the - effective policy. If it is false, then no rules are inherited, and - this policy becomes the effective root for evaluation. - type: boolean - reset: - description: >- - Ignores policies set above this resource and restores the default - behavior of the constraint at this resource. This field can be set - in policies for either list or boolean constraints. If set, `rules` - must be empty and `inherit_from_parent` must be set to false. - type: boolean - GoogleCloudAssetV1Rule: - id: GoogleCloudAssetV1Rule - description: >- - This rule message is a customized version of the one defined in the - Organization Policy system. In addition to the fields defined in the - original organization policy, it contains additional field(s) under - specific circumstances to support analysis results. - type: object - properties: - values: description: >- - List of values to be used for this policy rule. This field can be - set only in policies for list constraints. - $ref: '#/components/schemas/GoogleCloudAssetV1StringValues' - allowAll: + This field is only present for the purpose of backward + compatibility. Use the `tags` field instead. TagValue namespaced + names, in the format of + {ORG_ID}/{TAG_KEY_SHORT_NAME}/{TAG_VALUE_SHORT_NAME}. To search + against the `tagValues`: * Use a field query. Example: - + `tagValues:"env"` - `tagValues:"env/prod"` - + `tagValues:"123456789/env/prod*"` - `tagValues="123456789/env/prod"` + * Use a free text query. Example: - `prod` + items: + type: string + parentFullResourceName: + type: string description: >- - Setting this to true means that all values are allowed. This field - can be set only in Policies for list constraints. - type: boolean - denyAll: + The full resource name of this resource's parent, if it has one. To + search against the `parent_full_resource_name`: * Use a field query. + Example: `parentFullResourceName:"project-name"` * Use a free text + query. Example: `project-name` + organization: description: >- - Setting this to true means that all values are denied. This field - can be set only in Policies for list constraints. - type: boolean - enforce: + The organization that this resource belongs to, in the form of + organizations/{ORGANIZATION_NUMBER}. This field is available when + the resource belongs to an organization. To search against + `organization`: * Use a field query. Example: `organization:123` * + Use a free text query. Example: `123` * Specify the `scope` field as + this organization in your search request. + type: string + name: description: >- - If `true`, then the `Policy` is enforced. If `false`, then any - configuration is acceptable. This field can be set only in Policies - for boolean constraints. - type: boolean - condition: - description: The evaluating condition for this rule. - $ref: '#/components/schemas/Expr' - conditionEvaluation: + The full resource name of this resource. Example: + `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. + See [Cloud Asset Inventory Resource Name + Format](https://cloud.google.com/asset-inventory/docs/resource-name-format) + for more information. To search against the `name`: * Use a field + query. Example: `name:instance1` * Use a free text query. Example: + `instance1` + type: string + sccSecurityMarks: description: >- - The condition evaluation result for this rule. Only populated if it - meets all the following criteria: * There is a condition defined for - this rule. * This rule is within - AnalyzeOrgPolicyGovernedContainersResponse.GovernedContainer.consolidated_policy, - or - AnalyzeOrgPolicyGovernedAssetsResponse.GovernedAsset.consolidated_policy - when the AnalyzeOrgPolicyGovernedAssetsResponse.GovernedAsset has - AnalyzeOrgPolicyGovernedAssetsResponse.GovernedAsset.governed_resource. - $ref: '#/components/schemas/ConditionEvaluation' - GoogleCloudAssetV1StringValues: - id: GoogleCloudAssetV1StringValues - description: The string values for the list constraints. - type: object - properties: - allowedValues: - description: List of values allowed at this resource. - type: array - items: + The actual content of Security Command Center security marks + associated with the asset. To search against SCC SecurityMarks + field: * Use a field query: - query by a given key value pair. + Example: `sccSecurityMarks.foo=bar` - query by a given key's + existence. Example: `sccSecurityMarks.foo:*` + type: object + additionalProperties: type: string - deniedValues: - description: List of values denied at this resource. + kmsKeys: type: array items: type: string - AnalyzerOrgPolicyConstraint: - id: AnalyzerOrgPolicyConstraint - description: The organization policy constraint definition. - type: object - properties: - googleDefinedConstraint: - description: The definition of the canned constraint defined by Google. - $ref: '#/components/schemas/GoogleCloudAssetV1Constraint' - customConstraint: - description: The definition of the custom constraint. - $ref: '#/components/schemas/GoogleCloudAssetV1CustomConstraint' - GoogleCloudAssetV1Constraint: - id: GoogleCloudAssetV1Constraint - description: The definition of a constraint. - type: object - properties: - name: - description: >- - The unique name of the constraint. Format of the name should be * - `constraints/{constraint_name}` For example, - `constraints/compute.disableSerialPortAccess`. - type: string - displayName: - description: The human readable name of the constraint. - type: string - description: description: >- - Detailed description of what this `Constraint` controls as well as - how and where it is enforced. - type: string - constraintDefault: + The Cloud KMS + [CryptoKey](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys) + names or + [CryptoKeyVersion](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions) + names. This field is available only when the resource's Protobuf + contains it. To search against the `kms_keys`: * Use a field query. + Example: `kmsKeys:key` * Use a free text query. Example: `key` + additionalAttributes: + additionalProperties: + description: Properties of the object. + type: any description: >- - The evaluation behavior of this constraint in the absence of - 'Policy'. - type: string - enumDescriptions: - - >- - This is only used for distinguishing unset values and should never - be used. - - >- - Indicate that all values are allowed for list constraints. - Indicate that enforcement is off for boolean constraints. - - >- - Indicate that all values are denied for list constraints. Indicate - that enforcement is on for boolean constraints. - enum: - - CONSTRAINT_DEFAULT_UNSPECIFIED - - ALLOW - - DENY - listConstraint: - description: Defines this constraint as being a ListConstraint. - $ref: '#/components/schemas/GoogleCloudAssetV1ListConstraint' - booleanConstraint: - description: Defines this constraint as being a BooleanConstraint. - $ref: '#/components/schemas/GoogleCloudAssetV1BooleanConstraint' - GoogleCloudAssetV1ListConstraint: - id: GoogleCloudAssetV1ListConstraint - description: >- - A `Constraint` that allows or disallows a list of string values, which - are configured by an organization's policy administrator with a - `Policy`. + The additional searchable attributes of this resource. The + attributes may vary from one resource type to another. Examples: + `projectId` for Project, `dnsName` for DNS ManagedZone. This field + contains a subset of the resource metadata fields that are returned + by the List or Get APIs provided by the corresponding Google Cloud + service (e.g., Compute Engine). see [API references and supported + searchable + attributes](https://cloud.google.com/asset-inventory/docs/supported-asset-types) + to see which fields are included. You can search values of these + fields through free text search. However, you should not consume the + field programically as the field names and values may change as the + Google Cloud service updates to a new incompatible API version. To + search against the `additional_attributes`: * Use a free text query + to match the attributes values. Example: to search + `additional_attributes = { dnsName: "foobar" }`, you can issue a + query `foobar`. + type: object + createTime: + description: >- + The create timestamp of this resource, at which the resource was + created. The granularity is in seconds. Timestamp.nanos will always + be 0. This field is available only when the resource's Protobuf + contains it. To search against `create_time`: * Use a field query. - + value in seconds since unix epoch. Example: `createTime > + 1609459200` - value in date string. Example: `createTime > + 2021-01-01` - value in date-time string (must be quoted). Example: + `createTime > "2021-01-01T00:00:00"` + format: google-datetime + type: string + id: ResourceSearchResult + description: A result of Resource Search, containing information of a cloud resource. + type: object + GoogleCloudAssetV1Rule: type: object + description: >- + This rule message is a customized version of the one defined in the + Organization Policy system. In addition to the fields defined in the + original organization policy, it contains additional field(s) under + specific circumstances to support analysis results. + id: GoogleCloudAssetV1Rule properties: - supportsIn: + condition: + $ref: '#/components/schemas/Expr' + description: The evaluating condition for this rule. + values: + $ref: '#/components/schemas/GoogleCloudAssetV1StringValues' description: >- - Indicates whether values grouped into categories can be used in - `Policy.allowed_values` and `Policy.denied_values`. For example, - `"in:Python"` would match any value in the 'Python' group. + List of values to be used for this policy rule. This field can be + set only in policies for list constraints. + denyAll: + description: >- + Setting this to true means that all values are denied. This field + can be set only in Policies for list constraints. type: boolean - supportsUnder: + enforce: description: >- - Indicates whether subtrees of Cloud Resource Manager resource - hierarchy can be used in `Policy.allowed_values` and - `Policy.denied_values`. For example, `"under:folders/123"` would - match any resource under the 'folders/123' folder. + If `true`, then the `Policy` is enforced. If `false`, then any + configuration is acceptable. This field can be set only in Policies + for boolean constraints. type: boolean - GoogleCloudAssetV1BooleanConstraint: - id: GoogleCloudAssetV1BooleanConstraint - description: >- - A `Constraint` that is either enforced or not. For example a constraint - `constraints/compute.disableSerialPortAccess`. If it is enforced on a VM - instance, serial port connections will not be opened to that instance. - type: object - properties: {} - GoogleCloudAssetV1CustomConstraint: - id: GoogleCloudAssetV1CustomConstraint - description: The definition of a custom constraint. - type: object - properties: - name: + allowAll: description: >- - Name of the constraint. This is unique within the organization. - Format of the name should be * - `organizations/{organization_id}/customConstraints/{custom_constraint_id}` - Example : - "organizations/123/customConstraints/custom.createOnlyE2TypeVms" - type: string - resourceTypes: + Setting this to true means that all values are allowed. This field + can be set only in Policies for list constraints. + type: boolean + conditionEvaluation: + $ref: '#/components/schemas/ConditionEvaluation' description: >- - The Resource Instance type on which this policy applies to. Format - will be of the form : "/" Example: * - `compute.googleapis.com/Instance`. - type: array + The condition evaluation result for this rule. Only populated if it + meets all the following criteria: * There is a condition defined for + this rule. * This rule is within + AnalyzeOrgPolicyGovernedContainersResponse.GovernedContainer.consolidated_policy, + or + AnalyzeOrgPolicyGovernedAssetsResponse.GovernedAsset.consolidated_policy + when the AnalyzeOrgPolicyGovernedAssetsResponse.GovernedAsset has + AnalyzeOrgPolicyGovernedAssetsResponse.GovernedAsset.governed_resource. + QueryResult: + type: object + description: >- + Execution results of the query. The result is formatted as rows + represented by BigQuery compatible [schema]. When pagination is + necessary, it will contains the page token to retrieve the results of + following pages. + id: QueryResult + properties: + rows: items: - type: string - methodTypes: - description: All the operations being applied for this constraint. + type: object + additionalProperties: + description: Properties of the object. + type: any type: array - items: - type: string - enumDescriptions: - - Unspecified. Will results in user error. - - Constraint applied when creating the resource. - - Constraint applied when updating the resource. - - Constraint applied when deleting the resource. - - Constraint applied when removing an IAM grant. - - Constraint applied when enforcing forced tagging. - enum: - - METHOD_TYPE_UNSPECIFIED - - CREATE - - UPDATE - - DELETE - - REMOVE_GRANT - - GOVERN_TAGS - condition: - description: >- - Organization Policy condition/expression. For example: - `resource.instanceName.matches("[production|test]_.*_(\d)+")'` or, - `resource.management.auto_upgrade == true` - type: string - actionType: - description: Allow or deny type. - type: string - enumDescriptions: - - Unspecified. Will results in user error. - - Allowed action type. - - Deny action type. - enum: - - ACTION_TYPE_UNSPECIFIED - - ALLOW - - DENY - displayName: - description: One line display name for the UI. + description: Each row hold a query result in the format of `Struct`. + totalRows: type: string - description: - description: Detailed information about this custom policy constraint. + format: int64 + description: Total rows of the whole query results. + nextPageToken: + description: Token to retrieve the next page of the results. type: string - AnalyzeOrgPolicyGovernedContainersResponse: - id: AnalyzeOrgPolicyGovernedContainersResponse - description: >- - The response message for - AssetService.AnalyzeOrgPolicyGovernedContainers. + schema: + description: Describes the format of the [rows]. + $ref: '#/components/schemas/TableSchema' + BatchGetAssetsHistoryResponse: type: object + id: BatchGetAssetsHistoryResponse + description: Batch get assets history response. properties: - governedContainers: - description: The list of the analyzed governed containers. - type: array + assets: + description: A list of assets with valid time windows. items: - $ref: '#/components/schemas/GoogleCloudAssetV1GovernedContainer' - constraint: - description: The definition of the constraint in the request. - $ref: '#/components/schemas/AnalyzerOrgPolicyConstraint' - nextPageToken: - description: >- - The page token to fetch the next page for - AnalyzeOrgPolicyGovernedContainersResponse.governed_containers. - type: string - GoogleCloudAssetV1GovernedContainer: - id: GoogleCloudAssetV1GovernedContainer - description: >- - The organization/folder/project resource governed by organization - policies of AnalyzeOrgPolicyGovernedContainersRequest.constraint. - type: object + $ref: '#/components/schemas/TemporalAsset' + type: array + GoogleCloudOrgpolicyV1BooleanPolicy: properties: - fullResourceName: - description: >- - The [full resource name] - (https://cloud.google.com/asset-inventory/docs/resource-name-format) - of an organization/folder/project resource. - type: string - parent: - description: >- - The [full resource name] - (https://cloud.google.com/asset-inventory/docs/resource-name-format) - of the parent of - AnalyzeOrgPolicyGovernedContainersResponse.GovernedContainer.full_resource_name. - type: string - consolidatedPolicy: - description: >- - The consolidated organization policy for the analyzed resource. The - consolidated organization policy is computed by merging and - evaluating - AnalyzeOrgPolicyGovernedContainersResponse.GovernedContainer.policy_bundle. - The evaluation will respect the organization policy [hierarchy - rules](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-hierarchy). - $ref: '#/components/schemas/AnalyzerOrgPolicy' - policyBundle: + enforced: description: >- - The ordered list of all organization policies from the - consolidated_policy.attached_resource. to the scope specified in the - request. If the constraint is defined with default policy, it will - also appear in the list. - type: array - items: - $ref: '#/components/schemas/AnalyzerOrgPolicy' - project: + If `true`, then the `Policy` is enforced. If `false`, then any + configuration is acceptable. Suppose you have a `Constraint` + `constraints/compute.disableSerialPortAccess` with + `constraint_default` set to `ALLOW`. A `Policy` for that + `Constraint` exhibits the following behavior: - If the `Policy` at + this resource has enforced set to `false`, serial port connection + attempts will be allowed. - If the `Policy` at this resource has + enforced set to `true`, serial port connection attempts will be + refused. - If the `Policy` at this resource is `RestoreDefault`, + serial port connection attempts will be allowed. - If no `Policy` is + set at this resource or anywhere higher in the resource hierarchy, + serial port connection attempts will be allowed. - If no `Policy` is + set at this resource, but one exists higher in the resource + hierarchy, the behavior is as if the`Policy` were set at this + resource. The following examples demonstrate the different possible + layerings: Example 1 (nearest `Constraint` wins): + `organizations/foo` has a `Policy` with: {enforced: false} + `projects/bar` has no `Policy` set. The constraint at `projects/bar` + and `organizations/foo` will not be enforced. Example 2 (enforcement + gets replaced): `organizations/foo` has a `Policy` with: {enforced: + false} `projects/bar` has a `Policy` with: {enforced: true} The + constraint at `organizations/foo` is not enforced. The constraint at + `projects/bar` is enforced. Example 3 (RestoreDefault): + `organizations/foo` has a `Policy` with: {enforced: true} + `projects/bar` has a `Policy` with: {RestoreDefault: {}} The + constraint at `organizations/foo` is enforced. The constraint at + `projects/bar` is not enforced, because `constraint_default` for the + `Constraint` is `ALLOW`. + type: boolean + type: object + id: GoogleCloudOrgpolicyV1BooleanPolicy + description: >- + Used in `policy_type` to specify how `boolean_policy` will behave at + this resource. + IdentitySelector: + description: >- + Specifies an identity for which to determine resource access, based on + roles assigned either directly to them or to the groups they belong to, + directly or indirectly. + id: IdentitySelector + type: object + properties: + identity: description: >- - The project that this resource belongs to, in the format of - projects/{PROJECT_NUMBER}. This field is available when the resource - belongs to a project. + Required. The identity appear in the form of principals in [IAM + policy + binding](https://cloud.google.com/iam/reference/rest/v1/Binding). + The examples of supported forms are: "user:mike@example.com", + "group:admins@example.com", "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com". Notice + that wildcard characters (such as * and ?) are not supported. You + must give a specific identity. type: string - folders: - description: >- - The folder(s) that this resource belongs to, in the format of - folders/{FOLDER_NUMBER}. This field is available when the resource - belongs (directly or cascadingly) to one or more folders. + GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig: + properties: + egressPolicies: + items: + $ref: >- + #/components/schemas/GoogleIdentityAccesscontextmanagerV1EgressPolicy type: array + description: >- + List of EgressPolicies to apply to the perimeter. A perimeter may + have multiple EgressPolicies, each of which is evaluated separately. + Access is granted if any EgressPolicy grants it. Must be empty for a + perimeter bridge. + vpcAccessibleServices: + description: Configuration for APIs allowed within Perimeter. + $ref: >- + #/components/schemas/GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices + restrictedServices: items: type: string - organization: + type: array description: >- - The organization that this resource belongs to, in the format of - organizations/{ORGANIZATION_NUMBER}. This field is available when - the resource belongs (directly or cascadingly) to an organization. - type: string - effectiveTags: - description: The effective tags on this resource. + Google Cloud services that are subject to the Service Perimeter + restrictions. For example, if `storage.googleapis.com` is specified, + access to the storage buckets inside the perimeter must meet the + perimeter's access restrictions. + resources: type: array + description: >- + A list of Google Cloud resources that are inside of the service + perimeter. Currently only projects and VPCs are allowed. Project + format: `projects/{project_number}` VPC network format: + `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. items: - $ref: '#/components/schemas/EffectiveTagDetails' - AnalyzeOrgPolicyGovernedAssetsResponse: - id: AnalyzeOrgPolicyGovernedAssetsResponse - description: The response message for AssetService.AnalyzeOrgPolicyGovernedAssets. - type: object - properties: - governedAssets: - description: The list of the analyzed governed assets. + type: string + accessLevels: + items: + type: string + description: >- + A list of `AccessLevel` resource names that allow resources within + the `ServicePerimeter` to be accessed from the internet. + `AccessLevels` listed must be in the same policy as this + `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a + syntax error. If no `AccessLevel` names are listed, resources within + the perimeter can only be accessed via Google Cloud calls with + request origins within the perimeter. Example: + `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`. For Service + Perimeter Bridge, must be empty. type: array + ingressPolicies: items: $ref: >- - #/components/schemas/GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedAsset - constraint: - description: The definition of the constraint in the request. - $ref: '#/components/schemas/AnalyzerOrgPolicyConstraint' - nextPageToken: + #/components/schemas/GoogleIdentityAccesscontextmanagerV1IngressPolicy description: >- - The page token to fetch the next page for - AnalyzeOrgPolicyGovernedAssetsResponse.governed_assets. - type: string - GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedAsset: - id: GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedAsset + List of IngressPolicies to apply to the perimeter. A perimeter may + have multiple IngressPolicies, each of which is evaluated + separately. Access is granted if any Ingress Policy grants it. Must + be empty for a perimeter bridge. + type: array description: >- - Represents a Google Cloud asset(resource or IAM policy) governed by the - organization policies of the - AnalyzeOrgPolicyGovernedAssetsRequest.constraint. + `ServicePerimeterConfig` specifies a set of Google Cloud resources that + describe specific Service Perimeter configuration. + id: GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig type: object + GoogleIdentityAccesscontextmanagerV1Condition: + description: >- + A condition necessary for an `AccessLevel` to be granted. The Condition + is an AND over its fields. So a Condition is true if: 1) the request IP + is from one of the listed subnetworks AND 2) the originating device + complies with the listed device policy AND 3) all listed access levels + are granted AND 4) the request was sent at a time allowed by the + DateTimeRestriction. + id: GoogleIdentityAccesscontextmanagerV1Condition properties: - governedResource: + ipSubnetworks: description: >- - A Google Cloud resource governed by the organization policies of the - AnalyzeOrgPolicyGovernedAssetsRequest.constraint. - $ref: >- - #/components/schemas/GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedResource - governedIamPolicy: + CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note + that for a CIDR IP address block, the specified IP address portion + must be properly truncated (i.e. all the host bits must be zero) or + the input is considered malformed. For example, "192.0.2.0/24" is + accepted but "192.0.2.1/24" is not. Similarly, for IPv6, + "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The + originating IP of a request must be in one of the listed subnets in + order for this Condition to be true. If empty, all IP addresses are + allowed. + type: array + items: + type: string + requiredAccessLevels: + type: array + items: + type: string description: >- - An IAM policy governed by the organization policies of the - AnalyzeOrgPolicyGovernedAssetsRequest.constraint. + A list of other access levels defined in the same `Policy`, + referenced by resource name. Referencing an `AccessLevel` which does + not exist is an error. All access levels listed must be granted for + the Condition to be true. Example: + "`accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"` + devicePolicy: + description: >- + Device specific restrictions, all restrictions must hold for the + Condition to be true. If not specified, all devices are allowed. $ref: >- - #/components/schemas/GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedIamPolicy - consolidatedPolicy: + #/components/schemas/GoogleIdentityAccesscontextmanagerV1DevicePolicy + regions: + items: + type: string + type: array description: >- - The consolidated policy for the analyzed asset. The consolidated - policy is computed by merging and evaluating - AnalyzeOrgPolicyGovernedAssetsResponse.GovernedAsset.policy_bundle. - The evaluation will respect the organization policy [hierarchy - rules](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-hierarchy). - $ref: '#/components/schemas/AnalyzerOrgPolicy' - policyBundle: + The request must originate from one of the provided + countries/regions. Must be valid ISO 3166-1 alpha-2 codes. + negate: description: >- - The ordered list of all organization policies from the - consolidated_policy.attached_resource to the scope specified in the - request. If the constraint is defined with default policy, it will - also appear in the list. + Whether to negate the Condition. If true, the Condition becomes a + NAND over its non-empty fields. Any non-empty field criteria + evaluating to false will result in the Condition to be satisfied. + Defaults to false. + type: boolean + vpcNetworkSources: type: array + description: >- + The request must originate from one of the provided VPC networks in + Google Cloud. Cannot specify this field together with + `ip_subnetworks`. items: - $ref: '#/components/schemas/AnalyzerOrgPolicy' - GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedResource: - id: GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedResource - description: >- - The Google Cloud resources governed by the organization policies of the - AnalyzeOrgPolicyGovernedAssetsRequest.constraint. + $ref: >- + #/components/schemas/GoogleIdentityAccesscontextmanagerV1VpcNetworkSource + members: + items: + type: string + type: array + description: >- + The request must be made by one of the provided user or service + accounts. Groups are not supported. Syntax: `user:{emailid}` + `serviceAccount:{emailid}` If not specified, a request may come from + any user. + type: object + GoogleIdentityAccesscontextmanagerV1VpcSubNetwork: type: object + id: GoogleIdentityAccesscontextmanagerV1VpcSubNetwork + description: Sub-segment ranges inside of a VPC Network. properties: - fullResourceName: - description: >- - The [full resource name] - (https://cloud.google.com/asset-inventory/docs/resource-name-format) - of the Google Cloud resource. - type: string - parent: - description: >- - The [full resource name] - (https://cloud.google.com/asset-inventory/docs/resource-name-format) - of the parent of - AnalyzeOrgPolicyGovernedAssetsResponse.GovernedResource.full_resource_name. - type: string - project: + network: description: >- - The project that this resource belongs to, in the format of - projects/{PROJECT_NUMBER}. This field is available when the resource - belongs to a project. + Required. Network name. If the network is not part of the + organization, the `compute.network.get` permission must be granted + to the caller. Format: + `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME}` + Example: + `//compute.googleapis.com/projects/my-project/global/networks/network-1` type: string - folders: - description: >- - The folder(s) that this resource belongs to, in the format of - folders/{FOLDER_NUMBER}. This field is available when the resource - belongs (directly or cascadingly) to one or more folders. - type: array + vpcIpSubnetworks: items: type: string - organization: - description: >- - The organization that this resource belongs to, in the format of - organizations/{ORGANIZATION_NUMBER}. This field is available when - the resource belongs (directly or cascadingly) to an organization. - type: string - assetType: description: >- - The asset type of the - AnalyzeOrgPolicyGovernedAssetsResponse.GovernedResource.full_resource_name - Example: `cloudresourcemanager.googleapis.com/Project` See [Cloud - Asset Inventory Supported Asset - Types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) - for all supported asset types. - type: string - effectiveTags: - description: The effective tags on this resource. + CIDR block IP subnetwork specification. The IP address must be an + IPv4 address and can be a public or private IP address. Note that + for a CIDR IP address block, the specified IP address portion must + be properly truncated (i.e. all the host bits must be zero) or the + input is considered malformed. For example, "192.0.2.0/24" is + accepted but "192.0.2.1/24" is not. If empty, all IP addresses are + allowed. type: array - items: - $ref: '#/components/schemas/EffectiveTagDetails' - GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedIamPolicy: - id: >- - GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedIamPolicy - description: >- - The IAM policies governed by the organization policies of the - AnalyzeOrgPolicyGovernedAssetsRequest.constraint. + BatchGetEffectiveIamPoliciesResponse: + description: A response message for AssetService.BatchGetEffectiveIamPolicies. type: object properties: - attachedResource: - description: >- - The full resource name of the resource on which this IAM policy is - set. Example: - `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. - See [Cloud Asset Inventory Resource Name - Format](https://cloud.google.com/asset-inventory/docs/resource-name-format) - for more information. - type: string - policy: - description: The IAM policy directly set on the given resource. - $ref: '#/components/schemas/Policy' - project: - description: >- - The project that this IAM policy belongs to, in the format of - projects/{PROJECT_NUMBER}. This field is available when the IAM - policy belongs to a project. - type: string - folders: + policyResults: description: >- - The folder(s) that this IAM policy belongs to, in the format of - folders/{FOLDER_NUMBER}. This field is available when the IAM policy - belongs (directly or cascadingly) to one or more folders. + The effective policies for a batch of resources. Note that the + results order is the same as the order of + BatchGetEffectiveIamPoliciesRequest.names. When a resource does not + have any effective IAM policies, its corresponding policy_result + will contain empty EffectiveIamPolicy.policies. type: array items: - type: string - organization: - description: >- - The organization that this IAM policy belongs to, in the format of - organizations/{ORGANIZATION_NUMBER}. This field is available when - the IAM policy belongs (directly or cascadingly) to an organization. + $ref: '#/components/schemas/EffectiveIamPolicy' + id: BatchGetEffectiveIamPoliciesResponse + TemporalAsset: + id: TemporalAsset + description: >- + An asset in Google Cloud and its temporal metadata, including the time + window when it was observed and its status during that window. + properties: + priorAssetState: + enum: + - PRIOR_ASSET_STATE_UNSPECIFIED + - PRESENT + - INVALID + - DOES_NOT_EXIST + - DELETED type: string - assetType: + description: State of prior_asset. + enumDescriptions: + - prior_asset is not applicable for the current asset. + - prior_asset is populated correctly. + - Failed to set prior_asset. + - Current asset is the first known state. + - prior_asset is a deletion. + window: + description: The time window when the asset data and state was observed. + $ref: '#/components/schemas/TimeWindow' + asset: + description: An asset in Google Cloud. + $ref: '#/components/schemas/Asset' + deleted: + description: Whether the asset has been deleted or not. + type: boolean + priorAsset: + $ref: '#/components/schemas/Asset' description: >- - The asset type of the - AnalyzeOrgPolicyGovernedAssetsResponse.GovernedIamPolicy.attached_resource. - Example: `cloudresourcemanager.googleapis.com/Project` See [Cloud - Asset Inventory Supported Asset - Types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) - for all supported asset types. - type: string - GoogleCloudAssetV1p7beta1Asset: - id: GoogleCloudAssetV1p7beta1Asset + Prior copy of the asset. Populated if prior_asset_state is PRESENT. + Currently this is only set for responses in Real-Time Feed. + type: object + GoogleCloudAssetV1p7beta1RelatedAsset: description: >- - An asset in Google Cloud. An asset can be any resource in the Google - Cloud [resource + An asset identify in Google Cloud which contains its name, type and + ancestors. An asset can be any resource in the Google Cloud [resource hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), a resource outside the Google Cloud resource hierarchy (such as Google Kubernetes Engine clusters and objects), or a policy (e.g. IAM policy). @@ -4816,14 +4764,20 @@ components: types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) for more information. type: object + id: GoogleCloudAssetV1p7beta1RelatedAsset properties: - updateTime: + ancestors: + items: + type: string description: >- - The last update timestamp of an asset. update_time is updated when - create/update/delete operation is performed. - type: string - format: google-datetime - name: + The ancestors of an asset in Google Cloud [resource + hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), + represented as a list of relative resource names. An ancestry path + starts with the closest ancestor in the hierarchy and ends at root. + Example: `["projects/123456789", "folders/5432", + "organizations/1234"]` + type: array + asset: description: >- The full name of the asset. Example: `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1` @@ -4832,222 +4786,300 @@ components: for more information. type: string assetType: + type: string description: >- The type of the asset. Example: `compute.googleapis.com/Disk` See [Supported asset types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) for more information. - type: string - resource: - description: A representation of the resource. - $ref: '#/components/schemas/GoogleCloudAssetV1p7beta1Resource' - iamPolicy: - description: >- - A representation of the IAM policy set on a Google Cloud resource. - There can be a maximum of one IAM policy set on any given resource. - In addition, IAM policies inherit their granted access scope from - any policies set on parent resources in the resource hierarchy. - Therefore, the effectively policy is the union of both the policy - set on this resource and each policy set on all of the resource's - ancestry resource levels in the hierarchy. See [this - topic](https://cloud.google.com/iam/help/allow-policies/inheritance) - for more information. - $ref: '#/components/schemas/Policy' - orgPolicy: - description: >- - A representation of an [organization - policy](https://cloud.google.com/resource-manager/docs/organization-policy/overview#organization_policy). - There can be more than one organization policy with different - constraints set on a given resource. - type: array - items: - $ref: '#/components/schemas/GoogleCloudOrgpolicyV1Policy' - accessPolicy: + IamPolicyAnalysisOutputConfig: + id: IamPolicyAnalysisOutputConfig + properties: + bigqueryDestination: + description: Destination on BigQuery. + $ref: '#/components/schemas/GoogleCloudAssetV1BigQueryDestination' + gcsDestination: + $ref: '#/components/schemas/GoogleCloudAssetV1GcsDestination' + description: Destination on Cloud Storage. + description: Output configuration for export IAM policy analysis destination. + type: object + IamPolicyAnalysisQuery: + description: IAM policy analysis query message. + properties: + identitySelector: + description: Optional. Specifies an identity for analysis. + $ref: '#/components/schemas/IdentitySelector' + resourceSelector: + description: Optional. Specifies a resource for analysis. + $ref: '#/components/schemas/ResourceSelector' + options: + description: Optional. The query options. + $ref: '#/components/schemas/Options' + conditionContext: + description: Optional. The hypothetical context for IAM conditions evaluation. + $ref: '#/components/schemas/ConditionContext' + accessSelector: description: >- - Please also refer to the [access policy user - guide](https://cloud.google.com/access-context-manager/docs/overview#access-policies). - $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1AccessPolicy - accessLevel: + Optional. Specifies roles or permissions for analysis. This is + optional. + $ref: '#/components/schemas/AccessSelector' + scope: description: >- - Please also refer to the [access level user - guide](https://cloud.google.com/access-context-manager/docs/overview#access-levels). - $ref: '#/components/schemas/GoogleIdentityAccesscontextmanagerV1AccessLevel' - servicePerimeter: + Required. The relative name of the root asset. Only resources and + IAM policies within the scope will be analyzed. This can only be an + organization number (such as "organizations/123"), a folder number + (such as "folders/123"), a project ID (such as + "projects/my-project-id"), or a project number (such as + "projects/12345"). To know how to get organization ID, visit [here + ](https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). + To know how to get folder or project ID, visit [here + ](https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects). + type: string + id: IamPolicyAnalysisQuery + type: object + OutputConfig: + type: object + id: OutputConfig + description: Output configuration for export assets destination. + properties: + bigqueryDestination: + $ref: '#/components/schemas/BigQueryDestination' description: >- - Please also refer to the [service perimeter user - guide](https://cloud.google.com/vpc-service-controls/docs/overview). - $ref: >- - #/components/schemas/GoogleIdentityAccesscontextmanagerV1ServicePerimeter - relatedAssets: + Destination on BigQuery. The output table stores the fields in asset + Protobuf as columns in BigQuery. + gcsDestination: + $ref: '#/components/schemas/GcsDestination' + description: Destination on Cloud Storage. + GoogleCloudAssetV1ListConstraint: + properties: + supportsIn: description: >- - The related assets of the asset of one relationship type. One asset - only represents one type of relationship. - $ref: '#/components/schemas/GoogleCloudAssetV1p7beta1RelatedAssets' - ancestors: + Indicates whether values grouped into categories can be used in + `Policy.allowed_values` and `Policy.denied_values`. For example, + `"in:Python"` would match any value in the 'Python' group. + type: boolean + supportsUnder: + type: boolean description: >- - The ancestry path of an asset in Google Cloud [resource - hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), - represented as a list of relative resource names. An ancestry path - starts with the closest ancestor in the hierarchy and ends at root. - If the asset is a project, folder, or organization, the ancestry - path starts from the asset itself. Example: `["projects/123456789", - "folders/5432", "organizations/1234"]` - type: array - items: - type: string - GoogleCloudAssetV1p7beta1Resource: - id: GoogleCloudAssetV1p7beta1Resource - description: A representation of a Google Cloud resource. + Indicates whether subtrees of Cloud Resource Manager resource + hierarchy can be used in `Policy.allowed_values` and + `Policy.denied_values`. For example, `"under:folders/123"` would + match any resource under the 'folders/123' folder. + id: GoogleCloudAssetV1ListConstraint + type: object + description: >- + A `Constraint` that allows or disallows a list of string values, which + are configured by an organization's policy administrator with a + `Policy`. + Policy: + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). type: object properties: - version: - description: 'The API version. Example: `v1`' - type: string - discoveryDocumentUri: - description: >- - The URL of the discovery document containing the resource's JSON - schema. Example: - `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest` This - value is unspecified for resources that do not have an API based on - a discovery document, such as Cloud Bigtable. - type: string - discoveryName: - description: >- - The JSON schema name listed in the discovery document. Example: - `Project` This value is unspecified for resources that do not have - an API based on a discovery document, such as Cloud Bigtable. - type: string - resourceUrl: + auditConfigs: + items: + $ref: '#/components/schemas/AuditConfig' + description: Specifies cloud audit logging configuration for this policy. + type: array + bindings: + type: array + items: + $ref: '#/components/schemas/Binding' description: >- - The REST URL for accessing the resource. An HTTP `GET` request using - this URL returns the resource itself. Example: - `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-123` - This value is unspecified for resources without a REST API. - type: string - parent: + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + etag: description: >- - The full name of the immediate parent of this resource. See - [Resource - Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) - for more information. For Google Cloud assets, this value is the - parent resource defined in the [IAM policy - hierarchy](https://cloud.google.com/iam/docs/overview#policy_hierarchy). - Example: - `//cloudresourcemanager.googleapis.com/projects/my_project_123` For - third-party assets, this field may be set differently. + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. type: string - data: + format: byte + version: + format: int32 description: >- - The content of the resource, in which some sensitive fields are - removed and may not be present. - type: object - additionalProperties: - type: any - description: Properties of the object. - location: + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + type: integer + id: Policy + ListSavedQueriesResponse: + properties: + savedQueries: + type: array + description: A list of savedQueries. + items: + $ref: '#/components/schemas/SavedQuery' + nextPageToken: description: >- - The location of the resource in Google Cloud, such as its zone and - region. For more information, see - https://cloud.google.com/about/locations/. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - GoogleCloudAssetV1p7beta1RelatedAssets: - id: GoogleCloudAssetV1p7beta1RelatedAssets - description: The detailed related assets with the `relationship_type`. + id: ListSavedQueriesResponse + type: object + description: Response of listing saved queries. + AnalyzeOrgPolicyGovernedAssetsResponse: + id: AnalyzeOrgPolicyGovernedAssetsResponse + description: The response message for AssetService.AnalyzeOrgPolicyGovernedAssets. type: object properties: - relationshipAttributes: - description: The detailed relation attributes. - $ref: '#/components/schemas/GoogleCloudAssetV1p7beta1RelationshipAttributes' - assets: - description: The peer resources of the relationship. - type: array + nextPageToken: + description: >- + The page token to fetch the next page for + AnalyzeOrgPolicyGovernedAssetsResponse.governed_assets. + type: string + constraint: + description: The definition of the constraint in the request. + $ref: '#/components/schemas/AnalyzerOrgPolicyConstraint' + governedAssets: items: - $ref: '#/components/schemas/GoogleCloudAssetV1p7beta1RelatedAsset' - GoogleCloudAssetV1p7beta1RelationshipAttributes: - id: GoogleCloudAssetV1p7beta1RelationshipAttributes - description: >- - The relationship attributes which include `type`, - `source_resource_type`, `target_resource_type` and `action`. + $ref: >- + #/components/schemas/GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedAsset + description: The list of the analyzed governed assets. + type: array + WindowsApplication: type: object + id: WindowsApplication properties: - type: + installDate: + $ref: '#/components/schemas/Date' description: >- - The unique identifier of the relationship type. Example: - `INSTANCE_TO_INSTANCEGROUP` + The last time this product received service. The value of this + property is replaced each time a patch is applied or removed from + the product or the command-line option is used to repair the + product. + publisher: type: string - sourceResourceType: - description: 'The source asset type. Example: `compute.googleapis.com/Instance`' + description: The name of the manufacturer for the product or application. + displayName: + description: The name of the application or product. type: string - targetResourceType: - description: 'The target asset type. Example: `compute.googleapis.com/Disk`' + helpLink: type: string - action: - description: The detail of the relationship, e.g. `contains`, `attaches` + description: The internet address for technical support. + displayVersion: + description: The version of the product or application in string format. type: string - GoogleCloudAssetV1p7beta1RelatedAsset: - id: GoogleCloudAssetV1p7beta1RelatedAsset description: >- - An asset identify in Google Cloud which contains its name, type and - ancestors. An asset can be any resource in the Google Cloud [resource - hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), - a resource outside the Google Cloud resource hierarchy (such as Google - Kubernetes Engine clusters and objects), or a policy (e.g. IAM policy). - See [Supported asset - types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) - for more information. - type: object + Contains information about a Windows application that is retrieved from + the Windows Registry. For more information about these fields, see: + https://docs.microsoft.com/en-us/windows/win32/msi/uninstall-registry-key + MoveAnalysisResult: properties: - asset: - description: >- - The full name of the asset. Example: - `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1` - See [Resource - names](https://cloud.google.com/apis/design/resource_names#full_resource_name) - for more information. - type: string - assetType: - description: >- - The type of the asset. Example: `compute.googleapis.com/Disk` See - [Supported asset - types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) - for more information. - type: string - ancestors: + blockers: description: >- - The ancestors of an asset in Google Cloud [resource - hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), - represented as a list of relative resource names. An ancestry path - starts with the closest ancestor in the hierarchy and ends at root. - Example: `["projects/123456789", "folders/5432", - "organizations/1234"]` + Blocking information that would prevent the target resource from + moving to the specified destination at runtime. type: array items: - type: string - AnalyzeIamPolicyLongrunningResponse: - id: AnalyzeIamPolicyLongrunningResponse - description: A response message for AssetService.AnalyzeIamPolicyLongrunning. - type: object - properties: {} - AnalyzeIamPolicyLongrunningMetadata: - id: AnalyzeIamPolicyLongrunningMetadata - description: >- - Represents the metadata of the longrunning operation for the - AnalyzeIamPolicyLongrunning RPC. + $ref: '#/components/schemas/MoveImpact' + warnings: + type: array + description: >- + Warning information indicating that moving the target resource to + the specified destination might be unsafe. This can include + important policy information and configuration changes, but will not + block moves at runtime. + items: + $ref: '#/components/schemas/MoveImpact' + id: MoveAnalysisResult type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime + description: An analysis result including blockers and warnings. parameters: + callback: + description: JSONP + in: query + name: callback + schema: + type: string access_token: description: OAuth access token. in: query name: access_token schema: type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' alt: description: Data format for response. in: query @@ -5058,18 +5090,6 @@ components: - json - media - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string key: description: >- API key. Your API key identifies your project and provides you with API @@ -5079,18 +5099,18 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: oauth_token + name: uploadType schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: prettyPrint + name: upload_protocol schema: - type: boolean + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -5100,28 +5120,38 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - _.xgafv: - description: V1 error format. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: $.xgafv + name: fields schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: + assets: + id: google.cloudasset.assets + name: assets + title: Assets + methods: + list: + operation: + $ref: '#/paths/~1v1~1{parentType}~1{parent}~1assets/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.assets + analyze_move: + operation: + $ref: '#/paths/~1v1~1{resource}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/assets/methods/list' + insert: [] + update: [] + replace: [] + delete: [] saved_queries: id: google.cloudasset.saved_queries name: saved_queries @@ -5145,19 +5175,19 @@ components: response: mediaType: application/json openAPIDocKey: '200' - create: + list: operation: - $ref: '#/paths/~1v1~1{parentType}~1{parent}~1savedQueries/post' + $ref: '#/paths/~1v1~1{parentType}~1{parent}~1savedQueries/get' response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.savedQueries + create: operation: - $ref: '#/paths/~1v1~1{parentType}~1{parent}~1savedQueries/get' + $ref: '#/paths/~1v1~1{parentType}~1{parent}~1savedQueries/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.savedQueries sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/saved_queries/methods/list' @@ -5169,59 +5199,28 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/saved_queries/methods/delete' - assets: - id: google.cloudasset.assets - name: assets - title: Assets + feeds: + id: google.cloudasset.feeds + name: feeds + title: Feeds methods: - query_assets: - operation: - $ref: '#/paths/~1v1~1{parentType}~1{parent}/post' - response: - mediaType: application/json - openAPIDocKey: '200' - analyze_org_policy_governed_assets: - operation: - $ref: '#/paths/~1v1~1{scope}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - analyze_move: - operation: - $ref: '#/paths/~1v1~1{resource}/get' - response: - mediaType: application/json - openAPIDocKey: '200' list: operation: - $ref: '#/paths/~1v1~1{parentType}~1{parent}~1assets/get' + $ref: '#/paths/~1v1~1{parentType}~1{parent}~1feeds/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.assets - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/assets/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - asset_history: - id: google.cloudasset.asset_history - name: asset_history - title: Asset_history - methods: - batch_get_assets_history: + create: operation: - $ref: '#/paths/~1v1~1{parentType}~1{parent}/get' + $ref: '#/paths/~1v1~1{parentType}~1{parent}~1feeds/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/asset_history/methods/batch_get_assets_history - insert: [] + - $ref: '#/components/x-stackQL-resources/feeds/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/feeds/methods/create' update: [] replace: [] delete: [] @@ -5230,6 +5229,12 @@ components: name: cloudasset_iam_policies title: Cloudasset_iam_policies methods: + search_all_iam_policies: + operation: + $ref: '#/paths/~1v1~1{scope}/get' + response: + mediaType: application/json + openAPIDocKey: '200' analyze_iam_policy_longrunning: operation: $ref: '#/paths/~1v1~1{scope}/post' @@ -5250,45 +5255,112 @@ components: update: [] replace: [] delete: [] - feeds: - id: google.cloudasset.feeds - name: feeds - title: Feeds + cloudasset: + id: google.cloudasset.cloudasset + name: cloudasset + title: Cloudasset methods: - create: + export_assets: operation: - $ref: '#/paths/~1v1~1{parentType}~1{parent}~1feeds/post' + $ref: '#/paths/~1v1~1{parentType}~1{parent}/post' response: mediaType: application/json openAPIDocKey: '200' - list: + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + asset_history: + id: google.cloudasset.asset_history + name: asset_history + title: Asset_history + methods: + batch_get_assets_history: operation: - $ref: '#/paths/~1v1~1{parentType}~1{parent}~1feeds/get' + $ref: '#/paths/~1v1~1{parentType}~1{parent}/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/feeds/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/feeds/methods/create' + - $ref: >- + #/components/x-stackQL-resources/asset_history/methods/batch_get_assets_history + insert: [] update: [] replace: [] delete: [] paths: - /v1/{name}: + /v1/{parentType}/{parent}/assets: parameters: &ref_1 + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/fields' + get: + description: >- + Lists assets with time and resource types and returns paged results in + response. + operationId: cloudasset.assets.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListAssetsResponse' + parameters: + - in: path + name: parentType + required: true + schema: + type: string + - in: path + name: parent + required: true + schema: + type: string + - in: query + name: readTime + schema: + type: string + format: google-datetime + - in: query + name: relationshipTypes + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: assetTypes + schema: + type: string + - in: query + name: contentType + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/{name}: + parameters: *ref_1 get: description: Gets details about a saved query. operationId: cloudasset.savedQueries.get @@ -5362,26 +5434,11 @@ paths: required: true schema: type: string - /v1/{parentType}/{parent}: + /v1/{parentType}/{parent}/feeds: parameters: *ref_1 - post: - description: >- - Issue a job that queries assets using a SQL statement compatible with - [BigQuery SQL](https://cloud.google.com/bigquery/docs/introduction-sql). - If the query execution finishes within timeout and there's no - pagination, the full query results will be returned in the - `QueryAssetsResponse`. Otherwise, full query results can be obtained by - issuing extra requests with the `job_reference` from the a previous - `QueryAssets` call. Note, the query result has approximately 10 GB - limitation enforced by - [BigQuery](https://cloud.google.com/bigquery/docs/best-practices-performance-output). - Queries return larger results will result in errors. - operationId: cloudasset.queryAssets - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/QueryAssetsRequest' + get: + description: Lists all asset feeds in a parent project/folder/organization. + operationId: cloudasset.feeds.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5393,7 +5450,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/QueryAssetsResponse' + $ref: '#/components/schemas/ListFeedsResponse' parameters: - in: path name: parentType @@ -5405,15 +5462,16 @@ paths: required: true schema: type: string - get: + post: description: >- - Batch gets the update history of assets that overlap a time window. For - IAM_POLICY content, this API outputs history when the asset and its - attached IAM POLICY both exist. This can create gaps in the output - history. Otherwise, this API outputs history with asset in both - non-delete or deleted status. If a specified asset does not exist, this - API returns an INVALID_ARGUMENT error. - operationId: cloudasset.batchGetAssetsHistory + Creates a feed in a parent project/folder/organization to listen to its + asset updates. + operationId: cloudasset.feeds.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CreateFeedRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5425,7 +5483,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BatchGetAssetsHistoryResponse' + $ref: '#/components/schemas/Feed' parameters: - in: path name: parentType @@ -5437,79 +5495,11 @@ paths: required: true schema: type: string - - in: query - name: assetNames - schema: - type: string - - in: query - name: contentType - schema: - type: string - - in: query - name: readTimeWindow.startTime - schema: - type: string - format: google-datetime - - in: query - name: readTimeWindow.endTime - schema: - type: string - format: google-datetime - - in: query - name: relationshipTypes - schema: - type: string - /v1/{scope}: + /v1/{parentType}/{parent}/savedQueries: parameters: *ref_1 get: - description: >- - Analyzes organization policies governed assets (Google Cloud resources - or policies) under a scope. This RPC supports custom constraints and the - following canned constraints: * constraints/ainotebooks.accessMode * - constraints/ainotebooks.disableFileDownloads * - constraints/ainotebooks.disableRootAccess * - constraints/ainotebooks.disableTerminal * - constraints/ainotebooks.environmentOptions * - constraints/ainotebooks.requireAutoUpgradeSchedule * - constraints/ainotebooks.restrictVpcNetworks * - constraints/compute.disableGuestAttributesAccess * - constraints/compute.disableInstanceDataAccessApis * - constraints/compute.disableNestedVirtualization * - constraints/compute.disableSerialPortAccess * - constraints/compute.disableSerialPortLogging * - constraints/compute.disableVpcExternalIpv6 * - constraints/compute.requireOsLogin * - constraints/compute.requireShieldedVm * - constraints/compute.restrictLoadBalancerCreationForTypes * - constraints/compute.restrictProtocolForwardingCreationForTypes * - constraints/compute.restrictXpnProjectLienRemoval * - constraints/compute.setNewProjectDefaultToZonalDNSOnly * - constraints/compute.skipDefaultNetworkCreation * - constraints/compute.trustedImageProjects * - constraints/compute.vmCanIpForward * - constraints/compute.vmExternalIpAccess * - constraints/gcp.detailedAuditLoggingMode * - constraints/gcp.resourceLocations * - constraints/iam.allowedPolicyMemberDomains * - constraints/iam.automaticIamGrantsForDefaultServiceAccounts * - constraints/iam.disableServiceAccountCreation * - constraints/iam.disableServiceAccountKeyCreation * - constraints/iam.disableServiceAccountKeyUpload * - constraints/iam.restrictCrossProjectServiceAccountLienRemoval * - constraints/iam.serviceAccountKeyExpiryHours * - constraints/resourcemanager.accessBoundaries * - constraints/resourcemanager.allowedExportDestinations * - constraints/sql.restrictAuthorizedNetworks * - constraints/sql.restrictNoncompliantDiagnosticDataAccess * - constraints/sql.restrictNoncompliantResourceCreation * - constraints/sql.restrictPublicIp * - constraints/storage.publicAccessPrevention * - constraints/storage.restrictAuthTypes * - constraints/storage.uniformBucketLevelAccess This RPC only returns - either resources of types [supported by search - APIs](https://cloud.google.com/asset-inventory/docs/supported-asset-types) - or IAM policies. - operationId: cloudasset.analyzeOrgPolicyGovernedAssets + description: Lists all saved queries in a parent project/folder/organization. + operationId: cloudasset.savedQueries.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5521,19 +5511,16 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AnalyzeOrgPolicyGovernedAssetsResponse' + $ref: '#/components/schemas/ListSavedQueriesResponse' parameters: - in: path - name: scope + name: parentType required: true schema: type: string - - in: query - name: constraint - schema: - type: string - - in: query - name: filter + - in: path + name: parent + required: true schema: type: string - in: query @@ -5545,23 +5532,18 @@ paths: name: pageToken schema: type: string + - in: query + name: filter + schema: + type: string post: - description: >- - Analyzes IAM policies asynchronously to answer which identities have - what accesses on which resources, and writes the analysis results to a - Google Cloud Storage or a BigQuery destination. For Cloud Storage - destination, the output format is the JSON format that represents a - AnalyzeIamPolicyResponse. This method implements the - google.longrunning.Operation, which allows you to track the operation - status. We recommend intervals of at least 2 seconds with exponential - backoff retry to poll the operation result. The metadata contains the - metadata for the long-running operation. - operationId: cloudasset.analyzeIamPolicyLongrunning + description: Creates a saved query in a parent project/folder/organization. + operationId: cloudasset.savedQueries.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/AnalyzeIamPolicyLongrunningRequest' + $ref: '#/components/schemas/SavedQuery' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5573,56 +5555,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/SavedQuery' parameters: - in: path - name: scope + name: parentType required: true schema: type: string - /v1/{resource}: - parameters: *ref_1 - get: - description: >- - Analyze moving a resource to a specified destination without kicking off - the actual move. The analysis is best effort depending on the user's - permissions of viewing different hierarchical policies and - configurations. The policies and configuration are subject to change - before the actual resource migration takes place. - operationId: cloudasset.analyzeMove - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/AnalyzeMoveResponse' - parameters: - in: path - name: resource + name: parent required: true schema: type: string - in: query - name: destinationParent - schema: - type: string - - in: query - name: view + name: savedQueryId schema: type: string - /v1/{parentType}/{parent}/assets: + /v1/{scope}: parameters: *ref_1 get: description: >- - Lists assets with time and resource types and returns paged results in - response. - operationId: cloudasset.assets.list + Searches all IAM policies within the specified scope, such as a project, + folder, or organization. The caller must be granted the + `cloudasset.assets.searchAllIamPolicies` permission on the desired + scope, otherwise the request will be rejected. + operationId: cloudasset.searchAllIamPolicies security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5634,29 +5591,19 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAssetsResponse' + $ref: '#/components/schemas/SearchAllIamPoliciesResponse' parameters: - in: path - name: parentType - required: true - schema: - type: string - - in: path - name: parent + name: scope required: true schema: type: string - in: query - name: readTime - schema: - type: string - format: google-datetime - - in: query - name: assetTypes + name: query schema: type: string - in: query - name: contentType + name: pageToken schema: type: string - in: query @@ -5665,25 +5612,30 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: assetTypes schema: type: string - in: query - name: relationshipTypes + name: orderBy schema: type: string - /v1/{parentType}/{parent}/feeds: - parameters: *ref_1 post: description: >- - Creates a feed in a parent project/folder/organization to listen to its - asset updates. - operationId: cloudasset.feeds.create + Analyzes IAM policies asynchronously to answer which identities have + what accesses on which resources, and writes the analysis results to a + Google Cloud Storage or a BigQuery destination. For Cloud Storage + destination, the output format is the JSON format that represents a + AnalyzeIamPolicyResponse. This method implements the + google.longrunning.Operation, which allows you to track the operation + status. We recommend intervals of at least 2 seconds with exponential + backoff retry to poll the operation result. The metadata contains the + metadata for the long-running operation. + operationId: cloudasset.analyzeIamPolicyLongrunning requestBody: content: application/json: schema: - $ref: '#/components/schemas/CreateFeedRequest' + $ref: '#/components/schemas/AnalyzeIamPolicyLongrunningRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5695,21 +5647,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Feed' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: parentType - required: true - schema: - type: string - - in: path - name: parent + name: scope required: true schema: type: string - get: - description: Lists all asset feeds in a parent project/folder/organization. - operationId: cloudasset.feeds.list + /v1/{parentType}/{parent}: + parameters: *ref_1 + post: + description: >- + Exports assets with time and resource types to a given Cloud Storage + location/BigQuery table. For Cloud Storage location destinations, the + output format is newline-delimited JSON. Each line represents a + google.cloud.asset.v1.Asset in the JSON format; for BigQuery table + destinations, the output table stores the fields in asset Protobuf as + columns. This API implements the google.longrunning.Operation API, which + allows you to keep track of the export. We recommend intervals of at + least 2 seconds with exponential retry to poll the export operation + result. For regular-size resource parent, the export operation usually + finishes within 5 minutes. + operationId: cloudasset.exportAssets + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ExportAssetsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5721,7 +5685,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListFeedsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: parentType @@ -5733,16 +5697,15 @@ paths: required: true schema: type: string - /v1/{parentType}/{parent}/savedQueries: - parameters: *ref_1 - post: - description: Creates a saved query in a parent project/folder/organization. - operationId: cloudasset.savedQueries.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SavedQuery' + get: + description: >- + Batch gets the update history of assets that overlap a time window. For + IAM_POLICY content, this API outputs history when the asset and its + attached IAM POLICY both exist. This can create gaps in the output + history. Otherwise, this API outputs history with asset in both + non-delete or deleted status. If a specified asset does not exist, this + API returns an INVALID_ARGUMENT error. + operationId: cloudasset.batchGetAssetsHistory security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5754,7 +5717,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/BatchGetAssetsHistoryResponse' parameters: - in: path name: parentType @@ -5767,12 +5730,37 @@ paths: schema: type: string - in: query - name: savedQueryId + name: assetNames + schema: + type: string + - in: query + name: relationshipTypes + schema: + type: string + - in: query + name: readTimeWindow.endTime + schema: + type: string + format: google-datetime + - in: query + name: contentType + schema: + type: string + - in: query + name: readTimeWindow.startTime schema: type: string + format: google-datetime + /v1/{resource}: + parameters: *ref_1 get: - description: Lists all saved queries in a parent project/folder/organization. - operationId: cloudasset.savedQueries.list + description: >- + Analyze moving a resource to a specified destination without kicking off + the actual move. The analysis is best effort depending on the user's + permissions of viewing different hierarchical policies and + configurations. The policies and configuration are subject to change + before the actual resource migration takes place. + operationId: cloudasset.analyzeMove security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5784,29 +5772,19 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSavedQueriesResponse' + $ref: '#/components/schemas/AnalyzeMoveResponse' parameters: - in: path - name: parentType - required: true - schema: - type: string - - in: path - name: parent + name: resource required: true schema: type: string - in: query - name: filter + name: destinationParent schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: view schema: type: string /v1/{scope}/effectiveIamPolicies: diff --git a/providers/src/googleapis.com/v00.00.00000/services/cloudbilling.yaml b/providers/src/googleapis.com/v00.00.00000/services/cloudbilling.yaml index 27c78bd9..c066d782 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/cloudbilling.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/cloudbilling.yaml @@ -9,8 +9,8 @@ info: Allows developers to manage billing for their Google Cloud Platform projects programmatically. version: v1 - x-discovery-doc-revision: '20250815' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251203' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/billing/docs/apis servers: @@ -24,11 +24,11 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 - https://www.googleapis.com/auth/cloud-billing: View and manage your Google Cloud Platform billing accounts https://www.googleapis.com/auth/cloud-billing.readonly: View your Google Cloud Platform billing accounts https://www.googleapis.com/auth/cloud-platform: >- See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account. + https://www.googleapis.com/auth/cloud-billing: View and manage your Google Cloud Platform billing accounts Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -38,92 +38,18 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - BillingAccount: - id: BillingAccount - description: >- - A billing account in the [Google Cloud - Console](https://console.cloud.google.com/). You can assign a billing - account to one or more projects. - type: object - properties: - name: - description: >- - Output only. The resource name of the billing account. The resource - name has the form `billingAccounts/{billing_account_id}`. For - example, `billingAccounts/012345-567890-ABCDEF` would be the - resource name for billing account `012345-567890-ABCDEF`. - readOnly: true - type: string - open: - description: >- - Output only. True if the billing account is open, and will therefore - be charged for any usage on associated projects. False if the - billing account is closed, and therefore projects associated with it - are unable to use paid services. - readOnly: true - type: boolean - displayName: - description: >- - The display name given to the billing account, such as `My Billing - Account`. This name is displayed in the Google Cloud Console. - type: string - masterBillingAccount: - description: >- - If this account is a - [subaccount](https://cloud.google.com/billing/docs/concepts), then - this will be the resource name of the parent billing account that it - is being resold through. Otherwise this will be empty. - type: string - parent: - description: >- - Output only. The billing account's parent resource identifier. Use - the `MoveBillingAccount` method to update the account's parent - resource if it is a organization. Format: - - `organizations/{organization_id}`, for example, - `organizations/12345678` - `billingAccounts/{billing_account_id}`, - for example, `billingAccounts/012345-567890-ABCDEF` - readOnly: true - type: string - currencyCode: - description: >- - Optional. The currency in which the billing account is billed and - charged, represented as an ISO 4217 code such as `USD`. Billing - account currency is determined at the time of billing account - creation and cannot be updated subsequently, so this field should - not be set on update requests. In addition, a subaccount always - matches the currency of its parent billing account, so this field - should not be set on subaccount creation requests. Clients can read - this field to determine the currency of an existing billing account. - type: string - ListBillingAccountsResponse: - id: ListBillingAccountsResponse - description: Response message for `ListBillingAccounts`. - type: object - properties: - billingAccounts: - description: A list of billing accounts. - type: array - items: - $ref: '#/components/schemas/BillingAccount' - nextPageToken: - description: >- - A token to retrieve the next page of results. To retrieve the next - page, call `ListBillingAccounts` again with the `page_token` field - set to this value. This field is empty if there are no more results - to retrieve. - type: string ListProjectBillingInfoResponse: id: ListProjectBillingInfoResponse description: Request message for `ListProjectBillingInfoResponse`. type: object properties: projectBillingInfo: - description: >- - A list of `ProjectBillingInfo` resources representing the projects - associated with the billing account. type: array items: $ref: '#/components/schemas/ProjectBillingInfo' + description: >- + A list of `ProjectBillingInfo` resources representing the projects + associated with the billing account. nextPageToken: description: >- A token to retrieve the next page of results. To retrieve the next @@ -131,46 +57,45 @@ components: field set to this value. This field is empty if there are no more results to retrieve. type: string - ProjectBillingInfo: - id: ProjectBillingInfo - description: >- - Encapsulation of billing information for a Google Cloud Console project. - A project has at most one associated billing account at a time (but a - billing account can be assigned to multiple projects). + SetIamPolicyRequest: type: object + description: Request message for `SetIamPolicy` method. properties: - name: - description: >- - Output only. The resource name for the `ProjectBillingInfo`; has the - form `projects/{project_id}/billingInfo`. For example, the resource - name for the billing information for project `tokyo-rain-123` would - be `projects/tokyo-rain-123/billingInfo`. - readOnly: true + updateMask: + format: google-fieldmask type: string - projectId: description: >- - Output only. The ID of the project that this `ProjectBillingInfo` - represents, such as `tokyo-rain-123`. This is a convenience field so - that you don't need to parse the `name` field to obtain a project - ID. - readOnly: true - type: string - billingAccountName: + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + policy: description: >- - The resource name of the billing account associated with the - project, if any. For example, - `billingAccounts/012345-567890-ABCDEF`. + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' + id: SetIamPolicyRequest + ListSkusResponse: + type: object + id: ListSkusResponse + properties: + nextPageToken: type: string - billingEnabled: description: >- - Output only. True if the project is associated with an open billing - account, to which usage on the project is charged. False if the - project is associated with a closed billing account, or no billing - account at all, and therefore cannot use paid services. - readOnly: true - type: boolean + A token to retrieve the next page of results. To retrieve the next + page, call `ListSkus` again with the `page_token` field set to this + value. This field is empty if there are no more results to retrieve. + skus: + description: The list of public SKUs of the given service. + type: array + items: + $ref: '#/components/schemas/Sku' + description: Response message for `ListSkus`. Policy: id: Policy + type: object description: >- An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of @@ -205,9 +130,44 @@ components: timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). - type: object properties: + etag: + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + type: string + format: byte + bindings: + type: array + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + items: + $ref: '#/components/schemas/Binding' + auditConfigs: + items: + $ref: '#/components/schemas/AuditConfig' + type: array + description: Specifies cloud audit logging configuration for this policy. version: + type: integer description: >- Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any @@ -225,444 +185,189 @@ components: specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer format: int32 - bindings: + TierRate: + properties: + startUsageAmount: + format: double description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. - type: array - items: - $ref: '#/components/schemas/AuditConfig' - etag: + Usage is priced at this rate only after this amount. Example: + start_usage_amount of 10 indicates that the usage will be priced at + the unit_price after the first 10 usage_units. + type: number + unitPrice: description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + The price per unit of usage. Example: unit_price of amount $10 + indicates that each unit will cost $10. + $ref: '#/components/schemas/Money' + type: object + description: The price rate indicating starting usage and its corresponding price. + id: TierRate + GeoTaxonomy: + description: Encapsulates the geographic taxonomy data for a sku. + id: GeoTaxonomy type: object properties: - role: + type: + enumDescriptions: + - The type is not specified. + - >- + The sku is global in nature, e.g. a license sku. Global skus are + available in all regions, and so have an empty region list. + - The sku is available in a specific region, e.g. "us-west2". + - >- + The sku is associated with multiple regions, e.g. "us-west2" and + "us-east1". + enum: + - TYPE_UNSPECIFIED + - GLOBAL + - REGIONAL + - MULTI_REGIONAL + type: string + description: 'The type of Geo Taxonomy: GLOBAL, REGIONAL, or MULTI_REGIONAL.' + regions: description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string - members: - description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array + The list of regions associated with a sku. Empty for Global skus, + which are associated with all Google Cloud regions. items: type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - type: object + type: array + ProjectBillingInfo: properties: - expression: + billingEnabled: + readOnly: true + type: boolean description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string - title: + Output only. True if the project is associated with an open billing + account, to which usage on the project is charged. False if the + project is associated with a closed billing account, or no billing + account at all, and therefore cannot use paid services. + projectId: + readOnly: true description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + Output only. The ID of the project that this `ProjectBillingInfo` + represents, such as `tokyo-rain-123`. This is a convenience field so + that you don't need to parse the `name` field to obtain a project + ID. type: string - description: + billingAccountName: description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + The resource name of the billing account associated with the + project, if any. For example, + `billingAccounts/012345-567890-ABCDEF`. type: string - location: - description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + name: + readOnly: true type: string - AuditConfig: - id: AuditConfig + description: >- + Output only. The resource name for the `ProjectBillingInfo`; has the + form `projects/{project_id}/billingInfo`. For example, the resource + name for the billing information for project `tokyo-rain-123` would + be `projects/tokyo-rain-123/billingInfo`. + type: object description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + Encapsulation of billing information for a Google Cloud Console project. + A project has at most one associated billing account at a time (but a + billing account can be assigned to multiple projects). + id: ProjectBillingInfo + Sku: type: object properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. + pricingInfo: + description: A timeline of pricing info for this SKU in chronological order. type: array items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - type: object - properties: - logType: - description: The log type that this config enables. - type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: + $ref: '#/components/schemas/PricingInfo' + serviceRegions: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. + List of service regions this SKU is offered at. Example: + "asia-east1" Service regions can be found at + https://cloud.google.com/about/locations/ type: array items: type: string - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: + geoTaxonomy: + description: The geographic taxonomy for this sku. + $ref: '#/components/schemas/GeoTaxonomy' + skuId: + description: 'The identifier for the SKU. Example: "D041-B8A1-6E0B"' + type: string + name: description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: + The resource name for the SKU. Example: + "services/6F81-5844-456A/skus/D041-B8A1-6E0B" + type: string + category: description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` + The category hierarchy of this SKU, purely for organizational + purpose. + $ref: '#/components/schemas/Category' + description: + description: >- + A human readable description of the SKU, has a maximum length of 256 + characters. type: string - format: google-fieldmask - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: + serviceProviderName: description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object - properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - MoveBillingAccountRequest: - id: MoveBillingAccountRequest - description: Request message for `MoveBillingAccount` RPC. - type: object - properties: - destinationParent: - description: >- - Required. The resource name of the Organization to move the billing - account under. Must be of the form - `organizations/{organization_id}`. - type: string - ListServicesResponse: - id: ListServicesResponse - description: Response message for `ListServices`. - type: object - properties: - services: - description: A list of services. - type: array - items: - $ref: '#/components/schemas/Service' - nextPageToken: - description: >- - A token to retrieve the next page of results. To retrieve the next - page, call `ListServices` again with the `page_token` field set to - this value. This field is empty if there are no more results to - retrieve. - type: string - Service: - id: Service - description: Encapsulates a single service in Google Cloud Platform. - type: object - properties: - name: - description: >- - The resource name for the service. Example: - "services/6F81-5844-456A" - type: string - serviceId: - description: 'The identifier for the service. Example: "6F81-5844-456A"' - type: string - displayName: - description: A human readable display name for this service. - type: string - businessEntityName: - description: >- - The business under which the service is offered. Ex. - "businessEntities/GCP", "businessEntities/Maps" - type: string - ListSkusResponse: - id: ListSkusResponse - description: Response message for `ListSkus`. - type: object - properties: - skus: - description: The list of public SKUs of the given service. - type: array - items: - $ref: '#/components/schemas/Sku' - nextPageToken: - description: >- - A token to retrieve the next page of results. To retrieve the next - page, call `ListSkus` again with the `page_token` field set to this - value. This field is empty if there are no more results to retrieve. + Identifies the service provider. This is 'Google' for first party + services in Google Cloud Platform. type: string - Sku: id: Sku description: Encapsulates a single SKU in Google Cloud - type: object + Money: + id: Money properties: - name: + nanos: + type: integer + format: int32 description: >- - The resource name for the SKU. Example: - "services/6F81-5844-456A/skus/D041-B8A1-6E0B" - type: string - skuId: - description: 'The identifier for the SKU. Example: "D041-B8A1-6E0B"' + Number of nano (10^-9) units of the amount. The value must be + between -999,999,999 and +999,999,999 inclusive. If `units` is + positive, `nanos` must be positive or zero. If `units` is zero, + `nanos` can be positive, zero, or negative. If `units` is negative, + `nanos` must be negative or zero. For example $-1.75 is represented + as `units`=-1 and `nanos`=-750,000,000. + currencyCode: + description: The three-letter currency code defined in ISO 4217. type: string - description: - description: >- - A human readable description of the SKU, has a maximum length of 256 - characters. + units: type: string - category: - description: >- - The category hierarchy of this SKU, purely for organizational - purpose. - $ref: '#/components/schemas/Category' - serviceRegions: - description: >- - List of service regions this SKU is offered at. Example: - "asia-east1" Service regions can be found at - https://cloud.google.com/about/locations/ - type: array - items: - type: string - pricingInfo: - description: A timeline of pricing info for this SKU in chronological order. - type: array - items: - $ref: '#/components/schemas/PricingInfo' - serviceProviderName: description: >- - Identifies the service provider. This is 'Google' for first party - services in Google Cloud Platform. - type: string - geoTaxonomy: - description: The geographic taxonomy for this sku. - $ref: '#/components/schemas/GeoTaxonomy' - Category: - id: Category - description: Represents the category hierarchy of a SKU. + The whole units of the amount. For example if `currencyCode` is + `"USD"`, then 1 unit is one US dollar. + format: int64 type: object - properties: - serviceDisplayName: - description: The display name of the service this SKU belongs to. - type: string - resourceFamily: - description: >- - The type of product the SKU refers to. Example: "Compute", - "Storage", "Network", "ApplicationServices" etc. - type: string - resourceGroup: - description: >- - A group classification for related SKUs. Example: "RAM", "GPU", - "Prediction", "Ops", "GoogleEgress" etc. - type: string - usageType: - description: >- - Represents how the SKU is consumed. Example: "OnDemand", - "Preemptible", "Commit1Mo", "Commit1Yr" etc. - type: string + description: Represents an amount of money with its currency type. PricingInfo: - id: PricingInfo description: Represents the pricing information for a SKU at a single point of time. + id: PricingInfo type: object properties: - effectiveTime: + pricingExpression: description: >- - The timestamp from which this pricing was effective within the - requested time range. This is guaranteed to be greater than or equal - to the start_time field in the request and less than the end_time - field in the request. If a time range was not specified in the - request this field will be equivalent to a time within the last 12 - hours, indicating the latest pricing info. - type: string - format: google-datetime + Expresses the pricing formula. See `PricingExpression` for an + example. + $ref: '#/components/schemas/PricingExpression' summary: description: >- An optional human readable summary of the pricing information, has a maximum length of 256 characters. type: string - pricingExpression: - description: >- - Expresses the pricing formula. See `PricingExpression` for an - example. - $ref: '#/components/schemas/PricingExpression' aggregationInfo: + $ref: '#/components/schemas/AggregationInfo' description: >- Aggregation Info. This can be left unspecified if the pricing expression doesn't require aggregation. - $ref: '#/components/schemas/AggregationInfo' + effectiveTime: + type: string + description: >- + The timestamp from which this pricing was effective within the + requested time range. This is guaranteed to be greater than or equal + to the start_time field in the request and less than the end_time + field in the request. If a time range was not specified in the + request this field will be equivalent to a time within the last 12 + hours, indicating the latest pricing info. + format: google-datetime currencyConversionRate: description: >- Conversion rate used for currency conversion, from USD to the @@ -670,167 +375,462 @@ components: collected for billing in non USD currency. If a currency is not specified in the request this defaults to 1.0. Example: USD * currency_conversion_rate = JPY - type: number format: double - PricingExpression: - id: PricingExpression + type: number + BillingAccount: description: >- - Expresses a mathematical pricing formula. For Example:- `usage_unit: - GBy` `tiered_rates:` `[start_usage_amount: 20, unit_price: $10]` - `[start_usage_amount: 100, unit_price: $5]` The above expresses a - pricing formula where the first 20GB is free, the next 80GB is priced at - $10 per GB followed by $5 per GB for additional usage. - type: object + A billing account in the [Google Cloud + Console](https://console.cloud.google.com/). You can assign a billing + account to one or more projects. properties: - usageUnit: + currencyCode: + type: string description: >- - The short hand for unit of usage this pricing is specified in. - Example: usage_unit of "GiBy" means that usage is specified in "Gibi - Byte". + Optional. The currency in which the billing account is billed and + charged, represented as an ISO 4217 code such as `USD`. Billing + account currency is determined at the time of billing account + creation and cannot be updated subsequently, so this field should + not be set on update requests. In addition, a subaccount always + matches the currency of its parent billing account, so this field + should not be set on subaccount creation requests. Clients can read + this field to determine the currency of an existing billing account. + displayName: type: string - displayQuantity: description: >- - The recommended quantity of units for displaying pricing info. When - displaying pricing info it is recommended to display: (unit_price * - display_quantity) per display_quantity usage_unit. This field does - not affect the pricing formula and is for display purposes only. - Example: If the unit_price is "0.0001 USD", the usage_unit is "GB" - and the display_quantity is "1000" then the recommended way of - displaying the pricing info is "0.10 USD per 1000 GB" - type: number - format: double - tieredRates: + The display name given to the billing account, such as `My Billing + Account`. This name is displayed in the Google Cloud Console. + open: description: >- - The list of tiered rates for this pricing. The total cost is - computed by applying each of the tiered rates on usage. This - repeated list is sorted by ascending order of start_usage_amount. - type: array - items: - $ref: '#/components/schemas/TierRate' - usageUnitDescription: - description: 'The unit of usage in human readable form. Example: "gibi byte".' - type: string - baseUnit: + Output only. True if the billing account is open, and will therefore + be charged for any usage on associated projects. False if the + billing account is closed, and therefore projects associated with it + are unable to use paid services. + readOnly: true + type: boolean + parent: description: >- - The base unit for the SKU which is the unit used in usage exports. - Example: "By" + Output only. The billing account's parent resource identifier. Use + the `MoveBillingAccount` method to update the account's parent + resource if it is a organization. Format: - + `organizations/{organization_id}`, for example, + `organizations/12345678` - `billingAccounts/{billing_account_id}`, + for example, `billingAccounts/012345-567890-ABCDEF` + readOnly: true type: string - baseUnitDescription: - description: 'The base unit in human readable form. Example: "byte".' + name: + description: >- + Output only. The resource name of the billing account. The resource + name has the form `billingAccounts/{billing_account_id}`. For + example, `billingAccounts/012345-567890-ABCDEF` would be the + resource name for billing account `012345-567890-ABCDEF`. type: string - baseUnitConversionFactor: + readOnly: true + masterBillingAccount: description: >- - Conversion factor for converting from price per usage_unit to price - per base_unit, and start_usage_amount to start_usage_amount in - base_unit. unit_price / base_unit_conversion_factor = price per - base_unit. start_usage_amount * base_unit_conversion_factor = - start_usage_amount in base_unit. - type: number - format: double - TierRate: - id: TierRate - description: The price rate indicating starting usage and its corresponding price. + If this account is a + [subaccount](https://cloud.google.com/billing/docs/concepts), then + this will be the resource name of the parent billing account that it + is being resold through. Otherwise this will be empty. + type: string + id: BillingAccount type: object + TestIamPermissionsResponse: + description: Response message for `TestIamPermissions` method. properties: - startUsageAmount: - description: >- - Usage is priced at this rate only after this amount. Example: - start_usage_amount of 10 indicates that the usage will be priced at - the unit_price after the first 10 usage_units. - type: number - format: double - unitPrice: + permissions: + type: array + items: + type: string description: >- - The price per unit of usage. Example: unit_price of amount $10 - indicates that each unit will cost $10. - $ref: '#/components/schemas/Money' - Money: - id: Money - description: Represents an amount of money with its currency type. + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. type: object - properties: - currencyCode: - description: The three-letter currency code defined in ISO 4217. - type: string - units: - description: >- - The whole units of the amount. For example if `currencyCode` is - `"USD"`, then 1 unit is one US dollar. - type: string - format: int64 - nanos: - description: >- - Number of nano (10^-9) units of the amount. The value must be - between -999,999,999 and +999,999,999 inclusive. If `units` is - positive, `nanos` must be positive or zero. If `units` is zero, - `nanos` can be positive, zero, or negative. If `units` is negative, - `nanos` must be negative or zero. For example $-1.75 is represented - as `units`=-1 and `nanos`=-750,000,000. - type: integer - format: int32 - AggregationInfo: - id: AggregationInfo - description: >- - Represents the aggregation level and interval for pricing of a single - SKU. + id: TestIamPermissionsResponse + AuditLogConfig: + id: AuditLogConfig type: object properties: - aggregationLevel: + logType: type: string enumDescriptions: - - '' - - '' - - '' + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' enum: - - AGGREGATION_LEVEL_UNSPECIFIED - - ACCOUNT - - PROJECT + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + description: The log type that this config enables. + exemptedMembers: + type: array + description: >- + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + items: + type: string + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + AggregationInfo: + properties: aggregationInterval: - type: string enumDescriptions: - '' - '' - '' + type: string enum: - AGGREGATION_INTERVAL_UNSPECIFIED - DAILY - MONTHLY aggregationCount: + type: integer description: >- The number of intervals to aggregate over. Example: If aggregation_level is "DAILY" and aggregation_count is 14, aggregation will be over 14 days. - type: integer format: int32 - GeoTaxonomy: - id: GeoTaxonomy - description: Encapsulates the geographic taxonomy data for a sku. + aggregationLevel: + type: string + enumDescriptions: + - '' + - '' + - '' + enum: + - AGGREGATION_LEVEL_UNSPECIFIED + - ACCOUNT + - PROJECT + id: AggregationInfo + type: object + description: >- + Represents the aggregation level and interval for pricing of a single + SKU. + Service: + id: Service + properties: + businessEntityName: + description: >- + The business under which the service is offered. Ex. + "businessEntities/GCP", "businessEntities/Maps" + type: string + name: + type: string + description: >- + The resource name for the service. Example: + "services/6F81-5844-456A" + displayName: + type: string + description: A human readable display name for this service. + serviceId: + type: string + description: 'The identifier for the service. Example: "6F81-5844-456A"' + description: Encapsulates a single service in Google Cloud Platform. + type: object + Category: + id: Category + description: Represents the category hierarchy of a SKU. + properties: + usageType: + description: >- + Represents how the SKU is consumed. Example: "OnDemand", + "Preemptible", "Commit1Mo", "Commit1Yr" etc. + type: string + serviceDisplayName: + type: string + description: The display name of the service this SKU belongs to. + resourceGroup: + type: string + description: >- + A group classification for related SKUs. Example: "RAM", "GPU", + "Prediction", "Ops", "GoogleEgress" etc. + resourceFamily: + description: >- + The type of product the SKU refers to. Example: "Compute", + "Storage", "Network", "ApplicationServices" etc. + type: string + type: object + TestIamPermissionsRequest: + type: object + properties: + permissions: + items: + type: string + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + type: array + description: Request message for `TestIamPermissions` method. + id: TestIamPermissionsRequest + ListServicesResponse: + id: ListServicesResponse + properties: + services: + type: array + items: + $ref: '#/components/schemas/Service' + description: A list of services. + nextPageToken: + type: string + description: >- + A token to retrieve the next page of results. To retrieve the next + page, call `ListServices` again with the `page_token` field set to + this value. This field is empty if there are no more results to + retrieve. + description: Response message for `ListServices`. + type: object + Expr: + id: Expr + properties: + expression: + description: >- + Textual representation of an expression in Common Expression + Language syntax. + type: string + location: + type: string + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + description: + type: string + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + title: + type: string + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + type: object + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + ListBillingAccountsResponse: + id: ListBillingAccountsResponse + description: Response message for `ListBillingAccounts`. + properties: + nextPageToken: + type: string + description: >- + A token to retrieve the next page of results. To retrieve the next + page, call `ListBillingAccounts` again with the `page_token` field + set to this value. This field is empty if there are no more results + to retrieve. + billingAccounts: + description: A list of billing accounts. + items: + $ref: '#/components/schemas/BillingAccount' + type: array + type: object + Binding: + id: Binding + type: object + properties: + role: + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + type: string + condition: + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + members: + items: + type: string + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + type: array + description: Associates `members`, or principals, with a `role`. + MoveBillingAccountRequest: + description: Request message for `MoveBillingAccount` RPC. + type: object + id: MoveBillingAccountRequest + properties: + destinationParent: + description: >- + Required. The resource name of the Organization to move the billing + account under. Must be of the form + `organizations/{organization_id}`. + type: string + AuditConfig: + id: AuditConfig + properties: + auditLogConfigs: + type: array + description: The configuration for logging of each type of permission. + items: + $ref: '#/components/schemas/AuditLogConfig' + service: + type: string + description: >- + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. type: object + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + PricingExpression: properties: - type: - description: 'The type of Geo Taxonomy: GLOBAL, REGIONAL, or MULTI_REGIONAL.' + usageUnitDescription: + description: 'The unit of usage in human readable form. Example: "gibi byte".' type: string - enumDescriptions: - - The type is not specified. - - >- - The sku is global in nature, e.g. a license sku. Global skus are - available in all regions, and so have an empty region list. - - The sku is available in a specific region, e.g. "us-west2". - - >- - The sku is associated with multiple regions, e.g. "us-west2" and - "us-east1". - enum: - - TYPE_UNSPECIFIED - - GLOBAL - - REGIONAL - - MULTI_REGIONAL - regions: - description: >- - The list of regions associated with a sku. Empty for Global skus, - which are associated with all Google Cloud regions. + tieredRates: type: array + description: >- + The list of tiered rates for this pricing. The total cost is + computed by applying each of the tiered rates on usage. This + repeated list is sorted by ascending order of start_usage_amount. items: - type: string + $ref: '#/components/schemas/TierRate' + usageUnit: + type: string + description: >- + The short hand for unit of usage this pricing is specified in. + Example: usage_unit of "GiBy" means that usage is specified in "Gibi + Byte". + baseUnit: + type: string + description: >- + The base unit for the SKU which is the unit used in usage exports. + Example: "By" + baseUnitDescription: + description: 'The base unit in human readable form. Example: "byte".' + type: string + baseUnitConversionFactor: + type: number + format: double + description: >- + Conversion factor for converting from price per usage_unit to price + per base_unit, and start_usage_amount to start_usage_amount in + base_unit. unit_price / base_unit_conversion_factor = price per + base_unit. start_usage_amount * base_unit_conversion_factor = + start_usage_amount in base_unit. + displayQuantity: + format: double + type: number + description: >- + The recommended quantity of units for displaying pricing info. When + displaying pricing info it is recommended to display: (unit_price * + display_quantity) per display_quantity usage_unit. This field does + not affect the pricing formula and is for display purposes only. + Example: If the unit_price is "0.0001 USD", the usage_unit is "GB" + and the display_quantity is "1000" then the recommended way of + displaying the pricing info is "0.10 USD per 1000 GB" + description: >- + Expresses a mathematical pricing formula. For Example:- `usage_unit: + GBy` `tiered_rates:` `[start_usage_amount: 20, unit_price: $10]` + `[start_usage_amount: 100, unit_price: $5]` The above expresses a + pricing formula where the first 20GB is free, the next 80GB is priced at + $10 per GB followed by $5 per GB for additional usage. + id: PricingExpression + type: object parameters: access_token: description: OAuth access token. @@ -838,35 +838,19 @@ components: name: access_token schema: type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto callback: description: JSONP in: query name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string - key: + quotaUser: description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: key + name: quotaUser schema: type: string oauth_token: @@ -875,149 +859,192 @@ components: name: oauth_token schema: type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + alt: + description: Data format for response. in: query - name: quotaUser + name: alt schema: type: string + enum: + - json + - media + - proto upload_protocol: description: Upload protocol for media (e.g. "raw", "multipart"). in: query name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: uploadType + name: fields schema: type: string - _.xgafv: - description: V1 error format. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: $.xgafv + name: key schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: - billing_accounts: - id: google.cloudbilling.billing_accounts - name: billing_accounts - title: Billing_accounts + billing_info: + id: google.cloudbilling.billing_info + name: billing_info + title: Billing_info methods: - get: + get_billing_info: operation: - $ref: '#/paths/~1v1~1billingAccounts~1{billingAccountsId}/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1billingInfo/get' response: mediaType: application/json openAPIDocKey: '200' - patch: + update_billing_info: operation: - $ref: '#/paths/~1v1~1billingAccounts~1{billingAccountsId}/patch' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1billingInfo/put' response: mediaType: application/json openAPIDocKey: '200' - list: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/billing_info/methods/get_billing_info + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/billing_info/methods/update_billing_info + delete: [] + billing_accounts_iam_policies: + id: google.cloudbilling.billing_accounts_iam_policies + name: billing_accounts_iam_policies + title: Billing_accounts_iam_policies + methods: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1billingAccounts/get + #/paths/~1v1~1billingAccounts~1{billingAccountsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.billingAccounts - create: + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1billingAccounts/post + #/paths/~1v1~1billingAccounts~1{billingAccountsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - move: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1billingAccounts~1{billingAccountsId}:move/get + #/paths/~1v1~1billingAccounts~1{billingAccountsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/billing_accounts/methods/get' - - $ref: '#/components/x-stackQL-resources/billing_accounts/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/billing_accounts/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/billing_accounts/methods/patch' - replace: [] + - $ref: >- + #/components/x-stackQL-resources/billing_accounts_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/billing_accounts_iam_policies/methods/set_iam_policy delete: [] - billing_accounts_iam_policies: - id: google.cloudbilling.billing_accounts_iam_policies - name: billing_accounts_iam_policies - title: Billing_accounts_iam_policies + billing_accounts: + id: google.cloudbilling.billing_accounts + name: billing_accounts + title: Billing_accounts methods: - get_iam_policy: + create: operation: $ref: >- - #/paths/~1v1~1billingAccounts~1{billingAccountsId}:getIamPolicy/get + #/paths/~1v1~1organizations~1{organizationsId}~1billingAccounts/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - set_iam_policy: + list: operation: $ref: >- - #/paths/~1v1~1billingAccounts~1{billingAccountsId}:setIamPolicy/post + #/paths/~1v1~1organizations~1{organizationsId}~1billingAccounts/get response: mediaType: application/json openAPIDocKey: '200' - test_iam_permissions: + objectKey: $.billingAccounts + patch: + operation: + $ref: '#/paths/~1v1~1billingAccounts~1{billingAccountsId}/patch' + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: '#/paths/~1v1~1billingAccounts~1{billingAccountsId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + move: operation: $ref: >- - #/paths/~1v1~1billingAccounts~1{billingAccountsId}:testIamPermissions/post + #/paths/~1v1~1organizations~1{organizationsId}~1billingAccounts~1{billingAccountsId}:move/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/billing_accounts_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/billing_accounts_iam_policies/methods/set_iam_policy + - $ref: '#/components/x-stackQL-resources/billing_accounts/methods/get' + - $ref: '#/components/x-stackQL-resources/billing_accounts/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/billing_accounts/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/billing_accounts/methods/patch' + replace: [] delete: [] sub_accounts: id: google.cloudbilling.sub_accounts name: sub_accounts title: Sub_accounts methods: - list: + create: operation: $ref: >- - #/paths/~1v1~1billingAccounts~1{billingAccountsId}~1subAccounts/get + #/paths/~1v1~1billingAccounts~1{billingAccountsId}~1subAccounts/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.billingAccounts - create: + list: operation: $ref: >- - #/paths/~1v1~1billingAccounts~1{billingAccountsId}~1subAccounts/post + #/paths/~1v1~1billingAccounts~1{billingAccountsId}~1subAccounts/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.billingAccounts sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/sub_accounts/methods/list' @@ -1045,33 +1072,6 @@ components: update: [] replace: [] delete: [] - billing_info: - id: google.cloudbilling.billing_info - name: billing_info - title: Billing_info - methods: - get_billing_info: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1billingInfo/get' - response: - mediaType: application/json - openAPIDocKey: '200' - update_billing_info: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1billingInfo/put' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/billing_info/methods/get_billing_info - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/billing_info/methods/update_billing_info - delete: [] services: id: google.cloudbilling.services name: services @@ -1111,25 +1111,27 @@ components: replace: [] delete: [] paths: - /v1/billingAccounts/{billingAccountsId}: + /v1/projects/{projectsId}/billingInfo: parameters: &ref_1 - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/key' get: description: >- - Gets information about a billing account. The current authenticated user - must be a [viewer of the billing - account](https://cloud.google.com/billing/docs/how-to/billing-access). - operationId: cloudbilling.billingAccounts.get + Gets the billing information for a project. The current authenticated + user must have the `resourcemanager.projects.get` permission for the + project, which can be granted by assigning the [Project + Viewer](https://cloud.google.com/iam/docs/understanding-roles#predefined_roles) + role. + operationId: cloudbilling.projects.getBillingInfo security: - Oauth2: - https://www.googleapis.com/auth/cloud-billing @@ -1149,27 +1151,48 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BillingAccount' + $ref: '#/components/schemas/ProjectBillingInfo' parameters: - in: path - name: billingAccountsId + name: projectsId required: true schema: type: string - patch: + put: description: >- - Updates a billing account's fields. Currently the only field that can be - edited is `display_name`. The current authenticated user must have the - `billing.accounts.update` IAM permission, which is typically given to - the - [administrator](https://cloud.google.com/billing/docs/how-to/billing-access) - of the billing account. - operationId: cloudbilling.billingAccounts.patch + Sets or updates the billing account associated with a project. You + specify the new billing account by setting the `billing_account_name` in + the `ProjectBillingInfo` resource to the resource name of a billing + account. Associating a project with an open billing account enables + billing on the project and allows charges for resource usage. If the + project already had a billing account, this method changes the billing + account used for resource usage charges. *Note:* Incurred charges that + have not yet been reported in the transaction history of the Google + Cloud Console might be billed to the new billing account, even if the + charge occurred before the new billing account was assigned to the + project. The current authenticated user must have ownership privileges + for both the + [project](https://cloud.google.com/docs/permissions-overview#h.bgs0oxofvnoo + ) and the [billing + account](https://cloud.google.com/billing/docs/how-to/billing-access). + You can disable billing on the project by setting the + `billing_account_name` field to empty. This action disassociates the + current billing account from the project. Any billable activity of your + in-use services will stop, and your application could stop functioning + as expected. Any unbilled charges to date will be billed to the + previously associated account. The current authenticated user must be + either an owner of the project or an owner of the billing account for + the project. Note that associating a project with a *closed* billing + account will have much the same effect as disabling billing on the + project: any paid resources used by the project will be shut down. Thus, + unless you wish to disable billing, you should always call this method + with the name of an *open* billing account. + operationId: cloudbilling.projects.updateBillingInfo requestBody: content: application/json: schema: - $ref: '#/components/schemas/BillingAccount' + $ref: '#/components/schemas/ProjectBillingInfo' security: - Oauth2: - https://www.googleapis.com/auth/cloud-billing @@ -1185,26 +1208,22 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BillingAccount' + $ref: '#/components/schemas/ProjectBillingInfo' parameters: - in: path - name: billingAccountsId + name: projectsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/billingAccounts: + /v1/billingAccounts/{billingAccountsId}:getIamPolicy: parameters: *ref_1 get: description: >- - Lists the billing accounts that the current authenticated user has - permission to - [view](https://cloud.google.com/billing/docs/how-to/billing-access). - operationId: cloudbilling.billingAccounts.list + Gets the access control policy for a billing account. The caller must + have the `billing.accounts.getIamPolicy` permission on the account, + which is often given to billing account + [viewers](https://cloud.google.com/billing/docs/how-to/billing-access). + operationId: cloudbilling.billingAccounts.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-billing @@ -1224,25 +1243,57 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBillingAccountsResponse' + $ref: '#/components/schemas/Policy' parameters: - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: billingAccountsId + required: true schema: type: string - in: query - name: filter + name: options.requestedPolicyVersion schema: - type: string - - in: query - name: parent + type: integer + format: int32 + /v1/billingAccounts/{billingAccountsId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy for a billing account. Replaces any + existing policy. The caller must have the + `billing.accounts.setIamPolicy` permission on the account, which is + often given to billing account + [administrators](https://cloud.google.com/billing/docs/how-to/billing-access). + operationId: cloudbilling.billingAccounts.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-billing + Oauth2c: + - https://www.googleapis.com/auth/cloud-billing + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Policy' + parameters: + - in: path + name: billingAccountsId + required: true schema: type: string + /v1/billingAccounts: + parameters: *ref_1 post: description: >- This method creates [billing @@ -1284,15 +1335,12 @@ paths: name: parent schema: type: string - /v1/billingAccounts/{billingAccountsId}:getIamPolicy: - parameters: *ref_1 get: description: >- - Gets the access control policy for a billing account. The caller must - have the `billing.accounts.getIamPolicy` permission on the account, - which is often given to billing account - [viewers](https://cloud.google.com/billing/docs/how-to/billing-access). - operationId: cloudbilling.billingAccounts.getIamPolicy + Lists the billing accounts that the current authenticated user has + permission to + [view](https://cloud.google.com/billing/docs/how-to/billing-access). + operationId: cloudbilling.billingAccounts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-billing @@ -1312,53 +1360,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' - parameters: - - in: path - name: billingAccountsId - required: true - schema: - type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/billingAccounts/{billingAccountsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy for a billing account. Replaces any - existing policy. The caller must have the - `billing.accounts.setIamPolicy` permission on the account, which is - often given to billing account - [administrators](https://cloud.google.com/billing/docs/how-to/billing-access). - operationId: cloudbilling.billingAccounts.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-billing - Oauth2c: - - https://www.googleapis.com/auth/cloud-billing - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Policy' - parameters: - - in: path - name: billingAccountsId - required: true + $ref: '#/components/schemas/ListBillingAccountsResponse' + parameters: + - in: query + name: parent + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter schema: type: string /v1/billingAccounts/{billingAccountsId}:testIamPermissions: @@ -1400,16 +1418,22 @@ paths: required: true schema: type: string - /v1/billingAccounts/{billingAccountsId}:move: + /v1/billingAccounts/{billingAccountsId}: parameters: *ref_1 - post: - description: Changes which parent organization a billing account belongs to. - operationId: cloudbilling.billingAccounts.move + patch: + description: >- + Updates a billing account's fields. Currently the only field that can be + edited is `display_name`. The current authenticated user must have the + `billing.accounts.update` IAM permission, which is typically given to + the + [administrator](https://cloud.google.com/billing/docs/how-to/billing-access) + of the billing account. + operationId: cloudbilling.billingAccounts.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/MoveBillingAccountRequest' + $ref: '#/components/schemas/BillingAccount' security: - Oauth2: - https://www.googleapis.com/auth/cloud-billing @@ -1432,14 +1456,17 @@ paths: required: true schema: type: string - /v1/billingAccounts/{billingAccountsId}/subAccounts: - parameters: *ref_1 + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: description: >- - Lists the billing accounts that the current authenticated user has - permission to - [view](https://cloud.google.com/billing/docs/how-to/billing-access). - operationId: cloudbilling.billingAccounts.subAccounts.list + Gets information about a billing account. The current authenticated user + must be a [viewer of the billing + account](https://cloud.google.com/billing/docs/how-to/billing-access). + operationId: cloudbilling.billingAccounts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-billing @@ -1459,26 +1486,47 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBillingAccountsResponse' + $ref: '#/components/schemas/BillingAccount' parameters: - in: path name: billingAccountsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + /v1/billingAccounts/{billingAccountsId}:move: + parameters: *ref_1 + post: + description: Changes which parent organization a billing account belongs to. + operationId: cloudbilling.billingAccounts.move + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/MoveBillingAccountRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-billing + Oauth2c: + - https://www.googleapis.com/auth/cloud-billing + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/BillingAccount' + parameters: + - in: path + name: billingAccountsId + required: true schema: type: string + /v1/billingAccounts/{billingAccountsId}/subAccounts: + parameters: *ref_1 post: description: >- This method creates [billing @@ -1521,15 +1569,12 @@ paths: required: true schema: type: string - /v1/billingAccounts/{billingAccountsId}/projects: - parameters: *ref_1 get: description: >- - Lists the projects associated with a billing account. The current - authenticated user must have the `billing.resourceAssociations.list` IAM - permission, which is often given to billing account - [viewers](https://cloud.google.com/billing/docs/how-to/billing-access). - operationId: cloudbilling.billingAccounts.projects.list + Lists the billing accounts that the current authenticated user has + permission to + [view](https://cloud.google.com/billing/docs/how-to/billing-access). + operationId: cloudbilling.billingAccounts.subAccounts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-billing @@ -1549,7 +1594,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListProjectBillingInfoResponse' + $ref: '#/components/schemas/ListBillingAccountsResponse' parameters: - in: path name: billingAccountsId @@ -1565,14 +1610,19 @@ paths: name: pageToken schema: type: string - /v1/organizations/{organizationsId}/billingAccounts: + - in: query + name: filter + schema: + type: string + /v1/billingAccounts/{billingAccountsId}/projects: parameters: *ref_1 get: description: >- - Lists the billing accounts that the current authenticated user has - permission to - [view](https://cloud.google.com/billing/docs/how-to/billing-access). - operationId: cloudbilling.organizations.billingAccounts.list + Lists the projects associated with a billing account. The current + authenticated user must have the `billing.resourceAssociations.list` IAM + permission, which is often given to billing account + [viewers](https://cloud.google.com/billing/docs/how-to/billing-access). + operationId: cloudbilling.billingAccounts.projects.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-billing @@ -1592,26 +1642,24 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBillingAccountsResponse' + $ref: '#/components/schemas/ListProjectBillingInfoResponse' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: type: string - in: query - name: filter + name: pageSize schema: - type: string + type: integer + format: int32 + /v1/organizations/{organizationsId}/billingAccounts: + parameters: *ref_1 post: description: >- This method creates [billing @@ -1654,16 +1702,21 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/billingAccounts/{billingAccountsId}:move: - parameters: *ref_1 get: - description: Changes which parent organization a billing account belongs to. - operationId: cloudbilling.organizations.billingAccounts.move + description: >- + Lists the billing accounts that the current authenticated user has + permission to + [view](https://cloud.google.com/billing/docs/how-to/billing-access). + operationId: cloudbilling.organizations.billingAccounts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-billing Oauth2c: - https://www.googleapis.com/auth/cloud-billing + - Oauth2: + - https://www.googleapis.com/auth/cloud-billing.readonly + Oauth2c: + - https://www.googleapis.com/auth/cloud-billing.readonly - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -1674,37 +1727,36 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BillingAccount' + $ref: '#/components/schemas/ListBillingAccountsResponse' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: billingAccountsId - required: true + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/billingInfo: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/organizations/{organizationsId}/billingAccounts/{billingAccountsId}:move: parameters: *ref_1 get: - description: >- - Gets the billing information for a project. The current authenticated - user must have the `resourcemanager.projects.get` permission for the - project, which can be granted by assigning the [Project - Viewer](https://cloud.google.com/iam/docs/understanding-roles#predefined_roles) - role. - operationId: cloudbilling.projects.getBillingInfo + description: Changes which parent organization a billing account belongs to. + operationId: cloudbilling.organizations.billingAccounts.move security: - Oauth2: - https://www.googleapis.com/auth/cloud-billing Oauth2c: - https://www.googleapis.com/auth/cloud-billing - - Oauth2: - - https://www.googleapis.com/auth/cloud-billing.readonly - Oauth2c: - - https://www.googleapis.com/auth/cloud-billing.readonly - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -1715,67 +1767,15 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ProjectBillingInfo' + $ref: '#/components/schemas/BillingAccount' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - put: - description: >- - Sets or updates the billing account associated with a project. You - specify the new billing account by setting the `billing_account_name` in - the `ProjectBillingInfo` resource to the resource name of a billing - account. Associating a project with an open billing account enables - billing on the project and allows charges for resource usage. If the - project already had a billing account, this method changes the billing - account used for resource usage charges. *Note:* Incurred charges that - have not yet been reported in the transaction history of the Google - Cloud Console might be billed to the new billing account, even if the - charge occurred before the new billing account was assigned to the - project. The current authenticated user must have ownership privileges - for both the - [project](https://cloud.google.com/docs/permissions-overview#h.bgs0oxofvnoo - ) and the [billing - account](https://cloud.google.com/billing/docs/how-to/billing-access). - You can disable billing on the project by setting the - `billing_account_name` field to empty. This action disassociates the - current billing account from the project. Any billable activity of your - in-use services will stop, and your application could stop functioning - as expected. Any unbilled charges to date will be billed to the - previously associated account. The current authenticated user must be - either an owner of the project or an owner of the billing account for - the project. Note that associating a project with a *closed* billing - account will have much the same effect as disabling billing on the - project: any paid resources used by the project will be shut down. Thus, - unless you wish to disable billing, you should always call this method - with the name of an *open* billing account. - operationId: cloudbilling.projects.updateBillingInfo - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ProjectBillingInfo' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-billing - Oauth2c: - - https://www.googleapis.com/auth/cloud-billing - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ProjectBillingInfo' - parameters: - in: path - name: projectsId + name: billingAccountsId required: true schema: type: string @@ -1846,25 +1846,25 @@ paths: schema: type: string - in: query - name: startTime + name: pageToken schema: type: string - format: google-datetime + - in: query + name: pageSize + schema: + type: integer + format: int32 - in: query name: endTime schema: type: string format: google-datetime - in: query - name: currencyCode + name: startTime schema: type: string + format: google-datetime - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: currencyCode schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/cloudbuild.yaml b/providers/src/googleapis.com/v00.00.00000/services/cloudbuild.yaml index 94bfaec0..a505779e 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/cloudbuild.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/cloudbuild.yaml @@ -7,8 +7,8 @@ info: title: Cloud Build API description: Creates and manages builds on Google Cloud Platform. version: v2 - x-discovery-doc-revision: '20250823' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251125' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/cloud-build/docs/ servers: @@ -34,463 +34,557 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. + PipelineRunResult: + description: PipelineRunResult used to describe the results of a pipeline + id: PipelineRunResult type: object properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. + value: + $ref: '#/components/schemas/ResultValue' + description: Output only. Value of the result. + readOnly: true + name: + readOnly: true + description: Output only. Name of the TaskRun type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + GoogleDevtoolsCloudbuildV2GitLabConfig: type: object + description: >- + Configuration for connections to gitlab.com or an instance of GitLab + Enterprise. + id: GoogleDevtoolsCloudbuildV2GitLabConfig properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + webhookSecretSecretVersion: type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: + Required. Immutable. SecretManager resource containing the webhook + secret of a GitLab Enterprise project, formatted as + `projects/*/secrets/*/versions/*`. + hostUri: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + Optional. The URI of the GitLab Enterprise host this connection is + for. If not specified, the default value is https://gitlab.com. type: string - metadata: + sslCa: + description: Optional. SSL certificate to use for requests to GitLab Enterprise. + type: string + authorizerCredential: + $ref: '#/components/schemas/UserCredential' description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + Required. A GitLab personal access token with the `api` scope + access. + readAuthorizerCredential: description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + Required. A GitLab personal access token with the minimum `read_api` + scope access. + $ref: '#/components/schemas/UserCredential' + serviceDirectoryConfig: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + Optional. Configuration for using Service Directory to privately + connect to a GitLab Enterprise server. This should only be set if + the GitLab Enterprise server is hosted on-premises and not reachable + by public internet. If this field is left empty, calls to the GitLab + Enterprise server will be made over the public internet. + $ref: >- + #/components/schemas/GoogleDevtoolsCloudbuildV2ServiceDirectoryConfig + serverVersion: + readOnly: true + type: string description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + Output only. Version of the GitLab Enterprise server running on the + `host_uri`. + Sidecar: + description: Sidecars run alongside the Task's step containers. type: object + id: Sidecar properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + name: + description: Name of the Sidecar. type: string - details: + script: + description: The contents of an executable file to execute. + type: string + args: + description: Arguments to the entrypoint. + items: + type: string + type: array + readinessProbe: + $ref: '#/components/schemas/Probe' description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + Optional. Periodic probe of Sidecar service readiness. Container + will be removed from service endpoints if the probe fails. Cannot be + updated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + +optional + volumeMounts: + description: Pod volumes to mount into the container's filesystem. type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - Connection: - id: Connection - description: >- - A connection to a SCM like GitHub, GitHub Enterprise, Bitbucket Data - Center, Bitbucket Cloud or GitLab. - type: object + $ref: '#/components/schemas/VolumeMount' + env: + type: array + description: List of environment variables to set in the container. + items: + $ref: '#/components/schemas/EnvVar' + workingDir: + description: Container's working directory. + type: string + securityContext: + description: Optional. Security options the container should be run with. + $ref: '#/components/schemas/SecurityContext' + command: + type: array + items: + type: string + description: Entrypoint array. + image: + description: Docker image name. + type: string + TaskRef: properties: - name: - description: >- - Immutable. The resource name of the connection, in the format - `projects/{project}/locations/{location}/connections/{connection_id}`. + resolver: + enumDescriptions: + - Default enum type; should not be used. + - >- + Bundles resolver. + https://tekton.dev/docs/pipelines/bundle-resolver/ + - GCB repo resolver. + - >- + Simple Git resolver. + https://tekton.dev/docs/pipelines/git-resolver/ + - Developer Connect resolver. + - Default resolver. type: string - createTime: description: >- - Output only. Server assigned timestamp for when the connection was - created. - readOnly: true - type: string - format: google-datetime - updateTime: + Resolver is the name of the resolver that should perform resolution + of the referenced Tekton resource. + enum: + - RESOLVER_NAME_UNSPECIFIED + - BUNDLES + - GCB_REPO + - GIT + - DEVELOPER_CONNECT + - DEFAULT + params: description: >- - Output only. Server assigned timestamp for when the connection was - updated. - readOnly: true + Params contains the parameters used to identify the referenced + Tekton resource. Example entries might include "repo" or "path" but + the set of params ultimately depends on the chosen resolver. + items: + $ref: '#/components/schemas/Param' + type: array + name: + description: Optional. Name of the task. type: string - format: google-datetime - githubConfig: - description: Configuration for connections to github.com. - $ref: '#/components/schemas/GitHubConfig' - githubEnterpriseConfig: - description: Configuration for connections to an instance of GitHub Enterprise. - $ref: >- - #/components/schemas/GoogleDevtoolsCloudbuildV2GitHubEnterpriseConfig - gitlabConfig: - description: >- - Configuration for connections to gitlab.com or an instance of GitLab - Enterprise. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV2GitLabConfig' - bitbucketDataCenterConfig: - description: Configuration for connections to Bitbucket Data Center. - $ref: '#/components/schemas/BitbucketDataCenterConfig' - bitbucketCloudConfig: - description: Configuration for connections to Bitbucket Cloud. - $ref: '#/components/schemas/BitbucketCloudConfig' - installationState: - description: Output only. Installation state of the Connection. - readOnly: true - $ref: '#/components/schemas/InstallationState' - disabled: - description: >- - Optional. If disabled is set to true, functionality is disabled for - this connection. Repository based API methods and webhooks - processing for repositories in this connection will be disabled. - type: boolean - reconciling: - description: >- - Output only. Set to true when the connection is being set up or - updated in the background. - readOnly: true - type: boolean - annotations: - description: Optional. Allows clients to store small amounts of arbitrary data. - type: object - additionalProperties: - type: string - etag: - description: >- - This checksum is computed by the server based on the value of other - fields, and may be sent on update and delete requests to ensure the - client has an up-to-date value before proceeding. + type: object + description: >- + TaskRef can be used to refer to a specific instance of a task. + PipelineRef can be used to refer to a specific instance of a Pipeline. + id: TaskRef + PropertySpec: + properties: + type: type: string - GitHubConfig: - id: GitHubConfig - description: Configuration for connections to github.com. + description: A type for the object. + enumDescriptions: + - Default enum type; should not be used. + - Default + enum: + - TYPE_UNSPECIFIED + - STRING + id: PropertySpec + description: PropertySpec holds information about a property in an object. type: object + SecurityContext: + id: SecurityContext + description: Security options the container should be run with. properties: - authorizerCredential: + allowPrivilegeEscalation: + type: boolean description: >- - Optional. OAuth credential of the account that authorized the Cloud - Build GitHub App. It is recommended to use a robot account instead - of a human user account. The OAuth token must be tied to the Cloud - Build GitHub App. - $ref: '#/components/schemas/OAuthCredential' - appInstallationId: - description: Optional. GitHub App installation id. + Optional. AllowPrivilegeEscalation controls whether a process can + gain more privileges than its parent process. This bool directly + controls if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always when the container + is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field + cannot be set when spec.os.name is windows. +optional + runAsGroup: + format: int64 + description: >- + Optional. The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in + PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes + precedence. Note that this field cannot be set when spec.os.name is + windows. +optional type: string + runAsNonRoot: + type: boolean + description: >- + Optional. Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure + that it does not run as UID 0 (root) and fail to start the container + if it does. If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value specified in + SecurityContext takes precedence. +optional + runAsUser: format: int64 - OAuthCredential: - id: OAuthCredential - description: >- - Represents an OAuth token of the account that authorized the Connection, - and associated metadata. + type: string + description: >- + Optional. The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext takes + precedence. Note that this field cannot be set when spec.os.name is + windows. +optional + privileged: + description: Run container in privileged mode. + type: boolean type: object + PipelineResult: properties: - oauthTokenSecretVersion: - description: >- - Optional. A SecretManager resource containing the OAuth token that - authorizes the Cloud Build connection. Format: - `projects/*/secrets/*/versions/*`. + name: + readOnly: true type: string - username: - description: Output only. The username associated to this token. + description: Output only. Name of the result. + value: + $ref: '#/components/schemas/ResultValue' + readOnly: true + description: Output only. Value of the result. + description: readOnly: true type: string - GoogleDevtoolsCloudbuildV2GitHubEnterpriseConfig: - id: GoogleDevtoolsCloudbuildV2GitHubEnterpriseConfig - description: Configuration for connections to an instance of GitHub Enterprise. + description: Output only. Description of the result. + type: + enum: + - TYPE_UNSPECIFIED + - STRING + - ARRAY + - OBJECT + readOnly: true + enumDescriptions: + - Default enum type; should not be used. + - Default + - Array type + - Object type + type: string + description: Output only. The type of data that the result holds. + description: A value produced by a Pipeline. + type: object + id: PipelineResult + Empty: + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + id: Empty + properties: {} + GoogleDevtoolsCloudbuildV2Condition: + id: GoogleDevtoolsCloudbuildV2Condition + description: Conditions defines a readiness condition for a Knative resource. type: object properties: - hostUri: - description: >- - Required. The URI of the GitHub Enterprise host this connection is - for. + type: + description: Type of condition. type: string - apiKey: - description: Required. API Key used for authentication of webhook events. + severity: + enum: + - SEVERITY_UNSPECIFIED + - WARNING + - INFO + enumDescriptions: + - Default enum type; should not be used. + - Severity is warning. + - Severity is informational only. type: string - appId: - description: Optional. Id of the GitHub App created from the manifest. + description: Severity with which to treat failures of this type of condition. + reason: + description: The reason for the condition's last transition. type: string - format: int64 - appSlug: - description: Optional. The URL-friendly name of the GitHub App. + status: + enum: + - UNKNOWN + - 'TRUE' + - 'FALSE' + description: Status of the condition. type: string - privateKeySecretVersion: - description: >- - Optional. SecretManager resource containing the private key of the - GitHub App, formatted as `projects/*/secrets/*/versions/*`. + enumDescriptions: + - Default enum type indicating execution is still ongoing. + - Success + - Failure + message: + description: A human readable message indicating details about the transition. type: string - webhookSecretSecretVersion: - description: >- - Optional. SecretManager resource containing the webhook secret of - the GitHub App, formatted as `projects/*/secrets/*/versions/*`. + lastTransitionTime: type: string - appInstallationId: - description: Optional. ID of the installation of the GitHub App. + description: >- + LastTransitionTime is the last time the condition transitioned from + one status to another. + format: google-datetime + GoogleDevtoolsCloudbuildV2OperationMetadata: + properties: + target: + readOnly: true type: string - format: int64 - serviceDirectoryConfig: description: >- - Optional. Configuration for using Service Directory to privately - connect to a GitHub Enterprise server. This should only be set if - the GitHub Enterprise server is hosted on-premises and not reachable - by public internet. If this field is left empty, calls to the GitHub - Enterprise server will be made over the public internet. - $ref: >- - #/components/schemas/GoogleDevtoolsCloudbuildV2ServiceDirectoryConfig - sslCa: - description: Optional. SSL certificate to use for requests to GitHub Enterprise. + Output only. Server-defined resource path for the target of the + operation. + statusMessage: + description: Output only. Human-readable status of the operation, if any. + readOnly: true type: string - serverVersion: - description: Output only. GitHub Enterprise version installed at the host_uri. + endTime: + description: Output only. The time the operation finished running. readOnly: true type: string - GoogleDevtoolsCloudbuildV2ServiceDirectoryConfig: - id: GoogleDevtoolsCloudbuildV2ServiceDirectoryConfig - description: >- - ServiceDirectoryConfig represents Service Directory configuration for a - connection. + format: google-datetime + requestedCancellation: + description: >- + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. + readOnly: true + type: boolean + createTime: + readOnly: true + description: Output only. The time the operation was created. + format: google-datetime + type: string + verb: + readOnly: true + type: string + description: Output only. Name of the verb executed by the operation. + apiVersion: + readOnly: true + description: Output only. API version used to start the operation. + type: string + description: Represents the metadata of the long-running operation. + id: GoogleDevtoolsCloudbuildV2OperationMetadata + type: object + CreateRepositoryRequest: type: object + description: Message for creating a Repository. + id: CreateRepositoryRequest properties: - service: + parent: description: >- - Required. The Service Directory service name. Format: - projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + Required. The connection to contain the repository. If the request + is part of a BatchCreateRepositoriesRequest, this field should be + empty or match the parent specified there. type: string - GoogleDevtoolsCloudbuildV2GitLabConfig: - id: GoogleDevtoolsCloudbuildV2GitLabConfig + repositoryId: + description: >- + Required. The ID to use for the repository, which will become the + final component of the repository's resource name. This ID should be + unique in the connection. Allows alphanumeric characters and any of + -._~%!$&'()*+,;=@. + type: string + repository: + $ref: '#/components/schemas/Repository' + description: Required. The repository to create. + SkippedTask: description: >- - Configuration for connections to gitlab.com or an instance of GitLab - Enterprise. - type: object + SkippedTask is used to describe the Tasks that were skipped due to their + When Expressions evaluating to False. properties: - hostUri: - description: >- - Optional. The URI of the GitLab Enterprise host this connection is - for. If not specified, the default value is https://gitlab.com. + name: + description: Name is the Pipeline Task name type: string - webhookSecretSecretVersion: + reason: + type: string + description: Output only. Reason is the cause of the PipelineTask being skipped. + readOnly: true + whenExpressions: description: >- - Required. Immutable. SecretManager resource containing the webhook - secret of a GitLab Enterprise project, formatted as - `projects/*/secrets/*/versions/*`. + WhenExpressions is the list of checks guarding the execution of the + PipelineTask + type: array + items: + $ref: '#/components/schemas/WhenExpression' + id: SkippedTask + type: object + FetchReadTokenResponse: + description: Message for responding to get read token. + type: object + properties: + expirationTime: type: string - readAuthorizerCredential: + format: google-datetime + description: Expiration timestamp. Can be empty if unknown or non-expiring. + token: + description: The token content. + type: string + id: FetchReadTokenResponse + FetchReadWriteTokenResponse: + description: Message for responding to get read/write token. + type: object + properties: + expirationTime: + format: google-datetime + description: Expiration timestamp. Can be empty if unknown or non-expiring. + type: string + token: + description: The token content. + type: string + id: FetchReadWriteTokenResponse + AuditLogConfig: + type: object + id: AuditLogConfig + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + properties: + logType: + description: The log type that this config enables. + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + type: string + exemptedMembers: + items: + type: string description: >- - Required. A GitLab personal access token with the minimum `read_api` - scope access. - $ref: '#/components/schemas/UserCredential' - authorizerCredential: + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + type: array + Repository: + properties: + etag: description: >- - Required. A GitLab personal access token with the `api` scope - access. - $ref: '#/components/schemas/UserCredential' - serviceDirectoryConfig: + This checksum is computed by the server based on the value of other + fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. + type: string + webhookId: + description: Output only. External ID of the webhook created for the repository. + type: string + readOnly: true + name: description: >- - Optional. Configuration for using Service Directory to privately - connect to a GitLab Enterprise server. This should only be set if - the GitLab Enterprise server is hosted on-premises and not reachable - by public internet. If this field is left empty, calls to the GitLab - Enterprise server will be made over the public internet. - $ref: >- - #/components/schemas/GoogleDevtoolsCloudbuildV2ServiceDirectoryConfig - sslCa: - description: Optional. SSL certificate to use for requests to GitLab Enterprise. + Immutable. Resource name of the repository, in the format + `projects/*/locations/*/connections/*/repositories/*`. type: string - serverVersion: + remoteUri: + description: Required. Git Clone HTTPS URI. + type: string + createTime: + type: string + readOnly: true + format: google-datetime description: >- - Output only. Version of the GitLab Enterprise server running on the - `host_uri`. + Output only. Server assigned timestamp for when the connection was + created. + annotations: + additionalProperties: + type: string + type: object + description: Optional. Allows clients to store small amounts of arbitrary data. + updateTime: readOnly: true + format: google-datetime type: string - UserCredential: - id: UserCredential - description: >- - Represents a personal access token that authorized the Connection, and - associated metadata. + description: >- + Output only. Server assigned timestamp for when the connection was + updated. + description: A repository associated to a parent connection. + id: Repository + type: object + GoogleDevtoolsCloudbuildV2ServiceDirectoryConfig: type: object + id: GoogleDevtoolsCloudbuildV2ServiceDirectoryConfig properties: - userTokenSecretVersion: + service: description: >- - Required. A SecretManager resource containing the user token that - authorizes the Cloud Build connection. Format: - `projects/*/secrets/*/versions/*`. - type: string - username: - description: Output only. The username associated to this token. - readOnly: true + Required. The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. type: string - BitbucketDataCenterConfig: - id: BitbucketDataCenterConfig - description: Configuration for connections to Bitbucket Data Center. + description: >- + ServiceDirectoryConfig represents Service Directory configuration for a + connection. + CancelOperationRequest: + description: The request message for Operations.CancelOperation. + type: object + id: CancelOperationRequest + properties: {} + SecretVolumeSource: + id: SecretVolumeSource type: object + description: Secret Volume Source. properties: - hostUri: + secretVersion: description: >- - Required. The URI of the Bitbucket Data Center instance or cluster - this connection is for. + Optional. Resource name of the SecretVersion. In format: + projects/*/secrets/*/versions/* + type: string + secretName: + description: Name of the secret referenced by the WorkspaceBinding. type: string + BitbucketCloudConfig: + type: object + id: BitbucketCloudConfig + description: Configuration for connections to Bitbucket Cloud. + properties: webhookSecretSecretVersion: description: >- - Required. Immutable. SecretManager resource containing the webhook - secret used to verify webhook events, formatted as + Required. SecretManager resource containing the webhook secret used + to verify webhook events, formatted as `projects/*/secrets/*/versions/*`. type: string - readAuthorizerCredential: - description: Required. A http access token with the `REPO_READ` access. - $ref: '#/components/schemas/UserCredential' authorizerCredential: - description: Required. A http access token with the `REPO_ADMIN` scope access. + description: >- + Required. An access token with the `webhook`, `repository`, + `repository:admin` and `pullrequest` scope access. It can be either + a workspace, project or repository access token. It's recommended to + use a system account to generate these credentials. $ref: '#/components/schemas/UserCredential' - serviceDirectoryConfig: - description: >- - Optional. Configuration for using Service Directory to privately - connect to a Bitbucket Data Center. This should only be set if the - Bitbucket Data Center is hosted on-premises and not reachable by - public internet. If this field is left empty, calls to the Bitbucket - Data Center will be made over the public internet. - $ref: >- - #/components/schemas/GoogleDevtoolsCloudbuildV2ServiceDirectoryConfig - sslCa: - description: >- - Optional. SSL certificate to use for requests to the Bitbucket Data - Center. - type: string - serverVersion: - description: >- - Output only. Version of the Bitbucket Data Center running on the - `host_uri`. - readOnly: true - type: string - BitbucketCloudConfig: - id: BitbucketCloudConfig - description: Configuration for connections to Bitbucket Cloud. - type: object - properties: - workspace: - description: >- - Required. The Bitbucket Cloud Workspace ID to be connected to Google - Cloud Platform. - type: string - webhookSecretSecretVersion: - description: >- - Required. SecretManager resource containing the webhook secret used - to verify webhook events, formatted as - `projects/*/secrets/*/versions/*`. - type: string - readAuthorizerCredential: + readAuthorizerCredential: description: >- Required. An access token with the `repository` access. It can be either a workspace, project or repository access token. It's recommended to use a system account to generate the credentials. $ref: '#/components/schemas/UserCredential' - authorizerCredential: + workspace: + type: string description: >- - Required. An access token with the `webhook`, `repository`, - `repository:admin` and `pullrequest` scope access. It can be either - a workspace, project or repository access token. It's recommended to - use a system account to generate these credentials. - $ref: '#/components/schemas/UserCredential' + Required. The Bitbucket Cloud Workspace ID to be connected to Google + Cloud Platform. InstallationState: - id: InstallationState + type: object description: >- Describes stage and necessary actions to be taken by the user to complete the installation. Used for GitHub and GitHub Enterprise based connections. - type: object + id: InstallationState properties: - stage: - description: Output only. Current step of the installation process. + message: + description: >- + Output only. Message of what the user should do next to continue the + installation. Empty string if the installation is already complete. readOnly: true type: string + stage: + description: Output only. Current step of the installation process. + enum: + - STAGE_UNSPECIFIED + - PENDING_CREATE_APP + - PENDING_USER_OAUTH + - PENDING_INSTALL_APP + - COMPLETE enumDescriptions: - No stage specified. - >- @@ -502,365 +596,345 @@ components: User needs to follow the link to install the GitHub (or Enterprise) App. - Installation process has been completed. - enum: - - STAGE_UNSPECIFIED - - PENDING_CREATE_APP - - PENDING_USER_OAUTH - - PENDING_INSTALL_APP - - COMPLETE - message: - description: >- - Output only. Message of what the user should do next to continue the - installation. Empty string if the installation is already complete. - readOnly: true type: string + readOnly: true actionUri: description: >- Output only. Link to follow for next action. Empty string if the installation is already complete. readOnly: true type: string - ListConnectionsResponse: - id: ListConnectionsResponse - description: Message for response to listing Connections. - type: object + Step: + id: Step properties: - connections: - description: The list of Connections. - type: array + volumeMounts: items: - $ref: '#/components/schemas/Connection' - nextPageToken: - description: A token identifying a page of results the server should return. + $ref: '#/components/schemas/VolumeMount' + type: array + description: Pod volumes to mount into the container's filesystem. + timeout: + format: google-duration type: string - unreachable: - description: Locations that could not be reached. + description: Time after which the Step times out. Defaults to never. + args: + description: Arguments to the entrypoint. type: array items: type: string - Repository: - id: Repository - description: A repository associated to a parent connection. - type: object - properties: + command: + type: array + description: Entrypoint array. + items: + type: string + params: + type: array + description: Optional. Optional parameters passed to the StepAction. + items: + $ref: '#/components/schemas/Param' name: - description: >- - Immutable. Resource name of the repository, in the format - `projects/*/locations/*/connections/*/repositories/*`. - type: string - remoteUri: - description: Required. Git Clone HTTPS URI. - type: string - createTime: - description: >- - Output only. Server assigned timestamp for when the connection was - created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. Server assigned timestamp for when the connection was - updated. - readOnly: true + description: Name of the container specified as a DNS_LABEL. type: string - format: google-datetime - annotations: - description: Optional. Allows clients to store small amounts of arbitrary data. - type: object - additionalProperties: - type: string - etag: + onError: description: >- - This checksum is computed by the server based on the value of other - fields, and may be sent on update and delete requests to ensure the - client has an up-to-date value before proceeding. + Optional. OnError defines the exiting behavior on error can be set + to [ continue | stopAndFail ] type: string - webhookId: - description: Output only. External ID of the webhook created for the repository. - readOnly: true + enum: + - ON_ERROR_TYPE_UNSPECIFIED + - STOP_AND_FAIL + - CONTINUE + enumDescriptions: + - Default enum type; should not be used. + - >- + StopAndFail indicates exit if the step/task exits with non-zero + exit code + - >- + Continue indicates continue executing the rest of the steps/tasks + irrespective of the exit code + workingDir: type: string - BatchCreateRepositoriesRequest: - id: BatchCreateRepositoriesRequest - description: Message for creating repositoritories in batch. - type: object - properties: - requests: - description: >- - Required. The request messages specifying the repositories to - create. + description: Container's working directory. + ref: + description: Optional. Optional reference to a remote StepAction. + $ref: '#/components/schemas/StepRef' + env: + description: List of environment variables to set in the container. type: array items: - $ref: '#/components/schemas/CreateRepositoryRequest' - CreateRepositoryRequest: - id: CreateRepositoryRequest - description: Message for creating a Repository. - type: object - properties: - parent: + $ref: '#/components/schemas/EnvVar' + securityContext: + $ref: '#/components/schemas/SecurityContext' description: >- - Required. The connection to contain the repository. If the request - is part of a BatchCreateRepositoriesRequest, this field should be - empty or match the parent specified there. + Optional. SecurityContext defines the security options the Step + should be run with. If set, the fields of SecurityContext override + the equivalent fields of PodSecurityContext. More info: + https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + +optional + image: + description: Docker image name. type: string - repository: - description: Required. The repository to create. - $ref: '#/components/schemas/Repository' - repositoryId: - description: >- - Required. The ID to use for the repository, which will become the - final component of the repository's resource name. This ID should be - unique in the connection. Allows alphanumeric characters and any of - -._~%!$&'()*+,;=@. + script: + description: The contents of an executable file to execute. type: string - ListRepositoriesResponse: - id: ListRepositoriesResponse - description: Message for response to listing Repositories. type: object + description: >- + Step embeds the Container type, which allows it to include fields not + provided by Container. + FetchLinkableRepositoriesResponse: + description: Response message for FetchLinkableRepositories. properties: repositories: - description: The list of Repositories. + description: repositories ready to be created. type: array items: $ref: '#/components/schemas/Repository' nextPageToken: description: A token identifying a page of results the server should return. type: string - unreachable: - description: Locations that could not be reached. + type: object + id: FetchLinkableRepositoriesResponse + StepTemplate: + description: >- + StepTemplate can be used as the basis for all step containers within the + Task, so that the steps inherit settings on the base container. + properties: + volumeMounts: type: array + description: Optional. Pod volumes to mount into the container's filesystem. items: - type: string - FetchReadWriteTokenRequest: - id: FetchReadWriteTokenRequest - description: Message for fetching SCM read/write token. - type: object - properties: {} - FetchReadWriteTokenResponse: - id: FetchReadWriteTokenResponse - description: Message for responding to get read/write token. + $ref: '#/components/schemas/VolumeMount' + env: + items: + $ref: '#/components/schemas/EnvVar' + type: array + description: >- + Optional. List of environment variables to set in the Step. Cannot + be updated. + id: StepTemplate type: object + ListLocationsResponse: + id: ListLocationsResponse properties: - token: - description: The token content. - type: string - expirationTime: - description: Expiration timestamp. Can be empty if unknown or non-expiring. + locations: + description: >- + A list of locations that matches the specified filter in the + request. + type: array + items: + $ref: '#/components/schemas/Location' + nextPageToken: + description: The standard List next-page token. type: string - format: google-datetime - FetchReadTokenRequest: - id: FetchReadTokenRequest - description: Message for fetching SCM read token. - type: object - properties: {} - FetchReadTokenResponse: - id: FetchReadTokenResponse - description: Message for responding to get read token. + description: The response message for Locations.ListLocations. type: object + TimeoutFields: properties: - token: - description: The token content. + tasks: + format: google-duration + description: Tasks sets the maximum allowed duration of this pipeline's tasks type: string - expirationTime: - description: Expiration timestamp. Can be empty if unknown or non-expiring. + finally: + description: Finally sets the maximum allowed duration of this pipeline's finally type: string - format: google-datetime - HttpBody: - id: HttpBody + format: google-duration + pipeline: + type: string + format: google-duration + description: >- + Pipeline sets the maximum allowed duration for execution of the + entire pipeline. The sum of individual timeouts for tasks and + finally must not exceed this value. description: >- - Message that represents an arbitrary HTTP body. It should only be used - for payload formats that can't be represented as JSON, such as raw - binary or an HTML page. This message can be used both in streaming and - non-streaming API methods in the request as well as the response. It can - be used as a top-level request field, which is convenient if one wants - to extract parameters from either the URL or HTTP template into the - request fields and also want access to the raw HTTP body. Example: - message GetResourceRequest { // A unique request id. string request_id = - 1; // The raw HTTP body is bound to this field. google.api.HttpBody - http_body = 2; } service ResourceService { rpc - GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc - UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } - Example with streaming methods: service CaldavService { rpc - GetCalendar(stream google.api.HttpBody) returns (stream - google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) - returns (stream google.api.HttpBody); } Use of this type only changes - how the request and response bodies are handled, all other features will - continue to work unchanged. + TimeoutFields allows granular specification of pipeline, task, and + finally timeouts + id: TimeoutFields type: object + Provenance: + id: Provenance properties: - contentType: - description: >- - The HTTP Content-Type header value specifying the content type of - the body. + region: type: string - data: - description: The HTTP request/response body as raw binary. + description: Optional. Provenance region. + enumDescriptions: + - >- + The PipelineRun/TaskRun/Workflow will be rejected. Update this + comment to push to the same region as the run in Artifact Analysis + when it's regionalized. + - Push provenance to Artifact Analysis in global region. + enum: + - REGION_UNSPECIFIED + - GLOBAL + enabled: type: string - format: byte - extensions: - description: >- - Application specific response metadata. Must be set in the first - response for streaming APIs. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - FetchLinkableRepositoriesResponse: - id: FetchLinkableRepositoriesResponse - description: Response message for FetchLinkableRepositories. - type: object - properties: - repositories: - description: repositories ready to be created. - type: array - items: - $ref: '#/components/schemas/Repository' - nextPageToken: - description: A token identifying a page of results the server should return. + description: Optional. Provenance push mode. + enum: + - ENABLED_UNSPECIFIED + - REQUIRED + - OPTIMISTIC + - DISABLED + enumDescriptions: + - Default to disabled (before AA regionalization), optimistic after + - Provenance failures would fail the run + - >- + GCB will attempt to push to artifact analaysis and build state + would not be impacted by the push failures. + - Disable the provenance push entirely. + storage: + description: Optional. Where provenance is stored. + enumDescriptions: + - Default PREFER_ARTIFACT_PROJECT. + - >- + GCB will attempt to push provenance to the artifact project. If it + is not available, fallback to build project. + - Only push to artifact project. + - Only push to build project. type: string - FetchGitRefsResponse: - id: FetchGitRefsResponse - description: Response for fetching git refs + enum: + - STORAGE_UNSPECIFIED + - PREFER_ARTIFACT_PROJECT + - ARTIFACT_PROJECT_ONLY + - BUILD_PROJECT_ONLY + type: object + description: Provenance configuration. + WorkspacePipelineTaskBinding: + description: >- + WorkspacePipelineTaskBinding maps workspaces from the PipelineSpec to + the workspaces declared in the Task. type: object properties: - refNames: - description: Name of the refs fetched. - type: array - items: - type: string - nextPageToken: - description: A token identifying a page of results the server should return. + workspace: + type: string + description: Name of the workspace declared by the pipeline. + name: + description: Name of the workspace as declared by the task. + type: string + subPath: + description: >- + Optional. SubPath is optionally a directory on the volume which + should be used for this binding (i.e. the volume will be mounted at + this sub directory). +optional type: string + id: WorkspacePipelineTaskBinding SetIamPolicyRequest: id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object properties: policy: + $ref: '#/components/schemas/Policy' description: >- REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Google Cloud services (such as Projects) might reject them. - $ref: '#/components/schemas/Policy' updateMask: + type: string description: >- OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"` - type: string format: google-fieldmask - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). type: object + description: Request message for `SetIamPolicy` method. + OperationMetadata: + type: object + id: OperationMetadata properties: - version: + verb: + readOnly: true + type: string + description: Output only. Name of the verb executed by the operation. + endTime: + type: string + readOnly: true + description: Output only. The time the operation finished running. + format: google-datetime + statusDetail: + type: string + readOnly: true + description: Output only. Human-readable status of the operation, if any. + createTime: + readOnly: true + type: string + description: Output only. The time the operation was created. + format: google-datetime + apiVersion: + description: Output only. API version used to start the operation. + readOnly: true + type: string + target: + type: string description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + Output only. Server-defined resource path for the target of the + operation. + readOnly: true + cancelRequested: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. - type: array - items: - $ref: '#/components/schemas/AuditConfig' - etag: + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have been cancelled successfully + have google.longrunning.Operation.error value with a + google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. + type: boolean + readOnly: true + description: Represents the metadata of the long-running operation. + EnvVar: + type: object + description: Environment variable. + properties: + value: + description: Value of the environment variable. + type: string + name: + description: Name of the environment variable. + type: string + id: EnvVar + Expr: + id: Expr + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + properties: + expression: description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + Textual representation of an expression in Common Expression + Language syntax. type: string - format: byte + description: + type: string + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + title: + type: string + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + location: + type: string + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: object Binding: id: Binding description: Associates `members`, or principals, with a `role`. - type: object properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string members: + type: array description: >- Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A @@ -920,9 +994,17 @@ components: `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array items: type: string + role: + type: string + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). condition: description: >- The condition that is associated with this binding. If the condition @@ -934,1082 +1016,1015 @@ components: their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. type: object + WhenExpression: + id: WhenExpression properties: - expression: + values: + type: array + items: + type: string description: >- - Textual representation of an expression in Common Expression - Language syntax. + Values is an array of strings, which is compared against the input, + for guard checking. + expressionOperator: + enumDescriptions: + - Default enum type; should not be used. + - Input is in values. + - Input is not in values. type: string - title: + description: Operator that represents an Input's relationship to the values + enum: + - EXPRESSION_OPERATOR_UNSPECIFIED + - IN + - NOT_IN + input: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + Input is the string for guard checking which can be a static input + or an output from a parent Task. type: string - description: + type: object + description: Conditions that need to be true for the task to run. + Operation: + id: Operation + description: >- + This resource represents a long-running operation that is the result of + a network API call. + properties: + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + response: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + name: type: string - location: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: object + ParamSpec: + type: object + properties: + default: + $ref: '#/components/schemas/ParamValue' + description: The default value a parameter takes if no input value is supplied + name: + description: Name of the ParamSpec + type: string + description: + description: Description of the ParamSpec + type: string + type: + description: Type of ParamSpec + enum: + - TYPE_UNSPECIFIED + - STRING + - ARRAY + - OBJECT + enumDescriptions: + - Default enum type; should not be used. + - Default + - Array type. + - Object type. type: string - AuditConfig: - id: AuditConfig description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + ParamSpec defines parameters needed beyond typed inputs (such as + resources). Parameter values are provided by users as inputs on a + TaskRun or PipelineRun. + id: ParamSpec + GoogleDevtoolsCloudbuildV2GitHubEnterpriseConfig: type: object + description: Configuration for connections to an instance of GitHub Enterprise. properties: - service: + hostUri: description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. + Required. The URI of the GitHub Enterprise host this connection is + for. type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - type: object - properties: - logType: - description: The log type that this config enables. + sslCa: + type: string + description: Optional. SSL certificate to use for requests to GitHub Enterprise. + appId: + description: Optional. Id of the GitHub App created from the manifest. + type: string + format: int64 + apiKey: + type: string + description: Required. API Key used for authentication of webhook events. + privateKeySecretVersion: type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: - type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. + Optional. SecretManager resource containing the private key of the + GitHub App, formatted as `projects/*/secrets/*/versions/*`. + serviceDirectoryConfig: + $ref: >- + #/components/schemas/GoogleDevtoolsCloudbuildV2ServiceDirectoryConfig + description: >- + Optional. Configuration for using Service Directory to privately + connect to a GitHub Enterprise server. This should only be set if + the GitHub Enterprise server is hosted on-premises and not reachable + by public internet. If this field is left empty, calls to the GitHub + Enterprise server will be made over the public internet. + webhookSecretSecretVersion: + description: >- + Optional. SecretManager resource containing the webhook secret of + the GitHub App, formatted as `projects/*/secrets/*/versions/*`. + type: string + appInstallationId: + format: int64 + description: Optional. ID of the installation of the GitHub App. + type: string + appSlug: + description: Optional. The URL-friendly name of the GitHub App. + type: string + serverVersion: + readOnly: true + type: string + description: Output only. GitHub Enterprise version installed at the host_uri. + id: GoogleDevtoolsCloudbuildV2GitHubEnterpriseConfig + FetchReadTokenRequest: + properties: {} type: object + description: Message for fetching SCM read token. + id: FetchReadTokenRequest + PipelineTask: + description: PipelineTask defines a task in a Pipeline. properties: - permissions: + taskSpec: + description: Spec to instantiate this TaskRun. + $ref: '#/components/schemas/EmbeddedTask' + workspaces: + type: array description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). + Workspaces maps workspaces from the pipeline spec to the workspaces + declared in the Task. + items: + $ref: '#/components/schemas/WorkspacePipelineTaskBinding' + taskRef: + $ref: '#/components/schemas/TaskRef' + description: Reference to a specific instance of a task. + name: + description: Name of the task. + type: string + params: type: array + description: Params is a list of parameter names and values. items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object - properties: - permissions: + $ref: '#/components/schemas/Param' + whenExpressions: + items: + $ref: '#/components/schemas/WhenExpression' + type: array + description: Conditions that need to be true for the task to run. + timeout: + type: string + format: google-duration description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. + Time after which the TaskRun times out. Defaults to 1 hour. + Specified TaskRun timeout should be less than 24h. + retries: + type: integer + description: >- + Retries represents how many times this task should be retried in + case of task failure. + format: int32 + runAfter: type: array + description: >- + RunAfter is the list of PipelineTask names that should be executed + before this Task executes. (Used to force a specific ordering in + graph execution.) items: type: string - GoogleDevtoolsCloudbuildV2OperationMetadata: - id: GoogleDevtoolsCloudbuildV2OperationMetadata - description: Represents the metadata of the long-running operation. + id: PipelineTask type: object + VolumeMount: + id: VolumeMount properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + subPathExpr: type: string - format: google-datetime - target: description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true + Expanded path within the volume from which the container's volume + should be mounted. Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded using the container's + environment. Defaults to "" (volume's root). + subPath: type: string - requestedCancellation: description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string - RunWorkflowCustomOperationMetadata: - id: RunWorkflowCustomOperationMetadata - description: >- - Represents the custom metadata of the RunWorkflow long-running - operation. - type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true + Path within the volume from which the container's volume should be + mounted. Defaults to "" (volume's root). + name: type: string - requestedCancellation: + description: Name of the volume. + readOnly: description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true + Mounted read-only if true, read-write otherwise (false or + unspecified). type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string - target: + mountPath: description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - pipelineRunId: - description: Output only. ID of the pipeline run created by RunWorkflow. - readOnly: true + Path within the container at which the volume should be mounted. + Must not contain ':'. type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. type: object + description: Pod volumes to mount into the container's filesystem. + VolumeSource: + id: VolumeSource properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - target: + name: description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true + Name of the Volume. Must be a DNS_LABEL and unique within the pod. + More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string - statusDetail: - description: Output only. Human-readable status of the operation, if any. - readOnly: true - type: string - cancelRequested: - description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been cancelled successfully - have google.longrunning.Operation.error value with a - google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string - BatchCreateRepositoriesResponse: - id: BatchCreateRepositoriesResponse - description: Message for response of creating repositories in batch. + emptyDir: + $ref: '#/components/schemas/EmptyDirVolumeSource' + description: A temporary directory that shares a pod's lifetime. + description: Volumes available to mount. type: object - properties: - repositories: - description: Repository resources created. - type: array - items: - $ref: '#/components/schemas/Repository' - PipelineRun: - id: PipelineRun - description: Message describing PipelineRun object + Probe: + id: Probe type: object + description: >- + Probe describes a health check to be performed against a container to + determine whether it is alive or ready to receive traffic. properties: - name: + periodSeconds: description: >- - Output only. The `PipelineRun` name with format - `projects/{project}/locations/{location}/pipelineRuns/{pipeline_run}` - readOnly: true + Optional. How often (in seconds) to perform the probe. Default to 10 + seconds. Minimum value is 1. +optional + format: int32 + type: integer + exec: + $ref: '#/components/schemas/ExecAction' + description: Optional. Exec specifies the action to take. +optional + TaskResult: + type: object + description: TaskResult is used to describe the results of a task. + properties: + description: type: string - uid: - description: Output only. A unique identifier for the `PipelineRun`. - readOnly: true + description: Description of the result. + type: + description: The type of data that the result holds. + enum: + - TYPE_UNSPECIFIED + - STRING + - ARRAY + - OBJECT + enumDescriptions: + - Default enum type; should not be used. + - Default + - Array type + - Object type type: string - createTime: + properties: + type: object description: >- - Output only. Time at which the request to create the `PipelineRun` - was received. - readOnly: true + When type is OBJECT, this map holds the names of fields inside that + object along with the type of data each field holds. + additionalProperties: + $ref: '#/components/schemas/PropertySpec' + name: type: string - format: google-datetime - updateTime: + description: Name of the result. + value: + $ref: '#/components/schemas/ParamValue' description: >- - Output only. Time at which the request to update the `PipelineRun` - was received. - readOnly: true + Optional. Optionally used to initialize a Task's result with a + Step's result. + id: TaskResult + Location: + type: object + properties: + displayName: type: string - format: google-datetime - annotations: - description: User annotations. See https://google.aip.dev/128#annotations + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + labels: type: object + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} additionalProperties: type: string - workflow: - description: Output only. The Workflow used to create this PipelineRun. - readOnly: true + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' type: string - workerPool: - description: Output only. The WorkerPool used to run this PipelineRun. + name: + type: string + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + description: A resource that represents a Google Cloud location. + id: Location + ListConnectionsResponse: + id: ListConnectionsResponse + type: object + properties: + unreachable: + items: + type: string + description: Locations that could not be reached. + type: array + connections: + description: The list of Connections. + type: array + items: + $ref: '#/components/schemas/Connection' + nextPageToken: + description: A token identifying a page of results the server should return. + type: string + description: Message for response to listing Connections. + PipelineRun: + properties: + provenance: + $ref: '#/components/schemas/Provenance' + description: Optional. Provenance configuration. + finallyStartTime: readOnly: true type: string - pipelineSpec: - description: PipelineSpec defines the desired state of Pipeline. - $ref: '#/components/schemas/PipelineSpec' - pipelineRef: - description: PipelineRef refer to a specific instance of a Pipeline. - $ref: '#/components/schemas/PipelineRef' - pipelineSpecYaml: + format: google-datetime description: >- - Output only. Inline pipelineSpec yaml string, used by workflow run - requests. + Output only. FinallyStartTime is when all non-finally tasks have + been completed and only finally tasks are being executed. +optional + worker: + description: Optional. Worker configuration. + $ref: '#/components/schemas/Worker' + record: + description: >- + Output only. The `Record` of this `PipelineRun`. Format: + `projects/{project}/locations/{location}/results/{result_id}/records/{record_id}` readOnly: true type: string - params: - description: Params is a list of parameter names and values. - type: array - items: - $ref: '#/components/schemas/Param' workspaces: + items: + $ref: '#/components/schemas/WorkspaceBinding' + type: array description: >- Workspaces is a list of WorkspaceBindings from volumes to workspaces. - type: array - items: - $ref: '#/components/schemas/WorkspaceBinding' - serviceAccount: + timeouts: + $ref: '#/components/schemas/TimeoutFields' description: >- - Service account used in the Pipeline. Deprecated; please use - security.service_account instead. - deprecated: true - type: string - pipelineRunStatus: - description: Pipelinerun status the user can provide. Used for cancellation. - type: string - enumDescriptions: - - Default enum type; should not be used. - - Cancelled status. - enum: - - PIPELINE_RUN_STATUS_UNSPECIFIED - - PIPELINE_RUN_CANCELLED + Time after which the Pipeline times out. Currently three keys are + accepted in the map pipeline, tasks and finally with + Timeouts.pipeline >= Timeouts.tasks + Timeouts.finally conditions: + type: array + items: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV2Condition' description: >- Output only. Kubernetes Conditions convention for PipelineRun status and error. readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV2Condition' startTime: + format: google-datetime description: Output only. Time the pipeline is actually started. readOnly: true type: string - format: google-datetime - completionTime: - description: Output only. Time the pipeline completed. - readOnly: true + workerPool: type: string - format: google-datetime - childReferences: - description: >- - Output only. List of TaskRun and Run names and PipelineTask names - for children of this PipelineRun. + description: Output only. The WorkerPool used to run this PipelineRun. + readOnly: true + name: readOnly: true - type: array - items: - $ref: '#/components/schemas/ChildStatusReference' - etag: - description: Needed for declarative-friendly resources. type: string - timeouts: description: >- - Time after which the Pipeline times out. Currently three keys are - accepted in the map pipeline, tasks and finally with - Timeouts.pipeline >= Timeouts.tasks + Timeouts.finally - $ref: '#/components/schemas/TimeoutFields' - skippedTasks: + Output only. The `PipelineRun` name with format + `projects/{project}/locations/{location}/pipelineRuns/{pipeline_run}` + serviceAccount: description: >- - Output only. List of tasks that were skipped due to when expressions - evaluating to false. + Service account used in the Pipeline. Deprecated; please use + security.service_account instead. + type: string + deprecated: true + pipelineSpecYaml: readOnly: true + description: >- + Output only. Inline pipelineSpec yaml string, used by workflow run + requests. + type: string + params: + description: Params is a list of parameter names and values. type: array items: - $ref: '#/components/schemas/SkippedTask' - resolvedPipelineSpec: - description: Output only. The exact PipelineSpec used to instantiate the run. + $ref: '#/components/schemas/Param' + results: readOnly: true - $ref: '#/components/schemas/PipelineSpec' - finallyStartTime: + items: + $ref: '#/components/schemas/PipelineRunResult' description: >- - Output only. FinallyStartTime is when all non-finally tasks have - been completed and only finally tasks are being executed. +optional + Optional. Output only. List of results written out by the pipeline's + containers + type: array + annotations: + additionalProperties: + type: string + type: object + description: User annotations. See https://google.aip.dev/128#annotations + resolvedPipelineSpec: + readOnly: true + description: Output only. The exact PipelineSpec used to instantiate the run. + $ref: '#/components/schemas/PipelineSpec' + skippedTasks: + items: + $ref: '#/components/schemas/SkippedTask' readOnly: true + type: array + description: >- + Output only. List of tasks that were skipped due to when expressions + evaluating to false. + etag: + description: Needed for declarative-friendly resources. type: string - format: google-datetime gcbParams: - description: Output only. GCB default params. - readOnly: true - type: object additionalProperties: type: string - worker: - description: Optional. Worker configuration. - $ref: '#/components/schemas/Worker' + readOnly: true + type: object + description: Output only. GCB default params. + uid: + readOnly: true + type: string + description: Output only. A unique identifier for the `PipelineRun`. + updateTime: + readOnly: true + description: >- + Output only. Time at which the request to update the `PipelineRun` + was received. + format: google-datetime + type: string + childReferences: + items: + $ref: '#/components/schemas/ChildStatusReference' + readOnly: true + type: array + description: >- + Output only. List of TaskRun and Run names and PipelineTask names + for children of this PipelineRun. security: description: Optional. Security configuration. $ref: '#/components/schemas/Security' - provenance: - description: Optional. Provenance configuration. - $ref: '#/components/schemas/Provenance' - record: - description: >- - Output only. The `Record` of this `PipelineRun`. Format: - `projects/{project}/locations/{location}/results/{result_id}/records/{record_id}` + completionTime: + format: google-datetime + description: Output only. Time the pipeline completed. + type: string + readOnly: true + workflow: + type: string + description: Output only. The Workflow used to create this PipelineRun. readOnly: true + pipelineSpec: + description: PipelineSpec defines the desired state of Pipeline. + $ref: '#/components/schemas/PipelineSpec' + pipelineRef: + description: PipelineRef refer to a specific instance of a Pipeline. + $ref: '#/components/schemas/PipelineRef' + createTime: type: string - results: - description: >- - Optional. Output only. List of results written out by the pipeline's - containers + format: google-datetime readOnly: true - type: array - items: - $ref: '#/components/schemas/PipelineRunResult' - PipelineSpec: - id: PipelineSpec - description: PipelineSpec defines the desired state of Pipeline. + description: >- + Output only. Time at which the request to create the `PipelineRun` + was received. + pipelineRunStatus: + enum: + - PIPELINE_RUN_STATUS_UNSPECIFIED + - PIPELINE_RUN_CANCELLED + description: Pipelinerun status the user can provide. Used for cancellation. + type: string + enumDescriptions: + - Default enum type; should not be used. + - Cancelled status. + description: Message describing PipelineRun object + id: PipelineRun + type: object + AuditConfig: + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + id: AuditConfig type: object properties: - tasks: - description: List of Tasks that execute when this Pipeline is run. - type: array - items: - $ref: '#/components/schemas/PipelineTask' - params: - description: List of parameters. - type: array - items: - $ref: '#/components/schemas/ParamSpec' - workspaces: - description: >- - Workspaces declares a set of named workspaces that are expected to - be provided by a PipelineRun. - type: array + auditLogConfigs: items: - $ref: '#/components/schemas/PipelineWorkspaceDeclaration' - finallyTasks: - description: >- - List of Tasks that execute just before leaving the Pipeline i.e. - either after all Tasks are finished executing successfully or after - a failure which would result in ending the Pipeline. + $ref: '#/components/schemas/AuditLogConfig' type: array - items: - $ref: '#/components/schemas/PipelineTask' - generatedYaml: + description: The configuration for logging of each type of permission. + service: + type: string description: >- - Output only. auto-generated yaml that is output only for display - purpose for workflows using pipeline_spec, used by UI/gcloud cli for - Workflows. - readOnly: true + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + OAuthCredential: + properties: + oauthTokenSecretVersion: type: string - results: description: >- - Optional. Output only. List of results written out by the pipeline's - containers + Optional. A SecretManager resource containing the OAuth token that + authorizes the Cloud Build connection. Format: + `projects/*/secrets/*/versions/*`. + username: readOnly: true - type: array - items: - $ref: '#/components/schemas/PipelineResult' - PipelineTask: - id: PipelineTask - description: PipelineTask defines a task in a Pipeline. + description: Output only. The username associated to this token. + type: string + id: OAuthCredential type: object + description: >- + Represents an OAuth token of the account that authorized the Connection, + and associated metadata. + Param: + id: Param properties: + value: + description: Value of the parameter. + $ref: '#/components/schemas/ParamValue' name: - description: Name of the task. type: string - taskSpec: - description: Spec to instantiate this TaskRun. - $ref: '#/components/schemas/EmbeddedTask' - taskRef: - description: Reference to a specific instance of a task. - $ref: '#/components/schemas/TaskRef' - whenExpressions: - description: Conditions that need to be true for the task to run. - type: array - items: - $ref: '#/components/schemas/WhenExpression' - params: - description: Params is a list of parameter names and values. - type: array - items: - $ref: '#/components/schemas/Param' - workspaces: - description: >- - Workspaces maps workspaces from the pipeline spec to the workspaces - declared in the Task. + description: Name of the parameter. + description: >- + Param defined with name and value. PipelineRef can be used to refer to a + specific instance of a Pipeline. + type: object + Security: + id: Security + type: object + description: Security configuration. + properties: + serviceAccount: + description: IAM service account whose credentials will be used at runtime. + type: string + privilegeMode: + description: Optional. Privilege mode. + type: string + enumDescriptions: + - Default to PRIVILEGED. + - Privileged mode. + - Unprivileged mode. + enum: + - PRIVILEGE_MODE_UNSPECIFIED + - PRIVILEGED + - UNPRIVILEGED + deprecated: true + ListRepositoriesResponse: + description: Message for response to listing Repositories. + type: object + id: ListRepositoriesResponse + properties: + repositories: type: array items: - $ref: '#/components/schemas/WorkspacePipelineTaskBinding' - runAfter: - description: >- - RunAfter is the list of PipelineTask names that should be executed - before this Task executes. (Used to force a specific ordering in - graph execution.) - type: array + $ref: '#/components/schemas/Repository' + description: The list of Repositories. + unreachable: + description: Locations that could not be reached. items: type: string - retries: + type: array + nextPageToken: + description: A token identifying a page of results the server should return. + type: string + UserCredential: + type: object + id: UserCredential + properties: + userTokenSecretVersion: description: >- - Retries represents how many times this task should be retried in - case of task failure. - type: integer - format: int32 - timeout: - description: >- - Time after which the TaskRun times out. Defaults to 1 hour. - Specified TaskRun timeout should be less than 24h. + Required. A SecretManager resource containing the user token that + authorizes the Cloud Build connection. Format: + `projects/*/secrets/*/versions/*`. type: string - format: google-duration - EmbeddedTask: - id: EmbeddedTask - description: EmbeddedTask defines a Task that is embedded in a Pipeline. + username: + readOnly: true + type: string + description: Output only. The username associated to this token. + description: >- + Represents a personal access token that authorized the Connection, and + associated metadata. + EmptyDirVolumeSource: + type: object + id: EmptyDirVolumeSource + properties: {} + description: Represents an empty Volume source. + FetchReadWriteTokenRequest: type: object + properties: {} + description: Message for fetching SCM read/write token. + id: FetchReadWriteTokenRequest + RunWorkflowCustomOperationMetadata: properties: - annotations: - description: User annotations. See https://google.aip.dev/128#annotations - type: object - additionalProperties: - type: string - taskSpec: - description: Spec to instantiate this TaskRun. - $ref: '#/components/schemas/TaskSpec' - TaskSpec: - id: TaskSpec - description: TaskSpec contains the Spec to instantiate a TaskRun. + target: + type: string + readOnly: true + description: >- + Output only. Server-defined resource path for the target of the + operation. + pipelineRunId: + description: Output only. ID of the pipeline run created by RunWorkflow. + type: string + readOnly: true + apiVersion: + type: string + description: Output only. API version used to start the operation. + readOnly: true + endTime: + readOnly: true + type: string + description: Output only. The time the operation finished running. + format: google-datetime + verb: + type: string + description: Output only. Name of the verb executed by the operation. + readOnly: true + requestedCancellation: + readOnly: true + description: >- + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. + type: boolean + createTime: + readOnly: true + description: Output only. The time the operation was created. + format: google-datetime + type: string + id: RunWorkflowCustomOperationMetadata + description: >- + Represents the custom metadata of the RunWorkflow long-running + operation. type: object + TaskSpec: properties: - params: - description: List of parameters. - type: array - items: - $ref: '#/components/schemas/ParamSpec' steps: + items: + $ref: '#/components/schemas/Step' description: Steps of the task. type: array + sidecars: + type: array items: - $ref: '#/components/schemas/Step' + $ref: '#/components/schemas/Sidecar' + description: Sidecars that run alongside the Task's step containers. + params: + items: + $ref: '#/components/schemas/ParamSpec' + type: array + description: List of parameters. results: description: Values that this Task can output. type: array items: $ref: '#/components/schemas/TaskResult' - workspaces: - description: The volumes that this Task requires. - type: array + managedSidecars: + description: >- + Sidecars that run alongside the Task’s step containers that should + be added to this Task. items: - $ref: '#/components/schemas/WorkspaceDeclaration' + type: string + enum: + - MANAGED_SIDECAR_UNSPECIFIED + - PRIVILEGED_DOCKER_DAEMON + enumDescriptions: + - Default enum type; should not be used. + - Sidecar for a privileged docker daemon. + type: array description: description: Description of the task. type: string - sidecars: - description: Sidecars that run alongside the Task's step containers. - type: array - items: - $ref: '#/components/schemas/Sidecar' volumes: description: A collection of volumes that are available to mount into steps. type: array items: $ref: '#/components/schemas/VolumeSource' - managedSidecars: - description: >- - Sidecars that run alongside the Task’s step containers that should - be added to this Task. + workspaces: type: array + description: The volumes that this Task requires. items: - type: string - enumDescriptions: - - Default enum type; should not be used. - - Sidecar for a privileged docker daemon. - enum: - - MANAGED_SIDECAR_UNSPECIFIED - - PRIVILEGED_DOCKER_DAEMON + $ref: '#/components/schemas/WorkspaceDeclaration' stepTemplate: description: >- Optional. StepTemplate can be used as the basis for all step containers within the Task, so that the steps inherit settings on the base container. $ref: '#/components/schemas/StepTemplate' - ParamSpec: - id: ParamSpec - description: >- - ParamSpec defines parameters needed beyond typed inputs (such as - resources). Parameter values are provided by users as inputs on a - TaskRun or PipelineRun. + id: TaskSpec + description: TaskSpec contains the Spec to instantiate a TaskRun. type: object + Connection: properties: name: - description: Name of the ParamSpec - type: string - description: - description: Description of the ParamSpec - type: string - type: - description: Type of ParamSpec - type: string - enumDescriptions: - - Default enum type; should not be used. - - Default - - Array type. - - Object type. - enum: - - TYPE_UNSPECIFIED - - STRING - - ARRAY - - OBJECT - default: - description: The default value a parameter takes if no input value is supplied - $ref: '#/components/schemas/ParamValue' - ParamValue: - id: ParamValue - description: Parameter value. - type: object - properties: - type: - description: Type of parameter. + description: >- + Immutable. The resource name of the connection, in the format + `projects/{project}/locations/{location}/connections/{connection_id}`. type: string - enumDescriptions: - - Default enum type; should not be used. - - Default - - Array type - - Object type - enum: - - TYPE_UNSPECIFIED - - STRING - - ARRAY - - OBJECT - stringVal: - description: Value of the parameter if type is string. + etag: type: string - arrayVal: - description: Value of the parameter if type is array. - type: array - items: - type: string - objectVal: - description: Optional. Value of the parameter if type is object. + description: >- + This checksum is computed by the server based on the value of other + fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. + bitbucketDataCenterConfig: + description: Configuration for connections to Bitbucket Data Center. + $ref: '#/components/schemas/BitbucketDataCenterConfig' + gitlabConfig: + description: >- + Configuration for connections to gitlab.com or an instance of GitLab + Enterprise. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV2GitLabConfig' + bitbucketCloudConfig: + description: Configuration for connections to Bitbucket Cloud. + $ref: '#/components/schemas/BitbucketCloudConfig' + annotations: + description: Optional. Allows clients to store small amounts of arbitrary data. type: object additionalProperties: type: string - Step: - id: Step - description: >- - Step embeds the Container type, which allows it to include fields not - provided by Container. - type: object - properties: - name: - description: Name of the container specified as a DNS_LABEL. + createTime: + description: >- + Output only. Server assigned timestamp for when the connection was + created. + format: google-datetime + readOnly: true type: string - image: - description: Docker image name. + disabled: + type: boolean + description: >- + Optional. If disabled is set to true, functionality is disabled for + this connection. Repository based API methods and webhooks + processing for repositories in this connection will be disabled. + installationState: + description: Output only. Installation state of the Connection. + $ref: '#/components/schemas/InstallationState' + readOnly: true + githubEnterpriseConfig: + description: Configuration for connections to an instance of GitHub Enterprise. + $ref: >- + #/components/schemas/GoogleDevtoolsCloudbuildV2GitHubEnterpriseConfig + updateTime: + description: >- + Output only. Server assigned timestamp for when the connection was + updated. + format: google-datetime + readOnly: true type: string - args: - description: Arguments to the entrypoint. - type: array - items: - type: string - command: - description: Entrypoint array. - type: array - items: - type: string - workingDir: - description: Container's working directory. + reconciling: + readOnly: true + type: boolean + description: >- + Output only. Set to true when the connection is being set up or + updated in the background. + githubConfig: + description: Configuration for connections to github.com. + $ref: '#/components/schemas/GitHubConfig' + id: Connection + description: >- + A connection to a SCM like GitHub, GitHub Enterprise, Bitbucket Data + Center, Bitbucket Cloud or GitLab. + type: object + BitbucketDataCenterConfig: + properties: + readAuthorizerCredential: + description: Required. A http access token with the `REPO_READ` access. + $ref: '#/components/schemas/UserCredential' + hostUri: type: string - env: - description: List of environment variables to set in the container. - type: array - items: - $ref: '#/components/schemas/EnvVar' - script: - description: The contents of an executable file to execute. + description: >- + Required. The URI of the Bitbucket Data Center instance or cluster + this connection is for. + webhookSecretSecretVersion: + description: >- + Required. Immutable. SecretManager resource containing the webhook + secret used to verify webhook events, formatted as + `projects/*/secrets/*/versions/*`. type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. - type: array - items: - $ref: '#/components/schemas/VolumeMount' - timeout: - description: Time after which the Step times out. Defaults to never. + authorizerCredential: + description: Required. A http access token with the `REPO_ADMIN` scope access. + $ref: '#/components/schemas/UserCredential' + serverVersion: type: string - format: google-duration - securityContext: - description: >- - Optional. SecurityContext defines the security options the Step - should be run with. If set, the fields of SecurityContext override - the equivalent fields of PodSecurityContext. More info: - https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ - +optional - $ref: '#/components/schemas/SecurityContext' - ref: - description: Optional. Optional reference to a remote StepAction. - $ref: '#/components/schemas/StepRef' - params: - description: Optional. Optional parameters passed to the StepAction. - type: array - items: - $ref: '#/components/schemas/Param' - onError: + readOnly: true description: >- - Optional. OnError defines the exiting behavior on error can be set - to [ continue | stopAndFail ] + Output only. Version of the Bitbucket Data Center running on the + `host_uri`. + sslCa: type: string - enumDescriptions: - - Default enum type; should not be used. - - >- - StopAndFail indicates exit if the step/task exits with non-zero - exit code - - >- - Continue indicates continue executing the rest of the steps/tasks - irrespective of the exit code - enum: - - ON_ERROR_TYPE_UNSPECIFIED - - STOP_AND_FAIL - - CONTINUE - EnvVar: - id: EnvVar - description: Environment variable. + description: >- + Optional. SSL certificate to use for requests to the Bitbucket Data + Center. + serviceDirectoryConfig: + description: >- + Optional. Configuration for using Service Directory to privately + connect to a Bitbucket Data Center. This should only be set if the + Bitbucket Data Center is hosted on-premises and not reachable by + public internet. If this field is left empty, calls to the Bitbucket + Data Center will be made over the public internet. + $ref: >- + #/components/schemas/GoogleDevtoolsCloudbuildV2ServiceDirectoryConfig + description: Configuration for connections to Bitbucket Data Center. + id: BitbucketDataCenterConfig + type: object + TestIamPermissionsRequest: type: object + id: TestIamPermissionsRequest + description: Request message for `TestIamPermissions` method. properties: - name: - description: Name of the environment variable. - type: string - value: - description: Value of the environment variable. - type: string - VolumeMount: - id: VolumeMount - description: Pod volumes to mount into the container's filesystem. + permissions: + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + items: + type: string + type: array + WorkspaceBinding: type: object + id: WorkspaceBinding + description: >- + WorkspaceBinding maps a workspace to a Volume. PipelineRef can be used + to refer to a specific instance of a Pipeline. properties: name: - description: Name of the volume. - type: string - readOnly: - description: >- - Mounted read-only if true, read-write otherwise (false or - unspecified). - type: boolean - mountPath: - description: >- - Path within the container at which the volume should be mounted. - Must not contain ':'. type: string + description: Name of the workspace. + secret: + $ref: '#/components/schemas/SecretVolumeSource' + description: Secret Volume Source. subPath: description: >- - Path within the volume from which the container's volume should be - mounted. Defaults to "" (volume's root). - type: string - subPathExpr: - description: >- - Expanded path within the volume from which the container's volume - should be mounted. Behaves similarly to SubPath but environment - variable references $(VAR_NAME) are expanded using the container's - environment. Defaults to "" (volume's root). + Optional. SubPath is optionally a directory on the volume which + should be used for this binding (i.e. the volume will be mounted at + this sub directory). +optional type: string - SecurityContext: - id: SecurityContext - description: Security options the container should be run with. - type: object + PipelineWorkspaceDeclaration: properties: - privileged: - description: Run container in privileged mode. - type: boolean - runAsUser: + description: description: >- - Optional. The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. May - also be set in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext takes - precedence. Note that this field cannot be set when spec.os.name is - windows. +optional + Description is a human readable string describing how the workspace + will be used in the Pipeline. type: string - format: int64 - runAsGroup: - description: >- - Optional. The GID to run the entrypoint of the container process. - Uses runtime default if unset. May also be set in - PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes - precedence. Note that this field cannot be set when spec.os.name is - windows. +optional + name: type: string - format: int64 - runAsNonRoot: - description: >- - Optional. Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure - that it does not run as UID 0 (root) and fail to start the container - if it does. If unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both - SecurityContext and PodSecurityContext, the value specified in - SecurityContext takes precedence. +optional + description: Name is the name of a workspace to be provided by a PipelineRun. + optional: type: boolean - allowPrivilegeEscalation: description: >- - Optional. AllowPrivilegeEscalation controls whether a process can - gain more privileges than its parent process. This bool directly - controls if the no_new_privs flag will be set on the container - process. AllowPrivilegeEscalation is true always when the container - is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field - cannot be set when spec.os.name is windows. +optional - type: boolean - StepRef: - id: StepRef - description: A reference to a remote Step, i.e. a StepAction. + Optional marks a Workspace as not being required in PipelineRuns. By + default this field is false and so declared workspaces are required. + id: PipelineWorkspaceDeclaration type: object - properties: - name: - description: Optional. Name of the step. - type: string - resolver: - description: Optional. Type of the resolver. - type: string - enumDescriptions: - - Default enum type; should not be used. - - >- - Bundles resolver. - https://tekton.dev/docs/pipelines/bundle-resolver/ - - GCB repo resolver. - - >- - Simple Git resolver. - https://tekton.dev/docs/pipelines/git-resolver/ - - Developer Connect resolver. - - Default resolver. - enum: - - RESOLVER_NAME_UNSPECIFIED - - BUNDLES - - GCB_REPO - - GIT - - DEVELOPER_CONNECT - - DEFAULT - params: - description: Optional. Parameters used to control the resolution. - type: array - items: - $ref: '#/components/schemas/Param' - Param: - id: Param description: >- - Param defined with name and value. PipelineRef can be used to refer to a - specific instance of a Pipeline. + Workspaces declares a set of named workspaces that are expected to be + provided by a PipelineRun. + BatchCreateRepositoriesResponse: type: object + id: BatchCreateRepositoriesResponse properties: - name: - description: Name of the parameter. - type: string - value: - description: Value of the parameter. - $ref: '#/components/schemas/ParamValue' - TaskResult: - id: TaskResult - description: TaskResult is used to describe the results of a task. - type: object + repositories: + description: Repository resources created. + type: array + items: + $ref: '#/components/schemas/Repository' + description: Message for response of creating repositories in batch. + EmbeddedTask: + description: EmbeddedTask defines a Task that is embedded in a Pipeline. properties: - name: - description: Name of the result. - type: string - description: - description: Description of the result. - type: string - type: - description: The type of data that the result holds. - type: string - enumDescriptions: - - Default enum type; should not be used. - - Default - - Array type - - Object type - enum: - - TYPE_UNSPECIFIED - - STRING - - ARRAY - - OBJECT - properties: - description: >- - When type is OBJECT, this map holds the names of fields inside that - object along with the type of data each field holds. - type: object + taskSpec: + description: Spec to instantiate this TaskRun. + $ref: '#/components/schemas/TaskSpec' + annotations: additionalProperties: - $ref: '#/components/schemas/PropertySpec' - value: - description: >- - Optional. Optionally used to initialize a Task's result with a - Step's result. - $ref: '#/components/schemas/ParamValue' - PropertySpec: - id: PropertySpec - description: PropertySpec holds information about a property in an object. - type: object - properties: - type: - description: A type for the object. - type: string - enumDescriptions: - - Default enum type; should not be used. - - Default - enum: - - TYPE_UNSPECIFIED - - STRING - WorkspaceDeclaration: - id: WorkspaceDeclaration - description: WorkspaceDeclaration is a declaration of a volume that a Task requires. - type: object - properties: - name: - description: Name is the name by which you can bind the volume at runtime. - type: string - description: - description: Description is a human readable description of this volume. - type: string - mountPath: - description: >- - MountPath overrides the directory that the volume will be made - available at. - type: string - readOnly: - description: ReadOnly dictates whether a mounted volume is writable. - type: boolean - optional: - description: >- - Optional. Optional marks a Workspace as not being required in - TaskRuns. By default this field is false and so declared workspaces - are required. - type: boolean - Sidecar: - id: Sidecar - description: Sidecars run alongside the Task's step containers. + type: string + type: object + description: User annotations. See https://google.aip.dev/128#annotations type: object + id: EmbeddedTask + HttpBody: + id: HttpBody properties: - name: - description: Name of the Sidecar. - type: string - image: - description: Docker image name. - type: string - args: - description: Arguments to the entrypoint. - type: array - items: - type: string - command: - description: Entrypoint array. - type: array - items: - type: string - workingDir: - description: Container's working directory. - type: string - env: - description: List of environment variables to set in the container. + extensions: type: array + description: >- + Application specific response metadata. Must be set in the first + response for streaming APIs. items: - $ref: '#/components/schemas/EnvVar' - script: - description: The contents of an executable file to execute. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + contentType: type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. - type: array - items: - $ref: '#/components/schemas/VolumeMount' - securityContext: - description: Optional. Security options the container should be run with. - $ref: '#/components/schemas/SecurityContext' - readinessProbe: description: >- - Optional. Periodic probe of Sidecar service readiness. Container - will be removed from service endpoints if the probe fails. Cannot be - updated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - +optional - $ref: '#/components/schemas/Probe' - Probe: - id: Probe + The HTTP Content-Type header value specifying the content type of + the body. + data: + description: The HTTP request/response body as raw binary. + type: string + format: byte description: >- - Probe describes a health check to be performed against a container to - determine whether it is alive or ready to receive traffic. - type: object - properties: - exec: - description: Optional. Exec specifies the action to take. +optional - $ref: '#/components/schemas/ExecAction' - periodSeconds: - description: >- - Optional. How often (in seconds) to perform the probe. Default to 10 - seconds. Minimum value is 1. +optional - type: integer - format: int32 - ExecAction: - id: ExecAction - description: ExecAction describes a "run in container" action. + Message that represents an arbitrary HTTP body. It should only be used + for payload formats that can't be represented as JSON, such as raw + binary or an HTML page. This message can be used both in streaming and + non-streaming API methods in the request as well as the response. It can + be used as a top-level request field, which is convenient if one wants + to extract parameters from either the URL or HTTP template into the + request fields and also want access to the raw HTTP body. Example: + message GetResourceRequest { // A unique request id. string request_id = + 1; // The raw HTTP body is bound to this field. google.api.HttpBody + http_body = 2; } service ResourceService { rpc + GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc + UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } + Example with streaming methods: service CaldavService { rpc + GetCalendar(stream google.api.HttpBody) returns (stream + google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) + returns (stream google.api.HttpBody); } Use of this type only changes + how the request and response bodies are handled, all other features will + continue to work unchanged. type: object - properties: - command: - description: >- - Optional. Command is the command line to execute inside the - container, the working directory for the command is root ('/') in - the container's filesystem. The command is simply exec'd, it is not - run inside a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly call out to that - shell. Exit status of 0 is treated as live/healthy and non-zero is - unhealthy. +optional - type: array - items: - type: string - VolumeSource: - id: VolumeSource - description: Volumes available to mount. + Worker: type: object properties: - name: - description: >- - Name of the Volume. Must be a DNS_LABEL and unique within the pod. - More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + machineType: + description: Optional. Machine type of a worker, default is "e2-standard-2". type: string - emptyDir: - description: A temporary directory that shares a pod's lifetime. - $ref: '#/components/schemas/EmptyDirVolumeSource' - EmptyDirVolumeSource: - id: EmptyDirVolumeSource - description: Represents an empty Volume source. - type: object - properties: {} - StepTemplate: - id: StepTemplate - description: >- - StepTemplate can be used as the basis for all step containers within the - Task, so that the steps inherit settings on the base container. - type: object - properties: - env: - description: >- - Optional. List of environment variables to set in the Step. Cannot - be updated. - type: array - items: - $ref: '#/components/schemas/EnvVar' - volumeMounts: - description: Optional. Pod volumes to mount into the container's filesystem. - type: array - items: - $ref: '#/components/schemas/VolumeMount' - TaskRef: - id: TaskRef - description: >- - TaskRef can be used to refer to a specific instance of a task. - PipelineRef can be used to refer to a specific instance of a Pipeline. + description: Configuration for the worker. + id: Worker + PipelineRef: type: object + id: PipelineRef properties: - name: - description: Optional. Name of the task. - type: string resolver: description: >- Resolver is the name of the resolver that should perform resolution of the referenced Tekton resource. + enum: + - RESOLVER_NAME_UNSPECIFIED + - BUNDLES + - GCB_REPO + - GIT + - DEVELOPER_CONNECT + - DEFAULT type: string enumDescriptions: - Default enum type; should not be used. @@ -2022,164 +2037,257 @@ components: https://tekton.dev/docs/pipelines/git-resolver/ - Developer Connect resolver. - Default resolver. - enum: - - RESOLVER_NAME_UNSPECIFIED - - BUNDLES - - GCB_REPO - - GIT - - DEVELOPER_CONNECT - - DEFAULT + name: + description: Optional. Name of the Pipeline. + type: string params: + type: array + items: + $ref: '#/components/schemas/Param' description: >- Params contains the parameters used to identify the referenced Tekton resource. Example entries might include "repo" or "path" but the set of params ultimately depends on the chosen resolver. - type: array - items: - $ref: '#/components/schemas/Param' - WhenExpression: - id: WhenExpression - description: Conditions that need to be true for the task to run. - type: object + description: PipelineRef can be used to refer to a specific instance of a Pipeline. + ChildStatusReference: properties: - input: - description: >- - Input is the string for guard checking which can be a static input - or an output from a parent Task. + name: type: string - expressionOperator: - description: Operator that represents an Input's relationship to the values + description: Name is the name of the TaskRun or Run this is referencing. + pipelineTaskName: + description: >- + PipelineTaskName is the name of the PipelineTask this is + referencing. type: string + type: + description: Output only. Type of the child reference. enumDescriptions: - Default enum type; should not be used. - - Input is in values. - - Input is not in values. + - TaskRun. + readOnly: true + type: string enum: - - EXPRESSION_OPERATOR_UNSPECIFIED - - IN - - NOT_IN - values: - description: >- - Values is an array of strings, which is compared against the input, - for guard checking. + - TYPE_UNSPECIFIED + - TASK_RUN + whenExpressions: type: array + description: >- + WhenExpressions is the list of checks guarding the execution of the + PipelineTask items: - type: string - WorkspacePipelineTaskBinding: - id: WorkspacePipelineTaskBinding - description: >- - WorkspacePipelineTaskBinding maps workspaces from the PipelineSpec to - the workspaces declared in the Task. + $ref: '#/components/schemas/WhenExpression' + id: ChildStatusReference type: object + description: >- + ChildStatusReference is used to point to the statuses of individual + TaskRuns and Runs within this PipelineRun. + ResultValue: + description: ResultValue holds different types of data for a single result. properties: - name: - description: Name of the workspace as declared by the task. - type: string - workspace: - description: Name of the workspace declared by the pipeline. + arrayVal: + items: + type: string + type: array + description: Value of the result if type is array. + objectVal: + type: object + additionalProperties: + type: string + description: Value of the result if type is object. + type: type: string - subPath: - description: >- - Optional. SubPath is optionally a directory on the volume which - should be used for this binding (i.e. the volume will be mounted at - this sub directory). +optional + description: Output only. The type of data that the result holds. + enum: + - TYPE_UNSPECIFIED + - STRING + - ARRAY + - OBJECT + readOnly: true + enumDescriptions: + - Default enum type; should not be used. + - Default + - Array type + - Object type + stringVal: type: string - PipelineWorkspaceDeclaration: - id: PipelineWorkspaceDeclaration - description: >- - Workspaces declares a set of named workspaces that are expected to be - provided by a PipelineRun. + description: Value of the result if type is string. + id: ResultValue + type: object + BatchCreateRepositoriesRequest: + id: BatchCreateRepositoriesRequest + description: Message for creating repositoritories in batch. type: object properties: - name: - description: Name is the name of a workspace to be provided by a PipelineRun. - type: string - description: + requests: description: >- - Description is a human readable string describing how the workspace - will be used in the Pipeline. + Required. The request messages specifying the repositories to + create. + items: + $ref: '#/components/schemas/CreateRepositoryRequest' + type: array + GitHubConfig: + description: Configuration for connections to github.com. + type: object + properties: + appInstallationId: type: string - optional: + description: Optional. GitHub App installation id. + format: int64 + authorizerCredential: description: >- - Optional marks a Workspace as not being required in PipelineRuns. By - default this field is false and so declared workspaces are required. - type: boolean - PipelineResult: - id: PipelineResult - description: A value produced by a Pipeline. + Optional. OAuth credential of the account that authorized the Cloud + Build GitHub App. It is recommended to use a robot account instead + of a human user account. The OAuth token must be tied to the Cloud + Build GitHub App. + $ref: '#/components/schemas/OAuthCredential' + id: GitHubConfig + FetchGitRefsResponse: + description: Response for fetching git refs type: object properties: - name: - description: Output only. Name of the result. - readOnly: true - type: string - description: - description: Output only. Description of the result. - readOnly: true + refNames: + description: Name of the refs fetched. + items: + type: string + type: array + nextPageToken: + description: A token identifying a page of results the server should return. type: string - type: - description: Output only. The type of data that the result holds. - readOnly: true + id: FetchGitRefsResponse + Policy: + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + id: Policy + type: object + properties: + etag: + format: byte type: string - enumDescriptions: - - Default enum type; should not be used. - - Default - - Array type - - Object type - enum: - - TYPE_UNSPECIFIED - - STRING - - ARRAY - - OBJECT - value: - description: Output only. Value of the result. - readOnly: true - $ref: '#/components/schemas/ResultValue' - ResultValue: - id: ResultValue - description: ResultValue holds different types of data for a single result. + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + auditConfigs: + items: + $ref: '#/components/schemas/AuditConfig' + type: array + description: Specifies cloud audit logging configuration for this policy. + version: + type: integer + format: int32 + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + bindings: + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + items: + $ref: '#/components/schemas/Binding' + type: array + Status: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). type: object + id: Status properties: - stringVal: - description: Value of the result if type is string. - type: string - arrayVal: - description: Value of the result if type is array. + details: type: array + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. items: - type: string - objectVal: - description: Value of the result if type is object. - type: object - additionalProperties: - type: string - type: - description: Output only. The type of data that the result holds. - readOnly: true + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + code: + format: int32 + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - enumDescriptions: - - Default enum type; should not be used. - - Default - - Array type - - Object type - enum: - - TYPE_UNSPECIFIED - - STRING - - ARRAY - - OBJECT - PipelineRef: - id: PipelineRef - description: PipelineRef can be used to refer to a specific instance of a Pipeline. - type: object + StepRef: + id: StepRef properties: - name: - description: Optional. Name of the Pipeline. - type: string + params: + items: + $ref: '#/components/schemas/Param' + description: Optional. Parameters used to control the resolution. + type: array resolver: - description: >- - Resolver is the name of the resolver that should perform resolution - of the referenced Tekton resource. - type: string enumDescriptions: - Default enum type; should not be used. - >- @@ -2191,6 +2299,8 @@ components: https://tekton.dev/docs/pipelines/git-resolver/ - Developer Connect resolver. - Default resolver. + description: Optional. Type of the resolver. + type: string enum: - RESOLVER_NAME_UNSPECIFIED - BUNDLES @@ -2198,314 +2308,213 @@ components: - GIT - DEVELOPER_CONNECT - DEFAULT - params: - description: >- - Params contains the parameters used to identify the referenced - Tekton resource. Example entries might include "repo" or "path" but - the set of params ultimately depends on the chosen resolver. - type: array - items: - $ref: '#/components/schemas/Param' - WorkspaceBinding: - id: WorkspaceBinding - description: >- - WorkspaceBinding maps a workspace to a Volume. PipelineRef can be used - to refer to a specific instance of a Pipeline. - type: object - properties: name: - description: Name of the workspace. - type: string - secret: - description: Secret Volume Source. - $ref: '#/components/schemas/SecretVolumeSource' - subPath: - description: >- - Optional. SubPath is optionally a directory on the volume which - should be used for this binding (i.e. the volume will be mounted at - this sub directory). +optional + description: Optional. Name of the step. type: string - SecretVolumeSource: - id: SecretVolumeSource - description: Secret Volume Source. type: object - properties: - secretName: - description: Name of the secret referenced by the WorkspaceBinding. - type: string - secretVersion: - description: >- - Optional. Resource name of the SecretVersion. In format: - projects/*/secrets/*/versions/* - type: string - GoogleDevtoolsCloudbuildV2Condition: - id: GoogleDevtoolsCloudbuildV2Condition - description: Conditions defines a readiness condition for a Knative resource. + description: A reference to a remote Step, i.e. a StepAction. + ParamValue: + description: Parameter value. + id: ParamValue type: object properties: + arrayVal: + type: array + items: + type: string + description: Value of the parameter if type is array. type: - description: Type of condition. - type: string - status: - description: Status of the condition. - type: string - enumDescriptions: - - Default enum type indicating execution is still ongoing. - - Success - - Failure enum: - - UNKNOWN - - 'TRUE' - - 'FALSE' - severity: - description: Severity with which to treat failures of this type of condition. + - TYPE_UNSPECIFIED + - STRING + - ARRAY + - OBJECT type: string enumDescriptions: - Default enum type; should not be used. - - Severity is warning. - - Severity is informational only. - enum: - - SEVERITY_UNSPECIFIED - - WARNING - - INFO - lastTransitionTime: - description: >- - LastTransitionTime is the last time the condition transitioned from - one status to another. - type: string - format: google-datetime - reason: - description: The reason for the condition's last transition. - type: string - message: - description: A human readable message indicating details about the transition. + - Default + - Array type + - Object type + description: Type of parameter. + objectVal: + type: object + description: Optional. Value of the parameter if type is object. + additionalProperties: + type: string + stringVal: + description: Value of the parameter if type is string. type: string - ChildStatusReference: - id: ChildStatusReference - description: >- - ChildStatusReference is used to point to the statuses of individual - TaskRuns and Runs within this PipelineRun. - type: object + WorkspaceDeclaration: properties: - name: - description: Name is the name of the TaskRun or Run this is referencing. - type: string - pipelineTaskName: - description: >- - PipelineTaskName is the name of the PipelineTask this is - referencing. + description: type: string - whenExpressions: + description: Description is a human readable description of this volume. + readOnly: + type: boolean + description: ReadOnly dictates whether a mounted volume is writable. + optional: + type: boolean description: >- - WhenExpressions is the list of checks guarding the execution of the - PipelineTask - type: array - items: - $ref: '#/components/schemas/WhenExpression' - type: - description: Output only. Type of the child reference. - readOnly: true - type: string - enumDescriptions: - - Default enum type; should not be used. - - TaskRun. - enum: - - TYPE_UNSPECIFIED - - TASK_RUN - TimeoutFields: - id: TimeoutFields - description: >- - TimeoutFields allows granular specification of pipeline, task, and - finally timeouts - type: object - properties: - pipeline: + Optional. Optional marks a Workspace as not being required in + TaskRuns. By default this field is false and so declared workspaces + are required. + mountPath: description: >- - Pipeline sets the maximum allowed duration for execution of the - entire pipeline. The sum of individual timeouts for tasks and - finally must not exceed this value. - type: string - format: google-duration - tasks: - description: Tasks sets the maximum allowed duration of this pipeline's tasks + MountPath overrides the directory that the volume will be made + available at. type: string - format: google-duration - finally: - description: Finally sets the maximum allowed duration of this pipeline's finally + name: + description: Name is the name by which you can bind the volume at runtime. type: string - format: google-duration - SkippedTask: - id: SkippedTask - description: >- - SkippedTask is used to describe the Tasks that were skipped due to their - When Expressions evaluating to False. + description: WorkspaceDeclaration is a declaration of a volume that a Task requires. + id: WorkspaceDeclaration + type: object + PipelineSpec: type: object + description: PipelineSpec defines the desired state of Pipeline. properties: - name: - description: Name is the Pipeline Task name - type: string - whenExpressions: + results: description: >- - WhenExpressions is the list of checks guarding the execution of the - PipelineTask + Optional. Output only. List of results written out by the pipeline's + containers + type: array + readOnly: true + items: + $ref: '#/components/schemas/PipelineResult' + finallyTasks: + description: >- + List of Tasks that execute just before leaving the Pipeline i.e. + either after all Tasks are finished executing successfully or after + a failure which would result in ending the Pipeline. + items: + $ref: '#/components/schemas/PipelineTask' + type: array + tasks: + description: List of Tasks that execute when this Pipeline is run. + items: + $ref: '#/components/schemas/PipelineTask' type: array + workspaces: items: - $ref: '#/components/schemas/WhenExpression' - reason: - description: Output only. Reason is the cause of the PipelineTask being skipped. + $ref: '#/components/schemas/PipelineWorkspaceDeclaration' + type: array + description: >- + Workspaces declares a set of named workspaces that are expected to + be provided by a PipelineRun. + generatedYaml: readOnly: true + description: >- + Output only. auto-generated yaml that is output only for display + purpose for workflows using pipeline_spec, used by UI/gcloud cli for + Workflows. type: string - Worker: - id: Worker - description: Configuration for the worker. - type: object - properties: - machineType: - description: Optional. Machine type of a worker, default is "e2-standard-2". - type: string - Security: - id: Security - description: Security configuration. - type: object + params: + description: List of parameters. + items: + $ref: '#/components/schemas/ParamSpec' + type: array + id: PipelineSpec + ExecAction: properties: - serviceAccount: - description: IAM service account whose credentials will be used at runtime. - type: string - privilegeMode: - description: Optional. Privilege mode. - deprecated: true - type: string - enumDescriptions: - - Default to PRIVILEGED. - - Privileged mode. - - Unprivileged mode. - enum: - - PRIVILEGE_MODE_UNSPECIFIED - - PRIVILEGED - - UNPRIVILEGED - Provenance: - id: Provenance - description: Provenance configuration. + command: + items: + type: string + description: >- + Optional. Command is the command line to execute inside the + container, the working directory for the command is root ('/') in + the container's filesystem. The command is simply exec'd, it is not + run inside a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly call out to that + shell. Exit status of 0 is treated as live/healthy and non-zero is + unhealthy. +optional + type: array + description: ExecAction describes a "run in container" action. + id: ExecAction type: object + TestIamPermissionsResponse: + description: Response message for `TestIamPermissions` method. properties: - enabled: - description: Optional. Provenance push mode. - type: string - enumDescriptions: - - Default to disabled (before AA regionalization), optimistic after - - Provenance failures would fail the run - - >- - GCB will attempt to push to artifact analaysis and build state - would not be impacted by the push failures. - - Disable the provenance push entirely. - enum: - - ENABLED_UNSPECIFIED - - REQUIRED - - OPTIMISTIC - - DISABLED - storage: - description: Optional. Where provenance is stored. - type: string - enumDescriptions: - - Default PREFER_ARTIFACT_PROJECT. - - >- - GCB will attempt to push provenance to the artifact project. If it - is not available, fallback to build project. - - Only push to artifact project. - - Only push to build project. - enum: - - STORAGE_UNSPECIFIED - - PREFER_ARTIFACT_PROJECT - - ARTIFACT_PROJECT_ONLY - - BUILD_PROJECT_ONLY - region: - description: Optional. Provenance region. - type: string - enumDescriptions: - - >- - The PipelineRun/TaskRun/Workflow will be rejected. Update this - comment to push to the same region as the run in Artifact Analysis - when it's regionalized. - - Push provenance to Artifact Analysis in global region. - enum: - - REGION_UNSPECIFIED - - GLOBAL - PipelineRunResult: - id: PipelineRunResult - description: PipelineRunResult used to describe the results of a pipeline + permissions: + type: array + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + items: + type: string + id: TestIamPermissionsResponse type: object - properties: - name: - description: Output only. Name of the TaskRun - readOnly: true - type: string - value: - description: Output only. Value of the result. - readOnly: true - $ref: '#/components/schemas/ResultValue' parameters: + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string access_token: description: OAuth access token. in: query name: access_token schema: type: string - alt: - description: Data format for response. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: alt + name: quotaUser schema: type: string - enum: - - json - - media - - proto callback: description: JSONP in: query name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + _.xgafv: + description: V1 error format. in: query - name: key + name: $.xgafv schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + enum: + - '1' + - '2' + alt: + description: Data format for response. in: query - name: oauth_token + name: alt schema: type: string + enum: + - json + - media + - proto prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: quotaUser + name: fields schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: upload_protocol + name: key schema: type: string uploadType: @@ -2514,15 +2523,6 @@ components: name: uploadType schema: type: string - _.xgafv: - description: V1 error format. - in: query - name: $.xgafv - schema: - type: string - enum: - - '1' - - '2' x-stackQL-resources: locations: id: google.cloudbuild.locations @@ -2531,50 +2531,114 @@ components: methods: projects_locations_list: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1locations/get' + $ref: '#/paths/~1v2~1projects~1{projectsId}~1locations/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.locations + projects_locations_get: + operation: + $ref: '#/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/locations/methods/projects_locations_get + - $ref: >- + #/components/x-stackQL-resources/locations/methods/projects_locations_list + insert: [] + update: [] + replace: [] + delete: [] + repositories: + id: google.cloudbuild.repositories + name: repositories + title: Repositories + methods: + projects_locations_connections_repositories_create: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1repositories/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_connections_repositories_list: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1repositories/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.repositories + projects_locations_connections_repositories_delete: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1repositories~1{repositoriesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_connections_repositories_get: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1repositories~1{repositoriesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.locations - projects_locations_get: + projects_locations_connections_repositories_access_read_write_token: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}/get' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1repositories~1{repositoriesId}:accessReadWriteToken/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_connections_repositories_batch_create: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1repositories:batchCreate/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_connections_repositories_access_read_token: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1repositories~1{repositoriesId}:accessReadToken/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/locations/methods/projects_locations_get + #/components/x-stackQL-resources/repositories/methods/projects_locations_connections_repositories_get - $ref: >- - #/components/x-stackQL-resources/locations/methods/projects_locations_list - insert: [] + #/components/x-stackQL-resources/repositories/methods/projects_locations_connections_repositories_list + insert: + - $ref: >- + #/components/x-stackQL-resources/repositories/methods/projects_locations_connections_repositories_create + - $ref: >- + #/components/x-stackQL-resources/repositories/methods/projects_locations_connections_repositories_batch_create update: [] replace: [] - delete: [] - operations: - id: google.cloudbuild.operations - name: operations - title: Operations + delete: + - $ref: >- + #/components/x-stackQL-resources/repositories/methods/projects_locations_connections_repositories_delete + repositories_git_refs: + id: google.cloudbuild.repositories_git_refs + name: repositories_git_refs + title: Repositories_git_refs methods: - projects_locations_operations_get: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_operations_cancel: + projects_locations_connections_repositories_fetch_git_refs: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1repositories~1{repositoriesId}:fetchGitRefs/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get + #/components/x-stackQL-resources/repositories_git_refs/methods/projects_locations_connections_repositories_fetch_git_refs insert: [] update: [] replace: [] @@ -2584,21 +2648,20 @@ components: name: connections title: Connections methods: - projects_locations_connections_create: + projects_locations_connections_patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_connections_list: + projects_locations_connections_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.connections projects_locations_connections_get: operation: $ref: >- @@ -2606,17 +2669,18 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_connections_patch: + projects_locations_connections_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_connections_delete: + objectKey: $.unreachable + projects_locations_connections_create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections/post response: mediaType: application/json openAPIDocKey: '200' @@ -2643,26 +2707,6 @@ components: delete: - $ref: >- #/components/x-stackQL-resources/connections/methods/projects_locations_connections_delete - connections_linkable_repositories: - id: google.cloudbuild.connections_linkable_repositories - name: connections_linkable_repositories - title: Connections_linkable_repositories - methods: - projects_locations_connections_fetch_linkable_repositories: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:fetchLinkableRepositories/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/connections_linkable_repositories/methods/projects_locations_connections_fetch_linkable_repositories - insert: [] - update: [] - replace: [] - delete: [] connections_iam_policies: id: google.cloudbuild.connections_iam_policies name: connections_iam_policies @@ -2700,93 +2744,49 @@ components: - $ref: >- #/components/x-stackQL-resources/connections_iam_policies/methods/projects_locations_connections_set_iam_policy delete: [] - repositories: - id: google.cloudbuild.repositories - name: repositories - title: Repositories + connections_linkable_repositories: + id: google.cloudbuild.connections_linkable_repositories + name: connections_linkable_repositories + title: Connections_linkable_repositories methods: - projects_locations_connections_repositories_create: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1repositories/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_connections_repositories_list: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1repositories/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.repositories - projects_locations_connections_repositories_batch_create: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1repositories:batchCreate/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_connections_repositories_get: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1repositories~1{repositoriesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_connections_repositories_delete: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1repositories~1{repositoriesId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_connections_repositories_access_read_write_token: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1repositories~1{repositoriesId}:accessReadWriteToken/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_connections_repositories_access_read_token: + projects_locations_connections_fetch_linkable_repositories: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1repositories~1{repositoriesId}:accessReadToken/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:fetchLinkableRepositories/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/repositories/methods/projects_locations_connections_repositories_get - - $ref: >- - #/components/x-stackQL-resources/repositories/methods/projects_locations_connections_repositories_list - insert: - - $ref: >- - #/components/x-stackQL-resources/repositories/methods/projects_locations_connections_repositories_create - - $ref: >- - #/components/x-stackQL-resources/repositories/methods/projects_locations_connections_repositories_batch_create + #/components/x-stackQL-resources/connections_linkable_repositories/methods/projects_locations_connections_fetch_linkable_repositories + insert: [] update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/repositories/methods/projects_locations_connections_repositories_delete - repositories_git_refs: - id: google.cloudbuild.repositories_git_refs - name: repositories_git_refs - title: Repositories_git_refs + delete: [] + operations: + id: google.cloudbuild.operations + name: operations + title: Operations methods: - projects_locations_connections_repositories_fetch_git_refs: + projects_locations_operations_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1repositories~1{repositoriesId}:fetchGitRefs/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_operations_cancel: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/repositories_git_refs/methods/projects_locations_connections_repositories_fetch_git_refs + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get insert: [] update: [] replace: [] @@ -2794,17 +2794,17 @@ components: paths: /v2/projects/{projectsId}/locations: parameters: &ref_1 + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' get: description: Lists information about the supported locations for this service. operationId: cloudbuild.projects.locations.list @@ -2827,22 +2827,22 @@ paths: schema: type: string - in: query - name: filter + name: extraLocationTypes schema: type: string - in: query - name: pageSize + name: filter schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - in: query - name: extraLocationTypes + name: pageSize schema: - type: string + type: integer + format: int32 /v2/projects/{projectsId}/locations/{locationsId}: parameters: *ref_1 get: @@ -2871,14 +2871,51 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/repositories: parameters: *ref_1 + post: + description: Creates a Repository. + operationId: cloudbuild.projects.locations.connections.repositories.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Repository' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: connectionsId + required: true + schema: + type: string + - in: query + name: repositoryId + schema: + type: string get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: cloudbuild.projects.locations.operations.get + description: Lists Repositories in a given connection. + operationId: cloudbuild.projects.locations.connections.repositories.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2890,7 +2927,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListRepositoriesResponse' parameters: - in: path name: projectsId @@ -2903,29 +2940,32 @@ paths: schema: type: string - in: path - name: operationsId + name: connectionsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/repositories/{repositoriesId}: parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: cloudbuild.projects.locations.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + delete: + description: Deletes a single repository. + operationId: cloudbuild.projects.locations.connections.repositories.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2937,7 +2977,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2950,20 +2990,26 @@ paths: schema: type: string - in: path - name: operationsId + name: connectionsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections: - parameters: *ref_1 - post: - description: Creates a Connection. - operationId: cloudbuild.projects.locations.connections.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Connection' + - in: path + name: repositoriesId + required: true + schema: + type: string + - in: query + name: etag + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean + get: + description: Gets details of a single repository. + operationId: cloudbuild.projects.locations.connections.repositories.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2975,7 +3021,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Repository' parameters: - in: path name: projectsId @@ -2987,13 +3033,21 @@ paths: required: true schema: type: string - - in: query - name: connectionId + - in: path + name: connectionsId + required: true + schema: + type: string + - in: path + name: repositoriesId + required: true schema: type: string + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/repositories/{repositoriesId}:fetchGitRefs: + parameters: *ref_1 get: - description: Lists Connections in a given project and location. - operationId: cloudbuild.projects.locations.connections.list + description: Fetch the list of branches or tags for a given repository. + operationId: cloudbuild.projects.locations.connections.repositories.fetchGitRefs security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3005,7 +3059,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListConnectionsResponse' + $ref: '#/components/schemas/FetchGitRefsResponse' parameters: - in: path name: projectsId @@ -3017,24 +3071,40 @@ paths: required: true schema: type: string + - in: path + name: connectionsId + required: true + schema: + type: string + - in: path + name: repositoriesId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: refType schema: type: string - - in: query - name: returnPartialSuccess - schema: - type: boolean - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}: + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/repositories/{repositoriesId}:accessReadWriteToken: parameters: *ref_1 - get: - description: Gets details of a single connection. - operationId: cloudbuild.projects.locations.connections.get + post: + description: Fetches read/write token of a given repository. + operationId: >- + cloudbuild.projects.locations.connections.repositories.accessReadWriteToken + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FetchReadWriteTokenRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3046,7 +3116,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Connection' + $ref: '#/components/schemas/FetchReadWriteTokenResponse' parameters: - in: path name: projectsId @@ -3063,14 +3133,21 @@ paths: required: true schema: type: string - patch: - description: Updates a single connection. - operationId: cloudbuild.projects.locations.connections.patch + - in: path + name: repositoriesId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/repositories:batchCreate: + parameters: *ref_1 + post: + description: Creates multiple repositories inside a connection. + operationId: cloudbuild.projects.locations.connections.repositories.batchCreate requestBody: content: application/json: schema: - $ref: '#/components/schemas/Connection' + $ref: '#/components/schemas/BatchCreateRepositoriesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3099,22 +3176,16 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: allowMissing - schema: - type: boolean - - in: query - name: etag - schema: - type: string - delete: - description: Deletes a single connection. - operationId: cloudbuild.projects.locations.connections.delete + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/repositories/{repositoriesId}:accessReadToken: + parameters: *ref_1 + post: + description: Fetches read token of a given repository. + operationId: cloudbuild.projects.locations.connections.repositories.accessReadToken + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FetchReadTokenRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3126,7 +3197,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/FetchReadTokenResponse' parameters: - in: path name: projectsId @@ -3143,32 +3214,33 @@ paths: required: true schema: type: string - - in: query - name: etag + - in: path + name: repositoriesId + required: true schema: type: string - - in: query - name: validateOnly - schema: - type: boolean - /v2/projects/{projectsId}/locations/{locationsId}/connections:processWebhook: + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}: parameters: *ref_1 - post: - description: ProcessWebhook is called by the external SCM for notifying of events. - operationId: cloudbuild.projects.locations.connections.processWebhook + patch: + description: Updates a single connection. + operationId: cloudbuild.projects.locations.connections.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' - security: [] + $ref: '#/components/schemas/Connection' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3180,17 +3252,27 @@ paths: required: true schema: type: string + - in: path + name: connectionsId + required: true + schema: + type: string - in: query - name: webhookKey + name: allowMissing + schema: + type: boolean + - in: query + name: updateMask schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:fetchLinkableRepositories: - parameters: *ref_1 - get: - description: >- - FetchLinkableRepositories get repositories from SCM that are accessible - and could be added to the connection. - operationId: cloudbuild.projects.locations.connections.fetchLinkableRepositories + format: google-fieldmask + - in: query + name: etag + schema: + type: string + delete: + description: Deletes a single connection. + operationId: cloudbuild.projects.locations.connections.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3202,7 +3284,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchLinkableRepositoriesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3220,27 +3302,16 @@ paths: schema: type: string - in: query - name: pageSize + name: validateOnly schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: etag schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: cloudbuild.projects.locations.connections.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + get: + description: Gets details of a single connection. + operationId: cloudbuild.projects.locations.connections.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3252,7 +3323,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Connection' parameters: - in: path name: projectsId @@ -3269,13 +3340,11 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:getIamPolicy: + /v2/projects/{projectsId}/locations/{locationsId}/connections: parameters: *ref_1 get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: cloudbuild.projects.locations.connections.getIamPolicy + description: Lists Connections in a given project and location. + operationId: cloudbuild.projects.locations.connections.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3287,7 +3356,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListConnectionsResponse' parameters: - in: path name: projectsId @@ -3299,31 +3368,27 @@ paths: required: true schema: type: string - - in: path - name: connectionsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: options.requestedPolicyVersion + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize schema: type: integer format: int32 - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:testIamPermissions: - parameters: *ref_1 post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: cloudbuild.projects.locations.connections.testIamPermissions + description: Creates a Connection. + operationId: cloudbuild.projects.locations.connections.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/Connection' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3335,7 +3400,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3347,21 +3412,23 @@ paths: required: true schema: type: string - - in: path - name: connectionsId - required: true + - in: query + name: connectionId schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/repositories: + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:setIamPolicy: parameters: *ref_1 post: - description: Creates a Repository. - operationId: cloudbuild.projects.locations.connections.repositories.create + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: cloudbuild.projects.locations.connections.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/Repository' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3373,7 +3440,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -3390,13 +3457,13 @@ paths: required: true schema: type: string - - in: query - name: repositoryId - schema: - type: string + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:getIamPolicy: + parameters: *ref_1 get: - description: Lists Repositories in a given connection. - operationId: cloudbuild.projects.locations.connections.repositories.list + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: cloudbuild.projects.locations.connections.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3408,7 +3475,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRepositoriesResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -3426,44 +3493,28 @@ paths: schema: type: string - in: query - name: pageSize + name: options.requestedPolicyVersion schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: returnPartialSuccess - schema: - type: boolean - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/repositories:batchCreate: + /v2/projects/{projectsId}/locations/{locationsId}/connections:processWebhook: parameters: *ref_1 post: - description: Creates multiple repositories inside a connection. - operationId: cloudbuild.projects.locations.connections.repositories.batchCreate + description: ProcessWebhook is called by the external SCM for notifying of events. + operationId: cloudbuild.projects.locations.connections.processWebhook requestBody: content: application/json: schema: - $ref: '#/components/schemas/BatchCreateRepositoriesRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + $ref: '#/components/schemas/HttpBody' + security: [] responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -3475,52 +3526,17 @@ paths: required: true schema: type: string - - in: path - name: connectionsId - required: true + - in: query + name: webhookKey schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/repositories/{repositoriesId}: + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:fetchLinkableRepositories: parameters: *ref_1 get: - description: Gets details of a single repository. - operationId: cloudbuild.projects.locations.connections.repositories.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Repository' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: connectionsId - required: true - schema: - type: string - - in: path - name: repositoriesId - required: true - schema: - type: string - delete: - description: Deletes a single repository. - operationId: cloudbuild.projects.locations.connections.repositories.delete + description: >- + FetchLinkableRepositories get repositories from SCM that are accessible + and could be added to the connection. + operationId: cloudbuild.projects.locations.connections.fetchLinkableRepositories security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3532,7 +3548,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/FetchLinkableRepositoriesResponse' parameters: - in: path name: projectsId @@ -3549,30 +3565,30 @@ paths: required: true schema: type: string - - in: path - name: repositoriesId - required: true - schema: - type: string - in: query - name: etag + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: validateOnly + name: pageToken schema: - type: boolean - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/repositories/{repositoriesId}:accessReadWriteToken: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:testIamPermissions: parameters: *ref_1 post: - description: Fetches read/write token of a given repository. - operationId: >- - cloudbuild.projects.locations.connections.repositories.accessReadWriteToken + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: cloudbuild.projects.locations.connections.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/FetchReadWriteTokenRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3584,7 +3600,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchReadWriteTokenResponse' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -3601,21 +3617,14 @@ paths: required: true schema: type: string - - in: path - name: repositoriesId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/repositories/{repositoriesId}:accessReadToken: + /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Fetches read token of a given repository. - operationId: cloudbuild.projects.locations.connections.repositories.accessReadToken - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/FetchReadTokenRequest' + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: cloudbuild.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3627,7 +3636,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchReadTokenResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3640,20 +3649,29 @@ paths: schema: type: string - in: path - name: connectionsId - required: true - schema: - type: string - - in: path - name: repositoriesId + name: operationsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/repositories/{repositoriesId}:fetchGitRefs: + /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: - description: Fetch the list of branches or tags for a given repository. - operationId: cloudbuild.projects.locations.connections.repositories.fetchGitRefs + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: cloudbuild.projects.locations.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3665,7 +3683,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchGitRefsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -3678,25 +3696,7 @@ paths: schema: type: string - in: path - name: connectionsId - required: true - schema: - type: string - - in: path - name: repositoriesId + name: operationsId required: true schema: type: string - - in: query - name: refType - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/cloudcommerceprocurement.yaml b/providers/src/googleapis.com/v00.00.00000/services/cloudcommerceprocurement.yaml index 8bca36a2..c708b518 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/cloudcommerceprocurement.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/cloudcommerceprocurement.yaml @@ -7,8 +7,8 @@ info: title: Cloud Commerce Partner Procurement API description: Partner API for the Cloud Commerce Procurement Service. version: v1 - x-discovery-doc-revision: '20250824' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251130' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/marketplace/docs/partners/ servers: @@ -35,39 +35,49 @@ components: scopes: *ref_0 schemas: Account: - id: Account description: >- Represents an account that was established by the customer on the service provider's system. type: object + id: Account properties: name: + type: string description: >- Output only. The resource name of the account. Account names have the form `accounts/{account_id}`. + inputProperties: + type: object + deprecated: true + additionalProperties: + type: any + description: Properties of the object. + description: >- + Output only. The custom properties that were collected from the user + to create this account. + approvals: + items: + $ref: '#/components/schemas/Approval' + description: >- + Output only. The approvals for this account. These approvals are + used to track actions that are permitted or have been completed by a + customer within the context of the provider. This might include a + sign up flow or a provisioning step, for example, that the provider + can admit to having happened. + type: array + resellerParentBillingAccount: type: string + description: >- + Output only. The reseller parent billing account of the account's + corresponding billing account, applicable only when the + corresponding billing account is a subaccount of a reseller. + Included in responses only for view: ACCOUNT_VIEW_FULL. Format: + billingAccounts/{billing_account_id} updateTime: description: Output only. The last update timestamp. - type: string format: google-datetime - createTime: - description: Output only. The creation timestamp. - type: string - format: google-datetime - provider: - description: >- - Output only. The identifier of the service provider that this - account was created against. Each service provider is assigned a - unique provider value when they onboard with Cloud Commerce - platform. type: string state: - description: >- - Output only. The state of the account. This is used to decide - whether the customer is in good standing with the provider and is - able to make purchases. An account might not be able to make a - purchase if the billing account is suspended, for example. - type: string enumDescriptions: - >- Default state of the account. It's only set to this value when the @@ -81,40 +91,54 @@ components: The account is active and ready for use. The next possible states are: - Account getting deleted: After the user invokes delete from another API. + description: >- + Output only. The state of the account. This is used to decide + whether the customer is in good standing with the provider and is + able to make purchases. An account might not be able to make a + purchase if the billing account is suspended, for example. enum: - ACCOUNT_STATE_UNSPECIFIED - ACCOUNT_ACTIVATION_REQUESTED - ACCOUNT_ACTIVE - inputProperties: + type: string + createTime: + type: string + description: Output only. The creation timestamp. + format: google-datetime + provider: description: >- - Output only. The custom properties that were collected from the user - to create this account. - deprecated: true - type: object - additionalProperties: - type: any - description: Properties of the object. - approvals: + Output only. The identifier of the service provider that this + account was created against. Each service provider is assigned a + unique provider value when they onboard with Cloud Commerce + platform. + type: string + SuspendEntitlementRequest: + description: >- + Request message for ParterProcurementService.SuspendEntitlement. This is + not yet supported. + id: SuspendEntitlementRequest + type: object + properties: + reason: description: >- - Output only. The approvals for this account. These approvals are - used to track actions that are permitted or have been completed by a - customer within the context of the provider. This might include a - sign up flow or a provisioning step, for example, that the provider - can admit to having happened. - type: array - items: - $ref: '#/components/schemas/Approval' + A free-form reason string, explaining the reason for suspension + request. + type: string Approval: - id: Approval - description: An approval for some action on an account. type: object + id: Approval properties: name: + type: string description: Output only. The name of the approval. + reason: type: string - state: - description: Output only. The state of the approval. + description: Output only. An explanation for the state of the approval. + updateTime: + format: google-datetime + description: Optional. The last update timestamp of the approval. type: string + state: enumDescriptions: - Sentinel value; do not use. - >- @@ -126,102 +150,114 @@ components: The approval has been rejected by the provider. A provider may choose to approve a previously rejected approval, so is it possible to transition to Account.Approval.State.APPROVED. + description: Output only. The state of the approval. + type: string enum: - STATE_UNSPECIFIED - PENDING - APPROVED - REJECTED - reason: - description: Output only. An explanation for the state of the approval. - type: string - updateTime: - description: Optional. The last update timestamp of the approval. - type: string - format: google-datetime - ListAccountsResponse: - id: ListAccountsResponse - description: Response message for [PartnerProcurementService.ListAccounts[]. - type: object - properties: - accounts: - description: The list of accounts in this response. - type: array - items: - $ref: '#/components/schemas/Account' - nextPageToken: - description: The token for fetching the next page. - type: string - ApproveAccountRequest: - id: ApproveAccountRequest - description: Request message for PartnerProcurementService.ApproveAccount. - type: object + description: An approval for some action on an account. + RejectEntitlementPlanChangeRequest: + id: RejectEntitlementPlanChangeRequest properties: - properties: - description: >- - Set of properties that should be associated with the account. - Optional. - type: object - additionalProperties: - type: string - approvalName: - description: >- - The name of the approval being approved. If absent and there is only - one approval possible, that approval will be granted. If absent and - there are many approvals possible, the request will fail with a 400 - Bad Request. Optional. + pendingPlanName: type: string + description: Required. Name of the pending plan that is being rejected. reason: description: >- - Free form text string explaining the approval reason. Optional. Max - allowed length: 256 bytes. Longer strings will be truncated. + Free form text string explaining the rejection reason. Max allowed + length: 256 bytes. Longer strings will be truncated. type: string - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } type: object - properties: {} - RejectAccountRequest: - id: RejectAccountRequest - description: Request message for PartnerProcurementService.RejectAccount. + description: >- + Request message for + PartnerProcurementService.RejectEntitlementPlanChange. + ListEntitlementsResponse: + description: Response message for PartnerProcurementService.ListEntitlements. + id: ListEntitlementsResponse type: object properties: - approvalName: - description: >- - The name of the approval being rejected. If absent and there is only - one approval possible, that approval will be rejected. If absent and - there are many approvals possible, the request will fail with a 400 - Bad Request. Optional. + entitlements: + description: The list of entitlements in this response. + items: + $ref: '#/components/schemas/Entitlement' + type: array + nextPageToken: type: string + description: The token for fetching the next page. + RejectEntitlementRequest: + properties: reason: description: >- Free form text string explaining the rejection reason. Max allowed length: 256 bytes. Longer strings will be truncated. type: string - ResetAccountRequest: - id: ResetAccountRequest - description: Request message for PartnerProcurementService.ResetAccount. + description: Request message for PartnerProcurementService.RejectEntitlement. + id: RejectEntitlementRequest type: object - properties: {} Entitlement: id: Entitlement description: Represents a procured product of a customer. type: object properties: name: + type: string description: >- Output only. The resource name of the entitlement. Entitlement names have the form `providers/{provider_id}/entitlements/{entitlement_id}`. + subscriptionEndTime: + description: >- + Output only. End time for the subscription corresponding to this + entitlement. + type: string + readOnly: true + format: google-datetime + updateTime: + description: Output only. The last update timestamp. + format: google-datetime + type: string + newPendingOfferDuration: + description: >- + Output only. The duration of the new offer, in ISO 8601 duration + format. This field is populated for pending offer changes. It isn't + populated for entitlements which aren't active yet. If the offer has + a specified end date instead of a duration, this field is empty. * + If the entitlement is in the state ENTITLEMENT_ACTIVATION_REQUESTED, + ENTITLEMENT_ACTIVE, or ENTITLEMENT_PENDING_CANCELLATION, this field + is empty. * If the entitlement is in the state + ENTITLEMENT_PENDING_PLAN_CHANGE_APPROVAL or + ENTITLEMENT_PENDING_PLAN_CHANGE, and the upcoming offer doesn't have + a specified end date, then this field is populated with the duration + of the upcoming offer. Otherwise, this field is empty. * If the + entitlement is in the state ENTITLEMENT_CANCELLED, then this field + is empty. + readOnly: true type: string account: + type: string description: >- Output only. The resource name of the account that this entitlement is based on, if any. + quoteExternalName: + type: string + readOnly: true + description: >- + Output only. The identifier of the quote that was used to procure. + Empty if the order is not purchased using a quote. + usageReportingId: + description: >- + Output only. The consumerId to use when reporting usage through the + Service Control API. See the consumerId field at [Reporting + Metrics](https://cloud.google.com/service-control/reporting-metrics) + for more details. This field is present only if the product has + usage-based billing configured. type: string + createTime: + description: Output only. The creation timestamp. + type: string + format: google-datetime provider: description: >- Output only. The identifier of the service provider that this @@ -230,84 +266,32 @@ components: platform. type: string product: + deprecated: true + type: string description: >- Output only. The identifier of the entity that was purchased. This may actually represent a product, quote, or offer. We strongly recommend that you use the following more explicit fields: productExternalName, quoteExternalName, or offer. - deprecated: true - type: string - quoteExternalName: - description: >- - Output only. The identifier of the quote that was used to procure. - Empty if the order is not purchased using a quote. - readOnly: true - type: string - productExternalName: - description: Output only. The identifier of the product that was procured. - readOnly: true - type: string - plan: - description: >- - Output only. The identifier of the plan that was procured. Required - if the product has plans. - type: string - offer: - description: >- - Output only. The name of the offer that was procured. Field is empty - if order was not made using an offer. Format: - 'projects/{project}/services/{service}/privateOffers/{offer-id}' OR - 'projects/{project}/services/{service}/standardOffers/{offer-id}', - depending on whether the offer is private or public. The {service} - in the name is the listing service of the offer. It could be either - the product service that the offer is referencing, or a generic - private offer parent service. We recommend that you don't build your - integration to rely on the meaning of this {service} part. - readOnly: true - type: string - newOfferStartTime: - description: >- - Output only. The timestamp when the new offer becomes effective. - This field is populated even if the entitlement isn't active yet. If - there's no upcoming offer, the field is empty. - readOnly: true - type: string - format: google-datetime - newPendingOffer: - description: >- - Output only. The name of the offer the entitlement is switching to - upon a pending plan change. Only exists if the pending plan change - is moving to an offer. This field isn't populated for entitlements - which aren't active yet. Format: - 'projects/{project}/services/{service}/privateOffers/{offer-id}' OR - 'projects/{project}/services/{service}/standardOffers/{offer-id}', - depending on whether the offer is private or public. The {service} - in the name is the listing service of the offer. It could be either - the product service that the offer is referencing, or a generic - private offer parent service. We recommend that you don't build your - integration to rely on the meaning of this {service} part. - readOnly: true - type: string - newPendingPlan: - description: >- - Output only. The identifier of the pending new plan. Required if the - product has plans and the entitlement has a pending plan change. - type: string state: - description: Output only. The state of the entitlement. type: string + description: Output only. The state of the entitlement. enumDescriptions: - >- Default state of the entitlement. It's only set to this value when the entitlement is first created and has not been initialized. - >- - Indicates that the entitlement is being created and the backend - has sent a notification to the provider for the activation - approval. If the provider approves, then the entitlement will - transition to the EntitlementState.ENTITLEMENT_ACTIVE state. - Otherwise, the entitlement will be removed. Plan changes are not - allowed in this state. Instead the entitlement is cancelled and - re-created with a new plan name. + Indicates that the entitlement has been created, but it hasn't yet + become active. The entitlement remains in this state until it + becomes active. If the entitlement requires provider approval, a + notification is sent to the provider for the activation approval. + If the provider doesn't approve, the entitlement is removed. If + approved, the entitlement transitions to the + EntitlementState.ENTITLEMENT_ACTIVE state after either a short + processing delay or, if applicable, at the scheduled start time of + the purchased offer. Plan changes aren't allowed in this state. + Instead, customers are expected to cancel the corresponding order + and place a new order. - >- Indicates that the entitlement is active. The procured item is now usable and any associated billing events will start occurring. @@ -367,48 +351,109 @@ components: - ENTITLEMENT_PENDING_PLAN_CHANGE - ENTITLEMENT_PENDING_PLAN_CHANGE_APPROVAL - ENTITLEMENT_SUSPENDED - inputProperties: - description: >- - Output only. The custom properties that were collected from the user - to create this entitlement. - deprecated: true - type: object - additionalProperties: - type: any - description: Properties of the object. - updateTime: - description: Output only. The last update timestamp. + newPendingPlan: type: string - format: google-datetime - createTime: - description: Output only. The creation timestamp. + description: >- + Output only. The identifier of the pending new plan. Required if the + product has plans and the entitlement has a pending plan change. + consumers: + type: array + description: Output only. The resources using this entitlement, if applicable. + items: + $ref: '#/components/schemas/Consumer' + plan: + description: >- + Output only. The identifier of the plan that was procured. Required + if the product has plans. type: string - format: google-datetime - offerDuration: + cancellationReason: description: >- - Output only. The offer duration of the current offer in ISO 8601 - duration format. Field is empty if entitlement was not made using an - offer. If the offer was created with a specified end date instead of - a duration, this field is empty. + Output only. The reason the entitlement was cancelled. If this + entitlement wasn't cancelled, this field is empty. Possible values + include "unknown", "expired", "user-cancelled", "account-closed", + "billing-disabled" (if the customer has manually disabled billing to + their resources), "user-aborted", and "migrated" (if the entitlement + has migrated across products). Values of this field are subject to + change, and we recommend that you don't build your technical + integration to rely on these fields. readOnly: true type: string - newPendingOfferDuration: + newOfferStartTime: description: >- - Output only. The duration of the new offer, in ISO 8601 duration - format. This field isn't populated for entitlements which aren't - active yet, only for pending offer changes. If the offer was created - with a specified end date instead of a duration, this field is - empty. + Output only. The timestamp when the new offer becomes effective. + This field is populated even if the entitlement isn't active yet. If + there's no upcoming offer, the field is empty. * If the entitlement + is in the state ENTITLEMENT_ACTIVATION_REQUESTED, this field isn't + populated when the entitlement isn't yet approved. After the + entitlement is approved, this field is populated with the effective + time of the upcoming offer. * If the entitlement is in the state + ENTITLEMENT_ACTIVE or ENTITLEMENT_PENDING_CANCELLATION, this field + isn't populated. * If the entitlement is in the state + ENTITLEMENT_PENDING_PLAN_CHANGE_APPROVAL, this field isn't + populated, because the entitlement change is waiting on approval. * + If the entitlement is in the state ENTITLEMENT_PENDING_PLAN_CHANGE, + this field is populated with the expected effective time of the + upcoming offer, which is in the future. * If the entitlement is in + the state ENTITLEMENT_CANCELLED, then this field is empty. + type: string + format: google-datetime readOnly: true + offerEndTime: type: string - usageReportingId: + readOnly: true description: >- - Output only. The consumerId to use when reporting usage through the - Service Control API. See the consumerId field at [Reporting - Metrics](https://cloud.google.com/service-control/reporting-metrics) - for more details. This field is present only if the product has - usage-based billing configured. + Output only. End time for the current term of the Offer associated + with this entitlement. The value of this field can change naturally + over time due to auto-renewal, even if the offer isn't changed. * If + the entitlement is in the state ENTITLEMENT_ACTIVATION_REQUESTED, + then: * If the entitlement isn't approved yet approved, and the + offer has a specified end date, then this field is populated with + the expected end time of the upcoming offer, in the future. + Otherwise, this field is empty. * If the entitlement is approved, + then this field is populated with the expected end time of the + upcoming offer, in the future. This means that this field and the + field offer_duration can both exist. * If the entitlement is in the + state ENTITLEMENT_ACTIVE or ENTITLEMENT_PENDING_CANCELLATION, then + this field is populated with the expected end time of the current + offer, in the future. This field's value is set regardless of + whether the offer has a specific end date or a duration. This means + that this field and the field offer_duration can both exist. * If + the entitlement is in the state + ENTITLEMENT_PENDING_PLAN_CHANGE_APPROVAL or + ENTITLEMENT_PENDING_PLAN_CHANGE: * If the entitlement's pricing + model is usage based and the associated offer is a private offer + whose term has ended, then this field reflects the ACTUAL end time + of the entitlement's associated offer (in the past), even though the + entitlement associated with this private offer does not terminate at + the end of that private offer's term. * Otherwise, this is the + expected end date of the current offer, in the future. * If the + entitlement is in the state ENTITLEMENT_CANCELLED, then this field + is populated with the end time, in the past, of the latest offer + that the order was associated with. If the entitlement was cancelled + before any offer started, then this field is empty. + format: google-datetime + newPendingOffer: type: string + description: >- + Output only. Upon a pending plan change, the name of the offer that + the entitlement is switching to. Only exists if the pending plan + change is moving to an offer. This field isn't populated for + entitlements which aren't active yet. Format: + 'projects/{project}/services/{service}/privateOffers/{offer}' OR + 'projects/{project}/services/{service}/standardOffers/{offer}', + depending on whether the offer is private or public. The {service} + in the name is the listing service of the offer. It could be either + the product service that the offer is referencing, or a generic + private offer parent service. We recommend that you don't build your + integration to rely on the meaning of this {service} part. * If the + entitlement is in the state ENTITLEMENT_ACTIVATION_REQUESTED, + ENTITLEMENT_ACTIVE or ENTITLEMENT_PENDING_CANCELLATION, then this + field is empty. * If the entitlement is in the state + ENTITLEMENT_PENDING_PLAN_CHANGE_APPROVAL or + ENTITLEMENT_PENDING_PLAN_CHANGE, then this field is populated with + the upcoming offer. * If the entitlement is in the state + ENTITLEMENT_CANCELLED, then this is empty. + readOnly: true messageToUser: description: >- Provider-supplied message that is displayed to the end user. @@ -419,179 +464,200 @@ components: EntitlementState.ENTITLEMENT_PENDING_PLAN_CHANGE_APPROVAL. This field is cleared automatically when the entitlement state changes. type: string - consumers: - description: Output only. The resources using this entitlement, if applicable. - type: array - items: - $ref: '#/components/schemas/Consumer' - subscriptionEndTime: - description: >- - Output only. End time for the subscription corresponding to this - entitlement. - readOnly: true + offerDuration: type: string - format: google-datetime - offerEndTime: - description: >- - Output only. End time for the Offer association corresponding to - this entitlement. The field is only populated if the entitlement is - currently associated with an Offer. readOnly: true - type: string - format: google-datetime - newOfferEndTime: description: >- - Output only. The end time of the new offer. If the offer was created - with a term instead of a specified end date, this field is empty. - This field is populated even if the entitlement isn't active yet. If - there's no upcoming offer, the field is be empty. - readOnly: true - type: string - format: google-datetime - orderId: + Output only. The offer duration of the current offer, in ISO 8601 + duration format. This is empty if the entitlement wasn't made using + an offer, or if the offer has a specified end date instead of a + duration. * If the entitlement is in the state + ENTITLEMENT_ACTIVATION_REQUESTED, and the upcoming offer doesn't + have a specified end date, then this field is populated with the + duration of the upcoming offer. Otherwise, this field is empty. * If + the entitlement is in the state ENTITLEMENT_ACTIVE, + ENTITLEMENT_PENDING_CANCELLATION, ENTITLEMENT_PENDING_PLAN_CHANGE, + or ENTITLEMENT_PENDING_PLAN_CHANGE_APPROVAL, and the current offer + doesn't have a specified end date, then this field contains the + duration of the current offer. Otherwise, this field is empty. * If + the entitlement is in the state ENTITLEMENT_CANCELLED, and the offer + doesn't have a specified end date, then this field is populated with + the duration of the latest offer that the order was associated with. + Otherwise, this field is empty. + offer: description: >- - Output only. The order ID of this entitlement, without any `orders/` - resource name prefix. + Output only. The name of the offer that was procured. Field is empty + if order wasn't made using an offer. Format: + 'projects/{project}/services/{service}/privateOffers/{offer}' OR + 'projects/{project}/services/{service}/standardOffers/{offer}', + depending on whether the offer is private or public. The {service} + in the name is the listing service of the offer. It could be either + the product service that the offer is referencing, or a generic + private offer parent service. We recommend that you don't build your + integration to rely on the meaning of this {service} part. * If the + entitlement is in the state ENTITLEMENT_ACTIVATION_REQUESTED, this + field is populated with the upcoming offer. * If the entitlement is + in the state ENTITLEMENT_ACTIVE, ENTITLEMENT_PENDING_CANCELLATION, + ENTITLEMENT_PENDING_PLAN_CHANGE, or + ENTITLEMENT_PENDING_PLAN_CHANGE_APPROVAL, this field is populated + with the current offer. * If the entitlement is in the state + ENTITLEMENT_CANCELLED, then this field is populated with the latest + offer that the order was associated with. readOnly: true type: string entitlementBenefitIds: + readOnly: true + items: + type: string description: >- Output only. The entitlement benefit IDs associated with the purchase. - readOnly: true type: array - items: - type: string - cancellationReason: + orderId: + type: string description: >- - Output only. The reason the entitlement was cancelled. If this - entitlement wasn't cancelled, this field is empty. Possible values - include "unknown", "expired", "user-cancelled", "account-closed", - "billing-disabled" (if the customer has manually disabled billing to - their resources), "user-aborted", and "migrated" (if the entitlement - has migrated across products). Values of this field are subject to - change, and we recommend that you don't build your technical - integration to rely on these fields. + Output only. The order ID of this entitlement, without any `orders/` + resource name prefix. readOnly: true + inputProperties: + additionalProperties: + type: any + description: Properties of the object. + deprecated: true + description: >- + Output only. The custom properties that were collected from the user + to create this entitlement. + type: object + newOfferEndTime: type: string - Consumer: - id: Consumer - description: A resource using (consuming) this entitlement. - type: object - properties: - project: - description: A project name with format `projects/`. + format: google-datetime + readOnly: true + description: >- + Output only. The end time of the new offer, determined from the + offer's specified end date. If the offer des not have a specified + end date then this field is not set. This field is populated even if + the entitlement isn't active yet. If there's no upcoming offer, the + field is empty. * If the entitlement is in the state + ENTITLEMENT_ACTIVATION_REQUESTED, ENTITLEMENT_ACTIVE, or + ENTITLEMENT_PENDING_CANCELLATION, then this field is empty. * If the + entitlement is in the state ENTITLEMENT_PENDING_PLAN_CHANGE_APPROVAL + or ENTITLEMENT_PENDING_PLAN_CHANGE, and the upcoming offer has a + specified end date, then this field is populated with the expected + end time of the upcoming offer, in the future. Otherwise, this field + is empty. * If the entitlement is in the state + ENTITLEMENT_CANCELLED, then this field is empty. + productExternalName: + readOnly: true type: string - ListEntitlementsResponse: - id: ListEntitlementsResponse - description: Response message for PartnerProcurementService.ListEntitlements. + description: Output only. The identifier of the product that was procured. + ApproveEntitlementPlanChangeRequest: + description: >- + Request message for + [PartnerProcurementService.ApproveEntitlementPlanChange[]. + id: ApproveEntitlementPlanChangeRequest type: object properties: - entitlements: - description: The list of entitlements in this response. - type: array - items: - $ref: '#/components/schemas/Entitlement' - nextPageToken: - description: The token for fetching the next page. + pendingPlanName: type: string + description: Required. Name of the pending plan that's being approved. ApproveEntitlementRequest: - id: ApproveEntitlementRequest - description: Request message for [PartnerProcurementService.ApproveEntitlement[]. - type: object properties: properties: + deprecated: true + type: object description: >- Set of properties that should be associated with the entitlement. Optional. - deprecated: true - type: object additionalProperties: type: string entitlementMigrated: + type: string description: >- Optional. The resource name of the entitlement that was migrated, with the format `providers/{provider_id}/entitlements/{entitlement_id}`. Should only be sent when resources have been migrated from entitlement_migrated to the new entitlement. Optional. - type: string - RejectEntitlementRequest: - id: RejectEntitlementRequest - description: Request message for PartnerProcurementService.RejectEntitlement. + description: Request message for [PartnerProcurementService.ApproveEntitlement[]. + id: ApproveEntitlementRequest + type: object + Consumer: + id: Consumer type: object + description: A resource using (consuming) this entitlement. + properties: + project: + type: string + description: A project name with format `projects/`. + RejectAccountRequest: + description: Request message for PartnerProcurementService.RejectAccount. properties: + approvalName: + description: >- + The name of the approval being rejected. If absent and there is only + one approval possible, that approval will be rejected. If absent and + there are many approvals possible, the request will fail with a 400 + Bad Request. Optional. + type: string reason: + type: string description: >- Free form text string explaining the rejection reason. Max allowed length: 256 bytes. Longer strings will be truncated. - type: string - ApproveEntitlementPlanChangeRequest: - id: ApproveEntitlementPlanChangeRequest - description: >- - Request message for - [PartnerProcurementService.ApproveEntitlementPlanChange[]. type: object - properties: - pendingPlanName: - description: Required. Name of the pending plan that's being approved. - type: string - RejectEntitlementPlanChangeRequest: - id: RejectEntitlementPlanChangeRequest - description: >- - Request message for - PartnerProcurementService.RejectEntitlementPlanChange. + id: RejectAccountRequest + Empty: + id: Empty + type: object + properties: {} + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + ApproveAccountRequest: type: object + id: ApproveAccountRequest properties: + approvalName: + type: string + description: >- + The name of the approval being approved. If absent and there is only + one approval possible, that approval will be granted. If absent and + there are many approvals possible, the request will fail with a 400 + Bad Request. Optional. reason: description: >- - Free form text string explaining the rejection reason. Max allowed - length: 256 bytes. Longer strings will be truncated. - type: string - pendingPlanName: - description: Required. Name of the pending plan that is being rejected. + Free form text string explaining the approval reason. Optional. Max + allowed length: 256 bytes. Longer strings will be truncated. type: string - SuspendEntitlementRequest: - id: SuspendEntitlementRequest - description: >- - Request message for ParterProcurementService.SuspendEntitlement. This is - not yet supported. + properties: + additionalProperties: + type: string + description: >- + Set of properties that should be associated with the account. + Optional. + type: object + description: Request message for PartnerProcurementService.ApproveAccount. + ListAccountsResponse: type: object + id: ListAccountsResponse + description: Response message for [PartnerProcurementService.ListAccounts[]. properties: - reason: - description: >- - A free-form reason string, explaining the reason for suspension - request. + nextPageToken: + description: The token for fetching the next page. type: string + accounts: + description: The list of accounts in this response. + items: + $ref: '#/components/schemas/Account' + type: array + ResetAccountRequest: + id: ResetAccountRequest + type: object + properties: {} + description: Request message for PartnerProcurementService.ResetAccount. parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string key: description: >- API key. Your API key identifies your project and provides you with API @@ -607,12 +673,16 @@ components: name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + alt: + description: Data format for response. in: query - name: prettyPrint + name: alt schema: - type: boolean + type: string + enum: + - json + - media + - proto quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -622,18 +692,30 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query name: uploadType schema: type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + callback: + description: JSONP + in: query + name: callback + schema: + type: string _.xgafv: description: V1 error format. in: query @@ -643,141 +725,162 @@ components: enum: - '1' - '2' + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string x-stackQL-resources: - accounts: - id: google.cloudcommerceprocurement.accounts - name: accounts - title: Accounts + entitlements: + id: google.cloudcommerceprocurement.entitlements + name: entitlements + title: Entitlements methods: - get: + reject: operation: - $ref: '#/paths/~1v1~1providers~1{providersId}~1accounts~1{accountsId}/get' + $ref: >- + #/paths/~1v1~1providers~1{providersId}~1entitlements~1{entitlementsId}:reject/post response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: - $ref: '#/paths/~1v1~1providers~1{providersId}~1accounts/get' + $ref: >- + #/paths/~1v1~1providers~1{providersId}~1entitlements~1{entitlementsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.accounts - approve: + get: operation: $ref: >- - #/paths/~1v1~1providers~1{providersId}~1accounts~1{accountsId}:approve/post + #/paths/~1v1~1providers~1{providersId}~1entitlements~1{entitlementsId}/get response: mediaType: application/json openAPIDocKey: '200' - reject: + approve: operation: $ref: >- - #/paths/~1v1~1providers~1{providersId}~1accounts~1{accountsId}:reject/post + #/paths/~1v1~1providers~1{providersId}~1entitlements~1{entitlementsId}:approve/post response: mediaType: application/json openAPIDocKey: '200' - reset: + list: operation: - $ref: >- - #/paths/~1v1~1providers~1{providersId}~1accounts~1{accountsId}:reset/post + $ref: '#/paths/~1v1~1providers~1{providersId}~1entitlements/get' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/accounts/methods/get' - - $ref: '#/components/x-stackQL-resources/accounts/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - entitlements: - id: google.cloudcommerceprocurement.entitlements - name: entitlements - title: Entitlements - methods: - get: + objectKey: $.entitlements + reject_plan_change: operation: $ref: >- - #/paths/~1v1~1providers~1{providersId}~1entitlements~1{entitlementsId}/get + #/paths/~1v1~1providers~1{providersId}~1entitlements~1{entitlementsId}:rejectPlanChange/post response: mediaType: application/json openAPIDocKey: '200' - patch: + approve_plan_change: operation: $ref: >- - #/paths/~1v1~1providers~1{providersId}~1entitlements~1{entitlementsId}/patch + #/paths/~1v1~1providers~1{providersId}~1entitlements~1{entitlementsId}:approvePlanChange/post response: mediaType: application/json openAPIDocKey: '200' - list: + suspend: operation: - $ref: '#/paths/~1v1~1providers~1{providersId}~1entitlements/get' + $ref: >- + #/paths/~1v1~1providers~1{providersId}~1entitlements~1{entitlementsId}:suspend/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.entitlements - approve: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/entitlements/methods/get' + - $ref: '#/components/x-stackQL-resources/entitlements/methods/list' + insert: [] + update: + - $ref: '#/components/x-stackQL-resources/entitlements/methods/patch' + replace: [] + delete: [] + accounts: + id: google.cloudcommerceprocurement.accounts + name: accounts + title: Accounts + methods: + reset: operation: $ref: >- - #/paths/~1v1~1providers~1{providersId}~1entitlements~1{entitlementsId}:approve/post + #/paths/~1v1~1providers~1{providersId}~1accounts~1{accountsId}:reset/post response: mediaType: application/json openAPIDocKey: '200' reject: operation: $ref: >- - #/paths/~1v1~1providers~1{providersId}~1entitlements~1{entitlementsId}:reject/post + #/paths/~1v1~1providers~1{providersId}~1accounts~1{accountsId}:reject/post response: mediaType: application/json openAPIDocKey: '200' - approve_plan_change: + list: operation: - $ref: >- - #/paths/~1v1~1providers~1{providersId}~1entitlements~1{entitlementsId}:approvePlanChange/post + $ref: '#/paths/~1v1~1providers~1{providersId}~1accounts/get' response: mediaType: application/json openAPIDocKey: '200' - reject_plan_change: + objectKey: $.accounts + approve: operation: $ref: >- - #/paths/~1v1~1providers~1{providersId}~1entitlements~1{entitlementsId}:rejectPlanChange/post + #/paths/~1v1~1providers~1{providersId}~1accounts~1{accountsId}:approve/post response: mediaType: application/json openAPIDocKey: '200' - suspend: + get: operation: - $ref: >- - #/paths/~1v1~1providers~1{providersId}~1entitlements~1{entitlementsId}:suspend/post + $ref: '#/paths/~1v1~1providers~1{providersId}~1accounts~1{accountsId}/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/entitlements/methods/get' - - $ref: '#/components/x-stackQL-resources/entitlements/methods/list' + - $ref: '#/components/x-stackQL-resources/accounts/methods/get' + - $ref: '#/components/x-stackQL-resources/accounts/methods/list' insert: [] - update: - - $ref: '#/components/x-stackQL-resources/entitlements/methods/patch' + update: [] replace: [] delete: [] paths: - /v1/providers/{providersId}/accounts/{accountsId}: + /v1/providers/{providersId}/entitlements/{entitlementsId}:reject: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/_.xgafv' - get: - description: Gets a requested Account resource. - operationId: cloudcommerceprocurement.providers.accounts.get + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/upload_protocol' + post: + description: >- + Rejects an entitlement that is in the + EntitlementState.ENTITLEMENT_ACTIVATION_REQUESTED state. This method is + invoked by the provider to reject the creation of the entitlement + resource. + operationId: cloudcommerceprocurement.providers.entitlements.reject + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RejectEntitlementRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -789,7 +892,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Account' + $ref: '#/components/schemas/Empty' parameters: - in: path name: providersId @@ -797,15 +900,20 @@ paths: schema: type: string - in: path - name: accountsId + name: entitlementsId required: true schema: type: string - /v1/providers/{providersId}/accounts: + /v1/providers/{providersId}/entitlements/{entitlementsId}: parameters: *ref_1 - get: - description: Lists Accounts that the provider has access to. - operationId: cloudcommerceprocurement.providers.accounts.list + patch: + description: Updates an existing Entitlement. + operationId: cloudcommerceprocurement.providers.entitlements.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Entitlement' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -817,32 +925,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAccountsResponse' + $ref: '#/components/schemas/Entitlement' parameters: - in: path name: providersId required: true schema: type: string - - in: query - name: pageSize + - in: path + name: entitlementsId + required: true schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: updateMask schema: type: string - /v1/providers/{providersId}/accounts/{accountsId}:approve: - parameters: *ref_1 - post: - description: Grants an approval on an Account. - operationId: cloudcommerceprocurement.providers.accounts.approve - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ApproveAccountRequest' + format: google-fieldmask + get: + description: Gets a requested Entitlement resource. + operationId: cloudcommerceprocurement.providers.entitlements.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -854,7 +956,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Entitlement' parameters: - in: path name: providersId @@ -862,20 +964,24 @@ paths: schema: type: string - in: path - name: accountsId + name: entitlementsId required: true schema: type: string - /v1/providers/{providersId}/accounts/{accountsId}:reject: + /v1/providers/{providersId}/entitlements/{entitlementsId}:approve: parameters: *ref_1 post: - description: Rejects an approval on an Account. - operationId: cloudcommerceprocurement.providers.accounts.reject + description: >- + Approves an entitlement that is in the + EntitlementState.ENTITLEMENT_ACTIVATION_REQUESTED state. This method is + invoked by the provider to approve the creation of the entitlement + resource. + operationId: cloudcommerceprocurement.providers.entitlements.approve requestBody: content: application/json: schema: - $ref: '#/components/schemas/RejectAccountRequest' + $ref: '#/components/schemas/ApproveEntitlementRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -895,22 +1001,15 @@ paths: schema: type: string - in: path - name: accountsId + name: entitlementsId required: true schema: type: string - /v1/providers/{providersId}/accounts/{accountsId}:reset: + /v1/providers/{providersId}/entitlements: parameters: *ref_1 - post: - description: >- - Resets an Account and cancels all associated Entitlements. Partner can - only reset accounts they own rather than customer accounts. - operationId: cloudcommerceprocurement.providers.accounts.reset - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ResetAccountRequest' + get: + description: Lists Entitlements for which the provider has read access. + operationId: cloudcommerceprocurement.providers.entitlements.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -922,23 +1021,40 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListEntitlementsResponse' parameters: - in: path name: providersId required: true schema: type: string - - in: path - name: accountsId - required: true + - in: query + name: pageToken schema: type: string - /v1/providers/{providersId}/entitlements/{entitlementsId}: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/providers/{providersId}/entitlements/{entitlementsId}:rejectPlanChange: parameters: *ref_1 - get: - description: Gets a requested Entitlement resource. - operationId: cloudcommerceprocurement.providers.entitlements.get + post: + description: >- + Rejects an entitlement plan change that is in the + EntitlementState.ENTITLEMENT_PENDING_PLAN_CHANGE_APPROVAL state. This + method is invoked by the provider to reject the plan change on the + entitlement resource. + operationId: cloudcommerceprocurement.providers.entitlements.rejectPlanChange + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RejectEntitlementPlanChangeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -950,7 +1066,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Entitlement' + $ref: '#/components/schemas/Empty' parameters: - in: path name: providersId @@ -962,14 +1078,20 @@ paths: required: true schema: type: string - patch: - description: Updates an existing Entitlement. - operationId: cloudcommerceprocurement.providers.entitlements.patch + /v1/providers/{providersId}/entitlements/{entitlementsId}:approvePlanChange: + parameters: *ref_1 + post: + description: >- + Approves an entitlement plan change that is in the + EntitlementState.ENTITLEMENT_PENDING_PLAN_CHANGE_APPROVAL state. This + method is invoked by the provider to approve the plan change on the + entitlement resource. + operationId: cloudcommerceprocurement.providers.entitlements.approvePlanChange requestBody: content: application/json: schema: - $ref: '#/components/schemas/Entitlement' + $ref: '#/components/schemas/ApproveEntitlementPlanChangeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -981,7 +1103,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Entitlement' + $ref: '#/components/schemas/Empty' parameters: - in: path name: providersId @@ -993,16 +1115,16 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/providers/{providersId}/entitlements: + /v1/providers/{providersId}/entitlements/{entitlementsId}:suspend: parameters: *ref_1 - get: - description: Lists Entitlements for which the provider has read access. - operationId: cloudcommerceprocurement.providers.entitlements.list + post: + description: Requests suspension of an active Entitlement. This is not yet supported. + operationId: cloudcommerceprocurement.providers.entitlements.suspend + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SuspendEntitlementRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1014,40 +1136,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListEntitlementsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: providersId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: entitlementsId + required: true schema: type: string - /v1/providers/{providersId}/entitlements/{entitlementsId}:approve: + /v1/providers/{providersId}/accounts/{accountsId}:reset: parameters: *ref_1 post: description: >- - Approves an entitlement that is in the - EntitlementState.ENTITLEMENT_ACTIVATION_REQUESTED state. This method is - invoked by the provider to approve the creation of the entitlement - resource. - operationId: cloudcommerceprocurement.providers.entitlements.approve + Resets an Account and cancels all associated Entitlements. Partner can + only reset accounts they own rather than customer accounts. + operationId: cloudcommerceprocurement.providers.accounts.reset requestBody: content: application/json: schema: - $ref: '#/components/schemas/ApproveEntitlementRequest' + $ref: '#/components/schemas/ResetAccountRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1067,24 +1179,20 @@ paths: schema: type: string - in: path - name: entitlementsId + name: accountsId required: true schema: type: string - /v1/providers/{providersId}/entitlements/{entitlementsId}:reject: + /v1/providers/{providersId}/accounts/{accountsId}:reject: parameters: *ref_1 post: - description: >- - Rejects an entitlement that is in the - EntitlementState.ENTITLEMENT_ACTIVATION_REQUESTED state. This method is - invoked by the provider to reject the creation of the entitlement - resource. - operationId: cloudcommerceprocurement.providers.entitlements.reject + description: Rejects an approval on an Account. + operationId: cloudcommerceprocurement.providers.accounts.reject requestBody: content: application/json: schema: - $ref: '#/components/schemas/RejectEntitlementRequest' + $ref: '#/components/schemas/RejectAccountRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1104,24 +1212,15 @@ paths: schema: type: string - in: path - name: entitlementsId + name: accountsId required: true schema: type: string - /v1/providers/{providersId}/entitlements/{entitlementsId}:approvePlanChange: + /v1/providers/{providersId}/accounts: parameters: *ref_1 - post: - description: >- - Approves an entitlement plan change that is in the - EntitlementState.ENTITLEMENT_PENDING_PLAN_CHANGE_APPROVAL state. This - method is invoked by the provider to approve the plan change on the - entitlement resource. - operationId: cloudcommerceprocurement.providers.entitlements.approvePlanChange - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ApproveEntitlementPlanChangeRequest' + get: + description: Lists Accounts that the provider has access to. + operationId: cloudcommerceprocurement.providers.accounts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1133,32 +1232,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListAccountsResponse' parameters: - in: path name: providersId required: true schema: type: string - - in: path - name: entitlementsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/providers/{providersId}/entitlements/{entitlementsId}:rejectPlanChange: + /v1/providers/{providersId}/accounts/{accountsId}:approve: parameters: *ref_1 post: - description: >- - Rejects an entitlement plan change that is in the - EntitlementState.ENTITLEMENT_PENDING_PLAN_CHANGE_APPROVAL state. This - method is invoked by the provider to reject the plan change on the - entitlement resource. - operationId: cloudcommerceprocurement.providers.entitlements.rejectPlanChange + description: Grants an approval on an Account. + operationId: cloudcommerceprocurement.providers.accounts.approve requestBody: content: application/json: schema: - $ref: '#/components/schemas/RejectEntitlementPlanChangeRequest' + $ref: '#/components/schemas/ApproveAccountRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1178,20 +1277,15 @@ paths: schema: type: string - in: path - name: entitlementsId + name: accountsId required: true schema: type: string - /v1/providers/{providersId}/entitlements/{entitlementsId}:suspend: + /v1/providers/{providersId}/accounts/{accountsId}: parameters: *ref_1 - post: - description: Requests suspension of an active Entitlement. This is not yet supported. - operationId: cloudcommerceprocurement.providers.entitlements.suspend - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SuspendEntitlementRequest' + get: + description: Gets a requested Account resource. + operationId: cloudcommerceprocurement.providers.accounts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1203,7 +1297,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Account' parameters: - in: path name: providersId @@ -1211,7 +1305,11 @@ paths: schema: type: string - in: path - name: entitlementsId + name: accountsId required: true schema: type: string + - in: query + name: view + schema: + type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/cloudcontrolspartner.yaml b/providers/src/googleapis.com/v00.00.00000/services/cloudcontrolspartner.yaml index d39d692b..dacd5a99 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/cloudcontrolspartner.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/cloudcontrolspartner.yaml @@ -9,8 +9,8 @@ info: Provides insights about your customers and their Assured Workloads based on your Sovereign Controls by Partners offering. version: v1 - x-discovery-doc-revision: '20250820' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251203' + x-generated-date: '2025-12-10' externalDocs: url: >- https://cloud.google.com/sovereign-controls-by-partners/docs/sovereign-partners/reference/rest @@ -37,235 +37,269 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - Workload: - id: Workload - description: >- - Contains metadata around the [Workload - resource](https://cloud.google.com/assured-workloads/docs/reference/rest/Shared.Types/Workload) - in the Assured Workloads API. - type: object + Sku: properties: - name: + id: description: >- - Identifier. Format: - `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}` - type: string - folderId: - description: Output only. Folder id this workload is associated with - readOnly: true - type: string - format: int64 - createTime: - description: Output only. Time the resource was created. - readOnly: true - type: string - format: google-datetime - folder: - description: Output only. The name of container folder of the assured workload - readOnly: true - type: string - workloadOnboardingState: - description: Container for workload onboarding steps. - $ref: '#/components/schemas/WorkloadOnboardingState' - isOnboarded: - description: Indicates whether a workload is fully onboarded. - type: boolean - keyManagementProjectId: - description: The project id of the key management project for the workload - type: string - location: - description: The Google Cloud location of the workload + Argentum product SKU, that is associated with the partner offerings + to customers used by Syntro for billing purposes. SKUs can represent + resold Google products or support services. type: string - partner: - description: Partner associated with this workload. + displayName: type: string - enumDescriptions: - - Unknown Partner. - - Enum representing S3NS (Thales) partner. - - Enum representing T_SYSTEM (TSI) partner. - - Enum representing SIA_MINSAIT (Indra) partner. - - Enum representing PSN (TIM) partner. - - Enum representing CNTXT (Kingdom of Saudi Arabia) partner. - - >- - Enum representing CNXT (Kingdom of Saudi Arabia) partner offering - without EKM provisioning. - enum: - - PARTNER_UNSPECIFIED - - PARTNER_LOCAL_CONTROLS_BY_S3NS - - PARTNER_SOVEREIGN_CONTROLS_BY_T_SYSTEMS - - PARTNER_SOVEREIGN_CONTROLS_BY_SIA_MINSAIT - - PARTNER_SOVEREIGN_CONTROLS_BY_PSN - - PARTNER_SOVEREIGN_CONTROLS_BY_CNTXT - - PARTNER_SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM - WorkloadOnboardingState: - id: WorkloadOnboardingState - description: Container for workload onboarding steps. + description: >- + Display name of the product identified by the SKU. A partner may + want to show partner branded names for their offerings such as local + sovereign cloud solutions. + description: >- + Represents the SKU a partner owns inside Google Cloud to sell to + customers. + id: Sku type: object + Instructions: + id: Instructions properties: - onboardingSteps: - description: List of workload onboarding steps. - type: array - items: - $ref: '#/components/schemas/WorkloadOnboardingStep' - WorkloadOnboardingStep: - id: WorkloadOnboardingStep - description: Container for workload onboarding information. + gcloudInstructions: + description: Remediation instructions to resolve violation via gcloud cli + $ref: '#/components/schemas/Gcloud' + consoleInstructions: + $ref: '#/components/schemas/Console' + description: Remediation instructions to resolve violation via cloud console + description: Instructions to remediate violation type: object - properties: - step: - description: The onboarding step. - type: string - enumDescriptions: - - Unspecified step. - - EKM Provisioned step. - - Signed Access Approval step. - enum: - - STEP_UNSPECIFIED - - EKM_PROVISIONED - - SIGNED_ACCESS_APPROVAL_CONFIGURED - startTime: - description: The starting time of the onboarding step. - type: string - format: google-datetime - completionTime: - description: The completion time of the onboarding step. - type: string - format: google-datetime - completionState: - description: Output only. The completion state of the onboarding step. - readOnly: true - type: string - enumDescriptions: - - Unspecified completion state. - - Task started (has start date) but not yet completed. - - Succeeded state. - - Failed state. - - Not applicable state. - enum: - - COMPLETION_STATE_UNSPECIFIED - - PENDING - - SUCCEEDED - - FAILED - - NOT_APPLICABLE ListWorkloadsResponse: - id: ListWorkloadsResponse description: Response message for list customer workloads requests. - type: object properties: - workloads: - description: List of customer workloads - type: array - items: - $ref: '#/components/schemas/Workload' nextPageToken: description: >- A token that can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. type: string + workloads: + description: List of customer workloads + items: + $ref: '#/components/schemas/Workload' + type: array unreachable: description: Locations that could not be reached. type: array items: type: string - Customer: - id: Customer - description: Contains metadata around a Cloud Controls Partner Customer type: object + id: ListWorkloadsResponse + Remediation: + type: object + id: Remediation + description: >- + Represents remediation guidance to resolve compliance violation for + AssuredWorkload properties: - name: - description: >- - Identifier. Format: - `organizations/{organization}/locations/{location}/customers/{customer}` - type: string - displayName: - description: Required. Display name for the customer - type: string - customerOnboardingState: - description: Output only. Container for customer onboarding steps - readOnly: true - $ref: '#/components/schemas/CustomerOnboardingState' - isOnboarded: - description: Output only. Indicates whether a customer is fully onboarded + instructions: + $ref: '#/components/schemas/Instructions' + description: Required. Remediation instructions to resolve violations + remediationType: + enumDescriptions: + - Unspecified remediation type + - Remediation type for boolean org policy + - >- + Remediation type for list org policy which have allowed values in + the monitoring rule + - >- + Remediation type for list org policy which have denied values in + the monitoring rule + - Remediation type for gcp.restrictCmekCryptoKeyProjects + - Remediation type for resource violation. readOnly: true - type: boolean - organizationDomain: + enum: + - REMEDIATION_TYPE_UNSPECIFIED + - REMEDIATION_BOOLEAN_ORG_POLICY_VIOLATION + - REMEDIATION_LIST_ALLOWED_VALUES_ORG_POLICY_VIOLATION + - REMEDIATION_LIST_DENIED_VALUES_ORG_POLICY_VIOLATION + - REMEDIATION_RESTRICT_CMEK_CRYPTO_KEY_PROJECTS_ORG_POLICY_VIOLATION + - REMEDIATION_RESOURCE_VIOLATION description: >- - Output only. The customer organization domain, extracted from CRM - Organization’s display_name field. e.g. "google.com" - readOnly: true + Output only. Remediation type based on the type of org policy values + violated type: string - CustomerOnboardingState: - id: CustomerOnboardingState - description: Container for customer onboarding steps + compliantValues: + type: array + items: + type: string + description: >- + Values that can resolve the violation For example: for list org + policy violations, this will either be the list of allowed or denied + values + Console: + id: Console type: object + description: Remediation instructions to resolve violation via cloud console properties: - onboardingSteps: - description: List of customer onboarding steps + consoleUris: type: array + description: Link to console page where violations can be resolved items: - $ref: '#/components/schemas/CustomerOnboardingStep' - CustomerOnboardingStep: - id: CustomerOnboardingStep - description: Container for customer onboarding information + type: string + additionalLinks: + type: array + description: Additional urls for more information about steps + items: + type: string + steps: + type: array + items: + type: string + description: Steps to resolve violation via cloud console + WorkloadOnboardingStep: + id: WorkloadOnboardingStep type: object + description: Container for workload onboarding information. properties: step: - description: The onboarding step - type: string - enumDescriptions: - - Unspecified step - - KAJ Enrollment - - Customer Environment enum: - STEP_UNSPECIFIED - - KAJ_ENROLLMENT - - CUSTOMER_ENVIRONMENT - startTime: - description: The starting time of the onboarding step + - EKM_PROVISIONED + - SIGNED_ACCESS_APPROVAL_CONFIGURED + enumDescriptions: + - Unspecified step. + - EKM Provisioned step. + - Signed Access Approval step. + description: The onboarding step. type: string - format: google-datetime completionTime: - description: The completion time of the onboarding step + format: google-datetime + description: The completion time of the onboarding step. type: string + startTime: format: google-datetime - completionState: - description: Output only. Current state of the step - readOnly: true + description: The starting time of the onboarding step. type: string + completionState: enumDescriptions: - Unspecified completion state. - Task started (has start date) but not yet completed. - Succeeded state. - Failed state. - Not applicable state. + description: Output only. The completion state of the onboarding step. + readOnly: true enum: - COMPLETION_STATE_UNSPECIFIED - PENDING - SUCCEEDED - FAILED - NOT_APPLICABLE - ListCustomersResponse: - id: ListCustomersResponse - description: Response message for list customer Customers requests + type: string + EkmMetadata: + id: EkmMetadata + description: Holds information needed by Mudbray to use partner EKMs for workloads. type: object properties: - customers: - description: List of customers + ekmSolution: + description: The Cloud EKM partner. + enum: + - EKM_SOLUTION_UNSPECIFIED + - FORTANIX + - FUTUREX + - THALES + - VIRTRU + type: string + enumDescriptions: + - Unspecified EKM solution + - EKM Partner Fortanix + - EKM Partner FutureX + - EKM Partner Thales + - This enum value is never used. + enumDeprecated: + - false + - false + - false + - false + - true + ekmEndpointUri: + type: string + description: >- + Endpoint for sending requests to the EKM for key provisioning during + Assured Workload creation. + Empty: + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: Empty + properties: {} + type: object + Gcloud: + properties: + gcloudCommands: + description: Gcloud command to resolve violation + items: + type: string type: array + steps: items: - $ref: '#/components/schemas/Customer' - nextPageToken: - description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. - type: string - unreachable: - description: Locations that could not be reached. + type: string + type: array + description: Steps to resolve violation via gcloud cli + additionalLinks: type: array items: type: string + description: Additional urls for more information about steps + description: Remediation instructions to resolve violation via gcloud cli + type: object + id: Gcloud + CustomerOnboardingStep: + properties: + step: + type: string + enum: + - STEP_UNSPECIFIED + - KAJ_ENROLLMENT + - CUSTOMER_ENVIRONMENT + description: The onboarding step + enumDescriptions: + - Unspecified step + - KAJ Enrollment + - Customer Environment + completionState: + description: Output only. Current state of the step + enum: + - COMPLETION_STATE_UNSPECIFIED + - PENDING + - SUCCEEDED + - FAILED + - NOT_APPLICABLE + type: string + readOnly: true + enumDescriptions: + - Unspecified completion state. + - Task started (has start date) but not yet completed. + - Succeeded state. + - Failed state. + - Not applicable state. + startTime: + description: The starting time of the onboarding step + type: string + format: google-datetime + completionTime: + description: The completion time of the onboarding step + type: string + format: google-datetime + description: Container for customer onboarding information + type: object + id: CustomerOnboardingStep + WorkloadOnboardingState: + properties: + onboardingSteps: + items: + $ref: '#/components/schemas/WorkloadOnboardingStep' + type: array + description: List of workload onboarding steps. + description: Container for workload onboarding steps. + id: WorkloadOnboardingState + type: object EkmConnections: - id: EkmConnections description: The EKM connections associated with a workload type: object properties: @@ -275,135 +309,87 @@ components: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/ekmConnections` type: string ekmConnections: - description: The EKM connections associated with the workload type: array + description: The EKM connections associated with the workload items: $ref: '#/components/schemas/EkmConnection' - EkmConnection: - id: EkmConnection - description: Details about the EKM connection - type: object + id: EkmConnections + OperationMetadata: + id: OperationMetadata + description: Represents the metadata of the long-running operation. properties: - connectionName: + endTime: + type: string + description: Output only. The time the operation finished running. + format: google-datetime + readOnly: true + requestedCancellation: description: >- - Resource name of the EKM connection in the format: - projects/{project}/locations/{location}/ekmConnections/{ekm_connection} + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have been cancelled successfully + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. + readOnly: true + type: boolean + target: type: string - connectionState: - description: Output only. The connection state + description: >- + Output only. Server-defined resource path for the target of the + operation. + readOnly: true + apiVersion: readOnly: true + description: Output only. API version used to start the operation. type: string - enumDescriptions: - - Unspecified EKM connection state - - Available EKM connection state - - Not available EKM connection state - - Error EKM connection state - - Permission denied EKM connection state - enum: - - CONNECTION_STATE_UNSPECIFIED - - AVAILABLE - - NOT_AVAILABLE - - ERROR - - PERMISSION_DENIED - connectionError: - description: The connection error that occurred if any - $ref: '#/components/schemas/ConnectionError' - ConnectionError: - id: ConnectionError - description: >- - Information around the error that occurred if the connection state is - anything other than available or unspecified - type: object - properties: - errorDomain: - description: The error domain for the error + createTime: + description: Output only. The time the operation was created. + format: google-datetime + readOnly: true type: string - errorMessage: - description: The error message for the error + statusMessage: + readOnly: true + description: Output only. Human-readable status of the operation, if any. type: string - PartnerPermissions: - id: PartnerPermissions - description: The permissions granted to the partner for a workload - type: object - properties: - name: - description: >- - Identifier. Format: - `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/partnerPermissions` + verb: + description: Output only. Name of the verb executed by the operation. + readOnly: true type: string - partnerPermissions: - description: The partner permissions granted for the workload - type: array - items: - type: string - enumDescriptions: - - Unspecified partner permission - - Permission for Access Transparency and emergency logs - - Permission for Assured Workloads monitoring violations - - Permission for Access Approval requests - - Permission for External Key Manager connection status - - >- - Permission for support case details for Access Transparency log - entries - enum: - - PERMISSION_UNSPECIFIED - - ACCESS_TRANSPARENCY_AND_EMERGENCY_ACCESS_LOGS - - ASSURED_WORKLOADS_MONITORING - - ACCESS_APPROVAL_REQUESTS - - ASSURED_WORKLOADS_EKM_CONNECTION_STATUS - - ACCESS_TRANSPARENCY_LOGS_SUPPORT_CASE_VIEWER - ListAccessApprovalRequestsResponse: - id: ListAccessApprovalRequestsResponse - description: Response message for list access requests. type: object - properties: - accessApprovalRequests: - description: List of access approval requests - type: array - items: - $ref: '#/components/schemas/AccessApprovalRequest' - nextPageToken: - description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string AccessApprovalRequest: - id: AccessApprovalRequest - description: Details about the Access request. type: object + id: AccessApprovalRequest properties: + requestTime: + format: google-datetime + type: string + description: The time at which approval was requested. name: description: >- Identifier. Format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/accessApprovalRequests/{access_approval_request}` type: string - requestTime: - description: The time at which approval was requested. - type: string - format: google-datetime requestedReason: description: The justification for which approval is being requested. $ref: '#/components/schemas/AccessReason' requestedExpirationTime: + format: google-datetime description: >- The requested expiration for the approval. If the request is approved, access will be granted from the time of approval until the expiration time. type: string - format: google-datetime + description: Details about the Access request. AccessReason: - id: AccessReason description: Reason for the access. type: object + id: AccessReason properties: - type: - description: Type of access justification. + detail: + description: >- + More detail about certain reason types. See comments for each type + above. type: string + type: enumDescriptions: - Default value for proto, shouldn't be used. - >- @@ -433,6 +419,8 @@ components: principal accessed customer data in order to diagnose or resolve a suspected issue in services or a known outage, or for security, fraud, abuse, or compliance review purposes. + type: string + description: Type of access justification. enum: - TYPE_UNSPECIFIED - CUSTOMER_INITIATED_SUPPORT @@ -441,124 +429,206 @@ components: - THIRD_PARTY_DATA_REQUEST - GOOGLE_RESPONSE_TO_PRODUCTION_ALERT - CLOUD_INITIATED_ACCESS - detail: - description: >- - More detail about certain reason types. See comments for each type - above. + ListCustomersResponse: + type: object + id: ListCustomersResponse + properties: + unreachable: + type: array + description: Locations that could not be reached. + items: + type: string + customers: + description: List of customers + type: array + items: + $ref: '#/components/schemas/Customer' + nextPageToken: type: string + description: >- + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. + description: Response message for list customer Customers requests Partner: - id: Partner description: Message describing Partner resource - type: object properties: + createTime: + format: google-datetime + type: string + description: Output only. Time the resource was created + readOnly: true name: + type: string description: >- Identifier. The resource name of the partner. Format: `organizations/{organization}/locations/{location}/partner` Example: "organizations/123456/locations/us-central1/partner" + updateTime: + readOnly: true type: string - skus: - description: List of SKUs the partner is offering - type: array - items: - $ref: '#/components/schemas/Sku' - ekmSolutions: - description: List of Google Cloud supported EKM partners supported by the partner - type: array - items: - $ref: '#/components/schemas/EkmMetadata' + format: google-datetime + description: Output only. The last time the resource was updated + partnerProjectId: + type: string + description: >- + Google Cloud project ID in the partner's Google Cloud organization + for receiving enhanced Logs for Partners. operatedCloudRegions: + items: + type: string description: >- List of Google Cloud regions that the partner sells services to customers. Valid Google Cloud regions found here: https://cloud.google.com/compute/docs/regions-zones type: array + ekmSolutions: + description: List of Google Cloud supported EKM partners supported by the partner items: - type: string - partnerProjectId: + $ref: '#/components/schemas/EkmMetadata' + type: array + skus: + description: List of SKUs the partner is offering + type: array + items: + $ref: '#/components/schemas/Sku' + id: Partner + type: object + Workload: + description: >- + Contains metadata around the [Workload + resource](https://cloud.google.com/assured-workloads/docs/reference/rest/Shared.Types/Workload) + in the Assured Workloads API. + id: Workload + type: object + properties: + isOnboarded: + description: Indicates whether a workload is fully onboarded. + type: boolean + name: description: >- - Google Cloud project ID in the partner's Google Cloud organization - for receiving enhanced Logs for Partners. + Identifier. Format: + `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}` type: string - createTime: - description: Output only. Time the resource was created + location: + description: The Google Cloud location of the workload + type: string + folder: + description: Output only. The name of container folder of the assured workload readOnly: true type: string + partner: + description: Partner associated with this workload. + type: string + enumDescriptions: + - Unknown Partner. + - Enum representing S3NS (Thales) partner. + - Enum representing T_SYSTEM (TSI) partner. + - Enum representing SIA_MINSAIT (Indra) partner. + - Enum representing PSN (TIM) partner. + - Enum representing CNTXT (Kingdom of Saudi Arabia) partner. + - >- + Enum representing CNXT (Kingdom of Saudi Arabia) partner offering + without EKM provisioning. + enum: + - PARTNER_UNSPECIFIED + - PARTNER_LOCAL_CONTROLS_BY_S3NS + - PARTNER_SOVEREIGN_CONTROLS_BY_T_SYSTEMS + - PARTNER_SOVEREIGN_CONTROLS_BY_SIA_MINSAIT + - PARTNER_SOVEREIGN_CONTROLS_BY_PSN + - PARTNER_SOVEREIGN_CONTROLS_BY_CNTXT + - PARTNER_SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM + createTime: format: google-datetime - updateTime: - description: Output only. The last time the resource was updated readOnly: true + description: Output only. Time the resource was created. type: string - format: google-datetime - Sku: - id: Sku + workloadOnboardingState: + description: Container for workload onboarding steps. + $ref: '#/components/schemas/WorkloadOnboardingState' + keyManagementProjectId: + description: The project id of the key management project for the workload + type: string + folderId: + format: int64 + readOnly: true + description: Output only. Folder id this workload is associated with + type: string + PartnerPermissions: + id: PartnerPermissions + description: The permissions granted to the partner for a workload + properties: + partnerPermissions: + type: array + description: The partner permissions granted for the workload + items: + type: string + enumDescriptions: + - Unspecified partner permission + - Permission for Access Transparency and emergency logs + - Permission for Assured Workloads monitoring violations + - Permission for Access Approval requests + - Permission for External Key Manager connection status + - >- + Permission for support case details for Access Transparency log + entries + enum: + - PERMISSION_UNSPECIFIED + - ACCESS_TRANSPARENCY_AND_EMERGENCY_ACCESS_LOGS + - ASSURED_WORKLOADS_MONITORING + - ACCESS_APPROVAL_REQUESTS + - ASSURED_WORKLOADS_EKM_CONNECTION_STATUS + - ACCESS_TRANSPARENCY_LOGS_SUPPORT_CASE_VIEWER + name: + description: >- + Identifier. Format: + `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/partnerPermissions` + type: string + type: object + ConnectionError: description: >- - Represents the SKU a partner owns inside Google Cloud to sell to - customers. + Information around the error that occurred if the connection state is + anything other than available or unspecified type: object + id: ConnectionError properties: - id: - description: >- - Argentum product SKU, that is associated with the partner offerings - to customers used by Syntro for billing purposes. SKUs can represent - resold Google products or support services. + errorMessage: + description: The error message for the error type: string - displayName: - description: >- - Display name of the product identified by the SKU. A partner may - want to show partner branded names for their offerings such as local - sovereign cloud solutions. + errorDomain: + description: The error domain for the error type: string - EkmMetadata: - id: EkmMetadata - description: Holds information needed by Mudbray to use partner EKMs for workloads. + EkmConnection: type: object + id: EkmConnection + description: Details about the EKM connection properties: - ekmSolution: - description: The Cloud EKM partner. - type: string - enumDescriptions: - - Unspecified EKM solution - - EKM Partner Fortanix - - EKM Partner FutureX - - EKM Partner Thales - - This enum value is never used. - enumDeprecated: - - false - - false - - false - - false - - true + connectionState: enum: - - EKM_SOLUTION_UNSPECIFIED - - FORTANIX - - FUTUREX - - THALES - - VIRTRU - ekmEndpointUri: + - CONNECTION_STATE_UNSPECIFIED + - AVAILABLE + - NOT_AVAILABLE + - ERROR + - PERMISSION_DENIED + enumDescriptions: + - Unspecified EKM connection state + - Available EKM connection state + - Not available EKM connection state + - Error EKM connection state + - Permission denied EKM connection state + description: Output only. The connection state + readOnly: true + type: string + connectionName: description: >- - Endpoint for sending requests to the EKM for key provisioning during - Assured Workload creation. + Resource name of the EKM connection in the format: + projects/{project}/locations/{location}/ekmConnections/{ekm_connection} type: string - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} + connectionError: + description: The connection error that occurred if any + $ref: '#/components/schemas/ConnectionError' ListViolationsResponse: - id: ListViolationsResponse - description: Response message for list customer violation requests type: object properties: - violations: - description: List of violation - type: array - items: - $ref: '#/components/schemas/Violation' nextPageToken: description: >- A token that can be sent as `page_token` to retrieve the next page. @@ -568,220 +638,150 @@ components: description: >- Workloads that could not be reached due to permission errors or any other error. Ref: https://google.aip.dev/217 - type: array items: type: string + type: array + violations: + items: + $ref: '#/components/schemas/Violation' + type: array + description: List of violation + id: ListViolationsResponse + description: Response message for list customer violation requests + Customer: + id: Customer + properties: + organizationDomain: + description: >- + Output only. The customer organization domain, extracted from CRM + Organization’s display_name field. e.g. "google.com" + readOnly: true + type: string + displayName: + description: Required. Display name for the customer + type: string + name: + description: >- + Identifier. Format: + `organizations/{organization}/locations/{location}/customers/{customer}` + type: string + customerOnboardingState: + $ref: '#/components/schemas/CustomerOnboardingState' + description: Output only. Container for customer onboarding steps + readOnly: true + isOnboarded: + readOnly: true + description: Output only. Indicates whether a customer is fully onboarded + type: boolean + description: Contains metadata around a Cloud Controls Partner Customer + type: object Violation: - id: Violation description: Details of resource Violation - type: object properties: name: + type: string description: >- Identifier. Format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/violations/{violation}` + nonCompliantOrgPolicy: type: string - description: - description: >- - Output only. Description for the Violation. e.g. OrgPolicy - gcp.resourceLocations has non compliant value. - readOnly: true - type: string - beginTime: - description: Output only. Time of the event which triggered the Violation. readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The last time when the Violation record was updated. + description: >- + Output only. Immutable. Name of the OrgPolicy which was modified + with non-compliant change and resulted this violation. Format: + `projects/{project_number}/policies/{constraint_name}` + `folders/{folder_id}/policies/{constraint_name}` + `organizations/{organization_id}/policies/{constraint_name}` + category: + description: >- + Output only. Category under which this violation is mapped. e.g. + Location, Service Usage, Access, Encryption, etc. readOnly: true type: string - format: google-datetime resolveTime: + format: google-datetime description: >- Output only. Time of the event which fixed the Violation. If the violation is ACTIVE this will be empty. readOnly: true type: string + updateTime: format: google-datetime - category: - description: >- - Output only. Category under which this violation is mapped. e.g. - Location, Service Usage, Access, Encryption, etc. + type: string + description: Output only. The last time when the Violation record was updated. + readOnly: true + remediation: + description: Output only. Compliance violation remediation + $ref: '#/components/schemas/Remediation' readOnly: true + state: + description: Output only. State of the violation + enum: + - STATE_UNSPECIFIED + - RESOLVED + - UNRESOLVED + - EXCEPTION type: string - state: - description: Output only. State of the violation readOnly: true - type: string enumDescriptions: - Unspecified state. - Violation is resolved. - Violation is Unresolved - Violation is Exception - enum: - - STATE_UNSPECIFIED - - RESOLVED - - UNRESOLVED - - EXCEPTION - nonCompliantOrgPolicy: + description: description: >- - Output only. Immutable. Name of the OrgPolicy which was modified - with non-compliant change and resulted this violation. Format: - `projects/{project_number}/policies/{constraint_name}` - `folders/{folder_id}/policies/{constraint_name}` - `organizations/{organization_id}/policies/{constraint_name}` + Output only. Description for the Violation. e.g. OrgPolicy + gcp.resourceLocations has non compliant value. + type: string + readOnly: true + beginTime: readOnly: true type: string + format: google-datetime + description: Output only. Time of the event which triggered the Violation. folderId: - description: The folder_id of the violation type: string format: int64 - remediation: - description: Output only. Compliance violation remediation - readOnly: true - $ref: '#/components/schemas/Remediation' - Remediation: - id: Remediation - description: >- - Represents remediation guidance to resolve compliance violation for - AssuredWorkload - type: object - properties: - instructions: - description: Required. Remediation instructions to resolve violations - $ref: '#/components/schemas/Instructions' - compliantValues: - description: >- - Values that can resolve the violation For example: for list org - policy violations, this will either be the list of allowed or denied - values - type: array - items: - type: string - remediationType: - description: >- - Output only. Remediation type based on the type of org policy values - violated - readOnly: true - type: string - enumDescriptions: - - Unspecified remediation type - - Remediation type for boolean org policy - - >- - Remediation type for list org policy which have allowed values in - the monitoring rule - - >- - Remediation type for list org policy which have denied values in - the monitoring rule - - Remediation type for gcp.restrictCmekCryptoKeyProjects - - Remediation type for resource violation. - enum: - - REMEDIATION_TYPE_UNSPECIFIED - - REMEDIATION_BOOLEAN_ORG_POLICY_VIOLATION - - REMEDIATION_LIST_ALLOWED_VALUES_ORG_POLICY_VIOLATION - - REMEDIATION_LIST_DENIED_VALUES_ORG_POLICY_VIOLATION - - REMEDIATION_RESTRICT_CMEK_CRYPTO_KEY_PROJECTS_ORG_POLICY_VIOLATION - - REMEDIATION_RESOURCE_VIOLATION - Instructions: - id: Instructions - description: Instructions to remediate violation + description: The folder_id of the violation + id: Violation type: object - properties: - gcloudInstructions: - description: Remediation instructions to resolve violation via gcloud cli - $ref: '#/components/schemas/Gcloud' - consoleInstructions: - description: Remediation instructions to resolve violation via cloud console - $ref: '#/components/schemas/Console' - Gcloud: - id: Gcloud - description: Remediation instructions to resolve violation via gcloud cli + ListAccessApprovalRequestsResponse: type: object properties: - gcloudCommands: - description: Gcloud command to resolve violation - type: array - items: - type: string - steps: - description: Steps to resolve violation via gcloud cli + unreachable: + description: Locations that could not be reached. type: array items: type: string - additionalLinks: - description: Additional urls for more information about steps + accessApprovalRequests: type: array + description: List of access approval requests items: - type: string - Console: - id: Console - description: Remediation instructions to resolve violation via cloud console + $ref: '#/components/schemas/AccessApprovalRequest' + nextPageToken: + description: >- + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. + type: string + description: Response message for list access requests. + id: ListAccessApprovalRequestsResponse + CustomerOnboardingState: + id: CustomerOnboardingState + description: Container for customer onboarding steps type: object properties: - consoleUris: - description: Link to console page where violations can be resolved - type: array - items: - type: string - steps: - description: Steps to resolve violation via cloud console - type: array - items: - type: string - additionalLinks: - description: Additional urls for more information about steps + onboardingSteps: type: array items: - type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. - type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - target: - description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true - type: string - requestedCancellation: - description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been cancelled successfully - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string + $ref: '#/components/schemas/CustomerOnboardingStep' + description: List of customer onboarding steps parameters: - access_token: - description: OAuth access token. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: access_token + name: prettyPrint schema: - type: string + type: boolean alt: description: Data format for response. in: query @@ -792,18 +792,6 @@ components: - json - media - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string key: description: >- API key. Your API key identifies your project and provides you with API @@ -813,18 +801,12 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + callback: + description: JSONP in: query - name: oauth_token + name: callback schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -834,18 +816,18 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query name: uploadType schema: type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string _.xgafv: description: V1 error format. in: query @@ -855,6 +837,24 @@ components: enum: - '1' - '2' + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string x-stackQL-resources: partner: id: google.cloudcontrolspartner.partner @@ -871,74 +871,64 @@ components: sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/partner/methods/get_partner' - insert: [] - update: [] - replace: [] - delete: [] - customers: - id: google.cloudcontrolspartner.customers - name: customers - title: Customers - methods: - get: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers~1{customersId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers~1{customersId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: + insert: [] + update: [] + replace: [] + delete: [] + access_approval_requests: + id: google.cloudcontrolspartner.access_approval_requests + name: access_approval_requests + title: Access_approval_requests + methods: + list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers~1{customersId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers~1{customersId}~1workloads~1{workloadsId}~1accessApprovalRequests/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/access_approval_requests/methods/list + insert: [] + update: [] + replace: [] + delete: [] + violations: + id: google.cloudcontrolspartner.violations + name: violations + title: Violations + methods: list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers~1{customersId}~1workloads~1{workloadsId}~1violations/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.customers - create: + objectKey: $.unreachable + get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers~1{customersId}~1workloads~1{workloadsId}~1violations~1{violationsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/customers/methods/get' - - $ref: '#/components/x-stackQL-resources/customers/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/customers/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/customers/methods/patch' + - $ref: '#/components/x-stackQL-resources/violations/methods/get' + - $ref: '#/components/x-stackQL-resources/violations/methods/list' + insert: [] + update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/customers/methods/delete' + delete: [] workloads: id: google.cloudcontrolspartner.workloads name: workloads title: Workloads methods: - get: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers~1{customersId}~1workloads~1{workloadsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' list: operation: $ref: >- @@ -947,30 +937,17 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.workloads - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/workloads/methods/get' - - $ref: '#/components/x-stackQL-resources/workloads/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - ekm_connections: - id: google.cloudcontrolspartner.ekm_connections - name: ekm_connections - title: Ekm_connections - methods: - get_ekm_connections: + get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers~1{customersId}~1workloads~1{workloadsId}~1ekmConnections/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers~1{customersId}~1workloads~1{workloadsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/ekm_connections/methods/get_ekm_connections + - $ref: '#/components/x-stackQL-resources/workloads/methods/get' + - $ref: '#/components/x-stackQL-resources/workloads/methods/list' insert: [] update: [] replace: [] @@ -995,69 +972,92 @@ components: update: [] replace: [] delete: [] - access_approval_requests: - id: google.cloudcontrolspartner.access_approval_requests - name: access_approval_requests - title: Access_approval_requests + ekm_connections: + id: google.cloudcontrolspartner.ekm_connections + name: ekm_connections + title: Ekm_connections methods: - list: + get_ekm_connections: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers~1{customersId}~1workloads~1{workloadsId}~1accessApprovalRequests/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers~1{customersId}~1workloads~1{workloadsId}~1ekmConnections/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.accessApprovalRequests sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/access_approval_requests/methods/list + #/components/x-stackQL-resources/ekm_connections/methods/get_ekm_connections insert: [] update: [] replace: [] delete: [] - violations: - id: google.cloudcontrolspartner.violations - name: violations - title: Violations + customers: + id: google.cloudcontrolspartner.customers + name: customers + title: Customers methods: + create: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers/post + response: + mediaType: application/json + openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers~1{customersId}~1workloads~1{workloadsId}~1violations/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + delete: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers~1{customersId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.violations get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers~1{customersId}~1workloads~1{workloadsId}~1violations~1{violationsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers~1{customersId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1customers~1{customersId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/violations/methods/get' - - $ref: '#/components/x-stackQL-resources/violations/methods/list' - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/customers/methods/get' + - $ref: '#/components/x-stackQL-resources/customers/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/customers/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/customers/methods/patch' replace: [] - delete: [] + delete: + - $ref: '#/components/x-stackQL-resources/customers/methods/delete' paths: /v1/organizations/{organizationsId}/locations/{locationsId}/partner: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/access_token' get: description: Get details of a Partner. operationId: cloudcontrolspartner.organizations.locations.getPartner @@ -1084,83 +1084,14 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}: + /v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads/{workloadsId}/accessApprovalRequests: parameters: *ref_1 get: - description: Gets details of a single customer - operationId: cloudcontrolspartner.organizations.locations.customers.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Customer' - parameters: - - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: customersId - required: true - schema: - type: string - patch: - description: Update details of a single customer - operationId: cloudcontrolspartner.organizations.locations.customers.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Customer' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Customer' - parameters: - - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: customersId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Delete details of a single customer - operationId: cloudcontrolspartner.organizations.locations.customers.delete + description: >- + Deprecated: Only returns access approval requests directly associated + with an assured workload folder. + operationId: >- + cloudcontrolspartner.organizations.locations.customers.workloads.accessApprovalRequests.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1172,7 +1103,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListAccessApprovalRequestsResponse' parameters: - in: path name: organizationsId @@ -1180,42 +1111,17 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: customersId - required: true - schema: - type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/customers: - parameters: *ref_1 - get: - description: >- - Lists customers of a partner identified by its Google Cloud organization - ID - operationId: cloudcontrolspartner.organizations.locations.customers.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListCustomersResponse' - parameters: + name: locationsId + required: true + schema: + type: string - in: path - name: organizationsId + name: customersId required: true schema: type: string - in: path - name: locationsId + name: workloadsId required: true schema: type: string @@ -1229,21 +1135,25 @@ paths: schema: type: string - in: query - name: filter + name: orderBy schema: type: string - in: query - name: orderBy + name: filter schema: type: string - post: - description: Creates a new customer. - operationId: cloudcontrolspartner.organizations.locations.customers.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Customer' + /v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads/{workloadsId}/violations: + parameters: *ref_1 + get: + description: >- + Lists Violations for a workload Callers may also choose to read across + multiple Customers or for a single customer as per + [AIP-159](https://google.aip.dev/159) by using '-' (the hyphen or dash + character) as a wildcard character instead of {customer} & {workload}. + Format: + `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}` + operationId: >- + cloudcontrolspartner.organizations.locations.customers.workloads.violations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1255,7 +1165,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Customer' + $ref: '#/components/schemas/ListViolationsResponse' parameters: - in: path name: organizationsId @@ -1267,15 +1177,49 @@ paths: required: true schema: type: string + - in: path + name: customersId + required: true + schema: + type: string + - in: path + name: workloadsId + required: true + schema: + type: string - in: query - name: customerId + name: filter schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads/{workloadsId}: + - in: query + name: interval.startTime + schema: + type: string + format: google-datetime + - in: query + name: interval.endTime + schema: + type: string + format: google-datetime + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + /v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads/{workloadsId}/violations/{violationsId}: parameters: *ref_1 get: - description: Gets details of a single workload - operationId: cloudcontrolspartner.organizations.locations.customers.workloads.get + description: Gets details of a single Violation. + operationId: >- + cloudcontrolspartner.organizations.locations.customers.workloads.violations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1287,7 +1231,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Workload' + $ref: '#/components/schemas/Violation' parameters: - in: path name: organizationsId @@ -1309,6 +1253,11 @@ paths: required: true schema: type: string + - in: path + name: violationsId + required: true + schema: + type: string /v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads: parameters: *ref_1 get: @@ -1342,11 +1291,6 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: @@ -1355,16 +1299,20 @@ paths: name: filter schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 - in: query name: orderBy schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads/{workloadsId}/ekmConnections: + /v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads/{workloadsId}: parameters: *ref_1 get: - description: Gets the EKM connections associated with a workload - operationId: >- - cloudcontrolspartner.organizations.locations.customers.workloads.getEkmConnections + description: Gets details of a single workload + operationId: cloudcontrolspartner.organizations.locations.customers.workloads.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1376,7 +1324,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EkmConnections' + $ref: '#/components/schemas/Workload' parameters: - in: path name: organizationsId @@ -1437,14 +1385,12 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads/{workloadsId}/accessApprovalRequests: + /v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads/{workloadsId}/ekmConnections: parameters: *ref_1 get: - description: >- - Deprecated: Only returns access approval requests directly associated - with an assured workload folder. + description: Gets the EKM connections associated with a workload operationId: >- - cloudcontrolspartner.organizations.locations.customers.workloads.accessApprovalRequests.list + cloudcontrolspartner.organizations.locations.customers.workloads.getEkmConnections security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1456,7 +1402,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAccessApprovalRequestsResponse' + $ref: '#/components/schemas/EkmConnections' parameters: - in: path name: organizationsId @@ -1478,35 +1424,16 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads/{workloadsId}/violations: + /v1/organizations/{organizationsId}/locations/{locationsId}/customers: parameters: *ref_1 - get: - description: >- - Lists Violations for a workload Callers may also choose to read across - multiple Customers or for a single customer as per - [AIP-159](https://google.aip.dev/159) by using '-' (the hyphen or dash - character) as a wildcard character instead of {customer} & {workload}. - Format: - `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}` - operationId: >- - cloudcontrolspartner.organizations.locations.customers.workloads.violations.list + post: + description: Creates a new customer. + operationId: cloudcontrolspartner.organizations.locations.customers.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Customer' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1518,7 +1445,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListViolationsResponse' + $ref: '#/components/schemas/Customer' parameters: - in: path name: organizationsId @@ -1530,13 +1457,35 @@ paths: required: true schema: type: string + - in: query + name: customerId + schema: + type: string + get: + description: >- + Lists customers of a partner identified by its Google Cloud organization + ID + operationId: cloudcontrolspartner.organizations.locations.customers.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListCustomersResponse' + parameters: - in: path - name: customersId + name: organizationsId required: true schema: type: string - in: path - name: workloadsId + name: locationsId required: true schema: type: string @@ -1557,22 +1506,42 @@ paths: name: orderBy schema: type: string - - in: query - name: interval.startTime + /v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}: + parameters: *ref_1 + delete: + description: Delete details of a single customer + operationId: cloudcontrolspartner.organizations.locations.customers.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: organizationsId + required: true schema: type: string - format: google-datetime - - in: query - name: interval.endTime + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: customersId + required: true schema: type: string - format: google-datetime - /v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads/{workloadsId}/violations/{violationsId}: - parameters: *ref_1 get: - description: Gets details of a single Violation. - operationId: >- - cloudcontrolspartner.organizations.locations.customers.workloads.violations.get + description: Gets details of a single customer + operationId: cloudcontrolspartner.organizations.locations.customers.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1584,7 +1553,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Violation' + $ref: '#/components/schemas/Customer' parameters: - in: path name: organizationsId @@ -1601,13 +1570,44 @@ paths: required: true schema: type: string + patch: + description: Update details of a single customer + operationId: cloudcontrolspartner.organizations.locations.customers.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Customer' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Customer' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string - in: path - name: workloadsId + name: locationsId required: true schema: type: string - in: path - name: violationsId + name: customersId required: true schema: type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask diff --git a/providers/src/googleapis.com/v00.00.00000/services/clouddeploy.yaml b/providers/src/googleapis.com/v00.00.00000/services/clouddeploy.yaml index 5703c5eb..9545138a 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/clouddeploy.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/clouddeploy.yaml @@ -7,8 +7,8 @@ info: title: Cloud Deploy API description: '' version: v1 - x-discovery-doc-revision: '20250813' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251105' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/deploy/ servers: @@ -34,486 +34,562 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + ReleaseNotificationEvent: + id: ReleaseNotificationEvent + description: >- + Payload proto for "clouddeploy.googleapis.com/release_notification" + Platform Log event that describes the failure to send release status + change Pub/Sub notification. + properties: + pipelineUid: + type: string + description: Unique identifier of the `DeliveryPipeline`. + type: + type: string + enumDescriptions: + - Type is unspecified. + - A Pub/Sub notification failed to be sent. + - Resource state changed. + - A process aborted. + - Restriction check failed. + - Resource deleted. + - Rollout updated. + - Deploy Policy evaluation. + - >- + Deprecated: This field is never used. Use release_render log type + instead. + enum: + - TYPE_UNSPECIFIED + - TYPE_PUBSUB_NOTIFICATION_FAILURE + - TYPE_RESOURCE_STATE_CHANGE + - TYPE_PROCESS_ABORTED + - TYPE_RESTRICTION_VIOLATED + - TYPE_RESOURCE_DELETED + - TYPE_ROLLOUT_UPDATE + - TYPE_DEPLOY_POLICY_EVALUATION + - TYPE_RENDER_STATUES_CHANGE + enumDeprecated: + - false + - false + - false + - false + - false + - false + - false + - false + - true + description: Type of this notification, e.g. for a Pub/Sub failure. + release: + description: The name of the `Release`. + type: string + message: + description: Debug message for when a notification fails to send. + type: string + releaseUid: + description: Unique identifier of the `Release`. + type: string type: object + JobRun: properties: - operations: + deployJobRun: + description: Output only. Information specific to a deploy `JobRun`. + readOnly: true + $ref: '#/components/schemas/DeployJobRun' + createTime: + type: string + format: google-datetime + readOnly: true + description: Output only. Time at which the `JobRun` was created. + createChildRolloutJobRun: + readOnly: true + $ref: '#/components/schemas/CreateChildRolloutJobRun' + description: Output only. Information specific to a createChildRollout `JobRun`. + phaseId: + description: Output only. ID of the `Rollout` phase this `JobRun` belongs in. + readOnly: true + type: string + startTime: + description: Output only. Time at which the `JobRun` was started. + type: string + format: google-datetime + readOnly: true + state: + enum: + - STATE_UNSPECIFIED + - IN_PROGRESS + - SUCCEEDED + - FAILED + - TERMINATING + - TERMINATED + readOnly: true + type: string + description: Output only. The current state of the `JobRun`. + enumDescriptions: + - The `JobRun` has an unspecified state. + - The `JobRun` is in progress. + - The `JobRun` has succeeded. + - The `JobRun` has failed. + - The `JobRun` is terminating. + - The `JobRun` was terminated. + verifyJobRun: + readOnly: true + description: Output only. Information specific to a verify `JobRun`. + $ref: '#/components/schemas/VerifyJobRun' + postdeployJobRun: + readOnly: true + description: Output only. Information specific to a postdeploy `JobRun`. + $ref: '#/components/schemas/PostdeployJobRun' + uid: + readOnly: true + description: Output only. Unique identifier of the `JobRun`. + type: string + name: + type: string description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + Output only. Name of the `JobRun`. Format is + `projects/{project}/locations/{location}/deliveryPipelines/{deliveryPipeline}/releases/{releases}/rollouts/{rollouts}/jobRuns/{uuid}`. + readOnly: true + jobId: + description: Output only. ID of the `Rollout` job this `JobRun` corresponds to. type: string - Operation: - id: Operation + readOnly: true + advanceChildRolloutJobRun: + description: Output only. Information specific to an advanceChildRollout `JobRun` + $ref: '#/components/schemas/AdvanceChildRolloutJobRun' + readOnly: true + etag: + type: string + readOnly: true + description: >- + Output only. This checksum is computed by the server based on the + value of other fields, and may be sent on update and delete requests + to ensure the client has an up-to-date value before proceeding. + predeployJobRun: + $ref: '#/components/schemas/PredeployJobRun' + readOnly: true + description: Output only. Information specific to a predeploy `JobRun`. + endTime: + type: string + description: Output only. Time at which the `JobRun` ended. + format: google-datetime + readOnly: true + type: object + id: JobRun description: >- - This resource represents a long-running operation that is the result of - a network API call. + A `JobRun` resource in the Cloud Deploy API. A `JobRun` contains + information of a single `Rollout` job evaluation. + TargetArtifact: type: object properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + manifestPath: type: string - metadata: description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + Output only. File path of the rendered manifest relative to the URI + for the stable phase. + readOnly: true + skaffoldConfigPath: + readOnly: true description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + Output only. File path of the resolved Skaffold configuration for + the stable phase, relative to the URI. + type: string + artifactUri: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + Output only. URI of a directory containing the artifacts. This + contains deployment configuration used by Skaffold during a rollout, + and all paths are relative to this location. + readOnly: true + type: string + phaseArtifacts: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object + Output only. Map from the phase ID to the phase artifacts for the + `Target`. + readOnly: true additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object + $ref: '#/components/schemas/PhaseArtifact' + type: object + description: The artifacts produced by a target render operation. + id: TargetArtifact + TimedPromoteReleaseCondition: properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + nextPromotionTime: type: string - details: + format: google-datetime + readOnly: true + description: Output only. When the next scheduled promotion(s) will occur. + targetsList: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + Output only. A list of targets involved in the upcoming timed + promotion(s). type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty + $ref: '#/components/schemas/Targets' + readOnly: true + id: TimedPromoteReleaseCondition description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + `TimedPromoteReleaseCondition` contains conditions specific to an + Automation with a Timed Promote Release rule defined. type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. + TestIamPermissionsRequest: type: object - properties: {} + description: Request message for `TestIamPermissions` method. + properties: + permissions: + type: array + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + items: + type: string + id: TestIamPermissionsRequest + CustomCanaryDeployment: + id: CustomCanaryDeployment + properties: + phaseConfigs: + description: >- + Required. Configuration for each phase in the canary deployment in + the order executed. + items: + $ref: '#/components/schemas/PhaseConfig' + type: array + description: >- + CustomCanaryDeployment represents the custom canary deployment + configuration. + type: object + AdvanceRolloutRule: + id: AdvanceRolloutRule + type: object + properties: + id: + type: string + description: >- + Required. ID of the rule. This id must be unique in the `Automation` + resource to which this rule belongs. The format is + `[a-z]([a-z0-9-]{0,61}[a-z0-9])?`. + wait: + description: Optional. How long to wait after a rollout is finished. + type: string + format: google-duration + sourcePhases: + items: + type: string + description: >- + Optional. Proceeds only after phase name matched any one in the + list. This value must consist of lower-case letters, numbers, and + hyphens, start with a letter and end with a letter or a number, and + have a max length of 63 characters. In other words, it must match + the following regex: `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`. + type: array + condition: + description: Output only. Information around the state of the Automation rule. + readOnly: true + $ref: '#/components/schemas/AutomationRuleCondition' + description: >- + The `AdvanceRollout` automation rule will automatically advance a + successful Rollout to the next phase. ListDeliveryPipelinesResponse: - id: ListDeliveryPipelinesResponse description: The response object from `ListDeliveryPipelines`. type: object + id: ListDeliveryPipelinesResponse properties: deliveryPipelines: - description: The `DeliveryPipeline` objects. - type: array items: $ref: '#/components/schemas/DeliveryPipeline' + description: The `DeliveryPipeline` objects. + type: array nextPageToken: + type: string description: >- A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. - type: string unreachable: description: Locations that could not be reached. - type: array items: type: string - DeliveryPipeline: - id: DeliveryPipeline + type: array + AutomationResourceSelector: description: >- - A `DeliveryPipeline` resource in the Cloud Deploy API. A - `DeliveryPipeline` defines a pipeline through which a Skaffold - configuration can progress. + AutomationResourceSelector contains the information to select the + resources to which an Automation is going to be applied. type: object + id: AutomationResourceSelector properties: - name: + targets: + description: Optional. Contains attributes about a target. + items: + $ref: '#/components/schemas/TargetAttribute' + type: array + SkaffoldVersion: + type: object + properties: + supportEndDate: + description: Date when this version is expected to no longer be supported. + $ref: '#/components/schemas/Date' + maintenanceModeTime: + type: string + format: google-datetime description: >- - Identifier. Name of the `DeliveryPipeline`. Format is - `projects/{project}/locations/{location}/deliveryPipelines/{deliveryPipeline}`. - The `deliveryPipeline` component must match - `[a-z]([a-z0-9-]{0,61}[a-z0-9])?` + The time at which this version of Skaffold will enter maintenance + mode. + supportExpirationTime: + description: >- + The time at which this version of Skaffold will no longer be + supported. + format: google-datetime type: string - uid: - description: Output only. Unique identifier of the `DeliveryPipeline`. - readOnly: true + version: + description: Release version number. For example, "1.20.3". type: string - description: + id: SkaffoldVersion + description: Details of a supported Skaffold version. + ReleaseCondition: + type: object + description: ReleaseCondition contains all conditions relevant to a Release. + id: ReleaseCondition + properties: + kustomizeVersionSupportedCondition: + $ref: '#/components/schemas/ToolVersionSupportedCondition' description: >- - Optional. Description of the `DeliveryPipeline`. Max length is 255 - characters. - type: string - annotations: + Output only. Details around the support state of the release's + Kustomize version. + readOnly: true + kptVersionSupportedCondition: + readOnly: true description: >- - Optional. User annotations. These attributes can only be set and - used by the user, and not by Cloud Deploy. - type: object - additionalProperties: - type: string - labels: + Output only. Details around the support state of the release's Kpt + version. + $ref: '#/components/schemas/ToolVersionSupportedCondition' + dockerVersionSupportedCondition: + readOnly: true description: >- - Labels are attributes that can be set and used by both the user and - by Cloud Deploy. Labels must meet the following constraints: * Keys - and values can contain only lowercase letters, numeric characters, - underscores, and dashes. * All characters must use UTF-8 encoding, - and international characters are allowed. * Keys must start with a - lowercase letter or international character. * Each resource is - limited to a maximum of 64 labels. Both keys and values are - additionally constrained to be <= 128 bytes. - type: object - additionalProperties: - type: string - createTime: - description: Output only. Time at which the pipeline was created. + Output only. Details around the support state of the release's + Docker version. + $ref: '#/components/schemas/ToolVersionSupportedCondition' + helmVersionSupportedCondition: + description: >- + Output only. Details around the support state of the release's Helm + version. readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Most recent time at which the pipeline was updated. + $ref: '#/components/schemas/ToolVersionSupportedCondition' + kubectlVersionSupportedCondition: readOnly: true - type: string - format: google-datetime - serialPipeline: + $ref: '#/components/schemas/ToolVersionSupportedCondition' description: >- - Optional. SerialPipeline defines a sequential set of stages for a - `DeliveryPipeline`. - $ref: '#/components/schemas/SerialPipeline' - condition: - description: Output only. Information around the state of the Delivery Pipeline. + Output only. Details around the support state of the release's + Kubectl version. + skaffoldSupportedCondition: + $ref: '#/components/schemas/SkaffoldSupportedCondition' + description: Details around the support state of the release's Skaffold version. + releaseReadyCondition: + $ref: '#/components/schemas/ReleaseReadyCondition' + description: Details around the Releases's overall status. + skaffoldVersionSupportedCondition: readOnly: true - $ref: '#/components/schemas/PipelineCondition' - etag: - description: >- - This checksum is computed by the server based on the value of other - fields, and may be sent on update and delete requests to ensure the - client has an up-to-date value before proceeding. - type: string - suspended: description: >- - Optional. When suspended, no new releases or rollouts can be - created, but in-progress ones will complete. - type: boolean - SerialPipeline: - id: SerialPipeline - description: >- - SerialPipeline defines a sequential set of stages for a - `DeliveryPipeline`. + Output only. Details around the support state of the release's + Skaffold version. + $ref: '#/components/schemas/ToolVersionSupportedCondition' + ListAutomationRunsResponse: type: object properties: - stages: - description: >- - Optional. Each stage specifies configuration for a `Target`. The - ordering of this list defines the promotion flow. - type: array + automationRuns: + description: The `AutomationRuns` objects. items: - $ref: '#/components/schemas/Stage' - Stage: - id: Stage - description: Stage specifies a location to which to deploy. - type: object - properties: - targetId: + $ref: '#/components/schemas/AutomationRun' + type: array + nextPageToken: description: >- - Optional. The target_id to which this stage points. This field - refers exclusively to the last segment of a target name. For - example, this field would just be `my-target` (rather than - `projects/project/locations/location/targets/my-target`). The - location of the `Target` is inferred to be the same as the location - of the `DeliveryPipeline` that contains this `Stage`. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - profiles: - description: >- - Optional. Skaffold profiles to use when rendering the manifest for - this stage's `Target`. + unreachable: type: array items: type: string - strategy: - description: Optional. The strategy to use for a `Rollout` to this stage. - $ref: '#/components/schemas/Strategy' - deployParameters: - description: Optional. The deploy parameters to use for the target in this stage. - type: array - items: - $ref: '#/components/schemas/DeployParameters' - Strategy: - id: Strategy - description: Strategy contains deployment strategy information. - type: object - properties: - standard: - description: >- - Optional. Standard deployment strategy executes a single deploy and - allows verifying the deployment. - $ref: '#/components/schemas/Standard' - canary: - description: >- - Optional. Canary deployment strategy provides progressive percentage - based deployments to a Target. - $ref: '#/components/schemas/Canary' - Standard: - id: Standard - description: Standard represents the standard deployment strategy. + description: Locations that could not be reached. + id: ListAutomationRunsResponse + description: The response object from `ListAutomationRuns`. + GkeCluster: type: object properties: - verify: - description: Optional. Whether to verify a deployment via `skaffold verify`. + internalIp: type: boolean - predeploy: description: >- - Optional. Configuration for the predeploy job. If this is not - configured, the predeploy job will not be present. - $ref: '#/components/schemas/Predeploy' - postdeploy: - description: >- - Optional. Configuration for the postdeploy job. If this is not - configured, the postdeploy job will not be present. - $ref: '#/components/schemas/Postdeploy' - Predeploy: - id: Predeploy - description: Predeploy contains the predeploy job configuration information. - type: object - properties: - actions: - description: >- - Optional. A sequence of Skaffold custom actions to invoke during - execution of the predeploy job. - type: array - items: - type: string - Postdeploy: - id: Postdeploy - description: Postdeploy contains the postdeploy job configuration information. - type: object - properties: - actions: + Optional. If true, `cluster` is accessed using the private IP + address of the control plane endpoint. Otherwise, the default IP + address of the control plane endpoint is used. The default IP + address is the private IP address for clusters with private + control-plane endpoints and the public IP address otherwise. Only + specify this option when `cluster` is a [private GKE + cluster](https://cloud.google.com/kubernetes-engine/docs/concepts/private-cluster-concept). + Note that `internal_ip` and `dns_endpoint` cannot both be set to + true. + dnsEndpoint: + type: boolean description: >- - Optional. A sequence of Skaffold custom actions to invoke during - execution of the postdeploy job. - type: array - items: - type: string - Canary: - id: Canary - description: Canary represents the canary deployment strategy. - type: object - properties: - runtimeConfig: + Optional. If set, the cluster will be accessed using the DNS + endpoint. Note that both `dns_endpoint` and `internal_ip` cannot be + set to true. + proxyUrl: description: >- - Optional. Runtime specific configurations for the deployment - strategy. The runtime configuration is used to determine how Cloud - Deploy will split traffic to enable a progressive deployment. - $ref: '#/components/schemas/RuntimeConfig' - canaryDeployment: - description: Optional. Configures the progressive based deployment for a Target. - $ref: '#/components/schemas/CanaryDeployment' - customCanaryDeployment: + Optional. If set, used to configure a + [proxy](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/#proxy) + to the Kubernetes server. + type: string + cluster: description: >- - Optional. Configures the progressive based deployment for a Target, - but allows customizing at the phase level where a phase represents - each of the percentage deployments. - $ref: '#/components/schemas/CustomCanaryDeployment' - RuntimeConfig: - id: RuntimeConfig + Optional. Information specifying a GKE Cluster. Format is + `projects/{project_id}/locations/{location_id}/clusters/{cluster_id}`. + type: string + id: GkeCluster + description: Information specifying a GKE Cluster. + CustomTargetType: + id: CustomTargetType description: >- - RuntimeConfig contains the runtime specific configurations for a - deployment strategy. - type: object - properties: - kubernetes: - description: Optional. Kubernetes runtime configuration. - $ref: '#/components/schemas/KubernetesConfig' - cloudRun: - description: Optional. Cloud Run runtime configuration. - $ref: '#/components/schemas/CloudRunConfig' - KubernetesConfig: - id: KubernetesConfig - description: KubernetesConfig contains the Kubernetes runtime configuration. - type: object - properties: - gatewayServiceMesh: - description: Optional. Kubernetes Gateway API service mesh configuration. - $ref: '#/components/schemas/GatewayServiceMesh' - serviceNetworking: - description: Optional. Kubernetes Service networking configuration. - $ref: '#/components/schemas/ServiceNetworking' - GatewayServiceMesh: - id: GatewayServiceMesh - description: Information about the Kubernetes Gateway API service mesh configuration. - type: object + A `CustomTargetType` resource in the Cloud Deploy API. A + `CustomTargetType` defines a type of custom target that can be + referenced in a `Target` in order to facilitate deploying to other + systems besides the supported runtimes. properties: - httpRoute: - description: Required. Name of the Gateway API HTTPRoute. + createTime: type: string - service: - description: Required. Name of the Kubernetes Service. + description: Output only. Time at which the `CustomTargetType` was created. + readOnly: true + format: google-datetime + etag: type: string - deployment: description: >- - Required. Name of the Kubernetes Deployment whose traffic is managed - by the specified HTTPRoute and Service. - type: string - routeUpdateWaitTime: + Optional. This checksum is computed by the server based on the value + of other fields, and may be sent on update and delete requests to + ensure the client has an up-to-date value before proceeding. + customActions: + $ref: '#/components/schemas/CustomTargetSkaffoldActions' description: >- - Optional. The time to wait for route updates to propagate. The - maximum configurable time is 3 hours, in seconds format. If - unspecified, there is no wait time. - type: string - format: google-duration - stableCutbackDuration: + Optional. Configures render and deploy for the `CustomTargetType` + using Skaffold custom actions. + name: description: >- - Optional. The amount of time to migrate traffic back from the canary - Service to the original Service during the stable phase deployment. - If specified, must be between 15s and 3600s. If unspecified, there - is no cutback time. + Identifier. Name of the `CustomTargetType`. Format is + `projects/{project}/locations/{location}/customTargetTypes/{customTargetType}`. + The `customTargetType` component must match + `[a-z]([a-z0-9-]{0,61}[a-z0-9])?` type: string - format: google-duration - podSelectorLabel: + customTargetTypeId: + description: Output only. Resource id of the `CustomTargetType`. + readOnly: true + type: string + uid: + description: Output only. Unique identifier of the `CustomTargetType`. + readOnly: true + type: string + labels: + type: object + additionalProperties: + type: string description: >- - Optional. The label to use when selecting Pods for the Deployment - and Service resources. This label must already be present in both - resources. + Optional. Labels are attributes that can be set and used by both the + user and by Cloud Deploy. Labels must meet the following + constraints: * Keys and values can contain only lowercase letters, + numeric characters, underscores, and dashes. * All characters must + use UTF-8 encoding, and international characters are allowed. * Keys + must start with a lowercase letter or international character. * + Each resource is limited to a maximum of 64 labels. Both keys and + values are additionally constrained to be <= 128 bytes. + description: type: string - routeDestinations: description: >- - Optional. Route destinations allow configuring the Gateway API - HTTPRoute to be deployed to additional clusters. This option is - available for multi-cluster service mesh set ups that require the - route to exist in the clusters that call the service. If - unspecified, the HTTPRoute will only be deployed to the Target - cluster. - $ref: '#/components/schemas/RouteDestinations' - RouteDestinations: - id: RouteDestinations - description: Information about route destinations for the Gateway API service mesh. + Optional. Description of the `CustomTargetType`. Max length is 255 + characters. + annotations: + description: >- + Optional. User annotations. These attributes can only be set and + used by the user, and not by Cloud Deploy. See + https://google.aip.dev/128#annotations for more details such as + format and size limitations. + type: object + additionalProperties: + type: string + updateTime: + readOnly: true + description: >- + Output only. Most recent time at which the `CustomTargetType` was + updated. + format: google-datetime + type: string + type: object + PhaseConfig: type: object properties: - destinationIds: + postdeploy: + $ref: '#/components/schemas/Postdeploy' description: >- - Required. The clusters where the Gateway API HTTPRoute resource will - be deployed to. Valid entries include the associated entities IDs - configured in the Target resource and "@self" to include the Target - cluster. + Optional. Configuration for the postdeploy job of this phase. If + this is not configured, there will be no postdeploy job for this + phase. + percentage: + description: Required. Percentage deployment for the phase. + type: integer + format: int32 + predeploy: + $ref: '#/components/schemas/Predeploy' + description: >- + Optional. Configuration for the predeploy job of this phase. If this + is not configured, there will be no predeploy job for this phase. + phaseId: + description: >- + Required. The ID to assign to the `Rollout` phase. This value must + consist of lower-case letters, numbers, and hyphens, start with a + letter and end with a letter or a number, and have a max length of + 63 characters. In other words, it must match the following regex: + `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`. + type: string + profiles: type: array items: type: string - propagateService: description: >- - Optional. Whether to propagate the Kubernetes Service to the route - destination clusters. The Service will always be deployed to the - Target cluster even if the HTTPRoute is not. This option may be used - to facilitate successful DNS lookup in the route destination - clusters. Can only be set to true if destinations are specified. + Optional. Skaffold profiles to use when rendering the manifest for + this phase. These are in addition to the profiles list specified in + the `DeliveryPipeline` stage. + verify: + description: >- + Optional. Whether to run verify tests after the deployment via + `skaffold verify`. type: boolean - ServiceNetworking: - id: ServiceNetworking - description: Information about the Kubernetes Service networking configuration. + id: PhaseConfig + description: >- + PhaseConfig represents the configuration for a phase in the custom + canary deployment. + PolicyViolationDetails: + id: PolicyViolationDetails type: object + description: Policy violation details. properties: - service: - description: Required. Name of the Kubernetes Service. - type: string - deployment: - description: >- - Required. Name of the Kubernetes Deployment whose traffic is managed - by the specified Service. + policy: type: string - disablePodOverprovisioning: description: >- - Optional. Whether to disable Pod overprovisioning. If Pod - overprovisioning is disabled then Cloud Deploy will limit the number - of total Pods used for the deployment strategy to the number of Pods - the Deployment has on the cluster. - type: boolean - podSelectorLabel: - description: >- - Optional. The label to use when selecting Pods for the Deployment - resource. This label must already be present in the Deployment. + Name of the policy that was violated. Policy resource will be in the + format of + `projects/{project}/locations/{location}/policies/{policy}`. + failureMessage: type: string - CloudRunConfig: - id: CloudRunConfig - description: CloudRunConfig contains the Cloud Run runtime configuration. - type: object - properties: - automaticTrafficControl: - description: >- - Optional. Whether Cloud Deploy should update the traffic stanza in a - Cloud Run Service on the user's behalf to facilitate traffic - splitting. This is required to be true for CanaryDeployments, but - optional for CustomCanaryDeployments. - type: boolean - canaryRevisionTags: - description: >- - Optional. A list of tags that are added to the canary revision while - the canary phase is in progress. - type: array - items: - type: string - priorRevisionTags: - description: >- - Optional. A list of tags that are added to the prior revision while - the canary phase is in progress. - type: array - items: - type: string - stableRevisionTags: description: >- - Optional. A list of tags that are added to the final stable revision - when the stable phase is applied. - type: array - items: - type: string + User readable message about why the request violated a policy. This + is not intended for machine parsing. + ruleId: + description: Id of the rule that triggered the policy violation. + type: string CanaryDeployment: id: CanaryDeployment - description: CanaryDeployment represents the canary deployment configuration - type: object properties: + postdeploy: + description: >- + Optional. Configuration for the postdeploy job of the last phase. If + this is not configured, there will be no postdeploy job for this + phase. + $ref: '#/components/schemas/Postdeploy' percentages: description: >- Required. The percentage based deployments that will occur as a part @@ -524,583 +600,789 @@ components: items: type: integer format: int32 - verify: - description: >- - Optional. Whether to run verify tests after each percentage - deployment via `skaffold verify`. - type: boolean predeploy: + $ref: '#/components/schemas/Predeploy' description: >- Optional. Configuration for the predeploy job of the first phase. If this is not configured, there will be no predeploy job for this phase. - $ref: '#/components/schemas/Predeploy' - postdeploy: + verify: description: >- - Optional. Configuration for the postdeploy job of the last phase. If - this is not configured, there will be no postdeploy job for this - phase. - $ref: '#/components/schemas/Postdeploy' - CustomCanaryDeployment: - id: CustomCanaryDeployment - description: >- - CustomCanaryDeployment represents the custom canary deployment - configuration. + Optional. Whether to run verify tests after each percentage + deployment via `skaffold verify`. + type: boolean + description: CanaryDeployment represents the canary deployment configuration type: object - properties: - phaseConfigs: - description: >- - Required. Configuration for each phase in the canary deployment in - the order executed. - type: array - items: - $ref: '#/components/schemas/PhaseConfig' - PhaseConfig: - id: PhaseConfig - description: >- - PhaseConfig represents the configuration for a phase in the custom - canary deployment. + AutomationRunEvent: type: object properties: - phaseId: - description: >- - Required. The ID to assign to the `Rollout` phase. This value must - consist of lower-case letters, numbers, and hyphens, start with a - letter and end with a letter or a number, and have a max length of - 63 characters. In other words, it must match the following regex: - `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`. + destinationTargetId: + description: ID of the `Target` to which the `AutomationRun` is created. type: string - percentage: - description: Required. Percentage deployment for the phase. - type: integer - format: int32 - profiles: - description: >- - Optional. Skaffold profiles to use when rendering the manifest for - this phase. These are in addition to the profiles list specified in - the `DeliveryPipeline` stage. - type: array - items: - type: string - verify: - description: >- - Optional. Whether to run verify tests after the deployment via - `skaffold verify`. - type: boolean - predeploy: - description: >- - Optional. Configuration for the predeploy job of this phase. If this - is not configured, there will be no predeploy job for this phase. - $ref: '#/components/schemas/Predeploy' - postdeploy: + pipelineUid: + type: string + description: Unique identifier of the `DeliveryPipeline`. + ruleId: + description: Identifier of the `Automation` rule. + type: string + message: description: >- - Optional. Configuration for the postdeploy job of this phase. If - this is not configured, there will be no postdeploy job for this - phase. - $ref: '#/components/schemas/Postdeploy' + Debug message for when there is an update on the AutomationRun. + Provides further details about the resource creation or state + change. + type: string + type: + enumDeprecated: + - false + - false + - false + - false + - false + - false + - false + - false + - true + description: Type of this notification, e.g. for a Pub/Sub failure. + enumDescriptions: + - Type is unspecified. + - A Pub/Sub notification failed to be sent. + - Resource state changed. + - A process aborted. + - Restriction check failed. + - Resource deleted. + - Rollout updated. + - Deploy Policy evaluation. + - >- + Deprecated: This field is never used. Use release_render log type + instead. + enum: + - TYPE_UNSPECIFIED + - TYPE_PUBSUB_NOTIFICATION_FAILURE + - TYPE_RESOURCE_STATE_CHANGE + - TYPE_PROCESS_ABORTED + - TYPE_RESTRICTION_VIOLATED + - TYPE_RESOURCE_DELETED + - TYPE_ROLLOUT_UPDATE + - TYPE_DEPLOY_POLICY_EVALUATION + - TYPE_RENDER_STATUES_CHANGE + type: string + automationId: + description: Identifier of the `Automation`. + type: string + automationRun: + description: The name of the `AutomationRun`. + type: string + description: >- + Payload proto for "clouddeploy.googleapis.com/automation_run" Platform + Log event that describes the AutomationRun related events. + id: AutomationRunEvent DeployParameters: - id: DeployParameters description: DeployParameters contains deploy parameters information. - type: object + id: DeployParameters properties: - values: - description: Required. Values are deploy parameters in key-value pairs. - type: object + matchTargetLabels: additionalProperties: type: string - matchTargetLabels: description: >- Optional. Deploy parameters are applied to targets with match labels. If unspecified, deploy parameters are applied to all targets (including child targets of a multi-target). type: object + values: additionalProperties: type: string - PipelineCondition: - id: PipelineCondition - description: >- - PipelineCondition contains all conditions relevant to a Delivery - Pipeline. + description: Required. Values are deploy parameters in key-value pairs. + type: object type: object + AssociatedEntities: + id: AssociatedEntities + description: Information about entities associated with a `Target`. properties: - pipelineReadyCondition: - description: Details around the Pipeline's overall status. - $ref: '#/components/schemas/PipelineReadyCondition' - targetsPresentCondition: - description: Details around targets enumerated in the pipeline. - $ref: '#/components/schemas/TargetsPresentCondition' - targetsTypeCondition: + gkeClusters: description: >- - Details on the whether the targets enumerated in the pipeline are of - the same type. - $ref: '#/components/schemas/TargetsTypeCondition' - PipelineReadyCondition: - id: PipelineReadyCondition - description: >- - PipelineReadyCondition contains information around the status of the - Pipeline. - type: object - properties: - status: + Optional. Information specifying GKE clusters as associated + entities. + type: array + items: + $ref: '#/components/schemas/GkeCluster' + anthosClusters: + type: array + items: + $ref: '#/components/schemas/AnthosCluster' description: >- - True if the Pipeline is in a valid state. Otherwise at least one - condition in `PipelineCondition` is in an invalid state. Iterate - over those conditions and see which condition(s) has status = false - to find out what is wrong with the Pipeline. - type: boolean - updateTime: - description: Last time the condition was updated. - type: string - format: google-datetime - TargetsPresentCondition: - id: TargetsPresentCondition - description: >- - `TargetsPresentCondition` contains information on any Targets referenced - in the Delivery Pipeline that do not actually exist. + Optional. Information specifying Anthos clusters as associated + entities. type: object + AutomationEvent: properties: - status: - description: True if there aren't any missing Targets. - type: boolean - missingTargets: + message: + type: string description: >- - The list of Target names that do not exist. For example, - `projects/{project_id}/locations/{location_name}/targets/{target_name}`. - type: array - items: - type: string - updateTime: - description: Last time the condition was updated. + Debug message for when there is an update on the AutomationRun. + Provides further details about the resource creation or state + change. + type: + enumDescriptions: + - Type is unspecified. + - A Pub/Sub notification failed to be sent. + - Resource state changed. + - A process aborted. + - Restriction check failed. + - Resource deleted. + - Rollout updated. + - Deploy Policy evaluation. + - >- + Deprecated: This field is never used. Use release_render log type + instead. + enum: + - TYPE_UNSPECIFIED + - TYPE_PUBSUB_NOTIFICATION_FAILURE + - TYPE_RESOURCE_STATE_CHANGE + - TYPE_PROCESS_ABORTED + - TYPE_RESTRICTION_VIOLATED + - TYPE_RESOURCE_DELETED + - TYPE_ROLLOUT_UPDATE + - TYPE_DEPLOY_POLICY_EVALUATION + - TYPE_RENDER_STATUES_CHANGE + type: string + enumDeprecated: + - false + - false + - false + - false + - false + - false + - false + - false + - true + description: Type of this notification, e.g. for a Pub/Sub failure. + automation: + description: The name of the `AutomationRun`. + type: string + pipelineUid: + description: Unique identifier of the `DeliveryPipeline`. type: string - format: google-datetime - TargetsTypeCondition: - id: TargetsTypeCondition description: >- - TargetsTypeCondition contains information on whether the Targets defined - in the Delivery Pipeline are of the same type. + Payload proto for "clouddeploy.googleapis.com/automation" Platform Log + event that describes the Automation related events. + id: AutomationEvent + type: object + AnthosCluster: + description: Information specifying an Anthos Cluster. + id: AnthosCluster type: object properties: - status: + membership: description: >- - True if the targets are all a comparable type. For example this is - true if all targets are GKE clusters. This is false if some targets - are Cloud Run targets and others are GKE clusters. - type: boolean - errorDetails: - description: Human readable error message. + Optional. Membership of the GKE Hub-registered cluster to which to + apply the Skaffold configuration. Format is + `projects/{project}/locations/{location}/memberships/{membership_name}`. type: string - ListTargetsResponse: - id: ListTargetsResponse - description: The response object from `ListTargets`. + TargetsPresentCondition: type: object properties: - targets: - description: The `Target` objects. - type: array + status: + type: boolean + description: True if there aren't any missing Targets. + missingTargets: items: - $ref: '#/components/schemas/Target' - nextPageToken: + type: string + type: array description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + The list of Target names that do not exist. For example, + `projects/{project_id}/locations/{location_name}/targets/{target_name}`. + updateTime: type: string - unreachable: - description: Locations that could not be reached. - type: array + format: google-datetime + description: Last time the condition was updated. + description: >- + `TargetsPresentCondition` contains information on any Targets referenced + in the Delivery Pipeline that do not actually exist. + id: TargetsPresentCondition + Predeploy: + description: Predeploy contains the predeploy job configuration information. + id: Predeploy + properties: + actions: items: type: string - Target: - id: Target - description: >- - A `Target` resource in the Cloud Deploy API. A `Target` defines a - location to which a Skaffold configuration can be deployed. + type: array + description: >- + Optional. A sequence of Skaffold custom actions to invoke during + execution of the predeploy job. type: object + RetryJobResponse: + type: object + id: RetryJobResponse + description: The response object from 'RetryJob'. + properties: {} + DeployJobRun: properties: - name: + failureCause: + readOnly: true + type: string + enum: + - FAILURE_CAUSE_UNSPECIFIED + - CLOUD_BUILD_UNAVAILABLE + - EXECUTION_FAILED + - DEADLINE_EXCEEDED + - MISSING_RESOURCES_FOR_CANARY + - CLOUD_BUILD_REQUEST_FAILED + - DEPLOY_FEATURE_NOT_SUPPORTED description: >- - Identifier. Name of the `Target`. Format is - `projects/{project}/locations/{location}/targets/{target}`. The - `target` component must match `[a-z]([a-z0-9-]{0,61}[a-z0-9])?` + Output only. The reason the deploy failed. This will always be + unspecified while the deploy is in progress or if it succeeded. + enumDescriptions: + - No reason for failure is specified. + - >- + Cloud Build is not available, either because it is not enabled or + because Cloud Deploy has insufficient permissions. See [Required + permission](https://cloud.google.com/deploy/docs/cloud-deploy-service-account#required_permissions). + - >- + The deploy operation did not complete successfully; check Cloud + Build logs. + - The deploy job run did not complete within the allotted time. + - >- + There were missing resources in the runtime environment required + for a canary deployment. Check the Cloud Build logs for more + information. + - >- + Cloud Build failed to fulfill Cloud Deploy's request. See + failure_message for additional details. + - >- + The deploy operation had a feature configured that is not + supported. + build: + description: >- + Output only. The resource name of the Cloud Build `Build` object + that is used to deploy. Format is + `projects/{project}/locations/{location}/builds/{build}`. type: string - targetId: - description: Output only. Resource id of the `Target`. readOnly: true - type: string - uid: - description: Output only. Unique identifier of the `Target`. + metadata: readOnly: true + description: >- + Output only. Metadata containing information about the deploy job + run. + $ref: '#/components/schemas/DeployJobRunMetadata' + failureMessage: type: string - description: - description: Optional. Description of the `Target`. Max length is 255 characters. - type: string - annotations: description: >- - Optional. User annotations. These attributes can only be set and - used by the user, and not by Cloud Deploy. See - https://google.aip.dev/128#annotations for more details such as - format and size limitations. - type: object - additionalProperties: - type: string - labels: + Output only. Additional information about the deploy failure, if + available. + readOnly: true + artifact: + description: Output only. The artifact of a deploy job run, if available. + $ref: '#/components/schemas/DeployArtifact' + readOnly: true + id: DeployJobRun + type: object + description: DeployJobRun contains information specific to a deploy `JobRun`. + PhaseArtifact: + type: object + id: PhaseArtifact + properties: + skaffoldConfigPath: description: >- - Optional. Labels are attributes that can be set and used by both the - user and by Cloud Deploy. Labels must meet the following - constraints: * Keys and values can contain only lowercase letters, - numeric characters, underscores, and dashes. * All characters must - use UTF-8 encoding, and international characters are allowed. * Keys - must start with a lowercase letter or international character. * - Each resource is limited to a maximum of 64 labels. Both keys and - values are additionally constrained to be <= 128 bytes. - type: object - additionalProperties: - type: string - requireApproval: - description: Optional. Whether or not the `Target` requires approval. - type: boolean - createTime: - description: Output only. Time at which the `Target` was created. + Output only. File path of the resolved Skaffold configuration + relative to the URI. readOnly: true type: string - format: google-datetime - updateTime: - description: Output only. Most recent time at which the `Target` was updated. - readOnly: true + manifestPath: type: string - format: google-datetime - gke: - description: Optional. Information specifying a GKE Cluster. - $ref: '#/components/schemas/GkeCluster' - anthosCluster: - description: Optional. Information specifying an Anthos Cluster. - $ref: '#/components/schemas/AnthosCluster' - run: - description: Optional. Information specifying a Cloud Run deployment target. - $ref: '#/components/schemas/CloudRunLocation' - multiTarget: - description: Optional. Information specifying a multiTarget. - $ref: '#/components/schemas/MultiTarget' - customTarget: - description: Optional. Information specifying a Custom Target. - $ref: '#/components/schemas/CustomTarget' - associatedEntities: + readOnly: true + description: Output only. File path of the rendered manifest relative to the URI. + jobManifestsPath: description: >- - Optional. Map of entity IDs to their associated entities. Associated - entities allows specifying places other than the deployment target - for specific features. For example, the Gateway API canary can be - configured to deploy the HTTPRoute to a different cluster(s) than - the deployment cluster using associated entities. An entity ID must - consist of lower-case letters, numbers, and hyphens, start with a - letter and end with a letter or a number, and have a max length of - 63 characters. In other words, it must match the following regex: - `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`. - type: object - additionalProperties: - $ref: '#/components/schemas/AssociatedEntities' - etag: + Output only. File path of the directory of rendered job manifests + relative to the URI. This is only set if it is applicable. + type: string + readOnly: true + description: Contains the paths to the artifacts, relative to the URI, for a phase. + RepairRolloutRule: + properties: + condition: + description: Output only. Information around the state of the 'Automation' rule. + readOnly: true + $ref: '#/components/schemas/AutomationRuleCondition' + repairPhases: + type: array + items: + $ref: '#/components/schemas/RepairPhaseConfig' description: >- - Optional. This checksum is computed by the server based on the value - of other fields, and may be sent on update and delete requests to - ensure the client has an up-to-date value before proceeding. + Required. Defines the types of automatic repair phases for failed + jobs. + id: + description: >- + Required. ID of the rule. This id must be unique in the `Automation` + resource to which this rule belongs. The format is + `[a-z]([a-z0-9-]{0,61}[a-z0-9])?`. type: string - executionConfigs: + phases: + type: array description: >- - Optional. Configurations for all execution that relates to this - `Target`. Each `ExecutionEnvironmentUsage` value may only be used in - a single configuration; using the same value multiple times is an - error. When one or more configurations are specified, they must - include the `RENDER` and `DEPLOY` `ExecutionEnvironmentUsage` - values. When no configurations are specified, execution will use the - default specified in `DefaultPool`. + Optional. Phases within which jobs are subject to automatic repair + actions on failure. Proceeds only after phase name matched any one + in the list, or for all phases if unspecified. This value must + consist of lower-case letters, numbers, and hyphens, start with a + letter and end with a letter or a number, and have a max length of + 63 characters. In other words, it must match the following regex: + `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`. + items: + type: string + jobs: type: array items: - $ref: '#/components/schemas/ExecutionConfig' - deployParameters: - description: Optional. The deploy parameters to use for this target. - type: object - additionalProperties: type: string - GkeCluster: - id: GkeCluster - description: Information specifying a GKE Cluster. + description: >- + Optional. Jobs to repair. Proceeds only after job name matched any + one in the list, or for all jobs if unspecified or empty. The phase + that includes the job must match the phase ID specified in + `source_phase`. This value must consist of lower-case letters, + numbers, and hyphens, start with a letter and end with a letter or a + number, and have a max length of 63 characters. In other words, it + must match the following regex: `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`. + id: RepairRolloutRule + description: >- + The `RepairRolloutRule` automation rule will automatically repair a + failed `Rollout`. + type: object + AutomationRolloutMetadata: type: object properties: - cluster: + repairAutomationRuns: + items: + type: string + readOnly: true description: >- - Optional. Information specifying a GKE Cluster. Format is - `projects/{project_id}/locations/{location_id}/clusters/{cluster_id}`. + Output only. The names of the AutomationRuns initiated by a repair + rollout rule. + type: array + promoteAutomationRun: + readOnly: true type: string - internalIp: description: >- - Optional. If true, `cluster` is accessed using the private IP - address of the control plane endpoint. Otherwise, the default IP - address of the control plane endpoint is used. The default IP - address is the private IP address for clusters with private - control-plane endpoints and the public IP address otherwise. Only - specify this option when `cluster` is a [private GKE - cluster](https://cloud.google.com/kubernetes-engine/docs/concepts/private-cluster-concept). - Note that `internal_ip` and `dns_endpoint` cannot both be set to - true. - type: boolean - proxyUrl: + Output only. The name of the AutomationRun initiated by a promote + release rule. + advanceAutomationRuns: description: >- - Optional. If set, used to configure a - [proxy](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/#proxy) - to the Kubernetes server. + Output only. The names of the AutomationRuns initiated by an advance + rollout rule. + readOnly: true + items: + type: string + type: array + description: >- + AutomationRolloutMetadata contains Automation-related actions that were + performed on a rollout. + id: AutomationRolloutMetadata + TimedPromoteReleaseOperation: + properties: + targetId: + description: >- + Output only. The ID of the target that represents the promotion + stage to which the release will be promoted. The value of this field + is the last segment of a target name. + type: string + readOnly: true + phase: type: string - dnsEndpoint: description: >- - Optional. If set, the cluster will be accessed using the DNS - endpoint. Note that both `dns_endpoint` and `internal_ip` cannot be - set to true. - type: boolean - AnthosCluster: - id: AnthosCluster - description: Information specifying an Anthos Cluster. + Output only. The starting phase of the rollout created by this + operation. + readOnly: true + release: + type: string + description: Output only. The name of the release to be promoted. + readOnly: true + id: TimedPromoteReleaseOperation + description: >- + Contains the information of an automated timed promote-release + operation. + type: object + CancelAutomationRunResponse: + description: The response object from `CancelAutomationRun`. + type: object + properties: {} + id: CancelAutomationRunResponse + RollbackTargetConfig: type: object + id: RollbackTargetConfig properties: - membership: - description: >- - Optional. Membership of the GKE Hub-registered cluster to which to - apply the Skaffold configuration. Format is - `projects/{project}/locations/{location}/memberships/{membership_name}`. + rollout: + description: Optional. The rollback `Rollout` to create. + $ref: '#/components/schemas/Rollout' + startingPhaseId: type: string - CloudRunLocation: - id: CloudRunLocation - description: Information specifying where to deploy a Cloud Run Service. + description: >- + Optional. The starting phase ID for the `Rollout`. If unspecified, + the `Rollout` will start in the stable phase. + description: Configs for the Rollback rollout. + CancelAutomationRunRequest: + description: The request object used by `CancelAutomationRun`. + id: CancelAutomationRunRequest type: object + properties: {} + RepairRolloutOperation: + id: RepairRolloutOperation properties: - location: + jobId: + description: Output only. The job ID for the Job to repair. + readOnly: true + type: string + currentRepairPhaseIndex: description: >- - Required. The location for the Cloud Run Service. Format must be - `projects/{project}/locations/{location}`. + Output only. The index of the current repair action in the repair + sequence. type: string - MultiTarget: - id: MultiTarget - description: Information specifying a multiTarget. + format: int64 + readOnly: true + phaseId: + readOnly: true + description: >- + Output only. The phase ID of the phase that includes the job being + repaired. + type: string + repairPhases: + readOnly: true + description: >- + Output only. Records of the repair attempts. Each repair phase may + have multiple retry attempts or single rollback attempt. + items: + $ref: '#/components/schemas/RepairPhase' + type: array + rollout: + description: >- + Output only. The name of the rollout that initiates the + `AutomationRun`. + readOnly: true + type: string + description: Contains the information for an automated `repair rollout` operation. type: object + CustomMetadata: properties: - targetIds: - description: Required. The target_ids of this multiTarget. - type: array - items: + values: + readOnly: true + additionalProperties: type: string - CustomTarget: - id: CustomTarget - description: Information specifying a Custom Target. + description: Output only. Key-value pairs provided by the user-defined operation. + type: object + id: CustomMetadata + type: object + description: CustomMetadata contains information from a user-defined operation. + ListRolloutsResponse: type: object + id: ListRolloutsResponse + description: ListRolloutsResponse is the response object returned by `ListRollouts`. properties: - customTargetType: + nextPageToken: description: >- - Required. The name of the CustomTargetType. Format must be - `projects/{project}/locations/{location}/customTargetTypes/{custom_target_type}`. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - AssociatedEntities: - id: AssociatedEntities - description: Information about entities associated with a `Target`. - type: object + rollouts: + type: array + description: The `Rollout` objects. + items: + $ref: '#/components/schemas/Rollout' + unreachable: + description: Locations that could not be reached. + items: + type: string + type: array + CustomTargetSkaffoldActions: + description: >- + CustomTargetSkaffoldActions represents the `CustomTargetType` + configuration using Skaffold custom actions. + id: CustomTargetSkaffoldActions properties: - gkeClusters: - description: >- - Optional. Information specifying GKE clusters as associated - entities. + includeSkaffoldModules: type: array items: - $ref: '#/components/schemas/GkeCluster' - anthosClusters: + $ref: '#/components/schemas/SkaffoldModules' description: >- - Optional. Information specifying Anthos clusters as associated - entities. - type: array - items: - $ref: '#/components/schemas/AnthosCluster' - ExecutionConfig: - id: ExecutionConfig - description: Configuration of the environment to use when calling Skaffold. - type: object - properties: - usages: - description: Required. Usages when this configuration should be applied. - type: array - items: - type: string - enumDescriptions: - - Default value. This value is unused. - - Use for rendering. - - Use for deploying and deployment hooks. - - Use for deployment verification. - - Use for predeploy job execution. - - Use for postdeploy job execution. - enum: - - EXECUTION_ENVIRONMENT_USAGE_UNSPECIFIED - - RENDER - - DEPLOY - - VERIFY - - PREDEPLOY - - POSTDEPLOY - defaultPool: - description: Optional. Use default Cloud Build pool. - $ref: '#/components/schemas/DefaultPool' - privatePool: - description: Optional. Use private Cloud Build pool. - $ref: '#/components/schemas/PrivatePool' - workerPool: - description: >- - Optional. The resource name of the `WorkerPool`, with the format - `projects/{project}/locations/{location}/workerPools/{worker_pool}`. - If this optional field is unspecified, the default Cloud Build pool - will be used. - type: string - serviceAccount: - description: >- - Optional. Google service account to use for execution. If - unspecified, the project execution service account - (-compute@developer.gserviceaccount.com) is used. - type: string - artifactStorage: + Optional. List of Skaffold modules Cloud Deploy will include in the + Skaffold Config as required before performing diagnose. + renderAction: description: >- - Optional. Cloud Storage location in which to store execution - outputs. This can either be a bucket ("gs://my-bucket") or a path - within a bucket ("gs://my-bucket/my-dir"). If unspecified, a default - bucket located in the same region will be used. + Optional. The Skaffold custom action responsible for render + operations. If not provided then Cloud Deploy will perform the + render operations via `skaffold render`. type: string - executionTimeout: + deployAction: description: >- - Optional. Execution timeout for a Cloud Build Execution. This must - be between 10m and 24h in seconds format. If unspecified, a default - timeout of 1h is used. + Required. The Skaffold custom action responsible for deploy + operations. type: string - format: google-duration - verbose: - description: >- - Optional. If true, additional logging will be enabled when running - builds in this execution environment. - type: boolean - DefaultPool: - id: DefaultPool - description: Execution using the default Cloud Build pool. type: object - properties: - serviceAccount: - description: >- - Optional. Google service account to use for execution. If - unspecified, the project execution service account - (-compute@developer.gserviceaccount.com) will be used. - type: string - artifactStorage: - description: >- - Optional. Cloud Storage location where execution outputs should be - stored. This can either be a bucket ("gs://my-bucket") or a path - within a bucket ("gs://my-bucket/my-dir"). If unspecified, a default - bucket located in the same region will be used. - type: string - PrivatePool: - id: PrivatePool - description: Execution using a private Cloud Build pool. + DeployArtifact: + description: The artifacts produced by a deploy operation. + id: DeployArtifact type: object properties: - workerPool: - description: >- - Required. Resource name of the Cloud Build worker pool to use. The - format is - `projects/{project}/locations/{location}/workerPools/{pool}`. - type: string - serviceAccount: + artifactUri: description: >- - Optional. Google service account to use for execution. If - unspecified, the project execution service account - (-compute@developer.gserviceaccount.com) will be used. + Output only. URI of a directory containing the artifacts. All paths + are relative to this location. + readOnly: true type: string - artifactStorage: + manifestPaths: description: >- - Optional. Cloud Storage location where execution outputs should be - stored. This can either be a bucket ("gs://my-bucket") or a path - within a bucket ("gs://my-bucket/my-dir"). If unspecified, a default - bucket located in the same region will be used. - type: string - RollbackTargetRequest: - id: RollbackTargetRequest - description: The request object for `RollbackTarget`. + Output only. File paths of the manifests applied during the deploy + operation relative to the URI. + items: + type: string + readOnly: true + type: array + IgnoreJobResponse: + description: The response object from `IgnoreJob`. type: object + properties: {} + id: IgnoreJobResponse + Phase: + description: >- + Phase represents a collection of jobs that are logically grouped + together for a `Rollout`. + id: Phase properties: - targetId: - description: Required. ID of the `Target` that is being rolled back. - type: string - rolloutId: - description: Required. ID of the rollback `Rollout` to create. + id: type: string - releaseId: - description: >- - Optional. ID of the `Release` to roll back to. If this isn't - specified, the previous successful `Rollout` to the specified target - will be used to determine the `Release`. + description: Output only. The ID of the Phase. + readOnly: true + state: + enumDescriptions: + - The Phase has an unspecified state. + - The Phase is waiting for an earlier Phase(s) to complete. + - The Phase is in progress. + - The Phase has succeeded. + - The Phase has failed. + - The Phase was aborted. + - The Phase was skipped. + description: Output only. Current state of the Phase. + enum: + - STATE_UNSPECIFIED + - PENDING + - IN_PROGRESS + - SUCCEEDED + - FAILED + - ABORTED + - SKIPPED type: string - rolloutToRollBack: - description: >- - Optional. If provided, this must be the latest `Rollout` that is on - the `Target`. + readOnly: true + childRolloutJobs: + description: Output only. ChildRollout job composition. + $ref: '#/components/schemas/ChildRolloutJobs' + readOnly: true + deploymentJobs: + readOnly: true + $ref: '#/components/schemas/DeploymentJobs' + description: Output only. Deployment job composition. + skipMessage: type: string - rollbackConfig: - description: Optional. Configs for the rollback `Rollout`. - $ref: '#/components/schemas/RollbackTargetConfig' - validateOnly: - description: >- - Optional. If set to true, the request is validated and the user is - provided with a `RollbackTargetResponse`. - type: boolean - overrideDeployPolicy: + readOnly: true description: >- - Optional. Deploy policies to override. Format is - `projects/{project}/locations/{location}/deployPolicies/{deploy_policy}`. - type: array - items: - type: string - RollbackTargetConfig: - id: RollbackTargetConfig - description: Configs for the Rollback rollout. + Output only. Additional information on why the Phase was skipped, if + available. type: object + AutomationRuleCondition: + description: >- + `AutomationRuleCondition` contains conditions relevant to an + `Automation` rule. properties: - rollout: - description: Optional. The rollback `Rollout` to create. - $ref: '#/components/schemas/Rollout' - startingPhaseId: + targetsPresentCondition: + $ref: '#/components/schemas/TargetsPresentCondition' + description: Optional. Details around targets enumerated in the rule. + timedPromoteReleaseCondition: + $ref: '#/components/schemas/TimedPromoteReleaseCondition' description: >- - Optional. The starting phase ID for the `Rollout`. If unspecified, - the `Rollout` will start in the stable phase. - type: string - Rollout: - id: Rollout - description: >- - A `Rollout` resource in the Cloud Deploy API. A `Rollout` contains - information around a specific deployment to a `Target`. + Optional. TimedPromoteReleaseCondition contains rule conditions + specific to a an Automation with a timed promote release rule + defined. type: object + id: AutomationRuleCondition + AdvanceRolloutOperation: + id: AdvanceRolloutOperation properties: - name: + rollout: description: >- - Identifier. Name of the `Rollout`. Format is - `projects/{project}/locations/{location}/deliveryPipelines/{deliveryPipeline}/releases/{release}/rollouts/{rollout}`. - The `rollout` component must match `[a-z]([a-z0-9-]{0,61}[a-z0-9])?` + Output only. The name of the rollout that initiates the + `AutomationRun`. + readOnly: true type: string - uid: - description: Output only. Unique identifier of the `Rollout`. + sourcePhase: readOnly: true + description: Output only. The phase of a deployment that initiated the operation. type: string - description: - description: >- - Optional. Description of the `Rollout` for user purposes. Max length - is 255 characters. + destinationPhase: + description: Output only. The phase the rollout will be advanced to. + readOnly: true type: string - annotations: - description: >- - Optional. User annotations. These attributes can only be set and - used by the user, and not by Cloud Deploy. See - https://google.aip.dev/128#annotations for more details such as - format and size limitations. - type: object - additionalProperties: - type: string - labels: - description: >- + wait: + readOnly: true + format: google-duration + description: Output only. How long the operation will be paused. + type: string + type: object + description: Contains the information of an automated advance-rollout operation. + RepairPhaseConfig: + type: object + description: Configuration of the repair phase. + properties: + retry: + description: Optional. Retries a failed job. + $ref: '#/components/schemas/Retry' + rollback: + description: Optional. Rolls back a `Rollout`. + $ref: '#/components/schemas/Rollback' + id: RepairPhaseConfig + CloudRunConfig: + description: CloudRunConfig contains the Cloud Run runtime configuration. + type: object + properties: + priorRevisionTags: + items: + type: string + type: array + description: >- + Optional. A list of tags that are added to the prior revision while + the canary phase is in progress. + automaticTrafficControl: + description: >- + Optional. Whether Cloud Deploy should update the traffic stanza in a + Cloud Run Service on the user's behalf to facilitate traffic + splitting. This is required to be true for CanaryDeployments, but + optional for CustomCanaryDeployments. + type: boolean + canaryRevisionTags: + items: + type: string + type: array + description: >- + Optional. A list of tags that are added to the canary revision while + the canary phase is in progress. + stableRevisionTags: + type: array + description: >- + Optional. A list of tags that are added to the final stable revision + when the stable phase is applied. + items: + type: string + id: CloudRunConfig + ListOperationsResponse: + type: object + properties: + operations: + items: + $ref: '#/components/schemas/Operation' + type: array + description: >- + A list of operations that matches the specified filter in the + request. + nextPageToken: + type: string + description: The standard List next-page token. + unreachable: + type: array + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + items: + type: string + id: ListOperationsResponse + description: The response message for Operations.ListOperations. + CancelOperationRequest: + properties: {} + type: object + id: CancelOperationRequest + description: The request message for Operations.CancelOperation. + DeployPolicy: + type: object + id: DeployPolicy + description: >- + A `DeployPolicy` resource in the Cloud Deploy API. A `DeployPolicy` + inhibits manual or automation-driven actions within a Delivery Pipeline + or Target. + properties: + annotations: + additionalProperties: + type: string + type: object + description: >- + Optional. User annotations. These attributes can only be set and + used by the user, and not by Cloud Deploy. Annotations must meet the + following constraints: * Annotations are key/value pairs. * Valid + annotation keys have two segments: an optional prefix and name, + separated by a slash (`/`). * The name segment is required and must + be 63 characters or less, beginning and ending with an alphanumeric + character (`[a-z0-9A-Z]`) with dashes (`-`), underscores (`_`), dots + (`.`), and alphanumerics between. * The prefix is optional. If + specified, the prefix must be a DNS subdomain: a series of DNS + labels separated by dots(`.`), not longer than 253 characters in + total, followed by a slash (`/`). See + https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/#syntax-and-character-set + for more details. + etag: + description: >- + The weak etag of the `DeployPolicy` resource. This checksum is + computed by the server based on the value of other fields, and may + be sent on update and delete requests to ensure the client has an + up-to-date value before proceeding. + type: string + description: + type: string + description: >- + Optional. Description of the `DeployPolicy`. Max length is 255 + characters. + createTime: + format: google-datetime + description: Output only. Time at which the deploy policy was created. + type: string + readOnly: true + updateTime: + description: >- + Output only. Most recent time at which the deploy policy was + updated. + readOnly: true + format: google-datetime + type: string + selectors: + type: array + items: + $ref: '#/components/schemas/DeployPolicyResourceSelector' + description: >- + Required. Selected resources to which the policy will be applied. At + least one selector is required. If one selector matches the resource + the policy applies. For example, if there are two selectors and the + action being attempted matches one of them, the policy will apply to + that action. + uid: + description: Output only. Unique identifier of the `DeployPolicy`. + type: string + readOnly: true + suspended: + description: >- + Optional. When suspended, the policy will not prevent actions from + occurring, even if the action violates the policy. + type: boolean + rules: + items: + $ref: '#/components/schemas/PolicyRule' + type: array + description: Required. Rules to apply. At least one rule must be present. + name: + description: >- + Output only. Name of the `DeployPolicy`. Format is + `projects/{project}/locations/{location}/deployPolicies/{deployPolicy}`. + The `deployPolicy` component must match + `[a-z]([a-z0-9-]{0,61}[a-z0-9])?` + type: string + readOnly: true + labels: + additionalProperties: + type: string + description: >- Labels are attributes that can be set and used by both the user and by Cloud Deploy. Labels must meet the following constraints: * Keys and values can contain only lowercase letters, numeric characters, @@ -1110,107 +1392,76 @@ components: limited to a maximum of 64 labels. Both keys and values are additionally constrained to be <= 128 bytes. type: object - additionalProperties: + Stage: + type: object + description: Stage specifies a location to which to deploy. + id: Stage + properties: + strategy: + $ref: '#/components/schemas/Strategy' + description: Optional. The strategy to use for a `Rollout` to this stage. + profiles: + description: >- + Optional. Skaffold profiles to use when rendering the manifest for + this stage's `Target`. + type: array + items: type: string - createTime: - description: Output only. Time at which the `Rollout` was created. - readOnly: true + targetId: + description: >- + Optional. The target_id to which this stage points. This field + refers exclusively to the last segment of a target name. For + example, this field would just be `my-target` (rather than + `projects/project/locations/location/targets/my-target`). The + location of the `Target` is inferred to be the same as the location + of the `DeliveryPipeline` that contains this `Stage`. type: string - format: google-datetime - approveTime: - description: Output only. Time at which the `Rollout` was approved. - readOnly: true + deployParameters: + type: array + description: Optional. The deploy parameters to use for the target in this stage. + items: + $ref: '#/components/schemas/DeployParameters' + Retry: + properties: + attempts: type: string - format: google-datetime - enqueueTime: - description: Output only. Time at which the `Rollout` was enqueued. - readOnly: true + format: int64 + description: >- + Required. Total number of retries. Retry is skipped if set to 0; The + minimum value is 1, and the maximum value is 10. + wait: + format: google-duration type: string - format: google-datetime - deployStartTime: - description: Output only. Time at which the `Rollout` started deploying. - readOnly: true + description: >- + Optional. How long to wait for the first retry. Default is 0, and + the maximum value is 14d. + backoffMode: + description: >- + Optional. The pattern of how wait time will be increased. Default is + linear. Backoff mode will be ignored if `wait` is 0. + enumDescriptions: + - No WaitMode is specified. + - Increases the wait time linearly. + - Increases the wait time exponentially. type: string - format: google-datetime - deployEndTime: - description: Output only. Time at which the `Rollout` finished deploying. + enum: + - BACKOFF_MODE_UNSPECIFIED + - BACKOFF_MODE_LINEAR + - BACKOFF_MODE_EXPONENTIAL + type: object + description: Retries the failed job. + id: Retry + VerifyJobRun: + properties: + artifactUri: readOnly: true + description: >- + Output only. URI of a directory containing the verify artifacts. + This contains the Skaffold event log. type: string - format: google-datetime - targetId: - description: Required. The ID of Target to which this `Rollout` is deploying. + failureCause: type: string - approvalState: - description: Output only. Approval state of the `Rollout`. readOnly: true - type: string - enumDescriptions: - - The `Rollout` has an unspecified approval state. - - The `Rollout` requires approval. - - The `Rollout` does not require approval. - - The `Rollout` has been approved. - - The `Rollout` has been rejected. - enum: - - APPROVAL_STATE_UNSPECIFIED - - NEEDS_APPROVAL - - DOES_NOT_NEED_APPROVAL - - APPROVED - - REJECTED - state: - description: Output only. Current state of the `Rollout`. - readOnly: true - type: string - enumDescriptions: - - The `Rollout` has an unspecified state. - - The `Rollout` has completed successfully. - - The `Rollout` has failed. - - The `Rollout` is being deployed. - - The `Rollout` needs approval. - - An approver rejected the `Rollout`. - - >- - The `Rollout` is waiting for an earlier Rollout(s) to complete on - this `Target`. - - The `Rollout` is waiting for the `Release` to be fully rendered. - - The `Rollout` is in the process of being cancelled. - - The `Rollout` has been cancelled. - - The `Rollout` is halted. - enum: - - STATE_UNSPECIFIED - - SUCCEEDED - - FAILED - - IN_PROGRESS - - PENDING_APPROVAL - - APPROVAL_REJECTED - - PENDING - - PENDING_RELEASE - - CANCELLING - - CANCELLED - - HALTED - failureReason: - description: >- - Output only. Additional information about the rollout failure, if - available. - readOnly: true - type: string - deployingBuild: - description: >- - Output only. The resource name of the Cloud Build `Build` object - that is used to deploy the Rollout. Format is - `projects/{project}/locations/{location}/builds/{build}`. - readOnly: true - type: string - etag: - description: >- - This checksum is computed by the server based on the value of other - fields, and may be sent on update and delete requests to ensure the - client has an up-to-date value before proceeding. - type: string - deployFailureCause: - description: >- - Output only. The reason this rollout failed. This will always be - unspecified while the rollout is in progress. - readOnly: true - type: string enumDescriptions: - No reason for failure is specified. - >- @@ -1218,419 +1469,239 @@ components: because Cloud Deploy has insufficient permissions. See [required permission](https://cloud.google.com/deploy/docs/cloud-deploy-service-account#required_permissions). - >- - The deploy operation did not complete successfully; check Cloud + The verify operation did not complete successfully; check Cloud Build logs. - - Deployment did not complete within the allotted time. - - Release is in a failed state. - - Release is abandoned. + - The verify job run did not complete within the allotted time. - No Skaffold verify configuration was found. - >- Cloud Build failed to fulfill Cloud Deploy's request. See failure_message for additional details. - - >- - A Rollout operation had a feature configured that is not - supported. + description: >- + Output only. The reason the verify failed. This will always be + unspecified while the verify is in progress or if it succeeded. enum: - FAILURE_CAUSE_UNSPECIFIED - CLOUD_BUILD_UNAVAILABLE - EXECUTION_FAILED - DEADLINE_EXCEEDED - - RELEASE_FAILED - - RELEASE_ABANDONED - VERIFICATION_CONFIG_NOT_FOUND - CLOUD_BUILD_REQUEST_FAILED - - OPERATION_FEATURE_NOT_SUPPORTED - phases: + eventLogPath: description: >- - Output only. The phases that represent the workflows of this - `Rollout`. + Output only. File path of the Skaffold event log relative to the + artifact URI. + type: string readOnly: true - type: array - items: - $ref: '#/components/schemas/Phase' - metadata: - description: Output only. Metadata contains information about the rollout. + failureMessage: + type: string readOnly: true - $ref: '#/components/schemas/Metadata' - controllerRollout: description: >- - Output only. Name of the `ControllerRollout`. Format is - `projects/{project}/locations/{location}/deliveryPipelines/{deliveryPipeline}/releases/{release}/rollouts/{rollout}`. - readOnly: true - type: string - rollbackOfRollout: + Output only. Additional information about the verify failure, if + available. + build: description: >- - Output only. Name of the `Rollout` that is rolled back by this - `Rollout`. Empty if this `Rollout` wasn't created as a rollback. - readOnly: true + Output only. The resource name of the Cloud Build `Build` object + that is used to verify. Format is + `projects/{project}/locations/{location}/builds/{build}`. type: string - rolledBackByRollouts: - description: Output only. Names of `Rollouts` that rolled back this `Rollout`. - readOnly: true - type: array - items: - type: string - activeRepairAutomationRun: - description: Output only. The AutomationRun actively repairing the rollout. readOnly: true - type: string - Phase: - id: Phase - description: >- - Phase represents a collection of jobs that are logically grouped - together for a `Rollout`. type: object + id: VerifyJobRun + description: VerifyJobRun contains information specific to a verify `JobRun`. + Location: + id: Location properties: - id: - description: Output only. The ID of the Phase. - readOnly: true + displayName: type: string - state: - description: Output only. Current state of the Phase. - readOnly: true + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' type: string - enumDescriptions: - - The Phase has an unspecified state. - - The Phase is waiting for an earlier Phase(s) to complete. - - The Phase is in progress. - - The Phase has succeeded. - - The Phase has failed. - - The Phase was aborted. - - The Phase was skipped. - enum: - - STATE_UNSPECIFIED - - PENDING - - IN_PROGRESS - - SUCCEEDED - - FAILED - - ABORTED - - SKIPPED - skipMessage: + labels: + additionalProperties: + type: string + type: object description: >- - Output only. Additional information on why the Phase was skipped, if - available. - readOnly: true + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` type: string - deploymentJobs: - description: Output only. Deployment job composition. - readOnly: true - $ref: '#/components/schemas/DeploymentJobs' - childRolloutJobs: - description: Output only. ChildRollout job composition. - readOnly: true - $ref: '#/components/schemas/ChildRolloutJobs' - DeploymentJobs: - id: DeploymentJobs - description: Deployment job composition. + metadata: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + Service-specific metadata. For example the available capacity at the + given location. + description: A resource that represents a Google Cloud location. type: object + SkaffoldGitSource: + id: SkaffoldGitSource properties: - predeployJob: - description: Output only. The predeploy Job, which is the first job on the phase. - readOnly: true - $ref: '#/components/schemas/Job' - deployJob: - description: Output only. The deploy Job. This is the deploy job in the phase. - readOnly: true - $ref: '#/components/schemas/Job' - verifyJob: + path: + type: string description: >- - Output only. The verify Job. Runs after a deploy if the deploy - succeeds. - readOnly: true - $ref: '#/components/schemas/Job' - postdeployJob: - description: Output only. The postdeploy Job, which is the last job on the phase. - readOnly: true - $ref: '#/components/schemas/Job' - Job: - id: Job - description: Job represents an operation for a `Rollout`. + Optional. Relative path from the repository root to the Skaffold + file. + repo: + description: Required. Git repository the package should be cloned from. + type: string + ref: + type: string + description: Optional. Git branch or tag to use when cloning the repository. + description: Git repository containing Skaffold Config modules. + type: object + AdvanceChildRolloutJobRun: + id: AdvanceChildRolloutJobRun type: object + description: >- + AdvanceChildRolloutJobRun contains information specific to a + advanceChildRollout `JobRun`. properties: - id: - description: Output only. The ID of the Job. - readOnly: true + rolloutPhaseId: + description: Output only. the ID of the ChildRollout's Phase. type: string - state: - description: Output only. The current state of the Job. readOnly: true - type: string - enumDescriptions: - - The Job has an unspecified state. - - The Job is waiting for an earlier Phase(s) or Job(s) to complete. - - The Job is disabled. - - The Job is in progress. - - The Job succeeded. - - The Job failed. - - The Job was aborted. - - The Job was skipped. - - The Job was ignored. - enum: - - STATE_UNSPECIFIED - - PENDING - - DISABLED - - IN_PROGRESS - - SUCCEEDED - - FAILED - - ABORTED - - SKIPPED - - IGNORED - skipMessage: + rollout: description: >- - Output only. Additional information on why the Job was skipped, if - available. - readOnly: true - type: string - jobRun: - description: >- - Output only. The name of the `JobRun` responsible for the most - recent invocation of this Job. - readOnly: true + Output only. Name of the `ChildRollout`. Format is + `projects/{project}/locations/{location}/deliveryPipelines/{deliveryPipeline}/releases/{release}/rollouts/{rollout}`. type: string - deployJob: - description: Output only. A deploy Job. - readOnly: true - $ref: '#/components/schemas/DeployJob' - verifyJob: - description: Output only. A verify Job. - readOnly: true - $ref: '#/components/schemas/VerifyJob' - predeployJob: - description: Output only. A predeploy Job. - readOnly: true - $ref: '#/components/schemas/PredeployJob' - postdeployJob: - description: Output only. A postdeploy Job. - readOnly: true - $ref: '#/components/schemas/PostdeployJob' - createChildRolloutJob: - description: Output only. A createChildRollout Job. - readOnly: true - $ref: '#/components/schemas/CreateChildRolloutJob' - advanceChildRolloutJob: - description: Output only. An advanceChildRollout Job. readOnly: true - $ref: '#/components/schemas/AdvanceChildRolloutJob' - DeployJob: - id: DeployJob - description: A deploy Job. + Date: + description: >- + Represents a whole or partial calendar date, such as a birthday. The + time of day and time zone are either specified elsewhere or are + insignificant. The date is relative to the Gregorian Calendar. This can + represent one of the following: * A full date, with non-zero year, + month, and day values. * A month and day, with a zero year (for example, + an anniversary). * A year on its own, with a zero month and a zero day. + * A year and month, with a zero day (for example, a credit card + expiration date). Related types: * google.type.TimeOfDay * + google.type.DateTime * google.protobuf.Timestamp + id: Date + properties: + day: + description: >- + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. + format: int32 + type: integer + month: + format: int32 + type: integer + description: >- + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. + year: + format: int32 + description: >- + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. + type: integer type: object - properties: {} - VerifyJob: - id: VerifyJob - description: A verify Job. + RuntimeConfig: + id: RuntimeConfig + properties: + cloudRun: + description: Optional. Cloud Run runtime configuration. + $ref: '#/components/schemas/CloudRunConfig' + kubernetes: + description: Optional. Kubernetes runtime configuration. + $ref: '#/components/schemas/KubernetesConfig' + description: >- + RuntimeConfig contains the runtime specific configurations for a + deployment strategy. type: object - properties: {} - PredeployJob: - id: PredeployJob - description: A predeploy Job. + ApproveRolloutRequest: type: object + description: The request object used by `ApproveRollout`. properties: - actions: - description: Output only. The custom actions that the predeploy Job executes. - readOnly: true + overrideDeployPolicy: type: array items: type: string - PostdeployJob: - id: PostdeployJob - description: A postdeploy Job. + description: >- + Optional. Deploy policies to override. Format is + `projects/{project}/locations/{location}/deployPolicies/{deployPolicy}`. + approved: + description: Required. True = approve; false = reject + type: boolean + id: ApproveRolloutRequest + ListJobRunsResponse: type: object + id: ListJobRunsResponse properties: - actions: - description: Output only. The custom actions that the postdeploy Job executes. - readOnly: true - type: array + nextPageToken: + type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + jobRuns: items: - type: string - CreateChildRolloutJob: - id: CreateChildRolloutJob - description: A createChildRollout Job. - type: object - properties: {} - AdvanceChildRolloutJob: - id: AdvanceChildRolloutJob - description: An advanceChildRollout Job. - type: object - properties: {} - ChildRolloutJobs: - id: ChildRolloutJobs - description: ChildRollouts job composition - type: object - properties: - createRolloutJobs: - description: Output only. List of CreateChildRolloutJobs - readOnly: true + $ref: '#/components/schemas/JobRun' type: array + description: The `JobRun` objects. + unreachable: items: - $ref: '#/components/schemas/Job' - advanceRolloutJobs: - description: Output only. List of AdvanceChildRolloutJobs - readOnly: true + type: string type: array - items: - $ref: '#/components/schemas/Job' - Metadata: - id: Metadata - description: Metadata includes information associated with a `Rollout`. + description: Locations that could not be reached + description: ListJobRunsResponse is the response object returned by `ListJobRuns`. + RepairPhase: type: object + id: RepairPhase + description: >- + RepairPhase tracks the repair attempts that have been made for each + `RepairPhaseConfig` specified in the `Automation` resource. properties: - cloudRun: - description: >- - Output only. The name of the Cloud Run Service that is associated - with a `Rollout`. - readOnly: true - $ref: '#/components/schemas/CloudRunMetadata' - automation: - description: >- - Output only. AutomationRolloutMetadata contains the information - about the interactions between Automation service and this rollout. + retry: + description: Output only. Records of the retry attempts for retry repair mode. readOnly: true - $ref: '#/components/schemas/AutomationRolloutMetadata' - custom: - description: >- - Output only. Custom metadata provided by user-defined `Rollout` - operations. + $ref: '#/components/schemas/RetryPhase' + rollback: readOnly: true - $ref: '#/components/schemas/CustomMetadata' - CloudRunMetadata: - id: CloudRunMetadata - description: CloudRunMetadata contains information from a Cloud Run deployment. - type: object + description: Output only. Rollback attempt for rollback repair mode . + $ref: '#/components/schemas/RollbackAttempt' + Automation: properties: - service: - description: >- - Output only. The name of the Cloud Run Service that is associated - with a `Rollout`. Format is - `projects/{project}/locations/{location}/services/{service}`. - readOnly: true - type: string - serviceUrls: - description: >- - Output only. The Cloud Run Service urls that are associated with a - `Rollout`. - readOnly: true - type: array - items: - type: string - revision: - description: Output only. The Cloud Run Revision id associated with a `Rollout`. - readOnly: true + description: type: string - job: description: >- - Output only. The name of the Cloud Run job that is associated with a - `Rollout`. Format is - `projects/{project}/locations/{location}/jobs/{job_name}`. - readOnly: true - type: string - AutomationRolloutMetadata: - id: AutomationRolloutMetadata - description: >- - AutomationRolloutMetadata contains Automation-related actions that were - performed on a rollout. - type: object - properties: - promoteAutomationRun: + Optional. Description of the `Automation`. Max length is 255 + characters. + name: description: >- - Output only. The name of the AutomationRun initiated by a promote - release rule. - readOnly: true + Output only. Name of the `Automation`. Format is + `projects/{project}/locations/{location}/deliveryPipelines/{delivery_pipeline}/automations/{automation}`. type: string - advanceAutomationRuns: - description: >- - Output only. The names of the AutomationRuns initiated by an advance - rollout rule. readOnly: true + rules: type: array items: - type: string - repairAutomationRuns: + $ref: '#/components/schemas/AutomationRule' description: >- - Output only. The names of the AutomationRuns initiated by a repair - rollout rule. - readOnly: true - type: array - items: - type: string - CustomMetadata: - id: CustomMetadata - description: CustomMetadata contains information from a user-defined operation. - type: object - properties: - values: - description: Output only. Key-value pairs provided by the user-defined operation. + Required. List of Automation rules associated with the Automation + resource. Must have at least one rule and limited to 250 rules per + Delivery Pipeline. Note: the order of the rules here is not the same + as the order of execution. + createTime: + description: Output only. Time at which the automation was created. + type: string + format: google-datetime readOnly: true - type: object + labels: additionalProperties: type: string - RollbackTargetResponse: - id: RollbackTargetResponse - description: The response object from `RollbackTarget`. - type: object - properties: - rollbackConfig: - description: The config of the rollback `Rollout` created or will be created. - $ref: '#/components/schemas/RollbackTargetConfig' - ListCustomTargetTypesResponse: - id: ListCustomTargetTypesResponse - description: The response object from `ListCustomTargetTypes.` - type: object - properties: - customTargetTypes: - description: The `CustomTargetType` objects. - type: array - items: - $ref: '#/components/schemas/CustomTargetType' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - CustomTargetType: - id: CustomTargetType - description: >- - A `CustomTargetType` resource in the Cloud Deploy API. A - `CustomTargetType` defines a type of custom target that can be - referenced in a `Target` in order to facilitate deploying to other - systems besides the supported runtimes. - type: object - properties: - name: - description: >- - Identifier. Name of the `CustomTargetType`. Format is - `projects/{project}/locations/{location}/customTargetTypes/{customTargetType}`. - The `customTargetType` component must match - `[a-z]([a-z0-9-]{0,61}[a-z0-9])?` - type: string - customTargetTypeId: - description: Output only. Resource id of the `CustomTargetType`. - readOnly: true - type: string - uid: - description: Output only. Unique identifier of the `CustomTargetType`. - readOnly: true - type: string - description: - description: >- - Optional. Description of the `CustomTargetType`. Max length is 255 - characters. - type: string - annotations: - description: >- - Optional. User annotations. These attributes can only be set and - used by the user, and not by Cloud Deploy. See - https://google.aip.dev/128#annotations for more details such as - format and size limitations. type: object - additionalProperties: - type: string - labels: description: >- Optional. Labels are attributes that can be set and used by both the user and by Cloud Deploy. Labels must meet the following @@ -1639,1375 +1710,1160 @@ components: use UTF-8 encoding, and international characters are allowed. * Keys must start with a lowercase letter or international character. * Each resource is limited to a maximum of 64 labels. Both keys and - values are additionally constrained to be <= 128 bytes. - type: object - additionalProperties: - type: string - createTime: - description: Output only. Time at which the `CustomTargetType` was created. - readOnly: true + values are additionally constrained to be <= 63 characters. + etag: type: string - format: google-datetime - updateTime: description: >- - Output only. Most recent time at which the `CustomTargetType` was - updated. - readOnly: true + Optional. The weak etag of the `Automation` resource. This checksum + is computed by the server based on the value of other fields, and + may be sent on update and delete requests to ensure the client has + an up-to-date value before proceeding. + serviceAccount: + description: >- + Required. Email address of the user-managed IAM service account that + creates Cloud Deploy release and rollout resources. type: string + suspended: + type: boolean + description: Optional. When Suspended, automation is deactivated from execution. + updateTime: + readOnly: true format: google-datetime - etag: - description: >- - Optional. This checksum is computed by the server based on the value - of other fields, and may be sent on update and delete requests to - ensure the client has an up-to-date value before proceeding. + description: Output only. Time at which the automation was updated. type: string - customActions: - description: >- - Optional. Configures render and deploy for the `CustomTargetType` - using Skaffold custom actions. - $ref: '#/components/schemas/CustomTargetSkaffoldActions' - CustomTargetSkaffoldActions: - id: CustomTargetSkaffoldActions - description: >- - CustomTargetSkaffoldActions represents the `CustomTargetType` - configuration using Skaffold custom actions. - type: object - properties: - renderAction: + annotations: description: >- - Optional. The Skaffold custom action responsible for render - operations. If not provided then Cloud Deploy will perform the - render operations via `skaffold render`. - type: string - deployAction: + Optional. User annotations. These attributes can only be set and + used by the user, and not by Cloud Deploy. Annotations must meet the + following constraints: * Annotations are key/value pairs. * Valid + annotation keys have two segments: an optional prefix and name, + separated by a slash (`/`). * The name segment is required and must + be 63 characters or less, beginning and ending with an alphanumeric + character (`[a-z0-9A-Z]`) with dashes (`-`), underscores (`_`), dots + (`.`), and alphanumerics between. * The prefix is optional. If + specified, the prefix must be a DNS subdomain: a series of DNS + labels separated by dots(`.`), not longer than 253 characters in + total, followed by a slash (`/`). See + https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/#syntax-and-character-set + for more details. + type: object + additionalProperties: + type: string + selector: description: >- - Required. The Skaffold custom action responsible for deploy - operations. + Required. Selected resources to which the automation will be + applied. + $ref: '#/components/schemas/AutomationResourceSelector' + uid: type: string - includeSkaffoldModules: - description: >- - Optional. List of Skaffold modules Cloud Deploy will include in the - Skaffold Config as required before performing diagnose. - type: array - items: - $ref: '#/components/schemas/SkaffoldModules' - SkaffoldModules: - id: SkaffoldModules - description: Skaffold Config modules and their remote source. + description: Output only. Unique identifier of the `Automation`. + readOnly: true + description: >- + An `Automation` resource in the Cloud Deploy API. An `Automation` + enables the automation of manually driven actions for a Delivery + Pipeline, which includes Release promotion among Targets, Rollout repair + and Rollout deployment strategy advancement. The intention of Automation + is to reduce manual intervention in the continuous delivery process. + id: Automation type: object + IgnoreJobRequest: + description: The request object used by `IgnoreJob`. properties: - configs: + overrideDeployPolicy: description: >- - Optional. The Skaffold Config modules to use from the specified - source. + Optional. Deploy policies to override. Format is + `projects/{project}/locations/{location}/deployPolicies/{deployPolicy}`. type: array items: type: string - git: - description: >- - Optional. Remote git repository containing the Skaffold Config - modules. - $ref: '#/components/schemas/SkaffoldGitSource' - googleCloudStorage: - description: >- - Optional. Cloud Storage bucket containing the Skaffold Config - modules. - $ref: '#/components/schemas/SkaffoldGCSSource' - googleCloudBuildRepo: - description: >- - Optional. Cloud Build V2 repository containing the Skaffold Config - modules. - $ref: '#/components/schemas/SkaffoldGCBRepoSource' - SkaffoldGitSource: - id: SkaffoldGitSource - description: Git repository containing Skaffold Config modules. - type: object - properties: - repo: - description: Required. Git repository the package should be cloned from. - type: string - path: - description: >- - Optional. Relative path from the repository root to the Skaffold - file. + jobId: type: string - ref: - description: Optional. Git branch or tag to use when cloning the repository. + description: Required. The job ID for the Job to ignore. + phaseId: + description: Required. The phase ID the Job to ignore belongs to. type: string - SkaffoldGCSSource: - id: SkaffoldGCSSource - description: Cloud Storage bucket containing Skaffold Config modules. type: object + id: IgnoreJobRequest + RollbackTargetResponse: + description: The response object from `RollbackTarget`. + id: RollbackTargetResponse properties: - source: - description: >- - Required. Cloud Storage source paths to copy recursively. For - example, providing "gs://my-bucket/dir/configs/*" will result in - Skaffold copying all files within the "dir/configs" directory in the - bucket "my-bucket". - type: string - path: - description: Optional. Relative path from the source to the Skaffold file. - type: string - SkaffoldGCBRepoSource: - id: SkaffoldGCBRepoSource - description: Cloud Build V2 Repository containing Skaffold Configs. + rollbackConfig: + description: The config of the rollback `Rollout` created or will be created. + $ref: '#/components/schemas/RollbackTargetConfig' + type: object + CreateChildRolloutJob: + id: CreateChildRolloutJob + description: A createChildRollout Job. + properties: {} type: object + OperationMetadata: properties: - repository: - description: >- - Required. Name of the Cloud Build V2 Repository. Format is - projects/{project}/locations/{location}/connections/{connection}/repositories/{repository}. + apiVersion: + description: Output only. API version used to start the operation. + readOnly: true type: string - path: + target: + readOnly: true description: >- - Optional. Relative path from the repository root to the Skaffold - Config file. + Output only. Server-defined resource path for the target of the + operation. type: string - ref: - description: Optional. Branch or tag to use when cloning the repository. + createTime: type: string - ListReleasesResponse: - id: ListReleasesResponse - description: The response object from `ListReleases`. - type: object - properties: - releases: - description: The `Release` objects. - type: array - items: - $ref: '#/components/schemas/Release' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - Release: - id: Release - description: >- - A `Release` resource in the Cloud Deploy API. A `Release` defines a - specific Skaffold configuration instance that can be deployed. - type: object - properties: - name: - description: >- - Identifier. Name of the `Release`. Format is - `projects/{project}/locations/{location}/deliveryPipelines/{deliveryPipeline}/releases/{release}`. - The `release` component must match `[a-z]([a-z0-9-]{0,61}[a-z0-9])?` - type: string - uid: - description: Output only. Unique identifier of the `Release`. + description: Output only. The time the operation was created. readOnly: true - type: string - description: - description: >- - Optional. Description of the `Release`. Max length is 255 - characters. - type: string - annotations: - description: >- - Optional. User annotations. These attributes can only be set and - used by the user, and not by Cloud Deploy. See - https://google.aip.dev/128#annotations for more details such as - format and size limitations. - type: object - additionalProperties: - type: string - labels: - description: >- - Labels are attributes that can be set and used by both the user and - by Cloud Deploy. Labels must meet the following constraints: * Keys - and values can contain only lowercase letters, numeric characters, - underscores, and dashes. * All characters must use UTF-8 encoding, - and international characters are allowed. * Keys must start with a - lowercase letter or international character. * Each resource is - limited to a maximum of 64 labels. Both keys and values are - additionally constrained to be <= 128 bytes. - type: object - additionalProperties: - type: string - abandoned: - description: Output only. Indicates whether this is an abandoned release. + format: google-datetime + requestedCancellation: readOnly: true + description: >- + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have google.longrunning.Operation.error value with a + google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. type: boolean - createTime: - description: Output only. Time at which the `Release` was created. - readOnly: true - type: string - format: google-datetime - renderStartTime: - description: Output only. Time at which the render began. + verb: + description: Output only. Name of the verb executed by the operation. readOnly: true type: string - format: google-datetime - renderEndTime: - description: Output only. Time at which the render completed. + statusMessage: readOnly: true type: string - format: google-datetime - skaffoldConfigUri: - description: >- - Optional. Cloud Storage URI of tar.gz archive containing Skaffold - configuration. - type: string - skaffoldConfigPath: - description: Optional. Filepath of the Skaffold config inside of the config URI. + description: Output only. Human-readable status of the operation, if any. + endTime: + description: Output only. The time the operation finished running. type: string - buildArtifacts: - description: Optional. List of artifacts to pass through to Skaffold command. - type: array - items: - $ref: '#/components/schemas/BuildArtifact' - deliveryPipelineSnapshot: - description: >- - Output only. Snapshot of the parent pipeline taken at release - creation time. - readOnly: true - $ref: '#/components/schemas/DeliveryPipeline' - targetSnapshots: - description: Output only. Snapshot of the targets taken at release creation time. readOnly: true - type: array - items: - $ref: '#/components/schemas/Target' - customTargetTypeSnapshots: + format: google-datetime + type: object + id: OperationMetadata + description: Represents the metadata of the long-running operation. + PromoteReleaseRule: + description: >- + The `PromoteRelease` rule will automatically promote a release from the + current target to a specified target. + type: object + properties: + destinationPhase: description: >- - Output only. Snapshot of the custom target types referenced by the - targets taken at release creation time. - readOnly: true - type: array - items: - $ref: '#/components/schemas/CustomTargetType' - renderState: - description: Output only. Current state of the render operation. - readOnly: true + Optional. The starting phase of the rollout created by this + operation. Default to the first phase. type: string - enumDescriptions: - - The render state is unspecified. - - All rendering operations have completed successfully. - - >- - All rendering operations have completed, and one or more have - failed. - - Rendering has started and is not complete. - enum: - - RENDER_STATE_UNSPECIFIED - - SUCCEEDED - - FAILED - - IN_PROGRESS - etag: + id: description: >- - This checksum is computed by the server based on the value of other - fields, and may be sent on update and delete requests to ensure the - client has an up-to-date value before proceeding. + Required. ID of the rule. This id must be unique in the `Automation` + resource to which this rule belongs. The format is + `[a-z]([a-z0-9-]{0,61}[a-z0-9])?`. type: string - skaffoldVersion: + wait: description: >- - Optional. The Skaffold version to use when operating on this - release, such as "1.20.0". Not all versions are valid; Cloud Deploy - supports a specific set of versions. If unset, the most recent - supported Skaffold version will be used. + Optional. How long the release need to be paused until being + promoted to the next target. type: string - targetArtifacts: - description: >- - Output only. Map from target ID to the target artifacts created - during the render operation. - readOnly: true - type: object - additionalProperties: - $ref: '#/components/schemas/TargetArtifact' - targetRenders: - description: >- - Output only. Map from target ID to details of the render operation - for that target. - readOnly: true - type: object - additionalProperties: - $ref: '#/components/schemas/TargetRender' + format: google-duration condition: - description: Output only. Information around the state of the Release. + description: Output only. Information around the state of the Automation rule. readOnly: true - $ref: '#/components/schemas/ReleaseCondition' - deployParameters: + $ref: '#/components/schemas/AutomationRuleCondition' + destinationTargetId: description: >- - Optional. The deploy parameters to use for all targets in this - release. - type: object - additionalProperties: - type: string - BuildArtifact: - id: BuildArtifact - description: Description of an a image to use during Skaffold rendering. - type: object + Optional. The ID of the stage in the pipeline to which this + `Release` is deploying. If unspecified, default it to the next stage + in the promotion flow. The value of this field could be one of the + following: * The last segment of a target name * "@next", the next + target in the promotion sequence + type: string + id: PromoteReleaseRule + AuditLogConfig: properties: - image: - description: Optional. Image name in Skaffold configuration. + logType: + description: The log type that this config enables. type: string - tag: + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + exemptedMembers: + items: + type: string description: >- - Optional. Image tag to use. This will generally be the full path to - an image, such as "gcr.io/my-project/busybox:1.2.3" or - "gcr.io/my-project/busybox@sha256:abc123". - type: string - TargetArtifact: - id: TargetArtifact - description: The artifacts produced by a target render operation. + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + type: array + id: AuditLogConfig + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. type: object + DeployJobRunMetadata: properties: - artifactUri: + custom: description: >- - Output only. URI of a directory containing the artifacts. This - contains deployment configuration used by Skaffold during a rollout, - and all paths are relative to this location. + Output only. Custom metadata provided by user-defined deploy + operation. + $ref: '#/components/schemas/CustomMetadata' readOnly: true - type: string - skaffoldConfigPath: + customTarget: description: >- - Output only. File path of the resolved Skaffold configuration for - the stable phase, relative to the URI. + Output only. Custom Target metadata associated with a + `DeployJobRun`. readOnly: true - type: string - manifestPath: - description: >- - Output only. File path of the rendered manifest relative to the URI - for the stable phase. + $ref: '#/components/schemas/CustomTargetDeployMetadata' + cloudRun: readOnly: true - type: string - phaseArtifacts: description: >- - Output only. Map from the phase ID to the phase artifacts for the - `Target`. - readOnly: true - type: object - additionalProperties: - $ref: '#/components/schemas/PhaseArtifact' - PhaseArtifact: - id: PhaseArtifact - description: Contains the paths to the artifacts, relative to the URI, for a phase. + Output only. The name of the Cloud Run Service that is associated + with a `DeployJobRun`. + $ref: '#/components/schemas/CloudRunMetadata' + id: DeployJobRunMetadata + type: object + description: >- + DeployJobRunMetadata surfaces information associated with a + `DeployJobRun` to the user. + PipelineCondition: type: object + description: >- + PipelineCondition contains all conditions relevant to a Delivery + Pipeline. properties: - skaffoldConfigPath: - description: >- - Output only. File path of the resolved Skaffold configuration - relative to the URI. - readOnly: true - type: string - manifestPath: - description: Output only. File path of the rendered manifest relative to the URI. - readOnly: true - type: string - jobManifestsPath: + targetsPresentCondition: + $ref: '#/components/schemas/TargetsPresentCondition' + description: Details around targets enumerated in the pipeline. + pipelineReadyCondition: + $ref: '#/components/schemas/PipelineReadyCondition' + description: Details around the Pipeline's overall status. + targetsTypeCondition: description: >- - Output only. File path of the directory of rendered job manifests - relative to the URI. This is only set if it is applicable. - readOnly: true - type: string - TargetRender: - id: TargetRender - description: Details of rendering for a single target. + Details on the whether the targets enumerated in the pipeline are of + the same type. + $ref: '#/components/schemas/TargetsTypeCondition' + id: PipelineCondition + CustomTargetTypeNotificationEvent: + id: CustomTargetTypeNotificationEvent type: object + description: >- + Payload proto for + "clouddeploy.googleapis.com/customtargettype_notification" Platform Log + event that describes the failure to send a custom target type status + change Pub/Sub notification. properties: - renderingBuild: - description: >- - Output only. The resource name of the Cloud Build `Build` object - that is used to render the manifest for this target. Format is - `projects/{project}/locations/{location}/builds/{build}`. - readOnly: true + customTargetTypeUid: + description: Unique identifier of the `CustomTargetType`. type: string - renderingState: - description: Output only. Current state of the render operation for this Target. - readOnly: true + customTargetType: type: string - enumDescriptions: - - The render operation state is unspecified. - - The render operation has completed successfully. - - The render operation has failed. - - The render operation is in progress. - enum: - - TARGET_RENDER_STATE_UNSPECIFIED - - SUCCEEDED - - FAILED - - IN_PROGRESS - metadata: - description: >- - Output only. Metadata related to the `Release` render for this - Target. - readOnly: true - $ref: '#/components/schemas/RenderMetadata' - failureCause: - description: >- - Output only. Reason this render failed. This will always be - unspecified while the render in progress. - readOnly: true + description: The name of the `CustomTargetType`. + type: + enumDeprecated: + - false + - false + - false + - false + - false + - false + - false + - false + - true type: string enumDescriptions: - - No reason for failure is specified. - - >- - Cloud Build is not available, either because it is not enabled or - because Cloud Deploy has insufficient permissions. See [required - permission](https://cloud.google.com/deploy/docs/cloud-deploy-service-account#required_permissions). - - >- - The render operation did not complete successfully; check Cloud - Build logs. - - >- - Cloud Build failed to fulfill Cloud Deploy's request. See - failure_message for additional details. - - >- - The render operation did not complete successfully because the - verification stanza required for verify was not found on the - Skaffold configuration. - - >- - The render operation did not complete successfully because the - custom action(s) required for Rollout jobs were not found in the - Skaffold configuration. See failure_message for additional - details. - - >- - Release failed during rendering because the release configuration - is not supported with the specified deployment strategy. + - Type is unspecified. + - A Pub/Sub notification failed to be sent. + - Resource state changed. + - A process aborted. + - Restriction check failed. + - Resource deleted. + - Rollout updated. + - Deploy Policy evaluation. - >- - The render operation had a feature configured that is not - supported. + Deprecated: This field is never used. Use release_render log type + instead. enum: - - FAILURE_CAUSE_UNSPECIFIED - - CLOUD_BUILD_UNAVAILABLE - - EXECUTION_FAILED - - CLOUD_BUILD_REQUEST_FAILED - - VERIFICATION_CONFIG_NOT_FOUND - - CUSTOM_ACTION_NOT_FOUND - - DEPLOYMENT_STRATEGY_NOT_SUPPORTED - - RENDER_FEATURE_NOT_SUPPORTED - failureMessage: - description: >- - Output only. Additional information about the render failure, if - available. - readOnly: true + - TYPE_UNSPECIFIED + - TYPE_PUBSUB_NOTIFICATION_FAILURE + - TYPE_RESOURCE_STATE_CHANGE + - TYPE_PROCESS_ABORTED + - TYPE_RESTRICTION_VIOLATED + - TYPE_RESOURCE_DELETED + - TYPE_ROLLOUT_UPDATE + - TYPE_DEPLOY_POLICY_EVALUATION + - TYPE_RENDER_STATUES_CHANGE + description: Type of this notification, e.g. for a Pub/Sub failure. + message: + description: Debug message for when a notification fails to send. type: string - RenderMetadata: - id: RenderMetadata - description: RenderMetadata includes information associated with a `Release` render. + RetryPhase: type: object properties: - cloudRun: - description: Output only. Metadata associated with rendering for Cloud Run. + attempts: + type: array readOnly: true - $ref: '#/components/schemas/CloudRunRenderMetadata' - custom: + description: Output only. Detail of a retry action. + items: + $ref: '#/components/schemas/RetryAttempt' + totalAttempts: + readOnly: true + format: int64 + type: string + description: Output only. The number of attempts that have been made. + backoffMode: + enumDescriptions: + - No WaitMode is specified. + - Increases the wait time linearly. + - Increases the wait time exponentially. + type: string description: >- - Output only. Custom metadata provided by user-defined render - operation. + Output only. The pattern of how the wait time of the retry attempt + is calculated. readOnly: true - $ref: '#/components/schemas/CustomMetadata' - CloudRunRenderMetadata: - id: CloudRunRenderMetadata + enum: + - BACKOFF_MODE_UNSPECIFIED + - BACKOFF_MODE_LINEAR + - BACKOFF_MODE_EXPONENTIAL + id: RetryPhase description: >- - CloudRunRenderMetadata contains Cloud Run information associated with a - `Release` render. + RetryPhase contains the retry attempts and the metadata for initiating a + new attempt. + AbandonReleaseResponse: + id: AbandonReleaseResponse + description: The response object for `AbandonRelease`. + properties: {} type: object + PrivatePool: properties: - service: + artifactStorage: + type: string description: >- - Output only. The name of the Cloud Run Service in the rendered - manifest. Format is - `projects/{project}/locations/{location}/services/{service}`. - readOnly: true + Optional. Cloud Storage location where execution outputs should be + stored. This can either be a bucket ("gs://my-bucket") or a path + within a bucket ("gs://my-bucket/my-dir"). If unspecified, a default + bucket located in the same region will be used. + serviceAccount: + type: string + description: >- + Optional. Google service account to use for execution. If + unspecified, the project execution service account + (-compute@developer.gserviceaccount.com) will be used. + workerPool: + description: >- + Required. Resource name of the Cloud Build worker pool to use. The + format is + `projects/{project}/locations/{location}/workerPools/{pool}`. type: string - ReleaseCondition: - id: ReleaseCondition - description: ReleaseCondition contains all conditions relevant to a Release. - type: object - properties: - releaseReadyCondition: - description: Details around the Releases's overall status. - $ref: '#/components/schemas/ReleaseReadyCondition' - skaffoldSupportedCondition: - description: Details around the support state of the release's Skaffold version. - $ref: '#/components/schemas/SkaffoldSupportedCondition' - ReleaseReadyCondition: - id: ReleaseReadyCondition - description: >- - ReleaseReadyCondition contains information around the status of the - Release. If a release is not ready, you cannot create a rollout with the - release. type: object + id: PrivatePool + description: Execution using a private Cloud Build pool. + TimeOfDay: properties: - status: + seconds: + type: integer description: >- - True if the Release is in a valid state. Otherwise at least one - condition in `ReleaseCondition` is in an invalid state. Iterate over - those conditions and see which condition(s) has status = false to - find out what is wrong with the Release. - type: boolean - SkaffoldSupportedCondition: - id: SkaffoldSupportedCondition - description: >- - SkaffoldSupportedCondition contains information about when support for - the release's version of Skaffold ends. + Seconds of a minute. Must be greater than or equal to 0 and + typically must be less than or equal to 59. An API may allow the + value 60 if it allows leap-seconds. + format: int32 + nanos: + type: integer + description: >- + Fractions of seconds, in nanoseconds. Must be greater than or equal + to 0 and less than or equal to 999,999,999. + format: int32 + hours: + format: int32 + type: integer + description: >- + Hours of a day in 24 hour format. Must be greater than or equal to 0 + and typically must be less than or equal to 23. An API may choose to + allow the value "24:00:00" for scenarios like business closing time. + minutes: + format: int32 + description: >- + Minutes of an hour. Must be greater than or equal to 0 and less than + or equal to 59. + type: integer + description: >- + Represents a time of day. The date and time zone are either not + significant or are specified elsewhere. An API may choose to allow leap + seconds. Related types are google.type.Date and + `google.protobuf.Timestamp`. + type: object + id: TimeOfDay + ListDeployPoliciesResponse: + description: The response object from `ListDeployPolicies`. type: object properties: - status: - description: True if the version of Skaffold used by this release is supported. - type: boolean - skaffoldSupportState: - description: The Skaffold support state for this release's version of Skaffold. + deployPolicies: + description: The `DeployPolicy` objects. + items: + $ref: '#/components/schemas/DeployPolicy' + type: array + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + unreachable: + description: Locations that could not be reached. + items: + type: string + type: array + id: ListDeployPoliciesResponse + DeliveryPipelineNotificationEvent: + properties: + message: + type: string + description: Debug message for when a notification fails to send. + pipelineUid: + type: string + description: Unique identifier of the `DeliveryPipeline`. + type: + description: Type of this notification, e.g. for a Pub/Sub failure. type: string enumDescriptions: - - Default value. This value is unused. - - This Skaffold version is currently supported. - - This Skaffold version is in maintenance mode. - - This Skaffold version is no longer supported. + - Type is unspecified. + - A Pub/Sub notification failed to be sent. + - Resource state changed. + - A process aborted. + - Restriction check failed. + - Resource deleted. + - Rollout updated. + - Deploy Policy evaluation. + - >- + Deprecated: This field is never used. Use release_render log type + instead. + enumDeprecated: + - false + - false + - false + - false + - false + - false + - false + - false + - true enum: - - SKAFFOLD_SUPPORT_STATE_UNSPECIFIED - - SKAFFOLD_SUPPORT_STATE_SUPPORTED - - SKAFFOLD_SUPPORT_STATE_MAINTENANCE_MODE - - SKAFFOLD_SUPPORT_STATE_UNSUPPORTED - maintenanceModeTime: - description: >- - The time at which this release's version of Skaffold will enter - maintenance mode. + - TYPE_UNSPECIFIED + - TYPE_PUBSUB_NOTIFICATION_FAILURE + - TYPE_RESOURCE_STATE_CHANGE + - TYPE_PROCESS_ABORTED + - TYPE_RESTRICTION_VIOLATED + - TYPE_RESOURCE_DELETED + - TYPE_ROLLOUT_UPDATE + - TYPE_DEPLOY_POLICY_EVALUATION + - TYPE_RENDER_STATUES_CHANGE + deliveryPipeline: type: string - format: google-datetime - supportExpirationTime: + description: The name of the `Delivery Pipeline`. + description: >- + Payload proto for + "clouddeploy.googleapis.com/deliverypipeline_notification" Platform Log + event that describes the failure to send delivery pipeline status change + Pub/Sub notification. + id: DeliveryPipelineNotificationEvent + type: object + TerminateJobRunRequest: + description: The request object used by `TerminateJobRun`. + properties: + overrideDeployPolicy: description: >- - The time at which this release's version of Skaffold will no longer - be supported. - type: string - format: google-datetime - AbandonReleaseRequest: - id: AbandonReleaseRequest - description: The request object used by `AbandonRelease`. + Optional. Deploy policies to override. Format is + `projects/{project}/locations/{location}/deployPolicies/{deployPolicy}`. + items: + type: string + type: array + id: TerminateJobRunRequest type: object - properties: {} - AbandonReleaseResponse: - id: AbandonReleaseResponse - description: The response object for `AbandonRelease`. + TargetsTypeCondition: + description: >- + TargetsTypeCondition contains information on whether the Targets defined + in the Delivery Pipeline are of the same type. + id: TargetsTypeCondition type: object + properties: + errorDetails: + description: Human readable error message. + type: string + status: + description: >- + True if the targets are all a comparable type. For example this is + true if all targets are GKE clusters. This is false if some targets + are Cloud Run targets and others are GKE clusters. + type: boolean + TerminateJobRunResponse: properties: {} - DeployPolicy: - id: DeployPolicy - description: >- - A `DeployPolicy` resource in the Cloud Deploy API. A `DeployPolicy` - inhibits manual or automation-driven actions within a Delivery Pipeline - or Target. + description: The response object from `TerminateJobRun`. + id: TerminateJobRunResponse + type: object + ExecutionConfig: type: object + id: ExecutionConfig properties: - name: + defaultPool: + description: Optional. Use default Cloud Build pool. + $ref: '#/components/schemas/DefaultPool' + workerPool: description: >- - Output only. Name of the `DeployPolicy`. Format is - `projects/{project}/locations/{location}/deployPolicies/{deployPolicy}`. - The `deployPolicy` component must match - `[a-z]([a-z0-9-]{0,61}[a-z0-9])?` - readOnly: true - type: string - uid: - description: Output only. Unique identifier of the `DeployPolicy`. - readOnly: true + Optional. The resource name of the `WorkerPool`, with the format + `projects/{project}/locations/{location}/workerPools/{worker_pool}`. + If this optional field is unspecified, the default Cloud Build pool + will be used. type: string - description: + privatePool: + $ref: '#/components/schemas/PrivatePool' + description: Optional. Use private Cloud Build pool. + verbose: description: >- - Optional. Description of the `DeployPolicy`. Max length is 255 - characters. + Optional. If true, additional logging will be enabled when running + builds in this execution environment. + type: boolean + serviceAccount: type: string - annotations: description: >- - Optional. User annotations. These attributes can only be set and - used by the user, and not by Cloud Deploy. Annotations must meet the - following constraints: * Annotations are key/value pairs. * Valid - annotation keys have two segments: an optional prefix and name, - separated by a slash (`/`). * The name segment is required and must - be 63 characters or less, beginning and ending with an alphanumeric - character (`[a-z0-9A-Z]`) with dashes (`-`), underscores (`_`), dots - (`.`), and alphanumerics between. * The prefix is optional. If - specified, the prefix must be a DNS subdomain: a series of DNS - labels separated by dots(`.`), not longer than 253 characters in - total, followed by a slash (`/`). See - https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/#syntax-and-character-set - for more details. - type: object - additionalProperties: - type: string - labels: + Optional. Google service account to use for execution. If + unspecified, the project execution service account + (-compute@developer.gserviceaccount.com) is used. + executionTimeout: description: >- - Labels are attributes that can be set and used by both the user and - by Cloud Deploy. Labels must meet the following constraints: * Keys - and values can contain only lowercase letters, numeric characters, - underscores, and dashes. * All characters must use UTF-8 encoding, - and international characters are allowed. * Keys must start with a - lowercase letter or international character. * Each resource is - limited to a maximum of 64 labels. Both keys and values are - additionally constrained to be <= 128 bytes. - type: object - additionalProperties: + Optional. Execution timeout for a Cloud Build Execution. This must + be between 10m and 24h in seconds format. If unspecified, a default + timeout of 1h is used. + format: google-duration + type: string + usages: + type: array + description: Required. Usages when this configuration should be applied. + items: + enumDescriptions: + - Default value. This value is unused. + - Use for rendering. + - Use for deploying and deployment hooks. + - Use for deployment verification. + - Use for predeploy job execution. + - Use for postdeploy job execution. + enum: + - EXECUTION_ENVIRONMENT_USAGE_UNSPECIFIED + - RENDER + - DEPLOY + - VERIFY + - PREDEPLOY + - POSTDEPLOY type: string - createTime: - description: Output only. Time at which the deploy policy was created. - readOnly: true + artifactStorage: type: string - format: google-datetime - updateTime: description: >- - Output only. Most recent time at which the deploy policy was - updated. - readOnly: true - type: string - format: google-datetime - suspended: - description: >- - Optional. When suspended, the policy will not prevent actions from - occurring, even if the action violates the policy. + Optional. Cloud Storage location in which to store execution + outputs. This can either be a bucket ("gs://my-bucket") or a path + within a bucket ("gs://my-bucket/my-dir"). If unspecified, a default + bucket located in the same region will be used. + description: Configuration of the environment to use when calling Skaffold. + Standard: + properties: + verify: + description: Optional. Whether to verify a deployment via `skaffold verify`. type: boolean - selectors: + predeploy: + $ref: '#/components/schemas/Predeploy' description: >- - Required. Selected resources to which the policy will be applied. At - least one selector is required. If one selector matches the resource - the policy applies. For example, if there are two selectors and the - action being attempted matches one of them, the policy will apply to - that action. - type: array - items: - $ref: '#/components/schemas/DeployPolicyResourceSelector' - rules: - description: Required. Rules to apply. At least one rule must be present. + Optional. Configuration for the predeploy job. If this is not + configured, the predeploy job will not be present. + postdeploy: + description: >- + Optional. Configuration for the postdeploy job. If this is not + configured, the postdeploy job will not be present. + $ref: '#/components/schemas/Postdeploy' + id: Standard + description: Standard represents the standard deployment strategy. + type: object + Strategy: + description: Strategy contains deployment strategy information. + properties: + standard: + $ref: '#/components/schemas/Standard' + description: >- + Optional. Standard deployment strategy executes a single deploy and + allows verifying the deployment. + canary: + $ref: '#/components/schemas/Canary' + description: >- + Optional. Canary deployment strategy provides progressive percentage + based deployments to a Target. + id: Strategy + type: object + PolicyRule: + description: Deploy Policy rule. + id: PolicyRule + type: object + properties: + rolloutRestriction: + description: Optional. Rollout restrictions. + $ref: '#/components/schemas/RolloutRestriction' + RouteDestinations: + properties: + destinationIds: type: array + description: >- + Required. The clusters where the Gateway API HTTPRoute resource will + be deployed to. Valid entries include the associated entities IDs + configured in the Target resource and "@self" to include the Target + cluster. items: - $ref: '#/components/schemas/PolicyRule' - etag: + type: string + propagateService: description: >- - The weak etag of the `DeployPolicy` resource. This checksum is - computed by the server based on the value of other fields, and may - be sent on update and delete requests to ensure the client has an - up-to-date value before proceeding. - type: string - DeployPolicyResourceSelector: - id: DeployPolicyResourceSelector + Optional. Whether to propagate the Kubernetes Service to the route + destination clusters. The Service will always be deployed to the + Target cluster even if the HTTPRoute is not. This option may be used + to facilitate successful DNS lookup in the route destination + clusters. Can only be set to true if destinations are specified. + type: boolean + id: RouteDestinations + type: object + description: Information about route destinations for the Gateway API service mesh. + AuditConfig: description: >- - Contains information on the resources to select for a deploy policy. - Attributes provided must all match the resource in order for policy - restrictions to apply. For example, if delivery pipelines attributes - given are an id "prod" and labels "foo: bar", a delivery pipeline - resource must match both that id and have that label in order to be - subject to the policy. + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. type: object properties: - deliveryPipeline: - description: Optional. Contains attributes about a delivery pipeline. - $ref: '#/components/schemas/DeliveryPipelineAttribute' - target: - description: Optional. Contains attributes about a target. - $ref: '#/components/schemas/TargetAttribute' - DeliveryPipelineAttribute: - id: DeliveryPipelineAttribute - description: Contains criteria for selecting DeliveryPipelines. + auditLogConfigs: + type: array + description: The configuration for logging of each type of permission. + items: + $ref: '#/components/schemas/AuditLogConfig' + service: + description: >- + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + type: string + id: AuditConfig + DeployPolicyNotificationEvent: + id: DeployPolicyNotificationEvent type: object + description: >- + Payload proto for + "clouddeploy.googleapis.com/deploypolicy_notification". Platform Log + event that describes the failure to send a pub/sub notification when + there is a DeployPolicy status change. properties: - id: + type: + enumDeprecated: + - false + - false + - false + - false + - false + - false + - false + - false + - true + description: Type of this notification, e.g. for a Pub/Sub failure. + enumDescriptions: + - Type is unspecified. + - A Pub/Sub notification failed to be sent. + - Resource state changed. + - A process aborted. + - Restriction check failed. + - Resource deleted. + - Rollout updated. + - Deploy Policy evaluation. + - >- + Deprecated: This field is never used. Use release_render log type + instead. + type: string + enum: + - TYPE_UNSPECIFIED + - TYPE_PUBSUB_NOTIFICATION_FAILURE + - TYPE_RESOURCE_STATE_CHANGE + - TYPE_PROCESS_ABORTED + - TYPE_RESTRICTION_VIOLATED + - TYPE_RESOURCE_DELETED + - TYPE_ROLLOUT_UPDATE + - TYPE_DEPLOY_POLICY_EVALUATION + - TYPE_RENDER_STATUES_CHANGE + deployPolicy: + description: The name of the `DeployPolicy`. + type: string + message: + type: string description: >- - Optional. ID of the `DeliveryPipeline`. The value of this field - could be one of the following: * The last segment of a pipeline name - * "*", all delivery pipelines in a location + Debug message for when a deploy policy fails to send a pub/sub + notification. + deployPolicyUid: + description: Unique identifier of the deploy policy. type: string - labels: - description: DeliveryPipeline labels. - type: object - additionalProperties: + RetryJobRequest: + properties: + overrideDeployPolicy: + description: >- + Optional. Deploy policies to override. Format is + `projects/{project}/locations/{location}/deployPolicies/{deployPolicy}`. + type: array + items: type: string + phaseId: + type: string + description: Required. The phase ID the Job to retry belongs to. + jobId: + type: string + description: Required. The job ID for the Job to retry. + description: RetryJobRequest is the request object used by `RetryJob`. + id: RetryJobRequest + type: object TargetAttribute: id: TargetAttribute + type: object description: >- Contains criteria for selecting Targets. This could be used to select targets for a Deploy Policy or for an Automation. - type: object properties: - id: - description: >- - Optional. ID of the `Target`. The value of this field could be one - of the following: * The last segment of a target name * "*", all - targets in a location - type: string labels: - description: Target labels. type: object additionalProperties: type: string - PolicyRule: - id: PolicyRule - description: Deploy Policy rule. - type: object - properties: - rolloutRestriction: - description: Optional. Rollout restrictions. - $ref: '#/components/schemas/RolloutRestriction' - RolloutRestriction: - id: RolloutRestriction - description: Rollout restrictions. - type: object - properties: + description: Target labels. id: - description: >- - Required. Restriction rule ID. Required and must be unique within a - DeployPolicy. The format is `[a-z]([a-z0-9-]{0,61}[a-z0-9])?`. type: string - invokers: description: >- - Optional. What invoked the action. If left empty, all invoker types - will be restricted. - type: array + Optional. ID of the `Target`. The value of this field could be one + of the following: * The last segment of a target name * "*", all + targets in a location + PredeployJob: + description: A predeploy Job. + type: object + id: PredeployJob + properties: + actions: items: type: string - enumDescriptions: - - Unspecified. - - >- - The action is user-driven. For example, creating a rollout - manually via a gcloud create command. - - Automated action by Cloud Deploy. - enum: - - INVOKER_UNSPECIFIED - - USER - - DEPLOY_AUTOMATION - actions: - description: >- - Optional. Rollout actions to be restricted as part of the policy. If - left empty, all actions will be restricted. + description: Output only. The custom actions that the predeploy Job executes. type: array - items: - type: string - enumDescriptions: - - Unspecified. - - Advance the rollout to the next phase. - - Approve the rollout. - - Cancel the rollout. - - Create a rollout. - - Ignore a job result on the rollout. - - Retry a job for a rollout. - - Rollback a rollout. - - Terminate a jobrun. - enum: - - ROLLOUT_ACTIONS_UNSPECIFIED - - ADVANCE - - APPROVE - - CANCEL - - CREATE - - IGNORE_JOB - - RETRY_JOB - - ROLLBACK - - TERMINATE_JOBRUN - timeWindows: - description: Required. Time window within which actions are restricted. - $ref: '#/components/schemas/TimeWindows' - TimeWindows: - id: TimeWindows - description: >- - Time windows within which actions are restricted. See the - [documentation](https://cloud.google.com/deploy/docs/deploy-policy#dates_times) - for more information on how to configure dates/times. + readOnly: true + PostdeployJob: + id: PostdeployJob type: object + description: A postdeploy Job. properties: - timeZone: - description: >- - Required. The time zone in IANA format [IANA Time Zone - Database](https://www.iana.org/time-zones) (e.g. America/New_York). - type: string - oneTimeWindows: - description: Optional. One-time windows within which actions are restricted. - type: array + actions: items: - $ref: '#/components/schemas/OneTimeWindow' - weeklyWindows: - description: >- - Optional. Recurring weekly windows within which actions are - restricted. + type: string + description: Output only. The custom actions that the postdeploy Job executes. type: array - items: - $ref: '#/components/schemas/WeeklyWindow' - OneTimeWindow: - id: OneTimeWindow - description: >- - One-time window within which actions are restricted. For example, - blocking actions over New Year's Eve from December 31st at 5pm to - January 1st at 9am. - type: object - properties: - startDate: - description: Required. Start date. - $ref: '#/components/schemas/Date' - startTime: - description: >- - Required. Start time (inclusive). Use 00:00 for the beginning of the - day. - $ref: '#/components/schemas/TimeOfDay' - endDate: - description: Required. End date. - $ref: '#/components/schemas/Date' - endTime: - description: >- - Required. End time (exclusive). You may use 24:00 for the end of the - day. - $ref: '#/components/schemas/TimeOfDay' - Date: - id: Date - description: >- - Represents a whole or partial calendar date, such as a birthday. The - time of day and time zone are either specified elsewhere or are - insignificant. The date is relative to the Gregorian Calendar. This can - represent one of the following: * A full date, with non-zero year, - month, and day values. * A month and day, with a zero year (for example, - an anniversary). * A year on its own, with a zero month and a zero day. - * A year and month, with a zero day (for example, a credit card - expiration date). Related types: * google.type.TimeOfDay * - google.type.DateTime * google.protobuf.Timestamp - type: object - properties: - year: - description: >- - Year of the date. Must be from 1 to 9999, or 0 to specify a date - without a year. - type: integer - format: int32 - month: - description: >- - Month of a year. Must be from 1 to 12, or 0 to specify a year - without a month and day. - type: integer - format: int32 - day: - description: >- - Day of a month. Must be from 1 to 31 and valid for the year and - month, or 0 to specify a year by itself or a year and month where - the day isn't significant. - type: integer - format: int32 - TimeOfDay: - id: TimeOfDay - description: >- - Represents a time of day. The date and time zone are either not - significant or are specified elsewhere. An API may choose to allow leap - seconds. Related types are google.type.Date and - `google.protobuf.Timestamp`. - type: object - properties: - hours: - description: >- - Hours of a day in 24 hour format. Must be greater than or equal to 0 - and typically must be less than or equal to 23. An API may choose to - allow the value "24:00:00" for scenarios like business closing time. - type: integer - format: int32 - minutes: - description: >- - Minutes of an hour. Must be greater than or equal to 0 and less than - or equal to 59. - type: integer - format: int32 - seconds: - description: >- - Seconds of a minute. Must be greater than or equal to 0 and - typically must be less than or equal to 59. An API may allow the - value 60 if it allows leap-seconds. - type: integer - format: int32 - nanos: - description: >- - Fractions of seconds, in nanoseconds. Must be greater than or equal - to 0 and less than or equal to 999,999,999. - type: integer - format: int32 - WeeklyWindow: - id: WeeklyWindow - description: >- - Weekly windows. For example, blocking actions every Saturday and Sunday. - Another example would be blocking actions every weekday from 5pm to - midnight. + readOnly: true + ListTargetsResponse: type: object + id: ListTargetsResponse + description: The response object from `ListTargets`. properties: - daysOfWeek: - description: >- - Optional. Days of week. If left empty, all days of the week will be - included. - type: array + unreachable: + description: Locations that could not be reached. items: type: string - enumDescriptions: - - The day of the week is unspecified. - - Monday - - Tuesday - - Wednesday - - Thursday - - Friday - - Saturday - - Sunday - enum: - - DAY_OF_WEEK_UNSPECIFIED - - MONDAY - - TUESDAY - - WEDNESDAY - - THURSDAY - - FRIDAY - - SATURDAY - - SUNDAY - startTime: - description: >- - Optional. Start time (inclusive). Use 00:00 for the beginning of the - day. If you specify start_time you must also specify end_time. If - left empty, this will block for the entire day for the days - specified in days_of_week. - $ref: '#/components/schemas/TimeOfDay' - endTime: - description: >- - Optional. End time (exclusive). Use 24:00 to indicate midnight. If - you specify end_time you must also specify start_time. If left - empty, this will block for the entire day for the days specified in - days_of_week. - $ref: '#/components/schemas/TimeOfDay' - ListDeployPoliciesResponse: - id: ListDeployPoliciesResponse - description: The response object from `ListDeployPolicies`. - type: object - properties: - deployPolicies: - description: The `DeployPolicy` objects. type: array + targets: items: - $ref: '#/components/schemas/DeployPolicy' + $ref: '#/components/schemas/Target' + type: array + description: The `Target` objects. nextPageToken: description: >- A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - ApproveRolloutRequest: - id: ApproveRolloutRequest - description: The request object used by `ApproveRollout`. + ListReleasesResponse: + description: The response object from `ListReleases`. + id: ListReleasesResponse type: object properties: - approved: - description: Required. True = approve; false = reject - type: boolean - overrideDeployPolicy: - description: >- - Optional. Deploy policies to override. Format is - `projects/{project}/locations/{location}/deployPolicies/{deployPolicy}`. - type: array + unreachable: items: type: string - ApproveRolloutResponse: - id: ApproveRolloutResponse - description: The response object from `ApproveRollout`. - type: object - properties: {} - AdvanceRolloutRequest: - id: AdvanceRolloutRequest - description: The request object used by `AdvanceRollout`. - type: object - properties: - phaseId: - description: Required. The phase ID to advance the `Rollout` to. - type: string - overrideDeployPolicy: - description: >- - Optional. Deploy policies to override. Format is - `projects/{project}/locations/{location}/deployPolicies/{deployPolicy}`. type: array + description: Locations that could not be reached. + releases: items: - type: string - AdvanceRolloutResponse: - id: AdvanceRolloutResponse - description: The response object from `AdvanceRollout`. - type: object - properties: {} - CancelRolloutRequest: - id: CancelRolloutRequest - description: The request object used by `CancelRollout`. - type: object - properties: - overrideDeployPolicy: - description: >- - Optional. Deploy policies to override. Format is - `projects/{project}/locations/{location}/deployPolicies/{deployPolicy}`. - type: array - items: - type: string - CancelRolloutResponse: - id: CancelRolloutResponse - description: The response object from `CancelRollout`. - type: object - properties: {} - ListRolloutsResponse: - id: ListRolloutsResponse - description: ListRolloutsResponse is the response object returned by `ListRollouts`. - type: object - properties: - rollouts: - description: The `Rollout` objects. + $ref: '#/components/schemas/Release' type: array - items: - $ref: '#/components/schemas/Rollout' + description: The `Release` objects. nextPageToken: description: >- A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - IgnoreJobRequest: - id: IgnoreJobRequest - description: The request object used by `IgnoreJob`. + JobRunNotificationEvent: type: object + id: JobRunNotificationEvent + description: >- + Payload proto for "clouddeploy.googleapis.com/jobrun_notification" + Platform Log event that describes the failure to send JobRun resource + update Pub/Sub notification. properties: - phaseId: - description: Required. The phase ID the Job to ignore belongs to. + type: + description: Type of this notification, e.g. for a Pub/Sub failure. + enumDescriptions: + - Type is unspecified. + - A Pub/Sub notification failed to be sent. + - Resource state changed. + - A process aborted. + - Restriction check failed. + - Resource deleted. + - Rollout updated. + - Deploy Policy evaluation. + - >- + Deprecated: This field is never used. Use release_render log type + instead. + enum: + - TYPE_UNSPECIFIED + - TYPE_PUBSUB_NOTIFICATION_FAILURE + - TYPE_RESOURCE_STATE_CHANGE + - TYPE_PROCESS_ABORTED + - TYPE_RESTRICTION_VIOLATED + - TYPE_RESOURCE_DELETED + - TYPE_ROLLOUT_UPDATE + - TYPE_DEPLOY_POLICY_EVALUATION + - TYPE_RENDER_STATUES_CHANGE + enumDeprecated: + - false + - false + - false + - false + - false + - false + - false + - false + - true type: string - jobId: - description: Required. The job ID for the Job to ignore. + release: + description: The name of the `Release`. type: string - overrideDeployPolicy: - description: >- - Optional. Deploy policies to override. Format is - `projects/{project}/locations/{location}/deployPolicies/{deployPolicy}`. - type: array - items: - type: string - IgnoreJobResponse: - id: IgnoreJobResponse - description: The response object from `IgnoreJob`. - type: object - properties: {} - RetryJobRequest: - id: RetryJobRequest - description: RetryJobRequest is the request object used by `RetryJob`. - type: object - properties: - phaseId: - description: Required. The phase ID the Job to retry belongs to. + jobRun: type: string - jobId: - description: Required. The job ID for the Job to retry. + description: The name of the `JobRun`. + releaseUid: + description: Unique identifier of the `Release`. type: string - overrideDeployPolicy: - description: >- - Optional. Deploy policies to override. Format is - `projects/{project}/locations/{location}/deployPolicies/{deployPolicy}`. - type: array - items: - type: string - RetryJobResponse: - id: RetryJobResponse - description: The response object from 'RetryJob'. + pipelineUid: + type: string + description: Unique identifier of the `DeliveryPipeline`. + rolloutUid: + description: Unique identifier of the `Rollout`. + type: string + rollout: + description: The name of the `Rollout`. + type: string + targetId: + type: string + description: ID of the `Target`. + message: + type: string + description: Debug message for when a notification fails to send. + KubernetesConfig: + properties: + gatewayServiceMesh: + description: Optional. Kubernetes Gateway API service mesh configuration. + $ref: '#/components/schemas/GatewayServiceMesh' + serviceNetworking: + description: Optional. Kubernetes Service networking configuration. + $ref: '#/components/schemas/ServiceNetworking' type: object - properties: {} - ListJobRunsResponse: - id: ListJobRunsResponse - description: ListJobRunsResponse is the response object returned by `ListJobRuns`. + id: KubernetesConfig + description: KubernetesConfig contains the Kubernetes runtime configuration. + AutomationRun: + id: AutomationRun type: object - properties: - jobRuns: - description: The `JobRun` objects. - type: array - items: - $ref: '#/components/schemas/JobRun' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - unreachable: - description: Locations that could not be reached - type: array - items: - type: string - JobRun: - id: JobRun description: >- - A `JobRun` resource in the Cloud Deploy API. A `JobRun` contains - information of a single `Rollout` job evaluation. - type: object + An `AutomationRun` resource in the Cloud Deploy API. An `AutomationRun` + represents an execution instance of an automation rule. properties: - name: + timedPromoteReleaseOperation: + $ref: '#/components/schemas/TimedPromoteReleaseOperation' description: >- - Output only. Name of the `JobRun`. Format is - `projects/{project}/locations/{location}/deliveryPipelines/{deliveryPipeline}/releases/{releases}/rollouts/{rollouts}/jobRuns/{uuid}`. + Output only. Promotes a release to a specified 'Target' as defined + in a Timed Promote Release rule. readOnly: true + stateDescription: type: string - uid: - description: Output only. Unique identifier of the `JobRun`. + description: >- + Output only. Explains the current state of the `AutomationRun`. + Present only when an explanation is needed. readOnly: true - type: string - phaseId: - description: Output only. ID of the `Rollout` phase this `JobRun` belongs in. + repairRolloutOperation: readOnly: true - type: string - jobId: - description: Output only. ID of the `Rollout` job this `JobRun` corresponds to. + $ref: '#/components/schemas/RepairRolloutOperation' + description: Output only. Repairs a failed 'Rollout'. + name: readOnly: true type: string - createTime: - description: Output only. Time at which the `JobRun` was created. + description: >- + Output only. Name of the `AutomationRun`. Format is + `projects/{project}/locations/{location}/deliveryPipelines/{delivery_pipeline}/automationRuns/{automation_run}`. + promoteReleaseOperation: + description: Output only. Promotes a release to a specified 'Target'. + $ref: '#/components/schemas/PromoteReleaseOperation' readOnly: true + targetId: + readOnly: true + description: >- + Output only. The ID of the source target that initiates the + `AutomationRun`. The value of this field is the last segment of a + target name. + type: string + updateTime: type: string format: google-datetime - startTime: - description: Output only. Time at which the `JobRun` was started. readOnly: true + description: Output only. Time at which the automationRun was updated. + serviceAccount: + readOnly: true + description: >- + Output only. Email address of the user-managed IAM service account + that performs the operations against Cloud Deploy resources. type: string - format: google-datetime - endTime: - description: Output only. Time at which the `JobRun` ended. + policyViolation: + description: >- + Output only. Contains information about what policies prevented the + `AutomationRun` from proceeding. + $ref: '#/components/schemas/PolicyViolation' readOnly: true + waitUntilTime: type: string + readOnly: true format: google-datetime + description: >- + Output only. Earliest time the `AutomationRun` will attempt to + resume. Wait-time is configured by `wait` in automation rule. state: - description: Output only. The current state of the `JobRun`. readOnly: true - type: string - enumDescriptions: - - The `JobRun` has an unspecified state. - - The `JobRun` is in progress. - - The `JobRun` has succeeded. - - The `JobRun` has failed. - - The `JobRun` is terminating. - - The `JobRun` was terminated. enum: - STATE_UNSPECIFIED - - IN_PROGRESS - SUCCEEDED + - CANCELLED - FAILED - - TERMINATING - - TERMINATED - deployJobRun: - description: Output only. Information specific to a deploy `JobRun`. - readOnly: true - $ref: '#/components/schemas/DeployJobRun' - verifyJobRun: - description: Output only. Information specific to a verify `JobRun`. - readOnly: true - $ref: '#/components/schemas/VerifyJobRun' - predeployJobRun: - description: Output only. Information specific to a predeploy `JobRun`. - readOnly: true - $ref: '#/components/schemas/PredeployJobRun' - postdeployJobRun: - description: Output only. Information specific to a postdeploy `JobRun`. - readOnly: true - $ref: '#/components/schemas/PostdeployJobRun' - createChildRolloutJobRun: - description: Output only. Information specific to a createChildRollout `JobRun`. - readOnly: true - $ref: '#/components/schemas/CreateChildRolloutJobRun' - advanceChildRolloutJobRun: - description: Output only. Information specific to an advanceChildRollout `JobRun` - readOnly: true - $ref: '#/components/schemas/AdvanceChildRolloutJobRun' - etag: - description: >- - Output only. This checksum is computed by the server based on the - value of other fields, and may be sent on update and delete requests - to ensure the client has an up-to-date value before proceeding. + - IN_PROGRESS + - PENDING + - ABORTED + description: Output only. Current state of the `AutomationRun`. + enumDescriptions: + - The `AutomationRun` has an unspecified state. + - The `AutomationRun` has succeeded. + - The `AutomationRun` was cancelled. + - The `AutomationRun` has failed. + - The `AutomationRun` is in progress. + - The `AutomationRun` is pending. + - The `AutomationRun` was aborted. + type: string + createTime: readOnly: true + format: google-datetime type: string - DeployJobRun: - id: DeployJobRun - description: DeployJobRun contains information specific to a deploy `JobRun`. - type: object - properties: - build: + description: Output only. Time at which the `AutomationRun` was created. + ruleId: description: >- - Output only. The resource name of the Cloud Build `Build` object - that is used to deploy. Format is - `projects/{project}/locations/{location}/builds/{build}`. + Output only. The ID of the automation rule that initiated the + operation. readOnly: true type: string - failureCause: - description: >- - Output only. The reason the deploy failed. This will always be - unspecified while the deploy is in progress or if it succeeded. + advanceRolloutOperation: + description: Output only. Advances a rollout to the next phase. readOnly: true + $ref: '#/components/schemas/AdvanceRolloutOperation' + etag: type: string - enumDescriptions: - - No reason for failure is specified. - - >- - Cloud Build is not available, either because it is not enabled or - because Cloud Deploy has insufficient permissions. See [Required - permission](https://cloud.google.com/deploy/docs/cloud-deploy-service-account#required_permissions). - - >- - The deploy operation did not complete successfully; check Cloud - Build logs. - - The deploy job run did not complete within the allotted time. - - >- - There were missing resources in the runtime environment required - for a canary deployment. Check the Cloud Build logs for more - information. - - >- - Cloud Build failed to fulfill Cloud Deploy's request. See - failure_message for additional details. - - >- - The deploy operation had a feature configured that is not - supported. - enum: - - FAILURE_CAUSE_UNSPECIFIED - - CLOUD_BUILD_UNAVAILABLE - - EXECUTION_FAILED - - DEADLINE_EXCEEDED - - MISSING_RESOURCES_FOR_CANARY - - CLOUD_BUILD_REQUEST_FAILED - - DEPLOY_FEATURE_NOT_SUPPORTED - failureMessage: + readOnly: true description: >- - Output only. Additional information about the deploy failure, if - available. + Output only. The weak etag of the `AutomationRun` resource. This + checksum is computed by the server based on the value of other + fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. + expireTime: readOnly: true type: string - metadata: description: >- - Output only. Metadata containing information about the deploy job - run. + Output only. Time the `AutomationRun` expires. An `AutomationRun` + expires after 14 days from its creation date. + format: google-datetime + automationSnapshot: + description: >- + Output only. Snapshot of the Automation taken at AutomationRun + creation time. + $ref: '#/components/schemas/Automation' readOnly: true - $ref: '#/components/schemas/DeployJobRunMetadata' - artifact: - description: Output only. The artifact of a deploy job run, if available. + automationId: readOnly: true - $ref: '#/components/schemas/DeployArtifact' - DeployJobRunMetadata: - id: DeployJobRunMetadata - description: >- - DeployJobRunMetadata surfaces information associated with a - `DeployJobRun` to the user. - type: object + description: Output only. The ID of the automation that initiated the operation. + type: string + RolloutRestriction: + description: Rollout restrictions. + id: RolloutRestriction properties: - cloudRun: + invokers: + type: array description: >- - Output only. The name of the Cloud Run Service that is associated - with a `DeployJobRun`. - readOnly: true - $ref: '#/components/schemas/CloudRunMetadata' - customTarget: + Optional. What invoked the action. If left empty, all invoker types + will be restricted. + items: + enum: + - INVOKER_UNSPECIFIED + - USER + - DEPLOY_AUTOMATION + type: string + enumDescriptions: + - Unspecified. + - >- + The action is user-driven. For example, creating a rollout + manually via a gcloud create command. + - Automated action by Cloud Deploy. + timeWindows: + $ref: '#/components/schemas/TimeWindows' + description: Required. Time window within which actions are restricted. + actions: description: >- - Output only. Custom Target metadata associated with a - `DeployJobRun`. - readOnly: true - $ref: '#/components/schemas/CustomTargetDeployMetadata' - custom: + Optional. Rollout actions to be restricted as part of the policy. If + left empty, all actions will be restricted. + type: array + items: + type: string + enum: + - ROLLOUT_ACTIONS_UNSPECIFIED + - ADVANCE + - APPROVE + - CANCEL + - CREATE + - IGNORE_JOB + - RETRY_JOB + - ROLLBACK + - TERMINATE_JOBRUN + enumDescriptions: + - Unspecified. + - Advance the rollout to the next phase. + - Approve the rollout. + - Cancel the rollout. + - Create a rollout. + - Ignore a job result on the rollout. + - Retry a job for a rollout. + - Rollback a rollout. + - Terminate a jobrun. + id: + type: string description: >- - Output only. Custom metadata provided by user-defined deploy - operation. - readOnly: true - $ref: '#/components/schemas/CustomMetadata' - CustomTargetDeployMetadata: - id: CustomTargetDeployMetadata - description: >- - CustomTargetDeployMetadata contains information from a Custom Target - deploy operation. + Required. Restriction rule ID. Required and must be unique within a + DeployPolicy. The format is `[a-z]([a-z0-9-]{0,61}[a-z0-9])?`. type: object + Postdeploy: properties: - skipMessage: + actions: + items: + type: string + type: array description: >- - Output only. Skip message provided in the results of a custom deploy - operation. - readOnly: true - type: string - DeployArtifact: - id: DeployArtifact - description: The artifacts produced by a deploy operation. + Optional. A sequence of Skaffold custom actions to invoke during + execution of the postdeploy job. + description: Postdeploy contains the postdeploy job configuration information. + id: Postdeploy type: object + OneTimeWindow: properties: - artifactUri: + startDate: + description: Required. Start date. + $ref: '#/components/schemas/Date' + endDate: + description: Required. End date. + $ref: '#/components/schemas/Date' + endTime: description: >- - Output only. URI of a directory containing the artifacts. All paths - are relative to this location. - readOnly: true - type: string - manifestPaths: + Required. End time (exclusive). You may use 24:00 for the end of the + day. + $ref: '#/components/schemas/TimeOfDay' + startTime: + $ref: '#/components/schemas/TimeOfDay' description: >- - Output only. File paths of the manifests applied during the deploy - operation relative to the URI. - readOnly: true - type: array - items: - type: string - VerifyJobRun: - id: VerifyJobRun - description: VerifyJobRun contains information specific to a verify `JobRun`. + Required. Start time (inclusive). Use 00:00 for the beginning of the + day. + id: OneTimeWindow + description: >- + One-time window within which actions are restricted. For example, + blocking actions over New Year's Eve from December 31st at 5pm to + January 1st at 9am. type: object + SkaffoldSupportedCondition: properties: - build: + supportExpirationTime: description: >- - Output only. The resource name of the Cloud Build `Build` object - that is used to verify. Format is - `projects/{project}/locations/{location}/builds/{build}`. - readOnly: true + The time at which this release's version of Skaffold will no longer + be supported. type: string - artifactUri: - description: >- - Output only. URI of a directory containing the verify artifacts. - This contains the Skaffold event log. - readOnly: true + format: google-datetime + skaffoldSupportState: type: string - eventLogPath: + enum: + - SKAFFOLD_SUPPORT_STATE_UNSPECIFIED + - SKAFFOLD_SUPPORT_STATE_SUPPORTED + - SKAFFOLD_SUPPORT_STATE_MAINTENANCE_MODE + - SKAFFOLD_SUPPORT_STATE_UNSUPPORTED + enumDescriptions: + - Default value. This value is unused. + - This Skaffold version is currently supported. + - This Skaffold version is in maintenance mode. + - This Skaffold version is no longer supported. + description: The Skaffold support state for this release's version of Skaffold. + status: + type: boolean + description: True if the version of Skaffold used by this release is supported. + maintenanceModeTime: description: >- - Output only. File path of the Skaffold event log relative to the - artifact URI. + The time at which this release's version of Skaffold will enter + maintenance mode. + type: string + format: google-datetime + type: object + id: SkaffoldSupportedCondition + description: >- + SkaffoldSupportedCondition contains information about when support for + the release's version of Skaffold ends. + PostdeployJobRun: + description: PostdeployJobRun contains information specific to a postdeploy `JobRun`. + properties: + failureMessage: readOnly: true type: string + description: >- + Output only. Additional information about the postdeploy failure, if + available. failureCause: description: >- - Output only. The reason the verify failed. This will always be - unspecified while the verify is in progress or if it succeeded. - readOnly: true + Output only. The reason the postdeploy failed. This will always be + unspecified while the postdeploy is in progress or if it succeeded. type: string - enumDescriptions: - - No reason for failure is specified. - - >- - Cloud Build is not available, either because it is not enabled or - because Cloud Deploy has insufficient permissions. See [required - permission](https://cloud.google.com/deploy/docs/cloud-deploy-service-account#required_permissions). - - >- - The verify operation did not complete successfully; check Cloud - Build logs. - - The verify job run did not complete within the allotted time. - - No Skaffold verify configuration was found. - - >- - Cloud Build failed to fulfill Cloud Deploy's request. See - failure_message for additional details. + readOnly: true enum: - FAILURE_CAUSE_UNSPECIFIED - CLOUD_BUILD_UNAVAILABLE - EXECUTION_FAILED - DEADLINE_EXCEEDED - - VERIFICATION_CONFIG_NOT_FOUND - CLOUD_BUILD_REQUEST_FAILED - failureMessage: - description: >- - Output only. Additional information about the verify failure, if - available. - readOnly: true - type: string - PredeployJobRun: - id: PredeployJobRun - description: PredeployJobRun contains information specific to a predeploy `JobRun`. - type: object - properties: - build: - description: >- - Output only. The resource name of the Cloud Build `Build` object - that is used to execute the custom actions associated with the - predeploy Job. Format is - `projects/{project}/locations/{location}/builds/{build}`. - readOnly: true - type: string - failureCause: - description: >- - Output only. The reason the predeploy failed. This will always be - unspecified while the predeploy is in progress or if it succeeded. - readOnly: true - type: string enumDescriptions: - No reason for failure is specified. - >- @@ -3015,29 +2871,12 @@ components: because Cloud Deploy has insufficient permissions. See [required permission](https://cloud.google.com/deploy/docs/cloud-deploy-service-account#required_permissions). - >- - The predeploy operation did not complete successfully; check Cloud - Build logs. - - The predeploy job run did not complete within the allotted time. + The postdeploy operation did not complete successfully; check + Cloud Build logs. + - The postdeploy job run did not complete within the allotted time. - >- Cloud Build failed to fulfill Cloud Deploy's request. See failure_message for additional details. - enum: - - FAILURE_CAUSE_UNSPECIFIED - - CLOUD_BUILD_UNAVAILABLE - - EXECUTION_FAILED - - DEADLINE_EXCEEDED - - CLOUD_BUILD_REQUEST_FAILED - failureMessage: - description: >- - Output only. Additional information about the predeploy failure, if - available. - readOnly: true - type: string - PostdeployJobRun: - id: PostdeployJobRun - description: PostdeployJobRun contains information specific to a postdeploy `JobRun`. - type: object - properties: build: description: >- Output only. The resource name of the Cloud Build `Build` object @@ -3046,716 +2885,1019 @@ components: `projects/{project}/locations/{location}/builds/{build}`. readOnly: true type: string - failureCause: + id: PostdeployJobRun + type: object + Expr: + id: Expr + type: object + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + properties: + description: description: >- - Output only. The reason the postdeploy failed. This will always be - unspecified while the postdeploy is in progress or if it succeeded. - readOnly: true + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + location: + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: string + expression: type: string + description: >- + Textual representation of an expression in Common Expression + Language syntax. + title: + type: string + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + Rollout: + properties: + etag: + type: string + description: >- + This checksum is computed by the server based on the value of other + fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. + approvalState: + readOnly: true enumDescriptions: - - No reason for failure is specified. - - >- - Cloud Build is not available, either because it is not enabled or - because Cloud Deploy has insufficient permissions. See [required - permission](https://cloud.google.com/deploy/docs/cloud-deploy-service-account#required_permissions). - - >- - The postdeploy operation did not complete successfully; check - Cloud Build logs. - - The postdeploy job run did not complete within the allotted time. - - >- - Cloud Build failed to fulfill Cloud Deploy's request. See - failure_message for additional details. + - The `Rollout` has an unspecified approval state. + - The `Rollout` requires approval. + - The `Rollout` does not require approval. + - The `Rollout` has been approved. + - The `Rollout` has been rejected. + description: Output only. Approval state of the `Rollout`. + type: string enum: - - FAILURE_CAUSE_UNSPECIFIED - - CLOUD_BUILD_UNAVAILABLE - - EXECUTION_FAILED - - DEADLINE_EXCEEDED - - CLOUD_BUILD_REQUEST_FAILED - failureMessage: + - APPROVAL_STATE_UNSPECIFIED + - NEEDS_APPROVAL + - DOES_NOT_NEED_APPROVAL + - APPROVED + - REJECTED + failureReason: + type: string description: >- - Output only. Additional information about the postdeploy failure, if + Output only. Additional information about the rollout failure, if available. readOnly: true + uid: + readOnly: true type: string - CreateChildRolloutJobRun: - id: CreateChildRolloutJobRun - description: >- - CreateChildRolloutJobRun contains information specific to a - createChildRollout `JobRun`. - type: object - properties: - rollout: + description: Output only. Unique identifier of the `Rollout`. + deployingBuild: + readOnly: true description: >- - Output only. Name of the `ChildRollout`. Format is + Output only. The resource name of the Cloud Build `Build` object + that is used to deploy the Rollout. Format is + `projects/{project}/locations/{location}/builds/{build}`. + type: string + name: + description: >- + Identifier. Name of the `Rollout`. Format is `projects/{project}/locations/{location}/deliveryPipelines/{deliveryPipeline}/releases/{release}/rollouts/{rollout}`. - readOnly: true + The `rollout` component must match `[a-z]([a-z0-9-]{0,61}[a-z0-9])?` type: string - rolloutPhaseId: + phases: description: >- - Output only. The ID of the childRollout Phase initiated by this - JobRun. + Output only. The phases that represent the workflows of this + `Rollout`. + items: + $ref: '#/components/schemas/Phase' + type: array readOnly: true + approveTime: type: string - AdvanceChildRolloutJobRun: - id: AdvanceChildRolloutJobRun - description: >- - AdvanceChildRolloutJobRun contains information specific to a - advanceChildRollout `JobRun`. - type: object - properties: - rollout: + readOnly: true + format: google-datetime + description: Output only. Time at which the `Rollout` was approved. + rollbackOfRollout: description: >- - Output only. Name of the `ChildRollout`. Format is - `projects/{project}/locations/{location}/deliveryPipelines/{deliveryPipeline}/releases/{release}/rollouts/{rollout}`. + Output only. Name of the `Rollout` that is rolled back by this + `Rollout`. Empty if this `Rollout` wasn't created as a rollback. readOnly: true type: string - rolloutPhaseId: - description: Output only. the ID of the ChildRollout's Phase. + createTime: readOnly: true + format: google-datetime + description: Output only. Time at which the `Rollout` was created. type: string - TerminateJobRunRequest: - id: TerminateJobRunRequest - description: The request object used by `TerminateJobRun`. - type: object - properties: - overrideDeployPolicy: + deployStartTime: + description: Output only. Time at which the `Rollout` started deploying. + type: string + readOnly: true + format: google-datetime + state: + readOnly: true + enum: + - STATE_UNSPECIFIED + - SUCCEEDED + - FAILED + - IN_PROGRESS + - PENDING_APPROVAL + - APPROVAL_REJECTED + - PENDING + - PENDING_RELEASE + - CANCELLING + - CANCELLED + - HALTED + description: Output only. Current state of the `Rollout`. + enumDescriptions: + - The `Rollout` has an unspecified state. + - The `Rollout` has completed successfully. + - The `Rollout` has failed. + - The `Rollout` is being deployed. + - The `Rollout` needs approval. + - An approver rejected the `Rollout`. + - >- + The `Rollout` is waiting for an earlier Rollout(s) to complete on + this `Target`. + - The `Rollout` is waiting for the `Release` to be fully rendered. + - The `Rollout` is in the process of being cancelled. + - The `Rollout` has been cancelled. + - The `Rollout` is halted. + type: string + annotations: + additionalProperties: + type: string description: >- - Optional. Deploy policies to override. Format is - `projects/{project}/locations/{location}/deployPolicies/{deployPolicy}`. + Optional. User annotations. These attributes can only be set and + used by the user, and not by Cloud Deploy. See + https://google.aip.dev/128#annotations for more details such as + format and size limitations. + type: object + enqueueTime: + type: string + description: Output only. Time at which the `Rollout` was enqueued. + format: google-datetime + readOnly: true + rolledBackByRollouts: + description: Output only. Names of `Rollouts` that rolled back this `Rollout`. type: array items: type: string - TerminateJobRunResponse: - id: TerminateJobRunResponse - description: The response object from `TerminateJobRun`. + readOnly: true + targetId: + description: Required. The ID of Target to which this `Rollout` is deploying. + type: string + deployFailureCause: + enum: + - FAILURE_CAUSE_UNSPECIFIED + - CLOUD_BUILD_UNAVAILABLE + - EXECUTION_FAILED + - DEADLINE_EXCEEDED + - RELEASE_FAILED + - RELEASE_ABANDONED + - VERIFICATION_CONFIG_NOT_FOUND + - CLOUD_BUILD_REQUEST_FAILED + - OPERATION_FEATURE_NOT_SUPPORTED + description: >- + Output only. The reason this rollout failed. This will always be + unspecified while the rollout is in progress. + readOnly: true + enumDescriptions: + - No reason for failure is specified. + - >- + Cloud Build is not available, either because it is not enabled or + because Cloud Deploy has insufficient permissions. See [required + permission](https://cloud.google.com/deploy/docs/cloud-deploy-service-account#required_permissions). + - >- + The deploy operation did not complete successfully; check Cloud + Build logs. + - Deployment did not complete within the allotted time. + - Release is in a failed state. + - Release is abandoned. + - No Skaffold verify configuration was found. + - >- + Cloud Build failed to fulfill Cloud Deploy's request. See + failure_message for additional details. + - >- + A Rollout operation had a feature configured that is not + supported. + type: string + description: + description: >- + Optional. Description of the `Rollout` for user purposes. Max length + is 255 characters. + type: string + deployEndTime: + format: google-datetime + description: Output only. Time at which the `Rollout` finished deploying. + type: string + readOnly: true + activeRepairAutomationRun: + description: Output only. The AutomationRun actively repairing the rollout. + readOnly: true + type: string + metadata: + description: Output only. Metadata contains information about the rollout. + readOnly: true + $ref: '#/components/schemas/Metadata' + labels: + additionalProperties: + type: string + type: object + description: >- + Labels are attributes that can be set and used by both the user and + by Cloud Deploy. Labels must meet the following constraints: * Keys + and values can contain only lowercase letters, numeric characters, + underscores, and dashes. * All characters must use UTF-8 encoding, + and international characters are allowed. * Keys must start with a + lowercase letter or international character. * Each resource is + limited to a maximum of 64 labels. Both keys and values are + additionally constrained to be <= 128 bytes. + controllerRollout: + description: >- + Output only. Name of the `ControllerRollout`. Format is + `projects/{project}/locations/{location}/deliveryPipelines/{deliveryPipeline}/releases/{release}/rollouts/{rollout}`. + type: string + readOnly: true + id: Rollout + description: >- + A `Rollout` resource in the Cloud Deploy API. A `Rollout` contains + information around a specific deployment to a `Target`. type: object + AdvanceRolloutResponse: + description: The response object from `AdvanceRollout`. + id: AdvanceRolloutResponse properties: {} - Config: - id: Config - description: Service-wide configuration. type: object + BuildArtifact: properties: - name: - description: Name of the configuration. + image: + description: Optional. Image name in Skaffold configuration. type: string - supportedVersions: - description: All supported versions of Skaffold. - type: array - items: - $ref: '#/components/schemas/SkaffoldVersion' - defaultSkaffoldVersion: + tag: description: >- - Default Skaffold version that is assigned when a Release is created - without specifying a Skaffold version. + Optional. Image tag to use. This will generally be the full path to + an image, such as "gcr.io/my-project/busybox:1.2.3" or + "gcr.io/my-project/busybox@sha256:abc123". type: string - SkaffoldVersion: - id: SkaffoldVersion - description: Details of a supported Skaffold version. + description: Description of an a image to use during Skaffold rendering. + id: BuildArtifact type: object + ToolVersions: properties: - version: - description: Release version number. For example, "1.20.3". + kubectl: + description: Optional. The kubectl version to use for Cloud Deploy operations. type: string - maintenanceModeTime: + docker: + type: string + description: Optional. The docker version to use for Cloud Deploy operations. + helm: + description: Optional. The helm version to use for Cloud Deploy operations. + type: string + skaffold: + type: string + description: Optional. The skaffold version to use for Cloud Deploy operations. + kustomize: + type: string + description: Optional. The kustomize version to use for Cloud Deploy operations. + kpt: + description: Optional. The kpt version to use for Cloud Deploy operations. + type: string + description: Details of ToolVersions for the release. + id: ToolVersions + type: object + SkaffoldGCBRepoSource: + type: object + properties: + path: description: >- - The time at which this version of Skaffold will enter maintenance - mode. + Optional. Relative path from the repository root to the Skaffold + Config file. + type: string + ref: + type: string + description: Optional. Branch or tag to use when cloning the repository. + repository: type: string - format: google-datetime - supportExpirationTime: description: >- - The time at which this version of Skaffold will no longer be - supported. + Required. Name of the Cloud Build V2 Repository. Format is + projects/{project}/locations/{location}/connections/{connection}/repositories/{repository}. + id: SkaffoldGCBRepoSource + description: Cloud Build V2 Repository containing Skaffold Configs. + PipelineReadyCondition: + properties: + status: + description: >- + True if the Pipeline is in a valid state. Otherwise at least one + condition in `PipelineCondition` is in an invalid state. Iterate + over those conditions and see which condition(s) has status = false + to find out what is wrong with the Pipeline. + type: boolean + updateTime: + description: Last time the condition was updated. type: string format: google-datetime - supportEndDate: - description: Date when this version is expected to no longer be supported. - $ref: '#/components/schemas/Date' - Automation: - id: Automation + type: object + id: PipelineReadyCondition description: >- - An `Automation` resource in the Cloud Deploy API. An `Automation` - enables the automation of manually driven actions for a Delivery - Pipeline, which includes Release promotion among Targets, Rollout repair - and Rollout deployment strategy advancement. The intention of Automation - is to reduce manual intervention in the continuous delivery process. + PipelineReadyCondition contains information around the status of the + Pipeline. + AdvanceChildRolloutJob: + properties: {} + description: An advanceChildRollout Job. + id: AdvanceChildRolloutJob type: object + CloudRunLocation: + description: Information specifying where to deploy a Cloud Run Service. properties: - name: - description: >- - Output only. Name of the `Automation`. Format is - `projects/{project}/locations/{location}/deliveryPipelines/{delivery_pipeline}/automations/{automation}`. - readOnly: true - type: string - uid: - description: Output only. Unique identifier of the `Automation`. - readOnly: true + location: type: string + description: >- + Required. The location for the Cloud Run Service. Format must be + `projects/{project}/locations/{location}`. + id: CloudRunLocation + type: object + Release: + id: Release + type: object + description: >- + A `Release` resource in the Cloud Deploy API. A `Release` defines a + specific Skaffold configuration instance that can be deployed. + properties: description: description: >- - Optional. Description of the `Automation`. Max length is 255 + Optional. Description of the `Release`. Max length is 255 characters. type: string - createTime: - description: Output only. Time at which the automation was created. + uid: readOnly: true type: string - format: google-datetime - updateTime: - description: Output only. Time at which the automation was updated. - readOnly: true - type: string - format: google-datetime - annotations: - description: >- - Optional. User annotations. These attributes can only be set and - used by the user, and not by Cloud Deploy. Annotations must meet the - following constraints: * Annotations are key/value pairs. * Valid - annotation keys have two segments: an optional prefix and name, - separated by a slash (`/`). * The name segment is required and must - be 63 characters or less, beginning and ending with an alphanumeric - character (`[a-z0-9A-Z]`) with dashes (`-`), underscores (`_`), dots - (`.`), and alphanumerics between. * The prefix is optional. If - specified, the prefix must be a DNS subdomain: a series of DNS - labels separated by dots(`.`), not longer than 253 characters in - total, followed by a slash (`/`). See - https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/#syntax-and-character-set - for more details. - type: object + description: Output only. Unique identifier of the `Release`. + targetArtifacts: additionalProperties: - type: string - labels: + $ref: '#/components/schemas/TargetArtifact' description: >- - Optional. Labels are attributes that can be set and used by both the - user and by Cloud Deploy. Labels must meet the following - constraints: * Keys and values can contain only lowercase letters, - numeric characters, underscores, and dashes. * All characters must - use UTF-8 encoding, and international characters are allowed. * Keys - must start with a lowercase letter or international character. * - Each resource is limited to a maximum of 64 labels. Both keys and - values are additionally constrained to be <= 63 characters. + Output only. Map from target ID to the target artifacts created + during the render operation. + readOnly: true type: object - additionalProperties: - type: string - etag: + condition: + readOnly: true + description: Output only. Information around the state of the Release. + $ref: '#/components/schemas/ReleaseCondition' + skaffoldVersion: + type: string description: >- - Optional. The weak etag of the `Automation` resource. This checksum - is computed by the server based on the value of other fields, and - may be sent on update and delete requests to ensure the client has - an up-to-date value before proceeding. + Optional. The Skaffold version to use when operating on this + release, such as "1.20.0". Not all versions are valid; Cloud Deploy + supports a specific set of versions. If unset, the most recent + supported Skaffold version will be used. + renderState: type: string - suspended: - description: Optional. When Suspended, automation is deactivated from execution. - type: boolean - serviceAccount: + description: Output only. Current state of the render operation. + enumDescriptions: + - The render state is unspecified. + - All rendering operations have completed successfully. + - >- + All rendering operations have completed, and one or more have + failed. + - Rendering has started and is not complete. + readOnly: true + enum: + - RENDER_STATE_UNSPECIFIED + - SUCCEEDED + - FAILED + - IN_PROGRESS + skaffoldConfigUri: description: >- - Required. Email address of the user-managed IAM service account that - creates Cloud Deploy release and rollout resources. + Optional. Cloud Storage URI of tar.gz archive containing Skaffold + configuration. + type: string + skaffoldConfigPath: + description: Optional. Filepath of the Skaffold config inside of the config URI. + type: string + name: type: string - selector: description: >- - Required. Selected resources to which the automation will be - applied. - $ref: '#/components/schemas/AutomationResourceSelector' - rules: + Identifier. Name of the `Release`. Format is + `projects/{project}/locations/{location}/deliveryPipelines/{deliveryPipeline}/releases/{release}`. + The `release` component must match `[a-z]([a-z0-9-]{0,61}[a-z0-9])?` + labels: + additionalProperties: + type: string description: >- - Required. List of Automation rules associated with the Automation - resource. Must have at least one rule and limited to 250 rules per - Delivery Pipeline. Note: the order of the rules here is not the same - as the order of execution. + Labels are attributes that can be set and used by both the user and + by Cloud Deploy. Labels must meet the following constraints: * Keys + and values can contain only lowercase letters, numeric characters, + underscores, and dashes. * All characters must use UTF-8 encoding, + and international characters are allowed. * Keys must start with a + lowercase letter or international character. * Each resource is + limited to a maximum of 64 labels. Both keys and values are + additionally constrained to be <= 128 bytes. + type: object + buildArtifacts: + items: + $ref: '#/components/schemas/BuildArtifact' + type: array + description: Optional. List of artifacts to pass through to Skaffold command. + targetSnapshots: type: array + description: Output only. Snapshot of the targets taken at release creation time. + readOnly: true items: - $ref: '#/components/schemas/AutomationRule' - AutomationResourceSelector: - id: AutomationResourceSelector - description: >- - AutomationResourceSelector contains the information to select the - resources to which an Automation is going to be applied. - type: object - properties: - targets: - description: Optional. Contains attributes about a target. + $ref: '#/components/schemas/Target' + toolVersions: + description: >- + Optional. The tool versions to use for this release and all + subsequent operations involving this release. If unset, then it will + freeze the tool versions at the time of release creation. + $ref: '#/components/schemas/ToolVersions' + renderStartTime: + description: Output only. Time at which the render began. + type: string + format: google-datetime + readOnly: true + renderEndTime: + description: Output only. Time at which the render completed. + type: string + readOnly: true + format: google-datetime + customTargetTypeSnapshots: + description: >- + Output only. Snapshot of the custom target types referenced by the + targets taken at release creation time. type: array + readOnly: true items: - $ref: '#/components/schemas/TargetAttribute' - AutomationRule: - id: AutomationRule - description: '`AutomationRule` defines the automation activities.' - type: object - properties: - promoteReleaseRule: + $ref: '#/components/schemas/CustomTargetType' + deployParameters: + additionalProperties: + type: string description: >- - Optional. `PromoteReleaseRule` will automatically promote a release - from the current target to a specified target. - $ref: '#/components/schemas/PromoteReleaseRule' - advanceRolloutRule: + Optional. The deploy parameters to use for all targets in this + release. + type: object + targetRenders: description: >- - Optional. The `AdvanceRolloutRule` will automatically advance a - successful Rollout. - $ref: '#/components/schemas/AdvanceRolloutRule' - repairRolloutRule: + Output only. Map from target ID to details of the render operation + for that target. + additionalProperties: + $ref: '#/components/schemas/TargetRender' + readOnly: true + type: object + etag: description: >- - Optional. The `RepairRolloutRule` will automatically repair a failed - rollout. - $ref: '#/components/schemas/RepairRolloutRule' - timedPromoteReleaseRule: + This checksum is computed by the server based on the value of other + fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. + type: string + deliveryPipelineSnapshot: + $ref: '#/components/schemas/DeliveryPipeline' + readOnly: true description: >- - Optional. The `TimedPromoteReleaseRule` will automatically promote a - release from the current target(s) to the specified target(s) on a - configured schedule. - $ref: '#/components/schemas/TimedPromoteReleaseRule' - PromoteReleaseRule: - id: PromoteReleaseRule + Output only. Snapshot of the parent pipeline taken at release + creation time. + createTime: + description: Output only. Time at which the `Release` was created. + type: string + format: google-datetime + readOnly: true + annotations: + description: >- + Optional. User annotations. These attributes can only be set and + used by the user, and not by Cloud Deploy. See + https://google.aip.dev/128#annotations for more details such as + format and size limitations. + type: object + additionalProperties: + type: string + abandoned: + description: Output only. Indicates whether this is an abandoned release. + type: boolean + readOnly: true + ToolVersionSupportedCondition: + id: ToolVersionSupportedCondition description: >- - The `PromoteRelease` rule will automatically promote a release from the - current target to a specified target. - type: object + ToolVersionSupportedCondition contains information about when support + for the release's version of a Tool ends. properties: - id: - description: >- - Required. ID of the rule. This id must be unique in the `Automation` - resource to which this rule belongs. The format is - `[a-z]([a-z0-9-]{0,61}[a-z0-9])?`. - type: string - wait: + status: description: >- - Optional. How long the release need to be paused until being - promoted to the next target. + Output only. True if the version of Tool used by this release is + supported. + type: boolean + readOnly: true + maintenanceModeTime: + readOnly: true type: string - format: google-duration - destinationTargetId: + format: google-datetime description: >- - Optional. The ID of the stage in the pipeline to which this - `Release` is deploying. If unspecified, default it to the next stage - in the promotion flow. The value of this field could be one of the - following: * The last segment of a target name * "@next", the next - target in the promotion sequence + Output only. The time at which this release's version of the Tool + will enter maintenance mode. + toolVersionSupportState: + enum: + - TOOL_VERSION_SUPPORT_STATE_UNSPECIFIED + - TOOL_VERSION_SUPPORT_STATE_SUPPORTED + - TOOL_VERSION_SUPPORT_STATE_MAINTENANCE_MODE + - TOOL_VERSION_SUPPORT_STATE_UNSUPPORTED type: string - condition: - description: Output only. Information around the state of the Automation rule. + enumDescriptions: + - Default value. This value is unused. + - This Tool version is currently supported. + - This Tool version is in maintenance mode. + - This Tool version is no longer supported. readOnly: true - $ref: '#/components/schemas/AutomationRuleCondition' - destinationPhase: description: >- - Optional. The starting phase of the rollout created by this - operation. Default to the first phase. + Output only. The Tool support state for this release's version of + the Tool. + supportExpirationTime: + description: >- + Output only. The time at which this release's version of the Tool + will no longer be supported. + format: google-datetime + readOnly: true type: string - AutomationRuleCondition: - id: AutomationRuleCondition - description: >- - `AutomationRuleCondition` contains conditions relevant to an - `Automation` rule. type: object + CancelRolloutResponse: + description: The response object from `CancelRollout`. + id: CancelRolloutResponse + properties: {} + type: object + DeliveryPipelineAttribute: properties: - targetsPresentCondition: - description: Optional. Details around targets enumerated in the rule. - $ref: '#/components/schemas/TargetsPresentCondition' - timedPromoteReleaseCondition: + labels: + type: object + description: DeliveryPipeline labels. + additionalProperties: + type: string + id: + type: string description: >- - Optional. TimedPromoteReleaseCondition contains rule conditions - specific to a an Automation with a timed promote release rule - defined. - $ref: '#/components/schemas/TimedPromoteReleaseCondition' - TimedPromoteReleaseCondition: - id: TimedPromoteReleaseCondition - description: >- - `TimedPromoteReleaseCondition` contains conditions specific to an - Automation with a Timed Promote Release rule defined. + Optional. ID of the `DeliveryPipeline`. The value of this field + could be one of the following: * The last segment of a pipeline name + * "*", all delivery pipelines in a location + description: Contains criteria for selecting DeliveryPipelines. + id: DeliveryPipelineAttribute type: object + PolicyViolation: properties: - nextPromotionTime: - description: Output only. When the next scheduled promotion(s) will occur. - readOnly: true - type: string - format: google-datetime - targetsList: - description: >- - Output only. A list of targets involved in the upcoming timed - promotion(s). - readOnly: true + policyViolationDetails: type: array + description: Policy violation details. items: - $ref: '#/components/schemas/Targets' - Targets: - id: Targets - description: The targets involved in a single timed promotion. + $ref: '#/components/schemas/PolicyViolationDetails' + id: PolicyViolation type: object - properties: - sourceTargetId: - description: Optional. The source target ID. - type: string - destinationTargetId: - description: Optional. The destination target ID. - type: string - AdvanceRolloutRule: - id: AdvanceRolloutRule description: >- - The `AdvanceRollout` automation rule will automatically advance a - successful Rollout to the next phase. - type: object + Returned from an action if one or more policies were violated, and + therefore the action was prevented. Contains information about what + policies were violated and why. + Policy: properties: - id: + version: + format: int32 description: >- - Required. ID of the rule. This id must be unique in the `Automation` - resource to which this rule belongs. The format is - `[a-z]([a-z0-9-]{0,61}[a-z0-9])?`. - type: string - sourcePhases: + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + type: integer + bindings: + items: + $ref: '#/components/schemas/Binding' description: >- - Optional. Proceeds only after phase name matched any one in the - list. This value must consist of lower-case letters, numbers, and - hyphens, start with a letter and end with a letter or a number, and - have a max length of 63 characters. In other words, it must match - the following regex: `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`. + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. type: array + auditConfigs: items: - type: string - wait: - description: Optional. How long to wait after a rollout is finished. + $ref: '#/components/schemas/AuditConfig' + description: Specifies cloud audit logging configuration for this policy. + type: array + etag: type: string - format: google-duration - condition: - description: Output only. Information around the state of the Automation rule. - readOnly: true - $ref: '#/components/schemas/AutomationRuleCondition' - RepairRolloutRule: - id: RepairRolloutRule + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + format: byte description: >- - The `RepairRolloutRule` automation rule will automatically repair a - failed `Rollout`. + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). type: object + id: Policy + WeeklyWindow: + id: WeeklyWindow properties: - id: - description: >- - Required. ID of the rule. This id must be unique in the `Automation` - resource to which this rule belongs. The format is - `[a-z]([a-z0-9-]{0,61}[a-z0-9])?`. - type: string - phases: + daysOfWeek: description: >- - Optional. Phases within which jobs are subject to automatic repair - actions on failure. Proceeds only after phase name matched any one - in the list, or for all phases if unspecified. This value must - consist of lower-case letters, numbers, and hyphens, start with a - letter and end with a letter or a number, and have a max length of - 63 characters. In other words, it must match the following regex: - `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`. - type: array + Optional. Days of week. If left empty, all days of the week will be + included. items: + enumDescriptions: + - The day of the week is unspecified. + - Monday + - Tuesday + - Wednesday + - Thursday + - Friday + - Saturday + - Sunday + enum: + - DAY_OF_WEEK_UNSPECIFIED + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + - SUNDAY type: string - jobs: - description: >- - Optional. Jobs to repair. Proceeds only after job name matched any - one in the list, or for all jobs if unspecified or empty. The phase - that includes the job must match the phase ID specified in - `source_phase`. This value must consist of lower-case letters, - numbers, and hyphens, start with a letter and end with a letter or a - number, and have a max length of 63 characters. In other words, it - must match the following regex: `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`. type: array - items: - type: string - condition: - description: Output only. Information around the state of the 'Automation' rule. - readOnly: true - $ref: '#/components/schemas/AutomationRuleCondition' - repairPhases: + startTime: + $ref: '#/components/schemas/TimeOfDay' description: >- - Required. Defines the types of automatic repair phases for failed - jobs. - type: array - items: - $ref: '#/components/schemas/RepairPhaseConfig' - RepairPhaseConfig: - id: RepairPhaseConfig - description: Configuration of the repair phase. + Optional. Start time (inclusive). Use 00:00 for the beginning of the + day. If you specify start_time you must also specify end_time. If + left empty, this will block for the entire day for the days + specified in days_of_week. + endTime: + description: >- + Optional. End time (exclusive). Use 24:00 to indicate midnight. If + you specify end_time you must also specify start_time. If left + empty, this will block for the entire day for the days specified in + days_of_week. + $ref: '#/components/schemas/TimeOfDay' + type: object + description: >- + Weekly windows. For example, blocking actions every Saturday and Sunday. + Another example would be blocking actions every weekday from 5pm to + midnight. + DefaultPool: type: object + id: DefaultPool + description: Execution using the default Cloud Build pool. properties: - retry: - description: Optional. Retries a failed job. - $ref: '#/components/schemas/Retry' - rollback: - description: Optional. Rolls back a `Rollout`. - $ref: '#/components/schemas/Rollback' - Retry: - id: Retry - description: Retries the failed job. + artifactStorage: + type: string + description: >- + Optional. Cloud Storage location where execution outputs should be + stored. This can either be a bucket ("gs://my-bucket") or a path + within a bucket ("gs://my-bucket/my-dir"). If unspecified, a default + bucket located in the same region will be used. + serviceAccount: + type: string + description: >- + Optional. Google service account to use for execution. If + unspecified, the project execution service account + (-compute@developer.gserviceaccount.com) will be used. + VerifyJob: + description: A verify Job. + properties: {} + type: object + id: VerifyJob + DeployJob: + properties: {} + type: object + id: DeployJob + description: A deploy Job. + RetryAttempt: + description: >- + RetryAttempt represents an action of retrying the failed Cloud Deploy + job. type: object + id: RetryAttempt properties: - attempts: - description: >- - Required. Total number of retries. Retry is skipped if set to 0; The - minimum value is 1, and the maximum value is 10. + state: type: string - format: int64 + readOnly: true + enum: + - REPAIR_STATE_UNSPECIFIED + - REPAIR_STATE_SUCCEEDED + - REPAIR_STATE_CANCELLED + - REPAIR_STATE_FAILED + - REPAIR_STATE_IN_PROGRESS + - REPAIR_STATE_PENDING + - REPAIR_STATE_ABORTED + description: Output only. Valid state of this retry action. + enumDescriptions: + - The `repair` has an unspecified state. + - The `repair` action has succeeded. + - The `repair` action was cancelled. + - The `repair` action has failed. + - The `repair` action is in progress. + - The `repair` action is pending. + - The `repair` action was aborted. wait: - description: >- - Optional. How long to wait for the first retry. Default is 0, and - the maximum value is 14d. type: string + description: Output only. How long the operation will be paused. format: google-duration - backoffMode: - description: >- - Optional. The pattern of how wait time will be increased. Default is - linear. Backoff mode will be ignored if `wait` is 0. + readOnly: true + attempt: + description: Output only. The index of this retry attempt. type: string - enumDescriptions: - - No WaitMode is specified. - - Increases the wait time linearly. - - Increases the wait time exponentially. - enum: - - BACKOFF_MODE_UNSPECIFIED - - BACKOFF_MODE_LINEAR - - BACKOFF_MODE_EXPONENTIAL - Rollback: - id: Rollback - description: Rolls back a `Rollout`. - type: object - properties: - destinationPhase: - description: >- - Optional. The starting phase ID for the `Rollout`. If unspecified, - the `Rollout` will start in the stable phase. + format: int64 + readOnly: true + stateDesc: + readOnly: true type: string - disableRollbackIfRolloutPending: - description: >- - Optional. If pending rollout exists on the target, the rollback - operation will be aborted. - type: boolean - TimedPromoteReleaseRule: - id: TimedPromoteReleaseRule - description: >- - The `TimedPromoteReleaseRule` will automatically promote a release from - the current target(s) to the specified target(s) on a configured - schedule. - type: object + description: Output only. Description of the state of the Retry. + RollbackTargetRequest: + id: RollbackTargetRequest properties: - id: + rollbackConfig: + description: Optional. Configs for the rollback `Rollout`. + $ref: '#/components/schemas/RollbackTargetConfig' + releaseId: description: >- - Required. ID of the rule. This ID must be unique in the `Automation` - resource to which this rule belongs. The format is - `[a-z]([a-z0-9-]{0,61}[a-z0-9])?`. + Optional. ID of the `Release` to roll back to. If this isn't + specified, the previous successful `Rollout` to the specified target + will be used to determine the `Release`. type: string - destinationTargetId: - description: >- - Optional. The ID of the stage in the pipeline to which this - `Release` is deploying. If unspecified, default it to the next stage - in the promotion flow. The value of this field could be one of the - following: * The last segment of a target name * "@next", the next - target in the promotion sequence + rolloutId: type: string - schedule: - description: >- - Required. Schedule in crontab format. e.g. "0 9 * * 1" for every - Monday at 9am. + description: Required. ID of the rollback `Rollout` to create. + targetId: + description: Required. ID of the `Target` that is being rolled back. type: string - timeZone: + overrideDeployPolicy: description: >- - Required. The time zone in IANA format [IANA Time Zone - Database](https://www.iana.org/time-zones) (e.g. America/New_York). + Optional. Deploy policies to override. Format is + `projects/{project}/locations/{location}/deployPolicies/{deploy_policy}`. + type: array + items: + type: string + validateOnly: + description: >- + Optional. If set to true, the request is validated and the user is + provided with a `RollbackTargetResponse`. + type: boolean + rolloutToRollBack: type: string - condition: - description: Output only. Information around the state of the Automation rule. - readOnly: true - $ref: '#/components/schemas/AutomationRuleCondition' - destinationPhase: description: >- - Optional. The starting phase of the rollout created by this rule. - Default to the first phase. + Optional. If provided, this must be the latest `Rollout` that is on + the `Target`. + description: The request object for `RollbackTarget`. + type: object + TargetNotificationEvent: + type: object + id: TargetNotificationEvent + description: >- + Payload proto for "clouddeploy.googleapis.com/target_notification" + Platform Log event that describes the failure to send target status + change Pub/Sub notification. + properties: + message: + description: Debug message for when a notification fails to send. type: string - ListAutomationsResponse: - id: ListAutomationsResponse - description: The response object from `ListAutomations`. + target: + type: string + description: The name of the `Target`. + type: + enumDeprecated: + - false + - false + - false + - false + - false + - false + - false + - false + - true + description: Type of this notification, e.g. for a Pub/Sub failure. + type: string + enum: + - TYPE_UNSPECIFIED + - TYPE_PUBSUB_NOTIFICATION_FAILURE + - TYPE_RESOURCE_STATE_CHANGE + - TYPE_PROCESS_ABORTED + - TYPE_RESTRICTION_VIOLATED + - TYPE_RESOURCE_DELETED + - TYPE_ROLLOUT_UPDATE + - TYPE_DEPLOY_POLICY_EVALUATION + - TYPE_RENDER_STATUES_CHANGE + enumDescriptions: + - Type is unspecified. + - A Pub/Sub notification failed to be sent. + - Resource state changed. + - A process aborted. + - Restriction check failed. + - Resource deleted. + - Rollout updated. + - Deploy Policy evaluation. + - >- + Deprecated: This field is never used. Use release_render log type + instead. + ChildRolloutJobs: + id: ChildRolloutJobs type: object properties: - automations: - description: The `Automation` objects. + advanceRolloutJobs: + readOnly: true type: array items: - $ref: '#/components/schemas/Automation' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - unreachable: - description: Locations that could not be reached. + $ref: '#/components/schemas/Job' + description: Output only. List of AdvanceChildRolloutJobs + createRolloutJobs: + description: Output only. List of CreateChildRolloutJobs type: array + readOnly: true items: - type: string - AutomationRun: - id: AutomationRun - description: >- - An `AutomationRun` resource in the Cloud Deploy API. An `AutomationRun` - represents an execution instance of an automation rule. + $ref: '#/components/schemas/Job' + description: ChildRollouts job composition + AutomationRule: + description: '`AutomationRule` defines the automation activities.' type: object + id: AutomationRule properties: - name: + repairRolloutRule: description: >- - Output only. Name of the `AutomationRun`. Format is - `projects/{project}/locations/{location}/deliveryPipelines/{delivery_pipeline}/automationRuns/{automation_run}`. - readOnly: true - type: string - createTime: - description: Output only. Time at which the `AutomationRun` was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Time at which the automationRun was updated. - readOnly: true - type: string - format: google-datetime - etag: + Optional. The `RepairRolloutRule` will automatically repair a failed + rollout. + $ref: '#/components/schemas/RepairRolloutRule' + promoteReleaseRule: description: >- - Output only. The weak etag of the `AutomationRun` resource. This - checksum is computed by the server based on the value of other - fields, and may be sent on update and delete requests to ensure the - client has an up-to-date value before proceeding. - readOnly: true - type: string - serviceAccount: + Optional. `PromoteReleaseRule` will automatically promote a release + from the current target to a specified target. + $ref: '#/components/schemas/PromoteReleaseRule' + timedPromoteReleaseRule: description: >- - Output only. Email address of the user-managed IAM service account - that performs the operations against Cloud Deploy resources. - readOnly: true - type: string - automationSnapshot: + Optional. The `TimedPromoteReleaseRule` will automatically promote a + release from the current target(s) to the specified target(s) on a + configured schedule. + $ref: '#/components/schemas/TimedPromoteReleaseRule' + advanceRolloutRule: description: >- - Output only. Snapshot of the Automation taken at AutomationRun - creation time. + Optional. The `AdvanceRolloutRule` will automatically advance a + successful Rollout. + $ref: '#/components/schemas/AdvanceRolloutRule' + TargetRender: + id: TargetRender + description: Details of rendering for a single target. + type: object + properties: + failureCause: + type: string + enum: + - FAILURE_CAUSE_UNSPECIFIED + - CLOUD_BUILD_UNAVAILABLE + - EXECUTION_FAILED + - CLOUD_BUILD_REQUEST_FAILED + - VERIFICATION_CONFIG_NOT_FOUND + - CUSTOM_ACTION_NOT_FOUND + - DEPLOYMENT_STRATEGY_NOT_SUPPORTED + - RENDER_FEATURE_NOT_SUPPORTED + enumDescriptions: + - No reason for failure is specified. + - >- + Cloud Build is not available, either because it is not enabled or + because Cloud Deploy has insufficient permissions. See [required + permission](https://cloud.google.com/deploy/docs/cloud-deploy-service-account#required_permissions). + - >- + The render operation did not complete successfully; check Cloud + Build logs. + - >- + Cloud Build failed to fulfill Cloud Deploy's request. See + failure_message for additional details. + - >- + The render operation did not complete successfully because the + verification stanza required for verify was not found on the + Skaffold configuration. + - >- + The render operation did not complete successfully because the + custom action(s) required for Rollout jobs were not found in the + Skaffold configuration. See failure_message for additional + details. + - >- + Release failed during rendering because the release configuration + is not supported with the specified deployment strategy. + - >- + The render operation had a feature configured that is not + supported. readOnly: true - $ref: '#/components/schemas/Automation' - targetId: description: >- - Output only. The ID of the source target that initiates the - `AutomationRun`. The value of this field is the last segment of a - target name. - readOnly: true + Output only. Reason this render failed. This will always be + unspecified while the render in progress. + renderingState: type: string - state: - description: Output only. Current state of the `AutomationRun`. readOnly: true - type: string enumDescriptions: - - The `AutomationRun` has an unspecified state. - - The `AutomationRun` has succeeded. - - The `AutomationRun` was cancelled. - - The `AutomationRun` has failed. - - The `AutomationRun` is in progress. - - The `AutomationRun` is pending. - - The `AutomationRun` was aborted. + - The render operation state is unspecified. + - The render operation has completed successfully. + - The render operation has failed. + - The render operation is in progress. enum: - - STATE_UNSPECIFIED + - TARGET_RENDER_STATE_UNSPECIFIED - SUCCEEDED - - CANCELLED - FAILED - IN_PROGRESS - - PENDING - - ABORTED - stateDescription: - description: >- - Output only. Explains the current state of the `AutomationRun`. - Present only when an explanation is needed. + description: Output only. Current state of the render operation for this Target. + metadata: + $ref: '#/components/schemas/RenderMetadata' readOnly: true - type: string - policyViolation: description: >- - Output only. Contains information about what policies prevented the - `AutomationRun` from proceeding. - readOnly: true - $ref: '#/components/schemas/PolicyViolation' - expireTime: + Output only. Metadata related to the `Release` render for this + Target. + failureMessage: description: >- - Output only. Time the `AutomationRun` expires. An `AutomationRun` - expires after 14 days from its creation date. + Output only. Additional information about the render failure, if + available. readOnly: true type: string - format: google-datetime - ruleId: + renderingBuild: description: >- - Output only. The ID of the automation rule that initiated the - operation. - readOnly: true - type: string - automationId: - description: Output only. The ID of the automation that initiated the operation. - readOnly: true + Output only. The resource name of the Cloud Build `Build` object + that is used to render the manifest for this target. Format is + `projects/{project}/locations/{location}/builds/{build}`. type: string - promoteReleaseOperation: - description: Output only. Promotes a release to a specified 'Target'. - readOnly: true - $ref: '#/components/schemas/PromoteReleaseOperation' - advanceRolloutOperation: - description: Output only. Advances a rollout to the next phase. - readOnly: true - $ref: '#/components/schemas/AdvanceRolloutOperation' - repairRolloutOperation: - description: Output only. Repairs a failed 'Rollout'. - readOnly: true - $ref: '#/components/schemas/RepairRolloutOperation' - timedPromoteReleaseOperation: - description: >- - Output only. Promotes a release to a specified 'Target' as defined - in a Timed Promote Release rule. - readOnly: true - $ref: '#/components/schemas/TimedPromoteReleaseOperation' - waitUntilTime: - description: >- - Output only. Earliest time the `AutomationRun` will attempt to - resume. Wait-time is configured by `wait` in automation rule. readOnly: true - type: string - format: google-datetime - PolicyViolation: - id: PolicyViolation - description: >- - Returned from an action if one or more policies were violated, and - therefore the action was prevented. Contains information about what - policies were violated and why. - type: object - properties: - policyViolationDetails: - description: Policy violation details. - type: array - items: - $ref: '#/components/schemas/PolicyViolationDetails' - PolicyViolationDetails: - id: PolicyViolationDetails - description: Policy violation details. - type: object - properties: - policy: - description: >- - Name of the policy that was violated. Policy resource will be in the - format of - `projects/{project}/locations/{location}/policies/{policy}`. - type: string - ruleId: - description: Id of the rule that triggered the policy violation. - type: string - failureMessage: - description: >- - User readable message about why the request violated a policy. This - is not intended for machine parsing. - type: string PromoteReleaseOperation: id: PromoteReleaseOperation description: Contains the information of an automated promote-release operation. type: object properties: + wait: + type: string + format: google-duration + readOnly: true + description: Output only. How long the operation will be paused. targetId: description: >- Output only. The ID of the target that represents the promotion stage to which the release will be promoted. The value of this field is the last segment of a target name. - readOnly: true type: string - wait: - description: Output only. How long the operation will be paused. readOnly: true - type: string - format: google-duration rollout: description: >- Output only. The name of the rollout that initiates the @@ -3768,430 +3910,533 @@ components: operation. readOnly: true type: string - AdvanceRolloutOperation: - id: AdvanceRolloutOperation - description: Contains the information of an automated advance-rollout operation. - type: object + ReleaseRenderEvent: + id: ReleaseRenderEvent properties: - sourcePhase: - description: Output only. The phase of a deployment that initiated the operation. - readOnly: true + type: + enumDescriptions: + - Type is unspecified. + - A Pub/Sub notification failed to be sent. + - Resource state changed. + - A process aborted. + - Restriction check failed. + - Resource deleted. + - Rollout updated. + - Deploy Policy evaluation. + - >- + Deprecated: This field is never used. Use release_render log type + instead. type: string - wait: - description: Output only. How long the operation will be paused. - readOnly: true + enumDeprecated: + - false + - false + - false + - false + - false + - false + - false + - false + - true + description: >- + Type of this notification, e.g. for a release render state change + event. + enum: + - TYPE_UNSPECIFIED + - TYPE_PUBSUB_NOTIFICATION_FAILURE + - TYPE_RESOURCE_STATE_CHANGE + - TYPE_PROCESS_ABORTED + - TYPE_RESTRICTION_VIOLATED + - TYPE_RESOURCE_DELETED + - TYPE_ROLLOUT_UPDATE + - TYPE_DEPLOY_POLICY_EVALUATION + - TYPE_RENDER_STATUES_CHANGE + message: type: string - format: google-duration - rollout: description: >- - Output only. The name of the rollout that initiates the - `AutomationRun`. - readOnly: true + Debug message for when a render transition occurs. Provides further + details as rendering progresses through render states. + pipelineUid: + description: Unique identifier of the `DeliveryPipeline`. type: string - destinationPhase: - description: Output only. The phase the rollout will be advanced to. - readOnly: true + releaseRenderState: + enum: + - RENDER_STATE_UNSPECIFIED + - SUCCEEDED + - FAILED + - IN_PROGRESS type: string - RepairRolloutOperation: - id: RepairRolloutOperation - description: Contains the information for an automated `repair rollout` operation. + enumDescriptions: + - The render state is unspecified. + - All rendering operations have completed successfully. + - >- + All rendering operations have completed, and one or more have + failed. + - Rendering has started and is not complete. + description: The state of the release render. + release: + description: >- + The name of the release. release_uid is not in this log message + because we write some of these log messages at release creation + time, before we've generated the uid. + type: string + description: >- + Payload proto for "clouddeploy.googleapis.com/release_render" Platform + Log event that describes the render status change. type: object + DeployPolicyEvaluationEvent: properties: - rollout: + target: description: >- - Output only. The name of the rollout that initiates the - `AutomationRun`. - readOnly: true + The name of the `Target`. This is an optional field, as a `Target` + may not always be applicable to a policy. type: string - currentRepairPhaseIndex: - description: >- - Output only. The index of the current repair action in the repair - sequence. - readOnly: true + deliveryPipeline: + description: The name of the `Delivery Pipeline`. type: string - format: int64 - repairPhases: + invoker: + enumDescriptions: + - Unspecified. + - >- + The action is user-driven. For example, creating a rollout + manually via a gcloud create command. + - Automated action by Cloud Deploy. + type: string + enum: + - INVOKER_UNSPECIFIED + - USER + - DEPLOY_AUTOMATION + description: What invoked the action (e.g. a user or automation). + message: + description: Debug message for when a deploy policy event occurs. + type: string + verdict: + description: The policy verdict of the request. + enum: + - POLICY_VERDICT_UNSPECIFIED + - ALLOWED_BY_POLICY + - DENIED_BY_POLICY + type: string + enumDescriptions: + - This should never happen. + - >- + Allowed by policy. This enum value is not currently used but may + be used in the future. Currently logs are only generated when a + request is denied by policy. + - Denied by policy. + overrides: description: >- - Output only. Records of the repair attempts. Each repair phase may - have multiple retry attempts or single rollback attempt. - readOnly: true + Things that could have overridden the policy verdict. Overrides + together with verdict decide whether the request is allowed. type: array items: - $ref: '#/components/schemas/RepairPhase' - phaseId: + enumDescriptions: + - This should never happen. + - The policy was overridden. + - The policy was suspended. + type: string + enum: + - POLICY_VERDICT_OVERRIDE_UNSPECIFIED + - POLICY_OVERRIDDEN + - POLICY_SUSPENDED + rule: + description: Rule id. + type: string + deployPolicy: + type: string + description: The name of the `DeployPolicy`. + allowed: + type: boolean description: >- - Output only. The phase ID of the phase that includes the job being - repaired. - readOnly: true + Whether the request is allowed. Allowed is set as true if: (1) the + request complies with the policy; or (2) the request doesn't comply + with the policy but the policy was overridden; or (3) the request + doesn't comply with the policy but the policy was suspended + ruleType: type: string - jobId: - description: Output only. The job ID for the Job to repair. - readOnly: true + description: Rule type (e.g. Restrict Rollouts). + deployPolicyUid: + description: Unique identifier of the `DeployPolicy`. type: string - RepairPhase: - id: RepairPhase - description: >- - RepairPhase tracks the repair attempts that have been made for each - `RepairPhaseConfig` specified in the `Automation` resource. - type: object - properties: - retry: - description: Output only. Records of the retry attempts for retry repair mode. - readOnly: true - $ref: '#/components/schemas/RetryPhase' - rollback: - description: Output only. Rollback attempt for rollback repair mode . - readOnly: true - $ref: '#/components/schemas/RollbackAttempt' - RetryPhase: - id: RetryPhase - description: >- - RetryPhase contains the retry attempts and the metadata for initiating a - new attempt. - type: object - properties: - totalAttempts: - description: Output only. The number of attempts that have been made. - readOnly: true + targetUid: type: string - format: int64 - backoffMode: description: >- - Output only. The pattern of how the wait time of the retry attempt - is calculated. - readOnly: true + Unique identifier of the `Target`. This is an optional field, as a + `Target` may not always be applicable to a policy. + pipelineUid: + description: Unique identifier of the `Delivery Pipeline`. type: string - enumDescriptions: - - No WaitMode is specified. - - Increases the wait time linearly. - - Increases the wait time exponentially. - enum: - - BACKOFF_MODE_UNSPECIFIED - - BACKOFF_MODE_LINEAR - - BACKOFF_MODE_EXPONENTIAL - attempts: - description: Output only. Detail of a retry action. - readOnly: true + type: object + description: >- + Payload proto for "clouddeploy.googleapis.com/deploypolicy_evaluation" + Platform Log event that describes the deploy policy evaluation event. + id: DeployPolicyEvaluationEvent + CancelRolloutRequest: + id: CancelRolloutRequest + properties: + overrideDeployPolicy: type: array items: - $ref: '#/components/schemas/RetryAttempt' - RetryAttempt: - id: RetryAttempt - description: >- - RetryAttempt represents an action of retrying the failed Cloud Deploy - job. + type: string + description: >- + Optional. Deploy policies to override. Format is + `projects/{project}/locations/{location}/deployPolicies/{deployPolicy}`. + type: object + description: The request object used by `CancelRollout`. + GatewayServiceMesh: + id: GatewayServiceMesh type: object + description: Information about the Kubernetes Gateway API service mesh configuration. properties: - attempt: - description: Output only. The index of this retry attempt. - readOnly: true + stableCutbackDuration: + description: >- + Optional. The amount of time to migrate traffic back from the canary + Service to the original Service during the stable phase deployment. + If specified, must be between 15s and 3600s. If unspecified, there + is no cutback time. + format: google-duration type: string - format: int64 - wait: - description: Output only. How long the operation will be paused. - readOnly: true + httpRoute: + description: Required. Name of the Gateway API HTTPRoute. + type: string + routeDestinations: + description: >- + Optional. Route destinations allow configuring the Gateway API + HTTPRoute to be deployed to additional clusters. This option is + available for multi-cluster service mesh set ups that require the + route to exist in the clusters that call the service. If + unspecified, the HTTPRoute will only be deployed to the Target + cluster. + $ref: '#/components/schemas/RouteDestinations' + podSelectorLabel: + description: >- + Optional. The label to use when selecting Pods for the Deployment + and Service resources. This label must already be present in both + resources. + type: string + deployment: + description: >- + Required. Name of the Kubernetes Deployment whose traffic is managed + by the specified HTTPRoute and Service. type: string + routeUpdateWaitTime: format: google-duration - state: - description: Output only. Valid state of this retry action. - readOnly: true + description: >- + Optional. The time to wait for route updates to propagate. The + maximum configurable time is 3 hours, in seconds format. If + unspecified, there is no wait time. type: string - enumDescriptions: - - The `repair` has an unspecified state. - - The `repair` action has succeeded. - - The `repair` action was cancelled. - - The `repair` action has failed. - - The `repair` action is in progress. - - The `repair` action is pending. - - The `repair` action was aborted. - enum: - - REPAIR_STATE_UNSPECIFIED - - REPAIR_STATE_SUCCEEDED - - REPAIR_STATE_CANCELLED - - REPAIR_STATE_FAILED - - REPAIR_STATE_IN_PROGRESS - - REPAIR_STATE_PENDING - - REPAIR_STATE_ABORTED - stateDesc: - description: Output only. Description of the state of the Retry. - readOnly: true + service: type: string - RollbackAttempt: - id: RollbackAttempt + description: Required. Name of the Kubernetes Service. + Operation: description: >- - RollbackAttempt represents an action of rolling back a Cloud Deploy - 'Target'. + This resource represents a long-running operation that is the result of + a network API call. type: object properties: - destinationPhase: - description: Output only. The phase to which the rollout will be rolled back to. - readOnly: true - type: string - rolloutId: - description: Output only. ID of the rollback `Rollout` to create. - readOnly: true - type: string - state: - description: Output only. Valid state of this rollback action. - readOnly: true - type: string - enumDescriptions: - - The `repair` has an unspecified state. - - The `repair` action has succeeded. - - The `repair` action was cancelled. - - The `repair` action has failed. - - The `repair` action is in progress. - - The `repair` action is pending. - - The `repair` action was aborted. - enum: - - REPAIR_STATE_UNSPECIFIED - - REPAIR_STATE_SUCCEEDED - - REPAIR_STATE_CANCELLED - - REPAIR_STATE_FAILED - - REPAIR_STATE_IN_PROGRESS - - REPAIR_STATE_PENDING - - REPAIR_STATE_ABORTED - stateDesc: - description: Output only. Description of the state of the Rollback. - readOnly: true - type: string - disableRollbackIfRolloutPending: + error: description: >- - Output only. If active rollout exists on the target, abort this - rollback. - readOnly: true + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + done: type: boolean - TimedPromoteReleaseOperation: - id: TimedPromoteReleaseOperation - description: >- - Contains the information of an automated timed promote-release - operation. + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + name: + type: string + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + metadata: + type: object + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + response: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + id: Operation + DeployPolicyResourceSelector: type: object properties: - targetId: - description: >- - Output only. The ID of the target that represents the promotion - stage to which the release will be promoted. The value of this field - is the last segment of a target name. - readOnly: true + deliveryPipeline: + description: Optional. Contains attributes about a delivery pipeline. + $ref: '#/components/schemas/DeliveryPipelineAttribute' + target: + $ref: '#/components/schemas/TargetAttribute' + description: Optional. Contains attributes about a target. + id: DeployPolicyResourceSelector + description: >- + Contains information on the resources to select for a deploy policy. + Attributes provided must all match the resource in order for policy + restrictions to apply. For example, if delivery pipelines attributes + given are an id "prod" and labels "foo: bar", a delivery pipeline + resource must match both that id and have that label in order to be + subject to the policy. + ListLocationsResponse: + id: ListLocationsResponse + description: The response message for Locations.ListLocations. + properties: + nextPageToken: + description: The standard List next-page token. type: string - release: - description: Output only. The name of the release to be promoted. + locations: + items: + $ref: '#/components/schemas/Location' + type: array + description: >- + A list of locations that matches the specified filter in the + request. + type: object + RenderMetadata: + properties: + custom: readOnly: true - type: string - phase: + $ref: '#/components/schemas/CustomMetadata' description: >- - Output only. The starting phase of the rollout created by this + Output only. Custom metadata provided by user-defined render operation. + cloudRun: + description: Output only. Metadata associated with rendering for Cloud Run. + $ref: '#/components/schemas/CloudRunRenderMetadata' readOnly: true - type: string - ListAutomationRunsResponse: - id: ListAutomationRunsResponse - description: The response object from `ListAutomationRuns`. type: object + id: RenderMetadata + description: RenderMetadata includes information associated with a `Release` render. + AdvanceRolloutRequest: + description: The request object used by `AdvanceRollout`. + id: AdvanceRolloutRequest properties: - automationRuns: - description: The `AutomationRuns` objects. - type: array - items: - $ref: '#/components/schemas/AutomationRun' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + phaseId: type: string - unreachable: - description: Locations that could not be reached. + description: Required. The phase ID to advance the `Rollout` to. + overrideDeployPolicy: type: array + description: >- + Optional. Deploy policies to override. Format is + `projects/{project}/locations/{location}/deployPolicies/{deployPolicy}`. items: type: string - CancelAutomationRunRequest: - id: CancelAutomationRunRequest - description: The request object used by `CancelAutomationRun`. type: object - properties: {} - CancelAutomationRunResponse: - id: CancelAutomationRunResponse - description: The response object from `CancelAutomationRun`. - type: object - properties: {} - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. + MultiTarget: type: object + id: MultiTarget properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. + targetIds: + description: Required. The target_ids of this multiTarget. + items: + type: string type: array + description: Information specifying a multiTarget. + Config: + description: Service-wide configuration. + type: object + id: Config + properties: + supportedVersions: + description: All supported versions of Skaffold. items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. + $ref: '#/components/schemas/SkaffoldVersion' + type: array + defaultSkaffoldVersion: type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + description: >- + Default Skaffold version that is assigned when a Release is created + without specifying a Skaffold version. + name: + type: string + description: Name of the configuration. + SkaffoldGCSSource: type: object + id: SkaffoldGCSSource properties: - name: + source: description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + Required. Cloud Storage source paths to copy recursively. For + example, providing "gs://my-bucket/dir/configs/*" will result in + Skaffold copying all files within the "dir/configs" directory in the + bucket "my-bucket". type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + path: type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + description: Optional. Relative path from the source to the Skaffold file. + description: Cloud Storage bucket containing Skaffold Config modules. + CustomTargetDeployMetadata: + id: CustomTargetDeployMetadata + type: object + description: >- + CustomTargetDeployMetadata contains information from a Custom Target + deploy operation. + properties: + skipMessage: type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: + readOnly: true description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. + Output only. Skip message provided in the results of a custom deploy + operation. + ReleaseReadyCondition: + description: >- + ReleaseReadyCondition contains information around the status of the + Release. If a release is not ready, you cannot create a rollout with the + release. + id: ReleaseReadyCondition type: object properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: + status: description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` - type: string - format: google-fieldmask - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + True if the Release is in a valid state. Otherwise at least one + condition in `ReleaseCondition` is in an invalid state. Iterate over + those conditions and see which condition(s) has status = false to + find out what is wrong with the Release. + type: boolean + ApproveRolloutResponse: + properties: {} + description: The response object from `ApproveRollout`. type: object + id: ApproveRolloutResponse + Target: properties: - version: + gke: + description: Optional. Information specifying a GKE Cluster. + $ref: '#/components/schemas/GkeCluster' + uid: + readOnly: true + description: Output only. Unique identifier of the `Target`. + type: string + createTime: + format: google-datetime + type: string + readOnly: true + description: Output only. Time at which the `Target` was created. + associatedEntities: + additionalProperties: + $ref: '#/components/schemas/AssociatedEntities' description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + Optional. Map of entity IDs to their associated entities. Associated + entities allows specifying places other than the deployment target + for specific features. For example, the Gateway API canary can be + configured to deploy the HTTPRoute to a different cluster(s) than + the deployment cluster using associated entities. An entity ID must + consist of lower-case letters, numbers, and hyphens, start with a + letter and end with a letter or a number, and have a max length of + 63 characters. In other words, it must match the following regex: + `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`. + type: object + etag: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array + Optional. This checksum is computed by the server based on the value + of other fields, and may be sent on update and delete requests to + ensure the client has an up-to-date value before proceeding. + type: string + name: + type: string + description: >- + Identifier. Name of the `Target`. Format is + `projects/{project}/locations/{location}/targets/{target}`. The + `target` component must match `[a-z]([a-z0-9-]{0,61}[a-z0-9])?` + deployParameters: + type: object + additionalProperties: + type: string + description: Optional. The deploy parameters to use for this target. + annotations: + additionalProperties: + type: string + description: >- + Optional. User annotations. These attributes can only be set and + used by the user, and not by Cloud Deploy. See + https://google.aip.dev/128#annotations for more details such as + format and size limitations. + type: object + run: + description: Optional. Information specifying a Cloud Run deployment target. + $ref: '#/components/schemas/CloudRunLocation' + multiTarget: + description: Optional. Information specifying a multiTarget. + $ref: '#/components/schemas/MultiTarget' + updateTime: + format: google-datetime + description: Output only. Most recent time at which the `Target` was updated. + readOnly: true + type: string + anthosCluster: + $ref: '#/components/schemas/AnthosCluster' + description: Optional. Information specifying an Anthos Cluster. + targetId: + readOnly: true + type: string + description: Output only. Resource id of the `Target`. + description: + type: string + description: Optional. Description of the `Target`. Max length is 255 characters. + executionConfigs: items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. + $ref: '#/components/schemas/ExecutionConfig' type: array - items: - $ref: '#/components/schemas/AuditConfig' - etag: description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + Optional. Configurations for all execution that relates to this + `Target`. Each `ExecutionEnvironmentUsage` value may only be used in + a single configuration; using the same value multiple times is an + error. When one or more configurations are specified, they must + include the `RENDER` and `DEPLOY` `ExecutionEnvironmentUsage` + values. When no configurations are specified, execution will use the + default specified in `DefaultPool`. + labels: + additionalProperties: + type: string + description: >- + Optional. Labels are attributes that can be set and used by both the + user and by Cloud Deploy. Labels must meet the following + constraints: * Keys and values can contain only lowercase letters, + numeric characters, underscores, and dashes. * All characters must + use UTF-8 encoding, and international characters are allowed. * Keys + must start with a lowercase letter or international character. * + Each resource is limited to a maximum of 64 labels. Both keys and + values are additionally constrained to be <= 128 bytes. + type: object + requireApproval: + description: Optional. Whether or not the `Target` requires approval. + type: boolean + customTarget: + $ref: '#/components/schemas/CustomTarget' + description: Optional. Information specifying a Custom Target. + description: >- + A `Target` resource in the Cloud Deploy API. A `Target` defines a + location to which a Skaffold configuration can be deployed. type: object + id: Target + AbandonReleaseRequest: + id: AbandonReleaseRequest + type: object + description: The request object used by `AbandonRelease`. + properties: {} + Binding: properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string members: + items: + type: string description: >- Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A @@ -4242,672 +4487,335 @@ components: `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - type: object - properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string - title: - description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. - type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: - description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - AuditConfig: - id: AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. - type: object - properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - type: object - properties: - logType: - description: The log type that this config enables. - type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: - description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: - type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: - description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object - properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. - type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - target: - description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true - type: string - requestedCancellation: - description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have google.longrunning.Operation.error value with a - google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string - CustomTargetTypeNotificationEvent: - id: CustomTargetTypeNotificationEvent - description: >- - Payload proto for - "clouddeploy.googleapis.com/customtargettype_notification" Platform Log - event that describes the failure to send a custom target type status - change Pub/Sub notification. - type: object - properties: - message: - description: Debug message for when a notification fails to send. - type: string - customTargetTypeUid: - description: Unique identifier of the `CustomTargetType`. - type: string - customTargetType: - description: The name of the `CustomTargetType`. - type: string - type: - description: Type of this notification, e.g. for a Pub/Sub failure. - type: string - enumDescriptions: - - Type is unspecified. - - A Pub/Sub notification failed to be sent. - - Resource state changed. - - A process aborted. - - Restriction check failed. - - Resource deleted. - - Rollout updated. - - Deploy Policy evaluation. - - >- - Deprecated: This field is never used. Use release_render log type - instead. - enumDeprecated: - - false - - false - - false - - false - - false - - false - - false - - false - - true - enum: - - TYPE_UNSPECIFIED - - TYPE_PUBSUB_NOTIFICATION_FAILURE - - TYPE_RESOURCE_STATE_CHANGE - - TYPE_PROCESS_ABORTED - - TYPE_RESTRICTION_VIOLATED - - TYPE_RESOURCE_DELETED - - TYPE_ROLLOUT_UPDATE - - TYPE_DEPLOY_POLICY_EVALUATION - - TYPE_RENDER_STATUES_CHANGE - DeliveryPipelineNotificationEvent: - id: DeliveryPipelineNotificationEvent - description: >- - Payload proto for - "clouddeploy.googleapis.com/deliverypipeline_notification" Platform Log - event that describes the failure to send delivery pipeline status change - Pub/Sub notification. - type: object - properties: - message: - description: Debug message for when a notification fails to send. - type: string - pipelineUid: - description: Unique identifier of the `DeliveryPipeline`. - type: string - deliveryPipeline: - description: The name of the `Delivery Pipeline`. - type: string - type: - description: Type of this notification, e.g. for a Pub/Sub failure. - type: string - enumDescriptions: - - Type is unspecified. - - A Pub/Sub notification failed to be sent. - - Resource state changed. - - A process aborted. - - Restriction check failed. - - Resource deleted. - - Rollout updated. - - Deploy Policy evaluation. - - >- - Deprecated: This field is never used. Use release_render log type - instead. - enumDeprecated: - - false - - false - - false - - false - - false - - false - - false - - false - - true - enum: - - TYPE_UNSPECIFIED - - TYPE_PUBSUB_NOTIFICATION_FAILURE - - TYPE_RESOURCE_STATE_CHANGE - - TYPE_PROCESS_ABORTED - - TYPE_RESTRICTION_VIOLATED - - TYPE_RESOURCE_DELETED - - TYPE_ROLLOUT_UPDATE - - TYPE_DEPLOY_POLICY_EVALUATION - - TYPE_RENDER_STATUES_CHANGE - DeployPolicyNotificationEvent: - id: DeployPolicyNotificationEvent - description: >- - Payload proto for - "clouddeploy.googleapis.com/deploypolicy_notification". Platform Log - event that describes the failure to send a pub/sub notification when - there is a DeployPolicy status change. + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + type: array + condition: + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + role: + type: string + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + description: Associates `members`, or principals, with a `role`. + id: Binding type: object + CloudRunRenderMetadata: + id: CloudRunRenderMetadata + description: >- + CloudRunRenderMetadata contains Cloud Run information associated with a + `Release` render. properties: - message: + service: + readOnly: true description: >- - Debug message for when a deploy policy fails to send a pub/sub - notification. - type: string - deployPolicy: - description: The name of the `DeployPolicy`. + Output only. The name of the Cloud Run Service in the rendered + manifest. Format is + `projects/{project}/locations/{location}/services/{service}`. type: string - deployPolicyUid: - description: Unique identifier of the deploy policy. + type: object + Targets: + id: Targets + properties: + sourceTargetId: + description: Optional. The source target ID. type: string - type: - description: Type of this notification, e.g. for a Pub/Sub failure. + destinationTargetId: type: string - enumDescriptions: - - Type is unspecified. - - A Pub/Sub notification failed to be sent. - - Resource state changed. - - A process aborted. - - Restriction check failed. - - Resource deleted. - - Rollout updated. - - Deploy Policy evaluation. - - >- - Deprecated: This field is never used. Use release_render log type - instead. - enumDeprecated: - - false - - false - - false - - false - - false - - false - - false - - false - - true - enum: - - TYPE_UNSPECIFIED - - TYPE_PUBSUB_NOTIFICATION_FAILURE - - TYPE_RESOURCE_STATE_CHANGE - - TYPE_PROCESS_ABORTED - - TYPE_RESTRICTION_VIOLATED - - TYPE_RESOURCE_DELETED - - TYPE_ROLLOUT_UPDATE - - TYPE_DEPLOY_POLICY_EVALUATION - - TYPE_RENDER_STATUES_CHANGE - DeployPolicyEvaluationEvent: - id: DeployPolicyEvaluationEvent + description: Optional. The destination target ID. + description: The targets involved in a single timed promotion. + type: object + SerialPipeline: + properties: + stages: + description: >- + Optional. Each stage specifies configuration for a `Target`. The + ordering of this list defines the promotion flow. + items: + $ref: '#/components/schemas/Stage' + type: array + type: object description: >- - Payload proto for "clouddeploy.googleapis.com/deploypolicy_evaluation" - Platform Log event that describes the deploy policy evaluation event. + SerialPipeline defines a sequential set of stages for a + `DeliveryPipeline`. + id: SerialPipeline + ServiceNetworking: type: object + id: ServiceNetworking properties: - message: - description: Debug message for when a deploy policy event occurs. - type: string - ruleType: - description: Rule type (e.g. Restrict Rollouts). - type: string - rule: - description: Rule id. - type: string - pipelineUid: - description: Unique identifier of the `Delivery Pipeline`. - type: string - deliveryPipeline: - description: The name of the `Delivery Pipeline`. + service: + description: Required. Name of the Kubernetes Service. type: string - targetUid: + disablePodOverprovisioning: description: >- - Unique identifier of the `Target`. This is an optional field, as a - `Target` may not always be applicable to a policy. + Optional. Whether to disable Pod overprovisioning. If Pod + overprovisioning is disabled then Cloud Deploy will limit the number + of total Pods used for the deployment strategy to the number of Pods + the Deployment has on the cluster. + type: boolean + podSelectorLabel: type: string - target: description: >- - The name of the `Target`. This is an optional field, as a `Target` - may not always be applicable to a policy. - type: string - invoker: - description: What invoked the action (e.g. a user or automation). - type: string - enumDescriptions: - - Unspecified. - - >- - The action is user-driven. For example, creating a rollout - manually via a gcloud create command. - - Automated action by Cloud Deploy. - enum: - - INVOKER_UNSPECIFIED - - USER - - DEPLOY_AUTOMATION - deployPolicy: - description: The name of the `DeployPolicy`. - type: string - deployPolicyUid: - description: Unique identifier of the `DeployPolicy`. + Optional. The label to use when selecting Pods for the Deployment + resource. This label must already be present in the Deployment. + deployment: + description: >- + Required. Name of the Kubernetes Deployment whose traffic is managed + by the specified Service. type: string - allowed: + description: Information about the Kubernetes Service networking configuration. + DeliveryPipeline: + id: DeliveryPipeline + description: >- + A `DeliveryPipeline` resource in the Cloud Deploy API. A + `DeliveryPipeline` defines a pipeline through which a Skaffold + configuration can progress. + properties: + suspended: description: >- - Whether the request is allowed. Allowed is set as true if: (1) the - request complies with the policy; or (2) the request doesn't comply - with the policy but the policy was overridden; or (3) the request - doesn't comply with the policy but the policy was suspended + Optional. When suspended, no new releases or rollouts can be + created, but in-progress ones will complete. type: boolean - verdict: - description: The policy verdict of the request. + name: + description: >- + Identifier. Name of the `DeliveryPipeline`. Format is + `projects/{project}/locations/{location}/deliveryPipelines/{deliveryPipeline}`. + The `deliveryPipeline` component must match + `[a-z]([a-z0-9-]{0,61}[a-z0-9])?` type: string - enumDescriptions: - - This should never happen. - - >- - Allowed by policy. This enum value is not currently used but may - be used in the future. Currently logs are only generated when a - request is denied by policy. - - Denied by policy. - enum: - - POLICY_VERDICT_UNSPECIFIED - - ALLOWED_BY_POLICY - - DENIED_BY_POLICY - overrides: + labels: + type: object description: >- - Things that could have overridden the policy verdict. Overrides - together with verdict decide whether the request is allowed. - type: array - items: + Labels are attributes that can be set and used by both the user and + by Cloud Deploy. Labels must meet the following constraints: * Keys + and values can contain only lowercase letters, numeric characters, + underscores, and dashes. * All characters must use UTF-8 encoding, + and international characters are allowed. * Keys must start with a + lowercase letter or international character. * Each resource is + limited to a maximum of 64 labels. Both keys and values are + additionally constrained to be <= 128 bytes. + additionalProperties: type: string - enumDescriptions: - - This should never happen. - - The policy was overridden. - - The policy was suspended. - enum: - - POLICY_VERDICT_OVERRIDE_UNSPECIFIED - - POLICY_OVERRIDDEN - - POLICY_SUSPENDED - ReleaseNotificationEvent: - id: ReleaseNotificationEvent - description: >- - Payload proto for "clouddeploy.googleapis.com/release_notification" - Platform Log event that describes the failure to send release status - change Pub/Sub notification. - type: object - properties: - message: - description: Debug message for when a notification fails to send. + uid: + description: Output only. Unique identifier of the `DeliveryPipeline`. + readOnly: true type: string - pipelineUid: - description: Unique identifier of the `DeliveryPipeline`. + description: type: string - releaseUid: - description: Unique identifier of the `Release`. + description: >- + Optional. Description of the `DeliveryPipeline`. Max length is 255 + characters. + annotations: + additionalProperties: + type: string + description: >- + Optional. User annotations. These attributes can only be set and + used by the user, and not by Cloud Deploy. + type: object + updateTime: + readOnly: true type: string - release: - description: The name of the `Release`. + format: google-datetime + description: Output only. Most recent time at which the pipeline was updated. + etag: type: string - type: - description: Type of this notification, e.g. for a Pub/Sub failure. + description: >- + This checksum is computed by the server based on the value of other + fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. + condition: + description: Output only. Information around the state of the Delivery Pipeline. + readOnly: true + $ref: '#/components/schemas/PipelineCondition' + createTime: type: string - enumDescriptions: - - Type is unspecified. - - A Pub/Sub notification failed to be sent. - - Resource state changed. - - A process aborted. - - Restriction check failed. - - Resource deleted. - - Rollout updated. - - Deploy Policy evaluation. - - >- - Deprecated: This field is never used. Use release_render log type - instead. - enumDeprecated: - - false - - false - - false - - false - - false - - false - - false - - false - - true - enum: - - TYPE_UNSPECIFIED - - TYPE_PUBSUB_NOTIFICATION_FAILURE - - TYPE_RESOURCE_STATE_CHANGE - - TYPE_PROCESS_ABORTED - - TYPE_RESTRICTION_VIOLATED - - TYPE_RESOURCE_DELETED - - TYPE_ROLLOUT_UPDATE - - TYPE_DEPLOY_POLICY_EVALUATION - - TYPE_RENDER_STATUES_CHANGE - ReleaseRenderEvent: - id: ReleaseRenderEvent - description: >- - Payload proto for "clouddeploy.googleapis.com/release_render" Platform - Log event that describes the render status change. + readOnly: true + format: google-datetime + description: Output only. Time at which the pipeline was created. + serialPipeline: + description: >- + Optional. SerialPipeline defines a sequential set of stages for a + `DeliveryPipeline`. + $ref: '#/components/schemas/SerialPipeline' + type: object + PredeployJobRun: + id: PredeployJobRun type: object properties: - message: + failureMessage: + readOnly: true description: >- - Debug message for when a render transition occurs. Provides further - details as rendering progresses through render states. - type: string - pipelineUid: - description: Unique identifier of the `DeliveryPipeline`. + Output only. Additional information about the predeploy failure, if + available. type: string - release: + build: description: >- - The name of the release. release_uid is not in this log message - because we write some of these log messages at release creation - time, before we've generated the uid. + Output only. The resource name of the Cloud Build `Build` object + that is used to execute the custom actions associated with the + predeploy Job. Format is + `projects/{project}/locations/{location}/builds/{build}`. + readOnly: true type: string - type: - description: >- - Type of this notification, e.g. for a release render state change - event. + failureCause: type: string + description: >- + Output only. The reason the predeploy failed. This will always be + unspecified while the predeploy is in progress or if it succeeded. enumDescriptions: - - Type is unspecified. - - A Pub/Sub notification failed to be sent. - - Resource state changed. - - A process aborted. - - Restriction check failed. - - Resource deleted. - - Rollout updated. - - Deploy Policy evaluation. + - No reason for failure is specified. - >- - Deprecated: This field is never used. Use release_render log type - instead. - enumDeprecated: - - false - - false - - false - - false - - false - - false - - false - - false - - true - enum: - - TYPE_UNSPECIFIED - - TYPE_PUBSUB_NOTIFICATION_FAILURE - - TYPE_RESOURCE_STATE_CHANGE - - TYPE_PROCESS_ABORTED - - TYPE_RESTRICTION_VIOLATED - - TYPE_RESOURCE_DELETED - - TYPE_ROLLOUT_UPDATE - - TYPE_DEPLOY_POLICY_EVALUATION - - TYPE_RENDER_STATUES_CHANGE - releaseRenderState: - description: The state of the release render. - type: string - enumDescriptions: - - The render state is unspecified. - - All rendering operations have completed successfully. + Cloud Build is not available, either because it is not enabled or + because Cloud Deploy has insufficient permissions. See [required + permission](https://cloud.google.com/deploy/docs/cloud-deploy-service-account#required_permissions). - >- - All rendering operations have completed, and one or more have - failed. - - Rendering has started and is not complete. + The predeploy operation did not complete successfully; check Cloud + Build logs. + - The predeploy job run did not complete within the allotted time. + - >- + Cloud Build failed to fulfill Cloud Deploy's request. See + failure_message for additional details. enum: - - RENDER_STATE_UNSPECIFIED - - SUCCEEDED - - FAILED - - IN_PROGRESS - RolloutNotificationEvent: - id: RolloutNotificationEvent - description: >- - Payload proto for "clouddeploy.googleapis.com/rollout_notification" - Platform Log event that describes the failure to send rollout status - change Pub/Sub notification. + - FAILURE_CAUSE_UNSPECIFIED + - CLOUD_BUILD_UNAVAILABLE + - EXECUTION_FAILED + - DEADLINE_EXCEEDED + - CLOUD_BUILD_REQUEST_FAILED + readOnly: true + description: PredeployJobRun contains information specific to a predeploy `JobRun`. + DeploymentJobs: type: object + id: DeploymentJobs + description: Deployment job composition. properties: - message: - description: Debug message for when a notification fails to send. - type: string - pipelineUid: - description: Unique identifier of the `DeliveryPipeline`. - type: string - releaseUid: - description: Unique identifier of the `Release`. - type: string - release: - description: The name of the `Release`. - type: string - rolloutUid: - description: Unique identifier of the `Rollout`. - type: string - rollout: - description: The name of the `Rollout`. + predeployJob: + readOnly: true + description: Output only. The predeploy Job, which is the first job on the phase. + $ref: '#/components/schemas/Job' + deployJob: + readOnly: true + description: Output only. The deploy Job. This is the deploy job in the phase. + $ref: '#/components/schemas/Job' + verifyJob: + $ref: '#/components/schemas/Job' + description: >- + Output only. The verify Job. Runs after a deploy if the deploy + succeeds. + readOnly: true + postdeployJob: + readOnly: true + description: Output only. The postdeploy Job, which is the last job on the phase. + $ref: '#/components/schemas/Job' + RollbackAttempt: + type: object + description: >- + RollbackAttempt represents an action of rolling back a Cloud Deploy + 'Target'. + properties: + stateDesc: + readOnly: true type: string - targetId: - description: ID of the `Target` that the rollout is deployed to. + description: Output only. Description of the state of the Rollback. + rolloutId: + description: Output only. ID of the rollback `Rollout` to create. type: string - type: - description: Type of this notification, e.g. for a Pub/Sub failure. + readOnly: true + disableRollbackIfRolloutPending: + description: >- + Output only. If active rollout exists on the target, abort this + rollback. + type: boolean + readOnly: true + destinationPhase: + description: Output only. The phase to which the rollout will be rolled back to. + readOnly: true type: string - enumDescriptions: - - Type is unspecified. - - A Pub/Sub notification failed to be sent. - - Resource state changed. - - A process aborted. - - Restriction check failed. - - Resource deleted. - - Rollout updated. - - Deploy Policy evaluation. - - >- - Deprecated: This field is never used. Use release_render log type - instead. - enumDeprecated: - - false - - false - - false - - false - - false - - false - - false - - false - - true + state: enum: - - TYPE_UNSPECIFIED - - TYPE_PUBSUB_NOTIFICATION_FAILURE - - TYPE_RESOURCE_STATE_CHANGE - - TYPE_PROCESS_ABORTED - - TYPE_RESTRICTION_VIOLATED - - TYPE_RESOURCE_DELETED - - TYPE_ROLLOUT_UPDATE - - TYPE_DEPLOY_POLICY_EVALUATION - - TYPE_RENDER_STATUES_CHANGE + - REPAIR_STATE_UNSPECIFIED + - REPAIR_STATE_SUCCEEDED + - REPAIR_STATE_CANCELLED + - REPAIR_STATE_FAILED + - REPAIR_STATE_IN_PROGRESS + - REPAIR_STATE_PENDING + - REPAIR_STATE_ABORTED + readOnly: true + type: string + description: Output only. Valid state of this rollback action. + enumDescriptions: + - The `repair` has an unspecified state. + - The `repair` action has succeeded. + - The `repair` action was cancelled. + - The `repair` action has failed. + - The `repair` action is in progress. + - The `repair` action is pending. + - The `repair` action was aborted. + id: RollbackAttempt + ListAutomationsResponse: + description: The response object from `ListAutomations`. + id: ListAutomationsResponse + properties: + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + unreachable: + type: array + items: + type: string + description: Locations that could not be reached. + automations: + items: + $ref: '#/components/schemas/Automation' + type: array + description: The `Automation` objects. + type: object RolloutUpdateEvent: - id: RolloutUpdateEvent + type: object description: >- Payload proto for "clouddeploy.googleapis.com/rollout_update" Platform Log event that describes the rollout update event. - type: object + id: RolloutUpdateEvent properties: - message: - description: Debug message for when a rollout update event occurs. - type: string pipelineUid: - description: Unique identifier of the pipeline. - type: string - releaseUid: - description: Unique identifier of the release. - type: string - release: - description: The name of the `Release`. type: string + description: Unique identifier of the pipeline. rollout: + type: string description: >- The name of the rollout. rollout_uid is not in this log message because we write some of these log messages at rollout creation time, before we've generated the uid. + releaseUid: + description: Unique identifier of the release. + type: string + message: + description: Debug message for when a rollout update event occurs. type: string targetId: description: ID of the target. type: string type: - description: Type of this notification, e.g. for a rollout update event. - type: string enumDescriptions: - Type is unspecified. - A Pub/Sub notification failed to be sent. @@ -4920,16 +4828,7 @@ components: - >- Deprecated: This field is never used. Use release_render log type instead. - enumDeprecated: - - false - - false - - false - - false - - false - - false - - false - - false - - true + type: string enum: - TYPE_UNSPECIFIED - TYPE_PUBSUB_NOTIFICATION_FAILURE @@ -4940,12 +4839,26 @@ components: - TYPE_ROLLOUT_UPDATE - TYPE_DEPLOY_POLICY_EVALUATION - TYPE_RENDER_STATUES_CHANGE - rolloutUpdateType: - description: The type of the rollout update. + enumDeprecated: + - false + - false + - false + - false + - false + - false + - false + - false + - true + description: Type of this notification, e.g. for a rollout update event. + release: type: string + description: The name of the `Release`. + rolloutUpdateType: enumDescriptions: - Rollout update type unspecified. - - rollout state updated to pending. + - >- + Rollout state updated to pending (release has succeeded, waiting + on the rollout to start). - Rollout state updated to pending release. - Rollout state updated to in progress. - Rollout state updated to cancelling. @@ -4958,6 +4871,7 @@ components: - Rollout has been rejected. - Rollout requires advance to the next phase. - Rollout has been advanced. + description: The type of the rollout update. enum: - ROLLOUT_UPDATE_TYPE_UNSPECIFIED - PENDING @@ -4973,90 +4887,132 @@ components: - REJECTED - ADVANCE_REQUIRED - ADVANCED - TargetNotificationEvent: - id: TargetNotificationEvent - description: >- - Payload proto for "clouddeploy.googleapis.com/target_notification" - Platform Log event that describes the failure to send target status - change Pub/Sub notification. - type: object + type: string + TimedPromoteReleaseRule: properties: - message: - description: Debug message for when a notification fails to send. + id: + description: >- + Required. ID of the rule. This ID must be unique in the `Automation` + resource to which this rule belongs. The format is + `[a-z]([a-z0-9-]{0,61}[a-z0-9])?`. type: string - target: - description: The name of the `Target`. + condition: + readOnly: true + $ref: '#/components/schemas/AutomationRuleCondition' + description: Output only. Information around the state of the Automation rule. + schedule: + description: >- + Required. Schedule in crontab format. e.g. "0 9 * * 1" for every + Monday at 9am. type: string - type: - description: Type of this notification, e.g. for a Pub/Sub failure. + destinationTargetId: + description: >- + Optional. The ID of the stage in the pipeline to which this + `Release` is deploying. If unspecified, default it to the next stage + in the promotion flow. The value of this field could be one of the + following: * The last segment of a target name * "@next", the next + target in the promotion sequence type: string - enumDescriptions: - - Type is unspecified. - - A Pub/Sub notification failed to be sent. - - Resource state changed. - - A process aborted. - - Restriction check failed. - - Resource deleted. - - Rollout updated. - - Deploy Policy evaluation. - - >- - Deprecated: This field is never used. Use release_render log type - instead. - enumDeprecated: - - false - - false - - false - - false - - false - - false - - false - - false - - true - enum: - - TYPE_UNSPECIFIED - - TYPE_PUBSUB_NOTIFICATION_FAILURE - - TYPE_RESOURCE_STATE_CHANGE - - TYPE_PROCESS_ABORTED - - TYPE_RESTRICTION_VIOLATED - - TYPE_RESOURCE_DELETED - - TYPE_ROLLOUT_UPDATE - - TYPE_DEPLOY_POLICY_EVALUATION - - TYPE_RENDER_STATUES_CHANGE - JobRunNotificationEvent: - id: JobRunNotificationEvent + timeZone: + description: >- + Required. The time zone in IANA format [IANA Time Zone + Database](https://www.iana.org/time-zones) (e.g. America/New_York). + type: string + destinationPhase: + type: string + description: >- + Optional. The starting phase of the rollout created by this rule. + Default to the first phase. description: >- - Payload proto for "clouddeploy.googleapis.com/jobrun_notification" - Platform Log event that describes the failure to send JobRun resource - update Pub/Sub notification. + The `TimedPromoteReleaseRule` will automatically promote a release from + the current target(s) to the specified target(s) on a configured + schedule. + id: TimedPromoteReleaseRule type: object + ListCustomTargetTypesResponse: + id: ListCustomTargetTypesResponse + description: The response object from `ListCustomTargetTypes.` properties: - message: - description: Debug message for when a notification fails to send. - type: string - jobRun: - description: The name of the `JobRun`. - type: string - pipelineUid: - description: Unique identifier of the `DeliveryPipeline`. - type: string - releaseUid: - description: Unique identifier of the `Release`. - type: string - release: - description: The name of the `Release`. + customTargetTypes: + type: array + items: + $ref: '#/components/schemas/CustomTargetType' + description: The `CustomTargetType` objects. + unreachable: + description: Locations that could not be reached. + type: array + items: + type: string + nextPageToken: type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: object + Metadata: + id: Metadata + description: Metadata includes information associated with a `Rollout`. + type: object + properties: + automation: + readOnly: true + $ref: '#/components/schemas/AutomationRolloutMetadata' + description: >- + Output only. AutomationRolloutMetadata contains the information + about the interactions between Automation service and this rollout. + cloudRun: + readOnly: true + $ref: '#/components/schemas/CloudRunMetadata' + description: >- + Output only. The name of the Cloud Run Service that is associated + with a `Rollout`. + custom: + description: >- + Output only. Custom metadata provided by user-defined `Rollout` + operations. + readOnly: true + $ref: '#/components/schemas/CustomMetadata' + Empty: + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: Empty + properties: {} + type: object + RolloutNotificationEvent: + type: object + description: >- + Payload proto for "clouddeploy.googleapis.com/rollout_notification" + Platform Log event that describes the failure to send rollout status + change Pub/Sub notification. + id: RolloutNotificationEvent + properties: rolloutUid: + type: string description: Unique identifier of the `Rollout`. + message: type: string - rollout: - description: The name of the `Rollout`. + description: Debug message for when a notification fails to send. + releaseUid: type: string - targetId: - description: ID of the `Target`. + description: Unique identifier of the `Release`. + pipelineUid: type: string + description: Unique identifier of the `DeliveryPipeline`. type: - description: Type of this notification, e.g. for a Pub/Sub failure. type: string + enum: + - TYPE_UNSPECIFIED + - TYPE_PUBSUB_NOTIFICATION_FAILURE + - TYPE_RESOURCE_STATE_CHANGE + - TYPE_PROCESS_ABORTED + - TYPE_RESTRICTION_VIOLATED + - TYPE_RESOURCE_DELETED + - TYPE_ROLLOUT_UPDATE + - TYPE_DEPLOY_POLICY_EVALUATION + - TYPE_RENDER_STATUES_CHANGE enumDescriptions: - Type is unspecified. - A Pub/Sub notification failed to be sent. @@ -5069,6 +5025,7 @@ components: - >- Deprecated: This field is never used. Use release_render log type instead. + description: Type of this notification, e.g. for a Pub/Sub failure. enumDeprecated: - false - false @@ -5079,154 +5036,309 @@ components: - false - false - true + targetId: + description: ID of the `Target` that the rollout is deployed to. + type: string + rollout: + description: The name of the `Rollout`. + type: string + release: + description: The name of the `Release`. + type: string + TimeWindows: + id: TimeWindows + description: >- + Time windows within which actions are restricted. See the + [documentation](https://cloud.google.com/deploy/docs/deploy-policy#dates_times) + for more information on how to configure dates/times. + type: object + properties: + oneTimeWindows: + items: + $ref: '#/components/schemas/OneTimeWindow' + type: array + description: Optional. One-time windows within which actions are restricted. + weeklyWindows: + items: + $ref: '#/components/schemas/WeeklyWindow' + type: array + description: >- + Optional. Recurring weekly windows within which actions are + restricted. + timeZone: + description: >- + Required. The time zone in IANA format [IANA Time Zone + Database](https://www.iana.org/time-zones) (e.g. America/New_York). + type: string + Job: + id: Job + type: object + description: Job represents an operation for a `Rollout`. + properties: + state: + type: string enum: - - TYPE_UNSPECIFIED - - TYPE_PUBSUB_NOTIFICATION_FAILURE - - TYPE_RESOURCE_STATE_CHANGE - - TYPE_PROCESS_ABORTED - - TYPE_RESTRICTION_VIOLATED - - TYPE_RESOURCE_DELETED - - TYPE_ROLLOUT_UPDATE - - TYPE_DEPLOY_POLICY_EVALUATION - - TYPE_RENDER_STATUES_CHANGE - AutomationEvent: - id: AutomationEvent + - STATE_UNSPECIFIED + - PENDING + - DISABLED + - IN_PROGRESS + - SUCCEEDED + - FAILED + - ABORTED + - SKIPPED + - IGNORED + enumDescriptions: + - The Job has an unspecified state. + - The Job is waiting for an earlier Phase(s) or Job(s) to complete. + - The Job is disabled. + - The Job is in progress. + - The Job succeeded. + - The Job failed. + - The Job was aborted. + - The Job was skipped. + - The Job was ignored. + description: Output only. The current state of the Job. + readOnly: true + postdeployJob: + $ref: '#/components/schemas/PostdeployJob' + readOnly: true + description: Output only. A postdeploy Job. + advanceChildRolloutJob: + readOnly: true + description: Output only. An advanceChildRollout Job. + $ref: '#/components/schemas/AdvanceChildRolloutJob' + deployJob: + description: Output only. A deploy Job. + readOnly: true + $ref: '#/components/schemas/DeployJob' + createChildRolloutJob: + description: Output only. A createChildRollout Job. + readOnly: true + $ref: '#/components/schemas/CreateChildRolloutJob' + skipMessage: + readOnly: true + description: >- + Output only. Additional information on why the Job was skipped, if + available. + type: string + id: + description: Output only. The ID of the Job. + type: string + readOnly: true + verifyJob: + $ref: '#/components/schemas/VerifyJob' + readOnly: true + description: Output only. A verify Job. + jobRun: + readOnly: true + type: string + description: >- + Output only. The name of the `JobRun` responsible for the most + recent invocation of this Job. + predeployJob: + $ref: '#/components/schemas/PredeployJob' + readOnly: true + description: Output only. A predeploy Job. + Rollback: + properties: + destinationPhase: + type: string + description: >- + Optional. The starting phase ID for the `Rollout`. If unspecified, + the `Rollout` will start in the stable phase. + disableRollbackIfRolloutPending: + description: >- + Optional. If pending rollout exists on the target, the rollback + operation will be aborted. + type: boolean + type: object + id: Rollback + description: Rolls back a `Rollout`. + SetIamPolicyRequest: + id: SetIamPolicyRequest + properties: + updateMask: + type: string + format: google-fieldmask + description: >- + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + policy: + description: >- + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' + type: object + description: Request message for `SetIamPolicy` method. + SkaffoldModules: + description: Skaffold Config modules and their remote source. + type: object + properties: + git: + description: >- + Optional. Remote git repository containing the Skaffold Config + modules. + $ref: '#/components/schemas/SkaffoldGitSource' + googleCloudStorage: + description: >- + Optional. Cloud Storage bucket containing the Skaffold Config + modules. + $ref: '#/components/schemas/SkaffoldGCSSource' + configs: + items: + type: string + type: array + description: >- + Optional. The Skaffold Config modules to use from the specified + source. + googleCloudBuildRepo: + description: >- + Optional. Cloud Build V2 repository containing the Skaffold Config + modules. + $ref: '#/components/schemas/SkaffoldGCBRepoSource' + id: SkaffoldModules + CloudRunMetadata: + id: CloudRunMetadata + type: object + description: CloudRunMetadata contains information from a Cloud Run deployment. + properties: + service: + type: string + description: >- + Output only. The name of the Cloud Run Service that is associated + with a `Rollout`. Format is + `projects/{project}/locations/{location}/services/{service}`. + readOnly: true + revision: + type: string + readOnly: true + description: Output only. The Cloud Run Revision id associated with a `Rollout`. + job: + type: string + readOnly: true + description: >- + Output only. The name of the Cloud Run job that is associated with a + `Rollout`. Format is + `projects/{project}/locations/{location}/jobs/{job_name}`. + serviceUrls: + items: + type: string + description: >- + Output only. The Cloud Run Service urls that are associated with a + `Rollout`. + type: array + readOnly: true + CreateChildRolloutJobRun: + properties: + rollout: + type: string + readOnly: true + description: >- + Output only. Name of the `ChildRollout`. Format is + `projects/{project}/locations/{location}/deliveryPipelines/{deliveryPipeline}/releases/{release}/rollouts/{rollout}`. + rolloutPhaseId: + type: string + readOnly: true + description: >- + Output only. The ID of the childRollout Phase initiated by this + JobRun. + type: object + description: >- + CreateChildRolloutJobRun contains information specific to a + createChildRollout `JobRun`. + id: CreateChildRolloutJobRun + Status: + properties: + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + code: + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + details: + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array description: >- - Payload proto for "clouddeploy.googleapis.com/automation" Platform Log - event that describes the Automation related events. + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + type: object + id: Status + Canary: + description: Canary represents the canary deployment strategy. + id: Canary type: object properties: - message: + canaryDeployment: + description: Optional. Configures the progressive based deployment for a Target. + $ref: '#/components/schemas/CanaryDeployment' + runtimeConfig: + $ref: '#/components/schemas/RuntimeConfig' description: >- - Debug message for when there is an update on the AutomationRun. - Provides further details about the resource creation or state - change. - type: string - automation: - description: The name of the `AutomationRun`. - type: string - pipelineUid: - description: Unique identifier of the `DeliveryPipeline`. - type: string - type: - description: Type of this notification, e.g. for a Pub/Sub failure. - type: string - enumDescriptions: - - Type is unspecified. - - A Pub/Sub notification failed to be sent. - - Resource state changed. - - A process aborted. - - Restriction check failed. - - Resource deleted. - - Rollout updated. - - Deploy Policy evaluation. - - >- - Deprecated: This field is never used. Use release_render log type - instead. - enumDeprecated: - - false - - false - - false - - false - - false - - false - - false - - false - - true - enum: - - TYPE_UNSPECIFIED - - TYPE_PUBSUB_NOTIFICATION_FAILURE - - TYPE_RESOURCE_STATE_CHANGE - - TYPE_PROCESS_ABORTED - - TYPE_RESTRICTION_VIOLATED - - TYPE_RESOURCE_DELETED - - TYPE_ROLLOUT_UPDATE - - TYPE_DEPLOY_POLICY_EVALUATION - - TYPE_RENDER_STATUES_CHANGE - AutomationRunEvent: - id: AutomationRunEvent - description: >- - Payload proto for "clouddeploy.googleapis.com/automation_run" Platform - Log event that describes the AutomationRun related events. + Optional. Runtime specific configurations for the deployment + strategy. The runtime configuration is used to determine how Cloud + Deploy will split traffic to enable a progressive deployment. + customCanaryDeployment: + $ref: '#/components/schemas/CustomCanaryDeployment' + description: >- + Optional. Configures the progressive based deployment for a Target, + but allows customizing at the phase level where a phase represents + each of the percentage deployments. + TestIamPermissionsResponse: type: object + id: TestIamPermissionsResponse properties: - message: + permissions: description: >- - Debug message for when there is an update on the AutomationRun. - Provides further details about the resource creation or state - change. - type: string - automationRun: - description: The name of the `AutomationRun`. - type: string - pipelineUid: - description: Unique identifier of the `DeliveryPipeline`. - type: string - automationId: - description: Identifier of the `Automation`. - type: string - ruleId: - description: Identifier of the `Automation` rule. - type: string - destinationTargetId: - description: ID of the `Target` to which the `AutomationRun` is created. - type: string - type: - description: Type of this notification, e.g. for a Pub/Sub failure. + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + items: + type: string + type: array + description: Response message for `TestIamPermissions` method. + CustomTarget: + id: CustomTarget + properties: + customTargetType: + description: >- + Required. The name of the CustomTargetType. Format must be + `projects/{project}/locations/{location}/customTargetTypes/{custom_target_type}`. type: string - enumDescriptions: - - Type is unspecified. - - A Pub/Sub notification failed to be sent. - - Resource state changed. - - A process aborted. - - Restriction check failed. - - Resource deleted. - - Rollout updated. - - Deploy Policy evaluation. - - >- - Deprecated: This field is never used. Use release_render log type - instead. - enumDeprecated: - - false - - false - - false - - false - - false - - false - - false - - false - - true - enum: - - TYPE_UNSPECIFIED - - TYPE_PUBSUB_NOTIFICATION_FAILURE - - TYPE_RESOURCE_STATE_CHANGE - - TYPE_PROCESS_ABORTED - - TYPE_RESTRICTION_VIOLATED - - TYPE_RESOURCE_DELETED - - TYPE_ROLLOUT_UPDATE - - TYPE_DEPLOY_POLICY_EVALUATION - - TYPE_RENDER_STATUES_CHANGE + description: Information specifying a Custom Target. + type: object parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. + _.xgafv: + description: V1 error format. in: query - name: alt + name: $.xgafv schema: type: string enum: - - json - - media - - proto - callback: - description: JSONP + - '1' + - '2' + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: callback + name: oauth_token schema: type: string fields: @@ -5235,19 +5347,22 @@ components: name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + access_token: + description: OAuth access token. in: query - name: key + name: access_token schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: oauth_token + name: upload_protocol + schema: + type: string + callback: + description: JSONP + in: query + name: callback schema: type: string prettyPrint: @@ -5265,10 +5380,13 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: upload_protocol + name: key schema: type: string uploadType: @@ -5277,35 +5395,17 @@ components: name: uploadType schema: type: string - _.xgafv: - description: V1 error format. + alt: + description: Data format for response. in: query - name: $.xgafv + name: alt schema: type: string enum: - - '1' - - '2' + - json + - media + - proto x-stackQL-resources: - config: - id: google.clouddeploy.config - name: config - title: Config - methods: - get_config: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1config/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/config/methods/get_config' - insert: [] - update: [] - replace: [] - delete: [] locations: id: google.clouddeploy.locations name: locations @@ -5332,185 +5432,184 @@ components: update: [] replace: [] delete: [] - operations: - id: google.clouddeploy.operations - name: operations - title: Operations - methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - get: + config: + id: google.clouddeploy.config + name: config + title: Config + methods: + get_config: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1config/get response: mediaType: application/json openAPIDocKey: '200' - delete: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/config/methods/get_config' + insert: [] + update: [] + replace: [] + delete: [] + custom_target_types_iam_policies: + id: google.clouddeploy.custom_target_types_iam_policies + name: custom_target_types_iam_policies + title: Custom_target_types_iam_policies + methods: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customTargetTypes~1{customTargetTypesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - cancel: + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customTargetTypes~1{customTargetTypesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' + - $ref: >- + #/components/x-stackQL-resources/custom_target_types_iam_policies/methods/get_iam_policy insert: [] update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - delivery_pipelines: - id: google.clouddeploy.delivery_pipelines - name: delivery_pipelines - title: Delivery_pipelines + replace: + - $ref: >- + #/components/x-stackQL-resources/custom_target_types_iam_policies/methods/set_iam_policy + delete: [] + custom_target_types: + id: google.clouddeploy.custom_target_types + name: custom_target_types + title: Custom_target_types methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customTargetTypes/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.deliveryPipelines + objectKey: $.customTargetTypes create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customTargetTypes/post response: mediaType: application/json openAPIDocKey: '200' - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customTargetTypes~1{customTargetTypesId}/delete response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customTargetTypes~1{customTargetTypesId}/patch response: mediaType: application/json openAPIDocKey: '200' - rollback_target: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}:rollbackTarget/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customTargetTypes~1{customTargetTypesId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/delivery_pipelines/methods/get' - - $ref: '#/components/x-stackQL-resources/delivery_pipelines/methods/list' + - $ref: '#/components/x-stackQL-resources/custom_target_types/methods/get' + - $ref: '#/components/x-stackQL-resources/custom_target_types/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/delivery_pipelines/methods/create' + - $ref: >- + #/components/x-stackQL-resources/custom_target_types/methods/create update: - - $ref: '#/components/x-stackQL-resources/delivery_pipelines/methods/patch' + - $ref: '#/components/x-stackQL-resources/custom_target_types/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/delivery_pipelines/methods/delete' - delivery_pipelines_iam_policies: - id: google.clouddeploy.delivery_pipelines_iam_policies - name: delivery_pipelines_iam_policies - title: Delivery_pipelines_iam_policies + - $ref: >- + #/components/x-stackQL-resources/custom_target_types/methods/delete + releases: + id: google.clouddeploy.releases + name: releases + title: Releases methods: - set_iam_policy: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases/post response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + objectKey: $.releases + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/delivery_pipelines_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/delivery_pipelines_iam_policies/methods/set_iam_policy - delete: [] - releases: - id: google.clouddeploy.releases - name: releases - title: Releases - methods: - list: + abandon: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}:abandon/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.releases - create: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/releases/methods/get' + - $ref: '#/components/x-stackQL-resources/releases/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/releases/methods/create' + update: [] + replace: [] + delete: [] + job_runs: + id: google.clouddeploy.job_runs + name: job_runs + title: Job_runs + methods: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts~1{rolloutsId}~1jobRuns~1{jobRunsId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts~1{rolloutsId}~1jobRuns/get response: mediaType: application/json openAPIDocKey: '200' - abandon: + objectKey: $.jobRuns + terminate: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}:abandon/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts~1{rolloutsId}~1jobRuns~1{jobRunsId}:terminate/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/releases/methods/get' - - $ref: '#/components/x-stackQL-resources/releases/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/releases/methods/create' + - $ref: '#/components/x-stackQL-resources/job_runs/methods/get' + - $ref: '#/components/x-stackQL-resources/job_runs/methods/list' + insert: [] update: [] replace: [] delete: [] @@ -5519,24 +5618,24 @@ components: name: rollouts title: Rollouts methods: - approve: + advance: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts~1{rolloutsId}:approve/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts~1{rolloutsId}:advance/post response: mediaType: application/json openAPIDocKey: '200' - advance: + ignore_job: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts~1{rolloutsId}:advance/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts~1{rolloutsId}:ignoreJob/post response: mediaType: application/json openAPIDocKey: '200' - cancel: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts~1{rolloutsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts/post response: mediaType: application/json openAPIDocKey: '200' @@ -5548,24 +5647,24 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.rollouts - create: + approve: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts~1{rolloutsId}:approve/post response: mediaType: application/json openAPIDocKey: '200' - get: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts~1{rolloutsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts~1{rolloutsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - ignore_job: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts~1{rolloutsId}:ignoreJob/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts~1{rolloutsId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -5585,37 +5684,37 @@ components: update: [] replace: [] delete: [] - job_runs: - id: google.clouddeploy.job_runs - name: job_runs - title: Job_runs + automation_runs: + id: google.clouddeploy.automation_runs + name: automation_runs + title: Automation_runs methods: - list: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts~1{rolloutsId}~1jobRuns/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1automationRuns~1{automationRunsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.jobRuns - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts~1{rolloutsId}~1jobRuns~1{jobRunsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1automationRuns/get response: mediaType: application/json openAPIDocKey: '200' - terminate: + objectKey: $.automationRuns + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1releases~1{releasesId}~1rollouts~1{rolloutsId}~1jobRuns~1{jobRunsId}:terminate/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1automationRuns~1{automationRunsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/job_runs/methods/get' - - $ref: '#/components/x-stackQL-resources/job_runs/methods/list' + - $ref: '#/components/x-stackQL-resources/automation_runs/methods/get' + - $ref: '#/components/x-stackQL-resources/automation_runs/methods/list' insert: [] update: [] replace: [] @@ -5624,130 +5723,191 @@ components: id: google.clouddeploy.automations name: automations title: Automations + methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1automations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1automations/post + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1automations~1{automationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1automations~1{automationsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1automations~1{automationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/automations/methods/get' + - $ref: '#/components/x-stackQL-resources/automations/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/automations/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/automations/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/automations/methods/delete' + delivery_pipelines: + id: google.clouddeploy.delivery_pipelines + name: delivery_pipelines + title: Delivery_pipelines methods: create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1automations/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1automations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.automations + objectKey: $.deliveryPipelines patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1automations~1{automationsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}/get response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1automations~1{automationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}/delete response: mediaType: application/json openAPIDocKey: '200' - get: + rollback_target: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1automations~1{automationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}:rollbackTarget/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/automations/methods/get' - - $ref: '#/components/x-stackQL-resources/automations/methods/list' + - $ref: '#/components/x-stackQL-resources/delivery_pipelines/methods/get' + - $ref: '#/components/x-stackQL-resources/delivery_pipelines/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/automations/methods/create' + - $ref: '#/components/x-stackQL-resources/delivery_pipelines/methods/create' update: - - $ref: '#/components/x-stackQL-resources/automations/methods/patch' + - $ref: '#/components/x-stackQL-resources/delivery_pipelines/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/automations/methods/delete' - automation_runs: - id: google.clouddeploy.automation_runs - name: automation_runs - title: Automation_runs + - $ref: '#/components/x-stackQL-resources/delivery_pipelines/methods/delete' + delivery_pipelines_iam_policies: + id: google.clouddeploy.delivery_pipelines_iam_policies + name: delivery_pipelines_iam_policies + title: Delivery_pipelines_iam_policies methods: - get: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1automationRuns~1{automationRunsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - list: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1automationRuns/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.automationRuns - cancel: + objectKey: $.bindings + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}~1automationRuns~1{automationRunsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deliveryPipelines~1{deliveryPipelinesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/automation_runs/methods/get' - - $ref: '#/components/x-stackQL-resources/automation_runs/methods/list' + - $ref: >- + #/components/x-stackQL-resources/delivery_pipelines_iam_policies/methods/get_iam_policy insert: [] update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/delivery_pipelines_iam_policies/methods/set_iam_policy delete: [] targets: id: google.clouddeploy.targets name: targets title: Targets methods: - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1targets/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1targets~1{targetsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.targets - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1targets/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1targets~1{targetsId}/patch response: mediaType: application/json openAPIDocKey: '200' - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1targets~1{targetsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1targets~1{targetsId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1targets~1{targetsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1targets/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1targets~1{targetsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1targets/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.targets sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/targets/methods/get' @@ -5764,13 +5924,6 @@ components: name: targets_iam_policies title: Targets_iam_policies methods: - set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1targets~1{targetsId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' get_iam_policy: operation: $ref: >- @@ -5786,6 +5939,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1targets~1{targetsId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: >- @@ -5796,131 +5956,90 @@ components: - $ref: >- #/components/x-stackQL-resources/targets_iam_policies/methods/set_iam_policy delete: [] - custom_target_types: - id: google.clouddeploy.custom_target_types - name: custom_target_types - title: Custom_target_types + operations: + id: google.clouddeploy.operations + name: operations + title: Operations methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customTargetTypes/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.customTargetTypes - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customTargetTypes/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customTargetTypes~1{customTargetTypesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customTargetTypes~1{customTargetTypesId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customTargetTypes~1{customTargetTypesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/custom_target_types/methods/get' - - $ref: '#/components/x-stackQL-resources/custom_target_types/methods/list' - insert: - - $ref: >- - #/components/x-stackQL-resources/custom_target_types/methods/create - update: - - $ref: '#/components/x-stackQL-resources/custom_target_types/methods/patch' - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/custom_target_types/methods/delete - custom_target_types_iam_policies: - id: google.clouddeploy.custom_target_types_iam_policies - name: custom_target_types_iam_policies - title: Custom_target_types_iam_policies - methods: - set_iam_policy: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customTargetTypes~1{customTargetTypesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + objectKey: $.operations + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1customTargetTypes~1{customTargetTypesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/custom_target_types_iam_policies/methods/get_iam_policy + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/custom_target_types_iam_policies/methods/set_iam_policy - delete: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' deploy_policies: id: google.clouddeploy.deploy_policies name: deploy_policies title: Deploy_policies methods: - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deployPolicies/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deployPolicies~1{deployPoliciesId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deployPolicies/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deployPolicies~1{deployPoliciesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.deployPolicies - patch: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deployPolicies~1{deployPoliciesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deployPolicies~1{deployPoliciesId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deployPolicies~1{deployPoliciesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deployPolicies/post response: mediaType: application/json openAPIDocKey: '200' - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deployPolicies~1{deployPoliciesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1deployPolicies/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.deployPolicies sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/deploy_policies/methods/get' @@ -5963,22 +6082,22 @@ components: #/components/x-stackQL-resources/deploy_policies_iam_policies/methods/set_iam_policy delete: [] paths: - /v1/projects/{projectsId}/locations/{locationsId}/config: + /v1/projects/{projectsId}/locations: parameters: &ref_1 + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/alt' get: - description: Gets the configuration for a location. - operationId: clouddeploy.projects.locations.getConfig + description: Lists information about the supported locations for this service. + operationId: clouddeploy.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5990,23 +6109,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Config' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: extraLocationTypes schema: type: string - /v1/projects/{projectsId}/locations: + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/config: parameters: *ref_1 get: - description: Lists information about the supported locations for this service. - operationId: clouddeploy.projects.locations.list + description: Gets the configuration for a location. + operationId: clouddeploy.projects.locations.getConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6018,28 +6149,16 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/Config' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes + - in: path + name: locationsId + required: true schema: type: string /v1/projects/{projectsId}/locations/{locationsId}: @@ -6070,13 +6189,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/customTargetTypes/{customTargetTypesId}:getIamPolicy: parameters: *ref_1 get: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: clouddeploy.projects.locations.operations.list + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: clouddeploy.projects.locations.customTargetTypes.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6088,7 +6207,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6100,27 +6219,21 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: customTargetTypesId + required: true schema: type: string - in: query - name: pageSize + name: options.requestedPolicyVersion schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/customTargetTypes: parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: clouddeploy.projects.locations.operations.get + description: Lists CustomTargetTypes in a given project and location. + operationId: clouddeploy.projects.locations.customTargetTypes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6132,7 +6245,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListCustomTargetTypesResponse' parameters: - in: path name: projectsId @@ -6144,18 +6257,31 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: orderBy schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: clouddeploy.projects.locations.operations.delete + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + post: + description: Creates a new CustomTargetType in a given project and location. + operationId: clouddeploy.projects.locations.customTargetTypes.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CustomTargetType' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6167,7 +6293,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6179,30 +6305,23 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: customTargetTypeId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/customTargetTypes/{customTargetTypesId}: parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: clouddeploy.projects.locations.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + delete: + description: Deletes a single CustomTargetType. + operationId: clouddeploy.projects.locations.customTargetTypes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6214,7 +6333,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6227,15 +6346,34 @@ paths: schema: type: string - in: path - name: operationsId + name: customTargetTypesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines: - parameters: *ref_1 - get: - description: Lists DeliveryPipelines in a given project and location. - operationId: clouddeploy.projects.locations.deliveryPipelines.list + - in: query + name: allowMissing + schema: + type: boolean + - in: query + name: etag + schema: + type: string + - in: query + name: requestId + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean + patch: + description: Updates a single CustomTargetType. + operationId: clouddeploy.projects.locations.customTargetTypes.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CustomTargetType' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6247,7 +6385,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDeliveryPipelinesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6259,31 +6397,31 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: customTargetTypesId + required: true schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: updateMask schema: type: string + format: google-fieldmask - in: query - name: filter + name: allowMissing schema: - type: string + type: boolean - in: query - name: orderBy + name: requestId schema: type: string - post: - description: Creates a new DeliveryPipeline in a given project and location. - operationId: clouddeploy.projects.locations.deliveryPipelines.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DeliveryPipeline' + - in: query + name: validateOnly + schema: + type: boolean + get: + description: Gets details of a single CustomTargetType. + operationId: clouddeploy.projects.locations.customTargetTypes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6295,7 +6433,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/CustomTargetType' parameters: - in: path name: projectsId @@ -6307,23 +6445,24 @@ paths: required: true schema: type: string - - in: query - name: deliveryPipelineId - schema: - type: string - - in: query - name: requestId + - in: path + name: customTargetTypesId + required: true schema: type: string - - in: query - name: validateOnly - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}: + /v1/projects/{projectsId}/locations/{locationsId}/customTargetTypes/{customTargetTypesId}:setIamPolicy: parameters: *ref_1 - get: - description: Gets details of a single DeliveryPipeline. - operationId: clouddeploy.projects.locations.deliveryPipelines.get + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: clouddeploy.projects.locations.customTargetTypes.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6335,7 +6474,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DeliveryPipeline' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6348,18 +6487,20 @@ paths: schema: type: string - in: path - name: deliveryPipelinesId + name: customTargetTypesId required: true schema: type: string - patch: - description: Updates the parameters of a single DeliveryPipeline. - operationId: clouddeploy.projects.locations.deliveryPipelines.patch + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases: + parameters: *ref_1 + post: + description: Creates a new Release in a given project and location. + operationId: clouddeploy.projects.locations.deliveryPipelines.releases.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/DeliveryPipeline' + $ref: '#/components/schemas/Release' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6389,25 +6530,24 @@ paths: schema: type: string - in: query - name: updateMask + name: validateOnly schema: - type: string - format: google-fieldmask + type: boolean - in: query - name: requestId + name: overrideDeployPolicy schema: type: string - in: query - name: allowMissing + name: releaseId schema: - type: boolean + type: string - in: query - name: validateOnly + name: requestId schema: - type: boolean - delete: - description: Deletes a single DeliveryPipeline. - operationId: clouddeploy.projects.locations.deliveryPipelines.delete + type: string + get: + description: Lists Releases in a given project and location. + operationId: clouddeploy.projects.locations.deliveryPipelines.releases.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6419,7 +6559,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListReleasesResponse' parameters: - in: path name: projectsId @@ -6437,35 +6577,27 @@ paths: schema: type: string - in: query - name: requestId + name: orderBy schema: type: string - in: query - name: allowMissing - schema: - type: boolean - - in: query - name: validateOnly + name: pageSize schema: - type: boolean + type: integer + format: int32 - in: query - name: force + name: filter schema: - type: boolean + type: string - in: query - name: etag + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}:rollbackTarget: + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}: parameters: *ref_1 - post: - description: Creates a `Rollout` to roll back the specified target. - operationId: clouddeploy.projects.locations.deliveryPipelines.rollbackTarget - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RollbackTargetRequest' + get: + description: Gets details of a single Release. + operationId: clouddeploy.projects.locations.deliveryPipelines.releases.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6477,7 +6609,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RollbackTargetResponse' + $ref: '#/components/schemas/Release' parameters: - in: path name: projectsId @@ -6494,19 +6626,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}:setIamPolicy: + - in: path + name: releasesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}:abandon: parameters: *ref_1 post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: clouddeploy.projects.locations.deliveryPipelines.setIamPolicy + description: Abandons a Release in the Delivery Pipeline. + operationId: clouddeploy.projects.locations.deliveryPipelines.releases.abandon requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/AbandonReleaseRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6518,7 +6652,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/AbandonReleaseResponse' parameters: - in: path name: projectsId @@ -6535,13 +6669,17 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}:getIamPolicy: + - in: path + name: releasesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts/{rolloutsId}/jobRuns/{jobRunsId}: parameters: *ref_1 get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: clouddeploy.projects.locations.deliveryPipelines.getIamPolicy + description: Gets details of a single JobRun. + operationId: >- + clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.jobRuns.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6553,7 +6691,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/JobRun' parameters: - in: path name: projectsId @@ -6570,26 +6708,27 @@ paths: required: true schema: type: string - - in: query - name: options.requestedPolicyVersion + - in: path + name: releasesId + required: true schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}:testIamPermissions: + type: string + - in: path + name: rolloutsId + required: true + schema: + type: string + - in: path + name: jobRunsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts/{rolloutsId}/jobRuns: parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: clouddeploy.projects.locations.deliveryPipelines.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + get: + description: Lists JobRuns in a given project and location. + operationId: >- + clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.jobRuns.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6601,7 +6740,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ListJobRunsResponse' parameters: - in: path name: projectsId @@ -6618,11 +6757,44 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases: + - in: path + name: releasesId + required: true + schema: + type: string + - in: path + name: rolloutsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts/{rolloutsId}/jobRuns/{jobRunsId}:terminate: parameters: *ref_1 - get: - description: Lists Releases in a given project and location. - operationId: clouddeploy.projects.locations.deliveryPipelines.releases.list + post: + description: Terminates a Job Run in a given project and location. + operationId: >- + clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.jobRuns.terminate + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TerminateJobRunRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6634,7 +6806,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListReleasesResponse' + $ref: '#/components/schemas/TerminateJobRunResponse' parameters: - in: path name: projectsId @@ -6651,31 +6823,32 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: releasesId + required: true schema: type: string - - in: query - name: filter + - in: path + name: rolloutsId + required: true schema: type: string - - in: query - name: orderBy + - in: path + name: jobRunsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts/{rolloutsId}:advance: + parameters: *ref_1 post: - description: Creates a new Release in a given project and location. - operationId: clouddeploy.projects.locations.deliveryPipelines.releases.create + description: Advances a Rollout in a given project and location. + operationId: >- + clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.advance requestBody: content: application/json: schema: - $ref: '#/components/schemas/Release' + $ref: '#/components/schemas/AdvanceRolloutRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6687,7 +6860,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/AdvanceRolloutResponse' parameters: - in: path name: projectsId @@ -6704,27 +6877,27 @@ paths: required: true schema: type: string - - in: query - name: releaseId - schema: - type: string - - in: query - name: requestId + - in: path + name: releasesId + required: true schema: type: string - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: overrideDeployPolicy + - in: path + name: rolloutsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}: + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts/{rolloutsId}:ignoreJob: parameters: *ref_1 - get: - description: Gets details of a single Release. - operationId: clouddeploy.projects.locations.deliveryPipelines.releases.get + post: + description: Ignores the specified Job in a Rollout. + operationId: >- + clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.ignoreJob + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IgnoreJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6736,7 +6909,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Release' + $ref: '#/components/schemas/IgnoreJobResponse' parameters: - in: path name: projectsId @@ -6758,16 +6931,22 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}:abandon: + - in: path + name: rolloutsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts: parameters: *ref_1 post: - description: Abandons a Release in the Delivery Pipeline. - operationId: clouddeploy.projects.locations.deliveryPipelines.releases.abandon + description: Creates a new Rollout in a given project and location. + operationId: >- + clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/AbandonReleaseRequest' + $ref: '#/components/schemas/Rollout' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6779,7 +6958,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AbandonReleaseResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6801,17 +6980,29 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts/{rolloutsId}:approve: - parameters: *ref_1 - post: - description: Approves a Rollout. - operationId: >- - clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.approve - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ApproveRolloutRequest' + - in: query + name: overrideDeployPolicy + schema: + type: string + - in: query + name: startingPhaseId + schema: + type: string + - in: query + name: requestId + schema: + type: string + - in: query + name: rolloutId + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean + get: + description: Lists Rollouts in a given project and location. + operationId: clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6823,7 +7014,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApproveRolloutResponse' + $ref: '#/components/schemas/ListRolloutsResponse' parameters: - in: path name: projectsId @@ -6840,27 +7031,39 @@ paths: required: true schema: type: string - - in: path - name: releasesId - required: true + - in: path + name: releasesId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken schema: type: string - - in: path - name: rolloutsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts/{rolloutsId}:advance: + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts/{rolloutsId}:approve: parameters: *ref_1 post: - description: Advances a Rollout in a given project and location. + description: Approves a Rollout. operationId: >- - clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.advance + clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.approve requestBody: content: application/json: schema: - $ref: '#/components/schemas/AdvanceRolloutRequest' + $ref: '#/components/schemas/ApproveRolloutRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6872,7 +7075,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AdvanceRolloutResponse' + $ref: '#/components/schemas/ApproveRolloutResponse' parameters: - in: path name: projectsId @@ -6948,11 +7151,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts: + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts/{rolloutsId}: parameters: *ref_1 get: - description: Lists Rollouts in a given project and location. - operationId: clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.list + description: Gets details of a single Rollout. + operationId: clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6964,7 +7167,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRolloutsResponse' + $ref: '#/components/schemas/Rollout' parameters: - in: path name: projectsId @@ -6986,32 +7189,22 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: rolloutsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts/{rolloutsId}:retryJob: + parameters: *ref_1 post: - description: Creates a new Rollout in a given project and location. + description: Retries the specified Job in a Rollout. operationId: >- - clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.create + clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.retryJob requestBody: content: application/json: schema: - $ref: '#/components/schemas/Rollout' + $ref: '#/components/schemas/RetryJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7023,7 +7216,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/RetryJobResponse' parameters: - in: path name: projectsId @@ -7045,31 +7238,25 @@ paths: required: true schema: type: string - - in: query - name: rolloutId - schema: - type: string - - in: query - name: requestId - schema: - type: string - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: overrideDeployPolicy - schema: - type: string - - in: query - name: startingPhaseId + - in: path + name: rolloutsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts/{rolloutsId}: + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/automationRuns/{automationRunsId}:cancel: parameters: *ref_1 - get: - description: Gets details of a single Rollout. - operationId: clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.get + post: + description: >- + Cancels an AutomationRun. The `state` of the `AutomationRun` after + cancelling is `CANCELLED`. `CancelAutomationRun` can be called on + AutomationRun in the state `IN_PROGRESS` and `PENDING`; AutomationRun in + a different state returns an `FAILED_PRECONDITION` error. + operationId: clouddeploy.projects.locations.deliveryPipelines.automationRuns.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelAutomationRunRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7081,7 +7268,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Rollout' + $ref: '#/components/schemas/CancelAutomationRunResponse' parameters: - in: path name: projectsId @@ -7099,26 +7286,15 @@ paths: schema: type: string - in: path - name: releasesId - required: true - schema: - type: string - - in: path - name: rolloutsId + name: automationRunsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts/{rolloutsId}:ignoreJob: + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/automationRuns: parameters: *ref_1 - post: - description: Ignores the specified Job in a Rollout. - operationId: >- - clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.ignoreJob - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/IgnoreJobRequest' + get: + description: Lists AutomationRuns in a given project and location. + operationId: clouddeploy.projects.locations.deliveryPipelines.automationRuns.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7130,7 +7306,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/IgnoreJobResponse' + $ref: '#/components/schemas/ListAutomationRunsResponse' parameters: - in: path name: projectsId @@ -7147,27 +7323,28 @@ paths: required: true schema: type: string - - in: path - name: releasesId - required: true + - in: query + name: filter schema: type: string - - in: path - name: rolloutsId - required: true + - in: query + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts/{rolloutsId}:retryJob: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/automationRuns/{automationRunsId}: parameters: *ref_1 - post: - description: Retries the specified Job in a Rollout. - operationId: >- - clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.retryJob - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RetryJobRequest' + get: + description: Gets details of a single AutomationRun. + operationId: clouddeploy.projects.locations.deliveryPipelines.automationRuns.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7179,7 +7356,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RetryJobResponse' + $ref: '#/components/schemas/AutomationRun' parameters: - in: path name: projectsId @@ -7197,21 +7374,15 @@ paths: schema: type: string - in: path - name: releasesId - required: true - schema: - type: string - - in: path - name: rolloutsId + name: automationRunsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts/{rolloutsId}/jobRuns: + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/automations: parameters: *ref_1 get: - description: Lists JobRuns in a given project and location. - operationId: >- - clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.jobRuns.list + description: Lists Automations in a given project and location. + operationId: clouddeploy.projects.locations.deliveryPipelines.automations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7223,7 +7394,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListJobRunsResponse' + $ref: '#/components/schemas/ListAutomationsResponse' parameters: - in: path name: projectsId @@ -7240,21 +7411,10 @@ paths: required: true schema: type: string - - in: path - name: releasesId - required: true - schema: - type: string - - in: path - name: rolloutsId - required: true - schema: - type: string - in: query - name: pageSize + name: orderBy schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: @@ -7264,15 +7424,18 @@ paths: schema: type: string - in: query - name: orderBy + name: pageSize schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts/{rolloutsId}/jobRuns/{jobRunsId}: - parameters: *ref_1 - get: - description: Gets details of a single JobRun. - operationId: >- - clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.jobRuns.get + type: integer + format: int32 + post: + description: Creates a new Automation in a given project and location. + operationId: clouddeploy.projects.locations.deliveryPipelines.automations.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Automation' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7284,7 +7447,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/JobRun' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7301,32 +7464,23 @@ paths: required: true schema: type: string - - in: path - name: releasesId - required: true + - in: query + name: requestId schema: type: string - - in: path - name: rolloutsId - required: true + - in: query + name: validateOnly schema: - type: string - - in: path - name: jobRunsId - required: true + type: boolean + - in: query + name: automationId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/releases/{releasesId}/rollouts/{rolloutsId}/jobRuns/{jobRunsId}:terminate: + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/automations/{automationsId}: parameters: *ref_1 - post: - description: Terminates a Job Run in a given project and location. - operationId: >- - clouddeploy.projects.locations.deliveryPipelines.releases.rollouts.jobRuns.terminate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TerminateJobRunRequest' + get: + description: Gets details of a single Automation. + operationId: clouddeploy.projects.locations.deliveryPipelines.automations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7338,7 +7492,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TerminateJobRunResponse' + $ref: '#/components/schemas/Automation' parameters: - in: path name: projectsId @@ -7356,25 +7510,13 @@ paths: schema: type: string - in: path - name: releasesId - required: true - schema: - type: string - - in: path - name: rolloutsId - required: true - schema: - type: string - - in: path - name: jobRunsId + name: automationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/automations: - parameters: *ref_1 - post: - description: Creates a new Automation in a given project and location. - operationId: clouddeploy.projects.locations.deliveryPipelines.automations.create + patch: + description: Updates the parameters of a single Automation resource. + operationId: clouddeploy.projects.locations.deliveryPipelines.automations.patch requestBody: content: application/json: @@ -7408,21 +7550,31 @@ paths: required: true schema: type: string - - in: query - name: automationId + - in: path + name: automationsId + required: true schema: type: string - in: query - name: requestId + name: updateMask schema: type: string + format: google-fieldmask - in: query name: validateOnly schema: type: boolean - get: - description: Lists Automations in a given project and location. - operationId: clouddeploy.projects.locations.deliveryPipelines.automations.list + - in: query + name: allowMissing + schema: + type: boolean + - in: query + name: requestId + schema: + type: string + delete: + description: Deletes a single Automation resource. + operationId: clouddeploy.projects.locations.deliveryPipelines.automations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7434,7 +7586,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAutomationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7451,33 +7603,37 @@ paths: required: true schema: type: string + - in: path + name: automationsId + required: true + schema: + type: string - in: query - name: pageSize + name: validateOnly schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: allowMissing schema: - type: string + type: boolean - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: etag schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/automations/{automationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines: parameters: *ref_1 - patch: - description: Updates the parameters of a single Automation resource. - operationId: clouddeploy.projects.locations.deliveryPipelines.automations.patch + post: + description: Creates a new DeliveryPipeline in a given project and location. + operationId: clouddeploy.projects.locations.deliveryPipelines.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Automation' + $ref: '#/components/schemas/DeliveryPipeline' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7501,36 +7657,71 @@ paths: required: true schema: type: string + - in: query + name: deliveryPipelineId + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: requestId + schema: + type: string + get: + description: Lists DeliveryPipelines in a given project and location. + operationId: clouddeploy.projects.locations.deliveryPipelines.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListDeliveryPipelinesResponse' + parameters: - in: path - name: deliveryPipelinesId + name: projectsId required: true schema: type: string - in: path - name: automationsId + name: locationsId required: true schema: type: string - in: query - name: updateMask + name: orderBy schema: type: string - format: google-fieldmask - in: query - name: requestId + name: filter schema: type: string - in: query - name: allowMissing + name: pageSize schema: - type: boolean + type: integer + format: int32 - in: query - name: validateOnly + name: pageToken schema: - type: boolean - delete: - description: Deletes a single Automation resource. - operationId: clouddeploy.projects.locations.deliveryPipelines.automations.delete + type: string + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}: + parameters: *ref_1 + patch: + description: Updates the parameters of a single DeliveryPipeline. + operationId: clouddeploy.projects.locations.deliveryPipelines.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DeliveryPipeline' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7559,11 +7750,10 @@ paths: required: true schema: type: string - - in: path - name: automationsId - required: true + - in: query + name: validateOnly schema: - type: string + type: boolean - in: query name: requestId schema: @@ -7573,16 +7763,13 @@ paths: schema: type: boolean - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: etag + name: updateMask schema: type: string + format: google-fieldmask get: - description: Gets details of a single Automation. - operationId: clouddeploy.projects.locations.deliveryPipelines.automations.get + description: Gets details of a single DeliveryPipeline. + operationId: clouddeploy.projects.locations.deliveryPipelines.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7594,7 +7781,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Automation' + $ref: '#/components/schemas/DeliveryPipeline' parameters: - in: path name: projectsId @@ -7611,16 +7798,9 @@ paths: required: true schema: type: string - - in: path - name: automationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/automationRuns/{automationRunsId}: - parameters: *ref_1 - get: - description: Gets details of a single AutomationRun. - operationId: clouddeploy.projects.locations.deliveryPipelines.automationRuns.get + delete: + description: Deletes a single DeliveryPipeline. + operationId: clouddeploy.projects.locations.deliveryPipelines.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7632,7 +7812,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AutomationRun' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7649,16 +7829,39 @@ paths: required: true schema: type: string - - in: path - name: automationRunsId - required: true + - in: query + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/automationRuns: + - in: query + name: force + schema: + type: boolean + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: etag + schema: + type: string + - in: query + name: allowMissing + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}:setIamPolicy: parameters: *ref_1 - get: - description: Lists AutomationRuns in a given project and location. - operationId: clouddeploy.projects.locations.deliveryPipelines.automationRuns.list + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: clouddeploy.projects.locations.deliveryPipelines.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7670,7 +7873,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAutomationRunsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7687,37 +7890,13 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}/automationRuns/{automationRunsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}:getIamPolicy: parameters: *ref_1 - post: + get: description: >- - Cancels an AutomationRun. The `state` of the `AutomationRun` after - cancelling is `CANCELLED`. `CancelAutomationRun` can be called on - AutomationRun in the state `IN_PROGRESS` and `PENDING`; AutomationRun in - a different state returns an `FAILED_PRECONDITION` error. - operationId: clouddeploy.projects.locations.deliveryPipelines.automationRuns.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelAutomationRunRequest' + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: clouddeploy.projects.locations.deliveryPipelines.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7729,7 +7908,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CancelAutomationRunResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7746,16 +7925,26 @@ paths: required: true schema: type: string - - in: path - name: automationRunsId - required: true + - in: query + name: options.requestedPolicyVersion schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/targets: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}:testIamPermissions: parameters: *ref_1 - get: - description: Lists Targets in a given project and location. - operationId: clouddeploy.projects.locations.targets.list + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: clouddeploy.projects.locations.deliveryPipelines.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7767,7 +7956,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTargetsResponse' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -7779,31 +7968,21 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: deliveryPipelinesId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/deliveryPipelines/{deliveryPipelinesId}:rollbackTarget: + parameters: *ref_1 post: - description: Creates a new Target in a given project and location. - operationId: clouddeploy.projects.locations.targets.create + description: Creates a `Rollout` to roll back the specified target. + operationId: clouddeploy.projects.locations.deliveryPipelines.rollbackTarget requestBody: content: application/json: schema: - $ref: '#/components/schemas/Target' + $ref: '#/components/schemas/RollbackTargetRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7815,7 +7994,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/RollbackTargetResponse' parameters: - in: path name: projectsId @@ -7827,18 +8006,11 @@ paths: required: true schema: type: string - - in: query - name: targetId - schema: - type: string - - in: query - name: requestId + - in: path + name: deliveryPipelinesId + required: true schema: type: string - - in: query - name: validateOnly - schema: - type: boolean /v1/projects/{projectsId}/locations/{locationsId}/targets/{targetsId}: parameters: *ref_1 get: @@ -7909,18 +8081,18 @@ paths: schema: type: string - in: query - name: updateMask + name: allowMissing schema: - type: string - format: google-fieldmask + type: boolean - in: query name: requestId schema: type: string - in: query - name: allowMissing + name: updateMask schema: - type: boolean + type: string + format: google-fieldmask - in: query name: validateOnly schema: @@ -7957,34 +8129,31 @@ paths: schema: type: string - in: query - name: requestId + name: etag schema: type: string - in: query - name: allowMissing + name: validateOnly schema: type: boolean - in: query - name: validateOnly + name: allowMissing schema: type: boolean - in: query - name: etag + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/targets/{targetsId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/targets: parameters: *ref_1 post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: clouddeploy.projects.locations.targets.setIamPolicy + description: Creates a new Target in a given project and location. + operationId: clouddeploy.projects.locations.targets.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/Target' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7996,7 +8165,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -8008,18 +8177,21 @@ paths: required: true schema: type: string - - in: path - name: targetsId - required: true + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: requestId + schema: + type: string + - in: query + name: targetId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/targets/{targetsId}:getIamPolicy: - parameters: *ref_1 get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: clouddeploy.projects.locations.targets.getIamPolicy + description: Lists Targets in a given project and location. + operationId: clouddeploy.projects.locations.targets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8031,7 +8203,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListTargetsResponse' parameters: - in: path name: projectsId @@ -8043,31 +8215,30 @@ paths: required: true schema: type: string - - in: path - name: targetsId - required: true + - in: query + name: orderBy schema: type: string - in: query - name: options.requestedPolicyVersion + name: pageToken + schema: + type: string + - in: query + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/targets/{targetsId}:testIamPermissions: + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/targets/{targetsId}:getIamPolicy: parameters: *ref_1 - post: + get: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: clouddeploy.projects.locations.targets.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: clouddeploy.projects.locations.targets.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8079,7 +8250,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -8096,99 +8267,26 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/customTargetTypes: - parameters: *ref_1 - get: - description: Lists CustomTargetTypes in a given project and location. - operationId: clouddeploy.projects.locations.customTargetTypes.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListCustomTargetTypesResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - in: query - name: pageSize + name: options.requestedPolicyVersion schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string + /v1/projects/{projectsId}/locations/{locationsId}/targets/{targetsId}:testIamPermissions: + parameters: *ref_1 post: - description: Creates a new CustomTargetType in a given project and location. - operationId: clouddeploy.projects.locations.customTargetTypes.create + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: clouddeploy.projects.locations.targets.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/CustomTargetType' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: customTargetTypeId - schema: - type: string - - in: query - name: requestId - schema: - type: string - - in: query - name: validateOnly - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/customTargetTypes/{customTargetTypesId}: - parameters: *ref_1 - get: - description: Gets details of a single CustomTargetType. - operationId: clouddeploy.projects.locations.customTargetTypes.get + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8200,7 +8298,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CustomTargetType' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -8213,18 +8311,23 @@ paths: schema: type: string - in: path - name: customTargetTypesId + name: targetsId required: true schema: type: string - patch: - description: Updates a single CustomTargetType. - operationId: clouddeploy.projects.locations.customTargetTypes.patch + /v1/projects/{projectsId}/locations/{locationsId}/targets/{targetsId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: clouddeploy.projects.locations.targets.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/CustomTargetType' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8236,7 +8339,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -8249,30 +8352,19 @@ paths: schema: type: string - in: path - name: customTargetTypesId + name: targetsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId - schema: - type: string - - in: query - name: allowMissing - schema: - type: boolean - - in: query - name: validateOnly - schema: - type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 delete: - description: Deletes a single CustomTargetType. - operationId: clouddeploy.projects.locations.customTargetTypes.delete + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: clouddeploy.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8284,7 +8376,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -8297,39 +8389,16 @@ paths: schema: type: string - in: path - name: customTargetTypesId + name: operationsId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - - in: query - name: allowMissing - schema: - type: boolean - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: etag - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/customTargetTypes/{customTargetTypesId}:setIamPolicy: - parameters: *ref_1 - post: + get: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: clouddeploy.projects.locations.customTargetTypes.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: clouddeploy.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8341,7 +8410,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -8354,17 +8423,17 @@ paths: schema: type: string - in: path - name: customTargetTypesId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/customTargetTypes/{customTargetTypesId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 get: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: clouddeploy.projects.locations.customTargetTypes.getIamPolicy + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: clouddeploy.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8376,7 +8445,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -8388,26 +8457,42 @@ paths: required: true schema: type: string - - in: path - name: customTargetTypesId - required: true + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter schema: type: string - in: query - name: options.requestedPolicyVersion + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/deployPolicies: + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: - description: Creates a new DeployPolicy in a given project and location. - operationId: clouddeploy.projects.locations.deployPolicies.create + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: clouddeploy.projects.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/DeployPolicy' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8419,7 +8504,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -8431,21 +8516,16 @@ paths: required: true schema: type: string - - in: query - name: deployPolicyId - schema: - type: string - - in: query - name: requestId + - in: path + name: operationsId + required: true schema: type: string - - in: query - name: validateOnly - schema: - type: boolean - get: - description: Lists DeployPolicies in a given project and location. - operationId: clouddeploy.projects.locations.deployPolicies.list + /v1/projects/{projectsId}/locations/{locationsId}/deployPolicies/{deployPoliciesId}: + parameters: *ref_1 + delete: + description: Deletes a single DeployPolicy. + operationId: clouddeploy.projects.locations.deployPolicies.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8457,7 +8537,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDeployPoliciesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -8469,25 +8549,27 @@ paths: required: true schema: type: string + - in: path + name: deployPoliciesId + required: true + schema: + type: string - in: query - name: pageSize + name: allowMissing schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: validateOnly schema: - type: string + type: boolean - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: etag schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deployPolicies/{deployPoliciesId}: - parameters: *ref_1 patch: description: Updates the parameters of a single DeployPolicy. operationId: clouddeploy.projects.locations.deployPolicies.patch @@ -8534,16 +8616,16 @@ paths: schema: type: string - in: query - name: allowMissing + name: validateOnly schema: type: boolean - in: query - name: validateOnly + name: allowMissing schema: type: boolean - delete: - description: Deletes a single DeployPolicy. - operationId: clouddeploy.projects.locations.deployPolicies.delete + get: + description: Gets details of a single DeployPolicy. + operationId: clouddeploy.projects.locations.deployPolicies.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8555,7 +8637,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/DeployPolicy' parameters: - in: path name: projectsId @@ -8572,25 +8654,19 @@ paths: required: true schema: type: string - - in: query - name: requestId - schema: - type: string - - in: query - name: allowMissing - schema: - type: boolean - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: etag - schema: - type: string - get: - description: Gets details of a single DeployPolicy. - operationId: clouddeploy.projects.locations.deployPolicies.get + /v1/projects/{projectsId}/locations/{locationsId}/deployPolicies/{deployPoliciesId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: clouddeploy.projects.locations.deployPolicies.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8602,7 +8678,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DeployPolicy' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -8619,19 +8695,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/deployPolicies/{deployPoliciesId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/deployPolicies: parameters: *ref_1 post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: clouddeploy.projects.locations.deployPolicies.setIamPolicy + description: Creates a new DeployPolicy in a given project and location. + operationId: clouddeploy.projects.locations.deployPolicies.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/DeployPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8643,7 +8716,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -8655,11 +8728,61 @@ paths: required: true schema: type: string + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: requestId + schema: + type: string + - in: query + name: deployPolicyId + schema: + type: string + get: + description: Lists DeployPolicies in a given project and location. + operationId: clouddeploy.projects.locations.deployPolicies.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListDeployPoliciesResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: deployPoliciesId + name: locationsId required: true schema: type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/deployPolicies/{deployPoliciesId}:getIamPolicy: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/clouderrorreporting.yaml b/providers/src/googleapis.com/v00.00.00000/services/clouderrorreporting.yaml index dd4049b7..2de3449c 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/clouderrorreporting.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/clouderrorreporting.yaml @@ -10,8 +10,8 @@ info: reports new errors, and provides access to error groups and their associated errors. version: v1beta1 - x-discovery-doc-revision: '20250822' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251205' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/error-reporting/ servers: @@ -37,8 +37,136 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: + DeleteEventsResponse: + description: Response message for deleting error events. + properties: {} + type: object + id: DeleteEventsResponse + TrackingIssue: + properties: + url: + description: >- + A URL pointing to a related entry in an issue tracking system. + Example: `https://github.com/user/project/issues/4` + type: string + description: Information related to tracking the progress on resolving the error. + id: TrackingIssue + type: object + SourceLocation: + id: SourceLocation + type: object + properties: + functionName: + description: >- + Human-readable name of a function or method. The value can include + optional context like the class or package name. For example, + `my.package.MyClass.method` in case of Java. + type: string + filePath: + description: >- + The source code filename, which can include a truncated relative + path, or a full path from a production machine. + type: string + lineNumber: + description: 1-based. 0 indicates that the line number is unknown. + type: integer + format: int32 + description: >- + Indicates a location in the source code of the service for which errors + are reported. `functionName` must be provided by the application when + reporting an error, unless the error report contains a `message` with a + supported exception stack trace. All fields are optional for the later + case. + ListGroupStatsResponse: + description: Contains a set of requested error group stats. + properties: + timeRangeBegin: + type: string + format: google-datetime + description: >- + The timestamp specifies the start time to which the request was + restricted. The start time is set based on the requested time range. + It may be adjusted to a later time if a project has exceeded the + storage quota and older data has been deleted. + errorGroupStats: + description: The error group stats which match the given request. + type: array + items: + $ref: '#/components/schemas/ErrorGroupStats' + nextPageToken: + description: >- + If non-empty, more results are available. Pass this token, along + with the same query parameters as the first request, to view the + next page of results. + type: string + type: object + id: ListGroupStatsResponse + HttpRequestContext: + type: object + properties: + userAgent: + description: The user agent information that is provided with the request. + type: string + url: + description: The URL of the request. + type: string + remoteIp: + description: >- + The IP address from which the request originated. This can be IPv4, + IPv6, or a token which is derived from the IP address, depending on + the data that has been provided in the error report. + type: string + method: + description: The type of HTTP request, such as `GET`, `POST`, etc. + type: string + responseStatusCode: + format: int32 + description: The HTTP response status code for the request. + type: integer + referrer: + type: string + description: The referrer information that is provided with the request. + id: HttpRequestContext + description: >- + HTTP request data that is related to a reported error. This data should + be provided by the application when reporting an error, unless the error + report has been generated automatically from Google App Engine logs. + ErrorContext: + id: ErrorContext + type: object + properties: + reportLocation: + description: >- + The location in the source code where the decision was made to + report the error, usually the place where it was logged. For a + logged exception this would be the source line where the exception + is logged, usually close to the place where it was caught. + $ref: '#/components/schemas/SourceLocation' + httpRequest: + description: The HTTP request which was processed when the error was triggered. + $ref: '#/components/schemas/HttpRequestContext' + sourceReferences: + description: >- + Source code that was used to build the executable which has caused + the given error message. + items: + $ref: '#/components/schemas/SourceReference' + type: array + user: + description: >- + The user who caused or was affected by the crash. This can be a user + ID, an email address, or an arbitrary token that uniquely identifies + the user. When sending an error report, leave this field empty if + the user was not logged in. In this case the Error Reporting system + will use other data, such as remote IP address, to distinguish + affected users. See `affected_users_count` in `ErrorGroupStats`. + type: string + description: >- + A description of the context in which an error occurred. This data + should be provided by the application when reporting an error, unless + the error report has been generated automatically from Google App Engine + logs. ErrorGroup: - id: ErrorGroup description: Description of a group of similar error events. type: object properties: @@ -75,9 +203,6 @@ components: items: $ref: '#/components/schemas/TrackingIssue' resolutionStatus: - description: >- - Error group's resolution status. An unspecified resolution status - will be interpreted as OPEN type: string enumDescriptions: - >- @@ -96,63 +221,127 @@ components: - >- The error group is muted and excluded by default on group stats requests. + description: >- + Error group's resolution status. An unspecified resolution status + will be interpreted as OPEN enum: - RESOLUTION_STATUS_UNSPECIFIED - OPEN - ACKNOWLEDGED - RESOLVED - MUTED - TrackingIssue: - id: TrackingIssue - description: Information related to tracking the progress on resolving the error. + id: ErrorGroup + SourceReference: type: object properties: - url: + repository: + type: string description: >- - A URL pointing to a related entry in an issue tracking system. - Example: `https://github.com/user/project/issues/4` + Optional. A URI string identifying the repository. Example: + "https://github.com/GoogleCloudPlatform/kubernetes.git" + revisionId: + description: >- + The canonical and persistent identifier of the deployed revision. + Example (git): "0035781c50ec7aa23385dc841529ce8a4b70db1b" type: string - ListGroupStatsResponse: - id: ListGroupStatsResponse - description: Contains a set of requested error group stats. + id: SourceReference + description: >- + A reference to a particular snapshot of the source tree used to build + and deploy an application. + ReportErrorEventResponse: + description: >- + Response for reporting an individual error event. Data may be added to + this message in the future. + properties: {} type: object + id: ReportErrorEventResponse + ErrorEvent: properties: - errorGroupStats: - description: The error group stats which match the given request. - type: array - items: - $ref: '#/components/schemas/ErrorGroupStats' - nextPageToken: - description: >- - If non-empty, more results are available. Pass this token, along - with the same query parameters as the first request, to view the - next page of results. + context: + description: Data about the context in which the error occurred. + $ref: '#/components/schemas/ErrorContext' + eventTime: + format: google-datetime type: string - timeRangeBegin: description: >- - The timestamp specifies the start time to which the request was - restricted. The start time is set based on the requested time range. - It may be adjusted to a later time if a project has exceeded the - storage quota and older data has been deleted. + Time when the event occurred as provided in the error report. If the + report did not contain a timestamp, the time the error was received + by the Error Reporting system is used. + serviceContext: + $ref: '#/components/schemas/ServiceContext' + description: The `ServiceContext` for which this error was reported. + message: + description: The stack trace that was reported or logged by the service. type: string + id: ErrorEvent + description: An error event which is returned by the Error Reporting system. + type: object + ReportedErrorEvent: + description: An error event which is reported to the Error Reporting system. + properties: + serviceContext: + description: Required. The service context in which this error has occurred. + $ref: '#/components/schemas/ServiceContext' + context: + description: Optional. A description of the context in which the error occurred. + $ref: '#/components/schemas/ErrorContext' + eventTime: format: google-datetime - ErrorGroupStats: - id: ErrorGroupStats - description: >- - Data extracted for a specific group based on certain filter criteria, - such as a given time period and/or service filter. + type: string + description: >- + Optional. Time when the event occurred. If not provided, the time + when the event was received by the Error Reporting system is used. + If provided, the time must not exceed the [logs retention + period](https://cloud.google.com/logging/quotas#logs_retention_periods) + in the past, or be more than 24 hours in the future. If an invalid + time is provided, then an error is returned. + message: + description: >- + Required. The error message. If no `context.reportLocation` is + provided, the message must contain a header (typically consisting of + the exception type name and an error message) and an exception stack + trace in one of the supported programming languages and formats. + Supported languages are Java, Python, JavaScript, Ruby, C#, PHP, and + Go. Supported stack trace formats are: * **Java**: Must be the + return value of + [`Throwable.printStackTrace()`](https://docs.oracle.com/javase/7/docs/api/java/lang/Throwable.html#printStackTrace%28%29). + * **Python**: Must be the return value of + [`traceback.format_exc()`](https://docs.python.org/2/library/traceback.html#traceback.format_exc). + * **JavaScript**: Must be the value of + [`error.stack`](https://github.com/v8/v8/wiki/Stack-Trace-API) as + returned by V8. * **Ruby**: Must contain frames returned by + [`Exception.backtrace`](https://ruby-doc.org/core-2.2.0/Exception.html#method-i-backtrace). + * **C#**: Must be the return value of + [`Exception.ToString()`](https://msdn.microsoft.com/en-us/library/system.exception.tostring.aspx). + * **PHP**: Must be prefixed with `"PHP (Notice|Parse error|Fatal + error|Warning): "` and contain the result of + [`(string)$exception`](https://php.net/manual/en/exception.tostring.php). + * **Go**: Must be the return value of + [`debug.Stack()`](https://pkg.go.dev/runtime/debug#Stack). + type: string type: object + id: ReportedErrorEvent + ErrorGroupStats: properties: + numAffectedServices: + format: int32 + type: integer + description: >- + The total number of services with a non-zero error count for the + given filter criteria. group: description: Group data that is independent of the filter criteria. $ref: '#/components/schemas/ErrorGroup' - count: + affectedServices: description: >- - Approximate total number of events in the given group that match the - filter criteria. - type: string - format: int64 + Service contexts with a non-zero error count for the given filter + criteria. This list can be truncated if multiple services are + affected. Refer to `num_affected_services` for the total count. + type: array + items: + $ref: '#/components/schemas/ServiceContext' affectedUsersCount: + format: int64 description: >- Approximate number of affected users in the given group that match the filter criteria. Users are distinguished by data in the @@ -165,43 +354,21 @@ components: affected, such as due to a crash of the whole service, this is not reflected here. type: string - format: int64 - timedCounts: - description: >- - Approximate number of occurrences over time. Timed counts returned - by ListGroups are guaranteed to be: - Inside the requested time - interval - Non-overlapping, and - Ordered by ascending time. - type: array - items: - $ref: '#/components/schemas/TimedCount' - firstSeenTime: - description: >- - Approximate first occurrence that was ever seen for this group and - which matches the given filter criteria, ignoring the time_range - that was specified in the request. - type: string - format: google-datetime lastSeenTime: description: >- Approximate last occurrence that was ever seen for this group and which matches the given filter criteria, ignoring the time_range that was specified in the request. - type: string format: google-datetime - affectedServices: - description: >- - Service contexts with a non-zero error count for the given filter - criteria. This list can be truncated if multiple services are - affected. Refer to `num_affected_services` for the total count. - type: array + type: string + timedCounts: items: - $ref: '#/components/schemas/ServiceContext' - numAffectedServices: + $ref: '#/components/schemas/TimedCount' description: >- - The total number of services with a non-zero error count for the - given filter criteria. - type: integer - format: int32 + Approximate number of occurrences over time. Timed counts returned + by ListGroups are guaranteed to be: - Inside the requested time + interval - Non-overlapping, and - Ordered by ascending time. + type: array representative: description: >- An arbitrary event that is chosen as representative for the whole @@ -211,263 +378,96 @@ components: representative provides insight into the characteristics of the group as a whole. $ref: '#/components/schemas/ErrorEvent' - TimedCount: - id: TimedCount - description: >- - The number of errors in a given time period. All numbers are approximate - since the error events are sampled before counting them. - type: object - properties: - count: - description: Approximate number of occurrences in the given time period. - type: string - format: int64 - startTime: - description: Start of the time period to which `count` refers (included). - type: string - format: google-datetime - endTime: - description: End of the time period to which `count` refers (excluded). - type: string - format: google-datetime - ServiceContext: - id: ServiceContext - description: >- - Describes a running service that sends errors. Its version changes over - time and multiple versions can run in parallel. - type: object - properties: - service: - description: >- - An identifier of the service, such as the name of the executable, - job, or Google App Engine service name. This field is expected to - have a low number of values that are relatively stable over time, as - opposed to `version`, which can be changed whenever new code is - deployed. Contains the service name for error reports extracted from - Google App Engine logs or `default` if the App Engine default - service is used. - type: string - version: - description: >- - Represents the source code version that the developer provided, - which could represent a version label or a Git SHA-1 hash, for - example. For App Engine standard environment, the version is set to - the version of the app. - type: string - resourceType: - description: >- - Type of the MonitoredResource. List of possible values: - https://cloud.google.com/monitoring/api/resources Value is set - automatically for incoming errors and must not be set when reporting - errors. - type: string - ErrorEvent: - id: ErrorEvent - description: An error event which is returned by the Error Reporting system. - type: object - properties: - eventTime: - description: >- - Time when the event occurred as provided in the error report. If the - report did not contain a timestamp, the time the error was received - by the Error Reporting system is used. - type: string + firstSeenTime: format: google-datetime - serviceContext: - description: The `ServiceContext` for which this error was reported. - $ref: '#/components/schemas/ServiceContext' - message: - description: The stack trace that was reported or logged by the service. - type: string - context: - description: Data about the context in which the error occurred. - $ref: '#/components/schemas/ErrorContext' - ErrorContext: - id: ErrorContext - description: >- - A description of the context in which an error occurred. This data - should be provided by the application when reporting an error, unless - the error report has been generated automatically from Google App Engine - logs. - type: object - properties: - httpRequest: - description: The HTTP request which was processed when the error was triggered. - $ref: '#/components/schemas/HttpRequestContext' - user: - description: >- - The user who caused or was affected by the crash. This can be a user - ID, an email address, or an arbitrary token that uniquely identifies - the user. When sending an error report, leave this field empty if - the user was not logged in. In this case the Error Reporting system - will use other data, such as remote IP address, to distinguish - affected users. See `affected_users_count` in `ErrorGroupStats`. type: string - reportLocation: description: >- - The location in the source code where the decision was made to - report the error, usually the place where it was logged. For a - logged exception this would be the source line where the exception - is logged, usually close to the place where it was caught. - $ref: '#/components/schemas/SourceLocation' - sourceReferences: - description: >- - Source code that was used to build the executable which has caused - the given error message. - type: array - items: - $ref: '#/components/schemas/SourceReference' - HttpRequestContext: - id: HttpRequestContext - description: >- - HTTP request data that is related to a reported error. This data should - be provided by the application when reporting an error, unless the error - report has been generated automatically from Google App Engine logs. - type: object - properties: - method: - description: The type of HTTP request, such as `GET`, `POST`, etc. - type: string - url: - description: The URL of the request. - type: string - userAgent: - description: The user agent information that is provided with the request. - type: string - referrer: - description: The referrer information that is provided with the request. - type: string - responseStatusCode: - description: The HTTP response status code for the request. - type: integer - format: int32 - remoteIp: + Approximate first occurrence that was ever seen for this group and + which matches the given filter criteria, ignoring the time_range + that was specified in the request. + count: description: >- - The IP address from which the request originated. This can be IPv4, - IPv6, or a token which is derived from the IP address, depending on - the data that has been provided in the error report. + Approximate total number of events in the given group that match the + filter criteria. + format: int64 type: string - SourceLocation: - id: SourceLocation - description: >- - Indicates a location in the source code of the service for which errors - are reported. `functionName` must be provided by the application when - reporting an error, unless the error report contains a `message` with a - supported exception stack trace. All fields are optional for the later - case. type: object - properties: - filePath: - description: >- - The source code filename, which can include a truncated relative - path, or a full path from a production machine. - type: string - lineNumber: - description: 1-based. 0 indicates that the line number is unknown. - type: integer - format: int32 - functionName: - description: >- - Human-readable name of a function or method. The value can include - optional context like the class or package name. For example, - `my.package.MyClass.method` in case of Java. - type: string - SourceReference: - id: SourceReference + id: ErrorGroupStats description: >- - A reference to a particular snapshot of the source tree used to build - and deploy an application. + Data extracted for a specific group based on certain filter criteria, + such as a given time period and/or service filter. + TimedCount: type: object + description: >- + The number of errors in a given time period. All numbers are approximate + since the error events are sampled before counting them. + id: TimedCount properties: - repository: - description: >- - Optional. A URI string identifying the repository. Example: - "https://github.com/GoogleCloudPlatform/kubernetes.git" + endTime: + format: google-datetime type: string - revisionId: - description: >- - The canonical and persistent identifier of the deployed revision. - Example (git): "0035781c50ec7aa23385dc841529ce8a4b70db1b" + description: End of the time period to which `count` refers (excluded). + count: + format: int64 + description: Approximate number of occurrences in the given time period. + type: string + startTime: type: string + format: google-datetime + description: Start of the time period to which `count` refers (included). ListEventsResponse: - id: ListEventsResponse - description: Contains a set of requested error events. - type: object properties: - errorEvents: - description: The error events which match the given request. - type: array - items: - $ref: '#/components/schemas/ErrorEvent' - nextPageToken: - description: >- - If non-empty, more results are available. Pass this token, along - with the same query parameters as the first request, to view the - next page of results. - type: string timeRangeBegin: description: >- The timestamp specifies the start time to which the request was restricted. type: string format: google-datetime - DeleteEventsResponse: - id: DeleteEventsResponse - description: Response message for deleting error events. + nextPageToken: + description: >- + If non-empty, more results are available. Pass this token, along + with the same query parameters as the first request, to view the + next page of results. + type: string + errorEvents: + description: The error events which match the given request. + items: + $ref: '#/components/schemas/ErrorEvent' + type: array + description: Contains a set of requested error events. type: object - properties: {} - ReportedErrorEvent: - id: ReportedErrorEvent - description: An error event which is reported to the Error Reporting system. + id: ListEventsResponse + ServiceContext: type: object properties: - eventTime: + service: description: >- - Optional. Time when the event occurred. If not provided, the time - when the event was received by the Error Reporting system is used. - If provided, the time must not exceed the [logs retention - period](https://cloud.google.com/logging/quotas#logs_retention_periods) - in the past, or be more than 24 hours in the future. If an invalid - time is provided, then an error is returned. + An identifier of the service, such as the name of the executable, + job, or Google App Engine service name. This field is expected to + have a low number of values that are relatively stable over time, as + opposed to `version`, which can be changed whenever new code is + deployed. Contains the service name for error reports extracted from + Google App Engine logs or `default` if the App Engine default + service is used. + type: string + resourceType: type: string - format: google-datetime - serviceContext: - description: Required. The service context in which this error has occurred. - $ref: '#/components/schemas/ServiceContext' - message: description: >- - Required. The error message. If no `context.reportLocation` is - provided, the message must contain a header (typically consisting of - the exception type name and an error message) and an exception stack - trace in one of the supported programming languages and formats. - Supported languages are Java, Python, JavaScript, Ruby, C#, PHP, and - Go. Supported stack trace formats are: * **Java**: Must be the - return value of - [`Throwable.printStackTrace()`](https://docs.oracle.com/javase/7/docs/api/java/lang/Throwable.html#printStackTrace%28%29). - * **Python**: Must be the return value of - [`traceback.format_exc()`](https://docs.python.org/2/library/traceback.html#traceback.format_exc). - * **JavaScript**: Must be the value of - [`error.stack`](https://github.com/v8/v8/wiki/Stack-Trace-API) as - returned by V8. * **Ruby**: Must contain frames returned by - [`Exception.backtrace`](https://ruby-doc.org/core-2.2.0/Exception.html#method-i-backtrace). - * **C#**: Must be the return value of - [`Exception.ToString()`](https://msdn.microsoft.com/en-us/library/system.exception.tostring.aspx). - * **PHP**: Must be prefixed with `"PHP (Notice|Parse error|Fatal - error|Warning): "` and contain the result of - [`(string)$exception`](https://php.net/manual/en/exception.tostring.php). - * **Go**: Must be the return value of - [`debug.Stack()`](https://pkg.go.dev/runtime/debug#Stack). + Type of the MonitoredResource. List of possible values: + https://cloud.google.com/monitoring/api/resources Value is set + automatically for incoming errors and must not be set when reporting + errors. + version: type: string - context: - description: Optional. A description of the context in which the error occurred. - $ref: '#/components/schemas/ErrorContext' - ReportErrorEventResponse: - id: ReportErrorEventResponse + description: >- + Represents the source code version that the developer provided, + which could represent a version label or a Git SHA-1 hash, for + example. For App Engine standard environment, the version is set to + the version of the app. description: >- - Response for reporting an individual error event. Data may be added to - this message in the future. - type: object - properties: {} + Describes a running service that sends errors. Its version changes over + time and multiple versions can run in parallel. + id: ServiceContext parameters: access_token: description: OAuth access token. @@ -491,6 +491,21 @@ components: name: callback schema: type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' fields: description: Selector specifying which fields to include in a partial response. in: query @@ -506,27 +521,12 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string upload_protocol: description: Upload protocol for media (e.g. "raw", "multipart"). in: query @@ -539,15 +539,15 @@ components: name: uploadType schema: type: string - _.xgafv: - description: V1 error format. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: $.xgafv + name: quotaUser schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: events: id: google.clouderrorreporting.events @@ -590,15 +590,13 @@ components: methods: get: operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1groups~1{groupsId}/get + $ref: '#/paths/~1v1beta1~1projects~1{projectsId}~1groups~1{groupsId}/get' response: mediaType: application/json openAPIDocKey: '200' update: operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1groups~1{groupsId}/put + $ref: '#/paths/~1v1beta1~1projects~1{projectsId}~1groups~1{groupsId}/put' response: mediaType: application/json openAPIDocKey: '200' @@ -617,8 +615,7 @@ components: methods: list: operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1groupStats/get + $ref: '#/paths/~1v1beta1~1projects~1{projectsId}~1groupStats/get' response: mediaType: application/json openAPIDocKey: '200' @@ -636,14 +633,14 @@ paths: - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/quotaUser' delete: description: Deletes all error events of a given project. operationId: clouderrorreporting.projects.deleteEvents @@ -661,13 +658,91 @@ paths: $ref: '#/components/schemas/DeleteEventsResponse' parameters: - in: path - name: projectsId + name: projectsId + required: true + schema: + type: string + get: + description: Lists the specified events. + operationId: clouderrorreporting.projects.events.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListEventsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: query + name: serviceFilter.resourceType + schema: + type: string + - in: query + name: serviceFilter.version + schema: + type: string + - in: query + name: timeRange.period + schema: + type: string + - in: query + name: groupId + schema: + type: string + - in: query + name: serviceFilter.service + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1beta1/projects/{projectsId}/locations/{locationsId}/events: + parameters: *ref_1 + delete: + description: Deletes all error events of a given project. + operationId: clouderrorreporting.projects.locations.deleteEvents + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/DeleteEventsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId required: true schema: type: string get: description: Lists the specified events. - operationId: clouderrorreporting.projects.events.list + operationId: clouderrorreporting.projects.locations.events.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -686,40 +761,45 @@ paths: required: true schema: type: string - - in: query - name: groupId + - in: path + name: locationsId + required: true schema: type: string - in: query - name: serviceFilter.service + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: serviceFilter.resourceType schema: type: string - in: query - name: serviceFilter.version + name: groupId schema: type: string - in: query - name: serviceFilter.resourceType + name: serviceFilter.service schema: type: string - in: query - name: timeRange.period + name: serviceFilter.version schema: type: string - in: query - name: pageSize + name: timeRange.period schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - /v1beta1/projects/{projectsId}/groups/{groupsId}: + /v1beta1/projects/{projectsId}/locations/{locationsId}/groups/{groupsId}: parameters: *ref_1 get: description: Get the specified group. - operationId: clouderrorreporting.projects.groups.get + operationId: clouderrorreporting.projects.locations.groups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -738,6 +818,11 @@ paths: required: true schema: type: string + - in: path + name: locationsId + required: true + schema: + type: string - in: path name: groupsId required: true @@ -747,7 +832,7 @@ paths: description: >- Replace the data for the specified group. Fails if the group does not exist. - operationId: clouderrorreporting.projects.groups.update + operationId: clouderrorreporting.projects.locations.groups.update requestBody: content: application/json: @@ -771,16 +856,21 @@ paths: required: true schema: type: string + - in: path + name: locationsId + required: true + schema: + type: string - in: path name: groupsId required: true schema: type: string - /v1beta1/projects/{projectsId}/groupStats: + /v1beta1/projects/{projectsId}/locations/{locationsId}/groupStats: parameters: *ref_1 get: description: Lists the specified groups. - operationId: clouderrorreporting.projects.groupStats.list + operationId: clouderrorreporting.projects.locations.groupStats.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -799,8 +889,9 @@ paths: required: true schema: type: string - - in: query - name: groupId + - in: path + name: locationsId + required: true schema: type: string - in: query @@ -808,33 +899,41 @@ paths: schema: type: string - in: query - name: serviceFilter.version + name: serviceFilter.resourceType schema: type: string - in: query - name: serviceFilter.resourceType + name: timeRange.period schema: type: string - in: query - name: timeRange.period + name: order schema: type: string - in: query - name: timedCountDuration + name: pageToken + schema: + type: string + - in: query + name: groupId schema: type: string - format: google-duration - in: query name: alignment schema: type: string + - in: query + name: timedCountDuration + schema: + type: string + format: google-duration - in: query name: alignmentTime schema: type: string format: google-datetime - in: query - name: order + name: serviceFilter.version schema: type: string - in: query @@ -842,82 +941,18 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1beta1/projects/{projectsId}/events:report: + /v1beta1/projects/{projectsId}/groups/{groupsId}: parameters: *ref_1 - post: + put: description: >- - Report an individual error event and record the event to a log. This - endpoint accepts **either** an OAuth token, **or** an [API - key](https://support.google.com/cloud/answer/6158862) for - authentication. To use an API key, append it to the URL as the value of - a `key` parameter. For example: `POST - https://clouderrorreporting.googleapis.com/v1beta1/{projectName}/events:report?key=123ABC456` - **Note:** [Error Reporting] (https://cloud.google.com/error-reporting) - is a service built on Cloud Logging and can analyze log entries when all - of the following are true: * Customer-managed encryption keys (CMEK) are - disabled on the log bucket. * The log bucket satisfies one of the - following: * The log bucket is stored in the same project where the logs - originated. * The logs were routed to a project, and then that project - stored those logs in a log bucket that it owns. - operationId: clouderrorreporting.projects.events.report + Replace the data for the specified group. Fails if the group does not + exist. + operationId: clouderrorreporting.projects.groups.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/ReportedErrorEvent' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ReportErrorEventResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/events: - parameters: *ref_1 - delete: - description: Deletes all error events of a given project. - operationId: clouderrorreporting.projects.locations.deleteEvents - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/DeleteEventsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - get: - description: Lists the specified events. - operationId: clouderrorreporting.projects.locations.events.list + $ref: '#/components/schemas/ErrorGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -929,7 +964,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListEventsResponse' + $ref: '#/components/schemas/ErrorGroup' parameters: - in: path name: projectsId @@ -937,44 +972,13 @@ paths: schema: type: string - in: path - name: locationsId + name: groupsId required: true schema: type: string - - in: query - name: groupId - schema: - type: string - - in: query - name: serviceFilter.service - schema: - type: string - - in: query - name: serviceFilter.version - schema: - type: string - - in: query - name: serviceFilter.resourceType - schema: - type: string - - in: query - name: timeRange.period - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/groups/{groupsId}: - parameters: *ref_1 get: description: Get the specified group. - operationId: clouderrorreporting.projects.locations.groups.get + operationId: clouderrorreporting.projects.groups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -993,26 +997,34 @@ paths: required: true schema: type: string - - in: path - name: locationsId - required: true - schema: - type: string - in: path name: groupsId required: true schema: type: string - put: + /v1beta1/projects/{projectsId}/events:report: + parameters: *ref_1 + post: description: >- - Replace the data for the specified group. Fails if the group does not - exist. - operationId: clouderrorreporting.projects.locations.groups.update + Report an individual error event and record the event to a log. This + endpoint accepts **either** an OAuth token, **or** an [API + key](https://support.google.com/cloud/answer/6158862) for + authentication. To use an API key, append it to the URL as the value of + a `key` parameter. For example: `POST + https://clouderrorreporting.googleapis.com/v1beta1/{projectName}/events:report?key=123ABC456` + **Note:** [Error Reporting] (https://cloud.google.com/error-reporting) + is a service built on Cloud Logging and can analyze log entries when all + of the following are true: * Customer-managed encryption keys (CMEK) are + disabled on the log bucket. * The log bucket satisfies one of the + following: * The log bucket is stored in the same project where the logs + originated. * The logs were routed to a project, and then that project + stored those logs in a log bucket that it owns. + operationId: clouderrorreporting.projects.events.report requestBody: content: application/json: schema: - $ref: '#/components/schemas/ErrorGroup' + $ref: '#/components/schemas/ReportedErrorEvent' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1024,28 +1036,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ErrorGroup' + $ref: '#/components/schemas/ReportErrorEventResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: groupsId - required: true - schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/groupStats: + /v1beta1/projects/{projectsId}/groupStats: parameters: *ref_1 get: description: Lists the specified groups. - operationId: clouderrorreporting.projects.locations.groupStats.list + operationId: clouderrorreporting.projects.groupStats.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1064,25 +1066,26 @@ paths: required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: alignmentTime schema: type: string + format: google-datetime - in: query - name: groupId + name: timedCountDuration schema: type: string + format: google-duration - in: query - name: serviceFilter.service + name: serviceFilter.resourceType schema: type: string - in: query - name: serviceFilter.version + name: groupId schema: type: string - in: query - name: serviceFilter.resourceType + name: alignment schema: type: string - in: query @@ -1090,19 +1093,17 @@ paths: schema: type: string - in: query - name: timedCountDuration + name: pageToken schema: type: string - format: google-duration - in: query - name: alignment + name: serviceFilter.version schema: type: string - in: query - name: alignmentTime + name: serviceFilter.service schema: type: string - format: google-datetime - in: query name: order schema: @@ -1112,7 +1113,3 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/cloudfunctions.yaml b/providers/src/googleapis.com/v00.00.00000/services/cloudfunctions.yaml index b43cf37b..f704117f 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/cloudfunctions.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/cloudfunctions.yaml @@ -7,8 +7,8 @@ info: title: Cloud Functions API description: Manages lightweight user-provided functions executed in response to events. version: v2 - x-discovery-doc-revision: '20250814' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251204' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/functions servers: @@ -34,306 +34,616 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + OperationMetadataV1: type: object + description: Metadata describing an Operation properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + type: + enum: + - OPERATION_UNSPECIFIED + - CREATE_FUNCTION + - UPDATE_FUNCTION + - DELETE_FUNCTION + enumDescriptions: + - Unknown operation type. + - Triggered by CreateFunction call + - Triggered by UpdateFunction call + - Triggered by DeleteFunction call. + description: Type of operation. type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: + sourceToken: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + An identifier for Firebase function sources. Disclaimer: This field + is only supported for Firebase function deployments. type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. + request: type: object + description: The original request that started the operation. additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - done: + updateTime: + description: The last update timestamp of the operation. + type: string + format: google-datetime + target: description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + Target of the operation - for example + `projects/project-1/locations/region-1/functions/function-1` + type: string + versionId: + type: string + format: int64 description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + Version id of the function created or updated by an API call. This + field is only populated for Create and Update operations. + buildId: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status + The Cloud Build ID of the function created or updated by an API + call. This field is only populated for Create and Update operations. + type: string + buildName: + type: string + description: >- + The Cloud Build Name of the function deployment. This field is only + populated for Create and Update operations. + `projects//locations//builds/`. + id: OperationMetadataV1 + Runtime: + properties: + stage: + description: The stage of life this runtime is in, e.g., BETA, GA, etc. + enumDescriptions: + - Not specified. + - The runtime is in development. + - The runtime is in the Alpha stage. + - The runtime is in the Beta stage. + - The runtime is generally available. + - The runtime is deprecated. + - The runtime is no longer supported. + enum: + - RUNTIME_STAGE_UNSPECIFIED + - DEVELOPMENT + - ALPHA + - BETA + - GA + - DEPRECATED + - DECOMMISSIONED + type: string + displayName: + type: string + description: The user facing name, eg 'Go 1.13', 'Node.js 12', etc. + decommissionDate: + description: Decommission date for the runtime. + $ref: '#/components/schemas/Date' + name: + description: The name of the runtime, e.g., 'go113', 'nodejs12', etc. + type: string + warnings: + description: Warning messages, e.g., a deprecation warning. + items: + type: string + type: array + deprecationDate: + $ref: '#/components/schemas/Date' + description: Deprecation date for the runtime. + environment: + enum: + - ENVIRONMENT_UNSPECIFIED + - GEN_1 + - GEN_2 + enumDescriptions: + - Unspecified + - Gen 1 + - Gen 2 + type: string + description: The environment for the runtime. + type: object description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + Describes a runtime and any special information (e.g., deprecation + status) related to it. + id: Runtime + EventFilter: + description: Filters events based on exact matches on the CloudEvents attributes. type: object + id: EventFilter properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + value: + type: string + description: Required. The value for the attribute. + attribute: + type: string + description: Required. The name of a CloudEvents attribute. + operator: + type: string description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + Optional. The operator used for matching the events with the value + of the filter. If not specified, only events that have an exact + key-value pair specified in the filter are matched. The only allowed + value is `match-path-pattern`. + GenerateUploadUrlResponse: + properties: + uploadUrl: type: string - details: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. + The generated Google Cloud Storage signed URL that should be used + for a function source code upload. The uploaded file should be a zip + archive which contains a function. + storageSource: + $ref: '#/components/schemas/StorageSource' + description: >- + The location of the source code in the upload bucket. Once the + archive is uploaded using the `upload_url` use this field to set the + `function.build_config.source.storage_source` during CreateFunction + and UpdateFunction. Generation defaults to 0, as Cloud Storage + provides a new generation only upon uploading a new object or + version of an object. + id: GenerateUploadUrlResponse + type: object + description: Response of `GenerateSourceUploadUrl` method. + EventTrigger: + description: >- + Describes EventTrigger, used to request events to be sent from another + service. + id: EventTrigger type: object properties: - policy: + eventFilters: + description: Criteria used to filter events. + type: array + items: + $ref: '#/components/schemas/EventFilter' + trigger: + type: string description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: + Output only. The resource name of the Eventarc trigger. The format + of this field is + `projects/{project}/locations/{region}/triggers/{trigger}`. + readOnly: true + eventType: + type: string description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` + Required. The type of event to observe. For example: + `google.cloud.audit.log.v1.written` or + `google.cloud.pubsub.topic.v1.messagePublished`. + triggerRegion: type: string - format: google-fieldmask - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + description: >- + The region that the trigger will be in. The trigger will only + receive events originating in this region. It can be the same region + as the function, a different region or multi-region, or the global + region. If not provided, defaults to the same region as the + function. + pubsubTopic: + description: >- + Optional. The name of a Pub/Sub topic in the same project that will + be used as the transport topic for the event delivery. Format: + `projects/{project}/topics/{topic}`. This is only valid for events + of type `google.cloud.pubsub.topic.v1.messagePublished`. The topic + provided here will not be deleted at function deletion. + type: string + retryPolicy: + description: >- + Optional. If unset, then defaults to ignoring failures (i.e. not + retrying them). + enumDescriptions: + - Not specified. + - Do not retry. + - >- + Retry on any failure, retry up to 7 days with an exponential + backoff (capped at 10 seconds). + type: string + enum: + - RETRY_POLICY_UNSPECIFIED + - RETRY_POLICY_DO_NOT_RETRY + - RETRY_POLICY_RETRY + channel: + description: >- + Optional. The name of the channel associated with the trigger in + `projects/{project}/locations/{location}/channels/{channel}` format. + You must provide a channel to receive events from Eventarc SaaS + partners. + type: string + serviceAccountEmail: + type: string + description: >- + Optional. The email of the trigger's service account. The service + account must have permission to invoke Cloud Run services, the + permission is `run.routes.invoke`. If empty, defaults to the Compute + Engine default service account: + `{project_number}-compute@developer.gserviceaccount.com`. + service: + type: string + description: >- + Optional. The hostname of the service that 1st Gen function should + be observed. If no string is provided, the default service + implementing the API will be used. For example, + `storage.googleapis.com` is the default for all event types in the + `google.storage` namespace. The field is only applicable to 1st Gen + functions. + AuditLogConfig: + properties: + logType: + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + type: string + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + description: The log type that this config enables. + exemptedMembers: + items: + type: string + description: >- + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + type: array + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + id: AuditLogConfig + type: object + ListLocationsResponse: + description: The response message for Locations.ListLocations. + properties: + nextPageToken: + description: The standard List next-page token. + type: string + locations: + type: array + items: + $ref: '#/components/schemas/Location' + description: >- + A list of locations that matches the specified filter in the + request. + id: ListLocationsResponse + type: object + ServiceConfig: + type: object + properties: + availableMemory: + type: string + description: >- + The amount of memory available for a function. Defaults to 256M. + Supported units are k, M, G, Mi, Gi. If no unit is supplied the + value is interpreted as bytes. See + https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go + a full description. + serviceAccountEmail: + description: >- + The email of the service's service account. If empty, defaults to + `{project_number}-compute@developer.gserviceaccount.com`. + type: string + ingressSettings: + description: >- + The ingress settings for the function, controlling what traffic can + reach it. + enumDescriptions: + - Unspecified. + - Allow HTTP traffic from public and private sources. + - Allow HTTP traffic from only private VPC sources. + - Allow HTTP traffic from private VPC sources and through GCLB. + type: string + enum: + - INGRESS_SETTINGS_UNSPECIFIED + - ALLOW_ALL + - ALLOW_INTERNAL_ONLY + - ALLOW_INTERNAL_AND_GCLB + vpcConnectorEgressSettings: + enumDescriptions: + - Unspecified. + - >- + Use the VPC Access Connector only for private IP space from + RFC1918. + - >- + Force the use of VPC Access Connector for all egress traffic from + the function. + description: >- + The egress settings for the connector, controlling what traffic is + diverted through it. + enum: + - VPC_CONNECTOR_EGRESS_SETTINGS_UNSPECIFIED + - PRIVATE_RANGES_ONLY + - ALL_TRAFFIC + type: string + securityLevel: + description: >- + Security level configure whether the function only accepts https. + This configuration is only applicable to 1st Gen functions with Http + trigger. By default https is optional for 1st Gen functions; 2nd Gen + functions are https ONLY. + enum: + - SECURITY_LEVEL_UNSPECIFIED + - SECURE_ALWAYS + - SECURE_OPTIONAL + enumDescriptions: + - Unspecified. + - >- + Requests for a URL that match this handler that do not use HTTPS + are automatically redirected to the HTTPS URL with the same path. + Query parameters are reserved for the redirect. + - >- + Both HTTP and HTTPS requests with URLs that match the handler + succeed without redirects. The application can examine the request + to determine which protocol was used and respond accordingly. + type: string + secretEnvironmentVariables: + type: array + description: Secret environment variables configuration. + items: + $ref: '#/components/schemas/SecretEnvVar' + maxInstanceCount: + format: int32 + type: integer + description: >- + The limit on the maximum number of function instances that may + coexist at a given time. In some cases, such as rapid traffic + surges, Cloud Functions may, for a short period of time, create more + instances than the specified max instances limit. If your function + cannot tolerate this temporary behavior, you may want to factor in a + safety margin and set a lower max instances value than your function + can tolerate. See the [Max + Instances](https://cloud.google.com/functions/docs/max-instances) + Guide for more details. + environmentVariables: + type: object + description: >- + Environment variables that shall be available during function + execution. + additionalProperties: + type: string + allTrafficOnLatestRevision: + type: boolean + description: >- + Whether 100% of traffic is routed to the latest revision. On + CreateFunction and UpdateFunction, when set to true, the revision + being deployed will serve 100% of traffic, ignoring any traffic + split settings, if any. On GetFunction, true will be returned if the + latest revision is serving 100% of traffic. + maxInstanceRequestConcurrency: + type: integer + format: int32 + description: >- + Sets the maximum number of concurrent requests that each instance + can receive. Defaults to 1. + uri: + description: Output only. URI of the Service deployed. + type: string + readOnly: true + revision: + readOnly: true + description: Output only. The name of service revision. + type: string + service: + readOnly: true + type: string + description: >- + Output only. Name of the service associated with a Function. The + format of this field is + `projects/{project}/locations/{region}/services/{service}` + minInstanceCount: + type: integer + description: >- + The limit on the minimum number of function instances that may + coexist at a given time. Function instances are kept in idle state + for a short period after they finished executing the request to + reduce cold start time for subsequent requests. Setting a minimum + instance count will ensure that the given number of instances are + kept running in idle state always. This can help with cold start + times when jump in incoming request count occurs after the idle + instance would have been stopped in the default case. + format: int32 + vpcConnector: + description: >- + The Serverless VPC Access connector that this cloud function can + connect to. The format of this field is + `projects/*/locations/*/connectors/*`. + type: string + availableCpu: + description: >- + The number of CPUs used in a single container instance. Default + value is calculated from available memory. Supports the same values + as Cloud Run, see + https://cloud.google.com/run/docs/reference/rest/v1/Container#resourcerequirements + Example: "1" indicates 1 vCPU + type: string + binaryAuthorizationPolicy: + description: >- + Optional. The binary authorization policy to be checked when + deploying the Cloud Run service. + type: string + timeoutSeconds: + description: >- + The function execution timeout. Execution is considered failed and + can be terminated if the function is not completed at the end of the + timeout period. Defaults to 60 seconds. + format: int32 + type: integer + secretVolumes: + items: + $ref: '#/components/schemas/SecretVolume' + description: Secret volumes configuration. + type: array + description: >- + Describes the Service being deployed. Currently Supported : Cloud Run + (fully managed). + id: ServiceConfig + UpgradeInfo: + description: >- + Information related to: * A function's eligibility for 1st Gen to 2nd + Gen migration. * Current state of migration for function undergoing + migration. + id: UpgradeInfo + properties: + buildConfig: + description: >- + Describes the Build step of the function that builds a container to + prepare for 2nd gen upgrade. + $ref: '#/components/schemas/BuildConfig' + serviceConfig: + description: >- + Describes the Cloud Run service which has been setup to prepare for + 2nd gen upgrade. + $ref: '#/components/schemas/ServiceConfig' + eventTrigger: + $ref: '#/components/schemas/EventTrigger' + description: >- + Describes the Event trigger which has been setup to prepare for 2nd + gen upgrade. + upgradeState: + enum: + - UPGRADE_STATE_UNSPECIFIED + - ELIGIBLE_FOR_2ND_GEN_UPGRADE + - INELIGIBLE_FOR_UPGRADE_UNTIL_REDEPLOYMENT + - UPGRADE_OPERATION_IN_PROGRESS + - SETUP_FUNCTION_UPGRADE_CONFIG_SUCCESSFUL + - SETUP_FUNCTION_UPGRADE_CONFIG_ERROR + - ABORT_FUNCTION_UPGRADE_ERROR + - REDIRECT_FUNCTION_UPGRADE_TRAFFIC_SUCCESSFUL + - REDIRECT_FUNCTION_UPGRADE_TRAFFIC_ERROR + - ROLLBACK_FUNCTION_UPGRADE_TRAFFIC_ERROR + - COMMIT_FUNCTION_UPGRADE_ERROR + - COMMIT_FUNCTION_UPGRADE_ERROR_ROLLBACK_SAFE + enumDescriptions: + - Unspecified state. Most functions are in this upgrade state. + - Functions in this state are eligible for 1st Gen upgrade. + - >- + Functions in this state are ineligible for 1st Gen upgrade until + redeployment with newer runtime. + - An upgrade related operation is in progress. + - >- + SetupFunctionUpgradeConfig API was successful and a 2nd Gen + function has been created based on 1st Gen function instance. + - SetupFunctionUpgradeConfig API was un-successful. + - AbortFunctionUpgrade API was un-successful. + - >- + RedirectFunctionUpgradeTraffic API was successful and traffic is + served by 2nd Gen function stack. + - RedirectFunctionUpgradeTraffic API was un-successful. + - RollbackFunctionUpgradeTraffic API was un-successful. + - >- + CommitFunctionUpgrade API was un-successful and 1st gen function + might have broken. + - >- + CommitFunctionUpgrade API was un-successful but safe to rollback + traffic or abort. + type: string + description: UpgradeState of the function + type: object + SecretVersion: + id: SecretVersion + description: Configuration for a single version. + type: object + properties: + version: + description: >- + Version of the secret (version number or the string 'latest'). It is + preferable to use `latest` version with secret volumes as secret + value changes are reflected immediately. + type: string + path: + type: string + description: >- + Relative path of the file under the mount path where the secret + value for this version will be fetched and made available. For + example, setting the mount_path as '/etc/secrets' and path as + `secret_foo` would mount the secret value file at + `/etc/secrets/secret_foo`. + RedirectFunctionUpgradeTrafficRequest: type: object + id: RedirectFunctionUpgradeTrafficRequest + description: Request for the `RedirectFunctionUpgradeTraffic` method. + properties: {} + SourceProvenance: + id: SourceProvenance properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + resolvedRepoSource: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. - type: array - items: - $ref: '#/components/schemas/AuditConfig' - etag: + A copy of the build's `source.repo_source`, if exists, with any + revisions resolved. + $ref: '#/components/schemas/RepoSource' + gitUri: description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + A copy of the build's `source.git_uri`, if exists, with any commits + resolved. type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + resolvedStorageSource: + description: >- + A copy of the build's `source.storage_source`, if exists, with any + generations resolved. + $ref: '#/components/schemas/StorageSource' + description: >- + Provenance of the source. Ways to find the original source, or verify + that some source was used for this build. + type: object + RepoSource: + id: RepoSource type: object properties: - role: + tagName: description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + Regex matching tags to build. The syntax of the regular expressions + accepted is the syntax accepted by RE2 and described at + https://github.com/google/re2/wiki/Syntax type: string - members: + repoName: + description: Name of the Cloud Source Repository. + type: string + dir: description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: + Directory, relative to the source root, in which to run the build. + This must be a relative path. If a step's `dir` is specified and is + an absolute path, this value is ignored for that step's execution. + eg. helloworld (no leading slash allowed) + type: string + commitSha: + description: Explicit commit SHA to build. + type: string + branchName: + type: string description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' + Regex matching branches to build. The syntax of the regular + expressions accepted is the syntax accepted by RE2 and described at + https://github.com/google/re2/wiki/Syntax + projectId: + type: string + description: >- + ID of the project that owns the Cloud Source Repository. If omitted, + the project ID requesting the build is assumed. + description: Location of the source in a Google Cloud Source Repository. Expr: id: Expr + properties: + location: + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: string + description: + type: string + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + title: + type: string + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + expression: + type: string + description: >- + Textual representation of an expression in Common Expression + Language syntax. + type: object description: >- Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of @@ -351,153 +661,195 @@ components: string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. + Operation: type: object + description: >- + This resource represents a long-running operation that is the result of + a network API call. + properties: + error: + $ref: '#/components/schemas/Status' + description: >- + The error result of the operation in case of failure or + cancellation. + name: + type: string + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + metadata: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + response: + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + id: Operation + Location: properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. + name: type: string - title: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' type: string - description: + labels: + additionalProperties: + type: string description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + type: object + metadata: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + Service-specific metadata. For example the available capacity at the + given location. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + displayName: type: string - AuditConfig: - id: AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + id: Location type: object + description: A resource that represents a Google Cloud location. + ListRuntimesResponse: + description: Response for the `ListRuntimes` method. properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array + runtimes: items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. + $ref: '#/components/schemas/Runtime' + type: array + description: The runtimes that match the request. type: object + id: ListRuntimesResponse + GenerateUploadUrlRequest: properties: - logType: - description: The log type that this config enables. + kmsKeyName: + description: >- + Resource name of a KMS crypto key (managed by the user) used to + encrypt/decrypt function source code objects in intermediate Cloud + Storage buckets. When you generate an upload url and upload your + source code, it gets copied to an intermediate Cloud Storage bucket. + The source code is then copied to a versioned directory in the + sources bucket in the consumer project during the function + deployment. It must match the pattern + `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. + The Google Cloud Functions service account + (service-{project_number}@gcf-admin-robot.iam.gserviceaccount.com) + must be granted the role 'Cloud KMS CryptoKey Encrypter/Decrypter + (roles/cloudkms.cryptoKeyEncrypterDecrypter)' on the + Key/KeyRing/Project/Organization (least access preferred). + type: string + environment: type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: + - ENVIRONMENT_UNSPECIFIED + - GEN_1 + - GEN_2 + enumDescriptions: + - Unspecified + - Gen 1 + - Gen 2 description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: - type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. + The function environment the generated upload url will be used for. + The upload url for 2nd Gen functions can also be used for 1st gen + functions, but not vice versa. If not specified, 2nd + generation-style upload URLs are generated. + description: Request of `GenerateSourceUploadUrl` method. + id: GenerateUploadUrlRequest type: object + SetIamPolicyRequest: + description: Request message for `SetIamPolicy` method. + id: SetIamPolicyRequest properties: - permissions: + updateMask: + format: google-fieldmask + type: string description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object - properties: - permissions: + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + policy: description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' + type: object Function: - id: Function - description: >- - Describes a Cloud Function that contains user computation executed in - response to an event. It encapsulates function and trigger - configurations. type: object properties: - name: - description: >- - A user-defined name of the function. Function names must be unique - globally and match pattern `projects/*/locations/*/functions/*` + upgradeInfo: + description: Output only. UpgradeInfo for this Cloud Function + $ref: '#/components/schemas/UpgradeInfo' + readOnly: true + createTime: type: string + readOnly: true + format: google-datetime + description: >- + Output only. The create timestamp of a Cloud Function. This is only + applicable to 2nd Gen functions. description: + type: string description: User-provided description of a function. + stateMessages: + description: Output only. State Messages for this Cloud Function. + items: + $ref: '#/components/schemas/GoogleCloudFunctionsV2StateMessage' + readOnly: true + type: array + url: type: string - buildConfig: - description: >- - Describes the Build step of the function that builds a container - from the given source. - $ref: '#/components/schemas/BuildConfig' - serviceConfig: - description: >- - Describes the Service being deployed. Currently deploys services to - Cloud Run (fully managed). - $ref: '#/components/schemas/ServiceConfig' - eventTrigger: - description: >- - An Eventarc trigger managed by Google Cloud Functions that fires - events in response to a condition in another service. - $ref: '#/components/schemas/EventTrigger' + description: Output only. The deployed url for the function. + readOnly: true state: - description: Output only. State of the function. readOnly: true - type: string + description: Output only. State of the function. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - FAILED + - DEPLOYING + - DELETING + - UNKNOWN + - DETACHING + - DETACH_FAILED enumDescriptions: - Not specified. Invalid state. - Function has been successfully deployed and is serving. @@ -510,922 +862,708 @@ components: out of this state. - Function is being detached. - Function detach failed and the function is still serving. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - FAILED - - DEPLOYING - - DELETING - - UNKNOWN - - DETACHING - - DETACH_FAILED + type: string + eventTrigger: + description: >- + An Eventarc trigger managed by Google Cloud Functions that fires + events in response to a condition in another service. + $ref: '#/components/schemas/EventTrigger' + satisfiesPzs: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + name: + type: string + description: >- + A user-defined name of the function. Function names must be unique + globally and match pattern `projects/*/locations/*/functions/*` updateTime: + type: string description: Output only. The last update timestamp of a Cloud Function. readOnly: true - type: string format: google-datetime - labels: - description: Labels associated with this Cloud Function. - type: object - additionalProperties: - type: string - stateMessages: - description: Output only. State Messages for this Cloud Function. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudFunctionsV2StateMessage' environment: - description: Describe whether the function is 1st Gen or 2nd Gen. - type: string enumDescriptions: - Unspecified - Gen 1 - Gen 2 + description: Describe whether the function is 1st Gen or 2nd Gen. enum: - ENVIRONMENT_UNSPECIFIED - GEN_1 - GEN_2 - upgradeInfo: - description: Output only. UpgradeInfo for this Cloud Function - readOnly: true - $ref: '#/components/schemas/UpgradeInfo' - url: - description: Output only. The deployed url for the function. - readOnly: true type: string + serviceConfig: + description: >- + Describes the Service being deployed. Currently deploys services to + Cloud Run (fully managed). + $ref: '#/components/schemas/ServiceConfig' + labels: + description: Labels associated with this Cloud Function. + type: object + additionalProperties: + type: string + buildConfig: + $ref: '#/components/schemas/BuildConfig' + description: >- + Describes the Build step of the function that builds a container + from the given source. kmsKeyName: + type: string description: >- Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. - type: string - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - createTime: - description: >- - Output only. The create timestamp of a Cloud Function. This is only - applicable to 2nd Gen functions. - readOnly: true - type: string - format: google-datetime satisfiesPzi: - description: Output only. Reserved for future use. readOnly: true type: boolean - BuildConfig: - id: BuildConfig + description: Output only. Reserved for future use. description: >- - Describes the Build step of the function that builds a container from - the given source. + Describes a Cloud Function that contains user computation executed in + response to an event. It encapsulates function and trigger + configurations. + id: Function + DetachFunctionRequest: + type: object + properties: {} + id: DetachFunctionRequest + description: Request for the `DetachFunction` method. + RollbackFunctionUpgradeTrafficRequest: + id: RollbackFunctionUpgradeTrafficRequest + properties: {} + description: Request for the `RollbackFunctionUpgradeTraffic` method. + type: object + Binding: + id: Binding type: object properties: - automaticUpdatePolicy: - $ref: '#/components/schemas/AutomaticUpdatePolicy' - onDeployUpdatePolicy: - $ref: '#/components/schemas/OnDeployUpdatePolicy' - build: - description: >- - Output only. The Cloud Build name of the latest successful - deployment of the function. - readOnly: true - type: string - runtime: - description: >- - The runtime in which to run the function. Required when deploying a - new function, optional when updating an existing function. For a - complete list of possible choices, see the [`gcloud` command - reference](https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--runtime). + role: type: string - entryPoint: description: >- - The name of the function (as defined in source code) that will be - executed. Defaults to the resource name suffix, if not specified. - For backward compatibility, if function with given name is not - found, then the system will try to use function named "function". - For Node.js this is name of a function exported by the module - specified in `source_location`. - type: string - source: - description: The location of the function source code. - $ref: '#/components/schemas/Source' - sourceProvenance: - description: Output only. A permanent fixed identifier for source. - readOnly: true - $ref: '#/components/schemas/SourceProvenance' - workerPool: + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + members: description: >- - Name of the Cloud Build Custom Worker Pool that should be used to - build the function. The format of this field is - `projects/{project}/locations/{region}/workerPools/{workerPool}` - where {project} and {region} are the project id and region - respectively where the worker pool is defined and {workerPool} is - the short name of the worker pool. If the project id is not the same - as the function, then the Cloud Functions Service Agent - (service-@gcf-admin-robot.iam.gserviceaccount.com) must be granted - the role Cloud Build Custom Workers Builder - (roles/cloudbuild.customworkers.builder) in the project. - type: string - environmentVariables: - description: User-provided build-time environment variables for the function - type: object - additionalProperties: + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + type: array + items: type: string - dockerRegistry: - description: >- - Docker Registry to use for this deployment. This configuration is - only applicable to 1st Gen functions, 2nd Gen functions can only use - Artifact Registry. Deprecated: as of March 2025, - `CONTAINER_REGISTRY` option is no longer available in response to - Container Registry's deprecation: - https://cloud.google.com/artifact-registry/docs/transition/transition-from-gcr - Please use Artifact Registry instead, which is the default choice. - If unspecified, it defaults to `ARTIFACT_REGISTRY`. If - `docker_repository` field is specified, this field should either be - left unspecified or set to `ARTIFACT_REGISTRY`. - deprecated: true - type: string - enumDescriptions: - - Unspecified. - - >- - Docker images will be stored in multi-regional Container Registry - repositories named `gcf`. - - >- - Docker images will be stored in regional Artifact Registry - repositories. By default, GCF will create and use repositories - named `gcf-artifacts` in every region in which a function is - deployed. But the repository to use can also be specified by the - user using the `docker_repository` field. - enum: - - DOCKER_REGISTRY_UNSPECIFIED - - CONTAINER_REGISTRY - - ARTIFACT_REGISTRY - dockerRepository: - description: >- - Repository in Artifact Registry to which the function docker image - will be pushed after it is built by Cloud Build. If specified by - user, it is created and managed by user with a customer managed - encryption key. Otherwise, GCF will create and use a repository - named 'gcf-artifacts' for every deployed region. It must match the - pattern - `projects/{project}/locations/{location}/repositories/{repository}`. - Repository format must be 'DOCKER'. - type: string - serviceAccount: - description: >- - Service account to be used for building the container. The format of - this field is - `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. - type: string - sourceToken: + condition: + $ref: '#/components/schemas/Expr' description: >- - An identifier for Firebase function sources. Disclaimer: This field - is only supported for Firebase function deployments. - type: string - AutomaticUpdatePolicy: - id: AutomaticUpdatePolicy - description: >- - Security patches are applied automatically to the runtime without - requiring the function to be redeployed. - type: object - properties: {} - OnDeployUpdatePolicy: - id: OnDeployUpdatePolicy - description: Security patches are only applied when a function is redeployed. + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + description: Associates `members`, or principals, with a `role`. + GoogleCloudFunctionsV2LocationMetadata: + id: GoogleCloudFunctionsV2LocationMetadata type: object + description: Extra GCF specific location information. properties: - runtimeVersion: - description: >- - Output only. contains the runtime version which was used during - latest function deployment. - readOnly: true - type: string - Source: - id: Source - description: The location of the function source code. - type: object + environments: + items: + enum: + - ENVIRONMENT_UNSPECIFIED + - GEN_1 + - GEN_2 + type: string + enumDescriptions: + - Unspecified + - Gen 1 + - Gen 2 + description: The Cloud Function environments this location supports. + type: array + SecretVolume: properties: - storageSource: - description: >- - If provided, get the source from this location in Google Cloud - Storage. - $ref: '#/components/schemas/StorageSource' - repoSource: - description: >- - If provided, get the source from this location in a Cloud Source - Repository. - $ref: '#/components/schemas/RepoSource' - gitUri: - description: >- - If provided, get the source from GitHub repository. This option is - valid only for GCF 1st Gen function. Example: - https://github.com///blob// + secret: + description: Name of the secret in secret manager (not the full resource name). type: string - StorageSource: - id: StorageSource - description: Location of the source in an archive file in Google Cloud Storage. - type: object - properties: - bucket: - description: >- - Google Cloud Storage bucket containing the source (see [Bucket Name - Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). + mountPath: type: string - object: description: >- - Google Cloud Storage object containing the source. This object must - be a gzipped archive file (`.tar.gz`) containing source to build. + The path within the container to mount the secret volume. For + example, setting the mount_path as `/etc/secrets` would mount the + secret value files under the `/etc/secrets` directory. This + directory will also be completely shadowed and unavailable to mount + any other secrets. Recommended mount path: /etc/secrets + projectId: type: string - generation: description: >- - Google Cloud Storage generation for the object. If the generation is - omitted, the latest generation will be used. - type: string - format: int64 - sourceUploadUrl: + Project identifier (preferably project number but can also be the + project ID) of the project that contains the secret. If not set, it + is assumed that the secret is in the same project as the function. + versions: description: >- - When the specified storage bucket is a 1st gen function uploard url - bucket, this field should be set as the generated upload url for 1st - gen deployment. - type: string - RepoSource: - id: RepoSource - description: Location of the source in a Google Cloud Source Repository. + List of secret versions to mount for this secret. If empty, the + `latest` version of the secret will be made available in a file + named after the secret under the mount point. + items: + $ref: '#/components/schemas/SecretVersion' + type: array + id: SecretVolume type: object - properties: - branchName: - description: >- - Regex matching branches to build. The syntax of the regular - expressions accepted is the syntax accepted by RE2 and described at - https://github.com/google/re2/wiki/Syntax - type: string - tagName: - description: >- - Regex matching tags to build. The syntax of the regular expressions - accepted is the syntax accepted by RE2 and described at - https://github.com/google/re2/wiki/Syntax - type: string - commitSha: - description: Explicit commit SHA to build. - type: string - projectId: - description: >- - ID of the project that owns the Cloud Source Repository. If omitted, - the project ID requesting the build is assumed. - type: string - repoName: - description: Name of the Cloud Source Repository. - type: string - dir: - description: >- - Directory, relative to the source root, in which to run the build. - This must be a relative path. If a step's `dir` is specified and is - an absolute path, this value is ignored for that step's execution. - eg. helloworld (no leading slash allowed) - type: string - SourceProvenance: - id: SourceProvenance description: >- - Provenance of the source. Ways to find the original source, or verify - that some source was used for this build. - type: object + Configuration for a secret volume. It has the information necessary to + fetch the secret value from secret manager and make it available as + files mounted at the requested paths within the application container. + GenerateDownloadUrlResponse: properties: - resolvedStorageSource: - description: >- - A copy of the build's `source.storage_source`, if exists, with any - generations resolved. - $ref: '#/components/schemas/StorageSource' - resolvedRepoSource: - description: >- - A copy of the build's `source.repo_source`, if exists, with any - revisions resolved. - $ref: '#/components/schemas/RepoSource' - gitUri: + downloadUrl: description: >- - A copy of the build's `source.git_uri`, if exists, with any commits - resolved. + The generated Google Cloud Storage signed URL that should be used + for function source code download. type: string - ServiceConfig: - id: ServiceConfig - description: >- - Describes the Service being deployed. Currently Supported : Cloud Run - (fully managed). + type: object + description: Response of `GenerateDownloadUrl` method. + id: GenerateDownloadUrlResponse + TestIamPermissionsResponse: + description: Response message for `TestIamPermissions` method. type: object properties: - service: - description: >- - Output only. Name of the service associated with a Function. The - format of this field is - `projects/{project}/locations/{region}/services/{service}` - readOnly: true - type: string - timeoutSeconds: - description: >- - The function execution timeout. Execution is considered failed and - can be terminated if the function is not completed at the end of the - timeout period. Defaults to 60 seconds. - type: integer - format: int32 - availableMemory: - description: >- - The amount of memory available for a function. Defaults to 256M. - Supported units are k, M, G, Mi, Gi. If no unit is supplied the - value is interpreted as bytes. See - https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go - a full description. - type: string - availableCpu: - description: >- - The number of CPUs used in a single container instance. Default - value is calculated from available memory. Supports the same values - as Cloud Run, see - https://cloud.google.com/run/docs/reference/rest/v1/Container#resourcerequirements - Example: "1" indicates 1 vCPU - type: string - environmentVariables: - description: >- - Environment variables that shall be available during function - execution. - type: object - additionalProperties: + permissions: + items: type: string - maxInstanceCount: - description: >- - The limit on the maximum number of function instances that may - coexist at a given time. In some cases, such as rapid traffic - surges, Cloud Functions may, for a short period of time, create more - instances than the specified max instances limit. If your function - cannot tolerate this temporary behavior, you may want to factor in a - safety margin and set a lower max instances value than your function - can tolerate. See the [Max - Instances](https://cloud.google.com/functions/docs/max-instances) - Guide for more details. - type: integer - format: int32 - minInstanceCount: - description: >- - The limit on the minimum number of function instances that may - coexist at a given time. Function instances are kept in idle state - for a short period after they finished executing the request to - reduce cold start time for subsequent requests. Setting a minimum - instance count will ensure that the given number of instances are - kept running in idle state always. This can help with cold start - times when jump in incoming request count occurs after the idle - instance would have been stopped in the default case. - type: integer - format: int32 - vpcConnector: - description: >- - The Serverless VPC Access connector that this cloud function can - connect to. The format of this field is - `projects/*/locations/*/connectors/*`. - type: string - vpcConnectorEgressSettings: - description: >- - The egress settings for the connector, controlling what traffic is - diverted through it. - type: string - enumDescriptions: - - Unspecified. - - >- - Use the VPC Access Connector only for private IP space from - RFC1918. - - >- - Force the use of VPC Access Connector for all egress traffic from - the function. - enum: - - VPC_CONNECTOR_EGRESS_SETTINGS_UNSPECIFIED - - PRIVATE_RANGES_ONLY - - ALL_TRAFFIC - ingressSettings: + type: array description: >- - The ingress settings for the function, controlling what traffic can - reach it. + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + id: TestIamPermissionsResponse + GoogleCloudFunctionsV2Stage: + type: object + description: Each Stage of the deployment process + id: GoogleCloudFunctionsV2Stage + properties: + message: + type: string + description: Message describing the Stage + name: + enum: + - NAME_UNSPECIFIED + - ARTIFACT_REGISTRY + - BUILD + - SERVICE + - TRIGGER + - SERVICE_ROLLBACK + - TRIGGER_ROLLBACK type: string enumDescriptions: - - Unspecified. - - Allow HTTP traffic from public and private sources. - - Allow HTTP traffic from only private VPC sources. - - Allow HTTP traffic from private VPC sources and through GCLB. + - Not specified. Invalid name. + - Artifact Registry Stage + - Build Stage + - Service Stage + - Trigger Stage + - Service Rollback Stage + - Trigger Rollback Stage + description: Name of the Stage. This will be unique for each Stage. + stateMessages: + type: array + description: State messages from the current Stage. + items: + $ref: '#/components/schemas/GoogleCloudFunctionsV2StateMessage' + state: + description: Current state of the Stage enum: - - INGRESS_SETTINGS_UNSPECIFIED - - ALLOW_ALL - - ALLOW_INTERNAL_ONLY - - ALLOW_INTERNAL_AND_GCLB - uri: - description: Output only. URI of the Service deployed. - readOnly: true + - STATE_UNSPECIFIED + - NOT_STARTED + - IN_PROGRESS + - COMPLETE type: string - serviceAccountEmail: - description: >- - The email of the service's service account. If empty, defaults to - `{project_number}-compute@developer.gserviceaccount.com`. + enumDescriptions: + - Not specified. Invalid state. + - Stage has not started. + - Stage is in progress. + - Stage has completed. + resource: type: string - allTrafficOnLatestRevision: + description: Resource of the Stage + resourceUri: + type: string + description: Link to the current Stage resource + ListOperationsResponse: + description: The response message for Operations.ListOperations. + properties: + unreachable: + items: + type: string description: >- - Whether 100% of traffic is routed to the latest revision. On - CreateFunction and UpdateFunction, when set to true, the revision - being deployed will serve 100% of traffic, ignoring any traffic - split settings, if any. On GetFunction, true will be returned if the - latest revision is serving 100% of traffic. - type: boolean - secretEnvironmentVariables: - description: Secret environment variables configuration. + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + nextPageToken: + type: string + description: The standard List next-page token. + operations: type: array + description: >- + A list of operations that matches the specified filter in the + request. items: - $ref: '#/components/schemas/SecretEnvVar' - secretVolumes: - description: Secret volumes configuration. + $ref: '#/components/schemas/Operation' + type: object + id: ListOperationsResponse + TestIamPermissionsRequest: + properties: + permissions: type: array items: - $ref: '#/components/schemas/SecretVolume' - revision: - description: Output only. The name of service revision. - readOnly: true - type: string - maxInstanceRequestConcurrency: - description: >- - Sets the maximum number of concurrent requests that each instance - can receive. Defaults to 1. - type: integer - format: int32 - securityLevel: + type: string description: >- - Security level configure whether the function only accepts https. - This configuration is only applicable to 1st Gen functions with Http - trigger. By default https is optional for 1st Gen functions; 2nd Gen - functions are https ONLY. + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + id: TestIamPermissionsRequest + type: object + description: Request message for `TestIamPermissions` method. + SetupFunctionUpgradeConfigRequest: + properties: + triggerServiceAccount: type: string - enumDescriptions: - - Unspecified. - - >- - Requests for a URL that match this handler that do not use HTTPS - are automatically redirected to the HTTPS URL with the same path. - Query parameters are reserved for the redirect. - - >- - Both HTTP and HTTPS requests with URLs that match the handler - succeed without redirects. The application can examine the request - to determine which protocol was used and respond accordingly. - enum: - - SECURITY_LEVEL_UNSPECIFIED - - SECURE_ALWAYS - - SECURE_OPTIONAL - binaryAuthorizationPolicy: description: >- - Optional. The binary authorization policy to be checked when - deploying the Cloud Run service. - type: string - SecretEnvVar: - id: SecretEnvVar - description: >- - Configuration for a secret environment variable. It has the information - necessary to fetch the secret value from secret manager and expose it as - an environment variable. + Optional. The trigger's service account. The service account must + have permission to invoke Cloud Run services, the permission is + `run.routes.invoke`. If empty, defaults to the Compute Engine + default service account: + `{project_number}-compute@developer.gserviceaccount.com`. + id: SetupFunctionUpgradeConfigRequest + type: object + description: Request for the `SetupFunctionUpgradeConfig` method. + Policy: type: object + id: Policy properties: - key: - description: Name of the environment variable. - type: string - projectId: + auditConfigs: + description: Specifies cloud audit logging configuration for this policy. + items: + $ref: '#/components/schemas/AuditConfig' + type: array + bindings: + items: + $ref: '#/components/schemas/Binding' description: >- - Project identifier (preferably project number but can also be the - project ID) of the project that contains the secret. If not set, it - is assumed that the secret is in the same project as the function. - type: string - secret: - description: Name of the secret in secret manager (not the full resource name). + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + type: array + etag: type: string + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + format: byte version: + format: int32 + type: integer description: >- - Version of the secret (version number or the string 'latest'). It is - recommended to use a numeric version for secret environment - variables as any updates to the secret value is not reflected until - new instances start. - type: string - SecretVolume: - id: SecretVolume + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). description: >- - Configuration for a secret volume. It has the information necessary to - fetch the secret value from secret manager and make it available as - files mounted at the requested paths within the application container. + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + AutomaticUpdatePolicy: + type: object + id: AutomaticUpdatePolicy + properties: {} + description: >- + Security patches are applied automatically to the runtime without + requiring the function to be redeployed. + GenerateDownloadUrlRequest: + description: Request of `GenerateDownloadUrl` method. + id: GenerateDownloadUrlRequest + properties: {} type: object + Status: properties: - mountPath: - description: >- - The path within the container to mount the secret volume. For - example, setting the mount_path as `/etc/secrets` would mount the - secret value files under the `/etc/secrets` directory. This - directory will also be completely shadowed and unavailable to mount - any other secrets. Recommended mount path: /etc/secrets - type: string - projectId: + message: description: >- - Project identifier (preferably project number but can also be the - project ID) of the project that contains the secret. If not set, it - is assumed that the secret is in the same project as the function. - type: string - secret: - description: Name of the secret in secret manager (not the full resource name). + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - versions: + details: + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any description: >- - List of secret versions to mount for this secret. If empty, the - `latest` version of the secret will be made available in a file - named after the secret under the mount point. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. type: array - items: - $ref: '#/components/schemas/SecretVersion' - SecretVersion: - id: SecretVersion - description: Configuration for a single version. + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer + id: Status type: object - properties: - version: - description: >- - Version of the secret (version number or the string 'latest'). It is - preferable to use `latest` version with secret volumes as secret - value changes are reflected immediately. - type: string - path: - description: >- - Relative path of the file under the mount path where the secret - value for this version will be fetched and made available. For - example, setting the mount_path as '/etc/secrets' and path as - `secret_foo` would mount the secret value file at - `/etc/secrets/secret_foo`. - type: string - EventTrigger: - id: EventTrigger description: >- - Describes EventTrigger, used to request events to be sent from another - service. + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + BuildConfig: type: object properties: - trigger: - description: >- - Output only. The resource name of the Eventarc trigger. The format - of this field is - `projects/{project}/locations/{region}/triggers/{trigger}`. - readOnly: true - type: string - triggerRegion: - description: >- - The region that the trigger will be in. The trigger will only - receive events originating in this region. It can be the same region - as the function, a different region or multi-region, or the global - region. If not provided, defaults to the same region as the - function. - type: string - eventType: + serviceAccount: description: >- - Required. The type of event to observe. For example: - `google.cloud.audit.log.v1.written` or - `google.cloud.pubsub.topic.v1.messagePublished`. + Service account to be used for building the container. The format of + this field is + `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. type: string - eventFilters: - description: Criteria used to filter events. - type: array - items: - $ref: '#/components/schemas/EventFilter' - pubsubTopic: - description: >- - Optional. The name of a Pub/Sub topic in the same project that will - be used as the transport topic for the event delivery. Format: - `projects/{project}/topics/{topic}`. This is only valid for events - of type `google.cloud.pubsub.topic.v1.messagePublished`. The topic - provided here will not be deleted at function deletion. + sourceToken: type: string - serviceAccountEmail: description: >- - Optional. The email of the trigger's service account. The service - account must have permission to invoke Cloud Run services, the - permission is `run.routes.invoke`. If empty, defaults to the Compute - Engine default service account: - `{project_number}-compute@developer.gserviceaccount.com`. - type: string - retryPolicy: + An identifier for Firebase function sources. Disclaimer: This field + is only supported for Firebase function deployments. + onDeployUpdatePolicy: + $ref: '#/components/schemas/OnDeployUpdatePolicy' + dockerRegistry: description: >- - Optional. If unset, then defaults to ignoring failures (i.e. not - retrying them). - type: string + Docker Registry to use for this deployment. This configuration is + only applicable to 1st Gen functions, 2nd Gen functions can only use + Artifact Registry. Deprecated: as of March 2025, + `CONTAINER_REGISTRY` option is no longer available in response to + Container Registry's deprecation: + https://cloud.google.com/artifact-registry/docs/transition/transition-from-gcr + Please use Artifact Registry instead, which is the default choice. + If unspecified, it defaults to `ARTIFACT_REGISTRY`. If + `docker_repository` field is specified, this field should either be + left unspecified or set to `ARTIFACT_REGISTRY`. + deprecated: true enumDescriptions: - - Not specified. - - Do not retry. + - Unspecified. - >- - Retry on any failure, retry up to 7 days with an exponential - backoff (capped at 10 seconds). - enum: - - RETRY_POLICY_UNSPECIFIED - - RETRY_POLICY_DO_NOT_RETRY - - RETRY_POLICY_RETRY - channel: - description: >- - Optional. The name of the channel associated with the trigger in - `projects/{project}/locations/{location}/channels/{channel}` format. - You must provide a channel to receive events from Eventarc SaaS - partners. - type: string - service: - description: >- - Optional. The hostname of the service that 1st Gen function should - be observed. If no string is provided, the default service - implementing the API will be used. For example, - `storage.googleapis.com` is the default for all event types in the - `google.storage` namespace. The field is only applicable to 1st Gen - functions. - type: string - EventFilter: - id: EventFilter - description: Filters events based on exact matches on the CloudEvents attributes. - type: object - properties: - attribute: - description: Required. The name of a CloudEvents attribute. - type: string - value: - description: Required. The value for the attribute. - type: string - operator: - description: >- - Optional. The operator used for matching the events with the value - of the filter. If not specified, only events that have an exact - key-value pair specified in the filter are matched. The only allowed - value is `match-path-pattern`. - type: string - GoogleCloudFunctionsV2StateMessage: - id: GoogleCloudFunctionsV2StateMessage - description: >- - Informational messages about the state of the Cloud Function or - Operation. - type: object - properties: - severity: - description: Severity of the state message. + Docker images will be stored in multi-regional Container Registry + repositories named `gcf`. + - >- + Docker images will be stored in regional Artifact Registry + repositories. By default, GCF will create and use repositories + named `gcf-artifacts` in every region in which a function is + deployed. But the repository to use can also be specified by the + user using the `docker_repository` field. type: string - enumDescriptions: - - Not specified. Invalid severity. - - ERROR-level severity. - - WARNING-level severity. - - INFO-level severity. enum: - - SEVERITY_UNSPECIFIED - - ERROR - - WARNING - - INFO - type: - description: One-word CamelCase type of the state message. - type: string - message: - description: The message. - type: string - UpgradeInfo: - id: UpgradeInfo - description: >- - Information related to: * A function's eligibility for 1st Gen to 2nd - Gen migration. * Current state of migration for function undergoing - migration. - type: object - properties: - upgradeState: - description: UpgradeState of the function + - DOCKER_REGISTRY_UNSPECIFIED + - CONTAINER_REGISTRY + - ARTIFACT_REGISTRY + runtime: + type: string + description: >- + The runtime in which to run the function. Required when deploying a + new function, optional when updating an existing function. For a + complete list of possible choices, see the [`gcloud` command + reference](https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--runtime). + source: + description: The location of the function source code. + $ref: '#/components/schemas/Source' + build: type: string - enumDescriptions: - - Unspecified state. Most functions are in this upgrade state. - - >- - Functions in this state are eligible for 1st Gen -> 2nd Gen - upgrade. - - An upgrade related operation is in progress. - - >- - SetupFunctionUpgradeConfig API was successful and a 2nd Gen - function has been created based on 1st Gen function instance. - - SetupFunctionUpgradeConfig API was un-successful. - - AbortFunctionUpgrade API was un-successful. - - >- - RedirectFunctionUpgradeTraffic API was successful and traffic is - served by 2nd Gen function stack. - - RedirectFunctionUpgradeTraffic API was un-successful. - - RollbackFunctionUpgradeTraffic API was un-successful. - - CommitFunctionUpgrade API was un-successful. - enum: - - UPGRADE_STATE_UNSPECIFIED - - ELIGIBLE_FOR_2ND_GEN_UPGRADE - - UPGRADE_OPERATION_IN_PROGRESS - - SETUP_FUNCTION_UPGRADE_CONFIG_SUCCESSFUL - - SETUP_FUNCTION_UPGRADE_CONFIG_ERROR - - ABORT_FUNCTION_UPGRADE_ERROR - - REDIRECT_FUNCTION_UPGRADE_TRAFFIC_SUCCESSFUL - - REDIRECT_FUNCTION_UPGRADE_TRAFFIC_ERROR - - ROLLBACK_FUNCTION_UPGRADE_TRAFFIC_ERROR - - COMMIT_FUNCTION_UPGRADE_ERROR - serviceConfig: description: >- - Describes the Cloud Run service which has been setup to prepare for - 2nd gen upgrade. - $ref: '#/components/schemas/ServiceConfig' - eventTrigger: + Output only. The Cloud Build name of the latest successful + deployment of the function. + readOnly: true + environmentVariables: + additionalProperties: + type: string + description: User-provided build-time environment variables for the function + type: object + dockerRepository: description: >- - Describes the Event trigger which has been setup to prepare for 2nd - gen upgrade. - $ref: '#/components/schemas/EventTrigger' - buildConfig: + Repository in Artifact Registry to which the function docker image + will be pushed after it is built by Cloud Build. If specified by + user, it is created and managed by user with a customer managed + encryption key. Otherwise, GCF will create and use a repository + named 'gcf-artifacts' for every deployed region. It must match the + pattern + `projects/{project}/locations/{location}/repositories/{repository}`. + Repository format must be 'DOCKER'. + type: string + automaticUpdatePolicy: + $ref: '#/components/schemas/AutomaticUpdatePolicy' + entryPoint: description: >- - Describes the Build step of the function that builds a container to - prepare for 2nd gen upgrade. - $ref: '#/components/schemas/BuildConfig' + The name of the function (as defined in source code) that will be + executed. Defaults to the resource name suffix, if not specified. + For backward compatibility, if function with given name is not + found, then the system will try to use function named "function". + For Node.js this is name of a function exported by the module + specified in `source_location`. + type: string + sourceProvenance: + description: Output only. A permanent fixed identifier for source. + readOnly: true + $ref: '#/components/schemas/SourceProvenance' + workerPool: + type: string + description: >- + Name of the Cloud Build Custom Worker Pool that should be used to + build the function. The format of this field is + `projects/{project}/locations/{region}/workerPools/{workerPool}` + where {project} and {region} are the project id and region + respectively where the worker pool is defined and {workerPool} is + the short name of the worker pool. If the project id is not the same + as the function, then the Cloud Functions Service Agent + (service-@gcf-admin-robot.iam.gserviceaccount.com) must be granted + the role Cloud Build Custom Workers Builder + (roles/cloudbuild.customworkers.builder) in the project. + id: BuildConfig + description: >- + Describes the Build step of the function that builds a container from + the given source. ListFunctionsResponse: - id: ListFunctionsResponse - description: Response for the `ListFunctions` method. type: object + description: Response for the `ListFunctions` method. + id: ListFunctionsResponse properties: functions: description: The functions that match the request. type: array items: $ref: '#/components/schemas/Function' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string unreachable: description: >- Locations that could not be reached. The response does not include any functions from these locations. - type: array items: type: string - SetupFunctionUpgradeConfigRequest: - id: SetupFunctionUpgradeConfigRequest - description: Request for the `SetupFunctionUpgradeConfig` method. - type: object - properties: - triggerServiceAccount: + type: array + nextPageToken: description: >- - Optional. The trigger's service account. The service account must - have permission to invoke Cloud Run services, the permission is - `run.routes.invoke`. If empty, defaults to the Compute Engine - default service account: - `{project_number}-compute@developer.gserviceaccount.com`. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - AbortFunctionUpgradeRequest: - id: AbortFunctionUpgradeRequest - description: Request for the `AbortFunctionUpgrade` method. - type: object - properties: {} - RedirectFunctionUpgradeTrafficRequest: - id: RedirectFunctionUpgradeTrafficRequest - description: Request for the `RedirectFunctionUpgradeTraffic` method. - type: object - properties: {} - RollbackFunctionUpgradeTrafficRequest: - id: RollbackFunctionUpgradeTrafficRequest - description: Request for the `RollbackFunctionUpgradeTraffic` method. - type: object - properties: {} - CommitFunctionUpgradeRequest: - id: CommitFunctionUpgradeRequest - description: Request for the `CommitFunctionUpgrade` method. + CommitFunctionUpgradeAsGen2Request: type: object + description: Request for the `CommitFunctionUpgradeAsGen2` method. + id: CommitFunctionUpgradeAsGen2Request properties: {} - GenerateUploadUrlRequest: - id: GenerateUploadUrlRequest - description: Request of `GenerateSourceUploadUrl` method. + GoogleCloudFunctionsV2OperationMetadata: + description: Represents the metadata of the long-running operation. type: object properties: - kmsKeyName: - description: >- - Resource name of a KMS crypto key (managed by the user) used to - encrypt/decrypt function source code objects in intermediate Cloud - Storage buckets. When you generate an upload url and upload your - source code, it gets copied to an intermediate Cloud Storage bucket. - The source code is then copied to a versioned directory in the - sources bucket in the consumer project during the function - deployment. It must match the pattern - `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. - The Google Cloud Functions service account - (service-{project_number}@gcf-admin-robot.iam.gserviceaccount.com) - must be granted the role 'Cloud KMS CryptoKey Encrypter/Decrypter - (roles/cloudkms.cryptoKeyEncrypterDecrypter)' on the - Key/KeyRing/Project/Organization (least access preferred). - type: string - environment: + cancelRequested: description: >- - The function environment the generated upload url will be used for. - The upload url for 2nd Gen functions can also be used for 1st gen - functions, but not vice versa. If not specified, 2nd - generation-style upload URLs are generated. + Identifies whether the user has requested cancellation of the + operation. Operations that have successfully been cancelled have + google.longrunning.Operation.error value with a + google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. + type: boolean + target: + description: Server-defined resource path for the target of the operation. type: string - enumDescriptions: - - Unspecified - - Gen 1 - - Gen 2 - enum: - - ENVIRONMENT_UNSPECIFIED - - GEN_1 - - GEN_2 - GenerateUploadUrlResponse: - id: GenerateUploadUrlResponse - description: Response of `GenerateSourceUploadUrl` method. - type: object - properties: - uploadUrl: - description: >- - The generated Google Cloud Storage signed URL that should be used - for a function source code upload. The uploaded file should be a zip - archive which contains a function. + statusDetail: + description: Human-readable status of the operation, if any. type: string - storageSource: - description: >- - The location of the source code in the upload bucket. Once the - archive is uploaded using the `upload_url` use this field to set the - `function.build_config.source.storage_source` during CreateFunction - and UpdateFunction. Generation defaults to 0, as Cloud Storage - provides a new generation only upon uploading a new object or - version of an object. - $ref: '#/components/schemas/StorageSource' - GenerateDownloadUrlRequest: - id: GenerateDownloadUrlRequest - description: Request of `GenerateDownloadUrl` method. - type: object - properties: {} - GenerateDownloadUrlResponse: - id: GenerateDownloadUrlResponse - description: Response of `GenerateDownloadUrl` method. - type: object - properties: - downloadUrl: + customIamRoleDetected: + readOnly: true description: >- - The generated Google Cloud Storage signed URL that should be used - for function source code download. - type: string - ListRuntimesResponse: - id: ListRuntimesResponse - description: Response for the `ListRuntimes` method. - type: object - properties: - runtimes: - description: The runtimes that match the request. + Output only. Whether a custom IAM role binding was detected during + the upgrade. + type: boolean + requestResource: + type: object + description: The original request that started the operation. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + stages: + description: Mechanism for reporting in-progress stages type: array items: - $ref: '#/components/schemas/Runtime' - Runtime: - id: Runtime - description: >- - Describes a runtime and any special information (e.g., deprecation - status) related to it. - type: object - properties: - name: - description: The name of the runtime, e.g., 'go113', 'nodejs12', etc. - type: string - displayName: - description: The user facing name, eg 'Go 1.13', 'Node.js 12', etc. + $ref: '#/components/schemas/GoogleCloudFunctionsV2Stage' + endTime: type: string - stage: - description: The stage of life this runtime is in, e.g., BETA, GA, etc. + format: google-datetime + description: The time the operation finished running. + sourceToken: + description: >- + An identifier for Firebase function sources. Disclaimer: This field + is only supported for Firebase function deployments. type: string - enumDescriptions: - - Not specified. - - The runtime is in development. - - The runtime is in the Alpha stage. - - The runtime is in the Beta stage. - - The runtime is generally available. - - The runtime is deprecated. - - The runtime is no longer supported. - enum: - - RUNTIME_STAGE_UNSPECIFIED - - DEVELOPMENT - - ALPHA - - BETA - - GA - - DEPRECATED - - DECOMMISSIONED - warnings: - description: Warning messages, e.g., a deprecation warning. - type: array - items: - type: string - environment: - description: The environment for the runtime. + verb: type: string + description: Name of the verb executed by the operation. + operationType: enumDescriptions: - Unspecified - - Gen 1 - - Gen 2 + - CreateFunction + - UpdateFunction + - DeleteFunction + - RedirectFunctionUpgradeTraffic + - RollbackFunctionUpgradeTraffic + - SetupFunctionUpgradeConfig + - AbortFunctionUpgrade + - CommitFunctionUpgrade + - DetachFunction + - CommitFunctionUpgradeAsGen2 enum: - - ENVIRONMENT_UNSPECIFIED - - GEN_1 - - GEN_2 - deprecationDate: - description: Deprecation date for the runtime. - $ref: '#/components/schemas/Date' - decommissionDate: - description: Decommission date for the runtime. - $ref: '#/components/schemas/Date' + - OPERATIONTYPE_UNSPECIFIED + - CREATE_FUNCTION + - UPDATE_FUNCTION + - DELETE_FUNCTION + - REDIRECT_FUNCTION_UPGRADE_TRAFFIC + - ROLLBACK_FUNCTION_UPGRADE_TRAFFIC + - SETUP_FUNCTION_UPGRADE_CONFIG + - ABORT_FUNCTION_UPGRADE + - COMMIT_FUNCTION_UPGRADE + - DETACH_FUNCTION + - COMMIT_FUNCTION_UPGRADE_AS_GEN2 + type: string + description: The operation type. + apiVersion: + description: API version used to start the operation. + type: string + buildName: + type: string + description: The build name of the function for create and update operations. + createTime: + description: The time the operation was created. + format: google-datetime + type: string + id: GoogleCloudFunctionsV2OperationMetadata + AbortFunctionUpgradeRequest: + id: AbortFunctionUpgradeRequest + description: Request for the `AbortFunctionUpgrade` method. + properties: {} + type: object + CommitFunctionUpgradeRequest: + description: Request for the `CommitFunctionUpgrade` method. + type: object + properties: {} + id: CommitFunctionUpgradeRequest Date: - id: Date description: >- Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are @@ -1436,294 +1574,174 @@ components: * A year and month, with a zero day (for example, a credit card expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp - type: object + id: Date properties: + day: + type: integer + format: int32 + description: >- + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. year: + type: integer + format: int32 description: >- Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year. - type: integer - format: int32 month: description: >- Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day. type: integer format: int32 - day: - description: >- - Day of a month. Must be from 1 to 31 and valid for the year and - month, or 0 to specify a year by itself or a year and month where - the day isn't significant. - type: integer - format: int32 - DetachFunctionRequest: - id: DetachFunctionRequest - description: Request for the `DetachFunction` method. type: object - properties: {} - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. + AuditConfig: type: object + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + id: AuditConfig properties: - locations: + service: description: >- - A list of locations that matches the specified filter in the - request. + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + type: string + auditLogConfigs: type: array + description: The configuration for logging of each type of permission. items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - OperationMetadataV1: - id: OperationMetadataV1 - description: Metadata describing an Operation - type: object + $ref: '#/components/schemas/AuditLogConfig' + SecretEnvVar: properties: - target: - description: >- - Target of the operation - for example - `projects/project-1/locations/region-1/functions/function-1` - type: string - type: - description: Type of operation. - type: string - enumDescriptions: - - Unknown operation type. - - Triggered by CreateFunction call - - Triggered by UpdateFunction call - - Triggered by DeleteFunction call. - enum: - - OPERATION_UNSPECIFIED - - CREATE_FUNCTION - - UPDATE_FUNCTION - - DELETE_FUNCTION - request: - description: The original request that started the operation. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - versionId: - description: >- - Version id of the function created or updated by an API call. This - field is only populated for Create and Update operations. - type: string - format: int64 - updateTime: - description: The last update timestamp of the operation. + secret: type: string - format: google-datetime - buildId: - description: >- - The Cloud Build ID of the function created or updated by an API - call. This field is only populated for Create and Update operations. + description: Name of the secret in secret manager (not the full resource name). + key: + description: Name of the environment variable. type: string - sourceToken: - description: >- - An identifier for Firebase function sources. Disclaimer: This field - is only supported for Firebase function deployments. + version: type: string - buildName: description: >- - The Cloud Build Name of the function deployment. This field is only - populated for Create and Update operations. - `projects//locations//builds/`. - type: string - GoogleCloudFunctionsV2OperationMetadata: - id: GoogleCloudFunctionsV2OperationMetadata - description: Represents the metadata of the long-running operation. - type: object - properties: - createTime: - description: The time the operation was created. - type: string - format: google-datetime - endTime: - description: The time the operation finished running. - type: string - format: google-datetime - target: - description: Server-defined resource path for the target of the operation. - type: string - verb: - description: Name of the verb executed by the operation. - type: string - statusDetail: - description: Human-readable status of the operation, if any. + Version of the secret (version number or the string 'latest'). It is + recommended to use a numeric version for secret environment + variables as any updates to the secret value is not reflected until + new instances start. + projectId: type: string - cancelRequested: description: >- - Identifies whether the user has requested cancellation of the - operation. Operations that have successfully been cancelled have - google.longrunning.Operation.error value with a - google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - type: boolean - apiVersion: - description: API version used to start the operation. - type: string - requestResource: - description: The original request that started the operation. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - stages: - description: Mechanism for reporting in-progress stages - type: array - items: - $ref: '#/components/schemas/GoogleCloudFunctionsV2Stage' - sourceToken: + Project identifier (preferably project number but can also be the + project ID) of the project that contains the secret. If not set, it + is assumed that the secret is in the same project as the function. + description: >- + Configuration for a secret environment variable. It has the information + necessary to fetch the secret value from secret manager and expose it as + an environment variable. + id: SecretEnvVar + type: object + StorageSource: + type: object + properties: + generation: description: >- - An identifier for Firebase function sources. Disclaimer: This field - is only supported for Firebase function deployments. + Google Cloud Storage generation for the object. If the generation is + omitted, the latest generation will be used. + format: int64 type: string - buildName: - description: The build name of the function for create and update operations. + object: + description: >- + Google Cloud Storage object containing the source. This object must + be a gzipped archive file (`.tar.gz`) containing source to build. type: string - operationType: - description: The operation type. + sourceUploadUrl: type: string - enumDescriptions: - - Unspecified - - CreateFunction - - UpdateFunction - - DeleteFunction - - RedirectFunctionUpgradeTraffic - - RollbackFunctionUpgradeTraffic - - SetupFunctionUpgradeConfig - - AbortFunctionUpgrade - - CommitFunctionUpgrade - - DetachFunction - enum: - - OPERATIONTYPE_UNSPECIFIED - - CREATE_FUNCTION - - UPDATE_FUNCTION - - DELETE_FUNCTION - - REDIRECT_FUNCTION_UPGRADE_TRAFFIC - - ROLLBACK_FUNCTION_UPGRADE_TRAFFIC - - SETUP_FUNCTION_UPGRADE_CONFIG - - ABORT_FUNCTION_UPGRADE - - COMMIT_FUNCTION_UPGRADE - - DETACH_FUNCTION - customIamRoleDetected: description: >- - Output only. Whether a custom IAM role binding was detected during - the upgrade. - readOnly: true - type: boolean - GoogleCloudFunctionsV2Stage: - id: GoogleCloudFunctionsV2Stage - description: Each Stage of the deployment process + When the specified storage bucket is a 1st gen function uploard url + bucket, this field should be set as the generated upload url for 1st + gen deployment. + bucket: + description: >- + Google Cloud Storage bucket containing the source (see [Bucket Name + Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). + type: string + description: Location of the source in an archive file in Google Cloud Storage. + id: StorageSource + GoogleCloudFunctionsV2StateMessage: type: object properties: - name: - description: Name of the Stage. This will be unique for each Stage. - type: string + severity: + description: Severity of the state message. enumDescriptions: - - Not specified. Invalid name. - - Artifact Registry Stage - - Build Stage - - Service Stage - - Trigger Stage - - Service Rollback Stage - - Trigger Rollback Stage + - Not specified. Invalid severity. + - ERROR-level severity. + - WARNING-level severity. + - INFO-level severity. enum: - - NAME_UNSPECIFIED - - ARTIFACT_REGISTRY - - BUILD - - SERVICE - - TRIGGER - - SERVICE_ROLLBACK - - TRIGGER_ROLLBACK - message: - description: Message describing the Stage + - SEVERITY_UNSPECIFIED + - ERROR + - WARNING + - INFO type: string - state: - description: Current state of the Stage + type: + description: One-word CamelCase type of the state message. type: string - enumDescriptions: - - Not specified. Invalid state. - - Stage has not started. - - Stage is in progress. - - Stage has completed. - enum: - - STATE_UNSPECIFIED - - NOT_STARTED - - IN_PROGRESS - - COMPLETE - resource: - description: Resource of the Stage + message: + description: The message. type: string - resourceUri: - description: Link to the current Stage resource + id: GoogleCloudFunctionsV2StateMessage + description: >- + Informational messages about the state of the Cloud Function or + Operation. + Source: + type: object + properties: + gitUri: + description: >- + If provided, get the source from GitHub repository. This option is + valid only for GCF 1st Gen function. Example: + https://github.com///blob// type: string - stateMessages: - description: State messages from the current Stage. - type: array - items: - $ref: '#/components/schemas/GoogleCloudFunctionsV2StateMessage' - GoogleCloudFunctionsV2LocationMetadata: - id: GoogleCloudFunctionsV2LocationMetadata - description: Extra GCF specific location information. + storageSource: + description: >- + If provided, get the source from this location in Google Cloud + Storage. + $ref: '#/components/schemas/StorageSource' + repoSource: + description: >- + If provided, get the source from this location in a Cloud Source + Repository. + $ref: '#/components/schemas/RepoSource' + id: Source + description: The location of the function source code. + OnDeployUpdatePolicy: + description: Security patches are only applied when a function is redeployed. type: object + id: OnDeployUpdatePolicy properties: - environments: - description: The Cloud Function environments this location supports. - type: array - items: - type: string - enumDescriptions: - - Unspecified - - Gen 1 - - Gen 2 - enum: - - ENVIRONMENT_UNSPECIFIED - - GEN_1 - - GEN_2 + runtimeVersion: + readOnly: true + type: string + description: >- + Output only. contains the runtime version which was used during + latest function deployment. parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string alt: description: Data format for response. in: query @@ -1734,12 +1752,27 @@ components: - json - media - proto + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean callback: description: JSONP in: query name: callback schema: type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' fields: description: Selector specifying which fields to include in a partial response. in: query @@ -1755,18 +1788,12 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + access_token: + description: OAuth access token. in: query - name: oauth_token + name: access_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -1776,10 +1803,10 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: upload_protocol + name: oauth_token schema: type: string uploadType: @@ -1788,15 +1815,12 @@ components: name: uploadType schema: type: string - _.xgafv: - description: V1 error format. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: $.xgafv + name: upload_protocol schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: locations: id: google.cloudfunctions.locations @@ -1822,21 +1846,21 @@ components: name: operations title: Operations methods: - list: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - get: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/operations/methods/get' @@ -1845,42 +1869,24 @@ components: update: [] replace: [] delete: [] - functions_iam_policies: - id: google.cloudfunctions.functions_iam_policies - name: functions_iam_policies - title: Functions_iam_policies + runtimes: + id: google.cloudfunctions.runtimes + name: runtimes + title: Runtimes methods: - set_iam_policy: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - get_iam_policy: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:getIamPolicy/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:testIamPermissions/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1runtimes/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/functions_iam_policies/methods/get_iam_policy + select: + - $ref: '#/components/x-stackQL-resources/runtimes/methods/list' insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/functions_iam_policies/methods/set_iam_policy + replace: [] delete: [] functions: id: google.cloudfunctions.functions @@ -1894,6 +1900,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' patch: operation: $ref: >- @@ -1901,74 +1914,74 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: + commit_function_upgrade: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:commitFunctionUpgrade/post response: mediaType: application/json openAPIDocKey: '200' - list: + generate_upload_url: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions:generateUploadUrl/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.functions - create: + redirect_function_upgrade_traffic: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:redirectFunctionUpgradeTraffic/post response: mediaType: application/json openAPIDocKey: '200' - setup_function_upgrade_config: + create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:setupFunctionUpgradeConfig/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions/post response: mediaType: application/json openAPIDocKey: '200' - abort_function_upgrade: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:abortFunctionUpgrade/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions/get response: mediaType: application/json openAPIDocKey: '200' - redirect_function_upgrade_traffic: + objectKey: $.functions + commit_function_upgrade_as_gen2: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:redirectFunctionUpgradeTraffic/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:commitFunctionUpgradeAsGen2/post response: mediaType: application/json openAPIDocKey: '200' - rollback_function_upgrade_traffic: + abort_function_upgrade: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:rollbackFunctionUpgradeTraffic/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:abortFunctionUpgrade/post response: mediaType: application/json openAPIDocKey: '200' - commit_function_upgrade: + generate_download_url: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:commitFunctionUpgrade/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:generateDownloadUrl/post response: mediaType: application/json openAPIDocKey: '200' - generate_upload_url: + setup_function_upgrade_config: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions:generateUploadUrl/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:setupFunctionUpgradeConfig/post response: mediaType: application/json openAPIDocKey: '200' - generate_download_url: + rollback_function_upgrade_traffic: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:generateDownloadUrl/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:rollbackFunctionUpgradeTraffic/post response: mediaType: application/json openAPIDocKey: '200' @@ -1990,39 +2003,57 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/functions/methods/delete' - runtimes: - id: google.cloudfunctions.runtimes - name: runtimes - title: Runtimes + functions_iam_policies: + id: google.cloudfunctions.functions_iam_policies + name: functions_iam_policies + title: Functions_iam_policies methods: - list: + get_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1runtimes/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + test_iam_permissions: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + set_iam_policy: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1functions~1{functionsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/runtimes/methods/list' + - $ref: >- + #/components/x-stackQL-resources/functions_iam_policies/methods/get_iam_policy insert: [] update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/functions_iam_policies/methods/set_iam_policy delete: [] paths: /v2/projects/{projectsId}/locations: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/upload_protocol' get: description: Lists information about the supported locations for this service. operationId: cloudfunctions.projects.locations.list @@ -2048,17 +2079,53 @@ paths: name: filter schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: extraLocationTypes schema: type: string - - in: query - name: extraLocationTypes + /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: cloudfunctions.projects.locations.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true schema: type: string /v2/projects/{projectsId}/locations/{locationsId}/operations: @@ -2095,6 +2162,10 @@ paths: name: filter schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: pageSize schema: @@ -2104,14 +2175,11 @@ paths: name: pageToken schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + /v2/projects/{projectsId}/locations/{locationsId}/runtimes: parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: cloudfunctions.projects.locations.operations.get + description: Returns a list of runtimes that are supported for the requested project. + operationId: cloudfunctions.projects.locations.runtimes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2123,7 +2191,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListRuntimesResponse' parameters: - in: path name: projectsId @@ -2135,24 +2203,15 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: filter schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:setIamPolicy: + /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}: parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: cloudfunctions.projects.locations.functions.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + get: + description: Returns a function with the given name from the requested project. + operationId: cloudfunctions.projects.locations.functions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2164,7 +2223,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Function' parameters: - in: path name: projectsId @@ -2181,13 +2240,16 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:getIamPolicy: - parameters: *ref_1 - get: + - in: query + name: revision + schema: + type: string + delete: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: cloudfunctions.projects.locations.functions.getIamPolicy + Deletes a function with the given name from the specified project. If + the given function is used by some trigger, the trigger will be updated + to remove this function. + operationId: cloudfunctions.projects.locations.functions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2199,7 +2261,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2216,26 +2278,14 @@ paths: required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: cloudfunctions.projects.locations.functions.testIamPermissions + patch: + description: Updates existing function. + operationId: cloudfunctions.projects.locations.functions.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/Function' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2247,7 +2297,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2264,11 +2314,25 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:commitFunctionUpgrade: parameters: *ref_1 - get: - description: Returns a function with the given name from the requested project. - operationId: cloudfunctions.projects.locations.functions.get + post: + description: >- + Finalizes the upgrade after which function upgrade can not be rolled + back. This is the last step of the multi step process to upgrade 1st Gen + functions to 2nd Gen. Deletes all original 1st Gen related configuration + and resources. + operationId: cloudfunctions.projects.locations.functions.commitFunctionUpgrade + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CommitFunctionUpgradeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2280,7 +2344,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Function' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2297,18 +2361,13 @@ paths: required: true schema: type: string - - in: query - name: revision - schema: - type: string - patch: - description: Updates existing function. - operationId: cloudfunctions.projects.locations.functions.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Function' + /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: cloudfunctions.projects.locations.functions.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2320,7 +2379,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2338,16 +2397,34 @@ paths: schema: type: string - in: query - name: updateMask + name: options.requestedPolicyVersion schema: - type: string - format: google-fieldmask - delete: + type: integer + format: int32 + /v2/projects/{projectsId}/locations/{locationsId}/functions:generateUploadUrl: + parameters: *ref_1 + post: description: >- - Deletes a function with the given name from the specified project. If - the given function is used by some trigger, the trigger will be updated - to remove this function. - operationId: cloudfunctions.projects.locations.functions.delete + Returns a signed URL for uploading a function source code. For more + information about the signed URL usage see: + https://cloud.google.com/storage/docs/access-control/signed-urls. Once + the function source code upload is complete, the used signed URL should + be provided in CreateFunction or UpdateFunction request as a reference + to the function source code. When uploading source code to the generated + signed URL, please follow these restrictions: * Source file type should + be a zip file. * No credentials should be attached - the signed URLs + provide access to the target bucket using internal service identity; if + credentials were attached, the identity from the credentials would be + used, but that identity does not have permissions to upload files to the + URL. When making a HTTP PUT request, specify this header: * + `content-type: application/zip` Do not specify this header: * + `Authorization: Bearer YOUR_TOKEN` + operationId: cloudfunctions.projects.locations.functions.generateUploadUrl + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GenerateUploadUrlRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2359,7 +2436,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/GenerateUploadUrlResponse' parameters: - in: path name: projectsId @@ -2371,16 +2448,21 @@ paths: required: true schema: type: string - - in: path - name: functionsId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/functions: + /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:redirectFunctionUpgradeTraffic: parameters: *ref_1 - get: - description: Returns a list of functions that belong to the requested project. - operationId: cloudfunctions.projects.locations.functions.list + post: + description: >- + Changes the traffic target of a function from the original 1st Gen + function to the 2nd Gen copy. This is the second step of the multi step + process to upgrade 1st Gen functions to 2nd Gen. After this operation, + all new traffic will be served by 2nd Gen copy. + operationId: >- + cloudfunctions.projects.locations.functions.redirectFunctionUpgradeTraffic + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RedirectFunctionUpgradeTrafficRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2392,7 +2474,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListFunctionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2404,23 +2486,13 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: functionsId + required: true schema: type: string + /v2/projects/{projectsId}/locations/{locationsId}/functions: + parameters: *ref_1 post: description: >- Creates a new function. If a function with the given name already exists @@ -2459,21 +2531,9 @@ paths: name: functionId schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:setupFunctionUpgradeConfig: - parameters: *ref_1 - post: - description: >- - Creates a 2nd Gen copy of the function configuration based on the 1st - Gen function with the given name. This is the first step of the multi - step process to upgrade 1st Gen functions to 2nd Gen. Only 2nd Gen - configuration is setup as part of this request and traffic continues to - be served by 1st Gen. - operationId: cloudfunctions.projects.locations.functions.setupFunctionUpgradeConfig - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetupFunctionUpgradeConfigRequest' + get: + description: Returns a list of functions that belong to the requested project. + operationId: cloudfunctions.projects.locations.functions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2485,7 +2545,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListFunctionsResponse' parameters: - in: path name: projectsId @@ -2497,25 +2557,36 @@ paths: required: true schema: type: string - - in: path - name: functionsId - required: true + - in: query + name: pageToken schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:abortFunctionUpgrade: + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:commitFunctionUpgradeAsGen2: parameters: *ref_1 post: description: >- - Aborts generation upgrade process for a function with the given name - from the specified project. Deletes all 2nd Gen copy related - configuration and resources which were created during the upgrade - process. - operationId: cloudfunctions.projects.locations.functions.abortFunctionUpgrade + Commits a function upgrade from GCF Gen1 to GCF Gen2. This action + deletes the Gen1 function, leaving the Gen2 function active and + manageable by the GCFv2 API. + operationId: cloudfunctions.projects.locations.functions.commitFunctionUpgradeAsGen2 requestBody: content: application/json: schema: - $ref: '#/components/schemas/AbortFunctionUpgradeRequest' + $ref: '#/components/schemas/CommitFunctionUpgradeAsGen2Request' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2544,21 +2615,20 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:redirectFunctionUpgradeTraffic: + /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:abortFunctionUpgrade: parameters: *ref_1 post: description: >- - Changes the traffic target of a function from the original 1st Gen - function to the 2nd Gen copy. This is the second step of the multi step - process to upgrade 1st Gen functions to 2nd Gen. After this operation, - all new traffic will be served by 2nd Gen copy. - operationId: >- - cloudfunctions.projects.locations.functions.redirectFunctionUpgradeTraffic + Aborts generation upgrade process for a function with the given name + from the specified project. Deletes all 2nd Gen copy related + configuration and resources which were created during the upgrade + process. + operationId: cloudfunctions.projects.locations.functions.abortFunctionUpgrade requestBody: content: application/json: schema: - $ref: '#/components/schemas/RedirectFunctionUpgradeTrafficRequest' + $ref: '#/components/schemas/AbortFunctionUpgradeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2587,20 +2657,21 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:rollbackFunctionUpgradeTraffic: + /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:testIamPermissions: parameters: *ref_1 post: description: >- - Reverts the traffic target of a function from the 2nd Gen copy to the - original 1st Gen function. After this operation, all new traffic would - be served by the 1st Gen. - operationId: >- - cloudfunctions.projects.locations.functions.rollbackFunctionUpgradeTraffic + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: cloudfunctions.projects.locations.functions.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/RollbackFunctionUpgradeTrafficRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2612,7 +2683,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -2629,20 +2700,19 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:commitFunctionUpgrade: + /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:setIamPolicy: parameters: *ref_1 post: description: >- - Finalizes the upgrade after which function upgrade can not be rolled - back. This is the last step of the multi step process to upgrade 1st Gen - functions to 2nd Gen. Deletes all original 1st Gen related configuration - and resources. - operationId: cloudfunctions.projects.locations.functions.commitFunctionUpgrade + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: cloudfunctions.projects.locations.functions.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/CommitFunctionUpgradeRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2654,7 +2724,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2671,30 +2741,20 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/functions:generateUploadUrl: + /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:generateDownloadUrl: parameters: *ref_1 post: description: >- - Returns a signed URL for uploading a function source code. For more - information about the signed URL usage see: - https://cloud.google.com/storage/docs/access-control/signed-urls. Once - the function source code upload is complete, the used signed URL should - be provided in CreateFunction or UpdateFunction request as a reference - to the function source code. When uploading source code to the generated - signed URL, please follow these restrictions: * Source file type should - be a zip file. * No credentials should be attached - the signed URLs - provide access to the target bucket using internal service identity; if - credentials were attached, the identity from the credentials would be - used, but that identity does not have permissions to upload files to the - URL. When making a HTTP PUT request, specify this header: * - `content-type: application/zip` Do not specify this header: * - `Authorization: Bearer YOUR_TOKEN` - operationId: cloudfunctions.projects.locations.functions.generateUploadUrl + Returns a signed URL for downloading deployed function source code. The + URL is only valid for a limited period and should be used within 30 + minutes of generation. For more information about the signed URL usage + see: https://cloud.google.com/storage/docs/access-control/signed-urls + operationId: cloudfunctions.projects.locations.functions.generateDownloadUrl requestBody: content: application/json: schema: - $ref: '#/components/schemas/GenerateUploadUrlRequest' + $ref: '#/components/schemas/GenerateDownloadUrlRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2706,7 +2766,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GenerateUploadUrlResponse' + $ref: '#/components/schemas/GenerateDownloadUrlResponse' parameters: - in: path name: projectsId @@ -2718,20 +2778,26 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:generateDownloadUrl: + - in: path + name: functionsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:setupFunctionUpgradeConfig: parameters: *ref_1 post: description: >- - Returns a signed URL for downloading deployed function source code. The - URL is only valid for a limited period and should be used within 30 - minutes of generation. For more information about the signed URL usage - see: https://cloud.google.com/storage/docs/access-control/signed-urls - operationId: cloudfunctions.projects.locations.functions.generateDownloadUrl + Creates a 2nd Gen copy of the function configuration based on the 1st + Gen function with the given name. This is the first step of the multi + step process to upgrade 1st Gen functions to 2nd Gen. Only 2nd Gen + configuration is setup as part of this request and traffic continues to + be served by 1st Gen. + operationId: cloudfunctions.projects.locations.functions.setupFunctionUpgradeConfig requestBody: content: application/json: schema: - $ref: '#/components/schemas/GenerateDownloadUrlRequest' + $ref: '#/components/schemas/SetupFunctionUpgradeConfigRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2743,7 +2809,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GenerateDownloadUrlResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2760,16 +2826,20 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:detachFunction: + /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:rollbackFunctionUpgradeTraffic: parameters: *ref_1 post: - description: Detaches 2nd Gen function to Cloud Run function. - operationId: cloudfunctions.projects.locations.functions.detachFunction + description: >- + Reverts the traffic target of a function from the 2nd Gen copy to the + original 1st Gen function. After this operation, all new traffic would + be served by the 1st Gen. + operationId: >- + cloudfunctions.projects.locations.functions.rollbackFunctionUpgradeTraffic requestBody: content: application/json: schema: - $ref: '#/components/schemas/DetachFunctionRequest' + $ref: '#/components/schemas/RollbackFunctionUpgradeTrafficRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2798,11 +2868,16 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/runtimes: + /v2/projects/{projectsId}/locations/{locationsId}/functions/{functionsId}:detachFunction: parameters: *ref_1 - get: - description: Returns a list of runtimes that are supported for the requested project. - operationId: cloudfunctions.projects.locations.runtimes.list + post: + description: Detaches 2nd Gen function to Cloud Run function. + operationId: cloudfunctions.projects.locations.functions.detachFunction + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DetachFunctionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2814,7 +2889,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRuntimesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2826,7 +2901,8 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: functionsId + required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/cloudidentity.yaml b/providers/src/googleapis.com/v00.00.00000/services/cloudidentity.yaml index de2410f2..53d69c14 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/cloudidentity.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/cloudidentity.yaml @@ -7,8 +7,8 @@ info: title: Cloud Identity API description: API for provisioning and managing identity resources. version: v1 - x-discovery-doc-revision: '20250819' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251201' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/identity/ servers: @@ -22,31 +22,31 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 + https://www.googleapis.com/auth/cloud-identity.inboundsso: >- + See and edit all of the Inbound SSO profiles and their assignments + to any Org Units or Google Groups in your Cloud Identity + Organization. + https://www.googleapis.com/auth/cloud-identity.policies.readonly: See policies in your Cloud Identity Organization. + https://www.googleapis.com/auth/cloud-identity.devices.lookup: See your device details + https://www.googleapis.com/auth/cloud-identity.groups.readonly: >- + See any Cloud Identity Groups that you can access, including group + members and their emails https://www.googleapis.com/auth/cloud-identity.devices: >- Private Service: https://www.googleapis.com/auth/cloud-identity.devices - https://www.googleapis.com/auth/cloud-identity.devices.lookup: See your device details https://www.googleapis.com/auth/cloud-identity.devices.readonly: >- Private Service: https://www.googleapis.com/auth/cloud-identity.devices.readonly - https://www.googleapis.com/auth/cloud-identity.groups: >- - See, change, create, and delete any of the Cloud Identity Groups - that you can access, including the members of each group - https://www.googleapis.com/auth/cloud-identity.groups.readonly: >- - See any Cloud Identity Groups that you can access, including group - members and their emails - https://www.googleapis.com/auth/cloud-identity.inboundsso: >- - See and edit all of the Inbound SSO profiles and their assignments - to any Org Units or Google Groups in your Cloud Identity - Organization. + https://www.googleapis.com/auth/cloud-identity.policies: See and edit policies in your Cloud Identity Organization. https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly: >- See all of the Inbound SSO profiles and their assignments to any Org Units or Google Groups in your Cloud Identity Organization. - https://www.googleapis.com/auth/cloud-identity.policies: See and edit policies in your Cloud Identity Organization. - https://www.googleapis.com/auth/cloud-identity.policies.readonly: See policies in your Cloud Identity Organization. https://www.googleapis.com/auth/cloud-platform: >- See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account. + https://www.googleapis.com/auth/cloud-identity.groups: >- + See, change, create, and delete any of the Cloud Identity Groups + that you can access, including the members of each group Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -56,806 +56,833 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleAppsCloudidentityDevicesV1Device: - id: GoogleAppsCloudidentityDevicesV1Device - description: ' A Device within the Cloud Identity Devices API. Represents a Device known to Google Cloud, independent of the device ownership, type, and whether it is assigned or in use by a user.' + DeleteIdpCredentialOperationMetadata: + description: >- + LRO response metadata for + InboundSamlSsoProfilesService.DeleteIdpCredential. + type: object + properties: {} + id: DeleteIdpCredentialOperationMetadata + SearchDirectGroupsResponse: + id: SearchDirectGroupsResponse type: object properties: - name: - description: >- - Output only. [Resource - name](https://cloud.google.com/apis/design/resource_names) of the - Device in format: `devices/{device}`, where device is the unique id - assigned to the Device. Important: Device API scopes require that - you use domain-wide delegation to access the API. For more - information, see [Set up the Devices - API](https://cloud.google.com/identity/docs/how-to/setup-devices). - readOnly: true + nextPageToken: type: string - createTime: description: >- - Output only. When the Company-Owned device was imported. This field - is empty for BYOD devices. - readOnly: true - type: string - format: google-datetime - lastSyncTime: - description: Most recent time when device synced with this service. - type: string - format: google-datetime - ownerType: + Token to retrieve the next page of results, or empty if there are no + more results available for listing. + memberships: + type: array + description: List of direct groups satisfying the query. + items: + $ref: '#/components/schemas/MembershipRelation' + description: The response message for MembershipsService.SearchDirectGroups. + Operation: + id: Operation + type: object + properties: + error: + $ref: '#/components/schemas/Status' description: >- - Output only. Whether the device is owned by the company or an - individual - readOnly: true - type: string - enumDescriptions: - - Default value. The value is unused. - - Company owns the device. - - Bring Your Own Device (i.e. individual owns the device) - enum: - - DEVICE_OWNERSHIP_UNSPECIFIED - - COMPANY - - BYOD - model: - description: 'Output only. Model name of device. Example: Pixel 3.' - readOnly: true + The error result of the operation in case of failure or + cancellation. + response: + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + metadata: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + name: type: string - osVersion: - description: 'Output only. OS version of the device. Example: Android 8.1.0.' - readOnly: true + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + description: >- + This resource represents a long-running operation that is the result of + a network API call. + DsaPublicKeyInfo: + id: DsaPublicKeyInfo + type: object + properties: + keySize: + format: int32 + type: integer + description: Key size in bits (size of parameter P). + description: Information of a DSA public key. + GoogleAppsCloudidentityDevicesV1WipeDeviceRequest: + id: GoogleAppsCloudidentityDevicesV1WipeDeviceRequest + properties: + customer: type: string - deviceType: - description: Output only. Type of device. + description: >- + Optional. [Resource + name](https://cloud.google.com/apis/design/resource_names) of the + customer. If you're using this API for your own organization, use + `customers/my_customer` If you're using this API to manage another + organization, use `customers/{customer}`, where customer is the + customer to whom the device belongs. + removeResetLock: + description: >- + Optional. Specifies if a user is able to factory reset a device + after a Device Wipe. On iOS, this is called "Activation Lock", while + on Android, this is known as "Factory Reset Protection". If true, + this protection will be removed from the device, so that a user can + successfully factory reset. If false, the setting is untouched on + the device. + type: boolean + description: Request message for wiping all data on the device. + type: object + InboundSsoAssignment: + description: Targets with "set" SSO assignments and their respective assignments. + type: object + properties: + name: readOnly: true + description: >- + Output only. [Resource + name](https://cloud.google.com/apis/design/resource_names) of the + Inbound SSO Assignment. type: string + oidcSsoInfo: + description: >- + OpenID Connect SSO details. Must be set if and only if `sso_mode` is + set to `OIDC_SSO`. + $ref: '#/components/schemas/OidcSsoInfo' + signInBehavior: + $ref: '#/components/schemas/SignInBehavior' + description: >- + Assertions about users assigned to an IdP will always be accepted + from that IdP. This controls whether/when Google should redirect a + user to the IdP. Unset (defaults) is the recommended configuration. + ssoMode: enumDescriptions: - - Unknown device type - - Device is an Android device - - Device is an iOS device - - Device is a Google Sync device. - - Device is a Windows device. - - Device is a MacOS device. - - Device is a Linux device. - - Device is a ChromeOS device. + - Not allowed. + - Disable SSO for the targeted users. + - >- + Use an external SAML Identity Provider for SSO for the targeted + users. + - >- + Use an external OIDC Identity Provider for SSO for the targeted + users. + - >- + Use the domain-wide SAML Identity Provider for the targeted users + if one is configured; otherwise, this is equivalent to `SSO_OFF`. + Note that this will also be equivalent to `SSO_OFF` if/when + support for domain-wide SAML is removed. Google may disallow this + mode at that point and existing assignments with this mode may be + automatically changed to `SSO_OFF`. enum: - - DEVICE_TYPE_UNSPECIFIED - - ANDROID - - IOS - - GOOGLE_SYNC - - WINDOWS - - MAC_OS - - LINUX - - CHROME_OS - serialNumber: - description: 'Serial Number of device. Example: HT82V1A01076.' - type: string - assetTag: - description: Asset tag of the device. + - SSO_MODE_UNSPECIFIED + - SSO_OFF + - SAML_SSO + - OIDC_SSO + - DOMAIN_WIDE_SAML_IF_ENABLED + description: Inbound SSO behavior. type: string - imei: - description: Output only. IMEI number of device if GSM device; empty otherwise. - readOnly: true + targetOrgUnit: type: string - meid: - description: Output only. MEID number of device if CDMA device; empty otherwise. - readOnly: true + description: Immutable. Must be of the form `orgUnits/{org_unit}`. + samlSsoInfo: + description: >- + SAML SSO details. Must be set if and only if `sso_mode` is set to + `SAML_SSO`. + $ref: '#/components/schemas/SamlSsoInfo' + targetGroup: type: string - wifiMacAddresses: - description: WiFi MAC addresses of device. - type: array - items: - type: string - networkOperator: - description: Output only. Mobile or network operator of device, if available. - readOnly: true + description: Immutable. Must be of the form `groups/{group}`. + customer: + description: 'Immutable. The customer. For example: `customers/C0123abc`.' type: string - manufacturer: - description: 'Output only. Device manufacturer. Example: Motorola.' - readOnly: true - type: string - releaseVersion: - description: 'Output only. OS release version. Example: 6.0.' - readOnly: true - type: string - brand: - description: 'Output only. Device brand. Example: Samsung.' + rank: + format: int32 + type: integer + description: >- + Must be zero (which is the default value so it can be omitted) for + assignments with `target_org_unit` set and must be + greater-than-or-equal-to one for assignments with `target_group` + set. + id: InboundSsoAssignment + MembershipRoleRestrictionEvaluation: + description: The evaluated state of this restriction. + type: object + id: MembershipRoleRestrictionEvaluation + properties: + state: + enum: + - STATE_UNSPECIFIED + - COMPLIANT + - FORWARD_COMPLIANT + - NON_COMPLIANT + - EVALUATING + enumDescriptions: + - Default. Should not be used. + - The member adheres to the parent group's restriction. + - >- + The group-group membership might be currently violating some + parent group's restriction but in future, it will never allow any + new member in the child group which can violate parent group's + restriction. + - The member violates the parent group's restriction. + - The state of the membership is under evaluation. readOnly: true type: string - buildNumber: - description: Output only. Build number of the device. - readOnly: true + description: Output only. The current state of the restriction + RestrictionEvaluations: + properties: + memberRestrictionEvaluation: + description: >- + Evaluation of the member restriction applied to this membership. + Empty if the user lacks permission to view the restriction + evaluation. + $ref: '#/components/schemas/MembershipRoleRestrictionEvaluation' + description: Evaluations of restrictions applied to parent group on this membership. + id: RestrictionEvaluations + type: object + GoogleAppsCloudidentityDevicesV1ApproveDeviceUserMetadata: + type: object + description: Metadata for ApproveDeviceUser LRO. + properties: {} + id: GoogleAppsCloudidentityDevicesV1ApproveDeviceUserMetadata + ListIdpCredentialsResponse: + properties: + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - kernelVersion: - description: Output only. Kernel version of the device. - readOnly: true + idpCredentials: + items: + $ref: '#/components/schemas/IdpCredential' + type: array + description: The IdpCredentials from the specified InboundSamlSsoProfile. + id: ListIdpCredentialsResponse + type: object + description: Response of the InboundSamlSsoProfilesService.ListIdpCredentials method. + CreateInboundOidcSsoProfileOperationMetadata: + properties: + state: + description: >- + State of this Operation Will be "awaiting-multi-party-approval" when + the operation is deferred due to the target customer having enabled + [Multi-party approval for sensitive + actions](https://support.google.com/a/answer/13790448). type: string - basebandVersion: - description: Output only. Baseband version of the device. - readOnly: true + type: object + description: >- + LRO response metadata for + InboundOidcSsoProfilesService.CreateInboundOidcSsoProfile. + id: CreateInboundOidcSsoProfileOperationMetadata + SearchTransitiveGroupsResponse: + id: SearchTransitiveGroupsResponse + description: The response message for MembershipsService.SearchTransitiveGroups. + type: object + properties: + nextPageToken: type: string - enabledDeveloperOptions: - description: Output only. Whether developer options is enabled on device. - readOnly: true - type: boolean - otherAccounts: description: >- - Output only. Domain name for Google accounts on device. Type for - other accounts on device. On Android, will only be populated if - |ownership_privilege| is |PROFILE_OWNER| or |DEVICE_OWNER|. Does not - include the account signed in to the device policy app if that - account's domain has only one account. Examples: "com.example", - "xyz.com". - readOnly: true + Token to retrieve the next page of results, or empty if there are no + more results available for listing. + memberships: + description: List of transitive groups satisfying the query. type: array items: - type: string - enabledUsbDebugging: - description: Output only. Whether USB debugging is enabled on device. - readOnly: true - type: boolean - securityPatchTime: - description: Output only. OS security patch update time on device. - readOnly: true - type: string - format: google-datetime - bootloaderVersion: - description: 'Output only. Device bootloader version. Example: 0.6.7.' - readOnly: true + $ref: '#/components/schemas/GroupRelation' + InboundSamlSsoProfile: + id: InboundSamlSsoProfile + type: object + description: >- + A [SAML 2.0](https://www.oasis-open.org/standards#samlv2.0) federation + between a Google enterprise customer and a SAML identity provider. + properties: + spConfig: + description: >- + SAML service provider configuration for this SAML SSO profile. These + are the service provider details provided by Google that should be + configured on the corresponding identity provider. + $ref: '#/components/schemas/SamlSpConfig' + customer: + description: 'Immutable. The customer. For example: `customers/C0123abc`.' type: string - encryptionState: - description: Output only. Device encryption state. + idpConfig: + description: SAML identity provider configuration. + $ref: '#/components/schemas/SamlIdpConfig' + name: readOnly: true type: string - enumDescriptions: - - Encryption Status is not set. - - Device doesn't support encryption. - - Device is encrypted. - - Device is not encrypted. - enum: - - ENCRYPTION_STATE_UNSPECIFIED - - UNSUPPORTED_BY_DEVICE - - ENCRYPTED - - NOT_ENCRYPTED - androidSpecificAttributes: - description: Output only. Attributes specific to Android devices. - readOnly: true - $ref: >- - #/components/schemas/GoogleAppsCloudidentityDevicesV1AndroidAttributes - managementState: - description: Output only. Management state of the device - readOnly: true + description: >- + Output only. [Resource + name](https://cloud.google.com/apis/design/resource_names) of the + SAML SSO profile. + displayName: + description: Human-readable name of the SAML SSO profile. type: string + GoogleAppsCloudidentityDevicesV1CreateDeviceMetadata: + type: object + description: Metadata for CreateDevice LRO. + id: GoogleAppsCloudidentityDevicesV1CreateDeviceMetadata + properties: {} + SignInBehavior: + type: object + description: Controls sign-in behavior. + properties: + redirectCondition: enumDescriptions: - - Default value. This value is unused. - - Device is approved. - - Device is blocked. - - Device is pending approval. + - Default and means "always" - >- - The device is not provisioned. Device will start from this state - until some action is taken (i.e. a user starts using the device). - - Data and settings on the device are being removed. - - All data and settings on the device are removed. + Sign-in flows where the user is prompted for their identity will + not redirect to the IdP (so the user will most likely be prompted + by Google for a password), but special flows like IdP-initiated + SAML and sign-in following automatic redirection to the IdP by + domain-specific service URLs will accept the IdP's assertion of + the user's identity. enum: - - MANAGEMENT_STATE_UNSPECIFIED - - APPROVED - - BLOCKED - - PENDING - - UNPROVISIONED - - WIPING - - WIPED - compromisedState: - description: Output only. Represents whether the Device is compromised. - readOnly: true + - REDIRECT_CONDITION_UNSPECIFIED + - NEVER + description: When to redirect sign-ins to the IdP. type: string + id: SignInBehavior + DeleteMembershipMetadata: + id: DeleteMembershipMetadata + type: object + properties: {} + description: Metadata for DeleteMembership LRO. + UserInvitation: + type: object + properties: + state: enumDescriptions: - - Default value. + - The default value. This value is used if the state is omitted. - >- - The device is compromised (currently, this means Android device is - rooted). + The `UserInvitation` has been created and is ready for sending as + an email. + - The user has been invited by email. - >- - The device is safe (currently, this means Android device is - unrooted). + The user has accepted the invitation and is part of the + organization. + - The user declined the invitation. enum: - - COMPROMISED_STATE_UNSPECIFIED - - COMPROMISED - - UNCOMPROMISED - deviceId: - description: Unique identifier for the device. + - STATE_UNSPECIFIED + - NOT_YET_SENT + - INVITED + - ACCEPTED + - DECLINED + description: State of the `UserInvitation`. type: string - unifiedDeviceId: - description: Output only. Unified device id of the device. - readOnly: true + mailsSentCount: + description: Number of invitation emails sent to the user. + format: int64 type: string - endpointVerificationSpecificAttributes: - description: >- - Output only. Attributes specific to [Endpoint - Verification](https://cloud.google.com/endpoint-verification/docs/overview) - devices. - readOnly: true - $ref: >- - #/components/schemas/GoogleAppsCloudidentityDevicesV1EndpointVerificationSpecificAttributes - hostname: - description: Host name of the device. + updateTime: + format: google-datetime type: string - GoogleAppsCloudidentityDevicesV1AndroidAttributes: - id: GoogleAppsCloudidentityDevicesV1AndroidAttributes - description: Resource representing the Android specific attributes of a Device. - type: object - properties: - enabledUnknownSources: - description: >- - Whether applications from unknown sources can be installed on - device. - type: boolean - supportsWorkProfile: - description: >- - Whether device supports Android work profiles. If false, this - service will not block access to corp data even if an administrator - turns on the "Enforce Work Profile" policy. - type: boolean - ownerProfileAccount: - description: >- - Whether this account is on an owner/primary profile. For phones, - only true for owner profiles. Android 4+ devices can have secondary - or restricted user profiles. - type: boolean - ownershipPrivilege: - description: Ownership privileges on device. + description: Time when the `UserInvitation` was last updated. + name: type: string - enumDescriptions: - - Ownership privilege is not set. - - Active device administrator privileges on the device. - - >- - Profile Owner privileges. The account is in a managed corporate - profile. - - Device Owner privileges on the device. - enum: - - OWNERSHIP_PRIVILEGE_UNSPECIFIED - - DEVICE_ADMINISTRATOR - - PROFILE_OWNER - - DEVICE_OWNER - verifiedBoot: - description: Whether Android verified boot status is GREEN. - type: boolean - ctsProfileMatch: - description: Whether the device passes Android CTS compliance. - type: boolean - verifyAppsEnabled: - description: Whether Google Play Protect Verify Apps is enabled. - type: boolean - hasPotentiallyHarmfulApps: - description: Whether any potentially harmful apps were detected on the device. - type: boolean - GoogleAppsCloudidentityDevicesV1EndpointVerificationSpecificAttributes: - id: GoogleAppsCloudidentityDevicesV1EndpointVerificationSpecificAttributes - description: >- - Resource representing the [Endpoint Verification-specific - attributes](https://cloud.google.com/endpoint-verification/docs/device-information) - of a device. - type: object - properties: - certificateAttributes: - description: Details of certificates. - type: array - items: - $ref: >- - #/components/schemas/GoogleAppsCloudidentityDevicesV1CertificateAttributes - browserAttributes: - description: Details of browser profiles reported by Endpoint Verification. - type: array - items: - $ref: >- - #/components/schemas/GoogleAppsCloudidentityDevicesV1BrowserAttributes - additionalSignals: description: >- - [Additional - signals](https://cloud.google.com/endpoint-verification/docs/device-information) - reported by Endpoint Verification. It includes the following - attributes: * Non-configurable attributes: hotfixes, av_installed, - av_enabled, windows_domain_name, is_os_native_firewall_enabled, and - is_secure_boot_enabled. * [Configurable - attributes](https://cloud.google.com/endpoint-verification/docs/collect-config-attributes): - file, folder, and binary attributes; registry entries; and - properties in a plist. - type: object - additionalProperties: - type: any - description: Properties of the object. - GoogleAppsCloudidentityDevicesV1CertificateAttributes: - id: GoogleAppsCloudidentityDevicesV1CertificateAttributes - description: Stores information about a certificate. + Shall be of the form + `customers/{customer}/userinvitations/{user_email_address}`. + id: UserInvitation + description: >- + The `UserInvitation` resource represents an email that can be sent to an + unmanaged user account inviting them to join the customer's Google + Workspace or Cloud Identity account. An unmanaged account shares an + email address domain with the Google Workspace or Cloud Identity account + but is not managed by it yet. If the user accepts the `UserInvitation`, + the user account will become managed. + ExpiryDetail: + description: The `MembershipRole` expiry details. + id: ExpiryDetail type: object properties: - fingerprint: - description: The encoded certificate fingerprint. - type: string - thumbprint: - description: The certificate thumbprint. - type: string - validationState: - description: Output only. Validation state of this certificate. - readOnly: true - type: string - enumDescriptions: - - Default value. - - Certificate validation was successful. - - Certificate validation failed. - enum: - - CERTIFICATE_VALIDATION_STATE_UNSPECIFIED - - VALIDATION_SUCCESSFUL - - VALIDATION_FAILED - serialNumber: - description: 'Serial number of the certificate, Example: "123456789".' - type: string - validityStartTime: - description: Certificate not valid before this timestamp. - type: string - format: google-datetime - validityExpirationTime: - description: Certificate not valid at or after this timestamp. + expireTime: + description: The time at which the `MembershipRole` will expire. type: string format: google-datetime - issuer: - description: The name of the issuer of this certificate. - type: string - subject: - description: The subject name of this certificate. - type: string - certificateTemplate: - description: The X.509 extension for CertificateTemplate. - $ref: >- - #/components/schemas/GoogleAppsCloudidentityDevicesV1CertificateTemplate - GoogleAppsCloudidentityDevicesV1CertificateTemplate: - id: GoogleAppsCloudidentityDevicesV1CertificateTemplate - description: CertificateTemplate (v3 Extension in X.509). - type: object + SearchTransitiveMembershipsResponse: properties: - id: + memberships: + type: array + items: + $ref: '#/components/schemas/MemberRelation' + description: List of transitive members satisfying the query. + nextPageToken: description: >- - The template id of the template. Example: - "1.3.6.1.4.1.311.21.8.15608621.11768144.5720724.16068415.6889630.81.2472537.7784047". + Token to retrieve the next page of results, or empty if there are no + more results. type: string - majorVersion: - description: 'The Major version of the template. Example: 100.' - type: integer - format: int32 - minorVersion: - description: 'The minor version of the template. Example: 12.' - type: integer - format: int32 + id: SearchTransitiveMembershipsResponse + type: object + description: The response message for MembershipsService.SearchTransitiveMemberships. GoogleAppsCloudidentityDevicesV1BrowserAttributes: id: GoogleAppsCloudidentityDevicesV1BrowserAttributes - description: >- - Contains information about browser profiles reported by the [Endpoint - Verification - extension](https://chromewebstore.google.com/detail/endpoint-verification/callobklhcbilhphinckomhgkigmfocg?pli=1). - type: object properties: lastProfileSyncTime: + type: string + format: google-datetime description: >- Timestamp in milliseconds since the Unix epoch when the profile/gcm id was last synced. - type: string - format: google-datetime chromeBrowserInfo: + $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1BrowserInfo' description: >- Represents the current state of the [Chrome browser attributes](https://cloud.google.com/access-context-manager/docs/browser-attributes) sent by the [Endpoint Verification extension](https://chromewebstore.google.com/detail/endpoint-verification/callobklhcbilhphinckomhgkigmfocg?pli=1). - $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1BrowserInfo' chromeProfileId: + type: string description: >- Chrome profile ID that is exposed by the Chrome API. It is unique for each device. - type: string - GoogleAppsCloudidentityDevicesV1BrowserInfo: - id: GoogleAppsCloudidentityDevicesV1BrowserInfo description: >- - Browser-specific fields reported by the [Endpoint Verification + Contains information about browser profiles reported by the [Endpoint + Verification extension](https://chromewebstore.google.com/detail/endpoint-verification/callobklhcbilhphinckomhgkigmfocg?pli=1). type: object + AddIdpCredentialRequest: + id: AddIdpCredentialRequest + description: >- + The request for creating an IdpCredential with its associated payload. + An InboundSamlSsoProfile can own up to 2 credentials. properties: - browserVersion: - description: Version of the request initiating browser. E.g. `91.0.4442.4`. + pemData: + description: >- + PEM encoded x509 certificate containing the public key for verifying + IdP signatures. type: string - browserManagementState: - description: Output only. Browser's management state. - readOnly: true + type: object + Setting: + id: Setting + properties: + type: + description: Required. Immutable. The type of the Setting. . type: string - enumDescriptions: - - Management state is not specified. - - Browser/Profile is not managed by any customer. - - Browser/Profile is managed, but by some other customer. - - Profile is managed by customer. - - Browser is managed by customer. - enum: - - UNSPECIFIED - - UNMANAGED - - MANAGED_BY_OTHER_DOMAIN - - PROFILE_MANAGED - - BROWSER_MANAGED - isFileUploadAnalysisEnabled: - description: >- - Current state of [file upload - analysis](https://chromeenterprise.google/policies/#OnFileAttachedEnterpriseConnector). - Set to true if provider list from Chrome is non-empty. - type: boolean - isFileDownloadAnalysisEnabled: + value: + type: object + additionalProperties: + type: any + description: Properties of the object. + description: Required. The value of the Setting. + description: Setting + type: object + RsaPublicKeyInfo: + id: RsaPublicKeyInfo + description: Information of a RSA public key. + properties: + keySize: + description: Key size in bits (size of the modulus). + type: integer + format: int32 + type: object + ListPoliciesResponse: + type: object + properties: + policies: + items: + $ref: '#/components/schemas/Policy' + description: The results + type: array + nextPageToken: description: >- - Current state of [file download - analysis](https://chromeenterprise.google/policies/#OnFileDownloadedEnterpriseConnector). - Set to true if provider list from Chrome is non-empty. - type: boolean - isBulkDataEntryAnalysisEnabled: - description: >- - Current state of [bulk data - analysis](https://chromeenterprise.google/policies/#OnBulkDataEntryEnterpriseConnector). - Set to true if provider list from Chrome is non-empty. - type: boolean - isSecurityEventAnalysisEnabled: - description: >- - Current state of [security event - analysis](https://chromeenterprise.google/policies/#OnSecurityEventEnterpriseConnector). - Set to true if provider list from Chrome is non-empty. - type: boolean - isRealtimeUrlCheckEnabled: - description: >- - Current state of [real-time URL - check](https://chromeenterprise.google/policies/#EnterpriseRealTimeUrlCheckMode). - Set to true if provider list from Chrome is non-empty. - type: boolean - safeBrowsingProtectionLevel: - description: >- - Current state of [Safe Browsing protection - level](https://chromeenterprise.google/policies/#SafeBrowsingProtectionLevel). + The pagination token to retrieve the next page of results. If this + field is empty, there are no subsequent pages. type: string - enumDescriptions: - - Browser protection level is not specified. - - >- - No protection against dangerous websites, downloads, and - extensions. - - >- - Standard protection against websites, downloads, and extensions - that are known to be dangerous. - - >- - Faster, proactive protection against dangerous websites, - downloads, and extensions. - enum: - - SAFE_BROWSING_LEVEL_UNSPECIFIED - - DISABLED - - STANDARD - - ENHANCED - isSiteIsolationEnabled: - description: >- - Current state of [site - isolation](https://chromeenterprise.google/policies/?policy=IsolateOrigins). - type: boolean - isBuiltInDnsClientEnabled: - description: >- - Current state of [built-in DNS - client](https://chromeenterprise.google/policies/#BuiltInDnsClientEnabled). - type: boolean - passwordProtectionWarningTrigger: + description: The response message for PoliciesService.ListPolicies. + id: ListPoliciesResponse + GoogleAppsCloudidentityDevicesV1BlockDeviceUserRequest: + properties: + customer: description: >- - Current state of [password protection - trigger](https://chromeenterprise.google/policies/#PasswordProtectionWarningTrigger). + Optional. [Resource + name](https://cloud.google.com/apis/design/resource_names) of the + customer. If you're using this API for your own organization, use + `customers/my_customer` If you're using this API to manage another + organization, use `customers/{customer}`, where customer is the + customer to whom the device belongs. type: string - enumDescriptions: - - Password protection is not specified. - - Password reuse is never detected. - - >- - Warning is shown when the user reuses their protected password on - a non-allowed site. - - >- - Warning is shown when the user reuses their protected password on - a phishing site. - enum: - - PASSWORD_PROTECTION_TRIGGER_UNSPECIFIED - - PROTECTION_OFF - - PASSWORD_REUSE - - PHISHING_REUSE - isChromeRemoteDesktopAppBlocked: - description: >- - Current state of [Chrome Remote Desktop - app](https://chromeenterprise.google/policies/#URLBlocklist). - type: boolean - isChromeCleanupEnabled: - description: >- - Current state of [Chrome - Cleanup](https://chromeenterprise.google/policies/#ChromeCleanupEnabled). - type: boolean - isThirdPartyBlockingEnabled: - description: >- - Current state of [third-party - blocking](https://chromeenterprise.google/policies/#ThirdPartyBlockingEnabled). - type: boolean - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. type: object + id: GoogleAppsCloudidentityDevicesV1BlockDeviceUserRequest + description: Request message for blocking account on device. + GoogleAppsCloudidentityDevicesV1DeleteDeviceUserMetadata: + properties: {} + description: Metadata for DeleteDeviceUser LRO. + type: object + id: GoogleAppsCloudidentityDevicesV1DeleteDeviceUserMetadata + GoogleAppsCloudidentityDevicesV1WipeDeviceResponse: + type: object + description: Response message for wiping all data on the device. properties: - name: + device: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + Resultant Device object for the action. Note that asset tags will + not be returned in the device object. + $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1Device' + id: GoogleAppsCloudidentityDevicesV1WipeDeviceResponse + EntityKey: + id: EntityKey + properties: + namespace: type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + The namespace in which the entity exists. If not specified, the + `EntityKey` represents a Google-managed entity such as a Google user + or a Google Group. If specified, the `EntityKey` represents an + external-identity-mapped group. The namespace must correspond to an + identity source created in Admin Console and must be in the form of + `identitysources/{identity_source}`. + id: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status + The ID of the entity. For Google-managed entities, the `id` should + be the email address of an existing group or user. Email addresses + need to adhere to [name guidelines for users and + groups](https://support.google.com/a/answer/9193374). For + external-identity-mapped entities, the `id` must be a string + conforming to the Identity Source's requirements. Must be unique + within a `namespace`. + type: string description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + A unique identifier for an entity in the Cloud Identity Groups API. An + entity can represent either a group with an optional `namespace` or a + user without a `namespace`. The combination of `id` and `namespace` must + be unique; however, the same `id` can be used with different + `namespace`s. + type: object + CreateInboundSamlSsoProfileOperationMetadata: type: object properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + state: type: string - details: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleAppsCloudidentityDevicesV1ListDevicesResponse: - id: GoogleAppsCloudidentityDevicesV1ListDevicesResponse - description: Response message that is returned from the ListDevices method. + State of this Operation Will be "awaiting-multi-party-approval" when + the operation is deferred due to the target customer having enabled + [Multi-party approval for sensitive + actions](https://support.google.com/a/answer/13790448). + id: CreateInboundSamlSsoProfileOperationMetadata + description: >- + LRO response metadata for + InboundSamlSsoProfilesService.CreateInboundSamlSsoProfile. + GoogleAppsCloudidentityDevicesV1LookupSelfDeviceUsersResponse: type: object properties: - devices: - description: Devices meeting the list restrictions. - type: array - items: - $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1Device' + customer: + description: >- + The customer resource name that may be passed back to other Devices + API methods such as List, Get, etc. + type: string nextPageToken: description: >- Token to retrieve the next page of results. Empty if there are no more results. type: string - GoogleAppsCloudidentityDevicesV1WipeDeviceRequest: - id: GoogleAppsCloudidentityDevicesV1WipeDeviceRequest - description: Request message for wiping all data on the device. + names: + description: >- + [Resource + names](https://cloud.google.com/apis/design/resource_names) of the + DeviceUsers in the format: + `devices/{device}/deviceUsers/{user_resource}`, where device is the + unique ID assigned to a Device and user_resource is the unique user + ID + items: + type: string + type: array + description: >- + Response containing resource names of the DeviceUsers associated with + the caller's credentials. + id: GoogleAppsCloudidentityDevicesV1LookupSelfDeviceUsersResponse + LookupGroupNameResponse: type: object + description: The response message for GroupsService.LookupGroupName. + id: LookupGroupNameResponse properties: - customer: + name: description: >- - Optional. [Resource + The [resource name](https://cloud.google.com/apis/design/resource_names) of the - customer. If you're using this API for your own organization, use - `customers/my_customer` If you're using this API to manage another - organization, use `customers/{customer}`, where customer is the - customer to whom the device belongs. + looked-up `Group`. type: string - removeResetLock: - description: >- - Optional. Specifies if a user is able to factory reset a device - after a Device Wipe. On iOS, this is called "Activation Lock", while - on Android, this is known as "Factory Reset Protection". If true, - this protection will be removed from the device, so that a user can - successfully factory reset. If false, the setting is untouched on - the device. - type: boolean - GoogleAppsCloudidentityDevicesV1CancelWipeDeviceRequest: - id: GoogleAppsCloudidentityDevicesV1CancelWipeDeviceRequest - description: Request message for cancelling an unfinished device wipe. + UpdateInboundSsoAssignmentOperationMetadata: + properties: {} + description: >- + LRO response metadata for + InboundSsoAssignmentsService.UpdateInboundSsoAssignment. + type: object + id: UpdateInboundSsoAssignmentOperationMetadata + GroupRelation: + description: Message representing a transitive group of a user or a group. type: object properties: - customer: + group: + description: Resource name for this group. + type: string + roles: + description: Membership roles of the member for the group. + items: + $ref: '#/components/schemas/TransitiveMembershipRole' + type: array + labels: + description: Labels for Group resource. + additionalProperties: + type: string + type: object + groupKey: description: >- - Optional. [Resource - name](https://cloud.google.com/apis/design/resource_names) of the - customer. If you're using this API for your own organization, use - `customers/my_customer` If you're using this API to manage another - organization, use `customers/{customer}`, where customer is the - customer to whom the device belongs. + Entity key has an id and a namespace. In case of discussion forums, + the id will be an email address without a namespace. + $ref: '#/components/schemas/EntityKey' + relationType: + enumDescriptions: + - The relation type is undefined or undetermined. + - The two entities have only a direct membership with each other. + - The two entities have only an indirect membership with each other. + - >- + The two entities have both a direct and an indirect membership + with each other. + description: The relation between the member and the transitive group. type: string - GoogleAppsCloudidentityDevicesV1DeviceUser: - id: GoogleAppsCloudidentityDevicesV1DeviceUser - description: >- - Represents a user's use of a Device in the Cloud Identity Devices API. A - DeviceUser is a resource representing a user's use of a Device + enum: + - RELATION_TYPE_UNSPECIFIED + - DIRECT + - INDIRECT + - DIRECT_AND_INDIRECT + displayName: + type: string + description: Display name for this group. + id: GroupRelation + GoogleAppsCloudidentityDevicesV1ListEndpointAppsMetadata: + description: Metadata for ListEndpointApps LRO. + properties: {} type: object + id: GoogleAppsCloudidentityDevicesV1ListEndpointAppsMetadata + GoogleAppsCloudidentityDevicesV1ClientState: properties: - name: - description: >- - Output only. [Resource - name](https://cloud.google.com/apis/design/resource_names) of the - DeviceUser in format: `devices/{device}/deviceUsers/{device_user}`, - where `device_user` uniquely identifies a user's use of a device. + createTime: + format: google-datetime + description: Output only. The time the client state data was created. readOnly: true type: string - userEmail: - description: Email address of the user registered on the device. + scoreReason: + description: A descriptive cause of the health score. type: string - managementState: - description: Output only. Management state of the user on the device. + lastUpdateTime: + type: string + format: google-datetime readOnly: true + description: Output only. The time the client state data was last updated. + etag: + type: string + description: >- + The token that needs to be passed back for concurrency control in + updates. Token needs to be passed back in UpdateRequest + managed: type: string + description: The management state of the resource as specified by the API client. enumDescriptions: - - Default value. This value is unused. - - This user's data and profile is being removed from the device. - - This user's data and profile is removed from the device. - - User is approved to access data on the device. - - User is blocked from accessing data on the device. - - User is awaiting approval. - - >- - User is unenrolled from Advanced Windows Management, but the - Windows account is still intact. + - The management state of the resource is unknown or unspecified. + - The resource is managed. + - The resource is not managed. enum: - - MANAGEMENT_STATE_UNSPECIFIED - - WIPING - - WIPED - - APPROVED - - BLOCKED - - PENDING_APPROVAL - - UNENROLLED - firstSyncTime: + - MANAGED_STATE_UNSPECIFIED + - MANAGED + - UNMANAGED + name: description: >- - Output only. Most recent time when user registered with this - service. - readOnly: true + Output only. [Resource + name](https://cloud.google.com/apis/design/resource_names) of the + ClientState in format: + `devices/{device}/deviceUsers/{device_user}/clientState/{partner}`, + where partner corresponds to the partner storing the data. For + partners belonging to the "BeyondCorp Alliance", this is the partner + ID specified to you by Google. For all other callers, this is a + string of the form: `{customer}-suffix`, where `customer` is your + customer ID. The *suffix* is any string the caller specifies. This + string will be displayed verbatim in the administration console. + This suffix is used in setting up Custom Access Levels in + Context-Aware Access. Your organization's customer ID can be + obtained from the URL: `GET + https://www.googleapis.com/admin/directory/v1/customers/my_customer` + The `id` field in the response contains the customer ID starting + with the letter 'C'. The customer ID to be used in this API is the + string after the letter 'C' (not including 'C') type: string - format: google-datetime - lastSyncTime: - description: Output only. Last time when user synced with policies. readOnly: true + assetTags: + items: + type: string + type: array + description: The caller can specify asset tags for this resource + customId: + description: >- + This field may be used to store a unique identifier for the API + resource within which these CustomAttributes are a field. type: string - format: google-datetime - userAgent: - description: Output only. User agent on the device for this specific user - readOnly: true + complianceState: + description: The compliance state of the resource as specified by the API client. + enum: + - COMPLIANCE_STATE_UNSPECIFIED + - COMPLIANT + - NON_COMPLIANT type: string - languageCode: - description: Output only. Default locale used on device, in IETF BCP-47 format. + enumDescriptions: + - The compliance state of the resource is unknown or unspecified. + - Device is compliant with third party policies + - Device is not compliant with third party policies + keyValuePairs: + additionalProperties: + $ref: >- + #/components/schemas/GoogleAppsCloudidentityDevicesV1CustomAttributeValue + description: >- + The map of key-value attributes stored by callers specific to a + device. The total serialized length of this map may not exceed 10KB. + No limit is placed on the number of attributes in a map. + type: object + ownerType: readOnly: true type: string - compromisedState: - description: Compromised State of the DeviceUser object - type: string enumDescriptions: - - >- - Compromised state of Device User account is unknown or - unspecified. - - Device User Account is compromised. - - Device User Account is not compromised. + - Unknown owner type + - Customer is the owner + - Partner is the owner + description: Output only. The owner of the ClientState enum: - - COMPROMISED_STATE_UNSPECIFIED - - COMPROMISED - - NOT_COMPROMISED - passwordState: - description: Password state of the DeviceUser object - type: string + - OWNER_TYPE_UNSPECIFIED + - OWNER_TYPE_CUSTOMER + - OWNER_TYPE_PARTNER + healthScore: + description: >- + The Health score of the resource. The Health score is the callers + specification of the condition of the device from a usability point + of view. For example, a third-party device management provider may + specify a health score based on its compliance with organizational + policies. enumDescriptions: - - Password state not set. - - Password set in object. - - Password not set in object. - enum: - - PASSWORD_STATE_UNSPECIFIED - - PASSWORD_SET - - PASSWORD_NOT_SET - createTime: - description: When the user first signed in to the device + - Default value + - The object is in very poor health as defined by the caller. + - The object is in poor health as defined by the caller. + - >- + The object health is neither good nor poor, as defined by the + caller. + - The object is in good health as defined by the caller. + - The object is in very good health as defined by the caller. type: string - format: google-datetime - GoogleAppsCloudidentityDevicesV1ListDeviceUsersResponse: - id: GoogleAppsCloudidentityDevicesV1ListDeviceUsersResponse - description: Response message that is returned from the ListDeviceUsers method. + enum: + - HEALTH_SCORE_UNSPECIFIED + - VERY_POOR + - POOR + - NEUTRAL + - GOOD + - VERY_GOOD type: object - properties: - deviceUsers: - description: Devices meeting the list restrictions. - type: array - items: - $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1DeviceUser' - nextPageToken: - description: >- - Token to retrieve the next page of results. Empty if there are no - more results. - type: string - GoogleAppsCloudidentityDevicesV1LookupSelfDeviceUsersResponse: - id: GoogleAppsCloudidentityDevicesV1LookupSelfDeviceUsersResponse description: >- - Response containing resource names of the DeviceUsers associated with - the caller's credentials. + Represents the state associated with an API client calling the Devices + API. Resource representing ClientState and supports updates from API + users + id: GoogleAppsCloudidentityDevicesV1ClientState + GoogleAppsCloudidentityDevicesV1CancelWipeDeviceMetadata: + properties: {} + id: GoogleAppsCloudidentityDevicesV1CancelWipeDeviceMetadata + type: object + description: Metadata for CancelWipeDevice LRO. + UpdateInboundOidcSsoProfileOperationMetadata: + id: UpdateInboundOidcSsoProfileOperationMetadata type: object + description: >- + LRO response metadata for + InboundOidcSsoProfilesService.UpdateInboundOidcSsoProfile. properties: - names: - description: >- - [Resource - names](https://cloud.google.com/apis/design/resource_names) of the - DeviceUsers in the format: - `devices/{device}/deviceUsers/{user_resource}`, where device is the - unique ID assigned to a Device and user_resource is the unique user - ID - type: array - items: - type: string - customer: + state: description: >- - The customer resource name that may be passed back to other Devices - API methods such as List, Get, etc. + State of this Operation Will be "awaiting-multi-party-approval" when + the operation is deferred due to the target customer having enabled + [Multi-party approval for sensitive + actions](https://support.google.com/a/answer/13790448). type: string + GoogleAppsCloudidentityDevicesV1ApproveDeviceUserResponse: + description: Response message for approving the device to access user data. + properties: + deviceUser: + description: Resultant DeviceUser object for the action. + $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1DeviceUser' + type: object + id: GoogleAppsCloudidentityDevicesV1ApproveDeviceUserResponse + ListInboundOidcSsoProfilesResponse: + properties: + inboundOidcSsoProfiles: + description: List of InboundOidcSsoProfiles. + items: + $ref: '#/components/schemas/InboundOidcSsoProfile' + type: array nextPageToken: - description: >- - Token to retrieve the next page of results. Empty if there are no - more results. type: string - GoogleAppsCloudidentityDevicesV1ApproveDeviceUserRequest: - id: GoogleAppsCloudidentityDevicesV1ApproveDeviceUserRequest - description: Request message for approving the device to access user data. + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: object + id: ListInboundOidcSsoProfilesResponse + description: >- + Response of the InboundOidcSsoProfilesService.ListInboundOidcSsoProfiles + method. + CheckTransitiveMembershipResponse: + id: CheckTransitiveMembershipResponse + description: The response message for MembershipsService.CheckTransitiveMembership. type: object properties: - customer: + hasMembership: description: >- - Optional. [Resource - name](https://cloud.google.com/apis/design/resource_names) of the - customer. If you're using this API for your own organization, use - `customers/my_customer` If you're using this API to manage another - organization, use `customers/{customer}`, where customer is the - customer to whom the device belongs. + Response does not include the possible roles of a member since the + behavior of this rpc is not all-or-nothing unlike the other rpcs. + So, it may not be possible to list all the roles definitively, due + to possible lack of authorization in some of the paths. + type: boolean + GoogleAppsCloudidentityDevicesV1CustomAttributeValue: + description: Additional custom attribute values may be one of these types + id: GoogleAppsCloudidentityDevicesV1CustomAttributeValue + properties: + numberValue: + type: number + format: double + description: Represents a double value. + stringValue: + description: Represents a string value. type: string - GoogleAppsCloudidentityDevicesV1BlockDeviceUserRequest: - id: GoogleAppsCloudidentityDevicesV1BlockDeviceUserRequest - description: Request message for blocking account on device. + boolValue: + description: Represents a boolean value. + type: boolean + type: object + GoogleAppsCloudidentityDevicesV1CancelWipeDeviceUserRequest: + description: Request message for cancelling an unfinished user account wipe. + id: GoogleAppsCloudidentityDevicesV1CancelWipeDeviceUserRequest type: object properties: customer: + type: string description: >- Optional. [Resource name](https://cloud.google.com/apis/design/resource_names) of the @@ -863,325 +890,355 @@ components: `customers/my_customer` If you're using this API to manage another organization, use `customers/{customer}`, where customer is the customer to whom the device belongs. - type: string - GoogleAppsCloudidentityDevicesV1WipeDeviceUserRequest: - id: GoogleAppsCloudidentityDevicesV1WipeDeviceUserRequest - description: Request message for starting an account wipe on device. + DeleteInboundOidcSsoProfileOperationMetadata: + id: DeleteInboundOidcSsoProfileOperationMetadata + type: object + description: >- + LRO response metadata for + InboundOidcSsoProfilesService.DeleteInboundOidcSsoProfile. + properties: {} + GoogleAppsCloudidentityDevicesV1DeleteDeviceMetadata: + type: object + properties: {} + id: GoogleAppsCloudidentityDevicesV1DeleteDeviceMetadata + description: Metadata for DeleteDevice LRO. + GoogleAppsCloudidentityDevicesV1ListDeviceUsersResponse: type: object + id: GoogleAppsCloudidentityDevicesV1ListDeviceUsersResponse properties: - customer: + nextPageToken: description: >- - Optional. [Resource - name](https://cloud.google.com/apis/design/resource_names) of the - customer. If you're using this API for your own organization, use - `customers/my_customer` If you're using this API to manage another - organization, use `customers/{customer}`, where customer is the - customer to whom the device belongs. + Token to retrieve the next page of results. Empty if there are no + more results. type: string - GoogleAppsCloudidentityDevicesV1CancelWipeDeviceUserRequest: - id: GoogleAppsCloudidentityDevicesV1CancelWipeDeviceUserRequest - description: Request message for cancelling an unfinished user account wipe. + deviceUsers: + items: + $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1DeviceUser' + type: array + description: Devices meeting the list restrictions. + description: Response message that is returned from the ListDeviceUsers method. + GoogleAppsCloudidentityDevicesV1ListDevicesResponse: + description: Response message that is returned from the ListDevices method. type: object properties: - customer: + nextPageToken: description: >- - Optional. [Resource - name](https://cloud.google.com/apis/design/resource_names) of the - customer. If you're using this API for your own organization, use - `customers/my_customer` If you're using this API to manage another - organization, use `customers/{customer}`, where customer is the - customer to whom the device belongs. + Token to retrieve the next page of results. Empty if there are no + more results. type: string - GoogleAppsCloudidentityDevicesV1ClientState: - id: GoogleAppsCloudidentityDevicesV1ClientState + devices: + description: Devices meeting the list restrictions. + type: array + items: + $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1Device' + id: GoogleAppsCloudidentityDevicesV1ListDevicesResponse + GoogleAppsCloudidentityDevicesV1BlockDeviceUserResponse: + type: object + properties: + deviceUser: + $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1DeviceUser' + description: Resultant DeviceUser object for the action. + id: GoogleAppsCloudidentityDevicesV1BlockDeviceUserResponse + description: Response message for blocking the device from accessing user data. + CreateInboundSsoAssignmentOperationMetadata: + id: CreateInboundSsoAssignmentOperationMetadata description: >- - Represents the state associated with an API client calling the Devices - API. Resource representing ClientState and supports updates from API - users + LRO response metadata for + InboundSsoAssignmentsService.CreateInboundSsoAssignment. + properties: {} type: object + UpdateInboundSamlSsoProfileOperationMetadata: properties: - name: + state: + type: string description: >- - Output only. [Resource - name](https://cloud.google.com/apis/design/resource_names) of the - ClientState in format: - `devices/{device}/deviceUsers/{device_user}/clientState/{partner}`, - where partner corresponds to the partner storing the data. For - partners belonging to the "BeyondCorp Alliance", this is the partner - ID specified to you by Google. For all other callers, this is a - string of the form: `{customer}-suffix`, where `customer` is your - customer ID. The *suffix* is any string the caller specifies. This - string will be displayed verbatim in the administration console. - This suffix is used in setting up Custom Access Levels in - Context-Aware Access. Your organization's customer ID can be - obtained from the URL: `GET - https://www.googleapis.com/admin/directory/v1/customers/my_customer` - The `id` field in the response contains the customer ID starting - with the letter 'C'. The customer ID to be used in this API is the - string after the letter 'C' (not including 'C') - readOnly: true + State of this Operation Will be "awaiting-multi-party-approval" when + the operation is deferred due to the target customer having enabled + [Multi-party approval for sensitive + actions](https://support.google.com/a/answer/13790448). + description: >- + LRO response metadata for + InboundSamlSsoProfilesService.UpdateInboundSamlSsoProfile. + type: object + id: UpdateInboundSamlSsoProfileOperationMetadata + SamlSsoInfo: + type: object + properties: + inboundSamlSsoProfile: + description: >- + Required. Name of the `InboundSamlSsoProfile` to use. Must be of the + form `inboundSamlSsoProfiles/{inbound_saml_sso_profile}`. type: string - createTime: - description: Output only. The time the client state data was created. - readOnly: true + id: SamlSsoInfo + description: Details that are applicable when `sso_mode` == `SAML_SSO`. + Policy: + properties: + setting: + $ref: '#/components/schemas/Setting' + description: Required. The Setting configured by this Policy. + type: + enum: + - POLICY_TYPE_UNSPECIFIED + - SYSTEM + - ADMIN type: string - format: google-datetime - lastUpdateTime: - description: Output only. The time the client state data was last updated. + description: Output only. The type of the policy. + enumDescriptions: + - Unspecified policy type. + - Policy type denoting the system-configured policies. + - Policy type denoting the admin-configurable policies. readOnly: true - type: string - format: google-datetime - etag: + policyQuery: + $ref: '#/components/schemas/PolicyQuery' + description: Required. The PolicyQuery the Setting applies to. + customer: description: >- - The token that needs to be passed back for concurrency control in - updates. Token needs to be passed back in UpdateRequest + Immutable. Customer that the Policy belongs to. The value is in the + format 'customers/{customerId}'. The `customerId` must begin with + "C" To find your customer ID in Admin Console see + https://support.google.com/a/answer/10070793. type: string - customId: + name: description: >- - This field may be used to store a unique identifier for the API - resource within which these CustomAttributes are a field. + Output only. Identifier. The [resource + name](https://cloud.google.com/apis/design/resource_names) of the + Policy. Format: policies/{policy}. + readOnly: true type: string - assetTags: - description: The caller can specify asset tags for this resource - type: array - items: - type: string - healthScore: + type: object + id: Policy + description: >- + A Policy resource binds an instance of a single Setting with the scope + of a PolicyQuery. The Setting instance will be applied to all entities + that satisfy the query. + GoogleAppsCloudidentityDevicesV1BrowserInfo: + type: object + id: GoogleAppsCloudidentityDevicesV1BrowserInfo + properties: + isChromeCleanupEnabled: description: >- - The Health score of the resource. The Health score is the callers - specification of the condition of the device from a usability point - of view. For example, a third-party device management provider may - specify a health score based on its compliance with organizational - policies. + Current state of [Chrome + Cleanup](https://chromeenterprise.google/policies/#ChromeCleanupEnabled). + type: boolean + isSecurityEventAnalysisEnabled: + type: boolean + description: >- + Current state of [security event + analysis](https://chromeenterprise.google/policies/#OnSecurityEventEnterpriseConnector). + Set to true if provider list from Chrome is non-empty. + isBuiltInDnsClientEnabled: + description: >- + Current state of [built-in DNS + client](https://chromeenterprise.google/policies/#BuiltInDnsClientEnabled). + type: boolean + isSiteIsolationEnabled: + type: boolean + description: >- + Current state of [site + isolation](https://chromeenterprise.google/policies/?policy=IsolateOrigins). + isBulkDataEntryAnalysisEnabled: + description: >- + Current state of [bulk data + analysis](https://chromeenterprise.google/policies/#OnBulkDataEntryEnterpriseConnector). + Set to true if provider list from Chrome is non-empty. + type: boolean + isThirdPartyBlockingEnabled: + description: >- + Current state of [third-party + blocking](https://chromeenterprise.google/policies/#ThirdPartyBlockingEnabled). + type: boolean + browserVersion: + description: Version of the request initiating browser. E.g. `91.0.4442.4`. + type: string + passwordProtectionWarningTrigger: type: string enumDescriptions: - - Default value - - The object is in very poor health as defined by the caller. - - The object is in poor health as defined by the caller. + - Password protection is not specified. + - Password reuse is never detected. - >- - The object health is neither good nor poor, as defined by the - caller. - - The object is in good health as defined by the caller. - - The object is in very good health as defined by the caller. + Warning is shown when the user reuses their protected password on + a non-allowed site. + - >- + Warning is shown when the user reuses their protected password on + a phishing site. + description: >- + Current state of [password protection + trigger](https://chromeenterprise.google/policies/#PasswordProtectionWarningTrigger). enum: - - HEALTH_SCORE_UNSPECIFIED - - VERY_POOR - - POOR - - NEUTRAL - - GOOD - - VERY_GOOD - scoreReason: - description: A descriptive cause of the health score. - type: string - managed: - description: The management state of the resource as specified by the API client. - type: string + - PASSWORD_PROTECTION_TRIGGER_UNSPECIFIED + - PROTECTION_OFF + - PASSWORD_REUSE + - PHISHING_REUSE + isFileUploadAnalysisEnabled: + type: boolean + description: >- + Current state of [file upload + analysis](https://chromeenterprise.google/policies/#OnFileAttachedEnterpriseConnector). + Set to true if provider list from Chrome is non-empty. + isChromeRemoteDesktopAppBlocked: + description: >- + Current state of [Chrome Remote Desktop + app](https://chromeenterprise.google/policies/#URLBlocklist). + type: boolean + isFileDownloadAnalysisEnabled: + type: boolean + description: >- + Current state of [file download + analysis](https://chromeenterprise.google/policies/#OnFileDownloadedEnterpriseConnector). + Set to true if provider list from Chrome is non-empty. + isRealtimeUrlCheckEnabled: + description: >- + Current state of [real-time URL + check](https://chromeenterprise.google/policies/#EnterpriseRealTimeUrlCheckMode). + Set to true if provider list from Chrome is non-empty. + type: boolean + safeBrowsingProtectionLevel: + description: >- + Current state of [Safe Browsing protection + level](https://chromeenterprise.google/policies/#SafeBrowsingProtectionLevel). enumDescriptions: - - The management state of the resource is unknown or unspecified. - - The resource is managed. - - The resource is not managed. + - Browser protection level is not specified. + - >- + No protection against dangerous websites, downloads, and + extensions. + - >- + Standard protection against websites, downloads, and extensions + that are known to be dangerous. + - >- + Faster, proactive protection against dangerous websites, + downloads, and extensions. + type: string enum: - - MANAGED_STATE_UNSPECIFIED - - MANAGED + - SAFE_BROWSING_LEVEL_UNSPECIFIED + - DISABLED + - STANDARD + - ENHANCED + browserManagementState: + enum: + - UNSPECIFIED - UNMANAGED - complianceState: - description: The compliance state of the resource as specified by the API client. - type: string + - MANAGED_BY_OTHER_DOMAIN + - PROFILE_MANAGED + - BROWSER_MANAGED enumDescriptions: - - The compliance state of the resource is unknown or unspecified. - - Device is compliant with third party policies - - Device is not compliant with third party policies - enum: - - COMPLIANCE_STATE_UNSPECIFIED - - COMPLIANT - - NON_COMPLIANT - keyValuePairs: - description: >- - The map of key-value attributes stored by callers specific to a - device. The total serialized length of this map may not exceed 10KB. - No limit is placed on the number of attributes in a map. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleAppsCloudidentityDevicesV1CustomAttributeValue - ownerType: - description: Output only. The owner of the ClientState - readOnly: true + - Management state is not specified. + - Browser/Profile is not managed by any customer. + - Browser/Profile is managed, but by some other customer. + - Profile is managed by customer. + - Browser is managed by customer. + description: Output only. Browser's management state. type: string - enumDescriptions: - - Unknown owner type - - Customer is the owner - - Partner is the owner - enum: - - OWNER_TYPE_UNSPECIFIED - - OWNER_TYPE_CUSTOMER - - OWNER_TYPE_PARTNER - GoogleAppsCloudidentityDevicesV1CustomAttributeValue: - id: GoogleAppsCloudidentityDevicesV1CustomAttributeValue - description: Additional custom attribute values may be one of these types - type: object + readOnly: true + description: >- + Browser-specific fields reported by the [Endpoint Verification + extension](https://chromewebstore.google.com/detail/endpoint-verification/callobklhcbilhphinckomhgkigmfocg?pli=1). + Status: properties: - numberValue: - description: Represents a double value. - type: number - format: double - stringValue: - description: Represents a string value. + code: + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + details: + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + items: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + message: type: string - boolValue: - description: Represents a boolean value. - type: boolean + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + id: Status + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + type: object GoogleAppsCloudidentityDevicesV1ListClientStatesResponse: + type: object id: GoogleAppsCloudidentityDevicesV1ListClientStatesResponse description: Response message that is returned in ListClientStates. - type: object properties: - clientStates: - description: Client states meeting the list restrictions. - type: array - items: - $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1ClientState' nextPageToken: description: >- Token to retrieve the next page of results. Empty if there are no more results. type: string - Group: - id: Group - description: >- - A group within the Cloud Identity Groups API. A `Group` is a collection - of entities, where each entity is either a user, another group, or a - service account. + clientStates: + items: + $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1ClientState' + description: Client states meeting the list restrictions. + type: array + UpdateMembershipRolesParams: type: object + id: UpdateMembershipRolesParams + description: The details of an update to a `MembershipRole`. properties: - name: - description: >- - Output only. The [resource - name](https://cloud.google.com/apis/design/resource_names) of the - `Group`. Shall be of the form `groups/{group}`. - readOnly: true + fieldMask: type: string - groupKey: - description: Required. The `EntityKey` of the `Group`. - $ref: '#/components/schemas/EntityKey' - additionalGroupKeys: - description: Output only. Additional group keys associated with the Group. - readOnly: true - type: array - items: - $ref: '#/components/schemas/EntityKey' - parent: - description: >- - Required. Immutable. The resource name of the entity under which - this `Group` resides in the Cloud Identity resource hierarchy. Must - be of the form `identitysources/{identity_source}` for external - [identity-mapped - groups](https://support.google.com/a/answer/9039510) or - `customers/{customer_id}` for Google Groups. The `customer_id` must - begin with "C" (for example, 'C046psxkn'). [Find your customer ID.] - (https://support.google.com/cloudidentity/answer/10070793) - type: string - displayName: - description: The display name of the `Group`. - type: string - description: description: >- - An extended description to help users determine the purpose of a - `Group`. Must not be longer than 4,096 characters. - type: string - createTime: - description: Output only. The time when the `Group` was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time when the `Group` was last updated. - readOnly: true - type: string - format: google-datetime - labels: + The fully-qualified names of fields to update. May only contain the + field `expiry_detail.expire_time`. + format: google-fieldmask + membershipRole: description: >- - Required. One or more label entries that apply to the Group. Labels - contain a key with an empty value. Google Groups are the default - type of group and have a label with a key of - `cloudidentity.googleapis.com/groups.discussion_forum` and an empty - value. Existing Google Groups can have an additional label with a - key of `cloudidentity.googleapis.com/groups.security` and an empty - value added to them. **This is an immutable change and the security - label cannot be removed once added.** Dynamic groups have a label - with a key of `cloudidentity.googleapis.com/groups.dynamic`. - Identity-mapped groups for Cloud Search have a label with a key of - `system/groups/external` and an empty value. Google Groups can be - [locked](https://support.google.com/a?p=locked-groups). To lock a - group, add a label with a key of - `cloudidentity.googleapis.com/groups.locked` and an empty value. - Doing so locks the group. To unlock the group, remove this label. - type: object - additionalProperties: - type: string - dynamicGroupMetadata: - description: Optional. Dynamic group metadata like queries and status. - $ref: '#/components/schemas/DynamicGroupMetadata' - EntityKey: - id: EntityKey - description: >- - A unique identifier for an entity in the Cloud Identity Groups API. An - entity can represent either a group with an optional `namespace` or a - user without a `namespace`. The combination of `id` and `namespace` must - be unique; however, the same `id` can be used with different - `namespace`s. - type: object + The `MembershipRole`s to be updated. Only `MEMBER` `MembershipRole` + can currently be updated. + $ref: '#/components/schemas/MembershipRole' + SearchGroupsResponse: + id: SearchGroupsResponse + description: The response message for GroupsService.SearchGroups. properties: - id: - description: >- - The ID of the entity. For Google-managed entities, the `id` should - be the email address of an existing group or user. Email addresses - need to adhere to [name guidelines for users and - groups](https://support.google.com/a/answer/9193374). For - external-identity-mapped entities, the `id` must be a string - conforming to the Identity Source's requirements. Must be unique - within a `namespace`. + nextPageToken: type: string - namespace: description: >- - The namespace in which the entity exists. If not specified, the - `EntityKey` represents a Google-managed entity such as a Google user - or a Google Group. If specified, the `EntityKey` represents an - external-identity-mapped group. The namespace must correspond to an - identity source created in Admin Console and must be in the form of - `identitysources/{identity_source}`. - type: string - DynamicGroupMetadata: - id: DynamicGroupMetadata - description: Dynamic group metadata like queries and status. + A continuation token to retrieve the next page of results, or empty + if there are no more results available. + groups: + items: + $ref: '#/components/schemas/Group' + type: array + description: The `Group` resources that match the search query. + type: object + ListInboundSsoAssignmentsResponse: type: object properties: - queries: - description: >- - Memberships will be the union of all queries. Only one entry with - USER resource is currently supported. Customers can create up to 500 - dynamic groups. - type: array + inboundSsoAssignments: items: - $ref: '#/components/schemas/DynamicGroupQuery' - status: - description: Output only. Status of the dynamic group. - readOnly: true - $ref: '#/components/schemas/DynamicGroupStatus' + $ref: '#/components/schemas/InboundSsoAssignment' + description: The assignments. + type: array + nextPageToken: + type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + description: >- + Response of the InboundSsoAssignmentsService.ListInboundSsoAssignments + method. + id: ListInboundSsoAssignmentsResponse DynamicGroupQuery: id: DynamicGroupQuery - description: Defines a query on a resource. - type: object properties: resourceType: - description: Resource type for the Dynamic Group Query - type: string enumDescriptions: - Default value (not valid) - For queries on User + type: string enum: - RESOURCE_TYPE_UNSPECIFIED - USER + description: Resource type for the Dynamic Group Query query: description: >- Query that determines the memberships of the dynamic group. @@ -1194,224 +1251,161 @@ components: John Doe (case-insensitive queries add `equalsIgnoreCase()` to the value being queried). `user.name.value.equalsIgnoreCase('jOhn DoE')` type: string - DynamicGroupStatus: - id: DynamicGroupStatus - description: The current status of a dynamic group along with timestamp. + description: Defines a query on a resource. type: object - properties: - status: - description: Status of the dynamic group. - type: string - enumDescriptions: - - Default. - - The dynamic group is up-to-date. - - >- - The dynamic group has just been created and memberships are being - updated. - - >- - Group is in an unrecoverable state and its memberships can't be - updated. - enum: - - STATUS_UNSPECIFIED - - UP_TO_DATE - - UPDATING_MEMBERSHIPS - - INVALID_QUERY - statusTime: - description: >- - The latest time at which the dynamic group is guaranteed to be in - the given status. If status is `UP_TO_DATE`, the latest time at - which the dynamic group was confirmed to be up-to-date. If status is - `UPDATING_MEMBERSHIPS`, the time at which dynamic group was created. - type: string - format: google-datetime - SecuritySettings: - id: SecuritySettings - description: The definition of security settings. + GoogleAppsCloudidentityDevicesV1WipeDeviceMetadata: + properties: {} + description: Metadata for WipeDevice LRO. type: object + id: GoogleAppsCloudidentityDevicesV1WipeDeviceMetadata + GoogleAppsCloudidentityDevicesV1CancelWipeDeviceResponse: properties: - name: + device: + $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1Device' description: >- - Output only. The resource name of the security settings. Shall be of - the form `groups/{group_id}/securitySettings`. - readOnly: true - type: string - memberRestriction: - description: The Member Restriction value - $ref: '#/components/schemas/MemberRestriction' - MemberRestriction: - id: MemberRestriction - description: The definition of MemberRestriction + Resultant Device object for the action. Note that asset tags will + not be returned in the device object. + description: Response message for cancelling an unfinished device wipe. type: object + id: GoogleAppsCloudidentityDevicesV1CancelWipeDeviceResponse + MembershipAdjacencyList: properties: - query: + edges: + type: array + items: + $ref: '#/components/schemas/Membership' description: >- - Member Restriction as defined by CEL expression. Supported - restrictions are: `member.customer_id` and `member.type`. Valid - values for `member.type` are `1`, `2` and `3`. They correspond to - USER, SERVICE_ACCOUNT, and GROUP respectively. The value for - `member.customer_id` only supports `groupCustomerId()` currently - which means the customer id of the group will be used for - restriction. Supported operators are `&&`, `||` and `==`, - corresponding to AND, OR, and EQUAL. Examples: Allow only service - accounts of given customer to be members. `member.type == 2 && - member.customer_id == groupCustomerId()` Allow only users or groups - to be members. `member.type == 1 || member.type == 3` + Each edge contains information about the member that belongs to this + group. Note: Fields returned here will help identify the specific + Membership resource (e.g `name`, `preferred_member_key` and `role`), + but may not be a comprehensive list of all fields. + group: type: string - evaluation: - description: The evaluated state of this restriction on a group. - $ref: '#/components/schemas/RestrictionEvaluation' - RestrictionEvaluation: - id: RestrictionEvaluation - description: The evaluated state of this restriction. + description: Resource name of the group that the members belong to. + id: MembershipAdjacencyList + type: object + description: Membership graph's path information as an adjacency list. + GetMembershipGraphMetadata: + properties: {} type: object + description: >- + Metadata of GetMembershipGraphResponse LRO. This is currently empty to + permit future extensibility. + id: GetMembershipGraphMetadata + AddIdpCredentialOperationMetadata: properties: state: - description: Output only. The current state of the restriction - readOnly: true type: string - enumDescriptions: - - Default. Should not be used. - - The restriction state is currently being evaluated. - - All transitive memberships are adhering to restriction. - - >- - Some transitive memberships violate the restriction. No new - violating memberships can be added. - - >- - Some transitive memberships violate the restriction. New violating - direct memberships will be denied while indirect memberships may - be added. - enum: - - STATE_UNSPECIFIED - - EVALUATING - - COMPLIANT - - FORWARD_COMPLIANT - - NON_COMPLIANT - LookupGroupNameResponse: - id: LookupGroupNameResponse - description: The response message for GroupsService.LookupGroupName. - type: object - properties: - name: description: >- - The [resource - name](https://cloud.google.com/apis/design/resource_names) of the - looked-up `Group`. - type: string - SearchGroupsResponse: - id: SearchGroupsResponse - description: The response message for GroupsService.SearchGroups. + State of this Operation Will be "awaiting-multi-party-approval" when + the operation is deferred due to the target customer having enabled + [Multi-party approval for sensitive + actions](https://support.google.com/a/answer/13790448). + description: >- + LRO response metadata for + InboundSamlSsoProfilesService.AddIdpCredential. type: object - properties: - groups: - description: The `Group` resources that match the search query. - type: array - items: - $ref: '#/components/schemas/Group' - nextPageToken: - description: >- - A continuation token to retrieve the next page of results, or empty - if there are no more results available. - type: string - ListGroupsResponse: - id: ListGroupsResponse - description: Response message for ListGroups operation. + id: AddIdpCredentialOperationMetadata + LookupMembershipNameResponse: type: object + id: LookupMembershipNameResponse + description: The response message for MembershipsService.LookupMembershipName. properties: - groups: + name: + type: string description: >- - Groups returned in response to list request. The results are not - sorted. - type: array - items: - $ref: '#/components/schemas/Group' - nextPageToken: + The [resource + name](https://cloud.google.com/apis/design/resource_names) of the + looked-up `Membership`. Must be of the form + `groups/{group}/memberships/{membership}`. + GoogleAppsCloudidentityDevicesV1CertificateTemplate: + properties: + minorVersion: + format: int32 + description: 'The minor version of the template. Example: 12.' + type: integer + majorVersion: + type: integer + format: int32 + description: 'The Major version of the template. Example: 100.' + id: description: >- - Token to retrieve the next page of results, or empty if there are no - more results available for listing. + The template id of the template. Example: + "1.3.6.1.4.1.311.21.8.15608621.11768144.5720724.16068415.6889630.81.2472537.7784047". type: string - Membership: - id: Membership - description: >- - A membership within the Cloud Identity Groups API. A `Membership` - defines a relationship between a `Group` and an entity belonging to that - `Group`, referred to as a "member". + description: CertificateTemplate (v3 Extension in X.509). type: object + id: GoogleAppsCloudidentityDevicesV1CertificateTemplate + SamlSpConfig: + description: SAML SP (service provider) configuration. + id: SamlSpConfig properties: - name: - description: >- - Output only. The [resource - name](https://cloud.google.com/apis/design/resource_names) of the - `Membership`. Shall be of the form - `groups/{group}/memberships/{membership}`. - readOnly: true + assertionConsumerServiceUri: type: string - preferredMemberKey: - description: Required. Immutable. The `EntityKey` of the member. - $ref: '#/components/schemas/EntityKey' - createTime: - description: Output only. The time when the `Membership` was created. + description: >- + Output only. The SAML **Assertion Consumer Service (ACS) URL** to be + used for the IDP-initiated login. Assumed to accept response + messages via the `HTTP-POST` binding. readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time when the `Membership` was last updated. + entityId: readOnly: true type: string - format: google-datetime - roles: - description: >- - The `MembershipRole`s that apply to the `Membership`. If - unspecified, defaults to a single `MembershipRole` with `name` - `MEMBER`. Must not contain duplicate `MembershipRole`s with the same - `name`. + description: Output only. The SAML **Entity ID** for this service provider. + type: object + ModifyMembershipRolesResponse: + id: ModifyMembershipRolesResponse + description: The response message for MembershipsService.ModifyMembershipRoles. + type: object + properties: + membership: + description: The `Membership` resource after modifying its `MembershipRole`s. + $ref: '#/components/schemas/Membership' + GoogleAppsCloudidentityDevicesV1EndpointVerificationSpecificAttributes: + properties: + certificateAttributes: type: array + description: Details of certificates. items: - $ref: '#/components/schemas/MembershipRole' - type: - description: Output only. The type of the membership. - readOnly: true - type: string - enumDescriptions: - - Default. Should not be used. - - Represents user type. - - Represents service account type. - - Represents group type. - - Represents Shared drive. - - Represents a CBCM-managed Chrome Browser type. - - Represents other type. - enum: - - TYPE_UNSPECIFIED - - USER - - SERVICE_ACCOUNT - - GROUP - - SHARED_DRIVE - - CBCM_BROWSER - - OTHER - deliverySetting: - description: Output only. Delivery setting associated with the membership. - readOnly: true - type: string - enumDescriptions: - - Default. Should not be used. - - Represents each mail should be delivered - - Represents 1 email for every 25 messages. - - Represents daily summary of messages. - - Represents no delivery. - - Represents disabled state. - enum: - - DELIVERY_SETTING_UNSPECIFIED - - ALL_MAIL - - DIGEST - - DAILY - - NONE - - DISABLED + $ref: >- + #/components/schemas/GoogleAppsCloudidentityDevicesV1CertificateAttributes + additionalSignals: + type: object + description: >- + [Additional + signals](https://cloud.google.com/endpoint-verification/docs/device-information) + reported by Endpoint Verification. It includes the following + attributes: * Non-configurable attributes: hotfixes, av_installed, + av_enabled, windows_domain_name, is_os_native_firewall_enabled, and + is_secure_boot_enabled. * [Configurable + attributes](https://cloud.google.com/endpoint-verification/docs/collect-config-attributes): + file, folder, and binary attributes; registry entries; and + properties in a plist. + additionalProperties: + description: Properties of the object. + type: any + browserAttributes: + items: + $ref: >- + #/components/schemas/GoogleAppsCloudidentityDevicesV1BrowserAttributes + description: Details of browser profiles reported by Endpoint Verification. + type: array + type: object + id: GoogleAppsCloudidentityDevicesV1EndpointVerificationSpecificAttributes + description: >- + Resource representing the [Endpoint Verification-specific + attributes](https://cloud.google.com/endpoint-verification/docs/device-information) + of a device. MembershipRole: id: MembershipRole description: >- A membership role within the Cloud Identity Groups API. A `MembershipRole` defines the privileges granted to a `Membership`. - type: object properties: + restrictionEvaluations: + description: >- + Evaluations of restrictions applied to parent group on this + membership. + $ref: '#/components/schemas/RestrictionEvaluations' name: description: >- The name of the `MembershipRole`. Must be one of `OWNER`, `MANAGER`, @@ -1423,375 +1417,299 @@ components: supported for `MEMBER` `MembershipRoles`. May be set if `name` is `MEMBER`. Must not be set if `name` is any other value. $ref: '#/components/schemas/ExpiryDetail' - restrictionEvaluations: - description: >- - Evaluations of restrictions applied to parent group on this - membership. - $ref: '#/components/schemas/RestrictionEvaluations' - ExpiryDetail: - id: ExpiryDetail - description: The `MembershipRole` expiry details. type: object + GoogleAppsCloudidentityDevicesV1WipeDeviceUserResponse: + id: GoogleAppsCloudidentityDevicesV1WipeDeviceUserResponse properties: - expireTime: - description: The time at which the `MembershipRole` will expire. - type: string - format: google-datetime - RestrictionEvaluations: - id: RestrictionEvaluations - description: Evaluations of restrictions applied to parent group on this membership. + deviceUser: + $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1DeviceUser' + description: Resultant DeviceUser object for the action. + description: Response message for wiping the user's account from the device. + type: object + GoogleAppsCloudidentityDevicesV1WipeDeviceUserMetadata: + id: GoogleAppsCloudidentityDevicesV1WipeDeviceUserMetadata + properties: {} + description: Metadata for WipeDeviceUser LRO. + type: object + CreateGroupMetadata: + properties: {} + type: object + id: CreateGroupMetadata + description: Metadata for CreateGroup LRO. + ListMembershipsResponse: + id: ListMembershipsResponse type: object + description: The response message for MembershipsService.ListMemberships. properties: - memberRestrictionEvaluation: + nextPageToken: description: >- - Evaluation of the member restriction applied to this membership. - Empty if the user lacks permission to view the restriction - evaluation. - $ref: '#/components/schemas/MembershipRoleRestrictionEvaluation' - MembershipRoleRestrictionEvaluation: - id: MembershipRoleRestrictionEvaluation - description: The evaluated state of this restriction. + A continuation token to retrieve the next page of results, or empty + if there are no more results available. + type: string + memberships: + description: The `Membership`s under the specified `parent`. + type: array + items: + $ref: '#/components/schemas/Membership' + MembershipRelation: + id: MembershipRelation type: object + description: Message containing membership relation. properties: - state: - description: Output only. The current state of the restriction - readOnly: true + description: type: string - enumDescriptions: - - Default. Should not be used. - - The member adheres to the parent group's restriction. - - >- - The group-group membership might be currently violating some - parent group's restriction but in future, it will never allow any - new member in the child group which can violate parent group's - restriction. - - The member violates the parent group's restriction. - - The state of the membership is under evaluation. - enum: - - STATE_UNSPECIFIED - - COMPLIANT - - FORWARD_COMPLIANT - - NON_COMPLIANT - - EVALUATING - LookupMembershipNameResponse: - id: LookupMembershipNameResponse - description: The response message for MembershipsService.LookupMembershipName. - type: object - properties: - name: + description: >- + An extended description to help users determine the purpose of a + `Group`. + roles: + description: The `MembershipRole`s that apply to the `Membership`. + type: array + items: + $ref: '#/components/schemas/MembershipRole' + groupKey: + description: The `EntityKey` of the `Group`. + $ref: '#/components/schemas/EntityKey' + labels: + additionalProperties: + type: string + type: object + description: >- + One or more label entries that apply to the Group. Currently + supported labels contain a key with an empty value. + group: description: >- The [resource name](https://cloud.google.com/apis/design/resource_names) of the - looked-up `Membership`. Must be of the form - `groups/{group}/memberships/{membership}`. + `Group`. Shall be of the form `groups/{group_id}`. type: string - ListMembershipsResponse: - id: ListMembershipsResponse - description: The response message for MembershipsService.ListMemberships. + membership: + description: >- + The [resource + name](https://cloud.google.com/apis/design/resource_names) of the + `Membership`. Shall be of the form + `groups/{group_id}/memberships/{membership_id}`. + type: string + displayName: + type: string + description: The display name of the `Group`. + GoogleAppsCloudidentityDevicesV1UpdateDeviceMetadata: + properties: {} type: object + id: GoogleAppsCloudidentityDevicesV1UpdateDeviceMetadata + description: Metadata for UpdateDevice LRO. + GoogleAppsCloudidentityDevicesV1CancelWipeDeviceRequest: + description: Request message for cancelling an unfinished device wipe. + type: object + id: GoogleAppsCloudidentityDevicesV1CancelWipeDeviceRequest properties: - memberships: - description: The `Membership`s under the specified `parent`. - type: array - items: - $ref: '#/components/schemas/Membership' - nextPageToken: + customer: description: >- - A continuation token to retrieve the next page of results, or empty - if there are no more results available. + Optional. [Resource + name](https://cloud.google.com/apis/design/resource_names) of the + customer. If you're using this API for your own organization, use + `customers/my_customer` If you're using this API to manage another + organization, use `customers/{customer}`, where customer is the + customer to whom the device belongs. type: string - ModifyMembershipRolesRequest: - id: ModifyMembershipRolesRequest - description: The request message for MembershipsService.ModifyMembershipRoles. + Group: + id: Group type: object + description: >- + A group within the Cloud Identity Groups API. A `Group` is a collection + of entities, where each entity is either a user, another group, or a + service account. properties: - addRoles: + createTime: + description: Output only. The time when the `Group` was created. + type: string + format: google-datetime + readOnly: true + description: description: >- - The `MembershipRole`s to be added. Adding or removing roles in the - same request as updating roles is not supported. Must not be set if - `update_roles_params` is set. - type: array - items: - $ref: '#/components/schemas/MembershipRole' - removeRoles: + An extended description to help users determine the purpose of a + `Group`. Must not be longer than 4,096 characters. + type: string + labels: description: >- - The `name`s of the `MembershipRole`s to be removed. Adding or - removing roles in the same request as updating roles is not - supported. It is not possible to remove the `MEMBER` - `MembershipRole`. If you wish to delete a `Membership`, call - MembershipsService.DeleteMembership instead. Must not contain - `MEMBER`. Must not be set if `update_roles_params` is set. - type: array - items: + Required. One or more label entries that apply to the Group. Labels + contain a key with an empty value. Google Groups are the default + type of group and have a label with a key of + `cloudidentity.googleapis.com/groups.discussion_forum` and an empty + value. Existing Google Groups can have an additional label with a + key of `cloudidentity.googleapis.com/groups.security` and an empty + value added to them. **This is an immutable change and the security + label cannot be removed once added.** Dynamic groups have a label + with a key of `cloudidentity.googleapis.com/groups.dynamic`. + Identity-mapped groups for Cloud Search have a label with a key of + `system/groups/external` and an empty value. Google Groups can be + [locked](https://support.google.com/a?p=locked-groups). To lock a + group, add a label with a key of + `cloudidentity.googleapis.com/groups.locked` and an empty value. + Doing so locks the group. To unlock the group, remove this label. + type: object + additionalProperties: type: string - updateRolesParams: - description: >- - The `MembershipRole`s to be updated. Updating roles in the same - request as adding or removing roles is not supported. Must not be - set if either `add_roles` or `remove_roles` is set. + displayName: + description: The display name of the `Group`. + type: string + dynamicGroupMetadata: + description: Optional. Dynamic group metadata like queries and status. + $ref: '#/components/schemas/DynamicGroupMetadata' + additionalGroupKeys: type: array + readOnly: true + description: Output only. Additional group keys associated with the Group. items: - $ref: '#/components/schemas/UpdateMembershipRolesParams' - UpdateMembershipRolesParams: - id: UpdateMembershipRolesParams - description: The details of an update to a `MembershipRole`. - type: object - properties: - fieldMask: + $ref: '#/components/schemas/EntityKey' + parent: description: >- - The fully-qualified names of fields to update. May only contain the - field `expiry_detail.expire_time`. + Required. Immutable. The resource name of the entity under which + this `Group` resides in the Cloud Identity resource hierarchy. Must + be of the form `identitysources/{identity_source}` for external + [identity-mapped + groups](https://support.google.com/a/answer/9039510) or + `customers/{customer_id}` for Google Groups. The `customer_id` must + begin with "C" (for example, 'C046psxkn'). [Find your customer ID.] + (https://support.google.com/cloudidentity/answer/10070793) + type: string + groupKey: + $ref: '#/components/schemas/EntityKey' + description: Required. The `EntityKey` of the `Group`. + name: + readOnly: true type: string - format: google-fieldmask - membershipRole: description: >- - The `MembershipRole`s to be updated. Only `MEMBER` `MembershipRole` - can currently be updated. - $ref: '#/components/schemas/MembershipRole' - ModifyMembershipRolesResponse: - id: ModifyMembershipRolesResponse - description: The response message for MembershipsService.ModifyMembershipRoles. + Output only. The [resource + name](https://cloud.google.com/apis/design/resource_names) of the + `Group`. Shall be of the form `groups/{group}`. + updateTime: + type: string + description: Output only. The time when the `Group` was last updated. + readOnly: true + format: google-datetime + OidcRpConfig: + description: OIDC RP (relying party) configuration. + id: OidcRpConfig type: object properties: - membership: - description: The `Membership` resource after modifying its `MembershipRole`s. - $ref: '#/components/schemas/Membership' - SearchTransitiveMembershipsResponse: - id: SearchTransitiveMembershipsResponse - description: The response message for MembershipsService.SearchTransitiveMemberships. + redirectUris: + description: >- + Output only. The URL(s) that this client may use in authentication + requests. + items: + type: string + type: array + readOnly: true + clientId: + type: string + description: OAuth2 client ID for OIDC. + clientSecret: + description: Input only. OAuth2 client secret for OIDC. + type: string + DeleteInboundSamlSsoProfileOperationMetadata: + type: object + description: >- + LRO response metadata for + InboundSamlSsoProfilesService.DeleteInboundSamlSsoProfile. + properties: {} + id: DeleteInboundSamlSsoProfileOperationMetadata + ListInboundSamlSsoProfilesResponse: + description: >- + Response of the InboundSamlSsoProfilesService.ListInboundSamlSsoProfiles + method. type: object + id: ListInboundSamlSsoProfilesResponse properties: - memberships: - description: List of transitive members satisfying the query. + inboundSamlSsoProfiles: type: array + description: List of InboundSamlSsoProfiles. items: - $ref: '#/components/schemas/MemberRelation' + $ref: '#/components/schemas/InboundSamlSsoProfile' nextPageToken: description: >- - Token to retrieve the next page of results, or empty if there are no - more results. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - MemberRelation: - id: MemberRelation - description: Message representing a transitive membership of a group. + CancelUserInvitationRequest: + id: CancelUserInvitationRequest + properties: {} type: object + description: Request to cancel sent invitation for target email in UserInvitation. + DynamicGroupStatus: properties: - preferredMemberKey: - description: >- - Entity key has an id and a namespace. In case of discussion forums, - the id will be an email address without a namespace. - type: array - items: - $ref: '#/components/schemas/EntityKey' - member: - description: Resource name for this member. - type: string - roles: - description: The membership role details (i.e name of role and expiry time). - type: array - items: - $ref: '#/components/schemas/TransitiveMembershipRole' - relationType: - description: The relation between the group and the transitive member. - type: string - enumDescriptions: - - The relation type is undefined or undetermined. - - The two entities have only a direct membership with each other. - - The two entities have only an indirect membership with each other. - - >- - The two entities have both a direct and an indirect membership - with each other. + status: enum: - - RELATION_TYPE_UNSPECIFIED - - DIRECT - - INDIRECT - - DIRECT_AND_INDIRECT - TransitiveMembershipRole: - id: TransitiveMembershipRole - description: Message representing the role of a TransitiveMembership. - type: object - properties: - role: - description: >- - TransitiveMembershipRole in string format. Currently supported - TransitiveMembershipRoles: `"MEMBER"`, `"OWNER"`, and `"MANAGER"`. + - STATUS_UNSPECIFIED + - UP_TO_DATE + - UPDATING_MEMBERSHIPS + - INVALID_QUERY + description: Status of the dynamic group. + enumDescriptions: + - Default. + - The dynamic group is up-to-date. + - >- + The dynamic group has just been created and memberships are being + updated. + - >- + Group is in an unrecoverable state and its memberships can't be + updated. type: string - SearchTransitiveGroupsResponse: - id: SearchTransitiveGroupsResponse - description: The response message for MembershipsService.SearchTransitiveGroups. - type: object - properties: - memberships: - description: List of transitive groups satisfying the query. - type: array - items: - $ref: '#/components/schemas/GroupRelation' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results available for listing. + statusTime: + format: google-datetime type: string - GroupRelation: - id: GroupRelation - description: Message representing a transitive group of a user or a group. - type: object - properties: - groupKey: description: >- - Entity key has an id and a namespace. In case of discussion forums, - the id will be an email address without a namespace. - $ref: '#/components/schemas/EntityKey' - group: - description: Resource name for this group. - type: string - displayName: - description: Display name for this group. - type: string - roles: - description: Membership roles of the member for the group. - type: array - items: - $ref: '#/components/schemas/TransitiveMembershipRole' - relationType: - description: The relation between the member and the transitive group. - type: string - enumDescriptions: - - The relation type is undefined or undetermined. - - The two entities have only a direct membership with each other. - - The two entities have only an indirect membership with each other. - - >- - The two entities have both a direct and an indirect membership - with each other. - enum: - - RELATION_TYPE_UNSPECIFIED - - DIRECT - - INDIRECT - - DIRECT_AND_INDIRECT - labels: - description: Labels for Group resource. - type: object - additionalProperties: - type: string - CheckTransitiveMembershipResponse: - id: CheckTransitiveMembershipResponse - description: The response message for MembershipsService.CheckTransitiveMembership. + The latest time at which the dynamic group is guaranteed to be in + the given status. If status is `UP_TO_DATE`, the latest time at + which the dynamic group was confirmed to be up-to-date. If status is + `UPDATING_MEMBERSHIPS`, the time at which dynamic group was created. + description: The current status of a dynamic group along with timestamp. + id: DynamicGroupStatus type: object - properties: - hasMembership: - description: >- - Response does not include the possible roles of a member since the - behavior of this rpc is not all-or-nothing unlike the other rpcs. - So, it may not be possible to list all the roles definitively, due - to possible lack of authorization in some of the paths. - type: boolean - SearchDirectGroupsResponse: - id: SearchDirectGroupsResponse - description: The response message for MembershipsService.SearchDirectGroups. + SendUserInvitationRequest: + properties: {} + id: SendUserInvitationRequest type: object - properties: - memberships: - description: List of direct groups satisfying the query. - type: array - items: - $ref: '#/components/schemas/MembershipRelation' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results available for listing. - type: string - MembershipRelation: - id: MembershipRelation - description: Message containing membership relation. + description: >- + A request to send email for inviting target user corresponding to the + UserInvitation. + InboundOidcSsoProfile: type: object + id: InboundOidcSsoProfile properties: - membership: - description: >- - The [resource - name](https://cloud.google.com/apis/design/resource_names) of the - `Membership`. Shall be of the form - `groups/{group_id}/memberships/{membership_id}`. - type: string - roles: - description: The `MembershipRole`s that apply to the `Membership`. - type: array - items: - $ref: '#/components/schemas/MembershipRole' - group: + rpConfig: + $ref: '#/components/schemas/OidcRpConfig' description: >- - The [resource - name](https://cloud.google.com/apis/design/resource_names) of the - `Group`. Shall be of the form `groups/{group_id}`. + OIDC relying party (RP) configuration for this OIDC SSO profile. + These are the RP details provided by Google that should be + configured on the corresponding identity provider. + customer: type: string - groupKey: - description: The `EntityKey` of the `Group`. - $ref: '#/components/schemas/EntityKey' + description: 'Immutable. The customer. For example: `customers/C0123abc`.' displayName: - description: The display name of the `Group`. - type: string - labels: - description: >- - One or more label entries that apply to the Group. Currently - supported labels contain a key with an empty value. - type: object - additionalProperties: - type: string - description: - description: >- - An extended description to help users determine the purpose of a - `Group`. + description: Human-readable name of the OIDC SSO profile. type: string - InboundSamlSsoProfile: - id: InboundSamlSsoProfile - description: >- - A [SAML 2.0](https://www.oasis-open.org/standards#samlv2.0) federation - between a Google enterprise customer and a SAML identity provider. - type: object - properties: + idpConfig: + description: OIDC identity provider configuration. + $ref: '#/components/schemas/OidcIdpConfig' name: description: >- Output only. [Resource name](https://cloud.google.com/apis/design/resource_names) of the - SAML SSO profile. - readOnly: true - type: string - customer: - description: 'Immutable. The customer. For example: `customers/C0123abc`.' - type: string - displayName: - description: Human-readable name of the SAML SSO profile. + OIDC SSO profile. type: string - idpConfig: - description: SAML identity provider configuration. - $ref: '#/components/schemas/SamlIdpConfig' - spConfig: - description: >- - SAML service provider configuration for this SAML SSO profile. These - are the service provider details provided by Google that should be - configured on the corresponding identity provider. - $ref: '#/components/schemas/SamlSpConfig' + readOnly: true + description: >- + An [OIDC](https://openid.net/developers/how-connect-works/) federation + between a Google enterprise customer and an OIDC identity provider. SamlIdpConfig: - id: SamlIdpConfig - description: SAML IDP (identity provider) configuration. - type: object properties: - entityId: - description: Required. The SAML **Entity ID** of the identity provider. - type: string singleSignOnServiceUri: + type: string description: >- Required. The `SingleSignOnService` endpoint location (sign-in page URL) of the identity provider. This is the URL where the `AuthnRequest` will be sent. Must use `HTTPS`. Assumed to accept the `HTTP-Redirect` binding. - type: string - logoutRedirectUri: - description: >- - The **Logout Redirect URL** (sign-out page URL) of the identity - provider. When a user clicks the sign-out link on a Google page, - they will be redirected to this URL. This is a pure redirect with no - attached SAML `LogoutRequest` i.e. SAML single logout is not - supported. Must use `HTTPS`. - type: string changePasswordUri: description: >- The **Change Password URL** of the identity provider. Users will be @@ -1799,365 +1717,267 @@ components: `myaccount.google.com`. This takes precedence over the change password URL configured at customer-level. Must use `HTTPS`. type: string - SamlSpConfig: - id: SamlSpConfig - description: SAML SP (service provider) configuration. - type: object - properties: entityId: - description: Output only. The SAML **Entity ID** for this service provider. - readOnly: true type: string - assertionConsumerServiceUri: - description: >- - Output only. The SAML **Assertion Consumer Service (ACS) URL** to be - used for the IDP-initiated login. Assumed to accept response - messages via the `HTTP-POST` binding. - readOnly: true + description: Required. The SAML **Entity ID** of the identity provider. + logoutRedirectUri: type: string - ListInboundSamlSsoProfilesResponse: - id: ListInboundSamlSsoProfilesResponse - description: >- - Response of the InboundSamlSsoProfilesService.ListInboundSamlSsoProfiles - method. - type: object - properties: - inboundSamlSsoProfiles: - description: List of InboundSamlSsoProfiles. - type: array - items: - $ref: '#/components/schemas/InboundSamlSsoProfile' - nextPageToken: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - IdpCredential: - id: IdpCredential - description: Credential for verifying signatures produced by the Identity Provider. + The **Logout Redirect URL** (sign-out page URL) of the identity + provider. When a user clicks the sign-out link on a Google page, + they will be redirected to this URL. This is a pure redirect with no + attached SAML `LogoutRequest` i.e. SAML single logout is not + supported. Must use `HTTPS`. type: object + description: SAML IDP (identity provider) configuration. + id: SamlIdpConfig + Membership: properties: - rsaKeyInfo: - description: Output only. Information of a RSA public key. + preferredMemberKey: + $ref: '#/components/schemas/EntityKey' + description: Required. Immutable. The `EntityKey` of the member. + createTime: + description: Output only. The time when the `Membership` was created. + type: string + format: google-datetime readOnly: true - $ref: '#/components/schemas/RsaPublicKeyInfo' - dsaKeyInfo: - description: Output only. Information of a DSA public key. + type: + enum: + - TYPE_UNSPECIFIED + - USER + - SERVICE_ACCOUNT + - GROUP + - SHARED_DRIVE + - CBCM_BROWSER + - OTHER + description: Output only. The type of the membership. + type: string + enumDescriptions: + - Default. Should not be used. + - Represents user type. + - Represents service account type. + - Represents group type. + - Represents Shared drive. + - Represents a CBCM-managed Chrome Browser type. + - Represents other type. readOnly: true - $ref: '#/components/schemas/DsaPublicKeyInfo' + roles: + type: array + description: >- + The `MembershipRole`s that apply to the `Membership`. If + unspecified, defaults to a single `MembershipRole` with `name` + `MEMBER`. Must not contain duplicate `MembershipRole`s with the same + `name`. + items: + $ref: '#/components/schemas/MembershipRole' name: + type: string + readOnly: true description: >- - Output only. [Resource + Output only. The [resource name](https://cloud.google.com/apis/design/resource_names) of the - credential. - readOnly: true + `Membership`. Shall be of the form + `groups/{group}/memberships/{membership}`. + deliverySetting: type: string - updateTime: - description: Output only. Time when the `IdpCredential` was last updated. + description: Output only. Delivery setting associated with the membership. readOnly: true + enum: + - DELIVERY_SETTING_UNSPECIFIED + - ALL_MAIL + - DIGEST + - DAILY + - NONE + - DISABLED + enumDescriptions: + - Default. Should not be used. + - Represents each mail should be delivered + - Represents 1 email for every 25 messages. + - Represents daily summary of messages. + - Represents no delivery. + - Represents disabled state. + updateTime: + description: Output only. The time when the `Membership` was last updated. type: string + readOnly: true format: google-datetime - RsaPublicKeyInfo: - id: RsaPublicKeyInfo - description: Information of a RSA public key. type: object + id: Membership + description: >- + A membership within the Cloud Identity Groups API. A `Membership` + defines a relationship between a `Group` and an entity belonging to that + `Group`, referred to as a "member". + DynamicGroupMetadata: + description: Dynamic group metadata like queries and status. properties: - keySize: - description: Key size in bits (size of the modulus). - type: integer - format: int32 - DsaPublicKeyInfo: - id: DsaPublicKeyInfo - description: Information of a DSA public key. + queries: + items: + $ref: '#/components/schemas/DynamicGroupQuery' + type: array + description: >- + Memberships will be the union of all queries. Only one entry with + USER resource is currently supported. Customers can create up to 500 + dynamic groups. + status: + readOnly: true + description: Output only. Status of the dynamic group. + $ref: '#/components/schemas/DynamicGroupStatus' + id: DynamicGroupMetadata type: object - properties: - keySize: - description: Key size in bits (size of parameter P). - type: integer - format: int32 - ListIdpCredentialsResponse: - id: ListIdpCredentialsResponse - description: Response of the InboundSamlSsoProfilesService.ListIdpCredentials method. + TransitiveMembershipRole: type: object + id: TransitiveMembershipRole properties: - idpCredentials: - description: The IdpCredentials from the specified InboundSamlSsoProfile. - type: array - items: - $ref: '#/components/schemas/IdpCredential' - nextPageToken: + role: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + TransitiveMembershipRole in string format. Currently supported + TransitiveMembershipRoles: `"MEMBER"`, `"OWNER"`, and `"MANAGER"`. type: string - AddIdpCredentialRequest: - id: AddIdpCredentialRequest - description: >- - The request for creating an IdpCredential with its associated payload. - An InboundSamlSsoProfile can own up to 2 credentials. + description: Message representing the role of a TransitiveMembership. + MemberRestriction: + description: The definition of MemberRestriction + id: MemberRestriction type: object properties: - pemData: + query: description: >- - PEM encoded x509 certificate containing the public key for verifying - IdP signatures. + Member Restriction as defined by CEL expression. Supported + restrictions are: `member.customer_id` and `member.type`. Valid + values for `member.type` are `1`, `2` and `3`. They correspond to + USER, SERVICE_ACCOUNT, and GROUP respectively. The value for + `member.customer_id` only supports `groupCustomerId()` currently + which means the customer id of the group will be used for + restriction. Supported operators are `&&`, `||` and `==`, + corresponding to AND, OR, and EQUAL. Examples: Allow only service + accounts of given customer to be members. `member.type == 2 && + member.customer_id == groupCustomerId()` Allow only users or groups + to be members. `member.type == 1 || member.type == 3` type: string - InboundOidcSsoProfile: - id: InboundOidcSsoProfile + evaluation: + description: The evaluated state of this restriction on a group. + $ref: '#/components/schemas/RestrictionEvaluation' + DeleteInboundSsoAssignmentOperationMetadata: description: >- - An [OIDC](https://openid.net/developers/how-connect-works/) federation - between a Google enterprise customer and an OIDC identity provider. + LRO response metadata for + InboundSsoAssignmentsService.DeleteInboundSsoAssignment. + properties: {} + id: DeleteInboundSsoAssignmentOperationMetadata + type: object + UpdateMembershipMetadata: + properties: {} type: object + description: Metadata for UpdateMembership LRO. + id: UpdateMembershipMetadata + GoogleAppsCloudidentityDevicesV1ApproveDeviceUserRequest: + description: Request message for approving the device to access user data. properties: - name: - description: >- - Output only. [Resource - name](https://cloud.google.com/apis/design/resource_names) of the - OIDC SSO profile. - readOnly: true - type: string customer: - description: 'Immutable. The customer. For example: `customers/C0123abc`.' - type: string - displayName: - description: Human-readable name of the OIDC SSO profile. type: string - idpConfig: - description: OIDC identity provider configuration. - $ref: '#/components/schemas/OidcIdpConfig' - rpConfig: description: >- - OIDC relying party (RP) configuration for this OIDC SSO profile. - These are the RP details provided by Google that should be - configured on the corresponding identity provider. - $ref: '#/components/schemas/OidcRpConfig' - OidcIdpConfig: - id: OidcIdpConfig - description: OIDC IDP (identity provider) configuration. + Optional. [Resource + name](https://cloud.google.com/apis/design/resource_names) of the + customer. If you're using this API for your own organization, use + `customers/my_customer` If you're using this API to manage another + organization, use `customers/{customer}`, where customer is the + customer to whom the device belongs. + id: GoogleAppsCloudidentityDevicesV1ApproveDeviceUserRequest + type: object + GoogleAppsCloudidentityDevicesV1DeviceUser: type: object properties: - issuerUri: + name: + type: string + readOnly: true description: >- - Required. The Issuer identifier for the IdP. Must be a URL. The - discovery URL will be derived from this as described in Section 4 of - [the OIDC - specification](https://openid.net/specs/openid-connect-discovery-1_0.html). + Output only. [Resource + name](https://cloud.google.com/apis/design/resource_names) of the + DeviceUser in format: `devices/{device}/deviceUsers/{device_user}`, + where `device_user` uniquely identifies a user's use of a device. + passwordState: + enum: + - PASSWORD_STATE_UNSPECIFIED + - PASSWORD_SET + - PASSWORD_NOT_SET + description: Password state of the DeviceUser object + enumDescriptions: + - Password state not set. + - Password set in object. + - Password not set in object. type: string - changePasswordUri: + userAgent: + type: string + description: Output only. User agent on the device for this specific user + readOnly: true + firstSyncTime: + format: google-datetime description: >- - The **Change Password URL** of the identity provider. Users will be - sent to this URL when changing their passwords at - `myaccount.google.com`. This takes precedence over the change - password URL configured at customer-level. Must use `HTTPS`. + Output only. Most recent time when user registered with this + service. + readOnly: true type: string - OidcRpConfig: - id: OidcRpConfig - description: OIDC RP (relying party) configuration. - type: object - properties: - clientId: - description: OAuth2 client ID for OIDC. + lastSyncTime: + readOnly: true type: string - clientSecret: - description: Input only. OAuth2 client secret for OIDC. + format: google-datetime + description: Output only. Last time when user synced with policies. + createTime: + format: google-datetime + description: When the user first signed in to the device type: string - redirectUris: - description: >- - Output only. The URL(s) that this client may use in authentication - requests. + userEmail: + type: string + description: Email address of the user registered on the device. + languageCode: + type: string + description: Output only. Default locale used on device, in IETF BCP-47 format. readOnly: true - type: array - items: - type: string - ListInboundOidcSsoProfilesResponse: - id: ListInboundOidcSsoProfilesResponse - description: >- - Response of the InboundOidcSsoProfilesService.ListInboundOidcSsoProfiles - method. - type: object - properties: - inboundOidcSsoProfiles: - description: List of InboundOidcSsoProfiles. - type: array - items: - $ref: '#/components/schemas/InboundOidcSsoProfile' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - InboundSsoAssignment: - id: InboundSsoAssignment - description: Targets with "set" SSO assignments and their respective assignments. - type: object - properties: - targetGroup: - description: Immutable. Must be of the form `groups/{group}`. - type: string - targetOrgUnit: - description: Immutable. Must be of the form `orgUnits/{org_unit}`. - type: string - name: - description: >- - Output only. [Resource - name](https://cloud.google.com/apis/design/resource_names) of the - Inbound SSO Assignment. - readOnly: true - type: string - customer: - description: 'Immutable. The customer. For example: `customers/C0123abc`.' - type: string - rank: - description: >- - Must be zero (which is the default value so it can be omitted) for - assignments with `target_org_unit` set and must be - greater-than-or-equal-to one for assignments with `target_group` - set. - type: integer - format: int32 - ssoMode: - description: Inbound SSO behavior. - type: string + managementState: enumDescriptions: - - Not allowed. - - Disable SSO for the targeted users. - - >- - Use an external SAML Identity Provider for SSO for the targeted - users. - - >- - Use an external OIDC Identity Provider for SSO for the targeted - users. + - Default value. This value is unused. + - This user's data and profile is being removed from the device. + - This user's data and profile is removed from the device. + - User is approved to access data on the device. + - User is blocked from accessing data on the device. + - User is awaiting approval. - >- - Use the domain-wide SAML Identity Provider for the targeted users - if one is configured; otherwise, this is equivalent to `SSO_OFF`. - Note that this will also be equivalent to `SSO_OFF` if/when - support for domain-wide SAML is removed. Google may disallow this - mode at that point and existing assignments with this mode may be - automatically changed to `SSO_OFF`. + User is unenrolled from Advanced Windows Management, but the + Windows account is still intact. + description: Output only. Management state of the user on the device. enum: - - SSO_MODE_UNSPECIFIED - - SSO_OFF - - SAML_SSO - - OIDC_SSO - - DOMAIN_WIDE_SAML_IF_ENABLED - samlSsoInfo: - description: >- - SAML SSO details. Must be set if and only if `sso_mode` is set to - `SAML_SSO`. - $ref: '#/components/schemas/SamlSsoInfo' - oidcSsoInfo: - description: >- - OpenID Connect SSO details. Must be set if and only if `sso_mode` is - set to `OIDC_SSO`. - $ref: '#/components/schemas/OidcSsoInfo' - signInBehavior: - description: >- - Assertions about users assigned to an IdP will always be accepted - from that IdP. This controls whether/when Google should redirect a - user to the IdP. Unset (defaults) is the recommended configuration. - $ref: '#/components/schemas/SignInBehavior' - SamlSsoInfo: - id: SamlSsoInfo - description: Details that are applicable when `sso_mode` == `SAML_SSO`. - type: object - properties: - inboundSamlSsoProfile: - description: >- - Required. Name of the `InboundSamlSsoProfile` to use. Must be of the - form `inboundSamlSsoProfiles/{inbound_saml_sso_profile}`. - type: string - OidcSsoInfo: - id: OidcSsoInfo - description: Details that are applicable when `sso_mode` is set to `OIDC_SSO`. - type: object - properties: - inboundOidcSsoProfile: - description: >- - Required. Name of the `InboundOidcSsoProfile` to use. Must be of the - form `inboundOidcSsoProfiles/{inbound_oidc_sso_profile}`. + - MANAGEMENT_STATE_UNSPECIFIED + - WIPING + - WIPED + - APPROVED + - BLOCKED + - PENDING_APPROVAL + - UNENROLLED + readOnly: true type: string - SignInBehavior: - id: SignInBehavior - description: Controls sign-in behavior. - type: object - properties: - redirectCondition: - description: When to redirect sign-ins to the IdP. + compromisedState: type: string + enum: + - COMPROMISED_STATE_UNSPECIFIED + - COMPROMISED + - NOT_COMPROMISED enumDescriptions: - - Default and means "always" - >- - Sign-in flows where the user is prompted for their identity will - not redirect to the IdP (so the user will most likely be prompted - by Google for a password), but special flows like IdP-initiated - SAML and sign-in following automatic redirection to the IdP by - domain-specific service URLs will accept the IdP's assertion of - the user's identity. - enum: - - REDIRECT_CONDITION_UNSPECIFIED - - NEVER - ListInboundSsoAssignmentsResponse: - id: ListInboundSsoAssignmentsResponse - description: >- - Response of the InboundSsoAssignmentsService.ListInboundSsoAssignments - method. - type: object - properties: - inboundSsoAssignments: - description: The assignments. - type: array - items: - $ref: '#/components/schemas/InboundSsoAssignment' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - Policy: - id: Policy + Compromised state of Device User account is unknown or + unspecified. + - Device User Account is compromised. + - Device User Account is not compromised. + description: Compromised State of the DeviceUser object + id: GoogleAppsCloudidentityDevicesV1DeviceUser description: >- - A Policy resource binds an instance of a single Setting with the scope - of a PolicyQuery. The Setting instance will be applied to all entities - that satisfy the query. - type: object + Represents a user's use of a Device in the Cloud Identity Devices API. A + DeviceUser is a resource representing a user's use of a Device + PolicyQuery: properties: - name: - description: >- - Output only. Identifier. The [resource - name](https://cloud.google.com/apis/design/resource_names) of the - Policy. Format: policies/{policy}. - readOnly: true - type: string - customer: + group: description: >- - Immutable. Customer that the Policy belongs to. The value is in the - format 'customers/{customerId}'. The `customerId` must begin with - "C" To find your customer ID in Admin Console see - https://support.google.com/a/answer/10070793. - type: string - policyQuery: - description: Required. The PolicyQuery the Setting applies to. - $ref: '#/components/schemas/PolicyQuery' - setting: - description: Required. The Setting configured by this Policy. - $ref: '#/components/schemas/Setting' - type: - description: Output only. The type of the policy. - readOnly: true + Immutable. The group that the query applies to. This field is only + set if there is a single value for group that satisfies all clauses + of the query. If no group applies, this will be the empty string. type: string - enumDescriptions: - - Unspecified policy type. - - Policy type denoting the system-configured policies. - - Policy type denoting the admin-configurable policies. - enum: - - POLICY_TYPE_UNSPECIFIED - - SYSTEM - - ADMIN - PolicyQuery: - id: PolicyQuery - description: PolicyQuery - type: object - properties: query: description: >- Immutable. The CEL query that defines which entities the Policy @@ -2182,437 +2002,620 @@ components: applies to. This field is only set if there is a single value for org_unit that satisfies all clauses of the query. type: string - group: - description: >- - Immutable. The group that the query applies to. This field is only - set if there is a single value for group that satisfies all clauses - of the query. If no group applies, this will be the empty string. - type: string sortOrder: description: >- Output only. The decimal sort order of this PolicyQuery. The value is relative to all other policies with the same setting type for the customer. (There are no duplicates within this set). + format: double readOnly: true type: number - format: double - Setting: - id: Setting - description: Setting - type: object - properties: - type: - description: Required. Immutable. The type of the Setting. . - type: string - value: - description: Required. The value of the Setting. - type: object - additionalProperties: - type: any - description: Properties of the object. - ListPoliciesResponse: - id: ListPoliciesResponse - description: The response message for PoliciesService.ListPolicies. + id: PolicyQuery type: object + description: PolicyQuery + ListUserInvitationsResponse: properties: - policies: - description: The results + userInvitations: type: array + description: The list of UserInvitation resources. items: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/UserInvitation' nextPageToken: description: >- - The pagination token to retrieve the next page of results. If this - field is empty, there are no subsequent pages. + The token for the next page. If not empty, indicates that there may + be more `UserInvitation` resources that match the listing request; + this value can be used in a subsequent ListUserInvitationsRequest to + get continued results with the current list call. type: string - UserInvitation: - id: UserInvitation - description: >- - The `UserInvitation` resource represents an email that can be sent to an - unmanaged user account inviting them to join the customer's Google - Workspace or Cloud Identity account. An unmanaged account shares an - email address domain with the Google Workspace or Cloud Identity account - but is not managed by it yet. If the user accepts the `UserInvitation`, - the user account will become managed. + description: Response message for UserInvitation listing request. type: object - properties: - name: - description: >- - Shall be of the form - `customers/{customer}/userinvitations/{user_email_address}`. - type: string - state: - description: State of the `UserInvitation`. - type: string - enumDescriptions: - - The default value. This value is used if the state is omitted. - - >- - The `UserInvitation` has been created and is ready for sending as - an email. - - The user has been invited by email. - - >- - The user has accepted the invitation and is part of the - organization. - - The user declined the invitation. - enum: - - STATE_UNSPECIFIED - - NOT_YET_SENT - - INVITED - - ACCEPTED - - DECLINED - mailsSentCount: - description: Number of invitation emails sent to the user. - type: string - format: int64 - updateTime: - description: Time when the `UserInvitation` was last updated. - type: string - format: google-datetime - ListUserInvitationsResponse: id: ListUserInvitationsResponse - description: Response message for UserInvitation listing request. + UpdateGroupMetadata: + id: UpdateGroupMetadata + description: Metadata for UpdateGroup LRO. + properties: {} + type: object + SecuritySettings: type: object properties: - userInvitations: - description: The list of UserInvitation resources. - type: array - items: - $ref: '#/components/schemas/UserInvitation' - nextPageToken: - description: >- - The token for the next page. If not empty, indicates that there may - be more `UserInvitation` resources that match the listing request; - this value can be used in a subsequent ListUserInvitationsRequest to - get continued results with the current list call. + name: + readOnly: true type: string - SendUserInvitationRequest: - id: SendUserInvitationRequest - description: >- - A request to send email for inviting target user corresponding to the - UserInvitation. - type: object - properties: {} - CancelUserInvitationRequest: - id: CancelUserInvitationRequest - description: Request to cancel sent invitation for target email in UserInvitation. + description: >- + Output only. The resource name of the security settings. Shall be of + the form `groups/{group_id}/securitySettings`. + memberRestriction: + description: The Member Restriction value + $ref: '#/components/schemas/MemberRestriction' + id: SecuritySettings + description: The definition of security settings. + GoogleAppsCloudidentityDevicesV1CancelWipeDeviceUserMetadata: + description: Metadata for CancelWipeDeviceUser LRO. type: object properties: {} - IsInvitableUserResponse: - id: IsInvitableUserResponse - description: Response for IsInvitableUser RPC. + id: GoogleAppsCloudidentityDevicesV1CancelWipeDeviceUserMetadata + GoogleAppsCloudidentityDevicesV1WipeDeviceUserRequest: type: object properties: - isInvitableUser: - description: Returns true if the email address is invitable. - type: boolean + customer: + description: >- + Optional. [Resource + name](https://cloud.google.com/apis/design/resource_names) of the + customer. If you're using this API for your own organization, use + `customers/my_customer` If you're using this API to manage another + organization, use `customers/{customer}`, where customer is the + customer to whom the device belongs. + type: string + description: Request message for starting an account wipe on device. + id: GoogleAppsCloudidentityDevicesV1WipeDeviceUserRequest GetMembershipGraphResponse: - id: GetMembershipGraphResponse - description: The response message for MembershipsService.GetMembershipGraph. - type: object properties: - adjacencyList: - description: >- - The membership graph's path information represented as an adjacency - list. - type: array - items: - $ref: '#/components/schemas/MembershipAdjacencyList' groups: + type: array description: >- The resources representing each group in the adjacency list. Each group in this list can be correlated to a 'group' of the MembershipAdjacencyList using the 'name' of the Group resource. - type: array items: $ref: '#/components/schemas/Group' - MembershipAdjacencyList: - id: MembershipAdjacencyList - description: Membership graph's path information as an adjacency list. - type: object - properties: - group: - description: Resource name of the group that the members belong to. - type: string - edges: - description: >- - Each edge contains information about the member that belongs to this - group. Note: Fields returned here will help identify the specific - Membership resource (e.g `name`, `preferred_member_key` and `role`), - but may not be a comprehensive list of all fields. + adjacencyList: type: array items: - $ref: '#/components/schemas/Membership' - GoogleAppsCloudidentityDevicesV1ApproveDeviceUserResponse: - id: GoogleAppsCloudidentityDevicesV1ApproveDeviceUserResponse - description: Response message for approving the device to access user data. + $ref: '#/components/schemas/MembershipAdjacencyList' + description: >- + The membership graph's path information represented as an adjacency + list. type: object + description: The response message for MembershipsService.GetMembershipGraph. + id: GetMembershipGraphResponse + RestrictionEvaluation: properties: - deviceUser: - description: Resultant DeviceUser object for the action. - $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1DeviceUser' - GoogleAppsCloudidentityDevicesV1BlockDeviceUserResponse: - id: GoogleAppsCloudidentityDevicesV1BlockDeviceUserResponse - description: Response message for blocking the device from accessing user data. + state: + description: Output only. The current state of the restriction + readOnly: true + type: string + enumDescriptions: + - Default. Should not be used. + - The restriction state is currently being evaluated. + - All transitive memberships are adhering to restriction. + - >- + Some transitive memberships violate the restriction. No new + violating memberships can be added. + - >- + Some transitive memberships violate the restriction. New violating + direct memberships will be denied while indirect memberships may + be added. + enum: + - STATE_UNSPECIFIED + - EVALUATING + - COMPLIANT + - FORWARD_COMPLIANT + - NON_COMPLIANT type: object - properties: - deviceUser: - description: Resultant DeviceUser object for the action. - $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1DeviceUser' - GoogleAppsCloudidentityDevicesV1WipeDeviceUserResponse: - id: GoogleAppsCloudidentityDevicesV1WipeDeviceUserResponse - description: Response message for wiping the user's account from the device. + description: The evaluated state of this restriction. + id: RestrictionEvaluation + GoogleAppsCloudidentityDevicesV1BlockDeviceUserMetadata: + description: Metadata for BlockDeviceUser LRO. + properties: {} + id: GoogleAppsCloudidentityDevicesV1BlockDeviceUserMetadata + type: object + MemberRelation: + id: MemberRelation type: object + description: Message representing a transitive membership of a group. properties: - deviceUser: - description: Resultant DeviceUser object for the action. - $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1DeviceUser' + relationType: + enumDescriptions: + - The relation type is undefined or undetermined. + - The two entities have only a direct membership with each other. + - The two entities have only an indirect membership with each other. + - >- + The two entities have both a direct and an indirect membership + with each other. + type: string + enum: + - RELATION_TYPE_UNSPECIFIED + - DIRECT + - INDIRECT + - DIRECT_AND_INDIRECT + description: The relation between the group and the transitive member. + roles: + description: The membership role details (i.e name of role and expiry time). + type: array + items: + $ref: '#/components/schemas/TransitiveMembershipRole' + member: + type: string + description: Resource name for this member. + preferredMemberKey: + type: array + items: + $ref: '#/components/schemas/EntityKey' + description: >- + Entity key has an id and a namespace. In case of discussion forums, + the id will be an email address without a namespace. GoogleAppsCloudidentityDevicesV1CancelWipeDeviceUserResponse: - id: GoogleAppsCloudidentityDevicesV1CancelWipeDeviceUserResponse description: Response message for cancelling an unfinished user account wipe. type: object + id: GoogleAppsCloudidentityDevicesV1CancelWipeDeviceUserResponse properties: deviceUser: description: Resultant DeviceUser object for the action. $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1DeviceUser' - GoogleAppsCloudidentityDevicesV1WipeDeviceResponse: - id: GoogleAppsCloudidentityDevicesV1WipeDeviceResponse - description: Response message for wiping all data on the device. - type: object + GoogleAppsCloudidentityDevicesV1AndroidAttributes: + description: Resource representing the Android specific attributes of a Device. + id: GoogleAppsCloudidentityDevicesV1AndroidAttributes properties: - device: + ownerProfileAccount: description: >- - Resultant Device object for the action. Note that asset tags will - not be returned in the device object. - $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1Device' - GoogleAppsCloudidentityDevicesV1CancelWipeDeviceResponse: - id: GoogleAppsCloudidentityDevicesV1CancelWipeDeviceResponse - description: Response message for cancelling an unfinished device wipe. - type: object - properties: - device: + Whether this account is on an owner/primary profile. For phones, + only true for owner profiles. Android 4+ devices can have secondary + or restricted user profiles. + type: boolean + hasPotentiallyHarmfulApps: + description: Whether any potentially harmful apps were detected on the device. + type: boolean + ctsProfileMatch: + description: Whether the device passes Android CTS compliance. + type: boolean + verifiedBoot: + description: Whether Android verified boot status is GREEN. + type: boolean + supportsWorkProfile: description: >- - Resultant Device object for the action. Note that asset tags will - not be returned in the device object. - $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1Device' - GoogleAppsCloudidentityDevicesV1CreateDeviceMetadata: - id: GoogleAppsCloudidentityDevicesV1CreateDeviceMetadata - description: Metadata for CreateDevice LRO. - type: object - properties: {} - GoogleAppsCloudidentityDevicesV1DeleteDeviceMetadata: - id: GoogleAppsCloudidentityDevicesV1DeleteDeviceMetadata - description: Metadata for DeleteDevice LRO. - type: object - properties: {} - GoogleAppsCloudidentityDevicesV1UpdateDeviceMetadata: - id: GoogleAppsCloudidentityDevicesV1UpdateDeviceMetadata - description: Metadata for UpdateDevice LRO. - type: object - properties: {} - GoogleAppsCloudidentityDevicesV1WipeDeviceMetadata: - id: GoogleAppsCloudidentityDevicesV1WipeDeviceMetadata - description: Metadata for WipeDevice LRO. - type: object - properties: {} - GoogleAppsCloudidentityDevicesV1CancelWipeDeviceMetadata: - id: GoogleAppsCloudidentityDevicesV1CancelWipeDeviceMetadata - description: Metadata for CancelWipeDevice LRO. - type: object - properties: {} - GoogleAppsCloudidentityDevicesV1DeleteDeviceUserMetadata: - id: GoogleAppsCloudidentityDevicesV1DeleteDeviceUserMetadata - description: Metadata for DeleteDeviceUser LRO. - type: object - properties: {} - GoogleAppsCloudidentityDevicesV1ApproveDeviceUserMetadata: - id: GoogleAppsCloudidentityDevicesV1ApproveDeviceUserMetadata - description: Metadata for ApproveDeviceUser LRO. - type: object - properties: {} - GoogleAppsCloudidentityDevicesV1SignoutDeviceUserMetadata: - id: GoogleAppsCloudidentityDevicesV1SignoutDeviceUserMetadata - description: Metadata for SignoutDeviceUser LRO. - type: object - properties: {} - GoogleAppsCloudidentityDevicesV1BlockDeviceUserMetadata: - id: GoogleAppsCloudidentityDevicesV1BlockDeviceUserMetadata - description: Metadata for BlockDeviceUser LRO. - type: object - properties: {} - GoogleAppsCloudidentityDevicesV1WipeDeviceUserMetadata: - id: GoogleAppsCloudidentityDevicesV1WipeDeviceUserMetadata - description: Metadata for WipeDeviceUser LRO. - type: object - properties: {} - GoogleAppsCloudidentityDevicesV1CancelWipeDeviceUserMetadata: - id: GoogleAppsCloudidentityDevicesV1CancelWipeDeviceUserMetadata - description: Metadata for CancelWipeDeviceUser LRO. + Whether device supports Android work profiles. If false, this + service will not block access to corp data even if an administrator + turns on the "Enforce Work Profile" policy. + type: boolean + verifyAppsEnabled: + type: boolean + description: Whether Google Play Protect Verify Apps is enabled. + enabledUnknownSources: + description: >- + Whether applications from unknown sources can be installed on + device. + type: boolean + ownershipPrivilege: + type: string + enumDescriptions: + - Ownership privilege is not set. + - Active device administrator privileges on the device. + - >- + Profile Owner privileges. The account is in a managed corporate + profile. + - Device Owner privileges on the device. + description: Ownership privileges on device. + enum: + - OWNERSHIP_PRIVILEGE_UNSPECIFIED + - DEVICE_ADMINISTRATOR + - PROFILE_OWNER + - DEVICE_OWNER type: object - properties: {} - GoogleAppsCloudidentityDevicesV1ListEndpointAppsMetadata: - id: GoogleAppsCloudidentityDevicesV1ListEndpointAppsMetadata - description: Metadata for ListEndpointApps LRO. + ModifyMembershipRolesRequest: + id: ModifyMembershipRolesRequest + properties: + removeRoles: + description: >- + The `name`s of the `MembershipRole`s to be removed. Adding or + removing roles in the same request as updating roles is not + supported. It is not possible to remove the `MEMBER` + `MembershipRole`. If you wish to delete a `Membership`, call + MembershipsService.DeleteMembership instead. Must not contain + `MEMBER`. Must not be set if `update_roles_params` is set. + type: array + items: + type: string + addRoles: + type: array + description: >- + The `MembershipRole`s to be added. Adding or removing roles in the + same request as updating roles is not supported. Must not be set if + `update_roles_params` is set. + items: + $ref: '#/components/schemas/MembershipRole' + updateRolesParams: + type: array + description: >- + The `MembershipRole`s to be updated. Updating roles in the same + request as adding or removing roles is not supported. Must not be + set if either `add_roles` or `remove_roles` is set. + items: + $ref: '#/components/schemas/UpdateMembershipRolesParams' + description: The request message for MembershipsService.ModifyMembershipRoles. type: object - properties: {} GoogleAppsCloudidentityDevicesV1UpdateClientStateMetadata: id: GoogleAppsCloudidentityDevicesV1UpdateClientStateMetadata - description: Metadata for UpdateClientState LRO. - type: object - properties: {} - CreateGroupMetadata: - id: CreateGroupMetadata - description: Metadata for CreateGroup LRO. - type: object - properties: {} - DeleteGroupMetadata: - id: DeleteGroupMetadata - description: Metadata for DeleteGroup LRO. - type: object - properties: {} - UpdateGroupMetadata: - id: UpdateGroupMetadata - description: Metadata for UpdateGroup LRO. - type: object - properties: {} - CreateMembershipMetadata: - id: CreateMembershipMetadata - description: Metadata for CreateMembership LRO. - type: object properties: {} - DeleteMembershipMetadata: - id: DeleteMembershipMetadata - description: Metadata for DeleteMembership LRO. + description: Metadata for UpdateClientState LRO. type: object - properties: {} - UpdateMembershipMetadata: - id: UpdateMembershipMetadata - description: Metadata for UpdateMembership LRO. + IdpCredential: + id: IdpCredential + properties: + dsaKeyInfo: + readOnly: true + $ref: '#/components/schemas/DsaPublicKeyInfo' + description: Output only. Information of a DSA public key. + name: + description: >- + Output only. [Resource + name](https://cloud.google.com/apis/design/resource_names) of the + credential. + readOnly: true + type: string + updateTime: + description: Output only. Time when the `IdpCredential` was last updated. + format: google-datetime + type: string + readOnly: true + rsaKeyInfo: + readOnly: true + description: Output only. Information of a RSA public key. + $ref: '#/components/schemas/RsaPublicKeyInfo' type: object - properties: {} - GetMembershipGraphMetadata: - id: GetMembershipGraphMetadata - description: >- - Metadata of GetMembershipGraphResponse LRO. This is currently empty to - permit future extensibility. + description: Credential for verifying signatures produced by the Identity Provider. + IsInvitableUserResponse: + properties: + isInvitableUser: + description: Returns true if the email address is invitable. + type: boolean type: object - properties: {} - AddIdpCredentialOperationMetadata: - id: AddIdpCredentialOperationMetadata - description: >- - LRO response metadata for - InboundSamlSsoProfilesService.AddIdpCredential. + description: Response for IsInvitableUser RPC. + id: IsInvitableUserResponse + GoogleAppsCloudidentityDevicesV1Device: type: object + id: GoogleAppsCloudidentityDevicesV1Device properties: - state: + hostname: + description: Host name of the device. + type: string + enabledUsbDebugging: + description: Output only. Whether USB debugging is enabled on device. + readOnly: true + type: boolean + endpointVerificationSpecificAttributes: + readOnly: true + $ref: >- + #/components/schemas/GoogleAppsCloudidentityDevicesV1EndpointVerificationSpecificAttributes description: >- - State of this Operation Will be "awaiting-multi-party-approval" when - the operation is deferred due to the target customer having enabled - [Multi-party approval for sensitive - actions](https://support.google.com/a/answer/13790448). + Output only. Attributes specific to [Endpoint + Verification](https://cloud.google.com/endpoint-verification/docs/overview) + devices. + unifiedDeviceId: type: string - CreateInboundSamlSsoProfileOperationMetadata: - id: CreateInboundSamlSsoProfileOperationMetadata - description: >- - LRO response metadata for - InboundSamlSsoProfilesService.CreateInboundSamlSsoProfile. - type: object - properties: - state: + description: Output only. Unified device id of the device. + readOnly: true + serialNumber: + description: 'Serial Number of device. Example: HT82V1A01076.' + type: string + basebandVersion: + description: Output only. Baseband version of the device. + readOnly: true + type: string + lastSyncTime: + type: string + format: google-datetime + description: Most recent time when device synced with this service. + brand: + type: string + readOnly: true + description: 'Output only. Device brand. Example: Samsung.' + kernelVersion: + readOnly: true + type: string + description: Output only. Kernel version of the device. + releaseVersion: + description: 'Output only. OS release version. Example: 6.0.' + type: string + readOnly: true + networkOperator: + type: string + readOnly: true + description: Output only. Mobile or network operator of device, if available. + securityPatchTime: + description: Output only. OS security patch update time on device. + readOnly: true + type: string + format: google-datetime + osVersion: + readOnly: true + description: 'Output only. OS version of the device. Example: Android 8.1.0.' + type: string + deviceId: + description: Unique identifier for the device. + type: string + imei: + description: Output only. IMEI number of device if GSM device; empty otherwise. + readOnly: true + type: string + deviceType: + readOnly: true + description: Output only. Type of device. + enum: + - DEVICE_TYPE_UNSPECIFIED + - ANDROID + - IOS + - GOOGLE_SYNC + - WINDOWS + - MAC_OS + - LINUX + - CHROME_OS + enumDescriptions: + - Unknown device type + - Device is an Android device + - Device is an iOS device + - Device is a Google Sync device. + - Device is a Windows device. + - Device is a MacOS device. + - Device is a Linux device. + - Device is a ChromeOS device. + type: string + enabledDeveloperOptions: + readOnly: true + description: Output only. Whether developer options is enabled on device. + type: boolean + otherAccounts: + items: + type: string + type: array description: >- - State of this Operation Will be "awaiting-multi-party-approval" when - the operation is deferred due to the target customer having enabled - [Multi-party approval for sensitive - actions](https://support.google.com/a/answer/13790448). + Output only. Domain name for Google accounts on device. Type for + other accounts on device. On Android, will only be populated if + |ownership_privilege| is |PROFILE_OWNER| or |DEVICE_OWNER|. Does not + include the account signed in to the device policy app if that + account's domain has only one account. Examples: "com.example", + "xyz.com". + readOnly: true + managementState: + readOnly: true + enumDescriptions: + - Default value. This value is unused. + - Device is approved. + - Device is blocked. + - Device is pending approval. + - >- + The device is not provisioned. Device will start from this state + until some action is taken (i.e. a user starts using the device). + - Data and settings on the device are being removed. + - All data and settings on the device are removed. type: string - DeleteIdpCredentialOperationMetadata: - id: DeleteIdpCredentialOperationMetadata - description: >- - LRO response metadata for - InboundSamlSsoProfilesService.DeleteIdpCredential. - type: object - properties: {} - DeleteInboundSamlSsoProfileOperationMetadata: - id: DeleteInboundSamlSsoProfileOperationMetadata - description: >- - LRO response metadata for - InboundSamlSsoProfilesService.DeleteInboundSamlSsoProfile. - type: object - properties: {} - UpdateInboundSamlSsoProfileOperationMetadata: - id: UpdateInboundSamlSsoProfileOperationMetadata - description: >- - LRO response metadata for - InboundSamlSsoProfilesService.UpdateInboundSamlSsoProfile. - type: object + enum: + - MANAGEMENT_STATE_UNSPECIFIED + - APPROVED + - BLOCKED + - PENDING + - UNPROVISIONED + - WIPING + - WIPED + description: Output only. Management state of the device + createTime: + type: string + readOnly: true + description: >- + Output only. When the Company-Owned device was imported. This field + is empty for BYOD devices. + format: google-datetime + compromisedState: + enum: + - COMPROMISED_STATE_UNSPECIFIED + - COMPROMISED + - UNCOMPROMISED + type: string + description: Output only. Represents whether the Device is compromised. + enumDescriptions: + - Default value. + - >- + The device is compromised (currently, this means Android device is + rooted). + - >- + The device is safe (currently, this means Android device is + unrooted). + readOnly: true + assetTag: + description: Asset tag of the device. + type: string + buildNumber: + type: string + readOnly: true + description: Output only. Build number of the device. + manufacturer: + readOnly: true + type: string + description: 'Output only. Device manufacturer. Example: Motorola.' + meid: + description: Output only. MEID number of device if CDMA device; empty otherwise. + type: string + readOnly: true + bootloaderVersion: + readOnly: true + description: 'Output only. Device bootloader version. Example: 0.6.7.' + type: string + androidSpecificAttributes: + $ref: >- + #/components/schemas/GoogleAppsCloudidentityDevicesV1AndroidAttributes + description: Output only. Attributes specific to Android devices. + readOnly: true + model: + readOnly: true + type: string + description: 'Output only. Model name of device. Example: Pixel 3.' + encryptionState: + description: Output only. Device encryption state. + enumDescriptions: + - Encryption Status is not set. + - Device doesn't support encryption. + - Device is encrypted. + - Device is not encrypted. + enum: + - ENCRYPTION_STATE_UNSPECIFIED + - UNSUPPORTED_BY_DEVICE + - ENCRYPTED + - NOT_ENCRYPTED + readOnly: true + type: string + name: + description: >- + Output only. [Resource + name](https://cloud.google.com/apis/design/resource_names) of the + Device in format: `devices/{device}`, where device is the unique id + assigned to the Device. Important: Device API scopes require that + you use domain-wide delegation to access the API. For more + information, see [Set up the Devices + API](https://cloud.google.com/identity/docs/how-to/setup-devices). + readOnly: true + type: string + wifiMacAddresses: + description: WiFi MAC addresses of device. + type: array + items: + type: string + ownerType: + type: string + readOnly: true + description: >- + Output only. Whether the device is owned by the company or an + individual + enum: + - DEVICE_OWNERSHIP_UNSPECIFIED + - COMPANY + - BYOD + enumDescriptions: + - Default value. The value is unused. + - Company owns the device. + - Bring Your Own Device (i.e. individual owns the device) + description: ' A Device within the Cloud Identity Devices API. Represents a Device known to Google Cloud, independent of the device ownership, type, and whether it is assigned or in use by a user.' + OidcIdpConfig: properties: - state: + issuerUri: + type: string description: >- - State of this Operation Will be "awaiting-multi-party-approval" when - the operation is deferred due to the target customer having enabled - [Multi-party approval for sensitive - actions](https://support.google.com/a/answer/13790448). + Required. The Issuer identifier for the IdP. Must be a URL. The + discovery URL will be derived from this as described in Section 4 of + [the OIDC + specification](https://openid.net/specs/openid-connect-discovery-1_0.html). + changePasswordUri: + description: >- + The **Change Password URL** of the identity provider. Users will be + sent to this URL when changing their passwords at + `myaccount.google.com`. This takes precedence over the change + password URL configured at customer-level. Must use `HTTPS`. type: string - CreateInboundOidcSsoProfileOperationMetadata: - id: CreateInboundOidcSsoProfileOperationMetadata - description: >- - LRO response metadata for - InboundOidcSsoProfilesService.CreateInboundOidcSsoProfile. + description: OIDC IDP (identity provider) configuration. + id: OidcIdpConfig + type: object + OidcSsoInfo: type: object + description: Details that are applicable when `sso_mode` is set to `OIDC_SSO`. properties: - state: - description: >- - State of this Operation Will be "awaiting-multi-party-approval" when - the operation is deferred due to the target customer having enabled - [Multi-party approval for sensitive - actions](https://support.google.com/a/answer/13790448). + inboundOidcSsoProfile: type: string - UpdateInboundOidcSsoProfileOperationMetadata: - id: UpdateInboundOidcSsoProfileOperationMetadata - description: >- - LRO response metadata for - InboundOidcSsoProfilesService.UpdateInboundOidcSsoProfile. + description: >- + Required. Name of the `InboundOidcSsoProfile` to use. Must be of the + form `inboundOidcSsoProfiles/{inbound_oidc_sso_profile}`. + id: OidcSsoInfo + GoogleAppsCloudidentityDevicesV1SignoutDeviceUserMetadata: + properties: {} + id: GoogleAppsCloudidentityDevicesV1SignoutDeviceUserMetadata + description: Metadata for SignoutDeviceUser LRO. type: object + GoogleAppsCloudidentityDevicesV1CertificateAttributes: + description: Stores information about a certificate. properties: - state: - description: >- - State of this Operation Will be "awaiting-multi-party-approval" when - the operation is deferred due to the target customer having enabled - [Multi-party approval for sensitive - actions](https://support.google.com/a/answer/13790448). + subject: + description: The subject name of this certificate. type: string - DeleteInboundOidcSsoProfileOperationMetadata: - id: DeleteInboundOidcSsoProfileOperationMetadata - description: >- - LRO response metadata for - InboundOidcSsoProfilesService.DeleteInboundOidcSsoProfile. + serialNumber: + description: 'Serial number of the certificate, Example: "123456789".' + type: string + issuer: + description: The name of the issuer of this certificate. + type: string + fingerprint: + type: string + description: The encoded certificate fingerprint. + validityExpirationTime: + format: google-datetime + type: string + description: Certificate not valid at or after this timestamp. + thumbprint: + description: The certificate thumbprint. + type: string + certificateTemplate: + description: The X.509 extension for CertificateTemplate. + $ref: >- + #/components/schemas/GoogleAppsCloudidentityDevicesV1CertificateTemplate + validityStartTime: + description: Certificate not valid before this timestamp. + format: google-datetime + type: string + validationState: + enumDescriptions: + - Default value. + - Certificate validation was successful. + - Certificate validation failed. + enum: + - CERTIFICATE_VALIDATION_STATE_UNSPECIFIED + - VALIDATION_SUCCESSFUL + - VALIDATION_FAILED + description: Output only. Validation state of this certificate. + type: string + readOnly: true type: object - properties: {} - CreateInboundSsoAssignmentOperationMetadata: - id: CreateInboundSsoAssignmentOperationMetadata - description: >- - LRO response metadata for - InboundSsoAssignmentsService.CreateInboundSsoAssignment. + id: GoogleAppsCloudidentityDevicesV1CertificateAttributes + CreateMembershipMetadata: type: object + id: CreateMembershipMetadata properties: {} - DeleteInboundSsoAssignmentOperationMetadata: - id: DeleteInboundSsoAssignmentOperationMetadata - description: >- - LRO response metadata for - InboundSsoAssignmentsService.DeleteInboundSsoAssignment. + description: Metadata for CreateMembership LRO. + ListGroupsResponse: + id: ListGroupsResponse + properties: + groups: + items: + $ref: '#/components/schemas/Group' + description: >- + Groups returned in response to list request. The results are not + sorted. + type: array + nextPageToken: + description: >- + Token to retrieve the next page of results, or empty if there are no + more results available for listing. + type: string type: object - properties: {} - UpdateInboundSsoAssignmentOperationMetadata: - id: UpdateInboundSsoAssignmentOperationMetadata - description: >- - LRO response metadata for - InboundSsoAssignmentsService.UpdateInboundSsoAssignment. + description: Response message for ListGroups operation. + DeleteGroupMetadata: type: object properties: {} + id: DeleteGroupMetadata + description: Metadata for DeleteGroup LRO. parameters: - access_token: - description: OAuth access token. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: access_token + name: key schema: type: string alt: @@ -2631,19 +2634,10 @@ components: name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: key + name: uploadType schema: type: string oauth_token: @@ -2652,12 +2646,6 @@ components: name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -2667,18 +2655,12 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: uploadType + name: prettyPrint schema: - type: string + type: boolean _.xgafv: description: V1 error format. in: query @@ -2688,75 +2670,89 @@ components: enum: - '1' - '2' + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string x-stackQL-resources: - devices: - id: google.cloudidentity.devices - name: devices - title: Devices + inbound_oidc_sso_profiles: + id: google.cloudidentity.inbound_oidc_sso_profiles + name: inbound_oidc_sso_profiles + title: Inbound_oidc_sso_profiles methods: create: operation: - $ref: '#/paths/~1v1~1devices/post' + $ref: '#/paths/~1v1~1inboundOidcSsoProfiles/post' response: mediaType: application/json openAPIDocKey: '200' list: operation: - $ref: '#/paths/~1v1~1devices/get' + $ref: '#/paths/~1v1~1inboundOidcSsoProfiles/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.devices + objectKey: $.inboundOidcSsoProfiles get: operation: - $ref: '#/paths/~1v1~1devices~1{devicesId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: '#/paths/~1v1~1devices~1{devicesId}/delete' + $ref: >- + #/paths/~1v1~1inboundOidcSsoProfiles~1{inboundOidcSsoProfilesId}/get response: mediaType: application/json openAPIDocKey: '200' - wipe: + patch: operation: - $ref: '#/paths/~1v1~1devices~1{devicesId}:wipe/post' + $ref: >- + #/paths/~1v1~1inboundOidcSsoProfiles~1{inboundOidcSsoProfilesId}/patch response: mediaType: application/json openAPIDocKey: '200' - cancel_wipe: + delete: operation: - $ref: '#/paths/~1v1~1devices~1{devicesId}:cancelWipe/post' + $ref: >- + #/paths/~1v1~1inboundOidcSsoProfiles~1{inboundOidcSsoProfilesId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/devices/methods/get' - - $ref: '#/components/x-stackQL-resources/devices/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/devices/methods/create' - update: [] + - $ref: >- + #/components/x-stackQL-resources/inbound_oidc_sso_profiles/methods/get + - $ref: >- + #/components/x-stackQL-resources/inbound_oidc_sso_profiles/methods/list + insert: + - $ref: >- + #/components/x-stackQL-resources/inbound_oidc_sso_profiles/methods/create + update: + - $ref: >- + #/components/x-stackQL-resources/inbound_oidc_sso_profiles/methods/patch replace: [] delete: - - $ref: '#/components/x-stackQL-resources/devices/methods/delete' + - $ref: >- + #/components/x-stackQL-resources/inbound_oidc_sso_profiles/methods/delete device_users: id: google.cloudidentity.device_users name: device_users title: Device_users methods: - get: - operation: - $ref: >- - #/paths/~1v1~1devices~1{devicesId}~1deviceUsers~1{deviceUsersId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete: + wipe: operation: $ref: >- - #/paths/~1v1~1devices~1{devicesId}~1deviceUsers~1{deviceUsersId}/delete + #/paths/~1v1~1devices~1{devicesId}~1deviceUsers~1{deviceUsersId}:wipe/post response: mediaType: application/json openAPIDocKey: '200' @@ -2767,37 +2763,44 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.deviceUsers - lookup: + cancel_wipe: operation: - $ref: '#/paths/~1v1~1devices~1{devicesId}~1deviceUsers:lookup/get' + $ref: >- + #/paths/~1v1~1devices~1{devicesId}~1deviceUsers~1{deviceUsersId}:cancelWipe/post response: mediaType: application/json openAPIDocKey: '200' - approve: + block: operation: $ref: >- - #/paths/~1v1~1devices~1{devicesId}~1deviceUsers~1{deviceUsersId}:approve/post + #/paths/~1v1~1devices~1{devicesId}~1deviceUsers~1{deviceUsersId}:block/post response: mediaType: application/json openAPIDocKey: '200' - block: + get: operation: $ref: >- - #/paths/~1v1~1devices~1{devicesId}~1deviceUsers~1{deviceUsersId}:block/post + #/paths/~1v1~1devices~1{devicesId}~1deviceUsers~1{deviceUsersId}/get response: mediaType: application/json openAPIDocKey: '200' - wipe: + delete: operation: $ref: >- - #/paths/~1v1~1devices~1{devicesId}~1deviceUsers~1{deviceUsersId}:wipe/post + #/paths/~1v1~1devices~1{devicesId}~1deviceUsers~1{deviceUsersId}/delete response: mediaType: application/json openAPIDocKey: '200' - cancel_wipe: + lookup: + operation: + $ref: '#/paths/~1v1~1devices~1{devicesId}~1deviceUsers:lookup/get' + response: + mediaType: application/json + openAPIDocKey: '200' + approve: operation: $ref: >- - #/paths/~1v1~1devices~1{devicesId}~1deviceUsers~1{deviceUsersId}:cancelWipe/post + #/paths/~1v1~1devices~1{devicesId}~1deviceUsers~1{deviceUsersId}:approve/post response: mediaType: application/json openAPIDocKey: '200' @@ -2846,97 +2849,150 @@ components: - $ref: '#/components/x-stackQL-resources/client_states/methods/patch' replace: [] delete: [] - groups: - id: google.cloudidentity.groups - name: groups - title: Groups + devices: + id: google.cloudidentity.devices + name: devices + title: Devices methods: - create: + wipe: operation: - $ref: '#/paths/~1v1~1groups/post' + $ref: '#/paths/~1v1~1devices~1{devicesId}:wipe/post' response: mediaType: application/json openAPIDocKey: '200' - list: + cancel_wipe: operation: - $ref: '#/paths/~1v1~1groups/get' + $ref: '#/paths/~1v1~1devices~1{devicesId}:cancelWipe/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.groups - get: + list: operation: - $ref: '#/paths/~1v1~1groups~1{groupsId}/get' + $ref: '#/paths/~1v1~1devices/get' response: mediaType: application/json openAPIDocKey: '200' - patch: + objectKey: $.devices + create: operation: - $ref: '#/paths/~1v1~1groups~1{groupsId}/patch' + $ref: '#/paths/~1v1~1devices/post' response: mediaType: application/json openAPIDocKey: '200' delete: operation: - $ref: '#/paths/~1v1~1groups~1{groupsId}/delete' + $ref: '#/paths/~1v1~1devices~1{devicesId}/delete' response: mediaType: application/json openAPIDocKey: '200' - lookup: + get: operation: - $ref: '#/paths/~1v1~1groups:lookup/get' + $ref: '#/paths/~1v1~1devices~1{devicesId}/get' response: mediaType: application/json openAPIDocKey: '200' - search: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/devices/methods/get' + - $ref: '#/components/x-stackQL-resources/devices/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/devices/methods/create' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/devices/methods/delete' + policies: + id: google.cloudidentity.policies + name: policies + title: Policies + methods: + get: operation: - $ref: '#/paths/~1v1~1groups:search/get' + $ref: '#/paths/~1v1~1policies~1{policiesId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: '#/paths/~1v1~1policies/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.policies sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/groups/methods/get' - - $ref: '#/components/x-stackQL-resources/groups/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/groups/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/groups/methods/patch' + - $ref: '#/components/x-stackQL-resources/policies/methods/get' + - $ref: '#/components/x-stackQL-resources/policies/methods/list' + insert: [] + update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/groups/methods/delete' - groups_security_settings: - id: google.cloudidentity.groups_security_settings - name: groups_security_settings - title: Groups_security_settings + delete: [] + inbound_sso_assignments: + id: google.cloudidentity.inbound_sso_assignments + name: inbound_sso_assignments + title: Inbound_sso_assignments methods: - get_security_settings: + delete: operation: - $ref: '#/paths/~1v1~1groups~1{groupsId}~1securitySettings/get' + $ref: >- + #/paths/~1v1~1inboundSsoAssignments~1{inboundSsoAssignmentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - update_security_settings: + patch: operation: - $ref: '#/paths/~1v1~1groups~1{groupsId}~1securitySettings/patch' + $ref: >- + #/paths/~1v1~1inboundSsoAssignments~1{inboundSsoAssignmentsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: '#/paths/~1v1~1inboundSsoAssignments~1{inboundSsoAssignmentsId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: '#/paths/~1v1~1inboundSsoAssignments/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.inboundSsoAssignments + create: + operation: + $ref: '#/paths/~1v1~1inboundSsoAssignments/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/groups_security_settings/methods/get_security_settings - insert: [] + #/components/x-stackQL-resources/inbound_sso_assignments/methods/get + - $ref: >- + #/components/x-stackQL-resources/inbound_sso_assignments/methods/list + insert: + - $ref: >- + #/components/x-stackQL-resources/inbound_sso_assignments/methods/create update: - $ref: >- - #/components/x-stackQL-resources/groups_security_settings/methods/update_security_settings + #/components/x-stackQL-resources/inbound_sso_assignments/methods/patch replace: [] - delete: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/inbound_sso_assignments/methods/delete memberships: id: google.cloudidentity.memberships name: memberships title: Memberships methods: + search_transitive_groups: + operation: + $ref: >- + #/paths/~1v1~1groups~1{groupsId}~1memberships:searchTransitiveGroups/get + response: + mediaType: application/json + openAPIDocKey: '200' create: operation: $ref: '#/paths/~1v1~1groups~1{groupsId}~1memberships/post' @@ -2950,16 +3006,10 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.memberships - get: - operation: - $ref: '#/paths/~1v1~1groups~1{groupsId}~1memberships~1{membershipsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - delete: + search_transitive_memberships: operation: $ref: >- - #/paths/~1v1~1groups~1{groupsId}~1memberships~1{membershipsId}/delete + #/paths/~1v1~1groups~1{groupsId}~1memberships:searchTransitiveMemberships/get response: mediaType: application/json openAPIDocKey: '200' @@ -2969,24 +3019,23 @@ components: response: mediaType: application/json openAPIDocKey: '200' - modify_membership_roles: + delete: operation: $ref: >- - #/paths/~1v1~1groups~1{groupsId}~1memberships~1{membershipsId}:modifyMembershipRoles/post + #/paths/~1v1~1groups~1{groupsId}~1memberships~1{membershipsId}/delete response: mediaType: application/json openAPIDocKey: '200' - search_transitive_memberships: + get: operation: - $ref: >- - #/paths/~1v1~1groups~1{groupsId}~1memberships:searchTransitiveMemberships/get + $ref: '#/paths/~1v1~1groups~1{groupsId}~1memberships~1{membershipsId}/get' response: mediaType: application/json openAPIDocKey: '200' - search_transitive_groups: + modify_membership_roles: operation: $ref: >- - #/paths/~1v1~1groups~1{groupsId}~1memberships:searchTransitiveGroups/get + #/paths/~1v1~1groups~1{groupsId}~1memberships~1{membershipsId}:modifyMembershipRoles/post response: mediaType: application/json openAPIDocKey: '200' @@ -3034,319 +3083,275 @@ components: update: [] replace: [] delete: [] - inbound_saml_sso_profiles: - id: google.cloudidentity.inbound_saml_sso_profiles - name: inbound_saml_sso_profiles - title: Inbound_saml_sso_profiles + groups: + id: google.cloudidentity.groups + name: groups + title: Groups methods: - create: - operation: - $ref: '#/paths/~1v1~1inboundSamlSsoProfiles/post' - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: '#/paths/~1v1~1inboundSamlSsoProfiles/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.inboundSamlSsoProfiles - patch: + get: operation: - $ref: >- - #/paths/~1v1~1inboundSamlSsoProfiles~1{inboundSamlSsoProfilesId}/patch + $ref: '#/paths/~1v1~1groups~1{groupsId}/get' response: mediaType: application/json openAPIDocKey: '200' delete: operation: - $ref: >- - #/paths/~1v1~1inboundSamlSsoProfiles~1{inboundSamlSsoProfilesId}/delete + $ref: '#/paths/~1v1~1groups~1{groupsId}/delete' response: mediaType: application/json openAPIDocKey: '200' - get: + patch: operation: - $ref: >- - #/paths/~1v1~1inboundSamlSsoProfiles~1{inboundSamlSsoProfilesId}/get + $ref: '#/paths/~1v1~1groups~1{groupsId}/patch' response: mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/inbound_saml_sso_profiles/methods/get - - $ref: >- - #/components/x-stackQL-resources/inbound_saml_sso_profiles/methods/list - insert: - - $ref: >- - #/components/x-stackQL-resources/inbound_saml_sso_profiles/methods/create - update: - - $ref: >- - #/components/x-stackQL-resources/inbound_saml_sso_profiles/methods/patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/inbound_saml_sso_profiles/methods/delete - idp_credentials: - id: google.cloudidentity.idp_credentials - name: idp_credentials - title: Idp_credentials - methods: - delete: + openAPIDocKey: '200' + search: operation: - $ref: >- - #/paths/~1v1~1inboundSamlSsoProfiles~1{inboundSamlSsoProfilesId}~1idpCredentials~1{idpCredentialsId}/delete + $ref: '#/paths/~1v1~1groups:search/get' response: mediaType: application/json openAPIDocKey: '200' - get: + create: operation: - $ref: >- - #/paths/~1v1~1inboundSamlSsoProfiles~1{inboundSamlSsoProfilesId}~1idpCredentials~1{idpCredentialsId}/get + $ref: '#/paths/~1v1~1groups/post' response: mediaType: application/json openAPIDocKey: '200' list: operation: - $ref: >- - #/paths/~1v1~1inboundSamlSsoProfiles~1{inboundSamlSsoProfilesId}~1idpCredentials/get + $ref: '#/paths/~1v1~1groups/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.idpCredentials - add: + objectKey: $.groups + lookup: operation: - $ref: >- - #/paths/~1v1~1inboundSamlSsoProfiles~1{inboundSamlSsoProfilesId}~1idpCredentials:add/post + $ref: '#/paths/~1v1~1groups:lookup/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/idp_credentials/methods/get' - - $ref: '#/components/x-stackQL-resources/idp_credentials/methods/list' + - $ref: '#/components/x-stackQL-resources/groups/methods/get' + - $ref: '#/components/x-stackQL-resources/groups/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/idp_credentials/methods/add' - update: [] + - $ref: '#/components/x-stackQL-resources/groups/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/groups/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/idp_credentials/methods/delete' - inbound_oidc_sso_profiles: - id: google.cloudidentity.inbound_oidc_sso_profiles - name: inbound_oidc_sso_profiles - title: Inbound_oidc_sso_profiles + - $ref: '#/components/x-stackQL-resources/groups/methods/delete' + groups_security_settings: + id: google.cloudidentity.groups_security_settings + name: groups_security_settings + title: Groups_security_settings methods: - create: + get_security_settings: operation: - $ref: '#/paths/~1v1~1inboundOidcSsoProfiles/post' + $ref: '#/paths/~1v1~1groups~1{groupsId}~1securitySettings/get' + response: + mediaType: application/json + openAPIDocKey: '200' + update_security_settings: + operation: + $ref: '#/paths/~1v1~1groups~1{groupsId}~1securitySettings/patch' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/groups_security_settings/methods/get_security_settings + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/groups_security_settings/methods/update_security_settings + replace: [] + delete: [] + userinvitations: + id: google.cloudidentity.userinvitations + name: userinvitations + title: Userinvitations + methods: + cancel: + operation: + $ref: >- + #/paths/~1v1~1customers~1{customersId}~1userinvitations~1{userinvitationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' list: operation: - $ref: '#/paths/~1v1~1inboundOidcSsoProfiles/get' + $ref: '#/paths/~1v1~1customers~1{customersId}~1userinvitations/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.inboundOidcSsoProfiles - patch: + objectKey: $.userInvitations + send: operation: $ref: >- - #/paths/~1v1~1inboundOidcSsoProfiles~1{inboundOidcSsoProfilesId}/patch + #/paths/~1v1~1customers~1{customersId}~1userinvitations~1{userinvitationsId}:send/post response: mediaType: application/json openAPIDocKey: '200' - delete: + is_invitable_user: operation: $ref: >- - #/paths/~1v1~1inboundOidcSsoProfiles~1{inboundOidcSsoProfilesId}/delete + #/paths/~1v1~1customers~1{customersId}~1userinvitations~1{userinvitationsId}:isInvitableUser/get response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1inboundOidcSsoProfiles~1{inboundOidcSsoProfilesId}/get + #/paths/~1v1~1customers~1{customersId}~1userinvitations~1{userinvitationsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/inbound_oidc_sso_profiles/methods/get - - $ref: >- - #/components/x-stackQL-resources/inbound_oidc_sso_profiles/methods/list - insert: - - $ref: >- - #/components/x-stackQL-resources/inbound_oidc_sso_profiles/methods/create - update: - - $ref: >- - #/components/x-stackQL-resources/inbound_oidc_sso_profiles/methods/patch + - $ref: '#/components/x-stackQL-resources/userinvitations/methods/get' + - $ref: '#/components/x-stackQL-resources/userinvitations/methods/list' + insert: [] + update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/inbound_oidc_sso_profiles/methods/delete - inbound_sso_assignments: - id: google.cloudidentity.inbound_sso_assignments - name: inbound_sso_assignments - title: Inbound_sso_assignments + delete: [] + inbound_saml_sso_profiles: + id: google.cloudidentity.inbound_saml_sso_profiles + name: inbound_saml_sso_profiles + title: Inbound_saml_sso_profiles methods: - get: + create: operation: - $ref: '#/paths/~1v1~1inboundSsoAssignments~1{inboundSsoAssignmentsId}/get' + $ref: '#/paths/~1v1~1inboundSamlSsoProfiles/post' response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: - $ref: >- - #/paths/~1v1~1inboundSsoAssignments~1{inboundSsoAssignmentsId}/patch + $ref: '#/paths/~1v1~1inboundSamlSsoProfiles/get' response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.inboundSamlSsoProfiles + get: operation: $ref: >- - #/paths/~1v1~1inboundSsoAssignments~1{inboundSsoAssignmentsId}/delete + #/paths/~1v1~1inboundSamlSsoProfiles~1{inboundSamlSsoProfilesId}/get response: mediaType: application/json openAPIDocKey: '200' - create: + patch: operation: - $ref: '#/paths/~1v1~1inboundSsoAssignments/post' + $ref: >- + #/paths/~1v1~1inboundSamlSsoProfiles~1{inboundSamlSsoProfilesId}/patch response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: - $ref: '#/paths/~1v1~1inboundSsoAssignments/get' + $ref: >- + #/paths/~1v1~1inboundSamlSsoProfiles~1{inboundSamlSsoProfilesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.inboundSsoAssignments sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/inbound_sso_assignments/methods/get + #/components/x-stackQL-resources/inbound_saml_sso_profiles/methods/get - $ref: >- - #/components/x-stackQL-resources/inbound_sso_assignments/methods/list + #/components/x-stackQL-resources/inbound_saml_sso_profiles/methods/list insert: - $ref: >- - #/components/x-stackQL-resources/inbound_sso_assignments/methods/create + #/components/x-stackQL-resources/inbound_saml_sso_profiles/methods/create update: - $ref: >- - #/components/x-stackQL-resources/inbound_sso_assignments/methods/patch + #/components/x-stackQL-resources/inbound_saml_sso_profiles/methods/patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/inbound_sso_assignments/methods/delete - policies: - id: google.cloudidentity.policies - name: policies - title: Policies + #/components/x-stackQL-resources/inbound_saml_sso_profiles/methods/delete + idp_credentials: + id: google.cloudidentity.idp_credentials + name: idp_credentials + title: Idp_credentials methods: - get: - operation: - $ref: '#/paths/~1v1~1policies~1{policiesId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' list: - operation: - $ref: '#/paths/~1v1~1policies/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.policies - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/policies/methods/get' - - $ref: '#/components/x-stackQL-resources/policies/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - userinvitations: - id: google.cloudidentity.userinvitations - name: userinvitations - title: Userinvitations - methods: - get: operation: $ref: >- - #/paths/~1v1~1customers~1{customersId}~1userinvitations~1{userinvitationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: '#/paths/~1v1~1customers~1{customersId}~1userinvitations/get' + #/paths/~1v1~1inboundSamlSsoProfiles~1{inboundSamlSsoProfilesId}~1idpCredentials/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.userInvitations - send: + objectKey: $.idpCredentials + delete: operation: $ref: >- - #/paths/~1v1~1customers~1{customersId}~1userinvitations~1{userinvitationsId}:send/post + #/paths/~1v1~1inboundSamlSsoProfiles~1{inboundSamlSsoProfilesId}~1idpCredentials~1{idpCredentialsId}/delete response: mediaType: application/json openAPIDocKey: '200' - cancel: + get: operation: $ref: >- - #/paths/~1v1~1customers~1{customersId}~1userinvitations~1{userinvitationsId}:cancel/post + #/paths/~1v1~1inboundSamlSsoProfiles~1{inboundSamlSsoProfilesId}~1idpCredentials~1{idpCredentialsId}/get response: mediaType: application/json openAPIDocKey: '200' - is_invitable_user: + add: operation: $ref: >- - #/paths/~1v1~1customers~1{customersId}~1userinvitations~1{userinvitationsId}:isInvitableUser/get + #/paths/~1v1~1inboundSamlSsoProfiles~1{inboundSamlSsoProfilesId}~1idpCredentials:add/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/userinvitations/methods/get' - - $ref: '#/components/x-stackQL-resources/userinvitations/methods/list' - insert: [] + - $ref: '#/components/x-stackQL-resources/idp_credentials/methods/get' + - $ref: '#/components/x-stackQL-resources/idp_credentials/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/idp_credentials/methods/add' update: [] replace: [] - delete: [] + delete: + - $ref: '#/components/x-stackQL-resources/idp_credentials/methods/delete' paths: - /v1/devices: + /v1/inboundOidcSsoProfiles: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/upload_protocol' post: description: >- - Creates a device. Only company-owned device may be created. **Note**: - This method is available only to customers who have one of the following - SKUs: Enterprise Standard, Enterprise Plus, Enterprise for Education, - and Cloud Identity Premium - operationId: cloudidentity.devices.create + Creates an InboundOidcSsoProfile for a customer. When the target + customer has enabled [Multi-party approval for sensitive + actions](https://support.google.com/a/answer/13790448), the `Operation` + in the response will have `"done": false`, it will not have a response, + and the metadata will have `"state": "awaiting-multi-party-approval"`. + operationId: cloudidentity.inboundOidcSsoProfiles.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1Device' + $ref: '#/components/schemas/InboundOidcSsoProfile' security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.devices + - https://www.googleapis.com/auth/cloud-identity.inboundsso Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.devices + - https://www.googleapis.com/auth/cloud-identity.inboundsso + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response @@ -3354,96 +3359,97 @@ paths: application/json: schema: $ref: '#/components/schemas/Operation' - parameters: - - in: query - name: customer - schema: - type: string - get: - description: Lists/Searches devices. - operationId: cloudidentity.devices.list + parameters: [] + get: + description: Lists InboundOidcSsoProfile objects for a Google enterprise customer. + operationId: cloudidentity.inboundOidcSsoProfiles.list security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.devices + - https://www.googleapis.com/auth/cloud-identity.inboundsso Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.devices + - https://www.googleapis.com/auth/cloud-identity.inboundsso - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.devices.readonly + - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.devices.readonly + - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleAppsCloudidentityDevicesV1ListDevicesResponse + $ref: '#/components/schemas/ListInboundOidcSsoProfilesResponse' parameters: - - in: query - name: customer - schema: - type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy + name: filter schema: type: string - in: query - name: view + name: pageToken schema: type: string - /v1/devices/{devicesId}: + /v1/inboundOidcSsoProfiles/{inboundOidcSsoProfilesId}: parameters: *ref_1 get: - description: Retrieves the specified device. - operationId: cloudidentity.devices.get + description: Gets an InboundOidcSsoProfile. + operationId: cloudidentity.inboundOidcSsoProfiles.get security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.devices + - https://www.googleapis.com/auth/cloud-identity.inboundsso Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.devices + - https://www.googleapis.com/auth/cloud-identity.inboundsso - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.devices.readonly + - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.devices.readonly + - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1Device' + $ref: '#/components/schemas/InboundOidcSsoProfile' parameters: - in: path - name: devicesId + name: inboundOidcSsoProfilesId required: true schema: type: string - - in: query - name: customer - schema: - type: string - delete: - description: Deletes the specified device. - operationId: cloudidentity.devices.delete + patch: + description: >- + Updates an InboundOidcSsoProfile. When the target customer has enabled + [Multi-party approval for sensitive + actions](https://support.google.com/a/answer/13790448), the `Operation` + in the response will have `"done": false`, it will not have a response, + and the metadata will have `"state": "awaiting-multi-party-approval"`. + operationId: cloudidentity.inboundOidcSsoProfiles.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InboundOidcSsoProfile' security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.devices + - https://www.googleapis.com/auth/cloud-identity.inboundsso Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.devices + - https://www.googleapis.com/auth/cloud-identity.inboundsso + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response @@ -3453,30 +3459,27 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: devicesId + name: inboundOidcSsoProfilesId required: true schema: type: string - in: query - name: customer + name: updateMask schema: type: string - /v1/devices/{devicesId}:wipe: - parameters: *ref_1 - post: - description: Wipes all data on the specified device. - operationId: cloudidentity.devices.wipe - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleAppsCloudidentityDevicesV1WipeDeviceRequest + format: google-fieldmask + delete: + description: Deletes an InboundOidcSsoProfile. + operationId: cloudidentity.inboundOidcSsoProfiles.delete security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.devices + - https://www.googleapis.com/auth/cloud-identity.inboundsso Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.devices + - https://www.googleapis.com/auth/cloud-identity.inboundsso + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response @@ -3486,28 +3489,28 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: devicesId + name: inboundOidcSsoProfilesId required: true schema: type: string - /v1/devices/{devicesId}:cancelWipe: + /v1/devices/{devicesId}/deviceUsers/{deviceUsersId}:wipe: parameters: *ref_1 post: description: >- - Cancels an unfinished device wipe. This operation can be used to cancel - device wipe in the gap between the wipe operation returning success and - the device being wiped. This operation is possible when the device is in - a "pending wipe" state. The device enters the "pending wipe" state when - a wipe device command is issued, but has not yet been sent to the - device. The cancel wipe will fail if the wipe command has already been - issued to the device. - operationId: cloudidentity.devices.cancelWipe + Wipes the user's account on a device. Other data on the device that is + not associated with the user's work account is not affected. For + example, if a Gmail app is installed on a device that is used for + personal and work purposes, and the user is logged in to the Gmail app + with their personal account as well as their work account, wiping the + "deviceUser" by their work administrator will not affect their personal + account within Gmail or other apps such as Photos. + operationId: cloudidentity.devices.deviceUsers.wipe requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleAppsCloudidentityDevicesV1CancelWipeDeviceRequest + #/components/schemas/GoogleAppsCloudidentityDevicesV1WipeDeviceUserRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.devices @@ -3526,11 +3529,16 @@ paths: required: true schema: type: string - /v1/devices/{devicesId}/deviceUsers/{deviceUsersId}: + - in: path + name: deviceUsersId + required: true + schema: + type: string + /v1/devices/{devicesId}/deviceUsers: parameters: *ref_1 get: - description: Retrieves the specified DeviceUser - operationId: cloudidentity.devices.deviceUsers.get + description: Lists/Searches DeviceUsers. + operationId: cloudidentity.devices.deviceUsers.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.devices @@ -3547,27 +3555,48 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleAppsCloudidentityDevicesV1DeviceUser + #/components/schemas/GoogleAppsCloudidentityDevicesV1ListDeviceUsersResponse parameters: - in: path name: devicesId required: true schema: type: string - - in: path - name: deviceUsersId - required: true + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 - in: query name: customer schema: type: string - delete: + /v1/devices/{devicesId}/deviceUsers/{deviceUsersId}:cancelWipe: + parameters: *ref_1 + post: description: >- - Deletes the specified DeviceUser. This also revokes the user's access to - device data. - operationId: cloudidentity.devices.deviceUsers.delete + Cancels an unfinished user account wipe. This operation can be used to + cancel device wipe in the gap between the wipe operation returning + success and the device being wiped. + operationId: cloudidentity.devices.deviceUsers.cancelWipe + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleAppsCloudidentityDevicesV1CancelWipeDeviceUserRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.devices @@ -3591,15 +3620,45 @@ paths: required: true schema: type: string - - in: query - name: customer + /v1/devices/{devicesId}/deviceUsers/{deviceUsersId}:block: + parameters: *ref_1 + post: + description: Blocks device from accessing user data + operationId: cloudidentity.devices.deviceUsers.block + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleAppsCloudidentityDevicesV1BlockDeviceUserRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-identity.devices + Oauth2c: + - https://www.googleapis.com/auth/cloud-identity.devices + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: devicesId + required: true schema: type: string - /v1/devices/{devicesId}/deviceUsers: + - in: path + name: deviceUsersId + required: true + schema: + type: string + /v1/devices/{devicesId}/deviceUsers/{deviceUsersId}: parameters: *ref_1 get: - description: Lists/Searches DeviceUsers. - operationId: cloudidentity.devices.deviceUsers.list + description: Retrieves the specified DeviceUser + operationId: cloudidentity.devices.deviceUsers.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.devices @@ -3616,32 +3675,52 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleAppsCloudidentityDevicesV1ListDeviceUsersResponse + #/components/schemas/GoogleAppsCloudidentityDevicesV1DeviceUser parameters: - in: path name: devicesId required: true schema: type: string - - in: query - name: customer + - in: path + name: deviceUsersId + required: true schema: type: string - in: query - name: filter + name: customer schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + delete: + description: >- + Deletes the specified DeviceUser. This also revokes the user's access to + device data. + operationId: cloudidentity.devices.deviceUsers.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-identity.devices + Oauth2c: + - https://www.googleapis.com/auth/cloud-identity.devices + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: devicesId + required: true + schema: + type: string + - in: path + name: deviceUsersId + required: true schema: type: string - in: query - name: orderBy + name: customer schema: type: string /v1/devices/{devicesId}/deviceUsers:lookup: @@ -3656,10 +3735,9 @@ paths: properties are considered as matches - i.e. the query behaves like an AND. Different platforms require different amounts of information from the caller to ensure that the DeviceUser is uniquely identified. - iOS: - No properties need to be passed, the caller's credentials are sufficient - to identify the corresponding DeviceUser. - Android: Specifying the - 'android_id' field is required. - Desktop: Specifying the - 'raw_resource_id' field is required. + Specifying the 'partner' and 'ios_device_id' fields is required. - + Android: Specifying the 'android_id' field is required. - Desktop: + Specifying the 'raw_resource_id' field is required. operationId: cloudidentity.devices.deviceUsers.lookup security: - Oauth2: @@ -3680,25 +3758,33 @@ paths: required: true schema: type: string + - in: query + name: rawResourceId + schema: + type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: userId schema: type: string - in: query - name: androidId + name: iosDeviceId schema: type: string - in: query - name: rawResourceId + name: partner schema: type: string - in: query - name: userId + name: androidId schema: type: string /v1/devices/{devicesId}/deviceUsers/{deviceUsersId}:approve: @@ -3735,29 +3821,28 @@ paths: required: true schema: type: string - /v1/devices/{devicesId}/deviceUsers/{deviceUsersId}:block: + /v1/devices/{devicesId}/deviceUsers/{deviceUsersId}/clientStates/{clientStatesId}: parameters: *ref_1 - post: - description: Blocks device from accessing user data - operationId: cloudidentity.devices.deviceUsers.block - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleAppsCloudidentityDevicesV1BlockDeviceUserRequest + get: + description: Gets the client state for the device user + operationId: cloudidentity.devices.deviceUsers.clientStates.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.devices Oauth2c: - https://www.googleapis.com/auth/cloud-identity.devices + - Oauth2: + - https://www.googleapis.com/auth/cloud-identity.devices.readonly + Oauth2c: + - https://www.googleapis.com/auth/cloud-identity.devices.readonly responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: >- + #/components/schemas/GoogleAppsCloudidentityDevicesV1ClientState parameters: - in: path name: devicesId @@ -3769,61 +3854,27 @@ paths: required: true schema: type: string - /v1/devices/{devicesId}/deviceUsers/{deviceUsersId}:wipe: - parameters: *ref_1 - post: - description: >- - Wipes the user's account on a device. Other data on the device that is - not associated with the user's work account is not affected. For - example, if a Gmail app is installed on a device that is used for - personal and work purposes, and the user is logged in to the Gmail app - with their personal account as well as their work account, wiping the - "deviceUser" by their work administrator will not affect their personal - account within Gmail or other apps such as Photos. - operationId: cloudidentity.devices.deviceUsers.wipe - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleAppsCloudidentityDevicesV1WipeDeviceUserRequest - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.devices - Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.devices - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - in: path - name: devicesId + name: clientStatesId required: true schema: type: string - - in: path - name: deviceUsersId - required: true + - in: query + name: customer schema: type: string - /v1/devices/{devicesId}/deviceUsers/{deviceUsersId}:cancelWipe: - parameters: *ref_1 - post: + patch: description: >- - Cancels an unfinished user account wipe. This operation can be used to - cancel device wipe in the gap between the wipe operation returning - success and the device being wiped. - operationId: cloudidentity.devices.deviceUsers.cancelWipe + Updates the client state for the device user **Note**: This method is + available only to customers who have one of the following SKUs: + Enterprise Standard, Enterprise Plus, Enterprise for Education, and + Cloud Identity Premium + operationId: cloudidentity.devices.deviceUsers.clientStates.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleAppsCloudidentityDevicesV1CancelWipeDeviceUserRequest + $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1ClientState' security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.devices @@ -3847,11 +3898,25 @@ paths: required: true schema: type: string - /v1/devices/{devicesId}/deviceUsers/{deviceUsersId}/clientStates/{clientStatesId}: + - in: path + name: clientStatesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: customer + schema: + type: string + /v1/devices/{devicesId}/deviceUsers/{deviceUsersId}/clientStates: parameters: *ref_1 get: - description: Gets the client state for the device user - operationId: cloudidentity.devices.deviceUsers.clientStates.get + description: Lists the client states for the given search query. + operationId: cloudidentity.devices.deviceUsers.clientStates.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.devices @@ -3868,7 +3933,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleAppsCloudidentityDevicesV1ClientState + #/components/schemas/GoogleAppsCloudidentityDevicesV1ListClientStatesResponse parameters: - in: path name: devicesId @@ -3880,27 +3945,33 @@ paths: required: true schema: type: string - - in: path - name: clientStatesId - required: true + - in: query + name: filter schema: type: string - in: query name: customer schema: type: string - patch: - description: >- - Updates the client state for the device user **Note**: This method is - available only to customers who have one of the following SKUs: - Enterprise Standard, Enterprise Plus, Enterprise for Education, and - Cloud Identity Premium - operationId: cloudidentity.devices.deviceUsers.clientStates.patch + - in: query + name: pageToken + schema: + type: string + - in: query + name: orderBy + schema: + type: string + /v1/devices/{devicesId}:wipe: + parameters: *ref_1 + post: + description: Wipes all data on the specified device. + operationId: cloudidentity.devices.wipe requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1ClientState' + $ref: >- + #/components/schemas/GoogleAppsCloudidentityDevicesV1WipeDeviceRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.devices @@ -3919,30 +3990,47 @@ paths: required: true schema: type: string + /v1/devices/{devicesId}:cancelWipe: + parameters: *ref_1 + post: + description: >- + Cancels an unfinished device wipe. This operation can be used to cancel + device wipe in the gap between the wipe operation returning success and + the device being wiped. This operation is possible when the device is in + a "pending wipe" state. The device enters the "pending wipe" state when + a wipe device command is issued, but has not yet been sent to the + device. The cancel wipe will fail if the wipe command has already been + issued to the device. + operationId: cloudidentity.devices.cancelWipe + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleAppsCloudidentityDevicesV1CancelWipeDeviceRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-identity.devices + Oauth2c: + - https://www.googleapis.com/auth/cloud-identity.devices + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: - in: path - name: deviceUsersId - required: true - schema: - type: string - - in: path - name: clientStatesId + name: devicesId required: true schema: type: string - - in: query - name: customer - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/devices/{devicesId}/deviceUsers/{deviceUsersId}/clientStates: + /v1/devices: parameters: *ref_1 get: - description: Lists the client states for the given search query. - operationId: cloudidentity.devices.deviceUsers.clientStates.list + description: Lists/Searches devices. + operationId: cloudidentity.devices.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.devices @@ -3959,20 +4047,18 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleAppsCloudidentityDevicesV1ListClientStatesResponse + #/components/schemas/GoogleAppsCloudidentityDevicesV1ListDevicesResponse parameters: - - in: path - name: devicesId - required: true + - in: query + name: view schema: type: string - - in: path - name: deviceUsersId - required: true + - in: query + name: orderBy schema: type: string - in: query - name: customer + name: pageToken schema: type: string - in: query @@ -3980,32 +4066,53 @@ paths: schema: type: string - in: query - name: pageToken + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: orderBy + name: customer schema: type: string - /v1/groups: - parameters: *ref_1 post: - description: Creates a Group. - operationId: cloudidentity.groups.create + description: >- + Creates a device. Only company-owned device may be created. **Note**: + This method is available only to customers who have one of the following + SKUs: Enterprise Standard, Enterprise Plus, Enterprise for Education, + and Cloud Identity Premium + operationId: cloudidentity.devices.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Group' + $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1Device' security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups + - https://www.googleapis.com/auth/cloud-identity.devices Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups + - https://www.googleapis.com/auth/cloud-identity.devices + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: query + name: customer + schema: + type: string + /v1/devices/{devicesId}: + parameters: *ref_1 + delete: + description: Deletes the specified device. + operationId: cloudidentity.devices.delete + security: - Oauth2: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/cloud-identity.devices Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/cloud-identity.devices responses: '200': description: Successful response @@ -4014,156 +4121,118 @@ paths: schema: $ref: '#/components/schemas/Operation' parameters: + - in: path + name: devicesId + required: true + schema: + type: string - in: query - name: initialGroupConfig + name: customer schema: type: string get: - description: Lists the `Group` resources under a customer or namespace. - operationId: cloudidentity.groups.list + description: Retrieves the specified device. + operationId: cloudidentity.devices.get security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups - Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups - - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups.readonly + - https://www.googleapis.com/auth/cloud-identity.devices Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups.readonly + - https://www.googleapis.com/auth/cloud-identity.devices - Oauth2: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/cloud-identity.devices.readonly Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/cloud-identity.devices.readonly responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListGroupsResponse' + $ref: '#/components/schemas/GoogleAppsCloudidentityDevicesV1Device' parameters: - - in: query - name: parent - schema: - type: string - - in: query - name: view + - in: path + name: devicesId + required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: customer schema: type: string - /v1/groups/{groupsId}: + /v1/policies/{policiesId}: parameters: *ref_1 get: - description: Retrieves a `Group`. - operationId: cloudidentity.groups.get + description: Get a policy. + operationId: cloudidentity.policies.get security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups - Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups - - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups.readonly + - https://www.googleapis.com/auth/cloud-identity.policies Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups.readonly + - https://www.googleapis.com/auth/cloud-identity.policies - Oauth2: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/cloud-identity.policies.readonly Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/cloud-identity.policies.readonly responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Group' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: groupsId + name: policiesId required: true schema: type: string - patch: - description: Updates a `Group`. - operationId: cloudidentity.groups.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Group' + /v1/policies: + parameters: *ref_1 + get: + description: List policies. + operationId: cloudidentity.policies.list security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups + - https://www.googleapis.com/auth/cloud-identity.policies Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups + - https://www.googleapis.com/auth/cloud-identity.policies - Oauth2: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/cloud-identity.policies.readonly Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/cloud-identity.policies.readonly responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListPoliciesResponse' parameters: - - in: path - name: groupsId - required: true + - in: query + name: filter schema: type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - delete: - description: Deletes a `Group`. - operationId: cloudidentity.groups.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups - Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: groupsId - required: true + - in: query + name: pageSize schema: - type: string - /v1/groups/{groupsId}/securitySettings: + type: integer + format: int32 + /v1/inboundSsoAssignments/{inboundSsoAssignmentsId}: parameters: *ref_1 - get: - description: Get Security Settings - operationId: cloudidentity.groups.getSecuritySettings + delete: + description: >- + Deletes an InboundSsoAssignment. To disable SSO, Create (or Update) an + assignment that has `sso_mode` == `SSO_OFF`. + operationId: cloudidentity.inboundSsoAssignments.delete security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups - Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups - - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups.readonly + - https://www.googleapis.com/auth/cloud-identity.inboundsso Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups.readonly + - https://www.googleapis.com/auth/cloud-identity.inboundsso - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4174,31 +4243,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SecuritySettings' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: groupsId + name: inboundSsoAssignmentsId required: true schema: type: string - - in: query - name: readMask - schema: - type: string - format: google-fieldmask patch: - description: Update Security Settings - operationId: cloudidentity.groups.updateSecuritySettings + description: >- + Updates an InboundSsoAssignment. The body of this request is the + `inbound_sso_assignment` field and the `update_mask` is relative to + that. For example: a PATCH to + `/v1/inboundSsoAssignments/0abcdefg1234567&update_mask=rank` with a body + of `{ "rank": 1 }` moves that (presumably group-targeted) SSO assignment + to the highest priority and shifts any other group-targeted assignments + down in priority. + operationId: cloudidentity.inboundSsoAssignments.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SecuritySettings' + $ref: '#/components/schemas/InboundSsoAssignment' security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups + - https://www.googleapis.com/auth/cloud-identity.inboundsso Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups + - https://www.googleapis.com/auth/cloud-identity.inboundsso - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4212,7 +4283,7 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: groupsId + name: inboundSsoAssignmentsId required: true schema: type: string @@ -4221,23 +4292,18 @@ paths: schema: type: string format: google-fieldmask - /v1/groups:lookup: - parameters: *ref_1 get: - description: >- - Looks up the [resource - name](https://cloud.google.com/apis/design/resource_names) of a `Group` - by its `EntityKey`. - operationId: cloudidentity.groups.lookup + description: Gets an InboundSsoAssignment. + operationId: cloudidentity.inboundSsoAssignments.get security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups + - https://www.googleapis.com/auth/cloud-identity.inboundsso Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups + - https://www.googleapis.com/auth/cloud-identity.inboundsso - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups.readonly + - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups.readonly + - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4248,30 +4314,27 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LookupGroupNameResponse' + $ref: '#/components/schemas/InboundSsoAssignment' parameters: - - in: query - name: groupKey.id - schema: - type: string - - in: query - name: groupKey.namespace + - in: path + name: inboundSsoAssignmentsId + required: true schema: type: string - /v1/groups:search: + /v1/inboundSsoAssignments: parameters: *ref_1 get: - description: Searches for `Group` resources matching a specified query. - operationId: cloudidentity.groups.search + description: Lists the InboundSsoAssignments for a `Customer`. + operationId: cloudidentity.inboundSsoAssignments.list security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups + - https://www.googleapis.com/auth/cloud-identity.inboundsso Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups + - https://www.googleapis.com/auth/cloud-identity.inboundsso - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups.readonly + - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups.readonly + - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4282,14 +4345,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SearchGroupsResponse' + $ref: '#/components/schemas/ListInboundSsoAssignmentsResponse' parameters: - in: query - name: query - schema: - type: string - - in: query - name: view + name: pageToken schema: type: string - in: query @@ -4298,24 +4357,24 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - /v1/groups/{groupsId}/memberships: - parameters: *ref_1 post: - description: Creates a `Membership`. - operationId: cloudidentity.groups.memberships.create + description: >- + Creates an InboundSsoAssignment for users and devices in a `Customer` + under a given `Group` or `OrgUnit`. + operationId: cloudidentity.inboundSsoAssignments.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Membership' + $ref: '#/components/schemas/InboundSsoAssignment' security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups + - https://www.googleapis.com/auth/cloud-identity.inboundsso Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups + - https://www.googleapis.com/auth/cloud-identity.inboundsso - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4327,15 +4386,19 @@ paths: application/json: schema: $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: groupsId - required: true - schema: - type: string + parameters: [] + /v1/groups/{groupsId}/memberships:searchTransitiveGroups: + parameters: *ref_1 get: - description: Lists the `Membership`s within a `Group`. - operationId: cloudidentity.groups.memberships.list + description: >- + Search transitive groups of a member. **Note:** This feature is only + available to Google Workspace Enterprise Standard, Enterprise Plus, and + Enterprise for Education; and Cloud Identity Premium accounts. If the + account of the member is not one of these, a 403 (PERMISSION_DENIED) + HTTP status code will be returned. A transitive group is any group that + has a direct or indirect membership to the member. Actor must have view + permissions all transitive groups. + operationId: cloudidentity.groups.memberships.searchTransitiveGroups security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.groups @@ -4355,7 +4418,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListMembershipsResponse' + $ref: '#/components/schemas/SearchTransitiveGroupsResponse' parameters: - in: path name: groupsId @@ -4363,7 +4426,7 @@ paths: schema: type: string - in: query - name: view + name: pageToken schema: type: string - in: query @@ -4372,14 +4435,22 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: query schema: type: string - /v1/groups/{groupsId}/memberships/{membershipsId}: + /v1/groups/{groupsId}/memberships:getMembershipGraph: parameters: *ref_1 get: - description: Retrieves a `Membership`. - operationId: cloudidentity.groups.memberships.get + description: >- + Get a membership graph of just a member or both a member and a group. + **Note:** This feature is only available to Google Workspace Enterprise + Standard, Enterprise Plus, and Enterprise for Education; and Cloud + Identity Premium accounts. If the account of the member is not one of + these, a 403 (PERMISSION_DENIED) HTTP status code will be returned. + Given a member, the response will contain all membership paths from the + member. Given both a group and a member, the response will contain all + membership paths between the group and the member. + operationId: cloudidentity.groups.memberships.getMembershipGraph security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.groups @@ -4399,21 +4470,27 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Membership' + $ref: '#/components/schemas/Operation' parameters: - in: path name: groupsId required: true schema: type: string - - in: path - name: membershipsId - required: true + - in: query + name: query schema: type: string - delete: - description: Deletes a `Membership`. - operationId: cloudidentity.groups.memberships.delete + /v1/groups/{groupsId}/memberships: + parameters: *ref_1 + post: + description: Creates a `Membership`. + operationId: cloudidentity.groups.memberships.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Membership' security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.groups @@ -4436,19 +4513,9 @@ paths: required: true schema: type: string - - in: path - name: membershipsId - required: true - schema: - type: string - /v1/groups/{groupsId}/memberships:lookup: - parameters: *ref_1 get: - description: >- - Looks up the [resource - name](https://cloud.google.com/apis/design/resource_names) of a - `Membership` by its `EntityKey`. - operationId: cloudidentity.groups.memberships.lookup + description: Lists the `Membership`s within a `Group`. + operationId: cloudidentity.groups.memberships.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.groups @@ -4468,7 +4535,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LookupMembershipNameResponse' + $ref: '#/components/schemas/ListMembershipsResponse' parameters: - in: path name: groupsId @@ -4476,50 +4543,18 @@ paths: schema: type: string - in: query - name: memberKey.id + name: view schema: type: string - in: query - name: memberKey.namespace - schema: - type: string - /v1/groups/{groupsId}/memberships/{membershipsId}:modifyMembershipRoles: - parameters: *ref_1 - post: - description: Modifies the `MembershipRole`s of a `Membership`. - operationId: cloudidentity.groups.memberships.modifyMembershipRoles - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ModifyMembershipRolesRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups - Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ModifyMembershipRolesResponse' - parameters: - - in: path - name: groupsId - required: true + name: pageToken schema: type: string - - in: path - name: membershipsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 /v1/groups/{groupsId}/memberships:searchTransitiveMemberships: parameters: *ref_1 get: @@ -4558,27 +4593,23 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/groups/{groupsId}/memberships:searchTransitiveGroups: + /v1/groups/{groupsId}/memberships:lookup: parameters: *ref_1 get: description: >- - Search transitive groups of a member. **Note:** This feature is only - available to Google Workspace Enterprise Standard, Enterprise Plus, and - Enterprise for Education; and Cloud Identity Premium accounts. If the - account of the member is not one of these, a 403 (PERMISSION_DENIED) - HTTP status code will be returned. A transitive group is any group that - has a direct or indirect membership to the member. Actor must have view - permissions all transitive groups. - operationId: cloudidentity.groups.memberships.searchTransitiveGroups + Looks up the [resource + name](https://cloud.google.com/apis/design/resource_names) of a + `Membership` by its `EntityKey`. + operationId: cloudidentity.groups.memberships.lookup security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.groups @@ -4598,7 +4629,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SearchTransitiveGroupsResponse' + $ref: '#/components/schemas/LookupMembershipNameResponse' parameters: - in: path name: groupsId @@ -4606,41 +4637,23 @@ paths: schema: type: string - in: query - name: query + name: memberKey.id schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: memberKey.namespace schema: type: string - /v1/groups/{groupsId}/memberships:checkTransitiveMembership: + /v1/groups/{groupsId}/memberships/{membershipsId}: parameters: *ref_1 - get: - description: >- - Check a potential member for membership in a group. **Note:** This - feature is only available to Google Workspace Enterprise Standard, - Enterprise Plus, and Enterprise for Education; and Cloud Identity - Premium accounts. If the account of the member is not one of these, a - 403 (PERMISSION_DENIED) HTTP status code will be returned. A member has - membership to a group as long as there is a single viewable transitive - membership between the group and the member. The actor must have view - permissions to at least one transitive membership between the member and - group. - operationId: cloudidentity.groups.memberships.checkTransitiveMembership + delete: + description: Deletes a `Membership`. + operationId: cloudidentity.groups.memberships.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.groups Oauth2c: - https://www.googleapis.com/auth/cloud-identity.groups - - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups.readonly - Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups.readonly - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4651,30 +4664,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CheckTransitiveMembershipResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: groupsId required: true schema: type: string - - in: query - name: query + - in: path + name: membershipsId + required: true schema: type: string - /v1/groups/{groupsId}/memberships:getMembershipGraph: - parameters: *ref_1 get: - description: >- - Get a membership graph of just a member or both a member and a group. - **Note:** This feature is only available to Google Workspace Enterprise - Standard, Enterprise Plus, and Enterprise for Education; and Cloud - Identity Premium accounts. If the account of the member is not one of - these, a 403 (PERMISSION_DENIED) HTTP status code will be returned. - Given a member, the response will contain all membership paths from the - member. Given both a group and a member, the response will contain all - membership paths between the group and the member. - operationId: cloudidentity.groups.memberships.getMembershipGraph + description: Retrieves a `Membership`. + operationId: cloudidentity.groups.memberships.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.groups @@ -4694,31 +4698,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Membership' parameters: - in: path name: groupsId required: true schema: type: string - - in: query - name: query + - in: path + name: membershipsId + required: true schema: type: string - /v1/groups/{groupsId}/memberships:searchDirectGroups: + /v1/groups/{groupsId}/memberships/{membershipsId}:modifyMembershipRoles: parameters: *ref_1 - get: - description: Searches direct groups of a member. - operationId: cloudidentity.groups.memberships.searchDirectGroups + post: + description: Modifies the `MembershipRole`s of a `Membership`. + operationId: cloudidentity.groups.memberships.modifyMembershipRoles + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ModifyMembershipRolesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.groups Oauth2c: - https://www.googleapis.com/auth/cloud-identity.groups - - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.groups.readonly - Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.groups.readonly - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4729,74 +4735,41 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SearchDirectGroupsResponse' + $ref: '#/components/schemas/ModifyMembershipRolesResponse' parameters: - in: path name: groupsId required: true schema: type: string - - in: query - name: query - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy + - in: path + name: membershipsId + required: true schema: type: string - /v1/inboundSamlSsoProfiles: + /v1/groups/{groupsId}/memberships:checkTransitiveMembership: parameters: *ref_1 - post: - description: >- - Creates an InboundSamlSsoProfile for a customer. When the target - customer has enabled [Multi-party approval for sensitive - actions](https://support.google.com/a/answer/13790448), the `Operation` - in the response will have `"done": false`, it will not have a response, - and the metadata will have `"state": "awaiting-multi-party-approval"`. - operationId: cloudidentity.inboundSamlSsoProfiles.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InboundSamlSsoProfile' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso - Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: [] get: - description: Lists InboundSamlSsoProfiles for a customer. - operationId: cloudidentity.inboundSamlSsoProfiles.list + description: >- + Check a potential member for membership in a group. **Note:** This + feature is only available to Google Workspace Enterprise Standard, + Enterprise Plus, and Enterprise for Education; and Cloud Identity + Premium accounts. If the account of the member is not one of these, a + 403 (PERMISSION_DENIED) HTTP status code will be returned. A member has + membership to a group as long as there is a single viewable transitive + membership between the group and the member. The actor must have view + permissions to at least one transitive membership between the member and + group. + operationId: cloudidentity.groups.memberships.checkTransitiveMembership security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly + - https://www.googleapis.com/auth/cloud-identity.groups.readonly Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly + - https://www.googleapis.com/auth/cloud-identity.groups.readonly - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4807,41 +4780,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInboundSamlSsoProfilesResponse' + $ref: '#/components/schemas/CheckTransitiveMembershipResponse' parameters: - - in: query - name: filter + - in: path + name: groupsId + required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: query schema: type: string - /v1/inboundSamlSsoProfiles/{inboundSamlSsoProfilesId}: + /v1/groups/{groupsId}/memberships:searchDirectGroups: parameters: *ref_1 - patch: - description: >- - Updates an InboundSamlSsoProfile. When the target customer has enabled - [Multi-party approval for sensitive - actions](https://support.google.com/a/answer/13790448), the `Operation` - in the response will have `"done": false`, it will not have a response, - and the metadata will have `"state": "awaiting-multi-party-approval"`. - operationId: cloudidentity.inboundSamlSsoProfiles.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InboundSamlSsoProfile' + get: + description: Searches direct groups of a member. + operationId: cloudidentity.groups.memberships.searchDirectGroups security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups + - Oauth2: + - https://www.googleapis.com/auth/cloud-identity.groups.readonly + Oauth2c: + - https://www.googleapis.com/auth/cloud-identity.groups.readonly - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4852,26 +4815,44 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/SearchDirectGroupsResponse' parameters: - in: path - name: inboundSamlSsoProfilesId + name: groupsId required: true schema: type: string - in: query - name: updateMask + name: orderBy schema: type: string - format: google-fieldmask - delete: - description: Deletes an InboundSamlSsoProfile. - operationId: cloudidentity.inboundSamlSsoProfiles.delete + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: query + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1/groups/{groupsId}: + parameters: *ref_1 + get: + description: Retrieves a `Group`. + operationId: cloudidentity.groups.get security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups + - Oauth2: + - https://www.googleapis.com/auth/cloud-identity.groups.readonly + Oauth2c: + - https://www.googleapis.com/auth/cloud-identity.groups.readonly - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4882,25 +4863,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Group' parameters: - in: path - name: inboundSamlSsoProfilesId + name: groupsId required: true schema: type: string - get: - description: Gets an InboundSamlSsoProfile. - operationId: cloudidentity.inboundSamlSsoProfiles.get + delete: + description: Deletes a `Group`. + operationId: cloudidentity.groups.delete security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso - Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso - - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly + - https://www.googleapis.com/auth/cloud-identity.groups Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly + - https://www.googleapis.com/auth/cloud-identity.groups - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4911,23 +4888,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/InboundSamlSsoProfile' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: inboundSamlSsoProfilesId + name: groupsId required: true schema: type: string - /v1/inboundSamlSsoProfiles/{inboundSamlSsoProfilesId}/idpCredentials/{idpCredentialsId}: - parameters: *ref_1 - delete: - description: Deletes an IdpCredential. - operationId: cloudidentity.inboundSamlSsoProfiles.idpCredentials.delete + patch: + description: Updates a `Group`. + operationId: cloudidentity.groups.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Group' security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4941,27 +4921,29 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: inboundSamlSsoProfilesId + name: groupsId required: true schema: type: string - - in: path - name: idpCredentialsId - required: true + - in: query + name: updateMask schema: type: string + format: google-fieldmask + /v1/groups:search: + parameters: *ref_1 get: - description: Gets an IdpCredential. - operationId: cloudidentity.inboundSamlSsoProfiles.idpCredentials.get + description: Searches for `Group` resources matching a specified query. + operationId: cloudidentity.groups.search security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly + - https://www.googleapis.com/auth/cloud-identity.groups.readonly Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly + - https://www.googleapis.com/auth/cloud-identity.groups.readonly - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -4972,32 +4954,39 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/IdpCredential' + $ref: '#/components/schemas/SearchGroupsResponse' parameters: - - in: path - name: inboundSamlSsoProfilesId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: idpCredentialsId - required: true + - in: query + name: view schema: type: string - /v1/inboundSamlSsoProfiles/{inboundSamlSsoProfilesId}/idpCredentials: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: query + schema: + type: string + /v1/groups/{groupsId}/securitySettings: parameters: *ref_1 get: - description: Returns a list of IdpCredentials in an InboundSamlSsoProfile. - operationId: cloudidentity.inboundSamlSsoProfiles.idpCredentials.list + description: Get Security Settings + operationId: cloudidentity.groups.getSecuritySettings security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly + - https://www.googleapis.com/auth/cloud-identity.groups.readonly Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly + - https://www.googleapis.com/auth/cloud-identity.groups.readonly - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -5008,42 +4997,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListIdpCredentialsResponse' + $ref: '#/components/schemas/SecuritySettings' parameters: - in: path - name: inboundSamlSsoProfilesId + name: groupsId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: readMask schema: type: string - /v1/inboundSamlSsoProfiles/{inboundSamlSsoProfilesId}/idpCredentials:add: - parameters: *ref_1 - post: - description: >- - Adds an IdpCredential. Up to 2 credentials are allowed. When the target - customer has enabled [Multi-party approval for sensitive - actions](https://support.google.com/a/answer/13790448), the `Operation` - in the response will have `"done": false`, it will not have a response, - and the metadata will have `"state": "awaiting-multi-party-approval"`. - operationId: cloudidentity.inboundSamlSsoProfiles.idpCredentials.add + format: google-fieldmask + patch: + description: Update Security Settings + operationId: cloudidentity.groups.updateSecuritySettings requestBody: content: application/json: schema: - $ref: '#/components/schemas/AddIdpCredentialRequest' + $ref: '#/components/schemas/SecuritySettings' security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -5057,30 +5035,30 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: inboundSamlSsoProfilesId + name: groupsId required: true schema: type: string - /v1/inboundOidcSsoProfiles: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/groups: parameters: *ref_1 post: - description: >- - Creates an InboundOidcSsoProfile for a customer. When the target - customer has enabled [Multi-party approval for sensitive - actions](https://support.google.com/a/answer/13790448), the `Operation` - in the response will have `"done": false`, it will not have a response, - and the metadata will have `"state": "awaiting-multi-party-approval"`. - operationId: cloudidentity.inboundOidcSsoProfiles.create + description: Creates a Group. + operationId: cloudidentity.groups.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/InboundOidcSsoProfile' + $ref: '#/components/schemas/Group' security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -5092,19 +5070,23 @@ paths: application/json: schema: $ref: '#/components/schemas/Operation' - parameters: [] + parameters: + - in: query + name: initialGroupConfig + schema: + type: string get: - description: Lists InboundOidcSsoProfile objects for a Google enterprise customer. - operationId: cloudidentity.inboundOidcSsoProfiles.list + description: Lists the `Group` resources under a customer or namespace. + operationId: cloudidentity.groups.list security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly + - https://www.googleapis.com/auth/cloud-identity.groups.readonly Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly + - https://www.googleapis.com/auth/cloud-identity.groups.readonly - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -5115,10 +5097,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInboundOidcSsoProfilesResponse' + $ref: '#/components/schemas/ListGroupsResponse' parameters: - in: query - name: filter + name: parent schema: type: string - in: query @@ -5126,30 +5108,31 @@ paths: schema: type: integer format: int32 + - in: query + name: view + schema: + type: string - in: query name: pageToken schema: type: string - /v1/inboundOidcSsoProfiles/{inboundOidcSsoProfilesId}: + /v1/groups:lookup: parameters: *ref_1 - patch: + get: description: >- - Updates an InboundOidcSsoProfile. When the target customer has enabled - [Multi-party approval for sensitive - actions](https://support.google.com/a/answer/13790448), the `Operation` - in the response will have `"done": false`, it will not have a response, - and the metadata will have `"state": "awaiting-multi-party-approval"`. - operationId: cloudidentity.inboundOidcSsoProfiles.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InboundOidcSsoProfile' + Looks up the [resource + name](https://cloud.google.com/apis/design/resource_names) of a `Group` + by its `EntityKey`. + operationId: cloudidentity.groups.lookup security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso + - https://www.googleapis.com/auth/cloud-identity.groups + - Oauth2: + - https://www.googleapis.com/auth/cloud-identity.groups.readonly + Oauth2c: + - https://www.googleapis.com/auth/cloud-identity.groups.readonly - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: @@ -5160,30 +5143,27 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/LookupGroupNameResponse' parameters: - - in: path - name: inboundOidcSsoProfilesId - required: true + - in: query + name: groupKey.namespace schema: type: string - in: query - name: updateMask + name: groupKey.id schema: type: string - format: google-fieldmask - delete: - description: Deletes an InboundOidcSsoProfile. - operationId: cloudidentity.inboundOidcSsoProfiles.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso - Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + /v1/customers/{customersId}/userinvitations/{userinvitationsId}:cancel: + parameters: *ref_1 + post: + description: Cancels a UserInvitation that was already sent. + operationId: cloudidentity.customers.userinvitations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelUserInvitationRequest' + security: [] responses: '200': description: Successful response @@ -5193,151 +5173,164 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: inboundOidcSsoProfilesId + name: customersId + required: true + schema: + type: string + - in: path + name: userinvitationsId required: true schema: type: string + /v1/customers/{customersId}/userinvitations: + parameters: *ref_1 get: - description: Gets an InboundOidcSsoProfile. - operationId: cloudidentity.inboundOidcSsoProfiles.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso - Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso - - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly - Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + description: >- + Retrieves a list of UserInvitation resources. **Note:** New consumer + accounts with the customer's verified domain created within the previous + 48 hours will not appear in the result. This delay also applies to + newly-verified domains. + operationId: cloudidentity.customers.userinvitations.list + security: [] responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/InboundOidcSsoProfile' + $ref: '#/components/schemas/ListUserInvitationsResponse' parameters: - in: path - name: inboundOidcSsoProfilesId + name: customersId required: true schema: type: string - /v1/inboundSsoAssignments/{inboundSsoAssignmentsId}: + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1/customers/{customersId}/userinvitations/{userinvitationsId}:send: parameters: *ref_1 - get: - description: Gets an InboundSsoAssignment. - operationId: cloudidentity.inboundSsoAssignments.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso - Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso - - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly - Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + post: + description: >- + Sends a UserInvitation to email. If the `UserInvitation` does not exist + for this request and it is a valid request, the request creates a + `UserInvitation`. **Note:** The `get` and `list` methods have a 48-hour + delay where newly-created consumer accounts will not appear in the + results. You can still send a `UserInvitation` to those accounts if you + know the unmanaged email address and IsInvitableUser==True. + operationId: cloudidentity.customers.userinvitations.send + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SendUserInvitationRequest' + security: [] responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/InboundSsoAssignment' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: inboundSsoAssignmentsId + name: customersId required: true schema: type: string - patch: + - in: path + name: userinvitationsId + required: true + schema: + type: string + /v1/customers/{customersId}/userinvitations/{userinvitationsId}:isInvitableUser: + parameters: *ref_1 + get: description: >- - Updates an InboundSsoAssignment. The body of this request is the - `inbound_sso_assignment` field and the `update_mask` is relative to - that. For example: a PATCH to - `/v1/inboundSsoAssignments/0abcdefg1234567&update_mask=rank` with a body - of `{ "rank": 1 }` moves that (presumably group-targeted) SSO assignment - to the highest priority and shifts any other group-targeted assignments - down in priority. - operationId: cloudidentity.inboundSsoAssignments.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InboundSsoAssignment' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso - Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + Verifies whether a user account is eligible to receive a UserInvitation + (is an unmanaged account). Eligibility is based on the following + criteria: * the email address is a consumer account and it's the primary + email address of the account, and * the domain of the email address + matches an existing verified Google Workspace or Cloud Identity domain + If both conditions are met, the user is eligible. **Note:** This method + is not supported for Workspace Essentials customers. + operationId: cloudidentity.customers.userinvitations.isInvitableUser + security: [] responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/IsInvitableUserResponse' parameters: - in: path - name: inboundSsoAssignmentsId + name: customersId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: userinvitationsId + required: true schema: type: string - format: google-fieldmask - delete: + /v1/customers/{customersId}/userinvitations/{userinvitationsId}: + parameters: *ref_1 + get: description: >- - Deletes an InboundSsoAssignment. To disable SSO, Create (or Update) an - assignment that has `sso_mode` == `SSO_OFF`. - operationId: cloudidentity.inboundSsoAssignments.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.inboundsso - Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.inboundsso - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + Retrieves a UserInvitation resource. **Note:** New consumer accounts + with the customer's verified domain created within the previous 48 hours + will not appear in the result. This delay also applies to newly-verified + domains. + operationId: cloudidentity.customers.userinvitations.get + security: [] responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/UserInvitation' parameters: - in: path - name: inboundSsoAssignmentsId + name: customersId required: true schema: type: string - /v1/inboundSsoAssignments: + - in: path + name: userinvitationsId + required: true + schema: + type: string + /v1/inboundSamlSsoProfiles: parameters: *ref_1 post: description: >- - Creates an InboundSsoAssignment for users and devices in a `Customer` - under a given `Group` or `OrgUnit`. - operationId: cloudidentity.inboundSsoAssignments.create + Creates an InboundSamlSsoProfile for a customer. When the target + customer has enabled [Multi-party approval for sensitive + actions](https://support.google.com/a/answer/13790448), the `Operation` + in the response will have `"done": false`, it will not have a response, + and the metadata will have `"state": "awaiting-multi-party-approval"`. + operationId: cloudidentity.inboundSamlSsoProfiles.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/InboundSsoAssignment' + $ref: '#/components/schemas/InboundSamlSsoProfile' security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.inboundsso @@ -5356,8 +5349,8 @@ paths: $ref: '#/components/schemas/Operation' parameters: [] get: - description: Lists the InboundSsoAssignments for a `Customer`. - operationId: cloudidentity.inboundSsoAssignments.list + description: Lists InboundSamlSsoProfiles for a customer. + operationId: cloudidentity.inboundSamlSsoProfiles.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-identity.inboundsso @@ -5377,168 +5370,171 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInboundSsoAssignmentsResponse' + $ref: '#/components/schemas/ListInboundSamlSsoProfilesResponse' parameters: - in: query name: filter schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/policies/{policiesId}: + /v1/inboundSamlSsoProfiles/{inboundSamlSsoProfilesId}: parameters: *ref_1 get: - description: Get a Policy - operationId: cloudidentity.policies.get + description: Gets an InboundSamlSsoProfile. + operationId: cloudidentity.inboundSamlSsoProfiles.get security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.policies + - https://www.googleapis.com/auth/cloud-identity.inboundsso Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.policies + - https://www.googleapis.com/auth/cloud-identity.inboundsso - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.policies.readonly + - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.policies.readonly + - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/InboundSamlSsoProfile' parameters: - in: path - name: policiesId + name: inboundSamlSsoProfilesId required: true schema: type: string - /v1/policies: - parameters: *ref_1 - get: - description: List Policies - operationId: cloudidentity.policies.list + patch: + description: >- + Updates an InboundSamlSsoProfile. When the target customer has enabled + [Multi-party approval for sensitive + actions](https://support.google.com/a/answer/13790448), the `Operation` + in the response will have `"done": false`, it will not have a response, + and the metadata will have `"state": "awaiting-multi-party-approval"`. + operationId: cloudidentity.inboundSamlSsoProfiles.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InboundSamlSsoProfile' security: - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.policies + - https://www.googleapis.com/auth/cloud-identity.inboundsso Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.policies + - https://www.googleapis.com/auth/cloud-identity.inboundsso - Oauth2: - - https://www.googleapis.com/auth/cloud-identity.policies.readonly + - https://www.googleapis.com/auth/cloud-platform Oauth2c: - - https://www.googleapis.com/auth/cloud-identity.policies.readonly + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListPoliciesResponse' + $ref: '#/components/schemas/Operation' parameters: - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: inboundSamlSsoProfilesId + required: true schema: type: string - in: query - name: filter + name: updateMask schema: type: string - /v1/customers/{customersId}/userinvitations/{userinvitationsId}: - parameters: *ref_1 - get: - description: >- - Retrieves a UserInvitation resource. **Note:** New consumer accounts - with the customer's verified domain created within the previous 48 hours - will not appear in the result. This delay also applies to newly-verified - domains. - operationId: cloudidentity.customers.userinvitations.get - security: [] + format: google-fieldmask + delete: + description: Deletes an InboundSamlSsoProfile. + operationId: cloudidentity.inboundSamlSsoProfiles.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-identity.inboundsso + Oauth2c: + - https://www.googleapis.com/auth/cloud-identity.inboundsso + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/UserInvitation' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: customersId - required: true - schema: - type: string - - in: path - name: userinvitationsId + name: inboundSamlSsoProfilesId required: true schema: type: string - /v1/customers/{customersId}/userinvitations: + /v1/inboundSamlSsoProfiles/{inboundSamlSsoProfilesId}/idpCredentials: parameters: *ref_1 get: - description: >- - Retrieves a list of UserInvitation resources. **Note:** New consumer - accounts with the customer's verified domain created within the previous - 48 hours will not appear in the result. This delay also applies to - newly-verified domains. - operationId: cloudidentity.customers.userinvitations.list - security: [] + description: Returns a list of IdpCredentials in an InboundSamlSsoProfile. + operationId: cloudidentity.inboundSamlSsoProfiles.idpCredentials.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-identity.inboundsso + Oauth2c: + - https://www.googleapis.com/auth/cloud-identity.inboundsso + - Oauth2: + - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly + Oauth2c: + - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListUserInvitationsResponse' + $ref: '#/components/schemas/ListIdpCredentialsResponse' parameters: - in: path - name: customersId + name: inboundSamlSsoProfilesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + name: pageSize schema: - type: string - /v1/customers/{customersId}/userinvitations/{userinvitationsId}:send: + type: integer + format: int32 + /v1/inboundSamlSsoProfiles/{inboundSamlSsoProfilesId}/idpCredentials/{idpCredentialsId}: parameters: *ref_1 - post: - description: >- - Sends a UserInvitation to email. If the `UserInvitation` does not exist - for this request and it is a valid request, the request creates a - `UserInvitation`. **Note:** The `get` and `list` methods have a 48-hour - delay where newly-created consumer accounts will not appear in the - results. You can still send a `UserInvitation` to those accounts if you - know the unmanaged email address and IsInvitableUser==True. - operationId: cloudidentity.customers.userinvitations.send - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SendUserInvitationRequest' - security: [] + delete: + description: Deletes an IdpCredential. + operationId: cloudidentity.inboundSamlSsoProfiles.idpCredentials.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-identity.inboundsso + Oauth2c: + - https://www.googleapis.com/auth/cloud-identity.inboundsso + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response @@ -5548,72 +5544,83 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: customersId + name: inboundSamlSsoProfilesId required: true schema: type: string - in: path - name: userinvitationsId + name: idpCredentialsId required: true schema: type: string - /v1/customers/{customersId}/userinvitations/{userinvitationsId}:cancel: - parameters: *ref_1 - post: - description: Cancels a UserInvitation that was already sent. - operationId: cloudidentity.customers.userinvitations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelUserInvitationRequest' - security: [] + get: + description: Gets an IdpCredential. + operationId: cloudidentity.inboundSamlSsoProfiles.idpCredentials.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-identity.inboundsso + Oauth2c: + - https://www.googleapis.com/auth/cloud-identity.inboundsso + - Oauth2: + - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly + Oauth2c: + - https://www.googleapis.com/auth/cloud-identity.inboundsso.readonly + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/IdpCredential' parameters: - in: path - name: customersId + name: inboundSamlSsoProfilesId required: true schema: type: string - in: path - name: userinvitationsId + name: idpCredentialsId required: true schema: type: string - /v1/customers/{customersId}/userinvitations/{userinvitationsId}:isInvitableUser: + /v1/inboundSamlSsoProfiles/{inboundSamlSsoProfilesId}/idpCredentials:add: parameters: *ref_1 - get: + post: description: >- - Verifies whether a user account is eligible to receive a UserInvitation - (is an unmanaged account). Eligibility is based on the following - criteria: * the email address is a consumer account and it's the primary - email address of the account, and * the domain of the email address - matches an existing verified Google Workspace or Cloud Identity domain - If both conditions are met, the user is eligible. **Note:** This method - is not supported for Workspace Essentials customers. - operationId: cloudidentity.customers.userinvitations.isInvitableUser - security: [] + Adds an IdpCredential. Up to 2 credentials are allowed. When the target + customer has enabled [Multi-party approval for sensitive + actions](https://support.google.com/a/answer/13790448), the `Operation` + in the response will have `"done": false`, it will not have a response, + and the metadata will have `"state": "awaiting-multi-party-approval"`. + operationId: cloudidentity.inboundSamlSsoProfiles.idpCredentials.add + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AddIdpCredentialRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-identity.inboundsso + Oauth2c: + - https://www.googleapis.com/auth/cloud-identity.inboundsso + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/IsInvitableUserResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: customersId - required: true - schema: - type: string - - in: path - name: userinvitationsId + name: inboundSamlSsoProfilesId required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/cloudkms.yaml b/providers/src/googleapis.com/v00.00.00000/services/cloudkms.yaml index d5c08260..fb38d453 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/cloudkms.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/cloudkms.yaml @@ -9,8 +9,8 @@ info: Manages keys and performs cryptographic operations in a central cloud service, for direct use by other cloud resources and applications. version: v1 - x-discovery-doc-revision: '20250818' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251201' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/kms/ servers: @@ -39,406 +39,495 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - AutokeyConfig: - id: AutokeyConfig - description: Cloud KMS Autokey configuration for a folder or project. + AsymmetricSignResponse: + description: Response message for KeyManagementService.AsymmetricSign. type: object + id: AsymmetricSignResponse properties: - name: - description: >- - Identifier. Name of the AutokeyConfig resource, e.g. - `folders/{FOLDER_NUMBER}/autokeyConfig` - `projects/{PROJECT_NUMBER}/autokeyConfig`. - type: string - keyProject: - description: >- - Optional. Name of the key project, e.g. `projects/{PROJECT_ID}` or - `projects/{PROJECT_NUMBER}`, where Cloud KMS Autokey will provision - a new CryptoKey when a KeyHandle is created. On UpdateAutokeyConfig, - the caller will require `cloudkms.cryptoKeys.setIamPolicy` - permission on this key project. Once configured, for Cloud KMS - Autokey to function properly, this key project must have the Cloud - KMS API activated and the Cloud KMS Service Agent for this key - project must be granted the `cloudkms.admin` role (or pertinent - permissions). A request with an empty key project field will clear - the configuration. - type: string - state: - description: Output only. The state for the AutokeyConfig. - readOnly: true + protectionLevel: type: string + description: The ProtectionLevel of the CryptoKeyVersion used for signing. enumDescriptions: - - The state of the AutokeyConfig is unspecified. - - The AutokeyConfig is currently active. - - >- - A previously configured key project has been deleted and the - current AutokeyConfig is unusable. - - >- - The AutokeyConfig is not yet initialized or has been reset to its - default uninitialized state. + - Not specified. + - Crypto operations are performed in software. + - Crypto operations are performed in a Hardware Security Module. + - Crypto operations are performed by an external key manager. + - Crypto operations are performed in an EKM-over-VPC backend. + - Crypto operations are performed in a single-tenant HSM. enum: - - STATE_UNSPECIFIED - - ACTIVE - - KEY_PROJECT_DELETED - - UNINITIALIZED - etag: + - PROTECTION_LEVEL_UNSPECIFIED + - SOFTWARE + - HSM + - EXTERNAL + - EXTERNAL_VPC + - HSM_SINGLE_TENANT + name: description: >- - Optional. A checksum computed by the server based on the value of - other fields. This may be sent on update requests to ensure that the - client has an up-to-date value before proceeding. The request will - be rejected with an ABORTED error on a mismatched etag. + The resource name of the CryptoKeyVersion used for signing. Check + this field to verify that the intended resource was used for + signing. type: string - ShowEffectiveAutokeyConfigResponse: - id: ShowEffectiveAutokeyConfigResponse - description: Response message for ShowEffectiveAutokeyConfig. - type: object - properties: - keyProject: + verifiedDataCrc32c: description: >- - Name of the key project configured in the resource project's folder - ancestry. + Integrity verification field. A flag indicating whether + AsymmetricSignRequest.data_crc32c was received by + KeyManagementService and used for the integrity verification of the + data. A false value of this field indicates either that + AsymmetricSignRequest.data_crc32c was left unset or that it was not + delivered to KeyManagementService. If you've set + AsymmetricSignRequest.data_crc32c but this field is still false, + discard the response and perform a limited number of retries. + type: boolean + signatureCrc32c: + description: >- + Integrity verification field. A CRC32C checksum of the returned + AsymmetricSignResponse.signature. An integrity check of + AsymmetricSignResponse.signature can be performed by computing the + CRC32C checksum of AsymmetricSignResponse.signature and comparing + your results to this field. Discard the response in case of + non-matching checksum values, and perform a limited number of + retries. A persistent mismatch may indicate an issue in your + computation of the CRC32C checksum. Note: This field is defined as + int64 for reasons of compatibility across different languages. + However, it is a non-negative integer, which will never exceed + 2^32-1, and can be safely downconverted to uint32 in languages that + support this type. type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: + format: int64 + signature: + description: The created signature. + type: string + format: byte + verifiedDigestCrc32c: + type: boolean description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + Integrity verification field. A flag indicating whether + AsymmetricSignRequest.digest_crc32c was received by + KeyManagementService and used for the integrity verification of the + digest. A false value of this field indicates either that + AsymmetricSignRequest.digest_crc32c was left unset or that it was + not delivered to KeyManagementService. If you've set + AsymmetricSignRequest.digest_crc32c but this field is still false, + discard the response and perform a limited number of retries. + Location: + id: Location + properties: + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' type: string - metadata: + labels: description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + type: string + type: object + displayName: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + metadata: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. + Service-specific metadata. For example the available capacity at the + given location. type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + name: type: string - details: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - KeyHandle: - id: KeyHandle - description: >- - Resource-oriented representation of a request to Cloud KMS Autokey and - the resulting provisioning of a CryptoKey. + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + type: object + description: A resource that represents a Google Cloud location. + DestroyCryptoKeyVersionRequest: + properties: {} + id: DestroyCryptoKeyVersionRequest + type: object + description: Request message for KeyManagementService.DestroyCryptoKeyVersion. + EkmConfig: type: object + description: >- + An EkmConfig is a singleton resource that represents configuration + parameters that apply to all CryptoKeys and CryptoKeyVersions with a + ProtectionLevel of EXTERNAL_VPC in a given project and location. + id: EkmConfig properties: name: description: >- - Identifier. Name of the KeyHandle resource, e.g. - `projects/{PROJECT_ID}/locations/{LOCATION}/keyHandles/{KEY_HANDLE_ID}`. - type: string - kmsKey: - description: >- - Output only. Name of a CryptoKey that has been provisioned for - Customer Managed Encryption Key (CMEK) use in the KeyHandle project - and location for the requested resource type. The CryptoKey project - will reflect the value configured in the AutokeyConfig on the - resource project's ancestor folder at the time of the KeyHandle - creation. If more than one ancestor folder has a configured - AutokeyConfig, the nearest of these configurations is used. + Output only. The resource name for the EkmConfig in the format + `projects/*/locations/*/ekmConfig`. readOnly: true type: string - resourceTypeSelector: - description: >- - Required. Indicates the resource type that the resulting CryptoKey - is meant to protect, e.g. `{SERVICE}.googleapis.com/{TYPE}`. See - documentation for supported resource types. + defaultEkmConnection: type: string - ListKeyHandlesResponse: - id: ListKeyHandlesResponse - description: Response message for Autokey.ListKeyHandles. + description: >- + Optional. Resource name of the default EkmConnection. Setting this + field to the empty string removes the default. + CertificateChains: type: object + description: >- + Certificate chains needed to verify the attestation. Certificates in + chains are PEM-encoded and are ordered based on + https://tools.ietf.org/html/rfc5246#section-7.4.2. + id: CertificateChains properties: - keyHandles: - description: Resulting KeyHandles. + googleCardCerts: type: array + description: Google card certificate chain corresponding to the attestation. items: - $ref: '#/components/schemas/KeyHandle' - nextPageToken: - description: >- - A token to retrieve next page of results. Pass this value in - ListKeyHandlesRequest.page_token to retrieve the next page of - results. - type: string - ListEkmConnectionsResponse: - id: ListEkmConnectionsResponse - description: Response message for EkmService.ListEkmConnections. - type: object - properties: - ekmConnections: - description: The list of EkmConnections. + type: string + caviumCerts: + items: + type: string type: array + description: Cavium certificate chain corresponding to the attestation. + googlePartitionCerts: items: - $ref: '#/components/schemas/EkmConnection' - nextPageToken: - description: >- - A token to retrieve next page of results. Pass this value in - ListEkmConnectionsRequest.page_token to retrieve the next page of - results. - type: string - totalSize: - description: >- - The total number of EkmConnections that matched the query. This - field is not populated if ListEkmConnectionsRequest.filter is - applied. - type: integer - format: int32 - EkmConnection: - id: EkmConnection - description: >- - An EkmConnection represents an individual EKM connection. It can be used - for creating CryptoKeys and CryptoKeyVersions with a ProtectionLevel of - EXTERNAL_VPC, as well as performing cryptographic operations using keys - created within the EkmConnection. + type: string + type: array + description: Google partition certificate chain corresponding to the attestation. + Binding: type: object + description: Associates `members`, or principals, with a `role`. properties: - name: + role: description: >- - Output only. The resource name for the EkmConnection in the format - `projects/*/locations/*/ekmConnections/*`. - readOnly: true - type: string - createTime: - description: Output only. The time at which the EkmConnection was created. - readOnly: true + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). type: string - format: google-datetime - serviceResolvers: + members: description: >- - Optional. A list of ServiceResolvers where the EKM can be reached. - There should be one ServiceResolver per EKM replica. Currently, only - a single ServiceResolver is supported. + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. type: array items: - $ref: '#/components/schemas/ServiceResolver' - etag: - description: Optional. Etag of the currently stored EkmConnection. - type: string - keyManagementMode: + type: string + condition: description: >- - Optional. Describes who can perform control plane operations on the - EKM. If unset, this defaults to MANUAL. - type: string + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + id: Binding + CryptoKeyVersionTemplate: + properties: + protectionLevel: enumDescriptions: - Not specified. - - >- - EKM-side key management operations on CryptoKeys created with this - EkmConnection must be initiated from the EKM directly and cannot - be performed from Cloud KMS. This means that: * When creating a - CryptoKeyVersion associated with this EkmConnection, the caller - must supply the key path of pre-existing external key material - that will be linked to the CryptoKeyVersion. * Destruction of - external key material cannot be requested via the Cloud KMS API - and must be performed directly in the EKM. * Automatic rotation of - key material is not supported. - - >- - All CryptoKeys created with this EkmConnection use EKM-side key - management operations initiated from Cloud KMS. This means that: * - When a CryptoKeyVersion associated with this EkmConnection is - created, the EKM automatically generates new key material and a - new key path. The caller cannot supply the key path of - pre-existing external key material. * Destruction of external key - material associated with this EkmConnection can be requested by - calling DestroyCryptoKeyVersion. * Automatic rotation of key - material is supported. + - Crypto operations are performed in software. + - Crypto operations are performed in a Hardware Security Module. + - Crypto operations are performed by an external key manager. + - Crypto operations are performed in an EKM-over-VPC backend. + - Crypto operations are performed in a single-tenant HSM. enum: - - KEY_MANAGEMENT_MODE_UNSPECIFIED - - MANUAL - - CLOUD_KMS - cryptoSpacePath: - description: >- - Optional. Identifies the EKM Crypto Space that this EkmConnection - maps to. Note: This field is required if KeyManagementMode is - CLOUD_KMS. - type: string - ServiceResolver: - id: ServiceResolver - description: >- - A ServiceResolver represents an EKM replica that can be reached within - an EkmConnection. - type: object - properties: - serviceDirectoryService: - description: >- - Required. The resource name of the Service Directory service - pointing to an EKM replica, in the format - `projects/*/locations/*/namespaces/*/services/*`. - type: string - endpointFilter: - description: >- - Optional. The filter applied to the endpoints of the resolved - service. If no filter is specified, all endpoints will be - considered. An endpoint will be chosen arbitrarily from the filtered - list for each request. For endpoint filter syntax and examples, see - https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest. - type: string - hostname: - description: >- - Required. The hostname of the EKM replica used at TLS and HTTP - layers. - type: string - serverCertificates: - description: >- - Required. A list of leaf server certificates used to authenticate - HTTPS connections to the EKM replica. Currently, a maximum of 10 - Certificate is supported. - type: array - items: - $ref: '#/components/schemas/Certificate' - Certificate: - id: Certificate - description: >- - A Certificate represents an X.509 certificate used to authenticate HTTPS - connections to EKM replicas. - type: object - properties: - rawDer: - description: Required. The raw certificate bytes in DER format. - type: string - format: byte - parsed: - description: Output only. True if the certificate was parsed successfully. - readOnly: true - type: boolean - issuer: - description: >- - Output only. The issuer distinguished name in RFC 2253 format. Only - present if parsed is true. - readOnly: true - type: string - subject: - description: >- - Output only. The subject distinguished name in RFC 2253 format. Only - present if parsed is true. - readOnly: true - type: string - subjectAlternativeDnsNames: - description: >- - Output only. The subject Alternative DNS names. Only present if - parsed is true. - readOnly: true - type: array - items: - type: string - notBeforeTime: + - PROTECTION_LEVEL_UNSPECIFIED + - SOFTWARE + - HSM + - EXTERNAL + - EXTERNAL_VPC + - HSM_SINGLE_TENANT description: >- - Output only. The certificate is not valid before this time. Only - present if parsed is true. - readOnly: true + ProtectionLevel to use when creating a CryptoKeyVersion based on + this template. Immutable. Defaults to SOFTWARE. type: string - format: google-datetime - notAfterTime: - description: >- - Output only. The certificate is not valid after this time. Only - present if parsed is true. - readOnly: true - type: string - format: google-datetime - serialNumber: - description: >- - Output only. The certificate serial number as a hex string. Only - present if parsed is true. - readOnly: true - type: string - sha256Fingerprint: + algorithm: + enum: + - CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED + - GOOGLE_SYMMETRIC_ENCRYPTION + - AES_128_GCM + - AES_256_GCM + - AES_128_CBC + - AES_256_CBC + - AES_128_CTR + - AES_256_CTR + - RSA_SIGN_PSS_2048_SHA256 + - RSA_SIGN_PSS_3072_SHA256 + - RSA_SIGN_PSS_4096_SHA256 + - RSA_SIGN_PSS_4096_SHA512 + - RSA_SIGN_PKCS1_2048_SHA256 + - RSA_SIGN_PKCS1_3072_SHA256 + - RSA_SIGN_PKCS1_4096_SHA256 + - RSA_SIGN_PKCS1_4096_SHA512 + - RSA_SIGN_RAW_PKCS1_2048 + - RSA_SIGN_RAW_PKCS1_3072 + - RSA_SIGN_RAW_PKCS1_4096 + - RSA_DECRYPT_OAEP_2048_SHA256 + - RSA_DECRYPT_OAEP_3072_SHA256 + - RSA_DECRYPT_OAEP_4096_SHA256 + - RSA_DECRYPT_OAEP_4096_SHA512 + - RSA_DECRYPT_OAEP_2048_SHA1 + - RSA_DECRYPT_OAEP_3072_SHA1 + - RSA_DECRYPT_OAEP_4096_SHA1 + - EC_SIGN_P256_SHA256 + - EC_SIGN_P384_SHA384 + - EC_SIGN_SECP256K1_SHA256 + - EC_SIGN_ED25519 + - HMAC_SHA256 + - HMAC_SHA1 + - HMAC_SHA384 + - HMAC_SHA512 + - HMAC_SHA224 + - EXTERNAL_SYMMETRIC_ENCRYPTION + - ML_KEM_768 + - ML_KEM_1024 + - KEM_XWING + - PQ_SIGN_ML_DSA_44 + - PQ_SIGN_ML_DSA_65 + - PQ_SIGN_ML_DSA_87 + - PQ_SIGN_SLH_DSA_SHA2_128S + - PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256 + - PQ_SIGN_ML_DSA_44_EXTERNAL_MU + - PQ_SIGN_ML_DSA_65_EXTERNAL_MU + - PQ_SIGN_ML_DSA_87_EXTERNAL_MU + enumDescriptions: + - Not specified. + - Creates symmetric encryption keys. + - AES-GCM (Galois Counter Mode) using 128-bit keys. + - AES-GCM (Galois Counter Mode) using 256-bit keys. + - AES-CBC (Cipher Block Chaining Mode) using 128-bit keys. + - AES-CBC (Cipher Block Chaining Mode) using 256-bit keys. + - AES-CTR (Counter Mode) using 128-bit keys. + - AES-CTR (Counter Mode) using 256-bit keys. + - RSASSA-PSS 2048 bit key with a SHA256 digest. + - RSASSA-PSS 3072 bit key with a SHA256 digest. + - RSASSA-PSS 4096 bit key with a SHA256 digest. + - RSASSA-PSS 4096 bit key with a SHA512 digest. + - RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. + - RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. + - RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. + - RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. + - RSASSA-PKCS1-v1_5 signing without encoding, with a 2048 bit key. + - RSASSA-PKCS1-v1_5 signing without encoding, with a 3072 bit key. + - RSASSA-PKCS1-v1_5 signing without encoding, with a 4096 bit key. + - RSAES-OAEP 2048 bit key with a SHA256 digest. + - RSAES-OAEP 3072 bit key with a SHA256 digest. + - RSAES-OAEP 4096 bit key with a SHA256 digest. + - RSAES-OAEP 4096 bit key with a SHA512 digest. + - RSAES-OAEP 2048 bit key with a SHA1 digest. + - RSAES-OAEP 3072 bit key with a SHA1 digest. + - RSAES-OAEP 4096 bit key with a SHA1 digest. + - >- + ECDSA on the NIST P-256 curve with a SHA256 digest. Other hash + functions can also be used: + https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + - >- + ECDSA on the NIST P-384 curve with a SHA384 digest. Other hash + functions can also be used: + https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + - >- + ECDSA on the non-NIST secp256k1 curve. This curve is only + supported for HSM protection level. Other hash functions can also + be used: + https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + - EdDSA on the Curve25519 in pure mode (taking data as input). + - HMAC-SHA256 signing with a 256 bit key. + - HMAC-SHA1 signing with a 160 bit key. + - HMAC-SHA384 signing with a 384 bit key. + - HMAC-SHA512 signing with a 512 bit key. + - HMAC-SHA224 signing with a 224 bit key. + - >- + Algorithm representing symmetric encryption by an external key + manager. + - ML-KEM-768 (FIPS 203) + - ML-KEM-1024 (FIPS 203) + - >- + X-Wing hybrid KEM combining ML-KEM-768 with X25519 following + datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 1. Randomized version. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 3. Randomized version. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 5. Randomized version. + - >- + The post-quantum stateless hash-based digital signature algorithm, + at security level 1. Randomized version. + - >- + The post-quantum stateless hash-based digital signature algorithm, + at security level 1. Randomized pre-hash version supporting SHA256 + digests. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 1. Randomized version supporting + externally-computed message representatives. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 3. Randomized version supporting + externally-computed message representatives. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 5. Randomized version supporting + externally-computed message representatives. description: >- - Output only. The SHA-256 certificate fingerprint as a hex string. - Only present if parsed is true. - readOnly: true + Required. Algorithm to use when creating a CryptoKeyVersion based on + this template. For backwards compatibility, + GOOGLE_SYMMETRIC_ENCRYPTION is implied if both this field is omitted + and CryptoKey.purpose is ENCRYPT_DECRYPT. type: string - EkmConfig: - id: EkmConfig + type: object description: >- - An EkmConfig is a singleton resource that represents configuration - parameters that apply to all CryptoKeys and CryptoKeyVersions with a - ProtectionLevel of EXTERNAL_VPC in a given project and location. + A CryptoKeyVersionTemplate specifies the properties to use when creating + a new CryptoKeyVersion, either manually with CreateCryptoKeyVersion or + automatically as a result of auto-rotation. + id: CryptoKeyVersionTemplate + GenerateRandomBytesRequest: + description: Request message for KeyManagementService.GenerateRandomBytes. type: object properties: - name: + lengthBytes: description: >- - Output only. The resource name for the EkmConfig in the format - `projects/*/locations/*/ekmConfig`. - readOnly: true - type: string - defaultEkmConnection: + The length in bytes of the amount of randomness to retrieve. Minimum + 8 bytes, maximum 1024 bytes. + format: int32 + type: integer + protectionLevel: + enumDescriptions: + - Not specified. + - Crypto operations are performed in software. + - Crypto operations are performed in a Hardware Security Module. + - Crypto operations are performed by an external key manager. + - Crypto operations are performed in an EKM-over-VPC backend. + - Crypto operations are performed in a single-tenant HSM. description: >- - Optional. Resource name of the default EkmConnection. Setting this - field to the empty string removes the default. + The ProtectionLevel to use when generating the random data. + Currently, only HSM protection level is supported. + enum: + - PROTECTION_LEVEL_UNSPECIFIED + - SOFTWARE + - HSM + - EXTERNAL + - EXTERNAL_VPC + - HSM_SINGLE_TENANT type: string + id: GenerateRandomBytesRequest VerifyConnectivityResponse: + type: object + properties: {} id: VerifyConnectivityResponse description: Response message for EkmService.VerifyConnectivity. + AutokeyConfig: + id: AutokeyConfig type: object - properties: {} + description: Cloud KMS Autokey configuration for a folder. + properties: + name: + description: >- + Identifier. Name of the AutokeyConfig resource, e.g. + `folders/{FOLDER_NUMBER}/autokeyConfig` + type: string + keyProject: + description: >- + Optional. Name of the key project, e.g. `projects/{PROJECT_ID}` or + `projects/{PROJECT_NUMBER}`, where Cloud KMS Autokey will provision + a new CryptoKey when a KeyHandle is created. On UpdateAutokeyConfig, + the caller will require `cloudkms.cryptoKeys.setIamPolicy` + permission on this key project. Once configured, for Cloud KMS + Autokey to function properly, this key project must have the Cloud + KMS API activated and the Cloud KMS Service Agent for this key + project must be granted the `cloudkms.admin` role (or pertinent + permissions). A request with an empty key project field will clear + the configuration. + type: string + etag: + description: >- + Optional. A checksum computed by the server based on the value of + other fields. This may be sent on update requests to ensure that the + client has an up-to-date value before proceeding. The request will + be rejected with an ABORTED error on a mismatched etag. + type: string + state: + enumDescriptions: + - The state of the AutokeyConfig is unspecified. + - The AutokeyConfig is currently active. + - >- + A previously configured key project has been deleted and the + current AutokeyConfig is unusable. + - >- + The AutokeyConfig is not yet initialized or has been reset to its + default uninitialized state. + type: string + readOnly: true + description: Output only. The state for the AutokeyConfig. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - KEY_PROJECT_DELETED + - UNINITIALIZED KeyAccessJustificationsPolicyConfig: id: KeyAccessJustificationsPolicyConfig description: A singleton configuration for Key Access Justifications policies. - type: object properties: name: description: >- @@ -454,29 +543,112 @@ components: CreateCryptoKeyRequest. This overrides any default policies in its ancestry. $ref: '#/components/schemas/KeyAccessJustificationsPolicy' - KeyAccessJustificationsPolicy: - id: KeyAccessJustificationsPolicy - description: >- - A KeyAccessJustificationsPolicy specifies zero or more allowed - AccessReason values for encrypt, decrypt, and sign operations on a - CryptoKey. type: object + WrappingPublicKey: + type: object + id: WrappingPublicKey properties: - allowedAccessReasons: + pem: description: >- - The list of allowed reasons for access to a CryptoKey. Zero allowed - access reasons means all encrypt, decrypt, and sign operations for - the CryptoKey associated with this policy will fail. - type: array - items: - type: string - enumDescriptions: - - Unspecified access reason. - - Customer-initiated support. - - >- - Google-initiated access for system management and - troubleshooting. - - >- + The public key, encoded in PEM format. For more information, see the + [RFC 7468](https://tools.ietf.org/html/rfc7468) sections for + [General + Considerations](https://tools.ietf.org/html/rfc7468#section-2) and + [Textual Encoding of Subject Public Key Info] + (https://tools.ietf.org/html/rfc7468#section-13). + type: string + description: >- + The public key component of the wrapping key. For details of the type of + key this public key corresponds to, see the ImportMethod. + DecapsulateResponse: + type: object + properties: + sharedSecret: + format: byte + description: >- + The decapsulated shared_secret originally encapsulated with the + matching public key. + type: string + sharedSecretCrc32c: + description: >- + Integrity verification field. A CRC32C checksum of the returned + DecapsulateResponse.shared_secret. An integrity check of + DecapsulateResponse.shared_secret can be performed by computing the + CRC32C checksum of DecapsulateResponse.shared_secret and comparing + your results to this field. Discard the response in case of + non-matching checksum values, and perform a limited number of + retries. A persistent mismatch may indicate an issue in your + computation of the CRC32C checksum. Note: receiving this response + message indicates that KeyManagementService is able to successfully + decrypt the ciphertext. Note: This field is defined as int64 for + reasons of compatibility across different languages. However, it is + a non-negative integer, which will never exceed 2^32-1, and can be + safely downconverted to uint32 in languages that support this type. + type: string + format: int64 + protectionLevel: + enumDescriptions: + - Not specified. + - Crypto operations are performed in software. + - Crypto operations are performed in a Hardware Security Module. + - Crypto operations are performed by an external key manager. + - Crypto operations are performed in an EKM-over-VPC backend. + - Crypto operations are performed in a single-tenant HSM. + enum: + - PROTECTION_LEVEL_UNSPECIFIED + - SOFTWARE + - HSM + - EXTERNAL + - EXTERNAL_VPC + - HSM_SINGLE_TENANT + description: The ProtectionLevel of the CryptoKeyVersion used in decapsulation. + type: string + name: + type: string + description: >- + The resource name of the CryptoKeyVersion used for decapsulation. + Check this field to verify that the intended resource was used for + decapsulation. + verifiedCiphertextCrc32c: + type: boolean + description: >- + Integrity verification field. A flag indicating whether + DecapsulateRequest.ciphertext_crc32c was received by + KeyManagementService and used for the integrity verification of the + ciphertext. A false value of this field indicates either that + DecapsulateRequest.ciphertext_crc32c was left unset or that it was + not delivered to KeyManagementService. If you've set + DecapsulateRequest.ciphertext_crc32c but this field is still false, + discard the response and perform a limited number of retries. + id: DecapsulateResponse + description: Response message for KeyManagementService.Decapsulate. + KeyAccessJustificationsPolicy: + type: object + id: KeyAccessJustificationsPolicy + properties: + allowedAccessReasons: + items: + type: string + enum: + - REASON_UNSPECIFIED + - CUSTOMER_INITIATED_SUPPORT + - GOOGLE_INITIATED_SERVICE + - THIRD_PARTY_DATA_REQUEST + - GOOGLE_INITIATED_REVIEW + - CUSTOMER_INITIATED_ACCESS + - GOOGLE_INITIATED_SYSTEM_OPERATION + - REASON_NOT_EXPECTED + - MODIFIED_CUSTOMER_INITIATED_ACCESS + - MODIFIED_GOOGLE_INITIATED_SYSTEM_OPERATION + - GOOGLE_RESPONSE_TO_PRODUCTION_ALERT + - CUSTOMER_AUTHORIZED_WORKFLOW_SERVICING + enumDescriptions: + - Unspecified access reason. + - Customer-initiated support. + - >- + Google-initiated access for system management and + troubleshooting. + - >- Google-initiated access in response to a legal request or legal process. - >- @@ -517,709 +689,854 @@ components: Google system operates on encrypted customer data which your IAM policy authorizes. * Customer-initiated Google support access. * Google-initiated support access to protect system reliability. - enum: - - REASON_UNSPECIFIED - - CUSTOMER_INITIATED_SUPPORT - - GOOGLE_INITIATED_SERVICE - - THIRD_PARTY_DATA_REQUEST - - GOOGLE_INITIATED_REVIEW - - CUSTOMER_INITIATED_ACCESS - - GOOGLE_INITIATED_SYSTEM_OPERATION - - REASON_NOT_EXPECTED - - MODIFIED_CUSTOMER_INITIATED_ACCESS - - MODIFIED_GOOGLE_INITIATED_SYSTEM_OPERATION - - GOOGLE_RESPONSE_TO_PRODUCTION_ALERT - - CUSTOMER_AUTHORIZED_WORKFLOW_SERVICING - ShowEffectiveKeyAccessJustificationsPolicyConfigResponse: - id: ShowEffectiveKeyAccessJustificationsPolicyConfigResponse + type: array + description: >- + The list of allowed reasons for access to a CryptoKey. Zero allowed + access reasons means all encrypt, decrypt, and sign operations for + the CryptoKey associated with this policy will fail. description: >- - Response message for - KeyAccessJustificationsConfig.ShowEffectiveKeyAccessJustificationsPolicyConfig. - type: object + A KeyAccessJustificationsPolicy specifies zero or more allowed + AccessReason values for encrypt, decrypt, and sign operations on a + CryptoKey. + KeyOperationAttestation: + id: KeyOperationAttestation properties: - effectiveKajPolicy: - description: The effective KeyAccessJustificationsPolicyConfig. - $ref: '#/components/schemas/KeyAccessJustificationsPolicyConfig' - ShowEffectiveKeyAccessJustificationsEnrollmentConfigResponse: - id: ShowEffectiveKeyAccessJustificationsEnrollmentConfigResponse - description: >- - Response message for - KeyAccessJustificationsConfig.ShowEffectiveKeyAccessJustificationsEnrollmentConfig + certChains: + description: >- + Output only. The certificate chains needed to validate the + attestation + readOnly: true + $ref: '#/components/schemas/CertificateChains' + format: + enumDescriptions: + - Not specified. + - >- + Cavium HSM attestation compressed with gzip. Note that this format + is defined by Cavium and subject to change at any time. See + https://www.marvell.com/products/security-solutions/nitrox-hs-adapters/software-key-attestation.html. + - >- + Cavium HSM attestation V2 compressed with gzip. This is a new + format introduced in Cavium's version 3.2-08. + enum: + - ATTESTATION_FORMAT_UNSPECIFIED + - CAVIUM_V1_COMPRESSED + - CAVIUM_V2_COMPRESSED + type: string + description: Output only. The format of the attestation data. + readOnly: true + content: + type: string + readOnly: true + description: >- + Output only. The attestation data provided by the HSM when the key + operation was performed. + format: byte type: object + description: >- + Contains an HSM-generated attestation about a key operation. For more + information, see [Verifying attestations] + (https://cloud.google.com/kms/docs/attest-key). + MacSignRequest: + description: Request message for KeyManagementService.MacSign. properties: - hardwareConfig: - description: >- - The effective KeyAccessJustificationsEnrollmentConfig for hardware - keys. - $ref: '#/components/schemas/KeyAccessJustificationsEnrollmentConfig' - softwareConfig: + dataCrc32c: + type: string + format: int64 description: >- - The effective KeyAccessJustificationsEnrollmentConfig for software - keys. - $ref: '#/components/schemas/KeyAccessJustificationsEnrollmentConfig' - externalConfig: + Optional. An optional CRC32C checksum of the MacSignRequest.data. If + specified, KeyManagementService will verify the integrity of the + received MacSignRequest.data using this checksum. + KeyManagementService will report an error if the checksum + verification fails. If you receive a checksum error, your client + should verify that CRC32C(MacSignRequest.data) is equal to + MacSignRequest.data_crc32c, and if so, perform a limited number of + retries. A persistent mismatch may indicate an issue in your + computation of the CRC32C checksum. Note: This field is defined as + int64 for reasons of compatibility across different languages. + However, it is a non-negative integer, which will never exceed + 2^32-1, and can be safely downconverted to uint32 in languages that + support this type. + data: + type: string + format: byte description: >- - The effective KeyAccessJustificationsEnrollmentConfig for external - keys. - $ref: '#/components/schemas/KeyAccessJustificationsEnrollmentConfig' - KeyAccessJustificationsEnrollmentConfig: - id: KeyAccessJustificationsEnrollmentConfig - description: >- - The configuration of a protection level for a project's Key Access - Justifications enrollment. + Required. The data to sign. The MAC tag is computed over this data + field based on the specific algorithm. type: object - properties: - auditLogging: - description: Whether the project has KAJ logging enabled. - type: boolean - policyEnforcement: - description: Whether the project is enrolled in KAJ policy enforcement. - type: boolean + id: MacSignRequest ListKeyRingsResponse: - id: ListKeyRingsResponse - description: Response message for KeyManagementService.ListKeyRings. type: object properties: keyRings: - description: The list of KeyRings. - type: array items: $ref: '#/components/schemas/KeyRing' + type: array + description: The list of KeyRings. nextPageToken: + type: string description: >- A token to retrieve next page of results. Pass this value in ListKeyRingsRequest.page_token to retrieve the next page of results. - type: string totalSize: + type: integer + format: int32 description: >- The total number of KeyRings that matched the query. This field is not populated if ListKeyRingsRequest.filter is applied. - type: integer - format: int32 - KeyRing: - id: KeyRing - description: A KeyRing is a toplevel logical grouping of CryptoKeys. - type: object + description: Response message for KeyManagementService.ListKeyRings. + id: ListKeyRingsResponse + ListImportJobsResponse: properties: - name: + importJobs: + description: The list of ImportJobs. + items: + $ref: '#/components/schemas/ImportJob' + type: array + totalSize: description: >- - Output only. The resource name for the KeyRing in the format - `projects/*/locations/*/keyRings/*`. - readOnly: true + The total number of ImportJobs that matched the query. This field is + not populated if ListImportJobsRequest.filter is applied. + format: int32 + type: integer + nextPageToken: + description: >- + A token to retrieve next page of results. Pass this value in + ListImportJobsRequest.page_token to retrieve the next page of + results. type: string - createTime: - description: Output only. The time at which this KeyRing was created. - readOnly: true - type: string - format: google-datetime - ListCryptoKeysResponse: - id: ListCryptoKeysResponse - description: Response message for KeyManagementService.ListCryptoKeys. type: object + id: ListImportJobsResponse + description: Response message for KeyManagementService.ListImportJobs. + DecryptResponse: properties: - cryptoKeys: - description: The list of CryptoKeys. - type: array - items: - $ref: '#/components/schemas/CryptoKey' - nextPageToken: - description: >- - A token to retrieve next page of results. Pass this value in - ListCryptoKeysRequest.page_token to retrieve the next page of - results. + usedPrimary: + description: Whether the Decryption was performed using the primary key version. + type: boolean + plaintextCrc32c: + format: int64 type: string - totalSize: description: >- - The total number of CryptoKeys that matched the query. This field is - not populated if ListCryptoKeysRequest.filter is applied. - type: integer - format: int32 - CryptoKey: - id: CryptoKey - description: >- - A CryptoKey represents a logical key that can be used for cryptographic - operations. A CryptoKey is made up of zero or more versions, which - represent the actual key material used in cryptographic operations. + Integrity verification field. A CRC32C checksum of the returned + DecryptResponse.plaintext. An integrity check of + DecryptResponse.plaintext can be performed by computing the CRC32C + checksum of DecryptResponse.plaintext and comparing your results to + this field. Discard the response in case of non-matching checksum + values, and perform a limited number of retries. A persistent + mismatch may indicate an issue in your computation of the CRC32C + checksum. Note: receiving this response message indicates that + KeyManagementService is able to successfully decrypt the ciphertext. + Note: This field is defined as int64 for reasons of compatibility + across different languages. However, it is a non-negative integer, + which will never exceed 2^32-1, and can be safely downconverted to + uint32 in languages that support this type. + protectionLevel: + enum: + - PROTECTION_LEVEL_UNSPECIFIED + - SOFTWARE + - HSM + - EXTERNAL + - EXTERNAL_VPC + - HSM_SINGLE_TENANT + type: string + enumDescriptions: + - Not specified. + - Crypto operations are performed in software. + - Crypto operations are performed in a Hardware Security Module. + - Crypto operations are performed by an external key manager. + - Crypto operations are performed in an EKM-over-VPC backend. + - Crypto operations are performed in a single-tenant HSM. + description: The ProtectionLevel of the CryptoKeyVersion used in decryption. + plaintext: + format: byte + description: The decrypted data originally supplied in EncryptRequest.plaintext. + type: string + type: object + description: Response message for KeyManagementService.Decrypt. + id: DecryptResponse + RawDecryptRequest: type: object + description: Request message for KeyManagementService.RawDecrypt. properties: - name: - description: >- - Output only. The resource name for this CryptoKey in the format - `projects/*/locations/*/keyRings/*/cryptoKeys/*`. - readOnly: true + additionalAuthenticatedDataCrc32c: type: string - primary: description: >- - Output only. A copy of the "primary" CryptoKeyVersion that will be - used by Encrypt when this CryptoKey is given in EncryptRequest.name. - The CryptoKey's primary version can be updated via - UpdateCryptoKeyPrimaryVersion. Keys with purpose ENCRYPT_DECRYPT may - have a primary. For other keys, this field will be omitted. - readOnly: true - $ref: '#/components/schemas/CryptoKeyVersion' - purpose: - description: Immutable. The immutable purpose of this CryptoKey. - type: string - enumDescriptions: - - Not specified. - - CryptoKeys with this purpose may be used with Encrypt and Decrypt. - - >- - CryptoKeys with this purpose may be used with AsymmetricSign and - GetPublicKey. - - >- - CryptoKeys with this purpose may be used with AsymmetricDecrypt - and GetPublicKey. - - >- - CryptoKeys with this purpose may be used with RawEncrypt and - RawDecrypt. This purpose is meant to be used for interoperable - symmetric encryption and does not support automatic CryptoKey - rotation. - - CryptoKeys with this purpose may be used with MacSign. - - >- - CryptoKeys with this purpose may be used with GetPublicKey and - Decapsulate. - enum: - - CRYPTO_KEY_PURPOSE_UNSPECIFIED - - ENCRYPT_DECRYPT - - ASYMMETRIC_SIGN - - ASYMMETRIC_DECRYPT - - RAW_ENCRYPT_DECRYPT - - MAC - - KEY_ENCAPSULATION - createTime: - description: Output only. The time at which this CryptoKey was created. - readOnly: true + Optional. An optional CRC32C checksum of the + RawDecryptRequest.additional_authenticated_data. If specified, + KeyManagementService will verify the integrity of the received + additional_authenticated_data using this checksum. + KeyManagementService will report an error if the checksum + verification fails. If you receive a checksum error, your client + should verify that CRC32C(additional_authenticated_data) is equal to + additional_authenticated_data_crc32c, and if so, perform a limited + number of retries. A persistent mismatch may indicate an issue in + your computation of the CRC32C checksum. Note: This field is defined + as int64 for reasons of compatibility across different languages. + However, it is a non-negative integer, which will never exceed + 2^32-1, and can be safely downconverted to uint32 in languages that + support this type. + format: int64 + initializationVector: + description: >- + Required. The initialization vector (IV) used during encryption, + which must match the data originally provided in + RawEncryptResponse.initialization_vector. + format: byte type: string - format: google-datetime - nextRotationTime: + ciphertext: description: >- - At next_rotation_time, the Key Management Service will - automatically: 1. Create a new version of this CryptoKey. 2. Mark - the new version as primary. Key rotations performed manually via - CreateCryptoKeyVersion and UpdateCryptoKeyPrimaryVersion do not - affect next_rotation_time. Keys with purpose ENCRYPT_DECRYPT support - automatic rotation. For other keys, this field must be omitted. + Required. The encrypted data originally returned in + RawEncryptResponse.ciphertext. type: string - format: google-datetime - rotationPeriod: + format: byte + ciphertextCrc32c: description: >- - next_rotation_time will be advanced by this period when the service - automatically rotates a key. Must be at least 24 hours and at most - 876,000 hours. If rotation_period is set, next_rotation_time must - also be set. Keys with purpose ENCRYPT_DECRYPT support automatic - rotation. For other keys, this field must be omitted. + Optional. An optional CRC32C checksum of the + RawDecryptRequest.ciphertext. If specified, KeyManagementService + will verify the integrity of the received ciphertext using this + checksum. KeyManagementService will report an error if the checksum + verification fails. If you receive a checksum error, your client + should verify that CRC32C(ciphertext) is equal to ciphertext_crc32c, + and if so, perform a limited number of retries. A persistent + mismatch may indicate an issue in your computation of the CRC32C + checksum. Note: This field is defined as int64 for reasons of + compatibility across different languages. However, it is a + non-negative integer, which will never exceed 2^32-1, and can be + safely downconverted to uint32 in languages that support this type. type: string - format: google-duration - versionTemplate: + format: int64 + additionalAuthenticatedData: description: >- - A template describing settings for new CryptoKeyVersion instances. - The properties of new CryptoKeyVersion instances created by either - CreateCryptoKeyVersion or auto-rotation are controlled by this - template. - $ref: '#/components/schemas/CryptoKeyVersionTemplate' - labels: + Optional. Optional data that must match the data originally supplied + in RawEncryptRequest.additional_authenticated_data. + type: string + format: byte + tagLength: + type: integer + format: int32 description: >- - Labels with user-defined metadata. For more information, see - [Labeling Keys](https://cloud.google.com/kms/docs/labeling-keys). - type: object - additionalProperties: - type: string - importOnly: - description: Immutable. Whether this key may contain imported versions only. - type: boolean - destroyScheduledDuration: + The length of the authentication tag that is appended to the end of + the ciphertext. If unspecified (0), the default value for the key's + algorithm will be used (for AES-GCM, the default value is 16). + initializationVectorCrc32c: description: >- - Immutable. The period of time that versions of this key spend in the - DESTROY_SCHEDULED state before transitioning to DESTROYED. If not - specified at creation time, the default duration is 30 days. + Optional. An optional CRC32C checksum of the + RawDecryptRequest.initialization_vector. If specified, + KeyManagementService will verify the integrity of the received + initialization_vector using this checksum. KeyManagementService will + report an error if the checksum verification fails. If you receive a + checksum error, your client should verify that + CRC32C(initialization_vector) is equal to + initialization_vector_crc32c, and if so, perform a limited number of + retries. A persistent mismatch may indicate an issue in your + computation of the CRC32C checksum. Note: This field is defined as + int64 for reasons of compatibility across different languages. + However, it is a non-negative integer, which will never exceed + 2^32-1, and can be safely downconverted to uint32 in languages that + support this type. type: string - format: google-duration + format: int64 + id: RawDecryptRequest + ImportJob: + properties: + publicKey: + readOnly: true + description: >- + Output only. The public key with which to wrap key material prior to + import. Only returned if state is ACTIVE. + $ref: '#/components/schemas/WrappingPublicKey' + attestation: + readOnly: true + $ref: '#/components/schemas/KeyOperationAttestation' + description: >- + Output only. Statement that was generated and signed by the key + creator (for example, an HSM) at key creation time. Use this + statement to verify attributes of the key as stored on the HSM, + independently of Google. Only present if the chosen ImportMethod is + one with a protection level of HSM. cryptoKeyBackend: description: >- Immutable. The resource name of the backend environment where the - key material for all CryptoKeyVersions associated with this - CryptoKey reside and where all related cryptographic operations are - performed. Only applicable if CryptoKeyVersions have a - ProtectionLevel of EXTERNAL_VPC, with the resource name in the - format `projects/*/locations/*/ekmConnections/*`. Note, this list is - non-exhaustive and may apply to additional ProtectionLevels in the - future. + key material for the wrapping key resides and where all related + cryptographic operations are performed. Currently, this field is + only populated for keys stored in HSM_SINGLE_TENANT. Note, this list + is non-exhaustive and may apply to additional ProtectionLevels in + the future. type: string - keyAccessJustificationsPolicy: + expireTime: + format: google-datetime + type: string + readOnly: true description: >- - Optional. The policy used for Key Access Justifications Policy - Enforcement. If this field is present and this key is enrolled in - Key Access Justifications Policy Enforcement, the policy will be - evaluated in encrypt, decrypt, and sign operations, and the - operation will fail if rejected by the policy. The policy is defined - by specifying zero or more allowed justification codes. - https://cloud.google.com/assured-workloads/key-access-justifications/docs/justification-codes - By default, this field is absent, and all justification codes are - allowed. - $ref: '#/components/schemas/KeyAccessJustificationsPolicy' - CryptoKeyVersion: - id: CryptoKeyVersion - description: >- - A CryptoKeyVersion represents an individual cryptographic key, and the - associated key material. An ENABLED version can be used for - cryptographic operations. For security reasons, the raw cryptographic - key material represented by a CryptoKeyVersion can never be viewed or - exported. It can only be used to encrypt, decrypt, or sign data when an - authorized user or application invokes Cloud KMS. - type: object - properties: - name: - description: >- - Output only. The resource name for this CryptoKeyVersion in the - format - `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. - readOnly: true - type: string - state: - description: The current state of the CryptoKeyVersion. - type: string - enumDescriptions: - - Not specified. - - >- - This version is still being generated. It may not be used, - enabled, disabled, or destroyed yet. Cloud KMS will automatically - mark this version ENABLED as soon as the version is ready. - - This version may be used for cryptographic operations. - - >- - This version may not be used, but the key material is still - available, and the version can be placed back into the ENABLED - state. - - >- - The key material of this version is destroyed and no longer - stored. This version may only become ENABLED again if this version - is reimport_eligible and the original key material is reimported - with a call to KeyManagementService.ImportCryptoKeyVersion. - - >- - This version is scheduled for destruction, and will be destroyed - soon. Call RestoreCryptoKeyVersion to put it back into the - DISABLED state. - - >- - This version is still being imported. It may not be used, enabled, - disabled, or destroyed yet. Cloud KMS will automatically mark this - version ENABLED as soon as the version is ready. - - >- - This version was not imported successfully. It may not be used, - enabled, disabled, or destroyed. The submitted key material has - been discarded. Additional details can be found in - CryptoKeyVersion.import_failure_reason. - - >- - This version was not generated successfully. It may not be used, - enabled, disabled, or destroyed. Additional details can be found - in CryptoKeyVersion.generation_failure_reason. - - >- - This version was destroyed, and it may not be used or enabled - again. Cloud KMS is waiting for the corresponding key material - residing in an external key manager to be destroyed. - - >- - This version was destroyed, and it may not be used or enabled - again. However, Cloud KMS could not confirm that the corresponding - key material residing in an external key manager was destroyed. - Additional details can be found in - CryptoKeyVersion.external_destruction_failure_reason. - enum: - - CRYPTO_KEY_VERSION_STATE_UNSPECIFIED - - PENDING_GENERATION - - ENABLED - - DISABLED - - DESTROYED - - DESTROY_SCHEDULED - - PENDING_IMPORT - - IMPORT_FAILED - - GENERATION_FAILED - - PENDING_EXTERNAL_DESTRUCTION - - EXTERNAL_DESTRUCTION_FAILED + Output only. The time at which this ImportJob is scheduled for + expiration and can no longer be used to import key material. protectionLevel: - description: >- - Output only. The ProtectionLevel describing how crypto operations - are performed with this CryptoKeyVersion. - readOnly: true type: string - enumDescriptions: - - Not specified. - - Crypto operations are performed in software. - - Crypto operations are performed in a Hardware Security Module. - - Crypto operations are performed by an external key manager. - - Crypto operations are performed in an EKM-over-VPC backend. + description: >- + Required. Immutable. The protection level of the ImportJob. This + must match the protection_level of the version_template on the + CryptoKey you attempt to import into. enum: - PROTECTION_LEVEL_UNSPECIFIED - SOFTWARE - HSM - EXTERNAL - EXTERNAL_VPC - algorithm: - description: >- - Output only. The CryptoKeyVersionAlgorithm that this - CryptoKeyVersion supports. + - HSM_SINGLE_TENANT + enumDescriptions: + - Not specified. + - Crypto operations are performed in software. + - Crypto operations are performed in a Hardware Security Module. + - Crypto operations are performed by an external key manager. + - Crypto operations are performed in an EKM-over-VPC backend. + - Crypto operations are performed in a single-tenant HSM. + state: readOnly: true type: string + enum: + - IMPORT_JOB_STATE_UNSPECIFIED + - PENDING_GENERATION + - ACTIVE + - EXPIRED + description: >- + Output only. The current state of the ImportJob, indicating if it + can be used. enumDescriptions: - Not specified. - - Creates symmetric encryption keys. - - AES-GCM (Galois Counter Mode) using 128-bit keys. - - AES-GCM (Galois Counter Mode) using 256-bit keys. - - AES-CBC (Cipher Block Chaining Mode) using 128-bit keys. - - AES-CBC (Cipher Block Chaining Mode) using 256-bit keys. - - AES-CTR (Counter Mode) using 128-bit keys. - - AES-CTR (Counter Mode) using 256-bit keys. - - RSASSA-PSS 2048 bit key with a SHA256 digest. - - RSASSA-PSS 3072 bit key with a SHA256 digest. - - RSASSA-PSS 4096 bit key with a SHA256 digest. - - RSASSA-PSS 4096 bit key with a SHA512 digest. - - RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. - - RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. - - RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. - - RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. - - RSASSA-PKCS1-v1_5 signing without encoding, with a 2048 bit key. - - RSASSA-PKCS1-v1_5 signing without encoding, with a 3072 bit key. - - RSASSA-PKCS1-v1_5 signing without encoding, with a 4096 bit key. - - RSAES-OAEP 2048 bit key with a SHA256 digest. - - RSAES-OAEP 3072 bit key with a SHA256 digest. - - RSAES-OAEP 4096 bit key with a SHA256 digest. - - RSAES-OAEP 4096 bit key with a SHA512 digest. - - RSAES-OAEP 2048 bit key with a SHA1 digest. - - RSAES-OAEP 3072 bit key with a SHA1 digest. - - RSAES-OAEP 4096 bit key with a SHA1 digest. - >- - ECDSA on the NIST P-256 curve with a SHA256 digest. Other hash - functions can also be used: - https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + The wrapping key for this job is still being generated. It may not + be used. Cloud KMS will automatically mark this job as ACTIVE as + soon as the wrapping key is generated. - >- - ECDSA on the NIST P-384 curve with a SHA384 digest. Other hash - functions can also be used: - https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + This job may be used in CreateCryptoKey and CreateCryptoKeyVersion + requests. - >- - ECDSA on the non-NIST secp256k1 curve. This curve is only - supported for HSM protection level. Other hash functions can also - be used: - https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms - - EdDSA on the Curve25519 in pure mode (taking data as input). - - HMAC-SHA256 signing with a 256 bit key. - - HMAC-SHA1 signing with a 160 bit key. - - HMAC-SHA384 signing with a 384 bit key. - - HMAC-SHA512 signing with a 512 bit key. - - HMAC-SHA224 signing with a 224 bit key. + This job can no longer be used and may not leave this state once + entered. + generateTime: + format: google-datetime + description: Output only. The time this ImportJob's key material was generated. + type: string + readOnly: true + importMethod: + enum: + - IMPORT_METHOD_UNSPECIFIED + - RSA_OAEP_3072_SHA1_AES_256 + - RSA_OAEP_4096_SHA1_AES_256 + - RSA_OAEP_3072_SHA256_AES_256 + - RSA_OAEP_4096_SHA256_AES_256 + - RSA_OAEP_3072_SHA256 + - RSA_OAEP_4096_SHA256 + enumDescriptions: + - Not specified. - >- - Algorithm representing symmetric encryption by an external key - manager. - - ML-KEM-768 (FIPS 203) - - ML-KEM-1024 (FIPS 203) + This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping + scheme defined in the PKCS #11 standard. In summary, this involves + wrapping the raw key with an ephemeral AES key, and wrapping the + ephemeral AES key with a 3072 bit RSA key. For more details, see + [RSA AES key wrap + mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908). - >- - X-Wing hybrid KEM combining ML-KEM-768 with X25519 following - datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/. + This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping + scheme defined in the PKCS #11 standard. In summary, this involves + wrapping the raw key with an ephemeral AES key, and wrapping the + ephemeral AES key with a 4096 bit RSA key. For more details, see + [RSA AES key wrap + mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908). - >- - The post-quantum Module-Lattice-Based Digital Signature Algorithm, - at security level 3. Randomized version. + This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping + scheme defined in the PKCS #11 standard. In summary, this involves + wrapping the raw key with an ephemeral AES key, and wrapping the + ephemeral AES key with a 3072 bit RSA key. For more details, see + [RSA AES key wrap + mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908). - >- - The post-quantum stateless hash-based digital signature algorithm, - at security level 1. Randomized version. + This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping + scheme defined in the PKCS #11 standard. In summary, this involves + wrapping the raw key with an ephemeral AES key, and wrapping the + ephemeral AES key with a 4096 bit RSA key. For more details, see + [RSA AES key wrap + mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908). - >- - The post-quantum stateless hash-based digital signature algorithm, - at security level 1. Randomized pre-hash version supporting SHA256 - digests. - enum: - - CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED - - GOOGLE_SYMMETRIC_ENCRYPTION - - AES_128_GCM - - AES_256_GCM - - AES_128_CBC - - AES_256_CBC - - AES_128_CTR - - AES_256_CTR - - RSA_SIGN_PSS_2048_SHA256 - - RSA_SIGN_PSS_3072_SHA256 - - RSA_SIGN_PSS_4096_SHA256 - - RSA_SIGN_PSS_4096_SHA512 - - RSA_SIGN_PKCS1_2048_SHA256 - - RSA_SIGN_PKCS1_3072_SHA256 - - RSA_SIGN_PKCS1_4096_SHA256 - - RSA_SIGN_PKCS1_4096_SHA512 - - RSA_SIGN_RAW_PKCS1_2048 - - RSA_SIGN_RAW_PKCS1_3072 - - RSA_SIGN_RAW_PKCS1_4096 - - RSA_DECRYPT_OAEP_2048_SHA256 - - RSA_DECRYPT_OAEP_3072_SHA256 - - RSA_DECRYPT_OAEP_4096_SHA256 - - RSA_DECRYPT_OAEP_4096_SHA512 - - RSA_DECRYPT_OAEP_2048_SHA1 - - RSA_DECRYPT_OAEP_3072_SHA1 - - RSA_DECRYPT_OAEP_4096_SHA1 - - EC_SIGN_P256_SHA256 - - EC_SIGN_P384_SHA384 - - EC_SIGN_SECP256K1_SHA256 - - EC_SIGN_ED25519 - - HMAC_SHA256 - - HMAC_SHA1 - - HMAC_SHA384 - - HMAC_SHA512 - - HMAC_SHA224 - - EXTERNAL_SYMMETRIC_ENCRYPTION - - ML_KEM_768 - - ML_KEM_1024 - - KEM_XWING - - PQ_SIGN_ML_DSA_65 - - PQ_SIGN_SLH_DSA_SHA2_128S - - PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256 - attestation: - description: >- - Output only. Statement that was generated and signed by the HSM at - key creation time. Use this statement to verify attributes of the - key as stored on the HSM, independently of Google. Only provided for - key versions with protection_level HSM. - readOnly: true - $ref: '#/components/schemas/KeyOperationAttestation' - createTime: - description: Output only. The time at which this CryptoKeyVersion was created. - readOnly: true + This ImportMethod represents RSAES-OAEP with a 3072 bit RSA key. + The key material to be imported is wrapped directly with the RSA + key. Due to technical limitations of RSA wrapping, this method + cannot be used to wrap RSA keys for import. + - >- + This ImportMethod represents RSAES-OAEP with a 4096 bit RSA key. + The key material to be imported is wrapped directly with the RSA + key. Due to technical limitations of RSA wrapping, this method + cannot be used to wrap RSA keys for import. type: string - format: google-datetime - generateTime: description: >- - Output only. The time this CryptoKeyVersion's key material was - generated. - readOnly: true - type: string + Required. Immutable. The wrapping method to be used for incoming key + material. + expireEventTime: format: google-datetime - destroyTime: - description: >- - Output only. The time this CryptoKeyVersion's key material is - scheduled for destruction. Only present if state is - DESTROY_SCHEDULED. readOnly: true type: string - format: google-datetime - destroyEventTime: description: >- - Output only. The time this CryptoKeyVersion's key material was - destroyed. Only present if state is DESTROYED. + Output only. The time this ImportJob expired. Only present if state + is EXPIRED. + createTime: + description: Output only. The time at which this ImportJob was created. readOnly: true - type: string format: google-datetime - importJob: - description: >- - Output only. The name of the ImportJob used in the most recent - import of this CryptoKeyVersion. Only present if the underlying key - material was imported. - readOnly: true type: string - importTime: - description: >- - Output only. The time at which this CryptoKeyVersion's key material - was most recently imported. - readOnly: true + name: type: string - format: google-datetime - importFailureReason: - description: >- - Output only. The root cause of the most recent import failure. Only - present if state is IMPORT_FAILED. readOnly: true - type: string - generationFailureReason: description: >- - Output only. The root cause of the most recent generation failure. - Only present if state is GENERATION_FAILED. - readOnly: true + Output only. The resource name for this ImportJob in the format + `projects/*/locations/*/keyRings/*/importJobs/*`. + id: ImportJob + type: object + description: >- + An ImportJob can be used to create CryptoKeys and CryptoKeyVersions + using pre-existing key material, generated outside of Cloud KMS. When an + ImportJob is created, Cloud KMS will generate a "wrapping key", which is + a public/private key pair. You use the wrapping key to encrypt (also + known as wrap) the pre-existing key material to protect it during the + import process. The nature of the wrapping key depends on the choice of + import_method. When the wrapping key generation is complete, the state + will be set to ACTIVE and the public_key can be fetched. The fetched + public key can then be used to wrap your pre-existing key material. Once + the key material is wrapped, it can be imported into a new + CryptoKeyVersion in an existing CryptoKey by calling + ImportCryptoKeyVersion. Multiple CryptoKeyVersions can be imported with + a single ImportJob. Cloud KMS uses the private key portion of the + wrapping key to unwrap the key material. Only Cloud KMS has access to + the private key. An ImportJob expires 3 days after it is created. Once + expired, Cloud KMS will no longer be able to import or unwrap any key + material that was wrapped with the ImportJob's public key. For more + information, see [Importing a + key](https://cloud.google.com/kms/docs/importing-a-key). + ServiceResolver: + type: object + description: >- + A ServiceResolver represents an EKM replica that can be reached within + an EkmConnection. + id: ServiceResolver + properties: + serviceDirectoryService: + description: >- + Required. The resource name of the Service Directory service + pointing to an EKM replica, in the format + `projects/*/locations/*/namespaces/*/services/*`. + type: string + endpointFilter: type: string - externalDestructionFailureReason: description: >- - Output only. The root cause of the most recent external destruction - failure. Only present if state is EXTERNAL_DESTRUCTION_FAILED. - readOnly: true + Optional. The filter applied to the endpoints of the resolved + service. If no filter is specified, all endpoints will be + considered. An endpoint will be chosen arbitrarily from the filtered + list for each request. For endpoint filter syntax and examples, see + https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest. + hostname: type: string - externalProtectionLevelOptions: description: >- - ExternalProtectionLevelOptions stores a group of additional fields - for configuring a CryptoKeyVersion that are specific to the EXTERNAL - protection level and EXTERNAL_VPC protection levels. - $ref: '#/components/schemas/ExternalProtectionLevelOptions' - reimportEligible: + Required. The hostname of the EKM replica used at TLS and HTTP + layers. + serverCertificates: + type: array + items: + $ref: '#/components/schemas/Certificate' description: >- - Output only. Whether or not this key version is eligible for - reimport, by being specified as a target in - ImportCryptoKeyVersionRequest.crypto_key_version. - readOnly: true - type: boolean - KeyOperationAttestation: - id: KeyOperationAttestation - description: >- - Contains an HSM-generated attestation about a key operation. For more - information, see [Verifying attestations] - (https://cloud.google.com/kms/docs/attest-key). + Required. A list of leaf server certificates used to authenticate + HTTPS connections to the EKM replica. Currently, a maximum of 10 + Certificate is supported. + RestoreCryptoKeyVersionRequest: type: object + properties: {} + id: RestoreCryptoKeyVersionRequest + description: Request message for KeyManagementService.RestoreCryptoKeyVersion. + KeyRing: + description: A KeyRing is a toplevel logical grouping of CryptoKeys. + id: KeyRing properties: - format: - description: Output only. The format of the attestation data. - readOnly: true - type: string - enumDescriptions: - - Not specified. - - >- - Cavium HSM attestation compressed with gzip. Note that this format - is defined by Cavium and subject to change at any time. See - https://www.marvell.com/products/security-solutions/nitrox-hs-adapters/software-key-attestation.html. - - >- - Cavium HSM attestation V2 compressed with gzip. This is a new - format introduced in Cavium's version 3.2-08. - enum: - - ATTESTATION_FORMAT_UNSPECIFIED - - CAVIUM_V1_COMPRESSED - - CAVIUM_V2_COMPRESSED - content: + name: description: >- - Output only. The attestation data provided by the HSM when the key - operation was performed. + Output only. The resource name for the KeyRing in the format + `projects/*/locations/*/keyRings/*`. readOnly: true type: string - format: byte - certChains: - description: >- - Output only. The certificate chains needed to validate the - attestation + createTime: readOnly: true - $ref: '#/components/schemas/CertificateChains' - CertificateChains: - id: CertificateChains - description: >- - Certificate chains needed to verify the attestation. Certificates in - chains are PEM-encoded and are ordered based on - https://tools.ietf.org/html/rfc5246#section-7.4.2. + format: google-datetime + description: Output only. The time at which this KeyRing was created. + type: string type: object + ListCryptoKeyVersionsResponse: properties: - caviumCerts: - description: Cavium certificate chain corresponding to the attestation. + totalSize: + format: int32 + type: integer + description: >- + The total number of CryptoKeyVersions that matched the query. This + field is not populated if ListCryptoKeyVersionsRequest.filter is + applied. + nextPageToken: + description: >- + A token to retrieve next page of results. Pass this value in + ListCryptoKeyVersionsRequest.page_token to retrieve the next page of + results. + type: string + cryptoKeyVersions: + description: The list of CryptoKeyVersions. type: array items: - type: string - googleCardCerts: - description: Google card certificate chain corresponding to the attestation. - type: array + $ref: '#/components/schemas/CryptoKeyVersion' + description: Response message for KeyManagementService.ListCryptoKeyVersions. + type: object + id: ListCryptoKeyVersionsResponse + AuditConfig: + properties: + auditLogConfigs: + description: The configuration for logging of each type of permission. items: - type: string - googlePartitionCerts: - description: Google partition certificate chain corresponding to the attestation. + $ref: '#/components/schemas/AuditLogConfig' type: array - items: - type: string - ExternalProtectionLevelOptions: - id: ExternalProtectionLevelOptions + service: + description: >- + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + type: string + id: AuditConfig description: >- - ExternalProtectionLevelOptions stores a group of additional fields for - configuring a CryptoKeyVersion that are specific to the EXTERNAL - protection level and EXTERNAL_VPC protection levels. + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. type: object + AsymmetricSignRequest: properties: - externalKeyUri: + digestCrc32c: + format: int64 + type: string description: >- - The URI for an external resource that this CryptoKeyVersion - represents. + Optional. An optional CRC32C checksum of the + AsymmetricSignRequest.digest. If specified, KeyManagementService + will verify the integrity of the received + AsymmetricSignRequest.digest using this checksum. + KeyManagementService will report an error if the checksum + verification fails. If you receive a checksum error, your client + should verify that CRC32C(AsymmetricSignRequest.digest) is equal to + AsymmetricSignRequest.digest_crc32c, and if so, perform a limited + number of retries. A persistent mismatch may indicate an issue in + your computation of the CRC32C checksum. Note: This field is defined + as int64 for reasons of compatibility across different languages. + However, it is a non-negative integer, which will never exceed + 2^32-1, and can be safely downconverted to uint32 in languages that + support this type. + digest: + $ref: '#/components/schemas/Digest' + description: >- + Optional. The digest of the data to sign. The digest must be + produced with the same digest algorithm as specified by the key + version's algorithm. This field may not be supplied if + AsymmetricSignRequest.data is supplied. + data: + format: byte type: string + description: >- + Optional. The data to sign. It can't be supplied if + AsymmetricSignRequest.digest is supplied. + dataCrc32c: + type: string + description: >- + Optional. An optional CRC32C checksum of the + AsymmetricSignRequest.data. If specified, KeyManagementService will + verify the integrity of the received AsymmetricSignRequest.data + using this checksum. KeyManagementService will report an error if + the checksum verification fails. If you receive a checksum error, + your client should verify that CRC32C(AsymmetricSignRequest.data) is + equal to AsymmetricSignRequest.data_crc32c, and if so, perform a + limited number of retries. A persistent mismatch may indicate an + issue in your computation of the CRC32C checksum. Note: This field + is defined as int64 for reasons of compatibility across different + languages. However, it is a non-negative integer, which will never + exceed 2^32-1, and can be safely downconverted to uint32 in + languages that support this type. + format: int64 + description: Request message for KeyManagementService.AsymmetricSign. + type: object + id: AsymmetricSignRequest + ExternalProtectionLevelOptions: + id: ExternalProtectionLevelOptions + properties: ekmConnectionKeyPath: + type: string description: >- The path to the external key material on the EKM when using EkmConnection e.g., "v0/my/key". Set this field instead of external_key_uri when using an EkmConnection. + externalKeyUri: type: string - CryptoKeyVersionTemplate: - id: CryptoKeyVersionTemplate + description: >- + The URI for an external resource that this CryptoKeyVersion + represents. description: >- - A CryptoKeyVersionTemplate specifies the properties to use when creating - a new CryptoKeyVersion, either manually with CreateCryptoKeyVersion or - automatically as a result of auto-rotation. + ExternalProtectionLevelOptions stores a group of additional fields for + configuring a CryptoKeyVersion that are specific to the EXTERNAL + protection level and EXTERNAL_VPC protection levels. + type: object + UpdateCryptoKeyPrimaryVersionRequest: type: object + description: Request message for KeyManagementService.UpdateCryptoKeyPrimaryVersion. properties: - protectionLevel: + cryptoKeyVersionId: + description: Required. The id of the child CryptoKeyVersion to use as primary. + type: string + id: UpdateCryptoKeyPrimaryVersionRequest + GenerateRandomBytesResponse: + description: Response message for KeyManagementService.GenerateRandomBytes. + properties: + dataCrc32c: + format: int64 description: >- - ProtectionLevel to use when creating a CryptoKeyVersion based on - this template. Immutable. Defaults to SOFTWARE. + Integrity verification field. A CRC32C checksum of the returned + GenerateRandomBytesResponse.data. An integrity check of + GenerateRandomBytesResponse.data can be performed by computing the + CRC32C checksum of GenerateRandomBytesResponse.data and comparing + your results to this field. Discard the response in case of + non-matching checksum values, and perform a limited number of + retries. A persistent mismatch may indicate an issue in your + computation of the CRC32C checksum. Note: This field is defined as + int64 for reasons of compatibility across different languages. + However, it is a non-negative integer, which will never exceed + 2^32-1, and can be safely downconverted to uint32 in languages that + support this type. + type: string + data: + description: The generated data. + type: string + format: byte + id: GenerateRandomBytesResponse + type: object + MacVerifyResponse: + description: Response message for KeyManagementService.MacVerify. + id: MacVerifyResponse + properties: + name: + description: >- + The resource name of the CryptoKeyVersion used for verification. + Check this field to verify that the intended resource was used for + verification. + type: string + success: + description: >- + This field indicates whether or not the verification operation for + MacVerifyRequest.mac over MacVerifyRequest.data was successful. + type: boolean + verifiedMacCrc32c: + description: >- + Integrity verification field. A flag indicating whether + MacVerifyRequest.mac_crc32c was received by KeyManagementService and + used for the integrity verification of the data. A false value of + this field indicates either that MacVerifyRequest.mac_crc32c was + left unset or that it was not delivered to KeyManagementService. If + you've set MacVerifyRequest.mac_crc32c but this field is still + false, discard the response and perform a limited number of retries. + type: boolean + verifiedSuccessIntegrity: + description: >- + Integrity verification field. This value is used for the integrity + verification of [MacVerifyResponse.success]. If the value of this + field contradicts the value of [MacVerifyResponse.success], discard + the response and perform a limited number of retries. + type: boolean + protectionLevel: + description: The ProtectionLevel of the CryptoKeyVersion used for verification. type: string + enum: + - PROTECTION_LEVEL_UNSPECIFIED + - SOFTWARE + - HSM + - EXTERNAL + - EXTERNAL_VPC + - HSM_SINGLE_TENANT enumDescriptions: - Not specified. - Crypto operations are performed in software. - Crypto operations are performed in a Hardware Security Module. - Crypto operations are performed by an external key manager. - Crypto operations are performed in an EKM-over-VPC backend. + - Crypto operations are performed in a single-tenant HSM. + verifiedDataCrc32c: + description: >- + Integrity verification field. A flag indicating whether + MacVerifyRequest.data_crc32c was received by KeyManagementService + and used for the integrity verification of the data. A false value + of this field indicates either that MacVerifyRequest.data_crc32c was + left unset or that it was not delivered to KeyManagementService. If + you've set MacVerifyRequest.data_crc32c but this field is still + false, discard the response and perform a limited number of retries. + type: boolean + type: object + CryptoKeyVersion: + properties: + externalProtectionLevelOptions: + $ref: '#/components/schemas/ExternalProtectionLevelOptions' + description: >- + ExternalProtectionLevelOptions stores a group of additional fields + for configuring a CryptoKeyVersion that are specific to the EXTERNAL + protection level and EXTERNAL_VPC protection levels. + externalDestructionFailureReason: + type: string + description: >- + Output only. The root cause of the most recent external destruction + failure. Only present if state is EXTERNAL_DESTRUCTION_FAILED. + readOnly: true + name: + readOnly: true + type: string + description: >- + Output only. The resource name for this CryptoKeyVersion in the + format + `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. + generateTime: + readOnly: true + format: google-datetime + description: >- + Output only. The time this CryptoKeyVersion's key material was + generated. + type: string + protectionLevel: + type: string + description: >- + Output only. The ProtectionLevel describing how crypto operations + are performed with this CryptoKeyVersion. enum: - PROTECTION_LEVEL_UNSPECIFIED - SOFTWARE - HSM - EXTERNAL - EXTERNAL_VPC - algorithm: + - HSM_SINGLE_TENANT + enumDescriptions: + - Not specified. + - Crypto operations are performed in software. + - Crypto operations are performed in a Hardware Security Module. + - Crypto operations are performed by an external key manager. + - Crypto operations are performed in an EKM-over-VPC backend. + - Crypto operations are performed in a single-tenant HSM. + readOnly: true + generationFailureReason: + readOnly: true + type: string description: >- - Required. Algorithm to use when creating a CryptoKeyVersion based on - this template. For backwards compatibility, - GOOGLE_SYMMETRIC_ENCRYPTION is implied if both this field is omitted - and CryptoKey.purpose is ENCRYPT_DECRYPT. + Output only. The root cause of the most recent generation failure. + Only present if state is GENERATION_FAILED. + importJob: + type: string + description: >- + Output only. The name of the ImportJob used in the most recent + import of this CryptoKeyVersion. Only present if the underlying key + material was imported. + readOnly: true + importTime: + type: string + format: google-datetime + description: >- + Output only. The time at which this CryptoKeyVersion's key material + was most recently imported. + readOnly: true + destroyTime: + readOnly: true type: string + format: google-datetime + description: >- + Output only. The time this CryptoKeyVersion's key material is + scheduled for destruction. Only present if state is + DESTROY_SCHEDULED. + state: + enum: + - CRYPTO_KEY_VERSION_STATE_UNSPECIFIED + - PENDING_GENERATION + - ENABLED + - DISABLED + - DESTROYED + - DESTROY_SCHEDULED + - PENDING_IMPORT + - IMPORT_FAILED + - GENERATION_FAILED + - PENDING_EXTERNAL_DESTRUCTION + - EXTERNAL_DESTRUCTION_FAILED + description: The current state of the CryptoKeyVersion. enumDescriptions: - Not specified. - - Creates symmetric encryption keys. - - AES-GCM (Galois Counter Mode) using 128-bit keys. - - AES-GCM (Galois Counter Mode) using 256-bit keys. - - AES-CBC (Cipher Block Chaining Mode) using 128-bit keys. - - AES-CBC (Cipher Block Chaining Mode) using 256-bit keys. - - AES-CTR (Counter Mode) using 128-bit keys. - - AES-CTR (Counter Mode) using 256-bit keys. - - RSASSA-PSS 2048 bit key with a SHA256 digest. - - RSASSA-PSS 3072 bit key with a SHA256 digest. - - RSASSA-PSS 4096 bit key with a SHA256 digest. - - RSASSA-PSS 4096 bit key with a SHA512 digest. - - RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. - - RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. - - RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. - - RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. - - RSASSA-PKCS1-v1_5 signing without encoding, with a 2048 bit key. - - RSASSA-PKCS1-v1_5 signing without encoding, with a 3072 bit key. - - RSASSA-PKCS1-v1_5 signing without encoding, with a 4096 bit key. - - RSAES-OAEP 2048 bit key with a SHA256 digest. - - RSAES-OAEP 3072 bit key with a SHA256 digest. - - RSAES-OAEP 4096 bit key with a SHA256 digest. - - RSAES-OAEP 4096 bit key with a SHA512 digest. - - RSAES-OAEP 2048 bit key with a SHA1 digest. - - RSAES-OAEP 3072 bit key with a SHA1 digest. - - RSAES-OAEP 4096 bit key with a SHA1 digest. - >- - ECDSA on the NIST P-256 curve with a SHA256 digest. Other hash - functions can also be used: - https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + This version is still being generated. It may not be used, + enabled, disabled, or destroyed yet. Cloud KMS will automatically + mark this version ENABLED as soon as the version is ready. + - This version may be used for cryptographic operations. - >- - ECDSA on the NIST P-384 curve with a SHA384 digest. Other hash - functions can also be used: - https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + This version may not be used, but the key material is still + available, and the version can be placed back into the ENABLED + state. - >- - ECDSA on the non-NIST secp256k1 curve. This curve is only - supported for HSM protection level. Other hash functions can also - be used: - https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms - - EdDSA on the Curve25519 in pure mode (taking data as input). - - HMAC-SHA256 signing with a 256 bit key. - - HMAC-SHA1 signing with a 160 bit key. - - HMAC-SHA384 signing with a 384 bit key. - - HMAC-SHA512 signing with a 512 bit key. - - HMAC-SHA224 signing with a 224 bit key. + The key material of this version is destroyed and no longer + stored. This version may only become ENABLED again if this version + is reimport_eligible and the original key material is reimported + with a call to KeyManagementService.ImportCryptoKeyVersion. - >- - Algorithm representing symmetric encryption by an external key - manager. - - ML-KEM-768 (FIPS 203) - - ML-KEM-1024 (FIPS 203) + This version is scheduled for destruction, and will be destroyed + soon. Call RestoreCryptoKeyVersion to put it back into the + DISABLED state. - >- - X-Wing hybrid KEM combining ML-KEM-768 with X25519 following - datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/. + This version is still being imported. It may not be used, enabled, + disabled, or destroyed yet. Cloud KMS will automatically mark this + version ENABLED as soon as the version is ready. - >- - The post-quantum Module-Lattice-Based Digital Signature Algorithm, - at security level 3. Randomized version. + This version was not imported successfully. It may not be used, + enabled, disabled, or destroyed. The submitted key material has + been discarded. Additional details can be found in + CryptoKeyVersion.import_failure_reason. - >- - The post-quantum stateless hash-based digital signature algorithm, - at security level 1. Randomized version. + This version was not generated successfully. It may not be used, + enabled, disabled, or destroyed. Additional details can be found + in CryptoKeyVersion.generation_failure_reason. - >- - The post-quantum stateless hash-based digital signature algorithm, - at security level 1. Randomized pre-hash version supporting SHA256 - digests. + This version was destroyed, and it may not be used or enabled + again. Cloud KMS is waiting for the corresponding key material + residing in an external key manager to be destroyed. + - >- + This version was destroyed, and it may not be used or enabled + again. However, Cloud KMS could not confirm that the corresponding + key material residing in an external key manager was destroyed. + Additional details can be found in + CryptoKeyVersion.external_destruction_failure_reason. + type: string + destroyEventTime: + format: google-datetime + type: string + readOnly: true + description: >- + Output only. The time this CryptoKeyVersion's key material was + destroyed. Only present if state is DESTROYED. + importFailureReason: + type: string + readOnly: true + description: >- + Output only. The root cause of the most recent import failure. Only + present if state is IMPORT_FAILED. + algorithm: + description: >- + Output only. The CryptoKeyVersionAlgorithm that this + CryptoKeyVersion supports. enum: - CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED - GOOGLE_SYMMETRIC_ENCRYPTION @@ -1260,856 +1577,432 @@ components: - ML_KEM_768 - ML_KEM_1024 - KEM_XWING + - PQ_SIGN_ML_DSA_44 - PQ_SIGN_ML_DSA_65 + - PQ_SIGN_ML_DSA_87 - PQ_SIGN_SLH_DSA_SHA2_128S - PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256 - ListCryptoKeyVersionsResponse: - id: ListCryptoKeyVersionsResponse - description: Response message for KeyManagementService.ListCryptoKeyVersions. - type: object - properties: - cryptoKeyVersions: - description: The list of CryptoKeyVersions. - type: array - items: - $ref: '#/components/schemas/CryptoKeyVersion' - nextPageToken: - description: >- - A token to retrieve next page of results. Pass this value in - ListCryptoKeyVersionsRequest.page_token to retrieve the next page of - results. - type: string - totalSize: - description: >- - The total number of CryptoKeyVersions that matched the query. This - field is not populated if ListCryptoKeyVersionsRequest.filter is - applied. - type: integer - format: int32 - ListImportJobsResponse: - id: ListImportJobsResponse - description: Response message for KeyManagementService.ListImportJobs. - type: object - properties: - importJobs: - description: The list of ImportJobs. - type: array - items: - $ref: '#/components/schemas/ImportJob' - nextPageToken: - description: >- - A token to retrieve next page of results. Pass this value in - ListImportJobsRequest.page_token to retrieve the next page of - results. + - PQ_SIGN_ML_DSA_44_EXTERNAL_MU + - PQ_SIGN_ML_DSA_65_EXTERNAL_MU + - PQ_SIGN_ML_DSA_87_EXTERNAL_MU type: string - totalSize: - description: >- - The total number of ImportJobs that matched the query. This field is - not populated if ListImportJobsRequest.filter is applied. - type: integer - format: int32 - ImportJob: - id: ImportJob - description: >- - An ImportJob can be used to create CryptoKeys and CryptoKeyVersions - using pre-existing key material, generated outside of Cloud KMS. When an - ImportJob is created, Cloud KMS will generate a "wrapping key", which is - a public/private key pair. You use the wrapping key to encrypt (also - known as wrap) the pre-existing key material to protect it during the - import process. The nature of the wrapping key depends on the choice of - import_method. When the wrapping key generation is complete, the state - will be set to ACTIVE and the public_key can be fetched. The fetched - public key can then be used to wrap your pre-existing key material. Once - the key material is wrapped, it can be imported into a new - CryptoKeyVersion in an existing CryptoKey by calling - ImportCryptoKeyVersion. Multiple CryptoKeyVersions can be imported with - a single ImportJob. Cloud KMS uses the private key portion of the - wrapping key to unwrap the key material. Only Cloud KMS has access to - the private key. An ImportJob expires 3 days after it is created. Once - expired, Cloud KMS will no longer be able to import or unwrap any key - material that was wrapped with the ImportJob's public key. For more - information, see [Importing a - key](https://cloud.google.com/kms/docs/importing-a-key). - type: object - properties: - name: - description: >- - Output only. The resource name for this ImportJob in the format - `projects/*/locations/*/keyRings/*/importJobs/*`. readOnly: true - type: string - importMethod: - description: >- - Required. Immutable. The wrapping method to be used for incoming key - material. - type: string enumDescriptions: - Not specified. + - Creates symmetric encryption keys. + - AES-GCM (Galois Counter Mode) using 128-bit keys. + - AES-GCM (Galois Counter Mode) using 256-bit keys. + - AES-CBC (Cipher Block Chaining Mode) using 128-bit keys. + - AES-CBC (Cipher Block Chaining Mode) using 256-bit keys. + - AES-CTR (Counter Mode) using 128-bit keys. + - AES-CTR (Counter Mode) using 256-bit keys. + - RSASSA-PSS 2048 bit key with a SHA256 digest. + - RSASSA-PSS 3072 bit key with a SHA256 digest. + - RSASSA-PSS 4096 bit key with a SHA256 digest. + - RSASSA-PSS 4096 bit key with a SHA512 digest. + - RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. + - RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. + - RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. + - RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. + - RSASSA-PKCS1-v1_5 signing without encoding, with a 2048 bit key. + - RSASSA-PKCS1-v1_5 signing without encoding, with a 3072 bit key. + - RSASSA-PKCS1-v1_5 signing without encoding, with a 4096 bit key. + - RSAES-OAEP 2048 bit key with a SHA256 digest. + - RSAES-OAEP 3072 bit key with a SHA256 digest. + - RSAES-OAEP 4096 bit key with a SHA256 digest. + - RSAES-OAEP 4096 bit key with a SHA512 digest. + - RSAES-OAEP 2048 bit key with a SHA1 digest. + - RSAES-OAEP 3072 bit key with a SHA1 digest. + - RSAES-OAEP 4096 bit key with a SHA1 digest. - >- - This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping - scheme defined in the PKCS #11 standard. In summary, this involves - wrapping the raw key with an ephemeral AES key, and wrapping the - ephemeral AES key with a 3072 bit RSA key. For more details, see - [RSA AES key wrap - mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908). + ECDSA on the NIST P-256 curve with a SHA256 digest. Other hash + functions can also be used: + https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms - >- - This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping - scheme defined in the PKCS #11 standard. In summary, this involves - wrapping the raw key with an ephemeral AES key, and wrapping the - ephemeral AES key with a 4096 bit RSA key. For more details, see - [RSA AES key wrap - mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908). + ECDSA on the NIST P-384 curve with a SHA384 digest. Other hash + functions can also be used: + https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms - >- - This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping - scheme defined in the PKCS #11 standard. In summary, this involves - wrapping the raw key with an ephemeral AES key, and wrapping the - ephemeral AES key with a 3072 bit RSA key. For more details, see - [RSA AES key wrap - mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908). + ECDSA on the non-NIST secp256k1 curve. This curve is only + supported for HSM protection level. Other hash functions can also + be used: + https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + - EdDSA on the Curve25519 in pure mode (taking data as input). + - HMAC-SHA256 signing with a 256 bit key. + - HMAC-SHA1 signing with a 160 bit key. + - HMAC-SHA384 signing with a 384 bit key. + - HMAC-SHA512 signing with a 512 bit key. + - HMAC-SHA224 signing with a 224 bit key. - >- - This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping - scheme defined in the PKCS #11 standard. In summary, this involves - wrapping the raw key with an ephemeral AES key, and wrapping the - ephemeral AES key with a 4096 bit RSA key. For more details, see - [RSA AES key wrap - mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908). + Algorithm representing symmetric encryption by an external key + manager. + - ML-KEM-768 (FIPS 203) + - ML-KEM-1024 (FIPS 203) - >- - This ImportMethod represents RSAES-OAEP with a 3072 bit RSA key. - The key material to be imported is wrapped directly with the RSA - key. Due to technical limitations of RSA wrapping, this method - cannot be used to wrap RSA keys for import. + X-Wing hybrid KEM combining ML-KEM-768 with X25519 following + datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/. - >- - This ImportMethod represents RSAES-OAEP with a 4096 bit RSA key. - The key material to be imported is wrapped directly with the RSA - key. Due to technical limitations of RSA wrapping, this method - cannot be used to wrap RSA keys for import. - enum: - - IMPORT_METHOD_UNSPECIFIED - - RSA_OAEP_3072_SHA1_AES_256 - - RSA_OAEP_4096_SHA1_AES_256 - - RSA_OAEP_3072_SHA256_AES_256 - - RSA_OAEP_4096_SHA256_AES_256 - - RSA_OAEP_3072_SHA256 - - RSA_OAEP_4096_SHA256 - protectionLevel: - description: >- - Required. Immutable. The protection level of the ImportJob. This - must match the protection_level of the version_template on the - CryptoKey you attempt to import into. - type: string - enumDescriptions: - - Not specified. - - Crypto operations are performed in software. - - Crypto operations are performed in a Hardware Security Module. - - Crypto operations are performed by an external key manager. - - Crypto operations are performed in an EKM-over-VPC backend. - enum: - - PROTECTION_LEVEL_UNSPECIFIED - - SOFTWARE - - HSM - - EXTERNAL - - EXTERNAL_VPC - createTime: - description: Output only. The time at which this ImportJob was created. + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 1. Randomized version. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 3. Randomized version. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 5. Randomized version. + - >- + The post-quantum stateless hash-based digital signature algorithm, + at security level 1. Randomized version. + - >- + The post-quantum stateless hash-based digital signature algorithm, + at security level 1. Randomized pre-hash version supporting SHA256 + digests. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 1. Randomized version supporting + externally-computed message representatives. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 3. Randomized version supporting + externally-computed message representatives. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 5. Randomized version supporting + externally-computed message representatives. + reimportEligible: + description: >- + Output only. Whether or not this key version is eligible for + reimport, by being specified as a target in + ImportCryptoKeyVersionRequest.crypto_key_version. + type: boolean readOnly: true - type: string + attestation: + readOnly: true + description: >- + Output only. Statement that was generated and signed by the HSM at + key creation time. Use this statement to verify attributes of the + key as stored on the HSM, independently of Google. Only provided for + key versions with protection_level HSM. + $ref: '#/components/schemas/KeyOperationAttestation' + createTime: format: google-datetime - generateTime: - description: Output only. The time this ImportJob's key material was generated. readOnly: true + description: Output only. The time at which this CryptoKeyVersion was created. type: string - format: google-datetime - expireTime: + id: CryptoKeyVersion + description: >- + A CryptoKeyVersion represents an individual cryptographic key, and the + associated key material. An ENABLED version can be used for + cryptographic operations. For security reasons, the raw cryptographic + key material represented by a CryptoKeyVersion can never be viewed or + exported. It can only be used to encrypt, decrypt, or sign data when an + authorized user or application invokes Cloud KMS. + type: object + Certificate: + description: >- + A Certificate represents an X.509 certificate used to authenticate HTTPS + connections to EKM replicas. + properties: + subject: + readOnly: true description: >- - Output only. The time at which this ImportJob is scheduled for - expiration and can no longer be used to import key material. + Output only. The subject distinguished name in RFC 2253 format. Only + present if parsed is true. + type: string + serialNumber: readOnly: true type: string - format: google-datetime - expireEventTime: description: >- - Output only. The time this ImportJob expired. Only present if state - is EXPIRED. + Output only. The certificate serial number as a hex string. Only + present if parsed is true. + parsed: readOnly: true + description: Output only. True if the certificate was parsed successfully. + type: boolean + notBeforeTime: type: string + description: >- + Output only. The certificate is not valid before this time. Only + present if parsed is true. + readOnly: true format: google-datetime - state: + issuer: + type: string description: >- - Output only. The current state of the ImportJob, indicating if it - can be used. + Output only. The issuer distinguished name in RFC 2253 format. Only + present if parsed is true. + readOnly: true + subjectAlternativeDnsNames: readOnly: true + description: >- + Output only. The subject Alternative DNS names. Only present if + parsed is true. + items: + type: string + type: array + rawDer: + format: byte + description: Required. The raw certificate bytes in DER format. type: string - enumDescriptions: - - Not specified. - - >- - The wrapping key for this job is still being generated. It may not - be used. Cloud KMS will automatically mark this job as ACTIVE as - soon as the wrapping key is generated. - - >- - This job may be used in CreateCryptoKey and CreateCryptoKeyVersion - requests. - - >- - This job can no longer be used and may not leave this state once - entered. - enum: - - IMPORT_JOB_STATE_UNSPECIFIED - - PENDING_GENERATION - - ACTIVE - - EXPIRED - publicKey: + notAfterTime: + format: google-datetime description: >- - Output only. The public key with which to wrap key material prior to - import. Only returned if state is ACTIVE. + Output only. The certificate is not valid after this time. Only + present if parsed is true. + type: string readOnly: true - $ref: '#/components/schemas/WrappingPublicKey' - attestation: + sha256Fingerprint: description: >- - Output only. Statement that was generated and signed by the key - creator (for example, an HSM) at key creation time. Use this - statement to verify attributes of the key as stored on the HSM, - independently of Google. Only present if the chosen ImportMethod is - one with a protection level of HSM. + Output only. The SHA-256 certificate fingerprint as a hex string. + Only present if parsed is true. + type: string readOnly: true - $ref: '#/components/schemas/KeyOperationAttestation' - WrappingPublicKey: - id: WrappingPublicKey - description: >- - The public key component of the wrapping key. For details of the type of - key this public key corresponds to, see the ImportMethod. + id: Certificate + type: object + KeyHandle: type: object properties: - pem: + name: + type: string description: >- - The public key, encoded in PEM format. For more information, see the - [RFC 7468](https://tools.ietf.org/html/rfc7468) sections for - [General - Considerations](https://tools.ietf.org/html/rfc7468#section-2) and - [Textual Encoding of Subject Public Key Info] - (https://tools.ietf.org/html/rfc7468#section-13). + Identifier. Name of the KeyHandle resource, e.g. + `projects/{PROJECT_ID}/locations/{LOCATION}/keyHandles/{KEY_HANDLE_ID}`. + kmsKey: type: string - PublicKey: - id: PublicKey - description: The public keys for a given CryptoKeyVersion. Obtained via GetPublicKey. - type: object - properties: - pem: + readOnly: true description: >- - The public key, encoded in PEM format. For more information, see the - [RFC 7468](https://tools.ietf.org/html/rfc7468) sections for - [General - Considerations](https://tools.ietf.org/html/rfc7468#section-2) and - [Textual Encoding of Subject Public Key Info] - (https://tools.ietf.org/html/rfc7468#section-13). + Output only. Name of a CryptoKey that has been provisioned for + Customer Managed Encryption Key (CMEK) use in the KeyHandle project + and location for the requested resource type. The CryptoKey project + will reflect the value configured in the AutokeyConfig on the + resource project's ancestor folder at the time of the KeyHandle + creation. If more than one ancestor folder has a configured + AutokeyConfig, the nearest of these configurations is used. + resourceTypeSelector: + description: >- + Required. Indicates the resource type that the resulting CryptoKey + is meant to protect, e.g. `{SERVICE}.googleapis.com/{TYPE}`. See + documentation for supported resource types. type: string - algorithm: - description: The Algorithm associated with this key. + id: KeyHandle + description: >- + Resource-oriented representation of a request to Cloud KMS Autokey and + the resulting provisioning of a CryptoKey. + EkmConnection: + description: >- + An EkmConnection represents an individual EKM connection. It can be used + for creating CryptoKeys and CryptoKeyVersions with a ProtectionLevel of + EXTERNAL_VPC, as well as performing cryptographic operations using keys + created within the EkmConnection. + id: EkmConnection + properties: + createTime: + description: Output only. The time at which the EkmConnection was created. + type: string + readOnly: true + format: google-datetime + keyManagementMode: + enum: + - KEY_MANAGEMENT_MODE_UNSPECIFIED + - MANUAL + - CLOUD_KMS type: string + description: >- + Optional. Describes who can perform control plane operations on the + EKM. If unset, this defaults to MANUAL. enumDescriptions: - Not specified. - - Creates symmetric encryption keys. - - AES-GCM (Galois Counter Mode) using 128-bit keys. - - AES-GCM (Galois Counter Mode) using 256-bit keys. - - AES-CBC (Cipher Block Chaining Mode) using 128-bit keys. - - AES-CBC (Cipher Block Chaining Mode) using 256-bit keys. - - AES-CTR (Counter Mode) using 128-bit keys. - - AES-CTR (Counter Mode) using 256-bit keys. - - RSASSA-PSS 2048 bit key with a SHA256 digest. - - RSASSA-PSS 3072 bit key with a SHA256 digest. - - RSASSA-PSS 4096 bit key with a SHA256 digest. - - RSASSA-PSS 4096 bit key with a SHA512 digest. - - RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. - - RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. - - RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. - - RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. - - RSASSA-PKCS1-v1_5 signing without encoding, with a 2048 bit key. - - RSASSA-PKCS1-v1_5 signing without encoding, with a 3072 bit key. - - RSASSA-PKCS1-v1_5 signing without encoding, with a 4096 bit key. - - RSAES-OAEP 2048 bit key with a SHA256 digest. - - RSAES-OAEP 3072 bit key with a SHA256 digest. - - RSAES-OAEP 4096 bit key with a SHA256 digest. - - RSAES-OAEP 4096 bit key with a SHA512 digest. - - RSAES-OAEP 2048 bit key with a SHA1 digest. - - RSAES-OAEP 3072 bit key with a SHA1 digest. - - RSAES-OAEP 4096 bit key with a SHA1 digest. - >- - ECDSA on the NIST P-256 curve with a SHA256 digest. Other hash - functions can also be used: - https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms - - >- - ECDSA on the NIST P-384 curve with a SHA384 digest. Other hash - functions can also be used: - https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + EKM-side key management operations on CryptoKeys created with this + EkmConnection must be initiated from the EKM directly and cannot + be performed from Cloud KMS. This means that: * When creating a + CryptoKeyVersion associated with this EkmConnection, the caller + must supply the key path of pre-existing external key material + that will be linked to the CryptoKeyVersion. * Destruction of + external key material cannot be requested via the Cloud KMS API + and must be performed directly in the EKM. * Automatic rotation of + key material is not supported. - >- - ECDSA on the non-NIST secp256k1 curve. This curve is only - supported for HSM protection level. Other hash functions can also - be used: - https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms - - EdDSA on the Curve25519 in pure mode (taking data as input). - - HMAC-SHA256 signing with a 256 bit key. - - HMAC-SHA1 signing with a 160 bit key. - - HMAC-SHA384 signing with a 384 bit key. - - HMAC-SHA512 signing with a 512 bit key. - - HMAC-SHA224 signing with a 224 bit key. - - >- - Algorithm representing symmetric encryption by an external key - manager. - - ML-KEM-768 (FIPS 203) - - ML-KEM-1024 (FIPS 203) - - >- - X-Wing hybrid KEM combining ML-KEM-768 with X25519 following - datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/. - - >- - The post-quantum Module-Lattice-Based Digital Signature Algorithm, - at security level 3. Randomized version. - - >- - The post-quantum stateless hash-based digital signature algorithm, - at security level 1. Randomized version. - - >- - The post-quantum stateless hash-based digital signature algorithm, - at security level 1. Randomized pre-hash version supporting SHA256 - digests. - enum: - - CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED - - GOOGLE_SYMMETRIC_ENCRYPTION - - AES_128_GCM - - AES_256_GCM - - AES_128_CBC - - AES_256_CBC - - AES_128_CTR - - AES_256_CTR - - RSA_SIGN_PSS_2048_SHA256 - - RSA_SIGN_PSS_3072_SHA256 - - RSA_SIGN_PSS_4096_SHA256 - - RSA_SIGN_PSS_4096_SHA512 - - RSA_SIGN_PKCS1_2048_SHA256 - - RSA_SIGN_PKCS1_3072_SHA256 - - RSA_SIGN_PKCS1_4096_SHA256 - - RSA_SIGN_PKCS1_4096_SHA512 - - RSA_SIGN_RAW_PKCS1_2048 - - RSA_SIGN_RAW_PKCS1_3072 - - RSA_SIGN_RAW_PKCS1_4096 - - RSA_DECRYPT_OAEP_2048_SHA256 - - RSA_DECRYPT_OAEP_3072_SHA256 - - RSA_DECRYPT_OAEP_4096_SHA256 - - RSA_DECRYPT_OAEP_4096_SHA512 - - RSA_DECRYPT_OAEP_2048_SHA1 - - RSA_DECRYPT_OAEP_3072_SHA1 - - RSA_DECRYPT_OAEP_4096_SHA1 - - EC_SIGN_P256_SHA256 - - EC_SIGN_P384_SHA384 - - EC_SIGN_SECP256K1_SHA256 - - EC_SIGN_ED25519 - - HMAC_SHA256 - - HMAC_SHA1 - - HMAC_SHA384 - - HMAC_SHA512 - - HMAC_SHA224 - - EXTERNAL_SYMMETRIC_ENCRYPTION - - ML_KEM_768 - - ML_KEM_1024 - - KEM_XWING - - PQ_SIGN_ML_DSA_65 - - PQ_SIGN_SLH_DSA_SHA2_128S - - PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256 - pemCrc32c: - description: >- - Integrity verification field. A CRC32C checksum of the returned - PublicKey.pem. An integrity check of PublicKey.pem can be performed - by computing the CRC32C checksum of PublicKey.pem and comparing your - results to this field. Discard the response in case of non-matching - checksum values, and perform a limited number of retries. A - persistent mismatch may indicate an issue in your computation of the - CRC32C checksum. Note: This field is defined as int64 for reasons of - compatibility across different languages. However, it is a - non-negative integer, which will never exceed `2^32-1`, and can be - safely downconverted to uint32 in languages that support this type. - NOTE: This field is in Beta. - type: string - format: int64 - name: - description: >- - The name of the CryptoKeyVersion public key. Provided here for - verification. NOTE: This field is in Beta. - type: string - protectionLevel: - description: The ProtectionLevel of the CryptoKeyVersion public key. - type: string - enumDescriptions: - - Not specified. - - Crypto operations are performed in software. - - Crypto operations are performed in a Hardware Security Module. - - Crypto operations are performed by an external key manager. - - Crypto operations are performed in an EKM-over-VPC backend. - enum: - - PROTECTION_LEVEL_UNSPECIFIED - - SOFTWARE - - HSM - - EXTERNAL - - EXTERNAL_VPC - publicKeyFormat: - description: >- - The PublicKey format specified by the customer through the - public_key_format field. - type: string - enumDescriptions: - - >- - If the public_key_format field is not specified: - For PQC - algorithms, an error will be returned. - For non-PQC algorithms, - the default format is PEM, and the field pem will be populated. - Otherwise, the public key will be exported through the public_key - field in the requested format. - - >- - The returned public key will be encoded in PEM format. See the - [RFC7468](https://tools.ietf.org/html/rfc7468) sections for - [General - Considerations](https://tools.ietf.org/html/rfc7468#section-2) and - [Textual Encoding of Subject Public Key Info] - (https://tools.ietf.org/html/rfc7468#section-13) for more - information. - - >- - The returned public key will be encoded in DER format (the - PrivateKeyInfo structure from RFC 5208). - - >- - This is supported only for PQC algorithms. The key material is - returned in the format defined by NIST PQC standards (FIPS 203, - FIPS 204, and FIPS 205). - - >- - The returned public key is in raw bytes format defined in its - standard - https://datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem. - enum: - - PUBLIC_KEY_FORMAT_UNSPECIFIED - - PEM - - DER - - NIST_PQC - - XWING_RAW_BYTES - publicKey: - description: >- - This field contains the public key (with integrity verification), - formatted according to the public_key_format field. - $ref: '#/components/schemas/ChecksummedData' - ChecksummedData: - id: ChecksummedData - description: Data with integrity verification field. - type: object - properties: - data: - description: Raw Data. - type: string - format: byte - crc32cChecksum: - description: >- - Integrity verification field. A CRC32C checksum of the returned - ChecksummedData.data. An integrity check of ChecksummedData.data can - be performed by computing the CRC32C checksum of - ChecksummedData.data and comparing your results to this field. - Discard the response in case of non-matching checksum values, and - perform a limited number of retries. A persistent mismatch may - indicate an issue in your computation of the CRC32C checksum. Note: - This field is defined as int64 for reasons of compatibility across - different languages. However, it is a non-negative integer, which - will never exceed `2^32-1`, and can be safely downconverted to - uint32 in languages that support this type. - type: string - format: int64 - ImportCryptoKeyVersionRequest: - id: ImportCryptoKeyVersionRequest - description: Request message for KeyManagementService.ImportCryptoKeyVersion. - type: object - properties: - cryptoKeyVersion: - description: >- - Optional. The optional name of an existing CryptoKeyVersion to - target for an import operation. If this field is not present, a new - CryptoKeyVersion containing the supplied key material is created. If - this field is present, the supplied key material is imported into - the existing CryptoKeyVersion. To import into an existing - CryptoKeyVersion, the CryptoKeyVersion must be a child of - ImportCryptoKeyVersionRequest.parent, have been previously created - via ImportCryptoKeyVersion, and be in DESTROYED or IMPORT_FAILED - state. The key material and algorithm must match the previous - CryptoKeyVersion exactly if the CryptoKeyVersion has ever contained - key material. - type: string - algorithm: - description: >- - Required. The algorithm of the key being imported. This does not - need to match the version_template of the CryptoKey this version - imports into. - type: string - enumDescriptions: - - Not specified. - - Creates symmetric encryption keys. - - AES-GCM (Galois Counter Mode) using 128-bit keys. - - AES-GCM (Galois Counter Mode) using 256-bit keys. - - AES-CBC (Cipher Block Chaining Mode) using 128-bit keys. - - AES-CBC (Cipher Block Chaining Mode) using 256-bit keys. - - AES-CTR (Counter Mode) using 128-bit keys. - - AES-CTR (Counter Mode) using 256-bit keys. - - RSASSA-PSS 2048 bit key with a SHA256 digest. - - RSASSA-PSS 3072 bit key with a SHA256 digest. - - RSASSA-PSS 4096 bit key with a SHA256 digest. - - RSASSA-PSS 4096 bit key with a SHA512 digest. - - RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. - - RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. - - RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. - - RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. - - RSASSA-PKCS1-v1_5 signing without encoding, with a 2048 bit key. - - RSASSA-PKCS1-v1_5 signing without encoding, with a 3072 bit key. - - RSASSA-PKCS1-v1_5 signing without encoding, with a 4096 bit key. - - RSAES-OAEP 2048 bit key with a SHA256 digest. - - RSAES-OAEP 3072 bit key with a SHA256 digest. - - RSAES-OAEP 4096 bit key with a SHA256 digest. - - RSAES-OAEP 4096 bit key with a SHA512 digest. - - RSAES-OAEP 2048 bit key with a SHA1 digest. - - RSAES-OAEP 3072 bit key with a SHA1 digest. - - RSAES-OAEP 4096 bit key with a SHA1 digest. - - >- - ECDSA on the NIST P-256 curve with a SHA256 digest. Other hash - functions can also be used: - https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms - - >- - ECDSA on the NIST P-384 curve with a SHA384 digest. Other hash - functions can also be used: - https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms - - >- - ECDSA on the non-NIST secp256k1 curve. This curve is only - supported for HSM protection level. Other hash functions can also - be used: - https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms - - EdDSA on the Curve25519 in pure mode (taking data as input). - - HMAC-SHA256 signing with a 256 bit key. - - HMAC-SHA1 signing with a 160 bit key. - - HMAC-SHA384 signing with a 384 bit key. - - HMAC-SHA512 signing with a 512 bit key. - - HMAC-SHA224 signing with a 224 bit key. - - >- - Algorithm representing symmetric encryption by an external key - manager. - - ML-KEM-768 (FIPS 203) - - ML-KEM-1024 (FIPS 203) - - >- - X-Wing hybrid KEM combining ML-KEM-768 with X25519 following - datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/. - - >- - The post-quantum Module-Lattice-Based Digital Signature Algorithm, - at security level 3. Randomized version. - - >- - The post-quantum stateless hash-based digital signature algorithm, - at security level 1. Randomized version. - - >- - The post-quantum stateless hash-based digital signature algorithm, - at security level 1. Randomized pre-hash version supporting SHA256 - digests. - enum: - - CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED - - GOOGLE_SYMMETRIC_ENCRYPTION - - AES_128_GCM - - AES_256_GCM - - AES_128_CBC - - AES_256_CBC - - AES_128_CTR - - AES_256_CTR - - RSA_SIGN_PSS_2048_SHA256 - - RSA_SIGN_PSS_3072_SHA256 - - RSA_SIGN_PSS_4096_SHA256 - - RSA_SIGN_PSS_4096_SHA512 - - RSA_SIGN_PKCS1_2048_SHA256 - - RSA_SIGN_PKCS1_3072_SHA256 - - RSA_SIGN_PKCS1_4096_SHA256 - - RSA_SIGN_PKCS1_4096_SHA512 - - RSA_SIGN_RAW_PKCS1_2048 - - RSA_SIGN_RAW_PKCS1_3072 - - RSA_SIGN_RAW_PKCS1_4096 - - RSA_DECRYPT_OAEP_2048_SHA256 - - RSA_DECRYPT_OAEP_3072_SHA256 - - RSA_DECRYPT_OAEP_4096_SHA256 - - RSA_DECRYPT_OAEP_4096_SHA512 - - RSA_DECRYPT_OAEP_2048_SHA1 - - RSA_DECRYPT_OAEP_3072_SHA1 - - RSA_DECRYPT_OAEP_4096_SHA1 - - EC_SIGN_P256_SHA256 - - EC_SIGN_P384_SHA384 - - EC_SIGN_SECP256K1_SHA256 - - EC_SIGN_ED25519 - - HMAC_SHA256 - - HMAC_SHA1 - - HMAC_SHA384 - - HMAC_SHA512 - - HMAC_SHA224 - - EXTERNAL_SYMMETRIC_ENCRYPTION - - ML_KEM_768 - - ML_KEM_1024 - - KEM_XWING - - PQ_SIGN_ML_DSA_65 - - PQ_SIGN_SLH_DSA_SHA2_128S - - PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256 - importJob: - description: >- - Required. The name of the ImportJob that was used to wrap this key - material. - type: string - wrappedKey: - description: >- - Optional. The wrapped key material to import. Before wrapping, key - material must be formatted. If importing symmetric key material, the - expected key material format is plain bytes. If importing asymmetric - key material, the expected key material format is PKCS#8-encoded DER - (the PrivateKeyInfo structure from RFC 5208). When wrapping with - import methods (RSA_OAEP_3072_SHA1_AES_256 or - RSA_OAEP_4096_SHA1_AES_256 or RSA_OAEP_3072_SHA256_AES_256 or - RSA_OAEP_4096_SHA256_AES_256), this field must contain the - concatenation of: 1. An ephemeral AES-256 wrapping key wrapped with - the public_key using RSAES-OAEP with SHA-1/SHA-256, MGF1 with - SHA-1/SHA-256, and an empty label. 2. The formatted key to be - imported, wrapped with the ephemeral AES-256 key using AES-KWP (RFC - 5649). This format is the same as the format produced by PKCS#11 - mechanism CKM_RSA_AES_KEY_WRAP. When wrapping with import methods - (RSA_OAEP_3072_SHA256 or RSA_OAEP_4096_SHA256), this field must - contain the formatted key to be imported, wrapped with the - public_key using RSAES-OAEP with SHA-256, MGF1 with SHA-256, and an - empty label. - type: string - format: byte - rsaAesWrappedKey: - description: >- - Optional. This field has the same meaning as wrapped_key. Prefer to - use that field in new work. Either that field or this field (but not - both) must be specified. - type: string - format: byte - UpdateCryptoKeyPrimaryVersionRequest: - id: UpdateCryptoKeyPrimaryVersionRequest - description: Request message for KeyManagementService.UpdateCryptoKeyPrimaryVersion. - type: object - properties: - cryptoKeyVersionId: - description: Required. The id of the child CryptoKeyVersion to use as primary. - type: string - DestroyCryptoKeyVersionRequest: - id: DestroyCryptoKeyVersionRequest - description: Request message for KeyManagementService.DestroyCryptoKeyVersion. - type: object - properties: {} - RestoreCryptoKeyVersionRequest: - id: RestoreCryptoKeyVersionRequest - description: Request message for KeyManagementService.RestoreCryptoKeyVersion. - type: object - properties: {} - EncryptRequest: - id: EncryptRequest - description: Request message for KeyManagementService.Encrypt. - type: object - properties: - plaintext: - description: >- - Required. The data to encrypt. Must be no larger than 64KiB. The - maximum size depends on the key version's protection_level. For - SOFTWARE, EXTERNAL, and EXTERNAL_VPC keys, the plaintext must be no - larger than 64KiB. For HSM keys, the combined length of the - plaintext and additional_authenticated_data fields must be no larger - than 8KiB. - type: string - format: byte - additionalAuthenticatedData: - description: >- - Optional. Optional data that, if specified, must also be provided - during decryption through - DecryptRequest.additional_authenticated_data. The maximum size - depends on the key version's protection_level. For SOFTWARE, - EXTERNAL, and EXTERNAL_VPC keys the AAD must be no larger than - 64KiB. For HSM keys, the combined length of the plaintext and - additional_authenticated_data fields must be no larger than 8KiB. + All CryptoKeys created with this EkmConnection use EKM-side key + management operations initiated from Cloud KMS. This means that: * + When a CryptoKeyVersion associated with this EkmConnection is + created, the EKM automatically generates new key material and a + new key path. The caller cannot supply the key path of + pre-existing external key material. * Destruction of external key + material associated with this EkmConnection can be requested by + calling DestroyCryptoKeyVersion. * Automatic rotation of key + material is supported. + cryptoSpacePath: type: string - format: byte - plaintextCrc32c: description: >- - Optional. An optional CRC32C checksum of the - EncryptRequest.plaintext. If specified, KeyManagementService will - verify the integrity of the received EncryptRequest.plaintext using - this checksum. KeyManagementService will report an error if the - checksum verification fails. If you receive a checksum error, your - client should verify that CRC32C(EncryptRequest.plaintext) is equal - to EncryptRequest.plaintext_crc32c, and if so, perform a limited - number of retries. A persistent mismatch may indicate an issue in - your computation of the CRC32C checksum. Note: This field is defined - as int64 for reasons of compatibility across different languages. - However, it is a non-negative integer, which will never exceed - 2^32-1, and can be safely downconverted to uint32 in languages that - support this type. + Optional. Identifies the EKM Crypto Space that this EkmConnection + maps to. Note: This field is required if KeyManagementMode is + CLOUD_KMS. + etag: + description: Optional. Etag of the currently stored EkmConnection. type: string - format: int64 - additionalAuthenticatedDataCrc32c: + serviceResolvers: + items: + $ref: '#/components/schemas/ServiceResolver' description: >- - Optional. An optional CRC32C checksum of the - EncryptRequest.additional_authenticated_data. If specified, - KeyManagementService will verify the integrity of the received - EncryptRequest.additional_authenticated_data using this checksum. - KeyManagementService will report an error if the checksum - verification fails. If you receive a checksum error, your client - should verify that - CRC32C(EncryptRequest.additional_authenticated_data) is equal to - EncryptRequest.additional_authenticated_data_crc32c, and if so, - perform a limited number of retries. A persistent mismatch may - indicate an issue in your computation of the CRC32C checksum. Note: - This field is defined as int64 for reasons of compatibility across - different languages. However, it is a non-negative integer, which - will never exceed 2^32-1, and can be safely downconverted to uint32 - in languages that support this type. + Optional. A list of ServiceResolvers where the EKM can be reached. + There should be one ServiceResolver per EKM replica. Currently, only + a single ServiceResolver is supported. + type: array + name: + readOnly: true + description: >- + Output only. The resource name for the EkmConnection in the format + `projects/*/locations/*/ekmConnections/*`. type: string - format: int64 - EncryptResponse: - id: EncryptResponse - description: Response message for KeyManagementService.Encrypt. + type: object + Policy: + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). type: object properties: - name: + auditConfigs: + description: Specifies cloud audit logging configuration for this policy. + items: + $ref: '#/components/schemas/AuditConfig' + type: array + version: + type: integer description: >- - The resource name of the CryptoKeyVersion used in encryption. Check - this field to verify that the intended resource was used for - encryption. - type: string - ciphertext: - description: The encrypted data. - type: string - format: byte - ciphertextCrc32c: + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + format: int32 + etag: description: >- - Integrity verification field. A CRC32C checksum of the returned - EncryptResponse.ciphertext. An integrity check of - EncryptResponse.ciphertext can be performed by computing the CRC32C - checksum of EncryptResponse.ciphertext and comparing your results to - this field. Discard the response in case of non-matching checksum - values, and perform a limited number of retries. A persistent - mismatch may indicate an issue in your computation of the CRC32C - checksum. Note: This field is defined as int64 for reasons of - compatibility across different languages. However, it is a - non-negative integer, which will never exceed 2^32-1, and can be - safely downconverted to uint32 in languages that support this type. + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + format: byte type: string - format: int64 - verifiedPlaintextCrc32c: - description: >- - Integrity verification field. A flag indicating whether - EncryptRequest.plaintext_crc32c was received by KeyManagementService - and used for the integrity verification of the plaintext. A false - value of this field indicates either that - EncryptRequest.plaintext_crc32c was left unset or that it was not - delivered to KeyManagementService. If you've set - EncryptRequest.plaintext_crc32c but this field is still false, - discard the response and perform a limited number of retries. - type: boolean - verifiedAdditionalAuthenticatedDataCrc32c: + bindings: description: >- - Integrity verification field. A flag indicating whether - EncryptRequest.additional_authenticated_data_crc32c was received by - KeyManagementService and used for the integrity verification of the - AAD. A false value of this field indicates either that - EncryptRequest.additional_authenticated_data_crc32c was left unset - or that it was not delivered to KeyManagementService. If you've set - EncryptRequest.additional_authenticated_data_crc32c but this field - is still false, discard the response and perform a limited number of - retries. - type: boolean - protectionLevel: - description: The ProtectionLevel of the CryptoKeyVersion used in encryption. - type: string - enumDescriptions: - - Not specified. - - Crypto operations are performed in software. - - Crypto operations are performed in a Hardware Security Module. - - Crypto operations are performed by an external key manager. - - Crypto operations are performed in an EKM-over-VPC backend. - enum: - - PROTECTION_LEVEL_UNSPECIFIED - - SOFTWARE - - HSM - - EXTERNAL - - EXTERNAL_VPC - DecryptRequest: - id: DecryptRequest - description: Request message for KeyManagementService.Decrypt. - type: object + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + type: array + items: + $ref: '#/components/schemas/Binding' + id: Policy + ShowEffectiveKeyAccessJustificationsEnrollmentConfigResponse: properties: - ciphertext: + externalConfig: + $ref: '#/components/schemas/KeyAccessJustificationsEnrollmentConfig' description: >- - Required. The encrypted data originally returned in - EncryptResponse.ciphertext. - type: string - format: byte - additionalAuthenticatedData: + The effective KeyAccessJustificationsEnrollmentConfig for external + keys. + softwareConfig: + $ref: '#/components/schemas/KeyAccessJustificationsEnrollmentConfig' description: >- - Optional. Optional data that must match the data originally supplied - in EncryptRequest.additional_authenticated_data. - type: string - format: byte - ciphertextCrc32c: + The effective KeyAccessJustificationsEnrollmentConfig for software + keys. + hardwareConfig: description: >- - Optional. An optional CRC32C checksum of the - DecryptRequest.ciphertext. If specified, KeyManagementService will - verify the integrity of the received DecryptRequest.ciphertext using - this checksum. KeyManagementService will report an error if the - checksum verification fails. If you receive a checksum error, your - client should verify that CRC32C(DecryptRequest.ciphertext) is equal - to DecryptRequest.ciphertext_crc32c, and if so, perform a limited - number of retries. A persistent mismatch may indicate an issue in - your computation of the CRC32C checksum. Note: This field is defined - as int64 for reasons of compatibility across different languages. + The effective KeyAccessJustificationsEnrollmentConfig for hardware + keys. + $ref: '#/components/schemas/KeyAccessJustificationsEnrollmentConfig' + type: object + id: ShowEffectiveKeyAccessJustificationsEnrollmentConfigResponse + description: >- + Response message for + KeyAccessJustificationsConfig.ShowEffectiveKeyAccessJustificationsEnrollmentConfig + RawEncryptResponse: + id: RawEncryptResponse + type: object + properties: + tagLength: + type: integer + format: int32 + description: >- + The length of the authentication tag that is appended to the end of + the ciphertext. + ciphertextCrc32c: + description: >- + Integrity verification field. A CRC32C checksum of the returned + RawEncryptResponse.ciphertext. An integrity check of ciphertext can + be performed by computing the CRC32C checksum of ciphertext and + comparing your results to this field. Discard the response in case + of non-matching checksum values, and perform a limited number of + retries. A persistent mismatch may indicate an issue in your + computation of the CRC32C checksum. Note: This field is defined as + int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type. - type: string - format: int64 - additionalAuthenticatedDataCrc32c: - description: >- - Optional. An optional CRC32C checksum of the - DecryptRequest.additional_authenticated_data. If specified, - KeyManagementService will verify the integrity of the received - DecryptRequest.additional_authenticated_data using this checksum. - KeyManagementService will report an error if the checksum - verification fails. If you receive a checksum error, your client - should verify that - CRC32C(DecryptRequest.additional_authenticated_data) is equal to - DecryptRequest.additional_authenticated_data_crc32c, and if so, - perform a limited number of retries. A persistent mismatch may - indicate an issue in your computation of the CRC32C checksum. Note: - This field is defined as int64 for reasons of compatibility across - different languages. However, it is a non-negative integer, which - will never exceed 2^32-1, and can be safely downconverted to uint32 - in languages that support this type. - type: string format: int64 - DecryptResponse: - id: DecryptResponse - description: Response message for KeyManagementService.Decrypt. - type: object - properties: - plaintext: - description: The decrypted data originally supplied in EncryptRequest.plaintext. type: string - format: byte - plaintextCrc32c: + ciphertext: description: >- - Integrity verification field. A CRC32C checksum of the returned - DecryptResponse.plaintext. An integrity check of - DecryptResponse.plaintext can be performed by computing the CRC32C - checksum of DecryptResponse.plaintext and comparing your results to - this field. Discard the response in case of non-matching checksum - values, and perform a limited number of retries. A persistent - mismatch may indicate an issue in your computation of the CRC32C - checksum. Note: receiving this response message indicates that - KeyManagementService is able to successfully decrypt the ciphertext. - Note: This field is defined as int64 for reasons of compatibility - across different languages. However, it is a non-negative integer, - which will never exceed 2^32-1, and can be safely downconverted to - uint32 in languages that support this type. + The encrypted data. In the case of AES-GCM, the authentication tag + is the tag_length bytes at the end of this field. + format: byte type: string - format: int64 - usedPrimary: - description: Whether the Decryption was performed using the primary key version. - type: boolean protectionLevel: - description: The ProtectionLevel of the CryptoKeyVersion used in decryption. type: string enumDescriptions: - Not specified. @@ -2117,110 +2010,61 @@ components: - Crypto operations are performed in a Hardware Security Module. - Crypto operations are performed by an external key manager. - Crypto operations are performed in an EKM-over-VPC backend. + - Crypto operations are performed in a single-tenant HSM. + description: The ProtectionLevel of the CryptoKeyVersion used in encryption. enum: - PROTECTION_LEVEL_UNSPECIFIED - SOFTWARE - HSM - EXTERNAL - EXTERNAL_VPC - RawEncryptRequest: - id: RawEncryptRequest - description: Request message for KeyManagementService.RawEncrypt. - type: object - properties: - plaintext: - description: >- - Required. The data to encrypt. Must be no larger than 64KiB. The - maximum size depends on the key version's protection_level. For - SOFTWARE keys, the plaintext must be no larger than 64KiB. For HSM - keys, the combined length of the plaintext and - additional_authenticated_data fields must be no larger than 8KiB. - type: string - format: byte - additionalAuthenticatedData: - description: >- - Optional. Optional data that, if specified, must also be provided - during decryption through - RawDecryptRequest.additional_authenticated_data. This field may only - be used in conjunction with an algorithm that accepts additional - authenticated data (for example, AES-GCM). The maximum size depends - on the key version's protection_level. For SOFTWARE keys, the - plaintext must be no larger than 64KiB. For HSM keys, the combined - length of the plaintext and additional_authenticated_data fields - must be no larger than 8KiB. + - HSM_SINGLE_TENANT + name: type: string - format: byte - plaintextCrc32c: description: >- - Optional. An optional CRC32C checksum of the - RawEncryptRequest.plaintext. If specified, KeyManagementService will - verify the integrity of the received plaintext using this checksum. - KeyManagementService will report an error if the checksum - verification fails. If you receive a checksum error, your client - should verify that CRC32C(plaintext) is equal to plaintext_crc32c, - and if so, perform a limited number of retries. A persistent - mismatch may indicate an issue in your computation of the CRC32C - checksum. Note: This field is defined as int64 for reasons of - compatibility across different languages. However, it is a - non-negative integer, which will never exceed 2^32-1, and can be - safely downconverted to uint32 in languages that support this type. - type: string - format: int64 - additionalAuthenticatedDataCrc32c: + The resource name of the CryptoKeyVersion used in encryption. Check + this field to verify that the intended resource was used for + encryption. + verifiedAdditionalAuthenticatedDataCrc32c: + type: boolean description: >- - Optional. An optional CRC32C checksum of the - RawEncryptRequest.additional_authenticated_data. If specified, - KeyManagementService will verify the integrity of the received - additional_authenticated_data using this checksum. - KeyManagementService will report an error if the checksum - verification fails. If you receive a checksum error, your client - should verify that CRC32C(additional_authenticated_data) is equal to - additional_authenticated_data_crc32c, and if so, perform a limited - number of retries. A persistent mismatch may indicate an issue in - your computation of the CRC32C checksum. Note: This field is defined - as int64 for reasons of compatibility across different languages. - However, it is a non-negative integer, which will never exceed - 2^32-1, and can be safely downconverted to uint32 in languages that - support this type. - type: string - format: int64 - initializationVector: + Integrity verification field. A flag indicating whether + RawEncryptRequest.additional_authenticated_data_crc32c was received + by KeyManagementService and used for the integrity verification of + additional_authenticated_data. A false value of this field indicates + either that // + RawEncryptRequest.additional_authenticated_data_crc32c was left + unset or that it was not delivered to KeyManagementService. If + you've set RawEncryptRequest.additional_authenticated_data_crc32c + but this field is still false, discard the response and perform a + limited number of retries. + verifiedInitializationVectorCrc32c: + type: boolean description: >- - Optional. A customer-supplied initialization vector that will be - used for encryption. If it is not provided for AES-CBC and AES-CTR, - one will be generated. It will be returned in - RawEncryptResponse.initialization_vector. - type: string - format: byte + Integrity verification field. A flag indicating whether + RawEncryptRequest.initialization_vector_crc32c was received by + KeyManagementService and used for the integrity verification of + initialization_vector. A false value of this field indicates either + that RawEncryptRequest.initialization_vector_crc32c was left unset + or that it was not delivered to KeyManagementService. If you've set + RawEncryptRequest.initialization_vector_crc32c but this field is + still false, discard the response and perform a limited number of + retries. initializationVectorCrc32c: - description: >- - Optional. An optional CRC32C checksum of the - RawEncryptRequest.initialization_vector. If specified, - KeyManagementService will verify the integrity of the received - initialization_vector using this checksum. KeyManagementService will - report an error if the checksum verification fails. If you receive a - checksum error, your client should verify that - CRC32C(initialization_vector) is equal to - initialization_vector_crc32c, and if so, perform a limited number of - retries. A persistent mismatch may indicate an issue in your - computation of the CRC32C checksum. Note: This field is defined as - int64 for reasons of compatibility across different languages. - However, it is a non-negative integer, which will never exceed - 2^32-1, and can be safely downconverted to uint32 in languages that - support this type. type: string - format: int64 - RawEncryptResponse: - id: RawEncryptResponse - description: Response message for KeyManagementService.RawEncrypt. - type: object - properties: - ciphertext: description: >- - The encrypted data. In the case of AES-GCM, the authentication tag - is the tag_length bytes at the end of this field. - type: string - format: byte + Integrity verification field. A CRC32C checksum of the returned + RawEncryptResponse.initialization_vector. An integrity check of + initialization_vector can be performed by computing the CRC32C + checksum of initialization_vector and comparing your results to this + field. Discard the response in case of non-matching checksum values, + and perform a limited number of retries. A persistent mismatch may + indicate an issue in your computation of the CRC32C checksum. Note: + This field is defined as int64 for reasons of compatibility across + different languages. However, it is a non-negative integer, which + will never exceed 2^32-1, and can be safely downconverted to uint32 + in languages that support this type. + format: int64 initializationVector: description: >- The initialization vector (IV) generated by the service during @@ -2228,522 +2072,631 @@ components: RawDecryptRequest.initialization_vector at decryption time. type: string format: byte - tagLength: + verifiedPlaintextCrc32c: description: >- - The length of the authentication tag that is appended to the end of - the ciphertext. - type: integer - format: int32 - ciphertextCrc32c: + Integrity verification field. A flag indicating whether + RawEncryptRequest.plaintext_crc32c was received by + KeyManagementService and used for the integrity verification of the + plaintext. A false value of this field indicates either that + RawEncryptRequest.plaintext_crc32c was left unset or that it was not + delivered to KeyManagementService. If you've set + RawEncryptRequest.plaintext_crc32c but this field is still false, + discard the response and perform a limited number of retries. + type: boolean + description: Response message for KeyManagementService.RawEncrypt. + TestIamPermissionsRequest: + description: Request message for `TestIamPermissions` method. + type: object + properties: + permissions: + type: array description: >- - Integrity verification field. A CRC32C checksum of the returned - RawEncryptResponse.ciphertext. An integrity check of ciphertext can - be performed by computing the CRC32C checksum of ciphertext and - comparing your results to this field. Discard the response in case - of non-matching checksum values, and perform a limited number of - retries. A persistent mismatch may indicate an issue in your - computation of the CRC32C checksum. Note: This field is defined as - int64 for reasons of compatibility across different languages. - However, it is a non-negative integer, which will never exceed - 2^32-1, and can be safely downconverted to uint32 in languages that - support this type. + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + items: + type: string + id: TestIamPermissionsRequest + AuditLogConfig: + type: object + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + id: AuditLogConfig + properties: + exemptedMembers: + description: >- + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + type: array + items: + type: string + logType: + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + description: The log type that this config enables. type: string - format: int64 - initializationVectorCrc32c: + SetIamPolicyRequest: + properties: + policy: + $ref: '#/components/schemas/Policy' description: >- - Integrity verification field. A CRC32C checksum of the returned - RawEncryptResponse.initialization_vector. An integrity check of - initialization_vector can be performed by computing the CRC32C - checksum of initialization_vector and comparing your results to this - field. Discard the response in case of non-matching checksum values, - and perform a limited number of retries. A persistent mismatch may - indicate an issue in your computation of the CRC32C checksum. Note: - This field is defined as int64 for reasons of compatibility across - different languages. However, it is a non-negative integer, which - will never exceed 2^32-1, and can be safely downconverted to uint32 - in languages that support this type. - type: string - format: int64 - verifiedPlaintextCrc32c: + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + updateMask: + format: google-fieldmask description: >- - Integrity verification field. A flag indicating whether - RawEncryptRequest.plaintext_crc32c was received by - KeyManagementService and used for the integrity verification of the - plaintext. A false value of this field indicates either that - RawEncryptRequest.plaintext_crc32c was left unset or that it was not - delivered to KeyManagementService. If you've set - RawEncryptRequest.plaintext_crc32c but this field is still false, - discard the response and perform a limited number of retries. - type: boolean - verifiedAdditionalAuthenticatedDataCrc32c: + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + type: string + id: SetIamPolicyRequest + type: object + description: Request message for `SetIamPolicy` method. + PublicKey: + description: The public keys for a given CryptoKeyVersion. Obtained via GetPublicKey. + id: PublicKey + properties: + name: + type: string description: >- - Integrity verification field. A flag indicating whether - RawEncryptRequest.additional_authenticated_data_crc32c was received - by KeyManagementService and used for the integrity verification of - additional_authenticated_data. A false value of this field indicates - either that // - RawEncryptRequest.additional_authenticated_data_crc32c was left - unset or that it was not delivered to KeyManagementService. If - you've set RawEncryptRequest.additional_authenticated_data_crc32c - but this field is still false, discard the response and perform a - limited number of retries. - type: boolean - verifiedInitializationVectorCrc32c: + The name of the CryptoKeyVersion public key. Provided here for + verification. NOTE: This field is in Beta. + publicKeyFormat: + enum: + - PUBLIC_KEY_FORMAT_UNSPECIFIED + - PEM + - DER + - NIST_PQC + - XWING_RAW_BYTES + type: string description: >- - Integrity verification field. A flag indicating whether - RawEncryptRequest.initialization_vector_crc32c was received by - KeyManagementService and used for the integrity verification of - initialization_vector. A false value of this field indicates either - that RawEncryptRequest.initialization_vector_crc32c was left unset - or that it was not delivered to KeyManagementService. If you've set - RawEncryptRequest.initialization_vector_crc32c but this field is - still false, discard the response and perform a limited number of - retries. - type: boolean - name: + The PublicKey format specified by the customer through the + public_key_format field. + enumDescriptions: + - >- + If the public_key_format field is not specified: - For PQC + algorithms, an error will be returned. - For non-PQC algorithms, + the default format is PEM, and the field pem will be populated. + Otherwise, the public key will be exported through the public_key + field in the requested format. + - >- + The returned public key will be encoded in PEM format. See the + [RFC7468](https://tools.ietf.org/html/rfc7468) sections for + [General + Considerations](https://tools.ietf.org/html/rfc7468#section-2) and + [Textual Encoding of Subject Public Key Info] + (https://tools.ietf.org/html/rfc7468#section-13) for more + information. + - >- + The returned public key will be encoded in DER format (the + PrivateKeyInfo structure from RFC 5208). + - >- + This is supported only for PQC algorithms. The key material is + returned in the format defined by NIST PQC standards (FIPS 203, + FIPS 204, and FIPS 205). + - >- + The returned public key is in raw bytes format defined in its + standard + https://datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem. + pem: description: >- - The resource name of the CryptoKeyVersion used in encryption. Check - this field to verify that the intended resource was used for - encryption. + The public key, encoded in PEM format. For more information, see the + [RFC 7468](https://tools.ietf.org/html/rfc7468) sections for + [General + Considerations](https://tools.ietf.org/html/rfc7468#section-2) and + [Textual Encoding of Subject Public Key Info] + (https://tools.ietf.org/html/rfc7468#section-13). type: string protectionLevel: - description: The ProtectionLevel of the CryptoKeyVersion used in encryption. - type: string enumDescriptions: - Not specified. - Crypto operations are performed in software. - Crypto operations are performed in a Hardware Security Module. - Crypto operations are performed by an external key manager. - Crypto operations are performed in an EKM-over-VPC backend. + - Crypto operations are performed in a single-tenant HSM. + description: The ProtectionLevel of the CryptoKeyVersion public key. enum: - PROTECTION_LEVEL_UNSPECIFIED - SOFTWARE - HSM - EXTERNAL - EXTERNAL_VPC - RawDecryptRequest: - id: RawDecryptRequest - description: Request message for KeyManagementService.RawDecrypt. - type: object - properties: - ciphertext: - description: >- - Required. The encrypted data originally returned in - RawEncryptResponse.ciphertext. - type: string - format: byte - additionalAuthenticatedData: - description: >- - Optional. Optional data that must match the data originally supplied - in RawEncryptRequest.additional_authenticated_data. - type: string - format: byte - initializationVector: - description: >- - Required. The initialization vector (IV) used during encryption, - which must match the data originally provided in - RawEncryptResponse.initialization_vector. + - HSM_SINGLE_TENANT type: string - format: byte - tagLength: + publicKey: description: >- - The length of the authentication tag that is appended to the end of - the ciphertext. If unspecified (0), the default value for the key's - algorithm will be used (for AES-GCM, the default value is 16). - type: integer - format: int32 - ciphertextCrc32c: + This field contains the public key (with integrity verification), + formatted according to the public_key_format field. + $ref: '#/components/schemas/ChecksummedData' + pemCrc32c: description: >- - Optional. An optional CRC32C checksum of the - RawDecryptRequest.ciphertext. If specified, KeyManagementService - will verify the integrity of the received ciphertext using this - checksum. KeyManagementService will report an error if the checksum - verification fails. If you receive a checksum error, your client - should verify that CRC32C(ciphertext) is equal to ciphertext_crc32c, - and if so, perform a limited number of retries. A persistent - mismatch may indicate an issue in your computation of the CRC32C - checksum. Note: This field is defined as int64 for reasons of + Integrity verification field. A CRC32C checksum of the returned + PublicKey.pem. An integrity check of PublicKey.pem can be performed + by computing the CRC32C checksum of PublicKey.pem and comparing your + results to this field. Discard the response in case of non-matching + checksum values, and perform a limited number of retries. A + persistent mismatch may indicate an issue in your computation of the + CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a - non-negative integer, which will never exceed 2^32-1, and can be + non-negative integer, which will never exceed `2^32-1`, and can be safely downconverted to uint32 in languages that support this type. + NOTE: This field is in Beta. type: string format: int64 - additionalAuthenticatedDataCrc32c: - description: >- - Optional. An optional CRC32C checksum of the - RawDecryptRequest.additional_authenticated_data. If specified, - KeyManagementService will verify the integrity of the received - additional_authenticated_data using this checksum. - KeyManagementService will report an error if the checksum - verification fails. If you receive a checksum error, your client - should verify that CRC32C(additional_authenticated_data) is equal to - additional_authenticated_data_crc32c, and if so, perform a limited - number of retries. A persistent mismatch may indicate an issue in - your computation of the CRC32C checksum. Note: This field is defined - as int64 for reasons of compatibility across different languages. - However, it is a non-negative integer, which will never exceed - 2^32-1, and can be safely downconverted to uint32 in languages that - support this type. - type: string - format: int64 - initializationVectorCrc32c: - description: >- - Optional. An optional CRC32C checksum of the - RawDecryptRequest.initialization_vector. If specified, - KeyManagementService will verify the integrity of the received - initialization_vector using this checksum. KeyManagementService will - report an error if the checksum verification fails. If you receive a - checksum error, your client should verify that - CRC32C(initialization_vector) is equal to - initialization_vector_crc32c, and if so, perform a limited number of - retries. A persistent mismatch may indicate an issue in your - computation of the CRC32C checksum. Note: This field is defined as - int64 for reasons of compatibility across different languages. - However, it is a non-negative integer, which will never exceed - 2^32-1, and can be safely downconverted to uint32 in languages that - support this type. + algorithm: + enum: + - CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED + - GOOGLE_SYMMETRIC_ENCRYPTION + - AES_128_GCM + - AES_256_GCM + - AES_128_CBC + - AES_256_CBC + - AES_128_CTR + - AES_256_CTR + - RSA_SIGN_PSS_2048_SHA256 + - RSA_SIGN_PSS_3072_SHA256 + - RSA_SIGN_PSS_4096_SHA256 + - RSA_SIGN_PSS_4096_SHA512 + - RSA_SIGN_PKCS1_2048_SHA256 + - RSA_SIGN_PKCS1_3072_SHA256 + - RSA_SIGN_PKCS1_4096_SHA256 + - RSA_SIGN_PKCS1_4096_SHA512 + - RSA_SIGN_RAW_PKCS1_2048 + - RSA_SIGN_RAW_PKCS1_3072 + - RSA_SIGN_RAW_PKCS1_4096 + - RSA_DECRYPT_OAEP_2048_SHA256 + - RSA_DECRYPT_OAEP_3072_SHA256 + - RSA_DECRYPT_OAEP_4096_SHA256 + - RSA_DECRYPT_OAEP_4096_SHA512 + - RSA_DECRYPT_OAEP_2048_SHA1 + - RSA_DECRYPT_OAEP_3072_SHA1 + - RSA_DECRYPT_OAEP_4096_SHA1 + - EC_SIGN_P256_SHA256 + - EC_SIGN_P384_SHA384 + - EC_SIGN_SECP256K1_SHA256 + - EC_SIGN_ED25519 + - HMAC_SHA256 + - HMAC_SHA1 + - HMAC_SHA384 + - HMAC_SHA512 + - HMAC_SHA224 + - EXTERNAL_SYMMETRIC_ENCRYPTION + - ML_KEM_768 + - ML_KEM_1024 + - KEM_XWING + - PQ_SIGN_ML_DSA_44 + - PQ_SIGN_ML_DSA_65 + - PQ_SIGN_ML_DSA_87 + - PQ_SIGN_SLH_DSA_SHA2_128S + - PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256 + - PQ_SIGN_ML_DSA_44_EXTERNAL_MU + - PQ_SIGN_ML_DSA_65_EXTERNAL_MU + - PQ_SIGN_ML_DSA_87_EXTERNAL_MU + description: The Algorithm associated with this key. + enumDescriptions: + - Not specified. + - Creates symmetric encryption keys. + - AES-GCM (Galois Counter Mode) using 128-bit keys. + - AES-GCM (Galois Counter Mode) using 256-bit keys. + - AES-CBC (Cipher Block Chaining Mode) using 128-bit keys. + - AES-CBC (Cipher Block Chaining Mode) using 256-bit keys. + - AES-CTR (Counter Mode) using 128-bit keys. + - AES-CTR (Counter Mode) using 256-bit keys. + - RSASSA-PSS 2048 bit key with a SHA256 digest. + - RSASSA-PSS 3072 bit key with a SHA256 digest. + - RSASSA-PSS 4096 bit key with a SHA256 digest. + - RSASSA-PSS 4096 bit key with a SHA512 digest. + - RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. + - RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. + - RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. + - RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. + - RSASSA-PKCS1-v1_5 signing without encoding, with a 2048 bit key. + - RSASSA-PKCS1-v1_5 signing without encoding, with a 3072 bit key. + - RSASSA-PKCS1-v1_5 signing without encoding, with a 4096 bit key. + - RSAES-OAEP 2048 bit key with a SHA256 digest. + - RSAES-OAEP 3072 bit key with a SHA256 digest. + - RSAES-OAEP 4096 bit key with a SHA256 digest. + - RSAES-OAEP 4096 bit key with a SHA512 digest. + - RSAES-OAEP 2048 bit key with a SHA1 digest. + - RSAES-OAEP 3072 bit key with a SHA1 digest. + - RSAES-OAEP 4096 bit key with a SHA1 digest. + - >- + ECDSA on the NIST P-256 curve with a SHA256 digest. Other hash + functions can also be used: + https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + - >- + ECDSA on the NIST P-384 curve with a SHA384 digest. Other hash + functions can also be used: + https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + - >- + ECDSA on the non-NIST secp256k1 curve. This curve is only + supported for HSM protection level. Other hash functions can also + be used: + https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + - EdDSA on the Curve25519 in pure mode (taking data as input). + - HMAC-SHA256 signing with a 256 bit key. + - HMAC-SHA1 signing with a 160 bit key. + - HMAC-SHA384 signing with a 384 bit key. + - HMAC-SHA512 signing with a 512 bit key. + - HMAC-SHA224 signing with a 224 bit key. + - >- + Algorithm representing symmetric encryption by an external key + manager. + - ML-KEM-768 (FIPS 203) + - ML-KEM-1024 (FIPS 203) + - >- + X-Wing hybrid KEM combining ML-KEM-768 with X25519 following + datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 1. Randomized version. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 3. Randomized version. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 5. Randomized version. + - >- + The post-quantum stateless hash-based digital signature algorithm, + at security level 1. Randomized version. + - >- + The post-quantum stateless hash-based digital signature algorithm, + at security level 1. Randomized pre-hash version supporting SHA256 + digests. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 1. Randomized version supporting + externally-computed message representatives. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 3. Randomized version supporting + externally-computed message representatives. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 5. Randomized version supporting + externally-computed message representatives. type: string - format: int64 - RawDecryptResponse: - id: RawDecryptResponse - description: Response message for KeyManagementService.RawDecrypt. type: object + LocationMetadata: + type: object + id: LocationMetadata properties: - plaintext: - description: The decrypted data. - type: string - format: byte - plaintextCrc32c: - description: >- - Integrity verification field. A CRC32C checksum of the returned - RawDecryptResponse.plaintext. An integrity check of plaintext can be - performed by computing the CRC32C checksum of plaintext and - comparing your results to this field. Discard the response in case - of non-matching checksum values, and perform a limited number of - retries. A persistent mismatch may indicate an issue in your - computation of the CRC32C checksum. Note: receiving this response - message indicates that KeyManagementService is able to successfully - decrypt the ciphertext. Note: This field is defined as int64 for - reasons of compatibility across different languages. However, it is - a non-negative integer, which will never exceed 2^32-1, and can be - safely downconverted to uint32 in languages that support this type. - type: string - format: int64 - protectionLevel: - description: The ProtectionLevel of the CryptoKeyVersion used in decryption. - type: string - enumDescriptions: - - Not specified. - - Crypto operations are performed in software. - - Crypto operations are performed in a Hardware Security Module. - - Crypto operations are performed by an external key manager. - - Crypto operations are performed in an EKM-over-VPC backend. - enum: - - PROTECTION_LEVEL_UNSPECIFIED - - SOFTWARE - - HSM - - EXTERNAL - - EXTERNAL_VPC - verifiedCiphertextCrc32c: - description: >- - Integrity verification field. A flag indicating whether - RawDecryptRequest.ciphertext_crc32c was received by - KeyManagementService and used for the integrity verification of the - ciphertext. A false value of this field indicates either that - RawDecryptRequest.ciphertext_crc32c was left unset or that it was - not delivered to KeyManagementService. If you've set - RawDecryptRequest.ciphertext_crc32c but this field is still false, - discard the response and perform a limited number of retries. + hsmAvailable: type: boolean - verifiedAdditionalAuthenticatedDataCrc32c: description: >- - Integrity verification field. A flag indicating whether - RawDecryptRequest.additional_authenticated_data_crc32c was received - by KeyManagementService and used for the integrity verification of - additional_authenticated_data. A false value of this field indicates - either that // - RawDecryptRequest.additional_authenticated_data_crc32c was left - unset or that it was not delivered to KeyManagementService. If - you've set RawDecryptRequest.additional_authenticated_data_crc32c - but this field is still false, discard the response and perform a - limited number of retries. + Indicates whether CryptoKeys with protection_level HSM can be + created in this location. + hsmSingleTenantAvailable: type: boolean - verifiedInitializationVectorCrc32c: description: >- - Integrity verification field. A flag indicating whether - RawDecryptRequest.initialization_vector_crc32c was received by - KeyManagementService and used for the integrity verification of - initialization_vector. A false value of this field indicates either - that RawDecryptRequest.initialization_vector_crc32c was left unset - or that it was not delivered to KeyManagementService. If you've set - RawDecryptRequest.initialization_vector_crc32c but this field is - still false, discard the response and perform a limited number of - retries. + Indicates whether CryptoKeys with protection_level HSM_SINGLE_TENANT + can be created in this location. + ekmAvailable: + description: >- + Indicates whether CryptoKeys with protection_level EXTERNAL can be + created in this location. type: boolean - AsymmetricSignRequest: - id: AsymmetricSignRequest - description: Request message for KeyManagementService.AsymmetricSign. - type: object + description: Cloud KMS metadata for the given google.cloud.location.Location. + Operation: + description: >- + This resource represents a long-running operation that is the result of + a network API call. + id: Operation properties: - digest: + name: + type: string description: >- - Optional. The digest of the data to sign. The digest must be - produced with the same digest algorithm as specified by the key - version's algorithm. This field may not be supplied if - AsymmetricSignRequest.data is supplied. - $ref: '#/components/schemas/Digest' - digestCrc32c: + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + error: description: >- - Optional. An optional CRC32C checksum of the - AsymmetricSignRequest.digest. If specified, KeyManagementService - will verify the integrity of the received - AsymmetricSignRequest.digest using this checksum. - KeyManagementService will report an error if the checksum - verification fails. If you receive a checksum error, your client - should verify that CRC32C(AsymmetricSignRequest.digest) is equal to - AsymmetricSignRequest.digest_crc32c, and if so, perform a limited - number of retries. A persistent mismatch may indicate an issue in - your computation of the CRC32C checksum. Note: This field is defined - as int64 for reasons of compatibility across different languages. - However, it is a non-negative integer, which will never exceed - 2^32-1, and can be safely downconverted to uint32 in languages that - support this type. - type: string - format: int64 - data: + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + response: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - Optional. The data to sign. It can't be supplied if - AsymmetricSignRequest.digest is supplied. - type: string - format: byte - dataCrc32c: + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + metadata: + type: object description: >- - Optional. An optional CRC32C checksum of the - AsymmetricSignRequest.data. If specified, KeyManagementService will - verify the integrity of the received AsymmetricSignRequest.data - using this checksum. KeyManagementService will report an error if - the checksum verification fails. If you receive a checksum error, - your client should verify that CRC32C(AsymmetricSignRequest.data) is - equal to AsymmetricSignRequest.data_crc32c, and if so, perform a - limited number of retries. A persistent mismatch may indicate an - issue in your computation of the CRC32C checksum. Note: This field - is defined as int64 for reasons of compatibility across different - languages. However, it is a non-negative integer, which will never - exceed 2^32-1, and can be safely downconverted to uint32 in - languages that support this type. - type: string - format: int64 - Digest: - id: Digest - description: A Digest holds a cryptographic message digest. + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. type: object - properties: - sha256: - description: A message digest produced with the SHA-256 algorithm. - type: string - format: byte - sha384: - description: A message digest produced with the SHA-384 algorithm. - type: string - format: byte - sha512: - description: A message digest produced with the SHA-512 algorithm. - type: string - format: byte - AsymmetricSignResponse: - id: AsymmetricSignResponse - description: Response message for KeyManagementService.AsymmetricSign. + ImportCryptoKeyVersionRequest: + description: Request message for KeyManagementService.ImportCryptoKeyVersion. + id: ImportCryptoKeyVersionRequest type: object properties: - signature: - description: The created signature. + importJob: type: string + description: >- + Required. The name of the ImportJob that was used to wrap this key + material. + wrappedKey: format: byte - signatureCrc32c: + type: string description: >- - Integrity verification field. A CRC32C checksum of the returned - AsymmetricSignResponse.signature. An integrity check of - AsymmetricSignResponse.signature can be performed by computing the - CRC32C checksum of AsymmetricSignResponse.signature and comparing - your results to this field. Discard the response in case of - non-matching checksum values, and perform a limited number of - retries. A persistent mismatch may indicate an issue in your - computation of the CRC32C checksum. Note: This field is defined as - int64 for reasons of compatibility across different languages. - However, it is a non-negative integer, which will never exceed - 2^32-1, and can be safely downconverted to uint32 in languages that - support this type. + Optional. The wrapped key material to import. Before wrapping, key + material must be formatted. If importing symmetric key material, the + expected key material format is plain bytes. If importing asymmetric + key material, the expected key material format is PKCS#8-encoded DER + (the PrivateKeyInfo structure from RFC 5208). When wrapping with + import methods (RSA_OAEP_3072_SHA1_AES_256 or + RSA_OAEP_4096_SHA1_AES_256 or RSA_OAEP_3072_SHA256_AES_256 or + RSA_OAEP_4096_SHA256_AES_256), this field must contain the + concatenation of: 1. An ephemeral AES-256 wrapping key wrapped with + the public_key using RSAES-OAEP with SHA-1/SHA-256, MGF1 with + SHA-1/SHA-256, and an empty label. 2. The formatted key to be + imported, wrapped with the ephemeral AES-256 key using AES-KWP (RFC + 5649). This format is the same as the format produced by PKCS#11 + mechanism CKM_RSA_AES_KEY_WRAP. When wrapping with import methods + (RSA_OAEP_3072_SHA256 or RSA_OAEP_4096_SHA256), this field must + contain the formatted key to be imported, wrapped with the + public_key using RSAES-OAEP with SHA-256, MGF1 with SHA-256, and an + empty label. + algorithm: + enum: + - CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED + - GOOGLE_SYMMETRIC_ENCRYPTION + - AES_128_GCM + - AES_256_GCM + - AES_128_CBC + - AES_256_CBC + - AES_128_CTR + - AES_256_CTR + - RSA_SIGN_PSS_2048_SHA256 + - RSA_SIGN_PSS_3072_SHA256 + - RSA_SIGN_PSS_4096_SHA256 + - RSA_SIGN_PSS_4096_SHA512 + - RSA_SIGN_PKCS1_2048_SHA256 + - RSA_SIGN_PKCS1_3072_SHA256 + - RSA_SIGN_PKCS1_4096_SHA256 + - RSA_SIGN_PKCS1_4096_SHA512 + - RSA_SIGN_RAW_PKCS1_2048 + - RSA_SIGN_RAW_PKCS1_3072 + - RSA_SIGN_RAW_PKCS1_4096 + - RSA_DECRYPT_OAEP_2048_SHA256 + - RSA_DECRYPT_OAEP_3072_SHA256 + - RSA_DECRYPT_OAEP_4096_SHA256 + - RSA_DECRYPT_OAEP_4096_SHA512 + - RSA_DECRYPT_OAEP_2048_SHA1 + - RSA_DECRYPT_OAEP_3072_SHA1 + - RSA_DECRYPT_OAEP_4096_SHA1 + - EC_SIGN_P256_SHA256 + - EC_SIGN_P384_SHA384 + - EC_SIGN_SECP256K1_SHA256 + - EC_SIGN_ED25519 + - HMAC_SHA256 + - HMAC_SHA1 + - HMAC_SHA384 + - HMAC_SHA512 + - HMAC_SHA224 + - EXTERNAL_SYMMETRIC_ENCRYPTION + - ML_KEM_768 + - ML_KEM_1024 + - KEM_XWING + - PQ_SIGN_ML_DSA_44 + - PQ_SIGN_ML_DSA_65 + - PQ_SIGN_ML_DSA_87 + - PQ_SIGN_SLH_DSA_SHA2_128S + - PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256 + - PQ_SIGN_ML_DSA_44_EXTERNAL_MU + - PQ_SIGN_ML_DSA_65_EXTERNAL_MU + - PQ_SIGN_ML_DSA_87_EXTERNAL_MU + enumDescriptions: + - Not specified. + - Creates symmetric encryption keys. + - AES-GCM (Galois Counter Mode) using 128-bit keys. + - AES-GCM (Galois Counter Mode) using 256-bit keys. + - AES-CBC (Cipher Block Chaining Mode) using 128-bit keys. + - AES-CBC (Cipher Block Chaining Mode) using 256-bit keys. + - AES-CTR (Counter Mode) using 128-bit keys. + - AES-CTR (Counter Mode) using 256-bit keys. + - RSASSA-PSS 2048 bit key with a SHA256 digest. + - RSASSA-PSS 3072 bit key with a SHA256 digest. + - RSASSA-PSS 4096 bit key with a SHA256 digest. + - RSASSA-PSS 4096 bit key with a SHA512 digest. + - RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. + - RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. + - RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. + - RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. + - RSASSA-PKCS1-v1_5 signing without encoding, with a 2048 bit key. + - RSASSA-PKCS1-v1_5 signing without encoding, with a 3072 bit key. + - RSASSA-PKCS1-v1_5 signing without encoding, with a 4096 bit key. + - RSAES-OAEP 2048 bit key with a SHA256 digest. + - RSAES-OAEP 3072 bit key with a SHA256 digest. + - RSAES-OAEP 4096 bit key with a SHA256 digest. + - RSAES-OAEP 4096 bit key with a SHA512 digest. + - RSAES-OAEP 2048 bit key with a SHA1 digest. + - RSAES-OAEP 3072 bit key with a SHA1 digest. + - RSAES-OAEP 4096 bit key with a SHA1 digest. + - >- + ECDSA on the NIST P-256 curve with a SHA256 digest. Other hash + functions can also be used: + https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + - >- + ECDSA on the NIST P-384 curve with a SHA384 digest. Other hash + functions can also be used: + https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + - >- + ECDSA on the non-NIST secp256k1 curve. This curve is only + supported for HSM protection level. Other hash functions can also + be used: + https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms + - EdDSA on the Curve25519 in pure mode (taking data as input). + - HMAC-SHA256 signing with a 256 bit key. + - HMAC-SHA1 signing with a 160 bit key. + - HMAC-SHA384 signing with a 384 bit key. + - HMAC-SHA512 signing with a 512 bit key. + - HMAC-SHA224 signing with a 224 bit key. + - >- + Algorithm representing symmetric encryption by an external key + manager. + - ML-KEM-768 (FIPS 203) + - ML-KEM-1024 (FIPS 203) + - >- + X-Wing hybrid KEM combining ML-KEM-768 with X25519 following + datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 1. Randomized version. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 3. Randomized version. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 5. Randomized version. + - >- + The post-quantum stateless hash-based digital signature algorithm, + at security level 1. Randomized version. + - >- + The post-quantum stateless hash-based digital signature algorithm, + at security level 1. Randomized pre-hash version supporting SHA256 + digests. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 1. Randomized version supporting + externally-computed message representatives. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 3. Randomized version supporting + externally-computed message representatives. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 5. Randomized version supporting + externally-computed message representatives. type: string - format: int64 - verifiedDigestCrc32c: description: >- - Integrity verification field. A flag indicating whether - AsymmetricSignRequest.digest_crc32c was received by - KeyManagementService and used for the integrity verification of the - digest. A false value of this field indicates either that - AsymmetricSignRequest.digest_crc32c was left unset or that it was - not delivered to KeyManagementService. If you've set - AsymmetricSignRequest.digest_crc32c but this field is still false, - discard the response and perform a limited number of retries. - type: boolean - name: + Required. The algorithm of the key being imported. This does not + need to match the version_template of the CryptoKey this version + imports into. + rsaAesWrappedKey: description: >- - The resource name of the CryptoKeyVersion used for signing. Check - this field to verify that the intended resource was used for - signing. + Optional. This field has the same meaning as wrapped_key. Prefer to + use that field in new work. Either that field or this field (but not + both) must be specified. type: string - verifiedDataCrc32c: - description: >- - Integrity verification field. A flag indicating whether - AsymmetricSignRequest.data_crc32c was received by - KeyManagementService and used for the integrity verification of the - data. A false value of this field indicates either that - AsymmetricSignRequest.data_crc32c was left unset or that it was not - delivered to KeyManagementService. If you've set - AsymmetricSignRequest.data_crc32c but this field is still false, - discard the response and perform a limited number of retries. - type: boolean - protectionLevel: - description: The ProtectionLevel of the CryptoKeyVersion used for signing. + format: byte + cryptoKeyVersion: type: string - enumDescriptions: - - Not specified. - - Crypto operations are performed in software. - - Crypto operations are performed in a Hardware Security Module. - - Crypto operations are performed by an external key manager. - - Crypto operations are performed in an EKM-over-VPC backend. - enum: - - PROTECTION_LEVEL_UNSPECIFIED - - SOFTWARE - - HSM - - EXTERNAL - - EXTERNAL_VPC - AsymmetricDecryptRequest: - id: AsymmetricDecryptRequest - description: Request message for KeyManagementService.AsymmetricDecrypt. - type: object + description: >- + Optional. The optional name of an existing CryptoKeyVersion to + target for an import operation. If this field is not present, a new + CryptoKeyVersion containing the supplied key material is created. If + this field is present, the supplied key material is imported into + the existing CryptoKeyVersion. To import into an existing + CryptoKeyVersion, the CryptoKeyVersion must be a child of + ImportCryptoKeyVersionRequest.parent, have been previously created + via ImportCryptoKeyVersion, and be in DESTROYED or IMPORT_FAILED + state. The key material and algorithm must match the previous + CryptoKeyVersion exactly if the CryptoKeyVersion has ever contained + key material. + DecryptRequest: + id: DecryptRequest properties: - ciphertext: + additionalAuthenticatedData: description: >- - Required. The data encrypted with the named CryptoKeyVersion's - public key using OAEP. + Optional. Optional data that must match the data originally supplied + in EncryptRequest.additional_authenticated_data. type: string format: byte + ciphertext: + description: >- + Required. The encrypted data originally returned in + EncryptResponse.ciphertext. + format: byte + type: string ciphertextCrc32c: + format: int64 + type: string description: >- Optional. An optional CRC32C checksum of the - AsymmetricDecryptRequest.ciphertext. If specified, + DecryptRequest.ciphertext. If specified, KeyManagementService will + verify the integrity of the received DecryptRequest.ciphertext using + this checksum. KeyManagementService will report an error if the + checksum verification fails. If you receive a checksum error, your + client should verify that CRC32C(DecryptRequest.ciphertext) is equal + to DecryptRequest.ciphertext_crc32c, and if so, perform a limited + number of retries. A persistent mismatch may indicate an issue in + your computation of the CRC32C checksum. Note: This field is defined + as int64 for reasons of compatibility across different languages. + However, it is a non-negative integer, which will never exceed + 2^32-1, and can be safely downconverted to uint32 in languages that + support this type. + additionalAuthenticatedDataCrc32c: + format: int64 + type: string + description: >- + Optional. An optional CRC32C checksum of the + DecryptRequest.additional_authenticated_data. If specified, KeyManagementService will verify the integrity of the received - AsymmetricDecryptRequest.ciphertext using this checksum. + DecryptRequest.additional_authenticated_data using this checksum. KeyManagementService will report an error if the checksum verification fails. If you receive a checksum error, your client - should verify that CRC32C(AsymmetricDecryptRequest.ciphertext) is - equal to AsymmetricDecryptRequest.ciphertext_crc32c, and if so, + should verify that + CRC32C(DecryptRequest.additional_authenticated_data) is equal to + DecryptRequest.additional_authenticated_data_crc32c, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type. - type: string - format: int64 - AsymmetricDecryptResponse: - id: AsymmetricDecryptResponse - description: Response message for KeyManagementService.AsymmetricDecrypt. - type: object - properties: - plaintext: - description: >- - The decrypted data originally encrypted with the matching public - key. - type: string - format: byte - plaintextCrc32c: - description: >- - Integrity verification field. A CRC32C checksum of the returned - AsymmetricDecryptResponse.plaintext. An integrity check of - AsymmetricDecryptResponse.plaintext can be performed by computing - the CRC32C checksum of AsymmetricDecryptResponse.plaintext and - comparing your results to this field. Discard the response in case - of non-matching checksum values, and perform a limited number of - retries. A persistent mismatch may indicate an issue in your - computation of the CRC32C checksum. Note: This field is defined as - int64 for reasons of compatibility across different languages. - However, it is a non-negative integer, which will never exceed - 2^32-1, and can be safely downconverted to uint32 in languages that - support this type. - type: string - format: int64 - verifiedCiphertextCrc32c: - description: >- - Integrity verification field. A flag indicating whether - AsymmetricDecryptRequest.ciphertext_crc32c was received by - KeyManagementService and used for the integrity verification of the - ciphertext. A false value of this field indicates either that - AsymmetricDecryptRequest.ciphertext_crc32c was left unset or that it - was not delivered to KeyManagementService. If you've set - AsymmetricDecryptRequest.ciphertext_crc32c but this field is still - false, discard the response and perform a limited number of retries. - type: boolean - protectionLevel: - description: The ProtectionLevel of the CryptoKeyVersion used in decryption. - type: string - enumDescriptions: - - Not specified. - - Crypto operations are performed in software. - - Crypto operations are performed in a Hardware Security Module. - - Crypto operations are performed by an external key manager. - - Crypto operations are performed in an EKM-over-VPC backend. - enum: - - PROTECTION_LEVEL_UNSPECIFIED - - SOFTWARE - - HSM - - EXTERNAL - - EXTERNAL_VPC - MacSignRequest: - id: MacSignRequest - description: Request message for KeyManagementService.MacSign. + description: Request message for KeyManagementService.Decrypt. type: object - properties: - data: - description: >- - Required. The data to sign. The MAC tag is computed over this data - field based on the specific algorithm. - type: string - format: byte - dataCrc32c: - description: >- - Optional. An optional CRC32C checksum of the MacSignRequest.data. If - specified, KeyManagementService will verify the integrity of the - received MacSignRequest.data using this checksum. - KeyManagementService will report an error if the checksum - verification fails. If you receive a checksum error, your client - should verify that CRC32C(MacSignRequest.data) is equal to - MacSignRequest.data_crc32c, and if so, perform a limited number of - retries. A persistent mismatch may indicate an issue in your - computation of the CRC32C checksum. Note: This field is defined as - int64 for reasons of compatibility across different languages. - However, it is a non-negative integer, which will never exceed - 2^32-1, and can be safely downconverted to uint32 in languages that - support this type. - type: string - format: int64 MacSignResponse: id: MacSignResponse - description: Response message for KeyManagementService.MacSign. - type: object properties: name: + type: string description: >- The resource name of the CryptoKeyVersion used for signing. Check this field to verify that the intended resource was used for signing. - type: string - mac: - description: The created signature. - type: string - format: byte macCrc32c: + format: int64 description: >- Integrity verification field. A CRC32C checksum of the returned MacSignResponse.mac. An integrity check of MacSignResponse.mac can @@ -2757,7 +2710,27 @@ components: 2^32-1, and can be safely downconverted to uint32 in languages that support this type. type: string - format: int64 + mac: + description: The created signature. + format: byte + type: string + protectionLevel: + description: The ProtectionLevel of the CryptoKeyVersion used for signing. + enum: + - PROTECTION_LEVEL_UNSPECIFIED + - SOFTWARE + - HSM + - EXTERNAL + - EXTERNAL_VPC + - HSM_SINGLE_TENANT + type: string + enumDescriptions: + - Not specified. + - Crypto operations are performed in software. + - Crypto operations are performed in a Hardware Security Module. + - Crypto operations are performed by an external key manager. + - Crypto operations are performed in an EKM-over-VPC backend. + - Crypto operations are performed in a single-tenant HSM. verifiedDataCrc32c: description: >- Integrity verification field. A flag indicating whether @@ -2768,181 +2741,64 @@ components: you've set MacSignRequest.data_crc32c but this field is still false, discard the response and perform a limited number of retries. type: boolean - protectionLevel: - description: The ProtectionLevel of the CryptoKeyVersion used for signing. - type: string - enumDescriptions: - - Not specified. - - Crypto operations are performed in software. - - Crypto operations are performed in a Hardware Security Module. - - Crypto operations are performed by an external key manager. - - Crypto operations are performed in an EKM-over-VPC backend. - enum: - - PROTECTION_LEVEL_UNSPECIFIED - - SOFTWARE - - HSM - - EXTERNAL - - EXTERNAL_VPC - MacVerifyRequest: - id: MacVerifyRequest - description: Request message for KeyManagementService.MacVerify. type: object + description: Response message for KeyManagementService.MacSign. + RawDecryptResponse: + description: Response message for KeyManagementService.RawDecrypt. properties: - data: - description: >- - Required. The data used previously as a MacSignRequest.data to - generate the MAC tag. - type: string - format: byte - dataCrc32c: - description: >- - Optional. An optional CRC32C checksum of the MacVerifyRequest.data. - If specified, KeyManagementService will verify the integrity of the - received MacVerifyRequest.data using this checksum. - KeyManagementService will report an error if the checksum - verification fails. If you receive a checksum error, your client - should verify that CRC32C(MacVerifyRequest.data) is equal to - MacVerifyRequest.data_crc32c, and if so, perform a limited number of - retries. A persistent mismatch may indicate an issue in your - computation of the CRC32C checksum. Note: This field is defined as - int64 for reasons of compatibility across different languages. - However, it is a non-negative integer, which will never exceed - 2^32-1, and can be safely downconverted to uint32 in languages that - support this type. - type: string - format: int64 - mac: - description: Required. The signature to verify. - type: string + plaintext: format: byte - macCrc32c: - description: >- - Optional. An optional CRC32C checksum of the MacVerifyRequest.mac. - If specified, KeyManagementService will verify the integrity of the - received MacVerifyRequest.mac using this checksum. - KeyManagementService will report an error if the checksum - verification fails. If you receive a checksum error, your client - should verify that CRC32C(MacVerifyRequest.mac) is equal to - MacVerifyRequest.mac_crc32c, and if so, perform a limited number of - retries. A persistent mismatch may indicate an issue in your - computation of the CRC32C checksum. Note: This field is defined as - int64 for reasons of compatibility across different languages. - However, it is a non-negative integer, which will never exceed - 2^32-1, and can be safely downconverted to uint32 in languages that - support this type. - type: string - format: int64 - MacVerifyResponse: - id: MacVerifyResponse - description: Response message for KeyManagementService.MacVerify. - type: object - properties: - name: - description: >- - The resource name of the CryptoKeyVersion used for verification. - Check this field to verify that the intended resource was used for - verification. + description: The decrypted data. type: string - success: - description: >- - This field indicates whether or not the verification operation for - MacVerifyRequest.mac over MacVerifyRequest.data was successful. - type: boolean - verifiedDataCrc32c: - description: >- - Integrity verification field. A flag indicating whether - MacVerifyRequest.data_crc32c was received by KeyManagementService - and used for the integrity verification of the data. A false value - of this field indicates either that MacVerifyRequest.data_crc32c was - left unset or that it was not delivered to KeyManagementService. If - you've set MacVerifyRequest.data_crc32c but this field is still - false, discard the response and perform a limited number of retries. - type: boolean - verifiedMacCrc32c: + verifiedCiphertextCrc32c: description: >- Integrity verification field. A flag indicating whether - MacVerifyRequest.mac_crc32c was received by KeyManagementService and - used for the integrity verification of the data. A false value of - this field indicates either that MacVerifyRequest.mac_crc32c was - left unset or that it was not delivered to KeyManagementService. If - you've set MacVerifyRequest.mac_crc32c but this field is still - false, discard the response and perform a limited number of retries. - type: boolean - verifiedSuccessIntegrity: - description: >- - Integrity verification field. This value is used for the integrity - verification of [MacVerifyResponse.success]. If the value of this - field contradicts the value of [MacVerifyResponse.success], discard - the response and perform a limited number of retries. + RawDecryptRequest.ciphertext_crc32c was received by + KeyManagementService and used for the integrity verification of the + ciphertext. A false value of this field indicates either that + RawDecryptRequest.ciphertext_crc32c was left unset or that it was + not delivered to KeyManagementService. If you've set + RawDecryptRequest.ciphertext_crc32c but this field is still false, + discard the response and perform a limited number of retries. type: boolean protectionLevel: - description: The ProtectionLevel of the CryptoKeyVersion used for verification. - type: string - enumDescriptions: - - Not specified. - - Crypto operations are performed in software. - - Crypto operations are performed in a Hardware Security Module. - - Crypto operations are performed by an external key manager. - - Crypto operations are performed in an EKM-over-VPC backend. + description: The ProtectionLevel of the CryptoKeyVersion used in decryption. enum: - PROTECTION_LEVEL_UNSPECIFIED - SOFTWARE - HSM - EXTERNAL - EXTERNAL_VPC - DecapsulateRequest: - id: DecapsulateRequest - description: Request message for KeyManagementService.Decapsulate. - type: object - properties: - ciphertext: - description: >- - Required. The ciphertext produced from encapsulation with the named - CryptoKeyVersion public key(s). + - HSM_SINGLE_TENANT type: string - format: byte - ciphertextCrc32c: + enumDescriptions: + - Not specified. + - Crypto operations are performed in software. + - Crypto operations are performed in a Hardware Security Module. + - Crypto operations are performed by an external key manager. + - Crypto operations are performed in an EKM-over-VPC backend. + - Crypto operations are performed in a single-tenant HSM. + verifiedAdditionalAuthenticatedDataCrc32c: description: >- - Optional. A CRC32C checksum of the DecapsulateRequest.ciphertext. If - specified, KeyManagementService will verify the integrity of the - received DecapsulateRequest.ciphertext using this checksum. - KeyManagementService will report an error if the checksum - verification fails. If you receive a checksum error, your client - should verify that CRC32C(DecapsulateRequest.ciphertext) is equal to - DecapsulateRequest.ciphertext_crc32c, and if so, perform a limited - number of retries. A persistent mismatch may indicate an issue in - your computation of the CRC32C checksum. Note: This field is defined - as int64 for reasons of compatibility across different languages. - However, it is a non-negative integer, which will never exceed - 2^32-1, and can be safely downconverted to uint32 in languages that - support this type. - type: string + Integrity verification field. A flag indicating whether + RawDecryptRequest.additional_authenticated_data_crc32c was received + by KeyManagementService and used for the integrity verification of + additional_authenticated_data. A false value of this field indicates + either that // + RawDecryptRequest.additional_authenticated_data_crc32c was left + unset or that it was not delivered to KeyManagementService. If + you've set RawDecryptRequest.additional_authenticated_data_crc32c + but this field is still false, discard the response and perform a + limited number of retries. + type: boolean + plaintextCrc32c: format: int64 - DecapsulateResponse: - id: DecapsulateResponse - description: Response message for KeyManagementService.Decapsulate. - type: object - properties: - name: - description: >- - The resource name of the CryptoKeyVersion used for decapsulation. - Check this field to verify that the intended resource was used for - decapsulation. - type: string - sharedSecret: - description: >- - The decapsulated shared_secret originally encapsulated with the - matching public key. - type: string - format: byte - sharedSecretCrc32c: description: >- Integrity verification field. A CRC32C checksum of the returned - DecapsulateResponse.shared_secret. An integrity check of - DecapsulateResponse.shared_secret can be performed by computing the - CRC32C checksum of DecapsulateResponse.shared_secret and comparing - your results to this field. Discard the response in case of - non-matching checksum values, and perform a limited number of + RawDecryptResponse.plaintext. An integrity check of plaintext can be + performed by computing the CRC32C checksum of plaintext and + comparing your results to this field. Discard the response in case + of non-matching checksum values, and perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: receiving this response message indicates that KeyManagementService is able to successfully @@ -2951,90 +2807,173 @@ components: a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type. type: string - format: int64 - verifiedCiphertextCrc32c: + verifiedInitializationVectorCrc32c: + type: boolean description: >- Integrity verification field. A flag indicating whether - DecapsulateRequest.ciphertext_crc32c was received by - KeyManagementService and used for the integrity verification of the - ciphertext. A false value of this field indicates either that - DecapsulateRequest.ciphertext_crc32c was left unset or that it was - not delivered to KeyManagementService. If you've set - DecapsulateRequest.ciphertext_crc32c but this field is still false, - discard the response and perform a limited number of retries. - type: boolean - protectionLevel: - description: The ProtectionLevel of the CryptoKeyVersion used in decapsulation. - type: string - enumDescriptions: - - Not specified. - - Crypto operations are performed in software. - - Crypto operations are performed in a Hardware Security Module. - - Crypto operations are performed by an external key manager. - - Crypto operations are performed in an EKM-over-VPC backend. - enum: - - PROTECTION_LEVEL_UNSPECIFIED - - SOFTWARE - - HSM - - EXTERNAL - - EXTERNAL_VPC - GenerateRandomBytesRequest: - id: GenerateRandomBytesRequest - description: Request message for KeyManagementService.GenerateRandomBytes. + RawDecryptRequest.initialization_vector_crc32c was received by + KeyManagementService and used for the integrity verification of + initialization_vector. A false value of this field indicates either + that RawDecryptRequest.initialization_vector_crc32c was left unset + or that it was not delivered to KeyManagementService. If you've set + RawDecryptRequest.initialization_vector_crc32c but this field is + still false, discard the response and perform a limited number of + retries. + id: RawDecryptResponse + type: object + TestIamPermissionsResponse: + id: TestIamPermissionsResponse + description: Response message for `TestIamPermissions` method. type: object properties: - lengthBytes: + permissions: + items: + type: string description: >- - The length in bytes of the amount of randomness to retrieve. Minimum - 8 bytes, maximum 1024 bytes. - type: integer + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + type: array + Status: + properties: + details: + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: array + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + code: + description: The status code, which should be an enum value of google.rpc.Code. format: int32 - protectionLevel: + type: integer + message: + type: string description: >- - The ProtectionLevel to use when generating the random data. - Currently, only HSM protection level is supported. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: object + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + id: Status + EncryptResponse: + description: Response message for KeyManagementService.Encrypt. + properties: + name: + description: >- + The resource name of the CryptoKeyVersion used in encryption. Check + this field to verify that the intended resource was used for + encryption. type: string + protectionLevel: enumDescriptions: - Not specified. - Crypto operations are performed in software. - Crypto operations are performed in a Hardware Security Module. - Crypto operations are performed by an external key manager. - Crypto operations are performed in an EKM-over-VPC backend. + - Crypto operations are performed in a single-tenant HSM. + description: The ProtectionLevel of the CryptoKeyVersion used in encryption. enum: - PROTECTION_LEVEL_UNSPECIFIED - SOFTWARE - HSM - EXTERNAL - EXTERNAL_VPC - GenerateRandomBytesResponse: - id: GenerateRandomBytesResponse - description: Response message for KeyManagementService.GenerateRandomBytes. + - HSM_SINGLE_TENANT + type: string + ciphertextCrc32c: + description: >- + Integrity verification field. A CRC32C checksum of the returned + EncryptResponse.ciphertext. An integrity check of + EncryptResponse.ciphertext can be performed by computing the CRC32C + checksum of EncryptResponse.ciphertext and comparing your results to + this field. Discard the response in case of non-matching checksum + values, and perform a limited number of retries. A persistent + mismatch may indicate an issue in your computation of the CRC32C + checksum. Note: This field is defined as int64 for reasons of + compatibility across different languages. However, it is a + non-negative integer, which will never exceed 2^32-1, and can be + safely downconverted to uint32 in languages that support this type. + format: int64 + type: string + ciphertext: + description: The encrypted data. + type: string + format: byte + verifiedAdditionalAuthenticatedDataCrc32c: + type: boolean + description: >- + Integrity verification field. A flag indicating whether + EncryptRequest.additional_authenticated_data_crc32c was received by + KeyManagementService and used for the integrity verification of the + AAD. A false value of this field indicates either that + EncryptRequest.additional_authenticated_data_crc32c was left unset + or that it was not delivered to KeyManagementService. If you've set + EncryptRequest.additional_authenticated_data_crc32c but this field + is still false, discard the response and perform a limited number of + retries. + verifiedPlaintextCrc32c: + type: boolean + description: >- + Integrity verification field. A flag indicating whether + EncryptRequest.plaintext_crc32c was received by KeyManagementService + and used for the integrity verification of the plaintext. A false + value of this field indicates either that + EncryptRequest.plaintext_crc32c was left unset or that it was not + delivered to KeyManagementService. If you've set + EncryptRequest.plaintext_crc32c but this field is still false, + discard the response and perform a limited number of retries. + id: EncryptResponse + type: object + ShowEffectiveAutokeyConfigResponse: + description: Response message for ShowEffectiveAutokeyConfig. + id: ShowEffectiveAutokeyConfigResponse type: object properties: - data: - description: The generated data. + keyProject: + description: >- + Name of the key project configured in the resource project's folder + ancestry. + type: string + DecapsulateRequest: + properties: + ciphertextCrc32c: type: string - format: byte - dataCrc32c: description: >- - Integrity verification field. A CRC32C checksum of the returned - GenerateRandomBytesResponse.data. An integrity check of - GenerateRandomBytesResponse.data can be performed by computing the - CRC32C checksum of GenerateRandomBytesResponse.data and comparing - your results to this field. Discard the response in case of - non-matching checksum values, and perform a limited number of - retries. A persistent mismatch may indicate an issue in your - computation of the CRC32C checksum. Note: This field is defined as - int64 for reasons of compatibility across different languages. + Optional. A CRC32C checksum of the DecapsulateRequest.ciphertext. If + specified, KeyManagementService will verify the integrity of the + received DecapsulateRequest.ciphertext using this checksum. + KeyManagementService will report an error if the checksum + verification fails. If you receive a checksum error, your client + should verify that CRC32C(DecapsulateRequest.ciphertext) is equal to + DecapsulateRequest.ciphertext_crc32c, and if so, perform a limited + number of retries. A persistent mismatch may indicate an issue in + your computation of the CRC32C checksum. Note: This field is defined + as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type. - type: string format: int64 - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. + ciphertext: + format: byte + type: string + description: >- + Required. The ciphertext produced from encapsulation with the named + CryptoKeyVersion public key(s). + description: Request message for KeyManagementService.Decapsulate. type: object + id: DecapsulateRequest + ListLocationsResponse: properties: locations: description: >- @@ -3046,243 +2985,151 @@ components: nextPageToken: description: The standard List next-page token. type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + type: object + id: ListLocationsResponse + description: The response message for Locations.ListLocations. + ChecksummedData: + id: ChecksummedData type: object properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + data: + format: byte type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + description: Raw Data. + crc32cChecksum: type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: + format: int64 description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. + Integrity verification field. A CRC32C checksum of the returned + ChecksummedData.data. An integrity check of ChecksummedData.data can + be performed by computing the CRC32C checksum of + ChecksummedData.data and comparing your results to this field. + Discard the response in case of non-matching checksum values, and + perform a limited number of retries. A persistent mismatch may + indicate an issue in your computation of the CRC32C checksum. Note: + This field is defined as int64 for reasons of compatibility across + different languages. However, it is a non-negative integer, which + will never exceed `2^32-1`, and can be safely downconverted to + uint32 in languages that support this type. + description: Data with integrity verification field. + ListCryptoKeysResponse: type: object + description: Response message for KeyManagementService.ListCryptoKeys. + id: ListCryptoKeysResponse properties: - policy: + cryptoKeys: + items: + $ref: '#/components/schemas/CryptoKey' + description: The list of CryptoKeys. + type: array + totalSize: + format: int32 + type: integer description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: + The total number of CryptoKeys that matched the query. This field is + not populated if ListCryptoKeysRequest.filter is applied. + nextPageToken: description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` + A token to retrieve next page of results. Pass this value in + ListCryptoKeysRequest.page_token to retrieve the next page of + results. type: string - format: google-fieldmask - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). - type: object + Digest: properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: - description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. - type: array - items: - $ref: '#/components/schemas/AuditConfig' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + sha512: + format: byte + description: A message digest produced with the SHA-512 algorithm. type: string + sha256: format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + type: string + description: A message digest produced with the SHA-256 algorithm. + sha384: + format: byte + description: A message digest produced with the SHA-384 algorithm. + type: string + id: Digest + type: object + description: A Digest holds a cryptographic message digest. + AsymmetricDecryptResponse: + description: Response message for KeyManagementService.AsymmetricDecrypt. + id: AsymmetricDecryptResponse type: object properties: - role: + protectionLevel: + enumDescriptions: + - Not specified. + - Crypto operations are performed in software. + - Crypto operations are performed in a Hardware Security Module. + - Crypto operations are performed by an external key manager. + - Crypto operations are performed in an EKM-over-VPC backend. + - Crypto operations are performed in a single-tenant HSM. + enum: + - PROTECTION_LEVEL_UNSPECIFIED + - SOFTWARE + - HSM + - EXTERNAL + - EXTERNAL_VPC + - HSM_SINGLE_TENANT + description: The ProtectionLevel of the CryptoKeyVersion used in decryption. + type: string + plaintextCrc32c: + type: string description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + Integrity verification field. A CRC32C checksum of the returned + AsymmetricDecryptResponse.plaintext. An integrity check of + AsymmetricDecryptResponse.plaintext can be performed by computing + the CRC32C checksum of AsymmetricDecryptResponse.plaintext and + comparing your results to this field. Discard the response in case + of non-matching checksum values, and perform a limited number of + retries. A persistent mismatch may indicate an issue in your + computation of the CRC32C checksum. Note: This field is defined as + int64 for reasons of compatibility across different languages. + However, it is a non-negative integer, which will never exceed + 2^32-1, and can be safely downconverted to uint32 in languages that + support this type. + format: int64 + verifiedCiphertextCrc32c: + description: >- + Integrity verification field. A flag indicating whether + AsymmetricDecryptRequest.ciphertext_crc32c was received by + KeyManagementService and used for the integrity verification of the + ciphertext. A false value of this field indicates either that + AsymmetricDecryptRequest.ciphertext_crc32c was left unset or that it + was not delivered to KeyManagementService. If you've set + AsymmetricDecryptRequest.ciphertext_crc32c but this field is still + false, discard the response and perform a limited number of retries. + type: boolean + plaintext: + description: >- + The decrypted data originally encrypted with the matching public + key. + format: byte type: string - members: + ListEkmConnectionsResponse: + type: object + id: ListEkmConnectionsResponse + description: Response message for EkmService.ListEkmConnections. + properties: + totalSize: + type: integer + format: int32 description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array + The total number of EkmConnections that matched the query. This + field is not populated if ListEkmConnectionsRequest.filter is + applied. + ekmConnections: + description: The list of EkmConnections. items: - type: string - condition: + $ref: '#/components/schemas/EkmConnection' + type: array + nextPageToken: description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' + A token to retrieve next page of results. Pass this value in + ListEkmConnectionsRequest.page_token to retrieve the next page of + results. + type: string Expr: - id: Expr description: >- Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of @@ -3301,159 +3148,444 @@ components: be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. type: object + id: Expr + properties: + title: + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + type: string + location: + type: string + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + description: + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + expression: + description: >- + Textual representation of an expression in Common Expression + Language syntax. + type: string + AsymmetricDecryptRequest: + description: Request message for KeyManagementService.AsymmetricDecrypt. + properties: + ciphertextCrc32c: + format: int64 + description: >- + Optional. An optional CRC32C checksum of the + AsymmetricDecryptRequest.ciphertext. If specified, + KeyManagementService will verify the integrity of the received + AsymmetricDecryptRequest.ciphertext using this checksum. + KeyManagementService will report an error if the checksum + verification fails. If you receive a checksum error, your client + should verify that CRC32C(AsymmetricDecryptRequest.ciphertext) is + equal to AsymmetricDecryptRequest.ciphertext_crc32c, and if so, + perform a limited number of retries. A persistent mismatch may + indicate an issue in your computation of the CRC32C checksum. Note: + This field is defined as int64 for reasons of compatibility across + different languages. However, it is a non-negative integer, which + will never exceed 2^32-1, and can be safely downconverted to uint32 + in languages that support this type. + type: string + ciphertext: + type: string + description: >- + Required. The data encrypted with the named CryptoKeyVersion's + public key using OAEP. + format: byte + id: AsymmetricDecryptRequest + type: object + CryptoKey: + properties: + nextRotationTime: + format: google-datetime + description: >- + At next_rotation_time, the Key Management Service will + automatically: 1. Create a new version of this CryptoKey. 2. Mark + the new version as primary. Key rotations performed manually via + CreateCryptoKeyVersion and UpdateCryptoKeyPrimaryVersion do not + affect next_rotation_time. Keys with purpose ENCRYPT_DECRYPT support + automatic rotation. For other keys, this field must be omitted. + type: string + primary: + $ref: '#/components/schemas/CryptoKeyVersion' + description: >- + Output only. A copy of the "primary" CryptoKeyVersion that will be + used by Encrypt when this CryptoKey is given in EncryptRequest.name. + The CryptoKey's primary version can be updated via + UpdateCryptoKeyPrimaryVersion. Keys with purpose ENCRYPT_DECRYPT may + have a primary. For other keys, this field will be omitted. + readOnly: true + rotationPeriod: + format: google-duration + description: >- + next_rotation_time will be advanced by this period when the service + automatically rotates a key. Must be at least 24 hours and at most + 876,000 hours. If rotation_period is set, next_rotation_time must + also be set. Keys with purpose ENCRYPT_DECRYPT support automatic + rotation. For other keys, this field must be omitted. + type: string + labels: + type: object + description: >- + Labels with user-defined metadata. For more information, see + [Labeling Keys](https://cloud.google.com/kms/docs/labeling-keys). + additionalProperties: + type: string + name: + readOnly: true + description: >- + Output only. The resource name for this CryptoKey in the format + `projects/*/locations/*/keyRings/*/cryptoKeys/*`. + type: string + destroyScheduledDuration: + description: >- + Immutable. The period of time that versions of this key spend in the + DESTROY_SCHEDULED state before transitioning to DESTROYED. If not + specified at creation time, the default duration is 30 days. + type: string + format: google-duration + importOnly: + description: Immutable. Whether this key may contain imported versions only. + type: boolean + purpose: + type: string + enum: + - CRYPTO_KEY_PURPOSE_UNSPECIFIED + - ENCRYPT_DECRYPT + - ASYMMETRIC_SIGN + - ASYMMETRIC_DECRYPT + - RAW_ENCRYPT_DECRYPT + - MAC + - KEY_ENCAPSULATION + description: Immutable. The immutable purpose of this CryptoKey. + enumDescriptions: + - Not specified. + - CryptoKeys with this purpose may be used with Encrypt and Decrypt. + - >- + CryptoKeys with this purpose may be used with AsymmetricSign and + GetPublicKey. + - >- + CryptoKeys with this purpose may be used with AsymmetricDecrypt + and GetPublicKey. + - >- + CryptoKeys with this purpose may be used with RawEncrypt and + RawDecrypt. This purpose is meant to be used for interoperable + symmetric encryption and does not support automatic CryptoKey + rotation. + - CryptoKeys with this purpose may be used with MacSign. + - >- + CryptoKeys with this purpose may be used with GetPublicKey and + Decapsulate. + versionTemplate: + description: >- + A template describing settings for new CryptoKeyVersion instances. + The properties of new CryptoKeyVersion instances created by either + CreateCryptoKeyVersion or auto-rotation are controlled by this + template. + $ref: '#/components/schemas/CryptoKeyVersionTemplate' + createTime: + description: Output only. The time at which this CryptoKey was created. + readOnly: true + type: string + format: google-datetime + keyAccessJustificationsPolicy: + $ref: '#/components/schemas/KeyAccessJustificationsPolicy' + description: >- + Optional. The policy used for Key Access Justifications Policy + Enforcement. If this field is present and this key is enrolled in + Key Access Justifications Policy Enforcement, the policy will be + evaluated in encrypt, decrypt, and sign operations, and the + operation will fail if rejected by the policy. The policy is defined + by specifying zero or more allowed justification codes. + https://cloud.google.com/assured-workloads/key-access-justifications/docs/justification-codes + By default, this field is absent, and all justification codes are + allowed. + cryptoKeyBackend: + description: >- + Immutable. The resource name of the backend environment where the + key material for all CryptoKeyVersions associated with this + CryptoKey reside and where all related cryptographic operations are + performed. Only applicable if CryptoKeyVersions have a + ProtectionLevel of EXTERNAL_VPC, with the resource name in the + format `projects/*/locations/*/ekmConnections/*`. Only applicable if + CryptoKeyVersions have a ProtectionLevel of HSM_SINGLE_TENANT, with + the resource name in the format + `projects/*/locations/*/singleTenantHsmInstances/*`. Note, this list + is non-exhaustive and may apply to additional ProtectionLevels in + the future. + type: string + description: >- + A CryptoKey represents a logical key that can be used for cryptographic + operations. A CryptoKey is made up of zero or more versions, which + represent the actual key material used in cryptographic operations. + id: CryptoKey + type: object + EncryptRequest: + id: EncryptRequest + type: object + description: Request message for KeyManagementService.Encrypt. properties: - expression: + plaintext: description: >- - Textual representation of an expression in Common Expression - Language syntax. + Required. The data to encrypt. Must be no larger than 64KiB. The + maximum size depends on the key version's protection_level. For + SOFTWARE, EXTERNAL, and EXTERNAL_VPC keys, the plaintext must be no + larger than 64KiB. For HSM keys, the combined length of the + plaintext and additional_authenticated_data fields must be no larger + than 8KiB. + format: byte type: string - title: + plaintextCrc32c: + format: int64 description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + Optional. An optional CRC32C checksum of the + EncryptRequest.plaintext. If specified, KeyManagementService will + verify the integrity of the received EncryptRequest.plaintext using + this checksum. KeyManagementService will report an error if the + checksum verification fails. If you receive a checksum error, your + client should verify that CRC32C(EncryptRequest.plaintext) is equal + to EncryptRequest.plaintext_crc32c, and if so, perform a limited + number of retries. A persistent mismatch may indicate an issue in + your computation of the CRC32C checksum. Note: This field is defined + as int64 for reasons of compatibility across different languages. + However, it is a non-negative integer, which will never exceed + 2^32-1, and can be safely downconverted to uint32 in languages that + support this type. type: string - description: + additionalAuthenticatedDataCrc32c: description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + Optional. An optional CRC32C checksum of the + EncryptRequest.additional_authenticated_data. If specified, + KeyManagementService will verify the integrity of the received + EncryptRequest.additional_authenticated_data using this checksum. + KeyManagementService will report an error if the checksum + verification fails. If you receive a checksum error, your client + should verify that + CRC32C(EncryptRequest.additional_authenticated_data) is equal to + EncryptRequest.additional_authenticated_data_crc32c, and if so, + perform a limited number of retries. A persistent mismatch may + indicate an issue in your computation of the CRC32C checksum. Note: + This field is defined as int64 for reasons of compatibility across + different languages. However, it is a non-negative integer, which + will never exceed 2^32-1, and can be safely downconverted to uint32 + in languages that support this type. + format: int64 type: string - location: + additionalAuthenticatedData: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + Optional. Optional data that, if specified, must also be provided + during decryption through + DecryptRequest.additional_authenticated_data. The maximum size + depends on the key version's protection_level. For SOFTWARE, + EXTERNAL, and EXTERNAL_VPC keys the AAD must be no larger than + 64KiB. For HSM keys, the combined length of the plaintext and + additional_authenticated_data fields must be no larger than 8KiB. type: string - AuditConfig: - id: AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + format: byte + ListKeyHandlesResponse: + id: ListKeyHandlesResponse + description: Response message for Autokey.ListKeyHandles. type: object properties: - service: + nextPageToken: description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. + A token to retrieve next page of results. Pass this value in + ListKeyHandlesRequest.page_token to retrieve the next page of + results. type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array + keyHandles: + description: Resulting KeyHandles. items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - type: object + $ref: '#/components/schemas/KeyHandle' + type: array + RawEncryptRequest: properties: - logType: - description: The log type that this config enables. + additionalAuthenticatedData: + format: byte type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: - type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: + Optional. Optional data that, if specified, must also be provided + during decryption through + RawDecryptRequest.additional_authenticated_data. This field may only + be used in conjunction with an algorithm that accepts additional + authenticated data (for example, AES-GCM). The maximum size depends + on the key version's protection_level. For SOFTWARE keys, the + plaintext must be no larger than 64KiB. For HSM keys, the combined + length of the plaintext and additional_authenticated_data fields + must be no larger than 8KiB. + initializationVector: + type: string + format: byte description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. + Optional. A customer-supplied initialization vector that will be + used for encryption. If it is not provided for AES-CBC and AES-CTR, + one will be generated. It will be returned in + RawEncryptResponse.initialization_vector. + plaintext: + description: >- + Required. The data to encrypt. Must be no larger than 64KiB. The + maximum size depends on the key version's protection_level. For + SOFTWARE keys, the plaintext must be no larger than 64KiB. For HSM + keys, the combined length of the plaintext and + additional_authenticated_data fields must be no larger than 8KiB. + type: string + format: byte + plaintextCrc32c: + format: int64 + description: >- + Optional. An optional CRC32C checksum of the + RawEncryptRequest.plaintext. If specified, KeyManagementService will + verify the integrity of the received plaintext using this checksum. + KeyManagementService will report an error if the checksum + verification fails. If you receive a checksum error, your client + should verify that CRC32C(plaintext) is equal to plaintext_crc32c, + and if so, perform a limited number of retries. A persistent + mismatch may indicate an issue in your computation of the CRC32C + checksum. Note: This field is defined as int64 for reasons of + compatibility across different languages. However, it is a + non-negative integer, which will never exceed 2^32-1, and can be + safely downconverted to uint32 in languages that support this type. + type: string + initializationVectorCrc32c: + description: >- + Optional. An optional CRC32C checksum of the + RawEncryptRequest.initialization_vector. If specified, + KeyManagementService will verify the integrity of the received + initialization_vector using this checksum. KeyManagementService will + report an error if the checksum verification fails. If you receive a + checksum error, your client should verify that + CRC32C(initialization_vector) is equal to + initialization_vector_crc32c, and if so, perform a limited number of + retries. A persistent mismatch may indicate an issue in your + computation of the CRC32C checksum. Note: This field is defined as + int64 for reasons of compatibility across different languages. + However, it is a non-negative integer, which will never exceed + 2^32-1, and can be safely downconverted to uint32 in languages that + support this type. + format: int64 + type: string + additionalAuthenticatedDataCrc32c: + description: >- + Optional. An optional CRC32C checksum of the + RawEncryptRequest.additional_authenticated_data. If specified, + KeyManagementService will verify the integrity of the received + additional_authenticated_data using this checksum. + KeyManagementService will report an error if the checksum + verification fails. If you receive a checksum error, your client + should verify that CRC32C(additional_authenticated_data) is equal to + additional_authenticated_data_crc32c, and if so, perform a limited + number of retries. A persistent mismatch may indicate an issue in + your computation of the CRC32C checksum. Note: This field is defined + as int64 for reasons of compatibility across different languages. + However, it is a non-negative integer, which will never exceed + 2^32-1, and can be safely downconverted to uint32 in languages that + support this type. + format: int64 + type: string + type: object + description: Request message for KeyManagementService.RawEncrypt. + id: RawEncryptRequest + ShowEffectiveKeyAccessJustificationsPolicyConfigResponse: type: object + id: ShowEffectiveKeyAccessJustificationsPolicyConfigResponse + description: >- + Response message for + KeyAccessJustificationsConfig.ShowEffectiveKeyAccessJustificationsPolicyConfig. + properties: + effectiveKajPolicy: + description: The effective KeyAccessJustificationsPolicyConfig. + $ref: '#/components/schemas/KeyAccessJustificationsPolicyConfig' + KeyAccessJustificationsEnrollmentConfig: + description: >- + The configuration of a protection level for a project's Key Access + Justifications enrollment. properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - LocationMetadata: - id: LocationMetadata - description: Cloud KMS metadata for the given google.cloud.location.Location. + auditLogging: + description: Whether the project has KAJ logging enabled. + type: boolean + policyEnforcement: + type: boolean + description: Whether the project is enrolled in KAJ policy enforcement. + type: object + id: KeyAccessJustificationsEnrollmentConfig + MacVerifyRequest: + description: Request message for KeyManagementService.MacVerify. + id: MacVerifyRequest type: object properties: - hsmAvailable: + macCrc32c: + format: int64 description: >- - Indicates whether CryptoKeys with protection_level HSM can be - created in this location. - type: boolean - ekmAvailable: + Optional. An optional CRC32C checksum of the MacVerifyRequest.mac. + If specified, KeyManagementService will verify the integrity of the + received MacVerifyRequest.mac using this checksum. + KeyManagementService will report an error if the checksum + verification fails. If you receive a checksum error, your client + should verify that CRC32C(MacVerifyRequest.mac) is equal to + MacVerifyRequest.mac_crc32c, and if so, perform a limited number of + retries. A persistent mismatch may indicate an issue in your + computation of the CRC32C checksum. Note: This field is defined as + int64 for reasons of compatibility across different languages. + However, it is a non-negative integer, which will never exceed + 2^32-1, and can be safely downconverted to uint32 in languages that + support this type. + type: string + data: + type: string description: >- - Indicates whether CryptoKeys with protection_level EXTERNAL can be - created in this location. - type: boolean + Required. The data used previously as a MacSignRequest.data to + generate the MAC tag. + format: byte + dataCrc32c: + description: >- + Optional. An optional CRC32C checksum of the MacVerifyRequest.data. + If specified, KeyManagementService will verify the integrity of the + received MacVerifyRequest.data using this checksum. + KeyManagementService will report an error if the checksum + verification fails. If you receive a checksum error, your client + should verify that CRC32C(MacVerifyRequest.data) is equal to + MacVerifyRequest.data_crc32c, and if so, perform a limited number of + retries. A persistent mismatch may indicate an issue in your + computation of the CRC32C checksum. Note: This field is defined as + int64 for reasons of compatibility across different languages. + However, it is a non-negative integer, which will never exceed + 2^32-1, and can be safely downconverted to uint32 in languages that + support this type. + format: int64 + type: string + mac: + format: byte + type: string + description: Required. The signature to verify. parameters: + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean access_token: description: OAuth access token. in: query name: access_token schema: type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: callback + name: upload_protocol schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: fields + name: oauth_token schema: type: string key: @@ -3465,18 +3597,27 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + _.xgafv: + description: V1 error format. in: query - name: oauth_token + name: $.xgafv schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + enum: + - '1' + - '2' + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: prettyPrint + name: uploadType schema: - type: boolean + type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -3486,42 +3627,37 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + callback: + description: JSONP in: query - name: uploadType + name: callback schema: type: string - _.xgafv: - description: V1 error format. + alt: + description: Data format for response. in: query - name: $.xgafv + name: alt schema: type: string enum: - - '1' - - '2' + - json + - media + - proto x-stackQL-resources: autokey_config: id: google.cloudkms.autokey_config name: autokey_config title: Autokey_config methods: - update_autokey_config: + get_autokey_config: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1autokeyConfig/patch' + $ref: '#/paths/~1v1~1folders~1{foldersId}~1autokeyConfig/get' response: mediaType: application/json openAPIDocKey: '200' - get_autokey_config: + update_autokey_config: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1autokeyConfig/get' + $ref: '#/paths/~1v1~1folders~1{foldersId}~1autokeyConfig/patch' response: mediaType: application/json openAPIDocKey: '200' @@ -3540,17 +3676,17 @@ components: name: kaj_policy_config title: Kaj_policy_config methods: - get_kaj_policy_config: + update_kaj_policy_config: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1kajPolicyConfig/get + #/paths/~1v1~1organizations~1{organizationsId}~1kajPolicyConfig/patch response: mediaType: application/json openAPIDocKey: '200' - update_kaj_policy_config: + get_kaj_policy_config: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1kajPolicyConfig/patch + #/paths/~1v1~1organizations~1{organizationsId}~1kajPolicyConfig/get response: mediaType: application/json openAPIDocKey: '200' @@ -3569,6 +3705,13 @@ components: name: projects title: Projects methods: + show_effective_key_access_justifications_policy_config: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}:showEffectiveKeyAccessJustificationsPolicyConfig/get + response: + mediaType: application/json + openAPIDocKey: '200' show_effective_autokey_config: operation: $ref: >- @@ -3576,320 +3719,379 @@ components: response: mediaType: application/json openAPIDocKey: '200' - show_effective_key_access_justifications_policy_config: + show_effective_key_access_justifications_enrollment_config: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}:showEffectiveKeyAccessJustificationsEnrollmentConfig/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + locations: + id: google.cloudkms.locations + name: locations + title: Locations + methods: + list: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.locations + get: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + generate_random_bytes: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:generateRandomBytes/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + ekm_config: + id: google.cloudkms.ekm_config + name: ekm_config + title: Ekm_config + methods: + get_ekm_config: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConfig/get + response: + mediaType: application/json + openAPIDocKey: '200' + update_ekm_config: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConfig/patch + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/ekm_config/methods/get_ekm_config' + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/ekm_config/methods/update_ekm_config + replace: [] + delete: [] + key_rings: + id: google.cloudkms.key_rings + name: key_rings + title: Key_rings + methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.keyRings + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}:showEffectiveKeyAccessJustificationsPolicyConfig/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings/post response: mediaType: application/json openAPIDocKey: '200' - show_effective_key_access_justifications_enrollment_config: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}:showEffectiveKeyAccessJustificationsEnrollmentConfig/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] - insert: [] + select: + - $ref: '#/components/x-stackQL-resources/key_rings/methods/get' + - $ref: '#/components/x-stackQL-resources/key_rings/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/key_rings/methods/create' update: [] replace: [] delete: [] - ekm_config: - id: google.cloudkms.ekm_config - name: ekm_config - title: Ekm_config + key_rings_iam_policies: + id: google.cloudkms.key_rings_iam_policies + name: key_rings_iam_policies + title: Key_rings_iam_policies methods: - get_ekm_config: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConfig/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - update_ekm_config: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConfig/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/ekm_config/methods/get_ekm_config' + - $ref: >- + #/components/x-stackQL-resources/key_rings_iam_policies/methods/get_iam_policy insert: [] - update: + update: [] + replace: - $ref: >- - #/components/x-stackQL-resources/ekm_config/methods/update_ekm_config - replace: [] + #/components/x-stackQL-resources/key_rings_iam_policies/methods/set_iam_policy delete: [] - locations: - id: google.cloudkms.locations - name: locations - title: Locations + import_jobs_iam_policies: + id: google.cloudkms.import_jobs_iam_policies + name: import_jobs_iam_policies + title: Import_jobs_iam_policies methods: - generate_random_bytes: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:generateRandomBytes/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1importJobs~1{importJobsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.locations - get: + objectKey: $.bindings + set_iam_policy: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1importJobs~1{importJobsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - operations: - id: google.cloudkms.operations - name: operations - title: Operations - methods: - get: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1importJobs~1{importJobsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: >- + #/components/x-stackQL-resources/import_jobs_iam_policies/methods/get_iam_policy insert: [] update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/import_jobs_iam_policies/methods/set_iam_policy delete: [] - key_handles: - id: google.cloudkms.key_handles - name: key_handles - title: Key_handles + import_jobs: + id: google.cloudkms.import_jobs + name: import_jobs + title: Import_jobs methods: create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyHandles/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1importJobs/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyHandles/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1importJobs/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.keyHandles + objectKey: $.importJobs get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyHandles~1{keyHandlesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1importJobs~1{importJobsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/key_handles/methods/get' - - $ref: '#/components/x-stackQL-resources/key_handles/methods/list' + - $ref: '#/components/x-stackQL-resources/import_jobs/methods/get' + - $ref: '#/components/x-stackQL-resources/import_jobs/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/key_handles/methods/create' + - $ref: '#/components/x-stackQL-resources/import_jobs/methods/create' update: [] replace: [] delete: [] - ekm_connections: - id: google.cloudkms.ekm_connections - name: ekm_connections - title: Ekm_connections + crypto_key_versions: + id: google.cloudkms.crypto_key_versions + name: crypto_key_versions + title: Crypto_key_versions methods: - list: + raw_encrypt: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConnections/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:rawEncrypt/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.ekmConnections - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConnections/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConnections~1{ekmConnectionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConnections~1{ekmConnectionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions/get response: mediaType: application/json openAPIDocKey: '200' - verify_connectivity: + objectKey: $.cryptoKeyVersions + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConnections~1{ekmConnectionsId}:verifyConnectivity/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/ekm_connections/methods/get' - - $ref: '#/components/x-stackQL-resources/ekm_connections/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/ekm_connections/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/ekm_connections/methods/patch' - replace: [] - delete: [] - ekm_connections_iam_policies: - id: google.cloudkms.ekm_connections_iam_policies - name: ekm_connections_iam_policies - title: Ekm_connections_iam_policies - methods: - set_iam_policy: + asymmetric_decrypt: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConnections~1{ekmConnectionsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:asymmetricDecrypt/post response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + destroy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConnections~1{ekmConnectionsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:destroy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + raw_decrypt: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConnections~1{ekmConnectionsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:rawDecrypt/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/ekm_connections_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/ekm_connections_iam_policies/methods/set_iam_policy - delete: [] - key_rings: - id: google.cloudkms.key_rings - name: key_rings - title: Key_rings - methods: - list: + restore: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:restore/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.keyRings - create: + asymmetric_sign: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:asymmetricSign/post response: mediaType: application/json openAPIDocKey: '200' - get: + mac_sign: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:macSign/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/key_rings/methods/get' - - $ref: '#/components/x-stackQL-resources/key_rings/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/key_rings/methods/create' - update: [] - replace: [] - delete: [] - key_rings_iam_policies: - id: google.cloudkms.key_rings_iam_policies - name: key_rings_iam_policies - title: Key_rings_iam_policies - methods: - set_iam_policy: + mac_verify: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:macVerify/post response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions:import/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + decapsulate: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:decapsulate/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/crypto_key_versions/methods/get' + - $ref: '#/components/x-stackQL-resources/crypto_key_versions/methods/list' + insert: + - $ref: >- + #/components/x-stackQL-resources/crypto_key_versions/methods/create + update: + - $ref: '#/components/x-stackQL-resources/crypto_key_versions/methods/patch' + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/crypto_key_versions/methods/destroy + crypto_key_versions_public_key: + id: google.cloudkms.crypto_key_versions_public_key + name: crypto_key_versions_public_key + title: Crypto_key_versions_public_key + methods: + get_public_key: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}~1publicKey/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/key_rings_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/crypto_key_versions_public_key/methods/get_public_key insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/key_rings_iam_policies/methods/set_iam_policy + replace: [] delete: [] crypto_keys: id: google.cloudkms.crypto_keys name: crypto_keys title: Crypto_keys methods: - list: + encrypt: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}:encrypt/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.cryptoKeys - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -3900,31 +4102,32 @@ components: response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys/post response: mediaType: application/json openAPIDocKey: '200' - update_primary_version: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}:updatePrimaryVersion/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys/get response: mediaType: application/json openAPIDocKey: '200' - encrypt: + objectKey: $.cryptoKeys + decrypt: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}:encrypt/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}:decrypt/post response: mediaType: application/json openAPIDocKey: '200' - decrypt: + update_primary_version: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}:decrypt/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}:updatePrimaryVersion/post response: mediaType: application/json openAPIDocKey: '200' @@ -3943,10 +4146,10 @@ components: name: crypto_keys_iam_policies title: Crypto_keys_iam_policies methods: - set_iam_policy: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' @@ -3958,10 +4161,10 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - test_iam_permissions: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' @@ -3975,243 +4178,157 @@ components: - $ref: >- #/components/x-stackQL-resources/crypto_keys_iam_policies/methods/set_iam_policy delete: [] - crypto_key_versions: - id: google.cloudkms.crypto_key_versions - name: crypto_key_versions - title: Crypto_key_versions + key_handles: + id: google.cloudkms.key_handles + name: key_handles + title: Key_handles methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyHandles/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.cryptoKeyVersions + objectKey: $.keyHandles create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyHandles/post response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - import: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions:import/post - response: - mediaType: application/json - openAPIDocKey: '200' - destroy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:destroy/post - response: - mediaType: application/json - openAPIDocKey: '200' - restore: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:restore/post - response: - mediaType: application/json - openAPIDocKey: '200' - raw_encrypt: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:rawEncrypt/post - response: - mediaType: application/json - openAPIDocKey: '200' - raw_decrypt: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:rawDecrypt/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyHandles~1{keyHandlesId}/get response: mediaType: application/json openAPIDocKey: '200' - asymmetric_sign: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/key_handles/methods/get' + - $ref: '#/components/x-stackQL-resources/key_handles/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/key_handles/methods/create' + update: [] + replace: [] + delete: [] + ekm_connections: + id: google.cloudkms.ekm_connections + name: ekm_connections + title: Ekm_connections + methods: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:asymmetricSign/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConnections/get response: mediaType: application/json openAPIDocKey: '200' - asymmetric_decrypt: + objectKey: $.ekmConnections + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:asymmetricDecrypt/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConnections/post response: mediaType: application/json openAPIDocKey: '200' - mac_sign: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:macSign/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConnections~1{ekmConnectionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - mac_verify: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:macVerify/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConnections~1{ekmConnectionsId}/get response: mediaType: application/json openAPIDocKey: '200' - decapsulate: + verify_connectivity: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}:decapsulate/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConnections~1{ekmConnectionsId}:verifyConnectivity/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/crypto_key_versions/methods/get' - - $ref: '#/components/x-stackQL-resources/crypto_key_versions/methods/list' + - $ref: '#/components/x-stackQL-resources/ekm_connections/methods/get' + - $ref: '#/components/x-stackQL-resources/ekm_connections/methods/list' insert: - - $ref: >- - #/components/x-stackQL-resources/crypto_key_versions/methods/create + - $ref: '#/components/x-stackQL-resources/ekm_connections/methods/create' update: - - $ref: '#/components/x-stackQL-resources/crypto_key_versions/methods/patch' - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/crypto_key_versions/methods/destroy - crypto_key_versions_public_key: - id: google.cloudkms.crypto_key_versions_public_key - name: crypto_key_versions_public_key - title: Crypto_key_versions_public_key - methods: - get_public_key: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1cryptoKeys~1{cryptoKeysId}~1cryptoKeyVersions~1{cryptoKeyVersionsId}~1publicKey/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/crypto_key_versions_public_key/methods/get_public_key - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/ekm_connections/methods/patch' replace: [] delete: [] - import_jobs: - id: google.cloudkms.import_jobs - name: import_jobs - title: Import_jobs + ekm_connections_iam_policies: + id: google.cloudkms.ekm_connections_iam_policies + name: ekm_connections_iam_policies + title: Ekm_connections_iam_policies methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1importJobs/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.importJobs - create: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1importJobs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConnections~1{ekmConnectionsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - get: + objectKey: $.bindings + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1importJobs~1{importJobsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConnections~1{ekmConnectionsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/import_jobs/methods/get' - - $ref: '#/components/x-stackQL-resources/import_jobs/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/import_jobs/methods/create' - update: [] - replace: [] - delete: [] - import_jobs_iam_policies: - id: google.cloudkms.import_jobs_iam_policies - name: import_jobs_iam_policies - title: Import_jobs_iam_policies - methods: set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1importJobs~1{importJobsId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - get_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1importJobs~1{importJobsId}:getIamPolicy/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1keyRings~1{keyRingsId}~1importJobs~1{importJobsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConnections~1{ekmConnectionsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/import_jobs_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/ekm_connections_iam_policies/methods/get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/import_jobs_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/ekm_connections_iam_policies/methods/set_iam_policy delete: [] ekm_config_iam_policies: id: google.cloudkms.ekm_config_iam_policies name: ekm_config_iam_policies title: Ekm_config_iam_policies methods: - set_iam_policy: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConfig:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConfig:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConfig:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConfig:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConfig:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ekmConfig:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- @@ -4222,20 +4339,64 @@ components: - $ref: >- #/components/x-stackQL-resources/ekm_config_iam_policies/methods/set_iam_policy delete: [] + operations: + id: google.cloudkms.operations + name: operations + title: Operations + methods: + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + insert: [] + update: [] + replace: [] + delete: [] paths: /v1/folders/{foldersId}/autokeyConfig: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/alt' + get: + description: Returns the AutokeyConfig for a folder. + operationId: cloudkms.folders.getAutokeyConfig + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloudkms + Oauth2c: + - https://www.googleapis.com/auth/cloudkms + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/AutokeyConfig' + parameters: + - in: path + name: foldersId + required: true + schema: + type: string patch: description: >- Updates the AutokeyConfig for a folder. The caller must have both @@ -4277,9 +4438,18 @@ paths: schema: type: string format: google-fieldmask - get: - description: Returns the AutokeyConfig for a folder. - operationId: cloudkms.folders.getAutokeyConfig + /v1/folders/{foldersId}/kajPolicyConfig: + parameters: *ref_1 + patch: + description: >- + Updates the KeyAccessJustificationsPolicyConfig for a given + organization, folder, or project. + operationId: cloudkms.folders.updateKajPolicyConfig + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/KeyAccessJustificationsPolicyConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4295,19 +4465,22 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AutokeyConfig' + $ref: '#/components/schemas/KeyAccessJustificationsPolicyConfig' parameters: - in: path name: foldersId required: true schema: type: string - /v1/folders/{foldersId}/kajPolicyConfig: - parameters: *ref_1 + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: description: >- - Gets the KeyAccessJustificationsPolicyConfig for a given - organization/folder/projects. + Gets the KeyAccessJustificationsPolicyConfig for a given organization, + folder, or project. operationId: cloudkms.folders.getKajPolicyConfig security: - Oauth2: @@ -4331,16 +4504,13 @@ paths: required: true schema: type: string - patch: + /v1/projects/{projectsId}:showEffectiveKeyAccessJustificationsPolicyConfig: + parameters: *ref_1 + get: description: >- - Updates the KeyAccessJustificationsPolicyConfig for a given - organization/folder/projects. - operationId: cloudkms.folders.updateKajPolicyConfig - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/KeyAccessJustificationsPolicyConfig' + Returns the KeyAccessJustificationsPolicyConfig of the resource closest + to the given project in hierarchy. + operationId: cloudkms.projects.showEffectiveKeyAccessJustificationsPolicyConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4356,18 +4526,14 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/KeyAccessJustificationsPolicyConfig' + $ref: >- + #/components/schemas/ShowEffectiveKeyAccessJustificationsPolicyConfigResponse parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask /v1/projects/{projectsId}:showEffectiveAutokeyConfig: parameters: *ref_1 get: @@ -4401,8 +4567,8 @@ paths: parameters: *ref_1 get: description: >- - Gets the KeyAccessJustificationsPolicyConfig for a given - organization/folder/projects. + Gets the KeyAccessJustificationsPolicyConfig for a given organization, + folder, or project. operationId: cloudkms.projects.getKajPolicyConfig security: - Oauth2: @@ -4429,7 +4595,7 @@ paths: patch: description: >- Updates the KeyAccessJustificationsPolicyConfig for a given - organization/folder/projects. + organization, folder, or project. operationId: cloudkms.projects.updateKajPolicyConfig requestBody: content: @@ -4463,13 +4629,13 @@ paths: schema: type: string format: google-fieldmask - /v1/projects/{projectsId}:showEffectiveKeyAccessJustificationsPolicyConfig: + /v1/projects/{projectsId}:showEffectiveKeyAccessJustificationsEnrollmentConfig: parameters: *ref_1 get: description: >- - Returns the KeyAccessJustificationsPolicyConfig of the resource closest - to the given project in hierarchy. - operationId: cloudkms.projects.showEffectiveKeyAccessJustificationsPolicyConfig + Returns the KeyAccessJustificationsEnrollmentConfig of the resource + closest to the given project in hierarchy. + operationId: cloudkms.projects.showEffectiveKeyAccessJustificationsEnrollmentConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4486,20 +4652,18 @@ paths: application/json: schema: $ref: >- - #/components/schemas/ShowEffectiveKeyAccessJustificationsPolicyConfigResponse + #/components/schemas/ShowEffectiveKeyAccessJustificationsEnrollmentConfigResponse parameters: - in: path name: projectsId required: true schema: type: string - /v1/projects/{projectsId}:showEffectiveKeyAccessJustificationsEnrollmentConfig: + /v1/projects/{projectsId}/locations: parameters: *ref_1 get: - description: >- - Returns the KeyAccessJustificationsEnrollmentConfig of the resource - closest to the given project in hierarchy. - operationId: cloudkms.projects.showEffectiveKeyAccessJustificationsEnrollmentConfig + description: Lists information about the supported locations for this service. + operationId: cloudkms.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4515,21 +4679,35 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ShowEffectiveKeyAccessJustificationsEnrollmentConfigResponse + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ekmConfig: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: extraLocationTypes + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}: parameters: *ref_1 get: - description: >- - Returns the EkmConfig singleton resource for a given project and - location. - operationId: cloudkms.projects.locations.getEkmConfig + description: Gets information about a location. + operationId: cloudkms.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4545,7 +4723,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EkmConfig' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId @@ -4557,16 +4735,18 @@ paths: required: true schema: type: string - patch: + /v1/projects/{projectsId}/locations/{locationsId}:generateRandomBytes: + parameters: *ref_1 + post: description: >- - Updates the EkmConfig singleton resource for a given project and - location. - operationId: cloudkms.projects.locations.updateEkmConfig + Generate random bytes using the Cloud KMS randomness source in the + provided location. + operationId: cloudkms.projects.locations.generateRandomBytes requestBody: content: application/json: schema: - $ref: '#/components/schemas/EkmConfig' + $ref: '#/components/schemas/GenerateRandomBytesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4582,7 +4762,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EkmConfig' + $ref: '#/components/schemas/GenerateRandomBytesResponse' parameters: - in: path name: projectsId @@ -4594,23 +4774,50 @@ paths: required: true schema: type: string - - in: query - name: updateMask + /v1/projects/{projectsId}/locations/{locationsId}/ekmConfig: + parameters: *ref_1 + get: + description: >- + Returns the EkmConfig singleton resource for a given project and + location. + operationId: cloudkms.projects.locations.getEkmConfig + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloudkms + Oauth2c: + - https://www.googleapis.com/auth/cloudkms + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/EkmConfig' + parameters: + - in: path + name: projectsId + required: true schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}:generateRandomBytes: - parameters: *ref_1 - post: + - in: path + name: locationsId + required: true + schema: + type: string + patch: description: >- - Generate random bytes using the Cloud KMS randomness source in the - provided location. - operationId: cloudkms.projects.locations.generateRandomBytes + Updates the EkmConfig singleton resource for a given project and + location. + operationId: cloudkms.projects.locations.updateEkmConfig requestBody: content: application/json: schema: - $ref: '#/components/schemas/GenerateRandomBytesRequest' + $ref: '#/components/schemas/EkmConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4626,7 +4833,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GenerateRandomBytesResponse' + $ref: '#/components/schemas/EkmConfig' parameters: - in: path name: projectsId @@ -4638,11 +4845,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/keyRings: parameters: *ref_1 get: - description: Lists information about the supported locations for this service. - operationId: cloudkms.projects.locations.list + description: Lists KeyRings. + operationId: cloudkms.projects.locations.keyRings.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4658,15 +4870,16 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/ListKeyRingsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter + - in: path + name: locationsId + required: true schema: type: string - in: query @@ -4675,18 +4888,25 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query - name: extraLocationTypes + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 - get: - description: Gets information about a location. - operationId: cloudkms.projects.locations.get + - in: query + name: pageToken + schema: + type: string + post: + description: Create a new KeyRing in a given Project and Location. + operationId: cloudkms.projects.locations.keyRings.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/KeyRing' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4702,7 +4922,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/KeyRing' parameters: - in: path name: projectsId @@ -4714,14 +4934,25 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + - in: query + name: keyRingId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}:testIamPermissions: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: cloudkms.projects.locations.operations.get + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: cloudkms.projects.locations.keyRings.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4737,7 +4968,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -4750,25 +4981,23 @@ paths: schema: type: string - in: path - name: operationsId + name: keyRingsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyHandles: + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}:setIamPolicy: parameters: *ref_1 post: description: >- - Creates a new KeyHandle, triggering the provisioning of a new CryptoKey - for CMEK use with the given resource type in the configured key project - and the same location. GetOperation should be used to resolve the - resulting long-running operation and get the resulting KeyHandle and - CryptoKey. - operationId: cloudkms.projects.locations.keyHandles.create + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: cloudkms.projects.locations.keyRings.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/KeyHandle' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4784,7 +5013,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -4796,13 +5025,18 @@ paths: required: true schema: type: string - - in: query - name: keyHandleId + - in: path + name: keyRingsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}:getIamPolicy: + parameters: *ref_1 get: - description: Lists KeyHandles. - operationId: cloudkms.projects.locations.keyHandles.list + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: cloudkms.projects.locations.keyRings.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4818,7 +5052,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListKeyHandlesResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -4830,24 +5064,21 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: keyRingsId + required: true schema: type: string - in: query - name: filter + name: options.requestedPolicyVersion schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyHandles/{keyHandlesId}: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}: parameters: *ref_1 get: - description: Returns the KeyHandle. - operationId: cloudkms.projects.locations.keyHandles.get + description: Returns metadata for a given KeyRing. + operationId: cloudkms.projects.locations.keyRings.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4863,7 +5094,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/KeyHandle' + $ref: '#/components/schemas/KeyRing' parameters: - in: path name: projectsId @@ -4876,15 +5107,17 @@ paths: schema: type: string - in: path - name: keyHandlesId + name: keyRingsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ekmConnections: + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/importJobs/{importJobsId}:getIamPolicy: parameters: *ref_1 get: - description: Lists EkmConnections. - operationId: cloudkms.projects.locations.ekmConnections.list + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: cloudkms.projects.locations.keyRings.importJobs.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4900,7 +5133,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListEkmConnectionsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -4912,31 +5145,34 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: keyRingsId + required: true schema: type: string - - in: query - name: filter + - in: path + name: importJobsId + required: true schema: type: string - in: query - name: orderBy + name: options.requestedPolicyVersion schema: - type: string + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/importJobs/{importJobsId}:setIamPolicy: + parameters: *ref_1 post: - description: Creates a new EkmConnection in a given Project and Location. - operationId: cloudkms.projects.locations.ekmConnections.create + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: cloudkms.projects.locations.keyRings.importJobs.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/EkmConnection' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4952,7 +5188,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EkmConnection' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -4964,55 +5200,28 @@ paths: required: true schema: type: string - - in: query - name: ekmConnectionId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/ekmConnections/{ekmConnectionsId}: - parameters: *ref_1 - get: - description: Returns metadata for a given EkmConnection. - operationId: cloudkms.projects.locations.ekmConnections.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloudkms - Oauth2c: - - https://www.googleapis.com/auth/cloudkms - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/EkmConnection' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - in: path - name: locationsId + name: keyRingsId required: true schema: type: string - in: path - name: ekmConnectionsId + name: importJobsId required: true schema: type: string - patch: - description: Updates an EkmConnection's metadata. - operationId: cloudkms.projects.locations.ekmConnections.patch + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/importJobs: + parameters: *ref_1 + post: + description: >- + Create a new ImportJob within a KeyRing. ImportJob.import_method is + required. + operationId: cloudkms.projects.locations.keyRings.importJobs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/EkmConnection' + $ref: '#/components/schemas/ImportJob' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5028,7 +5237,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EkmConnection' + $ref: '#/components/schemas/ImportJob' parameters: - in: path name: projectsId @@ -5041,25 +5250,17 @@ paths: schema: type: string - in: path - name: ekmConnectionsId + name: keyRingsId required: true schema: type: string - in: query - name: updateMask + name: importJobId schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/ekmConnections/{ekmConnectionsId}:verifyConnectivity: - parameters: *ref_1 get: - description: >- - Verifies that Cloud KMS can successfully connect to the external key - manager specified by an EkmConnection. If there is an error connecting - to the EKM, this method returns a FAILED_PRECONDITION status containing - structured information as described at - https://cloud.google.com/kms/docs/reference/ekm_errors. - operationId: cloudkms.projects.locations.ekmConnections.verifyConnectivity + description: Lists ImportJobs. + operationId: cloudkms.projects.locations.keyRings.importJobs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5075,7 +5276,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VerifyConnectivityResponse' + $ref: '#/components/schemas/ListImportJobsResponse' parameters: - in: path name: projectsId @@ -5088,23 +5289,42 @@ paths: schema: type: string - in: path - name: ekmConnectionsId + name: keyRingsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ekmConnections/{ekmConnectionsId}:setIamPolicy: + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/importJobs/{importJobsId}:testIamPermissions: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: cloudkms.projects.locations.ekmConnections.setIamPolicy + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: cloudkms.projects.locations.keyRings.importJobs.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5120,7 +5340,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -5133,17 +5353,20 @@ paths: schema: type: string - in: path - name: ekmConnectionsId + name: keyRingsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ekmConnections/{ekmConnectionsId}:getIamPolicy: + - in: path + name: importJobsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/importJobs/{importJobsId}: parameters: *ref_1 get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: cloudkms.projects.locations.ekmConnections.getIamPolicy + description: Returns metadata for a given ImportJob. + operationId: cloudkms.projects.locations.keyRings.importJobs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5159,7 +5382,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ImportJob' parameters: - in: path name: projectsId @@ -5172,30 +5395,29 @@ paths: schema: type: string - in: path - name: ekmConnectionsId + name: keyRingsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion + - in: path + name: importJobsId + required: true schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/ekmConnections/{ekmConnectionsId}:testIamPermissions: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:rawEncrypt: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: cloudkms.projects.locations.ekmConnections.testIamPermissions + Encrypts data using portable cryptographic primitives. Most users should + choose Encrypt and Decrypt rather than their raw counterparts. The + CryptoKey.purpose must be RAW_ENCRYPT_DECRYPT. + operationId: >- + cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.rawEncrypt requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/RawEncryptRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5211,7 +5433,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/RawEncryptResponse' parameters: - in: path name: projectsId @@ -5224,15 +5446,25 @@ paths: schema: type: string - in: path - name: ekmConnectionsId + name: keyRingsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings: + - in: path + name: cryptoKeysId + required: true + schema: + type: string + - in: path + name: cryptoKeyVersionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}: parameters: *ref_1 get: - description: Lists KeyRings. - operationId: cloudkms.projects.locations.keyRings.list + description: Returns metadata for a given CryptoKeyVersion. + operationId: cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5248,7 +5480,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListKeyRingsResponse' + $ref: '#/components/schemas/CryptoKeyVersion' parameters: - in: path name: projectsId @@ -5260,31 +5492,32 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: keyRingsId + required: true schema: type: string - - in: query - name: filter + - in: path + name: cryptoKeysId + required: true schema: type: string - - in: query - name: orderBy + - in: path + name: cryptoKeyVersionsId + required: true schema: type: string - post: - description: Create a new KeyRing in a given Project and Location. - operationId: cloudkms.projects.locations.keyRings.create + patch: + description: >- + Update a CryptoKeyVersion's metadata. state may be changed between + ENABLED and DISABLED using this method. See DestroyCryptoKeyVersion and + RestoreCryptoKeyVersion to move between other states. + operationId: cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/KeyRing' + $ref: '#/components/schemas/CryptoKeyVersion' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5300,7 +5533,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/KeyRing' + $ref: '#/components/schemas/CryptoKeyVersion' parameters: - in: path name: projectsId @@ -5312,15 +5545,31 @@ paths: required: true schema: type: string + - in: path + name: keyRingsId + required: true + schema: + type: string + - in: path + name: cryptoKeysId + required: true + schema: + type: string + - in: path + name: cryptoKeyVersionsId + required: true + schema: + type: string - in: query - name: keyRingId + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions: parameters: *ref_1 get: - description: Returns metadata for a given KeyRing. - operationId: cloudkms.projects.locations.keyRings.get + description: Lists CryptoKeyVersions. + operationId: cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5336,7 +5585,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/KeyRing' + $ref: '#/components/schemas/ListCryptoKeyVersionsResponse' parameters: - in: path name: projectsId @@ -5353,19 +5602,42 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}:setIamPolicy: - parameters: *ref_1 + - in: path + name: cryptoKeysId + required: true + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: view + schema: + type: string + - in: query + name: filter + schema: + type: string post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: cloudkms.projects.locations.keyRings.setIamPolicy + Create a new CryptoKeyVersion in a CryptoKey. The server will assign the + next sequential id. If unset, state will be set to ENABLED. + operationId: cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/CryptoKeyVersion' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5381,7 +5653,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/CryptoKeyVersion' parameters: - in: path name: projectsId @@ -5398,13 +5670,25 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}:getIamPolicy: + - in: path + name: cryptoKeysId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:asymmetricDecrypt: parameters: *ref_1 - get: + post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: cloudkms.projects.locations.keyRings.getIamPolicy + Decrypts data that was encrypted with a public key retrieved from + GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose + ASYMMETRIC_DECRYPT. + operationId: >- + cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.asymmetricDecrypt + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AsymmetricDecryptRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5420,7 +5704,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/AsymmetricDecryptResponse' parameters: - in: path name: projectsId @@ -5437,26 +5721,34 @@ paths: required: true schema: type: string - - in: query - name: options.requestedPolicyVersion + - in: path + name: cryptoKeysId + required: true schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}:testIamPermissions: + type: string + - in: path + name: cryptoKeyVersionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:destroy: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: cloudkms.projects.locations.keyRings.testIamPermissions + Schedule a CryptoKeyVersion for destruction. Upon calling this method, + CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and + destroy_time will be set to the time destroy_scheduled_duration in the + future. At that time, the state will automatically change to DESTROYED, + and the key material will be irrevocably destroyed. Before the + destroy_time is reached, RestoreCryptoKeyVersion may be called to + reverse the process. + operationId: >- + cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.destroy requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/DestroyCryptoKeyVersionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5472,7 +5764,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/CryptoKeyVersion' parameters: - in: path name: projectsId @@ -5489,74 +5781,29 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys: - parameters: *ref_1 - get: - description: Lists CryptoKeys. - operationId: cloudkms.projects.locations.keyRings.cryptoKeys.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloudkms - Oauth2c: - - https://www.googleapis.com/auth/cloudkms - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListCryptoKeysResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - in: path - name: locationsId + name: cryptoKeysId required: true schema: type: string - in: path - name: keyRingsId + name: cryptoKeyVersionsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: versionView - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:rawDecrypt: + parameters: *ref_1 post: description: >- - Create a new CryptoKey within a KeyRing. CryptoKey.purpose and - CryptoKey.version_template.algorithm are required. - operationId: cloudkms.projects.locations.keyRings.cryptoKeys.create + Decrypts data that was originally encrypted using a raw cryptographic + mechanism. The CryptoKey.purpose must be RAW_ENCRYPT_DECRYPT. + operationId: >- + cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.rawDecrypt requestBody: content: application/json: schema: - $ref: '#/components/schemas/CryptoKey' + $ref: '#/components/schemas/RawDecryptRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5572,7 +5819,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CryptoKey' + $ref: '#/components/schemas/RawDecryptResponse' parameters: - in: path name: projectsId @@ -5589,21 +5836,30 @@ paths: required: true schema: type: string - - in: query - name: cryptoKeyId + - in: path + name: cryptoKeysId + required: true schema: type: string - - in: query - name: skipInitialVersionCreation - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}: + - in: path + name: cryptoKeyVersionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:restore: parameters: *ref_1 - get: + post: description: >- - Returns metadata for a given CryptoKey, as well as its primary - CryptoKeyVersion. - operationId: cloudkms.projects.locations.keyRings.cryptoKeys.get + Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state. Upon + restoration of the CryptoKeyVersion, state will be set to DISABLED, and + destroy_time will be cleared. + operationId: >- + cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.restore + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RestoreCryptoKeyVersionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5619,7 +5875,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CryptoKey' + $ref: '#/components/schemas/CryptoKeyVersion' parameters: - in: path name: projectsId @@ -5641,14 +5897,25 @@ paths: required: true schema: type: string - patch: - description: Update a CryptoKey. - operationId: cloudkms.projects.locations.keyRings.cryptoKeys.patch + - in: path + name: cryptoKeyVersionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:asymmetricSign: + parameters: *ref_1 + post: + description: >- + Signs data using a CryptoKeyVersion with CryptoKey.purpose + ASYMMETRIC_SIGN, producing a signature that can be verified with the + public key retrieved from GetPublicKey. + operationId: >- + cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.asymmetricSign requestBody: content: application/json: schema: - $ref: '#/components/schemas/CryptoKey' + $ref: '#/components/schemas/AsymmetricSignRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5664,7 +5931,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CryptoKey' + $ref: '#/components/schemas/AsymmetricSignResponse' parameters: - in: path name: projectsId @@ -5686,23 +5953,25 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: cryptoKeyVersionsId + required: true schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}:updatePrimaryVersion: + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:macSign: parameters: *ref_1 post: description: >- - Update the version of a CryptoKey that will be used in Encrypt. Returns - an error if called on a key whose purpose is not ENCRYPT_DECRYPT. - operationId: cloudkms.projects.locations.keyRings.cryptoKeys.updatePrimaryVersion + Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, + producing a tag that can be verified by another source with the same + key. + operationId: >- + cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.macSign requestBody: content: application/json: schema: - $ref: '#/components/schemas/UpdateCryptoKeyPrimaryVersionRequest' + $ref: '#/components/schemas/MacSignRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5718,7 +5987,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CryptoKey' + $ref: '#/components/schemas/MacSignResponse' parameters: - in: path name: projectsId @@ -5740,18 +6009,25 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}:encrypt: + - in: path + name: cryptoKeyVersionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:macVerify: parameters: *ref_1 post: description: >- - Encrypts data, so that it can only be recovered by a call to Decrypt. - The CryptoKey.purpose must be ENCRYPT_DECRYPT. - operationId: cloudkms.projects.locations.keyRings.cryptoKeys.encrypt + Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, + and returns a response that indicates whether or not the verification + was successful. + operationId: >- + cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.macVerify requestBody: content: application/json: schema: - $ref: '#/components/schemas/EncryptRequest' + $ref: '#/components/schemas/MacVerifyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5767,7 +6043,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EncryptResponse' + $ref: '#/components/schemas/MacVerifyResponse' parameters: - in: path name: projectsId @@ -5789,18 +6065,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}:decrypt: + - in: path + name: cryptoKeyVersionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}/publicKey: parameters: *ref_1 - post: + get: description: >- - Decrypts data that was protected by Encrypt. The CryptoKey.purpose must - be ENCRYPT_DECRYPT. - operationId: cloudkms.projects.locations.keyRings.cryptoKeys.decrypt - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DecryptRequest' + Returns the public key for the given CryptoKeyVersion. The + CryptoKey.purpose must be ASYMMETRIC_SIGN or ASYMMETRIC_DECRYPT. + operationId: >- + cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.getPublicKey security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5816,7 +6093,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DecryptResponse' + $ref: '#/components/schemas/PublicKey' parameters: - in: path name: projectsId @@ -5838,19 +6115,30 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}:setIamPolicy: + - in: path + name: cryptoKeyVersionsId + required: true + schema: + type: string + - in: query + name: publicKeyFormat + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions:import: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: cloudkms.projects.locations.keyRings.cryptoKeys.setIamPolicy + Import wrapped key material into a CryptoKeyVersion. All requests must + specify a CryptoKey. If a CryptoKeyVersion is additionally specified in + the request, key material will be reimported into that version. + Otherwise, a new version will be created, and will be assigned the next + sequential id within the CryptoKey. + operationId: cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.import requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/ImportCryptoKeyVersionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5866,7 +6154,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/CryptoKeyVersion' parameters: - in: path name: projectsId @@ -5888,13 +6176,20 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:decapsulate: parameters: *ref_1 - get: + post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: cloudkms.projects.locations.keyRings.cryptoKeys.getIamPolicy + Decapsulates data that was encapsulated with a public key retrieved from + GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose + KEY_ENCAPSULATION. + operationId: >- + cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.decapsulate + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DecapsulateRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5910,7 +6205,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/DecapsulateResponse' parameters: - in: path name: projectsId @@ -5932,26 +6227,23 @@ paths: required: true schema: type: string - - in: query - name: options.requestedPolicyVersion + - in: path + name: cryptoKeyVersionsId + required: true schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}:testIamPermissions: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}:encrypt: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: cloudkms.projects.locations.keyRings.cryptoKeys.testIamPermissions + Encrypts data, so that it can only be recovered by a call to Decrypt. + The CryptoKey.purpose must be ENCRYPT_DECRYPT. + operationId: cloudkms.projects.locations.keyRings.cryptoKeys.encrypt requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/EncryptRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5967,7 +6259,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/EncryptResponse' parameters: - in: path name: projectsId @@ -5989,11 +6281,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions: + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}: parameters: *ref_1 - get: - description: Lists CryptoKeyVersions. - operationId: cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.list + patch: + description: Update a CryptoKey. + operationId: cloudkms.projects.locations.keyRings.cryptoKeys.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CryptoKey' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6009,7 +6306,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListCryptoKeyVersionsResponse' + $ref: '#/components/schemas/CryptoKey' parameters: - in: path name: projectsId @@ -6032,36 +6329,15 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: view - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + name: updateMask schema: type: string - post: + format: google-fieldmask + get: description: >- - Create a new CryptoKeyVersion in a CryptoKey. The server will assign the - next sequential id. If unset, state will be set to ENABLED. - operationId: cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CryptoKeyVersion' + Returns metadata for a given CryptoKey, as well as its primary + CryptoKeyVersion. + operationId: cloudkms.projects.locations.keyRings.cryptoKeys.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6077,7 +6353,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CryptoKeyVersion' + $ref: '#/components/schemas/CryptoKey' parameters: - in: path name: projectsId @@ -6099,11 +6375,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}: + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}:testIamPermissions: parameters: *ref_1 - get: - description: Returns metadata for a given CryptoKeyVersion. - operationId: cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.get + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: cloudkms.projects.locations.keyRings.cryptoKeys.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6119,7 +6405,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CryptoKeyVersion' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -6141,22 +6427,18 @@ paths: required: true schema: type: string - - in: path - name: cryptoKeyVersionsId - required: true - schema: - type: string - patch: + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys: + parameters: *ref_1 + post: description: >- - Update a CryptoKeyVersion's metadata. state may be changed between - ENABLED and DISABLED using this method. See DestroyCryptoKeyVersion and - RestoreCryptoKeyVersion to move between other states. - operationId: cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.patch + Create a new CryptoKey within a KeyRing. CryptoKey.purpose and + CryptoKey.version_template.algorithm are required. + operationId: cloudkms.projects.locations.keyRings.cryptoKeys.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/CryptoKeyVersion' + $ref: '#/components/schemas/CryptoKey' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6172,7 +6454,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CryptoKeyVersion' + $ref: '#/components/schemas/CryptoKey' parameters: - in: path name: projectsId @@ -6189,29 +6471,17 @@ paths: required: true schema: type: string - - in: path - name: cryptoKeysId - required: true - schema: - type: string - - in: path - name: cryptoKeyVersionsId - required: true + - in: query + name: skipInitialVersionCreation schema: - type: string + type: boolean - in: query - name: updateMask + name: cryptoKeyId schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}/publicKey: - parameters: *ref_1 get: - description: >- - Returns the public key for the given CryptoKeyVersion. The - CryptoKey.purpose must be ASYMMETRIC_SIGN or ASYMMETRIC_DECRYPT. - operationId: >- - cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.getPublicKey + description: Lists CryptoKeys. + operationId: cloudkms.projects.locations.keyRings.cryptoKeys.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6227,7 +6497,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PublicKey' + $ref: '#/components/schemas/ListCryptoKeysResponse' parameters: - in: path name: projectsId @@ -6244,35 +6514,34 @@ paths: required: true schema: type: string - - in: path - name: cryptoKeysId - required: true + - in: query + name: versionView schema: type: string - - in: path - name: cryptoKeyVersionsId - required: true + - in: query + name: orderBy schema: type: string - in: query - name: publicKeyFormat + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions:import: + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}:getIamPolicy: parameters: *ref_1 - post: + get: description: >- - Import wrapped key material into a CryptoKeyVersion. All requests must - specify a CryptoKey. If a CryptoKeyVersion is additionally specified in - the request, key material will be reimported into that version. - Otherwise, a new version will be created, and will be assigned the next - sequential id within the CryptoKey. - operationId: cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.import - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ImportCryptoKeyVersionRequest' + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: cloudkms.projects.locations.keyRings.cryptoKeys.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6288,7 +6557,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CryptoKeyVersion' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6310,24 +6579,24 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:destroy: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}:setIamPolicy: parameters: *ref_1 post: description: >- - Schedule a CryptoKeyVersion for destruction. Upon calling this method, - CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and - destroy_time will be set to the time destroy_scheduled_duration in the - future. At that time, the state will automatically change to DESTROYED, - and the key material will be irrevocably destroyed. Before the - destroy_time is reached, RestoreCryptoKeyVersion may be called to - reverse the process. - operationId: >- - cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.destroy + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: cloudkms.projects.locations.keyRings.cryptoKeys.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/DestroyCryptoKeyVersionRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6343,7 +6612,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CryptoKeyVersion' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6365,25 +6634,18 @@ paths: required: true schema: type: string - - in: path - name: cryptoKeyVersionsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:restore: + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}:decrypt: parameters: *ref_1 post: description: >- - Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state. Upon - restoration of the CryptoKeyVersion, state will be set to DISABLED, and - destroy_time will be cleared. - operationId: >- - cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.restore + Decrypts data that was protected by Encrypt. The CryptoKey.purpose must + be ENCRYPT_DECRYPT. + operationId: cloudkms.projects.locations.keyRings.cryptoKeys.decrypt requestBody: content: application/json: schema: - $ref: '#/components/schemas/RestoreCryptoKeyVersionRequest' + $ref: '#/components/schemas/DecryptRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6399,7 +6661,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CryptoKeyVersion' + $ref: '#/components/schemas/DecryptResponse' parameters: - in: path name: projectsId @@ -6421,25 +6683,18 @@ paths: required: true schema: type: string - - in: path - name: cryptoKeyVersionsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:rawEncrypt: + /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}:updatePrimaryVersion: parameters: *ref_1 post: description: >- - Encrypts data using portable cryptographic primitives. Most users should - choose Encrypt and Decrypt rather than their raw counterparts. The - CryptoKey.purpose must be RAW_ENCRYPT_DECRYPT. - operationId: >- - cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.rawEncrypt + Update the version of a CryptoKey that will be used in Encrypt. Returns + an error if called on a key whose purpose is not ENCRYPT_DECRYPT. + operationId: cloudkms.projects.locations.keyRings.cryptoKeys.updatePrimaryVersion requestBody: content: application/json: schema: - $ref: '#/components/schemas/RawEncryptRequest' + $ref: '#/components/schemas/UpdateCryptoKeyPrimaryVersionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6455,7 +6710,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RawEncryptResponse' + $ref: '#/components/schemas/CryptoKey' parameters: - in: path name: projectsId @@ -6477,24 +6732,11 @@ paths: required: true schema: type: string - - in: path - name: cryptoKeyVersionsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:rawDecrypt: + /v1/projects/{projectsId}/locations/{locationsId}/keyHandles: parameters: *ref_1 - post: - description: >- - Decrypts data that was originally encrypted using a raw cryptographic - mechanism. The CryptoKey.purpose must be RAW_ENCRYPT_DECRYPT. - operationId: >- - cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.rawDecrypt - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RawDecryptRequest' + get: + description: Lists KeyHandles. + operationId: cloudkms.projects.locations.keyHandles.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6510,7 +6752,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RawDecryptResponse' + $ref: '#/components/schemas/ListKeyHandlesResponse' parameters: - in: path name: projectsId @@ -6522,35 +6764,32 @@ paths: required: true schema: type: string - - in: path - name: keyRingsId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: cryptoKeysId - required: true + - in: query + name: filter schema: type: string - - in: path - name: cryptoKeyVersionsId - required: true + - in: query + name: pageSize schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:asymmetricSign: - parameters: *ref_1 + type: integer + format: int32 post: description: >- - Signs data using a CryptoKeyVersion with CryptoKey.purpose - ASYMMETRIC_SIGN, producing a signature that can be verified with the - public key retrieved from GetPublicKey. - operationId: >- - cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.asymmetricSign + Creates a new KeyHandle, triggering the provisioning of a new CryptoKey + for CMEK use with the given resource type in the configured key project + and the same location. GetOperation should be used to resolve the + resulting long-running operation and get the resulting KeyHandle and + CryptoKey. + operationId: cloudkms.projects.locations.keyHandles.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/AsymmetricSignRequest' + $ref: '#/components/schemas/KeyHandle' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6566,7 +6805,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AsymmetricSignResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6578,35 +6817,15 @@ paths: required: true schema: type: string - - in: path - name: keyRingsId - required: true - schema: - type: string - - in: path - name: cryptoKeysId - required: true - schema: - type: string - - in: path - name: cryptoKeyVersionsId - required: true + - in: query + name: keyHandleId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:asymmetricDecrypt: + /v1/projects/{projectsId}/locations/{locationsId}/keyHandles/{keyHandlesId}: parameters: *ref_1 - post: - description: >- - Decrypts data that was encrypted with a public key retrieved from - GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose - ASYMMETRIC_DECRYPT. - operationId: >- - cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.asymmetricDecrypt - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AsymmetricDecryptRequest' + get: + description: Returns the KeyHandle. + operationId: cloudkms.projects.locations.keyHandles.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6622,7 +6841,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AsymmetricDecryptResponse' + $ref: '#/components/schemas/KeyHandle' parameters: - in: path name: projectsId @@ -6632,37 +6851,18 @@ paths: - in: path name: locationsId required: true - schema: - type: string - - in: path - name: keyRingsId - required: true - schema: - type: string - - in: path - name: cryptoKeysId - required: true - schema: - type: string - - in: path - name: cryptoKeyVersionsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:macSign: - parameters: *ref_1 - post: - description: >- - Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, - producing a tag that can be verified by another source with the same - key. - operationId: >- - cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.macSign - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/MacSignRequest' + schema: + type: string + - in: path + name: keyHandlesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/ekmConnections: + parameters: *ref_1 + get: + description: Lists EkmConnections. + operationId: cloudkms.projects.locations.ekmConnections.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6678,7 +6878,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/MacSignResponse' + $ref: '#/components/schemas/ListEkmConnectionsResponse' parameters: - in: path name: projectsId @@ -6690,35 +6890,31 @@ paths: required: true schema: type: string - - in: path - name: keyRingsId - required: true + - in: query + name: filter schema: type: string - - in: path - name: cryptoKeysId - required: true + - in: query + name: orderBy schema: type: string - - in: path - name: cryptoKeyVersionsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:macVerify: - parameters: *ref_1 post: - description: >- - Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, - and returns a response that indicates whether or not the verification - was successful. - operationId: >- - cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.macVerify + description: Creates a new EkmConnection in a given Project and Location. + operationId: cloudkms.projects.locations.ekmConnections.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/MacVerifyRequest' + $ref: '#/components/schemas/EkmConnection' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6734,7 +6930,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/MacVerifyResponse' + $ref: '#/components/schemas/EkmConnection' parameters: - in: path name: projectsId @@ -6746,35 +6942,20 @@ paths: required: true schema: type: string - - in: path - name: keyRingsId - required: true - schema: - type: string - - in: path - name: cryptoKeysId - required: true - schema: - type: string - - in: path - name: cryptoKeyVersionsId - required: true + - in: query + name: ekmConnectionId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/cryptoKeyVersions/{cryptoKeyVersionsId}:decapsulate: + /v1/projects/{projectsId}/locations/{locationsId}/ekmConnections/{ekmConnectionsId}: parameters: *ref_1 - post: - description: >- - Decapsulates data that was encapsulated with a public key retrieved from - GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose - KEY_ENCAPSULATION. - operationId: >- - cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.decapsulate + patch: + description: Updates an EkmConnection's metadata. + operationId: cloudkms.projects.locations.ekmConnections.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/DecapsulateRequest' + $ref: '#/components/schemas/EkmConnection' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6790,7 +6971,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DecapsulateResponse' + $ref: '#/components/schemas/EkmConnection' parameters: - in: path name: projectsId @@ -6803,25 +6984,18 @@ paths: schema: type: string - in: path - name: keyRingsId - required: true - schema: - type: string - - in: path - name: cryptoKeysId + name: ekmConnectionsId required: true schema: type: string - - in: path - name: cryptoKeyVersionsId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/importJobs: - parameters: *ref_1 + format: google-fieldmask get: - description: Lists ImportJobs. - operationId: cloudkms.projects.locations.keyRings.importJobs.list + description: Returns metadata for a given EkmConnection. + operationId: cloudkms.projects.locations.ekmConnections.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6837,7 +7011,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListImportJobsResponse' + $ref: '#/components/schemas/EkmConnection' parameters: - in: path name: projectsId @@ -6850,37 +7024,20 @@ paths: schema: type: string - in: path - name: keyRingsId + name: ekmConnectionsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - post: + /v1/projects/{projectsId}/locations/{locationsId}/ekmConnections/{ekmConnectionsId}:verifyConnectivity: + parameters: *ref_1 + get: description: >- - Create a new ImportJob within a KeyRing. ImportJob.import_method is - required. - operationId: cloudkms.projects.locations.keyRings.importJobs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ImportJob' + Verifies that Cloud KMS can successfully connect to the external key + manager specified by an EkmConnection. If there is an error connecting + to the EKM, this method returns a FAILED_PRECONDITION status containing + structured information as described at + https://cloud.google.com/kms/docs/reference/ekm_errors. + operationId: cloudkms.projects.locations.ekmConnections.verifyConnectivity security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6896,7 +7053,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ImportJob' + $ref: '#/components/schemas/VerifyConnectivityResponse' parameters: - in: path name: projectsId @@ -6909,19 +7066,17 @@ paths: schema: type: string - in: path - name: keyRingsId + name: ekmConnectionsId required: true schema: type: string - - in: query - name: importJobId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/importJobs/{importJobsId}: + /v1/projects/{projectsId}/locations/{locationsId}/ekmConnections/{ekmConnectionsId}:getIamPolicy: parameters: *ref_1 get: - description: Returns metadata for a given ImportJob. - operationId: cloudkms.projects.locations.keyRings.importJobs.get + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: cloudkms.projects.locations.ekmConnections.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6937,7 +7092,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ImportJob' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6950,28 +7105,30 @@ paths: schema: type: string - in: path - name: keyRingsId + name: ekmConnectionsId required: true schema: type: string - - in: path - name: importJobsId - required: true + - in: query + name: options.requestedPolicyVersion schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/importJobs/{importJobsId}:setIamPolicy: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/ekmConnections/{ekmConnectionsId}:testIamPermissions: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: cloudkms.projects.locations.keyRings.importJobs.setIamPolicy + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: cloudkms.projects.locations.ekmConnections.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6987,7 +7144,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -7000,22 +7157,23 @@ paths: schema: type: string - in: path - name: keyRingsId - required: true - schema: - type: string - - in: path - name: importJobsId + name: ekmConnectionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/importJobs/{importJobsId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/ekmConnections/{ekmConnectionsId}:setIamPolicy: parameters: *ref_1 - get: + post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: cloudkms.projects.locations.keyRings.importJobs.getIamPolicy + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: cloudkms.projects.locations.ekmConnections.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7044,21 +7202,11 @@ paths: schema: type: string - in: path - name: keyRingsId - required: true - schema: - type: string - - in: path - name: importJobsId + name: ekmConnectionsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/importJobs/{importJobsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/ekmConfig:testIamPermissions: parameters: *ref_1 post: description: >- @@ -7067,7 +7215,7 @@ paths: not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. - operationId: cloudkms.projects.locations.keyRings.importJobs.testIamPermissions + operationId: cloudkms.projects.locations.ekmConfig.testIamPermissions requestBody: content: application/json: @@ -7100,16 +7248,6 @@ paths: required: true schema: type: string - - in: path - name: keyRingsId - required: true - schema: - type: string - - in: path - name: importJobsId - required: true - schema: - type: string /v1/projects/{projectsId}/locations/{locationsId}/ekmConfig:setIamPolicy: parameters: *ref_1 post: @@ -7189,21 +7327,14 @@ paths: schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/ekmConfig:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - post: + get: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: cloudkms.projects.locations.ekmConfig.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: cloudkms.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7219,7 +7350,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7231,12 +7362,17 @@ paths: required: true schema: type: string + - in: path + name: operationsId + required: true + schema: + type: string /v1/organizations/{organizationsId}/kajPolicyConfig: parameters: *ref_1 get: description: >- - Gets the KeyAccessJustificationsPolicyConfig for a given - organization/folder/projects. + Gets the KeyAccessJustificationsPolicyConfig for a given organization, + folder, or project. operationId: cloudkms.organizations.getKajPolicyConfig security: - Oauth2: @@ -7263,7 +7399,7 @@ paths: patch: description: >- Updates the KeyAccessJustificationsPolicyConfig for a given - organization/folder/projects. + organization, folder, or project. operationId: cloudkms.organizations.updateKajPolicyConfig requestBody: content: diff --git a/providers/src/googleapis.com/v00.00.00000/services/cloudlocationfinder.yaml b/providers/src/googleapis.com/v00.00.00000/services/cloudlocationfinder.yaml index a281117a..bbf9ea4e 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/cloudlocationfinder.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/cloudlocationfinder.yaml @@ -6,9 +6,9 @@ info: email: info@stackql.io title: Cloud Location Finder API description: '' - version: v1alpha - x-discovery-doc-revision: '20250825' - x-generated-date: '2025-08-28' + version: v1 + x-discovery-doc-revision: '20251203' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/location-finder/docs servers: @@ -34,60 +34,54 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListCloudLocationsResponse: - id: ListCloudLocationsResponse - description: Message for response to listing cloud locations. - type: object - properties: - cloudLocations: - description: Output only. List of cloud locations. - readOnly: true - type: array - items: - $ref: '#/components/schemas/CloudLocation' - nextPageToken: - description: >- - Output only. The continuation token, used to page through large - result sets. Provide this value in a subsequent request as - page_token in subsequent requests to retrieve the next page. If this - field is not present, there are no subsequent results. - readOnly: true - type: string CloudLocation: - id: CloudLocation description: Represents resource cloud locations. - type: object properties: + cloudLocationType: + type: string + enum: + - CLOUD_LOCATION_TYPE_UNSPECIFIED + - CLOUD_LOCATION_TYPE_REGION + - CLOUD_LOCATION_TYPE_ZONE + - CLOUD_LOCATION_TYPE_REGION_EXTENSION + - CLOUD_LOCATION_TYPE_GDCC_ZONE + description: Optional. The type of the cloud location. + enumDescriptions: + - Unspecified type. + - CloudLocation type for region. + - CloudLocation type for zone. + - CloudLocation type for region extension. + - CloudLocation type for Google Distributed Cloud Connected Zone. + displayName: + type: string + description: >- + Optional. The human-readable name of the cloud location. Example: + us-east-2, us-east1. name: + type: string description: >- Identifier. Name of the cloud location. Unique name of the cloud location including project and location using the form: `projects/{project_id}/locations/{location}/cloudLocations/{cloud_location}` - type: string containingCloudLocation: description: >- Output only. The containing cloud location in the strict nesting hierarchy. For example, the containing cloud location of a zone is a region. - readOnly: true - type: string - displayName: - description: >- - Optional. The human-readable name of the cloud location. Example: - us-east-2, us-east1. type: string + readOnly: true cloudProvider: - description: >- - Optional. The provider of the cloud location. Values can be Google - Cloud or third-party providers, including AWS, Azure, or Oracle - Cloud Infrastructure. - type: string enumDescriptions: - Unspecified type. - Cloud provider type for Google Cloud. - Cloud provider type for AWS. - Cloud provider type for Azure. - Cloud provider type for OCI. + type: string + description: >- + Optional. The provider of the cloud location. Values can be Google + Cloud or third-party providers, including AWS, Azure, or Oracle + Cloud Infrastructure. enum: - CLOUD_PROVIDER_UNSPECIFIED - CLOUD_PROVIDER_GCP @@ -99,22 +93,9 @@ components: Optional. The two-letter ISO 3166-1 alpha-2 code of the cloud location. Examples: US, JP, KR. type: string - cloudLocationType: - description: Optional. The type of the cloud location. - type: string - enumDescriptions: - - Unspecified type. - - CloudLocation type for region. - - CloudLocation type for zone. - - CloudLocation type for region extension. - - CloudLocation type for Google Distributed Cloud Connected Zone. - enum: - - CLOUD_LOCATION_TYPE_UNSPECIFIED - - CLOUD_LOCATION_TYPE_REGION - - CLOUD_LOCATION_TYPE_ZONE - - CLOUD_LOCATION_TYPE_REGION_EXTENSION - - CLOUD_LOCATION_TYPE_GDCC_ZONE carbonFreeEnergyPercentage: + format: float + type: number description: >- Optional. The carbon free energy percentage of the cloud location. This represents the average percentage of time customers' @@ -123,17 +104,51 @@ components: details. There is a difference between default value 0 and unset value. 0 means the carbon free energy percentage is 0%, while unset value means the carbon footprint data is not available. - type: number - format: float - SearchCloudLocationsResponse: - id: SearchCloudLocationsResponse - description: Message for response to searching cloud locations. + type: object + id: CloudLocation + Location: + id: Location + type: object + description: A resource that represents a Google Cloud location. + properties: + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + labels: + additionalProperties: + type: string + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + type: object + name: + type: string + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + ListCloudLocationsResponse: + id: ListCloudLocationsResponse + description: Message for response to listing cloud locations. type: object properties: cloudLocations: - description: Output only. List of cloud locations. - readOnly: true type: array + readOnly: true + description: Output only. List of cloud locations. items: $ref: '#/components/schemas/CloudLocation' nextPageToken: @@ -144,11 +159,32 @@ components: field is not present, there are no subsequent results. readOnly: true type: string + SearchCloudLocationsResponse: + description: Message for response to searching cloud locations. + properties: + nextPageToken: + description: >- + Output only. The continuation token, used to page through large + result sets. Provide this value in a subsequent request as + page_token in subsequent requests to retrieve the next page. If this + field is not present, there are no subsequent results. + readOnly: true + type: string + cloudLocations: + type: array + readOnly: true + description: Output only. List of cloud locations. + items: + $ref: '#/components/schemas/CloudLocation' + id: SearchCloudLocationsResponse + type: object ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. type: object + id: ListLocationsResponse properties: + nextPageToken: + description: The standard List next-page token. + type: string locations: description: >- A list of locations that matches the specified filter in the @@ -156,203 +192,166 @@ components: type: array items: $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + description: The response message for Locations.ListLocations. parameters: - access_token: - description: OAuth access token. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: access_token + name: key schema: type: string - alt: - description: Data format for response. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: alt + name: upload_protocol schema: type: string - enum: - - json - - media - - proto - callback: - description: JSONP + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: callback + name: uploadType schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + _.xgafv: + description: V1 error format. in: query - name: fields + name: $.xgafv schema: type: string - key: + enum: + - '1' + - '2' + quotaUser: description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: key + name: quotaUser schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + access_token: + description: OAuth access token. in: query - name: oauth_token + name: access_token + schema: + type: string + alt: + description: Data format for response. + in: query + name: alt schema: type: string + enum: + - json + - media + - proto prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: upload_protocol + name: fields schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: uploadType + name: oauth_token schema: type: string - _.xgafv: - description: V1 error format. + callback: + description: JSONP in: query - name: $.xgafv + name: callback schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: - locations: - id: google.cloudlocationfinder.locations - name: locations - title: Locations + cloud_locations: + id: google.cloudlocationfinder.cloud_locations + name: cloud_locations + title: Cloud_locations methods: list: operation: - $ref: '#/paths/~1v1alpha~1projects~1{projectsId}~1locations/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudLocations/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.locations + objectKey: $.cloudLocations get: operation: $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudLocations~1{cloudLocationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + search: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudLocations:search/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' + - $ref: '#/components/x-stackQL-resources/cloud_locations/methods/get' + - $ref: '#/components/x-stackQL-resources/cloud_locations/methods/list' insert: [] update: [] replace: [] delete: [] - cloud_locations: - id: google.cloudlocationfinder.cloud_locations - name: cloud_locations - title: Cloud_locations + locations: + id: google.cloudlocationfinder.locations + name: locations + title: Locations methods: list: operation: - $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1cloudLocations/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.cloudLocations + objectKey: $.locations get: operation: - $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1cloudLocations~1{cloudLocationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - search: - operation: - $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1cloudLocations:search/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/cloud_locations/methods/get' - - $ref: '#/components/x-stackQL-resources/cloud_locations/methods/list' + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' insert: [] update: [] replace: [] delete: [] paths: - /v1alpha/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}/cloudLocations: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/callback' get: - description: Lists information about the supported locations for this service. - operationId: cloudlocationfinder.projects.locations.list + description: Lists cloud locations under a given project and location. + operationId: cloudlocationfinder.projects.locations.cloudLocations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -364,13 +363,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/ListCloudLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string + - in: path + name: locationsId + required: true + schema: + type: string - in: query name: filter schema: @@ -384,15 +388,11 @@ paths: name: pageToken schema: type: string - - in: query - name: extraLocationTypes - schema: - type: string - /v1alpha/projects/{projectsId}/locations/{locationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/cloudLocations/{cloudLocationsId}: parameters: *ref_1 get: - description: Gets information about a location. - operationId: cloudlocationfinder.projects.locations.get + description: Retrieves a resource containing information about a cloud location. + operationId: cloudlocationfinder.projects.locations.cloudLocations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -404,7 +404,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/CloudLocation' parameters: - in: path name: projectsId @@ -416,11 +416,16 @@ paths: required: true schema: type: string - /v1alpha/projects/{projectsId}/locations/{locationsId}/cloudLocations: + - in: path + name: cloudLocationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/cloudLocations:search: parameters: *ref_1 get: - description: Lists cloud locations under a given project and location. - operationId: cloudlocationfinder.projects.locations.cloudLocations.list + description: Searches for cloud locations from a given source location. + operationId: cloudlocationfinder.projects.locations.cloudLocations.search security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -432,7 +437,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListCloudLocationsResponse' + $ref: '#/components/schemas/SearchCloudLocationsResponse' parameters: - in: path name: projectsId @@ -445,23 +450,27 @@ paths: schema: type: string - in: query - name: pageSize + name: pageToken schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: sourceCloudLocation schema: type: string - in: query - name: filter + name: query schema: type: string - /v1alpha/projects/{projectsId}/locations/{locationsId}/cloudLocations/{cloudLocationsId}: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations: parameters: *ref_1 get: - description: Retrieves a resource containing information about a cloud location. - operationId: cloudlocationfinder.projects.locations.cloudLocations.get + description: Lists information about the supported locations for this service. + operationId: cloudlocationfinder.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -473,28 +482,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CloudLocation' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: extraLocationTypes schema: type: string - - in: path - name: cloudLocationsId - required: true + - in: query + name: pageToken schema: type: string - /v1alpha/projects/{projectsId}/locations/{locationsId}/cloudLocations:search: + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}: parameters: *ref_1 get: - description: Searches for cloud locations from a given source location. - operationId: cloudlocationfinder.projects.locations.cloudLocations.search + description: Gets information about a location. + operationId: cloudlocationfinder.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -506,7 +522,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SearchCloudLocationsResponse' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId @@ -518,20 +534,3 @@ paths: required: true schema: type: string - - in: query - name: sourceCloudLocation - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: query - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/cloudprofiler.yaml b/providers/src/googleapis.com/v00.00.00000/services/cloudprofiler.yaml index ba8930e9..fbfd972d 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/cloudprofiler.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/cloudprofiler.yaml @@ -7,8 +7,8 @@ info: title: Cloud Profiler API description: Manages continuous profiling information. version: v2 - x-discovery-doc-revision: '20250818' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251006' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/profiler/ servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/cloudresourcemanager.yaml b/providers/src/googleapis.com/v00.00.00000/services/cloudresourcemanager.yaml index b8d26e0c..336b8fee 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/cloudresourcemanager.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/cloudresourcemanager.yaml @@ -9,8 +9,8 @@ info: Creates, reads, and updates metadata for Google Cloud Platform resource containers. version: v3 - x-discovery-doc-revision: '20250606' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251103' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/resource-manager servers: @@ -39,174 +39,117 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListLiensResponse: - id: ListLiensResponse - description: The response message for Liens.ListLiens. - type: object - properties: - liens: - description: A list of Liens. - type: array - items: - $ref: '#/components/schemas/Lien' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string - Lien: - id: Lien - description: >- - A Lien represents an encumbrance on the actions that can be performed on - a resource. - type: object - properties: - name: - description: >- - A system-generated unique identifier for this Lien. Example: - `liens/1234abcd` - type: string - parent: - description: >- - A reference to the resource this Lien is attached to. The server - will validate the parent against those for which Liens are - supported. Example: `projects/1234` - type: string - restrictions: - description: >- - The types of operations which should be blocked as a result of this - Lien. Each value should correspond to an IAM permission. The server - will validate the permissions against those for which Liens are - supported. An empty list is meaningless and will be rejected. - Example: ['resourcemanager.projects.delete'] - type: array - items: - type: string - reason: - description: >- - Concise user-visible strings indicating why an action cannot be - performed on a resource. Maximum length of 200 characters. Example: - 'Holds production API key' - type: string - origin: - description: >- - A stable, user-visible/meaningful string identifying the origin of - the Lien, intended to be inspected programmatically. Maximum length - of 200 characters. Example: 'compute.googleapis.com' - type: string - createTime: - description: The creation time of this Lien. - type: string - format: google-datetime - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object + UpdateFolderMetadata: properties: {} - Operation: - id: Operation description: >- - This resource represents a long-running operation that is the result of - a network API call. + A status object which is used as the `metadata` field for the Operation + returned by UpdateFolder. type: object + id: UpdateFolderMetadata + Operation: properties: name: + type: string description: >- The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`. - type: string metadata: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any. + response: type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. done: + type: boolean description: >- If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available. - type: boolean error: description: >- The error result of the operation in case of failure or cancellation. $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + id: Operation type: object + description: >- + This resource represents a long-running operation that is the result of + a network API call. + CreateFolderMetadata: + id: CreateFolderMetadata properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + parent: + type: string description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + The resource name of the folder or organization we are creating the + folder under. + displayName: + type: string + description: The display name of the folder. + type: object + description: Metadata pertaining to the Folder creation process. + MoveFolderRequest: + description: The MoveFolder request message. + properties: + destinationParent: type: string - details: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Folder: - id: Folder - description: >- - A folder in an organization's resource hierarchy, used to organize that - organization's resources. + Required. The resource name of the folder or organization which + should be the folder's new parent. Must be of the form + `folders/{folder_id}` or `organizations/{org_id}`. + type: object + id: MoveFolderRequest + DeleteTagBindingMetadata: + id: DeleteTagBindingMetadata + description: Runtime operation information for deleting a TagBinding. + type: object + properties: {} + UndeleteFolderMetadata: type: object + properties: {} + description: >- + A status object which is used as the `metadata` field for the + `Operation` returned by `UndeleteFolder`. + id: UndeleteFolderMetadata + Folder: properties: - name: + configuredCapabilities: description: >- - Identifier. The resource name of the folder. Its format is - `folders/{folder_id}`, for example: "folders/1234". - type: string + Output only. Optional capabilities configured for this folder (via + UpdateCapability API). Example: + `folders/123/capabilities/app-management`. + type: array + readOnly: true + items: + type: string parent: description: >- Required. The folder's parent's resource name. Updates to the folder's parent must be performed using MoveFolder. type: string displayName: + type: string description: >- The folder's display name. A folder's display name must be unique amongst its siblings. For example, no two folders with the same @@ -215,151 +158,138 @@ components: hyphens and underscores and can be no longer than 30 characters. This is captured by the regular expression: `[\p{L}\p{N}]([\p{L}\p{N}_- ]{0,28}[\p{L}\p{N}])?`. + etag: + readOnly: true + description: >- + Output only. A checksum computed by the server based on the current + value of the folder resource. This may be sent on update and delete + requests to ensure the client has an up-to-date value before + proceeding. type: string - state: + managementProject: description: >- - Output only. The lifecycle state of the folder. Updates to the state - must be performed using DeleteFolder and UndeleteFolder. + Output only. Management Project associated with this folder (if + app-management capability is enabled). Example: + `projects/google-mp-123` OUTPUT ONLY. readOnly: true type: string - enumDescriptions: - - Unspecified state. - - The normal and active state. - - The folder has been marked for deletion by the user. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - DELETE_REQUESTED createTime: description: Output only. Timestamp when the folder was created. readOnly: true type: string format: google-datetime - updateTime: - description: Output only. Timestamp when the folder was last modified. - readOnly: true - type: string - format: google-datetime - deleteTime: - description: Output only. Timestamp when the folder was requested to be deleted. - readOnly: true - type: string - format: google-datetime - etag: - description: >- - Output only. A checksum computed by the server based on the current - value of the folder resource. This may be sent on update and delete - requests to ensure the client has an up-to-date value before - proceeding. - readOnly: true - type: string tags: description: >- Optional. Input only. Immutable. Tag keys/values directly bound to this folder. Each item in the map must be expressed as " : ". For example: "123/environment" : "production", "123/costCenter" : "marketing" Note: Currently this field is in Preview. - type: object additionalProperties: type: string - configuredCapabilities: - description: >- - Output only. Optional capabilities configured for this folder (via - UpdateCapability API). Example: - `folders/123/capabilities/app-management`. + type: object + updateTime: + format: google-datetime + type: string readOnly: true - type: array - items: - type: string - managementProject: + description: Output only. Timestamp when the folder was last modified. + name: + type: string description: >- - Output only. Management Project associated with this folder (if - app-management capability is enabled). Example: - `projects/google-mp-123` OUTPUT ONLY. + Identifier. The resource name of the folder. Its format is + `folders/{folder_id}`, for example: "folders/1234". + deleteTime: readOnly: true type: string - ListFoldersResponse: - id: ListFoldersResponse - description: The ListFolders response message. - type: object - properties: - folders: - description: >- - A possibly paginated list of folders that are direct descendants of - the specified parent resource. - type: array - items: - $ref: '#/components/schemas/Folder' - nextPageToken: - description: >- - A pagination token returned from a previous call to `ListFolders` - that indicates from where listing should continue. + format: google-datetime + description: Output only. Timestamp when the folder was requested to be deleted. + state: + readOnly: true + enumDescriptions: + - Unspecified state. + - The normal and active state. + - The folder has been marked for deletion by the user. type: string - SearchFoldersResponse: - id: SearchFoldersResponse - description: The response message for searching folders. - type: object - properties: - folders: - description: >- - A possibly paginated folder search results. the specified parent - resource. - type: array - items: - $ref: '#/components/schemas/Folder' - nextPageToken: description: >- - A pagination token returned from a previous call to `SearchFolders` - that indicates from where searching should continue. - type: string - MoveFolderRequest: - id: MoveFolderRequest - description: The MoveFolder request message. + Output only. The lifecycle state of the folder. Updates to the state + must be performed using DeleteFolder and UndeleteFolder. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - DELETE_REQUESTED + id: Folder + description: >- + A folder in an organization's resource hierarchy, used to organize that + organization's resources. type: object - properties: - destinationParent: - description: >- - Required. The resource name of the folder or organization which - should be the folder's new parent. Must be of the form - `folders/{folder_id}` or `organizations/{org_id}`. - type: string - UndeleteFolderRequest: - id: UndeleteFolderRequest - description: The UndeleteFolder request message. + CreateTagBindingMetadata: + id: CreateTagBindingMetadata type: object + description: Runtime operation information for creating a TagValue. properties: {} - GetIamPolicyRequest: - id: GetIamPolicyRequest - description: Request message for `GetIamPolicy` method. + CreateTagValueMetadata: + id: CreateTagValueMetadata type: object - properties: - options: - description: >- - OPTIONAL: A `GetPolicyOptions` object for specifying options to - `GetIamPolicy`. - $ref: '#/components/schemas/GetPolicyOptions' - GetPolicyOptions: - id: GetPolicyOptions - description: Encapsulates settings provided to GetIamPolicy. + description: Runtime operation information for creating a TagValue. + properties: {} + Policy: type: object + id: Policy properties: - requestedPolicyVersion: + version: description: >- - Optional. The maximum policy version that will be used to format the - policy. Valid values are 0, 1, and 3. Requests specifying an invalid - value will be rejected. Requests for policies with any conditional - role bindings must specify version 3. Policies with no conditional - role bindings may specify any valid value or leave the field unset. - The policy in the response might use the policy version that you - specified, or it might use a lower policy version. For example, if - you specify version 3, but the policy has no conditional role - bindings, the response uses version 1. To learn which resources - support conditions in their IAM policies, see the [IAM + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer format: int32 - Policy: - id: Policy + type: integer + auditConfigs: + items: + $ref: '#/components/schemas/AuditConfig' + description: Specifies cloud audit logging configuration for this policy. + type: array + etag: + type: string + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + format: byte + bindings: + type: array + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + items: + $ref: '#/components/schemas/Binding' description: >- An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of @@ -394,153 +324,234 @@ components: timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). + ListLiensResponse: type: object + id: ListLiensResponse + description: The response message for Liens.ListLiens. properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + nextPageToken: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. + Token to retrieve the next page of results, or empty if there are no + more results in the list. + type: string + liens: + description: A list of Liens. type: array items: - $ref: '#/components/schemas/AuditConfig' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + $ref: '#/components/schemas/Lien' + DeleteTagValueMetadata: + properties: {} + id: DeleteTagValueMetadata + description: Runtime operation information for deleting a TagValue. + type: object + Organization: + description: >- + The root node in the resource hierarchy to which a particular entity's + (a company, for example) resources belong. type: object properties: - role: + name: + type: string description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + Output only. The resource name of the organization. This is the + organization's relative path in the API. Its format is + "organizations/[organization_id]". For example, + "organizations/1234". + readOnly: true + createTime: + type: string + description: Output only. Timestamp when the Organization was created. + readOnly: true + format: google-datetime + directoryCustomerId: type: string - members: description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + Immutable. The G Suite / Workspace customer id used in the Directory + API. + deleteTime: + description: >- + Output only. Timestamp when the Organization was requested for + deletion. + format: google-datetime + readOnly: true + type: string + etag: + type: string + readOnly: true + description: >- + Output only. A checksum computed by the server based on the current + value of the Organization resource. This may be sent on update and + delete requests to ensure the client has an up-to-date value before + proceeding. + updateTime: + format: google-datetime + readOnly: true + type: string + description: Output only. Timestamp when the Organization was last modified. + state: + enum: + - STATE_UNSPECIFIED + - ACTIVE + - DELETE_REQUESTED + type: string + readOnly: true + enumDescriptions: + - >- + Unspecified state. This is only useful for distinguishing unset + values. + - The normal and active state. + - The organization has been marked for deletion by the user. + description: Output only. The organization's current lifecycle state. + displayName: + readOnly: true + type: string + description: >- + Output only. A human-readable string that refers to the organization + in the Google Cloud Console. This string is set by the server and + cannot be changed. The string will be set to the primary domain (for + example, "google.com") of the Google Workspace customer that owns + the organization. + id: Organization + UpdateTagValueMetadata: + description: Runtime operation information for updating a TagValue. + type: object + id: UpdateTagValueMetadata + properties: {} + FolderOperation: + id: FolderOperation + type: object + properties: + destinationParent: + description: >- + The resource name of the folder or organization we are either + creating the folder under or moving the folder to. + type: string + displayName: + description: The display name of the folder. + type: string + sourceParent: + type: string + description: >- + The resource name of the folder's parent. Only applicable when the + operation_type is MOVE. + operationType: + enum: + - OPERATION_TYPE_UNSPECIFIED + - CREATE + - MOVE + enumDescriptions: + - Operation type not specified. + - A create folder operation. + - A move folder operation. + description: The type of this operation. + type: string + description: Metadata describing a long running folder operation + DeleteOrganizationMetadata: + description: >- + A status object which is used as the `metadata` field for the operation + returned by DeleteOrganization. + type: object + id: DeleteOrganizationMetadata + properties: {} + ListTagHoldsResponse: + description: The ListTagHolds response. + properties: + tagHolds: + type: array + items: + $ref: '#/components/schemas/TagHold' + description: A possibly paginated list of TagHolds. + nextPageToken: + description: >- + Pagination token. If the result set is too large to fit in a single + response, this token is returned. It encodes the position of the + current result cursor. Feeding this value into a new list request + with the `page_token` parameter gives the next page of the results. + When `next_page_token` is not filled in, there is no next page and + the list returned is the last page in the result set. Pagination + tokens have a limited lifetime. + type: string + id: ListTagHoldsResponse + type: object + SearchProjectsResponse: + id: SearchProjectsResponse + properties: + projects: + items: + $ref: '#/components/schemas/Project' + description: >- + The list of Projects that matched the list filter query. This list + can be paginated. type: array + nextPageToken: + description: >- + Pagination token. If the result set is too large to fit in a single + response, this token is returned. It encodes the position of the + current result cursor. Feeding this value into a new list request + with the `page_token` parameter gives the next page of the results. + When `next_page_token` is not filled in, there is no next page and + the list returned is the last page in the result set. Pagination + tokens have a limited lifetime. + type: string + description: >- + A page of the response received from the SearchProjects method. A + paginated response where more pages are available has `next_page_token` + set. This token can be used in a subsequent request to retrieve the next + request page. + type: object + Lien: + description: >- + A Lien represents an encumbrance on the actions that can be performed on + a resource. + type: object + id: Lien + properties: + createTime: + format: google-datetime + type: string + description: The creation time of this Lien. + restrictions: items: type: string - condition: description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' + The types of operations which should be blocked as a result of this + Lien. Each value should correspond to an IAM permission. The server + will validate the permissions against those for which Liens are + supported. An empty list is meaningless and will be rejected. + Example: ['resourcemanager.projects.delete'] + type: array + parent: + description: >- + A reference to the resource this Lien is attached to. The server + will validate the parent against those for which Liens are + supported. Example: `projects/1234` + type: string + name: + type: string + description: >- + A system-generated unique identifier for this Lien. Example: + `liens/1234abcd` + reason: + description: >- + Concise user-visible strings indicating why an action cannot be + performed on a resource. Maximum length of 200 characters. Example: + 'Holds production API key' + type: string + origin: + type: string + description: >- + A stable, user-visible/meaningful string identifying the origin of + the Lien, intended to be inspected programmatically. Maximum length + of 200 characters. Example: 'compute.googleapis.com' + UpdateProjectMetadata: + type: object + description: >- + A status object which is used as the `metadata` field for the Operation + returned by UpdateProject. + id: UpdateProjectMetadata + properties: {} Expr: - id: Expr + type: object description: >- Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of @@ -558,13 +569,8 @@ components: string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. - type: object + id: Expr properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string title: description: >- Optional. Title for the expression, i.e. a short string describing @@ -572,204 +578,201 @@ components: expression. type: string description: + type: string description: >- Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. - type: string location: + type: string description: >- Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. + expression: type: string - AuditConfig: - id: AuditConfig + description: >- + Textual representation of an expression in Common Expression + Language syntax. + DeleteProjectMetadata: description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + A status object which is used as the `metadata` field for the Operation + returned by `DeleteProject`. + properties: {} + id: DeleteProjectMetadata + type: object + DeleteTagKeyMetadata: + description: Runtime operation information for deleting a TagKey. + properties: {} + id: DeleteTagKeyMetadata type: object + ListTagBindingsResponse: + description: The ListTagBindings response. + id: ListTagBindingsResponse properties: - service: + nextPageToken: description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. + Pagination token. If the result set is too large to fit in a single + response, this token is returned. It encodes the position of the + current result cursor. Feeding this value into a new list request + with the `page_token` parameter gives the next page of the results. + When `next_page_token` is not filled in, there is no next page and + the list returned is the last page in the result set. Pagination + tokens have a limited lifetime. type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. + tagBindings: type: array + description: A possibly paginated list of TagBindings for the specified resource. items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. + $ref: '#/components/schemas/TagBinding' type: object + GetIamPolicyRequest: + description: Request message for `GetIamPolicy` method. properties: - logType: - description: The log type that this config enables. - type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: + options: + $ref: '#/components/schemas/GetPolicyOptions' description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: - type: string - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. + OPTIONAL: A `GetPolicyOptions` object for specifying options to + `GetIamPolicy`. + id: GetIamPolicyRequest type: object + EffectiveTag: properties: - policy: + tagKeyParentName: description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: + The parent name of the tag key. Must be in the format + `organizations/{organization_id}` or `projects/{project_number}` + type: string + namespacedTagKey: description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` + The namespaced name of the TagKey. Can be in the form + `{organization_id}/{tag_key_short_name}` or + `{project_id}/{tag_key_short_name}` or + `{project_number}/{tag_key_short_name}`. type: string - format: google-fieldmask - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: + tagValue: + description: Resource name for TagValue in the format `tagValues/456`. + type: string + tagKey: description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string + The name of the TagKey, in the format `tagKeys/{id}`, such as + `tagKeys/123`. + type: string + inherited: + description: >- + Indicates the inheritance status of a tag value attached to the + given resource. If the tag value is inherited from one of the + resource's ancestors, inherited will be true. If false, then the tag + value is directly attached to the resource, inherited will be false. + type: boolean + namespacedTagValue: + type: string + description: >- + The namespaced name of the TagValue. Can be in the form + `{organization_id}/{tag_key_short_name}/{tag_value_short_name}` or + `{project_id}/{tag_key_short_name}/{tag_value_short_name}` or + `{project_number}/{tag_key_short_name}/{tag_value_short_name}`. + description: >- + An EffectiveTag represents a tag that applies to a resource during + policy evaluation. Tags can be either directly bound to a resource or + inherited from its ancestor. EffectiveTag contains the name and + namespaced_name of the tag value and tag key, with additional fields of + `inherited` to indicate the inheritance status of the effective tag. + type: object + id: EffectiveTag TestIamPermissionsResponse: id: TestIamPermissionsResponse description: Response message for `TestIamPermissions` method. - type: object properties: permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. type: array items: type: string - Organization: - id: Organization - description: >- - The root node in the resource hierarchy to which a particular entity's - (a company, for example) resources belong. + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + type: object + AuditConfig: type: object properties: - name: + service: description: >- - Output only. The resource name of the organization. This is the - organization's relative path in the API. Its format is - "organizations/[organization_id]". For example, - "organizations/1234". - readOnly: true + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. type: string - displayName: - description: >- - Output only. A human-readable string that refers to the organization - in the Google Cloud Console. This string is set by the server and - cannot be changed. The string will be set to the primary domain (for - example, "google.com") of the Google Workspace customer that owns - the organization. - readOnly: true + auditLogConfigs: + items: + $ref: '#/components/schemas/AuditLogConfig' + description: The configuration for logging of each type of permission. + type: array + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + id: AuditConfig + EffectiveTagBindingCollection: + description: Represents a collection of effective tag bindings for a GCP resource. + properties: + fullResourceName: type: string - directoryCustomerId: description: >- - Immutable. The G Suite / Workspace customer id used in the Directory - API. - type: string - state: - description: Output only. The organization's current lifecycle state. - readOnly: true + The full resource name of the resource the TagBindings are bound to. + E.g. `//cloudresourcemanager.googleapis.com/projects/123` + name: + description: >- + Identifier. The name of the EffectiveTagBindingCollection, following + the convention: + `locations/{location}/effectiveTagBindingCollections/{encoded-full-resource-name}` + where the encoded-full-resource-name is the UTF-8 encoded name of + the GCP resource the TagBindings are bound to. E.g. + "locations/global/effectiveTagBindingCollections/%2f%2fcloudresourcemanager.googleapis.com%2fprojects%2f123" type: string - enumDescriptions: - - >- - Unspecified state. This is only useful for distinguishing unset - values. - - The normal and active state. - - The organization has been marked for deletion by the user. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - DELETE_REQUESTED + effectiveTags: + description: >- + Tag keys/values effectively bound to this resource, specified in + namespaced format. For example: "123/environment": "production" + type: object + additionalProperties: + type: string + type: object + id: EffectiveTagBindingCollection + ProjectCreationStatus: + properties: + ready: + type: boolean + description: True if the project creation process is complete. createTime: - description: Output only. Timestamp when the Organization was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when the Organization was last modified. - readOnly: true type: string format: google-datetime - deleteTime: + description: Creation time of the project creation workflow. + gettable: + type: boolean description: >- - Output only. Timestamp when the Organization was requested for - deletion. - readOnly: true - type: string - format: google-datetime - etag: - description: >- - Output only. A checksum computed by the server based on the current - value of the Organization resource. This may be sent on update and - delete requests to ensure the client has an up-to-date value before - proceeding. - readOnly: true - type: string + True if the project can be retrieved using GetProject. No other + operations on the project are guaranteed to work until the project + creation is complete. + id: ProjectCreationStatus + type: object + description: >- + A status object which is used as the `metadata` field for the Operation + returned by CreateProject. It provides insight for when significant + phases of Project creation have completed. SearchOrganizationsResponse: - id: SearchOrganizationsResponse description: The response returned from the `SearchOrganizations` method. - type: object properties: - organizations: - description: >- - The list of Organizations that matched the search query, possibly - paginated. - type: array - items: - $ref: '#/components/schemas/Organization' nextPageToken: description: >- A pagination token to be used to retrieve the next page of results. @@ -778,567 +781,583 @@ components: fetch the next page of results. If this field is empty, it indicates that this response contains the last page of results. type: string - Project: - id: Project - description: >- - A project is a high-level Google Cloud entity. It is a container for - ACLs, APIs, App Engine Apps, VMs, and other Google Cloud Platform - resources. + organizations: + description: >- + The list of Organizations that matched the search query, possibly + paginated. + type: array + items: + $ref: '#/components/schemas/Organization' + id: SearchOrganizationsResponse + type: object + TagHold: type: object + id: TagHold + description: >- + A TagHold represents the use of a TagValue that is not captured by + TagBindings. If a TagValue has any TagHolds, deletion will be blocked. + This resource is intended to be created in the same cloud location as + the `holder`. properties: - name: + origin: description: >- - Output only. The unique resource name of the project. It is an int64 - generated number prefixed by "projects/". Example: - `projects/415104041262` + Optional. An optional string representing the origin of this + request. This field should include human-understandable information + to distinguish origins from each other. Must be less than 200 + characters. E.g. `migs-35678234` + type: string + createTime: readOnly: true + format: google-datetime type: string - parent: + description: Output only. The time this TagHold was created. + helpLink: description: >- - Optional. A reference to a parent Resource. eg., `organizations/123` - or `folders/876`. + Optional. A URL where an end user can learn more about removing this + hold. E.g. + `https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing` type: string - projectId: - description: >- - Immutable. The unique, user-assigned id of the project. It must be 6 - to 30 lowercase ASCII letters, digits, or hyphens. It must start - with a letter. Trailing hyphens are prohibited. Example: - `tokyo-rain-123` + holder: type: string - state: - description: Output only. The project lifecycle state. + description: >- + Required. The name of the resource where the TagValue is being used. + Must be less than 200 characters. E.g. + `//compute.googleapis.com/compute/projects/myproject/regions/us-east-1/instanceGroupManagers/instance-group` + name: readOnly: true + description: >- + Output only. The resource name of a TagHold. This is a String of the + form: `tagValues/{tag-value-id}/tagHolds/{tag-hold-id}` (e.g. + `tagValues/123/tagHolds/456`). This resource name is generated by + the server. type: string - enumDescriptions: - - >- - Unspecified state. This is only used/useful for distinguishing - unset values. - - The normal and active state. - - >- - The project has been marked for deletion by the user (by invoking - DeleteProject) or by the system (Google Cloud Platform). This can - generally be reversed by invoking UndeleteProject. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - DELETE_REQUESTED + CreateTagKeyMetadata: + description: Runtime operation information for creating a TagKey. + id: CreateTagKeyMetadata + type: object + properties: {} + CloudresourcemanagerGoogleCloudResourcemanagerV2beta1FolderOperation: + id: CloudresourcemanagerGoogleCloudResourcemanagerV2beta1FolderOperation + properties: displayName: + type: string + description: The display name of the folder. + destinationParent: description: >- - Optional. A user-assigned display name of the project. When present - it must be between 4 to 30 characters. Allowed characters are: - lowercase and uppercase letters, numbers, hyphen, single-quote, - double-quote, space, and exclamation point. Example: `My Project` + The resource name of the folder or organization we are either + creating the folder under or moving the folder to. type: string - createTime: - description: Output only. Creation time. - readOnly: true + sourceParent: + description: >- + The resource name of the folder's parent. Only applicable when the + operation_type is MOVE. type: string - format: google-datetime - updateTime: - description: Output only. The most recent time this resource was modified. - readOnly: true + operationType: + enumDescriptions: + - Operation type not specified. + - A create folder operation. + - A move folder operation. + description: The type of this operation. type: string - format: google-datetime - deleteTime: + enum: + - OPERATION_TYPE_UNSPECIFIED + - CREATE + - MOVE + description: Metadata describing a long running folder operation + type: object + ListFoldersResponse: + description: The ListFolders response message. + id: ListFoldersResponse + type: object + properties: + nextPageToken: description: >- - Output only. The time at which this resource was requested for - deletion. - readOnly: true + A pagination token returned from a previous call to `ListFolders` + that indicates from where listing should continue. type: string - format: google-datetime - etag: + folders: + items: + $ref: '#/components/schemas/Folder' description: >- - Output only. A checksum computed by the server based on the current - value of the Project resource. This may be sent on update and delete - requests to ensure the client has an up-to-date value before - proceeding. - readOnly: true + A possibly paginated list of folders that are direct descendants of + the specified parent resource. + type: array + SearchFoldersResponse: + type: object + properties: + nextPageToken: type: string - labels: description: >- - Optional. The labels associated with this project. Label keys must - be between 1 and 63 characters long and must conform to the - following regular expression: \[a-z\](\[-a-z0-9\]*\[a-z0-9\])?. - Label values must be between 0 and 63 characters long and must - conform to the regular expression - (\[a-z\](\[-a-z0-9\]*\[a-z0-9\])?)?. No more than 64 labels can be - associated with a given resource. Clients should store labels in a - representation such as JSON that does not depend on specific - characters being disallowed. Example: `"myBusinessDimension" : - "businessValue"` - type: object - additionalProperties: - type: string - tags: - description: >- - Optional. Input only. Immutable. Tag keys/values directly bound to - this project. Each item in the map must be expressed as " : ". For - example: "123/environment" : "production", "123/costCenter" : - "marketing" Note: Currently this field is in Preview. - type: object - additionalProperties: - type: string - configuredCapabilities: + A pagination token returned from a previous call to `SearchFolders` + that indicates from where searching should continue. + folders: description: >- - Output only. If this project is a Management Project, list of - capabilities configured on the parent folder. Note, presence of any - capability implies that this is a Management Project. Example: - `folders/123/capabilities/app-management`. OUTPUT ONLY. - readOnly: true + A possibly paginated folder search results. the specified parent + resource. type: array items: - type: string - ListProjectsResponse: - id: ListProjectsResponse - description: >- - A page of the response received from the ListProjects method. A - paginated response where more pages are available has `next_page_token` - set. This token can be used in a subsequent request to retrieve the next - request page. NOTE: A response may contain fewer elements than the - request `page_size` and still have a `next_page_token`. + $ref: '#/components/schemas/Folder' + description: The response message for searching folders. + id: SearchFoldersResponse + ListTagKeysResponse: type: object + description: The ListTagKeys response message. properties: - projects: - description: The list of Projects under the parent. This list can be paginated. + tagKeys: type: array items: - $ref: '#/components/schemas/Project' + $ref: '#/components/schemas/TagKey' + description: List of TagKeys that live under the specified parent in the request. nextPageToken: description: >- - Pagination token. If the result set is too large to fit in a single - response, this token is returned. It encodes the position of the - current result cursor. Feeding this value into a new list request - with the `page_token` parameter gives the next page of the results. - When `next_page_token` is not filled in, there is no next page and - the list returned is the last page in the result set. Pagination - tokens have a limited lifetime. + A pagination token returned from a previous call to `ListTagKeys` + that indicates from where listing should continue. type: string - SearchProjectsResponse: - id: SearchProjectsResponse - description: >- - A page of the response received from the SearchProjects method. A - paginated response where more pages are available has `next_page_token` - set. This token can be used in a subsequent request to retrieve the next - request page. - type: object - properties: - projects: - description: >- - The list of Projects that matched the list filter query. This list - can be paginated. - type: array - items: - $ref: '#/components/schemas/Project' - nextPageToken: - description: >- - Pagination token. If the result set is too large to fit in a single - response, this token is returned. It encodes the position of the - current result cursor. Feeding this value into a new list request - with the `page_token` parameter gives the next page of the results. - When `next_page_token` is not filled in, there is no next page and - the list returned is the last page in the result set. Pagination - tokens have a limited lifetime. - type: string - MoveProjectRequest: - id: MoveProjectRequest - description: The request sent to MoveProject method. - type: object + id: ListTagKeysResponse + MoveProjectRequest: properties: destinationParent: description: Required. The new parent to move the Project under. type: string - UndeleteProjectRequest: - id: UndeleteProjectRequest - description: The request sent to the UndeleteProject method. + description: The request sent to MoveProject method. + id: MoveProjectRequest type: object - properties: {} - Capability: - id: Capability - description: Representation of a Capability. + TagKey: + id: TagKey + description: A TagKey, used to group a set of TagValues. type: object properties: - name: - description: >- - Immutable. Identifier. The resource name of the capability. Must be - in the following form: * - `folders/{folder_id}/capabilities/{capability_name}` For example, - `folders/123/capabilities/app-management` Following are the allowed - {capability_name} values: * `app-management` + namespacedName: + description: Output only. Immutable. Namespaced name of the TagKey. type: string - value: - description: >- - Required. The configured value of the capability at the given parent - resource. - type: boolean - TagBindingCollection: - id: TagBindingCollection - description: Represents a collection of tags directly bound to a GCP resource. - type: object - properties: - name: + readOnly: true + shortName: description: >- - Identifier. The name of the TagBindingCollection, following the - convention: - `locations/{location}/tagBindingCollections/{encoded-full-resource-name}` - where the encoded-full-resource-name is the UTF-8 encoded name of - the GCP resource the TagBindings are bound to. - "locations/global/tagBindingCollections/%2f%2fcloudresourcemanager.googleapis.com%2fprojects%2f123" + Required. Immutable. The user friendly name for a TagKey. The short + name should be unique for TagKeys within the same tag namespace. The + short name must be 1-256 characters, beginning and ending with an + alphanumeric character ([a-z0-9A-Z]) with dashes (-), underscores + (_), dots (.), and alphanumerics between. type: string - fullResourceName: - description: >- - The full resource name of the resource the TagBindings are bound to. - E.g. `//cloudresourcemanager.googleapis.com/projects/123` + purpose: + enum: + - PURPOSE_UNSPECIFIED + - GCE_FIREWALL + - DATA_GOVERNANCE + enumDescriptions: + - Unspecified purpose. + - >- + Purpose for Compute Engine firewalls. A corresponding + `purpose_data` should be set for the network the tag is intended + for. The key should be `network` and the value should be in ## + either of these two formats: + `https://www.googleapis.com/compute/{compute_version}/projects/{project_id}/global/networks/{network_id}` + - `{project_id}/{network_name}` ## Examples: + `https://www.googleapis.com/compute/staging_v1/projects/fail-closed-load-testing/global/networks/6992953698831725600` + - `fail-closed-load-testing/load-testing-network` + - >- + Purpose for data governance. Tag Values created under a key with + this purpose may have Tag Value children. No `purpose_data` should + be set. type: string - tags: description: >- - Tag keys/values directly bound to this resource, specified in - namespaced format. For example: "123/environment": "production" - type: object - additionalProperties: - type: string + Optional. A purpose denotes that this Tag is intended for use in + policies of a specific policy engine, and will involve that policy + engine in management operations involving this Tag. A purpose does + not grant a policy engine exclusive rights to the Tag, and it may be + referenced by other policy engines. A purpose cannot be changed once + set. etag: description: >- - Optional. A checksum based on the current bindings which can be - passed to prevent race conditions. This field is always set in - server responses. + Optional. Entity tag which users can pass to prevent race + conditions. This field is always set in server responses. See + UpdateTagKeyRequest for details. type: string - EffectiveTagBindingCollection: - id: EffectiveTagBindingCollection - description: Represents a collection of effective tag bindings for a GCP resource. - type: object - properties: + allowedValuesRegex: + type: string + description: >- + Optional. Regular expression constraint for freeform tag values. If + present, it implicitly allows freeform values (constrained by the + regex). name: description: >- - Identifier. The name of the EffectiveTagBindingCollection, following - the convention: - `locations/{location}/effectiveTagBindingCollections/{encoded-full-resource-name}` - where the encoded-full-resource-name is the UTF-8 encoded name of - the GCP resource the TagBindings are bound to. E.g. - "locations/global/effectiveTagBindingCollections/%2f%2fcloudresourcemanager.googleapis.com%2fprojects%2f123" + Immutable. The resource name for a TagKey. Must be in the format + `tagKeys/{tag_key_id}`, where `tag_key_id` is the generated numeric + id for the TagKey. type: string - fullResourceName: + createTime: + description: Output only. Creation time. + readOnly: true + type: string + format: google-datetime + description: description: >- - The full resource name of the resource the TagBindings are bound to. - E.g. `//cloudresourcemanager.googleapis.com/projects/123` + Optional. User-assigned description of the TagKey. Must not exceed + 256 characters. Read-write. + type: string + updateTime: + description: Output only. Update time. + type: string + readOnly: true + format: google-datetime + parent: type: string - effectiveTags: description: >- - Tag keys/values effectively bound to this resource, specified in - namespaced format. For example: "123/environment": "production" + Immutable. The resource name of the TagKey's parent. A TagKey can be + parented by an Organization or a Project. For a TagKey parented by + an Organization, its parent must be in the form + `organizations/{org_id}`. For a TagKey parented by a Project, its + parent can be in the form `projects/{project_id}` or + `projects/{project_number}`. + purposeData: type: object + description: >- + Optional. Purpose data corresponds to the policy system that the tag + is intended for. See documentation for `Purpose` for formatting of + this field. Purpose data cannot be changed once set. additionalProperties: type: string - ListTagBindingsResponse: - id: ListTagBindingsResponse - description: The ListTagBindings response. - type: object - properties: - tagBindings: - description: A possibly paginated list of TagBindings for the specified resource. - type: array - items: - $ref: '#/components/schemas/TagBinding' - nextPageToken: - description: >- - Pagination token. If the result set is too large to fit in a single - response, this token is returned. It encodes the position of the - current result cursor. Feeding this value into a new list request - with the `page_token` parameter gives the next page of the results. - When `next_page_token` is not filled in, there is no next page and - the list returned is the last page in the result set. Pagination - tokens have a limited lifetime. - type: string - TagBinding: - id: TagBinding - description: >- - A TagBinding represents a connection between a TagValue and a cloud - resource Once a TagBinding is created, the TagValue is applied to all - the descendants of the Google Cloud resource. + MoveFolderMetadata: type: object + id: MoveFolderMetadata + description: Metadata pertaining to the folder move process. properties: - name: + destinationParent: description: >- - Output only. The name of the TagBinding. This is a String of the - form: `tagBindings/{full-resource-name}/{tag-value-name}` (e.g. - `tagBindings/%2F%2Fcloudresourcemanager.googleapis.com%2Fprojects%2F123/tagValues/456`). - readOnly: true + The resource name of the folder or organization to move the folder + to. type: string - parent: - description: >- - The full resource name of the resource the TagValue is bound to. - E.g. `//cloudresourcemanager.googleapis.com/projects/123` + displayName: + description: The display name of the folder. type: string - tagValue: - description: The TagValue of the TagBinding. Must be of the form `tagValues/456`. + sourceParent: + description: The resource name of the folder's parent. type: string - tagValueNamespacedName: + CreateProjectMetadata: + properties: + gettable: + type: boolean description: >- - The namespaced name for the TagValue of the TagBinding. Must be in - the format `{parent_id}/{tag_key_short_name}/{short_name}`. For - methods that support TagValue namespaced name, only one of - tag_value_namespaced_name or tag_value may be filled. Requests with - both fields will be rejected. + True if the project can be retrieved using `GetProject`. No other + operations on the project are guaranteed to work until the project + creation is complete. + createTime: + format: google-datetime + description: Creation time of the project creation workflow. type: string - ListEffectiveTagsResponse: - id: ListEffectiveTagsResponse - description: The response of ListEffectiveTags. + ready: + type: boolean + description: True if the project creation process is complete. + id: CreateProjectMetadata + type: object + description: >- + A status object which is used as the `metadata` field for the Operation + returned by CreateProject. It provides insight for when significant + phases of Project creation have completed. + UndeleteProjectRequest: + properties: {} + description: The request sent to the UndeleteProject method. + type: object + id: UndeleteProjectRequest + AuditLogConfig: type: object + id: AuditLogConfig + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. properties: - effectiveTags: - description: >- - A possibly paginated list of effective tags for the specified - resource. + exemptedMembers: type: array - items: - $ref: '#/components/schemas/EffectiveTag' - nextPageToken: description: >- - Pagination token. If the result set is too large to fit in a single - response, this token is returned. It encodes the position of the - current result cursor. Feeding this value into a new list request - with the `page_token` parameter gives the next page of the results. - When `next_page_token` is not filled in, there is no next page and - the list returned is the last page in the result set. Pagination - tokens have a limited lifetime. - type: string - EffectiveTag: - id: EffectiveTag - description: >- - An EffectiveTag represents a tag that applies to a resource during - policy evaluation. Tags can be either directly bound to a resource or - inherited from its ancestor. EffectiveTag contains the name and - namespaced_name of the tag value and tag key, with additional fields of - `inherited` to indicate the inheritance status of the effective tag. - type: object - properties: - tagValue: - description: Resource name for TagValue in the format `tagValues/456`. + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + items: + type: string + logType: + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ type: string - namespacedTagValue: - description: >- - The namespaced name of the TagValue. Can be in the form - `{organization_id}/{tag_key_short_name}/{tag_value_short_name}` or - `{project_id}/{tag_key_short_name}/{tag_value_short_name}` or - `{project_number}/{tag_key_short_name}/{tag_value_short_name}`. + description: The log type that this config enables. + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + Project: + properties: + state: type: string - tagKey: + enumDescriptions: + - >- + Unspecified state. This is only used/useful for distinguishing + unset values. + - The normal and active state. + - >- + The project has been marked for deletion by the user (by invoking + DeleteProject) or by the system (Google Cloud Platform). This can + generally be reversed by invoking UndeleteProject. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - DELETE_REQUESTED + description: Output only. The project lifecycle state. + readOnly: true + configuredCapabilities: description: >- - The name of the TagKey, in the format `tagKeys/{id}`, such as - `tagKeys/123`. + Output only. If this project is a Management Project, list of + capabilities configured on the parent folder. Note, presence of any + capability implies that this is a Management Project. Example: + `folders/123/capabilities/app-management`. OUTPUT ONLY. + items: + type: string + type: array + readOnly: true + projectId: type: string - namespacedTagKey: description: >- - The namespaced name of the TagKey. Can be in the form - `{organization_id}/{tag_key_short_name}` or - `{project_id}/{tag_key_short_name}` or - `{project_number}/{tag_key_short_name}`. + Immutable. The unique, user-assigned id of the project. It must be 6 + to 30 lowercase ASCII letters, digits, or hyphens. It must start + with a letter. Trailing hyphens are prohibited. Example: + `tokyo-rain-123` + name: type: string - tagKeyParentName: description: >- - The parent name of the tag key. Must be in the format - `organizations/{organization_id}` or `projects/{project_number}` + Output only. The unique resource name of the project. It is an int64 + generated number prefixed by "projects/". Example: + `projects/415104041262` + readOnly: true + etag: type: string - inherited: - description: >- - Indicates the inheritance status of a tag value attached to the - given resource. If the tag value is inherited from one of the - resource's ancestors, inherited will be true. If false, then the tag - value is directly attached to the resource, inherited will be false. - type: boolean - TagHold: - id: TagHold - description: >- - A TagHold represents the use of a TagValue that is not captured by - TagBindings. If a TagValue has any TagHolds, deletion will be blocked. - This resource is intended to be created in the same cloud location as - the `holder`. - type: object - properties: - name: + readOnly: true description: >- - Output only. The resource name of a TagHold. This is a String of the - form: `tagValues/{tag-value-id}/tagHolds/{tag-hold-id}` (e.g. - `tagValues/123/tagHolds/456`). This resource name is generated by - the server. + Output only. A checksum computed by the server based on the current + value of the Project resource. This may be sent on update and delete + requests to ensure the client has an up-to-date value before + proceeding. + deleteTime: readOnly: true - type: string - holder: + format: google-datetime description: >- - Required. The name of the resource where the TagValue is being used. - Must be less than 200 characters. E.g. - `//compute.googleapis.com/compute/projects/myproject/regions/us-east-1/instanceGroupManagers/instance-group` + Output only. The time at which this resource was requested for + deletion. type: string - origin: + labels: description: >- - Optional. An optional string representing the origin of this - request. This field should include human-understandable information - to distinguish origins from each other. Must be less than 200 - characters. E.g. `migs-35678234` + Optional. The labels associated with this project. Label keys must + be between 1 and 63 characters long and must conform to the + following regular expression: \[a-z\](\[-a-z0-9\]*\[a-z0-9\])?. + Label values must be between 0 and 63 characters long and must + conform to the regular expression + (\[a-z\](\[-a-z0-9\]*\[a-z0-9\])?)?. No more than 64 labels can be + associated with a given resource. Clients should store labels in a + representation such as JSON that does not depend on specific + characters being disallowed. Example: `"myBusinessDimension" : + "businessValue"` + type: object + additionalProperties: + type: string + updateTime: + format: google-datetime + readOnly: true type: string - helpLink: + description: Output only. The most recent time this resource was modified. + tags: description: >- - Optional. A URL where an end user can learn more about removing this - hold. E.g. - `https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing` - type: string + Optional. Input only. Immutable. Tag keys/values directly bound to + this project. Each item in the map must be expressed as " : ". For + example: "123/environment" : "production", "123/costCenter" : + "marketing" Note: Currently this field is in Preview. + type: object + additionalProperties: + type: string createTime: - description: Output only. The time this TagHold was created. - readOnly: true + description: Output only. Creation time. type: string format: google-datetime - ListTagHoldsResponse: - id: ListTagHoldsResponse - description: The ListTagHolds response. - type: object - properties: - tagHolds: - description: A possibly paginated list of TagHolds. - type: array - items: - $ref: '#/components/schemas/TagHold' - nextPageToken: + readOnly: true + parent: description: >- - Pagination token. If the result set is too large to fit in a single - response, this token is returned. It encodes the position of the - current result cursor. Feeding this value into a new list request - with the `page_token` parameter gives the next page of the results. - When `next_page_token` is not filled in, there is no next page and - the list returned is the last page in the result set. Pagination - tokens have a limited lifetime. + Optional. A reference to a parent Resource. eg., `organizations/123` + or `folders/876`. type: string - ListTagKeysResponse: - id: ListTagKeysResponse - description: The ListTagKeys response message. - type: object - properties: - tagKeys: - description: List of TagKeys that live under the specified parent in the request. - type: array - items: - $ref: '#/components/schemas/TagKey' - nextPageToken: + displayName: description: >- - A pagination token returned from a previous call to `ListTagKeys` - that indicates from where listing should continue. + Optional. A user-assigned display name of the project. When present + it must be between 4 to 30 characters. Allowed characters are: + lowercase and uppercase letters, numbers, hyphen, single-quote, + double-quote, space, and exclamation point. Example: `My Project` type: string - TagKey: - id: TagKey - description: A TagKey, used to group a set of TagValues. + description: >- + A project is a high-level Google Cloud entity. It is a container for + ACLs, APIs, App Engine Apps, VMs, and other Google Cloud Platform + resources. + id: Project type: object + Capability: + description: Representation of a Capability. properties: - name: - description: >- - Immutable. The resource name for a TagKey. Must be in the format - `tagKeys/{tag_key_id}`, where `tag_key_id` is the generated numeric - id for the TagKey. - type: string - parent: - description: >- - Immutable. The resource name of the TagKey's parent. A TagKey can be - parented by an Organization or a Project. For a TagKey parented by - an Organization, its parent must be in the form - `organizations/{org_id}`. For a TagKey parented by a Project, its - parent can be in the form `projects/{project_id}` or - `projects/{project_number}`. - type: string - shortName: + value: + type: boolean description: >- - Required. Immutable. The user friendly name for a TagKey. The short - name should be unique for TagKeys within the same tag namespace. The - short name must be 1-256 characters, beginning and ending with an - alphanumeric character ([a-z0-9A-Z]) with dashes (-), underscores - (_), dots (.), and alphanumerics between. - type: string - namespacedName: - description: Output only. Immutable. Namespaced name of the TagKey. - readOnly: true + Required. The configured value of the capability at the given parent + resource. + name: type: string - description: description: >- - Optional. User-assigned description of the TagKey. Must not exceed - 256 characters. Read-write. - type: string - createTime: - description: Output only. Creation time. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Update time. - readOnly: true + Immutable. Identifier. The resource name of the capability. Must be + in the following form: * + `folders/{folder_id}/capabilities/{capability_name}` For example, + `folders/123/capabilities/app-management` Following are the allowed + {capability_name} values: * `app-management` + id: Capability + type: object + CloudresourcemanagerGoogleCloudResourcemanagerV2alpha1FolderOperation: + description: Metadata describing a long running folder operation + properties: + displayName: + description: The display name of the folder. type: string - format: google-datetime - etag: - description: >- - Optional. Entity tag which users can pass to prevent race - conditions. This field is always set in server responses. See - UpdateTagKeyRequest for details. + sourceParent: type: string - purpose: description: >- - Optional. A purpose denotes that this Tag is intended for use in - policies of a specific policy engine, and will involve that policy - engine in management operations involving this Tag. A purpose does - not grant a policy engine exclusive rights to the Tag, and it may be - referenced by other policy engines. A purpose cannot be changed once - set. - type: string + The resource name of the folder's parent. Only applicable when the + operation_type is MOVE. + operationType: enumDescriptions: - - Unspecified purpose. - - >- - Purpose for Compute Engine firewalls. A corresponding - `purpose_data` should be set for the network the tag is intended - for. The key should be `network` and the value should be in ## - either of these two formats: - `https://www.googleapis.com/compute/{compute_version}/projects/{project_id}/global/networks/{network_id}` - - `{project_id}/{network_name}` ## Examples: - `https://www.googleapis.com/compute/staging_v1/projects/fail-closed-load-testing/global/networks/6992953698831725600` - - `fail-closed-load-testing/load-testing-network` - - >- - Purpose for data governance. Tag Values created under a key with - this purpose may have Tag Value children. No `purpose_data` should - be set. + - Operation type not specified. + - A create folder operation. + - A move folder operation. + description: The type of this operation. enum: - - PURPOSE_UNSPECIFIED - - GCE_FIREWALL - - DATA_GOVERNANCE - purposeData: + - OPERATION_TYPE_UNSPECIFIED + - CREATE + - MOVE + type: string + destinationParent: description: >- - Optional. Purpose data corresponds to the policy system that the tag - is intended for. See documentation for `Purpose` for formatting of - this field. Purpose data cannot be changed once set. - type: object - additionalProperties: - type: string + The resource name of the folder or organization we are either + creating the folder under or moving the folder to. + type: string + type: object + id: CloudresourcemanagerGoogleCloudResourcemanagerV2alpha1FolderOperation ListTagValuesResponse: id: ListTagValuesResponse - description: The ListTagValues response. type: object + description: The ListTagValues response. properties: tagValues: + items: + $ref: '#/components/schemas/TagValue' description: >- A possibly paginated list of TagValues that are direct descendants of the specified parent TagKey. type: array - items: - $ref: '#/components/schemas/TagValue' nextPageToken: + type: string description: >- A pagination token returned from a previous call to `ListTagValues` - that indicates from where listing should continue. This is currently - not used, but the server may at any point start supplying a valid - token. + that indicates from where listing should continue. + Status: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + type: object + properties: + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + code: + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + details: + type: array + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + id: Status + UpdateTagKeyMetadata: + properties: {} + description: Runtime operation information for updating a TagKey. + type: object + id: UpdateTagKeyMetadata + SetIamPolicyRequest: + description: Request message for `SetIamPolicy` method. + properties: + updateMask: + format: google-fieldmask + description: >- + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` type: string + policy: + $ref: '#/components/schemas/Policy' + description: >- + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + type: object + id: SetIamPolicyRequest + GetPolicyOptions: + type: object + description: Encapsulates settings provided to GetIamPolicy. + properties: + requestedPolicyVersion: + format: int32 + type: integer + description: >- + Optional. The maximum policy version that will be used to format the + policy. Valid values are 0, 1, and 3. Requests specifying an invalid + value will be rejected. Requests for policies with any conditional + role bindings must specify version 3. Policies with no conditional + role bindings may specify any valid value or leave the field unset. + The policy in the response might use the policy version that you + specified, or it might use a lower policy version. For example, if + you specify version 3, but the policy has no conditional role + bindings, the response uses version 1. To learn which resources + support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + id: GetPolicyOptions TagValue: - id: TagValue description: >- A TagValue is a child of a particular TagKey. This is used to group cloud resources for the purpose of controlling them using policies. + id: TagValue type: object properties: - name: - description: Immutable. Resource name for TagValue in the format `tagValues/456`. + etag: + type: string + description: >- + Optional. Entity tag which users can pass to prevent race + conditions. This field is always set in server responses. See + UpdateTagValueRequest for details. + updateTime: + readOnly: true type: string + description: Output only. Update time. + format: google-datetime parent: description: >- Immutable. The resource name of the new TagValue's parent TagKey. @@ -1352,93 +1371,112 @@ components: ending with an alphanumeric character ([a-z0-9A-Z]) with dashes (-), underscores (_), dots (.), and alphanumerics between. type: string - namespacedName: - description: >- - Output only. The namespaced name of the TagValue. Can be in the form - `{organization_id}/{tag_key_short_name}/{tag_value_short_name}` or - `{project_id}/{tag_key_short_name}/{tag_value_short_name}` or - `{project_number}/{tag_key_short_name}/{tag_value_short_name}`. + createTime: + description: Output only. Creation time. + format: google-datetime readOnly: true type: string description: + type: string description: >- Optional. User-assigned description of the TagValue. Must not exceed 256 characters. Read-write. + name: type: string - createTime: - description: Output only. Creation time. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Update time. - readOnly: true - type: string - format: google-datetime - etag: + description: Immutable. Resource name for TagValue in the format `tagValues/456`. + namespacedName: description: >- - Optional. Entity tag which users can pass to prevent race - conditions. This field is always set in server responses. See - UpdateTagValueRequest for details. + Output only. The namespaced name of the TagValue. Can be in the form + `{organization_id}/{tag_key_short_name}/{tag_value_short_name}` or + `{project_id}/{tag_key_short_name}/{tag_value_short_name}` or + `{project_number}/{tag_key_short_name}/{tag_value_short_name}`. type: string - ProjectCreationStatus: - id: ProjectCreationStatus + readOnly: true + UndeleteProjectMetadata: + properties: {} description: >- A status object which is used as the `metadata` field for the Operation - returned by CreateProject. It provides insight for when significant - phases of Project creation have completed. + returned by `UndeleteProject`. type: object - properties: - createTime: - description: Creation time of the project creation workflow. - type: string - format: google-datetime - gettable: - description: >- - True if the project can be retrieved using GetProject. No other - operations on the project are guaranteed to work until the project - creation is complete. - type: boolean - ready: - description: True if the project creation process is complete. - type: boolean - CloudresourcemanagerGoogleCloudResourcemanagerV2alpha1FolderOperation: - id: CloudresourcemanagerGoogleCloudResourcemanagerV2alpha1FolderOperation - description: Metadata describing a long running folder operation + id: UndeleteProjectMetadata + UndeleteOrganizationMetadata: + type: object + description: >- + A status object which is used as the `metadata` field for the Operation + returned by UndeleteOrganization. + id: UndeleteOrganizationMetadata + properties: {} + Empty: + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + properties: {} + DeleteFolderMetadata: + id: DeleteFolderMetadata + properties: {} type: object + description: >- + A status object which is used as the `metadata` field for the + `Operation` returned by `DeleteFolder`. + TestIamPermissionsRequest: + type: object + id: TestIamPermissionsRequest + description: Request message for `TestIamPermissions` method. properties: - displayName: - description: The display name of the folder. - type: string - operationType: - description: The type of this operation. - type: string - enumDescriptions: - - Operation type not specified. - - A create folder operation. - - A move folder operation. - enum: - - OPERATION_TYPE_UNSPECIFIED - - CREATE - - MOVE - sourceParent: + permissions: + type: array + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + items: + type: string + TagBinding: + type: object + properties: + tagValue: + type: string + description: The TagValue of the TagBinding. Must be of the form `tagValues/456`. + tagValueNamespacedName: description: >- - The resource name of the folder's parent. Only applicable when the - operation_type is MOVE. + The namespaced name for the TagValue of the TagBinding. Must be in + the format `{parent_id}/{tag_key_short_name}/{short_name}`. For + methods that support TagValue namespaced name, only one of + tag_value_namespaced_name or tag_value may be filled. Requests with + both fields will be rejected. type: string - destinationParent: + name: + readOnly: true description: >- - The resource name of the folder or organization we are either - creating the folder under or moving the folder to. + Output only. The name of the TagBinding. This is a String of the + form: `tagBindings/{full-resource-name}/{tag-value-name}` (e.g. + `tagBindings/%2F%2Fcloudresourcemanager.googleapis.com%2Fprojects%2F123/tagValues/456`). type: string - FolderOperationError: - id: FolderOperationError - description: A classification of the Folder Operation error. + parent: + type: string + description: >- + The full resource name of the resource the TagValue is bound to. + E.g. `//cloudresourcemanager.googleapis.com/projects/123` + description: >- + A TagBinding represents a connection between a TagValue and a cloud + resource Once a TagBinding is created, the TagValue is applied to all + the descendants of the Google Cloud resource. + id: TagBinding + MoveProjectMetadata: + id: MoveProjectMetadata type: object + properties: {} + description: >- + A status object which is used as the `metadata` field for the Operation + returned by MoveProject. + FolderOperationError: properties: errorMessageId: - description: The type of operation error experienced. - type: string enumDescriptions: - The error type was unrecognized or unspecified. - >- @@ -1462,6 +1500,7 @@ components: - >- The attempted action would violate the max deleted folder depth constraint. + - The folder being deleted has a configured capability. enum: - ERROR_TYPE_UNSPECIFIED - ACTIVE_FOLDER_HEIGHT_VIOLATION @@ -1473,238 +1512,207 @@ components: - FOLDER_BEING_MOVED_VIOLATION - FOLDER_TO_DELETE_NON_EMPTY_VIOLATION - DELETED_FOLDER_HEIGHT_VIOLATION - CloudresourcemanagerGoogleCloudResourcemanagerV2beta1FolderOperation: - id: CloudresourcemanagerGoogleCloudResourcemanagerV2beta1FolderOperation - description: Metadata describing a long running folder operation + - FOLDER_TO_DELETE_CONFIGURED_CAPABILITY_VIOLATION + description: The type of operation error experienced. + type: string + id: FolderOperationError + type: object + description: A classification of the Folder Operation error. + TagBindingCollection: + description: Represents a collection of tags directly bound to a GCP resource. type: object properties: - displayName: - description: The display name of the folder. - type: string - operationType: - description: The type of this operation. - type: string - enumDescriptions: - - Operation type not specified. - - A create folder operation. - - A move folder operation. - enum: - - OPERATION_TYPE_UNSPECIFIED - - CREATE - - MOVE - sourceParent: + fullResourceName: description: >- - The resource name of the folder's parent. Only applicable when the - operation_type is MOVE. + The full resource name of the resource the TagBindings are bound to. + E.g. `//cloudresourcemanager.googleapis.com/projects/123` type: string - destinationParent: + tags: description: >- - The resource name of the folder or organization we are either - creating the folder under or moving the folder to. - type: string - FolderOperation: - id: FolderOperation - description: Metadata describing a long running folder operation - type: object - properties: - displayName: - description: The display name of the folder. - type: string - operationType: - description: The type of this operation. + Tag keys/values directly bound to this resource, specified in + namespaced format. For example: "123/environment": "production" + additionalProperties: + type: string + type: object + etag: type: string - enumDescriptions: - - Operation type not specified. - - A create folder operation. - - A move folder operation. - enum: - - OPERATION_TYPE_UNSPECIFIED - - CREATE - - MOVE - sourceParent: description: >- - The resource name of the folder's parent. Only applicable when the - operation_type is MOVE. - type: string - destinationParent: + Optional. A checksum based on the current bindings which can be + passed to prevent race conditions. This field is always set in + server responses. + name: description: >- - The resource name of the folder or organization we are either - creating the folder under or moving the folder to. + Identifier. The name of the TagBindingCollection, following the + convention: + `locations/{location}/tagBindingCollections/{encoded-full-resource-name}` + where the encoded-full-resource-name is the UTF-8 encoded name of + the GCP resource the TagBindings are bound to. + "locations/global/tagBindingCollections/%2f%2fcloudresourcemanager.googleapis.com%2fprojects%2f123" type: string - DeleteOrganizationMetadata: - id: DeleteOrganizationMetadata - description: >- - A status object which is used as the `metadata` field for the operation - returned by DeleteOrganization. - type: object + id: TagBindingCollection + UndeleteFolderRequest: + description: The UndeleteFolder request message. properties: {} - UndeleteOrganizationMetadata: - id: UndeleteOrganizationMetadata - description: >- - A status object which is used as the `metadata` field for the Operation - returned by UndeleteOrganization. type: object - properties: {} - CreateFolderMetadata: - id: CreateFolderMetadata - description: Metadata pertaining to the Folder creation process. + id: UndeleteFolderRequest + ListEffectiveTagsResponse: + description: The response of ListEffectiveTags. + id: ListEffectiveTagsResponse type: object properties: - displayName: - description: The display name of the folder. - type: string - parent: + effectiveTags: + items: + $ref: '#/components/schemas/EffectiveTag' description: >- - The resource name of the folder or organization we are creating the - folder under. + A possibly paginated list of effective tags for the specified + resource. + type: array + nextPageToken: + description: >- + Pagination token. If the result set is too large to fit in a single + response, this token is returned. It encodes the position of the + current result cursor. Feeding this value into a new list request + with the `page_token` parameter gives the next page of the results. + When `next_page_token` is not filled in, there is no next page and + the list returned is the last page in the result set. Pagination + tokens have a limited lifetime. type: string - UpdateFolderMetadata: - id: UpdateFolderMetadata + ListProjectsResponse: description: >- - A status object which is used as the `metadata` field for the Operation - returned by UpdateFolder. - type: object - properties: {} - MoveFolderMetadata: - id: MoveFolderMetadata - description: Metadata pertaining to the folder move process. + A page of the response received from the ListProjects method. A + paginated response where more pages are available has `next_page_token` + set. This token can be used in a subsequent request to retrieve the next + request page. NOTE: A response may contain fewer elements than the + request `page_size` and still have a `next_page_token`. + id: ListProjectsResponse type: object properties: - displayName: - description: The display name of the folder. - type: string - sourceParent: - description: The resource name of the folder's parent. + projects: + description: The list of Projects under the parent. This list can be paginated. + type: array + items: + $ref: '#/components/schemas/Project' + nextPageToken: + description: >- + Pagination token. If the result set is too large to fit in a single + response, this token is returned. It encodes the position of the + current result cursor. Feeding this value into a new list request + with the `page_token` parameter gives the next page of the results. + When `next_page_token` is not filled in, there is no next page and + the list returned is the last page in the result set. Pagination + tokens have a limited lifetime. type: string - destinationParent: + Binding: + properties: + members: + items: + type: string + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + type: array + condition: + $ref: '#/components/schemas/Expr' description: >- - The resource name of the folder or organization to move the folder - to. - type: string - DeleteFolderMetadata: - id: DeleteFolderMetadata - description: >- - A status object which is used as the `metadata` field for the - `Operation` returned by `DeleteFolder`. - type: object - properties: {} - UndeleteFolderMetadata: - id: UndeleteFolderMetadata - description: >- - A status object which is used as the `metadata` field for the - `Operation` returned by `UndeleteFolder`. - type: object - properties: {} - CreateProjectMetadata: - id: CreateProjectMetadata - description: >- - A status object which is used as the `metadata` field for the Operation - returned by CreateProject. It provides insight for when significant - phases of Project creation have completed. - type: object - properties: - createTime: - description: Creation time of the project creation workflow. + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + role: type: string - format: google-datetime - gettable: description: >- - True if the project can be retrieved using `GetProject`. No other - operations on the project are guaranteed to work until the project - creation is complete. - type: boolean - ready: - description: True if the project creation process is complete. - type: boolean - UpdateProjectMetadata: - id: UpdateProjectMetadata - description: >- - A status object which is used as the `metadata` field for the Operation - returned by UpdateProject. - type: object - properties: {} - MoveProjectMetadata: - id: MoveProjectMetadata - description: >- - A status object which is used as the `metadata` field for the Operation - returned by MoveProject. - type: object - properties: {} - DeleteProjectMetadata: - id: DeleteProjectMetadata - description: >- - A status object which is used as the `metadata` field for the Operation - returned by `DeleteProject`. - type: object - properties: {} - UndeleteProjectMetadata: - id: UndeleteProjectMetadata - description: >- - A status object which is used as the `metadata` field for the Operation - returned by `UndeleteProject`. - type: object - properties: {} - CreateTagKeyMetadata: - id: CreateTagKeyMetadata - description: Runtime operation information for creating a TagKey. - type: object - properties: {} - UpdateTagKeyMetadata: - id: UpdateTagKeyMetadata - description: Runtime operation information for updating a TagKey. - type: object - properties: {} - DeleteTagKeyMetadata: - id: DeleteTagKeyMetadata - description: Runtime operation information for deleting a TagKey. - type: object - properties: {} - CreateTagValueMetadata: - id: CreateTagValueMetadata - description: Runtime operation information for creating a TagValue. - type: object - properties: {} - UpdateTagValueMetadata: - id: UpdateTagValueMetadata - description: Runtime operation information for updating a TagValue. - type: object - properties: {} - DeleteTagValueMetadata: - id: DeleteTagValueMetadata - description: Runtime operation information for deleting a TagValue. - type: object - properties: {} - CreateTagBindingMetadata: - id: CreateTagBindingMetadata - description: Runtime operation information for creating a TagValue. - type: object - properties: {} - DeleteTagBindingMetadata: - id: DeleteTagBindingMetadata - description: Runtime operation information for deleting a TagBinding. + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). type: object - properties: {} + description: Associates `members`, or principals, with a `role`. + id: Binding parameters: - access_token: - description: OAuth access token. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: access_token + name: quotaUser schema: type: string - alt: - description: Data format for response. + _.xgafv: + description: V1 error format. in: query - name: alt + name: $.xgafv schema: type: string enum: - - json - - media - - proto - callback: - description: JSONP + - '1' + - '2' + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: callback + name: upload_protocol schema: type: string fields: @@ -1713,231 +1721,225 @@ components: name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + callback: + description: JSONP in: query - name: prettyPrint + name: callback schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + type: string + access_token: + description: OAuth access token. in: query - name: quotaUser + name: access_token schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + alt: + description: Data format for response. in: query - name: upload_protocol + name: alt schema: type: string + enum: + - json + - media + - proto + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query name: uploadType schema: type: string - _.xgafv: - description: V1 error format. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: $.xgafv + name: key schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: - liens: - id: google.cloudresourcemanager.liens - name: liens - title: Liens - methods: - list: - operation: - $ref: '#/paths/~1v3~1liens/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.liens - create: - operation: - $ref: '#/paths/~1v3~1liens/post' - response: - mediaType: application/json - openAPIDocKey: '200' - get: - operation: - $ref: '#/paths/~1v3~1liens~1{liensId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: '#/paths/~1v3~1liens~1{liensId}/delete' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/liens/methods/get' - - $ref: '#/components/x-stackQL-resources/liens/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/liens/methods/create' - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/liens/methods/delete' - operations: - id: google.cloudresourcemanager.operations - name: operations - title: Operations + effective_tags: + id: google.cloudresourcemanager.effective_tags + name: effective_tags + title: Effective_tags methods: - get: + list: operation: - $ref: '#/paths/~1v3~1operations~1{operationsId}/get' + $ref: '#/paths/~1v3~1effectiveTags/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.effectiveTags sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/effective_tags/methods/list' insert: [] update: [] replace: [] delete: [] - folders: - id: google.cloudresourcemanager.folders - name: folders - title: Folders + tag_holds: + id: google.cloudresourcemanager.tag_holds + name: tag_holds + title: Tag_holds methods: - get: + delete: operation: - $ref: '#/paths/~1v3~1folders~1{foldersId}/get' + $ref: >- + #/paths/~1v3~1tagValues~1{tagValuesId}~1tagHolds~1{tagHoldsId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: - $ref: '#/paths/~1v3~1folders~1{foldersId}/patch' + $ref: '#/paths/~1v3~1tagValues~1{tagValuesId}~1tagHolds/get' response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.tagHolds + create: operation: - $ref: '#/paths/~1v3~1folders~1{foldersId}/delete' + $ref: '#/paths/~1v3~1tagValues~1{tagValuesId}~1tagHolds/post' response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/tag_holds/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/tag_holds/methods/create' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/tag_holds/methods/delete' + tag_values: + id: google.cloudresourcemanager.tag_values + name: tag_values + title: Tag_values + methods: list: operation: - $ref: '#/paths/~1v3~1folders/get' + $ref: '#/paths/~1v3~1tagValues/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.folders + objectKey: $.tagValues create: operation: - $ref: '#/paths/~1v3~1folders/post' + $ref: '#/paths/~1v3~1tagValues/post' response: mediaType: application/json openAPIDocKey: '200' - search: + patch: operation: - $ref: '#/paths/~1v3~1folders:search/get' + $ref: '#/paths/~1v3~1tagValues~1{tagValuesId}/patch' response: mediaType: application/json openAPIDocKey: '200' - move: + delete: operation: - $ref: '#/paths/~1v3~1folders~1{foldersId}:move/post' + $ref: '#/paths/~1v3~1tagValues~1{tagValuesId}/delete' response: mediaType: application/json openAPIDocKey: '200' - undelete: + get: operation: - $ref: '#/paths/~1v3~1folders~1{foldersId}:undelete/post' + $ref: '#/paths/~1v3~1tagValues~1{tagValuesId}/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/folders/methods/get' - - $ref: '#/components/x-stackQL-resources/folders/methods/list' + - $ref: '#/components/x-stackQL-resources/tag_values/methods/get' + - $ref: '#/components/x-stackQL-resources/tag_values/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/folders/methods/create' + - $ref: '#/components/x-stackQL-resources/tag_values/methods/create' update: - - $ref: '#/components/x-stackQL-resources/folders/methods/patch' + - $ref: '#/components/x-stackQL-resources/tag_values/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/folders/methods/delete' - folders_iam_policies: - id: google.cloudresourcemanager.folders_iam_policies - name: folders_iam_policies - title: Folders_iam_policies + - $ref: '#/components/x-stackQL-resources/tag_values/methods/delete' + tag_values_iam_policies: + id: google.cloudresourcemanager.tag_values_iam_policies + name: tag_values_iam_policies + title: Tag_values_iam_policies methods: - get_iam_policy: + set_iam_policy: operation: - $ref: '#/paths/~1v3~1folders~1{foldersId}:getIamPolicy/post' + $ref: '#/paths/~1v3~1tagValues~1{tagValuesId}:setIamPolicy/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - set_iam_policy: + get_iam_policy: operation: - $ref: '#/paths/~1v3~1folders~1{foldersId}:setIamPolicy/post' + $ref: '#/paths/~1v3~1tagValues~1{tagValuesId}:getIamPolicy/post' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings test_iam_permissions: operation: - $ref: '#/paths/~1v3~1folders~1{foldersId}:testIamPermissions/post' + $ref: '#/paths/~1v3~1tagValues~1{tagValuesId}:testIamPermissions/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/folders_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/tag_values_iam_policies/methods/get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/folders_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/tag_values_iam_policies/methods/set_iam_policy + delete: [] + tag_values_namespaced: + id: google.cloudresourcemanager.tag_values_namespaced + name: tag_values_namespaced + title: Tag_values_namespaced + methods: + get_namespaced: + operation: + $ref: '#/paths/~1v3~1tagValues~1namespaced/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/tag_values_namespaced/methods/get_namespaced + insert: [] + update: [] + replace: [] delete: [] capabilities: id: google.cloudresourcemanager.capabilities name: capabilities title: Capabilities methods: - get: + patch: operation: $ref: >- - #/paths/~1v3~1folders~1{foldersId}~1capabilities~1{capabilitiesId}/get + #/paths/~1v3~1folders~1{foldersId}~1capabilities~1{capabilitiesId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + get: operation: $ref: >- - #/paths/~1v3~1folders~1{foldersId}~1capabilities~1{capabilitiesId}/patch + #/paths/~1v3~1folders~1{foldersId}~1capabilities~1{capabilitiesId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -1949,192 +1951,181 @@ components: - $ref: '#/components/x-stackQL-resources/capabilities/methods/patch' replace: [] delete: [] - organizations: - id: google.cloudresourcemanager.organizations - name: organizations - title: Organizations + folders_iam_policies: + id: google.cloudresourcemanager.folders_iam_policies + name: folders_iam_policies + title: Folders_iam_policies methods: - get: - operation: - $ref: '#/paths/~1v3~1organizations~1{organizationsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - search: + test_iam_permissions: operation: - $ref: '#/paths/~1v3~1organizations:search/get' + $ref: '#/paths/~1v3~1folders~1{foldersId}:testIamPermissions/post' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/organizations/methods/get' - insert: [] - update: [] - replace: [] - delete: [] - organizations_iam_policies: - id: google.cloudresourcemanager.organizations_iam_policies - name: organizations_iam_policies - title: Organizations_iam_policies - methods: get_iam_policy: operation: - $ref: '#/paths/~1v3~1organizations~1{organizationsId}:getIamPolicy/post' + $ref: '#/paths/~1v3~1folders~1{foldersId}:getIamPolicy/post' response: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings set_iam_policy: operation: - $ref: '#/paths/~1v3~1organizations~1{organizationsId}:setIamPolicy/post' - response: - mediaType: application/json - openAPIDocKey: '200' - test_iam_permissions: - operation: - $ref: >- - #/paths/~1v3~1organizations~1{organizationsId}:testIamPermissions/post + $ref: '#/paths/~1v3~1folders~1{foldersId}:setIamPolicy/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/organizations_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/folders_iam_policies/methods/get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/organizations_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/folders_iam_policies/methods/set_iam_policy delete: [] - projects: - id: google.cloudresourcemanager.projects - name: projects - title: Projects + folders: + id: google.cloudresourcemanager.folders + name: folders + title: Folders methods: - get: + move: operation: - $ref: '#/paths/~1v3~1projects~1{projectsId}/get' + $ref: '#/paths/~1v3~1folders~1{foldersId}:move/post' response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: - $ref: '#/paths/~1v3~1projects~1{projectsId}/patch' + $ref: '#/paths/~1v3~1folders/get' response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.folders + create: operation: - $ref: '#/paths/~1v3~1projects~1{projectsId}/delete' + $ref: '#/paths/~1v3~1folders/post' response: mediaType: application/json openAPIDocKey: '200' - list: + undelete: operation: - $ref: '#/paths/~1v3~1projects/get' + $ref: '#/paths/~1v3~1folders~1{foldersId}:undelete/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.projects - create: + delete: operation: - $ref: '#/paths/~1v3~1projects/post' + $ref: '#/paths/~1v3~1folders~1{foldersId}/delete' response: mediaType: application/json openAPIDocKey: '200' - search: + patch: operation: - $ref: '#/paths/~1v3~1projects:search/get' + $ref: '#/paths/~1v3~1folders~1{foldersId}/patch' response: mediaType: application/json openAPIDocKey: '200' - move: + get: operation: - $ref: '#/paths/~1v3~1projects~1{projectsId}:move/post' + $ref: '#/paths/~1v3~1folders~1{foldersId}/get' response: mediaType: application/json openAPIDocKey: '200' - undelete: + search: operation: - $ref: '#/paths/~1v3~1projects~1{projectsId}:undelete/post' + $ref: '#/paths/~1v3~1folders:search/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/projects/methods/get' - - $ref: '#/components/x-stackQL-resources/projects/methods/list' + - $ref: '#/components/x-stackQL-resources/folders/methods/get' + - $ref: '#/components/x-stackQL-resources/folders/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/projects/methods/create' + - $ref: '#/components/x-stackQL-resources/folders/methods/create' update: - - $ref: '#/components/x-stackQL-resources/projects/methods/patch' + - $ref: '#/components/x-stackQL-resources/folders/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/projects/methods/delete' - projects_iam_policies: - id: google.cloudresourcemanager.projects_iam_policies - name: projects_iam_policies - title: Projects_iam_policies + - $ref: '#/components/x-stackQL-resources/folders/methods/delete' + operations: + id: google.cloudresourcemanager.operations + name: operations + title: Operations methods: - get_iam_policy: + get: operation: - $ref: '#/paths/~1v3~1projects~1{projectsId}:getIamPolicy/post' + $ref: '#/paths/~1v3~1operations~1{operationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - set_iam_policy: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + insert: [] + update: [] + replace: [] + delete: [] + organizations: + id: google.cloudresourcemanager.organizations + name: organizations + title: Organizations + methods: + search: operation: - $ref: '#/paths/~1v3~1projects~1{projectsId}:setIamPolicy/post' + $ref: '#/paths/~1v3~1organizations:search/get' response: mediaType: application/json openAPIDocKey: '200' - test_iam_permissions: + get: operation: - $ref: '#/paths/~1v3~1projects~1{projectsId}:testIamPermissions/post' + $ref: '#/paths/~1v3~1organizations~1{organizationsId}/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/projects_iam_policies/methods/get_iam_policy + select: + - $ref: '#/components/x-stackQL-resources/organizations/methods/get' insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/projects_iam_policies/methods/set_iam_policy + replace: [] delete: [] - tag_binding_collections: - id: google.cloudresourcemanager.tag_binding_collections - name: tag_binding_collections - title: Tag_binding_collections + organizations_iam_policies: + id: google.cloudresourcemanager.organizations_iam_policies + name: organizations_iam_policies + title: Organizations_iam_policies methods: - get: + get_iam_policy: operation: - $ref: >- - #/paths/~1v3~1locations~1{locationsId}~1tagBindingCollections~1{tagBindingCollectionsId}/get + $ref: '#/paths/~1v3~1organizations~1{organizationsId}:getIamPolicy/post' response: mediaType: application/json openAPIDocKey: '200' - update: + objectKey: $.bindings + test_iam_permissions: operation: $ref: >- - #/paths/~1v3~1locations~1{locationsId}~1tagBindingCollections~1{tagBindingCollectionsId}/put + #/paths/~1v3~1organizations~1{organizationsId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + set_iam_policy: + operation: + $ref: '#/paths/~1v3~1organizations~1{organizationsId}:setIamPolicy/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/tag_binding_collections/methods/get + #/components/x-stackQL-resources/organizations_iam_policies/methods/get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/tag_binding_collections/methods/update + #/components/x-stackQL-resources/organizations_iam_policies/methods/set_iam_policy delete: [] effective_tag_binding_collections: id: google.cloudresourcemanager.effective_tag_binding_collections @@ -2156,123 +2147,133 @@ components: update: [] replace: [] delete: [] - tag_bindings: - id: google.cloudresourcemanager.tag_bindings - name: tag_bindings - title: Tag_bindings + tag_binding_collections: + id: google.cloudresourcemanager.tag_binding_collections + name: tag_binding_collections + title: Tag_binding_collections methods: - list: - operation: - $ref: '#/paths/~1v3~1tagBindings/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.tagBindings - create: + get: operation: - $ref: '#/paths/~1v3~1tagBindings/post' + $ref: >- + #/paths/~1v3~1locations~1{locationsId}~1tagBindingCollections~1{tagBindingCollectionsId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: - $ref: '#/paths/~1v3~1tagBindings~1{tagBindingsId}/delete' + $ref: >- + #/paths/~1v3~1locations~1{locationsId}~1tagBindingCollections~1{tagBindingCollectionsId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/tag_bindings/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/tag_bindings/methods/create' - update: [] + - $ref: >- + #/components/x-stackQL-resources/tag_binding_collections/methods/get + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/tag_binding_collections/methods/patch replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/tag_bindings/methods/delete' - effective_tags: - id: google.cloudresourcemanager.effective_tags - name: effective_tags - title: Effective_tags + delete: [] + projects: + id: google.cloudresourcemanager.projects + name: projects + title: Projects methods: - list: + create: operation: - $ref: '#/paths/~1v3~1effectiveTags/get' + $ref: '#/paths/~1v3~1projects/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.effectiveTags - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/effective_tags/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - tag_keys: - id: google.cloudresourcemanager.tag_keys - name: tag_keys - title: Tag_keys - methods: list: operation: - $ref: '#/paths/~1v3~1tagKeys/get' + $ref: '#/paths/~1v3~1projects/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tagKeys - create: + objectKey: $.projects + move: operation: - $ref: '#/paths/~1v3~1tagKeys/post' + $ref: '#/paths/~1v3~1projects~1{projectsId}:move/post' response: mediaType: application/json openAPIDocKey: '200' - get: + patch: operation: - $ref: '#/paths/~1v3~1tagKeys~1{tagKeysId}/get' + $ref: '#/paths/~1v3~1projects~1{projectsId}/patch' response: mediaType: application/json openAPIDocKey: '200' - patch: + get: operation: - $ref: '#/paths/~1v3~1tagKeys~1{tagKeysId}/patch' + $ref: '#/paths/~1v3~1projects~1{projectsId}/get' response: mediaType: application/json openAPIDocKey: '200' delete: operation: - $ref: '#/paths/~1v3~1tagKeys~1{tagKeysId}/delete' + $ref: '#/paths/~1v3~1projects~1{projectsId}/delete' + response: + mediaType: application/json + openAPIDocKey: '200' + search: + operation: + $ref: '#/paths/~1v3~1projects:search/get' + response: + mediaType: application/json + openAPIDocKey: '200' + undelete: + operation: + $ref: '#/paths/~1v3~1projects~1{projectsId}:undelete/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/tag_keys/methods/get' - - $ref: '#/components/x-stackQL-resources/tag_keys/methods/list' + - $ref: '#/components/x-stackQL-resources/projects/methods/get' + - $ref: '#/components/x-stackQL-resources/projects/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/tag_keys/methods/create' + - $ref: '#/components/x-stackQL-resources/projects/methods/create' update: - - $ref: '#/components/x-stackQL-resources/tag_keys/methods/patch' + - $ref: '#/components/x-stackQL-resources/projects/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/tag_keys/methods/delete' - tag_keys_namespaced: - id: google.cloudresourcemanager.tag_keys_namespaced - name: tag_keys_namespaced - title: Tag_keys_namespaced + - $ref: '#/components/x-stackQL-resources/projects/methods/delete' + projects_iam_policies: + id: google.cloudresourcemanager.projects_iam_policies + name: projects_iam_policies + title: Projects_iam_policies methods: - get_namespaced: + get_iam_policy: operation: - $ref: '#/paths/~1v3~1tagKeys~1namespaced/get' + $ref: '#/paths/~1v3~1projects~1{projectsId}:getIamPolicy/post' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + test_iam_permissions: + operation: + $ref: '#/paths/~1v3~1projects~1{projectsId}:testIamPermissions/post' + response: + mediaType: application/json + openAPIDocKey: '200' + set_iam_policy: + operation: + $ref: '#/paths/~1v3~1projects~1{projectsId}:setIamPolicy/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/tag_keys_namespaced/methods/get_namespaced + #/components/x-stackQL-resources/projects_iam_policies/methods/get_iam_policy insert: [] update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/projects_iam_policies/methods/set_iam_policy delete: [] tag_keys_iam_policies: id: google.cloudresourcemanager.tag_keys_iam_policies @@ -2308,161 +2309,164 @@ components: - $ref: >- #/components/x-stackQL-resources/tag_keys_iam_policies/methods/set_iam_policy delete: [] - tag_values: - id: google.cloudresourcemanager.tag_values - name: tag_values - title: Tag_values + tag_keys_namespaced: + id: google.cloudresourcemanager.tag_keys_namespaced + name: tag_keys_namespaced + title: Tag_keys_namespaced methods: - list: + get_namespaced: operation: - $ref: '#/paths/~1v3~1tagValues/get' + $ref: '#/paths/~1v3~1tagKeys~1namespaced/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tagValues - create: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/tag_keys_namespaced/methods/get_namespaced + insert: [] + update: [] + replace: [] + delete: [] + tag_keys: + id: google.cloudresourcemanager.tag_keys + name: tag_keys + title: Tag_keys + methods: + patch: operation: - $ref: '#/paths/~1v3~1tagValues/post' + $ref: '#/paths/~1v3~1tagKeys~1{tagKeysId}/patch' + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: '#/paths/~1v3~1tagKeys~1{tagKeysId}/delete' response: mediaType: application/json openAPIDocKey: '200' get: operation: - $ref: '#/paths/~1v3~1tagValues~1{tagValuesId}/get' + $ref: '#/paths/~1v3~1tagKeys~1{tagKeysId}/get' response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: - $ref: '#/paths/~1v3~1tagValues~1{tagValuesId}/patch' + $ref: '#/paths/~1v3~1tagKeys/get' response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.tagKeys + create: operation: - $ref: '#/paths/~1v3~1tagValues~1{tagValuesId}/delete' + $ref: '#/paths/~1v3~1tagKeys/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/tag_values/methods/get' - - $ref: '#/components/x-stackQL-resources/tag_values/methods/list' + - $ref: '#/components/x-stackQL-resources/tag_keys/methods/get' + - $ref: '#/components/x-stackQL-resources/tag_keys/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/tag_values/methods/create' + - $ref: '#/components/x-stackQL-resources/tag_keys/methods/create' update: - - $ref: '#/components/x-stackQL-resources/tag_values/methods/patch' + - $ref: '#/components/x-stackQL-resources/tag_keys/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/tag_values/methods/delete' - tag_values_namespaced: - id: google.cloudresourcemanager.tag_values_namespaced - name: tag_values_namespaced - title: Tag_values_namespaced + - $ref: '#/components/x-stackQL-resources/tag_keys/methods/delete' + liens: + id: google.cloudresourcemanager.liens + name: liens + title: Liens methods: - get_namespaced: + create: operation: - $ref: '#/paths/~1v3~1tagValues~1namespaced/get' + $ref: '#/paths/~1v3~1liens/post' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/tag_values_namespaced/methods/get_namespaced - insert: [] - update: [] - replace: [] - delete: [] - tag_values_iam_policies: - id: google.cloudresourcemanager.tag_values_iam_policies - name: tag_values_iam_policies - title: Tag_values_iam_policies - methods: - get_iam_policy: + list: operation: - $ref: '#/paths/~1v3~1tagValues~1{tagValuesId}:getIamPolicy/post' + $ref: '#/paths/~1v3~1liens/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - set_iam_policy: + objectKey: $.liens + get: operation: - $ref: '#/paths/~1v3~1tagValues~1{tagValuesId}:setIamPolicy/post' + $ref: '#/paths/~1v3~1liens~1{liensId}/get' response: mediaType: application/json openAPIDocKey: '200' - test_iam_permissions: + delete: operation: - $ref: '#/paths/~1v3~1tagValues~1{tagValuesId}:testIamPermissions/post' + $ref: '#/paths/~1v3~1liens~1{liensId}/delete' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/tag_values_iam_policies/methods/get_iam_policy - insert: [] + - $ref: '#/components/x-stackQL-resources/liens/methods/get' + - $ref: '#/components/x-stackQL-resources/liens/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/liens/methods/create' update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/tag_values_iam_policies/methods/set_iam_policy - delete: [] - tag_holds: - id: google.cloudresourcemanager.tag_holds - name: tag_holds - title: Tag_holds + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/liens/methods/delete' + tag_bindings: + id: google.cloudresourcemanager.tag_bindings + name: tag_bindings + title: Tag_bindings methods: - create: + delete: operation: - $ref: '#/paths/~1v3~1tagValues~1{tagValuesId}~1tagHolds/post' + $ref: '#/paths/~1v3~1tagBindings~1{tagBindingsId}/delete' response: mediaType: application/json openAPIDocKey: '200' - list: + create: operation: - $ref: '#/paths/~1v3~1tagValues~1{tagValuesId}~1tagHolds/get' + $ref: '#/paths/~1v3~1tagBindings/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tagHolds - delete: + list: operation: - $ref: >- - #/paths/~1v3~1tagValues~1{tagValuesId}~1tagHolds~1{tagHoldsId}/delete + $ref: '#/paths/~1v3~1tagBindings/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.tagBindings sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/tag_holds/methods/list' + - $ref: '#/components/x-stackQL-resources/tag_bindings/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/tag_holds/methods/create' + - $ref: '#/components/x-stackQL-resources/tag_bindings/methods/create' update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/tag_holds/methods/delete' + - $ref: '#/components/x-stackQL-resources/tag_bindings/methods/delete' paths: - /v3/liens: + /v3/effectiveTags: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/key' get: description: >- - List all Liens applied to the `parent` resource. Callers of this method - will require permission on the `parent` resource. For example, a Lien - with a `parent` of `projects/1234` requires permission - `resourcemanager.projects.get`. - operationId: cloudresourcemanager.liens.list + Return a list of effective tags for the given Google Cloud resource, as + specified in `parent`. + operationId: cloudresourcemanager.effectiveTags.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2478,7 +2482,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLiensResponse' + $ref: '#/components/schemas/ListEffectiveTagsResponse' parameters: - in: query name: parent @@ -2493,73 +2497,43 @@ paths: name: pageToken schema: type: string - post: - description: >- - Create a Lien which applies to the resource denoted by the `parent` - field. Callers of this method will require permission on the `parent` - resource. For example, applying to `projects/1234` requires permission - `resourcemanager.projects.updateLiens`. NOTE: Some resources may limit - the number of Liens which may be applied. - operationId: cloudresourcemanager.liens.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Lien' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Lien' - parameters: [] - /v3/liens/{liensId}: + /v3/tagValues/{tagValuesId}/tagHolds/{tagHoldsId}: parameters: *ref_1 - get: - description: >- - Retrieve a Lien by `name`. Callers of this method will require - permission on the `parent` resource. For example, a Lien with a `parent` - of `projects/1234` requires permission `resourcemanager.projects.get` - operationId: cloudresourcemanager.liens.get + delete: + description: Deletes a TagHold. + operationId: cloudresourcemanager.tagValues.tagHolds.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Lien' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: liensId + name: tagValuesId required: true schema: type: string - delete: - description: >- - Delete a Lien by `name`. Callers of this method will require permission - on the `parent` resource. For example, a Lien with a `parent` of - `projects/1234` requires permission - `resourcemanager.projects.updateLiens`. - operationId: cloudresourcemanager.liens.delete + - in: path + name: tagHoldsId + required: true + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean + /v3/tagValues/{tagValuesId}/tagHolds: + parameters: *ref_1 + get: + description: Lists TagHolds under a TagValue. + operationId: cloudresourcemanager.tagValues.tagHolds.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2575,30 +2549,41 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListTagHoldsResponse' parameters: - in: path - name: liensId + name: tagValuesId required: true schema: type: string - /v3/operations/{operationsId}: - parameters: *ref_1 - get: + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: cloudresourcemanager.operations.get + Creates a TagHold. Returns ALREADY_EXISTS if a TagHold with the same + resource and origin exists under the same TagValue. + operationId: cloudresourcemanager.tagValues.tagHolds.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TagHold' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response @@ -2608,19 +2593,19 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: operationsId + name: tagValuesId required: true schema: type: string - /v3/folders/{foldersId}: + - in: query + name: validateOnly + schema: + type: boolean + /v3/tagValues: parameters: *ref_1 get: - description: >- - Retrieves a folder identified by the supplied resource name. Valid - folder resource names have the format `folders/{folder_id}` (for - example, `folders/1234`). The caller must have - `resourcemanager.folders.get` permission on the identified folder. - operationId: cloudresourcemanager.folders.get + description: Lists all TagValues for a specific TagKey. + operationId: cloudresourcemanager.tagValues.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2636,32 +2621,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Folder' + $ref: '#/components/schemas/ListTagValuesResponse' parameters: - - in: path - name: foldersId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: parent schema: type: string - patch: + - in: query + name: pageToken + schema: + type: string + post: description: >- - Updates a folder, changing its `display_name`. Changes to the folder - `display_name` will be rejected if they violate either the - `display_name` formatting rules or the naming constraints described in - the CreateFolder documentation. The folder's `display_name` must start - and end with a letter or digit, may contain letters, digits, spaces, - hyphens and underscores and can be between 3 and 30 characters. This is - captured by the regular expression: `\p{L}\p{N}{1,28}[\p{L}\p{N}]`. The - caller must have `resourcemanager.folders.update` permission on the - identified folder. If the update fails due to the unique name constraint - then a `PreconditionFailure` explaining this violation will be returned - in the Status.details field. - operationId: cloudresourcemanager.folders.patch + Creates a TagValue as a child of the specified TagKey. If a another + request with the same parameters is sent while the original request is + in process the second request will receive an error. A maximum of 1000 + TagValues can exist under a TagKey at any given time. + operationId: cloudresourcemanager.tagValues.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Folder' + $ref: '#/components/schemas/TagValue' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2675,26 +2661,25 @@ paths: schema: $ref: '#/components/schemas/Operation' parameters: - - in: path - name: foldersId - required: true - schema: - type: string - in: query - name: updateMask + name: validateOnly schema: - type: string - format: google-fieldmask - delete: + type: boolean + /v3/tagValues/{tagValuesId}:setIamPolicy: + parameters: *ref_1 + post: description: >- - Requests deletion of a folder. The folder is moved into the - DELETE_REQUESTED state immediately, and is deleted approximately 30 days - later. This method may only be called on an empty folder, where a folder - is empty if it doesn't contain any folders or projects in the ACTIVE - state. If called on a folder in DELETE_REQUESTED state the operation - will result in a no-op success. The caller must have - `resourcemanager.folders.delete` permission on the identified folder. - operationId: cloudresourcemanager.folders.delete + Sets the access control policy on a TagValue, replacing any existing + policy. The `resource` field should be the TagValue's resource name. For + example: `tagValues/1234`. The caller must have + `resourcemanager.tagValues.setIamPolicy` permission on the identified + tagValue. + operationId: cloudresourcemanager.tagValues.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2706,85 +2691,55 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: foldersId + name: tagValuesId required: true schema: type: string - /v3/folders: + /v3/tagValues/{tagValuesId}: parameters: *ref_1 - get: - description: >- - Lists the folders that are direct descendants of supplied parent - resource. `list()` provides a strongly consistent view of the folders - underneath the specified parent resource. `list()` returns folders - sorted based upon the (ascending) lexical ordering of their - display_name. The caller must have `resourcemanager.folders.list` - permission on the identified parent. - operationId: cloudresourcemanager.folders.list + patch: + description: Updates the attributes of the TagValue resource. + operationId: cloudresourcemanager.tagValues.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TagValue' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListFoldersResponse' + $ref: '#/components/schemas/Operation' parameters: - - in: query - name: parent + - in: path + name: tagValuesId + required: true schema: type: string - in: query - name: pageSize + name: validateOnly schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: updateMask schema: type: string - - in: query - name: showDeleted - schema: - type: boolean - post: + format: google-fieldmask + delete: description: >- - Creates a folder in the resource hierarchy. Returns an `Operation` which - can be used to track the progress of the folder creation workflow. Upon - success, the `Operation.response` field will be populated with the - created Folder. In order to succeed, the addition of this new folder - must not violate the folder naming, height, or fanout constraints. + The - folder's `display_name` must be distinct from all other folders that - share its parent. + The addition of the folder must not cause the active - folder hierarchy to exceed a height of 10. Note, the full active + - deleted folder hierarchy is allowed to reach a height of 20; this - provides additional headroom when moving folders that contain deleted - folders. + The addition of the folder must not cause the total number of - folders under its parent to exceed 300. If the operation fails due to a - folder constraint violation, some errors may be returned by the - `CreateFolder` request, with status code `FAILED_PRECONDITION` and an - error description. Other folder constraint violations will be - communicated in the `Operation`, with the specific `PreconditionFailure` - returned in the details list in the `Operation.error` field. The caller - must have `resourcemanager.folders.create` permission on the identified - parent. - operationId: cloudresourcemanager.folders.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Folder' + Deletes a TagValue. The TagValue cannot have any bindings when it is + deleted. + operationId: cloudresourcemanager.tagValues.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2797,138 +2752,93 @@ paths: application/json: schema: $ref: '#/components/schemas/Operation' - parameters: [] - /v3/folders:search: - parameters: *ref_1 - get: - description: >- - Search for folders that match specific filter criteria. `search()` - provides an eventually consistent view of the folders a user has access - to which meet the specified filter criteria. This will only return - folders on which the caller has the permission - `resourcemanager.folders.get`. - operationId: cloudresourcemanager.folders.search - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/SearchFoldersResponse' parameters: - - in: query - name: pageSize + - in: path + name: tagValuesId + required: true schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: validateOnly schema: - type: string + type: boolean - in: query - name: query + name: etag schema: type: string - /v3/folders/{foldersId}:move: - parameters: *ref_1 - post: + get: description: >- - Moves a folder under a new resource parent. Returns an `Operation` which - can be used to track the progress of the folder move workflow. Upon - success, the `Operation.response` field will be populated with the moved - folder. Upon failure, a `FolderOperationError` categorizing the failure - cause will be returned - if the failure occurs synchronously then the - `FolderOperationError` will be returned in the `Status.details` field. - If it occurs asynchronously, then the FolderOperation will be returned - in the `Operation.error` field. In addition, the `Operation.metadata` - field will be populated with a `FolderOperation` message as an aid to - stateless clients. Folder moves will be rejected if they violate either - the naming, height, or fanout constraints described in the CreateFolder - documentation. The caller must have `resourcemanager.folders.move` - permission on the folder's current and proposed new parent. - operationId: cloudresourcemanager.folders.move - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/MoveFolderRequest' + Retrieves a TagValue. This method will return `PERMISSION_DENIED` if the + value does not exist or the user does not have permission to view it. + operationId: cloudresourcemanager.tagValues.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TagValue' parameters: - in: path - name: foldersId + name: tagValuesId required: true schema: type: string - /v3/folders/{foldersId}:undelete: + /v3/tagValues/{tagValuesId}:getIamPolicy: parameters: *ref_1 post: description: >- - Cancels the deletion request for a folder. This method may be called on - a folder in any state. If the folder is in the ACTIVE state the result - will be a no-op success. In order to succeed, the folder's parent must - be in the ACTIVE state. In addition, reintroducing the folder into the - tree must not violate folder naming, height, and fanout constraints - described in the CreateFolder documentation. The caller must have - `resourcemanager.folders.undelete` permission on the identified folder. - operationId: cloudresourcemanager.folders.undelete + Gets the access control policy for a TagValue. The returned policy may + be empty if no such policy or resource exists. The `resource` field + should be the TagValue's resource name. For example: `tagValues/1234`. + The caller must have the + `cloudresourcemanager.googleapis.com/tagValues.getIamPolicy` permission + on the identified TagValue to get the access control policy. + operationId: cloudresourcemanager.tagValues.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/UndeleteFolderRequest' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: foldersId + name: tagValuesId required: true schema: type: string - /v3/folders/{foldersId}:getIamPolicy: + /v3/tagValues/namespaced: parameters: *ref_1 - post: + get: description: >- - Gets the access control policy for a folder. The returned policy may be - empty if no such policy or resource exists. The `resource` field should - be the folder's resource name, for example: "folders/1234". The caller - must have `resourcemanager.folders.getIamPolicy` permission on the - identified folder. - operationId: cloudresourcemanager.folders.getIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + Retrieves a TagValue by its namespaced name. This method will return + `PERMISSION_DENIED` if the value does not exist or the user does not + have permission to view it. + operationId: cloudresourcemanager.tagValues.getNamespaced security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2944,28 +2854,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/TagValue' parameters: - - in: path - name: foldersId - required: true + - in: query + name: name schema: type: string - /v3/folders/{foldersId}:setIamPolicy: + /v3/tagValues/{tagValuesId}:testIamPermissions: parameters: *ref_1 post: description: >- - Sets the access control policy on a folder, replacing any existing - policy. The `resource` field should be the folder's resource name, for - example: "folders/1234". The caller must have - `resourcemanager.folders.setIamPolicy` permission on the identified - folder. - operationId: cloudresourcemanager.folders.setIamPolicy + Returns permissions that a caller has on the specified TagValue. The + `resource` field should be the TagValue's resource name. For example: + `tagValues/1234`. There are no permissions required for making this API + call. + operationId: cloudresourcemanager.tagValues.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2977,27 +2885,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path - name: foldersId + name: tagValuesId required: true schema: type: string - /v3/folders/{foldersId}:testIamPermissions: + /v3/folders/{foldersId}/capabilities/{capabilitiesId}: parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified folder. The - `resource` field should be the folder's resource name, for example: - "folders/1234". There are no permissions required for making this API - call. - operationId: cloudresourcemanager.folders.testIamPermissions + patch: + description: Updates the Capability. + operationId: cloudresourcemanager.folders.capabilities.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/Capability' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3009,15 +2913,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: foldersId required: true schema: type: string - /v3/folders/{foldersId}/capabilities/{capabilitiesId}: - parameters: *ref_1 + - in: path + name: capabilitiesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: description: Retrieves the Capability identified by the supplied resource name. operationId: cloudresourcemanager.folders.capabilities.get @@ -3044,14 +2956,20 @@ paths: required: true schema: type: string - patch: - description: Updates the Capability. - operationId: cloudresourcemanager.folders.capabilities.patch + /v3/folders/{foldersId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified folder. The + `resource` field should be the folder's resource name, for example: + "folders/1234". There are no permissions required for making this API + call. + operationId: cloudresourcemanager.folders.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/Capability' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3063,64 +2981,65 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: foldersId required: true schema: type: string - - in: path - name: capabilitiesId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v3/organizations/{organizationsId}: + /v3/folders/{foldersId}:move: parameters: *ref_1 - get: + post: description: >- - Fetches an organization resource identified by the specified resource - name. - operationId: cloudresourcemanager.organizations.get + Moves a folder under a new resource parent. Returns an `Operation` which + can be used to track the progress of the folder move workflow. Upon + success, the `Operation.response` field will be populated with the moved + folder. Upon failure, a `FolderOperationError` categorizing the failure + cause will be returned - if the failure occurs synchronously then the + `FolderOperationError` will be returned in the `Status.details` field. + If it occurs asynchronously, then the FolderOperation will be returned + in the `Operation.error` field. In addition, the `Operation.metadata` + field will be populated with a `FolderOperation` message as an aid to + stateless clients. Folder moves will be rejected if they violate either + the naming, height, or fanout constraints described in the CreateFolder + documentation. The caller must have `resourcemanager.folders.move` + permission on the folder's current and proposed new parent. + operationId: cloudresourcemanager.folders.move + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/MoveFolderRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Organization' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: organizationsId + name: foldersId required: true schema: type: string - /v3/organizations:search: + /v3/folders: parameters: *ref_1 get: description: >- - Searches organization resources that are visible to the user and satisfy - the specified filter. This method returns organizations in an - unspecified order. New organizations do not necessarily appear at the - end of the results, and may take a small amount of time to appear. - Search will only return organizations on which the user has the - permission `resourcemanager.organizations.get` or has super admin - privileges. - operationId: cloudresourcemanager.organizations.search + Lists the folders that are direct descendants of supplied parent + resource. `list()` provides a strongly consistent view of the folders + underneath the specified parent resource. `list()` returns folders + sorted based upon the (ascending) lexical ordering of their + display_name. The caller must have `resourcemanager.folders.list` + permission on the identified parent. + operationId: cloudresourcemanager.folders.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3136,74 +3055,82 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SearchOrganizationsResponse' + $ref: '#/components/schemas/ListFoldersResponse' parameters: + - in: query + name: pageToken + schema: + type: string + - in: query + name: showDeleted + schema: + type: boolean - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - - in: query - name: query + name: parent schema: type: string - /v3/organizations/{organizationsId}:getIamPolicy: - parameters: *ref_1 post: description: >- - Gets the access control policy for an organization resource. The policy - may be empty if no such policy or resource exists. The `resource` field - should be the organization's resource name, for example: - "organizations/123". Authorization requires the IAM permission - `resourcemanager.organizations.getIamPolicy` on the specified - organization. - operationId: cloudresourcemanager.organizations.getIamPolicy + Creates a folder in the resource hierarchy. Returns an `Operation` which + can be used to track the progress of the folder creation workflow. Upon + success, the `Operation.response` field will be populated with the + created Folder. In order to succeed, the addition of this new folder + must not violate the folder naming, height, or fanout constraints. + The + folder's `display_name` must be distinct from all other folders that + share its parent. + The addition of the folder must not cause the active + folder hierarchy to exceed a height of 10. Note, the full active + + deleted folder hierarchy is allowed to reach a height of 20; this + provides additional headroom when moving folders that contain deleted + folders. + The addition of the folder must not cause the total number of + folders under its parent to exceed 300. If the operation fails due to a + folder constraint violation, some errors may be returned by the + `CreateFolder` request, with status code `FAILED_PRECONDITION` and an + error description. Other folder constraint violations will be + communicated in the `Operation`, with the specific `PreconditionFailure` + returned in the details list in the `Operation.error` field. The caller + must have `resourcemanager.folders.create` permission on the identified + parent. + operationId: cloudresourcemanager.folders.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/Folder' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Policy' - parameters: - - in: path - name: organizationsId - required: true - schema: - type: string - /v3/organizations/{organizationsId}:setIamPolicy: + $ref: '#/components/schemas/Operation' + parameters: [] + /v3/folders/{foldersId}:undelete: parameters: *ref_1 post: description: >- - Sets the access control policy on an organization resource. Replaces any - existing policy. The `resource` field should be the organization's - resource name, for example: "organizations/123". Authorization requires - the IAM permission `resourcemanager.organizations.setIamPolicy` on the - specified organization. - operationId: cloudresourcemanager.organizations.setIamPolicy + Cancels the deletion request for a folder. This method may be called on + a folder in any state. If the folder is in the ACTIVE state the result + will be a no-op success. In order to succeed, the folder's parent must + be in the ACTIVE state. In addition, reintroducing the folder into the + tree must not violate folder naming, height, and fanout constraints + described in the CreateFolder documentation. The caller must have + `resourcemanager.folders.undelete` permission on the identified folder. + operationId: cloudresourcemanager.folders.undelete requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/UndeleteFolderRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3215,27 +3142,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: organizationsId + name: foldersId required: true schema: type: string - /v3/organizations/{organizationsId}:testIamPermissions: + /v3/folders/{foldersId}:getIamPolicy: parameters: *ref_1 post: description: >- - Returns the permissions that a caller has on the specified organization. - The `resource` field should be the organization's resource name, for - example: "organizations/123". There are no permissions required for - making this API call. - operationId: cloudresourcemanager.organizations.testIamPermissions + Gets the access control policy for a folder. The returned policy may be + empty if no such policy or resource exists. The `resource` field should + be the folder's resource name, for example: "folders/1234". The caller + must have `resourcemanager.folders.getIamPolicy` permission on the + identified folder. + operationId: cloudresourcemanager.folders.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3251,92 +3179,129 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: organizationsId + name: foldersId required: true schema: type: string - /v3/projects/{projectsId}: + /v3/folders/{foldersId}: parameters: *ref_1 - get: + delete: description: >- - Retrieves the project identified by the specified `name` (for example, - `projects/415104041262`). The caller must have - `resourcemanager.projects.get` permission for this project. - operationId: cloudresourcemanager.projects.get + Requests deletion of a folder. The folder is moved into the + DELETE_REQUESTED state immediately, and is deleted approximately 30 days + later. This method may only be called on an empty folder, where a folder + is empty if it doesn't contain any folders or projects in the ACTIVE + state. If called on a folder in DELETE_REQUESTED state the operation + will result in a no-op success. The caller must have + `resourcemanager.folders.delete` permission on the identified folder. + operationId: cloudresourcemanager.folders.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Project' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: foldersId required: true schema: type: string patch: description: >- - Updates the `display_name` and labels of the project identified by the - specified `name` (for example, `projects/415104041262`). Deleting all - labels requires an update mask for labels field. The caller must have - `resourcemanager.projects.update` permission for this project. - operationId: cloudresourcemanager.projects.patch + Updates a folder, changing its `display_name`. Changes to the folder + `display_name` will be rejected if they violate either the + `display_name` formatting rules or the naming constraints described in + the CreateFolder documentation. The folder's `display_name` must start + and end with a letter or digit, may contain letters, digits, spaces, + hyphens and underscores and can be between 3 and 30 characters. This is + captured by the regular expression: `\p{L}\p{N}{1,28}[\p{L}\p{N}]`. The + caller must have `resourcemanager.folders.update` permission on the + identified folder. If the update fails due to the unique name constraint + then a `PreconditionFailure` explaining this violation will be returned + in the Status.details field. + operationId: cloudresourcemanager.folders.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Project' + $ref: '#/components/schemas/Folder' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: foldersId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: >- + Retrieves a folder identified by the supplied resource name. Valid + folder resource names have the format `folders/{folder_id}` (for + example, `folders/1234`). The caller must have + `resourcemanager.folders.get` permission on the identified folder. + operationId: cloudresourcemanager.folders.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Folder' parameters: - in: path - name: projectsId + name: foldersId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: + /v3/folders/{foldersId}:setIamPolicy: + parameters: *ref_1 + post: description: >- - Marks the project identified by the specified `name` (for example, - `projects/415104041262`) for deletion. This method will only affect the - project if it has a lifecycle state of ACTIVE. This method changes the - Project's lifecycle state from ACTIVE to DELETE_REQUESTED. The deletion - starts at an unspecified time, at which point the Project is no longer - accessible. Until the deletion completes, you can check the lifecycle - state checked by retrieving the project with GetProject, and the project - remains visible to ListProjects. However, you cannot update the project. - After the deletion completes, the project is not retrievable by the - GetProject, ListProjects, and SearchProjects methods. The caller must - have `resourcemanager.projects.delete` permissions for this project. - operationId: cloudresourcemanager.projects.delete + Sets the access control policy on a folder, replacing any existing + policy. The `resource` field should be the folder's resource name, for + example: "folders/1234". The caller must have + `resourcemanager.folders.setIamPolicy` permission on the identified + folder. + operationId: cloudresourcemanager.folders.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3348,24 +3313,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: projectsId + name: foldersId required: true schema: type: string - /v3/projects: + /v3/folders:search: parameters: *ref_1 get: description: >- - Lists projects that are direct children of the specified folder or - organization resource. `list()` provides a strongly consistent view of - the projects underneath the specified parent resource. `list()` returns - projects sorted based upon the (ascending) lexical ordering of their - `display_name`. The caller must have `resourcemanager.projects.list` - permission on the identified parent. - operationId: cloudresourcemanager.projects.list + Search for folders that match specific filter criteria. `search()` + provides an eventually consistent view of the folders a user has access + to which meet the specified filter criteria. This will only return + folders on which the caller has the permission + `resourcemanager.folders.get`. + operationId: cloudresourcemanager.folders.search security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3381,14 +3345,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListProjectsResponse' + $ref: '#/components/schemas/SearchFoldersResponse' parameters: - in: query - name: parent - schema: - type: string - - in: query - name: pageToken + name: query schema: type: string - in: query @@ -3397,27 +3357,26 @@ paths: type: integer format: int32 - in: query - name: showDeleted + name: pageToken schema: - type: boolean - post: + type: string + /v3/operations/{operationsId}: + parameters: *ref_1 + get: description: >- - Request that a new project be created. The result is an `Operation` - which can be used to track the creation process. This process usually - takes a few seconds, but can sometimes take much longer. The tracking - `Operation` is automatically deleted after a few hours, so there is no - need to call `DeleteOperation`. - operationId: cloudresourcemanager.projects.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Project' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: cloudresourcemanager.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response @@ -3425,19 +3384,24 @@ paths: application/json: schema: $ref: '#/components/schemas/Operation' - parameters: [] - /v3/projects:search: + parameters: + - in: path + name: operationsId + required: true + schema: + type: string + /v3/organizations:search: parameters: *ref_1 get: description: >- - Search for projects that the caller has the - `resourcemanager.projects.get` permission on, and also satisfy the - specified query. This method returns projects in an unspecified order. - This method is eventually consistent with project mutations; this means - that a newly created project may not appear in the results or recent - updates to an existing project may not be reflected in the results. To - retrieve the latest state of a project, use the GetProject method. - operationId: cloudresourcemanager.projects.search + Searches organization resources that are visible to the user and satisfy + the specified filter. This method returns organizations in an + unspecified order. New organizations do not necessarily appear at the + end of the results, and may take a small amount of time to appear. + Search will only return organizations on which the user has the + permission `resourcemanager.organizations.get` or has super admin + privileges. + operationId: cloudresourcemanager.organizations.search security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3453,12 +3417,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SearchProjectsResponse' + $ref: '#/components/schemas/SearchOrganizationsResponse' parameters: - - in: query - name: query - schema: - type: string - in: query name: pageToken schema: @@ -3468,89 +3428,91 @@ paths: schema: type: integer format: int32 - /v3/projects/{projectsId}:move: + - in: query + name: query + schema: + type: string + /v3/organizations/{organizationsId}: parameters: *ref_1 - post: + get: description: >- - Move a project to another place in your resource hierarchy, under a new - resource parent. Returns an operation which can be used to track the - process of the project move workflow. Upon success, the - `Operation.response` field will be populated with the moved project. The - caller must have `resourcemanager.projects.move` permission on the - project, on the project's current and proposed new parent. If project - has no current parent, or it currently does not have an associated - organization resource, you will also need the - `resourcemanager.projects.setIamPolicy` permission in the project. - operationId: cloudresourcemanager.projects.move - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/MoveProjectRequest' + Fetches an organization resource identified by the specified resource + name. + operationId: cloudresourcemanager.organizations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Organization' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - /v3/projects/{projectsId}:undelete: + /v3/organizations/{organizationsId}:getIamPolicy: parameters: *ref_1 post: description: >- - Restores the project identified by the specified `name` (for example, - `projects/415104041262`). You can only use this method for a project - that has a lifecycle state of DELETE_REQUESTED. After deletion starts, - the project cannot be restored. The caller must have - `resourcemanager.projects.undelete` permission for this project. - operationId: cloudresourcemanager.projects.undelete + Gets the access control policy for an organization resource. The policy + may be empty if no such policy or resource exists. The `resource` field + should be the organization's resource name, for example: + "organizations/123". Authorization requires the IAM permission + `resourcemanager.organizations.getIamPolicy` on the specified + organization. + operationId: cloudresourcemanager.organizations.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/UndeleteProjectRequest' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - /v3/projects/{projectsId}:getIamPolicy: + /v3/organizations/{organizationsId}:testIamPermissions: parameters: *ref_1 post: description: >- - Returns the IAM access control policy for the specified project, in the - format `projects/{ProjectIdOrNumber}` e.g. projects/123. Permission is - denied if the policy or the resource do not exist. - operationId: cloudresourcemanager.projects.getIamPolicy + Returns the permissions that a caller has on the specified organization. + The `resource` field should be the organization's resource name, for + example: "organizations/123". There are no permissions required for + making this API call. + operationId: cloudresourcemanager.organizations.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3566,47 +3528,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - /v3/projects/{projectsId}:setIamPolicy: + /v3/organizations/{organizationsId}:setIamPolicy: parameters: *ref_1 post: description: >- - Sets the IAM access control policy for the specified project, in the - format `projects/{ProjectIdOrNumber}` e.g. projects/123. CAUTION: This - method will replace the existing policy, and cannot be used to append - additional IAM settings. Note: Removing service accounts from policies - or changing their roles can render services completely inoperable. It is - important to understand how the service account is being used before - removing or updating its roles. The following constraints apply when - using `setIamPolicy()`: + Project does not support `allUsers` and - `allAuthenticatedUsers` as `members` in a `Binding` of a `Policy`. + The - owner role can be granted to a `user`, `serviceAccount`, or a group that - is part of an organization. For example, group@myownpersonaldomain.com - could be added as an owner to a project in the myownpersonaldomain.com - organization, but not the examplepetstore.com organization. + Service - accounts can be made owners of a project directly without any - restrictions. However, to be added as an owner, a user must be invited - using the Cloud Platform console and must accept the invitation. + A - user cannot be granted the owner role using `setIamPolicy()`. The user - must be granted the owner role using the Cloud Platform Console and must - explicitly accept the invitation. + Invitations to grant the owner role - cannot be sent using `setIamPolicy()`; they must be sent only using the - Cloud Platform Console. + If the project is not part of an organization, - there must be at least one owner who has accepted the Terms of Service - (ToS) agreement in the policy. Calling `setIamPolicy()` to remove the - last ToS-accepted owner from the policy will fail. This restriction also - applies to legacy projects that no longer have owners who have accepted - the ToS. Edits to IAM policies will be rejected until the lack of a - ToS-accepting owner is rectified. If the project is part of an - organization, you can remove all owners, potentially making the - organization inaccessible. - operationId: cloudresourcemanager.projects.setIamPolicy + Sets the access control policy on an organization resource. Replaces any + existing policy. The `resource` field should be the organization's + resource name, for example: "organizations/123". Authorization requires + the IAM permission `resourcemanager.organizations.setIamPolicy` on the + specified organization. + operationId: cloudresourcemanager.organizations.setIamPolicy requestBody: content: application/json: @@ -3625,23 +3563,16 @@ paths: schema: $ref: '#/components/schemas/Policy' parameters: - - in: path - name: projectsId - required: true - schema: - type: string - /v3/projects/{projectsId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified project, in the - format `projects/{ProjectIdOrNumber}` e.g. projects/123.. - operationId: cloudresourcemanager.projects.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + - in: path + name: organizationsId + required: true + schema: + type: string + /v3/locations/{locationsId}/effectiveTagBindingCollections/{effectiveTagBindingCollectionsId}: + parameters: *ref_1 + get: + description: Returns effective tag bindings on a GCP resource. + operationId: cloudresourcemanager.locations.effectiveTagBindingCollections.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3657,10 +3588,15 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/EffectiveTagBindingCollection' parameters: - in: path - name: projectsId + name: locationsId + required: true + schema: + type: string + - in: path + name: effectiveTagBindingCollectionsId required: true schema: type: string @@ -3696,9 +3632,11 @@ paths: required: true schema: type: string - put: - description: Updates tag bindings directly attached to a GCP resource. - operationId: cloudresourcemanager.locations.tagBindingCollections.update + patch: + description: >- + Updates tag bindings directly attached to a GCP resource. Update_mask + can be kept empty or "*". + operationId: cloudresourcemanager.locations.tagBindingCollections.patch requestBody: content: application/json: @@ -3727,47 +3665,48 @@ paths: required: true schema: type: string - /v3/locations/{locationsId}/effectiveTagBindingCollections/{effectiveTagBindingCollectionsId}: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v3/projects: parameters: *ref_1 - get: - description: Returns effective tag bindings on a GCP resource. - operationId: cloudresourcemanager.locations.effectiveTagBindingCollections.get + post: + description: >- + Request that a new project be created. The result is an `Operation` + which can be used to track the creation process. This process usually + takes a few seconds, but can sometimes take much longer. The tracking + `Operation` is automatically deleted after a few hours, so there is no + need to call `DeleteOperation`. + operationId: cloudresourcemanager.projects.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Project' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/EffectiveTagBindingCollection' - parameters: - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: effectiveTagBindingCollectionsId - required: true - schema: - type: string - /v3/tagBindings: - parameters: *ref_1 + $ref: '#/components/schemas/Operation' + parameters: [] get: description: >- - Lists the TagBindings for the given Google Cloud resource, as specified - with `parent`. NOTE: The `parent` field is expected to be a full - resource name: - https://cloud.google.com/apis/design/resource_names#full_resource_name - operationId: cloudresourcemanager.tagBindings.list + Lists projects that are direct children of the specified folder or + organization resource. `list()` provides a strongly consistent view of + the projects underneath the specified parent resource. `list()` returns + projects sorted based upon the (ascending) lexical ordering of their + `display_name`. The caller must have `resourcemanager.projects.list` + permission on the identified parent. + operationId: cloudresourcemanager.projects.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3783,29 +3722,44 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTagBindingsResponse' + $ref: '#/components/schemas/ListProjectsResponse' parameters: - - in: query - name: parent - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: parent + schema: + type: string - in: query name: pageToken schema: type: string + - in: query + name: showDeleted + schema: + type: boolean + /v3/projects/{projectsId}:move: + parameters: *ref_1 post: - description: Creates a TagBinding between a TagValue and a Google Cloud resource. - operationId: cloudresourcemanager.tagBindings.create + description: >- + Move a project to another place in your resource hierarchy, under a new + resource parent. Returns an operation which can be used to track the + process of the project move workflow. Upon success, the + `Operation.response` field will be populated with the moved project. The + caller must have `resourcemanager.projects.move` permission on the + project, on the project's current and proposed new parent. If project + has no current parent, or it currently does not have an associated + organization resource, you will also need the + `resourcemanager.projects.setIamPolicy` permission in the project. + operationId: cloudresourcemanager.projects.move requestBody: content: application/json: schema: - $ref: '#/components/schemas/TagBinding' + $ref: '#/components/schemas/MoveProjectRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3819,15 +3773,25 @@ paths: schema: $ref: '#/components/schemas/Operation' parameters: - - in: query - name: validateOnly + - in: path + name: projectsId + required: true schema: - type: boolean - /v3/tagBindings/{tagBindingsId}: + type: string + /v3/projects/{projectsId}: parameters: *ref_1 - delete: - description: Deletes a TagBinding. - operationId: cloudresourcemanager.tagBindings.delete + patch: + description: >- + Updates the `display_name` and labels of the project identified by the + specified `name` (for example, `projects/415104041262`). Deleting all + labels requires an update mask for labels field. The caller must have + `resourcemanager.projects.update` permission for this project. + operationId: cloudresourcemanager.projects.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Project' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3842,17 +3806,21 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: tagBindingsId + name: projectsId required: true schema: type: string - /v3/effectiveTags: - parameters: *ref_1 + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: description: >- - Return a list of effective tags for the given Google Cloud resource, as - specified in `parent`. - operationId: cloudresourcemanager.effectiveTags.list + Retrieves the project identified by the specified `name` (for example, + `projects/415104041262`). The caller must have + `resourcemanager.projects.get` permission for this project. + operationId: cloudresourcemanager.projects.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3868,26 +3836,58 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListEffectiveTagsResponse' + $ref: '#/components/schemas/Project' parameters: - - in: query - name: parent + - in: path + name: projectsId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + delete: + description: >- + Marks the project identified by the specified `name` (for example, + `projects/415104041262`) for deletion. This method will only affect the + project if it has a lifecycle state of ACTIVE. This method changes the + Project's lifecycle state from ACTIVE to DELETE_REQUESTED. The deletion + starts at an unspecified time, at which point the Project is no longer + accessible. Until the deletion completes, you can check the lifecycle + state checked by retrieving the project with GetProject, and the project + remains visible to ListProjects. However, you cannot update the project. + After the deletion completes, the project is not retrievable by the + GetProject, ListProjects, and SearchProjects methods. The caller must + have `resourcemanager.projects.delete` permissions for this project. + operationId: cloudresourcemanager.projects.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true schema: type: string - /v3/tagKeys: + /v3/projects/{projectsId}:getIamPolicy: parameters: *ref_1 - get: - description: Lists all TagKeys for a parent resource. - operationId: cloudresourcemanager.tagKeys.list + post: + description: >- + Returns the IAM access control policy for the specified project, in the + format `projects/{ProjectIdOrNumber}` e.g. projects/123. Permission is + denied if the policy or the resource do not exist. + operationId: cloudresourcemanager.projects.getIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3903,12 +3903,42 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTagKeysResponse' + $ref: '#/components/schemas/Policy' parameters: - - in: query - name: parent + - in: path + name: projectsId + required: true schema: type: string + /v3/projects:search: + parameters: *ref_1 + get: + description: >- + Search for projects that the caller has the + `resourcemanager.projects.get` permission on, and also satisfy the + specified query. This method returns projects in an unspecified order. + This method is eventually consistent with project mutations; this means + that a newly created project may not appear in the results or recent + updates to an existing project may not be reflected in the results. To + retrieve the latest state of a project, use the GetProject method. + operationId: cloudresourcemanager.projects.search + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/SearchProjectsResponse' + parameters: - in: query name: pageSize schema: @@ -3918,72 +3948,116 @@ paths: name: pageToken schema: type: string - post: - description: >- - Creates a new TagKey. If another request with the same parameters is - sent while the original request is in process, the second request will - receive an error. A maximum of 1000 TagKeys can exist under a parent at - any given time. - operationId: cloudresourcemanager.tagKeys.create + - in: query + name: query + schema: + type: string + /v3/projects/{projectsId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified project, in the + format `projects/{ProjectIdOrNumber}` e.g. projects/123.. + operationId: cloudresourcemanager.projects.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/TagKey' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - - in: query - name: validateOnly + - in: path + name: projectsId + required: true schema: - type: boolean - /v3/tagKeys/{tagKeysId}: + type: string + /v3/projects/{projectsId}:undelete: parameters: *ref_1 - get: + post: description: >- - Retrieves a TagKey. This method will return `PERMISSION_DENIED` if the - key does not exist or the user does not have permission to view it. - operationId: cloudresourcemanager.tagKeys.get + Restores the project identified by the specified `name` (for example, + `projects/415104041262`). You can only use this method for a project + that has a lifecycle state of DELETE_REQUESTED. After deletion starts, + the project cannot be restored. The caller must have + `resourcemanager.projects.undelete` permission for this project. + operationId: cloudresourcemanager.projects.undelete + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UndeleteProjectRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/TagKey' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: tagKeysId + name: projectsId required: true schema: type: string - patch: - description: Updates the attributes of the TagKey resource. - operationId: cloudresourcemanager.tagKeys.patch + /v3/projects/{projectsId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the IAM access control policy for the specified project, in the + format `projects/{ProjectIdOrNumber}` e.g. projects/123. CAUTION: This + method will replace the existing policy, and cannot be used to append + additional IAM settings. Note: Removing service accounts from policies + or changing their roles can render services completely inoperable. It is + important to understand how the service account is being used before + removing or updating its roles. The following constraints apply when + using `setIamPolicy()`: + Project does not support `allUsers` and + `allAuthenticatedUsers` as `members` in a `Binding` of a `Policy`. + The + owner role can be granted to a `user`, `serviceAccount`, or a group that + is part of an organization. For example, group@myownpersonaldomain.com + could be added as an owner to a project in the myownpersonaldomain.com + organization, but not the examplepetstore.com organization. + Service + accounts can be made owners of a project directly without any + restrictions. However, to be added as an owner, a user must be invited + using the Cloud Platform console and must accept the invitation. + A + user cannot be granted the owner role using `setIamPolicy()`. The user + must be granted the owner role using the Cloud Platform Console and must + explicitly accept the invitation. + Invitations to grant the owner role + cannot be sent using `setIamPolicy()`; they must be sent only using the + Cloud Platform Console. + If the project is not part of an organization, + there must be at least one owner who has accepted the Terms of Service + (ToS) agreement in the policy. Calling `setIamPolicy()` to remove the + last ToS-accepted owner from the policy will fail. This restriction also + applies to legacy projects that no longer have owners who have accepted + the ToS. Edits to IAM policies will be rejected until the lack of a + ToS-accepting owner is rectified. If the project is part of an + organization, you can remove all owners, potentially making the + organization inaccessible. + operationId: cloudresourcemanager.projects.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/TagKey' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3995,53 +4069,50 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: tagKeysId + name: projectsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: validateOnly - schema: - type: boolean - delete: + /v3/tagKeys/{tagKeysId}:getIamPolicy: + parameters: *ref_1 + post: description: >- - Deletes a TagKey. The TagKey cannot be deleted if it has any child - TagValues. - operationId: cloudresourcemanager.tagKeys.delete + Gets the access control policy for a TagKey. The returned policy may be + empty if no such policy or resource exists. The `resource` field should + be the TagKey's resource name. For example, "tagKeys/1234". The caller + must have `cloudresourcemanager.googleapis.com/tagKeys.getIamPolicy` + permission on the specified TagKey. + operationId: cloudresourcemanager.tagKeys.getIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: tagKeysId required: true schema: type: string - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: etag - schema: - type: string /v3/tagKeys/namespaced: parameters: *ref_1 get: @@ -4071,30 +4142,26 @@ paths: name: name schema: type: string - /v3/tagKeys/{tagKeysId}:getIamPolicy: + /v3/tagKeys/{tagKeysId}:setIamPolicy: parameters: *ref_1 post: description: >- - Gets the access control policy for a TagKey. The returned policy may be - empty if no such policy or resource exists. The `resource` field should - be the TagKey's resource name. For example, "tagKeys/1234". The caller - must have `cloudresourcemanager.googleapis.com/tagKeys.getIamPolicy` - permission on the specified TagKey. - operationId: cloudresourcemanager.tagKeys.getIamPolicy + Sets the access control policy on a TagKey, replacing any existing + policy. The `resource` field should be the TagKey's resource name. For + example, "tagKeys/1234". The caller must have + `resourcemanager.tagKeys.setIamPolicy` permission on the identified + tagValue. + operationId: cloudresourcemanager.tagKeys.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response @@ -4108,21 +4175,16 @@ paths: required: true schema: type: string - /v3/tagKeys/{tagKeysId}:setIamPolicy: + /v3/tagKeys/{tagKeysId}: parameters: *ref_1 - post: - description: >- - Sets the access control policy on a TagKey, replacing any existing - policy. The `resource` field should be the TagKey's resource name. For - example, "tagKeys/1234". The caller must have - `resourcemanager.tagKeys.setIamPolicy` permission on the identified - tagValue. - operationId: cloudresourcemanager.tagKeys.setIamPolicy + patch: + description: Updates the attributes of the TagKey resource. + operationId: cloudresourcemanager.tagKeys.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/TagKey' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4134,27 +4196,27 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: tagKeysId required: true schema: type: string - /v3/tagKeys/{tagKeysId}:testIamPermissions: - parameters: *ref_1 - post: + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: description: >- - Returns permissions that a caller has on the specified TagKey. The - `resource` field should be the TagKey's resource name. For example, - "tagKeys/1234". There are no permissions required for making this API - call. - operationId: cloudresourcemanager.tagKeys.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + Deletes a TagKey. The TagKey cannot be deleted if it has any child + TagValues. + operationId: cloudresourcemanager.tagKeys.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4166,18 +4228,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: tagKeysId required: true schema: type: string - /v3/tagValues: - parameters: *ref_1 + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: etag + schema: + type: string get: - description: Lists all TagValues for a specific TagKey. - operationId: cloudresourcemanager.tagValues.list + description: >- + Retrieves a TagKey. This method will return `PERMISSION_DENIED` if the + key does not exist or the user does not have permission to view it. + operationId: cloudresourcemanager.tagKeys.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4193,33 +4263,60 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTagValuesResponse' + $ref: '#/components/schemas/TagKey' parameters: - - in: query - name: parent + - in: path + name: tagKeysId + required: true schema: type: string + /v3/tagKeys: + parameters: *ref_1 + get: + description: Lists all TagKeys for a parent resource. + operationId: cloudresourcemanager.tagKeys.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListTagKeysResponse' + parameters: - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: parent + schema: + type: string - in: query name: pageToken schema: type: string post: description: >- - Creates a TagValue as a child of the specified TagKey. If a another - request with the same parameters is sent while the original request is - in process the second request will receive an error. A maximum of 1000 - TagValues can exist under a TagKey at any given time. - operationId: cloudresourcemanager.tagValues.create + Creates a new TagKey. If another request with the same parameters is + sent while the original request is in process, the second request will + receive an error. A maximum of 1000 TagKeys can exist under a parent at + any given time. + operationId: cloudresourcemanager.tagKeys.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TagValue' + $ref: '#/components/schemas/TagKey' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4237,109 +4334,77 @@ paths: name: validateOnly schema: type: boolean - /v3/tagValues/{tagValuesId}: + /v3/tagKeys/{tagKeysId}:testIamPermissions: parameters: *ref_1 - get: + post: description: >- - Retrieves a TagValue. This method will return `PERMISSION_DENIED` if the - value does not exist or the user does not have permission to view it. - operationId: cloudresourcemanager.tagValues.get + Returns permissions that a caller has on the specified TagKey. The + `resource` field should be the TagKey's resource name. For example, + "tagKeys/1234". There are no permissions required for making this API + call. + operationId: cloudresourcemanager.tagKeys.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/TagValue' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path - name: tagValuesId + name: tagKeysId required: true schema: type: string - patch: - description: Updates the attributes of the TagValue resource. - operationId: cloudresourcemanager.tagValues.patch + /v3/liens: + parameters: *ref_1 + post: + description: >- + Create a Lien which applies to the resource denoted by the `parent` + field. Callers of this method will require permission on the `parent` + resource. For example, applying to `projects/1234` requires permission + `resourcemanager.projects.updateLiens`. NOTE: Some resources may limit + the number of Liens which may be applied. + operationId: cloudresourcemanager.liens.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TagValue' + $ref: '#/components/schemas/Lien' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: tagValuesId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: validateOnly - schema: - type: boolean - delete: - description: >- - Deletes a TagValue. The TagValue cannot have any bindings when it is - deleted. - operationId: cloudresourcemanager.tagValues.delete - security: - Oauth2: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/cloud-platform.read-only Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: tagValuesId - required: true - schema: - type: string - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: etag - schema: - type: string - /v3/tagValues/namespaced: - parameters: *ref_1 + $ref: '#/components/schemas/Lien' + parameters: [] get: description: >- - Retrieves a TagValue by its namespaced name. This method will return - `PERMISSION_DENIED` if the value does not exist or the user does not - have permission to view it. - operationId: cloudresourcemanager.tagValues.getNamespaced + List all Liens applied to the `parent` resource. Callers of this method + will require permission on the `parent` resource. For example, a Lien + with a `parent` of `projects/1234` requires permission + `resourcemanager.projects.get`. + operationId: cloudresourcemanager.liens.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4355,28 +4420,29 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TagValue' + $ref: '#/components/schemas/ListLiensResponse' parameters: - in: query - name: name + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v3/tagValues/{tagValuesId}:getIamPolicy: + - in: query + name: parent + schema: + type: string + /v3/liens/{liensId}: parameters: *ref_1 - post: + get: description: >- - Gets the access control policy for a TagValue. The returned policy may - be empty if no such policy or resource exists. The `resource` field - should be the TagValue's resource name. For example: `tagValues/1234`. - The caller must have the - `cloudresourcemanager.googleapis.com/tagValues.getIamPolicy` permission - on the identified TagValue to get the access control policy. - operationId: cloudresourcemanager.tagValues.getIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + Retrieve a Lien by `name`. Callers of this method will require + permission on the `parent` resource. For example, a Lien with a `parent` + of `projects/1234` requires permission `resourcemanager.projects.get` + operationId: cloudresourcemanager.liens.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4392,60 +4458,47 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Lien' parameters: - in: path - name: tagValuesId + name: liensId required: true schema: type: string - /v3/tagValues/{tagValuesId}:setIamPolicy: - parameters: *ref_1 - post: + delete: description: >- - Sets the access control policy on a TagValue, replacing any existing - policy. The `resource` field should be the TagValue's resource name. For - example: `tagValues/1234`. The caller must have - `resourcemanager.tagValues.setIamPolicy` permission on the identified - tagValue. - operationId: cloudresourcemanager.tagValues.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + Delete a Lien by `name`. Callers of this method will require permission + on the `parent` resource. For example, a Lien with a `parent` of + `projects/1234` requires permission + `resourcemanager.projects.updateLiens`. + operationId: cloudresourcemanager.liens.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: tagValuesId + name: liensId required: true schema: type: string - /v3/tagValues/{tagValuesId}:testIamPermissions: + /v3/tagBindings/{tagBindingsId}: parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified TagValue. The - `resource` field should be the TagValue's resource name. For example: - `tagValues/1234`. There are no permissions required for making this API - call. - operationId: cloudresourcemanager.tagValues.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + delete: + description: Deletes a TagBinding. + operationId: cloudresourcemanager.tagBindings.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4457,25 +4510,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: tagValuesId + name: tagBindingsId required: true schema: type: string - /v3/tagValues/{tagValuesId}/tagHolds: + /v3/tagBindings: parameters: *ref_1 post: - description: >- - Creates a TagHold. Returns ALREADY_EXISTS if a TagHold with the same - resource and origin exists under the same TagValue. - operationId: cloudresourcemanager.tagValues.tagHolds.create + description: Creates a TagBinding between a TagValue and a Google Cloud resource. + operationId: cloudresourcemanager.tagBindings.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TagHold' + $ref: '#/components/schemas/TagBinding' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4489,18 +4540,17 @@ paths: schema: $ref: '#/components/schemas/Operation' parameters: - - in: path - name: tagValuesId - required: true - schema: - type: string - in: query name: validateOnly schema: type: boolean get: - description: Lists TagHolds under a TagValue. - operationId: cloudresourcemanager.tagValues.tagHolds.list + description: >- + Lists the TagBindings for the given Google Cloud resource, as specified + with `parent`. NOTE: The `parent` field is expected to be a full + resource name: + https://cloud.google.com/apis/design/resource_names#full_resource_name + operationId: cloudresourcemanager.tagBindings.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4516,55 +4566,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTagHoldsResponse' + $ref: '#/components/schemas/ListTagBindingsResponse' parameters: - - in: path - name: tagValuesId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: type: string - in: query - name: filter - schema: - type: string - /v3/tagValues/{tagValuesId}/tagHolds/{tagHoldsId}: - parameters: *ref_1 - delete: - description: Deletes a TagHold. - operationId: cloudresourcemanager.tagValues.tagHolds.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: tagValuesId - required: true - schema: - type: string - - in: path - name: tagHoldsId - required: true + name: parent schema: type: string - in: query - name: validateOnly + name: pageSize schema: - type: boolean + type: integer + format: int32 diff --git a/providers/src/googleapis.com/v00.00.00000/services/cloudscheduler.yaml b/providers/src/googleapis.com/v00.00.00000/services/cloudscheduler.yaml index c2c949cd..42e71f40 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/cloudscheduler.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/cloudscheduler.yaml @@ -7,8 +7,8 @@ info: title: Cloud Scheduler API description: Creates and manages jobs run on a regular recurring schedule. version: v1 - x-discovery-doc-revision: '20250728' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251114' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/scheduler/ servers: @@ -34,302 +34,255 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. + PauseJobRequest: + id: PauseJobRequest + properties: {} + description: Request message for PauseJob. type: object + RetryConfig: properties: - locations: + minBackoffDuration: + format: google-duration + type: string description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. + The minimum amount of time to wait before retrying a job after it + fails. The default value of this field is 5 seconds. + retryCount: + format: int32 + description: >- + The number of attempts that the system will make to run a job using + the exponential backoff procedure described by max_doublings. The + default value of retry_count is zero. If retry_count is 0 (and if + max_retry_duration is also 0), a job attempt won't be retried if it + fails. Instead, Cloud Scheduler system will wait for the next + scheduled execution time. Setting retry_count to 0 doesn't prevent + failed jobs from running according to schedule after the failure. If + retry_count is set to a non-zero number, Cloud Scheduler will retry + the failed job, using exponential backoff, for retry_count times + until the job succeeds or the number of retries is exhausted. Note + that the next scheduled execution time might be skipped if the + retries continue through that time. Values greater than 5 and + negative values are not allowed. + type: integer + maxRetryDuration: type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + format: google-duration + description: >- + The time limit for retrying a failed job, measured from the time + when an execution was first attempted. If specified with + retry_count, the job will be retried until both limits are reached. + The default value for max_retry_duration is zero, which means retry + duration is unlimited. However, if retry_count is also 0, a job + attempt won't be retried if it fails. + maxBackoffDuration: + description: >- + The maximum amount of time to wait before retrying a job after it + fails. The default value of this field is 1 hour. + type: string + format: google-duration + maxDoublings: + description: >- + The time between retries will double `max_doublings` times. A job's + retry interval starts at min_backoff_duration, then doubles + `max_doublings` times, then increases linearly, and finally retries + at intervals of max_backoff_duration up to retry_count times. For + examples, see [Retry + jobs](/scheduler/docs/configuring/retry-jobs#max-doublings). The + default value of this field is 5. + format: int32 + type: integer + id: RetryConfig + description: >- + Settings that determine the retry behavior. For more information, see + [Retry jobs](/scheduler/docs/configuring/retry-jobs). By default, if a + job does not complete successfully (meaning that an acknowledgement is + not received from the handler, then it will be retried with exponential + backoff according to the settings in RetryConfig. + type: object + PubsubMessage: + id: PubsubMessage type: object + description: >- + A message that is published by publishers and consumed by subscribers. + The message must contain either a non-empty data field or at least one + attribute. Note that client libraries represent this object differently + depending on the language. See the corresponding [client library + documentation](https://cloud.google.com/pubsub/docs/reference/libraries) + for more information. See [quotas and limits] + (https://cloud.google.com/pubsub/quotas) for more information about + message limits. properties: - name: + publishTime: description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + The time at which the message was published, populated by the server + when it receives the `Publish` call. It must not be populated by the + publisher in a `Publish` call. + format: google-datetime type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + messageId: type: string - displayName: description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: + ID of this message, assigned by the server when the message is + published. Guaranteed to be unique within the topic. This value may + be read by a subscriber that receives a `PubsubMessage` via a `Pull` + call or a push delivery. It must not be populated by the publisher + in a `Publish` call. + data: + format: byte description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} + Optional. The message data field. If this field is empty, the + message must contain at least one attribute. + type: string + attributes: type: object + description: >- + Optional. Attributes for this message. If this field is empty, the + message must contain non-empty data. This can be used to filter + messages on the subscription. additionalProperties: type: string - metadata: + orderingKey: + type: string description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object + Optional. If non-empty, identifies related messages for which + publish order should be respected. If a `Subscription` has + `enable_message_ordering` set to `true`, messages published with the + same non-empty `ordering_key` value will be delivered to subscribers + in the order in which they are received by the Pub/Sub system. All + `PubsubMessage`s published in a given `PublishRequest` must specify + the same `ordering_key` value. For more information, see [ordering + messages](https://cloud.google.com/pubsub/docs/ordering). + Operation: + description: >- + This resource represents a long-running operation that is the result of + a network API call. + id: Operation + properties: + metadata: additionalProperties: - type: any description: Properties of the object. Contains field @type with type URL. - ListJobsResponse: - id: ListJobsResponse - description: Response message for listing jobs using ListJobs. - type: object - properties: - jobs: - description: The list of jobs. - type: array - items: - $ref: '#/components/schemas/Job' - nextPageToken: - description: >- - A token to retrieve next page of results. Pass this value in the - page_token field in the subsequent call to ListJobs to retrieve the - next page of results. If this is empty it indicates that there are - no more results through which to paginate. The page token is valid - for only 2 hours. - type: string - Job: - id: Job - description: Configuration for a job. The maximum allowed size for a job is 1MB. - type: object - properties: - name: - description: >- - Optionally caller-specified in CreateJob, after which it becomes - output only. The job name. For example: - `projects/PROJECT_ID/locations/LOCATION_ID/jobs/JOB_ID`. * - `PROJECT_ID` can contain letters ([A-Za-z]), numbers ([0-9]), - hyphens (-), colons (:), or periods (.). For more information, see - [Identifying - projects](https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects) - * `LOCATION_ID` is the canonical ID for the job's location. The list - of available locations can be obtained by calling ListLocations. For - more information, see https://cloud.google.com/about/locations/. * - `JOB_ID` can contain only letters ([A-Za-z]), numbers ([0-9]), - hyphens (-), or underscores (_). The maximum length is 500 - characters. - type: string - description: - description: >- - Optionally caller-specified in CreateJob or UpdateJob. A - human-readable description for the job. This string must not contain - more than 500 characters. - type: string - pubsubTarget: - description: Pub/Sub target. - $ref: '#/components/schemas/PubsubTarget' - appEngineHttpTarget: - description: App Engine HTTP target. - $ref: '#/components/schemas/AppEngineHttpTarget' - httpTarget: - description: HTTP target. - $ref: '#/components/schemas/HttpTarget' - schedule: + type: any + type: object description: >- - Required, except when used with UpdateJob. Describes the schedule on - which the job will be executed. The schedule can be either of the - following types: * - [Crontab](https://en.wikipedia.org/wiki/Cron#Overview) * - English-like - [schedule](https://cloud.google.com/scheduler/docs/configuring/cron-job-schedules) - As a general rule, execution `n + 1` of a job will not begin until - execution `n` has finished. Cloud Scheduler will never allow two - simultaneously outstanding executions. For example, this implies - that if the `n+1`th execution is scheduled to run at 16:00 but the - `n`th execution takes until 16:15, the `n+1`th execution will not - start until `16:15`. A scheduled start time will be delayed if the - previous execution has not ended when its scheduled time occurs. If - retry_count > 0 and a job attempt fails, the job will be tried a - total of retry_count times, with exponential backoff, until the next - scheduled start time. If retry_count is 0, a job attempt will not be - retried if it fails. Instead the Cloud Scheduler system will wait - for the next scheduled execution time. Setting retry_count to 0 does - not prevent failed jobs from running according to schedule after the - failure. - type: string - timeZone: + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + done: description: >- - Specifies the time zone to be used in interpreting schedule. The - value of this field must be a time zone name from the [tz - database](http://en.wikipedia.org/wiki/Tz_database). Note that some - time zones include a provision for daylight savings time. The rules - for daylight saving time are determined by the chosen tz. For UTC - use the string "utc". If a time zone is not specified, the default - will be in UTC (also known as GMT). - type: string - userUpdateTime: - description: Output only. The creation time of the job. - readOnly: true - type: string - format: google-datetime - state: - description: Output only. State of the job. - readOnly: true - type: string - enumDescriptions: - - Unspecified state. - - The job is executing normally. - - >- - The job is paused by the user. It will not execute. A user can - intentionally pause the job using PauseJobRequest. - - >- - The job is disabled by the system due to error. The user cannot - directly set a job to be disabled. - - >- - The job state resulting from a failed CloudScheduler.UpdateJob - operation. To recover a job from this state, retry - CloudScheduler.UpdateJob until a successful response is received. - enum: - - STATE_UNSPECIFIED - - ENABLED - - PAUSED - - DISABLED - - UPDATE_FAILED - status: + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + response: description: >- - Output only. The response from the target for the last attempted - execution. - readOnly: true + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + error: $ref: '#/components/schemas/Status' - scheduleTime: description: >- - Output only. The next time the job is scheduled. Note that this may - be a retry of a previously failed attempt or the next execution time - according to the schedule. - readOnly: true - type: string - format: google-datetime - lastAttemptTime: - description: Output only. The time the last job attempt started. - readOnly: true + The error result of the operation in case of failure or + cancellation. + name: type: string - format: google-datetime - retryConfig: - description: Settings that determine the retry behavior. - $ref: '#/components/schemas/RetryConfig' - attemptDeadline: description: >- - The deadline for job attempts. If the request handler does not - respond by this deadline then the request is cancelled and the - attempt is marked as a `DEADLINE_EXCEEDED` failure. The failed - attempt can be viewed in execution logs. Cloud Scheduler will retry - the job according to the RetryConfig. The default and the allowed - values depend on the type of target: * For HTTP targets, the default - is 3 minutes. The deadline must be in the interval [15 seconds, 30 - minutes]. * For App Engine HTTP targets, 0 indicates that the - request has the default deadline. The default deadline depends on - the scaling type of the service: 10 minutes for standard apps with - automatic scaling, 24 hours for standard apps with manual and basic - scaling, and 60 minutes for flex apps. If the request deadline is - set, it must be in the interval [15 seconds, 24 hours 15 seconds]. * - For Pub/Sub targets, this field is ignored. - type: string - format: google-duration - satisfiesPzs: - description: >- - Output only. Whether or not this Job satisfies the requirements of - physical zone separation - readOnly: true - type: boolean - PubsubTarget: - id: PubsubTarget - description: >- - Pub/Sub target. The job will be delivered by publishing a message to the - given Pub/Sub topic. + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: object + Status: type: object properties: - topicName: - description: >- - Required. The name of the Cloud Pub/Sub topic to which messages will - be published when a job is delivered. The topic name must be in the - same format as required by Pub/Sub's - [PublishRequest.name](https://cloud.google.com/pubsub/docs/reference/rpc/google.pubsub.v1#publishrequest), - for example `projects/PROJECT_ID/topics/TOPIC_ID`. The topic must be - in the same project as the Cloud Scheduler job. - type: string - data: + message: description: >- - The message payload for PubsubMessage. Pubsub message must contain - either non-empty data, or at least one attribute. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - format: byte - attributes: + code: + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + format: int32 + details: description: >- - Attributes for PubsubMessage. Pubsub message must contain either - non-empty data, or at least one attribute. - type: object - additionalProperties: - type: string - AppEngineHttpTarget: - id: AppEngineHttpTarget + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + id: Status description: >- - App Engine target. The job will be pushed to a job handler by means of - an HTTP request via an http_method such as HTTP POST, HTTP GET, etc. The - job is acknowledged by means of an HTTP response code in the range [200 - - 299]. Error 503 is considered an App Engine system error instead of an - application error. Requests returning error 503 will be retried - regardless of retry configuration and not counted against retry counts. - Any other response code, or a failure to receive a response before the - deadline, constitutes a failed attempt. + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + OAuthToken: + description: >- + Contains information needed for generating an [OAuth + token](https://developers.google.com/identity/protocols/OAuth2). This + type of authorization should generally only be used when calling Google + APIs hosted on *.googleapis.com. + id: OAuthToken type: object properties: - httpMethod: + scope: description: >- - The HTTP method to use for the request. PATCH and OPTIONS are not - permitted. + OAuth scope to be used for generating OAuth access token. If not + specified, "https://www.googleapis.com/auth/cloud-platform" will be + used. type: string - enumDescriptions: - - HTTP method unspecified. Defaults to POST. - - HTTP POST - - HTTP GET - - HTTP HEAD - - HTTP PUT - - HTTP DELETE - - HTTP PATCH - - HTTP OPTIONS - enum: - - HTTP_METHOD_UNSPECIFIED - - POST - - GET - - HEAD - - PUT - - DELETE - - PATCH - - OPTIONS - appEngineRouting: - description: App Engine Routing setting for the job. - $ref: '#/components/schemas/AppEngineRouting' - relativeUri: + serviceAccountEmail: description: >- - The relative URI. The relative URL must begin with "/" and must be a - valid HTTP relative URL. It can contain a path, query string - arguments, and `#` fragments. If the relative URL is empty, then the - root path "/" will be used. No spaces are allowed, and the maximum - length allowed is 2083 characters. + [Service account + email](https://cloud.google.com/iam/docs/service-accounts) to be + used for generating OAuth token. The service account must be within + the same project as the job. The caller must have + iam.serviceAccounts.actAs permission for the service account. type: string - headers: + HttpTarget: + type: object + id: HttpTarget + properties: + oauthToken: + $ref: '#/components/schemas/OAuthToken' description: >- - HTTP request headers. This map contains the header field names and - values. Headers can be set when the job is created. Cloud Scheduler - sets some headers to default values: * `User-Agent`: By default, - this header is `"AppEngine-Google; - (+http://code.google.com/appengine)"`. This header can be modified, - but Cloud Scheduler will append `"AppEngine-Google; - (+http://code.google.com/appengine)"` to the modified `User-Agent`. - * `X-CloudScheduler`: This header will be set to true. * + If specified, an [OAuth + token](https://developers.google.com/identity/protocols/OAuth2) will + be generated and attached as an `Authorization` header in the HTTP + request. This type of authorization should generally only be used + when calling Google APIs hosted on *.googleapis.com. + headers: + description: >- + HTTP request headers. This map contains the header field names and + values. The user can specify HTTP request headers to send with the + job's HTTP request. Repeated headers are not supported, but a header + value can contain commas. The following headers represent a subset + of the headers that accompany the job's HTTP request. Some HTTP + request headers are ignored or replaced. A partial list of headers + that are ignored or replaced is below: * Host: This will be computed + by Cloud Scheduler and derived from uri. * `Content-Length`: This + will be computed by Cloud Scheduler. * `User-Agent`: This will be + set to `"Google-Cloud-Scheduler"`. * `X-Google-*`: Google internal + use only. * `X-AppEngine-*`: Google internal use only. * + `X-CloudScheduler`: This header will be set to true. * `X-CloudScheduler-JobName`: This header will contain the job name. * `X-CloudScheduler-ScheduleTime`: For Cloud Scheduler jobs specified in the unix-cron format, this header will contain the job schedule @@ -339,24 +292,65 @@ components: `"application/octet-stream"`. You can override this default by explicitly setting `Content-Type` to a particular media type when creating the job. For example, you can set `Content-Type` to - `"application/json"`. The headers below are output only. They cannot - be set or overridden: * `Content-Length`: This is computed by Cloud - Scheduler. * `X-Google-*`: For Google internal use only. * - `X-AppEngine-*`: For Google internal use only. In addition, some App - Engine headers, which contain job-specific information, are also be - sent to the job handler. + `"application/json"`. The total size of headers must be less than + 80KB. type: object additionalProperties: type: string body: description: >- - Body. HTTP request body. A request body is allowed only if the HTTP - method is POST or PUT. It will result in invalid argument error to - set a body on a job with an incompatible HttpMethod. + HTTP request body. A request body is allowed only if the HTTP method + is POST, PUT, or PATCH. It is an error to set body on a job with an + incompatible HttpMethod. type: string format: byte + httpMethod: + enum: + - HTTP_METHOD_UNSPECIFIED + - POST + - GET + - HEAD + - PUT + - DELETE + - PATCH + - OPTIONS + description: Which HTTP method to use for the request. + type: string + enumDescriptions: + - HTTP method unspecified. Defaults to POST. + - HTTP POST + - HTTP GET + - HTTP HEAD + - HTTP PUT + - HTTP DELETE + - HTTP PATCH + - HTTP OPTIONS + uri: + description: >- + Required. The full URI path that the request will be sent to. This + string must begin with either "http://" or "https://". Some examples + of valid values for uri are: `http://acme.com` and + `https://acme.com/sales:8080`. Cloud Scheduler will encode some + characters for safety and compatibility. The maximum allowed URL + length is 2083 characters after encoding. + type: string + oidcToken: + $ref: '#/components/schemas/OidcToken' + description: >- + If specified, an + [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) + token will be generated and attached as an `Authorization` header in + the HTTP request. This type of authorization can be used for many + scenarios, including calling Cloud Run, or endpoints where you + intend to validate the token yourself. + description: >- + Http target. The job will be pushed to the job handler by means of an + HTTP request via an http_method such as HTTP POST, HTTP GET, etc. The + job is acknowledged by means of an HTTP response code in the range [200 + - 299]. A failure to receive a response constitutes a failed execution. + For a redirected request, the response returned by the redirected + request is considered. AppEngineRouting: - id: AppEngineRouting description: >- App Engine Routing. For more information about services, versions, and instances see [An Overview of App @@ -370,28 +364,12 @@ components: type: object properties: service: + type: string description: >- App service. By default, the job is sent to the service which is the default service when the job is attempted. - type: string - version: - description: >- - App version. By default, the job is sent to the version which is the - default version when the job is attempted. - type: string - instance: - description: >- - App instance. By default, the job is sent to an instance which is - available when the job is attempted. Requests can only be sent to a - specific instance if [manual scaling is used in App Engine - Standard](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine?#scaling_types_and_instance_classes). - App Engine Flex does not support instances. For more information, - see [App Engine Standard request - routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) - and [App Engine Flex request - routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed). - type: string host: + type: string description: >- Output only. The host that the job is sent to. For more information about how App Engine requests are routed, see @@ -418,62 +396,147 @@ components: available when the job is attempted. If service, version, or instance is invalid, then the job will be sent to the default version of the default service when the job is attempted. + version: + description: >- + App version. By default, the job is sent to the version which is the + default version when the job is attempted. type: string - HttpTarget: - id: HttpTarget + instance: + description: >- + App instance. By default, the job is sent to an instance which is + available when the job is attempted. Requests can only be sent to a + specific instance if [manual scaling is used in App Engine + Standard](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine?#scaling_types_and_instance_classes). + App Engine Flex does not support instances. For more information, + see [App Engine Standard request + routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) + and [App Engine Flex request + routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed). + type: string + id: AppEngineRouting + ListJobsResponse: + type: object + properties: + jobs: + items: + $ref: '#/components/schemas/Job' + type: array + description: The list of jobs. + nextPageToken: + description: >- + A token to retrieve next page of results. Pass this value in the + page_token field in the subsequent call to ListJobs to retrieve the + next page of results. If this is empty it indicates that there are + no more results through which to paginate. The page token is valid + for only 2 hours. + type: string + description: Response message for listing jobs using ListJobs. + id: ListJobsResponse + OidcToken: description: >- - Http target. The job will be pushed to the job handler by means of an - HTTP request via an http_method such as HTTP POST, HTTP GET, etc. The - job is acknowledged by means of an HTTP response code in the range [200 - - 299]. A failure to receive a response constitutes a failed execution. - For a redirected request, the response returned by the redirected - request is considered. + Contains information needed for generating an [OpenID Connect + token](https://developers.google.com/identity/protocols/OpenIDConnect). + This type of authorization can be used for many scenarios, including + calling Cloud Run, or endpoints where you intend to validate the token + yourself. + id: OidcToken type: object properties: - uri: + serviceAccountEmail: description: >- - Required. The full URI path that the request will be sent to. This - string must begin with either "http://" or "https://". Some examples - of valid values for uri are: `http://acme.com` and - `https://acme.com/sales:8080`. Cloud Scheduler will encode some - characters for safety and compatibility. The maximum allowed URL - length is 2083 characters after encoding. + [Service account + email](https://cloud.google.com/iam/docs/service-accounts) to be + used for generating OIDC token. The service account must be within + the same project as the job. The caller must have + iam.serviceAccounts.actAs permission for the service account. type: string - httpMethod: - description: Which HTTP method to use for the request. + audience: + description: >- + Audience to be used when generating OIDC token. If not specified, + the URI specified in target will be used. + type: string + ListLocationsResponse: + properties: + locations: + description: >- + A list of locations that matches the specified filter in the + request. + type: array + items: + $ref: '#/components/schemas/Location' + nextPageToken: + description: The standard List next-page token. + type: string + type: object + description: The response message for Locations.ListLocations. + id: ListLocationsResponse + RunJobRequest: + description: Request message for forcing a job to run now using RunJob. + id: RunJobRequest + type: object + properties: {} + Empty: + type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: Empty + properties: {} + CmekConfig: + id: CmekConfig + description: >- + Describes the project/location configuration of Cloud Scheduler + Resources. + type: object + properties: + name: + description: >- + Identifier. The config resource name which includes the project and + location and must end in 'cmekConfig', in the format + projects/PROJECT_ID/locations/LOCATION_ID/cmekConfig` + type: string + kmsKeyName: + description: >- + Optional. Resource name of the Cloud KMS key, of the form + `projects/PROJECT_ID/locations/LOCATION_ID/keyRings/KEY_RING_ID/cryptoKeys/KEY_ID`, + that will be used to encrypt Jobs in the region. Setting this as + blank will turn off CMEK encryption. + type: string + ResumeJobRequest: + type: object + id: ResumeJobRequest + properties: {} + description: Request message for ResumeJob. + AppEngineHttpTarget: + description: >- + App Engine target. The job will be pushed to a job handler by means of + an HTTP request via an http_method such as HTTP POST, HTTP GET, etc. The + job is acknowledged by means of an HTTP response code in the range [200 + - 299]. Error 503 is considered an App Engine system error instead of an + application error. Requests returning error 503 will be retried + regardless of retry configuration and not counted against retry counts. + Any other response code, or a failure to receive a response before the + deadline, constitutes a failed attempt. + properties: + body: + description: >- + Body. HTTP request body. A request body is allowed only if the HTTP + method is POST or PUT. It will result in invalid argument error to + set a body on a job with an incompatible HttpMethod. + format: byte type: string - enumDescriptions: - - HTTP method unspecified. Defaults to POST. - - HTTP POST - - HTTP GET - - HTTP HEAD - - HTTP PUT - - HTTP DELETE - - HTTP PATCH - - HTTP OPTIONS - enum: - - HTTP_METHOD_UNSPECIFIED - - POST - - GET - - HEAD - - PUT - - DELETE - - PATCH - - OPTIONS headers: description: >- HTTP request headers. This map contains the header field names and - values. The user can specify HTTP request headers to send with the - job's HTTP request. Repeated headers are not supported, but a header - value can contain commas. The following headers represent a subset - of the headers that accompany the job's HTTP request. Some HTTP - request headers are ignored or replaced. A partial list of headers - that are ignored or replaced is below: * Host: This will be computed - by Cloud Scheduler and derived from uri. * `Content-Length`: This - will be computed by Cloud Scheduler. * `User-Agent`: This will be - set to `"Google-Cloud-Scheduler"`. * `X-Google-*`: Google internal - use only. * `X-AppEngine-*`: Google internal use only. * - `X-CloudScheduler`: This header will be set to true. * + values. Headers can be set when the job is created. Cloud Scheduler + sets some headers to default values: * `User-Agent`: By default, + this header is `"AppEngine-Google; + (+http://code.google.com/appengine)"`. This header can be modified, + but Cloud Scheduler will append `"AppEngine-Google; + (+http://code.google.com/appengine)"` to the modified `User-Agent`. + * `X-CloudScheduler`: This header will be set to true. * `X-CloudScheduler-JobName`: This header will contain the job name. * `X-CloudScheduler-ScheduleTime`: For Cloud Scheduler jobs specified in the unix-cron format, this header will contain the job schedule @@ -483,351 +546,291 @@ components: `"application/octet-stream"`. You can override this default by explicitly setting `Content-Type` to a particular media type when creating the job. For example, you can set `Content-Type` to - `"application/json"`. The total size of headers must be less than - 80KB. + `"application/json"`. The headers below are output only. They cannot + be set or overridden: * `Content-Length`: This is computed by Cloud + Scheduler. * `X-Google-*`: For Google internal use only. * + `X-AppEngine-*`: For Google internal use only. In addition, some App + Engine headers, which contain job-specific information, are also be + sent to the job handler. type: object additionalProperties: type: string - body: + appEngineRouting: + $ref: '#/components/schemas/AppEngineRouting' + description: App Engine Routing setting for the job. + httpMethod: description: >- - HTTP request body. A request body is allowed only if the HTTP method - is POST, PUT, or PATCH. It is an error to set body on a job with an - incompatible HttpMethod. + The HTTP method to use for the request. PATCH and OPTIONS are not + permitted. type: string - format: byte - oauthToken: - description: >- - If specified, an [OAuth - token](https://developers.google.com/identity/protocols/OAuth2) will - be generated and attached as an `Authorization` header in the HTTP - request. This type of authorization should generally only be used - when calling Google APIs hosted on *.googleapis.com. - $ref: '#/components/schemas/OAuthToken' - oidcToken: + enum: + - HTTP_METHOD_UNSPECIFIED + - POST + - GET + - HEAD + - PUT + - DELETE + - PATCH + - OPTIONS + enumDescriptions: + - HTTP method unspecified. Defaults to POST. + - HTTP POST + - HTTP GET + - HTTP HEAD + - HTTP PUT + - HTTP DELETE + - HTTP PATCH + - HTTP OPTIONS + relativeUri: description: >- - If specified, an - [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) - token will be generated and attached as an `Authorization` header in - the HTTP request. This type of authorization can be used for many - scenarios, including calling Cloud Run, or endpoints where you - intend to validate the token yourself. - $ref: '#/components/schemas/OidcToken' - OAuthToken: - id: OAuthToken - description: >- - Contains information needed for generating an [OAuth - token](https://developers.google.com/identity/protocols/OAuth2). This - type of authorization should generally only be used when calling Google - APIs hosted on *.googleapis.com. + The relative URI. The relative URL must begin with "/" and must be a + valid HTTP relative URL. It can contain a path, query string + arguments, and `#` fragments. If the relative URL is empty, then the + root path "/" will be used. No spaces are allowed, and the maximum + length allowed is 2083 characters. + type: string + id: AppEngineHttpTarget + type: object + Job: type: object + id: Job + description: Configuration for a job. The maximum allowed size for a job is 1MB. properties: - serviceAccountEmail: + schedule: description: >- - [Service account - email](https://cloud.google.com/iam/docs/service-accounts) to be - used for generating OAuth token. The service account must be within - the same project as the job. The caller must have - iam.serviceAccounts.actAs permission for the service account. + Required, except when used with UpdateJob. Describes the schedule on + which the job will be executed. The schedule can be either of the + following types: * + [Crontab](https://en.wikipedia.org/wiki/Cron#Overview) * + English-like + [schedule](/scheduler/docs/configuring/cron-job-schedules) As a + general rule, execution `n + 1` of a job will not begin until + execution `n` has finished. Cloud Scheduler will never allow two + simultaneously outstanding executions. For example, this implies + that if the `n+1`th execution is scheduled to run at 16:00 but the + `n`th execution takes until 16:15, the `n+1`th execution will not + start until `16:15`. A scheduled start time will be delayed if the + previous execution has not ended when its scheduled time occurs. If + retry_count > 0 and a job attempt fails, the job will be tried a + total of retry_count times, with exponential backoff, until the next + scheduled start time. If retry_count is 0, a job attempt will not be + retried if it fails. Instead the Cloud Scheduler system will wait + for the next scheduled execution time. Setting retry_count to 0 does + not prevent failed jobs from running according to schedule after the + failure. type: string - scope: + status: description: >- - OAuth scope to be used for generating OAuth access token. If not - specified, "https://www.googleapis.com/auth/cloud-platform" will be - used. - type: string - OidcToken: - id: OidcToken - description: >- - Contains information needed for generating an [OpenID Connect - token](https://developers.google.com/identity/protocols/OpenIDConnect). - This type of authorization can be used for many scenarios, including - calling Cloud Run, or endpoints where you intend to validate the token - yourself. - type: object - properties: - serviceAccountEmail: + Output only. The response from the target for the last attempted + execution. + $ref: '#/components/schemas/Status' + readOnly: true + retryConfig: + description: Settings that determine the retry behavior. + $ref: '#/components/schemas/RetryConfig' + satisfiesPzs: description: >- - [Service account - email](https://cloud.google.com/iam/docs/service-accounts) to be - used for generating OIDC token. The service account must be within - the same project as the job. The caller must have - iam.serviceAccounts.actAs permission for the service account. + Output only. Whether or not this Job satisfies the requirements of + physical zone separation + readOnly: true + type: boolean + timeZone: type: string - audience: description: >- - Audience to be used when generating OIDC token. If not specified, - the URI specified in target will be used. - type: string - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + Specifies the time zone to be used in interpreting schedule. The + value of this field must be a time zone name from the [tz + database](http://en.wikipedia.org/wiki/Tz_database). Note that some + time zones include a provision for daylight savings time. The rules + for daylight saving time are determined by the chosen tz. For UTC + use the string "utc". If a time zone is not specified, the default + will be in UTC (also known as GMT). + description: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + Optionally caller-specified in CreateJob or UpdateJob. A + human-readable description for the job. This string must not contain + more than 500 characters. type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - RetryConfig: - id: RetryConfig - description: >- - Settings that determine the retry behavior. For more information, see - [Retry - jobs](https://cloud.google.com/scheduler/docs/configuring/retry-jobs). - By default, if a job does not complete successfully (meaning that an - acknowledgement is not received from the handler, then it will be - retried with exponential backoff according to the settings in - RetryConfig. - type: object - properties: - retryCount: + attemptDeadline: description: >- - The number of attempts that the system will make to run a job using - the exponential backoff procedure described by max_doublings. The - default value of retry_count is zero. If retry_count is 0 (and if - max_retry_duration is also 0), a job attempt won't be retried if it - fails. Instead, Cloud Scheduler system will wait for the next - scheduled execution time. Setting retry_count to 0 doesn't prevent - failed jobs from running according to schedule after the failure. If - retry_count is set to a non-zero number, Cloud Scheduler will retry - the failed job, using exponential backoff, for retry_count times - until the job succeeds or the number of retries is exhausted. Note - that the next scheduled execution time might be skipped if the - retries continue through that time. Values greater than 5 and - negative values are not allowed. - type: integer - format: int32 - maxRetryDuration: + The deadline for job attempts. If the request handler does not + respond by this deadline then the request is cancelled and the + attempt is marked as a `DEADLINE_EXCEEDED` failure. The failed + attempt can be viewed in execution logs. Cloud Scheduler will retry + the job according to the RetryConfig. The default and the allowed + values depend on the type of target: * For HTTP targets, the default + is 3 minutes. The deadline must be in the interval [15 seconds, 30 + minutes]. * For App Engine HTTP targets, 0 indicates that the + request has the default deadline. The default deadline depends on + the scaling type of the service: 10 minutes for standard apps with + automatic scaling, 24 hours for standard apps with manual and basic + scaling, and 60 minutes for flex apps. If the request deadline is + set, it must be in the interval [15 seconds, 24 hours 15 seconds]. * + For Pub/Sub targets, this field is ignored. + format: google-duration + type: string + scheduleTime: + format: google-datetime + readOnly: true description: >- - The time limit for retrying a failed job, measured from the time - when an execution was first attempted. If specified with - retry_count, the job will be retried until both limits are reached. - The default value for max_retry_duration is zero, which means retry - duration is unlimited. However, if retry_count is also 0, a job - attempt won't be retried if it fails. + Output only. The next time the job is scheduled. Note that this may + be a retry of a previously failed attempt or the next execution time + according to the schedule. type: string - format: google-duration - minBackoffDuration: + appEngineHttpTarget: + $ref: '#/components/schemas/AppEngineHttpTarget' + description: App Engine HTTP target. + lastAttemptTime: + type: string + format: google-datetime + description: Output only. The time the last job attempt started. + readOnly: true + name: description: >- - The minimum amount of time to wait before retrying a job after it - fails. The default value of this field is 5 seconds. + Optionally caller-specified in CreateJob, after which it becomes + output only. The job name. For example: + `projects/PROJECT_ID/locations/LOCATION_ID/jobs/JOB_ID`. * + `PROJECT_ID` can contain letters ([A-Za-z]), numbers ([0-9]), + hyphens (-), colons (:), or periods (.). For more information, see + [Identifying + projects](/resource-manager/docs/creating-managing-projects#identifying_projects) + * `LOCATION_ID` is the canonical ID for the job's location. The list + of available locations can be obtained by calling + [locations.list](/scheduler/docs/reference/rest/v1/projects.locations/list). + For more information, see [Cloud Scheduler + locations](/scheduler/docs/locations). * `JOB_ID` can contain only + letters ([A-Za-z]), numbers ([0-9]), hyphens (-), or underscores + (_). The maximum length is 500 characters. + type: string + userUpdateTime: + format: google-datetime type: string - format: google-duration - maxBackoffDuration: - description: >- - The maximum amount of time to wait before retrying a job after it - fails. The default value of this field is 1 hour. + description: Output only. The creation time of the job. + readOnly: true + httpTarget: + $ref: '#/components/schemas/HttpTarget' + description: HTTP target. + pubsubTarget: + description: Pub/Sub target. + $ref: '#/components/schemas/PubsubTarget' + state: + readOnly: true type: string - format: google-duration - maxDoublings: - description: >- - The time between retries will double `max_doublings` times. A job's - retry interval starts at min_backoff_duration, then doubles - `max_doublings` times, then increases linearly, and finally retries - at intervals of max_backoff_duration up to retry_count times. For - examples, see [Retry - jobs](https://cloud.google.com/scheduler/docs/configuring/retry-jobs#max-doublings). - The default value of this field is 5. - type: integer - format: int32 - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - PauseJobRequest: - id: PauseJobRequest - description: Request message for PauseJob. - type: object - properties: {} - ResumeJobRequest: - id: ResumeJobRequest - description: Request message for ResumeJob. - type: object - properties: {} - RunJobRequest: - id: RunJobRequest - description: Request message for forcing a job to run now using RunJob. - type: object - properties: {} + description: Output only. State of the job. + enum: + - STATE_UNSPECIFIED + - ENABLED + - PAUSED + - DISABLED + - UPDATE_FAILED + enumDescriptions: + - Unspecified state. + - The job is executing normally. + - >- + The job is paused by the user. It will not execute. A user can + intentionally pause the job using PauseJobRequest. + - >- + The job is disabled by the system due to error. The user cannot + directly set a job to be disabled. + - >- + The job state resulting from a failed CloudScheduler.UpdateJob + operation. To recover a job from this state, retry + CloudScheduler.UpdateJob until a successful response is received. ListOperationsResponse: - id: ListOperationsResponse description: The response message for Operations.ListOperations. - type: object properties: - operations: + nextPageToken: + type: string + description: The standard List next-page token. + unreachable: description: >- - A list of operations that matches the specified filter in the - request. + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. type: array + items: + type: string + operations: items: $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + type: array + description: >- + A list of operations that matches the specified filter in the + request. + id: ListOperationsResponse type: object + Location: + description: A resource that represents a Google Cloud location. properties: - name: + labels: + additionalProperties: + type: string + type: object description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} metadata: description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. + Service-specific metadata. For example the available capacity at the + given location. type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + displayName: + type: string description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + name: + type: string description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + locationId: + type: string + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: object + id: Location CancelOperationRequest: + properties: {} id: CancelOperationRequest description: The request message for Operations.CancelOperation. type: object - properties: {} - PubsubMessage: - id: PubsubMessage - description: >- - A message that is published by publishers and consumed by subscribers. - The message must contain either a non-empty data field or at least one - attribute. Note that client libraries represent this object differently - depending on the language. See the corresponding [client library - documentation](https://cloud.google.com/pubsub/docs/reference/libraries) - for more information. See [quotas and limits] - (https://cloud.google.com/pubsub/quotas) for more information about - message limits. - type: object - properties: - data: - description: >- - Optional. The message data field. If this field is empty, the - message must contain at least one attribute. - type: string - format: byte - attributes: - description: >- - Optional. Attributes for this message. If this field is empty, the - message must contain non-empty data. This can be used to filter - messages on the subscription. - type: object - additionalProperties: - type: string - messageId: - description: >- - ID of this message, assigned by the server when the message is - published. Guaranteed to be unique within the topic. This value may - be read by a subscriber that receives a `PubsubMessage` via a `Pull` - call or a push delivery. It must not be populated by the publisher - in a `Publish` call. - type: string - publishTime: - description: >- - The time at which the message was published, populated by the server - when it receives the `Publish` call. It must not be populated by the - publisher in a `Publish` call. - type: string - format: google-datetime - orderingKey: - description: >- - Optional. If non-empty, identifies related messages for which - publish order should be respected. If a `Subscription` has - `enable_message_ordering` set to `true`, messages published with the - same non-empty `ordering_key` value will be delivered to subscribers - in the order in which they are received by the Pub/Sub system. All - `PubsubMessage`s published in a given `PublishRequest` must specify - the same `ordering_key` value. For more information, see [ordering - messages](https://cloud.google.com/pubsub/docs/ordering). - type: string OperationMetadata: - id: OperationMetadata description: Represents the metadata of the long-running operation. type: object + id: OperationMetadata properties: + apiVersion: + description: Output only. API version used to start the operation. + type: string + readOnly: true createTime: - description: Output only. The time the operation was created. readOnly: true - type: string format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true type: string - format: google-datetime - target: - description: >- - Output only. Server-defined resource path for the target of the - operation. + description: Output only. The time the operation was created. + verb: readOnly: true type: string - verb: description: Output only. Name of the verb executed by the operation. + statusDetail: readOnly: true type: string - statusDetail: description: Output only. Human-readable status of the operation, if any. + endTime: + type: string readOnly: true + format: google-datetime + description: Output only. The time the operation finished running. + target: type: string + description: >- + Output only. Server-defined resource path for the target of the + operation. + readOnly: true cancelRequested: description: >- Output only. Identifies whether the user has requested cancellation @@ -836,15 +839,40 @@ components: google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. readOnly: true type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + PubsubTarget: + id: PubsubTarget + properties: + attributes: + description: >- + Attributes for PubsubMessage. Pubsub message must contain either + non-empty data, or at least one attribute. + type: object + additionalProperties: + type: string + data: + description: >- + The message payload for PubsubMessage. Pubsub message must contain + either non-empty data, or at least one attribute. + format: byte + type: string + topicName: + description: >- + Required. The name of the Cloud Pub/Sub topic to which messages will + be published when a job is delivered. The topic name must be in the + same format as required by Pub/Sub's + [PublishRequest.name](https://cloud.google.com/pubsub/docs/reference/rpc/google.pubsub.v1#publishrequest), + for example `projects/PROJECT_ID/topics/TOPIC_ID`. The topic must be + in the same project as the Cloud Scheduler job. type: string + description: >- + Pub/Sub target. The job will be delivered by publishing a message to the + given Pub/Sub topic. + type: object parameters: - access_token: - description: OAuth access token. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: access_token + name: uploadType schema: type: string alt: @@ -857,39 +885,30 @@ components: - json - media - proto - callback: - description: JSONP + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: callback + name: upload_protocol schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + access_token: + description: OAuth access token. in: query - name: fields + name: access_token schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + callback: + description: JSONP in: query - name: key + name: callback schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: oauth_token + name: fields schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -899,18 +918,12 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: uploadType + name: prettyPrint schema: - type: string + type: boolean _.xgafv: description: V1 error format. in: query @@ -920,6 +933,21 @@ components: enum: - '1' - '2' + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string x-stackQL-resources: locations: id: google.cloudscheduler.locations @@ -947,23 +975,44 @@ components: update: [] replace: [] delete: [] - jobs: - id: google.cloudscheduler.jobs - name: jobs - title: Jobs + cmek_config: + id: google.cloudscheduler.cmek_config + name: cmek_config + title: Cmek_config methods: - list: + update_cmek_config: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cmekConfig/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.jobs - create: + get_cmek_config: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cmekConfig/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/cmek_config/methods/get_cmek_config + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/cmek_config/methods/update_cmek_config + replace: [] + delete: [] + jobs: + id: google.cloudscheduler.jobs + name: jobs + title: Jobs + methods: + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -981,31 +1030,39 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: + run: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}:run/post response: mediaType: application/json openAPIDocKey: '200' - pause: + resume: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}:pause/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}:resume/post response: mediaType: application/json openAPIDocKey: '200' - resume: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}:resume/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs/get response: mediaType: application/json openAPIDocKey: '200' - run: + objectKey: $.jobs + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}:run/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs/post + response: + mediaType: application/json + openAPIDocKey: '200' + pause: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}:pause/post response: mediaType: application/json openAPIDocKey: '200' @@ -1025,31 +1082,35 @@ components: name: operations title: Operations methods: - list: + cancel: operation: - $ref: '#/paths/~1v1~1operations/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - get: + delete: operation: - $ref: '#/paths/~1v1~1operations~1{operationsId}/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: - $ref: '#/paths/~1v1~1operations~1{operationsId}/delete' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - cancel: + list: operation: - $ref: '#/paths/~1v1~1operations~1{operationsId}:cancel/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/operations/methods/get' @@ -1062,17 +1123,17 @@ components: paths: /v1/projects/{projectsId}/locations: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/key' get: description: Lists information about the supported locations for this service. operationId: cloudscheduler.projects.locations.list @@ -1095,7 +1156,11 @@ paths: schema: type: string - in: query - name: filter + name: extraLocationTypes + schema: + type: string + - in: query + name: pageToken schema: type: string - in: query @@ -1104,11 +1169,7 @@ paths: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes + name: filter schema: type: string /v1/projects/{projectsId}/locations/{locationsId}: @@ -1139,11 +1200,106 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/jobs: - parameters: *ref_1 + /v1/projects/{projectsId}/locations/{locationsId}/cmekConfig: + parameters: *ref_1 + patch: + description: Initializes or Updates the a scheduler config. + operationId: cloudscheduler.projects.locations.updateCmekConfig + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CmekConfig' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets the Scheduler config in the project/region. + operationId: cloudscheduler.projects.locations.getCmekConfig + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/CmekConfig' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}: + parameters: *ref_1 + delete: + description: Deletes a job. + operationId: cloudscheduler.projects.locations.jobs.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: jobsId + required: true + schema: + type: string get: - description: Lists jobs. - operationId: cloudscheduler.projects.locations.jobs.list + description: Gets a job. + operationId: cloudscheduler.projects.locations.jobs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1155,7 +1311,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListJobsResponse' + $ref: '#/components/schemas/Job' parameters: - in: path name: projectsId @@ -1167,18 +1323,20 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: jobsId + required: true schema: type: string - post: - description: Creates a job. - operationId: cloudscheduler.projects.locations.jobs.create + patch: + description: >- + Updates a job. If successful, the updated Job is returned. If the job + does not exist, `NOT_FOUND` is returned. If UpdateJob does not + successfully return, it is possible for the job to be in an + Job.State.UPDATE_FAILED state. A job in this state may not be executed. + If this happens, retry the UpdateJob request until a successful response + is received. + operationId: cloudscheduler.projects.locations.jobs.patch requestBody: content: application/json: @@ -1207,11 +1365,28 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}: + - in: path + name: jobsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}:run: parameters: *ref_1 - get: - description: Gets a job. - operationId: cloudscheduler.projects.locations.jobs.get + post: + description: >- + Forces a job to run now. When this method is called, Cloud Scheduler + will dispatch the job, even if the job is already running. + operationId: cloudscheduler.projects.locations.jobs.run + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RunJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1240,20 +1415,20 @@ paths: required: true schema: type: string - patch: + /v1/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}:resume: + parameters: *ref_1 + post: description: >- - Updates a job. If successful, the updated Job is returned. If the job - does not exist, `NOT_FOUND` is returned. If UpdateJob does not - successfully return, it is possible for the job to be in an - Job.State.UPDATE_FAILED state. A job in this state may not be executed. - If this happens, retry the UpdateJob request until a successful response - is received. - operationId: cloudscheduler.projects.locations.jobs.patch + Resume a job. This method reenables a job after it has been + Job.State.PAUSED. The state of a job is stored in Job.state; after + calling this method it will be set to Job.State.ENABLED. A job must be + in Job.State.PAUSED to be resumed. + operationId: cloudscheduler.projects.locations.jobs.resume requestBody: content: application/json: schema: - $ref: '#/components/schemas/Job' + $ref: '#/components/schemas/ResumeJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1282,14 +1457,11 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a job. - operationId: cloudscheduler.projects.locations.jobs.delete + /v1/projects/{projectsId}/locations/{locationsId}/jobs: + parameters: *ref_1 + get: + description: Lists jobs. + operationId: cloudscheduler.projects.locations.jobs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1301,7 +1473,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListJobsResponse' parameters: - in: path name: projectsId @@ -1313,25 +1485,23 @@ paths: required: true schema: type: string - - in: path - name: jobsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}:pause: - parameters: *ref_1 post: - description: >- - Pauses a job. If a job is paused then the system will stop executing the - job until it is re-enabled via ResumeJob. The state of the job is stored - in state; if paused it will be set to Job.State.PAUSED. A job must be in - Job.State.ENABLED to be paused. - operationId: cloudscheduler.projects.locations.jobs.pause + description: Creates a job. + operationId: cloudscheduler.projects.locations.jobs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/PauseJobRequest' + $ref: '#/components/schemas/Job' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1355,25 +1525,20 @@ paths: required: true schema: type: string - - in: path - name: jobsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}:resume: + /v1/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}:pause: parameters: *ref_1 post: description: >- - Resume a job. This method reenables a job after it has been - Job.State.PAUSED. The state of a job is stored in Job.state; after - calling this method it will be set to Job.State.ENABLED. A job must be - in Job.State.PAUSED to be resumed. - operationId: cloudscheduler.projects.locations.jobs.resume + Pauses a job. If a job is paused then the system will stop executing the + job until it is re-enabled via ResumeJob. The state of the job is stored + in state; if paused it will be set to Job.State.PAUSED. A job must be in + Job.State.ENABLED to be paused. + operationId: cloudscheduler.projects.locations.jobs.pause requestBody: content: application/json: schema: - $ref: '#/components/schemas/ResumeJobRequest' + $ref: '#/components/schemas/PauseJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1402,18 +1567,25 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}:run: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Forces a job to run now. When this method is called, Cloud Scheduler - will dispatch the job, even if the job is already running. - operationId: cloudscheduler.projects.locations.jobs.run + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: cloudscheduler.projects.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/RunJobRequest' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1425,7 +1597,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Job' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -1438,48 +1610,58 @@ paths: schema: type: string - in: path - name: jobsId + name: operationsId required: true schema: type: string - /v1/operations: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - get: + delete: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: cloudscheduler.operations.list - security: [] + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: cloudscheduler.projects.locations.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Empty' parameters: - - in: query - name: filter + - in: path + name: projectsId + required: true schema: type: string - - in: query - name: pageSize + - in: path + name: locationsId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: operationsId + required: true schema: type: string - /v1/operations/{operationsId}: - parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: cloudscheduler.operations.get - security: [] + operationId: cloudscheduler.projects.locations.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response @@ -1489,61 +1671,64 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: operationsId + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: cloudscheduler.operations.delete - security: [] - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Empty' - parameters: - in: path name: operationsId required: true schema: type: string - /v1/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: cloudscheduler.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' - security: [] + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: cloudscheduler.projects.locations.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path - name: operationsId + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId required: true schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/cloudshell.yaml b/providers/src/googleapis.com/v00.00.00000/services/cloudshell.yaml index c856dbca..a118df50 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/cloudshell.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/cloudshell.yaml @@ -9,8 +9,8 @@ info: Allows users to start, configure, and connect to interactive shell sessions running in the cloud. version: v1 - x-discovery-doc-revision: '20250815' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251204' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/shell/docs/ servers: @@ -36,138 +36,84 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + AddPublicKeyMetadata: + properties: {} + id: AddPublicKeyMetadata type: object - properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object + Message included in the metadata field of operations returned from + AddPublicKey. + StartEnvironmentMetadata: properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + state: + enumDescriptions: + - The environment's start state is unknown. + - >- + The environment is in the process of being started, but no + additional details are available. + - >- + Startup is waiting for the user's disk to be unarchived. This can + happen when the user returns to Cloud Shell after not having used + it for a while, and suggests that startup will take longer than + normal. + - >- + Startup is waiting for compute resources to be assigned to the + environment. This should normally happen very quickly, but an + environment might stay in this state for an extended period of + time if the system is experiencing heavy load. + - >- + Startup has completed. If the start operation was successful, the + user should be able to establish an SSH connection to their + environment. Otherwise, the operation will contain details of the + failure. type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status + description: Current state of the environment being started. + enum: + - STATE_UNSPECIFIED + - STARTING + - UNARCHIVING_DISK + - AWAITING_COMPUTE_RESOURCES + - FINISHED + id: StartEnvironmentMetadata + type: object description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + Message included in the metadata field of operations returned from + StartEnvironment. + AuthorizeEnvironmentResponse: + id: AuthorizeEnvironmentResponse + description: Response message for AuthorizeEnvironment. + properties: {} type: object + StartEnvironmentResponse: properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + environment: + $ref: '#/components/schemas/Environment' + description: Environment that was started. + id: StartEnvironmentResponse type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. + description: >- + Message included in the response field of operations returned from + StartEnvironment once the operation is complete. + DeleteEnvironmentMetadata: type: object + description: >- + Message included in the metadata field of operations returned from + DeleteEnvironment. properties: {} + id: DeleteEnvironmentMetadata Environment: - id: Environment - description: >- - A Cloud Shell environment, which is defined as the combination of a - Docker image specifying what is installed on the environment and a home - directory containing the user's data that will remain across sessions. - Each user has at least an environment with the ID "default". type: object properties: - name: - description: >- - Immutable. Full name of this resource, in the format - `users/{owner_email}/environments/{environment_id}`. `{owner_email}` - is the email address of the user to whom this environment belongs, - and `{environment_id}` is the identifier of this environment. For - example, `users/someone@example.com/environments/default`. + sshHost: type: string - id: description: >- - Output only. The environment's identifier, unique among the user's - environments. + Output only. Host to which clients can connect to initiate SSH + sessions with the environment. + readOnly: true + sshUsername: + description: >- + Output only. Username that clients should use when initiating SSH + sessions with the environment. readOnly: true type: string dockerImage: @@ -175,9 +121,32 @@ components: Required. Immutable. Full path to the Docker image used to run this environment, e.g. "gcr.io/dev-con/cloud-devshell:latest". type: string + sshPort: + readOnly: true + description: >- + Output only. Port to which clients can connect to initiate SSH + sessions with the environment. + format: int32 + type: integer + id: + readOnly: true + type: string + description: >- + Output only. The environment's identifier, unique among the user's + environments. + publicKeys: + description: >- + Output only. Public keys associated with the environment. Clients + can connect to this environment via SSH only if they possess a + private key corresponding to at least one of these public keys. Keys + can be added to or removed from the environment using the + AddPublicKey and RemovePublicKey methods. + items: + type: string + readOnly: true + type: array state: description: Output only. Current execution state of this environment. - readOnly: true type: string enumDescriptions: - The environment's states is unknown. @@ -192,89 +161,84 @@ components: will automatically transition back to DISABLED after a period of inactivity or if another environment is started. - The environment is being deleted and can't be connected to. + readOnly: true enum: - STATE_UNSPECIFIED - SUSPENDED - PENDING - RUNNING - DELETING - webHost: - description: >- - Output only. Host to which clients can connect to initiate HTTPS or - WSS connections with the environment. - readOnly: true - type: string - sshUsername: - description: >- - Output only. Username that clients should use when initiating SSH - sessions with the environment. - readOnly: true + name: type: string - sshHost: description: >- - Output only. Host to which clients can connect to initiate SSH - sessions with the environment. + Immutable. Full name of this resource, in the format + `users/{owner_email}/environments/{environment_id}`. `{owner_email}` + is the email address of the user to whom this environment belongs, + and `{environment_id}` is the identifier of this environment. For + example, `users/someone@example.com/environments/default`. + webHost: readOnly: true type: string - sshPort: description: >- - Output only. Port to which clients can connect to initiate SSH - sessions with the environment. - readOnly: true - type: integer - format: int32 - publicKeys: - description: >- - Output only. Public keys associated with the environment. Clients - can connect to this environment via SSH only if they possess a - private key corresponding to at least one of these public keys. Keys - can be added to or removed from the environment using the - AddPublicKey and RemovePublicKey methods. - readOnly: true - type: array - items: - type: string - StartEnvironmentRequest: - id: StartEnvironmentRequest - description: Request message for StartEnvironment. + Output only. Host to which clients can connect to initiate HTTPS or + WSS connections with the environment. + description: >- + A Cloud Shell environment, which is defined as the combination of a + Docker image specifying what is installed on the environment and a home + directory containing the user's data that will remain across sessions. + Each user has at least an environment with the ID "default". + id: Environment + RemovePublicKeyMetadata: + properties: {} type: object + description: >- + Message included in the metadata field of operations returned from + RemovePublicKey. + id: RemovePublicKeyMetadata + Empty: + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + properties: {} + id: Empty + type: object + CreateEnvironmentMetadata: + description: >- + Message included in the metadata field of operations returned from + CreateEnvironment. + properties: {} + id: CreateEnvironmentMetadata + type: object + RemovePublicKeyRequest: properties: - accessToken: - description: >- - The initial access token passed to the environment. If this is - present and valid, the environment will be pre-authenticated with - gcloud so that the user can run gcloud commands in Cloud Shell - without having to log in. This code can be updated later by calling - AuthorizeEnvironment. - type: string - publicKeys: - description: >- - Public keys that should be added to the environment before it is - started. - type: array - items: - type: string + key: + description: Key that should be removed from the environment. + type: string + id: RemovePublicKeyRequest + description: Request message for RemovePublicKey. + type: object AuthorizeEnvironmentRequest: - id: AuthorizeEnvironmentRequest description: Request message for AuthorizeEnvironment. type: object + id: AuthorizeEnvironmentRequest properties: - accessToken: - description: The OAuth access token that should be sent to the environment. - type: string - idToken: - description: The OAuth ID token that should be sent to the environment. - type: string expireTime: description: >- The time when the credentials expire. If not set, defaults to one hour from when the server received the request. type: string format: google-datetime + accessToken: + type: string + description: The OAuth access token that should be sent to the environment. + idToken: + type: string + description: The OAuth ID token that should be sent to the environment. AddPublicKeyRequest: - id: AddPublicKeyRequest description: Request message for AddPublicKey. - type: object + id: AddPublicKeyRequest properties: key: description: >- @@ -285,113 +249,166 @@ components: structured as , where part is encoded with Base64. type: string - RemovePublicKeyRequest: - id: RemovePublicKeyRequest - description: Request message for RemovePublicKey. type: object + GenerateAccessTokenResponse: properties: - key: - description: Key that should be removed from the environment. + accessToken: type: string - AddPublicKeyMetadata: - id: AddPublicKeyMetadata - description: >- - Message included in the metadata field of operations returned from - AddPublicKey. + description: The access token. type: object - properties: {} + description: Response message for GenerateAccessToken. + id: GenerateAccessTokenResponse AddPublicKeyResponse: - id: AddPublicKeyResponse description: Response message for AddPublicKey. - type: object properties: key: description: Key that was added to the environment. type: string + id: AddPublicKeyResponse + type: object AuthorizeEnvironmentMetadata: - id: AuthorizeEnvironmentMetadata + properties: {} description: >- Message included in the metadata field of operations returned from AuthorizeEnvironment. + id: AuthorizeEnvironmentMetadata type: object - properties: {} - AuthorizeEnvironmentResponse: - id: AuthorizeEnvironmentResponse - description: Response message for AuthorizeEnvironment. - type: object - properties: {} - CreateEnvironmentMetadata: - id: CreateEnvironmentMetadata - description: >- - Message included in the metadata field of operations returned from - CreateEnvironment. + Operation: type: object - properties: {} - DeleteEnvironmentMetadata: - id: DeleteEnvironmentMetadata + id: Operation + properties: + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + response: + type: object + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + error: + $ref: '#/components/schemas/Status' + description: >- + The error result of the operation in case of failure or + cancellation. + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string + metadata: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object description: >- - Message included in the metadata field of operations returned from - DeleteEnvironment. + This resource represents a long-running operation that is the result of + a network API call. + ListOperationsResponse: + id: ListOperationsResponse + description: The response message for Operations.ListOperations. + properties: + unreachable: + type: array + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + items: + type: string + nextPageToken: + description: The standard List next-page token. + type: string + operations: + items: + $ref: '#/components/schemas/Operation' + type: array + description: >- + A list of operations that matches the specified filter in the + request. type: object + CancelOperationRequest: + description: The request message for Operations.CancelOperation. properties: {} - RemovePublicKeyMetadata: - id: RemovePublicKeyMetadata - description: >- - Message included in the metadata field of operations returned from - RemovePublicKey. type: object - properties: {} - RemovePublicKeyResponse: - id: RemovePublicKeyResponse - description: Response message for RemovePublicKey. + id: CancelOperationRequest + Status: type: object - properties: {} - StartEnvironmentMetadata: - id: StartEnvironmentMetadata + id: Status description: >- - Message included in the metadata field of operations returned from - StartEnvironment. - type: object + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). properties: - state: - description: Current state of the environment being started. + details: + type: array + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - enumDescriptions: - - The environment's start state is unknown. - - >- - The environment is in the process of being started, but no - additional details are available. - - >- - Startup is waiting for the user's disk to be unarchived. This can - happen when the user returns to Cloud Shell after not having used - it for a while, and suggests that startup will take longer than - normal. - - >- - Startup is waiting for compute resources to be assigned to the - environment. This should normally happen very quickly, but an - environment might stay in this state for an extended period of - time if the system is experiencing heavy load. - - >- - Startup has completed. If the start operation was successful, the - user should be able to establish an SSH connection to their - environment. Otherwise, the operation will contain details of the - failure. - enum: - - STATE_UNSPECIFIED - - STARTING - - UNARCHIVING_DISK - - AWAITING_COMPUTE_RESOURCES - - FINISHED - StartEnvironmentResponse: - id: StartEnvironmentResponse - description: >- - Message included in the response field of operations returned from - StartEnvironment once the operation is complete. + code: + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + StartEnvironmentRequest: + description: Request message for StartEnvironment. type: object + id: StartEnvironmentRequest properties: - environment: - description: Environment that was started. - $ref: '#/components/schemas/Environment' + accessToken: + description: >- + The initial access token passed to the environment. If this is + present and valid, the environment will be pre-authenticated with + gcloud so that the user can run gcloud commands in Cloud Shell + without having to log in. This code can be updated later by calling + AuthorizeEnvironment. + type: string + publicKeys: + items: + type: string + type: array + description: >- + Public keys that should be added to the environment before it is + started. + RemovePublicKeyResponse: + type: object + properties: {} + id: RemovePublicKeyResponse + description: Response message for RemovePublicKey. parameters: access_token: description: OAuth access token. @@ -399,6 +416,18 @@ components: name: access_token schema: type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + callback: + description: JSONP + in: query + name: callback + schema: + type: string alt: description: Data format for response. in: query @@ -409,12 +438,27 @@ components: - json - media - proto - callback: - description: JSONP + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: callback + name: prettyPrint schema: - type: string + type: boolean fields: description: Selector specifying which fields to include in a partial response. in: query @@ -430,18 +474,12 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: oauth_token + name: uploadType schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -451,58 +489,37 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - _.xgafv: - description: V1 error format. - in: query - name: $.xgafv - schema: - type: string - enum: - - '1' - - '2' x-stackQL-resources: operations: id: google.cloudshell.operations name: operations title: Operations methods: - list: + cancel: operation: - $ref: '#/paths/~1v1~1operations/get' + $ref: '#/paths/~1v1~1operations~1{operationsId}:cancel/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - get: + delete: operation: - $ref: '#/paths/~1v1~1operations~1{operationsId}/get' + $ref: '#/paths/~1v1~1operations~1{operationsId}/delete' response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: - $ref: '#/paths/~1v1~1operations~1{operationsId}/delete' + $ref: '#/paths/~1v1~1operations~1{operationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - cancel: + list: operation: - $ref: '#/paths/~1v1~1operations~1{operationsId}:cancel/post' + $ref: '#/paths/~1v1~1operations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/operations/methods/get' @@ -517,12 +534,6 @@ components: name: environments title: Environments methods: - get: - operation: - $ref: '#/paths/~1v1~1users~1{usersId}~1environments~1{environmentsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' start: operation: $ref: >- @@ -537,6 +548,19 @@ components: response: mediaType: application/json openAPIDocKey: '200' + generate_access_token: + operation: + $ref: >- + #/paths/~1v1~1users~1{usersId}~1environments~1{environmentsId}:generateAccessToken/get + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: '#/paths/~1v1~1users~1{usersId}~1environments~1{environmentsId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/environments/methods/get' @@ -574,58 +598,36 @@ components: - $ref: >- #/components/x-stackQL-resources/public_keys/methods/remove_public_key paths: - /v1/operations: + /v1/operations/{operationsId}:cancel: parameters: &ref_1 - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: cloudshell.operations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListOperationsResponse' - parameters: - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/operations/{operationsId}: - parameters: *ref_1 - get: + - $ref: '#/components/parameters/quotaUser' + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: cloudshell.operations.get + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: cloudshell.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -637,13 +639,15 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: operationsId required: true schema: type: string + /v1/operations/{operationsId}: + parameters: *ref_1 delete: description: >- Deletes a long-running operation. This method indicates that the client @@ -669,25 +673,12 @@ paths: required: true schema: type: string - /v1/operations/{operationsId}:cancel: - parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: cloudshell.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: cloudshell.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -699,20 +690,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: operationsId required: true schema: type: string - /v1/users/{usersId}/environments/{environmentsId}: + /v1/operations: parameters: *ref_1 get: description: >- - Gets an environment. Returns NOT_FOUND if the environment does not - exist. - operationId: cloudshell.users.environments.get + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: cloudshell.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -724,16 +715,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Environment' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - - in: path - name: usersId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - - in: path - name: environmentsId - required: true + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter schema: type: string /v1/users/{usersId}/environments/{environmentsId}:start: @@ -849,6 +847,44 @@ paths: required: true schema: type: string + /v1/users/{usersId}/environments/{environmentsId}:generateAccessToken: + parameters: *ref_1 + get: + description: Generates an access token for the user's environment. + operationId: cloudshell.users.environments.generateAccessToken + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GenerateAccessTokenResponse' + parameters: + - in: path + name: usersId + required: true + schema: + type: string + - in: path + name: environmentsId + required: true + schema: + type: string + - in: query + name: ttl + schema: + type: string + format: google-duration + - in: query + name: expireTime + schema: + type: string + format: google-datetime /v1/users/{usersId}/environments/{environmentsId}:removePublicKey: parameters: *ref_1 post: @@ -886,3 +922,33 @@ paths: required: true schema: type: string + /v1/users/{usersId}/environments/{environmentsId}: + parameters: *ref_1 + get: + description: >- + Gets an environment. Returns NOT_FOUND if the environment does not + exist. + operationId: cloudshell.users.environments.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' + parameters: + - in: path + name: usersId + required: true + schema: + type: string + - in: path + name: environmentsId + required: true + schema: + type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/cloudsupport.yaml b/providers/src/googleapis.com/v00.00.00000/services/cloudsupport.yaml index e503f01f..925d3d78 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/cloudsupport.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/cloudsupport.yaml @@ -9,8 +9,8 @@ info: Manages Google Cloud technical support cases for Customer Care support offerings. version: v2 - x-discovery-doc-revision: '20250826' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251208' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/support/docs/apis servers: @@ -36,484 +36,253 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListAttachmentsResponse: - id: ListAttachmentsResponse - description: The response message for the ListAttachments endpoint. + DiffChecksumsResponse: + description: '# gdata.* are outside protos with mising documentation' type: object + id: DiffChecksumsResponse properties: - attachments: - description: The list of attachments associated with a case. - type: array + objectLocation: + $ref: '#/components/schemas/CompositeMedia' + description: '# gdata.* are outside protos with mising documentation' + checksumsLocation: + description: '# gdata.* are outside protos with mising documentation' + $ref: '#/components/schemas/CompositeMedia' + objectSizeBytes: + description: '# gdata.* are outside protos with mising documentation' + type: string + format: int64 + chunkSizeBytes: + type: string + description: '# gdata.* are outside protos with mising documentation' + format: int64 + objectVersion: + type: string + description: '# gdata.* are outside protos with mising documentation' + DiffUploadResponse: + description: '# gdata.* are outside protos with mising documentation' + type: object + properties: + objectVersion: + description: '# gdata.* are outside protos with mising documentation' + type: string + originalObject: + description: '# gdata.* are outside protos with mising documentation' + $ref: '#/components/schemas/CompositeMedia' + id: DiffUploadResponse + SearchCasesResponse: + type: object + description: The response message for the SearchCases endpoint. + id: SearchCasesResponse + properties: + cases: + description: >- + The list of cases associated with the parent after any filters have + been applied. items: - $ref: '#/components/schemas/Attachment' + $ref: '#/components/schemas/Case' + type: array nextPageToken: description: >- A token to retrieve the next page of results. Set this in the - `page_token` field of subsequent `cases.attachments.list` requests. - If unspecified, there are no more results to retrieve. + `page_token` field of subsequent `cases.search` requests. If + unspecified, there are no more results to retrieve. type: string - Attachment: - id: Attachment - description: >- - An Attachment contains metadata about a file that was uploaded to a case - - it is NOT a file itself. That being said, the name of an Attachment - object can be used to download its accompanying file through the - `media.download` endpoint. While attachments can be uploaded in the - console at the same time as a comment, they're associated on a "case" - level, not a "comment" level. + ObjectId: + description: '# gdata.* are outside protos with mising documentation' + id: ObjectId type: object properties: - name: - description: Output only. Identifier. The resource name of the attachment. - readOnly: true - type: string - createTime: - description: Output only. The time at which the attachment was created. - readOnly: true - type: string - format: google-datetime - creator: - description: >- - Output only. The user who uploaded the attachment. Note, the name - and email will be obfuscated if the attachment was uploaded by - Google support. - readOnly: true - $ref: '#/components/schemas/Actor' - filename: - description: The filename of the attachment (e.g. `"graph.jpg"`). + generation: + description: '# gdata.* are outside protos with mising documentation' type: string - mimeType: - description: Output only. The MIME type of the attachment (e.g. text/plain). - readOnly: true + format: int64 + objectName: type: string - sizeBytes: - description: Output only. The size of the attachment in bytes. - readOnly: true + description: '# gdata.* are outside protos with mising documentation' + bucketName: type: string - format: int64 - Actor: - id: Actor - description: >- - An Actor represents an entity that performed an action. For example, an - actor could be a user who posted a comment on a support case, a user who - uploaded an attachment, or a service account that created a support - case. - type: object + description: '# gdata.* are outside protos with mising documentation' + ListCasesResponse: properties: - displayName: - description: >- - The name to display for the actor. If not provided, it is inferred - from credentials supplied during case creation. When an email is - provided, a display name must also be provided. This will be - obfuscated if the user is a Google Support agent. + nextPageToken: type: string - email: description: >- - The email address of the actor. If not provided, it is inferred from - the credentials supplied during case creation. When a name is - provided, an email must also be provided. If the user is a Google - Support agent, this is obfuscated. This field is deprecated. Use - `username` instead. - deprecated: true - type: string - googleSupport: - description: Output only. Whether the actor is a Google support actor. - readOnly: true - type: boolean - username: + A token to retrieve the next page of results. Set this in the + `page_token` field of subsequent `cases.list` requests. If + unspecified, there are no more results to retrieve. + cases: + type: array + items: + $ref: '#/components/schemas/Case' description: >- - Output only. The username of the actor. It may look like an email or - other format provided by the identity provider. If not provided, it - is inferred from the credentials supplied. When a name is provided, - a username must also be provided. If the user is a Google Support - agent, this will not be set. - readOnly: true - type: string - CreateAttachmentRequest: - id: CreateAttachmentRequest - description: The request message for the CreateAttachment endpoint. + The list of cases associated with the parent after any filters have + been applied. type: object - properties: - attachment: - description: Required. The attachment to be created. - $ref: '#/components/schemas/Attachment' - Media: - id: Media + id: ListCasesResponse + description: The response message for the ListCases endpoint. + CompositeMedia: description: '# gdata.* are outside protos with mising documentation' - type: object + id: CompositeMedia properties: - contentType: + objectId: + $ref: '#/components/schemas/ObjectId' description: '# gdata.* are outside protos with mising documentation' - type: string - timestamp: + md5Hash: description: '# gdata.* are outside protos with mising documentation' type: string - format: uint64 - token: - description: '# gdata.* are outside protos with mising documentation' + format: byte + path: type: string - length: description: '# gdata.* are outside protos with mising documentation' + crc32cHash: + format: uint32 + type: integer + description: '# gdata.* are outside protos with mising documentation' + length: type: string format: int64 - filename: + description: '# gdata.* are outside protos with mising documentation' + cosmoBinaryReference: + format: byte description: '# gdata.* are outside protos with mising documentation' type: string referenceType: - description: '# gdata.* are outside protos with mising documentation' type: string - enumDescriptions: - - '# gdata.* are outside protos with mising documentation' - - '# gdata.* are outside protos with mising documentation' - - '# gdata.* are outside protos with mising documentation' - - '# gdata.* are outside protos with mising documentation' - - '# gdata.* are outside protos with mising documentation' - - '# gdata.* are outside protos with mising documentation' - - '# gdata.* are outside protos with mising documentation' - - '# gdata.* are outside protos with mising documentation' - - '# gdata.* are outside protos with mising documentation' - - '# gdata.* are outside protos with mising documentation' - - '# gdata.* are outside protos with mising documentation' - - '# gdata.* are outside protos with mising documentation' - - '# gdata.* are outside protos with mising documentation' enum: - PATH - BLOB_REF - INLINE - - GET_MEDIA - - COMPOSITE_MEDIA - BIGSTORE_REF - - DIFF_VERSION_RESPONSE - - DIFF_CHECKSUMS_RESPONSE - - DIFF_DOWNLOAD_RESPONSE - - DIFF_UPLOAD_REQUEST - - DIFF_UPLOAD_RESPONSE - COSMO_BINARY_REFERENCE - - ARBITRARY_BYTES - path: + enumDescriptions: + - '# gdata.* are outside protos with mising documentation' + - '# gdata.* are outside protos with mising documentation' + - '# gdata.* are outside protos with mising documentation' + - '# gdata.* are outside protos with mising documentation' + - '# gdata.* are outside protos with mising documentation' + description: '# gdata.* are outside protos with mising documentation' + blobstore2Info: description: '# gdata.* are outside protos with mising documentation' + $ref: '#/components/schemas/Blobstore2Info' + sha1Hash: type: string + description: '# gdata.* are outside protos with mising documentation' + format: byte blobRef: description: '# gdata.* are outside protos with mising documentation' - deprecated: true type: string format: byte + deprecated: true inline: - description: '# gdata.* are outside protos with mising documentation' type: string - format: byte - mediaId: description: '# gdata.* are outside protos with mising documentation' - type: string format: byte - hash: + type: object + ContentTypeInfo: + id: ContentTypeInfo + properties: + bestGuess: description: '# gdata.* are outside protos with mising documentation' - deprecated: true type: string - algorithm: + fromFileName: description: '# gdata.* are outside protos with mising documentation' - deprecated: true type: string - compositeMedia: - description: '# gdata.* are outside protos with mising documentation' - type: array - items: - $ref: '#/components/schemas/CompositeMedia' - bigstoreObjectRef: - description: '# gdata.* are outside protos with mising documentation' - deprecated: true + fromBytes: type: string - format: byte - objectId: description: '# gdata.* are outside protos with mising documentation' - $ref: '#/components/schemas/ObjectId' - blobstore2Info: - description: '# gdata.* are outside protos with mising documentation' - $ref: '#/components/schemas/Blobstore2Info' - diffVersionResponse: - description: '# gdata.* are outside protos with mising documentation' - $ref: '#/components/schemas/DiffVersionResponse' - diffChecksumsResponse: + fromHeader: + type: string description: '# gdata.* are outside protos with mising documentation' - $ref: '#/components/schemas/DiffChecksumsResponse' - diffDownloadResponse: + fromUrlPath: + type: string description: '# gdata.* are outside protos with mising documentation' - $ref: '#/components/schemas/DiffDownloadResponse' - diffUploadRequest: - description: '# gdata.* are outside protos with mising documentation' - $ref: '#/components/schemas/DiffUploadRequest' - diffUploadResponse: - description: '# gdata.* are outside protos with mising documentation' - $ref: '#/components/schemas/DiffUploadResponse' - contentTypeInfo: - description: '# gdata.* are outside protos with mising documentation' - $ref: '#/components/schemas/ContentTypeInfo' - downloadParameters: - description: '# gdata.* are outside protos with mising documentation' - $ref: '#/components/schemas/DownloadParameters' - crc32cHash: - description: '# gdata.* are outside protos with mising documentation' - type: integer - format: uint32 - md5Hash: - description: '# gdata.* are outside protos with mising documentation' - type: string - format: byte - sha1Hash: - description: '# gdata.* are outside protos with mising documentation' - type: string - format: byte - sha256Hash: - description: '# gdata.* are outside protos with mising documentation' - type: string - format: byte - isPotentialRetry: - description: '# gdata.* are outside protos with mising documentation' - type: boolean - cosmoBinaryReference: - description: '# gdata.* are outside protos with mising documentation' - type: string - format: byte - hashVerified: - description: '# gdata.* are outside protos with mising documentation' - type: boolean - CompositeMedia: - id: CompositeMedia - description: '# gdata.* are outside protos with mising documentation' type: object - properties: - length: - description: '# gdata.* are outside protos with mising documentation' - type: string - format: int64 - referenceType: - description: '# gdata.* are outside protos with mising documentation' - type: string - enumDescriptions: - - '# gdata.* are outside protos with mising documentation' - - '# gdata.* are outside protos with mising documentation' - - '# gdata.* are outside protos with mising documentation' - - '# gdata.* are outside protos with mising documentation' - - '# gdata.* are outside protos with mising documentation' - enum: - - PATH - - BLOB_REF - - INLINE - - BIGSTORE_REF - - COSMO_BINARY_REFERENCE - path: - description: '# gdata.* are outside protos with mising documentation' - type: string - blobRef: - description: '# gdata.* are outside protos with mising documentation' - deprecated: true - type: string - format: byte - inline: - description: '# gdata.* are outside protos with mising documentation' - type: string - format: byte - objectId: - description: '# gdata.* are outside protos with mising documentation' - $ref: '#/components/schemas/ObjectId' - blobstore2Info: - description: '# gdata.* are outside protos with mising documentation' - $ref: '#/components/schemas/Blobstore2Info' - cosmoBinaryReference: - description: '# gdata.* are outside protos with mising documentation' - type: string - format: byte - crc32cHash: - description: '# gdata.* are outside protos with mising documentation' - type: integer - format: uint32 - md5Hash: - description: '# gdata.* are outside protos with mising documentation' - type: string - format: byte - sha1Hash: - description: '# gdata.* are outside protos with mising documentation' - type: string - format: byte - ObjectId: - id: ObjectId description: '# gdata.* are outside protos with mising documentation' - type: object + CreateAttachmentRequest: + id: CreateAttachmentRequest properties: - bucketName: - description: '# gdata.* are outside protos with mising documentation' - type: string - objectName: - description: '# gdata.* are outside protos with mising documentation' - type: string - generation: - description: '# gdata.* are outside protos with mising documentation' - type: string - format: int64 + attachment: + description: Required. The attachment to be created. + $ref: '#/components/schemas/Attachment' + type: object + description: The request message for the CreateAttachment endpoint. Blobstore2Info: + type: object id: Blobstore2Info description: '# gdata.* are outside protos with mising documentation' - type: object properties: - blobId: + downloadExternalReadToken: + format: byte description: '# gdata.* are outside protos with mising documentation' type: string - blobGeneration: + blobId: description: '# gdata.* are outside protos with mising documentation' type: string - format: int64 readToken: - description: '# gdata.* are outside protos with mising documentation' type: string - uploadMetadataContainer: description: '# gdata.* are outside protos with mising documentation' + uploadMetadataContainer: type: string format: byte - downloadReadHandle: description: '# gdata.* are outside protos with mising documentation' - type: string + downloadReadHandle: format: byte - DiffVersionResponse: - id: DiffVersionResponse - description: '# gdata.* are outside protos with mising documentation' - type: object - properties: - objectVersion: - description: '# gdata.* are outside protos with mising documentation' - type: string - objectSizeBytes: - description: '# gdata.* are outside protos with mising documentation' - type: string - format: int64 - DiffChecksumsResponse: - id: DiffChecksumsResponse - description: '# gdata.* are outside protos with mising documentation' - type: object - properties: - objectVersion: - description: '# gdata.* are outside protos with mising documentation' - type: string - objectSizeBytes: - description: '# gdata.* are outside protos with mising documentation' type: string - format: int64 - chunkSizeBytes: description: '# gdata.* are outside protos with mising documentation' - type: string + blobGeneration: format: int64 - checksumsLocation: - description: '# gdata.* are outside protos with mising documentation' - $ref: '#/components/schemas/CompositeMedia' - objectLocation: - description: '# gdata.* are outside protos with mising documentation' - $ref: '#/components/schemas/CompositeMedia' - DiffDownloadResponse: - id: DiffDownloadResponse - description: '# gdata.* are outside protos with mising documentation' - type: object - properties: - objectLocation: - description: '# gdata.* are outside protos with mising documentation' - $ref: '#/components/schemas/CompositeMedia' - DiffUploadRequest: - id: DiffUploadRequest - description: '# gdata.* are outside protos with mising documentation' - type: object - properties: - objectVersion: - description: '# gdata.* are outside protos with mising documentation' - type: string - objectInfo: - description: '# gdata.* are outside protos with mising documentation' - $ref: '#/components/schemas/CompositeMedia' - checksumsInfo: - description: '# gdata.* are outside protos with mising documentation' - $ref: '#/components/schemas/CompositeMedia' - DiffUploadResponse: - id: DiffUploadResponse - description: '# gdata.* are outside protos with mising documentation' - type: object - properties: - objectVersion: - description: '# gdata.* are outside protos with mising documentation' - type: string - originalObject: - description: '# gdata.* are outside protos with mising documentation' - $ref: '#/components/schemas/CompositeMedia' - ContentTypeInfo: - id: ContentTypeInfo - description: '# gdata.* are outside protos with mising documentation' - type: object - properties: - bestGuess: - description: '# gdata.* are outside protos with mising documentation' - type: string - fromHeader: - description: '# gdata.* are outside protos with mising documentation' - type: string - fromFileName: - description: '# gdata.* are outside protos with mising documentation' - type: string - fromUrlPath: - description: '# gdata.* are outside protos with mising documentation' type: string - fromBytes: - description: '# gdata.* are outside protos with mising documentation' - type: string - DownloadParameters: - id: DownloadParameters - description: '# gdata.* are outside protos with mising documentation' - type: object - properties: - allowGzipCompression: - description: '# gdata.* are outside protos with mising documentation' - type: boolean - ignoreRange: description: '# gdata.* are outside protos with mising documentation' - type: boolean Case: - id: Case - description: >- - A Case is an object that contains the details of a support case. It - contains fields for the time it was created, its priority, its - classification, and more. Cases can also have comments and attachments - that get added over time. A case is parented by a Google Cloud - organization or project. Organizations are identified by a number, so - the name of a case parented by an organization would look like this: ``` - organizations/123/cases/456 ``` Projects have two unique identifiers, an - ID and a number, and they look like this: ``` projects/abc/cases/456 ``` - ``` projects/123/cases/456 ``` You can use either of them when calling - the API. To learn more about project identifiers, see - [AIP-2510](https://google.aip.dev/cloud/2510). - type: object properties: - name: - description: Identifier. The resource name for the case. - type: string displayName: - description: The short summary of the issue reported in this case. - type: string - description: - description: A broad description of the issue. - type: string - classification: - description: The issue classification applicable to this case. - $ref: '#/components/schemas/CaseClassification' - timeZone: - description: >- - The timezone of the user who created the support case. It should be - in a format IANA recognizes: https://www.iana.org/time-zones. There - is no additional validation done by the API. type: string + description: The short summary of the issue reported in this case. subscriberEmailAddresses: - description: The email addresses to receive updates on this case. type: array items: type: string - state: - description: Output only. The current status of the support case. - readOnly: true + description: The email addresses to receive updates on this case. + contactEmail: + description: >- + A user-supplied email address to send case update notifications for. + This should only be used in BYOID flows, where we cannot infer the + user's email address directly from their EUCs. + type: string + creator: + description: >- + The user who created the case. Note: The name and email will be + obfuscated if the case was created by Google Support. + $ref: '#/components/schemas/Actor' + testCase: + type: boolean + description: >- + Whether this case was created for internal API testing and should + not be acted on by the support team. + createTime: + readOnly: true + format: google-datetime + description: Output only. The time this case was created. + type: string + description: + type: string + description: A broad description of the issue. + timeZone: + type: string + description: >- + The timezone of the user who created the support case. It should be + in a format IANA recognizes: https://www.iana.org/time-zones. There + is no additional validation done by the API. + state: + enum: + - STATE_UNSPECIFIED + - NEW + - IN_PROGRESS_GOOGLE_SUPPORT + - ACTION_REQUIRED + - SOLUTION_PROVIDED + - CLOSED type: string + description: Output only. The current status of the support case. enumDescriptions: - Case is in an unknown state. - >- @@ -523,56 +292,13 @@ components: - Google is waiting for a response. - A solution has been offered for the case, but it isn't yet closed. - The case has been resolved. - enum: - - STATE_UNSPECIFIED - - NEW - - IN_PROGRESS_GOOGLE_SUPPORT - - ACTION_REQUIRED - - SOLUTION_PROVIDED - - CLOSED - createTime: - description: Output only. The time this case was created. readOnly: true - type: string - format: google-datetime updateTime: description: Output only. The time this case was last updated. readOnly: true - type: string format: google-datetime - creator: - description: >- - The user who created the case. Note: The name and email will be - obfuscated if the case was created by Google Support. - $ref: '#/components/schemas/Actor' - contactEmail: - description: >- - A user-supplied email address to send case update notifications for. - This should only be used in BYOID flows, where we cannot infer the - user's email address directly from their EUCs. - type: string - escalated: - description: Whether the case is currently escalated. - type: boolean - testCase: - description: >- - Whether this case was created for internal API testing and should - not be acted on by the support team. - type: boolean - languageCode: - description: >- - The language the user has requested to receive support in. This - should be a BCP 47 language code (e.g., `"en"`, `"zh-CN"`, - `"zh-TW"`, `"ja"`, `"ko"`). If no language or an unsupported - language is specified, this field defaults to English (en). Language - selection during case creation may affect your available support - options. For a list of supported languages and their support working - hours, see: - https://cloud.google.com/support/docs/language-working-hours type: string priority: - description: The priority of this case. - type: string enumDescriptions: - Priority is undefined or has not been set yet. - Extreme impact on a production service. Service is hard down. @@ -588,6 +314,7 @@ components: - >- General questions or minor issues. Production service is fully available. + description: The priority of this case. enum: - PRIORITY_UNSPECIFIED - P0 @@ -595,225 +322,480 @@ components: - P2 - P3 - P4 - CaseClassification: - id: CaseClassification - description: >- - A Case Classification represents the topic that a case is about. It's - very important to use accurate classifications, because they're used to - route your cases to specialists who can help you. A classification - always has an ID that is its unique identifier. A valid ID is required - when creating a case. - type: object - properties: - id: - description: >- - The unique ID for a classification. Must be specified for case - creation. To retrieve valid classification IDs for case creation, - use `caseClassifications.search`. Classification IDs returned by - `caseClassifications.search` are guaranteed to be valid for at least - 6 months. If a given classification is deactiveated, it will - immediately stop being returned. After 6 months, `case.create` - requests using the classification ID will fail. type: string - displayName: + languageCode: + type: string description: >- - A display name for the classification. The display name is not - static and can change. To uniquely and consistently identify - classifications, use the `CaseClassification.id` field. + The language the user has requested to receive support in. This + should be a BCP 47 language code (e.g., `"en"`, `"zh-CN"`, + `"zh-TW"`, `"ja"`, `"ko"`). If no language or an unsupported + language is specified, this field defaults to English (en). Language + selection during case creation may affect your available support + options. For a list of supported languages and their support working + hours, see: + https://cloud.google.com/support/docs/language-working-hours + name: type: string - ListCasesResponse: - id: ListCasesResponse - description: The response message for the ListCases endpoint. + description: Identifier. The resource name for the case. + escalated: + description: Whether the case is currently escalated. + type: boolean + classification: + description: The issue classification applicable to this case. + $ref: '#/components/schemas/CaseClassification' + id: Case + type: object + description: >- + A Case is an object that contains the details of a support case. It + contains fields for the time it was created, its priority, its + classification, and more. Cases can also have comments and attachments + that get added over time. A case is parented by a Google Cloud + organization or project. Organizations are identified by a number, so + the name of a case parented by an organization would look like this: ``` + organizations/123/cases/456 ``` Projects have two unique identifiers, an + ID and a number, and they look like this: ``` projects/abc/cases/456 ``` + ``` projects/123/cases/456 ``` You can use either of them when calling + the API. To learn more about project identifiers, see + [AIP-2510](https://google.aip.dev/cloud/2510). + CloseCaseRequest: + description: The request message for the CloseCase endpoint. + properties: {} type: object + id: CloseCaseRequest + DownloadParameters: properties: - cases: - description: >- - The list of cases associated with the parent after any filters have - been applied. - type: array - items: - $ref: '#/components/schemas/Case' - nextPageToken: - description: >- - A token to retrieve the next page of results. Set this in the - `page_token` field of subsequent `cases.list` requests. If - unspecified, there are no more results to retrieve. - type: string - SearchCasesResponse: - id: SearchCasesResponse - description: The response message for the SearchCases endpoint. + ignoreRange: + description: '# gdata.* are outside protos with mising documentation' + type: boolean + allowGzipCompression: + type: boolean + description: '# gdata.* are outside protos with mising documentation' type: object + id: DownloadParameters + description: '# gdata.* are outside protos with mising documentation' + ListCommentsResponse: + id: ListCommentsResponse properties: - cases: - description: >- - The list of cases associated with the parent after any filters have - been applied. + comments: + description: List of the comments associated with the case. type: array items: - $ref: '#/components/schemas/Case' + $ref: '#/components/schemas/Comment' nextPageToken: + type: string description: >- A token to retrieve the next page of results. Set this in the - `page_token` field of subsequent `cases.search` requests. If + `page_token` field of subsequent `cases.comments.list` requests. If unspecified, there are no more results to retrieve. - type: string - EscalateCaseRequest: - id: EscalateCaseRequest - description: The request message for the EscalateCase endpoint. - type: object - properties: - escalation: - description: The escalation information to be sent with the escalation request. - $ref: '#/components/schemas/Escalation' - Escalation: - id: Escalation - description: An escalation of a support case. + description: The response message for the ListComments endpoint. type: object + ListAttachmentsResponse: + description: The response message for the ListAttachments endpoint. properties: - reason: - description: Required. The reason why the Case is being escalated. - type: string - enumDescriptions: - - >- - The escalation reason is in an unknown state or has not been - specified. - - The case is taking too long to resolve. - - >- - The support agent does not have the expertise required to - successfully resolve the issue. - - The issue is having a significant business impact. - enum: - - REASON_UNSPECIFIED - - RESOLUTION_TIME - - TECHNICAL_EXPERTISE - - BUSINESS_IMPACT - justification: + nextPageToken: description: >- - Required. A free text description to accompany the `reason` field - above. Provides additional context on why the case is being - escalated. + A token to retrieve the next page of results. Set this in the + `page_token` field of subsequent `cases.attachments.list` requests. + If unspecified, there are no more results to retrieve. type: string - CloseCaseRequest: - id: CloseCaseRequest - description: The request message for the CloseCase endpoint. + attachments: + items: + $ref: '#/components/schemas/Attachment' + description: The list of attachments associated with a case. + type: array + id: ListAttachmentsResponse type: object - properties: {} SearchCaseClassificationsResponse: - id: SearchCaseClassificationsResponse - description: The response message for SearchCaseClassifications endpoint. - type: object properties: - caseClassifications: - description: The classifications retrieved. - type: array - items: - $ref: '#/components/schemas/CaseClassification' nextPageToken: description: >- A token to retrieve the next page of results. Set this in the `page_token` field of subsequent `caseClassifications.list` requests. If unspecified, there are no more results to retrieve. type: string - ListCommentsResponse: - id: ListCommentsResponse - description: The response message for the ListComments endpoint. - type: object - properties: - comments: - description: List of the comments associated with the case. + caseClassifications: + description: The classifications retrieved. type: array items: - $ref: '#/components/schemas/Comment' - nextPageToken: - description: >- - A token to retrieve the next page of results. Set this in the - `page_token` field of subsequent `cases.comments.list` requests. If - unspecified, there are no more results to retrieve. + $ref: '#/components/schemas/CaseClassification' + description: The response message for SearchCaseClassifications endpoint. + id: SearchCaseClassificationsResponse + type: object + DiffDownloadResponse: + properties: + objectLocation: + $ref: '#/components/schemas/CompositeMedia' + description: '# gdata.* are outside protos with mising documentation' + type: object + description: '# gdata.* are outside protos with mising documentation' + id: DiffDownloadResponse + DiffUploadRequest: + description: '# gdata.* are outside protos with mising documentation' + type: object + id: DiffUploadRequest + properties: + objectInfo: + $ref: '#/components/schemas/CompositeMedia' + description: '# gdata.* are outside protos with mising documentation' + checksumsInfo: + $ref: '#/components/schemas/CompositeMedia' + description: '# gdata.* are outside protos with mising documentation' + objectVersion: + description: '# gdata.* are outside protos with mising documentation' type: string Comment: + type: object id: Comment description: >- A comment associated with a support case. Case comments are the primary way for Google Support to communicate with a user who has opened a case. When a user responds to Google Support, the user's responses also appear as comments. - type: object properties: - name: - description: Output only. Identifier. The resource name of the comment. - readOnly: true - type: string createTime: + type: string + readOnly: true + format: google-datetime description: Output only. The time when the comment was created. + name: readOnly: true + description: Output only. Identifier. The resource name of the comment. + type: string + body: + description: The full comment body. Maximum of 12800 characters. type: string - format: google-datetime creator: + $ref: '#/components/schemas/Actor' description: >- Output only. The user or Google Support agent who created the comment. readOnly: true + plainTextBody: + readOnly: true + deprecated: true + type: string + description: >- + Output only. DEPRECATED. DO NOT USE. A duplicate of the `body` + field. This field is only present for legacy reasons. + Attachment: + type: object + description: >- + An Attachment contains metadata about a file that was uploaded to a case + - it is NOT a file itself. That being said, the name of an Attachment + object can be used to download its accompanying file through the + `media.download` endpoint. While attachments can be uploaded in the + console at the same time as a comment, they're associated on a "case" + level, not a "comment" level. + properties: + creator: + description: >- + Output only. The user who uploaded the attachment. Note, the name + and email will be obfuscated if the attachment was uploaded by + Google support. + readOnly: true $ref: '#/components/schemas/Actor' - body: - description: The full comment body. Maximum of 12800 characters. + sizeBytes: + type: string + description: Output only. The size of the attachment in bytes. + format: int64 + readOnly: true + createTime: + type: string + description: Output only. The time at which the attachment was created. + format: google-datetime + readOnly: true + filename: + type: string + description: The filename of the attachment (e.g. `"graph.jpg"`). + mimeType: + type: string + description: Output only. The MIME type of the attachment (e.g. text/plain). + readOnly: true + name: + description: Output only. Identifier. The resource name of the attachment. + type: string + readOnly: true + id: Attachment + DiffVersionResponse: + description: '# gdata.* are outside protos with mising documentation' + id: DiffVersionResponse + type: object + properties: + objectSizeBytes: + type: string + description: '# gdata.* are outside protos with mising documentation' + format: int64 + objectVersion: + type: string + description: '# gdata.* are outside protos with mising documentation' + CaseClassification: + properties: + id: + type: string + description: >- + The unique ID for a classification. Must be specified for case + creation. To retrieve valid classification IDs for case creation, + use `caseClassifications.search`. Classification IDs returned by + `caseClassifications.search` are guaranteed to be valid for at least + 6 months. If a given classification is deactiveated, it will + immediately stop being returned. After 6 months, `case.create` + requests using the classification ID will fail. + displayName: + description: >- + A display name for the classification. The display name is not + static and can change. To uniquely and consistently identify + classifications, use the `CaseClassification.id` field. + type: string + id: CaseClassification + description: >- + A Case Classification represents the topic that a case is about. It's + very important to use accurate classifications, because they're used to + route your cases to specialists who can help you. A classification + always has an ID that is its unique identifier. A valid ID is required + when creating a case. + type: object + Escalation: + description: An escalation of a support case. + properties: + justification: + description: >- + Required. A free text description to accompany the `reason` field + above. Provides additional context on why the case is being + escalated. + type: string + reason: + type: string + description: Required. The reason why the Case is being escalated. + enum: + - REASON_UNSPECIFIED + - RESOLUTION_TIME + - TECHNICAL_EXPERTISE + - BUSINESS_IMPACT + enumDescriptions: + - >- + The escalation reason is in an unknown state or has not been + specified. + - The case is taking too long to resolve. + - >- + The support agent does not have the expertise required to + successfully resolve the issue. + - The issue is having a significant business impact. + id: Escalation + type: object + Media: + properties: + timestamp: + description: '# gdata.* are outside protos with mising documentation' + format: uint64 + type: string + sha1Hash: + description: '# gdata.* are outside protos with mising documentation' + type: string + format: byte + downloadParameters: + $ref: '#/components/schemas/DownloadParameters' + description: '# gdata.* are outside protos with mising documentation' + isPotentialRetry: + type: boolean + description: '# gdata.* are outside protos with mising documentation' + referenceType: + description: '# gdata.* are outside protos with mising documentation' + enum: + - PATH + - BLOB_REF + - INLINE + - GET_MEDIA + - COMPOSITE_MEDIA + - BIGSTORE_REF + - DIFF_VERSION_RESPONSE + - DIFF_CHECKSUMS_RESPONSE + - DIFF_DOWNLOAD_RESPONSE + - DIFF_UPLOAD_REQUEST + - DIFF_UPLOAD_RESPONSE + - COSMO_BINARY_REFERENCE + - ARBITRARY_BYTES + type: string + enumDescriptions: + - '# gdata.* are outside protos with mising documentation' + - '# gdata.* are outside protos with mising documentation' + - '# gdata.* are outside protos with mising documentation' + - '# gdata.* are outside protos with mising documentation' + - '# gdata.* are outside protos with mising documentation' + - '# gdata.* are outside protos with mising documentation' + - '# gdata.* are outside protos with mising documentation' + - '# gdata.* are outside protos with mising documentation' + - '# gdata.* are outside protos with mising documentation' + - '# gdata.* are outside protos with mising documentation' + - '# gdata.* are outside protos with mising documentation' + - '# gdata.* are outside protos with mising documentation' + - '# gdata.* are outside protos with mising documentation' + sha256Hash: + description: '# gdata.* are outside protos with mising documentation' + type: string + format: byte + filename: + type: string + description: '# gdata.* are outside protos with mising documentation' + mediaId: + description: '# gdata.* are outside protos with mising documentation' + format: byte + type: string + blobRef: + description: '# gdata.* are outside protos with mising documentation' + deprecated: true + type: string + format: byte + algorithm: + description: '# gdata.* are outside protos with mising documentation' + type: string + deprecated: true + compositeMedia: + type: array + items: + $ref: '#/components/schemas/CompositeMedia' + description: '# gdata.* are outside protos with mising documentation' + crc32cHash: + description: '# gdata.* are outside protos with mising documentation' + type: integer + format: uint32 + hashVerified: + description: '# gdata.* are outside protos with mising documentation' + type: boolean + token: + type: string + description: '# gdata.* are outside protos with mising documentation' + md5Hash: + description: '# gdata.* are outside protos with mising documentation' + format: byte + type: string + diffUploadRequest: + $ref: '#/components/schemas/DiffUploadRequest' + description: '# gdata.* are outside protos with mising documentation' + diffVersionResponse: + description: '# gdata.* are outside protos with mising documentation' + $ref: '#/components/schemas/DiffVersionResponse' + contentTypeInfo: + $ref: '#/components/schemas/ContentTypeInfo' + description: '# gdata.* are outside protos with mising documentation' + diffUploadResponse: + description: '# gdata.* are outside protos with mising documentation' + $ref: '#/components/schemas/DiffUploadResponse' + hash: + deprecated: true + type: string + description: '# gdata.* are outside protos with mising documentation' + bigstoreObjectRef: + deprecated: true + format: byte + type: string + description: '# gdata.* are outside protos with mising documentation' + contentType: + type: string + description: '# gdata.* are outside protos with mising documentation' + blobstore2Info: + description: '# gdata.* are outside protos with mising documentation' + $ref: '#/components/schemas/Blobstore2Info' + objectId: + $ref: '#/components/schemas/ObjectId' + description: '# gdata.* are outside protos with mising documentation' + diffChecksumsResponse: + description: '# gdata.* are outside protos with mising documentation' + $ref: '#/components/schemas/DiffChecksumsResponse' + inline: + description: '# gdata.* are outside protos with mising documentation' + format: byte + type: string + path: + type: string + description: '# gdata.* are outside protos with mising documentation' + length: + description: '# gdata.* are outside protos with mising documentation' + format: int64 + type: string + diffDownloadResponse: + description: '# gdata.* are outside protos with mising documentation' + $ref: '#/components/schemas/DiffDownloadResponse' + cosmoBinaryReference: + format: byte + type: string + description: '# gdata.* are outside protos with mising documentation' + type: object + description: '# gdata.* are outside protos with mising documentation' + id: Media + Actor: + description: >- + An Actor represents an entity that performed an action. For example, an + actor could be a user who posted a comment on a support case, a user who + uploaded an attachment, or a service account that created a support + case. + id: Actor + properties: + username: + description: >- + Output only. The username of the actor. It may look like an email or + other format provided by the identity provider. If not provided, it + is inferred from the credentials supplied. When a name is provided, + a username must also be provided. If the user is a Google Support + agent, this will not be set. type: string - plainTextBody: - description: >- - Output only. DEPRECATED. DO NOT USE. A duplicate of the `body` - field. This field is only present for legacy reasons. readOnly: true + googleSupport: + type: boolean + readOnly: true + description: Output only. Whether the actor is a Google support actor. + email: + type: string deprecated: true + description: >- + The email address of the actor. If not provided, it is inferred from + the credentials supplied during case creation. When a name is + provided, an email must also be provided. If the user is a Google + Support agent, this is obfuscated. This field is deprecated. Use + `username` instead. + displayName: + description: >- + The name to display for the actor. If not provided, it is inferred + from credentials supplied during case creation. When an email is + provided, a display name must also be provided. This will be + obfuscated if the user is a Google Support agent. type: string + type: object + EscalateCaseRequest: + id: EscalateCaseRequest + description: The request message for the EscalateCase endpoint. + type: object + properties: + escalation: + description: The escalation information to be sent with the escalation request. + $ref: '#/components/schemas/Escalation' parameters: - access_token: - description: OAuth access token. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: access_token + name: key schema: type: string - alt: - description: Data format for response. + access_token: + description: OAuth access token. in: query - name: alt + name: access_token schema: type: string - enum: - - json - - media - - proto callback: description: JSONP in: query name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -829,10 +811,20 @@ components: name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + alt: + description: Data format for response. in: query - name: uploadType + name: alt + schema: + type: string + enum: + - json + - media + - proto + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields schema: type: string _.xgafv: @@ -844,6 +836,18 @@ components: enum: - '1' - '2' + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string x-stackQL-resources: media: id: google.cloudsupport.media @@ -892,15 +896,15 @@ components: response: mediaType: application/json openAPIDocKey: '200' - patch: + escalate: operation: - $ref: '#/paths/~1v2~1{name}/patch' + $ref: '#/paths/~1v2~1{name}/post' response: mediaType: application/json openAPIDocKey: '200' - close: + patch: operation: - $ref: '#/paths/~1v2~1{name}/post' + $ref: '#/paths/~1v2~1{name}/patch' response: mediaType: application/json openAPIDocKey: '200' @@ -930,19 +934,19 @@ components: name: comments title: Comments methods: - list: + create: operation: - $ref: '#/paths/~1v2~1{parentType}~1{parent}~1comments/get' + $ref: '#/paths/~1v2~1{parentType}~1{parent}~1comments/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.comments - create: + list: operation: - $ref: '#/paths/~1v2~1{parentType}~1{parent}~1comments/post' + $ref: '#/paths/~1v2~1{parentType}~1{parent}~1comments/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.comments sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/comments/methods/list' @@ -954,17 +958,17 @@ components: paths: /v2/{parentType}/{parent}/attachments: parameters: &ref_1 + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/uploadType' post: description: >- Create a file attachment on a case or Cloud resource. The attachment @@ -1051,15 +1055,15 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string /v2/{name}: parameters: *ref_1 get: @@ -1094,26 +1098,32 @@ paths: required: true schema: type: string - patch: + post: description: >- - Update a case. Only some fields can be updated. EXAMPLES: cURL: ```shell - case="projects/some-project/cases/43595344" curl \ --request PATCH \ - --header "Authorization: Bearer $(gcloud auth print-access-token)" \ - --header "Content-Type: application/json" \ --data '{ "priority": "P1" - }' \ "https://cloudsupport.googleapis.com/v2/$case?updateMask=priority" - ``` Python: ```python import googleapiclient.discovery api_version = - "v2" supportApiService = googleapiclient.discovery.build( + Escalate a case, starting the Google Cloud Support escalation management + process. This operation is only available for some support services. Go + to https://cloud.google.com/support and look for 'Technical support + escalations' in the feature list to find out which ones let you do that. + EXAMPLES: cURL: ```shell case="projects/some-project/cases/43595344" + curl \ --request POST \ --header "Authorization: Bearer $(gcloud auth + print-access-token)" \ --header "Content-Type: application/json" \ + --data '{ "escalation": { "reason": "BUSINESS_IMPACT", "justification": + "This is a test escalation." } }' \ + "https://cloudsupport.googleapis.com/v2/$case:escalate" ``` Python: + ```python import googleapiclient.discovery api_version = "v2" + supportApiService = googleapiclient.discovery.build( serviceName="cloudsupport", version=api_version, discoveryServiceUrl=f"https://cloudsupport.googleapis.com/$discovery/rest?version={api_version}", - ) request = supportApiService.cases().patch( - name="projects/some-project/cases/43112854", body={ "displayName": "This - is Now a New Title", "priority": "P2", }, ) print(request.execute()) ``` - operationId: cloudsupport.cases.patch + ) request = supportApiService.cases().escalate( + name="projects/some-project/cases/43595344", body={ "escalation": { + "reason": "BUSINESS_IMPACT", "justification": "This is a test + escalation.", }, }, ) print(request.execute()) ``` + operationId: cloudsupport.cases.escalate requestBody: content: application/json: schema: - $ref: '#/components/schemas/Case' + $ref: '#/components/schemas/EscalateCaseRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1132,30 +1142,26 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - post: + patch: description: >- - Close a case. EXAMPLES: cURL: ```shell - case="projects/some-project/cases/43595344" curl \ --request POST \ + Update a case. Only some fields can be updated. EXAMPLES: cURL: ```shell + case="projects/some-project/cases/43595344" curl \ --request PATCH \ --header "Authorization: Bearer $(gcloud auth print-access-token)" \ - "https://cloudsupport.googleapis.com/v2/$case:close" ``` Python: - ```python import googleapiclient.discovery api_version = "v2" - supportApiService = googleapiclient.discovery.build( + --header "Content-Type: application/json" \ --data '{ "priority": "P1" + }' \ "https://cloudsupport.googleapis.com/v2/$case?updateMask=priority" + ``` Python: ```python import googleapiclient.discovery api_version = + "v2" supportApiService = googleapiclient.discovery.build( serviceName="cloudsupport", version=api_version, discoveryServiceUrl=f"https://cloudsupport.googleapis.com/$discovery/rest?version={api_version}", - ) request = supportApiService.cases().close( - name="projects/some-project/cases/43595344" ) print(request.execute()) - ``` - operationId: cloudsupport.cases.close + ) request = supportApiService.cases().patch( + name="projects/some-project/cases/43112854", body={ "displayName": "This + is Now a New Title", "priority": "P2", }, ) print(request.execute()) ``` + operationId: cloudsupport.cases.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/CloseCaseRequest' + $ref: '#/components/schemas/Case' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1174,6 +1180,11 @@ paths: required: true schema: type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask /v2/{parentType}/{parent}/cases: parameters: *ref_1 get: @@ -1282,20 +1293,28 @@ paths: type: string /v2/{parentType}/{parent}/comments: parameters: *ref_1 - get: + post: description: >- - List all the comments associated with a case. EXAMPLES: cURL: ```shell - case="projects/some-project/cases/43595344" curl \ --header - "Authorization: Bearer $(gcloud auth print-access-token)" \ + Add a new comment to a case. The comment must have the following fields + set: `body`. EXAMPLES: cURL: ```shell + case="projects/some-project/cases/43591344" curl \ --request POST \ + --header "Authorization: Bearer $(gcloud auth print-access-token)" \ + --header 'Content-Type: application/json' \ --data '{ "body": "This is a + test comment." }' \ "https://cloudsupport.googleapis.com/v2/$case/comments" ``` Python: ```python import googleapiclient.discovery api_version = "v2" supportApiService = googleapiclient.discovery.build( serviceName="cloudsupport", version=api_version, discoveryServiceUrl=f"https://cloudsupport.googleapis.com/$discovery/rest?version={api_version}", - ) request = ( supportApiService.cases() .comments() - .list(parent="projects/some-project/cases/43595344") ) - print(request.execute()) ``` - operationId: cloudsupport.cases.comments.list + ) request = ( supportApiService.cases() .comments() .create( + parent="projects/some-project/cases/43595344", body={"body": "This is a + test comment."}, ) ) print(request.execute()) ``` + operationId: cloudsupport.cases.comments.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Comment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1307,7 +1326,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListCommentsResponse' + $ref: '#/components/schemas/Comment' parameters: - in: path name: parentType @@ -1319,37 +1338,20 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - post: + get: description: >- - Add a new comment to a case. The comment must have the following fields - set: `body`. EXAMPLES: cURL: ```shell - case="projects/some-project/cases/43591344" curl \ --request POST \ - --header "Authorization: Bearer $(gcloud auth print-access-token)" \ - --header 'Content-Type: application/json' \ --data '{ "body": "This is a - test comment." }' \ + List all the comments associated with a case. EXAMPLES: cURL: ```shell + case="projects/some-project/cases/43595344" curl \ --header + "Authorization: Bearer $(gcloud auth print-access-token)" \ "https://cloudsupport.googleapis.com/v2/$case/comments" ``` Python: ```python import googleapiclient.discovery api_version = "v2" supportApiService = googleapiclient.discovery.build( serviceName="cloudsupport", version=api_version, discoveryServiceUrl=f"https://cloudsupport.googleapis.com/$discovery/rest?version={api_version}", - ) request = ( supportApiService.cases() .comments() .create( - parent="projects/some-project/cases/43595344", body={"body": "This is a - test comment."}, ) ) print(request.execute()) ``` - operationId: cloudsupport.cases.comments.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Comment' + ) request = ( supportApiService.cases() .comments() + .list(parent="projects/some-project/cases/43595344") ) + print(request.execute()) ``` + operationId: cloudsupport.cases.comments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1361,7 +1363,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Comment' + $ref: '#/components/schemas/ListCommentsResponse' parameters: - in: path name: parentType @@ -1373,6 +1375,15 @@ paths: required: true schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string /v2/caseClassifications:search: parameters: *ref_1 get: @@ -1407,15 +1418,15 @@ paths: schema: $ref: '#/components/schemas/SearchCaseClassificationsResponse' parameters: - - in: query - name: query - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: query + schema: + type: string - in: query name: pageToken schema: diff --git a/providers/src/googleapis.com/v00.00.00000/services/cloudtasks.yaml b/providers/src/googleapis.com/v00.00.00000/services/cloudtasks.yaml index 94dc4269..ea37a355 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/cloudtasks.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/cloudtasks.yaml @@ -7,8 +7,8 @@ info: title: Cloud Tasks API description: Manages the execution of large numbers of distributed requests. version: v2 - x-discovery-doc-revision: '20250611' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251021' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/tasks/ servers: @@ -34,552 +34,779 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object - properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object + Expr: + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + id: Expr properties: - name: + title: description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + location: type: string - displayName: description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + expression: type: string - labels: description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: + Textual representation of an expression in Common Expression + Language syntax. + description: + type: string description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ListQueuesResponse: - id: ListQueuesResponse - description: Response message for ListQueues. + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. type: object - properties: - queues: - description: The list of queues. - type: array - items: - $ref: '#/components/schemas/Queue' - nextPageToken: - description: >- - A token to retrieve next page of results. To return the next page of - results, call ListQueues with this value as the page_token. If the - next_page_token is empty, there are no more results. The page token - is valid for only 2 hours. - type: string - Queue: - id: Queue - description: >- - A queue is a container of related tasks. Queues are configured to manage - how those tasks are dispatched. Configurable properties include rate - limits, retry options, queue types, and others. + OidcToken: type: object + id: OidcToken properties: - name: - description: >- - Caller-specified and required in CreateQueue, after which it becomes - output only. The queue name. The queue name must have the following - format: `projects/PROJECT_ID/locations/LOCATION_ID/queues/QUEUE_ID` - * `PROJECT_ID` can contain letters ([A-Za-z]), numbers ([0-9]), - hyphens (-), colons (:), or periods (.). For more information, see - [Identifying - projects](https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects) - * `LOCATION_ID` is the canonical ID for the queue's location. The - list of available locations can be obtained by calling - ListLocations. For more information, see - https://cloud.google.com/about/locations/. * `QUEUE_ID` can contain - letters ([A-Za-z]), numbers ([0-9]), or hyphens (-). The maximum - length is 100 characters. - type: string - appEngineRoutingOverride: - description: >- - Overrides for task-level app_engine_routing. These settings apply - only to App Engine tasks in this queue. Http tasks are not affected. - If set, `app_engine_routing_override` is used for all App Engine - tasks in the queue, no matter what the setting is for the task-level - app_engine_routing. - $ref: '#/components/schemas/AppEngineRouting' - httpTarget: - description: Modifies HTTP target for HTTP tasks. - $ref: '#/components/schemas/HttpTarget' - rateLimits: - description: >- - Rate limits for task dispatches. rate_limits and retry_config are - related because they both control task attempts. However they - control task attempts in different ways: * rate_limits controls the - total rate of dispatches from a queue (i.e. all traffic dispatched - from the queue, regardless of whether the dispatch is from a first - attempt or a retry). * retry_config controls what happens to - particular a task after its first attempt fails. That is, - retry_config controls task retries (the second attempt, third - attempt, etc). The queue's actual dispatch rate is the result of: * - Number of tasks in the queue * User-specified throttling: - rate_limits, retry_config, and the queue's state. * System - throttling due to `429` (Too Many Requests) or `503` (Service - Unavailable) responses from the worker, high error rates, or to - smooth sudden large traffic spikes. - $ref: '#/components/schemas/RateLimits' - retryConfig: - description: >- - Settings that determine the retry behavior. * For tasks created - using Cloud Tasks: the queue-level retry settings apply to all tasks - in the queue that were created using Cloud Tasks. Retry settings - cannot be set on individual tasks. * For tasks created using the App - Engine SDK: the queue-level retry settings apply to all tasks in the - queue which do not have retry settings explicitly set on the task - and were created by the App Engine SDK. See [App Engine - documentation](https://cloud.google.com/appengine/docs/standard/python/taskqueue/push/retrying-tasks). - $ref: '#/components/schemas/RetryConfig' - state: + audience: description: >- - Output only. The state of the queue. `state` can only be changed by - calling PauseQueue, ResumeQueue, or uploading - [queue.yaml/xml](https://cloud.google.com/appengine/docs/python/config/queueref). - UpdateQueue cannot be used to change `state`. + Audience to be used when generating OIDC token. If not specified, + the URI specified in target will be used. type: string - enumDescriptions: - - Unspecified state. - - >- - The queue is running. Tasks can be dispatched. If the queue was - created using Cloud Tasks and the queue has had no activity - (method calls or task dispatches) for 30 days, the queue may take - a few minutes to re-activate. Some method calls may return - NOT_FOUND and tasks may not be dispatched for a few minutes until - the queue has been re-activated. - - >- - Tasks are paused by the user. If the queue is paused then Cloud - Tasks will stop delivering tasks from it, but more tasks can still - be added to it by the user. - - >- - The queue is disabled. A queue becomes `DISABLED` when - [queue.yaml](https://cloud.google.com/appengine/docs/python/config/queueref) - or - [queue.xml](https://cloud.google.com/appengine/docs/standard/java/config/queueref) - is uploaded which does not contain the queue. You cannot directly - disable a queue. When a queue is disabled, tasks can still be - added to a queue but the tasks are not dispatched. To permanently - delete this queue and all of its tasks, call DeleteQueue. - enum: - - STATE_UNSPECIFIED - - RUNNING - - PAUSED - - DISABLED - purgeTime: + serviceAccountEmail: description: >- - Output only. The last time this queue was purged. All tasks that - were created before this time were purged. A queue can be purged - using PurgeQueue, the [App Engine Task Queue SDK, or the Cloud - Console](https://cloud.google.com/appengine/docs/standard/python/taskqueue/push/deleting-tasks-and-queues#purging_all_tasks_from_a_queue). - Purge time will be truncated to the nearest microsecond. Purge time - will be unset if the queue has never been purged. + [Service account + email](https://cloud.google.com/iam/docs/service-accounts) to be + used for generating OIDC token. The service account must be within + the same project as the queue. The caller must have + iam.serviceAccounts.actAs permission for the service account. type: string - format: google-datetime - stackdriverLoggingConfig: - description: >- - Configuration options for writing logs to [Stackdriver - Logging](https://cloud.google.com/logging/docs/). If this field is - unset, then no logs are written. - $ref: '#/components/schemas/StackdriverLoggingConfig' - AppEngineRouting: - id: AppEngineRouting description: >- - App Engine Routing. Defines routing characteristics specific to App - Engine - service, version, and instance. For more information about - services, versions, and instances see [An Overview of App - Engine](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine), - [Microservices Architecture on Google App - Engine](https://cloud.google.com/appengine/docs/python/microservices-on-app-engine), - [App Engine Standard request - routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed), - and [App Engine Flex request - routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed). - Using AppEngineRouting requires - [`appengine.applications.get`](https://cloud.google.com/appengine/docs/admin-api/access-control) - Google IAM permission for the project and the following scope: - `https://www.googleapis.com/auth/cloud-platform` + Contains information needed for generating an [OpenID Connect + token](https://developers.google.com/identity/protocols/OpenIDConnect). + This type of authorization can be used for many scenarios, including + calling Cloud Run, or endpoints where you intend to validate the token + yourself. + Binding: type: object + description: Associates `members`, or principals, with a `role`. properties: - service: - description: >- - App service. By default, the task is sent to the service which is - the default service when the task is attempted. For some queues or - tasks which were created using the App Engine Task Queue API, host - is not parsable into service, version, and instance. For example, - some tasks which were created using the App Engine SDK use a custom - domain name; custom domains are not parsed by Cloud Tasks. If host - is not parsable, then service, version, and instance are the empty - string. - type: string - version: + members: + items: + type: string description: >- - App version. By default, the task is sent to the version which is - the default version when the task is attempted. For some queues or - tasks which were created using the App Engine Task Queue API, host - is not parsable into service, version, and instance. For example, - some tasks which were created using the App Engine SDK use a custom - domain name; custom domains are not parsed by Cloud Tasks. If host - is not parsable, then service, version, and instance are the empty - string. - type: string - instance: + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + type: array + condition: + $ref: '#/components/schemas/Expr' + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + role: + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + type: string + id: Binding + BufferTaskResponse: + id: BufferTaskResponse + properties: + task: + description: The created task. + $ref: '#/components/schemas/Task' + description: Response message for BufferTask. + type: object + PauseQueueRequest: + description: Request message for PauseQueue. + type: object + properties: {} + id: PauseQueueRequest + Policy: + type: object + id: Policy + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + properties: + etag: + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + format: byte + type: string + version: + format: int32 + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + type: integer + bindings: + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + items: + $ref: '#/components/schemas/Binding' + type: array + RunTaskRequest: + description: Request message for forcing a task to run now using RunTask. + id: RunTaskRequest + type: object + properties: + responseView: + type: string + description: >- + The response_view specifies which subset of the Task will be + returned. By default response_view is BASIC; not all information is + retrieved by default because some data, such as payloads, might be + desirable to return only when needed because of its large size or + because of the sensitivity of data that it contains. Authorization + for FULL requires `cloudtasks.tasks.fullView` [Google + IAM](https://cloud.google.com/iam/) permission on the Task resource. + enum: + - VIEW_UNSPECIFIED + - BASIC + - FULL + enumDescriptions: + - Unspecified. Defaults to BASIC. + - >- + The basic view omits fields which can be large or can contain + sensitive data. This view does not include the body in + AppEngineHttpRequest. Bodies are desirable to return only when + needed, because they can be large and because of the sensitivity + of the data that you choose to store in it. + - >- + All information is returned. Authorization for FULL requires + `cloudtasks.tasks.fullView` [Google + IAM](https://cloud.google.com/iam/) permission on the Queue + resource. + BufferTaskRequest: + id: BufferTaskRequest + description: Request message for BufferTask. + type: object + properties: + body: + $ref: '#/components/schemas/HttpBody' + description: >- + Optional. Body of the HTTP request. The body can take any generic + value. The value is written to the HttpRequest of the [Task]. + Task: + id: Task + properties: + view: + enumDescriptions: + - Unspecified. Defaults to BASIC. + - >- + The basic view omits fields which can be large or can contain + sensitive data. This view does not include the body in + AppEngineHttpRequest. Bodies are desirable to return only when + needed, because they can be large and because of the sensitivity + of the data that you choose to store in it. + - >- + All information is returned. Authorization for FULL requires + `cloudtasks.tasks.fullView` [Google + IAM](https://cloud.google.com/iam/) permission on the Queue + resource. + type: string + enum: + - VIEW_UNSPECIFIED + - BASIC + - FULL + description: >- + Output only. The view specifies which subset of the Task has been + returned. + appEngineHttpRequest: + $ref: '#/components/schemas/AppEngineHttpRequest' + description: >- + HTTP request that is sent to the App Engine app handler. An App + Engine task is a task that has AppEngineHttpRequest set. + responseCount: + type: integer + format: int32 + description: Output only. The number of attempts which have received a response. + lastAttempt: + $ref: '#/components/schemas/Attempt' + description: Output only. The status of the task's last attempt. + createTime: + format: google-datetime + description: >- + Output only. The time that the task was created. `create_time` will + be truncated to the nearest second. + type: string + httpRequest: + description: >- + HTTP request that is sent to the worker. An HTTP task is a task that + has HttpRequest set. + $ref: '#/components/schemas/HttpRequest' + scheduleTime: + type: string + format: google-datetime + description: >- + The time when the task is scheduled to be attempted or retried. + `schedule_time` will be truncated to the nearest microsecond. + firstAttempt: + description: >- + Output only. The status of the task's first attempt. Only + dispatch_time will be set. The other Attempt information is not + retained by Cloud Tasks. + $ref: '#/components/schemas/Attempt' + dispatchCount: + format: int32 + type: integer + description: >- + Output only. The number of attempts dispatched. This count includes + attempts which have been dispatched but haven't received a response. + name: description: >- - App instance. By default, the task is sent to an instance which is - available when the task is attempted. Requests can only be sent to a - specific instance if [manual scaling is used in App Engine - Standard](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine?hl=en_US#scaling_types_and_instance_classes). - App Engine Flex does not support instances. For more information, - see [App Engine Standard request - routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) - and [App Engine Flex request - routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed). + Optionally caller-specified in CreateTask. The task name. The task + name must have the following format: + `projects/PROJECT_ID/locations/LOCATION_ID/queues/QUEUE_ID/tasks/TASK_ID` + * `PROJECT_ID` can contain letters ([A-Za-z]), numbers ([0-9]), + hyphens (-), colons (:), or periods (.). For more information, see + [Identifying + projects](https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects) + * `LOCATION_ID` is the canonical ID for the task's location. The + list of available locations can be obtained by calling + ListLocations. For more information, see + https://cloud.google.com/about/locations/. * `QUEUE_ID` can contain + letters ([A-Za-z]), numbers ([0-9]), or hyphens (-). The maximum + length is 100 characters. * `TASK_ID` can contain only letters + ([A-Za-z]), numbers ([0-9]), hyphens (-), or underscores (_). The + maximum length is 500 characters. type: string - host: + dispatchDeadline: description: >- - Output only. The host that the task is sent to. The host is - constructed from the domain name of the app associated with the - queue's project ID (for example .appspot.com), and the service, - version, and instance. Tasks which were created using the App Engine - SDK might have a custom domain name. For more information, see [How - Requests are - Routed](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed). + The deadline for requests sent to the worker. If the worker does not + respond by this deadline then the request is cancelled and the + attempt is marked as a `DEADLINE_EXCEEDED` failure. Cloud Tasks will + retry the task according to the RetryConfig. Note that when the + request is cancelled, Cloud Tasks will stop listening for the + response, but whether the worker stops processing depends on the + worker. For example, if the worker is stuck, it may not react to + cancelled requests. The default and maximum values depend on the + type of request: * For HTTP tasks, the default is 10 minutes. The + deadline must be in the interval [15 seconds, 30 minutes]. * For App + Engine tasks, 0 indicates that the request has the default deadline. + The default deadline depends on the [scaling + type](https://cloud.google.com/appengine/docs/standard/go/how-instances-are-managed#instance_scaling) + of the service: 10 minutes for standard apps with automatic scaling, + 24 hours for standard apps with manual and basic scaling, and 60 + minutes for flex apps. If the request deadline is set, it must be in + the interval [15 seconds, 24 hours 15 seconds]. Regardless of the + task's `dispatch_deadline`, the app handler will not run for longer + than than the service's timeout. We recommend setting the + `dispatch_deadline` to at most a few seconds more than the app + handler's timeout. For more information see + [Timeouts](https://cloud.google.com/tasks/docs/creating-appengine-handlers#timeouts). + The value must be given as a string that indicates the length of + time (in seconds) followed by `s` (for "seconds"). For more + information on the format, see the documentation for + [Duration](https://protobuf.dev/reference/protobuf/google.protobuf/#duration). + `dispatch_deadline` will be truncated to the nearest millisecond. + The deadline is an approximate deadline. type: string - HttpTarget: - id: HttpTarget - description: >- - HTTP target. When specified as a Queue, all the tasks with [HttpRequest] - will be overridden according to the target. + format: google-duration + description: A unit of scheduled work. type: object + TestIamPermissionsRequest: + description: Request message for `TestIamPermissions` method. properties: - uriOverride: - description: >- - URI override. When specified, overrides the execution URI for all - the tasks in the queue. - $ref: '#/components/schemas/UriOverride' - httpMethod: - description: >- - The HTTP method to use for the request. When specified, it overrides - HttpRequest for the task. Note that if the value is set to - HttpMethod the HttpRequest of the task will be ignored at execution - time. - type: string - enumDescriptions: - - HTTP method unspecified - - HTTP POST - - HTTP GET - - HTTP HEAD - - HTTP PUT - - HTTP DELETE - - HTTP PATCH - - HTTP OPTIONS - enum: - - HTTP_METHOD_UNSPECIFIED - - POST - - GET - - HEAD - - PUT - - DELETE - - PATCH - - OPTIONS - headerOverrides: - description: >- - HTTP target headers. This map contains the header field names and - values. Headers will be set when running the CreateTask and/or - BufferTask. These headers represent a subset of the headers that - will be configured for the task's HTTP request. Some HTTP request - headers will be ignored or replaced. A partial list of headers that - will be ignored or replaced is: * Several predefined headers, - prefixed with "X-CloudTasks-", can be used to define properties of - the task. * Host: This will be computed by Cloud Tasks and derived - from HttpRequest.url. * Content-Length: This will be computed by - Cloud Tasks. `Content-Type` won't be set by Cloud Tasks. You can - explicitly set `Content-Type` to a media type when the task is - created. For example,`Content-Type` can be set to - `"application/octet-stream"` or `"application/json"`. The default - value is set to "application/json"`. * User-Agent: This will be set - to `"Google-Cloud-Tasks"`. Headers which can have multiple values - (according to RFC2616) can be specified using comma-separated - values. The size of the headers must be less than 80KB. Queue-level - headers to override headers of all the tasks in the queue. Do not - put business sensitive or personally identifying data in the HTTP - Header Override Configuration or other similar fields in accordance - with Section 12 (Resource Fields) of the [Service Specific - Terms](https://cloud.google.com/terms/service-terms). - type: array + permissions: items: - $ref: '#/components/schemas/HeaderOverride' - oauthToken: - description: >- - If specified, an [OAuth - token](https://developers.google.com/identity/protocols/OAuth2) is - generated and attached as the `Authorization` header in the HTTP - request. This type of authorization should generally be used only - when calling Google APIs hosted on *.googleapis.com. Note that both - the service account email and the scope MUST be specified when using - the queue-level authorization override. - $ref: '#/components/schemas/OAuthToken' - oidcToken: + type: string description: >- - If specified, an - [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) - token is generated and attached as an `Authorization` header in the - HTTP request. This type of authorization can be used for many - scenarios, including calling Cloud Run, or endpoints where you - intend to validate the token yourself. Note that both the service - account email and the audience MUST be specified when using the - queue-level authorization override. - $ref: '#/components/schemas/OidcToken' - UriOverride: - id: UriOverride - description: >- - URI Override. When specified, all the HTTP tasks inside the queue will - be partially or fully overridden depending on the configured values. + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + type: array + type: object + id: TestIamPermissionsRequest + PurgeQueueRequest: + id: PurgeQueueRequest + properties: {} + type: object + description: Request message for PurgeQueue. + OAuthToken: type: object + description: >- + Contains information needed for generating an [OAuth + token](https://developers.google.com/identity/protocols/OAuth2). This + type of authorization should generally only be used when calling Google + APIs hosted on *.googleapis.com. properties: - scheme: + scope: description: >- - Scheme override. When specified, the task URI scheme is replaced by - the provided value (HTTP or HTTPS). + OAuth scope to be used for generating OAuth access token. If not + specified, "https://www.googleapis.com/auth/cloud-platform" will be + used. type: string - enumDescriptions: - - Scheme unspecified. Defaults to HTTPS. - - >- - Convert the scheme to HTTP, e.g., https://www.google.ca will - change to http://www.google.ca. - - >- - Convert the scheme to HTTPS, e.g., http://www.google.ca will - change to https://www.google.ca. - enum: - - SCHEME_UNSPECIFIED - - HTTP - - HTTPS - host: - description: >- - Host override. When specified, replaces the host part of the task - URL. For example, if the task URL is "https://www.google.com," and - host value is set to "example.net", the overridden URI will be - changed to "https://example.net." Host value cannot be an empty - string (INVALID_ARGUMENT). + serviceAccountEmail: type: string - port: description: >- - Port override. When specified, replaces the port part of the task - URI. For instance, for a URI http://www.google.com/foo and port=123, - the overridden URI becomes http://www.google.com:123/foo. Note that - the port value must be a positive integer. Setting the port to 0 - (Zero) clears the URI port. + [Service account + email](https://cloud.google.com/iam/docs/service-accounts) to be + used for generating OAuth token. The service account must be within + the same project as the queue. The caller must have + iam.serviceAccounts.actAs permission for the service account. + id: OAuthToken + ListQueuesResponse: + description: Response message for ListQueues. + id: ListQueuesResponse + properties: + queues: + description: The list of queues. + items: + $ref: '#/components/schemas/Queue' + type: array + nextPageToken: type: string - format: int64 - pathOverride: - description: >- - URI path. When specified, replaces the existing path of the task - URL. Setting the path value to an empty string clears the URI path - segment. - $ref: '#/components/schemas/PathOverride' - queryOverride: - description: >- - URI query. When specified, replaces the query part of the task URI. - Setting the query value to an empty string clears the URI query - segment. - $ref: '#/components/schemas/QueryOverride' - uriOverrideEnforceMode: description: >- - URI Override Enforce Mode When specified, determines the Target - UriOverride mode. If not specified, it defaults to ALWAYS. - type: string - enumDescriptions: - - UriOverrideEnforceMode Unspecified. Defaults to ALWAYS. - - >- - In the IF_NOT_EXISTS mode, queue-level configuration is only - applied where task-level configuration does not exist. - - >- - In the ALWAYS mode, queue-level configuration overrides all - task-level configuration - enum: - - URI_OVERRIDE_ENFORCE_MODE_UNSPECIFIED - - IF_NOT_EXISTS - - ALWAYS - PathOverride: - id: PathOverride - description: PathOverride. Path message defines path override for HTTP targets. + A token to retrieve next page of results. To return the next page of + results, call ListQueues with this value as the page_token. If the + next_page_token is empty, there are no more results. The page token + is valid for only 2 hours. + type: object + Header: + description: Defines a header message. A header can have a key and a value. + id: Header + type: object + properties: + key: + description: The Key of the header. + type: string + value: + description: The Value of the header. + type: string + ListTasksResponse: + description: Response message for listing tasks using ListTasks. + id: ListTasksResponse type: object properties: - path: - description: The URI path (e.g., /users/1234). Default is an empty string. + tasks: + type: array + description: The list of tasks. + items: + $ref: '#/components/schemas/Task' + nextPageToken: type: string + description: >- + A token to retrieve next page of results. To return the next page of + results, call ListTasks with this value as the page_token. If the + next_page_token is empty, there are no more results. QueryOverride: - id: QueryOverride - description: QueryOverride. Query message defines query override for HTTP targets. - type: object properties: queryParams: description: >- The query parameters (e.g., qparam1=123&qparam2=456). Default is an empty string. type: string - HeaderOverride: - id: HeaderOverride - description: Wraps the Header object. + id: QueryOverride + description: QueryOverride. Query message defines query override for HTTP targets. type: object + TestIamPermissionsResponse: + description: Response message for `TestIamPermissions` method. properties: - header: + permissions: description: >- - Header embodying a key and a value. Do not put business sensitive or - personally identifying data in the HTTP Header Override - Configuration or other similar fields in accordance with Section 12 - (Resource Fields) of the [Service Specific - Terms](https://cloud.google.com/terms/service-terms). - $ref: '#/components/schemas/Header' - Header: - id: Header - description: Defines a header message. A header can have a key and a value. + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + items: + type: string + type: array + id: TestIamPermissionsResponse type: object + GetIamPolicyRequest: properties: - key: - description: The Key of the header. - type: string - value: - description: The Value of the header. - type: string - OAuthToken: - id: OAuthToken + options: + description: >- + OPTIONAL: A `GetPolicyOptions` object for specifying options to + `GetIamPolicy`. + $ref: '#/components/schemas/GetPolicyOptions' + description: Request message for `GetIamPolicy` method. + type: object + id: GetIamPolicyRequest + Queue: description: >- - Contains information needed for generating an [OAuth - token](https://developers.google.com/identity/protocols/OAuth2). This - type of authorization should generally only be used when calling Google - APIs hosted on *.googleapis.com. + A queue is a container of related tasks. Queues are configured to manage + how those tasks are dispatched. Configurable properties include rate + limits, retry options, queue types, and others. + id: Queue type: object properties: - serviceAccountEmail: + purgeTime: + format: google-datetime + type: string description: >- - [Service account - email](https://cloud.google.com/iam/docs/service-accounts) to be - used for generating OAuth token. The service account must be within - the same project as the queue. The caller must have - iam.serviceAccounts.actAs permission for the service account. + Output only. The last time this queue was purged. All tasks that + were created before this time were purged. A queue can be purged + using PurgeQueue, the [App Engine Task Queue SDK, or the Cloud + Console](https://cloud.google.com/appengine/docs/standard/python/taskqueue/push/deleting-tasks-and-queues#purging_all_tasks_from_a_queue). + Purge time will be truncated to the nearest microsecond. Purge time + will be unset if the queue has never been purged. + name: type: string - scope: description: >- - OAuth scope to be used for generating OAuth access token. If not - specified, "https://www.googleapis.com/auth/cloud-platform" will be - used. + Caller-specified and required in CreateQueue, after which it becomes + output only. The queue name. The queue name must have the following + format: `projects/PROJECT_ID/locations/LOCATION_ID/queues/QUEUE_ID` + * `PROJECT_ID` can contain letters ([A-Za-z]), numbers ([0-9]), + hyphens (-), colons (:), or periods (.). For more information, see + [Identifying + projects](https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects) + * `LOCATION_ID` is the canonical ID for the queue's location. The + list of available locations can be obtained by calling + ListLocations. For more information, see + https://cloud.google.com/about/locations/. * `QUEUE_ID` can contain + letters ([A-Za-z]), numbers ([0-9]), or hyphens (-). The maximum + length is 100 characters. + appEngineRoutingOverride: + $ref: '#/components/schemas/AppEngineRouting' + description: >- + Overrides for task-level app_engine_routing. These settings apply + only to App Engine tasks in this queue. Http tasks are not affected. + If set, `app_engine_routing_override` is used for all App Engine + tasks in the queue, no matter what the setting is for the task-level + app_engine_routing. + state: type: string - OidcToken: - id: OidcToken + description: >- + Output only. The state of the queue. `state` can only be changed by + calling PauseQueue, ResumeQueue, or uploading + [queue.yaml/xml](https://cloud.google.com/appengine/docs/python/config/queueref). + UpdateQueue cannot be used to change `state`. + enumDescriptions: + - Unspecified state. + - >- + The queue is running. Tasks can be dispatched. If the queue was + created using Cloud Tasks and the queue has had no activity + (method calls or task dispatches) for 30 days, the queue may take + a few minutes to re-activate. Some method calls may return + NOT_FOUND and tasks may not be dispatched for a few minutes until + the queue has been re-activated. + - >- + Tasks are paused by the user. If the queue is paused then Cloud + Tasks will stop delivering tasks from it, but more tasks can still + be added to it by the user. + - >- + The queue is disabled. A queue becomes `DISABLED` when + [queue.yaml](https://cloud.google.com/appengine/docs/python/config/queueref) + or + [queue.xml](https://cloud.google.com/appengine/docs/standard/java/config/queueref) + is uploaded which does not contain the queue. You cannot directly + disable a queue. When a queue is disabled, tasks can still be + added to a queue but the tasks are not dispatched. To permanently + delete this queue and all of its tasks, call DeleteQueue. + enum: + - STATE_UNSPECIFIED + - RUNNING + - PAUSED + - DISABLED + retryConfig: + $ref: '#/components/schemas/RetryConfig' + description: >- + Settings that determine the retry behavior. * For tasks created + using Cloud Tasks: the queue-level retry settings apply to all tasks + in the queue that were created using Cloud Tasks. Retry settings + cannot be set on individual tasks. * For tasks created using the App + Engine SDK: the queue-level retry settings apply to all tasks in the + queue which do not have retry settings explicitly set on the task + and were created by the App Engine SDK. See [App Engine + documentation](https://cloud.google.com/appengine/docs/standard/python/taskqueue/push/retrying-tasks). + stackdriverLoggingConfig: + description: >- + Configuration options for writing logs to [Stackdriver + Logging](https://cloud.google.com/logging/docs/). If this field is + unset, then no logs are written. + $ref: '#/components/schemas/StackdriverLoggingConfig' + httpTarget: + description: Modifies HTTP target for HTTP tasks. + $ref: '#/components/schemas/HttpTarget' + rateLimits: + $ref: '#/components/schemas/RateLimits' + description: >- + Rate limits for task dispatches. rate_limits and retry_config are + related because they both control task attempts. However they + control task attempts in different ways: * rate_limits controls the + total rate of dispatches from a queue (i.e. all traffic dispatched + from the queue, regardless of whether the dispatch is from a first + attempt or a retry). * retry_config controls what happens to + particular a task after its first attempt fails. That is, + retry_config controls task retries (the second attempt, third + attempt, etc). The queue's actual dispatch rate is the result of: * + Number of tasks in the queue * User-specified throttling: + rate_limits, retry_config, and the queue's state. * System + throttling due to `429` (Too Many Requests) or `503` (Service + Unavailable) responses from the worker, high error rates, or to + smooth sudden large traffic spikes. + StackdriverLoggingConfig: description: >- - Contains information needed for generating an [OpenID Connect - token](https://developers.google.com/identity/protocols/OpenIDConnect). - This type of authorization can be used for many scenarios, including - calling Cloud Run, or endpoints where you intend to validate the token - yourself. + Configuration options for writing logs to [Stackdriver + Logging](https://cloud.google.com/logging/docs/). + id: StackdriverLoggingConfig + properties: + samplingRatio: + format: double + type: number + description: >- + Specifies the fraction of operations to write to [Stackdriver + Logging](https://cloud.google.com/logging/docs/). This field may + contain any value between 0.0 and 1.0, inclusive. 0.0 is the default + and means that no operations are logged. + type: object + Status: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). type: object + id: Status properties: - serviceAccountEmail: + message: description: >- - [Service account - email](https://cloud.google.com/iam/docs/service-accounts) to be - used for generating OIDC token. The service account must be within - the same project as the queue. The caller must have - iam.serviceAccounts.actAs permission for the service account. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - audience: + code: + type: integer + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + details: + type: array + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object description: >- - Audience to be used when generating OIDC token. If not specified, - the URI specified in target will be used. - type: string - RateLimits: - id: RateLimits - description: >- - Rate limits. This message determines the maximum rate that tasks can be - dispatched by a queue, regardless of whether the dispatch is a first - task attempt or a retry. Note: The debugging command, RunTask, will run - a task even if the queue has reached its RateLimits. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + ResumeQueueRequest: + properties: {} + description: Request message for ResumeQueue. + type: object + id: ResumeQueueRequest + CreateTaskRequest: type: object properties: - maxDispatchesPerSecond: - description: >- - The maximum rate at which tasks are dispatched from this queue. If - unspecified when the queue is created, Cloud Tasks will pick the - default. * The maximum allowed value is 500. This field has the same - meaning as [rate in - queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#rate). - type: number - format: double - maxBurstSize: + task: + $ref: '#/components/schemas/Task' description: >- - Output only. The max burst size. Max burst size limits how fast - tasks in queue are processed when many tasks are in the queue and - the rate is high. This field allows the queue to have a high rate so - processing starts shortly after a task is enqueued, but still limits - resource usage when many tasks are enqueued in a short period of - time. The [token bucket](https://wikipedia.org/wiki/Token_Bucket) - algorithm is used to control the rate of task dispatches. Each queue - has a token bucket that holds tokens, up to the maximum specified by - `max_burst_size`. Each time a task is dispatched, a token is removed - from the bucket. Tasks will be dispatched until the queue's bucket - runs out of tokens. The bucket will be continuously refilled with - new tokens based on max_dispatches_per_second. Cloud Tasks will pick - the value of `max_burst_size` based on the value of - max_dispatches_per_second. For queues that were created or updated - using `queue.yaml/xml`, `max_burst_size` is equal to - [bucket_size](https://cloud.google.com/appengine/docs/standard/python/config/queueref#bucket_size). - Since `max_burst_size` is output only, if UpdateQueue is called on a - queue created by `queue.yaml/xml`, `max_burst_size` will be reset - based on the value of max_dispatches_per_second, regardless of - whether max_dispatches_per_second is updated. - type: integer - format: int32 - maxConcurrentDispatches: + Required. The task to add. Task names have the following format: + `projects/PROJECT_ID/locations/LOCATION_ID/queues/QUEUE_ID/tasks/TASK_ID`. + The user can optionally specify a task name. If a name is not + specified then the system will generate a random unique task id, + which will be set in the task returned in the response. If + schedule_time is not set or is in the past then Cloud Tasks will set + it to the current time. Task De-duplication: Explicitly specifying a + task ID enables task de-duplication. If a task's ID is identical to + that of an existing task or a task that was deleted or executed + recently then the call will fail with ALREADY_EXISTS. The IDs of + deleted tasks are not immediately available for reuse. It can take + up to 24 hours (or 9 days if the task's queue was created using a + queue.yaml or queue.xml) for the task ID to be released and made + available again. Because there is an extra lookup cost to identify + duplicate task names, these CreateTask calls have significantly + increased latency. Using hashed strings for the task id or for the + prefix of the task id is recommended. Choosing task ids that are + sequential or have sequential prefixes, for example using a + timestamp, causes an increase in latency and error rates in all task + commands. The infrastructure relies on an approximately uniform + distribution of task ids to store and serve tasks efficiently. + responseView: + enumDescriptions: + - Unspecified. Defaults to BASIC. + - >- + The basic view omits fields which can be large or can contain + sensitive data. This view does not include the body in + AppEngineHttpRequest. Bodies are desirable to return only when + needed, because they can be large and because of the sensitivity + of the data that you choose to store in it. + - >- + All information is returned. Authorization for FULL requires + `cloudtasks.tasks.fullView` [Google + IAM](https://cloud.google.com/iam/) permission on the Queue + resource. + type: string description: >- - The maximum number of concurrent tasks that Cloud Tasks allows to be - dispatched for this queue. After this threshold has been reached, - Cloud Tasks stops dispatching tasks until the number of concurrent - requests decreases. If unspecified when the queue is created, Cloud - Tasks will pick the default. The maximum allowed value is 5,000. - This field has the same meaning as [max_concurrent_requests in - queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#max_concurrent_requests). - type: integer - format: int32 + The response_view specifies which subset of the Task will be + returned. By default response_view is BASIC; not all information is + retrieved by default because some data, such as payloads, might be + desirable to return only when needed because of its large size or + because of the sensitivity of data that it contains. Authorization + for FULL requires `cloudtasks.tasks.fullView` [Google + IAM](https://cloud.google.com/iam/) permission on the Task resource. + enum: + - VIEW_UNSPECIFIED + - BASIC + - FULL + id: CreateTaskRequest + description: Request message for CreateTask. RetryConfig: - id: RetryConfig - description: >- - Retry config. These settings determine when a failed task attempt is - retried. - type: object properties: + maxBackoff: + type: string + description: >- + A task will be scheduled for retry between min_backoff and + max_backoff duration after it fails, if the queue's RetryConfig + specifies that the task should be retried. If unspecified when the + queue is created, Cloud Tasks will pick the default. The value must + be given as a string that indicates the length of time (in seconds) + followed by `s` (for "seconds"). For more information on the format, + see the documentation for + [Duration](https://protobuf.dev/reference/protobuf/google.protobuf/#duration). + `max_backoff` will be truncated to the nearest second. This field + has the same meaning as [max_backoff_seconds in + queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters). + format: google-duration maxAttempts: + type: integer + format: int32 description: >- Number of attempts per task. Cloud Tasks will attempt the task `max_attempts` times (that is, if the first attempt fails, then @@ -594,9 +821,8 @@ components: time has passed, no further attempts are made, and the task is deleted. If you want your task to retry infinitely, you must set `max_attempts` to -1 and `max_retry_duration` to 0. - type: integer - format: int32 maxRetryDuration: + format: google-duration description: >- If positive, `max_retry_duration` specifies the time limit for retrying a failed task, measured from when the task was first @@ -613,7 +839,6 @@ components: field has the same meaning as [task_age_limit in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters). type: string - format: google-duration minBackoff: description: >- A task will be scheduled for retry between min_backoff and @@ -629,21 +854,6 @@ components: queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters). type: string format: google-duration - maxBackoff: - description: >- - A task will be scheduled for retry between min_backoff and - max_backoff duration after it fails, if the queue's RetryConfig - specifies that the task should be retried. If unspecified when the - queue is created, Cloud Tasks will pick the default. The value must - be given as a string that indicates the length of time (in seconds) - followed by `s` (for "seconds"). For more information on the format, - see the documentation for - [Duration](https://protobuf.dev/reference/protobuf/google.protobuf/#duration). - `max_backoff` will be truncated to the nearest second. This field - has the same meaning as [max_backoff_seconds in - queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters). - type: string - format: google-duration maxDoublings: description: >- The time between retries will double `max_doublings` times. A task's @@ -661,59 +871,23 @@ components: queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters). type: integer format: int32 - StackdriverLoggingConfig: - id: StackdriverLoggingConfig description: >- - Configuration options for writing logs to [Stackdriver - Logging](https://cloud.google.com/logging/docs/). + Retry config. These settings determine when a failed task attempt is + retried. type: object - properties: - samplingRatio: - description: >- - Specifies the fraction of operations to write to [Stackdriver - Logging](https://cloud.google.com/logging/docs/). This field may - contain any value between 0.0 and 1.0, inclusive. 0.0 is the default - and means that no operations are logged. - type: number - format: double + id: RetryConfig Empty: id: Empty + type: object description: >- A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - PurgeQueueRequest: - id: PurgeQueueRequest - description: Request message for PurgeQueue. - type: object - properties: {} - PauseQueueRequest: - id: PauseQueueRequest - description: Request message for PauseQueue. - type: object - properties: {} - ResumeQueueRequest: - id: ResumeQueueRequest - description: Request message for ResumeQueue. - type: object properties: {} - GetIamPolicyRequest: - id: GetIamPolicyRequest - description: Request message for `GetIamPolicy` method. - type: object - properties: - options: - description: >- - OPTIONAL: A `GetPolicyOptions` object for specifying options to - `GetIamPolicy`. - $ref: '#/components/schemas/GetPolicyOptions' GetPolicyOptions: - id: GetPolicyOptions - description: Encapsulates settings provided to GetIamPolicy. type: object + id: GetPolicyOptions properties: requestedPolicyVersion: description: >- @@ -730,398 +904,429 @@ components: documentation](https://cloud.google.com/iam/help/conditions/resource-policies). type: integer format: int32 - Policy: - id: Policy + description: Encapsulates settings provided to GetIamPolicy. + HttpBody: + properties: + data: + description: The HTTP request/response body as raw binary. + type: string + format: byte + contentType: + description: >- + The HTTP Content-Type header value specifying the content type of + the body. + type: string + extensions: + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + Application specific response metadata. Must be set in the first + response for streaming APIs. + type: array + type: object description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + Message that represents an arbitrary HTTP body. It should only be used + for payload formats that can't be represented as JSON, such as raw + binary or an HTML page. This message can be used both in streaming and + non-streaming API methods in the request as well as the response. It can + be used as a top-level request field, which is convenient if one wants + to extract parameters from either the URL or HTTP template into the + request fields and also want access to the raw HTTP body. Example: + message GetResourceRequest { // A unique request id. string request_id = + 1; // The raw HTTP body is bound to this field. google.api.HttpBody + http_body = 2; } service ResourceService { rpc + GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc + UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } + Example with streaming methods: service CaldavService { rpc + GetCalendar(stream google.api.HttpBody) returns (stream + google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) + returns (stream google.api.HttpBody); } Use of this type only changes + how the request and response bodies are handled, all other features will + continue to work unchanged. + id: HttpBody + HeaderOverride: + id: HeaderOverride + properties: + header: + $ref: '#/components/schemas/Header' + description: >- + Header embodying a key and a value. Do not put business sensitive or + personally identifying data in the HTTP Header Override + Configuration or other similar fields in accordance with Section 12 + (Resource Fields) of the [Service Specific + Terms](https://cloud.google.com/terms/service-terms). + description: Wraps the Header object. type: object + Location: + description: A resource that represents a Google Cloud location. properties: - version: + labels: description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + additionalProperties: + type: string + type: object + locationId: + type: string + description: 'The canonical id for this location. For example: `"us-east1"`.' + metadata: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' - etag: + Service-specific metadata. For example the available capacity at the + given location. + type: object + name: + type: string description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + displayName: type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: object + id: Location + CmekConfig: + id: CmekConfig type: object + description: >- + Describes the customer-managed encryption key (CMEK) configuration + associated with a project and location. properties: - role: + name: + readOnly: true + type: string description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + Output only. The config resource name which includes the project and + location and must end in 'cmekConfig', in the format + projects/PROJECT_ID/locations/LOCATION_ID/cmekConfig` + kmsKey: + description: >- + Resource name of the Cloud KMS key, of the form + `projects/PROJECT_ID/locations/LOCATION_ID/keyRings/KEY_RING_ID/cryptoKeys/KEY_ID`, + that will be used to encrypt the Queues & Tasks in the region. + Setting this as blank will turn off CMEK encryption. + type: string + AppEngineRouting: + properties: + version: type: string - members: description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: + App version. By default, the task is sent to the version which is + the default version when the task is attempted. For some queues or + tasks which were created using the App Engine Task Queue API, host + is not parsable into service, version, and instance. For example, + some tasks which were created using the App Engine SDK use a custom + domain name; custom domains are not parsed by Cloud Tasks. If host + is not parsable, then service, version, and instance are the empty + string. + service: + type: string description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr + App service. By default, the task is sent to the service which is + the default service when the task is attempted. For some queues or + tasks which were created using the App Engine Task Queue API, host + is not parsable into service, version, and instance. For example, + some tasks which were created using the App Engine SDK use a custom + domain name; custom domains are not parsed by Cloud Tasks. If host + is not parsable, then service, version, and instance are the empty + string. + instance: + type: string + description: >- + App instance. By default, the task is sent to an instance which is + available when the task is attempted. Requests can only be sent to a + specific instance if [manual scaling is used in App Engine + Standard](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine?hl=en_US#scaling_types_and_instance_classes). + App Engine Flex does not support instances. For more information, + see [App Engine Standard request + routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) + and [App Engine Flex request + routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed). + host: + type: string + description: >- + Output only. The host that the task is sent to. The host is + constructed from the domain name of the app associated with the + queue's project ID (for example .appspot.com), and the service, + version, and instance. Tasks which were created using the App Engine + SDK might have a custom domain name. For more information, see [How + Requests are + Routed](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed). description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + App Engine Routing. Defines routing characteristics specific to App + Engine - service, version, and instance. For more information about + services, versions, and instances see [An Overview of App + Engine](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine), + [Microservices Architecture on Google App + Engine](https://cloud.google.com/appengine/docs/python/microservices-on-app-engine), + [App Engine Standard request + routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed), + and [App Engine Flex request + routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed). + Using AppEngineRouting requires + [`appengine.applications.get`](https://cloud.google.com/appengine/docs/admin-api/access-control) + Google IAM permission for the project and the following scope: + `https://www.googleapis.com/auth/cloud-platform` + id: AppEngineRouting type: object + HttpRequest: + type: object + id: HttpRequest + description: >- + HTTP request. The task will be pushed to the worker as an HTTP request. + If the worker or the redirected worker acknowledges the task by + returning a successful HTTP response code ([`200` - `299`]), the task + will be removed from the queue. If any other HTTP response code is + returned or no response is received, the task will be retried according + to the following: * User-specified throttling: retry configuration, rate + limits, and the queue's state. * System throttling: To prevent the + worker from overloading, Cloud Tasks may temporarily reduce the queue's + effective rate. User-specified settings will not be changed. System + throttling happens because: * Cloud Tasks backs off on all errors. + Normally the backoff specified in rate limits will be used. But if the + worker returns `429` (Too Many Requests), `503` (Service Unavailable), + or the rate of errors is high, Cloud Tasks will use a higher backoff + rate. The retry specified in the `Retry-After` HTTP response header is + considered. * To prevent traffic spikes and to smooth sudden increases + in traffic, dispatches ramp up slowly when the queue is newly created or + idle and if large numbers of tasks suddenly become available to dispatch + (due to spikes in create task rates, the queue being unpaused, or many + tasks that are scheduled at the same time). properties: - expression: + body: description: >- - Textual representation of an expression in Common Expression - Language syntax. + HTTP request body. A request body is allowed only if the HTTP method + is POST, PUT, or PATCH. It is an error to set body on a task with an + incompatible HttpMethod. type: string - title: - description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + format: byte + httpMethod: + enum: + - HTTP_METHOD_UNSPECIFIED + - POST + - GET + - HEAD + - PUT + - DELETE + - PATCH + - OPTIONS + description: The HTTP method to use for the request. The default is POST. + enumDescriptions: + - HTTP method unspecified + - HTTP POST + - HTTP GET + - HTTP HEAD + - HTTP PUT + - HTTP DELETE + - HTTP PATCH + - HTTP OPTIONS type: string - description: + url: description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + Required. The full url path that the request will be sent to. This + string must begin with either "http://" or "https://". Some examples + are: `http://acme.com` and `https://acme.com/sales:8080`. Cloud + Tasks will encode some characters for safety and compatibility. The + maximum allowed URL length is 2083 characters after encoding. The + `Location` header response from a redirect response [`300` - `399`] + may be followed. The redirect is not counted as a separate attempt. type: string - location: + oauthToken: + $ref: '#/components/schemas/OAuthToken' description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: + If specified, an [OAuth + token](https://developers.google.com/identity/protocols/OAuth2) will + be generated and attached as an `Authorization` header in the HTTP + request. This type of authorization should generally only be used + when calling Google APIs hosted on *.googleapis.com. + oidcToken: + $ref: '#/components/schemas/OidcToken' description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: + If specified, an + [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) + token will be generated and attached as an `Authorization` header in + the HTTP request. This type of authorization can be used for many + scenarios, including calling Cloud Run, or endpoints where you + intend to validate the token yourself. + headers: description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: + HTTP request headers. This map contains the header field names and + values. Headers can be set when the task is created. These headers + represent a subset of the headers that will accompany the task's + HTTP request. Some HTTP request headers will be ignored or replaced. + A partial list of headers that will be ignored or replaced is: * + Host: This will be computed by Cloud Tasks and derived from + HttpRequest.url. * Content-Length: This will be computed by Cloud + Tasks. * User-Agent: This will be set to `"Google-Cloud-Tasks"`. * + `X-Google-*`: Google use only. * `X-AppEngine-*`: Google use only. + `Content-Type` won't be set by Cloud Tasks. You can explicitly set + `Content-Type` to a media type when the task is created. For + example, `Content-Type` can be set to `"application/octet-stream"` + or `"application/json"`. Headers which can have multiple values + (according to RFC2616) can be specified using comma-separated + values. The size of the headers must be less than 80KB. + additionalProperties: type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object + type: object + ListLocationsResponse: properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. + locations: type: array + description: >- + A list of locations that matches the specified filter in the + request. items: - type: string - ListTasksResponse: - id: ListTasksResponse - description: Response message for listing tasks using ListTasks. + $ref: '#/components/schemas/Location' + nextPageToken: + type: string + description: The standard List next-page token. type: object + id: ListLocationsResponse + description: The response message for Locations.ListLocations. + HttpTarget: properties: - tasks: - description: The list of tasks. - type: array + oauthToken: + description: >- + If specified, an [OAuth + token](https://developers.google.com/identity/protocols/OAuth2) is + generated and attached as the `Authorization` header in the HTTP + request. This type of authorization should generally be used only + when calling Google APIs hosted on *.googleapis.com. Note that both + the service account email and the scope MUST be specified when using + the queue-level authorization override. + $ref: '#/components/schemas/OAuthToken' + oidcToken: + $ref: '#/components/schemas/OidcToken' + description: >- + If specified, an + [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) + token is generated and attached as an `Authorization` header in the + HTTP request. This type of authorization can be used for many + scenarios, including calling Cloud Run, or endpoints where you + intend to validate the token yourself. Note that both the service + account email and the audience MUST be specified when using the + queue-level authorization override. + uriOverride: + description: >- + URI override. When specified, overrides the execution URI for all + the tasks in the queue. + $ref: '#/components/schemas/UriOverride' + headerOverrides: items: - $ref: '#/components/schemas/Task' - nextPageToken: + $ref: '#/components/schemas/HeaderOverride' description: >- - A token to retrieve next page of results. To return the next page of - results, call ListTasks with this value as the page_token. If the - next_page_token is empty, there are no more results. + HTTP target headers. This map contains the header field names and + values. Headers will be set when running the CreateTask and/or + BufferTask. These headers represent a subset of the headers that + will be configured for the task's HTTP request. Some HTTP request + headers will be ignored or replaced. A partial list of headers that + will be ignored or replaced is: * Several predefined headers, + prefixed with "X-CloudTasks-", can be used to define properties of + the task. * Host: This will be computed by Cloud Tasks and derived + from HttpRequest.url. * Content-Length: This will be computed by + Cloud Tasks. `Content-Type` won't be set by Cloud Tasks. You can + explicitly set `Content-Type` to a media type when the task is + created. For example,`Content-Type` can be set to + `"application/octet-stream"` or `"application/json"`. The default + value is set to "application/json"`. * User-Agent: This will be set + to `"Google-Cloud-Tasks"`. Headers which can have multiple values + (according to RFC2616) can be specified using comma-separated + values. The size of the headers must be less than 80KB. Queue-level + headers to override headers of all the tasks in the queue. Do not + put business sensitive or personally identifying data in the HTTP + Header Override Configuration or other similar fields in accordance + with Section 12 (Resource Fields) of the [Service Specific + Terms](https://cloud.google.com/terms/service-terms). + type: array + httpMethod: + enumDescriptions: + - HTTP method unspecified + - HTTP POST + - HTTP GET + - HTTP HEAD + - HTTP PUT + - HTTP DELETE + - HTTP PATCH + - HTTP OPTIONS + type: string + description: >- + The HTTP method to use for the request. When specified, it overrides + HttpRequest for the task. Note that if the value is set to + HttpMethod the HttpRequest of the task will be ignored at execution + time. + enum: + - HTTP_METHOD_UNSPECIFIED + - POST + - GET + - HEAD + - PUT + - DELETE + - PATCH + - OPTIONS + type: object + description: >- + HTTP target. When specified as a Queue, all the tasks with [HttpRequest] + will be overridden according to the target. + id: HttpTarget + PathOverride: + id: PathOverride + properties: + path: + description: The URI path (e.g., /users/1234). Default is an empty string. type: string - Task: - id: Task - description: A unit of scheduled work. type: object + description: PathOverride. Path message defines path override for HTTP targets. + SetIamPolicyRequest: + description: Request message for `SetIamPolicy` method. + id: SetIamPolicyRequest properties: - name: + policy: description: >- - Optionally caller-specified in CreateTask. The task name. The task - name must have the following format: - `projects/PROJECT_ID/locations/LOCATION_ID/queues/QUEUE_ID/tasks/TASK_ID` - * `PROJECT_ID` can contain letters ([A-Za-z]), numbers ([0-9]), - hyphens (-), colons (:), or periods (.). For more information, see - [Identifying - projects](https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects) - * `LOCATION_ID` is the canonical ID for the task's location. The - list of available locations can be obtained by calling - ListLocations. For more information, see - https://cloud.google.com/about/locations/. * `QUEUE_ID` can contain - letters ([A-Za-z]), numbers ([0-9]), or hyphens (-). The maximum - length is 100 characters. * `TASK_ID` can contain only letters - ([A-Za-z]), numbers ([0-9]), hyphens (-), or underscores (_). The - maximum length is 500 characters. + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' + type: object + Attempt: + description: The status of a task attempt. + id: Attempt + properties: + responseTime: type: string - appEngineHttpRequest: - description: >- - HTTP request that is sent to the App Engine app handler. An App - Engine task is a task that has AppEngineHttpRequest set. - $ref: '#/components/schemas/AppEngineHttpRequest' - httpRequest: - description: >- - HTTP request that is sent to the worker. An HTTP task is a task that - has HttpRequest set. - $ref: '#/components/schemas/HttpRequest' - scheduleTime: description: >- - The time when the task is scheduled to be attempted or retried. - `schedule_time` will be truncated to the nearest microsecond. - type: string + Output only. The time that this attempt response was received. + `response_time` will be truncated to the nearest microsecond. format: google-datetime - createTime: + dispatchTime: description: >- - Output only. The time that the task was created. `create_time` will - be truncated to the nearest second. + Output only. The time that this attempt was dispatched. + `dispatch_time` will be truncated to the nearest microsecond. type: string format: google-datetime - dispatchDeadline: - description: >- - The deadline for requests sent to the worker. If the worker does not - respond by this deadline then the request is cancelled and the - attempt is marked as a `DEADLINE_EXCEEDED` failure. Cloud Tasks will - retry the task according to the RetryConfig. Note that when the - request is cancelled, Cloud Tasks will stop listening for the - response, but whether the worker stops processing depends on the - worker. For example, if the worker is stuck, it may not react to - cancelled requests. The default and maximum values depend on the - type of request: * For HTTP tasks, the default is 10 minutes. The - deadline must be in the interval [15 seconds, 30 minutes]. * For App - Engine tasks, 0 indicates that the request has the default deadline. - The default deadline depends on the [scaling - type](https://cloud.google.com/appengine/docs/standard/go/how-instances-are-managed#instance_scaling) - of the service: 10 minutes for standard apps with automatic scaling, - 24 hours for standard apps with manual and basic scaling, and 60 - minutes for flex apps. If the request deadline is set, it must be in - the interval [15 seconds, 24 hours 15 seconds]. Regardless of the - task's `dispatch_deadline`, the app handler will not run for longer - than than the service's timeout. We recommend setting the - `dispatch_deadline` to at most a few seconds more than the app - handler's timeout. For more information see - [Timeouts](https://cloud.google.com/tasks/docs/creating-appengine-handlers#timeouts). - The value must be given as a string that indicates the length of - time (in seconds) followed by `s` (for "seconds"). For more - information on the format, see the documentation for - [Duration](https://protobuf.dev/reference/protobuf/google.protobuf/#duration). - `dispatch_deadline` will be truncated to the nearest millisecond. - The deadline is an approximate deadline. + scheduleTime: type: string - format: google-duration - dispatchCount: - description: >- - Output only. The number of attempts dispatched. This count includes - attempts which have been dispatched but haven't received a response. - type: integer - format: int32 - responseCount: - description: Output only. The number of attempts which have received a response. - type: integer - format: int32 - firstAttempt: description: >- - Output only. The status of the task's first attempt. Only - dispatch_time will be set. The other Attempt information is not - retained by Cloud Tasks. - $ref: '#/components/schemas/Attempt' - lastAttempt: - description: Output only. The status of the task's last attempt. - $ref: '#/components/schemas/Attempt' - view: + Output only. The time that this attempt was scheduled. + `schedule_time` will be truncated to the nearest microsecond. + format: google-datetime + responseStatus: + $ref: '#/components/schemas/Status' description: >- - Output only. The view specifies which subset of the Task has been - returned. - type: string - enumDescriptions: - - Unspecified. Defaults to BASIC. - - >- - The basic view omits fields which can be large or can contain - sensitive data. This view does not include the body in - AppEngineHttpRequest. Bodies are desirable to return only when - needed, because they can be large and because of the sensitivity - of the data that you choose to store in it. - - >- - All information is returned. Authorization for FULL requires - `cloudtasks.tasks.fullView` [Google - IAM](https://cloud.google.com/iam/) permission on the Queue - resource. - enum: - - VIEW_UNSPECIFIED - - BASIC - - FULL + Output only. The response from the worker for this attempt. If + `response_time` is unset, then the task has not been attempted or is + currently running and the `response_status` field is meaningless. + type: object AppEngineHttpRequest: - id: AppEngineHttpRequest description: >- App Engine HTTP request. The message defines the HTTP request that is sent to an App Engine app when the task is dispatched. Using @@ -1161,38 +1366,9 @@ components: queue's dispatches. Unlike other types of task targets, a `429` (Too Many Requests) response from an app handler does not cause traffic congestion control to throttle the queue. + id: AppEngineHttpRequest type: object properties: - httpMethod: - description: >- - The HTTP method to use for the request. The default is POST. The - app's request handler for the task's target URL must be able to - handle HTTP requests with this http_method, otherwise the task - attempt fails with error code 405 (Method Not Allowed). See [Writing - a push task request - handler](https://cloud.google.com/appengine/docs/java/taskqueue/push/creating-handlers#writing_a_push_task_request_handler) - and the App Engine documentation for your runtime on [How Requests - are - Handled](https://cloud.google.com/appengine/docs/standard/python3/how-requests-are-handled). - type: string - enumDescriptions: - - HTTP method unspecified - - HTTP POST - - HTTP GET - - HTTP HEAD - - HTTP PUT - - HTTP DELETE - - HTTP PATCH - - HTTP OPTIONS - enum: - - HTTP_METHOD_UNSPECIFIED - - POST - - GET - - HEAD - - PUT - - DELETE - - PATCH - - OPTIONS appEngineRouting: description: >- Task-level setting for App Engine routing. * If @@ -1208,89 +1384,8 @@ components: be used. No spaces are allowed, and the maximum length allowed is 2083 characters. type: string - headers: - description: >- - HTTP request headers. This map contains the header field names and - values. Headers can be set when the task is created. Repeated - headers are not supported but a header value can contain commas. - Cloud Tasks sets some headers to default values: * `User-Agent`: By - default, this header is `"AppEngine-Google; - (+http://code.google.com/appengine)"`. This header can be modified, - but Cloud Tasks will append `"AppEngine-Google; - (+http://code.google.com/appengine)"` to the modified `User-Agent`. - If the task has a body, Cloud Tasks sets the following headers: * - `Content-Type`: By default, the `Content-Type` header is set to - `"application/octet-stream"`. The default can be overridden by - explicitly setting `Content-Type` to a particular media type when - the task is created. For example, `Content-Type` can be set to - `"application/json"`. * `Content-Length`: This is computed by Cloud - Tasks. This value is output only. It cannot be changed. The headers - below cannot be set or overridden: * `Host` * `X-Google-*` * - `X-AppEngine-*` In addition, Cloud Tasks sets some headers when the - task is dispatched, such as headers containing information about the - task; see [request - headers](https://cloud.google.com/tasks/docs/creating-appengine-handlers#reading_request_headers). - These headers are set only when the task is dispatched, so they are - not visible when the task is returned in a Cloud Tasks response. - Although there is no specific limit for the maximum number of - headers or the size, there is a limit on the maximum size of the - Task. For more information, see the CreateTask documentation. - type: object - additionalProperties: - type: string - body: - description: >- - HTTP request body. A request body is allowed only if the HTTP method - is POST or PUT. It is an error to set a body on a task with an - incompatible HttpMethod. - type: string - format: byte - HttpRequest: - id: HttpRequest - description: >- - HTTP request. The task will be pushed to the worker as an HTTP request. - If the worker or the redirected worker acknowledges the task by - returning a successful HTTP response code ([`200` - `299`]), the task - will be removed from the queue. If any other HTTP response code is - returned or no response is received, the task will be retried according - to the following: * User-specified throttling: retry configuration, rate - limits, and the queue's state. * System throttling: To prevent the - worker from overloading, Cloud Tasks may temporarily reduce the queue's - effective rate. User-specified settings will not be changed. System - throttling happens because: * Cloud Tasks backs off on all errors. - Normally the backoff specified in rate limits will be used. But if the - worker returns `429` (Too Many Requests), `503` (Service Unavailable), - or the rate of errors is high, Cloud Tasks will use a higher backoff - rate. The retry specified in the `Retry-After` HTTP response header is - considered. * To prevent traffic spikes and to smooth sudden increases - in traffic, dispatches ramp up slowly when the queue is newly created or - idle and if large numbers of tasks suddenly become available to dispatch - (due to spikes in create task rates, the queue being unpaused, or many - tasks that are scheduled at the same time). - type: object - properties: - url: - description: >- - Required. The full url path that the request will be sent to. This - string must begin with either "http://" or "https://". Some examples - are: `http://acme.com` and `https://acme.com/sales:8080`. Cloud - Tasks will encode some characters for safety and compatibility. The - maximum allowed URL length is 2083 characters after encoding. The - `Location` header response from a redirect response [`300` - `399`] - may be followed. The redirect is not counted as a separate attempt. - type: string httpMethod: - description: The HTTP method to use for the request. The default is POST. type: string - enumDescriptions: - - HTTP method unspecified - - HTTP POST - - HTTP GET - - HTTP HEAD - - HTTP PUT - - HTTP DELETE - - HTTP PATCH - - HTTP OPTIONS enum: - HTTP_METHOD_UNSPECIFIED - POST @@ -1300,309 +1395,217 @@ components: - DELETE - PATCH - OPTIONS + enumDescriptions: + - HTTP method unspecified + - HTTP POST + - HTTP GET + - HTTP HEAD + - HTTP PUT + - HTTP DELETE + - HTTP PATCH + - HTTP OPTIONS + description: >- + The HTTP method to use for the request. The default is POST. The + app's request handler for the task's target URL must be able to + handle HTTP requests with this http_method, otherwise the task + attempt fails with error code 405 (Method Not Allowed). See [Writing + a push task request + handler](https://cloud.google.com/appengine/docs/java/taskqueue/push/creating-handlers#writing_a_push_task_request_handler) + and the App Engine documentation for your runtime on [How Requests + are + Handled](https://cloud.google.com/appengine/docs/standard/python3/how-requests-are-handled). headers: description: >- HTTP request headers. This map contains the header field names and - values. Headers can be set when the task is created. These headers - represent a subset of the headers that will accompany the task's - HTTP request. Some HTTP request headers will be ignored or replaced. - A partial list of headers that will be ignored or replaced is: * - Host: This will be computed by Cloud Tasks and derived from - HttpRequest.url. * Content-Length: This will be computed by Cloud - Tasks. * User-Agent: This will be set to `"Google-Cloud-Tasks"`. * - `X-Google-*`: Google use only. * `X-AppEngine-*`: Google use only. - `Content-Type` won't be set by Cloud Tasks. You can explicitly set - `Content-Type` to a media type when the task is created. For - example, `Content-Type` can be set to `"application/octet-stream"` - or `"application/json"`. Headers which can have multiple values - (according to RFC2616) can be specified using comma-separated - values. The size of the headers must be less than 80KB. + values. Headers can be set when the task is created. Repeated + headers are not supported but a header value can contain commas. + Cloud Tasks sets some headers to default values: * `User-Agent`: By + default, this header is `"AppEngine-Google; + (+http://code.google.com/appengine)"`. This header can be modified, + but Cloud Tasks will append `"AppEngine-Google; + (+http://code.google.com/appengine)"` to the modified `User-Agent`. + If the task has a body, Cloud Tasks sets the following headers: * + `Content-Type`: By default, the `Content-Type` header is set to + `"application/octet-stream"`. The default can be overridden by + explicitly setting `Content-Type` to a particular media type when + the task is created. For example, `Content-Type` can be set to + `"application/json"`. * `Content-Length`: This is computed by Cloud + Tasks. This value is output only. It cannot be changed. The headers + below cannot be set or overridden: * `Host` * `X-Google-*` * + `X-AppEngine-*` In addition, Cloud Tasks sets some headers when the + task is dispatched, such as headers containing information about the + task; see [request + headers](https://cloud.google.com/tasks/docs/creating-appengine-handlers#reading_request_headers). + These headers are set only when the task is dispatched, so they are + not visible when the task is returned in a Cloud Tasks response. + Although there is no specific limit for the maximum number of + headers or the size, there is a limit on the maximum size of the + Task. For more information, see the CreateTask documentation. type: object additionalProperties: type: string body: - description: >- - HTTP request body. A request body is allowed only if the HTTP method - is POST, PUT, or PATCH. It is an error to set body on a task with an - incompatible HttpMethod. type: string format: byte - oauthToken: - description: >- - If specified, an [OAuth - token](https://developers.google.com/identity/protocols/OAuth2) will - be generated and attached as an `Authorization` header in the HTTP - request. This type of authorization should generally only be used - when calling Google APIs hosted on *.googleapis.com. - $ref: '#/components/schemas/OAuthToken' - oidcToken: description: >- - If specified, an - [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) - token will be generated and attached as an `Authorization` header in - the HTTP request. This type of authorization can be used for many - scenarios, including calling Cloud Run, or endpoints where you - intend to validate the token yourself. - $ref: '#/components/schemas/OidcToken' - Attempt: - id: Attempt - description: The status of a task attempt. + HTTP request body. A request body is allowed only if the HTTP method + is POST or PUT. It is an error to set a body on a task with an + incompatible HttpMethod. + UriOverride: type: object - properties: - scheduleTime: - description: >- - Output only. The time that this attempt was scheduled. - `schedule_time` will be truncated to the nearest microsecond. - type: string - format: google-datetime - dispatchTime: - description: >- - Output only. The time that this attempt was dispatched. - `dispatch_time` will be truncated to the nearest microsecond. - type: string - format: google-datetime - responseTime: - description: >- - Output only. The time that this attempt response was received. - `response_time` will be truncated to the nearest microsecond. - type: string - format: google-datetime - responseStatus: - description: >- - Output only. The response from the worker for this attempt. If - `response_time` is unset, then the task has not been attempted or is - currently running and the `response_status` field is meaningless. - $ref: '#/components/schemas/Status' - Status: - id: Status + id: UriOverride description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object + URI Override. When specified, all the HTTP tasks inside the queue will + be partially or fully overridden depending on the configured values. properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + host: type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - CreateTaskRequest: - id: CreateTaskRequest - description: Request message for CreateTask. - type: object - properties: - task: - description: >- - Required. The task to add. Task names have the following format: - `projects/PROJECT_ID/locations/LOCATION_ID/queues/QUEUE_ID/tasks/TASK_ID`. - The user can optionally specify a task name. If a name is not - specified then the system will generate a random unique task id, - which will be set in the task returned in the response. If - schedule_time is not set or is in the past then Cloud Tasks will set - it to the current time. Task De-duplication: Explicitly specifying a - task ID enables task de-duplication. If a task's ID is identical to - that of an existing task or a task that was deleted or executed - recently then the call will fail with ALREADY_EXISTS. The IDs of - deleted tasks are not immediately available for reuse. It can take - up to 4 hours (or 9 days if the task's queue was created using a - queue.yaml or queue.xml) for the task ID to be released and made - available again. Because there is an extra lookup cost to identify - duplicate task names, these CreateTask calls have significantly - increased latency. Using hashed strings for the task id or for the - prefix of the task id is recommended. Choosing task ids that are - sequential or have sequential prefixes, for example using a - timestamp, causes an increase in latency and error rates in all task - commands. The infrastructure relies on an approximately uniform - distribution of task ids to store and serve tasks efficiently. - $ref: '#/components/schemas/Task' - responseView: description: >- - The response_view specifies which subset of the Task will be - returned. By default response_view is BASIC; not all information is - retrieved by default because some data, such as payloads, might be - desirable to return only when needed because of its large size or - because of the sensitivity of data that it contains. Authorization - for FULL requires `cloudtasks.tasks.fullView` [Google - IAM](https://cloud.google.com/iam/) permission on the Task resource. - type: string + Host override. When specified, replaces the host part of the task + URL. For example, if the task URL is "https://www.google.com," and + host value is set to "example.net", the overridden URI will be + changed to "https://example.net." Host value cannot be an empty + string (INVALID_ARGUMENT). + scheme: enumDescriptions: - - Unspecified. Defaults to BASIC. + - Scheme unspecified. Defaults to HTTPS. - >- - The basic view omits fields which can be large or can contain - sensitive data. This view does not include the body in - AppEngineHttpRequest. Bodies are desirable to return only when - needed, because they can be large and because of the sensitivity - of the data that you choose to store in it. + Convert the scheme to HTTP, e.g., "https://www.example.com" will + change to "http://www.example.com". - >- - All information is returned. Authorization for FULL requires - `cloudtasks.tasks.fullView` [Google - IAM](https://cloud.google.com/iam/) permission on the Queue - resource. - enum: - - VIEW_UNSPECIFIED - - BASIC - - FULL - RunTaskRequest: - id: RunTaskRequest - description: Request message for forcing a task to run now using RunTask. - type: object - properties: - responseView: - description: >- - The response_view specifies which subset of the Task will be - returned. By default response_view is BASIC; not all information is - retrieved by default because some data, such as payloads, might be - desirable to return only when needed because of its large size or - because of the sensitivity of data that it contains. Authorization - for FULL requires `cloudtasks.tasks.fullView` [Google - IAM](https://cloud.google.com/iam/) permission on the Task resource. + Convert the scheme to HTTPS, e.g., "http://www.example.com" will + change to "https://www.example.com". type: string - enumDescriptions: - - Unspecified. Defaults to BASIC. - - >- - The basic view omits fields which can be large or can contain - sensitive data. This view does not include the body in - AppEngineHttpRequest. Bodies are desirable to return only when - needed, because they can be large and because of the sensitivity - of the data that you choose to store in it. - - >- - All information is returned. Authorization for FULL requires - `cloudtasks.tasks.fullView` [Google - IAM](https://cloud.google.com/iam/) permission on the Queue - resource. enum: - - VIEW_UNSPECIFIED - - BASIC - - FULL - CmekConfig: - id: CmekConfig - description: >- - Describes the customer-managed encryption key (CMEK) configuration - associated with a project and location. - type: object - properties: - name: + - SCHEME_UNSPECIFIED + - HTTP + - HTTPS description: >- - Output only. The config resource name which includes the project and - location and must end in 'cmekConfig', in the format - projects/PROJECT_ID/locations/LOCATION_ID/cmekConfig` - readOnly: true - type: string - kmsKey: + Scheme override. When specified, the task URI scheme is replaced by + the provided value (HTTP or HTTPS). + pathOverride: + $ref: '#/components/schemas/PathOverride' description: >- - Resource name of the Cloud KMS key, of the form - `projects/PROJECT_ID/locations/LOCATION_ID/keyRings/KEY_RING_ID/cryptoKeys/KEY_ID`, - that will be used to encrypt the Queues & Tasks in the region. - Setting this as blank will turn off CMEK encryption. + URI path. When specified, replaces the existing path of the task + URL. Setting the path value to an empty string clears the URI path + segment. + queryOverride: + description: >- + URI query. When specified, replaces the query part of the task URI. + Setting the query value to an empty string clears the URI query + segment. + $ref: '#/components/schemas/QueryOverride' + uriOverrideEnforceMode: + description: >- + URI Override Enforce Mode When specified, determines the Target + UriOverride mode. If not specified, it defaults to ALWAYS. type: string - BufferTaskRequest: - id: BufferTaskRequest - description: Request message for BufferTask. - type: object - properties: - body: + enum: + - URI_OVERRIDE_ENFORCE_MODE_UNSPECIFIED + - IF_NOT_EXISTS + - ALWAYS + enumDescriptions: + - UriOverrideEnforceMode Unspecified. Defaults to ALWAYS. + - >- + In the IF_NOT_EXISTS mode, queue-level configuration is only + applied where task-level configuration does not exist. + - >- + In the ALWAYS mode, queue-level configuration overrides all + task-level configuration + port: description: >- - Optional. Body of the HTTP request. The body can take any generic - value. The value is written to the HttpRequest of the [Task]. - $ref: '#/components/schemas/HttpBody' - HttpBody: - id: HttpBody + Port override. When specified, replaces the port part of the task + URI. For instance, for a URI "https://www.example.com/example" and + port=123, the overridden URI becomes + "https://www.example.com:123/example". Note that the port value must + be a positive integer. Setting the port to 0 (Zero) clears the URI + port. + format: int64 + type: string + RateLimits: description: >- - Message that represents an arbitrary HTTP body. It should only be used - for payload formats that can't be represented as JSON, such as raw - binary or an HTML page. This message can be used both in streaming and - non-streaming API methods in the request as well as the response. It can - be used as a top-level request field, which is convenient if one wants - to extract parameters from either the URL or HTTP template into the - request fields and also want access to the raw HTTP body. Example: - message GetResourceRequest { // A unique request id. string request_id = - 1; // The raw HTTP body is bound to this field. google.api.HttpBody - http_body = 2; } service ResourceService { rpc - GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc - UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } - Example with streaming methods: service CaldavService { rpc - GetCalendar(stream google.api.HttpBody) returns (stream - google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) - returns (stream google.api.HttpBody); } Use of this type only changes - how the request and response bodies are handled, all other features will - continue to work unchanged. + Rate limits. This message determines the maximum rate that tasks can be + dispatched by a queue, regardless of whether the dispatch is a first + task attempt or a retry. Note: The debugging command, RunTask, will run + a task even if the queue has reached its RateLimits. type: object properties: - contentType: + maxBurstSize: + type: integer + format: int32 description: >- - The HTTP Content-Type header value specifying the content type of - the body. - type: string - data: - description: The HTTP request/response body as raw binary. - type: string - format: byte - extensions: + Output only. The max burst size. Max burst size limits how fast + tasks in queue are processed when many tasks are in the queue and + the rate is high. This field allows the queue to have a high rate so + processing starts shortly after a task is enqueued, but still limits + resource usage when many tasks are enqueued in a short period of + time. The [token bucket](https://wikipedia.org/wiki/Token_Bucket) + algorithm is used to control the rate of task dispatches. Each queue + has a token bucket that holds tokens, up to the maximum specified by + `max_burst_size`. Each time a task is dispatched, a token is removed + from the bucket. Tasks will be dispatched until the queue's bucket + runs out of tokens. The bucket will be continuously refilled with + new tokens based on max_dispatches_per_second. Cloud Tasks will pick + the value of `max_burst_size` based on the value of + max_dispatches_per_second. For queues that were created or updated + using `queue.yaml/xml`, `max_burst_size` is equal to + [bucket_size](https://cloud.google.com/appengine/docs/standard/python/config/queueref#bucket_size). + Since `max_burst_size` is output only, if UpdateQueue is called on a + queue created by `queue.yaml/xml`, `max_burst_size` will be reset + based on the value of max_dispatches_per_second, regardless of + whether max_dispatches_per_second is updated. + maxDispatchesPerSecond: + format: double description: >- - Application specific response metadata. Must be set in the first - response for streaming APIs. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - BufferTaskResponse: - id: BufferTaskResponse - description: Response message for BufferTask. - type: object - properties: - task: - description: The created task. - $ref: '#/components/schemas/Task' + The maximum rate at which tasks are dispatched from this queue. If + unspecified when the queue is created, Cloud Tasks will pick the + default. * The maximum allowed value is 500. This field has the same + meaning as [rate in + queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#rate). + type: number + maxConcurrentDispatches: + type: integer + description: >- + The maximum number of concurrent tasks that Cloud Tasks allows to be + dispatched for this queue. After this threshold has been reached, + Cloud Tasks stops dispatching tasks until the number of concurrent + requests decreases. If unspecified when the queue is created, Cloud + Tasks will pick the default. The maximum allowed value is 5,000. + This field has the same meaning as [max_concurrent_requests in + queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#max_concurrent_requests). + format: int32 + id: RateLimits parameters: - access_token: - description: OAuth access token. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: access_token + name: upload_protocol schema: type: string - alt: - description: Data format for response. + access_token: + description: OAuth access token. in: query - name: alt + name: access_token schema: type: string - enum: - - json - - media - - proto - callback: - description: JSONP + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: callback + name: prettyPrint schema: - type: string + type: boolean fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string key: description: >- API key. Your API key identifies your project and provides you with API @@ -1612,18 +1615,21 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + _.xgafv: + description: V1 error format. in: query - name: oauth_token + name: $.xgafv schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + enum: + - '1' + - '2' + callback: + description: JSONP in: query - name: prettyPrint + name: callback schema: - type: boolean + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -1633,27 +1639,22 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + alt: + description: Data format for response. in: query - name: upload_protocol + name: alt schema: type: string + enum: + - json + - media + - proto uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query name: uploadType schema: type: string - _.xgafv: - description: V1 error format. - in: query - name: $.xgafv - schema: - type: string - enum: - - '1' - - '2' x-stackQL-resources: locations: id: google.cloudtasks.locations @@ -1686,17 +1687,17 @@ components: name: cmek_config title: Cmek_config methods: - update_cmek_config: + get_cmek_config: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1cmekConfig/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1cmekConfig/get response: mediaType: application/json openAPIDocKey: '200' - get_cmek_config: + update_cmek_config: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1cmekConfig/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1cmekConfig/patch response: mediaType: application/json openAPIDocKey: '200' @@ -1710,23 +1711,59 @@ components: #/components/x-stackQL-resources/cmek_config/methods/update_cmek_config replace: [] delete: [] + queues_iam_policies: + id: google.cloudtasks.queues_iam_policies + name: queues_iam_policies + title: Queues_iam_policies + methods: + set_iam_policy: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + test_iam_permissions: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + get_iam_policy: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}:getIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/queues_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/queues_iam_policies/methods/set_iam_policy + delete: [] queues: id: google.cloudtasks.queues name: queues title: Queues methods: - list: + delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.queues - create: + patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -1737,38 +1774,39 @@ components: response: mediaType: application/json openAPIDocKey: '200' - patch: + resume: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}:resume/post response: mediaType: application/json openAPIDocKey: '200' - delete: + purge: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}:purge/post response: mediaType: application/json openAPIDocKey: '200' - purge: + create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}:purge/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues/post response: mediaType: application/json openAPIDocKey: '200' - pause: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}:pause/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues/get response: mediaType: application/json openAPIDocKey: '200' - resume: + objectKey: $.queues + pause: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}:resume/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}:pause/post response: mediaType: application/json openAPIDocKey: '200' @@ -1783,56 +1821,18 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/queues/methods/delete' - queues_iam_policies: - id: google.cloudtasks.queues_iam_policies - name: queues_iam_policies - title: Queues_iam_policies - methods: - get_iam_policy: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}:getIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - set_iam_policy: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - test_iam_permissions: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/queues_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/queues_iam_policies/methods/set_iam_policy - delete: [] tasks: id: google.cloudtasks.tasks name: tasks title: Tasks methods: - list: + buffer: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}~1tasks/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}~1tasks~1{taskId}:buffer/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tasks create: operation: $ref: >- @@ -1840,13 +1840,14 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}~1tasks~1{tasksId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}~1tasks/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.tasks delete: operation: $ref: >- @@ -1854,17 +1855,17 @@ components: response: mediaType: application/json openAPIDocKey: '200' - run: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}~1tasks~1{tasksId}:run/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}~1tasks~1{tasksId}/get response: mediaType: application/json openAPIDocKey: '200' - buffer: + run: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}~1tasks~1{taskId}:buffer/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1queues~1{queuesId}~1tasks~1{tasksId}:run/post response: mediaType: application/json openAPIDocKey: '200' @@ -1881,17 +1882,17 @@ components: paths: /v2/projects/{projectsId}/locations: parameters: &ref_1 + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' get: description: Lists information about the supported locations for this service. operationId: cloudtasks.projects.locations.list @@ -1914,27 +1915,30 @@ paths: schema: type: string - in: query - name: filter + name: pageToken schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: filter schema: type: string - in: query name: extraLocationTypes schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/projects/{projectsId}/locations/{locationsId}/cmekConfig: parameters: *ref_1 get: - description: Gets information about a location. - operationId: cloudtasks.projects.locations.get + description: >- + Gets the CMEK config. Gets the Customer Managed Encryption Key + configured with the Cloud Tasks lcoation. By default there is no kms_key + configured. + operationId: cloudtasks.projects.locations.getCmekConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1946,7 +1950,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/CmekConfig' parameters: - in: path name: projectsId @@ -1958,8 +1962,6 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/cmekConfig: - parameters: *ref_1 patch: description: >- Creates or Updates a CMEK config. Updates the Customer Managed @@ -2000,40 +2002,11 @@ paths: schema: type: string format: google-fieldmask - get: - description: >- - Gets the CMEK config. Gets the Customer Managed Encryption Key - configured with the Cloud Tasks lcoation. By default there is no kms_key - configured. - operationId: cloudtasks.projects.locations.getCmekConfig - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/CmekConfig' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/queues: + /v2/projects/{projectsId}/locations/{locationsId}: parameters: *ref_1 get: - description: Lists queues. Queues are returned in lexicographical order. - operationId: cloudtasks.projects.locations.queues.list + description: Gets information about a location. + operationId: cloudtasks.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2045,7 +2018,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListQueuesResponse' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId @@ -2057,35 +2030,22 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string + /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}:setIamPolicy: + parameters: *ref_1 post: description: >- - Creates a queue. Queues created with this method allow tasks to live for - a maximum of 31 days. After a task is 31 days old, the task will be - deleted regardless of whether it was dispatched or not. WARNING: Using - this method may have unintended side effects if you are using an App - Engine `queue.yaml` or `queue.xml` file to manage your queues. Read - [Overview of Queue Management and - queue.yaml](https://cloud.google.com/tasks/docs/queue-yaml) before using - this method. - operationId: cloudtasks.projects.locations.queues.create + Sets the access control policy for a Queue. Replaces any existing + policy. Note: The Cloud Console does not check queue-level IAM + permissions yet. Project-level permissions are required to use the Cloud + Console. Authorization requires the following [Google + IAM](https://cloud.google.com/iam) permission on the specified resource + parent: * `cloudtasks.queues.setIamPolicy` + operationId: cloudtasks.projects.locations.queues.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/Queue' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2097,7 +2057,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Queue' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2109,11 +2069,31 @@ paths: required: true schema: type: string + - in: path + name: queuesId + required: true + schema: + type: string /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}: parameters: *ref_1 - get: - description: Gets a queue. - operationId: cloudtasks.projects.locations.queues.get + delete: + description: >- + Deletes a queue. This command will delete the queue even if it has tasks + in it. Note: If you delete a queue, you may be prevented from creating a + new queue with the same name as the deleted queue for a tombstone window + of up to 3 days. During this window, the CreateQueue operation may + appear to recreate the queue, but this can be misleading. If you attempt + to create a queue with the same name as one that is in the tombstone + window, run GetQueue to confirm that the queue creation was successful. + If GetQueue returns 200 response code, your queue was successfully + created with the name of the previously deleted queue. Otherwise, your + queue did not successfully recreate. WARNING: Using this method may have + unintended side effects if you are using an App Engine `queue.yaml` or + `queue.xml` file to manage your queues. Read [Overview of Queue + Management and + queue.yaml](https://cloud.google.com/tasks/docs/queue-yaml) before using + this method. + operationId: cloudtasks.projects.locations.queues.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2125,7 +2105,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Queue' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2192,24 +2172,54 @@ paths: schema: type: string format: google-fieldmask - delete: + get: + description: Gets a queue. + operationId: cloudtasks.projects.locations.queues.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Queue' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: queuesId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}:resume: + parameters: *ref_1 + post: description: >- - Deletes a queue. This command will delete the queue even if it has tasks - in it. Note: If you delete a queue, you may be prevented from creating a - new queue with the same name as the deleted queue for a tombstone window - of up to 3 days. During this window, the CreateQueue operation may - appear to recreate the queue, but this can be misleading. If you attempt - to create a queue with the same name as one that is in the tombstone - window, run GetQueue to confirm that the queue creation was successful. - If GetQueue returns 200 response code, your queue was successfully - created with the name of the previously deleted queue. Otherwise, your - queue did not successfully recreate. WARNING: Using this method may have - unintended side effects if you are using an App Engine `queue.yaml` or - `queue.xml` file to manage your queues. Read [Overview of Queue - Management and - queue.yaml](https://cloud.google.com/tasks/docs/queue-yaml) before using - this method. - operationId: cloudtasks.projects.locations.queues.delete + Resume a queue. This method resumes a queue after it has been PAUSED or + DISABLED. The state of a queue is stored in the queue's state; after + calling this method it will be set to RUNNING. WARNING: Resuming many + high-QPS queues at the same time can lead to target overloading. If you + are resuming high-QPS queues, follow the 500/50/5 pattern described in + [Managing Cloud Tasks Scaling + Risks](https://cloud.google.com/tasks/docs/manage-cloud-task-scaling). + operationId: cloudtasks.projects.locations.queues.resume + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ResumeQueueRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2221,7 +2231,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Queue' parameters: - in: path name: projectsId @@ -2238,20 +2248,21 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}:purge: + /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}:testIamPermissions: parameters: *ref_1 post: description: >- - Purges a queue by deleting all of its tasks. All tasks created before - this method is called are permanently deleted. Purge operations can take - up to one minute to take effect. Tasks might be dispatched before the - purge takes effect. A purge is irreversible. - operationId: cloudtasks.projects.locations.queues.purge + Returns permissions that a caller has on a Queue. If the resource does + not exist, this will return an empty set of permissions, not a NOT_FOUND + error. Note: This operation is designed to be used for building + permission-aware UIs and command-line tools, not for authorization + checking. This operation may "fail open" without warning. + operationId: cloudtasks.projects.locations.queues.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/PurgeQueueRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2263,7 +2274,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Queue' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -2280,20 +2291,20 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}:pause: + /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}:purge: parameters: *ref_1 post: description: >- - Pauses the queue. If a queue is paused then the system will stop - dispatching tasks until the queue is resumed via ResumeQueue. Tasks can - still be added when the queue is paused. A queue is paused if its state - is PAUSED. - operationId: cloudtasks.projects.locations.queues.pause + Purges a queue by deleting all of its tasks. All tasks created before + this method is called are permanently deleted. Purge operations can take + up to one minute to take effect. Tasks might be dispatched before the + purge takes effect. A purge is irreversible. + operationId: cloudtasks.projects.locations.queues.purge requestBody: content: application/json: schema: - $ref: '#/components/schemas/PauseQueueRequest' + $ref: '#/components/schemas/PurgeQueueRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2322,23 +2333,24 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}:resume: + /v2/projects/{projectsId}/locations/{locationsId}/queues: parameters: *ref_1 post: description: >- - Resume a queue. This method resumes a queue after it has been PAUSED or - DISABLED. The state of a queue is stored in the queue's state; after - calling this method it will be set to RUNNING. WARNING: Resuming many - high-QPS queues at the same time can lead to target overloading. If you - are resuming high-QPS queues, follow the 500/50/5 pattern described in - [Managing Cloud Tasks Scaling - Risks](https://cloud.google.com/tasks/docs/manage-cloud-task-scaling). - operationId: cloudtasks.projects.locations.queues.resume + Creates a queue. Queues created with this method allow tasks to live for + a maximum of 31 days. After a task is 31 days old, the task will be + deleted regardless of whether it was dispatched or not. WARNING: Using + this method may have unintended side effects if you are using an App + Engine `queue.yaml` or `queue.xml` file to manage your queues. Read + [Overview of Queue Management and + queue.yaml](https://cloud.google.com/tasks/docs/queue-yaml) before using + this method. + operationId: cloudtasks.projects.locations.queues.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/ResumeQueueRequest' + $ref: '#/components/schemas/Queue' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2362,26 +2374,9 @@ paths: required: true schema: type: string - - in: path - name: queuesId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}:getIamPolicy: - parameters: *ref_1 - post: - description: >- - Gets the access control policy for a Queue. Returns an empty policy if - the resource exists and does not have a policy set. Authorization - requires the following [Google IAM](https://cloud.google.com/iam) - permission on the specified resource parent: * - `cloudtasks.queues.getIamPolicy` - operationId: cloudtasks.projects.locations.queues.getIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + get: + description: Lists queues. Queues are returned in lexicographical order. + operationId: cloudtasks.projects.locations.queues.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2393,7 +2388,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListQueuesResponse' parameters: - in: path name: projectsId @@ -2405,27 +2400,33 @@ paths: required: true schema: type: string - - in: path - name: queuesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}:setIamPolicy: + - in: query + name: pageToken + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}:pause: parameters: *ref_1 post: description: >- - Sets the access control policy for a Queue. Replaces any existing - policy. Note: The Cloud Console does not check queue-level IAM - permissions yet. Project-level permissions are required to use the Cloud - Console. Authorization requires the following [Google - IAM](https://cloud.google.com/iam) permission on the specified resource - parent: * `cloudtasks.queues.setIamPolicy` - operationId: cloudtasks.projects.locations.queues.setIamPolicy + Pauses the queue. If a queue is paused then the system will stop + dispatching tasks until the queue is resumed via ResumeQueue. Tasks can + still be added when the queue is paused. A queue is paused if its state + is PAUSED. + operationId: cloudtasks.projects.locations.queues.pause requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/PauseQueueRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2437,7 +2438,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Queue' parameters: - in: path name: projectsId @@ -2454,21 +2455,21 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}:testIamPermissions: + /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}:getIamPolicy: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on a Queue. If the resource does - not exist, this will return an empty set of permissions, not a NOT_FOUND - error. Note: This operation is designed to be used for building - permission-aware UIs and command-line tools, not for authorization - checking. This operation may "fail open" without warning. - operationId: cloudtasks.projects.locations.queues.testIamPermissions + Gets the access control policy for a Queue. Returns an empty policy if + the resource exists and does not have a policy set. Authorization + requires the following [Google IAM](https://cloud.google.com/iam) + permission on the specified resource parent: * + `cloudtasks.queues.getIamPolicy` + operationId: cloudtasks.projects.locations.queues.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2480,7 +2481,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2497,15 +2498,23 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}/tasks: + /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}/tasks/{taskId}:buffer: parameters: *ref_1 - get: + post: description: >- - Lists the tasks in a queue. By default, only the BASIC view is retrieved - due to performance considerations; response_view controls the subset of - information which is returned. The tasks may be returned in any order. - The ordering may change at any time. - operationId: cloudtasks.projects.locations.queues.tasks.list + Creates and buffers a new task without the need to explicitly define a + Task message. The queue must have HTTP target. To create the task with a + custom ID, use the following format and set TASK_ID to your desired ID: + projects/PROJECT_ID/locations/LOCATION_ID/queues/QUEUE_ID/tasks/TASK_ID:buffer + To create the task with an automatically generated ID, use the following + format: + projects/PROJECT_ID/locations/LOCATION_ID/queues/QUEUE_ID/tasks:buffer. + operationId: cloudtasks.projects.locations.queues.tasks.buffer + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BufferTaskRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2517,7 +2526,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTasksResponse' + $ref: '#/components/schemas/BufferTaskResponse' parameters: - in: path name: projectsId @@ -2534,19 +2543,13 @@ paths: required: true schema: type: string - - in: query - name: responseView - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: taskId + required: true schema: type: string + /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}/tasks: + parameters: *ref_1 post: description: >- Creates a task and adds it to a queue. Tasks cannot be updated after @@ -2586,11 +2589,13 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}/tasks/{tasksId}: - parameters: *ref_1 get: - description: Gets a task. - operationId: cloudtasks.projects.locations.queues.tasks.get + description: >- + Lists the tasks in a queue. By default, only the BASIC view is retrieved + due to performance considerations; response_view controls the subset of + information which is returned. The tasks may be returned in any order. + The ordering may change at any time. + operationId: cloudtasks.projects.locations.queues.tasks.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2602,7 +2607,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Task' + $ref: '#/components/schemas/ListTasksResponse' parameters: - in: path name: projectsId @@ -2619,15 +2624,21 @@ paths: required: true schema: type: string - - in: path - name: tasksId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query name: responseView schema: type: string + - in: query + name: pageToken + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}/tasks/{tasksId}: + parameters: *ref_1 delete: description: >- Deletes a task. A task can be deleted if it is scheduled or dispatched. @@ -2667,27 +2678,12 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}/tasks/{tasksId}:run: - parameters: *ref_1 - post: + get: description: >- - Forces a task to run now. When this method is called, Cloud Tasks will - dispatch the task, even if the task is already running, the queue has - reached its RateLimits or is PAUSED. This command is meant to be used - for manual debugging. For example, RunTask can be used to retry a failed - task after a fix has been made or to manually force a task to be - dispatched now. If Cloud Tasks receives a successful response from the - task's target, then the task will be deleted; otherwise the task's - schedule_time will be reset to the time that RunTask was called plus the - retry delay specified in the queue's RetryConfig. RunTask returns - NOT_FOUND when it is called on a task that has already succeeded or - permanently failed. - operationId: cloudtasks.projects.locations.queues.tasks.run - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RunTaskRequest' + Gets a task. After a task is successfully executed or has exhausted its + retry attempts, the task is deleted. A `GetTask` request for a deleted + task returns a `NOT_FOUND` error. + operationId: cloudtasks.projects.locations.queues.tasks.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2721,23 +2717,31 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}/tasks/{taskId}:buffer: + - in: query + name: responseView + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/queues/{queuesId}/tasks/{tasksId}:run: parameters: *ref_1 post: description: >- - Creates and buffers a new task without the need to explicitly define a - Task message. The queue must have HTTP target. To create the task with a - custom ID, use the following format and set TASK_ID to your desired ID: - projects/PROJECT_ID/locations/LOCATION_ID/queues/QUEUE_ID/tasks/TASK_ID:buffer - To create the task with an automatically generated ID, use the following - format: - projects/PROJECT_ID/locations/LOCATION_ID/queues/QUEUE_ID/tasks:buffer. - operationId: cloudtasks.projects.locations.queues.tasks.buffer + Forces a task to run now. When this method is called, Cloud Tasks will + dispatch the task, even if the task is already running, the queue has + reached its RateLimits or is PAUSED. This command is meant to be used + for manual debugging. For example, RunTask can be used to retry a failed + task after a fix has been made or to manually force a task to be + dispatched now. If Cloud Tasks receives a successful response from the + task's target, then the task will be deleted; otherwise the task's + schedule_time will be reset to the time that RunTask was called plus the + retry delay specified in the queue's RetryConfig. RunTask returns + NOT_FOUND when it is called on a task that has already succeeded or + permanently failed. + operationId: cloudtasks.projects.locations.queues.tasks.run requestBody: content: application/json: schema: - $ref: '#/components/schemas/BufferTaskRequest' + $ref: '#/components/schemas/RunTaskRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2749,7 +2753,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BufferTaskResponse' + $ref: '#/components/schemas/Task' parameters: - in: path name: projectsId @@ -2767,7 +2771,7 @@ paths: schema: type: string - in: path - name: taskId + name: tasksId required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/cloudtrace.yaml b/providers/src/googleapis.com/v00.00.00000/services/cloudtrace.yaml index 7f286685..e09709a8 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/cloudtrace.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/cloudtrace.yaml @@ -12,10 +12,10 @@ info: interact with the Cloud Trace API directly. If you are looking to instrument your application for Cloud Trace, we recommend using OpenTelemetry. version: v2 - x-discovery-doc-revision: '20250822' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251107' + x-generated-date: '2025-12-10' externalDocs: - url: https://cloud.google.com/trace + url: https://cloud.google.com/trace/ servers: - url: https://cloudtrace.googleapis.com components: diff --git a/providers/src/googleapis.com/v00.00.00000/services/composer.yaml b/providers/src/googleapis.com/v00.00.00000/services/composer.yaml index 33ee7fe4..d7ee4256 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/composer.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/composer.yaml @@ -7,8 +7,8 @@ info: title: Cloud Composer API description: Manages Apache Airflow environments on Google Cloud Platform. version: v1 - x-discovery-doc-revision: '20250819' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251130' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/composer/ servers: @@ -34,138 +34,198 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + SchedulerResource: type: object properties: - operations: + cpu: description: >- - A list of operations that matches the specified filter in the - request. - type: array + Optional. CPU request and limit for a single Airflow scheduler + replica. + type: number + format: float + storageGb: + description: >- + Optional. Storage (GB) request and limit for a single Airflow + scheduler replica. + format: float + type: number + count: + format: int32 + type: integer + description: Optional. The number of schedulers. + memoryGb: + type: number + format: float + description: >- + Optional. Memory (GB) request and limit for a single Airflow + scheduler replica. + description: Configuration for resources used by Airflow schedulers. + id: SchedulerResource + RecoveryConfig: + properties: + scheduledSnapshotsConfig: + $ref: '#/components/schemas/ScheduledSnapshotsConfig' + description: >- + Optional. The configuration for scheduled snapshot creation + mechanism. + description: The Recovery settings of an environment. + id: RecoveryConfig + type: object + StopAirflowCommandRequest: + type: object + properties: + podNamespace: + type: string + description: The namespace of the pod where the command is executed. + executionId: + description: The unique ID of the command execution. + type: string + force: + type: boolean + description: >- + If true, the execution is terminated forcefully (SIGKILL). If false, + the execution is stopped gracefully, giving it time for cleanup. + pod: + type: string + description: The name of the pod where the command is executed. + id: StopAirflowCommandRequest + description: Stop Airflow Command request. + ComposerWorkload: + properties: + name: + type: string + description: Name of a workload. + type: + description: Type of a workload. + enumDescriptions: + - Not able to determine the type of the workload. + - Celery worker. + - Kubernetes worker. + - Workload created by Kubernetes Pod Operator. + - Airflow scheduler. + - Airflow Dag processor. + - Airflow triggerer. + - Airflow web server UI. + - Redis. + enum: + - COMPOSER_WORKLOAD_TYPE_UNSPECIFIED + - CELERY_WORKER + - KUBERNETES_WORKER + - KUBERNETES_OPERATOR_POD + - SCHEDULER + - DAG_PROCESSOR + - TRIGGERER + - WEB_SERVER + - REDIS + type: string + status: + description: Output only. Status of a workload. + readOnly: true + $ref: '#/components/schemas/ComposerWorkloadStatus' + type: object + description: Information about a single workload. + id: ComposerWorkload + ListUserWorkloadsConfigMapsResponse: + id: ListUserWorkloadsConfigMapsResponse + description: The user workloads ConfigMaps for a given environment. + properties: + userWorkloadsConfigMaps: items: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/UserWorkloadsConfigMap' + description: >- + The list of ConfigMaps returned by a + ListUserWorkloadsConfigMapsRequest. + type: array nextPageToken: - description: The standard List next-page token. + description: The page token used to query for the next page if one exists. type: string - Operation: - id: Operation + type: object + WebServerConfig: description: >- - This resource represents a long-running operation that is the result of - a network API call. + The configuration settings for the Airflow web server App Engine + instance. Supported for Cloud Composer environments in versions + composer-1.*.*-airflow-*.*.* + id: WebServerConfig type: object properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + machineType: type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + Optional. Machine type on which Airflow web server is running. It + has to be one of: composer-n1-webserver-2, composer-n1-webserver-4 + or composer-n1-webserver-8. If not specified, + composer-n1-webserver-2 will be used. Value custom is returned only + in response, if Airflow web server parameters were manually changed + to a non-standard values. + TriggererResource: + id: TriggererResource + description: Configuration for resources used by Airflow triggerers. + properties: + cpu: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + Optional. CPU request and limit for a single Airflow triggerer + replica. + format: float + type: number + memoryGb: + type: number + format: float description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. + Optional. Memory (GB) request and limit for a single Airflow + triggerer replica. + count: type: integer format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + description: Optional. The number of triggerers. type: object - properties: {} Environment: id: Environment - description: An environment for running orchestration tasks. type: object + description: An environment for running orchestration tasks. properties: - name: + labels: + type: object description: >- - Identifier. The resource name of the environment, in the form: - "projects/{projectId}/locations/{locationId}/environments/{environmentId}" - EnvironmentId must start with a lowercase letter followed by up to - 63 lowercase letters, numbers, or hyphens, and cannot end with a - hyphen. - type: string - config: - description: Optional. Configuration parameters for this environment. - $ref: '#/components/schemas/EnvironmentConfig' + Optional. User-defined labels for this environment. The labels map + can contain no more than 64 entries. Entries of the labels map are + UTF8 strings that comply with the following restrictions: * Keys + must conform to regexp: \p{Ll}\p{Lo}{0,62} * Values must conform to + regexp: [\p{Ll}\p{Lo}\p{N}_-]{0,63} * Both keys and values are + additionally constrained to be <= 128 bytes in size. + additionalProperties: + type: string + satisfiesPzi: + type: boolean + description: Output only. Reserved for future use. + readOnly: true uuid: description: >- Output only. The UUID (Universally Unique IDentifier) associated with this environment. This value is generated when the environment is created. type: string + config: + $ref: '#/components/schemas/EnvironmentConfig' + description: Optional. Configuration parameters for this environment. + name: + type: string + description: >- + Identifier. The resource name of the environment, in the form: + "projects/{projectId}/locations/{locationId}/environments/{environmentId}" + EnvironmentId must start with a lowercase letter followed by up to + 63 lowercase letters, numbers, or hyphens, and cannot end with a + hyphen. state: description: The current state of the environment. type: string - enumDescriptions: + enum: + - STATE_UNSPECIFIED + - CREATING + - RUNNING + - UPDATING + - DELETING + - ERROR + enumDescriptions: - The state of the environment is unknown. - The environment is in the process of being created. - >- @@ -176,466 +236,256 @@ components: receive additional update requests or be deleted at this time. - The environment is undergoing deletion. It cannot be used. - The environment has encountered an error and cannot be used. - enum: - - STATE_UNSPECIFIED - - CREATING - - RUNNING - - UPDATING - - DELETING - - ERROR - createTime: - description: Output only. The time at which this environment was created. + updateTime: type: string format: google-datetime - updateTime: description: Output only. The time at which this environment was last modified. + storageConfig: + $ref: '#/components/schemas/StorageConfig' + description: Optional. Storage configuration for this environment. + createTime: type: string format: google-datetime - labels: - description: >- - Optional. User-defined labels for this environment. The labels map - can contain no more than 64 entries. Entries of the labels map are - UTF8 strings that comply with the following restrictions: * Keys - must conform to regexp: \p{Ll}\p{Lo}{0,62} * Values must conform to - regexp: [\p{Ll}\p{Lo}\p{N}_-]{0,63} * Both keys and values are - additionally constrained to be <= 128 bytes in size. - type: object - additionalProperties: - type: string + description: Output only. The time at which this environment was created. satisfiesPzs: - description: Output only. Reserved for future use. readOnly: true type: boolean - satisfiesPzi: description: Output only. Reserved for future use. - readOnly: true - type: boolean - storageConfig: - description: Optional. Storage configuration for this environment. - $ref: '#/components/schemas/StorageConfig' - EnvironmentConfig: - id: EnvironmentConfig - description: Configuration information for an environment. - type: object + AllowedIpRange: + description: Allowed IP range with user-provided description. + id: AllowedIpRange properties: - gkeCluster: - description: >- - Output only. The Kubernetes Engine cluster used to run this - environment. - type: string - dagGcsPrefix: - description: >- - Output only. The Cloud Storage prefix of the DAGs for this - environment. Although Cloud Storage objects reside in a flat - namespace, a hierarchical file tree can be simulated using - "/"-delimited object name prefixes. DAG objects for this environment - reside in a simulated directory with the given prefix. + description: type: string - nodeCount: - description: >- - The number of nodes in the Kubernetes Engine cluster that will be - used to run this environment. This field is supported for Cloud - Composer environments in versions composer-1.*.*-airflow-*.*.*. - type: integer - format: int32 - softwareConfig: - description: >- - Optional. The configuration settings for software inside the - environment. - $ref: '#/components/schemas/SoftwareConfig' - nodeConfig: - description: Optional. The configuration used for the Kubernetes Engine cluster. - $ref: '#/components/schemas/NodeConfig' - privateEnvironmentConfig: - description: >- - Optional. The configuration used for the Private IP Cloud Composer - environment. - $ref: '#/components/schemas/PrivateEnvironmentConfig' - webServerNetworkAccessControl: - description: >- - Optional. The network-level access control policy for the Airflow - web server. If unspecified, no network-level access restrictions - will be applied. - $ref: '#/components/schemas/WebServerNetworkAccessControl' - databaseConfig: - description: >- - Optional. The configuration settings for Cloud SQL instance used - internally by Apache Airflow software. - $ref: '#/components/schemas/DatabaseConfig' - webServerConfig: - description: >- - Optional. The configuration settings for the Airflow web server App - Engine instance. - $ref: '#/components/schemas/WebServerConfig' - encryptionConfig: - description: >- - Optional. The encryption options for the Cloud Composer environment - and its dependencies. Cannot be updated. - $ref: '#/components/schemas/EncryptionConfig' - maintenanceWindow: - description: >- - Optional. The maintenance window is the period when Cloud Composer - components may undergo maintenance. It is defined so that - maintenance is not executed during peak hours or critical time - periods. The system will not be under maintenance for every - occurrence of this window, but when maintenance is planned, it will - be scheduled during the window. The maintenance window period must - encompass at least 12 hours per week. This may be split into - multiple chunks, each with a size of at least 4 hours. If this value - is omitted, the default value for maintenance window is applied. By - default, maintenance windows are from 00:00:00 to 04:00:00 (GMT) on - Friday, Saturday, and Sunday every week. - $ref: '#/components/schemas/MaintenanceWindow' - workloadsConfig: description: >- - Optional. The workloads configuration settings for the GKE cluster - associated with the Cloud Composer environment. The GKE cluster runs - Airflow scheduler, web server and workers workloads. This field is - supported for Cloud Composer environments in versions - composer-2.*.*-airflow-*.*.* and newer. - $ref: '#/components/schemas/WorkloadsConfig' - environmentSize: + Optional. User-provided description. It must contain at most 300 + characters. + value: description: >- - Optional. The size of the Cloud Composer environment. This field is - supported for Cloud Composer environments in versions - composer-2.*.*-airflow-*.*.* and newer. + IP address or range, defined using CIDR notation, of requests that + this rule applies to. Examples: `192.168.1.1` or `192.168.0.0/16` or + `2001:db8::/32` or `2001:0db8:0000:0042:0000:8a2e:0370:7334`. IP + range prefixes should be properly truncated. For example, + `1.2.3.4/24` should be truncated to `1.2.3.0/24`. Similarly, for + IPv6, `2001:db8::1/32` should be truncated to `2001:db8::/32`. type: string - enumDescriptions: - - The size of the environment is unspecified. - - The environment size is small. - - The environment size is medium. - - The environment size is large. - enum: - - ENVIRONMENT_SIZE_UNSPECIFIED - - ENVIRONMENT_SIZE_SMALL - - ENVIRONMENT_SIZE_MEDIUM - - ENVIRONMENT_SIZE_LARGE - airflowUri: - description: >- - Output only. The URI of the Apache Airflow Web UI hosted within this - environment (see [Airflow web - interface](/composer/docs/how-to/accessing/airflow-web-interface)). + type: object + ListEnvironmentsResponse: + properties: + environments: + description: The list of environments returned by a ListEnvironmentsRequest. + items: + $ref: '#/components/schemas/Environment' + type: array + nextPageToken: type: string - airflowByoidUri: - description: >- - Output only. The 'bring your own identity' variant of the URI of the - Apache Airflow Web UI hosted within this environment, to be accessed - with external identities using workforce identity federation (see - [Access environments with workforce identity - federation](/composer/docs/composer-2/access-environments-with-workforce-identity-federation)). - readOnly: true + description: The page token used to query for the next page if one exists. + id: ListEnvironmentsResponse + description: The environments in a project and location. + type: object + SaveSnapshotRequest: + type: object + properties: + snapshotLocation: type: string - masterAuthorizedNetworksConfig: - description: >- - Optional. The configuration options for GKE cluster master - authorized networks. By default master authorized networks feature - is: - in case of private environment: enabled with no external - networks allowlisted. - in case of public environment: disabled. - $ref: '#/components/schemas/MasterAuthorizedNetworksConfig' - recoveryConfig: description: >- - Optional. The Recovery settings configuration of an environment. - This field is supported for Cloud Composer environments in versions - composer-2.*.*-airflow-*.*.* and newer. - $ref: '#/components/schemas/RecoveryConfig' - resilienceMode: + Location in a Cloud Storage where the snapshot is going to be + stored, e.g.: "gs://my-bucket/snapshots". + id: SaveSnapshotRequest + description: Request to create a snapshot of a Cloud Composer environment. + WorkloadsConfig: + type: object + id: WorkloadsConfig + properties: + worker: + $ref: '#/components/schemas/WorkerResource' + description: Optional. Resources used by Airflow workers. + scheduler: + $ref: '#/components/schemas/SchedulerResource' + description: Optional. Resources used by Airflow schedulers. + webServer: + description: Optional. Resources used by Airflow web server. + $ref: '#/components/schemas/WebServerResource' + triggerer: + $ref: '#/components/schemas/TriggererResource' + description: Optional. Resources used by Airflow triggerers. + dagProcessor: + $ref: '#/components/schemas/DagProcessorResource' description: >- - Optional. Resilience mode of the Cloud Composer Environment. This - field is supported for Cloud Composer environments in versions - composer-2.2.0-airflow-*.*.* and newer. + Optional. Resources used by Airflow DAG processors. This field is + supported for Cloud Composer environments in versions + composer-3-airflow-*.*.*-build.* and newer. + description: >- + The Kubernetes workloads configuration for GKE cluster associated with + the Cloud Composer environment. Supported for Cloud Composer + environments in versions composer-2.*.*-airflow-*.*.* and newer. + EncryptionConfig: + type: object + properties: + kmsKeyName: type: string - enumDescriptions: - - Default mode doesn't change environment parameters. - - Enabled High Resilience mode, including Cloud SQL HA. - enum: - - RESILIENCE_MODE_UNSPECIFIED - - HIGH_RESILIENCE - dataRetentionConfig: description: >- - Optional. The configuration setting for Airflow database data - retention mechanism. - $ref: '#/components/schemas/DataRetentionConfig' - SoftwareConfig: - id: SoftwareConfig + Optional. Customer-managed Encryption Key available through Google's + Key Management Service. Cannot be updated. If not specified, + Google-managed key will be used. + id: EncryptionConfig description: >- - Specifies the selection and configuration of software inside the - environment. + The encryption options for the Cloud Composer environment and its + dependencies.Supported for Cloud Composer environments in versions + composer-1.*.*-airflow-*.*.*. + PrivateClusterConfig: type: object + description: >- + Configuration options for the private GKE cluster in a Cloud Composer + environment. + id: PrivateClusterConfig properties: - imageVersion: + masterIpv4CidrBlock: description: >- - Optional. The version of the software running in the environment. - This encapsulates both the version of Cloud Composer functionality - and the version of Apache Airflow. It must match the regular - expression - `composer-([0-9]+(\.[0-9]+\.[0-9]+(-preview\.[0-9]+)?)?|latest)-airflow-([0-9]+(\.[0-9]+(\.[0-9]+)?)?)`. - When used as input, the server also checks if the provided version - is supported and denies the request for an unsupported version. The - Cloud Composer portion of the image version is a full [semantic - version](https://semver.org), or an alias in the form of major - version number or `latest`. When an alias is provided, the server - replaces it with the current Cloud Composer version that satisfies - the alias. The Apache Airflow portion of the image version is a full - semantic version that points to one of the supported Apache Airflow - versions, or an alias in the form of only major or major.minor - versions specified. When an alias is provided, the server replaces - it with the latest Apache Airflow version that satisfies the alias - and is supported in the given Cloud Composer version. In all cases, - the resolved image version is stored in the same field. See also - [version list](/composer/docs/concepts/versioning/composer-versions) - and [versioning - overview](/composer/docs/concepts/versioning/composer-versioning-overview). + Optional. The CIDR block from which IPv4 range for GKE master will + be reserved. If left blank, the default value of '172.16.0.0/23' is + used. type: string - airflowConfigOverrides: + enablePrivateEndpoint: description: >- - Optional. Apache Airflow configuration properties to override. - Property keys contain the section and property names, separated by a - hyphen, for example "core-dags_are_paused_at_creation". Section - names must not contain hyphens ("-"), opening square brackets ("["), - or closing square brackets ("]"). The property name must not be - empty and must not contain an equals sign ("=") or semicolon (";"). - Section and property names must not contain a period ("."). Apache - Airflow configuration property names must be written in - [snake_case](https://en.wikipedia.org/wiki/Snake_case). Property - values can contain any character, and can be written in any - lower/upper case format. Certain Apache Airflow configuration - property values are - [blocked](/composer/docs/concepts/airflow-configurations), and - cannot be overridden. - type: object - additionalProperties: - type: string - pypiPackages: + Optional. If `true`, access to the public endpoint of the GKE + cluster is denied. + type: boolean + masterIpv4ReservedRange: description: >- - Optional. Custom Python Package Index (PyPI) packages to be - installed in the environment. Keys refer to the lowercase package - name such as "numpy" and values are the lowercase extras and version - specifier such as "==1.12.0", "[devel,gcp_api]", or "[devel]>=1.8.2, - <1.9.2". To specify a package without pinning it to a version - specifier, use the empty string as the value. - type: object + Output only. The IP range in CIDR notation to use for the hosted + master network. This range is used for assigning internal IP + addresses to the GKE cluster master or set of masters and to the + internal load balancer virtual IP. This range must not overlap with + any other ranges in use within the cluster's network. + readOnly: true + type: string + UserWorkloadsConfigMap: + properties: + data: additionalProperties: type: string - envVariables: - description: >- - Optional. Additional environment variables to provide to the Apache - Airflow scheduler, worker, and webserver processes. Environment - variable names must match the regular expression `a-zA-Z_*`. They - cannot specify Apache Airflow software configuration overrides (they - cannot match the regular expression - `AIRFLOW__[A-Z0-9_]+__[A-Z0-9_]+`), and they cannot match any of the - following reserved names: * `AIRFLOW_HOME` * `C_FORCE_ROOT` * - `CONTAINER_NAME` * `DAGS_FOLDER` * `GCP_PROJECT` * `GCS_BUCKET` * - `GKE_CLUSTER_NAME` * `SQL_DATABASE` * `SQL_INSTANCE` * - `SQL_PASSWORD` * `SQL_PROJECT` * `SQL_REGION` * `SQL_USER` type: object - additionalProperties: - type: string - pythonVersion: description: >- - Optional. The major version of Python used to run the Apache Airflow - scheduler, worker, and webserver processes. Can be set to '2' or - '3'. If not specified, the default is '3'. Cannot be updated. This - field is only supported for Cloud Composer environments in versions - composer-1.*.*-airflow-*.*.*. Environments in newer versions always - use Python major version 3. + Optional. The "data" field of Kubernetes ConfigMap, organized in + key-value pairs. For details see: + https://kubernetes.io/docs/concepts/configuration/configmap/ + Example: { "example_key": "example_value", "another_key": + "another_value" } + name: type: string - schedulerCount: - description: >- - Optional. The number of schedulers for Airflow. This field is - supported for Cloud Composer environments in versions - composer-1.*.*-airflow-2.*.*. - type: integer - format: int32 - cloudDataLineageIntegration: - description: Optional. The configuration for Cloud Data Lineage integration. - $ref: '#/components/schemas/CloudDataLineageIntegration' - webServerPluginsMode: description: >- - Optional. Whether or not the web server uses custom plugins. If - unspecified, the field defaults to `PLUGINS_ENABLED`. This field is - supported for Cloud Composer environments in versions - composer-3-airflow-*.*.*-build.* and newer. - type: string - enumDescriptions: - - Default mode. - - Web server plugins are not supported. - - Web server plugins are supported. - enum: - - WEB_SERVER_PLUGINS_MODE_UNSPECIFIED - - PLUGINS_DISABLED - - PLUGINS_ENABLED - CloudDataLineageIntegration: - id: CloudDataLineageIntegration - description: Configuration for Cloud Data Lineage integration. - type: object - properties: - enabled: - description: Optional. Whether or not Cloud Data Lineage integration is enabled. - type: boolean - NodeConfig: - id: NodeConfig + Identifier. The resource name of the ConfigMap, in the form: + "projects/{projectId}/locations/{locationId}/environments/{environmentId}/userWorkloadsConfigMaps/{userWorkloadsConfigMapId}" description: >- - The configuration information for the Kubernetes Engine nodes running - the Apache Airflow software. + User workloads ConfigMap used by Airflow tasks that run with Kubernetes + executor or KubernetesPodOperator. + id: UserWorkloadsConfigMap + type: object + ListWorkloadsResponse: + id: ListWorkloadsResponse type: object properties: - location: - description: >- - Optional. The Compute Engine [zone](/compute/docs/regions-zones) in - which to deploy the VMs used to run the Apache Airflow software, - specified as a [relative resource - name](/apis/design/resource_names#relative_resource_name). For - example: "projects/{projectId}/zones/{zoneId}". This `location` must - belong to the enclosing environment's project and location. If both - this field and `nodeConfig.machineType` are specified, - `nodeConfig.machineType` must belong to this `location`; if both are - unspecified, the service will pick a zone in the Compute Engine - region corresponding to the Cloud Composer location, and propagate - that choice to both fields. If only one field (`location` or - `nodeConfig.machineType`) is specified, the location information - from the specified field will be propagated to the unspecified - field. This field is supported for Cloud Composer environments in - versions composer-1.*.*-airflow-*.*.*. - type: string - machineType: - description: >- - Optional. The Compute Engine [machine - type](/compute/docs/machine-types) used for cluster instances, - specified as a [relative resource - name](/apis/design/resource_names#relative_resource_name). For - example: - "projects/{projectId}/zones/{zoneId}/machineTypes/{machineTypeId}". - The `machineType` must belong to the enclosing environment's project - and location. If both this field and `nodeConfig.location` are - specified, this `machineType` must belong to the - `nodeConfig.location`; if both are unspecified, the service will - pick a zone in the Compute Engine region corresponding to the Cloud - Composer location, and propagate that choice to both fields. If - exactly one of this field and `nodeConfig.location` is specified, - the location information from the specified field will be propagated - to the unspecified field. The `machineTypeId` must not be a - [shared-core machine type](/compute/docs/machine-types#sharedcore). - If this field is unspecified, the `machineTypeId` defaults to - "n1-standard-1". This field is supported for Cloud Composer - environments in versions composer-1.*.*-airflow-*.*.*. + workloads: + items: + $ref: '#/components/schemas/ComposerWorkload' + type: array + description: The list of environment workloads. + nextPageToken: + description: The page token used to query for the next page if one exists. type: string - network: - description: >- - Optional. The Compute Engine network to be used for machine - communications, specified as a [relative resource - name](/apis/design/resource_names#relative_resource_name). For - example: "projects/{projectId}/global/networks/{networkId}". If - unspecified, the "default" network ID in the environment's project - is used. If a [Custom Subnet - Network](/vpc/docs/vpc#vpc_networks_and_subnets) is provided, - `nodeConfig.subnetwork` must also be provided. For [Shared - VPC](/vpc/docs/shared-vpc) subnetwork requirements, see - `nodeConfig.subnetwork`. + description: Response to ListWorkloadsRequest. + DataRetentionConfig: + description: The configuration setting for Airflow database data retention mechanism. + type: object + properties: + taskLogsRetentionConfig: + $ref: '#/components/schemas/TaskLogsRetentionConfig' + description: Optional. The configuration settings for task logs retention + airflowMetadataRetentionConfig: + $ref: '#/components/schemas/AirflowMetadataRetentionPolicyConfig' + description: Optional. The retention policy for airflow metadata database. + id: DataRetentionConfig + ListUserWorkloadsSecretsResponse: + description: The user workloads Secrets for a given environment. + id: ListUserWorkloadsSecretsResponse + properties: + nextPageToken: + description: The page token used to query for the next page if one exists. type: string - subnetwork: - description: >- - Optional. The Compute Engine subnetwork to be used for machine - communications, specified as a [relative resource - name](/apis/design/resource_names#relative_resource_name). For - example: - "projects/{projectId}/regions/{regionId}/subnetworks/{subnetworkId}" - If a subnetwork is provided, `nodeConfig.network` must also be - provided, and the subnetwork must belong to the enclosing - environment's project and location. + userWorkloadsSecrets: + items: + $ref: '#/components/schemas/UserWorkloadsSecret' + type: array + description: The list of Secrets returned by a ListUserWorkloadsSecretsRequest. + type: object + ListImageVersionsResponse: + id: ListImageVersionsResponse + properties: + nextPageToken: type: string - diskSizeGb: - description: >- - Optional. The disk size in GB used for node VMs. Minimum size is - 30GB. If unspecified, defaults to 100GB. Cannot be updated. This - field is supported for Cloud Composer environments in versions - composer-1.*.*-airflow-*.*.*. - type: integer - format: int32 - oauthScopes: - description: >- - Optional. The set of Google API scopes to be made available on all - node VMs. If `oauth_scopes` is empty, defaults to - ["https://www.googleapis.com/auth/cloud-platform"]. Cannot be - updated. This field is supported for Cloud Composer environments in - versions composer-1.*.*-airflow-*.*.*. + description: The page token used to query for the next page if one exists. + imageVersions: type: array + description: The list of supported ImageVersions in a location. items: - type: string - serviceAccount: + $ref: '#/components/schemas/ImageVersion' + description: The ImageVersions in a project and location. + type: object + LoadSnapshotRequest: + id: LoadSnapshotRequest + type: object + properties: + skipPypiPackagesInstallation: + type: boolean description: >- - Optional. The Google Cloud Platform Service Account to be used by - the node VMs. If a service account is not specified, the "default" - Compute Engine service account is used. Cannot be updated. - type: string - tags: + Whether or not to skip installing Pypi packages when loading the + environment's state. + skipGcsDataCopying: + type: boolean description: >- - Optional. The list of instance tags applied to all node VMs. Tags - are used to identify valid sources or targets for network firewalls. - Each tag within the list must comply with - [RFC1035](https://www.ietf.org/rfc/rfc1035.txt). Cannot be updated. - type: array - items: - type: string - ipAllocationPolicy: + Whether or not to skip copying Cloud Storage data when loading the + environment's state. + skipAirflowOverridesSetting: description: >- - Optional. The configuration for controlling how IPs are allocated in - the GKE cluster. - $ref: '#/components/schemas/IPAllocationPolicy' - enableIpMasqAgent: + Whether or not to skip setting Airflow overrides when loading the + environment's state. + type: boolean + skipEnvironmentVariablesSetting: description: >- - Optional. Deploys 'ip-masq-agent' daemon set in the GKE cluster and - defines nonMasqueradeCIDRs equals to pod IP range so IP masquerading - is used for all destination addresses, except between pods traffic. - See: - https://cloud.google.com/kubernetes-engine/docs/how-to/ip-masquerade-agent + Whether or not to skip setting environment variables when loading + the environment's state. type: boolean - composerNetworkAttachment: + snapshotPath: description: >- - Optional. Network Attachment that Cloud Composer environment is - connected to, which provides connectivity with a user's VPC network. - Takes precedence over network and subnetwork settings. If not - provided, but network and subnetwork are defined during environment, - it will be provisioned. If not provided and network and subnetwork - are also empty, then connectivity to user's VPC network is disabled. - Network attachment must be provided in format - projects/{project}/regions/{region}/networkAttachments/{networkAttachment}. - This field is supported for Cloud Composer environments in versions - composer-3-airflow-*.*.*-build.* and newer. + A Cloud Storage path to a snapshot to load, e.g.: + "gs://my-bucket/snapshots/project_location_environment_timestamp". + type: string + description: Request to load a snapshot into a Cloud Composer environment. + ExecuteAirflowCommandResponse: + properties: + podNamespace: + description: The namespace of the pod where the command is executed. + type: string + executionId: + description: The unique ID of the command execution for polling. + type: string + pod: + description: The name of the pod where the command is executed. type: string - composerInternalIpv4CidrBlock: - description: >- - Optional. The IP range in CIDR notation to use internally by Cloud - Composer. IP addresses are not reserved - and the same range can be - used by multiple Cloud Composer environments. In case of overlap, - IPs from this range will not be accessible in the user's VPC - network. Cannot be updated. If not specified, the default value of - '100.64.128.0/20' is used. This field is supported for Cloud - Composer environments in versions composer-3-airflow-*.*.*-build.* - and newer. + error: + description: Error message. Empty if there was no error. type: string + description: Response to ExecuteAirflowCommandRequest. + id: ExecuteAirflowCommandResponse + type: object IPAllocationPolicy: + type: object id: IPAllocationPolicy description: >- Configuration for controlling how IPs are allocated in the GKE cluster running the Apache Airflow software. - type: object properties: - useIpAliases: - description: >- - Optional. Whether or not to enable Alias IPs in the GKE cluster. If - `true`, a VPC-native cluster is created. This field is only - supported for Cloud Composer environments in versions - composer-1.*.*-airflow-*.*.*. Environments in newer versions always - use VPC-native GKE clusters. - type: boolean - clusterSecondaryRangeName: - description: >- - Optional. The name of the GKE cluster's secondary range used to - allocate IP addresses to pods. For Cloud Composer environments in - versions composer-1.*.*-airflow-*.*.*, this field is applicable only - when `use_ip_aliases` is true. - type: string clusterIpv4CidrBlock: description: >- Optional. The IP address range used to allocate IP addresses to pods @@ -649,13 +499,6 @@ components: (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use. type: string - servicesSecondaryRangeName: - description: >- - Optional. The name of the services' secondary range used to allocate - IP addresses to the GKE cluster. For Cloud Composer environments in - versions composer-1.*.*-airflow-*.*.*, this field is applicable only - when `use_ip_aliases` is true. - type: string servicesIpv4CidrBlock: description: >- Optional. The IP address range of the services IP addresses in this @@ -669,58 +512,275 @@ components: (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use. type: string + clusterSecondaryRangeName: + description: >- + Optional. The name of the GKE cluster's secondary range used to + allocate IP addresses to pods. For Cloud Composer environments in + versions composer-1.*.*-airflow-*.*.*, this field is applicable only + when `use_ip_aliases` is true. + type: string + useIpAliases: + description: >- + Optional. Whether or not to enable Alias IPs in the GKE cluster. If + `true`, a VPC-native cluster is created. This field is only + supported for Cloud Composer environments in versions + composer-1.*.*-airflow-*.*.*. Environments in newer versions always + use VPC-native GKE clusters. + type: boolean + servicesSecondaryRangeName: + type: string + description: >- + Optional. The name of the services' secondary range used to allocate + IP addresses to the GKE cluster. For Cloud Composer environments in + versions composer-1.*.*-airflow-*.*.*, this field is applicable only + when `use_ip_aliases` is true. + UserWorkloadsSecret: + properties: + name: + description: >- + Identifier. The resource name of the Secret, in the form: + "projects/{projectId}/locations/{locationId}/environments/{environmentId}/userWorkloadsSecrets/{userWorkloadsSecretId}" + type: string + data: + type: object + additionalProperties: + type: string + description: >- + Optional. The "data" field of Kubernetes Secret, organized in + key-value pairs, which can contain sensitive values such as a + password, a token, or a key. The values for all keys have to be + base64-encoded strings. For details see: + https://kubernetes.io/docs/concepts/configuration/secret/ Example: { + "example": "ZXhhbXBsZV92YWx1ZQ==", "another-example": + "YW5vdGhlcl9leGFtcGxlX3ZhbHVl" } + type: object + description: >- + User workloads Secret used by Airflow tasks that run with Kubernetes + executor or KubernetesPodOperator. + id: UserWorkloadsSecret + Operation: + id: Operation + properties: + error: + $ref: '#/components/schemas/Status' + description: >- + The error result of the operation in case of failure or + cancellation. + metadata: + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + name: + type: string + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + response: + type: object + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + description: >- + This resource represents a long-running operation that is the result of + a network API call. + type: object + CheckUpgradeResponse: + id: CheckUpgradeResponse + type: object + description: >- + Message containing information about the result of an upgrade check + operation. + properties: + buildLogUri: + readOnly: true + type: string + description: Output only. Url for a docker build log of an upgraded image. + pypiConflictBuildLogExtract: + type: string + readOnly: true + description: >- + Output only. Extract from a docker image build log containing + information about pypi modules conflicts. + imageVersion: + description: Composer image for which the build was happening. + type: string + containsPypiModulesConflict: + enum: + - CONFLICT_RESULT_UNSPECIFIED + - CONFLICT + - NO_CONFLICT + type: string + description: >- + Output only. Whether build has succeeded or failed on modules + conflicts. + readOnly: true + enumDescriptions: + - It is unknown whether build had conflicts or not. + - There were python packages conflicts. + - There were no python packages conflicts. + configConflicts: + description: >- + Output only. Contains information about environment configuration + that is incompatible with the new image version, except for pypi + modules conflicts. + readOnly: true + items: + $ref: '#/components/schemas/ConfigConflict' + type: array + pypiDependencies: + description: >- + Pypi dependencies specified in the environment configuration, at the + time when the build was triggered. + additionalProperties: + type: string + type: object + ImageVersion: + id: ImageVersion + properties: + imageVersionId: + description: >- + The string identifier of the ImageVersion, in the form: + "composer-x.y.z-airflow-a.b.c" + type: string + supportedPythonVersions: + description: supported python versions + type: array + items: + type: string + releaseDate: + $ref: '#/components/schemas/Date' + description: The date of the version release. + isDefault: + type: boolean + description: >- + Whether this is the default ImageVersion used by Composer during + environment creation if no input ImageVersion is specified. + upgradeDisabled: + description: >- + Whether it is impossible to upgrade an environment running with the + image version. + type: boolean + creationDisabled: + description: >- + Whether it is impossible to create an environment with the image + version. + type: boolean + description: ImageVersion information + type: object + MaintenanceWindow: + description: >- + The configuration settings for Cloud Composer maintenance window. The + following example: ``` { "startTime":"2019-08-01T01:00:00Z" + "endTime":"2019-08-01T07:00:00Z" "recurrence":"FREQ=WEEKLY;BYDAY=TU,WE" + } ``` would define a maintenance window between 01 and 07 hours UTC + during each Tuesday and Wednesday. + type: object + id: MaintenanceWindow + properties: + recurrence: + type: string + description: >- + Required. Maintenance window recurrence. Format is a subset of + [RFC-5545](https://tools.ietf.org/html/rfc5545) `RRULE`. The only + allowed values for `FREQ` field are `FREQ=DAILY` and + `FREQ=WEEKLY;BYDAY=...` Example values: `FREQ=WEEKLY;BYDAY=TU,WE`, + `FREQ=DAILY`. + startTime: + type: string + format: google-datetime + description: >- + Required. Start time of the first recurrence of the maintenance + window. + endTime: + description: >- + Required. Maintenance window end time. It is used only to calculate + the duration of the maintenance window. The value for end-time must + be in the future, relative to `start_time`. + type: string + format: google-datetime + StorageConfig: + description: The configuration for data storage in the environment. + type: object + properties: + bucket: + type: string + description: >- + Optional. The name of the Cloud Storage bucket used by the + environment. No `gs://` prefix. + id: StorageConfig + ExitInfo: + type: object + description: Information about how a command ended. + properties: + error: + type: string + description: Error message. Empty if there was no error. + exitCode: + type: integer + format: int32 + description: The exit code from the command execution. + id: ExitInfo PrivateEnvironmentConfig: - id: PrivateEnvironmentConfig - description: >- - The configuration information for configuring a Private IP Cloud - Composer environment. type: object properties: + cloudComposerNetworkIpv4ReservedRange: + type: string + description: >- + Output only. The IP range reserved for the tenant project's Cloud + Composer network. This field is supported for Cloud Composer + environments in versions composer-2.*.*-airflow-*.*.* and newer. + readOnly: true + networkingConfig: + $ref: '#/components/schemas/NetworkingConfig' + description: >- + Optional. Configuration for the network connections configuration in + the environment. enablePrivateEnvironment: + type: boolean description: >- Optional. If `true`, a Private IP Cloud Composer environment is created. If this field is set to true, `IPAllocationPolicy.use_ip_aliases` must be set to true for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*. - type: boolean - enablePrivateBuildsOnly: - description: >- - Optional. If `true`, builds performed during operations that install - Python packages have only private connectivity to Google services - (including Artifact Registry) and VPC network (if either - `NodeConfig.network` and `NodeConfig.subnetwork` fields or - `NodeConfig.composer_network_attachment` field are specified). If - `false`, the builds also have access to the internet. This field is - supported for Cloud Composer environments in versions - composer-3-airflow-*.*.*-build.* and newer. - type: boolean - privateClusterConfig: - description: >- - Optional. Configuration for the private GKE cluster for a Private IP - Cloud Composer environment. - $ref: '#/components/schemas/PrivateClusterConfig' webServerIpv4CidrBlock: + type: string description: >- Optional. The CIDR block from which IP range for web server will be reserved. Needs to be disjoint from `private_cluster_config.master_ipv4_cidr_block` and `cloud_sql_ipv4_cidr_block`. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*. - type: string - cloudSqlIpv4CidrBlock: - description: >- - Optional. The CIDR block from which IP range in tenant project will - be reserved for Cloud SQL. Needs to be disjoint from - `web_server_ipv4_cidr_block`. - type: string - webServerIpv4ReservedRange: + privateClusterConfig: + $ref: '#/components/schemas/PrivateClusterConfig' description: >- - Output only. The IP range reserved for the tenant project's App - Engine VMs. This field is supported for Cloud Composer environments - in versions composer-1.*.*-airflow-*.*.*. - readOnly: true - type: string + Optional. Configuration for the private GKE cluster for a Private IP + Cloud Composer environment. cloudComposerNetworkIpv4CidrBlock: + type: string description: >- Optional. The CIDR block from which IP range for Cloud Composer Network in tenant project will be reserved. Needs to be disjoint @@ -728,20 +788,30 @@ components: cloud_sql_ipv4_cidr_block. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer. - type: string - cloudComposerNetworkIpv4ReservedRange: - description: >- - Output only. The IP range reserved for the tenant project's Cloud - Composer network. This field is supported for Cloud Composer - environments in versions composer-2.*.*-airflow-*.*.* and newer. - readOnly: true - type: string enablePrivatelyUsedPublicIps: description: >- Optional. When enabled, IPs from public (non-RFC1918) ranges can be used for `IPAllocationPolicy.cluster_ipv4_cidr_block` and `IPAllocationPolicy.service_ipv4_cidr_block`. type: boolean + enablePrivateBuildsOnly: + description: >- + Optional. If `true`, builds performed during operations that install + Python packages have only private connectivity to Google services + (including Artifact Registry) and VPC network (if either + `NodeConfig.network` and `NodeConfig.subnetwork` fields or + `NodeConfig.composer_network_attachment` field are specified). If + `false`, the builds also have access to the internet. This field is + supported for Cloud Composer environments in versions + composer-3-airflow-*.*.*-build.* and newer. + type: boolean + webServerIpv4ReservedRange: + type: string + readOnly: true + description: >- + Output only. The IP range reserved for the tenant project's App + Engine VMs. This field is supported for Cloud Composer environments + in versions composer-1.*.*-airflow-*.*.*. cloudComposerConnectionSubnetwork: description: >- Optional. When specified, the environment will use Private Service @@ -749,255 +819,317 @@ components: Tenant Project, and the PSC endpoint in the Customer Project will use an IP address from this subnetwork. type: string - networkingConfig: - description: >- - Optional. Configuration for the network connections configuration in - the environment. - $ref: '#/components/schemas/NetworkingConfig' - PrivateClusterConfig: - id: PrivateClusterConfig - description: >- - Configuration options for the private GKE cluster in a Cloud Composer - environment. - type: object - properties: - enablePrivateEndpoint: - description: >- - Optional. If `true`, access to the public endpoint of the GKE - cluster is denied. - type: boolean - masterIpv4CidrBlock: - description: >- - Optional. The CIDR block from which IPv4 range for GKE master will - be reserved. If left blank, the default value of '172.16.0.0/23' is - used. - type: string - masterIpv4ReservedRange: + cloudSqlIpv4CidrBlock: description: >- - Output only. The IP range in CIDR notation to use for the hosted - master network. This range is used for assigning internal IP - addresses to the GKE cluster master or set of masters and to the - internal load balancer virtual IP. This range must not overlap with - any other ranges in use within the cluster's network. - readOnly: true + Optional. The CIDR block from which IP range in tenant project will + be reserved for Cloud SQL. Needs to be disjoint from + `web_server_ipv4_cidr_block`. type: string - NetworkingConfig: - id: NetworkingConfig + id: PrivateEnvironmentConfig description: >- - Configuration options for networking connections in the Composer 2 - environment. + The configuration information for configuring a Private IP Cloud + Composer environment. + ComposerWorkloadStatus: + id: ComposerWorkloadStatus type: object + description: Workload status. properties: - connectionType: - description: >- - Optional. Indicates the user requested specific connection type - between Tenant and Customer projects. You cannot set networking - connection type in public IP environment. + state: + description: Output only. Workload state. type: string enumDescriptions: - - >- - No specific connection type was requested, so the environment uses - the default value corresponding to the rest of its configuration. - - >- - Requests the use of VPC peerings for connecting the Customer and - Tenant projects. - - >- - Requests the use of Private Service Connect for connecting the - Customer and Tenant projects. + - Not able to determine the status of the workload. + - Workload is in pending state and has not yet started. + - Workload is running fine. + - Workload is running but there are some non-critical problems. + - Workload is not running due to an error. + - Workload has finished execution with success. + - Workload has finished execution with failure. + readOnly: true enum: - - CONNECTION_TYPE_UNSPECIFIED - - VPC_PEERING - - PRIVATE_SERVICE_CONNECT - WebServerNetworkAccessControl: - id: WebServerNetworkAccessControl - description: Network-level access control policy for the Airflow web server. - type: object - properties: - allowedIpRanges: - description: A collection of allowed IP ranges with descriptions. - type: array - items: - $ref: '#/components/schemas/AllowedIpRange' - AllowedIpRange: - id: AllowedIpRange - description: Allowed IP range with user-provided description. - type: object - properties: - value: - description: >- - IP address or range, defined using CIDR notation, of requests that - this rule applies to. Examples: `192.168.1.1` or `192.168.0.0/16` or - `2001:db8::/32` or `2001:0db8:0000:0042:0000:8a2e:0370:7334`. IP - range prefixes should be properly truncated. For example, - `1.2.3.4/24` should be truncated to `1.2.3.0/24`. Similarly, for - IPv6, `2001:db8::1/32` should be truncated to `2001:db8::/32`. + - COMPOSER_WORKLOAD_STATE_UNSPECIFIED + - PENDING + - OK + - WARNING + - ERROR + - SUCCEEDED + - FAILED + detailedStatusMessage: type: string - description: - description: >- - Optional. User-provided description. It must contain at most 300 - characters. + readOnly: true + description: Output only. Detailed message of the status. + statusMessage: + readOnly: true + description: Output only. Text to provide more descriptive status. type: string - DatabaseConfig: - id: DatabaseConfig - description: >- - The configuration of Cloud SQL instance that is used by the Apache - Airflow software. + DagProcessorResource: type: object + description: >- + Configuration for resources used by Airflow DAG processors. This field + is supported for Cloud Composer environments in versions + composer-3-airflow-*.*.*-build.* and newer. + id: DagProcessorResource properties: - machineType: + memoryGb: + format: float + type: number description: >- - Optional. Cloud SQL machine type used by Airflow database. It has to - be one of: db-n1-standard-2, db-n1-standard-4, db-n1-standard-8 or - db-n1-standard-16. If not specified, db-n1-standard-2 will be used. - Supported for Cloud Composer environments in versions - composer-1.*.*-airflow-*.*.*. - type: string - zone: + Optional. Memory (GB) request and limit for a single Airflow DAG + processor replica. + cpu: + format: float description: >- - Optional. The Compute Engine zone where the Airflow database is - created. If zone is provided, it must be in the region selected for - the environment. If zone is not provided, a zone is automatically - selected. The zone can only be set during environment creation. - Supported for Cloud Composer environments in versions - composer-2.*.*-airflow-*.*.*. - type: string - WebServerConfig: - id: WebServerConfig - description: >- - The configuration settings for the Airflow web server App Engine - instance. Supported for Cloud Composer environments in versions - composer-1.*.*-airflow-*.*.* - type: object + Optional. CPU request and limit for a single Airflow DAG processor + replica. + type: number + storageGb: + description: >- + Optional. Storage (GB) request and limit for a single Airflow DAG + processor replica. + format: float + type: number + count: + format: int32 + description: >- + Optional. The number of DAG processors. If not provided or set to 0, + a single DAG processor instance will be created. + type: integer + FetchDatabasePropertiesResponse: + description: Response for FetchDatabasePropertiesRequest. + id: FetchDatabasePropertiesResponse properties: - machineType: + secondaryGceZone: + type: string description: >- - Optional. Machine type on which Airflow web server is running. It - has to be one of: composer-n1-webserver-2, composer-n1-webserver-4 - or composer-n1-webserver-8. If not specified, - composer-n1-webserver-2 will be used. Value custom is returned only - in response, if Airflow web server parameters were manually changed - to a non-standard values. + The Compute Engine zone that the failover instance is currently + serving from for a regional Cloud SQL instance. + primaryGceZone: + description: The Compute Engine zone that the instance is currently serving from. type: string - EncryptionConfig: - id: EncryptionConfig - description: >- - The encryption options for the Cloud Composer environment and its - dependencies.Supported for Cloud Composer environments in versions - composer-1.*.*-airflow-*.*.*. + isFailoverReplicaAvailable: + description: >- + The availability status of the failover replica. A false status + indicates that the failover replica is out of sync. The primary + instance can only fail over to the failover replica when the status + is true. + type: boolean + type: object + Status: + id: Status type: object properties: - kmsKeyName: + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer + message: description: >- - Optional. Customer-managed Encryption Key available through Google's - Key Management Service. Cannot be updated. If not specified, - Google-managed key will be used. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - MaintenanceWindow: - id: MaintenanceWindow + details: + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + type: array + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. description: >- - The configuration settings for Cloud Composer maintenance window. The - following example: ``` { "startTime":"2019-08-01T01:00:00Z" - "endTime":"2019-08-01T07:00:00Z" "recurrence":"FREQ=WEEKLY;BYDAY=TU,WE" - } ``` would define a maintenance window between 01 and 07 hours UTC - during each Tuesday and Wednesday. + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + Empty: + id: Empty + properties: {} type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + NodeConfig: properties: - startTime: + ipAllocationPolicy: + $ref: '#/components/schemas/IPAllocationPolicy' description: >- - Required. Start time of the first recurrence of the maintenance - window. - type: string - format: google-datetime - endTime: + Optional. The configuration for controlling how IPs are allocated in + the GKE cluster. + tags: description: >- - Required. Maintenance window end time. It is used only to calculate - the duration of the maintenance window. The value for end-time must - be in the future, relative to `start_time`. + Optional. The list of instance tags applied to all node VMs. Tags + are used to identify valid sources or targets for network firewalls. + Each tag within the list must comply with + [RFC1035](https://www.ietf.org/rfc/rfc1035.txt). Cannot be updated. + type: array + items: + type: string + oauthScopes: + type: array + items: + type: string + description: >- + Optional. The set of Google API scopes to be made available on all + node VMs. If `oauth_scopes` is empty, defaults to + ["https://www.googleapis.com/auth/cloud-platform"]. Cannot be + updated. This field is supported for Cloud Composer environments in + versions composer-1.*.*-airflow-*.*.*. + location: + description: >- + Optional. The Compute Engine [zone](/compute/docs/regions-zones) in + which to deploy the VMs used to run the Apache Airflow software, + specified as a [relative resource + name](/apis/design/resource_names#relative_resource_name). For + example: "projects/{projectId}/zones/{zoneId}". This `location` must + belong to the enclosing environment's project and location. If both + this field and `nodeConfig.machineType` are specified, + `nodeConfig.machineType` must belong to this `location`; if both are + unspecified, the service will pick a zone in the Compute Engine + region corresponding to the Cloud Composer location, and propagate + that choice to both fields. If only one field (`location` or + `nodeConfig.machineType`) is specified, the location information + from the specified field will be propagated to the unspecified + field. This field is supported for Cloud Composer environments in + versions composer-1.*.*-airflow-*.*.*. type: string - format: google-datetime - recurrence: + serviceAccount: description: >- - Required. Maintenance window recurrence. Format is a subset of - [RFC-5545](https://tools.ietf.org/html/rfc5545) `RRULE`. The only - allowed values for `FREQ` field are `FREQ=DAILY` and - `FREQ=WEEKLY;BYDAY=...` Example values: `FREQ=WEEKLY;BYDAY=TU,WE`, - `FREQ=DAILY`. + Optional. The Google Cloud Platform Service Account to be used by + the node VMs. If a service account is not specified, the "default" + Compute Engine service account is used. Cannot be updated. type: string - WorkloadsConfig: - id: WorkloadsConfig - description: >- - The Kubernetes workloads configuration for GKE cluster associated with - the Cloud Composer environment. Supported for Cloud Composer - environments in versions composer-2.*.*-airflow-*.*.* and newer. - type: object - properties: - scheduler: - description: Optional. Resources used by Airflow schedulers. - $ref: '#/components/schemas/SchedulerResource' - webServer: - description: Optional. Resources used by Airflow web server. - $ref: '#/components/schemas/WebServerResource' - worker: - description: Optional. Resources used by Airflow workers. - $ref: '#/components/schemas/WorkerResource' - triggerer: - description: Optional. Resources used by Airflow triggerers. - $ref: '#/components/schemas/TriggererResource' - dagProcessor: + composerNetworkAttachment: description: >- - Optional. Resources used by Airflow DAG processors. This field is - supported for Cloud Composer environments in versions + Optional. Network Attachment that Cloud Composer environment is + connected to, which provides connectivity with a user's VPC network. + Takes precedence over network and subnetwork settings. If not + provided, but network and subnetwork are defined during environment, + it will be provisioned. If not provided and network and subnetwork + are also empty, then connectivity to user's VPC network is disabled. + Network attachment must be provided in format + projects/{project}/regions/{region}/networkAttachments/{networkAttachment}. + This field is supported for Cloud Composer environments in versions composer-3-airflow-*.*.*-build.* and newer. - $ref: '#/components/schemas/DagProcessorResource' - SchedulerResource: - id: SchedulerResource - description: Configuration for resources used by Airflow schedulers. - type: object - properties: - cpu: - description: >- - Optional. CPU request and limit for a single Airflow scheduler - replica. - type: number - format: float - memoryGb: - description: >- - Optional. Memory (GB) request and limit for a single Airflow - scheduler replica. - type: number - format: float - storageGb: + type: string + diskSizeGb: description: >- - Optional. Storage (GB) request and limit for a single Airflow - scheduler replica. - type: number - format: float - count: - description: Optional. The number of schedulers. + Optional. The disk size in GB used for node VMs. Minimum size is + 30GB. If unspecified, defaults to 100GB. Cannot be updated. This + field is supported for Cloud Composer environments in versions + composer-1.*.*-airflow-*.*.*. type: integer format: int32 - WebServerResource: - id: WebServerResource - description: Configuration for resources used by Airflow web server. + network: + description: >- + Optional. The Compute Engine network to be used for machine + communications, specified as a [relative resource + name](/apis/design/resource_names#relative_resource_name). For + example: "projects/{projectId}/global/networks/{networkId}". If + unspecified, the "default" network ID in the environment's project + is used. If a [Custom Subnet + Network](/vpc/docs/vpc#vpc_networks_and_subnets) is provided, + `nodeConfig.subnetwork` must also be provided. For [Shared + VPC](/vpc/docs/shared-vpc) subnetwork requirements, see + `nodeConfig.subnetwork`. + type: string + subnetwork: + description: >- + Optional. The Compute Engine subnetwork to be used for machine + communications, specified as a [relative resource + name](/apis/design/resource_names#relative_resource_name). For + example: + "projects/{projectId}/regions/{regionId}/subnetworks/{subnetworkId}" + If a subnetwork is provided, `nodeConfig.network` must also be + provided, and the subnetwork must belong to the enclosing + environment's project and location. + type: string + machineType: + type: string + description: >- + Optional. The Compute Engine [machine + type](/compute/docs/machine-types) used for cluster instances, + specified as a [relative resource + name](/apis/design/resource_names#relative_resource_name). For + example: + "projects/{projectId}/zones/{zoneId}/machineTypes/{machineTypeId}". + The `machineType` must belong to the enclosing environment's project + and location. If both this field and `nodeConfig.location` are + specified, this `machineType` must belong to the + `nodeConfig.location`; if both are unspecified, the service will + pick a zone in the Compute Engine region corresponding to the Cloud + Composer location, and propagate that choice to both fields. If + exactly one of this field and `nodeConfig.location` is specified, + the location information from the specified field will be propagated + to the unspecified field. The `machineTypeId` must not be a + [shared-core machine type](/compute/docs/machine-types#sharedcore). + If this field is unspecified, the `machineTypeId` defaults to + "n1-standard-1". This field is supported for Cloud Composer + environments in versions composer-1.*.*-airflow-*.*.*. + composerInternalIpv4CidrBlock: + description: >- + Optional. The IP range in CIDR notation to use internally by Cloud + Composer. IP addresses are not reserved - and the same range can be + used by multiple Cloud Composer environments. In case of overlap, + IPs from this range will not be accessible in the user's VPC + network. Cannot be updated. If not specified, the default value of + '100.64.128.0/20' is used. This field is supported for Cloud + Composer environments in versions composer-3-airflow-*.*.*-build.* + and newer. + type: string + enableIpMasqAgent: + description: >- + Optional. Deploys 'ip-masq-agent' daemon set in the GKE cluster and + defines nonMasqueradeCIDRs equals to pod IP range so IP masquerading + is used for all destination addresses, except between pods traffic. + See: + https://cloud.google.com/kubernetes-engine/docs/how-to/ip-masquerade-agent + type: boolean type: object + id: NodeConfig + description: >- + The configuration information for the Kubernetes Engine nodes running + the Apache Airflow software. + NetworkingConfig: + description: >- + Configuration options for networking connections in the Composer 2 + environment. + id: NetworkingConfig properties: - cpu: - description: Optional. CPU request and limit for Airflow web server. - type: number - format: float - memoryGb: - description: Optional. Memory (GB) request and limit for Airflow web server. - type: number - format: float - storageGb: - description: Optional. Storage (GB) request and limit for Airflow web server. - type: number - format: float + connectionType: + type: string + enum: + - CONNECTION_TYPE_UNSPECIFIED + - VPC_PEERING + - PRIVATE_SERVICE_CONNECT + description: >- + Optional. Indicates the user requested specific connection type + between Tenant and Customer projects. You cannot set networking + connection type in public IP environment. + enumDescriptions: + - >- + No specific connection type was requested, so the environment uses + the default value corresponding to the rest of its configuration. + - >- + Requests the use of VPC peerings for connecting the Customer and + Tenant projects. + - >- + Requests the use of Private Service Connect for connecting the + Customer and Tenant projects. + type: object WorkerResource: - id: WorkerResource description: Configuration for resources used by Airflow workers. - type: object properties: + minCount: + description: Optional. Minimum number of workers for autoscaling. + type: integer + format: int32 cpu: description: Optional. CPU request and limit for a single Airflow worker replica. type: number @@ -1006,130 +1138,273 @@ components: description: >- Optional. Memory (GB) request and limit for a single Airflow worker replica. - type: number format: float - storageGb: - description: >- - Optional. Storage (GB) request and limit for a single Airflow worker - replica. type: number - format: float - minCount: - description: Optional. Minimum number of workers for autoscaling. - type: integer - format: int32 maxCount: - description: Optional. Maximum number of workers for autoscaling. type: integer format: int32 - TriggererResource: - id: TriggererResource - description: Configuration for resources used by Airflow triggerers. + description: Optional. Maximum number of workers for autoscaling. + storageGb: + type: number + format: float + description: >- + Optional. Storage (GB) request and limit for a single Airflow worker + replica. + id: WorkerResource + type: object + RestartWebServerRequest: + id: RestartWebServerRequest + type: object + description: Restart Airflow web server. + properties: {} + OperationMetadata: + description: Metadata describing an operation. + id: OperationMetadata type: object properties: - count: - description: Optional. The number of triggerers. - type: integer - format: int32 - cpu: + operationType: + enum: + - TYPE_UNSPECIFIED + - CREATE + - DELETE + - UPDATE + - CHECK + - SAVE_SNAPSHOT + - LOAD_SNAPSHOT + - DATABASE_FAILOVER + - MIGRATE + type: string + description: Output only. The type of operation being performed. + enumDescriptions: + - Unused. + - A resource creation operation. + - A resource deletion operation. + - A resource update operation. + - A resource check operation. + - Saves snapshot of the resource operation. + - Loads snapshot of the resource operation. + - >- + Triggers failover of environment's Cloud SQL instance (only for + highly resilient environments). + - Migrates resource to a new major version. + createTime: + format: google-datetime + description: Output only. The time the operation was submitted to the server. + type: string + state: + type: string + description: Output only. The current operation state. + enumDescriptions: + - Unused. + - The operation has been created but is not yet started. + - The operation is underway. + - The operation completed successfully. + - '' + - The operation is no longer running but did not succeed. + enum: + - STATE_UNSPECIFIED + - PENDING + - RUNNING + - SUCCEEDED + - SUCCESSFUL + - FAILED + endTime: + format: google-datetime description: >- - Optional. CPU request and limit for a single Airflow triggerer - replica. - type: number - format: float - memoryGb: + Output only. The time when the operation terminated, regardless of + its success. This field is unset if the operation is still ongoing. + type: string + resource: description: >- - Optional. Memory (GB) request and limit for a single Airflow - triggerer replica. - type: number - format: float - DagProcessorResource: - id: DagProcessorResource + Output only. The resource being operated on, as a [relative resource + name]( /apis/design/resource_names#relative_resource_name). + type: string + resourceUuid: + description: Output only. The UUID of the resource being operated on. + type: string + ExecuteAirflowCommandRequest: + description: Execute Airflow Command request. + id: ExecuteAirflowCommandRequest + type: object + properties: + parameters: + description: >- + Parameters for the Airflow command/subcommand as an array of + arguments. It may contain positional arguments like `["my-dag-id"]`, + key-value parameters like `["--foo=bar"]` or `["--foo","bar"]`, or + other flags like `["-f"]`. + items: + type: string + type: array + subcommand: + description: Airflow subcommand. + type: string + command: + description: Airflow command. + type: string + DatabaseFailoverResponse: + type: object + id: DatabaseFailoverResponse + properties: {} + description: Response for DatabaseFailoverRequest. + SoftwareConfig: + id: SoftwareConfig description: >- - Configuration for resources used by Airflow DAG processors. This field - is supported for Cloud Composer environments in versions - composer-3-airflow-*.*.*-build.* and newer. + Specifies the selection and configuration of software inside the + environment. type: object properties: - cpu: + schedulerCount: + format: int32 + type: integer description: >- - Optional. CPU request and limit for a single Airflow DAG processor - replica. - type: number - format: float - memoryGb: + Optional. The number of schedulers for Airflow. This field is + supported for Cloud Composer environments in versions + composer-1.*.*-airflow-2.*.*. + envVariables: + type: object + additionalProperties: + type: string + description: >- + Optional. Additional environment variables to provide to the Apache + Airflow scheduler, worker, and webserver processes. Environment + variable names must match the regular expression `a-zA-Z_*`. They + cannot specify Apache Airflow software configuration overrides (they + cannot match the regular expression + `AIRFLOW__[A-Z0-9_]+__[A-Z0-9_]+`), and they cannot match any of the + following reserved names: * `AIRFLOW_HOME` * `C_FORCE_ROOT` * + `CONTAINER_NAME` * `DAGS_FOLDER` * `GCP_PROJECT` * `GCS_BUCKET` * + `GKE_CLUSTER_NAME` * `SQL_DATABASE` * `SQL_INSTANCE` * + `SQL_PASSWORD` * `SQL_PROJECT` * `SQL_REGION` * `SQL_USER` + pypiPackages: + type: object + description: >- + Optional. Custom Python Package Index (PyPI) packages to be + installed in the environment. Keys refer to the lowercase package + name such as "numpy" and values are the lowercase extras and version + specifier such as "==1.12.0", "[devel,gcp_api]", or "[devel]>=1.8.2, + <1.9.2". To specify a package without pinning it to a version + specifier, use the empty string as the value. + additionalProperties: + type: string + imageVersion: + type: string + description: >- + Optional. The version of the software running in the environment. + This encapsulates both the version of Cloud Composer functionality + and the version of Apache Airflow. It must match the regular + expression + `composer-([0-9]+(\.[0-9]+\.[0-9]+(-preview\.[0-9]+)?)?|latest)-airflow-([0-9]+(\.[0-9]+(\.[0-9]+)?)?)`. + When used as input, the server also checks if the provided version + is supported and denies the request for an unsupported version. The + Cloud Composer portion of the image version is a full [semantic + version](https://semver.org), or an alias in the form of major + version number or `latest`. When an alias is provided, the server + replaces it with the current Cloud Composer version that satisfies + the alias. The Apache Airflow portion of the image version is a full + semantic version that points to one of the supported Apache Airflow + versions, or an alias in the form of only major or major.minor + versions specified. When an alias is provided, the server replaces + it with the latest Apache Airflow version that satisfies the alias + and is supported in the given Cloud Composer version. In all cases, + the resolved image version is stored in the same field. See also + [version list](/composer/docs/concepts/versioning/composer-versions) + and [versioning + overview](/composer/docs/concepts/versioning/composer-versioning-overview). + airflowConfigOverrides: description: >- - Optional. Memory (GB) request and limit for a single Airflow DAG - processor replica. - type: number - format: float - storageGb: + Optional. Apache Airflow configuration properties to override. + Property keys contain the section and property names, separated by a + hyphen, for example "core-dags_are_paused_at_creation". Section + names must not contain hyphens ("-"), opening square brackets ("["), + or closing square brackets ("]"). The property name must not be + empty and must not contain an equals sign ("=") or semicolon (";"). + Section and property names must not contain a period ("."). Apache + Airflow configuration property names must be written in + [snake_case](https://en.wikipedia.org/wiki/Snake_case). Property + values can contain any character, and can be written in any + lower/upper case format. Certain Apache Airflow configuration + property values are + [blocked](/composer/docs/concepts/airflow-configurations), and + cannot be overridden. + type: object + additionalProperties: + type: string + webServerPluginsMode: + type: string + enum: + - WEB_SERVER_PLUGINS_MODE_UNSPECIFIED + - PLUGINS_DISABLED + - PLUGINS_ENABLED description: >- - Optional. Storage (GB) request and limit for a single Airflow DAG - processor replica. - type: number - format: float - count: + Optional. Whether or not the web server uses custom plugins. If + unspecified, the field defaults to `PLUGINS_ENABLED`. This field is + supported for Cloud Composer environments in versions + composer-3-airflow-*.*.*-build.* and newer. + enumDescriptions: + - Default mode. + - Web server plugins are not supported. + - Web server plugins are supported. + cloudDataLineageIntegration: + description: Optional. The configuration for Cloud Data Lineage integration. + $ref: '#/components/schemas/CloudDataLineageIntegration' + pythonVersion: description: >- - Optional. The number of DAG processors. If not provided or set to 0, - a single DAG processor instance will be created. - type: integer - format: int32 - MasterAuthorizedNetworksConfig: - id: MasterAuthorizedNetworksConfig + Optional. The major version of Python used to run the Apache Airflow + scheduler, worker, and webserver processes. Can be set to '2' or + '3'. If not specified, the default is '3'. Cannot be updated. This + field is only supported for Cloud Composer environments in versions + composer-1.*.*-airflow-*.*.*. Environments in newer versions always + use Python major version 3. + type: string + LoadSnapshotResponse: + properties: {} + id: LoadSnapshotResponse + description: Response to LoadSnapshotRequest. + type: object + DatabaseFailoverRequest: description: >- - Configuration options for the master authorized networks feature. - Enabled master authorized networks will disallow all external traffic to - access Kubernetes master through HTTPS except traffic from the given - CIDR blocks, Google Compute Engine Public IPs and Google Prod IPs. + Request to trigger database failover (only for highly resilient + environments). type: object + properties: {} + id: DatabaseFailoverRequest + PollAirflowCommandResponse: + id: PollAirflowCommandResponse properties: - enabled: - description: >- - Optional. Whether or not master authorized networks feature is - enabled. + outputEnd: type: boolean - cidrBlocks: description: >- - Up to 50 external networks that could access Kubernetes master - through HTTPS. - type: array + Whether the command execution has finished and there is no more + output. + output: + description: >- + Output from the command execution. It may not contain the full + output and the caller may need to poll for more lines. items: - $ref: '#/components/schemas/CidrBlock' - CidrBlock: - id: CidrBlock - description: CIDR block with an optional name. + $ref: '#/components/schemas/Line' + type: array + exitInfo: + description: The result exit status of the command. + $ref: '#/components/schemas/ExitInfo' type: object - properties: - displayName: - description: User-defined name that identifies the CIDR block. - type: string - cidrBlock: - description: CIDR block that must be specified in CIDR notation. - type: string - RecoveryConfig: - id: RecoveryConfig - description: The Recovery settings of an environment. + description: Response to PollAirflowCommandRequest. + SaveSnapshotResponse: + description: Response to SaveSnapshotRequest. type: object properties: - scheduledSnapshotsConfig: + snapshotPath: + type: string description: >- - Optional. The configuration for scheduled snapshot creation - mechanism. - $ref: '#/components/schemas/ScheduledSnapshotsConfig' + The fully-resolved Cloud Storage path of the created snapshot, e.g.: + "gs://my-bucket/snapshots/project_location_environment_timestamp". + This field is populated only if the snapshot creation was + successful. + id: SaveSnapshotResponse ScheduledSnapshotsConfig: - id: ScheduledSnapshotsConfig - description: The configuration for scheduled snapshot creation mechanism. type: object + id: ScheduledSnapshotsConfig properties: - enabled: - description: Optional. Whether scheduled snapshots creation is enabled. - type: boolean - snapshotLocation: - description: >- - Optional. The Cloud Storage location for storing automatically - created snapshots. - type: string snapshotCreationSchedule: description: >- Optional. The cron expression representing the time when snapshots @@ -1141,301 +1416,303 @@ components: Optional. Time zone that sets the context to interpret snapshot_creation_schedule. type: string - DataRetentionConfig: - id: DataRetentionConfig - description: The configuration setting for Airflow database data retention mechanism. - type: object - properties: - airflowMetadataRetentionConfig: - description: Optional. The retention policy for airflow metadata database. - $ref: '#/components/schemas/AirflowMetadataRetentionPolicyConfig' - taskLogsRetentionConfig: - description: Optional. The configuration settings for task logs retention - $ref: '#/components/schemas/TaskLogsRetentionConfig' + snapshotLocation: + type: string + description: >- + Optional. The Cloud Storage location for storing automatically + created snapshots. + enabled: + type: boolean + description: Optional. Whether scheduled snapshots creation is enabled. + description: The configuration for scheduled snapshot creation mechanism. AirflowMetadataRetentionPolicyConfig: - id: AirflowMetadataRetentionPolicyConfig - description: The policy for airflow metadata database retention. - type: object properties: + retentionDays: + description: Optional. How many days data should be retained for. + type: integer + format: int32 retentionMode: - description: Optional. Retention can be either enabled or disabled. - type: string - enumDescriptions: - - Default mode doesn't change environment parameters. - - Retention policy is enabled. - - Retention policy is disabled. enum: - RETENTION_MODE_UNSPECIFIED - RETENTION_MODE_ENABLED - RETENTION_MODE_DISABLED - retentionDays: - description: Optional. How many days data should be retained for. - type: integer - format: int32 - TaskLogsRetentionConfig: - id: TaskLogsRetentionConfig - description: The configuration setting for Task Logs. - type: object - properties: - storageMode: - description: Optional. The mode of storage for Airflow workers task logs. type: string enumDescriptions: - - This configuration is not specified by the user. - - >- - Store task logs in Cloud Logging and in the environment's Cloud - Storage bucket. - - Store task logs in Cloud Logging only. - enum: - - TASK_LOGS_STORAGE_MODE_UNSPECIFIED - - CLOUD_LOGGING_AND_CLOUD_STORAGE - - CLOUD_LOGGING_ONLY - StorageConfig: - id: StorageConfig - description: The configuration for data storage in the environment. + - Default mode doesn't change environment parameters. + - Retention policy is enabled. + - Retention policy is disabled. + description: Optional. Retention can be either enabled or disabled. + id: AirflowMetadataRetentionPolicyConfig + description: The policy for airflow metadata database retention. + type: object + ListOperationsResponse: + description: The response message for Operations.ListOperations. + id: ListOperationsResponse type: object properties: - bucket: + unreachable: + items: + type: string description: >- - Optional. The name of the Cloud Storage bucket used by the - environment. No `gs://` prefix. + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + nextPageToken: type: string - ListEnvironmentsResponse: - id: ListEnvironmentsResponse - description: The environments in a project and location. - type: object - properties: - environments: - description: The list of environments returned by a ListEnvironmentsRequest. + description: The standard List next-page token. + operations: type: array items: - $ref: '#/components/schemas/Environment' - nextPageToken: - description: The page token used to query for the next page if one exists. + $ref: '#/components/schemas/Operation' + description: >- + A list of operations that matches the specified filter in the + request. + WebServerResource: + id: WebServerResource + properties: + storageGb: + description: Optional. Storage (GB) request and limit for Airflow web server. + format: float + type: number + memoryGb: + format: float + type: number + description: Optional. Memory (GB) request and limit for Airflow web server. + cpu: + type: number + description: Optional. CPU request and limit for Airflow web server. + format: float + type: object + description: Configuration for resources used by Airflow web server. + ConfigConflict: + id: ConfigConflict + properties: + message: + description: Conflict message. type: string - RestartWebServerRequest: - id: RestartWebServerRequest - description: Restart Airflow web server. + type: + enumDescriptions: + - Conflict type is unknown. + - Conflict is blocking, the upgrade would fail. + - >- + Conflict is non-blocking. The upgrade would succeed, but the + environment configuration would be changed. + description: Conflict type. It can be blocking or non-blocking. + enum: + - CONFLICT_TYPE_UNSPECIFIED + - BLOCKING + - NON_BLOCKING + type: string + description: Environment configuration conflict. type: object - properties: {} - ExecuteAirflowCommandRequest: - id: ExecuteAirflowCommandRequest - description: Execute Airflow Command request. + MasterAuthorizedNetworksConfig: type: object + id: MasterAuthorizedNetworksConfig + description: >- + Configuration options for the master authorized networks feature. + Enabled master authorized networks will disallow all external traffic to + access Kubernetes master through HTTPS except traffic from the given + CIDR blocks, Google Compute Engine Public IPs and Google Prod IPs. properties: - command: - description: Airflow command. - type: string - subcommand: - description: Airflow subcommand. - type: string - parameters: + enabled: description: >- - Parameters for the Airflow command/subcommand as an array of - arguments. It may contain positional arguments like `["my-dag-id"]`, - key-value parameters like `["--foo=bar"]` or `["--foo","bar"]`, or - other flags like `["-f"]`. - type: array + Optional. Whether or not master authorized networks feature is + enabled. + type: boolean + cidrBlocks: + description: >- + Up to 50 external networks that could access Kubernetes master + through HTTPS. items: - type: string - ExecuteAirflowCommandResponse: - id: ExecuteAirflowCommandResponse - description: Response to ExecuteAirflowCommandRequest. - type: object + $ref: '#/components/schemas/CidrBlock' + type: array + CidrBlock: + id: CidrBlock properties: - executionId: - description: The unique ID of the command execution for polling. - type: string - pod: - description: The name of the pod where the command is executed. - type: string - podNamespace: - description: The namespace of the pod where the command is executed. + displayName: + description: User-defined name that identifies the CIDR block. type: string - error: - description: Error message. Empty if there was no error. + cidrBlock: + description: CIDR block that must be specified in CIDR notation. type: string - StopAirflowCommandRequest: - id: StopAirflowCommandRequest - description: Stop Airflow Command request. type: object + description: CIDR block with an optional name. + WebServerNetworkAccessControl: + type: object + id: WebServerNetworkAccessControl + description: Network-level access control policy for the Airflow web server. properties: - executionId: - description: The unique ID of the command execution. - type: string - pod: - description: The name of the pod where the command is executed. - type: string - podNamespace: - description: The namespace of the pod where the command is executed. - type: string - force: - description: >- - If true, the execution is terminated forcefully (SIGKILL). If false, - the execution is stopped gracefully, giving it time for cleanup. - type: boolean + allowedIpRanges: + description: A collection of allowed IP ranges with descriptions. + type: array + items: + $ref: '#/components/schemas/AllowedIpRange' StopAirflowCommandResponse: id: StopAirflowCommandResponse description: Response to StopAirflowCommandRequest. type: object properties: isDone: - description: Whether the execution is still running. type: boolean + description: Whether the execution is still running. output: description: Output message from stopping execution request. - type: array items: type: string - PollAirflowCommandRequest: - id: PollAirflowCommandRequest - description: Poll Airflow Command request. - type: object - properties: - executionId: - description: The unique ID of the command execution. - type: string - pod: - description: The name of the pod where the command is executed. - type: string - podNamespace: - description: The namespace of the pod where the command is executed. - type: string - nextLineNumber: - description: Line number from which new logs should be fetched. - type: integer - format: int32 - PollAirflowCommandResponse: - id: PollAirflowCommandResponse - description: Response to PollAirflowCommandRequest. + type: array + EnvironmentConfig: + description: Configuration information for an environment. + id: EnvironmentConfig type: object properties: - output: + workloadsConfig: description: >- - Output from the command execution. It may not contain the full - output and the caller may need to poll for more lines. - type: array - items: - $ref: '#/components/schemas/Line' - outputEnd: + Optional. The workloads configuration settings for the GKE cluster + associated with the Cloud Composer environment. The GKE cluster runs + Airflow scheduler, web server and workers workloads. This field is + supported for Cloud Composer environments in versions + composer-2.*.*-airflow-*.*.* and newer. + $ref: '#/components/schemas/WorkloadsConfig' + dataRetentionConfig: + $ref: '#/components/schemas/DataRetentionConfig' description: >- - Whether the command execution has finished and there is no more - output. - type: boolean - exitInfo: - description: The result exit status of the command. - $ref: '#/components/schemas/ExitInfo' - Line: - id: Line - description: Contains information about a single line from logs. - type: object - properties: - lineNumber: - description: Number of the line. - type: integer + Optional. The configuration setting for Airflow database data + retention mechanism. + recoveryConfig: + description: >- + Optional. The Recovery settings configuration of an environment. + This field is supported for Cloud Composer environments in versions + composer-2.*.*-airflow-*.*.* and newer. + $ref: '#/components/schemas/RecoveryConfig' + softwareConfig: + $ref: '#/components/schemas/SoftwareConfig' + description: >- + Optional. The configuration settings for software inside the + environment. + masterAuthorizedNetworksConfig: + description: >- + Optional. The configuration options for GKE cluster master + authorized networks. By default master authorized networks feature + is: - in case of private environment: enabled with no external + networks allowlisted. - in case of public environment: disabled. + $ref: '#/components/schemas/MasterAuthorizedNetworksConfig' + nodeCount: + description: >- + The number of nodes in the Kubernetes Engine cluster that will be + used to run this environment. This field is supported for Cloud + Composer environments in versions composer-1.*.*-airflow-*.*.*. format: int32 - content: - description: Text content of the log line. - type: string - ExitInfo: - id: ExitInfo - description: Information about how a command ended. - type: object - properties: - exitCode: - description: The exit code from the command execution. type: integer - format: int32 - error: - description: Error message. Empty if there was no error. - type: string - ListWorkloadsResponse: - id: ListWorkloadsResponse - description: Response to ListWorkloadsRequest. - type: object - properties: - workloads: - description: The list of environment workloads. - type: array - items: - $ref: '#/components/schemas/ComposerWorkload' - nextPageToken: - description: The page token used to query for the next page if one exists. - type: string - ComposerWorkload: - id: ComposerWorkload - description: Information about a single workload. - type: object - properties: - name: - description: Name of a workload. + gkeCluster: type: string - type: - description: Type of a workload. + description: >- + Output only. The Kubernetes Engine cluster used to run this + environment. + environmentSize: + enum: + - ENVIRONMENT_SIZE_UNSPECIFIED + - ENVIRONMENT_SIZE_SMALL + - ENVIRONMENT_SIZE_MEDIUM + - ENVIRONMENT_SIZE_LARGE + - ENVIRONMENT_SIZE_EXTRA_LARGE + description: >- + Optional. The size of the Cloud Composer environment. This field is + supported for Cloud Composer environments in versions + composer-2.*.*-airflow-*.*.* and newer. type: string enumDescriptions: - - Not able to determine the type of the workload. - - Celery worker. - - Kubernetes worker. - - Workload created by Kubernetes Pod Operator. - - Airflow scheduler. - - Airflow Dag processor. - - Airflow triggerer. - - Airflow web server UI. - - Redis. - enum: - - COMPOSER_WORKLOAD_TYPE_UNSPECIFIED - - CELERY_WORKER - - KUBERNETES_WORKER - - KUBERNETES_OPERATOR_POD - - SCHEDULER - - DAG_PROCESSOR - - TRIGGERER - - WEB_SERVER - - REDIS - status: - description: Output only. Status of a workload. - readOnly: true - $ref: '#/components/schemas/ComposerWorkloadStatus' - ComposerWorkloadStatus: - id: ComposerWorkloadStatus - description: Workload status. - type: object - properties: - state: - description: Output only. Workload state. + - The size of the environment is unspecified. + - The environment size is small. + - The environment size is medium. + - The environment size is large. + - The environment size is extra large. + encryptionConfig: + $ref: '#/components/schemas/EncryptionConfig' + description: >- + Optional. The encryption options for the Cloud Composer environment + and its dependencies. Cannot be updated. + airflowUri: + type: string + description: >- + Output only. The URI of the Apache Airflow Web UI hosted within this + environment (see [Airflow web + interface](/composer/docs/how-to/accessing/airflow-web-interface)). + webServerConfig: + description: >- + Optional. The configuration settings for the Airflow web server App + Engine instance. + $ref: '#/components/schemas/WebServerConfig' + maintenanceWindow: + description: >- + Optional. The maintenance window is the period when Cloud Composer + components may undergo maintenance. It is defined so that + maintenance is not executed during peak hours or critical time + periods. The system will not be under maintenance for every + occurrence of this window, but when maintenance is planned, it will + be scheduled during the window. The maintenance window period must + encompass at least 12 hours per week. This may be split into + multiple chunks, each with a size of at least 4 hours. If this value + is omitted, the default value for maintenance window is applied. By + default, maintenance windows are from 00:00:00 to 04:00:00 (GMT) on + Friday, Saturday, and Sunday every week. + $ref: '#/components/schemas/MaintenanceWindow' + privateEnvironmentConfig: + $ref: '#/components/schemas/PrivateEnvironmentConfig' + description: >- + Optional. The configuration used for the Private IP Cloud Composer + environment. + airflowByoidUri: + description: >- + Output only. The 'bring your own identity' variant of the URI of the + Apache Airflow Web UI hosted within this environment, to be accessed + with external identities using workforce identity federation (see + [Access environments with workforce identity + federation](/composer/docs/composer-2/access-environments-with-workforce-identity-federation)). readOnly: true type: string - enumDescriptions: - - Not able to determine the status of the workload. - - Workload is in pending state and has not yet started. - - Workload is running fine. - - Workload is running but there are some non-critical problems. - - Workload is not running due to an error. - - Workload has finished execution with success. - - Workload has finished execution with failure. + databaseConfig: + description: >- + Optional. The configuration settings for Cloud SQL instance used + internally by Apache Airflow software. + $ref: '#/components/schemas/DatabaseConfig' + resilienceMode: enum: - - COMPOSER_WORKLOAD_STATE_UNSPECIFIED - - PENDING - - OK - - WARNING - - ERROR - - SUCCEEDED - - FAILED - statusMessage: - description: Output only. Text to provide more descriptive status. - readOnly: true + - RESILIENCE_MODE_UNSPECIFIED + - HIGH_RESILIENCE + description: >- + Optional. Resilience mode of the Cloud Composer Environment. This + field is supported for Cloud Composer environments in versions + composer-2.2.0-airflow-*.*.* and newer. + enumDescriptions: + - Default mode doesn't change environment parameters. + - Enabled High Resilience mode, including Cloud SQL HA. type: string - detailedStatusMessage: - description: Output only. Detailed message of the status. - readOnly: true + nodeConfig: + $ref: '#/components/schemas/NodeConfig' + description: Optional. The configuration used for the Kubernetes Engine cluster. + webServerNetworkAccessControl: + description: >- + Optional. The network-level access control policy for the Airflow + web server. If unspecified, no network-level access restrictions + will be applied. + $ref: '#/components/schemas/WebServerNetworkAccessControl' + dagGcsPrefix: + description: >- + Output only. The Cloud Storage prefix of the DAGs for this + environment. Although Cloud Storage objects reside in a flat + namespace, a hierarchical file tree can be simulated using + "/"-delimited object name prefixes. DAG objects for this environment + reside in a simulated directory with the given prefix. type: string CheckUpgradeRequest: + type: object id: CheckUpgradeRequest description: Request to check whether image upgrade will succeed. - type: object properties: imageVersion: + type: string description: >- Optional. The version of the software running in the environment. This encapsulates both the version of Cloud Composer functionality @@ -1458,195 +1735,39 @@ components: [version list](/composer/docs/concepts/versioning/composer-versions) and [versioning overview](/composer/docs/concepts/versioning/composer-versioning-overview). - type: string - UserWorkloadsSecret: - id: UserWorkloadsSecret - description: >- - User workloads Secret used by Airflow tasks that run with Kubernetes - executor or KubernetesPodOperator. - type: object - properties: - name: - description: >- - Identifier. The resource name of the Secret, in the form: - "projects/{projectId}/locations/{locationId}/environments/{environmentId}/userWorkloadsSecrets/{userWorkloadsSecretId}" - type: string - data: - description: >- - Optional. The "data" field of Kubernetes Secret, organized in - key-value pairs, which can contain sensitive values such as a - password, a token, or a key. The values for all keys have to be - base64-encoded strings. For details see: - https://kubernetes.io/docs/concepts/configuration/secret/ Example: { - "example": "ZXhhbXBsZV92YWx1ZQ==", "another-example": - "YW5vdGhlcl9leGFtcGxlX3ZhbHVl" } - type: object - additionalProperties: - type: string - ListUserWorkloadsSecretsResponse: - id: ListUserWorkloadsSecretsResponse - description: The user workloads Secrets for a given environment. - type: object - properties: - userWorkloadsSecrets: - description: The list of Secrets returned by a ListUserWorkloadsSecretsRequest. - type: array - items: - $ref: '#/components/schemas/UserWorkloadsSecret' - nextPageToken: - description: The page token used to query for the next page if one exists. - type: string - UserWorkloadsConfigMap: - id: UserWorkloadsConfigMap - description: >- - User workloads ConfigMap used by Airflow tasks that run with Kubernetes - executor or KubernetesPodOperator. - type: object - properties: - name: - description: >- - Identifier. The resource name of the ConfigMap, in the form: - "projects/{projectId}/locations/{locationId}/environments/{environmentId}/userWorkloadsConfigMaps/{userWorkloadsConfigMapId}" - type: string - data: - description: >- - Optional. The "data" field of Kubernetes ConfigMap, organized in - key-value pairs. For details see: - https://kubernetes.io/docs/concepts/configuration/configmap/ - Example: { "example_key": "example_value", "another_key": - "another_value" } - type: object - additionalProperties: - type: string - ListUserWorkloadsConfigMapsResponse: - id: ListUserWorkloadsConfigMapsResponse - description: The user workloads ConfigMaps for a given environment. - type: object - properties: - userWorkloadsConfigMaps: - description: >- - The list of ConfigMaps returned by a - ListUserWorkloadsConfigMapsRequest. - type: array - items: - $ref: '#/components/schemas/UserWorkloadsConfigMap' - nextPageToken: - description: The page token used to query for the next page if one exists. - type: string - SaveSnapshotRequest: - id: SaveSnapshotRequest - description: Request to create a snapshot of a Cloud Composer environment. - type: object - properties: - snapshotLocation: - description: >- - Location in a Cloud Storage where the snapshot is going to be - stored, e.g.: "gs://my-bucket/snapshots". - type: string - LoadSnapshotRequest: - id: LoadSnapshotRequest - description: Request to load a snapshot into a Cloud Composer environment. - type: object - properties: - snapshotPath: - description: >- - A Cloud Storage path to a snapshot to load, e.g.: - "gs://my-bucket/snapshots/project_location_environment_timestamp". - type: string - skipPypiPackagesInstallation: - description: >- - Whether or not to skip installing Pypi packages when loading the - environment's state. - type: boolean - skipEnvironmentVariablesSetting: - description: >- - Whether or not to skip setting environment variables when loading - the environment's state. - type: boolean - skipAirflowOverridesSetting: - description: >- - Whether or not to skip setting Airflow overrides when loading the - environment's state. - type: boolean - skipGcsDataCopying: - description: >- - Whether or not to skip copying Cloud Storage data when loading the - environment's state. - type: boolean - DatabaseFailoverRequest: - id: DatabaseFailoverRequest - description: >- - Request to trigger database failover (only for highly resilient - environments). - type: object - properties: {} - FetchDatabasePropertiesResponse: - id: FetchDatabasePropertiesResponse - description: Response for FetchDatabasePropertiesRequest. - type: object - properties: - primaryGceZone: - description: The Compute Engine zone that the instance is currently serving from. - type: string - secondaryGceZone: - description: >- - The Compute Engine zone that the failover instance is currently - serving from for a regional Cloud SQL instance. - type: string - isFailoverReplicaAvailable: - description: >- - The availability status of the failover replica. A false status - indicates that the failover replica is out of sync. The primary - instance can only fail over to the failover replica when the status - is true. - type: boolean - ListImageVersionsResponse: - id: ListImageVersionsResponse - description: The ImageVersions in a project and location. - type: object - properties: - imageVersions: - description: The list of supported ImageVersions in a location. - type: array - items: - $ref: '#/components/schemas/ImageVersion' - nextPageToken: - description: The page token used to query for the next page if one exists. - type: string - ImageVersion: - id: ImageVersion - description: ImageVersion information - type: object + Line: properties: - imageVersionId: - description: >- - The string identifier of the ImageVersion, in the form: - "composer-x.y.z-airflow-a.b.c" + content: + description: Text content of the log line. type: string - isDefault: + lineNumber: + type: integer + format: int32 + description: Number of the line. + description: Contains information about a single line from logs. + type: object + id: Line + Date: + properties: + day: description: >- - Whether this is the default ImageVersion used by Composer during - environment creation if no input ImageVersion is specified. - type: boolean - supportedPythonVersions: - description: supported python versions - type: array - items: - type: string - releaseDate: - description: The date of the version release. - $ref: '#/components/schemas/Date' - creationDisabled: + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. + format: int32 + type: integer + month: description: >- - Whether it is impossible to create an environment with the image - version. - type: boolean - upgradeDisabled: + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. + type: integer + format: int32 + year: description: >- - Whether it is impossible to upgrade an environment running with the - image version. - type: boolean - Date: + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. + type: integer + format: int32 id: Date description: >- Represents a whole or partial calendar date, such as a birthday. The @@ -1659,154 +1780,74 @@ components: expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp type: object + PollAirflowCommandRequest: + type: object properties: - year: - description: >- - Year of the date. Must be from 1 to 9999, or 0 to specify a date - without a year. - type: integer - format: int32 - month: - description: >- - Month of a year. Must be from 1 to 12, or 0 to specify a year - without a month and day. - type: integer + podNamespace: + type: string + description: The namespace of the pod where the command is executed. + pod: + description: The name of the pod where the command is executed. + type: string + nextLineNumber: + description: Line number from which new logs should be fetched. format: int32 - day: - description: >- - Day of a month. Must be from 1 to 31 and valid for the year and - month, or 0 to specify a year by itself or a year and month where - the day isn't significant. type: integer - format: int32 - OperationMetadata: - id: OperationMetadata - description: Metadata describing an operation. + executionId: + description: The unique ID of the command execution. + type: string + id: PollAirflowCommandRequest + description: Poll Airflow Command request. + CloudDataLineageIntegration: + id: CloudDataLineageIntegration + description: Configuration for Cloud Data Lineage integration. type: object properties: - state: - description: Output only. The current operation state. - type: string - enumDescriptions: - - Unused. - - The operation has been created but is not yet started. - - The operation is underway. - - The operation completed successfully. - - '' - - The operation is no longer running but did not succeed. - enum: - - STATE_UNSPECIFIED - - PENDING - - RUNNING - - SUCCEEDED - - SUCCESSFUL - - FAILED - operationType: - description: Output only. The type of operation being performed. - type: string + enabled: + description: Optional. Whether or not Cloud Data Lineage integration is enabled. + type: boolean + TaskLogsRetentionConfig: + properties: + storageMode: + description: Optional. The mode of storage for Airflow workers task logs. enumDescriptions: - - Unused. - - A resource creation operation. - - A resource deletion operation. - - A resource update operation. - - A resource check operation. - - Saves snapshot of the resource operation. - - Loads snapshot of the resource operation. + - This configuration is not specified by the user. - >- - Triggers failover of environment's Cloud SQL instance (only for - highly resilient environments). - - Migrates resource to a new major version. - enum: - - TYPE_UNSPECIFIED - - CREATE - - DELETE - - UPDATE - - CHECK - - SAVE_SNAPSHOT - - LOAD_SNAPSHOT - - DATABASE_FAILOVER - - MIGRATE - resource: - description: >- - Output only. The resource being operated on, as a [relative resource - name]( /apis/design/resource_names#relative_resource_name). - type: string - resourceUuid: - description: Output only. The UUID of the resource being operated on. - type: string - createTime: - description: Output only. The time the operation was submitted to the server. - type: string - format: google-datetime - endTime: - description: >- - Output only. The time when the operation terminated, regardless of - its success. This field is unset if the operation is still ongoing. + Store task logs in Cloud Logging and in the environment's Cloud + Storage bucket. + - Store task logs in Cloud Logging only. type: string - format: google-datetime - CheckUpgradeResponse: - id: CheckUpgradeResponse - description: >- - Message containing information about the result of an upgrade check - operation. + enum: + - TASK_LOGS_STORAGE_MODE_UNSPECIFIED + - CLOUD_LOGGING_AND_CLOUD_STORAGE + - CLOUD_LOGGING_ONLY type: object + id: TaskLogsRetentionConfig + description: The configuration setting for Task Logs. + DatabaseConfig: properties: - buildLogUri: - description: Output only. Url for a docker build log of an upgraded image. - readOnly: true - type: string - containsPypiModulesConflict: - description: >- - Output only. Whether build has succeeded or failed on modules - conflicts. - readOnly: true + zone: type: string - enumDescriptions: - - It is unknown whether build had conflicts or not. - - There were python packages conflicts. - - There were no python packages conflicts. - enum: - - CONFLICT_RESULT_UNSPECIFIED - - CONFLICT - - NO_CONFLICT - pypiConflictBuildLogExtract: description: >- - Output only. Extract from a docker image build log containing - information about pypi modules conflicts. - readOnly: true - type: string - imageVersion: - description: Composer image for which the build was happening. + Optional. The Compute Engine zone where the Airflow database is + created. If zone is provided, it must be in the region selected for + the environment. If zone is not provided, a zone is automatically + selected. The zone can only be set during environment creation. + Supported for Cloud Composer environments in versions + composer-2.*.*-airflow-*.*.*. + machineType: type: string - pypiDependencies: description: >- - Pypi dependencies specified in the environment configuration, at the - time when the build was triggered. - type: object - additionalProperties: - type: string - SaveSnapshotResponse: - id: SaveSnapshotResponse - description: Response to SaveSnapshotRequest. - type: object - properties: - snapshotPath: - description: >- - The fully-resolved Cloud Storage path of the created snapshot, e.g.: - "gs://my-bucket/snapshots/project_location_environment_timestamp". - This field is populated only if the snapshot creation was - successful. - type: string - LoadSnapshotResponse: - id: LoadSnapshotResponse - description: Response to LoadSnapshotRequest. - type: object - properties: {} - DatabaseFailoverResponse: - id: DatabaseFailoverResponse - description: Response for DatabaseFailoverRequest. + Optional. Cloud SQL machine type used by Airflow database. It has to + be one of: db-n1-standard-2, db-n1-standard-4, db-n1-standard-8 or + db-n1-standard-16. If not specified, db-n1-standard-2 will be used. + Supported for Cloud Composer environments in versions + composer-1.*.*-airflow-*.*.*. + description: >- + The configuration of Cloud SQL instance that is used by the Apache + Airflow software. + id: DatabaseConfig type: object - properties: {} parameters: access_token: description: OAuth access token. @@ -1814,26 +1855,37 @@ components: name: access_token schema: type: string - alt: - description: Data format for response. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: alt + name: prettyPrint + schema: + type: boolean + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields schema: type: string - enum: - - json - - media - - proto - callback: - description: JSONP + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: callback + name: uploadType schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: fields + name: upload_protocol schema: type: string key: @@ -1845,18 +1897,28 @@ components: name: key schema: type: string + callback: + description: JSONP + in: query + name: callback + schema: + type: string oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + alt: + description: Data format for response. in: query - name: prettyPrint + name: alt schema: - type: boolean + type: string + enum: + - json + - media + - proto quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -1866,192 +1928,121 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - _.xgafv: - description: V1 error format. - in: query - name: $.xgafv - schema: - type: string - enum: - - '1' - - '2' x-stackQL-resources: - operations: - id: google.composer.operations - name: operations - title: Operations + user_workloads_config_maps: + id: google.composer.user_workloads_config_maps + name: user_workloads_config_maps + title: User_workloads_config_maps methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' - insert: [] - update: [] - replace: [] delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - environments: - id: google.composer.environments - name: environments - title: Environments - methods: - create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsConfigMaps~1{userWorkloadsConfigMapsId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + update: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsConfigMaps~1{userWorkloadsConfigMapsId}/put response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.environments get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - restart_web_server: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:restartWebServer/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsConfigMaps~1{userWorkloadsConfigMapsId}/get response: mediaType: application/json openAPIDocKey: '200' - execute_airflow_command: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:executeAirflowCommand/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsConfigMaps/get response: mediaType: application/json openAPIDocKey: '200' - stop_airflow_command: + objectKey: $.userWorkloadsConfigMaps + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:stopAirflowCommand/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsConfigMaps/post response: mediaType: application/json openAPIDocKey: '200' - poll_airflow_command: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/user_workloads_config_maps/methods/get + - $ref: >- + #/components/x-stackQL-resources/user_workloads_config_maps/methods/list + insert: + - $ref: >- + #/components/x-stackQL-resources/user_workloads_config_maps/methods/create + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/user_workloads_config_maps/methods/update + delete: + - $ref: >- + #/components/x-stackQL-resources/user_workloads_config_maps/methods/delete + user_workloads_secrets: + id: google.composer.user_workloads_secrets + name: user_workloads_secrets + title: User_workloads_secrets + methods: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:pollAirflowCommand/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsSecrets/post response: mediaType: application/json openAPIDocKey: '200' - check_upgrade: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:checkUpgrade/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsSecrets/get response: mediaType: application/json openAPIDocKey: '200' - save_snapshot: + objectKey: $.userWorkloadsSecrets + update: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:saveSnapshot/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsSecrets~1{userWorkloadsSecretsId}/put response: mediaType: application/json openAPIDocKey: '200' - load_snapshot: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:loadSnapshot/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsSecrets~1{userWorkloadsSecretsId}/delete response: mediaType: application/json openAPIDocKey: '200' - database_failover: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:databaseFailover/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsSecrets~1{userWorkloadsSecretsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/environments/methods/get' - - $ref: '#/components/x-stackQL-resources/environments/methods/list' + - $ref: >- + #/components/x-stackQL-resources/user_workloads_secrets/methods/get + - $ref: >- + #/components/x-stackQL-resources/user_workloads_secrets/methods/list insert: - - $ref: '#/components/x-stackQL-resources/environments/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/environments/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/environments/methods/delete' - database_properties: - id: google.composer.database_properties - name: database_properties - title: Database_properties - methods: - fetch_database_properties: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:fetchDatabaseProperties/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - $ref: >- - #/components/x-stackQL-resources/database_properties/methods/fetch_database_properties - insert: [] + #/components/x-stackQL-resources/user_workloads_secrets/methods/create update: [] - replace: [] - delete: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/user_workloads_secrets/methods/update + delete: + - $ref: >- + #/components/x-stackQL-resources/user_workloads_secrets/methods/delete workloads: id: google.composer.workloads name: workloads @@ -2072,120 +2063,134 @@ components: update: [] replace: [] delete: [] - user_workloads_secrets: - id: google.composer.user_workloads_secrets - name: user_workloads_secrets - title: User_workloads_secrets + environments: + id: google.composer.environments + name: environments + title: Environments methods: - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsSecrets/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}/patch response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsSecrets/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.userWorkloadsSecrets - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsSecrets~1{userWorkloadsSecretsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + load_snapshot: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:loadSnapshot/post + response: + mediaType: application/json + openAPIDocKey: '200' + poll_airflow_command: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:pollAirflowCommand/post + response: + mediaType: application/json + openAPIDocKey: '200' + restart_web_server: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:restartWebServer/post + response: + mediaType: application/json + openAPIDocKey: '200' + check_upgrade: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:checkUpgrade/post response: mediaType: application/json openAPIDocKey: '200' - update: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsSecrets~1{userWorkloadsSecretsId}/put + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.environments + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsSecrets~1{userWorkloadsSecretsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/user_workloads_secrets/methods/get - - $ref: >- - #/components/x-stackQL-resources/user_workloads_secrets/methods/list - insert: - - $ref: >- - #/components/x-stackQL-resources/user_workloads_secrets/methods/create - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/user_workloads_secrets/methods/update - delete: - - $ref: >- - #/components/x-stackQL-resources/user_workloads_secrets/methods/delete - user_workloads_config_maps: - id: google.composer.user_workloads_config_maps - name: user_workloads_config_maps - title: User_workloads_config_maps - methods: - create: + save_snapshot: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsConfigMaps/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:saveSnapshot/post response: mediaType: application/json openAPIDocKey: '200' - list: + database_failover: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsConfigMaps/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:databaseFailover/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.userWorkloadsConfigMaps - get: + execute_airflow_command: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsConfigMaps~1{userWorkloadsConfigMapsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:executeAirflowCommand/post response: mediaType: application/json openAPIDocKey: '200' - update: + stop_airflow_command: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsConfigMaps~1{userWorkloadsConfigMapsId}/put + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:stopAirflowCommand/post response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/environments/methods/get' + - $ref: '#/components/x-stackQL-resources/environments/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/environments/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/environments/methods/patch' + replace: [] delete: + - $ref: '#/components/x-stackQL-resources/environments/methods/delete' + database_properties: + id: google.composer.database_properties + name: database_properties + title: Database_properties + methods: + fetch_database_properties: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}~1userWorkloadsConfigMaps~1{userWorkloadsConfigMapsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1environments~1{environmentsId}:fetchDatabaseProperties/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/user_workloads_config_maps/methods/get - - $ref: >- - #/components/x-stackQL-resources/user_workloads_config_maps/methods/list - insert: - - $ref: >- - #/components/x-stackQL-resources/user_workloads_config_maps/methods/create + #/components/x-stackQL-resources/database_properties/methods/fetch_database_properties + insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/user_workloads_config_maps/methods/update - delete: - - $ref: >- - #/components/x-stackQL-resources/user_workloads_config_maps/methods/delete + replace: [] + delete: [] image_versions: id: google.composer.image_versions name: image_versions @@ -2206,25 +2211,62 @@ components: update: [] replace: [] delete: [] + operations: + id: google.composer.operations + name: operations + title: Operations + methods: + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' + insert: [] + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' paths: - /v1/projects/{projectsId}/locations/{locationsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}/userWorkloadsConfigMaps/{userWorkloadsConfigMapsId}: parameters: &ref_1 - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - get: + delete: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: composer.projects.locations.operations.list + Deletes a user workloads ConfigMap. This method is supported for Cloud + Composer environments in versions composer-3-airflow-*.*.*-build.* and + newer. + operationId: composer.projects.locations.environments.userWorkloadsConfigMaps.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2236,7 +2278,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2248,27 +2290,27 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: environmentsId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: userWorkloadsConfigMapsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 - get: + put: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: composer.projects.locations.operations.get + Updates a user workloads ConfigMap. This method is supported for Cloud + Composer environments in versions composer-3-airflow-*.*.*-build.* and + newer. + operationId: composer.projects.locations.environments.userWorkloadsConfigMaps.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserWorkloadsConfigMap' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2280,7 +2322,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/UserWorkloadsConfigMap' parameters: - in: path name: projectsId @@ -2293,17 +2335,21 @@ paths: schema: type: string - in: path - name: operationsId + name: environmentsId required: true schema: type: string - delete: + - in: path + name: userWorkloadsConfigMapsId + required: true + schema: + type: string + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: composer.projects.locations.operations.delete + Gets an existing user workloads ConfigMap. This method is supported for + Cloud Composer environments in versions composer-3-airflow-*.*.*-build.* + and newer. + operationId: composer.projects.locations.environments.userWorkloadsConfigMaps.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2315,7 +2361,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/UserWorkloadsConfigMap' parameters: - in: path name: projectsId @@ -2328,46 +2374,23 @@ paths: schema: type: string - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/environments: - parameters: *ref_1 - post: - description: Create a new environment. - operationId: composer.projects.locations.environments.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Environment' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId + name: environmentsId required: true schema: type: string - in: path - name: locationsId + name: userWorkloadsConfigMapsId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}/userWorkloadsConfigMaps: + parameters: *ref_1 get: - description: List environments. - operationId: composer.projects.locations.environments.list + description: >- + Lists user workloads ConfigMaps. This method is supported for Cloud + Composer environments in versions composer-3-airflow-*.*.*-build.* and + newer. + operationId: composer.projects.locations.environments.userWorkloadsConfigMaps.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2379,7 +2402,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListEnvironmentsResponse' + $ref: '#/components/schemas/ListUserWorkloadsConfigMapsResponse' parameters: - in: path name: projectsId @@ -2391,6 +2414,11 @@ paths: required: true schema: type: string + - in: path + name: environmentsId + required: true + schema: + type: string - in: query name: pageSize schema: @@ -2400,11 +2428,17 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}: - parameters: *ref_1 - get: - description: Get an existing environment. - operationId: composer.projects.locations.environments.get + post: + description: >- + Creates a user workloads ConfigMap. This method is supported for Cloud + Composer environments in versions composer-3-airflow-*.*.*-build.* and + newer. + operationId: composer.projects.locations.environments.userWorkloadsConfigMaps.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserWorkloadsConfigMap' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2416,7 +2450,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Environment' + $ref: '#/components/schemas/UserWorkloadsConfigMap' parameters: - in: path name: projectsId @@ -2433,14 +2467,19 @@ paths: required: true schema: type: string - patch: - description: Update an environment. - operationId: composer.projects.locations.environments.patch + /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}/userWorkloadsSecrets: + parameters: *ref_1 + post: + description: >- + Creates a user workloads Secret. This method is supported for Cloud + Composer environments in versions composer-3-airflow-*.*.*-build.* and + newer. + operationId: composer.projects.locations.environments.userWorkloadsSecrets.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Environment' + $ref: '#/components/schemas/UserWorkloadsSecret' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2452,7 +2491,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/UserWorkloadsSecret' parameters: - in: path name: projectsId @@ -2469,14 +2508,12 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Delete an environment. - operationId: composer.projects.locations.environments.delete + get: + description: >- + Lists user workloads Secrets. This method is supported for Cloud + Composer environments in versions composer-3-airflow-*.*.*-build.* and + newer. + operationId: composer.projects.locations.environments.userWorkloadsSecrets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2488,7 +2525,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListUserWorkloadsSecretsResponse' parameters: - in: path name: projectsId @@ -2505,16 +2542,28 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:restartWebServer: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}/userWorkloadsSecrets/{userWorkloadsSecretsId}: parameters: *ref_1 - post: - description: Restart Airflow web server. - operationId: composer.projects.locations.environments.restartWebServer + put: + description: >- + Updates a user workloads Secret. This method is supported for Cloud + Composer environments in versions composer-3-airflow-*.*.*-build.* and + newer. + operationId: composer.projects.locations.environments.userWorkloadsSecrets.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/RestartWebServerRequest' + $ref: '#/components/schemas/UserWorkloadsSecret' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2526,7 +2575,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/UserWorkloadsSecret' parameters: - in: path name: projectsId @@ -2543,16 +2592,17 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:executeAirflowCommand: - parameters: *ref_1 - post: - description: Executes Airflow CLI command. - operationId: composer.projects.locations.environments.executeAirflowCommand - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ExecuteAirflowCommandRequest' + - in: path + name: userWorkloadsSecretsId + required: true + schema: + type: string + delete: + description: >- + Deletes a user workloads Secret. This method is supported for Cloud + Composer environments in versions composer-3-airflow-*.*.*-build.* and + newer. + operationId: composer.projects.locations.environments.userWorkloadsSecrets.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2564,7 +2614,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ExecuteAirflowCommandResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2581,16 +2631,17 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:stopAirflowCommand: - parameters: *ref_1 - post: - description: Stops Airflow CLI command execution. - operationId: composer.projects.locations.environments.stopAirflowCommand - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/StopAirflowCommandRequest' + - in: path + name: userWorkloadsSecretsId + required: true + schema: + type: string + get: + description: >- + Gets an existing user workloads Secret. Values of the "data" field in + the response are cleared. This method is supported for Cloud Composer + environments in versions composer-3-airflow-*.*.*-build.* and newer. + operationId: composer.projects.locations.environments.userWorkloadsSecrets.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2602,7 +2653,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/StopAirflowCommandResponse' + $ref: '#/components/schemas/UserWorkloadsSecret' parameters: - in: path name: projectsId @@ -2619,16 +2670,20 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:pollAirflowCommand: + - in: path + name: userWorkloadsSecretsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}/workloads: parameters: *ref_1 - post: - description: Polls Airflow CLI command execution and fetches logs. - operationId: composer.projects.locations.environments.pollAirflowCommand - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PollAirflowCommandRequest' + get: + description: >- + Lists workloads in a Cloud Composer environment. Workload is a unit that + runs a single Composer component. This method is supported for Cloud + Composer environments in versions composer-2.*.*-airflow-*.*.* and + newer. + operationId: composer.projects.locations.environments.workloads.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2640,7 +2695,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PollAirflowCommandResponse' + $ref: '#/components/schemas/ListWorkloadsResponse' parameters: - in: path name: projectsId @@ -2657,18 +2712,29 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:checkUpgrade: + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}: parameters: *ref_1 - post: - description: >- - Check if an upgrade operation on the environment will succeed. In case - of problems detailed info can be found in the returned Operation. - operationId: composer.projects.locations.environments.checkUpgrade + patch: + description: Update an environment. + operationId: composer.projects.locations.environments.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/CheckUpgradeRequest' + $ref: '#/components/schemas/Environment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2697,19 +2763,14 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:saveSnapshot: - parameters: *ref_1 - post: - description: >- - Creates a snapshots of a Cloud Composer environment. As a result of this - operation, snapshot of environment's state is stored in a location - specified in the SaveSnapshotRequest. - operationId: composer.projects.locations.environments.saveSnapshot - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SaveSnapshotRequest' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Get an existing environment. + operationId: composer.projects.locations.environments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2721,7 +2782,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Environment' parameters: - in: path name: projectsId @@ -2738,19 +2799,9 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:loadSnapshot: - parameters: *ref_1 - post: - description: >- - Loads a snapshot of a Cloud Composer environment. As a result of this - operation, a snapshot of environment's specified in LoadSnapshotRequest - is loaded into the environment. - operationId: composer.projects.locations.environments.loadSnapshot - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LoadSnapshotRequest' + delete: + description: Delete an environment. + operationId: composer.projects.locations.environments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2779,16 +2830,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:databaseFailover: + /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:loadSnapshot: parameters: *ref_1 post: - description: Triggers database failover (only for highly resilient environments). - operationId: composer.projects.locations.environments.databaseFailover + description: >- + Loads a snapshot of a Cloud Composer environment. As a result of this + operation, a snapshot of environment's specified in LoadSnapshotRequest + is loaded into the environment. + operationId: composer.projects.locations.environments.loadSnapshot requestBody: content: application/json: schema: - $ref: '#/components/schemas/DatabaseFailoverRequest' + $ref: '#/components/schemas/LoadSnapshotRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2817,11 +2871,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:fetchDatabaseProperties: + /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:pollAirflowCommand: parameters: *ref_1 - get: - description: Fetches database properties. - operationId: composer.projects.locations.environments.fetchDatabaseProperties + post: + description: Polls Airflow CLI command execution and fetches logs. + operationId: composer.projects.locations.environments.pollAirflowCommand + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PollAirflowCommandRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2833,7 +2892,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchDatabasePropertiesResponse' + $ref: '#/components/schemas/PollAirflowCommandResponse' parameters: - in: path name: projectsId @@ -2850,15 +2909,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}/workloads: + /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:restartWebServer: parameters: *ref_1 - get: - description: >- - Lists workloads in a Cloud Composer environment. Workload is a unit that - runs a single Composer component. This method is supported for Cloud - Composer environments in versions composer-2.*.*-airflow-*.*.* and - newer. - operationId: composer.projects.locations.environments.workloads.list + post: + description: Restart Airflow web server. + operationId: composer.projects.locations.environments.restartWebServer + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RestartWebServerRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2870,7 +2930,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListWorkloadsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2878,41 +2938,27 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: environmentsId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: locationsId + required: true schema: type: string - - in: query - name: filter + - in: path + name: environmentsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}/userWorkloadsSecrets: + /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:checkUpgrade: parameters: *ref_1 post: description: >- - Creates a user workloads Secret. This method is supported for Cloud - Composer environments in versions composer-3-airflow-*.*.*-build.* and - newer. - operationId: composer.projects.locations.environments.userWorkloadsSecrets.create + Check if an upgrade operation on the environment will succeed. In case + of problems detailed info can be found in the returned Operation. + operationId: composer.projects.locations.environments.checkUpgrade requestBody: content: application/json: schema: - $ref: '#/components/schemas/UserWorkloadsSecret' + $ref: '#/components/schemas/CheckUpgradeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2924,7 +2970,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UserWorkloadsSecret' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2941,12 +2987,11 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/environments: + parameters: *ref_1 get: - description: >- - Lists user workloads Secrets. This method is supported for Cloud - Composer environments in versions composer-3-airflow-*.*.*-build.* and - newer. - operationId: composer.projects.locations.environments.userWorkloadsSecrets.list + description: List environments. + operationId: composer.projects.locations.environments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2958,7 +3003,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListUserWorkloadsSecretsResponse' + $ref: '#/components/schemas/ListEnvironmentsResponse' parameters: - in: path name: projectsId @@ -2970,11 +3015,6 @@ paths: required: true schema: type: string - - in: path - name: environmentsId - required: true - schema: - type: string - in: query name: pageSize schema: @@ -2984,14 +3024,14 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}/userWorkloadsSecrets/{userWorkloadsSecretsId}: - parameters: *ref_1 - get: - description: >- - Gets an existing user workloads Secret. Values of the "data" field in - the response are cleared. This method is supported for Cloud Composer - environments in versions composer-3-airflow-*.*.*-build.* and newer. - operationId: composer.projects.locations.environments.userWorkloadsSecrets.get + post: + description: Create a new environment. + operationId: composer.projects.locations.environments.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3003,7 +3043,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UserWorkloadsSecret' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3015,27 +3055,52 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:fetchDatabaseProperties: + parameters: *ref_1 + get: + description: Fetches database properties. + operationId: composer.projects.locations.environments.fetchDatabaseProperties + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/FetchDatabasePropertiesResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: environmentsId + name: locationsId required: true schema: type: string - in: path - name: userWorkloadsSecretsId + name: environmentsId required: true schema: type: string - put: + /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:saveSnapshot: + parameters: *ref_1 + post: description: >- - Updates a user workloads Secret. This method is supported for Cloud - Composer environments in versions composer-3-airflow-*.*.*-build.* and - newer. - operationId: composer.projects.locations.environments.userWorkloadsSecrets.update + Creates a snapshots of a Cloud Composer environment. As a result of this + operation, snapshot of environment's state is stored in a location + specified in the SaveSnapshotRequest. + operationId: composer.projects.locations.environments.saveSnapshot requestBody: content: application/json: schema: - $ref: '#/components/schemas/UserWorkloadsSecret' + $ref: '#/components/schemas/SaveSnapshotRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3047,7 +3112,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UserWorkloadsSecret' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3064,17 +3129,16 @@ paths: required: true schema: type: string - - in: path - name: userWorkloadsSecretsId - required: true - schema: - type: string - delete: - description: >- - Deletes a user workloads Secret. This method is supported for Cloud - Composer environments in versions composer-3-airflow-*.*.*-build.* and - newer. - operationId: composer.projects.locations.environments.userWorkloadsSecrets.delete + /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:databaseFailover: + parameters: *ref_1 + post: + description: Triggers database failover (only for highly resilient environments). + operationId: composer.projects.locations.environments.databaseFailover + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DatabaseFailoverRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3086,7 +3150,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3103,24 +3167,16 @@ paths: required: true schema: type: string - - in: path - name: userWorkloadsSecretsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}/userWorkloadsConfigMaps: + /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:executeAirflowCommand: parameters: *ref_1 post: - description: >- - Creates a user workloads ConfigMap. This method is supported for Cloud - Composer environments in versions composer-3-airflow-*.*.*-build.* and - newer. - operationId: composer.projects.locations.environments.userWorkloadsConfigMaps.create + description: Executes Airflow CLI command. + operationId: composer.projects.locations.environments.executeAirflowCommand requestBody: content: application/json: schema: - $ref: '#/components/schemas/UserWorkloadsConfigMap' + $ref: '#/components/schemas/ExecuteAirflowCommandRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3132,7 +3188,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UserWorkloadsConfigMap' + $ref: '#/components/schemas/ExecuteAirflowCommandResponse' parameters: - in: path name: projectsId @@ -3149,12 +3205,16 @@ paths: required: true schema: type: string - get: - description: >- - Lists user workloads ConfigMaps. This method is supported for Cloud - Composer environments in versions composer-3-airflow-*.*.*-build.* and - newer. - operationId: composer.projects.locations.environments.userWorkloadsConfigMaps.list + /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}:stopAirflowCommand: + parameters: *ref_1 + post: + description: Stops Airflow CLI command execution. + operationId: composer.projects.locations.environments.stopAirflowCommand + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/StopAirflowCommandRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3166,7 +3226,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListUserWorkloadsConfigMapsResponse' + $ref: '#/components/schemas/StopAirflowCommandResponse' parameters: - in: path name: projectsId @@ -3183,23 +3243,11 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/environments/{environmentsId}/userWorkloadsConfigMaps/{userWorkloadsConfigMapsId}: + /v1/projects/{projectsId}/locations/{locationsId}/imageVersions: parameters: *ref_1 get: - description: >- - Gets an existing user workloads ConfigMap. This method is supported for - Cloud Composer environments in versions composer-3-airflow-*.*.*-build.* - and newer. - operationId: composer.projects.locations.environments.userWorkloadsConfigMaps.get + description: List ImageVersions for provided location. + operationId: composer.projects.locations.imageVersions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3211,7 +3259,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UserWorkloadsConfigMap' + $ref: '#/components/schemas/ListImageVersionsResponse' parameters: - in: path name: projectsId @@ -3223,27 +3271,28 @@ paths: required: true schema: type: string - - in: path - name: environmentsId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: userWorkloadsConfigMapsId - required: true + - in: query + name: includePastReleases schema: - type: string - put: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 + delete: description: >- - Updates a user workloads ConfigMap. This method is supported for Cloud - Composer environments in versions composer-3-airflow-*.*.*-build.* and - newer. - operationId: composer.projects.locations.environments.userWorkloadsConfigMaps.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserWorkloadsConfigMap' + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: composer.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3255,7 +3304,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UserWorkloadsConfigMap' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -3268,21 +3317,16 @@ paths: schema: type: string - in: path - name: environmentsId - required: true - schema: - type: string - - in: path - name: userWorkloadsConfigMapsId + name: operationsId required: true schema: type: string - delete: + get: description: >- - Deletes a user workloads ConfigMap. This method is supported for Cloud - Composer environments in versions composer-3-airflow-*.*.*-build.* and - newer. - operationId: composer.projects.locations.environments.userWorkloadsConfigMaps.delete + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: composer.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3294,7 +3338,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3307,20 +3351,17 @@ paths: schema: type: string - in: path - name: environmentsId - required: true - schema: - type: string - - in: path - name: userWorkloadsConfigMapsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/imageVersions: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 get: - description: List ImageVersions for provided location. - operationId: composer.projects.locations.imageVersions.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: composer.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3332,7 +3373,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListImageVersionsResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -3350,10 +3391,14 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query - name: includePastReleases + name: returnPartialSuccess schema: type: boolean + - in: query + name: pageToken + schema: + type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/config.yaml b/providers/src/googleapis.com/v00.00.00000/services/config.yaml index 2675d432..d86474aa 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/config.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/config.yaml @@ -7,8 +7,8 @@ info: title: Infrastructure Manager API description: Creates and manages Google Cloud Platform resources and infrastructure. version: v1 - x-discovery-doc-revision: '20250813' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251110' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/infrastructure-manager/docs servers: @@ -49,6 +49,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -2578,6 +2587,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/connectors.yaml b/providers/src/googleapis.com/v00.00.00000/services/connectors.yaml index 77f84815..0c1b3081 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/connectors.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/connectors.yaml @@ -9,8 +9,8 @@ info: Enables users to create and manage connections to Google Cloud services and third-party business applications using the Connectors interface. version: v2 - x-discovery-doc-revision: '20250813' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20250930' + x-generated-date: '2025-12-10' externalDocs: url: >- https://cloud.google.com/apigee/docs/api-platform/connectors/about-connectors @@ -37,176 +37,385 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ExecuteActionRequest: - id: ExecuteActionRequest - description: Request message for ActionService.ExecuteAction + UpdatePolicy: + id: UpdatePolicy type: object + description: Maintenance policy applicable to instance updates. properties: - parameters: + window: description: >- - Parameters for executing the action. The parameters can be key/value - pairs or nested structs. + Optional. Maintenance window that is applied to resources covered by + this policy. + $ref: '#/components/schemas/MaintenanceWindow' + channel: + enum: + - UPDATE_CHANNEL_UNSPECIFIED + - EARLIER + - LATER + - WEEK1 + - WEEK2 + - WEEK5 + enumDescriptions: + - Unspecified channel. + - Early channel within a customer project. + - Later channel within a customer project. + - >- + ! ! The follow channels can ONLY be used if you adopt the new MW + system! ! ! NOTE: all WEEK channels are assumed to be under a + weekly window. ! There is currently no dedicated channel + definitions for Daily windows. ! If you use Daily window, the + system will assume a 1d (24Hours) advanced ! notification period + b/w EARLY and LATER. ! We may consider support more flexible daily + channel specifications in ! the future. WEEK1 == EARLIER with + minimum 7d advanced notification. {7d, 14d} The system will treat + them equally and will use WEEK1 whenever it can. New customers are + encouraged to use this channel annotation. + - WEEK2 == LATER with minimum 14d advanced notification {14d, 21d}. + - >- + WEEK5 == 40d support. minimum 35d advanced notification {35d, + 42d}. + description: Optional. Relative scheduling channel applied to resource. + type: string + denyMaintenancePeriods: + items: + $ref: '#/components/schemas/DenyMaintenancePeriod' + description: >- + Deny Maintenance Period that is applied to resource to indicate when + maintenance is forbidden. The protocol supports zero-to-many such + periods, but the current SLM Rollout implementation only supports + zero-to-one. + type: array + ExchangeAuthCodeResponse: + type: object + description: >- + ExchangeAuthCodeResponse includes the returned access token and its + associated credentials. + properties: + accessCredentials: + $ref: '#/components/schemas/AccessCredentials' + metadata: + description: Metadata like service latency, etc. type: object additionalProperties: - type: any - description: Properties of the object. - ExecuteActionResponse: - id: ExecuteActionResponse - description: Response message for ActionService.ExecuteAction + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + id: ExchangeAuthCodeResponse + ListEntityTypesResponse: + id: ListEntityTypesResponse type: object + description: Response message for EntityService.ListEntityTypes properties: - results: - description: >- - In the case of successful invocation of the specified action, the - results Struct contains values based on the response of the action - invoked. 1. If the action execution produces any entities as a - result, they are returned as an array of Structs with the 'key' - being the field name and the 'value' being the value of that field - in each result row. { 'results': [{'key': 'value'}, ...] } + nextPageToken: + description: Next page token if more entity types available. + type: string + types: + description: List of metadata related to all entity types. type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. + $ref: '#/components/schemas/EntityType' + unsupportedTypeNames: + items: + type: string + type: array + description: >- + List of entity type names which contain unsupported Datatypes. Check + datatype.proto for more information. metadata: - description: Metadata like service latency, etc. type: object additionalProperties: type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - ListActionsResponse: - id: ListActionsResponse - description: Response message for ActionService.ListActions + description: Metadata like service latency, etc. + DailyCycle: + properties: + duration: + type: string + format: google-duration + description: Output only. Duration of the time window, set by service producer. + startTime: + $ref: '#/components/schemas/TimeOfDay' + description: Time within the day to start the operations. + description: Time window specified for daily operations. + type: object + id: DailyCycle + Query: type: object properties: - actions: - description: List of action metadata. - type: array + queryParameters: items: - $ref: '#/components/schemas/Action' - unsupportedActionNames: + $ref: '#/components/schemas/QueryParameter' + type: array description: >- - List of actions which contain unsupported Datatypes. Check - datatype.proto for more information. + In the struct, the value corresponds to the value of query parameter + and date type corresponds to the date type of the query parameter. + maxRows: + format: int64 + description: >- + Sets the limit for the maximum number of rows returned after the + query execution. + type: string + timeout: + description: >- + Sets the number of seconds the driver will wait for a query to + execute. + format: int64 + type: string + query: + type: string + description: Required. Sql query to execute. + id: Query + description: >- + A wrapper around the SQL query statement. This is needed so that the + JSON representation of ExecuteSqlQueryRequest has the following format: + `{"query":"select *"}`. + ListToolsResponse: + type: object + description: Response message for ConnectorAgentService.ListTools + properties: + tools: type: array + description: List of available tools. items: - type: string + $ref: '#/components/schemas/Tool' nextPageToken: - description: Next page token if more actions available. + description: Next page token. type: string metadata: - description: Metadata like service latency, etc. type: object additionalProperties: type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - Action: - id: Action - description: >- - Action message contains metadata information about a single action - present in the external system. - type: object + description: Metadata like service latency, etc. + id: ListToolsResponse + ListResourcesResponse: + id: ListResourcesResponse properties: - name: - description: Name of the action. - type: string - inputParameters: - description: List containing input parameter metadata. - type: array + resources: + description: List of available resources. items: - $ref: '#/components/schemas/InputParameter' - resultMetadata: - description: List containing the metadata of result fields. + $ref: '#/components/schemas/Resource' type: array - items: - $ref: '#/components/schemas/ResultMetadata' - inputJsonSchema: - description: JsonSchema representation of this actions's input schema - $ref: '#/components/schemas/JsonSchema' - resultJsonSchema: - description: JsonSchema representation of this actions's result schema - $ref: '#/components/schemas/JsonSchema' - displayName: - description: Display Name of action to be shown on client side - type: string - description: - description: Brief Description of action + nextPageToken: + description: Next page token if more resources available. type: string metadata: - description: Metadata like service latency, etc. - type: object additionalProperties: type: object additionalProperties: - type: any description: Properties of the object. Contains field @type with type URL. - InputParameter: - id: InputParameter + type: any + type: object + description: Metadata like service latency, etc. + type: object + Empty: + id: Empty + properties: {} description: >- - Input Parameter message contains metadata about the parameters required - for executing an Action. + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + TimeOfDay: type: object properties: - name: - description: Name of the Parameter. - type: string - description: - description: A brief description of the Parameter. - type: string - dataType: - description: The data type of the Parameter - type: string - enumDescriptions: - - Datatype unspecified. - - Deprecated Int type, use INTEGER type instead. - - Small int type. - - Double type. - - Date type. - - Deprecated Datetime type. - - Time type. - - Deprecated string type, use VARCHAR type instead. - - Deprecated Long type, use BIGINT type instead. - - Boolean type. - - Decimal type. - - Deprecated UUID type, use VARCHAR instead. - - Blob type. - - Bit type. - - Tiny int type. - - Integer type. - - Big int type. - - Float type. - - Real type. - - Numeric type. - - Char type. - - Varchar type. - - Long varchar type. - - Timestamp type. - - Nchar type. - - Nvarchar type. - - Long Nvarchar type. - - Null type. - - Other type. - - Java object type. - - Distinct type keyword. - - Struct type. - - Array type. - - Clob type. - - Ref type. - - Datalink type. - - Row ID type. - - Binary type. - - Varbinary type. - - Long Varbinary type. - - Nclob type. - - SQLXML type. - - Ref_cursor type. - - Time with timezone type. - - Timestamp with timezone type. + nanos: + format: int32 + description: >- + Fractions of seconds, in nanoseconds. Must be greater than or equal + to 0 and less than or equal to 999,999,999. + type: integer + minutes: + format: int32 + description: >- + Minutes of an hour. Must be greater than or equal to 0 and less than + or equal to 59. + type: integer + hours: + description: >- + Hours of a day in 24 hour format. Must be greater than or equal to 0 + and typically must be less than or equal to 23. An API may choose to + allow the value "24:00:00" for scenarios like business closing time. + format: int32 + type: integer + seconds: + type: integer + format: int32 + description: >- + Seconds of a minute. Must be greater than or equal to 0 and + typically must be less than or equal to 59. An API may allow the + value 60 if it allows leap-seconds. + description: >- + Represents a time of day. The date and time zone are either not + significant or are specified elsewhere. An API may choose to allow leap + seconds. Related types are google.type.Date and + `google.protobuf.Timestamp`. + id: TimeOfDay + ExecuteSqlQueryRequest: + id: ExecuteSqlQueryRequest + type: object + description: >- + An execute sql query request containing the query and the connection to + execute it on. + properties: + query: + description: >- + Required. SQL statement passed by clients like Integration Platform, + the query is passed as-is to the driver used for interfacing with + external systems. + $ref: '#/components/schemas/Query' + CheckStatusResponse: + type: object + id: CheckStatusResponse + description: The status of the connector. + properties: + metadata: + type: object + additionalProperties: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: Metadata like service latency, etc. + state: + description: State of the connector. + type: string + enum: + - STATE_UNSPECIFIED + - ACTIVE + - ERROR + - AUTH_ERROR + enumDescriptions: + - State unspecified. + - >- + The connector is active and ready to process runtime requests. + This can also mean that from the connector's perspective, the + connector is not in an error state and should be able to process + runtime requests successfully. + - >- + The connector is in an error state and cannot process runtime + requests. An example reason would be that the connection container + has some network issues that prevent outbound requests from being + sent. + - >- + This is a more specific error state that the developers can opt to + use when the connector is facing auth-related errors caused by + auth configuration not present, invalid auth credentials, etc. + description: + description: >- + When the connector is not in ACTIVE state, the description must be + populated to specify the reason why it's not in ACTIVE state. + type: string + SloMetadata: + description: >- + SloMetadata contains resources required for proper SLO classification of + the instance. + id: SloMetadata + properties: + perSliEligibility: + $ref: '#/components/schemas/PerSliSloEligibility' + description: >- + Optional. Multiple per-instance SLI eligibilities which apply for + individual SLIs. + nodes: + description: >- + Optional. List of nodes. Some producers need to use per-node + metadata to calculate SLO. This field allows such producers to + publish per-node SLO meta data, which will be consumed by SSA + Eligibility Exporter and published in the form of per node metric to + Monarch. + items: + $ref: '#/components/schemas/NodeSloMetadata' + type: array + tier: + description: >- + Name of the SLO tier the Instance belongs to. This name will be + expected to match the tiers specified in the service SLO + configuration. Field is mandatory and must not be empty. + type: string + type: object + ProvisionedResource: + id: ProvisionedResource + description: Describes provisioned dataplane resources. + properties: + resourceType: + description: >- + Type of the resource. This can be either a GCP resource or a custom + one (e.g. another cloud provider's VM). For GCP compute resources + use singular form of the names listed in GCP compute API + documentation + (https://cloud.google.com/compute/docs/reference/rest/v1/), prefixed + with 'compute-', for example: 'compute-instance', 'compute-disk', + 'compute-autoscaler'. + type: string + resourceUrl: + type: string + description: >- + URL identifying the resource, e.g. + "https://www.googleapis.com/compute/v1/projects/...)". + type: object + Reference: + id: Reference + type: object + properties: + type: + type: string + description: Name of reference entity type. + name: + description: Name of the reference field. + type: string + AccessCredentials: + description: >- + AccessCredentials includes the OAuth access token, and the other fields + returned along with it. + id: AccessCredentials + type: object + properties: + refreshToken: + description: OAuth refresh token. + type: string + accessToken: + type: string + description: OAuth access token. + expiresIn: + description: Duration till the access token expires. + format: google-duration + type: string + Field: + type: object + description: Message contains EntityType's Field metadata. + properties: + key: + description: >- + The following boolean field specifies if the current Field acts as a + primary key or id if the parent is of type entity. + type: boolean + nullable: + description: Specifies whether a null value is allowed. + type: boolean + description: + type: string + description: A brief description of the Field. + reference: + description: >- + Reference captures the association between two different entity + types. Value links to the reference of another entity type. + $ref: '#/components/schemas/Reference' + name: + description: Name of the Field. + type: string + defaultValue: + description: >- + The following field specifies the default value of the Field + provided by the external system if a value is not provided. + type: any + dataType: enumDeprecated: - false - true @@ -299,17 +508,57 @@ components: - REF_CURSOR - TIME_WITH_TIMEZONE - TIMESTAMP_WITH_TIMEZONE - nullable: - description: Specifies whether a null value is allowed. - type: boolean - defaultValue: + description: The data type of the Field. + enumDescriptions: + - Datatype unspecified. + - Deprecated Int type, use INTEGER type instead. + - Small int type. + - Double type. + - Date type. + - Deprecated Datetime type. + - Time type. + - Deprecated string type, use VARCHAR type instead. + - Deprecated Long type, use BIGINT type instead. + - Boolean type. + - Decimal type. + - Deprecated UUID type, use VARCHAR instead. + - Blob type. + - Bit type. + - Tiny int type. + - Integer type. + - Big int type. + - Float type. + - Real type. + - Numeric type. + - Char type. + - Varchar type. + - Long varchar type. + - Timestamp type. + - Nchar type. + - Nvarchar type. + - Long Nvarchar type. + - Null type. + - Other type. + - Java object type. + - Distinct type keyword. + - Struct type. + - Array type. + - Clob type. + - Ref type. + - Datalink type. + - Row ID type. + - Binary type. + - Varbinary type. + - Long Varbinary type. + - Nclob type. + - SQLXML type. + - Ref_cursor type. + - Time with timezone type. + - Timestamp with timezone type. + type: string + jsonSchema: description: >- - The following field specifies the default value of the Parameter - provided by the external system if a value is not provided. - type: any - jsonSchema: - description: >- - JsonSchema of the parameter, applicable only if parameter is of type + JsonSchema of the field, applicable only if field is of type `STRUCT` $ref: '#/components/schemas/JsonSchema' additionalDetails: @@ -317,148 +566,145 @@ components: The following map contains fields that are not explicitly mentioned above,this give connectors the flexibility to add new metadata fields. + additionalProperties: + type: any + description: Properties of the object. + type: object + id: Field + RefreshAccessTokenRequest: + type: object + id: RefreshAccessTokenRequest + properties: + refreshToken: + description: >- + Optional. Refresh Token String. If the Refresh Token is not + provided, the runtime will read the data from the secret manager. + type: string + description: RefreshAccessTokenRequest includes the refresh token. + GetResourceResponse: + id: GetResourceResponse + properties: + metadata: + additionalProperties: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any type: object + description: Metadata like service latency, etc. + mimeType: + description: The MIME type of the resource. + type: string + data: + description: The content of the resource. + format: byte + type: string + type: object + ExecuteToolResponse: + type: object + description: Response message for ConnectorAgentService.ExecuteTool + properties: + result: additionalProperties: type: any description: Properties of the object. - JsonSchema: - id: JsonSchema - description: JsonSchema representation of schema metadata + description: Output from the tool execution. + type: object + metadata: + description: Metadata like service latency, etc. + type: object + additionalProperties: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + id: ExecuteToolResponse + AuthCodeData: + description: >- + AuthCodeData contains the data the runtime plane will give the connector + backend in exchange for access and refresh tokens. type: object + id: AuthCodeData properties: - description: - description: A description of this schema. + redirectUri: type: string - default: - description: The default value of the field or object described by this schema. - type: any - required: - description: Whether this property is required. - type: array + description: >- + OAuth redirect URI passed in during the auth code flow, required by + some OAuth backends. + pkceVerifier: + description: >- + OAuth PKCE verifier, needed if PKCE is enabled for this particular + connection. + type: string + scopes: items: type: string + type: array + description: >- + Scopes the connection will request when the user performs the auth + code flow. + authCode: + type: string + description: OAuth authorization code. + ExecuteToolRequest: + type: object + description: Request message for ConnectorAgentService.ExecuteTool + properties: + parameters: + additionalProperties: + description: Properties of the object. + type: any + description: Input parameters for the tool. + type: object + id: ExecuteToolRequest + JsonSchema: + properties: type: description: >- JSON Schema Validation: A Vocabulary for Structural Validation of JSON + items: + type: string type: array + required: items: type: string - items: - description: >- - Schema that applies to array values, applicable only if this is of - type `array`. - $ref: '#/components/schemas/JsonSchema' + type: array + description: Whether this property is required. properties: + type: object + additionalProperties: + $ref: '#/components/schemas/JsonSchema' description: >- The child schemas, applicable only if this is of type `object`. The key is the name of the property and the value is the json schema that describes that property + additionalDetails: type: object - additionalProperties: - $ref: '#/components/schemas/JsonSchema' - enum: description: >- - Possible values for an enumeration. This works in conjunction with - `type` to represent types with a fixed set of legal values - type: array - items: + Additional details apart from standard json schema fields, this + gives flexibility to store metadata about the schema + additionalProperties: + description: Properties of the object. type: any + items: + description: >- + Schema that applies to array values, applicable only if this is of + type `array`. + $ref: '#/components/schemas/JsonSchema' + description: + type: string + description: A description of this schema. + default: + type: any + description: The default value of the field or object described by this schema. + format: + description: >- + Format of the value as per + https://json-schema.org/understanding-json-schema/reference/string.html#format + type: string jdbcType: - description: JDBC datatype of the field. type: string - enumDescriptions: - - Datatype unspecified. - - Deprecated Int type, use INTEGER type instead. - - Small int type. - - Double type. - - Date type. - - Deprecated Datetime type. - - Time type. - - Deprecated string type, use VARCHAR type instead. - - Deprecated Long type, use BIGINT type instead. - - Boolean type. - - Decimal type. - - Deprecated UUID type, use VARCHAR instead. - - Blob type. - - Bit type. - - Tiny int type. - - Integer type. - - Big int type. - - Float type. - - Real type. - - Numeric type. - - Char type. - - Varchar type. - - Long varchar type. - - Timestamp type. - - Nchar type. - - Nvarchar type. - - Long Nvarchar type. - - Null type. - - Other type. - - Java object type. - - Distinct type keyword. - - Struct type. - - Array type. - - Clob type. - - Ref type. - - Datalink type. - - Row ID type. - - Binary type. - - Varbinary type. - - Long Varbinary type. - - Nclob type. - - SQLXML type. - - Ref_cursor type. - - Time with timezone type. - - Timestamp with timezone type. - enumDeprecated: - - false - - true - - false - - false - - false - - true - - false - - true - - true - - false - - false - - true - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false enum: - DATA_TYPE_UNSPECIFIED - INT @@ -505,35 +751,6 @@ components: - REF_CURSOR - TIME_WITH_TIMEZONE - TIMESTAMP_WITH_TIMEZONE - format: - description: >- - Format of the value as per - https://json-schema.org/understanding-json-schema/reference/string.html#format - type: string - additionalDetails: - description: >- - Additional details apart from standard json schema fields, this - gives flexibility to store metadata about the schema - type: object - additionalProperties: - type: any - description: Properties of the object. - ResultMetadata: - id: ResultMetadata - description: >- - Result Metadata message contains metadata about the result returned - after executing an Action. - type: object - properties: - name: - description: Name of the metadata field. - type: string - description: - description: A brief description of the metadata field. - type: string - dataType: - description: The data type of the metadata field - type: string enumDescriptions: - Datatype unspecified. - Deprecated Int type, use INTEGER type instead. @@ -626,373 +843,513 @@ components: - false - false - false - enum: - - DATA_TYPE_UNSPECIFIED - - INT - - SMALLINT - - DOUBLE - - DATE - - DATETIME - - TIME - - STRING - - LONG - - BOOLEAN - - DECIMAL - - UUID - - BLOB - - BIT - - TINYINT - - INTEGER - - BIGINT - - FLOAT - - REAL - - NUMERIC - - CHAR - - VARCHAR - - LONGVARCHAR - - TIMESTAMP - - NCHAR - - NVARCHAR - - LONGNVARCHAR - - 'NULL' - - OTHER - - JAVA_OBJECT - - DISTINCT - - STRUCT - - ARRAY - - CLOB - - REF - - DATALINK - - ROWID - - BINARY - - VARBINARY - - LONGVARBINARY - - NCLOB - - SQLXML - - REF_CURSOR - - TIME_WITH_TIMEZONE - - TIMESTAMP_WITH_TIMEZONE - jsonSchema: - description: >- - JsonSchema of the result, applicable only if parameter is of type - `STRUCT` - $ref: '#/components/schemas/JsonSchema' - nullable: - description: Specifies whether a null value is allowed. - type: boolean - defaultValue: + description: JDBC datatype of the field. + enum: description: >- - The following field specifies the default value of the Parameter - provided by the external system if a value is not provided. - type: any - CheckStatusResponse: - id: CheckStatusResponse - description: The status of the connector. + Possible values for an enumeration. This works in conjunction with + `type` to represent types with a fixed set of legal values + items: + type: any + type: array + type: object + description: JsonSchema representation of schema metadata + id: JsonSchema + Action: + description: >- + Action message contains metadata information about a single action + present in the external system. type: object properties: - state: - description: State of the connector. + displayName: + description: Display Name of action to be shown on client side type: string - enumDescriptions: - - State unspecified. - - >- - The connector is active and ready to process runtime requests. - This can also mean that from the connector's perspective, the - connector is not in an error state and should be able to process - runtime requests successfully. - - >- - The connector is in an error state and cannot process runtime - requests. An example reason would be that the connection container - has some network issues that prevent outbound requests from being - sent. - - >- - This is a more specific error state that the developers can opt to - use when the connector is facing auth-related errors caused by - auth configuration not present, invalid auth credentials, etc. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - ERROR - - AUTH_ERROR - description: - description: >- - When the connector is not in ACTIVE state, the description must be - populated to specify the reason why it's not in ACTIVE state. + resultMetadata: + description: List containing the metadata of result fields. + items: + $ref: '#/components/schemas/ResultMetadata' + type: array + name: + description: Name of the action. type: string + inputJsonSchema: + $ref: '#/components/schemas/JsonSchema' + description: JsonSchema representation of this actions's input schema metadata: - description: Metadata like service latency, etc. - type: object additionalProperties: type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. + description: Metadata like service latency, etc. + type: object + inputParameters: + type: array + description: List containing input parameter metadata. + items: + $ref: '#/components/schemas/InputParameter' + resultJsonSchema: + $ref: '#/components/schemas/JsonSchema' + description: JsonSchema representation of this actions's result schema + description: + description: Brief Description of action + type: string + id: Action CheckReadinessResponse: id: CheckReadinessResponse - description: Response containing status of the connector for readiness prober. - type: object properties: status: type: string - ExchangeAuthCodeRequest: - id: ExchangeAuthCodeRequest - description: ExchangeAuthCodeRequest currently includes the auth code data. type: object + description: Response containing status of the connector for readiness prober. + Date: properties: - authCodeData: + day: + format: int32 description: >- - Optional. AuthCodeData contains the data the runtime requires to - exchange for access and refresh tokens. If the data is not provided, - the runtime will read the data from the secret manager. - $ref: '#/components/schemas/AuthCodeData' - AuthCodeData: - id: AuthCodeData + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. + type: integer + year: + description: >- + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. + type: integer + format: int32 + month: + format: int32 + description: >- + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. + type: integer + id: Date description: >- - AuthCodeData contains the data the runtime plane will give the connector - backend in exchange for access and refresh tokens. + Represents a whole or partial calendar date, such as a birthday. The + time of day and time zone are either specified elsewhere or are + insignificant. The date is relative to the Gregorian Calendar. This can + represent one of the following: * A full date, with non-zero year, + month, and day values. * A month and day, with a zero year (for example, + an anniversary). * A year on its own, with a zero month and a zero day. + * A year and month, with a zero day (for example, a credit card + expiration date). Related types: * google.type.TimeOfDay * + google.type.DateTime * google.protobuf.Timestamp type: object + MaintenanceWindow: + description: MaintenanceWindow definition. properties: - authCode: - description: OAuth authorization code. - type: string - pkceVerifier: + weeklyCycle: + $ref: '#/components/schemas/WeeklyCycle' + description: Weekly cycle. + dailyCycle: + $ref: '#/components/schemas/DailyCycle' + description: Daily cycle. + id: MaintenanceWindow + type: object + NodeSloMetadata: + description: >- + Node information for custom per-node SLO implementations. SSA does not + support per-node SLO, but producers can populate per-node information in + SloMetadata for custom precomputations. SSA Eligibility Exporter will + emit per-node metric based on this information. + id: NodeSloMetadata + properties: + nodeId: description: >- - OAuth PKCE verifier, needed if PKCE is enabled for this particular - connection. + The id of the node. This should be equal to + SaasInstanceNode.node_id. type: string - redirectUri: - description: >- - OAuth redirect URI passed in during the auth code flow, required by - some OAuth backends. + location: type: string - scopes: + description: The location of the node, if different from instance location. + perSliEligibility: + $ref: '#/components/schemas/PerSliSloEligibility' description: >- - Scopes the connection will request when the user performs the auth - code flow. - type: array - items: - type: string - ExchangeAuthCodeResponse: - id: ExchangeAuthCodeResponse - description: >- - ExchangeAuthCodeResponse includes the returned access token and its - associated credentials. + If present, this will override eligibility for the node coming from + instance or exclusions for specified SLIs. type: object + RefreshAccessTokenResponse: properties: - accessCredentials: - $ref: '#/components/schemas/AccessCredentials' metadata: - description: Metadata like service latency, etc. type: object + description: Metadata like service latency, etc. additionalProperties: type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - AccessCredentials: - id: AccessCredentials + accessCredentials: + $ref: '#/components/schemas/AccessCredentials' + id: RefreshAccessTokenResponse description: >- - AccessCredentials includes the OAuth access token, and the other fields - returned along with it. - type: object - properties: - accessToken: - description: OAuth access token. - type: string - refreshToken: - description: OAuth refresh token. - type: string - expiresIn: - description: Duration till the access token expires. - type: string - format: google-duration - RefreshAccessTokenRequest: - id: RefreshAccessTokenRequest - description: RefreshAccessTokenRequest includes the refresh token. + RefreshAccessTokenResponse includes the returned access token and its + associated credentials. type: object + ListActionsResponse: + description: Response message for ActionService.ListActions + id: ListActionsResponse properties: - refreshToken: + unsupportedActionNames: description: >- - Optional. Refresh Token String. If the Refresh Token is not - provided, the runtime will read the data from the secret manager. + List of actions which contain unsupported Datatypes. Check + datatype.proto for more information. + type: array + items: + type: string + actions: + description: List of action metadata. + items: + $ref: '#/components/schemas/Action' + type: array + nextPageToken: + description: Next page token if more actions available. type: string - RefreshAccessTokenResponse: - id: RefreshAccessTokenResponse - description: >- - RefreshAccessTokenResponse includes the returned access token and its - associated credentials. - type: object - properties: - accessCredentials: - $ref: '#/components/schemas/AccessCredentials' metadata: - description: Metadata like service latency, etc. type: object additionalProperties: type: object additionalProperties: - type: any description: Properties of the object. Contains field @type with type URL. - ListToolsResponse: - id: ListToolsResponse - description: Response message for ConnectorAgentService.ListTools - type: object - properties: - tools: - description: List of available tools. - type: array - items: - $ref: '#/components/schemas/Tool' - nextPageToken: - description: Next page token. - type: string - Tool: - id: Tool - description: Message representing a single tool. - type: object - properties: - name: - description: Name of the tool. - type: string - description: - description: Description of the tool. - type: string - inputSchema: - description: JSON schema for the input parameters of the tool. - $ref: '#/components/schemas/JsonSchema' - outputSchema: - description: JSON schema for the output of the tool. - $ref: '#/components/schemas/JsonSchema' - ExecuteToolRequest: - id: ExecuteToolRequest - description: Request message for ConnectorAgentService.ExecuteTool + type: any + description: Metadata like service latency, etc. type: object + UpdateEntitiesWithConditionsResponse: properties: - parameters: - description: Input parameters for the tool. + metadata: type: object additionalProperties: - type: any - description: Properties of the object. - ExecuteToolResponse: - id: ExecuteToolResponse - description: Response message for ConnectorAgentService.ExecuteTool - type: object - properties: - result: - description: Output from the tool execution. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + description: Metadata like service latency, etc. + response: + description: Response returned by the external system. type: object additionalProperties: type: any description: Properties of the object. - EntityType: - id: EntityType - description: >- - EntityType message contains metadata information about a single entity - type present in the external system. + description: Response message for EntityService.UpdateEntitiesWithConditions + id: UpdateEntitiesWithConditionsResponse type: object + ExecuteActionResponse: + description: Response message for ActionService.ExecuteAction properties: - name: - description: The name of the entity type. - type: string - fields: + results: description: >- - List containing metadata information about each field of the entity - type. - type: array + In the case of successful invocation of the specified action, the + results Struct contains values based on the response of the action + invoked. 1. If the action execution produces any entities as a + result, they are returned as an array of Structs with the 'key' + being the field name and the 'value' being the value of that field + in each result row. { 'results': [{'key': 'value'}, ...] } items: - $ref: '#/components/schemas/Field' - jsonSchema: - description: JsonSchema representation of this entity's schema - $ref: '#/components/schemas/JsonSchema' - operations: + type: object + additionalProperties: + type: any + description: Properties of the object. type: array - items: - type: string - enumDescriptions: - - Operation unspecified. - - This operation means entity type supports LIST method. - - This operation means entity type supports GET method. - - This operation means entity type supports CREATE method. - - This operation means entity type supports UPDATE method. - - This operation means entity type supports DELETE method. - enum: - - OPERATION_UNSPECIFIED - - LIST - - GET - - CREATE - - UPDATE - - DELETE - defaultSortBy: - type: string + metadata: + additionalProperties: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: Metadata like service latency, etc. + type: object + type: object + id: ExecuteActionResponse + Entity: + type: object + properties: + fields: + additionalProperties: + type: any + description: >- + Fields of the entity. The key is name of the field and the value + contains the applicable `google.protobuf.Value` entry for this + field. + type: object metadata: description: Metadata like service latency, etc. type: object additionalProperties: type: object additionalProperties: - type: any description: Properties of the object. Contains field @type with type URL. - Field: - id: Field - description: Message contains EntityType's Field metadata. + type: any + name: + type: string + readOnly: true + description: >- + Output only. Resource name of the Entity. Format: + projects/{project}/locations/{location}/connections/{connection}/entityTypes/{type}/entities/{id} + id: Entity + description: '''Entity row''/ ''Entity'' refers to a single row of an entity type.' + NotificationParameter: + id: NotificationParameter + properties: + values: + type: array + items: + type: string + description: >- + Optional. Array of string values. e.g. instance's replica + information. + description: Contains notification related data. + type: object + MaintenanceSettings: type: object + description: >- + Maintenance settings associated with instance. Allows service producers + and end users to assign settings that controls maintenance on this + instance. + properties: + maintenancePolicies: + additionalProperties: + $ref: '#/components/schemas/MaintenancePolicy' + description: >- + Optional. The MaintenancePolicies that have been attached to the + instance. The key must be of the type name of the oneof policy name + defined in MaintenancePolicy, and the embedded policy must define + the same policy type. For details, please refer to go/mr-user-guide. + Should not be set if maintenance_policy_names is set. If only the + name is needed, then only populate MaintenancePolicy.name. + type: object + exclude: + type: boolean + description: >- + Optional. Exclude instance from maintenance. When true, rollout + service will not attempt maintenance on the instance. Rollout + service will include the instance in reported rollout progress as + not attempted. + isRollback: + type: boolean + description: >- + Optional. If the update call is triggered from rollback, set the + value as true. + id: MaintenanceSettings + Resource: properties: + description: + description: A description of what this resource represents. + type: string + uri: + type: string + description: The URI of this resource. + size: + type: string + format: int64 + description: The size of the raw resource content, in bytes, if known. name: - description: Name of the Field. + description: A human-readable name for this resource. type: string - description: - description: A brief description of the Field. + mimeType: type: string - dataType: - description: The data type of the Field. + description: The MIME type of this resource, if known. + type: object + id: Resource + Instance: + properties: + notificationParameters: + type: object + additionalProperties: + $ref: '#/components/schemas/NotificationParameter' + description: >- + Optional. notification_parameter are information that service + producers may like to include that is not relevant to Rollout. This + parameter will only be passed to Gamma and Cloud Logging for + notification/logging purpose. + labels: + description: >- + Optional. Resource labels to represent user provided metadata. Each + label is a key-value pair, where both the key and the value are + arbitrary strings provided by the user. + type: object + additionalProperties: + type: string + producerMetadata: + description: >- + Output only. Custom string attributes used primarily to expose + producer-specific information in monitoring dashboards. See + go/get-instance-metadata. + readOnly: true + additionalProperties: + type: string + type: object + maintenanceSettings: + $ref: '#/components/schemas/MaintenanceSettings' + description: Optional. The MaintenanceSettings associated with instance. + state: type: string - enumDescriptions: - - Datatype unspecified. - - Deprecated Int type, use INTEGER type instead. - - Small int type. - - Double type. - - Date type. - - Deprecated Datetime type. - - Time type. - - Deprecated string type, use VARCHAR type instead. - - Deprecated Long type, use BIGINT type instead. - - Boolean type. - - Decimal type. - - Deprecated UUID type, use VARCHAR instead. - - Blob type. - - Bit type. - - Tiny int type. - - Integer type. - - Big int type. - - Float type. - - Real type. - - Numeric type. - - Char type. - - Varchar type. - - Long varchar type. - - Timestamp type. - - Nchar type. - - Nvarchar type. - - Long Nvarchar type. - - Null type. - - Other type. - - Java object type. - - Distinct type keyword. - - Struct type. - - Array type. - - Clob type. - - Ref type. - - Datalink type. - - Row ID type. - - Binary type. - - Varbinary type. - - Long Varbinary type. - - Nclob type. - - SQLXML type. - - Ref_cursor type. - - Time with timezone type. - - Timestamp with timezone type. + readOnly: true + enum: + - STATE_UNSPECIFIED + - CREATING + - READY + - UPDATING + - REPAIRING + - DELETING + - ERROR + enumDescriptions: + - Unspecified state. + - Instance is being created. + - Instance has been created and is ready to use. + - Instance is being updated. + - Instance is unheathy and under repair. + - Instance is being deleted. + - Instance encountered an error and is in indeterministic state. + description: >- + Output only. Current lifecycle state of the resource (e.g. if it's + being created or ready to use). + consumerDefinedName: + type: string + description: >- + consumer_defined_name is the name of the instance set by the service + consumers. Generally this is different from the `name` field which + reperesents the system-assigned id of the instance which the service + consumers do not recognize. This is a required field for tenants + onboarding to Maintenance Window notifications + (go/slm-rollout-maintenance-policies#prerequisites). + consumerProjectNumber: + type: string + description: >- + Optional. The consumer_project_number associated with this Apigee + instance. This field is added specifically to support Apigee + integration with SLM Rollout and UMM. It represents the numerical + project ID of the GCP project that consumes this Apigee instance. It + is used for SLM rollout notifications and UMM integration, enabling + proper mapping to customer projects and log delivery for Apigee + instances. This field complements consumer_project_id and may be + used for specific Apigee scenarios where the numerical ID is + required. + name: + description: >- + Unique name of the resource. It uses the form: + `projects/{project_number}/locations/{location_id}/instances/{instance_id}` + Note: This name is passed, stored and logged across the rollout + system. So use of consumer project_id or any other consumer PII in + the name is strongly discouraged for wipeout (go/wipeout) + compliance. See go/elysium/project_ids#storage-guidance for more + details. + type: string + sloMetadata: + description: >- + Output only. SLO metadata for instance classification in the + Standardized dataplane SLO platform. See go/cloud-ssa-standard-slo + for feature description. + readOnly: true + $ref: '#/components/schemas/SloMetadata' + createTime: + description: Output only. Timestamp when the resource was created. + format: google-datetime + type: string + readOnly: true + maintenanceSchedules: + type: object + additionalProperties: + $ref: '#/components/schemas/MaintenanceSchedule' + description: >- + The MaintenanceSchedule contains the scheduling information of + published maintenance schedule with same key as software_versions. + slmInstanceTemplate: + type: string + description: >- + Link to the SLM instance template. Only populated when updating SLM + instances via SSA's Actuation service adaptor. Service producers + with custom control plane (e.g. Cloud SQL) doesn't need to populate + this field. Instead they should use software_versions. + provisionedResources: + readOnly: true + description: >- + Output only. The list of data plane resources provisioned for this + instance, e.g. compute VMs. See go/get-instance-metadata. + type: array + items: + $ref: '#/components/schemas/ProvisionedResource' + softwareVersions: + description: >- + Software versions that are used to deploy this instance. This can be + mutated by rollout services. + additionalProperties: + type: string + type: object + tenantProjectId: + description: >- + Output only. ID of the associated GCP tenant project. See + go/get-instance-metadata. + type: string + readOnly: true + maintenancePolicyNames: + additionalProperties: + type: string + description: >- + Optional. The MaintenancePolicies that have been attached to the + instance. The key must be of the type name of the oneof policy name + defined in MaintenancePolicy, and the referenced policy must define + the same policy type. For details, please refer to go/mr-user-guide. + Should not be set if maintenance_settings.maintenance_policies is + set. + type: object + updateTime: + description: Output only. Timestamp when the resource was last modified. + readOnly: true + format: google-datetime + type: string + instanceType: + type: string + description: >- + Optional. The instance_type of this instance of format: + projects/{project_number}/locations/{location_id}/instanceTypes/{instance_type_id}. + Instance Type represents a high-level tier or SKU of the service + that this instance belong to. When enabled(eg: Maintenance Rollout), + Rollout uses 'instance_type' along with 'software_versions' to + determine whether instance needs an update or not. + description: >- + Instance represents the interface for SLM services to actuate the state + of control plane resources. Example Instance in JSON, where + consumer-project-number=123456, producer-project-id=cloud-sql: ```json + Instance: { "name": + "projects/123456/locations/us-east1/instances/prod-instance", + "create_time": { "seconds": 1526406431, }, "labels": { "env": "prod", + "foo": "bar" }, "state": READY, "software_versions": { + "software_update": "cloud-sql-09-28-2018", }, + "maintenance_policy_names": { "UpdatePolicy": + "projects/123456/locations/us-east1/maintenancePolicies/prod-update-policy", + } "tenant_project_id": "cloud-sql-test-tenant", "producer_metadata": { + "cloud-sql-tier": "basic", "cloud-sql-instance-size": "1G", }, + "provisioned_resources": [ { "resource-type": "compute-instance", + "resource-url": + "https://www.googleapis.com/compute/v1/projects/cloud-sql/zones/us-east1-b/instances/vm-1", + } ], "maintenance_schedules": { "csa_rollout": { "start_time": { + "seconds": 1526406431, }, "end_time": { "seconds": 1535406431, }, }, + "ncsa_rollout": { "start_time": { "seconds": 1526406431, }, "end_time": + { "seconds": 1535406431, }, } }, "consumer_defined_name": + "my-sql-instance1", } ``` LINT.IfChange + id: Instance + type: object + SloEligibility: + description: >- + SloEligibility is a tuple containing eligibility value: true if an + instance is eligible for SLO calculation or false if it should be + excluded from all SLO-related calculations along with a user-defined + reason. + type: object + properties: + eligible: + type: boolean + description: Whether an instance is eligible or ineligible. + reason: + description: >- + User-defined reason for the current value of instance eligibility. + Usually, this can be directly mapped to the internal state. An empty + reason is allowed. + type: string + id: SloEligibility + QueryParameter: + type: object + id: QueryParameter + properties: + dataType: enumDeprecated: - false - true @@ -1039,6 +1396,52 @@ components: - false - false - false + enumDescriptions: + - Datatype unspecified. + - Deprecated Int type, use INTEGER type instead. + - Small int type. + - Double type. + - Date type. + - Deprecated Datetime type. + - Time type. + - Deprecated string type, use VARCHAR type instead. + - Deprecated Long type, use BIGINT type instead. + - Boolean type. + - Decimal type. + - Deprecated UUID type, use VARCHAR instead. + - Blob type. + - Bit type. + - Tiny int type. + - Integer type. + - Big int type. + - Float type. + - Real type. + - Numeric type. + - Char type. + - Varchar type. + - Long varchar type. + - Timestamp type. + - Nchar type. + - Nvarchar type. + - Long Nvarchar type. + - Null type. + - Other type. + - Java object type. + - Distinct type keyword. + - Struct type. + - Array type. + - Clob type. + - Ref type. + - Datalink type. + - Row ID type. + - Binary type. + - Varbinary type. + - Long Varbinary type. + - Nclob type. + - SQLXML type. + - Ref_cursor type. + - Time with timezone type. + - Timestamp with timezone type. enum: - DATA_TYPE_UNSPECIFIED - INT @@ -1085,250 +1488,155 @@ components: - REF_CURSOR - TIME_WITH_TIMEZONE - TIMESTAMP_WITH_TIMEZONE - key: - description: >- - The following boolean field specifies if the current Field acts as a - primary key or id if the parent is of type entity. - type: boolean - nullable: - description: Specifies whether a null value is allowed. - type: boolean - defaultValue: - description: >- - The following field specifies the default value of the Field - provided by the external system if a value is not provided. + type: string + value: type: any - additionalDetails: - description: >- - The following map contains fields that are not explicitly mentioned - above,this give connectors the flexibility to add new metadata - fields. - type: object - additionalProperties: - type: any - description: Properties of the object. - reference: - description: >- - Reference captures the association between two different entity - types. Value links to the reference of another entity type. - $ref: '#/components/schemas/Reference' - jsonSchema: - description: >- - JsonSchema of the field, applicable only if field is of type - `STRUCT` - $ref: '#/components/schemas/JsonSchema' - Reference: - id: Reference + description: Query parameter definition + Tool: type: object properties: - type: - description: Name of reference entity type. - type: string + inputSchema: + $ref: '#/components/schemas/JsonSchema' + description: JSON schema for the input parameters of the tool. name: - description: Name of the reference field. - type: string - ListEntityTypesResponse: - id: ListEntityTypesResponse - description: Response message for EntityService.ListEntityTypes - type: object - properties: - types: - description: List of metadata related to all entity types. - type: array - items: - $ref: '#/components/schemas/EntityType' - nextPageToken: - description: Next page token if more entity types available. + description: Name of the tool. type: string - unsupportedTypeNames: - description: >- - List of entity type names which contain unsupported Datatypes. Check - datatype.proto for more information. + outputSchema: + $ref: '#/components/schemas/JsonSchema' + description: JSON schema for the output of the tool. + dependsOn: type: array + description: List of tool names that this tool depends on. items: type: string - metadata: - description: Metadata like service latency, etc. - type: object - additionalProperties: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ListEntitiesResponse: - id: ListEntitiesResponse - description: Response message for EntityService.ListEntities + description: + type: string + description: Description of the tool. + annotations: + $ref: '#/components/schemas/ToolAnnotations' + description: Annotations for the tool. + id: Tool + description: Message representing a single tool. + MaintenancePolicy: + id: MaintenancePolicy type: object + description: Defines policies to service maintenance events. properties: - entities: - description: List containing entity rows. - type: array - items: - $ref: '#/components/schemas/Entity' - nextPageToken: - description: Next page token if more records are available. + description: + description: >- + Optional. Description of what this policy is for. Create/Update + methods return INVALID_ARGUMENT if the length is greater than 512. type: string - metadata: - description: Metadata like service latency, etc. + createTime: + type: string + description: Output only. The time when the resource was created. + format: google-datetime + state: + enum: + - STATE_UNSPECIFIED + - READY + - DELETING + enumDescriptions: + - Unspecified state. + - Resource is ready to be used. + - >- + Resource is being deleted. It can no longer be attached to + instances. + description: Optional. The state of the policy. + type: string + labels: type: object + description: >- + Optional. Resource labels to represent user provided metadata. Each + label is a key-value pair, where both the key and the value are + arbitrary strings provided by the user. additionalProperties: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Entity: - id: Entity - description: '''Entity row''/ ''Entity'' refers to a single row of an entity type.' + type: string + updatePolicy: + $ref: '#/components/schemas/UpdatePolicy' + description: Maintenance policy applicable to instance update. + updateTime: + type: string + description: Output only. The time when the resource was updated. + format: google-datetime + name: + description: >- + Required. MaintenancePolicy name using the form: + `projects/{project_id}/locations/{location_id}/maintenancePolicies/{maintenance_policy_id}` + where {project_id} refers to a GCP consumer project ID, + {location_id} refers to a GCP region/zone, {maintenance_policy_id} + must be 1-63 characters long and match the regular expression + `[a-z0-9]([-a-z0-9]*[a-z0-9])?`. + type: string + ToolAnnotations: type: object properties: - name: + readOnlyHint: + description: If true, the tool does not modify its environment. + type: boolean + destructiveHint: description: >- - Output only. Resource name of the Entity. Format: - projects/{project}/locations/{location}/connections/{connection}/entityTypes/{type}/entities/{id} - readOnly: true + If true, the tool may perform destructive updates to its + environment. If false, the tool performs only additive updates. + (This property is meaningful only when `read_only_hint == false`) + type: boolean + openWorldHint: + type: boolean + description: >- + If true, this tool may interact with an "open world" of external + entities. If false, the tool's domain of interaction is closed. For + example, the world of a web search tool is open, whereas that of a + memory tool is not. + title: + description: A human-readable title for the tool. type: string - fields: + idempotentHint: + type: boolean description: >- - Fields of the entity. The key is name of the field and the value - contains the applicable `google.protobuf.Value` entry for this - field. - type: object - additionalProperties: - type: any - metadata: - description: Metadata like service latency, etc. - type: object - additionalProperties: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - UpdateEntitiesWithConditionsResponse: - id: UpdateEntitiesWithConditionsResponse - description: Response message for EntityService.UpdateEntitiesWithConditions - type: object + If true, calling the tool repeatedly with the same arguments will + have no additional effect on the environment. (This property is + meaningful only when `read_only_hint == false`) + id: ToolAnnotations + description: ToolAnnotations holds annotations for a tool. + PerSliSloEligibility: + description: PerSliSloEligibility is a mapping from an SLI name to eligibility. + id: PerSliSloEligibility properties: - response: - description: Response returned by the external system. - type: object + eligibilities: additionalProperties: - type: any - description: Properties of the object. - metadata: - description: Metadata like service latency, etc. + $ref: '#/components/schemas/SloEligibility' type: object - additionalProperties: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - ExecuteSqlQueryRequest: - id: ExecuteSqlQueryRequest - description: >- - An execute sql query request containing the query and the connection to - execute it on. - type: object - properties: - query: description: >- - Required. SQL statement passed by clients like Integration Platform, - the query is passed as-is to the driver used for interfacing with - external systems. - $ref: '#/components/schemas/Query' - Query: - id: Query - description: >- - A wrapper around the SQL query statement. This is needed so that the - JSON representation of ExecuteSqlQueryRequest has the following format: - `{"query":"select *"}`. + An entry in the eligibilities map specifies an eligibility for a + particular SLI for the given instance. The SLI key in the name must + be a valid SLI name specified in the Eligibility Exporter binary + flags otherwise an error will be emitted by Eligibility Exporter and + the oncaller will be alerted. If an SLI has been defined in the + binary flags but the eligibilities map does not contain it, the + corresponding SLI time series will not be emitted by the Eligibility + Exporter. This ensures a smooth rollout and compatibility between + the data produced by different versions of the Eligibility + Exporters. If eligibilities map contains a key for an SLI which has + not been declared in the binary flags, there will be an error + message emitted in the Eligibility Exporter log and the metric for + the SLI in question will not be emitted. type: object + InputParameter: properties: - query: - description: Required. Sql query to execute. - type: string - timeout: - description: >- - Sets the number of seconds the driver will wait for a query to - execute. + name: type: string - format: int64 - maxRows: + description: Name of the Parameter. + nullable: + description: Specifies whether a null value is allowed. + type: boolean + jsonSchema: description: >- - Sets the limit for the maximum number of rows returned after the - query execution. + JsonSchema of the parameter, applicable only if parameter is of type + `STRUCT` + $ref: '#/components/schemas/JsonSchema' + dataType: + description: The data type of the Parameter type: string - format: int64 - queryParameters: - description: >- - In the struct, the value corresponds to the value of query parameter - and date type corresponds to the date type of the query parameter. - type: array - items: - $ref: '#/components/schemas/QueryParameter' - QueryParameter: - id: QueryParameter - description: Query parameter definition - type: object - properties: - value: - type: any - dataType: - type: string - enumDescriptions: - - Datatype unspecified. - - Deprecated Int type, use INTEGER type instead. - - Small int type. - - Double type. - - Date type. - - Deprecated Datetime type. - - Time type. - - Deprecated string type, use VARCHAR type instead. - - Deprecated Long type, use BIGINT type instead. - - Boolean type. - - Decimal type. - - Deprecated UUID type, use VARCHAR instead. - - Blob type. - - Bit type. - - Tiny int type. - - Integer type. - - Big int type. - - Float type. - - Real type. - - Numeric type. - - Char type. - - Varchar type. - - Long varchar type. - - Timestamp type. - - Nchar type. - - Nvarchar type. - - Long Nvarchar type. - - Null type. - - Other type. - - Java object type. - - Distinct type keyword. - - Struct type. - - Array type. - - Clob type. - - Ref type. - - Datalink type. - - Row ID type. - - Binary type. - - Varbinary type. - - Long Varbinary type. - - Nclob type. - - SQLXML type. - - Ref_cursor type. - - Time with timezone type. - - Timestamp with timezone type. enumDeprecated: - false - true @@ -1375,6 +1683,52 @@ components: - false - false - false + enumDescriptions: + - Datatype unspecified. + - Deprecated Int type, use INTEGER type instead. + - Small int type. + - Double type. + - Date type. + - Deprecated Datetime type. + - Time type. + - Deprecated string type, use VARCHAR type instead. + - Deprecated Long type, use BIGINT type instead. + - Boolean type. + - Decimal type. + - Deprecated UUID type, use VARCHAR instead. + - Blob type. + - Bit type. + - Tiny int type. + - Integer type. + - Big int type. + - Float type. + - Real type. + - Numeric type. + - Char type. + - Varchar type. + - Long varchar type. + - Timestamp type. + - Nchar type. + - Nvarchar type. + - Long Nvarchar type. + - Null type. + - Other type. + - Java object type. + - Distinct type keyword. + - Struct type. + - Array type. + - Clob type. + - Ref type. + - Datalink type. + - Row ID type. + - Binary type. + - Varbinary type. + - Long Varbinary type. + - Nclob type. + - SQLXML type. + - Ref_cursor type. + - Time with timezone type. + - Timestamp with timezone type. enum: - DATA_TYPE_UNSPECIFIED - INT @@ -1421,659 +1775,424 @@ components: - REF_CURSOR - TIME_WITH_TIMEZONE - TIMESTAMP_WITH_TIMEZONE - ExecuteSqlQueryResponse: - id: ExecuteSqlQueryResponse - description: A response returned by the connection after executing the sql query. + description: + description: A brief description of the Parameter. + type: string + defaultValue: + type: any + description: >- + The following field specifies the default value of the Parameter + provided by the external system if a value is not provided. + additionalDetails: + description: >- + The following map contains fields that are not explicitly mentioned + above,this give connectors the flexibility to add new metadata + fields. + additionalProperties: + type: any + description: Properties of the object. + type: object + id: InputParameter + type: object + description: >- + Input Parameter message contains metadata about the parameters required + for executing an Action. + DenyMaintenancePeriod: type: object properties: - results: + endDate: + $ref: '#/components/schemas/Date' description: >- - In the case of successful execution of the query the response - contains results returned by the external system. For example, the - result rows of the query are contained in the 'results' Struct list - - "results": [ { "field1": "val1", "field2": "val2",.. },.. ] Each - Struct row can contain fields any type of like nested Structs or - lists. + Deny period end date. This can be: * A full date, with non-zero + year, month and day values. * A month and day value, with a zero + year. Allows recurring deny periods each year. Date matching this + period will have to be before the end. + startDate: + description: >- + Deny period start date. This can be: * A full date, with non-zero + year, month and day values. * A month and day value, with a zero + year. Allows recurring deny periods each year. Date matching this + period will have to be the same or after the start. + $ref: '#/components/schemas/Date' + time: + $ref: '#/components/schemas/TimeOfDay' + description: >- + Time in UTC when the Blackout period starts on start_date and ends + on end_date. This can be: * Full time. * All zeros for 00:00:00 UTC + id: DenyMaintenancePeriod + description: >- + DenyMaintenancePeriod definition. Maintenance is forbidden within the + deny period. The start_date must be less than the end_date. + ListEntitiesResponse: + description: Response message for EntityService.ListEntities + properties: + entities: type: array + description: List containing entity rows. items: + $ref: '#/components/schemas/Entity' + metadata: + type: object + additionalProperties: type: object additionalProperties: type: any - description: Properties of the object. - Instance: - id: Instance - description: >- - Instance represents the interface for SLM services to actuate the state - of control plane resources. Example Instance in JSON, where - consumer-project-number=123456, producer-project-id=cloud-sql: ```json - Instance: { "name": - "projects/123456/locations/us-east1/instances/prod-instance", - "create_time": { "seconds": 1526406431, }, "labels": { "env": "prod", - "foo": "bar" }, "state": READY, "software_versions": { - "software_update": "cloud-sql-09-28-2018", }, - "maintenance_policy_names": { "UpdatePolicy": - "projects/123456/locations/us-east1/maintenancePolicies/prod-update-policy", - } "tenant_project_id": "cloud-sql-test-tenant", "producer_metadata": { - "cloud-sql-tier": "basic", "cloud-sql-instance-size": "1G", }, - "provisioned_resources": [ { "resource-type": "compute-instance", - "resource-url": - "https://www.googleapis.com/compute/v1/projects/cloud-sql/zones/us-east1-b/instances/vm-1", - } ], "maintenance_schedules": { "csa_rollout": { "start_time": { - "seconds": 1526406431, }, "end_time": { "seconds": 1535406431, }, }, - "ncsa_rollout": { "start_time": { "seconds": 1526406431, }, "end_time": - { "seconds": 1535406431, }, } }, "consumer_defined_name": - "my-sql-instance1", } ``` LINT.IfChange + description: Properties of the object. Contains field @type with type URL. + description: Metadata like service latency, etc. + nextPageToken: + description: Next page token if more records are available. + type: string + type: object + id: ListEntitiesResponse + Schedule: type: object properties: - name: - description: >- - Unique name of the resource. It uses the form: - `projects/{project_number}/locations/{location_id}/instances/{instance_id}` - Note: This name is passed, stored and logged across the rollout - system. So use of consumer project_id or any other consumer PII in - the name is strongly discouraged for wipeout (go/wipeout) - compliance. See go/elysium/project_ids#storage-guidance for more - details. - type: string - createTime: - description: Output only. Timestamp when the resource was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when the resource was last modified. - readOnly: true + duration: + description: Output only. Duration of the time window, set by service producer. + format: google-duration type: string - format: google-datetime - labels: - description: >- - Optional. Resource labels to represent user provided metadata. Each - label is a key-value pair, where both the key and the value are - arbitrary strings provided by the user. - type: object - additionalProperties: - type: string - state: - description: >- - Output only. Current lifecycle state of the resource (e.g. if it's - being created or ready to use). - readOnly: true + day: type: string - enumDescriptions: - - Unspecified state. - - Instance is being created. - - Instance has been created and is ready to use. - - Instance is being updated. - - Instance is unheathy and under repair. - - Instance is being deleted. - - Instance encountered an error and is in indeterministic state. enum: - - STATE_UNSPECIFIED - - CREATING - - READY - - UPDATING - - REPAIRING - - DELETING - - ERROR - softwareVersions: - description: >- - Software versions that are used to deploy this instance. This can be - mutated by rollout services. - type: object - additionalProperties: - type: string - maintenancePolicyNames: - description: >- - Optional. The MaintenancePolicies that have been attached to the - instance. The key must be of the type name of the oneof policy name - defined in MaintenancePolicy, and the referenced policy must define - the same policy type. For details, please refer to go/mr-user-guide. - Should not be set if maintenance_settings.maintenance_policies is - set. - type: object - additionalProperties: - type: string - tenantProjectId: - description: >- - Output only. ID of the associated GCP tenant project. See - go/get-instance-metadata. - readOnly: true - type: string - producerMetadata: - description: >- - Output only. Custom string attributes used primarily to expose - producer-specific information in monitoring dashboards. See - go/get-instance-metadata. - readOnly: true - type: object - additionalProperties: - type: string - provisionedResources: - description: >- - Output only. The list of data plane resources provisioned for this - instance, e.g. compute VMs. See go/get-instance-metadata. - readOnly: true - type: array - items: - $ref: '#/components/schemas/ProvisionedResource' - sloMetadata: - description: >- - Output only. SLO metadata for instance classification in the - Standardized dataplane SLO platform. See go/cloud-ssa-standard-slo - for feature description. - readOnly: true - $ref: '#/components/schemas/SloMetadata' - maintenanceSchedules: - description: >- - The MaintenanceSchedule contains the scheduling information of - published maintenance schedule with same key as software_versions. - type: object - additionalProperties: - $ref: '#/components/schemas/MaintenanceSchedule' - consumerDefinedName: - description: >- - consumer_defined_name is the name of the instance set by the service - consumers. Generally this is different from the `name` field which - reperesents the system-assigned id of the instance which the service - consumers do not recognize. This is a required field for tenants - onboarding to Maintenance Window notifications - (go/slm-rollout-maintenance-policies#prerequisites). - type: string - slmInstanceTemplate: - description: >- - Link to the SLM instance template. Only populated when updating SLM - instances via SSA's Actuation service adaptor. Service producers - with custom control plane (e.g. Cloud SQL) doesn't need to populate - this field. Instead they should use software_versions. - type: string - maintenanceSettings: - description: Optional. The MaintenanceSettings associated with instance. - $ref: '#/components/schemas/MaintenanceSettings' - instanceType: - description: >- - Optional. The instance_type of this instance of format: - projects/{project_number}/locations/{location_id}/instanceTypes/{instance_type_id}. - Instance Type represents a high-level tier or SKU of the service - that this instance belong to. When enabled(eg: Maintenance Rollout), - Rollout uses 'instance_type' along with 'software_versions' to - determine whether instance needs an update or not. - type: string - notificationParameters: - description: >- - Optional. notification_parameter are information that service - producers may like to include that is not relevant to Rollout. This - parameter will only be passed to Gamma and Cloud Logging for - notification/logging purpose. - type: object - additionalProperties: - $ref: '#/components/schemas/NotificationParameter' - consumerProjectNumber: - description: >- - Optional. The consumer_project_number associated with this Apigee - instance. This field is added specifically to support Apigee - integration with SLM Rollout and UMM. It represents the numerical - project ID of the GCP project that consumes this Apigee instance. It - is used for SLM rollout notifications and UMM integration, enabling - proper mapping to customer projects and log delivery for Apigee - instances. This field complements consumer_project_id and may be - used for specific Apigee scenarios where the numerical ID is - required. - type: string - ProvisionedResource: - id: ProvisionedResource - description: Describes provisioned dataplane resources. + - DAY_OF_WEEK_UNSPECIFIED + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + - SUNDAY + enumDescriptions: + - The day of the week is unspecified. + - Monday + - Tuesday + - Wednesday + - Thursday + - Friday + - Saturday + - Sunday + description: Allows to define schedule that runs specified day of the week. + startTime: + $ref: '#/components/schemas/TimeOfDay' + description: Time within the window to start the operations. + id: Schedule + description: Configure the schedule. + ExchangeAuthCodeRequest: + id: ExchangeAuthCodeRequest type: object properties: - resourceType: - description: >- - Type of the resource. This can be either a GCP resource or a custom - one (e.g. another cloud provider's VM). For GCP compute resources - use singular form of the names listed in GCP compute API - documentation - (https://cloud.google.com/compute/docs/reference/rest/v1/), prefixed - with 'compute-', for example: 'compute-instance', 'compute-disk', - 'compute-autoscaler'. - type: string - resourceUrl: + authCodeData: description: >- - URL identifying the resource, e.g. - "https://www.googleapis.com/compute/v1/projects/...)". - type: string - SloMetadata: - id: SloMetadata - description: >- - SloMetadata contains resources required for proper SLO classification of - the instance. - type: object + Optional. AuthCodeData contains the data the runtime requires to + exchange for access and refresh tokens. If the data is not provided, + the runtime will read the data from the secret manager. + $ref: '#/components/schemas/AuthCodeData' + description: ExchangeAuthCodeRequest currently includes the auth code data. + WeeklyCycle: properties: - tier: - description: >- - Name of the SLO tier the Instance belongs to. This name will be - expected to match the tiers specified in the service SLO - configuration. Field is mandatory and must not be empty. - type: string - nodes: - description: >- - Optional. List of nodes. Some producers need to use per-node - metadata to calculate SLO. This field allows such producers to - publish per-node SLO meta data, which will be consumed by SSA - Eligibility Exporter and published in the form of per node metric to - Monarch. - type: array + schedule: items: - $ref: '#/components/schemas/NodeSloMetadata' - perSliEligibility: - description: >- - Optional. Multiple per-instance SLI eligibilities which apply for - individual SLIs. - $ref: '#/components/schemas/PerSliSloEligibility' - NodeSloMetadata: - id: NodeSloMetadata - description: >- - Node information for custom per-node SLO implementations. SSA does not - support per-node SLO, but producers can populate per-node information in - SloMetadata for custom precomputations. SSA Eligibility Exporter will - emit per-node metric based on this information. - type: object - properties: - nodeId: - description: >- - The id of the node. This should be equal to - SaasInstanceNode.node_id. - type: string - location: - description: The location of the node, if different from instance location. - type: string - perSliEligibility: - description: >- - If present, this will override eligibility for the node coming from - instance or exclusions for specified SLIs. - $ref: '#/components/schemas/PerSliSloEligibility' - PerSliSloEligibility: - id: PerSliSloEligibility - description: PerSliSloEligibility is a mapping from an SLI name to eligibility. - type: object - properties: - eligibilities: - description: >- - An entry in the eligibilities map specifies an eligibility for a - particular SLI for the given instance. The SLI key in the name must - be a valid SLI name specified in the Eligibility Exporter binary - flags otherwise an error will be emitted by Eligibility Exporter and - the oncaller will be alerted. If an SLI has been defined in the - binary flags but the eligibilities map does not contain it, the - corresponding SLI time series will not be emitted by the Eligibility - Exporter. This ensures a smooth rollout and compatibility between - the data produced by different versions of the Eligibility - Exporters. If eligibilities map contains a key for an SLI which has - not been declared in the binary flags, there will be an error - message emitted in the Eligibility Exporter log and the metric for - the SLI in question will not be emitted. - type: object - additionalProperties: - $ref: '#/components/schemas/SloEligibility' - SloEligibility: - id: SloEligibility - description: >- - SloEligibility is a tuple containing eligibility value: true if an - instance is eligible for SLO calculation or false if it should be - excluded from all SLO-related calculations along with a user-defined - reason. - type: object - properties: - eligible: - description: Whether an instance is eligible or ineligible. - type: boolean - reason: - description: >- - User-defined reason for the current value of instance eligibility. - Usually, this can be directly mapped to the internal state. An empty - reason is allowed. - type: string - MaintenanceSchedule: - id: MaintenanceSchedule - description: >- - Maintenance schedule which is exposed to customer and potentially end - user, indicating published upcoming future maintenance schedule - type: object - properties: - startTime: - description: The scheduled start time for the maintenance. - type: string - format: google-datetime - endTime: - description: The scheduled end time for the maintenance. - type: string - format: google-datetime - canReschedule: - description: >- - This field is deprecated, and will be always set to true since - reschedule can happen multiple times now. This field should not be - removed until all service producers remove this for their customers. - deprecated: true - type: boolean - rolloutManagementPolicy: - description: >- - The rollout management policy this maintenance schedule is - associated with. When doing reschedule update request, the - reschedule should be against this given policy. - type: string - scheduleDeadlineTime: - description: >- - schedule_deadline_time is the time deadline any schedule start time - cannot go beyond, including reschedule. It's normally the initial - schedule start time plus maintenance window length (1 day or 1 - week). Maintenance cannot be scheduled to start beyond this - deadline. - type: string - format: google-datetime - MaintenanceSettings: - id: MaintenanceSettings - description: >- - Maintenance settings associated with instance. Allows service producers - and end users to assign settings that controls maintenance on this - instance. + $ref: '#/components/schemas/Schedule' + description: User can specify multiple windows in a week. Minimum of 1 window. + type: array + id: WeeklyCycle type: object + description: Time window specified for weekly operations. + ResultMetadata: properties: - exclude: - description: >- - Optional. Exclude instance from maintenance. When true, rollout - service will not attempt maintenance on the instance. Rollout - service will include the instance in reported rollout progress as - not attempted. + nullable: type: boolean - maintenancePolicies: - description: >- - Optional. The MaintenancePolicies that have been attached to the - instance. The key must be of the type name of the oneof policy name - defined in MaintenancePolicy, and the embedded policy must define - the same policy type. For details, please refer to go/mr-user-guide. - Should not be set if maintenance_policy_names is set. If only the - name is needed, then only populate MaintenancePolicy.name. - type: object - additionalProperties: - $ref: '#/components/schemas/MaintenancePolicy' - isRollback: + description: Specifies whether a null value is allowed. + jsonSchema: description: >- - Optional. If the update call is triggered from rollback, set the - value as true. - type: boolean - MaintenancePolicy: - id: MaintenancePolicy - description: Defines policies to service maintenance events. - type: object - properties: - name: + JsonSchema of the result, applicable only if parameter is of type + `STRUCT` + $ref: '#/components/schemas/JsonSchema' + defaultValue: + type: any description: >- - Required. MaintenancePolicy name using the form: - `projects/{project_id}/locations/{location_id}/maintenancePolicies/{maintenance_policy_id}` - where {project_id} refers to a GCP consumer project ID, - {location_id} refers to a GCP region/zone, {maintenance_policy_id} - must be 1-63 characters long and match the regular expression - `[a-z0-9]([-a-z0-9]*[a-z0-9])?`. - type: string - createTime: - description: Output only. The time when the resource was created. - type: string - format: google-datetime - updateTime: - description: Output only. The time when the resource was updated. - type: string - format: google-datetime + The following field specifies the default value of the Parameter + provided by the external system if a value is not provided. description: - description: >- - Optional. Description of what this policy is for. Create/Update - methods return INVALID_ARGUMENT if the length is greater than 512. - type: string - labels: - description: >- - Optional. Resource labels to represent user provided metadata. Each - label is a key-value pair, where both the key and the value are - arbitrary strings provided by the user. - type: object - additionalProperties: - type: string - state: - description: Optional. The state of the policy. type: string + description: A brief description of the metadata field. + dataType: enumDescriptions: - - Unspecified state. - - Resource is ready to be used. - - >- - Resource is being deleted. It can no longer be attached to - instances. - enum: - - STATE_UNSPECIFIED - - READY - - DELETING - updatePolicy: - description: Maintenance policy applicable to instance update. - $ref: '#/components/schemas/UpdatePolicy' - UpdatePolicy: - id: UpdatePolicy - description: Maintenance policy applicable to instance updates. - type: object - properties: - window: - description: >- - Optional. Maintenance window that is applied to resources covered by - this policy. - $ref: '#/components/schemas/MaintenanceWindow' - channel: - description: Optional. Relative scheduling channel applied to resource. + - Datatype unspecified. + - Deprecated Int type, use INTEGER type instead. + - Small int type. + - Double type. + - Date type. + - Deprecated Datetime type. + - Time type. + - Deprecated string type, use VARCHAR type instead. + - Deprecated Long type, use BIGINT type instead. + - Boolean type. + - Decimal type. + - Deprecated UUID type, use VARCHAR instead. + - Blob type. + - Bit type. + - Tiny int type. + - Integer type. + - Big int type. + - Float type. + - Real type. + - Numeric type. + - Char type. + - Varchar type. + - Long varchar type. + - Timestamp type. + - Nchar type. + - Nvarchar type. + - Long Nvarchar type. + - Null type. + - Other type. + - Java object type. + - Distinct type keyword. + - Struct type. + - Array type. + - Clob type. + - Ref type. + - Datalink type. + - Row ID type. + - Binary type. + - Varbinary type. + - Long Varbinary type. + - Nclob type. + - SQLXML type. + - Ref_cursor type. + - Time with timezone type. + - Timestamp with timezone type. type: string - enumDescriptions: - - Unspecified channel. - - Early channel within a customer project. - - Later channel within a customer project. - - >- - ! ! The follow channels can ONLY be used if you adopt the new MW - system! ! ! NOTE: all WEEK channels are assumed to be under a - weekly window. ! There is currently no dedicated channel - definitions for Daily windows. ! If you use Daily window, the - system will assume a 1d (24Hours) advanced ! notification period - b/w EARLY and LATER. ! We may consider support more flexible daily - channel specifications in ! the future. WEEK1 == EARLIER with - minimum 7d advanced notification. {7d, 14d} The system will treat - them equally and will use WEEK1 whenever it can. New customers are - encouraged to use this channel annotation. - - WEEK2 == LATER with minimum 14d advanced notification {14d, 21d}. - - >- - WEEK5 == 40d support. minimum 35d advanced notification {35d, - 42d}. + enumDeprecated: + - false + - true + - false + - false + - false + - true + - false + - true + - true + - false + - false + - true + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + description: The data type of the metadata field enum: - - UPDATE_CHANNEL_UNSPECIFIED - - EARLIER - - LATER - - WEEK1 - - WEEK2 - - WEEK5 - denyMaintenancePeriods: - description: >- - Deny Maintenance Period that is applied to resource to indicate when - maintenance is forbidden. The protocol supports zero-to-many such - periods, but the current SLM Rollout implementation only supports - zero-to-one. - type: array - items: - $ref: '#/components/schemas/DenyMaintenancePeriod' - MaintenanceWindow: - id: MaintenanceWindow - description: MaintenanceWindow definition. - type: object - properties: - dailyCycle: - description: Daily cycle. - $ref: '#/components/schemas/DailyCycle' - weeklyCycle: - description: Weekly cycle. - $ref: '#/components/schemas/WeeklyCycle' - DailyCycle: - id: DailyCycle - description: Time window specified for daily operations. - type: object - properties: - startTime: - description: Time within the day to start the operations. - $ref: '#/components/schemas/TimeOfDay' - duration: - description: Output only. Duration of the time window, set by service producer. + - DATA_TYPE_UNSPECIFIED + - INT + - SMALLINT + - DOUBLE + - DATE + - DATETIME + - TIME + - STRING + - LONG + - BOOLEAN + - DECIMAL + - UUID + - BLOB + - BIT + - TINYINT + - INTEGER + - BIGINT + - FLOAT + - REAL + - NUMERIC + - CHAR + - VARCHAR + - LONGVARCHAR + - TIMESTAMP + - NCHAR + - NVARCHAR + - LONGNVARCHAR + - 'NULL' + - OTHER + - JAVA_OBJECT + - DISTINCT + - STRUCT + - ARRAY + - CLOB + - REF + - DATALINK + - ROWID + - BINARY + - VARBINARY + - LONGVARBINARY + - NCLOB + - SQLXML + - REF_CURSOR + - TIME_WITH_TIMEZONE + - TIMESTAMP_WITH_TIMEZONE + name: type: string - format: google-duration - TimeOfDay: - id: TimeOfDay + description: Name of the metadata field. description: >- - Represents a time of day. The date and time zone are either not - significant or are specified elsewhere. An API may choose to allow leap - seconds. Related types are google.type.Date and - `google.protobuf.Timestamp`. + Result Metadata message contains metadata about the result returned + after executing an Action. + id: ResultMetadata type: object + MaintenanceSchedule: + id: MaintenanceSchedule + type: object + description: >- + Maintenance schedule which is exposed to customer and potentially end + user, indicating published upcoming future maintenance schedule properties: - hours: - description: >- - Hours of a day in 24 hour format. Must be greater than or equal to 0 - and typically must be less than or equal to 23. An API may choose to - allow the value "24:00:00" for scenarios like business closing time. - type: integer - format: int32 - minutes: + endTime: + type: string + description: The scheduled end time for the maintenance. + format: google-datetime + canReschedule: + type: boolean description: >- - Minutes of an hour. Must be greater than or equal to 0 and less than - or equal to 59. - type: integer - format: int32 - seconds: + This field is deprecated, and will be always set to true since + reschedule can happen multiple times now. This field should not be + removed until all service producers remove this for their customers. + deprecated: true + rolloutManagementPolicy: + type: string description: >- - Seconds of a minute. Must be greater than or equal to 0 and - typically must be less than or equal to 59. An API may allow the - value 60 if it allows leap-seconds. - type: integer - format: int32 - nanos: + The rollout management policy this maintenance schedule is + associated with. When doing reschedule update request, the + reschedule should be against this given policy. + scheduleDeadlineTime: + format: google-datetime description: >- - Fractions of seconds, in nanoseconds. Must be greater than or equal - to 0 and less than or equal to 999,999,999. - type: integer - format: int32 - WeeklyCycle: - id: WeeklyCycle - description: Time window specified for weekly operations. - type: object - properties: - schedule: - description: User can specify multiple windows in a week. Minimum of 1 window. - type: array - items: - $ref: '#/components/schemas/Schedule' - Schedule: - id: Schedule - description: Configure the schedule. - type: object - properties: - day: - description: Allows to define schedule that runs specified day of the week. + schedule_deadline_time is the time deadline any schedule start time + cannot go beyond, including reschedule. It's normally the initial + schedule start time plus maintenance window length (1 day or 1 + week). Maintenance cannot be scheduled to start beyond this + deadline. type: string - enumDescriptions: - - The day of the week is unspecified. - - Monday - - Tuesday - - Wednesday - - Thursday - - Friday - - Saturday - - Sunday - enum: - - DAY_OF_WEEK_UNSPECIFIED - - MONDAY - - TUESDAY - - WEDNESDAY - - THURSDAY - - FRIDAY - - SATURDAY - - SUNDAY startTime: - description: Time within the window to start the operations. - $ref: '#/components/schemas/TimeOfDay' - duration: - description: Output only. Duration of the time window, set by service producer. + description: The scheduled start time for the maintenance. + format: google-datetime type: string - format: google-duration - DenyMaintenancePeriod: - id: DenyMaintenancePeriod - description: >- - DenyMaintenancePeriod definition. Maintenance is forbidden within the - deny period. The start_date must be less than the end_date. - type: object - properties: - startDate: - description: >- - Deny period start date. This can be: * A full date, with non-zero - year, month and day values. * A month and day value, with a zero - year. Allows recurring deny periods each year. Date matching this - period will have to be the same or after the start. - $ref: '#/components/schemas/Date' - endDate: - description: >- - Deny period end date. This can be: * A full date, with non-zero - year, month and day values. * A month and day value, with a zero - year. Allows recurring deny periods each year. Date matching this - period will have to be before the end. - $ref: '#/components/schemas/Date' - time: - description: >- - Time in UTC when the Blackout period starts on start_date and ends - on end_date. This can be: * Full time. * All zeros for 00:00:00 UTC - $ref: '#/components/schemas/TimeOfDay' - Date: - id: Date - description: >- - Represents a whole or partial calendar date, such as a birthday. The - time of day and time zone are either specified elsewhere or are - insignificant. The date is relative to the Gregorian Calendar. This can - represent one of the following: * A full date, with non-zero year, - month, and day values. * A month and day, with a zero year (for example, - an anniversary). * A year on its own, with a zero month and a zero day. - * A year and month, with a zero day (for example, a credit card - expiration date). Related types: * google.type.TimeOfDay * - google.type.DateTime * google.protobuf.Timestamp - type: object - properties: - year: - description: >- - Year of the date. Must be from 1 to 9999, or 0 to specify a date - without a year. - type: integer - format: int32 - month: - description: >- - Month of a year. Must be from 1 to 12, or 0 to specify a year - without a month and day. - type: integer - format: int32 - day: + ExecuteActionRequest: + description: Request message for ActionService.ExecuteAction + id: ExecuteActionRequest + properties: + parameters: + additionalProperties: + type: any + description: Properties of the object. description: >- - Day of a month. Must be from 1 to 31 and valid for the year and - month, or 0 to specify a year by itself or a year and month where - the day isn't significant. - type: integer - format: int32 - NotificationParameter: - id: NotificationParameter - description: Contains notification related data. + Parameters for executing the action. The parameters can be key/value + pairs or nested structs. + type: object + type: object + EntityType: type: object properties: - values: + defaultSortBy: + type: string + fields: description: >- - Optional. Array of string values. e.g. instance's replica - information. + List containing metadata information about each field of the entity + type. + items: + $ref: '#/components/schemas/Field' + type: array + operations: type: array items: + enum: + - OPERATION_UNSPECIFIED + - LIST + - GET + - CREATE + - UPDATE + - DELETE + enumDescriptions: + - Operation unspecified. + - This operation means entity type supports LIST method. + - This operation means entity type supports GET method. + - This operation means entity type supports CREATE method. + - This operation means entity type supports UPDATE method. + - This operation means entity type supports DELETE method. type: string + metadata: + description: Metadata like service latency, etc. + type: object + additionalProperties: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + name: + description: The name of the entity type. + type: string + jsonSchema: + description: JsonSchema representation of this entity's schema + $ref: '#/components/schemas/JsonSchema' + description: >- + EntityType message contains metadata information about a single entity + type present in the external system. + id: EntityType + ExecuteSqlQueryResponse: + id: ExecuteSqlQueryResponse + type: object + description: A response returned by the connection after executing the sql query. + properties: + results: + items: + type: object + additionalProperties: + type: any + description: Properties of the object. + description: >- + In the case of successful execution of the query the response + contains results returned by the external system. For example, the + result rows of the query are contained in the 'results' Struct list + - "results": [ { "field1": "val1", "field2": "val2",.. },.. ] Each + Struct row can contain fields any type of like nested Structs or + lists. + type: array parameters: - access_token: - description: OAuth access token. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: access_token + name: prettyPrint + schema: + type: boolean + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields schema: type: string alt: @@ -2086,16 +2205,31 @@ components: - json - media - proto - callback: - description: JSONP + _.xgafv: + description: V1 error format. in: query - name: callback + name: $.xgafv schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + enum: + - '1' + - '2' + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: fields + name: uploadType + schema: + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + access_token: + description: OAuth access token. + in: query + name: access_token schema: type: string key: @@ -2107,18 +2241,6 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -2128,65 +2250,56 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + callback: + description: JSONP in: query - name: uploadType + name: callback schema: type: string - _.xgafv: - description: V1 error format. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: $.xgafv + name: oauth_token schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: connections: id: google.connectors.connections name: connections title: Connections methods: - check_status: + exchange_auth_code: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:checkStatus/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:exchangeAuthCode/post response: mediaType: application/json openAPIDocKey: '200' - check_readiness: + execute_sql_query: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:checkReadiness/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:executeSqlQuery/post response: mediaType: application/json openAPIDocKey: '200' - exchange_auth_code: + check_status: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:exchangeAuthCode/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:checkStatus/get response: mediaType: application/json openAPIDocKey: '200' - refresh_access_token: + check_readiness: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:refreshAccessToken/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:checkReadiness/get response: mediaType: application/json openAPIDocKey: '200' - execute_sql_query: + refresh_access_token: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:executeSqlQuery/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:refreshAccessToken/post response: mediaType: application/json openAPIDocKey: '200' @@ -2196,68 +2309,76 @@ components: update: [] replace: [] delete: [] - actions: - id: google.connectors.actions - name: actions - title: Actions + entities: + id: google.connectors.entities + name: entities + title: Entities methods: - execute: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1actions~1{actionsId}:execute/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1entityTypes~1{entityTypesId}~1entities~1{entitiesId}/get response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1actions/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1entityTypes~1{entityTypesId}~1entities~1{entitiesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.actions - get: + delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1actions~1{actionsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1entityTypes~1{entityTypesId}~1entities~1{entitiesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + update_entities_with_conditions: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1entityTypes~1{entityTypesId}~1entities:updateEntitiesWithConditions/post + response: + mediaType: application/json + openAPIDocKey: '200' + delete_entities_with_conditions: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1entityTypes~1{entityTypesId}~1entities:deleteEntitiesWithConditions/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/actions/methods/get' - - $ref: '#/components/x-stackQL-resources/actions/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - tools: - id: google.connectors.tools - name: tools - title: Tools - methods: list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1tools/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1entityTypes~1{entityTypesId}~1entities/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tools - execute: + objectKey: $.entities + create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1tools~1{toolsId}:execute/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1entityTypes~1{entityTypesId}~1entities/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/tools/methods/list' - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/entities/methods/get' + - $ref: '#/components/x-stackQL-resources/entities/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/entities/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/entities/methods/patch' + - $ref: >- + #/components/x-stackQL-resources/entities/methods/update_entities_with_conditions replace: [] - delete: [] + delete: + - $ref: '#/components/x-stackQL-resources/entities/methods/delete' + - $ref: >- + #/components/x-stackQL-resources/entities/methods/delete_entities_with_conditions entity_types: id: google.connectors.entity_types name: entity_types @@ -2286,90 +2407,191 @@ components: update: [] replace: [] delete: [] - entities: - id: google.connectors.entities - name: entities - title: Entities + tools: + id: google.connectors.tools + name: tools + title: Tools methods: list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1entityTypes~1{entityTypesId}~1entities/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1tools/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.entities - create: + objectKey: $.tools + execute: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1entityTypes~1{entityTypesId}~1entities/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1tools~1{toolsId}:execute/post response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/tools/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + resources: + id: google.connectors.resources + name: resources + title: Resources + methods: get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1entityTypes~1{entityTypesId}~1entities~1{entitiesId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1resources~1{resourcesId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1entityTypes~1{entityTypesId}~1entities~1{entitiesId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1resources/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.resources + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/resources/methods/get' + - $ref: '#/components/x-stackQL-resources/resources/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + actions: + id: google.connectors.actions + name: actions + title: Actions + methods: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1entityTypes~1{entityTypesId}~1entities~1{entitiesId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1actions~1{actionsId}/get response: mediaType: application/json openAPIDocKey: '200' - update_entities_with_conditions: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1entityTypes~1{entityTypesId}~1entities:updateEntitiesWithConditions/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1actions/get response: mediaType: application/json openAPIDocKey: '200' - delete_entities_with_conditions: + objectKey: $.actions + execute: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1entityTypes~1{entityTypesId}~1entities:deleteEntitiesWithConditions/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1actions~1{actionsId}:execute/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/entities/methods/get' - - $ref: '#/components/x-stackQL-resources/entities/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/entities/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/entities/methods/patch' - - $ref: >- - #/components/x-stackQL-resources/entities/methods/update_entities_with_conditions + - $ref: '#/components/x-stackQL-resources/actions/methods/get' + - $ref: '#/components/x-stackQL-resources/actions/methods/list' + insert: [] + update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/entities/methods/delete' - - $ref: >- - #/components/x-stackQL-resources/entities/methods/delete_entities_with_conditions + delete: [] paths: - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:checkStatus: + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:exchangeAuthCode: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/oauth_token' + post: + description: >- + ExchangeAuthCode exchanges the OAuth authorization code (and other + necessary data) for an access token (and associated credentials). + operationId: connectors.projects.locations.connections.exchangeAuthCode + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ExchangeAuthCodeRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ExchangeAuthCodeResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: connectionsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:executeSqlQuery: + parameters: *ref_1 + post: + description: >- + Executes a SQL statement specified in the body of the request. An + example of this SQL statement in the case of Salesforce connector would + be 'select * from Account a, Order o where a.Id = o.AccountId'. + operationId: connectors.projects.locations.connections.executeSqlQuery + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ExecuteSqlQueryRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ExecuteSqlQueryResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: connectionsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:checkStatus: + parameters: *ref_1 get: description: >- Reports the status of the connection. Note that when the connection is @@ -2441,18 +2663,18 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:exchangeAuthCode: + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:refreshAccessToken: parameters: *ref_1 post: description: >- - ExchangeAuthCode exchanges the OAuth authorization code (and other - necessary data) for an access token (and associated credentials). - operationId: connectors.projects.locations.connections.exchangeAuthCode + RefreshAccessToken exchanges the OAuth refresh token (and other + necessary data) for a new access token (and new associated credentials). + operationId: connectors.projects.locations.connections.refreshAccessToken requestBody: content: application/json: schema: - $ref: '#/components/schemas/ExchangeAuthCodeRequest' + $ref: '#/components/schemas/RefreshAccessTokenRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2464,7 +2686,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ExchangeAuthCodeResponse' + $ref: '#/components/schemas/RefreshAccessTokenResponse' parameters: - in: path name: projectsId @@ -2481,18 +2703,13 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:refreshAccessToken: + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/entityTypes/{entityTypesId}/entities/{entitiesId}: parameters: *ref_1 - post: + get: description: >- - RefreshAccessToken exchanges the OAuth refresh token (and other - necessary data) for a new access token (and new associated credentials). - operationId: connectors.projects.locations.connections.refreshAccessToken - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RefreshAccessTokenRequest' + Gets a single entity row matching the entity type and entity id + specified in the request. + operationId: connectors.projects.locations.connections.entityTypes.entities.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2504,7 +2721,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RefreshAccessTokenResponse' + $ref: '#/components/schemas/Entity' parameters: - in: path name: projectsId @@ -2521,19 +2738,29 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:executeSqlQuery: - parameters: *ref_1 - post: + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: path + name: entitiesId + required: true + schema: + type: string + patch: description: >- - Executes a SQL statement specified in the body of the request. An - example of this SQL statement in the case of Salesforce connector would - be 'select * from Account a, Order o where a.Id = o.AccountId'. - operationId: connectors.projects.locations.connections.executeSqlQuery + Updates an existing entity row matching the entity type and entity id + specified in the request. The fields in the entity row that need to be + modified are contained in the body of the request. All unspecified + fields are left unchanged. The response message contains a `Entity` + message object returned as a response by the external system. + operationId: connectors.projects.locations.connections.entityTypes.entities.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/ExecuteSqlQueryRequest' + $ref: '#/components/schemas/Entity' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2545,7 +2772,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ExecuteSqlQueryResponse' + $ref: '#/components/schemas/Entity' parameters: - in: path name: projectsId @@ -2562,19 +2789,21 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/actions/{actionsId}:execute: - parameters: *ref_1 - post: + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: path + name: entitiesId + required: true + schema: + type: string + delete: description: >- - Executes an action with the name specified in the request. The input - parameters for executing the action are passed through the body of the - ExecuteAction request. - operationId: connectors.projects.locations.connections.actions.execute - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ExecuteActionRequest' + Deletes an existing entity row matching the entity type and entity id + specified in the request. + operationId: connectors.projects.locations.connections.entityTypes.entities.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2586,7 +2815,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ExecuteActionResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2604,15 +2833,28 @@ paths: schema: type: string - in: path - name: actionsId + name: entityTypesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/actions: + - in: path + name: entitiesId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/entityTypes/{entityTypesId}/entities:updateEntitiesWithConditions: parameters: *ref_1 - get: - description: Gets the schema of all the actions supported by the connector. - operationId: connectors.projects.locations.connections.actions.list + post: + description: >- + Updates entities based on conditions specified in the request and not on + entity id. + operationId: >- + connectors.projects.locations.connections.entityTypes.entities.updateEntitiesWithConditions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Entity' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2624,7 +2866,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListActionsResponse' + $ref: '#/components/schemas/UpdateEntitiesWithConditionsResponse' parameters: - in: path name: projectsId @@ -2641,24 +2883,23 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: entityTypesId + required: true schema: type: string - in: query - name: view + name: conditions schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/actions/{actionsId}: + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/entityTypes/{entityTypesId}/entities:deleteEntitiesWithConditions: parameters: *ref_1 - get: - description: Gets the schema of the given action. - operationId: connectors.projects.locations.connections.actions.get + post: + description: >- + Deletes entities based on conditions specified in the request and not on + entity id. + operationId: >- + connectors.projects.locations.connections.entityTypes.entities.deleteEntitiesWithConditions security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2670,7 +2911,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Action' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2688,19 +2929,29 @@ paths: schema: type: string - in: path - name: actionsId + name: entityTypesId required: true schema: type: string - in: query - name: view + name: conditions schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/tools: + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/entityTypes/{entityTypesId}/entities: parameters: *ref_1 get: - description: Lists all available tools. - operationId: connectors.projects.locations.connections.tools.list + description: >- + Lists entity rows of a particular entity type contained in the request. + Note: 1. Currently, only max of one 'sort_by' column is supported. 2. If + no 'sort_by' column is provided, the primary key of the table is used. + If zero or more than one primary key is available, we default to the + unpaginated list entities logic which only returns the first page. 3. + The values of the 'sort_by' columns must uniquely identify an entity + row, otherwise undefined behaviors may be observed during pagination. 4. + Since transactions are not supported, any updates, inserts or deletes + during pagination can lead to stale data being returned or other + unexpected behaviors. + operationId: connectors.projects.locations.connections.entityTypes.entities.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2712,7 +2963,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListToolsResponse' + $ref: '#/components/schemas/ListEntitiesResponse' parameters: - in: path name: projectsId @@ -2729,6 +2980,15 @@ paths: required: true schema: type: string + - in: path + name: entityTypesId + required: true + schema: + type: string + - in: query + name: conditions + schema: + type: string - in: query name: pageSize schema: @@ -2738,16 +2998,26 @@ paths: name: pageToken schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/tools/{toolsId}:execute: - parameters: *ref_1 + - in: query + name: sortBy + schema: + type: string + - in: query + name: sortOrder + schema: + type: string post: - description: Executes a specific tool. - operationId: connectors.projects.locations.connections.tools.execute + description: >- + Creates a new entity row of the specified entity type in the external + system. The field values for creating the row are contained in the body + of the request. The response message contains a `Entity` message object + returned as a response by the external system. + operationId: connectors.projects.locations.connections.entityTypes.entities.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/ExecuteToolRequest' + $ref: '#/components/schemas/Entity' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2759,7 +3029,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ExecuteToolResponse' + $ref: '#/components/schemas/Entity' parameters: - in: path name: projectsId @@ -2777,7 +3047,7 @@ paths: schema: type: string - in: path - name: toolsId + name: entityTypesId required: true schema: type: string @@ -2875,21 +3145,11 @@ paths: name: view schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/entityTypes/{entityTypesId}/entities: + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/tools: parameters: *ref_1 get: - description: >- - Lists entity rows of a particular entity type contained in the request. - Note: 1. Currently, only max of one 'sort_by' column is supported. 2. If - no 'sort_by' column is provided, the primary key of the table is used. - If zero or more than one primary key is available, we default to the - unpaginated list entities logic which only returns the first page. 3. - The values of the 'sort_by' columns must uniquely identify an entity - row, otherwise undefined behaviors may be observed during pagination. 4. - Since transactions are not supported, any updates, inserts or deletes - during pagination can lead to stale data being returned or other - unexpected behaviors. - operationId: connectors.projects.locations.connections.entityTypes.entities.list + description: Lists all available tools. + operationId: connectors.projects.locations.connections.tools.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2901,7 +3161,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListEntitiesResponse' + $ref: '#/components/schemas/ListToolsResponse' parameters: - in: path name: projectsId @@ -2918,11 +3178,6 @@ paths: required: true schema: type: string - - in: path - name: entityTypesId - required: true - schema: - type: string - in: query name: pageSize schema: @@ -2932,30 +3187,16 @@ paths: name: pageToken schema: type: string - - in: query - name: sortBy - schema: - type: string - - in: query - name: sortOrder - schema: - type: string - - in: query - name: conditions - schema: - type: string + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/tools/{toolsId}:execute: + parameters: *ref_1 post: - description: >- - Creates a new entity row of the specified entity type in the external - system. The field values for creating the row are contained in the body - of the request. The response message contains a `Entity` message object - returned as a response by the external system. - operationId: connectors.projects.locations.connections.entityTypes.entities.create + description: Executes a specific tool. + operationId: connectors.projects.locations.connections.tools.execute requestBody: content: application/json: schema: - $ref: '#/components/schemas/Entity' + $ref: '#/components/schemas/ExecuteToolRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2967,7 +3208,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Entity' + $ref: '#/components/schemas/ExecuteToolResponse' parameters: - in: path name: projectsId @@ -2985,17 +3226,15 @@ paths: schema: type: string - in: path - name: entityTypesId + name: toolsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/entityTypes/{entityTypesId}/entities/{entitiesId}: + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/resources/{resourcesId}: parameters: *ref_1 get: - description: >- - Gets a single entity row matching the entity type and entity id - specified in the request. - operationId: connectors.projects.locations.connections.entityTypes.entities.get + description: Gets a specific resource. + operationId: connectors.projects.locations.connections.resources.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3007,7 +3246,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Entity' + $ref: '#/components/schemas/GetResourceResponse' parameters: - in: path name: projectsId @@ -3025,28 +3264,15 @@ paths: schema: type: string - in: path - name: entityTypesId - required: true - schema: - type: string - - in: path - name: entitiesId + name: resourcesId required: true schema: type: string - patch: - description: >- - Updates an existing entity row matching the entity type and entity id - specified in the request. The fields in the entity row that need to be - modified are contained in the body of the request. All unspecified - fields are left unchanged. The response message contains a `Entity` - message object returned as a response by the external system. - operationId: connectors.projects.locations.connections.entityTypes.entities.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Entity' + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/resources: + parameters: *ref_1 + get: + description: Lists all available resources. + operationId: connectors.projects.locations.connections.resources.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3058,7 +3284,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Entity' + $ref: '#/components/schemas/ListResourcesResponse' parameters: - in: path name: projectsId @@ -3075,21 +3301,20 @@ paths: required: true schema: type: string - - in: path - name: entityTypesId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: entitiesId - required: true + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - delete: - description: >- - Deletes an existing entity row matching the entity type and entity id - specified in the request. - operationId: connectors.projects.locations.connections.entityTypes.entities.delete + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/actions/{actionsId}: + parameters: *ref_1 + get: + description: Gets the schema of the given action. + operationId: connectors.projects.locations.connections.actions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3101,7 +3326,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Action' parameters: - in: path name: projectsId @@ -3119,28 +3344,19 @@ paths: schema: type: string - in: path - name: entityTypesId + name: actionsId required: true schema: type: string - - in: path - name: entitiesId - required: true + - in: query + name: view schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/entityTypes/{entityTypesId}/entities:updateEntitiesWithConditions: + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/actions: parameters: *ref_1 - post: - description: >- - Updates entities based on conditions specified in the request and not on - entity id. - operationId: >- - connectors.projects.locations.connections.entityTypes.entities.updateEntitiesWithConditions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Entity' + get: + description: Gets the schema of all the actions supported by the connector. + operationId: connectors.projects.locations.connections.actions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3152,7 +3368,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UpdateEntitiesWithConditionsResponse' + $ref: '#/components/schemas/ListActionsResponse' parameters: - in: path name: projectsId @@ -3169,23 +3385,32 @@ paths: required: true schema: type: string - - in: path - name: entityTypesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: view schema: type: string - in: query - name: conditions + name: pageToken schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/entityTypes/{entityTypesId}/entities:deleteEntitiesWithConditions: + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/actions/{actionsId}:execute: parameters: *ref_1 post: description: >- - Deletes entities based on conditions specified in the request and not on - entity id. - operationId: >- - connectors.projects.locations.connections.entityTypes.entities.deleteEntitiesWithConditions + Executes an action with the name specified in the request. The input + parameters for executing the action are passed through the body of the + ExecuteAction request. + operationId: connectors.projects.locations.connections.actions.execute + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ExecuteActionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3197,7 +3422,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ExecuteActionResponse' parameters: - in: path name: projectsId @@ -3215,11 +3440,7 @@ paths: schema: type: string - in: path - name: entityTypesId + name: actionsId required: true schema: type: string - - in: query - name: conditions - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/contactcenteraiplatform.yaml b/providers/src/googleapis.com/v00.00.00000/services/contactcenteraiplatform.yaml index 0cb868e5..c60a79a1 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/contactcenteraiplatform.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/contactcenteraiplatform.yaml @@ -7,8 +7,8 @@ info: title: Contact Center AI Platform API description: '' version: v1alpha1 - x-discovery-doc-revision: '20250821' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251204' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/solutions/contact-center-ai-platform servers: @@ -34,286 +34,114 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object + ContactCenterQuota: properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array + quotas: items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + $ref: '#/components/schemas/Quota' + description: Quota details per contact center instance type. + type: array + contactCenterCountSum: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + Deprecated: Use the Quota fields instead. Reflects the count sum of + contact centers on a billing account. + deprecated: true + format: int32 + type: integer + contactCenterCountLimit: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + Deprecated: Use the Quota fields instead. Reflects the count limit + of contact centers on a billing account. + deprecated: true + format: int32 + type: integer type: object + id: ContactCenterQuota + description: Represents a quota for contact centers. + Quota: + id: Quota properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. + contactCenterInstanceSize: + enumDescriptions: + - The default value. This value is used if the state is omitted. + - Instance Size STANDARD_SMALL. + - Instance Size STANDARD_MEDIUM. + - Instance Size STANDARD_LARGE. + - Instance Size STANDARD_XLARGE. + - Instance Size STANDARD_2XLARGE. + - Instance Size STANDARD_3XLARGE. + - Instance Size MULTIREGION_SMALL + - Instance Size MULTIREGION_MEDIUM + - Instance Size MULTIREGION_LARGE + - Instance Size MULTIREGION_XLARGE + - Instance Size MULTIREGION_2XLARGE. + - Instance Size MULTIREGION_3XLARGE. + - Instance Size DEV_SMALL + - Instance Size SANDBOX_SMALL + - Instance Size TRIAL_SMALL + - Instance Size TIME_LIMITED_TRIAL_SMALL + description: Contact center instance type. + enum: + - INSTANCE_SIZE_UNSPECIFIED + - STANDARD_SMALL + - STANDARD_MEDIUM + - STANDARD_LARGE + - STANDARD_XLARGE + - STANDARD_2XLARGE + - STANDARD_3XLARGE + - MULTIREGION_SMALL + - MULTIREGION_MEDIUM + - MULTIREGION_LARGE + - MULTIREGION_XLARGE + - MULTIREGION_2XLARGE + - MULTIREGION_3XLARGE + - DEV_SMALL + - SANDBOX_SMALL + - TRIAL_SMALL + - TIME_LIMITED_TRIAL_SMALL + type: string + contactCenterCountLimit: type: integer + description: Reflects the count limit of contact centers on a billing account. format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + contactCenterCountSum: + type: integer + format: int32 + description: Reflects the count sum of contact centers on a billing account. + description: Quota details. type: object - properties: {} CancelOperationRequest: id: CancelOperationRequest + properties: {} + type: object description: The request message for Operations.CancelOperation. + Normal: + description: >- + Instances in this Channel will receive updates after all instances in + `Early` were updated + 2 days. type: object + id: Normal properties: {} - ListContactCentersResponse: - id: ListContactCentersResponse - description: Message for response to listing ContactCenters + ListLocationsResponse: type: object + id: ListLocationsResponse + description: The response message for Locations.ListLocations. properties: - contactCenters: - description: The list of ContactCenter - type: array - items: - $ref: '#/components/schemas/ContactCenter' nextPageToken: - description: A token identifying a page of results the server should return. + description: The standard List next-page token. type: string - unreachable: - description: Locations that could not be reached. - type: array + locations: + description: >- + A list of locations that matches the specified filter in the + request. items: - type: string - ContactCenter: - id: ContactCenter - description: Message describing ContactCenter object - type: object + $ref: '#/components/schemas/Location' + type: array + InstanceConfig: properties: - name: - description: name of resource - type: string - createTime: - description: Output only. [Output only] Create time stamp - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. [Output only] Update time stamp - readOnly: true - type: string - format: google-datetime - labels: - description: Labels as key value pairs - type: object - additionalProperties: - type: string - uris: - description: Output only. URIs to access the deployed ContactCenters. - readOnly: true - $ref: '#/components/schemas/URIs' - state: - description: Output only. The state of this contact center. - readOnly: true - type: string - enumDescriptions: - - The default value. This value is used if the state is omitted. - - State DEPLOYING - - State DEPLOYED - - State TERMINATING - - State FAILED - - State TERMINATING_FAILED - - State TERMINATED - - State IN_GRACE_PERIOD - - >- - State in STATE_FAILING_OVER. This State must ONLY be used by - Multiregional Instances when a failover was triggered. Customers - are not able to update instances in this state. - - >- - State DEGRADED. This State must ONLY be used by Multiregional - Instances after a failover was executed successfully. Customers - are not able to update instances in this state. - - >- - State REPAIRING. This State must ONLY be used by Multiregional - Instances after a fallback was triggered. Customers are not able - to update instancs in this state. - enum: - - STATE_UNSPECIFIED - - STATE_DEPLOYING - - STATE_DEPLOYED - - STATE_TERMINATING - - STATE_FAILED - - STATE_TERMINATING_FAILED - - STATE_TERMINATED - - STATE_IN_GRACE_PERIOD - - STATE_FAILING_OVER - - STATE_DEGRADED - - STATE_REPAIRING - customerDomainPrefix: - description: >- - Required. Immutable. At least 2 and max 16 char long, must conform - to [RFC 1035](https://www.ietf.org/rfc/rfc1035.txt). - type: string - displayName: - description: Required. A user friendly name for the ContactCenter. - type: string - instanceConfig: - description: >- - The configuration of this instance, it is currently immutable once - created. - $ref: '#/components/schemas/InstanceConfig' - samlParams: - description: Optional. Params that sets up Google as IdP. - $ref: '#/components/schemas/SAMLParams' - userEmail: - description: Optional. Email address of the first admin user. - type: string - ccaipManagedUsers: - description: >- - Optional. Whether to enable users to be created in the - CCAIP-instance concurrently to having users in Cloud identity - type: boolean - adminUser: - description: >- - Optional. Info about the first admin user, such as given name and - family name. - $ref: '#/components/schemas/AdminUser' - kmsKey: - description: >- - Immutable. The KMS key name to encrypt the user input - (`ContactCenter`). - type: string - privateComponents: - description: Output only. TODO(b/283407860) Deprecate this field. - readOnly: true - type: array - items: - type: string - privateAccess: - description: Optional. VPC-SC related networking configuration. - $ref: '#/components/schemas/PrivateAccess' - early: - description: Optional. Early release channel. - $ref: '#/components/schemas/Early' - normal: - description: Optional. Normal release channel. - $ref: '#/components/schemas/Normal' - critical: - description: Optional. Critical release channel. - $ref: '#/components/schemas/Critical' - advancedReportingEnabled: - description: Optional. Whether the advanced reporting feature is enabled. - type: boolean - releaseVersion: - description: Output only. UJET release version, unique for each new release. - readOnly: true - type: string - featureConfig: - description: Optional. Feature configuration to populate the feature flags. - $ref: '#/components/schemas/FeatureConfig' - URIs: - id: URIs - description: Message storing the URIs of the ContactCenter. - type: object - properties: - rootUri: - description: Root Uri of the ContactCenter. - type: string - mediaUri: - description: Media Uri of the ContactCenter. - type: string - virtualAgentStreamingServiceUri: - description: Virtual Agent Streaming Service Uri of the ContactCenter. - type: string - chatBotUri: - description: Chat Bot Uri of the ContactCenter - type: string - InstanceConfig: - id: InstanceConfig - description: Message storing the instance configuration. - type: object - properties: - instanceSize: - description: The instance size of this the instance configuration. + instanceSize: type: string + description: The instance size of this the instance configuration. enumDescriptions: - The default value. This value is used if the state is omitted. - Instance Size STANDARD_SMALL. @@ -350,46 +178,382 @@ components: - SANDBOX_SMALL - TRIAL_SMALL - TIME_LIMITED_TRIAL_SMALL - SAMLParams: - id: SAMLParams - description: Message storing SAML params to enable Google as IDP. type: object + id: InstanceConfig + description: Message storing the instance configuration. + DateTime: properties: - ssoUri: - description: Single sign-on URL + seconds: + format: int32 + description: >- + Optional. Seconds of minutes of the time. Must normally be from 0 to + 59, defaults to 0. An API may allow the value 60 if it allows + leap-seconds. + type: integer + utcOffset: + format: google-duration + description: >- + UTC offset. Must be whole seconds, between -18 hours and +18 hours. + For example, a UTC offset of -4:00 would be represented as { + seconds: -14400 }. type: string - entityId: - description: Entity id URL + hours: + type: integer + description: >- + Optional. Hours of day in 24 hour format. Should be from 0 to 23, + defaults to 0 (midnight). An API may choose to allow the value + "24:00:00" for scenarios like business closing time. + format: int32 + nanos: + description: >- + Optional. Fractions of seconds in nanoseconds. Must be from 0 to + 999,999,999, defaults to 0. + format: int32 + type: integer + timeZone: + $ref: '#/components/schemas/TimeZone' + description: Time zone. + month: + description: >- + Optional. Month of year. Must be from 1 to 12, or 0 if specifying a + datetime without a month. + format: int32 + type: integer + day: + format: int32 + type: integer + description: >- + Optional. Day of month. Must be from 1 to 31 and valid for the year + and month, or 0 if specifying a datetime without a day. + minutes: + type: integer + description: >- + Optional. Minutes of hour of day. Must be from 0 to 59, defaults to + 0. + format: int32 + year: + type: integer + format: int32 + description: >- + Optional. Year of date. Must be from 1 to 9999, or 0 if specifying a + datetime without a year. + description: >- + Represents civil time (or occasionally physical time). This type can + represent a civil time in one of a few possible ways: * When utc_offset + is set and time_zone is unset: a civil time on a calendar day with a + particular offset from UTC. * When time_zone is set and utc_offset is + unset: a civil time on a calendar day in a particular time zone. * When + neither time_zone nor utc_offset is set: a civil time on a calendar day + in local time. The date is relative to the Proleptic Gregorian Calendar. + If year, month, or day are 0, the DateTime is considered not to have a + specific year, month, or day respectively. This type may also be used to + represent a physical time if all the date and time fields are set and + either case of the `time_offset` oneof is set. Consider using + `Timestamp` message for physical time instead. If your use case also + would like to store the user's timezone, that can be done in another + field. This type is more flexible than some applications may want. Make + sure to document and validate your application's limitations. + id: DateTime + type: object + PrivateAccess: + properties: + egressSettings: + items: + $ref: '#/components/schemas/Component' + type: array + description: >- + List of egress components that should not be accessed via the + Internet. For more information see go/ccaip-private-path-v2. + pscSetting: + $ref: '#/components/schemas/PscSetting' + description: Private service connect settings. + ingressSettings: + type: array + description: >- + List of ingress components that should not be accessed via the + Internet. For more information see go/ccaip-private-path-v2. + items: + $ref: '#/components/schemas/Component' + type: object + id: PrivateAccess + description: Defines ingress and egress private traffic settings for CCAIP instances. + Critical: + properties: + peakHours: + items: + $ref: '#/components/schemas/WeeklySchedule' + type: array + description: Required. Hours during which the instance should not be updated. + description: >- + Instances in this Channel will receive updates after all instances in + `Normal` were updated. They also will only be updated outside of their + peak hours. + type: object + id: Critical + OperationMetadata: + id: OperationMetadata + description: Represents the metadata of the long-running operation. + properties: + requestedCancellation: + type: boolean + description: >- + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have been cancelled successfully + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. + readOnly: true + verb: type: string - certificate: - description: SAML certificate + description: Output only. Name of the verb executed by the operation. + readOnly: true + endTime: + readOnly: true + format: google-datetime + description: Output only. The time the operation finished running. type: string - userEmail: - description: Email address of the first admin users. - deprecated: true + statusMessage: + description: Output only. Human-readable status of the operation, if any. type: string - emailMapping: - description: IdP field that maps to the user’s email address + readOnly: true + contactCenter: + description: Contact center information for this request + $ref: '#/components/schemas/ContactCenter' + createTime: type: string - authenticationContexts: - description: Additional contexts used for authentication. - type: array - items: + format: google-datetime + description: Output only. The time the operation was created. + readOnly: true + apiVersion: + type: string + readOnly: true + description: Output only. API version used to start the operation. + target: + type: string + readOnly: true + description: >- + Output only. Server-defined resource path for the target of the + operation. + type: object + AdminUser: + description: 'Message storing info about the first admin user. Next ID: 3' + type: object + properties: + familyName: + description: Optional. Last/family name of the first admin user. + type: string + givenName: + description: Optional. First/given name of the first admin user. + type: string + id: AdminUser + Location: + id: Location + type: object + properties: + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + description: >- + Service-specific metadata. For example the available capacity at the + given location. + labels: + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + additionalProperties: type: string - enumDescriptions: - - >- - The Unspecified class indicates that the authentication was - performed by unspecified means. - - >- - The Internet Protocol class is applicable when a principal is - authenticated through the use of a provided IP address. - - >- - The Internet Protocol Password class is applicable when a - principal is authenticated through the use of a provided IP - address, in addition to a username/password. - - >- - This class is applicable when the principal has authenticated - using a password to a local authentication authority, in order + type: object + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + type: string + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + description: A resource that represents a Google Cloud location. + Status: + properties: + code: + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + format: int32 + message: + type: string + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + details: + type: array + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + id: Status + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + FeatureConfig: + type: object + id: FeatureConfig + properties: + agentDesktopEnabled: + description: >- + Optional. If true - enables the agent desktop feature. Default is + false. + type: boolean + SolverConfig: + id: SolverConfig + type: object + properties: + maximumProcessingDuration: + type: string + format: google-duration + description: >- + Optional. Maximum time the solver should spend on the problem. If + not set, defaults to 1 minute. The choice of a time limit should + depend on the size of the problem. To give an example, when solving + a 7-day instance with 2 `ShiftTemplates`, each with ~20 possible + start times and holding 2 events with ~30 possible start times, and + two days off per week, recommended values are: <10s for fast + solutions (and likely suboptimal), (10s, 300s) for good quality + solutions, and >300s for an exhaustive search. Larger instances may + require longer time limits. This value is not a hard limit and it + does not account for the communication overhead. The expected + latency to solve the problem may slightly exceed this value. + scheduleType: + type: string + enum: + - SCHEDULE_TYPE_UNSPECIFIED + - SINGLE_SHIFT + - WEEKLY_WITH_FIXED_EVENTS + - WEEKLY_WITH_VARIABLE_EVENTS + enumDescriptions: + - Unspecified schedule type. Should not be used. + - Each `EmployeeSchedule` will include exactly one shift. + - >- + `EmployeeSchedule`s will include several shifts to generate a + week-long schedule. The start and end time of events in a + particular `EmployeeSchedule` will be identical. All the shifts + have the same start and end time. + - >- + `EmployeeSchedule`s will include several shifts to generate a + week-long schedule. The start and end time of events in a + particular `EmployeeSchedule` can vary. All the shifts have the + same start and end time. This option may result in longer solve + times. + description: Required. Specifies the type of schedule to generate. + description: Specifies additional parameters for the solver generating shifts. + GenerateShiftsRequest: + properties: + workforceDemands: + $ref: '#/components/schemas/WorkforceDemandList' + description: >- + Required. All the workforce demands that the generated shifts need + to cover. The planning horizon is defined between the earliest start + time and the latest end time across all the entries. This field + cannot be empty. + planningHorizon: + $ref: '#/components/schemas/PlanningHorizon' + description: >- + Required. The solver will generate the maximum number of shifts per + shift template. + employeeInfo: + items: + $ref: '#/components/schemas/EmployeeInfo' + type: array + description: >- + Optional. Employee information that should be considered when + generating shifts. + shiftTemplates: + items: + $ref: '#/components/schemas/ShiftTemplate' + description: >- + Required. Set of shift templates specifying rules for generating + shifts. A shift template can be used for generating multiple shifts. + type: array + solverConfig: + $ref: '#/components/schemas/SolverConfig' + description: Optional. Parameters for the solver. + type: object + id: GenerateShiftsRequest + description: >- + Request with constraints for generating shifts. The shifts generated + must adhere to these constraints. + DateList: + id: DateList + description: List of dates. + type: object + properties: + values: + description: Optional. Values in the list. + type: array + items: + $ref: '#/components/schemas/Date' + Early: + properties: {} + type: object + description: >- + LINT.IfChange First Channel to receive the updates. Meant to dev/test + instances + id: Early + SAMLParams: + type: object + description: Message storing SAML params to enable Google as IDP. + id: SAMLParams + properties: + userEmail: + type: string + deprecated: true + description: Email address of the first admin users. + emailMapping: + type: string + description: IdP field that maps to the user’s email address + certificate: + description: SAML certificate + type: string + entityId: + type: string + description: Entity id URL + ssoUri: + description: Single sign-on URL + type: string + authenticationContexts: + description: Additional contexts used for authentication. + items: + type: string + enumDescriptions: + - >- + The Unspecified class indicates that the authentication was + performed by unspecified means. + - >- + The Internet Protocol class is applicable when a principal is + authenticated through the use of a provided IP address. + - >- + The Internet Protocol Password class is applicable when a + principal is authenticated through the use of a provided IP + address, in addition to a username/password. + - >- + This class is applicable when the principal has authenticated + using a password to a local authentication authority, in order to acquire a Kerberos ticket. That Kerberos ticket is then used for subsequent network authentication. - >- @@ -510,114 +674,184 @@ components: - SECURE_REMOTE_PASSWORD - SSL_TLS_CERTIFICATE_BASED - TIME_SYNC_TOKEN - AdminUser: - id: AdminUser - description: 'Message storing info about the first admin user. Next ID: 3' + type: array + Operation: + description: >- + This resource represents a long-running operation that is the result of + a network API call. + properties: + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + response: + type: object + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + id: Operation + type: object + Empty: + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + id: Empty + properties: {} + URIs: type: object + description: Message storing the URIs of the ContactCenter. + id: URIs properties: - givenName: - description: Optional. First/given name of the first admin user. + rootUri: + description: Root Uri of the ContactCenter. type: string - familyName: - description: Optional. Last/family name of the first admin user. + virtualAgentStreamingServiceUri: + description: Virtual Agent Streaming Service Uri of the ContactCenter. type: string - PrivateAccess: - id: PrivateAccess - description: Defines ingress and egress private traffic settings for CCAIP instances. + chatBotUri: + description: Chat Bot Uri of the ContactCenter + type: string + mediaUri: + type: string + description: Media Uri of the ContactCenter. + ListOperationsResponse: + description: The response message for Operations.ListOperations. type: object + id: ListOperationsResponse properties: - ingressSettings: - description: >- - List of ingress components that should not be accessed via the - Internet. For more information see go/ccaip-private-path-v2. - type: array + nextPageToken: + type: string + description: The standard List next-page token. + unreachable: items: - $ref: '#/components/schemas/Component' - egressSettings: + type: string + type: array description: >- - List of egress components that should not be accessed via the - Internet. For more information see go/ccaip-private-path-v2. + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + operations: type: array + description: >- + A list of operations that matches the specified filter in the + request. items: - $ref: '#/components/schemas/Component' - pscSetting: - description: Private service connect settings. - $ref: '#/components/schemas/PscSetting' - Component: - id: Component - description: >- - Defines a logical CCAIP component that e.g. “EMAIL”, "CRM". For more - information see go/ccaip-private-path-v2. Each logical component is - associated with a list of service attachments. - type: object + $ref: '#/components/schemas/Operation' + TimeZone: properties: - name: - description: Name of the component. + id: + description: IANA Time Zone Database time zone. For example "America/New_York". + type: string + version: type: string - serviceAttachmentNames: description: >- - Associated service attachments. The service attachment names that - will be used for sending private traffic to the CCAIP tenant - project. Example service attachment name: - "projects/${TENANT_PROJECT_ID}/regions/${REGION}/serviceAttachments/ingress-default". - type: array - items: - type: string - PscSetting: - id: PscSetting - description: Private service connect settings. + Optional. IANA Time Zone Database version number. For example + "2019a". type: object + id: TimeZone + description: >- + Represents a time zone from the [IANA Time Zone + Database](https://www.iana.org/time-zones). + ListContactCentersResponse: + id: ListContactCentersResponse properties: - allowedConsumerProjectIds: - description: >- - The list of project ids that are allowed to send traffic to the - service attachment. This field should be filled only for the ingress - components. - type: array + unreachable: items: type: string - producerProjectIds: - description: Output only. The CCAIP tenant project ids. - readOnly: true type: array + description: Locations that could not be reached. + nextPageToken: + type: string + description: A token identifying a page of results the server should return. + contactCenters: items: - type: string - Early: - id: Early - description: >- - LINT.IfChange First Channel to receive the updates. Meant to dev/test - instances - type: object - properties: {} - Normal: - id: Normal - description: >- - Instances in this Channel will receive updates after all instances in - `Early` were updated + 2 days. + $ref: '#/components/schemas/ContactCenter' + description: The list of ContactCenter + type: array type: object - properties: {} - Critical: - id: Critical - description: >- - Instances in this Channel will receive updates after all instances in - `Normal` were updated. They also will only be updated outside of their - peak hours. + description: Message for response to listing ContactCenters + WorkforceDemand: + id: WorkforceDemand type: object properties: - peakHours: - description: Required. Hours during which the instance should not be updated. - type: array - items: - $ref: '#/components/schemas/WeeklySchedule' + startTime: + description: >- + Required. Start of the time interval for the given demand + (inclusive). These values are read down to the minute; seconds and + all smaller units are ignored. + $ref: '#/components/schemas/DateTime' + endTime: + $ref: '#/components/schemas/DateTime' + description: >- + Required. End of the time interval for the given demand (exclusive). + These values are read down to the minute; seconds and all smaller + units are ignored. + employeeCount: + format: int32 + description: >- + Optional. Number of employees needed to cover the demand for this + interval. + type: integer + description: >- + Specifies the number of employees required to cover the demand in the + given time interval. The length of the interval must be strictly + positive. WeeklySchedule: + type: object id: WeeklySchedule description: Message representing a weekly schedule. - type: object properties: days: description: Required. Days of the week this schedule applies to. type: array items: + enum: + - DAY_OF_WEEK_UNSPECIFIED + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + - SUNDAY type: string enumDescriptions: - The day of the week is unspecified. @@ -628,15 +862,6 @@ components: - Friday - Saturday - Sunday - enum: - - DAY_OF_WEEK_UNSPECIFIED - - MONDAY - - TUESDAY - - WEDNESDAY - - THURSDAY - - FRIDAY - - SATURDAY - - SUNDAY startTime: description: Required. Daily start time of the schedule. $ref: '#/components/schemas/TimeOfDay' @@ -647,290 +872,486 @@ components: day. $ref: '#/components/schemas/TimeOfDay' duration: + format: google-duration description: Optional. Duration of the schedule. type: string - format: google-duration - TimeOfDay: - id: TimeOfDay - description: >- - Represents a time of day. The date and time zone are either not - significant or are specified elsewhere. An API may choose to allow leap - seconds. Related types are google.type.Date and - `google.protobuf.Timestamp`. + PscSetting: + description: Private service connect settings. type: object + id: PscSetting properties: - hours: - description: >- - Hours of a day in 24 hour format. Must be greater than or equal to 0 - and typically must be less than or equal to 23. An API may choose to - allow the value "24:00:00" for scenarios like business closing time. - type: integer - format: int32 - minutes: - description: >- - Minutes of an hour. Must be greater than or equal to 0 and less than - or equal to 59. - type: integer - format: int32 - seconds: - description: >- - Seconds of a minute. Must be greater than or equal to 0 and - typically must be less than or equal to 59. An API may allow the - value 60 if it allows leap-seconds. - type: integer - format: int32 - nanos: + allowedConsumerProjectIds: + type: array + items: + type: string description: >- - Fractions of seconds, in nanoseconds. Must be greater than or equal - to 0 and less than or equal to 999,999,999. - type: integer - format: int32 - FeatureConfig: - id: FeatureConfig - type: object + The list of project ids that are allowed to send traffic to the + service attachment. This field should be filled only for the ingress + components. + producerProjectIds: + type: array + description: Output only. The CCAIP tenant project ids. + items: + type: string + readOnly: true + Component: + description: >- + Defines a logical CCAIP component that e.g. “EMAIL”, "CRM". For more + information see go/ccaip-private-path-v2. Each logical component is + associated with a list of service attachments. + id: Component properties: - agentDesktopEnabled: + serviceAttachmentNames: description: >- - Optional. If true - enables the agent desktop feature. Default is - false. - type: boolean - ContactCenterQuota: - id: ContactCenterQuota - description: Represents a quota for contact centers. + Associated service attachments. The service attachment names that + will be used for sending private traffic to the CCAIP tenant + project. Example service attachment name: + "projects/${TENANT_PROJECT_ID}/regions/${REGION}/serviceAttachments/ingress-default". + items: + type: string + type: array + name: + description: Name of the component. + type: string type: object + ContactCenter: + id: ContactCenter properties: - contactCenterCountLimit: + early: + description: Optional. Early release channel. + $ref: '#/components/schemas/Early' + normal: + $ref: '#/components/schemas/Normal' + description: Optional. Normal release channel. + kmsKey: + type: string description: >- - Deprecated: Use the Quota fields instead. Reflects the count limit - of contact centers on a billing account. - deprecated: true - type: integer - format: int32 - contactCenterCountSum: + Immutable. The KMS key name to encrypt the user input + (`ContactCenter`). + instanceConfig: description: >- - Deprecated: Use the Quota fields instead. Reflects the count sum of - contact centers on a billing account. - deprecated: true - type: integer - format: int32 - quotas: - description: Quota details per contact center instance type. + The configuration of this instance, it is currently immutable once + created. + $ref: '#/components/schemas/InstanceConfig' + privateAccess: + description: Optional. VPC-SC related networking configuration. + $ref: '#/components/schemas/PrivateAccess' + uris: + $ref: '#/components/schemas/URIs' + readOnly: true + description: Output only. URIs to access the deployed ContactCenters. + featureConfig: + $ref: '#/components/schemas/FeatureConfig' + description: Optional. Feature configuration to populate the feature flags. + advancedReportingEnabled: + type: boolean + description: Optional. Whether the advanced reporting feature is enabled. + customerDomainPrefix: + type: string + description: >- + Required. Immutable. At least 2 and max 16 char long, must conform + to [RFC 1035](https://www.ietf.org/rfc/rfc1035.txt). + state: + enum: + - STATE_UNSPECIFIED + - STATE_DEPLOYING + - STATE_DEPLOYED + - STATE_TERMINATING + - STATE_FAILED + - STATE_TERMINATING_FAILED + - STATE_TERMINATED + - STATE_IN_GRACE_PERIOD + - STATE_FAILING_OVER + - STATE_DEGRADED + - STATE_REPAIRING + readOnly: true + type: string + enumDescriptions: + - The default value. This value is used if the state is omitted. + - State DEPLOYING + - State DEPLOYED + - State TERMINATING + - State FAILED + - State TERMINATING_FAILED + - State TERMINATED + - State IN_GRACE_PERIOD + - >- + State in STATE_FAILING_OVER. This State must ONLY be used by + Multiregional Instances when a failover was triggered. Customers + are not able to update instances in this state. + - >- + State DEGRADED. This State must ONLY be used by Multiregional + Instances after a failover was executed successfully. Customers + are not able to update instances in this state. + - >- + State REPAIRING. This State must ONLY be used by Multiregional + Instances after a fallback was triggered. Customers are not able + to update instancs in this state. + description: Output only. The state of this contact center. + privateComponents: + readOnly: true type: array + description: Output only. TODO(b/283407860) Deprecate this field. items: - $ref: '#/components/schemas/Quota' - Quota: - id: Quota - description: Quota details. + type: string + samlParams: + description: Optional. Params that sets up Google as IdP. + $ref: '#/components/schemas/SAMLParams' + labels: + description: Labels as key value pairs + type: object + additionalProperties: + type: string + displayName: + description: Required. A user friendly name for the ContactCenter. + type: string + releaseVersion: + readOnly: true + type: string + description: Output only. UJET release version, unique for each new release. + critical: + description: Optional. Critical release channel. + $ref: '#/components/schemas/Critical' + ccaipManagedUsers: + description: >- + Optional. Whether to enable users to be created in the + CCAIP-instance concurrently to having users in Cloud identity + type: boolean + userEmail: + type: string + description: Optional. Email address of the first admin user. + adminUser: + description: >- + Optional. Info about the first admin user, such as given name and + family name. + $ref: '#/components/schemas/AdminUser' + name: + description: name of resource + type: string + createTime: + readOnly: true + type: string + format: google-datetime + description: Output only. [Output only] Create time stamp + updateTime: + format: google-datetime + readOnly: true + type: string + description: Output only. [Output only] Update time stamp type: object + description: Message describing ContactCenter object + UnwantedEventInterval: properties: - contactCenterCountLimit: - description: Reflects the count limit of contact centers on a billing account. - type: integer + startTime: + $ref: '#/components/schemas/DateTime' + description: Required. Start time of the event. + durationMinutes: + description: Required. Duration of the event. format: int32 - contactCenterCountSum: - description: Reflects the count sum of contact centers on a billing account. type: integer - format: int32 - contactCenterInstanceSize: - description: Contact center instance type. - type: string - enumDescriptions: - - The default value. This value is used if the state is omitted. - - Instance Size STANDARD_SMALL. - - Instance Size STANDARD_MEDIUM. - - Instance Size STANDARD_LARGE. - - Instance Size STANDARD_XLARGE. - - Instance Size STANDARD_2XLARGE. - - Instance Size STANDARD_3XLARGE. - - Instance Size MULTIREGION_SMALL - - Instance Size MULTIREGION_MEDIUM - - Instance Size MULTIREGION_LARGE - - Instance Size MULTIREGION_XLARGE - - Instance Size MULTIREGION_2XLARGE. - - Instance Size MULTIREGION_3XLARGE. - - Instance Size DEV_SMALL - - Instance Size SANDBOX_SMALL - - Instance Size TRIAL_SMALL - - Instance Size TIME_LIMITED_TRIAL_SMALL - enum: - - INSTANCE_SIZE_UNSPECIFIED - - STANDARD_SMALL - - STANDARD_MEDIUM - - STANDARD_LARGE - - STANDARD_XLARGE - - STANDARD_2XLARGE - - STANDARD_3XLARGE - - MULTIREGION_SMALL - - MULTIREGION_MEDIUM - - MULTIREGION_LARGE - - MULTIREGION_XLARGE - - MULTIREGION_2XLARGE - - MULTIREGION_3XLARGE - - DEV_SMALL - - SANDBOX_SMALL - - TRIAL_SMALL - - TIME_LIMITED_TRIAL_SMALL - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. + description: >- + Specifies a time interval during which the overlap with events + (generated from event templates) should be minimal. + id: UnwantedEventInterval type: object + EmployeeInfo: properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. + unwantedEventIntervals: type: array + description: >- + Optional. A list of unwanted event intervals for this employee. The + start time of the interval must be in the planning horizon. items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. + $ref: '#/components/schemas/UnwantedEventInterval' + id: + description: Required. Unique ID of this employee. type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + description: Information about a particular employee for planning purposes. type: object + id: EmployeeInfo + EventTemplate: properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + id: + description: Required. Unique ID of this template. type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: + startTimeIncrementMinutes: description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: + Required. The time increment (in minutes) used to generate the set + of possible event start times between + `minimum_minutes_after_shift_start` and + `maximum_minutes_after_shift_start`. For example, if the minimum + minutes after shift start are 30, maximum minutes after shift start + are 45, and the start time increment is 5 minutes, the event can + take place 30, 35, 40, or 45 minutes after the start of the shift. + type: integer + format: int32 + durationMinutes: + format: int32 + description: Required. Fixed duration in minutes of this event. + type: integer + maximumMinutesAfterShiftStart: + format: int32 description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + Optional. Maximum number of minutes after the beginning of a shift + that this event can start. + type: integer + minimumMinutesAfterShiftStart: + format: int32 + description: >- + Optional. Minimum number of minutes after the beginning of a shift + that this event can start. + type: integer + description: >- + Template specifying rules for generating a single event that occurs + during a shift. An event may represent a meeting, break, lunch, etc. + type: object + id: EventTemplate GoogleCloudCommonOperationMetadata: - id: GoogleCloudCommonOperationMetadata - description: Represents the metadata of the long-running operation. type: object + description: Represents the metadata of the long-running operation. properties: createTime: description: Output only. The time the operation was created. - readOnly: true type: string format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - target: - description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. readOnly: true - type: string statusDetail: - description: Output only. Human-readable status of the operation, if any. readOnly: true + description: Output only. Human-readable status of the operation, if any. type: string cancelRequested: + readOnly: true description: >- Output only. Identifies whether the user has requested cancellation of the operation. Operations that have been cancelled successfully have google.longrunning.Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - readOnly: true type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. - type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + verb: + description: Output only. Name of the verb executed by the operation. type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. readOnly: true - type: string - format: google-datetime target: + readOnly: true description: >- Output only. Server-defined resource path for the target of the operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. + endTime: readOnly: true type: string - requestedCancellation: - description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been cancelled successfully - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean + format: google-datetime + description: Output only. The time the operation finished running. apiVersion: description: Output only. API version used to start the operation. readOnly: true type: string - contactCenter: - description: Contact center information for this request - $ref: '#/components/schemas/ContactCenter' + id: GoogleCloudCommonOperationMetadata + TimeOfDay: + properties: + hours: + type: integer + description: >- + Hours of a day in 24 hour format. Must be greater than or equal to 0 + and typically must be less than or equal to 23. An API may choose to + allow the value "24:00:00" for scenarios like business closing time. + format: int32 + minutes: + description: >- + Minutes of an hour. Must be greater than or equal to 0 and less than + or equal to 59. + format: int32 + type: integer + nanos: + format: int32 + description: >- + Fractions of seconds, in nanoseconds. Must be greater than or equal + to 0 and less than or equal to 999,999,999. + type: integer + seconds: + format: int32 + type: integer + description: >- + Seconds of a minute. Must be greater than or equal to 0 and + typically must be less than or equal to 59. An API may allow the + value 60 if it allows leap-seconds. + description: >- + Represents a time of day. The date and time zone are either not + significant or are specified elsewhere. An API may choose to allow leap + seconds. Related types are google.type.Date and + `google.protobuf.Timestamp`. + id: TimeOfDay + type: object + ShiftTemplate: + id: ShiftTemplate + properties: + assignableEmployeeIds: + type: array + items: + type: string + description: >- + Optional. A list of specific employee IDs that can be assigned to + shifts generated by this template. If this field is present, there + will be `EmployeeSchedule`s in the response for which the + `EmployeeSchedule.employee_id` field is set to one of the IDs in + this list. The number of employee schedules with an assigned + employee ID will be between `minimum_employee_count` and + `maximum_employee_count`. If this field is empty, between + `minimum_employee_count` and `maximum_employee_count` employees can + be assigned to shifts generated by this template and the employee + schedules won't have an assigned employee ID. Currently, only one + assignable employee ID is supported. + minimumIntereventGapMinutes: + type: integer + description: >- + Optional. Minimum minutes between the end of one event and the start + of the next. + format: int32 + eventTemplates: + items: + $ref: '#/components/schemas/EventTemplate' + description: >- + Optional. Rules for generating events for each shift. Exactly one + event will be included in each shift for each `EventTemplate` + specified. + type: array + startTimeIncrementMinutes: + type: integer + description: >- + Optional. The time increment (in minutes) used to generate the set + of possible start times between `earliest_start_time` and + `latest_start_time`. For example, if the earliest start time is + 8:00, the latest start time is 8:30, and the start time increment is + 10 minutes, then all possible start times for this shift template + are: 8:00, 8:10, 8:20, and 8:30. + format: int32 + daysOffDates: + description: Fixed dates when shifts from this template should not be generated. + $ref: '#/components/schemas/DateList' + earliestStartTime: + description: >- + Required. Earliest time in the day that a shift can start. This + value is specified with hours and minutes; seconds and nanos are + ignored. + $ref: '#/components/schemas/TimeOfDay' + latestStartTime: + $ref: '#/components/schemas/TimeOfDay' + description: >- + Required. Latest time in the day that a shift can start. This value + is specified with hours and minutes; seconds and nanos are ignored. + If this value is less than the `earliest_start_time`, it may imply + an overnight shift. + minimumEmployeeCount: + format: int32 + type: integer + description: >- + Optional. Minimum number of employees that can be assigned to all + shifts generated by this template on working days. + maximumEmployeeCount: + type: integer + format: int32 + description: >- + Required. Maximum number of employees that can be assigned to all + shifts generated by this template on working days. + daysOffCountPerWeek: + type: integer + format: int32 + description: >- + Fixed number of days off per week. An employee has a given day off + if they are not assigned to a shift that starts on that day. A week + is 7 days and begins on Sunday. + durationMinutes: + description: Required. Fixed duration of a shift generated by this template. + type: integer + format: int32 + id: + description: Required. Unique ID of this template. + type: string + type: object + description: >- + Template specifying rules for generating shifts. A shift is a unit of + work that specifies a start time, end time, and may contain events (e.g. + lunch, breaks etc.). Shifts will be assigned to specific dates in the + response. + WorkforceDemandList: + type: object + id: WorkforceDemandList + description: List of workforce demands. + properties: + values: + type: array + description: Optional. Values in the list. + items: + $ref: '#/components/schemas/WorkforceDemand' + Date: + description: >- + Represents a whole or partial calendar date, such as a birthday. The + time of day and time zone are either specified elsewhere or are + insignificant. The date is relative to the Gregorian Calendar. This can + represent one of the following: * A full date, with non-zero year, + month, and day values. * A month and day, with a zero year (for example, + an anniversary). * A year on its own, with a zero month and a zero day. + * A year and month, with a zero day (for example, a credit card + expiration date). Related types: * google.type.TimeOfDay * + google.type.DateTime * google.protobuf.Timestamp + type: object + id: Date + properties: + month: + description: >- + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. + type: integer + format: int32 + day: + description: >- + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. + type: integer + format: int32 + year: + type: integer + description: >- + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. + format: int32 + PlanningHorizon: + type: object + id: PlanningHorizon + description: >- + Specifies the time interval during which the solver should generate + shifts. The start time must be before the end time. + properties: + startTime: + description: >- + Required. Start of the time interval for the given demand + (inclusive). These values are read down to the minute; seconds and + all smaller units are ignored. + $ref: '#/components/schemas/DateTime' + endTime: + $ref: '#/components/schemas/DateTime' + description: >- + Required. End of the time interval for the given demand (exclusive). + These values are read down to the minute; seconds and all smaller + units are ignored. parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: alt + name: upload_protocol schema: type: string - enum: - - json - - media - - proto - callback: - description: JSONP + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: callback + name: uploadType schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: fields + name: oauth_token schema: type: string key: @@ -942,18 +1363,16 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + alt: + description: Data format for response. in: query - name: oauth_token + name: alt schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean + enum: + - json + - media + - proto quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -963,16 +1382,16 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + access_token: + description: OAuth access token. in: query - name: upload_protocol + name: access_token schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: uploadType + name: fields schema: type: string _.xgafv: @@ -984,6 +1403,18 @@ components: enum: - '1' - '2' + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + callback: + description: JSONP + in: query + name: callback + schema: + type: string x-stackQL-resources: locations: id: google.contactcenteraiplatform.locations @@ -997,20 +1428,27 @@ components: response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: - $ref: '#/paths/~1v1alpha1~1projects~1{projectsId}~1locations/get' + $ref: >- + #/paths/~1v1alpha1~1projects~1{projectsId}~1locations~1{locationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.locations - get: + generate_shifts: operation: $ref: >- - #/paths/~1v1alpha1~1projects~1{projectsId}~1locations~1{locationsId}/get + #/paths/~1v1alpha1~1projects~1{projectsId}~1locations~1{locationsId}:generateShifts/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: '#/paths/~1v1alpha1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.locations sqlVerbs: select: - $ref: >- @@ -1026,35 +1464,35 @@ components: name: operations title: Operations methods: - list: + cancel: operation: $ref: >- - #/paths/~1v1alpha1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1alpha1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - get: + delete: operation: $ref: >- - #/paths/~1v1alpha1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1alpha1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1alpha1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1alpha1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - cancel: + list: operation: $ref: >- - #/paths/~1v1alpha1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1alpha1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/operations/methods/get' @@ -1084,24 +1522,24 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get: + patch: operation: $ref: >- - #/paths/~1v1alpha1~1projects~1{projectsId}~1locations~1{locationsId}~1contactCenters~1{contactCentersId}/get + #/paths/~1v1alpha1~1projects~1{projectsId}~1locations~1{locationsId}~1contactCenters~1{contactCentersId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v1alpha1~1projects~1{projectsId}~1locations~1{locationsId}~1contactCenters~1{contactCentersId}/patch + #/paths/~1v1alpha1~1projects~1{projectsId}~1locations~1{locationsId}~1contactCenters~1{contactCentersId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1alpha1~1projects~1{projectsId}~1locations~1{locationsId}~1contactCenters~1{contactCentersId}/delete + #/paths/~1v1alpha1~1projects~1{projectsId}~1locations~1{locationsId}~1contactCenters~1{contactCentersId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -1119,17 +1557,17 @@ components: paths: /v1alpha1/projects/{projectsId}/locations/{locationsId}:queryContactCenterQuota: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/callback' get: description: >- Queries the contact center quota, an aggregation over all the projects, @@ -1158,11 +1596,11 @@ paths: required: true schema: type: string - /v1alpha1/projects/{projectsId}/locations: + /v1alpha1/projects/{projectsId}/locations/{locationsId}: parameters: *ref_1 get: - description: Lists information about the supported locations for this service. - operationId: contactcenteraiplatform.projects.locations.list + description: Gets information about a location. + operationId: contactcenteraiplatform.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1174,35 +1612,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes + - in: path + name: locationsId + required: true schema: type: string - /v1alpha1/projects/{projectsId}/locations/{locationsId}: + /v1alpha1/projects/{projectsId}/locations/{locationsId}:generateShifts: parameters: *ref_1 - get: - description: Gets information about a location. - operationId: contactcenteraiplatform.projects.locations.get + post: + description: Generates shifts constrained by various parameters. + operationId: contactcenteraiplatform.projects.locations.generateShifts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GenerateShiftsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1214,7 +1645,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -1226,13 +1657,11 @@ paths: required: true schema: type: string - /v1alpha1/projects/{projectsId}/locations/{locationsId}/operations: + /v1alpha1/projects/{projectsId}/locations: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: contactcenteraiplatform.projects.locations.operations.list + description: Lists information about the supported locations for this service. + operationId: contactcenteraiplatform.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1244,20 +1673,15 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true - schema: - type: string - in: query - name: filter + name: pageToken schema: type: string - in: query @@ -1266,17 +1690,32 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - /v1alpha1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + - in: query + name: extraLocationTypes + schema: + type: string + /v1alpha1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: contactcenteraiplatform.projects.locations.operations.get + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: contactcenteraiplatform.projects.locations.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1288,7 +1727,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -1305,6 +1744,8 @@ paths: required: true schema: type: string + /v1alpha1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 delete: description: >- Deletes a long-running operation. This method indicates that the client @@ -1340,25 +1781,12 @@ paths: required: true schema: type: string - /v1alpha1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: contactcenteraiplatform.projects.locations.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: contactcenteraiplatform.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1370,7 +1798,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -1387,11 +1815,13 @@ paths: required: true schema: type: string - /v1alpha1/projects/{projectsId}/locations/{locationsId}/contactCenters: + /v1alpha1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 get: - description: Lists ContactCenters in a given project and location. - operationId: contactcenteraiplatform.projects.locations.contactCenters.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: contactcenteraiplatform.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1403,7 +1833,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListContactCentersResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -1421,25 +1851,22 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query - name: filter + name: pageToken schema: type: string - in: query - name: orderBy + name: returnPartialSuccess schema: - type: string - post: - description: Creates a new ContactCenter in a given project and location. - operationId: contactcenteraiplatform.projects.locations.contactCenters.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ContactCenter' + type: boolean + /v1alpha1/projects/{projectsId}/locations/{locationsId}/contactCenters: + parameters: *ref_1 + get: + description: Lists ContactCenters in a given project and location. + operationId: contactcenteraiplatform.projects.locations.contactCenters.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1451,7 +1878,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListContactCentersResponse' parameters: - in: path name: projectsId @@ -1464,18 +1891,30 @@ paths: schema: type: string - in: query - name: contactCenterId + name: pageToken schema: type: string - in: query - name: requestId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy schema: type: string - /v1alpha1/projects/{projectsId}/locations/{locationsId}/contactCenters/{contactCentersId}: - parameters: *ref_1 - get: - description: Gets details of a single ContactCenter. - operationId: contactcenteraiplatform.projects.locations.contactCenters.get + - in: query + name: filter + schema: + type: string + post: + description: Creates a new ContactCenter in a given project and location. + operationId: contactcenteraiplatform.projects.locations.contactCenters.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ContactCenter' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1487,7 +1926,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ContactCenter' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -1499,11 +1938,16 @@ paths: required: true schema: type: string - - in: path - name: contactCentersId - required: true + - in: query + name: requestId + schema: + type: string + - in: query + name: contactCenterId schema: type: string + /v1alpha1/projects/{projectsId}/locations/{locationsId}/contactCenters/{contactCentersId}: + parameters: *ref_1 patch: description: Updates the parameters of a single ContactCenter. operationId: contactcenteraiplatform.projects.locations.contactCenters.patch @@ -1541,14 +1985,14 @@ paths: schema: type: string - in: query - name: updateMask + name: requestId schema: type: string - format: google-fieldmask - in: query - name: requestId + name: updateMask schema: type: string + format: google-fieldmask delete: description: Deletes a single ContactCenter. operationId: contactcenteraiplatform.projects.locations.contactCenters.delete @@ -1584,3 +2028,34 @@ paths: name: requestId schema: type: string + get: + description: Gets details of a single ContactCenter. + operationId: contactcenteraiplatform.projects.locations.contactCenters.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ContactCenter' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: contactCentersId + required: true + schema: + type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/contactcenterinsights.yaml b/providers/src/googleapis.com/v00.00.00000/services/contactcenterinsights.yaml index 2d604f49..15acf7d6 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/contactcenterinsights.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/contactcenterinsights.yaml @@ -7,8 +7,8 @@ info: title: Contact Center AI Insights API description: '' version: v1 - x-discovery-doc-revision: '20250825' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251203' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/contact-center/insights/docs servers: @@ -34,1647 +34,1785 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleLongrunningListOperationsResponse: - id: GoogleLongrunningListOperationsResponse - description: The response message for Operations.ListOperations. + GoogleCloudContactcenterinsightsV1BulkDeleteConversationsMetadata: type: object + description: The metadata for a bulk delete conversations operation. + id: GoogleCloudContactcenterinsightsV1BulkDeleteConversationsMetadata properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array + createTime: + format: google-datetime + description: The time the operation was created. + type: string + request: + description: The original request for bulk delete. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDeleteConversationsRequest + partialErrors: items: - $ref: '#/components/schemas/GoogleLongrunningOperation' - nextPageToken: - description: The standard List next-page token. + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + description: >- + Partial errors during bulk delete conversations operation that might + cause the operation output to be incomplete. + endTime: type: string - GoogleLongrunningOperation: - id: GoogleLongrunningOperation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + description: The time the operation finished running. + format: google-datetime + GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPoint: + id: >- + GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPoint type: object properties: - name: + conversationMeasure: + description: The measure related to conversations. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPointConversationMeasure + interval: + $ref: '#/components/schemas/GoogleTypeInterval' description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + The interval that this data point represents. * If this is the total + data point, the interval is [starting create time, ending create + time) from the request. * If this a data point from the time series, + the interval is [time, time + time granularity from the request). + description: A data point contains the metric values mapped to an interval. + GoogleCloudContactcenterinsightsV1DimensionMediumDimensionMetadata: + id: GoogleCloudContactcenterinsightsV1DimensionMediumDimensionMetadata + description: Metadata about the conversation medium dimension. + properties: + medium: type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/GoogleRpcStatus' - response: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleRpcStatus: - id: GoogleRpcStatus - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + Optional. The conversation medium. Currently supports : PHONE_CALL, + CHAT. + type: object + GoogleCloudContactcenterinsightsV1ListViewsResponse: + description: The response of listing views. + id: GoogleCloudContactcenterinsightsV1ListViewsResponse type: object properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + views: + items: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1View' + description: The views that match the request. + type: array + nextPageToken: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleProtobufEmpty: - id: GoogleProtobufEmpty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + GoogleCloudContactcenterinsightsV1alpha1SentimentData: + description: The data for a sentiment annotation. type: object - properties: {} - GoogleCloudContactcenterinsightsV1Conversation: - id: GoogleCloudContactcenterinsightsV1Conversation - description: The conversation resource. + properties: + magnitude: + description: >- + A non-negative number from 0 to infinity which represents the + absolute magnitude of sentiment regardless of score. + format: float + type: number + score: + type: number + description: The sentiment score between -1.0 (negative) and 1.0 (positive). + format: float + id: GoogleCloudContactcenterinsightsV1alpha1SentimentData + GoogleCloudContactcenterinsightsV1SampleConversationsRequest: + description: The request to sample conversations to a dataset. + id: GoogleCloudContactcenterinsightsV1SampleConversationsRequest type: object properties: - callMetadata: - description: Call-specific metadata. + sampleRule: + description: Optional. The sample rule used for sampling conversations. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SampleRule' + destinationDataset: + description: The dataset resource to copy the sampled conversations to. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dataset' + parent: + description: Required. The parent resource of the dataset. + type: string + GoogleCloudContactcenterinsightsV1PhraseMatchRule: + id: GoogleCloudContactcenterinsightsV1PhraseMatchRule + properties: + query: + type: string + description: Required. The phrase to be matched. + negated: + type: boolean + description: >- + Specifies whether the phrase must be missing from the transcript + segment or present in the transcript segment. + config: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationCallMetadata - expireTime: + #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatchRuleConfig description: >- - The time at which this conversation should expire. After this time, - the conversation data and any associated analyses will be deleted. + Provides additional information about the rule that specifies how to + apply the rule. + type: object + description: The data for a phrase match rule. + GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceTimeSeries: + description: A time series of metric values. + type: object + properties: + dataPoints: + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPoint + type: array + description: The data points that make up the time series . + id: GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceTimeSeries + GoogleCloudContactcenterinsightsV1AuthorizedViewSet: + description: An AuthorizedViewSet contains a set of AuthorizedView resources. + properties: + createTime: + description: Output only. Create time. type: string format: google-datetime - ttl: - description: >- - Input only. The TTL for this resource. If specified, then this TTL - will be used to calculate the expire time. + readOnly: true + displayName: type: string - format: google-duration + description: Display Name. Limit 64 characters. name: description: >- - Immutable. The resource name of the conversation. Format: - projects/{project}/locations/{location}/conversations/{conversation} - type: string - dataSource: - description: The source of the audio and transcription for the conversation. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationDataSource - createTime: - description: Output only. The time at which the conversation was created. - readOnly: true + Identifier. The resource name of the AuthorizedViewSet. Format: + projects/{project}/locations/{location}/authorizedViewSets/{authorized_view_set} type: string - format: google-datetime updateTime: - description: >- - Output only. The most recent time at which the conversation was - updated. readOnly: true type: string format: google-datetime - startTime: - description: The time at which the conversation started. - type: string - format: google-datetime - languageCode: - description: A user-specified language code for the conversation. + description: Output only. Update time. + type: object + id: GoogleCloudContactcenterinsightsV1AuthorizedViewSet + GoogleCloudContactcenterinsightsV1alpha1AnswerFeedback: + description: >- + The feedback that the customer has about a certain answer in the + conversation. + type: object + properties: + correctnessLevel: + enumDescriptions: + - Correctness level unspecified. + - Answer is totally wrong. + - Answer is partially correct. + - Answer is fully correct. type: string - agentId: - description: >- - An opaque, user-specified string representing the human agent who - handled the conversation. - type: string - labels: + enum: + - CORRECTNESS_LEVEL_UNSPECIFIED + - NOT_CORRECT + - PARTIALLY_CORRECT + - FULLY_CORRECT + description: The correctness level of an answer. + clicked: + type: boolean + description: Indicates whether an answer or item was clicked by the human agent. + displayed: description: >- - A map for the user to specify any custom fields. A maximum of 100 - labels per conversation is allowed, with a maximum of 256 characters - per entry. - type: object - additionalProperties: - type: string - qualityMetadata: - description: Conversation metadata related to quality management. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationQualityMetadata - metadataJson: + Indicates whether an answer or item was displayed to the human agent + in the agent desktop UI. + type: boolean + id: GoogleCloudContactcenterinsightsV1alpha1AnswerFeedback + GoogleCloudContactcenterinsightsV1QueryMetricsRequest: + properties: + filter: description: >- - Input only. JSON metadata encoded as a string. This field is - primarily used by Insights integrations with various telephony - systems and must be in one of Insight's supported formats. + Required. Filter to select a subset of conversations to compute the + metrics. Must specify a window of the conversation create time to + compute the metrics. The returned metrics will be from the range + [DATE(starting create time), DATE(ending create time)). type: string - transcript: - description: Output only. The conversation transcript. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationTranscript - medium: - description: >- - Immutable. The conversation medium, if unspecified will default to - PHONE_CALL. + measureMask: type: string + format: google-fieldmask + description: >- + Measures to return. Defaults to all measures if this field is + unspecified. A valid mask should traverse from the `measure` field + from the response. For example, a path from a measure mask to get + the conversation count is "conversation_measure.count". + dimensions: + items: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dimension' + type: array + description: >- + The dimensions that determine the grouping key for the query. + Defaults to no dimension if this field is unspecified. If a + dimension is specified, its key must also be specified. Each + dimension's key must be unique. If a time granularity is also + specified, metric values in the dimension will be bucketed by this + granularity. Up to one dimension is supported for now. + timeGranularity: enumDescriptions: - - Default value, if unspecified will default to PHONE_CALL. - - The format for conversations that took place over the phone. - - The format for conversations that took place over chat. + - The time granularity is unspecified and will default to NONE. + - >- + No time granularity. The response won't contain a time series. + This is the default value if no time granularity is specified. + - >- + Data points in the time series will aggregate at a daily + granularity. 1 day means [midnight to midnight). + - >- + Data points in the time series will aggregate at a daily + granularity. 1 HOUR means [01:00 to 02:00). + - >- + Data points in the time series will aggregate at a daily + granularity. PER_MINUTE means [01:00 to 01:01). + - >- + Data points in the time series will aggregate at a 1 minute + granularity. PER_5_MINUTES means [01:00 to 01:05). + - >- + Data points in the time series will aggregate at a monthly + granularity. 1 MONTH means [01st of the month to 1st of the next + month). enum: - - MEDIUM_UNSPECIFIED - - PHONE_CALL - - CHAT - duration: - description: Output only. The duration of the conversation. - readOnly: true - type: string - format: google-duration - turnCount: - description: Output only. The number of turns in the conversation. - readOnly: true - type: integer - format: int32 - latestAnalysis: - description: Output only. The conversation's latest analysis, if one exists. - readOnly: true - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Analysis' - latestSummary: - description: Output only. Latest summary of the conversation. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationSummarizationSuggestionData - runtimeAnnotations: + - TIME_GRANULARITY_UNSPECIFIED + - NONE + - DAILY + - HOURLY + - PER_MINUTE + - PER_5_MINUTES + - MONTHLY description: >- - Output only. The annotations that were generated during the customer - and agent interaction. - readOnly: true - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1RuntimeAnnotation - dialogflowIntents: + The time granularity of each data point in the time series. Defaults + to NONE if this field is unspecified. + type: string + description: The request for querying metrics. + type: object + id: GoogleCloudContactcenterinsightsV1QueryMetricsRequest + GoogleCloudContactcenterinsightsV1FaqAnswerData: + properties: + answer: + description: The piece of text from the `source` knowledge base document. + type: string + source: description: >- - Output only. All the matched Dialogflow intents in the call. The key - corresponds to a Dialogflow intent, format: - projects/{project}/agent/{agent}/intents/{intent} - readOnly: true + The knowledge document that this answer was extracted from. Format: + projects/{project}/knowledgeBases/{knowledge_base}/documents/{document}. + type: string + metadata: type: object + description: >- + Map that contains metadata about the FAQ answer and the document + that it originates from. additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1DialogflowIntent - obfuscatedUserId: - description: Obfuscated user ID which the customer sent to us. + type: string + question: + description: The corresponding FAQ question. type: string - GoogleCloudContactcenterinsightsV1ConversationCallMetadata: - id: GoogleCloudContactcenterinsightsV1ConversationCallMetadata - description: Call-specific metadata. + confidenceScore: + description: >- + The system's confidence score that this answer is a good match for + this conversation, ranging from 0.0 (completely uncertain) to 1.0 + (completely certain). + type: number + format: float + queryRecord: + description: >- + The name of the answer record. Format: + projects/{project}/locations/{location}/answerRecords/{answer_record} + type: string + description: Agent Assist frequently-asked-question answer data. + id: GoogleCloudContactcenterinsightsV1FaqAnswerData type: object - properties: - customerChannel: - description: The audio channel that contains the customer. - type: integer - format: int32 - agentChannel: - description: The audio channel that contains the agent. - type: integer - format: int32 GoogleCloudContactcenterinsightsV1ConversationDataSource: - id: GoogleCloudContactcenterinsightsV1ConversationDataSource - description: The conversation source, which is a combination of transcript and audio. - type: object properties: - gcsSource: - description: A Cloud Storage location specification for the audio and transcript. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1GcsSource' dialogflowSource: - description: The source when the conversation comes from Dialogflow. $ref: >- #/components/schemas/GoogleCloudContactcenterinsightsV1DialogflowSource + description: The source when the conversation comes from Dialogflow. metadataUri: + type: string description: >- Cloud Storage URI that points to a file that contains the conversation metadata. - type: string - GoogleCloudContactcenterinsightsV1GcsSource: - id: GoogleCloudContactcenterinsightsV1GcsSource - description: A Cloud Storage source of conversation data. + gcsSource: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1GcsSource' + description: A Cloud Storage location specification for the audio and transcript. type: object - properties: - audioUri: - description: >- - Cloud Storage URI that points to a file that contains the - conversation audio. - type: string - transcriptUri: - description: >- - Immutable. Cloud Storage URI that points to a file that contains the - conversation transcript. - type: string - GoogleCloudContactcenterinsightsV1DialogflowSource: - id: GoogleCloudContactcenterinsightsV1DialogflowSource - description: A Dialogflow source of conversation data. + description: The conversation source, which is a combination of transcript and audio. + id: GoogleCloudContactcenterinsightsV1ConversationDataSource + GoogleCloudContactcenterinsightsV1PhraseMatcher: + id: GoogleCloudContactcenterinsightsV1PhraseMatcher type: object + description: The phrase matcher resource. properties: - dialogflowConversation: + updateTime: description: >- - Output only. The name of the Dialogflow conversation that this - conversation resource is derived from. Format: - projects/{project}/locations/{location}/conversations/{conversation} + Output only. The most recent time at which the phrase matcher was + updated. + format: google-datetime readOnly: true type: string - audioUri: - description: >- - Cloud Storage URI that points to a file that contains the - conversation audio. - type: string - GoogleCloudContactcenterinsightsV1ConversationQualityMetadata: - id: GoogleCloudContactcenterinsightsV1ConversationQualityMetadata - description: Conversation metadata related to quality management. - type: object - properties: - customerSatisfactionRating: - description: >- - An arbitrary integer value indicating the customer's satisfaction - rating. - type: integer - format: int32 - waitDuration: - description: The amount of time the customer waited to connect with an agent. + displayName: type: string - format: google-duration - menuPath: + description: The human-readable name of the phrase matcher. + revisionId: description: >- - An arbitrary string value specifying the menu path the customer - took. + Output only. Immutable. The revision ID of the phrase matcher. A new + revision is committed whenever the matcher is changed, except when + it is activated or deactivated. A server generated random ID will be + used. Example: + locations/global/phraseMatchers/my-first-matcher@1234567 type: string - agentInfo: - description: Information about agents involved in the call. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationQualityMetadataAgentInfo - feedbackLabels: - description: Input only. The feedback labels associated with the conversation. - type: array + readOnly: true + phraseMatchRuleGroups: items: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel - GoogleCloudContactcenterinsightsV1ConversationQualityMetadataAgentInfo: - id: GoogleCloudContactcenterinsightsV1ConversationQualityMetadataAgentInfo - description: Information about an agent involved in the conversation. - type: object - properties: - agentId: - description: A user-specified string representing the agent. - type: string - displayName: - description: The agent's name. - type: string - team: - description: >- - A user-specified string representing the agent's team. Deprecated in - favor of the `teams` field. - deprecated: true - type: string - teams: - description: User-specified strings representing the agent's teams. + #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatchRuleGroup type: array - items: - type: string - dispositionCode: + description: A list of phase match rule groups that are included in this matcher. + versionTag: description: >- - A user-provided string indicating the outcome of the agent's segment - of the call. + The customized version tag to use for the phrase matcher. If not + specified, it will default to `revision_id`. type: string - agentType: - description: The agent type, e.g. HUMAN_AGENT. + type: + description: Required. The type of this phrase matcher. type: string + enum: + - PHRASE_MATCHER_TYPE_UNSPECIFIED + - ALL_OF + - ANY_OF enumDescriptions: - - Participant's role is not set. - - Participant is a human agent. - - Participant is an automated agent. - - Participant is an end user who conversed with the contact center. - - Participant is either a human or automated agent. + - Unspecified. + - Must meet all phrase match rule groups or there is no match. + - If any of the phrase match rule groups are met, there is a match. + name: + type: string + description: >- + The resource name of the phrase matcher. Format: + projects/{project}/locations/{location}/phraseMatchers/{phrase_matcher} + roleMatch: enum: - ROLE_UNSPECIFIED - HUMAN_AGENT - AUTOMATED_AGENT - END_USER - ANY_AGENT - location: - description: The agent's location. - type: string - GoogleCloudContactcenterinsightsV1FeedbackLabel: - id: GoogleCloudContactcenterinsightsV1FeedbackLabel - description: >- - Represents a conversation, resource, and label provided by the user. Can - take the form of a string label or a QaAnswer label. QaAnswer labels are - used for Quality AI example conversations. String labels are used for - Topic Modeling. AgentAssistSummary labels are used for Agent Assist - Summarization. - type: object - properties: - label: - description: String label used for Topic Modeling. - type: string - qaAnswerLabel: - description: QaAnswer label used for Quality AI example conversations. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaAnswerAnswerValue - name: description: >- - Immutable. Resource name of the FeedbackLabel. Format: - projects/{project}/locations/{location}/conversations/{conversation}/feedbackLabels/{feedback_label} + The role whose utterances the phrase matcher should be matched + against. If the role is ROLE_UNSPECIFIED it will be matched against + any utterances in the transcript. + enumDescriptions: + - Participant's role is not set. + - Participant is a human agent. + - Participant is an automated agent. + - Participant is an end user who conversed with the contact center. + - Participant is either a human or automated agent. type: string - labeledResource: + activationUpdateTime: description: >- - Name of the resource to be labeled. Supported resources are: * - `projects/{project}/locations/{location}/qaScorecards/{scorecard}/revisions/{revision}/qaQuestions/{question}` - * - `projects/{project}/locations/{location}/issueModels/{issue_model}` - * - `projects/{project}/locations/{location}/generators/{generator_id}` - type: string - createTime: - description: Output only. Create time of the label. + Output only. The most recent time at which the activation status was + updated. readOnly: true - type: string format: google-datetime - updateTime: - description: Output only. Update time of the label. - readOnly: true type: string + revisionCreateTime: + readOnly: true format: google-datetime - GoogleCloudContactcenterinsightsV1QaAnswerAnswerValue: - id: GoogleCloudContactcenterinsightsV1QaAnswerAnswerValue - description: >- - Message for holding the value of a QaAnswer. QaQuestion.AnswerChoice - defines the possible answer values for a question. - type: object - properties: - strValue: - description: String value. type: string - numValue: - description: Numerical value. - type: number - format: double - boolValue: - description: Boolean value. - type: boolean - naValue: - description: A value of "Not Applicable (N/A)". Should only ever be `true`. - type: boolean - skipValue: description: >- - Output only. A value of "Skip". If provided, this field may only be - set to `true`. If a question receives this answer, it will be - excluded from any score calculations. This would mean that the - question was not evaluated. - readOnly: true + Output only. The timestamp of when the revision was created. It is + also the create time when a new matcher is added. + active: + description: Applies the phrase matcher only when it is active. type: boolean - key: - description: >- - A short string used as an identifier. Matches the value used in - QaQuestion.AnswerChoice.key. - type: string + GoogleCloudContactcenterinsightsV1QaScorecardResultQaTagResult: + id: GoogleCloudContactcenterinsightsV1QaScorecardResultQaTagResult + description: Tags and their corresponding results. + properties: score: - description: Output only. Numerical score of the answer. - readOnly: true - type: number format: double - potentialScore: - description: Output only. The maximum potential score of the question. - readOnly: true type: number - format: double + description: The score the tag applies to. normalizedScore: - description: >- - Output only. Normalized score of the questions. Calculated as score - / potential_score. - readOnly: true type: number + description: The normalized score the tag applies to. format: double - GoogleCloudContactcenterinsightsV1ConversationTranscript: - id: GoogleCloudContactcenterinsightsV1ConversationTranscript - description: A message representing the transcript of a conversation. + tag: + type: string + description: The tag the score applies to. + potentialScore: + format: double + description: The potential score the tag applies to. + type: number type: object + GoogleCloudContactcenterinsightsV1alpha1ConversationLevelSilence: + description: Conversation-level silence data. properties: - transcriptSegments: - description: >- - A list of sequential transcript segments that comprise the - conversation. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegment - GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegment: - id: >- - GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegment - description: A segment of a full transcript. + silenceDuration: + format: google-duration + description: Amount of time calculated to be in silence. + type: string + silencePercentage: + format: float + description: Percentage of the total conversation spent in silence. + type: number + type: object + id: GoogleCloudContactcenterinsightsV1alpha1ConversationLevelSilence + GoogleCloudContactcenterinsightsV1alpha1CreateIssueModelMetadata: type: object properties: - messageTime: - description: The time that the message occurred, if provided. + endTime: + readOnly: true type: string + description: Output only. The time the operation finished running. format: google-datetime - text: - description: The text of this segment. + request: + description: The original request for creation. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1CreateIssueModelRequest + createTime: + format: google-datetime + readOnly: true type: string - confidence: - description: >- - A confidence estimate between 0.0 and 1.0 of the fidelity of this - segment. A default value of 0.0 indicates that the value is unset. - type: number - format: float - words: + description: Output only. The time the operation was created. + id: GoogleCloudContactcenterinsightsV1alpha1CreateIssueModelMetadata + description: Metadata for creating an issue model. + GoogleCloudContactcenterinsightsV1alpha1GcsSource: + properties: + audioUri: description: >- - A list of the word-specific information for each word in the - segment. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentWordInfo - languageCode: + Cloud Storage URI that points to a file that contains the + conversation audio. + type: string + transcriptUri: + type: string description: >- - The language code of this segment as a - [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. - Example: "en-US". + Immutable. Cloud Storage URI that points to a file that contains the + conversation transcript. + id: GoogleCloudContactcenterinsightsV1alpha1GcsSource + type: object + description: A Cloud Storage source of conversation data. + GoogleCloudContactcenterinsightsV1ListAssessmentsResponse: + properties: + nextPageToken: type: string - channelTag: description: >- - For conversations derived from multi-channel audio, this is the - channel number corresponding to the audio from that channel. For - audioChannelCount = N, its output values can range from '1' to 'N'. - A channel tag of 0 indicates that the audio is mono. - type: integer - format: int32 - segmentParticipant: - description: The participant of this segment. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationParticipant - dialogflowSegmentMetadata: - description: CCAI metadata relating to the current transcript segment. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + assessments: + items: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Assessment' + type: array + description: The assessments that match the request. + description: The response of listing assessments. + id: GoogleCloudContactcenterinsightsV1ListAssessmentsResponse + type: object + GoogleCloudContactcenterinsightsV1AnnotatorSelectorQaConfig: + type: object + description: Configuration for the QA feature. + id: GoogleCloudContactcenterinsightsV1AnnotatorSelectorQaConfig + properties: + scorecardList: + description: A manual list of scorecards to score. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentDialogflowSegmentMetadata - sentiment: - description: The sentiment for this transcript segment. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SentimentData' - GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentWordInfo: - id: >- - GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentWordInfo - description: Word-level info for words in a transcript. + #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotatorSelectorQaConfigScorecardList + GoogleCloudContactcenterinsightsV1InitializeEncryptionSpecResponse: + id: GoogleCloudContactcenterinsightsV1InitializeEncryptionSpecResponse + properties: {} type: object + description: The response to initialize a location-level encryption specification. + GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataRequestBigQueryDestination: + type: object + description: A BigQuery Table Reference. properties: - startOffset: - description: >- - Time offset of the start of this word relative to the beginning of - the total conversation. - type: string - format: google-duration - endOffset: + table: description: >- - Time offset of the end of this word relative to the beginning of the - total conversation. + The BigQuery table name to which the insights data should be + written. If this table does not exist, the export call returns an + INVALID_ARGUMENT error. type: string - format: google-duration - word: - description: The word itself. Includes punctuation marks that surround the word. + dataset: type: string - confidence: description: >- - A confidence estimate between 0.0 and 1.0 of the fidelity of this - word. A default value of 0.0 indicates that the value is unset. - type: number - format: float - GoogleCloudContactcenterinsightsV1ConversationParticipant: - id: GoogleCloudContactcenterinsightsV1ConversationParticipant - description: The call participant speaking for a given utterance. - type: object + Required. The name of the BigQuery dataset that the snapshot result + should be exported to. If this dataset does not exist, the export + call returns an INVALID_ARGUMENT error. + projectId: + description: >- + A project ID or number. If specified, then export will attempt to + write data to this project instead of the resource project. + Otherwise, the resource project will be used. + type: string + id: >- + GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataRequestBigQueryDestination + GoogleCloudContactcenterinsightsV1QaScorecard: properties: - dialogflowParticipantName: + name: description: >- - The name of the participant provided by Dialogflow. Format: - projects/{project}/locations/{location}/conversations/{conversation}/participants/{participant} + Identifier. The scorecard name. Format: + projects/{project}/locations/{location}/qaScorecards/{qa_scorecard} type: string - userId: - description: A user-specified ID representing the participant. + isDefault: + description: >- + Whether the scorecard is the default one for the project. A default + scorecard cannot be deleted and will always appear first in + scorecard selector. + type: boolean + createTime: + format: google-datetime type: string - dialogflowParticipant: + description: Output only. The time at which this scorecard was created. + readOnly: true + updateTime: + type: string + format: google-datetime + readOnly: true description: >- - Deprecated. Use `dialogflow_participant_name` instead. The name of - the Dialogflow participant. Format: - projects/{project}/locations/{location}/conversations/{conversation}/participants/{participant} - deprecated: true + Output only. The most recent time at which the scorecard was + updated. + displayName: type: string - obfuscatedExternalUserId: - description: Obfuscated user ID from Dialogflow. + description: The user-specified display name of the scorecard. + description: type: string - role: - description: The role of the participant. + description: A text description explaining the intent of the scorecard. + source: + enum: + - QA_SCORECARD_SOURCE_UNSPECIFIED + - QA_SCORECARD_SOURCE_CUSTOMER_DEFINED + - QA_SCORECARD_SOURCE_DISCOVERY_ENGINE type: string enumDescriptions: - - Participant's role is not set. - - Participant is a human agent. - - Participant is an automated agent. - - Participant is an end user who conversed with the contact center. - - Participant is either a human or automated agent. - enum: - - ROLE_UNSPECIFIED - - HUMAN_AGENT - - AUTOMATED_AGENT - - END_USER - - ANY_AGENT - GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentDialogflowSegmentMetadata: - id: >- - GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentDialogflowSegmentMetadata - description: Metadata from Dialogflow relating to the current transcript segment. - type: object - properties: - smartReplyAllowlistCovered: - description: >- - Whether the transcript segment was covered under the configured - smart reply allowlist in Agent Assist. - type: boolean - GoogleCloudContactcenterinsightsV1SentimentData: - id: GoogleCloudContactcenterinsightsV1SentimentData - description: The data for a sentiment annotation. - type: object - properties: - magnitude: - description: >- - A non-negative number from 0 to infinity which represents the - absolute magnitude of sentiment regardless of score. - type: number - format: float - score: - description: The sentiment score between -1.0 (negative) and 1.0 (positive). - type: number - format: float - GoogleCloudContactcenterinsightsV1Analysis: - id: GoogleCloudContactcenterinsightsV1Analysis - description: The analysis resource. + - >- + The source of the scorecard is unspecified. Default to + QA_SCORECARD_SOURCE_CUSTOMER_DEFINED. + - The scorecard is a custom scorecard created by the user. + - >- + The scorecard is a scorecard created through discovery engine + deployment. + readOnly: true + description: Output only. The source of the scorecard. type: object + description: >- + A QaScorecard represents a collection of questions to be scored during + analysis. + id: GoogleCloudContactcenterinsightsV1QaScorecard + GoogleCloudContactcenterinsightsV1SampleConversationsMetadata: properties: - name: - description: >- - Immutable. The resource name of the analysis. Format: - projects/{project}/locations/{location}/conversations/{conversation}/analyses/{analysis} + createTime: type: string - requestTime: - description: Output only. The time at which the analysis was requested. + format: google-datetime + description: Output only. The time the operation was created. readOnly: true - type: string + endTime: format: google-datetime - createTime: - description: >- - Output only. The time at which the analysis was created, which - occurs when the long-running operation completes. readOnly: true + description: Output only. The time the operation finished running. type: string - format: google-datetime - analysisResult: + sampleConversationsStats: + description: Output only. Statistics for SampleConversations operation. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1SampleConversationsMetadataSampleConversationsStats + readOnly: true + request: description: >- - Output only. The result of the analysis, which is populated when the - analysis finishes. + Output only. The original request for sample conversations to + dataset. readOnly: true $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnalysisResult - annotatorSelector: + #/components/schemas/GoogleCloudContactcenterinsightsV1SampleConversationsRequest + partialErrors: + items: + $ref: '#/components/schemas/GoogleRpcStatus' + readOnly: true + type: array description: >- - To select the annotators to run and the phrase matchers to use (if - any). If not specified, all annotators will be run. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotatorSelector - GoogleCloudContactcenterinsightsV1AnalysisResult: - id: GoogleCloudContactcenterinsightsV1AnalysisResult - description: The result of an analysis. + Output only. Partial errors during sample conversations operation + that might cause the operation output to be incomplete. + description: The metadata for an SampleConversations operation. + id: GoogleCloudContactcenterinsightsV1SampleConversationsMetadata + type: object + GoogleCloudContactcenterinsightsV1ScheduleInfo: + id: GoogleCloudContactcenterinsightsV1ScheduleInfo type: object + description: Message for schedule info. properties: - callAnalysisMetadata: - description: Call-specific metadata created by the analysis. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnalysisResultCallAnalysisMetadata + schedule: + type: string + description: >- + The groc expression. Format: `every number [synchronized]` Time + units can be: minutes, hours Synchronized is optional and indicates + that the schedule should be synchronized to the start of the + interval: every 5 minutes synchronized means 00:00, 00:05 ... + Otherwise the start time is random within the interval. Example: + `every 5 minutes` could be 00:02, 00:07, 00:12, ... + timeZone: + type: string + description: >- + The timezone to use for the groc expression. If not specified, + defaults to UTC. + startTime: + format: google-datetime + type: string + description: >- + Start time of the schedule. If not specified, will start as soon as + the schedule is created. endTime: - description: The time at which the analysis ended. + description: >- + End time of the schedule. If not specified, will keep scheduling new + pipelines for execution util the schedule is no longer active or + deleted. type: string format: google-datetime - GoogleCloudContactcenterinsightsV1AnalysisResultCallAnalysisMetadata: - id: GoogleCloudContactcenterinsightsV1AnalysisResultCallAnalysisMetadata - description: Call-specific metadata created during analysis. + GoogleCloudContactcenterinsightsV1DialogflowInteractionData: + id: GoogleCloudContactcenterinsightsV1DialogflowInteractionData + description: Dialogflow interaction data. type: object properties: - annotations: - description: A list of call annotations that apply to this call. + dialogflowIntentId: + description: >- + The Dialogflow intent resource path. Format: + projects/{project}/agent/{agent}/intents/{intent} + type: string + confidence: + type: number + description: >- + The confidence of the match ranging from 0.0 (completely uncertain) + to 1.0 (completely certain). + format: float + GoogleCloudContactcenterinsightsV1AnnotatorSelectorQaConfigScorecardList: + description: Container for a list of scorecards. + id: GoogleCloudContactcenterinsightsV1AnnotatorSelectorQaConfigScorecardList + type: object + properties: + qaScorecardRevisions: type: array items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1CallAnnotation - entities: - description: All the entities in the call. - type: object + type: string + description: List of QaScorecardRevisions. + GoogleCloudContactcenterinsightsV1alpha1IssueModelLabelStatsIssueStats: + id: GoogleCloudContactcenterinsightsV1alpha1IssueModelLabelStatsIssueStats + type: object + properties: + labeledConversationsCount: + type: string + format: int64 + description: Number of conversations attached to the issue at this point in time. + issue: + description: >- + Issue resource. Format: + projects/{project}/locations/{location}/issueModels/{issue_model}/issues/{issue} + type: string + displayName: + type: string + description: Display name of the issue. + description: Aggregated statistics about an issue. + GoogleCloudContactcenterinsightsV1alpha1ConversationSummarizationSuggestionData: + type: object + id: >- + GoogleCloudContactcenterinsightsV1alpha1ConversationSummarizationSuggestionData + properties: + conversationModel: + type: string + description: >- + The name of the model that generates this summary. Format: + projects/{project}/locations/{location}/conversationModels/{conversation_model} + answerRecord: + description: >- + The name of the answer record. Format: + projects/{project}/locations/{location}/answerRecords/{answer_record} + type: string + text: + description: The summarization content that is concatenated into one string. + type: string + metadata: additionalProperties: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Entity' - sentiments: - description: Overall conversation-level sentiment for each channel of the call. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationLevelSentiment - silence: - description: Overall conversation-level silence during the call. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationLevelSilence - intents: - description: All the matched intents in the call. + type: string + description: >- + A map that contains metadata about the summarization and the + document from which it originates. type: object + textSections: additionalProperties: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Intent' - phraseMatchers: - description: All the matched phrase matchers in the call. + type: string + description: >- + The summarization content that is divided into sections. The key is + the section's name and the value is the section's content. There is + no specific format for the key or value. type: object - additionalProperties: + generatorId: + description: Agent Assist generator ID. + type: string + confidence: + type: number + format: float + description: The confidence score of the summarization. + description: Conversation summarization suggestion data. + GoogleCloudContactcenterinsightsV1alpha1QaAnswer: + properties: + answerSources: + items: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatchData - issueModelResult: - description: Overall conversation-level issue modeling result. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaAnswerAnswerSource + description: List of all individual answers given to the question. + type: array + answerValue: + description: The main answer value, incorporating any manual edits if they exist. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModelResult - qaScorecardResults: - description: Results of scoring QaScorecards. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaAnswerAnswerValue + qaQuestion: + description: The QaQuestion answered by this answer. + type: string + conversation: + description: The conversation the answer applies to. + type: string + questionBody: + type: string + description: Question text. E.g., "Did the agent greet the customer?" + tags: type: array items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardResult - GoogleCloudContactcenterinsightsV1CallAnnotation: - id: GoogleCloudContactcenterinsightsV1CallAnnotation - description: A piece of metadata that applies to a window of a call. - type: object - properties: - interruptionData: - description: Data specifying an interruption. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1InterruptionData - sentimentData: - description: Data specifying sentiment. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SentimentData' - silenceData: - description: Data specifying silence. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SilenceData' - holdData: - description: Data specifying a hold. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1HoldData' - entityMentionData: - description: Data specifying an entity mention. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1EntityMentionData - intentMatchData: - description: Data specifying an intent match. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IntentMatchData - phraseMatchData: - description: Data specifying a phrase match. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatchData - issueMatchData: - description: Data specifying an issue match. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IssueMatchData - channelTag: - description: >- - The channel of the audio where the annotation occurs. For - single-channel audio, this field is not populated. - type: integer - format: int32 - annotationStartBoundary: - description: >- - The boundary in the conversation where the annotation starts, - inclusive. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotationBoundary - annotationEndBoundary: + type: string description: >- - The boundary in the conversation where the annotation ends, - inclusive. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotationBoundary - GoogleCloudContactcenterinsightsV1InterruptionData: - id: GoogleCloudContactcenterinsightsV1InterruptionData - description: The data for an interruption annotation. - type: object - properties: {} - GoogleCloudContactcenterinsightsV1SilenceData: - id: GoogleCloudContactcenterinsightsV1SilenceData - description: The data for a silence annotation. + User-defined list of arbitrary tags. Matches the value from + QaScorecard.ScorecardQuestion.tags. Used for grouping/organization + and for weighting the score of each answer. + id: GoogleCloudContactcenterinsightsV1alpha1QaAnswer type: object - properties: {} - GoogleCloudContactcenterinsightsV1HoldData: - id: GoogleCloudContactcenterinsightsV1HoldData - description: The data for a hold annotation. + description: An answer to a QaQuestion. + GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelRequestGcsSource: + properties: + objectUri: + description: 'Required. Format: `gs:///`' + type: string + description: Google Cloud Storage Object URI to get the issue model file from. + id: GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelRequestGcsSource type: object - properties: {} - GoogleCloudContactcenterinsightsV1EntityMentionData: - id: GoogleCloudContactcenterinsightsV1EntityMentionData - description: >- - The data for an entity mention annotation. This represents a mention of - an `Entity` in the conversation. + GoogleCloudContactcenterinsightsV1UserInfo: type: object + id: GoogleCloudContactcenterinsightsV1UserInfo + description: Information about a user. properties: - entityUniqueId: - description: >- - The key of this entity in conversation entities. Can be used to - retrieve the exact `Entity` this mention is attached to. - type: string - type: - description: The type of the entity mention. + username: + description: The user's username. type: string - enumDescriptions: - - Unspecified. - - Proper noun. - - Common noun (or noun compound). - enum: - - MENTION_TYPE_UNSPECIFIED - - PROPER - - COMMON - sentiment: - description: Sentiment expressed for this mention of the entity. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SentimentData' - GoogleCloudContactcenterinsightsV1IntentMatchData: - id: GoogleCloudContactcenterinsightsV1IntentMatchData - description: >- - The data for an intent match. Represents an intent match for a text - segment in the conversation. A text segment can be part of a sentence, a - complete sentence, or an utterance with multiple sentences. + GoogleCloudContactcenterinsightsV1ListPhraseMatchersResponse: + description: The response of listing phrase matchers. + id: GoogleCloudContactcenterinsightsV1ListPhraseMatchersResponse type: object properties: - intentUniqueId: + nextPageToken: description: >- - The id of the matched intent. Can be used to retrieve the - corresponding intent information. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - GoogleCloudContactcenterinsightsV1PhraseMatchData: - id: GoogleCloudContactcenterinsightsV1PhraseMatchData - description: >- - The data for a matched phrase matcher. Represents information - identifying a phrase matcher for a given match. - type: object - properties: - phraseMatcher: - description: The unique identifier (the resource name) of the phrase matcher. + phraseMatchers: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatcher + description: The phrase matchers that match the request. + GoogleCloudContactcenterinsightsV1alpha1SampleRule: + description: Message for sampling conversations. + type: object + properties: + dimension: type: string - displayName: - description: The human-readable name of the phrase matcher. + description: >- + Optional. Group by dimension to sample the conversation. If no + dimension is provided, the sampling will be applied to the project + level. Current supported dimensions is + 'quality_metadata.agent_info.agent_id'. + sampleRow: + format: int64 type: string - GoogleCloudContactcenterinsightsV1IssueMatchData: - id: GoogleCloudContactcenterinsightsV1IssueMatchData - description: The data for an issue match annotation. + description: >- + Number of the conversations that we should sample based on the + dimension. + samplePercentage: + description: >- + Percentage of conversations that we should sample based on the + dimension between [0, 100]. + format: double + type: number + conversationFilter: + type: string + description: >- + To specify the filter for the conversions that should apply this + sample rule. An empty filter means this sample rule applies to all + conversations. + id: GoogleCloudContactcenterinsightsV1alpha1SampleRule + GoogleCloudContactcenterinsightsV1QueryInterval: + description: A time window for querying conversations. type: object properties: - issueAssignment: - description: Information about the issue's assignment. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IssueAssignment - GoogleCloudContactcenterinsightsV1IssueAssignment: - id: GoogleCloudContactcenterinsightsV1IssueAssignment - description: Information about the issue. + startTime: + description: Required. The start time of the time window. + type: string + format: google-datetime + endTime: + format: google-datetime + description: Required. The end time of the time window. + type: string + id: GoogleCloudContactcenterinsightsV1QueryInterval + GoogleTypeExpr: type: object + id: GoogleTypeExpr properties: - issue: - description: Resource name of the assigned issue. + location: + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. type: string - score: + title: description: >- - Score indicating the likelihood of the issue assignment. currently - bounded on [0,1]. - type: number - format: double - displayName: + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + type: string + description: description: >- - Immutable. Display name of the assigned issue. This field is set at - time of analysis and immutable since then. + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + expression: + description: >- + Textual representation of an expression in Common Expression + Language syntax. type: string - GoogleCloudContactcenterinsightsV1AnnotationBoundary: - id: GoogleCloudContactcenterinsightsV1AnnotationBoundary description: >- - A point in a conversation that marks the start or the end of an - annotation. + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + GoogleCloudContactcenterinsightsV1CalculateStatsResponse: + id: GoogleCloudContactcenterinsightsV1CalculateStatsResponse + description: The response for calculating conversation statistics. type: object properties: - wordIndex: + issueMatchesStats: description: >- - The word index of this boundary with respect to the first word in - the transcript piece. This index starts at zero. + A map associating each issue resource name with its respective + number of matches in the set of conversations. Key has the format: + `projects//locations//issueModels//issues/` + type: object + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModelLabelStatsIssueStats + averageTurnCount: type: integer + description: The average number of turns per conversation. format: int32 - transcriptIndex: + customHighlighterMatches: + type: object description: >- - The index in the sequence of transcribed pieces of the conversation - where the boundary is located. This index starts at zero. - type: integer + A map associating each custom highlighter resource name with its + respective number of matches in the set of conversations. + additionalProperties: + type: integer + format: int32 + conversationCount: + description: The total number of conversations. format: int32 - GoogleCloudContactcenterinsightsV1Entity: - id: GoogleCloudContactcenterinsightsV1Entity - description: >- - The data for an entity annotation. Represents a phrase in the - conversation that is a known entity, such as a person, an organization, - or location. - type: object - properties: - displayName: - description: The representative name for the entity. - type: string - type: - description: The entity type. - type: string - enumDescriptions: - - Unspecified. - - Person. - - Location. - - Organization. - - Event. - - Artwork. - - Consumer product. - - Other types of entities. - - >- - Phone number. The metadata lists the phone number (formatted - according to local convention), plus whichever additional elements - appear in the text: * `number` - The actual number, broken down - into sections according to local convention. * `national_prefix` - - Country code, if detected. * `area_code` - Region or area code, if - detected. * `extension` - Phone extension (to be dialed after - connection), if detected. - - >- - Address. The metadata identifies the street number and locality - plus whichever additional elements appear in the text: * - `street_number` - Street number. * `locality` - City or town. * - `street_name` - Street/route name, if detected. * `postal_code` - - Postal code, if detected. * `country` - Country, if detected. * - `broad_region` - Administrative area, such as the state, if - detected. * `narrow_region` - Smaller administrative area, such as - county, if detected. * `sublocality` - Used in Asian addresses to - demark a district within a city, if detected. - - >- - Date. The metadata identifies the components of the date: * `year` - - Four digit year, if detected. * `month` - Two digit month - number, if detected. * `day` - Two digit day number, if detected. - - Number. The metadata is the number itself. - - Price. The metadata identifies the `value` and `currency`. - enum: - - TYPE_UNSPECIFIED - - PERSON - - LOCATION - - ORGANIZATION - - EVENT - - WORK_OF_ART - - CONSUMER_GOOD - - OTHER - - PHONE_NUMBER - - ADDRESS - - DATE - - NUMBER - - PRICE - metadata: - description: >- - Metadata associated with the entity. For most entity types, the - metadata is a Wikipedia URL (`wikipedia_url`) and Knowledge Graph - MID (`mid`), if they are available. For the metadata associated with - other entity types, see the Type table below. + type: integer + issueMatches: + deprecated: true type: object + description: >- + A map associating each issue resource name with its respective + number of matches in the set of conversations. Key has the format: + `projects//locations//issueModels//issues/` Deprecated, use + `issue_matches_stats` field instead. additionalProperties: - type: string - salience: + format: int32 + type: integer + averageDuration: + format: google-duration description: >- - The salience score associated with the entity in the [0, 1.0] range. - The salience score for an entity provides information about the - importance or centrality of that entity to the entire document text. - Scores closer to 0 are less salient, while scores closer to 1.0 are - highly salient. - type: number - format: float - sentiment: + The average duration of all conversations. The average is calculated + using only conversations that have a time duration. + type: string + smartHighlighterMatches: description: >- - The aggregate sentiment expressed for this entity in the - conversation. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SentimentData' - GoogleCloudContactcenterinsightsV1ConversationLevelSentiment: - id: GoogleCloudContactcenterinsightsV1ConversationLevelSentiment - description: One channel of conversation-level sentiment data. + A map associating each smart highlighter display name with its + respective number of matches in the set of conversations. + additionalProperties: + type: integer + format: int32 + type: object + conversationCountTimeSeries: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1CalculateStatsResponseTimeSeries + description: >- + A time series representing the count of conversations created over + time that match that requested filter criteria. + GoogleCloudContactcenterinsightsV1IngestConversationsRequest: + id: GoogleCloudContactcenterinsightsV1IngestConversationsRequest type: object properties: - channelTag: - description: The channel of the audio that the data applies to. + parent: + description: Required. The parent resource for new conversations. + type: string + sampleSize: type: integer format: int32 - sentimentData: - description: Data specifying sentiment. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SentimentData' - GoogleCloudContactcenterinsightsV1ConversationLevelSilence: - id: GoogleCloudContactcenterinsightsV1ConversationLevelSilence - description: Conversation-level silence data. - type: object - properties: - silenceDuration: - description: Amount of time calculated to be in silence. - type: string - format: google-duration - silencePercentage: - description: Percentage of the total conversation spent in silence. - type: number - format: float - GoogleCloudContactcenterinsightsV1Intent: - id: GoogleCloudContactcenterinsightsV1Intent - description: >- - The data for an intent. Represents a detected intent in the - conversation, for example MAKES_PROMISE. + description: >- + Optional. If set, this fields indicates the number of objects to + ingest from the Cloud Storage bucket. If empty, the entire bucket + will be ingested. Unless they are first deleted, conversations + produced through sampling won't be ingested by subsequent ingest + requests. + speechConfig: + description: >- + Optional. Default Speech-to-Text configuration. Optional, will + default to the config specified in Settings. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SpeechConfig' + conversationConfig: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1IngestConversationsRequestConversationConfig + description: Configuration that applies to all conversations. + transcriptObjectConfig: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1IngestConversationsRequestTranscriptObjectConfig + description: Configuration for when `source` contains conversation transcripts. + gcsSource: + description: >- + A cloud storage bucket source. Note that any previously ingested + objects from the source will be skipped to avoid duplication. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1IngestConversationsRequestGcsSource + redactionConfig: + description: >- + Optional. DLP settings for transcript redaction. Optional, will + default to the config specified in Settings. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1RedactionConfig + description: The request to ingest conversations. + GoogleCloudContactcenterinsightsV1TuneQaScorecardRevisionRequest: type: object + description: Request for TuneQaScorecardRevision endpoint. properties: - id: - description: The unique identifier of the intent. - type: string - displayName: - description: The human-readable name of the intent. + filter: + description: >- + Required. Filter for selecting the feedback labels that needs to be + used for training. This filter can be used to limit the feedback + labels used for tuning to a feedback labels created or updated for a + specific time-window etc. type: string - GoogleCloudContactcenterinsightsV1IssueModelResult: - id: GoogleCloudContactcenterinsightsV1IssueModelResult - description: Issue Modeling result on a conversation. + validateOnly: + description: >- + Optional. Run in validate only mode, no fine tuning will actually + run. Data quality validations like training data distributions will + run. Even when set to false, the data quality validations will still + run but once the validations complete we will proceed with the fine + tune, if applicable. + type: boolean + id: GoogleCloudContactcenterinsightsV1TuneQaScorecardRevisionRequest + GoogleCloudContactcenterinsightsV1ListConversationsResponse: type: object properties: - issueModel: - description: >- - Issue model that generates the result. Format: - projects/{project}/locations/{location}/issueModels/{issue_model} - type: string - issues: - description: All the matched issues. - type: array + conversations: + description: The conversations that match the request. items: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IssueAssignment - GoogleCloudContactcenterinsightsV1QaScorecardResult: - id: GoogleCloudContactcenterinsightsV1QaScorecardResult - description: >- - The results of scoring a single conversation against a QaScorecard. - Contains a collection of QaAnswers and aggregate score. + #/components/schemas/GoogleCloudContactcenterinsightsV1Conversation + type: array + nextPageToken: + type: string + description: >- + A token which can be sent as `page_token` to retrieve the next page. + If this field is set, it means there is another page available. If + it is not set, it means no other pages are available. + description: The response of listing conversations. + id: GoogleCloudContactcenterinsightsV1ListConversationsResponse + GoogleCloudContactcenterinsightsV1IssueModel: + description: The issue model resource. type: object properties: + modelType: + enumDescriptions: + - Unspecified model type. + - Type V1. + - Type V2. + type: string + enum: + - MODEL_TYPE_UNSPECIFIED + - TYPE_V1 + - TYPE_V2 + description: Type of the model. name: description: >- - Identifier. The name of the scorecard result. Format: - projects/{project}/locations/{location}/qaScorecardResults/{qa_scorecard_result} + Immutable. The resource name of the issue model. Format: + projects/{project}/locations/{location}/issueModels/{issue_model} type: string - qaScorecardRevision: - description: The QaScorecardRevision scored by this result. + languageCode: + description: Language of the model. type: string - conversation: - description: The conversation scored by this result. + displayName: + description: The representative name for the issue model. + type: string + issueCount: + format: int64 + readOnly: true + description: Output only. Number of issues in this issue model. + type: string + inputDataConfig: + description: Configs for the input data that used to create the issue model. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModelInputDataConfig + state: + enumDescriptions: + - Unspecified. + - Model is not deployed but is ready to deploy. + - Model is being deployed. + - >- + Model is deployed and is ready to be used. A model can only be + used in analysis if it's in this state. + - Model is being undeployed. + - Model is being deleted. + readOnly: true + description: Output only. State of the model. + enum: + - STATE_UNSPECIFIED + - UNDEPLOYED + - DEPLOYING + - DEPLOYED + - UNDEPLOYING + - DELETING type: string + trainingStats: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModelLabelStats + description: >- + Output only. Immutable. The issue model's label statistics on its + training data. + readOnly: true createTime: - description: Output only. The timestamp that the revision was created. readOnly: true type: string format: google-datetime - agentId: - description: ID of the agent that handled the conversation. + description: Output only. The time at which this issue model was created. + updateTime: type: string - qaAnswers: - description: Set of QaAnswers represented in the result. - type: array - items: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1QaAnswer' - score: - description: >- - The overall numerical score of the result, incorporating any manual - edits if they exist. - type: number - format: double - potentialScore: - description: >- - The maximum potential overall score of the scorecard. Any questions - answered using `na_value` are excluded from this calculation. - type: number - format: double - normalizedScore: description: >- - The normalized score, which is the score divided by the potential - score. Any manual edits are included if they exist. - type: number - format: double - qaTagResults: - description: Collection of tags and their scores. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardResultQaTagResult - scoreSources: - description: List of all individual score sets. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardResultScoreSource - GoogleCloudContactcenterinsightsV1QaAnswer: - id: GoogleCloudContactcenterinsightsV1QaAnswer - description: An answer to a QaQuestion. - type: object + Output only. The most recent time at which the issue model was + updated. + readOnly: true + format: google-datetime + id: GoogleCloudContactcenterinsightsV1IssueModel + GoogleCloudContactcenterinsightsV1Note: + description: The conversation assessment note resource. properties: - qaQuestion: - description: The QaQuestion answered by this answer. - type: string - conversation: - description: The conversation the answer applies to. + noteCreator: + description: Output only. The user that created the note. + readOnly: true + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1UserInfo' + updateTime: + readOnly: true + format: google-datetime type: string - questionBody: - description: Question text. E.g., "Did the agent greet the customer?" + description: Output only. The time at which the note was last updated. + content: + description: The note content. type: string - answerValue: - description: The main answer value, incorporating any manual edits if they exist. + assessmentNote: + description: The note is associated to the entire parent assessment. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaAnswerAnswerValue - tags: + #/components/schemas/GoogleCloudContactcenterinsightsV1NoteAssessmentNote + conversationTurnNote: + description: The note is associated with a conversation turn. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1NoteConversationTurnNote + qaQuestionNote: description: >- - User-defined list of arbitrary tags. Matches the value from - QaScorecard.ScorecardQuestion.tags. Used for grouping/organization - and for weighting the score of each answer. - type: array - items: - type: string - answerSources: - description: List of all individual answers given to the question. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaAnswerAnswerSource - GoogleCloudContactcenterinsightsV1QaAnswerAnswerSource: - id: GoogleCloudContactcenterinsightsV1QaAnswerAnswerSource - description: >- - A question may have multiple answers from varying sources, one of which - becomes the "main" answer above. AnswerSource represents each individual - answer. + The note is associated with a QA question in one of the + conversation's scorecard results. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1NoteQaQuestionNote + name: + type: string + description: >- + Identifier. The resource name of the note. Format: + projects/{project}/locations/{location}/conversations/{conversation}/assessments/{assessment}/notes/{note} + createTime: + format: google-datetime + description: Output only. The time at which the note was created. + readOnly: true + type: string type: object + id: GoogleCloudContactcenterinsightsV1Note + GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestConversationConfig: + id: >- + GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestConversationConfig + description: Configuration that applies to all conversations. properties: - sourceType: - description: What created the answer. + customerChannel: + format: int32 + description: >- + Optional. Indicates which of the channels, 1 or 2, contains the + agent. Note that this must be set for conversations to be properly + displayed and analyzed. + type: integer + agentId: type: string - enumDescriptions: - - Source type is unspecified. - - Answer was system-generated; created during an Insights analysis. - - Answer was created by a human via manual edit. - enum: - - SOURCE_TYPE_UNSPECIFIED - - SYSTEM_GENERATED - - MANUAL_EDIT - answerValue: - description: The answer value from this source. + description: >- + Optional. An opaque, user-specified string representing a human + agent who handled all conversations in the import. Note that this + will be overridden if per-conversation metadata is provided through + the `metadata_bucket_uri`. + agentChannel: + type: integer + description: >- + Optional. Indicates which of the channels, 1 or 2, contains the + agent. Note that this must be set for conversations to be properly + displayed and analyzed. + format: int32 + type: object + GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewMetadata: + type: object + description: The metadata for querying performance overview. + id: GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewMetadata + properties: {} + GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorQaConfig: + type: object + description: Configuration for the QA feature. + properties: + scorecardList: + description: A manual list of scorecards to score. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaAnswerAnswerValue - GoogleCloudContactcenterinsightsV1QaScorecardResultQaTagResult: - id: GoogleCloudContactcenterinsightsV1QaScorecardResultQaTagResult - description: Tags and their corresponding results. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorQaConfigScorecardList + id: GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorQaConfig + GoogleCloudContactcenterinsightsV1DeleteQaQuestionTagRequest: type: object + id: GoogleCloudContactcenterinsightsV1DeleteQaQuestionTagRequest + description: The request for deleting a QaQuestionTag. properties: - tag: - description: The tag the score applies to. + name: type: string - score: - description: The score the tag applies to. - type: number - format: double - potentialScore: - description: The potential score the tag applies to. - type: number - format: double - normalizedScore: - description: The normalized score the tag applies to. - type: number - format: double - GoogleCloudContactcenterinsightsV1QaScorecardResultScoreSource: - id: GoogleCloudContactcenterinsightsV1QaScorecardResultScoreSource - description: >- - A scorecard result may have multiple sets of scores from varying - sources, one of which becomes the "main" answer above. A ScoreSource - represents each individual set of scores. + description: Required. The name of the QaQuestionTag to delete. + GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceTimeSeries: + id: >- + GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceTimeSeries + properties: + dataPoints: + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPoint + description: The data points that make up the time series . + type: array type: object + description: A time series of metric values. + GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewResponse: properties: - sourceType: - description: What created the score. + summaryText: type: string - enumDescriptions: - - Source type is unspecified. - - Score is derived only from system-generated answers. - - >- - Score is derived from both system-generated answers, and includes - any manual edits if they exist. - enum: - - SOURCE_TYPE_UNSPECIFIED - - SYSTEM_GENERATED_ONLY - - INCLUDES_MANUAL_EDITS - score: - description: The overall numerical score of the result. - type: number - format: double - potentialScore: - description: >- - The maximum potential overall score of the scorecard. Any questions - answered using `na_value` are excluded from this calculation. - type: number - format: double - normalizedScore: - description: >- - The normalized score, which is the score divided by the potential - score. - type: number - format: double - qaTagResults: - description: Collection of tags and their scores. + description: The summary text of the performance. + description: The response for querying performance overview. + type: object + id: GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewResponse + GoogleCloudContactcenterinsightsV1DimensionConversationalAgentsPlaybookDimensionMetadata: + id: >- + GoogleCloudContactcenterinsightsV1DimensionConversationalAgentsPlaybookDimensionMetadata + properties: + playbookDisplayName: + description: Optional. The dialogflow playbook display name. + type: string + playbookId: + type: string + description: Optional. The dialogflow playbook ID. + description: Metadata about the Conversational Agents playbook dimension. + type: object + GoogleCloudContactcenterinsightsV1alpha1ListAllFeedbackLabelsResponse: + type: object + id: GoogleCloudContactcenterinsightsV1alpha1ListAllFeedbackLabelsResponse + properties: + feedbackLabels: + description: The feedback labels that match the request. type: array items: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardResultQaTagResult - GoogleCloudContactcenterinsightsV1AnnotatorSelector: - id: GoogleCloudContactcenterinsightsV1AnnotatorSelector - description: Selector of all available annotators and phrase matchers to run. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1FeedbackLabel + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + description: The response for listing all feedback labels. + GoogleCloudContactcenterinsightsV1SettingsAnalysisConfig: + description: Default configuration when creating Analyses in Insights. type: object + id: GoogleCloudContactcenterinsightsV1SettingsAnalysisConfig properties: - runInterruptionAnnotator: - description: Whether to run the interruption annotator. - type: boolean - runSilenceAnnotator: - description: Whether to run the silence annotator. - type: boolean - runPhraseMatcherAnnotator: - description: Whether to run the active phrase matcher annotator(s). - type: boolean - phraseMatchers: + annotatorSelector: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotatorSelector description: >- - The list of phrase matchers to run. If not provided, all active - phrase matchers will be used. If inactive phrase matchers are - provided, they will not be used. Phrase matchers will be run only if - run_phrase_matcher_annotator is set to true. Format: - projects/{project}/locations/{location}/phraseMatchers/{phrase_matcher} - type: array - items: - type: string - runSentimentAnnotator: - description: Whether to run the sentiment annotator. - type: boolean - runEntityAnnotator: - description: Whether to run the entity annotator. - type: boolean - runIntentAnnotator: - description: Whether to run the intent annotator. - type: boolean - runIssueModelAnnotator: + To select the annotators to run and the phrase matchers to use (if + any). If not specified, all annotators will be run. + uploadConversationAnalysisPercentage: description: >- - Whether to run the issue model annotator. A model should have - already been deployed for this to take effect. - type: boolean - issueModels: + Percentage of conversations created using the UploadConversation + endpoint to analyze automatically, between [0, 100]. + type: number + format: double + runtimeIntegrationAnalysisPercentage: + type: number + format: double description: >- - The issue model to run. If not provided, the most recently deployed - topic model will be used. The provided issue model will only be used - for inference if the issue model is deployed and if - run_issue_model_annotator is set to true. If more than one issue - model is provided, only the first provided issue model will be used - for inference. - type: array - items: - type: string - runSummarizationAnnotator: - description: Whether to run the summarization annotator. - type: boolean - summarizationConfig: - description: Configuration for the summarization annotator. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotatorSelectorSummarizationConfig - runQaAnnotator: - description: Whether to run the QA annotator. - type: boolean - qaConfig: - description: Configuration for the QA annotator. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotatorSelectorQaConfig - GoogleCloudContactcenterinsightsV1AnnotatorSelectorSummarizationConfig: - id: GoogleCloudContactcenterinsightsV1AnnotatorSelectorSummarizationConfig - description: Configuration for summarization. + Percentage of conversations created using Dialogflow runtime + integration to analyze automatically, between [0, 100]. + GoogleCloudContactcenterinsightsV1alpha1BulkDeleteFeedbackLabelsRequest: + description: Request for the BulkDeleteFeedbackLabels endpoint. type: object + id: GoogleCloudContactcenterinsightsV1alpha1BulkDeleteFeedbackLabelsRequest properties: - conversationProfile: + filter: description: >- - Resource name of the Dialogflow conversation profile. Format: - projects/{project}/locations/{location}/conversationProfiles/{conversation_profile} - type: string - summarizationModel: - description: Default summarization model to be used. + Optional. A filter to reduce results to a specific subset. Supports + disjunctions (OR) and conjunctions (AND). Supported fields: * + `issue_model_id` * `qa_question_id` * `qa_scorecard_id` * + `min_create_time` * `max_create_time` * `min_update_time` * + `max_update_time` * `feedback_label_type`: QUALITY_AI, + TOPIC_MODELING type: string - enumDescriptions: - - Unspecified summarization model. - - >- - The CCAI baseline model. This model is deprecated and will be - removed in the future. We recommend using `generator` instead. - - >- - The CCAI baseline model, V2.0. This model is deprecated and will - be removed in the future. We recommend using `generator` instead. - enumDeprecated: - - false - - true - - true - enum: - - SUMMARIZATION_MODEL_UNSPECIFIED - - BASELINE_MODEL - - BASELINE_MODEL_V2_0 - generator: - description: >- - The resource name of the existing created generator. Format: - projects//locations//generators/ + parent: + description: Required. The parent resource for new feedback labels. type: string - GoogleCloudContactcenterinsightsV1AnnotatorSelectorQaConfig: - id: GoogleCloudContactcenterinsightsV1AnnotatorSelectorQaConfig - description: Configuration for the QA feature. - type: object - properties: - scorecardList: - description: A manual list of scorecards to score. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotatorSelectorQaConfigScorecardList - GoogleCloudContactcenterinsightsV1AnnotatorSelectorQaConfigScorecardList: - id: GoogleCloudContactcenterinsightsV1AnnotatorSelectorQaConfigScorecardList - description: Container for a list of scorecards. + GoogleCloudContactcenterinsightsV1alpha1SampleConversationsResponse: + properties: {} + id: GoogleCloudContactcenterinsightsV1alpha1SampleConversationsResponse + description: The response to an SampleConversations operation. type: object + GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsMetadata: + id: GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsMetadata properties: - qaScorecardRevisions: - description: List of QaScorecardRevisions. - type: array + partialErrors: items: - type: string - GoogleCloudContactcenterinsightsV1ConversationSummarizationSuggestionData: - id: >- - GoogleCloudContactcenterinsightsV1ConversationSummarizationSuggestionData - description: Conversation summarization suggestion data. - type: object - properties: - text: - description: The summarization content that is concatenated into one string. - type: string - textSections: - description: >- - The summarization content that is divided into sections. The key is - the section's name and the value is the section's content. There is - no specific format for the key or value. - type: object - additionalProperties: - type: string - confidence: - description: The confidence score of the summarization. - type: number - format: float - metadata: - description: >- - A map that contains metadata about the summarization and the - document from which it originates. - type: object - additionalProperties: - type: string - answerRecord: - description: >- - The name of the answer record. Format: - projects/{project}/locations/{location}/answerRecords/{answer_record} - type: string - conversationModel: + $ref: '#/components/schemas/GoogleRpcStatus' description: >- - The name of the model that generates this summary. Format: - projects/{project}/locations/{location}/conversationModels/{conversation_model} + Partial errors during ingest operation that might cause the + operation output to be incomplete. + type: array + createTime: type: string - generatorId: - description: Agent Assist generator ID. + format: google-datetime + description: Output only. The time the operation was created. + readOnly: true + request: + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequest + description: Output only. The original request for download. + endTime: type: string - GoogleCloudContactcenterinsightsV1RuntimeAnnotation: - id: GoogleCloudContactcenterinsightsV1RuntimeAnnotation - description: >- - An annotation that was generated during the customer and agent - interaction. + description: Output only. The time the operation finished running. + readOnly: true + format: google-datetime + downloadStats: + description: Output only. Statistics for BulkDownloadFeedbackLabels operation. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsMetadataDownloadStats + description: Metadata for the BulkDownloadFeedbackLabel endpoint. type: object + GoogleCloudContactcenterinsightsV1alpha1Analysis: + id: GoogleCloudContactcenterinsightsV1alpha1Analysis properties: - articleSuggestion: - description: Agent Assist Article Suggestion data. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ArticleSuggestionData - faqAnswer: - description: Agent Assist FAQ answer data. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1FaqAnswerData' - smartReply: - description: Agent Assist Smart Reply data. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1SmartReplyData - smartComposeSuggestion: - description: Agent Assist Smart Compose suggestion data. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1SmartComposeSuggestionData - dialogflowInteraction: - description: Dialogflow interaction data. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1DialogflowInteractionData - conversationSummarizationSuggestion: - description: Conversation summarization suggestion data. + annotatorSelector: + description: >- + To select the annotators to run and the phrase matchers to use (if + any). If not specified, all annotators will be run. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationSummarizationSuggestionData - annotationId: + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelector + name: description: >- - The unique identifier of the annotation. Format: - projects/{project}/locations/{location}/conversationDatasets/{dataset}/conversationDataItems/{data_item}/conversationAnnotations/{annotation} + Immutable. The resource name of the analysis. Format: + projects/{project}/locations/{location}/conversations/{conversation}/analyses/{analysis} type: string createTime: - description: The time at which this annotation was created. - type: string + readOnly: true format: google-datetime - startBoundary: description: >- - The boundary in the conversation where the annotation starts, - inclusive. + Output only. The time at which the analysis was created, which + occurs when the long-running operation completes. + type: string + requestTime: + readOnly: true + format: google-datetime + type: string + description: Output only. The time at which the analysis was requested. + analysisResult: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotationBoundary - endBoundary: + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnalysisResult + readOnly: true description: >- - The boundary in the conversation where the annotation ends, - inclusive. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotationBoundary - answerFeedback: - description: The feedback that the customer has about the answer in `data`. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnswerFeedback - userInput: - description: Explicit input used for generating the answer - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1RuntimeAnnotationUserInput - GoogleCloudContactcenterinsightsV1ArticleSuggestionData: - id: GoogleCloudContactcenterinsightsV1ArticleSuggestionData - description: Agent Assist Article Suggestion data. + Output only. The result of the analysis, which is populated when the + analysis finishes. + type: object + description: The analysis resource. + GoogleCloudContactcenterinsightsV1QaQuestionTuningMetadata: type: object properties: - title: - description: Article title. - type: string - uri: - description: Article URI. - type: string - confidenceScore: - description: >- - The system's confidence score that this article is a good match for - this conversation, ranging from 0.0 (completely uncertain) to 1.0 - (completely certain). - type: number - format: float - metadata: - description: >- - Map that contains metadata about the Article Suggestion and the - document that it originates from. - type: object - additionalProperties: + datasetValidationWarnings: + items: type: string - queryRecord: + enum: + - DATASET_VALIDATION_WARNING_UNSPECIFIED + - TOO_MANY_INVALID_FEEDBACK_LABELS + - INSUFFICIENT_FEEDBACK_LABELS + - INSUFFICIENT_FEEDBACK_LABELS_PER_ANSWER + - ALL_FEEDBACK_LABELS_HAVE_THE_SAME_ANSWER + enumDescriptions: + - Unspecified data validation warning. + - A non-trivial percentage of the feedback labels are invalid. + - >- + The quantity of valid feedback labels provided is less than the + recommended minimum. + - >- + One or more of the answers have less than the recommended + minimum of feedback labels. + - All the labels in the dataset come from a single answer choice. description: >- - The name of the answer record. Format: - projects/{project}/locations/{location}/answerRecords/{answer_record} + A list of any applicable data validation warnings about the + question's feedback labels. + type: array + totalValidLabelCount: type: string - source: description: >- - The knowledge document that this answer was extracted from. Format: - projects/{project}/knowledgeBases/{knowledge_base}/documents/{document} + Total number of valid labels provided for the question at the time + of tuining. + format: int64 + tuningError: type: string - GoogleCloudContactcenterinsightsV1FaqAnswerData: - id: GoogleCloudContactcenterinsightsV1FaqAnswerData - description: Agent Assist frequently-asked-question answer data. + description: >- + Error status of the tuning operation for the question. Will only be + set if the tuning operation failed. + id: GoogleCloudContactcenterinsightsV1QaQuestionTuningMetadata + description: >- + Metadata about the tuning operation for the question. Will only be set + if a scorecard containing this question has been tuned. + GoogleCloudContactcenterinsightsV1AnnotatorSelector: type: object properties: - answer: - description: The piece of text from the `source` knowledge base document. - type: string - confidenceScore: + runQaAnnotator: + description: Whether to run the QA annotator. + type: boolean + runIssueModelAnnotator: description: >- - The system's confidence score that this answer is a good match for - this conversation, ranging from 0.0 (completely uncertain) to 1.0 - (completely certain). - type: number - format: float - question: - description: The corresponding FAQ question. - type: string - metadata: + Whether to run the issue model annotator. A model should have + already been deployed for this to take effect. + type: boolean + runInterruptionAnnotator: + type: boolean + description: Whether to run the interruption annotator. + phraseMatchers: + type: array description: >- - Map that contains metadata about the FAQ answer and the document - that it originates from. - type: object - additionalProperties: + The list of phrase matchers to run. If not provided, all active + phrase matchers will be used. If inactive phrase matchers are + provided, they will not be used. Phrase matchers will be run only if + run_phrase_matcher_annotator is set to true. Format: + projects/{project}/locations/{location}/phraseMatchers/{phrase_matcher} + items: type: string - queryRecord: - description: >- - The name of the answer record. Format: - projects/{project}/locations/{location}/answerRecords/{answer_record} - type: string - source: + runEntityAnnotator: + description: Whether to run the entity annotator. + type: boolean + summarizationConfig: + description: Configuration for the summarization annotator. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotatorSelectorSummarizationConfig + runSilenceAnnotator: + description: Whether to run the silence annotator. + type: boolean + runIntentAnnotator: + description: Whether to run the intent annotator. + type: boolean + runSummarizationAnnotator: + description: Whether to run the summarization annotator. + type: boolean + runPhraseMatcherAnnotator: + description: Whether to run the active phrase matcher annotator(s). + type: boolean + issueModels: + type: array description: >- - The knowledge document that this answer was extracted from. Format: - projects/{project}/knowledgeBases/{knowledge_base}/documents/{document}. - type: string - GoogleCloudContactcenterinsightsV1SmartReplyData: - id: GoogleCloudContactcenterinsightsV1SmartReplyData - description: Agent Assist Smart Reply data. + The issue model to run. If not provided, the most recently deployed + topic model will be used. The provided issue model will only be used + for inference if the issue model is deployed and if + run_issue_model_annotator is set to true. If more than one issue + model is provided, only the first provided issue model will be used + for inference. + items: + type: string + runSentimentAnnotator: + description: Whether to run the sentiment annotator. + type: boolean + qaConfig: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotatorSelectorQaConfig + description: Configuration for the QA annotator. + id: GoogleCloudContactcenterinsightsV1AnnotatorSelector + description: Selector of all available annotators and phrase matchers to run. + GoogleCloudContactcenterinsightsV1QaQuestionPredefinedQuestionConfig: + description: >- + Configuration for a predefined question. This field will only be set if + the Question Type is predefined. + id: GoogleCloudContactcenterinsightsV1QaQuestionPredefinedQuestionConfig type: object properties: - reply: - description: The content of the reply. + type: type: string - confidenceScore: - description: >- - The system's confidence score that this reply is a good match for - this conversation, ranging from 0.0 (completely uncertain) to 1.0 - (completely certain). - type: number - format: double - metadata: + enum: + - PREDEFINED_QUESTION_TYPE_UNSPECIFIED + - CONVERSATION_OUTCOME + - CONVERSATION_OUTCOME_ESCALATION_INITIATOR_ROLE + enumDescriptions: + - The type of the predefined question is unspecified. + - >- + A prebuilt classifier classfying the outcome of the conversation. + For example, if the customer issue mentioned in a conversation has + been resolved or not. + - >- + A prebuilt classifier classfying the initiator of the conversation + escalation. For example, if it was initiated by the customer or + the agent. + description: The type of the predefined question. + GoogleCloudContactcenterinsightsV1GcsSource: + id: GoogleCloudContactcenterinsightsV1GcsSource + properties: + audioUri: description: >- - Map that contains metadata about the Smart Reply and the document - from which it originates. - type: object - additionalProperties: - type: string - queryRecord: + Cloud Storage URI that points to a file that contains the + conversation audio. + type: string + transcriptUri: description: >- - The name of the answer record. Format: - projects/{project}/locations/{location}/answerRecords/{answer_record} + Immutable. Cloud Storage URI that points to a file that contains the + conversation transcript. type: string - GoogleCloudContactcenterinsightsV1SmartComposeSuggestionData: - id: GoogleCloudContactcenterinsightsV1SmartComposeSuggestionData - description: Agent Assist Smart Compose suggestion data. + description: A Cloud Storage source of conversation data. type: object + GoogleCloudContactcenterinsightsV1IssueModelInputDataConfig: + id: GoogleCloudContactcenterinsightsV1IssueModelInputDataConfig properties: - suggestion: - description: The content of the suggestion. + trainingConversationsCount: + readOnly: true + format: int64 type: string - confidenceScore: - description: >- - The system's confidence score that this suggestion is a good match - for this conversation, ranging from 0.0 (completely uncertain) to - 1.0 (completely certain). - type: number - format: double - metadata: + description: Output only. Number of conversations used in training. Output only. + filter: description: >- - Map that contains metadata about the Smart Compose suggestion and - the document from which it originates. - type: object - additionalProperties: - type: string - queryRecord: + A filter to reduce the conversations used for training the model to + a specific subset. Refer to + https://cloud.google.com/contact-center/insights/docs/filtering for + details. + type: string + medium: + deprecated: true + enum: + - MEDIUM_UNSPECIFIED + - PHONE_CALL + - CHAT description: >- - The name of the answer record. Format: - projects/{project}/locations/{location}/answerRecords/{answer_record} + Medium of conversations used in training data. This field is being + deprecated. To specify the medium to be used in training a new issue + model, set the `medium` field on `filter`. type: string - GoogleCloudContactcenterinsightsV1DialogflowInteractionData: - id: GoogleCloudContactcenterinsightsV1DialogflowInteractionData - description: Dialogflow interaction data. + enumDescriptions: + - Default value, if unspecified will default to PHONE_CALL. + - The format for conversations that took place over the phone. + - The format for conversations that took place over chat. + description: Configs for the input data used to create the issue model. type: object + GoogleCloudContactcenterinsightsV1alpha1DimensionMediumDimensionMetadata: + description: Metadata about the conversation medium dimension. + type: object + id: GoogleCloudContactcenterinsightsV1alpha1DimensionMediumDimensionMetadata properties: - dialogflowIntentId: + medium: description: >- - The Dialogflow intent resource path. Format: - projects/{project}/agent/{agent}/intents/{intent} + Optional. The conversation medium. Currently supports : PHONE_CALL, + CHAT. type: string - confidence: - description: >- - The confidence of the match ranging from 0.0 (completely uncertain) - to 1.0 (completely certain). - type: number - format: float - GoogleCloudContactcenterinsightsV1AnswerFeedback: - id: GoogleCloudContactcenterinsightsV1AnswerFeedback - description: >- - The feedback that the customer has about a certain answer in the - conversation. + GoogleCloudContactcenterinsightsV1alpha1ConversationCallMetadata: type: object properties: - correctnessLevel: - description: The correctness level of an answer. + customerChannel: + format: int32 + description: The audio channel that contains the customer. + type: integer + agentChannel: + type: integer + description: The audio channel that contains the agent. + format: int32 + id: GoogleCloudContactcenterinsightsV1alpha1ConversationCallMetadata + description: Call-specific metadata. + GoogleCloudContactcenterinsightsV1alpha1UndeployIssueModelMetadata: + id: GoogleCloudContactcenterinsightsV1alpha1UndeployIssueModelMetadata + properties: + request: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1UndeployIssueModelRequest + description: The original request for undeployment. + endTime: + description: Output only. The time the operation finished running. + readOnly: true type: string - enumDescriptions: - - Correctness level unspecified. - - Answer is totally wrong. - - Answer is partially correct. - - Answer is fully correct. - enum: - - CORRECTNESS_LEVEL_UNSPECIFIED - - NOT_CORRECT - - PARTIALLY_CORRECT - - FULLY_CORRECT - clicked: - description: Indicates whether an answer or item was clicked by the human agent. - type: boolean - displayed: - description: >- - Indicates whether an answer or item was displayed to the human agent - in the agent desktop UI. - type: boolean - GoogleCloudContactcenterinsightsV1RuntimeAnnotationUserInput: - id: GoogleCloudContactcenterinsightsV1RuntimeAnnotationUserInput - description: Explicit input used for generating the answer + format: google-datetime + createTime: + format: google-datetime + type: string + readOnly: true + description: Output only. The time the operation was created. + description: Metadata for undeploying an issue model. + type: object + GoogleCloudContactcenterinsightsV1ListAssessmentRulesResponse: + id: GoogleCloudContactcenterinsightsV1ListAssessmentRulesResponse type: object + description: The response of listing assessment rules. properties: - query: + nextPageToken: description: >- - Query text. Article Search uses this to store the input query used - to generate the search results. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - generatorName: + assessmentRules: + description: The assessment rules that match the request. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AssessmentRule + GoogleCloudContactcenterinsightsV1IssueModelResult: + description: Issue Modeling result on a conversation. + type: object + id: GoogleCloudContactcenterinsightsV1IssueModelResult + properties: + issueModel: description: >- - The resource name of associated generator. Format: - `projects//locations//generators/` + Issue model that generates the result. Format: + projects/{project}/locations/{location}/issueModels/{issue_model} type: string - querySource: - description: Query source for the answer. + issues: + type: array + description: All the matched issues. + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1IssueAssignment + GoogleCloudContactcenterinsightsV1IngestConversationsRequestGcsSource: + id: GoogleCloudContactcenterinsightsV1IngestConversationsRequestGcsSource + description: Configuration for Cloud Storage bucket sources. + type: object + properties: + bucketUri: type: string - enumDescriptions: - - Unknown query source. - - The query is from agents. - - >- - The query is a query from previous suggestions, e.g. from a - preceding SuggestKnowledgeAssist response. + description: >- + Optional. The Cloud Storage bucket containing source objects. Avoid + passing this. Pass this through one of `transcript_bucket_uri` or + `audio_bucket_uri`. + customMetadataKeys: + items: + type: string + description: >- + Optional. Custom keys to extract as conversation labels from + metadata files in `metadata_bucket_uri`. Keys not included in this + field will be ignored. Note that there is a limit of 100 labels per + conversation. + type: array + metadataBucketUri: + description: >- + Optional. The Cloud Storage path to the conversation metadata. Note + that: [1] Metadata files are expected to be in JSON format. [2] + Metadata and source files (transcripts or audio) must be in separate + buckets / folders. [3] A source file and its corresponding metadata + file must share the same name to be properly ingested, E.g. + `gs://bucket/audio/conversation1.mp3` and + `gs://bucket/metadata/conversation1.json`. + type: string + audioBucketUri: + description: >- + Optional. The Cloud Storage path to the conversation audio file. + Note that: [1] Audio files will be transcribed if not already. [2] + Audio files and transcript files must be in separate buckets / + folders. [3] A source file and its corresponding audio file must + share the same name to be properly ingested, E.g. + `gs://bucket/transcript/conversation1.json` and + `gs://bucket/audio/conversation1.mp3`. + type: string + transcriptBucketUri: + description: >- + Optional. The Cloud Storage path to the conversation transcripts. + Note that: [1] Transcript files are expected to be in JSON format. + [2] Transcript, audio, metadata files must be in separate buckets / + folders. [3] A source file and its corresponding metadata file must + share the same name to be properly ingested, E.g. + `gs://bucket/audio/conversation1.mp3` and + `gs://bucket/metadata/conversation1.json`. + type: string + bucketObjectType: enum: - - QUERY_SOURCE_UNSPECIFIED - - AGENT_QUERY - - SUGGESTED_QUERY - GoogleCloudContactcenterinsightsV1DialogflowIntent: - id: GoogleCloudContactcenterinsightsV1DialogflowIntent + - BUCKET_OBJECT_TYPE_UNSPECIFIED + - TRANSCRIPT + - AUDIO + type: string + enumDescriptions: + - The object type is unspecified and will default to `TRANSCRIPT`. + - The object is a transcript. + - The object is an audio file. + description: >- + Optional. Specifies the type of the objects in `bucket_uri`. Avoid + passing this. This is inferred from the `transcript_bucket_uri`, + `audio_bucket_uri`. + GoogleCloudContactcenterinsightsV1alpha1PhraseMatchData: + id: GoogleCloudContactcenterinsightsV1alpha1PhraseMatchData + properties: + phraseMatcher: + description: The unique identifier (the resource name) of the phrase matcher. + type: string + displayName: + description: The human-readable name of the phrase matcher. + type: string description: >- - The data for a Dialogflow intent. Represents a detected intent in the - conversation, e.g. MAKES_PROMISE. + The data for a matched phrase matcher. Represents information + identifying a phrase matcher for a given match. type: object + GoogleCloudContactcenterinsightsV1IssueAssignment: + description: Information about the issue. + id: GoogleCloudContactcenterinsightsV1IssueAssignment properties: + issue: + type: string + description: Resource name of the assigned issue. displayName: - description: The human-readable name of the intent. + description: >- + Immutable. Display name of the assigned issue. This field is set at + time of analysis and immutable since then. type: string - GoogleCloudContactcenterinsightsV1UploadConversationRequest: - id: GoogleCloudContactcenterinsightsV1UploadConversationRequest - description: Request to upload a conversation. + score: + format: double + type: number + description: >- + Score indicating the likelihood of the issue assignment. currently + bounded on [0,1]. type: object + GoogleCloudContactcenterinsightsV1IngestConversationsRequestConversationConfig: properties: - parent: - description: Required. The parent resource of the conversation. + agentId: + type: string + description: >- + Optional. An opaque, user-specified string representing a human + agent who handled all conversations in the import. Note that this + will be overridden if per-conversation metadata is provided through + the `metadata_bucket_uri`. + agentChannel: + type: integer + format: int32 + description: >- + Optional. Indicates which of the channels, 1 or 2, contains the + agent. Note that this must be set for conversations to be properly + displayed and analyzed. + customerChannel: + description: >- + Optional. Indicates which of the channels, 1 or 2, contains the + agent. Note that this must be set for conversations to be properly + displayed and analyzed. + type: integer + format: int32 + type: object + id: >- + GoogleCloudContactcenterinsightsV1IngestConversationsRequestConversationConfig + description: Configuration that applies to all conversations. + GoogleCloudContactcenterinsightsV1ListAnalysisRulesResponse: + id: GoogleCloudContactcenterinsightsV1ListAnalysisRulesResponse + properties: + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + analysisRules: + description: The analysis_rule that match the request. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AnalysisRule + description: The response of listing views. + type: object + GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSlice: + id: GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSlice + description: >- + A slice contains a total and (if the request specified a time + granularity) a time series of metric values. Each slice contains a + unique combination of the cardinality of dimensions from the request. + For example, if the request specifies a single ISSUE dimension and it + has a cardinality of 2 (i.e. the data used to compute the metrics has 2 + issues in total), the response will have 2 slices: * Slice 1 -> + dimensions=[Issue 1] * Slice 2 -> dimensions=[Issue 2] + type: object + properties: + total: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPoint + description: >- + The total metric value. The interval of this data point is [starting + create time, ending create time) from the request. + dimensions: + description: A unique combination of dimensions that this slice represents. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1Dimension + timeSeries: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceTimeSeries + description: >- + A time series of metric values. This is only populated if the + request specifies a time granularity other than NONE. + GoogleCloudContactcenterinsightsV1ExportInsightsDataRequestBigQueryDestination: + type: object + description: A BigQuery Table Reference. + properties: + table: + type: string + description: >- + The BigQuery table name to which the insights data should be + written. If this table does not exist, the export call returns an + INVALID_ARGUMENT error. + projectId: + description: >- + A project ID or number. If specified, then export will attempt to + write data to this project instead of the resource project. + Otherwise, the resource project will be used. + type: string + dataset: + description: >- + Required. The name of the BigQuery dataset that the snapshot result + should be exported to. If this dataset does not exist, the export + call returns an INVALID_ARGUMENT error. type: string + id: >- + GoogleCloudContactcenterinsightsV1ExportInsightsDataRequestBigQueryDestination + GoogleCloudContactcenterinsightsV1UploadConversationRequest: + type: object + properties: conversation: description: Required. The conversation resource to create. $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Conversation' conversationId: + type: string description: >- Optional. A unique ID for the new conversation. This ID will become the final component of the conversation's resource name. If no ID is specified, a server-generated ID will be used. This value should be 4-64 characters and must match the regular expression `^[a-z0-9-]{4,64}$`. Valid characters are `a-z-` + speechConfig: + description: >- + Optional. Speech-to-Text configuration. Will default to the config + specified in Settings. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SpeechConfig' + parent: + description: Required. The parent resource of the conversation. type: string redactionConfig: description: >- @@ -1682,2210 +1820,1844 @@ components: config specified in Settings. $ref: >- #/components/schemas/GoogleCloudContactcenterinsightsV1RedactionConfig - speechConfig: + id: GoogleCloudContactcenterinsightsV1UploadConversationRequest + description: Request to upload a conversation. + GoogleCloudContactcenterinsightsV1ListAuthorizedViewsResponse: + description: The response from a ListAuthorizedViews request. + properties: + nextPageToken: + type: string description: >- - Optional. Speech-to-Text configuration. Will default to the config - specified in Settings. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SpeechConfig' - GoogleCloudContactcenterinsightsV1RedactionConfig: - id: GoogleCloudContactcenterinsightsV1RedactionConfig - description: >- - DLP resources used for redaction while ingesting conversations. DLP - settings are applied to conversations ingested from the - `UploadConversation` and `IngestConversations` endpoints, including - conversation coming from CCAI Platform. They are not applied to - conversations ingested from the `CreateConversation` endpoint or the - Dialogflow / Agent Assist runtime integrations. When using Dialogflow / - Agent Assist runtime integrations, redaction should be performed in - Dialogflow / Agent Assist. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + authorizedViews: + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedView + type: array + description: The AuthorizedViews under the parent. + id: GoogleCloudContactcenterinsightsV1ListAuthorizedViewsResponse type: object + GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPointConversationMeasure: + description: The measure related to conversations. properties: - deidentifyTemplate: - description: >- - The fully-qualified DLP deidentify template resource name. Format: - `projects/{project}/deidentifyTemplates/{template}` + conversationCount: + format: int32 + type: integer + description: The conversation count. + averageTurnCount: + type: number + description: The average turn count. + format: float + averageSilencePercentage: + format: float + description: The average silence percentage. + type: number + averageAgentSentimentScore: + format: float + type: number + description: The average agent's sentiment score. + averageDuration: + description: The average duration. type: string - inspectTemplate: + format: google-duration + averageQaNormalizedScore: description: >- - The fully-qualified DLP inspect template resource name. Format: - `projects/{project}/locations/{location}/inspectTemplates/{template}` - type: string - GoogleCloudContactcenterinsightsV1SpeechConfig: - id: GoogleCloudContactcenterinsightsV1SpeechConfig - description: >- - Speech-to-Text configuration. Speech-to-Text settings are applied to - conversations ingested from the `UploadConversation` and - `IngestConversations` endpoints, including conversation coming from CCAI - Platform. They are not applied to conversations ingested from the - `CreateConversation` endpoint. - type: object - properties: - speechRecognizer: + The average normalized QA score for a scorecard. When computing the + average across a set of conversations, if a conversation has been + evaluated with multiple revisions of a scorecard, only the latest + revision results will be used. Will exclude 0's in average + calculation. Will be only populated if the request specifies a + dimension of QA_SCORECARD_ID. + format: double + type: number + averageQaQuestionNormalizedScore: + type: number + format: double description: >- - The fully-qualified Speech Recognizer resource name. Format: - `projects/{project_id}/locations/{location}/recognizer/{recognizer}` - type: string - GoogleCloudContactcenterinsightsV1ListConversationsResponse: - id: GoogleCloudContactcenterinsightsV1ListConversationsResponse - description: The response of listing conversations. - type: object - properties: - conversations: - description: The conversations that match the request. + Average QA normalized score averaged for questions averaged across + all revisions of the parent scorecard. Will be only populated if the + request specifies a dimension of QA_QUESTION_ID. + averageCustomerSatisfactionRating: + type: number + description: The average customer satisfaction rating. + format: double + qaTagScores: type: array items: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Conversation - nextPageToken: - description: >- - A token which can be sent as `page_token` to retrieve the next page. - If this field is set, it means there is another page available. If - it is not set, it means no other pages are available. - type: string - GoogleCloudContactcenterinsightsV1Dataset: - id: GoogleCloudContactcenterinsightsV1Dataset - description: >- - Dataset resource represents a collection of conversations that may be - bounded (Static Dataset, e.g. golden dataset for training), or unbounded - (Dynamic Dataset, e.g. live traffic, or agent training traffic) + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPointConversationMeasureQaTagScore + description: Average QA normalized score for all the tags. + averageClientSentimentScore: + format: float + type: number + description: The average client's sentiment score. + id: >- + GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPointConversationMeasure + type: object + GoogleCloudContactcenterinsightsV1ImportIssueModelRequest: type: object + id: GoogleCloudContactcenterinsightsV1ImportIssueModelRequest properties: - name: - description: >- - Immutable. Identifier. Resource name of the dataset. Format: - projects/{project}/locations/{location}/datasets/{dataset} + gcsSource: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ImportIssueModelRequestGcsSource + description: Google Cloud Storage source message. + parent: + description: Required. The parent resource of the issue model. type: string - displayName: - description: Display name for the dataaset + createNewModel: + type: boolean + description: >- + Optional. If set to true, will create an issue model from the + imported file with randomly generated IDs for the issue model and + corresponding issues. Otherwise, replaces an existing model with the + same ID as the file. + description: Request to import an issue model. + GoogleCloudContactcenterinsightsV1QaQuestion: + properties: + tuningMetadata: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionTuningMetadata + description: >- + Metadata about the tuning operation for the question.This field will + only be populated if and only if the question is part of a scorecard + revision that has been tuned. + answerInstructions: type: string - description: - description: Dataset description. + description: Instructions describing how to determine the answer. + answerChoices: + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionAnswerChoice + type: array + description: >- + A list of valid answers to the question, which the LLM must choose + from. + predefinedQuestionConfig: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionPredefinedQuestionConfig + description: >- + The configuration of the predefined question. This field will only + be set if the Question Type is predefined. + tags: + type: array + items: + type: string + description: >- + Questions are tagged for categorization and scoring. Tags can either + be: - Default Tags: These are predefined categories. They are + identified by their string value (e.g., "BUSINESS", "COMPLIANCE", + and "CUSTOMER"). - Custom Tags: These are user-defined categories. + They are identified by their full resource name (e.g., + projects/{project}/locations/{location}/qaQuestionTags/{qa_question_tag}). + Both default and custom tags are used to group questions and to + influence the scoring of each question. + createTime: type: string - type: - description: Dataset usage type. + description: Output only. The time at which this question was created. + format: google-datetime + readOnly: true + order: + format: int32 + type: integer + description: >- + Defines the order of the question within its parent scorecard + revision. + questionType: type: string + enum: + - QA_QUESTION_TYPE_UNSPECIFIED + - CUSTOMIZABLE + - PREDEFINED enumDescriptions: - - Default value for unspecified. - - For evals only. + - The type of the question is unspecified. - >- - Dataset with new conversations coming in regularly (Insights - legacy conversations and AI trainer) - enum: - - TYPE_UNSPECIFIED - - EVAL - - LIVE - ttl: - description: Optional. Option TTL for the dataset. + The default question type. The question is fully customizable by + the user. + - >- + The question type is using a predefined model provided by CCAI + teams. Users are not allowed to edit the question_body, + answer_choices, upload feedback labels for the question nor + fine-tune the question. However, users may edit other fields like + question tags, question order, etc. + description: The type of question. + questionBody: + description: Question text. E.g., "Did the agent greet the customer?" type: string - format: google-duration - createTime: - description: Output only. Dataset create time. - readOnly: true + name: + description: >- + Identifier. The resource name of the question. Format: + projects/{project}/locations/{location}/qaScorecards/{qa_scorecard}/revisions/{revision}/qaQuestions/{qa_question} + type: string + abbreviation: + description: >- + Short, descriptive string, used in the UI where it's not practical + to display the full question body. E.g., "Greeting". type: string - format: google-datetime updateTime: - description: Output only. Dataset update time. readOnly: true type: string format: google-datetime - GoogleCloudContactcenterinsightsV1ListDatasetsResponse: - id: GoogleCloudContactcenterinsightsV1ListDatasetsResponse - description: The response to list datasets. - type: object - properties: - datasets: - description: The datasets that match the request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dataset' - nextPageToken: + description: Output only. The most recent time at which the question was updated. + metrics: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionMetrics description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudContactcenterinsightsV1SampleConversationsRequest: - id: GoogleCloudContactcenterinsightsV1SampleConversationsRequest - description: The request to sample conversations to a dataset. + Metrics of the underlying tuned LLM over a holdout/test set while + fine tuning the underlying LLM for the given question. This field + will only be populated if and only if the question is part of a + scorecard revision that has been tuned. + type: object + description: A single question to be scored by the Insights QA feature. + id: GoogleCloudContactcenterinsightsV1QaQuestion + GoogleCloudContactcenterinsightsV1alpha1Issue: type: object + id: GoogleCloudContactcenterinsightsV1alpha1Issue + description: The issue resource. properties: - destinationDataset: - description: The dataset resource to copy the sampled conversations to. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dataset' - parent: - description: Required. The parent resource of the dataset. + displayName: type: string - sampleRule: - description: Optional. The sample rule used for sampling conversations. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SampleRule' - GoogleCloudContactcenterinsightsV1SampleRule: - id: GoogleCloudContactcenterinsightsV1SampleRule - description: Message for sampling conversations. - type: object - properties: - samplePercentage: - description: >- - Percentage of conversations that we should sample based on the - dimension between [0, 100]. - type: number - format: double - sampleRow: - description: >- - Number of the conversations that we should sample based on the - dimension. + description: The representative name for the issue. + displayDescription: + description: Representative description of the issue. + type: string + name: type: string - format: int64 - dimension: description: >- - Optional. Group by dimension to sample the conversation. If no - dimension is provided, the sampling will be applied to the project - level. Current supported dimensions is - 'quality_metadata.agent_info.agent_id'. + Immutable. The resource name of the issue. Format: + projects/{project}/locations/{location}/issueModels/{issue_model}/issues/{issue} + updateTime: type: string - conversationFilter: + readOnly: true + description: Output only. The most recent time that this issue was updated. + format: google-datetime + sampleUtterances: + readOnly: true + items: + type: string + type: array description: >- - To specify the filter for the conversions that should apply this - sample rule. An empty filter means this sample rule applies to all - conversations. + Output only. Resource names of the sample representative utterances + that match to this issue. + createTime: type: string - GoogleCloudContactcenterinsightsV1ListAnalysesResponse: - id: GoogleCloudContactcenterinsightsV1ListAnalysesResponse - description: The response to list analyses. + description: Output only. The time at which this issue was created. + readOnly: true + format: google-datetime + GoogleCloudContactcenterinsightsV1QaAnswerAnswerSource: + properties: + sourceType: + description: What created the answer. + enumDescriptions: + - Source type is unspecified. + - Answer was system-generated; created during an Insights analysis. + - Answer was created by a human via manual edit. + enum: + - SOURCE_TYPE_UNSPECIFIED + - SYSTEM_GENERATED + - MANUAL_EDIT + type: string + answerValue: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaAnswerAnswerValue + description: The answer value from this source. type: object + description: >- + A question may have multiple answers from varying sources, one of which + becomes the "main" answer above. AnswerSource represents each individual + answer. + id: GoogleCloudContactcenterinsightsV1QaAnswerAnswerSource + GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegmentDialogflowSegmentMetadata: properties: - analyses: - description: The analyses that match the request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Analysis' - nextPageToken: + smartReplyAllowlistCovered: + type: boolean description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsRequest: - id: GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsRequest - description: The request to analyze conversations in bulk. + Whether the transcript segment was covered under the configured + smart reply allowlist in Agent Assist. + id: >- + GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegmentDialogflowSegmentMetadata + type: object + description: Metadata from Dialogflow relating to the current transcript segment. + GoogleCloudContactcenterinsightsV1alpha1UpdateQaQuestionTagRequest: + description: The request for updating a QaQuestionTag. type: object properties: - parent: - description: Required. The parent resource to create analyses in. - type: string - filter: + updateMask: + format: google-fieldmask description: >- - Required. Filter used to select the subset of conversations to - analyze. + Optional. The list of fields to be updated. All possible fields can + be updated by passing `*`, or a subset of the following updateable + fields can be provided: * `qa_question_tag_name` - the name of the + tag * `qa_question_ids` - the list of questions the tag applies to type: string - analysisPercentage: - description: >- - Required. Percentage of selected conversation to analyze, between - [0, 100]. - type: number - format: float - annotatorSelector: - description: >- - To select the annotators to run and the phrase matchers to use (if - any). If not specified, all annotators will be run. + qaQuestionTag: + description: Required. The QaQuestionTag to update. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotatorSelector - GoogleCloudContactcenterinsightsV1BulkDeleteConversationsRequest: - id: GoogleCloudContactcenterinsightsV1BulkDeleteConversationsRequest - description: The request to delete conversations in bulk. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaQuestionTag + id: GoogleCloudContactcenterinsightsV1alpha1UpdateQaQuestionTagRequest + GoogleCloudContactcenterinsightsV1alpha1IssueModelResult: + id: GoogleCloudContactcenterinsightsV1alpha1IssueModelResult type: object properties: - parent: + issueModel: description: >- - Required. The parent resource to delete conversations from. Format: - projects/{project}/locations/{location} + Issue model that generates the result. Format: + projects/{project}/locations/{location}/issueModels/{issue_model} type: string - filter: - description: Filter used to select the subset of conversations to delete. + issues: + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueAssignment + type: array + description: All the matched issues. + description: Issue Modeling result on a conversation. + GoogleCloudContactcenterinsightsV1alpha1DimensionClientSentimentCategoryDimensionMetadata: + type: object + id: >- + GoogleCloudContactcenterinsightsV1alpha1DimensionClientSentimentCategoryDimensionMetadata + properties: + sentimentCategory: type: string - maxDeleteCount: - description: Maximum number of conversations to delete. - type: integer - format: int32 - force: - description: >- - If set to true, all of this conversation's analyses will also be - deleted. Otherwise, the request will only succeed if the - conversation has no analyses. - type: boolean - GoogleCloudContactcenterinsightsV1IngestConversationsRequest: - id: GoogleCloudContactcenterinsightsV1IngestConversationsRequest + description: Optional. The client sentiment category. + description: Metadata about the client sentiment category dimension. + GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequest: description: The request to ingest conversations. type: object properties: + sampleSize: + type: integer + format: int32 + description: >- + Optional. If set, this fields indicates the number of objects to + ingest from the Cloud Storage bucket. If empty, the entire bucket + will be ingested. Unless they are first deleted, conversations + produced through sampling won't be ingested by subsequent ingest + requests. + speechConfig: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SpeechConfig + description: >- + Optional. Default Speech-to-Text configuration. Optional, will + default to the config specified in Settings. gcsSource: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestGcsSource description: >- A cloud storage bucket source. Note that any previously ingested objects from the source will be skipped to avoid duplication. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IngestConversationsRequestGcsSource transcriptObjectConfig: description: Configuration for when `source` contains conversation transcripts. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IngestConversationsRequestTranscriptObjectConfig - parent: - description: Required. The parent resource for new conversations. - type: string + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestTranscriptObjectConfig conversationConfig: - description: Configuration that applies to all conversations. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IngestConversationsRequestConversationConfig + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestConversationConfig + description: Configuration that applies to all conversations. redactionConfig: description: >- Optional. DLP settings for transcript redaction. Optional, will default to the config specified in Settings. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1RedactionConfig - speechConfig: - description: >- - Optional. Default Speech-to-Text configuration. Optional, will - default to the config specified in Settings. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SpeechConfig' - sampleSize: - description: >- - Optional. If set, this fields indicates the number of objects to - ingest from the Cloud Storage bucket. If empty, the entire bucket - will be ingested. Unless they are first deleted, conversations - produced through sampling won't be ingested by subsequent ingest - requests. - type: integer - format: int32 - GoogleCloudContactcenterinsightsV1IngestConversationsRequestGcsSource: - id: GoogleCloudContactcenterinsightsV1IngestConversationsRequestGcsSource - description: Configuration for Cloud Storage bucket sources. - type: object + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1RedactionConfig + parent: + description: Required. The parent resource for new conversations. + type: string + id: GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequest + GoogleCloudContactcenterinsightsV1alpha1DimensionAgentDimensionMetadata: properties: - bucketUri: + agentDisplayName: description: >- - Optional. The Cloud Storage bucket containing source objects. Avoid - passing this. Pass this through one of `transcript_bucket_uri` or - `audio_bucket_uri`. + Optional. The agent's name This will be populated for AGENT, + AGENT_TEAM, AGENT_VERSION_ID, and AGENT_DEPLOYMENT_ID dimensions. type: string - bucketObjectType: + agentDeploymentDisplayName: description: >- - Optional. Specifies the type of the objects in `bucket_uri`. Avoid - passing this. This is inferred from the `transcript_bucket_uri`, - `audio_bucket_uri`. + Optional. The agent's deployment display name. Only applicable to + automated agents. This will be populated for AGENT_DEPLOYMENT_ID + dimensions. + type: string + agentVersionId: type: string - enumDescriptions: - - The object type is unspecified and will default to `TRANSCRIPT`. - - The object is a transcript. - - The object is an audio file. - enum: - - BUCKET_OBJECT_TYPE_UNSPECIFIED - - TRANSCRIPT - - AUDIO - transcriptBucketUri: description: >- - Optional. The Cloud Storage path to the conversation transcripts. - Note that: [1] Transcript files are expected to be in JSON format. - [2] Transcript, audio, metadata files must be in separate buckets / - folders. [3] A source file and its corresponding metadata file must - share the same name to be properly ingested, E.g. - `gs://bucket/audio/conversation1.mp3` and - `gs://bucket/metadata/conversation1.json`. + Optional. The agent's version ID. Only applicable to automated + agents. This will be populated for AGENT_VERSION_ID, and + AGENT_DEPLOYMENT_ID dimensions. + agentTeam: + description: Optional. A user-specified string representing the agent's team. type: string - audioBucketUri: + agentDeploymentId: description: >- - Optional. The Cloud Storage path to the conversation audio file. - Note that: [1] Audio files will be transcribed if not already. [2] - Audio files and transcript files must be in separate buckets / - folders. [3] A source file and its corresponding audio file must - share the same name to be properly ingested, E.g. - `gs://bucket/transcript/conversation1.json` and - `gs://bucket/audio/conversation1.mp3`. + Optional. The agent's deployment ID. Only applicable to automated + agents. This will be populated for AGENT and AGENT_DEPLOYMENT_ID + dimensions. type: string - metadataBucketUri: + agentVersionDisplayName: description: >- - Optional. The Cloud Storage path to the conversation metadata. Note - that: [1] Metadata files are expected to be in JSON format. [2] - Metadata and source files (transcripts or audio) must be in separate - buckets / folders. [3] A source file and its corresponding metadata - file must share the same name to be properly ingested, E.g. - `gs://bucket/audio/conversation1.mp3` and - `gs://bucket/metadata/conversation1.json`. + Optional. The agent's version display name. Only applicable to + automated agents. This will be populated for AGENT_VERSION_ID, and + AGENT_DEPLOYMENT_ID dimensions. type: string - customMetadataKeys: + agentId: description: >- - Optional. Custom keys to extract as conversation labels from - metadata files in `metadata_bucket_uri`. Keys not included in this - field will be ignored. Note that there is a limit of 100 labels per - conversation. - type: array - items: - type: string - GoogleCloudContactcenterinsightsV1IngestConversationsRequestTranscriptObjectConfig: - id: >- - GoogleCloudContactcenterinsightsV1IngestConversationsRequestTranscriptObjectConfig - description: Configuration for processing transcript objects. - type: object - properties: - medium: - description: Required. The medium transcript objects represent. + Optional. A user-specified string representing the agent. This will + be populated for AGENT, AGENT_TEAM, AGENT_VERSION_ID, and + AGENT_DEPLOYMENT_ID dimensions. type: string - enumDescriptions: - - Default value, if unspecified will default to PHONE_CALL. - - The format for conversations that took place over the phone. - - The format for conversations that took place over chat. - enum: - - MEDIUM_UNSPECIFIED - - PHONE_CALL - - CHAT - GoogleCloudContactcenterinsightsV1IngestConversationsRequestConversationConfig: - id: >- - GoogleCloudContactcenterinsightsV1IngestConversationsRequestConversationConfig - description: Configuration that applies to all conversations. + description: Metadata about the agent dimension. + id: GoogleCloudContactcenterinsightsV1alpha1DimensionAgentDimensionMetadata + type: object + GoogleCloudContactcenterinsightsV1alpha1Conversation: + description: The conversation resource. + id: GoogleCloudContactcenterinsightsV1alpha1Conversation type: object properties: + dialogflowIntents: + description: >- + Output only. All the matched Dialogflow intents in the call. The key + corresponds to a Dialogflow intent, format: + projects/{project}/agent/{agent}/intents/{intent} + type: object + readOnly: true + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DialogflowIntent agentId: description: >- - Optional. An opaque, user-specified string representing a human - agent who handled all conversations in the import. Note that this - will be overridden if per-conversation metadata is provided through - the `metadata_bucket_uri`. + An opaque, user-specified string representing the human agent who + handled the conversation. type: string - agentChannel: - description: >- - Optional. Indicates which of the channels, 1 or 2, contains the - agent. Note that this must be set for conversations to be properly - displayed and analyzed. - type: integer - format: int32 - customerChannel: - description: >- - Optional. Indicates which of the channels, 1 or 2, contains the - agent. Note that this must be set for conversations to be properly - displayed and analyzed. - type: integer - format: int32 - GoogleCloudContactcenterinsightsV1ExportInsightsDataRequest: - id: GoogleCloudContactcenterinsightsV1ExportInsightsDataRequest - description: The request to export insights. - type: object - properties: - bigQueryDestination: - description: Specified if sink is a BigQuery table. + dataSource: + description: The source of the audio and transcription for the conversation. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ExportInsightsDataRequestBigQueryDestination - parent: - description: Required. The parent resource to export data from. - type: string - filter: - description: >- - A filter to reduce results to a specific subset. Useful for - exporting conversations with specific properties. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationDataSource + createTime: + readOnly: true + description: Output only. The time at which the conversation was created. type: string - kmsKey: + format: google-datetime + latestSummary: + description: Output only. Latest summary of the conversation. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationSummarizationSuggestionData + readOnly: true + labels: + additionalProperties: + type: string description: >- - A fully qualified KMS key name for BigQuery tables protected by - CMEK. Format: - projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}/cryptoKeyVersions/{version} + A map for the user to specify any custom fields. A maximum of 100 + labels per conversation is allowed, with a maximum of 256 characters + per entry. + type: object + obfuscatedUserId: type: string - writeDisposition: - description: Options for what to do if the destination table already exists. + description: Obfuscated user ID which the customer sent to us. + languageCode: type: string - enumDescriptions: - - Write disposition is not specified. Defaults to WRITE_TRUNCATE. - - >- - If the table already exists, BigQuery will overwrite the table - data and use the schema from the load. - - >- - If the table already exists, BigQuery will append data to the - table. - enum: - - WRITE_DISPOSITION_UNSPECIFIED - - WRITE_TRUNCATE - - WRITE_APPEND - exportSchemaVersion: - description: Optional. Version of the export schema. + description: A user-specified language code for the conversation. + medium: + description: >- + Immutable. The conversation medium, if unspecified will default to + PHONE_CALL. type: string enumDescriptions: - - Unspecified. Defaults to EXPORT_V3. - - Export schema version 1. - - Export schema version 2. - - Export schema version 3. - - Export schema version 4. - - Export schema version 5. - - Export schema version 6. - - Export schema version 7. - - Export schema version 8. - - Export schema version 9. - - Export schema version 10. - - Export schema version latest available. + - Default value, if unspecified will default to PHONE_CALL. + - The format for conversations that took place over the phone. + - The format for conversations that took place over chat. enum: - - EXPORT_SCHEMA_VERSION_UNSPECIFIED - - EXPORT_V1 - - EXPORT_V2 - - EXPORT_V3 - - EXPORT_V4 - - EXPORT_V5 - - EXPORT_V6 - - EXPORT_V7 - - EXPORT_V8 - - EXPORT_V9 - - EXPORT_V10 - - EXPORT_VERSION_LATEST_AVAILABLE - GoogleCloudContactcenterinsightsV1ExportInsightsDataRequestBigQueryDestination: - id: >- - GoogleCloudContactcenterinsightsV1ExportInsightsDataRequestBigQueryDestination - description: A BigQuery Table Reference. - type: object - properties: - projectId: + - MEDIUM_UNSPECIFIED + - PHONE_CALL + - CHAT + expireTime: description: >- - A project ID or number. If specified, then export will attempt to - write data to this project instead of the resource project. - Otherwise, the resource project will be used. + The time at which this conversation should expire. After this time, + the conversation data and any associated analyses will be deleted. + format: google-datetime type: string - dataset: + name: description: >- - Required. The name of the BigQuery dataset that the snapshot result - should be exported to. If this dataset does not exist, the export - call returns an INVALID_ARGUMENT error. + Immutable. The resource name of the conversation. Format: + projects/{project}/locations/{location}/conversations/{conversation} type: string - table: - description: >- - The BigQuery table name to which the insights data should be - written. If this table does not exist, the export call returns an - INVALID_ARGUMENT error. + transcript: + description: Output only. The conversation transcript. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationTranscript + readOnly: true + metadataJson: type: string - GoogleCloudContactcenterinsightsV1IssueModel: - id: GoogleCloudContactcenterinsightsV1IssueModel - description: The issue model resource. - type: object - properties: - name: description: >- - Immutable. The resource name of the issue model. Format: - projects/{project}/locations/{location}/issueModels/{issue_model} - type: string - displayName: - description: The representative name for the issue model. + Input only. JSON metadata encoded as a string. This field is + primarily used by Insights integrations with various telephony + systems and must be in one of Insight's supported formats. + qualityMetadata: + description: Conversation metadata related to quality management. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationQualityMetadata + ttl: + description: >- + Input only. The TTL for this resource. If specified, then this TTL + will be used to calculate the expire time. type: string - createTime: - description: Output only. The time at which this issue model was created. + format: google-duration + duration: + description: Output only. The duration of the conversation. + format: google-duration readOnly: true type: string - format: google-datetime + runtimeAnnotations: + readOnly: true + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1RuntimeAnnotation + description: >- + Output only. The annotations that were generated during the customer + and agent interaction. + type: array updateTime: + readOnly: true description: >- - Output only. The most recent time at which the issue model was + Output only. The most recent time at which the conversation was updated. - readOnly: true type: string format: google-datetime - issueCount: - description: Output only. Number of issues in this issue model. + callMetadata: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationCallMetadata + description: Call-specific metadata. + turnCount: + description: Output only. The number of turns in the conversation. + type: integer readOnly: true + format: int32 + startTime: + format: google-datetime + description: The time at which the conversation started. type: string - format: int64 - state: - description: Output only. State of the model. + latestAnalysis: readOnly: true - type: string - enumDescriptions: - - Unspecified. - - Model is not deployed but is ready to deploy. - - Model is being deployed. - - >- - Model is deployed and is ready to be used. A model can only be - used in analysis if it's in this state. - - Model is being undeployed. - - Model is being deleted. - enum: - - STATE_UNSPECIFIED - - UNDEPLOYED - - DEPLOYING - - DEPLOYED - - UNDEPLOYING - - DELETING - inputDataConfig: - description: Configs for the input data that used to create the issue model. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModelInputDataConfig - trainingStats: - description: >- - Output only. Immutable. The issue model's label statistics on its - training data. - readOnly: true + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1Analysis + description: Output only. The conversation's latest analysis, if one exists. + GoogleCloudContactcenterinsightsV1alpha1QueryPerformanceOverviewMetadata: + id: GoogleCloudContactcenterinsightsV1alpha1QueryPerformanceOverviewMetadata + type: object + description: The metadata for querying performance overview. + properties: {} + GoogleCloudContactcenterinsightsV1ImportIssueModelMetadata: + description: Metadata used for import issue model. + type: object + id: GoogleCloudContactcenterinsightsV1ImportIssueModelMetadata + properties: + request: + description: The original import request. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModelLabelStats - modelType: - description: Type of the model. + #/components/schemas/GoogleCloudContactcenterinsightsV1ImportIssueModelRequest + endTime: + description: The time the operation finished running. type: string - enumDescriptions: - - Unspecified model type. - - Type V1. - - Type V2. - enum: - - MODEL_TYPE_UNSPECIFIED - - TYPE_V1 - - TYPE_V2 - languageCode: - description: Language of the model. + format: google-datetime + createTime: + description: The time the operation was created. + format: google-datetime type: string - GoogleCloudContactcenterinsightsV1IssueModelInputDataConfig: - id: GoogleCloudContactcenterinsightsV1IssueModelInputDataConfig - description: Configs for the input data used to create the issue model. - type: object + GoogleCloudContactcenterinsightsV1alpha1UploadConversationMetadata: properties: - medium: - description: >- - Medium of conversations used in training data. This field is being - deprecated. To specify the medium to be used in training a new issue - model, set the `medium` field on `filter`. - deprecated: true + createTime: + description: Output only. The time the operation was created. + format: google-datetime type: string - enumDescriptions: - - Default value, if unspecified will default to PHONE_CALL. - - The format for conversations that took place over the phone. - - The format for conversations that took place over chat. - enum: - - MEDIUM_UNSPECIFIED - - PHONE_CALL - - CHAT - trainingConversationsCount: - description: Output only. Number of conversations used in training. Output only. readOnly: true + analysisOperation: type: string - format: int64 - filter: description: >- - A filter to reduce the conversations used for training the model to - a specific subset. Refer to - https://cloud.google.com/contact-center/insights/docs/filtering for - details. + Output only. The operation name for a successfully created analysis + operation, if any. + readOnly: true + request: + description: Output only. The original request. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1UploadConversationRequest + readOnly: true + endTime: type: string - GoogleCloudContactcenterinsightsV1IssueModelLabelStats: - id: GoogleCloudContactcenterinsightsV1IssueModelLabelStats - description: Aggregated statistics about an issue model. + readOnly: true + description: Output only. The time the operation finished running. + format: google-datetime + appliedRedactionConfig: + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1RedactionConfig + description: >- + Output only. The redaction config applied to the uploaded + conversation. + id: GoogleCloudContactcenterinsightsV1alpha1UploadConversationMetadata + description: The metadata for an `UploadConversation` operation. type: object + GoogleCloudContactcenterinsightsV1QueryMetricsResponse: + description: The response for querying metrics. + id: GoogleCloudContactcenterinsightsV1QueryMetricsResponse properties: - analyzedConversationsCount: - description: >- - Number of conversations the issue model has analyzed at this point - in time. + updateTime: type: string - format: int64 - unclassifiedConversationsCount: + description: The metrics last update time. + format: google-datetime + slices: + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsResponseSlice description: >- - Number of analyzed conversations for which no issue was applicable - at this point in time. + A slice contains a total and (if the request specified a time + granularity) a time series of metric values. Each slice contains a + unique combination of the cardinality of dimensions from the + request. + type: array + macroAverageSlice: + description: >- + The macro average slice contains aggregated averages across all + selected dimensions. i.e. if group_by agent and scorecard_id is + specified, this field will contain the average across all agents and + all scorecards. This field is only populated if the request + specifies a Dimension. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsResponseSlice + location: + description: >- + Required. The location of the data. + "projects/{project}/locations/{location}" type: string - format: int64 - issueStats: - description: Statistics on each issue. Key is the issue's resource name. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModelLabelStatsIssueStats - GoogleCloudContactcenterinsightsV1IssueModelLabelStatsIssueStats: - id: GoogleCloudContactcenterinsightsV1IssueModelLabelStatsIssueStats - description: Aggregated statistics about an issue. type: object + GoogleCloudContactcenterinsightsV1alpha1CreateIssueModelRequest: properties: - issue: + parent: + description: Required. The parent resource of the issue model. + type: string + issueModel: + description: Required. The issue model to create. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueModel + type: object + id: GoogleCloudContactcenterinsightsV1alpha1CreateIssueModelRequest + description: The request to create an issue model. + GoogleCloudContactcenterinsightsV1ArticleSuggestionData: + description: Agent Assist Article Suggestion data. + properties: + metadata: + additionalProperties: + type: string description: >- - Issue resource. Format: - projects/{project}/locations/{location}/issueModels/{issue_model}/issues/{issue} + Map that contains metadata about the Article Suggestion and the + document that it originates from. + type: object + source: + description: >- + The knowledge document that this answer was extracted from. Format: + projects/{project}/knowledgeBases/{knowledge_base}/documents/{document} type: string - labeledConversationsCount: - description: Number of conversations attached to the issue at this point in time. + queryRecord: type: string - format: int64 - displayName: - description: Display name of the issue. + description: >- + The name of the answer record. Format: + projects/{project}/locations/{location}/answerRecords/{answer_record} + title: type: string - GoogleCloudContactcenterinsightsV1ListIssueModelsResponse: - id: GoogleCloudContactcenterinsightsV1ListIssueModelsResponse - description: The response of listing issue models. + description: Article title. + confidenceScore: + type: number + format: float + description: >- + The system's confidence score that this article is a good match for + this conversation, ranging from 0.0 (completely uncertain) to 1.0 + (completely certain). + uri: + description: Article URI. + type: string + id: GoogleCloudContactcenterinsightsV1ArticleSuggestionData type: object + GoogleLongrunningListOperationsResponse: + description: The response message for Operations.ListOperations. properties: - issueModels: - description: The issue models that match the request. + operations: type: array items: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1IssueModel' - GoogleCloudContactcenterinsightsV1DeployIssueModelRequest: - id: GoogleCloudContactcenterinsightsV1DeployIssueModelRequest - description: The request to deploy an issue model. - type: object - properties: - name: - description: Required. The issue model to deploy. + $ref: '#/components/schemas/GoogleLongrunningOperation' + description: >- + A list of operations that matches the specified filter in the + request. + nextPageToken: type: string - GoogleCloudContactcenterinsightsV1UndeployIssueModelRequest: - id: GoogleCloudContactcenterinsightsV1UndeployIssueModelRequest - description: The request to undeploy an issue model. + description: The standard List next-page token. + unreachable: + type: array + items: + type: string + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. type: object - properties: - name: - description: Required. The issue model to undeploy. - type: string - GoogleCloudContactcenterinsightsV1ExportIssueModelRequest: - id: GoogleCloudContactcenterinsightsV1ExportIssueModelRequest - description: Request to export an issue model. + id: GoogleLongrunningListOperationsResponse + GoogleCloudContactcenterinsightsV1alpha1FeedbackLabel: + description: >- + Represents a conversation, resource, and label provided by the user. Can + take the form of a string label or a QaAnswer label. QaAnswer labels are + used for Quality AI example conversations. String labels are used for + Topic Modeling. AgentAssistSummary labels are used for Agent Assist + Summarization. type: object + id: GoogleCloudContactcenterinsightsV1alpha1FeedbackLabel properties: - gcsDestination: - description: Google Cloud Storage URI to export the issue model to. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ExportIssueModelRequestGcsDestination name: - description: Required. The issue model to export. - type: string - GoogleCloudContactcenterinsightsV1ExportIssueModelRequestGcsDestination: - id: GoogleCloudContactcenterinsightsV1ExportIssueModelRequestGcsDestination - description: Google Cloud Storage Object URI to save the issue model to. - type: object - properties: - objectUri: - description: 'Required. Format: `gs:///`' type: string - GoogleCloudContactcenterinsightsV1ImportIssueModelRequest: - id: GoogleCloudContactcenterinsightsV1ImportIssueModelRequest - description: Request to import an issue model. - type: object - properties: - gcsSource: - description: Google Cloud Storage source message. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ImportIssueModelRequestGcsSource - parent: - description: Required. The parent resource of the issue model. - type: string - createNewModel: - description: >- - Optional. If set to true, will create an issue model from the - imported file with randomly generated IDs for the issue model and - corresponding issues. Otherwise, replaces an existing model with the - same ID as the file. - type: boolean - GoogleCloudContactcenterinsightsV1ImportIssueModelRequestGcsSource: - id: GoogleCloudContactcenterinsightsV1ImportIssueModelRequestGcsSource - description: Google Cloud Storage Object URI to get the issue model file from. - type: object - properties: - objectUri: - description: 'Required. Format: `gs:///`' - type: string - GoogleCloudContactcenterinsightsV1Issue: - id: GoogleCloudContactcenterinsightsV1Issue - description: The issue resource. - type: object - properties: - name: description: >- - Immutable. The resource name of the issue. Format: - projects/{project}/locations/{location}/issueModels/{issue_model}/issues/{issue} - type: string - displayName: - description: The representative name for the issue. + Immutable. Resource name of the FeedbackLabel. Format: + projects/{project}/locations/{location}/conversations/{conversation}/feedbackLabels/{feedback_label} + label: + description: String label used for Topic Modeling. type: string - createTime: - description: Output only. The time at which this issue was created. + qaAnswerLabel: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaAnswerAnswerValue + description: QaAnswer label used for Quality AI example conversations. + updateTime: readOnly: true + description: Output only. Update time of the label. type: string format: google-datetime - updateTime: - description: Output only. The most recent time that this issue was updated. + createTime: + description: Output only. Create time of the label. readOnly: true type: string format: google-datetime - sampleUtterances: + labeledResource: description: >- - Output only. Resource names of the sample representative utterances - that match to this issue. - readOnly: true - type: array - items: - type: string - displayDescription: - description: Representative description of the issue. + Name of the resource to be labeled. Supported resources are: * + `projects/{project}/locations/{location}/qaScorecards/{scorecard}/revisions/{revision}/qaQuestions/{question}` + * + `projects/{project}/locations/{location}/issueModels/{issue_model}` + * + `projects/{project}/locations/{location}/generators/{generator_id}` type: string - GoogleCloudContactcenterinsightsV1ListIssuesResponse: - id: GoogleCloudContactcenterinsightsV1ListIssuesResponse - description: The response of listing issues. - type: object + GoogleCloudContactcenterinsightsV1UndeployIssueModelRequest: properties: - issues: - description: The issues that match the request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Issue' - GoogleCloudContactcenterinsightsV1CalculateIssueModelStatsResponse: - id: GoogleCloudContactcenterinsightsV1CalculateIssueModelStatsResponse - description: Response of querying an issue model's statistics. + name: + description: Required. The issue model to undeploy. + type: string + id: GoogleCloudContactcenterinsightsV1UndeployIssueModelRequest type: object + description: The request to undeploy an issue model. + GoogleCloudContactcenterinsightsV1alpha1CallAnnotation: properties: - currentStats: - description: >- - The latest label statistics for the queried issue model. Includes - results on both training data and data labeled after deployment. + issueMatchData: + description: Data specifying an issue match. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModelLabelStats - GoogleCloudContactcenterinsightsV1PhraseMatcher: - id: GoogleCloudContactcenterinsightsV1PhraseMatcher - description: The phrase matcher resource. - type: object - properties: - name: + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueMatchData + intentMatchData: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IntentMatchData + description: Data specifying an intent match. + channelTag: + format: int32 + type: integer description: >- - The resource name of the phrase matcher. Format: - projects/{project}/locations/{location}/phraseMatchers/{phrase_matcher} - type: string - revisionId: + The channel of the audio where the annotation occurs. For + single-channel audio, this field is not populated. + holdData: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1HoldData + description: Data specifying a hold. + silenceData: + description: Data specifying silence. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SilenceData + annotationStartBoundary: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotationBoundary description: >- - Output only. Immutable. The revision ID of the phrase matcher. A new - revision is committed whenever the matcher is changed, except when - it is activated or deactivated. A server generated random ID will be - used. Example: - locations/global/phraseMatchers/my-first-matcher@1234567 - readOnly: true - type: string - versionTag: + The boundary in the conversation where the annotation starts, + inclusive. + interruptionData: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1InterruptionData + description: Data specifying an interruption. + phraseMatchData: + description: Data specifying a phrase match. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1PhraseMatchData + annotationEndBoundary: description: >- - The customized version tag to use for the phrase matcher. If not - specified, it will default to `revision_id`. - type: string - revisionCreateTime: + The boundary in the conversation where the annotation ends, + inclusive. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotationBoundary + entityMentionData: + description: Data specifying an entity mention. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1EntityMentionData + sentimentData: + description: Data specifying sentiment. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SentimentData + description: A piece of metadata that applies to a window of a call. + type: object + id: GoogleCloudContactcenterinsightsV1alpha1CallAnnotation + GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequestSheetsDestination: + id: >- + GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequestSheetsDestination + properties: + sheetTitle: description: >- - Output only. The timestamp of when the revision was created. It is - also the create time when a new matcher is added. - readOnly: true - type: string - format: google-datetime - displayName: - description: The human-readable name of the phrase matcher. + Optional. The title of the new sheet to write the feedback labels + to. type: string - type: - description: Required. The type of this phrase matcher. + spreadsheetUri: type: string - enumDescriptions: - - Unspecified. - - Must meet all phrase match rule groups or there is no match. - - If any of the phrase match rule groups are met, there is a match. - enum: - - PHRASE_MATCHER_TYPE_UNSPECIFIED - - ALL_OF - - ANY_OF - active: - description: Applies the phrase matcher only when it is active. - type: boolean - phraseMatchRuleGroups: - description: A list of phase match rule groups that are included in this matcher. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatchRuleGroup - activationUpdateTime: description: >- - Output only. The most recent time at which the activation status was - updated. - readOnly: true - type: string - format: google-datetime - roleMatch: + Required. The Google Sheets document to write the feedback labels + to. Retrieved from Google Sheets URI. E.g. + `https://docs.google.com/spreadsheets/d/1234567890` The spreadsheet + must be shared with the Insights P4SA. The spreadsheet ID written to + will be returned as `file_names` in the + BulkDownloadFeedbackLabelsMetadata. + type: object + description: Google Sheets document details to write the feedback labels to. + GoogleIamV1SetIamPolicyRequest: + type: object + description: Request message for `SetIamPolicy` method. + properties: + policy: description: >- - The role whose utterances the phrase matcher should be matched - against. If the role is ROLE_UNSPECIFIED it will be matched against - any utterances in the transcript. - type: string - enumDescriptions: - - Participant's role is not set. - - Participant is a human agent. - - Participant is an automated agent. - - Participant is an end user who conversed with the contact center. - - Participant is either a human or automated agent. - enum: - - ROLE_UNSPECIFIED - - HUMAN_AGENT - - AUTOMATED_AGENT - - END_USER - - ANY_AGENT - updateTime: + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/GoogleIamV1Policy' + updateMask: description: >- - Output only. The most recent time at which the phrase matcher was - updated. - readOnly: true + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` type: string - format: google-datetime - GoogleCloudContactcenterinsightsV1PhraseMatchRuleGroup: - id: GoogleCloudContactcenterinsightsV1PhraseMatchRuleGroup - description: A message representing a rule in the phrase matcher. - type: object + format: google-fieldmask + id: GoogleIamV1SetIamPolicyRequest + GoogleCloudContactcenterinsightsV1alpha1ConversationLevelSentiment: properties: - type: - description: Required. The type of this phrase match rule group. - type: string - enumDescriptions: - - Unspecified. - - Must meet all phrase match rules or there is no match. - - If any of the phrase match rules are met, there is a match. - enum: - - PHRASE_MATCH_RULE_GROUP_TYPE_UNSPECIFIED - - ALL_OF - - ANY_OF - phraseMatchRules: - description: A list of phrase match rules that are included in this group. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatchRule - GoogleCloudContactcenterinsightsV1PhraseMatchRule: - id: GoogleCloudContactcenterinsightsV1PhraseMatchRule - description: The data for a phrase match rule. - type: object - properties: - query: - description: Required. The phrase to be matched. - type: string - negated: - description: >- - Specifies whether the phrase must be missing from the transcript - segment or present in the transcript segment. - type: boolean - config: - description: >- - Provides additional information about the rule that specifies how to - apply the rule. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatchRuleConfig - GoogleCloudContactcenterinsightsV1PhraseMatchRuleConfig: - id: GoogleCloudContactcenterinsightsV1PhraseMatchRuleConfig - description: Configuration information of a phrase match rule. - type: object - properties: - exactMatchConfig: - description: The configuration for the exact match rule. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ExactMatchConfig - GoogleCloudContactcenterinsightsV1ExactMatchConfig: - id: GoogleCloudContactcenterinsightsV1ExactMatchConfig - description: Exact match configuration. - type: object - properties: - caseSensitive: - description: Whether to consider case sensitivity when performing an exact match. - type: boolean - GoogleCloudContactcenterinsightsV1ListPhraseMatchersResponse: - id: GoogleCloudContactcenterinsightsV1ListPhraseMatchersResponse - description: The response of listing phrase matchers. - type: object - properties: - phraseMatchers: - description: The phrase matchers that match the request. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatcher - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudContactcenterinsightsV1CalculateStatsResponse: - id: GoogleCloudContactcenterinsightsV1CalculateStatsResponse - description: The response for calculating conversation statistics. - type: object - properties: - averageDuration: - description: >- - The average duration of all conversations. The average is calculated - using only conversations that have a time duration. - type: string - format: google-duration - averageTurnCount: - description: The average number of turns per conversation. - type: integer + channelTag: + description: The channel of the audio that the data applies to. format: int32 - conversationCount: - description: The total number of conversations. type: integer - format: int32 - smartHighlighterMatches: - description: >- - A map associating each smart highlighter display name with its - respective number of matches in the set of conversations. - type: object - additionalProperties: - type: integer - format: int32 - customHighlighterMatches: - description: >- - A map associating each custom highlighter resource name with its - respective number of matches in the set of conversations. - type: object - additionalProperties: - type: integer - format: int32 - issueMatches: - description: >- - A map associating each issue resource name with its respective - number of matches in the set of conversations. Key has the format: - `projects//locations//issueModels//issues/` Deprecated, use - `issue_matches_stats` field instead. - deprecated: true - type: object - additionalProperties: - type: integer - format: int32 - issueMatchesStats: - description: >- - A map associating each issue resource name with its respective - number of matches in the set of conversations. Key has the format: - `projects//locations//issueModels//issues/` - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModelLabelStatsIssueStats - conversationCountTimeSeries: - description: >- - A time series representing the count of conversations created over - time that match that requested filter criteria. + sentimentData: + description: Data specifying sentiment. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1CalculateStatsResponseTimeSeries - GoogleCloudContactcenterinsightsV1CalculateStatsResponseTimeSeries: - id: GoogleCloudContactcenterinsightsV1CalculateStatsResponseTimeSeries - description: A time series representing conversations over time. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SentimentData + type: object + id: GoogleCloudContactcenterinsightsV1alpha1ConversationLevelSentiment + description: One channel of conversation-level sentiment data. + GoogleProtobufEmpty: + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: GoogleProtobufEmpty type: object + properties: {} + GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPointConversationMeasure: + id: >- + GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPointConversationMeasure properties: - intervalDuration: - description: The duration of each interval. + averageCustomerSatisfactionRating: + format: double + type: number + description: The average customer satisfaction rating. + averageTurnCount: + description: The average turn count. + type: number + format: float + averageDuration: type: string format: google-duration - points: + description: The average duration. + averageQaQuestionNormalizedScore: + type: number description: >- - An ordered list of intervals from earliest to latest, where each - interval represents the number of conversations that transpired - during the time window. - type: array + Average QA normalized score averaged for questions averaged across + all revisions of the parent scorecard. Will be only populated if the + request specifies a dimension of QA_QUESTION_ID. + format: double + averageSilencePercentage: + description: The average silence percentage. + type: number + format: float + qaTagScores: items: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1CalculateStatsResponseTimeSeriesInterval - GoogleCloudContactcenterinsightsV1CalculateStatsResponseTimeSeriesInterval: - id: >- - GoogleCloudContactcenterinsightsV1CalculateStatsResponseTimeSeriesInterval - description: A single interval in a time series. - type: object - properties: - startTime: - description: The start time of this interval. - type: string - format: google-datetime + #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPointConversationMeasureQaTagScore + description: Average QA normalized score for all the tags. + type: array conversationCount: - description: The number of conversations created in this interval. + description: The conversation count. type: integer format: int32 - GoogleCloudContactcenterinsightsV1CalculateStatsRequest: - id: GoogleCloudContactcenterinsightsV1CalculateStatsRequest - description: The request for calculating conversation statistics. + averageAgentSentimentScore: + format: float + description: The average agent's sentiment score. + type: number + averageQaNormalizedScore: + description: >- + The average normalized QA score for a scorecard. When computing the + average across a set of conversations, if a conversation has been + evaluated with multiple revisions of a scorecard, only the latest + revision results will be used. Will exclude 0's in average + calculation. Will be only populated if the request specifies a + dimension of QA_SCORECARD_ID. + format: double + type: number + averageClientSentimentScore: + type: number + format: float + description: The average client's sentiment score. + description: The measure related to conversations. + type: object + GoogleCloudContactcenterinsightsV1alpha1SpeechConfig: + description: >- + Speech-to-Text configuration. Speech-to-Text settings are applied to + conversations ingested from the `UploadConversation` and + `IngestConversations` endpoints, including conversation coming from CCAI + Platform. They are not applied to conversations ingested from the + `CreateConversation` endpoint. type: object + id: GoogleCloudContactcenterinsightsV1alpha1SpeechConfig properties: - filter: + speechRecognizer: description: >- - A filter to reduce results to a specific subset. This field is - useful for getting statistics about conversations with specific - properties. + The fully-qualified Speech Recognizer resource name. Format: + `projects/{project_id}/locations/{location}/recognizer/{recognizer}` type: string - GoogleCloudContactcenterinsightsV1Settings: - id: GoogleCloudContactcenterinsightsV1Settings - description: >- - The CCAI Insights project wide settings. Use these settings to configure - the behavior of Insights. View these settings with - [`getsettings`](https://cloud.google.com/contact-center/insights/docs/reference/rest/v1/projects.locations/getSettings) - and change the settings with - [`updateSettings`](https://cloud.google.com/contact-center/insights/docs/reference/rest/v1/projects.locations/updateSettings). + GoogleCloudContactcenterinsightsV1alpha1HoldData: + id: GoogleCloudContactcenterinsightsV1alpha1HoldData + type: object + description: The data for a hold annotation. + properties: {} + GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewRequest: type: object + id: GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewRequest properties: - name: + filter: description: >- - Immutable. The resource name of the settings resource. Format: - projects/{project}/locations/{location}/settings - type: string - createTime: - description: Output only. The time at which the settings was created. - readOnly: true + Optional. Filter to select a subset of conversations to compute the + performance overview. Supports the same filters as the filter field + in QueryMetricsRequest. The source and query interval/comparison + query interval should not be included here. type: string - format: google-datetime - updateTime: - description: Output only. The time at which the settings were last updated. - readOnly: true - type: string - format: google-datetime - languageCode: - description: >- - A language code to be applied to each transcript segment unless the - segment already specifies a language code. Language code defaults to - "en-US" if it is neither specified on the segment nor here. - type: string - conversationTtl: + queryInterval: description: >- - The default TTL for newly-created conversations. If a conversation - has a specified expiration, that value will be used instead. - Changing this value will not change the expiration of existing - conversations. Conversations with no expire time persist until they - are deleted. - type: string - format: google-duration - pubsubNotificationSettings: + Required. The time window of the conversations to derive performance + stats from. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1QueryInterval' + agentPerformanceSource: + description: Conversations are from a single agent. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewRequestAgentSource + comparisonQueryInterval: + description: The time window of the conversations to compare the performance to. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1QueryInterval' + description: >- + The request for summarizing performance according to different metrics + for conversations over a specified time window. + GoogleCloudContactcenterinsightsV1CallAnnotation: + properties: + interruptionData: + description: Data specifying an interruption. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1InterruptionData + channelTag: description: >- - A map that maps a notification trigger to a Pub/Sub topic. Each time - a specified trigger occurs, Insights will notify the corresponding - Pub/Sub topic. Keys are notification triggers. Supported keys are: * - "all-triggers": Notify each time any of the supported triggers - occurs. * "create-analysis": Notify each time an analysis is - created. * "create-conversation": Notify each time a conversation is - created. * "export-insights-data": Notify each time an export is - complete. * "ingest-conversations": Notify each time an - IngestConversations LRO is complete. * "update-conversation": Notify - each time a conversation is updated via UpdateConversation. * - "upload-conversation": Notify when an UploadConversation LRO is - complete. Values are Pub/Sub topics. The format of each Pub/Sub - topic is: projects/{project}/topics/{topic} - type: object - additionalProperties: - type: string - analysisConfig: - description: Default analysis settings. + The channel of the audio where the annotation occurs. For + single-channel audio, this field is not populated. + type: integer + format: int32 + entityMentionData: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1SettingsAnalysisConfig - redactionConfig: + #/components/schemas/GoogleCloudContactcenterinsightsV1EntityMentionData + description: Data specifying an entity mention. + phraseMatchData: + description: Data specifying a phrase match. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatchData + holdData: + description: Data specifying a hold. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1HoldData' + sentimentData: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SentimentData' + description: Data specifying sentiment. + annotationStartBoundary: description: >- - Default DLP redaction resources to be applied while ingesting - conversations. This applies to conversations ingested from the - `UploadConversation` and `IngestConversations` endpoints, including - conversations coming from CCAI Platform. + The boundary in the conversation where the annotation starts, + inclusive. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1RedactionConfig - speechConfig: + #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotationBoundary + intentMatchData: + description: Data specifying an intent match. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1IntentMatchData + annotationEndBoundary: description: >- - Optional. Default Speech-to-Text resources to use while ingesting - audio files. Optional, CCAI Insights will create a default if not - provided. This applies to conversations ingested from the - `UploadConversation` and `IngestConversations` endpoints, including - conversations coming from CCAI Platform. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SpeechConfig' - GoogleCloudContactcenterinsightsV1SettingsAnalysisConfig: - id: GoogleCloudContactcenterinsightsV1SettingsAnalysisConfig - description: Default configuration when creating Analyses in Insights. + The boundary in the conversation where the annotation ends, + inclusive. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotationBoundary + issueMatchData: + description: Data specifying an issue match. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1IssueMatchData + silenceData: + description: Data specifying silence. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SilenceData' + id: GoogleCloudContactcenterinsightsV1CallAnnotation + description: A piece of metadata that applies to a window of a call. + type: object + GoogleCloudContactcenterinsightsV1alpha1FaqAnswerData: type: object + id: GoogleCloudContactcenterinsightsV1alpha1FaqAnswerData + description: Agent Assist frequently-asked-question answer data. properties: - runtimeIntegrationAnalysisPercentage: + source: + type: string description: >- - Percentage of conversations created using Dialogflow runtime - integration to analyze automatically, between [0, 100]. - type: number - format: double - uploadConversationAnalysisPercentage: + The knowledge document that this answer was extracted from. Format: + projects/{project}/knowledgeBases/{knowledge_base}/documents/{document}. + question: + type: string + description: The corresponding FAQ question. + confidenceScore: description: >- - Percentage of conversations created using the UploadConversation - endpoint to analyze automatically, between [0, 100]. + The system's confidence score that this answer is a good match for + this conversation, ranging from 0.0 (completely uncertain) to 1.0 + (completely certain). type: number - format: double - annotatorSelector: + format: float + metadata: description: >- - To select the annotators to run and the phrase matchers to use (if - any). If not specified, all annotators will be run. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotatorSelector - GoogleCloudContactcenterinsightsV1AnalysisRule: - id: GoogleCloudContactcenterinsightsV1AnalysisRule - description: >- - The CCAI Insights project wide analysis rule. This rule will be applied - to all conversations that match the filter defined in the rule. For a - conversation matches the filter, the annotators specified in the rule - will be run. If a conversation matches multiple rules, a union of all - the annotators will be run. One project can have multiple analysis - rules. - type: object + Map that contains metadata about the FAQ answer and the document + that it originates from. + additionalProperties: + type: string + type: object + answer: + description: The piece of text from the `source` knowledge base document. + type: string + queryRecord: + type: string + description: >- + The name of the answer record. Format: + projects/{project}/locations/{location}/answerRecords/{answer_record} + GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorSummarizationConfig: + id: >- + GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorSummarizationConfig + description: Configuration for summarization. properties: - name: + generator: description: >- - Identifier. The resource name of the analysis rule. Format: - projects/{project}/locations/{location}/analysisRules/{analysis_rule} + The resource name of the existing created generator. Format: + projects//locations//generators/ + type: string + conversationProfile: + type: string + description: >- + Resource name of the Dialogflow conversation profile. Format: + projects/{project}/locations/{location}/conversationProfiles/{conversation_profile} + summarizationModel: + type: string + description: Default summarization model to be used. + enumDescriptions: + - Unspecified summarization model. + - >- + The CCAI baseline model. This model is deprecated and will be + removed in the future. We recommend using `generator` instead. + - >- + The CCAI baseline model, V2.0. This model is deprecated and will + be removed in the future. We recommend using `generator` instead. + enum: + - SUMMARIZATION_MODEL_UNSPECIFIED + - BASELINE_MODEL + - BASELINE_MODEL_V2_0 + enumDeprecated: + - false + - true + - true + type: object + GoogleCloudContactcenterinsightsV1IngestConversationsResponse: + properties: {} + description: The response to an IngestConversations operation. + id: GoogleCloudContactcenterinsightsV1IngestConversationsResponse + type: object + GoogleCloudContactcenterinsightsV1alpha1Dataset: + description: >- + Dataset resource represents a collection of conversations that may be + bounded (Static Dataset, e.g. golden dataset for training), or unbounded + (Dynamic Dataset, e.g. live traffic, or agent training traffic) + id: GoogleCloudContactcenterinsightsV1alpha1Dataset + properties: + displayName: + description: Display name for the dataaset type: string createTime: - description: Output only. The time at which this analysis rule was created. + format: google-datetime + description: Output only. Dataset create time. readOnly: true type: string - format: google-datetime updateTime: - description: >- - Output only. The most recent time at which this analysis rule was - updated. + format: google-datetime readOnly: true + description: Output only. Dataset update time. type: string - format: google-datetime - displayName: - description: Display Name of the analysis rule. + description: type: string - conversationFilter: - description: >- - Filter for the conversations that should apply this analysis rule. - An empty filter means this analysis rule applies to all - conversations. Refer to - https://cloud.google.com/contact-center/insights/docs/filtering for - details. + description: Dataset description. + ttl: + type: string + description: Optional. Option TTL for the dataset. + format: google-duration + name: type: string - annotatorSelector: - description: >- - Selector of annotators to run and the phrase matchers to use for - conversations that matches the conversation_filter. If not - specified, NO annotators will be run. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotatorSelector - analysisPercentage: description: >- - Percentage of conversations that we should apply this analysis - setting automatically, between [0, 1]. For example, 0.1 means 10%. - Conversations are sampled in a determenestic way. The original - runtime_percentage & upload percentage will be replaced by defining - filters on the conversation. - type: number - format: double - active: - description: >- - If true, apply this rule to conversations. Otherwise, this rule is - inactive and saved as a draft. - type: boolean - GoogleCloudContactcenterinsightsV1ListAnalysisRulesResponse: - id: GoogleCloudContactcenterinsightsV1ListAnalysisRulesResponse - description: The response of listing views. - type: object - properties: - analysisRules: - description: The analysis_rule that match the request. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnalysisRule - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Immutable. Identifier. Resource name of the dataset. Format: + projects/{project}/locations/{location}/datasets/{dataset} + type: + enum: + - TYPE_UNSPECIFIED + - EVAL + - LIVE + description: Dataset usage type. type: string - GoogleCloudContactcenterinsightsV1AssessmentRule: - id: GoogleCloudContactcenterinsightsV1AssessmentRule + enumDescriptions: + - Default value for unspecified. + - For evals only. + - >- + Dataset with new conversations coming in regularly (Insights + legacy conversations and AI trainer) + type: object + GoogleTypeInterval: + id: GoogleTypeInterval description: >- - The CCAI Insights project wide assessment rule. This assessment rule - will be applied to all conversations from the previous sampling cycle - that match the sample rule defined in the assessment rule. One project - can have multiple assessment rules. + Represents a time interval, encoded as a Timestamp start (inclusive) and + a Timestamp end (exclusive). The start must be less than or equal to the + end. When the start equals the end, the interval is empty (matches no + time). When both start and end are unspecified, the interval matches any + time. type: object properties: - name: - description: >- - Identifier. The resource name of the assessment rule. Format: - projects/{project}/locations/{location}/assessmentRules/{assessment_rule} - type: string - createTime: - description: Output only. The time at which this assessment rule was created. - readOnly: true + startTime: type: string format: google-datetime - updateTime: description: >- - Output only. The most recent time at which this assessment rule was - updated. - readOnly: true - type: string - format: google-datetime - active: + Optional. Inclusive start of the interval. If specified, a Timestamp + matching this interval will have to be the same or after the start. + endTime: description: >- - If true, apply this rule to conversations. Otherwise, this rule is - inactive. - type: boolean - displayName: - description: Display Name of the assessment rule. + Optional. Exclusive end of the interval. If specified, a Timestamp + matching this interval will have to be before the end. + format: google-datetime type: string - sampleRule: - description: The sample rule for the assessment rule. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SampleRule' - scheduleInfo: - description: Schedule info for the assessment rule. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1ScheduleInfo' - GoogleCloudContactcenterinsightsV1ScheduleInfo: - id: GoogleCloudContactcenterinsightsV1ScheduleInfo - description: Message for schedule info. + GoogleCloudContactcenterinsightsV1alpha1ConversationDataSource: + id: GoogleCloudContactcenterinsightsV1alpha1ConversationDataSource + description: The conversation source, which is a combination of transcript and audio. type: object properties: - startTime: - description: >- - Start time of the schedule. If not specified, will start as soon as - the schedule is created. - type: string - format: google-datetime - endTime: - description: >- - End time of the schedule. If not specified, will keep scheduling new - pipelines for execution util the schedule is no longer active or - deleted. - type: string - format: google-datetime - schedule: - description: >- - The groc expression. Format: `every number [synchronized]` Time - units can be: minutes, hours Synchronized is optional and indicates - that the schedule should be synchronized to the start of the - interval: every 5 minutes synchronized means 00:00, 00:05 ... - Otherwise the start time is random within the interval. Example: - `every 5 minutes` could be 00:02, 00:07, 00:12, ... + gcsSource: + description: A Cloud Storage location specification for the audio and transcript. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1GcsSource + metadataUri: type: string - timeZone: description: >- - The timezone to use for the groc expression. If not specified, - defaults to UTC. - type: string - GoogleCloudContactcenterinsightsV1ListAssessmentRulesResponse: - id: GoogleCloudContactcenterinsightsV1ListAssessmentRulesResponse - description: The response of listing assessment rules. + Cloud Storage URI that points to a file that contains the + conversation metadata. + dialogflowSource: + description: The source when the conversation comes from Dialogflow. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DialogflowSource + GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataResponse: type: object + properties: {} + id: GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataResponse + description: Response for an export insights operation. + GoogleCloudContactcenterinsightsV1ListQaQuestionTagsResponse: + description: The response from a ListQaQuestionTags request. + id: GoogleCloudContactcenterinsightsV1ListQaQuestionTagsResponse properties: - assessmentRules: - description: The assessment rules that match the request. - type: array + qaQuestionTags: + description: The parent resource of the questions. items: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AssessmentRule + #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionTag + type: array nextPageToken: + type: string description: >- A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudContactcenterinsightsV1EncryptionSpec: - id: GoogleCloudContactcenterinsightsV1EncryptionSpec - description: >- - A customer-managed encryption key specification that can be applied to - all created resources (e.g. `Conversation`). type: object + GoogleCloudContactcenterinsightsV1QaScorecardResultScoreSource: properties: - name: - description: >- - Immutable. The resource name of the encryption key specification - resource. Format: - projects/{project}/locations/{location}/encryptionSpec + sourceType: type: string - kmsKey: + enum: + - SOURCE_TYPE_UNSPECIFIED + - SYSTEM_GENERATED_ONLY + - INCLUDES_MANUAL_EDITS + description: What created the score. + enumDescriptions: + - Source type is unspecified. + - Score is derived only from system-generated answers. + - >- + Score is derived from both system-generated answers, and includes + any manual edits if they exist. + potentialScore: description: >- - Required. The name of customer-managed encryption key that is used - to secure a resource and its sub-resources. If empty, the resource - is secured by our default encryption key. Only the key in the same - location as this resource is allowed to be used for encryption. - Format: - `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{key}` - type: string - GoogleCloudContactcenterinsightsV1InitializeEncryptionSpecRequest: - id: GoogleCloudContactcenterinsightsV1InitializeEncryptionSpecRequest - description: The request to initialize a location-level encryption specification. - type: object - properties: - encryptionSpec: + The maximum potential overall score of the scorecard. Any questions + answered using `na_value` are excluded from this calculation. + format: double + type: number + score: + description: The overall numerical score of the result. + format: double + type: number + qaTagResults: + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardResultQaTagResult + type: array + description: Collection of tags and their scores. + normalizedScore: + format: double + type: number description: >- - Required. The encryption spec used for CMEK encryption. It is - required that the kms key is in the same region as the endpoint. The - same key will be used for all provisioned resources, if encryption - is available. If the `kms_key_name` field is left empty, no - encryption will be enforced. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1EncryptionSpec - GoogleCloudContactcenterinsightsV1View: - id: GoogleCloudContactcenterinsightsV1View - description: The View resource. + The normalized score, which is the score divided by the potential + score. type: object + id: GoogleCloudContactcenterinsightsV1QaScorecardResultScoreSource + description: >- + A scorecard result may have multiple sets of scores from varying + sources, one of which becomes the "main" answer above. A ScoreSource + represents each individual set of scores. + GoogleCloudContactcenterinsightsV1DimensionQaQuestionAnswerDimensionMetadata: properties: - name: - description: >- - Immutable. The resource name of the view. Format: - projects/{project}/locations/{location}/views/{view} - type: string - displayName: - description: The human-readable display name of the view. + answerValue: + description: Optional. The full body of the question. type: string - createTime: - description: Output only. The time at which this view was created. - readOnly: true + qaQuestionId: + description: Optional. The QA question ID. type: string - format: google-datetime - updateTime: - description: Output only. The most recent time at which the view was updated. - readOnly: true + qaScorecardId: type: string - format: google-datetime - value: - description: >- - A filter to reduce conversation results to a specific subset. Refer - to https://cloud.google.com/contact-center/insights/docs/filtering - for details. + description: Optional. The QA scorecard ID. + questionBody: + description: Optional. The full body of the question. type: string - GoogleCloudContactcenterinsightsV1ListViewsResponse: - id: GoogleCloudContactcenterinsightsV1ListViewsResponse - description: The response of listing views. - type: object - properties: - views: - description: The views that match the request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1View' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudContactcenterinsightsV1QueryMetricsRequest: - id: GoogleCloudContactcenterinsightsV1QueryMetricsRequest - description: The request for querying metrics. type: object + description: >- + Metadata about the QA question-answer dimension. This is useful for + showing the answer distribution for questions for a given scorecard. + id: >- + GoogleCloudContactcenterinsightsV1DimensionQaQuestionAnswerDimensionMetadata + GoogleCloudContactcenterinsightsV1RedactionConfig: + id: GoogleCloudContactcenterinsightsV1RedactionConfig + description: >- + DLP resources used for redaction while ingesting conversations. DLP + settings are applied to conversations ingested from the + `UploadConversation` and `IngestConversations` endpoints, including + conversation coming from CCAI Platform. They are not applied to + conversations ingested from the `CreateConversation` endpoint or the + Dialogflow / Agent Assist runtime integrations. When using Dialogflow / + Agent Assist runtime integrations, redaction should be performed in + Dialogflow / Agent Assist. properties: - filter: - description: >- - Required. Filter to select a subset of conversations to compute the - metrics. Must specify a window of the conversation create time to - compute the metrics. The returned metrics will be from the range - [DATE(starting create time), DATE(ending create time)). + deidentifyTemplate: type: string - timeGranularity: description: >- - The time granularity of each data point in the time series. Defaults - to NONE if this field is unspecified. + The fully-qualified DLP deidentify template resource name. Format: + `projects/{project}/deidentifyTemplates/{template}` + inspectTemplate: type: string - enumDescriptions: - - The time granularity is unspecified and will default to NONE. - - >- - No time granularity. The response won't contain a time series. - This is the default value if no time granularity is specified. - - >- - Data points in the time series will aggregate at a daily - granularity. 1 day means [midnight to midnight). - - >- - Data points in the time series will aggregate at a daily - granularity. 1 HOUR means [01:00 to 02:00). - - >- - Data points in the time series will aggregate at a daily - granularity. PER_MINUTE means [01:00 to 01:01). - - >- - Data points in the time series will aggregate at a 1 minute - granularity. PER_5_MINUTES means [01:00 to 01:05). - - >- - Data points in the time series will aggregate at a monthly - granularity. 1 MONTH means [01st of the month to 1st of the next - month). - enum: - - TIME_GRANULARITY_UNSPECIFIED - - NONE - - DAILY - - HOURLY - - PER_MINUTE - - PER_5_MINUTES - - MONTHLY - dimensions: description: >- - The dimensions that determine the grouping key for the query. - Defaults to no dimension if this field is unspecified. If a - dimension is specified, its key must also be specified. Each - dimension's key must be unique. If a time granularity is also - specified, metric values in the dimension will be bucketed by this - granularity. Up to one dimension is supported for now. - type: array - items: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dimension' - measureMask: - description: >- - Measures to return. Defaults to all measures if this field is - unspecified. A valid mask should traverse from the `measure` field - from the response. For example, a path from a measure mask to get - the conversation count is "conversation_measure.count". - type: string - format: google-fieldmask - GoogleCloudContactcenterinsightsV1Dimension: - id: GoogleCloudContactcenterinsightsV1Dimension - description: >- - A dimension determines the grouping key for the query. In SQL terms, - these would be part of both the "SELECT" and "GROUP BY" clauses. + The fully-qualified DLP inspect template resource name. Format: + `projects/{project}/locations/{location}/inspectTemplates/{template}` type: object + GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelResponse: properties: - issueDimensionMetadata: - description: Output only. Metadata about the issue dimension. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1DimensionIssueDimensionMetadata - agentDimensionMetadata: - description: Output only. Metadata about the agent dimension. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1DimensionAgentDimensionMetadata - qaQuestionDimensionMetadata: - description: Output only. Metadata about the QA question dimension. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1DimensionQaQuestionDimensionMetadata - qaQuestionAnswerDimensionMetadata: - description: Output only. Metadata about the QA question-answer dimension. - readOnly: true + issueModel: + description: The issue model that was imported. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1DimensionQaQuestionAnswerDimensionMetadata - dimensionKey: - description: The key of the dimension. - type: string - enumDescriptions: - - The key of the dimension is unspecified. - - The dimension is keyed by issues. - - The dimension is keyed by issue names. - - The dimension is keyed by agents. - - The dimension is keyed by agent teams. - - >- - The dimension is keyed by QaQuestionIds. Note that: We only group - by the QuestionId and not the revision-id of the scorecard this - question is a part of. This allows for showing stats for the same - question across different scorecard revisions. - - >- - The dimension is keyed by QaQuestionIds-Answer value pairs. Note - that: We only group by the QuestionId and not the revision-id of - the scorecard this question is a part of. This allows for showing - distribution of answers per question across different scorecard - revisions. - - >- - The dimension is keyed by QaScorecardIds. Note that: We only group - by the ScorecardId and not the revision-id of the scorecard. This - allows for showing stats for the same scorecard across different - revisions. This metric is mostly only useful if querying the - average normalized score per scorecard. - - The dimension is keyed by the conversation profile ID. - - The dimension is keyed by the conversation medium. - enum: - - DIMENSION_KEY_UNSPECIFIED - - ISSUE - - ISSUE_NAME - - AGENT - - AGENT_TEAM - - QA_QUESTION_ID - - QA_QUESTION_ANSWER_VALUE - - QA_SCORECARD_ID - - CONVERSATION_PROFILE_ID - - MEDIUM - GoogleCloudContactcenterinsightsV1DimensionIssueDimensionMetadata: - id: GoogleCloudContactcenterinsightsV1DimensionIssueDimensionMetadata - description: Metadata about the issue dimension. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueModel type: object - properties: - issueId: - description: The issue ID. - type: string - issueDisplayName: - description: The issue display name. - type: string - issueModelId: - description: The parent issue model ID. - type: string - GoogleCloudContactcenterinsightsV1DimensionAgentDimensionMetadata: - id: GoogleCloudContactcenterinsightsV1DimensionAgentDimensionMetadata - description: Metadata about the agent dimension. + description: Response from import issue model + id: GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelResponse + GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentDialogflowSegmentMetadata: + description: Metadata from Dialogflow relating to the current transcript segment. + id: >- + GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentDialogflowSegmentMetadata type: object properties: - agentId: - description: Optional. A user-specified string representing the agent. - type: string - agentDisplayName: - description: Optional. The agent's name - type: string - agentTeam: - description: Optional. A user-specified string representing the agent's team. + smartReplyAllowlistCovered: + type: boolean + description: >- + Whether the transcript segment was covered under the configured + smart reply allowlist in Agent Assist. + GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelRequest: + id: GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelRequest + description: Request to export an issue model. + properties: + gcsDestination: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelRequestGcsDestination + description: Google Cloud Storage URI to export the issue model to. + name: + description: Required. The issue model to export. type: string - GoogleCloudContactcenterinsightsV1DimensionQaQuestionDimensionMetadata: - id: GoogleCloudContactcenterinsightsV1DimensionQaQuestionDimensionMetadata - description: Metadata about the QA question dimension. type: object + GoogleCloudContactcenterinsightsV1QaQuestionTag: properties: - qaScorecardId: - description: Optional. The QA scorecard ID. + qaQuestionIds: + description: >- + Optional. The list of Scorecard Question IDs that the tag applies + to. Each QaQuestionId is represented as a full resource name + containing the Question ID. Lastly, Since a tag may not necessarily + be referenced by any Scorecard Questions, we treat this field as + optional. + type: array + items: + type: string + name: type: string - qaQuestionId: - description: Optional. The QA question ID. + description: >- + Identifier. Resource name for the QaQuestionTag Format + projects/{project}/locations/{location}/qaQuestionTags/{qa_question_tag} + In the above format, the last segment, i.e., qa_question_tag, is a + server-generated ID corresponding to the tag resource. + createTime: + description: Output only. The time at which the question tag was created. type: string - questionBody: - description: Optional. The full body of the question. + format: google-datetime + readOnly: true + updateTime: + description: >- + Output only. The most recent time at which the question tag was + updated. type: string - GoogleCloudContactcenterinsightsV1DimensionQaQuestionAnswerDimensionMetadata: - id: >- - GoogleCloudContactcenterinsightsV1DimensionQaQuestionAnswerDimensionMetadata + readOnly: true + format: google-datetime + displayName: + description: Required. A user-specified display name for the tag. + type: string + type: object description: >- - Metadata about the QA question-answer dimension. This is useful for - showing the answer distribution for questions for a given scorecard. + A tag is a resource which aims to categorize a set of questions across + multiple scorecards, e.g., "Customer Satisfaction","Billing", etc. + id: GoogleCloudContactcenterinsightsV1QaQuestionTag + GoogleCloudContactcenterinsightsV1PhraseMatchRuleConfig: + properties: + exactMatchConfig: + description: The configuration for the exact match rule. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ExactMatchConfig + id: GoogleCloudContactcenterinsightsV1PhraseMatchRuleConfig type: object + description: Configuration information of a phrase match rule. + GoogleCloudContactcenterinsightsV1DeployIssueModelRequest: + description: The request to deploy an issue model. properties: - qaScorecardId: - description: Optional. The QA scorecard ID. + name: type: string - qaQuestionId: - description: Optional. The QA question ID. - type: string - questionBody: - description: Optional. The full body of the question. - type: string - answerValue: - description: Optional. The full body of the question. - type: string - GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewRequest: - id: GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewRequest - description: >- - The request for summarizing performance according to different metrics - for conversations over a specified time window. + description: Required. The issue model to deploy. + id: GoogleCloudContactcenterinsightsV1DeployIssueModelRequest + type: object + GoogleCloudContactcenterinsightsV1IngestConversationsRequestTranscriptObjectConfig: + description: Configuration for processing transcript objects. type: object + id: >- + GoogleCloudContactcenterinsightsV1IngestConversationsRequestTranscriptObjectConfig properties: - agentPerformanceSource: - description: Conversations are from a single agent. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewRequestAgentSource - filter: - description: >- - Optional. Filter to select a subset of conversations to compute the - performance overview. Supports the same filters as the filter field - in QueryMetricsRequest. The source and query interval/comparison - query interval should not be included here. + medium: + enum: + - MEDIUM_UNSPECIFIED + - PHONE_CALL + - CHAT + enumDescriptions: + - Default value, if unspecified will default to PHONE_CALL. + - The format for conversations that took place over the phone. + - The format for conversations that took place over chat. + description: Required. The medium transcript objects represent. type: string - queryInterval: - description: >- - Required. The time window of the conversations to derive performance - stats from. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1QueryInterval' - comparisonQueryInterval: - description: The time window of the conversations to compare the performance to. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1QueryInterval' - GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewRequestAgentSource: - id: >- - GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewRequestAgentSource - description: The entity whose performance is being queried is a single agent. + GoogleCloudContactcenterinsightsV1DialogflowSource: + id: GoogleCloudContactcenterinsightsV1DialogflowSource type: object properties: - agentId: - description: Required. Agent id to query performance overview for. + dialogflowConversation: + readOnly: true type: string - GoogleCloudContactcenterinsightsV1QueryInterval: - id: GoogleCloudContactcenterinsightsV1QueryInterval - description: A time window for querying conversations. - type: object + description: >- + Output only. The name of the Dialogflow conversation that this + conversation resource is derived from. Format: + projects/{project}/locations/{location}/conversations/{conversation} + audioUri: + description: >- + Cloud Storage URI that points to a file that contains the + conversation audio. + type: string + description: A Dialogflow source of conversation data. + GoogleCloudContactcenterinsightsV1InitializeEncryptionSpecMetadata: + description: Metadata for initializing a location-level encryption specification. properties: - startTime: - description: Required. The start time of the time window. + createTime: + description: Output only. The time the operation was created. type: string format: google-datetime + readOnly: true + request: + description: Output only. The original request for initialization. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1InitializeEncryptionSpecRequest + readOnly: true endTime: - description: Required. The end time of the time window. type: string + readOnly: true format: google-datetime - GoogleCloudContactcenterinsightsV1QaQuestion: - id: GoogleCloudContactcenterinsightsV1QaQuestion - description: A single question to be scored by the Insights QA feature. + description: Output only. The time the operation finished running. + partialErrors: + type: array + items: + $ref: '#/components/schemas/GoogleRpcStatus' + description: >- + Partial errors during initializing operation that might cause the + operation output to be incomplete. + id: GoogleCloudContactcenterinsightsV1InitializeEncryptionSpecMetadata type: object + GoogleCloudContactcenterinsightsV1alpha1BulkAnalyzeConversationsMetadata: + id: GoogleCloudContactcenterinsightsV1alpha1BulkAnalyzeConversationsMetadata properties: - name: + partialErrors: + readOnly: true description: >- - Identifier. The resource name of the question. Format: - projects/{project}/locations/{location}/qaScorecards/{qa_scorecard}/revisions/{revision}/qaQuestions/{qa_question} + Output only. Partial errors during bulk analyze operation that might + cause the operation output to be incomplete. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + request: + description: The original request for bulk analyze. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1BulkAnalyzeConversationsRequest + failedAnalysesCount: + format: int32 + description: The number of requested analyses that have failed so far. + type: integer + createTime: type: string - abbreviation: - description: >- - Short, descriptive string, used in the UI where it's not practical - to display the full question body. E.g., "Greeting". + description: The time the operation was created. + format: google-datetime + endTime: + format: google-datetime + description: The time the operation finished running. type: string + totalRequestedAnalysesCount: + format: int32 + description: >- + Total number of analyses requested. Computed by the number of + conversations returned by `filter` multiplied by + `analysis_percentage` in the request. + type: integer + completedAnalysesCount: + type: integer + format: int32 + description: >- + The number of requested analyses that have completed successfully so + far. + description: The metadata for a bulk analyze conversations operation. + type: object + GoogleCloudContactcenterinsightsV1alpha1DeleteQaQuestionTagMetadata: + type: object + description: The metadata for deleting a QaQuestionTag Resource. + properties: createTime: - description: Output only. The time at which this question was created. readOnly: true + description: Output only. The time the operation was created. type: string format: google-datetime - updateTime: - description: Output only. The most recent time at which the question was updated. + request: + description: Output only. The original request. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DeleteQaQuestionTagRequest + endTime: + description: Output only. The time the operation finished running. readOnly: true type: string format: google-datetime - questionType: - description: The type of question. + id: GoogleCloudContactcenterinsightsV1alpha1DeleteQaQuestionTagMetadata + GoogleCloudContactcenterinsightsV1alpha1UndeployIssueModelRequest: + properties: + name: + description: Required. The issue model to undeploy. type: string - enumDescriptions: - - The type of the question is unspecified. - - >- - The default question type. The question is fully customizable by - the user. - - >- - The question type is using a predefined model provided by CCAI - teams. Users are not allowed to edit the question_body, - answer_choices, upload feedback labels for the question nor - fine-tune the question. However, users may edit other fields like - question tags, question order, etc. - enum: - - QA_QUESTION_TYPE_UNSPECIFIED - - CUSTOMIZABLE - - PREDEFINED - predefinedQuestionConfig: + type: object + id: GoogleCloudContactcenterinsightsV1alpha1UndeployIssueModelRequest + description: The request to undeploy an issue model. + GoogleCloudContactcenterinsightsV1alpha1IntentMatchData: + properties: + intentUniqueId: description: >- - The configuration of the predefined question. This field will only - be set if the Question Type is predefined. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionPredefinedQuestionConfig - questionBody: - description: Question text. E.g., "Did the agent greet the customer?" + The id of the matched intent. Can be used to retrieve the + corresponding intent information. type: string - answerInstructions: - description: Instructions describing how to determine the answer. + description: >- + The data for an intent match. Represents an intent match for a text + segment in the conversation. A text segment can be part of a sentence, a + complete sentence, or an utterance with multiple sentences. + id: GoogleCloudContactcenterinsightsV1alpha1IntentMatchData + type: object + GoogleCloudContactcenterinsightsV1alpha1Entity: + id: GoogleCloudContactcenterinsightsV1alpha1Entity + type: object + properties: + displayName: type: string - answerChoices: - description: >- - A list of valid answers to the question, which the LLM must choose - from. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionAnswerChoice - tags: - description: >- - Questions are tagged for categorization and scoring. Tags can either - be: - Default Tags: These are predefined categories. They are - identified by their string value (e.g., "BUSINESS", "COMPLIANCE", - and "CUSTOMER"). - Custom Tags: These are user-defined categories. - They are identified by their full resource name (e.g., - projects/{project}/locations/{location}/qaQuestionTags/{qa_question_tag}). - Both default and custom tags are used to group questions and to - influence the scoring of each question. - type: array - items: + description: The representative name for the entity. + metadata: + additionalProperties: type: string - order: + type: object description: >- - Defines the order of the question within its parent scorecard - revision. - type: integer - format: int32 - metrics: + Metadata associated with the entity. For most entity types, the + metadata is a Wikipedia URL (`wikipedia_url`) and Knowledge Graph + MID (`mid`), if they are available. For the metadata associated with + other entity types, see the Type table below. + sentiment: description: >- - Metrics of the underlying tuned LLM over a holdout/test set while - fine tuning the underlying LLM for the given question. This field - will only be populated if and only if the question is part of a - scorecard revision that has been tuned. + The aggregate sentiment expressed for this entity in the + conversation. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionMetrics - tuningMetadata: + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SentimentData + salience: + type: number description: >- - Metadata about the tuning operation for the question.This field will - only be populated if and only if the question is part of a scorecard - revision that has been tuned. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionTuningMetadata - GoogleCloudContactcenterinsightsV1QaQuestionPredefinedQuestionConfig: - id: GoogleCloudContactcenterinsightsV1QaQuestionPredefinedQuestionConfig - description: >- - Configuration for a predefined question. This field will only be set if - the Question Type is predefined. - type: object - properties: + The salience score associated with the entity in the [0, 1.0] range. + The salience score for an entity provides information about the + importance or centrality of that entity to the entire document text. + Scores closer to 0 are less salient, while scores closer to 1.0 are + highly salient. + format: float type: - description: The type of the predefined question. - type: string + description: The entity type. enumDescriptions: - - The type of the predefined question is unspecified. + - Unspecified. + - Person. + - Location. + - Organization. + - Event. + - Artwork. + - Consumer product. + - Other types of entities. - >- - A prebuilt classifier classfying the outcome of the conversation. - For example, if the customer issue mentioned in a conversation has - been resolved or not. + Phone number. The metadata lists the phone number (formatted + according to local convention), plus whichever additional elements + appear in the text: * `number` - The actual number, broken down + into sections according to local convention. * `national_prefix` - + Country code, if detected. * `area_code` - Region or area code, if + detected. * `extension` - Phone extension (to be dialed after + connection), if detected. - >- - A prebuilt classifier classfying the initiator of the conversation - escalation. For example, if it was initiated by the customer or - the agent. + Address. The metadata identifies the street number and locality + plus whichever additional elements appear in the text: * + `street_number` - Street number. * `locality` - City or town. * + `street_name` - Street/route name, if detected. * `postal_code` - + Postal code, if detected. * `country` - Country, if detected. * + `broad_region` - Administrative area, such as the state, if + detected. * `narrow_region` - Smaller administrative area, such as + county, if detected. * `sublocality` - Used in Asian addresses to + demark a district within a city, if detected. + - >- + Date. The metadata identifies the components of the date: * `year` + - Four digit year, if detected. * `month` - Two digit month + number, if detected. * `day` - Two digit day number, if detected. + - Number. The metadata is the number itself. + - Price. The metadata identifies the `value` and `currency`. + type: string enum: - - PREDEFINED_QUESTION_TYPE_UNSPECIFIED - - CONVERSATION_OUTCOME - - CONVERSATION_OUTCOME_ESCALATION_INITIATOR_ROLE - GoogleCloudContactcenterinsightsV1QaQuestionAnswerChoice: - id: GoogleCloudContactcenterinsightsV1QaQuestionAnswerChoice - description: Message representing a possible answer to the question. - type: object + - TYPE_UNSPECIFIED + - PERSON + - LOCATION + - ORGANIZATION + - EVENT + - WORK_OF_ART + - CONSUMER_GOOD + - OTHER + - PHONE_NUMBER + - ADDRESS + - DATE + - NUMBER + - PRICE + description: >- + The data for an entity annotation. Represents a phrase in the + conversation that is a known entity, such as a person, an organization, + or location. + GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequestGcsSource: properties: - strValue: - description: String value. + format: + enum: + - FORMAT_UNSPECIFIED + - CSV + - JSON + enumDescriptions: + - Unspecified format. + - CSV format. + - JSON format. type: string - numValue: - description: Numerical value. - type: number - format: double - boolValue: - description: Boolean value. - type: boolean - naValue: - description: >- - A value of "Not Applicable (N/A)". If provided, this field may only - be set to `true`. If a question receives this answer, it will be - excluded from any score calculations. - type: boolean - key: - description: A short string used as an identifier. + description: Required. File format which will be ingested. + objectUri: type: string - score: description: >- - Numerical score of the answer, used for generating the overall score - of a QaScorecardResult. If the answer uses na_value, this field is - unused. - type: number - format: double - GoogleCloudContactcenterinsightsV1QaQuestionMetrics: - id: GoogleCloudContactcenterinsightsV1QaQuestionMetrics - description: >- - A wrapper representing metrics calculated against a test-set on a LLM - that was fine tuned for this question. + Required. The Google Cloud Storage URI of the file to import. + Format: `gs://bucket_name/object_name` + id: >- + GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequestGcsSource type: object - properties: - accuracy: - description: >- - Output only. Accuracy of the model. Measures the percentage of - correct answers the model gave on the test set. - readOnly: true - type: number - format: double - GoogleCloudContactcenterinsightsV1QaQuestionTuningMetadata: - id: GoogleCloudContactcenterinsightsV1QaQuestionTuningMetadata - description: >- - Metadata about the tuning operation for the question. Will only be set - if a scorecard containing this question has been tuned. + description: Google Cloud Storage Object details to get the feedback label file from. + GoogleCloudContactcenterinsightsV1UpdateQaQuestionTagMetadata: type: object + id: GoogleCloudContactcenterinsightsV1UpdateQaQuestionTagMetadata + description: The metadata for updating a QaQuestionTag Resource. properties: - totalValidLabelCount: - description: >- - Total number of valid labels provided for the question at the time - of tuining. + endTime: + readOnly: true + format: google-datetime + description: Output only. The time the operation finished running. type: string - format: int64 - datasetValidationWarnings: - description: >- - A list of any applicable data validation warnings about the - question's feedback labels. - type: array - items: - type: string - enumDescriptions: - - Unspecified data validation warning. - - A non-trivial percentage of the feedback labels are invalid. - - >- - The quantity of valid feedback labels provided is less than the - recommended minimum. - - >- - One or more of the answers have less than the recommended - minimum of feedback labels. - - All the labels in the dataset come from a single answer choice. - enum: - - DATASET_VALIDATION_WARNING_UNSPECIFIED - - TOO_MANY_INVALID_FEEDBACK_LABELS - - INSUFFICIENT_FEEDBACK_LABELS - - INSUFFICIENT_FEEDBACK_LABELS_PER_ANSWER - - ALL_FEEDBACK_LABELS_HAVE_THE_SAME_ANSWER - tuningError: - description: >- - Error status of the tuning operation for the question. Will only be - set if the tuning operation failed. + createTime: + format: google-datetime type: string - GoogleCloudContactcenterinsightsV1ListQaQuestionsResponse: - id: GoogleCloudContactcenterinsightsV1ListQaQuestionsResponse - description: The response from a ListQaQuestions request. + description: Output only. The time the operation was created. + readOnly: true + request: + description: Output only. The original request. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1UpdateQaQuestionTagRequest + GoogleCloudContactcenterinsightsV1AppealAssessmentRequest: + description: The message to appeal an assessment. + id: GoogleCloudContactcenterinsightsV1AppealAssessmentRequest type: object + properties: {} + GoogleCloudContactcenterinsightsV1PhraseMatchData: + type: object + id: GoogleCloudContactcenterinsightsV1PhraseMatchData properties: - qaQuestions: - description: The QaQuestions under the parent. - type: array - items: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestion' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + displayName: + description: The human-readable name of the phrase matcher. type: string - GoogleCloudContactcenterinsightsV1QaQuestionTag: - id: GoogleCloudContactcenterinsightsV1QaQuestionTag + phraseMatcher: + type: string + description: The unique identifier (the resource name) of the phrase matcher. description: >- - A tag is a resource which aims to categorize a set of questions across - multiple scorecards, e.g., "Customer Satisfaction","Billing", etc. + The data for a matched phrase matcher. Represents information + identifying a phrase matcher for a given match. + GoogleCloudContactcenterinsightsV1alpha1ConversationParticipant: + description: The call participant speaking for a given utterance. + id: GoogleCloudContactcenterinsightsV1alpha1ConversationParticipant type: object properties: - name: + dialogflowParticipantName: description: >- - Identifier. Resource name for the QaQuestionTag Format - projects/{project}/locations/{location}/qaQuestionTags/{qa_question_tag} - In the above format, the last segment, i.e., qa_question_tag, is a - server-generated ID corresponding to the tag resource. + The name of the participant provided by Dialogflow. Format: + projects/{project}/locations/{location}/conversations/{conversation}/participants/{participant} type: string - displayName: - description: Required. A user-specified display name for the tag. + role: + enumDescriptions: + - Participant's role is not set. + - Participant is a human agent. + - Participant is an automated agent. + - Participant is an end user who conversed with the contact center. + - Participant is either a human or automated agent. + description: The role of the participant. type: string - qaQuestionIds: + enum: + - ROLE_UNSPECIFIED + - HUMAN_AGENT + - AUTOMATED_AGENT + - END_USER + - ANY_AGENT + userId: + description: A user-specified ID representing the participant. + type: string + obfuscatedExternalUserId: + type: string + description: Obfuscated user ID from Dialogflow. + dialogflowParticipant: description: >- - Optional. The list of Scorecard Question IDs that the tag applies - to. Each QaQuestionId is represented as a full resource name - containing the Question ID. Lastly, Since a tag may not necessarily - be referenced by any Scorecard Questions, we treat this field as - optional. - type: array - items: - type: string - createTime: - description: Output only. The time at which the question tag was created. - readOnly: true + Deprecated. Use `dialogflow_participant_name` instead. The name of + the Dialogflow participant. Format: + projects/{project}/locations/{location}/conversations/{conversation}/participants/{participant} + deprecated: true type: string - format: google-datetime - updateTime: - description: >- - Output only. The most recent time at which the question tag was - updated. - readOnly: true + GoogleCloudContactcenterinsightsV1SpeechConfig: + description: >- + Speech-to-Text configuration. Speech-to-Text settings are applied to + conversations ingested from the `UploadConversation` and + `IngestConversations` endpoints, including conversation coming from CCAI + Platform. They are not applied to conversations ingested from the + `CreateConversation` endpoint. + properties: + speechRecognizer: type: string - format: google-datetime - GoogleCloudContactcenterinsightsV1ListQaQuestionTagsResponse: - id: GoogleCloudContactcenterinsightsV1ListQaQuestionTagsResponse - description: The response from a ListQaQuestionTags request. + description: >- + The fully-qualified Speech Recognizer resource name. Format: + `projects/{project_id}/locations/{location}/recognizer/{recognizer}` + type: object + id: GoogleCloudContactcenterinsightsV1SpeechConfig + GoogleCloudContactcenterinsightsV1ListQaScorecardRevisionsResponse: + description: The response from a ListQaScorecardRevisions request. type: object properties: - qaQuestionTags: - description: The parent resource of the questions. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionTag nextPageToken: description: >- A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. type: string - GoogleCloudContactcenterinsightsV1QaScorecard: - id: GoogleCloudContactcenterinsightsV1QaScorecard - description: >- - A QaScorecard represents a collection of questions to be scored during - analysis. + qaScorecardRevisions: + description: The QaScorecards under the parent. + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardRevision + type: array + id: GoogleCloudContactcenterinsightsV1ListQaScorecardRevisionsResponse + GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPoint: + description: A data point contains the metric values mapped to an interval. type: object + id: GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPoint properties: - name: + interval: description: >- - Identifier. The scorecard name. Format: - projects/{project}/locations/{location}/qaScorecards/{qa_scorecard} - type: string - displayName: - description: The user-specified display name of the scorecard. - type: string - description: - description: A text description explaining the intent of the scorecard. - type: string - createTime: - description: Output only. The time at which this scorecard was created. + The interval that this data point represents. * If this is the total + data point, the interval is [starting create time, ending create + time) from the request. * If this a data point from the time series, + the interval is [time, time + time granularity from the request). + $ref: '#/components/schemas/GoogleTypeInterval' + conversationMeasure: + description: The measure related to conversations. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPointConversationMeasure + GoogleCloudContactcenterinsightsV1alpha1CreateIssueMetadata: + type: object + id: GoogleCloudContactcenterinsightsV1alpha1CreateIssueMetadata + description: Metadata for creating an issue. + properties: + endTime: readOnly: true - type: string format: google-datetime - updateTime: - description: >- - Output only. The most recent time at which the scorecard was - updated. - readOnly: true + description: Output only. The time the operation finished running. type: string - format: google-datetime - isDefault: - description: >- - Whether the scorecard is the default one for the project. A default - scorecard cannot be deleted and will always appear first in - scorecard selector. - type: boolean - source: - description: Output only. The source of the scorecard. + request: + description: The original request for creation. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1CreateIssueRequest + createTime: readOnly: true + format: google-datetime + description: Output only. The time the operation was created. type: string - enumDescriptions: - - >- - The source of the scorecard is unspecified. Default to - QA_SCORECARD_SOURCE_CUSTOMER_DEFINED. - - The scorecard is a custom scorecard created by the user. - - >- - The scorecard is a scorecard created through discovery engine - deployment. - enum: - - QA_SCORECARD_SOURCE_UNSPECIFIED - - QA_SCORECARD_SOURCE_CUSTOMER_DEFINED - - QA_SCORECARD_SOURCE_DISCOVERY_ENGINE - GoogleCloudContactcenterinsightsV1ListQaScorecardsResponse: - id: GoogleCloudContactcenterinsightsV1ListQaScorecardsResponse - description: The response from a ListQaScorecards request. - type: object + GoogleCloudContactcenterinsightsV1ConversationQualityMetadataAgentInfo: properties: - qaScorecards: - description: The QaScorecards under the parent. - type: array - items: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecard' - nextPageToken: + dispositionCode: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + A user-provided string indicating the outcome of the agent's segment + of the call. type: string - GoogleCloudContactcenterinsightsV1QaScorecardRevision: - id: GoogleCloudContactcenterinsightsV1QaScorecardRevision - description: >- - A revision of a QaScorecard. Modifying published scorecard fields would - invalidate existing scorecard results — the questions may have changed, - or the score weighting will make existing scores impossible to - understand. So changes must create a new revision, rather than modifying - the existing resource. - type: object - properties: - name: + team: description: >- - Identifier. The name of the scorecard revision. Format: - projects/{project}/locations/{location}/qaScorecards/{qa_scorecard}/revisions/{revision} + A user-specified string representing the agent's team. Deprecated in + favor of the `teams` field. + deprecated: true type: string - snapshot: - description: >- - The snapshot of the scorecard at the time of this revision's - creation. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecard' - createTime: - description: Output only. The timestamp that the revision was created. - readOnly: true + versionId: + description: The agent's version ID. Only applicable to automated agents. type: string - format: google-datetime - alternateIds: - description: >- - Output only. Alternative IDs for this revision of the scorecard, - e.g., `latest`. - readOnly: true - type: array + teams: items: type: string - state: + type: array + description: User-specified strings representing the agent's teams. + displayName: + description: The agent's name. + type: string + versionDisplayName: + type: string description: >- - Output only. State of the scorecard revision, indicating whether - it's ready to be used in analysis. - readOnly: true + The agent's version display name. Only applicable to automated + agents. + deploymentId: type: string + description: The agent's deployment ID. Only applicable to automated agents. + agentType: enumDescriptions: - - Unspecified. - - The scorecard revision can be edited. - - Scorecard model training is in progress. - - Scorecard revision model training failed. - - The revision can be used in analysis. - - Scorecard is being deleted. - - Scorecard model training was explicitly cancelled by the user. + - Participant's role is not set. + - Participant is a human agent. + - Participant is an automated agent. + - Participant is an end user who conversed with the contact center. + - Participant is either a human or automated agent. enum: - - STATE_UNSPECIFIED - - EDITABLE - - TRAINING - - TRAINING_FAILED - - READY - - DELETING - - TRAINING_CANCELLED - GoogleCloudContactcenterinsightsV1TuneQaScorecardRevisionRequest: - id: GoogleCloudContactcenterinsightsV1TuneQaScorecardRevisionRequest - description: Request for TuneQaScorecardRevision endpoint. - type: object - properties: - filter: - description: >- - Required. Filter for selecting the feedback labels that needs to be - used for training. This filter can be used to limit the feedback - labels used for tuning to a feedback labels created or updated for a - specific time-window etc. + - ROLE_UNSPECIFIED + - HUMAN_AGENT + - AUTOMATED_AGENT + - END_USER + - ANY_AGENT + description: The agent type, e.g. HUMAN_AGENT. type: string - validateOnly: + agentId: + description: A user-specified string representing the agent. + type: string + location: + description: The agent's location. + type: string + deploymentDisplayName: description: >- - Optional. Run in validate only mode, no fine tuning will actually - run. Data quality validations like training data distributions will - run. Even when set to false, the data quality validations will still - run but once the validations complete we will proceed with the fine - tune, if applicable. - type: boolean - GoogleCloudContactcenterinsightsV1DeployQaScorecardRevisionRequest: - id: GoogleCloudContactcenterinsightsV1DeployQaScorecardRevisionRequest - description: The request to deploy a QaScorecardRevision + The agent's deployment display name. Only applicable to automated + agents. + type: string + description: Information about an agent involved in the conversation. + id: GoogleCloudContactcenterinsightsV1ConversationQualityMetadataAgentInfo type: object - properties: {} - GoogleCloudContactcenterinsightsV1UndeployQaScorecardRevisionRequest: - id: GoogleCloudContactcenterinsightsV1UndeployQaScorecardRevisionRequest - description: The request to undeploy a QaScorecardRevision + GoogleCloudContactcenterinsightsV1SilenceData: type: object + description: The data for a silence annotation. + id: GoogleCloudContactcenterinsightsV1SilenceData properties: {} - GoogleCloudContactcenterinsightsV1ListQaScorecardRevisionsResponse: - id: GoogleCloudContactcenterinsightsV1ListQaScorecardRevisionsResponse - description: The response from a ListQaScorecardRevisions request. - type: object - properties: - qaScorecardRevisions: - description: The QaScorecards under the parent. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardRevision - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudContactcenterinsightsV1ListFeedbackLabelsResponse: - id: GoogleCloudContactcenterinsightsV1ListFeedbackLabelsResponse - description: The response for listing feedback labels. - type: object - properties: - feedbackLabels: - description: The feedback labels that match the request. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel - nextPageToken: - description: The next page token. - type: string - GoogleCloudContactcenterinsightsV1ListAllFeedbackLabelsResponse: - id: GoogleCloudContactcenterinsightsV1ListAllFeedbackLabelsResponse - description: The response for listing all feedback labels. - type: object - properties: - feedbackLabels: - description: The feedback labels that match the request. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequest: - id: GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequest - description: The request for bulk uploading feedback labels. - type: object - properties: - gcsSource: - description: A cloud storage bucket source. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequestGcsSource - sheetsSource: - description: A sheets document source. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequestSheetsSource - validateOnly: - description: >- - Optional. If set, upload will not happen and the labels will be - validated. If not set, then default behavior will be to upload the - labels after validation is complete. - type: boolean - GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequestGcsSource: - id: >- - GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequestGcsSource - description: Google Cloud Storage Object details to get the feedback label file from. + GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequestGcsDestination: + id: >- + GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequestGcsDestination + description: Google Cloud Storage Object details to write the feedback labels to. type: object properties: format: - description: Required. File format which will be ingested. - type: string - enumDescriptions: - - Unspecified format. - - CSV format. - - JSON format. enum: - FORMAT_UNSPECIFIED - CSV - JSON - objectUri: - description: >- - Required. The Google Cloud Storage URI of the file to import. - Format: `gs://bucket_name/object_name` - type: string - GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequestSheetsSource: - id: >- - GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequestSheetsSource - description: Google Sheets document details to get the feedback label file from. - type: object - properties: - spreadsheetUri: - description: >- - Required. The Google Sheets document to write the feedback labels - to. Retrieved from Google Sheets URI. E.g. - `https://docs.google.com/spreadsheets/d/1234567890` The spreadsheet - must be shared with the Insights P4SA. - type: string - GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequest: - id: GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequest - description: Request for the BulkDownloadFeedbackLabel endpoint. - type: object - properties: - gcsDestination: - description: A cloud storage bucket destination. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequestGcsDestination - sheetsDestination: - description: A sheets document destination. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequestSheetsDestination - parent: - description: Required. The parent resource for new feedback labels. - type: string - filter: - description: >- - Optional. A filter to reduce results to a specific subset. Supports - disjunctions (OR) and conjunctions (AND). Supported fields: * - `issue_model_id` * `qa_question_id` * `qa_scorecard_id` * - `min_create_time` * `max_create_time` * `min_update_time` * - `max_update_time` * `feedback_label_type`: QUALITY_AI, - TOPIC_MODELING - type: string - maxDownloadCount: - description: >- - Optional. Limits the maximum number of feedback labels that will be - downloaded. The first `N` feedback labels will be downloaded. - type: integer - format: int32 - feedbackLabelType: - description: Optional. The type of feedback labels that will be downloaded. - type: string - enumDescriptions: - - Unspecified format - - >- - Downloaded file will contain all Quality AI labels from the latest - scorecard revision. - - Downloaded file will contain only Topic Modeling labels. - - Agent Assist Summarization labels. - enum: - - FEEDBACK_LABEL_TYPE_UNSPECIFIED - - QUALITY_AI - - TOPIC_MODELING - - AGENT_ASSIST_SUMMARY - conversationFilter: - description: >- - Optional. Filter parent conversations to download feedback labels - for. When specified, the feedback labels will be downloaded for the - conversations that match the filter. If `template_qa_scorecard_id` - is set, all the conversations that match the filter will be paired - with the questions under the scorecard for labeling. type: string - templateQaScorecardId: - description: >- - Optional. If set, a template for labeling conversations and - scorecard questions will be created from the conversation_filter and - the questions under the scorecard(s). The feedback label `filter` - will be ignored. - type: array - items: - type: string - GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequestGcsDestination: - id: >- - GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequestGcsDestination - description: Google Cloud Storage Object details to write the feedback labels to. - type: object - properties: - format: description: Required. File format in which the labels will be exported. - type: string enumDescriptions: - Unspecified format. - CSV format. 1,000 labels are stored per CSV file by default. - JSON format. 1 label stored per JSON file by default. - enum: - - FORMAT_UNSPECIFIED - - CSV - - JSON + addWhitespace: + description: >- + Optional. Add whitespace to the JSON file. Makes easier to read, but + increases file size. Only applicable for JSON format. + type: boolean objectUri: + type: string description: >- Required. The Google Cloud Storage URI to write the feedback labels to. The file name will be used as a prefix for the files written to @@ -3893,3205 +3665,3386 @@ components: otherwise it will be used as is. The file extension will be appended to the file name based on the format selected. E.g. `gs://bucket_name/object_uri_prefix` - type: string - addWhitespace: - description: >- - Optional. Add whitespace to the JSON file. Makes easier to read, but - increases file size. Only applicable for JSON format. - type: boolean alwaysPrintEmptyFields: + type: boolean description: >- Optional. Always print fields with no presence. This is useful for printing fields that are not set, like implicit 0 value or empty lists/maps. Only applicable for JSON format. - type: boolean recordsPerFileCount: + format: int64 + type: string description: >- Optional. The number of records per file. Applicable for either format. + GoogleCloudContactcenterinsightsV1AnalysisResultCallAnalysisMetadata: + description: Call-specific metadata created during analysis. + properties: + silence: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationLevelSilence + description: Overall conversation-level silence during the call. + issueModelResult: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModelResult + description: Overall conversation-level issue modeling result. + qaScorecardResults: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardResult + description: Results of scoring QaScorecards. + entities: + description: All the entities in the call. + type: object + additionalProperties: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Entity' + phraseMatchers: + type: object + description: All the matched phrase matchers in the call. + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatchData + intents: + additionalProperties: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Intent' + description: All the matched intents in the call. + type: object + annotations: + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1CallAnnotation + description: A list of call annotations that apply to this call. + type: array + sentiments: + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationLevelSentiment + type: array + description: Overall conversation-level sentiment for each channel of the call. + id: GoogleCloudContactcenterinsightsV1AnalysisResultCallAnalysisMetadata + type: object + GoogleCloudContactcenterinsightsV1alpha1DeleteIssueModelRequest: + properties: + name: + description: Required. The name of the issue model to delete. type: string - format: int64 - GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequestSheetsDestination: + id: GoogleCloudContactcenterinsightsV1alpha1DeleteIssueModelRequest + type: object + description: The request to delete an issue model. + GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegment: id: >- - GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequestSheetsDestination - description: Google Sheets document details to write the feedback labels to. + GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegment type: object properties: - spreadsheetUri: + segmentParticipant: + description: The participant of this segment. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationParticipant + words: + type: array description: >- - Required. The Google Sheets document to write the feedback labels - to. Retrieved from Google Sheets URI. E.g. - `https://docs.google.com/spreadsheets/d/1234567890` The spreadsheet - must be shared with the Insights P4SA. The spreadsheet ID written to - will be returned as `file_names` in the - BulkDownloadFeedbackLabelsMetadata. - type: string - sheetTitle: + A list of the word-specific information for each word in the + segment. + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegmentWordInfo + channelTag: description: >- - Optional. The title of the new sheet to write the feedback labels - to. - type: string - GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsRequest: - id: GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsRequest - description: Request for the BulkDeleteFeedbackLabels endpoint. - type: object - properties: - parent: - description: Required. The parent resource for new feedback labels. + For conversations derived from multi-channel audio, this is the + channel number corresponding to the audio from that channel. For + audioChannelCount = N, its output values can range from '1' to 'N'. + A channel tag of 0 indicates that the audio is mono. + type: integer + format: int32 + dialogflowSegmentMetadata: + description: CCAI metadata relating to the current transcript segment. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegmentDialogflowSegmentMetadata + text: + description: The text of this segment. type: string - filter: + sentiment: + description: The sentiment for this transcript segment. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SentimentData + confidence: description: >- - Optional. A filter to reduce results to a specific subset. Supports - disjunctions (OR) and conjunctions (AND). Supported fields: * - `issue_model_id` * `qa_question_id` * `qa_scorecard_id` * - `min_create_time` * `max_create_time` * `min_update_time` * - `max_update_time` * `feedback_label_type`: QUALITY_AI, - TOPIC_MODELING + A confidence estimate between 0.0 and 1.0 of the fidelity of this + segment. A default value of 0.0 indicates that the value is unset. + format: float + type: number + messageTime: + description: The time that the message occurred, if provided. type: string - GoogleCloudContactcenterinsightsV1AuthorizedViewSet: - id: GoogleCloudContactcenterinsightsV1AuthorizedViewSet - description: An AuthorizedViewSet contains a set of AuthorizedView resources. - type: object - properties: - name: - description: >- - Identifier. The resource name of the AuthorizedViewSet. Format: - projects/{project}/locations/{location}/authorizedViewSets/{authorized_view_set} + format: google-datetime + languageCode: type: string - displayName: - description: Display Name. Limit 64 characters. + description: >- + The language code of this segment as a + [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. + Example: "en-US". + description: A segment of a full transcript. + GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataRequest: + id: GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataRequest + description: The request to export insights. + properties: + parent: type: string - createTime: - description: Output only. Create time. - readOnly: true + description: Required. The parent resource to export data from. + exportSchemaVersion: + enumDescriptions: + - Unspecified. Defaults to EXPORT_V3. + - Export schema version 1. + - Export schema version 2. + - Export schema version 3. + - Export schema version 4. + - Export schema version 5. + - Export schema version 6. + - Export schema version 7. + - Export schema version 8. + - Export schema version 9. + - Export schema version 10. + - Export schema version 11. + - Export schema version 12. + - Export schema version 13. + - Export schema version 14. + - Export schema version latest available. + description: Optional. Version of the export schema. + enum: + - EXPORT_SCHEMA_VERSION_UNSPECIFIED + - EXPORT_V1 + - EXPORT_V2 + - EXPORT_V3 + - EXPORT_V4 + - EXPORT_V5 + - EXPORT_V6 + - EXPORT_V7 + - EXPORT_V8 + - EXPORT_V9 + - EXPORT_V10 + - EXPORT_V11 + - EXPORT_V12 + - EXPORT_V13 + - EXPORT_V14 + - EXPORT_VERSION_LATEST_AVAILABLE type: string - format: google-datetime - updateTime: - description: Output only. Update time. - readOnly: true + filter: type: string - format: google-datetime - GoogleCloudContactcenterinsightsV1ListAuthorizedViewSetsResponse: - id: GoogleCloudContactcenterinsightsV1ListAuthorizedViewSetsResponse - description: The response from a ListAuthorizedViewSet request. - type: object - properties: - authorizedViewSets: - description: The AuthorizedViewSets under the parent. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedViewSet - nextPageToken: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + A filter to reduce results to a specific subset. Useful for + exporting conversations with specific properties. + bigQueryDestination: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataRequestBigQueryDestination + description: Specified if sink is a BigQuery table. + kmsKey: + description: >- + A fully qualified KMS key name for BigQuery tables protected by + CMEK. Format: + projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}/cryptoKeyVersions/{version} type: string - GoogleCloudContactcenterinsightsV1AuthorizedView: - id: GoogleCloudContactcenterinsightsV1AuthorizedView - description: >- - An AuthorizedView represents a view of accessible Insights resources - (for example, Conversation and Scorecard). Who have read access to the - AuthorizedView resource will have access to these Insight resources as - well. + writeDisposition: + description: Options for what to do if the destination table already exists. + enum: + - WRITE_DISPOSITION_UNSPECIFIED + - WRITE_TRUNCATE + - WRITE_APPEND + type: string + enumDescriptions: + - Write disposition is not specified. Defaults to WRITE_TRUNCATE. + - >- + If the table already exists, BigQuery will overwrite the table + data and use the schema from the load. + - >- + If the table already exists, BigQuery will append data to the + table. type: object + GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegmentWordInfo: properties: - name: - description: >- - Identifier. The resource name of the AuthorizedView. Format: - projects/{project}/locations/{location}/authorizedViewSets/{authorized_view_set}/authorizedViews/{authorized_view} + word: type: string - displayName: - description: Display Name. Limit 64 characters. + description: The word itself. Includes punctuation marks that surround the word. + startOffset: type: string - conversationFilter: description: >- - A filter to reduce conversation results to a specific subset. The - AuthorizedView's assigned permission (read/write) could be applied - to the subset of conversations. If conversation_filter is empty, - there is no restriction on the conversations that the AuthorizedView - can access. Having *authorizedViews.get* access to the - AuthorizedView means having the same read/write access to the - Conversations (as well as metadata/annotations linked to the - conversation) that this AuthorizedView has. - type: string - createTime: - description: Output only. The time at which the authorized view was created. - readOnly: true + Time offset of the start of this word relative to the beginning of + the total conversation. + format: google-duration + endOffset: type: string - format: google-datetime - updateTime: + format: google-duration description: >- - Output only. The most recent time at which the authorized view was - updated. - readOnly: true - type: string - format: google-datetime - GoogleCloudContactcenterinsightsV1ListAuthorizedViewsResponse: - id: GoogleCloudContactcenterinsightsV1ListAuthorizedViewsResponse - description: The response from a ListAuthorizedViews request. + Time offset of the end of this word relative to the beginning of the + total conversation. + confidence: + description: >- + A confidence estimate between 0.0 and 1.0 of the fidelity of this + word. A default value of 0.0 indicates that the value is unset. + type: number + format: float + description: Word-level info for words in a transcript. + type: object + id: >- + GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegmentWordInfo + GoogleCloudContactcenterinsightsV1AnnotationBoundary: + id: GoogleCloudContactcenterinsightsV1AnnotationBoundary + description: >- + A point in a conversation that marks the start or the end of an + annotation. type: object properties: - authorizedViews: - description: The AuthorizedViews under the parent. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedView - nextPageToken: + transcriptIndex: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudContactcenterinsightsV1SearchAuthorizedViewsResponse: - id: GoogleCloudContactcenterinsightsV1SearchAuthorizedViewsResponse - description: The response from a ListAuthorizedViews request. + The index in the sequence of transcribed pieces of the conversation + where the boundary is located. This index starts at zero. + format: int32 + type: integer + wordIndex: + type: integer + description: >- + The word index of this boundary with respect to the first word in + the transcript piece. This index starts at zero. + format: int32 + GoogleCloudContactcenterinsightsV1ConversationCallMetadata: + description: Call-specific metadata. + id: GoogleCloudContactcenterinsightsV1ConversationCallMetadata type: object properties: - authorizedViews: - description: The AuthorizedViews under the parent. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedView - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudContactcenterinsightsV1Assessment: - id: GoogleCloudContactcenterinsightsV1Assessment - description: The assessment resource. + customerChannel: + format: int32 + description: The audio channel that contains the customer. + type: integer + agentChannel: + description: The audio channel that contains the agent. + type: integer + format: int32 + GoogleCloudContactcenterinsightsV1AnnotatorSelectorSummarizationConfig: + id: GoogleCloudContactcenterinsightsV1AnnotatorSelectorSummarizationConfig type: object properties: - name: + generator: + type: string description: >- - Identifier. The resource name of the assessment. Format: - projects/{project}/locations/{location}/conversations/{conversation}/assessments/{assessment} - type: string - createTime: - description: Output only. The time at which the assessment was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time at which the assessment was last updated. - readOnly: true - type: string - format: google-datetime - state: - description: Output only. The state of the assessment. - readOnly: true - type: string + The resource name of the existing created generator. Format: + projects//locations//generators/ + summarizationModel: + description: Default summarization model to be used. enumDescriptions: - - The state is unspecified. This value should not be used. - - The default state of all new assessments. - - The assessment has been published. - - The assessment has been appealed. - - The assessment has been finalized. + - Unspecified summarization model. + - >- + The CCAI baseline model. This model is deprecated and will be + removed in the future. We recommend using `generator` instead. + - >- + The CCAI baseline model, V2.0. This model is deprecated and will + be removed in the future. We recommend using `generator` instead. + type: string + enumDeprecated: + - false + - true + - true enum: - - STATE_UNSPECIFIED - - DRAFT - - PUBLISHED - - APPEALED - - FINALIZED - agentInfo: - description: Information about the agent the assessment is for. + - SUMMARIZATION_MODEL_UNSPECIFIED + - BASELINE_MODEL + - BASELINE_MODEL_V2_0 + conversationProfile: + type: string + description: >- + Resource name of the Dialogflow conversation profile. Format: + projects/{project}/locations/{location}/conversationProfiles/{conversation_profile} + description: Configuration for summarization. + GoogleCloudContactcenterinsightsV1CalculateIssueModelStatsResponse: + id: GoogleCloudContactcenterinsightsV1CalculateIssueModelStatsResponse + properties: + currentStats: + description: >- + The latest label statistics for the queried issue model. Includes + results on both training data and data labeled after deployment. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationQualityMetadataAgentInfo - GoogleCloudContactcenterinsightsV1ListAssessmentsResponse: - id: GoogleCloudContactcenterinsightsV1ListAssessmentsResponse - description: The response of listing assessments. + #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModelLabelStats + description: Response of querying an issue model's statistics. + type: object + GoogleCloudContactcenterinsightsV1CreateIssueRequest: + id: GoogleCloudContactcenterinsightsV1CreateIssueRequest type: object properties: - assessments: - description: The assessments that match the request. + issue: + description: Required. The values for the new issue. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Issue' + parent: + type: string + description: Required. The parent resource of the issue. + description: The request to create an issue. + GoogleCloudContactcenterinsightsV1ListFeedbackLabelsResponse: + id: GoogleCloudContactcenterinsightsV1ListFeedbackLabelsResponse + type: object + description: The response for listing feedback labels. + properties: + feedbackLabels: + description: The feedback labels that match the request. type: array items: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Assessment' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel nextPageToken: + description: The next page token. + type: string + GoogleCloudContactcenterinsightsV1alpha1BulkDeleteConversationsRequest: + properties: + filter: + type: string + description: Filter used to select the subset of conversations to delete. + force: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + If set to true, all of this conversation's analyses will also be + deleted. Otherwise, the request will only succeed if the + conversation has no analyses. + type: boolean + maxDeleteCount: + description: Maximum number of conversations to delete. + type: integer + format: int32 + parent: + description: >- + Required. The parent resource to delete conversations from. Format: + projects/{project}/locations/{location} type: string - GoogleCloudContactcenterinsightsV1PublishAssessmentRequest: - id: GoogleCloudContactcenterinsightsV1PublishAssessmentRequest - description: >- - The message to publish an assessment. Draft and appealed assessments can - be published. Publishing simply changes the state of the assessment to - published, allowing the console and authorized views to filter on the - state. + id: GoogleCloudContactcenterinsightsV1alpha1BulkDeleteConversationsRequest type: object - properties: {} - GoogleCloudContactcenterinsightsV1AppealAssessmentRequest: - id: GoogleCloudContactcenterinsightsV1AppealAssessmentRequest - description: The message to appeal an assessment. + description: The request to delete conversations in bulk. + GoogleCloudContactcenterinsightsV1alpha1DeployIssueModelResponse: + description: The response to deploy an issue model. type: object + id: GoogleCloudContactcenterinsightsV1alpha1DeployIssueModelResponse properties: {} - GoogleCloudContactcenterinsightsV1FinalizeAssessmentRequest: - id: GoogleCloudContactcenterinsightsV1FinalizeAssessmentRequest - description: >- - The message to finalize an assessment. Finalizing makes an assessment - and its notes immutable. + GoogleCloudContactcenterinsightsV1DimensionLabelDimensionMetadata: type: object - properties: {} - GoogleCloudContactcenterinsightsV1Note: - id: GoogleCloudContactcenterinsightsV1Note - description: The conversation assessment note resource. + id: GoogleCloudContactcenterinsightsV1DimensionLabelDimensionMetadata + properties: + labelKey: + description: Optional. The label key. + type: string + labelValue: + description: Optional. The label value. + type: string + description: Metadata about conversation labels. + GoogleCloudContactcenterinsightsV1alpha1IngestConversationsMetadataIngestConversationsStats: + description: Statistics for IngestConversations operation. + id: >- + GoogleCloudContactcenterinsightsV1alpha1IngestConversationsMetadataIngestConversationsStats type: object properties: - conversationTurnNote: - description: The note is associated with a conversation turn. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1NoteConversationTurnNote - qaQuestionNote: + successfulIngestCount: description: >- - The note is associated with a QA question in one of the - conversation's scorecard results. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1NoteQaQuestionNote - assessmentNote: - description: The note is associated to the entire parent assessment. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1NoteAssessmentNote - name: + Output only. The number of new conversations added during this + ingest operation. + readOnly: true + format: int32 + type: integer + duplicatesSkippedCount: + format: int32 + type: integer + readOnly: true description: >- - Identifier. The resource name of the note. Format: - projects/{project}/locations/{location}/conversations/{conversation}/assessments/{assessment}/notes/{note} + Output only. The number of objects skipped because another + conversation with the same transcript uri had already been ingested. + failedIngestCount: + type: integer + format: int32 + description: >- + Output only. The number of objects which were unable to be ingested + due to errors. The errors are populated in the partial_errors field. + readOnly: true + processedObjectCount: + type: integer + readOnly: true + description: >- + Output only. The number of objects processed during the ingest + operation. + format: int32 + GoogleCloudContactcenterinsightsV1ExportIssueModelMetadata: + description: Metadata used for export issue model. + type: object + properties: + request: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ExportIssueModelRequest + description: The original export request. + endTime: + format: google-datetime type: string + description: The time the operation finished running. createTime: - description: Output only. The time at which the note was created. - readOnly: true type: string format: google-datetime + description: The time the operation was created. + id: GoogleCloudContactcenterinsightsV1ExportIssueModelMetadata + GoogleCloudContactcenterinsightsV1AssessmentRule: + properties: + sampleRule: + description: The sample rule for the assessment rule. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SampleRule' updateTime: - description: Output only. The time at which the note was last updated. + format: google-datetime readOnly: true + description: >- + Output only. The most recent time at which this assessment rule was + updated. type: string - format: google-datetime - noteCreator: - description: Output only. The user that created the note. + createTime: readOnly: true - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1UserInfo' - content: - description: The note content. + format: google-datetime + description: Output only. The time at which this assessment rule was created. type: string - GoogleCloudContactcenterinsightsV1NoteConversationTurnNote: - id: GoogleCloudContactcenterinsightsV1NoteConversationTurnNote - description: A note about a conversation turn. + name: + description: >- + Identifier. The resource name of the assessment rule. Format: + projects/{project}/locations/{location}/assessmentRules/{assessment_rule} + type: string + displayName: + description: Display Name of the assessment rule. + type: string + active: + description: >- + If true, apply this rule to conversations. Otherwise, this rule is + inactive. + type: boolean + scheduleInfo: + description: Schedule info for the assessment rule. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1ScheduleInfo' + description: >- + The CCAI Insights project wide assessment rule. This assessment rule + will be applied to all conversations from the previous sampling cycle + that match the sample rule defined in the assessment rule. One project + can have multiple assessment rules. type: object - properties: - turnIndex: - description: The conversation turn index that the note is associated with. - type: integer - format: int32 - GoogleCloudContactcenterinsightsV1NoteQaQuestionNote: - id: GoogleCloudContactcenterinsightsV1NoteQaQuestionNote - description: A note about a QA question. + id: GoogleCloudContactcenterinsightsV1AssessmentRule + GoogleCloudContactcenterinsightsV1QueryMetricsResponseSlice: type: object properties: - qaQuestion: - description: The question resource that the note is associated with. - type: string - GoogleCloudContactcenterinsightsV1NoteAssessmentNote: - id: GoogleCloudContactcenterinsightsV1NoteAssessmentNote - description: A note about the entire parent assessment. - type: object - properties: {} - GoogleCloudContactcenterinsightsV1UserInfo: - id: GoogleCloudContactcenterinsightsV1UserInfo - description: Information about a user. + total: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPoint + description: >- + The total metric value. The interval of this data point is [starting + create time, ending create time) from the request. + dimensions: + type: array + description: A unique combination of dimensions that this slice represents. + items: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dimension' + timeSeries: + description: >- + A time series of metric values. This is only populated if the + request specifies a time granularity other than NONE. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceTimeSeries + id: GoogleCloudContactcenterinsightsV1QueryMetricsResponseSlice + description: >- + A slice contains a total and (if the request specified a time + granularity) a time series of metric values. Each slice contains a + unique combination of the cardinality of dimensions from the request. + For example, if the request specifies a single ISSUE dimension and it + has a cardinality of 2 (i.e. the data used to compute the metrics has 2 + issues in total), the response will have 2 slices: * Slice 1 -> + dimensions=[Issue 1] * Slice 2 -> dimensions=[Issue 2] + GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsResponse: + properties: + failedAnalysisCount: + description: Count of failed analyses. + type: integer + format: int32 + successfulAnalysisCount: + format: int32 + type: integer + description: Count of successful analyses. type: object + description: The response for a bulk analyze conversations operation. + id: GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsResponse + GoogleCloudContactcenterinsightsV1alpha1AnalysisResult: + id: GoogleCloudContactcenterinsightsV1alpha1AnalysisResult + description: The result of an analysis. properties: - username: - description: The user's username. + endTime: type: string - GoogleCloudContactcenterinsightsV1ListNotesResponse: - id: GoogleCloudContactcenterinsightsV1ListNotesResponse - description: The response of listing notes. + description: The time at which the analysis ended. + format: google-datetime + callAnalysisMetadata: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnalysisResultCallAnalysisMetadata + description: Call-specific metadata created by the analysis. type: object + GoogleCloudContactcenterinsightsV1Issue: + id: GoogleCloudContactcenterinsightsV1Issue properties: - notes: - description: The notes that match the request. + createTime: + type: string + readOnly: true + format: google-datetime + description: Output only. The time at which this issue was created. + displayName: + description: The representative name for the issue. + type: string + displayDescription: + description: Representative description of the issue. + type: string + name: + description: >- + Immutable. The resource name of the issue. Format: + projects/{project}/locations/{location}/issueModels/{issue_model}/issues/{issue} + type: string + sampleUtterances: + description: >- + Output only. Resource names of the sample representative utterances + that match to this issue. + readOnly: true type: array items: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + type: string + updateTime: type: string - GoogleIamV1SetIamPolicyRequest: - id: GoogleIamV1SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. + description: Output only. The most recent time that this issue was updated. + format: google-datetime + readOnly: true + type: object + description: The issue resource. + GoogleCloudContactcenterinsightsV1alpha1ArticleSuggestionData: + id: GoogleCloudContactcenterinsightsV1alpha1ArticleSuggestionData type: object + description: Agent Assist Article Suggestion data. properties: - policy: + confidenceScore: + type: number + format: float description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/GoogleIamV1Policy' - updateMask: + The system's confidence score that this article is a good match for + this conversation, ranging from 0.0 (completely uncertain) to 1.0 + (completely certain). + queryRecord: description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` + The name of the answer record. Format: + projects/{project}/locations/{location}/answerRecords/{answer_record} type: string - format: google-fieldmask - GoogleIamV1Policy: - id: GoogleIamV1Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). - type: object - properties: - version: + title: + type: string + description: Article title. + metadata: + type: object description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + Map that contains metadata about the Article Suggestion and the + document that it originates from. + additionalProperties: + type: string + source: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array + The knowledge document that this answer was extracted from. Format: + projects/{project}/knowledgeBases/{knowledge_base}/documents/{document} + type: string + uri: + type: string + description: Article URI. + GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorQaConfigScorecardList: + properties: + qaScorecardRevisions: items: - $ref: '#/components/schemas/GoogleIamV1Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. + type: string + description: List of QaScorecardRevisions. type: array - items: - $ref: '#/components/schemas/GoogleIamV1AuditConfig' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte - GoogleIamV1Binding: - id: GoogleIamV1Binding - description: Associates `members`, or principals, with a `role`. + type: object + id: >- + GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorQaConfigScorecardList + description: Container for a list of scorecards. + GoogleCloudContactcenterinsightsV1FeedbackLabel: + id: GoogleCloudContactcenterinsightsV1FeedbackLabel + description: >- + Represents a conversation, resource, and label provided by the user. Can + take the form of a string label or a QaAnswer label. QaAnswer labels are + used for Quality AI example conversations. String labels are used for + Topic Modeling. AgentAssistSummary labels are used for Agent Assist + Summarization. type: object properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + createTime: + readOnly: true + description: Output only. Create time of the label. + format: google-datetime type: string - members: - description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/GoogleTypeExpr' - GoogleTypeExpr: - id: GoogleTypeExpr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - type: object - properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. + label: type: string - title: - description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + description: String label used for Topic Modeling. + qaAnswerLabel: + description: QaAnswer label used for Quality AI example conversations. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaAnswerAnswerValue + updateTime: + readOnly: true type: string - description: + description: Output only. Update time of the label. + format: google-datetime + labeledResource: description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + Name of the resource to be labeled. Supported resources are: * + `projects/{project}/locations/{location}/qaScorecards/{scorecard}/revisions/{revision}/qaQuestions/{question}` + * + `projects/{project}/locations/{location}/issueModels/{issue_model}` + * + `projects/{project}/locations/{location}/generators/{generator_id}` type: string - location: + name: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + Immutable. Resource name of the FeedbackLabel. Format: + projects/{project}/locations/{location}/conversations/{conversation}/feedbackLabels/{feedback_label} type: string - GoogleIamV1AuditConfig: - id: GoogleIamV1AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelResponse: + properties: {} + type: object + description: Response from export issue model + id: GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelResponse + GoogleCloudContactcenterinsightsV1alpha1ConversationQualityMetadata: type: object + description: Conversation metadata related to quality management. + id: GoogleCloudContactcenterinsightsV1alpha1ConversationQualityMetadata properties: - service: + customerSatisfactionRating: + format: int32 description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. + An arbitrary integer value indicating the customer's satisfaction + rating. + type: integer + waitDuration: + description: The amount of time the customer waited to connect with an agent. type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array + format: google-duration + agentInfo: + description: Information about agents involved in the call. items: - $ref: '#/components/schemas/GoogleIamV1AuditLogConfig' - GoogleIamV1AuditLogConfig: - id: GoogleIamV1AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - type: object - properties: - logType: - description: The log type that this config enables. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationQualityMetadataAgentInfo + type: array + menuPath: type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. + An arbitrary string value specifying the menu path the customer + took. + feedbackLabels: + description: Input only. The feedback labels associated with the conversation. type: array items: - type: string - GoogleIamV1TestIamPermissionsRequest: - id: GoogleIamV1TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1FeedbackLabel + GoogleCloudContactcenterinsightsV1BulkDeleteConversationsResponse: type: object - properties: - permissions: - description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - GoogleIamV1TestIamPermissionsResponse: - id: GoogleIamV1TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. + id: GoogleCloudContactcenterinsightsV1BulkDeleteConversationsResponse + description: The response for a bulk delete conversations operation. + properties: {} + GoogleCloudContactcenterinsightsV1ConversationTranscript: + id: GoogleCloudContactcenterinsightsV1ConversationTranscript + description: A message representing the transcript of a conversation. type: object properties: - permissions: + transcriptSegments: + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegment description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. + A list of sequential transcript segments that comprise the + conversation. type: array - items: - type: string - GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsMetadata: - id: GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsMetadata - description: The metadata for a bulk analyze conversations operation. + GoogleCloudContactcenterinsightsV1CalculateStatsResponseTimeSeriesInterval: + description: A single interval in a time series. type: object properties: - createTime: - description: The time the operation was created. - type: string - format: google-datetime - endTime: - description: The time the operation finished running. + startTime: type: string format: google-datetime - request: - description: The original request for bulk analyze. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsRequest - completedAnalysesCount: - description: >- - The number of requested analyses that have completed successfully so - far. - type: integer + description: The start time of this interval. + conversationCount: format: int32 - failedAnalysesCount: - description: The number of requested analyses that have failed so far. type: integer - format: int32 - totalRequestedAnalysesCount: + description: The number of conversations created in this interval. + id: >- + GoogleCloudContactcenterinsightsV1CalculateStatsResponseTimeSeriesInterval + GoogleCloudContactcenterinsightsV1ImportIssueModelRequestGcsSource: + id: GoogleCloudContactcenterinsightsV1ImportIssueModelRequestGcsSource + properties: + objectUri: + type: string + description: 'Required. Format: `gs:///`' + description: Google Cloud Storage Object URI to get the issue model file from. + type: object + GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentWordInfo: + type: object + description: Word-level info for words in a transcript. + id: >- + GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentWordInfo + properties: + word: + type: string + description: The word itself. Includes punctuation marks that surround the word. + confidence: + format: float + type: number description: >- - Total number of analyses requested. Computed by the number of - conversations returned by `filter` multiplied by - `analysis_percentage` in the request. - type: integer - format: int32 - partialErrors: + A confidence estimate between 0.0 and 1.0 of the fidelity of this + word. A default value of 0.0 indicates that the value is unset. + startOffset: description: >- - Output only. Partial errors during bulk analyze operation that might - cause the operation output to be incomplete. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsResponse: - id: GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsResponse - description: The response for a bulk analyze conversations operation. + Time offset of the start of this word relative to the beginning of + the total conversation. + type: string + format: google-duration + endOffset: + type: string + format: google-duration + description: >- + Time offset of the end of this word relative to the beginning of the + total conversation. + GoogleCloudContactcenterinsightsV1alpha1BulkDeleteFeedbackLabelsResponse: + id: GoogleCloudContactcenterinsightsV1alpha1BulkDeleteFeedbackLabelsResponse + properties: {} + description: Response for the BulkDeleteFeedbackLabels endpoint. type: object - properties: - successfulAnalysisCount: - description: Count of successful analyses. - type: integer - format: int32 - failedAnalysisCount: - description: Count of failed analyses. - type: integer - format: int32 - GoogleCloudContactcenterinsightsV1BulkDeleteConversationsMetadata: - id: GoogleCloudContactcenterinsightsV1BulkDeleteConversationsMetadata - description: The metadata for a bulk delete conversations operation. + GoogleCloudContactcenterinsightsV1alpha1SmartReplyData: type: object + id: GoogleCloudContactcenterinsightsV1alpha1SmartReplyData + description: Agent Assist Smart Reply data. properties: - createTime: - description: The time the operation was created. + confidenceScore: + type: number + format: double + description: >- + The system's confidence score that this reply is a good match for + this conversation, ranging from 0.0 (completely uncertain) to 1.0 + (completely certain). + queryRecord: + description: >- + The name of the answer record. Format: + projects/{project}/locations/{location}/answerRecords/{answer_record} type: string - format: google-datetime - endTime: - description: The time the operation finished running. + metadata: + type: object + description: >- + Map that contains metadata about the Smart Reply and the document + from which it originates. + additionalProperties: + type: string + reply: type: string - format: google-datetime - request: - description: The original request for bulk delete. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDeleteConversationsRequest - partialErrors: + description: The content of the reply. + GoogleCloudContactcenterinsightsV1CalculateStatsRequest: + properties: + filter: description: >- - Partial errors during bulk delete conversations operation that might - cause the operation output to be incomplete. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudContactcenterinsightsV1BulkDeleteConversationsResponse: - id: GoogleCloudContactcenterinsightsV1BulkDeleteConversationsResponse - description: The response for a bulk delete conversations operation. + A filter to reduce results to a specific subset. This field is + useful for getting statistics about conversations with specific + properties. + type: string + description: The request for calculating conversation statistics. + id: GoogleCloudContactcenterinsightsV1CalculateStatsRequest type: object - properties: {} - GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsMetadata: - id: GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsMetadata - description: Metadata for the BulkDeleteFeedbackLabels endpoint. + GoogleLongrunningOperation: + description: >- + This resource represents a long-running operation that is the result of + a network API call. + id: GoogleLongrunningOperation + properties: + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string + response: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + metadata: + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/GoogleRpcStatus' + type: object + GoogleCloudContactcenterinsightsV1ListQaQuestionsResponse: + id: GoogleCloudContactcenterinsightsV1ListQaQuestionsResponse type: object + description: The response from a ListQaQuestions request. properties: - request: - description: Output only. The original request for delete. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsRequest - partialErrors: + nextPageToken: + type: string description: >- - Partial errors during deletion operation that might cause the - operation output to be incomplete. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + qaQuestions: + description: The QaQuestions under the parent. + items: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestion' type: array + GoogleCloudContactcenterinsightsV1alpha1DeleteQaQuestionTagRequest: + type: object + properties: + name: + description: Required. The name of the QaQuestionTag to delete. + type: string + description: The request for deleting a QaQuestionTag. + id: GoogleCloudContactcenterinsightsV1alpha1DeleteQaQuestionTagRequest + GoogleCloudContactcenterinsightsV1alpha1ConversationTranscript: + properties: + transcriptSegments: items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsResponse: - id: GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsResponse - description: Response for the BulkDeleteFeedbackLabels endpoint. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegment + type: array + description: >- + A list of sequential transcript segments that comprise the + conversation. + id: GoogleCloudContactcenterinsightsV1alpha1ConversationTranscript type: object - properties: {} - GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsMetadata: - id: GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsMetadata - description: Metadata for the BulkDownloadFeedbackLabel endpoint. + description: A message representing the transcript of a conversation. + GoogleCloudContactcenterinsightsV1alpha1DimensionQaScorecardDimensionMetadata: + description: Metadata about the QA scorecard dimension. + properties: + qaScorecardId: + description: Optional. The QA scorecard ID. + type: string + type: object + id: >- + GoogleCloudContactcenterinsightsV1alpha1DimensionQaScorecardDimensionMetadata + GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelMetadata: type: object properties: createTime: - description: Output only. The time the operation was created. - readOnly: true type: string format: google-datetime + description: The time the operation was created. endTime: - description: Output only. The time the operation finished running. - readOnly: true type: string format: google-datetime + description: The time the operation finished running. request: - description: Output only. The original request for download. - readOnly: true + description: The original export request. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequest - partialErrors: - description: >- - Partial errors during ingest operation that might cause the - operation output to be incomplete. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - downloadStats: - description: Output only. Statistics for BulkDownloadFeedbackLabels operation. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsMetadataDownloadStats - GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsMetadataDownloadStats: - id: >- - GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsMetadataDownloadStats - description: Statistics for BulkDownloadFeedbackLabels operation. - type: object + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelRequest + id: GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelMetadata + description: Metadata used for export issue model. + GoogleCloudContactcenterinsightsV1QaAnswer: properties: - processedObjectCount: - description: The number of objects processed during the download operation. - type: integer - format: int32 - successfulDownloadCount: - description: >- - The number of new feedback labels downloaded during this operation. - Different from "processed" because some labels might not be - downloaded because an error. - type: integer - format: int32 - totalFilesWritten: - description: Total number of files written to the provided Cloud Storage bucket. - type: integer - format: int32 - fileNames: - description: Output only. Full name of the files written to Cloud storage. - readOnly: true + tags: type: array items: type: string - GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsResponse: - id: GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsResponse - description: Response for the BulkDownloadFeedbackLabel endpoint. - type: object - properties: {} - GoogleCloudContactcenterinsightsV1CreateAnalysisOperationMetadata: - id: GoogleCloudContactcenterinsightsV1CreateAnalysisOperationMetadata - description: Metadata for a create analysis operation. - type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - conversation: description: >- - Output only. The Conversation that this Analysis Operation belongs - to. - readOnly: true + User-defined list of arbitrary tags. Matches the value from + QaScorecard.ScorecardQuestion.tags. Used for grouping/organization + and for weighting the score of each answer. + conversation: type: string - annotatorSelector: - description: Output only. The annotator selector used for the analysis (if any). - readOnly: true + description: The conversation the answer applies to. + qaQuestion: + description: The QaQuestion answered by this answer. + type: string + answerValue: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotatorSelector - GoogleCloudContactcenterinsightsV1CreateIssueMetadata: - id: GoogleCloudContactcenterinsightsV1CreateIssueMetadata - description: Metadata for creating an issue. + #/components/schemas/GoogleCloudContactcenterinsightsV1QaAnswerAnswerValue + description: The main answer value, incorporating any manual edits if they exist. + answerSources: + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaAnswerAnswerSource + type: array + description: List of all individual answers given to the question. + questionBody: + type: string + description: Question text. E.g., "Did the agent greet the customer?" + id: GoogleCloudContactcenterinsightsV1QaAnswer type: object + description: An answer to a QaQuestion. + GoogleCloudContactcenterinsightsV1ExportInsightsDataRequest: + description: The request to export insights. properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + filter: + description: >- + A filter to reduce results to a specific subset. Useful for + exporting conversations with specific properties. type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + kmsKey: + description: >- + A fully qualified KMS key name for BigQuery tables protected by + CMEK. Format: + projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}/cryptoKeyVersions/{version} type: string - format: google-datetime - request: - description: The original request for creation. + exportSchemaVersion: + type: string + description: Optional. Version of the export schema. + enumDescriptions: + - Unspecified. Defaults to EXPORT_V3. + - Export schema version 1. + - Export schema version 2. + - Export schema version 3. + - Export schema version 4. + - Export schema version 5. + - Export schema version 6. + - Export schema version 7. + - Export schema version 8. + - Export schema version 9. + - Export schema version 10. + - Export schema version 11. + - Export schema version 12. + - Export schema version 13. + - Export schema version 14. + - Export schema version latest available. + enum: + - EXPORT_SCHEMA_VERSION_UNSPECIFIED + - EXPORT_V1 + - EXPORT_V2 + - EXPORT_V3 + - EXPORT_V4 + - EXPORT_V5 + - EXPORT_V6 + - EXPORT_V7 + - EXPORT_V8 + - EXPORT_V9 + - EXPORT_V10 + - EXPORT_V11 + - EXPORT_V12 + - EXPORT_V13 + - EXPORT_V14 + - EXPORT_VERSION_LATEST_AVAILABLE + bigQueryDestination: + description: Specified if sink is a BigQuery table. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1CreateIssueRequest - GoogleCloudContactcenterinsightsV1CreateIssueRequest: - id: GoogleCloudContactcenterinsightsV1CreateIssueRequest - description: The request to create an issue. - type: object - properties: + #/components/schemas/GoogleCloudContactcenterinsightsV1ExportInsightsDataRequestBigQueryDestination + writeDisposition: + enum: + - WRITE_DISPOSITION_UNSPECIFIED + - WRITE_TRUNCATE + - WRITE_APPEND + enumDescriptions: + - Write disposition is not specified. Defaults to WRITE_TRUNCATE. + - >- + If the table already exists, BigQuery will overwrite the table + data and use the schema from the load. + - >- + If the table already exists, BigQuery will append data to the + table. + type: string + description: Options for what to do if the destination table already exists. parent: - description: Required. The parent resource of the issue. type: string - issue: - description: Required. The values for the new issue. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Issue' - GoogleCloudContactcenterinsightsV1CreateIssueModelMetadata: - id: GoogleCloudContactcenterinsightsV1CreateIssueModelMetadata - description: Metadata for creating an issue model. + description: Required. The parent resource to export data from. + id: GoogleCloudContactcenterinsightsV1ExportInsightsDataRequest type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - request: - description: The original request for creation. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1CreateIssueModelRequest - GoogleCloudContactcenterinsightsV1CreateIssueModelRequest: - id: GoogleCloudContactcenterinsightsV1CreateIssueModelRequest - description: The request to create an issue model. + GoogleCloudContactcenterinsightsV1alpha1QueryMetricsMetadata: type: object properties: - parent: - description: Required. The parent resource of the issue model. - type: string - issueModel: - description: Required. The issue model to create. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1IssueModel' - GoogleCloudContactcenterinsightsV1DeleteIssueModelMetadata: - id: GoogleCloudContactcenterinsightsV1DeleteIssueModelMetadata - description: Metadata for deleting an issue model. + resultIsTruncated: + type: boolean + description: >- + Whether the result rows were truncated because the result row size + is too large to materialize. + description: The metadata from querying metrics. + id: GoogleCloudContactcenterinsightsV1alpha1QueryMetricsMetadata + GoogleCloudContactcenterinsightsV1QaScorecardResult: type: object properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + qaTagResults: + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardResultQaTagResult + description: Collection of tags and their scores. + type: array + qaAnswers: + items: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1QaAnswer' + description: Set of QaAnswers represented in the result. + type: array + normalizedScore: + format: double + description: >- + The normalized score, which is the score divided by the potential + score. Any manual edits are included if they exist. + type: number + potentialScore: + description: >- + The maximum potential overall score of the scorecard. Any questions + answered using `na_value` are excluded from this calculation. + format: double + type: number + qaScorecardRevision: + description: The QaScorecardRevision scored by this result. + type: string + name: + description: >- + Identifier. The name of the scorecard result. Format: + projects/{project}/locations/{location}/qaScorecardResults/{qa_scorecard_result} type: string + createTime: + description: Output only. The timestamp that the revision was created. format: google-datetime - endTime: - description: Output only. The time the operation finished running. + type: string readOnly: true + conversation: + description: The conversation scored by this result. type: string - format: google-datetime - request: - description: The original request for deletion. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1DeleteIssueModelRequest - GoogleCloudContactcenterinsightsV1DeleteIssueModelRequest: - id: GoogleCloudContactcenterinsightsV1DeleteIssueModelRequest - description: The request to delete an issue model. - type: object - properties: - name: - description: Required. The name of the issue model to delete. + scoreSources: + type: array + description: List of all individual score sets. + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardResultScoreSource + agentId: + description: ID of the agent that handled the conversation. type: string - GoogleCloudContactcenterinsightsV1DeleteQaQuestionTagMetadata: - id: GoogleCloudContactcenterinsightsV1DeleteQaQuestionTagMetadata - description: The metadata for deleting a QaQuestionTag Resource. + score: + type: number + format: double + description: >- + The overall numerical score of the result, incorporating any manual + edits if they exist. + id: GoogleCloudContactcenterinsightsV1QaScorecardResult + description: >- + The results of scoring a single conversation against a QaScorecard. + Contains a collection of QaAnswers and aggregate score. + GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsRequest: + description: Request for the BulkDeleteFeedbackLabels endpoint. + id: GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsRequest type: object properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + filter: + description: >- + Optional. A filter to reduce results to a specific subset. Supports + disjunctions (OR) and conjunctions (AND). Supported fields: * + `issue_model_id` * `qa_question_id` * `qa_scorecard_id` * + `min_create_time` * `max_create_time` * `min_update_time` * + `max_update_time` * `feedback_label_type`: QUALITY_AI, + TOPIC_MODELING type: string - format: google-datetime - request: - description: Output only. The original request. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1DeleteQaQuestionTagRequest - GoogleCloudContactcenterinsightsV1DeleteQaQuestionTagRequest: - id: GoogleCloudContactcenterinsightsV1DeleteQaQuestionTagRequest - description: The request for deleting a QaQuestionTag. - type: object - properties: - name: - description: Required. The name of the QaQuestionTag to delete. + parent: type: string - GoogleCloudContactcenterinsightsV1DeployIssueModelMetadata: - id: GoogleCloudContactcenterinsightsV1DeployIssueModelMetadata - description: Metadata for deploying an issue model. - type: object + description: Required. The parent resource for new feedback labels. + GoogleCloudContactcenterinsightsV1AnalysisRule: + id: GoogleCloudContactcenterinsightsV1AnalysisRule properties: createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string format: google-datetime - endTime: - description: Output only. The time the operation finished running. + description: Output only. The time at which this analysis rule was created. readOnly: true type: string - format: google-datetime - request: - description: The original request for deployment. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1DeployIssueModelRequest - GoogleCloudContactcenterinsightsV1DeployIssueModelResponse: - id: GoogleCloudContactcenterinsightsV1DeployIssueModelResponse - description: The response to deploy an issue model. - type: object - properties: {} - GoogleCloudContactcenterinsightsV1ExportInsightsDataMetadata: - id: GoogleCloudContactcenterinsightsV1ExportInsightsDataMetadata - description: Metadata for an export insights operation. - type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + active: + description: >- + If true, apply this rule to conversations. Otherwise, this rule is + inactive and saved as a draft. + type: boolean + conversationFilter: + description: >- + Filter for the conversations that should apply this analysis rule. + An empty filter means this analysis rule applies to all + conversations. Refer to + https://cloud.google.com/contact-center/insights/docs/filtering for + details. type: string + updateTime: + description: >- + Output only. The most recent time at which this analysis rule was + updated. format: google-datetime - endTime: - description: Output only. The time the operation finished running. + type: string readOnly: true + displayName: + description: Display Name of the analysis rule. type: string - format: google-datetime - request: - description: The original request for export. + annotatorSelector: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ExportInsightsDataRequest - partialErrors: + #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotatorSelector description: >- - Partial errors during export operation that might cause the - operation output to be incomplete. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - completedExportCount: - description: The number of conversations that were exported successfully. - type: integer - format: int32 - failedExportCount: - description: The number of conversations that failed to be exported. - type: integer - format: int32 - GoogleCloudContactcenterinsightsV1ExportInsightsDataResponse: - id: GoogleCloudContactcenterinsightsV1ExportInsightsDataResponse - description: Response for an export insights operation. - type: object - properties: {} - GoogleCloudContactcenterinsightsV1ExportIssueModelMetadata: - id: GoogleCloudContactcenterinsightsV1ExportIssueModelMetadata - description: Metadata used for export issue model. - type: object - properties: - createTime: - description: The time the operation was created. - type: string - format: google-datetime - endTime: - description: The time the operation finished running. + Selector of annotators to run and the phrase matchers to use for + conversations that matches the conversation_filter. If not + specified, NO annotators will be run. + name: type: string - format: google-datetime - request: - description: The original export request. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ExportIssueModelRequest - GoogleCloudContactcenterinsightsV1ExportIssueModelResponse: - id: GoogleCloudContactcenterinsightsV1ExportIssueModelResponse - description: Response from export issue model + description: >- + Identifier. The resource name of the analysis rule. Format: + projects/{project}/locations/{location}/analysisRules/{analysis_rule} + analysisPercentage: + format: double + description: >- + Percentage of conversations that we should apply this analysis + setting automatically, between [0, 1]. For example, 0.1 means 10%. + Conversations are sampled in a determenestic way. The original + runtime_percentage & upload percentage will be replaced by defining + filters on the conversation. + type: number type: object - properties: {} - GoogleCloudContactcenterinsightsV1ImportIssueModelMetadata: - id: GoogleCloudContactcenterinsightsV1ImportIssueModelMetadata - description: Metadata used for import issue model. + description: >- + The CCAI Insights project wide analysis rule. This rule will be applied + to all conversations that match the filter defined in the rule. For a + conversation matches the filter, the annotators specified in the rule + will be run. If a conversation matches multiple rules, a union of all + the annotators will be run. One project can have multiple analysis + rules. + GoogleCloudContactcenterinsightsV1Dimension: + description: >- + A dimension determines the grouping key for the query. In SQL terms, + these would be part of both the "SELECT" and "GROUP BY" clauses. + id: GoogleCloudContactcenterinsightsV1Dimension type: object properties: - createTime: - description: The time the operation was created. - type: string - format: google-datetime - endTime: - description: The time the operation finished running. - type: string - format: google-datetime - request: - description: The original import request. + agentDimensionMetadata: + description: Output only. Metadata about the agent dimension. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ImportIssueModelRequest - GoogleCloudContactcenterinsightsV1ImportIssueModelResponse: - id: GoogleCloudContactcenterinsightsV1ImportIssueModelResponse - description: Response from import issue model - type: object - properties: - issueModel: - description: The issue model that was imported. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1IssueModel' - GoogleCloudContactcenterinsightsV1IngestConversationsMetadata: - id: GoogleCloudContactcenterinsightsV1IngestConversationsMetadata - description: The metadata for an IngestConversations operation. - type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. + #/components/schemas/GoogleCloudContactcenterinsightsV1DimensionAgentDimensionMetadata readOnly: true - type: string - format: google-datetime - request: - description: Output only. The original request for ingest. + qaScorecardDimensionMetadata: + description: Output only. Metadata about the QA scorecard dimension. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1DimensionQaScorecardDimensionMetadata readOnly: true + mediumDimensionMetadata: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IngestConversationsRequest - partialErrors: - description: >- - Output only. Partial errors during ingest operation that might cause - the operation output to be incomplete. + #/components/schemas/GoogleCloudContactcenterinsightsV1DimensionMediumDimensionMetadata + description: Output only. Metadata about the conversation medium dimension. readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - ingestConversationsStats: - description: Output only. Statistics for IngestConversations operation. + labelDimensionMetadata: readOnly: true + description: Output only. Metadata about conversation labels. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IngestConversationsMetadataIngestConversationsStats - sampledConversations: + #/components/schemas/GoogleCloudContactcenterinsightsV1DimensionLabelDimensionMetadata + clientSentimentCategoryDimensionMetadata: + readOnly: true + description: Output only. Metadata about the client sentiment category dimension. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1DimensionClientSentimentCategoryDimensionMetadata + conversationalAgentsPlaybookDimensionMetadata: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1DimensionConversationalAgentsPlaybookDimensionMetadata + readOnly: true description: >- - Output only. Stores the conversation resources produced by ingest - sampling operations. + Output only. Metadata about the Conversational Agents playbook + dimension. + issueDimensionMetadata: + description: Output only. Metadata about the issue dimension. readOnly: true - type: array - items: - type: string - GoogleCloudContactcenterinsightsV1IngestConversationsMetadataIngestConversationsStats: - id: >- - GoogleCloudContactcenterinsightsV1IngestConversationsMetadataIngestConversationsStats - description: Statistics for IngestConversations operation. - type: object - properties: - processedObjectCount: - description: >- - Output only. The number of objects processed during the ingest - operation. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1DimensionIssueDimensionMetadata + conversationProfileDimensionMetadata: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1DimensionConversationProfileDimensionMetadata readOnly: true - type: integer - format: int32 - duplicatesSkippedCount: - description: >- - Output only. The number of objects skipped because another - conversation with the same transcript uri had already been ingested. + description: Output only. Metadata about the conversation profile dimension. + qaQuestionDimensionMetadata: readOnly: true - type: integer - format: int32 - successfulIngestCount: - description: >- - Output only. The number of new conversations added during this - ingest operation. + description: Output only. Metadata about the QA question dimension. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1DimensionQaQuestionDimensionMetadata + conversationalAgentsToolDimensionMetadata: readOnly: true - type: integer - format: int32 - failedIngestCount: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1DimensionConversationalAgentsToolDimensionMetadata description: >- - Output only. The number of objects which were unable to be ingested - due to errors. The errors are populated in the partial_errors field. + Output only. Metadata about the Conversational Agents tool + dimension. + dimensionKey: + type: string + enum: + - DIMENSION_KEY_UNSPECIFIED + - ISSUE + - ISSUE_NAME + - AGENT + - AGENT_TEAM + - QA_QUESTION_ID + - QA_QUESTION_ANSWER_VALUE + - QA_SCORECARD_ID + - CONVERSATION_PROFILE_ID + - MEDIUM + - CONVERSATIONAL_AGENTS_PLAYBOOK_ID + - CONVERSATIONAL_AGENTS_PLAYBOOK_NAME + - CONVERSATIONAL_AGENTS_TOOL_ID + - CONVERSATIONAL_AGENTS_TOOL_NAME + - CLIENT_SENTIMENT_CATEGORY + - AGENT_VERSION_ID + - AGENT_DEPLOYMENT_ID + - AGENT_ASSIST_SUPERVISOR_ID + - LABEL_KEY + - LABEL_VALUE + - LABEL_KEY_AND_VALUE + enumDescriptions: + - The key of the dimension is unspecified. + - The dimension is keyed by issues. + - The dimension is keyed by issue names. + - The dimension is keyed by agents. + - The dimension is keyed by agent teams. + - >- + The dimension is keyed by QaQuestionIds. Note that: We only group + by the QuestionId and not the revision-id of the scorecard this + question is a part of. This allows for showing stats for the same + question across different scorecard revisions. + - >- + The dimension is keyed by QaQuestionIds-Answer value pairs. Note + that: We only group by the QuestionId and not the revision-id of + the scorecard this question is a part of. This allows for showing + distribution of answers per question across different scorecard + revisions. + - >- + The dimension is keyed by QaScorecardIds. Note that: We only group + by the ScorecardId and not the revision-id of the scorecard. This + allows for showing stats for the same scorecard across different + revisions. This metric is mostly only useful if querying the + average normalized score per scorecard. + - The dimension is keyed by the conversation profile ID. + - The dimension is keyed by the conversation medium. + - The dimension is keyed by the Conversational Agents playbook ID. + - >- + The dimension is keyed by the Conversational Agents playbook + display name. + - The dimension is keyed by the Conversational Agents tool ID. + - >- + The dimension is keyed by the Conversational Agents tool display + name. + - The dimension is keyed by the client sentiment category. + - The dimension is keyed by the agent version ID. + - The dimension is keyed by the agent deployment ID. + - >- + The dimension is keyed by the supervisor ID of the assigned human + supervisor for virtual agents. + - The dimension is keyed by label keys. + - The dimension is keyed by label values. + - The dimension is keyed by label key-value pairs. + description: The key of the dimension. + qaQuestionAnswerDimensionMetadata: readOnly: true - type: integer - format: int32 - GoogleCloudContactcenterinsightsV1IngestConversationsResponse: - id: GoogleCloudContactcenterinsightsV1IngestConversationsResponse - description: The response to an IngestConversations operation. - type: object - properties: {} - GoogleCloudContactcenterinsightsV1InitializeEncryptionSpecMetadata: - id: GoogleCloudContactcenterinsightsV1InitializeEncryptionSpecMetadata - description: Metadata for initializing a location-level encryption specification. + description: Output only. Metadata about the QA question-answer dimension. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1DimensionQaQuestionAnswerDimensionMetadata + GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequest: + id: GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequest + description: The request for bulk uploading feedback labels. + properties: + sheetsSource: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequestSheetsSource + description: A sheets document source. + validateOnly: + type: boolean + description: >- + Optional. If set, upload will not happen and the labels will be + validated. If not set, then default behavior will be to upload the + labels after validation is complete. + gcsSource: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequestGcsSource + description: A cloud storage bucket source. type: object + GoogleCloudContactcenterinsightsV1alpha1IngestConversationsMetadata: properties: + partialErrors: + items: + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + description: >- + Output only. Partial errors during ingest operation that might cause + the operation output to be incomplete. + readOnly: true + request: + description: Output only. The original request for ingest. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequest + ingestConversationsStats: + readOnly: true + description: Output only. Statistics for IngestConversations operation. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IngestConversationsMetadataIngestConversationsStats + sampledConversations: + type: array + items: + type: string + readOnly: true + description: >- + Output only. Stores the conversation resources produced by ingest + sampling operations. createTime: + format: google-datetime description: Output only. The time the operation was created. readOnly: true type: string - format: google-datetime endTime: + format: google-datetime description: Output only. The time the operation finished running. - readOnly: true type: string - format: google-datetime - request: - description: Output only. The original request for initialization. readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1InitializeEncryptionSpecRequest - partialErrors: - description: >- - Partial errors during initializing operation that might cause the - operation output to be incomplete. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudContactcenterinsightsV1InitializeEncryptionSpecResponse: - id: GoogleCloudContactcenterinsightsV1InitializeEncryptionSpecResponse - description: The response to initialize a location-level encryption specification. type: object + description: The metadata for an IngestConversations operation. + id: GoogleCloudContactcenterinsightsV1alpha1IngestConversationsMetadata + GoogleCloudContactcenterinsightsV1ExportInsightsDataResponse: properties: {} - GoogleCloudContactcenterinsightsV1QueryMetricsMetadata: - id: GoogleCloudContactcenterinsightsV1QueryMetricsMetadata - description: The metadata from querying metrics. type: object + id: GoogleCloudContactcenterinsightsV1ExportInsightsDataResponse + description: Response for an export insights operation. + GoogleCloudContactcenterinsightsV1NoteQaQuestionNote: + type: object + description: A note about a QA question. properties: - resultIsTruncated: - description: >- - Whether the result rows were truncated because the result row size - is too large to materialize. - type: boolean - GoogleCloudContactcenterinsightsV1QueryMetricsResponse: - id: GoogleCloudContactcenterinsightsV1QueryMetricsResponse - description: The response for querying metrics. + qaQuestion: + type: string + description: The question resource that the note is associated with. + id: GoogleCloudContactcenterinsightsV1NoteQaQuestionNote + GoogleCloudContactcenterinsightsV1alpha1QaQuestionTag: type: object + description: >- + A tag is a resource which aims to categorize a set of questions across + multiple scorecards, e.g., "Customer Satisfaction","Billing", etc. properties: - location: - description: >- - Required. The location of the data. - "projects/{project}/locations/{location}" + displayName: type: string + description: Required. A user-specified display name for the tag. + qaQuestionIds: + items: + type: string + type: array + description: >- + Optional. The list of Scorecard Question IDs that the tag applies + to. Each QaQuestionId is represented as a full resource name + containing the Question ID. Lastly, Since a tag may not necessarily + be referenced by any Scorecard Questions, we treat this field as + optional. updateTime: - description: The metrics last update time. type: string format: google-datetime - slices: + readOnly: true description: >- - A slice contains a total and (if the request specified a time - granularity) a time series of metric values. Each slice contains a - unique combination of the cardinality of dimensions from the - request. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsResponseSlice - macroAverageSlice: + Output only. The most recent time at which the question tag was + updated. + createTime: + format: google-datetime + type: string + readOnly: true + description: Output only. The time at which the question tag was created. + name: description: >- - The macro average slice contains aggregated averages across the - selected dimension. i.e. if group_by agent is specified this field - will contain the average across all agents. This field is only - populated if the request specifies a Dimension. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsResponseSlice - GoogleCloudContactcenterinsightsV1QueryMetricsResponseSlice: - id: GoogleCloudContactcenterinsightsV1QueryMetricsResponseSlice - description: >- - A slice contains a total and (if the request specified a time - granularity) a time series of metric values. Each slice contains a - unique combination of the cardinality of dimensions from the request. - For example, if the request specifies a single ISSUE dimension and it - has a cardinality of 2 (i.e. the data used to compute the metrics has 2 - issues in total), the response will have 2 slices: * Slice 1 -> - dimensions=[Issue 1] * Slice 2 -> dimensions=[Issue 2] + Identifier. Resource name for the QaQuestionTag Format + projects/{project}/locations/{location}/qaQuestionTags/{qa_question_tag} + In the above format, the last segment, i.e., qa_question_tag, is a + server-generated ID corresponding to the tag resource. + type: string + id: GoogleCloudContactcenterinsightsV1alpha1QaQuestionTag + GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsResponse: + properties: {} + id: GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsResponse type: object + description: Response for the BulkDownloadFeedbackLabel endpoint. + GoogleCloudContactcenterinsightsV1DimensionIssueDimensionMetadata: + id: GoogleCloudContactcenterinsightsV1DimensionIssueDimensionMetadata properties: - dimensions: - description: A unique combination of dimensions that this slice represents. - type: array - items: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dimension' - total: - description: >- - The total metric value. The interval of this data point is [starting - create time, ending create time) from the request. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPoint - timeSeries: - description: >- - A time series of metric values. This is only populated if the - request specifies a time granularity other than NONE. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceTimeSeries - GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPoint: - id: GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPoint - description: A data point contains the metric values mapped to an interval. - type: object - properties: - conversationMeasure: - description: The measure related to conversations. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPointConversationMeasure - interval: - description: >- - The interval that this data point represents. * If this is the total - data point, the interval is [starting create time, ending create - time) from the request. * If this a data point from the time series, - the interval is [time, time + time granularity from the request). - $ref: '#/components/schemas/GoogleTypeInterval' - GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPointConversationMeasure: - id: >- - GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPointConversationMeasure - description: The measure related to conversations. - type: object - properties: - conversationCount: - description: The conversation count. - type: integer - format: int32 - averageSilencePercentage: - description: The average silence percentage. - type: number - format: float - averageDuration: - description: The average duration. + issueModelId: + description: The parent issue model ID. type: string - format: google-duration - averageTurnCount: - description: The average turn count. - type: number - format: float - averageAgentSentimentScore: - description: The average agent's sentiment score. - type: number - format: float - averageClientSentimentScore: - description: The average client's sentiment score. - type: number - format: float - averageCustomerSatisfactionRating: - description: The average customer satisfaction rating. - type: number - format: double - averageQaNormalizedScore: - description: >- - Average QA normalized score. Will exclude 0's in average - calculation. - type: number - format: double - qaTagScores: - description: Average QA normalized score for all the tags. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPointConversationMeasureQaTagScore - averageQaQuestionNormalizedScore: - description: >- - Average QA normalized score averaged for questions averaged across - all revisions of the parent scorecard. Will be only populated if the - request specifies a dimension of QA_QUESTION_ID. - type: number - format: double - GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPointConversationMeasureQaTagScore: - id: >- - GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPointConversationMeasureQaTagScore - description: Average QA normalized score for the tag. - type: object - properties: - tag: - description: Tag name. + issueDisplayName: + description: The issue display name. type: string - averageTagNormalizedScore: - description: Average tag normalized score per tag. - type: number - format: double - GoogleTypeInterval: - id: GoogleTypeInterval - description: >- - Represents a time interval, encoded as a Timestamp start (inclusive) and - a Timestamp end (exclusive). The start must be less than or equal to the - end. When the start equals the end, the interval is empty (matches no - time). When both start and end are unspecified, the interval matches any - time. + issueId: + description: The issue ID. + type: string + description: Metadata about the issue dimension. type: object + GoogleCloudContactcenterinsightsV1Intent: properties: - startTime: - description: >- - Optional. Inclusive start of the interval. If specified, a Timestamp - matching this interval will have to be the same or after the start. + id: + description: The unique identifier of the intent. type: string - format: google-datetime - endTime: - description: >- - Optional. Exclusive end of the interval. If specified, a Timestamp - matching this interval will have to be before the end. + displayName: type: string - format: google-datetime - GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceTimeSeries: - id: GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceTimeSeries - description: A time series of metric values. - type: object - properties: - dataPoints: - description: The data points that make up the time series . - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPoint - GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewMetadata: - id: GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewMetadata - description: The metadata for querying performance overview. + description: The human-readable name of the intent. + id: GoogleCloudContactcenterinsightsV1Intent + description: >- + The data for an intent. Represents a detected intent in the + conversation, for example MAKES_PROMISE. type: object - properties: {} - GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewResponse: - id: GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewResponse - description: The response for querying performance overview. + GoogleCloudContactcenterinsightsV1alpha1DimensionConversationalAgentsPlaybookDimensionMetadata: type: object + description: Metadata about the Conversational Agents playbook dimension. + id: >- + GoogleCloudContactcenterinsightsV1alpha1DimensionConversationalAgentsPlaybookDimensionMetadata properties: - summaryText: - description: The summary text of the performance. + playbookId: + description: Optional. The dialogflow playbook ID. type: string - GoogleCloudContactcenterinsightsV1SampleConversationsMetadata: - id: GoogleCloudContactcenterinsightsV1SampleConversationsMetadata - description: The metadata for an SampleConversations operation. + playbookDisplayName: + type: string + description: Optional. The dialogflow playbook display name. + GoogleCloudContactcenterinsightsV1ExportInsightsDataMetadata: type: object + id: GoogleCloudContactcenterinsightsV1ExportInsightsDataMetadata properties: createTime: - description: Output only. The time the operation was created. - readOnly: true type: string format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - request: - description: >- - Output only. The original request for sample conversations to - dataset. + description: Output only. The time the operation was created. readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1SampleConversationsRequest partialErrors: - description: >- - Output only. Partial errors during sample conversations operation - that might cause the operation output to be incomplete. - readOnly: true - type: array items: $ref: '#/components/schemas/GoogleRpcStatus' - sampleConversationsStats: - description: Output only. Statistics for SampleConversations operation. - readOnly: true + description: >- + Partial errors during export operation that might cause the + operation output to be incomplete. + type: array + request: + description: The original request for export. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1SampleConversationsMetadataSampleConversationsStats - GoogleCloudContactcenterinsightsV1SampleConversationsMetadataSampleConversationsStats: + #/components/schemas/GoogleCloudContactcenterinsightsV1ExportInsightsDataRequest + failedExportCount: + format: int32 + description: The number of conversations that failed to be exported. + type: integer + completedExportCount: + description: The number of conversations that were exported successfully. + type: integer + format: int32 + endTime: + description: Output only. The time the operation finished running. + type: string + format: google-datetime + readOnly: true + description: Metadata for an export insights operation. + GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsMetadataDownloadStats: id: >- - GoogleCloudContactcenterinsightsV1SampleConversationsMetadataSampleConversationsStats - description: Statistics for SampleConversations operation. + GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsMetadataDownloadStats + description: Statistics for BulkDownloadFeedbackLabels operation. type: object properties: - successfulSampleCount: - description: >- - Output only. The number of new conversations added during this - sample operation. + fileNames: + items: + type: string + type: array + description: Output only. Full name of the files written to Cloud storage. readOnly: true + processedObjectCount: + description: The number of objects processed during the download operation. type: integer format: int32 - failedSampleCount: - description: >- - Output only. The number of objects which were unable to be sampled - due to errors. The errors are populated in the partial_errors field. - readOnly: true + totalFilesWritten: type: integer + description: Total number of files written to the provided Cloud Storage bucket. format: int32 - GoogleCloudContactcenterinsightsV1SampleConversationsResponse: - id: GoogleCloudContactcenterinsightsV1SampleConversationsResponse - description: The response to an SampleConversations operation. - type: object - properties: {} - GoogleCloudContactcenterinsightsV1UndeployIssueModelMetadata: - id: GoogleCloudContactcenterinsightsV1UndeployIssueModelMetadata - description: Metadata for undeploying an issue model. + successfulDownloadCount: + description: >- + The number of new feedback labels downloaded during this operation. + Different from "processed" because some labels might not be + downloaded because an error. + format: int32 + type: integer + GoogleCloudContactcenterinsightsV1UpdateQaQuestionTagRequest: + description: The request for updating a QaQuestionTag. type: object + id: GoogleCloudContactcenterinsightsV1UpdateQaQuestionTagRequest properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + qaQuestionTag: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionTag' + description: Required. The QaQuestionTag to update. + updateMask: + description: >- + Optional. The list of fields to be updated. All possible fields can + be updated by passing `*`, or a subset of the following updateable + fields can be provided: * `qa_question_tag_name` - the name of the + tag * `qa_question_ids` - the list of questions the tag applies to + format: google-fieldmask type: string - format: google-datetime - request: - description: The original request for undeployment. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1UndeployIssueModelRequest - GoogleCloudContactcenterinsightsV1UndeployIssueModelResponse: - id: GoogleCloudContactcenterinsightsV1UndeployIssueModelResponse - description: The response to undeploy an issue model. - type: object - properties: {} - GoogleCloudContactcenterinsightsV1UpdateQaQuestionTagMetadata: - id: GoogleCloudContactcenterinsightsV1UpdateQaQuestionTagMetadata - description: The metadata for updating a QaQuestionTag Resource. + GoogleCloudContactcenterinsightsV1IssueModelLabelStats: + description: Aggregated statistics about an issue model. type: object properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + issueStats: + description: Statistics on each issue. Key is the issue's resource name. + type: object + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModelLabelStatsIssueStats + unclassifiedConversationsCount: + format: int64 + description: >- + Number of analyzed conversations for which no issue was applicable + at this point in time. type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + analyzedConversationsCount: + description: >- + Number of conversations the issue model has analyzed at this point + in time. + format: int64 type: string - format: google-datetime - request: - description: Output only. The original request. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1UpdateQaQuestionTagRequest - GoogleCloudContactcenterinsightsV1UpdateQaQuestionTagRequest: - id: GoogleCloudContactcenterinsightsV1UpdateQaQuestionTagRequest - description: The request for updating a QaQuestionTag. + id: GoogleCloudContactcenterinsightsV1IssueModelLabelStats + GoogleCloudContactcenterinsightsV1alpha1DialogflowInteractionData: type: object properties: - qaQuestionTag: - description: Required. The QaQuestionTag to update. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionTag' - updateMask: + confidence: + type: number description: >- - Optional. The list of fields to be updated. All possible fields can - be updated by passing `*`, or a subset of the following updateable - fields can be provided: * `qa_question_tag_name` - the name of the - tag * `qa_question_ids` - the list of questions the tag applies to + The confidence of the match ranging from 0.0 (completely uncertain) + to 1.0 (completely certain). + format: float + dialogflowIntentId: type: string - format: google-fieldmask - GoogleCloudContactcenterinsightsV1UploadConversationMetadata: - id: GoogleCloudContactcenterinsightsV1UploadConversationMetadata - description: The metadata for an `UploadConversation` operation. - type: object + description: >- + The Dialogflow intent resource path. Format: + projects/{project}/agent/{agent}/intents/{intent} + description: Dialogflow interaction data. + id: GoogleCloudContactcenterinsightsV1alpha1DialogflowInteractionData + GoogleCloudContactcenterinsightsV1alpha1DimensionConversationalAgentsToolDimensionMetadata: + id: >- + GoogleCloudContactcenterinsightsV1alpha1DimensionConversationalAgentsToolDimensionMetadata properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + toolId: + description: Optional. The dialogflow tool ID. type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + toolDisplayName: type: string - format: google-datetime - request: - description: Output only. The original request. - readOnly: true + description: Optional. The dialogflow tool display name. + description: Metadata about the Conversational Agents tool dimension. + type: object + GoogleCloudContactcenterinsightsV1alpha1IssueMatchData: + type: object + id: GoogleCloudContactcenterinsightsV1alpha1IssueMatchData + description: The data for an issue match annotation. + properties: + issueAssignment: + description: Information about the issue's assignment. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1UploadConversationRequest - analysisOperation: + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueAssignment + GoogleCloudContactcenterinsightsV1alpha1CreateAnalysisOperationMetadata: + description: Metadata for a create analysis operation. + id: GoogleCloudContactcenterinsightsV1alpha1CreateAnalysisOperationMetadata + properties: + conversation: description: >- - Output only. The operation name for a successfully created analysis - operation, if any. + Output only. The Conversation that this Analysis Operation belongs + to. readOnly: true type: string - appliedRedactionConfig: - description: >- - Output only. The redaction config applied to the uploaded - conversation. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1RedactionConfig - GoogleCloudContactcenterinsightsV1alpha1BulkAnalyzeConversationsMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1BulkAnalyzeConversationsMetadata - description: The metadata for a bulk analyze conversations operation. - type: object - properties: createTime: - description: The time the operation was created. - type: string + readOnly: true + description: Output only. The time the operation was created. format: google-datetime - endTime: - description: The time the operation finished running. type: string - format: google-datetime - request: - description: The original request for bulk analyze. + annotatorSelector: + readOnly: true $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1BulkAnalyzeConversationsRequest - completedAnalysesCount: - description: >- - The number of requested analyses that have completed successfully so - far. - type: integer - format: int32 - failedAnalysesCount: - description: The number of requested analyses that have failed so far. - type: integer - format: int32 - totalRequestedAnalysesCount: - description: >- - Total number of analyses requested. Computed by the number of - conversations returned by `filter` multiplied by - `analysis_percentage` in the request. - type: integer - format: int32 - partialErrors: - description: >- - Output only. Partial errors during bulk analyze operation that might - cause the operation output to be incomplete. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelector + description: Output only. The annotator selector used for the analysis (if any). + endTime: + format: google-datetime + type: string + description: Output only. The time the operation finished running. readOnly: true + type: object + GoogleCloudContactcenterinsightsV1ListAuthorizedViewSetsResponse: + id: GoogleCloudContactcenterinsightsV1ListAuthorizedViewSetsResponse + description: The response from a ListAuthorizedViewSet request. + properties: + authorizedViewSets: type: array + description: The AuthorizedViewSets under the parent. items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudContactcenterinsightsV1alpha1BulkAnalyzeConversationsRequest: - id: GoogleCloudContactcenterinsightsV1alpha1BulkAnalyzeConversationsRequest - description: The request to analyze conversations in bulk. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedViewSet + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string type: object + GoogleCloudContactcenterinsightsV1alpha1EncryptionSpec: + description: >- + A customer-managed encryption key specification that can be applied to + all created resources (e.g. `Conversation`). + id: GoogleCloudContactcenterinsightsV1alpha1EncryptionSpec properties: - parent: - description: Required. The parent resource to create analyses in. + name: type: string - filter: description: >- - Required. Filter used to select the subset of conversations to - analyze. + Immutable. The resource name of the encryption key specification + resource. Format: + projects/{project}/locations/{location}/encryptionSpec + kmsKey: type: string - analysisPercentage: - description: >- - Required. Percentage of selected conversation to analyze, between - [0, 100]. - type: number - format: float - annotatorSelector: description: >- - To select the annotators to run and the phrase matchers to use (if - any). If not specified, all annotators will be run. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelector - GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelector: - id: GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelector - description: Selector of all available annotators and phrase matchers to run. + Required. The name of customer-managed encryption key that is used + to secure a resource and its sub-resources. If empty, the resource + is secured by our default encryption key. Only the key in the same + location as this resource is allowed to be used for encryption. + Format: + `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{key}` + type: object + GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelRequestGcsDestination: type: object + description: Google Cloud Storage Object URI to save the issue model to. properties: - runInterruptionAnnotator: - description: Whether to run the interruption annotator. - type: boolean - runSilenceAnnotator: - description: Whether to run the silence annotator. - type: boolean - runPhraseMatcherAnnotator: - description: Whether to run the active phrase matcher annotator(s). - type: boolean - phraseMatchers: + objectUri: + description: 'Required. Format: `gs:///`' + type: string + id: >- + GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelRequestGcsDestination + GoogleCloudContactcenterinsightsV1alpha1SilenceData: + type: object + description: The data for a silence annotation. + id: GoogleCloudContactcenterinsightsV1alpha1SilenceData + properties: {} + GoogleCloudContactcenterinsightsV1AnswerFeedback: + id: GoogleCloudContactcenterinsightsV1AnswerFeedback + properties: + displayed: description: >- - The list of phrase matchers to run. If not provided, all active - phrase matchers will be used. If inactive phrase matchers are - provided, they will not be used. Phrase matchers will be run only if - run_phrase_matcher_annotator is set to true. Format: - projects/{project}/locations/{location}/phraseMatchers/{phrase_matcher} - type: array - items: - type: string - runSentimentAnnotator: - description: Whether to run the sentiment annotator. + Indicates whether an answer or item was displayed to the human agent + in the agent desktop UI. type: boolean - runEntityAnnotator: - description: Whether to run the entity annotator. + correctnessLevel: + description: The correctness level of an answer. + type: string + enumDescriptions: + - Correctness level unspecified. + - Answer is totally wrong. + - Answer is partially correct. + - Answer is fully correct. + enum: + - CORRECTNESS_LEVEL_UNSPECIFIED + - NOT_CORRECT + - PARTIALLY_CORRECT + - FULLY_CORRECT + clicked: type: boolean - runIntentAnnotator: - description: Whether to run the intent annotator. - type: boolean - runIssueModelAnnotator: - description: >- - Whether to run the issue model annotator. A model should have - already been deployed for this to take effect. - type: boolean - issueModels: - description: >- - The issue model to run. If not provided, the most recently deployed - topic model will be used. The provided issue model will only be used - for inference if the issue model is deployed and if - run_issue_model_annotator is set to true. If more than one issue - model is provided, only the first provided issue model will be used - for inference. - type: array - items: - type: string - runSummarizationAnnotator: - description: Whether to run the summarization annotator. - type: boolean - summarizationConfig: - description: Configuration for the summarization annotator. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorSummarizationConfig - runQaAnnotator: - description: Whether to run the QA annotator. - type: boolean - qaConfig: - description: Configuration for the QA annotator. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorQaConfig - GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorSummarizationConfig: - id: >- - GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorSummarizationConfig - description: Configuration for summarization. + description: Indicates whether an answer or item was clicked by the human agent. + description: >- + The feedback that the customer has about a certain answer in the + conversation. + type: object + GoogleIamV1AuditConfig: + id: GoogleIamV1AuditConfig type: object properties: - conversationProfile: - description: >- - Resource name of the Dialogflow conversation profile. Format: - projects/{project}/locations/{location}/conversationProfiles/{conversation_profile} - type: string - summarizationModel: - description: Default summarization model to be used. + service: type: string - enumDescriptions: - - Unspecified summarization model. - - >- - The CCAI baseline model. This model is deprecated and will be - removed in the future. We recommend using `generator` instead. - - >- - The CCAI baseline model, V2.0. This model is deprecated and will - be removed in the future. We recommend using `generator` instead. - enumDeprecated: - - false - - true - - true - enum: - - SUMMARIZATION_MODEL_UNSPECIFIED - - BASELINE_MODEL - - BASELINE_MODEL_V2_0 - generator: description: >- - The resource name of the existing created generator. Format: - projects//locations//generators/ - type: string - GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorQaConfig: - id: GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorQaConfig - description: Configuration for the QA feature. - type: object - properties: - scorecardList: - description: A manual list of scorecards to score. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorQaConfigScorecardList - GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorQaConfigScorecardList: - id: >- - GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorQaConfigScorecardList - description: Container for a list of scorecards. - type: object - properties: - qaScorecardRevisions: - description: List of QaScorecardRevisions. + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + auditLogConfigs: + items: + $ref: '#/components/schemas/GoogleIamV1AuditLogConfig' type: array + description: The configuration for logging of each type of permission. + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + GoogleCloudContactcenterinsightsV1ListIssuesResponse: + id: GoogleCloudContactcenterinsightsV1ListIssuesResponse + description: The response of listing issues. + properties: + issues: items: - type: string - GoogleCloudContactcenterinsightsV1alpha1BulkAnalyzeConversationsResponse: - id: GoogleCloudContactcenterinsightsV1alpha1BulkAnalyzeConversationsResponse - description: The response for a bulk analyze conversations operation. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Issue' + description: The issues that match the request. + type: array type: object - properties: - successfulAnalysisCount: - description: Count of successful analyses. - type: integer - format: int32 - failedAnalysisCount: - description: Count of failed analyses. - type: integer - format: int32 - GoogleCloudContactcenterinsightsV1alpha1BulkDeleteConversationsMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1BulkDeleteConversationsMetadata - description: The metadata for a bulk delete conversations operation. + GoogleCloudContactcenterinsightsV1Conversation: + description: The conversation resource. type: object properties: - createTime: - description: The time the operation was created. + runtimeAnnotations: + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1RuntimeAnnotation + readOnly: true + type: array + description: >- + Output only. The annotations that were generated during the customer + and agent interaction. + qualityMetadata: + description: Conversation metadata related to quality management. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationQualityMetadata + obfuscatedUserId: + description: Obfuscated user ID which the customer sent to us. type: string - format: google-datetime - endTime: - description: The time the operation finished running. + latestSummary: + description: Output only. Latest summary of the conversation. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationSummarizationSuggestionData + readOnly: true + createTime: + description: Output only. The time at which the conversation was created. type: string + readOnly: true format: google-datetime - request: - description: The original request for bulk delete. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1BulkDeleteConversationsRequest - partialErrors: + labels: description: >- - Partial errors during bulk delete conversations operation that might - cause the operation output to be incomplete. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudContactcenterinsightsV1alpha1BulkDeleteConversationsRequest: - id: GoogleCloudContactcenterinsightsV1alpha1BulkDeleteConversationsRequest - description: The request to delete conversations in bulk. - type: object - properties: - parent: + A map for the user to specify any custom fields. A maximum of 100 + labels per conversation is allowed, with a maximum of 256 characters + per entry. + type: object + additionalProperties: + type: string + name: description: >- - Required. The parent resource to delete conversations from. Format: - projects/{project}/locations/{location} + Immutable. The resource name of the conversation. Format: + projects/{project}/locations/{location}/conversations/{conversation} type: string - filter: - description: Filter used to select the subset of conversations to delete. + medium: + enumDescriptions: + - Default value, if unspecified will default to PHONE_CALL. + - The format for conversations that took place over the phone. + - The format for conversations that took place over chat. type: string - maxDeleteCount: - description: Maximum number of conversations to delete. - type: integer - format: int32 - force: description: >- - If set to true, all of this conversation's analyses will also be - deleted. Otherwise, the request will only succeed if the - conversation has no analyses. - type: boolean - GoogleCloudContactcenterinsightsV1alpha1BulkDeleteConversationsResponse: - id: GoogleCloudContactcenterinsightsV1alpha1BulkDeleteConversationsResponse - description: The response for a bulk delete conversations operation. - type: object - properties: {} - GoogleCloudContactcenterinsightsV1alpha1BulkDeleteFeedbackLabelsMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1BulkDeleteFeedbackLabelsMetadata - description: Metadata for the BulkDeleteFeedbackLabels endpoint. - type: object - properties: - request: - description: Output only. The original request for delete. + Immutable. The conversation medium, if unspecified will default to + PHONE_CALL. + enum: + - MEDIUM_UNSPECIFIED + - PHONE_CALL + - CHAT + updateTime: + format: google-datetime readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1BulkDeleteFeedbackLabelsRequest - partialErrors: + type: string description: >- - Partial errors during deletion operation that might cause the - operation output to be incomplete. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudContactcenterinsightsV1alpha1BulkDeleteFeedbackLabelsRequest: - id: GoogleCloudContactcenterinsightsV1alpha1BulkDeleteFeedbackLabelsRequest - description: Request for the BulkDeleteFeedbackLabels endpoint. - type: object - properties: - parent: - description: Required. The parent resource for new feedback labels. + Output only. The most recent time at which the conversation was + updated. + languageCode: + description: A user-specified language code for the conversation. type: string - filter: + agentId: description: >- - Optional. A filter to reduce results to a specific subset. Supports - disjunctions (OR) and conjunctions (AND). Supported fields: * - `issue_model_id` * `qa_question_id` * `qa_scorecard_id` * - `min_create_time` * `max_create_time` * `min_update_time` * - `max_update_time` * `feedback_label_type`: QUALITY_AI, - TOPIC_MODELING + An opaque, user-specified string representing the human agent who + handled the conversation. type: string - GoogleCloudContactcenterinsightsV1alpha1BulkDeleteFeedbackLabelsResponse: - id: GoogleCloudContactcenterinsightsV1alpha1BulkDeleteFeedbackLabelsResponse - description: Response for the BulkDeleteFeedbackLabels endpoint. - type: object - properties: {} - GoogleCloudContactcenterinsightsV1alpha1CreateAnalysisOperationMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1CreateAnalysisOperationMetadata - description: Metadata for a create analysis operation. - type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + expireTime: + description: >- + The time at which this conversation should expire. After this time, + the conversation data and any associated analyses will be deleted. type: string format: google-datetime - endTime: - description: Output only. The time the operation finished running. + transcript: + readOnly: true + description: Output only. The conversation transcript. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationTranscript + duration: + readOnly: true + description: Output only. The duration of the conversation. + format: google-duration + type: string + latestAnalysis: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Analysis' + readOnly: true + description: Output only. The conversation's latest analysis, if one exists. + dataSource: + description: The source of the audio and transcription for the conversation. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationDataSource + dialogflowIntents: readOnly: true + type: object + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1DialogflowIntent + description: >- + Output only. All the matched Dialogflow intents in the call. The key + corresponds to a Dialogflow intent, format: + projects/{project}/agent/{agent}/intents/{intent} + callMetadata: + description: Call-specific metadata. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationCallMetadata + startTime: type: string format: google-datetime - conversation: + description: The time at which the conversation started. + metadataJson: description: >- - Output only. The Conversation that this Analysis Operation belongs - to. - readOnly: true + Input only. JSON metadata encoded as a string. This field is + primarily used by Insights integrations with various telephony + systems and must be in one of Insight's supported formats. type: string - annotatorSelector: - description: Output only. The annotator selector used for the analysis (if any). + ttl: + description: >- + Input only. The TTL for this resource. If specified, then this TTL + will be used to calculate the expire time. + format: google-duration + type: string + turnCount: + type: integer readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelector - GoogleCloudContactcenterinsightsV1alpha1CreateIssueMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1CreateIssueMetadata - description: Metadata for creating an issue. - type: object + format: int32 + description: Output only. The number of turns in the conversation. + id: GoogleCloudContactcenterinsightsV1Conversation + GoogleCloudContactcenterinsightsV1QaAnswerAnswerValue: properties: - createTime: - description: Output only. The time the operation was created. + boolValue: + description: Boolean value. + type: boolean + potentialScore: + format: double + description: Output only. The maximum potential score of the question. + type: number readOnly: true + key: + description: >- + A short string used as an identifier. Matches the value used in + QaQuestion.AnswerChoice.key. type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. + score: + type: number + format: double + description: Output only. Numerical score of the answer. + readOnly: true + naValue: + description: A value of "Not Applicable (N/A)". Should only ever be `true`. + type: boolean + skipValue: + description: >- + Output only. A value of "Skip". If provided, this field may only be + set to `true`. If a question receives this answer, it will be + excluded from any score calculations. This would mean that the + question was not evaluated. + type: boolean readOnly: true + strValue: + description: String value. type: string - format: google-datetime - request: - description: The original request for creation. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1CreateIssueRequest - GoogleCloudContactcenterinsightsV1alpha1CreateIssueRequest: - id: GoogleCloudContactcenterinsightsV1alpha1CreateIssueRequest - description: The request to create an issue. + normalizedScore: + readOnly: true + description: >- + Output only. Normalized score of the questions. Calculated as score + / potential_score. + format: double + type: number + numValue: + type: number + description: Numerical value. + format: double + id: GoogleCloudContactcenterinsightsV1QaAnswerAnswerValue type: object - properties: - parent: - description: Required. The parent resource of the issue. - type: string - issue: - description: Required. The values for the new issue. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1alpha1Issue' - GoogleCloudContactcenterinsightsV1alpha1Issue: - id: GoogleCloudContactcenterinsightsV1alpha1Issue - description: The issue resource. + description: >- + Message for holding the value of a QaAnswer. QaQuestion.AnswerChoice + defines the possible answer values for a question. + GoogleCloudContactcenterinsightsV1alpha1ConversationQualityMetadataAgentInfo: + description: Information about an agent involved in the conversation. type: object + id: >- + GoogleCloudContactcenterinsightsV1alpha1ConversationQualityMetadataAgentInfo properties: - name: + agentId: + type: string + description: A user-specified string representing the agent. + team: description: >- - Immutable. The resource name of the issue. Format: - projects/{project}/locations/{location}/issueModels/{issue_model}/issues/{issue} + A user-specified string representing the agent's team. Deprecated in + favor of the `teams` field. + deprecated: true type: string - displayName: - description: The representative name for the issue. + versionId: + description: The agent's version ID. Only applicable to automated agents. type: string - createTime: - description: Output only. The time at which this issue was created. - readOnly: true + deploymentDisplayName: type: string - format: google-datetime - updateTime: - description: Output only. The most recent time that this issue was updated. - readOnly: true + description: >- + The agent's deployment display name. Only applicable to automated + agents. + location: + description: The agent's location. type: string - format: google-datetime - sampleUtterances: + agentType: + type: string + enum: + - ROLE_UNSPECIFIED + - HUMAN_AGENT + - AUTOMATED_AGENT + - END_USER + - ANY_AGENT + enumDescriptions: + - Participant's role is not set. + - Participant is a human agent. + - Participant is an automated agent. + - Participant is an end user who conversed with the contact center. + - Participant is either a human or automated agent. + description: The agent type, e.g. HUMAN_AGENT. + dispositionCode: description: >- - Output only. Resource names of the sample representative utterances - that match to this issue. - readOnly: true - type: array + A user-provided string indicating the outcome of the agent's segment + of the call. + type: string + teams: + description: User-specified strings representing the agent's teams. items: type: string - displayDescription: - description: Representative description of the issue. + type: array + deploymentId: + description: The agent's deployment ID. Only applicable to automated agents. type: string - GoogleCloudContactcenterinsightsV1alpha1CreateIssueModelMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1CreateIssueModelMetadata - description: Metadata for creating an issue model. - type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + displayName: + description: The agent's name. type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + versionDisplayName: type: string - format: google-datetime - request: - description: The original request for creation. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1CreateIssueModelRequest - GoogleCloudContactcenterinsightsV1alpha1CreateIssueModelRequest: - id: GoogleCloudContactcenterinsightsV1alpha1CreateIssueModelRequest - description: The request to create an issue model. - type: object + description: >- + The agent's version display name. Only applicable to automated + agents. + GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequestSheetsSource: + description: Google Sheets document details to get the feedback label file from. properties: - parent: - description: Required. The parent resource of the issue model. + spreadsheetUri: type: string - issueModel: - description: Required. The issue model to create. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueModel - GoogleCloudContactcenterinsightsV1alpha1IssueModel: - id: GoogleCloudContactcenterinsightsV1alpha1IssueModel - description: The issue model resource. + description: >- + Required. The Google Sheets document to write the feedback labels + to. Retrieved from Google Sheets URI. E.g. + `https://docs.google.com/spreadsheets/d/1234567890` The spreadsheet + must be shared with the Insights P4SA. + id: >- + GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequestSheetsSource type: object + GoogleCloudContactcenterinsightsV1EncryptionSpec: + description: >- + A customer-managed encryption key specification that can be applied to + all created resources (e.g. `Conversation`). properties: name: description: >- - Immutable. The resource name of the issue model. Format: - projects/{project}/locations/{location}/issueModels/{issue_model} - type: string - displayName: - description: The representative name for the issue model. - type: string - createTime: - description: Output only. The time at which this issue model was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. The most recent time at which the issue model was - updated. - readOnly: true - type: string - format: google-datetime - issueCount: - description: Output only. Number of issues in this issue model. - readOnly: true + Immutable. The resource name of the encryption key specification + resource. Format: + projects/{project}/locations/{location}/encryptionSpec type: string - format: int64 - state: - description: Output only. State of the model. - readOnly: true + kmsKey: type: string - enumDescriptions: - - Unspecified. - - Model is not deployed but is ready to deploy. - - Model is being deployed. - - >- - Model is deployed and is ready to be used. A model can only be - used in analysis if it's in this state. - - Model is being undeployed. - - Model is being deleted. - enum: - - STATE_UNSPECIFIED - - UNDEPLOYED - - DEPLOYING - - DEPLOYED - - UNDEPLOYING - - DELETING - inputDataConfig: - description: Configs for the input data that used to create the issue model. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueModelInputDataConfig - trainingStats: description: >- - Output only. Immutable. The issue model's label statistics on its - training data. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueModelLabelStats - modelType: - description: Type of the model. + Required. The name of customer-managed encryption key that is used + to secure a resource and its sub-resources. If empty, the resource + is secured by our default encryption key. Only the key in the same + location as this resource is allowed to be used for encryption. + Format: + `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{key}` + type: object + id: GoogleCloudContactcenterinsightsV1EncryptionSpec + GoogleCloudContactcenterinsightsV1alpha1DimensionLabelDimensionMetadata: + id: GoogleCloudContactcenterinsightsV1alpha1DimensionLabelDimensionMetadata + properties: + labelValue: + description: Optional. The label value. type: string - enumDescriptions: - - Unspecified model type. - - Type V1. - - Type V2. - enum: - - MODEL_TYPE_UNSPECIFIED - - TYPE_V1 - - TYPE_V2 - languageCode: - description: Language of the model. + labelKey: type: string - GoogleCloudContactcenterinsightsV1alpha1IssueModelInputDataConfig: - id: GoogleCloudContactcenterinsightsV1alpha1IssueModelInputDataConfig - description: Configs for the input data used to create the issue model. + description: Optional. The label key. + description: Metadata about conversation labels. type: object + GoogleCloudContactcenterinsightsV1alpha1QaAnswerAnswerValue: properties: - medium: + potentialScore: + description: Output only. The maximum potential score of the question. + readOnly: true + type: number + format: double + naValue: + type: boolean + description: A value of "Not Applicable (N/A)". Should only ever be `true`. + score: + description: Output only. Numerical score of the answer. + format: double + type: number + readOnly: true + boolValue: + type: boolean + description: Boolean value. + skipValue: + readOnly: true description: >- - Medium of conversations used in training data. This field is being - deprecated. To specify the medium to be used in training a new issue - model, set the `medium` field on `filter`. - deprecated: true - type: string - enumDescriptions: - - Default value, if unspecified will default to PHONE_CALL. - - The format for conversations that took place over the phone. - - The format for conversations that took place over chat. - enum: - - MEDIUM_UNSPECIFIED - - PHONE_CALL - - CHAT - trainingConversationsCount: - description: Output only. Number of conversations used in training. Output only. + Output only. A value of "Skip". If provided, this field may only be + set to `true`. If a question receives this answer, it will be + excluded from any score calculations. This would mean that the + question was not evaluated. + type: boolean + normalizedScore: + description: >- + Output only. Normalized score of the questions. Calculated as score + / potential_score. + format: double + type: number readOnly: true + strValue: + description: String value. type: string - format: int64 - filter: + numValue: + type: number + format: double + description: Numerical value. + key: description: >- - A filter to reduce the conversations used for training the model to - a specific subset. Refer to - https://cloud.google.com/contact-center/insights/docs/filtering for - details. + A short string used as an identifier. Matches the value used in + QaQuestion.AnswerChoice.key. type: string - GoogleCloudContactcenterinsightsV1alpha1IssueModelLabelStats: - id: GoogleCloudContactcenterinsightsV1alpha1IssueModelLabelStats - description: Aggregated statistics about an issue model. type: object + description: >- + Message for holding the value of a QaAnswer. QaQuestion.AnswerChoice + defines the possible answer values for a question. + id: GoogleCloudContactcenterinsightsV1alpha1QaAnswerAnswerValue + GoogleIamV1Binding: properties: - analyzedConversationsCount: + members: + type: array description: >- - Number of conversations the issue model has analyzed at this point - in time. + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + items: + type: string + role: type: string - format: int64 - unclassifiedConversationsCount: description: >- - Number of analyzed conversations for which no issue was applicable - at this point in time. - type: string - format: int64 - issueStats: - description: Statistics on each issue. Key is the issue's resource name. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueModelLabelStatsIssueStats - GoogleCloudContactcenterinsightsV1alpha1IssueModelLabelStatsIssueStats: - id: GoogleCloudContactcenterinsightsV1alpha1IssueModelLabelStatsIssueStats - description: Aggregated statistics about an issue. + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + condition: + $ref: '#/components/schemas/GoogleTypeExpr' + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + description: Associates `members`, or principals, with a `role`. + id: GoogleIamV1Binding + type: object + GoogleCloudContactcenterinsightsV1Dataset: type: object properties: - issue: - description: >- - Issue resource. Format: - projects/{project}/locations/{location}/issueModels/{issue_model}/issues/{issue} - type: string - labeledConversationsCount: - description: Number of conversations attached to the issue at this point in time. - type: string - format: int64 - displayName: - description: Display name of the issue. + type: + enum: + - TYPE_UNSPECIFIED + - EVAL + - LIVE + enumDescriptions: + - Default value for unspecified. + - For evals only. + - >- + Dataset with new conversations coming in regularly (Insights + legacy conversations and AI trainer) + description: Dataset usage type. type: string - GoogleCloudContactcenterinsightsV1alpha1DeleteIssueModelMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1DeleteIssueModelMetadata - description: Metadata for deleting an issue model. - type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + ttl: type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. + description: Optional. Option TTL for the dataset. + format: google-duration + updateTime: readOnly: true - type: string + description: Output only. Dataset update time. format: google-datetime - request: - description: The original request for deletion. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DeleteIssueModelRequest - GoogleCloudContactcenterinsightsV1alpha1DeleteIssueModelRequest: - id: GoogleCloudContactcenterinsightsV1alpha1DeleteIssueModelRequest - description: The request to delete an issue model. - type: object - properties: - name: - description: Required. The name of the issue model to delete. type: string - GoogleCloudContactcenterinsightsV1alpha1DeleteQaQuestionTagMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1DeleteQaQuestionTagMetadata - description: The metadata for deleting a QaQuestionTag Resource. - type: object - properties: createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string format: google-datetime - endTime: - description: Output only. The time the operation finished running. readOnly: true + description: Output only. Dataset create time. + type: string + description: + description: Dataset description. type: string - format: google-datetime - request: - description: Output only. The original request. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DeleteQaQuestionTagRequest - GoogleCloudContactcenterinsightsV1alpha1DeleteQaQuestionTagRequest: - id: GoogleCloudContactcenterinsightsV1alpha1DeleteQaQuestionTagRequest - description: The request for deleting a QaQuestionTag. - type: object - properties: name: - description: Required. The name of the QaQuestionTag to delete. + description: >- + Immutable. Identifier. Resource name of the dataset. Format: + projects/{project}/locations/{location}/datasets/{dataset} type: string - GoogleCloudContactcenterinsightsV1alpha1DeployIssueModelMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1DeployIssueModelMetadata - description: Metadata for deploying an issue model. + displayName: + type: string + description: Display name for the dataaset + description: >- + Dataset resource represents a collection of conversations that may be + bounded (Static Dataset, e.g. golden dataset for training), or unbounded + (Dynamic Dataset, e.g. live traffic, or agent training traffic) + id: GoogleCloudContactcenterinsightsV1Dataset + GoogleCloudContactcenterinsightsV1AnalysisResult: + description: The result of an analysis. type: object + id: GoogleCloudContactcenterinsightsV1AnalysisResult properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime + callAnalysisMetadata: + description: Call-specific metadata created by the analysis. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AnalysisResultCallAnalysisMetadata endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string format: google-datetime - request: - description: The original request for deployment. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DeployIssueModelRequest - GoogleCloudContactcenterinsightsV1alpha1DeployIssueModelRequest: - id: GoogleCloudContactcenterinsightsV1alpha1DeployIssueModelRequest - description: The request to deploy an issue model. - type: object - properties: - name: - description: Required. The issue model to deploy. + description: The time at which the analysis ended. type: string - GoogleCloudContactcenterinsightsV1alpha1DeployIssueModelResponse: - id: GoogleCloudContactcenterinsightsV1alpha1DeployIssueModelResponse + GoogleCloudContactcenterinsightsV1DeployIssueModelResponse: + properties: {} description: The response to deploy an issue model. type: object + id: GoogleCloudContactcenterinsightsV1DeployIssueModelResponse + GoogleCloudContactcenterinsightsV1alpha1InitializeEncryptionSpecResponse: + id: GoogleCloudContactcenterinsightsV1alpha1InitializeEncryptionSpecResponse + description: The response to initialize a location-level encryption specification. properties: {} - GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataMetadata - description: Metadata for an export insights operation. type: object + GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequest: properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + maxDownloadCount: + type: integer + description: >- + Optional. Limits the maximum number of feedback labels that will be + downloaded. The first `N` feedback labels will be downloaded. + format: int32 + feedbackLabelType: + enumDescriptions: + - Unspecified format + - >- + Downloaded file will contain all Quality AI labels from the latest + scorecard revision. + - Downloaded file will contain only Topic Modeling labels. + - Agent Assist Summarization labels. + description: Optional. The type of feedback labels that will be downloaded. + type: string + enum: + - FEEDBACK_LABEL_TYPE_UNSPECIFIED + - QUALITY_AI + - TOPIC_MODELING + - AGENT_ASSIST_SUMMARY + parent: + description: Required. The parent resource for new feedback labels. + type: string + sheetsDestination: + description: A sheets document destination. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequestSheetsDestination + filter: + type: string + description: >- + Optional. A filter to reduce results to a specific subset. Supports + disjunctions (OR) and conjunctions (AND). Supported fields: * + `issue_model_id` * `qa_question_id` * `qa_scorecard_id` * + `min_create_time` * `max_create_time` * `min_update_time` * + `max_update_time` * `feedback_label_type`: QUALITY_AI, + TOPIC_MODELING + conversationFilter: type: string + description: >- + Optional. Filter parent conversations to download feedback labels + for. When specified, the feedback labels will be downloaded for the + conversations that match the filter. If `template_qa_scorecard_id` + is set, all the conversations that match the filter will be paired + with the questions under the scorecard for labeling. + gcsDestination: + description: A cloud storage bucket destination. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequestGcsDestination + templateQaScorecardId: + description: >- + Optional. If set, a template for labeling conversations and + scorecard questions will be created from the conversation_filter and + the questions under the scorecard(s). The feedback label `filter` + will be ignored. + type: array + items: + type: string + id: GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequest + description: Request for the BulkDownloadFeedbackLabel endpoint. + type: object + GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelMetadata: + id: GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelMetadata + description: Metadata used for import issue model. + properties: + createTime: + description: The time the operation was created. format: google-datetime + type: string endTime: - description: Output only. The time the operation finished running. - readOnly: true type: string format: google-datetime + description: The time the operation finished running. request: - description: The original request for export. + description: The original import request. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataRequest - partialErrors: - description: >- - Partial errors during export operation that might cause the - operation output to be incomplete. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - completedExportCount: - description: The number of conversations that were exported successfully. - type: integer - format: int32 - failedExportCount: - description: The number of conversations that failed to be exported. - type: integer - format: int32 - GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataRequest: - id: GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataRequest - description: The request to export insights. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelRequest + type: object + GoogleCloudContactcenterinsightsV1alpha1IssueModel: type: object properties: - bigQueryDestination: - description: Specified if sink is a BigQuery table. + inputDataConfig: + description: Configs for the input data that used to create the issue model. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataRequestBigQueryDestination - parent: - description: Required. The parent resource to export data from. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueModelInputDataConfig + updateTime: type: string - filter: + format: google-datetime + readOnly: true description: >- - A filter to reduce results to a specific subset. Useful for - exporting conversations with specific properties. + Output only. The most recent time at which the issue model was + updated. + createTime: type: string - kmsKey: - description: >- - A fully qualified KMS key name for BigQuery tables protected by - CMEK. Format: - projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}/cryptoKeyVersions/{version} + readOnly: true + description: Output only. The time at which this issue model was created. + format: google-datetime + languageCode: + description: Language of the model. type: string - writeDisposition: - description: Options for what to do if the destination table already exists. + displayName: + description: The representative name for the issue model. + type: string + issueCount: + format: int64 type: string + readOnly: true + description: Output only. Number of issues in this issue model. + state: enumDescriptions: - - Write disposition is not specified. Defaults to WRITE_TRUNCATE. - - >- - If the table already exists, BigQuery will overwrite the table - data and use the schema from the load. + - Unspecified. + - Model is not deployed but is ready to deploy. + - Model is being deployed. - >- - If the table already exists, BigQuery will append data to the - table. - enum: - - WRITE_DISPOSITION_UNSPECIFIED - - WRITE_TRUNCATE - - WRITE_APPEND - exportSchemaVersion: - description: Optional. Version of the export schema. + Model is deployed and is ready to be used. A model can only be + used in analysis if it's in this state. + - Model is being undeployed. + - Model is being deleted. type: string - enumDescriptions: - - Unspecified. Defaults to EXPORT_V3. - - Export schema version 1. - - Export schema version 2. - - Export schema version 3. - - Export schema version 4. - - Export schema version 5. - - Export schema version 6. - - Export schema version 7. - - Export schema version 8. - - Export schema version 9. - - Export schema version 10. - - Export schema version latest available. enum: - - EXPORT_SCHEMA_VERSION_UNSPECIFIED - - EXPORT_V1 - - EXPORT_V2 - - EXPORT_V3 - - EXPORT_V4 - - EXPORT_V5 - - EXPORT_V6 - - EXPORT_V7 - - EXPORT_V8 - - EXPORT_V9 - - EXPORT_V10 - - EXPORT_VERSION_LATEST_AVAILABLE - GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataRequestBigQueryDestination: - id: >- - GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataRequestBigQueryDestination - description: A BigQuery Table Reference. + - STATE_UNSPECIFIED + - UNDEPLOYED + - DEPLOYING + - DEPLOYED + - UNDEPLOYING + - DELETING + readOnly: true + description: Output only. State of the model. + modelType: + enum: + - MODEL_TYPE_UNSPECIFIED + - TYPE_V1 + - TYPE_V2 + description: Type of the model. + enumDescriptions: + - Unspecified model type. + - Type V1. + - Type V2. + type: string + trainingStats: + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueModelLabelStats + description: >- + Output only. Immutable. The issue model's label statistics on its + training data. + name: + type: string + description: >- + Immutable. The resource name of the issue model. Format: + projects/{project}/locations/{location}/issueModels/{issue_model} + description: The issue model resource. + id: GoogleCloudContactcenterinsightsV1alpha1IssueModel + GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestGcsSource: type: object + description: Configuration for Cloud Storage bucket sources. + id: >- + GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestGcsSource properties: - projectId: - description: >- - A project ID or number. If specified, then export will attempt to - write data to this project instead of the resource project. - Otherwise, the resource project will be used. + bucketObjectType: + enumDescriptions: + - The object type is unspecified and will default to `TRANSCRIPT`. + - The object is a transcript. + - The object is an audio file. + enum: + - BUCKET_OBJECT_TYPE_UNSPECIFIED + - TRANSCRIPT + - AUDIO type: string - dataset: description: >- - Required. The name of the BigQuery dataset that the snapshot result - should be exported to. If this dataset does not exist, the export - call returns an INVALID_ARGUMENT error. + Optional. Specifies the type of the objects in `bucket_uri`. Avoid + passing this. This is inferred from the `transcript_bucket_uri`, + `audio_bucket_uri`. + audioBucketUri: + description: >- + Optional. The Cloud Storage path to the conversation audio file. + Note that: [1] Audio files will be transcribed if not already. [2] + Audio files and transcript files must be in separate buckets / + folders. [3] A source file and its corresponding audio file must + share the same name to be properly ingested, E.g. + `gs://bucket/transcript/conversation1.json` and + `gs://bucket/audio/conversation1.mp3`. type: string - table: + customMetadataKeys: + type: array + items: + type: string description: >- - The BigQuery table name to which the insights data should be - written. If this table does not exist, the export call returns an - INVALID_ARGUMENT error. + Optional. Custom keys to extract as conversation labels from + metadata files in `metadata_bucket_uri`. Keys not included in this + field will be ignored. Note that there is a limit of 100 labels per + conversation. + transcriptBucketUri: + description: >- + Optional. The Cloud Storage path to the conversation transcripts. + Note that: [1] Transcript files are expected to be in JSON format. + [2] Transcript, audio, metadata files must be in separate buckets / + folders. [3] A source file and its corresponding metadata file must + share the same name to be properly ingested, E.g. + `gs://bucket/audio/conversation1.mp3` and + `gs://bucket/metadata/conversation1.json`. type: string - GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataResponse: - id: GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataResponse - description: Response for an export insights operation. - type: object - properties: {} - GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelMetadata - description: Metadata used for export issue model. - type: object - properties: - createTime: - description: The time the operation was created. + metadataBucketUri: type: string - format: google-datetime - endTime: - description: The time the operation finished running. + description: >- + Optional. The Cloud Storage path to the conversation metadata. Note + that: [1] Metadata files are expected to be in JSON format. [2] + Metadata and source files (transcripts or audio) must be in separate + buckets / folders. [3] A source file and its corresponding metadata + file must share the same name to be properly ingested, E.g. + `gs://bucket/audio/conversation1.mp3` and + `gs://bucket/metadata/conversation1.json`. + bucketUri: + description: >- + Optional. The Cloud Storage bucket containing source objects. Avoid + passing this. Pass this through one of `transcript_bucket_uri` or + `audio_bucket_uri`. type: string - format: google-datetime - request: - description: The original export request. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelRequest - GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelRequest: - id: GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelRequest - description: Request to export an issue model. + GoogleCloudContactcenterinsightsV1alpha1AnalysisResultCallAnalysisMetadata: type: object + description: Call-specific metadata created during analysis. + id: >- + GoogleCloudContactcenterinsightsV1alpha1AnalysisResultCallAnalysisMetadata properties: - gcsDestination: - description: Google Cloud Storage URI to export the issue model to. + annotations: + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1CallAnnotation + description: A list of call annotations that apply to this call. + type: array + qaScorecardResults: + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaScorecardResult + description: Results of scoring QaScorecards. + type: array + sentiments: + description: Overall conversation-level sentiment for each channel of the call. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationLevelSentiment + phraseMatchers: + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1PhraseMatchData + type: object + description: All the matched phrase matchers in the call. + entities: + description: All the entities in the call. + type: object + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1Entity + intents: + type: object + description: All the matched intents in the call. + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1Intent + issueModelResult: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelRequestGcsDestination - name: - description: Required. The issue model to export. - type: string - GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelRequestGcsDestination: - id: >- - GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelRequestGcsDestination - description: Google Cloud Storage Object URI to save the issue model to. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueModelResult + description: Overall conversation-level issue modeling result. + silence: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationLevelSilence + description: Overall conversation-level silence during the call. + GoogleCloudContactcenterinsightsV1alpha1SampleConversationsMetadataSampleConversationsStats: type: object + id: >- + GoogleCloudContactcenterinsightsV1alpha1SampleConversationsMetadataSampleConversationsStats + description: Statistics for SampleConversations operation. properties: - objectUri: - description: 'Required. Format: `gs:///`' - type: string - GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelResponse: - id: GoogleCloudContactcenterinsightsV1alpha1ExportIssueModelResponse - description: Response from export issue model + successfulSampleCount: + readOnly: true + format: int32 + description: >- + Output only. The number of new conversations added during this + sample operation. + type: integer + failedSampleCount: + type: integer + format: int32 + description: >- + Output only. The number of objects which were unable to be sampled + due to errors. The errors are populated in the partial_errors field. + readOnly: true + GoogleCloudContactcenterinsightsV1SampleConversationsResponse: + id: GoogleCloudContactcenterinsightsV1SampleConversationsResponse type: object properties: {} - GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelMetadata - description: Metadata used for import issue model. + description: The response to an SampleConversations operation. + GoogleCloudContactcenterinsightsV1PublishAssessmentRequest: + properties: {} + description: >- + The message to publish an assessment. Draft and appealed assessments can + be published. Publishing simply changes the state of the assessment to + published, allowing the console and authorized views to filter on the + state. + type: object + id: GoogleCloudContactcenterinsightsV1PublishAssessmentRequest + GoogleCloudContactcenterinsightsV1ListDatasetsResponse: type: object + id: GoogleCloudContactcenterinsightsV1ListDatasetsResponse properties: - createTime: - description: The time the operation was created. + datasets: + items: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dataset' + description: The datasets that match the request. + type: array + nextPageToken: type: string - format: google-datetime - endTime: - description: The time the operation finished running. + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + description: The response to list datasets. + GoogleCloudContactcenterinsightsV1CalculateStatsResponseTimeSeries: + description: A time series representing conversations over time. + properties: + points: + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1CalculateStatsResponseTimeSeriesInterval + description: >- + An ordered list of intervals from earliest to latest, where each + interval represents the number of conversations that transpired + during the time window. + type: array + intervalDuration: type: string - format: google-datetime - request: - description: The original import request. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelRequest - GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelRequest: - id: GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelRequest - description: Request to import an issue model. + description: The duration of each interval. + format: google-duration type: object + id: GoogleCloudContactcenterinsightsV1CalculateStatsResponseTimeSeries + GoogleCloudContactcenterinsightsV1alpha1UploadConversationRequest: + description: Request to upload a conversation. properties: - gcsSource: - description: Google Cloud Storage source message. + redactionConfig: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelRequestGcsSource + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1RedactionConfig + description: >- + Optional. DLP settings for transcript redaction. Will default to the + config specified in Settings. parent: - description: Required. The parent resource of the issue model. + description: Required. The parent resource of the conversation. + type: string + conversation: + description: Required. The conversation resource to create. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1Conversation + conversationId: type: string - createNewModel: description: >- - Optional. If set to true, will create an issue model from the - imported file with randomly generated IDs for the issue model and - corresponding issues. Otherwise, replaces an existing model with the - same ID as the file. - type: boolean - GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelRequestGcsSource: - id: GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelRequestGcsSource - description: Google Cloud Storage Object URI to get the issue model file from. + Optional. A unique ID for the new conversation. This ID will become + the final component of the conversation's resource name. If no ID is + specified, a server-generated ID will be used. This value should be + 4-64 characters and must match the regular expression + `^[a-z0-9-]{4,64}$`. Valid characters are `a-z-` + speechConfig: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SpeechConfig + description: >- + Optional. Speech-to-Text configuration. Will default to the config + specified in Settings. + id: GoogleCloudContactcenterinsightsV1alpha1UploadConversationRequest + type: object + GoogleCloudContactcenterinsightsV1alpha1UndeployIssueModelResponse: + properties: {} + id: GoogleCloudContactcenterinsightsV1alpha1UndeployIssueModelResponse + description: The response to undeploy an issue model. type: object + GoogleCloudContactcenterinsightsV1alpha1QaScorecardResultQaTagResult: + description: Tags and their corresponding results. properties: - objectUri: - description: 'Required. Format: `gs:///`' + potentialScore: + format: double + description: The potential score the tag applies to. + type: number + tag: + description: The tag the score applies to. type: string - GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelResponse: - id: GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelResponse - description: Response from import issue model + normalizedScore: + description: The normalized score the tag applies to. + type: number + format: double + score: + type: number + description: The score the tag applies to. + format: double + id: GoogleCloudContactcenterinsightsV1alpha1QaScorecardResultQaTagResult type: object - properties: - issueModel: - description: The issue model that was imported. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueModel - GoogleCloudContactcenterinsightsV1alpha1IngestConversationsMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1IngestConversationsMetadata - description: The metadata for an IngestConversations operation. + GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelector: + description: Selector of all available annotators and phrase matchers to run. + id: GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelector type: object properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - request: - description: Output only. The original request for ingest. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequest - partialErrors: - description: >- - Output only. Partial errors during ingest operation that might cause - the operation output to be incomplete. - readOnly: true + phraseMatchers: type: array + description: >- + The list of phrase matchers to run. If not provided, all active + phrase matchers will be used. If inactive phrase matchers are + provided, they will not be used. Phrase matchers will be run only if + run_phrase_matcher_annotator is set to true. Format: + projects/{project}/locations/{location}/phraseMatchers/{phrase_matcher} items: - $ref: '#/components/schemas/GoogleRpcStatus' - ingestConversationsStats: - description: Output only. Statistics for IngestConversations operation. - readOnly: true + type: string + runPhraseMatcherAnnotator: + type: boolean + description: Whether to run the active phrase matcher annotator(s). + runQaAnnotator: + description: Whether to run the QA annotator. + type: boolean + runSentimentAnnotator: + type: boolean + description: Whether to run the sentiment annotator. + summarizationConfig: + description: Configuration for the summarization annotator. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IngestConversationsMetadataIngestConversationsStats - sampledConversations: - description: >- - Output only. Stores the conversation resources produced by ingest - sampling operations. - readOnly: true + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorSummarizationConfig + issueModels: type: array items: type: string - GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequest: - id: GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequest - description: The request to ingest conversations. - type: object - properties: - gcsSource: - description: >- - A cloud storage bucket source. Note that any previously ingested - objects from the source will be skipped to avoid duplication. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestGcsSource - transcriptObjectConfig: - description: Configuration for when `source` contains conversation transcripts. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestTranscriptObjectConfig - parent: - description: Required. The parent resource for new conversations. - type: string - conversationConfig: - description: Configuration that applies to all conversations. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestConversationConfig - redactionConfig: description: >- - Optional. DLP settings for transcript redaction. Optional, will - default to the config specified in Settings. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1RedactionConfig - speechConfig: + The issue model to run. If not provided, the most recently deployed + topic model will be used. The provided issue model will only be used + for inference if the issue model is deployed and if + run_issue_model_annotator is set to true. If more than one issue + model is provided, only the first provided issue model will be used + for inference. + runSilenceAnnotator: + type: boolean + description: Whether to run the silence annotator. + runInterruptionAnnotator: + description: Whether to run the interruption annotator. + type: boolean + runIssueModelAnnotator: description: >- - Optional. Default Speech-to-Text configuration. Optional, will - default to the config specified in Settings. + Whether to run the issue model annotator. A model should have + already been deployed for this to take effect. + type: boolean + runIntentAnnotator: + description: Whether to run the intent annotator. + type: boolean + qaConfig: + description: Configuration for the QA annotator. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SpeechConfig - sampleSize: + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelectorQaConfig + runEntityAnnotator: + description: Whether to run the entity annotator. + type: boolean + runSummarizationAnnotator: + description: Whether to run the summarization annotator. + type: boolean + GoogleCloudContactcenterinsightsV1AuthorizedView: + description: >- + An AuthorizedView represents a view of accessible Insights resources + (for example, Conversation and Scorecard). Who have read access to the + AuthorizedView resource will have access to these Insight resources as + well. + properties: + conversationFilter: description: >- - Optional. If set, this fields indicates the number of objects to - ingest from the Cloud Storage bucket. If empty, the entire bucket - will be ingested. Unless they are first deleted, conversations - produced through sampling won't be ingested by subsequent ingest - requests. - type: integer - format: int32 - GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestGcsSource: - id: >- - GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestGcsSource - description: Configuration for Cloud Storage bucket sources. - type: object - properties: - bucketUri: - description: >- - Optional. The Cloud Storage bucket containing source objects. Avoid - passing this. Pass this through one of `transcript_bucket_uri` or - `audio_bucket_uri`. + A filter to reduce conversation results to a specific subset. The + AuthorizedView's assigned permission (read/write) could be applied + to the subset of conversations. If conversation_filter is empty, + there is no restriction on the conversations that the AuthorizedView + can access. Having *authorizedViews.get* access to the + AuthorizedView means having the same read/write access to the + Conversations (as well as metadata/annotations linked to the + conversation) that this AuthorizedView has. type: string - bucketObjectType: - description: >- - Optional. Specifies the type of the objects in `bucket_uri`. Avoid - passing this. This is inferred from the `transcript_bucket_uri`, - `audio_bucket_uri`. + displayName: + description: Display Name. Limit 64 characters. type: string - enumDescriptions: - - The object type is unspecified and will default to `TRANSCRIPT`. - - The object is a transcript. - - The object is an audio file. - enum: - - BUCKET_OBJECT_TYPE_UNSPECIFIED - - TRANSCRIPT - - AUDIO - transcriptBucketUri: + name: description: >- - Optional. The Cloud Storage path to the conversation transcripts. - Note that: [1] Transcript files are expected to be in JSON format. - [2] Transcript, audio, metadata files must be in separate buckets / - folders. [3] A source file and its corresponding metadata file must - share the same name to be properly ingested, E.g. - `gs://bucket/audio/conversation1.mp3` and - `gs://bucket/metadata/conversation1.json`. + Identifier. The resource name of the AuthorizedView. Format: + projects/{project}/locations/{location}/authorizedViewSets/{authorized_view_set}/authorizedViews/{authorized_view} type: string - audioBucketUri: + updateTime: + format: google-datetime description: >- - Optional. The Cloud Storage path to the conversation audio file. - Note that: [1] Audio files will be transcribed if not already. [2] - Audio files and transcript files must be in separate buckets / - folders. [3] A source file and its corresponding audio file must - share the same name to be properly ingested, E.g. - `gs://bucket/transcript/conversation1.json` and - `gs://bucket/audio/conversation1.mp3`. + Output only. The most recent time at which the authorized view was + updated. type: string - metadataBucketUri: - description: >- - Optional. The Cloud Storage path to the conversation metadata. Note - that: [1] Metadata files are expected to be in JSON format. [2] - Metadata and source files (transcripts or audio) must be in separate - buckets / folders. [3] A source file and its corresponding metadata - file must share the same name to be properly ingested, E.g. - `gs://bucket/audio/conversation1.mp3` and - `gs://bucket/metadata/conversation1.json`. + readOnly: true + createTime: + format: google-datetime type: string - customMetadataKeys: - description: >- - Optional. Custom keys to extract as conversation labels from - metadata files in `metadata_bucket_uri`. Keys not included in this - field will be ignored. Note that there is a limit of 100 labels per - conversation. - type: array - items: - type: string - GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestTranscriptObjectConfig: - id: >- - GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestTranscriptObjectConfig - description: Configuration for processing transcript objects. + description: Output only. The time at which the authorized view was created. + readOnly: true type: object - properties: - medium: - description: Required. The medium transcript objects represent. - type: string - enumDescriptions: - - Default value, if unspecified will default to PHONE_CALL. - - The format for conversations that took place over the phone. - - The format for conversations that took place over chat. - enum: - - MEDIUM_UNSPECIFIED - - PHONE_CALL - - CHAT - GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestConversationConfig: - id: >- - GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestConversationConfig - description: Configuration that applies to all conversations. + id: GoogleCloudContactcenterinsightsV1AuthorizedView + GoogleCloudContactcenterinsightsV1BulkDeleteConversationsRequest: + id: GoogleCloudContactcenterinsightsV1BulkDeleteConversationsRequest + description: The request to delete conversations in bulk. type: object properties: - agentId: + parent: + type: string description: >- - Optional. An opaque, user-specified string representing a human - agent who handled all conversations in the import. Note that this - will be overridden if per-conversation metadata is provided through - the `metadata_bucket_uri`. + Required. The parent resource to delete conversations from. Format: + projects/{project}/locations/{location} + filter: type: string - agentChannel: + description: Filter used to select the subset of conversations to delete. + force: + type: boolean description: >- - Optional. Indicates which of the channels, 1 or 2, contains the - agent. Note that this must be set for conversations to be properly - displayed and analyzed. - type: integer + If set to true, all of this conversation's analyses will also be + deleted. Otherwise, the request will only succeed if the + conversation has no analyses. + maxDeleteCount: format: int32 - customerChannel: - description: >- - Optional. Indicates which of the channels, 1 or 2, contains the - agent. Note that this must be set for conversations to be properly - displayed and analyzed. + description: Maximum number of conversations to delete. type: integer - format: int32 - GoogleCloudContactcenterinsightsV1alpha1RedactionConfig: - id: GoogleCloudContactcenterinsightsV1alpha1RedactionConfig - description: >- - DLP resources used for redaction while ingesting conversations. DLP - settings are applied to conversations ingested from the - `UploadConversation` and `IngestConversations` endpoints, including - conversation coming from CCAI Platform. They are not applied to - conversations ingested from the `CreateConversation` endpoint or the - Dialogflow / Agent Assist runtime integrations. When using Dialogflow / - Agent Assist runtime integrations, redaction should be performed in - Dialogflow / Agent Assist. + GoogleCloudContactcenterinsightsV1IssueModelLabelStatsIssueStats: type: object + id: GoogleCloudContactcenterinsightsV1IssueModelLabelStatsIssueStats + description: Aggregated statistics about an issue. properties: - deidentifyTemplate: - description: >- - The fully-qualified DLP deidentify template resource name. Format: - `projects/{project}/deidentifyTemplates/{template}` + labeledConversationsCount: + format: int64 + description: Number of conversations attached to the issue at this point in time. + type: string + issue: type: string - inspectTemplate: description: >- - The fully-qualified DLP inspect template resource name. Format: - `projects/{project}/locations/{location}/inspectTemplates/{template}` + Issue resource. Format: + projects/{project}/locations/{location}/issueModels/{issue_model}/issues/{issue} + displayName: + description: Display name of the issue. type: string - GoogleCloudContactcenterinsightsV1alpha1SpeechConfig: - id: GoogleCloudContactcenterinsightsV1alpha1SpeechConfig - description: >- - Speech-to-Text configuration. Speech-to-Text settings are applied to - conversations ingested from the `UploadConversation` and - `IngestConversations` endpoints, including conversation coming from CCAI - Platform. They are not applied to conversations ingested from the - `CreateConversation` endpoint. + GoogleCloudContactcenterinsightsV1QaQuestionAnswerChoice: + id: GoogleCloudContactcenterinsightsV1QaQuestionAnswerChoice type: object properties: - speechRecognizer: + score: + type: number + format: double description: >- - The fully-qualified Speech Recognizer resource name. Format: - `projects/{project_id}/locations/{location}/recognizer/{recognizer}` + Numerical score of the answer, used for generating the overall score + of a QaScorecardResult. If the answer uses na_value, this field is + unused. + numValue: + description: Numerical value. + format: double + type: number + strValue: type: string - GoogleCloudContactcenterinsightsV1alpha1IngestConversationsMetadataIngestConversationsStats: - id: >- - GoogleCloudContactcenterinsightsV1alpha1IngestConversationsMetadataIngestConversationsStats - description: Statistics for IngestConversations operation. - type: object - properties: - processedObjectCount: + description: String value. + naValue: + type: boolean description: >- - Output only. The number of objects processed during the ingest - operation. - readOnly: true - type: integer - format: int32 - duplicatesSkippedCount: + A value of "Not Applicable (N/A)". If provided, this field may only + be set to `true`. If a question receives this answer, it will be + excluded from any score calculations. + boolValue: + type: boolean + description: Boolean value. + key: + type: string + description: A short string used as an identifier. + description: Message representing a possible answer to the question. + GoogleCloudContactcenterinsightsV1alpha1SmartComposeSuggestionData: + description: Agent Assist Smart Compose suggestion data. + id: GoogleCloudContactcenterinsightsV1alpha1SmartComposeSuggestionData + properties: + confidenceScore: + format: double description: >- - Output only. The number of objects skipped because another - conversation with the same transcript uri had already been ingested. - readOnly: true - type: integer - format: int32 - successfulIngestCount: + The system's confidence score that this suggestion is a good match + for this conversation, ranging from 0.0 (completely uncertain) to + 1.0 (completely certain). + type: number + queryRecord: + type: string description: >- - Output only. The number of new conversations added during this - ingest operation. - readOnly: true - type: integer - format: int32 - failedIngestCount: + The name of the answer record. Format: + projects/{project}/locations/{location}/answerRecords/{answer_record} + suggestion: + description: The content of the suggestion. + type: string + metadata: + additionalProperties: + type: string + type: object description: >- - Output only. The number of objects which were unable to be ingested - due to errors. The errors are populated in the partial_errors field. - readOnly: true - type: integer - format: int32 - GoogleCloudContactcenterinsightsV1alpha1IngestConversationsResponse: - id: GoogleCloudContactcenterinsightsV1alpha1IngestConversationsResponse - description: The response to an IngestConversations operation. + Map that contains metadata about the Smart Compose suggestion and + the document from which it originates. type: object - properties: {} - GoogleCloudContactcenterinsightsV1alpha1InitializeEncryptionSpecMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1InitializeEncryptionSpecMetadata - description: Metadata for initializing a location-level encryption specification. + GoogleCloudContactcenterinsightsV1ListAnalysesResponse: + id: GoogleCloudContactcenterinsightsV1ListAnalysesResponse type: object properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + analyses: + type: array + items: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Analysis' + description: The analyses that match the request. + nextPageToken: type: string - format: google-datetime + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + description: The response to list analyses. + GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsMetadata: + description: Metadata for the BulkDeleteFeedbackLabels endpoint. + type: object + id: GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsMetadata + properties: request: - description: Output only. The original request for initialization. + description: Output only. The original request for delete. readOnly: true $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1InitializeEncryptionSpecRequest + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsRequest partialErrors: + items: + $ref: '#/components/schemas/GoogleRpcStatus' description: >- - Partial errors during initializing operation that might cause the + Partial errors during deletion operation that might cause the operation output to be incomplete. type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudContactcenterinsightsV1alpha1InitializeEncryptionSpecRequest: - id: GoogleCloudContactcenterinsightsV1alpha1InitializeEncryptionSpecRequest - description: The request to initialize a location-level encryption specification. + GoogleCloudContactcenterinsightsV1RuntimeAnnotation: + description: >- + An annotation that was generated during the customer and agent + interaction. + id: GoogleCloudContactcenterinsightsV1RuntimeAnnotation type: object properties: - encryptionSpec: + startBoundary: description: >- - Required. The encryption spec used for CMEK encryption. It is - required that the kms key is in the same region as the endpoint. The - same key will be used for all provisioned resources, if encryption - is available. If the `kms_key_name` field is left empty, no - encryption will be enforced. + The boundary in the conversation where the annotation starts, + inclusive. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1EncryptionSpec - GoogleCloudContactcenterinsightsV1alpha1EncryptionSpec: - id: GoogleCloudContactcenterinsightsV1alpha1EncryptionSpec - description: >- - A customer-managed encryption key specification that can be applied to - all created resources (e.g. `Conversation`). + #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotationBoundary + userInput: + description: Explicit input used for generating the answer + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1RuntimeAnnotationUserInput + dialogflowInteraction: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1DialogflowInteractionData + description: Dialogflow interaction data. + faqAnswer: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1FaqAnswerData' + description: Agent Assist FAQ answer data. + createTime: + format: google-datetime + description: The time at which this annotation was created. + type: string + annotationId: + type: string + description: >- + The unique identifier of the annotation. Format: + projects/{project}/locations/{location}/conversationDatasets/{dataset}/conversationDataItems/{data_item}/conversationAnnotations/{annotation} + endBoundary: + description: >- + The boundary in the conversation where the annotation ends, + inclusive. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotationBoundary + conversationSummarizationSuggestion: + description: Conversation summarization suggestion data. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationSummarizationSuggestionData + smartComposeSuggestion: + description: Agent Assist Smart Compose suggestion data. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1SmartComposeSuggestionData + smartReply: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1SmartReplyData + description: Agent Assist Smart Reply data. + articleSuggestion: + description: Agent Assist Article Suggestion data. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ArticleSuggestionData + answerFeedback: + description: The feedback that the customer has about the answer in `data`. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AnswerFeedback + GoogleCloudContactcenterinsightsV1ExportIssueModelResponse: + properties: {} type: object + id: GoogleCloudContactcenterinsightsV1ExportIssueModelResponse + description: Response from export issue model + GoogleCloudContactcenterinsightsV1SampleRule: properties: - name: + samplePercentage: description: >- - Immutable. The resource name of the encryption key specification - resource. Format: - projects/{project}/locations/{location}/encryptionSpec + Percentage of conversations that we should sample based on the + dimension between [0, 100]. + format: double + type: number + sampleRow: + format: int64 + description: >- + Number of the conversations that we should sample based on the + dimension. type: string - kmsKey: + dimension: description: >- - Required. The name of customer-managed encryption key that is used - to secure a resource and its sub-resources. If empty, the resource - is secured by our default encryption key. Only the key in the same - location as this resource is allowed to be used for encryption. - Format: - `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{key}` + Optional. Group by dimension to sample the conversation. If no + dimension is provided, the sampling will be applied to the project + level. Current supported dimensions is + 'quality_metadata.agent_info.agent_id'. type: string - GoogleCloudContactcenterinsightsV1alpha1InitializeEncryptionSpecResponse: - id: GoogleCloudContactcenterinsightsV1alpha1InitializeEncryptionSpecResponse - description: The response to initialize a location-level encryption specification. + conversationFilter: + type: string + description: >- + To specify the filter for the conversions that should apply this + sample rule. An empty filter means this sample rule applies to all + conversations. + id: GoogleCloudContactcenterinsightsV1SampleRule type: object - properties: {} - GoogleCloudContactcenterinsightsV1alpha1ListAllFeedbackLabelsResponse: - id: GoogleCloudContactcenterinsightsV1alpha1ListAllFeedbackLabelsResponse - description: The response for listing all feedback labels. + description: Message for sampling conversations. + GoogleCloudContactcenterinsightsV1PhraseMatchRuleGroup: + id: GoogleCloudContactcenterinsightsV1PhraseMatchRuleGroup type: object properties: - feedbackLabels: - description: The feedback labels that match the request. + phraseMatchRules: + description: A list of phrase match rules that are included in this group. type: array items: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1FeedbackLabel + #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatchRule + type: + type: string + enumDescriptions: + - Unspecified. + - Must meet all phrase match rules or there is no match. + - If any of the phrase match rules are met, there is a match. + description: Required. The type of this phrase match rule group. + enum: + - PHRASE_MATCH_RULE_GROUP_TYPE_UNSPECIFIED + - ALL_OF + - ANY_OF + description: A message representing a rule in the phrase matcher. + GoogleCloudContactcenterinsightsV1ListAllFeedbackLabelsResponse: + properties: nextPageToken: description: >- A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. type: string - GoogleCloudContactcenterinsightsV1alpha1FeedbackLabel: - id: GoogleCloudContactcenterinsightsV1alpha1FeedbackLabel - description: >- - Represents a conversation, resource, and label provided by the user. Can - take the form of a string label or a QaAnswer label. QaAnswer labels are - used for Quality AI example conversations. String labels are used for - Topic Modeling. AgentAssistSummary labels are used for Agent Assist - Summarization. + feedbackLabels: + type: array + description: The feedback labels that match the request. + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel + id: GoogleCloudContactcenterinsightsV1ListAllFeedbackLabelsResponse + description: The response for listing all feedback labels. + type: object + GoogleCloudContactcenterinsightsV1CreateIssueModelRequest: + id: GoogleCloudContactcenterinsightsV1CreateIssueModelRequest + description: The request to create an issue model. type: object properties: - label: - description: String label used for Topic Modeling. + issueModel: + description: Required. The issue model to create. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1IssueModel' + parent: + description: Required. The parent resource of the issue model. type: string - qaAnswerLabel: - description: QaAnswer label used for Quality AI example conversations. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaAnswerAnswerValue - name: + GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsRequest: + type: object + id: GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsRequest + description: The request to analyze conversations in bulk. + properties: + filter: description: >- - Immutable. Resource name of the FeedbackLabel. Format: - projects/{project}/locations/{location}/conversations/{conversation}/feedbackLabels/{feedback_label} + Required. Filter used to select the subset of conversations to + analyze. type: string - labeledResource: + analysisPercentage: + type: number + format: float description: >- - Name of the resource to be labeled. Supported resources are: * - `projects/{project}/locations/{location}/qaScorecards/{scorecard}/revisions/{revision}/qaQuestions/{question}` - * - `projects/{project}/locations/{location}/issueModels/{issue_model}` - * - `projects/{project}/locations/{location}/generators/{generator_id}` - type: string - createTime: - description: Output only. Create time of the label. - readOnly: true + Required. Percentage of selected conversation to analyze, between + [0, 100]. + parent: type: string - format: google-datetime - updateTime: - description: Output only. Update time of the label. - readOnly: true + description: Required. The parent resource to create analyses in. + annotatorSelector: + description: >- + To select the annotators to run and the phrase matchers to use (if + any). If not specified, all annotators will be run. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotatorSelector + GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponse: + description: The response for querying metrics. + properties: + location: + description: >- + Required. The location of the data. + "projects/{project}/locations/{location}" type: string - format: google-datetime - GoogleCloudContactcenterinsightsV1alpha1QaAnswerAnswerValue: - id: GoogleCloudContactcenterinsightsV1alpha1QaAnswerAnswerValue - description: >- - Message for holding the value of a QaAnswer. QaQuestion.AnswerChoice - defines the possible answer values for a question. + slices: + description: >- + A slice contains a total and (if the request specified a time + granularity) a time series of metric values. Each slice contains a + unique combination of the cardinality of dimensions from the + request. + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSlice + type: array + macroAverageSlice: + description: >- + The macro average slice contains aggregated averages across all + selected dimensions. i.e. if group_by agent and scorecard_id is + specified, this field will contain the average across all agents and + all scorecards. This field is only populated if the request + specifies a Dimension. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSlice + updateTime: + type: string + format: google-datetime + description: The metrics last update time. + id: GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponse + type: object + GoogleCloudContactcenterinsightsV1SmartReplyData: type: object properties: - strValue: - description: String value. + queryRecord: type: string - numValue: - description: Numerical value. + description: >- + The name of the answer record. Format: + projects/{project}/locations/{location}/answerRecords/{answer_record} + confidenceScore: + description: >- + The system's confidence score that this reply is a good match for + this conversation, ranging from 0.0 (completely uncertain) to 1.0 + (completely certain). type: number format: double - boolValue: - description: Boolean value. - type: boolean - naValue: - description: A value of "Not Applicable (N/A)". Should only ever be `true`. - type: boolean - skipValue: + reply: + description: The content of the reply. + type: string + metadata: + type: object description: >- - Output only. A value of "Skip". If provided, this field may only be - set to `true`. If a question receives this answer, it will be - excluded from any score calculations. This would mean that the - question was not evaluated. - readOnly: true - type: boolean - key: + Map that contains metadata about the Smart Reply and the document + from which it originates. + additionalProperties: + type: string + id: GoogleCloudContactcenterinsightsV1SmartReplyData + description: Agent Assist Smart Reply data. + GoogleCloudContactcenterinsightsV1SmartComposeSuggestionData: + id: GoogleCloudContactcenterinsightsV1SmartComposeSuggestionData + type: object + properties: + suggestion: + type: string + description: The content of the suggestion. + metadata: + additionalProperties: + type: string + type: object description: >- - A short string used as an identifier. Matches the value used in - QaQuestion.AnswerChoice.key. + Map that contains metadata about the Smart Compose suggestion and + the document from which it originates. + queryRecord: type: string - score: - description: Output only. Numerical score of the answer. - readOnly: true - type: number + description: >- + The name of the answer record. Format: + projects/{project}/locations/{location}/answerRecords/{answer_record} + confidenceScore: format: double - potentialScore: - description: Output only. The maximum potential score of the question. - readOnly: true type: number - format: double - normalizedScore: description: >- - Output only. Normalized score of the questions. Calculated as score - / potential_score. - readOnly: true - type: number - format: double + The system's confidence score that this suggestion is a good match + for this conversation, ranging from 0.0 (completely uncertain) to + 1.0 (completely certain). + description: Agent Assist Smart Compose suggestion data. + GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelRequest: + id: GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelRequest + properties: + gcsSource: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ImportIssueModelRequestGcsSource + description: Google Cloud Storage source message. + parent: + type: string + description: Required. The parent resource of the issue model. + createNewModel: + description: >- + Optional. If set to true, will create an issue model from the + imported file with randomly generated IDs for the issue model and + corresponding issues. Otherwise, replaces an existing model with the + same ID as the file. + type: boolean + description: Request to import an issue model. + type: object GoogleCloudContactcenterinsightsV1alpha1ListFeedbackLabelsResponse: - id: GoogleCloudContactcenterinsightsV1alpha1ListFeedbackLabelsResponse description: The response for listing feedback labels. - type: object properties: feedbackLabels: - description: The feedback labels that match the request. type: array + description: The feedback labels that match the request. items: $ref: >- #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1FeedbackLabel nextPageToken: description: The next page token. type: string - GoogleCloudContactcenterinsightsV1alpha1QueryMetricsMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1QueryMetricsMetadata - description: The metadata from querying metrics. + id: GoogleCloudContactcenterinsightsV1alpha1ListFeedbackLabelsResponse + type: object + GoogleCloudContactcenterinsightsV1InitializeEncryptionSpecRequest: type: object + description: The request to initialize a location-level encryption specification. properties: - resultIsTruncated: + encryptionSpec: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1EncryptionSpec description: >- - Whether the result rows were truncated because the result row size - is too large to materialize. - type: boolean - GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponse: - id: GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponse - description: The response for querying metrics. + Required. The encryption spec used for CMEK encryption. It is + required that the kms key is in the same region as the endpoint. The + same key will be used for all provisioned resources, if encryption + is available. If the `kms_key_name` field is left empty, no + encryption will be enforced. + id: GoogleCloudContactcenterinsightsV1InitializeEncryptionSpecRequest + GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataMetadata: type: object + description: Metadata for an export insights operation. + id: GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataMetadata properties: - location: - description: >- - Required. The location of the data. - "projects/{project}/locations/{location}" - type: string - updateTime: - description: The metrics last update time. - type: string - format: google-datetime - slices: + partialErrors: description: >- - A slice contains a total and (if the request specified a time - granularity) a time series of metric values. Each slice contains a - unique combination of the cardinality of dimensions from the - request. + Partial errors during export operation that might cause the + operation output to be incomplete. type: array items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSlice - macroAverageSlice: - description: >- - The macro average slice contains aggregated averages across the - selected dimension. i.e. if group_by agent is specified this field - will contain the average across all agents. This field is only - populated if the request specifies a Dimension. + $ref: '#/components/schemas/GoogleRpcStatus' + createTime: + type: string + readOnly: true + description: Output only. The time the operation was created. + format: google-datetime + request: + description: The original request for export. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSlice - GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSlice: - id: GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSlice - description: >- - A slice contains a total and (if the request specified a time - granularity) a time series of metric values. Each slice contains a - unique combination of the cardinality of dimensions from the request. - For example, if the request specifies a single ISSUE dimension and it - has a cardinality of 2 (i.e. the data used to compute the metrics has 2 - issues in total), the response will have 2 slices: * Slice 1 -> - dimensions=[Issue 1] * Slice 2 -> dimensions=[Issue 2] - type: object + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ExportInsightsDataRequest + endTime: + readOnly: true + description: Output only. The time the operation finished running. + type: string + format: google-datetime + completedExportCount: + format: int32 + description: The number of conversations that were exported successfully. + type: integer + failedExportCount: + description: The number of conversations that failed to be exported. + format: int32 + type: integer + GoogleCloudContactcenterinsightsV1IngestConversationsMetadataIngestConversationsStats: properties: - dimensions: - description: A unique combination of dimensions that this slice represents. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1Dimension - total: + processedObjectCount: + readOnly: true description: >- - The total metric value. The interval of this data point is [starting - create time, ending create time) from the request. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPoint - timeSeries: + Output only. The number of objects processed during the ingest + operation. + format: int32 + type: integer + duplicatesSkippedCount: description: >- - A time series of metric values. This is only populated if the - request specifies a time granularity other than NONE. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceTimeSeries - GoogleCloudContactcenterinsightsV1alpha1Dimension: - id: GoogleCloudContactcenterinsightsV1alpha1Dimension - description: >- - A dimension determines the grouping key for the query. In SQL terms, - these would be part of both the "SELECT" and "GROUP BY" clauses. - type: object - properties: - issueDimensionMetadata: - description: Output only. Metadata about the issue dimension. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DimensionIssueDimensionMetadata - agentDimensionMetadata: - description: Output only. Metadata about the agent dimension. + Output only. The number of objects skipped because another + conversation with the same transcript uri had already been ingested. + type: integer readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DimensionAgentDimensionMetadata - qaQuestionDimensionMetadata: - description: Output only. Metadata about the QA question dimension. + format: int32 + successfulIngestCount: + format: int32 readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DimensionQaQuestionDimensionMetadata - qaQuestionAnswerDimensionMetadata: - description: Output only. Metadata about the QA question-answer dimension. + description: >- + Output only. The number of new conversations added during this + ingest operation. + type: integer + failedIngestCount: + type: integer + description: >- + Output only. The number of objects which were unable to be ingested + due to errors. The errors are populated in the partial_errors field. readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DimensionQaQuestionAnswerDimensionMetadata - dimensionKey: - description: The key of the dimension. - type: string + format: int32 + description: Statistics for IngestConversations operation. + id: >- + GoogleCloudContactcenterinsightsV1IngestConversationsMetadataIngestConversationsStats + type: object + GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestTranscriptObjectConfig: + id: >- + GoogleCloudContactcenterinsightsV1alpha1IngestConversationsRequestTranscriptObjectConfig + type: object + description: Configuration for processing transcript objects. + properties: + medium: + description: Required. The medium transcript objects represent. enumDescriptions: - - The key of the dimension is unspecified. - - The dimension is keyed by issues. - - The dimension is keyed by issue names. - - The dimension is keyed by agents. - - The dimension is keyed by agent teams. - - >- - The dimension is keyed by QaQuestionIds. Note that: We only group - by the QuestionId and not the revision-id of the scorecard this - question is a part of. This allows for showing stats for the same - question across different scorecard revisions. - - >- - The dimension is keyed by QaQuestionIds-Answer value pairs. Note - that: We only group by the QuestionId and not the revision-id of - the scorecard this question is a part of. This allows for showing - distribution of answers per question across different scorecard - revisions. - - >- - The dimension is keyed by QaScorecardIds. Note that: We only group - by the ScorecardId and not the revision-id of the scorecard. This - allows for showing stats for the same scorecard across different - revisions. This metric is mostly only useful if querying the - average normalized score per scorecard. - - The dimension is keyed by the conversation profile ID. - - The dimension is keyed by the conversation medium. + - Default value, if unspecified will default to PHONE_CALL. + - The format for conversations that took place over the phone. + - The format for conversations that took place over chat. enum: - - DIMENSION_KEY_UNSPECIFIED - - ISSUE - - ISSUE_NAME - - AGENT - - AGENT_TEAM - - QA_QUESTION_ID - - QA_QUESTION_ANSWER_VALUE - - QA_SCORECARD_ID - - CONVERSATION_PROFILE_ID - - MEDIUM - GoogleCloudContactcenterinsightsV1alpha1DimensionIssueDimensionMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1DimensionIssueDimensionMetadata - description: Metadata about the issue dimension. + - MEDIUM_UNSPECIFIED + - PHONE_CALL + - CHAT + type: string + GoogleCloudContactcenterinsightsV1IssueMatchData: + properties: + issueAssignment: + description: Information about the issue's assignment. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1IssueAssignment type: object + id: GoogleCloudContactcenterinsightsV1IssueMatchData + description: The data for an issue match annotation. + GoogleCloudContactcenterinsightsV1alpha1BulkDeleteConversationsMetadata: + id: GoogleCloudContactcenterinsightsV1alpha1BulkDeleteConversationsMetadata + description: The metadata for a bulk delete conversations operation. properties: - issueId: - description: The issue ID. - type: string - issueDisplayName: - description: The issue display name. + partialErrors: + items: + $ref: '#/components/schemas/GoogleRpcStatus' + description: >- + Partial errors during bulk delete conversations operation that might + cause the operation output to be incomplete. + type: array + createTime: + description: The time the operation was created. + format: google-datetime type: string - issueModelId: - description: The parent issue model ID. + endTime: + description: The time the operation finished running. type: string - GoogleCloudContactcenterinsightsV1alpha1DimensionAgentDimensionMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1DimensionAgentDimensionMetadata - description: Metadata about the agent dimension. + format: google-datetime + request: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1BulkDeleteConversationsRequest + description: The original request for bulk delete. + type: object + GoogleRpcStatus: type: object + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). properties: - agentId: - description: Optional. A user-specified string representing the agent. - type: string - agentDisplayName: - description: Optional. The agent's name + details: + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: array + message: type: string - agentTeam: - description: Optional. A user-specified string representing the agent's team. + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer + id: GoogleRpcStatus + GoogleCloudContactcenterinsightsV1alpha1DeployIssueModelRequest: + properties: + name: + description: Required. The issue model to deploy. type: string - GoogleCloudContactcenterinsightsV1alpha1DimensionQaQuestionDimensionMetadata: - id: >- - GoogleCloudContactcenterinsightsV1alpha1DimensionQaQuestionDimensionMetadata - description: Metadata about the QA question dimension. + type: object + id: GoogleCloudContactcenterinsightsV1alpha1DeployIssueModelRequest + description: The request to deploy an issue model. + GoogleCloudContactcenterinsightsV1alpha1RedactionConfig: type: object properties: - qaScorecardId: - description: Optional. The QA scorecard ID. - type: string - qaQuestionId: - description: Optional. The QA question ID. + inspectTemplate: type: string - questionBody: - description: Optional. The full body of the question. + description: >- + The fully-qualified DLP inspect template resource name. Format: + `projects/{project}/locations/{location}/inspectTemplates/{template}` + deidentifyTemplate: type: string - GoogleCloudContactcenterinsightsV1alpha1DimensionQaQuestionAnswerDimensionMetadata: - id: >- - GoogleCloudContactcenterinsightsV1alpha1DimensionQaQuestionAnswerDimensionMetadata + description: >- + The fully-qualified DLP deidentify template resource name. Format: + `projects/{project}/deidentifyTemplates/{template}` + id: GoogleCloudContactcenterinsightsV1alpha1RedactionConfig description: >- - Metadata about the QA question-answer dimension. This is useful for - showing the answer distribution for questions for a given scorecard. - type: object + DLP resources used for redaction while ingesting conversations. DLP + settings are applied to conversations ingested from the + `UploadConversation` and `IngestConversations` endpoints, including + conversation coming from CCAI Platform. They are not applied to + conversations ingested from the `CreateConversation` endpoint or the + Dialogflow / Agent Assist runtime integrations. When using Dialogflow / + Agent Assist runtime integrations, redaction should be performed in + Dialogflow / Agent Assist. + GoogleCloudContactcenterinsightsV1EntityMentionData: + id: GoogleCloudContactcenterinsightsV1EntityMentionData + description: >- + The data for an entity mention annotation. This represents a mention of + an `Entity` in the conversation. properties: - qaScorecardId: - description: Optional. The QA scorecard ID. - type: string - qaQuestionId: - description: Optional. The QA question ID. + entityUniqueId: type: string - questionBody: - description: Optional. The full body of the question. + description: >- + The key of this entity in conversation entities. Can be used to + retrieve the exact `Entity` this mention is attached to. + sentiment: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SentimentData' + description: Sentiment expressed for this mention of the entity. + type: type: string - answerValue: - description: Optional. The full body of the question. + description: The type of the entity mention. + enum: + - MENTION_TYPE_UNSPECIFIED + - PROPER + - COMMON + enumDescriptions: + - Unspecified. + - Proper noun. + - Common noun (or noun compound). + type: object + GoogleCloudContactcenterinsightsV1alpha1DimensionConversationProfileDimensionMetadata: + type: object + description: Metadata about the conversation profile dimension. + properties: + conversationProfileId: type: string - GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPoint: + description: Optional. The conversation profile ID. id: >- - GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPoint - description: A data point contains the metric values mapped to an interval. + GoogleCloudContactcenterinsightsV1alpha1DimensionConversationProfileDimensionMetadata + GoogleCloudContactcenterinsightsV1alpha1SampleConversationsMetadata: + id: GoogleCloudContactcenterinsightsV1alpha1SampleConversationsMetadata type: object properties: - conversationMeasure: - description: The measure related to conversations. + sampleConversationsStats: + description: Output only. Statistics for SampleConversations operation. + readOnly: true $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPointConversationMeasure - interval: - description: >- - The interval that this data point represents. * If this is the total - data point, the interval is [starting create time, ending create - time) from the request. * If this a data point from the time series, - the interval is [time, time + time granularity from the request). - $ref: '#/components/schemas/GoogleTypeInterval' - GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPointConversationMeasure: - id: >- - GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPointConversationMeasure - description: The measure related to conversations. - type: object - properties: - conversationCount: - description: The conversation count. - type: integer - format: int32 - averageSilencePercentage: - description: The average silence percentage. - type: number - format: float - averageDuration: - description: The average duration. - type: string - format: google-duration - averageTurnCount: - description: The average turn count. - type: number - format: float - averageAgentSentimentScore: - description: The average agent's sentiment score. - type: number - format: float - averageClientSentimentScore: - description: The average client's sentiment score. - type: number - format: float - averageCustomerSatisfactionRating: - description: The average customer satisfaction rating. - type: number - format: double - averageQaNormalizedScore: - description: >- - Average QA normalized score. Will exclude 0's in average - calculation. - type: number - format: double - qaTagScores: - description: Average QA normalized score for all the tags. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPointConversationMeasureQaTagScore - averageQaQuestionNormalizedScore: - description: >- - Average QA normalized score averaged for questions averaged across - all revisions of the parent scorecard. Will be only populated if the - request specifies a dimension of QA_QUESTION_ID. - type: number - format: double - GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPointConversationMeasureQaTagScore: - id: >- - GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPointConversationMeasureQaTagScore - description: Average QA normalized score for the tag. - type: object - properties: - tag: - description: Tag name. - type: string - averageTagNormalizedScore: - description: Average tag normalized score per tag. - type: number - format: double - GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceTimeSeries: - id: >- - GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceTimeSeries - description: A time series of metric values. - type: object - properties: - dataPoints: - description: The data points that make up the time series . - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPoint - GoogleCloudContactcenterinsightsV1alpha1QueryPerformanceOverviewMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1QueryPerformanceOverviewMetadata - description: The metadata for querying performance overview. - type: object - properties: {} - GoogleCloudContactcenterinsightsV1alpha1QueryPerformanceOverviewResponse: - id: GoogleCloudContactcenterinsightsV1alpha1QueryPerformanceOverviewResponse - description: The response for querying performance overview. - type: object - properties: - summaryText: - description: The summary text of the performance. - type: string - GoogleCloudContactcenterinsightsV1alpha1SampleConversationsMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1SampleConversationsMetadata - description: The metadata for an SampleConversations operation. - type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - request: + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SampleConversationsMetadataSampleConversationsStats + createTime: + description: Output only. The time the operation was created. + format: google-datetime + readOnly: true + type: string + endTime: + format: google-datetime + type: string + readOnly: true + description: Output only. The time the operation finished running. + request: description: >- Output only. The original request for sample conversations to dataset. @@ -7102,1015 +7055,1086 @@ components: description: >- Output only. Partial errors during sample conversations operation that might cause the operation output to be incomplete. - readOnly: true type: array + readOnly: true items: $ref: '#/components/schemas/GoogleRpcStatus' - sampleConversationsStats: - description: Output only. Statistics for SampleConversations operation. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SampleConversationsMetadataSampleConversationsStats - GoogleCloudContactcenterinsightsV1alpha1SampleConversationsRequest: - id: GoogleCloudContactcenterinsightsV1alpha1SampleConversationsRequest - description: The request to sample conversations to a dataset. + description: The metadata for an SampleConversations operation. + GoogleCloudContactcenterinsightsV1NoteConversationTurnNote: type: object + id: GoogleCloudContactcenterinsightsV1NoteConversationTurnNote properties: - destinationDataset: - description: The dataset resource to copy the sampled conversations to. - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1alpha1Dataset' - parent: - description: Required. The parent resource of the dataset. - type: string - sampleRule: - description: Optional. The sample rule used for sampling conversations. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SampleRule - GoogleCloudContactcenterinsightsV1alpha1Dataset: - id: GoogleCloudContactcenterinsightsV1alpha1Dataset - description: >- - Dataset resource represents a collection of conversations that may be - bounded (Static Dataset, e.g. golden dataset for training), or unbounded - (Dynamic Dataset, e.g. live traffic, or agent training traffic) + turnIndex: + description: The conversation turn index that the note is associated with. + format: int32 + type: integer + description: A note about a conversation turn. + GoogleCloudContactcenterinsightsV1Settings: type: object properties: - name: - description: >- - Immutable. Identifier. Resource name of the dataset. Format: - projects/{project}/locations/{location}/datasets/{dataset} - type: string - displayName: - description: Display name for the dataaset - type: string - description: - description: Dataset description. - type: string - type: - description: Dataset usage type. - type: string - enumDescriptions: - - Default value for unspecified. - - For evals only. - - >- - Dataset with new conversations coming in regularly (Insights - legacy conversations and AI trainer) - enum: - - TYPE_UNSPECIFIED - - EVAL - - LIVE - ttl: - description: Optional. Option TTL for the dataset. - type: string + conversationTtl: format: google-duration - createTime: - description: Output only. Dataset create time. - readOnly: true type: string + description: >- + The default TTL for newly-created conversations. If a conversation + has a specified expiration, that value will be used instead. + Changing this value will not change the expiration of existing + conversations. Conversations with no expire time persist until they + are deleted. + analysisConfig: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1SettingsAnalysisConfig + description: Default analysis settings. + createTime: + description: Output only. The time at which the settings was created. format: google-datetime - updateTime: - description: Output only. Dataset update time. + type: string readOnly: true + name: type: string - format: google-datetime - GoogleCloudContactcenterinsightsV1alpha1SampleRule: - id: GoogleCloudContactcenterinsightsV1alpha1SampleRule - description: Message for sampling conversations. - type: object - properties: - samplePercentage: description: >- - Percentage of conversations that we should sample based on the - dimension between [0, 100]. - type: number - format: double - sampleRow: + Immutable. The resource name of the settings resource. Format: + projects/{project}/locations/{location}/settings + redactionConfig: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1RedactionConfig description: >- - Number of the conversations that we should sample based on the - dimension. - type: string - format: int64 - dimension: + Default DLP redaction resources to be applied while ingesting + conversations. This applies to conversations ingested from the + `UploadConversation` and `IngestConversations` endpoints, including + conversations coming from CCAI Platform. + pubsubNotificationSettings: + type: object description: >- - Optional. Group by dimension to sample the conversation. If no - dimension is provided, the sampling will be applied to the project - level. Current supported dimensions is - 'quality_metadata.agent_info.agent_id'. - type: string - conversationFilter: + A map that maps a notification trigger to a Pub/Sub topic. Each time + a specified trigger occurs, Insights will notify the corresponding + Pub/Sub topic. Keys are notification triggers. Supported keys are: * + "all-triggers": Notify each time any of the supported triggers + occurs. * "create-analysis": Notify each time an analysis is + created. * "create-conversation": Notify each time a conversation is + created. * "export-insights-data": Notify each time an export is + complete. * "ingest-conversations": Notify each time an + IngestConversations LRO is complete. * "update-conversation": Notify + each time a conversation is updated via UpdateConversation. * + "upload-conversation": Notify when an UploadConversation LRO is + complete. * "update-or-analyze-conversation": Notify when an + analysis for a conversation is completed or when the conversation is + updated. The message will contain the conversation with transcript, + analysis and other metadata. Values are Pub/Sub topics. The format + of each Pub/Sub topic is: projects/{project}/topics/{topic} + additionalProperties: + type: string + screenRecordingBucketUri: description: >- - To specify the filter for the conversions that should apply this - sample rule. An empty filter means this sample rule applies to all - conversations. + Optional. The path to a Cloud Storage bucket containing conversation + screen recordings. If provided, Insights will search in the bucket + for a screen recording file matching the conversation data source + object name prefix. If matches are found, these file URIs will be + stored in the conversation screen recordings field. + type: string + languageCode: type: string - GoogleCloudContactcenterinsightsV1alpha1SampleConversationsMetadataSampleConversationsStats: - id: >- - GoogleCloudContactcenterinsightsV1alpha1SampleConversationsMetadataSampleConversationsStats - description: Statistics for SampleConversations operation. - type: object - properties: - successfulSampleCount: description: >- - Output only. The number of new conversations added during this - sample operation. + A language code to be applied to each transcript segment unless the + segment already specifies a language code. Language code defaults to + "en-US" if it is neither specified on the segment nor here. + updateTime: + type: string readOnly: true - type: integer - format: int32 - failedSampleCount: + format: google-datetime + description: Output only. The time at which the settings were last updated. + speechConfig: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SpeechConfig' description: >- - Output only. The number of objects which were unable to be sampled - due to errors. The errors are populated in the partial_errors field. - readOnly: true - type: integer - format: int32 - GoogleCloudContactcenterinsightsV1alpha1SampleConversationsResponse: - id: GoogleCloudContactcenterinsightsV1alpha1SampleConversationsResponse - description: The response to an SampleConversations operation. - type: object - properties: {} - GoogleCloudContactcenterinsightsV1alpha1UndeployIssueModelMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1UndeployIssueModelMetadata - description: Metadata for undeploying an issue model. + Optional. Default Speech-to-Text resources to use while ingesting + audio files. Optional, CCAI Insights will create a default if not + provided. This applies to conversations ingested from the + `UploadConversation` and `IngestConversations` endpoints, including + conversations coming from CCAI Platform. + description: >- + The CCAI Insights project wide settings. Use these settings to configure + the behavior of Insights. View these settings with + [`getsettings`](https://cloud.google.com/contact-center/insights/docs/reference/rest/v1/projects.locations/getSettings) + and change the settings with + [`updateSettings`](https://cloud.google.com/contact-center/insights/docs/reference/rest/v1/projects.locations/updateSettings). + id: GoogleCloudContactcenterinsightsV1Settings + GoogleCloudContactcenterinsightsV1alpha1BulkAnalyzeConversationsRequest: + id: GoogleCloudContactcenterinsightsV1alpha1BulkAnalyzeConversationsRequest + description: The request to analyze conversations in bulk. type: object properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + parent: + description: Required. The parent resource to create analyses in. type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + filter: type: string - format: google-datetime - request: - description: The original request for undeployment. + description: >- + Required. Filter used to select the subset of conversations to + analyze. + analysisPercentage: + type: number + format: float + description: >- + Required. Percentage of selected conversation to analyze, between + [0, 100]. + annotatorSelector: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1UndeployIssueModelRequest - GoogleCloudContactcenterinsightsV1alpha1UndeployIssueModelRequest: - id: GoogleCloudContactcenterinsightsV1alpha1UndeployIssueModelRequest - description: The request to undeploy an issue model. - type: object - properties: - name: - description: Required. The issue model to undeploy. - type: string - GoogleCloudContactcenterinsightsV1alpha1UndeployIssueModelResponse: - id: GoogleCloudContactcenterinsightsV1alpha1UndeployIssueModelResponse - description: The response to undeploy an issue model. - type: object - properties: {} - GoogleCloudContactcenterinsightsV1alpha1UpdateQaQuestionTagMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1UpdateQaQuestionTagMetadata - description: The metadata for updating a QaQuestionTag Resource. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelector + description: >- + To select the annotators to run and the phrase matchers to use (if + any). If not specified, all annotators will be run. + GoogleCloudContactcenterinsightsV1DimensionConversationalAgentsToolDimensionMetadata: type: object + description: Metadata about the Conversational Agents tool dimension. properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + toolDisplayName: type: string - format: google-datetime - request: - description: Output only. The original request. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1UpdateQaQuestionTagRequest - GoogleCloudContactcenterinsightsV1alpha1UpdateQaQuestionTagRequest: - id: GoogleCloudContactcenterinsightsV1alpha1UpdateQaQuestionTagRequest - description: The request for updating a QaQuestionTag. - type: object - properties: - qaQuestionTag: - description: Required. The QaQuestionTag to update. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaQuestionTag - updateMask: - description: >- - Optional. The list of fields to be updated. All possible fields can - be updated by passing `*`, or a subset of the following updateable - fields can be provided: * `qa_question_tag_name` - the name of the - tag * `qa_question_ids` - the list of questions the tag applies to + description: Optional. The dialogflow tool display name. + toolId: type: string - format: google-fieldmask - GoogleCloudContactcenterinsightsV1alpha1QaQuestionTag: - id: GoogleCloudContactcenterinsightsV1alpha1QaQuestionTag - description: >- - A tag is a resource which aims to categorize a set of questions across - multiple scorecards, e.g., "Customer Satisfaction","Billing", etc. + description: Optional. The dialogflow tool ID. + id: >- + GoogleCloudContactcenterinsightsV1DimensionConversationalAgentsToolDimensionMetadata + GoogleCloudContactcenterinsightsV1QaScorecardRevision: + id: GoogleCloudContactcenterinsightsV1QaScorecardRevision type: object properties: - name: - description: >- - Identifier. Resource name for the QaQuestionTag Format - projects/{project}/locations/{location}/qaQuestionTags/{qa_question_tag} - In the above format, the last segment, i.e., qa_question_tag, is a - server-generated ID corresponding to the tag resource. - type: string - displayName: - description: Required. A user-specified display name for the tag. - type: string - qaQuestionIds: + alternateIds: description: >- - Optional. The list of Scorecard Question IDs that the tag applies - to. Each QaQuestionId is represented as a full resource name - containing the Question ID. Lastly, Since a tag may not necessarily - be referenced by any Scorecard Questions, we treat this field as - optional. + Output only. Alternative IDs for this revision of the scorecard, + e.g., `latest`. + readOnly: true type: array items: type: string - createTime: - description: Output only. The time at which the question tag was created. + state: + description: >- + Output only. State of the scorecard revision, indicating whether + it's ready to be used in analysis. readOnly: true + enum: + - STATE_UNSPECIFIED + - EDITABLE + - TRAINING + - TRAINING_FAILED + - READY + - DELETING + - TRAINING_CANCELLED type: string - format: google-datetime - updateTime: + enumDescriptions: + - Unspecified. + - The scorecard revision can be edited. + - Scorecard model training is in progress. + - Scorecard revision model training failed. + - The revision can be used in analysis. + - Scorecard is being deleted. + - Scorecard model training was explicitly cancelled by the user. + snapshot: description: >- - Output only. The most recent time at which the question tag was - updated. - readOnly: true + The snapshot of the scorecard at the time of this revision's + creation. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecard' + name: type: string - format: google-datetime - GoogleCloudContactcenterinsightsV1alpha1UploadConversationMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1UploadConversationMetadata - description: The metadata for an `UploadConversation` operation. - type: object - properties: + description: >- + Identifier. The name of the scorecard revision. Format: + projects/{project}/locations/{location}/qaScorecards/{qa_scorecard}/revisions/{revision} createTime: - description: Output only. The time the operation was created. - readOnly: true type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. readOnly: true - type: string + description: Output only. The timestamp that the revision was created. format: google-datetime - request: - description: Output only. The original request. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1UploadConversationRequest - analysisOperation: + description: >- + A revision of a QaScorecard. Modifying published scorecard fields would + invalidate existing scorecard results — the questions may have changed, + or the score weighting will make existing scores impossible to + understand. So changes must create a new revision, rather than modifying + the existing resource. + GoogleCloudContactcenterinsightsV1DimensionAgentDimensionMetadata: + description: Metadata about the agent dimension. + properties: + agentDisplayName: description: >- - Output only. The operation name for a successfully created analysis - operation, if any. - readOnly: true + Optional. The agent's name This will be populated for AGENT, + AGENT_TEAM, AGENT_VERSION_ID, and AGENT_DEPLOYMENT_ID dimensions. type: string - appliedRedactionConfig: + agentId: description: >- - Output only. The redaction config applied to the uploaded - conversation. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1RedactionConfig - GoogleCloudContactcenterinsightsV1alpha1UploadConversationRequest: - id: GoogleCloudContactcenterinsightsV1alpha1UploadConversationRequest - description: Request to upload a conversation. - type: object - properties: - parent: - description: Required. The parent resource of the conversation. + Optional. A user-specified string representing the agent. This will + be populated for AGENT, AGENT_TEAM, AGENT_VERSION_ID, and + AGENT_DEPLOYMENT_ID dimensions. type: string - conversation: - description: Required. The conversation resource to create. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1Conversation - conversationId: - description: >- - Optional. A unique ID for the new conversation. This ID will become - the final component of the conversation's resource name. If no ID is - specified, a server-generated ID will be used. This value should be - 4-64 characters and must match the regular expression - `^[a-z0-9-]{4,64}$`. Valid characters are `a-z-` + agentVersionDisplayName: type: string - redactionConfig: - description: >- - Optional. DLP settings for transcript redaction. Will default to the - config specified in Settings. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1RedactionConfig - speechConfig: description: >- - Optional. Speech-to-Text configuration. Will default to the config - specified in Settings. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SpeechConfig - GoogleCloudContactcenterinsightsV1alpha1Conversation: - id: GoogleCloudContactcenterinsightsV1alpha1Conversation - description: The conversation resource. - type: object - properties: - callMetadata: - description: Call-specific metadata. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationCallMetadata - expireTime: + Optional. The agent's version display name. Only applicable to + automated agents. This will be populated for AGENT_VERSION_ID, and + AGENT_DEPLOYMENT_ID dimensions. + agentDeploymentDisplayName: description: >- - The time at which this conversation should expire. After this time, - the conversation data and any associated analyses will be deleted. + Optional. The agent's deployment display name. Only applicable to + automated agents. This will be populated for AGENT_DEPLOYMENT_ID + dimensions. + type: string + agentDeploymentId: type: string - format: google-datetime - ttl: description: >- - Input only. The TTL for this resource. If specified, then this TTL - will be used to calculate the expire time. + Optional. The agent's deployment ID. Only applicable to automated + agents. This will be populated for AGENT and AGENT_DEPLOYMENT_ID + dimensions. + agentVersionId: type: string - format: google-duration - name: description: >- - Immutable. The resource name of the conversation. Format: - projects/{project}/locations/{location}/conversations/{conversation} + Optional. The agent's version ID. Only applicable to automated + agents. This will be populated for AGENT_VERSION_ID, and + AGENT_DEPLOYMENT_ID dimensions. + agentTeam: type: string - dataSource: - description: The source of the audio and transcription for the conversation. + description: Optional. A user-specified string representing the agent's team. + type: object + id: GoogleCloudContactcenterinsightsV1DimensionAgentDimensionMetadata + GoogleCloudContactcenterinsightsV1alpha1BulkDeleteConversationsResponse: + type: object + properties: {} + description: The response for a bulk delete conversations operation. + id: GoogleCloudContactcenterinsightsV1alpha1BulkDeleteConversationsResponse + GoogleCloudContactcenterinsightsV1alpha1Dimension: + description: >- + A dimension determines the grouping key for the query. In SQL terms, + these would be part of both the "SELECT" and "GROUP BY" clauses. + type: object + id: GoogleCloudContactcenterinsightsV1alpha1Dimension + properties: + qaQuestionAnswerDimensionMetadata: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationDataSource - createTime: - description: Output only. The time at which the conversation was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. The most recent time at which the conversation was - updated. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DimensionQaQuestionAnswerDimensionMetadata + description: Output only. Metadata about the QA question-answer dimension. readOnly: true - type: string - format: google-datetime - startTime: - description: The time at which the conversation started. - type: string - format: google-datetime - languageCode: - description: A user-specified language code for the conversation. - type: string - agentId: - description: >- - An opaque, user-specified string representing the human agent who - handled the conversation. - type: string - labels: + conversationalAgentsToolDimensionMetadata: description: >- - A map for the user to specify any custom fields. A maximum of 100 - labels per conversation is allowed, with a maximum of 256 characters - per entry. - type: object - additionalProperties: - type: string - qualityMetadata: - description: Conversation metadata related to quality management. + Output only. Metadata about the Conversational Agents tool + dimension. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationQualityMetadata - metadataJson: - description: >- - Input only. JSON metadata encoded as a string. This field is - primarily used by Insights integrations with various telephony - systems and must be in one of Insight's supported formats. - type: string - transcript: - description: Output only. The conversation transcript. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DimensionConversationalAgentsToolDimensionMetadata + readOnly: true + clientSentimentCategoryDimensionMetadata: + description: Output only. Metadata about the client sentiment category dimension. readOnly: true $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationTranscript - medium: - description: >- - Immutable. The conversation medium, if unspecified will default to - PHONE_CALL. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DimensionClientSentimentCategoryDimensionMetadata + conversationProfileDimensionMetadata: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DimensionConversationProfileDimensionMetadata + description: Output only. Metadata about the conversation profile dimension. + readOnly: true + dimensionKey: type: string + description: The key of the dimension. enumDescriptions: - - Default value, if unspecified will default to PHONE_CALL. - - The format for conversations that took place over the phone. - - The format for conversations that took place over chat. + - The key of the dimension is unspecified. + - The dimension is keyed by issues. + - The dimension is keyed by issue names. + - The dimension is keyed by agents. + - The dimension is keyed by agent teams. + - >- + The dimension is keyed by QaQuestionIds. Note that: We only group + by the QuestionId and not the revision-id of the scorecard this + question is a part of. This allows for showing stats for the same + question across different scorecard revisions. + - >- + The dimension is keyed by QaQuestionIds-Answer value pairs. Note + that: We only group by the QuestionId and not the revision-id of + the scorecard this question is a part of. This allows for showing + distribution of answers per question across different scorecard + revisions. + - >- + The dimension is keyed by QaScorecardIds. Note that: We only group + by the ScorecardId and not the revision-id of the scorecard. This + allows for showing stats for the same scorecard across different + revisions. This metric is mostly only useful if querying the + average normalized score per scorecard. + - The dimension is keyed by the conversation profile ID. + - The dimension is keyed by the conversation medium. + - The dimension is keyed by the Conversational Agents playbook ID. + - >- + The dimension is keyed by the Conversational Agents playbook + display name. + - The dimension is keyed by the Conversational Agents tool ID. + - >- + The dimension is keyed by the Conversational Agents tool display + name. + - The dimension is keyed by the client sentiment category. + - The dimension is keyed by the agent version ID. + - The dimension is keyed by the agent deployment ID. + - >- + The dimension is keyed by the supervisor ID of the assigned human + supervisor for virtual agents. + - The dimension is keyed by label keys. + - The dimension is keyed by label values. + - The dimension is keyed by label key-value pairs. enum: - - MEDIUM_UNSPECIFIED - - PHONE_CALL - - CHAT - duration: - description: Output only. The duration of the conversation. - readOnly: true - type: string - format: google-duration - turnCount: - description: Output only. The number of turns in the conversation. + - DIMENSION_KEY_UNSPECIFIED + - ISSUE + - ISSUE_NAME + - AGENT + - AGENT_TEAM + - QA_QUESTION_ID + - QA_QUESTION_ANSWER_VALUE + - QA_SCORECARD_ID + - CONVERSATION_PROFILE_ID + - MEDIUM + - CONVERSATIONAL_AGENTS_PLAYBOOK_ID + - CONVERSATIONAL_AGENTS_PLAYBOOK_NAME + - CONVERSATIONAL_AGENTS_TOOL_ID + - CONVERSATIONAL_AGENTS_TOOL_NAME + - CLIENT_SENTIMENT_CATEGORY + - AGENT_VERSION_ID + - AGENT_DEPLOYMENT_ID + - AGENT_ASSIST_SUPERVISOR_ID + - LABEL_KEY + - LABEL_VALUE + - LABEL_KEY_AND_VALUE + qaScorecardDimensionMetadata: + description: Output only. Metadata about the QA scorecard dimension. readOnly: true - type: integer - format: int32 - latestAnalysis: - description: Output only. The conversation's latest analysis, if one exists. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DimensionQaScorecardDimensionMetadata + agentDimensionMetadata: readOnly: true + description: Output only. Metadata about the agent dimension. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1Analysis - latestSummary: - description: Output only. Latest summary of the conversation. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DimensionAgentDimensionMetadata + conversationalAgentsPlaybookDimensionMetadata: readOnly: true $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationSummarizationSuggestionData - runtimeAnnotations: + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DimensionConversationalAgentsPlaybookDimensionMetadata description: >- - Output only. The annotations that were generated during the customer - and agent interaction. + Output only. Metadata about the Conversational Agents playbook + dimension. + mediumDimensionMetadata: + description: Output only. Metadata about the conversation medium dimension. readOnly: true - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1RuntimeAnnotation - dialogflowIntents: - description: >- - Output only. All the matched Dialogflow intents in the call. The key - corresponds to a Dialogflow intent, format: - projects/{project}/agent/{agent}/intents/{intent} + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DimensionMediumDimensionMetadata + issueDimensionMetadata: readOnly: true - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DialogflowIntent - obfuscatedUserId: - description: Obfuscated user ID which the customer sent to us. - type: string - GoogleCloudContactcenterinsightsV1alpha1ConversationCallMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1ConversationCallMetadata - description: Call-specific metadata. - type: object - properties: - customerChannel: - description: The audio channel that contains the customer. - type: integer - format: int32 - agentChannel: - description: The audio channel that contains the agent. - type: integer - format: int32 - GoogleCloudContactcenterinsightsV1alpha1ConversationDataSource: - id: GoogleCloudContactcenterinsightsV1alpha1ConversationDataSource - description: The conversation source, which is a combination of transcript and audio. - type: object - properties: - gcsSource: - description: A Cloud Storage location specification for the audio and transcript. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1GcsSource - dialogflowSource: - description: The source when the conversation comes from Dialogflow. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DimensionIssueDimensionMetadata + description: Output only. Metadata about the issue dimension. + qaQuestionDimensionMetadata: + description: Output only. Metadata about the QA question dimension. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DialogflowSource - metadataUri: - description: >- - Cloud Storage URI that points to a file that contains the - conversation metadata. - type: string - GoogleCloudContactcenterinsightsV1alpha1GcsSource: - id: GoogleCloudContactcenterinsightsV1alpha1GcsSource - description: A Cloud Storage source of conversation data. - type: object + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DimensionQaQuestionDimensionMetadata + readOnly: true + labelDimensionMetadata: + description: Output only. Metadata about conversation labels. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DimensionLabelDimensionMetadata + GoogleCloudContactcenterinsightsV1DeleteQaQuestionTagMetadata: properties: - audioUri: - description: >- - Cloud Storage URI that points to a file that contains the - conversation audio. + createTime: type: string - transcriptUri: - description: >- - Immutable. Cloud Storage URI that points to a file that contains the - conversation transcript. + description: Output only. The time the operation was created. + readOnly: true + format: google-datetime + endTime: type: string - GoogleCloudContactcenterinsightsV1alpha1DialogflowSource: - id: GoogleCloudContactcenterinsightsV1alpha1DialogflowSource - description: A Dialogflow source of conversation data. + format: google-datetime + description: Output only. The time the operation finished running. + readOnly: true + request: + readOnly: true + description: Output only. The original request. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1DeleteQaQuestionTagRequest + description: The metadata for deleting a QaQuestionTag Resource. + type: object + id: GoogleCloudContactcenterinsightsV1DeleteQaQuestionTagMetadata + GoogleCloudContactcenterinsightsV1RuntimeAnnotationUserInput: type: object + id: GoogleCloudContactcenterinsightsV1RuntimeAnnotationUserInput + description: Explicit input used for generating the answer properties: - dialogflowConversation: + query: description: >- - Output only. The name of the Dialogflow conversation that this - conversation resource is derived from. Format: - projects/{project}/locations/{location}/conversations/{conversation} - readOnly: true + Query text. Article Search uses this to store the input query used + to generate the search results. type: string - audioUri: + querySource: + enum: + - QUERY_SOURCE_UNSPECIFIED + - AGENT_QUERY + - SUGGESTED_QUERY + description: Query source for the answer. + type: string + enumDescriptions: + - Unknown query source. + - The query is from agents. + - >- + The query is a query from previous suggestions, e.g. from a + preceding SuggestKnowledgeAssist response. + generatorName: description: >- - Cloud Storage URI that points to a file that contains the - conversation audio. + The resource name of associated generator. Format: + `projects//locations//generators/` type: string - GoogleCloudContactcenterinsightsV1alpha1ConversationQualityMetadata: - id: GoogleCloudContactcenterinsightsV1alpha1ConversationQualityMetadata - description: Conversation metadata related to quality management. - type: object + GoogleCloudContactcenterinsightsV1IngestConversationsMetadata: + description: The metadata for an IngestConversations operation. properties: - customerSatisfactionRating: - description: >- - An arbitrary integer value indicating the customer's satisfaction - rating. - type: integer - format: int32 - waitDuration: - description: The amount of time the customer waited to connect with an agent. - type: string - format: google-duration - menuPath: - description: >- - An arbitrary string value specifying the menu path the customer - took. + endTime: + description: Output only. The time the operation finished running. + format: google-datetime type: string - agentInfo: - description: Information about agents involved in the call. + readOnly: true + sampledConversations: + readOnly: true type: array + description: >- + Output only. Stores the conversation resources produced by ingest + sampling operations. items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationQualityMetadataAgentInfo - feedbackLabels: - description: Input only. The feedback labels associated with the conversation. + type: string + request: + description: Output only. The original request for ingest. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1IngestConversationsRequest + createTime: + readOnly: true + description: Output only. The time the operation was created. + type: string + format: google-datetime + ingestConversationsStats: + description: Output only. Statistics for IngestConversations operation. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1IngestConversationsMetadataIngestConversationsStats + readOnly: true + partialErrors: + description: >- + Output only. Partial errors during ingest operation that might cause + the operation output to be incomplete. type: array + readOnly: true items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1FeedbackLabel - GoogleCloudContactcenterinsightsV1alpha1ConversationQualityMetadataAgentInfo: + $ref: '#/components/schemas/GoogleRpcStatus' + type: object + id: GoogleCloudContactcenterinsightsV1IngestConversationsMetadata + GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsResponse: + description: Response for the BulkDeleteFeedbackLabels endpoint. + properties: {} + id: GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsResponse + type: object + GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPointConversationMeasureQaTagScore: + properties: + averageTagNormalizedScore: + type: number + description: Average tag normalized score per tag. + format: double + tag: + description: Tag name. + type: string + description: Average QA normalized score for the tag. id: >- - GoogleCloudContactcenterinsightsV1alpha1ConversationQualityMetadataAgentInfo - description: Information about an agent involved in the conversation. + GoogleCloudContactcenterinsightsV1alpha1QueryMetricsResponseSliceDataPointConversationMeasureQaTagScore + type: object + GoogleCloudContactcenterinsightsV1Assessment: type: object properties: - agentId: - description: A user-specified string representing the agent. + createTime: + description: Output only. The time at which the assessment was created. type: string - displayName: - description: The agent's name. + format: google-datetime + readOnly: true + state: + enum: + - STATE_UNSPECIFIED + - DRAFT + - PUBLISHED + - APPEALED + - FINALIZED type: string - team: - description: >- - A user-specified string representing the agent's team. Deprecated in - favor of the `teams` field. - deprecated: true + description: Output only. The state of the assessment. + enumDescriptions: + - The state is unspecified. This value should not be used. + - The default state of all new assessments. + - The assessment has been published. + - The assessment has been appealed. + - The assessment has been finalized. + readOnly: true + agentInfo: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationQualityMetadataAgentInfo + description: Information about the agent the assessment is for. + updateTime: + format: google-datetime + type: string + description: Output only. The time at which the assessment was last updated. + readOnly: true + name: type: string - teams: - description: User-specified strings representing the agent's teams. - type: array - items: - type: string - dispositionCode: description: >- - A user-provided string indicating the outcome of the agent's segment - of the call. + Identifier. The resource name of the assessment. Format: + projects/{project}/locations/{location}/conversations/{conversation}/assessments/{assessment} + id: GoogleCloudContactcenterinsightsV1Assessment + description: The assessment resource. + GoogleCloudContactcenterinsightsV1alpha1InitializeEncryptionSpecRequest: + properties: + encryptionSpec: + description: >- + Required. The encryption spec used for CMEK encryption. It is + required that the kms key is in the same region as the endpoint. The + same key will be used for all provisioned resources, if encryption + is available. If the `kms_key_name` field is left empty, no + encryption will be enforced. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1EncryptionSpec + description: The request to initialize a location-level encryption specification. + type: object + id: GoogleCloudContactcenterinsightsV1alpha1InitializeEncryptionSpecRequest + GoogleCloudContactcenterinsightsV1alpha1IssueModelInputDataConfig: + id: GoogleCloudContactcenterinsightsV1alpha1IssueModelInputDataConfig + properties: + trainingConversationsCount: + description: Output only. Number of conversations used in training. Output only. type: string - agentType: - description: The agent type, e.g. HUMAN_AGENT. + readOnly: true + format: int64 + filter: + description: >- + A filter to reduce the conversations used for training the model to + a specific subset. Refer to + https://cloud.google.com/contact-center/insights/docs/filtering for + details. type: string + medium: enumDescriptions: - - Participant's role is not set. - - Participant is a human agent. - - Participant is an automated agent. - - Participant is an end user who conversed with the contact center. - - Participant is either a human or automated agent. - enum: - - ROLE_UNSPECIFIED - - HUMAN_AGENT - - AUTOMATED_AGENT - - END_USER - - ANY_AGENT - location: - description: The agent's location. + - Default value, if unspecified will default to PHONE_CALL. + - The format for conversations that took place over the phone. + - The format for conversations that took place over chat. type: string - GoogleCloudContactcenterinsightsV1alpha1ConversationTranscript: - id: GoogleCloudContactcenterinsightsV1alpha1ConversationTranscript - description: A message representing the transcript of a conversation. + deprecated: true + enum: + - MEDIUM_UNSPECIFIED + - PHONE_CALL + - CHAT + description: >- + Medium of conversations used in training data. This field is being + deprecated. To specify the medium to be used in training a new issue + model, set the `medium` field on `filter`. + description: Configs for the input data used to create the issue model. type: object + GoogleIamV1TestIamPermissionsResponse: properties: - transcriptSegments: - description: >- - A list of sequential transcript segments that comprise the - conversation. + permissions: type: array + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegment - GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegment: - id: >- - GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegment - description: A segment of a full transcript. + type: string + id: GoogleIamV1TestIamPermissionsResponse type: object + description: Response message for `TestIamPermissions` method. + GoogleCloudContactcenterinsightsV1CreateIssueModelMetadata: + description: Metadata for creating an issue model. + id: GoogleCloudContactcenterinsightsV1CreateIssueModelMetadata properties: - messageTime: - description: The time that the message occurred, if provided. + createTime: type: string + description: Output only. The time the operation was created. format: google-datetime - text: - description: The text of this segment. + readOnly: true + endTime: + format: google-datetime + description: Output only. The time the operation finished running. + readOnly: true type: string - confidence: - description: >- - A confidence estimate between 0.0 and 1.0 of the fidelity of this - segment. A default value of 0.0 indicates that the value is unset. + request: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1CreateIssueModelRequest + description: The original request for creation. + type: object + GoogleCloudContactcenterinsightsV1QaQuestionMetrics: + id: GoogleCloudContactcenterinsightsV1QaQuestionMetrics + description: >- + A wrapper representing metrics calculated against a test-set on a LLM + that was fine tuned for this question. + properties: + accuracy: type: number - format: float - words: - description: >- - A list of the word-specific information for each word in the - segment. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegmentWordInfo - languageCode: - description: >- - The language code of this segment as a - [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. - Example: "en-US". - type: string - channelTag: + readOnly: true + format: double description: >- - For conversations derived from multi-channel audio, this is the - channel number corresponding to the audio from that channel. For - audioChannelCount = N, its output values can range from '1' to 'N'. - A channel tag of 0 indicates that the audio is mono. - type: integer - format: int32 - segmentParticipant: - description: The participant of this segment. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationParticipant - dialogflowSegmentMetadata: - description: CCAI metadata relating to the current transcript segment. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegmentDialogflowSegmentMetadata - sentiment: - description: The sentiment for this transcript segment. + Output only. Accuracy of the model. Measures the percentage of + correct answers the model gave on the test set. + type: object + GoogleCloudContactcenterinsightsV1alpha1DeployIssueModelMetadata: + description: Metadata for deploying an issue model. + id: GoogleCloudContactcenterinsightsV1alpha1DeployIssueModelMetadata + properties: + request: + description: The original request for deployment. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SentimentData - GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegmentWordInfo: - id: >- - GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegmentWordInfo - description: Word-level info for words in a transcript. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DeployIssueModelRequest + endTime: + description: Output only. The time the operation finished running. + readOnly: true + format: google-datetime + type: string + createTime: + format: google-datetime + readOnly: true + description: Output only. The time the operation was created. + type: string + type: object + GoogleCloudContactcenterinsightsV1DeleteIssueModelMetadata: + description: Metadata for deleting an issue model. + id: GoogleCloudContactcenterinsightsV1DeleteIssueModelMetadata type: object properties: - startOffset: - description: >- - Time offset of the start of this word relative to the beginning of - the total conversation. + createTime: + format: google-datetime type: string - format: google-duration - endOffset: - description: >- - Time offset of the end of this word relative to the beginning of the - total conversation. + description: Output only. The time the operation was created. + readOnly: true + endTime: + format: google-datetime type: string - format: google-duration - word: - description: The word itself. Includes punctuation marks that surround the word. + description: Output only. The time the operation finished running. + readOnly: true + request: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1DeleteIssueModelRequest + description: The original request for deletion. + GoogleCloudContactcenterinsightsV1DeployQaScorecardRevisionRequest: + description: The request to deploy a QaScorecardRevision + id: GoogleCloudContactcenterinsightsV1DeployQaScorecardRevisionRequest + type: object + properties: {} + GoogleCloudContactcenterinsightsV1IntentMatchData: + description: >- + The data for an intent match. Represents an intent match for a text + segment in the conversation. A text segment can be part of a sentence, a + complete sentence, or an utterance with multiple sentences. + type: object + properties: + intentUniqueId: type: string - confidence: description: >- - A confidence estimate between 0.0 and 1.0 of the fidelity of this - word. A default value of 0.0 indicates that the value is unset. - type: number - format: float - GoogleCloudContactcenterinsightsV1alpha1ConversationParticipant: - id: GoogleCloudContactcenterinsightsV1alpha1ConversationParticipant - description: The call participant speaking for a given utterance. + The id of the matched intent. Can be used to retrieve the + corresponding intent information. + id: GoogleCloudContactcenterinsightsV1IntentMatchData + GoogleCloudContactcenterinsightsV1DimensionConversationProfileDimensionMetadata: type: object + description: Metadata about the conversation profile dimension. + id: >- + GoogleCloudContactcenterinsightsV1DimensionConversationProfileDimensionMetadata properties: - dialogflowParticipantName: - description: >- - The name of the participant provided by Dialogflow. Format: - projects/{project}/locations/{location}/conversations/{conversation}/participants/{participant} + conversationProfileId: type: string - userId: - description: A user-specified ID representing the participant. + description: Optional. The conversation profile ID. + GoogleCloudContactcenterinsightsV1ExportIssueModelRequest: + type: object + properties: + name: + description: Required. The issue model to export. type: string - dialogflowParticipant: - description: >- - Deprecated. Use `dialogflow_participant_name` instead. The name of - the Dialogflow participant. Format: - projects/{project}/locations/{location}/conversations/{conversation}/participants/{participant} - deprecated: true + gcsDestination: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ExportIssueModelRequestGcsDestination + description: Google Cloud Storage URI to export the issue model to. + id: GoogleCloudContactcenterinsightsV1ExportIssueModelRequest + description: Request to export an issue model. + GoogleCloudContactcenterinsightsV1UndeployQaScorecardRevisionRequest: + type: object + id: GoogleCloudContactcenterinsightsV1UndeployQaScorecardRevisionRequest + properties: {} + description: The request to undeploy a QaScorecardRevision + GoogleCloudContactcenterinsightsV1alpha1DimensionQaQuestionAnswerDimensionMetadata: + type: object + properties: + qaQuestionId: + description: Optional. The QA question ID. type: string - obfuscatedExternalUserId: - description: Obfuscated user ID from Dialogflow. + answerValue: + description: Optional. The full body of the question. type: string - role: - description: The role of the participant. + questionBody: + description: Optional. The full body of the question. type: string - enumDescriptions: - - Participant's role is not set. - - Participant is a human agent. - - Participant is an automated agent. - - Participant is an end user who conversed with the contact center. - - Participant is either a human or automated agent. - enum: - - ROLE_UNSPECIFIED - - HUMAN_AGENT - - AUTOMATED_AGENT - - END_USER - - ANY_AGENT - GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegmentDialogflowSegmentMetadata: + qaScorecardId: + description: Optional. The QA scorecard ID. + type: string + description: >- + Metadata about the QA question-answer dimension. This is useful for + showing the answer distribution for questions for a given scorecard. id: >- - GoogleCloudContactcenterinsightsV1alpha1ConversationTranscriptTranscriptSegmentDialogflowSegmentMetadata - description: Metadata from Dialogflow relating to the current transcript segment. - type: object - properties: - smartReplyAllowlistCovered: - description: >- - Whether the transcript segment was covered under the configured - smart reply allowlist in Agent Assist. - type: boolean - GoogleCloudContactcenterinsightsV1alpha1SentimentData: - id: GoogleCloudContactcenterinsightsV1alpha1SentimentData - description: The data for a sentiment annotation. + GoogleCloudContactcenterinsightsV1alpha1DimensionQaQuestionAnswerDimensionMetadata + GoogleCloudContactcenterinsightsV1alpha1IssueAssignment: type: object + id: GoogleCloudContactcenterinsightsV1alpha1IssueAssignment + description: Information about the issue. properties: - magnitude: + issue: + description: Resource name of the assigned issue. + type: string + displayName: description: >- - A non-negative number from 0 to infinity which represents the - absolute magnitude of sentiment regardless of score. - type: number - format: float + Immutable. Display name of the assigned issue. This field is set at + time of analysis and immutable since then. + type: string score: - description: The sentiment score between -1.0 (negative) and 1.0 (positive). + description: >- + Score indicating the likelihood of the issue assignment. currently + bounded on [0,1]. type: number - format: float - GoogleCloudContactcenterinsightsV1alpha1Analysis: - id: GoogleCloudContactcenterinsightsV1alpha1Analysis - description: The analysis resource. + format: double + GoogleCloudContactcenterinsightsV1NoteAssessmentNote: + description: A note about the entire parent assessment. + id: GoogleCloudContactcenterinsightsV1NoteAssessmentNote + properties: {} + type: object + GoogleCloudContactcenterinsightsV1UploadConversationMetadata: + description: The metadata for an `UploadConversation` operation. + id: GoogleCloudContactcenterinsightsV1UploadConversationMetadata type: object properties: - name: + appliedRedactionConfig: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1RedactionConfig description: >- - Immutable. The resource name of the analysis. Format: - projects/{project}/locations/{location}/conversations/{conversation}/analyses/{analysis} - type: string - requestTime: - description: Output only. The time at which the analysis was requested. + Output only. The redaction config applied to the uploaded + conversation. + readOnly: true + request: + description: Output only. The original request. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1UploadConversationRequest + readOnly: true + analysisOperation: + description: >- + Output only. The operation name for a successfully created analysis + operation, if any. readOnly: true type: string + endTime: + readOnly: true + description: Output only. The time the operation finished running. format: google-datetime + type: string createTime: - description: >- - Output only. The time at which the analysis was created, which - occurs when the long-running operation completes. - readOnly: true type: string + description: Output only. The time the operation was created. format: google-datetime - analysisResult: - description: >- - Output only. The result of the analysis, which is populated when the - analysis finishes. readOnly: true - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnalysisResult - annotatorSelector: - description: >- - To select the annotators to run and the phrase matchers to use (if - any). If not specified, all annotators will be run. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotatorSelector - GoogleCloudContactcenterinsightsV1alpha1AnalysisResult: - id: GoogleCloudContactcenterinsightsV1alpha1AnalysisResult - description: The result of an analysis. + GoogleCloudContactcenterinsightsV1View: + description: The View resource. type: object + id: GoogleCloudContactcenterinsightsV1View properties: - callAnalysisMetadata: - description: Call-specific metadata created by the analysis. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnalysisResultCallAnalysisMetadata - endTime: - description: The time at which the analysis ended. - type: string + updateTime: + description: Output only. The most recent time at which the view was updated. format: google-datetime - GoogleCloudContactcenterinsightsV1alpha1AnalysisResultCallAnalysisMetadata: - id: >- - GoogleCloudContactcenterinsightsV1alpha1AnalysisResultCallAnalysisMetadata - description: Call-specific metadata created during analysis. + type: string + readOnly: true + value: + type: string + description: >- + A filter to reduce conversation results to a specific subset. Refer + to https://cloud.google.com/contact-center/insights/docs/filtering + for details. + createTime: + description: Output only. The time at which this view was created. + readOnly: true + type: string + format: google-datetime + displayName: + type: string + description: The human-readable display name of the view. + name: + description: >- + Immutable. The resource name of the view. Format: + projects/{project}/locations/{location}/views/{view} + type: string + GoogleCloudContactcenterinsightsV1alpha1QueryPerformanceOverviewResponse: + properties: + summaryText: + type: string + description: The summary text of the performance. + type: object + description: The response for querying performance overview. + id: GoogleCloudContactcenterinsightsV1alpha1QueryPerformanceOverviewResponse + GoogleCloudContactcenterinsightsV1alpha1Intent: type: object properties: - annotations: - description: A list of call annotations that apply to this call. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1CallAnnotation - entities: - description: All the entities in the call. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1Entity - sentiments: - description: Overall conversation-level sentiment for each channel of the call. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationLevelSentiment - silence: - description: Overall conversation-level silence during the call. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationLevelSilence - intents: - description: All the matched intents in the call. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1Intent - phraseMatchers: - description: All the matched phrase matchers in the call. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1PhraseMatchData - issueModelResult: - description: Overall conversation-level issue modeling result. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueModelResult - qaScorecardResults: - description: Results of scoring QaScorecards. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaScorecardResult - GoogleCloudContactcenterinsightsV1alpha1CallAnnotation: - id: GoogleCloudContactcenterinsightsV1alpha1CallAnnotation - description: A piece of metadata that applies to a window of a call. + displayName: + description: The human-readable name of the intent. + type: string + id: + description: The unique identifier of the intent. + type: string + description: >- + The data for an intent. Represents a detected intent in the + conversation, for example MAKES_PROMISE. + id: GoogleCloudContactcenterinsightsV1alpha1Intent + GoogleCloudContactcenterinsightsV1alpha1RuntimeAnnotation: + id: GoogleCloudContactcenterinsightsV1alpha1RuntimeAnnotation + description: >- + An annotation that was generated during the customer and agent + interaction. type: object properties: - interruptionData: - description: Data specifying an interruption. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1InterruptionData - sentimentData: - description: Data specifying sentiment. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SentimentData - silenceData: - description: Data specifying silence. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SilenceData - holdData: - description: Data specifying a hold. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1HoldData - entityMentionData: - description: Data specifying an entity mention. + answerFeedback: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1EntityMentionData - intentMatchData: - description: Data specifying an intent match. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnswerFeedback + description: The feedback that the customer has about the answer in `data`. + faqAnswer: + description: Agent Assist FAQ answer data. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IntentMatchData - phraseMatchData: - description: Data specifying a phrase match. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1FaqAnswerData + smartComposeSuggestion: + description: Agent Assist Smart Compose suggestion data. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1PhraseMatchData - issueMatchData: - description: Data specifying an issue match. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SmartComposeSuggestionData + articleSuggestion: + description: Agent Assist Article Suggestion data. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueMatchData - channelTag: - description: >- - The channel of the audio where the annotation occurs. For - single-channel audio, this field is not populated. - type: integer - format: int32 - annotationStartBoundary: + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ArticleSuggestionData + startBoundary: description: >- The boundary in the conversation where the annotation starts, inclusive. $ref: >- #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotationBoundary - annotationEndBoundary: - description: >- - The boundary in the conversation where the annotation ends, - inclusive. + createTime: + description: The time at which this annotation was created. + type: string + format: google-datetime + smartReply: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SmartReplyData + description: Agent Assist Smart Reply data. + endBoundary: $ref: >- #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotationBoundary - GoogleCloudContactcenterinsightsV1alpha1InterruptionData: - id: GoogleCloudContactcenterinsightsV1alpha1InterruptionData - description: The data for an interruption annotation. - type: object - properties: {} - GoogleCloudContactcenterinsightsV1alpha1SilenceData: - id: GoogleCloudContactcenterinsightsV1alpha1SilenceData - description: The data for a silence annotation. - type: object - properties: {} - GoogleCloudContactcenterinsightsV1alpha1HoldData: - id: GoogleCloudContactcenterinsightsV1alpha1HoldData - description: The data for a hold annotation. - type: object - properties: {} - GoogleCloudContactcenterinsightsV1alpha1EntityMentionData: - id: GoogleCloudContactcenterinsightsV1alpha1EntityMentionData - description: >- - The data for an entity mention annotation. This represents a mention of - an `Entity` in the conversation. - type: object - properties: - entityUniqueId: description: >- - The key of this entity in conversation entities. Can be used to - retrieve the exact `Entity` this mention is attached to. - type: string - type: - description: The type of the entity mention. + The boundary in the conversation where the annotation ends, + inclusive. + annotationId: type: string - enumDescriptions: - - Unspecified. - - Proper noun. - - Common noun (or noun compound). - enum: - - MENTION_TYPE_UNSPECIFIED - - PROPER - - COMMON - sentiment: - description: Sentiment expressed for this mention of the entity. + description: >- + The unique identifier of the annotation. Format: + projects/{project}/locations/{location}/conversationDatasets/{dataset}/conversationDataItems/{data_item}/conversationAnnotations/{annotation} + userInput: + description: Explicit input used for generating the answer $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SentimentData - GoogleCloudContactcenterinsightsV1alpha1IntentMatchData: - id: GoogleCloudContactcenterinsightsV1alpha1IntentMatchData - description: >- - The data for an intent match. Represents an intent match for a text - segment in the conversation. A text segment can be part of a sentence, a - complete sentence, or an utterance with multiple sentences. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1RuntimeAnnotationUserInput + conversationSummarizationSuggestion: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationSummarizationSuggestionData + description: Conversation summarization suggestion data. + dialogflowInteraction: + description: Dialogflow interaction data. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DialogflowInteractionData + GoogleCloudContactcenterinsightsV1alpha1CreateIssueRequest: type: object + id: GoogleCloudContactcenterinsightsV1alpha1CreateIssueRequest properties: - intentUniqueId: - description: >- - The id of the matched intent. Can be used to retrieve the - corresponding intent information. + parent: type: string - GoogleCloudContactcenterinsightsV1alpha1PhraseMatchData: - id: GoogleCloudContactcenterinsightsV1alpha1PhraseMatchData - description: >- - The data for a matched phrase matcher. Represents information - identifying a phrase matcher for a given match. + description: Required. The parent resource of the issue. + issue: + description: Required. The values for the new issue. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1alpha1Issue' + description: The request to create an issue. + GoogleCloudContactcenterinsightsV1alpha1DimensionIssueDimensionMetadata: + id: GoogleCloudContactcenterinsightsV1alpha1DimensionIssueDimensionMetadata + description: Metadata about the issue dimension. type: object properties: - phraseMatcher: - description: The unique identifier (the resource name) of the phrase matcher. + issueDisplayName: + description: The issue display name. type: string - displayName: - description: The human-readable name of the phrase matcher. + issueId: + description: The issue ID. type: string - GoogleCloudContactcenterinsightsV1alpha1IssueMatchData: - id: GoogleCloudContactcenterinsightsV1alpha1IssueMatchData - description: The data for an issue match annotation. - type: object + issueModelId: + description: The parent issue model ID. + type: string + GoogleCloudContactcenterinsightsV1ImportIssueModelResponse: properties: - issueAssignment: - description: Information about the issue's assignment. + issueModel: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1IssueModel' + description: The issue model that was imported. + description: Response from import issue model + id: GoogleCloudContactcenterinsightsV1ImportIssueModelResponse + type: object + GoogleCloudContactcenterinsightsV1ListIssueModelsResponse: + description: The response of listing issue models. + id: GoogleCloudContactcenterinsightsV1ListIssueModelsResponse + type: object + properties: + issueModels: + description: The issue models that match the request. + type: array + items: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1IssueModel' + GoogleCloudContactcenterinsightsV1CreateIssueMetadata: + properties: + request: + description: The original request for creation. $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueAssignment - GoogleCloudContactcenterinsightsV1alpha1IssueAssignment: - id: GoogleCloudContactcenterinsightsV1alpha1IssueAssignment - description: Information about the issue. + #/components/schemas/GoogleCloudContactcenterinsightsV1CreateIssueRequest + endTime: + readOnly: true + description: Output only. The time the operation finished running. + type: string + format: google-datetime + createTime: + description: Output only. The time the operation was created. + type: string + readOnly: true + format: google-datetime + description: Metadata for creating an issue. + id: GoogleCloudContactcenterinsightsV1CreateIssueMetadata type: object + GoogleCloudContactcenterinsightsV1alpha1DialogflowIntent: + description: >- + The data for a Dialogflow intent. Represents a detected intent in the + conversation, e.g. MAKES_PROMISE. properties: - issue: - description: Resource name of the assigned issue. + displayName: + description: The human-readable name of the intent. type: string - score: + type: object + id: GoogleCloudContactcenterinsightsV1alpha1DialogflowIntent + GoogleCloudContactcenterinsightsV1FinalizeAssessmentRequest: + type: object + properties: {} + id: GoogleCloudContactcenterinsightsV1FinalizeAssessmentRequest + description: >- + The message to finalize an assessment. Finalizing makes an assessment + and its notes immutable. + GoogleCloudContactcenterinsightsV1alpha1IssueModelLabelStats: + type: object + properties: + analyzedConversationsCount: description: >- - Score indicating the likelihood of the issue assignment. currently - bounded on [0,1]. - type: number - format: double - displayName: + Number of conversations the issue model has analyzed at this point + in time. + format: int64 + type: string + unclassifiedConversationsCount: + format: int64 + type: string description: >- - Immutable. Display name of the assigned issue. This field is set at - time of analysis and immutable since then. + Number of analyzed conversations for which no issue was applicable + at this point in time. + issueStats: + type: object + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueModelLabelStatsIssueStats + description: Statistics on each issue. Key is the issue's resource name. + description: Aggregated statistics about an issue model. + id: GoogleCloudContactcenterinsightsV1alpha1IssueModelLabelStats + GoogleCloudContactcenterinsightsV1ExactMatchConfig: + type: object + properties: + caseSensitive: + type: boolean + description: Whether to consider case sensitivity when performing an exact match. + id: GoogleCloudContactcenterinsightsV1ExactMatchConfig + description: Exact match configuration. + GoogleCloudContactcenterinsightsV1alpha1RuntimeAnnotationUserInput: + description: Explicit input used for generating the answer + type: object + id: GoogleCloudContactcenterinsightsV1alpha1RuntimeAnnotationUserInput + properties: + query: type: string - GoogleCloudContactcenterinsightsV1alpha1AnnotationBoundary: - id: GoogleCloudContactcenterinsightsV1alpha1AnnotationBoundary - description: >- - A point in a conversation that marks the start or the end of an - annotation. + description: >- + Query text. Article Search uses this to store the input query used + to generate the search results. + generatorName: + type: string + description: >- + The resource name of associated generator. Format: + `projects//locations//generators/` + querySource: + enum: + - QUERY_SOURCE_UNSPECIFIED + - AGENT_QUERY + - SUGGESTED_QUERY + description: Query source for the answer. + type: string + enumDescriptions: + - Unknown query source. + - The query is from agents. + - >- + The query is a query from previous suggestions, e.g. from a + preceding SuggestKnowledgeAssist response. + GoogleCloudContactcenterinsightsV1ExportIssueModelRequestGcsDestination: + id: GoogleCloudContactcenterinsightsV1ExportIssueModelRequestGcsDestination type: object + description: Google Cloud Storage Object URI to save the issue model to. properties: - wordIndex: + objectUri: + description: 'Required. Format: `gs:///`' + type: string + GoogleCloudContactcenterinsightsV1Analysis: + type: object + properties: + analysisResult: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AnalysisResult + readOnly: true description: >- - The word index of this boundary with respect to the first word in - the transcript piece. This index starts at zero. - type: integer - format: int32 - transcriptIndex: + Output only. The result of the analysis, which is populated when the + analysis finishes. + createTime: + readOnly: true + type: string + format: google-datetime description: >- - The index in the sequence of transcribed pieces of the conversation - where the boundary is located. This index starts at zero. - type: integer - format: int32 - GoogleCloudContactcenterinsightsV1alpha1Entity: - id: GoogleCloudContactcenterinsightsV1alpha1Entity + Output only. The time at which the analysis was created, which + occurs when the long-running operation completes. + requestTime: + type: string + format: google-datetime + description: Output only. The time at which the analysis was requested. + readOnly: true + annotatorSelector: + description: >- + To select the annotators to run and the phrase matchers to use (if + any). If not specified, all annotators will be run. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotatorSelector + name: + description: >- + Immutable. The resource name of the analysis. Format: + projects/{project}/locations/{location}/conversations/{conversation}/analyses/{analysis} + type: string + description: The analysis resource. + id: GoogleCloudContactcenterinsightsV1Analysis + GoogleCloudContactcenterinsightsV1Entity: description: >- The data for an entity annotation. Represents a phrase in the conversation that is a known entity, such as a person, an organization, or location. type: object properties: + sentiment: + description: >- + The aggregate sentiment expressed for this entity in the + conversation. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SentimentData' displayName: description: The representative name for the entity. type: string type: - description: The entity type. type: string enumDescriptions: - Unspecified. @@ -8159,122 +8183,260 @@ components: - DATE - NUMBER - PRICE - metadata: - description: >- - Metadata associated with the entity. For most entity types, the - metadata is a Wikipedia URL (`wikipedia_url`) and Knowledge Graph - MID (`mid`), if they are available. For the metadata associated with - other entity types, see the Type table below. - type: object - additionalProperties: - type: string + description: The entity type. salience: + type: number description: >- The salience score associated with the entity in the [0, 1.0] range. The salience score for an entity provides information about the importance or centrality of that entity to the entire document text. Scores closer to 0 are less salient, while scores closer to 1.0 are highly salient. - type: number format: float - sentiment: + metadata: description: >- - The aggregate sentiment expressed for this entity in the - conversation. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SentimentData - GoogleCloudContactcenterinsightsV1alpha1ConversationLevelSentiment: - id: GoogleCloudContactcenterinsightsV1alpha1ConversationLevelSentiment - description: One channel of conversation-level sentiment data. + Metadata associated with the entity. For most entity types, the + metadata is a Wikipedia URL (`wikipedia_url`) and Knowledge Graph + MID (`mid`), if they are available. For the metadata associated with + other entity types, see the Type table below. + type: object + additionalProperties: + type: string + id: GoogleCloudContactcenterinsightsV1Entity + GoogleCloudContactcenterinsightsV1ConversationLevelSentiment: type: object + description: One channel of conversation-level sentiment data. properties: channelTag: description: The channel of the audio that the data applies to. - type: integer format: int32 + type: integer sentimentData: description: Data specifying sentiment. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SentimentData' + id: GoogleCloudContactcenterinsightsV1ConversationLevelSentiment + GoogleCloudContactcenterinsightsV1alpha1EntityMentionData: + properties: + sentiment: + description: Sentiment expressed for this mention of the entity. $ref: >- #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SentimentData - GoogleCloudContactcenterinsightsV1alpha1ConversationLevelSilence: - id: GoogleCloudContactcenterinsightsV1alpha1ConversationLevelSilence - description: Conversation-level silence data. - type: object - properties: - silenceDuration: - description: Amount of time calculated to be in silence. + entityUniqueId: + description: >- + The key of this entity in conversation entities. Can be used to + retrieve the exact `Entity` this mention is attached to. type: string - format: google-duration - silencePercentage: - description: Percentage of the total conversation spent in silence. - type: number - format: float - GoogleCloudContactcenterinsightsV1alpha1Intent: - id: GoogleCloudContactcenterinsightsV1alpha1Intent + type: + type: string + enum: + - MENTION_TYPE_UNSPECIFIED + - PROPER + - COMMON + enumDescriptions: + - Unspecified. + - Proper noun. + - Common noun (or noun compound). + description: The type of the entity mention. + id: GoogleCloudContactcenterinsightsV1alpha1EntityMentionData description: >- - The data for an intent. Represents a detected intent in the - conversation, for example MAKES_PROMISE. + The data for an entity mention annotation. This represents a mention of + an `Entity` in the conversation. type: object + GoogleCloudContactcenterinsightsV1alpha1QaAnswerAnswerSource: properties: - id: - description: The unique identifier of the intent. - type: string - displayName: - description: The human-readable name of the intent. + answerValue: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaAnswerAnswerValue + description: The answer value from this source. + sourceType: + enum: + - SOURCE_TYPE_UNSPECIFIED + - SYSTEM_GENERATED + - MANUAL_EDIT + description: What created the answer. + enumDescriptions: + - Source type is unspecified. + - Answer was system-generated; created during an Insights analysis. + - Answer was created by a human via manual edit. type: string - GoogleCloudContactcenterinsightsV1alpha1IssueModelResult: - id: GoogleCloudContactcenterinsightsV1alpha1IssueModelResult - description: Issue Modeling result on a conversation. type: object - properties: - issueModel: - description: >- - Issue model that generates the result. Format: - projects/{project}/locations/{location}/issueModels/{issue_model} - type: string - issues: - description: All the matched issues. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1IssueAssignment - GoogleCloudContactcenterinsightsV1alpha1QaScorecardResult: - id: GoogleCloudContactcenterinsightsV1alpha1QaScorecardResult + id: GoogleCloudContactcenterinsightsV1alpha1QaAnswerAnswerSource description: >- - The results of scoring a single conversation against a QaScorecard. - Contains a collection of QaAnswers and aggregate score. + A question may have multiple answers from varying sources, one of which + becomes the "main" answer above. AnswerSource represents each individual + answer. + GoogleCloudContactcenterinsightsV1alpha1DialogflowSource: type: object properties: - name: + dialogflowConversation: description: >- - Identifier. The name of the scorecard result. Format: - projects/{project}/locations/{location}/qaScorecardResults/{qa_scorecard_result} + Output only. The name of the Dialogflow conversation that this + conversation resource is derived from. Format: + projects/{project}/locations/{location}/conversations/{conversation} type: string - qaScorecardRevision: - description: The QaScorecardRevision scored by this result. + readOnly: true + audioUri: + description: >- + Cloud Storage URI that points to a file that contains the + conversation audio. type: string - conversation: - description: The conversation scored by this result. + description: A Dialogflow source of conversation data. + id: GoogleCloudContactcenterinsightsV1alpha1DialogflowSource + GoogleCloudContactcenterinsightsV1alpha1InterruptionData: + description: The data for an interruption annotation. + type: object + properties: {} + id: GoogleCloudContactcenterinsightsV1alpha1InterruptionData + GoogleCloudContactcenterinsightsV1UndeployIssueModelMetadata: + properties: + endTime: type: string + readOnly: true + description: Output only. The time the operation finished running. + format: google-datetime createTime: - description: Output only. The timestamp that the revision was created. + format: google-datetime + description: Output only. The time the operation was created. readOnly: true type: string - format: google-datetime - agentId: - description: ID of the agent that handled the conversation. + request: + description: The original request for undeployment. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1UndeployIssueModelRequest + id: GoogleCloudContactcenterinsightsV1UndeployIssueModelMetadata + type: object + description: Metadata for undeploying an issue model. + GoogleCloudContactcenterinsightsV1DimensionClientSentimentCategoryDimensionMetadata: + description: Metadata about the client sentiment category dimension. + id: >- + GoogleCloudContactcenterinsightsV1DimensionClientSentimentCategoryDimensionMetadata + type: object + properties: + sentimentCategory: type: string - qaAnswers: - description: Set of QaAnswers represented in the result. + description: Optional. The client sentiment category. + GoogleIamV1Policy: + id: GoogleIamV1Policy + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + type: object + properties: + auditConfigs: + items: + $ref: '#/components/schemas/GoogleIamV1AuditConfig' type: array + description: Specifies cloud audit logging configuration for this policy. + version: + format: int32 + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + type: integer + bindings: items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaAnswer + $ref: '#/components/schemas/GoogleIamV1Binding' + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + type: array + etag: + format: byte + type: string + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + GoogleCloudContactcenterinsightsV1DimensionQaScorecardDimensionMetadata: + properties: + qaScorecardId: + type: string + description: Optional. The QA scorecard ID. + description: Metadata about the QA scorecard dimension. + id: GoogleCloudContactcenterinsightsV1DimensionQaScorecardDimensionMetadata + type: object + GoogleCloudContactcenterinsightsV1DimensionQaQuestionDimensionMetadata: + properties: + qaScorecardId: + description: Optional. The QA scorecard ID. + type: string + questionBody: + description: Optional. The full body of the question. + type: string + qaQuestionId: + type: string + description: Optional. The QA question ID. + type: object + description: Metadata about the QA question dimension. + id: GoogleCloudContactcenterinsightsV1DimensionQaQuestionDimensionMetadata + GoogleCloudContactcenterinsightsV1alpha1QaScorecardResult: + properties: score: + type: number description: >- The overall numerical score of the result, incorporating any manual edits if they exist. - type: number format: double potentialScore: description: >- @@ -8282,109 +8444,152 @@ components: answered using `na_value` are excluded from this calculation. type: number format: double - normalizedScore: - description: >- - The normalized score, which is the score divided by the potential - score. Any manual edits are included if they exist. - type: number - format: double + scoreSources: + description: List of all individual score sets. + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaScorecardResultScoreSource + type: array + agentId: + type: string + description: ID of the agent that handled the conversation. qaTagResults: description: Collection of tags and their scores. type: array items: $ref: >- #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaScorecardResultQaTagResult - scoreSources: - description: List of all individual score sets. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaScorecardResultScoreSource - GoogleCloudContactcenterinsightsV1alpha1QaAnswer: - id: GoogleCloudContactcenterinsightsV1alpha1QaAnswer - description: An answer to a QaQuestion. - type: object - properties: - qaQuestion: - description: The QaQuestion answered by this answer. + createTime: + type: string + format: google-datetime + readOnly: true + description: Output only. The timestamp that the revision was created. + qaScorecardRevision: type: string + description: The QaScorecardRevision scored by this result. conversation: - description: The conversation the answer applies to. type: string - questionBody: - description: Question text. E.g., "Did the agent greet the customer?" + description: The conversation scored by this result. + qaAnswers: + description: Set of QaAnswers represented in the result. + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaAnswer + type: array + name: type: string - answerValue: - description: The main answer value, incorporating any manual edits if they exist. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaAnswerAnswerValue - tags: description: >- - User-defined list of arbitrary tags. Matches the value from - QaScorecard.ScorecardQuestion.tags. Used for grouping/organization - and for weighting the score of each answer. + Identifier. The name of the scorecard result. Format: + projects/{project}/locations/{location}/qaScorecardResults/{qa_scorecard_result} + normalizedScore: + description: >- + The normalized score, which is the score divided by the potential + score. Any manual edits are included if they exist. + type: number + format: double + type: object + description: >- + The results of scoring a single conversation against a QaScorecard. + Contains a collection of QaAnswers and aggregate score. + id: GoogleCloudContactcenterinsightsV1alpha1QaScorecardResult + GoogleIamV1TestIamPermissionsRequest: + properties: + permissions: + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). type: array items: type: string - answerSources: - description: List of all individual answers given to the question. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaAnswerAnswerSource - GoogleCloudContactcenterinsightsV1alpha1QaAnswerAnswerSource: - id: GoogleCloudContactcenterinsightsV1alpha1QaAnswerAnswerSource + description: Request message for `TestIamPermissions` method. + type: object + id: GoogleIamV1TestIamPermissionsRequest + GoogleCloudContactcenterinsightsV1alpha1AnnotationBoundary: description: >- - A question may have multiple answers from varying sources, one of which - becomes the "main" answer above. AnswerSource represents each individual - answer. + A point in a conversation that marks the start or the end of an + annotation. type: object + id: GoogleCloudContactcenterinsightsV1alpha1AnnotationBoundary properties: - sourceType: - description: What created the answer. - type: string - enumDescriptions: - - Source type is unspecified. - - Answer was system-generated; created during an Insights analysis. - - Answer was created by a human via manual edit. - enum: - - SOURCE_TYPE_UNSPECIFIED - - SYSTEM_GENERATED - - MANUAL_EDIT - answerValue: - description: The answer value from this source. + wordIndex: + description: >- + The word index of this boundary with respect to the first word in + the transcript piece. This index starts at zero. + type: integer + format: int32 + transcriptIndex: + type: integer + format: int32 + description: >- + The index in the sequence of transcribed pieces of the conversation + where the boundary is located. This index starts at zero. + GoogleCloudContactcenterinsightsV1alpha1DeleteIssueModelMetadata: + properties: + request: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaAnswerAnswerValue - GoogleCloudContactcenterinsightsV1alpha1QaScorecardResultQaTagResult: - id: GoogleCloudContactcenterinsightsV1alpha1QaScorecardResultQaTagResult - description: Tags and their corresponding results. + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DeleteIssueModelRequest + description: The original request for deletion. + createTime: + readOnly: true + description: Output only. The time the operation was created. + type: string + format: google-datetime + endTime: + readOnly: true + format: google-datetime + description: Output only. The time the operation finished running. + type: string + description: Metadata for deleting an issue model. + id: GoogleCloudContactcenterinsightsV1alpha1DeleteIssueModelMetadata type: object + GoogleCloudContactcenterinsightsV1ConversationParticipant: + description: The call participant speaking for a given utterance. properties: - tag: - description: The tag the score applies to. + userId: + description: A user-specified ID representing the participant. + type: string + dialogflowParticipantName: + type: string + description: >- + The name of the participant provided by Dialogflow. Format: + projects/{project}/locations/{location}/conversations/{conversation}/participants/{participant} + obfuscatedExternalUserId: + type: string + description: Obfuscated user ID from Dialogflow. + role: + enum: + - ROLE_UNSPECIFIED + - HUMAN_AGENT + - AUTOMATED_AGENT + - END_USER + - ANY_AGENT + description: The role of the participant. + type: string + enumDescriptions: + - Participant's role is not set. + - Participant is a human agent. + - Participant is an automated agent. + - Participant is an end user who conversed with the contact center. + - Participant is either a human or automated agent. + dialogflowParticipant: + deprecated: true + description: >- + Deprecated. Use `dialogflow_participant_name` instead. The name of + the Dialogflow participant. Format: + projects/{project}/locations/{location}/conversations/{conversation}/participants/{participant} type: string - score: - description: The score the tag applies to. - type: number - format: double - potentialScore: - description: The potential score the tag applies to. - type: number - format: double - normalizedScore: - description: The normalized score the tag applies to. - type: number - format: double - GoogleCloudContactcenterinsightsV1alpha1QaScorecardResultScoreSource: - id: GoogleCloudContactcenterinsightsV1alpha1QaScorecardResultScoreSource - description: >- - A scorecard result may have multiple sets of scores from varying - sources, one of which becomes the "main" answer above. A ScoreSource - represents each individual set of scores. type: object + id: GoogleCloudContactcenterinsightsV1ConversationParticipant + GoogleCloudContactcenterinsightsV1alpha1QaScorecardResultScoreSource: properties: sourceType: description: What created the score. + enum: + - SOURCE_TYPE_UNSPECIFIED + - SYSTEM_GENERATED_ONLY + - INCLUDES_MANUAL_EDITS type: string enumDescriptions: - Source type is unspecified. @@ -8392,362 +8597,587 @@ components: - >- Score is derived from both system-generated answers, and includes any manual edits if they exist. - enum: - - SOURCE_TYPE_UNSPECIFIED - - SYSTEM_GENERATED_ONLY - - INCLUDES_MANUAL_EDITS score: description: The overall numerical score of the result. + format: double type: number + qaTagResults: + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaScorecardResultQaTagResult + description: Collection of tags and their scores. + type: array + normalizedScore: format: double + type: number + description: >- + The normalized score, which is the score divided by the potential + score. potentialScore: + format: double description: >- The maximum potential overall score of the scorecard. Any questions answered using `na_value` are excluded from this calculation. type: number - format: double - normalizedScore: + description: >- + A scorecard result may have multiple sets of scores from varying + sources, one of which becomes the "main" answer above. A ScoreSource + represents each individual set of scores. + type: object + id: GoogleCloudContactcenterinsightsV1alpha1QaScorecardResultScoreSource + GoogleCloudContactcenterinsightsV1CreateAnalysisOperationMetadata: + properties: + conversation: + readOnly: true description: >- - The normalized score, which is the score divided by the potential - score. + Output only. The Conversation that this Analysis Operation belongs + to. + type: string + createTime: + readOnly: true + format: google-datetime + description: Output only. The time the operation was created. + type: string + annotatorSelector: + description: Output only. The annotator selector used for the analysis (if any). + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AnnotatorSelector + readOnly: true + endTime: + readOnly: true + description: Output only. The time the operation finished running. + type: string + format: google-datetime + type: object + id: GoogleCloudContactcenterinsightsV1CreateAnalysisOperationMetadata + description: Metadata for a create analysis operation. + GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPointConversationMeasureQaTagScore: + properties: + averageTagNormalizedScore: type: number + description: Average tag normalized score per tag. format: double - qaTagResults: - description: Collection of tags and their scores. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1QaScorecardResultQaTagResult - GoogleCloudContactcenterinsightsV1alpha1ConversationSummarizationSuggestionData: + tag: + type: string + description: Tag name. + type: object + description: Average QA normalized score for the tag. id: >- - GoogleCloudContactcenterinsightsV1alpha1ConversationSummarizationSuggestionData - description: Conversation summarization suggestion data. + GoogleCloudContactcenterinsightsV1QueryMetricsResponseSliceDataPointConversationMeasureQaTagScore + GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewRequestAgentSource: + id: >- + GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewRequestAgentSource type: object + description: The entity whose performance is being queried is a single agent. properties: - text: - description: The summarization content that is concatenated into one string. + agentId: + description: Required. Agent id to query performance overview for. type: string - textSections: + GoogleCloudContactcenterinsightsV1SampleConversationsMetadataSampleConversationsStats: + description: Statistics for SampleConversations operation. + type: object + id: >- + GoogleCloudContactcenterinsightsV1SampleConversationsMetadataSampleConversationsStats + properties: + failedSampleCount: + format: int32 + readOnly: true description: >- - The summarization content that is divided into sections. The key is - the section's name and the value is the section's content. There is - no specific format for the key or value. - type: object - additionalProperties: - type: string - confidence: - description: The confidence score of the summarization. - type: number - format: float - metadata: + Output only. The number of objects which were unable to be sampled + due to errors. The errors are populated in the partial_errors field. + type: integer + successfulSampleCount: + readOnly: true description: >- - A map that contains metadata about the summarization and the - document from which it originates. - type: object - additionalProperties: - type: string - answerRecord: - description: >- - The name of the answer record. Format: - projects/{project}/locations/{location}/answerRecords/{answer_record} - type: string - conversationModel: + Output only. The number of new conversations added during this + sample operation. + format: int32 + type: integer + GoogleCloudContactcenterinsightsV1SearchAuthorizedViewsResponse: + type: object + properties: + authorizedViews: + description: The AuthorizedViews under the parent. + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedView + type: array + nextPageToken: description: >- - The name of the model that generates this summary. Format: - projects/{project}/locations/{location}/conversationModels/{conversation_model} - type: string - generatorId: - description: Agent Assist generator ID. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - GoogleCloudContactcenterinsightsV1alpha1RuntimeAnnotation: - id: GoogleCloudContactcenterinsightsV1alpha1RuntimeAnnotation - description: >- - An annotation that was generated during the customer and agent - interaction. - type: object + description: The response from a ListAuthorizedViews request. + id: GoogleCloudContactcenterinsightsV1SearchAuthorizedViewsResponse + GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegment: + description: A segment of a full transcript. properties: - articleSuggestion: - description: Agent Assist Article Suggestion data. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ArticleSuggestionData - faqAnswer: - description: Agent Assist FAQ answer data. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1FaqAnswerData - smartReply: - description: Agent Assist Smart Reply data. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SmartReplyData - smartComposeSuggestion: - description: Agent Assist Smart Compose suggestion data. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SmartComposeSuggestionData - dialogflowInteraction: - description: Dialogflow interaction data. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1DialogflowInteractionData - conversationSummarizationSuggestion: - description: Conversation summarization suggestion data. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1ConversationSummarizationSuggestionData - annotationId: + sentiment: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1SentimentData' + description: The sentiment for this transcript segment. + channelTag: + format: int32 description: >- - The unique identifier of the annotation. Format: - projects/{project}/locations/{location}/conversationDatasets/{dataset}/conversationDataItems/{data_item}/conversationAnnotations/{annotation} + For conversations derived from multi-channel audio, this is the + channel number corresponding to the audio from that channel. For + audioChannelCount = N, its output values can range from '1' to 'N'. + A channel tag of 0 indicates that the audio is mono. + type: integer + languageCode: + description: >- + The language code of this segment as a + [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. + Example: "en-US". type: string - createTime: - description: The time at which this annotation was created. + messageTime: type: string + description: The time that the message occurred, if provided. format: google-datetime - startBoundary: - description: >- - The boundary in the conversation where the annotation starts, - inclusive. + dialogflowSegmentMetadata: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotationBoundary - endBoundary: + #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentDialogflowSegmentMetadata + description: CCAI metadata relating to the current transcript segment. + confidence: + format: float description: >- - The boundary in the conversation where the annotation ends, - inclusive. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnnotationBoundary - answerFeedback: - description: The feedback that the customer has about the answer in `data`. - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1AnswerFeedback - userInput: - description: Explicit input used for generating the answer + A confidence estimate between 0.0 and 1.0 of the fidelity of this + segment. A default value of 0.0 indicates that the value is unset. + type: number + segmentParticipant: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1RuntimeAnnotationUserInput - GoogleCloudContactcenterinsightsV1alpha1ArticleSuggestionData: - id: GoogleCloudContactcenterinsightsV1alpha1ArticleSuggestionData - description: Agent Assist Article Suggestion data. + #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationParticipant + description: The participant of this segment. + words: + description: >- + A list of the word-specific information for each word in the + segment. + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentWordInfo + type: array + text: + description: The text of this segment. + type: string + id: >- + GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegment type: object + GoogleCloudContactcenterinsightsV1DialogflowIntent: + id: GoogleCloudContactcenterinsightsV1DialogflowIntent + description: >- + The data for a Dialogflow intent. Represents a detected intent in the + conversation, e.g. MAKES_PROMISE. properties: - title: - description: Article title. + displayName: + description: The human-readable name of the intent. type: string - uri: - description: Article URI. + type: object + GoogleIamV1AuditLogConfig: + id: GoogleIamV1AuditLogConfig + properties: + logType: + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + description: The log type that this config enables. + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ type: string - confidenceScore: - description: >- - The system's confidence score that this article is a good match for - this conversation, ranging from 0.0 (completely uncertain) to 1.0 - (completely certain). - type: number - format: float - metadata: + exemptedMembers: description: >- - Map that contains metadata about the Article Suggestion and the - document that it originates from. - type: object - additionalProperties: + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + items: type: string - queryRecord: - description: >- - The name of the answer record. Format: - projects/{project}/locations/{location}/answerRecords/{answer_record} + type: array + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + type: object + GoogleCloudContactcenterinsightsV1alpha1SampleConversationsRequest: + id: GoogleCloudContactcenterinsightsV1alpha1SampleConversationsRequest + description: The request to sample conversations to a dataset. + properties: + sampleRule: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1SampleRule + description: Optional. The sample rule used for sampling conversations. + parent: + description: Required. The parent resource of the dataset. type: string - source: + destinationDataset: + description: The dataset resource to copy the sampled conversations to. + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1alpha1Dataset' + type: object + GoogleCloudContactcenterinsightsV1alpha1InitializeEncryptionSpecMetadata: + id: GoogleCloudContactcenterinsightsV1alpha1InitializeEncryptionSpecMetadata + type: object + description: Metadata for initializing a location-level encryption specification. + properties: + partialErrors: + items: + $ref: '#/components/schemas/GoogleRpcStatus' description: >- - The knowledge document that this answer was extracted from. Format: - projects/{project}/knowledgeBases/{knowledge_base}/documents/{document} + Partial errors during initializing operation that might cause the + operation output to be incomplete. + type: array + request: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1InitializeEncryptionSpecRequest + readOnly: true + description: Output only. The original request for initialization. + createTime: + readOnly: true + description: Output only. The time the operation was created. type: string - GoogleCloudContactcenterinsightsV1alpha1FaqAnswerData: - id: GoogleCloudContactcenterinsightsV1alpha1FaqAnswerData - description: Agent Assist frequently-asked-question answer data. + format: google-datetime + endTime: + format: google-datetime + type: string + readOnly: true + description: Output only. The time the operation finished running. + GoogleCloudContactcenterinsightsV1InterruptionData: + id: GoogleCloudContactcenterinsightsV1InterruptionData type: object + properties: {} + description: The data for an interruption annotation. + GoogleCloudContactcenterinsightsV1ConversationLevelSilence: + id: GoogleCloudContactcenterinsightsV1ConversationLevelSilence properties: - answer: - description: The piece of text from the `source` knowledge base document. + silenceDuration: + format: google-duration type: string - confidenceScore: - description: >- - The system's confidence score that this answer is a good match for - this conversation, ranging from 0.0 (completely uncertain) to 1.0 - (completely certain). + description: Amount of time calculated to be in silence. + silencePercentage: type: number + description: Percentage of the total conversation spent in silence. format: float - question: - description: The corresponding FAQ question. - type: string - metadata: - description: >- - Map that contains metadata about the FAQ answer and the document - that it originates from. - type: object - additionalProperties: - type: string - queryRecord: + description: Conversation-level silence data. + type: object + GoogleCloudContactcenterinsightsV1DeleteIssueModelRequest: + id: GoogleCloudContactcenterinsightsV1DeleteIssueModelRequest + description: The request to delete an issue model. + type: object + properties: + name: + type: string + description: Required. The name of the issue model to delete. + GoogleCloudContactcenterinsightsV1HoldData: + properties: {} + id: GoogleCloudContactcenterinsightsV1HoldData + description: The data for a hold annotation. + type: object + GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsMetadata: + id: GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsMetadata + properties: + request: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsRequest + description: The original request for bulk analyze. + failedAnalysesCount: + description: The number of requested analyses that have failed so far. + type: integer + format: int32 + totalRequestedAnalysesCount: description: >- - The name of the answer record. Format: - projects/{project}/locations/{location}/answerRecords/{answer_record} + Total number of analyses requested. Computed by the number of + conversations returned by `filter` multiplied by + `analysis_percentage` in the request. + type: integer + format: int32 + createTime: + format: google-datetime + description: The time the operation was created. type: string - source: + partialErrors: + readOnly: true description: >- - The knowledge document that this answer was extracted from. Format: - projects/{project}/knowledgeBases/{knowledge_base}/documents/{document}. + Output only. Partial errors during bulk analyze operation that might + cause the operation output to be incomplete. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + endTime: + format: google-datetime type: string - GoogleCloudContactcenterinsightsV1alpha1SmartReplyData: - id: GoogleCloudContactcenterinsightsV1alpha1SmartReplyData - description: Agent Assist Smart Reply data. + description: The time the operation finished running. + completedAnalysesCount: + type: integer + format: int32 + description: >- + The number of requested analyses that have completed successfully so + far. + type: object + description: The metadata for a bulk analyze conversations operation. + GoogleCloudContactcenterinsightsV1alpha1BulkAnalyzeConversationsResponse: + description: The response for a bulk analyze conversations operation. type: object + id: GoogleCloudContactcenterinsightsV1alpha1BulkAnalyzeConversationsResponse properties: - reply: - description: The content of the reply. + failedAnalysisCount: + format: int32 + type: integer + description: Count of failed analyses. + successfulAnalysisCount: + type: integer + format: int32 + description: Count of successful analyses. + GoogleCloudContactcenterinsightsV1alpha1UpdateQaQuestionTagMetadata: + description: The metadata for updating a QaQuestionTag Resource. + type: object + id: GoogleCloudContactcenterinsightsV1alpha1UpdateQaQuestionTagMetadata + properties: + request: + readOnly: true + description: Output only. The original request. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1UpdateQaQuestionTagRequest + endTime: type: string - confidenceScore: + format: google-datetime + description: Output only. The time the operation finished running. + readOnly: true + createTime: + description: Output only. The time the operation was created. + format: google-datetime + readOnly: true + type: string + GoogleCloudContactcenterinsightsV1ListQaScorecardsResponse: + properties: + nextPageToken: description: >- - The system's confidence score that this reply is a good match for - this conversation, ranging from 0.0 (completely uncertain) to 1.0 - (completely certain). - type: number - format: double - metadata: + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + qaScorecards: + type: array + items: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecard' + description: The QaScorecards under the parent. + id: GoogleCloudContactcenterinsightsV1ListQaScorecardsResponse + description: The response from a ListQaScorecards request. + type: object + GoogleCloudContactcenterinsightsV1UndeployIssueModelResponse: + type: object + properties: {} + id: GoogleCloudContactcenterinsightsV1UndeployIssueModelResponse + description: The response to undeploy an issue model. + GoogleCloudContactcenterinsightsV1ConversationQualityMetadata: + properties: + customerSatisfactionRating: description: >- - Map that contains metadata about the Smart Reply and the document - from which it originates. - type: object - additionalProperties: - type: string - queryRecord: + An arbitrary integer value indicating the customer's satisfaction + rating. + type: integer + format: int32 + menuPath: description: >- - The name of the answer record. Format: - projects/{project}/locations/{location}/answerRecords/{answer_record} + An arbitrary string value specifying the menu path the customer + took. type: string - GoogleCloudContactcenterinsightsV1alpha1SmartComposeSuggestionData: - id: GoogleCloudContactcenterinsightsV1alpha1SmartComposeSuggestionData - description: Agent Assist Smart Compose suggestion data. + agentInfo: + type: array + description: Information about agents involved in the call. + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ConversationQualityMetadataAgentInfo + waitDuration: + type: string + description: The amount of time the customer waited to connect with an agent. + format: google-duration + feedbackLabels: + description: Input only. The feedback labels associated with the conversation. + items: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel + type: array + description: Conversation metadata related to quality management. type: object + id: GoogleCloudContactcenterinsightsV1ConversationQualityMetadata + GoogleCloudContactcenterinsightsV1alpha1IngestConversationsResponse: + properties: {} + id: GoogleCloudContactcenterinsightsV1alpha1IngestConversationsResponse + type: object + description: The response to an IngestConversations operation. + GoogleCloudContactcenterinsightsV1ConversationSummarizationSuggestionData: + type: object + id: >- + GoogleCloudContactcenterinsightsV1ConversationSummarizationSuggestionData + description: Conversation summarization suggestion data. properties: - suggestion: - description: The content of the suggestion. + answerRecord: type: string - confidenceScore: description: >- - The system's confidence score that this suggestion is a good match - for this conversation, ranging from 0.0 (completely uncertain) to - 1.0 (completely certain). - type: number - format: double + The name of the answer record. Format: + projects/{project}/locations/{location}/answerRecords/{answer_record} + conversationModel: + description: >- + The name of the model that generates this summary. Format: + projects/{project}/locations/{location}/conversationModels/{conversation_model} + type: string metadata: description: >- - Map that contains metadata about the Smart Compose suggestion and - the document from which it originates. + A map that contains metadata about the summarization and the + document from which it originates. type: object additionalProperties: type: string - queryRecord: - description: >- - The name of the answer record. Format: - projects/{project}/locations/{location}/answerRecords/{answer_record} + text: + description: The summarization content that is concatenated into one string. type: string - GoogleCloudContactcenterinsightsV1alpha1DialogflowInteractionData: - id: GoogleCloudContactcenterinsightsV1alpha1DialogflowInteractionData - description: Dialogflow interaction data. - type: object - properties: - dialogflowIntentId: - description: >- - The Dialogflow intent resource path. Format: - projects/{project}/agent/{agent}/intents/{intent} + generatorId: type: string + description: Agent Assist generator ID. confidence: - description: >- - The confidence of the match ranging from 0.0 (completely uncertain) - to 1.0 (completely certain). - type: number + description: The confidence score of the summarization. format: float - GoogleCloudContactcenterinsightsV1alpha1AnswerFeedback: - id: GoogleCloudContactcenterinsightsV1alpha1AnswerFeedback - description: >- - The feedback that the customer has about a certain answer in the - conversation. - type: object - properties: - correctnessLevel: - description: The correctness level of an answer. - type: string - enumDescriptions: - - Correctness level unspecified. - - Answer is totally wrong. - - Answer is partially correct. - - Answer is fully correct. - enum: - - CORRECTNESS_LEVEL_UNSPECIFIED - - NOT_CORRECT - - PARTIALLY_CORRECT - - FULLY_CORRECT - clicked: - description: Indicates whether an answer or item was clicked by the human agent. - type: boolean - displayed: + type: number + textSections: + additionalProperties: + type: string + type: object description: >- - Indicates whether an answer or item was displayed to the human agent - in the agent desktop UI. - type: boolean - GoogleCloudContactcenterinsightsV1alpha1RuntimeAnnotationUserInput: - id: GoogleCloudContactcenterinsightsV1alpha1RuntimeAnnotationUserInput - description: Explicit input used for generating the answer + The summarization content that is divided into sections. The key is + the section's name and the value is the section's content. There is + no specific format for the key or value. + GoogleCloudContactcenterinsightsV1DeployIssueModelMetadata: type: object properties: - query: - description: >- - Query text. Article Search uses this to store the input query used - to generate the search results. + createTime: + format: google-datetime type: string - generatorName: + readOnly: true + description: Output only. The time the operation was created. + endTime: + readOnly: true + format: google-datetime + description: Output only. The time the operation finished running. + type: string + request: + description: The original request for deployment. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1DeployIssueModelRequest + id: GoogleCloudContactcenterinsightsV1DeployIssueModelMetadata + description: Metadata for deploying an issue model. + GoogleCloudContactcenterinsightsV1QueryMetricsMetadata: + id: GoogleCloudContactcenterinsightsV1QueryMetricsMetadata + properties: + resultIsTruncated: description: >- - The resource name of associated generator. Format: - `projects//locations//generators/` + Whether the result rows were truncated because the result row size + is too large to materialize. + type: boolean + type: object + description: The metadata from querying metrics. + GoogleCloudContactcenterinsightsV1SentimentData: + properties: + score: + type: number + description: The sentiment score between -1.0 (negative) and 1.0 (positive). + format: float + magnitude: + description: >- + A non-negative number from 0 to infinity which represents the + absolute magnitude of sentiment regardless of score. + type: number + format: float + description: The data for a sentiment annotation. + type: object + id: GoogleCloudContactcenterinsightsV1SentimentData + GoogleCloudContactcenterinsightsV1alpha1DimensionQaQuestionDimensionMetadata: + description: Metadata about the QA question dimension. + id: >- + GoogleCloudContactcenterinsightsV1alpha1DimensionQaQuestionDimensionMetadata + type: object + properties: + questionBody: type: string - querySource: - description: Query source for the answer. + description: Optional. The full body of the question. + qaQuestionId: + description: Optional. The QA question ID. type: string - enumDescriptions: - - Unknown query source. - - The query is from agents. - - >- - The query is a query from previous suggestions, e.g. from a - preceding SuggestKnowledgeAssist response. - enum: - - QUERY_SOURCE_UNSPECIFIED - - AGENT_QUERY - - SUGGESTED_QUERY - GoogleCloudContactcenterinsightsV1alpha1DialogflowIntent: - id: GoogleCloudContactcenterinsightsV1alpha1DialogflowIntent - description: >- - The data for a Dialogflow intent. Represents a detected intent in the - conversation, e.g. MAKES_PROMISE. + qaScorecardId: + description: Optional. The QA scorecard ID. + type: string + GoogleCloudContactcenterinsightsV1ListNotesResponse: + description: The response of listing notes. + id: GoogleCloudContactcenterinsightsV1ListNotesResponse type: object properties: - displayName: - description: The human-readable name of the intent. + notes: + type: array + items: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' + description: The notes that match the request. + nextPageToken: type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + GoogleCloudContactcenterinsightsV1alpha1BulkDeleteFeedbackLabelsMetadata: + description: Metadata for the BulkDeleteFeedbackLabels endpoint. + properties: + request: + description: Output only. The original request for delete. + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1alpha1BulkDeleteFeedbackLabelsRequest + readOnly: true + partialErrors: + items: + $ref: '#/components/schemas/GoogleRpcStatus' + description: >- + Partial errors during deletion operation that might cause the + operation output to be incomplete. + type: array + type: object + id: GoogleCloudContactcenterinsightsV1alpha1BulkDeleteFeedbackLabelsMetadata parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: alt + name: oauth_token schema: type: string - enum: - - json - - media - - proto callback: description: JSONP in: query name: callback schema: type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string fields: description: Selector specifying which fields to include in a partial response. in: query @@ -8763,39 +9193,12 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string _.xgafv: description: V1 error format. in: query @@ -8805,34 +9208,65 @@ components: enum: - '1' - '2' + alt: + description: Data format for response. + in: query + name: alt + schema: + type: string + enum: + - json + - media + - proto x-stackQL-resources: - settings: - id: google.contactcenterinsights.settings - name: settings - title: Settings + locations: + id: google.contactcenterinsights.locations + name: locations + title: Locations methods: - get_settings: + bulk_delete_feedback_labels: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1settings/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:bulkDeleteFeedbackLabels/post response: mediaType: application/json openAPIDocKey: '200' - update_settings: + bulk_download_feedback_labels: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1settings/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:bulkDownloadFeedbackLabels/post + response: + mediaType: application/json + openAPIDocKey: '200' + query_performance_overview: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:queryPerformanceOverview/post + response: + mediaType: application/json + openAPIDocKey: '200' + bulk_upload_feedback_labels: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:bulkUploadFeedbackLabels/post + response: + mediaType: application/json + openAPIDocKey: '200' + query_metrics: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:queryMetrics/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/settings/methods/get_settings' + select: [] insert: [] - update: - - $ref: '#/components/x-stackQL-resources/settings/methods/update_settings' + update: [] replace: [] - delete: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/locations/methods/bulk_delete_feedback_labels encryption_spec: id: google.contactcenterinsights.encryption_spec name: encryption_spec @@ -8860,54 +9294,33 @@ components: update: [] replace: [] delete: [] - locations: - id: google.contactcenterinsights.locations - name: locations - title: Locations + settings: + id: google.contactcenterinsights.settings + name: settings + title: Settings methods: - query_metrics: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:queryMetrics/post - response: - mediaType: application/json - openAPIDocKey: '200' - query_performance_overview: + get_settings: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:queryPerformanceOverview/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1settings/get response: mediaType: application/json openAPIDocKey: '200' - bulk_upload_feedback_labels: + update_settings: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:bulkUploadFeedbackLabels/post - response: - mediaType: application/json - openAPIDocKey: '200' - bulk_download_feedback_labels: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:bulkDownloadFeedbackLabels/post - response: - mediaType: application/json - openAPIDocKey: '200' - bulk_delete_feedback_labels: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:bulkDeleteFeedbackLabels/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1settings/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] + select: + - $ref: '#/components/x-stackQL-resources/settings/methods/get_settings' insert: [] - update: [] + update: + - $ref: '#/components/x-stackQL-resources/settings/methods/update_settings' replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/locations/methods/bulk_delete_feedback_labels + delete: [] feedback_labels: id: google.contactcenterinsights.feedback_labels name: feedback_labels @@ -8921,42 +9334,42 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.feedbackLabels - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1feedbackLabels/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1conversations~1{conversationsId}~1feedbackLabels~1{feedbackLabelsId}/patch response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1feedbackLabels/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1conversations~1{conversationsId}~1feedbackLabels~1{feedbackLabelsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.feedbackLabels get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1feedbackLabels~1{feedbackLabelsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1conversations~1{conversationsId}~1feedbackLabels~1{feedbackLabelsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1feedbackLabels~1{feedbackLabelsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1conversations~1{conversationsId}~1feedbackLabels/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1feedbackLabels~1{feedbackLabelsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1conversations~1{conversationsId}~1feedbackLabels/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.feedbackLabels sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/feedback_labels/methods/get' @@ -8970,6 +9383,58 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/feedback_labels/methods/delete' + phrase_matchers: + id: google.contactcenterinsights.phrase_matchers + name: phrase_matchers + title: Phrase_matchers + methods: + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1phraseMatchers~1{phraseMatchersId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1phraseMatchers~1{phraseMatchersId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1phraseMatchers~1{phraseMatchersId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1phraseMatchers/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1phraseMatchers/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.phraseMatchers + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/phrase_matchers/methods/get' + - $ref: '#/components/x-stackQL-resources/phrase_matchers/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/phrase_matchers/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/phrase_matchers/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/phrase_matchers/methods/delete' operations: id: google.contactcenterinsights.operations name: operations @@ -8978,22 +9443,22 @@ components: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' objectKey: $.operations - get: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - cancel: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -9010,81 +9475,81 @@ components: name: conversations title: Conversations methods: - create: + calculate_stats: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1conversations:calculateStats/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1conversations/get response: mediaType: application/json openAPIDocKey: '200' objectKey: $.conversations - upload: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations:upload/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1conversations~1{conversationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1conversations~1{conversationsId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + bulk_analyze: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations:bulkAnalyze/post response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}/patch response: mediaType: application/json openAPIDocKey: '200' - sample: + ingest: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1conversations:sample/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1conversations:ingest/post response: mediaType: application/json openAPIDocKey: '200' - bulk_analyze: + upload: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations:bulkAnalyze/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations:upload/post response: mediaType: application/json openAPIDocKey: '200' - bulk_delete: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1conversations:bulkDelete/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations/post response: mediaType: application/json openAPIDocKey: '200' - ingest: + sample: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1conversations:ingest/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1conversations:sample/post response: mediaType: application/json openAPIDocKey: '200' - calculate_stats: + bulk_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations:calculateStats/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1conversations:bulkDelete/post response: mediaType: application/json openAPIDocKey: '200' @@ -9100,102 +9565,58 @@ components: delete: - $ref: '#/components/x-stackQL-resources/conversations/methods/delete' - $ref: '#/components/x-stackQL-resources/conversations/methods/bulk_delete' - analyses: - id: google.contactcenterinsights.analyses - name: analyses - title: Analyses - methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1analyses/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1analyses/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.analyses - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1analyses~1{analysesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1analyses~1{analysesId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/analyses/methods/get' - - $ref: '#/components/x-stackQL-resources/analyses/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/analyses/methods/create' - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/analyses/methods/delete' assessments: id: google.contactcenterinsights.assessments name: assessments title: Assessments methods: - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1assessments/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}~1assessments/get response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.assessments + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1assessments/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}~1assessments/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.assessments - get: + appeal: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}:appeal/post response: mediaType: application/json openAPIDocKey: '200' - delete: + publish: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}:publish/post response: mediaType: application/json openAPIDocKey: '200' - publish: + finalize: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}:publish/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}:finalize/post response: mediaType: application/json openAPIDocKey: '200' - appeal: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}:appeal/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}/get response: mediaType: application/json openAPIDocKey: '200' - finalize: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}:finalize/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -9214,35 +9635,35 @@ components: name: notes title: Notes methods: - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}~1notes/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}~1notes~1{notesId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}~1notes/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}~1notes~1{notesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.notes - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}~1notes~1{notesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}~1notes/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}~1notes~1{notesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}~1assessments~1{assessmentsId}~1notes/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.notes sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/notes/methods/list' @@ -9253,125 +9674,176 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/notes/methods/delete' - datasets: - id: google.contactcenterinsights.datasets - name: datasets - title: Datasets + authorized_views: + id: google.contactcenterinsights.authorized_views + name: authorized_views + title: Authorized_views methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.datasets get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}/get response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews/get response: mediaType: application/json openAPIDocKey: '200' - bulk_upload_feedback_labels: + objectKey: $.authorizedViews + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:bulkUploadFeedbackLabels/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews/post response: mediaType: application/json openAPIDocKey: '200' - bulk_download_feedback_labels: + query_metrics: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:bulkDownloadFeedbackLabels/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}:queryMetrics/post response: mediaType: application/json openAPIDocKey: '200' - bulk_delete_feedback_labels: + search: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:bulkDeleteFeedbackLabels/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews:search/get response: mediaType: application/json openAPIDocKey: '200' - export: + query_performance_overview: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1insightsdata:export/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}:queryPerformanceOverview/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/datasets/methods/get' - - $ref: '#/components/x-stackQL-resources/datasets/methods/list' + - $ref: '#/components/x-stackQL-resources/authorized_views/methods/get' + - $ref: '#/components/x-stackQL-resources/authorized_views/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/datasets/methods/create' + - $ref: '#/components/x-stackQL-resources/authorized_views/methods/create' update: - - $ref: '#/components/x-stackQL-resources/datasets/methods/patch' + - $ref: '#/components/x-stackQL-resources/authorized_views/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/datasets/methods/delete' - - $ref: >- - #/components/x-stackQL-resources/datasets/methods/bulk_delete_feedback_labels - insightsdata: - id: google.contactcenterinsights.insightsdata - name: insightsdata - title: Insightsdata + - $ref: '#/components/x-stackQL-resources/authorized_views/methods/delete' + authorized_views_iam_policies: + id: google.contactcenterinsights.authorized_views_iam_policies + name: authorized_views_iam_policies + title: Authorized_views_iam_policies methods: - export: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1insightsdata:export/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] + get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/authorized_views_iam_policies/methods/get_iam_policy insert: [] update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/authorized_views_iam_policies/methods/set_iam_policy delete: [] - issue_models: - id: google.contactcenterinsights.issue_models - name: issue_models - title: Issue_models + authorized_view_sets: + id: google.contactcenterinsights.authorized_view_sets + name: authorized_view_sets + title: Authorized_view_sets methods: create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1issueModels/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1issueModels/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.authorizedViewSets + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}/get response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/authorized_view_sets/methods/get' + - $ref: '#/components/x-stackQL-resources/authorized_view_sets/methods/list' + insert: + - $ref: >- + #/components/x-stackQL-resources/authorized_view_sets/methods/create + update: + - $ref: >- + #/components/x-stackQL-resources/authorized_view_sets/methods/patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/authorized_view_sets/methods/delete + issue_models: + id: google.contactcenterinsights.issue_models + name: issue_models + title: Issue_models + methods: patch: operation: $ref: >- @@ -9400,10 +9872,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - undeploy: + calculate_issue_model_stats: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1issueModels~1{issueModelsId}:undeploy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1issueModels~1{issueModelsId}:calculateIssueModelStats/get response: mediaType: application/json openAPIDocKey: '200' @@ -9421,10 +9893,24 @@ components: response: mediaType: application/json openAPIDocKey: '200' - calculate_issue_model_stats: + undeploy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1issueModels~1{issueModelsId}:calculateIssueModelStats/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1issueModels~1{issueModelsId}:undeploy/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1issueModels/get + response: + mediaType: application/json + openAPIDocKey: '200' + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1issueModels/post response: mediaType: application/json openAPIDocKey: '200' @@ -9444,10 +9930,10 @@ components: name: issues title: Issues methods: - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1issueModels~1{issueModelsId}~1issues~1{issuesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1issueModels~1{issueModelsId}~1issues~1{issuesId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -9458,10 +9944,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1issueModels~1{issueModelsId}~1issues~1{issuesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1issueModels~1{issueModelsId}~1issues~1{issuesId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -9490,130 +9976,105 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/issues/methods/delete' - phrase_matchers: - id: google.contactcenterinsights.phrase_matchers - name: phrase_matchers - title: Phrase_matchers + segments: + id: google.contactcenterinsights.segments + name: segments + title: Segments methods: - create: + bulk_analyze: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1phraseMatchers/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}~1segments:bulkAnalyze/post response: mediaType: application/json openAPIDocKey: '200' - list: + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + analyses: + id: google.contactcenterinsights.analyses + name: analyses + title: Analyses + methods: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1phraseMatchers/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}~1analyses~1{analysesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.phraseMatchers get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1phraseMatchers~1{phraseMatchersId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}~1analyses~1{analysesId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1phraseMatchers~1{phraseMatchersId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}~1analyses/post response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1phraseMatchers~1{phraseMatchersId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1conversations~1{conversationsId}~1analyses/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.analyses sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/phrase_matchers/methods/get' - - $ref: '#/components/x-stackQL-resources/phrase_matchers/methods/list' + - $ref: '#/components/x-stackQL-resources/analyses/methods/get' + - $ref: '#/components/x-stackQL-resources/analyses/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/phrase_matchers/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/phrase_matchers/methods/patch' + - $ref: '#/components/x-stackQL-resources/analyses/methods/create' + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/phrase_matchers/methods/delete' - analysis_rules: - id: google.contactcenterinsights.analysis_rules - name: analysis_rules - title: Analysis_rules + - $ref: '#/components/x-stackQL-resources/analyses/methods/delete' + insightsdata: + id: google.contactcenterinsights.insightsdata + name: insightsdata + title: Insightsdata methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1analysisRules/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1analysisRules/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.analysisRules - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1analysisRules~1{analysisRulesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1analysisRules~1{analysisRulesId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: + export: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1analysisRules~1{analysisRulesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1insightsdata:export/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/analysis_rules/methods/get' - - $ref: '#/components/x-stackQL-resources/analysis_rules/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/analysis_rules/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/analysis_rules/methods/patch' + select: [] + insert: [] + update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/analysis_rules/methods/delete' + delete: [] assessment_rules: id: google.contactcenterinsights.assessment_rules name: assessment_rules title: Assessment_rules methods: - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assessmentRules/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assessmentRules~1{assessmentRulesId}/patch response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assessmentRules/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assessmentRules~1{assessmentRulesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.assessmentRules get: operation: $ref: >- @@ -9621,20 +10082,21 @@ components: response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assessmentRules~1{assessmentRulesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assessmentRules/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assessmentRules~1{assessmentRulesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assessmentRules/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.assessmentRules sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/assessment_rules/methods/get' @@ -9646,148 +10108,161 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/assessment_rules/methods/delete' - views: - id: google.contactcenterinsights.views - name: views - title: Views + qa_questions: + id: google.contactcenterinsights.qa_questions + name: qa_questions + title: Qa_questions methods: - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1views/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}~1qaQuestions~1{qaQuestionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1views/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}~1qaQuestions~1{qaQuestionsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.views - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1views~1{viewsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}~1qaQuestions~1{qaQuestionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1views~1{viewsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}~1qaQuestions/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1views~1{viewsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}~1qaQuestions/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.qaQuestions sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/views/methods/get' - - $ref: '#/components/x-stackQL-resources/views/methods/list' + - $ref: '#/components/x-stackQL-resources/qa_questions/methods/get' + - $ref: '#/components/x-stackQL-resources/qa_questions/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/views/methods/create' + - $ref: '#/components/x-stackQL-resources/qa_questions/methods/create' update: - - $ref: '#/components/x-stackQL-resources/views/methods/patch' + - $ref: '#/components/x-stackQL-resources/qa_questions/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/views/methods/delete' - qa_question_tags: - id: google.contactcenterinsights.qa_question_tags - name: qa_question_tags - title: Qa_question_tags + - $ref: '#/components/x-stackQL-resources/qa_questions/methods/delete' + revisions: + id: google.contactcenterinsights.revisions + name: revisions + title: Revisions methods: - create: + deploy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaQuestionTags/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}:deploy/post + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}/delete response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaQuestionTags/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.qaQuestionTags - get: + objectKey: $.qaScorecardRevisions + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaQuestionTags~1{qaQuestionTagsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions/post response: mediaType: application/json openAPIDocKey: '200' - patch: + undeploy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaQuestionTags~1{qaQuestionTagsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}:undeploy/post response: mediaType: application/json openAPIDocKey: '200' - delete: + tune_qa_scorecard_revision: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaQuestionTags~1{qaQuestionTagsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}:tuneQaScorecardRevision/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/qa_question_tags/methods/get' - - $ref: '#/components/x-stackQL-resources/qa_question_tags/methods/list' + - $ref: '#/components/x-stackQL-resources/revisions/methods/get' + - $ref: '#/components/x-stackQL-resources/revisions/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/qa_question_tags/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/qa_question_tags/methods/patch' + - $ref: '#/components/x-stackQL-resources/revisions/methods/create' + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/qa_question_tags/methods/delete' + - $ref: '#/components/x-stackQL-resources/revisions/methods/delete' qa_scorecards: id: google.contactcenterinsights.qa_scorecards name: qa_scorecards title: Qa_scorecards methods: - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}/patch response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.qaScorecards - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.qaScorecards + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards/post response: mediaType: application/json openAPIDocKey: '200' @@ -9802,841 +10277,267 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/qa_scorecards/methods/delete' - revisions: - id: google.contactcenterinsights.revisions - name: revisions - title: Revisions + analysis_rules: + id: google.contactcenterinsights.analysis_rules + name: analysis_rules + title: Analysis_rules methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions/post - response: - mediaType: application/json - openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1analysisRules/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.qaScorecardRevisions - get: + objectKey: $.analysisRules + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1analysisRules/post response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - tune_qa_scorecard_revision: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}:tuneQaScorecardRevision/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1analysisRules~1{analysisRulesId}/delete response: mediaType: application/json openAPIDocKey: '200' - deploy: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}:deploy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1analysisRules~1{analysisRulesId}/patch response: mediaType: application/json openAPIDocKey: '200' - undeploy: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}:undeploy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1analysisRules~1{analysisRulesId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/revisions/methods/get' - - $ref: '#/components/x-stackQL-resources/revisions/methods/list' + - $ref: '#/components/x-stackQL-resources/analysis_rules/methods/get' + - $ref: '#/components/x-stackQL-resources/analysis_rules/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/revisions/methods/create' - update: [] + - $ref: '#/components/x-stackQL-resources/analysis_rules/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/analysis_rules/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/revisions/methods/delete' - qa_questions: - id: google.contactcenterinsights.qa_questions - name: qa_questions - title: Qa_questions + - $ref: '#/components/x-stackQL-resources/analysis_rules/methods/delete' + qa_question_tags: + id: google.contactcenterinsights.qa_question_tags + name: qa_question_tags + title: Qa_question_tags methods: - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}~1qaQuestions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaQuestionTags~1{qaQuestionTagsId}/patch response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}~1qaQuestions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaQuestionTags~1{qaQuestionTagsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.qaQuestions - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}~1qaQuestions~1{qaQuestionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaQuestionTags~1{qaQuestionTagsId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}~1qaQuestions~1{qaQuestionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaQuestionTags/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaScorecards~1{qaScorecardsId}~1revisions~1{revisionsId}~1qaQuestions~1{qaQuestionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1qaQuestionTags/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.qaQuestionTags sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/qa_questions/methods/get' - - $ref: '#/components/x-stackQL-resources/qa_questions/methods/list' + - $ref: '#/components/x-stackQL-resources/qa_question_tags/methods/get' + - $ref: '#/components/x-stackQL-resources/qa_question_tags/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/qa_questions/methods/create' + - $ref: '#/components/x-stackQL-resources/qa_question_tags/methods/create' update: - - $ref: '#/components/x-stackQL-resources/qa_questions/methods/patch' + - $ref: '#/components/x-stackQL-resources/qa_question_tags/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/qa_questions/methods/delete' - authorized_view_sets: - id: google.contactcenterinsights.authorized_view_sets - name: authorized_view_sets - title: Authorized_view_sets + - $ref: '#/components/x-stackQL-resources/qa_question_tags/methods/delete' + datasets: + id: google.contactcenterinsights.datasets + name: datasets + title: Datasets methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: + export: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1insightsdata:export/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.authorizedViewSets - get: + bulk_upload_feedback_labels: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:bulkUploadFeedbackLabels/post response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/patch response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/authorized_view_sets/methods/get' - - $ref: '#/components/x-stackQL-resources/authorized_view_sets/methods/list' - insert: - - $ref: >- - #/components/x-stackQL-resources/authorized_view_sets/methods/create - update: - - $ref: >- - #/components/x-stackQL-resources/authorized_view_sets/methods/patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/authorized_view_sets/methods/delete - authorized_views: - id: google.contactcenterinsights.authorized_views - name: authorized_views - title: Authorized_views - methods: - query_metrics: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}:queryMetrics/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/get response: mediaType: application/json openAPIDocKey: '200' - query_performance_overview: + bulk_delete_feedback_labels: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}:queryPerformanceOverview/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:bulkDeleteFeedbackLabels/post response: mediaType: application/json openAPIDocKey: '200' create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.authorizedViews - get: + objectKey: $.datasets + bulk_download_feedback_labels: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:bulkDownloadFeedbackLabels/post response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/datasets/methods/get' + - $ref: '#/components/x-stackQL-resources/datasets/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/datasets/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/datasets/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/datasets/methods/delete' + - $ref: >- + #/components/x-stackQL-resources/datasets/methods/bulk_delete_feedback_labels + views: + id: google.contactcenterinsights.views + name: views + title: Views + methods: patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1views~1{viewsId}/patch response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1views~1{viewsId}/delete response: mediaType: application/json openAPIDocKey: '200' - search: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews:search/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/authorized_views/methods/get' - - $ref: '#/components/x-stackQL-resources/authorized_views/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/authorized_views/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/authorized_views/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/authorized_views/methods/delete' - authorized_views_iam_policies: - id: google.contactcenterinsights.authorized_views_iam_policies - name: authorized_views_iam_policies - title: Authorized_views_iam_policies - methods: - set_iam_policy: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1views~1{viewsId}/get response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1views/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizedViewSets~1{authorizedViewSetsId}~1authorizedViews~1{authorizedViewsId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/authorized_views_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/authorized_views_iam_policies/methods/set_iam_policy - delete: [] -paths: - /v1/projects/{projectsId}/locations/{locationsId}/settings: - parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - get: - description: Gets project-level settings. - operationId: contactcenterinsights.projects.locations.getSettings - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Settings - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - patch: - description: Updates project-level settings. - operationId: contactcenterinsights.projects.locations.updateSettings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Settings' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Settings - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/encryptionSpec: - parameters: *ref_1 - get: - description: Gets location-level encryption key specification. - operationId: contactcenterinsights.projects.locations.getEncryptionSpec - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1EncryptionSpec - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}:queryMetrics: - parameters: *ref_1 - post: - description: Query metrics. - operationId: contactcenterinsights.projects.locations.queryMetrics - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsRequest - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}:queryPerformanceOverview: - parameters: *ref_1 - post: - description: >- - Generates a summary of predefined performance metrics for a set of - conversations. Conversations can be specified by specifying a time - window and an agent id, for now. The summary includes a comparison of - metrics computed for conversations in the previous time period, and also - a comparison with peers in the same time period. - operationId: contactcenterinsights.projects.locations.queryPerformanceOverview - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewRequest - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}:listAllFeedbackLabels: - parameters: *ref_1 - get: - description: List all feedback labels by project number. - operationId: contactcenterinsights.projects.locations.listAllFeedbackLabels - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListAllFeedbackLabelsResponse - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}:bulkUploadFeedbackLabels: - parameters: *ref_1 - post: - description: >- - Upload feedback labels from an external source in bulk. Currently - supports labeling Quality AI example conversations. - operationId: contactcenterinsights.projects.locations.bulkUploadFeedbackLabels - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequest - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}:bulkDownloadFeedbackLabels: - parameters: *ref_1 - post: - description: >- - Download feedback labels in bulk from an external source. Currently - supports exporting Quality AI example conversations with transcripts and - question bodies. - operationId: contactcenterinsights.projects.locations.bulkDownloadFeedbackLabels - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequest - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}:bulkDeleteFeedbackLabels: - parameters: *ref_1 - post: - description: Delete feedback labels in bulk using a filter. - operationId: contactcenterinsights.projects.locations.bulkDeleteFeedbackLabels - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsRequest - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: contactcenterinsights.projects.locations.operations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: contactcenterinsights.projects.locations.operations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: contactcenterinsights.projects.locations.operations.cancel - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/conversations: - parameters: *ref_1 - post: - description: >- - Creates a conversation. Note that this method does not support audio - transcription or redaction. Use `conversations.upload` instead. - operationId: contactcenterinsights.projects.locations.conversations.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Conversation - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Conversation - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: conversationId - schema: - type: string - get: - description: Lists conversations. - operationId: contactcenterinsights.projects.locations.conversations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListConversationsResponse - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: view - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/conversations:upload: - parameters: *ref_1 + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1views/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.views + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/views/methods/get' + - $ref: '#/components/x-stackQL-resources/views/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/views/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/views/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/views/methods/delete' +paths: + /v1/projects/{projectsId}/locations/{locationsId}:bulkDeleteFeedbackLabels: + parameters: &ref_1 + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/alt' post: - description: >- - Create a long-running conversation upload operation. This method differs - from `CreateConversation` by allowing audio transcription and optional - DLP redaction. - operationId: contactcenterinsights.projects.locations.conversations.upload + description: Delete feedback labels in bulk using a filter. + operationId: contactcenterinsights.projects.locations.bulkDeleteFeedbackLabels requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1UploadConversationRequest + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10660,17 +10561,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/encryptionSpec: parameters: *ref_1 - patch: - description: Updates a conversation. - operationId: contactcenterinsights.projects.locations.conversations.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Conversation + get: + description: Gets location-level encryption key specification. + operationId: contactcenterinsights.projects.locations.getEncryptionSpec security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10683,7 +10578,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Conversation + #/components/schemas/GoogleCloudContactcenterinsightsV1EncryptionSpec parameters: - in: path name: projectsId @@ -10695,23 +10590,11 @@ paths: required: true schema: type: string - - in: path - name: conversationsId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: allowMissing - schema: - type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/settings: + parameters: *ref_1 get: - description: Gets a conversation. - operationId: contactcenterinsights.projects.locations.conversations.get + description: Gets project-level settings. + operationId: contactcenterinsights.projects.locations.getSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10724,7 +10607,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Conversation + #/components/schemas/GoogleCloudContactcenterinsightsV1Settings parameters: - in: path name: projectsId @@ -10736,18 +10619,14 @@ paths: required: true schema: type: string - - in: path - name: conversationsId - required: true - schema: - type: string - - in: query - name: view - schema: - type: string - delete: - description: Deletes a conversation. - operationId: contactcenterinsights.projects.locations.conversations.delete + patch: + description: Updates project-level settings. + operationId: contactcenterinsights.projects.locations.updateSettings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Settings' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10759,7 +10638,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1Settings parameters: - in: path name: projectsId @@ -10771,28 +10651,25 @@ paths: required: true schema: type: string - - in: path - name: conversationsId - required: true - schema: - type: string - in: query - name: force + name: updateMask schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/conversations:sample: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}:bulkDownloadFeedbackLabels: parameters: *ref_1 post: description: >- - Samples conversations based on user configuration and handles the - sampled conversations for different use cases. - operationId: contactcenterinsights.projects.locations.conversations.sample + Download feedback labels in bulk from an external source. Currently + supports exporting Quality AI example conversations with transcripts and + question bodies. + operationId: contactcenterinsights.projects.locations.bulkDownloadFeedbackLabels requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1SampleConversationsRequest + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10816,17 +10693,22 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/conversations:bulkAnalyze: + /v1/projects/{projectsId}/locations/{locationsId}:queryPerformanceOverview: parameters: *ref_1 post: - description: Analyzes multiple conversations in a single request. - operationId: contactcenterinsights.projects.locations.conversations.bulkAnalyze + description: >- + Generates a summary of predefined performance metrics for a set of + conversations. Conversations can be specified by specifying a time + window and an agent id, for now. The summary includes a comparison of + metrics computed for conversations in the previous time period, and also + a comparison with peers in the same time period. + operationId: contactcenterinsights.projects.locations.queryPerformanceOverview requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsRequest + #/components/schemas/GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10850,17 +10732,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/conversations:bulkDelete: + /v1/projects/{projectsId}/locations/{locationsId}:listAllFeedbackLabels: parameters: *ref_1 - post: - description: Deletes multiple conversations in a single request. - operationId: contactcenterinsights.projects.locations.conversations.bulkDelete - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDeleteConversationsRequest + get: + description: List all feedback labels by project number. + operationId: contactcenterinsights.projects.locations.listAllFeedbackLabels security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10872,7 +10748,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ListAllFeedbackLabelsResponse parameters: - in: path name: projectsId @@ -10884,19 +10761,32 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/conversations:ingest: + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}:bulkUploadFeedbackLabels: parameters: *ref_1 post: description: >- - Imports conversations and processes them according to the user's - configuration. - operationId: contactcenterinsights.projects.locations.conversations.ingest + Upload feedback labels from an external source in bulk. Currently + supports labeling Quality AI example conversations. + operationId: contactcenterinsights.projects.locations.bulkUploadFeedbackLabels requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IngestConversationsRequest + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10920,51 +10810,17 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/conversations:calculateStats: - parameters: *ref_1 - get: - description: Gets conversation statistics. - operationId: contactcenterinsights.projects.locations.conversations.calculateStats - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1CalculateStatsResponse - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/analyses: + /v1/projects/{projectsId}/locations/{locationsId}:queryMetrics: parameters: *ref_1 post: - description: >- - Creates an analysis. The long running operation is done when the - analysis has completed. - operationId: contactcenterinsights.projects.locations.conversations.analyses.create + description: Query metrics. + operationId: contactcenterinsights.projects.locations.queryMetrics requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Analysis' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10988,14 +10844,11 @@ paths: required: true schema: type: string - - in: path - name: conversationsId - required: true - schema: - type: string - get: - description: Lists analyses. - operationId: contactcenterinsights.projects.locations.conversations.analyses.list + /v1/projects/{projectsId}/locations/{locationsId}/phraseMatchers/{phraseMatchersId}: + parameters: *ref_1 + delete: + description: Deletes a phrase matcher. + operationId: contactcenterinsights.projects.locations.phraseMatchers.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11007,8 +10860,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListAnalysesResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -11021,28 +10873,19 @@ paths: schema: type: string - in: path - name: conversationsId + name: phraseMatchersId required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/analyses/{analysesId}: - parameters: *ref_1 - get: - description: Gets an analysis. - operationId: contactcenterinsights.projects.locations.conversations.analyses.get + schema: + type: string + patch: + description: Updates a phrase matcher. + operationId: contactcenterinsights.projects.locations.phraseMatchers.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatcher security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11055,7 +10898,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Analysis + #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatcher parameters: - in: path name: projectsId @@ -11068,18 +10911,18 @@ paths: schema: type: string - in: path - name: conversationsId + name: phraseMatchersId required: true schema: type: string - - in: path - name: analysesId - required: true + - in: query + name: updateMask schema: type: string - delete: - description: Deletes an analysis. - operationId: contactcenterinsights.projects.locations.conversations.analyses.delete + format: google-fieldmask + get: + description: Gets a phrase matcher. + operationId: contactcenterinsights.projects.locations.phraseMatchers.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11091,7 +10934,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatcher parameters: - in: path name: projectsId @@ -11104,27 +10948,21 @@ paths: schema: type: string - in: path - name: conversationsId - required: true - schema: - type: string - - in: path - name: analysesId + name: phraseMatchersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/feedbackLabels: + /v1/projects/{projectsId}/locations/{locationsId}/phraseMatchers: parameters: *ref_1 post: - description: Create feedback label. - operationId: >- - contactcenterinsights.projects.locations.conversations.feedbackLabels.create + description: Creates a phrase matcher. + operationId: contactcenterinsights.projects.locations.phraseMatchers.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel + #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatcher security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11137,7 +10975,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel + #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatcher parameters: - in: path name: projectsId @@ -11149,19 +10987,9 @@ paths: required: true schema: type: string - - in: path - name: conversationsId - required: true - schema: - type: string - - in: query - name: feedbackLabelId - schema: - type: string get: - description: List feedback labels. - operationId: >- - contactcenterinsights.projects.locations.conversations.feedbackLabels.list + description: Lists phrase matchers. + operationId: contactcenterinsights.projects.locations.phraseMatchers.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11174,7 +11002,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListFeedbackLabelsResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1ListPhraseMatchersResponse parameters: - in: path name: projectsId @@ -11186,11 +11014,6 @@ paths: required: true schema: type: string - - in: path - name: conversationsId - required: true - schema: - type: string - in: query name: filter schema: @@ -11204,12 +11027,14 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/feedbackLabels/{feedbackLabelsId}: + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/operations: parameters: *ref_1 get: - description: Get feedback label. + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. operationId: >- - contactcenterinsights.projects.locations.conversations.feedbackLabels.get + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11221,8 +11046,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -11235,25 +11059,47 @@ paths: schema: type: string - in: path - name: conversationsId + name: authorizedViewSetsId required: true schema: type: string - in: path - name: feedbackLabelsId + name: authorizedViewsId required: true schema: type: string - patch: - description: Update feedback label. + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. operationId: >- - contactcenterinsights.projects.locations.conversations.feedbackLabels.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11265,8 +11111,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -11279,24 +11124,29 @@ paths: schema: type: string - in: path - name: conversationsId + name: authorizedViewSetsId required: true schema: type: string - in: path - name: feedbackLabelsId + name: authorizedViewsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: operationsId + required: true schema: type: string - format: google-fieldmask - delete: - description: Delete feedback label. + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. operationId: >- - contactcenterinsights.projects.locations.conversations.feedbackLabels.delete + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11308,7 +11158,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -11321,27 +11171,26 @@ paths: schema: type: string - in: path - name: conversationsId + name: authorizedViewSetsId required: true schema: type: string - in: path - name: feedbackLabelsId + name: authorizedViewsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/assessments: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations:calculateStats: parameters: *ref_1 - post: - description: Create Assessment. + get: + description: Gets conversation statistics. operationId: >- - contactcenterinsights.projects.locations.conversations.assessments.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.calculateStats security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11354,7 +11203,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment + #/components/schemas/GoogleCloudContactcenterinsightsV1CalculateStatsResponse parameters: - in: path name: projectsId @@ -11367,13 +11216,25 @@ paths: schema: type: string - in: path - name: conversationsId + name: authorizedViewSetsId required: true schema: type: string + - in: path + name: authorizedViewsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations: + parameters: *ref_1 get: - description: List Assessments. - operationId: contactcenterinsights.projects.locations.conversations.assessments.list + description: Lists conversations. + operationId: >- + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11386,7 +11247,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListAssessmentsResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1ListConversationsResponse parameters: - in: path name: projectsId @@ -11399,15 +11260,28 @@ paths: schema: type: string - in: path - name: conversationsId + name: authorizedViewSetsId + required: true + schema: + type: string + - in: path + name: authorizedViewsId required: true schema: type: string + - in: query + name: orderBy + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: view + schema: + type: string - in: query name: pageToken schema: @@ -11416,11 +11290,12 @@ paths: name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/assessments/{assessmentsId}: + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}: parameters: *ref_1 - get: - description: Get Assessment. - operationId: contactcenterinsights.projects.locations.conversations.assessments.get + delete: + description: Deletes a conversation. + operationId: >- + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11432,8 +11307,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -11446,19 +11320,28 @@ paths: schema: type: string - in: path - name: conversationsId + name: authorizedViewSetsId required: true schema: type: string - in: path - name: assessmentsId + name: authorizedViewsId required: true schema: type: string - delete: - description: Delete an Assessment. + - in: path + name: conversationsId + required: true + schema: + type: string + - in: query + name: force + schema: + type: boolean + get: + description: Gets a conversation. operationId: >- - contactcenterinsights.projects.locations.conversations.assessments.delete + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11470,7 +11353,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1Conversation parameters: - in: path name: projectsId @@ -11483,31 +11367,36 @@ paths: schema: type: string - in: path - name: conversationsId + name: authorizedViewSetsId required: true schema: type: string - in: path - name: assessmentsId + name: authorizedViewsId + required: true + schema: + type: string + - in: path + name: conversationsId required: true schema: type: string - in: query - name: force + name: view schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/assessments/{assessmentsId}:publish: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/feedbackLabels/{feedbackLabelsId}: parameters: *ref_1 - post: - description: Publish an Assessment. + patch: + description: Update feedback label. operationId: >- - contactcenterinsights.projects.locations.conversations.assessments.publish + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.feedbackLabels.patch requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1PublishAssessmentRequest + #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11520,7 +11409,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment + #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel parameters: - in: path name: projectsId @@ -11532,28 +11421,35 @@ paths: required: true schema: type: string + - in: path + name: authorizedViewSetsId + required: true + schema: + type: string + - in: path + name: authorizedViewsId + required: true + schema: + type: string - in: path name: conversationsId required: true schema: type: string - in: path - name: assessmentsId + name: feedbackLabelsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/assessments/{assessmentsId}:appeal: - parameters: *ref_1 - post: - description: Appeal an Assessment. + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Delete feedback label. operationId: >- - contactcenterinsights.projects.locations.conversations.assessments.appeal - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AppealAssessmentRequest + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.feedbackLabels.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11565,8 +11461,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -11578,28 +11473,30 @@ paths: required: true schema: type: string + - in: path + name: authorizedViewSetsId + required: true + schema: + type: string + - in: path + name: authorizedViewsId + required: true + schema: + type: string - in: path name: conversationsId required: true schema: type: string - in: path - name: assessmentsId + name: feedbackLabelsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/assessments/{assessmentsId}:finalize: - parameters: *ref_1 - post: - description: Finalize an Assessment. + get: + description: Get feedback label. operationId: >- - contactcenterinsights.projects.locations.conversations.assessments.finalize - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1FinalizeAssessmentRequest + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.feedbackLabels.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11612,7 +11509,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment + #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel parameters: - in: path name: projectsId @@ -11624,27 +11521,38 @@ paths: required: true schema: type: string + - in: path + name: authorizedViewSetsId + required: true + schema: + type: string + - in: path + name: authorizedViewsId + required: true + schema: + type: string - in: path name: conversationsId required: true schema: type: string - in: path - name: assessmentsId + name: feedbackLabelsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/assessments/{assessmentsId}/notes: + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/feedbackLabels: parameters: *ref_1 post: - description: Create Note. + description: Create feedback label. operationId: >- - contactcenterinsights.projects.locations.conversations.assessments.notes.create + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.feedbackLabels.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11656,7 +11564,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel parameters: - in: path name: projectsId @@ -11669,19 +11578,28 @@ paths: schema: type: string - in: path - name: conversationsId + name: authorizedViewSetsId required: true schema: type: string - in: path - name: assessmentsId + name: authorizedViewsId + required: true + schema: + type: string + - in: path + name: conversationsId required: true schema: type: string + - in: query + name: feedbackLabelId + schema: + type: string get: - description: List Notes. + description: List feedback labels. operationId: >- - contactcenterinsights.projects.locations.conversations.assessments.notes.list + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.feedbackLabels.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11694,7 +11612,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListNotesResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1ListFeedbackLabelsResponse parameters: - in: path name: projectsId @@ -11707,35 +11625,39 @@ paths: schema: type: string - in: path - name: conversationsId + name: authorizedViewSetsId required: true schema: type: string - in: path - name: assessmentsId + name: authorizedViewsId + required: true + schema: + type: string + - in: path + name: conversationsId required: true schema: type: string - in: query - name: pageSize + name: filter schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/assessments/{assessmentsId}/notes/{notesId}: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/assessments: parameters: *ref_1 - patch: - description: Update Note. + get: + description: List Assessments. operationId: >- - contactcenterinsights.projects.locations.conversations.assessments.notes.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11747,7 +11669,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ListAssessmentsResponse parameters: - in: path name: projectsId @@ -11760,29 +11683,43 @@ paths: schema: type: string - in: path - name: conversationsId + name: authorizedViewSetsId required: true schema: type: string - in: path - name: assessmentsId + name: authorizedViewsId required: true schema: type: string - in: path - name: notesId + name: conversationsId required: true schema: type: string - in: query - name: updateMask + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - format: google-fieldmask - delete: - description: Deletes a Note. + - in: query + name: pageToken + schema: + type: string + post: + description: Create Assessment. operationId: >- - contactcenterinsights.projects.locations.conversations.assessments.notes.delete + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11794,7 +11731,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment parameters: - in: path name: projectsId @@ -11807,30 +11745,32 @@ paths: schema: type: string - in: path - name: conversationsId + name: authorizedViewSetsId required: true schema: type: string - in: path - name: assessmentsId + name: authorizedViewsId required: true schema: type: string - in: path - name: notesId + name: conversationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets: + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/assessments/{assessmentsId}:appeal: parameters: *ref_1 post: - description: Creates a dataset. - operationId: contactcenterinsights.projects.locations.datasets.create + description: Appeal an Assessment. + operationId: >- + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.appeal requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dataset' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AppealAssessmentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11842,7 +11782,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dataset' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment parameters: - in: path name: projectsId @@ -11854,55 +11795,38 @@ paths: required: true schema: type: string - - in: query - name: datasetId - schema: - type: string - get: - description: List datasets matching the input. - operationId: contactcenterinsights.projects.locations.datasets.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListDatasetsResponse - parameters: - in: path - name: projectsId + name: authorizedViewSetsId required: true schema: type: string - in: path - name: locationsId + name: authorizedViewsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: conversationsId + required: true schema: type: string - - in: query - name: filter + - in: path + name: assessmentsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}: + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/assessments/{assessmentsId}:publish: parameters: *ref_1 - get: - description: Gets a dataset. - operationId: contactcenterinsights.projects.locations.datasets.get + post: + description: Publish an Assessment. + operationId: >- + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.publish + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1PublishAssessmentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11914,7 +11838,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dataset' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment parameters: - in: path name: projectsId @@ -11927,18 +11852,37 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId required: true schema: type: string - patch: - description: Updates a dataset. - operationId: contactcenterinsights.projects.locations.datasets.patch + - in: path + name: authorizedViewsId + required: true + schema: + type: string + - in: path + name: conversationsId + required: true + schema: + type: string + - in: path + name: assessmentsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/assessments/{assessmentsId}:finalize: + parameters: *ref_1 + post: + description: Finalize an Assessment. + operationId: >- + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.finalize requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dataset' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1FinalizeAssessmentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11950,7 +11894,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dataset' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment parameters: - in: path name: projectsId @@ -11963,51 +11908,31 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Delete a dataset. - operationId: contactcenterinsights.projects.locations.datasets.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - in: path - name: projectsId + name: authorizedViewsId required: true schema: type: string - in: path - name: locationsId + name: conversationsId required: true schema: type: string - in: path - name: datasetsId + name: assessmentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:listAllFeedbackLabels: + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/assessments/{assessmentsId}: parameters: *ref_1 get: - description: List all feedback labels by project number. - operationId: contactcenterinsights.projects.locations.datasets.listAllFeedbackLabels + description: Get Assessment. + operationId: >- + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12020,7 +11945,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListAllFeedbackLabelsResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment parameters: - in: path name: projectsId @@ -12033,37 +11958,29 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId required: true schema: type: string - - in: query - name: pageSize + - in: path + name: authorizedViewsId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: conversationsId + required: true schema: type: string - - in: query - name: filter + - in: path + name: assessmentsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:bulkUploadFeedbackLabels: - parameters: *ref_1 - post: - description: >- - Upload feedback labels from an external source in bulk. Currently - supports labeling Quality AI example conversations. + delete: + description: Delete an Assessment. operationId: >- - contactcenterinsights.projects.locations.datasets.bulkUploadFeedbackLabels - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequest + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12075,7 +11992,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -12088,25 +12005,35 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:bulkDownloadFeedbackLabels: + - in: path + name: authorizedViewsId + required: true + schema: + type: string + - in: path + name: conversationsId + required: true + schema: + type: string + - in: path + name: assessmentsId + required: true + schema: + type: string + - in: query + name: force + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/assessments/{assessmentsId}/notes/{notesId}: parameters: *ref_1 - post: - description: >- - Download feedback labels in bulk from an external source. Currently - supports exporting Quality AI example conversations with transcripts and - question bodies. + delete: + description: Deletes a Note. operationId: >- - contactcenterinsights.projects.locations.datasets.bulkDownloadFeedbackLabels - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequest + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.notes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12118,7 +12045,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -12131,22 +12058,39 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:bulkDeleteFeedbackLabels: - parameters: *ref_1 - post: - description: Delete feedback labels in bulk using a filter. + - in: path + name: authorizedViewsId + required: true + schema: + type: string + - in: path + name: conversationsId + required: true + schema: + type: string + - in: path + name: assessmentsId + required: true + schema: + type: string + - in: path + name: notesId + required: true + schema: + type: string + patch: + description: Update Note. operationId: >- - contactcenterinsights.projects.locations.datasets.bulkDeleteFeedbackLabels + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.notes.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsRequest + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12158,7 +12102,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' parameters: - in: path name: projectsId @@ -12171,56 +12115,46 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations/{conversationsId}: - parameters: *ref_1 - get: - description: Gets a conversation. - operationId: contactcenterinsights.projects.locations.datasets.conversations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Conversation - parameters: - in: path - name: projectsId + name: authorizedViewsId required: true schema: type: string - in: path - name: locationsId + name: conversationsId required: true schema: type: string - in: path - name: datasetsId + name: assessmentsId required: true schema: type: string - in: path - name: conversationsId + name: notesId required: true schema: type: string - in: query - name: view + name: updateMask schema: type: string - delete: - description: Deletes a conversation. - operationId: contactcenterinsights.projects.locations.datasets.conversations.delete + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/assessments/{assessmentsId}/notes: + parameters: *ref_1 + post: + description: Create Note. + operationId: >- + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.notes.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12232,7 +12166,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' parameters: - in: path name: projectsId @@ -12245,7 +12179,12 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId + required: true + schema: + type: string + - in: path + name: authorizedViewsId required: true schema: type: string @@ -12254,15 +12193,15 @@ paths: required: true schema: type: string - - in: query - name: force + - in: path + name: assessmentsId + required: true schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations: - parameters: *ref_1 + type: string get: - description: Lists conversations. - operationId: contactcenterinsights.projects.locations.datasets.conversations.list + description: List Notes. + operationId: >- + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.notes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12275,7 +12214,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListConversationsResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1ListNotesResponse parameters: - in: path name: projectsId @@ -12288,44 +12227,40 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId required: true schema: type: string - - in: query - name: pageSize + - in: path + name: authorizedViewsId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: conversationsId + required: true schema: type: string - - in: query - name: filter + - in: path + name: assessmentsId + required: true schema: type: string - in: query - name: orderBy + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: view + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations:sample: + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}: parameters: *ref_1 - post: - description: >- - Samples conversations based on user configuration and handles the - sampled conversations for different use cases. - operationId: contactcenterinsights.projects.locations.datasets.conversations.sample - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1SampleConversationsRequest + delete: + description: Deletes an AuthorizedView. + operationId: >- + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12337,7 +12272,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -12350,22 +12285,19 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations:bulkAnalyze: - parameters: *ref_1 - post: - description: Analyzes multiple conversations in a single request. + - in: path + name: authorizedViewsId + required: true + schema: + type: string + get: + description: Get AuthorizedView operationId: >- - contactcenterinsights.projects.locations.datasets.conversations.bulkAnalyze - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsRequest + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12377,7 +12309,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedView parameters: - in: path name: projectsId @@ -12390,22 +12323,25 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations:bulkDelete: - parameters: *ref_1 - post: - description: Deletes multiple conversations in a single request. + - in: path + name: authorizedViewsId + required: true + schema: + type: string + patch: + description: Updates an AuthorizedView. operationId: >- - contactcenterinsights.projects.locations.datasets.conversations.bulkDelete + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.patch requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDeleteConversationsRequest + #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedView security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12417,7 +12353,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedView parameters: - in: path name: projectsId @@ -12430,23 +12367,26 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations:ingest: + - in: path + name: authorizedViewsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews: parameters: *ref_1 - post: - description: >- - Imports conversations and processes them according to the user's - configuration. - operationId: contactcenterinsights.projects.locations.datasets.conversations.ingest - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IngestConversationsRequest + get: + description: List AuthorizedViewSets + operationId: >- + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12458,7 +12398,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ListAuthorizedViewsResponse parameters: - in: path name: projectsId @@ -12471,22 +12412,37 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations:calculateStats: - parameters: *ref_1 + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string post: - description: Gets conversation statistics. + description: Create AuthorizedView operationId: >- - contactcenterinsights.projects.locations.datasets.conversations.calculateStats + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1CalculateStatsRequest + #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedView security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12499,7 +12455,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1CalculateStatsResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedView parameters: - in: path name: projectsId @@ -12512,23 +12468,26 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations/{conversationsId}/analyses: + - in: query + name: authorizedViewId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}:queryMetrics: parameters: *ref_1 post: - description: >- - Creates an analysis. The long running operation is done when the - analysis has completed. + description: Query metrics. operationId: >- - contactcenterinsights.projects.locations.datasets.conversations.analyses.create + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.queryMetrics requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Analysis' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12553,19 +12512,21 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId required: true schema: type: string - in: path - name: conversationsId + name: authorizedViewsId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews:search: + parameters: *ref_1 get: - description: Lists analyses. + description: SearchAuthorizedViewSets operationId: >- - contactcenterinsights.projects.locations.datasets.conversations.analyses.list + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.search security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12578,7 +12539,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListAnalysesResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1SearchAuthorizedViewsResponse parameters: - in: path name: projectsId @@ -12591,13 +12552,16 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId required: true schema: type: string - - in: path - name: conversationsId - required: true + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken schema: type: string - in: query @@ -12606,19 +12570,75 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: query schema: type: string - - in: query - name: filter + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}:queryPerformanceOverview: + parameters: *ref_1 + post: + description: >- + Generates a summary of predefined performance metrics for a set of + conversations. Conversations can be specified by specifying a time + window and an agent id, for now. The summary includes a comparison of + metrics computed for conversations in the previous time period, and also + a comparison with peers in the same time period. + operationId: >- + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.queryPerformanceOverview + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: authorizedViewSetsId + required: true + schema: + type: string + - in: path + name: authorizedViewsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations/{conversationsId}/analyses/{analysesId}: + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}:testIamPermissions: parameters: *ref_1 - get: - description: Gets an analysis. + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. operationId: >- - contactcenterinsights.projects.locations.datasets.conversations.analyses.get + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12630,8 +12650,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Analysis + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -12644,24 +12663,23 @@ paths: schema: type: string - in: path - name: datasetsId - required: true - schema: - type: string - - in: path - name: conversationsId + name: authorizedViewSetsId required: true schema: type: string - in: path - name: analysesId + name: authorizedViewsId required: true schema: type: string - delete: - description: Deletes an analysis. + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. operationId: >- - contactcenterinsights.projects.locations.datasets.conversations.analyses.delete + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12673,7 +12691,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -12686,32 +12704,34 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId required: true schema: type: string - in: path - name: conversationsId + name: authorizedViewsId required: true schema: type: string - - in: path - name: analysesId - required: true + - in: query + name: options.requestedPolicyVersion schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations/{conversationsId}/feedbackLabels: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}:setIamPolicy: parameters: *ref_1 post: - description: Create feedback label. + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. operationId: >- - contactcenterinsights.projects.locations.datasets.conversations.feedbackLabels.create + contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.setIamPolicy requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12723,8 +12743,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -12737,23 +12756,26 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId required: true schema: type: string - in: path - name: conversationsId + name: authorizedViewsId required: true schema: type: string - - in: query - name: feedbackLabelId - schema: - type: string - get: - description: List feedback labels. - operationId: >- - contactcenterinsights.projects.locations.datasets.conversations.feedbackLabels.list + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets: + parameters: *ref_1 + post: + description: Create AuthorizedViewSet + operationId: contactcenterinsights.projects.locations.authorizedViewSets.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedViewSet security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12766,7 +12788,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListFeedbackLabelsResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedViewSet parameters: - in: path name: projectsId @@ -12778,35 +12800,13 @@ paths: required: true schema: type: string - - in: path - name: datasetsId - required: true - schema: - type: string - - in: path - name: conversationsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query - name: pageToken + name: authorizedViewSetId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations/{conversationsId}/feedbackLabels/{feedbackLabelsId}: - parameters: *ref_1 get: - description: Get feedback label. - operationId: >- - contactcenterinsights.projects.locations.datasets.conversations.feedbackLabels.get + description: List AuthorizedViewSets + operationId: contactcenterinsights.projects.locations.authorizedViewSets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12819,7 +12819,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel + #/components/schemas/GoogleCloudContactcenterinsightsV1ListAuthorizedViewSetsResponse parameters: - in: path name: projectsId @@ -12831,31 +12831,34 @@ paths: required: true schema: type: string - - in: path - name: datasetsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy schema: type: string - - in: path - name: conversationsId - required: true + - in: query + name: filter schema: type: string - - in: path - name: feedbackLabelsId - required: true + - in: query + name: pageToken schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}: + parameters: *ref_1 patch: - description: Update feedback label. - operationId: >- - contactcenterinsights.projects.locations.datasets.conversations.feedbackLabels.patch + description: Updates an AuthorizedViewSet. + operationId: contactcenterinsights.projects.locations.authorizedViewSets.patch requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel + #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedViewSet security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12868,7 +12871,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel + #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedViewSet parameters: - in: path name: projectsId @@ -12881,17 +12884,7 @@ paths: schema: type: string - in: path - name: datasetsId - required: true - schema: - type: string - - in: path - name: conversationsId - required: true - schema: - type: string - - in: path - name: feedbackLabelsId + name: authorizedViewSetsId required: true schema: type: string @@ -12901,9 +12894,8 @@ paths: type: string format: google-fieldmask delete: - description: Delete feedback label. - operationId: >- - contactcenterinsights.projects.locations.datasets.conversations.feedbackLabels.delete + description: Deletes an AuthorizedViewSet. + operationId: contactcenterinsights.projects.locations.authorizedViewSets.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12928,31 +12920,17 @@ paths: schema: type: string - in: path - name: datasetsId - required: true - schema: - type: string - - in: path - name: conversationsId + name: authorizedViewSetsId required: true schema: type: string - - in: path - name: feedbackLabelsId - required: true + - in: query + name: force schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/insightsdata:export: - parameters: *ref_1 - post: - description: Export insights data to a destination defined in the request body. - operationId: contactcenterinsights.projects.locations.datasets.insightsdata.export - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ExportInsightsDataRequest + type: boolean + get: + description: Get AuthorizedViewSet + operationId: contactcenterinsights.projects.locations.authorizedViewSets.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12964,7 +12942,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedViewSet parameters: - in: path name: projectsId @@ -12977,21 +12956,21 @@ paths: schema: type: string - in: path - name: datasetsId + name: authorizedViewSetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/insightsdata:export: + /v1/projects/{projectsId}/locations/{locationsId}/issueModels/{issueModelsId}: parameters: *ref_1 - post: - description: Export insights data to a destination defined in the request body. - operationId: contactcenterinsights.projects.locations.insightsdata.export + patch: + description: Updates an issue model. + operationId: contactcenterinsights.projects.locations.issueModels.patch requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ExportInsightsDataRequest + #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13003,7 +12982,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModel parameters: - in: path name: projectsId @@ -13015,17 +12995,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/issueModels: - parameters: *ref_1 - post: - description: Creates an issue model. - operationId: contactcenterinsights.projects.locations.issueModels.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModel + - in: path + name: issueModelsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets an issue model. + operationId: contactcenterinsights.projects.locations.issueModels.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13037,7 +13019,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModel parameters: - in: path name: projectsId @@ -13049,9 +13032,14 @@ paths: required: true schema: type: string - get: - description: Lists issue models. - operationId: contactcenterinsights.projects.locations.issueModels.list + - in: path + name: issueModelsId + required: true + schema: + type: string + delete: + description: Deletes an issue model. + operationId: contactcenterinsights.projects.locations.issueModels.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13063,8 +13051,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListIssueModelsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -13076,17 +13063,24 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/issueModels/{issueModelsId}: + - in: path + name: issueModelsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/issueModels/{issueModelsId}:deploy: parameters: *ref_1 - patch: - description: Updates an issue model. - operationId: contactcenterinsights.projects.locations.issueModels.patch + post: + description: >- + Deploys an issue model. Returns an error if a model is already deployed. + An issue model can only be used in analysis after it has been deployed. + operationId: contactcenterinsights.projects.locations.issueModels.deploy requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModel + #/components/schemas/GoogleCloudContactcenterinsightsV1DeployIssueModelRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13098,8 +13092,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModel + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -13116,14 +13109,12 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/issueModels/{issueModelsId}:calculateIssueModelStats: + parameters: *ref_1 get: - description: Gets an issue model. - operationId: contactcenterinsights.projects.locations.issueModels.get + description: Gets an issue model's statistics. + operationId: >- + contactcenterinsights.projects.locations.issueModels.calculateIssueModelStats security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13136,7 +13127,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModel + #/components/schemas/GoogleCloudContactcenterinsightsV1CalculateIssueModelStatsResponse parameters: - in: path name: projectsId @@ -13153,9 +13144,17 @@ paths: required: true schema: type: string - delete: - description: Deletes an issue model. - operationId: contactcenterinsights.projects.locations.issueModels.delete + /v1/projects/{projectsId}/locations/{locationsId}/issueModels/{issueModelsId}:export: + parameters: *ref_1 + post: + description: Exports an issue model to the provided destination. + operationId: contactcenterinsights.projects.locations.issueModels.export + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ExportIssueModelRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13184,19 +13183,17 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/issueModels/{issueModelsId}:deploy: + /v1/projects/{projectsId}/locations/{locationsId}/issueModels:import: parameters: *ref_1 post: - description: >- - Deploys an issue model. Returns an error if a model is already deployed. - An issue model can only be used in analysis after it has been deployed. - operationId: contactcenterinsights.projects.locations.issueModels.deploy + description: Imports an issue model from a Cloud Storage bucket. + operationId: contactcenterinsights.projects.locations.issueModels.import requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1DeployIssueModelRequest + #/components/schemas/GoogleCloudContactcenterinsightsV1ImportIssueModelRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13220,11 +13217,6 @@ paths: required: true schema: type: string - - in: path - name: issueModelsId - required: true - schema: - type: string /v1/projects/{projectsId}/locations/{locationsId}/issueModels/{issueModelsId}:undeploy: parameters: *ref_1 post: @@ -13266,17 +13258,44 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/issueModels/{issueModelsId}:export: + /v1/projects/{projectsId}/locations/{locationsId}/issueModels: parameters: *ref_1 + get: + description: Lists issue models. + operationId: contactcenterinsights.projects.locations.issueModels.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ListIssueModelsResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string post: - description: Exports an issue model to the provided destination. - operationId: contactcenterinsights.projects.locations.issueModels.export + description: Creates an issue model. + operationId: contactcenterinsights.projects.locations.issueModels.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ExportIssueModelRequest + #/components/schemas/GoogleCloudContactcenterinsightsV1IssueModel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13300,22 +13319,52 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/issueModels/{issueModelsId}/issues/{issuesId}: + parameters: *ref_1 + delete: + description: Deletes an issue. + operationId: contactcenterinsights.projects.locations.issueModels.issues.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string - in: path name: issueModelsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/issueModels:import: - parameters: *ref_1 - post: - description: Imports an issue model from a Cloud Storage bucket. - operationId: contactcenterinsights.projects.locations.issueModels.import + - in: path + name: issuesId + required: true + schema: + type: string + patch: + description: Updates an issue. + operationId: contactcenterinsights.projects.locations.issueModels.issues.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ImportIssueModelRequest + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Issue' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13327,7 +13376,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Issue' parameters: - in: path name: projectsId @@ -13339,12 +13388,24 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/issueModels/{issueModelsId}:calculateIssueModelStats: - parameters: *ref_1 + - in: path + name: issueModelsId + required: true + schema: + type: string + - in: path + name: issuesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: Gets an issue model's statistics. - operationId: >- - contactcenterinsights.projects.locations.issueModels.calculateIssueModelStats + description: Gets an issue. + operationId: contactcenterinsights.projects.locations.issueModels.issues.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13356,8 +13417,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1CalculateIssueModelStatsResponse + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Issue' parameters: - in: path name: projectsId @@ -13374,11 +13434,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/issueModels/{issueModelsId}/issues/{issuesId}: + - in: path + name: issuesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/issueModels/{issueModelsId}/issues: parameters: *ref_1 get: - description: Gets an issue. - operationId: contactcenterinsights.projects.locations.issueModels.issues.get + description: Lists issues. + operationId: contactcenterinsights.projects.locations.issueModels.issues.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13390,7 +13455,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Issue' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ListIssuesResponse parameters: - in: path name: projectsId @@ -13407,14 +13473,9 @@ paths: required: true schema: type: string - - in: path - name: issuesId - required: true - schema: - type: string - patch: - description: Updates an issue. - operationId: contactcenterinsights.projects.locations.issueModels.issues.patch + post: + description: Creates an issue. + operationId: contactcenterinsights.projects.locations.issueModels.issues.create requestBody: content: application/json: @@ -13431,7 +13492,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Issue' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -13448,19 +13509,59 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/encryptionSpec:initialize: + parameters: *ref_1 + post: + description: >- + Initializes a location-level encryption key specification. An error will + result if the location has resources already created before the + initialization. After the encryption specification is initialized at a + location, it is immutable and all newly created resources under the + location will be encrypted with the existing specification. + operationId: contactcenterinsights.projects.locations.encryptionSpec.initialize + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1InitializeEncryptionSpecRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: - in: path - name: issuesId + name: projectsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: locationsId + required: true schema: type: string - format: google-fieldmask - delete: - description: Deletes an issue. - operationId: contactcenterinsights.projects.locations.issueModels.issues.delete + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: contactcenterinsights.projects.locations.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13485,20 +13586,18 @@ paths: schema: type: string - in: path - name: issueModelsId - required: true - schema: - type: string - - in: path - name: issuesId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/issueModels/{issueModelsId}/issues: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: - description: Lists issues. - operationId: contactcenterinsights.projects.locations.issueModels.issues.list + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: contactcenterinsights.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13510,8 +13609,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListIssuesResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -13524,18 +13622,17 @@ paths: schema: type: string - in: path - name: issueModelsId + name: operationsId required: true schema: type: string - post: - description: Creates an issue. - operationId: contactcenterinsights.projects.locations.issueModels.issues.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Issue' + /v1/projects/{projectsId}/locations/{locationsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: contactcenterinsights.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13547,7 +13644,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -13559,22 +13656,34 @@ paths: required: true schema: type: string - - in: path - name: issueModelsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/phraseMatchers: + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/conversations:bulkAnalyze: parameters: *ref_1 post: - description: Creates a phrase matcher. - operationId: contactcenterinsights.projects.locations.phraseMatchers.create + description: Analyzes multiple conversations in a single request. + operationId: contactcenterinsights.projects.locations.conversations.bulkAnalyze requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatcher + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13586,8 +13695,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatcher + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -13599,9 +13707,17 @@ paths: required: true schema: type: string - get: - description: Lists phrase matchers. - operationId: contactcenterinsights.projects.locations.phraseMatchers.list + /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}: + parameters: *ref_1 + patch: + description: Updates a conversation. + operationId: contactcenterinsights.projects.locations.conversations.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1Conversation security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13614,7 +13730,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListPhraseMatchersResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1Conversation parameters: - in: path name: projectsId @@ -13626,24 +13742,23 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: conversationsId + required: true schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: allowMissing schema: - type: string + type: boolean - in: query - name: filter + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/phraseMatchers/{phraseMatchersId}: - parameters: *ref_1 - get: - description: Gets a phrase matcher. - operationId: contactcenterinsights.projects.locations.phraseMatchers.get + format: google-fieldmask + delete: + description: Deletes a conversation. + operationId: contactcenterinsights.projects.locations.conversations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13655,8 +13770,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatcher + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -13669,13 +13783,17 @@ paths: schema: type: string - in: path - name: phraseMatchersId + name: conversationsId required: true schema: type: string - delete: - description: Deletes a phrase matcher. - operationId: contactcenterinsights.projects.locations.phraseMatchers.delete + - in: query + name: force + schema: + type: boolean + get: + description: Gets a conversation. + operationId: contactcenterinsights.projects.locations.conversations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13687,7 +13805,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1Conversation parameters: - in: path name: projectsId @@ -13700,19 +13819,27 @@ paths: schema: type: string - in: path - name: phraseMatchersId + name: conversationsId required: true schema: type: string - patch: - description: Updates a phrase matcher. - operationId: contactcenterinsights.projects.locations.phraseMatchers.patch + - in: query + name: view + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/conversations:ingest: + parameters: *ref_1 + post: + description: >- + Imports conversations and processes them according to the user's + configuration. + operationId: contactcenterinsights.projects.locations.conversations.ingest requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatcher + #/components/schemas/GoogleCloudContactcenterinsightsV1IngestConversationsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13724,8 +13851,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1PhraseMatcher + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -13737,27 +13863,20 @@ paths: required: true schema: type: string - - in: path - name: phraseMatchersId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/analysisRules: + /v1/projects/{projectsId}/locations/{locationsId}/conversations:upload: parameters: *ref_1 post: - description: Creates a analysis rule. - operationId: contactcenterinsights.projects.locations.analysisRules.create + description: >- + Create a long-running conversation upload operation. This method differs + from `CreateConversation` by allowing audio transcription and optional + DLP redaction. + operationId: contactcenterinsights.projects.locations.conversations.upload requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnalysisRule + #/components/schemas/GoogleCloudContactcenterinsightsV1UploadConversationRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13769,8 +13888,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnalysisRule + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -13782,9 +13900,11 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/conversations: + parameters: *ref_1 get: - description: Lists analysis rules. - operationId: contactcenterinsights.projects.locations.analysisRules.list + description: Lists conversations. + operationId: contactcenterinsights.projects.locations.conversations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13797,7 +13917,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListAnalysisRulesResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1ListConversationsResponse parameters: - in: path name: projectsId @@ -13815,52 +13935,32 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/analysisRules/{analysisRulesId}: - parameters: *ref_1 - get: - description: Get a analysis rule. - operationId: contactcenterinsights.projects.locations.analysisRules.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnalysisRule - parameters: - - in: path - name: projectsId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: view schema: type: string - - in: path - name: analysisRulesId - required: true + - in: query + name: filter schema: type: string - patch: - description: Updates a analysis rule. - operationId: contactcenterinsights.projects.locations.analysisRules.patch + post: + description: >- + Creates a conversation. Note that this method does not support audio + transcription or redaction. Use `conversations.upload` instead. + operationId: contactcenterinsights.projects.locations.conversations.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnalysisRule + #/components/schemas/GoogleCloudContactcenterinsightsV1Conversation security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13873,7 +13973,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AnalysisRule + #/components/schemas/GoogleCloudContactcenterinsightsV1Conversation parameters: - in: path name: projectsId @@ -13885,58 +13985,15 @@ paths: required: true schema: type: string - - in: path - name: analysisRulesId - required: true - schema: - type: string - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a analysis rule. - operationId: contactcenterinsights.projects.locations.analysisRules.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: analysisRulesId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/assessmentRules: - parameters: *ref_1 - post: - description: Creates an assessment rule. - operationId: contactcenterinsights.projects.locations.assessmentRules.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AssessmentRule + name: conversationId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/conversations:calculateStats: + parameters: *ref_1 + get: + description: Gets conversation statistics. + operationId: contactcenterinsights.projects.locations.conversations.calculateStats security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13949,7 +14006,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AssessmentRule + #/components/schemas/GoogleCloudContactcenterinsightsV1CalculateStatsResponse parameters: - in: path name: projectsId @@ -13962,12 +14019,22 @@ paths: schema: type: string - in: query - name: assessmentRuleId + name: filter schema: type: string - get: - description: Lists assessment rules. - operationId: contactcenterinsights.projects.locations.assessmentRules.list + /v1/projects/{projectsId}/locations/{locationsId}/conversations:sample: + parameters: *ref_1 + post: + description: >- + Samples conversations based on user configuration and handles the + sampled conversations for different use cases. + operationId: contactcenterinsights.projects.locations.conversations.sample + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1SampleConversationsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13979,8 +14046,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListAssessmentRulesResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -13992,20 +14058,17 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/assessmentRules/{assessmentRulesId}: + /v1/projects/{projectsId}/locations/{locationsId}/conversations:bulkDelete: parameters: *ref_1 - get: - description: Get an assessment rule. - operationId: contactcenterinsights.projects.locations.assessmentRules.get + post: + description: Deletes multiple conversations in a single request. + operationId: contactcenterinsights.projects.locations.conversations.bulkDelete + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDeleteConversationsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14017,8 +14080,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AssessmentRule + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -14030,20 +14092,18 @@ paths: required: true schema: type: string - - in: path - name: assessmentRulesId - required: true - schema: - type: string - patch: - description: Updates an assessment rule. - operationId: contactcenterinsights.projects.locations.assessmentRules.patch + /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/segments:bulkAnalyze: + parameters: *ref_1 + post: + description: Analyzes multiple conversations in a single request. + operationId: >- + contactcenterinsights.projects.locations.conversations.segments.bulkAnalyze requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AssessmentRule + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14055,8 +14115,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AssessmentRule + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -14069,18 +14128,16 @@ paths: schema: type: string - in: path - name: assessmentRulesId + name: conversationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/feedbackLabels/{feedbackLabelsId}: + parameters: *ref_1 delete: - description: Deletes an assessment rule. - operationId: contactcenterinsights.projects.locations.assessmentRules.delete + description: Delete feedback label. + operationId: >- + contactcenterinsights.projects.locations.conversations.feedbackLabels.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14105,26 +14162,19 @@ paths: schema: type: string - in: path - name: assessmentRulesId + name: conversationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/encryptionSpec:initialize: - parameters: *ref_1 - post: - description: >- - Initializes a location-level encryption key specification. An error will - result if the location has resources already created before the - initialization. After the encryption specification is initialized at a - location, it is immutable and all newly created resources under the - location will be encrypted with the existing specification. - operationId: contactcenterinsights.projects.locations.encryptionSpec.initialize - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1InitializeEncryptionSpecRequest + - in: path + name: feedbackLabelsId + required: true + schema: + type: string + get: + description: Get feedback label. + operationId: >- + contactcenterinsights.projects.locations.conversations.feedbackLabels.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14136,7 +14186,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel parameters: - in: path name: projectsId @@ -14148,16 +14199,26 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/views: - parameters: *ref_1 - post: - description: Creates a view. - operationId: contactcenterinsights.projects.locations.views.create + - in: path + name: conversationsId + required: true + schema: + type: string + - in: path + name: feedbackLabelsId + required: true + schema: + type: string + patch: + description: Update feedback label. + operationId: >- + contactcenterinsights.projects.locations.conversations.feedbackLabels.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1View' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14169,7 +14230,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1View' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel parameters: - in: path name: projectsId @@ -14181,9 +14243,27 @@ paths: required: true schema: type: string + - in: path + name: conversationsId + required: true + schema: + type: string + - in: path + name: feedbackLabelsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/feedbackLabels: + parameters: *ref_1 get: - description: Lists views. - operationId: contactcenterinsights.projects.locations.views.list + description: List feedback labels. + operationId: >- + contactcenterinsights.projects.locations.conversations.feedbackLabels.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14196,7 +14276,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListViewsResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1ListFeedbackLabelsResponse parameters: - in: path name: projectsId @@ -14208,20 +14288,34 @@ paths: required: true schema: type: string + - in: path + name: conversationsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/views/{viewsId}: - parameters: *ref_1 - get: - description: Gets a view. - operationId: contactcenterinsights.projects.locations.views.get + post: + description: Create feedback label. + operationId: >- + contactcenterinsights.projects.locations.conversations.feedbackLabels.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14233,7 +14327,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1View' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel parameters: - in: path name: projectsId @@ -14246,18 +14341,25 @@ paths: schema: type: string - in: path - name: viewsId + name: conversationsId required: true schema: type: string - patch: - description: Updates a view. - operationId: contactcenterinsights.projects.locations.views.patch + - in: query + name: feedbackLabelId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/assessments/{assessmentsId}/notes: + parameters: *ref_1 + post: + description: Create Note. + operationId: >- + contactcenterinsights.projects.locations.conversations.assessments.notes.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1View' + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14269,7 +14371,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1View' + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' parameters: - in: path name: projectsId @@ -14282,18 +14384,19 @@ paths: schema: type: string - in: path - name: viewsId + name: conversationsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: assessmentsId + required: true schema: type: string - format: google-fieldmask - delete: - description: Deletes a view. - operationId: contactcenterinsights.projects.locations.views.delete + get: + description: List Notes. + operationId: >- + contactcenterinsights.projects.locations.conversations.assessments.notes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14305,7 +14408,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ListNotesResponse parameters: - in: path name: projectsId @@ -14318,21 +14422,35 @@ paths: schema: type: string - in: path - name: viewsId + name: conversationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/qaQuestionTags: + - in: path + name: assessmentsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/assessments/{assessmentsId}/notes/{notesId}: parameters: *ref_1 - post: - description: Creates a QaQuestionTag. - operationId: contactcenterinsights.projects.locations.qaQuestionTags.create + patch: + description: Update Note. + operationId: >- + contactcenterinsights.projects.locations.conversations.assessments.notes.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionTag + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14344,8 +14462,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionTag + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' parameters: - in: path name: projectsId @@ -14357,46 +14474,30 @@ paths: required: true schema: type: string - - in: query - name: qaQuestionTagId + - in: path + name: conversationsId + required: true schema: type: string - get: - description: Lists the question tags. - operationId: contactcenterinsights.projects.locations.qaQuestionTags.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListQaQuestionTagsResponse - parameters: - in: path - name: projectsId + name: assessmentsId required: true schema: type: string - in: path - name: locationsId + name: notesId required: true schema: type: string - in: query - name: filter + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/qaQuestionTags/{qaQuestionTagsId}: - parameters: *ref_1 - get: - description: Gets a QaQuestionTag. - operationId: contactcenterinsights.projects.locations.qaQuestionTags.get + format: google-fieldmask + delete: + description: Deletes a Note. + operationId: >- + contactcenterinsights.projects.locations.conversations.assessments.notes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14408,8 +14509,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionTag + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -14422,19 +14522,32 @@ paths: schema: type: string - in: path - name: qaQuestionTagsId + name: conversationsId required: true schema: type: string - patch: - description: Updates a QaQuestionTag. - operationId: contactcenterinsights.projects.locations.qaQuestionTags.patch + - in: path + name: assessmentsId + required: true + schema: + type: string + - in: path + name: notesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/assessments/{assessmentsId}:publish: + parameters: *ref_1 + post: + description: Publish an Assessment. + operationId: >- + contactcenterinsights.projects.locations.conversations.assessments.publish requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionTag + #/components/schemas/GoogleCloudContactcenterinsightsV1PublishAssessmentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14446,7 +14559,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment parameters: - in: path name: projectsId @@ -14459,18 +14573,21 @@ paths: schema: type: string - in: path - name: qaQuestionTagsId + name: conversationsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: assessmentsId + required: true schema: type: string - format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/assessments/{assessmentsId}: + parameters: *ref_1 delete: - description: Deletes a QaQuestionTag. - operationId: contactcenterinsights.projects.locations.qaQuestionTags.delete + description: Delete an Assessment. + operationId: >- + contactcenterinsights.projects.locations.conversations.assessments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14482,7 +14599,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -14495,21 +14612,22 @@ paths: schema: type: string - in: path - name: qaQuestionTagsId + name: conversationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/qaScorecards: - parameters: *ref_1 - post: - description: Create a QaScorecard. - operationId: contactcenterinsights.projects.locations.qaScorecards.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecard + - in: path + name: assessmentsId + required: true + schema: + type: string + - in: query + name: force + schema: + type: boolean + get: + description: Get Assessment. + operationId: contactcenterinsights.projects.locations.conversations.assessments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14522,7 +14640,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecard + #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment parameters: - in: path name: projectsId @@ -14534,13 +14652,28 @@ paths: required: true schema: type: string - - in: query - name: qaScorecardId + - in: path + name: conversationsId + required: true schema: type: string - get: - description: Lists QaScorecards. - operationId: contactcenterinsights.projects.locations.qaScorecards.list + - in: path + name: assessmentsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/assessments/{assessmentsId}:finalize: + parameters: *ref_1 + post: + description: Finalize an Assessment. + operationId: >- + contactcenterinsights.projects.locations.conversations.assessments.finalize + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1FinalizeAssessmentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14553,7 +14686,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListQaScorecardsResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment parameters: - in: path name: projectsId @@ -14565,24 +14698,28 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: conversationsId + required: true schema: type: string - - in: query - name: qaScorecardSources + - in: path + name: assessmentsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/qaScorecards/{qaScorecardsId}: + /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/assessments/{assessmentsId}:appeal: parameters: *ref_1 - get: - description: Gets a QaScorecard. - operationId: contactcenterinsights.projects.locations.qaScorecards.get + post: + description: Appeal an Assessment. + operationId: >- + contactcenterinsights.projects.locations.conversations.assessments.appeal + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AppealAssessmentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14595,7 +14732,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecard + #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment parameters: - in: path name: projectsId @@ -14608,19 +14745,27 @@ paths: schema: type: string - in: path - name: qaScorecardsId + name: conversationsId required: true schema: type: string - patch: - description: Updates a QaScorecard. - operationId: contactcenterinsights.projects.locations.qaScorecards.patch + - in: path + name: assessmentsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/assessments: + parameters: *ref_1 + post: + description: Create Assessment. + operationId: >- + contactcenterinsights.projects.locations.conversations.assessments.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecard + #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14633,7 +14778,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecard + #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment parameters: - in: path name: projectsId @@ -14646,18 +14791,13 @@ paths: schema: type: string - in: path - name: qaScorecardsId + name: conversationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a QaScorecard. - operationId: contactcenterinsights.projects.locations.qaScorecards.delete + get: + description: List Assessments. + operationId: contactcenterinsights.projects.locations.conversations.assessments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14669,7 +14809,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ListAssessmentsResponse parameters: - in: path name: projectsId @@ -14682,25 +14823,28 @@ paths: schema: type: string - in: path - name: qaScorecardsId + name: conversationsId required: true schema: type: string - in: query - name: force + name: pageSize schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/qaScorecards/{qaScorecardsId}/revisions: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/analyses/{analysesId}: parameters: *ref_1 - post: - description: Creates a QaScorecardRevision. - operationId: contactcenterinsights.projects.locations.qaScorecards.revisions.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardRevision + delete: + description: Deletes an analysis. + operationId: contactcenterinsights.projects.locations.conversations.analyses.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14712,8 +14856,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardRevision + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -14726,17 +14869,18 @@ paths: schema: type: string - in: path - name: qaScorecardsId + name: conversationsId required: true schema: type: string - - in: query - name: qaScorecardRevisionId + - in: path + name: analysesId + required: true schema: type: string get: - description: Lists all revisions under the parent QaScorecard. - operationId: contactcenterinsights.projects.locations.qaScorecards.revisions.list + description: Gets an analysis. + operationId: contactcenterinsights.projects.locations.conversations.analyses.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14749,7 +14893,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListQaScorecardRevisionsResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1Analysis parameters: - in: path name: projectsId @@ -14762,32 +14906,27 @@ paths: schema: type: string - in: path - name: qaScorecardsId + name: conversationsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: qaScorecardSources + - in: path + name: analysesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/qaScorecards/{qaScorecardsId}/revisions/{revisionsId}: + /v1/projects/{projectsId}/locations/{locationsId}/conversations/{conversationsId}/analyses: parameters: *ref_1 - get: - description: Gets a QaScorecardRevision. - operationId: contactcenterinsights.projects.locations.qaScorecards.revisions.get + post: + description: >- + Creates an analysis. The long running operation is done when the + analysis has completed. + operationId: contactcenterinsights.projects.locations.conversations.analyses.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Analysis' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14799,8 +14938,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardRevision + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -14813,18 +14951,13 @@ paths: schema: type: string - in: path - name: qaScorecardsId - required: true - schema: - type: string - - in: path - name: revisionsId + name: conversationsId required: true schema: type: string - delete: - description: Deletes a QaScorecardRevision. - operationId: contactcenterinsights.projects.locations.qaScorecards.revisions.delete + get: + description: Lists analyses. + operationId: contactcenterinsights.projects.locations.conversations.analyses.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14836,7 +14969,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ListAnalysesResponse parameters: - in: path name: projectsId @@ -14849,31 +14983,34 @@ paths: schema: type: string - in: path - name: qaScorecardsId + name: conversationsId required: true schema: type: string - - in: path - name: revisionsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - in: query - name: force + name: pageToken schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/qaScorecards/{qaScorecardsId}/revisions/{revisionsId}:tuneQaScorecardRevision: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/insightsdata:export: parameters: *ref_1 post: - description: Fine tune one or more QaModels. - operationId: >- - contactcenterinsights.projects.locations.qaScorecards.revisions.tuneQaScorecardRevision + description: Export insights data to a destination defined in the request body. + operationId: contactcenterinsights.projects.locations.insightsdata.export requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1TuneQaScorecardRevisionRequest + #/components/schemas/GoogleCloudContactcenterinsightsV1ExportInsightsDataRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14897,27 +15034,17 @@ paths: required: true schema: type: string - - in: path - name: qaScorecardsId - required: true - schema: - type: string - - in: path - name: revisionsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/qaScorecards/{qaScorecardsId}/revisions/{revisionsId}:deploy: + /v1/projects/{projectsId}/locations/{locationsId}/assessmentRules/{assessmentRulesId}: parameters: *ref_1 - post: - description: Deploy a QaScorecardRevision. - operationId: contactcenterinsights.projects.locations.qaScorecards.revisions.deploy + patch: + description: Updates an assessment rule. + operationId: contactcenterinsights.projects.locations.assessmentRules.patch requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1DeployQaScorecardRevisionRequest + #/components/schemas/GoogleCloudContactcenterinsightsV1AssessmentRule security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14930,7 +15057,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardRevision + #/components/schemas/GoogleCloudContactcenterinsightsV1AssessmentRule parameters: - in: path name: projectsId @@ -14943,26 +15070,18 @@ paths: schema: type: string - in: path - name: qaScorecardsId + name: assessmentRulesId required: true schema: type: string - - in: path - name: revisionsId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/qaScorecards/{qaScorecardsId}/revisions/{revisionsId}:undeploy: - parameters: *ref_1 - post: - description: Undeploy a QaScorecardRevision. - operationId: contactcenterinsights.projects.locations.qaScorecards.revisions.undeploy - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1UndeployQaScorecardRevisionRequest + format: google-fieldmask + delete: + description: Deletes an assessment rule. + operationId: contactcenterinsights.projects.locations.assessmentRules.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14974,8 +15093,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardRevision + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -14988,27 +15106,53 @@ paths: schema: type: string - in: path - name: qaScorecardsId + name: assessmentRulesId + required: true + schema: + type: string + get: + description: Get an assessment rule. + operationId: contactcenterinsights.projects.locations.assessmentRules.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AssessmentRule + parameters: + - in: path + name: projectsId required: true schema: type: string - in: path - name: revisionsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/qaScorecards/{qaScorecardsId}/revisions/{revisionsId}/qaQuestions: + - in: path + name: assessmentRulesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/assessmentRules: parameters: *ref_1 post: - description: Create a QaQuestion. - operationId: >- - contactcenterinsights.projects.locations.qaScorecards.revisions.qaQuestions.create + description: Creates an assessment rule. + operationId: contactcenterinsights.projects.locations.assessmentRules.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestion + #/components/schemas/GoogleCloudContactcenterinsightsV1AssessmentRule security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15021,7 +15165,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestion + #/components/schemas/GoogleCloudContactcenterinsightsV1AssessmentRule parameters: - in: path name: projectsId @@ -15033,24 +15177,13 @@ paths: required: true schema: type: string - - in: path - name: qaScorecardsId - required: true - schema: - type: string - - in: path - name: revisionsId - required: true - schema: - type: string - in: query - name: qaQuestionId + name: assessmentRuleId schema: type: string get: - description: Lists QaQuestions. - operationId: >- - contactcenterinsights.projects.locations.qaScorecards.revisions.qaQuestions.list + description: Lists assessment rules. + operationId: contactcenterinsights.projects.locations.assessmentRules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15063,7 +15196,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListQaQuestionsResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1ListAssessmentRulesResponse parameters: - in: path name: projectsId @@ -15075,16 +15208,6 @@ paths: required: true schema: type: string - - in: path - name: qaScorecardsId - required: true - schema: - type: string - - in: path - name: revisionsId - required: true - schema: - type: string - in: query name: pageSize schema: @@ -15096,10 +15219,16 @@ paths: type: string /v1/projects/{projectsId}/locations/{locationsId}/qaScorecards/{qaScorecardsId}/revisions/{revisionsId}/qaQuestions/{qaQuestionsId}: parameters: *ref_1 - get: - description: Gets a QaQuestion. + patch: + description: Updates a QaQuestion. operationId: >- - contactcenterinsights.projects.locations.qaScorecards.revisions.qaQuestions.get + contactcenterinsights.projects.locations.qaScorecards.revisions.qaQuestions.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestion security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15139,16 +15268,15 @@ paths: required: true schema: type: string - patch: - description: Updates a QaQuestion. + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets a QaQuestion. operationId: >- - contactcenterinsights.projects.locations.qaScorecards.revisions.qaQuestions.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestion + contactcenterinsights.projects.locations.qaScorecards.revisions.qaQuestions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15188,11 +15316,6 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask delete: description: Deletes a QaQuestion. operationId: >- @@ -15235,17 +15358,18 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets: + /v1/projects/{projectsId}/locations/{locationsId}/qaScorecards/{qaScorecardsId}/revisions/{revisionsId}/qaQuestions: parameters: *ref_1 post: - description: Create AuthorizedViewSet - operationId: contactcenterinsights.projects.locations.authorizedViewSets.create + description: Create a QaQuestion. + operationId: >- + contactcenterinsights.projects.locations.qaScorecards.revisions.qaQuestions.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedViewSet + #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestion security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15258,7 +15382,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedViewSet + #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestion parameters: - in: path name: projectsId @@ -15270,13 +15394,24 @@ paths: required: true schema: type: string + - in: path + name: qaScorecardsId + required: true + schema: + type: string + - in: path + name: revisionsId + required: true + schema: + type: string - in: query - name: authorizedViewSetId + name: qaQuestionId schema: type: string get: - description: List AuthorizedViewSets - operationId: contactcenterinsights.projects.locations.authorizedViewSets.list + description: Lists QaQuestions. + operationId: >- + contactcenterinsights.projects.locations.qaScorecards.revisions.qaQuestions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15289,7 +15424,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListAuthorizedViewSetsResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1ListQaQuestionsResponse parameters: - in: path name: projectsId @@ -15301,6 +15436,16 @@ paths: required: true schema: type: string + - in: path + name: qaScorecardsId + required: true + schema: + type: string + - in: path + name: revisionsId + required: true + schema: + type: string - in: query name: pageSize schema: @@ -15310,19 +15455,17 @@ paths: name: pageToken schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}: + /v1/projects/{projectsId}/locations/{locationsId}/qaScorecards/{qaScorecardsId}/revisions/{revisionsId}:deploy: parameters: *ref_1 - get: - description: Get AuthorizedViewSet - operationId: contactcenterinsights.projects.locations.authorizedViewSets.get + post: + description: Deploy a QaScorecardRevision. + operationId: contactcenterinsights.projects.locations.qaScorecards.revisions.deploy + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1DeployQaScorecardRevisionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15335,7 +15478,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedViewSet + #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardRevision parameters: - in: path name: projectsId @@ -15348,19 +15491,20 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId + name: qaScorecardsId required: true schema: type: string - patch: - description: Updates an AuthorizedViewSet. - operationId: contactcenterinsights.projects.locations.authorizedViewSets.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedViewSet + - in: path + name: revisionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/qaScorecards/{qaScorecardsId}/revisions/{revisionsId}: + parameters: *ref_1 + get: + description: Gets a QaScorecardRevision. + operationId: contactcenterinsights.projects.locations.qaScorecards.revisions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15373,7 +15517,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedViewSet + #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardRevision parameters: - in: path name: projectsId @@ -15386,18 +15530,18 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId + name: qaScorecardsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: revisionsId + required: true schema: type: string - format: google-fieldmask delete: - description: Deletes an AuthorizedViewSet. - operationId: contactcenterinsights.projects.locations.authorizedViewSets.delete + description: Deletes a QaScorecardRevision. + operationId: contactcenterinsights.projects.locations.qaScorecards.revisions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15422,7 +15566,12 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId + name: qaScorecardsId + required: true + schema: + type: string + - in: path + name: revisionsId required: true schema: type: string @@ -15430,18 +15579,11 @@ paths: name: force schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}:queryMetrics: + /v1/projects/{projectsId}/locations/{locationsId}/qaScorecards/{qaScorecardsId}/revisions: parameters: *ref_1 - post: - description: Query metrics. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.queryMetrics - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QueryMetricsRequest + get: + description: Lists all revisions under the parent QaScorecard. + operationId: contactcenterinsights.projects.locations.qaScorecards.revisions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15453,7 +15595,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ListQaScorecardRevisionsResponse parameters: - in: path name: projectsId @@ -15466,32 +15609,36 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId + name: qaScorecardsId required: true schema: type: string - - in: path - name: authorizedViewsId - required: true + - in: query + name: qaScorecardSources schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}:queryPerformanceOverview: - parameters: *ref_1 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 post: - description: >- - Generates a summary of predefined performance metrics for a set of - conversations. Conversations can be specified by specifying a time - window and an agent id, for now. The summary includes a comparison of - metrics computed for conversations in the previous time period, and also - a comparison with peers in the same time period. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.queryPerformanceOverview + description: Creates a QaScorecardRevision. + operationId: contactcenterinsights.projects.locations.qaScorecards.revisions.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1QueryPerformanceOverviewRequest + #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardRevision security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15503,7 +15650,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardRevision parameters: - in: path name: projectsId @@ -15516,27 +15664,25 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId + name: qaScorecardsId required: true schema: type: string - - in: path - name: authorizedViewsId - required: true + - in: query + name: qaScorecardRevisionId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews: + /v1/projects/{projectsId}/locations/{locationsId}/qaScorecards/{qaScorecardsId}/revisions/{revisionsId}:undeploy: parameters: *ref_1 post: - description: Create AuthorizedView - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.create + description: Undeploy a QaScorecardRevision. + operationId: contactcenterinsights.projects.locations.qaScorecards.revisions.undeploy requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedView + #/components/schemas/GoogleCloudContactcenterinsightsV1UndeployQaScorecardRevisionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15549,7 +15695,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedView + #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecardRevision parameters: - in: path name: projectsId @@ -15562,18 +15708,27 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId + name: qaScorecardsId required: true schema: type: string - - in: query - name: authorizedViewId + - in: path + name: revisionsId + required: true schema: type: string - get: - description: List AuthorizedViewSets + /v1/projects/{projectsId}/locations/{locationsId}/qaScorecards/{qaScorecardsId}/revisions/{revisionsId}:tuneQaScorecardRevision: + parameters: *ref_1 + post: + description: Fine tune one or more QaModels. operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.list + contactcenterinsights.projects.locations.qaScorecards.revisions.tuneQaScorecardRevision + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1TuneQaScorecardRevisionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15585,8 +15740,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListAuthorizedViewsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -15599,33 +15753,26 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId + name: qaScorecardsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: revisionsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}: + /v1/projects/{projectsId}/locations/{locationsId}/qaScorecards/{qaScorecardsId}: parameters: *ref_1 - get: - description: Get AuthorizedView - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.get + patch: + description: Updates a QaScorecard. + operationId: contactcenterinsights.projects.locations.qaScorecards.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecard security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15638,7 +15785,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedView + #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecard parameters: - in: path name: projectsId @@ -15651,25 +15798,18 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId + name: qaScorecardsId required: true schema: type: string - - in: path - name: authorizedViewsId - required: true + - in: query + name: updateMask schema: type: string - patch: - description: Updates an AuthorizedView. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedView + format: google-fieldmask + get: + description: Gets a QaScorecard. + operationId: contactcenterinsights.projects.locations.qaScorecards.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15682,7 +15822,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AuthorizedView + #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecard parameters: - in: path name: projectsId @@ -15695,24 +15835,13 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId + name: qaScorecardsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes an AuthorizedView. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.delete + delete: + description: Deletes a QaScorecard. + operationId: contactcenterinsights.projects.locations.qaScorecards.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15737,21 +15866,19 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId + name: qaScorecardsId required: true schema: type: string - - in: path - name: authorizedViewsId - required: true + - in: query + name: force schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews:search: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/qaScorecards: parameters: *ref_1 get: - description: SearchAuthorizedViewSets - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.search + description: Lists QaScorecards. + operationId: contactcenterinsights.projects.locations.qaScorecards.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15764,7 +15891,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1SearchAuthorizedViewsResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1ListQaScorecardsResponse parameters: - in: path name: projectsId @@ -15776,9 +15903,8 @@ paths: required: true schema: type: string - - in: path - name: authorizedViewSetsId - required: true + - in: query + name: pageToken schema: type: string - in: query @@ -15787,31 +15913,18 @@ paths: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - - in: query - name: query - schema: - type: string - - in: query - name: orderBy + name: qaScorecardSources schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}:setIamPolicy: - parameters: *ref_1 post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.setIamPolicy + description: Create a QaScorecard. + operationId: contactcenterinsights.projects.locations.qaScorecards.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecard security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15823,7 +15936,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaScorecard parameters: - in: path name: projectsId @@ -15835,24 +15949,15 @@ paths: required: true schema: type: string - - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId - required: true + - in: query + name: qaScorecardId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/analysisRules: parameters: *ref_1 get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.getIamPolicy + description: Lists analysis rules. + operationId: contactcenterinsights.projects.locations.analysisRules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15864,7 +15969,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ListAnalysisRulesResponse parameters: - in: path name: projectsId @@ -15876,37 +15982,24 @@ paths: required: true schema: type: string - - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId - required: true - schema: - type: string - in: query - name: options.requestedPolicyVersion + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}:testIamPermissions: - parameters: *ref_1 + - in: query + name: pageToken + schema: + type: string post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.testIamPermissions + description: Creates a analysis rule. + operationId: contactcenterinsights.projects.locations.analysisRules.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AnalysisRule security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15918,7 +16011,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AnalysisRule parameters: - in: path name: projectsId @@ -15930,24 +16024,11 @@ paths: required: true schema: type: string - - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/analysisRules/{analysisRulesId}: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.operations.list + delete: + description: Deletes a analysis rule. + operationId: contactcenterinsights.projects.locations.analysisRules.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15959,7 +16040,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -15972,37 +16053,19 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId + name: analysisRulesId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/operations/{operationsId}: - parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.operations.get + patch: + description: Updates a analysis rule. + operationId: contactcenterinsights.projects.locations.analysisRules.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AnalysisRule security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16014,7 +16077,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AnalysisRule parameters: - in: path name: projectsId @@ -16027,35 +16091,18 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId + name: analysisRulesId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.operations.cancel + format: google-fieldmask + get: + description: Get a analysis rule. + operationId: contactcenterinsights.projects.locations.analysisRules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16067,7 +16114,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1AnalysisRule parameters: - in: path name: projectsId @@ -16080,26 +16128,21 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId - required: true - schema: - type: string - - in: path - name: operationsId + name: analysisRulesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/qaQuestionTags/{qaQuestionTagsId}: parameters: *ref_1 - get: - description: Gets a conversation. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.get + patch: + description: Updates a QaQuestionTag. + operationId: contactcenterinsights.projects.locations.qaQuestionTags.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionTag security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16111,8 +16154,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Conversation + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -16125,28 +16167,18 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId - required: true - schema: - type: string - - in: path - name: conversationsId + name: qaQuestionTagsId required: true schema: type: string - in: query - name: view + name: updateMask schema: type: string - delete: - description: Deletes a conversation. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.delete + format: google-fieldmask + get: + description: Gets a QaQuestionTag. + operationId: contactcenterinsights.projects.locations.qaQuestionTags.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16158,7 +16190,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionTag parameters: - in: path name: projectsId @@ -16171,30 +16204,13 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId - required: true - schema: - type: string - - in: path - name: conversationsId + name: qaQuestionTagsId required: true schema: type: string - - in: query - name: force - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations: - parameters: *ref_1 - get: - description: Lists conversations. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.list + delete: + description: Deletes a QaQuestionTag. + operationId: contactcenterinsights.projects.locations.qaQuestionTags.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16206,8 +16222,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListConversationsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -16220,48 +16235,21 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId + name: qaQuestionTagsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: view - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations:bulkAnalyze: + /v1/projects/{projectsId}/locations/{locationsId}/qaQuestionTags: parameters: *ref_1 post: - description: Analyzes multiple conversations in a single request. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.bulkAnalyze + description: Creates a QaQuestionTag. + operationId: contactcenterinsights.projects.locations.qaQuestionTags.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1BulkAnalyzeConversationsRequest + #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionTag security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16273,7 +16261,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1QaQuestionTag parameters: - in: path name: projectsId @@ -16285,22 +16274,13 @@ paths: required: true schema: type: string - - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId - required: true + - in: query + name: qaQuestionTagId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations:calculateStats: - parameters: *ref_1 get: - description: Gets conversation statistics. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.calculateStats + description: Lists the question tags. + operationId: contactcenterinsights.projects.locations.qaQuestionTags.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16313,7 +16293,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1CalculateStatsResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1ListQaQuestionTagsResponse parameters: - in: path name: projectsId @@ -16325,33 +16305,21 @@ paths: required: true schema: type: string - - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId - required: true - schema: - type: string - in: query name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/analyses: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/insightsdata:export: parameters: *ref_1 post: - description: >- - Creates an analysis. The long running operation is done when the - analysis has completed. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.analyses.create + description: Export insights data to a destination defined in the request body. + operationId: contactcenterinsights.projects.locations.datasets.insightsdata.export requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Analysis' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ExportInsightsDataRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16376,24 +16344,56 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId + name: datasetsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations:ingest: + parameters: *ref_1 + post: + description: >- + Imports conversations and processes them according to the user's + configuration. + operationId: contactcenterinsights.projects.locations.datasets.conversations.ingest + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1IngestConversationsRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId required: true schema: type: string - in: path - name: authorizedViewsId + name: locationsId required: true schema: type: string - in: path - name: conversationsId + name: datasetsId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations/{conversationsId}: + parameters: *ref_1 get: - description: Lists analyses. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.analyses.list + description: Gets a conversation. + operationId: contactcenterinsights.projects.locations.datasets.conversations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16406,7 +16406,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListAnalysesResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1Conversation parameters: - in: path name: projectsId @@ -16419,12 +16419,7 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId + name: datasetsId required: true schema: type: string @@ -16434,24 +16429,12 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: view schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/analyses/{analysesId}: - parameters: *ref_1 - get: - description: Gets an analysis. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.analyses.get + delete: + description: Deletes a conversation. + operationId: contactcenterinsights.projects.locations.datasets.conversations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16463,8 +16446,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Analysis + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -16477,12 +16459,7 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId + name: datasetsId required: true schema: type: string @@ -16491,15 +16468,22 @@ paths: required: true schema: type: string - - in: path - name: analysesId - required: true + - in: query + name: force schema: - type: string - delete: - description: Deletes an analysis. + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations:calculateStats: + parameters: *ref_1 + post: + description: Gets conversation statistics. operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.analyses.delete + contactcenterinsights.projects.locations.datasets.conversations.calculateStats + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1CalculateStatsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16511,7 +16495,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1CalculateStatsResponse parameters: - in: path name: projectsId @@ -16524,37 +16509,63 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId + name: datasetsId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations:bulkDelete: + parameters: *ref_1 + post: + description: Deletes multiple conversations in a single request. + operationId: >- + contactcenterinsights.projects.locations.datasets.conversations.bulkDelete + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDeleteConversationsRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: - in: path - name: authorizedViewsId + name: projectsId required: true schema: type: string - in: path - name: conversationsId + name: locationsId required: true schema: type: string - in: path - name: analysesId + name: datasetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/feedbackLabels: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations:sample: parameters: *ref_1 post: - description: Create feedback label. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.feedbackLabels.create + description: >- + Samples conversations based on user configuration and handles the + sampled conversations for different use cases. + operationId: contactcenterinsights.projects.locations.datasets.conversations.sample requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel + #/components/schemas/GoogleCloudContactcenterinsightsV1SampleConversationsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16566,8 +16577,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -16580,28 +16590,15 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId - required: true - schema: - type: string - - in: path - name: conversationsId + name: datasetsId required: true schema: type: string - - in: query - name: feedbackLabelId - schema: - type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations: + parameters: *ref_1 get: - description: List feedback labels. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.feedbackLabels.list + description: Lists conversations. + operationId: contactcenterinsights.projects.locations.datasets.conversations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16614,7 +16611,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListFeedbackLabelsResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1ListConversationsResponse parameters: - in: path name: projectsId @@ -16627,22 +16624,16 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId + name: datasetsId required: true schema: type: string - - in: path - name: conversationsId - required: true + - in: query + name: filter schema: type: string - in: query - name: filter + name: pageToken schema: type: string - in: query @@ -16651,15 +16642,19 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: view schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/feedbackLabels/{feedbackLabelsId}: + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations/{conversationsId}/feedbackLabels/{feedbackLabelsId}: parameters: *ref_1 get: description: Get feedback label. operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.feedbackLabels.get + contactcenterinsights.projects.locations.datasets.conversations.feedbackLabels.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16685,12 +16680,7 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId + name: datasetsId required: true schema: type: string @@ -16707,7 +16697,7 @@ paths: patch: description: Update feedback label. operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.feedbackLabels.patch + contactcenterinsights.projects.locations.datasets.conversations.feedbackLabels.patch requestBody: content: application/json: @@ -16739,12 +16729,7 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId + name: datasetsId required: true schema: type: string @@ -16766,7 +16751,7 @@ paths: delete: description: Delete feedback label. operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.feedbackLabels.delete + contactcenterinsights.projects.locations.datasets.conversations.feedbackLabels.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16791,12 +16776,7 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId + name: datasetsId required: true schema: type: string @@ -16810,18 +16790,12 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/assessments: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/conversations/{conversationsId}/feedbackLabels: parameters: *ref_1 - post: - description: Create Assessment. + get: + description: List feedback labels. operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment + contactcenterinsights.projects.locations.datasets.conversations.feedbackLabels.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16834,7 +16808,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment + #/components/schemas/GoogleCloudContactcenterinsightsV1ListFeedbackLabelsResponse parameters: - in: path name: projectsId @@ -16847,24 +16821,38 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId + name: datasetsId required: true schema: type: string - in: path - name: authorizedViewsId + name: conversationsId required: true schema: type: string - - in: path - name: conversationsId - required: true + - in: query + name: pageToken schema: type: string - get: - description: List Assessments. + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + post: + description: Create feedback label. operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.list + contactcenterinsights.projects.locations.datasets.conversations.feedbackLabels.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16877,7 +16865,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListAssessmentsResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1FeedbackLabel parameters: - in: path name: projectsId @@ -16890,12 +16878,7 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId + name: datasetsId required: true schema: type: string @@ -16905,24 +16888,23 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: feedbackLabelId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/assessments/{assessmentsId}: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:bulkUploadFeedbackLabels: parameters: *ref_1 - get: - description: Get Assessment. + post: + description: >- + Upload feedback labels from an external source in bulk. Currently + supports labeling Quality AI example conversations. operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.get + contactcenterinsights.projects.locations.datasets.bulkUploadFeedbackLabels + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkUploadFeedbackLabelsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16934,8 +16916,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -16948,29 +16929,20 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId - required: true - schema: - type: string - - in: path - name: conversationsId - required: true - schema: - type: string - - in: path - name: assessmentsId + name: datasetsId required: true schema: type: string - delete: - description: Delete an Assessment. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.delete + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}: + parameters: *ref_1 + patch: + description: Updates a dataset. + operationId: contactcenterinsights.projects.locations.datasets.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dataset' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16982,7 +16954,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dataset' parameters: - in: path name: projectsId @@ -16995,41 +16967,18 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId - required: true - schema: - type: string - - in: path - name: conversationsId - required: true - schema: - type: string - - in: path - name: assessmentsId + name: datasetsId required: true schema: type: string - in: query - name: force + name: updateMask schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/assessments/{assessmentsId}:publish: - parameters: *ref_1 - post: - description: Publish an Assessment. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.publish - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1PublishAssessmentRequest + type: string + format: google-fieldmask + delete: + description: Delete a dataset. + operationId: contactcenterinsights.projects.locations.datasets.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17041,8 +16990,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -17055,37 +17003,53 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId + name: datasetsId required: true schema: type: string + get: + description: Gets a dataset. + operationId: contactcenterinsights.projects.locations.datasets.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dataset' + parameters: - in: path - name: authorizedViewsId + name: projectsId required: true schema: type: string - in: path - name: conversationsId + name: locationsId required: true schema: type: string - in: path - name: assessmentsId + name: datasetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/assessments/{assessmentsId}:appeal: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:bulkDeleteFeedbackLabels: parameters: *ref_1 post: - description: Appeal an Assessment. + description: Delete feedback labels in bulk using a filter. operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.appeal + contactcenterinsights.projects.locations.datasets.bulkDeleteFeedbackLabels requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1AppealAssessmentRequest + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDeleteFeedbackLabelsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17097,8 +17061,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -17111,37 +17074,20 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId - required: true - schema: - type: string - - in: path - name: conversationsId - required: true - schema: - type: string - - in: path - name: assessmentsId + name: datasetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/assessments/{assessmentsId}:finalize: + /v1/projects/{projectsId}/locations/{locationsId}/datasets: parameters: *ref_1 post: - description: Finalize an Assessment. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.finalize + description: Creates a dataset. + operationId: contactcenterinsights.projects.locations.datasets.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1FinalizeAssessmentRequest + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dataset' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17153,8 +17099,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1Assessment + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Dataset' parameters: - in: path name: projectsId @@ -17166,37 +17111,65 @@ paths: required: true schema: type: string - - in: path - name: authorizedViewSetsId - required: true + - in: query + name: datasetId schema: type: string + get: + description: List datasets matching the input. + operationId: contactcenterinsights.projects.locations.datasets.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ListDatasetsResponse + parameters: - in: path - name: authorizedViewsId + name: projectsId required: true schema: type: string - in: path - name: conversationsId + name: locationsId required: true schema: type: string - - in: path - name: assessmentsId - required: true + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/assessments/{assessmentsId}/notes: + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:bulkDownloadFeedbackLabels: parameters: *ref_1 post: - description: Create Note. + description: >- + Download feedback labels in bulk from an external source. Currently + supports exporting Quality AI example conversations with transcripts and + question bodies. operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.notes.create + contactcenterinsights.projects.locations.datasets.bulkDownloadFeedbackLabels requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1BulkDownloadFeedbackLabelsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17208,7 +17181,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -17221,29 +17194,15 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId - required: true - schema: - type: string - - in: path - name: conversationsId - required: true - schema: - type: string - - in: path - name: assessmentsId + name: datasetsId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:listAllFeedbackLabels: + parameters: *ref_1 get: - description: List Notes. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.notes.list + description: List all feedback labels by project number. + operationId: contactcenterinsights.projects.locations.datasets.listAllFeedbackLabels security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17256,7 +17215,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContactcenterinsightsV1ListNotesResponse + #/components/schemas/GoogleCloudContactcenterinsightsV1ListAllFeedbackLabelsResponse parameters: - in: path name: projectsId @@ -17269,23 +17228,12 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId - required: true - schema: - type: string - - in: path - name: authorizedViewsId - required: true - schema: - type: string - - in: path - name: conversationsId + name: datasetsId required: true schema: type: string - - in: path - name: assessmentsId - required: true + - in: query + name: filter schema: type: string - in: query @@ -17297,17 +17245,16 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizedViewSets/{authorizedViewSetsId}/authorizedViews/{authorizedViewsId}/conversations/{conversationsId}/assessments/{assessmentsId}/notes/{notesId}: + /v1/projects/{projectsId}/locations/{locationsId}/views/{viewsId}: parameters: *ref_1 patch: - description: Update Note. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.notes.patch + description: Updates a view. + operationId: contactcenterinsights.projects.locations.views.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1View' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17319,7 +17266,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1Note' + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1View' parameters: - in: path name: projectsId @@ -17332,39 +17279,49 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId + name: viewsId required: true schema: type: string - - in: path - name: authorizedViewsId - required: true + - in: query + name: updateMask schema: type: string + format: google-fieldmask + delete: + description: Deletes a view. + operationId: contactcenterinsights.projects.locations.views.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: - in: path - name: conversationsId + name: projectsId required: true schema: type: string - in: path - name: assessmentsId + name: locationsId required: true schema: type: string - in: path - name: notesId + name: viewsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a Note. - operationId: >- - contactcenterinsights.projects.locations.authorizedViewSets.authorizedViews.conversations.assessments.notes.delete + get: + description: Gets a view. + operationId: contactcenterinsights.projects.locations.views.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17376,7 +17333,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1View' parameters: - in: path name: projectsId @@ -17389,27 +17346,76 @@ paths: schema: type: string - in: path - name: authorizedViewSetsId + name: viewsId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/views: + parameters: *ref_1 + post: + description: Creates a view. + operationId: contactcenterinsights.projects.locations.views.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1View' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudContactcenterinsightsV1View' + parameters: - in: path - name: authorizedViewsId + name: projectsId required: true schema: type: string - in: path - name: conversationsId + name: locationsId required: true schema: type: string + get: + description: Lists views. + operationId: contactcenterinsights.projects.locations.views.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContactcenterinsightsV1ListViewsResponse + parameters: - in: path - name: assessmentsId + name: projectsId required: true schema: type: string - in: path - name: notesId + name: locationsId required: true schema: type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 diff --git a/providers/src/googleapis.com/v00.00.00000/services/container.yaml b/providers/src/googleapis.com/v00.00.00000/services/container.yaml index 3e0107b0..d4388ef7 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/container.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/container.yaml @@ -9,8 +9,8 @@ info: Builds and manages container-based applications, powered by the open source Kubernetes technology. version: v1 - x-discovery-doc-revision: '20250812' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251125' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/kubernetes-engine/docs/ servers: @@ -36,89 +36,14 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListClustersResponse: - id: ListClustersResponse - description: ListClustersResponse is the result of ListClustersRequest. - type: object - properties: - clusters: - description: >- - A list of clusters in the project in the specified zone, or across - all ones. - type: array - items: - $ref: '#/components/schemas/Cluster' - missingZones: - description: >- - If any zones are listed here, the list of clusters returned may be - missing those zones. - type: array - items: - type: string Cluster: - id: Cluster description: A Google Kubernetes Engine cluster. - type: object properties: - name: - description: >- - The name of this cluster. The name must be unique within this - project and location (e.g. zone or region), and can be up to 40 - characters with the following restrictions: * Lowercase letters, - numbers, and hyphens only. * Must start with a letter. * Must end - with a number or a letter. - type: string - description: - description: An optional description of this cluster. - type: string - initialNodeCount: - description: >- - The number of nodes to create in this cluster. You must ensure that - your Compute Engine [resource - quota](https://{$universe.dns_names.final_documentation_domain}/compute/quotas) - is sufficient for this number of instances. You must also have - available firewall and routes quota. For requests, this field should - only be used in lieu of a "node_pool" object, since this - configuration (along with the "node_config") will be used to create - a "NodePool" object with an auto-generated name. Do not use this and - a node_pool at the same time. This field is deprecated, use - node_pool.initial_node_count instead. - deprecated: true - type: integer - format: int32 - nodeConfig: - description: >- - Parameters used in creating the cluster's nodes. For requests, this - field should only be used in lieu of a "node_pool" object, since - this configuration (along with the "initial_node_count") will be - used to create a "NodePool" object with an auto-generated name. Do - not use this and a node_pool at the same time. For responses, this - field will be populated with the node configuration of the first - node pool. (For configuration of each node pool, see - `node_pool.config`) If unspecified, the defaults are used. This - field is deprecated, use node_pool.config instead. - deprecated: true - $ref: '#/components/schemas/NodeConfig' - masterAuth: - description: >- - The authentication information for accessing the master endpoint. If - unspecified, the defaults are used: For clusters before v1.12, if - master_auth is unspecified, `username` will be set to "admin", a - random password will be generated, and a client certificate will be - issued. - $ref: '#/components/schemas/MasterAuth' - loggingService: - description: >- - The logging service the cluster should use to write logs. Currently - available options: * `logging.googleapis.com/kubernetes` - The Cloud - Logging service with a Kubernetes-native resource model * - `logging.googleapis.com` - The legacy Cloud Logging service (no - longer available as of GKE 1.15). * `none` - no logs will be - exported from the cluster. If left as an empty - string,`logging.googleapis.com/kubernetes` will be used for GKE - 1.14+ or `logging.googleapis.com` for earlier versions. - type: string + networkConfig: + description: Configuration for cluster networking. + $ref: '#/components/schemas/NetworkConfig' monitoringService: + type: string description: >- The monitoring service the cluster should use to write metrics. Currently available options: * @@ -129,137 +54,183 @@ components: exported from the cluster. If left as an empty string,`monitoring.googleapis.com/kubernetes` will be used for GKE 1.14+ or `monitoring.googleapis.com` for earlier versions. - type: string - network: + nodeIpv4CidrSize: + readOnly: true + type: integer description: >- - The name of the Google Compute Engine - [network](https://{$universe.dns_names.final_documentation_domain}/compute/docs/networks-and-firewalls#networks) - to which the cluster is connected. If left unspecified, the - `default` network will be used. + Output only. The size of the address space on each node for hosting + containers. This is provisioned from within the + `container_ipv4_cidr` range. This field will only be set when + cluster is in route-based network mode. + format: int32 + labelFingerprint: + description: The fingerprint of the set of labels for this cluster. type: string - clusterIpv4Cidr: - description: >- - The IP address range of the container pods in this cluster, in - [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - notation (e.g. `10.96.0.0/14`). Leave blank to have one - automatically chosen or specify a `/14` block in `10.0.0.0/8`. + createTime: + readOnly: true type: string - addonsConfig: description: >- - Configurations for the various addons available to run in the - cluster. - $ref: '#/components/schemas/AddonsConfig' + Output only. The time the cluster was created, in + [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. + privateClusterConfig: + $ref: '#/components/schemas/PrivateClusterConfig' + description: Configuration for private cluster. + enableTpu: + type: boolean + deprecated: true + description: >- + Enable the ability to use Cloud TPUs in this cluster. This field is + deprecated due to the deprecation of 2VM TPU. The end of life date + for 2VM TPU is 2025-04-25. + selfLink: + description: Output only. Server-defined URL for the resource. + readOnly: true + type: string subnetwork: description: >- The name of the Google Compute Engine - [subnetwork](https://{$universe.dns_names.final_documentation_domain}/compute/docs/subnetworks) - to which the cluster is connected. + [subnetwork](https://cloud.google.com/compute/docs/subnetworks) to + which the cluster is connected. type: string - nodePools: - description: >- - The node pools associated with this cluster. This field should not - be set if "node_config" or "initial_node_count" are specified. - type: array - items: - $ref: '#/components/schemas/NodePool' - locations: - description: >- - The list of Google Compute Engine - [zones](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster's nodes should be located. This field provides - a default value if - [NodePool.Locations](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters.nodePools#NodePool.FIELDS.locations) - are not specified during node pool creation. Warning: changing - cluster locations will update the - [NodePool.Locations](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters.nodePools#NodePool.FIELDS.locations) - of all node pools and will result in nodes being added and/or - removed. - type: array - items: - type: string - enableKubernetesAlpha: - description: >- - Kubernetes alpha features are enabled on this cluster. This includes - alpha API groups (e.g. v1alpha1) and features that may not be - production ready in the kubernetes version of the master and nodes. - The cluster has no SLA for uptime and master/node upgrades are - disabled. Alpha enabled clusters are automatically deleted thirty - days after creation. - type: boolean alphaClusterFeatureGates: + type: array description: >- The list of user specified Kubernetes feature gates. Each string represents the activation status of a feature gate (e.g. "featureX=true" or "featureX=false") - type: array items: type: string - resourceLabels: + location: + readOnly: true description: >- - The resource labels for the cluster to use to annotate any related - Google Compute Engine resources. - type: object - additionalProperties: - type: string - labelFingerprint: - description: The fingerprint of the set of labels for this cluster. + Output only. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available) + or + [region](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available) + in which the cluster resides. + type: string + etag: + type: string + description: >- + This checksum is computed by the server based on the value of + cluster fields, and may be sent on update requests to ensure the + client has an up-to-date value before proceeding. + id: + readOnly: true type: string + description: Output only. Unique id for the cluster. + zone: + deprecated: true + description: >- + Output only. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field is deprecated, use location + instead. + type: string + readOnly: true legacyAbac: description: Configuration for the legacy ABAC authorization mode. $ref: '#/components/schemas/LegacyAbac' - networkPolicy: - description: Configuration options for the NetworkPolicy feature. - $ref: '#/components/schemas/NetworkPolicy' - ipAllocationPolicy: - description: Configuration for cluster IP allocation. - $ref: '#/components/schemas/IPAllocationPolicy' - masterAuthorizedNetworksConfig: + fleet: + $ref: '#/components/schemas/Fleet' + description: Fleet information for the cluster. + nodePoolAutoConfig: description: >- - The configuration options for master authorized networks feature. - Deprecated: Use - ControlPlaneEndpointsConfig.IPEndpointsConfig.authorized_networks_config - instead. - deprecated: true - $ref: '#/components/schemas/MasterAuthorizedNetworksConfig' - maintenancePolicy: - description: Configure the maintenance policy for this cluster. - $ref: '#/components/schemas/MaintenancePolicy' - binaryAuthorization: - description: Configuration for Binary Authorization. - $ref: '#/components/schemas/BinaryAuthorization' + Node pool configs that apply to all auto-provisioned node pools in + autopilot clusters and node auto-provisioning enabled clusters. + $ref: '#/components/schemas/NodePoolAutoConfig' autoscaling: - description: Cluster-level autoscaling configuration. $ref: '#/components/schemas/ClusterAutoscaling' - networkConfig: - description: Configuration for cluster networking. - $ref: '#/components/schemas/NetworkConfig' + description: Cluster-level autoscaling configuration. + tpuIpv4CidrBlock: + readOnly: true + description: >- + Output only. The IP address range of the Cloud TPUs in this cluster, + in + [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) + notation (e.g. `1.2.3.4/29`). This field is deprecated due to the + deprecation of 2VM TPU. The end of life date for 2VM TPU is + 2025-04-25. + deprecated: true + type: string + conditions: + items: + $ref: '#/components/schemas/StatusCondition' + description: Which conditions caused the current cluster state. + type: array + loggingConfig: + $ref: '#/components/schemas/LoggingConfig' + description: Logging configuration for the cluster. + description: + type: string + description: An optional description of this cluster. + verticalPodAutoscaling: + description: Cluster-level Vertical Pod Autoscaling configuration. + $ref: '#/components/schemas/VerticalPodAutoscaling' + authenticatorGroupsConfig: + $ref: '#/components/schemas/AuthenticatorGroupsConfig' + description: Configuration controlling RBAC group membership information. + currentNodeCount: + description: >- + Output only. The number of nodes currently in the cluster. + Deprecated. Call Kubernetes API directly to retrieve node + information. + readOnly: true + type: integer + format: int32 + deprecated: true + workloadIdentityConfig: + description: >- + Configuration for the use of Kubernetes Service Accounts in IAM + policies. + $ref: '#/components/schemas/WorkloadIdentityConfig' + securityPostureConfig: + description: Enable/Disable Security Posture API features for the cluster. + $ref: '#/components/schemas/SecurityPostureConfig' defaultMaxPodsConstraint: description: >- The default constraint on the maximum number of pods that can be run simultaneously on a node in the node pool of this cluster. Only honored if cluster created with IP Alias support. $ref: '#/components/schemas/MaxPodsConstraint' - resourceUsageExportConfig: + notificationConfig: + description: Notification configuration of the cluster. + $ref: '#/components/schemas/NotificationConfig' + servicesIpv4Cidr: description: >- - Configuration for exporting resource usages. Resource usage export - is disabled when this config is unspecified. - $ref: '#/components/schemas/ResourceUsageExportConfig' - authenticatorGroupsConfig: - description: Configuration controlling RBAC group membership information. - $ref: '#/components/schemas/AuthenticatorGroupsConfig' - privateClusterConfig: - description: Configuration for private cluster. - $ref: '#/components/schemas/PrivateClusterConfig' - databaseEncryption: - description: Configuration of etcd encryption. - $ref: '#/components/schemas/DatabaseEncryption' - verticalPodAutoscaling: - description: Cluster-level Vertical Pod Autoscaling configuration. - $ref: '#/components/schemas/VerticalPodAutoscaling' - shieldedNodes: - description: Shielded Nodes configuration. - $ref: '#/components/schemas/ShieldedNodes' + Output only. The IP address range of the Kubernetes services in this + cluster, in + [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) + notation (e.g. `1.2.3.4/29`). Service addresses are typically put in + the last `/16` from the container CIDR. + type: string + readOnly: true + statusMessage: + readOnly: true + description: >- + Output only. Deprecated. Use conditions instead. Additional + information about the current status of this cluster, if available. + type: string + deprecated: true + satisfiesPzi: + description: Output only. Reserved for future use. + type: boolean + readOnly: true + monitoringConfig: + description: Monitoring configuration for the cluster. + $ref: '#/components/schemas/MonitoringConfig' + currentMasterVersion: + description: Output only. The current software version of the master endpoint. + readOnly: true + type: string + binaryAuthorization: + description: Configuration for Binary Authorization. + $ref: '#/components/schemas/BinaryAuthorization' + maintenancePolicy: + $ref: '#/components/schemas/MaintenancePolicy' + description: Configure the maintenance policy for this cluster. releaseChannel: + $ref: '#/components/schemas/ReleaseChannel' description: >- Release channel configuration. If left unspecified on cluster creation and a version is specified, the cluster is enrolled in the @@ -267,90 +238,85 @@ components: checking STABLE, then REGULAR, and finally RAPID). Otherwise, if no release channel configuration and no version is specified, the cluster is enrolled in the REGULAR channel with its default version. - $ref: '#/components/schemas/ReleaseChannel' - workloadIdentityConfig: + expireTime: + type: string description: >- - Configuration for the use of Kubernetes Service Accounts in GCP IAM - policies. - $ref: '#/components/schemas/WorkloadIdentityConfig' + Output only. The time the cluster will be automatically deleted in + [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. + readOnly: true + network: + type: string + description: >- + The name of the Google Compute Engine + [network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks) + to which the cluster is connected. If left unspecified, the + `default` network will be used. + networkPolicy: + description: Configuration options for the NetworkPolicy feature. + $ref: '#/components/schemas/NetworkPolicy' meshCertificates: description: >- Configuration for issuance of mTLS keys and certificates to Kubernetes pods. $ref: '#/components/schemas/MeshCertificates' - costManagementConfig: - description: Configuration for the fine-grained cost management feature. - $ref: '#/components/schemas/CostManagementConfig' - notificationConfig: - description: Notification configuration of the cluster. - $ref: '#/components/schemas/NotificationConfig' - confidentialNodes: - description: >- - Configuration of Confidential Nodes. All the nodes in the cluster - will be Confidential VM once enabled. - $ref: '#/components/schemas/ConfidentialNodes' - identityServiceConfig: - description: Configuration for Identity Service component. - $ref: '#/components/schemas/IdentityServiceConfig' - selfLink: - description: Output only. Server-defined URL for the resource. - readOnly: true - type: string - zone: + podAutoscaling: + description: The config for pod autoscaling. + $ref: '#/components/schemas/PodAutoscaling' + resourceLabels: description: >- - Output only. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field is deprecated, use location - instead. - readOnly: true - deprecated: true - type: string - endpoint: + The resource labels for the cluster to use to annotate any related + Google Compute Engine resources. + type: object + additionalProperties: + type: string + addonsConfig: description: >- - Output only. The IP address of this cluster's master endpoint. The - endpoint can be accessed from the internet at - `https://username:password@endpoint/`. See the `masterAuth` property - of this resource for username and password information. - readOnly: true - type: string - initialClusterVersion: + Configurations for the various addons available to run in the + cluster. + $ref: '#/components/schemas/AddonsConfig' + autopilot: + $ref: '#/components/schemas/Autopilot' + description: Autopilot configuration for the cluster. + loggingService: description: >- - The initial Kubernetes version for this cluster. Valid versions are - those found in validMasterVersions returned by getServerConfig. The - version can be upgraded over time; such upgrades are reflected in - currentMasterVersion and currentNodeVersion. Users may specify - either explicit versions offered by Kubernetes Engine or version - aliases, which have the following behavior: - "latest": picks the - highest valid Kubernetes version - "1.X": picks the highest valid - patch+gke.N patch in the 1.X version - "1.X.Y": picks the highest - valid gke.N patch in the 1.X.Y version - "1.X.Y-gke.N": picks an - explicit Kubernetes version - "","-": picks the default Kubernetes - version - type: string - currentMasterVersion: - description: Output only. The current software version of the master endpoint. - readOnly: true + The logging service the cluster should use to write logs. Currently + available options: * `logging.googleapis.com/kubernetes` - The Cloud + Logging service with a Kubernetes-native resource model * + `logging.googleapis.com` - The legacy Cloud Logging service (no + longer available as of GKE 1.15). * `none` - no logs will be + exported from the cluster. If left as an empty + string,`logging.googleapis.com/kubernetes` will be used for GKE + 1.14+ or `logging.googleapis.com` for earlier versions. type: string - currentNodeVersion: + secretManagerConfig: + $ref: '#/components/schemas/SecretManagerConfig' + description: Secret CSI driver configuration. + rbacBindingConfig: description: >- - Output only. Deprecated, use - [NodePools.version](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters.nodePools) - instead. The current version of the node software components. If - they are currently at multiple versions because they're in the - process of being upgraded, this reflects the minimum version of all - nodes. - readOnly: true + RBACBindingConfig allows user to restrict ClusterRoleBindings an + RoleBindings that can be created. + $ref: '#/components/schemas/RBACBindingConfig' + costManagementConfig: + $ref: '#/components/schemas/CostManagementConfig' + description: Configuration for the fine-grained cost management feature. + masterAuthorizedNetworksConfig: + $ref: '#/components/schemas/MasterAuthorizedNetworksConfig' deprecated: true - type: string - createTime: description: >- - Output only. The time the cluster was created, in - [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. - readOnly: true - type: string + The configuration options for master authorized networks feature. + Deprecated: Use + ControlPlaneEndpointsConfig.IPEndpointsConfig.authorized_networks_config + instead. status: description: Output only. The current status of this cluster. - readOnly: true + enum: + - STATUS_UNSPECIFIED + - PROVISIONING + - RUNNING + - RECONCILING + - STOPPING + - ERROR + - DEGRADED type: string enumDescriptions: - Not set. @@ -371,4371 +337,4270 @@ components: The DEGRADED state indicates the cluster requires user action to restore full functionality. Details can be found in the `statusMessage` field. - enum: - - STATUS_UNSPECIFIED - - PROVISIONING - - RUNNING - - RECONCILING - - STOPPING - - ERROR - - DEGRADED - statusMessage: - description: >- - Output only. Deprecated. Use conditions instead. Additional - information about the current status of this cluster, if available. readOnly: true - deprecated: true - type: string - nodeIpv4CidrSize: + anonymousAuthenticationConfig: description: >- - Output only. The size of the address space on each node for hosting - containers. This is provisioned from within the - `container_ipv4_cidr` range. This field will only be set when - cluster is in route-based network mode. + Configuration for limiting anonymous access to all endpoints except + the health checks. + $ref: '#/components/schemas/AnonymousAuthenticationConfig' + satisfiesPzs: + description: Output only. Reserved for future use. + type: boolean readOnly: true - type: integer - format: int32 - servicesIpv4Cidr: + clusterIpv4Cidr: description: >- - Output only. The IP address range of the Kubernetes services in this - cluster, in + The IP address range of the container pods in this cluster, in [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - notation (e.g. `1.2.3.4/29`). Service addresses are typically put in - the last `/16` from the container CIDR. + notation (e.g. `10.96.0.0/14`). Leave blank to have one + automatically chosen or specify a `/14` block in `10.0.0.0/8`. + type: string + endpoint: + type: string readOnly: true + description: >- + Output only. The IP address of this cluster's master endpoint. The + endpoint can be accessed from the internet at + `https://username:password@endpoint/`. See the `masterAuth` property + of this resource for username and password information. + compliancePostureConfig: + description: Enable/Disable Compliance Posture features for the cluster. + $ref: '#/components/schemas/CompliancePostureConfig' + parentProductConfig: + $ref: '#/components/schemas/ParentProductConfig' + description: >- + The configuration of the parent product of the cluster. This field + is used by Google internal products that are built on top of the GKE + cluster and take the ownership of the cluster. + identityServiceConfig: + description: Configuration for Identity Service component. + $ref: '#/components/schemas/IdentityServiceConfig' + initialClusterVersion: + description: >- + The initial Kubernetes version for this cluster. Valid versions are + those found in validMasterVersions returned by getServerConfig. The + version can be upgraded over time; such upgrades are reflected in + currentMasterVersion and currentNodeVersion. Users may specify + either explicit versions offered by Kubernetes Engine or version + aliases, which have the following behavior: - "latest": picks the + highest valid Kubernetes version - "1.X": picks the highest valid + patch+gke.N patch in the 1.X version - "1.X.Y": picks the highest + valid gke.N patch in the 1.X.Y version - "1.X.Y-gke.N": picks an + explicit Kubernetes version - "","-": picks the default Kubernetes + version type: string instanceGroupUrls: - description: Output only. Deprecated. Use node_pools.instance_group_urls. readOnly: true - deprecated: true type: array + deprecated: true + description: Output only. Deprecated. Use node_pools.instance_group_urls. items: type: string - currentNodeCount: + nodeConfig: + deprecated: true + $ref: '#/components/schemas/NodeConfig' description: >- - Output only. The number of nodes currently in the cluster. - Deprecated. Call Kubernetes API directly to retrieve node - information. - readOnly: true - deprecated: true - type: integer - format: int32 - expireTime: + Parameters used in creating the cluster's nodes. For requests, this + field should only be used in lieu of a "node_pool" object, since + this configuration (along with the "initial_node_count") will be + used to create a "NodePool" object with an auto-generated name. Do + not use this and a node_pool at the same time. For responses, this + field will be populated with the node configuration of the first + node pool. (For configuration of each node pool, see + `node_pool.config`) If unspecified, the defaults are used. This + field is deprecated, use node_pool.config instead. + nodePools: + type: array + items: + $ref: '#/components/schemas/NodePool' description: >- - Output only. The time the cluster will be automatically deleted in - [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. - readOnly: true - type: string - location: + The node pools associated with this cluster. This field should not + be set if "node_config" or "initial_node_count" are specified. + currentNodeVersion: description: >- - Output only. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/regions-zones/regions-zones#available) - or - [region](https://{$universe.dns_names.final_documentation_domain}/compute/docs/regions-zones/regions-zones#available) - in which the cluster resides. - readOnly: true + Output only. Deprecated, use + [NodePools.version](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters.nodePools) + instead. The current version of the node software components. If + they are currently at multiple versions because they're in the + process of being upgraded, this reflects the minimum version of all + nodes. type: string - enableTpu: - description: >- - Enable the ability to use Cloud TPUs in this cluster. This field is - deprecated due to the deprecation of 2VM TPU. The end of life date - for 2VM TPU is 2025-04-25. deprecated: true - type: boolean - tpuIpv4CidrBlock: - description: >- - Output only. The IP address range of the Cloud TPUs in this cluster, - in - [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - notation (e.g. `1.2.3.4/29`). This field is deprecated due to the - deprecation of 2VM TPU. The end of life date for 2VM TPU is - 2025-04-25. readOnly: true - deprecated: true - type: string - conditions: - description: Which conditions caused the current cluster state. + masterAuth: + $ref: '#/components/schemas/MasterAuth' + description: >- + The authentication information for accessing the master endpoint. If + unspecified, the defaults are used: For clusters before v1.12, if + master_auth is unspecified, `username` will be set to "admin", a + random password will be generated, and a client certificate will be + issued. + databaseEncryption: + description: Configuration of etcd encryption. + $ref: '#/components/schemas/DatabaseEncryption' + enableK8sBetaApis: + $ref: '#/components/schemas/K8sBetaAPIConfig' + description: Beta APIs Config + resourceUsageExportConfig: + description: >- + Configuration for exporting resource usages. Resource usage export + is disabled when this config is unspecified. + $ref: '#/components/schemas/ResourceUsageExportConfig' + shieldedNodes: + description: Shielded Nodes configuration. + $ref: '#/components/schemas/ShieldedNodes' + locations: + description: >- + The list of Google Compute Engine + [zones](https://cloud.google.com/compute/docs/zones#available) in + which the cluster's nodes should be located. This field provides a + default value if + [NodePool.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters.nodePools#NodePool.FIELDS.locations) + are not specified during node pool creation. Warning: changing + cluster locations will update the + [NodePool.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters.nodePools#NodePool.FIELDS.locations) + of all node pools and will result in nodes being added and/or + removed. type: array items: - $ref: '#/components/schemas/StatusCondition' - autopilot: - description: Autopilot configuration for the cluster. - $ref: '#/components/schemas/Autopilot' - id: - description: Output only. Unique id for the cluster. - readOnly: true - type: string - parentProductConfig: + type: string + initialNodeCount: description: >- - The configuration of the parent product of the cluster. This field - is used by Google internal products that are built on top of the GKE - cluster and take the ownership of the cluster. - $ref: '#/components/schemas/ParentProductConfig' + The number of nodes to create in this cluster. You must ensure that + your Compute Engine [resource + quota](https://cloud.google.com/compute/quotas) is sufficient for + this number of instances. You must also have available firewall and + routes quota. For requests, this field should only be used in lieu + of a "node_pool" object, since this configuration (along with the + "node_config") will be used to create a "NodePool" object with an + auto-generated name. Do not use this and a node_pool at the same + time. This field is deprecated, use node_pool.initial_node_count + instead. + type: integer + deprecated: true + format: int32 + gkeAutoUpgradeConfig: + description: Configuration for GKE auto upgrades. + $ref: '#/components/schemas/GkeAutoUpgradeConfig' + enterpriseConfig: + deprecated: true + $ref: '#/components/schemas/EnterpriseConfig' + description: >- + GKE Enterprise Configuration. Deprecated: GKE Enterprise features + are now available without an Enterprise tier. nodePoolDefaults: + $ref: '#/components/schemas/NodePoolDefaults' description: >- Default NodePool settings for the entire cluster. These settings are overridden if specified on the specific NodePool object. - $ref: '#/components/schemas/NodePoolDefaults' - loggingConfig: - description: Logging configuration for the cluster. - $ref: '#/components/schemas/LoggingConfig' - monitoringConfig: - description: Monitoring configuration for the cluster. - $ref: '#/components/schemas/MonitoringConfig' - nodePoolAutoConfig: - description: >- - Node pool configs that apply to all auto-provisioned node pools in - autopilot clusters and node auto-provisioning enabled clusters. - $ref: '#/components/schemas/NodePoolAutoConfig' - podAutoscaling: - description: The config for pod autoscaling. - $ref: '#/components/schemas/PodAutoscaling' - etag: + name: description: >- - This checksum is computed by the server based on the value of - cluster fields, and may be sent on update requests to ensure the - client has an up-to-date value before proceeding. + The name of this cluster. The name must be unique within this + project and location (e.g. zone or region), and can be up to 40 + characters with the following restrictions: * Lowercase letters, + numbers, and hyphens only. * Must start with a letter. * Must end + with a number or a letter. type: string - fleet: - description: Fleet information for the cluster. - $ref: '#/components/schemas/Fleet' - securityPostureConfig: - description: Enable/Disable Security Posture API features for the cluster. - $ref: '#/components/schemas/SecurityPostureConfig' + ipAllocationPolicy: + description: Configuration for cluster IP allocation. + $ref: '#/components/schemas/IPAllocationPolicy' controlPlaneEndpointsConfig: description: Configuration for all cluster's control plane endpoints. $ref: '#/components/schemas/ControlPlaneEndpointsConfig' - enableK8sBetaApis: - description: Beta APIs Config - $ref: '#/components/schemas/K8sBetaAPIConfig' - enterpriseConfig: - description: GKE Enterprise Configuration. - $ref: '#/components/schemas/EnterpriseConfig' - secretManagerConfig: - description: Secret CSI driver configuration. - $ref: '#/components/schemas/SecretManagerConfig' - compliancePostureConfig: - description: Enable/Disable Compliance Posture features for the cluster. - $ref: '#/components/schemas/CompliancePostureConfig' - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean + confidentialNodes: + $ref: '#/components/schemas/ConfidentialNodes' + description: >- + Configuration of Confidential Nodes. All the nodes in the cluster + will be Confidential VM once enabled. userManagedKeysConfig: - description: The Custom keys configuration for the cluster. $ref: '#/components/schemas/UserManagedKeysConfig' - rbacBindingConfig: + description: The Custom keys configuration for the cluster. + enableKubernetesAlpha: + type: boolean description: >- - RBACBindingConfig allows user to restrict ClusterRoleBindings an - RoleBindings that can be created. - $ref: '#/components/schemas/RBACBindingConfig' - gkeAutoUpgradeConfig: - description: Configuration for GKE auto upgrades. - $ref: '#/components/schemas/GkeAutoUpgradeConfig' - anonymousAuthenticationConfig: + Kubernetes alpha features are enabled on this cluster. This includes + alpha API groups (e.g. v1alpha1) and features that may not be + production ready in the kubernetes version of the master and nodes. + The cluster has no SLA for uptime and master/node upgrades are + disabled. Alpha enabled clusters are automatically deleted thirty + days after creation. + type: object + id: Cluster + ParallelstoreCsiDriverConfig: + description: Configuration for the Cloud Storage Parallelstore CSI driver. + properties: + enabled: description: >- - Configuration for limiting anonymous access to all endpoints except - the health checks. - $ref: '#/components/schemas/AnonymousAuthenticationConfig' - NodeConfig: - id: NodeConfig - description: >- - Parameters that describe the nodes in a cluster. GKE Autopilot clusters - do not recognize parameters in `NodeConfig`. Use - AutoprovisioningNodePoolDefaults instead. + Whether the Cloud Storage Parallelstore CSI driver is enabled for + this cluster. + type: boolean + id: ParallelstoreCsiDriverConfig + type: object + IPAllocationPolicy: + id: IPAllocationPolicy + description: Configuration for controlling how IPs are allocated in the cluster. type: object properties: - machineType: + autoIpamConfig: description: >- - The name of a Google Compute Engine [machine - type](https://{$universe.dns_names.final_documentation_domain}/compute/docs/machine-types) - If unspecified, the default machine type is `e2-medium`. + Optional. AutoIpamConfig contains all information related to Auto + IPAM + $ref: '#/components/schemas/AutoIpamConfig' + subnetworkName: type: string - diskSizeGb: - description: >- - Size of the disk attached to each node, specified in GB. The - smallest allowed disk size is 10GB. If unspecified, the default disk - size is 100GB. - type: integer - format: int32 - oauthScopes: - description: >- - The set of Google API scopes to be made available on all of the node - VMs under the "default" service account. The following scopes are - recommended, but not required, and by default are not included: * - `https://www.googleapis.com/auth/compute` is required for mounting - persistent storage on your nodes. * - `https://www.googleapis.com/auth/devstorage.read_only` is required - for communicating with **gcr.io** (the [Google Container - Registry](https://{$universe.dns_names.final_documentation_domain}/container-registry/)). - If unspecified, no scopes are added, unless Cloud Logging or Cloud - Monitoring are enabled, in which case their required scopes will be - added. - type: array - items: - type: string - serviceAccount: description: >- - The Google Cloud Platform Service Account to be used by the node - VMs. Specify the email address of the Service Account; otherwise, if - no Service Account is specified, the "default" service account is - used. - type: string - metadata: + A custom subnetwork name to be used if `create_subnetwork` is true. + If this field is empty, then an automatic name will be chosen for + the new subnetwork. + useIpAliases: + type: boolean description: >- - The metadata key/value pairs assigned to instances in the cluster. - Keys must conform to the regexp `[a-zA-Z0-9-_]+` and be less than - 128 bytes in length. These are reflected as part of a URL in the - metadata server. Additionally, to avoid ambiguity, keys must not - conflict with any other metadata keys for the project or be one of - the reserved keys: - "cluster-location" - "cluster-name" - - "cluster-uid" - "configure-sh" - "containerd-configure-sh" - - "enable-os-login" - "gci-ensure-gke-docker" - "gci-metrics-enabled" - - "gci-update-strategy" - "instance-template" - "kube-env" - - "startup-script" - "user-data" - "disable-address-manager" - - "windows-startup-script-ps1" - "common-psm1" - "k8s-node-setup-psm1" - - "install-ssh-psm1" - "user-profile-psm1" Values are free-form - strings, and only have meaning as interpreted by the image running - in the instance. The only restriction placed on them is that each - value's size must be less than or equal to 32 KB. The total size of - all keys and values must be less than 512 KB. - type: object - additionalProperties: - type: string - imageType: - description: >- - The image type to use for this node. Note that for a given image - type, the latest version of it will be used. Please see - https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/concepts/node-images - for available image types. + Whether alias IPs will be used for pod IPs in the cluster. This is + used in conjunction with use_routes. It cannot be true if use_routes + is true. If both use_ip_aliases and use_routes are false, then the + server picks the default IP allocation mode + stackType: + description: The IP stack type of the cluster + enumDescriptions: + - Default value, will be defaulted as IPV4 only + - Cluster is IPV4 only + - Cluster can use both IPv4 and IPv6 + enum: + - STACK_TYPE_UNSPECIFIED + - IPV4 + - IPV4_IPV6 type: string - labels: + nodeIpv4Cidr: + type: string + deprecated: true + description: This field is deprecated, use node_ipv4_cidr_block. + tpuIpv4CidrBlock: description: >- - The map of Kubernetes labels (key/value pairs) to be applied to each - node. These will added in addition to any default label(s) that - Kubernetes may apply to the node. In case of conflict in label keys, - the applied set may differ depending on the Kubernetes version -- - it's best to assume the behavior is undefined and conflicts should - be avoided. For more information, including usage and the valid - values, see: - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - type: object - additionalProperties: - type: string - localSsdCount: + The IP address range of the Cloud TPUs in this cluster. If + unspecified, a range will be automatically chosen with the default + size. This field is only applicable when `use_ip_aliases` is true. + If unspecified, the range will use the default size. Set to /netmask + (e.g. `/14`) to have a range chosen with a specific netmask. Set to + a + [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) + notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks + (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a + specific range to use. This field is deprecated due to the + deprecation of 2VM TPU. The end of life date for 2VM TPU is + 2025-04-25. + deprecated: true + type: string + clusterIpv4Cidr: + type: string + description: This field is deprecated, use cluster_ipv4_cidr_block. + deprecated: true + defaultPodIpv4RangeUtilization: + type: number description: >- - The number of local SSD disks to be attached to the node. The limit - for this value is dependent upon the maximum number of disks - available on a machine per zone. See: - https://{$universe.dns_names.final_documentation_domain}/compute/docs/disks/local-ssd - for more information. - type: integer - format: int32 - tags: + Output only. The utilization of the cluster default IPv4 range for + the pod. The ratio is Usage/[Total number of IPs in the secondary + range], Usage=numNodes*numZones*podIPsPerNode. + format: double + readOnly: true + subnetIpv6CidrBlock: + readOnly: true + type: string + description: Output only. The subnet's IPv6 CIDR block used by nodes and pods. + networkTierConfig: description: >- - The list of instance tags applied to all nodes. Tags are used to - identify valid sources or targets for network firewalls and are - specified by the client during cluster or node pool creation. Each - tag within the list must comply with RFC1035. - type: array - items: - type: string - preemptible: + Cluster-level network tier configuration is used to determine the + default network tier for external IP addresses on cluster resources, + such as node pools and load balancers. + $ref: '#/components/schemas/NetworkTierConfig' + useRoutes: description: >- - Whether the nodes are created as preemptible VM instances. See: - https://{$universe.dns_names.final_documentation_domain}/compute/docs/instances/preemptible - for more information about preemptible VM instances. + Whether routes will be used for pod IPs in the cluster. This is used + in conjunction with use_ip_aliases. It cannot be true if + use_ip_aliases is true. If both use_ip_aliases and use_routes are + false, then the server picks the default IP allocation mode type: boolean - accelerators: + clusterIpv4CidrBlock: + type: string description: >- - A list of hardware accelerators to be attached to each node. See - https://{$universe.dns_names.final_documentation_domain}/compute/docs/gpus - for more information about support for GPUs. + The IP address range for the cluster pod IPs. If this field is set, + then `cluster.cluster_ipv4_cidr` must be left blank. This field is + only applicable when `use_ip_aliases` is true. Set to blank to have + a range chosen with the default size. Set to /netmask (e.g. `/14`) + to have a range chosen with a specific netmask. Set to a + [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) + notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks + (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a + specific range to use. + additionalIpRangesConfigs: type: array items: - $ref: '#/components/schemas/AcceleratorConfig' - diskType: - description: >- - Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' - or 'pd-balanced') If unspecified, the default disk type is - 'pd-standard' - type: string - minCpuPlatform: + $ref: '#/components/schemas/AdditionalIPRangesConfig' + readOnly: true description: >- - Minimum CPU platform to be used by this instance. The instance may - be scheduled on the specified or newer CPU platform. Applicable - values are the friendly names of CPU platforms, such as - `minCpuPlatform: "Intel Haswell"` or `minCpuPlatform: "Intel Sandy - Bridge"`. For more information, read [how to specify min CPU - platform](https://{$universe.dns_names.final_documentation_domain}/compute/docs/instances/specify-min-cpu-platform) - type: string - workloadMetadataConfig: - description: The workload metadata configuration for this node. - $ref: '#/components/schemas/WorkloadMetadataConfig' - taints: + Output only. The additional IP ranges that are added to the cluster. + These IP ranges can be used by new node pools to allocate node and + pod IPs automatically. Each AdditionalIPRangesConfig corresponds to + a single subnetwork. Once a range is removed it will not show up in + IPAllocationPolicy. + createSubnetwork: description: >- - List of kubernetes taints to be applied to each node. For more - information, including usage and the valid values, see: - https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - type: array - items: - $ref: '#/components/schemas/NodeTaint' - sandboxConfig: - description: Sandbox configuration for this node. - $ref: '#/components/schemas/SandboxConfig' - nodeGroup: + Whether a new subnetwork will be created automatically for the + cluster. This field is only applicable when `use_ip_aliases` is + true. + type: boolean + clusterSecondaryRangeName: description: >- - Setting this field will assign instances of this pool to run on the - specified node group. This is useful for running workloads on [sole - tenant - nodes](https://{$universe.dns_names.final_documentation_domain}/compute/docs/nodes/sole-tenant-nodes). + The name of the secondary range to be used for the cluster CIDR + block. The secondary range will be used for pod IP addresses. This + must be an existing secondary range associated with the cluster + subnetwork. This field is only applicable with use_ip_aliases is + true and create_subnetwork is false. type: string - reservationAffinity: + servicesSecondaryRangeName: description: >- - The optional reservation affinity. Setting this field will apply the - specified [Zonal Compute - Reservation](https://{$universe.dns_names.final_documentation_domain}/compute/docs/instances/reserving-zonal-resources) - to this node pool. - $ref: '#/components/schemas/ReservationAffinity' - shieldedInstanceConfig: - description: Shielded Instance options. - $ref: '#/components/schemas/ShieldedInstanceConfig' - linuxNodeConfig: - description: Parameters that can be configured on Linux nodes. - $ref: '#/components/schemas/LinuxNodeConfig' - kubeletConfig: - description: Node kubelet configs. - $ref: '#/components/schemas/NodeKubeletConfig' - bootDiskKmsKey: - description: ' The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://{$universe.dns_names.final_documentation_domain}/compute/docs/disks/customer-managed-encryption' + The name of the secondary range to be used as for the services CIDR + block. The secondary range will be used for service ClusterIPs. This + must be an existing secondary range associated with the cluster + subnetwork. This field is only applicable with use_ip_aliases is + true and create_subnetwork is false. + type: string + nodeIpv4CidrBlock: type: string - gcfsConfig: - description: Google Container File System (image streaming) configs. - $ref: '#/components/schemas/GcfsConfig' - advancedMachineFeatures: - description: Advanced features for the Compute Engine VM. - $ref: '#/components/schemas/AdvancedMachineFeatures' - gvnic: - description: Enable or disable gvnic in the node pool. - $ref: '#/components/schemas/VirtualNIC' - spot: description: >- - Spot flag for enabling Spot VM, which is a rebrand of the existing - preemptible flag. - type: boolean - confidentialNodes: + The IP address range of the instance IPs in this cluster. This is + applicable only if `create_subnetwork` is true. Set to blank to have + a range chosen with the default size. Set to /netmask (e.g. `/14`) + to have a range chosen with a specific netmask. Set to a + [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) + notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks + (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a + specific range to use. + podCidrOverprovisionConfig: + $ref: '#/components/schemas/PodCIDROverprovisionConfig' description: >- - Confidential nodes config. All the nodes in the node pool will be - Confidential VM once enabled. - $ref: '#/components/schemas/ConfidentialNodes' - fastSocket: - description: Enable or disable NCCL fast socket for the node pool. - $ref: '#/components/schemas/FastSocket' - resourceLabels: + [PRIVATE FIELD] Pod CIDR size overprovisioning config for the + cluster. Pod CIDR size per node depends on max_pods_per_node. By + default, the value of max_pods_per_node is doubled and then rounded + off to next power of 2 to get the size of pod CIDR block per node. + Example: max_pods_per_node of 30 would result in 64 IPs (/26). This + config can disable the doubling of IPs (we still round off to next + power of 2) Example: max_pods_per_node of 30 will result in 32 IPs + (/27) when overprovisioning is disabled. + additionalPodRangesConfig: + $ref: '#/components/schemas/AdditionalPodRangesConfig' description: >- - The resource labels for the node pool to use to annotate any related - Google Compute Engine resources. - type: object - additionalProperties: - type: string - loggingConfig: - description: Logging configuration. - $ref: '#/components/schemas/NodePoolLoggingConfig' - windowsNodeConfig: - description: Parameters that can be configured on Windows nodes. - $ref: '#/components/schemas/WindowsNodeConfig' - localNvmeSsdBlockConfig: - description: Parameters for using raw-block Local NVMe SSDs. - $ref: '#/components/schemas/LocalNvmeSsdBlockConfig' - ephemeralStorageLocalSsdConfig: + Output only. The additional pod ranges that are added to the + cluster. These pod ranges can be used by new node pools to allocate + pod IPs automatically. Once the range is removed it will not show up + in IPAllocationPolicy. + readOnly: true + servicesIpv4CidrBlock: + type: string description: >- - Parameters for the node ephemeral storage using Local SSDs. If - unspecified, ephemeral storage is backed by the boot disk. - $ref: '#/components/schemas/EphemeralStorageLocalSsdConfig' - soleTenantConfig: - description: >- - Parameters for node pools to be backed by shared sole tenant node - groups. - $ref: '#/components/schemas/SoleTenantConfig' - containerdConfig: - description: Parameters for containerd customization. - $ref: '#/components/schemas/ContainerdConfig' - resourceManagerTags: - description: >- - A map of resource manager tag keys and values to be attached to the - nodes. - $ref: '#/components/schemas/ResourceManagerTags' - enableConfidentialStorage: - description: Optional. Reserved for future use. - type: boolean - secondaryBootDisks: - description: List of secondary boot disks attached to the nodes. - type: array - items: - $ref: '#/components/schemas/SecondaryBootDisk' - storagePools: - description: List of Storage Pools where boot disks are provisioned. - type: array - items: - type: string - secondaryBootDiskUpdateStrategy: - description: Secondary boot disk update strategy. - $ref: '#/components/schemas/SecondaryBootDiskUpdateStrategy' - maxRunDuration: - description: >- - The maximum duration for the nodes to exist. If unspecified, the - nodes can exist indefinitely. - type: string - format: google-duration - localSsdEncryptionMode: + The IP address range of the services IPs in this cluster. If blank, + a range will be automatically chosen with the default size. This + field is only applicable when `use_ip_aliases` is true. Set to blank + to have a range chosen with the default size. Set to /netmask (e.g. + `/14`) to have a range chosen with a specific netmask. Set to a + [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) + notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks + (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a + specific range to use. + ipv6AccessType: description: >- - Specifies which method should be used for encrypting the Local SSDs - attached to the node. + The ipv6 access type (internal or external) when create_subnetwork + is true + enum: + - IPV6_ACCESS_TYPE_UNSPECIFIED + - INTERNAL + - EXTERNAL type: string enumDescriptions: - - >- - The given node will be encrypted using keys managed by Google - infrastructure and the keys will be deleted when the node is - deleted. - - >- - The given node will be encrypted using keys managed by Google - infrastructure and the keys will be deleted when the node is - deleted. - - >- - The given node will opt-in for using ephemeral key for encryption - of Local SSDs. The Local SSDs will not be able to recover data in - case of node crash. - enum: - - LOCAL_SSD_ENCRYPTION_MODE_UNSPECIFIED - - STANDARD_ENCRYPTION - - EPHEMERAL_KEY_ENCRYPTION - effectiveCgroupMode: - description: >- - Output only. effective_cgroup_mode is the cgroup mode actually used - by the node pool. It is determined by the cgroup mode specified in - the LinuxNodeConfig or the default cgroup mode based on the cluster - creation version. + - Default value, will be defaulted as type external. + - Access type internal (all v6 addresses are internal IPs) + - Access type external (all v6 addresses are external IPs) + servicesIpv6CidrBlock: + type: string readOnly: true + description: Output only. The services IPv6 CIDR block for the cluster. + servicesIpv4Cidr: + description: This field is deprecated, use services_ipv4_cidr_block. + deprecated: true type: string - enumDescriptions: - - >- - EFFECTIVE_CGROUP_MODE_UNSPECIFIED means the cgroup configuration - for the node pool is unspecified, i.e. the node pool is a Windows - node pool. - - >- - CGROUP_MODE_V1 means the node pool is configured to use cgroupv1 - for the cgroup configuration. - - >- - CGROUP_MODE_V2 means the node pool is configured to use cgroupv2 - for the cgroup configuration. - enum: - - EFFECTIVE_CGROUP_MODE_UNSPECIFIED - - EFFECTIVE_CGROUP_MODE_V1 - - EFFECTIVE_CGROUP_MODE_V2 - flexStart: - description: Flex Start flag for enabling Flex Start VM. + MeshCertificates: + description: >- + Configuration for issuance of mTLS keys and certificates to Kubernetes + pods. + properties: + enableCertificates: + description: >- + enable_certificates controls issuance of workload mTLS certificates. + If set, the GKE Workload Identity Certificates controller and node + agent will be deployed in the cluster, which can then be configured + by creating a WorkloadCertificateConfig Custom Resource. Requires + Workload Identity (workload_pool must be non-empty). type: boolean - bootDisk: - description: The boot disk configuration for the node pool. - $ref: '#/components/schemas/BootDisk' - AcceleratorConfig: - id: AcceleratorConfig - description: AcceleratorConfig represents a Hardware Accelerator request. type: object + id: MeshCertificates + ShieldedNodes: + description: Configuration of Shielded Nodes feature. + id: ShieldedNodes properties: - acceleratorCount: - description: The number of the accelerator cards exposed to an instance. - type: string - format: int64 - acceleratorType: + enabled: description: >- - The accelerator type resource name. List of supported accelerators - [here](https://{$universe.dns_names.final_documentation_domain}/compute/docs/gpus) + Whether Shielded Nodes features are enabled on all nodes in this + cluster. + type: boolean + type: object + SetAddonsConfigRequest: + type: object + properties: + name: type: string - gpuPartitionSize: description: >- - Size of partitions to create on the GPU. Valid values are described - in the NVIDIA [mig user - guide](https://docs.nvidia.com/datacenter/tesla/mig-user-guide/#partitioning). + The name (project, location, cluster) of the cluster to set addons. + Specified in the format `projects/*/locations/*/clusters/*`. + zone: type: string - gpuSharingConfig: - description: The configuration for GPU sharing options. - $ref: '#/components/schemas/GPUSharingConfig' - gpuDriverInstallationConfig: - description: The configuration for auto installation of GPU driver. - $ref: '#/components/schemas/GPUDriverInstallationConfig' - GPUSharingConfig: - id: GPUSharingConfig - description: >- - GPUSharingConfig represents the GPU sharing configuration for Hardware - Accelerators. - type: object - properties: - maxSharedClientsPerGpu: - description: The max number of containers that can share a physical GPU. + deprecated: true + description: >- + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and + replaced by the name field. + clusterId: + description: >- + Deprecated. The name of the cluster to upgrade. This field has been + deprecated and replaced by the name field. + deprecated: true type: string - format: int64 - gpuSharingStrategy: - description: The type of GPU sharing strategy to enable on the GPU node. + addonsConfig: + $ref: '#/components/schemas/AddonsConfig' + description: >- + Required. The desired configurations for the various addons + available to run in the cluster. + projectId: + deprecated: true type: string - enumDescriptions: - - Default value. - - GPUs are time-shared between containers. - - GPUs are shared between containers with NVIDIA MPS. - enum: - - GPU_SHARING_STRATEGY_UNSPECIFIED - - TIME_SHARING - - MPS - GPUDriverInstallationConfig: - id: GPUDriverInstallationConfig - description: >- - GPUDriverInstallationConfig specifies the version of GPU driver to be - auto installed. + description: >- + Deprecated. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + This field has been deprecated and replaced by the name field. + id: SetAddonsConfigRequest + description: SetAddonsConfigRequest sets the addons associated with the cluster. + GcpFilestoreCsiDriverConfig: + description: Configuration for the Filestore CSI driver. type: object + id: GcpFilestoreCsiDriverConfig properties: - gpuDriverVersion: - description: Mode for how the GPU driver is installed. - type: string - enumDescriptions: - - Default value is to not install any GPU driver. - - Disable GPU driver auto installation and needs manual installation - - '"Default" GPU driver in COS and Ubuntu.' - - '"Latest" GPU driver in COS.' - enum: - - GPU_DRIVER_VERSION_UNSPECIFIED - - INSTALLATION_DISABLED - - DEFAULT - - LATEST - WorkloadMetadataConfig: - id: WorkloadMetadataConfig - description: >- - WorkloadMetadataConfig defines the metadata configuration to expose to - workloads on the node pool. + enabled: + type: boolean + description: Whether the Filestore CSI driver is enabled for this cluster. + NodePool: type: object properties: - mode: - description: >- - Mode is the configuration for how to expose metadata to workloads - running on the node pool. + management: + description: NodeManagement configuration for this NodePool. + $ref: '#/components/schemas/NodeManagement' + placementPolicy: + description: Specifies the node placement policy. + $ref: '#/components/schemas/PlacementPolicy' + selfLink: type: string + readOnly: true + description: Output only. Server-defined URL for the resource. + status: + description: Output only. The status of the nodes in this pool instance. enumDescriptions: - Not set. - - Expose all Compute Engine metadata to pods. + - The PROVISIONING state indicates the node pool is being created. - >- - Run the GKE Metadata Server on this node. The GKE Metadata Server - exposes a metadata API to workloads that is compatible with the V1 - Compute Metadata APIs exposed by the Compute Engine and App Engine - Metadata Servers. This feature can only be enabled if Workload - Identity is enabled at the cluster level. - enum: - - MODE_UNSPECIFIED - - GCE_METADATA - - GKE_METADATA - NodeTaint: - id: NodeTaint - description: >- - Kubernetes taint is composed of three fields: key, value, and effect. - Effect can only be one of three types: NoSchedule, PreferNoSchedule or - NoExecute. See - [here](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration) - for more information, including usage and the valid values. - type: object - properties: - key: - description: Key for taint. + The RUNNING state indicates the node pool has been created and is + fully usable. + - >- + The RUNNING_WITH_ERROR state indicates the node pool has been + created and is partially usable. Some error state has occurred and + some functionality may be impaired. Customer may need to reissue a + request or trigger a new update. + - >- + The RECONCILING state indicates that some work is actively being + done on the node pool, such as upgrading node software. Details + can be found in the `statusMessage` field. + - The STOPPING state indicates the node pool is being deleted. + - >- + The ERROR state indicates the node pool may be unusable. Details + can be found in the `statusMessage` field. type: string - value: - description: Value for taint. + enum: + - STATUS_UNSPECIFIED + - PROVISIONING + - RUNNING + - RUNNING_WITH_ERROR + - RECONCILING + - STOPPING + - ERROR + readOnly: true + networkConfig: + $ref: '#/components/schemas/NodeNetworkConfig' + description: >- + Networking configuration for this NodePool. If specified, it + overrides the cluster-level defaults. + maxPodsConstraint: + $ref: '#/components/schemas/MaxPodsConstraint' + description: >- + The constraint on the maximum number of pods that can be run + simultaneously on a node in the node pool. + instanceGroupUrls: + readOnly: true + description: >- + Output only. The resource URLs of the [managed instance + groups](https://cloud.google.com/compute/docs/instance-groups/creating-groups-of-managed-instances) + associated with this node pool. During the node pool blue-green + upgrade operation, the URLs contain both blue and green resources. + type: array + items: + type: string + updateInfo: + description: >- + Output only. Update info contains relevant information during a node + pool update. + readOnly: true + $ref: '#/components/schemas/UpdateInfo' + upgradeSettings: + $ref: '#/components/schemas/UpgradeSettings' + description: Upgrade settings control disruption and speed of the upgrade. + podIpv4CidrSize: + description: Output only. The pod CIDR block size per node in this node pool. + format: int32 + type: integer + readOnly: true + initialNodeCount: + description: >- + The initial node count for the pool. You must ensure that your + Compute Engine [resource + quota](https://cloud.google.com/compute/quotas) is sufficient for + this number of instances. You must also have available firewall and + routes quota. + type: integer + format: int32 + name: type: string - effect: - description: Effect for taint. + description: The name of the node pool. + conditions: + items: + $ref: '#/components/schemas/StatusCondition' + description: Which conditions caused the current node pool state. + type: array + autopilotConfig: + $ref: '#/components/schemas/AutopilotConfig' + description: >- + Specifies the autopilot configuration for this node pool. This field + is exclusively reserved for Cluster Autoscaler. + autoscaling: + $ref: '#/components/schemas/NodePoolAutoscaling' + description: >- + Autoscaler configuration for this NodePool. Autoscaler is enabled + only if a valid configuration is present. + locations: + type: array + items: + type: string + description: >- + The list of Google Compute Engine + [zones](https://cloud.google.com/compute/docs/zones#available) in + which the NodePool's nodes should be located. If this value is + unspecified during node pool creation, the + [Cluster.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters#Cluster.FIELDS.locations) + value will be used, instead. Warning: changing node pool locations + will result in nodes being added and/or removed. + etag: type: string - enumDescriptions: - - Not set - - NoSchedule - - PreferNoSchedule - - NoExecute - enum: - - EFFECT_UNSPECIFIED - - NO_SCHEDULE - - PREFER_NO_SCHEDULE - - NO_EXECUTE - SandboxConfig: - id: SandboxConfig + description: >- + This checksum is computed by the server based on the value of node + pool fields, and may be sent on update requests to ensure the client + has an up-to-date value before proceeding. + nodeDrainConfig: + description: Specifies the node drain configuration for this node pool. + $ref: '#/components/schemas/NodeDrainConfig' + statusMessage: + deprecated: true + description: >- + Output only. Deprecated. Use conditions instead. Additional + information about the current status of this node pool instance, if + available. + type: string + readOnly: true + bestEffortProvisioning: + $ref: '#/components/schemas/BestEffortProvisioning' + description: Enable best effort provisioning for nodes + config: + description: The node configuration of the pool. + $ref: '#/components/schemas/NodeConfig' + queuedProvisioning: + description: Specifies the configuration of queued provisioning. + $ref: '#/components/schemas/QueuedProvisioning' + version: + description: >- + The version of Kubernetes running on this NodePool's nodes. If + unspecified, it defaults as described + [here](https://cloud.google.com/kubernetes-engine/versioning#specifying_node_version). + type: string + id: NodePool description: >- - SandboxConfig contains configurations of the sandbox to use for the - node. - type: object + NodePool contains the name and configuration for a cluster's node pool. + Node pools are a set of nodes (i.e. VM's), with a common configuration + and specification, under the control of the cluster master. They may + have a set of Kubernetes labels applied to them, which may be used to + reference them during pod scheduling. They may also be resized up or + down, to accommodate the workload. + UpgradeEvent: + id: UpgradeEvent properties: - type: - description: Type of the sandbox to use for the node. + targetVersion: + description: The target version for the upgrade. + type: string + operationStartTime: + description: The time when the operation was started. type: string + format: google-datetime + resourceType: + description: The resource type that is upgrading. enumDescriptions: - - Default value. This should not be used. - - Run sandbox using gvisor. + - Default value. This shouldn't be used. + - Master / control plane + - Node pool + type: string enum: - - UNSPECIFIED - - GVISOR - ReservationAffinity: - id: ReservationAffinity + - UPGRADE_RESOURCE_TYPE_UNSPECIFIED + - MASTER + - NODE_POOL + resource: + type: string + description: >- + Optional relative path to the resource. For example in node pool + upgrades, the relative path of the node pool. + currentVersion: + description: The current version before the upgrade. + type: string + operation: + type: string + description: The operation associated with this upgrade. + type: object description: >- - [ReservationAffinity](https://{$universe.dns_names.final_documentation_domain}/compute/docs/instances/reserving-zonal-resources) - is the configuration of desired reservation which instances could take - capacity from. + UpgradeEvent is a notification sent to customers by the cluster server + when a resource is upgrading. + SetNodePoolAutoscalingRequest: type: object properties: - consumeReservationType: - description: Corresponds to the type of reservation consumption. + autoscaling: + $ref: '#/components/schemas/NodePoolAutoscaling' + description: Required. Autoscaling configuration for the node pool. + clusterId: type: string - enumDescriptions: - - Default value. This should not be used. - - Do not consume from any reserved capacity. - - Consume any reservation available. - - >- - Must consume from a specific reservation. Must specify key value - fields for specifying the reservations. - enum: - - UNSPECIFIED - - NO_RESERVATION - - ANY_RESERVATION - - SPECIFIC_RESERVATION - key: + deprecated: true description: >- - Corresponds to the label key of a reservation resource. To target a - SPECIFIC_RESERVATION by name, specify - "compute.googleapis.com/reservation-name" as the key and specify the - name of your reservation as its value. + Deprecated. The name of the cluster to upgrade. This field has been + deprecated and replaced by the name field. + name: type: string - values: - description: Corresponds to the label value(s) of reservation resource(s). - type: array - items: - type: string - ShieldedInstanceConfig: - id: ShieldedInstanceConfig - description: A set of Shielded Instance options. - type: object - properties: - enableSecureBoot: description: >- - Defines whether the instance has Secure Boot enabled. Secure Boot - helps ensure that the system only runs authentic software by - verifying the digital signature of all boot components, and halting - the boot process if signature verification fails. - type: boolean - enableIntegrityMonitoring: + The name (project, location, cluster, node pool) of the node pool to + set autoscaler settings. Specified in the format + `projects/*/locations/*/clusters/*/nodePools/*`. + zone: description: >- - Defines whether the instance has integrity monitoring enabled. - Enables monitoring and attestation of the boot integrity of the - instance. The attestation is performed against the integrity policy - baseline. This baseline is initially derived from the implicitly - trusted boot image when the instance is created. - type: boolean - LinuxNodeConfig: - id: LinuxNodeConfig - description: Parameters that can be configured on Linux nodes. - type: object - properties: - sysctls: + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and + replaced by the name field. + type: string + deprecated: true + nodePoolId: + type: string + deprecated: true description: >- - The Linux kernel parameters to be applied to the nodes and all pods - running on the nodes. The following parameters are supported. - net.core.busy_poll net.core.busy_read net.core.netdev_max_backlog - net.core.rmem_max net.core.rmem_default net.core.wmem_default - net.core.wmem_max net.core.optmem_max net.core.somaxconn - net.ipv4.tcp_rmem net.ipv4.tcp_wmem net.ipv4.tcp_tw_reuse - net.ipv4.tcp_max_orphans net.netfilter.nf_conntrack_max - net.netfilter.nf_conntrack_buckets - net.netfilter.nf_conntrack_tcp_timeout_close_wait - net.netfilter.nf_conntrack_tcp_timeout_time_wait - net.netfilter.nf_conntrack_tcp_timeout_established - net.netfilter.nf_conntrack_acct kernel.shmmni kernel.shmmax - kernel.shmall fs.aio-max-nr fs.file-max - fs.inotify.max_user_instances fs.inotify.max_user_watches fs.nr_open - vm.dirty_background_ratio vm.dirty_expire_centisecs vm.dirty_ratio - vm.dirty_writeback_centisecs vm.max_map_count vm.overcommit_memory - vm.overcommit_ratio vm.vfs_cache_pressure vm.swappiness - vm.watermark_scale_factor vm.min_free_kbytes - type: object - additionalProperties: - type: string - cgroupMode: - description: cgroup_mode specifies the cgroup mode to be used on the node. + Deprecated. The name of the node pool to upgrade. This field has + been deprecated and replaced by the name field. + projectId: type: string - enumDescriptions: - - >- - CGROUP_MODE_UNSPECIFIED is when unspecified cgroup configuration - is used. The default for the GKE node OS image will be used. - - >- - CGROUP_MODE_V1 specifies to use cgroupv1 for the cgroup - configuration on the node image. - - >- - CGROUP_MODE_V2 specifies to use cgroupv2 for the cgroup - configuration on the node image. - enum: - - CGROUP_MODE_UNSPECIFIED - - CGROUP_MODE_V1 - - CGROUP_MODE_V2 - hugepages: - description: Optional. Amounts for 2M and 1G hugepages - $ref: '#/components/schemas/HugepagesConfig' - transparentHugepageEnabled: description: >- - Optional. Transparent hugepage support for anonymous memory can be - entirely disabled (mostly for debugging purposes) or only enabled - inside MADV_HUGEPAGE regions (to avoid the risk of consuming more - memory resources) or enabled system wide. See - https://docs.kernel.org/admin-guide/mm/transhuge.html for more - details. + Deprecated. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + This field has been deprecated and replaced by the name field. + deprecated: true + description: >- + SetNodePoolAutoscalingRequest sets the autoscaler settings of a node + pool. + id: SetNodePoolAutoscalingRequest + DefaultComputeClassConfig: + id: DefaultComputeClassConfig + description: DefaultComputeClassConfig defines default compute class configuration. + properties: + enabled: + description: Enables default compute class. + type: boolean + type: object + ConfigConnectorConfig: + type: object + id: ConfigConnectorConfig + properties: + enabled: + type: boolean + description: Whether Cloud Connector is enabled for this cluster. + description: Configuration options for the Config Connector add-on. + OperationError: + id: OperationError + description: >- + OperationError records errors seen from CloudKMS keys encountered during + updates to DatabaseEncryption configuration. + properties: + keyName: + description: CloudKMS key resource that had the error. type: string - enumDescriptions: - - Default value. GKE will not modify the kernel configuration. - - >- - Transparent hugepage support for anonymous memory is enabled - system wide. - - >- - Transparent hugepage support for anonymous memory is enabled - inside MADV_HUGEPAGE regions. This is the default kernel - configuration. - - Transparent hugepage support for anonymous memory is disabled. + errorMessage: + description: Description of the error seen during the operation. + type: string + timestamp: + type: string + description: Time when the CloudKMS error was seen. + format: google-datetime + type: object + NodeTaint: + id: NodeTaint + properties: + key: + description: Key for taint. + type: string + effect: enum: - - TRANSPARENT_HUGEPAGE_ENABLED_UNSPECIFIED - - TRANSPARENT_HUGEPAGE_ENABLED_ALWAYS - - TRANSPARENT_HUGEPAGE_ENABLED_MADVISE - - TRANSPARENT_HUGEPAGE_ENABLED_NEVER - transparentHugepageDefrag: + - EFFECT_UNSPECIFIED + - NO_SCHEDULE + - PREFER_NO_SCHEDULE + - NO_EXECUTE + enumDescriptions: + - Not set + - NoSchedule + - PreferNoSchedule + - NoExecute + description: Effect for taint. + type: string + value: + type: string + description: Value for taint. + description: >- + Kubernetes taint is composed of three fields: key, value, and effect. + Effect can only be one of three types: NoSchedule, PreferNoSchedule or + NoExecute. See + [here](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration) + for more information, including usage and the valid values. + type: object + PodCIDROverprovisionConfig: + description: '[PRIVATE FIELD] Config for pod CIDR size overprovisioning.' + properties: + disable: description: >- - Optional. Defines the transparent hugepage defrag configuration on - the node. VM hugepage allocation can be managed by either limiting - defragmentation for delayed allocation or skipping it entirely for - immediate allocation only. See - https://docs.kernel.org/admin-guide/mm/transhuge.html for more - details. + Whether Pod CIDR overprovisioning is disabled. Note: Pod CIDR + overprovisioning is enabled by default. + type: boolean + id: PodCIDROverprovisionConfig + type: object + AdditionalNodeNetworkConfig: + id: AdditionalNodeNetworkConfig + type: object + properties: + subnetwork: type: string - enumDescriptions: - - Default value. GKE will not modify the kernel configuration. - - >- - It means that an application requesting THP will stall on - allocation failure and directly reclaim pages and compact memory - in an effort to allocate a THP immediately. - - >- - It means that an application will wake kswapd in the background to - reclaim pages and wake kcompactd to compact memory so that THP is - available in the near future. It’s the responsibility of - khugepaged to then install the THP pages later. - - >- - It means that an application will enter direct reclaim and - compaction like always, but only for regions that have used - madvise(MADV_HUGEPAGE); all other regions will wake kswapd in the - background to reclaim pages and wake kcompactd to compact memory - so that THP is available in the near future. - - >- - It means that an application will enter direct reclaim like always - but only for regions that are have used madvise(MADV_HUGEPAGE). - This is the default kernel configuration. - - >- - It means that an application will never enter direct reclaim or - compaction. - enum: - - TRANSPARENT_HUGEPAGE_DEFRAG_UNSPECIFIED - - TRANSPARENT_HUGEPAGE_DEFRAG_ALWAYS - - TRANSPARENT_HUGEPAGE_DEFRAG_DEFER - - TRANSPARENT_HUGEPAGE_DEFRAG_DEFER_WITH_MADVISE - - TRANSPARENT_HUGEPAGE_DEFRAG_MADVISE - - TRANSPARENT_HUGEPAGE_DEFRAG_NEVER - HugepagesConfig: - id: HugepagesConfig - description: Hugepages amount in both 2m and 1g size + description: Name of the subnetwork where the additional interface belongs + network: + description: Name of the VPC where the additional interface belongs + type: string + description: >- + AdditionalNodeNetworkConfig is the configuration for additional node + networks within the NodeNetworkConfig message + ClientCertificateConfig: + description: Configuration for client certificates on the cluster. type: object properties: - hugepageSize2m: - description: Optional. Amount of 2M hugepages - type: integer - format: int32 - hugepageSize1g: - description: Optional. Amount of 1G hugepages - type: integer - format: int32 - NodeKubeletConfig: - id: NodeKubeletConfig - description: Node kubelet configs. + issueClientCertificate: + description: Issue a client certificate. + type: boolean + id: ClientCertificateConfig + KubernetesDashboard: type: object properties: - cpuManagerPolicy: + disabled: + type: boolean + description: Whether the Kubernetes Dashboard is enabled for this cluster. + id: KubernetesDashboard + description: Configuration for the Kubernetes Dashboard. + CertificateConfigPair: + id: CertificateConfigPair + type: object + description: >- + CertificateConfigPair configures pairs of certificates, which is used + for client certificate and key pairs under a registry. + properties: + cert: + description: Cert configures the client certificate. + $ref: '#/components/schemas/CertificateConfig' + key: + $ref: '#/components/schemas/CertificateConfig' + description: Key configures the client private key. Optional. + HostConfig: + type: object + description: HostConfig configures the registry host under a given Server. + id: HostConfig + properties: + capabilities: description: >- - Control the CPU management policy on the node. See - https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/ - The following values are allowed. * "none": the default, which - represents the existing scheduling behavior. * "static": allows pods - with certain resource characteristics to be granted increased CPU - affinity and exclusivity on the node. The default value is 'none' if - unspecified. - type: string - topologyManager: + Capabilities represent the capabilities of the registry host, + specifying what operations a host is capable of performing. If not + set, containerd enables all capabilities by default. + items: + enum: + - HOST_CAPABILITY_UNSPECIFIED + - HOST_CAPABILITY_PULL + - HOST_CAPABILITY_RESOLVE + - HOST_CAPABILITY_PUSH + type: string + enumDescriptions: + - UNKNOWN should never be set. + - >- + Pull represents the capability to fetch manifests and blobs by + digest. + - Resolve represents the capability to fetch manifests by name. + - Push represents the capability to push blobs and manifests. + type: array + header: + items: + $ref: '#/components/schemas/RegistryHeader' + description: Header configures the registry host headers. + type: array + ca: + description: CA configures the registry host certificate. + items: + $ref: '#/components/schemas/CertificateConfig' + type: array + client: + items: + $ref: '#/components/schemas/CertificateConfigPair' + description: Client configures the registry host client certificate and key. + type: array + dialTimeout: description: >- - Optional. Controls Topology Manager configuration on the node. For - more information, see: - https://kubernetes.io/docs/tasks/administer-cluster/topology-manager/ - $ref: '#/components/schemas/TopologyManager' - memoryManager: + Specifies the maximum duration allowed for a connection attempt to + complete. A shorter timeout helps reduce delays when falling back to + the original registry if the mirror is unreachable. Maximum allowed + value is 180s. If not set, containerd sets default 30s. The value + should be a decimal number of seconds with an `s` suffix. + type: string + format: google-duration + host: + type: string description: >- - Optional. Controls NUMA-aware Memory Manager configuration on the - node. For more information, see: - https://kubernetes.io/docs/tasks/administer-cluster/memory-manager/ - $ref: '#/components/schemas/MemoryManager' - cpuCfsQuota: + Host configures the registry host/mirror. It supports fully + qualified domain names (FQDN) and IP addresses: Specifying port is + supported. Wildcards are NOT supported. Examples: - + my.customdomain.com - 10.0.1.2:5000 + overridePath: description: >- - Enable CPU CFS quota enforcement for containers that specify CPU - limits. This option is enabled by default which makes kubelet use - CFS quota - (https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt) - to enforce container CPU limits. Otherwise, CPU limits will not be - enforced at all. Disable this option to mitigate CPU throttling - problems while still having your pods to be in Guaranteed QoS class - by specifying the CPU limits. The default value is 'true' if - unspecified. + OverridePath is used to indicate the host's API root endpoint is + defined in the URL path rather than by the API specification. This + may be used with non-compliant OCI registries which are missing the + /v2 prefix. If not set, containerd sets default false. type: boolean - cpuCfsQuotaPeriod: - description: >- - Set the CPU CFS quota period value 'cpu.cfs_period_us'. The string - must be a sequence of decimal numbers, each with optional fraction - and a unit suffix, such as "300ms". Valid time units are "ns", "us" - (or "µs"), "ms", "s", "m", "h". The value must be a positive - duration. - type: string - podPidsLimit: - description: >- - Set the Pod PID limits. See - https://kubernetes.io/docs/concepts/policy/pid-limiting/#pod-pid-limits - Controls the maximum number of processes allowed to run in a pod. - The value must be greater than or equal to 1024 and less than - 4194304. + CheckAutopilotCompatibilityResponse: + properties: + issues: + type: array + description: The list of issues for the given operation. + items: + $ref: '#/components/schemas/AutopilotCompatibilityIssue' + summary: type: string - format: int64 - insecureKubeletReadonlyPortEnabled: - description: Enable or disable Kubelet read only port. + description: The summary of the autopilot compatibility response. + description: CheckAutopilotCompatibilityResponse has a list of compatibility issues. + id: CheckAutopilotCompatibilityResponse + type: object + RBACBindingConfig: + id: RBACBindingConfig + description: >- + RBACBindingConfig allows user to restrict ClusterRoleBindings an + RoleBindings that can be created. + type: object + properties: + enableInsecureBindingSystemAuthenticated: type: boolean - imageGcLowThresholdPercent: description: >- - Optional. Defines the percent of disk usage before which image - garbage collection is never run. Lowest disk usage to garbage - collect to. The percent is calculated as this field value out of - 100. The value must be between 10 and 85, inclusive and smaller than - image_gc_high_threshold_percent. The default value is 80 if - unspecified. - type: integer - format: int32 - imageGcHighThresholdPercent: + Setting this to true will allow any ClusterRoleBinding and + RoleBinding with subjects system:authenticated. + enableInsecureBindingSystemUnauthenticated: description: >- - Optional. Defines the percent of disk usage after which image - garbage collection is always run. The percent is calculated as this - field value out of 100. The value must be between 10 and 85, - inclusive and greater than image_gc_low_threshold_percent. The - default value is 85 if unspecified. - type: integer - format: int32 - imageMinimumGcAge: + Setting this to true will allow any ClusterRoleBinding and + RoleBinding with subjets system:anonymous or system:unauthenticated. + type: boolean + NodeNetworkConfig: + id: NodeNetworkConfig + description: Parameters for node pool-level network config. + type: object + properties: + enablePrivateNodes: description: >- - Optional. Defines the minimum age for an unused image before it is - garbage collected. The string must be a sequence of decimal numbers, - each with optional fraction and a unit suffix, such as "300s", - "1.5h", and "2h45m". Valid time units are "ns", "us" (or "µs"), - "ms", "s", "m", "h". The value must be a positive duration less than - or equal to 2 minutes. The default value is "2m0s" if unspecified. - type: string - imageMaximumGcAge: + Whether nodes have internal IP addresses only. If + enable_private_nodes is not specified, then the value is derived + from Cluster.NetworkConfig.default_enable_private_nodes + type: boolean + networkTierConfig: description: >- - Optional. Defines the maximum age an image can be unused before it - is garbage collected. The string must be a sequence of decimal - numbers, each with optional fraction and a unit suffix, such as - "300s", "1.5h", and "2h45m". Valid time units are "ns", "us" (or - "µs"), "ms", "s", "m", "h". The value must be a positive duration - greater than image_minimum_gc_age or "0s". The default value is "0s" - if unspecified, which disables this field, meaning images won't be - garbage collected based on being unused for too long. - type: string - containerLogMaxSize: + Output only. The network tier configuration for the node pool + inherits from the cluster-level configuration and remains immutable + throughout the node pool's lifecycle, including during upgrades. + $ref: '#/components/schemas/NetworkTierConfig' + readOnly: true + podIpv4RangeUtilization: + type: number description: >- - Optional. Defines the maximum size of the container log file before - it is rotated. See - https://kubernetes.io/docs/concepts/cluster-administration/logging/#log-rotation - Valid format is positive number + unit, e.g. 100Ki, 10Mi. Valid - units are Ki, Mi, Gi. The value must be between 10Mi and 500Mi, - inclusive. Note that the total container log size - (container_log_max_size * container_log_max_files) cannot exceed 1% - of the total storage of the node, to avoid disk pressure caused by - log files. The default value is 10Mi if unspecified. + Output only. The utilization of the IPv4 range for the pod. The + ratio is Usage/[Total number of IPs in the secondary range], + Usage=numNodes*numZones*podIPsPerNode. + readOnly: true + format: double + networkPerformanceConfig: + $ref: '#/components/schemas/NetworkPerformanceConfig' + description: Network bandwidth tier configuration. + subnetwork: type: string - containerLogMaxFiles: description: >- - Optional. Defines the maximum number of container log files that can - be present for a container. See - https://kubernetes.io/docs/concepts/cluster-administration/logging/#log-rotation - The value must be an integer between 2 and 10, inclusive. The - default value is 5 if unspecified. - type: integer - format: int32 - allowedUnsafeSysctls: + The subnetwork path for the node pool. Format: + projects/{project}/regions/{region}/subnetworks/{subnetwork} If the + cluster is associated with multiple subnetworks, the subnetwork for + the node pool is picked based on the IP utilization during node pool + creation and is immutable. + podIpv4CidrBlock: + type: string description: >- - Optional. Defines a comma-separated allowlist of unsafe sysctls or - sysctl patterns (ending in `*`). The unsafe namespaced sysctl groups - are `kernel.shm*`, `kernel.msg*`, `kernel.sem`, `fs.mqueue.*`, and - `net.*`. Leaving this allowlist empty means they cannot be set on - Pods. To allow certain sysctls or sysctl patterns to be set on Pods, - list them separated by commas. For example: - `kernel.msg*,net.ipv4.route.min_pmtu`. See - https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ - for more details. + The IP address range for pod IPs in this node pool. Only applicable + if `create_pod_range` is true. Set to blank to have a range chosen + with the default size. Set to /netmask (e.g. `/14`) to have a range + chosen with a specific netmask. Set to a + [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) + notation (e.g. `10.96.0.0/14`) to pick a specific range to use. Only + applicable if `ip_allocation_policy.use_ip_aliases` is true. This + field cannot be changed after the node pool has been created. + additionalNodeNetworkConfigs: type: array - items: - type: string - evictionSoft: - description: >- - Optional. eviction_soft is a map of signal names to quantities that - defines soft eviction thresholds. Each signal is compared to its - corresponding threshold to determine if a pod eviction should occur. - $ref: '#/components/schemas/EvictionSignals' - evictionSoftGracePeriod: description: >- - Optional. eviction_soft_grace_period is a map of signal names to - quantities that defines grace periods for each soft eviction signal. - The grace period is the amount of time that a pod must be under - pressure before an eviction occurs. - $ref: '#/components/schemas/EvictionGracePeriod' - evictionMinimumReclaim: + We specify the additional node networks for this node pool using + this list. Each node network corresponds to an additional interface + items: + $ref: '#/components/schemas/AdditionalNodeNetworkConfig' + podCidrOverprovisionConfig: + $ref: '#/components/schemas/PodCIDROverprovisionConfig' description: >- - Optional. eviction_minimum_reclaim is a map of signal names to - quantities that defines minimum reclaims, which describe the minimum - amount of a given resource the kubelet will reclaim when performing - a pod eviction while that resource is under pressure. - $ref: '#/components/schemas/EvictionMinimumReclaim' - evictionMaxPodGracePeriodSeconds: + [PRIVATE FIELD] Pod CIDR size overprovisioning config for the + nodepool. Pod CIDR size per node depends on max_pods_per_node. By + default, the value of max_pods_per_node is rounded off to next power + of 2 and we then double that to get the size of pod CIDR block per + node. Example: max_pods_per_node of 30 would result in 64 IPs (/26). + This config can disable the doubling of IPs (we still round off to + next power of 2) Example: max_pods_per_node of 30 will result in 32 + IPs (/27) when overprovisioning is disabled. + podRange: description: >- - Optional. eviction_max_pod_grace_period_seconds is the maximum - allowed grace period (in seconds) to use when terminating pods in - response to a soft eviction threshold being met. This value - effectively caps the Pod's terminationGracePeriodSeconds value - during soft evictions. Default: 0. Range: [0, 300]. - type: integer - format: int32 - maxParallelImagePulls: + The ID of the secondary range for pod IPs. If `create_pod_range` is + true, this ID is used for the new range. If `create_pod_range` is + false, uses an existing secondary range with this ID. Only + applicable if `ip_allocation_policy.use_ip_aliases` is true. This + field cannot be changed after the node pool has been created. + type: string + additionalPodNetworkConfigs: + type: array + items: + $ref: '#/components/schemas/AdditionalPodNetworkConfig' description: >- - Optional. Defines the maximum number of image pulls in parallel. The - range is 2 to 5, inclusive. The default value is 2 or 3 depending on - the disk type. See - https://kubernetes.io/docs/concepts/containers/images/#maximum-parallel-image-pulls - for more details. - type: integer - format: int32 - singleProcessOomKill: + We specify the additional pod networks for this node pool using this + list. Each pod network corresponds to an additional alias IP range + for the node + createPodRange: description: >- - Optional. Defines whether to enable single process OOM killer. If - true, will prevent the memory.oom.group flag from being set for - container cgroups in cgroups v2. This causes processes in the - container to be OOM killed individually instead of as a group. + Input only. Whether to create a new range for pod IPs in this node + pool. Defaults are provided for `pod_range` and + `pod_ipv4_cidr_block` if they are not specified. If neither + `create_pod_range` or `pod_range` are specified, the cluster-level + default (`ip_allocation_policy.cluster_ipv4_cidr_block`) is used. + Only applicable if `ip_allocation_policy.use_ip_aliases` is true. + This field cannot be changed after the node pool has been created. type: boolean - TopologyManager: - id: TopologyManager - description: >- - TopologyManager defines the configuration options for Topology Manager - feature. See - https://kubernetes.io/docs/tasks/administer-cluster/topology-manager/ - type: object + UsableSubnetworkSecondaryRange: properties: - policy: - description: >- - Configures the strategy for resource alignment. Allowed values are: - * none: the default policy, and does not perform any topology - alignment. * restricted: the topology manager stores the preferred - NUMA node affinity for the container, and will reject the pod if the - affinity if not preferred. * best-effort: the topology manager - stores the preferred NUMA node affinity for the container. If the - affinity is not preferred, the topology manager will admit the pod - to the node anyway. * single-numa-node: the topology manager - determines if the single NUMA node affinity is possible. If it is, - Topology Manager will store this and the Hint Providers can then use - this information when making the resource allocation decision. If, - however, this is not possible then the Topology Manager will reject - the pod from the node. This will result in a pod in a Terminated - state with a pod admission failure. The default policy value is - 'none' if unspecified. Details about each strategy can be found - [here](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager/#topology-manager-policies). + status: type: string - scope: + enum: + - UNKNOWN + - UNUSED + - IN_USE_SERVICE + - IN_USE_SHAREABLE_POD + - IN_USE_MANAGED_POD + enumDescriptions: + - >- + UNKNOWN is the zero value of the Status enum. It's not a valid + status. + - UNUSED denotes that this range is unclaimed by any cluster. + - >- + IN_USE_SERVICE denotes that this range is claimed by cluster(s) + for services. User-managed services range can be shared between + clusters within the same subnetwork. + - >- + IN_USE_SHAREABLE_POD denotes this range was created by the network + admin and is currently claimed by a cluster for pods. It can only + be used by other clusters as a pod range. + - >- + IN_USE_MANAGED_POD denotes this range was created by GKE and is + claimed for pods. It cannot be used for other clusters. description: >- - The Topology Manager aligns resources in following scopes: * - container * pod The default scope is 'container' if unspecified. See - https://kubernetes.io/docs/tasks/administer-cluster/topology-manager/#topology-manager-scopes + This field is to determine the status of the secondary range + programmably. + ipCidrRange: + description: >- + The range of IP addresses belonging to this subnetwork secondary + range. type: string - MemoryManager: - id: MemoryManager - description: >- - The option enables the Kubernetes NUMA-aware Memory Manager feature. - Detailed description about the feature can be found - [here](https://kubernetes.io/docs/tasks/administer-cluster/memory-manager/). - type: object - properties: - policy: + rangeName: description: >- - Controls the memory management policy on the Node. See - https://kubernetes.io/docs/tasks/administer-cluster/memory-manager/#policies - The following values are allowed. * "none" * "static" The default - value is 'none' if unspecified. + The name associated with this subnetwork secondary range, used when + adding an alias IP range to a VM instance. type: string - EvictionSignals: - id: EvictionSignals - description: >- - Eviction signals are the current state of a particular resource at a - specific point in time. The kubelet uses eviction signals to make - eviction decisions by comparing the signals to eviction thresholds, - which are the minimum amount of the resource that should be available on - the node. + id: UsableSubnetworkSecondaryRange + description: Secondary IP range of a usable subnetwork. + type: object + RangeInfo: + id: RangeInfo type: object properties: - memoryAvailable: - description: >- - Optional. Memory available (i.e. capacity - workingSet), in bytes. - Defines the amount of "memory.available" signal in kubelet. Default - is unset, if not specified in the kubelet config. Format: positive - number + unit, e.g. 100Ki, 10Mi, 5Gi. Valid units are Ki, Mi, Gi. - Must be >= 100Mi and <= 50% of the node's memory. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals - type: string - nodefsAvailable: - description: >- - Optional. Amount of storage available on filesystem that kubelet - uses for volumes, daemon logs, etc. Defines the amount of - "nodefs.available" signal in kubelet. Default is unset, if not - specified in the kubelet config. It takses percentage value for now. - Sample format: "30%". Must be >= 10% and <= 50%. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals - type: string - nodefsInodesFree: - description: >- - Optional. Amount of inodes available on filesystem that kubelet uses - for volumes, daemon logs, etc. Defines the amount of - "nodefs.inodesFree" signal in kubelet. Default is unset, if not - specified in the kubelet config. Linux only. It takses percentage - value for now. Sample format: "30%". Must be >= 5% and <= 50%. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals - type: string - imagefsAvailable: - description: >- - Optional. Amount of storage available on filesystem that container - runtime uses for storing images layers. If the container filesystem - and image filesystem are not separate, then imagefs can store both - image layers and writeable layers. Defines the amount of - "imagefs.available" signal in kubelet. Default is unset, if not - specified in the kubelet config. It takses percentage value for now. - Sample format: "30%". Must be >= 15% and <= 50%. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + rangeName: type: string - imagefsInodesFree: - description: >- - Optional. Amount of inodes available on filesystem that container - runtime uses for storing images layers. Defines the amount of - "imagefs.inodesFree" signal in kubelet. Default is unset, if not - specified in the kubelet config. Linux only. It takses percentage - value for now. Sample format: "30%". Must be >= 5% and <= 50%. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + description: Output only. Name of a range. + readOnly: true + utilization: + readOnly: true + description: Output only. The utilization of the range. + format: double + type: number + description: >- + RangeInfo contains the range name and the range utilization by this + cluster. + ConfidentialNodes: + description: >- + ConfidentialNodes is configuration for the confidential nodes feature, + which makes nodes run on confidential VMs. + properties: + confidentialInstanceType: type: string - pidAvailable: + enumDescriptions: + - No type specified. Do not use this value. + - AMD Secure Encrypted Virtualization. + - AMD Secure Encrypted Virtualization - Secure Nested Paging. + - Intel Trust Domain eXtension. + enum: + - CONFIDENTIAL_INSTANCE_TYPE_UNSPECIFIED + - SEV + - SEV_SNP + - TDX + description: Defines the type of technology used by the confidential node. + enabled: + type: boolean + description: Whether Confidential Nodes feature is enabled. + id: ConfidentialNodes + type: object + ResourceManagerTags: + description: >- + A map of resource manager tag keys and values to be attached to the + nodes for managing Compute Engine firewalls using Network Firewall + Policies. Tags must be according to specifications in + https://cloud.google.com/vpc/docs/tags-firewalls-overview#specifications. + A maximum of 5 tag key-value pairs can be specified. Existing tags will + be replaced with new values. + id: ResourceManagerTags + type: object + properties: + tags: + type: object + additionalProperties: + type: string description: >- - Optional. Amount of PID available for pod allocation. Defines the - amount of "pid.available" signal in kubelet. Default is unset, if - not specified in the kubelet config. It takses percentage value for - now. Sample format: "30%". Must be >= 10% and <= 50%. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals - type: string - EvictionGracePeriod: - id: EvictionGracePeriod - description: Eviction grace periods are grace periods for each eviction signal. + TagKeyValue must be in one of the following formats ([KEY]=[VALUE]) + 1. `tagKeys/{tag_key_id}=tagValues/{tag_value_id}` 2. + `{org_id}/{tag_key_name}={tag_value_name}` 3. + `{project_id}/{tag_key_name}={tag_value_name}` + NodeKubeletConfig: type: object + description: Node kubelet configs. + id: NodeKubeletConfig properties: - memoryAvailable: + topologyManager: + $ref: '#/components/schemas/TopologyManager' description: >- - Optional. Grace period for eviction due to memory available signal. - Sample format: "10s". Must be >= 0. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals - type: string - nodefsAvailable: + Optional. Controls Topology Manager configuration on the node. For + more information, see: + https://kubernetes.io/docs/tasks/administer-cluster/topology-manager/ + cpuManagerPolicy: description: >- - Optional. Grace period for eviction due to nodefs available signal. - Sample format: "10s". Must be >= 0. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + Control the CPU management policy on the node. See + https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/ + The following values are allowed. * "none": the default, which + represents the existing scheduling behavior. * "static": allows pods + with certain resource characteristics to be granted increased CPU + affinity and exclusivity on the node. The default value is 'none' if + unspecified. type: string - nodefsInodesFree: + imageMaximumGcAge: description: >- - Optional. Grace period for eviction due to nodefs inodes free - signal. Sample format: "10s". Must be >= 0. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + Optional. Defines the maximum age an image can be unused before it + is garbage collected. The string must be a sequence of decimal + numbers, each with optional fraction and a unit suffix, such as + "300s", "1.5h", and "2h45m". Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". The value must be a positive duration + greater than image_minimum_gc_age or "0s". The default value is "0s" + if unspecified, which disables this field, meaning images won't be + garbage collected based on being unused for too long. type: string - imagefsAvailable: + allowedUnsafeSysctls: + items: + type: string + type: array description: >- - Optional. Grace period for eviction due to imagefs available signal. - Sample format: "10s". Must be >= 0. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals - type: string - imagefsInodesFree: + Optional. Defines a comma-separated allowlist of unsafe sysctls or + sysctl patterns (ending in `*`). The unsafe namespaced sysctl groups + are `kernel.shm*`, `kernel.msg*`, `kernel.sem`, `fs.mqueue.*`, and + `net.*`. Leaving this allowlist empty means they cannot be set on + Pods. To allow certain sysctls or sysctl patterns to be set on Pods, + list them separated by commas. For example: + `kernel.msg*,net.ipv4.route.min_pmtu`. See + https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ + for more details. + cpuCfsQuotaPeriod: description: >- - Optional. Grace period for eviction due to imagefs inodes free - signal. Sample format: "10s". Must be >= 0. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + Set the CPU CFS quota period value 'cpu.cfs_period_us'. The string + must be a sequence of decimal numbers, each with optional fraction + and a unit suffix, such as "300ms". Valid time units are "ns", "us" + (or "µs"), "ms", "s", "m", "h". The value must be a positive + duration between 1ms and 1 second, inclusive. type: string - pidAvailable: + maxParallelImagePulls: description: >- - Optional. Grace period for eviction due to pid available signal. - Sample format: "10s". Must be >= 0. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals - type: string - EvictionMinimumReclaim: - id: EvictionMinimumReclaim - description: >- - Eviction minimum reclaims are the resource amounts of minimum reclaims - for each eviction signal. - type: object - properties: - memoryAvailable: + Optional. Defines the maximum number of image pulls in parallel. The + range is 2 to 5, inclusive. The default value is 2 or 3 depending on + the disk type. See + https://kubernetes.io/docs/concepts/containers/images/#maximum-parallel-image-pulls + for more details. + format: int32 + type: integer + containerLogMaxFiles: + format: int32 description: >- - Optional. Minimum reclaim for eviction due to memory available - signal. Only take percentage value for now. Sample format: "10%". - Must be <=10%. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals - type: string - nodefsAvailable: + Optional. Defines the maximum number of container log files that can + be present for a container. See + https://kubernetes.io/docs/concepts/cluster-administration/logging/#log-rotation + The value must be an integer between 2 and 10, inclusive. The + default value is 5 if unspecified. + type: integer + imageGcLowThresholdPercent: description: >- - Optional. Minimum reclaim for eviction due to nodefs available - signal. Only take percentage value for now. Sample format: "10%". - Must be <=10%. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals - type: string - nodefsInodesFree: + Optional. Defines the percent of disk usage before which image + garbage collection is never run. Lowest disk usage to garbage + collect to. The percent is calculated as this field value out of + 100. The value must be between 10 and 85, inclusive and smaller than + image_gc_high_threshold_percent. The default value is 80 if + unspecified. + type: integer + format: int32 + imageGcHighThresholdPercent: + format: int32 + type: integer description: >- - Optional. Minimum reclaim for eviction due to nodefs inodes free - signal. Only take percentage value for now. Sample format: "10%". - Must be <=10%. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals - type: string - imagefsAvailable: + Optional. Defines the percent of disk usage after which image + garbage collection is always run. The percent is calculated as this + field value out of 100. The value must be between 10 and 85, + inclusive and greater than image_gc_low_threshold_percent. The + default value is 85 if unspecified. + evictionMaxPodGracePeriodSeconds: + format: int32 description: >- - Optional. Minimum reclaim for eviction due to imagefs available - signal. Only take percentage value for now. Sample format: "10%". - Must be <=10%. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals - type: string - imagefsInodesFree: + Optional. eviction_max_pod_grace_period_seconds is the maximum + allowed grace period (in seconds) to use when terminating pods in + response to a soft eviction threshold being met. This value + effectively caps the Pod's terminationGracePeriodSeconds value + during soft evictions. Default: 0. Range: [0, 300]. + type: integer + evictionMinimumReclaim: + $ref: '#/components/schemas/EvictionMinimumReclaim' description: >- - Optional. Minimum reclaim for eviction due to imagefs inodes free - signal. Only take percentage value for now. Sample format: "10%". - Must be <=10%. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals - type: string - pidAvailable: + Optional. eviction_minimum_reclaim is a map of signal names to + quantities that defines minimum reclaims, which describe the minimum + amount of a given resource the kubelet will reclaim when performing + a pod eviction while that resource is under pressure. + evictionSoftGracePeriod: description: >- - Optional. Minimum reclaim for eviction due to pid available signal. - Only take percentage value for now. Sample format: "10%". Must be - <=10%. See - https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals - type: string - GcfsConfig: - id: GcfsConfig - description: >- - GcfsConfig contains configurations of Google Container File System - (image streaming). - type: object - properties: - enabled: - description: Whether to use GCFS. + Optional. eviction_soft_grace_period is a map of signal names to + quantities that defines grace periods for each soft eviction signal. + The grace period is the amount of time that a pod must be under + pressure before an eviction occurs. + $ref: '#/components/schemas/EvictionGracePeriod' + insecureKubeletReadonlyPortEnabled: type: boolean - AdvancedMachineFeatures: - id: AdvancedMachineFeatures - description: Specifies options for controlling advanced machine features. - type: object - properties: - threadsPerCore: + description: Enable or disable Kubelet read only port. + podPidsLimit: + format: int64 description: >- - The number of threads per physical core. To disable simultaneous - multithreading (SMT) set this to 1. If unset, the maximum number of - threads supported per core by the underlying processor is assumed. + Set the Pod PID limits. See + https://kubernetes.io/docs/concepts/policy/pid-limiting/#pod-pid-limits + Controls the maximum number of processes allowed to run in a pod. + The value must be greater than or equal to 1024 and less than + 4194304. type: string - format: int64 - enableNestedVirtualization: - description: Whether or not to enable nested virtualization (defaults to false). + imageMinimumGcAge: + type: string + description: >- + Optional. Defines the minimum age for an unused image before it is + garbage collected. The string must be a sequence of decimal numbers, + each with optional fraction and a unit suffix, such as "300s", + "1.5h", and "2h45m". Valid time units are "ns", "us" (or "µs"), + "ms", "s", "m", "h". The value must be a positive duration less than + or equal to 2 minutes. The default value is "2m0s" if unspecified. + singleProcessOomKill: type: boolean - performanceMonitoringUnit: description: >- - Type of Performance Monitoring Unit (PMU) requested on node pool - instances. If unset, PMU will not be available to the node. + Optional. Defines whether to enable single process OOM killer. If + true, will prevent the memory.oom.group flag from being set for + container cgroups in cgroups v2. This causes processes in the + container to be OOM killed individually instead of as a group. + evictionSoft: + description: >- + Optional. eviction_soft is a map of signal names to quantities that + defines soft eviction thresholds. Each signal is compared to its + corresponding threshold to determine if a pod eviction should occur. + $ref: '#/components/schemas/EvictionSignals' + memoryManager: + description: >- + Optional. Controls NUMA-aware Memory Manager configuration on the + node. For more information, see: + https://kubernetes.io/docs/tasks/administer-cluster/memory-manager/ + $ref: '#/components/schemas/MemoryManager' + cpuCfsQuota: + type: boolean + description: >- + Enable CPU CFS quota enforcement for containers that specify CPU + limits. This option is enabled by default which makes kubelet use + CFS quota + (https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt) + to enforce container CPU limits. Otherwise, CPU limits will not be + enforced at all. Disable this option to mitigate CPU throttling + problems while still having your pods to be in Guaranteed QoS class + by specifying the CPU limits. The default value is 'true' if + unspecified. + containerLogMaxSize: + description: >- + Optional. Defines the maximum size of the container log file before + it is rotated. See + https://kubernetes.io/docs/concepts/cluster-administration/logging/#log-rotation + Valid format is positive number + unit, e.g. 100Ki, 10Mi. Valid + units are Ki, Mi, Gi. The value must be between 10Mi and 500Mi, + inclusive. Note that the total container log size + (container_log_max_size * container_log_max_files) cannot exceed 1% + of the total storage of the node, to avoid disk pressure caused by + log files. The default value is 10Mi if unspecified. type: string - enumDescriptions: - - PMU not enabled. - - Architecturally defined non-LLC events. - - Most documented core/L2 events. - - Most documented core/L2 and LLC events. - enum: - - PERFORMANCE_MONITORING_UNIT_UNSPECIFIED - - ARCHITECTURAL - - STANDARD - - ENHANCED - VirtualNIC: - id: VirtualNIC - description: Configuration of gVNIC feature. + DefaultSnatStatus: + description: >- + DefaultSnatStatus contains the desired state of whether default sNAT + should be disabled on the cluster. type: object + id: DefaultSnatStatus properties: - enabled: - description: Whether gVNIC features are enabled in the node pool. + disabled: + description: Disables cluster default sNAT rules. type: boolean - ConfidentialNodes: - id: ConfidentialNodes - description: >- - ConfidentialNodes is configuration for the confidential nodes feature, - which makes nodes run on confidential VMs. + OperationProgress: type: object + id: OperationProgress properties: - enabled: - description: Whether Confidential Nodes feature is enabled. - type: boolean - confidentialInstanceType: - description: Defines the type of technology used by the confidential node. + metrics: + type: array + description: >- + Progress metric bundle, for example: metrics: [{name: "nodes done", + int_value: 15}, {name: "nodes total", int_value: 32}] or metrics: + [{name: "progress", double_value: 0.56}, {name: "progress scale", + double_value: 1.0}] + items: + $ref: '#/components/schemas/Metric' + status: type: string - enumDescriptions: - - No type specified. Do not use this value. - - AMD Secure Encrypted Virtualization. - - AMD Secure Encrypted Virtualization - Secure Nested Paging. - - Intel Trust Domain eXtension. + description: Status of an operation stage. Unset for single-stage operations. enum: - - CONFIDENTIAL_INSTANCE_TYPE_UNSPECIFIED - - SEV - - SEV_SNP - - TDX - FastSocket: - id: FastSocket - description: Configuration of Fast Socket feature. - type: object + - STATUS_UNSPECIFIED + - PENDING + - RUNNING + - DONE + - ABORTING + enumDescriptions: + - Not set. + - The operation has been created. + - The operation is currently running. + - The operation is done, either cancelled or completed. + - The operation is aborting. + stages: + type: array + items: + $ref: '#/components/schemas/OperationProgress' + description: Substages of an operation or a stage. + name: + description: >- + A non-parameterized string describing an operation stage. Unset for + single-stage operations. + type: string + description: Information about operation (or operation stage) progress. + PrivateClusterMasterGlobalAccessConfig: + id: PrivateClusterMasterGlobalAccessConfig properties: enabled: - description: Whether Fast Socket features are enabled in the node pool. type: boolean - NodePoolLoggingConfig: - id: NodePoolLoggingConfig - description: NodePoolLoggingConfig specifies logging configuration for nodepools. - type: object - properties: - variantConfig: - description: Logging variant configuration. - $ref: '#/components/schemas/LoggingVariantConfig' - LoggingVariantConfig: - id: LoggingVariantConfig - description: LoggingVariantConfig specifies the behaviour of the logging component. + description: Whenever master is accessible globally or not. type: object + description: Configuration for controlling master global access settings. + UpdateClusterRequest: + description: UpdateClusterRequest updates the settings of a cluster. properties: - variant: - description: Logging variant deployed on nodes. + update: + $ref: '#/components/schemas/ClusterUpdate' + description: Required. A description of the update. + clusterId: + deprecated: true + description: >- + Deprecated. The name of the cluster to upgrade. This field has been + deprecated and replaced by the name field. type: string - enumDescriptions: - - Default value. This shouldn't be used. - - default logging variant. - - maximum logging throughput variant. - enum: - - VARIANT_UNSPECIFIED - - DEFAULT - - MAX_THROUGHPUT - WindowsNodeConfig: - id: WindowsNodeConfig - description: >- - Parameters that can be configured on Windows nodes. Windows Node Config - that define the parameters that will be used to configure the Windows - node pool settings. - type: object - properties: - osVersion: - description: OSVersion specifies the Windows node config to be used on the node. + zone: + deprecated: true type: string - enumDescriptions: - - When OSVersion is not specified. - - >- - LTSC2019 specifies to use LTSC2019 as the Windows Servercore Base - Image. - - >- - LTSC2022 specifies to use LTSC2022 as the Windows Servercore Base - Image. - enum: - - OS_VERSION_UNSPECIFIED - - OS_VERSION_LTSC2019 - - OS_VERSION_LTSC2022 - LocalNvmeSsdBlockConfig: - id: LocalNvmeSsdBlockConfig - description: >- - LocalNvmeSsdBlockConfig contains configuration for using raw-block local - NVMe SSDs - type: object - properties: - localSsdCount: description: >- - Number of local NVMe SSDs to use. The limit for this value is - dependent upon the maximum number of disk available on a machine per - zone. See: - https://{$universe.dns_names.final_documentation_domain}/compute/docs/disks/local-ssd - for more information. A zero (or unset) value has different meanings - depending on machine type being used: 1. For pre-Gen3 machines, - which support flexible numbers of local ssds, zero (or unset) means - to disable using local SSDs as ephemeral storage. 2. For Gen3 - machines which dictate a specific number of local ssds, zero (or - unset) means to use the default number of local ssds that goes with - that machine type. For example, for a c3-standard-8-lssd machine, 2 - local ssds would be provisioned. For c3-standard-8 (which doesn't - support local ssds), 0 will be provisioned. See - https://{$universe.dns_names.final_documentation_domain}/compute/docs/disks/local-ssd#choose_number_local_ssds - for more info. - type: integer - format: int32 - EphemeralStorageLocalSsdConfig: - id: EphemeralStorageLocalSsdConfig - description: >- - EphemeralStorageLocalSsdConfig contains configuration for the node - ephemeral storage using Local SSDs. - type: object - properties: - localSsdCount: + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and + replaced by the name field. + name: description: >- - Number of local SSDs to use to back ephemeral storage. Uses NVMe - interfaces. A zero (or unset) value has different meanings depending - on machine type being used: 1. For pre-Gen3 machines, which support - flexible numbers of local ssds, zero (or unset) means to disable - using local SSDs as ephemeral storage. The limit for this value is - dependent upon the maximum number of disk available on a machine per - zone. See: - https://{$universe.dns_names.final_documentation_domain}/compute/docs/disks/local-ssd - for more information. 2. For Gen3 machines which dictate a specific - number of local ssds, zero (or unset) means to use the default - number of local ssds that goes with that machine type. For example, - for a c3-standard-8-lssd machine, 2 local ssds would be provisioned. - For c3-standard-8 (which doesn't support local ssds), 0 will be - provisioned. See - https://{$universe.dns_names.final_documentation_domain}/compute/docs/disks/local-ssd#choose_number_local_ssds - for more info. - type: integer - format: int32 - dataCacheCount: - description: Number of local SSDs to use for GKE Data Cache. - type: integer - format: int32 - SoleTenantConfig: - id: SoleTenantConfig - description: >- - SoleTenantConfig contains the NodeAffinities to specify what shared sole - tenant node groups should back the node pool. + The name (project, location, cluster) of the cluster to update. + Specified in the format `projects/*/locations/*/clusters/*`. + type: string + projectId: + deprecated: true + description: >- + Deprecated. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + This field has been deprecated and replaced by the name field. + type: string type: object + id: UpdateClusterRequest + ListUsableSubnetworksResponse: + id: ListUsableSubnetworksResponse + description: >- + ListUsableSubnetworksResponse is the response of + ListUsableSubnetworksRequest. properties: - nodeAffinities: - description: NodeAffinities used to match to a shared sole tenant node group. + subnetworks: type: array + description: A list of usable subnetworks in the specified network project. items: - $ref: '#/components/schemas/NodeAffinity' - minNodeCpus: + $ref: '#/components/schemas/UsableSubnetwork' + nextPageToken: + type: string description: >- - Optional. The minimum number of virtual CPUs this instance will - consume when running on a sole-tenant node. This field can only be - set if the node pool is created in a shared sole-tenant node group. - type: integer - format: int32 - NodeAffinity: - id: NodeAffinity - description: >- - Specifies the NodeAffinity key, values, and affinity operator according - to [shared sole tenant node group - affinities](https://{$universe.dns_names.final_documentation_domain}/compute/docs/nodes/sole-tenant-nodes#node_affinity_and_anti-affinity). + This token allows you to get the next page of results for list + requests. If the number of results is larger than `page_size`, use + the `next_page_token` as a value for the query parameter + `page_token` in the next request. The value will become empty when + there are no more pages. type: object + NodeTaints: + id: NodeTaints properties: - key: - description: Key for NodeAffinity. - type: string - operator: - description: Operator for NodeAffinity. - type: string - enumDescriptions: - - Invalid or unspecified affinity operator. - - Affinity operator. - - Anti-affinity operator. - enum: - - OPERATOR_UNSPECIFIED - - IN - - NOT_IN - values: - description: Values for NodeAffinity. + taints: type: array + description: List of node taints. items: - type: string - ContainerdConfig: - id: ContainerdConfig - description: ContainerdConfig contains configuration to customize containerd. + $ref: '#/components/schemas/NodeTaint' + description: >- + Collection of Kubernetes [node + taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration). type: object + NotificationConfig: properties: - privateRegistryAccessConfig: - description: >- - PrivateRegistryAccessConfig is used to configure access - configuration for private container registries. - $ref: '#/components/schemas/PrivateRegistryAccessConfig' - PrivateRegistryAccessConfig: - id: PrivateRegistryAccessConfig - description: >- - PrivateRegistryAccessConfig contains access configuration for private - container registries. + pubsub: + $ref: '#/components/schemas/PubSub' + description: Notification config for Pub/Sub. + type: object + id: NotificationConfig + description: NotificationConfig is the configuration of notifications. + LustreCsiDriverConfig: + description: Configuration for the Lustre CSI driver. + id: LustreCsiDriverConfig type: object properties: enabled: - description: Private registry access is enabled. + description: Whether the Lustre CSI driver is enabled for this cluster. type: boolean - certificateAuthorityDomainConfig: - description: Private registry access configuration. - type: array - items: - $ref: '#/components/schemas/CertificateAuthorityDomainConfig' - CertificateAuthorityDomainConfig: - id: CertificateAuthorityDomainConfig - description: >- - CertificateAuthorityDomainConfig configures one or more fully qualified - domain names (FQDN) to a specific certificate. + enableLegacyLustrePort: + deprecated: true + description: >- + If set to true, the Lustre CSI driver will install Lustre kernel + modules using port 6988. This serves as a workaround for a port + conflict with the gke-metadata-server. This field is required ONLY + under the following conditions: 1. The GKE node version is older + than 1.33.2-gke.4655000. 2. You're connecting to a Lustre instance + that has the 'gke-support-enabled' flag. Deprecated: This flag is no + longer required as of GKE node version 1.33.2-gke.4655000, unless + you are connecting to a Lustre instance that has the + `gke-support-enabled` flag. + type: boolean + NodeDrainConfig: type: object + id: NodeDrainConfig properties: - fqdns: + respectPdbDuringNodePoolDeletion: + description: Whether to respect PDB during node pool deletion. + type: boolean + description: >- + NodeDrainConfig contains the node drain related configurations for this + nodepool. + SetLocationsRequest: + id: SetLocationsRequest + properties: + projectId: description: >- - List of fully qualified domain names (FQDN). Specifying port is - supported. Wildcards are NOT supported. Examples: - - my.customdomain.com - 10.0.1.2:5000 - type: array + Deprecated. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + This field has been deprecated and replaced by the name field. + deprecated: true + type: string + locations: items: type: string - gcpSecretManagerCertificateConfig: - description: Google Secret Manager (GCP) certificate configuration. - $ref: '#/components/schemas/GCPSecretManagerCertificateConfig' - GCPSecretManagerCertificateConfig: - id: GCPSecretManagerCertificateConfig - description: >- - GCPSecretManagerCertificateConfig configures a secret from [Google - Secret - Manager](https://{$universe.dns_names.final_documentation_domain}/secret-manager). - type: object - properties: - secretUri: + type: array description: >- - Secret URI, in the form - "projects/$PROJECT_ID/secrets/$SECRET_NAME/versions/$VERSION". - Version can be fixed (e.g. "2") or "latest" + Required. The desired list of Google Compute Engine + [zones](https://cloud.google.com/compute/docs/zones#available) in + which the cluster's nodes should be located. Changing the locations + a cluster is in will result in nodes being either created or removed + from the cluster, depending on whether locations are being added or + removed. This list must always include the cluster's primary zone. + clusterId: type: string - ResourceManagerTags: - id: ResourceManagerTags - description: >- - A map of resource manager tag keys and values to be attached to the - nodes for managing Compute Engine firewalls using Network Firewall - Policies. Tags must be according to specifications in - https://{$universe.dns_names.final_documentation_domain}/vpc/docs/tags-firewalls-overview#specifications. - A maximum of 5 tag key-value pairs can be specified. Existing tags will - be replaced with new values. - type: object - properties: - tags: description: >- - TagKeyValue must be in one of the following formats ([KEY]=[VALUE]) - 1. `tagKeys/{tag_key_id}=tagValues/{tag_value_id}` 2. - `{org_id}/{tag_key_name}={tag_value_name}` 3. - `{project_id}/{tag_key_name}={tag_value_name}` - type: object - additionalProperties: - type: string - SecondaryBootDisk: - id: SecondaryBootDisk - description: >- - SecondaryBootDisk represents a persistent disk attached to a node with - special configurations based on its mode. + Deprecated. The name of the cluster to upgrade. This field has been + deprecated and replaced by the name field. + deprecated: true + name: + type: string + description: >- + The name (project, location, cluster) of the cluster to set + locations. Specified in the format + `projects/*/locations/*/clusters/*`. + zone: + type: string + deprecated: true + description: >- + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and + replaced by the name field. + type: object + description: SetLocationsRequest sets the locations of the cluster. + NodePoolDefaults: type: object + description: Subset of Nodepool message that has defaults. + id: NodePoolDefaults properties: - mode: - description: Disk mode (container image cache, etc.) - type: string + nodeConfigDefaults: + $ref: '#/components/schemas/NodeConfigDefaults' + description: Subset of NodeConfig message that has defaults. + CloudRunConfig: + type: object + properties: + loadBalancerType: enumDescriptions: - - MODE_UNSPECIFIED is when mode is not set. - - >- - CONTAINER_IMAGE_CACHE is for using the secondary boot disk as a - container image cache. - enum: - - MODE_UNSPECIFIED - - CONTAINER_IMAGE_CACHE - diskImage: - description: Fully-qualified resource ID for an existing disk image. + - Load balancer type for Cloud Run is unspecified. + - Install external load balancer for Cloud Run. + - Install internal load balancer for Cloud Run. type: string - SecondaryBootDiskUpdateStrategy: - id: SecondaryBootDiskUpdateStrategy - description: >- - SecondaryBootDiskUpdateStrategy is a placeholder which will be extended - in the future to define different options for updating secondary boot - disks. - type: object - properties: {} - BootDisk: - id: BootDisk - description: BootDisk specifies the boot disk configuration for nodepools. + enum: + - LOAD_BALANCER_TYPE_UNSPECIFIED + - LOAD_BALANCER_TYPE_EXTERNAL + - LOAD_BALANCER_TYPE_INTERNAL + description: Which load balancer type is installed for Cloud Run. + disabled: + description: Whether Cloud Run addon is enabled for this cluster. + type: boolean + description: Configuration options for the Cloud Run feature. + id: CloudRunConfig + CreateClusterRequest: type: object + description: CreateClusterRequest creates a cluster. properties: - diskType: + cluster: + $ref: '#/components/schemas/Cluster' description: >- - Disk type of the boot disk. (i.e. Hyperdisk-Balanced, PD-Balanced, - etc.) + Required. A [cluster + resource](https://cloud.google.com/container-engine/reference/rest/v1/projects.locations.clusters) + parent: + description: >- + The parent (project and location) where the cluster will be created. + Specified in the format `projects/*/locations/*`. type: string - sizeGb: - description: Disk size in GB. Replaces NodeConfig.disk_size_gb + zone: + deprecated: true + description: >- + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and + replaced by the parent field. type: string - format: int64 - provisionedIops: - description: For Hyperdisk-Balanced only, the provisioned IOPS config value. + projectId: type: string - format: int64 - provisionedThroughput: description: >- - For Hyperdisk-Balanced only, the provisioned throughput config - value. - type: string - format: int64 - MasterAuth: - id: MasterAuth - description: >- - The authentication information for accessing the master endpoint. - Authentication can be done using HTTP basic auth or using client - certificates. + Deprecated. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + This field has been deprecated and replaced by the parent field. + deprecated: true + id: CreateClusterRequest + DnsCacheConfig: type: object properties: - username: - description: >- - The username to use for HTTP basic authentication to the master - endpoint. For clusters v1.6.0 and later, basic authentication can be - disabled by leaving username unspecified (or setting it to the empty - string). Warning: basic authentication is deprecated, and will be - removed in GKE control plane versions 1.19 and newer. For a list of - recommended authentication methods, see: - https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/how-to/api-server-authentication + enabled: + type: boolean + description: Whether NodeLocal DNSCache is enabled for this cluster. + description: Configuration for NodeLocal DNSCache + id: DnsCacheConfig + CompleteIPRotationRequest: + id: CompleteIPRotationRequest + type: object + description: >- + CompleteIPRotationRequest moves the cluster master back into single-IP + mode. + properties: + projectId: deprecated: true type: string - password: description: >- - The password to use for HTTP basic authentication to the master - endpoint. Because the master endpoint is open to the Internet, you - should create a strong password. If a password is provided for - cluster creation, username must be non-empty. Warning: basic - authentication is deprecated, and will be removed in GKE control - plane versions 1.19 and newer. For a list of recommended - authentication methods, see: - https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/how-to/api-server-authentication - deprecated: true + Deprecated. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + This field has been deprecated and replaced by the name field. + name: + description: >- + The name (project, location, cluster name) of the cluster to + complete IP rotation. Specified in the format + `projects/*/locations/*/clusters/*`. + type: string + clusterId: type: string - clientCertificateConfig: description: >- - Configuration for client certificate authentication on the cluster. - For clusters before v1.12, if no configuration is specified, a - client certificate is issued. - $ref: '#/components/schemas/ClientCertificateConfig' - clusterCaCertificate: + Deprecated. The name of the cluster. This field has been deprecated + and replaced by the name field. + deprecated: true + zone: description: >- - Output only. Base64-encoded public certificate that is the root of - trust for the cluster. - readOnly: true + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and + replaced by the name field. + deprecated: true type: string - clientCertificate: + SetMaintenancePolicyRequest: + id: SetMaintenancePolicyRequest + properties: + name: description: >- - Output only. Base64-encoded public certificate used by clients to - authenticate to the cluster endpoint. Issued only if - client_certificate_config is set. - readOnly: true + The name (project, location, cluster name) of the cluster to set + maintenance policy. Specified in the format + `projects/*/locations/*/clusters/*`. + type: string + clusterId: + type: string + description: Required. The name of the cluster to update. + projectId: type: string - clientKey: description: >- - Output only. Base64-encoded private key used by clients to - authenticate to the cluster endpoint. - readOnly: true + Required. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + zone: + description: >- + Required. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. type: string - ClientCertificateConfig: - id: ClientCertificateConfig - description: Configuration for client certificates on the cluster. + maintenancePolicy: + description: >- + Required. The maintenance policy to be set for the cluster. An empty + field clears the existing maintenance policy. + $ref: '#/components/schemas/MaintenancePolicy' + description: SetMaintenancePolicyRequest sets the maintenance policy for a cluster. type: object - properties: - issueClientCertificate: - description: Issue a client certificate. - type: boolean - AddonsConfig: - id: AddonsConfig - description: >- - Configuration for the addons that can be automatically spun up in the - cluster, enabling additional functionality. + ListClustersResponse: + description: ListClustersResponse is the result of ListClustersRequest. type: object properties: - httpLoadBalancing: - description: >- - Configuration for the HTTP (L7) load balancing controller addon, - which makes it easy to set up HTTP load balancers for services in a - cluster. - $ref: '#/components/schemas/HttpLoadBalancing' - horizontalPodAutoscaling: - description: >- - Configuration for the horizontal pod autoscaling feature, which - increases or decreases the number of replica pods a replication - controller has based on the resource usage of the existing pods. - $ref: '#/components/schemas/HorizontalPodAutoscaling' - kubernetesDashboard: + missingZones: + items: + type: string + type: array description: >- - Configuration for the Kubernetes Dashboard. This addon is - deprecated, and will be disabled in 1.15. It is recommended to use - the Cloud Console to manage and monitor your Kubernetes clusters, - workloads and applications. For more information, see: - https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/concepts/dashboards - deprecated: true - $ref: '#/components/schemas/KubernetesDashboard' - networkPolicyConfig: + If any zones are listed here, the list of clusters returned may be + missing those zones. + clusters: description: >- - Configuration for NetworkPolicy. This only tracks whether the addon - is enabled or not on the Master, it does not track whether network - policy is enabled for the nodes. - $ref: '#/components/schemas/NetworkPolicyConfig' - cloudRunConfig: + A list of clusters in the project in the specified zone, or across + all ones. + items: + $ref: '#/components/schemas/Cluster' + type: array + id: ListClustersResponse + LocalNvmeSsdBlockConfig: + type: object + properties: + localSsdCount: description: >- - Configuration for the Cloud Run addon, which allows the user to use - a managed Knative service. - $ref: '#/components/schemas/CloudRunConfig' - dnsCacheConfig: - description: Configuration for NodeLocalDNS, a dns cache running on cluster nodes - $ref: '#/components/schemas/DnsCacheConfig' - configConnectorConfig: - description: >- - Configuration for the ConfigConnector add-on, a Kubernetes extension - to manage hosted GCP services through the Kubernetes API - $ref: '#/components/schemas/ConfigConnectorConfig' - gcePersistentDiskCsiDriverConfig: - description: Configuration for the Compute Engine Persistent Disk CSI driver. - $ref: '#/components/schemas/GcePersistentDiskCsiDriverConfig' - gcpFilestoreCsiDriverConfig: - description: Configuration for the GCP Filestore CSI driver. - $ref: '#/components/schemas/GcpFilestoreCsiDriverConfig' - gkeBackupAgentConfig: - description: Configuration for the Backup for GKE agent addon. - $ref: '#/components/schemas/GkeBackupAgentConfig' - gcsFuseCsiDriverConfig: - description: Configuration for the Cloud Storage Fuse CSI driver. - $ref: '#/components/schemas/GcsFuseCsiDriverConfig' - statefulHaConfig: - description: Optional. Configuration for the StatefulHA add-on. - $ref: '#/components/schemas/StatefulHAConfig' - parallelstoreCsiDriverConfig: - description: Configuration for the Cloud Storage Parallelstore CSI driver. - $ref: '#/components/schemas/ParallelstoreCsiDriverConfig' - rayOperatorConfig: - description: Optional. Configuration for Ray Operator addon. - $ref: '#/components/schemas/RayOperatorConfig' - highScaleCheckpointingConfig: - description: Configuration for the High Scale Checkpointing add-on. - $ref: '#/components/schemas/HighScaleCheckpointingConfig' - lustreCsiDriverConfig: - description: Configuration for the Lustre CSI driver. - $ref: '#/components/schemas/LustreCsiDriverConfig' - HttpLoadBalancing: - id: HttpLoadBalancing + Number of local NVMe SSDs to use. The limit for this value is + dependent upon the maximum number of disk available on a machine per + zone. See: https://cloud.google.com/compute/docs/disks/local-ssd for + more information. A zero (or unset) value has different meanings + depending on machine type being used: 1. For pre-Gen3 machines, + which support flexible numbers of local ssds, zero (or unset) means + to disable using local SSDs as ephemeral storage. 2. For Gen3 + machines which dictate a specific number of local ssds, zero (or + unset) means to use the default number of local ssds that goes with + that machine type. For example, for a c3-standard-8-lssd machine, 2 + local ssds would be provisioned. For c3-standard-8 (which doesn't + support local ssds), 0 will be provisioned. See + https://cloud.google.com/compute/docs/disks/local-ssd#choose_number_local_ssds + for more info. + type: integer + format: int32 + id: LocalNvmeSsdBlockConfig description: >- - Configuration options for the HTTP (L7) load balancing controller addon, - which makes it easy to set up HTTP load balancers for services in a - cluster. - type: object + LocalNvmeSsdBlockConfig contains configuration for using raw-block local + NVMe SSDs + NodePoolAutoConfig: + id: NodePoolAutoConfig properties: - disabled: + resourceManagerTags: description: >- - Whether the HTTP Load Balancing controller is enabled in the - cluster. When enabled, it runs a small pod in the cluster that - manages the load balancers. - type: boolean - HorizontalPodAutoscaling: - id: HorizontalPodAutoscaling - description: >- - Configuration options for the horizontal pod autoscaling feature, which - increases or decreases the number of replica pods a replication - controller has based on the resource usage of the existing pods. - type: object - properties: - disabled: + Resource manager tag keys and values to be attached to the nodes for + managing Compute Engine firewalls using Network Firewall Policies. + $ref: '#/components/schemas/ResourceManagerTags' + networkTags: + $ref: '#/components/schemas/NetworkTags' description: >- - Whether the Horizontal Pod Autoscaling feature is enabled in the - cluster. When enabled, it ensures that metrics are collected into - Stackdriver Monitoring. - type: boolean - KubernetesDashboard: - id: KubernetesDashboard - description: Configuration for the Kubernetes Dashboard. - type: object - properties: - disabled: - description: Whether the Kubernetes Dashboard is enabled for this cluster. - type: boolean - NetworkPolicyConfig: - id: NetworkPolicyConfig + The list of instance tags applied to all nodes. Tags are used to + identify valid sources or targets for network firewalls and are + specified by the client during cluster creation. Each tag within the + list must comply with RFC1035. + linuxNodeConfig: + $ref: '#/components/schemas/LinuxNodeConfig' + readOnly: true + description: Output only. Configuration options for Linux nodes. + nodeKubeletConfig: + $ref: '#/components/schemas/NodeKubeletConfig' + description: >- + NodeKubeletConfig controls the defaults for autoprovisioned + node-pools. Currently only `insecure_kubelet_readonly_port_enabled` + can be set here. description: >- - Configuration for NetworkPolicy. This only tracks whether the addon is - enabled or not on the Master, it does not track whether network policy - is enabled for the nodes. - type: object - properties: - disabled: - description: Whether NetworkPolicy is enabled for this cluster. - type: boolean - CloudRunConfig: - id: CloudRunConfig - description: Configuration options for the Cloud Run feature. + Node pool configs that apply to all auto-provisioned node pools in + autopilot clusters and node auto-provisioning enabled clusters. type: object - properties: - disabled: - description: Whether Cloud Run addon is enabled for this cluster. - type: boolean - loadBalancerType: - description: Which load balancer type is installed for Cloud Run. - type: string - enumDescriptions: - - Load balancer type for Cloud Run is unspecified. - - Install external load balancer for Cloud Run. - - Install internal load balancer for Cloud Run. - enum: - - LOAD_BALANCER_TYPE_UNSPECIFIED - - LOAD_BALANCER_TYPE_EXTERNAL - - LOAD_BALANCER_TYPE_INTERNAL - DnsCacheConfig: - id: DnsCacheConfig - description: Configuration for NodeLocal DNSCache + PubSub: + id: PubSub + description: Pub/Sub specific notification config. type: object properties: enabled: - description: Whether NodeLocal DNSCache is enabled for this cluster. + description: Enable notifications for Pub/Sub. type: boolean - ConfigConnectorConfig: - id: ConfigConnectorConfig - description: Configuration options for the Config Connector add-on. - type: object + topic: + type: string + description: >- + The desired Pub/Sub topic to which notifications will be sent by + GKE. Format is `projects/{project}/topics/{topic}`. + filter: + $ref: '#/components/schemas/Filter' + description: >- + Allows filtering to one or more specific event types. If no filter + is specified, or if a filter is specified with no event types, all + event types will be sent + WorkloadIdentityConfig: properties: - enabled: - description: Whether Cloud Connector is enabled for this cluster. - type: boolean - GcePersistentDiskCsiDriverConfig: - id: GcePersistentDiskCsiDriverConfig - description: Configuration for the Compute Engine PD CSI driver. + workloadPool: + type: string + description: The workload pool to attach all Kubernetes service accounts to. + id: WorkloadIdentityConfig + description: >- + Configuration for the use of Kubernetes Service Accounts in IAM + policies. type: object + ClusterUpgradeInfo: properties: - enabled: + patchTargetVersion: + type: string + description: patch_target_version indicates the target version for patch upgrade. + autoUpgradeStatus: + items: + enumDescriptions: + - UNKNOWN indicates an unknown status. + - ACTIVE indicates an active status. + - >- + MINOR_UPGRADE_PAUSED indicates the minor version upgrade is + paused. + - UPGRADE_PAUSED indicates the upgrade is paused. + type: string + enum: + - UNKNOWN + - ACTIVE + - MINOR_UPGRADE_PAUSED + - UPGRADE_PAUSED + description: The auto upgrade status. + type: array + endOfStandardSupportTimestamp: + type: string description: >- - Whether the Compute Engine PD CSI driver is enabled for this - cluster. - type: boolean - GcpFilestoreCsiDriverConfig: - id: GcpFilestoreCsiDriverConfig - description: Configuration for the GCP Filestore CSI driver. + The cluster's current minor version's end of standard support + timestamp. + endOfExtendedSupportTimestamp: + description: >- + The cluster's current minor version's end of extended support + timestamp. + type: string + upgradeDetails: + items: + $ref: '#/components/schemas/UpgradeDetails' + type: array + description: The list of past auto upgrades. + minorTargetVersion: + description: minor_target_version indicates the target version for minor upgrade. + type: string + pausedReason: + description: The auto upgrade paused reason. + items: + enumDescriptions: + - >- + AUTO_UPGRADE_PAUSED_REASON_UNSPECIFIED indicates an unspecified + reason. + - >- + MAINTENANCE_WINDOW indicates the cluster is outside customer + maintenance window. + - >- + MAINTENANCE_EXCLUSION_NO_UPGRADES indicates the cluster is in a + maintenance exclusion with scope NO_UPGRADES. + - >- + MAINTENANCE_EXCLUSION_NO_MINOR_UPGRADES indicates the cluster is + in a maintenance exclusion with scope NO_MINOR_UPGRADES. + - >- + CLUSTER_DISRUPTION_BUDGET indicates the cluster is outside the + cluster disruption budget. + - >- + CLUSTER_DISRUPTION_BUDGET_MINOR_UPGRADE indicates the cluster is + outside the cluster disruption budget for minor version upgrade. + - >- + SYSTEM_CONFIG indicates the cluster upgrade is paused by system + config. + type: string + enum: + - AUTO_UPGRADE_PAUSED_REASON_UNSPECIFIED + - MAINTENANCE_WINDOW + - MAINTENANCE_EXCLUSION_NO_UPGRADES + - MAINTENANCE_EXCLUSION_NO_MINOR_UPGRADES + - CLUSTER_DISRUPTION_BUDGET + - CLUSTER_DISRUPTION_BUDGET_MINOR_UPGRADE + - SYSTEM_CONFIG + type: array type: object - properties: - enabled: - description: Whether the GCP Filestore CSI driver is enabled for this cluster. - type: boolean - GkeBackupAgentConfig: - id: GkeBackupAgentConfig - description: Configuration for the Backup for GKE Agent. + id: ClusterUpgradeInfo + description: ClusterUpgradeInfo contains the upgrade information of a cluster. + ListNodePoolsResponse: + id: ListNodePoolsResponse + description: ListNodePoolsResponse is the result of ListNodePoolsRequest. type: object properties: - enabled: - description: Whether the Backup for GKE agent is enabled for this cluster. - type: boolean - GcsFuseCsiDriverConfig: - id: GcsFuseCsiDriverConfig - description: Configuration for the Cloud Storage Fuse CSI driver. - type: object + nodePools: + items: + $ref: '#/components/schemas/NodePool' + description: A list of node pools for a cluster. + type: array + DNSConfig: properties: - enabled: + clusterDnsDomain: + type: string description: >- - Whether the Cloud Storage Fuse CSI driver is enabled for this - cluster. - type: boolean - StatefulHAConfig: - id: StatefulHAConfig - description: Configuration for the Stateful HA add-on. - type: object - properties: - enabled: - description: Whether the Stateful HA add-on is enabled for this cluster. - type: boolean - ParallelstoreCsiDriverConfig: - id: ParallelstoreCsiDriverConfig - description: Configuration for the Cloud Storage Parallelstore CSI driver. - type: object - properties: - enabled: + cluster_dns_domain is the suffix used for all cluster service + records. + additiveVpcScopeDnsDomain: + description: Optional. The domain used in Additive VPC scope. + type: string + clusterDns: + type: string + description: cluster_dns indicates which in-cluster DNS provider should be used. + enum: + - PROVIDER_UNSPECIFIED + - PLATFORM_DEFAULT + - CLOUD_DNS + - KUBE_DNS + enumDescriptions: + - Default value + - Use GKE default DNS provider(kube-dns) for DNS resolution. + - Use CloudDNS for DNS resolution. + - Use KubeDNS for DNS resolution. + clusterDnsScope: + type: string + enum: + - DNS_SCOPE_UNSPECIFIED + - CLUSTER_SCOPE + - VPC_SCOPE + enumDescriptions: + - Default value, will be inferred as cluster scope. + - DNS records are accessible from within the cluster. + - DNS records are accessible from within the VPC. description: >- - Whether the Cloud Storage Parallelstore CSI driver is enabled for - this cluster. - type: boolean - RayOperatorConfig: - id: RayOperatorConfig - description: Configuration options for the Ray Operator add-on. - type: object - properties: - enabled: - description: Whether the Ray Operator addon is enabled for this cluster. - type: boolean - rayClusterLoggingConfig: - description: Optional. Logging configuration for Ray clusters. - $ref: '#/components/schemas/RayClusterLoggingConfig' - rayClusterMonitoringConfig: - description: Optional. Monitoring configuration for Ray clusters. - $ref: '#/components/schemas/RayClusterMonitoringConfig' - RayClusterLoggingConfig: - id: RayClusterLoggingConfig - description: RayClusterLoggingConfig specifies configuration of Ray logging. + cluster_dns_scope indicates the scope of access to cluster DNS + records. type: object - properties: - enabled: - description: Enable log collection for Ray clusters. - type: boolean - RayClusterMonitoringConfig: - id: RayClusterMonitoringConfig + id: DNSConfig description: >- - RayClusterMonitoringConfig specifies monitoring configuration for Ray - clusters. - type: object - properties: - enabled: - description: Enable metrics collection for Ray clusters. - type: boolean - HighScaleCheckpointingConfig: - id: HighScaleCheckpointingConfig - description: Configuration for the High Scale Checkpointing. - type: object - properties: - enabled: - description: Whether the High Scale Checkpointing is enabled for this cluster. - type: boolean - LustreCsiDriverConfig: - id: LustreCsiDriverConfig - description: Configuration for the Lustre CSI driver. + DNSConfig contains the desired set of options for configuring + clusterDNS. + PlacementPolicy: + description: PlacementPolicy defines the placement policy used by the node pool. + id: PlacementPolicy type: object properties: - enabled: - description: Whether the Lustre CSI driver is enabled for this cluster. - type: boolean - enableLegacyLustrePort: + policyName: + type: string description: >- - If set to true, the Lustre CSI driver will install Lustre kernel - modules using port 6988. This serves as a workaround for a port - conflict with the gke-metadata-server. This field is required ONLY - under the following conditions: 1. The GKE node version is older - than 1.33.2-gke.4655000. 2. You're connecting to a Lustre instance - that has the 'gke-support-enabled' flag. - deprecated: true - type: boolean - NodePool: - id: NodePool - description: >- - NodePool contains the name and configuration for a cluster's node pool. - Node pools are a set of nodes (i.e. VM's), with a common configuration - and specification, under the control of the cluster master. They may - have a set of Kubernetes labels applied to them, which may be used to - reference them during pod scheduling. They may also be resized up or - down, to accommodate the workload. - type: object + If set, refers to the name of a custom resource policy supplied by + the user. The resource policy must be in the same project and region + as the node pool. If not found, InvalidArgument error is returned. + type: + type: string + enumDescriptions: + - TYPE_UNSPECIFIED specifies no requirements on nodes placement. + - >- + COMPACT specifies node placement in the same availability domain + to ensure low communication latency. + enum: + - TYPE_UNSPECIFIED + - COMPACT + description: The type of placement. + tpuTopology: + type: string + description: >- + Optional. TPU placement topology for pod slice node pool. + https://cloud.google.com/tpu/docs/types-topologies#tpu_topologies + BlueGreenInfo: + description: Information relevant to blue-green upgrade. + id: BlueGreenInfo properties: - name: - description: The name of the node pool. + greenPoolVersion: type: string - config: - description: The node configuration of the pool. - $ref: '#/components/schemas/NodeConfig' - initialNodeCount: + description: Version of green pool. + bluePoolDeletionStartTime: description: >- - The initial node count for the pool. You must ensure that your - Compute Engine [resource - quota](https://{$universe.dns_names.final_documentation_domain}/compute/quotas) - is sufficient for this number of instances. You must also have - available firewall and routes quota. - type: integer - format: int32 - locations: + Time to start deleting blue pool to complete blue-green upgrade, in + [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. + type: string + phase: + enum: + - PHASE_UNSPECIFIED + - UPDATE_STARTED + - CREATING_GREEN_POOL + - CORDONING_BLUE_POOL + - DRAINING_BLUE_POOL + - NODE_POOL_SOAKING + - DELETING_BLUE_POOL + - ROLLBACK_STARTED + description: Current blue-green upgrade phase. + enumDescriptions: + - Unspecified phase. + - blue-green upgrade has been initiated. + - Start creating green pool nodes. + - Start cordoning blue pool nodes. + - Start draining blue pool nodes. + - Start soaking time after draining entire blue pool. + - Start deleting blue nodes. + - Rollback has been initiated. + type: string + greenInstanceGroupUrls: + items: + type: string description: >- - The list of Google Compute Engine - [zones](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the NodePool's nodes should be located. If this value is - unspecified during node pool creation, the - [Cluster.Locations](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters#Cluster.FIELDS.locations) - value will be used, instead. Warning: changing node pool locations - will result in nodes being added and/or removed. + The resource URLs of the [managed instance groups] + (/compute/docs/instance-groups/creating-groups-of-managed-instances) + associated with green pool. type: array + blueInstanceGroupUrls: items: type: string - networkConfig: description: >- - Networking configuration for this NodePool. If specified, it - overrides the cluster-level defaults. - $ref: '#/components/schemas/NodeNetworkConfig' - selfLink: - description: Output only. Server-defined URL for the resource. - readOnly: true - type: string - version: + The resource URLs of the [managed instance groups] + (/compute/docs/instance-groups/creating-groups-of-managed-instances) + associated with blue pool. + type: array + type: object + RollbackNodePoolUpgradeRequest: + type: object + id: RollbackNodePoolUpgradeRequest + properties: + respectPdb: description: >- - The version of Kubernetes running on this NodePool's nodes. If - unspecified, it defaults as described - [here](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/versioning#specifying_node_version). + Option for rollback to ignore the PodDisruptionBudget. Default value + is false. + type: boolean + zone: + deprecated: true + description: >- + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and + replaced by the name field. type: string - instanceGroupUrls: + clusterId: description: >- - Output only. The resource URLs of the [managed instance - groups](https://{$universe.dns_names.final_documentation_domain}/compute/docs/instance-groups/creating-groups-of-managed-instances) - associated with this node pool. During the node pool blue-green - upgrade operation, the URLs contain both blue and green resources. - readOnly: true - type: array - items: - type: string - status: - description: Output only. The status of the nodes in this pool instance. - readOnly: true + Deprecated. The name of the cluster to rollback. This field has been + deprecated and replaced by the name field. type: string - enumDescriptions: - - Not set. - - The PROVISIONING state indicates the node pool is being created. - - >- - The RUNNING state indicates the node pool has been created and is - fully usable. - - >- - The RUNNING_WITH_ERROR state indicates the node pool has been - created and is partially usable. Some error state has occurred and - some functionality may be impaired. Customer may need to reissue a - request or trigger a new update. - - >- - The RECONCILING state indicates that some work is actively being - done on the node pool, such as upgrading node software. Details - can be found in the `statusMessage` field. - - The STOPPING state indicates the node pool is being deleted. - - >- - The ERROR state indicates the node pool may be unusable. Details - can be found in the `statusMessage` field. - enum: - - STATUS_UNSPECIFIED - - PROVISIONING - - RUNNING - - RUNNING_WITH_ERROR - - RECONCILING - - STOPPING - - ERROR - statusMessage: - description: >- - Output only. Deprecated. Use conditions instead. Additional - information about the current status of this node pool instance, if - available. - readOnly: true deprecated: true + nodePoolId: type: string - autoscaling: - description: >- - Autoscaler configuration for this NodePool. Autoscaler is enabled - only if a valid configuration is present. - $ref: '#/components/schemas/NodePoolAutoscaling' - management: - description: NodeManagement configuration for this NodePool. - $ref: '#/components/schemas/NodeManagement' - maxPodsConstraint: - description: >- - The constraint on the maximum number of pods that can be run - simultaneously on a node in the node pool. - $ref: '#/components/schemas/MaxPodsConstraint' - conditions: - description: Which conditions caused the current node pool state. - type: array - items: - $ref: '#/components/schemas/StatusCondition' - podIpv4CidrSize: - description: Output only. The pod CIDR block size per node in this node pool. - readOnly: true - type: integer - format: int32 - upgradeSettings: - description: Upgrade settings control disruption and speed of the upgrade. - $ref: '#/components/schemas/UpgradeSettings' - placementPolicy: - description: Specifies the node placement policy. - $ref: '#/components/schemas/PlacementPolicy' - updateInfo: + deprecated: true description: >- - Output only. Update info contains relevant information during a node - pool update. - readOnly: true - $ref: '#/components/schemas/UpdateInfo' - etag: + Deprecated. The name of the node pool to rollback. This field has + been deprecated and replaced by the name field. + projectId: description: >- - This checksum is computed by the server based on the value of node - pool fields, and may be sent on update requests to ensure the client - has an up-to-date value before proceeding. + Deprecated. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + This field has been deprecated and replaced by the name field. + type: string + deprecated: true + name: type: string - queuedProvisioning: - description: Specifies the configuration of queued provisioning. - $ref: '#/components/schemas/QueuedProvisioning' - bestEffortProvisioning: - description: Enable best effort provisioning for nodes - $ref: '#/components/schemas/BestEffortProvisioning' - autopilotConfig: description: >- - Specifies the autopilot configuration for this node pool. This field - is exclusively reserved for Cluster Autoscaler. - $ref: '#/components/schemas/AutopilotConfig' - NodeNetworkConfig: - id: NodeNetworkConfig - description: Parameters for node pool-level network config. + The name (project, location, cluster, node pool id) of the node poll + to rollback upgrade. Specified in the format + `projects/*/locations/*/clusters/*/nodePools/*`. + description: >- + RollbackNodePoolUpgradeRequest rollbacks the previously Aborted or + Failed NodePool upgrade. This will be an no-op if the last upgrade + successfully completed. + SetNetworkPolicyRequest: + description: SetNetworkPolicyRequest enables/disables network policy for a cluster. type: object + id: SetNetworkPolicyRequest properties: - createPodRange: - description: >- - Input only. Whether to create a new range for pod IPs in this node - pool. Defaults are provided for `pod_range` and - `pod_ipv4_cidr_block` if they are not specified. If neither - `create_pod_range` or `pod_range` are specified, the cluster-level - default (`ip_allocation_policy.cluster_ipv4_cidr_block`) is used. - Only applicable if `ip_allocation_policy.use_ip_aliases` is true. - This field cannot be changed after the node pool has been created. - type: boolean - podRange: - description: >- - The ID of the secondary range for pod IPs. If `create_pod_range` is - true, this ID is used for the new range. If `create_pod_range` is - false, uses an existing secondary range with this ID. Only - applicable if `ip_allocation_policy.use_ip_aliases` is true. This - field cannot be changed after the node pool has been created. + networkPolicy: + description: Required. Configuration options for the NetworkPolicy feature. + $ref: '#/components/schemas/NetworkPolicy' + clusterId: + deprecated: true type: string - podIpv4CidrBlock: description: >- - The IP address range for pod IPs in this node pool. Only applicable - if `create_pod_range` is true. Set to blank to have a range chosen - with the default size. Set to /netmask (e.g. `/14`) to have a range - chosen with a specific netmask. Set to a - [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - notation (e.g. `10.96.0.0/14`) to pick a specific range to use. Only - applicable if `ip_allocation_policy.use_ip_aliases` is true. This - field cannot be changed after the node pool has been created. + Deprecated. The name of the cluster. This field has been deprecated + and replaced by the name field. + projectId: type: string - enablePrivateNodes: - description: >- - Whether nodes have internal IP addresses only. If - enable_private_nodes is not specified, then the value is derived - from Cluster.NetworkConfig.default_enable_private_nodes - type: boolean - networkPerformanceConfig: - description: Network bandwidth tier configuration. - $ref: '#/components/schemas/NetworkPerformanceConfig' - podCidrOverprovisionConfig: - description: >- - [PRIVATE FIELD] Pod CIDR size overprovisioning config for the - nodepool. Pod CIDR size per node depends on max_pods_per_node. By - default, the value of max_pods_per_node is rounded off to next power - of 2 and we then double that to get the size of pod CIDR block per - node. Example: max_pods_per_node of 30 would result in 64 IPs (/26). - This config can disable the doubling of IPs (we still round off to - next power of 2) Example: max_pods_per_node of 30 will result in 32 - IPs (/27) when overprovisioning is disabled. - $ref: '#/components/schemas/PodCIDROverprovisionConfig' - additionalNodeNetworkConfigs: - description: >- - We specify the additional node networks for this node pool using - this list. Each node network corresponds to an additional interface - type: array - items: - $ref: '#/components/schemas/AdditionalNodeNetworkConfig' - additionalPodNetworkConfigs: - description: >- - We specify the additional pod networks for this node pool using this - list. Each pod network corresponds to an additional alias IP range - for the node - type: array - items: - $ref: '#/components/schemas/AdditionalPodNetworkConfig' - podIpv4RangeUtilization: + deprecated: true description: >- - Output only. The utilization of the IPv4 range for the pod. The - ratio is Usage/[Total number of IPs in the secondary range], - Usage=numNodes*numZones*podIPsPerNode. - readOnly: true - type: number - format: double - subnetwork: + Deprecated. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + This field has been deprecated and replaced by the name field. + name: description: >- - Output only. The subnetwork path for the node pool. Format: - projects/{project}/regions/{region}/subnetworks/{subnetwork} If the - cluster is associated with multiple subnetworks, the subnetwork for - the node pool is picked based on the IP utilization during node pool - creation and is immutable. - readOnly: true + The name (project, location, cluster name) of the cluster to set + networking policy. Specified in the format + `projects/*/locations/*/clusters/*`. type: string - networkTierConfig: + zone: description: >- - Output only. The network tier configuration for the node pool - inherits from the cluster-level configuration and remains immutable - throughout the node pool's lifecycle, including during upgrades. - readOnly: true - $ref: '#/components/schemas/NetworkTierConfig' - NetworkPerformanceConfig: - id: NetworkPerformanceConfig - description: Configuration of all network bandwidth tiers - type: object - properties: - totalEgressBandwidthTier: - description: Specifies the total network bandwidth tier for the NodePool. + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and + replaced by the name field. + deprecated: true type: string - enumDescriptions: - - Default value - - Higher bandwidth, actual values based on VM size. - enum: - - TIER_UNSPECIFIED - - TIER_1 - PodCIDROverprovisionConfig: - id: PodCIDROverprovisionConfig - description: '[PRIVATE FIELD] Config for pod CIDR size overprovisioning.' - type: object + AutoIpamConfig: + id: AutoIpamConfig properties: - disable: - description: >- - Whether Pod CIDR overprovisioning is disabled. Note: Pod CIDR - overprovisioning is enabled by default. + enabled: + description: The flag that enables Auto IPAM on this cluster type: boolean - AdditionalNodeNetworkConfig: - id: AdditionalNodeNetworkConfig - description: >- - AdditionalNodeNetworkConfig is the configuration for additional node - networks within the NodeNetworkConfig message + description: AutoIpamConfig contains all information related to Auto IPAM type: object - properties: - network: - description: Name of the VPC where the additional interface belongs - type: string - subnetwork: - description: Name of the subnetwork where the additional interface belongs - type: string - AdditionalPodNetworkConfig: - id: AdditionalPodNetworkConfig - description: >- - AdditionalPodNetworkConfig is the configuration for additional pod - networks within the NodeNetworkConfig message + MonitoringComponentConfig: + id: MonitoringComponentConfig type: object properties: - subnetwork: - description: Name of the subnetwork where the additional pod network belongs. - type: string - secondaryPodRange: - description: >- - The name of the secondary range on the subnet which provides IP - address for this pod range. - type: string - maxPodsPerNode: - description: The maximum number of pods per node which use this pod network. - $ref: '#/components/schemas/MaxPodsConstraint' - networkAttachment: - description: >- - The name of the network attachment for pods to communicate to; - cannot be specified along with subnetwork or secondary_pod_range. - type: string - MaxPodsConstraint: - id: MaxPodsConstraint - description: Constraints applied to pods. - type: object + enableComponents: + items: + type: string + enumDescriptions: + - Default value. This shouldn't be used. + - system components + - kube-apiserver + - kube-scheduler + - kube-controller-manager + - Storage + - Horizontal Pod Autoscaling + - Pod + - DaemonSet + - Deployment + - Statefulset + - CADVISOR + - KUBELET + - NVIDIA Data Center GPU Manager (DCGM) + - JobSet + enum: + - COMPONENT_UNSPECIFIED + - SYSTEM_COMPONENTS + - APISERVER + - SCHEDULER + - CONTROLLER_MANAGER + - STORAGE + - HPA + - POD + - DAEMONSET + - DEPLOYMENT + - STATEFULSET + - CADVISOR + - KUBELET + - DCGM + - JOBSET + description: >- + Select components to collect metrics. An empty set would disable all + monitoring. + type: array + description: MonitoringComponentConfig is cluster monitoring component configuration. + LoggingComponentConfig: + description: LoggingComponentConfig is cluster logging component configuration. properties: - maxPodsPerNode: - description: Constraint enforced on the max num of pods per node. - type: string - format: int64 - NetworkTierConfig: - id: NetworkTierConfig - description: NetworkTierConfig contains network tier information. + enableComponents: + type: array + items: + type: string + enumDescriptions: + - Default value. This shouldn't be used. + - system components + - workloads + - kube-apiserver + - kube-scheduler + - kube-controller-manager + - kcp-sshd + - kcp connection logs + - horizontal pod autoscaler decision logs + enum: + - COMPONENT_UNSPECIFIED + - SYSTEM_COMPONENTS + - WORKLOADS + - APISERVER + - SCHEDULER + - CONTROLLER_MANAGER + - KCP_SSHD + - KCP_CONNECTION + - KCP_HPA + description: >- + Select components to collect logs. An empty set would disable all + logging. + id: LoggingComponentConfig type: object - properties: - networkTier: - description: Network tier configuration. - type: string - enumDescriptions: - - >- - By default, use project-level configuration. When unspecified, the - behavior defaults to NETWORK_TIER_DEFAULT. For cluster updates, - this implies no action (no-op). - - >- - Default network tier. Use project-level configuration. User can - specify this value, meaning they want to keep the same behaviour - as before cluster level network tier configuration is introduced. - This field ensures backward compatibility for the network tier of - cluster resources, such as node pools and load balancers, for - their external IP addresses. - - Premium network tier. - - Standard network tier. - enum: - - NETWORK_TIER_UNSPECIFIED - - NETWORK_TIER_DEFAULT - - NETWORK_TIER_PREMIUM - - NETWORK_TIER_STANDARD - NodePoolAutoscaling: - id: NodePoolAutoscaling + AutoprovisioningNodePoolDefaults: description: >- - NodePoolAutoscaling contains information required by cluster autoscaler - to adjust the size of the node pool to the current cluster usage. - type: object + AutoprovisioningNodePoolDefaults contains defaults for a node pool + created by NAP. + id: AutoprovisioningNodePoolDefaults properties: - enabled: - description: Is autoscaling enabled for this node pool. - type: boolean - minNodeCount: + minCpuPlatform: description: >- - Minimum number of nodes for one location in the node pool. Must be - greater than or equal to 0 and less than or equal to max_node_count. - type: integer - format: int32 - maxNodeCount: + Deprecated. Minimum CPU platform to be used for NAP created node + pools. The instance may be scheduled on the specified or newer CPU + platform. Applicable values are the friendly names of CPU platforms, + such as minCpuPlatform: Intel Haswell or minCpuPlatform: Intel Sandy + Bridge. For more information, read [how to specify min CPU + platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform). + This field is deprecated, min_cpu_platform should be specified using + `cloud.google.com/requested-min-cpu-platform` label selector on the + pod. To unset the min cpu platform field pass "automatic" as field + value. + deprecated: true + type: string + management: + description: Specifies the node management options for NAP created node-pools. + $ref: '#/components/schemas/NodeManagement' + imageType: description: >- - Maximum number of nodes for one location in the node pool. Must be - >= min_node_count. There has to be enough quota to scale up the - cluster. - type: integer - format: int32 - autoprovisioned: - description: Can this node pool be deleted automatically. + The image type to use for NAP created node. Please see + https://cloud.google.com/kubernetes-engine/docs/concepts/node-images + for available image types. + type: string + shieldedInstanceConfig: + description: Shielded Instance options. + $ref: '#/components/schemas/ShieldedInstanceConfig' + insecureKubeletReadonlyPortEnabled: type: boolean - locationPolicy: - description: Location policy used when scaling up a nodepool. + description: DEPRECATED. Use NodePoolAutoConfig.NodeKubeletConfig instead. + upgradeSettings: + description: Specifies the upgrade settings for NAP created node pools + $ref: '#/components/schemas/UpgradeSettings' + oauthScopes: + type: array + items: + type: string + description: Scopes that are used by NAP when creating node pools. + bootDiskKmsKey: + description: >- + The Customer Managed Encryption Key used to encrypt the boot disk + attached to each node in the node pool. This should be of the form + projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. + For more information about protecting resources with Cloud KMS Keys + please see: + https://cloud.google.com/compute/docs/disks/customer-managed-encryption type: string - enumDescriptions: - - Not set. - - >- - BALANCED is a best effort policy that aims to balance the sizes of - different zones. - - ANY policy picks zones that have the highest capacity available. - enum: - - LOCATION_POLICY_UNSPECIFIED - - BALANCED - - ANY - totalMinNodeCount: + serviceAccount: description: >- - Minimum number of nodes in the node pool. Must be greater than or - equal to 0 and less than or equal to total_max_node_count. The - total_*_node_count fields are mutually exclusive with the - *_node_count fields. + The Google Cloud Platform Service Account to be used by the node + VMs. + type: string + diskSizeGb: type: integer - format: int32 - totalMaxNodeCount: description: >- - Maximum number of nodes in the node pool. Must be greater than or - equal to total_min_node_count. There has to be enough quota to scale - up the cluster. The total_*_node_count fields are mutually exclusive - with the *_node_count fields. - type: integer + Size of the disk attached to each node, specified in GB. The + smallest allowed disk size is 10GB. If unspecified, the default disk + size is 100GB. format: int32 - NodeManagement: - id: NodeManagement - description: >- - NodeManagement defines the set of node management services turned on for - the node pool. - type: object - properties: - autoUpgrade: - description: >- - A flag that specifies whether node auto-upgrade is enabled for the - node pool. If enabled, node auto-upgrade helps keep the nodes in - your node pool up to date with the latest release version of - Kubernetes. - type: boolean - autoRepair: + diskType: description: >- - A flag that specifies whether the node auto-repair is enabled for - the node pool. If enabled, the nodes in this node pool will be - monitored and, if they fail health checks too many times, an - automatic repair action will be triggered. - type: boolean - upgradeOptions: - description: Specifies the Auto Upgrade knobs for the node pool. - $ref: '#/components/schemas/AutoUpgradeOptions' + Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' + or 'pd-balanced') If unspecified, the default disk type is + 'pd-standard' + type: string + type: object AutoUpgradeOptions: id: AutoUpgradeOptions - description: >- - AutoUpgradeOptions defines the set of options for the user to control - how the Auto Upgrades will proceed. type: object properties: autoUpgradeStartTime: + readOnly: true + type: string description: >- Output only. This field is set when upgrades are about to commence with the approximate start time for the upgrades, in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. - readOnly: true - type: string description: + readOnly: true description: >- Output only. This field is set when upgrades are about to commence with the description of the upgrade. - readOnly: true type: string - StatusCondition: - id: StatusCondition description: >- - StatusCondition describes why a cluster or a node pool has a certain - status (e.g., ERROR or DEGRADED). - type: object + AutoUpgradeOptions defines the set of options for the user to control + how the Auto Upgrades will proceed. + BlueGreenSettings: + description: Settings for blue-green upgrade. properties: - code: - description: >- - Machine-friendly representation of the condition Deprecated. Use - canonical_code instead. - deprecated: true + autoscaledRolloutPolicy: + description: Autoscaled policy for cluster autoscaler enabled blue-green upgrade. + $ref: '#/components/schemas/AutoscaledRolloutPolicy' + standardRolloutPolicy: + $ref: '#/components/schemas/StandardRolloutPolicy' + description: Standard policy for the blue-green upgrade. + nodePoolSoakDuration: type: string - enumDescriptions: - - UNKNOWN indicates a generic condition. - - >- - GCE_STOCKOUT indicates that Google Compute Engine resources are - temporarily unavailable. - - >- - GKE_SERVICE_ACCOUNT_DELETED indicates that the user deleted their - robot service account. - - Google Compute Engine quota was exceeded. - - >- - Cluster state was manually changed by an SRE due to a system logic - error. - - >- - Unable to perform an encrypt operation against the CloudKMS key - used for etcd level encryption. - - Cluster CA is expiring soon. - - Node service account is missing permissions. - - >- - Cloud KMS key version used for etcd level encryption has been - destroyed. This is a permanent error. - enum: - - UNKNOWN - - GCE_STOCKOUT - - GKE_SERVICE_ACCOUNT_DELETED - - GCE_QUOTA_EXCEEDED - - SET_BY_OPERATOR - - CLOUD_KMS_KEY_ERROR - - CA_EXPIRING - - NODE_SERVICE_ACCOUNT_MISSING_PERMISSIONS - - CLOUD_KMS_KEY_DESTROYED - message: - description: Human-friendly representation of the condition - type: string - canonicalCode: - description: Canonical code of the condition. - type: string - enumDescriptions: - - 'Not an error; returned on success. HTTP Mapping: 200 OK' - - >- - The operation was cancelled, typically by the caller. HTTP - Mapping: 499 Client Closed Request - - >- - Unknown error. For example, this error may be returned when a - `Status` value received from another address space belongs to an - error space that is not known in this address space. Also errors - raised by APIs that do not return enough error information may be - converted to this error. HTTP Mapping: 500 Internal Server Error - - >- - The client specified an invalid argument. Note that this differs - from `FAILED_PRECONDITION`. `INVALID_ARGUMENT` indicates arguments - that are problematic regardless of the state of the system (e.g., - a malformed file name). HTTP Mapping: 400 Bad Request - - >- - The deadline expired before the operation could complete. For - operations that change the state of the system, this error may be - returned even if the operation has completed successfully. For - example, a successful response from a server could have been - delayed long enough for the deadline to expire. HTTP Mapping: 504 - Gateway Timeout - - >- - Some requested entity (e.g., file or directory) was not found. - Note to server developers: if a request is denied for an entire - class of users, such as gradual feature rollout or undocumented - allowlist, `NOT_FOUND` may be used. If a request is denied for - some users within a class of users, such as user-based access - control, `PERMISSION_DENIED` must be used. HTTP Mapping: 404 Not - Found - - >- - The entity that a client attempted to create (e.g., file or - directory) already exists. HTTP Mapping: 409 Conflict - - >- - The caller does not have permission to execute the specified - operation. `PERMISSION_DENIED` must not be used for rejections - caused by exhausting some resource (use `RESOURCE_EXHAUSTED` - instead for those errors). `PERMISSION_DENIED` must not be used if - the caller can not be identified (use `UNAUTHENTICATED` instead - for those errors). This error code does not imply the request is - valid or the requested entity exists or satisfies other - pre-conditions. HTTP Mapping: 403 Forbidden - - >- - The request does not have valid authentication credentials for the - operation. HTTP Mapping: 401 Unauthorized - - >- - Some resource has been exhausted, perhaps a per-user quota, or - perhaps the entire file system is out of space. HTTP Mapping: 429 - Too Many Requests - - >- - The operation was rejected because the system is not in a state - required for the operation's execution. For example, the directory - to be deleted is non-empty, an rmdir operation is applied to a - non-directory, etc. Service implementors can use the following - guidelines to decide between `FAILED_PRECONDITION`, `ABORTED`, and - `UNAVAILABLE`: (a) Use `UNAVAILABLE` if the client can retry just - the failing call. (b) Use `ABORTED` if the client should retry at - a higher level. For example, when a client-specified test-and-set - fails, indicating the client should restart a read-modify-write - sequence. (c) Use `FAILED_PRECONDITION` if the client should not - retry until the system state has been explicitly fixed. For - example, if an "rmdir" fails because the directory is non-empty, - `FAILED_PRECONDITION` should be returned since the client should - not retry unless the files are deleted from the directory. HTTP - Mapping: 400 Bad Request - - >- - The operation was aborted, typically due to a concurrency issue - such as a sequencer check failure or transaction abort. See the - guidelines above for deciding between `FAILED_PRECONDITION`, - `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: 409 Conflict - - >- - The operation was attempted past the valid range. E.g., seeking or - reading past end-of-file. Unlike `INVALID_ARGUMENT`, this error - indicates a problem that may be fixed if the system state changes. - For example, a 32-bit file system will generate `INVALID_ARGUMENT` - if asked to read at an offset that is not in the range [0,2^32-1], - but it will generate `OUT_OF_RANGE` if asked to read from an - offset past the current file size. There is a fair bit of overlap - between `FAILED_PRECONDITION` and `OUT_OF_RANGE`. We recommend - using `OUT_OF_RANGE` (the more specific error) when it applies so - that callers who are iterating through a space can easily look for - an `OUT_OF_RANGE` error to detect when they are done. HTTP - Mapping: 400 Bad Request - - >- - The operation is not implemented or is not supported/enabled in - this service. HTTP Mapping: 501 Not Implemented - - >- - Internal errors. This means that some invariants expected by the - underlying system have been broken. This error code is reserved - for serious errors. HTTP Mapping: 500 Internal Server Error - - >- - The service is currently unavailable. This is most likely a - transient condition, which can be corrected by retrying with a - backoff. Note that it is not always safe to retry non-idempotent - operations. See the guidelines above for deciding between - `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: - 503 Service Unavailable - - >- - Unrecoverable data loss or corruption. HTTP Mapping: 500 Internal - Server Error - enum: - - OK - - CANCELLED - - UNKNOWN - - INVALID_ARGUMENT - - DEADLINE_EXCEEDED - - NOT_FOUND - - ALREADY_EXISTS - - PERMISSION_DENIED - - UNAUTHENTICATED - - RESOURCE_EXHAUSTED - - FAILED_PRECONDITION - - ABORTED - - OUT_OF_RANGE - - UNIMPLEMENTED - - INTERNAL - - UNAVAILABLE - - DATA_LOSS - UpgradeSettings: - id: UpgradeSettings - description: >- - These upgrade settings control the level of parallelism and the level of - disruption caused by an upgrade. maxUnavailable controls the number of - nodes that can be simultaneously unavailable. maxSurge controls the - number of additional nodes that can be added to the node pool - temporarily for the time of the upgrade to increase the number of - available nodes. (maxUnavailable + maxSurge) determines the level of - parallelism (how many nodes are being upgraded at the same time). Note: - upgrades inevitably introduce some disruption since workloads need to be - moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, - this holds true. (Disruption stays within the limits of - PodDisruptionBudget, if it is configured.) Consider a hypothetical node - pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the - upgrade process upgrades 3 nodes simultaneously. It creates 2 additional - (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at - the same time. This ensures that there are always at least 4 nodes - available. These upgrade settings configure the upgrade strategy for the - node pool. Use strategy to switch between the strategies applied to the - node pool. If the strategy is ROLLING, use max_surge and max_unavailable - to control the level of parallelism and the level of disruption caused - by upgrade. 1. maxSurge controls the number of additional nodes that can - be added to the node pool temporarily for the time of the upgrade to - increase the number of available nodes. 2. maxUnavailable controls the - number of nodes that can be simultaneously unavailable. 3. - (maxUnavailable + maxSurge) determines the level of parallelism (how - many nodes are being upgraded at the same time). If the strategy is - BLUE_GREEN, use blue_green_settings to configure the blue-green upgrade - related settings. 1. standard_rollout_policy is the default policy. The - policy is used to control the way blue pool gets drained. The draining - is executed in the batch mode. The batch size could be specified as - either percentage of the node pool size or the number of nodes. - batch_soak_duration is the soak time after each batch gets drained. 2. - node_pool_soak_duration is the soak time after all blue nodes are - drained. After this period, the blue pool nodes will be deleted. - type: object - properties: - maxSurge: - description: >- - The maximum number of nodes that can be created beyond the current - size of the node pool during the upgrade process. - type: integer - format: int32 - maxUnavailable: - description: >- - The maximum number of nodes that can be simultaneously unavailable - during the upgrade process. A node is considered available if its - status is Ready. - type: integer - format: int32 - strategy: - description: Update strategy of the node pool. - type: string - enumDescriptions: - - >- - Default value if unset. GKE internally defaults the update - strategy to SURGE for unspecified strategies. - - blue-green upgrade. - - >- - SURGE is the traditional way of upgrade a node pool. max_surge and - max_unavailable determines the level of upgrade parallelism. - enum: - - NODE_POOL_UPDATE_STRATEGY_UNSPECIFIED - - BLUE_GREEN - - SURGE - blueGreenSettings: - description: Settings for blue-green upgrade strategy. - $ref: '#/components/schemas/BlueGreenSettings' - BlueGreenSettings: - id: BlueGreenSettings - description: Settings for blue-green upgrade. - type: object - properties: - standardRolloutPolicy: - description: Standard policy for the blue-green upgrade. - $ref: '#/components/schemas/StandardRolloutPolicy' - nodePoolSoakDuration: - description: >- - Time needed after draining entire blue pool. After this period, blue - pool will be cleaned up. - type: string - format: google-duration - StandardRolloutPolicy: - id: StandardRolloutPolicy - description: Standard rollout policy is the default policy for blue-green. - type: object - properties: - batchPercentage: - description: >- - Percentage of the blue pool nodes to drain in a batch. The range of - this field should be (0.0, 1.0]. - type: number - format: float - batchNodeCount: - description: Number of blue nodes to drain in a batch. - type: integer - format: int32 - batchSoakDuration: - description: Soak time after each batch gets drained. Default to zero. - type: string - format: google-duration - PlacementPolicy: - id: PlacementPolicy - description: PlacementPolicy defines the placement policy used by the node pool. - type: object - properties: - type: - description: The type of placement. - type: string - enumDescriptions: - - TYPE_UNSPECIFIED specifies no requirements on nodes placement. - - >- - COMPACT specifies node placement in the same availability domain - to ensure low communication latency. - enum: - - TYPE_UNSPECIFIED - - COMPACT - tpuTopology: - description: >- - Optional. TPU placement topology for pod slice node pool. - https://{$universe.dns_names.final_documentation_domain}/tpu/docs/types-topologies#tpu_topologies - type: string - policyName: - description: >- - If set, refers to the name of a custom resource policy supplied by - the user. The resource policy must be in the same project and region - as the node pool. If not found, InvalidArgument error is returned. - type: string - UpdateInfo: - id: UpdateInfo - description: >- - UpdateInfo contains resource (instance groups, etc), status and other - intermediate information relevant to a node pool upgrade. - type: object - properties: - blueGreenInfo: - description: Information of a blue-green upgrade. - $ref: '#/components/schemas/BlueGreenInfo' - BlueGreenInfo: - id: BlueGreenInfo - description: Information relevant to blue-green upgrade. - type: object - properties: - phase: - description: Current blue-green upgrade phase. - type: string - enumDescriptions: - - Unspecified phase. - - blue-green upgrade has been initiated. - - Start creating green pool nodes. - - Start cordoning blue pool nodes. - - Start draining blue pool nodes. - - Start soaking time after draining entire blue pool. - - Start deleting blue nodes. - - Rollback has been initiated. - enum: - - PHASE_UNSPECIFIED - - UPDATE_STARTED - - CREATING_GREEN_POOL - - CORDONING_BLUE_POOL - - DRAINING_BLUE_POOL - - NODE_POOL_SOAKING - - DELETING_BLUE_POOL - - ROLLBACK_STARTED - blueInstanceGroupUrls: - description: >- - The resource URLs of the [managed instance groups] - (/compute/docs/instance-groups/creating-groups-of-managed-instances) - associated with blue pool. - type: array - items: - type: string - greenInstanceGroupUrls: - description: >- - The resource URLs of the [managed instance groups] - (/compute/docs/instance-groups/creating-groups-of-managed-instances) - associated with green pool. - type: array - items: - type: string - bluePoolDeletionStartTime: - description: >- - Time to start deleting blue pool to complete blue-green upgrade, in - [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. - type: string - greenPoolVersion: - description: Version of green pool. - type: string - QueuedProvisioning: - id: QueuedProvisioning - description: >- - QueuedProvisioning defines the queued provisioning used by the node - pool. - type: object - properties: - enabled: - description: >- - Denotes that this nodepool is QRM specific, meaning nodes can be - only obtained through queuing via the Cluster Autoscaler - ProvisioningRequest API. - type: boolean - BestEffortProvisioning: - id: BestEffortProvisioning - description: Best effort provisioning. - type: object - properties: - enabled: - description: >- - When this is enabled, cluster/node pool creations will ignore - non-fatal errors like stockout to best provision as many nodes as - possible right now and eventually bring up all target number of - nodes - type: boolean - minProvisionNodes: - description: >- - Minimum number of nodes to be provisioned to be considered as - succeeded, and the rest of nodes will be provisioned gradually and - eventually when stockout issue has been resolved. - type: integer - format: int32 - AutopilotConfig: - id: AutopilotConfig - description: >- - AutopilotConfig contains configuration of autopilot feature for this - nodepool. - type: object - properties: - enabled: - description: Denotes that nodes belonging to this node pool are Autopilot nodes. - type: boolean - LegacyAbac: - id: LegacyAbac - description: >- - Configuration for the legacy Attribute Based Access Control - authorization mode. - type: object - properties: - enabled: - description: >- - Whether the ABAC authorizer is enabled for this cluster. When - enabled, identities in the system, including service accounts, - nodes, and controllers, will have statically granted permissions - beyond those provided by the RBAC configuration or IAM. - type: boolean - NetworkPolicy: - id: NetworkPolicy - description: >- - Configuration options for the NetworkPolicy feature. - https://kubernetes.io/docs/concepts/services-networking/networkpolicies/ - type: object - properties: - provider: - description: The selected network policy provider. - type: string - enumDescriptions: - - Not set - - Tigera (Calico Felix). - enum: - - PROVIDER_UNSPECIFIED - - CALICO - enabled: - description: Whether network policy is enabled on the cluster. - type: boolean - IPAllocationPolicy: - id: IPAllocationPolicy - description: Configuration for controlling how IPs are allocated in the cluster. - type: object - properties: - useIpAliases: - description: >- - Whether alias IPs will be used for pod IPs in the cluster. This is - used in conjunction with use_routes. It cannot be true if use_routes - is true. If both use_ip_aliases and use_routes are false, then the - server picks the default IP allocation mode - type: boolean - createSubnetwork: - description: >- - Whether a new subnetwork will be created automatically for the - cluster. This field is only applicable when `use_ip_aliases` is - true. - type: boolean - subnetworkName: - description: >- - A custom subnetwork name to be used if `create_subnetwork` is true. - If this field is empty, then an automatic name will be chosen for - the new subnetwork. - type: string - clusterIpv4Cidr: - description: This field is deprecated, use cluster_ipv4_cidr_block. - deprecated: true - type: string - nodeIpv4Cidr: - description: This field is deprecated, use node_ipv4_cidr_block. - deprecated: true - type: string - servicesIpv4Cidr: - description: This field is deprecated, use services_ipv4_cidr_block. - deprecated: true - type: string - clusterSecondaryRangeName: - description: >- - The name of the secondary range to be used for the cluster CIDR - block. The secondary range will be used for pod IP addresses. This - must be an existing secondary range associated with the cluster - subnetwork. This field is only applicable with use_ip_aliases is - true and create_subnetwork is false. - type: string - servicesSecondaryRangeName: - description: >- - The name of the secondary range to be used as for the services CIDR - block. The secondary range will be used for service ClusterIPs. This - must be an existing secondary range associated with the cluster - subnetwork. This field is only applicable with use_ip_aliases is - true and create_subnetwork is false. - type: string - clusterIpv4CidrBlock: - description: >- - The IP address range for the cluster pod IPs. If this field is set, - then `cluster.cluster_ipv4_cidr` must be left blank. This field is - only applicable when `use_ip_aliases` is true. Set to blank to have - a range chosen with the default size. Set to /netmask (e.g. `/14`) - to have a range chosen with a specific netmask. Set to a - [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks - (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a - specific range to use. - type: string - nodeIpv4CidrBlock: - description: >- - The IP address range of the instance IPs in this cluster. This is - applicable only if `create_subnetwork` is true. Set to blank to have - a range chosen with the default size. Set to /netmask (e.g. `/14`) - to have a range chosen with a specific netmask. Set to a - [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks - (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a - specific range to use. - type: string - servicesIpv4CidrBlock: - description: >- - The IP address range of the services IPs in this cluster. If blank, - a range will be automatically chosen with the default size. This - field is only applicable when `use_ip_aliases` is true. Set to blank - to have a range chosen with the default size. Set to /netmask (e.g. - `/14`) to have a range chosen with a specific netmask. Set to a - [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks - (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a - specific range to use. - type: string - tpuIpv4CidrBlock: - description: >- - The IP address range of the Cloud TPUs in this cluster. If - unspecified, a range will be automatically chosen with the default - size. This field is only applicable when `use_ip_aliases` is true. - If unspecified, the range will use the default size. Set to /netmask - (e.g. `/14`) to have a range chosen with a specific netmask. Set to - a - [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) - notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks - (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a - specific range to use. This field is deprecated due to the - deprecation of 2VM TPU. The end of life date for 2VM TPU is - 2025-04-25. - deprecated: true - type: string - useRoutes: description: >- - Whether routes will be used for pod IPs in the cluster. This is used - in conjunction with use_ip_aliases. It cannot be true if - use_ip_aliases is true. If both use_ip_aliases and use_routes are - false, then the server picks the default IP allocation mode - type: boolean - stackType: - description: The IP stack type of the cluster - type: string + Time needed after draining entire blue pool. After this period, blue + pool will be cleaned up. + format: google-duration + type: object + id: BlueGreenSettings + GPUDriverInstallationConfig: + description: >- + GPUDriverInstallationConfig specifies the version of GPU driver to be + auto installed. + properties: + gpuDriverVersion: enumDescriptions: - - Default value, will be defaulted as IPV4 only - - Cluster is IPV4 only - - Cluster can use both IPv4 and IPv6 - enum: - - STACK_TYPE_UNSPECIFIED - - IPV4 - - IPV4_IPV6 - ipv6AccessType: - description: >- - The ipv6 access type (internal or external) when create_subnetwork - is true + - Default value is to not install any GPU driver. + - Disable GPU driver auto installation and needs manual installation + - '"Default" GPU driver in COS and Ubuntu.' + - '"Latest" GPU driver in COS.' + description: Mode for how the GPU driver is installed. type: string - enumDescriptions: - - Default value, will be defaulted as type external. - - Access type internal (all v6 addresses are internal IPs) - - Access type external (all v6 addresses are external IPs) enum: - - IPV6_ACCESS_TYPE_UNSPECIFIED - - INTERNAL - - EXTERNAL - podCidrOverprovisionConfig: + - GPU_DRIVER_VERSION_UNSPECIFIED + - INSTALLATION_DISABLED + - DEFAULT + - LATEST + type: object + id: GPUDriverInstallationConfig + MonitoringConfig: + type: object + properties: + advancedDatapathObservabilityConfig: + description: Configuration of Advanced Datapath Observability features. + $ref: '#/components/schemas/AdvancedDatapathObservabilityConfig' + componentConfig: + description: Monitoring components configuration + $ref: '#/components/schemas/MonitoringComponentConfig' + managedPrometheusConfig: + description: Enable Google Cloud Managed Service for Prometheus in the cluster. + $ref: '#/components/schemas/ManagedPrometheusConfig' + description: MonitoringConfig is cluster monitoring configuration. + id: MonitoringConfig + DailyMaintenanceWindow: + description: Time window specified for daily maintenance operations. + type: object + id: DailyMaintenanceWindow + properties: + startTime: description: >- - [PRIVATE FIELD] Pod CIDR size overprovisioning config for the - cluster. Pod CIDR size per node depends on max_pods_per_node. By - default, the value of max_pods_per_node is doubled and then rounded - off to next power of 2 to get the size of pod CIDR block per node. - Example: max_pods_per_node of 30 would result in 64 IPs (/26). This - config can disable the doubling of IPs (we still round off to next - power of 2) Example: max_pods_per_node of 30 will result in 32 IPs - (/27) when overprovisioning is disabled. - $ref: '#/components/schemas/PodCIDROverprovisionConfig' - subnetIpv6CidrBlock: - description: Output only. The subnet's IPv6 CIDR block used by nodes and pods. - readOnly: true + Time within the maintenance window to start the maintenance + operations. Time format should be in + [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) format "HH:MM", + where HH : [00-23] and MM : [00-59] GMT. type: string - servicesIpv6CidrBlock: - description: Output only. The services IPv6 CIDR block for the cluster. + duration: readOnly: true + description: >- + Output only. Duration of the time window, automatically chosen to be + smallest possible in the given scenario. Duration will be in + [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) format "PTnHnMnS". type: string - additionalPodRangesConfig: + NetworkConfig: + description: NetworkConfig reports the relative names of network & subnetwork. + type: object + properties: + network: description: >- - Output only. The additional pod ranges that are added to the - cluster. These pod ranges can be used by new node pools to allocate - pod IPs automatically. Once the range is removed it will not show up - in IPAllocationPolicy. + Output only. The relative name of the Google Compute Engine + [network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks) + to which the cluster is connected. Example: + projects/my-project/global/networks/my-network + type: string readOnly: true - $ref: '#/components/schemas/AdditionalPodRangesConfig' - defaultPodIpv4RangeUtilization: + defaultEnablePrivateNodes: description: >- - Output only. The utilization of the cluster default IPv4 range for - the pod. The ratio is Usage/[Total number of IPs in the secondary - range], Usage=numNodes*numZones*podIPsPerNode. - readOnly: true - type: number - format: double - additionalIpRangesConfigs: + Controls whether by default nodes have private IP addresses only. It + is invalid to specify both PrivateClusterConfig.enablePrivateNodes + and this field at the same time. To update the default setting, use + ClusterUpdate.desired_default_enable_private_nodes + type: boolean + gatewayApiConfig: description: >- - Output only. The additional IP ranges that are added to the cluster. - These IP ranges can be used by new node pools to allocate node and - pod IPs automatically. Each AdditionalIPRangesConfig corresponds to - a single subnetwork. Once a range is removed it will not show up in - IPAllocationPolicy. - readOnly: true - type: array - items: - $ref: '#/components/schemas/AdditionalIPRangesConfig' - autoIpamConfig: + GatewayAPIConfig contains the desired config of Gateway API on this + cluster. + $ref: '#/components/schemas/GatewayAPIConfig' + enableMultiNetworking: + description: Whether multi-networking is enabled for this cluster. + type: boolean + enableL4ilbSubsetting: + description: Whether L4ILB Subsetting is enabled for this cluster. + type: boolean + defaultSnatStatus: description: >- - Optional. AutoIpamConfig contains all information related to Auto - IPAM - $ref: '#/components/schemas/AutoIpamConfig' - networkTierConfig: + Whether the cluster disables default in-node sNAT rules. In-node + sNAT rules will be disabled when default_snat_status is disabled. + When disabled is set to false, default IP masquerade rules will be + applied to the nodes to prevent sNAT on cluster internal traffic. + $ref: '#/components/schemas/DefaultSnatStatus' + enableIntraNodeVisibility: description: >- - Cluster-level network tier configuration is used to determine the - default network tier for external IP addresses on cluster resources, - such as node pools and load balancers. - $ref: '#/components/schemas/NetworkTierConfig' - AdditionalPodRangesConfig: - id: AdditionalPodRangesConfig - description: >- - AdditionalPodRangesConfig is the configuration for additional pod - secondary ranges supporting the ClusterUpdate message. - type: object - properties: - podRangeNames: + Whether Intra-node visibility is enabled for this cluster. This + makes same node pod to pod traffic visible for VPC network. + type: boolean + disableL4LbFirewallReconciliation: + description: Disable L4 load balancer VPC firewalls to enable firewall policies. + type: boolean + subnetwork: description: >- - Name for pod secondary ipv4 range which has the actual range defined - ahead. - type: array - items: - type: string - podRangeInfo: - description: Output only. Information for additional pod range. - readOnly: true - type: array - items: - $ref: '#/components/schemas/RangeInfo' - RangeInfo: - id: RangeInfo - description: >- - RangeInfo contains the range name and the range utilization by this - cluster. - type: object - properties: - rangeName: - description: Output only. Name of a range. + Output only. The relative name of the Google Compute Engine + [subnetwork](https://cloud.google.com/compute/docs/vpc) to which the + cluster is connected. Example: + projects/my-project/regions/us-central1/subnetworks/my-subnet readOnly: true type: string - utilization: - description: Output only. The utilization of the range. - readOnly: true - type: number - format: double - AdditionalIPRangesConfig: - id: AdditionalIPRangesConfig - description: >- - AdditionalIPRangesConfig is the configuration for individual additional - subnetwork attached to the cluster - type: object - properties: - subnetwork: + serviceExternalIpsConfig: description: >- - Name of the subnetwork. This can be the full path of the subnetwork - or just the name. Example1: my-subnet Example2: - projects/gke-project/regions/us-central1/subnetworks/my-subnet + ServiceExternalIPsConfig specifies if services with externalIPs + field are blocked or not. + $ref: '#/components/schemas/ServiceExternalIPsConfig' + privateIpv6GoogleAccess: type: string - podIpv4RangeNames: description: >- - List of secondary ranges names within this subnetwork that can be - used for pod IPs. Example1: gke-pod-range1 Example2: - gke-pod-range1,gke-pod-range2 - type: array - items: - type: string - AutoIpamConfig: - id: AutoIpamConfig - description: AutoIpamConfig contains all information related to Auto IPAM - type: object - properties: - enabled: - description: The flag that enables Auto IPAM on this cluster - type: boolean - MasterAuthorizedNetworksConfig: - id: MasterAuthorizedNetworksConfig - description: >- - Configuration options for the master authorized networks feature. - Enabled master authorized networks will disallow all external traffic to - access Kubernetes master through HTTPS except traffic from the given - CIDR blocks, Google Compute Engine Public IPs and Google Prod IPs. - type: object - properties: - enabled: - description: Whether or not master authorized networks is enabled. - type: boolean - cidrBlocks: + The desired state of IPv6 connectivity to Google Services. By + default, no private IPv6 access to or from Google Services (all + access will be via IPv4) + enum: + - PRIVATE_IPV6_GOOGLE_ACCESS_UNSPECIFIED + - PRIVATE_IPV6_GOOGLE_ACCESS_DISABLED + - PRIVATE_IPV6_GOOGLE_ACCESS_TO_GOOGLE + - PRIVATE_IPV6_GOOGLE_ACCESS_BIDIRECTIONAL + enumDescriptions: + - Default value. Same as DISABLED + - No private access to or from Google Services + - Enables private IPv6 access to Google Services from GKE + - Enables private IPv6 access to and from Google Services + datapathProvider: description: >- - cidr_blocks define up to 50 external networks that could access - Kubernetes master through HTTPS. - type: array - items: - $ref: '#/components/schemas/CidrBlock' - gcpPublicCidrsAccessEnabled: + The desired datapath provider for this cluster. By default, uses the + IPTables-based kube-proxy implementation. + enum: + - DATAPATH_PROVIDER_UNSPECIFIED + - LEGACY_DATAPATH + - ADVANCED_DATAPATH + enumDescriptions: + - Default value. + - Use the IPTables implementation based on kube-proxy. + - >- + Use the eBPF based GKE Dataplane V2 with additional features. See + the [GKE Dataplane V2 + documentation](https://cloud.google.com/kubernetes-engine/docs/how-to/dataplane-v2) + for more. + type: string + inTransitEncryptionConfig: description: >- - Whether master is accessible via Google Compute Engine Public IP - addresses. + Specify the details of in-transit encryption. Now named inter-node + transparent encryption. + enum: + - IN_TRANSIT_ENCRYPTION_CONFIG_UNSPECIFIED + - IN_TRANSIT_ENCRYPTION_DISABLED + - IN_TRANSIT_ENCRYPTION_INTER_NODE_TRANSPARENT + enumDescriptions: + - >- + Unspecified, will be inferred as default - + IN_TRANSIT_ENCRYPTION_UNSPECIFIED. + - In-transit encryption is disabled. + - >- + Data in-transit is encrypted using inter-node transparent + encryption. + type: string + enableCiliumClusterwideNetworkPolicy: type: boolean - privateEndpointEnforcementEnabled: - description: >- - Whether master authorized networks is enforced on private endpoint - or not. + description: Whether CiliumClusterwideNetworkPolicy is enabled on this cluster. + enableFqdnNetworkPolicy: + description: Whether FQDN Network Policy is enabled on this cluster. type: boolean - CidrBlock: - id: CidrBlock - description: CidrBlock contains an optional name and one CIDR block. + networkPerformanceConfig: + description: Network bandwidth tier configuration. + $ref: '#/components/schemas/ClusterNetworkPerformanceConfig' + dnsConfig: + $ref: '#/components/schemas/DNSConfig' + description: DNSConfig contains clusterDNS config for this cluster. + id: NetworkConfig + NodeKernelModuleLoading: + description: Configuration for kernel module loading on nodes. type: object + id: NodeKernelModuleLoading properties: - displayName: - description: display_name is an optional field for users to identify CIDR blocks. - type: string - cidrBlock: - description: cidr_block must be specified in CIDR notation. + policy: type: string - MaintenancePolicy: - id: MaintenancePolicy - description: >- - MaintenancePolicy defines the maintenance policy to be used for the - cluster. - type: object + enum: + - POLICY_UNSPECIFIED + - ENFORCE_SIGNED_MODULES + - DO_NOT_ENFORCE_SIGNED_MODULES + enumDescriptions: + - >- + Default behavior. GKE selects the image based on node type. For + CPU and TPU nodes, the image will not allow loading external + kernel modules. For GPU nodes, the image will allow loading any + module, whether it is signed or not. + - >- + Enforced signature verification: Node pools will use a + Container-Optimized OS image configured to allow loading of + *Google-signed* external kernel modules. Loadpin is enabled but + configured to exclude modules, and kernel module signature + checking is enforced. + - >- + Mirrors existing DEFAULT behavior: For CPU and TPU nodes, the + image will not allow loading external kernel modules. For GPU + nodes, the image will allow loading any module, whether it is + signed or not. + description: Set the node module loading policy for nodes in the node pool. + StartIPRotationRequest: properties: - window: + rotateCredentials: + type: boolean + description: Whether to rotate credentials during IP rotation. + zone: + deprecated: true description: >- - Specifies the maintenance window in which maintenance may be - performed. - $ref: '#/components/schemas/MaintenanceWindow' - resourceVersion: + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and + replaced by the name field. + type: string + projectId: description: >- - A hash identifying the version of this policy, so that updates to - fields of the policy won't accidentally undo intermediate changes - (and so that users of the API unaware of some fields won't - accidentally remove other fields). Make a `get()` request to the - cluster to get the current resource version and include it with - requests to set the policy. + Deprecated. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + This field has been deprecated and replaced by the name field. + deprecated: true type: string - MaintenanceWindow: - id: MaintenanceWindow + clusterId: + description: >- + Deprecated. The name of the cluster. This field has been deprecated + and replaced by the name field. + type: string + deprecated: true + name: + description: >- + The name (project, location, cluster name) of the cluster to start + IP rotation. Specified in the format + `projects/*/locations/*/clusters/*`. + type: string + type: object + id: StartIPRotationRequest description: >- - MaintenanceWindow defines the maintenance window to be used for the - cluster. + StartIPRotationRequest creates a new IP for the cluster and then + performs a node upgrade on each node pool to point to the new IP. + MaintenanceWindow: type: object properties: dailyMaintenanceWindow: + $ref: '#/components/schemas/DailyMaintenanceWindow' description: >- DailyMaintenanceWindow specifies a daily maintenance operation window. - $ref: '#/components/schemas/DailyMaintenanceWindow' recurringWindow: + $ref: '#/components/schemas/RecurringTimeWindow' description: >- RecurringWindow specifies some number of recurring time periods for maintenance to occur. The time windows may be overlapping. If no maintenance windows are set, maintenance can occur at any time. - $ref: '#/components/schemas/RecurringTimeWindow' maintenanceExclusions: + type: object description: >- Exceptions to maintenance window. Non-emergency maintenance should not occur in these windows. - type: object additionalProperties: $ref: '#/components/schemas/TimeWindow' - DailyMaintenanceWindow: - id: DailyMaintenanceWindow - description: Time window specified for daily maintenance operations. + id: MaintenanceWindow + description: >- + MaintenanceWindow defines the maintenance window to be used for the + cluster. + GcePersistentDiskCsiDriverConfig: type: object properties: - startTime: + enabled: + type: boolean description: >- - Time within the maintenance window to start the maintenance - operations. Time format should be in - [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) format "HH:MM", - where HH : [00-23] and MM : [00-59] GMT. + Whether the Compute Engine PD CSI driver is enabled for this + cluster. + id: GcePersistentDiskCsiDriverConfig + description: Configuration for the Compute Engine PD CSI driver. + HttpCacheControlResponseHeader: + properties: + directive: + description: 14.9 request and response directives type: string - duration: - description: >- - Output only. Duration of the time window, automatically chosen to be - smallest possible in the given scenario. Duration will be in - [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) format "PTnHnMnS". - readOnly: true + expires: + description: 14.21 response cache expires, in RFC 1123 date format type: string - RecurringTimeWindow: - id: RecurringTimeWindow - description: Represents an arbitrary window of time that recurs. - type: object - properties: - window: - description: The window of the first recurrence. - $ref: '#/components/schemas/TimeWindow' - recurrence: - description: >- - An RRULE (https://tools.ietf.org/html/rfc5545#section-3.8.5.3) for - how this window reccurs. They go on for the span of time between the - start and end time. For example, to have something repeat every - weekday, you'd use: `FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR` To repeat - some window daily (equivalent to the DailyMaintenanceWindow): - `FREQ=DAILY` For the first weekend of every month: - `FREQ=MONTHLY;BYSETPOS=1;BYDAY=SA,SU` This specifies how frequently - the window starts. Eg, if you wanted to have a 9-5 UTC-4 window - every weekday, you'd use something like: ``` start time = - 2019-01-01T09:00:00-0400 end time = 2019-01-01T17:00:00-0400 - recurrence = FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR ``` Windows can span - multiple days. Eg, to make the window encompass every weekend from - midnight Saturday till the last minute of Sunday UTC: ``` start time - = 2019-01-05T00:00:00Z end time = 2019-01-07T23:59:00Z recurrence = - FREQ=WEEKLY;BYDAY=SA ``` Note the start and end time's specific - dates are largely arbitrary except to specify duration of the window - and when it first starts. The FREQ values of HOURLY, MINUTELY, and - SECONDLY are not supported. + age: + format: int64 + description: 14.6 response cache age, in seconds since the response is generated type: string - TimeWindow: - id: TimeWindow - description: Represents an arbitrary window of time. + id: HttpCacheControlResponseHeader + description: 'RFC-2616: cache control support' type: object + AdvancedMachineFeatures: + id: AdvancedMachineFeatures properties: - maintenanceExclusionOptions: - description: >- - MaintenanceExclusionOptions provides maintenance exclusion related - options. - $ref: '#/components/schemas/MaintenanceExclusionOptions' - startTime: - description: The time that the window first starts. + enableNestedVirtualization: + type: boolean + description: Whether or not to enable nested virtualization (defaults to false). + threadsPerCore: type: string - format: google-datetime - endTime: description: >- - The time that the window ends. The end time should take place after - the start time. + The number of threads per physical core. To disable simultaneous + multithreading (SMT) set this to 1. If unset, the maximum number of + threads supported per core by the underlying processor is assumed. + format: int64 + performanceMonitoringUnit: type: string - format: google-datetime - MaintenanceExclusionOptions: - id: MaintenanceExclusionOptions - description: Represents the Maintenance exclusion option. + enumDescriptions: + - PMU not enabled. + - Architecturally defined non-LLC events. + - Most documented core/L2 events. + - Most documented core/L2 and LLC events. + enum: + - PERFORMANCE_MONITORING_UNIT_UNSPECIFIED + - ARCHITECTURAL + - STANDARD + - ENHANCED + description: >- + Type of Performance Monitoring Unit (PMU) requested on node pool + instances. If unset, PMU will not be available to the node. + description: Specifies options for controlling advanced machine features. type: object + EnterpriseConfig: properties: - scope: + clusterTier: + type: string description: >- - Scope specifies the upgrade scope which upgrades are blocked by the - exclusion. + Output only. cluster_tier indicates the effective tier of the + cluster. + readOnly: true + enum: + - CLUSTER_TIER_UNSPECIFIED + - STANDARD + - ENTERPRISE + enumDescriptions: + - CLUSTER_TIER_UNSPECIFIED is when cluster_tier is not set. + - STANDARD indicates a standard GKE cluster. + - ENTERPRISE indicates a GKE Enterprise cluster. + desiredTier: + description: desired_tier specifies the desired tier of the cluster. + enum: + - CLUSTER_TIER_UNSPECIFIED + - STANDARD + - ENTERPRISE type: string enumDescriptions: - - >- - NO_UPGRADES excludes all upgrades, including patch upgrades and - minor upgrades across control planes and nodes. This is the - default exclusion behavior. - - >- - NO_MINOR_UPGRADES excludes all minor upgrades for the cluster, - only patches are allowed. - - >- - NO_MINOR_OR_NODE_UPGRADES excludes all minor upgrades for the - cluster, and also exclude all node pool upgrades. Only control - plane patches are allowed. - enum: - - NO_UPGRADES - - NO_MINOR_UPGRADES - - NO_MINOR_OR_NODE_UPGRADES - BinaryAuthorization: - id: BinaryAuthorization - description: Configuration for Binary Authorization. + - CLUSTER_TIER_UNSPECIFIED is when cluster_tier is not set. + - STANDARD indicates a standard GKE cluster. + - ENTERPRISE indicates a GKE Enterprise cluster. type: object + description: >- + EnterpriseConfig is the cluster enterprise configuration. Deprecated: + GKE Enterprise features are now available without an Enterprise tier. + id: EnterpriseConfig + deprecated: true + SetLegacyAbacRequest: properties: - enabled: + projectId: description: >- - This field is deprecated. Leave this unset and instead configure - BinaryAuthorization using evaluation_mode. If evaluation_mode is set - to anything other than EVALUATION_MODE_UNSPECIFIED, this field is - ignored. + Deprecated. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + This field has been deprecated and replaced by the name field. + type: string deprecated: true - type: boolean - evaluationMode: + name: description: >- - Mode of operation for binauthz policy evaluation. If unspecified, - defaults to DISABLED. + The name (project, location, cluster name) of the cluster to set + legacy abac. Specified in the format + `projects/*/locations/*/clusters/*`. type: string - enumDescriptions: - - Default value - - Disable BinaryAuthorization - - >- - Enforce Kubernetes admission requests with BinaryAuthorization - using the project's singleton policy. This is equivalent to - setting the enabled boolean to true. - enum: - - EVALUATION_MODE_UNSPECIFIED - - DISABLED - - PROJECT_SINGLETON_POLICY_ENFORCE - ClusterAutoscaling: - id: ClusterAutoscaling + zone: + deprecated: true + type: string + description: >- + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and + replaced by the name field. + clusterId: + description: >- + Deprecated. The name of the cluster to update. This field has been + deprecated and replaced by the name field. + type: string + deprecated: true + enabled: + description: Required. Whether ABAC authorization will be enabled in the cluster. + type: boolean description: >- - ClusterAutoscaling contains global, per-cluster information required by - Cluster Autoscaler to automatically adjust the size of the cluster and - create/delete node pools based on the current needs. + SetLegacyAbacRequest enables or disables the ABAC authorization + mechanism for a cluster. + type: object + id: SetLegacyAbacRequest + Jwk: type: object properties: - enableNodeAutoprovisioning: - description: Enables automatic node pool creation and deletion. + crv: + description: Used for ECDSA keys. + type: string + 'y': + type: string + description: Used for ECDSA keys. + kty: + description: Key Type. + type: string + alg: + type: string + description: Algorithm. + use: + description: Permitted uses for the public keys. + type: string + x: + type: string + description: Used for ECDSA keys. + kid: + description: Key ID. + type: string + 'n': + description: Used for RSA keys. + type: string + e: + type: string + description: Used for RSA keys. + id: Jwk + description: Jwk is a JSON Web Key as specified in RFC 7517 + NodeConfig: + properties: + enableConfidentialStorage: + description: Optional. Reserved for future use. type: boolean - resourceLimits: + tags: + items: + type: string description: >- - Contains global constraints regarding minimum and maximum amount of - resources in the cluster. + The list of instance tags applied to all nodes. Tags are used to + identify valid sources or targets for network firewalls and are + specified by the client during cluster or node pool creation. Each + tag within the list must comply with RFC1035. + type: array + taints: + description: >- + List of kubernetes taints to be applied to each node. For more + information, including usage and the valid values, see: + https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ type: array items: - $ref: '#/components/schemas/ResourceLimit' - autoscalingProfile: - description: Defines autoscaling behaviour. + $ref: '#/components/schemas/NodeTaint' + linuxNodeConfig: + description: Parameters that can be configured on Linux nodes. + $ref: '#/components/schemas/LinuxNodeConfig' + flexStart: + type: boolean + description: Flex Start flag for enabling Flex Start VM. + localNvmeSsdBlockConfig: + $ref: '#/components/schemas/LocalNvmeSsdBlockConfig' + description: Parameters for using raw-block Local NVMe SSDs. + maxRunDuration: type: string - enumDescriptions: - - No change to autoscaling configuration. - - Prioritize optimizing utilization of resources. - - Use default (balanced) autoscaling configuration. - enum: - - PROFILE_UNSPECIFIED - - OPTIMIZE_UTILIZATION - - BALANCED - autoprovisioningNodePoolDefaults: + format: google-duration description: >- - AutoprovisioningNodePoolDefaults contains defaults for a node pool - created by NAP. - $ref: '#/components/schemas/AutoprovisioningNodePoolDefaults' - autoprovisioningLocations: + The maximum duration for the nodes to exist. If unspecified, the + nodes can exist indefinitely. + bootDisk: + description: The boot disk configuration for the node pool. + $ref: '#/components/schemas/BootDisk' + minCpuPlatform: description: >- - The list of Google Compute Engine - [zones](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the NodePool's nodes can be created by NAP. - type: array - items: + Minimum CPU platform to be used by this instance. The instance may + be scheduled on the specified or newer CPU platform. Applicable + values are the friendly names of CPU platforms, such as + `minCpuPlatform: "Intel Haswell"` or `minCpuPlatform: "Intel Sandy + Bridge"`. For more information, read [how to specify min CPU + platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform) + type: string + preemptible: + type: boolean + description: >- + Whether the nodes are created as preemptible VM instances. See: + https://cloud.google.com/compute/docs/instances/preemptible for more + information about preemptible VM instances. + resourceManagerTags: + $ref: '#/components/schemas/ResourceManagerTags' + description: >- + A map of resource manager tag keys and values to be attached to the + nodes. + reservationAffinity: + description: >- + The optional reservation affinity. Setting this field will apply the + specified [Zonal Compute + Reservation](https://cloud.google.com/compute/docs/instances/reserving-zonal-resources) + to this node pool. + $ref: '#/components/schemas/ReservationAffinity' + bootDiskKmsKey: + type: string + description: ' The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption' + ephemeralStorageLocalSsdConfig: + $ref: '#/components/schemas/EphemeralStorageLocalSsdConfig' + description: >- + Parameters for the node ephemeral storage using Local SSDs. If + unspecified, ephemeral storage is backed by the boot disk. + nodeGroup: + description: >- + Setting this field will assign instances of this pool to run on the + specified node group. This is useful for running workloads on [sole + tenant + nodes](https://cloud.google.com/compute/docs/nodes/sole-tenant-nodes). + type: string + metadata: + additionalProperties: type: string - defaultComputeClassConfig: - description: Default compute class is a configuration for default compute class. - $ref: '#/components/schemas/DefaultComputeClassConfig' - ResourceLimit: - id: ResourceLimit - description: >- - Contains information about amount of some resource in the cluster. For - memory, value should be in GB. - type: object - properties: - resourceType: - description: Resource name "cpu", "memory" or gpu-specific string. + description: >- + The metadata key/value pairs assigned to instances in the cluster. + Keys must conform to the regexp `[a-zA-Z0-9-_]+` and be less than + 128 bytes in length. These are reflected as part of a URL in the + metadata server. Additionally, to avoid ambiguity, keys must not + conflict with any other metadata keys for the project or be one of + the reserved keys: - "cluster-location" - "cluster-name" - + "cluster-uid" - "configure-sh" - "containerd-configure-sh" - + "enable-os-login" - "gci-ensure-gke-docker" - "gci-metrics-enabled" + - "gci-update-strategy" - "instance-template" - "kube-env" - + "startup-script" - "user-data" - "disable-address-manager" - + "windows-startup-script-ps1" - "common-psm1" - "k8s-node-setup-psm1" + - "install-ssh-psm1" - "user-profile-psm1" Values are free-form + strings, and only have meaning as interpreted by the image running + in the instance. The only restriction placed on them is that each + value's size must be less than or equal to 32 KB. The total size of + all keys and values must be less than 512 KB. + type: object + localSsdEncryptionMode: + enum: + - LOCAL_SSD_ENCRYPTION_MODE_UNSPECIFIED + - STANDARD_ENCRYPTION + - EPHEMERAL_KEY_ENCRYPTION + description: >- + Specifies which method should be used for encrypting the Local SSDs + attached to the node. + enumDescriptions: + - >- + The given node will be encrypted using keys managed by Google + infrastructure and the keys will be deleted when the node is + deleted. + - >- + The given node will be encrypted using keys managed by Google + infrastructure and the keys will be deleted when the node is + deleted. + - >- + The given node will opt-in for using ephemeral key for encryption + of Local SSDs. The Local SSDs will not be able to recover data in + case of node crash. type: string - minimum: - description: Minimum amount of the resource in the cluster. + gvnic: + description: Enable or disable gvnic in the node pool. + $ref: '#/components/schemas/VirtualNIC' + accelerators: + description: >- + A list of hardware accelerators to be attached to each node. See + https://cloud.google.com/compute/docs/gpus for more information + about support for GPUs. + items: + $ref: '#/components/schemas/AcceleratorConfig' + type: array + loggingConfig: + description: Logging configuration. + $ref: '#/components/schemas/NodePoolLoggingConfig' + workloadMetadataConfig: + $ref: '#/components/schemas/WorkloadMetadataConfig' + description: The workload metadata configuration for this node. + serviceAccount: type: string - format: int64 - maximum: - description: Maximum amount of the resource in the cluster. + description: >- + The Google Cloud Platform Service Account to be used by the node + VMs. Specify the email address of the Service Account; otherwise, if + no Service Account is specified, the "default" service account is + used. + machineType: + description: >- + The name of a Google Compute Engine [machine + type](https://cloud.google.com/compute/docs/machine-types) If + unspecified, the default machine type is `e2-medium`. type: string - format: int64 - AutoprovisioningNodePoolDefaults: - id: AutoprovisioningNodePoolDefaults - description: >- - AutoprovisioningNodePoolDefaults contains defaults for a node pool - created by NAP. - type: object - properties: - oauthScopes: - description: Scopes that are used by NAP when creating node pools. + containerdConfig: + description: Parameters for containerd customization. + $ref: '#/components/schemas/ContainerdConfig' + secondaryBootDisks: type: array + description: List of secondary boot disks attached to the nodes. items: + $ref: '#/components/schemas/SecondaryBootDisk' + secondaryBootDiskUpdateStrategy: + description: Secondary boot disk update strategy. + $ref: '#/components/schemas/SecondaryBootDiskUpdateStrategy' + resourceLabels: + description: >- + The resource labels for the node pool to use to annotate any related + Google Compute Engine resources. + type: object + additionalProperties: type: string - serviceAccount: + imageType: description: >- - The Google Cloud Platform Service Account to be used by the node - VMs. + The image type to use for this node. Note that for a given image + type, the latest version of it will be used. Please see + https://cloud.google.com/kubernetes-engine/docs/concepts/node-images + for available image types. type: string - upgradeSettings: - description: Specifies the upgrade settings for NAP created node pools - $ref: '#/components/schemas/UpgradeSettings' - management: - description: Specifies the node management options for NAP created node-pools. - $ref: '#/components/schemas/NodeManagement' - minCpuPlatform: + spot: description: >- - Deprecated. Minimum CPU platform to be used for NAP created node - pools. The instance may be scheduled on the specified or newer CPU - platform. Applicable values are the friendly names of CPU platforms, - such as minCpuPlatform: Intel Haswell or minCpuPlatform: Intel Sandy - Bridge. For more information, read [how to specify min CPU - platform](https://{$universe.dns_names.final_documentation_domain}/compute/docs/instances/specify-min-cpu-platform). - This field is deprecated, min_cpu_platform should be specified using - `cloud.google.com/requested-min-cpu-platform` label selector on the - pod. To unset the min cpu platform field pass "automatic" as field - value. - deprecated: true - type: string + Spot flag for enabling Spot VM, which is a rebrand of the existing + preemptible flag. + type: boolean + storagePools: + description: List of Storage Pools where boot disks are provisioned. + type: array + items: + type: string + windowsNodeConfig: + $ref: '#/components/schemas/WindowsNodeConfig' + description: Parameters that can be configured on Windows nodes. + gcfsConfig: + description: Google Container File System (image streaming) configs. + $ref: '#/components/schemas/GcfsConfig' diskSizeGb: + type: integer + format: int32 description: >- Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. - type: integer - format: int32 + advancedMachineFeatures: + description: Advanced features for the Compute Engine VM. + $ref: '#/components/schemas/AdvancedMachineFeatures' + shieldedInstanceConfig: + description: Shielded Instance options. + $ref: '#/components/schemas/ShieldedInstanceConfig' + oauthScopes: + items: + type: string + type: array + description: >- + The set of Google API scopes to be made available on all of the node + VMs under the "default" service account. The following scopes are + recommended, but not required, and by default are not included: * + `https://www.googleapis.com/auth/compute` is required for mounting + persistent storage on your nodes. * + `https://www.googleapis.com/auth/devstorage.read_only` is required + for communicating with **gcr.io** (the [Artifact + Registry](https://cloud.google.com/artifact-registry/)). If + unspecified, no scopes are added, unless Cloud Logging or Cloud + Monitoring are enabled, in which case their required scopes will be + added. + soleTenantConfig: + description: >- + Parameters for node pools to be backed by shared sole tenant node + groups. + $ref: '#/components/schemas/SoleTenantConfig' + sandboxConfig: + description: Sandbox configuration for this node. + $ref: '#/components/schemas/SandboxConfig' + confidentialNodes: + $ref: '#/components/schemas/ConfidentialNodes' + description: >- + Confidential nodes config. All the nodes in the node pool will be + Confidential VM once enabled. diskType: description: >- Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' type: string - shieldedInstanceConfig: - description: Shielded Instance options. - $ref: '#/components/schemas/ShieldedInstanceConfig' - bootDiskKmsKey: + labels: + type: object description: >- - The Customer Managed Encryption Key used to encrypt the boot disk - attached to each node in the node pool. This should be of the form - projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. - For more information about protecting resources with Cloud KMS Keys - please see: - https://{$universe.dns_names.final_documentation_domain}/compute/docs/disks/customer-managed-encryption - type: string - imageType: + The map of Kubernetes labels (key/value pairs) to be applied to each + node. These will added in addition to any default label(s) that + Kubernetes may apply to the node. In case of conflict in label keys, + the applied set may differ depending on the Kubernetes version -- + it's best to assume the behavior is undefined and conflicts should + be avoided. For more information, including usage and the valid + values, see: + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + additionalProperties: + type: string + localSsdCount: description: >- - The image type to use for NAP created node. Please see - https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/concepts/node-images - for available image types. + The number of local SSD disks to be attached to the node. The limit + for this value is dependent upon the maximum number of disks + available on a machine per zone. See: + https://cloud.google.com/compute/docs/disks/local-ssd for more + information. + format: int32 + type: integer + effectiveCgroupMode: type: string - insecureKubeletReadonlyPortEnabled: - description: DEPRECATED. Use NodePoolAutoConfig.NodeKubeletConfig instead. + enumDescriptions: + - >- + EFFECTIVE_CGROUP_MODE_UNSPECIFIED means the cgroup configuration + for the node pool is unspecified, i.e. the node pool is a Windows + node pool. + - >- + CGROUP_MODE_V1 means the node pool is configured to use cgroupv1 + for the cgroup configuration. + - >- + CGROUP_MODE_V2 means the node pool is configured to use cgroupv2 + for the cgroup configuration. + description: >- + Output only. effective_cgroup_mode is the cgroup mode actually used + by the node pool. It is determined by the cgroup mode specified in + the LinuxNodeConfig or the default cgroup mode based on the cluster + creation version. + readOnly: true + enum: + - EFFECTIVE_CGROUP_MODE_UNSPECIFIED + - EFFECTIVE_CGROUP_MODE_V1 + - EFFECTIVE_CGROUP_MODE_V2 + kubeletConfig: + description: Node kubelet configs. + $ref: '#/components/schemas/NodeKubeletConfig' + fastSocket: + $ref: '#/components/schemas/FastSocket' + description: Enable or disable NCCL fast socket for the node pool. + type: object + id: NodeConfig + description: >- + Parameters that describe the nodes in a cluster. GKE Autopilot clusters + do not recognize parameters in `NodeConfig`. Use + AutoprovisioningNodePoolDefaults instead. + WorkloadPolicyConfig: + id: WorkloadPolicyConfig + type: object + description: WorkloadPolicyConfig is the configuration related to GCW workload policy + properties: + allowNetAdmin: type: boolean - DefaultComputeClassConfig: - id: DefaultComputeClassConfig - description: DefaultComputeClassConfig defines default compute class configuration. + description: If true, workloads can use NET_ADMIN capability. + autopilotCompatibilityAuditingEnabled: + type: boolean + description: >- + If true, enables the GCW Auditor that audits workloads on standard + clusters. + VirtualNIC: type: object properties: enabled: - description: Enables default compute class. type: boolean - NetworkConfig: - id: NetworkConfig - description: NetworkConfig reports the relative names of network & subnetwork. - type: object + description: Whether gVNIC features are enabled in the node pool. + description: Configuration of gVNIC feature. + id: VirtualNIC + RegistryHeader: properties: - network: - description: >- - Output only. The relative name of the Google Compute Engine - [network](https://{$universe.dns_names.final_documentation_domain}/compute/docs/networks-and-firewalls#networks) - to which the cluster is connected. Example: - projects/my-project/global/networks/my-network - readOnly: true - type: string - subnetwork: - description: >- - Output only. The relative name of the Google Compute Engine - [subnetwork](https://{$universe.dns_names.final_documentation_domain}/compute/docs/vpc) - to which the cluster is connected. Example: - projects/my-project/regions/us-central1/subnetworks/my-subnet - readOnly: true + key: type: string - enableIntraNodeVisibility: - description: >- - Whether Intra-node visibility is enabled for this cluster. This - makes same node pod to pod traffic visible for VPC network. - type: boolean - defaultSnatStatus: - description: >- - Whether the cluster disables default in-node sNAT rules. In-node - sNAT rules will be disabled when default_snat_status is disabled. - When disabled is set to false, default IP masquerade rules will be - applied to the nodes to prevent sNAT on cluster internal traffic. - $ref: '#/components/schemas/DefaultSnatStatus' - enableL4ilbSubsetting: - description: Whether L4ILB Subsetting is enabled for this cluster. + description: Key configures the header key. + value: + description: Value configures the header value. + items: + type: string + type: array + id: RegistryHeader + description: RegistryHeader configures headers for the registry. + type: object + FastSocket: + id: FastSocket + properties: + enabled: type: boolean - datapathProvider: - description: >- - The desired datapath provider for this cluster. By default, uses the - IPTables-based kube-proxy implementation. - type: string + description: Whether Fast Socket features are enabled in the node pool. + type: object + description: Configuration of Fast Socket feature. + DatabaseEncryption: + id: DatabaseEncryption + properties: + currentState: enumDescriptions: - - Default value. - - Use the IPTables implementation based on kube-proxy. + - Should never be set + - Secrets in etcd are encrypted. - >- - Use the eBPF based GKE Dataplane V2 with additional features. See - the [GKE Dataplane V2 - documentation](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/how-to/dataplane-v2) - for more. - enum: - - DATAPATH_PROVIDER_UNSPECIFIED - - LEGACY_DATAPATH - - ADVANCED_DATAPATH - privateIpv6GoogleAccess: - description: >- - The desired state of IPv6 connectivity to Google Services. By - default, no private IPv6 access to or from Google Services (all - access will be via IPv4) + Secrets in etcd are stored in plain text (at etcd level) - this is + unrelated to Compute Engine level full disk encryption. + - >- + Encryption (or re-encryption with a different CloudKMS key) of + Secrets is in progress. + - >- + Encryption (or re-encryption with a different CloudKMS key) of + Secrets in etcd encountered an error. + - De-crypting Secrets to plain text in etcd is in progress. + - De-crypting Secrets to plain text in etcd encountered an error. + readOnly: true + description: Output only. The current state of etcd encryption. type: string - enumDescriptions: - - Default value. Same as DISABLED - - No private access to or from Google Services - - Enables private IPv6 access to Google Services from GKE - - Enables private IPv6 access to and from Google Services enum: - - PRIVATE_IPV6_GOOGLE_ACCESS_UNSPECIFIED - - PRIVATE_IPV6_GOOGLE_ACCESS_DISABLED - - PRIVATE_IPV6_GOOGLE_ACCESS_TO_GOOGLE - - PRIVATE_IPV6_GOOGLE_ACCESS_BIDIRECTIONAL - dnsConfig: - description: DNSConfig contains clusterDNS config for this cluster. - $ref: '#/components/schemas/DNSConfig' - serviceExternalIpsConfig: + - CURRENT_STATE_UNSPECIFIED + - CURRENT_STATE_ENCRYPTED + - CURRENT_STATE_DECRYPTED + - CURRENT_STATE_ENCRYPTION_PENDING + - CURRENT_STATE_ENCRYPTION_ERROR + - CURRENT_STATE_DECRYPTION_PENDING + - CURRENT_STATE_DECRYPTION_ERROR + keyName: + type: string description: >- - ServiceExternalIPsConfig specifies if services with externalIPs - field are blocked or not. - $ref: '#/components/schemas/ServiceExternalIPsConfig' - gatewayApiConfig: + Name of CloudKMS key to use for the encryption of secrets in etcd. + Ex. + projects/my-project/locations/global/keyRings/my-ring/cryptoKeys/my-key + lastOperationErrors: + readOnly: true description: >- - GatewayAPIConfig contains the desired config of Gateway API on this - cluster. - $ref: '#/components/schemas/GatewayAPIConfig' - enableMultiNetworking: - description: Whether multi-networking is enabled for this cluster. - type: boolean - networkPerformanceConfig: - description: Network bandwidth tier configuration. - $ref: '#/components/schemas/ClusterNetworkPerformanceConfig' - enableFqdnNetworkPolicy: - description: Whether FQDN Network Policy is enabled on this cluster. - type: boolean - inTransitEncryptionConfig: + Output only. Records errors seen during DatabaseEncryption update + operations. + items: + $ref: '#/components/schemas/OperationError' + type: array + decryptionKeys: description: >- - Specify the details of in-transit encryption. Now named inter-node - transparent encryption. - type: string + Output only. Keys in use by the cluster for decrypting existing + objects, in addition to the key in `key_name`. Each item is a + CloudKMS key resource. + type: array + readOnly: true + items: + type: string + state: + enum: + - UNKNOWN + - ENCRYPTED + - DECRYPTED enumDescriptions: + - Should never be set + - Secrets in etcd are encrypted. - >- - Unspecified, will be inferred as default - - IN_TRANSIT_ENCRYPTION_UNSPECIFIED. - - In-transit encryption is disabled. - - >- - Data in-transit is encrypted using inter-node transparent - encryption. - enum: - - IN_TRANSIT_ENCRYPTION_CONFIG_UNSPECIFIED - - IN_TRANSIT_ENCRYPTION_DISABLED - - IN_TRANSIT_ENCRYPTION_INTER_NODE_TRANSPARENT - enableCiliumClusterwideNetworkPolicy: - description: Whether CiliumClusterwideNetworkPolicy is enabled on this cluster. - type: boolean - defaultEnablePrivateNodes: - description: >- - Controls whether by default nodes have private IP addresses only. It - is invalid to specify both PrivateClusterConfig.enablePrivateNodes - and this field at the same time. To update the default setting, use - ClusterUpdate.desired_default_enable_private_nodes - type: boolean - disableL4LbFirewallReconciliation: - description: Disable L4 load balancer VPC firewalls to enable firewall policies. - type: boolean - DefaultSnatStatus: - id: DefaultSnatStatus - description: >- - DefaultSnatStatus contains the desired state of whether default sNAT - should be disabled on the cluster. + Secrets in etcd are stored in plain text (at etcd level) - this is + unrelated to Compute Engine level full disk encryption. + type: string + description: The desired state of etcd encryption. + description: Configuration of etcd encryption. type: object + ShieldedInstanceConfig: + type: object + description: A set of Shielded Instance options. properties: - disabled: - description: Disables cluster default sNAT rules. + enableSecureBoot: + description: >- + Defines whether the instance has Secure Boot enabled. Secure Boot + helps ensure that the system only runs authentic software by + verifying the digital signature of all boot components, and halting + the boot process if signature verification fails. type: boolean - DNSConfig: - id: DNSConfig - description: >- - DNSConfig contains the desired set of options for configuring - clusterDNS. + enableIntegrityMonitoring: + description: >- + Defines whether the instance has integrity monitoring enabled. + Enables monitoring and attestation of the boot integrity of the + instance. The attestation is performed against the integrity policy + baseline. This baseline is initially derived from the implicitly + trusted boot image when the instance is created. + type: boolean + id: ShieldedInstanceConfig + BestEffortProvisioning: + id: BestEffortProvisioning + description: Best effort provisioning. type: object properties: - clusterDns: - description: cluster_dns indicates which in-cluster DNS provider should be used. - type: string - enumDescriptions: - - Default value - - Use GKE default DNS provider(kube-dns) for DNS resolution. - - Use CloudDNS for DNS resolution. - - Use KubeDNS for DNS resolution. - enum: - - PROVIDER_UNSPECIFIED - - PLATFORM_DEFAULT - - CLOUD_DNS - - KUBE_DNS - clusterDnsScope: + minProvisionNodes: description: >- - cluster_dns_scope indicates the scope of access to cluster DNS - records. - type: string - enumDescriptions: - - Default value, will be inferred as cluster scope. - - DNS records are accessible from within the cluster. - - DNS records are accessible from within the VPC. - enum: - - DNS_SCOPE_UNSPECIFIED - - CLUSTER_SCOPE - - VPC_SCOPE - clusterDnsDomain: + Minimum number of nodes to be provisioned to be considered as + succeeded, and the rest of nodes will be provisioned gradually and + eventually when stockout issue has been resolved. + type: integer + format: int32 + enabled: + type: boolean description: >- - cluster_dns_domain is the suffix used for all cluster service - records. - type: string - additiveVpcScopeDnsDomain: - description: Optional. The domain used in Additive VPC scope. - type: string + When this is enabled, cluster/node pool creations will ignore + non-fatal errors like stockout to best provision as many nodes as + possible right now and eventually bring up all target number of + nodes ServiceExternalIPsConfig: id: ServiceExternalIPsConfig description: Config to block services with externalIPs field. - type: object properties: enabled: description: Whether Services with ExternalIPs field are allowed or not. type: boolean - GatewayAPIConfig: - id: GatewayAPIConfig + type: object + NodeAffinity: description: >- - GatewayAPIConfig contains the desired config of Gateway API on this - cluster. + Specifies the NodeAffinity key, values, and affinity operator according + to [shared sole tenant node group + affinities](https://cloud.google.com/compute/docs/nodes/sole-tenant-nodes#node_affinity_and_anti-affinity). + id: NodeAffinity type: object properties: - channel: - description: The Gateway API release channel to use for Gateway API. - type: string - enumDescriptions: - - Default value. - - Gateway API support is disabled - - >- - Deprecated: use CHANNEL_STANDARD instead. Gateway API support is - enabled, experimental CRDs are installed - - Gateway API support is enabled, standard CRDs are installed - enumDeprecated: - - false - - false - - true - - false - enum: - - CHANNEL_UNSPECIFIED - - CHANNEL_DISABLED - - CHANNEL_EXPERIMENTAL - - CHANNEL_STANDARD - ClusterNetworkPerformanceConfig: - id: ClusterNetworkPerformanceConfig - description: Configuration of network bandwidth tiers + values: + type: array + description: Values for NodeAffinity. + items: + type: string + key: + description: Key for NodeAffinity. + type: string + operator: + type: string + enum: + - OPERATOR_UNSPECIFIED + - IN + - NOT_IN + enumDescriptions: + - Invalid or unspecified affinity operator. + - Affinity operator. + - Anti-affinity operator. + description: Operator for NodeAffinity. + DNSEndpointConfig: type: object + id: DNSEndpointConfig properties: - totalEgressBandwidthTier: + endpoint: description: >- - Specifies the total network bandwidth tier for NodePools in the - cluster. + Output only. The cluster's DNS endpoint configuration. A DNS format + address. This is accessible from the public internet. Ex: + uid.us-central1.gke.goog. Always present, but the behavior may + change according to the value of + DNSEndpointConfig.allow_external_traffic. + type: string + readOnly: true + enableK8sTokensViaDns: + type: boolean + description: Controls whether the k8s token auth is allowed via DNS. + enableK8sCertsViaDns: + type: boolean + description: Controls whether the k8s certs auth is allowed via DNS. + allowExternalTraffic: + type: boolean + description: >- + Controls whether user traffic is allowed over this endpoint. Note + that Google-managed services may still use the endpoint even if this + is false. + description: Describes the configuration of a DNS endpoint. + MaintenanceExclusionOptions: + properties: + scope: type: string + description: >- + Scope specifies the upgrade scope which upgrades are blocked by the + exclusion. + enum: + - NO_UPGRADES + - NO_MINOR_UPGRADES + - NO_MINOR_OR_NODE_UPGRADES enumDescriptions: - - Default value - - Higher bandwidth, actual values based on VM size. + - >- + NO_UPGRADES excludes all upgrades, including patch upgrades and + minor upgrades across control planes and nodes. This is the + default exclusion behavior. + - >- + NO_MINOR_UPGRADES excludes all minor upgrades for the cluster, + only patches are allowed. + - >- + NO_MINOR_OR_NODE_UPGRADES excludes all minor upgrades for the + cluster, and also exclude all node pool upgrades. Only control + plane patches are allowed. + endTimeBehavior: enum: - - TIER_UNSPECIFIED - - TIER_1 - ResourceUsageExportConfig: - id: ResourceUsageExportConfig - description: Configuration for exporting cluster resource usages. + - END_TIME_BEHAVIOR_UNSPECIFIED + - UNTIL_END_OF_SUPPORT + enumDescriptions: + - >- + END_TIME_BEHAVIOR_UNSPECIFIED is the default behavior, which is + fixed end time. + - >- + UNTIL_END_OF_SUPPORT means the exclusion will be in effect until + the end of the support of the cluster's current version. + description: EndTimeBehavior specifies the behavior of the exclusion end time. + type: string type: object - properties: - bigqueryDestination: - description: Configuration to use BigQuery as usage export destination. - $ref: '#/components/schemas/BigQueryDestination' - enableNetworkEgressMetering: - description: >- - Whether to enable network egress metering for this cluster. If - enabled, a daemonset will be created in the cluster to meter network - egress traffic. - type: boolean - consumptionMeteringConfig: - description: Configuration to enable resource consumption metering. - $ref: '#/components/schemas/ConsumptionMeteringConfig' - BigQueryDestination: - id: BigQueryDestination - description: >- - Parameters for using BigQuery as the destination of resource usage - export. + id: MaintenanceExclusionOptions + description: Represents the Maintenance exclusion option. + ResourceLimit: type: object properties: - datasetId: - description: The ID of a BigQuery Dataset. + maximum: + format: int64 + description: Maximum amount of the resource in the cluster. type: string - ConsumptionMeteringConfig: - id: ConsumptionMeteringConfig - description: Parameters for controlling consumption metering. - type: object + minimum: + type: string + description: Minimum amount of the resource in the cluster. + format: int64 + resourceType: + description: Resource name "cpu", "memory" or gpu-specific string. + type: string + id: ResourceLimit + description: >- + Contains information about amount of some resource in the cluster. For + memory, value should be in GB. + NodePoolLoggingConfig: properties: - enabled: - description: >- - Whether to enable consumption metering for this cluster. If enabled, - a second BigQuery table will be created to hold resource consumption - records. - type: boolean - AuthenticatorGroupsConfig: - id: AuthenticatorGroupsConfig - description: Configuration for returning group information from authenticators. + variantConfig: + $ref: '#/components/schemas/LoggingVariantConfig' + description: Logging variant configuration. + description: NodePoolLoggingConfig specifies logging configuration for nodepools. type: object + id: NodePoolLoggingConfig + AdditionalPodNetworkConfig: properties: - enabled: + subnetwork: + type: string + description: Name of the subnetwork where the additional pod network belongs. + maxPodsPerNode: + description: The maximum number of pods per node which use this pod network. + $ref: '#/components/schemas/MaxPodsConstraint' + secondaryPodRange: description: >- - Whether this cluster should return group membership lookups during - authentication using a group of security groups. - type: boolean - securityGroup: + The name of the secondary range on the subnet which provides IP + address for this pod range. + type: string + networkAttachment: description: >- - The name of the security group-of-groups to be used. Only relevant - if enabled = true. + The name of the network attachment for pods to communicate to; + cannot be specified along with subnetwork or secondary_pod_range. type: string - PrivateClusterConfig: - id: PrivateClusterConfig - description: Configuration options for private clusters. + id: AdditionalPodNetworkConfig type: object + description: >- + AdditionalPodNetworkConfig is the configuration for additional pod + networks within the NodeNetworkConfig message + SetLoggingServiceRequest: properties: - enablePrivateNodes: - description: >- - Whether nodes have internal IP addresses only. If enabled, all nodes - are given only RFC 1918 private addresses and communicate with the - master via private networking. Deprecated: Use - NetworkConfig.default_enable_private_nodes instead. - deprecated: true - type: boolean - enablePrivateEndpoint: - description: >- - Whether the master's internal IP address is used as the cluster - endpoint. Deprecated: Use - ControlPlaneEndpointsConfig.IPEndpointsConfig.enable_public_endpoint - instead. Note that the value of enable_public_endpoint is reversed: - if enable_private_endpoint is false, then enable_public_endpoint - will be true. + clusterId: deprecated: true - type: boolean - masterIpv4CidrBlock: description: >- - The IP range in CIDR notation to use for the hosted master network. - This range will be used for assigning internal IP addresses to the - master or set of masters, as well as the ILB VIP. This range must - not overlap with any other ranges in use within the cluster's - network. + Deprecated. The name of the cluster to upgrade. This field has been + deprecated and replaced by the name field. type: string - privateEndpoint: - description: >- - Output only. The internal IP address of this cluster's master - endpoint. Deprecated: Use - ControlPlaneEndpointsConfig.IPEndpointsConfig.private_endpoint - instead. - readOnly: true + projectId: deprecated: true type: string - publicEndpoint: description: >- - Output only. The external IP address of this cluster's master - endpoint. Deprecated:Use - ControlPlaneEndpointsConfig.IPEndpointsConfig.public_endpoint - instead. - readOnly: true - deprecated: true - type: string - peeringName: + Deprecated. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + This field has been deprecated and replaced by the name field. + loggingService: description: >- - Output only. The peering name in the customer VPC used by this - cluster. - readOnly: true + Required. The logging service the cluster should use to write logs. + Currently available options: * `logging.googleapis.com/kubernetes` - + The Cloud Logging service with a Kubernetes-native resource model * + `logging.googleapis.com` - The legacy Cloud Logging service (no + longer available as of GKE 1.15). * `none` - no logs will be + exported from the cluster. If left as an empty + string,`logging.googleapis.com/kubernetes` will be used for GKE + 1.14+ or `logging.googleapis.com` for earlier versions. + type: string + name: type: string - masterGlobalAccessConfig: description: >- - Controls master global access settings. Deprecated: Use - ControlPlaneEndpointsConfig.IPEndpointsConfig.enable_global_access - instead. + The name (project, location, cluster) of the cluster to set logging. + Specified in the format `projects/*/locations/*/clusters/*`. + zone: deprecated: true - $ref: '#/components/schemas/PrivateClusterMasterGlobalAccessConfig' - privateEndpointSubnetwork: description: >- - Subnet to provision the master's private endpoint during cluster - creation. Specified in projects/*/regions/*/subnetworks/* format. - Deprecated: Use - ControlPlaneEndpointsConfig.IPEndpointsConfig.private_endpoint_subnetwork - instead. - deprecated: true + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and + replaced by the name field. type: string - PrivateClusterMasterGlobalAccessConfig: - id: PrivateClusterMasterGlobalAccessConfig - description: Configuration for controlling master global access settings. + type: object + description: SetLoggingServiceRequest sets the logging service of a cluster. + id: SetLoggingServiceRequest + StandardRolloutPolicy: + id: StandardRolloutPolicy type: object properties: - enabled: - description: Whenever master is accessible globally or not. - type: boolean - DatabaseEncryption: - id: DatabaseEncryption - description: Configuration of etcd encryption. + batchNodeCount: + description: Number of blue nodes to drain in a batch. + format: int32 + type: integer + batchSoakDuration: + description: Soak time after each batch gets drained. Default to zero. + format: google-duration + type: string + batchPercentage: + type: number + format: float + description: >- + Percentage of the blue pool nodes to drain in a batch. The range of + this field should be (0.0, 1.0]. + description: Standard rollout policy is the default policy for blue-green. + EvictionMinimumReclaim: type: object properties: - keyName: + pidAvailable: + type: string description: >- - Name of CloudKMS key to use for the encryption of secrets in etcd. - Ex. - projects/my-project/locations/global/keyRings/my-ring/cryptoKeys/my-key + Optional. Minimum reclaim for eviction due to pid available signal. + Only take percentage value for now. Sample format: "10%". Must be + <=10%. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + nodefsInodesFree: type: string - state: - description: The desired state of etcd encryption. + description: >- + Optional. Minimum reclaim for eviction due to nodefs inodes free + signal. Only take percentage value for now. Sample format: "10%". + Must be <=10%. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + imagefsInodesFree: type: string - enumDescriptions: - - Should never be set - - Secrets in etcd are encrypted. - - >- - Secrets in etcd are stored in plain text (at etcd level) - this is - unrelated to Compute Engine level full disk encryption. - enum: - - UNKNOWN - - ENCRYPTED - - DECRYPTED - currentState: - description: Output only. The current state of etcd encryption. - readOnly: true + description: >- + Optional. Minimum reclaim for eviction due to imagefs inodes free + signal. Only take percentage value for now. Sample format: "10%". + Must be <=10%. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + memoryAvailable: type: string - enumDescriptions: - - Should never be set - - Secrets in etcd are encrypted. - - >- - Secrets in etcd are stored in plain text (at etcd level) - this is - unrelated to Compute Engine level full disk encryption. - - >- - Encryption (or re-encryption with a different CloudKMS key) of - Secrets is in progress. - - >- - Encryption (or re-encryption with a different CloudKMS key) of - Secrets in etcd encountered an error. - - De-crypting Secrets to plain text in etcd is in progress. - - De-crypting Secrets to plain text in etcd encountered an error. - enum: - - CURRENT_STATE_UNSPECIFIED - - CURRENT_STATE_ENCRYPTED - - CURRENT_STATE_DECRYPTED - - CURRENT_STATE_ENCRYPTION_PENDING - - CURRENT_STATE_ENCRYPTION_ERROR - - CURRENT_STATE_DECRYPTION_PENDING - - CURRENT_STATE_DECRYPTION_ERROR - decryptionKeys: description: >- - Output only. Keys in use by the cluster for decrypting existing - objects, in addition to the key in `key_name`. Each item is a - CloudKMS key resource. - readOnly: true - type: array - items: - type: string - lastOperationErrors: + Optional. Minimum reclaim for eviction due to memory available + signal. Only take percentage value for now. Sample format: "10%". + Must be <=10%. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + nodefsAvailable: + type: string description: >- - Output only. Records errors seen during DatabaseEncryption update - operations. - readOnly: true - type: array - items: - $ref: '#/components/schemas/OperationError' - OperationError: - id: OperationError + Optional. Minimum reclaim for eviction due to nodefs available + signal. Only take percentage value for now. Sample format: "10%". + Must be <=10%. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + imagefsAvailable: + description: >- + Optional. Minimum reclaim for eviction due to imagefs available + signal. Only take percentage value for now. Sample format: "10%". + Must be <=10%. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + type: string + id: EvictionMinimumReclaim description: >- - OperationError records errors seen from CloudKMS keys encountered during - updates to DatabaseEncryption configuration. - type: object + Eviction minimum reclaims are the resource amounts of minimum reclaims + for each eviction signal. + AnonymousAuthenticationConfig: properties: - keyName: - description: CloudKMS key resource that had the error. - type: string - errorMessage: - description: Description of the error seen during the operation. - type: string - timestamp: - description: Time when the CloudKMS error was seen. + mode: + enumDescriptions: + - Default value not specified. + - Anonymous authentication is allowed for all endpoints. + - >- + Anonymous authentication is allowed for only health check + endpoints. type: string - format: google-datetime - VerticalPodAutoscaling: - id: VerticalPodAutoscaling - description: >- - VerticalPodAutoscaling contains global, per-cluster information required - by Vertical Pod Autoscaler to automatically adjust the resources of pods - controlled by it. + description: Defines the mode of limiting anonymous access in the cluster. + enum: + - MODE_UNSPECIFIED + - ENABLED + - LIMITED type: object + id: AnonymousAuthenticationConfig + description: >- + AnonymousAuthenticationConfig defines the settings needed to limit + endpoints that allow anonymous authentication. + GcsFuseCsiDriverConfig: + description: Configuration for the Cloud Storage Fuse CSI driver. properties: enabled: - description: Enables vertical pod autoscaling. type: boolean - ShieldedNodes: - id: ShieldedNodes - description: Configuration of Shielded Nodes feature. - type: object - properties: - enabled: description: >- - Whether Shielded Nodes features are enabled on all nodes in this + Whether the Cloud Storage Fuse CSI driver is enabled for this cluster. - type: boolean - ReleaseChannel: - id: ReleaseChannel - description: >- - ReleaseChannel indicates which release channel a cluster is subscribed - to. Release channels are arranged in order of risk. When a cluster is - subscribed to a release channel, Google maintains both the master - version and the node version. Node auto-upgrade defaults to true and - cannot be disabled. + id: GcsFuseCsiDriverConfig + type: object + AcceleratorConfig: type: object + id: AcceleratorConfig + description: AcceleratorConfig represents a Hardware Accelerator request. properties: - channel: + gpuSharingConfig: + description: The configuration for GPU sharing options. + $ref: '#/components/schemas/GPUSharingConfig' + gpuPartitionSize: + type: string description: >- - channel specifies which release channel the cluster is subscribed - to. + Size of partitions to create on the GPU. Valid values are described + in the NVIDIA [mig user + guide](https://docs.nvidia.com/datacenter/tesla/mig-user-guide/#partitioning). + acceleratorType: type: string - enumDescriptions: - - No channel specified. - - >- - RAPID channel is offered on an early access basis for customers - who want to test new releases. WARNING: Versions available in the - RAPID Channel may be subject to unresolved issues with no known - workaround and are not subject to any SLAs. - - >- - Clusters subscribed to REGULAR receive versions that are - considered GA quality. REGULAR is intended for production users - who want to take advantage of new features. - - >- - Clusters subscribed to STABLE receive versions that are known to - be stable and reliable in production. - - >- - Clusters subscribed to EXTENDED receive extended support and - availability for versions which are known to be stable and - reliable in production. - enum: - - UNSPECIFIED - - RAPID - - REGULAR - - STABLE - - EXTENDED - WorkloadIdentityConfig: - id: WorkloadIdentityConfig - description: >- - Configuration for the use of Kubernetes Service Accounts in GCP IAM - policies. - type: object - properties: - workloadPool: - description: The workload pool to attach all Kubernetes service accounts to. + description: >- + The accelerator type resource name. List of supported accelerators + [here](https://cloud.google.com/compute/docs/gpus) + acceleratorCount: type: string - MeshCertificates: - id: MeshCertificates - description: >- - Configuration for issuance of mTLS keys and certificates to Kubernetes - pods. + format: int64 + description: The number of the accelerator cards exposed to an instance. + gpuDriverInstallationConfig: + description: The configuration for auto installation of GPU driver. + $ref: '#/components/schemas/GPUDriverInstallationConfig' + TimeWindow: + id: TimeWindow + description: Represents an arbitrary window of time. type: object properties: - enableCertificates: + endTime: description: >- - enable_certificates controls issuance of workload mTLS certificates. - If set, the GKE Workload Identity Certificates controller and node - agent will be deployed in the cluster, which can then be configured - by creating a WorkloadCertificateConfig Custom Resource. Requires - Workload Identity (workload_pool must be non-empty). - type: boolean - CostManagementConfig: - id: CostManagementConfig - description: Configuration for fine-grained cost management feature. - type: object - properties: - enabled: - description: Whether the feature is enabled or not. - type: boolean - NotificationConfig: - id: NotificationConfig - description: NotificationConfig is the configuration of notifications. - type: object - properties: - pubsub: - description: Notification config for Pub/Sub. - $ref: '#/components/schemas/PubSub' - PubSub: - id: PubSub - description: Pub/Sub specific notification config. + The time that the window ends. The end time should take place after + the start time. + format: google-datetime + type: string + startTime: + description: The time that the window first starts. + type: string + format: google-datetime + maintenanceExclusionOptions: + description: >- + MaintenanceExclusionOptions provides maintenance exclusion related + options. + $ref: '#/components/schemas/MaintenanceExclusionOptions' + UpdateNodePoolRequest: + id: UpdateNodePoolRequest + description: UpdateNodePoolRequests update a node pool's image and/or version. type: object properties: - enabled: - description: Enable notifications for Pub/Sub. + zone: + type: string + deprecated: true + description: >- + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and + replaced by the name field. + flexStart: + description: Flex Start flag for enabling Flex Start VM. type: boolean - topic: + projectId: + type: string description: >- - The desired Pub/Sub topic to which notifications will be sent by - GKE. Format is `projects/{project}/topics/{topic}`. + Deprecated. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + This field has been deprecated and replaced by the name field. + deprecated: true + resourceLabels: + description: >- + The resource labels for the node pool to use to annotate any related + Google Compute Engine resources. + $ref: '#/components/schemas/ResourceLabels' + nodeVersion: type: string - filter: description: >- - Allows filtering to one or more specific event types. If no filter - is specified, or if a filter is specified with no event types, all - event types will be sent - $ref: '#/components/schemas/Filter' - Filter: - id: Filter - description: >- - Allows filtering to one or more specific event types. If event types are - present, those and only those event types will be transmitted to the - cluster. Other types will be skipped. If no filter is specified, or no - event types are present, all event types will be sent - type: object - properties: - eventType: - description: Event types to allowlist. + Required. The Kubernetes version to change the nodes to (typically + an upgrade). Users may specify either explicit versions offered by + Kubernetes Engine or version aliases, which have the following + behavior: - "latest": picks the highest valid Kubernetes version - + "1.X": picks the highest valid patch+gke.N patch in the 1.X version + - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version + - "1.X.Y-gke.N": picks an explicit Kubernetes version - "-": picks + the Kubernetes master version + bootDisk: + $ref: '#/components/schemas/BootDisk' + description: >- + The desired boot disk config for nodes in the node pool. Initiates + an upgrade operation that migrates the nodes in the node pool to the + specified boot disk config. + nodePoolId: + description: >- + Deprecated. The name of the node pool to upgrade. This field has + been deprecated and replaced by the name field. + type: string + deprecated: true + locations: + description: >- + The desired list of Google Compute Engine + [zones](https://cloud.google.com/compute/docs/zones#available) in + which the node pool's nodes should be located. Changing the + locations for a node pool will result in nodes being either created + or removed from the node pool, depending on whether locations are + being added or removed. Warning: It is recommended to update node + pool locations in a standalone API call. Do not combine a location + update with changes to other fields (such as `tags`, `labels`, + `taints`, etc.) in the same request. Otherwise, the API performs a + structural modification where changes to other fields will only + apply to newly created nodes and will not be applied to existing + nodes in the node pool. To ensure all nodes are updated + consistently, use a separate API call for location changes. type: array items: type: string - enumDescriptions: - - Not set, will be ignored. - - Corresponds with UpgradeAvailableEvent. - - Corresponds with UpgradeEvent. - - Corresponds with SecurityBulletinEvent. - - Corresponds with UpgradeInfoEvent. - enum: - - EVENT_TYPE_UNSPECIFIED - - UPGRADE_AVAILABLE_EVENT - - UPGRADE_EVENT - - SECURITY_BULLETIN_EVENT - - UPGRADE_INFO_EVENT - IdentityServiceConfig: - id: IdentityServiceConfig - description: >- - IdentityServiceConfig is configuration for Identity Service which allows - customers to use external identity providers with the K8S API - type: object - properties: - enabled: - description: Whether to enable the Identity Service component - type: boolean - Autopilot: - id: Autopilot - description: Autopilot is the configuration for Autopilot settings on the cluster. - type: object - properties: - enabled: - description: Enable Autopilot - type: boolean - workloadPolicyConfig: + fastSocket: + description: Enable or disable NCCL fast socket for the node pool. + $ref: '#/components/schemas/FastSocket' + tags: description: >- - WorkloadPolicyConfig is the configuration related to GCW workload - policy - $ref: '#/components/schemas/WorkloadPolicyConfig' - privilegedAdmissionConfig: + The desired network tags to be applied to all nodes in the node + pool. If this field is not present, the tags will not be changed. + Otherwise, the existing network tags will be *replaced* with the + provided tags. + $ref: '#/components/schemas/NetworkTags' + loggingConfig: + description: Logging configuration. + $ref: '#/components/schemas/NodePoolLoggingConfig' + containerdConfig: + $ref: '#/components/schemas/ContainerdConfig' description: >- - PrivilegedAdmissionConfig is the configuration related to privileged - admission control. - $ref: '#/components/schemas/PrivilegedAdmissionConfig' - WorkloadPolicyConfig: - id: WorkloadPolicyConfig - description: WorkloadPolicyConfig is the configuration related to GCW workload policy - type: object - properties: - allowNetAdmin: - description: If true, workloads can use NET_ADMIN capability. - type: boolean - autopilotCompatibilityAuditingEnabled: + The desired containerd config for nodes in the node pool. Initiates + an upgrade operation that recreates the nodes with the new config. + windowsNodeConfig: + description: Parameters that can be configured on Windows nodes. + $ref: '#/components/schemas/WindowsNodeConfig' + clusterId: + type: string + deprecated: true description: >- - If true, enables the GCW Auditor that audits workloads on standard - clusters. - type: boolean - PrivilegedAdmissionConfig: - id: PrivilegedAdmissionConfig - description: >- - PrivilegedAdmissionConfig stores the list of authorized allowlist paths - for the cluster. - type: object - properties: - allowlistPaths: + Deprecated. The name of the cluster to upgrade. This field has been + deprecated and replaced by the name field. + resourceManagerTags: description: >- - The customer allowlist Cloud Storage paths for the cluster. These - paths are used with the `--autopilot-privileged-admission` flag to - authorize privileged workloads in Autopilot clusters. Paths can be - GKE-owned, in the format `gke:////`, or customer-owned, in the - format `gs:///`. Wildcards (`*`) are supported to authorize all - allowlists under specific paths or directories. Example: - `gs://my-bucket/*` will authorize all allowlists under the - `my-bucket` bucket. + Desired resource manager tag keys and values to be attached to the + nodes for managing Compute Engine firewalls using Network Firewall + Policies. Existing tags will be replaced with new values. + $ref: '#/components/schemas/ResourceManagerTags' + diskSizeGb: + format: int64 + description: >- + Optional. The desired disk size for nodes in the node pool specified + in GB. The smallest allowed disk size is 10GB. Initiates an upgrade + operation that migrates the nodes in the node pool to the specified + disk size. + type: string + linuxNodeConfig: + $ref: '#/components/schemas/LinuxNodeConfig' + description: Parameters that can be configured on Linux nodes. + diskType: + description: >- + Optional. The desired disk type (e.g. 'pd-standard', 'pd-ssd' or + 'pd-balanced') for nodes in the node pool. Initiates an upgrade + operation that migrates the nodes in the node pool to the specified + disk type. + type: string + storagePools: type: array + description: >- + List of Storage Pools where boot disks are provisioned. Existing + Storage Pools will be replaced with storage-pools. items: type: string + gcfsConfig: + description: GCFS config. + $ref: '#/components/schemas/GcfsConfig' + kubeletConfig: + $ref: '#/components/schemas/NodeKubeletConfig' + description: Node kubelet configs. + nodeDrainConfig: + $ref: '#/components/schemas/NodeDrainConfig' + description: The desired node drain configuration for nodes in the node pool. + name: + description: >- + The name (project, location, cluster, node pool) of the node pool to + update. Specified in the format + `projects/*/locations/*/clusters/*/nodePools/*`. + type: string + nodeNetworkConfig: + description: Node network config. + $ref: '#/components/schemas/NodeNetworkConfig' + workloadMetadataConfig: + $ref: '#/components/schemas/WorkloadMetadataConfig' + description: The desired workload metadata config for the node pool. + etag: + description: >- + The current etag of the node pool. If an etag is provided and does + not match the current etag of the node pool, update will be blocked + and an ABORTED error will be returned. + type: string + machineType: + description: >- + Optional. The desired [Google Compute Engine machine + type](https://cloud.google.com/compute/docs/machine-types) for nodes + in the node pool. Initiates an upgrade operation that migrates the + nodes in the node pool to the specified machine type. + type: string + confidentialNodes: + $ref: '#/components/schemas/ConfidentialNodes' + description: >- + Confidential nodes config. All the nodes in the node pool will be + Confidential VM once enabled. + imageType: + description: >- + Required. The desired image type for the node pool. Please see + https://cloud.google.com/kubernetes-engine/docs/concepts/node-images + for available image types. + type: string + accelerators: + items: + $ref: '#/components/schemas/AcceleratorConfig' + description: >- + A list of hardware accelerators to be attached to each node. See + https://cloud.google.com/compute/docs/gpus for more information + about support for GPUs. + type: array + taints: + description: >- + The desired node taints to be applied to all nodes in the node pool. + If this field is not present, the taints will not be changed. + Otherwise, the existing node taints will be *replaced* with the + provided taints. + $ref: '#/components/schemas/NodeTaints' + upgradeSettings: + description: Upgrade settings control disruption and speed of the upgrade. + $ref: '#/components/schemas/UpgradeSettings' + labels: + $ref: '#/components/schemas/NodeLabels' + description: >- + The desired node labels to be applied to all nodes in the node pool. + If this field is not present, the labels will not be changed. + Otherwise, the existing node labels will be *replaced* with the + provided labels. + gvnic: + $ref: '#/components/schemas/VirtualNIC' + description: Enable or disable gvnic on the node pool. + queuedProvisioning: + description: Specifies the configuration of queued provisioning. + $ref: '#/components/schemas/QueuedProvisioning' + maxRunDuration: + format: google-duration + type: string + description: >- + The maximum duration for the nodes to exist. If unspecified, the + nodes can exist indefinitely. + ILBSubsettingConfig: + description: >- + ILBSubsettingConfig contains the desired config of L4 Internal + LoadBalancer subsetting on this cluster. + properties: + enabled: + description: Enables l4 ILB subsetting for this cluster. + type: boolean + type: object + id: ILBSubsettingConfig ParentProductConfig: - id: ParentProductConfig description: >- ParentProductConfig is the configuration of the parent product of the cluster. This field is used by Google internal products that are built on top of a GKE cluster and take the ownership of the cluster. type: object properties: - productName: - description: Name of the parent product associated with the cluster. - type: string labels: description: Labels contain the configuration of the parent product. - type: object additionalProperties: type: string - NodePoolDefaults: - id: NodePoolDefaults - description: Subset of Nodepool message that has defaults. - type: object - properties: - nodeConfigDefaults: - description: Subset of NodeConfig message that has defaults. - $ref: '#/components/schemas/NodeConfigDefaults' - NodeConfigDefaults: - id: NodeConfigDefaults - description: Subset of NodeConfig message that has defaults. - type: object - properties: - gcfsConfig: - description: GCFS (Google Container File System, also known as Riptide) options. - $ref: '#/components/schemas/GcfsConfig' - loggingConfig: - description: Logging configuration for node pools. - $ref: '#/components/schemas/NodePoolLoggingConfig' - containerdConfig: - description: Parameters for containerd customization. - $ref: '#/components/schemas/ContainerdConfig' - nodeKubeletConfig: - description: >- - NodeKubeletConfig controls the defaults for new node-pools. - Currently only `insecure_kubelet_readonly_port_enabled` can be set - here. - $ref: '#/components/schemas/NodeKubeletConfig' - LoggingConfig: - id: LoggingConfig - description: LoggingConfig is cluster logging configuration. - type: object - properties: - componentConfig: - description: Logging components configuration - $ref: '#/components/schemas/LoggingComponentConfig' - LoggingComponentConfig: - id: LoggingComponentConfig - description: LoggingComponentConfig is cluster logging component configuration. + type: object + productName: + type: string + description: Name of the parent product associated with the cluster. + id: ParentProductConfig + StatusCondition: + id: StatusCondition + description: >- + StatusCondition describes why a cluster or a node pool has a certain + status (e.g., ERROR or DEGRADED). type: object properties: - enableComponents: + message: + description: Human-friendly representation of the condition + type: string + code: + deprecated: true + type: string + enum: + - UNKNOWN + - GCE_STOCKOUT + - GKE_SERVICE_ACCOUNT_DELETED + - GCE_QUOTA_EXCEEDED + - SET_BY_OPERATOR + - CLOUD_KMS_KEY_ERROR + - CA_EXPIRING + - NODE_SERVICE_ACCOUNT_MISSING_PERMISSIONS + - CLOUD_KMS_KEY_DESTROYED description: >- - Select components to collect logs. An empty set would disable all - logging. - type: array - items: - type: string - enumDescriptions: - - Default value. This shouldn't be used. - - system components - - workloads - - kube-apiserver - - kube-scheduler - - kube-controller-manager - - kcp-sshd - - kcp connection logs - - horizontal pod autoscaler decision logs - enum: - - COMPONENT_UNSPECIFIED - - SYSTEM_COMPONENTS - - WORKLOADS - - APISERVER - - SCHEDULER - - CONTROLLER_MANAGER - - KCP_SSHD - - KCP_CONNECTION - - KCP_HPA - MonitoringConfig: - id: MonitoringConfig - description: MonitoringConfig is cluster monitoring configuration. - type: object - properties: - componentConfig: - description: Monitoring components configuration - $ref: '#/components/schemas/MonitoringComponentConfig' - managedPrometheusConfig: - description: Enable Google Cloud Managed Service for Prometheus in the cluster. - $ref: '#/components/schemas/ManagedPrometheusConfig' - advancedDatapathObservabilityConfig: - description: Configuration of Advanced Datapath Observability features. - $ref: '#/components/schemas/AdvancedDatapathObservabilityConfig' - MonitoringComponentConfig: - id: MonitoringComponentConfig - description: MonitoringComponentConfig is cluster monitoring component configuration. + Machine-friendly representation of the condition Deprecated. Use + canonical_code instead. + enumDescriptions: + - UNKNOWN indicates a generic condition. + - >- + GCE_STOCKOUT indicates that Google Compute Engine resources are + temporarily unavailable. + - >- + GKE_SERVICE_ACCOUNT_DELETED indicates that the user deleted their + robot service account. + - Google Compute Engine quota was exceeded. + - >- + Cluster state was manually changed by an SRE due to a system logic + error. + - >- + Unable to perform an encrypt operation against the CloudKMS key + used for etcd level encryption. + - Cluster CA is expiring soon. + - Node service account is missing permissions. + - >- + Cloud KMS key version used for etcd level encryption has been + destroyed. This is a permanent error. + canonicalCode: + enumDescriptions: + - 'Not an error; returned on success. HTTP Mapping: 200 OK' + - >- + The operation was cancelled, typically by the caller. HTTP + Mapping: 499 Client Closed Request + - >- + Unknown error. For example, this error may be returned when a + `Status` value received from another address space belongs to an + error space that is not known in this address space. Also errors + raised by APIs that do not return enough error information may be + converted to this error. HTTP Mapping: 500 Internal Server Error + - >- + The client specified an invalid argument. Note that this differs + from `FAILED_PRECONDITION`. `INVALID_ARGUMENT` indicates arguments + that are problematic regardless of the state of the system (e.g., + a malformed file name). HTTP Mapping: 400 Bad Request + - >- + The deadline expired before the operation could complete. For + operations that change the state of the system, this error may be + returned even if the operation has completed successfully. For + example, a successful response from a server could have been + delayed long enough for the deadline to expire. HTTP Mapping: 504 + Gateway Timeout + - >- + Some requested entity (e.g., file or directory) was not found. + Note to server developers: if a request is denied for an entire + class of users, such as gradual feature rollout or undocumented + allowlist, `NOT_FOUND` may be used. If a request is denied for + some users within a class of users, such as user-based access + control, `PERMISSION_DENIED` must be used. HTTP Mapping: 404 Not + Found + - >- + The entity that a client attempted to create (e.g., file or + directory) already exists. HTTP Mapping: 409 Conflict + - >- + The caller does not have permission to execute the specified + operation. `PERMISSION_DENIED` must not be used for rejections + caused by exhausting some resource (use `RESOURCE_EXHAUSTED` + instead for those errors). `PERMISSION_DENIED` must not be used if + the caller can not be identified (use `UNAUTHENTICATED` instead + for those errors). This error code does not imply the request is + valid or the requested entity exists or satisfies other + pre-conditions. HTTP Mapping: 403 Forbidden + - >- + The request does not have valid authentication credentials for the + operation. HTTP Mapping: 401 Unauthorized + - >- + Some resource has been exhausted, perhaps a per-user quota, or + perhaps the entire file system is out of space. HTTP Mapping: 429 + Too Many Requests + - >- + The operation was rejected because the system is not in a state + required for the operation's execution. For example, the directory + to be deleted is non-empty, an rmdir operation is applied to a + non-directory, etc. Service implementors can use the following + guidelines to decide between `FAILED_PRECONDITION`, `ABORTED`, and + `UNAVAILABLE`: (a) Use `UNAVAILABLE` if the client can retry just + the failing call. (b) Use `ABORTED` if the client should retry at + a higher level. For example, when a client-specified test-and-set + fails, indicating the client should restart a read-modify-write + sequence. (c) Use `FAILED_PRECONDITION` if the client should not + retry until the system state has been explicitly fixed. For + example, if an "rmdir" fails because the directory is non-empty, + `FAILED_PRECONDITION` should be returned since the client should + not retry unless the files are deleted from the directory. HTTP + Mapping: 400 Bad Request + - >- + The operation was aborted, typically due to a concurrency issue + such as a sequencer check failure or transaction abort. See the + guidelines above for deciding between `FAILED_PRECONDITION`, + `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: 409 Conflict + - >- + The operation was attempted past the valid range. E.g., seeking or + reading past end-of-file. Unlike `INVALID_ARGUMENT`, this error + indicates a problem that may be fixed if the system state changes. + For example, a 32-bit file system will generate `INVALID_ARGUMENT` + if asked to read at an offset that is not in the range [0,2^32-1], + but it will generate `OUT_OF_RANGE` if asked to read from an + offset past the current file size. There is a fair bit of overlap + between `FAILED_PRECONDITION` and `OUT_OF_RANGE`. We recommend + using `OUT_OF_RANGE` (the more specific error) when it applies so + that callers who are iterating through a space can easily look for + an `OUT_OF_RANGE` error to detect when they are done. HTTP + Mapping: 400 Bad Request + - >- + The operation is not implemented or is not supported/enabled in + this service. HTTP Mapping: 501 Not Implemented + - >- + Internal errors. This means that some invariants expected by the + underlying system have been broken. This error code is reserved + for serious errors. HTTP Mapping: 500 Internal Server Error + - >- + The service is currently unavailable. This is most likely a + transient condition, which can be corrected by retrying with a + backoff. Note that it is not always safe to retry non-idempotent + operations. See the guidelines above for deciding between + `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: + 503 Service Unavailable + - >- + Unrecoverable data loss or corruption. HTTP Mapping: 500 Internal + Server Error + enum: + - OK + - CANCELLED + - UNKNOWN + - INVALID_ARGUMENT + - DEADLINE_EXCEEDED + - NOT_FOUND + - ALREADY_EXISTS + - PERMISSION_DENIED + - UNAUTHENTICATED + - RESOURCE_EXHAUSTED + - FAILED_PRECONDITION + - ABORTED + - OUT_OF_RANGE + - UNIMPLEMENTED + - INTERNAL + - UNAVAILABLE + - DATA_LOSS + description: Canonical code of the condition. + type: string + PrivilegedAdmissionConfig: + id: PrivilegedAdmissionConfig + description: >- + PrivilegedAdmissionConfig stores the list of authorized allowlist paths + for the cluster. type: object properties: - enableComponents: - description: >- - Select components to collect metrics. An empty set would disable all - monitoring. - type: array + allowlistPaths: items: type: string - enumDescriptions: - - Default value. This shouldn't be used. - - system components - - kube-apiserver - - kube-scheduler - - kube-controller-manager - - Storage - - Horizontal Pod Autoscaling - - Pod - - DaemonSet - - Deployment - - Statefulset - - CADVISOR - - KUBELET - - NVIDIA Data Center GPU Manager (DCGM) - - JobSet - enum: - - COMPONENT_UNSPECIFIED - - SYSTEM_COMPONENTS - - APISERVER - - SCHEDULER - - CONTROLLER_MANAGER - - STORAGE - - HPA - - POD - - DAEMONSET - - DEPLOYMENT - - STATEFULSET - - CADVISOR - - KUBELET - - DCGM - - JOBSET - ManagedPrometheusConfig: - id: ManagedPrometheusConfig - description: >- - ManagedPrometheusConfig defines the configuration for Google Cloud - Managed Service for Prometheus. - type: object - properties: - enabled: - description: Enable Managed Collection. - type: boolean - autoMonitoringConfig: - description: GKE Workload Auto-Monitoring Configuration. - $ref: '#/components/schemas/AutoMonitoringConfig' - AutoMonitoringConfig: - id: AutoMonitoringConfig - description: >- - AutoMonitoringConfig defines the configuration for GKE Workload - Auto-Monitoring. + description: >- + The customer allowlist Cloud Storage paths for the cluster. These + paths are used with the `--autopilot-privileged-admission` flag to + authorize privileged workloads in Autopilot clusters. Paths can be + GKE-owned, in the format `gke:////`, or customer-owned, in the + format `gs:///`. Wildcards (`*`) are supported to authorize all + allowlists under specific paths or directories. Example: + `gs://my-bucket/*` will authorize all allowlists under the + `my-bucket` bucket. + type: array + BinaryAuthorization: + description: Configuration for Binary Authorization. type: object properties: - scope: - description: Scope for GKE Workload Auto-Monitoring. - type: string - enumDescriptions: - - Not set. - - Auto-Monitoring is enabled for all supported applications. - - Disable Auto-Monitoring. + evaluationMode: enum: - - SCOPE_UNSPECIFIED - - ALL - - NONE - AdvancedDatapathObservabilityConfig: - id: AdvancedDatapathObservabilityConfig - description: >- - AdvancedDatapathObservabilityConfig specifies configuration of - observability features of advanced datapath. - type: object - properties: - enableMetrics: - description: Expose flow metrics on nodes - type: boolean - relayMode: - description: Method used to make Relay available + - EVALUATION_MODE_UNSPECIFIED + - DISABLED + - PROJECT_SINGLETON_POLICY_ENFORCE + description: >- + Mode of operation for binauthz policy evaluation. If unspecified, + defaults to DISABLED. type: string enumDescriptions: - - Default value. This shouldn't be used. - - disabled - - exposed via internal load balancer - - exposed via external load balancer - enum: - - RELAY_MODE_UNSPECIFIED - - DISABLED - - INTERNAL_VPC_LB - - EXTERNAL_LB - enableRelay: - description: Enable Relay component + - Default value + - Disable BinaryAuthorization + - >- + Enforce Kubernetes admission requests with BinaryAuthorization + using the project's singleton policy. This is equivalent to + setting the enabled boolean to true. + enabled: + description: >- + This field is deprecated. Leave this unset and instead configure + BinaryAuthorization using evaluation_mode. If evaluation_mode is set + to anything other than EVALUATION_MODE_UNSPECIFIED, this field is + ignored. + deprecated: true type: boolean - NodePoolAutoConfig: - id: NodePoolAutoConfig + id: BinaryAuthorization + SoleTenantConfig: + properties: + minNodeCpus: + description: >- + Optional. The minimum number of virtual CPUs this instance will + consume when running on a sole-tenant node. This field can only be + set if the node pool is created in a shared sole-tenant node group. + format: int32 + type: integer + nodeAffinities: + items: + $ref: '#/components/schemas/NodeAffinity' + type: array + description: NodeAffinities used to match to a shared sole tenant node group. description: >- - Node pool configs that apply to all auto-provisioned node pools in - autopilot clusters and node auto-provisioning enabled clusters. + SoleTenantConfig contains the NodeAffinities to specify what shared sole + tenant node groups should back the node pool. + id: SoleTenantConfig type: object + DesiredAdditionalIPRangesConfig: + id: DesiredAdditionalIPRangesConfig + description: >- + DesiredAdditionalIPRangesConfig is a wrapper used for cluster update + operation and contains multiple AdditionalIPRangesConfigs. properties: - networkTags: - description: >- - The list of instance tags applied to all nodes. Tags are used to - identify valid sources or targets for network firewalls and are - specified by the client during cluster creation. Each tag within the - list must comply with RFC1035. - $ref: '#/components/schemas/NetworkTags' - resourceManagerTags: + additionalIpRangesConfigs: description: >- - Resource manager tag keys and values to be attached to the nodes for - managing Compute Engine firewalls using Network Firewall Policies. - $ref: '#/components/schemas/ResourceManagerTags' - nodeKubeletConfig: + List of additional IP ranges configs where each + AdditionalIPRangesConfig corresponds to one subnetwork's IP ranges + type: array + items: + $ref: '#/components/schemas/AdditionalIPRangesConfig' + type: object + EphemeralStorageLocalSsdConfig: + type: object + properties: + dataCacheCount: + description: Number of local SSDs to use for GKE Data Cache. + type: integer + format: int32 + localSsdCount: + type: integer description: >- - NodeKubeletConfig controls the defaults for autoprovisioned - node-pools. Currently only `insecure_kubelet_readonly_port_enabled` - can be set here. - $ref: '#/components/schemas/NodeKubeletConfig' - linuxNodeConfig: - description: Output only. Configuration options for Linux nodes. - readOnly: true - $ref: '#/components/schemas/LinuxNodeConfig' - NetworkTags: - id: NetworkTags + Number of local SSDs to use to back ephemeral storage. Uses NVMe + interfaces. A zero (or unset) value has different meanings depending + on machine type being used: 1. For pre-Gen3 machines, which support + flexible numbers of local ssds, zero (or unset) means to disable + using local SSDs as ephemeral storage. The limit for this value is + dependent upon the maximum number of disk available on a machine per + zone. See: https://cloud.google.com/compute/docs/disks/local-ssd for + more information. 2. For Gen3 machines which dictate a specific + number of local ssds, zero (or unset) means to use the default + number of local ssds that goes with that machine type. For example, + for a c3-standard-8-lssd machine, 2 local ssds would be provisioned. + For c3-standard-8 (which doesn't support local ssds), 0 will be + provisioned. See + https://cloud.google.com/compute/docs/disks/local-ssd#choose_number_local_ssds + for more info. + format: int32 + id: EphemeralStorageLocalSsdConfig description: >- - Collection of Compute Engine network tags that can be applied to a - node's underlying VM instance. + EphemeralStorageLocalSsdConfig contains configuration for the node + ephemeral storage using Local SSDs. + GetOpenIDConfigResponse: + id: GetOpenIDConfigResponse type: object properties: - tags: - description: List of network tags. + jwks_uri: + description: JSON Web Key uri. + type: string + grant_types: + description: Supported grant types. + items: + type: string + type: array + issuer: + type: string + description: OIDC Issuer. + claims_supported: + items: + type: string + type: array + description: Supported claims. + response_types_supported: + description: Supported response types. + items: + type: string + type: array + cacheHeader: + description: >- + For HTTP requests, this field is automatically extracted into the + Cache-Control HTTP header. + $ref: '#/components/schemas/HttpCacheControlResponseHeader' + id_token_signing_alg_values_supported: + items: + type: string + description: supported ID Token signing Algorithms. type: array + subject_types_supported: items: type: string - PodAutoscaling: - id: PodAutoscaling + description: Supported subject types. + type: array description: >- - PodAutoscaling is used for configuration of parameters for workload - autoscaling. + GetOpenIDConfigResponse is an OIDC discovery document for the cluster. + See the OpenID Connect Discovery 1.0 specification for details. + MaintenancePolicy: + description: >- + MaintenancePolicy defines the maintenance policy to be used for the + cluster. type: object + id: MaintenancePolicy properties: - hpaProfile: - description: Selected Horizontal Pod Autoscaling profile. + resourceVersion: + description: >- + A hash identifying the version of this policy, so that updates to + fields of the policy won't accidentally undo intermediate changes + (and so that users of the API unaware of some fields won't + accidentally remove other fields). Make a `get()` request to the + cluster to get the current resource version and include it with + requests to set the policy. type: string + window: + description: >- + Specifies the maintenance window in which maintenance may be + performed. + $ref: '#/components/schemas/MaintenanceWindow' + NodePoolAutoscaling: + properties: + totalMaxNodeCount: + type: integer + description: >- + Maximum number of nodes in the node pool. Must be greater than or + equal to total_min_node_count. There has to be enough quota to scale + up the cluster. The total_*_node_count fields are mutually exclusive + with the *_node_count fields. + format: int32 + minNodeCount: + description: >- + Minimum number of nodes for one location in the node pool. Must be + greater than or equal to 0 and less than or equal to max_node_count. + format: int32 + type: integer + maxNodeCount: + type: integer + format: int32 + description: >- + Maximum number of nodes for one location in the node pool. Must be + >= min_node_count. There has to be enough quota to scale up the + cluster. + enabled: + type: boolean + description: Is autoscaling enabled for this node pool. + totalMinNodeCount: + type: integer + format: int32 + description: >- + Minimum number of nodes in the node pool. Must be greater than or + equal to 0 and less than or equal to total_max_node_count. The + total_*_node_count fields are mutually exclusive with the + *_node_count fields. + locationPolicy: + description: Location policy used when scaling up a nodepool. + enum: + - LOCATION_POLICY_UNSPECIFIED + - BALANCED + - ANY enumDescriptions: - - HPA_PROFILE_UNSPECIFIED is used when no custom HPA profile is set. - - Customers explicitly opt-out of HPA profiles. + - Not set. - >- - PERFORMANCE is used when customers opt-in to the performance HPA - profile. In this profile we support a higher number of HPAs per - cluster and faster metrics collection for workload autoscaling. - enum: - - HPA_PROFILE_UNSPECIFIED - - NONE - - PERFORMANCE - Fleet: - id: Fleet - description: Fleet is the fleet configuration for the cluster. + BALANCED is a best effort policy that aims to balance the sizes of + different zones. + - ANY policy picks zones that have the highest capacity available. + type: string + autoprovisioned: + type: boolean + description: Can this node pool be deleted automatically. + description: >- + NodePoolAutoscaling contains information required by cluster autoscaler + to adjust the size of the node pool to the current cluster usage. type: object + id: NodePoolAutoscaling + PrivateClusterConfig: + description: Configuration options for private clusters. properties: - project: + enablePrivateEndpoint: description: >- - The Fleet host project(project ID or project number) where this - cluster will be registered to. This field cannot be changed after - the cluster has been registered. + Whether the master's internal IP address is used as the cluster + endpoint. Deprecated: Use + ControlPlaneEndpointsConfig.IPEndpointsConfig.enable_public_endpoint + instead. Note that the value of enable_public_endpoint is reversed: + if enable_private_endpoint is false, then enable_public_endpoint + will be true. + type: boolean + deprecated: true + peeringName: type: string - membership: + readOnly: true description: >- - Output only. The full resource name of the registered fleet - membership of the cluster, in the format - `//gkehub.googleapis.com/projects/*/locations/*/memberships/*`. + Output only. The peering name in the customer VPC used by this + cluster. + masterGlobalAccessConfig: + deprecated: true + description: >- + Controls master global access settings. Deprecated: Use + ControlPlaneEndpointsConfig.IPEndpointsConfig.enable_global_access + instead. + $ref: '#/components/schemas/PrivateClusterMasterGlobalAccessConfig' + enablePrivateNodes: + description: >- + Whether nodes have internal IP addresses only. If enabled, all nodes + are given only RFC 1918 private addresses and communicate with the + master via private networking. Deprecated: Use + NetworkConfig.default_enable_private_nodes instead. + deprecated: true + type: boolean + publicEndpoint: + deprecated: true + description: >- + Output only. The external IP address of this cluster's master + endpoint. Deprecated:Use + ControlPlaneEndpointsConfig.IPEndpointsConfig.public_endpoint + instead. + type: string readOnly: true + privateEndpointSubnetwork: type: string - preRegistered: description: >- - Output only. Whether the cluster has been registered through the - fleet API. + Subnet to provision the master's private endpoint during cluster + creation. Specified in projects/*/regions/*/subnetworks/* format. + Deprecated: Use + ControlPlaneEndpointsConfig.IPEndpointsConfig.private_endpoint_subnetwork + instead. + deprecated: true + masterIpv4CidrBlock: + type: string + description: >- + The IP range in CIDR notation to use for the hosted master network. + This range will be used for assigning internal IP addresses to the + master or set of masters, as well as the ILB VIP. This range must + not overlap with any other ranges in use within the cluster's + network. + privateEndpoint: + type: string + description: >- + Output only. The internal IP address of this cluster's master + endpoint. Deprecated: Use + ControlPlaneEndpointsConfig.IPEndpointsConfig.private_endpoint + instead. + deprecated: true readOnly: true + type: object + id: PrivateClusterConfig + GkeBackupAgentConfig: + description: Configuration for the Backup for GKE Agent. + properties: + enabled: + description: Whether the Backup for GKE agent is enabled for this cluster. type: boolean - membershipType: - description: The type of the cluster's fleet membership. + id: GkeBackupAgentConfig + type: object + AuthenticatorGroupsConfig: + description: Configuration for returning group information from authenticators. + properties: + securityGroup: type: string - enumDescriptions: - - The MembershipType is not set. - - The membership supports only lightweight compatible features. - enum: - - MEMBERSHIP_TYPE_UNSPECIFIED - - LIGHTWEIGHT - SecurityPostureConfig: - id: SecurityPostureConfig + description: >- + The name of the security group-of-groups to be used. Only relevant + if enabled = true. + enabled: + description: >- + Whether this cluster should return group membership lookups during + authentication using a group of security groups. + type: boolean + type: object + id: AuthenticatorGroupsConfig + RayClusterMonitoringConfig: description: >- - SecurityPostureConfig defines the flags needed to enable/disable - features for the Security Posture API. + RayClusterMonitoringConfig specifies monitoring configuration for Ray + clusters. + properties: + enabled: + description: Enable metrics collection for Ray clusters. + type: boolean + id: RayClusterMonitoringConfig type: object + NetworkPerformanceConfig: + id: NetworkPerformanceConfig + description: Configuration of all network bandwidth tiers properties: - mode: - description: Sets which mode to use for Security Posture features. + totalEgressBandwidthTier: + enumDescriptions: + - Default value + - Higher bandwidth, actual values based on VM size. + enum: + - TIER_UNSPECIFIED + - TIER_1 + description: Specifies the total network bandwidth tier for the NodePool. type: string + type: object + DesiredEnterpriseConfig: + deprecated: true + properties: + desiredTier: + description: desired_tier specifies the desired tier of the cluster. enumDescriptions: - - Default value not specified. - - Disables Security Posture features on the cluster. - - Applies Security Posture features on the cluster. - - >- - Applies the Security Posture off cluster Enterprise level - features. + - CLUSTER_TIER_UNSPECIFIED is when cluster_tier is not set. + - STANDARD indicates a standard GKE cluster. + - ENTERPRISE indicates a GKE Enterprise cluster. + type: string enum: - - MODE_UNSPECIFIED - - DISABLED - - BASIC + - CLUSTER_TIER_UNSPECIFIED + - STANDARD - ENTERPRISE - vulnerabilityMode: - description: Sets which mode to use for vulnerability scanning. + id: DesiredEnterpriseConfig + description: >- + DesiredEnterpriseConfig is a wrapper used for updating + enterprise_config. Deprecated: GKE Enterprise features are now available + without an Enterprise tier. + type: object + NetworkTierConfig: + id: NetworkTierConfig + description: NetworkTierConfig contains network tier information. + properties: + networkTier: type: string + enum: + - NETWORK_TIER_UNSPECIFIED + - NETWORK_TIER_DEFAULT + - NETWORK_TIER_PREMIUM + - NETWORK_TIER_STANDARD + description: Network tier configuration. enumDescriptions: - - Default value not specified. - - Disables vulnerability scanning on the cluster. - - Applies basic vulnerability scanning on the cluster. - >- - Applies the Security Posture's vulnerability on cluster Enterprise - level features. - enum: - - VULNERABILITY_MODE_UNSPECIFIED - - VULNERABILITY_DISABLED - - VULNERABILITY_BASIC - - VULNERABILITY_ENTERPRISE - ControlPlaneEndpointsConfig: - id: ControlPlaneEndpointsConfig - description: Configuration for all of the cluster's control plane endpoints. + By default, use project-level configuration. When unspecified, the + behavior defaults to NETWORK_TIER_DEFAULT. For cluster updates, + this implies no action (no-op). + - >- + Default network tier. Use project-level configuration. User can + specify this value, meaning they want to keep the same behaviour + as before cluster level network tier configuration is introduced. + This field ensures backward compatibility for the network tier of + cluster resources, such as node pools and load balancers, for + their external IP addresses. + - Premium network tier. + - Standard network tier. type: object + ResourceUsageExportConfig: + id: ResourceUsageExportConfig properties: - dnsEndpointConfig: - description: DNS endpoint configuration. - $ref: '#/components/schemas/DNSEndpointConfig' - ipEndpointsConfig: - description: IP endpoints configuration. - $ref: '#/components/schemas/IPEndpointsConfig' - DNSEndpointConfig: - id: DNSEndpointConfig - description: Describes the configuration of a DNS endpoint. + bigqueryDestination: + $ref: '#/components/schemas/BigQueryDestination' + description: Configuration to use BigQuery as usage export destination. + consumptionMeteringConfig: + description: Configuration to enable resource consumption metering. + $ref: '#/components/schemas/ConsumptionMeteringConfig' + enableNetworkEgressMetering: + type: boolean + description: >- + Whether to enable network egress metering for this cluster. If + enabled, a daemonset will be created in the cluster to meter network + egress traffic. + type: object + description: Configuration for exporting cluster resource usages. + SecondaryBootDiskUpdateStrategy: + type: object + properties: {} + id: SecondaryBootDiskUpdateStrategy + description: >- + SecondaryBootDiskUpdateStrategy is a placeholder which will be extended + in the future to define different options for updating secondary boot + disks. + WritableCgroups: type: object + description: Defines writable cgroups configuration. + id: WritableCgroups properties: - endpoint: + enabled: + description: Optional. Whether writable cgroups is enabled. + type: boolean + TopologyManager: + properties: + scope: + type: string description: >- - Output only. The cluster's DNS endpoint configuration. A DNS format - address. This is accessible from the public internet. Ex: - uid.us-central1.gke.goog. Always present, but the behavior may - change according to the value of - DNSEndpointConfig.allow_external_traffic. - readOnly: true + The Topology Manager aligns resources in following scopes: * + container * pod The default scope is 'container' if unspecified. See + https://kubernetes.io/docs/tasks/administer-cluster/topology-manager/#topology-manager-scopes + policy: type: string - allowExternalTraffic: description: >- - Controls whether user traffic is allowed over this endpoint. Note - that GCP-managed services may still use the endpoint even if this is - false. - type: boolean + Configures the strategy for resource alignment. Allowed values are: + * none: the default policy, and does not perform any topology + alignment. * restricted: the topology manager stores the preferred + NUMA node affinity for the container, and will reject the pod if the + affinity if not preferred. * best-effort: the topology manager + stores the preferred NUMA node affinity for the container. If the + affinity is not preferred, the topology manager will admit the pod + to the node anyway. * single-numa-node: the topology manager + determines if the single NUMA node affinity is possible. If it is, + Topology Manager will store this and the Hint Providers can then use + this information when making the resource allocation decision. If, + however, this is not possible then the Topology Manager will reject + the pod from the node. This will result in a pod in a Terminated + state with a pod admission failure. The default policy value is + 'none' if unspecified. Details about each strategy can be found + [here](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager/#topology-manager-policies). + id: TopologyManager + type: object + description: >- + TopologyManager defines the configuration options for Topology Manager + feature. See + https://kubernetes.io/docs/tasks/administer-cluster/topology-manager/ IPEndpointsConfig: id: IPEndpointsConfig - description: IP endpoints configuration. - type: object properties: enabled: - description: Controls whether to allow direct IP access. - type: boolean - enablePublicEndpoint: - description: >- - Controls whether the control plane allows access through a public - IP. It is invalid to specify both - PrivateClusterConfig.enablePrivateEndpoint and this field at the - same time. type: boolean + description: Controls whether to allow direct IP access. globalAccess: description: >- Controls whether the control plane's private endpoint is accessible @@ -4743,1582 +4608,1850 @@ components: PrivateClusterMasterGlobalAccessConfig.enabled and this field at the same time. type: boolean - authorizedNetworksConfig: - description: >- - Configuration of authorized networks. If enabled, restricts access - to the control plane based on source IP. It is invalid to specify - both Cluster.masterAuthorizedNetworksConfig and this field at the - same time. - $ref: '#/components/schemas/MasterAuthorizedNetworksConfig' - publicEndpoint: - description: >- - Output only. The external IP address of this cluster's control - plane. Only populated if enabled. + privateEndpoint: readOnly: true type: string - privateEndpoint: description: >- Output only. The internal IP address of this cluster's control plane. Only populated if enabled. - readOnly: true - type: string privateEndpointSubnetwork: + type: string description: >- Subnet to provision the master's private endpoint during cluster creation. Specified in projects/*/regions/*/subnetworks/* format. It is invalid to specify both PrivateClusterConfig.privateEndpointSubnetwork and this field at the same time. + publicEndpoint: + description: >- + Output only. The external IP address of this cluster's control + plane. Only populated if enabled. type: string - K8sBetaAPIConfig: - id: K8sBetaAPIConfig - description: K8sBetaAPIConfig , configuration for beta APIs - type: object - properties: - enabledApis: - description: Enabled k8s beta APIs. - type: array - items: - type: string - EnterpriseConfig: - id: EnterpriseConfig - description: EnterpriseConfig is the cluster enterprise configuration. + readOnly: true + authorizedNetworksConfig: + $ref: '#/components/schemas/MasterAuthorizedNetworksConfig' + description: >- + Configuration of authorized networks. If enabled, restricts access + to the control plane based on source IP. It is invalid to specify + both Cluster.masterAuthorizedNetworksConfig and this field at the + same time. + enablePublicEndpoint: + description: >- + Controls whether the control plane allows access through a public + IP. It is invalid to specify both + PrivateClusterConfig.enablePrivateEndpoint and this field at the + same time. + type: boolean type: object + description: IP endpoints configuration. + SandboxConfig: + id: SandboxConfig properties: - clusterTier: - description: >- - Output only. cluster_tier indicates the effective tier of the - cluster. - readOnly: true - type: string - enumDescriptions: - - CLUSTER_TIER_UNSPECIFIED is when cluster_tier is not set. - - STANDARD indicates a standard GKE cluster. - - ENTERPRISE indicates a GKE Enterprise cluster. - enum: - - CLUSTER_TIER_UNSPECIFIED - - STANDARD - - ENTERPRISE - desiredTier: - description: desired_tier specifies the desired tier of the cluster. + type: type: string + description: Type of the sandbox to use for the node. enumDescriptions: - - CLUSTER_TIER_UNSPECIFIED is when cluster_tier is not set. - - STANDARD indicates a standard GKE cluster. - - ENTERPRISE indicates a GKE Enterprise cluster. + - Default value. This should not be used. + - Run sandbox using gvisor. enum: - - CLUSTER_TIER_UNSPECIFIED - - STANDARD - - ENTERPRISE - SecretManagerConfig: - id: SecretManagerConfig - description: SecretManagerConfig is config for secret manager enablement. + - UNSPECIFIED + - GVISOR + description: >- + SandboxConfig contains configurations of the sandbox to use for the + node. + type: object + ManagedPrometheusConfig: + description: >- + ManagedPrometheusConfig defines the configuration for Google Cloud + Managed Service for Prometheus. type: object properties: enabled: - description: Enable/Disable Secret Manager Config. type: boolean - rotationConfig: - description: Rotation config for secret manager. - $ref: '#/components/schemas/RotationConfig' - RotationConfig: - id: RotationConfig - description: RotationConfig is config for secret manager auto rotation. - type: object + description: Enable Managed Collection. + autoMonitoringConfig: + $ref: '#/components/schemas/AutoMonitoringConfig' + description: GKE Workload Auto-Monitoring Configuration. + id: ManagedPrometheusConfig + LegacyAbac: + description: >- + Configuration for the legacy Attribute Based Access Control + authorization mode. properties: enabled: - description: Whether the rotation is enabled. type: boolean - rotationInterval: description: >- - The interval between two consecutive rotations. Default rotation - interval is 2 minutes. - type: string - format: google-duration - CompliancePostureConfig: - id: CompliancePostureConfig - description: >- - CompliancePostureConfig defines the settings needed to enable/disable - features for the Compliance Posture. + Whether the ABAC authorizer is enabled for this cluster. When + enabled, identities in the system, including service accounts, + nodes, and controllers, will have statically granted permissions + beyond those provided by the RBAC configuration or IAM. type: object - properties: - mode: - description: Defines the enablement mode for Compliance Posture. - type: string - enumDescriptions: - - Default value not specified. - - Disables Compliance Posture features on the cluster. - - Enables Compliance Posture features on the cluster. - enum: - - MODE_UNSPECIFIED - - DISABLED - - ENABLED - complianceStandards: - description: List of enabled compliance standards. - type: array - items: - $ref: '#/components/schemas/ComplianceStandard' - ComplianceStandard: - id: ComplianceStandard - description: Defines the details of a compliance standard. + id: LegacyAbac + ResourceLabels: + description: >- + Collection of [Resource Manager + labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels). + properties: + labels: + additionalProperties: + type: string + description: Map of node label keys and node label values. + type: object + id: ResourceLabels + type: object + ReservationAffinity: + id: ReservationAffinity type: object + description: >- + [ReservationAffinity](https://cloud.google.com/compute/docs/instances/reserving-zonal-resources) + is the configuration of desired reservation which instances could take + capacity from. properties: - standard: - description: Name of the compliance standard. + consumeReservationType: + enum: + - UNSPECIFIED + - NO_RESERVATION + - ANY_RESERVATION + - SPECIFIC_RESERVATION + enumDescriptions: + - Default value. This should not be used. + - Do not consume from any reserved capacity. + - Consume any reservation available. + - >- + Must consume from a specific reservation. Must specify key value + fields for specifying the reservations. type: string - UserManagedKeysConfig: - id: UserManagedKeysConfig - description: >- - UserManagedKeysConfig holds the resource address to Keys which are used - for signing certs and token that are used for communication within - cluster. + description: Corresponds to the type of reservation consumption. + values: + items: + type: string + type: array + description: Corresponds to the label value(s) of reservation resource(s). + key: + type: string + description: >- + Corresponds to the label key of a reservation resource. To target a + SPECIFIC_RESERVATION by name, specify + "compute.googleapis.com/reservation-name" as the key and specify the + name of your reservation as its value. + UpgradeSettings: type: object + id: UpgradeSettings + description: >- + These upgrade settings control the level of parallelism and the level of + disruption caused by an upgrade. maxUnavailable controls the number of + nodes that can be simultaneously unavailable. maxSurge controls the + number of additional nodes that can be added to the node pool + temporarily for the time of the upgrade to increase the number of + available nodes. (maxUnavailable + maxSurge) determines the level of + parallelism (how many nodes are being upgraded at the same time). Note: + upgrades inevitably introduce some disruption since workloads need to be + moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, + this holds true. (Disruption stays within the limits of + PodDisruptionBudget, if it is configured.) Consider a hypothetical node + pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the + upgrade process upgrades 3 nodes simultaneously. It creates 2 additional + (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at + the same time. This ensures that there are always at least 4 nodes + available. These upgrade settings configure the upgrade strategy for the + node pool. Use strategy to switch between the strategies applied to the + node pool. If the strategy is ROLLING, use max_surge and max_unavailable + to control the level of parallelism and the level of disruption caused + by upgrade. 1. maxSurge controls the number of additional nodes that can + be added to the node pool temporarily for the time of the upgrade to + increase the number of available nodes. 2. maxUnavailable controls the + number of nodes that can be simultaneously unavailable. 3. + (maxUnavailable + maxSurge) determines the level of parallelism (how + many nodes are being upgraded at the same time). If the strategy is + BLUE_GREEN, use blue_green_settings to configure the blue-green upgrade + related settings. 1. standard_rollout_policy is the default policy. The + policy is used to control the way blue pool gets drained. The draining + is executed in the batch mode. The batch size could be specified as + either percentage of the node pool size or the number of nodes. + batch_soak_duration is the soak time after each batch gets drained. 2. + node_pool_soak_duration is the soak time after all blue nodes are + drained. After this period, the blue pool nodes will be deleted. properties: - clusterCa: - description: >- - The Certificate Authority Service caPool to use for the cluster CA - in this cluster. - type: string - etcdApiCa: + maxUnavailable: description: >- - Resource path of the Certificate Authority Service caPool to use for - the etcd API CA in this cluster. - type: string - etcdPeerCa: + The maximum number of nodes that can be simultaneously unavailable + during the upgrade process. A node is considered available if its + status is Ready. + format: int32 + type: integer + blueGreenSettings: + description: Settings for blue-green upgrade strategy. + $ref: '#/components/schemas/BlueGreenSettings' + maxSurge: + type: integer + format: int32 description: >- - Resource path of the Certificate Authority Service caPool to use for - the etcd peer CA in this cluster. + The maximum number of nodes that can be created beyond the current + size of the node pool during the upgrade process. + strategy: + enumDescriptions: + - >- + Default value if unset. GKE internally defaults the update + strategy to SURGE for unspecified strategies. + - blue-green upgrade. + - >- + SURGE is the traditional way of upgrade a node pool. max_surge and + max_unavailable determines the level of upgrade parallelism. type: string - serviceAccountSigningKeys: - description: >- - The Cloud KMS cryptoKeyVersions to use for signing service account - JWTs issued by this cluster. Format: - `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{cryptoKey}/cryptoKeyVersions/{cryptoKeyVersion}` - type: array - items: - type: string - serviceAccountVerificationKeys: + enum: + - NODE_POOL_UPDATE_STRATEGY_UNSPECIFIED + - BLUE_GREEN + - SURGE + description: Update strategy of the node pool. + ContainerdConfig: + id: ContainerdConfig + type: object + properties: + registryHosts: description: >- - The Cloud KMS cryptoKeyVersions to use for verifying service account - JWTs issued by this cluster. Format: - `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{cryptoKey}/cryptoKeyVersions/{cryptoKeyVersion}` + RegistryHostConfig configures containerd registry host + configuration. Each registry_hosts represents a hosts.toml file. At + most 25 registry_hosts are allowed. type: array items: - type: string - aggregationCa: - description: >- - The Certificate Authority Service caPool to use for the aggregation - CA in this cluster. - type: string - controlPlaneDiskEncryptionKey: + $ref: '#/components/schemas/RegistryHostConfig' + writableCgroups: description: >- - The Cloud KMS cryptoKey to use for Confidential Hyperdisk on the - control plane nodes. - type: string - gkeopsEtcdBackupEncryptionKey: + Optional. WritableCgroups defines writable cgroups configuration for + the node pool. + $ref: '#/components/schemas/WritableCgroups' + privateRegistryAccessConfig: + $ref: '#/components/schemas/PrivateRegistryAccessConfig' description: >- - Resource path of the Cloud KMS cryptoKey to use for encryption of - internal etcd backups. - type: string - RBACBindingConfig: - id: RBACBindingConfig + PrivateRegistryAccessConfig is used to configure access + configuration for private container registries. + description: ContainerdConfig contains configuration to customize containerd. + HorizontalPodAutoscaling: description: >- - RBACBindingConfig allows user to restrict ClusterRoleBindings an - RoleBindings that can be created. - type: object + Configuration options for the horizontal pod autoscaling feature, which + increases or decreases the number of replica pods a replication + controller has based on the resource usage of the existing pods. properties: - enableInsecureBindingSystemUnauthenticated: - description: >- - Setting this to true will allow any ClusterRoleBinding and - RoleBinding with subjets system:anonymous or system:unauthenticated. - type: boolean - enableInsecureBindingSystemAuthenticated: + disabled: description: >- - Setting this to true will allow any ClusterRoleBinding and - RoleBinding with subjects system:authenticated. + Whether the Horizontal Pod Autoscaling feature is enabled in the + cluster. When enabled, it ensures that metrics are collected into + Stackdriver Monitoring. type: boolean - GkeAutoUpgradeConfig: - id: GkeAutoUpgradeConfig - description: GkeAutoUpgradeConfig is the configuration for GKE auto upgrades. + id: HorizontalPodAutoscaling + type: object + GcfsConfig: + description: >- + GcfsConfig contains configurations of Google Container File System + (image streaming). + id: GcfsConfig type: object properties: - patchMode: - description: >- - PatchMode specifies how auto upgrade patch builds should be - selected. - type: string + enabled: + description: Whether to use GCFS. + type: boolean + PodAutoscaling: + properties: + hpaProfile: enumDescriptions: + - HPA_PROFILE_UNSPECIFIED is used when no custom HPA profile is set. + - Customers explicitly opt-out of HPA profiles. - >- - PATCH_MODE_UNSPECIFIED defaults to using the upgrade target from - the channel's patch upgrade targets as the upgrade target for the - version. - - >- - ACCELERATED denotes that the latest patch build in the channel - should be used as the upgrade target for the version. + PERFORMANCE is used when customers opt-in to the performance HPA + profile. In this profile we support a higher number of HPAs per + cluster and faster metrics collection for workload autoscaling. + type: string + description: Selected Horizontal Pod Autoscaling profile. enum: - - PATCH_MODE_UNSPECIFIED - - ACCELERATED - AnonymousAuthenticationConfig: - id: AnonymousAuthenticationConfig + - HPA_PROFILE_UNSPECIFIED + - NONE + - PERFORMANCE + type: object + id: PodAutoscaling description: >- - AnonymousAuthenticationConfig defines the settings needed to limit - endpoints that allow anonymous authentication. + PodAutoscaling is used for configuration of parameters for workload + autoscaling. + WorkloadMetadataConfig: type: object + description: >- + WorkloadMetadataConfig defines the metadata configuration to expose to + workloads on the node pool. + id: WorkloadMetadataConfig properties: mode: - description: Defines the mode of limiting anonymous access in the cluster. type: string + description: >- + Mode is the configuration for how to expose metadata to workloads + running on the node pool. enumDescriptions: - - Default value not specified. - - Anonymous authentication is allowed for all endpoints. + - Not set. + - Expose all Compute Engine metadata to pods. - >- - Anonymous authentication is allowed for only health check - endpoints. + Run the GKE Metadata Server on this node. The GKE Metadata Server + exposes a metadata API to workloads that is compatible with the V1 + Compute Metadata APIs exposed by the Compute Engine and App Engine + Metadata Servers. This feature can only be enabled if Workload + Identity is enabled at the cluster level. enum: - MODE_UNSPECIFIED - - ENABLED - - LIMITED - CreateClusterRequest: - id: CreateClusterRequest - description: CreateClusterRequest creates a cluster. + - GCE_METADATA + - GKE_METADATA + Status: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). type: object + id: Status properties: - projectId: - description: >- - Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - This field has been deprecated and replaced by the parent field. - deprecated: true - type: string - zone: - description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the parent field. - deprecated: true - type: string - cluster: + details: + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object description: >- - Required. A [cluster - resource](https://{$universe.dns_names.final_documentation_domain}/container-engine/reference/rest/v1/projects.locations.clusters) - $ref: '#/components/schemas/Cluster' - parent: + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + code: + format: int32 + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + message: description: >- - The parent (project and location) where the cluster will be created. - Specified in the format `projects/*/locations/*`. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - Operation: - id: Operation + NetworkTags: + type: object + id: NetworkTags description: >- - This operation resource represents operations that may have happened or - are happening on the cluster. All fields are output only. + Collection of Compute Engine network tags that can be applied to a + node's underlying VM instance. + properties: + tags: + items: + type: string + description: List of network tags. + type: array + HugepagesConfig: + id: HugepagesConfig + properties: + hugepageSize2m: + type: integer + format: int32 + description: Optional. Amount of 2M hugepages + hugepageSize1g: + format: int32 + description: Optional. Amount of 1G hugepages + type: integer + description: Hugepages amount in both 2m and 1g size + type: object + RayClusterLoggingConfig: + description: RayClusterLoggingConfig specifies configuration of Ray logging. type: object + id: RayClusterLoggingConfig properties: - name: - description: Output only. The server-assigned ID for the operation. - readOnly: true + enabled: + type: boolean + description: Enable log collection for Ray clusters. + DisruptionEvent: + id: DisruptionEvent + description: >- + DisruptionEvent is a notification sent to customers about the disruption + event of a resource. + type: object + properties: + pdbBlockedPod: + type: array + description: >- + The pods whose evictions are blocked by PDB. This field is set for + both POD_PDB_VIOLATION and POD_NOT_ENOUGH_PDB event. + items: + $ref: '#/components/schemas/PdbBlockedPod' + pdbBlockedNode: type: string - zone: description: >- - Output only. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the operation is taking place. This field is deprecated, - use location instead. - readOnly: true - deprecated: true + The node whose drain is blocked by PDB. This field is set for both + POD_PDB_VIOLATION and POD_NOT_ENOUGH_PDB event. + pdbViolationTimeout: + description: >- + The timeout in seconds for which the node drain is blocked by PDB. + After this timeout, pods are forcefully evicted. This field is only + populated when event_type is POD_PDB_VIOLATION. + format: google-duration type: string - operationType: - description: Output only. The operation type. - readOnly: true + disruptionType: type: string enumDescriptions: - - Not set. - - >- - The cluster is being created. The cluster should be assumed to be - unusable until the operation finishes. In the event of the - operation failing, the cluster will enter the ERROR state and - eventually be deleted. - - >- - The cluster is being deleted. The cluster should be assumed to be - unusable as soon as this operation starts. In the event of the - operation failing, the cluster will enter the ERROR state and the - deletion will be automatically retried until completed. - - >- - The cluster version is being updated. Note that this includes - "upgrades" to the same version, which are simply a recreation. - This also includes - [auto-upgrades](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/concepts/cluster-upgrades#upgrading_automatically). - For more details, see [documentation on cluster - upgrades](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/concepts/cluster-upgrades#cluster_upgrades). - - >- - A node pool is being updated. Despite calling this an "upgrade", - this includes most forms of updates to node pools. This also - includes - [auto-upgrades](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/how-to/node-auto-upgrades). - This operation sets the progress field and may be canceled. The - upgrade strategy depends on [node pool - configuration](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/concepts/node-pool-upgrade-strategies). - The nodes are generally still usable during this operation. - - >- - A problem has been detected with the control plane and is being - repaired. This operation type is initiated by GKE. For more - details, see [documentation on - repairs](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/concepts/maintenance-windows-and-exclusions#repairs). - - >- - The cluster is being updated. This is a broad category of - operations and includes operations that only change metadata as - well as those that must recreate the entire cluster. If the - control plane must be recreated, this will cause temporary - downtime for zonal clusters. Some features require recreating the - nodes as well. Those will be recreated as separate operations and - the update may not be completely functional until the node pools - recreations finish. Node recreations will generally follow - [maintenance - policies](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/concepts/maintenance-windows-and-exclusions). - Some GKE-initiated operations use this type. This includes certain - types of auto-upgrades and incident mitigations. - - >- - A node pool is being created. The node pool should be assumed to - be unusable until this operation finishes. In the event of an - error, the node pool may be partially created. If enabled, [node - autoprovisioning](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/how-to/node-auto-provisioning) - may have automatically initiated such operations. - - >- - The node pool is being deleted. The node pool should be assumed to - be unusable as soon as this operation starts. - - >- - The node pool's manamagent field is being updated. These - operations only update metadata and may be concurrent with most - other operations. - - >- - A problem has been detected with nodes and [they are being - repaired](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/how-to/node-auto-repair). - This operation type is initiated by GKE, typically automatically. - This operation may be concurrent with other operations and there - may be multiple repairs occurring on the same node pool. - - Unused. Automatic node upgrade uses UPGRADE_NODES. - - Unused. Updating labels uses UPDATE_CLUSTER. - - Unused. Updating master auth uses UPDATE_CLUSTER. - >- - The node pool is being resized. With the exception of resizing to - or from size zero, the node pool is generally usable during this - operation. - - Unused. Updating network policy uses UPDATE_CLUSTER. - - Unused. Updating maintenance policy uses UPDATE_CLUSTER. + DISRUPTION_TYPE_UNSPECIFIED indicates the disruption type is + unspecified. - >- - The control plane is being resized. This operation type is - initiated by GKE. These operations are often performed - preemptively to ensure that the control plane has sufficient - resources and is not typically an indication of issues. For more - details, see [documentation on - resizes](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/concepts/maintenance-windows-and-exclusions#repairs). + POD_NOT_ENOUGH_PDB indicates there are still running pods on the + node during node drain because their evictions are blocked by PDB. - >- - Fleet features of GKE Enterprise are being upgraded. The cluster - should be assumed to be blocked for other upgrades until the - operation finishes. - enumDeprecated: - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - true - - true - - true - - false - - true - - true - - false - - false + POD_PDB_VIOLATION indicates that there are force pod evictions + during node drain which violate the PDB. + description: The type of the disruption event. enum: - - TYPE_UNSPECIFIED - - CREATE_CLUSTER - - DELETE_CLUSTER - - UPGRADE_MASTER - - UPGRADE_NODES - - REPAIR_CLUSTER - - UPDATE_CLUSTER - - CREATE_NODE_POOL - - DELETE_NODE_POOL - - SET_NODE_POOL_MANAGEMENT - - AUTO_REPAIR_NODES - - AUTO_UPGRADE_NODES - - SET_LABELS - - SET_MASTER_AUTH - - SET_NODE_POOL_SIZE - - SET_NETWORK_POLICY - - SET_MAINTENANCE_POLICY - - RESIZE_CLUSTER - - FLEET_FEATURE_UPGRADE - status: - description: Output only. The current status of the operation. - readOnly: true - type: string - enumDescriptions: - - Not set. - - The operation has been created. - - The operation is currently running. - - The operation is done, either cancelled or completed. - - The operation is aborting. + - DISRUPTION_TYPE_UNSPECIFIED + - POD_NOT_ENOUGH_PDB + - POD_PDB_VIOLATION + StatefulHAConfig: + type: object + description: Configuration for the Stateful HA add-on. + properties: + enabled: + type: boolean + description: Whether the Stateful HA add-on is enabled for this cluster. + id: StatefulHAConfig + WindowsNodeConfig: + id: WindowsNodeConfig + properties: + osVersion: enum: - - STATUS_UNSPECIFIED - - PENDING - - RUNNING - - DONE - - ABORTING - detail: - description: Output only. Detailed operation progress, if available. - readOnly: true + - OS_VERSION_UNSPECIFIED + - OS_VERSION_LTSC2019 + - OS_VERSION_LTSC2022 + description: OSVersion specifies the Windows node config to be used on the node. + enumDescriptions: + - When OSVersion is not specified. + - >- + LTSC2019 specifies to use LTSC2019 as the Windows Servercore Base + Image. + - >- + LTSC2022 specifies to use LTSC2022 as the Windows Servercore Base + Image. type: string - statusMessage: + type: object + description: >- + Parameters that can be configured on Windows nodes. Windows Node Config + that define the parameters that will be used to configure the Windows + node pool settings. + IntraNodeVisibilityConfig: + id: IntraNodeVisibilityConfig + description: >- + IntraNodeVisibilityConfig contains the desired config of the intra-node + visibility on this cluster. + properties: + enabled: + description: Enables intra node visibility for this cluster. + type: boolean + type: object + ListOperationsResponse: + properties: + operations: + items: + $ref: '#/components/schemas/Operation' + type: array + description: A list of operations in the project in the specified zone. + missingZones: + type: array description: >- - Output only. If an error has occurred, a textual description of the - error. Deprecated. Use the field error instead. + If any zones are listed here, the list of operations returned may be + missing the operations from those zones. + items: + type: string + description: ListOperationsResponse is the result of ListOperationsRequest. + id: ListOperationsResponse + type: object + LoggingConfig: + id: LoggingConfig + properties: + componentConfig: + description: Logging components configuration + $ref: '#/components/schemas/LoggingComponentConfig' + type: object + description: LoggingConfig is cluster logging configuration. + MasterAuth: + description: >- + The authentication information for accessing the master endpoint. + Authentication can be done using HTTP basic auth or using client + certificates. + type: object + id: MasterAuth + properties: + clusterCaCertificate: readOnly: true - deprecated: true type: string - selfLink: description: >- - Output only. Server-defined URI for the operation. Example: - `https://container.googleapis.com/v1alpha1/projects/123/locations/us-central1/operations/operation-123`. - readOnly: true + Output only. Base64-encoded public certificate that is the root of + trust for the cluster. + password: type: string - targetLink: description: >- - Output only. Server-defined URI for the target of the operation. The - format of this is a URI to the resource being modified (such as a - cluster, node pool, or node). For node pool repairs, there may be - multiple nodes being repaired, but only one will be the target. - Examples: - ## - `https://container.googleapis.com/v1/projects/123/locations/us-central1/clusters/my-cluster` - ## - `https://container.googleapis.com/v1/projects/123/zones/us-central1-c/clusters/my-cluster/nodePools/my-np` - `https://container.googleapis.com/v1/projects/123/zones/us-central1-c/clusters/my-cluster/nodePools/my-np/node/my-node` - readOnly: true + The password to use for HTTP basic authentication to the master + endpoint. Because the master endpoint is open to the Internet, you + should create a strong password. If a password is provided for + cluster creation, username must be non-empty. Warning: basic + authentication is deprecated, and will be removed in GKE control + plane versions 1.19 and newer. For a list of recommended + authentication methods, see: + https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication + deprecated: true + username: type: string - location: + deprecated: true description: >- - Output only. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/regions-zones/regions-zones#available) - or - [region](https://{$universe.dns_names.final_documentation_domain}/compute/docs/regions-zones/regions-zones#available) - in which the cluster resides. + The username to use for HTTP basic authentication to the master + endpoint. For clusters v1.6.0 and later, basic authentication can be + disabled by leaving username unspecified (or setting it to the empty + string). Warning: basic authentication is deprecated, and will be + removed in GKE control plane versions 1.19 and newer. For a list of + recommended authentication methods, see: + https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication + clientCertificate: readOnly: true type: string - startTime: description: >- - Output only. The time the operation started, in - [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. - readOnly: true - type: string - endTime: + Output only. Base64-encoded public certificate used by clients to + authenticate to the cluster endpoint. Issued only if + client_certificate_config is set. + clientCertificateConfig: + $ref: '#/components/schemas/ClientCertificateConfig' description: >- - Output only. The time the operation completed, in - [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. - readOnly: true + Configuration for client certificate authentication on the cluster. + For clusters before v1.12, if no configuration is specified, a + client certificate is issued. + clientKey: + description: >- + Output only. Base64-encoded private key used by clients to + authenticate to the cluster endpoint. type: string - progress: - description: Output only. Progress information for an operation. readOnly: true - $ref: '#/components/schemas/OperationProgress' - clusterConditions: - description: >- - Which conditions caused the current cluster state. Deprecated. Use - field error instead. - deprecated: true + CompliancePostureConfig: + type: object + description: >- + CompliancePostureConfig defines the settings needed to enable/disable + features for the Compliance Posture. + properties: + complianceStandards: type: array items: - $ref: '#/components/schemas/StatusCondition' - nodepoolConditions: - description: >- - Which conditions caused the current node pool state. Deprecated. Use - field error instead. - deprecated: true + $ref: '#/components/schemas/ComplianceStandard' + description: List of enabled compliance standards. + mode: + enum: + - MODE_UNSPECIFIED + - DISABLED + - ENABLED + description: Defines the enablement mode for Compliance Posture. + enumDescriptions: + - Default value not specified. + - Disables Compliance Posture features on the cluster. + - Enables Compliance Posture features on the cluster. + type: string + id: CompliancePostureConfig + PrivateRegistryAccessConfig: + description: >- + PrivateRegistryAccessConfig contains access configuration for private + container registries. + id: PrivateRegistryAccessConfig + properties: + enabled: + description: Private registry access is enabled. + type: boolean + certificateAuthorityDomainConfig: + description: Private registry access configuration. type: array items: - $ref: '#/components/schemas/StatusCondition' - error: - description: The error result of the operation in case of failure. - $ref: '#/components/schemas/Status' - OperationProgress: - id: OperationProgress - description: Information about operation (or operation stage) progress. + $ref: '#/components/schemas/CertificateAuthorityDomainConfig' + type: object + NodePoolUpgradeInfo: + description: NodePoolUpgradeInfo contains the upgrade information of a nodepool. type: object + id: NodePoolUpgradeInfo properties: - name: + patchTargetVersion: + description: patch_target_version indicates the target version for patch upgrade. + type: string + endOfStandardSupportTimestamp: + type: string description: >- - A non-parameterized string describing an operation stage. Unset for - single-stage operations. + The nodepool's current minor version's end of standard support + timestamp. + pausedReason: + items: + enumDescriptions: + - >- + AUTO_UPGRADE_PAUSED_REASON_UNSPECIFIED indicates an unspecified + reason. + - >- + MAINTENANCE_WINDOW indicates the cluster is outside customer + maintenance window. + - >- + MAINTENANCE_EXCLUSION_NO_UPGRADES indicates the cluster is in a + maintenance exclusion with scope NO_UPGRADES. + - >- + MAINTENANCE_EXCLUSION_NO_MINOR_UPGRADES indicates the cluster is + in a maintenance exclusion with scope NO_MINOR_UPGRADES. + - >- + SYSTEM_CONFIG indicates the cluster upgrade is paused by system + config. + type: string + enum: + - AUTO_UPGRADE_PAUSED_REASON_UNSPECIFIED + - MAINTENANCE_WINDOW + - MAINTENANCE_EXCLUSION_NO_UPGRADES + - MAINTENANCE_EXCLUSION_NO_MINOR_UPGRADES + - SYSTEM_CONFIG + type: array + description: The auto upgrade paused reason. + endOfExtendedSupportTimestamp: type: string - status: - description: Status of an operation stage. Unset for single-stage operations. + description: >- + The nodepool's current minor version's end of extended support + timestamp. + upgradeDetails: + items: + $ref: '#/components/schemas/UpgradeDetails' + description: The list of past auto upgrades. + type: array + autoUpgradeStatus: + description: The auto upgrade status. + type: array + items: + type: string + enumDescriptions: + - UNKNOWN indicates an unknown status. + - ACTIVE indicates an active status. + - >- + MINOR_UPGRADE_PAUSED indicates the minor version upgrade is + paused. + - UPGRADE_PAUSED indicates the upgrade is paused. + enum: + - UNKNOWN + - ACTIVE + - MINOR_UPGRADE_PAUSED + - UPGRADE_PAUSED + minorTargetVersion: type: string - enumDescriptions: - - Not set. - - The operation has been created. - - The operation is currently running. - - The operation is done, either cancelled or completed. - - The operation is aborting. - enum: - - STATUS_UNSPECIFIED - - PENDING - - RUNNING - - DONE - - ABORTING - metrics: + description: minor_target_version indicates the target version for minor upgrade. + NodeManagement: + properties: + upgradeOptions: + $ref: '#/components/schemas/AutoUpgradeOptions' + description: Specifies the Auto Upgrade knobs for the node pool. + autoUpgrade: + type: boolean + description: >- + A flag that specifies whether node auto-upgrade is enabled for the + node pool. If enabled, node auto-upgrade helps keep the nodes in + your node pool up to date with the latest release version of + Kubernetes. + autoRepair: + type: boolean description: >- - Progress metric bundle, for example: metrics: [{name: "nodes done", - int_value: 15}, {name: "nodes total", int_value: 32}] or metrics: - [{name: "progress", double_value: 0.56}, {name: "progress scale", - double_value: 1.0}] - type: array - items: - $ref: '#/components/schemas/Metric' - stages: - description: Substages of an operation or a stage. - type: array - items: - $ref: '#/components/schemas/OperationProgress' - Metric: - id: Metric - description: Progress metric is (string, int|float|string) pair. + A flag that specifies whether the node auto-repair is enabled for + the node pool. If enabled, the nodes in this node pool will be + monitored and, if they fail health checks too many times, an + automatic repair action will be triggered. type: object + id: NodeManagement + description: >- + NodeManagement defines the set of node management services turned on for + the node pool. + UpgradeDetails: + description: >- + UpgradeDetails contains detailed information of each individual upgrade + operation. + id: UpgradeDetails properties: - name: - description: Required. Metric name, e.g., "nodes total", "percent done". + state: + description: Output only. The state of the upgrade. + enum: + - UNKNOWN + - FAILED + - SUCCEEDED + - CANCELED + - RUNNING + readOnly: true type: string - intValue: - description: For metrics with integer value. + enumDescriptions: + - Upgrade state is unknown. + - Upgrade has failed with an error. + - Upgrade has succeeded. + - Upgrade has been canceled. + - Upgrade is running. + startTime: type: string - format: int64 - doubleValue: - description: For metrics with floating point value. - type: number - format: double - stringValue: - description: For metrics with custom values (ratios, visual progress, etc.). + description: The start timestamp of the upgrade. + format: google-datetime + targetVersion: + type: string + description: The version after the upgrade. + startType: + type: string + enumDescriptions: + - Upgrade start type is unspecified. + - Upgrade started automatically. + - Upgrade started manually. + enum: + - START_TYPE_UNSPECIFIED + - AUTOMATIC + - MANUAL + description: The start type of the upgrade. + initialVersion: + description: The version before the upgrade. + type: string + endTime: + format: google-datetime + description: The end timestamp of the upgrade. type: string - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + type: object + NodeLabels: type: object properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + labels: + description: Map of node label keys and node label values. + additionalProperties: + type: string + type: object + description: >- + Collection of node-level [Kubernetes + labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels). + id: NodeLabels + SetLabelsRequest: + id: SetLabelsRequest + properties: + name: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + The name (project, location, cluster name) of the cluster to set + labels. Specified in the format `projects/*/locations/*/clusters/*`. type: string - details: + labelFingerprint: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - UpdateClusterRequest: - id: UpdateClusterRequest - description: UpdateClusterRequest updates the settings of a cluster. - type: object - properties: + Required. The fingerprint of the previous set of labels for this + resource, used to detect conflicts. The fingerprint is initially + generated by Kubernetes Engine and changes after every request to + modify or update labels. You must always provide an up-to-date + fingerprint hash when updating or changing labels. Make a `get()` + request to the resource to get the latest fingerprint. + type: string + resourceLabels: + description: Required. The labels to set for that cluster. + type: object + additionalProperties: + type: string projectId: + type: string + deprecated: true description: >- Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). This field has been deprecated and replaced by the name field. - deprecated: true + clusterId: type: string - zone: - description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the name field. deprecated: true - type: string - clusterId: description: >- - Deprecated. The name of the cluster to upgrade. This field has been - deprecated and replaced by the name field. - deprecated: true + Deprecated. The name of the cluster. This field has been deprecated + and replaced by the name field. + zone: type: string - update: - description: Required. A description of the update. - $ref: '#/components/schemas/ClusterUpdate' - name: + deprecated: true description: >- - The name (project, location, cluster) of the cluster to update. - Specified in the format `projects/*/locations/*/clusters/*`. - type: string - ClusterUpdate: - id: ClusterUpdate + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and + replaced by the name field. description: >- - ClusterUpdate describes an update to the cluster. Exactly one update can - be applied to a cluster with each request, so at most one field can be - provided. + SetLabelsRequest sets the Google Cloud Platform labels on a Google + Container Engine cluster, which will in turn set them for Google Compute + Engine resources used by that cluster + type: object + HttpLoadBalancing: type: object properties: - desiredNodeVersion: + disabled: + type: boolean description: >- - The Kubernetes version to change the nodes to (typically an - upgrade). Users may specify either explicit versions offered by - Kubernetes Engine or version aliases, which have the following - behavior: - "latest": picks the highest valid Kubernetes version - - "1.X": picks the highest valid patch+gke.N patch in the 1.X version - - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version - - "1.X.Y-gke.N": picks an explicit Kubernetes version - "-": picks - the Kubernetes master version + Whether the HTTP Load Balancing controller is enabled in the + cluster. When enabled, it runs a small pod in the cluster that + manages the load balancers. + id: HttpLoadBalancing + description: >- + Configuration options for the HTTP (L7) load balancing controller addon, + which makes it easy to set up HTTP load balancers for services in a + cluster. + AutopilotCompatibilityIssue: + type: object + id: AutopilotCompatibilityIssue + properties: + description: + description: The description of the issue. + type: string + lastObservation: + format: google-datetime + description: The last time when this issue was observed. + type: string + documentationUrl: type: string - desiredMonitoringService: description: >- - The monitoring service the cluster should use to write metrics. - Currently available options: * - `monitoring.googleapis.com/kubernetes` - The Cloud Monitoring - service with a Kubernetes-native resource model * - `monitoring.googleapis.com` - The legacy Cloud Monitoring service - (no longer available as of GKE 1.15). * `none` - No metrics will be - exported from the cluster. If left as an empty - string,`monitoring.googleapis.com/kubernetes` will be used for GKE - 1.14+ or `monitoring.googleapis.com` for earlier versions. + A URL to a public documentation, which addresses resolving this + issue. + incompatibilityType: type: string - desiredAddonsConfig: + description: The incompatibility type of this issue. + enumDescriptions: + - Default value, should not be used. + - >- + Indicates that the issue is a known incompatibility between the + cluster and Autopilot mode. + - >- + Indicates the issue is an incompatibility if customers take no + further action to resolve. + - >- + Indicates the issue is not an incompatibility, but depending on + the workloads business logic, there is a potential that they won't + work on Autopilot. + enum: + - UNSPECIFIED + - INCOMPATIBILITY + - ADDITIONAL_CONFIG_REQUIRED + - PASSED_WITH_OPTIONAL_CONFIG + subjects: + items: + type: string + type: array + description: The name of the resources which are subject to this issue. + constraintType: + description: The constraint type of the issue. + type: string + description: >- + AutopilotCompatibilityIssue contains information about a specific + compatibility issue with Autopilot mode. + UpdateInfo: + description: >- + UpdateInfo contains resource (instance groups, etc), status and other + intermediate information relevant to a node pool upgrade. + type: object + id: UpdateInfo + properties: + blueGreenInfo: + description: Information of a blue-green upgrade. + $ref: '#/components/schemas/BlueGreenInfo' + AddonsConfig: + description: >- + Configuration for the addons that can be automatically spun up in the + cluster, enabling additional functionality. + properties: + httpLoadBalancing: description: >- - Configurations for the various addons available to run in the + Configuration for the HTTP (L7) load balancing controller addon, + which makes it easy to set up HTTP load balancers for services in a cluster. - $ref: '#/components/schemas/AddonsConfig' - desiredNodePoolId: - description: >- - The node pool to be upgraded. This field is mandatory if - "desired_node_version", "desired_image_family" or - "desired_node_pool_autoscaling" is specified and there is more than - one node pool on the cluster. - type: string - desiredImageType: + $ref: '#/components/schemas/HttpLoadBalancing' + lustreCsiDriverConfig: + $ref: '#/components/schemas/LustreCsiDriverConfig' + description: Configuration for the Lustre CSI driver. + gcpFilestoreCsiDriverConfig: + description: Configuration for the Filestore CSI driver. + $ref: '#/components/schemas/GcpFilestoreCsiDriverConfig' + gcePersistentDiskCsiDriverConfig: + $ref: '#/components/schemas/GcePersistentDiskCsiDriverConfig' + description: Configuration for the Compute Engine Persistent Disk CSI driver. + configConnectorConfig: description: >- - The desired image type for the node pool. NOTE: Set the - "desired_node_pool" field as well. - type: string - desiredDatabaseEncryption: - description: Configuration of etcd encryption. - $ref: '#/components/schemas/DatabaseEncryption' - desiredWorkloadIdentityConfig: - description: Configuration for Workload Identity. - $ref: '#/components/schemas/WorkloadIdentityConfig' - desiredMeshCertificates: + Configuration for the ConfigConnector add-on, a Kubernetes extension + to manage hosted Google Cloud services through the Kubernetes API. + $ref: '#/components/schemas/ConfigConnectorConfig' + statefulHaConfig: + description: Optional. Configuration for the StatefulHA add-on. + $ref: '#/components/schemas/StatefulHAConfig' + dnsCacheConfig: + description: Configuration for NodeLocalDNS, a dns cache running on cluster nodes + $ref: '#/components/schemas/DnsCacheConfig' + rayOperatorConfig: + description: Optional. Configuration for Ray Operator addon. + $ref: '#/components/schemas/RayOperatorConfig' + highScaleCheckpointingConfig: + $ref: '#/components/schemas/HighScaleCheckpointingConfig' + description: Configuration for the High Scale Checkpointing add-on. + kubernetesDashboard: description: >- - Configuration for issuance of mTLS keys and certificates to - Kubernetes pods. - $ref: '#/components/schemas/MeshCertificates' - desiredShieldedNodes: - description: Configuration for Shielded Nodes. - $ref: '#/components/schemas/ShieldedNodes' - desiredCostManagementConfig: + Configuration for the Kubernetes Dashboard. This addon is + deprecated, and will be disabled in 1.15. It is recommended to use + the Cloud Console to manage and monitor your Kubernetes clusters, + workloads and applications. For more information, see: + https://cloud.google.com/kubernetes-engine/docs/concepts/dashboards + deprecated: true + $ref: '#/components/schemas/KubernetesDashboard' + horizontalPodAutoscaling: + $ref: '#/components/schemas/HorizontalPodAutoscaling' description: >- - The desired configuration for the fine-grained cost management - feature. - $ref: '#/components/schemas/CostManagementConfig' - desiredDnsConfig: - description: DNSConfig contains clusterDNS config for this cluster. - $ref: '#/components/schemas/DNSConfig' - desiredNodePoolAutoscaling: + Configuration for the horizontal pod autoscaling feature, which + increases or decreases the number of replica pods a replication + controller has based on the resource usage of the existing pods. + cloudRunConfig: description: >- - Autoscaler configuration for the node pool specified in - desired_node_pool_id. If there is only one pool in the cluster and - desired_node_pool_id is not provided then the change applies to that - single node pool. - $ref: '#/components/schemas/NodePoolAutoscaling' - desiredLocations: + Configuration for the Cloud Run addon, which allows the user to use + a managed Knative service. + $ref: '#/components/schemas/CloudRunConfig' + parallelstoreCsiDriverConfig: + $ref: '#/components/schemas/ParallelstoreCsiDriverConfig' + description: Configuration for the Cloud Storage Parallelstore CSI driver. + gcsFuseCsiDriverConfig: + description: Configuration for the Cloud Storage Fuse CSI driver. + $ref: '#/components/schemas/GcsFuseCsiDriverConfig' + networkPolicyConfig: description: >- - The desired list of Google Compute Engine - [zones](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster's nodes should be located. This list must - always include the cluster's primary zone. Warning: changing cluster - locations will update the locations of all node pools and will - result in nodes being added and/or removed. - type: array - items: - type: string - desiredMasterAuthorizedNetworksConfig: + Configuration for NetworkPolicy. This only tracks whether the addon + is enabled or not on the Master, it does not track whether network + policy is enabled for the nodes. + $ref: '#/components/schemas/NetworkPolicyConfig' + gkeBackupAgentConfig: + description: Configuration for the Backup for GKE agent addon. + $ref: '#/components/schemas/GkeBackupAgentConfig' + type: object + id: AddonsConfig + Autopilot: + properties: + workloadPolicyConfig: description: >- - The desired configuration options for master authorized networks - feature. Deprecated: Use - desired_control_plane_endpoints_config.ip_endpoints_config.authorized_networks_config - instead. - deprecated: true - $ref: '#/components/schemas/MasterAuthorizedNetworksConfig' - desiredClusterAutoscaling: - description: Cluster-level autoscaling configuration. - $ref: '#/components/schemas/ClusterAutoscaling' - desiredBinaryAuthorization: + WorkloadPolicyConfig is the configuration related to GCW workload + policy + $ref: '#/components/schemas/WorkloadPolicyConfig' + privilegedAdmissionConfig: description: >- - The desired configuration options for the Binary Authorization - feature. - $ref: '#/components/schemas/BinaryAuthorization' - desiredLoggingService: + PrivilegedAdmissionConfig is the configuration related to privileged + admission control. + $ref: '#/components/schemas/PrivilegedAdmissionConfig' + enabled: + description: Enable Autopilot + type: boolean + type: object + id: Autopilot + description: Autopilot is the configuration for Autopilot settings on the cluster. + CancelOperationRequest: + properties: + operationId: description: >- - The logging service the cluster should use to write logs. Currently - available options: * `logging.googleapis.com/kubernetes` - The Cloud - Logging service with a Kubernetes-native resource model * - `logging.googleapis.com` - The legacy Cloud Logging service (no - longer available as of GKE 1.15). * `none` - no logs will be - exported from the cluster. If left as an empty - string,`logging.googleapis.com/kubernetes` will be used for GKE - 1.14+ or `logging.googleapis.com` for earlier versions. + Deprecated. The server-assigned `name` of the operation. This field + has been deprecated and replaced by the name field. type: string - desiredResourceUsageExportConfig: - description: The desired configuration for exporting resource usage. - $ref: '#/components/schemas/ResourceUsageExportConfig' - desiredVerticalPodAutoscaling: - description: Cluster-level Vertical Pod Autoscaling configuration. - $ref: '#/components/schemas/VerticalPodAutoscaling' - desiredPrivateClusterConfig: - description: >- - The desired private cluster configuration. - master_global_access_config is the only field that can be changed - via this field. See also - ClusterUpdate.desired_enable_private_endpoint for modifying other - fields within PrivateClusterConfig. Deprecated: Use - desired_control_plane_endpoints_config.ip_endpoints_config.global_access - instead. deprecated: true - $ref: '#/components/schemas/PrivateClusterConfig' - desiredIntraNodeVisibilityConfig: - description: The desired config of Intra-node visibility. - $ref: '#/components/schemas/IntraNodeVisibilityConfig' - desiredDefaultSnatStatus: + name: description: >- - The desired status of whether to disable default sNAT for this - cluster. - $ref: '#/components/schemas/DefaultSnatStatus' - desiredReleaseChannel: - description: The desired release channel configuration. - $ref: '#/components/schemas/ReleaseChannel' - desiredL4ilbSubsettingConfig: - description: The desired L4 Internal Load Balancer Subsetting configuration. - $ref: '#/components/schemas/ILBSubsettingConfig' - desiredDatapathProvider: - description: The desired datapath provider for the cluster. - type: string - enumDescriptions: - - Default value. - - Use the IPTables implementation based on kube-proxy. - - >- - Use the eBPF based GKE Dataplane V2 with additional features. See - the [GKE Dataplane V2 - documentation](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/how-to/dataplane-v2) - for more. - enum: - - DATAPATH_PROVIDER_UNSPECIFIED - - LEGACY_DATAPATH - - ADVANCED_DATAPATH - desiredPrivateIpv6GoogleAccess: - description: The desired state of IPv6 connectivity to Google Services. + The name (project, location, operation id) of the operation to + cancel. Specified in the format + `projects/*/locations/*/operations/*`. type: string - enumDescriptions: - - Default value. Same as DISABLED - - No private access to or from Google Services - - Enables private IPv6 access to Google Services from GKE - - Enables private IPv6 access to and from Google Services - enum: - - PRIVATE_IPV6_GOOGLE_ACCESS_UNSPECIFIED - - PRIVATE_IPV6_GOOGLE_ACCESS_DISABLED - - PRIVATE_IPV6_GOOGLE_ACCESS_TO_GOOGLE - - PRIVATE_IPV6_GOOGLE_ACCESS_BIDIRECTIONAL - desiredNotificationConfig: - description: The desired notification configuration. - $ref: '#/components/schemas/NotificationConfig' - desiredAuthenticatorGroupsConfig: - description: The desired authenticator groups config for the cluster. - $ref: '#/components/schemas/AuthenticatorGroupsConfig' - desiredLoggingConfig: - description: The desired logging configuration. - $ref: '#/components/schemas/LoggingConfig' - desiredMonitoringConfig: - description: The desired monitoring configuration. - $ref: '#/components/schemas/MonitoringConfig' - desiredIdentityServiceConfig: - description: The desired Identity Service component configuration. - $ref: '#/components/schemas/IdentityServiceConfig' - desiredServiceExternalIpsConfig: + zone: description: >- - ServiceExternalIPsConfig specifies the config for the use of - Services with ExternalIPs field. - $ref: '#/components/schemas/ServiceExternalIPsConfig' - desiredEnablePrivateEndpoint: + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the operation resides. This field has been deprecated and + replaced by the name field. + type: string + deprecated: true + projectId: description: >- - Enable/Disable private endpoint for the cluster's master. - Deprecated: Use - desired_control_plane_endpoints_config.ip_endpoints_config.enable_public_endpoint - instead. Note that the value of enable_public_endpoint is reversed: - if enable_private_endpoint is false, then enable_public_endpoint - will be true. + Deprecated. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + This field has been deprecated and replaced by the name field. + type: string + deprecated: true + id: CancelOperationRequest + description: CancelOperationRequest cancels a single operation. + type: object + CreateNodePoolRequest: + type: object + description: CreateNodePoolRequest creates a node pool for a cluster. + properties: + zone: + type: string deprecated: true - type: boolean - desiredDefaultEnablePrivateNodes: description: >- - Override the default setting of whether future created nodes have - private IP addresses only, namely - NetworkConfig.default_enable_private_nodes - type: boolean - desiredControlPlaneEndpointsConfig: - description: Control plane endpoints configuration. - $ref: '#/components/schemas/ControlPlaneEndpointsConfig' - desiredMasterVersion: + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and + replaced by the parent field. + nodePool: + description: Required. The node pool to create. + $ref: '#/components/schemas/NodePool' + clusterId: description: >- - The Kubernetes version to change the master to. Users may specify - either explicit versions offered by Kubernetes Engine or version - aliases, which have the following behavior: - "latest": picks the - highest valid Kubernetes version - "1.X": picks the highest valid - patch+gke.N patch in the 1.X version - "1.X.Y": picks the highest - valid gke.N patch in the 1.X.Y version - "1.X.Y-gke.N": picks an - explicit Kubernetes version - "-": picks the default Kubernetes - version + Deprecated. The name of the cluster. This field has been deprecated + and replaced by the parent field. + deprecated: true type: string - desiredParentProductConfig: - description: The desired parent product config for the cluster. - $ref: '#/components/schemas/ParentProductConfig' - desiredGcfsConfig: - description: The desired GCFS config for the cluster - $ref: '#/components/schemas/GcfsConfig' - desiredNodePoolAutoConfigNetworkTags: + parent: description: >- - The desired network tags that apply to all auto-provisioned node - pools in autopilot clusters and node auto-provisioning enabled - clusters. - $ref: '#/components/schemas/NetworkTags' - desiredPodAutoscaling: - description: The desired config for pod autoscaling. - $ref: '#/components/schemas/PodAutoscaling' - desiredGatewayApiConfig: - description: The desired config of Gateway API on this cluster. - $ref: '#/components/schemas/GatewayAPIConfig' - etag: + The parent (project, location, cluster name) where the node pool + will be created. Specified in the format + `projects/*/locations/*/clusters/*`. + type: string + projectId: description: >- - The current etag of the cluster. If an etag is provided and does not - match the current etag of the cluster, update will be blocked and an - ABORTED error will be returned. + Deprecated. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + This field has been deprecated and replaced by the parent field. + type: string + deprecated: true + id: CreateNodePoolRequest + PdbBlockedPod: + type: object + id: PdbBlockedPod + properties: + name: + description: The name of the pod. + type: string + namespace: + description: The namespace of the pod. + type: string + description: The namespace/name of the pod whose eviction is blocked by PDB. + BigQueryDestination: + properties: + datasetId: + type: string + description: The ID of a BigQuery Dataset. + type: object + id: BigQueryDestination + description: >- + Parameters for using BigQuery as the destination of resource usage + export. + UserManagedKeysConfig: + description: >- + UserManagedKeysConfig holds the resource address to Keys which are used + for signing certs and token that are used for communication within + cluster. + id: UserManagedKeysConfig + type: object + properties: + etcdApiCa: type: string - desiredNodePoolLoggingConfig: description: >- - The desired node pool logging configuration defaults for the - cluster. - $ref: '#/components/schemas/NodePoolLoggingConfig' - desiredFleet: - description: The desired fleet configuration for the cluster. - $ref: '#/components/schemas/Fleet' - desiredStackType: + Resource path of the Certificate Authority Service caPool to use for + the etcd API CA in this cluster. + controlPlaneDiskEncryptionKeyVersions: + readOnly: true description: >- - The desired stack type of the cluster. If a stack type is provided - and does not match the current stack type of the cluster, update - will attempt to change the stack type to the new type. + Output only. All of the versions of the Cloud KMS cryptoKey that are + used by Confidential Hyperdisks on the control plane nodes. + items: + type: string + type: array + aggregationCa: + description: >- + The Certificate Authority Service caPool to use for the aggregation + CA in this cluster. + type: string + gkeopsEtcdBackupEncryptionKey: type: string - enumDescriptions: - - Default value, will be defaulted as IPV4 only - - Cluster is IPV4 only - - Cluster can use both IPv4 and IPv6 - enum: - - STACK_TYPE_UNSPECIFIED - - IPV4 - - IPV4_IPV6 - additionalPodRangesConfig: description: >- - The additional pod ranges to be added to the cluster. These pod - ranges can be used by node pools to allocate pod IPs. - $ref: '#/components/schemas/AdditionalPodRangesConfig' - removedAdditionalPodRangesConfig: + Resource path of the Cloud KMS cryptoKey to use for encryption of + internal etcd backups. + controlPlaneDiskEncryptionKey: description: >- - The additional pod ranges that are to be removed from the cluster. - The pod ranges specified here must have been specified earlier in - the 'additional_pod_ranges_config' argument. - $ref: '#/components/schemas/AdditionalPodRangesConfig' - enableK8sBetaApis: + The Cloud KMS cryptoKey to use for Confidential Hyperdisk on the + control plane nodes. + type: string + serviceAccountSigningKeys: description: >- - Kubernetes open source beta apis enabled on the cluster. Only beta - apis - $ref: '#/components/schemas/K8sBetaAPIConfig' - desiredSecurityPostureConfig: - description: Enable/Disable Security Posture API features for the cluster. - $ref: '#/components/schemas/SecurityPostureConfig' - desiredNetworkPerformanceConfig: - description: The desired network performance config. - $ref: '#/components/schemas/ClusterNetworkPerformanceConfig' - desiredEnableFqdnNetworkPolicy: - description: Enable/Disable FQDN Network Policy for the cluster. - type: boolean - desiredAutopilotWorkloadPolicyConfig: + The Cloud KMS cryptoKeyVersions to use for signing service account + JWTs issued by this cluster. Format: + `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{cryptoKey}/cryptoKeyVersions/{cryptoKeyVersion}` + items: + type: string + type: array + etcdPeerCa: description: >- - WorkloadPolicyConfig is the configuration related to GCW workload - policy - $ref: '#/components/schemas/WorkloadPolicyConfig' - desiredK8sBetaApis: - description: Desired Beta APIs to be enabled for cluster. - $ref: '#/components/schemas/K8sBetaAPIConfig' - desiredContainerdConfig: - description: The desired containerd config for the cluster. - $ref: '#/components/schemas/ContainerdConfig' - desiredEnableMultiNetworking: - description: Enable/Disable Multi-Networking for the cluster - type: boolean - desiredNodePoolAutoConfigResourceManagerTags: + Resource path of the Certificate Authority Service caPool to use for + the etcd peer CA in this cluster. + type: string + serviceAccountVerificationKeys: + items: + type: string description: >- - The desired resource manager tags that apply to all auto-provisioned - node pools in autopilot clusters and node auto-provisioning enabled - clusters. - $ref: '#/components/schemas/ResourceManagerTags' - desiredInTransitEncryptionConfig: - description: Specify the details of in-transit encryption. + The Cloud KMS cryptoKeyVersions to use for verifying service account + JWTs issued by this cluster. Format: + `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{cryptoKey}/cryptoKeyVersions/{cryptoKeyVersion}` + type: array + clusterCa: + description: >- + The Certificate Authority Service caPool to use for the cluster CA + in this cluster. type: string - enumDescriptions: - - >- - Unspecified, will be inferred as default - - IN_TRANSIT_ENCRYPTION_UNSPECIFIED. - - In-transit encryption is disabled. - - >- - Data in-transit is encrypted using inter-node transparent - encryption. - enum: - - IN_TRANSIT_ENCRYPTION_CONFIG_UNSPECIFIED - - IN_TRANSIT_ENCRYPTION_DISABLED - - IN_TRANSIT_ENCRYPTION_INTER_NODE_TRANSPARENT - desiredEnableCiliumClusterwideNetworkPolicy: - description: Enable/Disable Cilium Clusterwide Network Policy for the cluster. + SecurityBulletinEvent: + description: >- + SecurityBulletinEvent is a notification sent to customers when a + security bulletin has been posted that they are vulnerable to. + id: SecurityBulletinEvent + properties: + severity: + type: string + description: The severity of this bulletin as it relates to GKE. + manualStepsRequired: type: boolean - desiredSecretManagerConfig: - description: Enable/Disable Secret Manager Config. - $ref: '#/components/schemas/SecretManagerConfig' - desiredCompliancePostureConfig: - description: Enable/Disable Compliance Posture features for the cluster. - $ref: '#/components/schemas/CompliancePostureConfig' - desiredNodeKubeletConfig: - description: The desired node kubelet config for the cluster. - $ref: '#/components/schemas/NodeKubeletConfig' - desiredNodePoolAutoConfigKubeletConfig: description: >- - The desired node kubelet config for all auto-provisioned node pools - in autopilot clusters and node auto-provisioning enabled clusters. - $ref: '#/components/schemas/NodeKubeletConfig' - userManagedKeysConfig: + If this field is specified, it means there are manual steps that the + user must take to make their clusters safe. + patchedVersions: + items: + type: string + description: The GKE versions where this vulnerability is patched. + type: array + briefDescription: + type: string description: >- - The Custom keys configuration for the cluster. This field is - deprecated. Use ClusterUpdate.desired_user_managed_keys_config - instead. - deprecated: true - $ref: '#/components/schemas/UserManagedKeysConfig' - desiredRbacBindingConfig: + A brief description of the bulletin. See the bulletin pointed to by + the bulletin_uri field for an expanded description. + bulletinUri: + description: The URI link to the bulletin on the website for more information. + type: string + mitigatedVersions: + type: array + items: + type: string + description: The GKE versions where this vulnerability is mitigated. + cveIds: + type: array + items: + type: string + description: The CVEs associated with this bulletin. + affectedSupportedMinors: + items: + type: string + type: array + description: The GKE minor versions affected by this vulnerability. + suggestedUpgradeTarget: description: >- - RBACBindingConfig allows user to restrict ClusterRoleBindings an - RoleBindings that can be created. - $ref: '#/components/schemas/RBACBindingConfig' - desiredAdditionalIpRangesConfig: + This represents a version selected from the patched_versions field + that the cluster receiving this notification should most likely want + to upgrade to based on its current version. Note that if this + notification is being received by a given cluster, it means that + this version is currently available as an upgrade target in that + cluster's location. + type: string + bulletinId: + type: string + description: The ID of the bulletin corresponding to the vulnerability. + resourceTypeAffected: description: >- - The desired config for additional subnetworks attached to the - cluster. - $ref: '#/components/schemas/DesiredAdditionalIPRangesConfig' - desiredEnterpriseConfig: - description: The desired enterprise configuration for the cluster. - $ref: '#/components/schemas/DesiredEnterpriseConfig' - desiredAutoIpamConfig: - description: AutoIpamConfig contains all information related to Auto IPAM - $ref: '#/components/schemas/AutoIpamConfig' - desiredDisableL4LbFirewallReconciliation: - description: Enable/Disable L4 LB VPC firewall reconciliation for the cluster. - type: boolean - desiredNodePoolAutoConfigLinuxNodeConfig: + The resource type (node/control plane) that has the vulnerability. + Multiple notifications (1 notification per resource type) will be + sent for a vulnerability that affects > 1 resource type. + type: string + type: object + AdditionalIPRangesConfig: + properties: + podIpv4RangeNames: + items: + type: string + type: array description: >- - The desired Linux node config for all auto-provisioned node pools in - autopilot clusters and node auto-provisioning enabled clusters. - Currently only `cgroup_mode` can be set here. - $ref: '#/components/schemas/LinuxNodeConfig' - desiredUserManagedKeysConfig: - description: The desired user managed keys config for the cluster. - $ref: '#/components/schemas/UserManagedKeysConfig' - desiredAnonymousAuthenticationConfig: + List of secondary ranges names within this subnetwork that can be + used for pod IPs. Example1: gke-pod-range1 Example2: + gke-pod-range1,gke-pod-range2 + subnetwork: description: >- - Configuration for limiting anonymous access to all endpoints except - the health checks. - $ref: '#/components/schemas/AnonymousAuthenticationConfig' - gkeAutoUpgradeConfig: - description: Configuration for GKE auto upgrade. - $ref: '#/components/schemas/GkeAutoUpgradeConfig' - desiredNetworkTierConfig: - description: The desired network tier configuration for the cluster. - $ref: '#/components/schemas/NetworkTierConfig' - IntraNodeVisibilityConfig: - id: IntraNodeVisibilityConfig + Name of the subnetwork. This can be the full path of the subnetwork + or just the name. Example1: my-subnet Example2: + projects/gke-project/regions/us-central1/subnetworks/my-subnet + type: string description: >- - IntraNodeVisibilityConfig contains the desired config of the intra-node - visibility on this cluster. + AdditionalIPRangesConfig is the configuration for individual additional + subnetwork attached to the cluster + id: AdditionalIPRangesConfig + type: object + CompleteNodePoolUpgradeRequest: + properties: {} type: object - properties: - enabled: - description: Enables intra node visibility for this cluster. - type: boolean - ILBSubsettingConfig: - id: ILBSubsettingConfig description: >- - ILBSubsettingConfig contains the desired config of L4 Internal - LoadBalancer subsetting on this cluster. + CompleteNodePoolUpgradeRequest sets the name of target node pool to + complete upgrade. + id: CompleteNodePoolUpgradeRequest + GPUSharingConfig: + type: object + description: >- + GPUSharingConfig represents the GPU sharing configuration for Hardware + Accelerators. + properties: + gpuSharingStrategy: + type: string + enum: + - GPU_SHARING_STRATEGY_UNSPECIFIED + - TIME_SHARING + - MPS + description: The type of GPU sharing strategy to enable on the GPU node. + enumDescriptions: + - Default value. + - GPUs are time-shared between containers. + - GPUs are shared between containers with NVIDIA MPS. + maxSharedClientsPerGpu: + format: int64 + type: string + description: The max number of containers that can share a physical GPU. + id: GPUSharingConfig + ConsumptionMeteringConfig: + description: Parameters for controlling consumption metering. + id: ConsumptionMeteringConfig type: object properties: enabled: - description: Enables l4 ILB subsetting for this cluster. type: boolean - DesiredAdditionalIPRangesConfig: - id: DesiredAdditionalIPRangesConfig + description: >- + Whether to enable consumption metering for this cluster. If enabled, + a second BigQuery table will be created to hold resource consumption + records. + LinuxNodeConfig: + properties: + transparentHugepageDefrag: + type: string + enumDescriptions: + - Default value. GKE will not modify the kernel configuration. + - >- + It means that an application requesting THP will stall on + allocation failure and directly reclaim pages and compact memory + in an effort to allocate a THP immediately. + - >- + It means that an application will wake kswapd in the background to + reclaim pages and wake kcompactd to compact memory so that THP is + available in the near future. It's the responsibility of + khugepaged to then install the THP pages later. + - >- + It means that an application will enter direct reclaim and + compaction like always, but only for regions that have used + madvise(MADV_HUGEPAGE); all other regions will wake kswapd in the + background to reclaim pages and wake kcompactd to compact memory + so that THP is available in the near future. + - >- + It means that an application will enter direct reclaim like always + but only for regions that are have used madvise(MADV_HUGEPAGE). + This is the default kernel configuration. + - >- + It means that an application will never enter direct reclaim or + compaction. + description: >- + Optional. Defines the transparent hugepage defrag configuration on + the node. VM hugepage allocation can be managed by either limiting + defragmentation for delayed allocation or skipping it entirely for + immediate allocation only. See + https://docs.kernel.org/admin-guide/mm/transhuge.html for more + details. + enum: + - TRANSPARENT_HUGEPAGE_DEFRAG_UNSPECIFIED + - TRANSPARENT_HUGEPAGE_DEFRAG_ALWAYS + - TRANSPARENT_HUGEPAGE_DEFRAG_DEFER + - TRANSPARENT_HUGEPAGE_DEFRAG_DEFER_WITH_MADVISE + - TRANSPARENT_HUGEPAGE_DEFRAG_MADVISE + - TRANSPARENT_HUGEPAGE_DEFRAG_NEVER + cgroupMode: + enum: + - CGROUP_MODE_UNSPECIFIED + - CGROUP_MODE_V1 + - CGROUP_MODE_V2 + type: string + enumDescriptions: + - >- + CGROUP_MODE_UNSPECIFIED is when unspecified cgroup configuration + is used. The default for the GKE node OS image will be used. + - >- + CGROUP_MODE_V1 specifies to use cgroupv1 for the cgroup + configuration on the node image. + - >- + CGROUP_MODE_V2 specifies to use cgroupv2 for the cgroup + configuration on the node image. + description: cgroup_mode specifies the cgroup mode to be used on the node. + hugepages: + $ref: '#/components/schemas/HugepagesConfig' + description: Optional. Amounts for 2M and 1G hugepages + sysctls: + type: object + description: >- + The Linux kernel parameters to be applied to the nodes and all pods + running on the nodes. The following parameters are supported. + net.core.busy_poll net.core.busy_read net.core.netdev_max_backlog + net.core.rmem_max net.core.rmem_default net.core.wmem_default + net.core.wmem_max net.core.optmem_max net.core.somaxconn + net.ipv4.tcp_rmem net.ipv4.tcp_wmem net.ipv4.tcp_tw_reuse + net.ipv4.tcp_mtu_probing net.ipv4.tcp_max_orphans + net.ipv4.tcp_max_tw_buckets net.ipv4.tcp_syn_retries + net.ipv4.tcp_ecn net.ipv4.tcp_congestion_control + net.netfilter.nf_conntrack_max net.netfilter.nf_conntrack_buckets + net.netfilter.nf_conntrack_tcp_timeout_close_wait + net.netfilter.nf_conntrack_tcp_timeout_time_wait + net.netfilter.nf_conntrack_tcp_timeout_established + net.netfilter.nf_conntrack_acct kernel.shmmni kernel.shmmax + kernel.shmall kernel.perf_event_paranoid kernel.sched_rt_runtime_us + kernel.softlockup_panic kernel.yama.ptrace_scope + kernel.kptr_restrict kernel.dmesg_restrict kernel.sysrq + fs.aio-max-nr fs.file-max fs.inotify.max_user_instances + fs.inotify.max_user_watches fs.nr_open vm.dirty_background_ratio + vm.dirty_background_bytes vm.dirty_expire_centisecs vm.dirty_ratio + vm.dirty_bytes vm.dirty_writeback_centisecs vm.max_map_count + vm.overcommit_memory vm.overcommit_ratio vm.vfs_cache_pressure + vm.swappiness vm.watermark_scale_factor vm.min_free_kbytes + additionalProperties: + type: string + transparentHugepageEnabled: + enum: + - TRANSPARENT_HUGEPAGE_ENABLED_UNSPECIFIED + - TRANSPARENT_HUGEPAGE_ENABLED_ALWAYS + - TRANSPARENT_HUGEPAGE_ENABLED_MADVISE + - TRANSPARENT_HUGEPAGE_ENABLED_NEVER + description: >- + Optional. Transparent hugepage support for anonymous memory can be + entirely disabled (mostly for debugging purposes) or only enabled + inside MADV_HUGEPAGE regions (to avoid the risk of consuming more + memory resources) or enabled system wide. See + https://docs.kernel.org/admin-guide/mm/transhuge.html for more + details. + enumDescriptions: + - Default value. GKE will not modify the kernel configuration. + - >- + Transparent hugepage support for anonymous memory is enabled + system wide. + - >- + Transparent hugepage support for anonymous memory is enabled + inside MADV_HUGEPAGE regions. This is the default kernel + configuration. + - Transparent hugepage support for anonymous memory is disabled. + type: string + nodeKernelModuleLoading: + $ref: '#/components/schemas/NodeKernelModuleLoading' + description: >- + Optional. Configuration for kernel module loading on nodes. When + enabled, the node pool will be provisioned with a + Container-Optimized OS image that enforces kernel module signature + verification. + type: object + id: LinuxNodeConfig + description: Parameters that can be configured on Linux nodes. + AutoscaledRolloutPolicy: description: >- - DesiredAdditionalIPRangesConfig is a wrapper used for cluster update - operation and contains multiple AdditionalIPRangesConfigs. + Autoscaled rollout policy utilizes the cluster autoscaler during + blue-green upgrade to scale both the blue and green pools. type: object + id: AutoscaledRolloutPolicy properties: - additionalIpRangesConfigs: + waitForDrainDuration: + type: string description: >- - List of additional IP ranges configs where each - AdditionalIPRangesConfig corresponds to one subnetwork's IP ranges - type: array - items: - $ref: '#/components/schemas/AdditionalIPRangesConfig' - DesiredEnterpriseConfig: - id: DesiredEnterpriseConfig - description: >- - DesiredEnterpriseConfig is a wrapper used for updating - enterprise_config. + Optional. Time to wait after cordoning the blue pool before draining + the nodes. Defaults to 3 days. The value can be set between 0 and 7 + days, inclusive. + format: google-duration + SecurityPostureConfig: type: object + id: SecurityPostureConfig properties: - desiredTier: - description: desired_tier specifies the desired tier of the cluster. + vulnerabilityMode: + description: Sets which mode to use for vulnerability scanning. + enumDescriptions: + - Default value not specified. + - Disables vulnerability scanning on the cluster. + - Applies basic vulnerability scanning on the cluster. + - >- + Applies the Security Posture's vulnerability on cluster Enterprise + level features. + enum: + - VULNERABILITY_MODE_UNSPECIFIED + - VULNERABILITY_DISABLED + - VULNERABILITY_BASIC + - VULNERABILITY_ENTERPRISE + type: string + mode: type: string enumDescriptions: - - CLUSTER_TIER_UNSPECIFIED is when cluster_tier is not set. - - STANDARD indicates a standard GKE cluster. - - ENTERPRISE indicates a GKE Enterprise cluster. + - Default value not specified. + - Disables Security Posture features on the cluster. + - Applies Security Posture features on the cluster. + - >- + Applies the Security Posture off cluster Enterprise level + features. enum: - - CLUSTER_TIER_UNSPECIFIED - - STANDARD + - MODE_UNSPECIFIED + - DISABLED + - BASIC - ENTERPRISE - UpdateNodePoolRequest: - id: UpdateNodePoolRequest - description: UpdateNodePoolRequests update a node pool's image and/or version. + description: Sets which mode to use for Security Posture features. + description: >- + SecurityPostureConfig defines the flags needed to enable/disable + features for the Security Posture API. + Empty: + properties: {} + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + UpdateMasterRequest: + description: UpdateMasterRequest updates the master of the cluster. + id: UpdateMasterRequest type: object properties: - projectId: - description: >- - Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - This field has been deprecated and replaced by the name field. - deprecated: true - type: string - zone: - description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the name field. - deprecated: true - type: string clusterId: description: >- Deprecated. The name of the cluster to upgrade. This field has been deprecated and replaced by the name field. - deprecated: true type: string - nodePoolId: - description: >- - Deprecated. The name of the node pool to upgrade. This field has - been deprecated and replaced by the name field. deprecated: true + zone: type: string - nodeVersion: - description: >- - Required. The Kubernetes version to change the nodes to (typically - an upgrade). Users may specify either explicit versions offered by - Kubernetes Engine or version aliases, which have the following - behavior: - "latest": picks the highest valid Kubernetes version - - "1.X": picks the highest valid patch+gke.N patch in the 1.X version - - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version - - "1.X.Y-gke.N": picks an explicit Kubernetes version - "-": picks - the Kubernetes master version - type: string - imageType: + deprecated: true description: >- - Required. The desired image type for the node pool. Please see - https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/concepts/node-images - for available image types. - type: string + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and + replaced by the name field. name: - description: >- - The name (project, location, cluster, node pool) of the node pool to - update. Specified in the format - `projects/*/locations/*/clusters/*/nodePools/*`. - type: string - locations: - description: >- - The desired list of Google Compute Engine - [zones](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the node pool's nodes should be located. Changing the - locations for a node pool will result in nodes being either created - or removed from the node pool, depending on whether locations are - being added or removed. - type: array - items: - type: string - workloadMetadataConfig: - description: The desired workload metadata config for the node pool. - $ref: '#/components/schemas/WorkloadMetadataConfig' - upgradeSettings: - description: Upgrade settings control disruption and speed of the upgrade. - $ref: '#/components/schemas/UpgradeSettings' - tags: - description: >- - The desired network tags to be applied to all nodes in the node - pool. If this field is not present, the tags will not be changed. - Otherwise, the existing network tags will be *replaced* with the - provided tags. - $ref: '#/components/schemas/NetworkTags' - taints: - description: >- - The desired node taints to be applied to all nodes in the node pool. - If this field is not present, the taints will not be changed. - Otherwise, the existing node taints will be *replaced* with the - provided taints. - $ref: '#/components/schemas/NodeTaints' - labels: - description: >- - The desired node labels to be applied to all nodes in the node pool. - If this field is not present, the labels will not be changed. - Otherwise, the existing node labels will be *replaced* with the - provided labels. - $ref: '#/components/schemas/NodeLabels' - linuxNodeConfig: - description: Parameters that can be configured on Linux nodes. - $ref: '#/components/schemas/LinuxNodeConfig' - kubeletConfig: - description: Node kubelet configs. - $ref: '#/components/schemas/NodeKubeletConfig' - nodeNetworkConfig: - description: Node network config. - $ref: '#/components/schemas/NodeNetworkConfig' - gcfsConfig: - description: GCFS config. - $ref: '#/components/schemas/GcfsConfig' - confidentialNodes: - description: >- - Confidential nodes config. All the nodes in the node pool will be - Confidential VM once enabled. - $ref: '#/components/schemas/ConfidentialNodes' - gvnic: - description: Enable or disable gvnic on the node pool. - $ref: '#/components/schemas/VirtualNIC' - etag: - description: >- - The current etag of the node pool. If an etag is provided and does - not match the current etag of the node pool, update will be blocked - and an ABORTED error will be returned. - type: string - fastSocket: - description: Enable or disable NCCL fast socket for the node pool. - $ref: '#/components/schemas/FastSocket' - loggingConfig: - description: Logging configuration. - $ref: '#/components/schemas/NodePoolLoggingConfig' - resourceLabels: - description: >- - The resource labels for the node pool to use to annotate any related - Google Compute Engine resources. - $ref: '#/components/schemas/ResourceLabels' - windowsNodeConfig: - description: Parameters that can be configured on Windows nodes. - $ref: '#/components/schemas/WindowsNodeConfig' - accelerators: - description: >- - A list of hardware accelerators to be attached to each node. See - https://{$universe.dns_names.final_documentation_domain}/compute/docs/gpus - for more information about support for GPUs. - type: array - items: - $ref: '#/components/schemas/AcceleratorConfig' - machineType: - description: >- - Optional. The desired [Google Compute Engine machine - type](https://{$universe.dns_names.final_documentation_domain}/compute/docs/machine-types) - for nodes in the node pool. Initiates an upgrade operation that - migrates the nodes in the node pool to the specified machine type. type: string - diskType: description: >- - Optional. The desired disk type (e.g. 'pd-standard', 'pd-ssd' or - 'pd-balanced') for nodes in the node pool. Initiates an upgrade - operation that migrates the nodes in the node pool to the specified - disk type. - type: string - diskSizeGb: + The name (project, location, cluster) of the cluster to update. + Specified in the format `projects/*/locations/*/clusters/*`. + projectId: + deprecated: true description: >- - Optional. The desired disk size for nodes in the node pool specified - in GB. The smallest allowed disk size is 10GB. Initiates an upgrade - operation that migrates the nodes in the node pool to the specified - disk size. + Deprecated. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + This field has been deprecated and replaced by the name field. type: string - format: int64 - resourceManagerTags: - description: >- - Desired resource manager tag keys and values to be attached to the - nodes for managing Compute Engine firewalls using Network Firewall - Policies. Existing tags will be replaced with new values. - $ref: '#/components/schemas/ResourceManagerTags' - containerdConfig: - description: >- - The desired containerd config for nodes in the node pool. Initiates - an upgrade operation that recreates the nodes with the new config. - $ref: '#/components/schemas/ContainerdConfig' - queuedProvisioning: - description: Specifies the configuration of queued provisioning. - $ref: '#/components/schemas/QueuedProvisioning' - storagePools: - description: >- - List of Storage Pools where boot disks are provisioned. Existing - Storage Pools will be replaced with storage-pools. - type: array - items: - type: string - maxRunDuration: - description: >- - The maximum duration for the nodes to exist. If unspecified, the - nodes can exist indefinitely. + masterVersion: type: string - format: google-duration - flexStart: - description: Flex Start flag for enabling Flex Start VM. - type: boolean - bootDisk: description: >- - The desired boot disk config for nodes in the node pool. Initiates - an upgrade operation that migrates the nodes in the node pool to the - specified boot disk config. - $ref: '#/components/schemas/BootDisk' - NodeTaints: - id: NodeTaints - description: >- - Collection of Kubernetes [node - taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration). - type: object - properties: - taints: - description: List of node taints. - type: array - items: - $ref: '#/components/schemas/NodeTaint' - NodeLabels: - id: NodeLabels - description: >- - Collection of node-level [Kubernetes - labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels). - type: object - properties: - labels: - description: Map of node label keys and node label values. - type: object - additionalProperties: - type: string - ResourceLabels: - id: ResourceLabels - description: >- - Collection of [GCP - labels](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-labels). - type: object - properties: - labels: - description: Map of node label keys and node label values. - type: object - additionalProperties: - type: string - SetNodePoolAutoscalingRequest: - id: SetNodePoolAutoscalingRequest + Required. The Kubernetes version to change the master to. Users may + specify either explicit versions offered by Kubernetes Engine or + version aliases, which have the following behavior: - "latest": + picks the highest valid Kubernetes version - "1.X": picks the + highest valid patch+gke.N patch in the 1.X version - "1.X.Y": picks + the highest valid gke.N patch in the 1.X.Y version - "1.X.Y-gke.N": + picks an explicit Kubernetes version - "-": picks the default + Kubernetes version + QueuedProvisioning: description: >- - SetNodePoolAutoscalingRequest sets the autoscaler settings of a node + QueuedProvisioning defines the queued provisioning used by the node pool. type: object + id: QueuedProvisioning properties: - projectId: + enabled: description: >- - Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - This field has been deprecated and replaced by the name field. - deprecated: true + Denotes that this nodepool is QRM specific, meaning nodes can be + only obtained through queuing via the Cluster Autoscaler + ProvisioningRequest API. + type: boolean + SecretManagerConfig: + id: SecretManagerConfig + type: object + properties: + enabled: + description: Enable/Disable Secret Manager Config. + type: boolean + rotationConfig: + $ref: '#/components/schemas/RotationConfig' + description: Rotation config for secret manager. + description: SecretManagerConfig is config for secret manager enablement. + Operation: + type: object + description: >- + This operation resource represents operations that may have happened or + are happening on the cluster. All fields are output only. + id: Operation + properties: + name: + readOnly: true + description: Output only. The server-assigned ID for the operation. type: string - zone: + selfLink: description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the name field. - deprecated: true + Output only. Server-defined URI for the operation. Example: + `https://container.googleapis.com/v1alpha1/projects/123/locations/us-central1/operations/operation-123`. + readOnly: true type: string - clusterId: + progress: + readOnly: true + $ref: '#/components/schemas/OperationProgress' + description: Output only. Progress information for an operation. + location: + readOnly: true description: >- - Deprecated. The name of the cluster to upgrade. This field has been - deprecated and replaced by the name field. - deprecated: true + Output only. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available) + or + [region](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available) + in which the cluster resides. type: string - nodePoolId: + endTime: description: >- - Deprecated. The name of the node pool to upgrade. This field has - been deprecated and replaced by the name field. - deprecated: true + Output only. The time the operation completed, in + [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. type: string - autoscaling: - description: Required. Autoscaling configuration for the node pool. - $ref: '#/components/schemas/NodePoolAutoscaling' - name: - description: >- - The name (project, location, cluster, node pool) of the node pool to - set autoscaler settings. Specified in the format - `projects/*/locations/*/clusters/*/nodePools/*`. + readOnly: true + status: + readOnly: true + enum: + - STATUS_UNSPECIFIED + - PENDING + - RUNNING + - DONE + - ABORTING + enumDescriptions: + - Not set. + - The operation has been created. + - The operation is currently running. + - The operation is done, either cancelled or completed. + - The operation is aborting. + description: Output only. The current status of the operation. type: string - SetLoggingServiceRequest: - id: SetLoggingServiceRequest - description: SetLoggingServiceRequest sets the logging service of a cluster. - type: object - properties: - projectId: - description: >- - Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - This field has been deprecated and replaced by the name field. + clusterConditions: deprecated: true + items: + $ref: '#/components/schemas/StatusCondition' + type: array + description: >- + Which conditions caused the current cluster state. Deprecated. Use + field error instead. + statusMessage: + readOnly: true type: string + deprecated: true + description: >- + Output only. If an error has occurred, a textual description of the + error. Deprecated. Use the field error instead. zone: description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the name field. + Output only. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the operation is taking place. This field is deprecated, use + location instead. deprecated: true + readOnly: true type: string - clusterId: - description: >- - Deprecated. The name of the cluster to upgrade. This field has been - deprecated and replaced by the name field. + error: + description: The error result of the operation in case of failure. + $ref: '#/components/schemas/Status' + nodepoolConditions: deprecated: true - type: string - loggingService: description: >- - Required. The logging service the cluster should use to write logs. - Currently available options: * `logging.googleapis.com/kubernetes` - - The Cloud Logging service with a Kubernetes-native resource model * - `logging.googleapis.com` - The legacy Cloud Logging service (no - longer available as of GKE 1.15). * `none` - no logs will be - exported from the cluster. If left as an empty - string,`logging.googleapis.com/kubernetes` will be used for GKE - 1.14+ or `logging.googleapis.com` for earlier versions. + Which conditions caused the current node pool state. Deprecated. Use + field error instead. + type: array + items: + $ref: '#/components/schemas/StatusCondition' + operationType: + type: string + enumDeprecated: + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - true + - true + - true + - false + - true + - true + - false + - false + description: Output only. The operation type. + enum: + - TYPE_UNSPECIFIED + - CREATE_CLUSTER + - DELETE_CLUSTER + - UPGRADE_MASTER + - UPGRADE_NODES + - REPAIR_CLUSTER + - UPDATE_CLUSTER + - CREATE_NODE_POOL + - DELETE_NODE_POOL + - SET_NODE_POOL_MANAGEMENT + - AUTO_REPAIR_NODES + - AUTO_UPGRADE_NODES + - SET_LABELS + - SET_MASTER_AUTH + - SET_NODE_POOL_SIZE + - SET_NETWORK_POLICY + - SET_MAINTENANCE_POLICY + - RESIZE_CLUSTER + - FLEET_FEATURE_UPGRADE + readOnly: true + enumDescriptions: + - Not set. + - >- + The cluster is being created. The cluster should be assumed to be + unusable until the operation finishes. In the event of the + operation failing, the cluster will enter the ERROR state and + eventually be deleted. + - >- + The cluster is being deleted. The cluster should be assumed to be + unusable as soon as this operation starts. In the event of the + operation failing, the cluster will enter the ERROR state and the + deletion will be automatically retried until completed. + - >- + The cluster version is being updated. Note that this includes + "upgrades" to the same version, which are simply a recreation. + This also includes + [auto-upgrades](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-upgrades#upgrading_automatically). + For more details, see [documentation on cluster + upgrades](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-upgrades#cluster_upgrades). + - >- + A node pool is being updated. Despite calling this an "upgrade", + this includes most forms of updates to node pools. This also + includes + [auto-upgrades](https://cloud.google.com/kubernetes-engine/docs/how-to/node-auto-upgrades). + This operation sets the progress field and may be canceled. The + upgrade strategy depends on [node pool + configuration](https://cloud.google.com/kubernetes-engine/docs/concepts/node-pool-upgrade-strategies). + The nodes are generally still usable during this operation. + - >- + A problem has been detected with the control plane and is being + repaired. This operation type is initiated by GKE. For more + details, see [documentation on + repairs](https://cloud.google.com/kubernetes-engine/docs/concepts/maintenance-windows-and-exclusions#repairs). + - >- + The cluster is being updated. This is a broad category of + operations and includes operations that only change metadata as + well as those that must recreate the entire cluster. If the + control plane must be recreated, this will cause temporary + downtime for zonal clusters. Some features require recreating the + nodes as well. Those will be recreated as separate operations and + the update may not be completely functional until the node pools + recreations finish. Node recreations will generally follow + [maintenance + policies](https://cloud.google.com/kubernetes-engine/docs/concepts/maintenance-windows-and-exclusions). + Some GKE-initiated operations use this type. This includes certain + types of auto-upgrades and incident mitigations. + - >- + A node pool is being created. The node pool should be assumed to + be unusable until this operation finishes. In the event of an + error, the node pool may be partially created. If enabled, [node + autoprovisioning](https://cloud.google.com/kubernetes-engine/docs/how-to/node-auto-provisioning) + may have automatically initiated such operations. + - >- + The node pool is being deleted. The node pool should be assumed to + be unusable as soon as this operation starts. + - >- + The node pool's manamagent field is being updated. These + operations only update metadata and may be concurrent with most + other operations. + - >- + A problem has been detected with nodes and [they are being + repaired](https://cloud.google.com/kubernetes-engine/docs/how-to/node-auto-repair). + This operation type is initiated by GKE, typically automatically. + This operation may be concurrent with other operations and there + may be multiple repairs occurring on the same node pool. + - Unused. Automatic node upgrade uses UPGRADE_NODES. + - Unused. Updating labels uses UPDATE_CLUSTER. + - Unused. Updating master auth uses UPDATE_CLUSTER. + - >- + The node pool is being resized. With the exception of resizing to + or from size zero, the node pool is generally usable during this + operation. + - Unused. Updating network policy uses UPDATE_CLUSTER. + - Unused. Updating maintenance policy uses UPDATE_CLUSTER. + - >- + The control plane is being resized. This operation type is + initiated by GKE. These operations are often performed + preemptively to ensure that the control plane has sufficient + resources and is not typically an indication of issues. For more + details, see [documentation on + resizes](https://cloud.google.com/kubernetes-engine/docs/concepts/maintenance-windows-and-exclusions#repairs). + - >- + Fleet features of GKE Enterprise are being upgraded. The cluster + should be assumed to be blocked for other upgrades until the + operation finishes. + targetLink: type: string - name: + readOnly: true description: >- - The name (project, location, cluster) of the cluster to set logging. - Specified in the format `projects/*/locations/*/clusters/*`. + Output only. Server-defined URI for the target of the operation. The + format of this is a URI to the resource being modified (such as a + cluster, node pool, or node). For node pool repairs, there may be + multiple nodes being repaired, but only one will be the target. + Examples: - ## + `https://container.googleapis.com/v1/projects/123/locations/us-central1/clusters/my-cluster` + ## + `https://container.googleapis.com/v1/projects/123/zones/us-central1-c/clusters/my-cluster/nodePools/my-np` + `https://container.googleapis.com/v1/projects/123/zones/us-central1-c/clusters/my-cluster/nodePools/my-np/node/my-node` + detail: + readOnly: true type: string - SetMonitoringServiceRequest: - id: SetMonitoringServiceRequest - description: SetMonitoringServiceRequest sets the monitoring service of a cluster. + description: Output only. Detailed operation progress, if available. + startTime: + type: string + readOnly: true + description: >- + Output only. The time the operation started, in + [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. + UsableSubnetwork: + description: >- + UsableSubnetwork resource returns the subnetwork name, its associated + network and the primary CIDR range. type: object + id: UsableSubnetwork properties: - projectId: - description: >- - Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - This field has been deprecated and replaced by the name field. - deprecated: true + secondaryIpRanges: + items: + $ref: '#/components/schemas/UsableSubnetworkSecondaryRange' + type: array + description: Secondary IP ranges. + ipCidrRange: type: string - zone: - description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the name field. - deprecated: true + description: The range of internal addresses that are owned by this subnetwork. + network: type: string - clusterId: description: >- - Deprecated. The name of the cluster to upgrade. This field has been - deprecated and replaced by the name field. - deprecated: true - type: string - monitoringService: + Network Name. Example: + projects/my-project/global/networks/my-network + subnetwork: description: >- - Required. The monitoring service the cluster should use to write - metrics. Currently available options: * - `monitoring.googleapis.com/kubernetes` - The Cloud Monitoring - service with a Kubernetes-native resource model * - `monitoring.googleapis.com` - The legacy Cloud Monitoring service - (no longer available as of GKE 1.15). * `none` - No metrics will be - exported from the cluster. If left as an empty - string,`monitoring.googleapis.com/kubernetes` will be used for GKE - 1.14+ or `monitoring.googleapis.com` for earlier versions. + Subnetwork Name. Example: + projects/my-project/regions/us-central1/subnetworks/my-subnet type: string - name: + statusMessage: description: >- - The name (project, location, cluster) of the cluster to set - monitoring. Specified in the format - `projects/*/locations/*/clusters/*`. + A human readable status message representing the reasons for cases + where the caller cannot use the secondary ranges under the subnet. + For example if the secondary_ip_ranges is empty due to a permission + issue, an insufficient permission message will be given by + status_message. type: string - SetAddonsConfigRequest: - id: SetAddonsConfigRequest - description: SetAddonsConfigRequest sets the addons associated with the cluster. - type: object + GCPSecretManagerCertificateConfig: + description: >- + GCPSecretManagerCertificateConfig configures a secret from [Secret + Manager](https://cloud.google.com/secret-manager). properties: - projectId: - description: >- - Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - This field has been deprecated and replaced by the name field. - deprecated: true - type: string - zone: - description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the name field. - deprecated: true - type: string - clusterId: - description: >- - Deprecated. The name of the cluster to upgrade. This field has been - deprecated and replaced by the name field. - deprecated: true - type: string - addonsConfig: - description: >- - Required. The desired configurations for the various addons - available to run in the cluster. - $ref: '#/components/schemas/AddonsConfig' - name: + secretUri: description: >- - The name (project, location, cluster) of the cluster to set addons. - Specified in the format `projects/*/locations/*/clusters/*`. + Secret URI, in the form + "projects/$PROJECT_ID/secrets/$SECRET_NAME/versions/$VERSION". + Version can be fixed (e.g. "2") or "latest" type: string - SetLocationsRequest: - id: SetLocationsRequest - description: SetLocationsRequest sets the locations of the cluster. type: object + id: GCPSecretManagerCertificateConfig + ReleaseChannelConfig: + description: ReleaseChannelConfig exposes configuration for a release channel. + id: ReleaseChannelConfig properties: - projectId: - description: >- - Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - This field has been deprecated and replaced by the name field. - deprecated: true - type: string - zone: - description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the name field. - deprecated: true - type: string - clusterId: - description: >- - Deprecated. The name of the cluster to upgrade. This field has been - deprecated and replaced by the name field. - deprecated: true - type: string - locations: - description: >- - Required. The desired list of Google Compute Engine - [zones](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster's nodes should be located. Changing the - locations a cluster is in will result in nodes being either created - or removed from the cluster, depending on whether locations are - being added or removed. This list must always include the cluster's - primary zone. + validVersions: type: array + description: List of valid versions for the channel. items: type: string - name: - description: >- - The name (project, location, cluster) of the cluster to set - locations. Specified in the format - `projects/*/locations/*/clusters/*`. + channel: + description: The release channel this configuration applies to. type: string - UpdateMasterRequest: - id: UpdateMasterRequest - description: UpdateMasterRequest updates the master of the cluster. + enumDescriptions: + - No channel specified. + - >- + RAPID channel is offered on an early access basis for customers + who want to test new releases. WARNING: Versions available in the + RAPID Channel may be subject to unresolved issues with no known + workaround and are not subject to any SLAs. + - >- + Clusters subscribed to REGULAR receive versions that are + considered GA quality. REGULAR is intended for production users + who want to take advantage of new features. + - >- + Clusters subscribed to STABLE receive versions that are known to + be stable and reliable in production. + - >- + Clusters subscribed to EXTENDED receive extended support and + availability for versions which are known to be stable and + reliable in production. + enum: + - UNSPECIFIED + - RAPID + - REGULAR + - STABLE + - EXTENDED + upgradeTargetVersion: + type: string + description: The auto upgrade target version for clusters on the channel. + defaultVersion: + type: string + description: The default version for newly created clusters on the channel. + type: object + IdentityServiceConfig: type: object + id: IdentityServiceConfig properties: - projectId: - description: >- - Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - This field has been deprecated and replaced by the name field. - deprecated: true - type: string - zone: - description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the name field. - deprecated: true + enabled: + description: Whether to enable the Identity Service component + type: boolean + description: >- + IdentityServiceConfig is configuration for Identity Service which allows + customers to use external identity providers with the K8S API + CidrBlock: + description: CidrBlock contains an optional name and one CIDR block. + properties: + cidrBlock: type: string - clusterId: - description: >- - Deprecated. The name of the cluster to upgrade. This field has been - deprecated and replaced by the name field. - deprecated: true + description: cidr_block must be specified in CIDR notation. + displayName: type: string - masterVersion: + description: display_name is an optional field for users to identify CIDR blocks. + type: object + id: CidrBlock + GkeAutoUpgradeConfig: + description: GkeAutoUpgradeConfig is the configuration for GKE auto upgrades. + type: object + id: GkeAutoUpgradeConfig + properties: + patchMode: description: >- - Required. The Kubernetes version to change the master to. Users may - specify either explicit versions offered by Kubernetes Engine or - version aliases, which have the following behavior: - "latest": - picks the highest valid Kubernetes version - "1.X": picks the - highest valid patch+gke.N patch in the 1.X version - "1.X.Y": picks - the highest valid gke.N patch in the 1.X.Y version - "1.X.Y-gke.N": - picks an explicit Kubernetes version - "-": picks the default - Kubernetes version + PatchMode specifies how auto upgrade patch builds should be + selected. type: string - name: - description: >- - The name (project, location, cluster) of the cluster to update. - Specified in the format `projects/*/locations/*/clusters/*`. + enumDescriptions: + - >- + PATCH_MODE_UNSPECIFIED defaults to using the upgrade target from + the channel's patch upgrade targets as the upgrade target for the + version. + - >- + ACCELERATED denotes that the latest patch build in the channel + should be used as the upgrade target for the version. + enum: + - PATCH_MODE_UNSPECIFIED + - ACCELERATED + MaxPodsConstraint: + description: Constraints applied to pods. + type: object + properties: + maxPodsPerNode: + description: Constraint enforced on the max num of pods per node. type: string + format: int64 + id: MaxPodsConstraint SetMasterAuthRequest: - id: SetMasterAuthRequest description: SetMasterAuthRequest updates the admin password of a cluster. + id: SetMasterAuthRequest type: object properties: projectId: + deprecated: true + type: string description: >- Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). This field has been deprecated and replaced by the name field. - deprecated: true + name: type: string + description: >- + The name (project, location, cluster) of the cluster to set auth. + Specified in the format `projects/*/locations/*/clusters/*`. zone: description: >- Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and replaced by the name field. deprecated: true type: string @@ -6326,11 +6459,18 @@ components: description: >- Deprecated. The name of the cluster to upgrade. This field has been deprecated and replaced by the name field. - deprecated: true type: string + deprecated: true + update: + $ref: '#/components/schemas/MasterAuth' + description: Required. A description of the update. action: + enum: + - UNKNOWN + - SET_PASSWORD + - GENERATE_PASSWORD + - SET_USERNAME description: Required. The exact form of action to be taken on the master auth. - type: string enumDescriptions: - Operation is unknown and will error out. - Set the password to a user generated value. @@ -6340,1236 +6480,1429 @@ components: authentication is disabled for the cluster. If a non-empty username is provided, basic authentication is enabled, with either a provided password or a generated one. - enum: - - UNKNOWN - - SET_PASSWORD - - GENERATE_PASSWORD - - SET_USERNAME - update: - description: Required. A description of the update. - $ref: '#/components/schemas/MasterAuth' - name: - description: >- - The name (project, location, cluster) of the cluster to set auth. - Specified in the format `projects/*/locations/*/clusters/*`. type: string - ListOperationsResponse: - id: ListOperationsResponse - description: ListOperationsResponse is the result of ListOperationsRequest. + BootDisk: type: object + id: BootDisk + description: BootDisk specifies the boot disk configuration for nodepools. properties: - operations: - description: A list of operations in the project in the specified zone. - type: array - items: - $ref: '#/components/schemas/Operation' - missingZones: + provisionedThroughput: + type: string description: >- - If any zones are listed here, the list of operations returned may be - missing the operations from those zones. - type: array - items: - type: string - CancelOperationRequest: - id: CancelOperationRequest - description: CancelOperationRequest cancels a single operation. - type: object + For Hyperdisk-Balanced only, the provisioned throughput config + value. + format: int64 + provisionedIops: + type: string + format: int64 + description: For Hyperdisk-Balanced only, the provisioned IOPS config value. + sizeGb: + format: int64 + type: string + description: Disk size in GB. Replaces NodeConfig.disk_size_gb + diskType: + type: string + description: >- + Disk type of the boot disk. (i.e. Hyperdisk-Balanced, PD-Balanced, + etc.) + SetNodePoolManagementRequest: properties: + nodePoolId: + deprecated: true + description: >- + Deprecated. The name of the node pool to update. This field has been + deprecated and replaced by the name field. + type: string + clusterId: + deprecated: true + description: >- + Deprecated. The name of the cluster to update. This field has been + deprecated and replaced by the name field. + type: string projectId: description: >- Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). This field has been deprecated and replaced by the name field. deprecated: true type: string zone: + type: string + deprecated: true description: >- Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the operation resides. This field has been deprecated and + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and replaced by the name field. - deprecated: true - type: string - operationId: - description: >- - Deprecated. The server-assigned `name` of the operation. This field - has been deprecated and replaced by the name field. - deprecated: true - type: string name: - description: >- - The name (project, location, operation id) of the operation to - cancel. Specified in the format - `projects/*/locations/*/operations/*`. type: string - Empty: - id: Empty + description: >- + The name (project, location, cluster, node pool id) of the node pool + to set management properties. Specified in the format + `projects/*/locations/*/clusters/*/nodePools/*`. + management: + description: Required. NodeManagement configuration for the node pool. + $ref: '#/components/schemas/NodeManagement' description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + SetNodePoolManagementRequest sets the node management properties of a + node pool. + id: SetNodePoolManagementRequest type: object - properties: {} - ServerConfig: - id: ServerConfig - description: Kubernetes Engine service configuration. + HighScaleCheckpointingConfig: type: object + id: HighScaleCheckpointingConfig properties: - defaultClusterVersion: - description: Version of Kubernetes the service deploys by default. - type: string - validNodeVersions: - description: List of valid node upgrade target versions, in descending order. - type: array - items: - type: string - defaultImageType: - description: Default image type. - type: string - validImageTypes: - description: List of valid image types. - type: array - items: - type: string - validMasterVersions: - description: List of valid master versions, in descending order. - type: array - items: - type: string - channels: - description: List of release channel configurations. - type: array - items: - $ref: '#/components/schemas/ReleaseChannelConfig' - ReleaseChannelConfig: - id: ReleaseChannelConfig - description: ReleaseChannelConfig exposes configuration for a release channel. - type: object + enabled: + description: Whether the High Scale Checkpointing is enabled for this cluster. + type: boolean + description: Configuration for the High Scale Checkpointing. + Fleet: properties: - channel: - description: The release channel this configuration applies to. + membershipType: type: string enumDescriptions: - - No channel specified. - - >- - RAPID channel is offered on an early access basis for customers - who want to test new releases. WARNING: Versions available in the - RAPID Channel may be subject to unresolved issues with no known - workaround and are not subject to any SLAs. - - >- - Clusters subscribed to REGULAR receive versions that are - considered GA quality. REGULAR is intended for production users - who want to take advantage of new features. - - >- - Clusters subscribed to STABLE receive versions that are known to - be stable and reliable in production. - - >- - Clusters subscribed to EXTENDED receive extended support and - availability for versions which are known to be stable and - reliable in production. + - The MembershipType is not set. + - The membership supports only lightweight compatible features. enum: - - UNSPECIFIED - - RAPID - - REGULAR - - STABLE - - EXTENDED - defaultVersion: - description: The default version for newly created clusters on the channel. - type: string - validVersions: - description: List of valid versions for the channel. - type: array - items: - type: string - upgradeTargetVersion: - description: The auto upgrade target version for clusters on the channel. - type: string - GetOpenIDConfigResponse: - id: GetOpenIDConfigResponse - description: >- - GetOpenIDConfigResponse is an OIDC discovery document for the cluster. - See the OpenID Connect Discovery 1.0 specification for details. - type: object - properties: - issuer: - description: OIDC Issuer. - type: string - jwks_uri: - description: JSON Web Key uri. - type: string - response_types_supported: - description: Supported response types. - type: array - items: - type: string - subject_types_supported: - description: Supported subject types. - type: array - items: - type: string - id_token_signing_alg_values_supported: - description: supported ID Token signing Algorithms. - type: array - items: - type: string - claims_supported: - description: Supported claims. - type: array - items: - type: string - grant_types: - description: Supported grant types. - type: array - items: - type: string - cacheHeader: + - MEMBERSHIP_TYPE_UNSPECIFIED + - LIGHTWEIGHT + description: The type of the cluster's fleet membership. + project: description: >- - For HTTP requests, this field is automatically extracted into the - Cache-Control HTTP header. - $ref: '#/components/schemas/HttpCacheControlResponseHeader' - HttpCacheControlResponseHeader: - id: HttpCacheControlResponseHeader - description: 'RFC-2616: cache control support' - type: object - properties: - directive: - description: 14.9 request and response directives - type: string - age: - description: 14.6 response cache age, in seconds since the response is generated + The Fleet host project(project ID or project number) where this + cluster will be registered to. This field cannot be changed after + the cluster has been registered. type: string - format: int64 - expires: - description: 14.21 response cache expires, in RFC 1123 date format + membership: + readOnly: true + description: >- + Output only. The full resource name of the registered fleet + membership of the cluster, in the format + `//gkehub.googleapis.com/projects/*/locations/*/memberships/*`. type: string - GetJSONWebKeysResponse: - id: GetJSONWebKeysResponse - description: >- - GetJSONWebKeysResponse is a valid JSON Web Key Set as specified in rfc - 7517 + preRegistered: + type: boolean + readOnly: true + description: >- + Output only. Whether the cluster has been registered through the + fleet API. + id: Fleet + description: Fleet is the fleet configuration for the cluster. + type: object + ClusterUpdate: type: object + id: ClusterUpdate + description: >- + ClusterUpdate describes an update to the cluster. Exactly one update can + be applied to a cluster with each request, so at most one field can be + provided. properties: - keys: + desiredAuthenticatorGroupsConfig: + description: The desired authenticator groups config for the cluster. + $ref: '#/components/schemas/AuthenticatorGroupsConfig' + desiredNodePoolAutoConfigLinuxNodeConfig: + $ref: '#/components/schemas/LinuxNodeConfig' description: >- - The public component of the keys used by the cluster to sign token - requests. - type: array - items: - $ref: '#/components/schemas/Jwk' - cacheHeader: + The desired Linux node config for all auto-provisioned node pools in + autopilot clusters and node auto-provisioning enabled clusters. + Currently only `cgroup_mode` can be set here. + desiredPrivilegedAdmissionConfig: + $ref: '#/components/schemas/PrivilegedAdmissionConfig' + description: The desired privileged admission config for the cluster. + desiredReleaseChannel: + description: The desired release channel configuration. + $ref: '#/components/schemas/ReleaseChannel' + desiredRbacBindingConfig: description: >- - For HTTP requests, this field is automatically extracted into the - Cache-Control HTTP header. - $ref: '#/components/schemas/HttpCacheControlResponseHeader' - Jwk: - id: Jwk - description: Jwk is a JSON Web Key as specified in RFC 7517 - type: object - properties: - kty: - description: Key Type. - type: string - alg: - description: Algorithm. - type: string - use: - description: Permitted uses for the public keys. - type: string - kid: - description: Key ID. - type: string - 'n': - description: Used for RSA keys. - type: string - e: - description: Used for RSA keys. - type: string - x: - description: Used for ECDSA keys. + RBACBindingConfig allows user to restrict ClusterRoleBindings an + RoleBindings that can be created. + $ref: '#/components/schemas/RBACBindingConfig' + desiredNodeKubeletConfig: + $ref: '#/components/schemas/NodeKubeletConfig' + description: The desired node kubelet config for the cluster. + desiredSecretManagerConfig: + $ref: '#/components/schemas/SecretManagerConfig' + description: Enable/Disable Secret Manager Config. + desiredEnableCiliumClusterwideNetworkPolicy: + description: Enable/Disable Cilium Clusterwide Network Policy for the cluster. + type: boolean + desiredContainerdConfig: + description: The desired containerd config for the cluster. + $ref: '#/components/schemas/ContainerdConfig' + desiredImageType: type: string - 'y': - description: Used for ECDSA keys. + description: >- + The desired image type for the node pool. NOTE: Set the + "desired_node_pool" field as well. + desiredParentProductConfig: + description: The desired parent product config for the cluster. + $ref: '#/components/schemas/ParentProductConfig' + desiredDisableL4LbFirewallReconciliation: + type: boolean + description: Enable/Disable L4 LB VPC firewall reconciliation for the cluster. + desiredNodePoolLoggingConfig: + description: >- + The desired node pool logging configuration defaults for the + cluster. + $ref: '#/components/schemas/NodePoolLoggingConfig' + desiredLocations: + items: + type: string + type: array + description: >- + The desired list of Google Compute Engine + [zones](https://cloud.google.com/compute/docs/zones#available) in + which the cluster's nodes should be located. This list must always + include the cluster's primary zone. Warning: changing cluster + locations will update the locations of all node pools and will + result in nodes being added and/or removed. + desiredAddonsConfig: + $ref: '#/components/schemas/AddonsConfig' + description: >- + Configurations for the various addons available to run in the + cluster. + desiredVerticalPodAutoscaling: + $ref: '#/components/schemas/VerticalPodAutoscaling' + description: Cluster-level Vertical Pod Autoscaling configuration. + userManagedKeysConfig: + deprecated: true + description: >- + The Custom keys configuration for the cluster. This field is + deprecated. Use ClusterUpdate.desired_user_managed_keys_config + instead. + $ref: '#/components/schemas/UserManagedKeysConfig' + desiredAutoIpamConfig: + $ref: '#/components/schemas/AutoIpamConfig' + description: AutoIpamConfig contains all information related to Auto IPAM + desiredIntraNodeVisibilityConfig: + description: The desired config of Intra-node visibility. + $ref: '#/components/schemas/IntraNodeVisibilityConfig' + desiredSecurityPostureConfig: + description: Enable/Disable Security Posture API features for the cluster. + $ref: '#/components/schemas/SecurityPostureConfig' + desiredCostManagementConfig: + $ref: '#/components/schemas/CostManagementConfig' + description: >- + The desired configuration for the fine-grained cost management + feature. + desiredNetworkTierConfig: + description: The desired network tier configuration for the cluster. + $ref: '#/components/schemas/NetworkTierConfig' + desiredEnablePrivateEndpoint: + deprecated: true + description: >- + Enable/Disable private endpoint for the cluster's master. + Deprecated: Use + desired_control_plane_endpoints_config.ip_endpoints_config.enable_public_endpoint + instead. Note that the value of enable_public_endpoint is reversed: + if enable_private_endpoint is false, then enable_public_endpoint + will be true. + type: boolean + desiredNodeVersion: type: string - crv: - description: Used for ECDSA keys. + description: >- + The Kubernetes version to change the nodes to (typically an + upgrade). Users may specify either explicit versions offered by + Kubernetes Engine or version aliases, which have the following + behavior: - "latest": picks the highest valid Kubernetes version - + "1.X": picks the highest valid patch+gke.N patch in the 1.X version + - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version + - "1.X.Y-gke.N": picks an explicit Kubernetes version - "-": picks + the Kubernetes master version + desiredDatabaseEncryption: + $ref: '#/components/schemas/DatabaseEncryption' + description: Configuration of etcd encryption. + desiredNodePoolAutoscaling: + $ref: '#/components/schemas/NodePoolAutoscaling' + description: >- + Autoscaler configuration for the node pool specified in + desired_node_pool_id. If there is only one pool in the cluster and + desired_node_pool_id is not provided then the change applies to that + single node pool. + desiredResourceUsageExportConfig: + $ref: '#/components/schemas/ResourceUsageExportConfig' + description: The desired configuration for exporting resource usage. + desiredNodePoolId: + description: >- + The node pool to be upgraded. This field is mandatory if + "desired_node_version", "desired_image_family" or + "desired_node_pool_autoscaling" is specified and there is more than + one node pool on the cluster. type: string - ListNodePoolsResponse: - id: ListNodePoolsResponse - description: ListNodePoolsResponse is the result of ListNodePoolsRequest. - type: object - properties: - nodePools: - description: A list of node pools for a cluster. - type: array - items: - $ref: '#/components/schemas/NodePool' - CreateNodePoolRequest: - id: CreateNodePoolRequest - description: CreateNodePoolRequest creates a node pool for a cluster. - type: object - properties: - projectId: + desiredGatewayApiConfig: + description: The desired config of Gateway API on this cluster. + $ref: '#/components/schemas/GatewayAPIConfig' + desiredNodePoolAutoConfigResourceManagerTags: description: >- - Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - This field has been deprecated and replaced by the parent field. + The desired resource manager tags that apply to all auto-provisioned + node pools in autopilot clusters and node auto-provisioning enabled + clusters. + $ref: '#/components/schemas/ResourceManagerTags' + desiredEnterpriseConfig: + $ref: '#/components/schemas/DesiredEnterpriseConfig' + description: >- + The desired enterprise configuration for the cluster. Deprecated: + GKE Enterprise features are now available without an Enterprise + tier. deprecated: true + desiredStackType: + enum: + - STACK_TYPE_UNSPECIFIED + - IPV4 + - IPV4_IPV6 type: string - zone: description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the parent field. - deprecated: true + The desired stack type of the cluster. If a stack type is provided + and does not match the current stack type of the cluster, update + will attempt to change the stack type to the new type. + enumDescriptions: + - Default value, will be defaulted as IPV4 only + - Cluster is IPV4 only + - Cluster can use both IPv4 and IPv6 + additionalPodRangesConfig: + description: >- + The additional pod ranges to be added to the cluster. These pod + ranges can be used by node pools to allocate pod IPs. + $ref: '#/components/schemas/AdditionalPodRangesConfig' + desiredMeshCertificates: + $ref: '#/components/schemas/MeshCertificates' + description: >- + Configuration for issuance of mTLS keys and certificates to + Kubernetes pods. + desiredNodePoolAutoConfigNetworkTags: + $ref: '#/components/schemas/NetworkTags' + description: >- + The desired network tags that apply to all auto-provisioned node + pools in autopilot clusters and node auto-provisioning enabled + clusters. + desiredNodePoolAutoConfigKubeletConfig: + description: >- + The desired node kubelet config for all auto-provisioned node pools + in autopilot clusters and node auto-provisioning enabled clusters. + $ref: '#/components/schemas/NodeKubeletConfig' + desiredAnonymousAuthenticationConfig: + description: >- + Configuration for limiting anonymous access to all endpoints except + the health checks. + $ref: '#/components/schemas/AnonymousAuthenticationConfig' + desiredClusterAutoscaling: + $ref: '#/components/schemas/ClusterAutoscaling' + description: Cluster-level autoscaling configuration. + desiredL4ilbSubsettingConfig: + description: The desired L4 Internal Load Balancer Subsetting configuration. + $ref: '#/components/schemas/ILBSubsettingConfig' + desiredMonitoringService: type: string - clusterId: description: >- - Deprecated. The name of the cluster. This field has been deprecated - and replaced by the parent field. - deprecated: true - type: string - nodePool: - description: Required. The node pool to create. - $ref: '#/components/schemas/NodePool' - parent: + The monitoring service the cluster should use to write metrics. + Currently available options: * + `monitoring.googleapis.com/kubernetes` - The Cloud Monitoring + service with a Kubernetes-native resource model * + `monitoring.googleapis.com` - The legacy Cloud Monitoring service + (no longer available as of GKE 1.15). * `none` - No metrics will be + exported from the cluster. If left as an empty + string,`monitoring.googleapis.com/kubernetes` will be used for GKE + 1.14+ or `monitoring.googleapis.com` for earlier versions. + removedAdditionalPodRangesConfig: description: >- - The parent (project, location, cluster name) where the node pool - will be created. Specified in the format - `projects/*/locations/*/clusters/*`. + The additional pod ranges that are to be removed from the cluster. + The pod ranges specified here must have been specified earlier in + the 'additional_pod_ranges_config' argument. + $ref: '#/components/schemas/AdditionalPodRangesConfig' + etag: type: string - CompleteNodePoolUpgradeRequest: - id: CompleteNodePoolUpgradeRequest - description: >- - CompleteNodePoolUpgradeRequest sets the name of target node pool to - complete upgrade. - type: object - properties: {} - RollbackNodePoolUpgradeRequest: - id: RollbackNodePoolUpgradeRequest - description: >- - RollbackNodePoolUpgradeRequest rollbacks the previously Aborted or - Failed NodePool upgrade. This will be an no-op if the last upgrade - successfully completed. - type: object - properties: - projectId: description: >- - Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - This field has been deprecated and replaced by the name field. - deprecated: true - type: string - zone: + The current etag of the cluster. If an etag is provided and does not + match the current etag of the cluster, update will be blocked and an + ABORTED error will be returned. + desiredBinaryAuthorization: description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the name field. - deprecated: true - type: string - clusterId: + The desired configuration options for the Binary Authorization + feature. + $ref: '#/components/schemas/BinaryAuthorization' + desiredMasterVersion: description: >- - Deprecated. The name of the cluster to rollback. This field has been - deprecated and replaced by the name field. - deprecated: true + The Kubernetes version to change the master to. Users may specify + either explicit versions offered by Kubernetes Engine or version + aliases, which have the following behavior: - "latest": picks the + highest valid Kubernetes version - "1.X": picks the highest valid + patch+gke.N patch in the 1.X version - "1.X.Y": picks the highest + valid gke.N patch in the 1.X.Y version - "1.X.Y-gke.N": picks an + explicit Kubernetes version - "-": picks the default Kubernetes + version type: string - nodePoolId: + desiredWorkloadIdentityConfig: + description: Configuration for Workload Identity. + $ref: '#/components/schemas/WorkloadIdentityConfig' + desiredDefaultSnatStatus: + $ref: '#/components/schemas/DefaultSnatStatus' description: >- - Deprecated. The name of the node pool to rollback. This field has - been deprecated and replaced by the name field. + The desired status of whether to disable default sNAT for this + cluster. + desiredEnableMultiNetworking: + description: Enable/Disable Multi-Networking for the cluster + type: boolean + desiredNetworkPerformanceConfig: + $ref: '#/components/schemas/ClusterNetworkPerformanceConfig' + description: The desired network performance config. + desiredCompliancePostureConfig: + description: Enable/Disable Compliance Posture features for the cluster. + $ref: '#/components/schemas/CompliancePostureConfig' + desiredControlPlaneEndpointsConfig: + description: Control plane endpoints configuration. + $ref: '#/components/schemas/ControlPlaneEndpointsConfig' + desiredNotificationConfig: + $ref: '#/components/schemas/NotificationConfig' + description: The desired notification configuration. + desiredPodAutoscaling: + description: The desired config for pod autoscaling. + $ref: '#/components/schemas/PodAutoscaling' + desiredUserManagedKeysConfig: + $ref: '#/components/schemas/UserManagedKeysConfig' + description: The desired user managed keys config for the cluster. + desiredPrivateClusterConfig: deprecated: true + $ref: '#/components/schemas/PrivateClusterConfig' + description: >- + The desired private cluster configuration. + master_global_access_config is the only field that can be changed + via this field. See also + ClusterUpdate.desired_enable_private_endpoint for modifying other + fields within PrivateClusterConfig. Deprecated: Use + desired_control_plane_endpoints_config.ip_endpoints_config.global_access + instead. + desiredDnsConfig: + $ref: '#/components/schemas/DNSConfig' + description: DNSConfig contains clusterDNS config for this cluster. + desiredIdentityServiceConfig: + description: The desired Identity Service component configuration. + $ref: '#/components/schemas/IdentityServiceConfig' + desiredPrivateIpv6GoogleAccess: + description: The desired state of IPv6 connectivity to Google Services. type: string - name: + enumDescriptions: + - Default value. Same as DISABLED + - No private access to or from Google Services + - Enables private IPv6 access to Google Services from GKE + - Enables private IPv6 access to and from Google Services + enum: + - PRIVATE_IPV6_GOOGLE_ACCESS_UNSPECIFIED + - PRIVATE_IPV6_GOOGLE_ACCESS_DISABLED + - PRIVATE_IPV6_GOOGLE_ACCESS_TO_GOOGLE + - PRIVATE_IPV6_GOOGLE_ACCESS_BIDIRECTIONAL + desiredGcfsConfig: + $ref: '#/components/schemas/GcfsConfig' + description: The desired GCFS config for the cluster + desiredFleet: + $ref: '#/components/schemas/Fleet' + description: The desired fleet configuration for the cluster. + desiredMonitoringConfig: + description: The desired monitoring configuration. + $ref: '#/components/schemas/MonitoringConfig' + desiredShieldedNodes: + description: Configuration for Shielded Nodes. + $ref: '#/components/schemas/ShieldedNodes' + desiredAdditionalIpRangesConfig: + $ref: '#/components/schemas/DesiredAdditionalIPRangesConfig' description: >- - The name (project, location, cluster, node pool id) of the node poll - to rollback upgrade. Specified in the format - `projects/*/locations/*/clusters/*/nodePools/*`. + The desired config for additional subnetworks attached to the + cluster. + desiredLoggingConfig: + description: The desired logging configuration. + $ref: '#/components/schemas/LoggingConfig' + desiredK8sBetaApis: + description: Desired Beta APIs to be enabled for cluster. + $ref: '#/components/schemas/K8sBetaAPIConfig' + desiredInTransitEncryptionConfig: + enumDescriptions: + - >- + Unspecified, will be inferred as default - + IN_TRANSIT_ENCRYPTION_UNSPECIFIED. + - In-transit encryption is disabled. + - >- + Data in-transit is encrypted using inter-node transparent + encryption. type: string - respectPdb: + enum: + - IN_TRANSIT_ENCRYPTION_CONFIG_UNSPECIFIED + - IN_TRANSIT_ENCRYPTION_DISABLED + - IN_TRANSIT_ENCRYPTION_INTER_NODE_TRANSPARENT + description: Specify the details of in-transit encryption. + desiredServiceExternalIpsConfig: description: >- - Option for rollback to ignore the PodDisruptionBudget. Default value - is false. - type: boolean - SetNodePoolManagementRequest: - id: SetNodePoolManagementRequest - description: >- - SetNodePoolManagementRequest sets the node management properties of a - node pool. - type: object - properties: - projectId: + ServiceExternalIPsConfig specifies the config for the use of + Services with ExternalIPs field. + $ref: '#/components/schemas/ServiceExternalIPsConfig' + desiredAutopilotWorkloadPolicyConfig: description: >- - Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - This field has been deprecated and replaced by the name field. - deprecated: true + WorkloadPolicyConfig is the configuration related to GCW workload + policy + $ref: '#/components/schemas/WorkloadPolicyConfig' + desiredLoggingService: type: string - zone: description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the name field. - deprecated: true + The logging service the cluster should use to write logs. Currently + available options: * `logging.googleapis.com/kubernetes` - The Cloud + Logging service with a Kubernetes-native resource model * + `logging.googleapis.com` - The legacy Cloud Logging service (no + longer available as of GKE 1.15). * `none` - no logs will be + exported from the cluster. If left as an empty + string,`logging.googleapis.com/kubernetes` will be used for GKE + 1.14+ or `logging.googleapis.com` for earlier versions. + desiredDatapathProvider: + description: The desired datapath provider for the cluster. type: string - clusterId: - description: >- - Deprecated. The name of the cluster to update. This field has been - deprecated and replaced by the name field. + enum: + - DATAPATH_PROVIDER_UNSPECIFIED + - LEGACY_DATAPATH + - ADVANCED_DATAPATH + enumDescriptions: + - Default value. + - Use the IPTables implementation based on kube-proxy. + - >- + Use the eBPF based GKE Dataplane V2 with additional features. See + the [GKE Dataplane V2 + documentation](https://cloud.google.com/kubernetes-engine/docs/how-to/dataplane-v2) + for more. + desiredMasterAuthorizedNetworksConfig: deprecated: true - type: string - nodePoolId: description: >- - Deprecated. The name of the node pool to update. This field has been - deprecated and replaced by the name field. - deprecated: true + The desired configuration options for master authorized networks + feature. Deprecated: Use + desired_control_plane_endpoints_config.ip_endpoints_config.authorized_networks_config + instead. + $ref: '#/components/schemas/MasterAuthorizedNetworksConfig' + gkeAutoUpgradeConfig: + $ref: '#/components/schemas/GkeAutoUpgradeConfig' + description: Configuration for GKE auto upgrade. + desiredEnableFqdnNetworkPolicy: + type: boolean + description: Enable/Disable FQDN Network Policy for the cluster. + desiredDefaultEnablePrivateNodes: + type: boolean + description: >- + Override the default setting of whether future created nodes have + private IP addresses only, namely + NetworkConfig.default_enable_private_nodes + enableK8sBetaApis: + description: >- + Kubernetes open source beta apis enabled on the cluster. Only beta + apis + $ref: '#/components/schemas/K8sBetaAPIConfig' + Metric: + id: Metric + type: object + description: Progress metric is (string, int|float|string) pair. + properties: + stringValue: type: string - management: - description: Required. NodeManagement configuration for the node pool. - $ref: '#/components/schemas/NodeManagement' + description: For metrics with custom values (ratios, visual progress, etc.). + doubleValue: + description: For metrics with floating point value. + type: number + format: double name: - description: >- - The name (project, location, cluster, node pool id) of the node pool - to set management properties. Specified in the format - `projects/*/locations/*/clusters/*/nodePools/*`. type: string - SetLabelsRequest: - id: SetLabelsRequest - description: >- - SetLabelsRequest sets the Google Cloud Platform labels on a Google - Container Engine cluster, which will in turn set them for Google Compute - Engine resources used by that cluster + description: Required. Metric name, e.g., "nodes total", "percent done". + intValue: + format: int64 + description: For metrics with integer value. + type: string + EvictionGracePeriod: type: object + id: EvictionGracePeriod properties: - projectId: - description: >- - Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - This field has been deprecated and replaced by the name field. - deprecated: true - type: string - zone: + memoryAvailable: description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the name field. - deprecated: true + Optional. Grace period for eviction due to memory available signal. + Sample format: "10s". Must be >= 0. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals type: string - clusterId: - description: >- - Deprecated. The name of the cluster. This field has been deprecated - and replaced by the name field. - deprecated: true + nodefsAvailable: type: string - resourceLabels: - description: Required. The labels to set for that cluster. - type: object - additionalProperties: - type: string - labelFingerprint: description: >- - Required. The fingerprint of the previous set of labels for this - resource, used to detect conflicts. The fingerprint is initially - generated by Kubernetes Engine and changes after every request to - modify or update labels. You must always provide an up-to-date - fingerprint hash when updating or changing labels. Make a `get()` - request to the resource to get the latest fingerprint. + Optional. Grace period for eviction due to nodefs available signal. + Sample format: "10s". Must be >= 0. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + imagefsInodesFree: type: string - name: description: >- - The name (project, location, cluster name) of the cluster to set - labels. Specified in the format `projects/*/locations/*/clusters/*`. - type: string - SetLegacyAbacRequest: - id: SetLegacyAbacRequest - description: >- - SetLegacyAbacRequest enables or disables the ABAC authorization - mechanism for a cluster. - type: object - properties: - projectId: + Optional. Grace period for eviction due to imagefs inodes free + signal. Sample format: "10s". Must be >= 0. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + nodefsInodesFree: description: >- - Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - This field has been deprecated and replaced by the name field. - deprecated: true + Optional. Grace period for eviction due to nodefs inodes free + signal. Sample format: "10s". Must be >= 0. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals type: string - zone: + pidAvailable: description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the name field. - deprecated: true + Optional. Grace period for eviction due to pid available signal. + Sample format: "10s". Must be >= 0. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals type: string - clusterId: - description: >- - Deprecated. The name of the cluster to update. This field has been - deprecated and replaced by the name field. - deprecated: true + imagefsAvailable: type: string - enabled: - description: Required. Whether ABAC authorization will be enabled in the cluster. - type: boolean - name: description: >- - The name (project, location, cluster name) of the cluster to set - legacy abac. Specified in the format - `projects/*/locations/*/clusters/*`. - type: string - StartIPRotationRequest: - id: StartIPRotationRequest - description: >- - StartIPRotationRequest creates a new IP for the cluster and then - performs a node upgrade on each node pool to point to the new IP. - type: object + Optional. Grace period for eviction due to imagefs available signal. + Sample format: "10s". Must be >= 0. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + description: Eviction grace periods are grace periods for each eviction signal. + UpgradeAvailableEvent: properties: - projectId: + resource: description: >- - Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - This field has been deprecated and replaced by the name field. - deprecated: true + Optional relative path to the resource. For example, the relative + path of the node pool. type: string - zone: - description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the name field. - deprecated: true + resourceType: + description: The resource type of the release version. + enumDescriptions: + - Default value. This shouldn't be used. + - Master / control plane + - Node pool + enum: + - UPGRADE_RESOURCE_TYPE_UNSPECIFIED + - MASTER + - NODE_POOL type: string - clusterId: - description: >- - Deprecated. The name of the cluster. This field has been deprecated - and replaced by the name field. - deprecated: true + version: type: string - name: + description: The release version available for upgrade. + releaseChannel: description: >- - The name (project, location, cluster name) of the cluster to start - IP rotation. Specified in the format - `projects/*/locations/*/clusters/*`. - type: string - rotateCredentials: - description: Whether to rotate credentials during IP rotation. - type: boolean - CompleteIPRotationRequest: - id: CompleteIPRotationRequest + The release channel of the version. If empty, it means a non-channel + release. + $ref: '#/components/schemas/ReleaseChannel' + id: UpgradeAvailableEvent description: >- - CompleteIPRotationRequest moves the cluster master back into single-IP - mode. + UpgradeAvailableEvent is a notification sent to customers when a new + available version is released. type: object + UpgradeInfoEvent: + description: >- + UpgradeInfoEvent is a notification sent to customers about the upgrade + information of a resource. properties: - projectId: + resource: description: >- - Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - This field has been deprecated and replaced by the name field. - deprecated: true + Optional relative path to the resource. For example in node pool + upgrades, the relative path of the node pool. type: string - zone: - description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the name field. - deprecated: true + targetVersion: type: string - clusterId: - description: >- - Deprecated. The name of the cluster. This field has been deprecated - and replaced by the name field. - deprecated: true + description: The target version for the upgrade. + extendedSupportEndTime: + description: The end of extended support timestamp. type: string - name: - description: >- - The name (project, location, cluster name) of the cluster to - complete IP rotation. Specified in the format - `projects/*/locations/*/clusters/*`. + format: google-datetime + startTime: + description: The time when the operation was started. + format: google-datetime type: string - SetNodePoolSizeRequest: - id: SetNodePoolSizeRequest - description: SetNodePoolSizeRequest sets the size of a node pool. - type: object - properties: - projectId: - description: >- - Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - This field has been deprecated and replaced by the name field. - deprecated: true + operation: type: string - zone: - description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the name field. - deprecated: true + description: The operation associated with this upgrade. + standardSupportEndTime: + description: The end of standard support timestamp. + format: google-datetime + type: string + state: + type: string + readOnly: true + enum: + - STATE_UNSPECIFIED + - STARTED + - SUCCEEDED + - FAILED + - CANCELED + enumDescriptions: + - STATE_UNSPECIFIED indicates the state is unspecified. + - STARTED indicates the upgrade has started. + - SUCCEEDED indicates the upgrade has completed successfully. + - FAILED indicates the upgrade has failed. + - CANCELED indicates the upgrade has canceled. + description: Output only. The state of the upgrade. + description: + description: A brief description of the event. + type: string + eventType: + enumDescriptions: + - EVENT_TYPE_UNSPECIFIED indicates the event type is unspecified. + - >- + END_OF_SUPPORT indicates GKE version reaches end of support, check + standard_support_end_time and extended_support_end_time for more + details. + - >- + COS_MILESTONE_VERSION_UPDATE indicates that the COS node image + will update COS milestone version for new patch versions starting + with the one in the description. + - >- + UPGRADE_LIFECYCLE indicates the event is about the upgrade + lifecycle. + - DISRUPTION_EVENT indicates the event is about the disruption. type: string - clusterId: - description: >- - Deprecated. The name of the cluster to update. This field has been - deprecated and replaced by the name field. - deprecated: true + description: The type of the event. + enum: + - EVENT_TYPE_UNSPECIFIED + - END_OF_SUPPORT + - COS_MILESTONE_VERSION_UPDATE + - UPGRADE_LIFECYCLE + - DISRUPTION_EVENT + endTime: + description: The time when the operation ended. + format: google-datetime type: string - nodePoolId: - description: >- - Deprecated. The name of the node pool to update. This field has been - deprecated and replaced by the name field. - deprecated: true + resourceType: type: string - nodeCount: - description: Required. The desired node count for the pool. - type: integer - format: int32 - name: + enumDescriptions: + - Default value. This shouldn't be used. + - Master / control plane + - Node pool + enum: + - UPGRADE_RESOURCE_TYPE_UNSPECIFIED + - MASTER + - NODE_POOL + description: The resource type associated with the upgrade. + disruptionEvent: + $ref: '#/components/schemas/DisruptionEvent' description: >- - The name (project, location, cluster, node pool id) of the node pool - to set size. Specified in the format - `projects/*/locations/*/clusters/*/nodePools/*`. + The information about the disruption event. This field is only + populated when event_type is DISRUPTION_EVENT. + currentVersion: type: string - SetNetworkPolicyRequest: - id: SetNetworkPolicyRequest - description: SetNetworkPolicyRequest enables/disables network policy for a cluster. + description: The current version before the upgrade. + id: UpgradeInfoEvent + type: object + ServerConfig: + id: ServerConfig type: object properties: - projectId: - description: >- - Deprecated. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - This field has been deprecated and replaced by the name field. - deprecated: true - type: string - zone: - description: >- - Deprecated. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. This field has been deprecated and - replaced by the name field. - deprecated: true - type: string - clusterId: - description: >- - Deprecated. The name of the cluster. This field has been deprecated - and replaced by the name field. - deprecated: true + validImageTypes: + description: List of valid image types. + type: array + items: + type: string + validNodeVersions: + description: List of valid node upgrade target versions, in descending order. + items: + type: string + type: array + channels: + description: List of release channel configurations. + items: + $ref: '#/components/schemas/ReleaseChannelConfig' + type: array + validMasterVersions: + description: List of valid master versions, in descending order. + items: + type: string + type: array + defaultImageType: type: string - networkPolicy: - description: Required. Configuration options for the NetworkPolicy feature. - $ref: '#/components/schemas/NetworkPolicy' - name: - description: >- - The name (project, location, cluster name) of the cluster to set - networking policy. Specified in the format - `projects/*/locations/*/clusters/*`. + description: Default image type. + defaultClusterVersion: type: string - SetMaintenancePolicyRequest: - id: SetMaintenancePolicyRequest - description: SetMaintenancePolicyRequest sets the maintenance policy for a cluster. + description: Version of Kubernetes the service deploys by default. + description: Kubernetes Engine service configuration. + RecurringTimeWindow: + id: RecurringTimeWindow type: object + description: Represents an arbitrary window of time that recurs. properties: - projectId: - description: >- - Required. The Google Developers Console [project ID or project - number](https://{$universe.dns_names.final_documentation_domain}/resource-manager/docs/creating-managing-projects). - type: string - zone: - description: >- - Required. The name of the Google Compute Engine - [zone](https://{$universe.dns_names.final_documentation_domain}/compute/docs/zones#available) - in which the cluster resides. - type: string - clusterId: - description: Required. The name of the cluster to update. + window: + description: The window of the first recurrence. + $ref: '#/components/schemas/TimeWindow' + recurrence: type: string - maintenancePolicy: - description: >- - Required. The maintenance policy to be set for the cluster. An empty - field clears the existing maintenance policy. - $ref: '#/components/schemas/MaintenancePolicy' - name: description: >- - The name (project, location, cluster name) of the cluster to set - maintenance policy. Specified in the format - `projects/*/locations/*/clusters/*`. - type: string - ListUsableSubnetworksResponse: - id: ListUsableSubnetworksResponse + An RRULE (https://tools.ietf.org/html/rfc5545#section-3.8.5.3) for + how this window recurs. They go on for the span of time between the + start and end time. For example, to have something repeat every + weekday, you'd use: `FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR` To repeat + some window daily (equivalent to the DailyMaintenanceWindow): + `FREQ=DAILY` For the first weekend of every month: + `FREQ=MONTHLY;BYSETPOS=1;BYDAY=SA,SU` This specifies how frequently + the window starts. Eg, if you wanted to have a 9-5 UTC-4 window + every weekday, you'd use something like: ``` start time = + 2019-01-01T09:00:00-0400 end time = 2019-01-01T17:00:00-0400 + recurrence = FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR ``` Windows can span + multiple days. Eg, to make the window encompass every weekend from + midnight Saturday till the last minute of Sunday UTC: ``` start time + = 2019-01-05T00:00:00Z end time = 2019-01-07T23:59:00Z recurrence = + FREQ=WEEKLY;BYDAY=SA ``` Note the start and end time's specific + dates are largely arbitrary except to specify duration of the window + and when it first starts. The FREQ values of HOURLY, MINUTELY, and + SECONDLY are not supported. + AutoMonitoringConfig: description: >- - ListUsableSubnetworksResponse is the response of - ListUsableSubnetworksRequest. + AutoMonitoringConfig defines the configuration for GKE Workload + Auto-Monitoring. type: object + id: AutoMonitoringConfig properties: - subnetworks: - description: A list of usable subnetworks in the specified network project. - type: array - items: - $ref: '#/components/schemas/UsableSubnetwork' - nextPageToken: - description: >- - This token allows you to get the next page of results for list - requests. If the number of results is larger than `page_size`, use - the `next_page_token` as a value for the query parameter - `page_token` in the next request. The value will become empty when - there are no more pages. + scope: + description: Scope for GKE Workload Auto-Monitoring. + enum: + - SCOPE_UNSPECIFIED + - ALL + - NONE type: string - UsableSubnetwork: - id: UsableSubnetwork - description: >- - UsableSubnetwork resource returns the subnetwork name, its associated - network and the primary CIDR range. + enumDescriptions: + - Not set. + - Auto-Monitoring is enabled for all supported applications. + - Disable Auto-Monitoring. + ComplianceStandard: type: object + id: ComplianceStandard properties: - subnetwork: - description: >- - Subnetwork Name. Example: - projects/my-project/regions/us-central1/subnetworks/my-subnet - type: string - network: - description: >- - Network Name. Example: - projects/my-project/global/networks/my-network + standard: type: string - ipCidrRange: - description: The range of internal addresses that are owned by this subnetwork. + description: Name of the compliance standard. + description: Defines the details of a compliance standard. + CostManagementConfig: + type: object + description: Configuration for fine-grained cost management feature. + id: CostManagementConfig + properties: + enabled: + type: boolean + description: Whether the feature is enabled or not. + NetworkPolicy: + properties: + enabled: + description: Whether network policy is enabled on the cluster. + type: boolean + provider: type: string - secondaryIpRanges: - description: Secondary IP ranges. - type: array + description: The selected network policy provider. + enum: + - PROVIDER_UNSPECIFIED + - CALICO + enumDescriptions: + - Not set + - Tigera (Calico Felix). + id: NetworkPolicy + type: object + description: >- + Configuration options for the NetworkPolicy feature. + https://kubernetes.io/docs/concepts/services-networking/networkpolicies/ + CertificateAuthorityDomainConfig: + properties: + fqdns: items: - $ref: '#/components/schemas/UsableSubnetworkSecondaryRange' - statusMessage: + type: string + type: array description: >- - A human readable status message representing the reasons for cases - where the caller cannot use the secondary ranges under the subnet. - For example if the secondary_ip_ranges is empty due to a permission - issue, an insufficient permission message will be given by - status_message. - type: string - UsableSubnetworkSecondaryRange: - id: UsableSubnetworkSecondaryRange - description: Secondary IP range of a usable subnetwork. + List of fully qualified domain names (FQDN). Specifying port is + supported. Wildcards are NOT supported. Examples: - + my.customdomain.com - 10.0.1.2:5000 + gcpSecretManagerCertificateConfig: + $ref: '#/components/schemas/GCPSecretManagerCertificateConfig' + description: Google Secret Manager (GCP) certificate configuration. + id: CertificateAuthorityDomainConfig type: object + description: >- + CertificateAuthorityDomainConfig configures one or more fully qualified + domain names (FQDN) to a specific certificate. + ReleaseChannel: properties: - rangeName: - description: >- - The name associated with this subnetwork secondary range, used when - adding an alias IP range to a VM instance. - type: string - ipCidrRange: - description: >- - The range of IP addresses belonging to this subnetwork secondary - range. + channel: type: string - status: + enum: + - UNSPECIFIED + - RAPID + - REGULAR + - STABLE + - EXTENDED description: >- - This field is to determine the status of the secondary range - programmably. - type: string + channel specifies which release channel the cluster is subscribed + to. enumDescriptions: + - No channel specified. - >- - UNKNOWN is the zero value of the Status enum. It's not a valid - status. - - UNUSED denotes that this range is unclaimed by any cluster. + RAPID channel is offered on an early access basis for customers + who want to test new releases. WARNING: Versions available in the + RAPID Channel may be subject to unresolved issues with no known + workaround and are not subject to any SLAs. - >- - IN_USE_SERVICE denotes that this range is claimed by cluster(s) - for services. User-managed services range can be shared between - clusters within the same subnetwork. + Clusters subscribed to REGULAR receive versions that are + considered GA quality. REGULAR is intended for production users + who want to take advantage of new features. - >- - IN_USE_SHAREABLE_POD denotes this range was created by the network - admin and is currently claimed by a cluster for pods. It can only - be used by other clusters as a pod range. + Clusters subscribed to STABLE receive versions that are known to + be stable and reliable in production. - >- - IN_USE_MANAGED_POD denotes this range was created by GKE and is - claimed for pods. It cannot be used for other clusters. - enum: - - UNKNOWN - - UNUSED - - IN_USE_SERVICE - - IN_USE_SHAREABLE_POD - - IN_USE_MANAGED_POD - CheckAutopilotCompatibilityResponse: - id: CheckAutopilotCompatibilityResponse - description: CheckAutopilotCompatibilityResponse has a list of compatibility issues. + Clusters subscribed to EXTENDED receive extended support and + availability for versions which are known to be stable and + reliable in production. + id: ReleaseChannel + description: >- + ReleaseChannel indicates which release channel a cluster is subscribed + to. Release channels are arranged in order of risk. When a cluster is + subscribed to a release channel, Google maintains both the master + version and the node version. Node auto-upgrade defaults to true and + cannot be disabled. type: object + RegistryHostConfig: + id: RegistryHostConfig properties: - issues: - description: The list of issues for the given operation. - type: array - items: - $ref: '#/components/schemas/AutopilotCompatibilityIssue' - summary: - description: The summary of the autopilot compatibility response. + server: type: string - AutopilotCompatibilityIssue: - id: AutopilotCompatibilityIssue + description: >- + Defines the host name of the registry server, which will be used to + create configuration file as /etc/containerd/hosts.d//hosts.toml. It + supports fully qualified domain names (FQDN) and IP addresses: + Specifying port is supported. Wildcards are NOT supported. Examples: + - my.customdomain.com - 10.0.1.2:5000 + hosts: + items: + $ref: '#/components/schemas/HostConfig' + type: array + description: >- + HostConfig configures a list of host-specific configurations for the + server. Each server can have at most 10 host configurations. description: >- - AutopilotCompatibilityIssue contains information about a specific - compatibility issue with Autopilot mode. + RegistryHostConfig configures the top-level structure for a single + containerd registry server's configuration, which represents one + hosts.toml file on the node. It will override the same fqdns in + PrivateRegistryAccessConfig. + type: object + AdditionalPodRangesConfig: type: object properties: - lastObservation: - description: The last time when this issue was observed. - type: string - format: google-datetime - constraintType: - description: The constraint type of the issue. - type: string - incompatibilityType: - description: The incompatibility type of this issue. - type: string - enumDescriptions: - - Default value, should not be used. - - >- - Indicates that the issue is a known incompatibility between the - cluster and Autopilot mode. - - >- - Indicates the issue is an incompatibility if customers take no - further action to resolve. - - >- - Indicates the issue is not an incompatibility, but depending on - the workloads business logic, there is a potential that they won't - work on Autopilot. - enum: - - UNSPECIFIED - - INCOMPATIBILITY - - ADDITIONAL_CONFIG_REQUIRED - - PASSED_WITH_OPTIONAL_CONFIG - subjects: - description: The name of the resources which are subject to this issue. - type: array + podRangeNames: items: type: string - documentationUrl: + type: array description: >- - A URL to a public documentation, which addresses resolving this - issue. + Name for pod secondary ipv4 range which has the actual range defined + ahead. + podRangeInfo: + type: array + description: Output only. Information for additional pod range. + readOnly: true + items: + $ref: '#/components/schemas/RangeInfo' + id: AdditionalPodRangesConfig + description: >- + AdditionalPodRangesConfig is the configuration for additional pod + secondary ranges supporting the ClusterUpdate message. + RotationConfig: + properties: + rotationInterval: + format: google-duration + description: >- + The interval between two consecutive rotations. Default rotation + interval is 2 minutes. type: string - description: - description: The description of the issue. + enabled: + description: Whether the rotation is enabled. + type: boolean + type: object + description: RotationConfig is config for secret manager auto rotation. + id: RotationConfig + ClusterNetworkPerformanceConfig: + type: object + description: Configuration of network bandwidth tiers + properties: + totalEgressBandwidthTier: + enum: + - TIER_UNSPECIFIED + - TIER_1 + enumDescriptions: + - Default value + - Higher bandwidth, actual values based on VM size. type: string - ClusterUpgradeInfo: - id: ClusterUpgradeInfo - description: ClusterUpgradeInfo contains the upgrade information of a cluster. + description: >- + Specifies the total network bandwidth tier for NodePools in the + cluster. + id: ClusterNetworkPerformanceConfig + EvictionSignals: + id: EvictionSignals type: object + description: >- + Eviction signals are the current state of a particular resource at a + specific point in time. The kubelet uses eviction signals to make + eviction decisions by comparing the signals to eviction thresholds, + which are the minimum amount of the resource that should be available on + the node. properties: - minorTargetVersion: - description: minor_target_version indicates the target version for minor upgrade. + memoryAvailable: + description: >- + Optional. Memory available (i.e. capacity - workingSet), in bytes. + Defines the amount of "memory.available" signal in kubelet. Default + is unset, if not specified in the kubelet config. Format: positive + number + unit, e.g. 100Ki, 10Mi, 5Gi. Valid units are Ki, Mi, Gi. + Must be >= 100Mi and <= 50% of the node's memory. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals type: string - patchTargetVersion: - description: patch_target_version indicates the target version for patch upgrade. + imagefsInodesFree: + description: >- + Optional. Amount of inodes available on filesystem that container + runtime uses for storing images layers. Defines the amount of + "imagefs.inodesFree" signal in kubelet. Default is unset, if not + specified in the kubelet config. Linux only. It takses percentage + value for now. Sample format: "30%". Must be >= 5% and <= 50%. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals type: string - autoUpgradeStatus: - description: The auto upgrade status. - type: array - items: - type: string - enumDescriptions: - - UNKNOWN indicates an unknown status. - - ACTIVE indicates an active status. - - >- - MINOR_UPGRADE_PAUSED indicates the minor version upgrade is - paused. - - UPGRADE_PAUSED indicates the upgrade is paused. - enum: - - UNKNOWN - - ACTIVE - - MINOR_UPGRADE_PAUSED - - UPGRADE_PAUSED - pausedReason: - description: The auto upgrade paused reason. - type: array - items: - type: string - enumDescriptions: - - >- - AUTO_UPGRADE_PAUSED_REASON_UNSPECIFIED indicates an unspecified - reason. - - >- - MAINTENANCE_WINDOW indicates the cluster is outside customer - maintenance window. - - >- - MAINTENANCE_EXCLUSION_NO_UPGRADES indicates the cluster is in a - maintenance exclusion with scope NO_UPGRADES. - - >- - MAINTENANCE_EXCLUSION_NO_MINOR_UPGRADES indicates the cluster is - in a maintenance exclusion with scope NO_MINOR_UPGRADES. - - >- - CLUSTER_DISRUPTION_BUDGET indicates the cluster is outside the - cluster disruption budget. - - >- - CLUSTER_DISRUPTION_BUDGET_MINOR_UPGRADE indicates the cluster is - outside the cluster disruption budget for minor version upgrade. - - >- - SYSTEM_CONFIG indicates the cluster upgrade is paused by system - config. - enum: - - AUTO_UPGRADE_PAUSED_REASON_UNSPECIFIED - - MAINTENANCE_WINDOW - - MAINTENANCE_EXCLUSION_NO_UPGRADES - - MAINTENANCE_EXCLUSION_NO_MINOR_UPGRADES - - CLUSTER_DISRUPTION_BUDGET - - CLUSTER_DISRUPTION_BUDGET_MINOR_UPGRADE - - SYSTEM_CONFIG - upgradeDetails: - description: The list of past auto upgrades. - type: array - items: - $ref: '#/components/schemas/UpgradeDetails' - endOfStandardSupportTimestamp: + nodefsInodesFree: + description: >- + Optional. Amount of inodes available on filesystem that kubelet uses + for volumes, daemon logs, etc. Defines the amount of + "nodefs.inodesFree" signal in kubelet. Default is unset, if not + specified in the kubelet config. Linux only. It takses percentage + value for now. Sample format: "30%". Must be >= 5% and <= 50%. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + type: string + nodefsAvailable: description: >- - The cluster's current minor version's end of standard support - timestamp. + Optional. Amount of storage available on filesystem that kubelet + uses for volumes, daemon logs, etc. Defines the amount of + "nodefs.available" signal in kubelet. Default is unset, if not + specified in the kubelet config. It takses percentage value for now. + Sample format: "30%". Must be >= 10% and <= 50%. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + type: string + pidAvailable: type: string - endOfExtendedSupportTimestamp: description: >- - The cluster's current minor version's end of extended support - timestamp. + Optional. Amount of PID available for pod allocation. Defines the + amount of "pid.available" signal in kubelet. Default is unset, if + not specified in the kubelet config. It takses percentage value for + now. Sample format: "30%". Must be >= 10% and <= 50%. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + imagefsAvailable: type: string - UpgradeDetails: - id: UpgradeDetails + description: >- + Optional. Amount of storage available on filesystem that container + runtime uses for storing images layers. If the container filesystem + and image filesystem are not separate, then imagefs can store both + image layers and writeable layers. Defines the amount of + "imagefs.available" signal in kubelet. Default is unset, if not + specified in the kubelet config. It takses percentage value for now. + Sample format: "30%". Must be >= 15% and <= 50%. See + https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/#eviction-signals + VerticalPodAutoscaling: + type: object + id: VerticalPodAutoscaling description: >- - UpgradeDetails contains detailed information of each individual upgrade - operation. + VerticalPodAutoscaling contains global, per-cluster information required + by Vertical Pod Autoscaler to automatically adjust the resources of pods + controlled by it. + properties: + enabled: + type: boolean + description: Enables vertical pod autoscaling. + LoggingVariantConfig: + properties: + variant: + enum: + - VARIANT_UNSPECIFIED + - DEFAULT + - MAX_THROUGHPUT + type: string + description: Logging variant deployed on nodes. + enumDescriptions: + - Default value. This shouldn't be used. + - default logging variant. + - maximum logging throughput variant. + description: LoggingVariantConfig specifies the behaviour of the logging component. + id: LoggingVariantConfig type: object + GatewayAPIConfig: + description: >- + GatewayAPIConfig contains the desired config of Gateway API on this + cluster. properties: - state: - description: Output only. The state of the upgrade. - readOnly: true + channel: type: string enumDescriptions: - - Upgrade state is unknown. - - Upgrade has failed with an error. - - Upgrade has succeeded. - - Upgrade has been canceled. - - Upgrade is running. + - Default value. + - Gateway API support is disabled + - >- + Deprecated: use CHANNEL_STANDARD instead. Gateway API support is + enabled, experimental CRDs are installed + - Gateway API support is enabled, standard CRDs are installed enum: - - UNKNOWN - - FAILED - - SUCCEEDED - - CANCELED - - RUNNING - startTime: - description: The start timestamp of the upgrade. + - CHANNEL_UNSPECIFIED + - CHANNEL_DISABLED + - CHANNEL_EXPERIMENTAL + - CHANNEL_STANDARD + enumDeprecated: + - false + - false + - true + - false + description: The Gateway API release channel to use for Gateway API. + type: object + id: GatewayAPIConfig + SetNodePoolSizeRequest: + type: object + id: SetNodePoolSizeRequest + properties: + clusterId: + description: >- + Deprecated. The name of the cluster to update. This field has been + deprecated and replaced by the name field. + deprecated: true type: string - format: google-datetime - endTime: - description: The end timestamp of the upgrade. + name: + description: >- + The name (project, location, cluster, node pool id) of the node pool + to set size. Specified in the format + `projects/*/locations/*/clusters/*/nodePools/*`. type: string - format: google-datetime - initialVersion: - description: The version before the upgrade. + zone: type: string - targetVersion: - description: The version after the upgrade. + description: >- + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and + replaced by the name field. + deprecated: true + nodePoolId: + deprecated: true + description: >- + Deprecated. The name of the node pool to update. This field has been + deprecated and replaced by the name field. type: string - startType: - description: The start type of the upgrade. + nodeCount: + type: integer + description: Required. The desired node count for the pool. + format: int32 + projectId: + description: >- + Deprecated. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + This field has been deprecated and replaced by the name field. type: string - enumDescriptions: - - Upgrade start type is unspecified. - - Upgrade started automatically. - - Upgrade started manually. - enum: - - START_TYPE_UNSPECIFIED - - AUTOMATIC - - MANUAL - NodePoolUpgradeInfo: - id: NodePoolUpgradeInfo - description: NodePoolUpgradeInfo contains the upgrade information of a nodepool. - type: object + deprecated: true + description: SetNodePoolSizeRequest sets the size of a node pool. + GetJSONWebKeysResponse: + id: GetJSONWebKeysResponse + description: >- + GetJSONWebKeysResponse is a valid JSON Web Key Set as specified in rfc + 7517 properties: - minorTargetVersion: - description: minor_target_version indicates the target version for minor upgrade. - type: string - patchTargetVersion: - description: patch_target_version indicates the target version for patch upgrade. - type: string - autoUpgradeStatus: - description: The auto upgrade status. - type: array - items: - type: string - enumDescriptions: - - UNKNOWN indicates an unknown status. - - ACTIVE indicates an active status. - - >- - MINOR_UPGRADE_PAUSED indicates the minor version upgrade is - paused. - - UPGRADE_PAUSED indicates the upgrade is paused. - enum: - - UNKNOWN - - ACTIVE - - MINOR_UPGRADE_PAUSED - - UPGRADE_PAUSED - pausedReason: - description: The auto upgrade paused reason. + cacheHeader: + description: >- + For HTTP requests, this field is automatically extracted into the + Cache-Control HTTP header. + $ref: '#/components/schemas/HttpCacheControlResponseHeader' + keys: + description: >- + The public component of the keys used by the cluster to sign token + requests. type: array items: - type: string - enumDescriptions: - - >- - AUTO_UPGRADE_PAUSED_REASON_UNSPECIFIED indicates an unspecified - reason. - - >- - MAINTENANCE_WINDOW indicates the cluster is outside customer - maintenance window. - - >- - MAINTENANCE_EXCLUSION_NO_UPGRADES indicates the cluster is in a - maintenance exclusion with scope NO_UPGRADES. - - >- - MAINTENANCE_EXCLUSION_NO_MINOR_UPGRADES indicates the cluster is - in a maintenance exclusion with scope NO_MINOR_UPGRADES. - - >- - SYSTEM_CONFIG indicates the cluster upgrade is paused by system - config. - enum: - - AUTO_UPGRADE_PAUSED_REASON_UNSPECIFIED - - MAINTENANCE_WINDOW - - MAINTENANCE_EXCLUSION_NO_UPGRADES - - MAINTENANCE_EXCLUSION_NO_MINOR_UPGRADES - - SYSTEM_CONFIG - upgradeDetails: - description: The list of past auto upgrades. - type: array + $ref: '#/components/schemas/Jwk' + type: object + RayOperatorConfig: + type: object + description: Configuration options for the Ray Operator add-on. + properties: + enabled: + description: Whether the Ray Operator addon is enabled for this cluster. + type: boolean + rayClusterLoggingConfig: + $ref: '#/components/schemas/RayClusterLoggingConfig' + description: Optional. Logging configuration for Ray clusters. + rayClusterMonitoringConfig: + description: Optional. Monitoring configuration for Ray clusters. + $ref: '#/components/schemas/RayClusterMonitoringConfig' + id: RayOperatorConfig + MasterAuthorizedNetworksConfig: + type: object + description: >- + Configuration options for the master authorized networks feature. + Enabled master authorized networks will disallow all external traffic to + access Kubernetes master through HTTPS except traffic from the given + CIDR blocks, Google Compute Engine Public IPs and Google Prod IPs. + properties: + enabled: + description: Whether or not master authorized networks is enabled. + type: boolean + gcpPublicCidrsAccessEnabled: + type: boolean + description: >- + Whether master is accessible via Google Compute Engine Public IP + addresses. + cidrBlocks: items: - $ref: '#/components/schemas/UpgradeDetails' - endOfStandardSupportTimestamp: + $ref: '#/components/schemas/CidrBlock' + type: array description: >- - The nodepool's current minor version's end of standard support - timestamp. - type: string - endOfExtendedSupportTimestamp: + cidr_blocks define up to 50 external networks that could access + Kubernetes master through HTTPS. + privateEndpointEnforcementEnabled: description: >- - The nodepool's current minor version's end of extended support - timestamp. - type: string - UpgradeEvent: - id: UpgradeEvent + Whether master authorized networks is enforced on private endpoint + or not. + type: boolean + id: MasterAuthorizedNetworksConfig + Filter: + type: object + properties: + eventType: + type: array + items: + type: string + enumDescriptions: + - Not set, will be ignored. + - Corresponds with UpgradeAvailableEvent. + - Corresponds with UpgradeEvent. + - Corresponds with SecurityBulletinEvent. + - Corresponds with UpgradeInfoEvent. + enum: + - EVENT_TYPE_UNSPECIFIED + - UPGRADE_AVAILABLE_EVENT + - UPGRADE_EVENT + - SECURITY_BULLETIN_EVENT + - UPGRADE_INFO_EVENT + description: Event types to allowlist. description: >- - UpgradeEvent is a notification sent to customers by the cluster server - when a resource is upgrading. + Allows filtering to one or more specific event types. If event types are + present, those and only those event types will be transmitted to the + cluster. Other types will be skipped. If no filter is specified, or no + event types are present, all event types will be sent + id: Filter + NodeConfigDefaults: + description: Subset of NodeConfig message that has defaults. type: object properties: - resourceType: - description: The resource type that is upgrading. - type: string - enumDescriptions: - - Default value. This shouldn't be used. - - Master / control plane - - Node pool - enum: - - UPGRADE_RESOURCE_TYPE_UNSPECIFIED - - MASTER - - NODE_POOL - operation: - description: The operation associated with this upgrade. - type: string - operationStartTime: - description: The time when the operation was started. - type: string - format: google-datetime - currentVersion: - description: The current version before the upgrade. - type: string - targetVersion: - description: The target version for the upgrade. - type: string - resource: + nodeKubeletConfig: + $ref: '#/components/schemas/NodeKubeletConfig' description: >- - Optional relative path to the resource. For example in node pool - upgrades, the relative path of the node pool. - type: string - UpgradeInfoEvent: - id: UpgradeInfoEvent - description: >- - UpgradeInfoEvent is a notification sent to customers about the upgrade - information of a resource. + NodeKubeletConfig controls the defaults for new node-pools. + Currently only `insecure_kubelet_readonly_port_enabled` can be set + here. + loggingConfig: + $ref: '#/components/schemas/NodePoolLoggingConfig' + description: Logging configuration for node pools. + gcfsConfig: + $ref: '#/components/schemas/GcfsConfig' + description: GCFS (Google Container File System, also known as Riptide) options. + containerdConfig: + description: Parameters for containerd customization. + $ref: '#/components/schemas/ContainerdConfig' + id: NodeConfigDefaults + NetworkPolicyConfig: type: object + description: >- + Configuration for NetworkPolicy. This only tracks whether the addon is + enabled or not on the Master, it does not track whether network policy + is enabled for the nodes. + id: NetworkPolicyConfig properties: - resourceType: - description: The resource type associated with the upgrade. - type: string - enumDescriptions: - - Default value. This shouldn't be used. - - Master / control plane - - Node pool - enum: - - UPGRADE_RESOURCE_TYPE_UNSPECIFIED - - MASTER - - NODE_POOL - operation: - description: The operation associated with this upgrade. - type: string - startTime: - description: The time when the operation was started. + disabled: + type: boolean + description: Whether NetworkPolicy is enabled for this cluster. + SetMonitoringServiceRequest: + id: SetMonitoringServiceRequest + description: SetMonitoringServiceRequest sets the monitoring service of a cluster. + properties: + monitoringService: type: string - format: google-datetime - endTime: - description: The time when the operation ended. + description: >- + Required. The monitoring service the cluster should use to write + metrics. Currently available options: * + `monitoring.googleapis.com/kubernetes` - The Cloud Monitoring + service with a Kubernetes-native resource model * + `monitoring.googleapis.com` - The legacy Cloud Monitoring service + (no longer available as of GKE 1.15). * `none` - No metrics will be + exported from the cluster. If left as an empty + string,`monitoring.googleapis.com/kubernetes` will be used for GKE + 1.14+ or `monitoring.googleapis.com` for earlier versions. + clusterId: + description: >- + Deprecated. The name of the cluster to upgrade. This field has been + deprecated and replaced by the name field. + deprecated: true type: string - format: google-datetime - currentVersion: - description: The current version before the upgrade. + name: + description: >- + The name (project, location, cluster) of the cluster to set + monitoring. Specified in the format + `projects/*/locations/*/clusters/*`. type: string - targetVersion: - description: The target version for the upgrade. + projectId: type: string - resource: + deprecated: true description: >- - Optional relative path to the resource. For example in node pool - upgrades, the relative path of the node pool. + Deprecated. The Google Developers Console [project ID or project + number](https://cloud.google.com/resource-manager/docs/creating-managing-projects). + This field has been deprecated and replaced by the name field. + zone: + description: >- + Deprecated. The name of the Google Compute Engine + [zone](https://cloud.google.com/compute/docs/zones#available) in + which the cluster resides. This field has been deprecated and + replaced by the name field. type: string - state: - description: Output only. The state of the upgrade. - readOnly: true + deprecated: true + type: object + CertificateConfig: + description: CertificateConfig configures certificate for the registry. + properties: + gcpSecretManagerSecretUri: + description: >- + The URI configures a secret from [Secret + Manager](https://cloud.google.com/secret-manager) in the format + "projects/$PROJECT_ID/secrets/$SECRET_NAME/versions/$VERSION" for + global secret or + "projects/$PROJECT_ID/locations/$REGION/secrets/$SECRET_NAME/versions/$VERSION" + for regional secret. Version can be fixed (e.g. "2") or "latest" type: string - enumDescriptions: - - STATE_UNSPECIFIED indicates the state is unspecified. - - STARTED indicates the upgrade has started. - - SUCCEEDED indicates the upgrade has completed successfully. - - FAILED indicates the upgrade has failed. - - CANCELED indicates the upgrade has canceled. + id: CertificateConfig + type: object + K8sBetaAPIConfig: + type: object + properties: + enabledApis: + type: array + description: Enabled k8s beta APIs. + items: + type: string + id: K8sBetaAPIConfig + description: K8sBetaAPIConfig , configuration for beta APIs + AdvancedDatapathObservabilityConfig: + type: object + id: AdvancedDatapathObservabilityConfig + properties: + enableMetrics: + description: Expose flow metrics on nodes + type: boolean + enableRelay: + type: boolean + description: Enable Relay component + relayMode: enum: - - STATE_UNSPECIFIED - - STARTED - - SUCCEEDED - - FAILED - - CANCELED - standardSupportEndTime: - description: The end of standard support timestamp. - type: string - format: google-datetime - extendedSupportEndTime: - description: The end of extended support timestamp. - type: string - format: google-datetime - description: - description: A brief description of the event. - type: string - eventType: - description: The type of the event. - type: string + - RELAY_MODE_UNSPECIFIED + - DISABLED + - INTERNAL_VPC_LB + - EXTERNAL_LB + description: Method used to make Relay available enumDescriptions: - - EVENT_TYPE_UNSPECIFIED indicates the event type is unspecified. - - >- - END_OF_SUPPORT indicates GKE version reaches end of support, check - standard_support_end_time and extended_support_end_time for more - details. - - >- - COS_MILESTONE_VERSION_UPDATE indicates that the COS node image - will update COS milestone version for new patch versions starting - with the one in the description. - - >- - UPGRADE_LIFECYCLE indicates the event is about the upgrade - lifecycle. + - Default value. This shouldn't be used. + - disabled + - exposed via internal load balancer + - exposed via external load balancer + type: string + description: >- + AdvancedDatapathObservabilityConfig specifies configuration of + observability features of advanced datapath. + SecondaryBootDisk: + properties: + mode: + description: Disk mode (container image cache, etc.) enum: - - EVENT_TYPE_UNSPECIFIED - - END_OF_SUPPORT - - COS_MILESTONE_VERSION_UPDATE - - UPGRADE_LIFECYCLE - UpgradeAvailableEvent: - id: UpgradeAvailableEvent + - MODE_UNSPECIFIED + - CONTAINER_IMAGE_CACHE + enumDescriptions: + - MODE_UNSPECIFIED is when mode is not set. + - >- + CONTAINER_IMAGE_CACHE is for using the secondary boot disk as a + container image cache. + type: string + diskImage: + description: Fully-qualified resource ID for an existing disk image. + type: string + id: SecondaryBootDisk description: >- - UpgradeAvailableEvent is a notification sent to customers when a new - available version is released. + SecondaryBootDisk represents a persistent disk attached to a node with + special configurations based on its mode. + type: object + MemoryManager: + id: MemoryManager type: object + description: >- + The option enables the Kubernetes NUMA-aware Memory Manager feature. + Detailed description about the feature can be found + [here](https://kubernetes.io/docs/tasks/administer-cluster/memory-manager/). properties: - version: - description: The release version available for upgrade. - type: string - resourceType: - description: The resource type of the release version. + policy: type: string - enumDescriptions: - - Default value. This shouldn't be used. - - Master / control plane - - Node pool - enum: - - UPGRADE_RESOURCE_TYPE_UNSPECIFIED - - MASTER - - NODE_POOL - releaseChannel: - description: >- - The release channel of the version. If empty, it means a non-channel - release. - $ref: '#/components/schemas/ReleaseChannel' - resource: description: >- - Optional relative path to the resource. For example, the relative - path of the node pool. - type: string - SecurityBulletinEvent: - id: SecurityBulletinEvent + Controls the memory management policy on the Node. See + https://kubernetes.io/docs/tasks/administer-cluster/memory-manager/#policies + The following values are allowed. * "none" * "static" The default + value is 'none' if unspecified. + ControlPlaneEndpointsConfig: + id: ControlPlaneEndpointsConfig + type: object + properties: + dnsEndpointConfig: + $ref: '#/components/schemas/DNSEndpointConfig' + description: DNS endpoint configuration. + ipEndpointsConfig: + $ref: '#/components/schemas/IPEndpointsConfig' + description: IP endpoints configuration. + description: Configuration for all of the cluster's control plane endpoints. + AutopilotConfig: + properties: + enabled: + type: boolean + description: Denotes that nodes belonging to this node pool are Autopilot nodes. description: >- - SecurityBulletinEvent is a notification sent to customers when a - security bulletin has been posted that they are vulnerable to. + AutopilotConfig contains configuration of autopilot feature for this + nodepool. + id: AutopilotConfig type: object + ClusterAutoscaling: + description: >- + ClusterAutoscaling contains global, per-cluster information required by + Cluster Autoscaler to automatically adjust the size of the cluster and + create/delete node pools based on the current needs. properties: - resourceTypeAffected: - description: >- - The resource type (node/control plane) that has the vulnerability. - Multiple notifications (1 notification per resource type) will be - sent for a vulnerability that affects > 1 resource type. - type: string - bulletinId: - description: The ID of the bulletin corresponding to the vulnerability. - type: string - cveIds: - description: The CVEs associated with this bulletin. + resourceLimits: type: array items: - type: string - severity: - description: The severity of this bulletin as it relates to GKE. - type: string - bulletinUri: - description: The URI link to the bulletin on the website for more information. - type: string - briefDescription: + $ref: '#/components/schemas/ResourceLimit' description: >- - A brief description of the bulletin. See the bulletin pointed to by - the bulletin_uri field for an expanded description. - type: string - affectedSupportedMinors: - description: The GKE minor versions affected by this vulnerability. - type: array - items: - type: string - patchedVersions: - description: The GKE versions where this vulnerability is patched. + Contains global constraints regarding minimum and maximum amount of + resources in the cluster. + autoprovisioningNodePoolDefaults: + description: >- + AutoprovisioningNodePoolDefaults contains defaults for a node pool + created by NAP. + $ref: '#/components/schemas/AutoprovisioningNodePoolDefaults' + autoprovisioningLocations: type: array + description: >- + The list of Google Compute Engine + [zones](https://cloud.google.com/compute/docs/zones#available) in + which the NodePool's nodes can be created by NAP. items: type: string - suggestedUpgradeTarget: - description: >- - This represents a version selected from the patched_versions field - that the cluster receiving this notification should most likely want - to upgrade to based on its current version. Note that if this - notification is being received by a given cluster, it means that - this version is currently available as an upgrade target in that - cluster's location. + defaultComputeClassConfig: + description: Default compute class is a configuration for default compute class. + $ref: '#/components/schemas/DefaultComputeClassConfig' + autoscalingProfile: + enumDescriptions: + - No change to autoscaling configuration. + - Prioritize optimizing utilization of resources. + - Use default (balanced) autoscaling configuration. + enum: + - PROFILE_UNSPECIFIED + - OPTIMIZE_UTILIZATION + - BALANCED type: string - manualStepsRequired: - description: >- - If this field is specified, it means there are manual steps that the - user must take to make their clusters safe. + description: Defines autoscaling behaviour. + enableNodeAutoprovisioning: type: boolean - mitigatedVersions: - description: The GKE versions where this vulnerability is mitigated. - type: array - items: - type: string + description: Enables automatic node pool creation and deletion. + id: ClusterAutoscaling + type: object parameters: - access_token: - description: OAuth access token. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: access_token + name: quotaUser schema: type: string alt: @@ -7594,13 +7927,16 @@ components: name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + access_token: + description: OAuth access token. in: query - name: key + name: access_token + schema: + type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType schema: type: string oauth_token: @@ -7609,42 +7945,36 @@ components: name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + _.xgafv: + description: V1 error format. in: query - name: prettyPrint + name: $.xgafv schema: - type: boolean - quotaUser: + type: string + enum: + - '1' + - '2' + key: description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: quotaUser + name: key schema: type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean upload_protocol: description: Upload protocol for media (e.g. "raw", "multipart"). in: query name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - _.xgafv: - description: V1 error format. - in: query - name: $.xgafv - schema: - type: string - enum: - - '1' - - '2' x-stackQL-resources: server_config: id: google.container.server_config @@ -7666,539 +7996,539 @@ components: update: [] replace: [] delete: [] - clusters: - id: google.container.clusters - name: clusters - title: Clusters + node_pools: + id: google.container.node_pools + name: node_pools + title: Node_pools methods: - projects_locations_clusters_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.clusters - projects_locations_clusters_create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_clusters_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_clusters_update: + projects_locations_clusters_node_pools_set_size: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}/put + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}:setSize/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_delete: + projects_locations_clusters_node_pools_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_set_logging: + projects_locations_clusters_node_pools_update: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setLogging/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}/put response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_set_monitoring: + projects_locations_clusters_node_pools_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setMonitoring/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_set_addons: + projects_locations_clusters_node_pools_complete_upgrade: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setAddons/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}:completeUpgrade/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_set_locations: + projects_locations_clusters_node_pools_set_management: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setLocations/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}:setManagement/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_update_master: + projects_locations_clusters_node_pools_set_autoscaling: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:updateMaster/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}:setAutoscaling/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_set_master_auth: + projects_locations_clusters_node_pools_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setMasterAuth/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_set_resource_labels: + projects_locations_clusters_node_pools_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setResourceLabels/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_set_legacy_abac: + projects_locations_clusters_node_pools_rollback: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setLegacyAbac/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}:rollback/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_start_ip_rotation: + projects_zones_clusters_node_pools_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:startIpRotation/post + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools~1{nodePoolId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_complete_ip_rotation: + projects_zones_clusters_node_pools_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:completeIpRotation/post + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools~1{nodePoolId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_set_network_policy: + projects_zones_clusters_node_pools_update: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setNetworkPolicy/post + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools~1{nodePoolId}~1update/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_set_maintenance_policy: + projects_zones_clusters_node_pools_autoscaling: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setMaintenancePolicy/post + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools~1{nodePoolId}~1autoscaling/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_check_autopilot_compatibility: + projects_zones_clusters_node_pools_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:checkAutopilotCompatibility/get + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_list: + projects_zones_clusters_node_pools_list: operation: - $ref: '#/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters/get' + $ref: >- + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools/get response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_create: + projects_zones_clusters_node_pools_rollback: operation: - $ref: '#/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters/post' + $ref: >- + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools~1{nodePoolId}:rollback/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_get: + projects_zones_clusters_node_pools_set_size: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}/get + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools~1{nodePoolId}~1setSize/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_update: + projects_zones_clusters_node_pools_set_management: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}/put + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools~1{nodePoolId}~1setManagement/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_delete: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/node_pools/methods/projects_locations_clusters_node_pools_get + - $ref: >- + #/components/x-stackQL-resources/node_pools/methods/projects_zones_clusters_node_pools_get + - $ref: >- + #/components/x-stackQL-resources/node_pools/methods/projects_locations_clusters_node_pools_list + - $ref: >- + #/components/x-stackQL-resources/node_pools/methods/projects_zones_clusters_node_pools_list + insert: + - $ref: >- + #/components/x-stackQL-resources/node_pools/methods/projects_locations_clusters_node_pools_create + - $ref: >- + #/components/x-stackQL-resources/node_pools/methods/projects_zones_clusters_node_pools_create + update: + - $ref: >- + #/components/x-stackQL-resources/node_pools/methods/projects_zones_clusters_node_pools_update + replace: + - $ref: >- + #/components/x-stackQL-resources/node_pools/methods/projects_locations_clusters_node_pools_update + delete: + - $ref: >- + #/components/x-stackQL-resources/node_pools/methods/projects_locations_clusters_node_pools_delete + - $ref: >- + #/components/x-stackQL-resources/node_pools/methods/projects_zones_clusters_node_pools_delete + node_pool_upgrade_info: + id: google.container.node_pool_upgrade_info + name: node_pool_upgrade_info + title: Node_pool_upgrade_info + methods: + projects_locations_clusters_node_pools_fetch_node_pool_upgrade_info: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}:fetchNodePoolUpgradeInfo/get response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_logging: + projects_zones_clusters_node_pools_fetch_node_pool_upgrade_info: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1logging/post + #/paths/~1v1~1projects~1{projectsId}~1zones~1{zonesId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}:fetchNodePoolUpgradeInfo/get response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_monitoring: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/node_pool_upgrade_info/methods/projects_locations_clusters_node_pools_fetch_node_pool_upgrade_info + - $ref: >- + #/components/x-stackQL-resources/node_pool_upgrade_info/methods/projects_zones_clusters_node_pools_fetch_node_pool_upgrade_info + insert: [] + update: [] + replace: [] + delete: [] + well_known_openid_configuration: + id: google.container.well_known_openid_configuration + name: well_known_openid_configuration + title: Well_known_openid_configuration + methods: + projects_locations_clusters_well-known_get_openid-configuration: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1monitoring/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1.well-known~1openid-configuration/get response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_addons: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/well_known_openid_configuration/methods/projects_locations_clusters_well-known_get_openid-configuration + insert: [] + update: [] + replace: [] + delete: [] + clusters: + id: google.container.clusters + name: clusters + title: Clusters + methods: + projects_locations_clusters_complete_ip_rotation: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1addons/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:completeIpRotation/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_locations: + projects_locations_clusters_set_locations: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1locations/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setLocations/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_master: + projects_locations_clusters_update: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1master/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}/put response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_set_master_auth: + projects_locations_clusters_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}:setMasterAuth/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_resource_labels: + projects_locations_clusters_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1resourceLabels/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_legacy_abac: + projects_locations_clusters_update_master: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1legacyAbac/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:updateMaster/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_start_ip_rotation: + projects_locations_clusters_check_autopilot_compatibility: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}:startIpRotation/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:checkAutopilotCompatibility/get response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_complete_ip_rotation: + projects_locations_clusters_set_resource_labels: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}:completeIpRotation/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setResourceLabels/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_set_network_policy: + projects_locations_clusters_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}:setNetworkPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_set_maintenance_policy: + projects_locations_clusters_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}:setMaintenancePolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/clusters/methods/projects_locations_clusters_get - - $ref: >- - #/components/x-stackQL-resources/clusters/methods/projects_zones_clusters_get - - $ref: >- - #/components/x-stackQL-resources/clusters/methods/projects_locations_clusters_list - - $ref: >- - #/components/x-stackQL-resources/clusters/methods/projects_zones_clusters_list - insert: - - $ref: >- - #/components/x-stackQL-resources/clusters/methods/projects_locations_clusters_create - - $ref: >- - #/components/x-stackQL-resources/clusters/methods/projects_zones_clusters_create - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/clusters/methods/projects_locations_clusters_update - - $ref: >- - #/components/x-stackQL-resources/clusters/methods/projects_zones_clusters_update - delete: - - $ref: >- - #/components/x-stackQL-resources/clusters/methods/projects_locations_clusters_delete - - $ref: >- - #/components/x-stackQL-resources/clusters/methods/projects_zones_clusters_delete - clusters_jwks: - id: google.container.clusters_jwks - name: clusters_jwks - title: Clusters_jwks - methods: - projects_locations_clusters_get_jwks: + objectKey: $.clusters + projects_locations_clusters_set_master_auth: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1jwks/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setMasterAuth/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/clusters_jwks/methods/projects_locations_clusters_get_jwks - insert: [] - update: [] - replace: [] - delete: [] - cluster_upgrade_info: - id: google.container.cluster_upgrade_info - name: cluster_upgrade_info - title: Cluster_upgrade_info - methods: - projects_locations_clusters_fetch_cluster_upgrade_info: + projects_locations_clusters_set_logging: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:fetchClusterUpgradeInfo/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setLogging/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_fetch_cluster_upgrade_info: + projects_locations_clusters_set_monitoring: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1zones~1{zonesId}~1clusters~1{clustersId}:fetchClusterUpgradeInfo/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setMonitoring/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/cluster_upgrade_info/methods/projects_locations_clusters_fetch_cluster_upgrade_info - - $ref: >- - #/components/x-stackQL-resources/cluster_upgrade_info/methods/projects_zones_clusters_fetch_cluster_upgrade_info - insert: [] - update: [] - replace: [] - delete: [] - node_pools: - id: google.container.node_pools - name: node_pools - title: Node_pools - methods: - projects_locations_clusters_node_pools_update: + projects_locations_clusters_set_addons: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setAddons/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_clusters_set_maintenance_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}/put + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setMaintenancePolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_node_pools_get: + projects_locations_clusters_start_ip_rotation: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:startIpRotation/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_node_pools_delete: + projects_locations_clusters_set_network_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setNetworkPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_node_pools_set_autoscaling: + projects_locations_clusters_set_legacy_abac: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}:setAutoscaling/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:setLegacyAbac/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_node_pools_list: + projects_zones_clusters_set_maintenance_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools/get + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}:setMaintenancePolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_node_pools_create: + projects_zones_clusters_set_network_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools/post + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}:setNetworkPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_node_pools_complete_upgrade: + projects_zones_clusters_set_master_auth: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}:completeUpgrade/post + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}:setMasterAuth/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_node_pools_rollback: + projects_zones_clusters_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}:rollback/post + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_node_pools_set_management: + projects_zones_clusters_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}:setManagement/post + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clusters_node_pools_set_size: + projects_zones_clusters_update: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}:setSize/post + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}/put response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_node_pools_update: + projects_zones_clusters_logging: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools~1{nodePoolId}~1update/post + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1logging/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_node_pools_autoscaling: + projects_zones_clusters_master: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools~1{nodePoolId}~1autoscaling/post + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1master/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_node_pools_list: + projects_zones_clusters_monitoring: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools/get + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1monitoring/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_node_pools_create: + projects_zones_clusters_resource_labels: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools/post + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1resourceLabels/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_node_pools_get: + projects_zones_clusters_create: + operation: + $ref: '#/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters/post' + response: + mediaType: application/json + openAPIDocKey: '200' + projects_zones_clusters_list: + operation: + $ref: '#/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters/get' + response: + mediaType: application/json + openAPIDocKey: '200' + projects_zones_clusters_complete_ip_rotation: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools~1{nodePoolId}/get + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}:completeIpRotation/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_node_pools_delete: + projects_zones_clusters_legacy_abac: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools~1{nodePoolId}/delete + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1legacyAbac/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_node_pools_rollback: + projects_zones_clusters_addons: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools~1{nodePoolId}:rollback/post + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1addons/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_node_pools_set_management: + projects_zones_clusters_locations: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools~1{nodePoolId}~1setManagement/post + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1locations/post response: mediaType: application/json openAPIDocKey: '200' - projects_zones_clusters_node_pools_set_size: + projects_zones_clusters_start_ip_rotation: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}~1nodePools~1{nodePoolId}~1setSize/post + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1clusters~1{clusterId}:startIpRotation/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/node_pools/methods/projects_locations_clusters_node_pools_get + #/components/x-stackQL-resources/clusters/methods/projects_locations_clusters_get - $ref: >- - #/components/x-stackQL-resources/node_pools/methods/projects_zones_clusters_node_pools_get + #/components/x-stackQL-resources/clusters/methods/projects_zones_clusters_get - $ref: >- - #/components/x-stackQL-resources/node_pools/methods/projects_locations_clusters_node_pools_list + #/components/x-stackQL-resources/clusters/methods/projects_locations_clusters_list - $ref: >- - #/components/x-stackQL-resources/node_pools/methods/projects_zones_clusters_node_pools_list + #/components/x-stackQL-resources/clusters/methods/projects_zones_clusters_list insert: - $ref: >- - #/components/x-stackQL-resources/node_pools/methods/projects_locations_clusters_node_pools_create - - $ref: >- - #/components/x-stackQL-resources/node_pools/methods/projects_zones_clusters_node_pools_create - update: + #/components/x-stackQL-resources/clusters/methods/projects_locations_clusters_create - $ref: >- - #/components/x-stackQL-resources/node_pools/methods/projects_zones_clusters_node_pools_update + #/components/x-stackQL-resources/clusters/methods/projects_zones_clusters_create + update: [] replace: - $ref: >- - #/components/x-stackQL-resources/node_pools/methods/projects_locations_clusters_node_pools_update + #/components/x-stackQL-resources/clusters/methods/projects_locations_clusters_update + - $ref: >- + #/components/x-stackQL-resources/clusters/methods/projects_zones_clusters_update delete: - $ref: >- - #/components/x-stackQL-resources/node_pools/methods/projects_locations_clusters_node_pools_delete + #/components/x-stackQL-resources/clusters/methods/projects_locations_clusters_delete - $ref: >- - #/components/x-stackQL-resources/node_pools/methods/projects_zones_clusters_node_pools_delete - node_pool_upgrade_info: - id: google.container.node_pool_upgrade_info - name: node_pool_upgrade_info - title: Node_pool_upgrade_info + #/components/x-stackQL-resources/clusters/methods/projects_zones_clusters_delete + clusters_jwks: + id: google.container.clusters_jwks + name: clusters_jwks + title: Clusters_jwks methods: - projects_locations_clusters_node_pools_fetch_node_pool_upgrade_info: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}:fetchNodePoolUpgradeInfo/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_zones_clusters_node_pools_fetch_node_pool_upgrade_info: + projects_locations_clusters_get_jwks: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1zones~1{zonesId}~1clusters~1{clustersId}~1nodePools~1{nodePoolsId}:fetchNodePoolUpgradeInfo/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1jwks/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/node_pool_upgrade_info/methods/projects_locations_clusters_node_pools_fetch_node_pool_upgrade_info - - $ref: >- - #/components/x-stackQL-resources/node_pool_upgrade_info/methods/projects_zones_clusters_node_pools_fetch_node_pool_upgrade_info + #/components/x-stackQL-resources/clusters_jwks/methods/projects_locations_clusters_get_jwks insert: [] update: [] replace: [] delete: [] - well_known_openid_configuration: - id: google.container.well_known_openid_configuration - name: well_known_openid_configuration - title: Well_known_openid_configuration + cluster_upgrade_info: + id: google.container.cluster_upgrade_info + name: cluster_upgrade_info + title: Cluster_upgrade_info methods: - projects_locations_clusters_well-known_get_openid-configuration: + projects_locations_clusters_fetch_cluster_upgrade_info: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1.well-known~1openid-configuration/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}:fetchClusterUpgradeInfo/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_zones_clusters_fetch_cluster_upgrade_info: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1zones~1{zonesId}~1clusters~1{clustersId}:fetchClusterUpgradeInfo/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/well_known_openid_configuration/methods/projects_locations_clusters_well-known_get_openid-configuration + #/components/x-stackQL-resources/cluster_upgrade_info/methods/projects_locations_clusters_fetch_cluster_upgrade_info + - $ref: >- + #/components/x-stackQL-resources/cluster_upgrade_info/methods/projects_zones_clusters_fetch_cluster_upgrade_info insert: [] update: [] replace: [] @@ -8208,17 +8538,17 @@ components: name: operations title: Operations methods: - projects_locations_operations_list: + projects_locations_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_operations_get: + projects_locations_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' @@ -8229,16 +8559,16 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_zones_operations_list: + projects_zones_operations_get: operation: - $ref: '#/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1operations/get' + $ref: >- + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1operations~1{operationId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_zones_operations_get: + projects_zones_operations_list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1operations~1{operationId}/get + $ref: '#/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1operations/get' response: mediaType: application/json openAPIDocKey: '200' @@ -8263,43 +8593,43 @@ components: update: [] replace: [] delete: [] - zones_serverconfig: - id: google.container.zones_serverconfig - name: zones_serverconfig - title: Zones_serverconfig + usable_subnetworks: + id: google.container.usable_subnetworks + name: usable_subnetworks + title: Usable_subnetworks methods: - projects_zones_get_serverconfig: + projects_aggregated_usable_subnetworks_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1serverconfig/get + #/paths/~1v1~1projects~1{projectsId}~1aggregated~1usableSubnetworks/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.subnetworks sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/zones_serverconfig/methods/projects_zones_get_serverconfig + #/components/x-stackQL-resources/usable_subnetworks/methods/projects_aggregated_usable_subnetworks_list insert: [] update: [] replace: [] delete: [] - usable_subnetworks: - id: google.container.usable_subnetworks - name: usable_subnetworks - title: Usable_subnetworks + zones_serverconfig: + id: google.container.zones_serverconfig + name: zones_serverconfig + title: Zones_serverconfig methods: - projects_aggregated_usable_subnetworks_list: + projects_zones_get_serverconfig: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1aggregated~1usableSubnetworks/get + #/paths/~1v1~1projects~1{projectId}~1zones~1{zone}~1serverconfig/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.subnetworks sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/usable_subnetworks/methods/projects_aggregated_usable_subnetworks_list + #/components/x-stackQL-resources/zones_serverconfig/methods/projects_zones_get_serverconfig insert: [] update: [] replace: [] @@ -8307,58 +8637,20 @@ components: paths: /v1/projects/{projectsId}/locations/{locationsId}/serverConfig: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - get: - description: Returns configuration info about the Google Kubernetes Engine service. - operationId: container.projects.locations.getServerConfig - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ServerConfig' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: projectId - schema: - type: string - - in: query - name: zone - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters: - parameters: *ref_1 + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/upload_protocol' get: - description: >- - Lists all clusters owned by a project in either the specified zone or - all zones. - operationId: container.projects.locations.clusters.list + description: Returns configuration info about the Google Kubernetes Engine service. + operationId: container.projects.locations.getServerConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8370,7 +8662,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListClustersResponse' + $ref: '#/components/schemas/ServerConfig' parameters: - in: path name: projectsId @@ -8390,23 +8682,19 @@ paths: name: zone schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/nodePools/{nodePoolsId}:setSize: + parameters: *ref_1 post: description: >- - Creates a cluster, consisting of the specified number and type of Google - Compute Engine instances. By default, the cluster is created in the - project's [default - network](https://{$universe.dns_names.final_documentation_domain}/compute/docs/networks-and-firewalls#networks). - One firewall is added for the cluster. After cluster creation, the - Kubelet creates routes for each node to allow the containers on that - node to communicate with all other instances in the cluster. Finally, an - entry is added to the project's global metadata indicating which CIDR - range the cluster is using. - operationId: container.projects.locations.clusters.create + Sets the size for a specific node pool. The new size will be used for + all replicas, including future replicas created by modifying + NodePool.locations. + operationId: container.projects.locations.clusters.nodePools.setSize requestBody: content: application/json: schema: - $ref: '#/components/schemas/CreateClusterRequest' + $ref: '#/components/schemas/SetNodePoolSizeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8430,11 +8718,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}: + - in: path + name: clustersId + required: true + schema: + type: string + - in: path + name: nodePoolsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/nodePools/{nodePoolsId}: parameters: *ref_1 get: - description: Gets the details of a specific cluster. - operationId: container.projects.locations.clusters.get + description: Retrieves the requested node pool. + operationId: container.projects.locations.clusters.nodePools.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8446,7 +8744,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Cluster' + $ref: '#/components/schemas/NodePool' parameters: - in: path name: projectsId @@ -8463,26 +8761,35 @@ paths: required: true schema: type: string + - in: path + name: nodePoolsId + required: true + schema: + type: string + - in: query + name: clusterId + schema: + type: string - in: query name: projectId schema: type: string - in: query - name: zone + name: nodePoolId schema: type: string - in: query - name: clusterId + name: zone schema: type: string put: - description: Updates the settings of a specific cluster. - operationId: container.projects.locations.clusters.update + description: Updates the version and/or image type for the specified node pool. + operationId: container.projects.locations.clusters.nodePools.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/UpdateClusterRequest' + $ref: '#/components/schemas/UpdateNodePoolRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8511,14 +8818,14 @@ paths: required: true schema: type: string + - in: path + name: nodePoolsId + required: true + schema: + type: string delete: - description: >- - Deletes the cluster, including the Kubernetes endpoint and all worker - nodes. Firewalls and routes that were configured during cluster creation - are also deleted. Other Google Compute Engine resources that might be in - use by the cluster, such as load balancer resources, are not deleted if - they weren't present when the cluster was initially created. - operationId: container.projects.locations.clusters.delete + description: Deletes a node pool from a cluster. + operationId: container.projects.locations.clusters.nodePools.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8547,28 +8854,39 @@ paths: required: true schema: type: string + - in: path + name: nodePoolsId + required: true + schema: + type: string + - in: query + name: clusterId + schema: + type: string - in: query name: projectId schema: type: string - in: query - name: zone + name: nodePoolId schema: type: string - in: query - name: clusterId + name: zone schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setLogging: + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/nodePools/{nodePoolsId}:completeUpgrade: parameters: *ref_1 post: - description: Sets the logging service for a specific cluster. - operationId: container.projects.locations.clusters.setLogging + description: >- + CompleteNodePoolUpgrade will signal an on-going node pool upgrade to + complete. + operationId: container.projects.locations.clusters.nodePools.completeUpgrade requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetLoggingServiceRequest' + $ref: '#/components/schemas/CompleteNodePoolUpgradeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8580,7 +8898,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -8597,16 +8915,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setMonitoring: + - in: path + name: nodePoolsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/nodePools/{nodePoolsId}:setManagement: parameters: *ref_1 post: - description: Sets the monitoring service for a specific cluster. - operationId: container.projects.locations.clusters.setMonitoring + description: Sets the NodeManagement options for a node pool. + operationId: container.projects.locations.clusters.nodePools.setManagement requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetMonitoringServiceRequest' + $ref: '#/components/schemas/SetNodePoolManagementRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8635,16 +8958,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setAddons: + - in: path + name: nodePoolsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/nodePools/{nodePoolsId}:setAutoscaling: parameters: *ref_1 post: - description: Sets the addons for a specific cluster. - operationId: container.projects.locations.clusters.setAddons + description: Sets the autoscaling settings for the specified node pool. + operationId: container.projects.locations.clusters.nodePools.setAutoscaling requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetAddonsConfigRequest' + $ref: '#/components/schemas/SetNodePoolAutoscalingRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8673,19 +9001,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setLocations: + - in: path + name: nodePoolsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/nodePools: parameters: *ref_1 post: - description: >- - Sets the locations for a specific cluster. Deprecated. Use - [projects.locations.clusters.update](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters/update) - instead. - operationId: container.projects.locations.clusters.setLocations + description: Creates a node pool for a cluster. + operationId: container.projects.locations.clusters.nodePools.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetLocationsRequest' + $ref: '#/components/schemas/CreateNodePoolRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8714,16 +9044,9 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:updateMaster: - parameters: *ref_1 - post: - description: Updates the master for a specific cluster. - operationId: container.projects.locations.clusters.updateMaster - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UpdateMasterRequest' + get: + description: Lists the node pools for a cluster. + operationId: container.projects.locations.clusters.nodePools.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8735,7 +9058,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListNodePoolsResponse' parameters: - in: path name: projectsId @@ -8752,19 +9075,30 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setMasterAuth: + - in: query + name: projectId + schema: + type: string + - in: query + name: zone + schema: + type: string + - in: query + name: clusterId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/nodePools/{nodePoolsId}:rollback: parameters: *ref_1 post: description: >- - Sets master auth materials. Currently supports changing the admin - password or a specific cluster, either via password generation or - explicitly setting the password. - operationId: container.projects.locations.clusters.setMasterAuth + Rolls back a previously Aborted or Failed NodePool upgrade. This makes + no changes if the last upgrade successfully completed. + operationId: container.projects.locations.clusters.nodePools.rollback requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetMasterAuthRequest' + $ref: '#/components/schemas/RollbackNodePoolUpgradeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8793,47 +9127,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/jwks: - parameters: *ref_1 - get: - description: >- - Gets the public component of the cluster signing keys in JSON Web Key - format. - operationId: container.projects.locations.clusters.getJwks - security: [] - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GetJSONWebKeysResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - in: path - name: clustersId + name: nodePoolsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setResourceLabels: + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/nodePools/{nodePoolsId}:fetchNodePoolUpgradeInfo: parameters: *ref_1 - post: - description: Sets labels on a cluster. - operationId: container.projects.locations.clusters.setResourceLabels - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetLabelsRequest' + get: + description: Fetch upgrade information of a specific nodepool. + operationId: container.projects.locations.clusters.nodePools.fetchNodePoolUpgradeInfo security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8845,7 +9148,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/NodePoolUpgradeInfo' parameters: - in: path name: projectsId @@ -8862,28 +9165,32 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setLegacyAbac: + - in: path + name: nodePoolsId + required: true + schema: + type: string + - in: query + name: version + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/.well-known/openid-configuration: parameters: *ref_1 - post: - description: Enables or disables the ABAC authorization mechanism on a cluster. - operationId: container.projects.locations.clusters.setLegacyAbac - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetLegacyAbacRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + get: + description: >- + Gets the OIDC discovery document for the cluster. See the [OpenID + Connect Discovery 1.0 + specification](https://openid.net/specs/openid-connect-discovery-1_0.html) + for details. + operationId: container.projects.locations.clusters.well-known.getOpenid-configuration + security: [] responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/GetOpenIDConfigResponse' parameters: - in: path name: projectsId @@ -8900,16 +9207,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:startIpRotation: + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:completeIpRotation: parameters: *ref_1 post: - description: Starts master IP rotation. - operationId: container.projects.locations.clusters.startIpRotation + description: Completes master IP rotation. + operationId: container.projects.locations.clusters.completeIpRotation requestBody: content: application/json: schema: - $ref: '#/components/schemas/StartIPRotationRequest' + $ref: '#/components/schemas/CompleteIPRotationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8938,16 +9245,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:completeIpRotation: + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setLocations: parameters: *ref_1 post: - description: Completes master IP rotation. - operationId: container.projects.locations.clusters.completeIpRotation + description: >- + Sets the locations for a specific cluster. Deprecated. Use + [projects.locations.clusters.update](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters/update) + instead. + operationId: container.projects.locations.clusters.setLocations requestBody: content: application/json: schema: - $ref: '#/components/schemas/CompleteIPRotationRequest' + $ref: '#/components/schemas/SetLocationsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8976,28 +9286,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setNetworkPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/jwks: parameters: *ref_1 - post: - description: Enables or disables Network Policy for a cluster. - operationId: container.projects.locations.clusters.setNetworkPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetNetworkPolicyRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + get: + description: >- + Gets the public component of the cluster signing keys in JSON Web Key + format. + operationId: container.projects.locations.clusters.getJwks + security: [] responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/GetJSONWebKeysResponse' parameters: - in: path name: projectsId @@ -9014,16 +9317,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setMaintenancePolicy: + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}: parameters: *ref_1 - post: - description: Sets the maintenance policy for a cluster. - operationId: container.projects.locations.clusters.setMaintenancePolicy + put: + description: Updates the settings of a specific cluster. + operationId: container.projects.locations.clusters.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetMaintenancePolicyRequest' + $ref: '#/components/schemas/UpdateClusterRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9052,13 +9355,9 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:checkAutopilotCompatibility: - parameters: *ref_1 get: - description: >- - Checks the cluster compatibility with Autopilot mode, and returns a list - of compatibility issues. - operationId: container.projects.locations.clusters.checkAutopilotCompatibility + description: Gets the details of a specific cluster. + operationId: container.projects.locations.clusters.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9070,7 +9369,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CheckAutopilotCompatibilityResponse' + $ref: '#/components/schemas/Cluster' parameters: - in: path name: projectsId @@ -9087,11 +9386,26 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:fetchClusterUpgradeInfo: - parameters: *ref_1 - get: - description: Fetch upgrade information of a specific cluster. - operationId: container.projects.locations.clusters.fetchClusterUpgradeInfo + - in: query + name: clusterId + schema: + type: string + - in: query + name: projectId + schema: + type: string + - in: query + name: zone + schema: + type: string + delete: + description: >- + Deletes the cluster, including the Kubernetes endpoint and all worker + nodes. Firewalls and routes that were configured during cluster creation + are also deleted. Other Google Compute Engine resources that might be in + use by the cluster, such as load balancer resources, are not deleted if + they weren't present when the cluster was initially created. + operationId: container.projects.locations.clusters.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9103,7 +9417,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ClusterUpgradeInfo' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9121,19 +9435,27 @@ paths: schema: type: string - in: query - name: version + name: clusterId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/nodePools/{nodePoolsId}: + - in: query + name: zone + schema: + type: string + - in: query + name: projectId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:updateMaster: parameters: *ref_1 - put: - description: Updates the version and/or image type for the specified node pool. - operationId: container.projects.locations.clusters.nodePools.update + post: + description: Updates the master for a specific cluster. + operationId: container.projects.locations.clusters.updateMaster requestBody: content: application/json: schema: - $ref: '#/components/schemas/UpdateNodePoolRequest' + $ref: '#/components/schemas/UpdateMasterRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9162,14 +9484,11 @@ paths: required: true schema: type: string - - in: path - name: nodePoolsId - required: true - schema: - type: string + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:fetchClusterUpgradeInfo: + parameters: *ref_1 get: - description: Retrieves the requested node pool. - operationId: container.projects.locations.clusters.nodePools.get + description: Fetch upgrade information of a specific cluster. + operationId: container.projects.locations.clusters.fetchClusterUpgradeInfo security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9181,7 +9500,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NodePool' + $ref: '#/components/schemas/ClusterUpgradeInfo' parameters: - in: path name: projectsId @@ -9198,30 +9517,17 @@ paths: required: true schema: type: string - - in: path - name: nodePoolsId - required: true - schema: - type: string - - in: query - name: projectId - schema: - type: string - - in: query - name: zone - schema: - type: string - - in: query - name: clusterId - schema: - type: string - in: query - name: nodePoolId + name: version schema: type: string - delete: - description: Deletes a node pool from a cluster. - operationId: container.projects.locations.clusters.nodePools.delete + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:checkAutopilotCompatibility: + parameters: *ref_1 + get: + description: >- + Checks the cluster compatibility with Autopilot mode, and returns a list + of compatibility issues. + operationId: container.projects.locations.clusters.checkAutopilotCompatibility security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9233,7 +9539,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/CheckAutopilotCompatibilityResponse' parameters: - in: path name: projectsId @@ -9250,37 +9556,63 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setResourceLabels: + parameters: *ref_1 + post: + description: Sets labels on a cluster. + operationId: container.projects.locations.clusters.setResourceLabels + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetLabelsRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: - in: path - name: nodePoolsId + name: projectsId required: true schema: type: string - - in: query - name: projectId - schema: - type: string - - in: query - name: zone - schema: - type: string - - in: query - name: clusterId + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: nodePoolId + - in: path + name: clustersId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/nodePools/{nodePoolsId}:setAutoscaling: + /v1/projects/{projectsId}/locations/{locationsId}/clusters: parameters: *ref_1 post: - description: Sets the autoscaling settings for the specified node pool. - operationId: container.projects.locations.clusters.nodePools.setAutoscaling + description: >- + Creates a cluster, consisting of the specified number and type of Google + Compute Engine instances. By default, the cluster is created in the + project's [default + network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks). + One firewall is added for the cluster. After cluster creation, the + kubelet creates routes for each node to allow the containers on that + node to communicate with all other instances in the cluster. Finally, an + entry is added to the project's global metadata indicating which CIDR + range the cluster is using. + operationId: container.projects.locations.clusters.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetNodePoolAutoscalingRequest' + $ref: '#/components/schemas/CreateClusterRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9304,21 +9636,55 @@ paths: required: true schema: type: string + get: + description: >- + Lists all clusters owned by a project in either the specified zone or + all zones. + operationId: container.projects.locations.clusters.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListClustersResponse' + parameters: - in: path - name: clustersId + name: projectsId required: true schema: type: string - in: path - name: nodePoolsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/nodePools: + - in: query + name: projectId + schema: + type: string + - in: query + name: zone + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setMasterAuth: parameters: *ref_1 - get: - description: Lists the node pools for a cluster. - operationId: container.projects.locations.clusters.nodePools.list + post: + description: >- + Sets master auth materials. Currently supports changing the admin + password or a specific cluster, either via password generation or + explicitly setting the password. + operationId: container.projects.locations.clusters.setMasterAuth + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetMasterAuthRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9330,7 +9696,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListNodePoolsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9347,26 +9713,16 @@ paths: required: true schema: type: string - - in: query - name: projectId - schema: - type: string - - in: query - name: zone - schema: - type: string - - in: query - name: clusterId - schema: - type: string + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setLogging: + parameters: *ref_1 post: - description: Creates a node pool for a cluster. - operationId: container.projects.locations.clusters.nodePools.create + description: Sets the logging service for a specific cluster. + operationId: container.projects.locations.clusters.setLogging requestBody: content: application/json: schema: - $ref: '#/components/schemas/CreateNodePoolRequest' + $ref: '#/components/schemas/SetLoggingServiceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9395,18 +9751,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/nodePools/{nodePoolsId}:completeUpgrade: + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setMonitoring: parameters: *ref_1 post: - description: >- - CompleteNodePoolUpgrade will signal an on-going node pool upgrade to - complete. - operationId: container.projects.locations.clusters.nodePools.completeUpgrade + description: Sets the monitoring service for a specific cluster. + operationId: container.projects.locations.clusters.setMonitoring requestBody: content: application/json: schema: - $ref: '#/components/schemas/CompleteNodePoolUpgradeRequest' + $ref: '#/components/schemas/SetMonitoringServiceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9418,7 +9772,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9435,23 +9789,16 @@ paths: required: true schema: type: string - - in: path - name: nodePoolsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/nodePools/{nodePoolsId}:rollback: + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setAddons: parameters: *ref_1 post: - description: >- - Rolls back a previously Aborted or Failed NodePool upgrade. This makes - no changes if the last upgrade successfully completed. - operationId: container.projects.locations.clusters.nodePools.rollback + description: Sets the addons for a specific cluster. + operationId: container.projects.locations.clusters.setAddons requestBody: content: application/json: schema: - $ref: '#/components/schemas/RollbackNodePoolUpgradeRequest' + $ref: '#/components/schemas/SetAddonsConfigRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9480,21 +9827,16 @@ paths: required: true schema: type: string - - in: path - name: nodePoolsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/nodePools/{nodePoolsId}:setManagement: + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setMaintenancePolicy: parameters: *ref_1 post: - description: Sets the NodeManagement options for a node pool. - operationId: container.projects.locations.clusters.nodePools.setManagement + description: Sets the maintenance policy for a cluster. + operationId: container.projects.locations.clusters.setMaintenancePolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetNodePoolManagementRequest' + $ref: '#/components/schemas/SetMaintenancePolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9523,24 +9865,16 @@ paths: required: true schema: type: string - - in: path - name: nodePoolsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/nodePools/{nodePoolsId}:setSize: + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:startIpRotation: parameters: *ref_1 post: - description: >- - Sets the size for a specific node pool. The new size will be used for - all replicas, including future replicas created by modifying - NodePool.locations. - operationId: container.projects.locations.clusters.nodePools.setSize + description: Starts master IP rotation. + operationId: container.projects.locations.clusters.startIpRotation requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetNodePoolSizeRequest' + $ref: '#/components/schemas/StartIPRotationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9569,16 +9903,16 @@ paths: required: true schema: type: string - - in: path - name: nodePoolsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/nodePools/{nodePoolsId}:fetchNodePoolUpgradeInfo: + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setNetworkPolicy: parameters: *ref_1 - get: - description: Fetch upgrade information of a specific nodepool. - operationId: container.projects.locations.clusters.nodePools.fetchNodePoolUpgradeInfo + post: + description: Enables or disables Network Policy for a cluster. + operationId: container.projects.locations.clusters.setNetworkPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetNetworkPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9590,7 +9924,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NodePoolUpgradeInfo' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9607,32 +9941,28 @@ paths: required: true schema: type: string - - in: path - name: nodePoolsId - required: true - schema: - type: string - - in: query - name: version - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/.well-known/openid-configuration: + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}:setLegacyAbac: parameters: *ref_1 - get: - description: >- - Gets the OIDC discovery document for the cluster. See the [OpenID - Connect Discovery 1.0 - specification](https://openid.net/specs/openid-connect-discovery-1_0.html) - for details. - operationId: container.projects.locations.clusters.well-known.getOpenid-configuration - security: [] + post: + description: Enables or disables the ABAC authorization mechanism on a cluster. + operationId: container.projects.locations.clusters.setLegacyAbac + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetLegacyAbacRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GetOpenIDConfigResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9649,11 +9979,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: - description: Lists all operations in a project in a specific zone or all zones. - operationId: container.projects.locations.operations.list + description: Gets the specified operation. + operationId: container.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9665,7 +9995,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9677,6 +10007,11 @@ paths: required: true schema: type: string + - in: path + name: operationsId + required: true + schema: + type: string - in: query name: projectId schema: @@ -9685,11 +10020,15 @@ paths: name: zone schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + - in: query + name: operationId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 get: - description: Gets the specified operation. - operationId: container.projects.locations.operations.get + description: Lists all operations in a project in a specific zone or all zones. + operationId: container.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9701,7 +10040,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -9713,11 +10052,6 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true - schema: - type: string - in: query name: projectId schema: @@ -9726,10 +10060,6 @@ paths: name: zone schema: type: string - - in: query - name: operationId - schema: - type: string /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: @@ -9768,11 +10098,11 @@ paths: required: true schema: type: string - /v1/projects/{projectId}/zones/{zone}/serverconfig: + /v1/projects/{projectsId}/aggregated/usableSubnetworks: parameters: *ref_1 get: - description: Returns configuration info about the Google Kubernetes Engine service. - operationId: container.projects.zones.getServerconfig + description: Lists subnetworks that are usable for creating clusters in a project. + operationId: container.projects.aggregated.usableSubnetworks.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9784,29 +10114,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ServerConfig' + $ref: '#/components/schemas/ListUsableSubnetworksResponse' parameters: - in: path - name: projectId + name: projectsId required: true schema: type: string - - in: path - name: zone - required: true + - in: query + name: pageToken schema: type: string - in: query - name: name + name: filter schema: type: string - /v1/projects/{projectId}/zones/{zone}/clusters: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectId}/zones/{zone}/operations/{operationId}: parameters: *ref_1 get: - description: >- - Lists all clusters owned by a project in either the specified zone or - all zones. - operationId: container.projects.zones.clusters.list + description: Gets the specified operation. + operationId: container.projects.zones.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9818,7 +10150,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListClustersResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectId @@ -9830,55 +10162,20 @@ paths: required: true schema: type: string - - in: query - name: parent - schema: - type: string - post: - description: >- - Creates a cluster, consisting of the specified number and type of Google - Compute Engine instances. By default, the cluster is created in the - project's [default - network](https://{$universe.dns_names.final_documentation_domain}/compute/docs/networks-and-firewalls#networks). - One firewall is added for the cluster. After cluster creation, the - Kubelet creates routes for each node to allow the containers on that - node to communicate with all other instances in the cluster. Finally, an - entry is added to the project's global metadata indicating which CIDR - range the cluster is using. - operationId: container.projects.zones.clusters.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CreateClusterRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - in: path - name: projectId + name: operationId required: true schema: type: string - - in: path - name: zone - required: true + - in: query + name: name schema: type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}: + /v1/projects/{projectId}/zones/{zone}/operations: parameters: *ref_1 get: - description: Gets the details of a specific cluster. - operationId: container.projects.zones.clusters.get + description: Lists all operations in a project in a specific zone or all zones. + operationId: container.projects.zones.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9890,7 +10187,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Cluster' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectId @@ -9902,23 +10199,20 @@ paths: required: true schema: type: string - - in: path - name: clusterId - required: true - schema: - type: string - in: query - name: name + name: parent schema: type: string - put: - description: Updates the settings of a specific cluster. - operationId: container.projects.zones.clusters.update + /v1/projects/{projectId}/zones/{zone}/operations/{operationId}:cancel: + parameters: *ref_1 + post: + description: Cancels the specified operation. + operationId: container.projects.zones.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/UpdateClusterRequest' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9930,7 +10224,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectId @@ -9943,18 +10237,15 @@ paths: schema: type: string - in: path - name: clusterId + name: operationId required: true schema: type: string - delete: - description: >- - Deletes the cluster, including the Kubernetes endpoint and all worker - nodes. Firewalls and routes that were configured during cluster creation - are also deleted. Other Google Compute Engine resources that might be in - use by the cluster, such as load balancer resources, are not deleted if - they weren't present when the cluster was initially created. - operationId: container.projects.zones.clusters.delete + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}: + parameters: *ref_1 + get: + description: Retrieves the requested node pool. + operationId: container.projects.zones.clusters.nodePools.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9966,7 +10257,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/NodePool' parameters: - in: path name: projectId @@ -9983,20 +10274,18 @@ paths: required: true schema: type: string + - in: path + name: nodePoolId + required: true + schema: + type: string - in: query name: name schema: type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/logging: - parameters: *ref_1 - post: - description: Sets the logging service for a specific cluster. - operationId: container.projects.zones.clusters.logging - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetLoggingServiceRequest' + delete: + description: Deletes a node pool from a cluster. + operationId: container.projects.zones.clusters.nodePools.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10025,16 +10314,25 @@ paths: required: true schema: type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/monitoring: + - in: path + name: nodePoolId + required: true + schema: + type: string + - in: query + name: name + schema: + type: string + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/update: parameters: *ref_1 post: - description: Sets the monitoring service for a specific cluster. - operationId: container.projects.zones.clusters.monitoring + description: Updates the version and/or image type for the specified node pool. + operationId: container.projects.zones.clusters.nodePools.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetMonitoringServiceRequest' + $ref: '#/components/schemas/UpdateNodePoolRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10063,16 +10361,21 @@ paths: required: true schema: type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/addons: + - in: path + name: nodePoolId + required: true + schema: + type: string + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/autoscaling: parameters: *ref_1 post: - description: Sets the addons for a specific cluster. - operationId: container.projects.zones.clusters.addons + description: Sets the autoscaling settings for the specified node pool. + operationId: container.projects.zones.clusters.nodePools.autoscaling requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetAddonsConfigRequest' + $ref: '#/components/schemas/SetNodePoolAutoscalingRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10101,19 +10404,21 @@ paths: required: true schema: type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/locations: + - in: path + name: nodePoolId + required: true + schema: + type: string + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools: parameters: *ref_1 post: - description: >- - Sets the locations for a specific cluster. Deprecated. Use - [projects.locations.clusters.update](https://{$universe.dns_names.final_documentation_domain}/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters/update) - instead. - operationId: container.projects.zones.clusters.locations + description: Creates a node pool for a cluster. + operationId: container.projects.zones.clusters.nodePools.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetLocationsRequest' + $ref: '#/components/schemas/CreateNodePoolRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10142,16 +10447,9 @@ paths: required: true schema: type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/master: - parameters: *ref_1 - post: - description: Updates the master for a specific cluster. - operationId: container.projects.zones.clusters.master - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UpdateMasterRequest' + get: + description: Lists the node pools for a cluster. + operationId: container.projects.zones.clusters.nodePools.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10163,7 +10461,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListNodePoolsResponse' parameters: - in: path name: projectId @@ -10180,19 +10478,15 @@ paths: required: true schema: type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:setMasterAuth: + - in: query + name: parent + schema: + type: string + /v1/projects/{projectsId}/zones/{zonesId}/clusters/{clustersId}/nodePools/{nodePoolsId}:fetchNodePoolUpgradeInfo: parameters: *ref_1 - post: - description: >- - Sets master auth materials. Currently supports changing the admin - password or a specific cluster, either via password generation or - explicitly setting the password. - operationId: container.projects.zones.clusters.setMasterAuth - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetMasterAuthRequest' + get: + description: Fetch upgrade information of a specific nodepool. + operationId: container.projects.zones.clusters.nodePools.fetchNodePoolUpgradeInfo security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10204,33 +10498,44 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/NodePoolUpgradeInfo' parameters: - in: path - name: projectId + name: projectsId required: true schema: type: string - in: path - name: zone + name: zonesId required: true schema: type: string - in: path - name: clusterId + name: clustersId required: true schema: type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/resourceLabels: + - in: path + name: nodePoolsId + required: true + schema: + type: string + - in: query + name: version + schema: + type: string + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}:rollback: parameters: *ref_1 post: - description: Sets labels on a cluster. - operationId: container.projects.zones.clusters.resourceLabels + description: >- + Rolls back a previously Aborted or Failed NodePool upgrade. This makes + no changes if the last upgrade successfully completed. + operationId: container.projects.zones.clusters.nodePools.rollback requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetLabelsRequest' + $ref: '#/components/schemas/RollbackNodePoolUpgradeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10259,16 +10564,24 @@ paths: required: true schema: type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/legacyAbac: + - in: path + name: nodePoolId + required: true + schema: + type: string + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/setSize: parameters: *ref_1 post: - description: Enables or disables the ABAC authorization mechanism on a cluster. - operationId: container.projects.zones.clusters.legacyAbac + description: >- + Sets the size for a specific node pool. The new size will be used for + all replicas, including future replicas created by modifying + NodePool.locations. + operationId: container.projects.zones.clusters.nodePools.setSize requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetLegacyAbacRequest' + $ref: '#/components/schemas/SetNodePoolSizeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10297,16 +10610,21 @@ paths: required: true schema: type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:startIpRotation: + - in: path + name: nodePoolId + required: true + schema: + type: string + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/setManagement: parameters: *ref_1 post: - description: Starts master IP rotation. - operationId: container.projects.zones.clusters.startIpRotation + description: Sets the NodeManagement options for a node pool. + operationId: container.projects.zones.clusters.nodePools.setManagement requestBody: content: application/json: schema: - $ref: '#/components/schemas/StartIPRotationRequest' + $ref: '#/components/schemas/SetNodePoolManagementRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10335,16 +10653,21 @@ paths: required: true schema: type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:completeIpRotation: + - in: path + name: nodePoolId + required: true + schema: + type: string + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:setMaintenancePolicy: parameters: *ref_1 post: - description: Completes master IP rotation. - operationId: container.projects.zones.clusters.completeIpRotation + description: Sets the maintenance policy for a cluster. + operationId: container.projects.zones.clusters.setMaintenancePolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/CompleteIPRotationRequest' + $ref: '#/components/schemas/SetMaintenancePolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10411,16 +10734,19 @@ paths: required: true schema: type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:setMaintenancePolicy: + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:setMasterAuth: parameters: *ref_1 post: - description: Sets the maintenance policy for a cluster. - operationId: container.projects.zones.clusters.setMaintenancePolicy + description: >- + Sets master auth materials. Currently supports changing the admin + password or a specific cluster, either via password generation or + explicitly setting the password. + operationId: container.projects.zones.clusters.setMasterAuth requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetMaintenancePolicyRequest' + $ref: '#/components/schemas/SetMasterAuthRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10449,11 +10775,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/zones/{zonesId}/clusters/{clustersId}:fetchClusterUpgradeInfo: + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}: parameters: *ref_1 - get: - description: Fetch upgrade information of a specific cluster. - operationId: container.projects.zones.clusters.fetchClusterUpgradeInfo + delete: + description: >- + Deletes the cluster, including the Kubernetes endpoint and all worker + nodes. Firewalls and routes that were configured during cluster creation + are also deleted. Other Google Compute Engine resources that might be in + use by the cluster, such as load balancer resources, are not deleted if + they weren't present when the cluster was initially created. + operationId: container.projects.zones.clusters.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10465,37 +10796,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ClusterUpgradeInfo' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: projectId required: true schema: type: string - in: path - name: zonesId + name: zone required: true schema: type: string - in: path - name: clustersId + name: clusterId required: true schema: type: string - in: query - name: version + name: name schema: type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/update: - parameters: *ref_1 - post: - description: Updates the version and/or image type for the specified node pool. - operationId: container.projects.zones.clusters.nodePools.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UpdateNodePoolRequest' + get: + description: Gets the details of a specific cluster. + operationId: container.projects.zones.clusters.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10507,7 +10831,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Cluster' parameters: - in: path name: projectId @@ -10524,21 +10848,18 @@ paths: required: true schema: type: string - - in: path - name: nodePoolId - required: true + - in: query + name: name schema: type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/autoscaling: - parameters: *ref_1 - post: - description: Sets the autoscaling settings for the specified node pool. - operationId: container.projects.zones.clusters.nodePools.autoscaling + put: + description: Updates the settings of a specific cluster. + operationId: container.projects.zones.clusters.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetNodePoolAutoscalingRequest' + $ref: '#/components/schemas/UpdateClusterRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10567,16 +10888,16 @@ paths: required: true schema: type: string - - in: path - name: nodePoolId - required: true - schema: - type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools: + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/logging: parameters: *ref_1 - get: - description: Lists the node pools for a cluster. - operationId: container.projects.zones.clusters.nodePools.list + post: + description: Sets the logging service for a specific cluster. + operationId: container.projects.zones.clusters.logging + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetLoggingServiceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10588,7 +10909,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListNodePoolsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectId @@ -10605,18 +10926,16 @@ paths: required: true schema: type: string - - in: query - name: parent - schema: - type: string + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/master: + parameters: *ref_1 post: - description: Creates a node pool for a cluster. - operationId: container.projects.zones.clusters.nodePools.create + description: Updates the master for a specific cluster. + operationId: container.projects.zones.clusters.master requestBody: content: application/json: schema: - $ref: '#/components/schemas/CreateNodePoolRequest' + $ref: '#/components/schemas/UpdateMasterRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10645,11 +10964,11 @@ paths: required: true schema: type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}: + /v1/projects/{projectsId}/zones/{zonesId}/clusters/{clustersId}:fetchClusterUpgradeInfo: parameters: *ref_1 get: - description: Retrieves the requested node pool. - operationId: container.projects.zones.clusters.nodePools.get + description: Fetch upgrade information of a specific cluster. + operationId: container.projects.zones.clusters.fetchClusterUpgradeInfo security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10661,35 +10980,37 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NodePool' + $ref: '#/components/schemas/ClusterUpgradeInfo' parameters: - in: path - name: projectId - required: true - schema: - type: string - - in: path - name: zone + name: projectsId required: true schema: type: string - in: path - name: clusterId + name: zonesId required: true schema: type: string - in: path - name: nodePoolId + name: clustersId required: true schema: type: string - in: query - name: name + name: version schema: type: string - delete: - description: Deletes a node pool from a cluster. - operationId: container.projects.zones.clusters.nodePools.delete + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/monitoring: + parameters: *ref_1 + post: + description: Sets the monitoring service for a specific cluster. + operationId: container.projects.zones.clusters.monitoring + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetMonitoringServiceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10718,27 +11039,16 @@ paths: required: true schema: type: string - - in: path - name: nodePoolId - required: true - schema: - type: string - - in: query - name: name - schema: - type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}:rollback: + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/resourceLabels: parameters: *ref_1 post: - description: >- - Rolls back a previously Aborted or Failed NodePool upgrade. This makes - no changes if the last upgrade successfully completed. - operationId: container.projects.zones.clusters.nodePools.rollback + description: Sets labels on a cluster. + operationId: container.projects.zones.clusters.resourceLabels requestBody: content: application/json: schema: - $ref: '#/components/schemas/RollbackNodePoolUpgradeRequest' + $ref: '#/components/schemas/SetLabelsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10767,21 +11077,25 @@ paths: required: true schema: type: string - - in: path - name: nodePoolId - required: true - schema: - type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/setManagement: + /v1/projects/{projectId}/zones/{zone}/clusters: parameters: *ref_1 post: - description: Sets the NodeManagement options for a node pool. - operationId: container.projects.zones.clusters.nodePools.setManagement + description: >- + Creates a cluster, consisting of the specified number and type of Google + Compute Engine instances. By default, the cluster is created in the + project's [default + network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks). + One firewall is added for the cluster. After cluster creation, the + kubelet creates routes for each node to allow the containers on that + node to communicate with all other instances in the cluster. Finally, an + entry is added to the project's global metadata indicating which CIDR + range the cluster is using. + operationId: container.projects.zones.clusters.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetNodePoolManagementRequest' + $ref: '#/components/schemas/CreateClusterRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10805,29 +11119,48 @@ paths: required: true schema: type: string + get: + description: >- + Lists all clusters owned by a project in either the specified zone or + all zones. + operationId: container.projects.zones.clusters.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListClustersResponse' + parameters: - in: path - name: clusterId + name: projectId required: true schema: type: string - in: path - name: nodePoolId + name: zone required: true schema: type: string - /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/setSize: + - in: query + name: parent + schema: + type: string + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:completeIpRotation: parameters: *ref_1 post: - description: >- - Sets the size for a specific node pool. The new size will be used for - all replicas, including future replicas created by modifying - NodePool.locations. - operationId: container.projects.zones.clusters.nodePools.setSize + description: Completes master IP rotation. + operationId: container.projects.zones.clusters.completeIpRotation requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetNodePoolSizeRequest' + $ref: '#/components/schemas/CompleteIPRotationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10856,16 +11189,16 @@ paths: required: true schema: type: string - - in: path - name: nodePoolId - required: true - schema: - type: string - /v1/projects/{projectsId}/zones/{zonesId}/clusters/{clustersId}/nodePools/{nodePoolsId}:fetchNodePoolUpgradeInfo: + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/legacyAbac: parameters: *ref_1 - get: - description: Fetch upgrade information of a specific nodepool. - operationId: container.projects.zones.clusters.nodePools.fetchNodePoolUpgradeInfo + post: + description: Enables or disables the ABAC authorization mechanism on a cluster. + operationId: container.projects.zones.clusters.legacyAbac + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetLegacyAbacRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10877,37 +11210,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NodePoolUpgradeInfo' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: zonesId + name: projectId required: true schema: type: string - in: path - name: clustersId + name: zone required: true schema: type: string - in: path - name: nodePoolsId + name: clusterId required: true schema: type: string - - in: query - name: version - schema: - type: string - /v1/projects/{projectId}/zones/{zone}/operations: + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/addons: parameters: *ref_1 - get: - description: Lists all operations in a project in a specific zone or all zones. - operationId: container.projects.zones.operations.list + post: + description: Sets the addons for a specific cluster. + operationId: container.projects.zones.clusters.addons + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetAddonsConfigRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10919,7 +11248,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectId @@ -10931,15 +11260,24 @@ paths: required: true schema: type: string - - in: query - name: parent + - in: path + name: clusterId + required: true schema: type: string - /v1/projects/{projectId}/zones/{zone}/operations/{operationId}: + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/locations: parameters: *ref_1 - get: - description: Gets the specified operation. - operationId: container.projects.zones.operations.get + post: + description: >- + Sets the locations for a specific cluster. Deprecated. Use + [projects.locations.clusters.update](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters/update) + instead. + operationId: container.projects.zones.clusters.locations + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetLocationsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10964,24 +11302,20 @@ paths: schema: type: string - in: path - name: operationId + name: clusterId required: true schema: type: string - - in: query - name: name - schema: - type: string - /v1/projects/{projectId}/zones/{zone}/operations/{operationId}:cancel: + /v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:startIpRotation: parameters: *ref_1 post: - description: Cancels the specified operation. - operationId: container.projects.zones.operations.cancel + description: Starts master IP rotation. + operationId: container.projects.zones.clusters.startIpRotation requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/StartIPRotationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10993,7 +11327,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectId @@ -11006,15 +11340,15 @@ paths: schema: type: string - in: path - name: operationId + name: clusterId required: true schema: type: string - /v1/projects/{projectsId}/aggregated/usableSubnetworks: + /v1/projects/{projectId}/zones/{zone}/serverconfig: parameters: *ref_1 get: - description: Lists subnetworks that are usable for creating clusters in a project. - operationId: container.projects.aggregated.usableSubnetworks.list + description: Returns configuration info about the Google Kubernetes Engine service. + operationId: container.projects.zones.getServerconfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11026,23 +11360,19 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListUsableSubnetworksResponse' + $ref: '#/components/schemas/ServerConfig' parameters: - in: path - name: projectsId + name: projectId required: true schema: type: string - - in: query - name: filter + - in: path + name: zone + required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: name schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/containeranalysis.yaml b/providers/src/googleapis.com/v00.00.00000/services/containeranalysis.yaml index 63f5a026..24599ab8 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/containeranalysis.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/containeranalysis.yaml @@ -11,8 +11,8 @@ info: is an implementation of the Grafeas API, which enables storing, querying, and retrieval of critical metadata about all of your software artifacts. version: v1 - x-discovery-doc-revision: '20250813' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251203' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/container-analysis/api/reference/rest/ servers: @@ -38,1719 +38,1298 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - Occurrence: - id: Occurrence - description: An instance of an analysis type that has been found on a resource. + ContaineranalysisGoogleDevtoolsCloudbuildV1Results: type: object properties: - name: - description: >- - Output only. The name of the occurrence in the form of - `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`. - type: string - resourceUri: + numArtifacts: + format: int64 description: >- - Required. Immutable. A URI that represents the resource for which - the occurrence applies. For example, - `https://gcr.io/project/image@sha256:123abc` for a Docker image. + Number of non-container artifacts uploaded to Cloud Storage. Only + populated when artifacts are uploaded to Cloud Storage. type: string - noteName: + buildStepImages: + type: array description: >- - Required. Immutable. The analysis note associated with this - occurrence, in the form of `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. - This field can be used as a filter in list requests. - type: string - kind: + List of build step digests, in the order corresponding to build step + indices. + items: + type: string + artifactManifest: description: >- - Output only. This explicitly denotes which of the occurrence details - are specified. This field can be used as a filter in list requests. - type: string - enumDescriptions: - - Default value. This value is unused. - - The note and occurrence represent a package vulnerability. - - The note and occurrence assert build provenance. - - This represents an image basis relationship. - - This represents a package installed via a package manager. - - The note and occurrence track deployment events. - - >- - The note and occurrence track the initial discovery status of a - resource. - - This represents a logical "role" that can attest to artifacts. - - This represents an available package upgrade. - - This represents a Compliance Note - - This represents a DSSE attestation Note - - This represents a Vulnerability Assessment. - - This represents an SBOM Reference. - - This represents a secret. - enum: - - NOTE_KIND_UNSPECIFIED - - VULNERABILITY - - BUILD - - IMAGE - - PACKAGE - - DEPLOYMENT - - DISCOVERY - - ATTESTATION - - UPGRADE - - COMPLIANCE - - DSSE_ATTESTATION - - VULNERABILITY_ASSESSMENT - - SBOM_REFERENCE - - SECRET - remediation: - description: A description of actions that can be taken to remedy the note. - type: string - createTime: - description: Output only. The time this occurrence was created. - type: string - format: google-datetime - updateTime: - description: Output only. The time this occurrence was last updated. + Path to the artifact manifest for non-container artifacts uploaded + to Cloud Storage. Only populated when artifacts are uploaded to + Cloud Storage. type: string - format: google-datetime - vulnerability: - description: Describes a security vulnerability. - $ref: '#/components/schemas/VulnerabilityOccurrence' - build: - description: Describes a verifiable build. - $ref: '#/components/schemas/BuildOccurrence' - image: - description: >- - Describes how this resource derives from the basis in the associated - note. - $ref: '#/components/schemas/ImageOccurrence' - package: - description: Describes the installation of a package on the linked resource. - $ref: '#/components/schemas/PackageOccurrence' - deployment: - description: Describes the deployment of an artifact on a runtime. - $ref: '#/components/schemas/DeploymentOccurrence' - discovery: - description: Describes when a resource was discovered. - $ref: '#/components/schemas/DiscoveryOccurrence' - attestation: - description: Describes an attestation of an artifact. - $ref: '#/components/schemas/AttestationOccurrence' - upgrade: - description: Describes an available package upgrade on the linked resource. - $ref: '#/components/schemas/UpgradeOccurrence' - compliance: - description: Describes a compliance violation on a linked resource. - $ref: '#/components/schemas/ComplianceOccurrence' - dsseAttestation: - description: Describes an attestation of an artifact using dsse. - $ref: '#/components/schemas/DSSEAttestationOccurrence' - sbomReference: - description: Describes a specific SBOM reference occurrences. - $ref: '#/components/schemas/SBOMReferenceOccurrence' - secret: - description: Describes a secret. - $ref: '#/components/schemas/SecretOccurrence' - envelope: - description: https://github.com/secure-systems-lab/dsse - $ref: '#/components/schemas/Envelope' - VulnerabilityOccurrence: - id: VulnerabilityOccurrence - description: An occurrence of a severity vulnerability on a resource. - type: object - properties: - type: + goModules: description: >- - The type of package; whether native or non native (e.g., ruby gems, - node.js packages, etc.). - type: string - severity: + Optional. Go module artifacts uploaded to Artifact Registry at the + end of the build. + type: array + items: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedGoModule + pythonPackages: description: >- - Output only. The note provider assigned severity of this - vulnerability. - type: string - enumDescriptions: - - Unknown. - - Minimal severity. - - Low severity. - - Medium severity. - - High severity. - - Critical severity. - enum: - - SEVERITY_UNSPECIFIED - - MINIMAL - - LOW - - MEDIUM - - HIGH - - CRITICAL - cvssScore: + Python artifacts uploaded to Artifact Registry at the end of the + build. + items: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedPythonPackage + type: array + mavenArtifacts: + type: array + items: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedMavenArtifact description: >- - Output only. The CVSS score of this vulnerability. CVSS score is on - a scale of 0 - 10 where 0 indicates low severity and 10 indicates - high severity. - type: number - format: float - cvssv3: - description: The cvss v3 score for the vulnerability. - $ref: '#/components/schemas/CVSS' - packageIssue: + Maven artifacts uploaded to Artifact Registry at the end of the + build. + artifactTiming: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan + description: Time to push all non-container artifacts to Cloud Storage. + buildStepOutputs: + items: + type: string + format: byte description: >- - Required. The set of affected locations and their fixes (if - available) within the associated resource. + List of build step outputs, produced by builder images, in the order + corresponding to build step indices. [Cloud + Builders](https://cloud.google.com/cloud-build/docs/cloud-builders) + can produce this output by writing to `$BUILDER_OUTPUT/output`. Only + the first 50KB of data is stored. Note that the `$BUILDER_OUTPUT` + variable is read-only and can't be substituted. type: array + npmPackages: + description: Npm packages uploaded to Artifact Registry at the end of the build. items: - $ref: '#/components/schemas/PackageIssue' - shortDescription: - description: Output only. A one sentence description of this vulnerability. - type: string - longDescription: - description: Output only. A detailed description of this vulnerability. - type: string - relatedUrls: - description: Output only. URLs related to this vulnerability. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedNpmPackage + type: array + images: type: array items: - $ref: '#/components/schemas/RelatedUrl' - effectiveSeverity: - description: >- - The distro assigned severity for this vulnerability when it is - available, otherwise this is the note provider assigned severity. - When there are multiple PackageIssues for this vulnerability, they - can have different effective severities because some might be - provided by the distro while others are provided by the language - ecosystem for a language pack. For this reason, it is advised to use - the effective severity on the PackageIssue level. In the case where - multiple PackageIssues have differing effective severities, this - field should be the highest severity for any of the PackageIssues. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1BuiltImage + description: Container images that were built as a part of the build. + id: ContaineranalysisGoogleDevtoolsCloudbuildV1Results + description: Artifacts created by the build pipeline. + SBOMReferenceOccurrence: + properties: + signatures: + items: + $ref: '#/components/schemas/EnvelopeSignature' + description: The signatures over the payload. + type: array + payloadType: type: string - enumDescriptions: - - Unknown. - - Minimal severity. - - Low severity. - - Medium severity. - - High severity. - - Critical severity. - enum: - - SEVERITY_UNSPECIFIED - - MINIMAL - - LOW - - MEDIUM - - HIGH - - CRITICAL - fixAvailable: description: >- - Output only. Whether at least one of the affected packages has a fix - available. - type: boolean - cvssVersion: - description: Output only. CVSS version used to populate cvss_score and severity. - type: string - enumDescriptions: - - '' - - '' - - '' - enum: - - CVSS_VERSION_UNSPECIFIED - - CVSS_VERSION_2 - - CVSS_VERSION_3 - cvssV2: - description: The cvss v2 score for the vulnerability. - $ref: '#/components/schemas/CVSS' - vexAssessment: - $ref: '#/components/schemas/VexAssessment' - extraDetails: - description: Occurrence-specific extra details about the vulnerability. - type: string - risk: - description: Risk information about the vulnerability, such as CISA, EPSS, etc. - $ref: '#/components/schemas/Risk' - CVSS: - id: CVSS - description: >- - Common Vulnerability Scoring System. For details, see - https://www.first.org/cvss/specification-document This is a message we - will try to use for storing various versions of CVSS rather than making - a separate proto for storing a specific version. + The kind of payload that SbomReferenceIntotoPayload takes. Since + it's in the intoto format, this value is expected to be + 'application/vnd.in-toto+json'. + payload: + description: The actual payload that contains the SBOM reference data. + $ref: '#/components/schemas/SbomReferenceIntotoPayload' type: object - properties: - baseScore: - description: The base score is a function of the base metric scores. - type: number - format: float - exploitabilityScore: - type: number - format: float - impactScore: - type: number - format: float - attackVector: - description: >- - Base Metrics Represents the intrinsic characteristics of a - vulnerability that are constant over time and across user - environments. - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - enum: - - ATTACK_VECTOR_UNSPECIFIED - - ATTACK_VECTOR_NETWORK - - ATTACK_VECTOR_ADJACENT - - ATTACK_VECTOR_LOCAL - - ATTACK_VECTOR_PHYSICAL - attackComplexity: - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - enum: - - ATTACK_COMPLEXITY_UNSPECIFIED - - ATTACK_COMPLEXITY_LOW - - ATTACK_COMPLEXITY_HIGH - - ATTACK_COMPLEXITY_MEDIUM - authentication: - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - enum: - - AUTHENTICATION_UNSPECIFIED - - AUTHENTICATION_MULTIPLE - - AUTHENTICATION_SINGLE - - AUTHENTICATION_NONE - privilegesRequired: - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - enum: - - PRIVILEGES_REQUIRED_UNSPECIFIED - - PRIVILEGES_REQUIRED_NONE - - PRIVILEGES_REQUIRED_LOW - - PRIVILEGES_REQUIRED_HIGH - userInteraction: - type: string - enumDescriptions: - - '' - - '' - - '' - enum: - - USER_INTERACTION_UNSPECIFIED - - USER_INTERACTION_NONE - - USER_INTERACTION_REQUIRED - scope: - type: string - enumDescriptions: - - '' - - '' - - '' - enum: - - SCOPE_UNSPECIFIED - - SCOPE_UNCHANGED - - SCOPE_CHANGED - confidentialityImpact: - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - IMPACT_UNSPECIFIED - - IMPACT_HIGH - - IMPACT_LOW - - IMPACT_NONE - - IMPACT_PARTIAL - - IMPACT_COMPLETE - integrityImpact: - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - IMPACT_UNSPECIFIED - - IMPACT_HIGH - - IMPACT_LOW - - IMPACT_NONE - - IMPACT_PARTIAL - - IMPACT_COMPLETE - availabilityImpact: - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - IMPACT_UNSPECIFIED - - IMPACT_HIGH - - IMPACT_LOW - - IMPACT_NONE - - IMPACT_PARTIAL - - IMPACT_COMPLETE - PackageIssue: - id: PackageIssue + id: SBOMReferenceOccurrence description: >- - A detail for a distro and package this vulnerability occurrence was - found in and its associated fix (if one is available). - type: object - properties: - affectedCpeUri: - description: >- - Required. The [CPE URI](https://cpe.mitre.org/specification/) this - vulnerability was found in. - type: string - affectedPackage: - description: Required. The package this vulnerability was found in. - type: string - affectedVersion: - description: >- - Required. The version of the package that is installed on the - resource affected by this vulnerability. - $ref: '#/components/schemas/Version' - fixedCpeUri: - description: >- - The [CPE URI](https://cpe.mitre.org/specification/) this - vulnerability was fixed in. It is possible for this to be different - from the affected_cpe_uri. - type: string - fixedPackage: - description: >- - The package this vulnerability was fixed in. It is possible for this - to be different from the affected_package. - type: string - fixedVersion: - description: >- - Required. The version of the package this vulnerability was fixed - in. Setting this to VersionKind.MAXIMUM means no fix is yet - available. - $ref: '#/components/schemas/Version' - fixAvailable: - description: Output only. Whether a fix is available for this package. - type: boolean - packageType: - description: The type of package (e.g. OS, MAVEN, GO). - type: string - effectiveSeverity: - description: >- - Output only. The distro or language system assigned severity for - this vulnerability when that is available and note provider assigned - severity when it is not available. - readOnly: true - type: string - enumDescriptions: - - Unknown. - - Minimal severity. - - Low severity. - - Medium severity. - - High severity. - - Critical severity. - enum: - - SEVERITY_UNSPECIFIED - - MINIMAL - - LOW - - MEDIUM - - HIGH - - CRITICAL - fileLocation: - description: The location at which this package was found. - type: array - items: - $ref: '#/components/schemas/GrafeasV1FileLocation' - Version: - id: Version - description: Version contains structured information about the version of a package. - type: object + The occurrence representing an SBOM reference as applied to a specific + resource. The occurrence follows the DSSE specification. See + https://github.com/secure-systems-lab/dsse/blob/master/envelope.md for + more details. + Identity: properties: - epoch: - description: Used to correct mistakes in the version numbering scheme. + revision: type: integer + description: The revision number of the update. format: int32 - name: - description: >- - Required only when version kind is NORMAL. The main part of the - version name. - type: string - revision: - description: The iteration of the package build from the above version. - type: string - inclusive: - description: >- - Whether this version is specifying part of an inclusive range. - Grafeas does not have the capability to specify version ranges; - instead we have fields that specify start version and end versions. - At times this is insufficient - we also need to specify whether the - version is included in the range or is excluded from the range. This - boolean is expected to be set to true when the version is included - in a range. - type: boolean - kind: - description: >- - Required. Distinguishes between sentinel MIN/MAX versions and normal - versions. - type: string - enumDescriptions: - - Unknown. - - A standard package version. - - A special version representing negative infinity. - - A special version representing positive infinity. - enum: - - VERSION_KIND_UNSPECIFIED - - NORMAL - - MINIMUM - - MAXIMUM - fullName: - description: >- - Human readable version string. This string is of the form :- and is - only set when kind is NORMAL. + updateId: type: string - GrafeasV1FileLocation: - id: GrafeasV1FileLocation - description: Indicates the location at which a package was found. + description: The revision independent identifier of the update. + type: object + id: Identity + description: The unique identifier of the update. + BuilderConfig: type: object properties: - filePath: - description: >- - For jars that are contained inside .war files, this filepath can - indicate the path to war file combined with the path to jar file. + id: type: string - layerDetails: - description: >- - Each package found in a file should have its own layer metadata - (that is, information from the origin layer of the package). - $ref: '#/components/schemas/LayerDetails' - LayerDetails: - id: LayerDetails - description: Details about the layer a package was found in. - type: object + id: BuilderConfig + Recipe: + description: >- + Steps taken to build the artifact. For a TaskRun, typically each + container corresponds to one step in the recipe. + id: Recipe properties: - index: - description: The index of the layer in the container image. - type: integer - format: int32 - diffId: - description: >- - The diff ID (typically a sha256 hash) of the layer in the container - image. + type: type: string - chainId: description: >- - The layer chain ID (sha256 hash) of the layer in the container - image. - https://github.com/opencontainers/image-spec/blob/main/config.md#layer-chainid - type: string - command: + URI indicating what type of recipe was performed. It determines the + meaning of recipe.entryPoint, recipe.arguments, recipe.environment, + and materials. + arguments: description: >- - The layer build command that was used to build the layer. This may - not be found in all layers depending on how the container image is - built. - type: string - baseImages: - description: The base images the layer is found within. - type: array + Collection of all external inputs that influenced the build on top + of recipe.definedInMaterial and recipe.entryPoint. For example, if + the recipe type were "make", then this might be the flags passed to + make aside from the target, which is captured in recipe.entryPoint. + Since the arguments field can greatly vary in structure, depending + on the builder and recipe type, this is of form "Any". items: - $ref: '#/components/schemas/BaseImage' - BaseImage: - id: BaseImage - description: BaseImage describes a base image of a container image. - type: object - properties: - name: - description: The name of the base image. - type: string - repository: - description: The repository name in which the base image is from. - type: string - layerCount: - description: The number of layers that the base image is composed of. - type: integer - format: int32 - RelatedUrl: - id: RelatedUrl - description: Metadata for any related URL information. - type: object - properties: - url: - description: Specific URL associated with the resource. + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: array + definedInMaterial: + description: >- + Index in materials containing the recipe steps that are not implied + by recipe.type. For example, if the recipe type were "make", then + this would point to the source containing the Makefile, not the make + program itself. Set to -1 if the recipe doesn't come from a + material, as zero is default unset value for int64. + format: int64 type: string - label: - description: Label to describe usage of the URL. + environment: + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: array + description: >- + Any other builder-controlled inputs necessary for correctly + evaluating the recipe. Usually only needed for reproducing the build + but not evaluated as part of policy. Since the environment field can + greatly vary in structure, depending on the builder and recipe type, + this is of form "Any". + entryPoint: + description: >- + String identifying the entry point into the build. This is often a + path to a configuration file and/or a target label within that file. + The syntax and meaning are defined by recipe.type. For example, if + the recipe type were "make", then this would reference the directory + in which to run make as well as which target to use. type: string - VexAssessment: - id: VexAssessment - description: >- - VexAssessment provides all publisher provided Vex information that is - related to this vulnerability. type: object + SetIamPolicyRequest: properties: - cve: - description: >- - Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) - tracking number for the vulnerability. Deprecated: Use - vulnerability_id instead to denote CVEs. - deprecated: true - type: string - vulnerabilityId: + policy: description: >- - The vulnerability identifier for this Assessment. Will hold one of - common identifiers e.g. CVE, GHSA etc. + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' + type: object + description: Request message for `SetIamPolicy` method. + id: SetIamPolicyRequest + BuildDefinition: + properties: + buildType: type: string - relatedUris: - description: >- - Holds a list of references associated with this vulnerability item - and assessment. + externalParameters: + type: object + additionalProperties: + type: any + description: Properties of the object. + internalParameters: + additionalProperties: + description: Properties of the object. + type: any + type: object + resolvedDependencies: + items: + $ref: '#/components/schemas/ResourceDescriptor' type: array + type: object + id: BuildDefinition + Note: + properties: + relatedUrl: items: $ref: '#/components/schemas/RelatedUrl' - noteName: + description: URLs associated with this note. + type: array + updateTime: description: >- - The VulnerabilityAssessment note from which this VexAssessment was - generated. This will be of the form: - `projects/[PROJECT_ID]/notes/[NOTE_ID]`. + Output only. The time this note was last updated. This field can be + used as a filter in list requests. type: string - state: - description: Provides the state of this Vulnerability assessment. + format: google-datetime + expirationTime: + format: google-datetime + description: Time of expiration for this note. Empty if note does not expire. type: string - enumDescriptions: - - No state is specified. - - This product is known to be affected by this vulnerability. - - This product is known to be not affected by this vulnerability. - - This product contains a fix for this vulnerability. - - >- - It is not known yet whether these versions are or are not affected - by the vulnerability. However, it is still under investigation. - enum: - - STATE_UNSPECIFIED - - AFFECTED - - NOT_AFFECTED - - FIXED - - UNDER_INVESTIGATION - impacts: - description: >- - Contains information about the impact of this vulnerability, this - will change with time. + relatedNoteNames: type: array items: type: string - remediations: - description: >- - Specifies details on how to handle (and presumably, fix) a - vulnerability. - type: array - items: - $ref: '#/components/schemas/Remediation' - justification: - description: >- - Justification provides the justification when the state of the - assessment if NOT_AFFECTED. - $ref: '#/components/schemas/Justification' - Remediation: - id: Remediation - description: >- - Specifies details on how to handle (and presumably, fix) a - vulnerability. - type: object - properties: - remediationType: - description: The type of remediation that can be applied. + description: Other notes related to this note. + deployment: + $ref: '#/components/schemas/DeploymentNote' + description: A note describing something that can be deployed. + shortDescription: + description: A one sentence description of this note. type: string - enumDescriptions: - - No remediation type specified. - - A MITIGATION is available. - - No fix is planned. - - Not available. - - A vendor fix is available. - - A workaround is available. - enum: - - REMEDIATION_TYPE_UNSPECIFIED - - MITIGATION - - NO_FIX_PLANNED - - NONE_AVAILABLE - - VENDOR_FIX - - WORKAROUND - details: + kind: description: >- - Contains a comprehensive human-readable discussion of the - remediation. - type: string - remediationUri: - description: Contains the URL where to obtain the remediation. - $ref: '#/components/schemas/RelatedUrl' - Justification: - id: Justification - description: >- - Justification provides the justification when the state of the - assessment if NOT_AFFECTED. - type: object - properties: - justificationType: - description: The justification type for this vulnerability. + Output only. The type of analysis. This field can be used as a + filter in list requests. type: string + enum: + - NOTE_KIND_UNSPECIFIED + - VULNERABILITY + - BUILD + - IMAGE + - PACKAGE + - DEPLOYMENT + - DISCOVERY + - ATTESTATION + - UPGRADE + - COMPLIANCE + - DSSE_ATTESTATION + - VULNERABILITY_ASSESSMENT + - SBOM_REFERENCE + - SECRET enumDescriptions: - - JUSTIFICATION_TYPE_UNSPECIFIED. - - The vulnerable component is not present in the product. - - >- - The vulnerable code is not present. Typically this case occurs - when source code is configured or built in a way that excludes the - vulnerable code. - - >- - The vulnerable code can not be executed. Typically this case - occurs when the product includes the vulnerable code but does not - call or use the vulnerable code. - - >- - The vulnerable code cannot be controlled by an attacker to exploit - the vulnerability. + - Default value. This value is unused. + - The note and occurrence represent a package vulnerability. + - The note and occurrence assert build provenance. + - This represents an image basis relationship. + - This represents a package installed via a package manager. + - The note and occurrence track deployment events. - >- - The product includes built-in protections or features that prevent - exploitation of the vulnerability. These built-in protections - cannot be subverted by the attacker and cannot be configured or - disabled by the user. These mitigations completely prevent - exploitation based on known attack vectors. - enum: - - JUSTIFICATION_TYPE_UNSPECIFIED - - COMPONENT_NOT_PRESENT - - VULNERABLE_CODE_NOT_PRESENT - - VULNERABLE_CODE_NOT_IN_EXECUTE_PATH - - VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY - - INLINE_MITIGATIONS_ALREADY_EXIST - details: - description: Additional details on why this justification was chosen. + The note and occurrence track the initial discovery status of a + resource. + - This represents a logical "role" that can attest to artifacts. + - This represents an available package upgrade. + - This represents a Compliance Note + - This represents a DSSE attestation Note + - This represents a Vulnerability Assessment. + - This represents an SBOM Reference. + - This represents a secret. + image: + description: A note describing a base image. + $ref: '#/components/schemas/ImageNote' + vulnerability: + $ref: '#/components/schemas/VulnerabilityNote' + description: A note describing a package vulnerability. + upgrade: + $ref: '#/components/schemas/UpgradeNote' + description: A note describing available package upgrades. + longDescription: type: string - Risk: - id: Risk + description: A detailed description of this note. + dsseAttestation: + $ref: '#/components/schemas/DSSEAttestationNote' + description: A note describing a dsse attestation note. + build: + description: A note describing build provenance for a verifiable build. + $ref: '#/components/schemas/BuildNote' + attestation: + description: A note describing an attestation role. + $ref: '#/components/schemas/AttestationNote' + vulnerabilityAssessment: + $ref: '#/components/schemas/VulnerabilityAssessmentNote' + description: A note describing a vulnerability assessment. + createTime: + format: google-datetime + description: >- + Output only. The time this note was created. This field can be used + as a filter in list requests. + type: string + package: + $ref: '#/components/schemas/PackageNote' + description: A note describing a package hosted by various package managers. + sbomReference: + $ref: '#/components/schemas/SBOMReferenceNote' + description: A note describing an SBOM reference. + secret: + description: A note describing a secret. + $ref: '#/components/schemas/SecretNote' + discovery: + $ref: '#/components/schemas/DiscoveryNote' + description: A note describing the initial analysis of a resource. + compliance: + $ref: '#/components/schemas/ComplianceNote' + description: A note describing a compliance check. + name: + description: >- + Output only. The name of the note in the form of + `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. + type: string + id: Note type: object + description: A type of analysis that can be done for a resource. + GetIamPolicyRequest: + description: Request message for `GetIamPolicy` method. + id: GetIamPolicyRequest properties: - cisaKev: - description: >- - CISA maintains the authoritative source of vulnerabilities that have - been exploited in the wild. - $ref: '#/components/schemas/CISAKnownExploitedVulnerabilities' - epss: + options: description: >- - The Exploit Prediction Scoring System (EPSS) estimates the - likelihood (probability) that a software vulnerability will be - exploited in the wild. - $ref: '#/components/schemas/ExploitPredictionScoringSystem' - CISAKnownExploitedVulnerabilities: - id: CISAKnownExploitedVulnerabilities + OPTIONAL: A `GetPolicyOptions` object for specifying options to + `GetIamPolicy`. + $ref: '#/components/schemas/GetPolicyOptions' + type: object + ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGitSourceRepository: + id: ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGitSourceRepository + description: A repository for a git source. type: object properties: - knownRansomwareCampaignUse: + developerConnect: description: >- - Whether the vulnerability is known to have been leveraged as part of - a ransomware campaign. + The Developer Connect Git repository link formatted as + `projects/*/locations/*/connections/*/gitRepositoryLink/*` type: string - ExploitPredictionScoringSystem: - id: ExploitPredictionScoringSystem + url: + type: string + description: Location of the Git repository. + ContaineranalysisGoogleDevtoolsCloudbuildV1SourceProvenance: + description: >- + Provenance of the source. Ways to find the original source, or verify + that some source was used for this build. type: object properties: - percentile: + fileHashes: + readOnly: true description: >- - The percentile of the current score, the proportion of all scored - vulnerabilities with the same or a lower EPSS score - type: number - format: double - score: + Output only. Hash(es) of the build source, which can be used to + verify that the original source integrity was maintained in the + build. Note that `FileHashes` will only be populated if + `BuildOptions` has requested a `SourceProvenanceHash`. The keys to + this map are file paths used as build source and the values contain + the hash values for those files. If the build source came in a + single package such as a gzipped tarfile (`.tar.gz`), the `FileHash` + will be for the single path to that file. + type: object + additionalProperties: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes + resolvedGitSource: description: >- - The EPSS score representing the probability [0-1] of exploitation in - the wild in the next 30 days - type: number - format: double - BuildOccurrence: - id: BuildOccurrence - description: Details of a build occurrence. - type: object - properties: - provenance: - description: The actual provenance for the build. - $ref: '#/components/schemas/BuildProvenance' - provenanceBytes: + Output only. A copy of the build's `source.git_source`, if exists, + with any revisions resolved. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1GitSource + readOnly: true + resolvedRepoSource: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1RepoSource description: >- - Serialized JSON representation of the provenance, used in generating - the build signature in the corresponding build note. After verifying - the signature, `provenance_bytes` can be unmarshalled and compared - to the provenance to confirm that it is unchanged. A base64-encoded - string representation of the provenance bytes is used for the - signature in order to interoperate with openssl which expects this - format for signature verification. The serialized form is captured - both to avoid ambiguity in how the provenance is marshalled to json - as well to prevent incompatibilities with future changes. - type: string - intotoProvenance: + A copy of the build's `source.repo_source`, if exists, with any + revisions resolved. + resolvedStorageSourceManifest: description: >- - Deprecated. See InTotoStatement for the replacement. In-toto - Provenance representation as defined in spec. - $ref: '#/components/schemas/InTotoProvenance' - intotoStatement: + A copy of the build's `source.storage_source_manifest`, if exists, + with any revisions resolved. This feature is in Preview. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSourceManifest + resolvedConnectedRepository: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ConnectedRepository + readOnly: true description: >- - In-toto Statement representation as defined in spec. The - intoto_statement can contain any type of provenance. The serialized - payload of the statement can be stored and signed in the - Occurrence's envelope. - $ref: '#/components/schemas/InTotoStatement' - inTotoSlsaProvenanceV1: + Output only. A copy of the build's `source.connected_repository`, if + exists, with any revisions resolved. + resolvedStorageSource: description: >- - In-Toto Slsa Provenance V1 represents a slsa provenance meeting the - slsa spec, wrapped in an in-toto statement. This allows for direct - jsonification of a to-spec in-toto slsa statement with a to-spec - slsa provenance. - $ref: '#/components/schemas/InTotoSlsaProvenanceV1' - BuildProvenance: - id: BuildProvenance - description: >- - Provenance of a build. Contains all information needed to verify the - full details about the build from source to completion. + A copy of the build's `source.storage_source`, if exists, with any + generations resolved. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSource + id: ContaineranalysisGoogleDevtoolsCloudbuildV1SourceProvenance + RelatedUrl: type: object properties: - id: - description: Required. Unique identifier of the build. + url: + description: Specific URL associated with the resource. type: string - projectId: - description: ID of the project. + label: type: string - commands: - description: Commands requested by the build. - type: array - items: - $ref: '#/components/schemas/Command' - builtArtifacts: - description: Output of the build. - type: array - items: - $ref: '#/components/schemas/Artifact' - createTime: - description: Time at which the build was created. + description: Label to describe usage of the URL. + id: RelatedUrl + description: Metadata for any related URL information. + CVSSv3: + description: >- + Common Vulnerability Scoring System version 3. For details, see + https://www.first.org/cvss/specification-document + properties: + impactScore: + format: float + type: number + exploitabilityScore: + type: number + format: float + attackVector: type: string - format: google-datetime - startTime: - description: Time at which execution of the build was started. + description: >- + Base Metrics Represents the intrinsic characteristics of a + vulnerability that are constant over time and across user + environments. + enum: + - ATTACK_VECTOR_UNSPECIFIED + - ATTACK_VECTOR_NETWORK + - ATTACK_VECTOR_ADJACENT + - ATTACK_VECTOR_LOCAL + - ATTACK_VECTOR_PHYSICAL + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + attackComplexity: + enum: + - ATTACK_COMPLEXITY_UNSPECIFIED + - ATTACK_COMPLEXITY_LOW + - ATTACK_COMPLEXITY_HIGH + enumDescriptions: + - '' + - '' + - '' type: string - format: google-datetime - endTime: - description: Time at which execution of the build was finished. + scope: type: string - format: google-datetime - creator: - description: >- - E-mail address of the user who initiated this build. Note that this - was the user's e-mail address at the time the build was initiated; - this address may not represent the same end-user for all time. + enum: + - SCOPE_UNSPECIFIED + - SCOPE_UNCHANGED + - SCOPE_CHANGED + enumDescriptions: + - '' + - '' + - '' + privilegesRequired: + enum: + - PRIVILEGES_REQUIRED_UNSPECIFIED + - PRIVILEGES_REQUIRED_NONE + - PRIVILEGES_REQUIRED_LOW + - PRIVILEGES_REQUIRED_HIGH + enumDescriptions: + - '' + - '' + - '' + - '' type: string - logsUri: - description: URI where any logs for this provenance were written. + baseScore: + type: number + format: float + description: The base score is a function of the base metric scores. + integrityImpact: + enum: + - IMPACT_UNSPECIFIED + - IMPACT_HIGH + - IMPACT_LOW + - IMPACT_NONE type: string - sourceProvenance: - description: Details of the Source input to the build. - $ref: '#/components/schemas/Source' - triggerId: - description: >- - Trigger identifier if the build was triggered automatically; empty - if not. + enumDescriptions: + - '' + - '' + - '' + - '' + userInteraction: + enumDescriptions: + - '' + - '' + - '' + enum: + - USER_INTERACTION_UNSPECIFIED + - USER_INTERACTION_NONE + - USER_INTERACTION_REQUIRED type: string - buildOptions: - description: >- - Special options applied to this build. This is a catch-all field - where build providers can enter any desired additional details. - type: object - additionalProperties: - type: string - builderVersion: - description: Version string of the builder at the time this build was executed. + confidentialityImpact: + enum: + - IMPACT_UNSPECIFIED + - IMPACT_HIGH + - IMPACT_LOW + - IMPACT_NONE + enumDescriptions: + - '' + - '' + - '' + - '' + type: string + availabilityImpact: + enum: + - IMPACT_UNSPECIFIED + - IMPACT_HIGH + - IMPACT_LOW + - IMPACT_NONE type: string - Command: - id: Command - description: Command describes a step performed as part of the build pipeline. + enumDescriptions: + - '' + - '' + - '' + - '' type: object + id: CVSSv3 + ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedPythonPackage: + id: ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedPythonPackage properties: - name: - description: >- - Required. Name of the command, as presented on the command line, or - if the command is packaged as a Docker container, as presented to - `docker pull`. + uri: + description: URI of the uploaded artifact. type: string - env: - description: Environment variables set before running this command. - type: array - items: - type: string - args: - description: Command-line arguments used when executing this command. - type: array - items: - type: string - dir: - description: >- - Working directory (relative to project source root) used when - running this command. + artifactRegistryPackage: + readOnly: true + description: Output only. Path to the artifact in Artifact Registry. type: string - id: + fileHashes: + description: Hash types and values of the Python Artifact. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes + pushTiming: + readOnly: true description: >- - Optional unique identifier for this command, used in wait_for to - reference this command as a dependency. - type: string - waitFor: - description: The ID(s) of the command(s) that this command depends on. - type: array - items: - type: string - Artifact: - id: Artifact - description: Artifact describes a build product. + Output only. Stores timing information for pushing the specified + artifact. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan + description: Artifact uploaded using the PythonPackage directive. type: object + VexAssessment: properties: - checksum: + cve: description: >- - Hash or checksum value of a binary, or Docker Registry 2.0 digest of - a container. + Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) + tracking number for the vulnerability. Deprecated: Use + vulnerability_id instead to denote CVEs. + deprecated: true type: string - id: - description: >- - Artifact ID, if any; for container images, this will be a URL by - digest like `gcr.io/projectID/imagename@sha256:123456`. + state: type: string - names: - description: >- - Related artifact names. This may be the path to a binary or jar - file, or in the case of a container build, the name used to push the - container image to Google Container Registry, as presented to - `docker push`. Note that a single Artifact ID can have multiple - names, for example if two tags are applied to one image. + enum: + - STATE_UNSPECIFIED + - AFFECTED + - NOT_AFFECTED + - FIXED + - UNDER_INVESTIGATION + description: Provides the state of this Vulnerability assessment. + enumDescriptions: + - No state is specified. + - This product is known to be affected by this vulnerability. + - This product is known to be not affected by this vulnerability. + - This product contains a fix for this vulnerability. + - >- + It is not known yet whether these versions are or are not affected + by the vulnerability. However, it is still under investigation. + relatedUris: type: array items: - type: string - Source: - id: Source - description: Source describes the location of the source used for the build. - type: object - properties: - artifactStorageSourceUri: - description: >- - If provided, the input binary artifacts for the build came from this - location. - type: string - fileHashes: - description: >- - Hash(es) of the build source, which can be used to verify that the - original source integrity was maintained in the build. The keys to - this map are file paths used as build source and the values contain - the hash values for those files. If the build source came in a - single package such as a gzipped tarfile (.tar.gz), the FileHash - will be for the single path to that file. - type: object - additionalProperties: - $ref: '#/components/schemas/FileHashes' - context: - description: >- - If provided, the source code used for the build came from this - location. - $ref: '#/components/schemas/SourceContext' - additionalContexts: + $ref: '#/components/schemas/RelatedUrl' description: >- - If provided, some of the source code used for the build may be found - in these locations, in the case where the source repository had - multiple remotes or submodules. This list will not include the - context specified in the context field. - type: array - items: - $ref: '#/components/schemas/SourceContext' - FileHashes: - id: FileHashes - description: >- - Container message for hashes of byte content of files, used in source - messages to verify integrity of source input to the build. - type: object - properties: - fileHash: - description: Required. Collection of file hashes. + Holds a list of references associated with this vulnerability item + and assessment. + remediations: type: array items: - $ref: '#/components/schemas/Hash' - Hash: - id: Hash - description: Container message for hash values. - type: object - properties: - type: - description: Required. The type of hash that was performed, e.g. "SHA-256". - type: string - value: - description: Required. The hash value. - type: string - format: byte - SourceContext: - id: SourceContext - description: >- - A SourceContext is a reference to a tree of files. A SourceContext - together with a path point to a unique revision of a single file or - directory. - type: object - properties: - cloudRepo: + $ref: '#/components/schemas/Remediation' description: >- - A SourceContext referring to a revision in a Google Cloud Source - Repo. - $ref: '#/components/schemas/CloudRepoSourceContext' - gerrit: - description: A SourceContext referring to a Gerrit project. - $ref: '#/components/schemas/GerritSourceContext' - git: + Specifies details on how to handle (and presumably, fix) a + vulnerability. + justification: description: >- - A SourceContext referring to any third party Git repo (e.g., - GitHub). - $ref: '#/components/schemas/GitSourceContext' - labels: - description: Labels with user defined metadata. - type: object - additionalProperties: + Justification provides the justification when the state of the + assessment if NOT_AFFECTED. + $ref: '#/components/schemas/Justification' + impacts: + type: array + items: type: string - CloudRepoSourceContext: - id: CloudRepoSourceContext - description: >- - A CloudRepoSourceContext denotes a particular revision in a Google Cloud - Source Repo. - type: object - properties: - repoId: - description: The ID of the repo. - $ref: '#/components/schemas/RepoId' - revisionId: - description: A revision ID. - type: string - aliasContext: - description: An alias, which may be a branch or tag. - $ref: '#/components/schemas/AliasContext' - RepoId: - id: RepoId - description: A unique identifier for a Cloud Repo. - type: object - properties: - projectRepoId: - description: A combination of a project ID and a repo name. - $ref: '#/components/schemas/ProjectRepoId' - uid: - description: A server-assigned, globally unique identifier. - type: string - ProjectRepoId: - id: ProjectRepoId - description: >- - Selects a repo using a Google Cloud Platform project ID (e.g., - winged-cargo-31) and a repo name within that project. - type: object - properties: - projectId: - description: The ID of the project. - type: string - repoName: - description: The name of the repo. Leave empty for the default repo. - type: string - AliasContext: - id: AliasContext - description: An alias to a repo revision. - type: object - properties: - kind: - description: The alias kind. - type: string - enumDescriptions: - - Unknown. - - Git tag. - - Git branch. - - >- - Used to specify non-standard aliases. For example, if a Git repo - has a ref named "refs/foo/bar". - enum: - - KIND_UNSPECIFIED - - FIXED - - MOVABLE - - OTHER - name: - description: The alias name. + description: >- + Contains information about the impact of this vulnerability, this + will change with time. + vulnerabilityId: + type: string + description: >- + The vulnerability identifier for this Assessment. Will hold one of + common identifiers e.g. CVE, GHSA etc. + noteName: + description: >- + The VulnerabilityAssessment note from which this VexAssessment was + generated. This will be of the form: + `projects/[PROJECT_ID]/notes/[NOTE_ID]`. type: string - GerritSourceContext: - id: GerritSourceContext - description: A SourceContext referring to a Gerrit project. type: object + description: >- + VexAssessment provides all publisher provided Vex information that is + related to this vulnerability. + id: VexAssessment + ContaineranalysisGoogleDevtoolsCloudbuildV1GitSource: properties: - hostUri: - description: The URI of a running Gerrit instance. + revision: type: string - gerritProject: description: >- - The full project name within the host. Projects may be nested, so - "project/subproject" is a valid project name. The "repo name" is the - hostURI/project. + Optional. The revision to fetch from the Git repository such as a + branch, a tag, a commit SHA, or any Git ref. Cloud Build uses `git + fetch` to fetch the revision from the Git repository; therefore make + sure that the string you provide for `revision` is parsable by the + command. For information on string values accepted by `git fetch`, + see https://git-scm.com/docs/gitrevisions#_specifying_revisions. For + information on `git fetch`, see https://git-scm.com/docs/git-fetch. + url: type: string - revisionId: - description: A revision (commit) ID. + description: >- + Required. Location of the Git repo to build. This will be used as a + `git remote`, see https://git-scm.com/docs/git-remote. + dir: + description: >- + Optional. Directory, relative to the source root, in which to run + the build. This must be a relative path. If a step's `dir` is + specified and is an absolute path, this value is ignored for that + step's execution. type: string - aliasContext: - description: An alias, which may be a branch or tag. - $ref: '#/components/schemas/AliasContext' - GitSourceContext: - id: GitSourceContext - description: >- - A GitSourceContext denotes a particular revision in a third party Git - repository (e.g., GitHub). + description: Location of the source in any accessible Git repository. + id: ContaineranalysisGoogleDevtoolsCloudbuildV1GitSource + type: object + ResourceDescriptor: type: object + id: ResourceDescriptor properties: - url: - description: Git repository URL. + annotations: + type: object + additionalProperties: + type: any + downloadLocation: type: string - revisionId: - description: Git commit hash. + mediaType: type: string - InTotoProvenance: - id: InTotoProvenance - type: object - properties: - builderConfig: - description: required - $ref: '#/components/schemas/BuilderConfig' - recipe: - description: >- - Identifies the configuration used for the build. When combined with - materials, this SHOULD fully describe the build, such that - re-running this recipe results in bit-for-bit identical output (if - the build is reproducible). required - $ref: '#/components/schemas/Recipe' - metadata: - $ref: '#/components/schemas/Metadata' - materials: - description: >- - The collection of artifacts that influenced the build including - sources, dependencies, build tools, base images, and so on. This is - considered to be incomplete unless metadata.completeness.materials - is true. Unset or null is equivalent to empty. - type: array - items: + uri: + type: string + name: + type: string + digest: + type: object + additionalProperties: type: string - BuilderConfig: - id: BuilderConfig - type: object - properties: - id: + content: type: string - Recipe: - id: Recipe - description: >- - Steps taken to build the artifact. For a TaskRun, typically each - container corresponds to one step in the recipe. - type: object + format: byte + Artifact: properties: - type: + names: + items: + type: string description: >- - URI indicating what type of recipe was performed. It determines the - meaning of recipe.entryPoint, recipe.arguments, recipe.environment, - and materials. - type: string - definedInMaterial: + Related artifact names. This may be the path to a binary or jar + file, or in the case of a container build, the name used to push the + container image to Google Container Registry, as presented to + `docker push`. Note that a single Artifact ID can have multiple + names, for example if two tags are applied to one image. + type: array + checksum: description: >- - Index in materials containing the recipe steps that are not implied - by recipe.type. For example, if the recipe type were "make", then - this would point to the source containing the Makefile, not the make - program itself. Set to -1 if the recipe doesn't come from a - material, as zero is default unset value for int64. + Hash or checksum value of a binary, or Docker Registry 2.0 digest of + a container. type: string - format: int64 - entryPoint: - description: >- - String identifying the entry point into the build. This is often a - path to a configuration file and/or a target label within that file. - The syntax and meaning are defined by recipe.type. For example, if - the recipe type were "make", then this would reference the directory - in which to run make as well as which target to use. + id: type: string - arguments: description: >- - Collection of all external inputs that influenced the build on top - of recipe.definedInMaterial and recipe.entryPoint. For example, if - the recipe type were "make", then this might be the flags passed to - make aside from the target, which is captured in recipe.entryPoint. - Since the arguments field can greatly vary in structure, depending - on the builder and recipe type, this is of form "Any". + Artifact ID, if any; for container images, this will be a URL by + digest like `gcr.io/projectID/imagename@sha256:123456`. + id: Artifact + description: Artifact describes a build product. + type: object + ListOccurrencesResponse: + properties: + occurrences: type: array + description: The occurrences requested. items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - environment: + $ref: '#/components/schemas/Occurrence' + nextPageToken: + type: string description: >- - Any other builder-controlled inputs necessary for correctly - evaluating the recipe. Usually only needed for reproducing the build - but not evaluated as part of policy. Since the environment field can - greatly vary in structure, depending on the builder and recipe type, - this is of form "Any". - type: array + The next pagination token in the list response. It should be used as + `page_token` for the following request. An empty value means no more + results. + unreachable: items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Metadata: - id: Metadata - description: Other properties of the build. + type: string + type: array + description: >- + Unordered list. Unreachable regions. Populated for requests from the + global region when `return_partial_success` is set. Format: + `projects/[PROJECT_ID]/locations/[LOCATION]` + id: ListOccurrencesResponse + description: Response for listing occurrences. type: object + ContaineranalysisGoogleDevtoolsCloudbuildV1ConnectedRepository: properties: - buildInvocationId: + revision: description: >- - Identifies the particular build invocation, which can be useful for - finding associated logs or other ad-hoc analysis. The value SHOULD - be globally unique, per in-toto Provenance spec. + Required. The revision to fetch from the Git repository such as a + branch, a tag, a commit SHA, or any Git ref. type: string - buildStartedOn: - description: The timestamp of when the build started. + repository: + description: >- + Required. Name of the Google Cloud Build repository, formatted as + `projects/*/locations/*/connections/*/repositories/*`. type: string - format: google-datetime - buildFinishedOn: - description: The timestamp of when the build completed. + dir: type: string - format: google-datetime - completeness: - description: >- - Indicates that the builder claims certain fields in this message to - be complete. - $ref: '#/components/schemas/Completeness' - reproducible: description: >- - If true, the builder claims that running the recipe on materials - will produce bit-for-bit identical output. - type: boolean - Completeness: - id: Completeness + Optional. Directory, relative to the source root, in which to run + the build. description: >- - Indicates that the builder claims certain fields in this message to be - complete. + Location of the source in a 2nd-gen Google Cloud Build repository + resource. + id: ContaineranalysisGoogleDevtoolsCloudbuildV1ConnectedRepository + type: object + ExploitPredictionScoringSystem: type: object properties: - arguments: - description: >- - If true, the builder claims that recipe.arguments is complete, - meaning that all external inputs are properly captured in the - recipe. - type: boolean - environment: + score: + type: number + format: double description: >- - If true, the builder claims that recipe.environment is claimed to be - complete. - type: boolean - materials: + The EPSS score representing the probability [0-1] of exploitation in + the wild in the next 30 days + percentile: description: >- - If true, the builder claims that materials are complete, usually - through some controls to prevent network access. Sometimes called - "hermetic". - type: boolean - InTotoStatement: - id: InTotoStatement + The percentile of the current score, the proportion of all scored + vulnerabilities with the same or a lower EPSS score + format: double + type: number + id: ExploitPredictionScoringSystem + ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsArtifactObjects: + id: ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsArtifactObjects description: >- - Spec defined at - https://github.com/in-toto/attestation/tree/main/spec#statement The - serialized InTotoStatement will be stored as Envelope.payload. - Envelope.payloadType is always "application/vnd.in-toto+json". + Files in the workspace to upload to Cloud Storage upon successful + completion of all build steps. type: object properties: - _type: - description: Always `https://in-toto.io/Statement/v0.1`. + timing: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan + readOnly: true + description: >- + Output only. Stores timing information for pushing all artifact + objects. + location: type: string - subject: + description: >- + Cloud Storage bucket and optional object path, in the form + "gs://bucket/path/to/somewhere/". (see [Bucket Name + Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). + Files in the workspace matching any path pattern will be uploaded to + Cloud Storage with this location as a prefix. + paths: type: array items: - $ref: '#/components/schemas/Subject' - predicateType: - description: '`https://slsa.dev/provenance/v0.1` for SlsaProvenance.' - type: string - provenance: - $ref: '#/components/schemas/InTotoProvenance' - slsaProvenance: - $ref: '#/components/schemas/SlsaProvenance' - slsaProvenanceZeroTwo: - $ref: '#/components/schemas/SlsaProvenanceZeroTwo' - Subject: - id: Subject + type: string + description: Path globs used to match files in the build's workspace. + ContaineranalysisGoogleDevtoolsCloudbuildV1Dependency: + description: >- + A dependency that the Cloud Build worker will fetch before executing + user steps. type: object + id: ContaineranalysisGoogleDevtoolsCloudbuildV1Dependency properties: - name: - type: string - digest: + empty: + type: boolean description: >- - `"": ""` Algorithms can be e.g. sha256, sha512 See - https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet - type: object - additionalProperties: - type: string - SlsaProvenance: - id: SlsaProvenance + If set to true disable all dependency fetching (ignoring the default + source as well). + gitSource: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGitSourceDependency + description: Represents a git repository as a build dependency. + ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptions: + id: ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptions + description: Optional arguments to enable specific features of builds. type: object properties: - builder: - description: required - $ref: '#/components/schemas/SlsaBuilder' - recipe: + logStreamingOption: + enum: + - STREAM_DEFAULT + - STREAM_ON + - STREAM_OFF + enumDescriptions: + - Service may automatically determine build log streaming behavior. + - Build logs should be streamed to Cloud Storage. + - >- + Build logs should not be streamed to Cloud Storage; they will be + written when the build is completed. + type: string + description: Option to define build log streaming behavior to Cloud Storage. + pubsubTopic: description: >- - Identifies the configuration used for the build. When combined with - materials, this SHOULD fully describe the build, such that - re-running this recipe results in bit-for-bit identical output (if - the build is reproducible). required - $ref: '#/components/schemas/SlsaRecipe' - metadata: - $ref: '#/components/schemas/SlsaMetadata' - materials: + Optional. Option to specify the Pub/Sub topic to receive build + status updates. + type: string + automapSubstitutions: description: >- - The collection of artifacts that influenced the build including - sources, dependencies, build tools, base images, and so on. This is - considered to be incomplete unless metadata.completeness.materials - is true. Unset or null is equivalent to empty. + Option to include built-in and custom substitutions as env variables + for all build steps. + type: boolean + volumes: type: array items: - $ref: '#/components/schemas/Material' - SlsaBuilder: - id: SlsaBuilder - type: object - properties: - id: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Volume + description: >- + Global list of volumes to mount for ALL build steps Each volume is + created as an empty volume prior to starting the build process. Upon + completion of the build, volumes and their contents are discarded. + Global volume names and paths cannot conflict with the volumes + defined a build step. Using a global volume in a build with only one + step is not valid as it is indicative of a build request with an + incorrect configuration. + workerPool: + deprecated: true + description: This field deprecated; please use `pool.name` instead. type: string - SlsaRecipe: - id: SlsaRecipe - description: >- - Steps taken to build the artifact. For a TaskRun, typically each - container corresponds to one step in the recipe. - type: object - properties: - type: + enableStructuredLogging: description: >- - URI indicating what type of recipe was performed. It determines the - meaning of recipe.entryPoint, recipe.arguments, recipe.environment, - and materials. + Optional. Option to specify whether structured logging is enabled. + If true, JSON-formatted logs are parsed as structured logs. + type: boolean + pool: + description: >- + Optional. Specification for execution on a `WorkerPool`. See + [running builds in a private + pool](https://cloud.google.com/build/docs/private-pools/run-builds-in-private-pool) + for more information. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptionsPoolOption + logging: type: string - definedInMaterial: description: >- - Index in materials containing the recipe steps that are not implied - by recipe.type. For example, if the recipe type were "make", then - this would point to the source containing the Makefile, not the make - program itself. Set to -1 if the recipe doesn't come from a - material, as zero is default unset value for int64. - type: string + Option to specify the logging mode, which determines if and where + build logs are stored. + enumDeprecated: + - false + - false + - false + - true + - false + - false + enumDescriptions: + - >- + The service determines the logging mode. The default is `LEGACY`. + Do not rely on the default logging behavior as it may change in + the future. + - Build logs are stored in Cloud Logging and Cloud Storage. + - Build logs are stored in Cloud Storage. + - This option is the same as CLOUD_LOGGING_ONLY. + - >- + Build logs are stored in Cloud Logging. Selecting this option will + not allow [logs + streaming](https://cloud.google.com/sdk/gcloud/reference/builds/log). + - Turn off all logging. No build logs will be captured. + enum: + - LOGGING_UNSPECIFIED + - LEGACY + - GCS_ONLY + - STACKDRIVER_ONLY + - CLOUD_LOGGING_ONLY + - NONE + requestedVerifyOption: + description: Requested verifiability options. + enum: + - NOT_VERIFIED + - VERIFIED + enumDescriptions: + - Not a verifiable build (the default). + - Build must be verified. + type: string + defaultLogsBucketBehavior: + type: string + enumDescriptions: + - Unspecified. + - >- + Bucket is located in user-owned project in the same region as the + build. The builder service account must have access to create and + write to Cloud Storage buckets in the build project. + - >- + Bucket is located in a Google-owned project and is not + regionalized. + description: Optional. Option to specify how default logs buckets are setup. + enum: + - DEFAULT_LOGS_BUCKET_BEHAVIOR_UNSPECIFIED + - REGIONAL_USER_OWNED_BUCKET + - LEGACY_BUCKET + env: + description: >- + A list of global environment variable definitions that will exist + for all build steps in this build. If a variable is defined in both + globally and in a build step, the variable will use the build step + value. The elements are of the form "KEY=VALUE" for the environment + variable "KEY" being given the value "VALUE". + type: array + items: + type: string + machineType: + description: Compute Engine machine type on which to run the build. + enumDescriptions: + - Standard machine type. + - Highcpu machine with 8 CPUs. + - Highcpu machine with 32 CPUs. + - Highcpu e2 machine with 8 CPUs. + - Highcpu e2 machine with 32 CPUs. + - E2 machine with 1 CPU. + enum: + - UNSPECIFIED + - N1_HIGHCPU_8 + - N1_HIGHCPU_32 + - E2_HIGHCPU_8 + - E2_HIGHCPU_32 + - E2_MEDIUM + enumDeprecated: + - false + - true + - true + - false + - false + - false + type: string + sourceProvenanceHash: + description: Requested hash for SourceProvenance. + type: array + items: + enumDescriptions: + - No hash requested. + - Use a sha256 hash. + - Use a md5 hash. + - Dirhash of a Go module's source code which is then hex-encoded. + - Use a sha512 hash. + enum: + - NONE + - SHA256 + - MD5 + - GO_MODULE_H1 + - SHA512 + type: string + dynamicSubstitutions: + type: boolean + description: >- + Option to specify whether or not to apply bash style string + operations to the substitutions. NOTE: this is always enabled for + triggered builds and cannot be overridden in the build configuration + file. + secretEnv: + type: array + description: >- + A list of global environment variables, which are encrypted using a + Cloud Key Management Service crypto key. These values must be + specified in the build's `Secret`. These variables will be available + to all build steps in this build. + items: + type: string + diskSizeGb: format: int64 - entryPoint: description: >- - String identifying the entry point into the build. This is often a - path to a configuration file and/or a target label within that file. - The syntax and meaning are defined by recipe.type. For example, if - the recipe type were "make", then this would reference the directory - in which to run make as well as which target to use. + Requested disk size for the VM that runs the build. Note that this + is *NOT* "disk free"; some of the space will be used by the + operating system and build utilities. Also note that this is the + minimum disk size that will be allocated for the build -- the build + may run with a larger disk than requested. At present, the maximum + disk size is 4000GB; builds that request more than the maximum are + rejected with an error. type: string - arguments: - description: >- - Collection of all external inputs that influenced the build on top - of recipe.definedInMaterial and recipe.entryPoint. For example, if - the recipe type were "make", then this might be the flags passed to - make aside from the target, which is captured in recipe.entryPoint. - Depending on the recipe Type, the structure may be different. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - environment: - description: >- - Any other builder-controlled inputs necessary for correctly - evaluating the recipe. Usually only needed for reproducing the build - but not evaluated as part of policy. Depending on the recipe Type, - the structure may be different. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - SlsaMetadata: - id: SlsaMetadata - description: Other properties of the build. - type: object - properties: - buildInvocationId: + substitutionOption: description: >- - Identifies the particular build invocation, which can be useful for - finding associated logs or other ad-hoc analysis. The value SHOULD - be globally unique, per in-toto Provenance spec. - type: string - buildStartedOn: - description: The timestamp of when the build started. - type: string - format: google-datetime - buildFinishedOn: - description: The timestamp of when the build completed. + Option to specify behavior when there is an error in the + substitution checks. NOTE: this is always set to ALLOW_LOOSE for + triggered builds and cannot be overridden in the build configuration + file. type: string - format: google-datetime - completeness: - description: >- - Indicates that the builder claims certain fields in this message to - be complete. - $ref: '#/components/schemas/SlsaCompleteness' - reproducible: - description: >- - If true, the builder claims that running the recipe on materials - will produce bit-for-bit identical output. - type: boolean - SlsaCompleteness: - id: SlsaCompleteness + enumDescriptions: + - >- + Fails the build if error in substitutions checks, like missing a + substitution in the template or in the map. + - Do not fail the build if error in substitutions checks. + enum: + - MUST_MATCH + - ALLOW_LOOSE + ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSourceManifest: description: >- - Indicates that the builder claims certain fields in this message to be - complete. + Location of the source manifest in Cloud Storage. This feature is in + Preview; see description + [here](https://github.com/GoogleCloudPlatform/cloud-builders/tree/master/gcs-fetcher). type: object + id: ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSourceManifest properties: - arguments: + generation: + type: string + format: int64 description: >- - If true, the builder claims that recipe.arguments is complete, - meaning that all external inputs are properly captured in the - recipe. - type: boolean - environment: + Cloud Storage generation for the object. If the generation is + omitted, the latest generation will be used. + object: + type: string description: >- - If true, the builder claims that recipe.environment is claimed to be - complete. - type: boolean - materials: + Required. Cloud Storage object containing the source manifest. This + object must be a JSON file. + bucket: description: >- - If true, the builder claims that materials are complete, usually - through some controls to prevent network access. Sometimes called - "hermetic". - type: boolean - Material: - id: Material - type: object - properties: - uri: - type: string - digest: - type: object - additionalProperties: - type: string - SlsaProvenanceZeroTwo: - id: SlsaProvenanceZeroTwo - description: See full explanation of fields at slsa.dev/provenance/v0.2. - type: object - properties: - builder: - $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaBuilder' - buildType: - type: string - invocation: - $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaInvocation' - buildConfig: - type: object - additionalProperties: - type: any - description: Properties of the object. - metadata: - $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaMetadata' - materials: - type: array - items: - $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaMaterial' - GrafeasV1SlsaProvenanceZeroTwoSlsaBuilder: - id: GrafeasV1SlsaProvenanceZeroTwoSlsaBuilder - description: >- - Identifies the entity that executed the recipe, which is trusted to have - correctly performed the operation and populated this provenance. - type: object - properties: - id: + Required. Cloud Storage bucket containing the source manifest (see + [Bucket Name + Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). type: string - GrafeasV1SlsaProvenanceZeroTwoSlsaInvocation: - id: GrafeasV1SlsaProvenanceZeroTwoSlsaInvocation - description: Identifies the event that kicked off the build. + Distribution: + id: Distribution type: object - properties: - configSource: - $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSource' - parameters: - type: object - additionalProperties: - type: any - description: Properties of the object. - environment: - type: object - additionalProperties: - type: any - description: Properties of the object. - GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSource: - id: GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSource description: >- - Describes where the config file that kicked off the build came from. - This is effectively a pointer to the source where buildConfig came from. - type: object - properties: - uri: - type: string - digest: - type: object - additionalProperties: - type: string - entryPoint: - type: string - GrafeasV1SlsaProvenanceZeroTwoSlsaMetadata: - id: GrafeasV1SlsaProvenanceZeroTwoSlsaMetadata - description: Other properties of the build. - type: object + This represents a particular channel of distribution for a given + package. E.g., Debian's jessie-backports dpkg mirror. properties: - buildInvocationId: - type: string - buildStartedOn: + architecture: + description: >- + The CPU architecture for which packages in this distribution channel + were built. type: string - format: google-datetime - buildFinishedOn: + enum: + - ARCHITECTURE_UNSPECIFIED + - X86 + - X64 + enumDescriptions: + - Unknown architecture. + - X86 architecture. + - X64 architecture. + url: + description: The distribution channel-specific homepage for this package. type: string - format: google-datetime - completeness: - $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaCompleteness' - reproducible: - type: boolean - GrafeasV1SlsaProvenanceZeroTwoSlsaCompleteness: - id: GrafeasV1SlsaProvenanceZeroTwoSlsaCompleteness - description: >- - Indicates that the builder claims certain fields in this message to be - complete. - type: object - properties: - parameters: - type: boolean - environment: - type: boolean - materials: - type: boolean - GrafeasV1SlsaProvenanceZeroTwoSlsaMaterial: - id: GrafeasV1SlsaProvenanceZeroTwoSlsaMaterial - description: >- - The collection of artifacts that influenced the build including sources, - dependencies, build tools, base images, and so on. - type: object - properties: - uri: + cpeUri: + description: >- + Required. The cpe_uri in [CPE + format](https://cpe.mitre.org/specification/) denoting the package + manager version distributing a package. type: string - digest: - type: object - additionalProperties: - type: string - InTotoSlsaProvenanceV1: - id: InTotoSlsaProvenanceV1 - type: object + description: + type: string + description: The distribution channel-specific description of this package. + maintainer: + type: string + description: A freeform string denoting the maintainer of this package. + latestVersion: + $ref: '#/components/schemas/Version' + description: >- + The latest available version of this package in this distribution + channel. + DiscoveryNote: properties: - _type: + analysisKind: description: >- - InToto spec defined at - https://github.com/in-toto/attestation/tree/main/spec#statement - type: string - subject: - type: array - items: - $ref: '#/components/schemas/Subject' - predicateType: + Required. Immutable. The kind of analysis that is handled by this + discovery. + enum: + - NOTE_KIND_UNSPECIFIED + - VULNERABILITY + - BUILD + - IMAGE + - PACKAGE + - DEPLOYMENT + - DISCOVERY + - ATTESTATION + - UPGRADE + - COMPLIANCE + - DSSE_ATTESTATION + - VULNERABILITY_ASSESSMENT + - SBOM_REFERENCE + - SECRET + enumDescriptions: + - Default value. This value is unused. + - The note and occurrence represent a package vulnerability. + - The note and occurrence assert build provenance. + - This represents an image basis relationship. + - This represents a package installed via a package manager. + - The note and occurrence track deployment events. + - >- + The note and occurrence track the initial discovery status of a + resource. + - This represents a logical "role" that can attest to artifacts. + - This represents an available package upgrade. + - This represents a Compliance Note + - This represents a DSSE attestation Note + - This represents a Vulnerability Assessment. + - This represents an SBOM Reference. + - This represents a secret. type: string - predicate: - $ref: '#/components/schemas/SlsaProvenanceV1' - SlsaProvenanceV1: - id: SlsaProvenanceV1 description: >- - Keep in sync with schema at - https://github.com/slsa-framework/slsa/blob/main/docs/provenance/schema/v1/provenance.proto - Builder renamed to ProvenanceBuilder because of Java conflicts. + A note that indicates a type of analysis a provider would perform. This + note exists in a provider's project. A `Discovery` occurrence is created + in a consumer's project at the start of analysis. type: object - properties: - buildDefinition: - $ref: '#/components/schemas/BuildDefinition' - runDetails: - $ref: '#/components/schemas/RunDetails' - BuildDefinition: - id: BuildDefinition + id: DiscoveryNote + Version: + id: Version type: object + description: Version contains structured information about the version of a package. properties: - buildType: + revision: + description: The iteration of the package build from the above version. type: string - externalParameters: - type: object - additionalProperties: - type: any - description: Properties of the object. - internalParameters: - type: object - additionalProperties: - type: any - description: Properties of the object. - resolvedDependencies: - type: array - items: - $ref: '#/components/schemas/ResourceDescriptor' - ResourceDescriptor: - id: ResourceDescriptor - type: object - properties: name: type: string - uri: - type: string - digest: - type: object - additionalProperties: - type: string - content: - type: string - format: byte - downloadLocation: + description: >- + Required only when version kind is NORMAL. The main part of the + version name. + epoch: + format: int32 + type: integer + description: Used to correct mistakes in the version numbering scheme. + kind: + enumDescriptions: + - Unknown. + - A standard package version. + - A special version representing negative infinity. + - A special version representing positive infinity. + enum: + - VERSION_KIND_UNSPECIFIED + - NORMAL + - MINIMUM + - MAXIMUM type: string - mediaType: + description: >- + Required. Distinguishes between sentinel MIN/MAX versions and normal + versions. + inclusive: + description: >- + Whether this version is specifying part of an inclusive range. + Grafeas does not have the capability to specify version ranges; + instead we have fields that specify start version and end versions. + At times this is insufficient - we also need to specify whether the + version is included in the range or is excluded from the range. This + boolean is expected to be set to true when the version is included + in a range. + type: boolean + fullName: + description: >- + Human readable version string. This string is of the form :- and is + only set when kind is NORMAL. type: string - annotations: - type: object - additionalProperties: - type: any - RunDetails: - id: RunDetails - type: object - properties: - builder: - $ref: '#/components/schemas/ProvenanceBuilder' - metadata: - $ref: '#/components/schemas/BuildMetadata' - byproducts: - type: array - items: - $ref: '#/components/schemas/ResourceDescriptor' - ProvenanceBuilder: - id: ProvenanceBuilder + ContaineranalysisGoogleDevtoolsCloudbuildV1GitConfig: type: object properties: - id: - type: string - version: - type: object - additionalProperties: - type: string - builderDependencies: - type: array - items: - $ref: '#/components/schemas/ResourceDescriptor' - BuildMetadata: - id: BuildMetadata + http: + description: Configuration for HTTP related git operations. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1GitConfigHttpConfig + description: GitConfig is a configuration for git operations. + id: ContaineranalysisGoogleDevtoolsCloudbuildV1GitConfig + Category: + description: The category to which the update belongs. type: object properties: - invocationId: - type: string - startedOn: + name: + description: The localized name of the category. type: string - format: google-datetime - finishedOn: + categoryId: + description: The identifier of the category. type: string - format: google-datetime - ImageOccurrence: - id: ImageOccurrence - description: >- - Details of the derived image portion of the DockerImage relationship. - This image would be produced from a Dockerfile with FROM . - type: object + id: Category + Source: + description: Source describes the location of the source used for the build. properties: - fingerprint: - description: Required. The fingerprint of the derived image. - $ref: '#/components/schemas/Fingerprint' - distance: + additionalContexts: + items: + $ref: '#/components/schemas/SourceContext' + type: array description: >- - Output only. The number of layers by which this image differs from - the associated image basis. - type: integer - format: int32 - layerInfo: + If provided, some of the source code used for the build may be found + in these locations, in the case where the source repository had + multiple remotes or submodules. This list will not include the + context specified in the context field. + fileHashes: + additionalProperties: + $ref: '#/components/schemas/FileHashes' description: >- - This contains layer-specific metadata, if populated it has length - "distance" and is ordered with [distance] being the layer - immediately following the base image and [1] being the final layer. - type: array - items: - $ref: '#/components/schemas/Layer' - baseResourceUrl: + Hash(es) of the build source, which can be used to verify that the + original source integrity was maintained in the build. The keys to + this map are file paths used as build source and the values contain + the hash values for those files. If the build source came in a + single package such as a gzipped tarfile (.tar.gz), the FileHash + will be for the single path to that file. + type: object + artifactStorageSourceUri: description: >- - Output only. This contains the base image URL for the derived image - occurrence. - type: string - Fingerprint: - id: Fingerprint - description: A set of properties that uniquely identify a given Docker image. + If provided, the input binary artifacts for the build came from this + location. + type: string + context: + $ref: '#/components/schemas/SourceContext' + description: >- + If provided, the source code used for the build came from this + location. + id: Source type: object + ContaineranalysisGoogleDevtoolsCloudbuildV1DeveloperConnectConfig: + id: ContaineranalysisGoogleDevtoolsCloudbuildV1DeveloperConnectConfig properties: - v1Name: + dir: description: >- - Required. The layer ID of the final layer in the Docker image's v1 - representation. + Required. Directory, relative to the source root, in which to run + the build. + type: string + revision: type: string - v2Blob: - description: Required. The ordered list of v2 blobs that represent a given image. - type: array - items: - type: string - v2Name: description: >- - Output only. The name of the image's v2 blobs computed via: [bottom] - := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the - name of the final blob is kept. + Required. The revision to fetch from the Git repository such as a + branch, a tag, a commit SHA, or any Git ref. + gitRepositoryLink: + description: >- + Required. The Developer Connect Git repository link, formatted as + `projects/*/locations/*/connections/*/gitRepositoryLink/*`. type: string - Layer: - id: Layer - description: Layer holds metadata specific to a layer of a Docker image. + description: This config defines the location of a source through Developer Connect. + type: object + TestIamPermissionsRequest: + description: Request message for `TestIamPermissions` method. + id: TestIamPermissionsRequest type: object properties: - directive: + permissions: + type: array description: >- - Required. The recovered Dockerfile directive used to construct this - layer. See https://docs.docker.com/engine/reference/builder/ for - more information. + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + items: + type: string + PackageNote: + properties: + license: + description: Licenses that have been declared by the authors of the package. + $ref: '#/components/schemas/License' + description: + description: The description of this package. type: string - arguments: - description: The recovered arguments to the Dockerfile directive. + cpeUri: type: string - PackageOccurrence: - id: PackageOccurrence - description: Details on how a particular software package was installed on a system. - type: object - properties: + description: >- + The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) + denoting the package manager version distributing a package. The + cpe_uri will be blank for language packages. + url: + description: The homepage for this package. + type: string + version: + description: The version of the package. + $ref: '#/components/schemas/Version' name: - description: Required. Output only. The name of the installed package. - readOnly: true type: string - location: - description: >- - All of the places within the filesystem versions of this package - have been found. - type: array - items: - $ref: '#/components/schemas/Location' + description: Required. Immutable. The name of the package. packageType: description: >- - Output only. The type of package; whether native or non native - (e.g., ruby gems, node.js packages, etc.). - readOnly: true + The type of package; whether native or non native (e.g., ruby gems, + node.js packages, etc.). type: string - cpeUri: - description: >- - Output only. The cpe_uri in [CPE - format](https://cpe.mitre.org/specification/) denoting the package - manager version distributing a package. The cpe_uri will be blank - for language packages. - readOnly: true + maintainer: + description: A freeform text denoting the maintainer of this package. type: string + digest: + items: + $ref: '#/components/schemas/Digest' + type: array + description: >- + Hash value, typically a file digest, that allows unique + identification a specific package. architecture: description: >- - Output only. The CPU architecture for which packages in this - distribution channel were built. Architecture will be blank for - language packages. - readOnly: true + The CPU architecture for which packages in this distribution channel + were built. Architecture will be blank for language packages. type: string enumDescriptions: - Unknown architecture. @@ -1760,99 +1339,414 @@ components: - ARCHITECTURE_UNSPECIFIED - X86 - X64 - license: - description: Licenses that have been declared by the authors of the package. - $ref: '#/components/schemas/License' - version: - description: Output only. The version of the package. - readOnly: true - $ref: '#/components/schemas/Version' - Location: - id: Location + distribution: + type: array + description: Deprecated. The various channels by which a package is distributed. + items: + $ref: '#/components/schemas/Distribution' + type: object + id: PackageNote + description: PackageNote represents a particular package version. + SBOMStatus: + description: The status of an SBOM generation. + properties: + error: + type: string + description: >- + If there was an error generating an SBOM, this will indicate what + that error was. + sbomState: + description: The progress of the SBOM generation. + enum: + - SBOM_STATE_UNSPECIFIED + - PENDING + - COMPLETE + type: string + enumDescriptions: + - Default unknown state. + - SBOM scanning is pending. + - SBOM scanning has completed. + id: SBOMStatus + type: object + ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSource: + description: Location of the source in an archive file in Cloud Storage. + type: object + id: ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSource + properties: + generation: + format: int64 + description: >- + Optional. Cloud Storage generation for the object. If the generation + is omitted, the latest generation will be used. + type: string + bucket: + type: string + description: >- + Cloud Storage bucket containing the source (see [Bucket Name + Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). + sourceFetcher: + enumDescriptions: + - Unspecified defaults to GSUTIL. + - Use the "gsutil" tool to download the source file. + - Use the Cloud Storage Fetcher tool to download the source file. + type: string + enum: + - SOURCE_FETCHER_UNSPECIFIED + - GSUTIL + - GCS_FETCHER + description: >- + Optional. Option to specify the tool to fetch the source file for + the build. + object: + type: string + description: >- + Required. Cloud Storage object containing the source. This object + must be a zipped (`.zip`) or gzipped archive file (`.tar.gz`) + containing source to build. + GitSourceContext: + type: object + properties: + url: + description: Git repository URL. + type: string + revisionId: + type: string + description: Git commit hash. + id: GitSourceContext description: >- - An occurrence of a particular package installation found within a - system's filesystem. E.g., glibc was found in `/var/lib/dpkg/status`. + A GitSourceContext denotes a particular revision in a third party Git + repository (e.g., GitHub). + Binding: + id: Binding + properties: + condition: + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + role: + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + type: string + members: + type: array + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + items: + type: string type: object - properties: - cpeUri: - description: >- - Deprecated. The CPE URI in [CPE - format](https://cpe.mitre.org/specification/) - type: string - version: - description: Deprecated. The version installed at this location. - $ref: '#/components/schemas/Version' - path: - description: >- - The path from which we gathered that this package/version is - installed. - type: string + description: Associates `members`, or principals, with a `role`. License: - id: License description: License information. type: object + id: License properties: expression: + type: string description: >- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2". - type: string comments: description: Comments type: string - DeploymentOccurrence: - id: DeploymentOccurrence - description: The period during which some deployable was active in a runtime. + ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptionsPoolOption: + description: >- + Details about how a build should be executed on a `WorkerPool`. See + [running builds in a private + pool](https://cloud.google.com/build/docs/private-pools/run-builds-in-private-pool) + for more information. + id: ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptionsPoolOption type: object properties: - userEmail: - description: Identity of the user that triggered this deployment. + name: type: string - deployTime: - description: Required. Beginning of the lifetime of this deployment. + description: >- + The `WorkerPool` resource to execute the build on. You must have + `cloudbuild.workerpools.use` on the project hosting the WorkerPool. + Format + projects/{project}/locations/{location}/workerPools/{workerPoolId} + ComplianceVersion: + id: ComplianceVersion + type: object + properties: + version: + description: >- + The version of the benchmark. This is set to the version of the + OS-specific CIS document the benchmark is defined in. + type: string + cpeUri: + description: >- + The CPE URI (https://cpe.mitre.org/specification/) this benchmark is + applicable to. type: string + benchmarkDocument: + type: string + description: >- + The name of the document that defines this benchmark, e.g. "CIS + Container-Optimized OS". + description: >- + Describes the CIS benchmark version that is applicable to a given OS and + os version. + ExportSBOMRequest: + properties: + cloudStorageLocation: + $ref: '#/components/schemas/CloudStorageLocation' + description: >- + Optional. Empty placeholder to denote that this is a Google Cloud + Storage export request. + id: ExportSBOMRequest + type: object + description: >- + The request to generate and export SBOM. Target must be specified for + the request. + GoogleDevtoolsContaineranalysisV1alpha1OperationMetadata: + properties: + endTime: format: google-datetime - undeployTime: - description: End of the lifetime of this deployment. + description: >- + Output only. The time that this operation was marked completed or + failed. + type: string + createTime: + description: Output only. The time this operation was created. type: string format: google-datetime - config: - description: Configuration used to create this deployment. + description: >- + Metadata for all operations used and required for all operations that + created by Container Analysis Providers + id: GoogleDevtoolsContaineranalysisV1alpha1OperationMetadata + type: object + ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedNpmPackage: + properties: + uri: + description: URI of the uploaded npm package. type: string - address: - description: Address of the runtime element hosting this deployment. + artifactRegistryPackage: + description: Output only. Path to the artifact in Artifact Registry. type: string - resourceUri: + readOnly: true + pushTiming: description: >- - Output only. Resource URI for the artifact being deployed taken from - the deployable field with the same name. + Output only. Stores timing information for pushing the specified + artifact. + readOnly: true + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan + fileHashes: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes + description: Hash types and values of the npm package. + type: object + id: ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedNpmPackage + description: >- + An npm package uploaded to Artifact Registry using the NpmPackage + directive. + ExportSBOMResponse: + type: object + description: The response from a call to ExportSBOM. + id: ExportSBOMResponse + properties: + discoveryOccurrence: + description: >- + The name of the discovery occurrence in the form + "projects/{project_id}/occurrences/{OCCURRENCE_ID} It can be used to + track the progress of the SBOM export. + type: string + ListNotesResponse: + id: ListNotesResponse + type: object + description: Response for listing notes. + properties: + notes: + description: The notes requested. type: array + items: + $ref: '#/components/schemas/Note' + nextPageToken: + type: string + description: >- + The next pagination token in the list response. It should be used as + `page_token` for the following request. An empty value means no more + results. + unreachable: items: type: string - platform: - description: Platform hosting this deployment. + description: >- + Unordered list. Unreachable regions. Populated for requests from the + global region when `return_partial_success` is set. Format: + `projects/[PROJECT_ID]/locations/[LOCATION]` + type: array + ContaineranalysisGoogleDevtoolsCloudbuildV1Source: + type: object + description: Location of the source in a supported storage service. + id: ContaineranalysisGoogleDevtoolsCloudbuildV1Source + properties: + repoSource: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1RepoSource + description: >- + If provided, get the source from this location in a Cloud Source + Repository. + gitSource: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1GitSource + description: If provided, get the source from this Git repository. + developerConnectConfig: + description: If provided, get the source from this Developer Connect config. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1DeveloperConnectConfig + connectedRepository: + description: >- + Optional. If provided, get the source from this 2nd-gen Google Cloud + Build repository resource. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ConnectedRepository + storageSourceManifest: + description: >- + If provided, get the source from this manifest in Cloud Storage. + This feature is in Preview; see description + [here](https://github.com/GoogleCloudPlatform/cloud-builders/tree/master/gcs-fetcher). + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSourceManifest + storageSource: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSource + description: If provided, get the source from this location in Cloud Storage. + Jwt: + id: Jwt + type: object + properties: + compactJwt: type: string - enumDescriptions: - - Unknown. - - Google Container Engine. - - 'Google App Engine: Flexible Environment.' - - Custom user-defined platform. - enum: - - PLATFORM_UNSPECIFIED - - GKE - - FLEX - - CUSTOM - DiscoveryOccurrence: - id: DiscoveryOccurrence - description: Provides information about the analysis status of a discovered resource. + description: >- + The compact encoding of a JWS, which is always three base64 encoded + strings joined by periods. For details, see: + https://tools.ietf.org/html/rfc7515.html#section-3.1 + ImageOccurrence: + properties: + baseResourceUrl: + description: >- + Output only. This contains the base image URL for the derived image + occurrence. + type: string + distance: + description: >- + Output only. The number of layers by which this image differs from + the associated image basis. + format: int32 + type: integer + layerInfo: + items: + $ref: '#/components/schemas/Layer' + description: >- + This contains layer-specific metadata, if populated it has length + "distance" and is ordered with [distance] being the layer + immediately following the base image and [1] being the final layer. + type: array + fingerprint: + description: Required. The fingerprint of the derived image. + $ref: '#/components/schemas/Fingerprint' type: object + id: ImageOccurrence + description: >- + Details of the derived image portion of the DockerImage relationship. + This image would be produced from a Dockerfile with FROM . + DiscoveryOccurrence: properties: - continuousAnalysis: - description: Whether the resource is continuously analyzed. + analysisCompleted: + $ref: '#/components/schemas/AnalysisCompleted' + analysisError: + items: + $ref: '#/components/schemas/Status' + type: array + description: >- + Indicates any errors encountered during analysis of a resource. + There could be 0 or more of these errors. + archiveTime: type: string + description: >- + Output only. The time occurrences related to this discovery + occurrence were archived. + readOnly: true + format: google-datetime + analysisStatusError: + description: >- + When an error is encountered this will contain a LocalizedMessage + under details to show to the user. The LocalizedMessage is output + only and populated by the API. + $ref: '#/components/schemas/Status' + continuousAnalysis: enumDescriptions: - Unknown. - The resource is continuously analyzed. @@ -1861,9 +1755,25 @@ components: - CONTINUOUS_ANALYSIS_UNSPECIFIED - ACTIVE - INACTIVE - analysisStatus: - description: The status of discovery for the resource. type: string + description: Whether the resource is continuously analyzed. + files: + items: + $ref: '#/components/schemas/File' + description: Files that make up the resource described by the occurrence. + type: array + cpe: + description: The CPE of the resource being scanned. + type: string + analysisStatus: + enum: + - ANALYSIS_STATUS_UNSPECIFIED + - PENDING + - SCANNING + - FINISHED_SUCCESS + - COMPLETE + - FINISHED_FAILED + - FINISHED_UNSUPPORTED enumDescriptions: - Unknown. - Resource is known but no action has been taken yet. @@ -1874,845 +1784,740 @@ components: Analysis has finished unsuccessfully, the analysis itself is in a bad state. - The resource is known not to be supported. + type: string + description: The status of discovery for the resource. + sbomStatus: + description: The status of an SBOM generation. + $ref: '#/components/schemas/SBOMStatus' + lastScanTime: + description: The last time this resource was scanned. + type: string + format: google-datetime + id: DiscoveryOccurrence + description: Provides information about the analysis status of a discovered resource. + type: object + ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGitSourceDependency: + id: ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGitSourceDependency + type: object + properties: + recurseSubmodules: + type: boolean + description: Optional. True if submodules should be fetched too (default false). + repository: + description: Required. The kind of repo (url or dev connect). + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGitSourceRepository + depth: + format: int64 + description: >- + Optional. How much history should be fetched for the build (default + 1, -1 for all history). + type: string + revision: + type: string + description: Required. The revision that we will fetch the repo at. + destPath: + type: string + description: Required. Where should the files be placed on the worker. + description: Represents a git repository as a build dependency. + CisBenchmark: + properties: + profileLevel: + type: integer + format: int32 + severity: enum: - - ANALYSIS_STATUS_UNSPECIFIED - - PENDING - - SCANNING - - FINISHED_SUCCESS - - COMPLETE - - FINISHED_FAILED - - FINISHED_UNSUPPORTED - analysisCompleted: - $ref: '#/components/schemas/AnalysisCompleted' - analysisError: + - SEVERITY_UNSPECIFIED + - MINIMAL + - LOW + - MEDIUM + - HIGH + - CRITICAL + enumDescriptions: + - Unknown. + - Minimal severity. + - Low severity. + - Medium severity. + - High severity. + - Critical severity. + type: string + type: object + description: A compliance check that is a CIS benchmark. + id: CisBenchmark + GrafeasV1SlsaProvenanceZeroTwoSlsaBuilder: + type: object + id: GrafeasV1SlsaProvenanceZeroTwoSlsaBuilder + description: >- + Identifies the entity that executed the recipe, which is trusted to have + correctly performed the operation and populated this provenance. + properties: + id: + type: string + Product: + type: object + id: Product + properties: + id: description: >- - Indicates any errors encountered during analysis of a resource. - There could be 0 or more of these errors. - type: array - items: - $ref: '#/components/schemas/Status' - analysisStatusError: + Token that identifies a product so that it can be referred to from + other parts in the document. There is no predefined format as long + as it uniquely identifies a group in the context of the current + document. + type: string + name: + type: string + description: Name of the product. + genericUri: description: >- - When an error is encountered this will contain a LocalizedMessage - under details to show to the user. The LocalizedMessage is output - only and populated by the API. - $ref: '#/components/schemas/Status' - cpe: - description: The CPE of the resource being scanned. + Contains a URI which is vendor-specific. Example: The artifact + repository URL of an image. type: string - lastScanTime: - description: The last time this resource was scanned. + description: >- + Product contains information about a product and how to uniquely + identify it. + SlsaMetadata: + properties: + buildStartedOn: type: string + description: The timestamp of when the build started. format: google-datetime - archiveTime: + buildFinishedOn: + description: The timestamp of when the build completed. + format: google-datetime + type: string + buildInvocationId: + type: string description: >- - Output only. The time occurrences related to this discovery - occurrence were archived. - readOnly: true + Identifies the particular build invocation, which can be useful for + finding associated logs or other ad-hoc analysis. The value SHOULD + be globally unique, per in-toto Provenance spec. + reproducible: + type: boolean + description: >- + If true, the builder claims that running the recipe on materials + will produce bit-for-bit identical output. + completeness: + $ref: '#/components/schemas/SlsaCompleteness' + description: >- + Indicates that the builder claims certain fields in this message to + be complete. + id: SlsaMetadata + type: object + description: Other properties of the build. + WindowsUpdate: + type: object + description: >- + Windows Update represents the metadata about the update for the Windows + operating system. The fields in this message come from the Windows + Update API documented at + https://docs.microsoft.com/en-us/windows/win32/api/wuapi/nn-wuapi-iupdate. + properties: + description: + type: string + description: The localized description of the update. + kbArticleIds: + type: array + items: + type: string + description: >- + The Microsoft Knowledge Base article IDs that are associated with + the update. + title: + type: string + description: The localized title of the update. + lastPublishedTimestamp: type: string format: google-datetime - sbomStatus: - description: The status of an SBOM generation. - $ref: '#/components/schemas/SBOMStatus' - files: - description: Files that make up the resource described by the occurrence. + description: The last published timestamp of the update. + identity: + $ref: '#/components/schemas/Identity' + description: Required - The unique identifier for the update. + supportUrl: + type: string + description: The hyperlink to the support information for the update. + categories: type: array items: - $ref: '#/components/schemas/File' - AnalysisCompleted: - id: AnalysisCompleted - description: >- - Indicates which analysis completed successfully. Multiple types of - analysis can be performed on a single resource. - type: object + $ref: '#/components/schemas/Category' + description: The list of categories to which the update belongs. + id: WindowsUpdate + ContaineranalysisGoogleDevtoolsCloudbuildV1BuildStep: + description: A step in the build pipeline. properties: - analysisType: + allowExitCodes: + description: >- + Allow this build step to fail without failing the entire build if + and only if the exit code is one of the specified codes. If + allow_failure is also specified, this field will take precedence. type: array + items: + format: int32 + type: integer + automapSubstitutions: + description: >- + Option to include built-in and custom substitutions as env variables + for this build step. This option will override the global option in + BuildOption. + type: boolean + args: items: type: string - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + type: array description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + A list of arguments that will be presented to the step when it is + started. If the image used to run the step's container has an + entrypoint, the `args` are used as arguments to that entrypoint. If + the image does not define an entrypoint, the first element in args + is used as the entrypoint, and the remainder will be used as + arguments. + id: type: string - details: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + Unique identifier for this build step, used in `wait_for` to + reference this build step as a dependency. + pullTiming: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan + readOnly: true + description: >- + Output only. Stores timing information for pulling this build step's + builder image only. + secretEnv: + description: >- + A list of environment variables which are encrypted using a Cloud + Key Management Service crypto key. These values must be specified in + the build's `Secret`. type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - SBOMStatus: - id: SBOMStatus - description: The status of an SBOM generation. - type: object - properties: - sbomState: - description: The progress of the SBOM generation. - type: string + type: string + status: + description: >- + Output only. Status of the build step. At this time, build step + status is only updated on build completion; step status is not + updated in real-time as the build progresses. enumDescriptions: - - Default unknown state. - - SBOM scanning is pending. - - SBOM scanning has completed. + - Status of the build is unknown. + - >- + Build has been created and is pending execution and queuing. It + has not been queued. + - Build or step is queued; work has not yet begun. + - Build or step is being executed. + - Build or step finished successfully. + - Build or step failed to complete successfully. + - Build or step failed due to an internal cause. + - Build or step took longer than was allowed. + - Build or step was canceled by a user. + - Build was enqueued for longer than the value of `queue_ttl`. enum: - - SBOM_STATE_UNSPECIFIED + - STATUS_UNKNOWN - PENDING - - COMPLETE - error: - description: >- - If there was an error generating an SBOM, this will indicate what - that error was. - type: string - File: - id: File - type: object - properties: - name: + - QUEUED + - WORKING + - SUCCESS + - FAILURE + - INTERNAL_ERROR + - TIMEOUT + - CANCELLED + - EXPIRED + readOnly: true type: string - digest: - type: object - additionalProperties: - type: string - AttestationOccurrence: - id: AttestationOccurrence - description: >- - Occurrence that represents a single "attestation". The authenticity of - an attestation can be verified using the attached signature. If the - verifier trusts the public key of the signer, then verifying the - signature is sufficient to establish trust. In this circumstance, the - authority to which this attestation is attached is primarily useful for - lookup (how to find this attestation if you already know the authority - and artifact to be verified) and intent (for which authority this - attestation was intended to sign. - type: object - properties: - serializedPayload: + timing: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan + readOnly: true description: >- - Required. The serialized payload that is verified by one or more - `signatures`. - type: string - format: byte - signatures: + Output only. Stores timing information for executing this build + step. + waitFor: description: >- - One or more signatures over `serialized_payload`. Verifier - implementations should consider this attestation message verified if - at least one `signature` verifies `serialized_payload`. See - `Signature` in common.proto for more details on signature structure - and verification. - type: array + The ID(s) of the step(s) that this build step depends on. This build + step will not start until all the build steps in `wait_for` have + completed successfully. If `wait_for` is empty, this build step will + start when all previous build steps in the `Build.Steps` list have + completed successfully. items: - $ref: '#/components/schemas/Signature' - jwts: - description: >- - One or more JWTs encoding a self-contained attestation. Each JWT - encodes the payload that it verifies within the JWT itself. Verifier - implementation SHOULD ignore the `serialized_payload` field when - verifying these JWTs. If only JWTs are present on this - AttestationOccurrence, then the `serialized_payload` SHOULD be left - empty. Each JWT SHOULD encode a claim specific to the `resource_uri` - of this Occurrence, but this is not validated by Grafeas metadata - API implementations. The JWT itself is opaque to Grafeas. + type: string type: array + volumes: items: - $ref: '#/components/schemas/Jwt' - Signature: - id: Signature - description: >- - Verifiers (e.g. Kritis implementations) MUST verify signatures with - respect to the trust anchors defined in policy (e.g. a Kritis policy). - Typically this means that the verifier has been configured with a map - from `public_key_id` to public key material (and any required - parameters, e.g. signing algorithm). In particular, verification - implementations MUST NOT treat the signature `public_key_id` as anything - more than a key lookup hint. The `public_key_id` DOES NOT validate or - authenticate a public key; it only provides a mechanism for quickly - selecting a public key ALREADY CONFIGURED on the verifier through a - trusted channel. Verification implementations MUST reject signatures in - any of the following circumstances: * The `public_key_id` is not - recognized by the verifier. * The public key that `public_key_id` refers - to does not verify the signature with respect to the payload. The - `signature` contents SHOULD NOT be "attached" (where the payload is - included with the serialized `signature` bytes). Verifiers MUST ignore - any "attached" payload and only verify signatures with respect to - explicitly provided payload (e.g. a `payload` field on the proto message - that holds this Signature, or the canonical serialization of the proto - message that holds this signature). - type: object - properties: - signature: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Volume + type: array description: >- - The content of the signature, an opaque bytestring. The payload that - this signature verifies MUST be unambiguously provided with the - Signature during verification. A wrapper message might provide the - payload explicitly. Alternatively, a message might have a canonical - serialization that can always be unambiguously computed to derive - the payload. - type: string - format: byte - publicKeyId: + List of volumes to mount into the build step. Each volume is created + as an empty volume prior to execution of the build step. Upon + completion of the build, volumes and their contents are discarded. + Using a named volume in only one step is not valid as it is + indicative of a build request with an incorrect configuration. + allowFailure: description: >- - The identifier for the public key that verifies this signature. * - The `public_key_id` is required. * The `public_key_id` SHOULD be an - RFC3986 conformant URI. * When possible, the `public_key_id` SHOULD - be an immutable reference, such as a cryptographic digest. Examples - of valid `public_key_id`s: OpenPGP V4 public key fingerprint: * - "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See - https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for - more details on this scheme. RFC6920 digest-named - SubjectPublicKeyInfo (digest of the DER serialization): * - "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" * - "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" - type: string - Jwt: - id: Jwt - type: object - properties: - compactJwt: + Allow this build step to fail without failing the entire build. If + false, the entire build will fail if this step fails. Otherwise, the + build will succeed, but this step will still have a failure status. + Error information will be reported in the failure_detail field. + type: boolean + entrypoint: description: >- - The compact encoding of a JWS, which is always three base64 encoded - strings joined by periods. For details, see: - https://tools.ietf.org/html/rfc7515.html#section-3.1 - type: string - UpgradeOccurrence: - id: UpgradeOccurrence - description: >- - An Upgrade Occurrence represents that a specific resource_url could - install a specific upgrade. This presence is supplied via local sources - (i.e. it is present in the mirror and the running system has noticed its - availability). For Windows, both distribution and windows_update contain - information for the Windows update. - type: object - properties: - package: - description: Required for non-Windows OS. The package this Upgrade is for. + Entrypoint to be used instead of the build step image's default + entrypoint. If unset, the image's default entrypoint is used. type: string - parsedVersion: - description: >- - Required for non-Windows OS. The version of the package in a machine - + human readable form. - $ref: '#/components/schemas/Version' - distribution: - description: >- - Metadata about the upgrade for available for the specific operating - system for the resource_url. This allows efficient filtering, as - well as making it easier to use the occurrence. - $ref: '#/components/schemas/UpgradeDistribution' - windowsUpdate: + env: + items: + type: string description: >- - Required for Windows OS. Represents the metadata about the Windows - update. - $ref: '#/components/schemas/WindowsUpdate' - UpgradeDistribution: - id: UpgradeDistribution - description: >- - The Upgrade Distribution represents metadata about the Upgrade for each - operating system (CPE). Some distributions have additional metadata - around updates, classifying them into various categories and severities. - type: object - properties: - cpeUri: + A list of environment variable definitions to be used when running a + step. The elements are of the form "KEY=VALUE" for the environment + variable "KEY" being given the value "VALUE". + type: array + timeout: + format: google-duration + type: string description: >- - Required - The specific operating system this metadata applies to. - See https://cpe.mitre.org/specification/. + Time limit for executing this build step. If not defined, the step + has no time limit and will be allowed to continue to run until + either it completes or the build itself times out. + name: + description: >- + Required. The name of the container image that will run this + particular build step. If the image is available in the host's + Docker daemon's cache, it will be run directly. If not, the host + will attempt to pull the image first, using the builder service + account's credentials if necessary. The Docker daemon's cache will + already have the latest versions of all of the officially supported + build steps + ([https://github.com/GoogleCloudPlatform/cloud-builders](https://github.com/GoogleCloudPlatform/cloud-builders)). + The Docker daemon will also have cached many of the layers for some + popular images, like "ubuntu", "debian", but they will be refreshed + at the time you attempt to use them. If you built an image in a + previous build step, it will be stored in the host's Docker daemon's + cache and is available to use as the name for a later build step. type: string - classification: + exitCode: + format: int32 + readOnly: true + description: Output only. Return code from running the step. + type: integer + script: description: >- - The operating system classification of this Upgrade, as specified by - the upstream operating system upgrade feed. For Windows the - classification is one of the category_ids listed at - https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85) + A shell script to be executed in the step. When script is provided, + the user cannot specify the entrypoint or args. type: string - severity: - description: The severity as specified by the upstream operating system. + dir: + description: >- + Working directory to use when running this step's container. If this + value is a relative path, it is relative to the build's working + directory. If this value is absolute, it may be outside the build's + working directory, in which case the contents of the path may not be + persisted across build step executions, unless a `volume` for that + path is specified. If the build specifies a `RepoSource` with `dir` + and a step with a `dir`, which specifies an absolute path, the + `RepoSource` `dir` is ignored for the step's execution. type: string - cve: - description: The cve tied to this Upgrade. - type: array - items: - type: string - WindowsUpdate: - id: WindowsUpdate - description: >- - Windows Update represents the metadata about the update for the Windows - operating system. The fields in this message come from the Windows - Update API documented at - https://docs.microsoft.com/en-us/windows/win32/api/wuapi/nn-wuapi-iupdate. + id: ContaineranalysisGoogleDevtoolsCloudbuildV1BuildStep + type: object + ContaineranalysisGoogleDevtoolsCloudbuildV1Secrets: + description: Secrets and secret environment variables. + id: ContaineranalysisGoogleDevtoolsCloudbuildV1Secrets type: object properties: - identity: - description: Required - The unique identifier for the update. - $ref: '#/components/schemas/Identity' - title: - description: The localized title of the update. - type: string - description: - description: The localized description of the update. - type: string - categories: - description: The list of categories to which the update belongs. + secretManager: type: array - items: - $ref: '#/components/schemas/Category' - kbArticleIds: description: >- - The Microsoft Knowledge Base article IDs that are associated with - the update. + Secrets in Secret Manager and associated secret environment + variable. + items: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1SecretManagerSecret + inline: type: array + description: >- + Secrets encrypted with KMS key and the associated secret environment + variable. items: - type: string - supportUrl: - description: The hyperlink to the support information for the update. - type: string - lastPublishedTimestamp: - description: The last published timestamp of the update. - type: string - format: google-datetime - Identity: - id: Identity - description: The unique identifier of the update. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1InlineSecret + ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalConfig: type: object + id: ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalConfig + description: ApprovalConfig describes configuration for manual approval of a build. properties: - updateId: - description: The revision independent identifier of the update. - type: string - revision: - description: The revision number of the update. - type: integer - format: int32 - Category: - id: Category - description: The category to which the update belongs. + approvalRequired: + description: >- + Whether or not approval is needed. If this is set on a build, it + will become pending when created, and will need to be explicitly + approved to start. + type: boolean + ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsGoModule: type: object properties: - categoryId: - description: The identifier of the category. + moduleVersion: type: string - name: - description: The localized name of the category. + description: >- + Optional. The Go module's semantic version in the form vX.Y.Z. e.g. + v0.1.1 Pre-release identifiers can also be added by appending a dash + and dot separated ASCII alphanumeric characters and hyphens. e.g. + v0.2.3-alpha.x.12m.5 + modulePath: type: string - ComplianceOccurrence: - id: ComplianceOccurrence - description: >- - An indication that the compliance checks in the associated - ComplianceNote were not satisfied for particular resources or a - specified reason. - type: object - properties: - nonCompliantFiles: - type: array - items: - $ref: '#/components/schemas/NonCompliantFile' - nonComplianceReason: + description: Optional. The Go module's "module path". e.g. example.com/foo/v2 + repositoryProjectId: + description: >- + Optional. Project ID of the Artifact Registry repository. Defaults + to the build project. type: string - version: - description: The OS and config version the benchmark was run on. - $ref: '#/components/schemas/ComplianceVersion' - NonCompliantFile: - id: NonCompliantFile - description: >- - Details about files that caused a compliance check to fail. - display_command is a single command that can be used to display a list - of non compliant files. When there is no such command, we can also - iterate a list of non compliant file using 'path'. - type: object - properties: - path: - description: Empty if `display_command` is set. + repositoryLocation: type: string - displayCommand: - description: Command to display the non-compliant files. + description: >- + Optional. Location of the Artifact Registry repository. i.e. + us-east1 Defaults to the build’s location. + sourcePath: type: string - reason: - description: Explains why a file is non compliant for a CIS check. + description: >- + Optional. Source path of the go.mod file in the build's workspace. + If not specified, this will default to the current directory. e.g. + ~/code/go/mypackage + repositoryName: + description: >- + Optional. Artifact Registry repository name. Specified Go modules + will be zipped and uploaded to Artifact Registry with this location + as a prefix. e.g. my-go-repo type: string - ComplianceVersion: - id: ComplianceVersion description: >- - Describes the CIS benchmark version that is applicable to a given OS and - os version. - type: object + Go module to upload to Artifact Registry upon successful completion of + all build steps. A module refers to all dependencies in a go.mod file. + id: ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsGoModule + ContaineranalysisGoogleDevtoolsCloudbuildV1SecretManagerSecret: properties: - cpeUri: + env: description: >- - The CPE URI (https://cpe.mitre.org/specification/) this benchmark is - applicable to. + Environment variable name to associate with the secret. Secret + environment variables must be unique across all of a build's + secrets, and must be used by at least one build step. type: string - benchmarkDocument: + versionName: description: >- - The name of the document that defines this benchmark, e.g. "CIS - Container-Optimized OS". + Resource name of the SecretVersion. In format: + projects/*/secrets/*/versions/* + type: string + type: object + description: >- + Pairs a secret environment variable with a SecretVersion in Secret + Manager. + id: ContaineranalysisGoogleDevtoolsCloudbuildV1SecretManagerSecret + Justification: + description: >- + Justification provides the justification when the state of the + assessment if NOT_AFFECTED. + type: object + id: Justification + properties: + justificationType: + enumDescriptions: + - JUSTIFICATION_TYPE_UNSPECIFIED. + - The vulnerable component is not present in the product. + - >- + The vulnerable code is not present. Typically this case occurs + when source code is configured or built in a way that excludes the + vulnerable code. + - >- + The vulnerable code can not be executed. Typically this case + occurs when the product includes the vulnerable code but does not + call or use the vulnerable code. + - >- + The vulnerable code cannot be controlled by an attacker to exploit + the vulnerability. + - >- + The product includes built-in protections or features that prevent + exploitation of the vulnerability. These built-in protections + cannot be subverted by the attacker and cannot be configured or + disabled by the user. These mitigations completely prevent + exploitation based on known attack vectors. type: string - version: - description: >- - The version of the benchmark. This is set to the version of the - OS-specific CIS document the benchmark is defined in. + enum: + - JUSTIFICATION_TYPE_UNSPECIFIED + - COMPONENT_NOT_PRESENT + - VULNERABLE_CODE_NOT_PRESENT + - VULNERABLE_CODE_NOT_IN_EXECUTE_PATH + - VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY + - INLINE_MITIGATIONS_ALREADY_EXIST + description: The justification type for this vulnerability. + details: type: string - DSSEAttestationOccurrence: - id: DSSEAttestationOccurrence - description: >- - Deprecated. Prefer to use a regular Occurrence, and populate the - Envelope at the top level of the Occurrence. + description: Additional details on why this justification was chosen. + Layer: type: object properties: - envelope: + directive: description: >- - If doing something security critical, make sure to verify the - signatures in this metadata. - $ref: '#/components/schemas/Envelope' - statement: - $ref: '#/components/schemas/InTotoStatement' - Envelope: - id: Envelope - description: >- - MUST match - https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. - An authenticated message of arbitrary type. - type: object - properties: - payload: + Required. The recovered Dockerfile directive used to construct this + layer. See https://docs.docker.com/engine/reference/builder/ for + more information. type: string - format: byte - payloadType: + arguments: + description: The recovered arguments to the Dockerfile directive. type: string - signatures: - type: array - items: - $ref: '#/components/schemas/EnvelopeSignature' - EnvelopeSignature: - id: EnvelopeSignature + id: Layer + description: Layer holds metadata specific to a layer of a Docker image. + KnowledgeBase: type: object + id: KnowledgeBase properties: - sig: + name: type: string - format: byte - keyid: + description: The KB name (generally of the form KB[0-9]+ (e.g., KB123456)). + url: + description: >- + A link to the KB in the [Windows update catalog] + (https://www.catalog.update.microsoft.com/). type: string - SBOMReferenceOccurrence: - id: SBOMReferenceOccurrence - description: >- - The occurrence representing an SBOM reference as applied to a specific - resource. The occurrence follows the DSSE specification. See - https://github.com/secure-systems-lab/dsse/blob/master/envelope.md for - more details. + Policy: type: object + id: Policy properties: - payload: - description: The actual payload that contains the SBOM reference data. - $ref: '#/components/schemas/SbomReferenceIntotoPayload' - payloadType: + etag: description: >- - The kind of payload that SbomReferenceIntotoPayload takes. Since - it's in the intoto format, this value is expected to be - 'application/vnd.in-toto+json'. + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + format: byte type: string - signatures: - description: The signatures over the payload. - type: array + version: + format: int32 + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + type: integer + bindings: + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. items: - $ref: '#/components/schemas/EnvelopeSignature' - SbomReferenceIntotoPayload: - id: SbomReferenceIntotoPayload + $ref: '#/components/schemas/Binding' + type: array description: >- - The actual payload that contains the SBOM Reference data. The payload - follows the intoto statement specification. See - https://github.com/in-toto/attestation/blob/main/spec/v1.0/statement.md - for more details. - type: object + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + PackageOccurrence: properties: - _type: - description: Identifier for the schema of the Statement. - type: string - predicateType: - description: URI identifying the type of the Predicate. + cpeUri: type: string - subject: - description: >- - Set of software artifacts that the attestation applies to. Each - element represents a single software artifact. - type: array - items: - $ref: '#/components/schemas/Subject' - predicate: + readOnly: true description: >- - Additional parameters of the Predicate. Includes the actual data - about the SBOM. - $ref: '#/components/schemas/SbomReferenceIntotoPredicate' - SbomReferenceIntotoPredicate: - id: SbomReferenceIntotoPredicate - description: A predicate which describes the SBOM being referenced. - type: object - properties: - referrerId: - description: The person or system referring this predicate to the consumer. - type: string + Output only. The cpe_uri in [CPE + format](https://cpe.mitre.org/specification/) denoting the package + manager version distributing a package. The cpe_uri will be blank + for language packages. location: - description: The location of the SBOM. - type: string - mimeType: - description: The mime type of the SBOM. - type: string - digest: - description: A map of algorithm to digest of the contents of the SBOM. - type: object - additionalProperties: - type: string - SecretOccurrence: - id: SecretOccurrence - description: The occurrence provides details of a secret. - type: object - properties: - kind: - description: Required. Type of secret. - type: string - enumDescriptions: - - Unspecified - - The secret kind is unknown. - - >- - A GCP service account key per: - https://cloud.google.com/iam/docs/creating-managing-service-account-keys - enum: - - SECRET_KIND_UNSPECIFIED - - SECRET_KIND_UNKNOWN - - SECRET_KIND_GCP_SERVICE_ACCOUNT_KEY - locations: - description: Optional. Locations where the secret is detected. - type: array - items: - $ref: '#/components/schemas/SecretLocation' - statuses: - description: Optional. Status of the secret. - type: array items: - $ref: '#/components/schemas/SecretStatus' - SecretLocation: - id: SecretLocation - description: The location of the secret. - type: object - properties: - fileLocation: - description: The secret is found from a file. - $ref: '#/components/schemas/GrafeasV1FileLocation' - SecretStatus: - id: SecretStatus - description: The status of the secret with a timestamp. - type: object - properties: - status: - description: Optional. The status of the secret. - type: string + $ref: '#/components/schemas/Location' + description: >- + All of the places within the filesystem versions of this package + have been found. + type: array + license: + description: Licenses that have been declared by the authors of the package. + $ref: '#/components/schemas/License' + architecture: + readOnly: true + description: >- + Output only. The CPU architecture for which packages in this + distribution channel were built. Architecture will be blank for + language packages. enumDescriptions: - - Unspecified - - The status of the secret is unknown. - - The secret is valid. - - The secret is invalid. + - Unknown architecture. + - X86 architecture. + - X64 architecture. + type: string enum: - - STATUS_UNSPECIFIED - - UNKNOWN - - VALID - - INVALID - updateTime: - description: Optional. The time the secret status was last updated. + - ARCHITECTURE_UNSPECIFIED + - X86 + - X64 + packageType: + description: >- + Output only. The type of package; whether native or non native + (e.g., ruby gems, node.js packages, etc.). + readOnly: true type: string - format: google-datetime - message: - description: Optional. Optional message about the status code. + version: + readOnly: true + description: Output only. The version of the package. + $ref: '#/components/schemas/Version' + name: type: string - ListOccurrencesResponse: - id: ListOccurrencesResponse - description: Response for listing occurrences. + readOnly: true + description: Required. Output only. The name of the installed package. + id: PackageOccurrence type: object + description: Details on how a particular software package was installed on a system. + DeploymentNote: + description: An artifact that can be deployed in some runtime. + id: DeploymentNote properties: - occurrences: - description: The occurrences requested. - type: array - items: - $ref: '#/components/schemas/Occurrence' - nextPageToken: - description: >- - The next pagination token in the list response. It should be used as - `page_token` for the following request. An empty value means no more - results. - type: string - unreachable: - description: >- - Unordered list. Unreachable regions. Populated for requests from the - global region when `return_partial_success` is set. Format: - `projects/[PROJECT_ID]/locations/[LOCATION]` + resourceUri: type: array items: type: string - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - BatchCreateOccurrencesRequest: - id: BatchCreateOccurrencesRequest - description: Request to create occurrences in batch. + description: Required. Resource URI for the artifact being deployed. type: object - properties: - occurrences: - description: Required. The occurrences to create. Max allowed length is 1000. - type: array - items: - $ref: '#/components/schemas/Occurrence' - BatchCreateOccurrencesResponse: - id: BatchCreateOccurrencesResponse - description: Response for creating occurrences in batch. + GrafeasV1SlsaProvenanceZeroTwoSlsaCompleteness: + id: GrafeasV1SlsaProvenanceZeroTwoSlsaCompleteness type: object + description: >- + Indicates that the builder claims certain fields in this message to be + complete. properties: - occurrences: - description: The occurrences that were created. - type: array - items: - $ref: '#/components/schemas/Occurrence' - Note: - id: Note - description: A type of analysis that can be done for a resource. + materials: + type: boolean + parameters: + type: boolean + environment: + type: boolean + Completeness: type: object + description: >- + Indicates that the builder claims certain fields in this message to be + complete. + id: Completeness properties: - name: + environment: description: >- - Output only. The name of the note in the form of - `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. - type: string - shortDescription: - description: A one sentence description of this note. - type: string - longDescription: - description: A detailed description of this note. - type: string - kind: + If true, the builder claims that recipe.environment is claimed to be + complete. + type: boolean + materials: description: >- - Output only. The type of analysis. This field can be used as a - filter in list requests. - type: string - enumDescriptions: - - Default value. This value is unused. - - The note and occurrence represent a package vulnerability. - - The note and occurrence assert build provenance. - - This represents an image basis relationship. - - This represents a package installed via a package manager. - - The note and occurrence track deployment events. - - >- - The note and occurrence track the initial discovery status of a - resource. - - This represents a logical "role" that can attest to artifacts. - - This represents an available package upgrade. - - This represents a Compliance Note - - This represents a DSSE attestation Note - - This represents a Vulnerability Assessment. - - This represents an SBOM Reference. - - This represents a secret. - enum: - - NOTE_KIND_UNSPECIFIED - - VULNERABILITY - - BUILD - - IMAGE - - PACKAGE - - DEPLOYMENT - - DISCOVERY - - ATTESTATION - - UPGRADE - - COMPLIANCE - - DSSE_ATTESTATION - - VULNERABILITY_ASSESSMENT - - SBOM_REFERENCE - - SECRET - relatedUrl: - description: URLs associated with this note. - type: array - items: - $ref: '#/components/schemas/RelatedUrl' - expirationTime: - description: Time of expiration for this note. Empty if note does not expire. - type: string - format: google-datetime - createTime: + If true, the builder claims that materials are complete, usually + through some controls to prevent network access. Sometimes called + "hermetic". + type: boolean + arguments: description: >- - Output only. The time this note was created. This field can be used - as a filter in list requests. + If true, the builder claims that recipe.arguments is complete, + meaning that all external inputs are properly captured in the + recipe. + type: boolean + Location: + id: Location + description: >- + An occurrence of a particular package installation found within a + system's filesystem. E.g., glibc was found in `/var/lib/dpkg/status`. + properties: + cpeUri: + description: >- + Deprecated. The CPE URI in [CPE + format](https://cpe.mitre.org/specification/) type: string - format: google-datetime - updateTime: + path: description: >- - Output only. The time this note was last updated. This field can be - used as a filter in list requests. + The path from which we gathered that this package/version is + installed. type: string - format: google-datetime - relatedNoteNames: - description: Other notes related to this note. - type: array - items: - type: string - vulnerability: - description: A note describing a package vulnerability. - $ref: '#/components/schemas/VulnerabilityNote' - build: - description: A note describing build provenance for a verifiable build. - $ref: '#/components/schemas/BuildNote' - image: - description: A note describing a base image. - $ref: '#/components/schemas/ImageNote' - package: - description: A note describing a package hosted by various package managers. - $ref: '#/components/schemas/PackageNote' - deployment: - description: A note describing something that can be deployed. - $ref: '#/components/schemas/DeploymentNote' - discovery: - description: A note describing the initial analysis of a resource. - $ref: '#/components/schemas/DiscoveryNote' - attestation: - description: A note describing an attestation role. - $ref: '#/components/schemas/AttestationNote' - upgrade: - description: A note describing available package upgrades. - $ref: '#/components/schemas/UpgradeNote' - compliance: - description: A note describing a compliance check. - $ref: '#/components/schemas/ComplianceNote' - dsseAttestation: - description: A note describing a dsse attestation note. - $ref: '#/components/schemas/DSSEAttestationNote' - vulnerabilityAssessment: - description: A note describing a vulnerability assessment. - $ref: '#/components/schemas/VulnerabilityAssessmentNote' - sbomReference: - description: A note describing an SBOM reference. - $ref: '#/components/schemas/SBOMReferenceNote' - secret: - description: A note describing a secret. - $ref: '#/components/schemas/SecretNote' - VulnerabilityNote: - id: VulnerabilityNote - description: A security vulnerability that can be found in resources. + version: + $ref: '#/components/schemas/Version' + description: Deprecated. The version installed at this location. type: object + SBOMReferenceNote: + description: The note representing an SBOM reference. properties: - cvssScore: - description: >- - The CVSS score of this vulnerability. CVSS score is on a scale of 0 - - 10 where 0 indicates low severity and 10 indicates high severity. - type: number - format: float - severity: - description: The note provider assigned severity of this vulnerability. + format: type: string - enumDescriptions: - - Unknown. - - Minimal severity. - - Low severity. - - Medium severity. - - High severity. - - Critical severity. - enum: - - SEVERITY_UNSPECIFIED - - MINIMAL - - LOW - - MEDIUM - - HIGH - - CRITICAL - details: - description: >- - Details of all known distros and packages affected by this - vulnerability. - type: array - items: - $ref: '#/components/schemas/Detail' - cvssV3: - description: The full description of the CVSSv3 for this vulnerability. - $ref: '#/components/schemas/CVSSv3' - windowsDetails: + description: The format that SBOM takes. E.g. may be spdx, cyclonedx, etc... + version: description: >- - Windows details get their own format because the information format - and model don't match a normal detail. Specifically Windows updates - are done as patches, thus Windows vulnerabilities really are a - missing package, rather than a package being at an incorrect - version. + The version of the format that the SBOM takes. E.g. if the format is + spdx, the version may be 2.3. + type: string + type: object + id: SBOMReferenceNote + FileHashes: + properties: + fileHash: type: array + description: Required. Collection of file hashes. items: - $ref: '#/components/schemas/WindowsDetail' - sourceUpdateTime: - description: >- - The time this information was last changed at the source. This is an - upstream timestamp from the underlying information source - e.g. - Ubuntu security tracker. - type: string - format: google-datetime - cvssVersion: - description: CVSS version used to populate cvss_score and severity. + $ref: '#/components/schemas/Hash' + id: FileHashes + type: object + description: >- + Container message for hashes of byte content of files, used in source + messages to verify integrity of source input to the build. + Material: + properties: + digest: + type: object + additionalProperties: + type: string + uri: type: string - enumDescriptions: - - '' - - '' - - '' - enum: - - CVSS_VERSION_UNSPECIFIED - - CVSS_VERSION_2 - - CVSS_VERSION_3 - cvssV2: - description: The full description of the v2 CVSS for this vulnerability. - $ref: '#/components/schemas/CVSS' + id: Material + type: object Detail: - id: Detail - description: >- - A detail for a distro and package affected by this vulnerability and its - associated fix (if one is available). type: object properties: - severityName: - description: The distro assigned severity of this vulnerability. - type: string description: description: A vendor-specific description of this vulnerability. type: string - packageType: - description: >- - The type of package; whether native or non native (e.g., ruby gems, - node.js packages, etc.). - type: string - affectedCpeUri: - description: >- - Required. The [CPE URI](https://cpe.mitre.org/specification/) this - vulnerability affects. - type: string - affectedPackage: - description: Required. The package this vulnerability affects. - type: string - affectedVersionStart: - description: >- - The version number at the start of an interval in which this - vulnerability exists. A vulnerability can affect a package between - version numbers that are disjoint sets of intervals (example: - [1.0.0-1.1.0], [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will - be represented in its own Detail. If a specific affected version is - provided by a vulnerability database, affected_version_start and - affected_version_end will be the same in that Detail. - $ref: '#/components/schemas/Version' affectedVersionEnd: description: >- The version number at the end of an interval in which this @@ -2723,930 +2528,887 @@ components: provided by a vulnerability database, affected_version_start and affected_version_end will be the same in that Detail. $ref: '#/components/schemas/Version' - fixedCpeUri: - description: >- - The distro recommended [CPE - URI](https://cpe.mitre.org/specification/) to update to that - contains a fix for this vulnerability. It is possible for this to be - different from the affected_cpe_uri. - type: string - fixedPackage: - description: >- - The distro recommended package to update to that contains a fix for - this vulnerability. It is possible for this to be different from the - affected_package. - type: string - fixedVersion: - description: >- - The distro recommended version to update to that contains a fix for - this vulnerability. Setting this to VersionKind.MAXIMUM means no - such version is yet available. - $ref: '#/components/schemas/Version' - isObsolete: - description: >- - Whether this detail is obsolete. Occurrences are expected not to - point to obsolete details. - type: boolean - sourceUpdateTime: - description: >- - The time this information was last changed at the source. This is an - upstream timestamp from the underlying information source - e.g. - Ubuntu security tracker. - type: string - format: google-datetime source: - description: The source from which the information in this Detail was obtained. - type: string - vendor: - description: The name of the vendor of the product. - type: string - CVSSv3: - id: CVSSv3 - description: >- - Common Vulnerability Scoring System version 3. For details, see - https://www.first.org/cvss/specification-document - type: object - properties: - baseScore: - description: The base score is a function of the base metric scores. - type: number - format: float - exploitabilityScore: - type: number - format: float - impactScore: - type: number - format: float - attackVector: - description: >- - Base Metrics Represents the intrinsic characteristics of a - vulnerability that are constant over time and across user - environments. - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - enum: - - ATTACK_VECTOR_UNSPECIFIED - - ATTACK_VECTOR_NETWORK - - ATTACK_VECTOR_ADJACENT - - ATTACK_VECTOR_LOCAL - - ATTACK_VECTOR_PHYSICAL - attackComplexity: - type: string - enumDescriptions: - - '' - - '' - - '' - enum: - - ATTACK_COMPLEXITY_UNSPECIFIED - - ATTACK_COMPLEXITY_LOW - - ATTACK_COMPLEXITY_HIGH - privilegesRequired: - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - enum: - - PRIVILEGES_REQUIRED_UNSPECIFIED - - PRIVILEGES_REQUIRED_NONE - - PRIVILEGES_REQUIRED_LOW - - PRIVILEGES_REQUIRED_HIGH - userInteraction: - type: string - enumDescriptions: - - '' - - '' - - '' - enum: - - USER_INTERACTION_UNSPECIFIED - - USER_INTERACTION_NONE - - USER_INTERACTION_REQUIRED - scope: - type: string - enumDescriptions: - - '' - - '' - - '' - enum: - - SCOPE_UNSPECIFIED - - SCOPE_UNCHANGED - - SCOPE_CHANGED - confidentialityImpact: - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - enum: - - IMPACT_UNSPECIFIED - - IMPACT_HIGH - - IMPACT_LOW - - IMPACT_NONE - integrityImpact: - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - enum: - - IMPACT_UNSPECIFIED - - IMPACT_HIGH - - IMPACT_LOW - - IMPACT_NONE - availabilityImpact: + description: The source from which the information in this Detail was obtained. type: string - enumDescriptions: - - '' - - '' - - '' - - '' - enum: - - IMPACT_UNSPECIFIED - - IMPACT_HIGH - - IMPACT_LOW - - IMPACT_NONE - WindowsDetail: - id: WindowsDetail - type: object - properties: - cpeUri: + packageType: + type: string + description: >- + The type of package; whether native or non native (e.g., ruby gems, + node.js packages, etc.). + affectedCpeUri: description: >- Required. The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability affects. type: string - name: - description: Required. The name of this vulnerability. + vendor: + description: The name of the vendor of the product. type: string - description: - description: The description of this vulnerability. + severityName: + description: The distro assigned severity of this vulnerability. type: string - fixingKbs: + fixedVersion: + $ref: '#/components/schemas/Version' description: >- - Required. The names of the KBs which have hotfixes to mitigate this - vulnerability. Note that there may be multiple hotfixes (and thus - multiple KBs) that mitigate a given vulnerability. Currently any - listed KBs presence is considered a fix. - type: array - items: - $ref: '#/components/schemas/KnowledgeBase' - KnowledgeBase: - id: KnowledgeBase - type: object - properties: - name: - description: The KB name (generally of the form KB[0-9]+ (e.g., KB123456)). + The distro recommended version to update to that contains a fix for + this vulnerability. Setting this to VersionKind.MAXIMUM means no + such version is yet available. + sourceUpdateTime: type: string - url: description: >- - A link to the KB in the [Windows update catalog] - (https://www.catalog.update.microsoft.com/). + The time this information was last changed at the source. This is an + upstream timestamp from the underlying information source - e.g. + Ubuntu security tracker. + format: google-datetime + fixedPackage: + description: >- + The distro recommended package to update to that contains a fix for + this vulnerability. It is possible for this to be different from the + affected_package. type: string - BuildNote: - id: BuildNote + affectedPackage: + description: Required. The package this vulnerability affects. + type: string + isObsolete: + description: >- + Whether this detail is obsolete. Occurrences are expected not to + point to obsolete details. + type: boolean + affectedVersionStart: + $ref: '#/components/schemas/Version' + description: >- + The version number at the start of an interval in which this + vulnerability exists. A vulnerability can affect a package between + version numbers that are disjoint sets of intervals (example: + [1.0.0-1.1.0], [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will + be represented in its own Detail. If a specific affected version is + provided by a vulnerability database, affected_version_start and + affected_version_end will be the same in that Detail. + fixedCpeUri: + description: >- + The distro recommended [CPE + URI](https://cpe.mitre.org/specification/) to update to that + contains a fix for this vulnerability. It is possible for this to be + different from the affected_cpe_uri. + type: string + id: Detail description: >- - Note holding the version of the provider's builder and the signature of - the provenance message in the build details occurrence. + A detail for a distro and package affected by this vulnerability and its + associated fix (if one is available). + VulnerabilityAssessmentNote: + description: >- + A single VulnerabilityAssessmentNote represents one particular product's + vulnerability assessment for one CVE. type: object + id: VulnerabilityAssessmentNote properties: - builderVersion: + product: + $ref: '#/components/schemas/Product' + description: The product affected by this vex. + longDescription: + description: A detailed description of this Vex. + type: string + shortDescription: + description: A one sentence description of this Vex. + type: string + publisher: + description: Publisher details of this Note. + $ref: '#/components/schemas/Publisher' + languageCode: + type: string description: >- - Required. Immutable. Version of the builder which produced this - build. + Identifies the language used by this document, corresponding to IETF + BCP 47 / RFC 5646. + title: type: string - ImageNote: - id: ImageNote - description: >- - Basis describes the base image portion (Note) of the DockerImage - relationship. Linked occurrences are derived from this or an equivalent - image via: FROM Or an equivalent reference, e.g., a tag of the - resource_url. + description: The title of the note. E.g. `Vex-Debian-11.4` + assessment: + $ref: '#/components/schemas/Assessment' + description: Represents a vulnerability assessment for the product. + SbomReferenceIntotoPredicate: + description: A predicate which describes the SBOM being referenced. type: object properties: - resourceUrl: - description: >- - Required. Immutable. The resource_url for the resource representing - the basis of associated occurrence images. + referrerId: + description: The person or system referring this predicate to the consumer. type: string - fingerprint: - description: Required. Immutable. The fingerprint of the base image. - $ref: '#/components/schemas/Fingerprint' - PackageNote: - id: PackageNote - description: PackageNote represents a particular package version. + digest: + description: A map of algorithm to digest of the contents of the SBOM. + additionalProperties: + type: string + type: object + mimeType: + type: string + description: The mime type of the SBOM. + location: + type: string + description: The location of the SBOM. + id: SbomReferenceIntotoPredicate + ContaineranalysisGoogleDevtoolsCloudbuildV1BuildApproval: type: object + id: ContaineranalysisGoogleDevtoolsCloudbuildV1BuildApproval + description: >- + BuildApproval describes a build's approval configuration, state, and + result. properties: - name: - description: Required. Immutable. The name of the package. + config: + readOnly: true + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalConfig + description: Output only. Configuration for manual approval of this build. + result: + readOnly: true + description: Output only. Result of manual approval for this Build. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalResult + state: + enum: + - STATE_UNSPECIFIED + - PENDING + - APPROVED + - REJECTED + - CANCELLED + enumDescriptions: + - Default enum type. This should not be used. + - Build approval is pending. + - Build approval has been approved. + - Build approval has been rejected. + - Build was cancelled while it was still pending approval. type: string - distribution: - description: Deprecated. The various channels by which a package is distributed. + readOnly: true + description: Output only. The state of this build's approval. + Fingerprint: + properties: + v2Blob: type: array + description: Required. The ordered list of v2 blobs that represent a given image. items: - $ref: '#/components/schemas/Distribution' - packageType: + type: string + v2Name: + type: string description: >- - The type of package; whether native or non native (e.g., ruby gems, - node.js packages, etc.). + Output only. The name of the image's v2 blobs computed via: [bottom] + := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the + name of the final blob is kept. + v1Name: + description: >- + Required. The layer ID of the final layer in the Docker image's v1 + representation. + type: string + id: Fingerprint + type: object + description: A set of properties that uniquely identify a given Docker image. + ProvenanceBuilder: + type: object + properties: + builderDependencies: + items: + $ref: '#/components/schemas/ResourceDescriptor' + type: array + version: + type: object + additionalProperties: + type: string + id: + type: string + id: ProvenanceBuilder + Envelope: + id: Envelope + description: >- + MUST match + https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. + An authenticated message of arbitrary type. + type: object + properties: + payload: + format: byte + type: string + payloadType: + type: string + signatures: + items: + $ref: '#/components/schemas/EnvelopeSignature' + type: array + Metadata: + id: Metadata + type: object + properties: + buildInvocationId: + description: >- + Identifies the particular build invocation, which can be useful for + finding associated logs or other ad-hoc analysis. The value SHOULD + be globally unique, per in-toto Provenance spec. + type: string + buildStartedOn: + description: The timestamp of when the build started. + format: google-datetime type: string - cpeUri: + completeness: + $ref: '#/components/schemas/Completeness' description: >- - The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) - denoting the package manager version distributing a package. The - cpe_uri will be blank for language packages. + Indicates that the builder claims certain fields in this message to + be complete. + buildFinishedOn: + format: google-datetime type: string - architecture: + description: The timestamp of when the build completed. + reproducible: description: >- - The CPU architecture for which packages in this distribution channel - were built. Architecture will be blank for language packages. + If true, the builder claims that running the recipe on materials + will produce bit-for-bit identical output. + type: boolean + description: Other properties of the build. + FixableTotalByDigest: + description: Per resource and severity counts of fixable and total vulnerabilities. + id: FixableTotalByDigest + type: object + properties: + fixableCount: + type: string + description: The number of fixable vulnerabilities associated with this resource. + format: int64 + severity: type: string + description: >- + The severity for this count. SEVERITY_UNSPECIFIED indicates total + across all severities. enumDescriptions: - - Unknown architecture. - - X86 architecture. - - X64 architecture. + - Unknown. + - Minimal severity. + - Low severity. + - Medium severity. + - High severity. + - Critical severity. enum: - - ARCHITECTURE_UNSPECIFIED - - X86 - - X64 - version: - description: The version of the package. - $ref: '#/components/schemas/Version' - maintainer: - description: A freeform text denoting the maintainer of this package. + - SEVERITY_UNSPECIFIED + - MINIMAL + - LOW + - MEDIUM + - HIGH + - CRITICAL + totalCount: type: string - url: - description: The homepage for this package. + format: int64 + description: The total number of vulnerabilities associated with this resource. + resourceUri: + description: The affected resource. type: string - description: - description: The description of this package. + InTotoStatement: + properties: + predicateType: + description: '`https://slsa.dev/provenance/v0.1` for SlsaProvenance.' type: string - license: - description: Licenses that have been declared by the authors of the package. - $ref: '#/components/schemas/License' - digest: - description: >- - Hash value, typically a file digest, that allows unique - identification a specific package. - type: array + slsaProvenanceZeroTwo: + $ref: '#/components/schemas/SlsaProvenanceZeroTwo' + subject: items: - $ref: '#/components/schemas/Digest' - Distribution: - id: Distribution + $ref: '#/components/schemas/Subject' + type: array + slsaProvenance: + $ref: '#/components/schemas/SlsaProvenance' + provenance: + $ref: '#/components/schemas/InTotoProvenance' + _type: + description: Always `https://in-toto.io/Statement/v0.1`. + type: string + id: InTotoStatement description: >- - This represents a particular channel of distribution for a given - package. E.g., Debian's jessie-backports dpkg mirror. + Spec defined at + https://github.com/in-toto/attestation/tree/main/spec#statement The + serialized InTotoStatement will be stored as Envelope.payload. + Envelope.payloadType is always "application/vnd.in-toto+json". type: object + GetPolicyOptions: + id: GetPolicyOptions properties: - cpeUri: + requestedPolicyVersion: description: >- - Required. The cpe_uri in [CPE - format](https://cpe.mitre.org/specification/) denoting the package - manager version distributing a package. + Optional. The maximum policy version that will be used to format the + policy. Valid values are 0, 1, and 3. Requests specifying an invalid + value will be rejected. Requests for policies with any conditional + role bindings must specify version 3. Policies with no conditional + role bindings may specify any valid value or leave the field unset. + The policy in the response might use the policy version that you + specified, or it might use a lower policy version. For example, if + you specify version 3, but the policy has no conditional role + bindings, the response uses version 1. To learn which resources + support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + type: integer + format: int32 + type: object + description: Encapsulates settings provided to GetIamPolicy. + AttestationOccurrence: + id: AttestationOccurrence + properties: + signatures: + description: >- + One or more signatures over `serialized_payload`. Verifier + implementations should consider this attestation message verified if + at least one `signature` verifies `serialized_payload`. See + `Signature` in common.proto for more details on signature structure + and verification. + items: + $ref: '#/components/schemas/Signature' + type: array + serializedPayload: + description: >- + Required. The serialized payload that is verified by one or more + `signatures`. + format: byte type: string - architecture: + jwts: + items: + $ref: '#/components/schemas/Jwt' + type: array description: >- - The CPU architecture for which packages in this distribution channel - were built. + One or more JWTs encoding a self-contained attestation. Each JWT + encodes the payload that it verifies within the JWT itself. Verifier + implementation SHOULD ignore the `serialized_payload` field when + verifying these JWTs. If only JWTs are present on this + AttestationOccurrence, then the `serialized_payload` SHOULD be left + empty. Each JWT SHOULD encode a claim specific to the `resource_uri` + of this Occurrence, but this is not validated by Grafeas metadata + API implementations. The JWT itself is opaque to Grafeas. + description: >- + Occurrence that represents a single "attestation". The authenticity of + an attestation can be verified using the attached signature. If the + verifier trusts the public key of the signer, then verifying the + signature is sufficient to establish trust. In this circumstance, the + authority to which this attestation is attached is primarily useful for + lookup (how to find this attestation if you already know the authority + and artifact to be verified) and intent (for which authority this + attestation was intended to sign. + type: object + VulnerabilityOccurrence: + id: VulnerabilityOccurrence + type: object + properties: + cvssV2: + description: The cvss v2 score for the vulnerability. + $ref: '#/components/schemas/CVSS' + relatedUrls: + description: Output only. URLs related to this vulnerability. + items: + $ref: '#/components/schemas/RelatedUrl' + type: array + severity: type: string - enumDescriptions: - - Unknown architecture. - - X86 architecture. - - X64 architecture. enum: - - ARCHITECTURE_UNSPECIFIED - - X86 - - X64 - latestVersion: + - SEVERITY_UNSPECIFIED + - MINIMAL + - LOW + - MEDIUM + - HIGH + - CRITICAL + enumDescriptions: + - Unknown. + - Minimal severity. + - Low severity. + - Medium severity. + - High severity. + - Critical severity. description: >- - The latest available version of this package in this distribution - channel. - $ref: '#/components/schemas/Version' - maintainer: - description: A freeform string denoting the maintainer of this package. + Output only. The note provider assigned severity of this + vulnerability. + extraDetails: type: string - url: - description: The distribution channel-specific homepage for this package. + description: Occurrence-specific extra details about the vulnerability. + cvssScore: + type: number + format: float + description: >- + Output only. The CVSS score of this vulnerability. CVSS score is on + a scale of 0 - 10 where 0 indicates low severity and 10 indicates + high severity. + longDescription: type: string - description: - description: The distribution channel-specific description of this package. + description: Output only. A detailed description of this vulnerability. + effectiveSeverity: type: string - Digest: - id: Digest - description: Digest information. - type: object - properties: - algo: - description: '`SHA1`, `SHA512` etc.' + enum: + - SEVERITY_UNSPECIFIED + - MINIMAL + - LOW + - MEDIUM + - HIGH + - CRITICAL + enumDescriptions: + - Unknown. + - Minimal severity. + - Low severity. + - Medium severity. + - High severity. + - Critical severity. + description: >- + The distro assigned severity for this vulnerability when it is + available, otherwise this is the note provider assigned severity. + When there are multiple PackageIssues for this vulnerability, they + can have different effective severities because some might be + provided by the distro while others are provided by the language + ecosystem for a language pack. For this reason, it is advised to use + the effective severity on the PackageIssue level. In the case where + multiple PackageIssues have differing effective severities, this + field should be the highest severity for any of the PackageIssues. + cvssv3: + description: The cvss v3 score for the vulnerability. + $ref: '#/components/schemas/CVSS' + risk: + $ref: '#/components/schemas/Risk' + description: Risk information about the vulnerability, such as CISA, EPSS, etc. + shortDescription: + description: Output only. A one sentence description of this vulnerability. type: string - digestBytes: - description: Value of the digest. + type: type: string - format: byte - DeploymentNote: - id: DeploymentNote - description: An artifact that can be deployed in some runtime. - type: object - properties: - resourceUri: - description: Required. Resource URI for the artifact being deployed. - type: array + description: >- + The type of package; whether native or non native (e.g., ruby gems, + node.js packages, etc.). + vexAssessment: + $ref: '#/components/schemas/VexAssessment' + fixAvailable: + type: boolean + description: >- + Output only. Whether at least one of the affected packages has a fix + available. + packageIssue: items: - type: string - DiscoveryNote: - id: DiscoveryNote - description: >- - A note that indicates a type of analysis a provider would perform. This - note exists in a provider's project. A `Discovery` occurrence is created - in a consumer's project at the start of analysis. - type: object - properties: - analysisKind: + $ref: '#/components/schemas/PackageIssue' + type: array description: >- - Required. Immutable. The kind of analysis that is handled by this - discovery. - type: string + Required. The set of affected locations and their fixes (if + available) within the associated resource. + cvssVersion: enumDescriptions: - - Default value. This value is unused. - - The note and occurrence represent a package vulnerability. - - The note and occurrence assert build provenance. - - This represents an image basis relationship. - - This represents a package installed via a package manager. - - The note and occurrence track deployment events. - - >- - The note and occurrence track the initial discovery status of a - resource. - - This represents a logical "role" that can attest to artifacts. - - This represents an available package upgrade. - - This represents a Compliance Note - - This represents a DSSE attestation Note - - This represents a Vulnerability Assessment. - - This represents an SBOM Reference. - - This represents a secret. + - '' + - '' + - '' enum: - - NOTE_KIND_UNSPECIFIED - - VULNERABILITY - - BUILD - - IMAGE - - PACKAGE - - DEPLOYMENT - - DISCOVERY - - ATTESTATION - - UPGRADE - - COMPLIANCE - - DSSE_ATTESTATION - - VULNERABILITY_ASSESSMENT - - SBOM_REFERENCE - - SECRET - AttestationNote: - id: AttestationNote - description: >- - Note kind that represents a logical attestation "role" or "authority". - For example, an organization might have one `Authority` for "QA" and one - for "build". This note is intended to act strictly as a grouping - mechanism for the attached occurrences (Attestations). This grouping - mechanism also provides a security boundary, since IAM ACLs gate the - ability for a principle to attach an occurrence to a given note. It also - provides a single point of lookup to find all attached attestation - occurrences, even if they don't all live in the same project. - type: object + - CVSS_VERSION_UNSPECIFIED + - CVSS_VERSION_2 + - CVSS_VERSION_3 + type: string + description: Output only. CVSS version used to populate cvss_score and severity. + description: An occurrence of a severity vulnerability on a resource. + SlsaProvenance: properties: - hint: - description: Hint hints at the purpose of the attestation authority. - $ref: '#/components/schemas/Hint' - Hint: - id: Hint - description: >- - This submessage provides human-readable hints about the purpose of the - authority. Because the name of a note acts as its resource reference, it - is important to disambiguate the canonical name of the Note (which might - be a UUID for security purposes) from "readable" names more suitable for - debug output. Note that these hints should not be used to look up - authorities in security sensitive contexts, such as when looking up - attestations to verify. + materials: + type: array + items: + $ref: '#/components/schemas/Material' + description: >- + The collection of artifacts that influenced the build including + sources, dependencies, build tools, base images, and so on. This is + considered to be incomplete unless metadata.completeness.materials + is true. Unset or null is equivalent to empty. + recipe: + description: >- + Identifies the configuration used for the build. When combined with + materials, this SHOULD fully describe the build, such that + re-running this recipe results in bit-for-bit identical output (if + the build is reproducible). required + $ref: '#/components/schemas/SlsaRecipe' + builder: + description: required + $ref: '#/components/schemas/SlsaBuilder' + metadata: + $ref: '#/components/schemas/SlsaMetadata' + id: SlsaProvenance type: object + GerritSourceContext: + description: A SourceContext referring to a Gerrit project. properties: - humanReadableName: + aliasContext: + description: An alias, which may be a branch or tag. + $ref: '#/components/schemas/AliasContext' + gerritProject: description: >- - Required. The human readable name of this attestation authority, for - example "qa". + The full project name within the host. Projects may be nested, so + "project/subproject" is a valid project name. The "repo name" is the + hostURI/project. + type: string + revisionId: + type: string + description: A revision (commit) ID. + hostUri: + description: The URI of a running Gerrit instance. type: string - UpgradeNote: - id: UpgradeNote - description: >- - An Upgrade Note represents a potential upgrade of a package to a given - version. For each package version combination (i.e. bash 4.0, bash 4.1, - bash 4.1.2), there will be an Upgrade Note. For Windows, windows_update - field represents the information related to the update. + type: object + id: GerritSourceContext + Risk: type: object properties: - package: - description: Required for non-Windows OS. The package this Upgrade is for. - type: string - version: + epss: + $ref: '#/components/schemas/ExploitPredictionScoringSystem' description: >- - Required for non-Windows OS. The version of the package in machine + - human readable form. - $ref: '#/components/schemas/Version' - distributions: - description: Metadata about the upgrade for each specific operating system. - type: array - items: - $ref: '#/components/schemas/UpgradeDistribution' - windowsUpdate: + The Exploit Prediction Scoring System (EPSS) estimates the + likelihood (probability) that a software vulnerability will be + exploited in the wild. + cisaKev: description: >- - Required for Windows OS. Represents the metadata about the Windows - update. - $ref: '#/components/schemas/WindowsUpdate' - ComplianceNote: - id: ComplianceNote - type: object + CISA maintains the authoritative source of vulnerabilities that have + been exploited in the wild. + $ref: '#/components/schemas/CISAKnownExploitedVulnerabilities' + id: Risk + DeploymentOccurrence: properties: - title: - description: The title that identifies this compliance check. + config: + description: Configuration used to create this deployment. type: string - description: - description: A description about this compliance check. + platform: + description: Platform hosting this deployment. + enum: + - PLATFORM_UNSPECIFIED + - GKE + - FLEX + - CUSTOM type: string - version: - description: The OS and config versions the benchmark applies to. - type: array - items: - $ref: '#/components/schemas/ComplianceVersion' - rationale: - description: A rationale for the existence of this compliance check. + enumDescriptions: + - Unknown. + - Google Container Engine. + - 'Google App Engine: Flexible Environment.' + - Custom user-defined platform. + undeployTime: + description: End of the lifetime of this deployment. + format: google-datetime type: string - remediation: - description: A description of remediation steps if the compliance check fails. + address: + description: Address of the runtime element hosting this deployment. type: string - cisBenchmark: - $ref: '#/components/schemas/CisBenchmark' - scanInstructions: - description: Serialized scan instructions with a predefined format. + resourceUri: + description: >- + Output only. Resource URI for the artifact being deployed taken from + the deployable field with the same name. + items: + type: string + type: array + deployTime: + description: Required. Beginning of the lifetime of this deployment. type: string - format: byte - impact: + format: google-datetime + userEmail: + type: string + description: Identity of the user that triggered this deployment. + type: object + id: DeploymentOccurrence + description: The period during which some deployable was active in a runtime. + SecretNote: + properties: {} + id: SecretNote + description: The note representing a secret. + type: object + AnalysisCompleted: + id: AnalysisCompleted + description: >- + Indicates which analysis completed successfully. Multiple types of + analysis can be performed on a single resource. + properties: + analysisType: + items: + type: string + type: array + type: object + RepoId: + properties: + uid: + description: A server-assigned, globally unique identifier. type: string - CisBenchmark: - id: CisBenchmark - description: A compliance check that is a CIS benchmark. + projectRepoId: + description: A combination of a project ID and a repo name. + $ref: '#/components/schemas/ProjectRepoId' + id: RepoId type: object + description: A unique identifier for a Cloud Repo. + AliasContext: + description: An alias to a repo revision. properties: - profileLevel: - type: integer - format: int32 - severity: + name: type: string + description: The alias name. + kind: enumDescriptions: - Unknown. - - Minimal severity. - - Low severity. - - Medium severity. - - High severity. - - Critical severity. + - Git tag. + - Git branch. + - >- + Used to specify non-standard aliases. For example, if a Git repo + has a ref named "refs/foo/bar". + type: string + description: The alias kind. enum: - - SEVERITY_UNSPECIFIED - - MINIMAL - - LOW - - MEDIUM - - HIGH - - CRITICAL - DSSEAttestationNote: - id: DSSEAttestationNote + - KIND_UNSPECIFIED + - FIXED + - MOVABLE + - OTHER + id: AliasContext type: object - properties: - hint: - description: DSSEHint hints at the purpose of the attestation authority. - $ref: '#/components/schemas/DSSEHint' - DSSEHint: - id: DSSEHint + VulnerabilityOccurrencesSummary: description: >- - This submessage provides human-readable hints about the purpose of the - authority. Because the name of a note acts as its resource reference, it - is important to disambiguate the canonical name of the Note (which might - be a UUID for security purposes) from "readable" names more suitable for - debug output. Note that these hints should not be used to look up - authorities in security sensitive contexts, such as when looking up - attestations to verify. + A summary of how many vulnerability occurrences there are per resource + and severity type. type: object + id: VulnerabilityOccurrencesSummary properties: - humanReadableName: + counts: + items: + $ref: '#/components/schemas/FixableTotalByDigest' + type: array description: >- - Required. The human readable name of this attestation authority, for - example "cloudbuild-prod". - type: string - VulnerabilityAssessmentNote: - id: VulnerabilityAssessmentNote - description: >- - A single VulnerabilityAssessmentNote represents one particular product's - vulnerability assessment for one CVE. - type: object - properties: - title: - description: The title of the note. E.g. `Vex-Debian-11.4` - type: string - shortDescription: - description: A one sentence description of this Vex. - type: string - longDescription: - description: A detailed description of this Vex. - type: string - languageCode: + A listing by resource of the number of fixable and total + vulnerabilities. + unreachable: + type: array description: >- - Identifies the language used by this document, corresponding to IETF - BCP 47 / RFC 5646. - type: string - publisher: - description: Publisher details of this Note. - $ref: '#/components/schemas/Publisher' - product: - description: The product affected by this vex. - $ref: '#/components/schemas/Product' - assessment: - description: Represents a vulnerability assessment for the product. - $ref: '#/components/schemas/Assessment' - Publisher: - id: Publisher - description: Publisher contains information about the publisher of this Note. + Unordered list. Unreachable regions. Populated for requests from the + global region when `return_partial_success` is set. Format: + `projects/[PROJECT_ID]/locations/[LOCATION]` + items: + type: string + ContaineranalysisGoogleDevtoolsCloudbuildV1GitConfigHttpConfig: type: object + description: HttpConfig is a configuration for HTTP related git operations. properties: - name: - description: 'Name of the publisher. Examples: ''Google'', ''Google Cloud Platform''.' - type: string - issuingAuthority: - description: >- - Provides information about the authority of the issuing party to - release the document, in particular, the party's constituency and - responsibilities or other obligations. - type: string - publisherNamespace: + proxySecretVersionName: description: >- - The context or namespace. Contains a URL which is under control of - the issuing party and can be used as a globally unique identifier - for that issuing party. Example: https://csaf.io + SecretVersion resource of the HTTP proxy URL. The Service Account + used in the build (either the default Service Account or + user-specified Service Account) should have + `secretmanager.versions.access` permissions on this secret. The + proxy URL should be in format `protocol://@]proxyhost[:port]`. type: string - Product: - id: Product - description: >- - Product contains information about a product and how to uniquely - identify it. - type: object + id: ContaineranalysisGoogleDevtoolsCloudbuildV1GitConfigHttpConfig + SecretOccurrence: properties: - name: - description: Name of the product. - type: string - id: - description: >- - Token that identifies a product so that it can be referred to from - other parts in the document. There is no predefined format as long - as it uniquely identifies a group in the context of the current - document. - type: string - genericUri: - description: >- - Contains a URI which is vendor-specific. Example: The artifact - repository URL of an image. + statuses: + type: array + description: Optional. Status of the secret. + items: + $ref: '#/components/schemas/SecretStatus' + locations: + description: Optional. Locations where the secret is detected. + type: array + items: + $ref: '#/components/schemas/SecretLocation' + kind: + enum: + - SECRET_KIND_UNSPECIFIED + - SECRET_KIND_UNKNOWN + - SECRET_KIND_GCP_SERVICE_ACCOUNT_KEY + - SECRET_KIND_GCP_API_KEY + - SECRET_KIND_GCP_OAUTH2_CLIENT_CREDENTIALS + - SECRET_KIND_GCP_OAUTH2_ACCESS_TOKEN + - SECRET_KIND_ANTHROPIC_ADMIN_API_KEY + - SECRET_KIND_ANTHROPIC_API_KEY + - SECRET_KIND_AZURE_ACCESS_TOKEN + - SECRET_KIND_AZURE_IDENTITY_TOKEN + - SECRET_KIND_DOCKER_HUB_PERSONAL_ACCESS_TOKEN + - SECRET_KIND_GITHUB_APP_REFRESH_TOKEN + - SECRET_KIND_GITHUB_APP_SERVER_TO_SERVER_TOKEN + - SECRET_KIND_GITHUB_APP_USER_TO_SERVER_TOKEN + - SECRET_KIND_GITHUB_CLASSIC_PERSONAL_ACCESS_TOKEN + - SECRET_KIND_GITHUB_FINE_GRAINED_PERSONAL_ACCESS_TOKEN + - SECRET_KIND_GITHUB_OAUTH_TOKEN + - SECRET_KIND_HUGGINGFACE_API_KEY + - SECRET_KIND_OPENAI_API_KEY + - SECRET_KIND_PERPLEXITY_API_KEY + - SECRET_KIND_STRIPE_SECRET_KEY + - SECRET_KIND_STRIPE_RESTRICTED_KEY + - SECRET_KIND_STRIPE_WEBHOOK_SECRET + enumDescriptions: + - Unspecified + - The secret kind is unknown. + - >- + A Google Cloud service account key per: + https://cloud.google.com/iam/docs/creating-managing-service-account-keys + - >- + A Google Cloud API key per: + https://cloud.google.com/docs/authentication/api-keys + - >- + A Google Cloud OAuth2 client credentials per: + https://developers.google.com/identity/protocols/oauth2 + - >- + A Google Cloud OAuth2 access token per: + https://cloud.google.com/docs/authentication/token-types#access + - An Anthropic Admin API key. + - An Anthropic API key. + - An Azure access token. + - An Azure Identity Platform ID token. + - A Docker Hub personal access token. + - A GitHub App refresh token. + - A GitHub App server-to-server token. + - A GitHub App user-to-server token. + - A GitHub personal access token (classic). + - A GitHub fine-grained personal access token. + - A GitHub OAuth token. + - A Hugging Face API key. + - An OpenAI API key. + - A Perplexity API key. + - A Stripe secret key. + - A Stripe restricted key. + - A Stripe webhook secret. type: string - Assessment: - id: Assessment - description: >- - Assessment provides all information that is related to a single - vulnerability for this product. + description: Required. Type of secret. type: object + id: SecretOccurrence + description: The occurrence provides details of a secret. + WindowsDetail: + id: WindowsDetail properties: - cve: - description: >- - Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) - tracking number for the vulnerability. Deprecated: Use - vulnerability_id instead to denote CVEs. - deprecated: true - type: string - vulnerabilityId: - description: >- - The vulnerability identifier for this Assessment. Will hold one of - common identifiers e.g. CVE, GHSA etc. + description: + description: The description of this vulnerability. type: string - shortDescription: - description: A one sentence description of this Vex. + cpeUri: type: string - longDescription: - description: A detailed description of this Vex. + description: >- + Required. The [CPE URI](https://cpe.mitre.org/specification/) this + vulnerability affects. + name: + description: Required. The name of this vulnerability. type: string - relatedUris: + fixingKbs: + items: + $ref: '#/components/schemas/KnowledgeBase' description: >- - Holds a list of references associated with this vulnerability item - and assessment. These uris have additional information about the - vulnerability and the assessment itself. E.g. Link to a document - which details how this assessment concluded the state of this - vulnerability. + Required. The names of the KBs which have hotfixes to mitigate this + vulnerability. Note that there may be multiple hotfixes (and thus + multiple KBs) that mitigate a given vulnerability. Currently any + listed KBs presence is considered a fix. type: array + type: object + Command: + properties: + env: items: - $ref: '#/components/schemas/RelatedUrl' - state: - description: Provides the state of this Vulnerability assessment. - type: string - enumDescriptions: - - No state is specified. - - This product is known to be affected by this vulnerability. - - This product is known to be not affected by this vulnerability. - - This product contains a fix for this vulnerability. - - >- - It is not known yet whether these versions are or are not affected - by the vulnerability. However, it is still under investigation. - enum: - - STATE_UNSPECIFIED - - AFFECTED - - NOT_AFFECTED - - FIXED - - UNDER_INVESTIGATION - impacts: - description: >- - Contains information about the impact of this vulnerability, this - will change with time. + type: string + description: Environment variables set before running this command. + type: array + args: type: array items: type: string - justification: - description: >- - Justification provides the justification when the state of the - assessment if NOT_AFFECTED. - $ref: '#/components/schemas/Justification' - remediations: + description: Command-line arguments used when executing this command. + name: + type: string description: >- - Specifies details on how to handle (and presumably, fix) a - vulnerability. + Required. Name of the command, as presented on the command line, or + if the command is packaged as a Docker container, as presented to + `docker pull`. + waitFor: + description: The ID(s) of the command(s) that this command depends on. type: array items: - $ref: '#/components/schemas/Remediation' - SBOMReferenceNote: - id: SBOMReferenceNote - description: The note representing an SBOM reference. - type: object - properties: - format: - description: The format that SBOM takes. E.g. may be spdx, cyclonedx, etc... + type: string + dir: + description: >- + Working directory (relative to project source root) used when + running this command. type: string - version: + id: description: >- - The version of the format that the SBOM takes. E.g. if the format is - spdx, the version may be 2.3. + Optional unique identifier for this command, used in wait_for to + reference this command as a dependency. type: string - SecretNote: - id: SecretNote - description: The note representing a secret. type: object - properties: {} - ListNotesResponse: - id: ListNotesResponse - description: Response for listing notes. + description: Command describes a step performed as part of the build pipeline. + id: Command + ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsNpmPackage: + id: ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsNpmPackage + description: >- + Npm package to upload to Artifact Registry upon successful completion of + all build steps. type: object properties: - notes: - description: The notes requested. - type: array - items: - $ref: '#/components/schemas/Note' - nextPageToken: + packagePath: + type: string description: >- - The next pagination token in the list response. It should be used as - `page_token` for the following request. An empty value means no more - results. + Optional. Path to the package.json. e.g. workspace/path/to/package + Only one of `archive` or `package_path` can be specified. + repository: type: string - unreachable: description: >- - Unordered list. Unreachable regions. Populated for requests from the - global region when `return_partial_success` is set. Format: - `projects/[PROJECT_ID]/locations/[LOCATION]` - type: array - items: - type: string - BatchCreateNotesRequest: - id: BatchCreateNotesRequest - description: Request to create notes in batch. - type: object - properties: - notes: - description: Required. The notes to create. Max allowed length is 1000. - type: object - additionalProperties: - $ref: '#/components/schemas/Note' - BatchCreateNotesResponse: - id: BatchCreateNotesResponse - description: Response for creating notes in batch. + Artifact Registry repository, in the form + "https://$REGION-npm.pkg.dev/$PROJECT/$REPOSITORY" Npm package in + the workspace specified by path will be zipped and uploaded to + Artifact Registry with this location as a prefix. + ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan: + id: ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan type: object properties: - notes: - description: The notes that were created. - type: array - items: - $ref: '#/components/schemas/Note' - ListNoteOccurrencesResponse: - id: ListNoteOccurrencesResponse - description: Response for listing occurrences for a note. - type: object + startTime: + type: string + description: Start of time span. + format: google-datetime + endTime: + description: End of time span. + format: google-datetime + type: string + description: Start and end times for a build execution phase. + BaseImage: + description: BaseImage describes a base image of a container image. properties: - occurrences: - description: The occurrences attached to the specified note. - type: array - items: - $ref: '#/components/schemas/Occurrence' - nextPageToken: - description: Token to provide to skip to a particular spot in the list. + repository: + description: The repository name in which the base image is from. type: string - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. + name: + description: The name of the base image. + type: string + layerCount: + format: int32 + description: The number of layers that the base image is composed of. + type: integer + id: BaseImage type: object - properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + SlsaRecipe: + id: SlsaRecipe type: object + description: >- + Steps taken to build the artifact. For a TaskRun, typically each + container corresponds to one step in the recipe. properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: - description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' - etag: + definedInMaterial: + format: int64 + type: string description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + Index in materials containing the recipe steps that are not implied + by recipe.type. For example, if the recipe type were "make", then + this would point to the source containing the Makefile, not the make + program itself. Set to -1 if the recipe doesn't come from a + material, as zero is default unset value for int64. + entryPoint: type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. - type: object - properties: - role: description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + String identifying the entry point into the build. This is often a + path to a configuration file and/or a target label within that file. + The syntax and meaning are defined by recipe.type. For example, if + the recipe type were "make", then this would reference the directory + in which to run make as well as which target to use. + environment: + description: >- + Any other builder-controlled inputs necessary for correctly + evaluating the recipe. Usually only needed for reproducing the build + but not evaluated as part of policy. Depending on the recipe Type, + the structure may be different. + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: type: string - members: description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: + URI indicating what type of recipe was performed. It determines the + meaning of recipe.entryPoint, recipe.arguments, recipe.environment, + and materials. + arguments: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' + Collection of all external inputs that influenced the build on top + of recipe.definedInMaterial and recipe.entryPoint. For example, if + the recipe type were "make", then this might be the flags passed to + make aside from the target, which is captured in recipe.entryPoint. + Depending on the recipe Type, the structure may be different. Expr: id: Expr description: >- @@ -3668,511 +3430,414 @@ components: evaluates it. See the service documentation for additional information. type: object properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string title: description: >- Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string location: description: >- Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. type: string - GetIamPolicyRequest: - id: GetIamPolicyRequest - description: Request message for `GetIamPolicy` method. - type: object - properties: - options: - description: >- - OPTIONAL: A `GetPolicyOptions` object for specifying options to - `GetIamPolicy`. - $ref: '#/components/schemas/GetPolicyOptions' - GetPolicyOptions: - id: GetPolicyOptions - description: Encapsulates settings provided to GetIamPolicy. - type: object - properties: - requestedPolicyVersion: - description: >- - Optional. The maximum policy version that will be used to format the - policy. Valid values are 0, 1, and 3. Requests specifying an invalid - value will be rejected. Requests for policies with any conditional - role bindings must specify version 3. Policies with no conditional - role bindings may specify any valid value or leave the field unset. - The policy in the response might use the policy version that you - specified, or it might use a lower policy version. For example, if - you specify version 3, but the policy has no conditional role - bindings, the response uses version 1. To learn which resources - support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: + expression: description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object - properties: - permissions: + Textual representation of an expression in Common Expression + Language syntax. + type: string + description: + type: string description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - VulnerabilityOccurrencesSummary: - id: VulnerabilityOccurrencesSummary - description: >- - A summary of how many vulnerability occurrences there are per resource - and severity type. - type: object + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsMavenArtifact: + id: ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsMavenArtifact properties: - counts: - description: >- - A listing by resource of the number of fixable and total - vulnerabilities. - type: array - items: - $ref: '#/components/schemas/FixableTotalByDigest' - unreachable: + artifactId: description: >- - Unordered list. Unreachable regions. Populated for requests from the - global region when `return_partial_success` is set. Format: - `projects/[PROJECT_ID]/locations/[LOCATION]` - type: array - items: - type: string - FixableTotalByDigest: - id: FixableTotalByDigest - description: Per resource and severity counts of fixable and total vulnerabilities. - type: object - properties: - resourceUri: - description: The affected resource. + Maven `artifactId` value used when uploading the artifact to + Artifact Registry. type: string - severity: + repository: description: >- - The severity for this count. SEVERITY_UNSPECIFIED indicates total - across all severities. - type: string - enumDescriptions: - - Unknown. - - Minimal severity. - - Low severity. - - Medium severity. - - High severity. - - Critical severity. - enum: - - SEVERITY_UNSPECIFIED - - MINIMAL - - LOW - - MEDIUM - - HIGH - - CRITICAL - fixableCount: - description: The number of fixable vulnerabilities associated with this resource. + Artifact Registry repository, in the form + "https://$REGION-maven.pkg.dev/$PROJECT/$REPOSITORY" Artifact in the + workspace specified by path will be uploaded to Artifact Registry + with this location as a prefix. type: string - format: int64 - totalCount: - description: The total number of vulnerabilities associated with this resource. + version: type: string - format: int64 - ExportSBOMRequest: - id: ExportSBOMRequest - description: >- - The request to generate and export SBOM. Target must be specified for - the request. - type: object - properties: - cloudStorageLocation: description: >- - Optional. Empty placeholder to denote that this is a Google Cloud - Storage export request. - $ref: '#/components/schemas/CloudStorageLocation' - CloudStorageLocation: - id: CloudStorageLocation - description: >- - Empty placeholder to denote that this is a Google Cloud Storage export - request. - type: object - properties: {} - ExportSBOMResponse: - id: ExportSBOMResponse - description: The response from a call to ExportSBOM. - type: object - properties: - discoveryOccurrence: + Maven `version` value used when uploading the artifact to Artifact + Registry. + groupId: + description: >- + Maven `groupId` value used when uploading the artifact to Artifact + Registry. + type: string + deployFolder: description: >- - The name of the discovery occurrence in the form - "projects/{project_id}/occurrences/{OCCURRENCE_ID} It can be used to - track the progress of the SBOM export. + Optional. Path to a folder containing the files to upload to + Artifact Registry. This can be either an absolute path, e.g. + `/workspace/my-app/target/`, or a relative path from /workspace, + e.g. `my-app/target/`. This field is mutually exclusive with the + `path` field. + type: string + path: + description: >- + Optional. Path to an artifact in the build's workspace to be + uploaded to Artifact Registry. This can be either an absolute path, + e.g. /workspace/my-app/target/my-app-1.0.SNAPSHOT.jar or a relative + path from /workspace, e.g. my-app/target/my-app-1.0.SNAPSHOT.jar. type: string - GoogleDevtoolsContaineranalysisV1alpha1OperationMetadata: - id: GoogleDevtoolsContaineranalysisV1alpha1OperationMetadata description: >- - Metadata for all operations used and required for all operations that - created by Container Analysis Providers + A Maven artifact to upload to Artifact Registry upon successful + completion of all build steps. type: object + ContaineranalysisGoogleDevtoolsCloudbuildV1BuiltImage: properties: - createTime: - description: Output only. The time this operation was created. + artifactRegistryPackage: + readOnly: true + description: Output only. Path to the artifact in Artifact Registry. type: string - format: google-datetime - endTime: - description: >- - Output only. The time that this operation was marked completed or - failed. + digest: type: string - format: google-datetime - ContaineranalysisGoogleDevtoolsCloudbuildV1BuildStep: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1BuildStep - description: A step in the build pipeline. + description: Docker Registry 2.0 digest. + name: + type: string + description: >- + Name used to push the container image to Google Container Registry, + as presented to `docker push`. + pushTiming: + readOnly: true + description: >- + Output only. Stores timing information for pushing the specified + image. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan + type: object + id: ContaineranalysisGoogleDevtoolsCloudbuildV1BuiltImage + description: An image built by the pipeline. + Hint: type: object + description: >- + This submessage provides human-readable hints about the purpose of the + authority. Because the name of a note acts as its resource reference, it + is important to disambiguate the canonical name of the Note (which might + be a UUID for security purposes) from "readable" names more suitable for + debug output. Note that these hints should not be used to look up + authorities in security sensitive contexts, such as when looking up + attestations to verify. + id: Hint properties: - name: + humanReadableName: description: >- - Required. The name of the container image that will run this - particular build step. If the image is available in the host's - Docker daemon's cache, it will be run directly. If not, the host - will attempt to pull the image first, using the builder service - account's credentials if necessary. The Docker daemon's cache will - already have the latest versions of all of the officially supported - build steps - ([https://github.com/GoogleCloudPlatform/cloud-builders](https://github.com/GoogleCloudPlatform/cloud-builders)). - The Docker daemon will also have cached many of the layers for some - popular images, like "ubuntu", "debian", but they will be refreshed - at the time you attempt to use them. If you built an image in a - previous build step, it will be stored in the host's Docker daemon's - cache and is available to use as the name for a later build step. + Required. The human readable name of this attestation authority, for + example "qa". type: string - env: - description: >- - A list of environment variable definitions to be used when running a - step. The elements are of the form "KEY=VALUE" for the environment - variable "KEY" being given the value "VALUE". - type: array + BatchCreateNotesResponse: + type: object + properties: + notes: items: - type: string - args: - description: >- - A list of arguments that will be presented to the step when it is - started. If the image used to run the step's container has an - entrypoint, the `args` are used as arguments to that entrypoint. If - the image does not define an entrypoint, the first element in args - is used as the entrypoint, and the remainder will be used as - arguments. + $ref: '#/components/schemas/Note' + description: The notes that were created. type: array - items: - type: string - dir: - description: >- - Working directory to use when running this step's container. If this - value is a relative path, it is relative to the build's working - directory. If this value is absolute, it may be outside the build's - working directory, in which case the contents of the path may not be - persisted across build step executions, unless a `volume` for that - path is specified. If the build specifies a `RepoSource` with `dir` - and a step with a `dir`, which specifies an absolute path, the - `RepoSource` `dir` is ignored for the step's execution. + description: Response for creating notes in batch. + id: BatchCreateNotesResponse + ComplianceNote: + properties: + remediation: type: string - id: - description: >- - Unique identifier for this build step, used in `wait_for` to - reference this build step as a dependency. + description: A description of remediation steps if the compliance check fails. + impact: type: string - waitFor: - description: >- - The ID(s) of the step(s) that this build step depends on. This build - step will not start until all the build steps in `wait_for` have - completed successfully. If `wait_for` is empty, this build step will - start when all previous build steps in the `Build.Steps` list have - completed successfully. + version: type: array items: - type: string - entrypoint: - description: >- - Entrypoint to be used instead of the build step image's default - entrypoint. If unset, the image's default entrypoint is used. + $ref: '#/components/schemas/ComplianceVersion' + description: The OS and config versions the benchmark applies to. + rationale: type: string - secretEnv: - description: >- - A list of environment variables which are encrypted using a Cloud - Key Management Service crypto key. These values must be specified in - the build's `Secret`. - type: array - items: + description: A rationale for the existence of this compliance check. + description: + description: A description about this compliance check. + type: string + title: + description: The title that identifies this compliance check. + type: string + cisBenchmark: + $ref: '#/components/schemas/CisBenchmark' + scanInstructions: + format: byte + description: Serialized scan instructions with a predefined format. + type: string + type: object + id: ComplianceNote + Subject: + id: Subject + type: object + properties: + name: + type: string + digest: + type: object + additionalProperties: type: string - volumes: - description: >- - List of volumes to mount into the build step. Each volume is created - as an empty volume prior to execution of the build step. Upon - completion of the build, volumes and their contents are discarded. - Using a named volume in only one step is not valid as it is - indicative of a build request with an incorrect configuration. - type: array - items: - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Volume - timing: description: >- - Output only. Stores timing information for executing this build - step. - readOnly: true - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan - pullTiming: - description: >- - Output only. Stores timing information for pulling this build step's - builder image only. - readOnly: true - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan - timeout: - description: >- - Time limit for executing this build step. If not defined, the step - has no time limit and will be allowed to continue to run until - either it completes or the build itself times out. - type: string - format: google-duration - status: + `"": ""` Algorithms can be e.g. sha256, sha512 See + https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet + BuildNote: + description: >- + Note holding the version of the provider's builder and the signature of + the provenance message in the build details occurrence. + id: BuildNote + type: object + properties: + builderVersion: description: >- - Output only. Status of the build step. At this time, build step - status is only updated on build completion; step status is not - updated in real-time as the build progresses. - readOnly: true + Required. Immutable. Version of the builder which produced this + build. type: string - enumDescriptions: - - Status of the build is unknown. - - >- - Build has been created and is pending execution and queuing. It - has not been queued. - - Build or step is queued; work has not yet begun. - - Build or step is being executed. - - Build or step finished successfully. - - Build or step failed to complete successfully. - - Build or step failed due to an internal cause. - - Build or step took longer than was allowed. - - Build or step was canceled by a user. - - Build was enqueued for longer than the value of `queue_ttl`. - enum: - - STATUS_UNKNOWN - - PENDING - - QUEUED - - WORKING - - SUCCESS - - FAILURE - - INTERNAL_ERROR - - TIMEOUT - - CANCELLED - - EXPIRED - allowFailure: - description: >- - Allow this build step to fail without failing the entire build. If - false, the entire build will fail if this step fails. Otherwise, the - build will succeed, but this step will still have a failure status. - Error information will be reported in the failure_detail field. - type: boolean - exitCode: - description: Output only. Return code from running the step. - readOnly: true - type: integer - format: int32 - allowExitCodes: + PackageIssue: + id: PackageIssue + type: object + description: >- + A detail for a distro and package this vulnerability occurrence was + found in and its associated fix (if one is available). + properties: + fixedCpeUri: description: >- - Allow this build step to fail without failing the entire build if - and only if the exit code is one of the specified codes. If - allow_failure is also specified, this field will take precedence. - type: array + The [CPE URI](https://cpe.mitre.org/specification/) this + vulnerability was fixed in. It is possible for this to be different + from the affected_cpe_uri. + type: string + fileLocation: items: - type: integer - format: int32 - script: + $ref: '#/components/schemas/GrafeasV1FileLocation' + type: array + description: The location at which this package was found. + fixedVersion: description: >- - A shell script to be executed in the step. When script is provided, - the user cannot specify the entrypoint or args. + Required. The version of the package this vulnerability was fixed + in. Setting this to VersionKind.MAXIMUM means no fix is yet + available. + $ref: '#/components/schemas/Version' + packageType: type: string - automapSubstitutions: + description: The type of package (e.g. OS, MAVEN, GO). + affectedPackage: + type: string + description: Required. The package this vulnerability was found in. + affectedCpeUri: description: >- - Option to include built-in and custom substitutions as env variables - for this build step. This option will override the global option in - BuildOption. + Required. The [CPE URI](https://cpe.mitre.org/specification/) this + vulnerability was found in. + type: string + effectiveSeverity: + type: string + readOnly: true + enumDescriptions: + - Unknown. + - Minimal severity. + - Low severity. + - Medium severity. + - High severity. + - Critical severity. + description: >- + Output only. The distro or language system assigned severity for + this vulnerability when that is available and note provider assigned + severity when it is not available. + enum: + - SEVERITY_UNSPECIFIED + - MINIMAL + - LOW + - MEDIUM + - HIGH + - CRITICAL + fixAvailable: type: boolean - ContaineranalysisGoogleDevtoolsCloudbuildV1Volume: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1Volume - description: >- - Volume describes a Docker container volume which is mounted into build - steps in order to persist files across build step execution. - type: object - properties: - name: + description: Output only. Whether a fix is available for this package. + affectedVersion: description: >- - Name of the volume to mount. Volume names must be unique per build - step and must be valid names for Docker volumes. Each named volume - must be used by at least two build steps. + Required. The version of the package that is installed on the + resource affected by this vulnerability. + $ref: '#/components/schemas/Version' + fixedPackage: type: string - path: description: >- - Path at which to mount the volume. Paths must be absolute and cannot - conflict with other volume paths on the same build step or with - certain reserved volume paths. - type: string - ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan - description: Start and end times for a build execution phase. + The package this vulnerability was fixed in. It is possible for this + to be different from the affected_package. + ContaineranalysisGoogleDevtoolsCloudbuildV1Build: + description: >- + A build resource in the Cloud Build API. At a high level, a `Build` + describes where to find source code, how to build it (for example, the + builder image to run on the source), and where to store the built + artifacts. Fields can include the following variables, which will be + expanded when the build is created: - $PROJECT_ID: the project ID of the + build. - $PROJECT_NUMBER: the project number of the build. - $LOCATION: + the location/region of the build. - $BUILD_ID: the autogenerated ID of + the build. - $REPO_NAME: the source repository name specified by + RepoSource. - $BRANCH_NAME: the branch name specified by RepoSource. - + $TAG_NAME: the tag name specified by RepoSource. - $REVISION_ID or + $COMMIT_SHA: the commit SHA specified by RepoSource or resolved from the + specified branch or tag. - $SHORT_SHA: first 7 characters of + $REVISION_ID or $COMMIT_SHA. type: object + id: ContaineranalysisGoogleDevtoolsCloudbuildV1Build properties: - startTime: - description: Start of time span. - type: string - format: google-datetime - endTime: - description: End of time span. + logsBucket: type: string - format: google-datetime - BuildStep: - id: BuildStep - description: 'A step in the build pipeline. Next ID: 23' - type: object - properties: - name: description: >- - Required. The name of the container image that will run this - particular build step. If the image is available in the host's - Docker daemon's cache, it will be run directly. If not, the host - will attempt to pull the image first, using the builder service - account's credentials if necessary. The Docker daemon's cache will - already have the latest versions of all of the officially supported - build steps - ([https://github.com/GoogleCloudPlatform/cloud-builders](https://github.com/GoogleCloudPlatform/cloud-builders)). - The Docker daemon will also have cached many of the layers for some - popular images, like "ubuntu", "debian", but they will be refreshed - at the time you attempt to use them. If you built an image in a - previous build step, it will be stored in the host's Docker daemon's - cache and is available to use as the name for a later build step. + Cloud Storage bucket where logs should be written (see [Bucket Name + Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). + Logs file names will be of the format + `${logs_bucket}/log-${build_id}.txt`. + artifacts: + description: >- + Artifacts produced by the build that should be uploaded upon + successful completion of all build steps. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Artifacts + statusDetail: + readOnly: true + description: Output only. Customer-readable message about the current status. type: string - env: + timing: + additionalProperties: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan + type: object description: >- - A list of environment variable definitions to be used when running a - step. The elements are of the form "KEY=VALUE" for the environment - variable "KEY" being given the value "VALUE". - type: array + Output only. Stores timing information for phases of the build. + Valid keys are: * BUILD: time to execute all build steps. * PUSH: + time to push all artifacts including docker images and non docker + artifacts. * FETCHSOURCE: time to fetch source. * SETUPBUILD: time + to set up build. If the build does not specify source or images, + these keys will not be included. + readOnly: true + sourceProvenance: + readOnly: true + description: Output only. A permanent fixed identifier for source. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1SourceProvenance + startTime: + format: google-datetime + readOnly: true + description: Output only. Time at which execution of the build was started. + type: string + images: items: type: string - args: description: >- - A list of arguments that will be presented to the step when it is - started. If the image used to run the step's container has an - entrypoint, the `args` are used as arguments to that entrypoint. If - the image does not define an entrypoint, the first element in args - is used as the entrypoint, and the remainder will be used as - arguments. + A list of images to be pushed upon the successful completion of all + build steps. The images are pushed using the builder service + account's credentials. The digests of the pushed images will be + stored in the `Build` resource's results field. If any of the images + fail to be pushed, the build status is marked `FAILURE`. type: array + tags: items: type: string - dir: - description: >- - Working directory to use when running this step's container. If this - value is a relative path, it is relative to the build's working - directory. If this value is absolute, it may be outside the build's - working directory, in which case the contents of the path may not be - persisted across build step executions, unless a `volume` for that - path is specified. If the build specifies a `RepoSource` with `dir` - and a step with a `dir`, which specifies an absolute path, the - `RepoSource` `dir` is ignored for the step's execution. + description: Tags for annotation of a `Build`. These are not docker tags. + type: array + logUrl: + description: Output only. URL to logs for this build in Google Cloud Console. + readOnly: true type: string - id: - description: >- - Unique identifier for this build step, used in `wait_for` to - reference this build step as a dependency. + projectId: + readOnly: true type: string - waitFor: + description: Output only. ID of the project. + failureInfo: description: >- - The ID(s) of the step(s) that this build step depends on. This build - step will not start until all the build steps in `wait_for` have - completed successfully. If `wait_for` is empty, this build step will - start when all previous build steps in the `Build.Steps` list have - completed successfully. - type: array - items: - type: string - entrypoint: + Output only. Contains information about the build when + status=FAILURE. + readOnly: true + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1BuildFailureInfo + gitConfig: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1GitConfig + description: Optional. Configuration for git operations. + finishTime: + type: string + format: google-datetime description: >- - Entrypoint to be used instead of the build step image's default - entrypoint. If unset, the image's default entrypoint is used. + Output only. Time at which execution of the build was finished. The + difference between finish_time and start_time is the duration of the + build's execution. + readOnly: true + createTime: type: string - secretEnv: + format: google-datetime description: >- - A list of environment variables which are encrypted using a Cloud - Key Management Service crypto key. These values must be specified in - the build's `Secret`. - type: array - items: - type: string - volumes: + Output only. Time at which the request to create the build was + received. + readOnly: true + options: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptions + description: Special options for this build. + results: + description: Output only. Results of the build. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Results + readOnly: true + serviceAccount: + type: string description: >- - List of volumes to mount into the build step. Each volume is created - as an empty volume prior to execution of the build step. Upon - completion of the build, volumes and their contents are discarded. - Using a named volume in only one step is not valid as it is - indicative of a build request with an incorrect configuration. + IAM service account whose credentials will be used at build runtime. + Must be of the format + `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. ACCOUNT can be + email address or uniqueId of the service account. + steps: type: array + description: Required. The operations to be performed on the workspace. items: - $ref: '#/components/schemas/Volume' - timing: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1BuildStep + approval: description: >- - Output only. Stores timing information for executing this build - step. - $ref: '#/components/schemas/TimeSpan' - pullTiming: + Output only. Describes this build's approval configuration, status, + and result. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1BuildApproval + readOnly: true + buildTriggerId: + readOnly: true + type: string description: >- - Output only. Stores timing information for pulling this build step's - builder image only. - $ref: '#/components/schemas/TimeSpan' - timeout: + Output only. The ID of the `BuildTrigger` that triggered this build, + if it was triggered automatically. + dependencies: + items: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Dependency + type: array description: >- - Time limit for executing this build step. If not defined, the step - has no time limit and will be allowed to continue to run until - either it completes or the build itself times out. + Optional. Dependencies that the Cloud Build worker will fetch before + executing user steps. + source: + description: Optional. The location of the source files to build. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Source + availableSecrets: + description: Secrets and secret environment variables. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Secrets + id: + description: Output only. Unique identifier of the build. type: string - format: google-duration + readOnly: true status: - description: >- - Output only. Status of the build step. At this time, build step - status is only updated on build completion; step status is not - updated in real-time as the build progresses. - type: string + readOnly: true enumDescriptions: - Status of the build is unknown. - >- Build has been created and is pending execution and queuing. It has not been queued. - - Build has been received and is being queued. - Build or step is queued; work has not yet begun. - Build or step is being executed. - Build or step finished successfully. @@ -4184,7 +3849,6 @@ components: enum: - STATUS_UNKNOWN - PENDING - - QUEUING - QUEUED - WORKING - SUCCESS @@ -4193,50 +3857,234 @@ components: - TIMEOUT - CANCELLED - EXPIRED - allowFailure: + description: Output only. Status of the build. + type: string + secrets: + type: array description: >- - Allow this build step to fail without failing the entire build. If - false, the entire build will fail if this step fails. Otherwise, the - build will succeed, but this step will still have a failure status. - Error information will be reported in the failure_detail field. - type: boolean - exitCode: - description: Output only. Return code from running the step. - type: integer - format: int32 - allowExitCodes: + Secrets to decrypt using Cloud Key Management Service. Note: Secret + Manager is the recommended technique for managing sensitive data + with Cloud Build. Use `available_secrets` to configure builds to + access secrets from Secret Manager. For instructions, see: + https://cloud.google.com/cloud-build/docs/securing-builds/use-secrets + items: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Secret + timeout: + format: google-duration + type: string + description: >- + Amount of time that this build should be allowed to run, to second + granularity. If this amount of time elapses, work on the build will + cease and the build status will be `TIMEOUT`. `timeout` starts + ticking from `startTime`. Default time is 60 minutes. + warnings: + type: array + items: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1BuildWarning + description: >- + Output only. Non-fatal problems encountered during the execution of + the build. + readOnly: true + name: + description: >- + Output only. The 'Build' name with format: + `projects/{project}/locations/{location}/builds/{build}`, where + {build} is a unique identifier generated by the service. + type: string + readOnly: true + substitutions: + description: Substitutions data for `Build` resource. + additionalProperties: + type: string + type: object + queueTtl: + type: string + description: >- + TTL in queue for this build. If provided and the build is enqueued + longer than this value, the build will expire and the build status + will be `EXPIRED`. The TTL starts ticking from create_time. + format: google-duration + ContaineranalysisGoogleDevtoolsCloudbuildV1Volume: + properties: + name: + type: string + description: >- + Name of the volume to mount. Volume names must be unique per build + step and must be valid names for Docker volumes. Each named volume + must be used by at least two build steps. + path: + type: string + description: >- + Path at which to mount the volume. Paths must be absolute and cannot + conflict with other volume paths on the same build step or with + certain reserved volume paths. + type: object + description: >- + Volume describes a Docker container volume which is mounted into build + steps in order to persist files across build step execution. + id: ContaineranalysisGoogleDevtoolsCloudbuildV1Volume + BatchCreateOccurrencesResponse: + type: object + description: Response for creating occurrences in batch. + id: BatchCreateOccurrencesResponse + properties: + occurrences: + description: The occurrences that were created. + type: array + items: + $ref: '#/components/schemas/Occurrence' + UpgradeDistribution: + type: object + description: >- + The Upgrade Distribution represents metadata about the Upgrade for each + operating system (CPE). Some distributions have additional metadata + around updates, classifying them into various categories and severities. + id: UpgradeDistribution + properties: + severity: + description: The severity as specified by the upstream operating system. + type: string + cve: + items: + type: string + type: array + description: The cve tied to this Upgrade. + cpeUri: + type: string + description: >- + Required - The specific operating system this metadata applies to. + See https://cpe.mitre.org/specification/. + classification: + description: >- + The operating system classification of this Upgrade, as specified by + the upstream operating system upgrade feed. For Windows the + classification is one of the category_ids listed at + https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85) + type: string + NonCompliantFile: + description: >- + Details about files that caused a compliance check to fail. + display_command is a single command that can be used to display a list + of non compliant files. When there is no such command, we can also + iterate a list of non compliant file using 'path'. + type: object + properties: + reason: + description: Explains why a file is non compliant for a CIS check. + type: string + displayCommand: + description: Command to display the non-compliant files. + type: string + path: + description: Empty if `display_command` is set. + type: string + id: NonCompliantFile + GrafeasV1SlsaProvenanceZeroTwoSlsaMaterial: + type: object + description: >- + The collection of artifacts that influenced the build including sources, + dependencies, build tools, base images, and so on. + properties: + digest: + type: object + additionalProperties: + type: string + uri: + type: string + id: GrafeasV1SlsaProvenanceZeroTwoSlsaMaterial + SecretStatus: + description: The status of the secret with a timestamp. + properties: + status: + description: Optional. The status of the secret. + enumDescriptions: + - Unspecified + - The status of the secret is unknown. + - The secret is valid. + - The secret is invalid. + enum: + - STATUS_UNSPECIFIED + - UNKNOWN + - VALID + - INVALID + type: string + updateTime: + description: Optional. The time the secret status was last updated. + format: google-datetime + type: string + message: + description: Optional. Optional message about the status code. + type: string + type: object + id: SecretStatus + TimeSpan: + type: object + description: 'Start and end times for a build execution phase. Next ID: 3' + properties: + startTime: + description: Start of time span. + format: google-datetime + type: string + endTime: + format: google-datetime + type: string + description: End of time span. + id: TimeSpan + ContaineranalysisGoogleDevtoolsCloudbuildV1RepoSource: + description: Location of the source in a Google Cloud Source Repository. + properties: + invertRegex: + description: >- + Optional. Only trigger a build if the revision regex does NOT match + the revision regex. + type: boolean + branchName: description: >- - Allow this build step to fail without failing the entire build if - and only if the exit code is one of the specified codes. If - allow_failure is also specified, this field will take precedence. - type: array - items: - type: integer - format: int32 - script: + Regex matching branches to build. The syntax of the regular + expressions accepted is the syntax accepted by RE2 and described at + https://github.com/google/re2/wiki/Syntax + type: string + repoName: + description: Required. Name of the Cloud Source Repository. + type: string + projectId: + type: string description: >- - A shell script to be executed in the step. When script is provided, - the user cannot specify the entrypoint or args. + Optional. ID of the project that owns the Cloud Source Repository. + If omitted, the project ID requesting the build is assumed. + dir: + description: >- + Optional. Directory, relative to the source root, in which to run + the build. This must be a relative path. If a step's `dir` is + specified and is an absolute path, this value is ignored for that + step's execution. type: string - automapSubstitutions: + substitutions: description: >- - Option to include built-in and custom substitutions as env variables - for this build step. This option will override the global option in - BuildOption. - type: boolean - results: - type: array - items: - $ref: '#/components/schemas/StepResult' - remoteConfig: - description: Remote configuration for the build step. + Optional. Substitutions to use in a triggered build. Should only be + used with RunBuildTrigger + type: object + additionalProperties: + type: string + tagName: + description: >- + Regex matching tags to build. The syntax of the regular expressions + accepted is the syntax accepted by RE2 and described at + https://github.com/google/re2/wiki/Syntax type: string + commitSha: + type: string + description: Explicit commit SHA to build. + type: object + id: ContaineranalysisGoogleDevtoolsCloudbuildV1RepoSource Volume: + type: object id: Volume description: >- Volume describes a Docker container volume which is mounted into build steps in order to persist files across build step execution. Next ID: 3 - type: object properties: name: description: >- @@ -4250,1480 +4098,1720 @@ components: conflict with other volume paths on the same build step or with certain reserved volume paths. type: string - TimeSpan: - id: TimeSpan - description: 'Start and end times for a build execution phase. Next ID: 3' + BatchCreateOccurrencesRequest: type: object + description: Request to create occurrences in batch. + id: BatchCreateOccurrencesRequest properties: - startTime: - description: Start of time span. - type: string - format: google-datetime - endTime: - description: End of time span. - type: string - format: google-datetime - StepResult: - id: StepResult - description: StepResult is the declaration of a result for a build step. + occurrences: + description: Required. The occurrences to create. Max allowed length is 1000. + type: array + items: + $ref: '#/components/schemas/Occurrence' + BatchCreateNotesRequest: type: object + description: Request to create notes in batch. properties: - name: - type: string - attestationContentName: - type: string - attestationType: - type: string - ContaineranalysisGoogleDevtoolsCloudbuildV1Build: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1Build - description: >- - A build resource in the Cloud Build API. At a high level, a `Build` - describes where to find source code, how to build it (for example, the - builder image to run on the source), and where to store the built - artifacts. Fields can include the following variables, which will be - expanded when the build is created: - $PROJECT_ID: the project ID of the - build. - $PROJECT_NUMBER: the project number of the build. - $LOCATION: - the location/region of the build. - $BUILD_ID: the autogenerated ID of - the build. - $REPO_NAME: the source repository name specified by - RepoSource. - $BRANCH_NAME: the branch name specified by RepoSource. - - $TAG_NAME: the tag name specified by RepoSource. - $REVISION_ID or - $COMMIT_SHA: the commit SHA specified by RepoSource or resolved from the - specified branch or tag. - $SHORT_SHA: first 7 characters of - $REVISION_ID or $COMMIT_SHA. + notes: + type: object + additionalProperties: + $ref: '#/components/schemas/Note' + description: Required. The notes to create. Max allowed length is 1000. + id: BatchCreateNotesRequest + RunDetails: + id: RunDetails + properties: + metadata: + $ref: '#/components/schemas/BuildMetadata' + builder: + $ref: '#/components/schemas/ProvenanceBuilder' + byproducts: + items: + $ref: '#/components/schemas/ResourceDescriptor' + type: array + type: object + GrafeasV1FileLocation: type: object + description: Indicates the location at which a package was found. properties: - name: + filePath: description: >- - Output only. The 'Build' name with format: - `projects/{project}/locations/{location}/builds/{build}`, where - {build} is a unique identifier generated by the service. - readOnly: true - type: string - id: - description: Output only. Unique identifier of the build. - readOnly: true + For jars that are contained inside .war files, this filepath can + indicate the path to war file combined with the path to jar file. type: string - projectId: - description: Output only. ID of the project. - readOnly: true + layerDetails: + description: >- + Each package found in a file should have its own layer metadata + (that is, information from the origin layer of the package). + $ref: '#/components/schemas/LayerDetails' + id: GrafeasV1FileLocation + DSSEAttestationNote: + id: DSSEAttestationNote + type: object + properties: + hint: + $ref: '#/components/schemas/DSSEHint' + description: DSSEHint hints at the purpose of the attestation authority. + EnvelopeSignature: + id: EnvelopeSignature + properties: + sig: + format: byte type: string - status: - description: Output only. Status of the build. - readOnly: true + keyid: type: string - enumDescriptions: - - Status of the build is unknown. - - >- - Build has been created and is pending execution and queuing. It - has not been queued. - - Build or step is queued; work has not yet begun. - - Build or step is being executed. - - Build or step finished successfully. - - Build or step failed to complete successfully. - - Build or step failed due to an internal cause. - - Build or step took longer than was allowed. - - Build or step was canceled by a user. - - Build was enqueued for longer than the value of `queue_ttl`. - enum: - - STATUS_UNKNOWN - - PENDING - - QUEUED - - WORKING - - SUCCESS - - FAILURE - - INTERNAL_ERROR - - TIMEOUT - - CANCELLED - - EXPIRED - statusDetail: - description: Output only. Customer-readable message about the current status. - readOnly: true + type: object + InTotoProvenance: + type: object + properties: + recipe: + description: >- + Identifies the configuration used for the build. When combined with + materials, this SHOULD fully describe the build, such that + re-running this recipe results in bit-for-bit identical output (if + the build is reproducible). required + $ref: '#/components/schemas/Recipe' + metadata: + $ref: '#/components/schemas/Metadata' + builderConfig: + description: required + $ref: '#/components/schemas/BuilderConfig' + materials: + items: + type: string + type: array + description: >- + The collection of artifacts that influenced the build including + sources, dependencies, build tools, base images, and so on. This is + considered to be incomplete unless metadata.completeness.materials + is true. Unset or null is equivalent to empty. + id: InTotoProvenance + ListNoteOccurrencesResponse: + id: ListNoteOccurrencesResponse + type: object + description: Response for listing occurrences for a note. + properties: + occurrences: + description: The occurrences attached to the specified note. + items: + $ref: '#/components/schemas/Occurrence' + type: array + nextPageToken: + description: Token to provide to skip to a particular spot in the list. type: string - source: - description: Optional. The location of the source files to build. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Source - steps: - description: Required. The operations to be performed on the workspace. + GrafeasV1SlsaProvenanceZeroTwoSlsaInvocation: + properties: + environment: + type: object + additionalProperties: + type: any + description: Properties of the object. + configSource: + $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSource' + parameters: + type: object + additionalProperties: + type: any + description: Properties of the object. + description: Identifies the event that kicked off the build. + type: object + id: GrafeasV1SlsaProvenanceZeroTwoSlsaInvocation + SourceContext: + id: SourceContext + type: object + description: >- + A SourceContext is a reference to a tree of files. A SourceContext + together with a path point to a unique revision of a single file or + directory. + properties: + cloudRepo: + description: >- + A SourceContext referring to a revision in a Google Cloud Source + Repo. + $ref: '#/components/schemas/CloudRepoSourceContext' + gerrit: + description: A SourceContext referring to a Gerrit project. + $ref: '#/components/schemas/GerritSourceContext' + labels: + type: object + description: Labels with user defined metadata. + additionalProperties: + type: string + git: + $ref: '#/components/schemas/GitSourceContext' + description: >- + A SourceContext referring to any third party Git repo (e.g., + GitHub). + ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes: + description: >- + Container message for hashes of byte content of files, used in + SourceProvenance messages to verify integrity of source input to the + build. + type: object + id: ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes + properties: + fileHash: type: array + description: Collection of file hashes. items: $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1BuildStep - results: - description: Output only. Results of the build. - readOnly: true - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Results - createTime: - description: >- - Output only. Time at which the request to create the build was - received. + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Hash + ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalResult: + id: ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalResult + description: >- + ApprovalResult describes the decision and associated metadata of a + manual approval of a build. + type: object + properties: + approvalTime: + description: Output only. The time when the approval decision was made. readOnly: true type: string format: google-datetime - startTime: - description: Output only. Time at which execution of the build was started. - readOnly: true + decision: type: string - format: google-datetime - finishTime: + enum: + - DECISION_UNSPECIFIED + - APPROVED + - REJECTED + enumDescriptions: + - Default enum type. This should not be used. + - Build is approved. + - Build is rejected. + description: Required. The decision of this manual approval. + url: description: >- - Output only. Time at which execution of the build was finished. The - difference between finish_time and start_time is the duration of the - build's execution. - readOnly: true + Optional. An optional URL tied to this manual approval result. This + field is essentially the same as comment, except that it will be + rendered by the UI differently. An example use case is a link to an + external job that approved this Build. type: string - format: google-datetime - timeout: - description: >- - Amount of time that this build should be allowed to run, to second - granularity. If this amount of time elapses, work on the build will - cease and the build status will be `TIMEOUT`. `timeout` starts - ticking from `startTime`. Default time is 60 minutes. + comment: + description: Optional. An optional comment for this manual approval result. type: string - format: google-duration - images: - description: >- - A list of images to be pushed upon the successful completion of all - build steps. The images are pushed using the builder service - account's credentials. The digests of the pushed images will be - stored in the `Build` resource's results field. If any of the images - fail to be pushed, the build status is marked `FAILURE`. - type: array - items: - type: string - queueTtl: - description: >- - TTL in queue for this build. If provided and the build is enqueued - longer than this value, the build will expire and the build status - will be `EXPIRED`. The TTL starts ticking from create_time. + approverAccount: type: string - format: google-duration - artifacts: - description: >- - Artifacts produced by the build that should be uploaded upon - successful completion of all build steps. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Artifacts - logsBucket: description: >- - Cloud Storage bucket where logs should be written (see [Bucket Name - Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). - Logs file names will be of the format - `${logs_bucket}/log-${build_id}.txt`. - type: string - sourceProvenance: - description: Output only. A permanent fixed identifier for source. + Output only. Email of the user that called the ApproveBuild API to + approve or reject a build at the time that the API was called. readOnly: true - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1SourceProvenance - buildTriggerId: + ImageNote: + id: ImageNote + properties: + fingerprint: + description: Required. Immutable. The fingerprint of the base image. + $ref: '#/components/schemas/Fingerprint' + resourceUrl: + type: string description: >- - Output only. The ID of the `BuildTrigger` that triggered this build, - if it was triggered automatically. - readOnly: true + Required. Immutable. The resource_url for the resource representing + the basis of associated occurrence images. + type: object + description: >- + Basis describes the base image portion (Note) of the DockerImage + relationship. Linked occurrences are derived from this or an equivalent + image via: FROM Or an equivalent reference, e.g., a tag of the + resource_url. + GrafeasV1SlsaProvenanceZeroTwoSlsaMetadata: + id: GrafeasV1SlsaProvenanceZeroTwoSlsaMetadata + properties: + buildStartedOn: type: string - options: - description: Special options for this build. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptions - logUrl: - description: Output only. URL to logs for this build in Google Cloud Console. - readOnly: true + format: google-datetime + buildFinishedOn: type: string - substitutions: - description: Substitutions data for `Build` resource. - type: object + format: google-datetime + buildInvocationId: + type: string + completeness: + $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaCompleteness' + reproducible: + type: boolean + description: Other properties of the build. + type: object + File: + id: File + type: object + properties: + digest: additionalProperties: type: string - tags: - description: Tags for annotation of a `Build`. These are not docker tags. - type: array - items: - type: string - secrets: - description: >- - Secrets to decrypt using Cloud Key Management Service. Note: Secret - Manager is the recommended technique for managing sensitive data - with Cloud Build. Use `available_secrets` to configure builds to - access secrets from Secret Manager. For instructions, see: - https://cloud.google.com/cloud-build/docs/securing-builds/use-secrets - type: array - items: - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Secret - timing: - description: >- - Output only. Stores timing information for phases of the build. - Valid keys are: * BUILD: time to execute all build steps. * PUSH: - time to push all artifacts including docker images and non docker - artifacts. * FETCHSOURCE: time to fetch source. * SETUPBUILD: time - to set up build. If the build does not specify source or images, - these keys will not be included. - readOnly: true type: object - additionalProperties: - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan - approval: - description: >- - Output only. Describes this build's approval configuration, status, - and result. - readOnly: true - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1BuildApproval - serviceAccount: - description: >- - IAM service account whose credentials will be used at build runtime. - Must be of the format - `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. ACCOUNT can be - email address or uniqueId of the service account. + name: type: string - availableSecrets: - description: Secrets and secret environment variables. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Secrets - warnings: - description: >- - Output only. Non-fatal problems encountered during the execution of - the build. - readOnly: true - type: array - items: - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1BuildWarning - gitConfig: - description: Optional. Configuration for git operations. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1GitConfig - failureInfo: - description: >- - Output only. Contains information about the build when - status=FAILURE. - readOnly: true - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1BuildFailureInfo - dependencies: - description: >- - Optional. Dependencies that the Cloud Build worker will fetch before - executing user steps. - type: array - items: - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Dependency - ContaineranalysisGoogleDevtoolsCloudbuildV1Source: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1Source - description: Location of the source in a supported storage service. + Status: + id: Status + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). type: object properties: - storageSource: - description: If provided, get the source from this location in Cloud Storage. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSource - repoSource: - description: >- - If provided, get the source from this location in a Cloud Source - Repository. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1RepoSource - gitSource: - description: If provided, get the source from this Git repository. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1GitSource - storageSourceManifest: + details: description: >- - If provided, get the source from this manifest in Cloud Storage. - This feature is in Preview; see description - [here](https://github.com/GoogleCloudPlatform/cloud-builders/tree/master/gcs-fetcher). - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSourceManifest - connectedRepository: + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + message: + type: string description: >- - Optional. If provided, get the source from this 2nd-gen Google Cloud - Build repository resource. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ConnectedRepository - developerConnectConfig: - description: If provided, get the source from this Developer Connect config. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1DeveloperConnectConfig - ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSource: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSource - description: Location of the source in an archive file in Cloud Storage. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + Remediation: + description: >- + Specifies details on how to handle (and presumably, fix) a + vulnerability. type: object properties: - bucket: - description: >- - Cloud Storage bucket containing the source (see [Bucket Name - Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). + remediationType: + enum: + - REMEDIATION_TYPE_UNSPECIFIED + - MITIGATION + - NO_FIX_PLANNED + - NONE_AVAILABLE + - VENDOR_FIX + - WORKAROUND type: string - object: - description: >- - Required. Cloud Storage object containing the source. This object - must be a zipped (`.zip`) or gzipped archive file (`.tar.gz`) - containing source to build. + enumDescriptions: + - No remediation type specified. + - A MITIGATION is available. + - No fix is planned. + - Not available. + - A vendor fix is available. + - A workaround is available. + description: The type of remediation that can be applied. + remediationUri: + description: Contains the URL where to obtain the remediation. + $ref: '#/components/schemas/RelatedUrl' + details: type: string - generation: description: >- - Optional. Cloud Storage generation for the object. If the generation - is omitted, the latest generation will be used. + Contains a comprehensive human-readable discussion of the + remediation. + id: Remediation + Hash: + description: Container message for hash values. + type: object + id: Hash + properties: + value: + description: Required. The hash value. + format: byte type: string - format: int64 - sourceFetcher: + type: + description: Required. The type of hash that was performed, e.g. "SHA-256". + type: string + ContaineranalysisGoogleDevtoolsCloudbuildV1Secret: + properties: + secretEnv: + type: object + additionalProperties: + format: byte + type: string description: >- - Optional. Option to specify the tool to fetch the source file for - the build. + Map of environment variable name to its encrypted value. Secret + environment variables must be unique across all of a build's + secrets, and must be used by at least one build step. Values can be + at most 64 KB in size. There can be at most 100 secret values across + all of a build's secrets. + kmsKeyName: + description: Cloud KMS key name to use to decrypt these envs. type: string - enumDescriptions: - - Unspecified defaults to GSUTIL. - - Use the "gsutil" tool to download the source file. - - Use the Cloud Storage Fetcher tool to download the source file. - enum: - - SOURCE_FETCHER_UNSPECIFIED - - GSUTIL - - GCS_FETCHER - ContaineranalysisGoogleDevtoolsCloudbuildV1RepoSource: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1RepoSource - description: Location of the source in a Google Cloud Source Repository. + id: ContaineranalysisGoogleDevtoolsCloudbuildV1Secret + type: object + description: >- + Pairs a set of secret environment variables containing encrypted values + with the Cloud KMS key to use to decrypt the value. Note: Use + `kmsKeyName` with `available_secrets` instead of using `kmsKeyName` with + `secret`. For instructions see: + https://cloud.google.com/cloud-build/docs/securing-builds/use-encrypted-credentials. + Empty: + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + properties: {} + id: Empty + type: object + DSSEAttestationOccurrence: type: object + description: >- + Deprecated. Prefer to use a regular Occurrence, and populate the + Envelope at the top level of the Occurrence. + id: DSSEAttestationOccurrence properties: - projectId: + statement: + $ref: '#/components/schemas/InTotoStatement' + envelope: description: >- - Optional. ID of the project that owns the Cloud Source Repository. - If omitted, the project ID requesting the build is assumed. - type: string - repoName: - description: Required. Name of the Cloud Source Repository. - type: string - branchName: + If doing something security critical, make sure to verify the + signatures in this metadata. + $ref: '#/components/schemas/Envelope' + BuildOccurrence: + type: object + id: BuildOccurrence + description: Details of a build occurrence. + properties: + inTotoSlsaProvenanceV1: + $ref: '#/components/schemas/InTotoSlsaProvenanceV1' description: >- - Regex matching branches to build. The syntax of the regular - expressions accepted is the syntax accepted by RE2 and described at - https://github.com/google/re2/wiki/Syntax - type: string - tagName: + In-Toto Slsa Provenance V1 represents a slsa provenance meeting the + slsa spec, wrapped in an in-toto statement. This allows for direct + jsonification of a to-spec in-toto slsa statement with a to-spec + slsa provenance. + intotoStatement: + $ref: '#/components/schemas/InTotoStatement' description: >- - Regex matching tags to build. The syntax of the regular expressions - accepted is the syntax accepted by RE2 and described at - https://github.com/google/re2/wiki/Syntax - type: string - commitSha: - description: Explicit commit SHA to build. - type: string - dir: + In-toto Statement representation as defined in spec. The + intoto_statement can contain any type of provenance. The serialized + payload of the statement can be stored and signed in the + Occurrence's envelope. + intotoProvenance: + $ref: '#/components/schemas/InTotoProvenance' description: >- - Optional. Directory, relative to the source root, in which to run - the build. This must be a relative path. If a step's `dir` is - specified and is an absolute path, this value is ignored for that - step's execution. + Deprecated. See InTotoStatement for the replacement. In-toto + Provenance representation as defined in spec. + provenance: + $ref: '#/components/schemas/BuildProvenance' + description: The actual provenance for the build. + provenanceBytes: type: string - invertRegex: description: >- - Optional. Only trigger a build if the revision regex does NOT match - the revision regex. - type: boolean - substitutions: - description: >- - Optional. Substitutions to use in a triggered build. Should only be - used with RunBuildTrigger - type: object - additionalProperties: - type: string - ContaineranalysisGoogleDevtoolsCloudbuildV1GitSource: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1GitSource - description: Location of the source in any accessible Git repository. + Serialized JSON representation of the provenance, used in generating + the build signature in the corresponding build note. After verifying + the signature, `provenance_bytes` can be unmarshalled and compared + to the provenance to confirm that it is unchanged. A base64-encoded + string representation of the provenance bytes is used for the + signature in order to interoperate with openssl which expects this + format for signature verification. The serialized form is captured + both to avoid ambiguity in how the provenance is marshalled to json + as well to prevent incompatibilities with future changes. + ContaineranalysisGoogleDevtoolsCloudbuildV1Hash: + type: object + properties: + type: + enumDescriptions: + - No hash requested. + - Use a sha256 hash. + - Use a md5 hash. + - Dirhash of a Go module's source code which is then hex-encoded. + - Use a sha512 hash. + description: The type of hash that was performed. + enum: + - NONE + - SHA256 + - MD5 + - GO_MODULE_H1 + - SHA512 + type: string + value: + description: The hash value. + type: string + format: byte + id: ContaineranalysisGoogleDevtoolsCloudbuildV1Hash + description: Container message for hash values. + BuildMetadata: + id: BuildMetadata type: object properties: - url: - description: >- - Required. Location of the Git repo to build. This will be used as a - `git remote`, see https://git-scm.com/docs/git-remote. + finishedOn: type: string - dir: - description: >- - Optional. Directory, relative to the source root, in which to run - the build. This must be a relative path. If a step's `dir` is - specified and is an absolute path, this value is ignored for that - step's execution. + format: google-datetime + invocationId: type: string - revision: - description: >- - Optional. The revision to fetch from the Git repository such as a - branch, a tag, a commit SHA, or any Git ref. Cloud Build uses `git - fetch` to fetch the revision from the Git repository; therefore make - sure that the string you provide for `revision` is parsable by the - command. For information on string values accepted by `git fetch`, - see https://git-scm.com/docs/gitrevisions#_specifying_revisions. For - information on `git fetch`, see https://git-scm.com/docs/git-fetch. + startedOn: type: string - ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSourceManifest: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSourceManifest - description: >- - Location of the source manifest in Cloud Storage. This feature is in - Preview; see description - [here](https://github.com/GoogleCloudPlatform/cloud-builders/tree/master/gcs-fetcher). - type: object + format: google-datetime + ContaineranalysisGoogleDevtoolsCloudbuildV1BuildWarning: + description: A non-fatal problem encountered during the execution of the build. properties: - bucket: - description: >- - Required. Cloud Storage bucket containing the source manifest (see - [Bucket Name - Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). - type: string - object: - description: >- - Required. Cloud Storage object containing the source manifest. This - object must be a JSON file. + priority: type: string - generation: - description: >- - Cloud Storage generation for the object. If the generation is - omitted, the latest generation will be used. + enumDescriptions: + - Should not be used. + - e.g. deprecation warnings and alternative feature highlights. + - e.g. automated detection of possible issues with the build. + - e.g. alerts that a feature used in the build is pending removal + enum: + - PRIORITY_UNSPECIFIED + - INFO + - WARNING + - ALERT + description: The priority for this warning. + text: + description: Explanation of the warning generated. type: string - format: int64 - ContaineranalysisGoogleDevtoolsCloudbuildV1ConnectedRepository: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1ConnectedRepository - description: >- - Location of the source in a 2nd-gen Google Cloud Build repository - resource. type: object + id: ContaineranalysisGoogleDevtoolsCloudbuildV1BuildWarning + ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedGoModule: + id: ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedGoModule properties: - repository: - description: >- - Required. Name of the Google Cloud Build repository, formatted as - `projects/*/locations/*/connections/*/repositories/*`. - type: string - dir: - description: >- - Optional. Directory, relative to the source root, in which to run - the build. + uri: + description: URI of the uploaded artifact. type: string - revision: + pushTiming: + readOnly: true + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan description: >- - Required. The revision to fetch from the Git repository such as a - branch, a tag, a commit SHA, or any Git ref. + Output only. Stores timing information for pushing the specified + artifact. + fileHashes: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes + description: Hash types and values of the Go Module Artifact. + artifactRegistryPackage: type: string - ContaineranalysisGoogleDevtoolsCloudbuildV1DeveloperConnectConfig: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1DeveloperConnectConfig - description: This config defines the location of a source through Developer Connect. + description: Output only. Path to the artifact in Artifact Registry. + readOnly: true + description: >- + A Go module artifact uploaded to Artifact Registry using the GoModule + directive. + type: object + ContaineranalysisGoogleDevtoolsCloudbuildV1InlineSecret: type: object + id: ContaineranalysisGoogleDevtoolsCloudbuildV1InlineSecret + description: >- + Pairs a set of secret environment variables mapped to encrypted values + with the Cloud KMS key to use to decrypt the value. properties: - gitRepositoryLink: - description: >- - Required. The Developer Connect Git repository link, formatted as - `projects/*/locations/*/connections/*/gitRepositoryLink/*`. - type: string - dir: + envMap: + type: object description: >- - Required. Directory, relative to the source root, in which to run - the build. - type: string - revision: + Map of environment variable name to its encrypted value. Secret + environment variables must be unique across all of a build's + secrets, and must be used by at least one build step. Values can be + at most 64 KB in size. There can be at most 100 secret values across + all of a build's secrets. + additionalProperties: + format: byte + type: string + kmsKeyName: description: >- - Required. The revision to fetch from the Git repository such as a - branch, a tag, a commit SHA, or any Git ref. + Resource name of Cloud KMS crypto key to decrypt the encrypted + value. In format: projects/*/locations/*/keyRings/*/cryptoKeys/* type: string - ContaineranalysisGoogleDevtoolsCloudbuildV1Results: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1Results - description: Artifacts created by the build pipeline. + ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsPythonPackage: + description: >- + Python package to upload to Artifact Registry upon successful completion + of all build steps. A package can encapsulate multiple objects to be + uploaded to a single repository. + id: ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsPythonPackage type: object properties: - images: - description: Container images that were built as a part of the build. - type: array - items: - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1BuiltImage - buildStepImages: + paths: description: >- - List of build step digests, in the order corresponding to build step - indices. + Path globs used to match files in the build's workspace. For Python/ + Twine, this is usually `dist/*`, and sometimes additionally an + `.asc` file. type: array items: type: string - artifactManifest: - description: >- - Path to the artifact manifest for non-container artifacts uploaded - to Cloud Storage. Only populated when artifacts are uploaded to - Cloud Storage. + repository: type: string - numArtifacts: description: >- - Number of non-container artifacts uploaded to Cloud Storage. Only - populated when artifacts are uploaded to Cloud Storage. + Artifact Registry repository, in the form + "https://$REGION-python.pkg.dev/$PROJECT/$REPOSITORY" Files in the + workspace matching any path pattern will be uploaded to Artifact + Registry with this location as a prefix. + CloudRepoSourceContext: + id: CloudRepoSourceContext + description: >- + A CloudRepoSourceContext denotes a particular revision in a Google Cloud + Source Repo. + type: object + properties: + repoId: + description: The ID of the repo. + $ref: '#/components/schemas/RepoId' + revisionId: + description: A revision ID. type: string - format: int64 - buildStepOutputs: - description: >- - List of build step outputs, produced by builder images, in the order - corresponding to build step indices. [Cloud - Builders](https://cloud.google.com/cloud-build/docs/cloud-builders) - can produce this output by writing to `$BUILDER_OUTPUT/output`. Only - the first 50KB of data is stored. Note that the `$BUILDER_OUTPUT` - variable is read-only and can't be substituted. - type: array - items: - type: string - format: byte - artifactTiming: - description: Time to push all non-container artifacts to Cloud Storage. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan + aliasContext: + description: An alias, which may be a branch or tag. + $ref: '#/components/schemas/AliasContext' + ContaineranalysisGoogleDevtoolsCloudbuildV1Artifacts: + description: >- + Artifacts produced by a build that should be uploaded upon successful + completion of all build steps. + properties: pythonPackages: - description: >- - Python artifacts uploaded to Artifact Registry at the end of the - build. type: array items: $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedPythonPackage - mavenArtifacts: + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsPythonPackage description: >- - Maven artifacts uploaded to Artifact Registry at the end of the - build. + A list of Python packages to be uploaded to Artifact Registry upon + successful completion of all build steps. The build service account + credentials will be used to perform the upload. If any objects fail + to be pushed, the build is marked FAILURE. + mavenArtifacts: type: array + description: >- + A list of Maven artifacts to be uploaded to Artifact Registry upon + successful completion of all build steps. Artifacts in the workspace + matching specified paths globs will be uploaded to the specified + Artifact Registry repository using the builder service account's + credentials. If any artifacts fail to be pushed, the build is marked + FAILURE. items: $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedMavenArtifact - goModules: - description: >- - Optional. Go module artifacts uploaded to Artifact Registry at the - end of the build. + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsMavenArtifact + npmPackages: + items: + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsNpmPackage type: array + description: >- + A list of npm packages to be uploaded to Artifact Registry upon + successful completion of all build steps. Npm packages in the + specified paths will be uploaded to the specified Artifact Registry + repository using the builder service account's credentials. If any + packages fail to be pushed, the build is marked FAILURE. + objects: + description: >- + A list of objects to be uploaded to Cloud Storage upon successful + completion of all build steps. Files in the workspace matching + specified paths globs will be uploaded to the specified Cloud + Storage location using the builder service account's credentials. + The location and generation of the uploaded objects will be stored + in the Build resource's results field. If any objects fail to be + pushed, the build is marked FAILURE. + $ref: >- + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsArtifactObjects + goModules: items: $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedGoModule - npmPackages: - description: Npm packages uploaded to Artifact Registry at the end of the build. + #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsGoModule + type: array + description: >- + Optional. A list of Go modules to be uploaded to Artifact Registry + upon successful completion of all build steps. If any objects fail + to be pushed, the build is marked FAILURE. + images: + description: >- + A list of images to be pushed upon the successful completion of all + build steps. The images will be pushed using the builder service + account's credentials. The digests of the pushed images will be + stored in the Build resource's results field. If any of the images + fail to be pushed, the build is marked FAILURE. type: array items: - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedNpmPackage - ContaineranalysisGoogleDevtoolsCloudbuildV1BuiltImage: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1BuiltImage - description: An image built by the pipeline. + type: string type: object + id: ContaineranalysisGoogleDevtoolsCloudbuildV1Artifacts + ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedMavenArtifact: + description: A Maven artifact uploaded using the MavenArtifact directive. properties: - name: - description: >- - Name used to push the container image to Google Container Registry, - as presented to `docker push`. - type: string - digest: - description: Docker Registry 2.0 digest. - type: string pushTiming: - description: >- - Output only. Stores timing information for pushing the specified - image. readOnly: true $ref: >- #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan - ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedPythonPackage: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedPythonPackage - description: Artifact uploaded using the PythonPackage directive. - type: object - properties: - uri: - description: URI of the uploaded artifact. - type: string - fileHashes: - description: Hash types and values of the Python Artifact. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes - pushTiming: description: >- Output only. Stores timing information for pushing the specified artifact. + artifactRegistryPackage: + description: Output only. Path to the artifact in Artifact Registry. readOnly: true - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan - ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes - description: >- - Container message for hashes of byte content of files, used in - SourceProvenance messages to verify integrity of source input to the - build. - type: object - properties: - fileHash: - description: Collection of file hashes. - type: array - items: - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Hash - ContaineranalysisGoogleDevtoolsCloudbuildV1Hash: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1Hash - description: Container message for hash values. - type: object - properties: - type: - description: The type of hash that was performed. - type: string - enumDescriptions: - - No hash requested. - - Use a sha256 hash. - - Use a md5 hash. - - Dirhash of a Go module's source code which is then hex-encoded. - - Use a sha512 hash. - enum: - - NONE - - SHA256 - - MD5 - - GO_MODULE_H1 - - SHA512 - value: - description: The hash value. type: string - format: byte - ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedMavenArtifact: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedMavenArtifact - description: A Maven artifact uploaded using the MavenArtifact directive. - type: object - properties: uri: description: URI of the uploaded artifact. type: string fileHashes: - description: Hash types and values of the Maven Artifact. $ref: >- #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes - pushTiming: - description: >- - Output only. Stores timing information for pushing the specified - artifact. - readOnly: true - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan - ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedGoModule: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedGoModule - description: >- - A Go module artifact uploaded to Artifact Registry using the GoModule - directive. + description: Hash types and values of the Maven Artifact. + type: object + id: ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedMavenArtifact + Publisher: + id: Publisher + description: Publisher contains information about the publisher of this Note. type: object properties: - uri: - description: URI of the uploaded artifact. + name: type: string - fileHashes: - description: Hash types and values of the Go Module Artifact. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes - pushTiming: + description: 'Name of the publisher. Examples: ''Google'', ''Google Cloud Platform''.' + issuingAuthority: description: >- - Output only. Stores timing information for pushing the specified - artifact. - readOnly: true - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan - ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedNpmPackage: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedNpmPackage - description: >- - An npm package uploaded to Artifact Registry using the NpmPackage - directive. - type: object - properties: - uri: - description: URI of the uploaded npm package. + Provides information about the authority of the issuing party to + release the document, in particular, the party's constituency and + responsibilities or other obligations. + type: string + publisherNamespace: type: string - fileHashes: - description: Hash types and values of the npm package. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes - pushTiming: description: >- - Output only. Stores timing information for pushing the specified - artifact. - readOnly: true - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan - ContaineranalysisGoogleDevtoolsCloudbuildV1Artifacts: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1Artifacts - description: >- - Artifacts produced by a build that should be uploaded upon successful - completion of all build steps. + The context or namespace. Contains a URL which is under control of + the issuing party and can be used as a globally unique identifier + for that issuing party. Example: https://csaf.io + VulnerabilityNote: + id: VulnerabilityNote type: object properties: - images: - description: >- - A list of images to be pushed upon the successful completion of all - build steps. The images will be pushed using the builder service - account's credentials. The digests of the pushed images will be - stored in the Build resource's results field. If any of the images - fail to be pushed, the build is marked FAILURE. + severity: + description: The note provider assigned severity of this vulnerability. + enumDescriptions: + - Unknown. + - Minimal severity. + - Low severity. + - Medium severity. + - High severity. + - Critical severity. + type: string + enum: + - SEVERITY_UNSPECIFIED + - MINIMAL + - LOW + - MEDIUM + - HIGH + - CRITICAL + details: type: array items: - type: string - objects: + $ref: '#/components/schemas/Detail' description: >- - A list of objects to be uploaded to Cloud Storage upon successful - completion of all build steps. Files in the workspace matching - specified paths globs will be uploaded to the specified Cloud - Storage location using the builder service account's credentials. - The location and generation of the uploaded objects will be stored - in the Build resource's results field. If any objects fail to be - pushed, the build is marked FAILURE. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsArtifactObjects - mavenArtifacts: + Details of all known distros and packages affected by this + vulnerability. + cvssScore: description: >- - A list of Maven artifacts to be uploaded to Artifact Registry upon - successful completion of all build steps. Artifacts in the workspace - matching specified paths globs will be uploaded to the specified - Artifact Registry repository using the builder service account's - credentials. If any artifacts fail to be pushed, the build is marked - FAILURE. + The CVSS score of this vulnerability. CVSS score is on a scale of 0 + - 10 where 0 indicates low severity and 10 indicates high severity. + format: float + type: number + cvssVersion: + description: CVSS version used to populate cvss_score and severity. + type: string + enumDescriptions: + - '' + - '' + - '' + enum: + - CVSS_VERSION_UNSPECIFIED + - CVSS_VERSION_2 + - CVSS_VERSION_3 + windowsDetails: type: array items: - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsMavenArtifact - goModules: + $ref: '#/components/schemas/WindowsDetail' + description: >- + Windows details get their own format because the information format + and model don't match a normal detail. Specifically Windows updates + are done as patches, thus Windows vulnerabilities really are a + missing package, rather than a package being at an incorrect + version. + sourceUpdateTime: + format: google-datetime + type: string + description: >- + The time this information was last changed at the source. This is an + upstream timestamp from the underlying information source - e.g. + Ubuntu security tracker. + cvssV2: + description: The full description of the v2 CVSS for this vulnerability. + $ref: '#/components/schemas/CVSS' + cvssV3: + $ref: '#/components/schemas/CVSSv3' + description: The full description of the CVSSv3 for this vulnerability. + description: A security vulnerability that can be found in resources. + GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSource: + properties: + entryPoint: + type: string + uri: + type: string + digest: + additionalProperties: + type: string + type: object + type: object + description: >- + Describes where the config file that kicked off the build came from. + This is effectively a pointer to the source where buildConfig came from. + id: GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSource + Assessment: + id: Assessment + properties: + remediations: description: >- - Optional. A list of Go modules to be uploaded to Artifact Registry - upon successful completion of all build steps. If any objects fail - to be pushed, the build is marked FAILURE. + Specifies details on how to handle (and presumably, fix) a + vulnerability. type: array items: - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsGoModule - pythonPackages: + $ref: '#/components/schemas/Remediation' + cve: + type: string description: >- - A list of Python packages to be uploaded to Artifact Registry upon - successful completion of all build steps. The build service account - credentials will be used to perform the upload. If any objects fail - to be pushed, the build is marked FAILURE. + Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) + tracking number for the vulnerability. Deprecated: Use + vulnerability_id instead to denote CVEs. + deprecated: true + longDescription: + description: A detailed description of this Vex. + type: string + state: + enum: + - STATE_UNSPECIFIED + - AFFECTED + - NOT_AFFECTED + - FIXED + - UNDER_INVESTIGATION + description: Provides the state of this Vulnerability assessment. + type: string + enumDescriptions: + - No state is specified. + - This product is known to be affected by this vulnerability. + - This product is known to be not affected by this vulnerability. + - This product contains a fix for this vulnerability. + - >- + It is not known yet whether these versions are or are not affected + by the vulnerability. However, it is still under investigation. + relatedUris: type: array - items: - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsPythonPackage - npmPackages: description: >- - A list of npm packages to be uploaded to Artifact Registry upon - successful completion of all build steps. Npm packages in the - specified paths will be uploaded to the specified Artifact Registry - repository using the builder service account's credentials. If any - packages fail to be pushed, the build is marked FAILURE. - type: array + Holds a list of references associated with this vulnerability item + and assessment. These uris have additional information about the + vulnerability and the assessment itself. E.g. Link to a document + which details how this assessment concluded the state of this + vulnerability. items: - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsNpmPackage - ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsArtifactObjects: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsArtifactObjects - description: >- - Files in the workspace to upload to Cloud Storage upon successful - completion of all build steps. - type: object - properties: - location: - description: >- - Cloud Storage bucket and optional object path, in the form - "gs://bucket/path/to/somewhere/". (see [Bucket Name - Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). - Files in the workspace matching any path pattern will be uploaded to - Cloud Storage with this location as a prefix. + $ref: '#/components/schemas/RelatedUrl' + shortDescription: + description: A one sentence description of this Vex. type: string - paths: - description: Path globs used to match files in the build's workspace. + impacts: type: array items: type: string - timing: description: >- - Output only. Stores timing information for pushing all artifact - objects. - readOnly: true - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan - ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsMavenArtifact: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsMavenArtifact - description: >- - A Maven artifact to upload to Artifact Registry upon successful - completion of all build steps. - type: object - properties: - repository: + Contains information about the impact of this vulnerability, this + will change with time. + vulnerabilityId: description: >- - Artifact Registry repository, in the form - "https://$REGION-maven.pkg.dev/$PROJECT/$REPOSITORY" Artifact in the - workspace specified by path will be uploaded to Artifact Registry - with this location as a prefix. + The vulnerability identifier for this Assessment. Will hold one of + common identifiers e.g. CVE, GHSA etc. type: string - path: + justification: + $ref: '#/components/schemas/Justification' description: >- - Optional. Path to an artifact in the build's workspace to be - uploaded to Artifact Registry. This can be either an absolute path, - e.g. /workspace/my-app/target/my-app-1.0.SNAPSHOT.jar or a relative - path from /workspace, e.g. my-app/target/my-app-1.0.SNAPSHOT.jar. + Justification provides the justification when the state of the + assessment if NOT_AFFECTED. + type: object + description: >- + Assessment provides all information that is related to a single + vulnerability for this product. + SlsaBuilder: + type: object + properties: + id: type: string - artifactId: - description: >- - Maven `artifactId` value used when uploading the artifact to - Artifact Registry. + id: SlsaBuilder + StepResult: + type: object + properties: + attestationType: type: string - groupId: - description: >- - Maven `groupId` value used when uploading the artifact to Artifact - Registry. + attestationContentName: type: string - version: - description: >- - Maven `version` value used when uploading the artifact to Artifact - Registry. + name: type: string - ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsGoModule: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsGoModule - description: >- - Go module to upload to Artifact Registry upon successful completion of - all build steps. A module refers to all dependencies in a go.mod file. + description: StepResult is the declaration of a result for a build step. + id: StepResult + Digest: + description: Digest information. type: object + id: Digest properties: - repositoryName: - description: >- - Optional. Artifact Registry repository name. Specified Go modules - will be zipped and uploaded to Artifact Registry with this location - as a prefix. e.g. my-go-repo + algo: + description: '`SHA1`, `SHA512` etc.' type: string - repositoryLocation: - description: >- - Optional. Location of the Artifact Registry repository. i.e. - us-east1 Defaults to the build’s location. + digestBytes: type: string - repositoryProjectId: - description: >- - Optional. Project ID of the Artifact Registry repository. Defaults - to the build project. + description: Value of the digest. + format: byte + CISAKnownExploitedVulnerabilities: + type: object + id: CISAKnownExploitedVulnerabilities + properties: + knownRansomwareCampaignUse: type: string - sourcePath: description: >- - Optional. Source path of the go.mod file in the build's workspace. - If not specified, this will default to the current directory. e.g. - ~/code/go/mypackage - type: string - modulePath: - description: Optional. The Go module's "module path". e.g. example.com/foo/v2 - type: string - moduleVersion: + Whether the vulnerability is known to have been leveraged as part of + a ransomware campaign. + UpgradeNote: + properties: + version: description: >- - Optional. The Go module's semantic version in the form vX.Y.Z. e.g. - v0.1.1 Pre-release identifiers can also be added by appending a dash - and dot separated ASCII alphanumeric characters and hyphens. e.g. - v0.2.3-alpha.x.12m.5 + Required for non-Windows OS. The version of the package in machine + + human readable form. + $ref: '#/components/schemas/Version' + windowsUpdate: + $ref: '#/components/schemas/WindowsUpdate' + description: >- + Required for Windows OS. Represents the metadata about the Windows + update. + package: type: string - ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsPythonPackage: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsPythonPackage + description: Required for non-Windows OS. The package this Upgrade is for. + distributions: + items: + $ref: '#/components/schemas/UpgradeDistribution' + type: array + description: Metadata about the upgrade for each specific operating system. + type: object description: >- - Python package to upload to Artifact Registry upon successful completion - of all build steps. A package can encapsulate multiple objects to be - uploaded to a single repository. + An Upgrade Note represents a potential upgrade of a package to a given + version. For each package version combination (i.e. bash 4.0, bash 4.1, + bash 4.1.2), there will be an Upgrade Note. For Windows, windows_update + field represents the information related to the update. + id: UpgradeNote + TestIamPermissionsResponse: type: object + description: Response message for `TestIamPermissions` method. properties: - repository: + permissions: + items: + type: string description: >- - Artifact Registry repository, in the form - "https://$REGION-python.pkg.dev/$PROJECT/$REPOSITORY" Files in the - workspace matching any path pattern will be uploaded to Artifact - Registry with this location as a prefix. + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + type: array + id: TestIamPermissionsResponse + ComplianceOccurrence: + description: >- + An indication that the compliance checks in the associated + ComplianceNote were not satisfied for particular resources or a + specified reason. + type: object + id: ComplianceOccurrence + properties: + version: + description: The OS and config version the benchmark was run on. + $ref: '#/components/schemas/ComplianceVersion' + nonCompliantFiles: + items: + $ref: '#/components/schemas/NonCompliantFile' + type: array + nonComplianceReason: + type: string + BuildProvenance: + properties: + builderVersion: + type: string + description: Version string of the builder at the time this build was executed. + creator: type: string - paths: description: >- - Path globs used to match files in the build's workspace. For Python/ - Twine, this is usually `dist/*`, and sometimes additionally an - `.asc` file. + E-mail address of the user who initiated this build. Note that this + was the user's e-mail address at the time the build was initiated; + this address may not represent the same end-user for all time. + createTime: + type: string + format: google-datetime + description: Time at which the build was created. + builtArtifacts: type: array + description: Output of the build. + items: + $ref: '#/components/schemas/Artifact' + commands: items: + $ref: '#/components/schemas/Command' + description: Commands requested by the build. + type: array + id: + description: Required. Unique identifier of the build. + type: string + buildOptions: + additionalProperties: type: string - ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsNpmPackage: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsNpmPackage - description: >- - Npm package to upload to Artifact Registry upon successful completion of - all build steps. - type: object - properties: - repository: + type: object description: >- - Artifact Registry repository, in the form - "https://$REGION-npm.pkg.dev/$PROJECT/$REPOSITORY" Npm package in - the workspace specified by path will be zipped and uploaded to - Artifact Registry with this location as a prefix. + Special options applied to this build. This is a catch-all field + where build providers can enter any desired additional details. + endTime: type: string - packagePath: - description: Path to the package.json. e.g. workspace/path/to/package + description: Time at which execution of the build was finished. + format: google-datetime + triggerId: + description: >- + Trigger identifier if the build was triggered automatically; empty + if not. type: string - ContaineranalysisGoogleDevtoolsCloudbuildV1SourceProvenance: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1SourceProvenance + projectId: + description: ID of the project. + type: string + startTime: + type: string + description: Time at which execution of the build was started. + format: google-datetime + logsUri: + type: string + description: URI where any logs for this provenance were written. + sourceProvenance: + description: Details of the Source input to the build. + $ref: '#/components/schemas/Source' + type: object description: >- - Provenance of the source. Ways to find the original source, or verify - that some source was used for this build. + Provenance of a build. Contains all information needed to verify the + full details about the build from source to completion. + id: BuildProvenance + SecretLocation: + properties: + fileLocation: + $ref: '#/components/schemas/GrafeasV1FileLocation' + description: The secret is found from a file. + description: The location of the secret. type: object + id: SecretLocation + BuildStep: properties: - resolvedStorageSource: + exitCode: + type: integer + format: int32 + description: Output only. Return code from running the step. + timing: description: >- - A copy of the build's `source.storage_source`, if exists, with any - generations resolved. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSource - resolvedRepoSource: + Output only. Stores timing information for executing this build + step. + $ref: '#/components/schemas/TimeSpan' + allowExitCodes: + items: + format: int32 + type: integer + type: array description: >- - A copy of the build's `source.repo_source`, if exists, with any - revisions resolved. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1RepoSource - resolvedStorageSourceManifest: + Allow this build step to fail without failing the entire build if + and only if the exit code is one of the specified codes. If + allow_failure is also specified, this field will take precedence. + entrypoint: + type: string description: >- - A copy of the build's `source.storage_source_manifest`, if exists, - with any revisions resolved. This feature is in Preview. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSourceManifest - resolvedConnectedRepository: + Entrypoint to be used instead of the build step image's default + entrypoint. If unset, the image's default entrypoint is used. + args: + items: + type: string description: >- - Output only. A copy of the build's `source.connected_repository`, if - exists, with any revisions resolved. - readOnly: true - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ConnectedRepository - resolvedGitSource: + A list of arguments that will be presented to the step when it is + started. If the image used to run the step's container has an + entrypoint, the `args` are used as arguments to that entrypoint. If + the image does not define an entrypoint, the first element in args + is used as the entrypoint, and the remainder will be used as + arguments. + type: array + automapSubstitutions: + type: boolean description: >- - Output only. A copy of the build's `source.git_source`, if exists, - with any revisions resolved. - readOnly: true - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1GitSource - fileHashes: + Option to include built-in and custom substitutions as env variables + for this build step. This option will override the global option in + BuildOption. + remoteConfig: + description: Remote configuration for the build step. + type: string + id: description: >- - Output only. Hash(es) of the build source, which can be used to - verify that the original source integrity was maintained in the - build. Note that `FileHashes` will only be populated if - `BuildOptions` has requested a `SourceProvenanceHash`. The keys to - this map are file paths used as build source and the values contain - the hash values for those files. If the build source came in a - single package such as a gzipped tarfile (`.tar.gz`), the `FileHash` - will be for the single path to that file. - readOnly: true - type: object - additionalProperties: - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes - ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptions: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptions - description: Optional arguments to enable specific features of builds. - type: object - properties: - sourceProvenanceHash: - description: Requested hash for SourceProvenance. - type: array - items: - type: string - enumDescriptions: - - No hash requested. - - Use a sha256 hash. - - Use a md5 hash. - - Dirhash of a Go module's source code which is then hex-encoded. - - Use a sha512 hash. - enum: - - NONE - - SHA256 - - MD5 - - GO_MODULE_H1 - - SHA512 - requestedVerifyOption: - description: Requested verifiability options. + Unique identifier for this build step, used in `wait_for` to + reference this build step as a dependency. type: string - enumDescriptions: - - Not a verifiable build (the default). - - Build must be verified. - enum: - - NOT_VERIFIED - - VERIFIED - machineType: - description: Compute Engine machine type on which to run the build. + allowFailure: + description: >- + Allow this build step to fail without failing the entire build. If + false, the entire build will fail if this step fails. Otherwise, the + build will succeed, but this step will still have a failure status. + Error information will be reported in the failure_detail field. + type: boolean + status: type: string + description: >- + Output only. Status of the build step. At this time, build step + status is only updated on build completion; step status is not + updated in real-time as the build progresses. enumDescriptions: - - Standard machine type. - - Highcpu machine with 8 CPUs. - - Highcpu machine with 32 CPUs. - - Highcpu e2 machine with 8 CPUs. - - Highcpu e2 machine with 32 CPUs. - - E2 machine with 1 CPU. - enumDeprecated: - - false - - true - - true - - false - - false - - false + - Status of the build is unknown. + - >- + Build has been created and is pending execution and queuing. It + has not been queued. + - Build has been received and is being queued. + - Build or step is queued; work has not yet begun. + - Build or step is being executed. + - Build or step finished successfully. + - Build or step failed to complete successfully. + - Build or step failed due to an internal cause. + - Build or step took longer than was allowed. + - Build or step was canceled by a user. + - Build was enqueued for longer than the value of `queue_ttl`. enum: - - UNSPECIFIED - - N1_HIGHCPU_8 - - N1_HIGHCPU_32 - - E2_HIGHCPU_8 - - E2_HIGHCPU_32 - - E2_MEDIUM - diskSizeGb: + - STATUS_UNKNOWN + - PENDING + - QUEUING + - QUEUED + - WORKING + - SUCCESS + - FAILURE + - INTERNAL_ERROR + - TIMEOUT + - CANCELLED + - EXPIRED + env: + items: + type: string + type: array + description: >- + A list of environment variable definitions to be used when running a + step. The elements are of the form "KEY=VALUE" for the environment + variable "KEY" being given the value "VALUE". + name: description: >- - Requested disk size for the VM that runs the build. Note that this - is *NOT* "disk free"; some of the space will be used by the - operating system and build utilities. Also note that this is the - minimum disk size that will be allocated for the build -- the build - may run with a larger disk than requested. At present, the maximum - disk size is 4000GB; builds that request more than the maximum are - rejected with an error. + Required. The name of the container image that will run this + particular build step. If the image is available in the host's + Docker daemon's cache, it will be run directly. If not, the host + will attempt to pull the image first, using the builder service + account's credentials if necessary. The Docker daemon's cache will + already have the latest versions of all of the officially supported + build steps + ([https://github.com/GoogleCloudPlatform/cloud-builders](https://github.com/GoogleCloudPlatform/cloud-builders)). + The Docker daemon will also have cached many of the layers for some + popular images, like "ubuntu", "debian", but they will be refreshed + at the time you attempt to use them. If you built an image in a + previous build step, it will be stored in the host's Docker daemon's + cache and is available to use as the name for a later build step. type: string - format: int64 - substitutionOption: - description: >- - Option to specify behavior when there is an error in the - substitution checks. NOTE: this is always set to ALLOW_LOOSE for - triggered builds and cannot be overridden in the build configuration - file. + timeout: type: string - enumDescriptions: - - >- - Fails the build if error in substitutions checks, like missing a - substitution in the template or in the map. - - Do not fail the build if error in substitutions checks. - enum: - - MUST_MATCH - - ALLOW_LOOSE - dynamicSubstitutions: + format: google-duration description: >- - Option to specify whether or not to apply bash style string - operations to the substitutions. NOTE: this is always enabled for - triggered builds and cannot be overridden in the build configuration - file. - type: boolean - automapSubstitutions: + Time limit for executing this build step. If not defined, the step + has no time limit and will be allowed to continue to run until + either it completes or the build itself times out. + pullTiming: description: >- - Option to include built-in and custom substitutions as env variables - for all build steps. - type: boolean - logStreamingOption: - description: Option to define build log streaming behavior to Cloud Storage. + Output only. Stores timing information for pulling this build step's + builder image only. + $ref: '#/components/schemas/TimeSpan' + waitFor: + items: + type: string + type: array + description: >- + The ID(s) of the step(s) that this build step depends on. This build + step will not start until all the build steps in `wait_for` have + completed successfully. If `wait_for` is empty, this build step will + start when all previous build steps in the `Build.Steps` list have + completed successfully. + results: + type: array + items: + $ref: '#/components/schemas/StepResult' + dir: + description: >- + Working directory to use when running this step's container. If this + value is a relative path, it is relative to the build's working + directory. If this value is absolute, it may be outside the build's + working directory, in which case the contents of the path may not be + persisted across build step executions, unless a `volume` for that + path is specified. If the build specifies a `RepoSource` with `dir` + and a step with a `dir`, which specifies an absolute path, the + `RepoSource` `dir` is ignored for the step's execution. type: string - enumDescriptions: - - Service may automatically determine build log streaming behavior. - - Build logs should be streamed to Cloud Storage. - - >- - Build logs should not be streamed to Cloud Storage; they will be - written when the build is completed. - enum: - - STREAM_DEFAULT - - STREAM_ON - - STREAM_OFF - workerPool: - description: This field deprecated; please use `pool.name` instead. - deprecated: true + script: type: string - pool: description: >- - Optional. Specification for execution on a `WorkerPool`. See - [running builds in a private - pool](https://cloud.google.com/build/docs/private-pools/run-builds-in-private-pool) - for more information. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptionsPoolOption - logging: + A shell script to be executed in the step. When script is provided, + the user cannot specify the entrypoint or args. + volumes: description: >- - Option to specify the logging mode, which determines if and where - build logs are stored. - type: string - enumDescriptions: - - >- - The service determines the logging mode. The default is `LEGACY`. - Do not rely on the default logging behavior as it may change in - the future. - - Build logs are stored in Cloud Logging and Cloud Storage. - - Build logs are stored in Cloud Storage. - - This option is the same as CLOUD_LOGGING_ONLY. - - >- - Build logs are stored in Cloud Logging. Selecting this option will - not allow [logs - streaming](https://cloud.google.com/sdk/gcloud/reference/builds/log). - - Turn off all logging. No build logs will be captured. - enumDeprecated: - - false - - false - - false - - true - - false - - false - enum: - - LOGGING_UNSPECIFIED - - LEGACY - - GCS_ONLY - - STACKDRIVER_ONLY - - CLOUD_LOGGING_ONLY - - NONE - env: + List of volumes to mount into the build step. Each volume is created + as an empty volume prior to execution of the build step. Upon + completion of the build, volumes and their contents are discarded. + Using a named volume in only one step is not valid as it is + indicative of a build request with an incorrect configuration. + items: + $ref: '#/components/schemas/Volume' + type: array + secretEnv: description: >- - A list of global environment variable definitions that will exist - for all build steps in this build. If a variable is defined in both - globally and in a build step, the variable will use the build step - value. The elements are of the form "KEY=VALUE" for the environment - variable "KEY" being given the value "VALUE". + A list of environment variables which are encrypted using a Cloud + Key Management Service crypto key. These values must be specified in + the build's `Secret`. type: array items: type: string - secretEnv: + id: BuildStep + type: object + description: 'A step in the build pipeline. Next ID: 23' + SbomReferenceIntotoPayload: + properties: + subject: + items: + $ref: '#/components/schemas/Subject' + type: array + description: >- + Set of software artifacts that the attestation applies to. Each + element represents a single software artifact. + predicate: + description: >- + Additional parameters of the Predicate. Includes the actual data + about the SBOM. + $ref: '#/components/schemas/SbomReferenceIntotoPredicate' + _type: + description: Identifier for the schema of the Statement. + type: string + predicateType: + type: string + description: URI identifying the type of the Predicate. + description: >- + The actual payload that contains the SBOM Reference data. The payload + follows the intoto statement specification. See + https://github.com/in-toto/attestation/blob/main/spec/v1.0/statement.md + for more details. + type: object + id: SbomReferenceIntotoPayload + UpgradeOccurrence: + properties: + package: + description: Required for non-Windows OS. The package this Upgrade is for. + type: string + windowsUpdate: + $ref: '#/components/schemas/WindowsUpdate' + description: >- + Required for Windows OS. Represents the metadata about the Windows + update. + distribution: + $ref: '#/components/schemas/UpgradeDistribution' + description: >- + Metadata about the upgrade for available for the specific operating + system for the resource_url. This allows efficient filtering, as + well as making it easier to use the occurrence. + parsedVersion: + $ref: '#/components/schemas/Version' + description: >- + Required for non-Windows OS. The version of the package in a machine + + human readable form. + description: >- + An Upgrade Occurrence represents that a specific resource_url could + install a specific upgrade. This presence is supplied via local sources + (i.e. it is present in the mirror and the running system has noticed its + availability). For Windows, both distribution and windows_update contain + information for the Windows update. + type: object + id: UpgradeOccurrence + Signature: + properties: + publicKeyId: + description: >- + The identifier for the public key that verifies this signature. * + The `public_key_id` is required. * The `public_key_id` SHOULD be an + RFC3986 conformant URI. * When possible, the `public_key_id` SHOULD + be an immutable reference, such as a cryptographic digest. Examples + of valid `public_key_id`s: OpenPGP V4 public key fingerprint: * + "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See + https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for + more details on this scheme. RFC6920 digest-named + SubjectPublicKeyInfo (digest of the DER serialization): * + "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" * + "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" + type: string + signature: + type: string + description: >- + The content of the signature, an opaque bytestring. The payload that + this signature verifies MUST be unambiguously provided with the + Signature during verification. A wrapper message might provide the + payload explicitly. Alternatively, a message might have a canonical + serialization that can always be unambiguously computed to derive + the payload. + format: byte + id: Signature + description: >- + Verifiers (e.g. Kritis implementations) MUST verify signatures with + respect to the trust anchors defined in policy (e.g. a Kritis policy). + Typically this means that the verifier has been configured with a map + from `public_key_id` to public key material (and any required + parameters, e.g. signing algorithm). In particular, verification + implementations MUST NOT treat the signature `public_key_id` as anything + more than a key lookup hint. The `public_key_id` DOES NOT validate or + authenticate a public key; it only provides a mechanism for quickly + selecting a public key ALREADY CONFIGURED on the verifier through a + trusted channel. Verification implementations MUST reject signatures in + any of the following circumstances: * The `public_key_id` is not + recognized by the verifier. * The public key that `public_key_id` refers + to does not verify the signature with respect to the payload. The + `signature` contents SHOULD NOT be "attached" (where the payload is + included with the serialized `signature` bytes). Verifiers MUST ignore + any "attached" payload and only verify signatures with respect to + explicitly provided payload (e.g. a `payload` field on the proto message + that holds this Signature, or the canonical serialization of the proto + message that holds this signature). + type: object + AttestationNote: + id: AttestationNote + type: object + properties: + hint: + $ref: '#/components/schemas/Hint' + description: Hint hints at the purpose of the attestation authority. + description: >- + Note kind that represents a logical attestation "role" or "authority". + For example, an organization might have one `Authority` for "QA" and one + for "build". This note is intended to act strictly as a grouping + mechanism for the attached occurrences (Attestations). This grouping + mechanism also provides a security boundary, since IAM ACLs gate the + ability for a principle to attach an occurrence to a given note. It also + provides a single point of lookup to find all attached attestation + occurrences, even if they don't all live in the same project. + Occurrence: + description: An instance of an analysis type that has been found on a resource. + properties: + package: + $ref: '#/components/schemas/PackageOccurrence' + description: Describes the installation of a package on the linked resource. + name: + type: string description: >- - A list of global environment variables, which are encrypted using a - Cloud Key Management Service crypto key. These values must be - specified in the build's `Secret`. These variables will be available - to all build steps in this build. - type: array - items: - type: string - volumes: + Output only. The name of the occurrence in the form of + `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`. + upgrade: + description: Describes an available package upgrade on the linked resource. + $ref: '#/components/schemas/UpgradeOccurrence' + image: + $ref: '#/components/schemas/ImageOccurrence' description: >- - Global list of volumes to mount for ALL build steps Each volume is - created as an empty volume prior to starting the build process. Upon - completion of the build, volumes and their contents are discarded. - Global volume names and paths cannot conflict with the volumes - defined a build step. Using a global volume in a build with only one - step is not valid as it is indicative of a build request with an - incorrect configuration. - type: array - items: - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1Volume - defaultLogsBucketBehavior: - description: Optional. Option to specify how default logs buckets are setup. + Describes how this resource derives from the basis in the associated + note. + build: + description: Describes a verifiable build. + $ref: '#/components/schemas/BuildOccurrence' + remediation: + description: A description of actions that can be taken to remedy the note. type: string + attestation: + $ref: '#/components/schemas/AttestationOccurrence' + description: Describes an attestation of an artifact. + kind: enumDescriptions: - - Unspecified. - - >- - Bucket is located in user-owned project in the same region as the - build. The builder service account must have access to create and - write to Cloud Storage buckets in the build project. + - Default value. This value is unused. + - The note and occurrence represent a package vulnerability. + - The note and occurrence assert build provenance. + - This represents an image basis relationship. + - This represents a package installed via a package manager. + - The note and occurrence track deployment events. - >- - Bucket is located in a Google-owned project and is not - regionalized. - enum: - - DEFAULT_LOGS_BUCKET_BEHAVIOR_UNSPECIFIED - - REGIONAL_USER_OWNED_BUCKET - - LEGACY_BUCKET - enableStructuredLogging: + The note and occurrence track the initial discovery status of a + resource. + - This represents a logical "role" that can attest to artifacts. + - This represents an available package upgrade. + - This represents a Compliance Note + - This represents a DSSE attestation Note + - This represents a Vulnerability Assessment. + - This represents an SBOM Reference. + - This represents a secret. description: >- - Optional. Option to specify whether structured logging is enabled. - If true, JSON-formatted logs are parsed as structured logs. - type: boolean - pubsubTopic: + Output only. This explicitly denotes which of the occurrence details + are specified. This field can be used as a filter in list requests. + enum: + - NOTE_KIND_UNSPECIFIED + - VULNERABILITY + - BUILD + - IMAGE + - PACKAGE + - DEPLOYMENT + - DISCOVERY + - ATTESTATION + - UPGRADE + - COMPLIANCE + - DSSE_ATTESTATION + - VULNERABILITY_ASSESSMENT + - SBOM_REFERENCE + - SECRET + type: string + deployment: + description: Describes the deployment of an artifact on a runtime. + $ref: '#/components/schemas/DeploymentOccurrence' + discovery: + $ref: '#/components/schemas/DiscoveryOccurrence' + description: Describes when a resource was discovered. + secret: + $ref: '#/components/schemas/SecretOccurrence' + description: Describes a secret. + updateTime: + type: string + description: Output only. The time this occurrence was last updated. + format: google-datetime + resourceUri: description: >- - Optional. Option to specify the Pub/Sub topic to receive build - status updates. + Required. Immutable. A URI that represents the resource for which + the occurrence applies. For example, + `https://gcr.io/project/image@sha256:123abc` for a Docker image. type: string - ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptionsPoolOption: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptionsPoolOption - description: >- - Details about how a build should be executed on a `WorkerPool`. See - [running builds in a private - pool](https://cloud.google.com/build/docs/private-pools/run-builds-in-private-pool) - for more information. - type: object - properties: - name: + sbomReference: + $ref: '#/components/schemas/SBOMReferenceOccurrence' + description: Describes a specific SBOM reference occurrences. + vulnerability: + $ref: '#/components/schemas/VulnerabilityOccurrence' + description: Describes a security vulnerability. + compliance: + description: Describes a compliance violation on a linked resource. + $ref: '#/components/schemas/ComplianceOccurrence' + dsseAttestation: + description: Describes an attestation of an artifact using dsse. + $ref: '#/components/schemas/DSSEAttestationOccurrence' + envelope: + description: https://github.com/secure-systems-lab/dsse + $ref: '#/components/schemas/Envelope' + noteName: description: >- - The `WorkerPool` resource to execute the build on. You must have - `cloudbuild.workerpools.use` on the project hosting the WorkerPool. - Format - projects/{project}/locations/{location}/workerPools/{workerPoolId} + Required. Immutable. The analysis note associated with this + occurrence, in the form of `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. + This field can be used as a filter in list requests. type: string - ContaineranalysisGoogleDevtoolsCloudbuildV1Secret: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1Secret - description: >- - Pairs a set of secret environment variables containing encrypted values - with the Cloud KMS key to use to decrypt the value. Note: Use - `kmsKeyName` with `available_secrets` instead of using `kmsKeyName` with - `secret`. For instructions see: - https://cloud.google.com/cloud-build/docs/securing-builds/use-encrypted-credentials. - type: object - properties: - kmsKeyName: - description: Cloud KMS key name to use to decrypt these envs. + createTime: + format: google-datetime + description: Output only. The time this occurrence was created. type: string - secretEnv: - description: >- - Map of environment variable name to its encrypted value. Secret - environment variables must be unique across all of a build's - secrets, and must be used by at least one build step. Values can be - at most 64 KB in size. There can be at most 100 secret values across - all of a build's secrets. - type: object - additionalProperties: - type: string - format: byte - ContaineranalysisGoogleDevtoolsCloudbuildV1BuildApproval: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1BuildApproval + id: Occurrence + type: object + CloudStorageLocation: + id: CloudStorageLocation + properties: {} description: >- - BuildApproval describes a build's approval configuration, state, and - result. + Empty placeholder to denote that this is a Google Cloud Storage export + request. type: object + ContaineranalysisGoogleDevtoolsCloudbuildV1BuildFailureInfo: + description: A fatal problem encountered during the execution of the build. + id: ContaineranalysisGoogleDevtoolsCloudbuildV1BuildFailureInfo properties: - state: - description: Output only. The state of this build's approval. - readOnly: true + detail: + description: Explains the failure issue in more detail using hard-coded text. + type: string + type: type: string enumDescriptions: - - Default enum type. This should not be used. - - Build approval is pending. - - Build approval has been approved. - - Build approval has been rejected. - - Build was cancelled while it was still pending approval. + - Type unspecified + - Unable to push the image to the repository. + - Final image not found. + - Unauthorized push of the final image. + - Backend logging failures. Should retry. + - A build step has failed. + - The source fetching has failed. + description: The name of the failure. enum: - - STATE_UNSPECIFIED - - PENDING - - APPROVED - - REJECTED - - CANCELLED - config: - description: Output only. Configuration for manual approval of this build. - readOnly: true - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalConfig - result: - description: Output only. Result of manual approval for this Build. - readOnly: true - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalResult - ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalConfig: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalConfig - description: ApprovalConfig describes configuration for manual approval of a build. + - FAILURE_TYPE_UNSPECIFIED + - PUSH_FAILED + - PUSH_IMAGE_NOT_FOUND + - PUSH_NOT_AUTHORIZED + - LOGGING_FAILURE + - USER_BUILD_STEP + - FETCH_SOURCE_FAILED + type: object + DSSEHint: type: object properties: - approvalRequired: + humanReadableName: description: >- - Whether or not approval is needed. If this is set on a build, it - will become pending when created, and will need to be explicitly - approved to start. - type: boolean - ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalResult: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalResult + Required. The human readable name of this attestation authority, for + example "cloudbuild-prod". + type: string + id: DSSEHint description: >- - ApprovalResult describes the decision and associated metadata of a - manual approval of a build. + This submessage provides human-readable hints about the purpose of the + authority. Because the name of a note acts as its resource reference, it + is important to disambiguate the canonical name of the Note (which might + be a UUID for security purposes) from "readable" names more suitable for + debug output. Note that these hints should not be used to look up + authorities in security sensitive contexts, such as when looking up + attestations to verify. + ProjectRepoId: type: object + id: ProjectRepoId properties: - approverAccount: - description: >- - Output only. Email of the user that called the ApproveBuild API to - approve or reject a build at the time that the API was called. - readOnly: true + repoName: + description: The name of the repo. Leave empty for the default repo. type: string - approvalTime: - description: Output only. The time when the approval decision was made. - readOnly: true + projectId: type: string - format: google-datetime - decision: - description: Required. The decision of this manual approval. + description: The ID of the project. + description: >- + Selects a repo using a Google Cloud Platform project ID (e.g., + winged-cargo-31) and a repo name within that project. + CVSS: + properties: + exploitabilityScore: + type: number + format: float + baseScore: + type: number + description: The base score is a function of the base metric scores. + format: float + scope: type: string enumDescriptions: - - Default enum type. This should not be used. - - Build is approved. - - Build is rejected. + - '' + - '' + - '' enum: - - DECISION_UNSPECIFIED - - APPROVED - - REJECTED - comment: - description: Optional. An optional comment for this manual approval result. + - SCOPE_UNSPECIFIED + - SCOPE_UNCHANGED + - SCOPE_CHANGED + attackComplexity: + enumDescriptions: + - '' + - '' + - '' + - '' + enum: + - ATTACK_COMPLEXITY_UNSPECIFIED + - ATTACK_COMPLEXITY_LOW + - ATTACK_COMPLEXITY_HIGH + - ATTACK_COMPLEXITY_MEDIUM type: string - url: - description: >- - Optional. An optional URL tied to this manual approval result. This - field is essentially the same as comment, except that it will be - rendered by the UI differently. An example use case is a link to an - external job that approved this Build. + integrityImpact: + enum: + - IMPACT_UNSPECIFIED + - IMPACT_HIGH + - IMPACT_LOW + - IMPACT_NONE + - IMPACT_PARTIAL + - IMPACT_COMPLETE + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' type: string - ContaineranalysisGoogleDevtoolsCloudbuildV1Secrets: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1Secrets - description: Secrets and secret environment variables. - type: object - properties: - secretManager: - description: >- - Secrets in Secret Manager and associated secret environment - variable. - type: array - items: - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1SecretManagerSecret - inline: - description: >- - Secrets encrypted with KMS key and the associated secret environment - variable. - type: array - items: - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1InlineSecret - ContaineranalysisGoogleDevtoolsCloudbuildV1SecretManagerSecret: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1SecretManagerSecret - description: >- - Pairs a secret environment variable with a SecretVersion in Secret - Manager. - type: object - properties: - versionName: - description: >- - Resource name of the SecretVersion. In format: - projects/*/secrets/*/versions/* + confidentialityImpact: + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + enum: + - IMPACT_UNSPECIFIED + - IMPACT_HIGH + - IMPACT_LOW + - IMPACT_NONE + - IMPACT_PARTIAL + - IMPACT_COMPLETE type: string - env: - description: >- - Environment variable name to associate with the secret. Secret - environment variables must be unique across all of a build's - secrets, and must be used by at least one build step. + availabilityImpact: + enum: + - IMPACT_UNSPECIFIED + - IMPACT_HIGH + - IMPACT_LOW + - IMPACT_NONE + - IMPACT_PARTIAL + - IMPACT_COMPLETE type: string - ContaineranalysisGoogleDevtoolsCloudbuildV1InlineSecret: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1InlineSecret - description: >- - Pairs a set of secret environment variables mapped to encrypted values - with the Cloud KMS key to use to decrypt the value. - type: object - properties: - kmsKeyName: - description: >- - Resource name of Cloud KMS crypto key to decrypt the encrypted - value. In format: projects/*/locations/*/keyRings/*/cryptoKeys/* + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + authentication: + enum: + - AUTHENTICATION_UNSPECIFIED + - AUTHENTICATION_MULTIPLE + - AUTHENTICATION_SINGLE + - AUTHENTICATION_NONE + enumDescriptions: + - '' + - '' + - '' + - '' type: string - envMap: - description: >- - Map of environment variable name to its encrypted value. Secret - environment variables must be unique across all of a build's - secrets, and must be used by at least one build step. Values can be - at most 64 KB in size. There can be at most 100 secret values across - all of a build's secrets. - type: object - additionalProperties: - type: string - format: byte - ContaineranalysisGoogleDevtoolsCloudbuildV1BuildWarning: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1BuildWarning - description: A non-fatal problem encountered during the execution of the build. - type: object - properties: - text: - description: Explanation of the warning generated. + impactScore: + format: float + type: number + userInteraction: + enum: + - USER_INTERACTION_UNSPECIFIED + - USER_INTERACTION_NONE + - USER_INTERACTION_REQUIRED + enumDescriptions: + - '' + - '' + - '' type: string - priority: - description: The priority for this warning. + attackVector: type: string enumDescriptions: - - Should not be used. - - e.g. deprecation warnings and alternative feature highlights. - - e.g. automated detection of possible issues with the build. - - e.g. alerts that a feature used in the build is pending removal + - '' + - '' + - '' + - '' + - '' + description: >- + Base Metrics Represents the intrinsic characteristics of a + vulnerability that are constant over time and across user + environments. enum: - - PRIORITY_UNSPECIFIED - - INFO - - WARNING - - ALERT - ContaineranalysisGoogleDevtoolsCloudbuildV1GitConfig: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1GitConfig - description: GitConfig is a configuration for git operations. + - ATTACK_VECTOR_UNSPECIFIED + - ATTACK_VECTOR_NETWORK + - ATTACK_VECTOR_ADJACENT + - ATTACK_VECTOR_LOCAL + - ATTACK_VECTOR_PHYSICAL + privilegesRequired: + enum: + - PRIVILEGES_REQUIRED_UNSPECIFIED + - PRIVILEGES_REQUIRED_NONE + - PRIVILEGES_REQUIRED_LOW + - PRIVILEGES_REQUIRED_HIGH + type: string + enumDescriptions: + - '' + - '' + - '' + - '' + id: CVSS type: object + description: >- + Common Vulnerability Scoring System. For details, see + https://www.first.org/cvss/specification-document This is a message we + will try to use for storing various versions of CVSS rather than making + a separate proto for storing a specific version. + SlsaProvenanceV1: + description: >- + Keep in sync with schema at + https://github.com/slsa-framework/slsa/blob/main/docs/provenance/schema/v1/provenance.proto + Builder renamed to ProvenanceBuilder because of Java conflicts. + id: SlsaProvenanceV1 properties: - http: - description: Configuration for HTTP related git operations. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1GitConfigHttpConfig - ContaineranalysisGoogleDevtoolsCloudbuildV1GitConfigHttpConfig: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1GitConfigHttpConfig - description: HttpConfig is a configuration for HTTP related git operations. + buildDefinition: + $ref: '#/components/schemas/BuildDefinition' + runDetails: + $ref: '#/components/schemas/RunDetails' type: object - properties: - proxySecretVersionName: - description: >- - SecretVersion resource of the HTTP proxy URL. The Service Account - used in the build (either the default Service Account or - user-specified Service Account) should have - `secretmanager.versions.access` permissions on this secret. The - proxy URL should be in format `protocol://@]proxyhost[:port]`. - type: string - ContaineranalysisGoogleDevtoolsCloudbuildV1BuildFailureInfo: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1BuildFailureInfo - description: A fatal problem encountered during the execution of the build. + SlsaCompleteness: type: object - properties: - type: - description: The name of the failure. - type: string - enumDescriptions: - - Type unspecified - - Unable to push the image to the repository. - - Final image not found. - - Unauthorized push of the final image. - - Backend logging failures. Should retry. - - A build step has failed. - - The source fetching has failed. - enum: - - FAILURE_TYPE_UNSPECIFIED - - PUSH_FAILED - - PUSH_IMAGE_NOT_FOUND - - PUSH_NOT_AUTHORIZED - - LOGGING_FAILURE - - USER_BUILD_STEP - - FETCH_SOURCE_FAILED - detail: - description: Explains the failure issue in more detail using hard-coded text. - type: string - ContaineranalysisGoogleDevtoolsCloudbuildV1Dependency: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1Dependency description: >- - A dependency that the Cloud Build worker will fetch before executing - user steps. - type: object + Indicates that the builder claims certain fields in this message to be + complete. + id: SlsaCompleteness properties: - empty: + materials: + type: boolean description: >- - If set to true disable all dependency fetching (ignoring the default - source as well). + If true, the builder claims that materials are complete, usually + through some controls to prevent network access. Sometimes called + "hermetic". + arguments: type: boolean - gitSource: - description: Represents a git repository as a build dependency. - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGitSourceDependency - ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGitSourceDependency: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGitSourceDependency - description: Represents a git repository as a build dependency. - type: object - properties: - repository: - description: Required. The kind of repo (url or dev connect). - $ref: >- - #/components/schemas/ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGitSourceRepository - revision: - description: Required. The revision that we will fetch the repo at. - type: string - recurseSubmodules: - description: Optional. True if submodules should be fetched too (default false). + description: >- + If true, the builder claims that recipe.arguments is complete, + meaning that all external inputs are properly captured in the + recipe. + environment: type: boolean - depth: description: >- - Optional. How much history should be fetched for the build (default - 1, -1 for all history). + If true, the builder claims that recipe.environment is claimed to be + complete. + InTotoSlsaProvenanceV1: + id: InTotoSlsaProvenanceV1 + properties: + predicate: + $ref: '#/components/schemas/SlsaProvenanceV1' + predicateType: type: string - format: int64 - destPath: - description: Required. Where should the files be placed on the worker. + _type: type: string - ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGitSourceRepository: - id: ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGitSourceRepository - description: A repository for a git source. + description: >- + InToto spec defined at + https://github.com/in-toto/attestation/tree/main/spec#statement + subject: + items: + $ref: '#/components/schemas/Subject' + type: array type: object + SlsaProvenanceZeroTwo: + description: See full explanation of fields at slsa.dev/provenance/v0.2. properties: - url: - description: Location of the Git repository. + builder: + $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaBuilder' + buildType: type: string - developerConnect: + invocation: + $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaInvocation' + buildConfig: + type: object + additionalProperties: + description: Properties of the object. + type: any + metadata: + $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaMetadata' + materials: + items: + $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaMaterial' + type: array + type: object + id: SlsaProvenanceZeroTwo + LayerDetails: + description: Details about the layer a package was found in. + properties: + command: description: >- - The Developer Connect Git repository link formatted as - `projects/*/locations/*/connections/*/gitRepositoryLink/*` + The layer build command that was used to build the layer. This may + not be found in all layers depending on how the container image is + built. + type: string + baseImages: + description: The base images the layer is found within. + items: + $ref: '#/components/schemas/BaseImage' + type: array + index: + type: integer + description: The index of the layer in the container image. + format: int32 + chainId: + description: >- + The layer chain ID (sha256 hash) of the layer in the container + image. + https://github.com/opencontainers/image-spec/blob/main/config.md#layer-chainid + type: string + diffId: + description: >- + The diff ID (typically a sha256 hash) of the layer in the container + image. type: string + type: object + id: LayerDetails parameters: - access_token: - description: OAuth access token. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: access_token + name: upload_protocol + schema: + type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token schema: type: string alt: @@ -5736,52 +5824,40 @@ components: - json - media - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string - key: + quotaUser: description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: key + name: quotaUser schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + _.xgafv: + description: V1 error format. in: query - name: oauth_token + name: $.xgafv schema: type: string + enum: + - '1' + - '2' prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + callback: + description: JSONP in: query - name: quotaUser + name: callback schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + access_token: + description: OAuth access token. in: query - name: upload_protocol + name: access_token schema: type: string uploadType: @@ -5790,58 +5866,63 @@ components: name: uploadType schema: type: string - _.xgafv: - description: V1 error format. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: $.xgafv + name: key schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: occurrences: id: google.containeranalysis.occurrences name: occurrences title: Occurrences methods: - projects_occurrences_get: + projects_notes_occurrences_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1occurrences~1{occurrencesId}/get + #/paths/~1v1~1projects~1{projectsId}~1notes~1{notesId}~1occurrences/get response: mediaType: application/json openAPIDocKey: '200' - projects_occurrences_delete: + objectKey: $.occurrences + projects_locations_notes_occurrences_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1occurrences~1{occurrencesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes~1{notesId}~1occurrences/get response: mediaType: application/json openAPIDocKey: '200' - projects_occurrences_patch: + objectKey: $.occurrences + projects_locations_occurrences_batch_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1occurrences~1{occurrencesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences:batchCreate/post response: mediaType: application/json openAPIDocKey: '200' - projects_occurrences_list: + projects_locations_occurrences_create: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1occurrences/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.occurrences - projects_occurrences_create: + projects_locations_occurrences_list: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1occurrences/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences/get response: mediaType: application/json openAPIDocKey: '200' - projects_occurrences_batch_create: + objectKey: $.occurrences + projects_locations_occurrences_patch: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1occurrences:batchCreate/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences~1{occurrencesId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -5859,70 +5940,65 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_occurrences_patch: + projects_occurrences_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences~1{occurrencesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1occurrences~1{occurrencesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_occurrences_list: + projects_occurrences_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences/get + #/paths/~1v1~1projects~1{projectsId}~1occurrences~1{occurrencesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.occurrences - projects_locations_occurrences_create: + projects_occurrences_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences/post + #/paths/~1v1~1projects~1{projectsId}~1occurrences~1{occurrencesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_occurrences_batch_create: + projects_occurrences_create: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences:batchCreate/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1occurrences/post' response: mediaType: application/json openAPIDocKey: '200' - projects_locations_notes_occurrences_list: + projects_occurrences_list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes~1{notesId}~1occurrences/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1occurrences/get' response: mediaType: application/json openAPIDocKey: '200' objectKey: $.occurrences - projects_notes_occurrences_list: + projects_occurrences_batch_create: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1notes~1{notesId}~1occurrences/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1occurrences:batchCreate/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.occurrences sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/occurrences/methods/projects_locations_occurrences_get - $ref: >- #/components/x-stackQL-resources/occurrences/methods/projects_locations_notes_occurrences_list - $ref: >- - #/components/x-stackQL-resources/occurrences/methods/projects_occurrences_get + #/components/x-stackQL-resources/occurrences/methods/projects_locations_occurrences_get + - $ref: >- + #/components/x-stackQL-resources/occurrences/methods/projects_notes_occurrences_list - $ref: >- #/components/x-stackQL-resources/occurrences/methods/projects_locations_occurrences_list - $ref: >- - #/components/x-stackQL-resources/occurrences/methods/projects_notes_occurrences_list + #/components/x-stackQL-resources/occurrences/methods/projects_occurrences_get - $ref: >- #/components/x-stackQL-resources/occurrences/methods/projects_occurrences_list insert: - - $ref: >- - #/components/x-stackQL-resources/occurrences/methods/projects_locations_occurrences_create - $ref: >- #/components/x-stackQL-resources/occurrences/methods/projects_locations_occurrences_batch_create + - $ref: >- + #/components/x-stackQL-resources/occurrences/methods/projects_locations_occurrences_create - $ref: >- #/components/x-stackQL-resources/occurrences/methods/projects_occurrences_create - $ref: >- @@ -5938,345 +6014,348 @@ components: #/components/x-stackQL-resources/occurrences/methods/projects_locations_occurrences_delete - $ref: >- #/components/x-stackQL-resources/occurrences/methods/projects_occurrences_delete - occurrences_notes: - id: google.containeranalysis.occurrences_notes - name: occurrences_notes - title: Occurrences_notes + notes: + id: google.containeranalysis.notes + name: notes + title: Notes methods: - projects_occurrences_get_notes: + projects_notes_patch: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1occurrences~1{occurrencesId}~1notes/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1notes~1{notesId}/patch' response: mediaType: application/json openAPIDocKey: '200' - projects_locations_occurrences_get_notes: + projects_notes_delete: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences~1{occurrencesId}~1notes/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1notes~1{notesId}/delete' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/occurrences_notes/methods/projects_locations_occurrences_get_notes - - $ref: >- - #/components/x-stackQL-resources/occurrences_notes/methods/projects_occurrences_get_notes - insert: [] - update: [] - replace: [] - delete: [] - occurrences_iam_policies: - id: google.containeranalysis.occurrences_iam_policies - name: occurrences_iam_policies - title: Occurrences_iam_policies - methods: - projects_occurrences_set_iam_policy: + projects_notes_get: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1occurrences~1{occurrencesId}:setIamPolicy/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1notes~1{notesId}/get' response: mediaType: application/json openAPIDocKey: '200' - projects_occurrences_get_iam_policy: + projects_notes_list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1occurrences~1{occurrencesId}:getIamPolicy/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1notes/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_occurrences_test_iam_permissions: + objectKey: $.notes + projects_notes_create: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1notes/post' + response: + mediaType: application/json + openAPIDocKey: '200' + projects_notes_batch_create: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1notes:batchCreate/post' + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_notes_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1occurrences~1{occurrencesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes~1{notesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_occurrences_set_iam_policy: + projects_locations_notes_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences~1{occurrencesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes~1{notesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_occurrences_get_iam_policy: + projects_locations_notes_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences~1{occurrencesId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes~1{notesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_occurrences_test_iam_permissions: + projects_locations_notes_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences~1{occurrencesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/occurrences_iam_policies/methods/projects_locations_occurrences_get_iam_policy - - $ref: >- - #/components/x-stackQL-resources/occurrences_iam_policies/methods/projects_occurrences_get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/occurrences_iam_policies/methods/projects_locations_occurrences_set_iam_policy - - $ref: >- - #/components/x-stackQL-resources/occurrences_iam_policies/methods/projects_occurrences_set_iam_policy - delete: [] - vulnerability_summary: - id: google.containeranalysis.vulnerability_summary - name: vulnerability_summary - title: Vulnerability_summary - methods: - projects_occurrences_get_vulnerability_summary: + objectKey: $.notes + projects_locations_notes_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1occurrences:vulnerabilitySummary/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_occurrences_get_vulnerability_summary: + projects_locations_notes_batch_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences:vulnerabilitySummary/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes:batchCreate/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/vulnerability_summary/methods/projects_locations_occurrences_get_vulnerability_summary + #/components/x-stackQL-resources/notes/methods/projects_locations_notes_get + - $ref: '#/components/x-stackQL-resources/notes/methods/projects_notes_get' - $ref: >- - #/components/x-stackQL-resources/vulnerability_summary/methods/projects_occurrences_get_vulnerability_summary - insert: [] - update: [] + #/components/x-stackQL-resources/notes/methods/projects_locations_notes_list + - $ref: '#/components/x-stackQL-resources/notes/methods/projects_notes_list' + insert: + - $ref: >- + #/components/x-stackQL-resources/notes/methods/projects_locations_notes_create + - $ref: >- + #/components/x-stackQL-resources/notes/methods/projects_locations_notes_batch_create + - $ref: >- + #/components/x-stackQL-resources/notes/methods/projects_notes_create + - $ref: >- + #/components/x-stackQL-resources/notes/methods/projects_notes_batch_create + update: + - $ref: >- + #/components/x-stackQL-resources/notes/methods/projects_locations_notes_patch + - $ref: >- + #/components/x-stackQL-resources/notes/methods/projects_notes_patch replace: [] - delete: [] - notes: - id: google.containeranalysis.notes - name: notes - title: Notes + delete: + - $ref: >- + #/components/x-stackQL-resources/notes/methods/projects_locations_notes_delete + - $ref: >- + #/components/x-stackQL-resources/notes/methods/projects_notes_delete + notes_iam_policies: + id: google.containeranalysis.notes_iam_policies + name: notes_iam_policies + title: Notes_iam_policies methods: - projects_locations_notes_get: + projects_notes_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes~1{notesId}/get + #/paths/~1v1~1projects~1{projectsId}~1notes~1{notesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_notes_delete: + projects_notes_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes~1{notesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1notes~1{notesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_notes_patch: + projects_notes_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes~1{notesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1notes~1{notesId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_notes_list: + objectKey: $.bindings + projects_locations_notes_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes~1{notesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.notes - projects_locations_notes_create: + projects_locations_notes_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes~1{notesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_notes_batch_create: + projects_locations_notes_get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes~1{notesId}:getIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/notes_iam_policies/methods/projects_locations_notes_get_iam_policy + - $ref: >- + #/components/x-stackQL-resources/notes_iam_policies/methods/projects_notes_get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/notes_iam_policies/methods/projects_locations_notes_set_iam_policy + - $ref: >- + #/components/x-stackQL-resources/notes_iam_policies/methods/projects_notes_set_iam_policy + delete: [] + resources: + id: google.containeranalysis.resources + name: resources + title: Resources + methods: + projects_resources_export_sbom: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes:batchCreate/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_notes_get: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1notes~1{notesId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - projects_notes_delete: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1notes~1{notesId}/delete' - response: - mediaType: application/json - openAPIDocKey: '200' - projects_notes_patch: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1notes~1{notesId}/patch' + #/paths/~1v1~1projects~1{projectsId}~1resources~1{resourcesId}:exportSBOM/post response: mediaType: application/json openAPIDocKey: '200' - projects_notes_list: + projects_locations_resources_export_sbom: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1notes/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1resources~1{resourcesId}:exportSBOM/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.notes - projects_notes_create: + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + occurrences_notes: + id: google.containeranalysis.occurrences_notes + name: occurrences_notes + title: Occurrences_notes + methods: + projects_locations_occurrences_get_notes: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1notes/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences~1{occurrencesId}~1notes/get response: mediaType: application/json openAPIDocKey: '200' - projects_notes_batch_create: + projects_occurrences_get_notes: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1notes:batchCreate/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1occurrences~1{occurrencesId}~1notes/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/notes/methods/projects_locations_notes_get - - $ref: >- - #/components/x-stackQL-resources/notes/methods/projects_locations_notes_list - - $ref: '#/components/x-stackQL-resources/notes/methods/projects_notes_get' - - $ref: '#/components/x-stackQL-resources/notes/methods/projects_notes_list' - insert: - - $ref: >- - #/components/x-stackQL-resources/notes/methods/projects_locations_notes_create - - $ref: >- - #/components/x-stackQL-resources/notes/methods/projects_locations_notes_batch_create - - $ref: >- - #/components/x-stackQL-resources/notes/methods/projects_notes_create - - $ref: >- - #/components/x-stackQL-resources/notes/methods/projects_notes_batch_create - update: - - $ref: >- - #/components/x-stackQL-resources/notes/methods/projects_locations_notes_patch + #/components/x-stackQL-resources/occurrences_notes/methods/projects_locations_occurrences_get_notes - $ref: >- - #/components/x-stackQL-resources/notes/methods/projects_notes_patch + #/components/x-stackQL-resources/occurrences_notes/methods/projects_occurrences_get_notes + insert: [] + update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/notes/methods/projects_locations_notes_delete - - $ref: >- - #/components/x-stackQL-resources/notes/methods/projects_notes_delete - notes_iam_policies: - id: google.containeranalysis.notes_iam_policies - name: notes_iam_policies - title: Notes_iam_policies + delete: [] + occurrences_iam_policies: + id: google.containeranalysis.occurrences_iam_policies + name: occurrences_iam_policies + title: Occurrences_iam_policies methods: - projects_locations_notes_set_iam_policy: + projects_locations_occurrences_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes~1{notesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences~1{occurrencesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_notes_get_iam_policy: + projects_locations_occurrences_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes~1{notesId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences~1{occurrencesId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - projects_locations_notes_test_iam_permissions: + projects_locations_occurrences_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1notes~1{notesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences~1{occurrencesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - projects_notes_set_iam_policy: + projects_occurrences_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1notes~1{notesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1occurrences~1{occurrencesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_notes_get_iam_policy: + projects_occurrences_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1notes~1{notesId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1occurrences~1{occurrencesId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - projects_notes_test_iam_permissions: + projects_occurrences_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1notes~1{notesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1occurrences~1{occurrencesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/notes_iam_policies/methods/projects_locations_notes_get_iam_policy + #/components/x-stackQL-resources/occurrences_iam_policies/methods/projects_locations_occurrences_get_iam_policy - $ref: >- - #/components/x-stackQL-resources/notes_iam_policies/methods/projects_notes_get_iam_policy + #/components/x-stackQL-resources/occurrences_iam_policies/methods/projects_occurrences_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/notes_iam_policies/methods/projects_locations_notes_set_iam_policy + #/components/x-stackQL-resources/occurrences_iam_policies/methods/projects_locations_occurrences_set_iam_policy - $ref: >- - #/components/x-stackQL-resources/notes_iam_policies/methods/projects_notes_set_iam_policy + #/components/x-stackQL-resources/occurrences_iam_policies/methods/projects_occurrences_set_iam_policy delete: [] - resources: - id: google.containeranalysis.resources - name: resources - title: Resources + vulnerability_summary: + id: google.containeranalysis.vulnerability_summary + name: vulnerability_summary + title: Vulnerability_summary methods: - projects_locations_resources_export_sbom: + projects_locations_occurrences_get_vulnerability_summary: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1resources~1{resourcesId}:exportSBOM/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1occurrences:vulnerabilitySummary/get response: mediaType: application/json openAPIDocKey: '200' - projects_resources_export_sbom: + projects_occurrences_get_vulnerability_summary: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1resources~1{resourcesId}:exportSBOM/post + #/paths/~1v1~1projects~1{projectsId}~1occurrences:vulnerabilitySummary/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] + select: + - $ref: >- + #/components/x-stackQL-resources/vulnerability_summary/methods/projects_locations_occurrences_get_vulnerability_summary + - $ref: >- + #/components/x-stackQL-resources/vulnerability_summary/methods/projects_occurrences_get_vulnerability_summary insert: [] update: [] replace: [] delete: [] paths: - /v1/projects/{projectsId}/occurrences/{occurrencesId}: + /v1/projects/{projectsId}/notes/{notesId}/occurrences: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/key' get: - description: Gets the specified occurrence. - operationId: containeranalysis.projects.occurrences.get + description: >- + Lists occurrences referencing the specified note. Provider projects can + use this method to get all occurrences across consumer projects + referencing the specified note. + operationId: containeranalysis.projects.notes.occurrences.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6288,7 +6367,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Occurrence' + $ref: '#/components/schemas/ListNoteOccurrencesResponse' parameters: - in: path name: projectsId @@ -6296,16 +6375,64 @@ paths: schema: type: string - in: path - name: occurrencesId + name: notesId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/notes/{notesId}: + parameters: *ref_1 + patch: + description: Updates the specified note. + operationId: containeranalysis.projects.notes.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Note' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Note' + parameters: + - in: path + name: projectsId required: true schema: type: string + - in: path + name: notesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask delete: - description: >- - Deletes the specified occurrence. For example, use this method to delete - an occurrence when the occurrence is no longer applicable for the given - resource. - operationId: containeranalysis.projects.occurrences.delete + description: Deletes the specified note. + operationId: containeranalysis.projects.notes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6325,18 +6452,52 @@ paths: schema: type: string - in: path - name: occurrencesId + name: notesId required: true schema: type: string - patch: - description: Updates the specified occurrence. - operationId: containeranalysis.projects.occurrences.patch + get: + description: Gets the specified note. + operationId: containeranalysis.projects.notes.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Note' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: notesId + required: true + schema: + type: string + /v1/projects/{projectsId}/notes/{notesId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified note or occurrence. + Requires `containeranalysis.notes.setIamPolicy` or + `containeranalysis.occurrences.setIamPolicy` permission if the resource + is a note or an occurrence, respectively. The resource takes the format + `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and + `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. + operationId: containeranalysis.projects.notes.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/Occurrence' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6348,7 +6509,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Occurrence' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6356,20 +6517,15 @@ paths: schema: type: string - in: path - name: occurrencesId + name: notesId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/occurrences: + /v1/projects/{projectsId}/notes: parameters: *ref_1 get: - description: Lists occurrences for the specified project. - operationId: containeranalysis.projects.occurrences.list + description: Lists notes for the specified project. + operationId: containeranalysis.projects.notes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6381,7 +6537,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOccurrencesResponse' + $ref: '#/components/schemas/ListNotesResponse' parameters: - in: path name: projectsId @@ -6392,11 +6548,6 @@ paths: name: filter schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: @@ -6405,14 +6556,19 @@ paths: name: returnPartialSuccess schema: type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 post: - description: Creates a new occurrence. - operationId: containeranalysis.projects.occurrences.create + description: Creates a new note. + operationId: containeranalysis.projects.notes.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Occurrence' + $ref: '#/components/schemas/Note' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6424,48 +6580,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Occurrence' + $ref: '#/components/schemas/Note' parameters: - in: path name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/occurrences:batchCreate: + - in: query + name: noteId + schema: + type: string + /v1/projects/{projectsId}/notes/{notesId}:testIamPermissions: parameters: *ref_1 post: - description: Creates new occurrences in batch. - operationId: containeranalysis.projects.occurrences.batchCreate + description: >- + Returns the permissions that a caller has on the specified note or + occurrence. Requires list permission on the project (for example, + `containeranalysis.notes.list`). The resource takes the format + `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and + `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. + operationId: containeranalysis.projects.notes.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/BatchCreateOccurrencesRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/BatchCreateOccurrencesResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - /v1/projects/{projectsId}/occurrences/{occurrencesId}/notes: - parameters: *ref_1 - get: - description: >- - Gets the note attached to the specified occurrence. Consumer projects - can use this method to get a note that belongs to a provider project. - operationId: containeranalysis.projects.occurrences.getNotes + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6477,7 +6617,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Note' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -6485,26 +6625,20 @@ paths: schema: type: string - in: path - name: occurrencesId + name: notesId required: true schema: type: string - /v1/projects/{projectsId}/occurrences/{occurrencesId}:setIamPolicy: + /v1/projects/{projectsId}/notes:batchCreate: parameters: *ref_1 post: - description: >- - Sets the access control policy on the specified note or occurrence. - Requires `containeranalysis.notes.setIamPolicy` or - `containeranalysis.occurrences.setIamPolicy` permission if the resource - is a note or an occurrence, respectively. The resource takes the format - `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and - `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. - operationId: containeranalysis.projects.occurrences.setIamPolicy + description: Creates new notes in batch. + operationId: containeranalysis.projects.notes.batchCreate requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/BatchCreateNotesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6516,19 +6650,14 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/BatchCreateNotesResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: occurrencesId - required: true - schema: - type: string - /v1/projects/{projectsId}/occurrences/{occurrencesId}:getIamPolicy: + /v1/projects/{projectsId}/notes/{notesId}:getIamPolicy: parameters: *ref_1 post: description: >- @@ -6538,7 +6667,7 @@ paths: is a note or occurrence, respectively. The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. - operationId: containeranalysis.projects.occurrences.getIamPolicy + operationId: containeranalysis.projects.notes.getIamPolicy requestBody: content: application/json: @@ -6563,25 +6692,20 @@ paths: schema: type: string - in: path - name: occurrencesId + name: notesId required: true schema: type: string - /v1/projects/{projectsId}/occurrences/{occurrencesId}:testIamPermissions: + /v1/projects/{projectsId}/resources/{resourcesId}:exportSBOM: parameters: *ref_1 post: - description: >- - Returns the permissions that a caller has on the specified note or - occurrence. Requires list permission on the project (for example, - `containeranalysis.notes.list`). The resource takes the format - `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and - `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. - operationId: containeranalysis.projects.occurrences.testIamPermissions + description: Generates an SBOM for the given resource. + operationId: containeranalysis.projects.resources.exportSBOM requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/ExportSBOMRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6593,7 +6717,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ExportSBOMResponse' parameters: - in: path name: projectsId @@ -6601,46 +6725,15 @@ paths: schema: type: string - in: path - name: occurrencesId - required: true - schema: - type: string - /v1/projects/{projectsId}/occurrences:vulnerabilitySummary: - parameters: *ref_1 - get: - description: Gets a summary of the number and severity of occurrences. - operationId: containeranalysis.projects.occurrences.getVulnerabilitySummary - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/VulnerabilityOccurrencesSummary' - parameters: - - in: path - name: projectsId + name: resourcesId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: returnPartialSuccess - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/occurrences/{occurrencesId}: + /v1/projects/{projectsId}/locations/{locationsId}/notes/{notesId}: parameters: *ref_1 get: - description: Gets the specified occurrence. - operationId: containeranalysis.projects.locations.occurrences.get + description: Gets the specified note. + operationId: containeranalysis.projects.locations.notes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6652,7 +6745,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Occurrence' + $ref: '#/components/schemas/Note' parameters: - in: path name: projectsId @@ -6665,16 +6758,13 @@ paths: schema: type: string - in: path - name: occurrencesId + name: notesId required: true schema: type: string delete: - description: >- - Deletes the specified occurrence. For example, use this method to delete - an occurrence when the occurrence is no longer applicable for the given - resource. - operationId: containeranalysis.projects.locations.occurrences.delete + description: Deletes the specified note. + operationId: containeranalysis.projects.locations.notes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6699,18 +6789,18 @@ paths: schema: type: string - in: path - name: occurrencesId + name: notesId required: true schema: type: string patch: - description: Updates the specified occurrence. - operationId: containeranalysis.projects.locations.occurrences.patch + description: Updates the specified note. + operationId: containeranalysis.projects.locations.notes.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Occurrence' + $ref: '#/components/schemas/Note' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6722,7 +6812,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Occurrence' + $ref: '#/components/schemas/Note' parameters: - in: path name: projectsId @@ -6735,7 +6825,7 @@ paths: schema: type: string - in: path - name: occurrencesId + name: notesId required: true schema: type: string @@ -6744,11 +6834,11 @@ paths: schema: type: string format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/occurrences: + /v1/projects/{projectsId}/locations/{locationsId}/notes: parameters: *ref_1 get: - description: Lists occurrences for the specified project. - operationId: containeranalysis.projects.locations.occurrences.list + description: Lists notes for the specified project. + operationId: containeranalysis.projects.locations.notes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6760,7 +6850,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOccurrencesResponse' + $ref: '#/components/schemas/ListNotesResponse' parameters: - in: path name: projectsId @@ -6772,10 +6862,6 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: @@ -6785,18 +6871,22 @@ paths: name: pageToken schema: type: string + - in: query + name: filter + schema: + type: string - in: query name: returnPartialSuccess schema: type: boolean post: - description: Creates a new occurrence. - operationId: containeranalysis.projects.locations.occurrences.create + description: Creates a new note. + operationId: containeranalysis.projects.locations.notes.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Occurrence' + $ref: '#/components/schemas/Note' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6808,7 +6898,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Occurrence' + $ref: '#/components/schemas/Note' parameters: - in: path name: projectsId @@ -6820,16 +6910,26 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/occurrences:batchCreate: + - in: query + name: noteId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/notes/{notesId}:setIamPolicy: parameters: *ref_1 post: - description: Creates new occurrences in batch. - operationId: containeranalysis.projects.locations.occurrences.batchCreate + description: >- + Sets the access control policy on the specified note or occurrence. + Requires `containeranalysis.notes.setIamPolicy` or + `containeranalysis.occurrences.setIamPolicy` permission if the resource + is a note or an occurrence, respectively. The resource takes the format + `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and + `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. + operationId: containeranalysis.projects.locations.notes.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/BatchCreateOccurrencesRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6841,7 +6941,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BatchCreateOccurrencesResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6853,13 +6953,26 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/occurrences/{occurrencesId}/notes: + - in: path + name: notesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/notes/{notesId}:testIamPermissions: parameters: *ref_1 - get: + post: description: >- - Gets the note attached to the specified occurrence. Consumer projects - can use this method to get a note that belongs to a provider project. - operationId: containeranalysis.projects.locations.occurrences.getNotes + Returns the permissions that a caller has on the specified note or + occurrence. Requires list permission on the project (for example, + `containeranalysis.notes.list`). The resource takes the format + `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and + `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. + operationId: containeranalysis.projects.locations.notes.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6871,7 +6984,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Note' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -6884,26 +6997,26 @@ paths: schema: type: string - in: path - name: occurrencesId + name: notesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/occurrences/{occurrencesId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/notes/{notesId}:getIamPolicy: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified note or occurrence. + Gets the access control policy for a note or an occurrence resource. Requires `containeranalysis.notes.setIamPolicy` or `containeranalysis.occurrences.setIamPolicy` permission if the resource - is a note or an occurrence, respectively. The resource takes the format + is a note or occurrence, respectively. The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. - operationId: containeranalysis.projects.locations.occurrences.setIamPolicy + operationId: containeranalysis.projects.locations.notes.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6928,26 +7041,20 @@ paths: schema: type: string - in: path - name: occurrencesId + name: notesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/occurrences/{occurrencesId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/notes:batchCreate: parameters: *ref_1 post: - description: >- - Gets the access control policy for a note or an occurrence resource. - Requires `containeranalysis.notes.setIamPolicy` or - `containeranalysis.occurrences.setIamPolicy` permission if the resource - is a note or occurrence, respectively. The resource takes the format - `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and - `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. - operationId: containeranalysis.projects.locations.occurrences.getIamPolicy + description: Creates new notes in batch. + operationId: containeranalysis.projects.locations.notes.batchCreate requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/BatchCreateNotesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6959,7 +7066,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/BatchCreateNotesResponse' parameters: - in: path name: projectsId @@ -6971,26 +7078,65 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/notes/{notesId}/occurrences: + parameters: *ref_1 + get: + description: >- + Lists occurrences referencing the specified note. Provider projects can + use this method to get all occurrences across consumer projects + referencing the specified note. + operationId: containeranalysis.projects.locations.notes.occurrences.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListNoteOccurrencesResponse' + parameters: - in: path - name: occurrencesId + name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/occurrences/{occurrencesId}:testIamPermissions: + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: notesId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/resources/{resourcesId}:exportSBOM: parameters: *ref_1 post: - description: >- - Returns the permissions that a caller has on the specified note or - occurrence. Requires list permission on the project (for example, - `containeranalysis.notes.list`). The resource takes the format - `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and - `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. - operationId: containeranalysis.projects.locations.occurrences.testIamPermissions + description: Generates an SBOM for the given resource. + operationId: containeranalysis.projects.locations.resources.exportSBOM requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/ExportSBOMRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7002,7 +7148,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ExportSBOMResponse' parameters: - in: path name: projectsId @@ -7015,15 +7161,20 @@ paths: schema: type: string - in: path - name: occurrencesId + name: resourcesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/occurrences:vulnerabilitySummary: + /v1/projects/{projectsId}/locations/{locationsId}/occurrences:batchCreate: parameters: *ref_1 - get: - description: Gets a summary of the number and severity of occurrences. - operationId: containeranalysis.projects.locations.occurrences.getVulnerabilitySummary + post: + description: Creates new occurrences in batch. + operationId: containeranalysis.projects.locations.occurrences.batchCreate + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BatchCreateOccurrencesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7035,7 +7186,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VulnerabilityOccurrencesSummary' + $ref: '#/components/schemas/BatchCreateOccurrencesResponse' parameters: - in: path name: projectsId @@ -7047,19 +7198,13 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: returnPartialSuccess - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/notes/{notesId}: + /v1/projects/{projectsId}/locations/{locationsId}/occurrences/{occurrencesId}/notes: parameters: *ref_1 get: - description: Gets the specified note. - operationId: containeranalysis.projects.locations.notes.get + description: >- + Gets the note attached to the specified occurrence. Consumer projects + can use this method to get a note that belongs to a provider project. + operationId: containeranalysis.projects.locations.occurrences.getNotes security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7084,13 +7229,26 @@ paths: schema: type: string - in: path - name: notesId + name: occurrencesId required: true schema: type: string - delete: - description: Deletes the specified note. - operationId: containeranalysis.projects.locations.notes.delete + /v1/projects/{projectsId}/locations/{locationsId}/occurrences/{occurrencesId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified note or occurrence. + Requires `containeranalysis.notes.setIamPolicy` or + `containeranalysis.occurrences.setIamPolicy` permission if the resource + is a note or an occurrence, respectively. The resource takes the format + `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and + `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. + operationId: containeranalysis.projects.locations.occurrences.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7102,7 +7260,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7115,18 +7273,20 @@ paths: schema: type: string - in: path - name: notesId + name: occurrencesId required: true schema: type: string - patch: - description: Updates the specified note. - operationId: containeranalysis.projects.locations.notes.patch + /v1/projects/{projectsId}/locations/{locationsId}/occurrences: + parameters: *ref_1 + post: + description: Creates a new occurrence. + operationId: containeranalysis.projects.locations.occurrences.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Note' + $ref: '#/components/schemas/Occurrence' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7138,7 +7298,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Note' + $ref: '#/components/schemas/Occurrence' parameters: - in: path name: projectsId @@ -7150,21 +7310,9 @@ paths: required: true schema: type: string - - in: path - name: notesId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/notes: - parameters: *ref_1 get: - description: Lists notes for the specified project. - operationId: containeranalysis.projects.locations.notes.list + description: Lists occurrences for the specified project. + operationId: containeranalysis.projects.locations.occurrences.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7176,7 +7324,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListNotesResponse' + $ref: '#/components/schemas/ListOccurrencesResponse' parameters: - in: path name: projectsId @@ -7197,22 +7345,30 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - in: query name: returnPartialSuccess schema: type: boolean + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/occurrences/{occurrencesId}:getIamPolicy: + parameters: *ref_1 post: - description: Creates a new note. - operationId: containeranalysis.projects.locations.notes.create + description: >- + Gets the access control policy for a note or an occurrence resource. + Requires `containeranalysis.notes.setIamPolicy` or + `containeranalysis.occurrences.setIamPolicy` permission if the resource + is a note or occurrence, respectively. The resource takes the format + `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and + `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. + operationId: containeranalysis.projects.locations.occurrences.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/Note' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7224,7 +7380,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Note' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7236,20 +7392,21 @@ paths: required: true schema: type: string - - in: query - name: noteId + - in: path + name: occurrencesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notes:batchCreate: + /v1/projects/{projectsId}/locations/{locationsId}/occurrences/{occurrencesId}: parameters: *ref_1 - post: - description: Creates new notes in batch. - operationId: containeranalysis.projects.locations.notes.batchCreate + patch: + description: Updates the specified occurrence. + operationId: containeranalysis.projects.locations.occurrences.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/BatchCreateNotesRequest' + $ref: '#/components/schemas/Occurrence' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7261,7 +7418,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BatchCreateNotesResponse' + $ref: '#/components/schemas/Occurrence' parameters: - in: path name: projectsId @@ -7273,22 +7430,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notes/{notesId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified note or occurrence. - Requires `containeranalysis.notes.setIamPolicy` or - `containeranalysis.occurrences.setIamPolicy` permission if the resource - is a note or an occurrence, respectively. The resource takes the format - `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and - `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. - operationId: containeranalysis.projects.locations.notes.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + - in: path + name: occurrencesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets the specified occurrence. + operationId: containeranalysis.projects.locations.occurrences.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7300,7 +7454,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Occurrence' parameters: - in: path name: projectsId @@ -7313,26 +7467,16 @@ paths: schema: type: string - in: path - name: notesId + name: occurrencesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notes/{notesId}:getIamPolicy: - parameters: *ref_1 - post: + delete: description: >- - Gets the access control policy for a note or an occurrence resource. - Requires `containeranalysis.notes.setIamPolicy` or - `containeranalysis.occurrences.setIamPolicy` permission if the resource - is a note or occurrence, respectively. The resource takes the format - `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and - `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. - operationId: containeranalysis.projects.locations.notes.getIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + Deletes the specified occurrence. For example, use this method to delete + an occurrence when the occurrence is no longer applicable for the given + resource. + operationId: containeranalysis.projects.locations.occurrences.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7344,7 +7488,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -7357,11 +7501,11 @@ paths: schema: type: string - in: path - name: notesId + name: occurrencesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notes/{notesId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/occurrences/{occurrencesId}:testIamPermissions: parameters: *ref_1 post: description: >- @@ -7370,7 +7514,7 @@ paths: `containeranalysis.notes.list`). The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. - operationId: containeranalysis.projects.locations.notes.testIamPermissions + operationId: containeranalysis.projects.locations.occurrences.testIamPermissions requestBody: content: application/json: @@ -7400,18 +7544,15 @@ paths: schema: type: string - in: path - name: notesId + name: occurrencesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/notes/{notesId}/occurrences: + /v1/projects/{projectsId}/locations/{locationsId}/occurrences:vulnerabilitySummary: parameters: *ref_1 get: - description: >- - Lists occurrences referencing the specified note. Provider projects can - use this method to get all occurrences across consumer projects - referencing the specified note. - operationId: containeranalysis.projects.locations.notes.occurrences.list + description: Gets a summary of the number and severity of occurrences. + operationId: containeranalysis.projects.locations.occurrences.getVulnerabilitySummary security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7423,7 +7564,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListNoteOccurrencesResponse' + $ref: '#/components/schemas/VulnerabilityOccurrencesSummary' parameters: - in: path name: projectsId @@ -7435,34 +7576,24 @@ paths: required: true schema: type: string - - in: path - name: notesId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - in: query - name: pageSize + name: returnPartialSuccess schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/resources/{resourcesId}:exportSBOM: + /v1/projects/{projectsId}/occurrences/{occurrencesId}: parameters: *ref_1 - post: - description: Generates an SBOM for the given resource. - operationId: containeranalysis.projects.locations.resources.exportSBOM + patch: + description: Updates the specified occurrence. + operationId: containeranalysis.projects.occurrences.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/ExportSBOMRequest' + $ref: '#/components/schemas/Occurrence' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7474,7 +7605,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ExportSBOMResponse' + $ref: '#/components/schemas/Occurrence' parameters: - in: path name: projectsId @@ -7482,20 +7613,21 @@ paths: schema: type: string - in: path - name: locationsId + name: occurrencesId required: true schema: type: string - - in: path - name: resourcesId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/notes/{notesId}: - parameters: *ref_1 - get: - description: Gets the specified note. - operationId: containeranalysis.projects.notes.get + format: google-fieldmask + delete: + description: >- + Deletes the specified occurrence. For example, use this method to delete + an occurrence when the occurrence is no longer applicable for the given + resource. + operationId: containeranalysis.projects.occurrences.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7507,7 +7639,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Note' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -7515,13 +7647,13 @@ paths: schema: type: string - in: path - name: notesId + name: occurrencesId required: true schema: type: string - delete: - description: Deletes the specified note. - operationId: containeranalysis.projects.notes.delete + get: + description: Gets the specified occurrence. + operationId: containeranalysis.projects.occurrences.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7533,7 +7665,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Occurrence' parameters: - in: path name: projectsId @@ -7541,18 +7673,20 @@ paths: schema: type: string - in: path - name: notesId + name: occurrencesId required: true schema: type: string - patch: - description: Updates the specified note. - operationId: containeranalysis.projects.notes.patch + /v1/projects/{projectsId}/occurrences: + parameters: *ref_1 + post: + description: Creates a new occurrence. + operationId: containeranalysis.projects.occurrences.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Note' + $ref: '#/components/schemas/Occurrence' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7564,28 +7698,16 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Note' + $ref: '#/components/schemas/Occurrence' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: notesId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/notes: - parameters: *ref_1 get: - description: Lists notes for the specified project. - operationId: containeranalysis.projects.notes.list + description: Lists occurrences for the specified project. + operationId: containeranalysis.projects.occurrences.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7597,7 +7719,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListNotesResponse' + $ref: '#/components/schemas/ListOccurrencesResponse' parameters: - in: path name: projectsId @@ -7605,62 +7727,32 @@ paths: schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: pageSize + name: returnPartialSuccess schema: - type: integer - format: int32 + type: boolean - in: query name: pageToken schema: type: string - in: query - name: returnPartialSuccess - schema: - type: boolean - post: - description: Creates a new note. - operationId: containeranalysis.projects.notes.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Note' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Note' - parameters: - - in: path - name: projectsId - required: true + name: filter schema: type: string - in: query - name: noteId + name: pageSize schema: - type: string - /v1/projects/{projectsId}/notes:batchCreate: + type: integer + format: int32 + /v1/projects/{projectsId}/occurrences:batchCreate: parameters: *ref_1 post: - description: Creates new notes in batch. - operationId: containeranalysis.projects.notes.batchCreate + description: Creates new occurrences in batch. + operationId: containeranalysis.projects.occurrences.batchCreate requestBody: content: application/json: schema: - $ref: '#/components/schemas/BatchCreateNotesRequest' + $ref: '#/components/schemas/BatchCreateOccurrencesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7672,14 +7764,14 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BatchCreateNotesResponse' + $ref: '#/components/schemas/BatchCreateOccurrencesResponse' parameters: - in: path name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/notes/{notesId}:setIamPolicy: + /v1/projects/{projectsId}/occurrences/{occurrencesId}:setIamPolicy: parameters: *ref_1 post: description: >- @@ -7689,7 +7781,7 @@ paths: is a note or an occurrence, respectively. The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. - operationId: containeranalysis.projects.notes.setIamPolicy + operationId: containeranalysis.projects.occurrences.setIamPolicy requestBody: content: application/json: @@ -7714,11 +7806,11 @@ paths: schema: type: string - in: path - name: notesId + name: occurrencesId required: true schema: type: string - /v1/projects/{projectsId}/notes/{notesId}:getIamPolicy: + /v1/projects/{projectsId}/occurrences/{occurrencesId}:getIamPolicy: parameters: *ref_1 post: description: >- @@ -7728,7 +7820,7 @@ paths: is a note or occurrence, respectively. The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. - operationId: containeranalysis.projects.notes.getIamPolicy + operationId: containeranalysis.projects.occurrences.getIamPolicy requestBody: content: application/json: @@ -7753,11 +7845,11 @@ paths: schema: type: string - in: path - name: notesId + name: occurrencesId required: true schema: type: string - /v1/projects/{projectsId}/notes/{notesId}:testIamPermissions: + /v1/projects/{projectsId}/occurrences/{occurrencesId}:testIamPermissions: parameters: *ref_1 post: description: >- @@ -7766,7 +7858,7 @@ paths: `containeranalysis.notes.list`). The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences. - operationId: containeranalysis.projects.notes.testIamPermissions + operationId: containeranalysis.projects.occurrences.testIamPermissions requestBody: content: application/json: @@ -7791,18 +7883,15 @@ paths: schema: type: string - in: path - name: notesId + name: occurrencesId required: true schema: type: string - /v1/projects/{projectsId}/notes/{notesId}/occurrences: + /v1/projects/{projectsId}/occurrences:vulnerabilitySummary: parameters: *ref_1 get: - description: >- - Lists occurrences referencing the specified note. Provider projects can - use this method to get all occurrences across consumer projects - referencing the specified note. - operationId: containeranalysis.projects.notes.occurrences.list + description: Gets a summary of the number and severity of occurrences. + operationId: containeranalysis.projects.occurrences.getVulnerabilitySummary security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7814,41 +7903,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListNoteOccurrencesResponse' + $ref: '#/components/schemas/VulnerabilityOccurrencesSummary' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: notesId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - in: query - name: pageSize + name: returnPartialSuccess schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: filter schema: type: string - /v1/projects/{projectsId}/resources/{resourcesId}:exportSBOM: + /v1/projects/{projectsId}/occurrences/{occurrencesId}/notes: parameters: *ref_1 - post: - description: Generates an SBOM for the given resource. - operationId: containeranalysis.projects.resources.exportSBOM - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ExportSBOMRequest' + get: + description: >- + Gets the note attached to the specified occurrence. Consumer projects + can use this method to get a note that belongs to a provider project. + operationId: containeranalysis.projects.occurrences.getNotes security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7860,7 +7936,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ExportSBOMResponse' + $ref: '#/components/schemas/Note' parameters: - in: path name: projectsId @@ -7868,7 +7944,7 @@ paths: schema: type: string - in: path - name: resourcesId + name: occurrencesId required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/contentwarehouse.yaml b/providers/src/googleapis.com/v00.00.00000/services/contentwarehouse.yaml index aace6810..ffb47b63 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/contentwarehouse.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/contentwarehouse.yaml @@ -8,7 +8,7 @@ info: description: '' version: v1 x-discovery-doc-revision: '20250206' - x-generated-date: '2025-08-28' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/document-warehouse servers: @@ -34,409 +34,517 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleCloudDocumentaiV1DocumentPageDetectedBarcode: - type: object - id: GoogleCloudDocumentaiV1DocumentPageDetectedBarcode + GoogleCloudDocumentaiV1DocumentPageTokenStyleInfo: + description: Font and other text style attributes. properties: - layout: - description: Layout for DetectedBarcode. - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' - barcode: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1Barcode' - description: Detailed barcode information of the DetectedBarcode. - description: A detected barcode. - GoogleCloudContentwarehouseV1RequestMetadata: + pixelFontSize: + description: >- + Font size in pixels, equal to _unrounded font_size_ * _resolution_ ÷ + `72.0`. + type: number + format: double + smallcaps: + type: boolean + description: >- + Whether the text is in small caps. This feature is not supported + yet. + letterSpacing: + format: double + description: Letter spacing in points. + type: number + fontType: + type: string + description: Name or style of the font. + subscript: + description: Whether the text is a subscript. This feature is not supported yet. + type: boolean + italic: + description: Whether the text is italic. + type: boolean + fontSize: + format: int32 + type: integer + description: Font size in points (`1` point is `¹⁄₇₂` inches). + fontWeight: + description: >- + TrueType weight on a scale `100` (thin) to `1000` (ultra-heavy). + Normal is `400`, bold is `700`. + format: int32 + type: integer + superscript: + type: boolean + description: >- + Whether the text is a superscript. This feature is not supported + yet. + textColor: + description: Color of the text. + $ref: '#/components/schemas/GoogleTypeColor' + strikeout: + description: >- + Whether the text is strikethrough. This feature is not supported + yet. + type: boolean + underlined: + description: Whether the text is underlined. + type: boolean + handwritten: + type: boolean + description: Whether the text is handwritten. + bold: + description: >- + Whether the text is bold (equivalent to font_weight is at least + `700`). + type: boolean + backgroundColor: + description: Color of the background. + $ref: '#/components/schemas/GoogleTypeColor' + id: GoogleCloudDocumentaiV1DocumentPageTokenStyleInfo type: object - id: GoogleCloudContentwarehouseV1RequestMetadata - description: Meta information is used to improve the performance of the service. - properties: - userInfo: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1UserInfo' - description: Provides user unique identification and groups information. - GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableRow: - properties: - cells: - items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableCell - description: A table row is a list of table cells. - type: array - id: >- - GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableRow - description: Represents a row in a table. + GoogleIamV1AuditLogConfig: + id: GoogleIamV1AuditLogConfig type: object - GoogleCloudContentwarehouseV1InitializeProjectResponse: - description: Response message for projectService.InitializeProject + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. properties: - state: - description: The state of the project initialization process. + logType: type: string enumDescriptions: - - Clients should never see this. - - Finished project initialization without error. - - Finished project initialization with an error. - - Client canceled the LRO. - - Ask the customer to check the operation for results. + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + description: The log type that this config enables. enum: - - STATE_UNSPECIFIED - - SUCCEEDED - - FAILED - - CANCELLED - - RUNNING - message: - type: string - description: The message of the project initialization process. - type: object - id: GoogleCloudContentwarehouseV1InitializeProjectResponse - GoogleCloudContentwarehouseV1GetDocumentRequest: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + exemptedMembers: + items: + type: string + type: array + description: >- + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutListBlock: type: object - description: Request message for DocumentService.GetDocument. - id: GoogleCloudContentwarehouseV1GetDocumentRequest + description: Represents a list type block. properties: - requestMetadata: + type: description: >- - The meta information collected about the end user, used to enforce - access control for the service. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' - GoogleCloudContentwarehouseV1DeleteDocumentRequest: - description: Request message for DocumentService.DeleteDocument. + Type of the list_entries (if exist). Available options are `ordered` + and `unordered`. + type: string + listEntries: + type: array + description: List entries that constitute a list block. + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutListEntry + id: >- + GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutListBlock + GoogleCloudContentwarehouseV1CreateDocumentLinkRequest: + description: Request message for DocumentLinkService.CreateDocumentLink. type: object - id: GoogleCloudContentwarehouseV1DeleteDocumentRequest properties: + documentLink: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentLink' + description: >- + Required. Document links associated with the source documents + (source_document_id). requestMetadata: description: >- - The meta information collected about the end user, used to enforce - access control for the service. + The meta information collected about the document creator, used to + enforce access control for the service. $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' - GoogleCloudDocumentaiV1DocumentPageVisualElement: - id: GoogleCloudDocumentaiV1DocumentPageVisualElement + id: GoogleCloudContentwarehouseV1CreateDocumentLinkRequest + GoogleCloudContentwarehouseV1LockDocumentRequest: + type: object + id: GoogleCloudContentwarehouseV1LockDocumentRequest properties: - detectedLanguages: - description: A list of detected languages together with confidence. - items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedLanguage - type: array - layout: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' - description: Layout for VisualElement. - type: - description: Type of the VisualElement. + lockingUser: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1UserInfo' + description: The user information who locks the document. + collectionId: + description: The collection the document connects to. type: string + description: Request message for DocumentService.LockDocument. + GoogleCloudDocumentaiV1Document: description: >- - Detected non-text visual elements e.g. checkbox, signature etc. on the - page. - type: object - GoogleTypeTimeZone: + Document represents the canonical document resource in Document AI. It + is an interchange format that provides insights into documents and + allows for collaboration between users and Document AI to iterate and + optimize for quality. properties: - id: - type: string - description: IANA Time Zone Database time zone. For example "America/New_York". - version: + content: + format: byte description: >- - Optional. IANA Time Zone Database version number. For example - "2019a". + Optional. Inline document content, represented as a stream of bytes. + Note: As with all `bytes` fields, protobuffers use a pure binary + representation, whereas JSON representations use base64. type: string - type: object - description: >- - Represents a time zone from the [IANA Time Zone - Database](https://www.iana.org/time-zones). - id: GoogleTypeTimeZone - GoogleCloudContentwarehouseV1IngestPipelineConfig: - type: object - description: The ingestion pipeline config. - properties: - documentAclPolicy: + textStyles: + description: Styles for the Document.text. + type: array + deprecated: true + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentStyle' + uri: description: >- - The document level acl policy config. This refers to an Identity and - Access (IAM) policy, which specifies access controls for all - documents ingested by the pipeline. The role and members under the - policy needs to be specified. The following roles are supported for - document level acl control: * roles/contentwarehouse.documentAdmin * - roles/contentwarehouse.documentEditor * - roles/contentwarehouse.documentViewer The following members are - supported for document level acl control: * - user:user-email@example.com * group:group-email@example.com Note - that for documents searched with LLM, only single level user or - group acl check is supported. - $ref: '#/components/schemas/GoogleIamV1Policy' - cloudFunction: + Optional. Currently supports Google Cloud Storage URI of the form + `gs://bucket_name/object_name`. Object versioning is not supported. + For more information, refer to [Google Cloud Storage Request + URIs](https://cloud.google.com/storage/docs/reference-uris). + type: string + mimeType: description: >- - The Cloud Function resource name. The Cloud Function needs to live - inside consumer project and is accessible to Document AI Warehouse - P4SA. Only Cloud Functions V2 is supported. Cloud function execution - should complete within 5 minutes or this file ingestion may fail due - to timeout. Format: - `https://{region}-{project_id}.cloudfunctions.net/{cloud_function}` - The following keys are available the request json payload. * - display_name * properties * plain_text * reference_id * - document_schema_name * raw_document_path * raw_document_file_type - The following keys from the cloud function json response payload - will be ingested to the Document AI Warehouse as part of Document - proto content and/or related information. The original values will - be overridden if any key is present in the response. * display_name - * properties * plain_text * document_acl_policy * folder - type: string - enableDocumentTextExtraction: - description: >- - The document text extraction enabled flag. If the flag is set to - true, DWH will perform text extraction on the raw document. - type: boolean - folder: - description: >- - Optional. The name of the folder to which all ingested documents - will be linked during ingestion process. Format is - `projects/{project}/locations/{location}/documents/{folder_id}` + An IANA published [media type (MIME + type)](https://www.iana.org/assignments/media-types/media-types.xhtml). type: string - id: GoogleCloudContentwarehouseV1IngestPipelineConfig - GoogleCloudDocumentaiV1DocumentPageSymbol: - description: A detected symbol. - type: object - properties: - layout: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' - description: Layout for Symbol. - detectedLanguages: + pages: type: array - description: A list of detected languages together with confidence. + description: Visual page layout for the Document. items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedLanguage - id: GoogleCloudDocumentaiV1DocumentPageSymbol - GoogleCloudContentwarehouseV1WeightedSchemaProperty: - properties: - propertyNames: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPage' + entityRelations: + description: Placeholder. Relationship among Document.entities. type: array items: - type: string - description: The property definition names in the schema. - documentSchemaName: - description: The document schema name. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentEntityRelation' + textChanges: + description: >- + Placeholder. A list of text corrections made to Document.text. This + is usually used for annotating corrections to OCR mistakes. Text + changes for a given revision may not overlap with each other. + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentTextChange' + type: array + chunkedDocument: + description: Document chunked based on chunking config. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentChunkedDocument' + error: + description: Any error that occurred while processing this document. + $ref: '#/components/schemas/GoogleRpcStatus' + entities: + type: array + description: >- + A list of entities detected on Document.text. For document shards, + entities in this list may cross shard boundaries. + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentEntity' + documentLayout: + description: Parsed layout of the document. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayout' + shardInfo: + description: >- + Information about the sharding if this document is sharded part of a + larger document. If the document is not sharded, this message is not + specified. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentShardInfo' + text: type: string - id: GoogleCloudContentwarehouseV1WeightedSchemaProperty - description: Specifies the schema property name. + description: Optional. UTF-8 encoded text in reading order from the document. + revisions: + description: Placeholder. Revision history of this document. + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentRevision' + type: array type: object - GoogleCloudDocumentaiV1DocumentChunkedDocumentChunk: + id: GoogleCloudDocumentaiV1Document + GoogleCloudContentwarehouseV1DocumentReference: + id: GoogleCloudContentwarehouseV1DocumentReference type: object - id: GoogleCloudDocumentaiV1DocumentChunkedDocumentChunk - description: Represents a chunk. properties: - sourceBlockIds: - items: - type: string - type: array - description: Unused. - chunkId: + documentName: type: string - description: ID of the chunk. - pageSpan: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageSpan - description: Page span of the chunk. - content: + description: Required. Name of the referenced document. + deleteTime: type: string - description: Text content of the chunk. + format: google-datetime + description: Output only. The time when the document is deleted. + readOnly: true + updateTime: + description: Output only. The time when the document is last updated. + type: string + format: google-datetime + readOnly: true + documentIsLegalHoldFolder: + type: boolean + description: Document is a folder with legal hold. + documentIsFolder: + description: The document type of the document being referenced. + type: boolean + createTime: + description: Output only. The time when the document is created. + readOnly: true + type: string + format: google-datetime + snippet: + type: string + description: >- + Stores the subset of the referenced document's content. This is + useful to allow user peek the information of the referenced + document. + displayName: + description: >- + display_name of the referenced document; this name does not need to + be consistent to the display_name in the Document proto, depending + on the ACL constraint. + type: string + documentIsRetentionFolder: + description: Document is a folder with retention policy. + type: boolean + description: References to the documents. + GoogleCloudDocumentaiV1DocumentChunkedDocumentChunk: + id: GoogleCloudDocumentaiV1DocumentChunkedDocumentChunk + type: object + description: Represents a chunk. + properties: pageHeaders: description: Page headers associated with the chunk. type: array items: $ref: >- #/components/schemas/GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageHeader + content: + description: Text content of the chunk. + type: string pageFooters: - description: Page footers associated with the chunk. - type: array items: $ref: >- #/components/schemas/GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageFooter - CloudAiPlatformTenantresourceGcsBucketConfig: - id: CloudAiPlatformTenantresourceGcsBucketConfig - properties: - viewers: - description: Input/Output [Required]. IAM roles (viewer/admin) put on the bucket. type: array - items: - type: string - kmsKeyReference: - description: >- - Input/Output [Optional]. The KMS key name or the KMS grant name used - for CMEK encryption. Only set this field when provisioning new GCS - bucket. For existing GCS bucket, this field will be ignored because - CMEK re-encryption is not supported. - type: string - ttlDays: - format: int32 - description: >- - Input/Output [Optional]. Only needed when the content in bucket need - to be garbage collected within some amount of days. - type: integer - entityName: - description: >- - Input/Output [Optional]. Only needed for per-entity tenant GCP - resources. During Deprovision API, the on-demand deletion will only - cover the tenant GCP resources with the specified entity name. + description: Page footers associated with the chunk. + pageSpan: + description: Page span of the chunk. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageSpan + chunkId: type: string - admins: + description: ID of the chunk. + sourceBlockIds: items: type: string + description: Unused. type: array - bucketName: - type: string + GoogleCloudDocumentaiV1NormalizedVertex: + properties: + 'y': + description: Y coordinate (starts from the top of the image). + format: float + type: number + x: + format: float + description: X coordinate. + type: number + type: object + id: GoogleCloudDocumentaiV1NormalizedVertex + description: >- + A vertex represents a 2D point in the image. NOTE: the normalized vertex + coordinates are relative to the original image and range from 0 to 1. + GoogleCloudContentwarehouseV1SetAclResponse: + description: Response message for DocumentService.SetAcl. + id: GoogleCloudContentwarehouseV1SetAclResponse + type: object + properties: + policy: + $ref: '#/components/schemas/GoogleIamV1Policy' + description: The policy will be attached to a resource (e.g. projecct, document). + metadata: description: >- - Input/Output [Optional]. The name of a GCS bucket with max length of - 63 chars. If not set, a random UUID will be generated as bucket - name. + Additional information for the API invocation, such as the request + tracking id. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ResponseMetadata' + GoogleCloudDocumentaiV1DocumentPageVisualElement: + id: GoogleCloudDocumentaiV1DocumentPageVisualElement type: object - description: The identity to configure a GCS bucket. - GoogleCloudContentwarehouseV1InitializeProjectRequest: + description: >- + Detected non-text visual elements e.g. checkbox, signature etc. on the + page. properties: - documentCreatorDefaultRole: - enum: - - DOCUMENT_CREATOR_DEFAULT_ROLE_UNSPECIFIED - - DOCUMENT_ADMIN - - DOCUMENT_EDITOR - - DOCUMENT_VIEWER - enumDescriptions: - - Unspecified, will be default to document admin role. - - >- - Document Admin, same as - contentwarehouse.googleapis.com/documentAdmin. - - >- - Document Editor, same as - contentwarehouse.googleapis.com/documentEditor. - - >- - Document Viewer, same as - contentwarehouse.googleapis.com/documentViewer. - description: Optional. The default role for the person who create a document. + detectedLanguages: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedLanguage + description: A list of detected languages together with confidence. + layout: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' + description: Layout for VisualElement. + type: + description: Type of the VisualElement. type: string - databaseType: - enumDeprecated: - - false - - false - - true - enum: - - DB_UNKNOWN - - DB_INFRA_SPANNER - - DB_CLOUD_SQL_POSTGRES - enumDescriptions: - - This value is required by protobuf best practices - - Internal Spanner - - Cloud Sql with a Postgres Sql instance - description: Required. The type of database used to store customer data + GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableCell: + description: Represents a cell in a table row. + type: object + id: >- + GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableCell + properties: + blocks: + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlock + type: array + description: >- + A table cell is a list of blocks. Repeated blocks support further + hierarchies and nested blocks. + rowSpan: + format: int32 + type: integer + description: How many rows this cell spans. + colSpan: + description: How many columns this cell spans. + type: integer + format: int32 + GoogleCloudContentwarehouseV1TimestampValue: + description: Timestamp value type. + properties: + timestampValue: + format: google-datetime type: string - kmsKey: + description: Timestamp value + textValue: type: string description: >- - Optional. The KMS key used for CMEK encryption. It is required that - the kms key is in the same region as the endpoint. The same key will - be used for all provisioned resources, if encryption is available. - If the kms_key is left empty, no encryption will be enforced. - accessControlMode: - enumDescriptions: - - This value is required by protobuf best practices - - 'Universal Access: No document level access control.' - - Document level access control with customer own Identity Service. - - Document level access control using Google Cloud Identity. - description: Required. The access control mode for accessing the customer data - type: string - enum: - - ACL_MODE_UNKNOWN - - ACL_MODE_UNIVERSAL_ACCESS - - ACL_MODE_DOCUMENT_LEVEL_ACCESS_CONTROL_BYOID - - ACL_MODE_DOCUMENT_LEVEL_ACCESS_CONTROL_GCI - enableCalUserEmailLogging: - description: Optional. Whether to enable CAL user email logging. - type: boolean - description: Request message for projectService.InitializeProject + The string must represent a valid instant in UTC and is parsed using + java.time.format.DateTimeFormatter.ISO_INSTANT. e.g. + "2013-09-29T18:46:19Z" type: object - id: GoogleCloudContentwarehouseV1InitializeProjectRequest - GoogleCloudContentwarehouseV1ActionOutput: - id: GoogleCloudContentwarehouseV1ActionOutput + id: GoogleCloudContentwarehouseV1TimestampValue + GoogleCloudContentwarehouseV1UpdateDocumentMetadata: + id: GoogleCloudContentwarehouseV1UpdateDocumentMetadata + properties: {} type: object - description: Represents the result of executing an action. + description: Metadata object for UpdateDocument request (currently empty). + GoogleCloudContentwarehouseV1FileTypeFilter: + description: Filter for the specific types of documents returned. + id: GoogleCloudContentwarehouseV1FileTypeFilter properties: - outputMessage: - description: Action execution output message. + fileType: type: string - actionState: - enumDescriptions: - - The unknown state. - - State indicating action executed successfully. - - State indicating action failed. - - State indicating action timed out. - - State indicating action is pending. + description: The type of files to return. enum: - - UNKNOWN - - ACTION_SUCCEEDED - - ACTION_FAILED - - ACTION_TIMED_OUT - - ACTION_PENDING - type: string - description: State of an action. - actionId: - type: string - description: ID of the action. - GoogleCloudContentwarehouseV1HistogramQuery: - description: The histogram request. - id: GoogleCloudContentwarehouseV1HistogramQuery + - FILE_TYPE_UNSPECIFIED + - ALL + - FOLDER + - DOCUMENT + - ROOT_FOLDER + enumDescriptions: + - Default document type. If set, disables the filter. + - Returns all document types, including folders. + - Returns only folders. + - Returns only non-folder documents. + - Returns only root folders + type: object + GoogleCloudContentwarehouseV1SetAclRequest: + type: object + description: Request message for DocumentService.SetAcl. + id: GoogleCloudContentwarehouseV1SetAclRequest properties: - requirePreciseResultSize: - type: boolean + requestMetadata: description: >- - Controls if the histogram query requires the return of a precise - count. Enable this flag may adversely impact performance. Defaults - to true. - filters: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1HistogramQueryPropertyNameFilter + The meta information collected about the end user, used to enforce + access control for the service. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' + projectOwner: + type: boolean description: >- - Optional. Filter the result of histogram query by the property - names. It only works with histogram query - count('FilterableProperties'). It is an optional. It will perform - histogram on all the property names for all the document schemas. - Setting this field will have a better performance. - histogramQuery: - type: string + For Set Project ACL only. Authorization check for end user will be + ignored when project_owner=true. + policy: + $ref: '#/components/schemas/GoogleIamV1Policy' description: >- - An expression specifies a histogram request against matching - documents for searches. See SearchDocumentsRequest.histogram_queries - for details about syntax. + Required. REQUIRED: The complete policy to be applied to the + `resource`. The size of the policy is limited to a few 10s of KB. + This refers to an Identity and Access (IAM) policy, which specifies + access controls for the Document. You can set ACL with condition for + projects only. Supported operators are: `=`, `!=`, `<`, `<=`, `>`, + and `>=` where the left of the operator is `DocumentSchemaId` or + property name and the right of the operator is a number or a quoted + string. You must escape backslash (\\) and quote (\") characters. + Boolean expressions (AND/OR) are supported up to 3 levels of nesting + (for example, "((A AND B AND C) OR D) AND E"), a maximum of 10 + comparisons are allowed in the expression. The expression must be < + 6000 bytes in length. Sample condition: `"DocumentSchemaId = \"some + schema id\" OR SchemaId.floatPropertyName >= 10"` + GoogleCloudContentwarehouseV1InitializeProjectResponse: + id: GoogleCloudContentwarehouseV1InitializeProjectResponse type: object - GoogleCloudDocumentaiV1DocumentRevisionHumanReview: - id: GoogleCloudDocumentaiV1DocumentRevisionHumanReview - description: Human Review information of the document. + description: Response message for projectService.InitializeProject properties: - stateMessage: - description: >- - A message providing more details about the current state of - processing. For example, the rejection reason when the state is - `rejected`. + message: + description: The message of the project initialization process. type: string state: + description: The state of the project initialization process. + enumDescriptions: + - Clients should never see this. + - Finished project initialization without error. + - Finished project initialization with an error. + - Client canceled the LRO. + - Ask the customer to check the operation for results. + enum: + - STATE_UNSPECIFIED + - SUCCEEDED + - FAILED + - CANCELLED + - RUNNING type: string - description: Human review state. e.g. `requested`, `succeeded`, `rejected`. + GoogleTypeExpr: + id: GoogleTypeExpr type: object - GoogleCloudContentwarehouseV1ListDocumentSchemasResponse: + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. properties: - nextPageToken: + location: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: string + expression: + type: string + description: >- + Textual representation of an expression in Common Expression + Language syntax. + description: + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + title: + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. type: string - documentSchemas: - description: The document schemas from the specified parent. - type: array - items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentSchema' - id: GoogleCloudContentwarehouseV1ListDocumentSchemasResponse - type: object - description: Response message for DocumentSchemaService.ListDocumentSchemas. GoogleCloudContentwarehouseV1PropertyFilter: + type: object + id: GoogleCloudContentwarehouseV1PropertyFilter properties: documentSchemaName: - type: string description: >- The Document schema name Document.document_schema_name. Format: projects/{project_number}/locations/{location}/documentSchemas/{document_schema_id}. + type: string condition: description: >- The filter condition. The syntax for this expression is a subset of @@ -468,1267 +576,1124 @@ components: deployment only supports: * Operators: `=`, `<`, `<=`, `>`, and `>=`. * Boolean expressions: AND and OR. type: string + GoogleCloudDocumentaiV1DocumentPageSymbol: + description: A detected symbol. + id: GoogleCloudDocumentaiV1DocumentPageSymbol type: object - id: GoogleCloudContentwarehouseV1PropertyFilter - GoogleCloudContentwarehouseV1ListRuleSetsResponse: - description: Response message for RuleSetService.ListRuleSets. properties: - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - ruleSets: - description: The rule sets from the specified parent. - type: array + layout: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' + description: Layout for Symbol. + detectedLanguages: + description: A list of detected languages together with confidence. + type: array items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleSet' - id: GoogleCloudContentwarehouseV1ListRuleSetsResponse - type: object - GoogleCloudContentwarehouseV1FloatTypeOptions: - description: Configurations for a float property. - id: GoogleCloudContentwarehouseV1FloatTypeOptions - properties: {} - type: object - CloudAiPlatformTenantresourceTenantServiceAccountIdentity: - properties: - serviceAccountEmail: - type: string - description: Output only. The email address of the generated service account. - serviceName: - type: string - description: >- - Input/Output [Required]. The service that the service account - belongs to. (e.g. cloudbuild.googleapis.com for GCB service - accounts) - id: CloudAiPlatformTenantresourceTenantServiceAccountIdentity - description: >- - The identity of service accounts that have been explicitly created under - tenant projects. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedLanguage + GoogleCloudDocumentaiV1DocumentPageTable: type: object - GoogleCloudDocumentaiV1DocumentPageToken: - description: A detected token. + description: A table representation similar to HTML table structure. properties: + headerRows: + description: Header rows of the table. + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentPageTableTableRow + type: array + provenance: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentProvenance' + description: The history of this table. + deprecated: true detectedLanguages: items: $ref: >- #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedLanguage - type: array description: A list of detected languages together with confidence. + type: array + bodyRows: + type: array + description: Body rows of the table. + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentPageTableTableRow layout: $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' - description: Layout for Token. - provenance: - description: The history of this annotation. - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentProvenance' - deprecated: true - styleInfo: - description: Text style attributes. - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentPageTokenStyleInfo - detectedBreak: - description: Detected break at the end of a Token. - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentPageTokenDetectedBreak - id: GoogleCloudDocumentaiV1DocumentPageToken + description: Layout for Table. + id: GoogleCloudDocumentaiV1DocumentPageTable + GoogleCloudContentwarehouseV1DateTimeArray: type: object - GoogleCloudContentwarehouseV1RuleActionsPair: properties: - rule: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Rule' - description: Represents the rule. - actionOutputs: + values: items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ActionOutput' + $ref: '#/components/schemas/GoogleTypeDateTime' + description: >- + List of datetime values. Both OffsetDateTime and ZonedDateTime are + supported. type: array - description: Outputs of executing the actions associated with the above rule. - description: Represents a rule and outputs of associated actions. + description: DateTime values. + id: GoogleCloudContentwarehouseV1DateTimeArray + GoogleCloudContentwarehouseV1UpdateDocumentSchemaRequest: type: object - id: GoogleCloudContentwarehouseV1RuleActionsPair - GoogleCloudDocumentaiV1DocumentEntityNormalizedValue: properties: - datetimeValue: - $ref: '#/components/schemas/GoogleTypeDateTime' - description: >- - DateTime value. Includes date, time, and timezone. See also: - https://github.com/googleapis/googleapis/blob/master/google/type/datetime.proto - addressValue: - description: >- - Postal address. See also: - https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto - $ref: '#/components/schemas/GoogleTypePostalAddress' - moneyValue: - description: >- - Money value. See also: - https://github.com/googleapis/googleapis/blob/master/google/type/money.proto - $ref: '#/components/schemas/GoogleTypeMoney' - floatValue: - format: float - type: number - description: Float value. - text: + documentSchema: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentSchema' + description: Required. The document schema to update with. + id: GoogleCloudContentwarehouseV1UpdateDocumentSchemaRequest + description: Request message for DocumentSchemaService.UpdateDocumentSchema. + GoogleCloudContentwarehouseV1ListRuleSetsResponse: + id: GoogleCloudContentwarehouseV1ListRuleSetsResponse + type: object + properties: + ruleSets: + description: The rule sets from the specified parent. + items: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleSet' + type: array + nextPageToken: description: >- - Optional. An optional field to store a normalized string. For some - entity types, one of respective `structured_value` fields may also - be populated. Also not all the types of `structured_value` will be - normalized. For example, some processors may not generate `float` or - `integer` normalized text by default. Below are sample formats - mapped to structured values. - Money/Currency type (`money_value`) - is in the ISO 4217 text format. - Date type (`date_value`) is in the - ISO 8601 text format. - Datetime type (`datetime_value`) is in the - ISO 8601 text format. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - integerValue: - description: Integer value. - format: int32 - type: integer - dateValue: - description: >- - Date value. Includes year, month, day. See also: - https://github.com/googleapis/googleapis/blob/master/google/type/date.proto - $ref: '#/components/schemas/GoogleTypeDate' - booleanValue: - description: >- - Boolean value. Can be used for entities with binary values, or for - checkboxes. - type: boolean + description: Response message for RuleSetService.ListRuleSets. + GoogleCloudContentwarehouseV1RemoveFromFolderAction: type: object - description: Parsed and normalized entity value. - id: GoogleCloudDocumentaiV1DocumentEntityNormalizedValue - GoogleCloudContentwarehouseV1DocumentReference: - description: References to the documents. - id: GoogleCloudContentwarehouseV1DocumentReference + description: >- + Represents the action responsible for remove a document from a specific + folder. properties: - documentIsRetentionFolder: - type: boolean - description: Document is a folder with retention policy. - documentIsLegalHoldFolder: - type: boolean - description: Document is a folder with legal hold. - displayName: + condition: + description: Condition of the action to be executed. + type: string + folder: description: >- - display_name of the referenced document; this name does not need to - be consistent to the display_name in the Document proto, depending - on the ACL constraint. + Name of the folder under which new document is to be added. Format: + projects/{project_number}/locations/{location}/documents/{document_id}. type: string + id: GoogleCloudContentwarehouseV1RemoveFromFolderAction + GoogleCloudContentwarehouseV1DocumentLink: + type: object + description: A document-link between source and target document. + id: GoogleCloudContentwarehouseV1DocumentLink + properties: + sourceDocumentReference: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentReference' + description: Document references of the source document. createTime: - description: Output only. The time when the document is created. + format: google-datetime readOnly: true + description: Output only. The time when the documentLink is created. type: string - format: google-datetime - documentName: - description: Required. Name of the referenced document. + state: + description: >- + The state of the documentlink. If target node has been deleted, the + link is marked as invalid. Removing a source node will result in + removal of all associated links. type: string + enumDescriptions: + - Unknown state of documentlink. + - The documentlink has both source and target documents detected. + - >- + Target document is deleted, and mark the documentlink as + soft-deleted. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - SOFT_DELETED updateTime: - description: Output only. The time when the document is last updated. readOnly: true - type: string format: google-datetime - snippet: - description: >- - Stores the subset of the referenced document's content. This is - useful to allow user peek the information of the referenced - document. type: string - deleteTime: - description: Output only. The time when the document is deleted. + description: Output only. The time when the documentLink is last updated. + description: type: string - readOnly: true - format: google-datetime - documentIsFolder: - type: boolean - description: The document type of the document being referenced. + description: Description of this document-link. + targetDocumentReference: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentReference' + description: Document references of the target document. + name: + description: >- + Name of this document-link. It is required that the parent derived + form the name to be consistent with the source document reference. + Otherwise an exception will be thrown. Format: + projects/{project_number}/locations/{location}/documents/{source_document_id}/documentLinks/{document_link_id}. + type: string + GoogleCloudDocumentaiV1Vertex: + properties: + x: + format: int32 + description: X coordinate. + type: integer + 'y': + format: int32 + description: Y coordinate (starts from the top of the image). + type: integer + description: >- + A vertex represents a 2D point in the image. NOTE: the vertex + coordinates are in the same scale as the original image. type: object - GoogleIamV1AuditLogConfig: + id: GoogleCloudDocumentaiV1Vertex + GoogleTypeInterval: + id: GoogleTypeInterval + description: >- + Represents a time interval, encoded as a Timestamp start (inclusive) and + a Timestamp end (exclusive). The start must be less than or equal to the + end. When the start equals the end, the interval is empty (matches no + time). When both start and end are unspecified, the interval matches any + time. type: object properties: - exemptedMembers: - items: - type: string - type: array + startTime: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - logType: + Optional. Inclusive start of the interval. If specified, a Timestamp + matching this interval will have to be the same or after the start. type: string - description: The log type that this config enables. - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' + format: google-datetime + endTime: + format: google-datetime + description: >- + Optional. Exclusive end of the interval. If specified, a Timestamp + matching this interval will have to be before the end. + type: string + GoogleCloudDocumentaiV1DocumentPageAnchor: + id: GoogleCloudDocumentaiV1DocumentPageAnchor description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - id: GoogleIamV1AuditLogConfig - GoogleCloudDocumentaiV1DocumentRevision: - description: Contains past or forward revisions of this document. - type: object + Referencing the visual context of the entity in the Document.pages. Page + anchors can be cross-page, consist of multiple bounding polygons and + optionally reference specific layout element types. properties: - parent: + pageRefs: + description: One or more references to visual page elements type: array items: - type: integer - format: int32 - description: >- - The revisions that this revision is based on. This can include one - or more parent (when documents are merged.) This field represents - the index into the `revisions` field. - deprecated: true - agent: - type: string - description: >- - If the change was made by a person specify the name or id of that - person. - humanReview: - description: Human Review information of this revision. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentPageAnchorPageRef + type: object + GoogleCloudContentwarehouseV1RunPipelineMetadata: + id: GoogleCloudContentwarehouseV1RunPipelineMetadata + properties: + exportToCdwPipelineMetadata: + description: The pipeline metadata for Export-to-CDW pipeline. $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentRevisionHumanReview - processor: - type: string - description: >- - If the annotation was made by processor identify the processor by - its resource name. - parentIds: + #/components/schemas/GoogleCloudContentwarehouseV1RunPipelineMetadataExportToCdwPipelineMetadata + userInfo: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1UserInfo' + description: User unique identification and groups information. + totalFileCount: + type: integer + format: int32 + description: Number of files that were processed by the pipeline. + individualDocumentStatuses: + description: The list of response details of each document. items: - type: string + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1RunPipelineMetadataIndividualDocumentStatus type: array - description: >- - The revisions that this revision is based on. Must include all the - ids that have anything to do with this revision - eg. there are - `provenance.parent.revision` fields that index into this field. - createTime: - type: string - format: google-datetime - description: >- - The time that the revision was created, internally generated by doc - proto storage at the time of create. - id: - description: >- - Id of the revision, internally generated by doc proto storage. - Unique within the context of the document. - type: string - id: GoogleCloudDocumentaiV1DocumentRevision + processWithDocAiPipelineMetadata: + description: The pipeline metadata for Process-with-DocAi pipeline. + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1RunPipelineMetadataProcessWithDocAiPipelineMetadata + gcsIngestPipelineMetadata: + description: The pipeline metadata for GcsIngest pipeline. + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1RunPipelineMetadataGcsIngestPipelineMetadata + failedFileCount: + description: Number of files that have failed at some point in the pipeline. + format: int32 + type: integer + description: Metadata message of RunPipeline method. + type: object GoogleCloudContentwarehouseV1Action: + description: Represents the action triggered by Rule Engine when the rule is true. properties: - accessControl: - description: Action triggering access control operations. - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1AccessControlAction + actionId: + type: string + description: ID of the action. Managed internally. dataValidation: - description: Action triggering data validation operations. $ref: >- #/components/schemas/GoogleCloudContentwarehouseV1DataValidationAction - publishToPubSub: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1PublishAction' - description: Action publish to Pub/Sub operation. + description: Action triggering data validation operations. deleteDocumentAction: $ref: >- #/components/schemas/GoogleCloudContentwarehouseV1DeleteDocumentAction description: Action deleting the document. + addToFolder: + description: Action triggering create document link operation. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1AddToFolderAction' + publishToPubSub: + description: Action publish to Pub/Sub operation. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1PublishAction' + dataUpdate: + description: Action triggering data update operations. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DataUpdateAction' + accessControl: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1AccessControlAction + description: Action triggering access control operations. removeFromFolderAction: description: Action removing a document from a folder. $ref: >- #/components/schemas/GoogleCloudContentwarehouseV1RemoveFromFolderAction - dataUpdate: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DataUpdateAction' - description: Action triggering data update operations. - addToFolder: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1AddToFolderAction' - description: Action triggering create document link operation. - actionId: - description: ID of the action. Managed internally. - type: string - description: Represents the action triggered by Rule Engine when the rule is true. id: GoogleCloudContentwarehouseV1Action type: object - GoogleCloudContentwarehouseV1ExportToCdwPipeline: - id: GoogleCloudContentwarehouseV1ExportToCdwPipeline - description: >- - The configuration of exporting documents from the Document Warehouse to - CDW pipeline. - type: object + GoogleCloudContentwarehouseV1RunPipelineMetadataIndividualDocumentStatus: properties: - exportFolderPath: + documentId: + description: Document identifier of an existing document. type: string - description: >- - The Cloud Storage folder path used to store the exported documents - before being sent to CDW. Format: `gs:///`. - trainingSplitRatio: - description: >- - Ratio of training dataset split. When importing into Document AI - Workbench, documents will be automatically split into training and - test split category with the specified ratio. This field is required - if doc_ai_dataset is set. + status: + $ref: '#/components/schemas/GoogleRpcStatus' + description: The status processing the document. + id: GoogleCloudContentwarehouseV1RunPipelineMetadataIndividualDocumentStatus + type: object + description: The status of processing a document. + GoogleCloudDocumentaiV1DocumentStyleFontSize: + type: object + description: Font size with unit. + properties: + size: + description: Font size for the text. type: number format: float - documents: - items: - type: string - description: >- - The list of all the resource names of the documents to be processed. - Format: - projects/{project_number}/locations/{location}/documents/{document_id}. - type: array - docAiDataset: + unit: description: >- - Optional. The CDW dataset resource name. This field is optional. If - not set, the documents will be exported to Cloud Storage only. - Format: - projects/{project}/locations/{location}/processors/{processor}/dataset + Unit for the font size. Follows CSS naming (such as `in`, `px`, and + `pt`). type: string - GoogleCloudDocumentaiV1DocumentPage: - id: GoogleCloudDocumentaiV1DocumentPage - description: A page in a Document. + id: GoogleCloudDocumentaiV1DocumentStyleFontSize + GoogleCloudContentwarehouseV1PropertyArray: + id: GoogleCloudContentwarehouseV1PropertyArray + description: Property values. type: object properties: - formFields: - description: A list of visually detected form fields on the page. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageFormField' - symbols: - description: A list of visually detected symbols on the page. + properties: type: array items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageSymbol' - blocks: - items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageBlock' - description: >- - A list of visually detected text blocks on the page. A block has a - set of lines (collected into paragraphs) that have a common - line-spacing and orientation. - type: array - transforms: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Property' + description: List of property values. + GoogleCloudContentwarehouseV1ResponseMetadata: + properties: + requestId: + type: string description: >- - Transformation matrices that were applied to the original document - image to produce Page.image. - type: array + A unique id associated with this call. This id is logged for + tracking purpose. + type: object + description: >- + Additional information returned to client, such as debugging + information. + id: GoogleCloudContentwarehouseV1ResponseMetadata + GoogleCloudContentwarehouseV1EnumArray: + id: GoogleCloudContentwarehouseV1EnumArray + type: object + description: Enum values. + properties: + values: + description: List of enum values. items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageMatrix' - visualElements: - description: >- - A list of detected non-text visual elements e.g. checkbox, signature - etc. on the page. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentPageVisualElement - layout: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' - description: Layout for the page. - imageQualityScores: - description: Image quality scores. - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentPageImageQualityScores - provenance: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentProvenance' - description: The history of this page. - deprecated: true - lines: - items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLine' + type: string type: array + GoogleApiServiceconsumermanagementV1BillingConfig: + id: GoogleApiServiceconsumermanagementV1BillingConfig + description: Describes the billing configuration for a new tenant project. + properties: + billingAccount: + type: string description: >- - A list of visually detected text lines on the page. A collection of - tokens that a human would perceive as a line. - image: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageImage' + Name of the billing account. For example + `billingAccounts/012345-567890-ABCDEF`. + type: object + GoogleCloudContentwarehouseV1SynonymSet: + id: GoogleCloudContentwarehouseV1SynonymSet + type: object + properties: + name: + type: string description: >- - Rendered image for this page. This image is preprocessed to remove - any skew, rotation, and distortions such that the annotation - bounding boxes can be upright and axis-aligned. - tokens: + The resource name of the SynonymSet This is mandatory for + google.api.resource. Format: + projects/{project_number}/locations/{location}/synonymSets/{context}. + context: + type: string + description: >- + This is a freeform field. Example contexts can be "sales," + "engineering," "real estate," "accounting," etc. The context can be + supplied during search requests. + synonyms: + description: List of Synonyms for the context. + items: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1SynonymSetSynonym type: array - description: A list of visually detected tokens on the page. + description: >- + Represents a list of synonyms for a given context. For example a context + "sales" could contain: Synonym 1: sale, invoice, bill, order Synonym 2: + money, credit, finance, payment Synonym 3: shipping, freight, transport + Each SynonymSets should be disjoint + GoogleCloudContentwarehouseV1ListLinkedSourcesResponse: + properties: + documentLinks: items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageToken' + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentLink' + description: Source document-links. + type: array + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + type: object + id: GoogleCloudContentwarehouseV1ListLinkedSourcesResponse + description: Response message for DocumentLinkService.ListLinkedSources. + GoogleCloudDocumentaiV1DocumentPageParagraph: + description: A collection of lines that a human would perceive as a paragraph. + id: GoogleCloudDocumentaiV1DocumentPageParagraph + properties: detectedLanguages: type: array + description: A list of detected languages together with confidence. items: $ref: >- #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedLanguage - description: A list of detected languages together with confidence. - tables: - description: A list of visually detected tables on the page. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageTable' - paragraphs: + layout: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' + description: Layout for Paragraph. + provenance: + deprecated: true + description: The history of this annotation. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentProvenance' + type: object + GoogleCloudDocumentaiV1BoundingPoly: + id: GoogleCloudDocumentaiV1BoundingPoly + description: A bounding polygon for the detected image annotation. + type: object + properties: + normalizedVertices: type: array - description: >- - A list of visually detected text paragraphs on the page. A - collection of lines that a human would perceive as a paragraph. + description: The bounding polygon normalized vertices. items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageParagraph' - pageNumber: - type: integer - description: >- - 1-based index for current Page in a parent Document. Useful when a - page is taken out of a Document for individual processing. - format: int32 - dimension: - description: Physical dimension of the page. - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageDimension' - detectedBarcodes: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1NormalizedVertex' + vertices: + description: The bounding polygon vertices. type: array - description: A list of detected barcodes. items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedBarcode - CloudAiPlatformTenantresourceServiceAccountIdentity: - type: object + $ref: '#/components/schemas/GoogleCloudDocumentaiV1Vertex' + GoogleCloudContentwarehouseV1WeightedSchemaProperty: properties: - serviceAccountEmail: - type: string - description: Output only. The service account email that has been created. - tag: - description: >- - Input/Output [Optional]. The tag that configures the service - account, as defined in - google3/configs/production/cdpush/acl-zanzibar-cloud-prod/activation_grants/activation_grants.gcl. - Note: The default P4 service account has the empty tag. + propertyNames: + description: The property definition names in the schema. + items: + type: string + type: array + documentSchemaName: type: string - id: CloudAiPlatformTenantresourceServiceAccountIdentity - description: The identity to configure a service account. - GoogleLongrunningOperation: + description: The document schema name. + id: GoogleCloudContentwarehouseV1WeightedSchemaProperty + description: Specifies the schema property name. type: object - properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/GoogleRpcStatus' - metadata: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - description: >- - This resource represents a long-running operation that is the result of - a network API call. - id: GoogleLongrunningOperation - GoogleCloudContentwarehouseV1TimestampArray: - id: GoogleCloudContentwarehouseV1TimestampArray + GoogleCloudContentwarehouseV1CustomWeightsMetadata: + id: GoogleCloudContentwarehouseV1CustomWeightsMetadata + description: To support the custom weighting across document schemas. type: object properties: - values: - type: array - description: List of timestamp values. + weightedSchemaProperties: items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1TimestampValue' - description: Timestamp values. - GoogleCloudContentwarehouseV1ListLinkedSourcesRequest: - id: GoogleCloudContentwarehouseV1ListLinkedSourcesRequest + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1WeightedSchemaProperty + type: array + description: >- + List of schema and property name. Allows a maximum of 10 schemas to + be specified for relevance boosting. + GoogleCloudContentwarehouseV1CreateDocumentRequest: + description: Request message for DocumentService.CreateDocument. properties: - pageSize: - format: int32 - type: integer + policy: description: >- - The maximum number of document-links to return. The service may - return fewer than this value. If unspecified, at most 50 - document-links will be returned. The maximum value is 1000; values - above 1000 will be coerced to 1000. + Default document policy during creation. This refers to an Identity + and Access (IAM) policy, which specifies access controls for the + Document. Conditions defined in the policy will be ignored. + $ref: '#/components/schemas/GoogleIamV1Policy' requestMetadata: + description: >- + The meta information collected about the end user, used to enforce + access control for the service. $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' + document: + description: Required. The document to create. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Document' + cloudAiDocumentOption: description: >- - The meta information collected about the document creator, used to - enforce access control for the service. - pageToken: + Request Option for processing Cloud AI Document in Document + Warehouse. This field offers limited support for mapping entities + from Cloud AI Document to Warehouse Document. Please consult with + product team before using this field and other available options. + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1CloudAIDocumentOption + createMask: description: >- - A page token, received from a previous `ListLinkedSources` call. - Provide this to retrieve the subsequent page. When paginating, all - other parameters provided to `ListLinkedSources` must match the call - that provided the page token. + Field mask for creating Document fields. If mask path is empty, it + means all fields are masked. For the `FieldMask` definition, see + https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask. + format: google-fieldmask type: string - description: Response message for DocumentLinkService.ListLinkedSources. type: object - GoogleCloudContentwarehouseV1UpdateDocumentResponse: + id: GoogleCloudContentwarehouseV1CreateDocumentRequest + GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutPageSpan: + id: >- + GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutPageSpan properties: - document: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Document' - description: Updated document after executing update request. - ruleEngineOutput: - description: >- - Output from Rule Engine recording the rule evaluator and action - executor's output. Refer format in: - google/cloud/contentwarehouse/v1/rule_engine.proto - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleEngineOutput' - metadata: - description: >- - Additional information for the API invocation, such as the request - tracking id. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ResponseMetadata' - type: object - description: Response message for DocumentService.UpdateDocument. - id: GoogleCloudContentwarehouseV1UpdateDocumentResponse - GoogleApiServiceconsumermanagementV1BillingConfig: - description: Describes the billing configuration for a new tenant project. - id: GoogleApiServiceconsumermanagementV1BillingConfig + pageStart: + type: integer + format: int32 + description: Page where block starts in the document. + pageEnd: + description: Page where block ends in the document. + format: int32 + type: integer + description: Represents where the block starts and ends in the document. type: object + GoogleCloudContentwarehouseV1AddToFolderAction: + id: GoogleCloudContentwarehouseV1AddToFolderAction + description: Represents the action responsible for adding document under a folder. properties: - billingAccount: + folders: + items: + type: string + type: array description: >- - Name of the billing account. For example - `billingAccounts/012345-567890-ABCDEF`. - type: string - GoogleCloudContentwarehouseV1UpdateOptions: - description: Options for Update operations. - id: GoogleCloudContentwarehouseV1UpdateOptions + Names of the folder under which new document is to be added. Format: + projects/{project_number}/locations/{location}/documents/{document_id}. + type: object + GoogleCloudContentwarehouseV1ListLinkedSourcesRequest: + id: GoogleCloudContentwarehouseV1ListLinkedSourcesRequest + description: Response message for DocumentLinkService.ListLinkedSources. type: object properties: - updateMask: + pageSize: description: >- - Field mask for merging Document fields. For the `FieldMask` - definition, see - https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask - format: google-fieldmask - type: string - mergeFieldsOptions: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1MergeFieldsOptions' - description: Options for merging. - updateType: - enumDescriptions: - - Defaults to full replace behavior, ie. FULL_REPLACE. - - >- - Fully replace all the fields (including previously linked raw - document). Any field masks will be ignored. - - Merge the fields into the existing entities. - - Inserts the properties by names. - - Replace the properties by names. - - Delete the properties by names. - - >- - For each of the property, replaces the property if the it exists, - otherwise inserts a new property. And for the rest of the fields, - merge them based on update mask and merge fields options. + The maximum number of document-links to return. The service may + return fewer than this value. If unspecified, at most 50 + document-links will be returned. The maximum value is 1000; values + above 1000 will be coerced to 1000. + format: int32 + type: integer + pageToken: type: string - enum: - - UPDATE_TYPE_UNSPECIFIED - - UPDATE_TYPE_REPLACE - - UPDATE_TYPE_MERGE - - UPDATE_TYPE_INSERT_PROPERTIES_BY_NAMES - - UPDATE_TYPE_REPLACE_PROPERTIES_BY_NAMES - - UPDATE_TYPE_DELETE_PROPERTIES_BY_NAMES - - UPDATE_TYPE_MERGE_AND_REPLACE_OR_INSERT_PROPERTIES_BY_NAMES - description: Type for update. - GoogleCloudContentwarehouseV1ResponseMetadata: + description: >- + A page token, received from a previous `ListLinkedSources` call. + Provide this to retrieve the subsequent page. When paginating, all + other parameters provided to `ListLinkedSources` must match the call + that provided the page token. + requestMetadata: + description: >- + The meta information collected about the document creator, used to + enforce access control for the service. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' + CloudAiPlatformTenantresourceTenantProjectConfig: + id: CloudAiPlatformTenantresourceTenantProjectConfig + description: The identity to configure a tenant project. properties: - requestId: + billingConfig: description: >- - A unique id associated with this call. This id is logged for - tracking purpose. + Input/Output [Required]. The billing account properties to create + the tenant project. + $ref: >- + #/components/schemas/GoogleApiServiceconsumermanagementV1BillingConfig + folder: + description: >- + Input/Output [Required]. The folder that holds tenant projects and + folder-level permissions will be automatically granted to all tenant + projects under the folder. Note: the valid folder format is + `folders/{folder_number}`. type: string - description: >- - Additional information returned to client, such as debugging - information. + policyBindings: + type: array + description: >- + Input/Output [Required]. The policy bindings that are applied to the + tenant project during creation. At least one binding must have the + role `roles/owner` with either `user` or `group` type. + items: + $ref: >- + #/components/schemas/GoogleApiServiceconsumermanagementV1PolicyBinding + services: + items: + type: string + type: array + description: >- + Input/Output [Required]. The API services that are enabled on the + tenant project during creation. type: object - id: GoogleCloudContentwarehouseV1ResponseMetadata - GoogleCloudContentwarehouseV1TimestampValue: + CloudAiPlatformTenantresourceGcsBucketConfig: + id: CloudAiPlatformTenantresourceGcsBucketConfig + description: The identity to configure a GCS bucket. type: object - id: GoogleCloudContentwarehouseV1TimestampValue properties: - textValue: - type: string + kmsKeyReference: description: >- - The string must represent a valid instant in UTC and is parsed using - java.time.format.DateTimeFormatter.ISO_INSTANT. e.g. - "2013-09-29T18:46:19Z" - timestampValue: + Input/Output [Optional]. The KMS key name or the KMS grant name used + for CMEK encryption. Only set this field when provisioning new GCS + bucket. For existing GCS bucket, this field will be ignored because + CMEK re-encryption is not supported. + type: string + admins: + type: array + items: + type: string + entityName: type: string - description: Timestamp value - format: google-datetime - description: Timestamp value type. - GoogleCloudDocumentaiV1DocumentPageTokenStyleInfo: - description: Font and other text style attributes. - type: object - id: GoogleCloudDocumentaiV1DocumentPageTokenStyleInfo - properties: - fontWeight: description: >- - TrueType weight on a scale `100` (thin) to `1000` (ultra-heavy). - Normal is `400`, bold is `700`. + Input/Output [Optional]. Only needed for per-entity tenant GCP + resources. During Deprovision API, the on-demand deletion will only + cover the tenant GCP resources with the specified entity name. + ttlDays: type: integer format: int32 - letterSpacing: - description: Letter spacing in points. - type: number - format: double - italic: - type: boolean - description: Whether the text is italic. - subscript: - description: Whether the text is a subscript. This feature is not supported yet. - type: boolean - bold: description: >- - Whether the text is bold (equivalent to font_weight is at least - `700`). - type: boolean - fontSize: - format: int32 - type: integer - description: Font size in points (`1` point is `¹⁄₇₂` inches). - textColor: - $ref: '#/components/schemas/GoogleTypeColor' - description: Color of the text. - fontType: + Input/Output [Optional]. Only needed when the content in bucket need + to be garbage collected within some amount of days. + bucketName: type: string - description: Name or style of the font. - pixelFontSize: - description: >- - Font size in pixels, equal to _unrounded font_size_ * _resolution_ ÷ - `72.0`. - type: number - format: double - smallcaps: - type: boolean description: >- - Whether the text is in small caps. This feature is not supported - yet. - backgroundColor: - $ref: '#/components/schemas/GoogleTypeColor' - description: Color of the background. - strikeout: - description: >- - Whether the text is strikethrough. This feature is not supported - yet. - type: boolean - handwritten: - type: boolean - description: Whether the text is handwritten. - superscript: - description: >- - Whether the text is a superscript. This feature is not supported - yet. - type: boolean - underlined: - type: boolean - description: Whether the text is underlined. - GoogleCloudDocumentaiV1DocumentProvenance: + Input/Output [Optional]. The name of a GCS bucket with max length of + 63 chars. If not set, a random UUID will be generated as bucket + name. + viewers: + type: array + items: + type: string + description: Input/Output [Required]. IAM roles (viewer/admin) put on the bucket. + GoogleCloudContentwarehouseV1Document: type: object + description: Defines the structure for content warehouse document proto. properties: - type: - enum: - - OPERATION_TYPE_UNSPECIFIED - - ADD - - REMOVE - - UPDATE - - REPLACE - - EVAL_REQUESTED - - EVAL_APPROVED - - EVAL_SKIPPED - enumDescriptions: - - >- - Operation type unspecified. If no operation is specified a - provenance entry is simply used to match against a `parent`. - - Add an element. - - Remove an element identified by `parent`. - - >- - Updates any fields within the given provenance scope of the - message. It overwrites the fields rather than replacing them. Use - this when you want to update a field value of an entity without - also updating all the child properties. - - Currently unused. Replace an element identified by `parent`. - - >- - Deprecated. Request human review for the element identified by - `parent`. - - >- - Deprecated. Element is reviewed and approved at human review, - confidence will be set to 1.0. - - Deprecated. Element is skipped in the validation process. + displayUri: + description: Uri to display the document, for example, in the UI. type: string - enumDeprecated: - - false - - false - - false - - false - - false - - true - - true - - true - description: The type of provenance operation. - parents: - items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentProvenanceParent - description: References to the original elements that are replaced. - type: array - revision: - description: The index of the revision that produced this element. - type: integer - deprecated: true - format: int32 - id: - deprecated: true + name: description: >- - The Id of this operation. Needs to be unique within the scope of the - revision. - type: integer - format: int32 - id: GoogleCloudDocumentaiV1DocumentProvenance - description: >- - Structure to identify provenance relationships between annotations in - different revisions. - GoogleCloudContentwarehouseV1DocumentSchema: - description: A document schema used to define document structure. - properties: - description: + The resource name of the document. Format: + projects/{project_number}/locations/{location}/documents/{document_id}. + The name is ignored when creating a document. type: string - description: Schema description. - displayName: + updater: + description: The user who lastly updates the document. + type: string + plainText: + description: Other document format, such as PPTX, XLXS + type: string + rawDocumentFileType: + enumDescriptions: + - No raw document specified or it is non-parsable + - Adobe PDF format + - Microsoft Word format + - Microsoft Excel format + - Microsoft Powerpoint format + - UTF-8 encoded text format + - TIFF or TIF image file format + description: >- + This is used when DocAI was not used to load the document and + parsing/ extracting is needed for the inline_raw_document. For + example, if inline_raw_document is the byte representation of a PDF + file, then this should be set to: RAW_DOCUMENT_FILE_TYPE_PDF. + type: string + enum: + - RAW_DOCUMENT_FILE_TYPE_UNSPECIFIED + - RAW_DOCUMENT_FILE_TYPE_PDF + - RAW_DOCUMENT_FILE_TYPE_DOCX + - RAW_DOCUMENT_FILE_TYPE_XLSX + - RAW_DOCUMENT_FILE_TYPE_PPTX + - RAW_DOCUMENT_FILE_TYPE_TEXT + - RAW_DOCUMENT_FILE_TYPE_TIFF + documentSchemaName: type: string description: >- - Required. Name of the schema given by the user. Must be unique per - project. - propertyDefinitions: - description: Document details. - items: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1PropertyDefinition - type: array + The Document schema name. Format: + projects/{project_number}/locations/{location}/documentSchemas/{document_schema_id}. + rawDocumentPath: + description: Raw document file in Cloud Storage path. + type: string + textExtractionDisabled: + type: boolean + deprecated: true + description: If true, text extraction will not be performed. + title: + type: string + description: >- + Title that describes the document. This can be the top heading or + text that describes the document. + textExtractionEnabled: + description: If true, text extraction will be performed. + type: boolean createTime: - description: Output only. The time when the document schema is created. - readOnly: true format: google-datetime type: string - name: - description: >- - The resource name of the document schema. Format: - projects/{project_number}/locations/{location}/documentSchemas/{document_schema_id}. - The name is ignored when creating a document schema. + readOnly: true + description: Output only. The time when the document is created. + inlineRawDocument: type: string + format: byte + description: Raw document content. updateTime: + description: Output only. The time when the document is last updated. readOnly: true - description: Output only. The time when the document schema is last updated. format: google-datetime type: string - documentIsFolder: + referenceId: + type: string + description: >- + The reference ID set by customers. Must be unique per project and + location. + displayName: + description: >- + Required. Display name of the document given by the user. This name + will be displayed in the UI. Customer can populate this field with + the name of the document. This differs from the 'title' field as + 'title' is optional and stores the top heading in the document. + type: string + cloudAiDocument: + description: Document AI format to save the structured content, including OCR. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1Document' + dispositionTime: + description: >- + Output only. If linked to a Collection with RetentionPolicy, the + date when the document becomes mutable. + readOnly: true + type: string + format: google-datetime + legalHold: + readOnly: true + description: Output only. Indicates if the document has a legal hold on it. type: boolean + properties: + type: array + description: List of values that are user supplied metadata. + items: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Property' + contentCategory: + enum: + - CONTENT_CATEGORY_UNSPECIFIED + - CONTENT_CATEGORY_IMAGE + - CONTENT_CATEGORY_AUDIO + - CONTENT_CATEGORY_VIDEO + type: string description: >- - Document Type, true refers the document is a folder, otherwise it is - a typical document. - type: object - id: GoogleCloudContentwarehouseV1DocumentSchema - GoogleCloudContentwarehouseV1InvalidRule: - id: GoogleCloudContentwarehouseV1InvalidRule + Indicates the category (image, audio, video etc.) of the original + content. + enumDescriptions: + - No category is specified. + - Content is of image type. + - Content is of audio type. + - Content is of video type. + creator: + description: The user who creates the document. + type: string + id: GoogleCloudContentwarehouseV1Document + GoogleCloudContentwarehouseV1ListLinkedTargetsRequest: + id: GoogleCloudContentwarehouseV1ListLinkedTargetsRequest type: object - description: A triggered rule that failed the validation check(s) after parsing. + description: Request message for DocumentLinkService.ListLinkedTargets. properties: - rule: - description: Triggered rule. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Rule' - error: - description: Validation error on a parsed expression. - type: string - GoogleCloudContentwarehouseV1ListLinkedTargetsResponse: + requestMetadata: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' + description: >- + The meta information collected about the document creator, used to + enforce access control for the service. + CloudAiPlatformTenantresourceInfraSpannerConfigCreateDatabaseOptions: type: object properties: - documentLinks: - type: array - items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentLink' - description: Target document-links. - nextPageToken: + cmekCloudResourceType: + description: >- + The cloud resource type for the CMEK encryption. For example, + contentwarehouse.googleapis.com/Location + type: string + cmekServiceName: + description: >- + The service name for the CMEK encryption. For example, + contentwarehouse.googleapis.com + type: string + cmekCloudResourceName: type: string description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - description: Response message for DocumentLinkService.ListLinkedTargets. - id: GoogleCloudContentwarehouseV1ListLinkedTargetsResponse - GoogleCloudDocumentaiV1DocumentPageBlock: - id: GoogleCloudDocumentaiV1DocumentPageBlock - type: object + The cloud resource name for the CMEK encryption. For example, + projects//locations/ + id: CloudAiPlatformTenantresourceInfraSpannerConfigCreateDatabaseOptions description: >- - A block has a set of lines (collected into paragraphs) that have a - common line-spacing and orientation. + The options to create a spanner database. KMS key access audit logging + and AxT logging will be associated with the given resource name, + resource type and service name. Please ensure to give right options to + enable correct audit logging and AxT logging. + GoogleCloudDocumentaiV1DocumentPageLine: + type: object properties: provenance: deprecated: true - description: The history of this annotation. $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentProvenance' + description: The history of this annotation. detectedLanguages: + description: A list of detected languages together with confidence. type: array items: $ref: >- #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedLanguage - description: A list of detected languages together with confidence. layout: + description: Layout for Line. $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' - description: Layout for Block. - GoogleCloudContentwarehouseV1MergeFieldsOptions: + id: GoogleCloudDocumentaiV1DocumentPageLine + description: >- + A collection of tokens that a human would perceive as a line. Does not + cross column boundaries, can be horizontal, vertical, etc. + GoogleCloudContentwarehouseV1ListSynonymSetsResponse: + id: GoogleCloudContentwarehouseV1ListSynonymSetsResponse + type: object properties: - replaceRepeatedFields: - type: boolean + synonymSets: + items: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1SynonymSet' + description: The synonymSets from the specified parent. + type: array + nextPageToken: + type: string description: >- - When merging repeated fields, the default behavior is to append - entries from the source repeated field to the destination repeated - field. If you instead want to keep only the entries from the source - repeated field, set this flag to true. If you want to replace a - repeated field within a message field on the destination message, - you must set both replace_repeated_fields and replace_message_fields - to true, otherwise the repeated fields will be appended. - replaceMessageFields: + A page token, received from a previous `ListSynonymSets` call. + Provide this to retrieve the subsequent page. + description: Response message for SynonymSetService.ListSynonymSets. + GoogleCloudContentwarehouseV1DataUpdateAction: + type: object + properties: + entries: + additionalProperties: + type: string description: >- - When merging message fields, the default behavior is to merge the - content of two message fields together. If you instead want to use - the field from the source message to replace the corresponding field - in the destination message, set this flag to true. When this flag is - set, specified submessage fields that are missing in source will be - cleared in destination. - type: boolean + Map of (K, V) -> (valid name of the field, new value of the field) + E.g., ("age", "60") entry triggers update of field age with a value + of 60. If the field is not present then new entry is added. During + update action execution, value strings will be casted to appropriate + types. + type: object + description: Represents the action responsible for properties update operations. + id: GoogleCloudContentwarehouseV1DataUpdateAction + GoogleCloudDocumentaiV1DocumentTextAnchorTextSegment: + properties: + startIndex: + description: TextSegment start UTF-8 char index in the Document.text. + type: string + format: int64 + endIndex: + type: string + format: int64 + description: TextSegment half open end UTF-8 char index in the Document.text. + id: GoogleCloudDocumentaiV1DocumentTextAnchorTextSegment type: object - id: GoogleCloudContentwarehouseV1MergeFieldsOptions - description: Options for merging updated fields. - GoogleCloudContentwarehouseV1AccessControlAction: - id: GoogleCloudContentwarehouseV1AccessControlAction description: >- - Represents the action responsible for access control list management - operations. + A text segment in the Document.text. The indices may be out of bounds + which indicate that the text extends into another document shard for + large sharded documents. See ShardInfo.text_offset + GoogleApiServiceconsumermanagementV1PolicyBinding: type: object + id: GoogleApiServiceconsumermanagementV1PolicyBinding + description: Translates to IAM Policy bindings (without auditing at this level) properties: - operationType: - enum: - - UNKNOWN - - ADD_POLICY_BINDING - - REMOVE_POLICY_BINDING - - REPLACE_POLICY_BINDING - enumDescriptions: - - The unknown operation type. - - Adds newly given policy bindings in the existing bindings list. - - >- - Removes newly given policy bindings from the existing bindings - list. - - >- - Replaces existing policy bindings with the given policy binding - list - description: Identifies the type of operation. + role: type: string - policy: description: >- - Represents the new policy from which bindings are added, removed or - replaced based on the type of the operation. the policy is limited - to a few 10s of KB. - $ref: '#/components/schemas/GoogleIamV1Policy' - GoogleCloudContentwarehouseV1CustomWeightsMetadata: - type: object - id: GoogleCloudContentwarehouseV1CustomWeightsMetadata - properties: - weightedSchemaProperties: + Role. (https://cloud.google.com/iam/docs/understanding-roles) For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. + members: items: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1WeightedSchemaProperty + type: string description: >- - List of schema and property name. Allows a maximum of 10 schemas to - be specified for relevance boosting. + Uses the same format as in IAM policy. `member` must include both a + prefix and ID. For example, `user:{emailId}`, + `serviceAccount:{emailId}`, `group:{emailId}`. type: array - description: To support the custom weighting across document schemas. - GoogleCloudContentwarehouseV1ProcessWithDocAiPipeline: - id: GoogleCloudContentwarehouseV1ProcessWithDocAiPipeline + GoogleCloudContentwarehouseV1SynonymSetSynonym: + id: GoogleCloudContentwarehouseV1SynonymSetSynonym + description: >- + Represents a list of words given by the customer All these words are + synonyms of each other. properties: - processorResultsFolderPath: - type: string - description: >- - The Cloud Storage folder path used to store the raw results from - processors. Format: `gs:///`. - processorInfo: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ProcessorInfo' - description: The CDW processor information. - documents: + words: + description: 'For example: sale, invoice, bill, order' type: array items: type: string - description: >- - The list of all the resource names of the documents to be processed. - Format: - projects/{project_number}/locations/{location}/documents/{document_id}. - exportFolderPath: - description: >- - The Cloud Storage folder path used to store the exported documents - before being sent to CDW. Format: `gs:///`. - type: string - description: >- - The configuration of processing documents in Document Warehouse with - DocAi processors pipeline. type: object - GoogleCloudContentwarehouseV1RunPipelineMetadataGcsIngestPipelineMetadata: + GoogleCloudContentwarehouseV1RuleSet: type: object - description: The metadata message for GcsIngest pipeline. properties: - inputPath: - description: 'The input Cloud Storage folder in this pipeline. Format: `gs:///`.' + description: type: string - id: >- - GoogleCloudContentwarehouseV1RunPipelineMetadataGcsIngestPipelineMetadata - GoogleCloudContentwarehouseV1SetAclResponse: - id: GoogleCloudContentwarehouseV1SetAclResponse - properties: - metadata: - description: >- - Additional information for the API invocation, such as the request - tracking id. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ResponseMetadata' - policy: - description: The policy will be attached to a resource (e.g. projecct, document). - $ref: '#/components/schemas/GoogleIamV1Policy' - description: Response message for DocumentService.SetAcl. - type: object - GoogleCloudContentwarehouseV1PropertyDefinitionSchemaSource: - type: object - id: GoogleCloudContentwarehouseV1PropertyDefinitionSchemaSource - properties: + description: Short description of the rule-set. name: - description: The schema name in the source. type: string - processorType: + description: >- + The resource name of the rule set. Managed internally. Format: + projects/{project_number}/locations/{location}/ruleSet/{rule_set_id}. + The name is ignored when creating a rule set. + source: + description: Source of the rules i.e., customer name. type: string - description: The Doc AI processor type name. - description: The schema source information. - GoogleCloudDocumentaiV1DocumentStyle: + rules: + type: array + description: List of rules given by the customer. + items: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Rule' + description: Represents a set of rules from a single customer. + id: GoogleCloudContentwarehouseV1RuleSet + GoogleTypePostalAddress: + description: >- + Represents a postal address. For example for postal delivery or payments + addresses. Given a postal address, a postal service can deliver items to + a premise, P.O. Box or similar. It is not intended to model geographical + locations (roads, towns, mountains). In typical usage an address would + be created by user input or from importing existing data, depending on + the type of process. Advice on address input / editing: - Use an + internationalization-ready address widget such as + https://github.com/google/libaddressinput) - Users should not be + presented with UI elements for input or editing of fields outside + countries where that field is used. For more guidance on how to use this + schema, see: https://support.google.com/business/answer/6397478 type: object - id: GoogleCloudDocumentaiV1DocumentStyle + id: GoogleTypePostalAddress properties: - textAnchor: - description: Text anchor indexing into the Document.text. - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentTextAnchor' - textStyle: - description: >- - [Text - style](https://www.w3schools.com/cssref/pr_font_font-style.asp). - Possible values are `normal`, `italic`, and `oblique`. - type: string - textDecoration: + postalCode: type: string description: >- - [Text - decoration](https://www.w3schools.com/cssref/pr_text_text-decoration.asp). - Follows CSS standard. - backgroundColor: - $ref: '#/components/schemas/GoogleTypeColor' - description: Text background color. - color: - description: Text color. - $ref: '#/components/schemas/GoogleTypeColor' - fontWeight: + Optional. Postal code of the address. Not all countries use or + require postal codes to be present, but where they are used, they + may trigger additional validation with other parts of the address + (For example state/zip validation in the U.S.A.). + administrativeArea: type: string description: >- - [Font weight](https://www.w3schools.com/cssref/pr_font_weight.asp). - Possible values are `normal`, `bold`, `bolder`, and `lighter`. - fontSize: - description: Font size. - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentStyleFontSize' - fontFamily: + Optional. Highest administrative subdivision which is used for + postal addresses of a country or region. For example, this can be a + state, a province, an oblast, or a prefecture. Specifically, for + Spain this is the province and not the autonomous community (For + example "Barcelona" and not "Catalonia"). Many countries don't use + an administrative area in postal addresses. For example in + Switzerland this should be left unpopulated. + locality: description: >- - Font family such as `Arial`, `Times New Roman`. - https://www.w3schools.com/cssref/pr_font_font-family.asp + Optional. Generally refers to the city/town portion of the address. + Examples: US city, IT comune, UK post town. In regions of the world + where localities are not well defined or do not fit into this + structure well, leave locality empty and use address_lines. type: string - description: >- - Annotation for common text style attributes. This adheres to CSS - conventions as much as possible. - GoogleCloudDocumentaiV1DocumentTextChange: - type: object - id: GoogleCloudDocumentaiV1DocumentTextChange - properties: - textAnchor: + regionCode: description: >- - Provenance of the correction. Text anchor indexing into the - Document.text. There can only be a single `TextAnchor.text_segments` - element. If the start and end index of the text segment are the - same, the text change is inserted before that index. - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentTextAnchor' - provenance: - type: array - items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentProvenance' - description: The history of this annotation. - deprecated: true - changedText: + Required. CLDR region code of the country/region of the address. + This is never inferred and it is up to the user to ensure the value + is correct. See https://cldr.unicode.org/ and + https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html + for details. Example: "CH" for Switzerland. type: string - description: The text that replaces the text identified in the `text_anchor`. - description: This message is used for text changes aka. OCR corrections. - GoogleCloudDocumentaiV1DocumentStyleFontSize: - id: GoogleCloudDocumentaiV1DocumentStyleFontSize - type: object - properties: - size: - format: float - description: Font size for the text. - type: number - unit: - description: >- - Unit for the font size. Follows CSS naming (such as `in`, `px`, and - `pt`). + organization: type: string - description: Font size with unit. - GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableCell: - id: >- - GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableCell - description: Represents a cell in a table row. - properties: - rowSpan: - description: How many rows this cell spans. - format: int32 - type: integer - blocks: + description: Optional. The name of the organization at the address. + recipients: + description: >- + Optional. The recipient at the address. This field may, under + certain circumstances, contain multiline information. For example, + it might contain "care of" information. type: array + items: + type: string + addressLines: description: >- - A table cell is a list of blocks. Repeated blocks support further - hierarchies and nested blocks. + Unstructured address lines describing the lower levels of an + address. Because values in address_lines do not have type + information and may sometimes contain multiple values in a single + field (For example "Austin, TX"), it is important that the line + order is clear. The order of address lines should be "envelope + order" for the country/region of the address. In places where this + can vary (For example Japan), address_language is used to make it + explicit (For example "ja" for large-to-small ordering and "ja-Latn" + or "en" for small-to-large). This way, the most specific line of an + address can be selected based on the language. The minimum permitted + structural representation of an address consists of a region_code + with all remaining information placed in the address_lines. It would + be possible to format such an address very approximately without + geocoding, but no semantic reasoning could be made about any of the + address components until it was at least partially resolved. + Creating an address only containing a region_code and address_lines, + and then geocoding is the recommended way to handle completely + unstructured addresses (as opposed to guessing which parts of the + address should be localities or administrative areas). + type: array items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlock - colSpan: - description: How many columns this cell spans. + type: string + revision: + description: >- + The schema revision of the `PostalAddress`. This must be set to 0, + which is the latest revision. All new revisions **must** be backward + compatible with old revisions. format: int32 type: integer + sublocality: + description: >- + Optional. Sublocality of the address. For example, this can be + neighborhoods, boroughs, districts. + type: string + sortingCode: + description: >- + Optional. Additional, country-specific, sorting code. This is not + used in most regions. Where it is used, the value is either a string + like "CEDEX", optionally followed by a number (For example "CEDEX + 7"), or just a number alone, representing the "sector code" + (Jamaica), "delivery area indicator" (Malawi) or "post office + indicator" (For example Côte d'Ivoire). + type: string + languageCode: + description: >- + Optional. BCP-47 language code of the contents of this address (if + known). This is often the UI language of the input form or is + expected to match one of the languages used in the address' + country/region, or their transliterated equivalents. This can affect + formatting in certain countries, but is not critical to the + correctness of the data and will never affect any validation or + other non-formatting related operations. If this value is not known, + it should be omitted (rather than specifying a possibly incorrect + default). Examples: "zh-Hant", "ja", "ja-Latn", "en". + type: string + GoogleProtobufEmpty: + properties: {} + id: GoogleProtobufEmpty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } type: object - GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutListBlock: + GoogleCloudDocumentaiV1DocumentPageDetectedBarcode: + description: A detected barcode. + id: GoogleCloudDocumentaiV1DocumentPageDetectedBarcode properties: - listEntries: + layout: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' + description: Layout for DetectedBarcode. + barcode: + description: Detailed barcode information of the DetectedBarcode. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1Barcode' + type: object + GoogleCloudContentwarehouseV1TimestampArray: + type: object + description: Timestamp values. + properties: + values: type: array - description: List entries that constitute a list block. items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutListEntry - type: - description: >- - Type of the list_entries (if exist). Available options are `ordered` - and `unordered`. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1TimestampValue' + description: List of timestamp values. + id: GoogleCloudContentwarehouseV1TimestampArray + GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageFooter: + properties: + text: + description: Footer in text format. type: string + pageSpan: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageSpan + description: Page span of the footer. + id: GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageFooter + type: object + description: Represents the page footer associated with the chunk. + GoogleCloudDocumentaiV1DocumentPageImageQualityScoresDetectedDefect: + description: Image Quality Defects type: object - description: Represents a list type block. - id: >- - GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutListBlock - GoogleCloudDocumentaiV1DocumentPageTokenDetectedBreak: properties: + confidence: + format: float + type: number + description: >- + Confidence of detected defect. Range `[0, 1]` where `1` indicates + strong confidence that the defect exists. type: - enum: - - TYPE_UNSPECIFIED - - SPACE - - WIDE_SPACE - - HYPHEN - description: Detected break type. - enumDescriptions: - - Unspecified break type. - - A single whitespace. - - A wider whitespace. - - A hyphen that indicates that a token has been split across lines. type: string - description: Detected break at the end of a Token. - id: GoogleCloudDocumentaiV1DocumentPageTokenDetectedBreak - type: object - GoogleCloudContentwarehouseV1DateTimeTypeOptions: - id: GoogleCloudContentwarehouseV1DateTimeTypeOptions - description: Configurations for a date time property. - properties: {} - type: object - GoogleCloudContentwarehouseV1FetchAclRequest: - description: Request message for DocumentService.FetchAcl + description: >- + Name of the defect type. Supported values are: - + `quality/defect_blurry` - `quality/defect_noisy` - + `quality/defect_dark` - `quality/defect_faint` - + `quality/defect_text_too_small` - `quality/defect_document_cutoff` - + `quality/defect_text_cutoff` - `quality/defect_glare` + id: GoogleCloudDocumentaiV1DocumentPageImageQualityScoresDetectedDefect + GoogleCloudContentwarehouseV1DocumentSchema: type: object + id: GoogleCloudContentwarehouseV1DocumentSchema + description: A document schema used to define document structure. properties: - projectOwner: + updateTime: + description: Output only. The time when the document schema is last updated. + format: google-datetime + readOnly: true + type: string + name: description: >- - For Get Project ACL only. Authorization check for end user will be - ignored when project_owner=true. + The resource name of the document schema. Format: + projects/{project_number}/locations/{location}/documentSchemas/{document_schema_id}. + The name is ignored when creating a document schema. + type: string + documentIsFolder: type: boolean - requestMetadata: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' description: >- - The meta information collected about the end user, used to enforce - access control for the service. - id: GoogleCloudContentwarehouseV1FetchAclRequest - GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageSpan: - properties: - pageEnd: - format: int32 - description: Page where chunk ends in the document. - type: integer - pageStart: - type: integer - description: Page where chunk starts in the document. - format: int32 - type: object - description: Represents where the chunk starts and ends in the document. - id: GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageSpan - GoogleCloudContentwarehouseV1SynonymSetSynonym: - properties: - words: + Document Type, true refers the document is a folder, otherwise it is + a typical document. + propertyDefinitions: + description: Document details. items: - type: string - description: 'For example: sale, invoice, bill, order' - type: array - description: >- - Represents a list of words given by the customer All these words are - synonyms of each other. - type: object - id: GoogleCloudContentwarehouseV1SynonymSetSynonym - CloudAiPlatformTenantresourceCloudSqlInstanceConfig: - description: >- - The identity to configure a CloudSQL instance provisioned via SLM - Terraform. - properties: - mdbRolesForCorpAccess: - description: Input [Optional]. MDB roles for corp access to CloudSQL instance. + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1PropertyDefinition type: array - items: - type: string - cloudSqlInstanceName: - type: string - description: >- - Input/Output [Optional]. The CloudSQL instance name within SLM - instance. If not set, a random UUIC will be generated as instance - name. - slmInstanceName: - description: Output only. The SLM instance's full resource name. + createTime: + format: google-datetime + readOnly: true + description: Output only. The time when the document schema is created. type: string - slmInstanceTemplate: + description: type: string - description: Input [Required]. The SLM instance template to provision CloudSQL. - slmInstanceType: - type: string - description: Input [Required]. The SLM instance type to provision CloudSQL. - kmsKeyReference: + description: Schema description. + displayName: type: string description: >- - Input [Optional]. The KMS key name or the KMS grant name used for - CMEK encryption. Only set this field when provisioning new CloudSQL - instances. For existing CloudSQL instances, this field will be - ignored because CMEK re-encryption is not supported. - cloudSqlInstanceConnectionName: - type: string - description: Output only. The CloudSQL instance connection name. - id: CloudAiPlatformTenantresourceCloudSqlInstanceConfig - type: object - GoogleCloudContentwarehouseV1TimeFilter: - type: object - id: GoogleCloudContentwarehouseV1TimeFilter + Required. Name of the schema given by the user. Must be unique per + project. + GoogleCloudContentwarehouseV1ProcessWithDocAiPipeline: + id: GoogleCloudContentwarehouseV1ProcessWithDocAiPipeline + description: >- + The configuration of processing documents in Document Warehouse with + DocAi processors pipeline. properties: - timeRange: - $ref: '#/components/schemas/GoogleTypeInterval' - timeField: - enum: - - TIME_FIELD_UNSPECIFIED - - CREATE_TIME - - UPDATE_TIME - - DISPOSITION_TIME + processorInfo: + description: The CDW processor information. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ProcessorInfo' + exportFolderPath: description: >- - Specifies which time field to filter documents on. Defaults to - TimeField.UPLOAD_TIME. - enumDescriptions: - - Default value. - - Earliest document create time. - - Latest document update time. - - Time when document becomes mutable again. + The Cloud Storage folder path used to store the exported documents + before being sent to CDW. Format: `gs:///`. type: string - description: Filter on create timestamp or update timestamp of documents. - GoogleCloudContentwarehouseV1RuleEngineOutput: - properties: - ruleEvaluatorOutput: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1RuleEvaluatorOutput - description: >- - Output from Rule Evaluator containing matched, unmatched and invalid - rules. - actionExecutorOutput: + processorResultsFolderPath: description: >- - Output from Action Executor containing rule and corresponding - actions execution result. - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1ActionExecutorOutput - documentName: + The Cloud Storage folder path used to store the raw results from + processors. Format: `gs:///`. type: string + documents: + type: array description: >- - Name of the document against which the rules and actions were - evaluated. - description: >- - Records the output of Rule Engine including rule evaluation and actions - result. - type: object - id: GoogleCloudContentwarehouseV1RuleEngineOutput - GoogleCloudContentwarehouseV1ListLinkedTargetsRequest: - description: Request message for DocumentLinkService.ListLinkedTargets. - properties: - requestMetadata: - description: >- - The meta information collected about the document creator, used to - enforce access control for the service. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' - type: object - id: GoogleCloudContentwarehouseV1ListLinkedTargetsRequest - GoogleCloudContentwarehouseV1DataValidationAction: - description: Represents the action responsible for data validation operations. - type: object - id: GoogleCloudContentwarehouseV1DataValidationAction - properties: - conditions: - additionalProperties: + The list of all the resource names of the documents to be processed. + Format: + projects/{project_number}/locations/{location}/documents/{document_id}. + items: type: string - type: object - description: >- - Map of (K, V) -> (field, string condition to be evaluated on the - field) E.g., ("age", "age > 18 && age < 60") entry triggers - validation of field age with the given condition. Map entries will - be ANDed during validation. + type: object GoogleCloudDocumentaiV1Barcode: + type: object + id: GoogleCloudDocumentaiV1Barcode properties: - format: - type: string - description: >- - Format of a barcode. The supported formats are: - `CODE_128`: Code - 128 type. - `CODE_39`: Code 39 type. - `CODE_93`: Code 93 type. - - `CODABAR`: Codabar type. - `DATA_MATRIX`: 2D Data Matrix type. - - `ITF`: ITF type. - `EAN_13`: EAN-13 type. - `EAN_8`: EAN-8 type. - - `QR_CODE`: 2D QR code type. - `UPC_A`: UPC-A type. - `UPC_E`: UPC-E - type. - `PDF417`: PDF417 type. - `AZTEC`: 2D Aztec code type. - - `DATABAR`: GS1 DataBar code type. rawValue: description: >- Raw value encoded in the barcode. For example: `'MEBKM:TITLE:Google;URL:https://www.google.com;;'`. type: string valueFormat: - type: string description: >- Value format describes the format of the value that a barcode encodes. The supported formats are: - `CONTACT_INFO`: Contact @@ -1737,478 +1702,414 @@ components: `TEXT`: Text string. - `URL`: URL address. - `WIFI`: Wifi information. - `GEO`: Geo-localization. - `CALENDAR_EVENT`: Calendar event. - `DRIVER_LICENSE`: Driver's license. - type: object - description: Encodes the detailed information of a barcode. - id: GoogleCloudDocumentaiV1Barcode - GoogleCloudContentwarehouseV1ListLinkedSourcesResponse: - properties: - nextPageToken: + type: string + format: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Format of a barcode. The supported formats are: - `CODE_128`: Code + 128 type. - `CODE_39`: Code 39 type. - `CODE_93`: Code 93 type. - + `CODABAR`: Codabar type. - `DATA_MATRIX`: 2D Data Matrix type. - + `ITF`: ITF type. - `EAN_13`: EAN-13 type. - `EAN_8`: EAN-8 type. - + `QR_CODE`: 2D QR code type. - `UPC_A`: UPC-A type. - `UPC_E`: UPC-E + type. - `PDF417`: PDF417 type. - `AZTEC`: 2D Aztec code type. - + `DATABAR`: GS1 DataBar code type. type: string - documentLinks: - description: Source document-links. - items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentLink' - type: array - id: GoogleCloudContentwarehouseV1ListLinkedSourcesResponse - description: Response message for DocumentLinkService.ListLinkedSources. + description: Encodes the detailed information of a barcode. + GoogleCloudContentwarehouseV1DataValidationAction: type: object - GoogleTypeExpr: - id: GoogleTypeExpr + properties: + conditions: + additionalProperties: + type: string + description: >- + Map of (K, V) -> (field, string condition to be evaluated on the + field) E.g., ("age", "age > 18 && age < 60") entry triggers + validation of field age with the given condition. Map entries will + be ANDed during validation. + type: object + id: GoogleCloudContentwarehouseV1DataValidationAction + description: Represents the action responsible for data validation operations. + CloudAiPlatformTenantresourceIamPolicyBinding: type: object + id: CloudAiPlatformTenantresourceIamPolicyBinding description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + The dynamic IAM bindings to be granted after tenant projects are + created. properties: - expression: - type: string - description: >- - Textual representation of an expression in Common Expression - Language syntax. - location: + resource: type: string description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - title: + Input/Output [Required]. The resource name that will be accessed by + members, which also depends on resource_type. Note: placeholders are + supported in resource names. For example, ${tpn} will be used when + the tenant project number is not ready. + role: + description: Input/Output [Required]. The role for members below. type: string + resourceType: + enumDescriptions: + - '' + - >- + The value of resource field is the ID or number of a project. + Format is + - >- + The value of resource field is the resource name of a service + account. Format is projects//serviceAccounts/ + - >- + The value of resource field is the name of a GCS bucket (not its + resource name). Format is . + - >- + The value of resource field is the resource name of a service + consumer. Format is services//consumers/ + - >- + The value of the resource field is the AR Image Uri which + identifies an AR REPO. Allowed formats are: /// ///: ///@ description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. - description: + Input/Output [Required]. Specifies the type of resource that will be + accessed by members. type: string + enum: + - RESOURCE_TYPE_UNSPECIFIED + - PROJECT + - SERVICE_ACCOUNT + - GCS_BUCKET + - SERVICE_CONSUMER + - AR_REPO + members: description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - GoogleCloudDocumentaiV1DocumentPageImage: + Input/Output [Required]. The member service accounts with the roles + above. Note: placeholders are same as the resource above. + items: + type: string + type: array + GoogleCloudContentwarehouseV1PropertyTypeOptions: + description: Configurations for a nested structured data property. + type: object properties: - mimeType: + propertyDefinitions: + description: Required. List of property definitions. + items: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1PropertyDefinition + type: array + id: GoogleCloudContentwarehouseV1PropertyTypeOptions + CloudAiPlatformTenantresourceTenantServiceAccountIdentity: + type: object + id: CloudAiPlatformTenantresourceTenantServiceAccountIdentity + properties: + serviceAccountEmail: type: string + description: Output only. The email address of the generated service account. + serviceName: description: >- - Encoding [media type (MIME - type)](https://www.iana.org/assignments/media-types/media-types.xhtml) - for the image. - content: - format: byte - description: Raw byte content of the image. + Input/Output [Required]. The service that the service account + belongs to. (e.g. cloudbuild.googleapis.com for GCB service + accounts) type: string - height: - description: Height of the image in pixels. - format: int32 - type: integer - width: - description: Width of the image in pixels. - format: int32 - type: integer - type: object - description: Rendered image contents for this page. - id: GoogleCloudDocumentaiV1DocumentPageImage - GoogleCloudContentwarehouseV1AddToFolderAction: + description: >- + The identity of service accounts that have been explicitly created under + tenant projects. + GoogleCloudContentwarehouseV1RuleEvaluatorOutput: type: object - id: GoogleCloudContentwarehouseV1AddToFolderAction - properties: - folders: - description: >- - Names of the folder under which new document is to be added. Format: - projects/{project_number}/locations/{location}/documents/{document_id}. - items: - type: string - type: array - description: Represents the action responsible for adding document under a folder. - CloudAiPlatformTenantresourceTenantProjectResource: + description: Represents the output of the Rule Evaluator. + id: GoogleCloudContentwarehouseV1RuleEvaluatorOutput properties: - tag: - description: >- - Input/Output [Required]. The tag that uniquely identifies a tenant - project within a tenancy unit. Note: for the same tenant project - tag, all tenant manager operations should be idempotent. - type: string - tenantProjectConfig: - description: The configurations of a tenant project. - $ref: >- - #/components/schemas/CloudAiPlatformTenantresourceTenantProjectConfig - cloudSqlInstances: + triggeredRules: description: >- - The CloudSQL instances that are provisioned under the tenant - project. - items: - $ref: >- - #/components/schemas/CloudAiPlatformTenantresourceCloudSqlInstanceConfig - type: array - infraSpannerConfigs: + List of rules fetched from database for the given request trigger + type. type: array items: - $ref: >- - #/components/schemas/CloudAiPlatformTenantresourceInfraSpannerConfig - description: >- - The Infra Spanner databases that are provisioned under the tenant - project. Note: this is an experimental feature. - tenantServiceAccounts: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Rule' + invalidRules: description: >- - The service account identities (or enabled API service's P4SA) that - are expclicitly created under the tenant project (before JIT - provisioning during enabled API services). - items: - $ref: >- - #/components/schemas/CloudAiPlatformTenantresourceTenantServiceAccountIdentity - type: array - tenantProjectId: - type: string - description: Output only. The tenant project ID that has been created. - iamPolicyBindings: + A subset of triggered rules that failed the validation check(s) + after parsing. items: - $ref: '#/components/schemas/CloudAiPlatformTenantresourceIamPolicyBinding' + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1InvalidRule' type: array + matchedRules: description: >- - The dynamic IAM bindings that are granted under the tenant project. - Note: this should only add new bindings to the project if they don't - exist and the existing bindings won't be affected. - gcsBuckets: - description: The GCS buckets that are provisioned under the tenant project. + A subset of triggered rules that are evaluated true for a given + request. type: array items: - $ref: '#/components/schemas/CloudAiPlatformTenantresourceGcsBucketConfig' - tenantProjectNumber: - type: string - format: int64 - description: Output only. The tenant project number that has been created. - description: 'The tenant project and tenant resources. Next ID: 10' - type: object - id: CloudAiPlatformTenantresourceTenantProjectResource - GoogleCloudDocumentaiV1DocumentEntity: - type: object - id: GoogleCloudDocumentaiV1DocumentEntity - description: >- - An entity that could be a phrase in the text or a property that belongs - to the document. It is a known entity type, such as a person, an - organization, or location. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Rule' + GoogleRpcStatus: properties: - textAnchor: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentTextAnchor' - description: >- - Optional. Provenance of the entity. Text anchor indexing into the - Document.text. - provenance: - description: Optional. The history of this annotation. - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentProvenance' - mentionId: - type: string - description: Optional. Deprecated. Use `id` field instead. - redacted: - type: boolean - description: >- - Optional. Whether the entity will be redacted for de-identification - purposes. - confidence: - format: float - type: number - description: Optional. Confidence of detected Schema entity. Range `[0, 1]`. - id: + message: type: string description: >- - Optional. Canonical id. This will be a unique value in the entity - list for this document. - type: - description: Required. Entity type from a schema e.g. `Address`. - type: string - properties: + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + format: int32 + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + details: items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentEntity' - description: >- - Optional. Entities can be nested to form a hierarchical data - structure representing the content in the document. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. type: array - mentionText: - type: string - description: Optional. Text value of the entity e.g. `1600 Amphitheatre Pkwy`. - pageAnchor: description: >- - Optional. Represents the provenance of this entity wrt. the location - on the page where it was found. - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageAnchor' - normalizedValue: + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + type: object + id: GoogleRpcStatus + GoogleCloudContentwarehouseV1UpdateDocumentRequest: + type: object + id: GoogleCloudContentwarehouseV1UpdateDocumentRequest + description: Request message for DocumentService.UpdateDocument. + properties: + cloudAiDocumentOption: description: >- - Optional. Normalized entity value. Absent if the extracted value - could not be converted or the type (e.g. address) is not supported - for certain parsers. This field is also only populated for certain - supported document types. + Request Option for processing Cloud AI Document in Document + Warehouse. This field offers limited support for mapping entities + from Cloud AI Document to Warehouse Document. Please consult with + product team before using this field and other available options. $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentEntityNormalizedValue - GoogleCloudContentwarehouseV1TextArray: - properties: - values: - items: - type: string - type: array - description: List of text values. + #/components/schemas/GoogleCloudContentwarehouseV1CloudAIDocumentOption + document: + description: Required. The document to update. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Document' + requestMetadata: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' + description: >- + The meta information collected about the end user, used to enforce + access control for the service. + updateOptions: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1UpdateOptions' + description: Options for the update operation. + GoogleCloudContentwarehouseV1ActionExecutorOutput: type: object - id: GoogleCloudContentwarehouseV1TextArray - description: String/text values. - GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableBlock: - description: Represents a table type block. properties: - headerRows: - description: Header rows at the top of the table. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableRow - bodyRows: + ruleActionsPairs: type: array - description: Body rows containing main table content. + description: List of rule and corresponding actions result. items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableRow - caption: - description: Table caption/title. - type: string - id: >- - GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableBlock + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleActionsPair' + id: GoogleCloudContentwarehouseV1ActionExecutorOutput + description: Represents the output of the Action Executor. + GoogleCloudContentwarehouseV1TextTypeOptions: type: object - GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTextBlock: - description: Represents a text type block. + description: Configurations for a text property. + id: GoogleCloudContentwarehouseV1TextTypeOptions + properties: {} + GoogleCloudContentwarehouseV1SearchDocumentsRequest: properties: - blocks: + pageSize: + format: int32 description: >- - A text block could further have child blocks. Repeated blocks - support further hierarchies and nested blocks. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlock - text: - type: string - description: Text content stored in the block. - type: + A limit on the number of documents returned in the search results. + Increasing this value above the default value of 10 can increase + search response time. The value can be between 1 and 100. + type: integer + requestMetadata: description: >- - Type of the text in the block. Available options are: `paragraph`, - `subtitle`, `heading-1`, `heading-2`, `heading-3`, `heading-4`, - `heading-5`, `header`, `footer`. + The meta information collected about the end user, used to enforce + access control and improve the search quality of the service. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' + pageToken: type: string - type: object - id: >- - GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTextBlock - GoogleIamV1AuditConfig: - id: GoogleIamV1AuditConfig - properties: - service: + description: >- + The token specifying the current offset within search results. See + SearchDocumentsResponse.next_page_token for an explanation of how to + obtain the next set of query results. + documentQuery: + description: Query used to search against documents (keyword, filters, etc.). + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentQuery' + totalResultSize: + description: >- + Controls if the search document request requires the return of a + total size of matched documents. See + SearchDocumentsResponse.total_size. + enumDescriptions: + - Total number calculation will be skipped. + - >- + Estimate total number. The total result size will be accurated up + to 10,000. This option will add cost and latency to your request. + - It may adversely impact performance. The limit is 1000,000. + enum: + - TOTAL_RESULT_SIZE_UNSPECIFIED + - ESTIMATED_SIZE + - ACTUAL_SIZE type: string + offset: + type: integer + format: int32 description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - auditLogConfigs: + An integer that specifies the current offset (that is, starting + result location, amongst the documents deemed by the API as + relevant) in search results. This field is only considered if + page_token is unset. The maximum allowed value is 5000. Otherwise an + error is thrown. For example, 0 means to return results starting + from the first matching document, and 10 means to return from the + 11th document. This can be used for pagination, (for example, + pageSize = 10 and offset = 10 means to return from the second page). + histogramQueries: type: array items: - $ref: '#/components/schemas/GoogleIamV1AuditLogConfig' - description: The configuration for logging of each type of permission. - type: object - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. - GoogleCloudDocumentaiV1DocumentEntityRelation: - description: Relationship between Entities. - id: GoogleCloudDocumentaiV1DocumentEntityRelation - type: object - properties: - subjectId: - type: string - description: Subject entity id. - relation: - type: string - description: Relationship description. - objectId: - description: Object entity id. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1HistogramQuery' + description: >- + An expression specifying a histogram request against matching + documents. Expression syntax is an aggregation function call with + histogram facets and other options. The following aggregation + functions are supported: * `count(string_histogram_facet)`: Count + the number of matching entities for each distinct attribute value. + Data types: * Histogram facet (aka filterable properties): Facet + names with format .. Facets will have the format + of: `a-zA-Z`. If the facet is a child facet, then the parent + hierarchy needs to be specified separated by dots in the prefix + after the schema id. Thus, the format for a multi- level facet is: + .. . Example: + schema123.root_parent_facet.middle_facet.child_facet * + DocumentSchemaId: (with no schema id prefix) to get histograms for + each document type (returns the schema id path, e.g. + projects/12345/locations/us-west/documentSchemas/abc123). Example + expression: * Document type counts: count('DocumentSchemaId') * For + schema id, abc123, get the counts for MORTGAGE_TYPE: + count('abc123.MORTGAGE_TYPE') + qaSizeLimit: + type: integer + description: >- + Experimental, do not use. The limit on the number of documents + returned for the question-answering feature. To enable the + question-answering feature, set [DocumentQuery].is_nl_query to true. + format: int32 + requireTotalSize: + description: >- + Controls if the search document request requires the return of a + total size of matched documents. See + SearchDocumentsResponse.total_size. Enabling this flag may adversely + impact performance. Hint: If this is used with pagination, set this + flag on the initial query but set this to false on subsequent page + calls (keep the total count locally). Defaults to false. + type: boolean + orderBy: type: string - GoogleCloudContentwarehouseV1beta1InitializeProjectResponse: - description: Response message for projectService.InitializeProject - id: GoogleCloudContentwarehouseV1beta1InitializeProjectResponse + description: >- + The criteria determining how search results are sorted. For + non-empty query, default is `"relevance desc"`. For empty query, + default is `"upload_date desc"`. Supported options are: * + `"relevance desc"`: By relevance descending, as determined by the + API algorithms. * `"upload_date desc"`: By upload date descending. * + `"upload_date"`: By upload date ascending. * `"update_date desc"`: + By last updated date descending. * `"update_date"`: By last updated + date ascending. * `"retrieval_importance desc"`: By retrieval + importance of properties descending. This feature is still under + development, please do not use unless otherwise instructed to do so. type: object + id: GoogleCloudContentwarehouseV1SearchDocumentsRequest + description: Request message for DocumentService.SearchDocuments. + GoogleCloudContentwarehouseV1UserInfo: + description: The user information. + id: GoogleCloudContentwarehouseV1UserInfo properties: - message: - description: The message of the project initialization process. - type: string - state: - type: string - enum: - - STATE_UNSPECIFIED - - SUCCEEDED - - FAILED - - CANCELLED - - RUNNING - enumDescriptions: - - Clients should never see this. - - Finished project initialization without error. - - Finished project initialization with an error. - - Client canceled the LRO. - - Ask the customer to check the operation for results. - description: The state of the project initialization process. - CloudAiPlatformTenantresourceIamPolicyBinding: - description: >- - The dynamic IAM bindings to be granted after tenant projects are - created. - properties: - resource: + id: + description: >- + A unique user identification string, as determined by the client. + The maximum number of allowed characters is 255. Allowed characters + include numbers 0 to 9, uppercase and lowercase letters, and + restricted special symbols (:, @, +, -, _, ~) The format is + "user:xxxx@example.com"; type: string + groupIds: description: >- - Input/Output [Required]. The resource name that will be accessed by - members, which also depends on resource_type. Note: placeholders are - supported in resource names. For example, ${tpn} will be used when - the tenant project number is not ready. - members: + The unique group identifications which the user is belong to. The + format is "group:yyyy@example.com"; items: type: string type: array - description: >- - Input/Output [Required]. The member service accounts with the roles - above. Note: placeholders are same as the resource above. - role: - description: Input/Output [Required]. The role for members below. - type: string - resourceType: - enum: - - RESOURCE_TYPE_UNSPECIFIED - - PROJECT - - SERVICE_ACCOUNT - - GCS_BUCKET - - SERVICE_CONSUMER - - AR_REPO - description: >- - Input/Output [Required]. Specifies the type of resource that will be - accessed by members. - enumDescriptions: - - '' - - >- - The value of resource field is the ID or number of a project. - Format is - - >- - The value of resource field is the resource name of a service - account. Format is projects//serviceAccounts/ - - >- - The value of resource field is the name of a GCS bucket (not its - resource name). Format is . - - >- - The value of resource field is the resource name of a service - consumer. Format is services//consumers/ - - >- - The value of the resource field is the AR Image Uri which - identifies an AR REPO. Allowed formats are: /// ///: ///@ - type: string type: object - id: CloudAiPlatformTenantresourceIamPolicyBinding - GoogleCloudDocumentaiV1BoundingPoly: + CloudAiPlatformTenantresourceTenantProjectResource: + id: CloudAiPlatformTenantresourceTenantProjectResource + description: 'The tenant project and tenant resources. Next ID: 10' + type: object properties: - normalizedVertices: - items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1NormalizedVertex' + infraSpannerConfigs: + description: >- + The Infra Spanner databases that are provisioned under the tenant + project. Note: this is an experimental feature. type: array - description: The bounding polygon normalized vertices. - vertices: + items: + $ref: >- + #/components/schemas/CloudAiPlatformTenantresourceInfraSpannerConfig + iamPolicyBindings: type: array - description: The bounding polygon vertices. items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1Vertex' - type: object - id: GoogleCloudDocumentaiV1BoundingPoly - description: A bounding polygon for the detected image annotation. - GoogleCloudDocumentaiV1DocumentPageImageQualityScoresDetectedDefect: - type: object - description: Image Quality Defects - id: GoogleCloudDocumentaiV1DocumentPageImageQualityScoresDetectedDefect - properties: - confidence: + $ref: '#/components/schemas/CloudAiPlatformTenantresourceIamPolicyBinding' description: >- - Confidence of detected defect. Range `[0, 1]` where `1` indicates - strong confidence that the defect exists. - type: number - format: float - type: + The dynamic IAM bindings that are granted under the tenant project. + Note: this should only add new bindings to the project if they don't + exist and the existing bindings won't be affected. + tenantProjectNumber: type: string - description: >- - Name of the defect type. Supported values are: - - `quality/defect_blurry` - `quality/defect_noisy` - - `quality/defect_dark` - `quality/defect_faint` - - `quality/defect_text_too_small` - `quality/defect_document_cutoff` - - `quality/defect_text_cutoff` - `quality/defect_glare` - GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutPageSpan: - type: object - properties: - pageEnd: - description: Page where block ends in the document. - type: integer - format: int32 - pageStart: - description: Page where block starts in the document. - type: integer - format: int32 - description: Represents where the block starts and ends in the document. - id: >- - GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutPageSpan - GoogleCloudContentwarehouseV1TextTypeOptions: - id: GoogleCloudContentwarehouseV1TextTypeOptions - description: Configurations for a text property. - type: object - properties: {} - GoogleProtobufEmpty: + format: int64 + description: Output only. The tenant project number that has been created. + gcsBuckets: + type: array + description: The GCS buckets that are provisioned under the tenant project. + items: + $ref: '#/components/schemas/CloudAiPlatformTenantresourceGcsBucketConfig' + tenantProjectConfig: + description: The configurations of a tenant project. + $ref: >- + #/components/schemas/CloudAiPlatformTenantresourceTenantProjectConfig + tenantServiceAccounts: + type: array + items: + $ref: >- + #/components/schemas/CloudAiPlatformTenantresourceTenantServiceAccountIdentity + description: >- + The service account identities (or enabled API service's P4SA) that + are expclicitly created under the tenant project (before JIT + provisioning during enabled API services). + tenantProjectId: + type: string + description: Output only. The tenant project ID that has been created. + cloudSqlInstances: + description: >- + The CloudSQL instances that are provisioned under the tenant + project. + items: + $ref: >- + #/components/schemas/CloudAiPlatformTenantresourceCloudSqlInstanceConfig + type: array + tag: + description: >- + Input/Output [Required]. The tag that uniquely identifies a tenant + project within a tenancy unit. Note: for the same tenant project + tag, all tenant manager operations should be idempotent. + type: string + GoogleCloudContentwarehouseV1PublishAction: + id: GoogleCloudContentwarehouseV1PublishAction type: object - id: GoogleProtobufEmpty - properties: {} description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - GoogleCloudContentwarehouseV1UpdateRuleSetRequest: - type: object - id: GoogleCloudContentwarehouseV1UpdateRuleSetRequest - description: Request message for RuleSetService.UpdateRuleSet. - properties: - ruleSet: - description: Required. The rule set to update. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleSet' - GoogleCloudContentwarehouseV1PropertyArray: - description: Property values. - id: GoogleCloudContentwarehouseV1PropertyArray + Represents the action responsible for publishing messages to a Pub/Sub + topic. properties: - properties: - description: List of property values. - items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Property' + topicId: + description: >- + The topic id in the Pub/Sub service for which messages will be + published to. + type: string + messages: type: array - type: object + description: Messages to be published. + items: + type: string GoogleIamV1Policy: + type: object description: >- An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of @@ -2243,8 +2144,6 @@ components: timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). - id: GoogleIamV1Policy - type: object properties: bindings: type: array @@ -2260,6 +2159,27 @@ components: can add another 1,450 principals to the `bindings` in the `Policy`. items: $ref: '#/components/schemas/GoogleIamV1Binding' + etag: + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + type: string + format: byte + auditConfigs: + description: Specifies cloud audit logging configuration for this policy. + items: + $ref: '#/components/schemas/GoogleIamV1AuditConfig' + type: array version: description: >- Specifies the format of the policy. Valid values are `0`, `1`, and @@ -2278,245 +2198,291 @@ components: specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer format: int32 - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - format: byte - type: string - auditConfigs: - type: array - items: - $ref: '#/components/schemas/GoogleIamV1AuditConfig' - description: Specifies cloud audit logging configuration for this policy. - GoogleCloudContentwarehouseV1SynonymSet: + type: integer + id: GoogleIamV1Policy + GoogleTypeMoney: + type: object + description: Represents an amount of money with its currency type. + id: GoogleTypeMoney properties: - context: + units: + format: int64 type: string description: >- - This is a freeform field. Example contexts can be "sales," - "engineering," "real estate," "accounting," etc. The context can be - supplied during search requests. - synonyms: - description: List of Synonyms for the context. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1SynonymSetSynonym - name: + The whole units of the amount. For example if `currencyCode` is + `"USD"`, then 1 unit is one US dollar. + currencyCode: type: string - description: >- - The resource name of the SynonymSet This is mandatory for - google.api.resource. Format: - projects/{project_number}/locations/{location}/synonymSets/{context}. - id: GoogleCloudContentwarehouseV1SynonymSet - type: object - description: >- - Represents a list of synonyms for a given context. For example a context - "sales" could contain: Synonym 1: sale, invoice, bill, order Synonym 2: - money, credit, finance, payment Synonym 3: shipping, freight, transport - Each SynonymSets should be disjoint - GoogleCloudDocumentaiV1Vertex: - description: >- - A vertex represents a 2D point in the image. NOTE: the vertex - coordinates are in the same scale as the original image. - properties: - x: - type: integer - format: int32 - description: X coordinate. - 'y': + description: The three-letter currency code defined in ISO 4217. + nanos: type: integer - description: Y coordinate (starts from the top of the image). + description: >- + Number of nano (10^-9) units of the amount. The value must be + between -999,999,999 and +999,999,999 inclusive. If `units` is + positive, `nanos` must be positive or zero. If `units` is zero, + `nanos` can be positive, zero, or negative. If `units` is negative, + `nanos` must be negative or zero. For example $-1.75 is represented + as `units`=-1 and `nanos`=-750,000,000. format: int32 - id: GoogleCloudDocumentaiV1Vertex + GoogleCloudContentwarehouseV1PropertyDefinition: type: object - GoogleIamV1Binding: - id: GoogleIamV1Binding properties: - role: + isSearchable: + description: Indicates that the property should be included in a global search. + type: boolean + timestampTypeOptions: description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + Timestamp property. It is not supported by CMEK compliant + deployment. + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1TimestampTypeOptions + name: type: string - condition: description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/GoogleTypeExpr' - members: + Required. The name of the metadata property. Must be unique within a + document schema and is case insensitive. Names must be non-blank, + start with a letter, and can contain alphanumeric characters and: /, + :, -, _, and . + propertyTypeOptions: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1PropertyTypeOptions + description: Nested structured data property. + integerTypeOptions: + description: Integer property. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1IntegerTypeOptions' + isMetadata: + type: boolean description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + Whether the property is user supplied metadata. This out-of-the box + placeholder setting can be used to tag derived properties. Its value + and interpretation logic should be implemented by API user. + enumTypeOptions: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1EnumTypeOptions' + description: Enum/categorical property. + displayName: + description: The display-name for the property, used for front-end. + type: string + floatTypeOptions: + description: Float property. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1FloatTypeOptions' + isFilterable: + description: >- + Whether the property can be filtered. If this is a sub-property, all + the parent properties must be marked filterable. + type: boolean + retrievalImportance: + enumDescriptions: + - No importance specified. Default medium importance. + - Highest importance. + - Higher importance. + - High importance. + - Medium importance. + - Low importance (negative). + - Lowest importance (negative). + type: string + enum: + - RETRIEVAL_IMPORTANCE_UNSPECIFIED + - HIGHEST + - HIGHER + - HIGH + - MEDIUM + - LOW + - LOWEST + description: The retrieval importance of the property during search. + dateTimeTypeOptions: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1DateTimeTypeOptions + description: >- + Date time property. It is not supported by CMEK compliant + deployment. + isRequired: + description: >- + Whether the property is mandatory. Default is 'false', i.e. + populating property value can be skipped. If 'true' then user must + populate the value for this property. + type: boolean + textTypeOptions: + description: Text/string property. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1TextTypeOptions' + isRepeatable: + description: Whether the property can have multiple values. + type: boolean + mapTypeOptions: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1MapTypeOptions' + description: Map property. + schemaSources: items: - type: string + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1PropertyDefinitionSchemaSource + description: >- + The mapping information between this property to another schema + source. type: array - type: object - description: Associates `members`, or principals, with a `role`. - GoogleCloudContentwarehouseV1ActionExecutorOutput: + description: Defines the metadata for a schema property. + id: GoogleCloudContentwarehouseV1PropertyDefinition + GoogleCloudDocumentaiV1DocumentRevision: + description: Contains past or forward revisions of this document. + id: GoogleCloudDocumentaiV1DocumentRevision properties: - ruleActionsPairs: + agent: + description: >- + If the change was made by a person specify the name or id of that + person. + type: string + processor: + description: >- + If the annotation was made by processor identify the processor by + its resource name. + type: string + createTime: + description: >- + The time that the revision was created, internally generated by doc + proto storage at the time of create. + type: string + format: google-datetime + id: + description: >- + Id of the revision, internally generated by doc proto storage. + Unique within the context of the document. + type: string + parent: type: array - description: List of rule and corresponding actions result. + description: >- + The revisions that this revision is based on. This can include one + or more parent (when documents are merged.) This field represents + the index into the `revisions` field. items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleActionsPair' - type: object - id: GoogleCloudContentwarehouseV1ActionExecutorOutput - description: Represents the output of the Action Executor. - GoogleCloudContentwarehouseV1ListSynonymSetsResponse: - properties: - nextPageToken: - type: string + format: int32 + type: integer + deprecated: true + humanReview: + description: Human Review information of this revision. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentRevisionHumanReview + parentIds: description: >- - A page token, received from a previous `ListSynonymSets` call. - Provide this to retrieve the subsequent page. - synonymSets: + The revisions that this revision is based on. Must include all the + ids that have anything to do with this revision - eg. there are + `provenance.parent.revision` fields that index into this field. items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1SynonymSet' + type: string type: array - description: The synonymSets from the specified parent. - id: GoogleCloudContentwarehouseV1ListSynonymSetsResponse - description: Response message for SynonymSetService.ListSynonymSets. - type: object - GoogleCloudContentwarehouseV1EnumValue: - id: GoogleCloudContentwarehouseV1EnumValue - description: Represents the string value of the enum field. type: object + GoogleCloudContentwarehouseV1RunPipelineMetadataExportToCdwPipelineMetadata: properties: - value: + documents: + type: array description: >- - String value of the enum field. This must match defined set of enums - in document schema using EnumTypeOptions. + The input list of all the resource names of the documents to be + exported. + items: + type: string + docAiDataset: + description: The output CDW dataset resource name. type: string - GoogleTypeInterval: + outputPath: + type: string + description: The output Cloud Storage folder in this pipeline. type: object + description: The metadata message for Export-to-CDW pipeline. + id: >- + GoogleCloudContentwarehouseV1RunPipelineMetadataExportToCdwPipelineMetadata + GoogleTypeTimeZone: description: >- - Represents a time interval, encoded as a Timestamp start (inclusive) and - a Timestamp end (exclusive). The start must be less than or equal to the - end. When the start equals the end, the interval is empty (matches no - time). When both start and end are unspecified, the interval matches any - time. + Represents a time zone from the [IANA Time Zone + Database](https://www.iana.org/time-zones). + type: object + id: GoogleTypeTimeZone properties: - startTime: + version: description: >- - Optional. Inclusive start of the interval. If specified, a Timestamp - matching this interval will have to be the same or after the start. - format: google-datetime + Optional. IANA Time Zone Database version number. For example + "2019a". type: string - endTime: - format: google-datetime + id: + description: IANA Time Zone Database time zone. For example "America/New_York". type: string + GoogleCloudContentwarehouseV1TimeFilter: + id: GoogleCloudContentwarehouseV1TimeFilter + properties: + timeRange: + $ref: '#/components/schemas/GoogleTypeInterval' + timeField: description: >- - Optional. Exclusive end of the interval. If specified, a Timestamp - matching this interval will have to be before the end. - id: GoogleTypeInterval - GoogleCloudContentwarehouseV1RunPipelineMetadataProcessWithDocAiPipelineMetadata: + Specifies which time field to filter documents on. Defaults to + TimeField.UPLOAD_TIME. + type: string + enumDescriptions: + - Default value. + - Earliest document create time. + - Latest document update time. + - Time when document becomes mutable again. + enum: + - TIME_FIELD_UNSPECIFIED + - CREATE_TIME + - UPDATE_TIME + - DISPOSITION_TIME + type: object + description: Filter on create timestamp or update timestamp of documents. + GoogleCloudContentwarehouseV1TextArray: type: object properties: - documents: - description: >- - The input list of all the resource names of the documents to be - processed. + values: items: type: string + description: List of text values. type: array - processorInfo: - description: The DocAI processor to process the documents with. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ProcessorInfo' - description: The metadata message for Process-with-DocAi pipeline. - id: >- - GoogleCloudContentwarehouseV1RunPipelineMetadataProcessWithDocAiPipelineMetadata - GoogleCloudDocumentaiV1DocumentPageLayout: + id: GoogleCloudContentwarehouseV1TextArray + description: String/text values. + GoogleCloudContentwarehouseV1EnumValue: + description: Represents the string value of the enum field. type: object - id: GoogleCloudDocumentaiV1DocumentPageLayout - description: Visual element describing a layout unit on a page. properties: - textAnchor: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentTextAnchor' - description: Text anchor indexing into the Document.text. - boundingPoly: - description: The bounding polygon for the Layout. - $ref: '#/components/schemas/GoogleCloudDocumentaiV1BoundingPoly' - orientation: - enumDescriptions: + value: + type: string + description: >- + String value of the enum field. This must match defined set of enums + in document schema using EnumTypeOptions. + id: GoogleCloudContentwarehouseV1EnumValue + GoogleCloudDocumentaiV1DocumentPageTokenDetectedBreak: + id: GoogleCloudDocumentaiV1DocumentPageTokenDetectedBreak + type: object + description: Detected break at the end of a Token. + properties: + type: + type: string + enumDescriptions: + - Unspecified break type. + - A single whitespace. + - A wider whitespace. + - A hyphen that indicates that a token has been split across lines. + enum: + - TYPE_UNSPECIFIED + - SPACE + - WIDE_SPACE + - HYPHEN + description: Detected break type. + GoogleCloudContentwarehouseV1beta1UpdateDocumentMetadata: + description: Metadata object for UpdateDocument request (currently empty). + properties: {} + id: GoogleCloudContentwarehouseV1beta1UpdateDocumentMetadata + type: object + GoogleCloudDocumentaiV1DocumentPageLayout: + properties: + boundingPoly: + description: The bounding polygon for the Layout. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1BoundingPoly' + orientation: + type: string + description: Detected orientation for the Layout. + enum: + - ORIENTATION_UNSPECIFIED + - PAGE_UP + - PAGE_RIGHT + - PAGE_DOWN + - PAGE_LEFT + enumDescriptions: - Unspecified orientation. - Orientation is aligned with page up. - >- @@ -2528,304 +2494,505 @@ components: - >- Orientation is aligned with page left. Turn the head 90 degrees counterclockwise from upright to read. - type: string - enum: - - ORIENTATION_UNSPECIFIED - - PAGE_UP - - PAGE_RIGHT - - PAGE_DOWN - - PAGE_LEFT - description: Detected orientation for the Layout. + textAnchor: + description: Text anchor indexing into the Document.text. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentTextAnchor' confidence: - format: float type: number description: >- Confidence of the current Layout within context of the object this layout is for. e.g. confidence can be for a single token, a table, a visual element, etc. depending on context. Range `[0, 1]`. - GoogleCloudContentwarehouseV1SearchDocumentsResponse: + format: float + id: GoogleCloudDocumentaiV1DocumentPageLayout + description: Visual element describing a layout unit on a page. + type: object + GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutListEntry: + type: object + description: Represents an entry in the list. properties: - matchingDocuments: - description: >- - The document entities that match the specified - SearchDocumentsRequest. + blocks: + type: array items: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1SearchDocumentsResponseMatchingDocument - type: array - metadata: + #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlock description: >- - Additional information for the API invocation, such as the request - tracking id. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ResponseMetadata' - totalSize: - type: integer + A list entry is a list of blocks. Repeated blocks support further + hierarchies and nested blocks. + id: >- + GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutListEntry + GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTextBlock: + type: object + description: Represents a text type block. + id: >- + GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTextBlock + properties: + type: description: >- - The total number of matched documents which is available only if the - client set SearchDocumentsRequest.require_total_size to `true` or - set SearchDocumentsRequest.total_result_size to `ESTIMATED_SIZE` or - `ACTUAL_SIZE`. Otherwise, the value will be `-1`. Typically a UI - would handle this condition by displaying "of many", for example: - "Displaying 10 of many". - format: int32 - questionAnswer: - type: string - description: Experimental. Question answer from the query against the document. - nextPageToken: + Type of the text in the block. Available options are: `paragraph`, + `subtitle`, `heading-1`, `heading-2`, `heading-3`, `heading-4`, + `heading-5`, `header`, `footer`. type: string + blocks: description: >- - The token that specifies the starting position of the next page of - results. This field is empty if there are no more results. - histogramQueryResults: + A text block could further have child blocks. Repeated blocks + support further hierarchies and nested blocks. type: array items: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1HistogramQueryResult - description: >- - The histogram results that match with the specified - SearchDocumentsRequest.histogram_queries. - description: Response message for DocumentService.SearchDocuments. - type: object - id: GoogleCloudContentwarehouseV1SearchDocumentsResponse - GoogleCloudDocumentaiV1DocumentPageTableTableCell: - id: GoogleCloudDocumentaiV1DocumentPageTableTableCell - description: A cell representation inside the table. - properties: - layout: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' - description: Layout for TableCell. - colSpan: - type: integer - description: How many columns this cell spans. - format: int32 - detectedLanguages: - description: A list of detected languages together with confidence. - items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedLanguage - type: array - rowSpan: - format: int32 - description: How many rows this cell spans. - type: integer - type: object - GoogleCloudDocumentaiV1NormalizedVertex: - type: object - properties: - x: - type: number - format: float - description: X coordinate. - 'y': - format: float - description: Y coordinate (starts from the top of the image). - type: number - description: >- - A vertex represents a 2D point in the image. NOTE: the normalized vertex - coordinates are relative to the original image and range from 0 to 1. - id: GoogleCloudDocumentaiV1NormalizedVertex - GoogleCloudContentwarehouseV1CreateDocumentResponse: + #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlock + text: + description: Text content stored in the block. + type: string + GoogleCloudContentwarehouseV1UpdateDocumentResponse: type: object + description: Response message for DocumentService.UpdateDocument. + id: GoogleCloudContentwarehouseV1UpdateDocumentResponse properties: + ruleEngineOutput: + description: >- + Output from Rule Engine recording the rule evaluator and action + executor's output. Refer format in: + google/cloud/contentwarehouse/v1/rule_engine.proto + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleEngineOutput' metadata: $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ResponseMetadata' description: >- Additional information for the API invocation, such as the request tracking id. document: - description: Document created after executing create request. $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Document' - ruleEngineOutput: + description: Updated document after executing update request. + GoogleCloudContentwarehouseV1GcsIngestWithDocAiProcessorsPipeline: + properties: + skipIngestedDocuments: description: >- - Output from Rule Engine recording the rule evaluator and action - executor's output. Refer format in: - google/cloud/contentwarehouse/v1/rule_engine.proto - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleEngineOutput' - longRunningOperations: + The flag whether to skip ingested documents. If it is set to true, + documents in Cloud Storage contains key "status" with value + "status=ingested" in custom metadata will be skipped to ingest. + type: boolean + extractProcessorInfos: type: array items: - $ref: '#/components/schemas/GoogleLongrunningOperation' - description: post-processing LROs - description: Response message for DocumentService.CreateDocument. - id: GoogleCloudContentwarehouseV1CreateDocumentResponse - GoogleCloudContentwarehouseV1CreateDocumentRequest: - id: GoogleCloudContentwarehouseV1CreateDocumentRequest - properties: - cloudAiDocumentOption: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1CloudAIDocumentOption + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ProcessorInfo' description: >- - Request Option for processing Cloud AI Document in Document - Warehouse. This field offers limited support for mapping entities - from Cloud AI Document to Warehouse Document. Please consult with - product team before using this field and other available options. - createMask: + The extract processors information. One matched extract processor + will be used to process documents based on the classify processor + result. If no classify processor is specified, the first extract + processor will be used. + inputPath: description: >- - Field mask for creating Document fields. If mask path is empty, it - means all fields are masked. For the `FieldMask` definition, see - https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask. + The input Cloud Storage folder. All files under this folder will be + imported to Document Warehouse. Format: `gs:///`. type: string - format: google-fieldmask - policy: + pipelineConfig: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1IngestPipelineConfig description: >- - Default document policy during creation. This refers to an Identity - and Access (IAM) policy, which specifies access controls for the - Document. Conditions defined in the policy will be ignored. - $ref: '#/components/schemas/GoogleIamV1Policy' - requestMetadata: + Optional. The config for the Cloud Storage Ingestion with DocAI + Processors pipeline. It provides additional customization options to + run the pipeline and can be skipped if it is not applicable. + processorResultsFolderPath: + type: string description: >- - The meta information collected about the end user, used to enforce - access control for the service. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' - document: - description: Required. The document to create. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Document' + The Cloud Storage folder path used to store the raw results from + processors. Format: `gs:///`. + splitClassifyProcessorInfo: + description: >- + The split and classify processor information. The split and classify + result will be used to find a matched extract processor. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ProcessorInfo' type: object - description: Request message for DocumentService.CreateDocument. - GoogleCloudContentwarehouseV1EnumArray: - properties: - values: - description: List of enum values. - type: array - items: - type: string + description: >- + The configuration of the Cloud Storage Ingestion with DocAI Processors + pipeline. + id: GoogleCloudContentwarehouseV1GcsIngestWithDocAiProcessorsPipeline + GoogleCloudContentwarehouseV1HistogramQueryPropertyNameFilter: + id: GoogleCloudContentwarehouseV1HistogramQueryPropertyNameFilter type: object - description: Enum values. - id: GoogleCloudContentwarehouseV1EnumArray - CloudAiPlatformTenantresourceInfraSpannerConfigCreateDatabaseOptions: properties: - cmekCloudResourceType: - type: string + propertyNames: description: >- - The cloud resource type for the CMEK encryption. For example, - contentwarehouse.googleapis.com/Location - cmekServiceName: + It is optional. It will perform histogram for all the property names + if it is not set. The properties need to be defined with the + is_filterable flag set to true and the name of the property should + be in the format: "schemaId.propertyName". The property needs to be + defined in the schema. Example: the schema id is abc. Then the name + of property for property MORTGAGE_TYPE will be "abc.MORTGAGE_TYPE". + type: array + items: + type: string + documentSchemas: + type: array description: >- - The service name for the CMEK encryption. For example, - contentwarehouse.googleapis.com + This filter specifies the exact document schema(s) + Document.document_schema_name to run histogram query against. It is + optional. It will perform histogram for property names for all the + document schemas if it is not set. At most 10 document schema names + are allowed. Format: + projects/{project_number}/locations/{location}/documentSchemas/{document_schema_id}. + items: + type: string + yAxis: + enumDescriptions: + - Count the documents per property name. + - Count the properties per property name. type: string - cmekCloudResourceName: + enum: + - HISTOGRAM_YAXIS_DOCUMENT + - HISTOGRAM_YAXIS_PROPERTY description: >- - The cloud resource name for the CMEK encryption. For example, - projects//locations/ + By default, the y_axis is HISTOGRAM_YAXIS_DOCUMENT if this field is + not set. + GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageHeader: + description: Represents the page header associated with the chunk. + id: GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageHeader + type: object + properties: + pageSpan: + description: Page span of the header. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageSpan + text: type: string - description: >- - The options to create a spanner database. KMS key access audit logging - and AxT logging will be associated with the given resource name, - resource type and service name. Please ensure to give right options to - enable correct audit logging and AxT logging. - id: CloudAiPlatformTenantresourceInfraSpannerConfigCreateDatabaseOptions + description: Header in text format. + CloudAiPlatformTenantresourceInfraSpannerConfig: type: object - GoogleCloudContentwarehouseV1DocumentQuery: + id: CloudAiPlatformTenantresourceInfraSpannerConfig properties: - documentNameFilter: - type: array - description: >- - Search the documents in the list. Format: - projects/{project_number}/locations/{location}/documents/{document_id}. - items: - type: string - folderNameFilter: + spannerUniverse: + type: string description: >- - Search all the documents under this specified folder. Format: - projects/{project_number}/locations/{location}/documents/{document_id}. + Input [Required]. Every database in Spanner can be identified by the + following path name: /span//: + spannerNamespace: type: string - isNlQuery: + sdlBundlePath: + description: Input [Required]. The file path to the spanner SDL bundle. + type: string + createDatabaseOptions: + $ref: >- + #/components/schemas/CloudAiPlatformTenantresourceInfraSpannerConfigCreateDatabaseOptions description: >- - Experimental, do not use. If the query is a natural language - question. False by default. If true, then the question-answering - feature will be used instead of search, and `result_count` in - SearchDocumentsRequest must be set. In addition, all other input - fields related to search (pagination, histograms, etc.) will be - ignored. - type: boolean - queryContext: + Input [Optional]. The options to create a spanner database. Note: + give the right options to ensure the right KMS key access audit + logging and AxT logging in expected logging category. + spannerBorgServiceAccount: + type: string description: >- - For custom synonyms. Customers provide the synonyms based on - context. One customer can provide multiple set of synonyms based on - different context. The search query will be expanded based on the - custom synonyms of the query context set. By default, no custom - synonyms wll be applied if no query context is provided. It is not - supported for CMEK compliant deployment. - type: array - items: - type: string - customPropertyFilter: - deprecated: true + Input [Optional]. The spanner borg service account for delegating + the kms key to. For example, + spanner-infra-cmek-nonprod@system.gserviceaccount.com, for the + nonprod universe. + kmsKeyReference: description: >- - This filter specifies a structured syntax to match against the - [PropertyDefinition].is_filterable marked as `true`. The syntax for - this expression is a subset of SQL syntax. Supported operators are: - `=`, `!=`, `<`, `<=`, `>`, and `>=` where the left of the operator - is a property name and the right of the operator is a number or a - quoted string. You must escape backslash (\\) and quote (\") - characters. Supported functions are `LOWER([property_name])` to - perform a case insensitive match and `EMPTY([property_name])` to - filter on the existence of a key. Boolean expressions (AND/OR/NOT) - are supported up to 3 levels of nesting (for example, "((A AND B AND - C) OR NOT D) AND E"), a maximum of 100 comparisons or functions are - allowed in the expression. The expression must be < 6000 bytes in - length. Sample Query: `(LOWER(driving_license)="class \"a\"" OR - EMPTY(driving_license)) AND driving_years > 10` + Input [Optional]. The KMS key name or the KMS grant name used for + CMEK encryption. Only set this field when provisioning new Infra + Spanner databases. For existing Infra Spanner databases, this field + will be ignored because CMEK re-encryption is not supported. For + example, projects//locations//keyRings//cryptoKeys/ type: string - fileTypeFilter: + spannerLocalNamePrefix: + type: string + description: 'The configuration for a spanner database provisioning. Next ID: 8' + GoogleCloudDocumentaiV1DocumentPageMatrix: + properties: + data: + description: The matrix data. + format: byte + type: string + type: + type: integer description: >- - This filter specifies the types of files to return: ALL, FOLDER, or - FILE. If FOLDER or FILE is specified, then only either folders or - files will be returned, respectively. If ALL is specified, both - folders and files will be returned. If no value is specified, ALL - files will be returned. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1FileTypeFilter' - timeFilters: + This encodes information about what data type the matrix uses. For + example, 0 (CV_8U) is an unsigned 8-bit image. For the full list of + OpenCV primitive data types, please refer to + https://docs.opencv.org/4.3.0/d1/d1b/group__core__hal__interface.html + format: int32 + cols: + description: Number of columns in the matrix. + format: int32 + type: integer + rows: + description: Number of rows in the matrix. + type: integer + format: int32 + type: object + id: GoogleCloudDocumentaiV1DocumentPageMatrix + description: >- + Representation for transformation matrix, intended to be compatible and + used with OpenCV format for image manipulation. + GoogleCloudContentwarehouseV1Property: + id: GoogleCloudContentwarehouseV1Property + type: object + description: Property of a document. + properties: + integerValues: + description: Integer property values. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1IntegerArray' + propertyValues: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1PropertyArray' + description: Nested structured data property values. + textValues: + description: String/text property values. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1TextArray' + dateTimeValues: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DateTimeArray' description: >- - Documents created/updated within a range specified by this filter - are searched against. - items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1TimeFilter' - type: array - documentSchemaNames: - items: - type: string + Date time property values. It is not supported by CMEK compliant + deployment. + timestampValues: description: >- - This filter specifies the exact document schema - Document.document_schema_name of the documents to search against. If - a value isn't specified, documents within the search results are - associated with any schema. If multiple values are specified, - documents within the search results may be associated with any of - the specified schemas. At most 20 document schema names are allowed. - type: array - customWeightsMetadata: + Timestamp property values. It is not supported by CMEK compliant + deployment. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1TimestampArray' + enumValues: + description: Enum property values. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1EnumArray' + name: + type: string description: >- - To support the custom weighting across document schemas, customers - need to provide the properties to be used to boost the ranking in - the search request. For a search query with CustomWeightsMetadata - specified, only the RetrievalImportance for the properties in the - CustomWeightsMetadata will be honored. + Required. Must match the name of a PropertyDefinition in the + DocumentSchema. + floatValues: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1FloatArray' + description: Float property values. + mapProperty: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1MapProperty' + description: Map property values. + GoogleCloudContentwarehouseV1GcsIngestPipeline: + type: object + properties: + pipelineConfig: + description: >- + Optional. The config for the Cloud Storage Ingestion pipeline. It + provides additional customization options to run the pipeline and + can be skipped if it is not applicable. $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1CustomWeightsMetadata - propertyFilter: + #/components/schemas/GoogleCloudContentwarehouseV1IngestPipelineConfig + schemaName: description: >- - This filter specifies a structured syntax to match against the - PropertyDefinition.is_filterable marked as `true`. The relationship - between the PropertyFilters is OR. - type: array - items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1PropertyFilter' - query: + The Document Warehouse schema resource name. All documents processed + by this pipeline will use this schema. Format: + projects/{project_number}/locations/{location}/documentSchemas/{document_schema_id}. type: string + inputPath: description: >- - The query string that matches against the full text of the document - and the searchable properties. The query partially supports [Google - AIP style syntax](https://google.aip.dev/160). Specifically, the - query supports literals, logical operators, negation operators, - comparison operators, and functions. Literals: A bare literal value - (examples: "42", "Hugo") is a value to be matched against. It - searches over the full text of the document and the searchable - properties. Logical operators: "AND", "and", "OR", and "or" are - binary logical operators (example: "engineer OR developer"). - Negation operators: "NOT" and "!" are negation operators (example: - "NOT software"). Comparison operators: support the binary comparison - operators =, !=, <, >, <= and >= for string, numeric, enum, boolean. + The input Cloud Storage folder. All files under this folder will be + imported to Document Warehouse. Format: `gs:///`. + type: string + skipIngestedDocuments: + description: >- + The flag whether to skip ingested documents. If it is set to true, + documents in Cloud Storage contains key "status" with value + "status=ingested" in custom metadata will be skipped to ingest. + type: boolean + processorType: + description: >- + The Doc AI processor type name. Only used when the format of + ingested files is Doc AI Document proto format. + type: string + id: GoogleCloudContentwarehouseV1GcsIngestPipeline + description: The configuration of the Cloud Storage Ingestion pipeline. + GoogleCloudContentwarehouseV1SearchDocumentsResponse: + type: object + id: GoogleCloudContentwarehouseV1SearchDocumentsResponse + properties: + matchingDocuments: + description: >- + The document entities that match the specified + SearchDocumentsRequest. + items: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1SearchDocumentsResponseMatchingDocument + type: array + questionAnswer: + description: Experimental. Question answer from the query against the document. + type: string + nextPageToken: + type: string + description: >- + The token that specifies the starting position of the next page of + results. This field is empty if there are no more results. + totalSize: + format: int32 + type: integer + description: >- + The total number of matched documents which is available only if the + client set SearchDocumentsRequest.require_total_size to `true` or + set SearchDocumentsRequest.total_result_size to `ESTIMATED_SIZE` or + `ACTUAL_SIZE`. Otherwise, the value will be `-1`. Typically a UI + would handle this condition by displaying "of many", for example: + "Displaying 10 of many". + metadata: + description: >- + Additional information for the API invocation, such as the request + tracking id. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ResponseMetadata' + histogramQueryResults: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1HistogramQueryResult + description: >- + The histogram results that match with the specified + SearchDocumentsRequest.histogram_queries. + description: Response message for DocumentService.SearchDocuments. + GoogleCloudContentwarehouseV1GetDocumentRequest: + id: GoogleCloudContentwarehouseV1GetDocumentRequest + description: Request message for DocumentService.GetDocument. + type: object + properties: + requestMetadata: + description: >- + The meta information collected about the end user, used to enforce + access control for the service. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' + GoogleCloudContentwarehouseV1ProjectStatus: + properties: + accessControlMode: + description: Access control mode. + enum: + - ACL_MODE_UNKNOWN + - ACL_MODE_UNIVERSAL_ACCESS + - ACL_MODE_DOCUMENT_LEVEL_ACCESS_CONTROL_BYOID + - ACL_MODE_DOCUMENT_LEVEL_ACCESS_CONTROL_GCI + enumDescriptions: + - This value is required by protobuf best practices + - 'Universal Access: No document level access control.' + - Document level access control with customer own Identity Service. + - Document level access control using Google Cloud Identity. + type: string + location: + description: The location of the queried project. + type: string + databaseType: + type: string + enumDeprecated: + - false + - false + - true + enumDescriptions: + - This value is required by protobuf best practices + - Internal Spanner + - Cloud Sql with a Postgres Sql instance + enum: + - DB_UNKNOWN + - DB_INFRA_SPANNER + - DB_CLOUD_SQL_POSTGRES + description: Database type. + state: + enum: + - PROJECT_STATE_UNSPECIFIED + - PROJECT_STATE_PENDING + - PROJECT_STATE_COMPLETED + - PROJECT_STATE_FAILED + - PROJECT_STATE_DELETING + - PROJECT_STATE_DELETING_FAILED + - PROJECT_STATE_DELETED + - PROJECT_STATE_NOT_FOUND + type: string + enumDescriptions: + - Default status, required by protobuf best practices. + - The project is in the middle of a provision process. + - All dependencies have been provisioned. + - A provision process was previously initiated, but failed. + - The project is in the middle of a deletion process. + - A deleting process was initiated, but failed. + - The project is deleted. + - The project is not found. + description: State of the project. + documentCreatorDefaultRole: + description: The default role for the person who create a document. + type: string + qaEnabled: + description: If the qa is enabled on this project. + type: boolean + type: object + description: >- + Status of a project, including the project state, dbType, aclMode and + etc. + id: GoogleCloudContentwarehouseV1ProjectStatus + GoogleCloudContentwarehouseV1DeleteDocumentLinkRequest: + description: Request message for DocumentLinkService.DeleteDocumentLink. + properties: + requestMetadata: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' + description: >- + The meta information collected about the document creator, used to + enforce access control for the service. + id: GoogleCloudContentwarehouseV1DeleteDocumentLinkRequest + type: object + GoogleCloudDocumentaiV1DocumentChunkedDocument: + description: Represents the chunks that the document is divided into. + id: GoogleCloudDocumentaiV1DocumentChunkedDocument + properties: + chunks: + type: array + description: List of chunks. + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentChunkedDocumentChunk + type: object + GoogleCloudContentwarehouseV1DocumentQuery: + id: GoogleCloudContentwarehouseV1DocumentQuery + properties: + isNlQuery: + description: >- + Experimental, do not use. If the query is a natural language + question. False by default. If true, then the question-answering + feature will be used instead of search, and `result_count` in + SearchDocumentsRequest must be set. In addition, all other input + fields related to search (pagination, histograms, etc.) will be + ignored. + type: boolean + propertyFilter: + description: >- + This filter specifies a structured syntax to match against the + PropertyDefinition.is_filterable marked as `true`. The relationship + between the PropertyFilters is OR. + items: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1PropertyFilter' + type: array + timeFilters: + items: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1TimeFilter' + description: >- + Documents created/updated within a range specified by this filter + are searched against. + type: array + documentNameFilter: + items: + type: string + description: >- + Search the documents in the list. Format: + projects/{project_number}/locations/{location}/documents/{document_id}. + type: array + documentSchemaNames: + type: array + items: + type: string + description: >- + This filter specifies the exact document schema + Document.document_schema_name of the documents to search against. If + a value isn't specified, documents within the search results are + associated with any schema. If multiple values are specified, + documents within the search results may be associated with any of + the specified schemas. At most 20 document schema names are allowed. + query: + description: >- + The query string that matches against the full text of the document + and the searchable properties. The query partially supports [Google + AIP style syntax](https://google.aip.dev/160). Specifically, the + query supports literals, logical operators, negation operators, + comparison operators, and functions. Literals: A bare literal value + (examples: "42", "Hugo") is a value to be matched against. It + searches over the full text of the document and the searchable + properties. Logical operators: "AND", "and", "OR", and "or" are + binary logical operators (example: "engineer OR developer"). + Negation operators: "NOT" and "!" are negation operators (example: + "NOT software"). Comparison operators: support the binary comparison + operators =, !=, <, >, <= and >= for string, numeric, enum, boolean. Also support like operator `~~` for string. It provides semantic search functionality by parsing, stemming and doing synonyms expansion against the input query. To specify a property in the @@ -2844,1797 +3011,1688 @@ components: other filters e.g. `time_filters` and `folder_name_filter`. They are connected with `AND` operator under the hood. The maximum number of allowed characters is 255. + type: string + customPropertyFilter: + description: >- + This filter specifies a structured syntax to match against the + [PropertyDefinition].is_filterable marked as `true`. The syntax for + this expression is a subset of SQL syntax. Supported operators are: + `=`, `!=`, `<`, `<=`, `>`, and `>=` where the left of the operator + is a property name and the right of the operator is a number or a + quoted string. You must escape backslash (\\) and quote (\") + characters. Supported functions are `LOWER([property_name])` to + perform a case insensitive match and `EMPTY([property_name])` to + filter on the existence of a key. Boolean expressions (AND/OR/NOT) + are supported up to 3 levels of nesting (for example, "((A AND B AND + C) OR NOT D) AND E"), a maximum of 100 comparisons or functions are + allowed in the expression. The expression must be < 6000 bytes in + length. Sample Query: `(LOWER(driving_license)="class \"a\"" OR + EMPTY(driving_license)) AND driving_years > 10` + type: string + deprecated: true documentCreatorFilter: items: type: string - type: array description: >- The exact creator(s) of the documents to search against. If a value isn't specified, documents within the search results are associated with any creator. If multiple values are specified, documents within the search results may be associated with any of the specified creators. - type: object - id: GoogleCloudContentwarehouseV1DocumentQuery - GoogleCloudContentwarehouseV1MapProperty: - type: object - id: GoogleCloudContentwarehouseV1MapProperty - properties: - fields: - description: Unordered map of dynamically typed values. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Value' - description: >- - Map property value. Represents a structured entries of key value pairs, - consisting of field names which map to dynamically typed values. - CloudAiPlatformTenantresourceTenantResource: - id: CloudAiPlatformTenantresourceTenantResource - type: object - description: A collection of tenant resources. - properties: - p4ServiceAccounts: - description: A list of P4 service accounts (go/p4sa) to provision or deprovision. + type: array + folderNameFilter: + description: >- + Search all the documents under this specified folder. Format: + projects/{project_number}/locations/{location}/documents/{document_id}. + type: string + fileTypeFilter: + description: >- + This filter specifies the types of files to return: ALL, FOLDER, or + FILE. If FOLDER or FILE is specified, then only either folders or + files will be returned, respectively. If ALL is specified, both + folders and files will be returned. If no value is specified, ALL + files will be returned. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1FileTypeFilter' + customWeightsMetadata: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1CustomWeightsMetadata + description: >- + To support the custom weighting across document schemas, customers + need to provide the properties to be used to boost the ranking in + the search request. For a search query with CustomWeightsMetadata + specified, only the RetrievalImportance for the properties in the + CustomWeightsMetadata will be honored. + queryContext: + description: >- + For custom synonyms. Customers provide the synonyms based on + context. One customer can provide multiple set of synonyms based on + different context. The search query will be expanded based on the + custom synonyms of the query context set. By default, no custom + synonyms wll be applied if no query context is provided. It is not + supported for CMEK compliant deployment. + items: + type: string + type: array + type: object + CloudAiPlatformTenantresourceTenantResource: + description: A collection of tenant resources. + properties: + p4ServiceAccounts: + type: array + description: A list of P4 service accounts (go/p4sa) to provision or deprovision. items: $ref: >- #/components/schemas/CloudAiPlatformTenantresourceServiceAccountIdentity - type: array tenantProjectResources: + items: + $ref: >- + #/components/schemas/CloudAiPlatformTenantresourceTenantProjectResource type: array description: >- A list of tenant projects and tenant resources to provision or deprovision. - items: - $ref: >- - #/components/schemas/CloudAiPlatformTenantresourceTenantProjectResource - GoogleTypeColor: - id: GoogleTypeColor + id: CloudAiPlatformTenantresourceTenantResource + type: object + GoogleCloudContentwarehouseV1Rule: + description: Represents the rule for a content warehouse trigger. type: object + id: GoogleCloudContentwarehouseV1Rule properties: - green: - format: float - description: The amount of green in the color as a value in the interval [0, 1]. - type: number - red: - format: float - type: number - description: The amount of red in the color as a value in the interval [0, 1]. - alpha: - format: float + ruleId: + type: string description: >- - The fraction of this color that should be applied to the pixel. That - is, the final pixel color is defined by the equation: `pixel color = - alpha * (this color) + (1.0 - alpha) * (background color)` This - means that a value of 1.0 corresponds to a solid color, whereas a - value of 0.0 corresponds to a completely transparent color. This - uses a wrapper message rather than a simple float scalar so that it - is possible to distinguish between a default value and the value - being unset. If omitted, this color object is rendered as a solid - color (as if the alpha value had been explicitly given a value of - 1.0). - type: number - blue: - format: float - type: number - description: The amount of blue in the color as a value in the interval [0, 1]. - description: >- - Represents a color in the RGBA color space. This representation is - designed for simplicity of conversion to and from color representations - in various languages over compactness. For example, the fields of this - representation can be trivially provided to the constructor of - `java.awt.Color` in Java; it can also be trivially provided to UIColor's - `+colorWithRed:green:blue:alpha` method in iOS; and, with just a little - work, it can be easily formatted into a CSS `rgba()` string in - JavaScript. This reference page doesn't have information about the - absolute color space that should be used to interpret the RGB value—for - example, sRGB, Adobe RGB, DCI-P3, and BT.2020. By default, applications - should assume the sRGB color space. When color equality needs to be - decided, implementations, unless documented otherwise, treat two colors - as equal if all their red, green, blue, and alpha values each differ by - at most `1e-5`. Example (Java): import com.google.type.Color; // ... - public static java.awt.Color fromProto(Color protocolor) { float alpha = - protocolor.hasAlpha() ? protocolor.getAlpha().getValue() : 1.0; return - new java.awt.Color( protocolor.getRed(), protocolor.getGreen(), - protocolor.getBlue(), alpha); } public static Color - toProto(java.awt.Color color) { float red = (float) color.getRed(); - float green = (float) color.getGreen(); float blue = (float) - color.getBlue(); float denominator = 255.0; Color.Builder resultBuilder - = Color .newBuilder() .setRed(red / denominator) .setGreen(green / - denominator) .setBlue(blue / denominator); int alpha = color.getAlpha(); - if (alpha != 255) { result.setAlpha( FloatValue .newBuilder() - .setValue(((float) alpha) / denominator) .build()); } return - resultBuilder.build(); } // ... Example (iOS / Obj-C): // ... static - UIColor* fromProto(Color* protocolor) { float red = [protocolor red]; - float green = [protocolor green]; float blue = [protocolor blue]; - FloatValue* alpha_wrapper = [protocolor alpha]; float alpha = 1.0; if - (alpha_wrapper != nil) { alpha = [alpha_wrapper value]; } return - [UIColor colorWithRed:red green:green blue:blue alpha:alpha]; } static - Color* toProto(UIColor* color) { CGFloat red, green, blue, alpha; if - (![color getRed:&red green:&green blue:&blue alpha:&alpha]) { return - nil; } Color* result = [[Color alloc] init]; [result setRed:red]; - [result setGreen:green]; [result setBlue:blue]; if (alpha <= 0.9999) { - [result setAlpha:floatWrapperWithValue(alpha)]; } [result autorelease]; - return result; } // ... Example (JavaScript): // ... var protoToCssColor - = function(rgb_color) { var redFrac = rgb_color.red || 0.0; var - greenFrac = rgb_color.green || 0.0; var blueFrac = rgb_color.blue || - 0.0; var red = Math.floor(redFrac * 255); var green = - Math.floor(greenFrac * 255); var blue = Math.floor(blueFrac * 255); if - (!('alpha' in rgb_color)) { return rgbToCssColor(red, green, blue); } - var alphaFrac = rgb_color.alpha.value || 0.0; var rgbParams = [red, - green, blue].join(','); return ['rgba(', rgbParams, ',', alphaFrac, - ')'].join(''); }; var rgbToCssColor = function(red, green, blue) { var - rgbNumber = new Number((red << 16) | (green << 8) | blue); var hexString - = rgbNumber.toString(16); var missingZeros = 6 - hexString.length; var - resultBuilder = ['#']; for (var i = 0; i < missingZeros; i++) { - resultBuilder.push('0'); } resultBuilder.push(hexString); return - resultBuilder.join(''); }; // ... - GoogleCloudContentwarehouseV1DeleteDocumentLinkRequest: - description: Request message for DocumentLinkService.DeleteDocumentLink. - properties: - requestMetadata: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' + ID of the rule. It has to be unique across all the examples. This is + managed internally. + condition: + type: string description: >- - The meta information collected about the document creator, used to - enforce access control for the service. - id: GoogleCloudContentwarehouseV1DeleteDocumentLinkRequest + Represents the conditional expression to be evaluated. Expression + should evaluate to a boolean result. When the condition is true + actions are executed. Example: user_role = "hsbc_role_1" AND + doc.salary > 20000 + triggerType: + enum: + - UNKNOWN + - ON_CREATE + - ON_UPDATE + - ON_CREATE_LINK + - ON_DELETE_LINK + type: string + description: Identifies the trigger type for running the policy. + enumDescriptions: + - Trigger for unknown action. + - Trigger for create document action. + - Trigger for update document action. + - Trigger for create link action. + - Trigger for delete link action. + description: + description: Short description of the rule and its context. + type: string + actions: + description: List of actions that are executed when the rule is satisfied. + type: array + items: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Action' + GoogleCloudContentwarehouseV1DateTimeTypeOptions: + properties: {} + id: GoogleCloudContentwarehouseV1DateTimeTypeOptions type: object - GoogleTypeDateTime: - description: >- - Represents civil time (or occasionally physical time). This type can - represent a civil time in one of a few possible ways: * When utc_offset - is set and time_zone is unset: a civil time on a calendar day with a - particular offset from UTC. * When time_zone is set and utc_offset is - unset: a civil time on a calendar day in a particular time zone. * When - neither time_zone nor utc_offset is set: a civil time on a calendar day - in local time. The date is relative to the Proleptic Gregorian Calendar. - If year, month, or day are 0, the DateTime is considered not to have a - specific year, month, or day respectively. This type may also be used to - represent a physical time if all the date and time fields are set and - either case of the `time_offset` oneof is set. Consider using - `Timestamp` message for physical time instead. If your use case also - would like to store the user's timezone, that can be done in another - field. This type is more flexible than some applications may want. Make - sure to document and validate your application's limitations. + description: Configurations for a date time property. + GoogleCloudContentwarehouseV1IntegerTypeOptions: + description: Configurations for an integer property. + id: GoogleCloudContentwarehouseV1IntegerTypeOptions type: object - id: GoogleTypeDateTime + properties: {} + GoogleCloudContentwarehouseV1RunPipelineMetadataGcsIngestPipelineMetadata: properties: - utcOffset: - description: >- - UTC offset. Must be whole seconds, between -18 hours and +18 hours. - For example, a UTC offset of -4:00 would be represented as { - seconds: -14400 }. + inputPath: + description: 'The input Cloud Storage folder in this pipeline. Format: `gs:///`.' type: string - format: google-duration - month: - description: >- - Optional. Month of year. Must be from 1 to 12, or 0 if specifying a - datetime without a month. - type: integer - format: int32 - timeZone: - description: Time zone. - $ref: '#/components/schemas/GoogleTypeTimeZone' - minutes: - format: int32 - type: integer - description: >- - Optional. Minutes of hour of day. Must be from 0 to 59, defaults to - 0. - day: - type: integer - format: int32 + description: The metadata message for GcsIngest pipeline. + type: object + id: >- + GoogleCloudContentwarehouseV1RunPipelineMetadataGcsIngestPipelineMetadata + GoogleCloudContentwarehouseV1ListDocumentSchemasResponse: + properties: + documentSchemas: + type: array + description: The document schemas from the specified parent. + items: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentSchema' + nextPageToken: description: >- - Optional. Day of month. Must be from 1 to 31 and valid for the year - and month, or 0 if specifying a datetime without a day. - year: + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + description: Response message for DocumentSchemaService.ListDocumentSchemas. + id: GoogleCloudContentwarehouseV1ListDocumentSchemasResponse + type: object + GoogleCloudDocumentaiV1DocumentPageDetectedLanguage: + type: object + description: Detected language for a structural component. + properties: + languageCode: description: >- - Optional. Year of date. Must be from 1 to 9999, or 0 if specifying a - datetime without a year. - format: int32 - type: integer - hours: - format: int32 - description: >- - Optional. Hours of day in 24 hour format. Should be from 0 to 23, - defaults to 0 (midnight). An API may choose to allow the value - "24:00:00" for scenarios like business closing time. - type: integer - nanos: - format: int32 - type: integer - description: >- - Optional. Fractions of seconds in nanoseconds. Must be from 0 to - 999,999,999, defaults to 0. - seconds: - description: >- - Optional. Seconds of minutes of the time. Must normally be from 0 to - 59, defaults to 0. An API may allow the value 60 if it allows - leap-seconds. - type: integer - format: int32 - GoogleApiServiceconsumermanagementV1PolicyBinding: - id: GoogleApiServiceconsumermanagementV1PolicyBinding - description: Translates to IAM Policy bindings (without auditing at this level) - properties: - role: + The [BCP-47 language + code](https://www.unicode.org/reports/tr35/#Unicode_locale_identifier), + such as `en-US` or `sr-Latn`. type: string - description: >- - Role. (https://cloud.google.com/iam/docs/understanding-roles) For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. - members: - description: >- - Uses the same format as in IAM policy. `member` must include both a - prefix and ID. For example, `user:{emailId}`, - `serviceAccount:{emailId}`, `group:{emailId}`. - items: - type: string - type: array - type: object - GoogleCloudContentwarehouseV1IntegerTypeOptions: - id: GoogleCloudContentwarehouseV1IntegerTypeOptions - type: object - description: Configurations for an integer property. - properties: {} - GoogleCloudDocumentaiV1DocumentPageLine: - id: GoogleCloudDocumentaiV1DocumentPageLine - description: >- - A collection of tokens that a human would perceive as a line. Does not - cross column boundaries, can be horizontal, vertical, etc. - type: object + confidence: + description: Confidence of detected language. Range `[0, 1]`. + format: float + type: number + id: GoogleCloudDocumentaiV1DocumentPageDetectedLanguage + GoogleCloudDocumentaiV1DocumentPageToken: properties: + layout: + description: Layout for Token. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' provenance: deprecated: true $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentProvenance' description: The history of this annotation. + styleInfo: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentPageTokenStyleInfo + description: Text style attributes. + detectedBreak: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentPageTokenDetectedBreak + description: Detected break at the end of a Token. detectedLanguages: - description: A list of detected languages together with confidence. items: $ref: >- #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedLanguage type: array - layout: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' - description: Layout for Line. - GoogleCloudContentwarehouseV1Value: + description: A list of detected languages together with confidence. + type: object + description: A detected token. + id: GoogleCloudDocumentaiV1DocumentPageToken + GoogleCloudContentwarehouseV1QAResultHighlight: type: object - description: >- - `Value` represents a dynamically typed value which can be either be a - float, a integer, a string, or a datetime value. A producer of value is - expected to set one of these variants. Absence of any variant indicates - an error. properties: - floatValue: - description: Represents a float value. - format: float - type: number - datetimeValue: - description: Represents a datetime value. - $ref: '#/components/schemas/GoogleTypeDateTime' - stringValue: - description: Represents a string value. - type: string - enumValue: - description: Represents an enum value. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1EnumValue' - timestampValue: - description: Represents a timestamp value. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1TimestampValue' - intValue: + endIndex: type: integer format: int32 - description: Represents a integer value. - booleanValue: - type: boolean - description: Represents a boolean value. - id: GoogleCloudContentwarehouseV1Value - GoogleCloudDocumentaiV1DocumentPageDetectedLanguage: - description: Detected language for a structural component. - properties: - languageCode: - type: string - description: >- - The [BCP-47 language - code](https://www.unicode.org/reports/tr35/#Unicode_locale_identifier), - such as `en-US` or `sr-Latn`. - confidence: - format: float - type: number - description: Confidence of detected language. Range `[0, 1]`. - type: object - id: GoogleCloudDocumentaiV1DocumentPageDetectedLanguage - GoogleCloudContentwarehouseV1RemoveFromFolderAction: - id: GoogleCloudContentwarehouseV1RemoveFromFolderAction + description: End index of the highlight, exclusive. + startIndex: + format: int32 + description: Start index of the highlight. + type: integer + id: GoogleCloudContentwarehouseV1QAResultHighlight description: >- - Represents the action responsible for remove a document from a specific - folder. + A text span in the search text snippet that represents a highlighted + section (answer context, highly relevant sentence, etc.). + GoogleCloudDocumentaiV1DocumentTextChange: + description: This message is used for text changes aka. OCR corrections. type: object properties: - folder: + provenance: + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentProvenance' + type: array + description: The history of this annotation. + deprecated: true + textAnchor: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentTextAnchor' description: >- - Name of the folder under which new document is to be added. Format: - projects/{project_number}/locations/{location}/documents/{document_id}. - type: string - condition: - description: Condition of the action to be executed. + Provenance of the correction. Text anchor indexing into the + Document.text. There can only be a single `TextAnchor.text_segments` + element. If the start and end index of the text segment are the + same, the text change is inserted before that index. + changedText: type: string - CloudAiPlatformTenantresourceInfraSpannerConfig: + description: The text that replaces the text identified in the `text_anchor`. + id: GoogleCloudDocumentaiV1DocumentTextChange + CloudAiPlatformTenantresourceCloudSqlInstanceConfig: + description: >- + The identity to configure a CloudSQL instance provisioned via SLM + Terraform. + id: CloudAiPlatformTenantresourceCloudSqlInstanceConfig properties: - spannerBorgServiceAccount: + slmInstanceName: + description: Output only. The SLM instance's full resource name. type: string - description: >- - Input [Optional]. The spanner borg service account for delegating - the kms key to. For example, - spanner-infra-cmek-nonprod@system.gserviceaccount.com, for the - nonprod universe. - createDatabaseOptions: - description: >- - Input [Optional]. The options to create a spanner database. Note: - give the right options to ensure the right KMS key access audit - logging and AxT logging in expected logging category. - $ref: >- - #/components/schemas/CloudAiPlatformTenantresourceInfraSpannerConfigCreateDatabaseOptions - spannerUniverse: + cloudSqlInstanceConnectionName: type: string - description: >- - Input [Required]. Every database in Spanner can be identified by the - following path name: /span//: + description: Output only. The CloudSQL instance connection name. + mdbRolesForCorpAccess: + description: Input [Optional]. MDB roles for corp access to CloudSQL instance. + type: array + items: + type: string kmsKeyReference: description: >- Input [Optional]. The KMS key name or the KMS grant name used for - CMEK encryption. Only set this field when provisioning new Infra - Spanner databases. For existing Infra Spanner databases, this field - will be ignored because CMEK re-encryption is not supported. For - example, projects//locations//keyRings//cryptoKeys/ + CMEK encryption. Only set this field when provisioning new CloudSQL + instances. For existing CloudSQL instances, this field will be + ignored because CMEK re-encryption is not supported. type: string - spannerLocalNamePrefix: + slmInstanceTemplate: + description: Input [Required]. The SLM instance template to provision CloudSQL. type: string - sdlBundlePath: - description: Input [Required]. The file path to the spanner SDL bundle. + slmInstanceType: + description: Input [Required]. The SLM instance type to provision CloudSQL. type: string - spannerNamespace: + cloudSqlInstanceName: type: string - description: 'The configuration for a spanner database provisioning. Next ID: 8' - id: CloudAiPlatformTenantresourceInfraSpannerConfig - type: object - GoogleTypePostalAddress: + description: >- + Input/Output [Optional]. The CloudSQL instance name within SLM + instance. If not set, a random UUIC will be generated as instance + name. type: object + GoogleCloudDocumentaiV1DocumentShardInfo: description: >- - Represents a postal address. For example for postal delivery or payments - addresses. Given a postal address, a postal service can deliver items to - a premise, P.O. Box or similar. It is not intended to model geographical - locations (roads, towns, mountains). In typical usage an address would - be created by user input or from importing existing data, depending on - the type of process. Advice on address input / editing: - Use an - internationalization-ready address widget such as - https://github.com/google/libaddressinput) - Users should not be - presented with UI elements for input or editing of fields outside - countries where that field is used. For more guidance on how to use this - schema, see: https://support.google.com/business/answer/6397478 - id: GoogleTypePostalAddress + For a large document, sharding may be performed to produce several + document shards. Each document shard contains this field to detail which + shard it is. + id: GoogleCloudDocumentaiV1DocumentShardInfo + type: object properties: - postalCode: - description: >- - Optional. Postal code of the address. Not all countries use or - require postal codes to be present, but where they are used, they - may trigger additional validation with other parts of the address - (For example state/zip validation in the U.S.A.). + shardIndex: type: string - addressLines: - type: array + description: The 0-based index of this shard. + format: int64 + shardCount: + format: int64 + type: string + description: Total number of shards. + textOffset: + type: string + format: int64 description: >- - Unstructured address lines describing the lower levels of an - address. Because values in address_lines do not have type - information and may sometimes contain multiple values in a single - field (For example "Austin, TX"), it is important that the line - order is clear. The order of address lines should be "envelope - order" for the country/region of the address. In places where this - can vary (For example Japan), address_language is used to make it - explicit (For example "ja" for large-to-small ordering and "ja-Latn" - or "en" for small-to-large). This way, the most specific line of an - address can be selected based on the language. The minimum permitted - structural representation of an address consists of a region_code - with all remaining information placed in the address_lines. It would - be possible to format such an address very approximately without - geocoding, but no semantic reasoning could be made about any of the - address components until it was at least partially resolved. - Creating an address only containing a region_code and address_lines, - and then geocoding is the recommended way to handle completely - unstructured addresses (as opposed to guessing which parts of the - address should be localities or administrative areas). - items: - type: string - revision: - format: int32 - description: >- - The schema revision of the `PostalAddress`. This must be set to 0, - which is the latest revision. All new revisions **must** be backward - compatible with old revisions. - type: integer - sortingCode: - type: string - description: >- - Optional. Additional, country-specific, sorting code. This is not - used in most regions. Where it is used, the value is either a string - like "CEDEX", optionally followed by a number (For example "CEDEX - 7"), or just a number alone, representing the "sector code" - (Jamaica), "delivery area indicator" (Malawi) or "post office - indicator" (For example Côte d'Ivoire). - organization: - description: Optional. The name of the organization at the address. - type: string - locality: - type: string - description: >- - Optional. Generally refers to the city/town portion of the address. - Examples: US city, IT comune, UK post town. In regions of the world - where localities are not well defined or do not fit into this - structure well, leave locality empty and use address_lines. - administrativeArea: - type: string - description: >- - Optional. Highest administrative subdivision which is used for - postal addresses of a country or region. For example, this can be a - state, a province, an oblast, or a prefecture. Specifically, for - Spain this is the province and not the autonomous community (For - example "Barcelona" and not "Catalonia"). Many countries don't use - an administrative area in postal addresses. For example in - Switzerland this should be left unpopulated. - regionCode: - type: string - description: >- - Required. CLDR region code of the country/region of the address. - This is never inferred and it is up to the user to ensure the value - is correct. See https://cldr.unicode.org/ and - https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html - for details. Example: "CH" for Switzerland. - sublocality: - type: string - description: >- - Optional. Sublocality of the address. For example, this can be - neighborhoods, boroughs, districts. - languageCode: - description: >- - Optional. BCP-47 language code of the contents of this address (if - known). This is often the UI language of the input form or is - expected to match one of the languages used in the address' - country/region, or their transliterated equivalents. This can affect - formatting in certain countries, but is not critical to the - correctness of the data and will never affect any validation or - other non-formatting related operations. If this value is not known, - it should be omitted (rather than specifying a possibly incorrect - default). Examples: "zh-Hant", "ja", "ja-Latn", "en". - type: string - recipients: - description: >- - Optional. The recipient at the address. This field may, under - certain circumstances, contain multiline information. For example, - it might contain "care of" information. - type: array - items: - type: string - GoogleCloudContentwarehouseV1SearchDocumentsRequest: + The index of the first character in Document.text in the overall + document global text. + GoogleCloudContentwarehouseV1FetchAclRequest: + description: Request message for DocumentService.FetchAcl + id: GoogleCloudContentwarehouseV1FetchAclRequest + type: object properties: - offset: - type: integer - description: >- - An integer that specifies the current offset (that is, starting - result location, amongst the documents deemed by the API as - relevant) in search results. This field is only considered if - page_token is unset. The maximum allowed value is 5000. Otherwise an - error is thrown. For example, 0 means to return results starting - from the first matching document, and 10 means to return from the - 11th document. This can be used for pagination, (for example, - pageSize = 10 and offset = 10 means to return from the second page). - format: int32 requestMetadata: description: >- The meta information collected about the end user, used to enforce - access control and improve the search quality of the service. + access control for the service. $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' - documentQuery: - description: Query used to search against documents (keyword, filters, etc.). - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentQuery' - totalResultSize: - type: string - enum: - - TOTAL_RESULT_SIZE_UNSPECIFIED - - ESTIMATED_SIZE - - ACTUAL_SIZE - enumDescriptions: - - Total number calculation will be skipped. - - >- - Estimate total number. The total result size will be accurated up - to 10,000. This option will add cost and latency to your request. - - It may adversely impact performance. The limit is 1000,000. - description: >- - Controls if the search document request requires the return of a - total size of matched documents. See - SearchDocumentsResponse.total_size. - pageToken: - type: string - description: >- - The token specifying the current offset within search results. See - SearchDocumentsResponse.next_page_token for an explanation of how to - obtain the next set of query results. - requireTotalSize: + projectOwner: description: >- - Controls if the search document request requires the return of a - total size of matched documents. See - SearchDocumentsResponse.total_size. Enabling this flag may adversely - impact performance. Hint: If this is used with pagination, set this - flag on the initial query but set this to false on subsequent page - calls (keep the total count locally). Defaults to false. + For Get Project ACL only. Authorization check for end user will be + ignored when project_owner=true. type: boolean - orderBy: - description: >- - The criteria determining how search results are sorted. For - non-empty query, default is `"relevance desc"`. For empty query, - default is `"upload_date desc"`. Supported options are: * - `"relevance desc"`: By relevance descending, as determined by the - API algorithms. * `"upload_date desc"`: By upload date descending. * - `"upload_date"`: By upload date ascending. * `"update_date desc"`: - By last updated date descending. * `"update_date"`: By last updated - date ascending. * `"retrieval_importance desc"`: By retrieval - importance of properties descending. This feature is still under - development, please do not use unless otherwise instructed to do so. + GoogleCloudDocumentaiV1DocumentPageDimension: + id: GoogleCloudDocumentaiV1DocumentPageDimension + type: object + description: Dimension for the page. + properties: + width: + type: number + description: Page width. + format: float + height: + type: number + format: float + description: Page height. + unit: type: string - pageSize: + description: Dimension unit. + GoogleCloudDocumentaiV1DocumentProvenanceParent: + id: GoogleCloudDocumentaiV1DocumentProvenanceParent + description: >- + The parent element the current element is based on. Used for + referencing/aligning, removal and replacement operations. + properties: + revision: format: int32 type: integer + description: The index of the index into current revision's parent_ids list. + index: description: >- - A limit on the number of documents returned in the search results. - Increasing this value above the default value of 10 can increase - search response time. The value can be between 1 and 100. - histogramQueries: - description: >- - An expression specifying a histogram request against matching - documents. Expression syntax is an aggregation function call with - histogram facets and other options. The following aggregation - functions are supported: * `count(string_histogram_facet)`: Count - the number of matching entities for each distinct attribute value. - Data types: * Histogram facet (aka filterable properties): Facet - names with format .. Facets will have the format - of: `a-zA-Z`. If the facet is a child facet, then the parent - hierarchy needs to be specified separated by dots in the prefix - after the schema id. Thus, the format for a multi- level facet is: - .. . Example: - schema123.root_parent_facet.middle_facet.child_facet * - DocumentSchemaId: (with no schema id prefix) to get histograms for - each document type (returns the schema id path, e.g. - projects/12345/locations/us-west/documentSchemas/abc123). Example - expression: * Document type counts: count('DocumentSchemaId') * For - schema id, abc123, get the counts for MORTGAGE_TYPE: - count('abc123.MORTGAGE_TYPE') - type: array - items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1HistogramQuery' - qaSizeLimit: - description: >- - Experimental, do not use. The limit on the number of documents - returned for the question-answering feature. To enable the - question-answering feature, set [DocumentQuery].is_nl_query to true. + The index of the parent item in the corresponding item list (eg. + list of entities, properties within entities, etc.) in the parent + revision. + format: int32 type: integer + id: + deprecated: true format: int32 + type: integer + description: The id of the parent provenance. type: object - id: GoogleCloudContentwarehouseV1SearchDocumentsRequest - description: Request message for DocumentService.SearchDocuments. - GoogleCloudDocumentaiV1DocumentPageAnchorPageRef: + GoogleCloudContentwarehouseV1beta1InitializeProjectResponse: + id: GoogleCloudContentwarehouseV1beta1InitializeProjectResponse properties: - boundingPoly: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1BoundingPoly' - description: >- - Optional. Identifies the bounding polygon of a layout element on the - page. If `layout_type` is set, the bounding polygon must be exactly - the same to the layout element it's referring to. - page: - type: string - description: >- - Required. Index into the Document.pages element, for example using - `Document.pages` to locate the related page element. This field is - skipped when its value is the default `0`. See - https://developers.google.com/protocol-buffers/docs/proto3#json. - format: int64 - layoutType: - description: >- - Optional. The type of the layout element that is being referenced if - any. + state: + description: The state of the project initialization process. type: string enumDescriptions: - - Layout Unspecified. - - References a Page.blocks element. - - References a Page.paragraphs element. - - References a Page.lines element. - - References a Page.tokens element. - - References a Page.visual_elements element. - - Refrrences a Page.tables element. - - References a Page.form_fields element. + - Clients should never see this. + - Finished project initialization without error. + - Finished project initialization with an error. + - Client canceled the LRO. + - Ask the customer to check the operation for results. enum: - - LAYOUT_TYPE_UNSPECIFIED - - BLOCK - - PARAGRAPH - - LINE - - TOKEN - - VISUAL_ELEMENT - - TABLE - - FORM_FIELD - layoutId: + - STATE_UNSPECIFIED + - SUCCEEDED + - FAILED + - CANCELLED + - RUNNING + message: + description: The message of the project initialization process. type: string + type: object + description: Response message for projectService.InitializeProject + GoogleCloudDocumentaiV1DocumentPage: + description: A page in a Document. + properties: + blocks: + type: array + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageBlock' + description: >- + A list of visually detected text blocks on the page. A block has a + set of lines (collected into paragraphs) that have a common + line-spacing and orientation. + formFields: + type: array + description: A list of visually detected form fields on the page. + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageFormField' + symbols: + type: array + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageSymbol' + description: A list of visually detected symbols on the page. + detectedBarcodes: + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedBarcode + description: A list of detected barcodes. + type: array + layout: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' + description: Layout for the page. + tokens: + type: array + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageToken' + description: A list of visually detected tokens on the page. + tables: + type: array + description: A list of visually detected tables on the page. + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageTable' + paragraphs: + description: >- + A list of visually detected text paragraphs on the page. A + collection of lines that a human would perceive as a paragraph. + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageParagraph' + type: array + visualElements: + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentPageVisualElement + type: array + description: >- + A list of detected non-text visual elements e.g. checkbox, signature + etc. on the page. + dimension: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageDimension' + description: Physical dimension of the page. + detectedLanguages: + description: A list of detected languages together with confidence. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedLanguage + lines: + type: array + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLine' + description: >- + A list of visually detected text lines on the page. A collection of + tokens that a human would perceive as a line. + imageQualityScores: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentPageImageQualityScores + description: Image quality scores. + provenance: + description: The history of this page. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentProvenance' deprecated: true - description: Optional. Deprecated. Use PageRef.bounding_poly instead. - confidence: - format: float + pageNumber: + type: integer + format: int32 description: >- - Optional. Confidence of detected page element, if applicable. Range - `[0, 1]`. - type: number - description: Represents a weak reference to a page element within a document. - id: GoogleCloudDocumentaiV1DocumentPageAnchorPageRef - type: object - GoogleCloudContentwarehouseV1LockDocumentRequest: - id: GoogleCloudContentwarehouseV1LockDocumentRequest + 1-based index for current Page in a parent Document. Useful when a + page is taken out of a Document for individual processing. + transforms: + type: array + description: >- + Transformation matrices that were applied to the original document + image to produce Page.image. + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageMatrix' + image: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageImage' + description: >- + Rendered image for this page. This image is preprocessed to remove + any skew, rotation, and distortions such that the annotation + bounding boxes can be upright and axis-aligned. + id: GoogleCloudDocumentaiV1DocumentPage type: object - description: Request message for DocumentService.LockDocument. + GoogleCloudContentwarehouseV1ProcessorInfo: properties: - collectionId: - description: The collection the document connects to. + schemaName: type: string - lockingUser: - description: The user information who locks the document. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1UserInfo' - GoogleCloudDocumentaiV1DocumentTextAnchorTextSegment: - properties: - endIndex: + description: >- + The Document schema resource name. All documents processed by this + processor will use this schema. Format: + projects/{project_number}/locations/{location}/documentSchemas/{document_schema_id}. + processorName: + description: >- + The processor resource name. Format is + `projects/{project}/locations/{location}/processors/{processor}`, or + `projects/{project}/locations/{location}/processors/{processor}/processorVersions/{processorVersion}` type: string - description: TextSegment half open end UTF-8 char index in the Document.text. - format: int64 - startIndex: - description: TextSegment start UTF-8 char index in the Document.text. + documentType: type: string - format: int64 + description: The processor will process the documents with this document type. + id: GoogleCloudContentwarehouseV1ProcessorInfo type: object - description: >- - A text segment in the Document.text. The indices may be out of bounds - which indicate that the text extends into another document shard for - large sharded documents. See ShardInfo.text_offset - id: GoogleCloudDocumentaiV1DocumentTextAnchorTextSegment - GoogleCloudContentwarehouseV1Property: + description: The DocAI processor information. + GoogleCloudContentwarehouseV1RuleActionsPair: + id: GoogleCloudContentwarehouseV1RuleActionsPair type: object + description: Represents a rule and outputs of associated actions. properties: - textValues: - description: String/text property values. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1TextArray' - mapProperty: - description: Map property values. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1MapProperty' - timestampValues: - description: >- - Timestamp property values. It is not supported by CMEK compliant - deployment. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1TimestampArray' - floatValues: - description: Float property values. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1FloatArray' - dateTimeValues: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DateTimeArray' - description: >- - Date time property values. It is not supported by CMEK compliant - deployment. - propertyValues: - description: Nested structured data property values. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1PropertyArray' + rule: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Rule' + description: Represents the rule. + actionOutputs: + items: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ActionOutput' + description: Outputs of executing the actions associated with the above rule. + type: array + GoogleCloudContentwarehouseV1PropertyDefinitionSchemaSource: + type: object + description: The schema source information. + properties: + processorType: + description: The Doc AI processor type name. + type: string name: - description: >- - Required. Must match the name of a PropertyDefinition in the - DocumentSchema. + description: The schema name in the source. type: string - integerValues: - description: Integer property values. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1IntegerArray' - enumValues: - description: Enum property values. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1EnumArray' - id: GoogleCloudContentwarehouseV1Property - description: Property of a document. - GoogleCloudContentwarehouseV1UpdateDocumentMetadata: - id: GoogleCloudContentwarehouseV1UpdateDocumentMetadata - type: object + id: GoogleCloudContentwarehouseV1PropertyDefinitionSchemaSource + GoogleCloudContentwarehouseV1beta1CreateDocumentMetadata: + description: Metadata object for CreateDocument request (currently empty). properties: {} - description: Metadata object for UpdateDocument request (currently empty). - GoogleCloudContentwarehouseV1SearchDocumentsResponseMatchingDocument: - id: GoogleCloudContentwarehouseV1SearchDocumentsResponseMatchingDocument + type: object + id: GoogleCloudContentwarehouseV1beta1CreateDocumentMetadata + GoogleCloudContentwarehouseV1HistogramQuery: + id: GoogleCloudContentwarehouseV1HistogramQuery + type: object + description: The histogram request. properties: - qaResult: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1QAResult' + histogramQuery: description: >- - Experimental. Additional result info if the question-answering - feature is enabled. - searchTextSnippet: + An expression specifies a histogram request against matching + documents for searches. See SearchDocumentsRequest.histogram_queries + for details about syntax. type: string + filters: description: >- - Contains snippets of text from the document full raw text that most - closely match a search query's keywords, if available. All HTML tags - in the original fields are stripped when returned in this field, and - matching query keywords are enclosed in HTML bold tags. If the - question-answering feature is enabled, this field will instead - contain a snippet that answers the user's natural-language query. No - HTML bold tags will be present, and highlights in the answer snippet - can be found in QAResult.highlights. - document: - description: >- - Document that matches the specified SearchDocumentsRequest. This - document only contains indexed metadata information. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Document' - matchedTokenPageIndices: + Optional. Filter the result of histogram query by the property + names. It only works with histogram query + count('FilterableProperties'). It is an optional. It will perform + histogram on all the property names for all the document schemas. + Setting this field will have a better performance. + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1HistogramQueryPropertyNameFilter + requirePreciseResultSize: description: >- - Return the 1-based page indices where those pages have one or more - matched tokens. - type: array - items: - type: string - format: int64 - description: Document entry with metadata inside SearchDocumentsResponse - type: object - GoogleCloudContentwarehouseV1UserInfo: - description: The user information. + Controls if the histogram query requires the return of a precise + count. Enable this flag may adversely impact performance. Defaults + to true. + type: boolean + GoogleCloudDocumentaiV1DocumentRevisionHumanReview: type: object + id: GoogleCloudDocumentaiV1DocumentRevisionHumanReview properties: - id: - description: >- - A unique user identification string, as determined by the client. - The maximum number of allowed characters is 255. Allowed characters - include numbers 0 to 9, uppercase and lowercase letters, and - restricted special symbols (:, @, +, -, _, ~) The format is - "user:xxxx@example.com"; + stateMessage: type: string - groupIds: - type: array description: >- - The unique group identifications which the user is belong to. The - format is "group:yyyy@example.com"; - items: - type: string - id: GoogleCloudContentwarehouseV1UserInfo - GoogleCloudContentwarehouseV1PropertyDefinition: + A message providing more details about the current state of + processing. For example, the rejection reason when the state is + `rejected`. + state: + description: Human review state. e.g. `requested`, `succeeded`, `rejected`. + type: string + description: Human Review information of the document. + GoogleCloudContentwarehouseV1HistogramQueryResult: + id: GoogleCloudContentwarehouseV1HistogramQueryResult properties: - mapTypeOptions: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1MapTypeOptions' - description: Map property. - propertyTypeOptions: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1PropertyTypeOptions - description: Nested structured data property. - isRepeatable: - type: boolean - description: Whether the property can have multiple values. - isRequired: - type: boolean + histogram: + type: object description: >- - Whether the property is mandatory. Default is 'false', i.e. - populating property value can be skipped. If 'true' then user must - populate the value for this property. - integerTypeOptions: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1IntegerTypeOptions' - description: Integer property. - name: + A map from the values of the facet associated with distinct values + to the number of matching entries with corresponding value. The key + format is: * (for string histogram) string values stored in the + field. + additionalProperties: + type: string + format: int64 + histogramQuery: type: string - description: >- - Required. The name of the metadata property. Must be unique within a - document schema and is case insensitive. Names must be non-blank, - start with a letter, and can contain alphanumeric characters and: /, - :, -, _, and . - isSearchable: - description: Indicates that the property should be included in a global search. - type: boolean - isMetadata: - description: >- - Whether the property is user supplied metadata. This out-of-the box - placeholder setting can be used to tag derived properties. Its value - and interpretation logic should be implemented by API user. - type: boolean - schemaSources: + description: Requested histogram expression. + type: object + description: Histogram result that matches HistogramQuery specified in searches. + GoogleCloudContentwarehouseV1EnumTypeOptions: + id: GoogleCloudContentwarehouseV1EnumTypeOptions + properties: + possibleValues: type: array - description: >- - The mapping information between this property to another schema - source. + description: Required. List of possible enum values. items: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1PropertyDefinitionSchemaSource - textTypeOptions: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1TextTypeOptions' - description: Text/string property. - timestampTypeOptions: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1TimestampTypeOptions - description: >- - Timestamp property. It is not supported by CMEK compliant - deployment. - retrievalImportance: - enum: - - RETRIEVAL_IMPORTANCE_UNSPECIFIED - - HIGHEST - - HIGHER - - HIGH - - MEDIUM - - LOW - - LOWEST - type: string - description: The retrieval importance of the property during search. - enumDescriptions: - - No importance specified. Default medium importance. - - Highest importance. - - Higher importance. - - High importance. - - Medium importance. - - Low importance (negative). - - Lowest importance (negative). - dateTimeTypeOptions: - description: >- - Date time property. It is not supported by CMEK compliant - deployment. - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1DateTimeTypeOptions - enumTypeOptions: - description: Enum/categorical property. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1EnumTypeOptions' - isFilterable: - description: >- - Whether the property can be filtered. If this is a sub-property, all - the parent properties must be marked filterable. + type: string + validationCheckDisabled: type: boolean - displayName: - type: string - description: The display-name for the property, used for front-end. - floatTypeOptions: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1FloatTypeOptions' - description: Float property. - description: Defines the metadata for a schema property. - id: GoogleCloudContentwarehouseV1PropertyDefinition - type: object - GoogleCloudContentwarehouseV1beta1CreateDocumentMetadata: - description: Metadata object for CreateDocument request (currently empty). - type: object - id: GoogleCloudContentwarehouseV1beta1CreateDocumentMetadata - properties: {} - GoogleCloudContentwarehouseV1SetAclRequest: - type: object - description: Request message for DocumentService.SetAcl. - id: GoogleCloudContentwarehouseV1SetAclRequest - properties: - requestMetadata: description: >- - The meta information collected about the end user, used to enforce - access control for the service. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' - policy: - $ref: '#/components/schemas/GoogleIamV1Policy' - description: >- - Required. REQUIRED: The complete policy to be applied to the - `resource`. The size of the policy is limited to a few 10s of KB. - This refers to an Identity and Access (IAM) policy, which specifies - access controls for the Document. You can set ACL with condition for - projects only. Supported operators are: `=`, `!=`, `<`, `<=`, `>`, - and `>=` where the left of the operator is `DocumentSchemaId` or - property name and the right of the operator is a number or a quoted - string. You must escape backslash (\\) and quote (\") characters. - Boolean expressions (AND/OR) are supported up to 3 levels of nesting - (for example, "((A AND B AND C) OR D) AND E"), a maximum of 10 - comparisons are allowed in the expression. The expression must be < - 6000 bytes in length. Sample condition: `"DocumentSchemaId = \"some - schema id\" OR SchemaId.floatPropertyName >= 10"` - projectOwner: - description: >- - For Set Project ACL only. Authorization check for end user will be - ignored when project_owner=true. - type: boolean - GoogleCloudContentwarehouseV1RunPipelineMetadataExportToCdwPipelineMetadata: + Make sure the Enum property value provided in the document is in the + possile value list during document creation. The validation check + runs by default. + description: Configurations for an enum/categorical property. type: object - description: The metadata message for Export-to-CDW pipeline. + GoogleCloudContentwarehouseV1RequestMetadata: + description: Meta information is used to improve the performance of the service. properties: - docAiDataset: - type: string - description: The output CDW dataset resource name. - documents: - description: >- - The input list of all the resource names of the documents to be - exported. - items: - type: string - type: array - outputPath: - type: string - description: The output Cloud Storage folder in this pipeline. - id: >- - GoogleCloudContentwarehouseV1RunPipelineMetadataExportToCdwPipelineMetadata - GoogleCloudDocumentaiV1DocumentDocumentLayout: + userInfo: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1UserInfo' + description: Provides user unique identification and groups information. + id: GoogleCloudContentwarehouseV1RequestMetadata + type: object + GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableRow: properties: - blocks: - description: List of blocks in the document. + cells: items: $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlock + #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableCell + description: A table row is a list of table cells. type: array - id: GoogleCloudDocumentaiV1DocumentDocumentLayout - description: >- - Represents the parsed layout of a document as a collection of blocks - that the document is divided into. + description: Represents a row in a table. + id: >- + GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableRow type: object - GoogleCloudContentwarehouseV1RuleEvaluatorOutput: - description: Represents the output of the Rule Evaluator. + GoogleCloudDocumentaiV1DocumentPageImageQualityScores: properties: - matchedRules: - description: >- - A subset of triggered rules that are evaluated true for a given - request. - items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Rule' - type: array - triggeredRules: - items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Rule' - type: array - description: >- - List of rules fetched from database for the given request trigger - type. - invalidRules: + detectedDefects: type: array items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1InvalidRule' + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentPageImageQualityScoresDetectedDefect + description: A list of detected defects. + qualityScore: + type: number description: >- - A subset of triggered rules that failed the validation check(s) - after parsing. - id: GoogleCloudContentwarehouseV1RuleEvaluatorOutput - type: object - GoogleTypeDate: - id: GoogleTypeDate + The overall quality score. Range `[0, 1]` where `1` is perfect + quality. + format: float + type: object + description: Image quality scores for the page image. + id: GoogleCloudDocumentaiV1DocumentPageImageQualityScores + GoogleCloudContentwarehouseV1Value: properties: - day: - description: >- - Day of a month. Must be from 1 to 31 and valid for the year and - month, or 0 to specify a year by itself or a year and month where - the day isn't significant. - format: int32 - type: integer - month: - format: int32 + datetimeValue: + description: Represents a datetime value. + $ref: '#/components/schemas/GoogleTypeDateTime' + enumValue: + description: Represents an enum value. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1EnumValue' + booleanValue: + description: Represents a boolean value. + type: boolean + floatValue: + type: number + description: Represents a float value. + format: float + timestampValue: + description: Represents a timestamp value. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1TimestampValue' + stringValue: + description: Represents a string value. + type: string + intValue: type: integer - description: >- - Month of a year. Must be from 1 to 12, or 0 to specify a year - without a month and day. - year: + description: Represents a integer value. format: int32 - type: integer - description: >- - Year of the date. Must be from 1 to 9999, or 0 to specify a date - without a year. + type: object description: >- - Represents a whole or partial calendar date, such as a birthday. The - time of day and time zone are either specified elsewhere or are - insignificant. The date is relative to the Gregorian Calendar. This can - represent one of the following: * A full date, with non-zero year, - month, and day values. * A month and day, with a zero year (for example, - an anniversary). * A year on its own, with a zero month and a zero day. - * A year and month, with a zero day (for example, a credit card - expiration date). Related types: * google.type.TimeOfDay * - google.type.DateTime * google.protobuf.Timestamp + `Value` represents a dynamically typed value which can be either be a + float, a integer, a string, or a datetime value. A producer of value is + expected to set one of these variants. Absence of any variant indicates + an error. + id: GoogleCloudContentwarehouseV1Value + GoogleCloudDocumentaiV1DocumentPageTableTableCell: type: object - GoogleCloudContentwarehouseV1QAResultHighlight: - id: GoogleCloudContentwarehouseV1QAResultHighlight + id: GoogleCloudDocumentaiV1DocumentPageTableTableCell + description: A cell representation inside the table. properties: - endIndex: + colSpan: type: integer format: int32 - description: End index of the highlight, exclusive. - startIndex: - format: int32 - description: Start index of the highlight. + description: How many columns this cell spans. + detectedLanguages: + type: array + description: A list of detected languages together with confidence. + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedLanguage + rowSpan: type: integer - type: object - description: >- - A text span in the search text snippet that represents a highlighted - section (answer context, highly relevant sentence, etc.). - GoogleTypeMoney: - type: object - id: GoogleTypeMoney - description: Represents an amount of money with its currency type. + format: int32 + description: How many rows this cell spans. + layout: + description: Layout for TableCell. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' + GoogleLongrunningOperation: properties: - units: - type: string + error: description: >- - The whole units of the amount. For example if `currencyCode` is - `"USD"`, then 1 unit is one US dollar. - format: int64 - currencyCode: - type: string - description: The three-letter currency code defined in ISO 4217. - nanos: - type: integer + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/GoogleRpcStatus' + metadata: + type: object description: >- - Number of nano (10^-9) units of the amount. The value must be - between -999,999,999 and +999,999,999 inclusive. If `units` is - positive, `nanos` must be positive or zero. If `units` is zero, - `nanos` can be positive, zero, or negative. If `units` is negative, - `nanos` must be negative or zero. For example $-1.75 is represented - as `units`=-1 and `nanos`=-750,000,000. - format: int32 - GoogleCloudContentwarehouseV1TimestampTypeOptions: - properties: {} - type: object - description: Configurations for a timestamp property. - id: GoogleCloudContentwarehouseV1TimestampTypeOptions - GoogleCloudContentwarehouseV1DeleteDocumentAction: - description: Represents the action responsible for deleting the document. - id: GoogleCloudContentwarehouseV1DeleteDocumentAction - type: object - properties: - enableHardDelete: + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + response: description: >- - Boolean field to select between hard vs soft delete options. Set - 'true' for 'hard delete' and 'false' for 'soft delete'. + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. type: boolean - GoogleCloudContentwarehouseV1RuleSet: - description: Represents a set of rules from a single customer. - id: GoogleCloudContentwarehouseV1RuleSet - type: object - properties: name: type: string description: >- - The resource name of the rule set. Managed internally. Format: - projects/{project_number}/locations/{location}/ruleSet/{rule_set_id}. - The name is ignored when creating a rule set. - description: - description: Short description of the rule-set. - type: string - source: - type: string - description: Source of the rules i.e., customer name. - rules: - type: array - description: List of rules given by the customer. - items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Rule' - GoogleCloudDocumentaiV1DocumentPageMatrix: + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: object - id: GoogleCloudDocumentaiV1DocumentPageMatrix description: >- - Representation for transformation matrix, intended to be compatible and - used with OpenCV format for image manipulation. + This resource represents a long-running operation that is the result of + a network API call. + id: GoogleLongrunningOperation + GoogleCloudContentwarehouseV1MergeFieldsOptions: properties: - data: - description: The matrix data. - format: byte - type: string - rows: + replaceMessageFields: + description: >- + When merging message fields, the default behavior is to merge the + content of two message fields together. If you instead want to use + the field from the source message to replace the corresponding field + in the destination message, set this flag to true. When this flag is + set, specified submessage fields that are missing in source will be + cleared in destination. + type: boolean + replaceRepeatedFields: + type: boolean + description: >- + When merging repeated fields, the default behavior is to append + entries from the source repeated field to the destination repeated + field. If you instead want to keep only the entries from the source + repeated field, set this flag to true. If you want to replace a + repeated field within a message field on the destination message, + you must set both replace_repeated_fields and replace_message_fields + to true, otherwise the repeated fields will be appended. + type: object + description: Options for merging updated fields. + id: GoogleCloudContentwarehouseV1MergeFieldsOptions + GoogleTypeDateTime: + type: object + id: GoogleTypeDateTime + properties: + nanos: format: int32 - type: integer - description: Number of rows in the matrix. - type: description: >- - This encodes information about what data type the matrix uses. For - example, 0 (CV_8U) is an unsigned 8-bit image. For the full list of - OpenCV primitive data types, please refer to - https://docs.opencv.org/4.3.0/d1/d1b/group__core__hal__interface.html + Optional. Fractions of seconds in nanoseconds. Must be from 0 to + 999,999,999, defaults to 0. + type: integer + month: type: integer + description: >- + Optional. Month of year. Must be from 1 to 12, or 0 if specifying a + datetime without a month. + format: int32 + timeZone: + $ref: '#/components/schemas/GoogleTypeTimeZone' + description: Time zone. + day: format: int32 - cols: - description: Number of columns in the matrix. type: integer + description: >- + Optional. Day of month. Must be from 1 to 31 and valid for the year + and month, or 0 if specifying a datetime without a day. + year: format: int32 - GoogleCloudDocumentaiV1DocumentPageImageQualityScores: - id: GoogleCloudDocumentaiV1DocumentPageImageQualityScores - type: object - properties: - qualityScore: - type: number - format: float description: >- - The overall quality score. Range `[0, 1]` where `1` is perfect - quality. - detectedDefects: - description: A list of detected defects. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentPageImageQualityScoresDetectedDefect - description: Image quality scores for the page image. - GoogleCloudDocumentaiV1DocumentPageTableTableRow: - type: object - id: GoogleCloudDocumentaiV1DocumentPageTableTableRow - properties: - cells: - description: Cells that make up this row. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentPageTableTableCell - description: A row of table cells. - GoogleCloudDocumentaiV1DocumentPageDimension: - description: Dimension for the page. - id: GoogleCloudDocumentaiV1DocumentPageDimension - properties: - height: - format: float - type: number - description: Page height. - unit: - description: Dimension unit. - type: string - width: - type: number - description: Page width. - format: float - type: object - GoogleCloudContentwarehouseV1UpdateDocumentRequest: - properties: - updateOptions: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1UpdateOptions' - description: Options for the update operation. - document: - description: Required. The document to update. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Document' - requestMetadata: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' + Optional. Year of date. Must be from 1 to 9999, or 0 if specifying a + datetime without a year. + type: integer + minutes: description: >- - The meta information collected about the end user, used to enforce - access control for the service. - cloudAiDocumentOption: + Optional. Minutes of hour of day. Must be from 0 to 59, defaults to + 0. + format: int32 + type: integer + seconds: + type: integer description: >- - Request Option for processing Cloud AI Document in Document - Warehouse. This field offers limited support for mapping entities - from Cloud AI Document to Warehouse Document. Please consult with - product team before using this field and other available options. - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1CloudAIDocumentOption - description: Request message for DocumentService.UpdateDocument. - type: object - id: GoogleCloudContentwarehouseV1UpdateDocumentRequest - GoogleCloudContentwarehouseV1Rule: - type: object - id: GoogleCloudContentwarehouseV1Rule - description: Represents the rule for a content warehouse trigger. - properties: - ruleId: + Optional. Seconds of minutes of the time. Must normally be from 0 to + 59, defaults to 0. An API may allow the value 60 if it allows + leap-seconds. + format: int32 + utcOffset: + format: google-duration description: >- - ID of the rule. It has to be unique across all the examples. This is - managed internally. - type: string - actions: - items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Action' - type: array - description: List of actions that are executed when the rule is satisfied. - triggerType: - enum: - - UNKNOWN - - ON_CREATE - - ON_UPDATE - - ON_CREATE_LINK - - ON_DELETE_LINK - enumDescriptions: - - Trigger for unknown action. - - Trigger for create document action. - - Trigger for update document action. - - Trigger for create link action. - - Trigger for delete link action. - description: Identifies the trigger type for running the policy. - type: string - description: + UTC offset. Must be whole seconds, between -18 hours and +18 hours. + For example, a UTC offset of -4:00 would be represented as { + seconds: -14400 }. type: string - description: Short description of the rule and its context. - condition: + hours: description: >- - Represents the conditional expression to be evaluated. Expression - should evaluate to a boolean result. When the condition is true - actions are executed. Example: user_role = "hsbc_role_1" AND - doc.salary > 20000 - type: string - GoogleCloudDocumentaiV1Document: - id: GoogleCloudDocumentaiV1Document + Optional. Hours of day in 24 hour format. Should be from 0 to 23, + defaults to 0 (midnight). An API may choose to allow the value + "24:00:00" for scenarios like business closing time. + type: integer + format: int32 description: >- - Document represents the canonical document resource in Document AI. It - is an interchange format that provides insights into documents and - allows for collaboration between users and Document AI to iterate and - optimize for quality. - type: object - properties: - entityRelations: - items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentEntityRelation' - type: array - description: Placeholder. Relationship among Document.entities. - error: - description: Any error that occurred while processing this document. - $ref: '#/components/schemas/GoogleRpcStatus' - chunkedDocument: - description: Document chunked based on chunking config. - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentChunkedDocument' - textStyles: - deprecated: true - items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentStyle' - description: Styles for the Document.text. - type: array - revisions: - type: array - description: Placeholder. Revision history of this document. - items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentRevision' - textChanges: - description: >- - Placeholder. A list of text corrections made to Document.text. This - is usually used for annotating corrections to OCR mistakes. Text - changes for a given revision may not overlap with each other. - items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentTextChange' - type: array - uri: - type: string - description: >- - Optional. Currently supports Google Cloud Storage URI of the form - `gs://bucket_name/object_name`. Object versioning is not supported. - For more information, refer to [Google Cloud Storage Request - URIs](https://cloud.google.com/storage/docs/reference-uris). - documentLayout: - description: Parsed layout of the document. - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayout' - shardInfo: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentShardInfo' - description: >- - Information about the sharding if this document is sharded part of a - larger document. If the document is not sharded, this message is not - specified. - mimeType: - type: string - description: >- - An IANA published [media type (MIME - type)](https://www.iana.org/assignments/media-types/media-types.xhtml). - content: - type: string - description: >- - Optional. Inline document content, represented as a stream of bytes. - Note: As with all `bytes` fields, protobuffers use a pure binary - representation, whereas JSON representations use base64. - format: byte - pages: - type: array - description: Visual page layout for the Document. - items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPage' - text: - description: Optional. UTF-8 encoded text in reading order from the document. - type: string - entities: - items: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentEntity' - type: array - description: >- - A list of entities detected on Document.text. For document shards, - entities in this list may cross shard boundaries. + Represents civil time (or occasionally physical time). This type can + represent a civil time in one of a few possible ways: * When utc_offset + is set and time_zone is unset: a civil time on a calendar day with a + particular offset from UTC. * When time_zone is set and utc_offset is + unset: a civil time on a calendar day in a particular time zone. * When + neither time_zone nor utc_offset is set: a civil time on a calendar day + in local time. The date is relative to the Proleptic Gregorian Calendar. + If year, month, or day are 0, the DateTime is considered not to have a + specific year, month, or day respectively. This type may also be used to + represent a physical time if all the date and time fields are set and + either case of the `time_offset` oneof is set. Consider using + `Timestamp` message for physical time instead. If your use case also + would like to store the user's timezone, that can be done in another + field. This type is more flexible than some applications may want. Make + sure to document and validate your application's limitations. GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlock: + type: object description: >- Represents a block. A block could be one of the various types (text, table, list) supported. - type: object id: GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlock properties: - pageSpan: - description: Page span of the block. - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutPageSpan + blockId: + type: string + description: ID of the block. tableBlock: $ref: >- #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableBlock description: Block consisting of table content/structure. - listBlock: - description: Block consisting of list content/structure. - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutListBlock textBlock: description: Block consisting of text content. $ref: >- #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTextBlock - blockId: - type: string - description: ID of the block. - GoogleCloudContentwarehouseV1MapTypeOptions: - type: object - description: Configurations for a Map property. - id: GoogleCloudContentwarehouseV1MapTypeOptions - properties: {} - GoogleCloudContentwarehouseV1QAResult: + listBlock: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutListBlock + description: Block consisting of list content/structure. + pageSpan: + description: Page span of the block. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutPageSpan + GoogleCloudContentwarehouseV1AccessControlAction: + description: >- + Represents the action responsible for access control list management + operations. properties: - confidenceScore: + policy: description: >- - The calibrated confidence score for this document, in the range [0., - 1.]. This represents the confidence level for whether the returned - document and snippet answers the user's query. - format: float - type: number - highlights: - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1QAResultHighlight - description: Highlighted sections in the snippet. - id: GoogleCloudContentwarehouseV1QAResult - description: Additional result info for the question-answering feature. - type: object - GoogleCloudContentwarehouseV1DocumentLink: - id: GoogleCloudContentwarehouseV1DocumentLink - properties: - targetDocumentReference: - description: Document references of the target document. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentReference' - state: - description: >- - The state of the documentlink. If target node has been deleted, the - link is marked as invalid. Removing a source node will result in - removal of all associated links. + Represents the new policy from which bindings are added, removed or + replaced based on the type of the operation. the policy is limited + to a few 10s of KB. + $ref: '#/components/schemas/GoogleIamV1Policy' + operationType: type: string + description: Identifies the type of operation. + enum: + - UNKNOWN + - ADD_POLICY_BINDING + - REMOVE_POLICY_BINDING + - REPLACE_POLICY_BINDING enumDescriptions: - - Unknown state of documentlink. - - The documentlink has both source and target documents detected. + - The unknown operation type. + - Adds newly given policy bindings in the existing bindings list. - >- - Target document is deleted, and mark the documentlink as - soft-deleted. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - SOFT_DELETED - description: - type: string - description: Description of this document-link. - name: - type: string - description: >- - Name of this document-link. It is required that the parent derived - form the name to be consistent with the source document reference. - Otherwise an exception will be thrown. Format: - projects/{project_number}/locations/{location}/documents/{source_document_id}/documentLinks/{document_link_id}. - sourceDocumentReference: - description: Document references of the source document. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentReference' - updateTime: - type: string - format: google-datetime - readOnly: true - description: Output only. The time when the documentLink is last updated. - createTime: - type: string - readOnly: true - description: Output only. The time when the documentLink is created. - format: google-datetime + Removes newly given policy bindings from the existing bindings + list. + - >- + Replaces existing policy bindings with the given policy binding + list type: object - description: A document-link between source and target document. - GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageHeader: + id: GoogleCloudContentwarehouseV1AccessControlAction + GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableBlock: properties: - text: - description: Header in text format. + headerRows: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableRow + description: Header rows at the top of the table. + caption: + description: Table caption/title. type: string - pageSpan: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageSpan - description: Page span of the header. + bodyRows: + description: Body rows containing main table content. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableRow type: object - id: GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageHeader - description: Represents the page header associated with the chunk. - GoogleCloudContentwarehouseV1GcsIngestPipeline: - id: GoogleCloudContentwarehouseV1GcsIngestPipeline - description: The configuration of the Cloud Storage Ingestion pipeline. + id: >- + GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutTableBlock + description: Represents a table type block. + CloudAiPlatformTenantresourceServiceAccountIdentity: type: object properties: - pipelineConfig: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1IngestPipelineConfig + serviceAccountEmail: + description: Output only. The service account email that has been created. + type: string + tag: + type: string description: >- - Optional. The config for the Cloud Storage Ingestion pipeline. It - provides additional customization options to run the pipeline and - can be skipped if it is not applicable. - inputPath: + Input/Output [Optional]. The tag that configures the service + account, as defined in + google3/configs/production/cdpush/acl-zanzibar-cloud-prod/activation_grants/activation_grants.gcl. + Note: The default P4 service account has the empty tag. + id: CloudAiPlatformTenantresourceServiceAccountIdentity + description: The identity to configure a service account. + GoogleCloudDocumentaiV1DocumentPageFormField: + description: A form field detected on the page. + id: GoogleCloudDocumentaiV1DocumentPageFormField + type: object + properties: + fieldName: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' description: >- - The input Cloud Storage folder. All files under this folder will be - imported to Document Warehouse. Format: `gs:///`. - type: string - schemaName: + Layout for the FormField name. e.g. `Address`, `Email`, `Grand + total`, `Phone number`, etc. + provenance: + description: The history of this annotation. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentProvenance' + valueType: description: >- - The Document Warehouse schema resource name. All documents processed - by this pipeline will use this schema. Format: - projects/{project_number}/locations/{location}/documentSchemas/{document_schema_id}. + If the value is non-textual, this field represents the type. Current + valid values are: - blank (this indicates the `field_value` is + normal text) - `unfilled_checkbox` - `filled_checkbox` type: string - processorType: + correctedValueText: type: string description: >- - The Doc AI processor type name. Only used when the format of - ingested files is Doc AI Document proto format. - skipIngestedDocuments: + Created for Labeling UI to export value text. If corrections were + made to the text identified by the `field_value.text_anchor`, this + field will contain the correction. + valueDetectedLanguages: + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedLanguage + type: array + description: A list of detected languages for value together with confidence. + correctedKeyText: + type: string description: >- - The flag whether to skip ingested documents. If it is set to true, - documents in Cloud Storage contains key "status" with value - "status=ingested" in custom metadata will be skipped to ingest. - type: boolean - GoogleCloudContentwarehouseV1PropertyTypeOptions: - properties: - propertyDefinitions: + Created for Labeling UI to export key text. If corrections were made + to the text identified by the `field_name.text_anchor`, this field + will contain the correction. + nameDetectedLanguages: items: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1PropertyDefinition + #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedLanguage type: array - description: Required. List of property definitions. + description: A list of detected languages for name together with confidence. + fieldValue: + description: Layout for the FormField value. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' + GoogleCloudDocumentaiV1DocumentEntity: + id: GoogleCloudDocumentaiV1DocumentEntity type: object - description: Configurations for a nested structured data property. - id: GoogleCloudContentwarehouseV1PropertyTypeOptions - GoogleCloudContentwarehouseV1Document: properties: - updateTime: - description: Output only. The time when the document is last updated. - readOnly: true + textAnchor: + description: >- + Optional. Provenance of the entity. Text anchor indexing into the + Document.text. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentTextAnchor' + redacted: + description: >- + Optional. Whether the entity will be redacted for de-identification + purposes. + type: boolean + normalizedValue: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentEntityNormalizedValue + description: >- + Optional. Normalized entity value. Absent if the extracted value + could not be converted or the type (e.g. address) is not supported + for certain parsers. This field is also only populated for certain + supported document types. + type: + description: Required. Entity type from a schema e.g. `Address`. type: string - format: google-datetime - cloudAiDocument: - description: Document AI format to save the structured content, including OCR. - $ref: '#/components/schemas/GoogleCloudDocumentaiV1Document' - documentSchemaName: + properties: description: >- - The Document schema name. Format: - projects/{project_number}/locations/{location}/documentSchemas/{document_schema_id}. + Optional. Entities can be nested to form a hierarchical data + structure representing the content in the document. + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentEntity' + type: array + confidence: + type: number + description: Optional. Confidence of detected Schema entity. Range `[0, 1]`. + format: float + id: + description: >- + Optional. Canonical id. This will be a unique value in the entity + list for this document. type: string - plainText: + provenance: + description: Optional. The history of this annotation. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentProvenance' + mentionText: + description: Optional. Text value of the entity e.g. `1600 Amphitheatre Pkwy`. type: string - description: Other document format, such as PPTX, XLXS - referenceId: + pageAnchor: description: >- - The reference ID set by customers. Must be unique per project and - location. + Optional. Represents the provenance of this entity wrt. the location + on the page where it was found. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageAnchor' + mentionId: + description: Optional. Deprecated. Use `id` field instead. type: string - rawDocumentFileType: - enum: - - RAW_DOCUMENT_FILE_TYPE_UNSPECIFIED - - RAW_DOCUMENT_FILE_TYPE_PDF - - RAW_DOCUMENT_FILE_TYPE_DOCX - - RAW_DOCUMENT_FILE_TYPE_XLSX - - RAW_DOCUMENT_FILE_TYPE_PPTX - - RAW_DOCUMENT_FILE_TYPE_TEXT - - RAW_DOCUMENT_FILE_TYPE_TIFF - description: >- - This is used when DocAI was not used to load the document and - parsing/ extracting is needed for the inline_raw_document. For - example, if inline_raw_document is the byte representation of a PDF - file, then this should be set to: RAW_DOCUMENT_FILE_TYPE_PDF. - enumDescriptions: - - No raw document specified or it is non-parsable - - Adobe PDF format - - Microsoft Word format - - Microsoft Excel format - - Microsoft Powerpoint format - - UTF-8 encoded text format - - TIFF or TIF image file format - type: string - updater: - description: The user who lastly updates the document. - type: string - textExtractionDisabled: - deprecated: true - description: If true, text extraction will not be performed. - type: boolean - contentCategory: + description: >- + An entity that could be a phrase in the text or a property that belongs + to the document. It is a known entity type, such as a person, an + organization, or location. + GoogleCloudContentwarehouseV1DeleteDocumentRequest: + description: Request message for DocumentService.DeleteDocument. + type: object + properties: + requestMetadata: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' description: >- - Indicates the category (image, audio, video etc.) of the original - content. - enum: - - CONTENT_CATEGORY_UNSPECIFIED - - CONTENT_CATEGORY_IMAGE - - CONTENT_CATEGORY_AUDIO - - CONTENT_CATEGORY_VIDEO + The meta information collected about the end user, used to enforce + access control for the service. + id: GoogleCloudContentwarehouseV1DeleteDocumentRequest + GoogleCloudDocumentaiV1DocumentProvenance: + description: >- + Structure to identify provenance relationships between annotations in + different revisions. + id: GoogleCloudDocumentaiV1DocumentProvenance + properties: + parents: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentProvenanceParent + description: References to the original elements that are replaced. + revision: + description: The index of the revision that produced this element. + type: integer + format: int32 + deprecated: true + type: + enumDeprecated: + - false + - false + - false + - false + - false + - true + - true + - true enumDescriptions: - - No category is specified. - - Content is of image type. - - Content is of audio type. - - Content is of video type. - type: string - creator: - type: string - description: The user who creates the document. - displayUri: - type: string - description: Uri to display the document, for example, in the UI. - rawDocumentPath: - type: string - description: Raw document file in Cloud Storage path. - name: + - >- + Operation type unspecified. If no operation is specified a + provenance entry is simply used to match against a `parent`. + - Add an element. + - Remove an element identified by `parent`. + - >- + Updates any fields within the given provenance scope of the + message. It overwrites the fields rather than replacing them. Use + this when you want to update a field value of an entity without + also updating all the child properties. + - Currently unused. Replace an element identified by `parent`. + - >- + Deprecated. Request human review for the element identified by + `parent`. + - >- + Deprecated. Element is reviewed and approved at human review, + confidence will be set to 1.0. + - Deprecated. Element is skipped in the validation process. + enum: + - OPERATION_TYPE_UNSPECIFIED + - ADD + - REMOVE + - UPDATE + - REPLACE + - EVAL_REQUESTED + - EVAL_APPROVED + - EVAL_SKIPPED type: string + description: The type of provenance operation. + id: + deprecated: true description: >- - The resource name of the document. Format: - projects/{project_number}/locations/{location}/documents/{document_id}. - The name is ignored when creating a document. - createTime: - readOnly: true - format: google-datetime + The Id of this operation. Needs to be unique within the scope of the + revision. + format: int32 + type: integer + type: object + GoogleCloudDocumentaiV1DocumentPageAnchorPageRef: + properties: + confidence: + type: number + description: >- + Optional. Confidence of detected page element, if applicable. Range + `[0, 1]`. + format: float + layoutId: type: string - description: Output only. The time when the document is created. - dispositionTime: - readOnly: true + description: Optional. Deprecated. Use PageRef.bounding_poly instead. + deprecated: true + page: type: string - format: google-datetime description: >- - Output only. If linked to a Collection with RetentionPolicy, the - date when the document becomes mutable. - displayName: + Required. Index into the Document.pages element, for example using + `Document.pages` to locate the related page element. This field is + skipped when its value is the default `0`. See + https://developers.google.com/protocol-buffers/docs/proto3#json. + format: int64 + boundingPoly: description: >- - Required. Display name of the document given by the user. This name - will be displayed in the UI. Customer can populate this field with - the name of the document. This differs from the 'title' field as - 'title' is optional and stores the top heading in the document. - type: string - textExtractionEnabled: - type: boolean - description: If true, text extraction will be performed. - properties: - type: array - items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Property' - description: List of values that are user supplied metadata. - legalHold: - type: boolean - readOnly: true - description: Output only. Indicates if the document has a legal hold on it. - title: + Optional. Identifies the bounding polygon of a layout element on the + page. If `layout_type` is set, the bounding polygon must be exactly + the same to the layout element it's referring to. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1BoundingPoly' + layoutType: + enumDescriptions: + - Layout Unspecified. + - References a Page.blocks element. + - References a Page.paragraphs element. + - References a Page.lines element. + - References a Page.tokens element. + - References a Page.visual_elements element. + - Refrrences a Page.tables element. + - References a Page.form_fields element. type: string + enum: + - LAYOUT_TYPE_UNSPECIFIED + - BLOCK + - PARAGRAPH + - LINE + - TOKEN + - VISUAL_ELEMENT + - TABLE + - FORM_FIELD description: >- - Title that describes the document. This can be the top heading or - text that describes the document. - inlineRawDocument: - type: string - format: byte - description: Raw document content. - id: GoogleCloudContentwarehouseV1Document - description: Defines the structure for content warehouse document proto. - type: object - GoogleCloudContentwarehouseV1ProjectStatus: - description: >- - Status of a project, including the project state, dbType, aclMode and - etc. + Optional. The type of the layout element that is being referenced if + any. type: object + id: GoogleCloudDocumentaiV1DocumentPageAnchorPageRef + description: Represents a weak reference to a page element within a document. + GoogleCloudContentwarehouseV1ActionOutput: properties: - qaEnabled: - type: boolean - description: If the qa is enabled on this project. - documentCreatorDefaultRole: - description: The default role for the person who create a document. + actionId: type: string - accessControlMode: + description: ID of the action. + outputMessage: + description: Action execution output message. type: string - enum: - - ACL_MODE_UNKNOWN - - ACL_MODE_UNIVERSAL_ACCESS - - ACL_MODE_DOCUMENT_LEVEL_ACCESS_CONTROL_BYOID - - ACL_MODE_DOCUMENT_LEVEL_ACCESS_CONTROL_GCI - description: Access control mode. - enumDescriptions: - - This value is required by protobuf best practices - - 'Universal Access: No document level access control.' - - Document level access control with customer own Identity Service. - - Document level access control using Google Cloud Identity. - location: - description: The location of the queried project. + actionState: type: string - state: - description: State of the project. enum: - - PROJECT_STATE_UNSPECIFIED - - PROJECT_STATE_PENDING - - PROJECT_STATE_COMPLETED - - PROJECT_STATE_FAILED - - PROJECT_STATE_DELETING - - PROJECT_STATE_DELETING_FAILED - - PROJECT_STATE_DELETED - - PROJECT_STATE_NOT_FOUND - enumDescriptions: - - Default status, required by protobuf best practices. - - The project is in the middle of a provision process. - - All dependencies have been provisioned. - - A provision process was previously initiated, but failed. - - The project is in the middle of a deletion process. - - A deleting process was initiated, but failed. - - The project is deleted. - - The project is not found. - type: string - databaseType: + - UNKNOWN + - ACTION_SUCCEEDED + - ACTION_FAILED + - ACTION_TIMED_OUT + - ACTION_PENDING enumDescriptions: - - This value is required by protobuf best practices - - Internal Spanner - - Cloud Sql with a Postgres Sql instance - enumDeprecated: - - false - - false - - true + - The unknown state. + - State indicating action executed successfully. + - State indicating action failed. + - State indicating action timed out. + - State indicating action is pending. + description: State of an action. + description: Represents the result of executing an action. + id: GoogleCloudContentwarehouseV1ActionOutput + type: object + GoogleCloudDocumentaiV1DocumentPageTableTableRow: + description: A row of table cells. + properties: + cells: + description: Cells that make up this row. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentPageTableTableCell + type: object + id: GoogleCloudDocumentaiV1DocumentPageTableTableRow + GoogleCloudContentwarehouseV1MapTypeOptions: + id: GoogleCloudContentwarehouseV1MapTypeOptions + description: Configurations for a Map property. + type: object + properties: {} + GoogleCloudContentwarehouseV1FetchAclResponse: + type: object + id: GoogleCloudContentwarehouseV1FetchAclResponse + description: Response message for DocumentService.FetchAcl. + properties: + metadata: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ResponseMetadata' + description: >- + Additional information for the API invocation, such as the request + tracking id. + policy: + $ref: '#/components/schemas/GoogleIamV1Policy' + description: The IAM policy. + GoogleCloudContentwarehouseV1RunPipelineRequest: + description: Request message for DocumentService.RunPipeline. + id: GoogleCloudContentwarehouseV1RunPipelineRequest + properties: + gcsIngestPipeline: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1GcsIngestPipeline' + description: Cloud Storage ingestion pipeline. + exportCdwPipeline: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1ExportToCdwPipeline + description: >- + Export docuemnts from Document Warehouse to CDW for training + purpose. + processWithDocAiPipeline: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1ProcessWithDocAiPipeline + description: >- + Use a DocAI processor to process documents in Document Warehouse, + and re-ingest the updated results into Document Warehouse. + requestMetadata: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' + description: >- + The meta information collected about the end user, used to enforce + access control for the service. + gcsIngestWithDocAiProcessorsPipeline: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1GcsIngestWithDocAiProcessorsPipeline + description: >- + Use DocAI processors to process documents in Cloud Storage and + ingest them to Document Warehouse. + type: object + GoogleCloudContentwarehouseV1InitializeProjectRequest: + type: object + description: Request message for projectService.InitializeProject + id: GoogleCloudContentwarehouseV1InitializeProjectRequest + properties: + enableCalUserEmailLogging: + description: Optional. Whether to enable CAL user email logging. + type: boolean + accessControlMode: + enumDescriptions: + - This value is required by protobuf best practices + - 'Universal Access: No document level access control.' + - Document level access control with customer own Identity Service. + - Document level access control using Google Cloud Identity. type: string + description: Required. The access control mode for accessing the customer data + enum: + - ACL_MODE_UNKNOWN + - ACL_MODE_UNIVERSAL_ACCESS + - ACL_MODE_DOCUMENT_LEVEL_ACCESS_CONTROL_BYOID + - ACL_MODE_DOCUMENT_LEVEL_ACCESS_CONTROL_GCI + kmsKey: + description: >- + Optional. The KMS key used for CMEK encryption. It is required that + the kms key is in the same region as the endpoint. The same key will + be used for all provisioned resources, if encryption is available. + If the kms_key is left empty, no encryption will be enforced. + type: string + databaseType: + description: Required. The type of database used to store customer data + enumDescriptions: + - This value is required by protobuf best practices + - Internal Spanner + - Cloud Sql with a Postgres Sql instance enum: - DB_UNKNOWN - DB_INFRA_SPANNER - DB_CLOUD_SQL_POSTGRES - description: Database type. - id: GoogleCloudContentwarehouseV1ProjectStatus - GoogleCloudDocumentaiV1DocumentProvenanceParent: + type: string + enumDeprecated: + - false + - false + - true + documentCreatorDefaultRole: + description: Optional. The default role for the person who create a document. + type: string + enum: + - DOCUMENT_CREATOR_DEFAULT_ROLE_UNSPECIFIED + - DOCUMENT_ADMIN + - DOCUMENT_EDITOR + - DOCUMENT_VIEWER + enumDescriptions: + - Unspecified, will be default to document admin role. + - >- + Document Admin, same as + contentwarehouse.googleapis.com/documentAdmin. + - >- + Document Editor, same as + contentwarehouse.googleapis.com/documentEditor. + - >- + Document Viewer, same as + contentwarehouse.googleapis.com/documentViewer. + GoogleCloudContentwarehouseV1SearchDocumentsResponseMatchingDocument: + id: GoogleCloudContentwarehouseV1SearchDocumentsResponseMatchingDocument + properties: + qaResult: + description: >- + Experimental. Additional result info if the question-answering + feature is enabled. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1QAResult' + matchedTokenPageIndices: + items: + format: int64 + type: string + description: >- + Return the 1-based page indices where those pages have one or more + matched tokens. + type: array + searchTextSnippet: + description: >- + Contains snippets of text from the document full raw text that most + closely match a search query's keywords, if available. All HTML tags + in the original fields are stripped when returned in this field, and + matching query keywords are enclosed in HTML bold tags. If the + question-answering feature is enabled, this field will instead + contain a snippet that answers the user's natural-language query. No + HTML bold tags will be present, and highlights in the answer snippet + can be found in QAResult.highlights. + type: string + document: + description: >- + Document that matches the specified SearchDocumentsRequest. This + document only contains indexed metadata information. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Document' + type: object + description: Document entry with metadata inside SearchDocumentsResponse + GoogleTypeDate: + id: GoogleTypeDate description: >- - The parent element the current element is based on. Used for - referencing/aligning, removal and replacement operations. + Represents a whole or partial calendar date, such as a birthday. The + time of day and time zone are either specified elsewhere or are + insignificant. The date is relative to the Gregorian Calendar. This can + represent one of the following: * A full date, with non-zero year, + month, and day values. * A month and day, with a zero year (for example, + an anniversary). * A year on its own, with a zero month and a zero day. + * A year and month, with a zero day (for example, a credit card + expiration date). Related types: * google.type.TimeOfDay * + google.type.DateTime * google.protobuf.Timestamp type: object - id: GoogleCloudDocumentaiV1DocumentProvenanceParent properties: - index: + year: type: integer + description: >- + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. format: int32 + month: + type: integer description: >- - The index of the parent item in the corresponding item list (eg. - list of entities, properties within entities, etc.) in the parent - revision. - id: - deprecated: true + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. + format: int32 + day: + description: >- + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. + format: int32 type: integer + GoogleCloudContentwarehouseV1RuleEngineOutput: + properties: + ruleEvaluatorOutput: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1RuleEvaluatorOutput + description: >- + Output from Rule Evaluator containing matched, unmatched and invalid + rules. + documentName: + description: >- + Name of the document against which the rules and actions were + evaluated. + type: string + actionExecutorOutput: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1ActionExecutorOutput + description: >- + Output from Action Executor containing rule and corresponding + actions execution result. + description: >- + Records the output of Rule Engine including rule evaluation and actions + result. + type: object + id: GoogleCloudContentwarehouseV1RuleEngineOutput + GoogleCloudDocumentaiV1DocumentTextAnchor: + id: GoogleCloudDocumentaiV1DocumentTextAnchor + type: object + description: Text reference indexing into the Document.text. + properties: + content: + description: >- + Contains the content of the text span so that users do not have to + look it up in the text_segments. It is always populated for + formFields. + type: string + textSegments: + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentTextAnchorTextSegment + type: array + description: The text segments from the Document.text. + GoogleCloudDocumentaiV1DocumentDocumentLayout: + description: >- + Represents the parsed layout of a document as a collection of blocks + that the document is divided into. + id: GoogleCloudDocumentaiV1DocumentDocumentLayout + type: object + properties: + blocks: + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlock + description: List of blocks in the document. + type: array + GoogleCloudDocumentaiV1DocumentPageImage: + id: GoogleCloudDocumentaiV1DocumentPageImage + properties: + height: format: int32 - description: The id of the parent provenance. - revision: + description: Height of the image in pixels. + type: integer + content: + type: string + format: byte + description: Raw byte content of the image. + width: type: integer format: int32 - description: The index of the index into current revision's parent_ids list. - GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageFooter: + description: Width of the image in pixels. + mimeType: + description: >- + Encoding [media type (MIME + type)](https://www.iana.org/assignments/media-types/media-types.xhtml) + for the image. + type: string + type: object + description: Rendered image contents for this page. + GoogleCloudContentwarehouseV1ExportToCdwPipeline: + id: GoogleCloudContentwarehouseV1ExportToCdwPipeline + description: >- + The configuration of exporting documents from the Document Warehouse to + CDW pipeline. + type: object + properties: + exportFolderPath: + description: >- + The Cloud Storage folder path used to store the exported documents + before being sent to CDW. Format: `gs:///`. + type: string + trainingSplitRatio: + format: float + type: number + description: >- + Ratio of training dataset split. When importing into Document AI + Workbench, documents will be automatically split into training and + test split category with the specified ratio. This field is required + if doc_ai_dataset is set. + docAiDataset: + type: string + description: >- + Optional. The CDW dataset resource name. This field is optional. If + not set, the documents will be exported to Cloud Storage only. + Format: + projects/{project}/locations/{location}/processors/{processor}/dataset + documents: + type: array + description: >- + The list of all the resource names of the documents to be processed. + Format: + projects/{project_number}/locations/{location}/documents/{document_id}. + items: + type: string + GoogleCloudContentwarehouseV1CreateDocumentMetadata: + id: GoogleCloudContentwarehouseV1CreateDocumentMetadata + type: object + properties: {} + description: Metadata object for CreateDocument request (currently empty). + GoogleCloudDocumentaiV1DocumentStyle: + id: GoogleCloudDocumentaiV1DocumentStyle + type: object + description: >- + Annotation for common text style attributes. This adheres to CSS + conventions as much as possible. + properties: + backgroundColor: + $ref: '#/components/schemas/GoogleTypeColor' + description: Text background color. + fontWeight: + description: >- + [Font weight](https://www.w3schools.com/cssref/pr_font_weight.asp). + Possible values are `normal`, `bold`, `bolder`, and `lighter`. + type: string + color: + $ref: '#/components/schemas/GoogleTypeColor' + description: Text color. + fontSize: + description: Font size. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentStyleFontSize' + fontFamily: + description: >- + Font family such as `Arial`, `Times New Roman`. + https://www.w3schools.com/cssref/pr_font_font-family.asp + type: string + textAnchor: + description: Text anchor indexing into the Document.text. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentTextAnchor' + textDecoration: + description: >- + [Text + decoration](https://www.w3schools.com/cssref/pr_text_text-decoration.asp). + Follows CSS standard. + type: string + textStyle: + type: string + description: >- + [Text + style](https://www.w3schools.com/cssref/pr_font_font-style.asp). + Possible values are `normal`, `italic`, and `oblique`. + GoogleTypeColor: + id: GoogleTypeColor + properties: + alpha: + description: >- + The fraction of this color that should be applied to the pixel. That + is, the final pixel color is defined by the equation: `pixel color = + alpha * (this color) + (1.0 - alpha) * (background color)` This + means that a value of 1.0 corresponds to a solid color, whereas a + value of 0.0 corresponds to a completely transparent color. This + uses a wrapper message rather than a simple float scalar so that it + is possible to distinguish between a default value and the value + being unset. If omitted, this color object is rendered as a solid + color (as if the alpha value had been explicitly given a value of + 1.0). + type: number + format: float + red: + format: float + description: The amount of red in the color as a value in the interval [0, 1]. + type: number + green: + format: float + type: number + description: The amount of green in the color as a value in the interval [0, 1]. + blue: + type: number + format: float + description: The amount of blue in the color as a value in the interval [0, 1]. + description: >- + Represents a color in the RGBA color space. This representation is + designed for simplicity of conversion to and from color representations + in various languages over compactness. For example, the fields of this + representation can be trivially provided to the constructor of + `java.awt.Color` in Java; it can also be trivially provided to UIColor's + `+colorWithRed:green:blue:alpha` method in iOS; and, with just a little + work, it can be easily formatted into a CSS `rgba()` string in + JavaScript. This reference page doesn't have information about the + absolute color space that should be used to interpret the RGB value—for + example, sRGB, Adobe RGB, DCI-P3, and BT.2020. By default, applications + should assume the sRGB color space. When color equality needs to be + decided, implementations, unless documented otherwise, treat two colors + as equal if all their red, green, blue, and alpha values each differ by + at most `1e-5`. Example (Java): import com.google.type.Color; // ... + public static java.awt.Color fromProto(Color protocolor) { float alpha = + protocolor.hasAlpha() ? protocolor.getAlpha().getValue() : 1.0; return + new java.awt.Color( protocolor.getRed(), protocolor.getGreen(), + protocolor.getBlue(), alpha); } public static Color + toProto(java.awt.Color color) { float red = (float) color.getRed(); + float green = (float) color.getGreen(); float blue = (float) + color.getBlue(); float denominator = 255.0; Color.Builder resultBuilder + = Color .newBuilder() .setRed(red / denominator) .setGreen(green / + denominator) .setBlue(blue / denominator); int alpha = color.getAlpha(); + if (alpha != 255) { result.setAlpha( FloatValue .newBuilder() + .setValue(((float) alpha) / denominator) .build()); } return + resultBuilder.build(); } // ... Example (iOS / Obj-C): // ... static + UIColor* fromProto(Color* protocolor) { float red = [protocolor red]; + float green = [protocolor green]; float blue = [protocolor blue]; + FloatValue* alpha_wrapper = [protocolor alpha]; float alpha = 1.0; if + (alpha_wrapper != nil) { alpha = [alpha_wrapper value]; } return + [UIColor colorWithRed:red green:green blue:blue alpha:alpha]; } static + Color* toProto(UIColor* color) { CGFloat red, green, blue, alpha; if + (![color getRed:&red green:&green blue:&blue alpha:&alpha]) { return + nil; } Color* result = [[Color alloc] init]; [result setRed:red]; + [result setGreen:green]; [result setBlue:blue]; if (alpha <= 0.9999) { + [result setAlpha:floatWrapperWithValue(alpha)]; } [result autorelease]; + return result; } // ... Example (JavaScript): // ... var protoToCssColor + = function(rgb_color) { var redFrac = rgb_color.red || 0.0; var + greenFrac = rgb_color.green || 0.0; var blueFrac = rgb_color.blue || + 0.0; var red = Math.floor(redFrac * 255); var green = + Math.floor(greenFrac * 255); var blue = Math.floor(blueFrac * 255); if + (!('alpha' in rgb_color)) { return rgbToCssColor(red, green, blue); } + var alphaFrac = rgb_color.alpha.value || 0.0; var rgbParams = [red, + green, blue].join(','); return ['rgba(', rgbParams, ',', alphaFrac, + ')'].join(''); }; var rgbToCssColor = function(red, green, blue) { var + rgbNumber = new Number((red << 16) | (green << 8) | blue); var hexString + = rgbNumber.toString(16); var missingZeros = 6 - hexString.length; var + resultBuilder = ['#']; for (var i = 0; i < missingZeros; i++) { + resultBuilder.push('0'); } resultBuilder.push(hexString); return + resultBuilder.join(''); }; // ... type: object - description: Represents the page footer associated with the chunk. - id: GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageFooter + GoogleCloudContentwarehouseV1UpdateOptions: properties: - pageSpan: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageSpan - description: Page span of the footer. - text: - description: Footer in text format. + updateType: + description: Type for update. + enumDescriptions: + - Defaults to full replace behavior, ie. FULL_REPLACE. + - >- + Fully replace all the fields (including previously linked raw + document). Any field masks will be ignored. + - Merge the fields into the existing entities. + - Inserts the properties by names. + - Replace the properties by names. + - Delete the properties by names. + - >- + For each of the property, replaces the property if the it exists, + otherwise inserts a new property. And for the rest of the fields, + merge them based on update mask and merge fields options. + enum: + - UPDATE_TYPE_UNSPECIFIED + - UPDATE_TYPE_REPLACE + - UPDATE_TYPE_MERGE + - UPDATE_TYPE_INSERT_PROPERTIES_BY_NAMES + - UPDATE_TYPE_REPLACE_PROPERTIES_BY_NAMES + - UPDATE_TYPE_DELETE_PROPERTIES_BY_NAMES + - UPDATE_TYPE_MERGE_AND_REPLACE_OR_INSERT_PROPERTIES_BY_NAMES type: string - GoogleCloudContentwarehouseV1RunPipelineMetadataIndividualDocumentStatus: - id: GoogleCloudContentwarehouseV1RunPipelineMetadataIndividualDocumentStatus - description: The status of processing a document. - properties: - documentId: + updateMask: type: string - description: Document identifier of an existing document. - status: - description: The status processing the document. - $ref: '#/components/schemas/GoogleRpcStatus' - type: object - GoogleRpcStatus: - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - format: int32 - type: integer - description: The status code, which should be an enum value of google.rpc.Code. - details: - items: - type: object - additionalProperties: - description: Properties of the object. Contains field @type with type URL. - type: any - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - message: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - id: GoogleRpcStatus - GoogleCloudContentwarehouseV1CreateDocumentMetadata: - id: GoogleCloudContentwarehouseV1CreateDocumentMetadata - description: Metadata object for CreateDocument request (currently empty). - properties: {} - type: object - GoogleCloudDocumentaiV1DocumentTextAnchor: + Field mask for merging Document fields. For the `FieldMask` + definition, see + https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask + format: google-fieldmask + mergeFieldsOptions: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1MergeFieldsOptions' + description: Options for merging. type: object - id: GoogleCloudDocumentaiV1DocumentTextAnchor - description: Text reference indexing into the Document.text. - properties: - textSegments: - description: The text segments from the Document.text. - items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentTextAnchorTextSegment - type: array - content: - description: >- - Contains the content of the text span so that users do not have to - look it up in the text_segments. It is always populated for - formFields. - type: string - GoogleCloudContentwarehouseV1ProcessorInfo: + id: GoogleCloudContentwarehouseV1UpdateOptions + description: Options for Update operations. + GoogleCloudDocumentaiV1DocumentEntityRelation: properties: - documentType: - description: The processor will process the documents with this document type. - type: string - processorName: - description: >- - The processor resource name. Format is - `projects/{project}/locations/{location}/processors/{processor}`, or - `projects/{project}/locations/{location}/processors/{processor}/processorVersions/{processorVersion}` + objectId: type: string - schemaName: - description: >- - The Document schema resource name. All documents processed by this - processor will use this schema. Format: - projects/{project_number}/locations/{location}/documentSchemas/{document_schema_id}. + description: Object entity id. + subjectId: + description: Subject entity id. type: string - id: GoogleCloudContentwarehouseV1ProcessorInfo - description: The DocAI processor information. - type: object - GoogleCloudContentwarehouseV1beta1UpdateDocumentMetadata: - properties: {} - type: object - description: Metadata object for UpdateDocument request (currently empty). - id: GoogleCloudContentwarehouseV1beta1UpdateDocumentMetadata - GoogleCloudContentwarehouseV1FileTypeFilter: - type: object - properties: - fileType: - enum: - - FILE_TYPE_UNSPECIFIED - - ALL - - FOLDER - - DOCUMENT - - ROOT_FOLDER - enumDescriptions: - - Default document type. If set, disables the filter. - - Returns all document types, including folders. - - Returns only folders. - - Returns only non-folder documents. - - Returns only root folders - description: The type of files to return. + relation: + description: Relationship description. type: string - id: GoogleCloudContentwarehouseV1FileTypeFilter - description: Filter for the specific types of documents returned. - GoogleCloudContentwarehouseV1CreateDocumentLinkRequest: - properties: - requestMetadata: - description: >- - The meta information collected about the document creator, used to - enforce access control for the service. - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' - documentLink: - description: >- - Required. Document links associated with the source documents - (source_document_id). - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentLink' - description: Request message for DocumentLinkService.CreateDocumentLink. - id: GoogleCloudContentwarehouseV1CreateDocumentLinkRequest type: object - GoogleCloudDocumentaiV1DocumentPageParagraph: - id: GoogleCloudDocumentaiV1DocumentPageParagraph - description: A collection of lines that a human would perceive as a paragraph. + description: Relationship between Entities. + id: GoogleCloudDocumentaiV1DocumentEntityRelation + GoogleCloudContentwarehouseV1RunPipelineMetadataProcessWithDocAiPipelineMetadata: + id: >- + GoogleCloudContentwarehouseV1RunPipelineMetadataProcessWithDocAiPipelineMetadata type: object + description: The metadata message for Process-with-DocAi pipeline. properties: - layout: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' - description: Layout for Paragraph. - provenance: - description: The history of this annotation. - deprecated: true - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentProvenance' - detectedLanguages: + documents: type: array - description: A list of detected languages together with confidence. items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedLanguage + type: string + description: >- + The input list of all the resource names of the documents to be + processed. + processorInfo: + description: The DocAI processor to process the documents with. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ProcessorInfo' GoogleCloudContentwarehouseV1CloudAIDocumentOption: type: object id: GoogleCloudContentwarehouseV1CloudAIDocumentOption + description: Request Option for processing Cloud AI Document in CW Document. properties: enableEntitiesConversions: type: boolean @@ -4644,116 +4702,142 @@ components: type: object additionalProperties: type: string - description: Request Option for processing Cloud AI Document in CW Document. - CloudAiPlatformTenantresourceTenantProjectConfig: - properties: - policyBindings: - type: array - items: - $ref: >- - #/components/schemas/GoogleApiServiceconsumermanagementV1PolicyBinding - description: >- - Input/Output [Required]. The policy bindings that are applied to the - tenant project during creation. At least one binding must have the - role `roles/owner` with either `user` or `group` type. - folder: - type: string - description: >- - Input/Output [Required]. The folder that holds tenant projects and - folder-level permissions will be automatically granted to all tenant - projects under the folder. Note: the valid folder format is - `folders/{folder_number}`. - billingConfig: - description: >- - Input/Output [Required]. The billing account properties to create - the tenant project. - $ref: >- - #/components/schemas/GoogleApiServiceconsumermanagementV1BillingConfig - services: - items: - type: string - description: >- - Input/Output [Required]. The API services that are enabled on the - tenant project during creation. - type: array - type: object - id: CloudAiPlatformTenantresourceTenantProjectConfig - description: The identity to configure a tenant project. - GoogleCloudDocumentaiV1DocumentPageFormField: + GoogleIamV1AuditConfig: + id: GoogleIamV1AuditConfig + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. type: object properties: - nameDetectedLanguages: - type: array + auditLogConfigs: items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedLanguage - description: A list of detected languages for name together with confidence. - correctedKeyText: - description: >- - Created for Labeling UI to export key text. If corrections were made - to the text identified by the `field_name.text_anchor`, this field - will contain the correction. - type: string - valueDetectedLanguages: + $ref: '#/components/schemas/GoogleIamV1AuditLogConfig' + description: The configuration for logging of each type of permission. type: array - description: A list of detected languages for value together with confidence. - items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedLanguage - provenance: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentProvenance' - description: The history of this annotation. - fieldValue: - description: Layout for the FormField value. - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' - correctedValueText: - description: >- - Created for Labeling UI to export value text. If corrections were - made to the text identified by the `field_value.text_anchor`, this - field will contain the correction. - type: string - valueType: + service: description: >- - If the value is non-textual, this field represents the type. Current - valid values are: - blank (this indicates the `field_value` is - normal text) - `unfilled_checkbox` - `filled_checkbox` + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. type: string - fieldName: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' - description: >- - Layout for the FormField name. e.g. `Address`, `Email`, `Grand - total`, `Phone number`, etc. - id: GoogleCloudDocumentaiV1DocumentPageFormField - description: A form field detected on the page. - GoogleCloudContentwarehouseV1PublishAction: + GoogleCloudContentwarehouseV1FloatTypeOptions: + properties: {} + description: Configurations for a float property. + type: object + id: GoogleCloudContentwarehouseV1FloatTypeOptions + GoogleCloudContentwarehouseV1UpdateRuleSetRequest: + description: Request message for RuleSetService.UpdateRuleSet. + type: object properties: - topicId: + ruleSet: + description: Required. The rule set to update. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleSet' + id: GoogleCloudContentwarehouseV1UpdateRuleSetRequest + GoogleIamV1Binding: + id: GoogleIamV1Binding + type: object + properties: + condition: description: >- - The topic id in the Pub/Sub service for which messages will be - published to. - type: string - messages: + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/GoogleTypeExpr' + members: items: type: string type: array - description: Messages to be published. - type: object - id: GoogleCloudContentwarehouseV1PublishAction - description: >- - Represents the action responsible for publishing messages to a Pub/Sub - topic. - GoogleCloudDocumentaiV1DocumentChunkedDocument: - type: object - properties: - chunks: - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentChunkedDocumentChunk - description: List of chunks. - description: Represents the chunks that the document is divided into. - id: GoogleCloudDocumentaiV1DocumentChunkedDocument + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + role: + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + type: string + description: Associates `members`, or principals, with a `role`. GoogleCloudContentwarehouseV1IntegerArray: + description: Integer values. properties: values: type: array @@ -4761,341 +4845,245 @@ components: type: integer format: int32 description: List of integer values. - type: object - description: Integer values. id: GoogleCloudContentwarehouseV1IntegerArray - GoogleCloudContentwarehouseV1RunPipelineMetadata: - id: GoogleCloudContentwarehouseV1RunPipelineMetadata - description: Metadata message of RunPipeline method. - properties: - individualDocumentStatuses: - items: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1RunPipelineMetadataIndividualDocumentStatus - type: array - description: The list of response details of each document. - userInfo: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1UserInfo' - description: User unique identification and groups information. - exportToCdwPipelineMetadata: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1RunPipelineMetadataExportToCdwPipelineMetadata - description: The pipeline metadata for Export-to-CDW pipeline. - gcsIngestPipelineMetadata: - description: The pipeline metadata for GcsIngest pipeline. - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1RunPipelineMetadataGcsIngestPipelineMetadata - totalFileCount: - description: Number of files that were processed by the pipeline. - type: integer - format: int32 - processWithDocAiPipelineMetadata: - description: The pipeline metadata for Process-with-DocAi pipeline. - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1RunPipelineMetadataProcessWithDocAiPipelineMetadata - failedFileCount: - format: int32 - description: Number of files that have failed at some point in the pipeline. - type: integer - type: object - GoogleCloudContentwarehouseV1EnumTypeOptions: - description: Configurations for an enum/categorical property. - properties: - possibleValues: - items: - type: string - description: Required. List of possible enum values. - type: array - validationCheckDisabled: - type: boolean - description: >- - Make sure the Enum property value provided in the document is in the - possile value list during document creation. The validation check - runs by default. - id: GoogleCloudContentwarehouseV1EnumTypeOptions - type: object - GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutListEntry: - description: Represents an entry in the list. type: object + GoogleCloudContentwarehouseV1ListLinkedTargetsResponse: properties: - blocks: + nextPageToken: description: >- - A list entry is a list of blocks. Repeated blocks support further - hierarchies and nested blocks. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlock - id: >- - GoogleCloudDocumentaiV1DocumentDocumentLayoutDocumentLayoutBlockLayoutListEntry - GoogleCloudContentwarehouseV1DateTimeArray: - type: object - id: GoogleCloudContentwarehouseV1DateTimeArray - properties: - values: + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + documentLinks: items: - $ref: '#/components/schemas/GoogleTypeDateTime' + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentLink' type: array - description: >- - List of datetime values. Both OffsetDateTime and ZonedDateTime are - supported. - description: DateTime values. - GoogleCloudContentwarehouseV1UpdateDocumentSchemaRequest: + description: Target document-links. + id: GoogleCloudContentwarehouseV1ListLinkedTargetsResponse + type: object + description: Response message for DocumentLinkService.ListLinkedTargets. + GoogleCloudContentwarehouseV1InvalidRule: type: object - description: Request message for DocumentSchemaService.UpdateDocumentSchema. + id: GoogleCloudContentwarehouseV1InvalidRule + description: A triggered rule that failed the validation check(s) after parsing. properties: - documentSchema: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentSchema' - description: Required. The document schema to update with. - id: GoogleCloudContentwarehouseV1UpdateDocumentSchemaRequest - GoogleCloudDocumentaiV1DocumentPageAnchor: + rule: + description: Triggered rule. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Rule' + error: + description: Validation error on a parsed expression. + type: string + GoogleCloudContentwarehouseV1FloatArray: properties: - pageRefs: - description: One or more references to visual page elements + values: items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentPageAnchorPageRef + type: number + format: float + description: List of float values. type: array - id: GoogleCloudDocumentaiV1DocumentPageAnchor + description: Float values. type: object - description: >- - Referencing the visual context of the entity in the Document.pages. Page - anchors can be cross-page, consist of multiple bounding polygons and - optionally reference specific layout element types. - GoogleCloudContentwarehouseV1GcsIngestWithDocAiProcessorsPipeline: - id: GoogleCloudContentwarehouseV1GcsIngestWithDocAiProcessorsPipeline - description: >- - The configuration of the Cloud Storage Ingestion with DocAI Processors - pipeline. + id: GoogleCloudContentwarehouseV1FloatArray + GoogleCloudContentwarehouseV1QAResult: + id: GoogleCloudContentwarehouseV1QAResult + description: Additional result info for the question-answering feature. properties: - processorResultsFolderPath: - type: string - description: >- - The Cloud Storage folder path used to store the raw results from - processors. Format: `gs:///`. - splitClassifyProcessorInfo: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ProcessorInfo' - description: >- - The split and classify processor information. The split and classify - result will be used to find a matched extract processor. - pipelineConfig: - description: >- - Optional. The config for the Cloud Storage Ingestion with DocAI - Processors pipeline. It provides additional customization options to - run the pipeline and can be skipped if it is not applicable. - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1IngestPipelineConfig - inputPath: - description: >- - The input Cloud Storage folder. All files under this folder will be - imported to Document Warehouse. Format: `gs:///`. - type: string - extractProcessorInfos: + highlights: + description: Highlighted sections in the snippet. type: array items: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ProcessorInfo' - description: >- - The extract processors information. One matched extract processor - will be used to process documents based on the classify processor - result. If no classify processor is specified, the first extract - processor will be used. - skipIngestedDocuments: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1QAResultHighlight + confidenceScore: description: >- - The flag whether to skip ingested documents. If it is set to true, - documents in Cloud Storage contains key "status" with value - "status=ingested" in custom metadata will be skipped to ingest. - type: boolean + The calibrated confidence score for this document, in the range [0., + 1.]. This represents the confidence level for whether the returned + document and snippet answers the user's query. + format: float + type: number type: object - GoogleCloudContentwarehouseV1HistogramQueryPropertyNameFilter: + GoogleCloudContentwarehouseV1CreateDocumentResponse: + id: GoogleCloudContentwarehouseV1CreateDocumentResponse type: object + description: Response message for DocumentService.CreateDocument. properties: - propertyNames: + longRunningOperations: + description: post-processing LROs type: array - description: >- - It is optional. It will perform histogram for all the property names - if it is not set. The properties need to be defined with the - is_filterable flag set to true and the name of the property should - be in the format: "schemaId.propertyName". The property needs to be - defined in the schema. Example: the schema id is abc. Then the name - of property for property MORTGAGE_TYPE will be "abc.MORTGAGE_TYPE". items: - type: string - documentSchemas: + $ref: '#/components/schemas/GoogleLongrunningOperation' + document: + description: Document created after executing create request. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Document' + ruleEngineOutput: description: >- - This filter specifies the exact document schema(s) - Document.document_schema_name to run histogram query against. It is - optional. It will perform histogram for property names for all the - document schemas if it is not set. At most 10 document schema names - are allowed. Format: - projects/{project_number}/locations/{location}/documentSchemas/{document_schema_id}. - type: array - items: - type: string - yAxis: + Output from Rule Engine recording the rule evaluator and action + executor's output. Refer format in: + google/cloud/contentwarehouse/v1/rule_engine.proto + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleEngineOutput' + metadata: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ResponseMetadata' description: >- - By default, the y_axis is HISTOGRAM_YAXIS_DOCUMENT if this field is - not set. - type: string - enumDescriptions: - - Count the documents per property name. - - Count the properties per property name. - enum: - - HISTOGRAM_YAXIS_DOCUMENT - - HISTOGRAM_YAXIS_PROPERTY - id: GoogleCloudContentwarehouseV1HistogramQueryPropertyNameFilter - GoogleCloudContentwarehouseV1RunPipelineRequest: - id: GoogleCloudContentwarehouseV1RunPipelineRequest + Additional information for the API invocation, such as the request + tracking id. + GoogleCloudContentwarehouseV1TimestampTypeOptions: + description: Configurations for a timestamp property. + id: GoogleCloudContentwarehouseV1TimestampTypeOptions type: object + properties: {} + GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageSpan: + description: Represents where the chunk starts and ends in the document. properties: - gcsIngestWithDocAiProcessorsPipeline: - description: >- - Use DocAI processors to process documents in Cloud Storage and - ingest them to Document Warehouse. - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1GcsIngestWithDocAiProcessorsPipeline - gcsIngestPipeline: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1GcsIngestPipeline' - description: Cloud Storage ingestion pipeline. - processWithDocAiPipeline: - description: >- - Use a DocAI processor to process documents in Document Warehouse, - and re-ingest the updated results into Document Warehouse. - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1ProcessWithDocAiPipeline - exportCdwPipeline: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1ExportToCdwPipeline - description: >- - Export docuemnts from Document Warehouse to CDW for training - purpose. - requestMetadata: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RequestMetadata' - description: >- - The meta information collected about the end user, used to enforce - access control for the service. - description: Request message for DocumentService.RunPipeline. - GoogleCloudDocumentaiV1DocumentShardInfo: - id: GoogleCloudDocumentaiV1DocumentShardInfo + pageEnd: + description: Page where chunk ends in the document. + type: integer + format: int32 + pageStart: + type: integer + description: Page where chunk starts in the document. + format: int32 + id: GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageSpan type: object - properties: - shardIndex: - type: string - description: The 0-based index of this shard. - format: int64 - textOffset: - format: int64 - description: >- - The index of the first character in Document.text in the overall - document global text. - type: string - shardCount: - type: string - description: Total number of shards. - format: int64 + GoogleCloudDocumentaiV1DocumentPageBlock: description: >- - For a large document, sharding may be performed to produce several - document shards. Each document shard contains this field to detail which - shard it is. - GoogleCloudDocumentaiV1DocumentPageTable: + A block has a set of lines (collected into paragraphs) that have a + common line-spacing and orientation. type: object - id: GoogleCloudDocumentaiV1DocumentPageTable - description: A table representation similar to HTML table structure. + id: GoogleCloudDocumentaiV1DocumentPageBlock properties: - bodyRows: - items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentPageTableTableRow - type: array - description: Body rows of the table. layout: - description: Layout for Table. + description: Layout for Block. $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentPageLayout' - headerRows: - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DocumentPageTableTableRow - description: Header rows of the table. + provenance: + deprecated: true + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentProvenance' + description: The history of this annotation. detectedLanguages: - type: array - description: A list of detected languages together with confidence. items: $ref: >- #/components/schemas/GoogleCloudDocumentaiV1DocumentPageDetectedLanguage - provenance: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentProvenance' - deprecated: true - description: The history of this table. - GoogleCloudContentwarehouseV1HistogramQueryResult: + description: A list of detected languages together with confidence. + type: array + GoogleCloudContentwarehouseV1DeleteDocumentAction: + id: GoogleCloudContentwarehouseV1DeleteDocumentAction + properties: + enableHardDelete: + type: boolean + description: >- + Boolean field to select between hard vs soft delete options. Set + 'true' for 'hard delete' and 'false' for 'soft delete'. + type: object + description: Represents the action responsible for deleting the document. + GoogleCloudDocumentaiV1DocumentEntityNormalizedValue: type: object - description: Histogram result that matches HistogramQuery specified in searches. - id: GoogleCloudContentwarehouseV1HistogramQueryResult properties: - histogram: + dateValue: + description: >- + Date value. Includes year, month, day. See also: + https://github.com/googleapis/googleapis/blob/master/google/type/date.proto + $ref: '#/components/schemas/GoogleTypeDate' + integerValue: + format: int32 + description: Integer value. + type: integer + booleanValue: + type: boolean + description: >- + Boolean value. Can be used for entities with binary values, or for + checkboxes. + text: description: >- - A map from the values of the facet associated with distinct values - to the number of matching entries with corresponding value. The key - format is: * (for string histogram) string values stored in the - field. - additionalProperties: - format: int64 - type: string - type: object - histogramQuery: + Optional. An optional field to store a normalized string. For some + entity types, one of respective `structured_value` fields may also + be populated. Also not all the types of `structured_value` will be + normalized. For example, some processors may not generate `float` or + `integer` normalized text by default. Below are sample formats + mapped to structured values. - Money/Currency type (`money_value`) + is in the ISO 4217 text format. - Date type (`date_value`) is in the + ISO 8601 text format. - Datetime type (`datetime_value`) is in the + ISO 8601 text format. type: string - description: Requested histogram expression. - GoogleCloudContentwarehouseV1FetchAclResponse: + datetimeValue: + description: >- + DateTime value. Includes date, time, and timezone. See also: + https://github.com/googleapis/googleapis/blob/master/google/type/datetime.proto + $ref: '#/components/schemas/GoogleTypeDateTime' + addressValue: + description: >- + Postal address. See also: + https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto + $ref: '#/components/schemas/GoogleTypePostalAddress' + moneyValue: + $ref: '#/components/schemas/GoogleTypeMoney' + description: >- + Money value. See also: + https://github.com/googleapis/googleapis/blob/master/google/type/money.proto + floatValue: + description: Float value. + type: number + format: float + description: Parsed and normalized entity value. + id: GoogleCloudDocumentaiV1DocumentEntityNormalizedValue + GoogleCloudContentwarehouseV1IngestPipelineConfig: properties: - metadata: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1ResponseMetadata' + enableDocumentTextExtraction: + type: boolean description: >- - Additional information for the API invocation, such as the request - tracking id. - policy: + The document text extraction enabled flag. If the flag is set to + true, DWH will perform text extraction on the raw document. + documentAclPolicy: $ref: '#/components/schemas/GoogleIamV1Policy' - description: The IAM policy. - id: GoogleCloudContentwarehouseV1FetchAclResponse - type: object - description: Response message for DocumentService.FetchAcl. - GoogleCloudContentwarehouseV1DataUpdateAction: + description: >- + The document level acl policy config. This refers to an Identity and + Access (IAM) policy, which specifies access controls for all + documents ingested by the pipeline. The role and members under the + policy needs to be specified. The following roles are supported for + document level acl control: * roles/contentwarehouse.documentAdmin * + roles/contentwarehouse.documentEditor * + roles/contentwarehouse.documentViewer The following members are + supported for document level acl control: * + user:user-email@example.com * group:group-email@example.com Note + that for documents searched with LLM, only single level user or + group acl check is supported. + folder: + type: string + description: >- + Optional. The name of the folder to which all ingested documents + will be linked during ingestion process. Format is + `projects/{project}/locations/{location}/documents/{folder_id}` + cloudFunction: + type: string + description: >- + The Cloud Function resource name. The Cloud Function needs to live + inside consumer project and is accessible to Document AI Warehouse + P4SA. Only Cloud Functions V2 is supported. Cloud function execution + should complete within 5 minutes or this file ingestion may fail due + to timeout. Format: + `https://{region}-{project_id}.cloudfunctions.net/{cloud_function}` + The following keys are available the request json payload. * + display_name * properties * plain_text * reference_id * + document_schema_name * raw_document_path * raw_document_file_type + The following keys from the cloud function json response payload + will be ingested to the Document AI Warehouse as part of Document + proto content and/or related information. The original values will + be overridden if any key is present in the response. * display_name + * properties * plain_text * document_acl_policy * folder + id: GoogleCloudContentwarehouseV1IngestPipelineConfig + description: The ingestion pipeline config. type: object + GoogleCloudContentwarehouseV1MapProperty: properties: - entries: - type: object + fields: additionalProperties: - type: string - description: >- - Map of (K, V) -> (valid name of the field, new value of the field) - E.g., ("age", "60") entry triggers update of field age with a value - of 60. If the field is not present then new entry is added. During - update action execution, value strings will be casted to appropriate - types. - id: GoogleCloudContentwarehouseV1DataUpdateAction - description: Represents the action responsible for properties update operations. - GoogleCloudContentwarehouseV1FloatArray: - id: GoogleCloudContentwarehouseV1FloatArray - description: Float values. + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Value' + type: object + description: Unordered map of dynamically typed values. + description: >- + Map property value. Represents a structured entries of key value pairs, + consisting of field names which map to dynamically typed values. + id: GoogleCloudContentwarehouseV1MapProperty type: object - properties: - values: - items: - type: number - format: float - type: array - description: List of float values. parameters: - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -5105,33 +5093,39 @@ components: name: quotaUser schema: type: string - access_token: - description: OAuth access token. + callback: + description: JSONP in: query - name: access_token + name: callback schema: type: string - _.xgafv: - description: V1 error format. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: $.xgafv + name: oauth_token schema: type: string - enum: - - '1' - - '2' - callback: - description: JSONP + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: callback + name: prettyPrint + schema: + type: boolean + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + _.xgafv: + description: V1 error format. in: query - name: upload_protocol + name: $.xgafv schema: type: string + enum: + - '1' + - '2' alt: description: Data format for response. in: query @@ -5142,10 +5136,13 @@ components: - json - media - proto - oauth_token: - description: OAuth 2.0 token for the current user. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: oauth_token + name: key schema: type: string fields: @@ -5154,111 +5151,51 @@ components: name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + access_token: + description: OAuth access token. in: query - name: key + name: access_token schema: type: string - x-stackQL-resources: - projects: - id: google.contentwarehouse.projects - name: projects - title: Projects - methods: - set_acl: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}:setAcl/post' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - acls: - id: google.contentwarehouse.acls - name: acls - title: Acls - methods: - fetch_acl: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}:fetchAcl/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/acls/methods/fetch_acl' - insert: [] - update: [] - replace: [] - delete: [] - status: - id: google.contentwarehouse.status - name: status - title: Status - methods: - get_status: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:getStatus/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/status/methods/get_status' - insert: [] - update: [] - replace: [] - delete: [] - locations: - id: google.contentwarehouse.locations - name: locations - title: Locations + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + x-stackQL-resources: + acls: + id: google.contentwarehouse.acls + name: acls + title: Acls methods: - initialize: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:initialize/post - response: - mediaType: application/json - openAPIDocKey: '200' - run_pipeline: + fetch_acl: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:runPipeline/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}:fetchAcl/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] + select: + - $ref: '#/components/x-stackQL-resources/acls/methods/fetch_acl' insert: [] update: [] replace: [] delete: [] - operations: - id: google.contentwarehouse.operations - name: operations - title: Operations + projects: + id: google.contentwarehouse.projects + name: projects + title: Projects methods: - get: + set_acl: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + $ref: '#/paths/~1v1~1projects~1{projectsId}:setAcl/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' + select: [] insert: [] update: [] replace: [] @@ -5268,17 +5205,17 @@ components: name: document_schemas title: Document_schemas methods: - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documentSchemas~1{documentSchemasId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documentSchemas~1{documentSchemasId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documentSchemas~1{documentSchemasId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documentSchemas~1{documentSchemasId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -5315,274 +5252,339 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/document_schemas/methods/delete' - documents: - id: google.contentwarehouse.documents - name: documents - title: Documents + operations: + id: google.contentwarehouse.operations + name: operations + title: Operations methods: get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}:get/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + insert: [] + update: [] + replace: [] + delete: [] + synonym_sets: + id: google.contentwarehouse.synonym_sets + name: synonym_sets + title: Synonym_sets + methods: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1synonymSets/get response: mediaType: application/json openAPIDocKey: '200' - set_acl: + objectKey: $.synonymSets + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}:setAcl/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1synonymSets/post response: mediaType: application/json openAPIDocKey: '200' - lock: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}:lock/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1synonymSets~1{synonymSetsId}/patch response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}:delete/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1synonymSets~1{synonymSetsId}/delete response: mediaType: application/json openAPIDocKey: '200' - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1synonymSets~1{synonymSetsId}/get response: mediaType: application/json openAPIDocKey: '200' - linked_targets: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/synonym_sets/methods/get' + - $ref: '#/components/x-stackQL-resources/synonym_sets/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/synonym_sets/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/synonym_sets/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/synonym_sets/methods/delete' + rule_sets: + id: google.contentwarehouse.rule_sets + name: rule_sets + title: Rule_sets + methods: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}~1linkedTargets/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ruleSets~1{ruleSetsId}/get response: mediaType: application/json openAPIDocKey: '200' - search: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents:search/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ruleSets~1{ruleSetsId}/delete response: mediaType: application/json openAPIDocKey: '200' - linked_sources: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}~1linkedSources/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ruleSets~1{ruleSetsId}/patch response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/documents/methods/get' - insert: - - $ref: '#/components/x-stackQL-resources/documents/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/documents/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/documents/methods/delete' - document_links: - id: google.contentwarehouse.document_links - name: document_links - title: Document_links - methods: create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}~1documentLinks/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ruleSets/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}~1documentLinks~1{documentLinksId}:delete/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ruleSets/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.ruleSets sqlVerbs: - select: [] + select: + - $ref: '#/components/x-stackQL-resources/rule_sets/methods/get' + - $ref: '#/components/x-stackQL-resources/rule_sets/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/document_links/methods/create' - update: [] + - $ref: '#/components/x-stackQL-resources/rule_sets/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/rule_sets/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/document_links/methods/delete' - reference_id: - id: google.contentwarehouse.reference_id - name: reference_id - title: Reference_id + - $ref: '#/components/x-stackQL-resources/rule_sets/methods/delete' + documents: + id: google.contentwarehouse.documents + name: documents + title: Documents methods: - get: + linked_sources: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1referenceId~1{referenceIdId}:get/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}~1linkedSources/post response: mediaType: application/json openAPIDocKey: '200' - patch: + set_acl: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1referenceId~1{referenceIdId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}:setAcl/post response: mediaType: application/json openAPIDocKey: '200' - delete: + linked_targets: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1referenceId~1{referenceIdId}:delete/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}~1linkedTargets/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/reference_id/methods/get' - insert: [] - update: - - $ref: '#/components/x-stackQL-resources/reference_id/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/reference_id/methods/delete' - synonym_sets: - id: google.contentwarehouse.synonym_sets - name: synonym_sets - title: Synonym_sets - methods: - get: + lock: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1synonymSets~1{synonymSetsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}:lock/post response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1synonymSets~1{synonymSetsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1synonymSets~1{synonymSetsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents/post response: mediaType: application/json openAPIDocKey: '200' - create: + search: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1synonymSets/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents:search/post response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1synonymSets/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}:delete/post + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}:get/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.synonymSets sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/synonym_sets/methods/get' - - $ref: '#/components/x-stackQL-resources/synonym_sets/methods/list' + - $ref: '#/components/x-stackQL-resources/documents/methods/get' insert: - - $ref: '#/components/x-stackQL-resources/synonym_sets/methods/create' + - $ref: '#/components/x-stackQL-resources/documents/methods/create' update: - - $ref: '#/components/x-stackQL-resources/synonym_sets/methods/patch' + - $ref: '#/components/x-stackQL-resources/documents/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/synonym_sets/methods/delete' - rule_sets: - id: google.contentwarehouse.rule_sets - name: rule_sets - title: Rule_sets + - $ref: '#/components/x-stackQL-resources/documents/methods/delete' + document_links: + id: google.contentwarehouse.document_links + name: document_links + title: Document_links methods: create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ruleSets/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}~1documentLinks/post + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1{documentsId}~1documentLinks~1{documentLinksId}:delete/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: + - $ref: '#/components/x-stackQL-resources/document_links/methods/create' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/document_links/methods/delete' + reference_id: + id: google.contentwarehouse.reference_id + name: reference_id + title: Reference_id + methods: + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1referenceId~1{referenceIdId}:get/post + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1referenceId~1{referenceIdId}:delete/post response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ruleSets/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1documents~1referenceId~1{referenceIdId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.ruleSets - get: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/reference_id/methods/get' + insert: [] + update: + - $ref: '#/components/x-stackQL-resources/reference_id/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/reference_id/methods/delete' + status: + id: google.contentwarehouse.status + name: status + title: Status + methods: + get_status: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ruleSets~1{ruleSetsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:getStatus/get response: mediaType: application/json openAPIDocKey: '200' - delete: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/status/methods/get_status' + insert: [] + update: [] + replace: [] + delete: [] + locations: + id: google.contentwarehouse.locations + name: locations + title: Locations + methods: + initialize: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ruleSets~1{ruleSetsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:initialize/post response: mediaType: application/json openAPIDocKey: '200' - patch: + run_pipeline: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1ruleSets~1{ruleSetsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:runPipeline/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/rule_sets/methods/get' - - $ref: '#/components/x-stackQL-resources/rule_sets/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/rule_sets/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/rule_sets/methods/patch' + select: [] + insert: [] + update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/rule_sets/methods/delete' + delete: [] paths: - /v1/projects/{projectsId}:setAcl: + /v1/projects/{projectsId}:fetchAcl: parameters: &ref_1 + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/_.xgafv' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/upload_protocol' post: description: >- - Sets the access control policy for a resource. Replaces any existing - policy. - operationId: contentwarehouse.projects.setAcl + Gets the access control policy for a resource. Returns NOT_FOUND error + if the resource does not exist. Returns an empty policy if the resource + exists but does not have a policy set. + operationId: contentwarehouse.projects.fetchAcl requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1SetAclRequest' + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1FetchAclRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5595,27 +5597,25 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1SetAclResponse + #/components/schemas/GoogleCloudContentwarehouseV1FetchAclResponse parameters: - in: path name: projectsId required: true schema: type: string - /v1/projects/{projectsId}:fetchAcl: + /v1/projects/{projectsId}:setAcl: parameters: *ref_1 post: description: >- - Gets the access control policy for a resource. Returns NOT_FOUND error - if the resource does not exist. Returns an empty policy if the resource - exists but does not have a policy set. - operationId: contentwarehouse.projects.fetchAcl + Sets the access control policy for a resource. Replaces any existing + policy. + operationId: contentwarehouse.projects.setAcl requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1FetchAclRequest + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1SetAclRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5628,18 +5628,30 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1FetchAclResponse + #/components/schemas/GoogleCloudContentwarehouseV1SetAclResponse parameters: - in: path name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}:getStatus: + /v1/projects/{projectsId}/locations/{locationsId}/documentSchemas/{documentSchemasId}: parameters: *ref_1 - get: - description: Get the project status. - operationId: contentwarehouse.projects.locations.getStatus + patch: + description: >- + Updates a Document Schema. Returns INVALID_ARGUMENT if the name of the + Document Schema is non-empty and does not equal the existing name. + Supports only appending new properties, adding new ENUM possible values, + and updating the EnumTypeOptions.validation_check_disabled flag for ENUM + possible values. Updating existing properties will result into + INVALID_ARGUMENT. + operationId: contentwarehouse.projects.locations.documentSchemas.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1UpdateDocumentSchemaRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5652,7 +5664,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1ProjectStatus + #/components/schemas/GoogleCloudContentwarehouseV1DocumentSchema parameters: - in: path name: projectsId @@ -5664,19 +5676,17 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}:initialize: - parameters: *ref_1 - post: + - in: path + name: documentSchemasId + required: true + schema: + type: string + delete: description: >- - Provisions resources for given tenant project. Returns a long running - operation. - operationId: contentwarehouse.projects.locations.initialize - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1InitializeProjectRequest + Deletes a document schema. Returns NOT_FOUND if the document schema does + not exist. Returns BAD_REQUEST if the document schema has documents + depending on it. + operationId: contentwarehouse.projects.locations.documentSchemas.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5688,7 +5698,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -5700,17 +5710,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}:runPipeline: - parameters: *ref_1 - post: - description: Run a predefined pipeline. - operationId: contentwarehouse.projects.locations.runPipeline - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1RunPipelineRequest + - in: path + name: documentSchemasId + required: true + schema: + type: string + get: + description: >- + Gets a document schema. Returns NOT_FOUND if the document schema does + not exist. + operationId: contentwarehouse.projects.locations.documentSchemas.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5722,7 +5731,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1DocumentSchema parameters: - in: path name: projectsId @@ -5734,14 +5744,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + - in: path + name: documentSchemasId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/documentSchemas: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: contentwarehouse.projects.locations.operations.get + post: + description: Creates a document schema. + operationId: contentwarehouse.projects.locations.documentSchemas.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentSchema' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5753,7 +5770,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1DocumentSchema parameters: - in: path name: projectsId @@ -5765,19 +5783,9 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/documentSchemas/{documentSchemasId}: - parameters: *ref_1 - delete: - description: >- - Deletes a document schema. Returns NOT_FOUND if the document schema does - not exist. Returns BAD_REQUEST if the document schema has documents - depending on it. - operationId: contentwarehouse.projects.locations.documentSchemas.delete + get: + description: Lists document schemas. + operationId: contentwarehouse.projects.locations.documentSchemas.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5789,7 +5797,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1ListDocumentSchemasResponse parameters: - in: path name: projectsId @@ -5801,26 +5810,23 @@ paths: required: true schema: type: string - - in: path - name: documentSchemasId - required: true + - in: query + name: pageToken schema: type: string - patch: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 + get: description: >- - Updates a Document Schema. Returns INVALID_ARGUMENT if the name of the - Document Schema is non-empty and does not equal the existing name. - Supports only appending new properties, adding new ENUM possible values, - and updating the EnumTypeOptions.validation_check_disabled flag for ENUM - possible values. Updating existing properties will result into - INVALID_ARGUMENT. - operationId: contentwarehouse.projects.locations.documentSchemas.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1UpdateDocumentSchemaRequest + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: contentwarehouse.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5832,8 +5838,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1DocumentSchema + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -5846,15 +5851,15 @@ paths: schema: type: string - in: path - name: documentSchemasId + name: operationsId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/synonymSets: + parameters: *ref_1 get: - description: >- - Gets a document schema. Returns NOT_FOUND if the document schema does - not exist. - operationId: contentwarehouse.projects.locations.documentSchemas.get + description: Returns all SynonymSets (for all contexts) for the specified location. + operationId: contentwarehouse.projects.locations.synonymSets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5867,7 +5872,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1DocumentSchema + #/components/schemas/GoogleCloudContentwarehouseV1ListSynonymSetsResponse parameters: - in: path name: projectsId @@ -5879,21 +5884,25 @@ paths: required: true schema: type: string - - in: path - name: documentSchemasId - required: true + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/documentSchemas: - parameters: *ref_1 + - in: query + name: pageSize + schema: + type: integer + format: int32 post: - description: Creates a document schema. - operationId: contentwarehouse.projects.locations.documentSchemas.create + description: >- + Creates a SynonymSet for a single context. Throws an ALREADY_EXISTS + exception if a synonymset already exists for the context. + operationId: contentwarehouse.projects.locations.synonymSets.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentSchema' + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1SynonymSet' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5905,8 +5914,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1DocumentSchema + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1SynonymSet' parameters: - in: path name: projectsId @@ -5918,9 +5926,18 @@ paths: required: true schema: type: string - get: - description: Lists document schemas. - operationId: contentwarehouse.projects.locations.documentSchemas.list + /v1/projects/{projectsId}/locations/{locationsId}/synonymSets/{synonymSetsId}: + parameters: *ref_1 + patch: + description: >- + Remove the existing SynonymSet for the context and replaces it with a + new one. Throws a NOT_FOUND exception if the SynonymSet is not found. + operationId: contentwarehouse.projects.locations.synonymSets.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1SynonymSet' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5932,8 +5949,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1ListDocumentSchemasResponse + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1SynonymSet' parameters: - in: path name: projectsId @@ -5945,29 +5961,16 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: synonymSetsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}:fetchAcl: - parameters: *ref_1 - post: + delete: description: >- - Gets the access control policy for a resource. Returns NOT_FOUND error - if the resource does not exist. Returns an empty policy if the resource - exists but does not have a policy set. - operationId: contentwarehouse.projects.locations.documents.fetchAcl - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1FetchAclRequest + Deletes a SynonymSet for a given context. Throws a NOT_FOUND exception + if the SynonymSet is not found. + operationId: contentwarehouse.projects.locations.synonymSets.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5979,8 +5982,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1FetchAclResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -5993,21 +5995,15 @@ paths: schema: type: string - in: path - name: documentsId + name: synonymSetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}:get: - parameters: *ref_1 - post: - description: Gets a document. Returns NOT_FOUND if the document does not exist. - operationId: contentwarehouse.projects.locations.documents.get - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1GetDocumentRequest + get: + description: >- + Gets a SynonymSet for a particular context. Throws a NOT_FOUND exception + if the Synonymset does not exist + operationId: contentwarehouse.projects.locations.synonymSets.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6019,7 +6015,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Document' + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1SynonymSet' parameters: - in: path name: projectsId @@ -6032,23 +6028,15 @@ paths: schema: type: string - in: path - name: documentsId + name: synonymSetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}: + /v1/projects/{projectsId}/locations/{locationsId}/ruleSets/{ruleSetsId}: parameters: *ref_1 - patch: - description: >- - Updates a document. Returns INVALID_ARGUMENT if the name of the document - is non-empty and does not equal the existing name. - operationId: contentwarehouse.projects.locations.documents.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1UpdateDocumentRequest + get: + description: Gets a ruleset. Returns NOT_FOUND if the ruleset does not exist. + operationId: contentwarehouse.projects.locations.ruleSets.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6060,8 +6048,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1UpdateDocumentResponse + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleSet' parameters: - in: path name: projectsId @@ -6074,22 +6061,13 @@ paths: schema: type: string - in: path - name: documentsId + name: ruleSetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}:setAcl: - parameters: *ref_1 - post: - description: >- - Sets the access control policy for a resource. Replaces any existing - policy. - operationId: contentwarehouse.projects.locations.documents.setAcl - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1SetAclRequest' + delete: + description: Deletes a ruleset. Returns NOT_FOUND if the document does not exist. + operationId: contentwarehouse.projects.locations.ruleSets.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6101,8 +6079,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1SetAclResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -6115,21 +6092,21 @@ paths: schema: type: string - in: path - name: documentsId + name: ruleSetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}:lock: - parameters: *ref_1 - post: - description: Lock the document so the document cannot be updated by other users. - operationId: contentwarehouse.projects.locations.documents.lock + patch: + description: >- + Updates a ruleset. Returns INVALID_ARGUMENT if the name of the ruleset + is non-empty and does not equal the existing name. + operationId: contentwarehouse.projects.locations.ruleSets.patch requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1LockDocumentRequest + #/components/schemas/GoogleCloudContentwarehouseV1UpdateRuleSetRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6141,7 +6118,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Document' + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleSet' parameters: - in: path name: projectsId @@ -6154,21 +6131,20 @@ paths: schema: type: string - in: path - name: documentsId + name: ruleSetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}:delete: + /v1/projects/{projectsId}/locations/{locationsId}/ruleSets: parameters: *ref_1 post: - description: Deletes a document. Returns NOT_FOUND if the document does not exist. - operationId: contentwarehouse.projects.locations.documents.delete + description: Creates a ruleset. + operationId: contentwarehouse.projects.locations.ruleSets.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1DeleteDocumentRequest + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleSet' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6180,7 +6156,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleSet' parameters: - in: path name: projectsId @@ -6192,22 +6168,9 @@ paths: required: true schema: type: string - - in: path - name: documentsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/documents: - parameters: *ref_1 - post: - description: Creates a document. - operationId: contentwarehouse.projects.locations.documents.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1CreateDocumentRequest + get: + description: Lists rulesets. + operationId: contentwarehouse.projects.locations.ruleSets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6220,7 +6183,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1CreateDocumentResponse + #/components/schemas/GoogleCloudContentwarehouseV1ListRuleSetsResponse parameters: - in: path name: projectsId @@ -6232,17 +6195,26 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}/linkedTargets: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}/linkedSources: parameters: *ref_1 post: - description: Return all target document-links from the document. - operationId: contentwarehouse.projects.locations.documents.linkedTargets + description: Return all source document-links from the document. + operationId: contentwarehouse.projects.locations.documents.linkedSources requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1ListLinkedTargetsRequest + #/components/schemas/GoogleCloudContentwarehouseV1ListLinkedSourcesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6255,7 +6227,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1ListLinkedTargetsResponse + #/components/schemas/GoogleCloudContentwarehouseV1ListLinkedSourcesResponse parameters: - in: path name: projectsId @@ -6272,19 +6244,18 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/documents:search: + /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}:setAcl: parameters: *ref_1 post: description: >- - Searches for documents using provided SearchDocumentsRequest. This call - only returns documents that the caller has permission to search against. - operationId: contentwarehouse.projects.locations.documents.search + Sets the access control policy for a resource. Replaces any existing + policy. + operationId: contentwarehouse.projects.locations.documents.setAcl requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1SearchDocumentsRequest + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1SetAclRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6297,7 +6268,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1SearchDocumentsResponse + #/components/schemas/GoogleCloudContentwarehouseV1SetAclResponse parameters: - in: path name: projectsId @@ -6309,17 +6280,22 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}/linkedSources: + - in: path + name: documentsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}/linkedTargets: parameters: *ref_1 post: - description: Return all source document-links from the document. - operationId: contentwarehouse.projects.locations.documents.linkedSources + description: Return all target document-links from the document. + operationId: contentwarehouse.projects.locations.documents.linkedTargets requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1ListLinkedSourcesRequest + #/components/schemas/GoogleCloudContentwarehouseV1ListLinkedTargetsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6332,7 +6308,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1ListLinkedSourcesResponse + #/components/schemas/GoogleCloudContentwarehouseV1ListLinkedTargetsResponse parameters: - in: path name: projectsId @@ -6349,17 +6325,17 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}/documentLinks: + /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}:lock: parameters: *ref_1 post: - description: Create a link between a source document and a target document. - operationId: contentwarehouse.projects.locations.documents.documentLinks.create + description: Lock the document so the document cannot be updated by other users. + operationId: contentwarehouse.projects.locations.documents.lock requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1CreateDocumentLinkRequest + #/components/schemas/GoogleCloudContentwarehouseV1LockDocumentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6371,7 +6347,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentLink' + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Document' parameters: - in: path name: projectsId @@ -6388,17 +6364,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}/documentLinks/{documentLinksId}:delete: + /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}: parameters: *ref_1 - post: - description: Remove the link between the source and target documents. - operationId: contentwarehouse.projects.locations.documents.documentLinks.delete + patch: + description: >- + Updates a document. Returns INVALID_ARGUMENT if the name of the document + is non-empty and does not equal the existing name. + operationId: contentwarehouse.projects.locations.documents.patch requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1DeleteDocumentLinkRequest + #/components/schemas/GoogleCloudContentwarehouseV1UpdateDocumentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6410,7 +6388,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1UpdateDocumentResponse parameters: - in: path name: projectsId @@ -6427,22 +6406,17 @@ paths: required: true schema: type: string - - in: path - name: documentLinksId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/documents/referenceId/{referenceIdId}:get: + /v1/projects/{projectsId}/locations/{locationsId}/documents: parameters: *ref_1 post: - description: Gets a document. Returns NOT_FOUND if the document does not exist. - operationId: contentwarehouse.projects.locations.documents.referenceId.get + description: Creates a document. + operationId: contentwarehouse.projects.locations.documents.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1GetDocumentRequest + #/components/schemas/GoogleCloudContentwarehouseV1CreateDocumentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6454,7 +6428,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Document' + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1CreateDocumentResponse parameters: - in: path name: projectsId @@ -6466,24 +6441,19 @@ paths: required: true schema: type: string - - in: path - name: referenceIdId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/documents/referenceId/{referenceIdId}: + /v1/projects/{projectsId}/locations/{locationsId}/documents:search: parameters: *ref_1 - patch: + post: description: >- - Updates a document. Returns INVALID_ARGUMENT if the name of the document - is non-empty and does not equal the existing name. - operationId: contentwarehouse.projects.locations.documents.referenceId.patch + Searches for documents using provided SearchDocumentsRequest. This call + only returns documents that the caller has permission to search against. + operationId: contentwarehouse.projects.locations.documents.search requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1UpdateDocumentRequest + #/components/schemas/GoogleCloudContentwarehouseV1SearchDocumentsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6496,7 +6466,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1UpdateDocumentResponse + #/components/schemas/GoogleCloudContentwarehouseV1SearchDocumentsResponse parameters: - in: path name: projectsId @@ -6508,16 +6478,11 @@ paths: required: true schema: type: string - - in: path - name: referenceIdId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/documents/referenceId/{referenceIdId}:delete: + /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}:delete: parameters: *ref_1 post: description: Deletes a document. Returns NOT_FOUND if the document does not exist. - operationId: contentwarehouse.projects.locations.documents.referenceId.delete + operationId: contentwarehouse.projects.locations.documents.delete requestBody: content: application/json: @@ -6548,17 +6513,24 @@ paths: schema: type: string - in: path - name: referenceIdId + name: documentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/synonymSets/{synonymSetsId}: + /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}:fetchAcl: parameters: *ref_1 - get: + post: description: >- - Gets a SynonymSet for a particular context. Throws a NOT_FOUND exception - if the Synonymset does not exist - operationId: contentwarehouse.projects.locations.synonymSets.get + Gets the access control policy for a resource. Returns NOT_FOUND error + if the resource does not exist. Returns an empty policy if the resource + exists but does not have a policy set. + operationId: contentwarehouse.projects.locations.documents.fetchAcl + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1FetchAclRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6570,7 +6542,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1SynonymSet' + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1FetchAclResponse parameters: - in: path name: projectsId @@ -6583,20 +6556,21 @@ paths: schema: type: string - in: path - name: synonymSetsId + name: documentsId required: true schema: type: string - patch: - description: >- - Remove the existing SynonymSet for the context and replaces it with a - new one. Throws a NOT_FOUND exception if the SynonymSet is not found. - operationId: contentwarehouse.projects.locations.synonymSets.patch + /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}:get: + parameters: *ref_1 + post: + description: Gets a document. Returns NOT_FOUND if the document does not exist. + operationId: contentwarehouse.projects.locations.documents.get requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1SynonymSet' + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1GetDocumentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6608,7 +6582,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1SynonymSet' + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Document' parameters: - in: path name: projectsId @@ -6621,15 +6595,21 @@ paths: schema: type: string - in: path - name: synonymSetsId + name: documentsId required: true schema: type: string - delete: - description: >- - Deletes a SynonymSet for a given context. Throws a NOT_FOUND exception - if the SynonymSet is not found. - operationId: contentwarehouse.projects.locations.synonymSets.delete + /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}/documentLinks: + parameters: *ref_1 + post: + description: Create a link between a source document and a target document. + operationId: contentwarehouse.projects.locations.documents.documentLinks.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1CreateDocumentLinkRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6641,7 +6621,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1DocumentLink' parameters: - in: path name: projectsId @@ -6654,22 +6634,21 @@ paths: schema: type: string - in: path - name: synonymSetsId + name: documentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/synonymSets: + /v1/projects/{projectsId}/locations/{locationsId}/documents/{documentsId}/documentLinks/{documentLinksId}:delete: parameters: *ref_1 post: - description: >- - Creates a SynonymSet for a single context. Throws an ALREADY_EXISTS - exception if a synonymset already exists for the context. - operationId: contentwarehouse.projects.locations.synonymSets.create + description: Remove the link between the source and target documents. + operationId: contentwarehouse.projects.locations.documents.documentLinks.delete requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1SynonymSet' + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1DeleteDocumentLinkRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6681,7 +6660,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1SynonymSet' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -6693,9 +6672,27 @@ paths: required: true schema: type: string - get: - description: Returns all SynonymSets (for all contexts) for the specified location. - operationId: contentwarehouse.projects.locations.synonymSets.list + - in: path + name: documentsId + required: true + schema: + type: string + - in: path + name: documentLinksId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/documents/referenceId/{referenceIdId}:get: + parameters: *ref_1 + post: + description: Gets a document. Returns NOT_FOUND if the document does not exist. + operationId: contentwarehouse.projects.locations.documents.referenceId.get + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1GetDocumentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6707,8 +6704,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1ListSynonymSetsResponse + $ref: '#/components/schemas/GoogleCloudContentwarehouseV1Document' parameters: - in: path name: projectsId @@ -6720,25 +6716,22 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: referenceIdId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ruleSets: + /v1/projects/{projectsId}/locations/{locationsId}/documents/referenceId/{referenceIdId}:delete: parameters: *ref_1 post: - description: Creates a ruleset. - operationId: contentwarehouse.projects.locations.ruleSets.create + description: Deletes a document. Returns NOT_FOUND if the document does not exist. + operationId: contentwarehouse.projects.locations.documents.referenceId.delete requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleSet' + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1DeleteDocumentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6750,7 +6743,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleSet' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -6762,9 +6755,24 @@ paths: required: true schema: type: string - get: - description: Lists rulesets. - operationId: contentwarehouse.projects.locations.ruleSets.list + - in: path + name: referenceIdId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/documents/referenceId/{referenceIdId}: + parameters: *ref_1 + patch: + description: >- + Updates a document. Returns INVALID_ARGUMENT if the name of the document + is non-empty and does not equal the existing name. + operationId: contentwarehouse.projects.locations.documents.referenceId.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1UpdateDocumentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6777,7 +6785,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1ListRuleSetsResponse + #/components/schemas/GoogleCloudContentwarehouseV1UpdateDocumentResponse parameters: - in: path name: projectsId @@ -6789,20 +6797,16 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: referenceIdId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/ruleSets/{ruleSetsId}: + /v1/projects/{projectsId}/locations/{locationsId}:getStatus: parameters: *ref_1 get: - description: Gets a ruleset. Returns NOT_FOUND if the ruleset does not exist. - operationId: contentwarehouse.projects.locations.ruleSets.get + description: Get the project status. + operationId: contentwarehouse.projects.locations.getStatus security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6814,7 +6818,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleSet' + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1ProjectStatus parameters: - in: path name: projectsId @@ -6826,14 +6831,19 @@ paths: required: true schema: type: string - - in: path - name: ruleSetsId - required: true - schema: - type: string - delete: - description: Deletes a ruleset. Returns NOT_FOUND if the document does not exist. - operationId: contentwarehouse.projects.locations.ruleSets.delete + /v1/projects/{projectsId}/locations/{locationsId}:initialize: + parameters: *ref_1 + post: + description: >- + Provisions resources for given tenant project. Returns a long running + operation. + operationId: contentwarehouse.projects.locations.initialize + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudContentwarehouseV1InitializeProjectRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6845,7 +6855,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -6857,22 +6867,17 @@ paths: required: true schema: type: string - - in: path - name: ruleSetsId - required: true - schema: - type: string - patch: - description: >- - Updates a ruleset. Returns INVALID_ARGUMENT if the name of the ruleset - is non-empty and does not equal the existing name. - operationId: contentwarehouse.projects.locations.ruleSets.patch + /v1/projects/{projectsId}/locations/{locationsId}:runPipeline: + parameters: *ref_1 + post: + description: Run a predefined pipeline. + operationId: contentwarehouse.projects.locations.runPipeline requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudContentwarehouseV1UpdateRuleSetRequest + #/components/schemas/GoogleCloudContentwarehouseV1RunPipelineRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6884,7 +6889,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudContentwarehouseV1RuleSet' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -6896,8 +6901,3 @@ paths: required: true schema: type: string - - in: path - name: ruleSetsId - required: true - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/datacatalog.yaml b/providers/src/googleapis.com/v00.00.00000/services/datacatalog.yaml index 357e35f7..a9f2d663 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/datacatalog.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/datacatalog.yaml @@ -9,8 +9,8 @@ info: A fully managed and highly scalable data discovery and metadata management service. version: v1 - x-discovery-doc-revision: '20250822' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251112' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/data-catalog/docs/ servers: @@ -51,6 +51,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -669,6 +678,9 @@ components: featureOnlineStoreSpec: description: FeatureonlineStore spec for Vertex AI Feature Store. $ref: '#/components/schemas/GoogleCloudDatacatalogV1FeatureOnlineStoreSpec' + graphSpec: + description: Spec for graph. + $ref: '#/components/schemas/GoogleCloudDatacatalogV1GraphSpec' displayName: description: >- Display name of an entry. The maximum size is 500 bytes when encoded @@ -1471,6 +1483,124 @@ components: - STORAGE_TYPE_UNSPECIFIED - BIGTABLE - OPTIMIZED + GoogleCloudDatacatalogV1GraphSpec: + id: GoogleCloudDatacatalogV1GraphSpec + description: Specification that applies to a graph. + type: object + properties: + name: + description: >- + Output only. Fully qualified graph name. e.g. + `named_catalog.MyGraph` + readOnly: true + type: string + nodeTables: + description: Required. Node tables of the graph. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDatacatalogV1GraphSpecGraphElementTable + edgeTables: + description: Optional. Edge tables of the graph. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDatacatalogV1GraphSpecGraphElementTable + GoogleCloudDatacatalogV1GraphSpecGraphElementTable: + id: GoogleCloudDatacatalogV1GraphSpecGraphElementTable + description: Element table definition. + type: object + properties: + dataSource: + description: >- + Required. The name of the data source. This is either a table name + or a view name that is used for graph element input source. E.g. + `Person` table or `PersonView` view. + type: string + alias: + description: Required. The alias name of the graph element. + type: string + kind: + description: Required. The kind of the graph element. + type: string + enumDescriptions: + - Default unknown kind. + - Node kind. + - Edge kind. + enum: + - KIND_UNSPECIFIED + - NODE + - EDGE + inputSource: + description: Required. The input source of the graph element. + type: string + enumDescriptions: + - Default unknown input source. + - Table input source. + - View input source. + enum: + - INPUT_SOURCE_UNSPECIFIED + - TABLE + - VIEW + elementKeys: + description: Required. The name of the keys of the elements in the table. + type: array + items: + type: string + labelAndProperties: + description: Required. The labels and their properties for the graph element. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDatacatalogV1GraphSpecGraphElementTableLabelAndProperties + dynamicLabelEnabled: + description: >- + Optional. If true, the graph element has a dynamic label in + schemaless model. + type: boolean + dynamicPropertiesEnabled: + description: >- + Optional. If true, the graph element has dynamic properties in + schemaless model. + type: boolean + sourceNodeReference: + description: >- + Optional. Only applies to `kind = EDGE`. The reference to the source + node of the edge. This name must be a valid `alias` of a node + element in the same graph. Example, `Person` node can be a source + node of an edge element `Person_to_Address`. Similar rule applies to + `destination_node_reference`. + type: string + destinationNodeReference: + description: Optional. Only applies to `kind = EDGE`. + type: string + GoogleCloudDatacatalogV1GraphSpecGraphElementTableLabelAndProperties: + id: GoogleCloudDatacatalogV1GraphSpecGraphElementTableLabelAndProperties + description: >- + The label and its properties. Each label is associated with a set of + properties. + type: object + properties: + label: + description: Required. The name of the label. + type: string + properties: + description: Optional. The properties associated with the label. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDatacatalogV1GraphSpecGraphElementTableProperty + GoogleCloudDatacatalogV1GraphSpecGraphElementTableProperty: + id: GoogleCloudDatacatalogV1GraphSpecGraphElementTableProperty + description: A property declaration. + type: object + properties: + name: + description: Required. Property name. + type: string + type: + description: Required. Property data type. + type: string GoogleCloudDatacatalogV1BusinessContext: id: GoogleCloudDatacatalogV1BusinessContext description: Business Context of the entry. @@ -3981,6 +4111,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/dataflow.yaml b/providers/src/googleapis.com/v00.00.00000/services/dataflow.yaml index b1c9e00f..87348e09 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/dataflow.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/dataflow.yaml @@ -7,8 +7,8 @@ info: title: Dataflow API description: Manages Google Cloud Dataflow projects on Google Cloud Platform. version: v1b3 - x-discovery-doc-revision: '20250825' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251109' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/dataflow servers: @@ -666,7 +666,7 @@ components: items: $ref: '#/components/schemas/WorkerPool' userAgent: - description: A description of the process that generated the request. + description: Optional. A description of the process that generated the request. type: object additionalProperties: type: any diff --git a/providers/src/googleapis.com/v00.00.00000/services/dataform.yaml b/providers/src/googleapis.com/v00.00.00000/services/dataform.yaml index cec31727..1e309fcb 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/dataform.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/dataform.yaml @@ -8,9 +8,9 @@ info: description: >- Service to develop, version control, and operationalize SQL pipelines in BigQuery. - version: v1beta1 - x-discovery-doc-revision: '20250817' - x-generated-date: '2025-08-28' + version: v1 + x-discovery-doc-revision: '20251202' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/dataform/docs servers: @@ -39,10 +39,86 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: + Location: + properties: + displayName: + type: string + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + name: + type: string + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + labels: + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + type: object + additionalProperties: + type: string + type: object + id: Location + description: A resource that represents a Google Cloud location. + ResetWorkspaceChangesRequest: + description: '`ResetWorkspaceChanges` request message.' + properties: + paths: + type: array + items: + type: string + description: >- + Optional. Full file paths to reset back to their committed state + including filename, rooted at workspace root. If left empty, all + files will be reset. + clean: + type: boolean + description: Optional. If set to true, untracked files will be deleted. + id: ResetWorkspaceChangesRequest + type: object + SqlDefinition: + properties: + query: + type: string + description: >- + The SQL query representing the data preparation steps. Formatted as + a Pipe SQL query statement. + errorTable: + $ref: '#/components/schemas/ErrorTable' + description: Error table configuration, + load: + $ref: '#/components/schemas/LoadConfig' + description: Load configuration. + type: object + description: Definition of a SQL Data Preparation + id: SqlDefinition + TestIamPermissionsResponse: + properties: + permissions: + items: + type: string + type: array + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + type: object + id: TestIamPermissionsResponse + description: Response message for `TestIamPermissions` method. SetIamPolicyRequest: - id: SetIamPolicyRequest description: Request message for `SetIamPolicy` method. - type: object properties: policy: description: >- @@ -51,2469 +127,2488 @@ components: a valid policy but certain Google Cloud services (such as Projects) might reject them. $ref: '#/components/schemas/Policy' - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + id: SetIamPolicyRequest + type: object + MakeDirectoryRequest: + id: MakeDirectoryRequest type: object + description: '`MakeDirectory` request message.' properties: - version: + path: description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + Required. The directory's full path including directory name, + relative to the workspace root. + type: string + FetchGitAheadBehindResponse: + properties: + commitsBehind: type: integer format: int32 - bindings: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. + The number of commits in the workspace that are not in the remote + branch. + commitsAhead: + format: int32 + type: integer + description: >- + The number of commits in the remote branch that are not in the + workspace. + id: FetchGitAheadBehindResponse + description: '`FetchGitAheadBehind` response message.' + type: object + Declaration: + description: >- + Represents a relation which is not managed by Dataform but which may be + referenced by Dataform actions. + properties: + relationDescriptor: + $ref: '#/components/schemas/RelationDescriptor' + description: >- + Descriptor for the relation and its columns. Used as documentation + only, i.e. values here will result in no changes to the relation's + metadata. + type: object + id: Declaration + QueryWorkflowInvocationActionsResponse: + type: object + properties: + nextPageToken: + type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + workflowInvocationActions: + description: List of workflow invocation actions. type: array items: - $ref: '#/components/schemas/Binding' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + $ref: '#/components/schemas/WorkflowInvocationAction' + id: QueryWorkflowInvocationActionsResponse + description: '`QueryWorkflowInvocationActions` response message.' + RelationDescriptor: + properties: + description: type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + description: A text description of the relation. + columns: + type: array + items: + $ref: '#/components/schemas/ColumnDescriptor' + description: A list of descriptions of columns within the relation. + bigqueryLabels: + additionalProperties: + type: string + description: A set of BigQuery labels that should be applied to the relation. + type: object + description: Describes a relation and its columns. type: object + id: RelationDescriptor + PrivateResourceMetadata: properties: - role: + userScoped: + type: boolean + readOnly: true description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + Output only. If true, this resource is user-scoped, meaning it is + either a workspace or sourced from a workspace. + type: object + description: Metadata used to identify if a resource is user scoped. + id: PrivateResourceMetadata + RemoveFileResponse: + id: RemoveFileResponse + description: '`RemoveFile` response message.' + properties: {} + type: object + CancelOperationRequest: + properties: {} + id: CancelOperationRequest + description: The request message for Operations.CancelOperation. + type: object + CompilationResult: + description: Represents the result of compiling a Dataform project. + type: object + id: CompilationResult + properties: + internalMetadata: type: string - members: description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array + Output only. All the metadata information that is used internally to + serve the resource. For example: timestamps, flags, status fields, + etc. The format of this field is a JSON string. + readOnly: true + workspace: + description: >- + Immutable. The name of the workspace to compile. Must be in the + format `projects/*/locations/*/repositories/*/workspaces/*`. + type: string + gitCommitish: + description: >- + Immutable. Git commit/tag/branch name at which the repository should + be compiled. Must exist in the remote repository. Examples: - a + commit SHA: `12ade345` - a tag: `tag1` - a branch name: `branch1` + type: string + compilationErrors: + description: Output only. Errors encountered during project compilation. items: - type: string - condition: + $ref: '#/components/schemas/CompilationError' + type: array + readOnly: true + privateResourceMetadata: description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - type: object - properties: - expression: + Output only. Metadata indicating whether this resource is + user-scoped. `CompilationResult` resource is `user_scoped` only if + it is sourced from a workspace. + $ref: '#/components/schemas/PrivateResourceMetadata' + readOnly: true + createTime: + type: string + format: google-datetime description: >- - Textual representation of an expression in Common Expression - Language syntax. + Output only. The timestamp of when the compilation result was + created. + readOnly: true + dataformCoreVersion: type: string - title: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + Output only. The version of `@dataform/core` that was used for + compilation. + readOnly: true + resolvedGitCommitSha: + readOnly: true type: string - description: description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + Output only. The fully resolved Git commit SHA of the code that was + compiled. Not set for compilation results whose source is a + workspace. + releaseConfig: + description: >- + Immutable. The name of the release config to compile. Must be in the + format `projects/*/locations/*/repositories/*/releaseConfigs/*`. type: string - location: + codeCompilationConfig: + $ref: '#/components/schemas/CodeCompilationConfig' description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + Immutable. If set, fields of `code_compilation_config` override the + default compilation settings that are specified in dataform.json. + dataEncryptionState: + $ref: '#/components/schemas/DataEncryptionState' + description: Output only. Only set if the repository has a KMS Key. + readOnly: true + name: + readOnly: true type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object + description: Output only. The compilation result's name. + LoadConfig: + id: LoadConfig properties: - permissions: + append: + description: Append into destination table + $ref: '#/components/schemas/SimpleLoadMode' + replace: + $ref: '#/components/schemas/SimpleLoadMode' + description: Replace destination table + unique: description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. + Insert records where the value of a column is not already present in + the destination table + $ref: '#/components/schemas/IncrementalLoadMode' + maximum: + $ref: '#/components/schemas/IncrementalLoadMode' + description: >- + Insert records where the value exceeds the previous maximum value + for a column in the destination table + description: Simplified load configuration for actions type: object + CommitRepositoryChangesResponse: properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + commitSha: + type: string + description: The commit SHA of the current commit. + id: CommitRepositoryChangesResponse + type: object + description: '`CommitRepositoryChanges` response message.' + CompilationResultAction: type: object + id: CompilationResultAction + description: Represents a single Dataform action in a compilation result. properties: operations: + $ref: '#/components/schemas/Operations' + description: The database operations executed by this action. + notebook: + $ref: '#/components/schemas/Notebook' + description: The notebook executed by this action. + filePath: description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + The full path including filename in which this action is located, + relative to the workspace root. type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: + dataPreparation: + $ref: '#/components/schemas/DataPreparation' + description: The data preparation executed by this action. + internalMetadata: + readOnly: true description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + Output only. All the metadata information that is used internally to + serve the resource. For example: timestamps, flags, status fields, + etc. The format of this field is a JSON string. type: string - metadata: + assertion: + $ref: '#/components/schemas/Assertion' + description: The assertion executed by this action. + target: + description: This action's identifier. Unique within the compilation result. + $ref: '#/components/schemas/Target' + declaration: + description: The declaration declared by this action. + $ref: '#/components/schemas/Declaration' + relation: + $ref: '#/components/schemas/Relation' + description: The database relation created/updated by this action. + canonicalTarget: + $ref: '#/components/schemas/Target' description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object + The action's identifier if the project had been compiled without any + overrides configured. Unique within the compilation result. + SearchResult: properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. + directory: + $ref: '#/components/schemas/DirectorySearchResult' + description: Details when search result is a directory. + file: + $ref: '#/components/schemas/FileSearchResult' + description: Details when search result is a file. + description: Client-facing representation of a search result entry. + id: SearchResult type: object - properties: {} - ListRepositoriesResponse: - id: ListRepositoriesResponse - description: '`ListRepositories` response message.' + CompilationError: type: object properties: - repositories: - description: List of repositories. - type: array - items: - $ref: '#/components/schemas/Repository' - nextPageToken: + actionTarget: + readOnly: true + $ref: '#/components/schemas/Target' description: >- - A token which can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. - type: string - unreachable: - description: Locations which could not be reached. - type: array - items: - type: string - Repository: - id: Repository - description: Represents a Dataform Git repository. - type: object - properties: - name: - description: Identifier. The repository's name. + Output only. The identifier of the action where this error occurred, + if available. + message: type: string - createTime: - description: Output only. The timestamp of when the repository was created. + readOnly: true + description: Output only. The error's top level message. + path: readOnly: true type: string - format: google-datetime - displayName: - description: Optional. The repository's user-friendly name. - type: string - gitRemoteSettings: - description: >- - Optional. If set, configures this repository to be linked to a Git - remote. - $ref: '#/components/schemas/GitRemoteSettings' - npmrcEnvironmentVariablesSecretVersion: - description: >- - Optional. The name of the Secret Manager secret version to be used - to interpolate variables into the .npmrc file for package - installation operations. Must be in the format - `projects/*/secrets/*/versions/*`. The file itself must be in a JSON - format. - type: string - workspaceCompilationOverrides: - description: >- - Optional. If set, fields of `workspace_compilation_overrides` - override the default compilation settings that are specified in - dataform.json when creating workspace-scoped compilation results. - See documentation for `WorkspaceCompilationOverrides` for more - information. - $ref: '#/components/schemas/WorkspaceCompilationOverrides' - labels: - description: Optional. Repository user labels. - type: object - additionalProperties: - type: string - setAuthenticatedUserAdmin: description: >- - Optional. Input only. If set to true, the authenticated user will be - granted the roles/dataform.admin role on the created repository. To - modify access to the created repository later apply setIamPolicy - from - https://cloud.google.com/dataform/reference/rest#rest-resource:-v1beta1.projects.locations.repositories - type: boolean - serviceAccount: - description: Optional. The service account to run workflow invocations under. + Output only. The path of the file where this error occurred, if + available, relative to the project root. + stack: + description: Output only. The error's full stack trace. type: string - kmsKeyName: - description: >- - Optional. The reference to a KMS encryption key. If provided, it - will be used to encrypt user data in the repository and all child - resources. It is not possible to add or update the encryption key - after the repository is created. Example: - `projects/{kms_project}/locations/{location}/keyRings/{key_location}/cryptoKeys/{key}` + readOnly: true + id: CompilationError + description: An error encountered when attempting to compile a Dataform project. + ReleaseConfig: + type: object + id: ReleaseConfig + description: Represents a Dataform release configuration. + properties: + releaseCompilationResult: type: string - dataEncryptionState: description: >- - Output only. A data encryption state of a Git repository if this - Repository is protected by a KMS key. + Optional. The name of the currently released compilation result for + this release config. This value is updated when a compilation result + is automatically created from this release config (using + cron_schedule), or when this resource is updated by API call + (perhaps to roll back to an earlier release). The compilation result + must have been created using this release config. Must be in the + format `projects/*/locations/*/repositories/*/compilationResults/*`. + recentScheduledReleaseRecords: readOnly: true - $ref: '#/components/schemas/DataEncryptionState' + description: >- + Output only. Records of the 10 most recent scheduled release + attempts, ordered in descending order of `release_time`. Updated + whenever automatic creation of a compilation result is triggered by + cron_schedule. + type: array + items: + $ref: '#/components/schemas/ScheduledReleaseRecord' internalMetadata: + type: string + readOnly: true description: >- Output only. All the metadata information that is used internally to serve the resource. For example: timestamps, flags, status fields, etc. The format of this field is a JSON string. - readOnly: true + timeZone: type: string - GitRemoteSettings: - id: GitRemoteSettings - description: Controls Git remote configuration for a repository. - type: object - properties: - url: - description: Required. The Git remote's URL. + description: >- + Optional. Specifies the time zone to be used when interpreting + cron_schedule. Must be a time zone name from the time zone database + (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). If + left unspecified, the default is UTC. + cronSchedule: + description: >- + Optional. Optional schedule (in cron format) for automatic creation + of compilation results. type: string - defaultBranch: - description: Required. The Git remote's default branch name. + name: type: string - authenticationTokenSecretVersion: + description: Identifier. The release config's name. + disabled: + description: Optional. Disables automatic creation of compilation results. + type: boolean + gitCommitish: description: >- - Optional. The name of the Secret Manager secret version to use as an - authentication token for Git operations. Must be in the format - `projects/*/secrets/*/versions/*`. + Required. Git commit/tag/branch name at which the repository should + be compiled. Must exist in the remote repository. Examples: - a + commit SHA: `12ade345` - a tag: `tag1` - a branch name: `branch1` type: string - sshAuthenticationConfig: - description: Optional. Authentication fields for remote uris using SSH protocol. - $ref: '#/components/schemas/SshAuthenticationConfig' - tokenStatus: + codeCompilationConfig: + $ref: '#/components/schemas/CodeCompilationConfig' description: >- - Output only. Deprecated: The field does not contain any token status - information. Instead use - https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories/computeAccessTokenStatus - readOnly: true - deprecated: true + Optional. If set, fields of `code_compilation_config` override the + default compilation settings that are specified in dataform.json. + MoveFileResponse: + description: '`MoveFile` response message.' + id: MoveFileResponse + type: object + properties: {} + ReadFileResponse: + description: '`ReadFile` response message.' + id: ReadFileResponse + properties: + fileContents: type: string - enumDescriptions: - - Default value. This value is unused. - - >- - The token could not be found in Secret Manager (or the Dataform - Service Account did not have permission to access it). - - >- - The token could not be used to authenticate against the Git - remote. - - >- - The token was used successfully to authenticate against the Git - remote. - enum: - - TOKEN_STATUS_UNSPECIFIED - - NOT_FOUND - - INVALID - - VALID - SshAuthenticationConfig: - id: SshAuthenticationConfig - description: Configures fields for performing SSH authentication. + format: byte + description: The file's contents. + type: object + PushGitCommitsResponse: + description: '`PushGitCommits` response message.' + properties: {} type: object + id: PushGitCommitsResponse + RemoveDirectoryRequest: properties: - userPrivateKeySecretVersion: - description: >- - Required. The name of the Secret Manager secret version to use as a - ssh private key for Git operations. Must be in the format - `projects/*/secrets/*/versions/*`. + path: type: string - hostPublicKey: description: >- - Required. Content of a public SSH key to verify an identity of a - remote Git host. - type: string - WorkspaceCompilationOverrides: - id: WorkspaceCompilationOverrides - description: >- - Configures workspace compilation overrides for a repository. Primarily - used by the UI (`console.cloud.google.com`). `schema_suffix` and - `table_prefix` can have a special expression - `${workspaceName}`, which - refers to the workspace name from which the compilation results will be - created. API callers are expected to resolve the expression in these - overrides and provide them explicitly in `code_compilation_config` - (https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories.compilationResults#codecompilationconfig) - when creating workspace-scoped compilation results. + Required. The directory's full path including directory name, + relative to the workspace root. type: object + id: RemoveDirectoryRequest + description: '`RemoveDirectory` request message.' + PushGitCommitsRequest: + description: '`PushGitCommits` request message.' properties: - defaultDatabase: - description: Optional. The default database (Google Cloud project ID). + remoteBranch: type: string - schemaSuffix: description: >- - Optional. The suffix that should be appended to all schema (BigQuery - dataset ID) names. - type: string - tablePrefix: - description: Optional. The prefix that should be prepended to all table names. - type: string - DataEncryptionState: - id: DataEncryptionState - description: Describes encryption state of a resource. + Optional. The name of the branch in the Git remote to which commits + should be pushed. If left unset, the repository's default branch + name will be used. type: object + id: PushGitCommitsRequest + Policy: + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). properties: - kmsKeyVersionName: + version: description: >- - Required. The KMS key version name with which data of a resource is - encrypted. + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + format: int32 + type: integer + etag: type: string - CommitRepositoryChangesRequest: - id: CommitRepositoryChangesRequest - description: '`CommitRepositoryChanges` request message.' - type: object - properties: - commitMetadata: - description: Required. The changes to commit to the repository. - $ref: '#/components/schemas/CommitMetadata' - requiredHeadCommitSha: description: >- - Optional. The commit SHA which must be the repository's current HEAD - before applying this commit; otherwise this request will fail. If - unset, no validation on the current HEAD commit SHA is performed. - type: string - fileOperations: + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + format: byte + bindings: description: >- - Optional. A map to the path of the file to the operation. The path - is the full file path including filename, from repository root. - type: object - additionalProperties: - $ref: '#/components/schemas/FileOperation' - CommitMetadata: - id: CommitMetadata - description: Represents a Dataform Git commit. + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + type: array + items: + $ref: '#/components/schemas/Binding' + id: Policy type: object - properties: - author: - description: Required. The commit's author. - $ref: '#/components/schemas/CommitAuthor' - commitMessage: - description: Optional. The commit's message. - type: string CommitAuthor: - id: CommitAuthor - description: Represents the author of a Git commit. type: object + description: Represents the author of a Git commit. + id: CommitAuthor properties: - name: - description: Required. The commit author's name. - type: string emailAddress: - description: Required. The commit author's email address. type: string - FileOperation: - id: FileOperation - description: Represents a single file operation to the repository. - type: object - properties: - writeFile: - description: Represents the write operation. - $ref: '#/components/schemas/WriteFile' - deleteFile: - description: Represents the delete operation. - $ref: '#/components/schemas/DeleteFile' - WriteFile: - id: WriteFile - description: Represents the write file operation (for files added or modified). - type: object - properties: - contents: - description: The file's contents. + description: Required. The commit author's email address. + name: type: string - format: byte - DeleteFile: - id: DeleteFile - description: Represents the delete file operation. - type: object - properties: {} - CommitRepositoryChangesResponse: - id: CommitRepositoryChangesResponse - description: '`CommitRepositoryChanges` response message.' - type: object + description: Required. The commit author's name. + WorkflowInvocationAction: properties: - commitSha: - description: The commit SHA of the current commit. + state: + enumDescriptions: + - The action has not yet been considered for invocation. + - The action is currently running. + - >- + Execution of the action was skipped because upstream dependencies + did not all complete successfully. A terminal state. + - >- + Execution of the action was disabled as per the configuration of + the corresponding compilation result action. A terminal state. + - The action succeeded. A terminal state. + - The action was cancelled. A terminal state. + - The action failed. A terminal state. type: string - ReadRepositoryFileResponse: - id: ReadRepositoryFileResponse - description: '`ReadRepositoryFile` response message.' - type: object - properties: - contents: - description: The file's contents. + enum: + - PENDING + - RUNNING + - SKIPPED + - DISABLED + - SUCCEEDED + - CANCELLED + - FAILED + readOnly: true + description: Output only. This action's current state. + failureReason: type: string - format: byte - QueryRepositoryDirectoryContentsResponse: - id: QueryRepositoryDirectoryContentsResponse - description: '`QueryRepositoryDirectoryContents` response message.' - type: object - properties: - directoryEntries: - description: List of entries in the directory. - type: array - items: - $ref: '#/components/schemas/DirectoryEntry' - nextPageToken: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - DirectoryEntry: - id: DirectoryEntry - description: Represents a single entry in a directory. - type: object - properties: - file: - description: A file in the directory. - type: string - directory: - description: A child directory in the directory. - type: string - FetchRepositoryHistoryResponse: - id: FetchRepositoryHistoryResponse - description: '`FetchRepositoryHistory` response message.' - type: object - properties: - commits: - description: A list of commit logs, ordered by 'git log' default order. - type: array - items: - $ref: '#/components/schemas/CommitLogEntry' - nextPageToken: + Output only. If and only if action's state is FAILED a failure + reason is set. + readOnly: true + canonicalTarget: + $ref: '#/components/schemas/Target' + readOnly: true description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Output only. The action's identifier if the project had been + compiled without any overrides configured. Unique within the + compilation result. + dataPreparationAction: + $ref: '#/components/schemas/DataPreparationAction' + description: Output only. The workflow action's data preparation action details. + readOnly: true + target: + description: >- + Output only. This action's identifier. Unique within the workflow + invocation. + $ref: '#/components/schemas/Target' + readOnly: true + bigqueryAction: + $ref: '#/components/schemas/BigQueryAction' + description: Output only. The workflow action's bigquery action details. + readOnly: true + internalMetadata: + description: >- + Output only. All the metadata information that is used internally to + serve the resource. For example: timestamps, flags, status fields, + etc. The format of this field is a JSON string. + readOnly: true type: string - CommitLogEntry: - id: CommitLogEntry - description: Represents a single commit log. + invocationTiming: + description: >- + Output only. This action's timing details. `start_time` will be set + if the action is in [RUNNING, SUCCEEDED, CANCELLED, FAILED] state. + `end_time` will be set if the action is in [SUCCEEDED, CANCELLED, + FAILED] state. + readOnly: true + $ref: '#/components/schemas/Interval' + notebookAction: + readOnly: true + $ref: '#/components/schemas/NotebookAction' + description: Output only. The workflow action's notebook action details. type: object + id: WorkflowInvocationAction + description: Represents a single action in a workflow invocation. + WorkspaceCompilationOverrides: properties: - commitTime: - description: Commit timestamp. + tablePrefix: + description: Optional. The prefix that should be prepended to all table names. type: string - format: google-datetime - commitSha: - description: The commit SHA for this commit log entry. + schemaSuffix: + description: >- + Optional. The suffix that should be appended to all schema (BigQuery + dataset ID) names. type: string - author: - description: The commit author for this commit log entry. - $ref: '#/components/schemas/CommitAuthor' - commitMessage: - description: The commit message for this commit log entry. + defaultDatabase: type: string - ComputeRepositoryAccessTokenStatusResponse: - id: ComputeRepositoryAccessTokenStatusResponse - description: '`ComputeRepositoryAccessTokenStatus` response message.' + description: Optional. The default database (Google Cloud project ID). + id: WorkspaceCompilationOverrides + description: Configures workspace compilation overrides for a repository. + type: object + FetchFileDiffResponse: + id: FetchFileDiffResponse type: object + description: '`FetchFileDiff` response message.' properties: - tokenStatus: - description: Indicates the status of the Git access token. + formattedDiff: type: string - enumDescriptions: - - Default value. This value is unused. - - >- - The token could not be found in Secret Manager (or the Dataform - Service Account did not have permission to access it). - - >- - The token could not be used to authenticate against the Git - remote. - - >- - The token was used successfully to authenticate against the Git - remote. - enum: - - TOKEN_STATUS_UNSPECIFIED - - NOT_FOUND - - INVALID - - VALID - FetchRemoteBranchesResponse: - id: FetchRemoteBranchesResponse - description: '`FetchRemoteBranches` response message.' - type: object + description: The raw formatted Git diff for the file. + ColumnDescriptor: + description: Describes a column. + id: ColumnDescriptor properties: - branches: - description: The remote repository's branch names. - type: array + path: items: type: string - ListWorkspacesResponse: - id: ListWorkspacesResponse - description: '`ListWorkspaces` response message.' - type: object - properties: - workspaces: - description: List of workspaces. type: array - items: - $ref: '#/components/schemas/Workspace' - nextPageToken: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - unreachable: - description: Locations which could not be reached. - type: array + The identifier for the column. Each entry in `path` represents one + level of nesting. + bigqueryPolicyTags: items: type: string - Workspace: - id: Workspace - description: Represents a Dataform Git workspace. + type: array + description: A list of BigQuery policy tags that will be applied to the column. + description: + description: A textual description of the column. + type: string + type: object + ScheduledReleaseRecord: + id: ScheduledReleaseRecord + description: >- + A record of an attempt to create a compilation result for this release + config. type: object properties: - name: - description: Identifier. The workspace's name. + compilationResult: + description: >- + The name of the created compilation result, if one was successfully + created. Must be in the format + `projects/*/locations/*/repositories/*/compilationResults/*`. type: string - createTime: - description: Output only. The timestamp of when the workspace was created. + errorStatus: + $ref: '#/components/schemas/Status' + description: >- + The error status encountered upon this attempt to create the + compilation result, if the attempt was unsuccessful. + releaseTime: readOnly: true + description: Output only. The timestamp of this release attempt. type: string format: google-datetime - dataEncryptionState: - description: >- - Output only. A data encryption state of a Git repository if this - Workspace is protected by a KMS key. - readOnly: true - $ref: '#/components/schemas/DataEncryptionState' + Repository: + id: Repository + type: object + properties: internalMetadata: + readOnly: true description: >- Output only. All the metadata information that is used internally to serve the resource. For example: timestamps, flags, status fields, etc. The format of this field is a JSON string. - readOnly: true type: string - InstallNpmPackagesRequest: - id: InstallNpmPackagesRequest - description: '`InstallNpmPackages` request message.' - type: object - properties: {} - InstallNpmPackagesResponse: - id: InstallNpmPackagesResponse - description: '`InstallNpmPackages` response message.' - type: object - properties: {} - PullGitCommitsRequest: - id: PullGitCommitsRequest - description: '`PullGitCommits` request message.' - type: object - properties: - remoteBranch: + workspaceCompilationOverrides: + $ref: '#/components/schemas/WorkspaceCompilationOverrides' description: >- - Optional. The name of the branch in the Git remote from which to - pull commits. If left unset, the repository's default branch name - will be used. - type: string - author: + Optional. If set, fields of `workspace_compilation_overrides` + override the default compilation settings that are specified in + dataform.json when creating workspace-scoped compilation results. + See documentation for `WorkspaceCompilationOverrides` for more + information. + dataEncryptionState: + $ref: '#/components/schemas/DataEncryptionState' description: >- - Required. The author of any merge commit which may be created as a - result of merging fetched Git commits into this workspace. - $ref: '#/components/schemas/CommitAuthor' - PullGitCommitsResponse: - id: PullGitCommitsResponse - description: '`PullGitCommits` response message.' - type: object - properties: {} - PushGitCommitsRequest: - id: PushGitCommitsRequest - description: '`PushGitCommits` request message.' - type: object - properties: - remoteBranch: + Output only. A data encryption state of a Git repository if this + Repository is protected by a KMS key. + readOnly: true + gitRemoteSettings: + $ref: '#/components/schemas/GitRemoteSettings' description: >- - Optional. The name of the branch in the Git remote to which commits - should be pushed. If left unset, the repository's default branch - name will be used. + Optional. If set, configures this repository to be linked to a Git + remote. + name: + description: Identifier. The repository's name. type: string - PushGitCommitsResponse: - id: PushGitCommitsResponse - description: '`PushGitCommits` response message.' + npmrcEnvironmentVariablesSecretVersion: + description: >- + Optional. The name of the Secret Manager secret version to be used + to interpolate variables into the .npmrc file for package + installation operations. Must be in the format + `projects/*/secrets/*/versions/*`. The file itself must be in a JSON + format. + type: string + displayName: + description: Optional. The repository's user-friendly name. + type: string + kmsKeyName: + description: >- + Optional. The reference to a KMS encryption key. If provided, it + will be used to encrypt user data in the repository and all child + resources. It is not possible to add or update the encryption key + after the repository is created. Example: + `projects/{kms_project}/locations/{location}/keyRings/{key_location}/cryptoKeys/{key}` + type: string + serviceAccount: + type: string + description: Optional. The service account to run workflow invocations under. + createTime: + description: Output only. The timestamp of when the repository was created. + readOnly: true + type: string + format: google-datetime + labels: + description: Optional. Repository user labels. + type: object + additionalProperties: + type: string + setAuthenticatedUserAdmin: + type: boolean + description: >- + Optional. Input only. If set to true, the authenticated user will be + granted the roles/dataform.admin role on the created repository. + description: Represents a Dataform Git repository. + WorkflowInvocation: + properties: + workflowConfig: + description: >- + Immutable. The name of the workflow config to invoke. Must be in the + format `projects/*/locations/*/repositories/*/workflowConfigs/*`. + type: string + resolvedCompilationResult: + type: string + description: >- + Output only. The resolved compilation result that was used to create + this invocation. Will be in the format + `projects/*/locations/*/repositories/*/compilationResults/*`. + readOnly: true + compilationResult: + type: string + description: >- + Immutable. The name of the compilation result to use for this + invocation. Must be in the format + `projects/*/locations/*/repositories/*/compilationResults/*`. + privateResourceMetadata: + description: >- + Output only. Metadata indicating whether this resource is + user-scoped. `WorkflowInvocation` resource is `user_scoped` only if + it is sourced from a compilation result and the compilation result + is user-scoped. + $ref: '#/components/schemas/PrivateResourceMetadata' + readOnly: true + internalMetadata: + type: string + description: >- + Output only. All the metadata information that is used internally to + serve the resource. For example: timestamps, flags, status fields, + etc. The format of this field is a JSON string. + readOnly: true + dataEncryptionState: + description: Output only. Only set if the repository has a KMS Key. + $ref: '#/components/schemas/DataEncryptionState' + readOnly: true + state: + enum: + - STATE_UNSPECIFIED + - RUNNING + - SUCCEEDED + - CANCELLED + - FAILED + - CANCELING + type: string + description: Output only. This workflow invocation's current state. + readOnly: true + enumDescriptions: + - Default value. This value is unused. + - The workflow invocation is currently running. + - The workflow invocation succeeded. A terminal state. + - The workflow invocation was cancelled. A terminal state. + - The workflow invocation failed. A terminal state. + - >- + The workflow invocation is being cancelled, but some actions are + still running. + name: + description: Output only. The workflow invocation's name. + readOnly: true + type: string + invocationTiming: + readOnly: true + $ref: '#/components/schemas/Interval' + description: Output only. This workflow invocation's timing details. + invocationConfig: + description: Immutable. If left unset, a default InvocationConfig will be used. + $ref: '#/components/schemas/InvocationConfig' + type: object + id: WorkflowInvocation + description: Represents a single invocation of a compilation result. + MakeDirectoryResponse: type: object + description: '`MakeDirectory` response message.' + id: MakeDirectoryResponse properties: {} - FetchFileGitStatusesResponse: - id: FetchFileGitStatusesResponse - description: '`FetchFileGitStatuses` response message.' + DirectoryEntry: type: object + description: Represents a single entry in a directory. properties: - uncommittedFileChanges: + directory: + type: string + description: A child directory in the directory. + file: + description: A file in the directory. + type: string + id: DirectoryEntry + MoveDirectoryResponse: + id: MoveDirectoryResponse + properties: {} + type: object + description: '`MoveDirectory` response message.' + DataPreparationAction: + id: DataPreparationAction + description: Represents a workflow action that will run a Data Preparation. + type: object + properties: + contentsSql: description: >- - A list of all files which have uncommitted Git changes. There will - only be a single entry for any given file. + SQL definition for a Data Preparation. Contains a SQL query and + additional context information. + $ref: '#/components/schemas/ActionSqlDefinition' + jobId: + description: >- + Output only. The ID of the BigQuery job that executed the SQL in + sql_script. Only set once the job has started to run. + readOnly: true + type: string + generatedSql: + readOnly: true + type: string + description: >- + Output only. The generated BigQuery SQL script that will be + executed. For reference only. + contentsYaml: + readOnly: true + description: >- + Output only. YAML representing the contents of the data preparation. + Can be used to show the customer what the input was to their + workflow. + type: string + CommitWorkspaceChangesResponse: + id: CommitWorkspaceChangesResponse + description: '`CommitWorkspaceChanges` response message.' + type: object + properties: {} + ActionSimpleLoadMode: + id: ActionSimpleLoadMode + description: Simple load definition + properties: {} + type: object + DirectorySearchResult: + type: object + id: DirectorySearchResult + properties: + path: + type: string + description: File system path relative to the workspace root. + description: Client-facing representation of a directory entry in search results. + Status: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + type: object + id: Status + properties: + details: + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. type: array items: - $ref: '#/components/schemas/UncommittedFileChange' - UncommittedFileChange: - id: UncommittedFileChange - description: Represents the Git state of a file with uncommitted changes. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + message: + type: string + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + DataEncryptionState: + properties: + kmsKeyVersionName: + type: string + description: >- + Required. The KMS key version name with which data of a resource is + encrypted. + type: object + id: DataEncryptionState + description: Describes encryption state of a resource. + DataPreparation: + id: DataPreparation + description: Defines a compiled Data Preparation entity type: object + properties: + contentsSql: + $ref: '#/components/schemas/SqlDefinition' + description: >- + SQL definition for a Data Preparation. Contains a SQL query and + additional context information. + contentsYaml: + type: string + description: The data preparation definition, stored as a YAML string. + dependencyTargets: + items: + $ref: '#/components/schemas/Target' + type: array + description: A list of actions that this action depends on. + tags: + type: array + items: + type: string + description: Arbitrary, user-defined tags on this action. + disabled: + type: boolean + description: Whether this action is disabled (i.e. should not be run). + UncommittedFileChange: properties: path: + type: string description: >- The file's full path including filename, relative to the workspace root. - type: string state: description: Output only. Indicates the status of the file. - readOnly: true - type: string enumDescriptions: - Default value. This value is unused. - The file has been newly added. - The file has been deleted. - The file has been modified. - The file contains merge conflicts. + readOnly: true enum: - STATE_UNSPECIFIED - ADDED - DELETED - MODIFIED - HAS_CONFLICTS - FetchGitAheadBehindResponse: - id: FetchGitAheadBehindResponse - description: '`FetchGitAheadBehind` response message.' + type: string + description: Represents the Git state of a file with uncommitted changes. type: object - properties: - commitsAhead: - description: >- - The number of commits in the remote branch that are not in the - workspace. - type: integer - format: int32 - commitsBehind: - description: >- - The number of commits in the workspace that are not in the remote - branch. - type: integer - format: int32 - CommitWorkspaceChangesRequest: - id: CommitWorkspaceChangesRequest - description: '`CommitWorkspaceChanges` request message.' + id: UncommittedFileChange + FileSearchResult: + description: Client-facing representation of a file entry in search results. + id: FileSearchResult type: object properties: - author: - description: Required. The commit's author. - $ref: '#/components/schemas/CommitAuthor' - commitMessage: - description: Optional. The commit's message. + path: + description: File system path relative to the workspace root. type: string - paths: - description: >- - Optional. Full file paths to commit including filename, rooted at - workspace root. If left empty, all files will be committed. - type: array - items: - type: string - CommitWorkspaceChangesResponse: - id: CommitWorkspaceChangesResponse - description: '`CommitWorkspaceChanges` response message.' - type: object - properties: {} - ResetWorkspaceChangesRequest: - id: ResetWorkspaceChangesRequest - description: '`ResetWorkspaceChanges` request message.' + FileOperation: type: object + description: Represents a single file operation to the repository. properties: - paths: + deleteFile: + $ref: '#/components/schemas/DeleteFile' + description: Represents the delete operation. + writeFile: + $ref: '#/components/schemas/WriteFile' + description: Represents the write operation. + id: FileOperation + ActionSqlDefinition: + id: ActionSqlDefinition + description: Definition of a SQL Data Preparation + properties: + loadConfig: + $ref: '#/components/schemas/ActionLoadConfig' + description: Load configuration. + errorTable: + description: Error table configuration, + $ref: '#/components/schemas/ActionErrorTable' + query: description: >- - Optional. Full file paths to reset back to their committed state - including filename, rooted at workspace root. If left empty, all - files will be reset. - type: array - items: - type: string - clean: - description: Optional. If set to true, untracked files will be deleted. - type: boolean - ResetWorkspaceChangesResponse: - id: ResetWorkspaceChangesResponse - description: '`ResetWorkspaceChanges` response message.' + The SQL query representing the data preparation steps. Formatted as + a Pipe SQL query statement. + type: string + type: object + SimpleLoadMode: type: object properties: {} - FetchFileDiffResponse: - id: FetchFileDiffResponse - description: '`FetchFileDiff` response message.' + id: SimpleLoadMode + description: Simple load definition + Workspace: + description: Represents a Dataform Git workspace. type: object properties: - formattedDiff: - description: The raw formatted Git diff for the file. + dataEncryptionState: + description: >- + Output only. A data encryption state of a Git repository if this + Workspace is protected by a KMS key. + readOnly: true + $ref: '#/components/schemas/DataEncryptionState' + createTime: + readOnly: true + format: google-datetime type: string - QueryDirectoryContentsResponse: - id: QueryDirectoryContentsResponse - description: '`QueryDirectoryContents` response message.' + description: Output only. The timestamp of when the workspace was created. + name: + type: string + description: Identifier. The workspace's name. + privateResourceMetadata: + readOnly: true + $ref: '#/components/schemas/PrivateResourceMetadata' + description: >- + Output only. Metadata indicating whether this resource is + user-scoped. For `Workspace` resources, the `user_scoped` field is + always `true`. + internalMetadata: + type: string + description: >- + Output only. All the metadata information that is used internally to + serve the resource. For example: timestamps, flags, status fields, + etc. The format of this field is a JSON string. + readOnly: true + id: Workspace + ListWorkspacesResponse: + description: '`ListWorkspaces` response message.' + id: ListWorkspacesResponse type: object properties: - directoryEntries: - description: List of entries in the directory. - type: array - items: - $ref: '#/components/schemas/DirectoryEntry' nextPageToken: + type: string description: >- A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. - type: string - SearchFilesResponse: - id: SearchFilesResponse - description: Client-facing representation of a file search response. - type: object - properties: - searchResults: - description: List of matched results. + workspaces: + items: + $ref: '#/components/schemas/Workspace' + description: List of workspaces. type: array + unreachable: items: - $ref: '#/components/schemas/SearchResult' - nextPageToken: - description: >- - Optional. A token, which can be sent as `page_token` to retrieve the - next page. If this field is omitted, there are no subsequent pages. - type: string - SearchResult: - id: SearchResult - description: Client-facing representation of a search result entry. + type: string + description: Locations which could not be reached. + type: array + ResetWorkspaceChangesResponse: + properties: {} + description: '`ResetWorkspaceChanges` response message.' type: object - properties: - file: - description: Details when search result is a file. - $ref: '#/components/schemas/FileSearchResult' - directory: - description: Details when search result is a directory. - $ref: '#/components/schemas/DirectorySearchResult' - FileSearchResult: - id: FileSearchResult - description: Client-facing representation of a file entry in search results. + id: ResetWorkspaceChangesResponse + TestIamPermissionsRequest: type: object + description: Request message for `TestIamPermissions` method. properties: - path: - description: File system path relative to the workspace root. - type: string - DirectorySearchResult: - id: DirectorySearchResult - description: Client-facing representation of a directory entry in search results. + permissions: + type: array + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + items: + type: string + id: TestIamPermissionsRequest + ScheduledExecutionRecord: type: object + id: ScheduledExecutionRecord + description: >- + A record of an attempt to create a workflow invocation for this workflow + config. properties: - path: - description: File system path relative to the workspace root. + workflowInvocation: type: string - MakeDirectoryRequest: - id: MakeDirectoryRequest - description: '`MakeDirectory` request message.' - type: object - properties: - path: description: >- - Required. The directory's full path including directory name, - relative to the workspace root. - type: string - MakeDirectoryResponse: - id: MakeDirectoryResponse - description: '`MakeDirectory` response message.' - type: object - properties: {} - RemoveDirectoryRequest: - id: RemoveDirectoryRequest - description: '`RemoveDirectory` request message.' - type: object - properties: - path: + The name of the created workflow invocation, if one was successfully + created. Must be in the format + `projects/*/locations/*/repositories/*/workflowInvocations/*`. + errorStatus: + $ref: '#/components/schemas/Status' description: >- - Required. The directory's full path including directory name, - relative to the workspace root. + The error status encountered upon this attempt to create the + workflow invocation, if the attempt was unsuccessful. + executionTime: type: string - RemoveDirectoryResponse: - id: RemoveDirectoryResponse - description: '`RemoveDirectory` response message.' - type: object - properties: {} - MoveDirectoryRequest: - id: MoveDirectoryRequest - description: '`MoveDirectory` request message.' - type: object + readOnly: true + format: google-datetime + description: Output only. The timestamp of this execution attempt. + MoveFileRequest: properties: - path: + newPath: description: >- - Required. The directory's full path including directory name, - relative to the workspace root. + Required. The file's new path including filename, relative to the + workspace root. type: string - newPath: + path: description: >- - Required. The new path for the directory including directory name, - rooted at workspace root. + Required. The file's full path including filename, relative to the + workspace root. type: string - MoveDirectoryResponse: - id: MoveDirectoryResponse - description: '`MoveDirectory` response message.' - type: object - properties: {} - ReadFileResponse: - id: ReadFileResponse - description: '`ReadFile` response message.' + id: MoveFileRequest type: object + description: '`MoveFile` request message.' + Assertion: properties: - fileContents: - description: The file's contents. - type: string - format: byte - RemoveFileRequest: - id: RemoveFileRequest - description: '`RemoveFile` request message.' - type: object - properties: - path: + selectQuery: description: >- - Required. The file's full path including filename, relative to the - workspace root. + The SELECT query which must return zero rows in order for this + assertion to succeed. type: string - RemoveFileResponse: - id: RemoveFileResponse - description: '`RemoveFile` response message.' + dependencyTargets: + items: + $ref: '#/components/schemas/Target' + description: A list of actions that this action depends on. + type: array + disabled: + type: boolean + description: Whether this action is disabled (i.e. should not be run). + tags: + description: Arbitrary, user-defined tags on this action. + type: array + items: + type: string + parentAction: + $ref: '#/components/schemas/Target' + description: >- + The parent action of this assertion. Only set if this assertion was + automatically generated. + relationDescriptor: + $ref: '#/components/schemas/RelationDescriptor' + description: >- + Descriptor for the assertion's automatically-generated view and its + columns. + id: Assertion + description: >- + Represents an assertion upon a SQL query which is required return zero + rows. type: object - properties: {} - MoveFileRequest: - id: MoveFileRequest - description: '`MoveFile` request message.' + Interval: + description: >- + Represents a time interval, encoded as a Timestamp start (inclusive) and + a Timestamp end (exclusive). The start must be less than or equal to the + end. When the start equals the end, the interval is empty (matches no + time). When both start and end are unspecified, the interval matches any + time. type: object + id: Interval properties: - path: - description: >- - Required. The file's full path including filename, relative to the - workspace root. + startTime: type: string - newPath: description: >- - Required. The file's new path including filename, relative to the - workspace root. + Optional. Inclusive start of the interval. If specified, a Timestamp + matching this interval will have to be the same or after the start. + format: google-datetime + endTime: type: string - MoveFileResponse: - id: MoveFileResponse - description: '`MoveFile` response message.' - type: object - properties: {} - WriteFileRequest: - id: WriteFileRequest - description: '`WriteFile` request message.' + format: google-datetime + description: >- + Optional. Exclusive end of the interval. If specified, a Timestamp + matching this interval will have to be before the end. + CommitLogEntry: type: object + description: Represents a single commit log. + id: CommitLogEntry properties: - path: - description: Required. The file. + commitSha: + description: The commit SHA for this commit log entry. type: string - contents: - description: Required. The file's contents. + commitTime: + type: string + format: google-datetime + description: Commit timestamp. + author: + $ref: '#/components/schemas/CommitAuthor' + description: The commit author for this commit log entry. + commitMessage: + type: string + description: The commit message for this commit log entry. + CommitRepositoryChangesRequest: + properties: + commitMetadata: + description: Required. The changes to commit to the repository. + $ref: '#/components/schemas/CommitMetadata' + fileOperations: + additionalProperties: + $ref: '#/components/schemas/FileOperation' + type: object + description: >- + Optional. A map to the path of the file to the operation. The path + is the full file path including filename, from repository root. + requiredHeadCommitSha: + description: >- + Optional. The commit SHA which must be the repository's current HEAD + before applying this commit; otherwise this request will fail. If + unset, no validation on the current HEAD commit SHA is performed. type: string - format: byte - WriteFileResponse: - id: WriteFileResponse - description: '`WriteFile` response message.' - type: object - properties: {} - ListReleaseConfigsResponse: - id: ListReleaseConfigsResponse - description: '`ListReleaseConfigs` response message.' type: object + id: CommitRepositoryChangesRequest + description: '`CommitRepositoryChanges` request message.' + ListOperationsResponse: + id: ListOperationsResponse properties: - releaseConfigs: - description: List of release configs. + nextPageToken: + description: The standard List next-page token. + type: string + operations: + description: >- + A list of operations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Operation' type: array + unreachable: items: - $ref: '#/components/schemas/ReleaseConfig' + type: string + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + type: object + description: The response message for Operations.ListOperations. + ListRepositoriesResponse: + type: object + id: ListRepositoriesResponse + description: '`ListRepositories` response message.' + properties: nextPageToken: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + A token which can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. type: string unreachable: + items: + type: string + type: array description: Locations which could not be reached. + repositories: type: array items: - type: string - ReleaseConfig: - id: ReleaseConfig - description: Represents a Dataform release configuration. + $ref: '#/components/schemas/Repository' + description: List of repositories. + OperationMetadata: type: object + description: Represents the metadata of the long-running operation. + id: OperationMetadata properties: - name: - description: Identifier. The release config's name. - type: string - gitCommitish: - description: >- - Required. Git commit/tag/branch name at which the repository should - be compiled. Must exist in the remote repository. Examples: - a - commit SHA: `12ade345` - a tag: `tag1` - a branch name: `branch1` - type: string - codeCompilationConfig: - description: >- - Optional. If set, fields of `code_compilation_config` override the - default compilation settings that are specified in dataform.json. - $ref: '#/components/schemas/CodeCompilationConfig' - cronSchedule: + target: + readOnly: true description: >- - Optional. Optional schedule (in cron format) for automatic creation - of compilation results. + Output only. Server-defined resource path for the target of the + operation. type: string - timeZone: - description: >- - Optional. Specifies the time zone to be used when interpreting - cron_schedule. Must be a time zone name from the time zone database - (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). If - left unspecified, the default is UTC. + apiVersion: type: string - recentScheduledReleaseRecords: - description: >- - Output only. Records of the 10 most recent scheduled release - attempts, ordered in descending order of `release_time`. Updated - whenever automatic creation of a compilation result is triggered by - cron_schedule. readOnly: true - type: array - items: - $ref: '#/components/schemas/ScheduledReleaseRecord' - releaseCompilationResult: - description: >- - Optional. The name of the currently released compilation result for - this release config. This value is updated when a compilation result - is automatically created from this release config (using - cron_schedule), or when this resource is updated by API call - (perhaps to roll back to an earlier release). The compilation result - must have been created using this release config. Must be in the - format `projects/*/locations/*/repositories/*/compilationResults/*`. + description: Output only. API version used to start the operation. + verb: + description: Output only. Name of the verb executed by the operation. + readOnly: true type: string - disabled: - description: Optional. Disables automatic creation of compilation results. - type: boolean - internalMetadata: + cancelRequested: description: >- - Output only. All the metadata information that is used internally to - serve the resource. For example: timestamps, flags, status fields, - etc. The format of this field is a JSON string. + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have been cancelled successfully + have google.longrunning.Operation.error value with a + google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. readOnly: true + type: boolean + createTime: type: string - CodeCompilationConfig: - id: CodeCompilationConfig - description: Configures various aspects of Dataform code compilation. - type: object - properties: - defaultDatabase: - description: Optional. The default database (Google Cloud project ID). - type: string - defaultSchema: - description: Optional. The default schema (BigQuery dataset ID). + format: google-datetime + description: Output only. The time the operation was created. + readOnly: true + statusDetail: + description: Output only. Human-readable status of the operation, if any. type: string - defaultLocation: - description: >- - Optional. The default BigQuery location to use. Defaults to "US". - See the BigQuery docs for a full list of locations: - https://cloud.google.com/bigquery/docs/locations. + readOnly: true + endTime: + description: Output only. The time the operation finished running. + format: google-datetime + readOnly: true type: string - assertionSchema: - description: Optional. The default schema (BigQuery dataset ID) for assertions. - type: string - vars: - description: >- - Optional. User-defined variables that are made available to project - code during compilation. - type: object - additionalProperties: - type: string - databaseSuffix: - description: >- - Optional. The suffix that should be appended to all database (Google - Cloud project ID) names. - type: string - schemaSuffix: - description: >- - Optional. The suffix that should be appended to all schema (BigQuery - dataset ID) names. - type: string - tablePrefix: - description: Optional. The prefix that should be prepended to all table names. - type: string - builtinAssertionNamePrefix: - description: Optional. The prefix to prepend to built-in assertion names. + ComputeRepositoryAccessTokenStatusResponse: + description: '`ComputeRepositoryAccessTokenStatus` response message.' + properties: + tokenStatus: + enum: + - TOKEN_STATUS_UNSPECIFIED + - NOT_FOUND + - INVALID + - VALID + description: Indicates the status of the Git access token. + enumDescriptions: + - Default value. This value is unused. + - >- + The token could not be found in Secret Manager (or the Dataform + Service Account did not have permission to access it). + - >- + The token could not be used to authenticate against the Git + remote. + - >- + The token was used successfully to authenticate against the Git + remote. type: string - defaultNotebookRuntimeOptions: - description: Optional. The default notebook runtime options. - $ref: '#/components/schemas/NotebookRuntimeOptions' - NotebookRuntimeOptions: - id: NotebookRuntimeOptions - description: Configures various aspects of Dataform notebook runtime. type: object + id: ComputeRepositoryAccessTokenStatusResponse + SshAuthenticationConfig: properties: - gcsOutputBucket: - description: >- - Optional. The Google Cloud Storage location to upload the result to. - Format: `gs://bucket-name`. + userPrivateKeySecretVersion: type: string - aiPlatformNotebookRuntimeTemplate: description: >- - Optional. The resource name of the [Colab runtime template] - (https://cloud.google.com/colab/docs/runtimes), from which a runtime - is created for notebook executions. If not specified, a runtime is - created with Colab's default specifications. + Required. The name of the Secret Manager secret version to use as a + ssh private key for Git operations. Must be in the format + `projects/*/secrets/*/versions/*`. + hostPublicKey: + description: >- + Required. Content of a public SSH key to verify an identity of a + remote Git host. type: string - ScheduledReleaseRecord: - id: ScheduledReleaseRecord - description: >- - A record of an attempt to create a compilation result for this release - config. + description: Configures fields for performing SSH authentication. type: object + id: SshAuthenticationConfig + IamPolicyOverrideView: + description: >- + Contains metadata about the IAM policy override for a given Dataform + resource. If is_active is true, this the policy encoded in + iam_policy_name is the source of truth for this resource. Will be + provided in internal ESV2 views for: Workspaces, Repositories, Folders, + TeamFolders. properties: - compilationResult: - description: >- - The name of the created compilation result, if one was successfully - created. Must be in the format - `projects/*/locations/*/repositories/*/compilationResults/*`. - type: string - errorStatus: - description: >- - The error status encountered upon this attempt to create the - compilation result, if the attempt was unsuccessful. - $ref: '#/components/schemas/Status' - releaseTime: - description: Output only. The timestamp of this release attempt. - readOnly: true - type: string - format: google-datetime - ListCompilationResultsResponse: - id: ListCompilationResultsResponse - description: '`ListCompilationResults` response message.' + iamPolicyName: + $ref: '#/components/schemas/PolicyName' + description: The IAM policy name for the resource. + isActive: + description: Whether the IAM policy encoded in this view is active. + type: boolean + type: object + id: IamPolicyOverrideView + InstallNpmPackagesRequest: + id: InstallNpmPackagesRequest type: object + description: '`InstallNpmPackages` request message.' + properties: {} + CommitWorkspaceChangesRequest: properties: - compilationResults: - description: List of compilation results. + paths: type: array items: - $ref: '#/components/schemas/CompilationResult' - nextPageToken: + type: string description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Optional. Full file paths to commit including filename, rooted at + workspace root. If left empty, all files will be committed. + author: + description: Required. The commit's author. + $ref: '#/components/schemas/CommitAuthor' + commitMessage: type: string - unreachable: - description: Locations which could not be reached. - type: array - items: - type: string - CompilationResult: - id: CompilationResult - description: Represents the result of compiling a Dataform project. + description: Optional. The commit's message. type: object + id: CommitWorkspaceChangesRequest + description: '`CommitWorkspaceChanges` request message.' + Relation: + description: Represents a database relation. + id: Relation properties: - gitCommitish: + partitionExpirationDays: + format: int32 + description: Sets the partition expiration in days. + type: integer + additionalOptions: + type: object description: >- - Immutable. Git commit/tag/branch name at which the repository should - be compiled. Must exist in the remote repository. Examples: - a - commit SHA: `12ade345` - a tag: `tag1` - a branch name: `branch1` - type: string - workspace: + Additional options that will be provided as key/value pairs into the + options clause of a create table/view statement. See + https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language + for more information on which options are supported. + additionalProperties: + type: string + selectQuery: description: >- - Immutable. The name of the workspace to compile. Must be in the - format `projects/*/locations/*/repositories/*/workspaces/*`. + The SELECT query which returns rows which this relation should + contain. type: string - releaseConfig: - description: >- - Immutable. The name of the release config to compile. Must be in the - format `projects/*/locations/*/repositories/*/releaseConfigs/*`. + clusterExpressions: + description: A list of columns or SQL expressions used to cluster the table. + items: + type: string + type: array + preOperations: + type: array + items: + type: string + description: SQL statements to be executed before creating the relation. + storageUri: type: string - name: - description: Output only. The compilation result's name. - readOnly: true + description: >- + Optional. The fully qualified location prefix of the external folder + where table data is stored. The URI should be in the format + `gs://bucket/path_to_table/`. + tableFormat: + enum: + - TABLE_FORMAT_UNSPECIFIED + - ICEBERG + enumDescriptions: + - Default value. + - Apache Iceberg format. + description: Optional. The table format for the BigQuery table. type: string - codeCompilationConfig: + incrementalTableConfig: + $ref: '#/components/schemas/IncrementalTableConfig' description: >- - Immutable. If set, fields of `code_compilation_config` override the - default compilation settings that are specified in dataform.json. - $ref: '#/components/schemas/CodeCompilationConfig' - resolvedGitCommitSha: + Configures `INCREMENTAL_TABLE` settings for this relation. Only set + if `relation_type` is `INCREMENTAL_TABLE`. + requirePartitionFilter: description: >- - Output only. The fully resolved Git commit SHA of the code that was - compiled. Not set for compilation results whose source is a - workspace. - readOnly: true + Specifies whether queries on this table must include a predicate + filter that filters on the partitioning column. + type: boolean + dependencyTargets: + description: A list of actions that this action depends on. + items: + $ref: '#/components/schemas/Target' + type: array + connection: type: string - dataformCoreVersion: description: >- - Output only. The version of `@dataform/core` that was used for - compilation. - readOnly: true + Optional. The connection specifying the credentials to be used to + read and write to external storage, such as Cloud Storage. The + connection can have the form `{project}.{location}.{connection_id}` + or + `projects/{project}/locations/{location}/connections/{connection_id}", + or be set to DEFAULT. + fileFormat: type: string - compilationErrors: - description: Output only. Errors encountered during project compilation. - readOnly: true + enumDescriptions: + - Default value. + - Apache Parquet format. + description: Optional. The file format for the BigQuery table. + enum: + - FILE_FORMAT_UNSPECIFIED + - PARQUET + tags: type: array + description: Arbitrary, user-defined tags on this action. items: - $ref: '#/components/schemas/CompilationError' - dataEncryptionState: - description: Output only. Only set if the repository has a KMS Key. - readOnly: true - $ref: '#/components/schemas/DataEncryptionState' - createTime: - description: >- - Output only. The timestamp of when the compilation result was - created. - readOnly: true + type: string + postOperations: + description: SQL statements to be executed after creating the relation. + type: array + items: + type: string + partitionExpression: + description: The SQL expression used to partition the relation. type: string - format: google-datetime - internalMetadata: - description: >- - Output only. All the metadata information that is used internally to - serve the resource. For example: timestamps, flags, status fields, - etc. The format of this field is a JSON string. - readOnly: true + disabled: + type: boolean + description: Whether this action is disabled (i.e. should not be run). + relationType: type: string - CompilationError: - id: CompilationError - description: An error encountered when attempting to compile a Dataform project. - type: object - properties: - message: - description: Output only. The error's top level message. - readOnly: true + enumDescriptions: + - Default value. This value is unused. + - The relation is a table. + - The relation is a view. + - The relation is an incrementalized table. + - The relation is a materialized view. + description: The type of this relation. + enum: + - RELATION_TYPE_UNSPECIFIED + - TABLE + - VIEW + - INCREMENTAL_TABLE + - MATERIALIZED_VIEW + relationDescriptor: + description: Descriptor for the relation and its columns. + $ref: '#/components/schemas/RelationDescriptor' + type: object + Expr: + type: object + properties: + description: + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. type: string - stack: - description: Output only. The error's full stack trace. - readOnly: true + location: + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. type: string - path: + expression: description: >- - Output only. The path of the file where this error occurred, if - available, relative to the project root. - readOnly: true + Textual representation of an expression in Common Expression + Language syntax. type: string - actionTarget: + title: description: >- - Output only. The identifier of the action where this error occurred, - if available. - readOnly: true - $ref: '#/components/schemas/Target' - Target: - id: Target + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + type: string description: >- - Represents an action identifier. If the action writes output, the output - will be written to the referenced database object. + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + id: Expr + InvocationConfig: type: object + id: InvocationConfig properties: - database: - description: Optional. The action's database (Google Cloud project ID) . - type: string - schema: + includedTags: + items: + type: string + description: Optional. The set of tags to include. + type: array + fullyRefreshIncrementalTablesEnabled: description: >- - Optional. The action's schema (BigQuery dataset ID), within - `database`. + Optional. When set to true, any incremental tables will be fully + refreshed. + type: boolean + transitiveDependentsIncluded: + type: boolean + description: >- + Optional. When set to true, transitive dependents of included + actions will be executed. + queryPriority: + description: >- + Optional. Specifies the priority for query execution in BigQuery. + More information can be found at + https://cloud.google.com/bigquery/docs/running-queries#queries. + enum: + - QUERY_PRIORITY_UNSPECIFIED + - INTERACTIVE + - BATCH type: string - name: - description: Optional. The action's name, within `database` and `schema`. + enumDescriptions: + - Default value. This value is unused. + - >- + Query will be executed in BigQuery with interactive priority. More + information can be found at + https://cloud.google.com/bigquery/docs/running-queries#queries. + - >- + Query will be executed in BigQuery with batch priority. More + information can be found at + https://cloud.google.com/bigquery/docs/running-queries#batchqueries. + serviceAccount: type: string - QueryCompilationResultActionsResponse: - id: QueryCompilationResultActionsResponse - description: '`QueryCompilationResultActions` response message.' - type: object - properties: - compilationResultActions: - description: List of compilation result actions. - type: array + description: Optional. The service account to run workflow invocations under. + includedTargets: + description: Optional. The set of action identifiers to include. items: - $ref: '#/components/schemas/CompilationResultAction' - nextPageToken: + $ref: '#/components/schemas/Target' + type: array + transitiveDependenciesIncluded: + type: boolean description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - CompilationResultAction: - id: CompilationResultAction - description: Represents a single Dataform action in a compilation result. + Optional. When set to true, transitive dependencies of included + actions will be executed. + description: >- + Includes various configuration options for a workflow invocation. If + both `included_targets` and `included_tags` are unset, all actions will + be included. + Config: type: object + description: Config for all repositories in a given project and location. + id: Config properties: - relation: - description: The database relation created/updated by this action. - $ref: '#/components/schemas/Relation' - operations: - description: The database operations executed by this action. - $ref: '#/components/schemas/Operations' - assertion: - description: The assertion executed by this action. - $ref: '#/components/schemas/Assertion' - declaration: - description: The declaration declared by this action. - $ref: '#/components/schemas/Declaration' - notebook: - description: The notebook executed by this action. - $ref: '#/components/schemas/Notebook' - dataPreparation: - description: The data preparation executed by this action. - $ref: '#/components/schemas/DataPreparation' - target: - description: This action's identifier. Unique within the compilation result. - $ref: '#/components/schemas/Target' - canonicalTarget: - description: >- - The action's identifier if the project had been compiled without any - overrides configured. Unique within the compilation result. - $ref: '#/components/schemas/Target' - filePath: - description: >- - The full path including filename in which this action is located, - relative to the workspace root. + name: + type: string + description: Identifier. The config name. + defaultKmsKeyName: type: string + description: >- + Optional. The default KMS key that is used if no encryption key is + provided when a repository is created. internalMetadata: description: >- Output only. All the metadata information that is used internally to serve the resource. For example: timestamps, flags, status fields, etc. The format of this field is a JSON string. - readOnly: true type: string - Relation: - id: Relation - description: Represents a database relation. - type: object + readOnly: true + IncrementalTableConfig: + id: IncrementalTableConfig properties: - dependencyTargets: - description: A list of actions that this action depends on. - type: array - items: - $ref: '#/components/schemas/Target' - disabled: - description: Whether this action is disabled (i.e. should not be run). - type: boolean - tags: - description: Arbitrary, user-defined tags on this action. + incrementalPostOperations: type: array + description: >- + SQL statements to be executed after inserting new rows into the + relation. items: type: string - relationDescriptor: - description: Descriptor for the relation and its columns. - $ref: '#/components/schemas/RelationDescriptor' - relationType: - description: The type of this relation. - type: string - enumDescriptions: - - Default value. This value is unused. - - The relation is a table. - - The relation is a view. - - The relation is an incrementalized table. - - The relation is a materialized view. - enum: - - RELATION_TYPE_UNSPECIFIED - - TABLE - - VIEW - - INCREMENTAL_TABLE - - MATERIALIZED_VIEW - selectQuery: + incrementalPreOperations: description: >- - The SELECT query which returns rows which this relation should - contain. - type: string - preOperations: - description: SQL statements to be executed before creating the relation. - type: array + SQL statements to be executed before inserting new rows into the + relation. items: type: string - postOperations: - description: SQL statements to be executed after creating the relation. type: array + uniqueKeyParts: + description: >- + A set of columns or SQL expressions used to define row uniqueness. + If any duplicates are discovered (as defined by `unique_key_parts`), + only the newly selected rows (as defined by + `incremental_select_query`) will be included in the relation. items: type: string - incrementalTableConfig: + type: array + updatePartitionFilter: description: >- - Configures `INCREMENTAL_TABLE` settings for this relation. Only set - if `relation_type` is `INCREMENTAL_TABLE`. - $ref: '#/components/schemas/IncrementalTableConfig' - partitionExpression: - description: The SQL expression used to partition the relation. + A SQL expression conditional used to limit the set of existing rows + considered for a merge operation (see `unique_key_parts` for more + information). + type: string + incrementalSelectQuery: type: string - clusterExpressions: - description: A list of columns or SQL expressions used to cluster the table. - type: array - items: - type: string - partitionExpirationDays: - description: Sets the partition expiration in days. - type: integer - format: int32 - requirePartitionFilter: description: >- - Specifies whether queries on this table must include a predicate - filter that filters on the partitioning column. - type: boolean - additionalOptions: + The SELECT query which returns rows which should be inserted into + the relation if it already exists and is not being refreshed. + refreshDisabled: + type: boolean + description: Whether this table should be protected from being refreshed. + type: object + description: Contains settings for relations of type `INCREMENTAL_TABLE`. + ErrorTable: + id: ErrorTable + description: Error table information, used to write error data into a BigQuery table. + type: object + properties: + target: + description: Error Table target. + $ref: '#/components/schemas/Target' + retentionDays: description: >- - Additional options that will be provided as key/value pairs into the - options clause of a create table/view statement. See - https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language - for more information on which options are supported. - type: object - additionalProperties: - type: string - RelationDescriptor: - id: RelationDescriptor - description: Describes a relation and its columns. + Error table partition expiration in days. Only positive values are + allowed. + type: integer + format: int32 + DeleteFile: + properties: {} + description: Represents the delete file operation. + id: DeleteFile + type: object + ActionErrorTable: + id: ActionErrorTable type: object properties: - description: - description: A text description of the relation. - type: string - columns: - description: A list of descriptions of columns within the relation. - type: array - items: - $ref: '#/components/schemas/ColumnDescriptor' - bigqueryLabels: - description: A set of BigQuery labels that should be applied to the relation. - type: object - additionalProperties: - type: string - ColumnDescriptor: - id: ColumnDescriptor - description: Describes a column. + target: + description: Error Table target. + $ref: '#/components/schemas/Target' + retentionDays: + type: integer + format: int32 + description: >- + Error table partition expiration in days. Only positive values are + allowed. + description: Error table information, used to write error data into a BigQuery table. + RemoveFileRequest: + description: '`RemoveFile` request message.' + id: RemoveFileRequest type: object properties: path: + type: string description: >- - The identifier for the column. Each entry in `path` represents one - level of nesting. - type: array + Required. The file's full path including filename, relative to the + workspace root. + ListCompilationResultsResponse: + id: ListCompilationResultsResponse + description: '`ListCompilationResults` response message.' + type: object + properties: + unreachable: items: type: string - description: - description: A textual description of the column. - type: string - bigqueryPolicyTags: - description: A list of BigQuery policy tags that will be applied to the column. + description: Locations which could not be reached. type: array + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + compilationResults: + description: List of compilation results. items: - type: string - IncrementalTableConfig: - id: IncrementalTableConfig - description: Contains settings for relations of type `INCREMENTAL_TABLE`. + $ref: '#/components/schemas/CompilationResult' + type: array + GitRemoteSettings: type: object + description: Controls Git remote configuration for a repository. + id: GitRemoteSettings properties: - incrementalSelectQuery: - description: >- - The SELECT query which returns rows which should be inserted into - the relation if it already exists and is not being refreshed. + authenticationTokenSecretVersion: type: string - refreshDisabled: - description: Whether this table should be protected from being refreshed. - type: boolean - uniqueKeyParts: - description: >- - A set of columns or SQL expressions used to define row uniqueness. - If any duplicates are discovered (as defined by `unique_key_parts`), - only the newly selected rows (as defined by - `incremental_select_query`) will be included in the relation. - type: array - items: - type: string - updatePartitionFilter: description: >- - A SQL expression conditional used to limit the set of existing rows - considered for a merge operation (see `unique_key_parts` for more - information). + Optional. The name of the Secret Manager secret version to use as an + authentication token for Git operations. Must be in the format + `projects/*/secrets/*/versions/*`. + tokenStatus: + deprecated: true type: string - incrementalPreOperations: - description: >- - SQL statements to be executed before inserting new rows into the - relation. - type: array - items: - type: string - incrementalPostOperations: description: >- - SQL statements to be executed after inserting new rows into the - relation. - type: array - items: - type: string - Operations: - id: Operations - description: Represents a list of arbitrary database operations. + Output only. Deprecated: The field does not contain any token status + information. + enum: + - TOKEN_STATUS_UNSPECIFIED + - NOT_FOUND + - INVALID + - VALID + readOnly: true + enumDescriptions: + - Default value. This value is unused. + - >- + The token could not be found in Secret Manager (or the Dataform + Service Account did not have permission to access it). + - >- + The token could not be used to authenticate against the Git + remote. + - >- + The token was used successfully to authenticate against the Git + remote. + sshAuthenticationConfig: + $ref: '#/components/schemas/SshAuthenticationConfig' + description: Optional. Authentication fields for remote uris using SSH protocol. + url: + description: Required. The Git remote's URL. + type: string + defaultBranch: + description: Required. The Git remote's default branch name. + type: string + ReadRepositoryFileResponse: type: object + id: ReadRepositoryFileResponse + description: '`ReadRepositoryFile` response message.' properties: - dependencyTargets: - description: A list of actions that this action depends on. - type: array + contents: + description: The file's contents. + format: byte + type: string + FetchRepositoryHistoryResponse: + description: '`FetchRepositoryHistory` response message.' + type: object + properties: + commits: + description: A list of commit logs, ordered by 'git log' default order. items: - $ref: '#/components/schemas/Target' - disabled: - description: Whether this action is disabled (i.e. should not be run). - type: boolean - tags: - description: Arbitrary, user-defined tags on this action. + $ref: '#/components/schemas/CommitLogEntry' type: array - items: - type: string - relationDescriptor: - description: >- - Descriptor for any output relation and its columns. Only set if - `has_output` is true. - $ref: '#/components/schemas/RelationDescriptor' - queries: + nextPageToken: + type: string description: >- - A list of arbitrary SQL statements that will be executed without - alteration. - type: array + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + id: FetchRepositoryHistoryResponse + FetchRemoteBranchesResponse: + properties: + branches: items: type: string - hasOutput: - description: Whether these operations produce an output relation. - type: boolean - Assertion: - id: Assertion - description: >- - Represents an assertion upon a SQL query which is required return zero - rows. + description: The remote repository's branch names. + type: array + id: FetchRemoteBranchesResponse + description: '`FetchRemoteBranches` response message.' type: object + IncrementalLoadMode: + description: Load definition for incremental load modes + properties: + column: + type: string + description: Column name for incremental load modes + type: object + id: IncrementalLoadMode + ActionIncrementalLoadMode: + type: object + id: ActionIncrementalLoadMode + properties: + column: + type: string + description: Column name for incremental load modes + description: Load definition for incremental load modes + WorkflowConfig: + id: WorkflowConfig + type: object + description: Represents a Dataform workflow configuration. properties: - dependencyTargets: - description: A list of actions that this action depends on. - type: array - items: - $ref: '#/components/schemas/Target' - parentAction: - description: >- - The parent action of this assertion. Only set if this assertion was - automatically generated. - $ref: '#/components/schemas/Target' disabled: - description: Whether this action is disabled (i.e. should not be run). type: boolean - tags: - description: Arbitrary, user-defined tags on this action. - type: array - items: - type: string - selectQuery: - description: >- - The SELECT query which must return zero rows in order for this - assertion to succeed. - type: string - relationDescriptor: - description: >- - Descriptor for the assertion's automatically-generated view and its - columns. - $ref: '#/components/schemas/RelationDescriptor' - Declaration: - id: Declaration - description: >- - Represents a relation which is not managed by Dataform but which may be - referenced by Dataform actions. - type: object - properties: - relationDescriptor: - description: >- - Descriptor for the relation and its columns. Used as documentation - only, i.e. values here will result in no changes to the relation's - metadata. - $ref: '#/components/schemas/RelationDescriptor' - Notebook: - id: Notebook - description: Represents a notebook. - type: object - properties: - dependencyTargets: - description: A list of actions that this action depends on. - type: array - items: - $ref: '#/components/schemas/Target' - disabled: - description: Whether this action is disabled (i.e. should not be run). - type: boolean - contents: - description: The contents of the notebook. - type: string - tags: - description: Arbitrary, user-defined tags on this action. - type: array - items: - type: string - DataPreparation: - id: DataPreparation - description: Defines a compiled Data Preparation entity - type: object - properties: - contentsYaml: - description: The data preparation definition, stored as a YAML string. - type: string - contentsSql: - description: >- - SQL definition for a Data Preparation. Contains a SQL query and - additional context information. - $ref: '#/components/schemas/SqlDefinition' - dependencyTargets: - description: A list of actions that this action depends on. - type: array - items: - $ref: '#/components/schemas/Target' - disabled: - description: Whether this action is disabled (i.e. should not be run). - type: boolean - tags: - description: Arbitrary, user-defined tags on this action. - type: array - items: - type: string - SqlDefinition: - id: SqlDefinition - description: Definition of a SQL Data Preparation - type: object - properties: - query: - description: >- - The SQL query representing the data preparation steps. Formatted as - a Pipe SQL query statement. - type: string - errorTable: - description: Error table configuration, - $ref: '#/components/schemas/ErrorTable' - load: - description: Load configuration. - $ref: '#/components/schemas/LoadConfig' - ErrorTable: - id: ErrorTable - description: Error table information, used to write error data into a BigQuery table. - type: object - properties: - target: - description: Error Table target. - $ref: '#/components/schemas/Target' - retentionDays: - description: >- - Error table partition expiration in days. Only positive values are - allowed. - type: integer - format: int32 - LoadConfig: - id: LoadConfig - description: Simplified load configuration for actions - type: object - properties: - replace: - description: Replace destination table - $ref: '#/components/schemas/SimpleLoadMode' - append: - description: Append into destination table - $ref: '#/components/schemas/SimpleLoadMode' - maximum: - description: >- - Insert records where the value exceeds the previous maximum value - for a column in the destination table - $ref: '#/components/schemas/IncrementalLoadMode' - unique: - description: >- - Insert records where the value of a column is not already present in - the destination table - $ref: '#/components/schemas/IncrementalLoadMode' - SimpleLoadMode: - id: SimpleLoadMode - description: Simple load definition - type: object - properties: {} - IncrementalLoadMode: - id: IncrementalLoadMode - description: Load definition for incremental load modes - type: object - properties: - column: - description: Column name for incremental load modes - type: string - ListWorkflowConfigsResponse: - id: ListWorkflowConfigsResponse - description: '`ListWorkflowConfigs` response message.' - type: object - properties: - workflowConfigs: - description: List of workflow configs. - type: array - items: - $ref: '#/components/schemas/WorkflowConfig' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + description: Optional. Disables automatic creation of workflow invocations. + createTime: + readOnly: true + format: google-datetime type: string - unreachable: - description: Locations which could not be reached. - type: array - items: - type: string - WorkflowConfig: - id: WorkflowConfig - description: Represents a Dataform workflow configuration. - type: object - properties: + description: Output only. The timestamp of when the WorkflowConfig was created. name: + type: string description: Identifier. The workflow config's name. + updateTime: + readOnly: true type: string + format: google-datetime + description: >- + Output only. The timestamp of when the WorkflowConfig was last + updated. releaseConfig: description: >- Required. The name of the release config whose release_compilation_result should be executed. Must be in the format `projects/*/locations/*/repositories/*/releaseConfigs/*`. type: string - invocationConfig: - description: Optional. If left unset, a default InvocationConfig will be used. - $ref: '#/components/schemas/InvocationConfig' cronSchedule: + type: string description: >- Optional. Optional schedule (in cron format) for automatic execution of this workflow config. - type: string - timeZone: - description: >- - Optional. Specifies the time zone to be used when interpreting - cron_schedule. Must be a time zone name from the time zone database - (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). If - left unspecified, the default is UTC. - type: string + invocationConfig: + $ref: '#/components/schemas/InvocationConfig' + description: Optional. If left unset, a default InvocationConfig will be used. recentScheduledExecutionRecords: description: >- Output only. Records of the 10 most recent scheduled execution attempts, ordered in descending order of `execution_time`. Updated whenever automatic creation of a workflow invocation is triggered by cron_schedule. - readOnly: true type: array items: $ref: '#/components/schemas/ScheduledExecutionRecord' - disabled: - description: Optional. Disables automatic creation of workflow invocations. - type: boolean - createTime: - description: Output only. The timestamp of when the WorkflowConfig was created. readOnly: true - type: string - format: google-datetime - updateTime: + timeZone: description: >- - Output only. The timestamp of when the WorkflowConfig was last - updated. - readOnly: true + Optional. Specifies the time zone to be used when interpreting + cron_schedule. Must be a time zone name from the time zone database + (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). If + left unspecified, the default is UTC. type: string - format: google-datetime internalMetadata: description: >- Output only. All the metadata information that is used internally to serve the resource. For example: timestamps, flags, status fields, etc. The format of this field is a JSON string. + type: string readOnly: true + Target: + properties: + name: + description: Optional. The action's name, within `database` and `schema`. type: string - InvocationConfig: - id: InvocationConfig + schema: + description: >- + Optional. The action's schema (BigQuery dataset ID), within + `database`. + type: string + database: + description: Optional. The action's database (Google Cloud project ID) . + type: string + id: Target + type: object description: >- - Includes various configuration options for a workflow invocation. If - both `included_targets` and `included_tags` are unset, all actions will - be included. + Represents an action identifier. If the action writes output, the output + will be written to the referenced database object. + ListReleaseConfigsResponse: + description: '`ListReleaseConfigs` response message.' + id: ListReleaseConfigsResponse type: object properties: - includedTargets: - description: Optional. The set of action identifiers to include. + nextPageToken: + type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + releaseConfigs: + description: List of release configs. type: array items: - $ref: '#/components/schemas/Target' - includedTags: - description: Optional. The set of tags to include. - type: array + $ref: '#/components/schemas/ReleaseConfig' + unreachable: + description: Locations which could not be reached. items: type: string - transitiveDependenciesIncluded: - description: >- - Optional. When set to true, transitive dependencies of included - actions will be executed. - type: boolean - transitiveDependentsIncluded: - description: >- - Optional. When set to true, transitive dependents of included - actions will be executed. - type: boolean - fullyRefreshIncrementalTablesEnabled: - description: >- - Optional. When set to true, any incremental tables will be fully - refreshed. - type: boolean - serviceAccount: - description: Optional. The service account to run workflow invocations under. - type: string - ScheduledExecutionRecord: - id: ScheduledExecutionRecord - description: >- - A record of an attempt to create a workflow invocation for this workflow - config. - type: object + type: array + CommitMetadata: + id: CommitMetadata + description: Represents a Dataform Git commit. properties: - workflowInvocation: - description: >- - The name of the created workflow invocation, if one was successfully - created. Must be in the format - `projects/*/locations/*/repositories/*/workflowInvocations/*`. - type: string - errorStatus: - description: >- - The error status encountered upon this attempt to create the - workflow invocation, if the attempt was unsuccessful. - $ref: '#/components/schemas/Status' - executionTime: - description: Output only. The timestamp of this execution attempt. - readOnly: true + author: + description: Required. The commit's author. + $ref: '#/components/schemas/CommitAuthor' + commitMessage: + description: Optional. The commit's message. type: string - format: google-datetime - ListWorkflowInvocationsResponse: - id: ListWorkflowInvocationsResponse - description: '`ListWorkflowInvocations` response message.' type: object + ListWorkflowConfigsResponse: properties: - workflowInvocations: - description: List of workflow invocations. - type: array - items: - $ref: '#/components/schemas/WorkflowInvocation' nextPageToken: description: >- A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. type: string + workflowConfigs: + items: + $ref: '#/components/schemas/WorkflowConfig' + description: List of workflow configs. + type: array unreachable: description: Locations which could not be reached. - type: array items: type: string - WorkflowInvocation: - id: WorkflowInvocation - description: Represents a single invocation of a compilation result. + type: array + type: object + description: '`ListWorkflowConfigs` response message.' + id: ListWorkflowConfigsResponse + ListLocationsResponse: type: object properties: - compilationResult: - description: >- - Immutable. The name of the compilation result to use for this - invocation. Must be in the format - `projects/*/locations/*/repositories/*/compilationResults/*`. - type: string - workflowConfig: - description: >- - Immutable. The name of the workflow config to invoke. Must be in the - format `projects/*/locations/*/repositories/*/workflowConfigs/*`. - type: string - name: - description: Output only. The workflow invocation's name. - readOnly: true - type: string - invocationConfig: - description: Immutable. If left unset, a default InvocationConfig will be used. - $ref: '#/components/schemas/InvocationConfig' - state: - description: Output only. This workflow invocation's current state. - readOnly: true - type: string - enumDescriptions: - - Default value. This value is unused. - - The workflow invocation is currently running. - - The workflow invocation succeeded. A terminal state. - - The workflow invocation was cancelled. A terminal state. - - The workflow invocation failed. A terminal state. - - >- - The workflow invocation is being cancelled, but some actions are - still running. - enum: - - STATE_UNSPECIFIED - - RUNNING - - SUCCEEDED - - CANCELLED - - FAILED - - CANCELING - invocationTiming: - description: Output only. This workflow invocation's timing details. - readOnly: true - $ref: '#/components/schemas/Interval' - resolvedCompilationResult: - description: >- - Output only. The resolved compilation result that was used to create - this invocation. Will be in the format - `projects/*/locations/*/repositories/*/compilationResults/*`. - readOnly: true + nextPageToken: type: string - dataEncryptionState: - description: Output only. Only set if the repository has a KMS Key. - readOnly: true - $ref: '#/components/schemas/DataEncryptionState' - internalMetadata: + description: The standard List next-page token. + locations: + type: array description: >- - Output only. All the metadata information that is used internally to - serve the resource. For example: timestamps, flags, status fields, - etc. The format of this field is a JSON string. - readOnly: true - type: string - Interval: - id: Interval - description: >- - Represents a time interval, encoded as a Timestamp start (inclusive) and - a Timestamp end (exclusive). The start must be less than or equal to the - end. When the start equals the end, the interval is empty (matches no - time). When both start and end are unspecified, the interval matches any - time. - type: object + A list of locations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Location' + id: ListLocationsResponse + description: The response message for Locations.ListLocations. + ListWorkflowInvocationsResponse: + description: '`ListWorkflowInvocations` response message.' + id: ListWorkflowInvocationsResponse properties: - startTime: - description: >- - Optional. Inclusive start of the interval. If specified, a Timestamp - matching this interval will have to be the same or after the start. - type: string - format: google-datetime - endTime: + nextPageToken: description: >- - Optional. Exclusive end of the interval. If specified, a Timestamp - matching this interval will have to be before the end. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - format: google-datetime - CancelWorkflowInvocationRequest: - id: CancelWorkflowInvocationRequest - description: '`CancelWorkflowInvocation` request message.' - type: object - properties: {} - CancelWorkflowInvocationResponse: - id: CancelWorkflowInvocationResponse - description: '`CancelWorkflowInvocation` response message.' + workflowInvocations: + items: + $ref: '#/components/schemas/WorkflowInvocation' + type: array + description: List of workflow invocations. + unreachable: + items: + type: string + description: Locations which could not be reached. + type: array type: object + PullGitCommitsResponse: properties: {} - QueryWorkflowInvocationActionsResponse: - id: QueryWorkflowInvocationActionsResponse - description: '`QueryWorkflowInvocationActions` response message.' type: object + id: PullGitCommitsResponse + description: '`PullGitCommits` response message.' + Binding: properties: - workflowInvocationActions: - description: List of workflow invocation actions. + members: type: array items: - $ref: '#/components/schemas/WorkflowInvocationAction' - nextPageToken: + type: string description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + condition: + $ref: '#/components/schemas/Expr' + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + role: + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). type: string - WorkflowInvocationAction: - id: WorkflowInvocationAction - description: Represents a single action in a workflow invocation. + description: Associates `members`, or principals, with a `role`. + id: Binding type: object + RemoveDirectoryResponse: + id: RemoveDirectoryResponse + description: '`RemoveDirectory` response message.' + type: object + properties: {} + CodeCompilationConfig: + description: Configures various aspects of Dataform code compilation. + type: object + id: CodeCompilationConfig properties: - bigqueryAction: - description: Output only. The workflow action's bigquery action details. - readOnly: true - $ref: '#/components/schemas/BigQueryAction' - notebookAction: - description: Output only. The workflow action's notebook action details. - readOnly: true - $ref: '#/components/schemas/NotebookAction' - dataPreparationAction: - description: Output only. The workflow action's data preparation action details. - readOnly: true - $ref: '#/components/schemas/DataPreparationAction' - target: + defaultNotebookRuntimeOptions: + description: Optional. The default notebook runtime options. + $ref: '#/components/schemas/NotebookRuntimeOptions' + defaultDatabase: + description: Optional. The default database (Google Cloud project ID). + type: string + builtinAssertionNamePrefix: + type: string + description: Optional. The prefix to prepend to built-in assertion names. + assertionSchema: + type: string + description: Optional. The default schema (BigQuery dataset ID) for assertions. + databaseSuffix: + type: string description: >- - Output only. This action's identifier. Unique within the workflow - invocation. - readOnly: true - $ref: '#/components/schemas/Target' - canonicalTarget: + Optional. The suffix that should be appended to all database (Google + Cloud project ID) names. + schemaSuffix: description: >- - Output only. The action's identifier if the project had been - compiled without any overrides configured. Unique within the - compilation result. - readOnly: true - $ref: '#/components/schemas/Target' - state: - description: Output only. This action's current state. - readOnly: true + Optional. The suffix that should be appended to all schema (BigQuery + dataset ID) names. type: string - enumDescriptions: - - The action has not yet been considered for invocation. - - The action is currently running. - - >- - Execution of the action was skipped because upstream dependencies - did not all complete successfully. A terminal state. - - >- - Execution of the action was disabled as per the configuration of - the corresponding compilation result action. A terminal state. - - The action succeeded. A terminal state. - - The action was cancelled. A terminal state. - - The action failed. A terminal state. - enum: - - PENDING - - RUNNING - - SKIPPED - - DISABLED - - SUCCEEDED - - CANCELLED - - FAILED - failureReason: - description: >- - Output only. If and only if action's state is FAILED a failure - reason is set. - readOnly: true + defaultSchema: type: string - invocationTiming: - description: >- - Output only. This action's timing details. `start_time` will be set - if the action is in [RUNNING, SUCCEEDED, CANCELLED, FAILED] state. - `end_time` will be set if the action is in [SUCCEEDED, CANCELLED, - FAILED] state. - readOnly: true - $ref: '#/components/schemas/Interval' - internalMetadata: + description: Optional. The default schema (BigQuery dataset ID). + tablePrefix: + type: string + description: Optional. The prefix that should be prepended to all table names. + vars: + additionalProperties: + type: string description: >- - Output only. All the metadata information that is used internally to - serve the resource. For example: timestamps, flags, status fields, - etc. The format of this field is a JSON string. - readOnly: true + Optional. User-defined variables that are made available to project + code during compilation. + type: object + defaultLocation: type: string + description: >- + Optional. The default BigQuery location to use. Defaults to "US". + See the BigQuery docs for a full list of locations: + https://cloud.google.com/bigquery/docs/locations. + InstallNpmPackagesResponse: + type: object + properties: {} + id: InstallNpmPackagesResponse + description: '`InstallNpmPackages` response message.' BigQueryAction: - id: BigQueryAction description: Represents a workflow action that will run against BigQuery. - type: object + id: BigQueryAction properties: + jobId: + readOnly: true + description: >- + Output only. The ID of the BigQuery job that executed the SQL in + sql_script. Only set once the job has started to run. + type: string sqlScript: description: >- Output only. The generated BigQuery SQL script that will be executed. - readOnly: true type: string - jobId: - description: >- - Output only. The ID of the BigQuery job that executed the SQL in - sql_script. Only set once the job has started to run. readOnly: true - type: string - NotebookAction: - id: NotebookAction - description: Represents a workflow action that will run against a Notebook runtime. + type: object + MoveDirectoryRequest: type: object properties: - contents: - description: Output only. The code contents of a Notebook to be run. - readOnly: true + path: + description: >- + Required. The directory's full path including directory name, + relative to the workspace root. type: string - jobId: + newPath: description: >- - Output only. The ID of the Vertex job that executed the notebook in - contents and also the ID used for the outputs created in Google - Cloud Storage buckets. Only set once the job has started to run. - readOnly: true + Required. The new path for the directory including directory name, + rooted at workspace root. type: string - DataPreparationAction: - id: DataPreparationAction - description: Represents a workflow action that will run a Data Preparation. + id: MoveDirectoryRequest + description: '`MoveDirectory` request message.' + NotebookRuntimeOptions: + description: Configures various aspects of Dataform notebook runtime. type: object + id: NotebookRuntimeOptions properties: - contentsYaml: - description: >- - Output only. YAML representing the contents of the data preparation. - Can be used to show the customer what the input was to their - workflow. - readOnly: true + gcsOutputBucket: type: string - contentsSql: description: >- - SQL definition for a Data Preparation. Contains a SQL query and - additional context information. - $ref: '#/components/schemas/ActionSqlDefinition' - generatedSql: + Optional. The Google Cloud Storage location to upload the result to. + Format: `gs://bucket-name`. + aiPlatformNotebookRuntimeTemplate: description: >- - Output only. The generated BigQuery SQL script that will be - executed. For reference only. - readOnly: true + Optional. The resource name of the [Colab runtime template] + (https://cloud.google.com/colab/docs/runtimes), from which a runtime + is created for notebook executions. If not specified, a runtime is + created with Colab's default specifications. type: string + NotebookAction: + description: Represents a workflow action that will run against a Notebook runtime. + properties: jobId: description: >- - Output only. The ID of the BigQuery job that executed the SQL in - sql_script. Only set once the job has started to run. - readOnly: true + Output only. The ID of the Vertex job that executed the notebook in + contents and also the ID used for the outputs created in Google + Cloud Storage buckets. Only set once the job has started to run. type: string - ActionSqlDefinition: - id: ActionSqlDefinition - description: Definition of a SQL Data Preparation - type: object - properties: - query: - description: >- - The SQL query representing the data preparation steps. Formatted as - a Pipe SQL query statement. + readOnly: true + contents: + readOnly: true + description: Output only. The code contents of a Notebook to be run. type: string - errorTable: - description: Error table configuration, - $ref: '#/components/schemas/ActionErrorTable' - loadConfig: - description: Load configuration. - $ref: '#/components/schemas/ActionLoadConfig' - ActionErrorTable: - id: ActionErrorTable - description: Error table information, used to write error data into a BigQuery table. type: object - properties: - target: - description: Error Table target. - $ref: '#/components/schemas/Target' - retentionDays: - description: >- - Error table partition expiration in days. Only positive values are - allowed. - type: integer - format: int32 - ActionLoadConfig: - id: ActionLoadConfig - description: Simplified load configuration for actions + id: NotebookAction + PullGitCommitsRequest: type: object properties: - replace: - description: Replace destination table - $ref: '#/components/schemas/ActionSimpleLoadMode' - append: - description: Append into destination table - $ref: '#/components/schemas/ActionSimpleLoadMode' - maximum: - description: >- - Insert records where the value exceeds the previous maximum value - for a column in the destination table - $ref: '#/components/schemas/ActionIncrementalLoadMode' - unique: + author: description: >- - Insert records where the value of a column is not already present in - the destination table - $ref: '#/components/schemas/ActionIncrementalLoadMode' - ActionSimpleLoadMode: - id: ActionSimpleLoadMode - description: Simple load definition - type: object - properties: {} - ActionIncrementalLoadMode: - id: ActionIncrementalLoadMode - description: Load definition for incremental load modes - type: object - properties: - column: - description: Column name for incremental load modes - type: string - Config: - id: Config - description: Config for all repositories in a given project and location. - type: object - properties: - name: - description: Identifier. The config name. + Required. The author of any merge commit which may be created as a + result of merging fetched Git commits into this workspace. + $ref: '#/components/schemas/CommitAuthor' + remoteBranch: type: string - defaultKmsKeyName: description: >- - Optional. The default KMS key that is used if no encryption key is - provided when a repository is created. - type: string - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. + Optional. The name of the branch in the Git remote from which to + pull commits. If left unset, the repository's default branch name + will be used. + id: PullGitCommitsRequest + description: '`PullGitCommits` request message.' + Notebook: type: object properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array + dependencyTargets: items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. + $ref: '#/components/schemas/Target' + description: A list of actions that this action depends on. + type: array + disabled: + description: Whether this action is disabled (i.e. should not be run). + type: boolean + contents: + description: The contents of the notebook. type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + tags: + items: + type: string + type: array + description: Arbitrary, user-defined tags on this action. + description: Represents a notebook. + id: Notebook + WriteFileRequest: type: object properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + path: + description: Required. The file. type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + contents: + format: byte type: string - displayName: + description: Required. The file's contents. + id: WriteFileRequest + description: '`WriteFile` request message.' + Operation: + id: Operation + description: >- + This resource represents a long-running operation that is the result of + a network API call. + properties: + error: + $ref: '#/components/schemas/Status' description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: + The error result of the operation in case of failure or + cancellation. + metadata: + type: object description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + response: type: object additionalProperties: - type: string - metadata: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + name: description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string + type: object + Operations: type: object + id: Operations + description: Represents a list of arbitrary database operations. properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - target: + queries: + type: array + items: + type: string description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusDetail: - description: Output only. Human-readable status of the operation, if any. - readOnly: true - type: string - cancelRequested: + A list of arbitrary SQL statements that will be executed without + alteration. + dependencyTargets: + description: A list of actions that this action depends on. + items: + $ref: '#/components/schemas/Target' + type: array + tags: + items: + type: string + description: Arbitrary, user-defined tags on this action. + type: array + hasOutput: + type: boolean + description: Whether these operations produce an output relation. + relationDescriptor: + $ref: '#/components/schemas/RelationDescriptor' description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been cancelled successfully - have google.longrunning.Operation.error value with a - google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - readOnly: true + Descriptor for any output relation and its columns. Only set if + `has_output` is true. + disabled: type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + description: Whether this action is disabled (i.e. should not be run). + SearchFilesResponse: + properties: + searchResults: + items: + $ref: '#/components/schemas/SearchResult' + type: array + description: List of matched results. + nextPageToken: + description: >- + Optional. A token, which can be sent as `page_token` to retrieve the + next page. If this field is omitted, there are no subsequent pages. type: string - IamPolicyOverrideView: - id: IamPolicyOverrideView - description: >- - Contains metadata about the IAM policy override for a given Dataform - resource. If is_active is true, this the policy encoded in - iam_policy_name is the source of truth for this resource. Will be - provided in internal ESV2 views for: Workspaces, Repositories, Folders, - TeamFolders. + description: Client-facing representation of a file search response. + id: SearchFilesResponse type: object - properties: - iamPolicyName: - description: The IAM policy name for the resource. - $ref: '#/components/schemas/PolicyName' - isActive: - description: Whether the IAM policy encoded in this view is active. - type: boolean PolicyName: - id: PolicyName + type: object description: >- An internal name for an IAM policy, based on the resource to which the policy applies. Not to be confused with a resource's external full resource name. For more information on this distinction, see go/iam-full-resource-names. - type: object properties: type: + type: string description: >- Resource type. Types are defined in IAM's .service files. Valid values for type might be 'storage_buckets', 'compute_instances', 'resourcemanager_customers', 'billing_accounts', etc. + region: type: string + description: >- + For Cloud IAM: The location of the Policy. Must be empty or "global" + for Policies owned by global IAM. Must name a region from + prodspec/cloud-iam-cloudspec for Regional IAM Policies, see + go/iam-faq#where-is-iam-currently-deployed. For Local IAM: This + field should be set to "local". id: description: >- Identifies an instance of the type. ID format varies by type. The ID format is defined in the IAM .service file that defines the type, either in path_mapping or in a comment. type: string - region: + id: PolicyName + WriteFile: + description: Represents the write file operation (for files added or modified). + properties: + contents: + type: string + description: The file's contents. + format: byte + type: object + id: WriteFile + QueryCompilationResultActionsResponse: + id: QueryCompilationResultActionsResponse + type: object + description: '`QueryCompilationResultActions` response message.' + properties: + compilationResultActions: + items: + $ref: '#/components/schemas/CompilationResultAction' + type: array + description: List of compilation result actions. + nextPageToken: description: >- - For Cloud IAM: The location of the Policy. Must be empty or "global" - for Policies owned by global IAM. Must name a region from - prodspec/cloud-iam-cloudspec for Regional IAM Policies, see - go/iam-faq#where-is-iam-currently-deployed. For Local IAM: This - field should be set to "local". + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + CancelWorkflowInvocationResponse: + properties: {} + type: object + id: CancelWorkflowInvocationResponse + description: '`CancelWorkflowInvocation` response message.' + WriteFileResponse: + type: object + id: WriteFileResponse + properties: {} + description: '`WriteFile` response message.' + QueryRepositoryDirectoryContentsResponse: + type: object + description: '`QueryRepositoryDirectoryContents` response message.' + id: QueryRepositoryDirectoryContentsResponse + properties: + directoryEntries: + type: array + items: + $ref: '#/components/schemas/DirectoryEntry' + description: List of entries in the directory. + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + Empty: + properties: {} + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + FetchFileGitStatusesResponse: + type: object + description: '`FetchFileGitStatuses` response message.' + properties: + uncommittedFileChanges: + description: >- + A list of all files which have uncommitted Git changes. There will + only be a single entry for any given file. + type: array + items: + $ref: '#/components/schemas/UncommittedFileChange' + id: FetchFileGitStatusesResponse + QueryDirectoryContentsResponse: + id: QueryDirectoryContentsResponse + properties: + directoryEntries: + type: array + description: List of entries in the directory. + items: + $ref: '#/components/schemas/DirectoryEntry' + nextPageToken: type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + description: '`QueryDirectoryContents` response message.' + type: object + CancelWorkflowInvocationRequest: + description: '`CancelWorkflowInvocation` request message.' + properties: {} + type: object + id: CancelWorkflowInvocationRequest + ActionLoadConfig: + description: Simplified load configuration for actions + properties: + append: + description: Append into destination table + $ref: '#/components/schemas/ActionSimpleLoadMode' + replace: + $ref: '#/components/schemas/ActionSimpleLoadMode' + description: Replace destination table + unique: + $ref: '#/components/schemas/ActionIncrementalLoadMode' + description: >- + Insert records where the value of a column is not already present in + the destination table + maximum: + $ref: '#/components/schemas/ActionIncrementalLoadMode' + description: >- + Insert records where the value exceeds the previous maximum value + for a column in the destination table + type: object + id: ActionLoadConfig parameters: - access_token: - description: OAuth access token. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: access_token + name: key schema: type: string - alt: - description: Data format for response. + access_token: + description: OAuth access token. in: query - name: alt + name: access_token schema: type: string - enum: - - json - - media - - proto - callback: - description: JSONP + _.xgafv: + description: V1 error format. in: query - name: callback + name: $.xgafv schema: type: string + enum: + - '1' + - '2' fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + callback: + description: JSONP + in: query + name: callback + schema: + type: string prettyPrint: description: Returns response with indentations and line breaks. in: query @@ -2529,407 +2624,195 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query name: uploadType schema: type: string - _.xgafv: - description: V1 error format. + alt: + description: Data format for response. in: query - name: $.xgafv + name: alt schema: type: string enum: - - '1' - - '2' + - json + - media + - proto x-stackQL-resources: - config: - id: google.dataform.config - name: config - title: Config + operations: + id: google.dataform.operations + name: operations + title: Operations methods: - get_config: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1config/get - response: - mediaType: application/json - openAPIDocKey: '200' - update_config: + delete: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1config/patch - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/config/methods/get_config' - insert: [] - update: - - $ref: '#/components/x-stackQL-resources/config/methods/update_config' - replace: [] - delete: [] - locations: - id: google.dataform.locations - name: locations - title: Locations - methods: - list: - operation: - $ref: '#/paths/~1v1beta1~1projects~1{projectsId}~1locations/get' + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.locations get: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - repositories_iam_policies: - id: google.dataform.repositories_iam_policies - name: repositories_iam_policies - title: Repositories_iam_policies - methods: - set_iam_policy: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - get_iam_policy: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/repositories_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/repositories_iam_policies/methods/set_iam_policy - delete: [] - repositories: - id: google.dataform.repositories - name: repositories - title: Repositories - methods: list: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.repositories - create: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories/post - response: - mediaType: application/json - openAPIDocKey: '200' - get: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - commit: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:commit/post - response: - mediaType: application/json - openAPIDocKey: '200' - read_file: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:readFile/get - response: - mediaType: application/json - openAPIDocKey: '200' - query_directory_contents: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:queryDirectoryContents/get - response: - mediaType: application/json - openAPIDocKey: '200' - compute_access_token_status: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:computeAccessTokenStatus/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/repositories/methods/get' - - $ref: >- - #/components/x-stackQL-resources/repositories/methods/query_directory_contents - - $ref: '#/components/x-stackQL-resources/repositories/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/repositories/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/repositories/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/repositories/methods/delete' - repositories_history: - id: google.dataform.repositories_history - name: repositories_history - title: Repositories_history - methods: - fetch_history: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:fetchHistory/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/repositories_history/methods/fetch_history - insert: [] - update: [] - replace: [] - delete: [] - repositories_remote_branches: - id: google.dataform.repositories_remote_branches - name: repositories_remote_branches - title: Repositories_remote_branches - methods: - fetch_remote_branches: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:fetchRemoteBranches/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/repositories_remote_branches/methods/fetch_remote_branches - insert: [] - update: [] - replace: [] - delete: [] - workspaces_iam_policies: - id: google.dataform.workspaces_iam_policies - name: workspaces_iam_policies - title: Workspaces_iam_policies - methods: - set_iam_policy: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - get_iam_policy: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + objectKey: $.operations + cancel: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/workspaces_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/workspaces_iam_policies/methods/set_iam_policy - delete: [] + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' + insert: [] + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' workspaces: id: google.dataform.workspaces name: workspaces title: Workspaces methods: - list: + reset: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:reset/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.workspaces - create: + install_npm_packages: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:installNpmPackages/post response: mediaType: application/json openAPIDocKey: '200' - get: + remove_directory: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:removeDirectory/post response: mediaType: application/json openAPIDocKey: '200' - delete: + remove_file: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:removeFile/post response: mediaType: application/json openAPIDocKey: '200' - install_npm_packages: + delete: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:installNpmPackages/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}/delete response: mediaType: application/json openAPIDocKey: '200' - pull: + get: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:pull/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}/get response: mediaType: application/json openAPIDocKey: '200' - push: + make_directory: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:push/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:makeDirectory/post response: mediaType: application/json openAPIDocKey: '200' - commit: + write_file: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:commit/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:writeFile/post response: mediaType: application/json openAPIDocKey: '200' - reset: + create: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:reset/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces/post response: mediaType: application/json openAPIDocKey: '200' - query_directory_contents: + list: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:queryDirectoryContents/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.workspaces search_files: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:searchFiles/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:searchFiles/get response: mediaType: application/json openAPIDocKey: '200' - make_directory: + move_directory: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:makeDirectory/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:moveDirectory/post response: mediaType: application/json openAPIDocKey: '200' - remove_directory: + query_directory_contents: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:removeDirectory/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:queryDirectoryContents/get response: mediaType: application/json openAPIDocKey: '200' - move_directory: + move_file: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:moveDirectory/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:moveFile/post response: mediaType: application/json openAPIDocKey: '200' read_file: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:readFile/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:readFile/get response: mediaType: application/json openAPIDocKey: '200' - remove_file: + push: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:removeFile/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:push/post response: mediaType: application/json openAPIDocKey: '200' - move_file: + pull: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:moveFile/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:pull/post response: mediaType: application/json openAPIDocKey: '200' - write_file: + commit: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:writeFile/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:commit/post response: mediaType: application/json openAPIDocKey: '200' @@ -2945,45 +2828,62 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/workspaces/methods/delete' - workspaces_file_git_statuses: - id: google.dataform.workspaces_file_git_statuses - name: workspaces_file_git_statuses - title: Workspaces_file_git_statuses + workspaces_git_ahead_behind: + id: google.dataform.workspaces_git_ahead_behind + name: workspaces_git_ahead_behind + title: Workspaces_git_ahead_behind methods: - fetch_file_git_statuses: + fetch_git_ahead_behind: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:fetchFileGitStatuses/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:fetchGitAheadBehind/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/workspaces_file_git_statuses/methods/fetch_file_git_statuses + #/components/x-stackQL-resources/workspaces_git_ahead_behind/methods/fetch_git_ahead_behind insert: [] update: [] replace: [] delete: [] - workspaces_git_ahead_behind: - id: google.dataform.workspaces_git_ahead_behind - name: workspaces_git_ahead_behind - title: Workspaces_git_ahead_behind + workspaces_iam_policies: + id: google.dataform.workspaces_iam_policies + name: workspaces_iam_policies + title: Workspaces_iam_policies methods: - fetch_git_ahead_behind: + test_iam_permissions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:fetchGitAheadBehind/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/workspaces_git_ahead_behind/methods/fetch_git_ahead_behind + #/components/x-stackQL-resources/workspaces_iam_policies/methods/get_iam_policy insert: [] update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/workspaces_iam_policies/methods/set_iam_policy delete: [] workspaces_file_diff: id: google.dataform.workspaces_file_diff @@ -2993,7 +2893,7 @@ components: fetch_file_diff: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:fetchFileDiff/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:fetchFileDiff/get response: mediaType: application/json openAPIDocKey: '200' @@ -3005,6 +2905,133 @@ components: update: [] replace: [] delete: [] + workspaces_file_git_statuses: + id: google.dataform.workspaces_file_git_statuses + name: workspaces_file_git_statuses + title: Workspaces_file_git_statuses + methods: + fetch_file_git_statuses: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workspaces~1{workspacesId}:fetchFileGitStatuses/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/workspaces_file_git_statuses/methods/fetch_file_git_statuses + insert: [] + update: [] + replace: [] + delete: [] + workflow_invocations: + id: google.dataform.workflow_invocations + name: workflow_invocations + title: Workflow_invocations + methods: + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowInvocations~1{workflowInvocationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowInvocations~1{workflowInvocationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowInvocations~1{workflowInvocationsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowInvocations/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowInvocations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.workflowInvocations + query: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowInvocations~1{workflowInvocationsId}:query/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/workflow_invocations/methods/get' + - $ref: >- + #/components/x-stackQL-resources/workflow_invocations/methods/query + - $ref: '#/components/x-stackQL-resources/workflow_invocations/methods/list' + insert: + - $ref: >- + #/components/x-stackQL-resources/workflow_invocations/methods/create + update: [] + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/workflow_invocations/methods/delete + compilation_results: + id: google.dataform.compilation_results + name: compilation_results + title: Compilation_results + methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1compilationResults/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.compilationResults + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1compilationResults/post + response: + mediaType: application/json + openAPIDocKey: '200' + query: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1compilationResults~1{compilationResultsId}:query/get + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1compilationResults~1{compilationResultsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/compilation_results/methods/query' + - $ref: '#/components/x-stackQL-resources/compilation_results/methods/get' + - $ref: '#/components/x-stackQL-resources/compilation_results/methods/list' + insert: + - $ref: >- + #/components/x-stackQL-resources/compilation_results/methods/create + update: [] + replace: [] + delete: [] release_configs: id: google.dataform.release_configs name: release_configs @@ -3013,7 +3040,7 @@ components: list: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1releaseConfigs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1releaseConfigs/get response: mediaType: application/json openAPIDocKey: '200' @@ -3021,28 +3048,28 @@ components: create: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1releaseConfigs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1releaseConfigs/post response: mediaType: application/json openAPIDocKey: '200' - get: + delete: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1releaseConfigs~1{releaseConfigsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1releaseConfigs~1{releaseConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1releaseConfigs~1{releaseConfigsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1releaseConfigs~1{releaseConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1releaseConfigs~1{releaseConfigsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1releaseConfigs~1{releaseConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -3057,165 +3084,217 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/release_configs/methods/delete' - compilation_results: - id: google.dataform.compilation_results - name: compilation_results - title: Compilation_results + workflow_configs: + id: google.dataform.workflow_configs + name: workflow_configs + title: Workflow_configs + methods: + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowConfigs~1{workflowConfigsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowConfigs~1{workflowConfigsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowConfigs~1{workflowConfigsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowConfigs/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.workflowConfigs + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowConfigs/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/workflow_configs/methods/get' + - $ref: '#/components/x-stackQL-resources/workflow_configs/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/workflow_configs/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/workflow_configs/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/workflow_configs/methods/delete' + repositories: + id: google.dataform.repositories + name: repositories + title: Repositories methods: - list: + create: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1compilationResults/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.compilationResults - create: + list: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1compilationResults/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories/get response: mediaType: application/json openAPIDocKey: '200' - get: + objectKey: $.repositories + compute_access_token_status: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1compilationResults~1{compilationResultsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:computeAccessTokenStatus/get response: mediaType: application/json openAPIDocKey: '200' - query: + get: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1compilationResults~1{compilationResultsId}:query/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/compilation_results/methods/get' - - $ref: '#/components/x-stackQL-resources/compilation_results/methods/query' - - $ref: '#/components/x-stackQL-resources/compilation_results/methods/list' - insert: - - $ref: >- - #/components/x-stackQL-resources/compilation_results/methods/create - update: [] - replace: [] - delete: [] - workflow_configs: - id: google.dataform.workflow_configs - name: workflow_configs - title: Workflow_configs - methods: - list: + patch: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowConfigs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.workflowConfigs - create: + delete: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowConfigs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/delete response: mediaType: application/json openAPIDocKey: '200' - get: + commit: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowConfigs~1{workflowConfigsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:commit/post response: mediaType: application/json openAPIDocKey: '200' - patch: + query_directory_contents: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowConfigs~1{workflowConfigsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:queryDirectoryContents/get response: mediaType: application/json openAPIDocKey: '200' - delete: + read_file: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowConfigs~1{workflowConfigsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:readFile/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/workflow_configs/methods/get' - - $ref: '#/components/x-stackQL-resources/workflow_configs/methods/list' + - $ref: '#/components/x-stackQL-resources/repositories/methods/get' + - $ref: >- + #/components/x-stackQL-resources/repositories/methods/query_directory_contents + - $ref: '#/components/x-stackQL-resources/repositories/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/workflow_configs/methods/create' + - $ref: '#/components/x-stackQL-resources/repositories/methods/create' update: - - $ref: '#/components/x-stackQL-resources/workflow_configs/methods/patch' + - $ref: '#/components/x-stackQL-resources/repositories/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/workflow_configs/methods/delete' - workflow_invocations: - id: google.dataform.workflow_invocations - name: workflow_invocations - title: Workflow_invocations + - $ref: '#/components/x-stackQL-resources/repositories/methods/delete' + repositories_history: + id: google.dataform.repositories_history + name: repositories_history + title: Repositories_history methods: - list: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowInvocations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.workflowInvocations - create: + fetch_history: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowInvocations/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:fetchHistory/get response: mediaType: application/json openAPIDocKey: '200' - get: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/repositories_history/methods/fetch_history + insert: [] + update: [] + replace: [] + delete: [] + repositories_remote_branches: + id: google.dataform.repositories_remote_branches + name: repositories_remote_branches + title: Repositories_remote_branches + methods: + fetch_remote_branches: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowInvocations~1{workflowInvocationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:fetchRemoteBranches/get response: mediaType: application/json openAPIDocKey: '200' - delete: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/repositories_remote_branches/methods/fetch_remote_branches + insert: [] + update: [] + replace: [] + delete: [] + repositories_iam_policies: + id: google.dataform.repositories_iam_policies + name: repositories_iam_policies + title: Repositories_iam_policies + methods: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowInvocations~1{workflowInvocationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - cancel: + get_iam_policy: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowInvocations~1{workflowInvocationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - query: + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1workflowInvocations~1{workflowInvocationsId}:query/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/workflow_invocations/methods/get' - - $ref: >- - #/components/x-stackQL-resources/workflow_invocations/methods/query - - $ref: '#/components/x-stackQL-resources/workflow_invocations/methods/list' - insert: - $ref: >- - #/components/x-stackQL-resources/workflow_invocations/methods/create + #/components/x-stackQL-resources/repositories_iam_policies/methods/get_iam_policy + insert: [] update: [] - replace: [] - delete: + replace: - $ref: >- - #/components/x-stackQL-resources/workflow_invocations/methods/delete + #/components/x-stackQL-resources/repositories_iam_policies/methods/set_iam_policy + delete: [] folders_iam_policies: id: google.dataform.folders_iam_policies name: folders_iam_policies @@ -3224,25 +3303,25 @@ components: set_iam_policy: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1folders~1{foldersId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1folders~1{foldersId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1folders~1{foldersId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1folders~1{foldersId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + get_iam_policy: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1folders~1{foldersId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1folders~1{foldersId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- @@ -3261,14 +3340,14 @@ components: set_iam_policy: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1teamFolders~1{teamFoldersId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1teamFolders~1{teamFoldersId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' get_iam_policy: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1teamFolders~1{teamFoldersId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1teamFolders~1{teamFoldersId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' @@ -3276,7 +3355,7 @@ components: test_iam_permissions: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1teamFolders~1{teamFoldersId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1teamFolders~1{teamFoldersId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' @@ -3290,66 +3369,80 @@ components: - $ref: >- #/components/x-stackQL-resources/team_folders_iam_policies/methods/set_iam_policy delete: [] - operations: - id: google.dataform.operations - name: operations - title: Operations + config: + id: google.dataform.config + name: config + title: Config methods: - list: + get_config: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1config/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - get: + update_config: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1config/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/config/methods/get_config' + insert: [] + update: + - $ref: '#/components/x-stackQL-resources/config/methods/update_config' + replace: [] + delete: [] + locations: + id: google.dataform.locations + name: locations + title: Locations + methods: + list: operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' - cancel: + objectKey: $.locations + get: operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + delete: [] paths: - /v1beta1/projects/{projectsId}/locations/{locationsId}/config: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: &ref_1 + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - get: - description: Get default config for a given project and location. - operationId: dataform.projects.locations.getConfig + - $ref: '#/components/parameters/alt' + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: dataform.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3365,7 +3458,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Config' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -3377,19 +3470,17 @@ paths: required: true schema: type: string - patch: + - in: path + name: operationsId + required: true + schema: + type: string + get: description: >- - Update default config for a given project and location. **Note:** *This - method does not fully implement [AIP/134](https://google.aip.dev/134). - The wildcard entry (\*) is treated as a bad request, and when the - `field_mask` is omitted, the request is treated as a full update on all - modifiable fields.* - operationId: dataform.projects.locations.updateConfig - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Config' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: dataform.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3405,7 +3496,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Config' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3417,16 +3508,18 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: operationsId + required: true schema: type: string - format: google-fieldmask - /v1beta1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 get: - description: Lists information about the supported locations for this service. - operationId: dataform.projects.locations.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: dataform.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3442,13 +3535,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId required: true schema: type: string + - in: path + name: locationsId + required: true + schema: + type: string - in: query name: filter schema: @@ -3462,55 +3560,29 @@ paths: name: pageToken schema: type: string - - in: query - name: extraLocationTypes - schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 - get: - description: Gets information about a location. - operationId: dataform.projects.locations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/bigquery - Oauth2c: - - https://www.googleapis.com/auth/bigquery - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Location' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true + - in: query + name: returnPartialSuccess schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:setIamPolicy: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: dataform.projects.locations.repositories.setIamPolicy + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: dataform.projects.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3526,7 +3598,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -3539,17 +3611,20 @@ paths: schema: type: string - in: path - name: repositoriesId + name: operationsId required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:reset: parameters: *ref_1 - get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: dataform.projects.locations.repositories.getIamPolicy + post: + description: Performs a Git reset for uncommitted files in a Workspace. + operationId: dataform.projects.locations.repositories.workspaces.reset + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ResetWorkspaceChangesRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3565,7 +3640,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ResetWorkspaceChangesResponse' parameters: - in: path name: projectsId @@ -3582,26 +3657,21 @@ paths: required: true schema: type: string - - in: query - name: options.requestedPolicyVersion + - in: path + name: workspacesId + required: true schema: - type: integer - format: int32 - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:testIamPermissions: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:installNpmPackages: parameters: *ref_1 post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: dataform.projects.locations.repositories.testIamPermissions + description: Installs dependency NPM packages (inside a Workspace). + operationId: dataform.projects.locations.repositories.workspaces.installNpmPackages requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/InstallNpmPackagesRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3617,7 +3687,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/InstallNpmPackagesResponse' parameters: - in: path name: projectsId @@ -3634,14 +3704,21 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories: + - in: path + name: workspacesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:removeDirectory: parameters: *ref_1 - get: - description: >- - Lists Repositories in a given project and location. **Note:** *This - method can return repositories not shown in the [Dataform - UI](https://console.cloud.google.com/bigquery/dataform)*. - operationId: dataform.projects.locations.repositories.list + post: + description: Deletes a directory (inside a Workspace) and all of its contents. + operationId: dataform.projects.locations.repositories.workspaces.removeDirectory + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RemoveDirectoryRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3657,7 +3734,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRepositoriesResponse' + $ref: '#/components/schemas/RemoveDirectoryResponse' parameters: - in: path name: projectsId @@ -3669,31 +3746,26 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy + - in: path + name: repositoriesId + required: true schema: type: string - - in: query - name: filter + - in: path + name: workspacesId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:removeFile: + parameters: *ref_1 post: - description: Creates a new Repository in a given project and location. - operationId: dataform.projects.locations.repositories.create + description: Deletes a file (inside a Workspace). + operationId: dataform.projects.locations.repositories.workspaces.removeFile requestBody: content: application/json: schema: - $ref: '#/components/schemas/Repository' + $ref: '#/components/schemas/RemoveFileRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3709,7 +3781,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Repository' + $ref: '#/components/schemas/RemoveFileResponse' parameters: - in: path name: projectsId @@ -3721,15 +3793,21 @@ paths: required: true schema: type: string - - in: query - name: repositoryId + - in: path + name: repositoriesId + required: true + schema: + type: string + - in: path + name: workspacesId + required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}: parameters: *ref_1 - get: - description: Fetches a single Repository. - operationId: dataform.projects.locations.repositories.get + delete: + description: Deletes a single Workspace. + operationId: dataform.projects.locations.repositories.workspaces.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3745,7 +3823,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Repository' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -3762,18 +3840,14 @@ paths: required: true schema: type: string - patch: - description: >- - Updates a single Repository. **Note:** *This method does not fully - implement [AIP/134](https://google.aip.dev/134). The wildcard entry (\*) - is treated as a bad request, and when the `field_mask` is omitted, the - request is treated as a full update on all modifiable fields.* - operationId: dataform.projects.locations.repositories.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Repository' + - in: path + name: workspacesId + required: true + schema: + type: string + get: + description: Fetches a single Workspace. + operationId: dataform.projects.locations.repositories.workspaces.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3789,7 +3863,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Repository' + $ref: '#/components/schemas/Workspace' parameters: - in: path name: projectsId @@ -3806,14 +3880,16 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: workspacesId + required: true schema: type: string - format: google-fieldmask - delete: - description: Deletes a single Repository. - operationId: dataform.projects.locations.repositories.delete + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:fetchGitAheadBehind: + parameters: *ref_1 + get: + description: Fetches Git ahead/behind against a remote branch. + operationId: dataform.projects.locations.repositories.workspaces.fetchGitAheadBehind security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3829,7 +3905,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/FetchGitAheadBehindResponse' parameters: - in: path name: projectsId @@ -3846,22 +3922,30 @@ paths: required: true schema: type: string + - in: path + name: workspacesId + required: true + schema: + type: string - in: query - name: force + name: remoteBranch schema: - type: boolean - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:commit: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:testIamPermissions: parameters: *ref_1 post: description: >- - Applies a Git commit to a Repository. The Repository must not have a - value for `git_remote_settings.url`. - operationId: dataform.projects.locations.repositories.commit + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: dataform.projects.locations.repositories.workspaces.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/CommitRepositoryChangesRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3877,7 +3961,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CommitRepositoryChangesResponse' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -3894,13 +3978,21 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:readFile: + - in: path + name: workspacesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:makeDirectory: parameters: *ref_1 - get: - description: >- - Returns the contents of a file (inside a Repository). The Repository - must not have a value for `git_remote_settings.url`. - operationId: dataform.projects.locations.repositories.readFile + post: + description: Creates a directory inside a Workspace. + operationId: dataform.projects.locations.repositories.workspaces.makeDirectory + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/MakeDirectoryRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3916,7 +4008,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ReadRepositoryFileResponse' + $ref: '#/components/schemas/MakeDirectoryResponse' parameters: - in: path name: projectsId @@ -3933,21 +4025,21 @@ paths: required: true schema: type: string - - in: query - name: commitSha - schema: - type: string - - in: query - name: path + - in: path + name: workspacesId + required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:queryDirectoryContents: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:writeFile: parameters: *ref_1 - get: - description: >- - Returns the contents of a given Repository directory. The Repository - must not have a value for `git_remote_settings.url`. - operationId: dataform.projects.locations.repositories.queryDirectoryContents + post: + description: Writes to a file (inside a Workspace). + operationId: dataform.projects.locations.repositories.workspaces.writeFile + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/WriteFileRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -3963,7 +4055,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/QueryRepositoryDirectoryContentsResponse' + $ref: '#/components/schemas/WriteFileResponse' parameters: - in: path name: projectsId @@ -3980,30 +4072,18 @@ paths: required: true schema: type: string - - in: query - name: commitSha - schema: - type: string - - in: query - name: path - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: workspacesId + required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:fetchHistory: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:getIamPolicy: parameters: *ref_1 get: description: >- - Fetches a Repository's history of commits. The Repository must not have - a value for `git_remote_settings.url`. - operationId: dataform.projects.locations.repositories.fetchHistory + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: dataform.projects.locations.repositories.workspaces.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4019,7 +4099,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchRepositoryHistoryResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -4036,20 +4116,26 @@ paths: required: true schema: type: string + - in: path + name: workspacesId + required: true + schema: + type: string - in: query - name: pageSize + name: options.requestedPolicyVersion schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:computeAccessTokenStatus: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces: parameters: *ref_1 - get: - description: Computes a Repository's Git access token status. - operationId: dataform.projects.locations.repositories.computeAccessTokenStatus + post: + description: Creates a new Workspace in a given Repository. + operationId: dataform.projects.locations.repositories.workspaces.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Workspace' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4065,8 +4151,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ComputeRepositoryAccessTokenStatusResponse + $ref: '#/components/schemas/Workspace' parameters: - in: path name: projectsId @@ -4083,11 +4168,13 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:fetchRemoteBranches: - parameters: *ref_1 + - in: query + name: workspaceId + schema: + type: string get: - description: Fetches a Repository's remote branches. - operationId: dataform.projects.locations.repositories.fetchRemoteBranches + description: Lists Workspaces in a given Repository. + operationId: dataform.projects.locations.repositories.workspaces.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4103,7 +4190,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchRemoteBranchesResponse' + $ref: '#/components/schemas/ListWorkspacesResponse' parameters: - in: path name: projectsId @@ -4120,19 +4207,28 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:setIamPolicy: + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:searchFiles: parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: dataform.projects.locations.repositories.workspaces.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + get: + description: Finds the contents of a given Workspace directory by filter. + operationId: dataform.projects.locations.repositories.workspaces.searchFiles security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4148,7 +4244,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/SearchFilesResponse' parameters: - in: path name: projectsId @@ -4170,13 +4266,31 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:getIamPolicy: + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:moveDirectory: parameters: *ref_1 - get: + post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: dataform.projects.locations.repositories.workspaces.getIamPolicy + Moves a directory (inside a Workspace), and all of its contents, to a + new location. + operationId: dataform.projects.locations.repositories.workspaces.moveDirectory + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/MoveDirectoryRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4192,7 +4306,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/MoveDirectoryResponse' parameters: - in: path name: projectsId @@ -4214,26 +4328,19 @@ paths: required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:setIamPolicy: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: dataform.projects.locations.repositories.workspaces.testIamPermissions + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: dataform.projects.locations.repositories.workspaces.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4249,7 +4356,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -4271,11 +4378,12 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:queryDirectoryContents: parameters: *ref_1 get: - description: Lists Workspaces in a given Repository. - operationId: dataform.projects.locations.repositories.workspaces.list + description: Returns the contents of a given Workspace directory. + operationId: >- + dataform.projects.locations.repositories.workspaces.queryDirectoryContents security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4291,7 +4399,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListWorkspacesResponse' + $ref: '#/components/schemas/QueryDirectoryContentsResponse' parameters: - in: path name: projectsId @@ -4308,31 +4416,34 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: workspacesId + required: true schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - in: query - name: orderBy + name: path schema: type: string - in: query - name: filter + name: pageSize schema: - type: string + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:moveFile: + parameters: *ref_1 post: - description: Creates a new Workspace in a given Repository. - operationId: dataform.projects.locations.repositories.workspaces.create + description: Moves a file (inside a Workspace) to a new location. + operationId: dataform.projects.locations.repositories.workspaces.moveFile requestBody: content: application/json: schema: - $ref: '#/components/schemas/Workspace' + $ref: '#/components/schemas/MoveFileRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4348,7 +4459,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Workspace' + $ref: '#/components/schemas/MoveFileResponse' parameters: - in: path name: projectsId @@ -4365,15 +4476,16 @@ paths: required: true schema: type: string - - in: query - name: workspaceId + - in: path + name: workspacesId + required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:fetchFileDiff: parameters: *ref_1 get: - description: Fetches a single Workspace. - operationId: dataform.projects.locations.repositories.workspaces.get + description: Fetches Git diff for an uncommitted file in a Workspace. + operationId: dataform.projects.locations.repositories.workspaces.fetchFileDiff security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4389,7 +4501,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Workspace' + $ref: '#/components/schemas/FetchFileDiffResponse' parameters: - in: path name: projectsId @@ -4411,9 +4523,15 @@ paths: required: true schema: type: string - delete: - description: Deletes a single Workspace. - operationId: dataform.projects.locations.repositories.workspaces.delete + - in: query + name: path + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:readFile: + parameters: *ref_1 + get: + description: Returns the contents of a file (inside a Workspace). + operationId: dataform.projects.locations.repositories.workspaces.readFile security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4429,7 +4547,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ReadFileResponse' parameters: - in: path name: projectsId @@ -4451,16 +4569,24 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:installNpmPackages: + - in: query + name: revision + schema: + type: string + - in: query + name: path + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:push: parameters: *ref_1 post: - description: Installs dependency NPM packages (inside a Workspace). - operationId: dataform.projects.locations.repositories.workspaces.installNpmPackages + description: Pushes Git commits from a Workspace to the Repository's remote. + operationId: dataform.projects.locations.repositories.workspaces.push requestBody: content: application/json: schema: - $ref: '#/components/schemas/InstallNpmPackagesRequest' + $ref: '#/components/schemas/PushGitCommitsRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4476,7 +4602,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/InstallNpmPackagesResponse' + $ref: '#/components/schemas/PushGitCommitsResponse' parameters: - in: path name: projectsId @@ -4498,16 +4624,11 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:pull: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:fetchFileGitStatuses: parameters: *ref_1 - post: - description: Pulls Git commits from the Repository's remote into a Workspace. - operationId: dataform.projects.locations.repositories.workspaces.pull - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PullGitCommitsRequest' + get: + description: Fetches Git statuses for the files in a Workspace. + operationId: dataform.projects.locations.repositories.workspaces.fetchFileGitStatuses security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4523,7 +4644,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PullGitCommitsResponse' + $ref: '#/components/schemas/FetchFileGitStatusesResponse' parameters: - in: path name: projectsId @@ -4545,16 +4666,16 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:push: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:pull: parameters: *ref_1 post: - description: Pushes Git commits from a Workspace to the Repository's remote. - operationId: dataform.projects.locations.repositories.workspaces.push + description: Pulls Git commits from the Repository's remote into a Workspace. + operationId: dataform.projects.locations.repositories.workspaces.pull requestBody: content: application/json: schema: - $ref: '#/components/schemas/PushGitCommitsRequest' + $ref: '#/components/schemas/PullGitCommitsRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4570,7 +4691,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PushGitCommitsResponse' + $ref: '#/components/schemas/PullGitCommitsResponse' parameters: - in: path name: projectsId @@ -4592,11 +4713,16 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:fetchFileGitStatuses: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:commit: parameters: *ref_1 - get: - description: Fetches Git statuses for the files in a Workspace. - operationId: dataform.projects.locations.repositories.workspaces.fetchFileGitStatuses + post: + description: Applies a Git commit for uncommitted files in a Workspace. + operationId: dataform.projects.locations.repositories.workspaces.commit + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CommitWorkspaceChangesRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4612,7 +4738,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchFileGitStatusesResponse' + $ref: '#/components/schemas/CommitWorkspaceChangesResponse' parameters: - in: path name: projectsId @@ -4634,11 +4760,11 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:fetchGitAheadBehind: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workflowInvocations/{workflowInvocationsId}: parameters: *ref_1 get: - description: Fetches Git ahead/behind against a remote branch. - operationId: dataform.projects.locations.repositories.workspaces.fetchGitAheadBehind + description: Fetches a single WorkflowInvocation. + operationId: dataform.projects.locations.repositories.workflowInvocations.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4654,7 +4780,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchGitAheadBehindResponse' + $ref: '#/components/schemas/WorkflowInvocation' parameters: - in: path name: projectsId @@ -4672,24 +4798,13 @@ paths: schema: type: string - in: path - name: workspacesId + name: workflowInvocationsId required: true schema: type: string - - in: query - name: remoteBranch - schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:commit: - parameters: *ref_1 - post: - description: Applies a Git commit for uncommitted files in a Workspace. - operationId: dataform.projects.locations.repositories.workspaces.commit - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CommitWorkspaceChangesRequest' + delete: + description: Deletes a single WorkflowInvocation. + operationId: dataform.projects.locations.repositories.workflowInvocations.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4705,7 +4820,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CommitWorkspaceChangesResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -4723,20 +4838,20 @@ paths: schema: type: string - in: path - name: workspacesId + name: workflowInvocationsId required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:reset: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workflowInvocations/{workflowInvocationsId}:cancel: parameters: *ref_1 post: - description: Performs a Git reset for uncommitted files in a Workspace. - operationId: dataform.projects.locations.repositories.workspaces.reset + description: Requests cancellation of a running WorkflowInvocation. + operationId: dataform.projects.locations.repositories.workflowInvocations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/ResetWorkspaceChangesRequest' + $ref: '#/components/schemas/CancelWorkflowInvocationRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4752,7 +4867,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ResetWorkspaceChangesResponse' + $ref: '#/components/schemas/CancelWorkflowInvocationResponse' parameters: - in: path name: projectsId @@ -4770,15 +4885,20 @@ paths: schema: type: string - in: path - name: workspacesId + name: workflowInvocationsId required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:fetchFileDiff: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workflowInvocations: parameters: *ref_1 - get: - description: Fetches Git diff for an uncommitted file in a Workspace. - operationId: dataform.projects.locations.repositories.workspaces.fetchFileDiff + post: + description: Creates a new WorkflowInvocation in a given Repository. + operationId: dataform.projects.locations.repositories.workflowInvocations.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowInvocation' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4794,7 +4914,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchFileDiffResponse' + $ref: '#/components/schemas/WorkflowInvocation' parameters: - in: path name: projectsId @@ -4811,21 +4931,9 @@ paths: required: true schema: type: string - - in: path - name: workspacesId - required: true - schema: - type: string - - in: query - name: path - schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:queryDirectoryContents: - parameters: *ref_1 get: - description: Returns the contents of a given Workspace directory. - operationId: >- - dataform.projects.locations.repositories.workspaces.queryDirectoryContents + description: Lists WorkflowInvocations in a given Repository. + operationId: dataform.projects.locations.repositories.workflowInvocations.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4841,7 +4949,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/QueryDirectoryContentsResponse' + $ref: '#/components/schemas/ListWorkflowInvocationsResponse' parameters: - in: path name: projectsId @@ -4858,13 +4966,8 @@ paths: required: true schema: type: string - - in: path - name: workspacesId - required: true - schema: - type: string - in: query - name: path + name: orderBy schema: type: string - in: query @@ -4872,15 +4975,19 @@ paths: schema: type: integer format: int32 + - in: query + name: filter + schema: + type: string - in: query name: pageToken schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:searchFiles: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workflowInvocations/{workflowInvocationsId}:query: parameters: *ref_1 get: - description: Finds the contents of a given Workspace directory by filter. - operationId: dataform.projects.locations.repositories.workspaces.searchFiles + description: Returns WorkflowInvocationActions in a given WorkflowInvocation. + operationId: dataform.projects.locations.repositories.workflowInvocations.query security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4896,7 +5003,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SearchFilesResponse' + $ref: '#/components/schemas/QueryWorkflowInvocationActionsResponse' parameters: - in: path name: projectsId @@ -4914,7 +5021,7 @@ paths: schema: type: string - in: path - name: workspacesId + name: workflowInvocationsId required: true schema: type: string @@ -4927,20 +5034,11 @@ paths: name: pageToken schema: type: string - - in: query - name: filter - schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:makeDirectory: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/compilationResults: parameters: *ref_1 - post: - description: Creates a directory inside a Workspace. - operationId: dataform.projects.locations.repositories.workspaces.makeDirectory - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/MakeDirectoryRequest' + get: + description: Lists CompilationResults in a given Repository. + operationId: dataform.projects.locations.repositories.compilationResults.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -4956,7 +5054,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/MakeDirectoryResponse' + $ref: '#/components/schemas/ListCompilationResultsResponse' parameters: - in: path name: projectsId @@ -4973,21 +5071,31 @@ paths: required: true schema: type: string - - in: path - name: workspacesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:removeDirectory: - parameters: *ref_1 post: - description: Deletes a directory (inside a Workspace) and all of its contents. - operationId: dataform.projects.locations.repositories.workspaces.removeDirectory + description: Creates a new CompilationResult in a given project and location. + operationId: dataform.projects.locations.repositories.compilationResults.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/RemoveDirectoryRequest' + $ref: '#/components/schemas/CompilationResult' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5003,7 +5111,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RemoveDirectoryResponse' + $ref: '#/components/schemas/CompilationResult' parameters: - in: path name: projectsId @@ -5020,23 +5128,11 @@ paths: required: true schema: type: string - - in: path - name: workspacesId - required: true - schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:moveDirectory: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/compilationResults/{compilationResultsId}:query: parameters: *ref_1 - post: - description: >- - Moves a directory (inside a Workspace), and all of its contents, to a - new location. - operationId: dataform.projects.locations.repositories.workspaces.moveDirectory - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/MoveDirectoryRequest' + get: + description: Returns CompilationResultActions in a given CompilationResult. + operationId: dataform.projects.locations.repositories.compilationResults.query security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5052,7 +5148,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/MoveDirectoryResponse' + $ref: '#/components/schemas/QueryCompilationResultActionsResponse' parameters: - in: path name: projectsId @@ -5070,15 +5166,28 @@ paths: schema: type: string - in: path - name: workspacesId + name: compilationResultsId required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:readFile: + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/compilationResults/{compilationResultsId}: parameters: *ref_1 get: - description: Returns the contents of a file (inside a Workspace). - operationId: dataform.projects.locations.repositories.workspaces.readFile + description: Fetches a single CompilationResult. + operationId: dataform.projects.locations.repositories.compilationResults.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5094,7 +5203,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ReadFileResponse' + $ref: '#/components/schemas/CompilationResult' parameters: - in: path name: projectsId @@ -5112,28 +5221,15 @@ paths: schema: type: string - in: path - name: workspacesId + name: compilationResultsId required: true schema: type: string - - in: query - name: path - schema: - type: string - - in: query - name: revision - schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:removeFile: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/releaseConfigs: parameters: *ref_1 - post: - description: Deletes a file (inside a Workspace). - operationId: dataform.projects.locations.repositories.workspaces.removeFile - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RemoveFileRequest' + get: + description: Lists ReleaseConfigs in a given Repository. + operationId: dataform.projects.locations.repositories.releaseConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5149,7 +5245,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RemoveFileResponse' + $ref: '#/components/schemas/ListReleaseConfigsResponse' parameters: - in: path name: projectsId @@ -5166,21 +5262,23 @@ paths: required: true schema: type: string - - in: path - name: workspacesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:moveFile: - parameters: *ref_1 post: - description: Moves a file (inside a Workspace) to a new location. - operationId: dataform.projects.locations.repositories.workspaces.moveFile + description: Creates a new ReleaseConfig in a given Repository. + operationId: dataform.projects.locations.repositories.releaseConfigs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/MoveFileRequest' + $ref: '#/components/schemas/ReleaseConfig' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5196,7 +5294,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/MoveFileResponse' + $ref: '#/components/schemas/ReleaseConfig' parameters: - in: path name: projectsId @@ -5213,21 +5311,15 @@ paths: required: true schema: type: string - - in: path - name: workspacesId - required: true + - in: query + name: releaseConfigId schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workspaces/{workspacesId}:writeFile: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/releaseConfigs/{releaseConfigsId}: parameters: *ref_1 - post: - description: Writes to a file (inside a Workspace). - operationId: dataform.projects.locations.repositories.workspaces.writeFile - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/WriteFileRequest' + delete: + description: Deletes a single ReleaseConfig. + operationId: dataform.projects.locations.repositories.releaseConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5243,7 +5335,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WriteFileResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -5261,15 +5353,22 @@ paths: schema: type: string - in: path - name: workspacesId + name: releaseConfigsId required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/releaseConfigs: - parameters: *ref_1 - get: - description: Lists ReleaseConfigs in a given Repository. - operationId: dataform.projects.locations.repositories.releaseConfigs.list + patch: + description: >- + Updates a single ReleaseConfig. **Note:** *This method does not fully + implement [AIP/134](https://google.aip.dev/134). The wildcard entry (\*) + is treated as a bad request, and when the `field_mask` is omitted, the + request is treated as a full update on all modifiable fields.* + operationId: dataform.projects.locations.repositories.releaseConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ReleaseConfig' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5285,7 +5384,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListReleaseConfigsResponse' + $ref: '#/components/schemas/ReleaseConfig' parameters: - in: path name: projectsId @@ -5302,23 +5401,19 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: releaseConfigsId + required: true schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: updateMask schema: type: string - post: - description: Creates a new ReleaseConfig in a given Repository. - operationId: dataform.projects.locations.repositories.releaseConfigs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ReleaseConfig' + format: google-fieldmask + get: + description: Fetches a single ReleaseConfig. + operationId: dataform.projects.locations.repositories.releaseConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5351,15 +5446,25 @@ paths: required: true schema: type: string - - in: query - name: releaseConfigId + - in: path + name: releaseConfigsId + required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/releaseConfigs/{releaseConfigsId}: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workflowConfigs/{workflowConfigsId}: parameters: *ref_1 - get: - description: Fetches a single ReleaseConfig. - operationId: dataform.projects.locations.repositories.releaseConfigs.get + patch: + description: >- + Updates a single WorkflowConfig. **Note:** *This method does not fully + implement [AIP/134](https://google.aip.dev/134). The wildcard entry (\*) + is treated as a bad request, and when the `field_mask` is omitted, the + request is treated as a full update on all modifiable fields.* + operationId: dataform.projects.locations.repositories.workflowConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowConfig' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5375,7 +5480,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ReleaseConfig' + $ref: '#/components/schemas/WorkflowConfig' parameters: - in: path name: projectsId @@ -5393,22 +5498,18 @@ paths: schema: type: string - in: path - name: releaseConfigsId + name: workflowConfigsId required: true schema: type: string - patch: - description: >- - Updates a single ReleaseConfig. **Note:** *This method does not fully - implement [AIP/134](https://google.aip.dev/134). The wildcard entry (\*) - is treated as a bad request, and when the `field_mask` is omitted, the - request is treated as a full update on all modifiable fields.* - operationId: dataform.projects.locations.repositories.releaseConfigs.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ReleaseConfig' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Fetches a single WorkflowConfig. + operationId: dataform.projects.locations.repositories.workflowConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5424,7 +5525,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ReleaseConfig' + $ref: '#/components/schemas/WorkflowConfig' parameters: - in: path name: projectsId @@ -5442,18 +5543,13 @@ paths: schema: type: string - in: path - name: releaseConfigsId + name: workflowConfigsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask delete: - description: Deletes a single ReleaseConfig. - operationId: dataform.projects.locations.repositories.releaseConfigs.delete + description: Deletes a single WorkflowConfig. + operationId: dataform.projects.locations.repositories.workflowConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5487,15 +5583,15 @@ paths: schema: type: string - in: path - name: releaseConfigsId + name: workflowConfigsId required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/compilationResults: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workflowConfigs: parameters: *ref_1 get: - description: Lists CompilationResults in a given Repository. - operationId: dataform.projects.locations.repositories.compilationResults.list + description: Lists WorkflowConfigs in a given Repository. + operationId: dataform.projects.locations.repositories.workflowConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5511,7 +5607,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListCompilationResultsResponse' + $ref: '#/components/schemas/ListWorkflowConfigsResponse' parameters: - in: path name: projectsId @@ -5537,22 +5633,14 @@ paths: name: pageToken schema: type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: filter - schema: - type: string post: - description: Creates a new CompilationResult in a given project and location. - operationId: dataform.projects.locations.repositories.compilationResults.create + description: Creates a new WorkflowConfig in a given Repository. + operationId: dataform.projects.locations.repositories.workflowConfigs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/CompilationResult' + $ref: '#/components/schemas/WorkflowConfig' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5568,7 +5656,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CompilationResult' + $ref: '#/components/schemas/WorkflowConfig' parameters: - in: path name: projectsId @@ -5585,11 +5673,20 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/compilationResults/{compilationResultsId}: + - in: query + name: workflowConfigId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories: parameters: *ref_1 - get: - description: Fetches a single CompilationResult. - operationId: dataform.projects.locations.repositories.compilationResults.get + post: + description: Creates a new Repository in a given project and location. + operationId: dataform.projects.locations.repositories.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Repository' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5605,7 +5702,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CompilationResult' + $ref: '#/components/schemas/Repository' parameters: - in: path name: projectsId @@ -5617,21 +5714,16 @@ paths: required: true schema: type: string - - in: path - name: repositoriesId - required: true - schema: - type: string - - in: path - name: compilationResultsId - required: true + - in: query + name: repositoryId schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/compilationResults/{compilationResultsId}:query: - parameters: *ref_1 get: - description: Returns CompilationResultActions in a given CompilationResult. - operationId: dataform.projects.locations.repositories.compilationResults.query + description: >- + Lists Repositories in a given project and location. **Note:** *This + method can return repositories not shown in the [Dataform + UI](https://console.cloud.google.com/bigquery/dataform)*. + operationId: dataform.projects.locations.repositories.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5647,7 +5739,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/QueryCompilationResultActionsResponse' + $ref: '#/components/schemas/ListRepositoriesResponse' parameters: - in: path name: projectsId @@ -5659,14 +5751,8 @@ paths: required: true schema: type: string - - in: path - name: repositoriesId - required: true - schema: - type: string - - in: path - name: compilationResultsId - required: true + - in: query + name: orderBy schema: type: string - in: query @@ -5682,11 +5768,11 @@ paths: name: filter schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workflowConfigs: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:computeAccessTokenStatus: parameters: *ref_1 get: - description: Lists WorkflowConfigs in a given Repository. - operationId: dataform.projects.locations.repositories.workflowConfigs.list + description: Computes a Repository's Git access token status. + operationId: dataform.projects.locations.repositories.computeAccessTokenStatus security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5702,7 +5788,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListWorkflowConfigsResponse' + $ref: >- + #/components/schemas/ComputeRepositoryAccessTokenStatusResponse parameters: - in: path name: projectsId @@ -5719,23 +5806,13 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - post: - description: Creates a new WorkflowConfig in a given Repository. - operationId: dataform.projects.locations.repositories.workflowConfigs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/WorkflowConfig' + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:fetchHistory: + parameters: *ref_1 + get: + description: >- + Fetches a Repository's history of commits. The Repository must not have + a value for `git_remote_settings.url`. + operationId: dataform.projects.locations.repositories.fetchHistory security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5751,7 +5828,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WorkflowConfig' + $ref: '#/components/schemas/FetchRepositoryHistoryResponse' parameters: - in: path name: projectsId @@ -5769,14 +5846,19 @@ paths: schema: type: string - in: query - name: workflowConfigId + name: pageToken schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workflowConfigs/{workflowConfigsId}: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:fetchRemoteBranches: parameters: *ref_1 get: - description: Fetches a single WorkflowConfig. - operationId: dataform.projects.locations.repositories.workflowConfigs.get + description: Fetches a Repository's remote branches. + operationId: dataform.projects.locations.repositories.fetchRemoteBranches security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5792,7 +5874,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WorkflowConfig' + $ref: '#/components/schemas/FetchRemoteBranchesResponse' parameters: - in: path name: projectsId @@ -5809,23 +5891,55 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}: + parameters: *ref_1 + get: + description: Fetches a single Repository. + operationId: dataform.projects.locations.repositories.get + security: + - Oauth2: + - https://www.googleapis.com/auth/bigquery + Oauth2c: + - https://www.googleapis.com/auth/bigquery + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Repository' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: workflowConfigsId + name: locationsId + required: true + schema: + type: string + - in: path + name: repositoriesId required: true schema: type: string patch: description: >- - Updates a single WorkflowConfig. **Note:** *This method does not fully + Updates a single Repository. **Note:** *This method does not fully implement [AIP/134](https://google.aip.dev/134). The wildcard entry (\*) is treated as a bad request, and when the `field_mask` is omitted, the request is treated as a full update on all modifiable fields.* - operationId: dataform.projects.locations.repositories.workflowConfigs.patch + operationId: dataform.projects.locations.repositories.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/WorkflowConfig' + $ref: '#/components/schemas/Repository' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5841,7 +5955,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WorkflowConfig' + $ref: '#/components/schemas/Repository' parameters: - in: path name: projectsId @@ -5858,19 +5972,14 @@ paths: required: true schema: type: string - - in: path - name: workflowConfigsId - required: true - schema: - type: string - in: query name: updateMask schema: type: string format: google-fieldmask delete: - description: Deletes a single WorkflowConfig. - operationId: dataform.projects.locations.repositories.workflowConfigs.delete + description: Deletes a single Repository. + operationId: dataform.projects.locations.repositories.delete security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5903,16 +6012,22 @@ paths: required: true schema: type: string - - in: path - name: workflowConfigsId - required: true + - in: query + name: force schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workflowInvocations: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:commit: parameters: *ref_1 - get: - description: Lists WorkflowInvocations in a given Repository. - operationId: dataform.projects.locations.repositories.workflowInvocations.list + post: + description: >- + Applies a Git commit to a Repository. The Repository must not have a + value for `git_remote_settings.url`. + operationId: dataform.projects.locations.repositories.commit + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CommitRepositoryChangesRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5928,7 +6043,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListWorkflowInvocationsResponse' + $ref: '#/components/schemas/CommitRepositoryChangesResponse' parameters: - in: path name: projectsId @@ -5945,31 +6060,21 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: filter - schema: - type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:testIamPermissions: + parameters: *ref_1 post: - description: Creates a new WorkflowInvocation in a given Repository. - operationId: dataform.projects.locations.repositories.workflowInvocations.create + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: dataform.projects.locations.repositories.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/WorkflowInvocation' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -5985,7 +6090,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WorkflowInvocation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -6002,11 +6107,13 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workflowInvocations/{workflowInvocationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:queryDirectoryContents: parameters: *ref_1 get: - description: Fetches a single WorkflowInvocation. - operationId: dataform.projects.locations.repositories.workflowInvocations.get + description: >- + Returns the contents of a given Repository directory. The Repository + must not have a value for `git_remote_settings.url`. + operationId: dataform.projects.locations.repositories.queryDirectoryContents security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -6022,7 +6129,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WorkflowInvocation' + $ref: '#/components/schemas/QueryRepositoryDirectoryContentsResponse' parameters: - in: path name: projectsId @@ -6039,14 +6146,30 @@ paths: required: true schema: type: string - - in: path - name: workflowInvocationsId - required: true + - in: query + name: commitSha schema: type: string - delete: - description: Deletes a single WorkflowInvocation. - operationId: dataform.projects.locations.repositories.workflowInvocations.delete + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: path + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: dataform.projects.locations.repositories.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -6062,7 +6185,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6079,21 +6202,18 @@ paths: required: true schema: type: string - - in: path - name: workflowInvocationsId - required: true + - in: query + name: options.requestedPolicyVersion schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workflowInvocations/{workflowInvocationsId}:cancel: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:readFile: parameters: *ref_1 - post: - description: Requests cancellation of a running WorkflowInvocation. - operationId: dataform.projects.locations.repositories.workflowInvocations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelWorkflowInvocationRequest' + get: + description: >- + Returns the contents of a file (inside a Repository). The Repository + must not have a value for `git_remote_settings.url`. + operationId: dataform.projects.locations.repositories.readFile security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -6109,7 +6229,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CancelWorkflowInvocationResponse' + $ref: '#/components/schemas/ReadRepositoryFileResponse' parameters: - in: path name: projectsId @@ -6126,16 +6246,27 @@ paths: required: true schema: type: string - - in: path - name: workflowInvocationsId - required: true + - in: query + name: path + schema: + type: string + - in: query + name: commitSha schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/workflowInvocations/{workflowInvocationsId}:query: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:setIamPolicy: parameters: *ref_1 - get: - description: Returns WorkflowInvocationActions in a given WorkflowInvocation. - operationId: dataform.projects.locations.repositories.workflowInvocations.query + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: dataform.projects.locations.repositories.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -6151,7 +6282,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/QueryWorkflowInvocationActionsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6168,21 +6299,7 @@ paths: required: true schema: type: string - - in: path - name: workflowInvocationsId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/folders/{foldersId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/folders/{foldersId}:setIamPolicy: parameters: *ref_1 post: description: >- @@ -6227,13 +6344,21 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/folders/{foldersId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/folders/{foldersId}:testIamPermissions: parameters: *ref_1 - get: + post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: dataform.projects.locations.folders.getIamPolicy + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: dataform.projects.locations.folders.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -6249,7 +6374,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -6266,26 +6391,13 @@ paths: required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1beta1/projects/{projectsId}/locations/{locationsId}/folders/{foldersId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/folders/{foldersId}:getIamPolicy: parameters: *ref_1 - post: + get: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: dataform.projects.locations.folders.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: dataform.projects.locations.folders.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -6301,7 +6413,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6318,7 +6430,12 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/teamFolders/{teamFoldersId}:setIamPolicy: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/teamFolders/{teamFoldersId}:setIamPolicy: parameters: *ref_1 post: description: >- @@ -6363,7 +6480,7 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/teamFolders/{teamFoldersId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/teamFolders/{teamFoldersId}:getIamPolicy: parameters: *ref_1 get: description: >- @@ -6407,7 +6524,7 @@ paths: schema: type: integer format: int32 - /v1beta1/projects/{projectsId}/locations/{locationsId}/teamFolders/{teamFoldersId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/teamFolders/{teamFoldersId}:testIamPermissions: parameters: *ref_1 post: description: >- @@ -6454,13 +6571,11 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/config: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: dataform.projects.locations.operations.list + description: Get default config for a given project and location. + operationId: dataform.projects.locations.getConfig security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -6476,7 +6591,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Config' parameters: - in: path name: projectsId @@ -6488,27 +6603,19 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 - get: + patch: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: dataform.projects.locations.operations.get + Update default config for a given project and location. **Note:** *This + method does not fully implement [AIP/134](https://google.aip.dev/134). + The wildcard entry (\*) is treated as a bad request, and when the + `field_mask` is omitted, the request is treated as a full update on all + modifiable fields.* + operationId: dataform.projects.locations.updateConfig + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Config' security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -6524,7 +6631,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Config' parameters: - in: path name: projectsId @@ -6536,18 +6643,16 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: updateMask schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: dataform.projects.locations.operations.delete + format: google-fieldmask + /v1/projects/{projectsId}/locations: + parameters: *ref_1 + get: + description: Lists information about the supported locations for this service. + operationId: dataform.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -6563,42 +6668,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: extraLocationTypes schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}: parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: dataform.projects.locations.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + get: + description: Gets information about a location. + operationId: dataform.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/bigquery @@ -6614,7 +6712,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId @@ -6626,8 +6724,3 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/datafusion.yaml b/providers/src/googleapis.com/v00.00.00000/services/datafusion.yaml index eb481f17..f0f3faca 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/datafusion.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/datafusion.yaml @@ -14,8 +14,8 @@ info: prepare, blend, transfer and transform data without having to wrestle with infrastructure. version: v1 - x-discovery-doc-revision: '20250702' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251203' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/data-fusion/docs servers: @@ -41,421 +41,500 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + TimeWindow: + id: TimeWindow type: object properties: - operations: + startTime: + format: google-datetime description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + Required. The start time of the time window provided in [RFC + 3339](https://www.ietf.org/rfc/rfc3339.txt) format. Example: + "2024-01-01T12:04:06-04:00" type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + endTime: type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + Required. The end time of the time window provided in [RFC + 3339](https://www.ietf.org/rfc/rfc3339.txt) format. The end time + should take place after the start time. Example: + "2024-01-02T12:04:06-06:00" + format: google-datetime + description: Represents an arbitrary window of time. + EventPublishConfig: + id: EventPublishConfig type: object properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + topic: type: string - details: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - ListAvailableVersionsResponse: - id: ListAvailableVersionsResponse - description: Response message for the list available versions request. - type: object + Required. The resource name of the Pub/Sub topic. Format: + projects/{project_id}/topics/{topic_id} + enabled: + type: boolean + description: Required. Option to enable Event Publishing. + description: Confirguration of PubSubEventWriter. + TestIamPermissionsResponse: + id: TestIamPermissionsResponse properties: - availableVersions: - description: >- - Represents a list of versions that are supported. Deprecated: Use - versions field instead. - deprecated: true - type: array + permissions: items: - $ref: '#/components/schemas/Version' - nextPageToken: + type: string description: >- - Token to retrieve the next page of results or empty if there are no - more results in the list. - type: string - versions: - description: Represents a list of all versions. + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. type: array - items: - $ref: '#/components/schemas/Version' - Version: - id: Version - description: >- - The Data Fusion version. This proto message stores information about - certain Data Fusion version, which is used for Data Fusion version - upgrade. type: object - properties: - versionNumber: - description: The version number of the Data Fusion instance, such as '6.0.1.0'. - type: string - defaultVersion: - description: Whether this is currently the default version for Cloud Data Fusion - type: boolean - availableFeatures: - description: Represents a list of available feature names for a given version. - type: array - items: - type: string - type: - description: Type represents the release availability of the version - type: string - enumDescriptions: - - Version does not have availability yet - - Version is under development and not considered stable - - Version is available for public use - - Version is no longer supported. - enum: - - TYPE_UNSPECIFIED - - TYPE_PREVIEW - - TYPE_GENERAL_AVAILABILITY - - TYPE_DEPRECATED - ListInstancesResponse: - id: ListInstancesResponse - description: Response message for the list instance request. + description: Response message for `TestIamPermissions` method. + AuditConfig: type: object + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. properties: - instances: - description: Represents a list of Data Fusion instances. - type: array - items: - $ref: '#/components/schemas/Instance' - nextPageToken: + service: description: >- - Token to retrieve the next page of results or empty if there are no - more results in the list. + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. type: string - unreachable: - description: Locations that could not be reached. - type: array + auditLogConfigs: items: - type: string - Instance: - id: Instance - description: Represents a Data Fusion instance. - type: object + $ref: '#/components/schemas/AuditLogConfig' + description: The configuration for logging of each type of permission. + type: array + id: AuditConfig + Expr: properties: - name: + description: description: >- - Output only. The name of this instance is in the form of - projects/{project}/locations/{location}/instances/{instance}. - readOnly: true + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. type: string - description: - description: Optional. A description of this instance. + location: type: string - type: - description: Required. Instance type. + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + title: + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + type: string + expression: type: string - enumDescriptions: - - No type specified. The instance creation will fail. - - >- - Basic Data Fusion instance. In Basic type, the user will be able - to create data pipelines using point and click UI. However, there - are certain limitations, such as fewer number of concurrent - pipelines, no support for streaming pipelines, etc. - - >- - Enterprise Data Fusion instance. In Enterprise type, the user will - have all features available, such as support for streaming - pipelines, higher number of concurrent pipelines, etc. - - >- - Developer Data Fusion instance. In Developer type, the user will - have all features available but with restrictive capabilities. - This is to help enterprises design and develop their data - ingestion and integration pipelines at low cost. - enum: - - TYPE_UNSPECIFIED - - BASIC - - ENTERPRISE - - DEVELOPER - enableStackdriverLogging: - description: Optional. Option to enable Dataproc Stackdriver Logging. - type: boolean - enableStackdriverMonitoring: - description: Optional. Option to enable Stackdriver Monitoring. - type: boolean - privateInstance: description: >- - Optional. Specifies whether the Data Fusion instance should be - private. If set to true, all Data Fusion nodes will have private IP - addresses and will not be able to access the public internet. + Textual representation of an expression in Common Expression + Language syntax. + type: object + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + id: Expr + OperationMetadata: + properties: + statusDetail: + description: Human-readable status of the operation if any. + type: string + apiVersion: + description: API version used to start the operation. + type: string + endTime: + description: The time the operation finished running. + type: string + format: google-datetime + createTime: + description: The time the operation was created. + type: string + format: google-datetime + requestedCancellation: type: boolean - networkConfig: - description: >- - Optional. Network configuration options. These are required when a - private Data Fusion instance is to be created. - $ref: '#/components/schemas/NetworkConfig' - labels: description: >- - The resource labels for instance to use to annotate any related - underlying resources such as Compute Engine VMs. The character '=' - is not allowed to be used within the labels. - type: object + Identifies whether the user has requested cancellation of the + operation. Operations that have successfully been cancelled have + google.longrunning.Operation.error value with a + google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. + target: + description: Server-defined resource path for the target of the operation. + type: string + additionalStatus: additionalProperties: type: string - options: description: >- - Optional. Map of additional options used to configure the behavior - of Data Fusion instance. + Map to hold any additional status info for the operation If there is + an accelerator being enabled/disabled/deleted, this will be + populated with accelerator name as key and status as ENABLING, + DISABLING or DELETING type: object - additionalProperties: + verb: + type: string + description: Name of the verb executed by the operation. + id: OperationMetadata + type: object + description: Represents the metadata of a long-running operation. + AuditLogConfig: + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + properties: + logType: + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + description: The log type that this config enables. + type: string + exemptedMembers: + items: type: string - createTime: - description: Output only. The time the instance was created. - readOnly: true + description: >- + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + type: array + type: object + id: AuditLogConfig + MaintenanceEvent: + id: MaintenanceEvent + properties: + startTime: type: string - format: google-datetime - updateTime: - description: Output only. The time the instance was last updated. + description: >- + Output only. The start time of the maintenance event provided in + [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format. Example: + "2024-01-01T12:04:06-04:00" readOnly: true + format: google-datetime + endTime: type: string + description: >- + Output only. The end time of the maintenance event provided in [RFC + 3339](https://www.ietf.org/rfc/rfc3339.txt) format. Example: + "2024-01-02T12:04:06-06:00" This field will be empty if the + maintenance event is not yet complete. + readOnly: true format: google-datetime state: - description: Output only. The current state of this Data Fusion instance. - readOnly: true - type: string - enumDescriptions: - - Instance does not have a state yet - - Instance is being created - - >- - Instance is active and ready for requests. This corresponds to - 'RUNNING' in datafusion.v1beta1. - - Instance creation failed - - Instance is being deleted - - Instance is being upgraded - - Instance is being restarted - - Instance is being updated on customer request - - Instance is being auto-updated - - Instance is being auto-upgraded - - Instance is disabled enum: - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - FAILED - - DELETING - - UPGRADING - - RESTARTING - - UPDATING - - AUTO_UPDATING - - AUTO_UPGRADING - - DISABLED - stateMessage: - description: >- - Output only. Additional information about the current state of this - Data Fusion instance if available. - readOnly: true + - SCHEDULED + - STARTED + - COMPLETED type: string - serviceEndpoint: - description: Output only. Endpoint on which the Data Fusion UI is accessible. readOnly: true + description: Output only. The state of the maintenance event. + enumDescriptions: + - The state of the maintenance event is unspecified. + - The maintenance is scheduled but has not started. + - The maintenance has been started. + - The maintenance has been completed. + description: Represents a maintenance event. + type: object + CancelOperationRequest: + properties: {} + description: The request message for Operations.CancelOperation. + id: CancelOperationRequest + type: object + MaintenanceWindow: + properties: + recurringTimeWindow: + description: Required. The recurring time window of the maintenance window. + $ref: '#/components/schemas/RecurringTimeWindow' + id: MaintenanceWindow + type: object + description: Maintenance window of the instance. + ListDnsPeeringsResponse: + id: ListDnsPeeringsResponse + properties: + nextPageToken: type: string - zone: - description: >- - Optional. Name of the zone in which the Data Fusion instance will be - created. Only DEVELOPER instances use this field. - type: string - version: description: >- - Optional. Current version of the Data Fusion. Only specifiable in - Update. - type: string - serviceAccount: + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + dnsPeerings: + items: + $ref: '#/components/schemas/DnsPeering' + description: List of dns peering. + type: array + description: Response message for list DNS peerings. + type: object + PrivateServiceConnectConfig: + type: object + description: >- + Configuration for using Private Service Connect to establish + connectivity between the Data Fusion consumer project and the + corresponding tenant project. + properties: + effectiveUnreachableCidrBlock: description: >- - Output only. Deprecated. Use tenant_project_id instead to extract - the tenant project ID. + Output only. The CIDR block to which the CDF instance can't route + traffic to in the consumer project VPC. The size of this block is + /25. The format of this field is governed by RFC 4632. Example: + 240.0.0.0/25 readOnly: true - deprecated: true type: string - displayName: - description: Optional. Display name for an instance. + networkAttachment: type: string - availableVersion: description: >- - Output only. Available versions that the instance can be upgraded to - using UpdateInstanceRequest. - readOnly: true - type: array - items: - $ref: '#/components/schemas/Version' - apiEndpoint: - description: Output only. Endpoint on which the REST APIs is accessible. - readOnly: true - type: string - gcsBucket: + Required. The reference to the network attachment used to establish + private connectivity. It will be of the form + projects/{project-id}/regions/{region}/networkAttachments/{network-attachment-id}. + unreachableCidrBlock: description: >- - Output only. Cloud Storage bucket generated by Data Fusion in the - customer project. - readOnly: true + Optional. Input only. The CIDR block to which the CDF instance can't + route traffic to in the consumer project VPC. The size of this block + should be at least /25. This range should not overlap with the + primary address range of any subnetwork used by the network + attachment. This range can be used for other purposes in the + consumer VPC as long as there is no requirement for CDF to reach + destinations using these addresses. If this value is not provided, + the server chooses a non RFC 1918 address range. The format of this + field is governed by RFC 4632. Example: 192.168.0.0/25 type: string - accelerators: - description: Output only. List of accelerators enabled for this CDF instance. - readOnly: true + id: PrivateServiceConnectConfig + ListInstancesResponse: + properties: + unreachable: + description: Locations that could not be reached. + items: + type: string + type: array + instances: type: array items: - $ref: '#/components/schemas/Accelerator' - p4ServiceAccount: - description: Output only. Service agent for the customer project. - readOnly: true - type: string - tenantProjectId: - description: Output only. The name of the tenant project. - readOnly: true + $ref: '#/components/schemas/Instance' + description: Represents a list of Data Fusion instances. + nextPageToken: type: string - dataprocServiceAccount: description: >- - Optional. User-managed service account to set on Dataproc when Cloud - Data Fusion creates Dataproc to run data processing pipelines. This - allows users to have fine-grained access control on Dataproc's - accesses to cloud resources. - type: string - enableRbac: - description: Optional. Option to enable granular role-based access control. - type: boolean - cryptoKeyConfig: + Token to retrieve the next page of results or empty if there are no + more results in the list. + description: Response message for the list instance request. + type: object + id: ListInstancesResponse + Policy: + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + id: Policy + properties: + auditConfigs: + description: Specifies cloud audit logging configuration for this policy. + type: array + items: + $ref: '#/components/schemas/AuditConfig' + version: + format: int32 + type: integer description: >- - Optional. The crypto key configuration. This field is used by the - Customer-Managed Encryption Keys (CMEK) feature. - $ref: '#/components/schemas/CryptoKeyConfig' - disabledReason: + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + etag: description: >- - Output only. If the instance state is DISABLED, the reason for - disabling the instance. - readOnly: true + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + type: string + format: byte + bindings: + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + items: + $ref: '#/components/schemas/Binding' + type: array + type: object + TestIamPermissionsRequest: + type: object + description: Request message for `TestIamPermissions` method. + id: TestIamPermissionsRequest + properties: + permissions: type: array + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). items: type: string - enumDescriptions: - - This is an unknown reason for disabling. - - >- - The KMS key used by the instance is either revoked or denied - access to - enum: - - DISABLED_REASON_UNSPECIFIED - - KMS_KEY_ISSUE + MaintenancePolicy: + id: MaintenancePolicy + properties: + maintenanceWindow: + description: Optional. The maintenance window of the instance. + $ref: '#/components/schemas/MaintenanceWindow' + maintenanceExclusionWindow: + description: Optional. The maintenance exclusion window of the instance. + $ref: '#/components/schemas/TimeWindow' + description: Maintenance policy of the instance. + type: object + Instance: + id: Instance + type: object + description: Represents a Data Fusion instance. + properties: + loggingConfig: + description: >- + Optional. The logging configuration for this instance. This field is + supported only in CDF versions 6.11.0 and above. + $ref: '#/components/schemas/LoggingConfig' eventPublishConfig: - description: Optional. Option to enable and pass metadata for event publishing. $ref: '#/components/schemas/EventPublishConfig' - enableZoneSeparation: - description: Output only. Option to enable granular zone separation. - readOnly: true - type: boolean - satisfiesPzs: - description: Output only. Reserved for future use. + description: Optional. Option to enable and pass metadata for event publishing. + maintenancePolicy: + description: Optional. Configure the maintenance policy for this instance. + $ref: '#/components/schemas/MaintenancePolicy' + p4ServiceAccount: + type: string + description: Output only. Service agent for the customer project. readOnly: true - type: boolean workforceIdentityServiceEndpoint: description: >- Output only. Endpoint on which the Data Fusion UI is accessible to third-party users - readOnly: true type: string - patchRevision: - description: Optional. Current patch revision of the Data Fusion. + readOnly: true + enableStackdriverMonitoring: + type: boolean + description: Optional. Option to enable Stackdriver Monitoring. + accelerators: + description: Output only. List of accelerators enabled for this CDF instance. + items: + $ref: '#/components/schemas/Accelerator' + readOnly: true + type: array + availableVersion: + description: >- + Output only. Available versions that the instance can be upgraded to + using UpdateInstanceRequest. + type: array + readOnly: true + items: + $ref: '#/components/schemas/Version' + options: + type: object + description: >- + Optional. Map of additional options used to configure the behavior + of Data Fusion instance. + additionalProperties: + type: string + serviceAccount: + readOnly: true + description: >- + Output only. Deprecated. Use tenant_project_id instead to extract + the tenant project ID. + deprecated: true type: string - dataplexDataLineageIntegrationEnabled: - description: Optional. Option to enable the Dataplex Lineage Integration feature. + satisfiesPzs: type: boolean - maintenancePolicy: - description: Optional. Configure the maintenance policy for this instance. - $ref: '#/components/schemas/MaintenancePolicy' + readOnly: true + description: Output only. Reserved for future use. + description: + type: string + description: Optional. A description of this instance. + monitoringConfig: + description: Optional. The monitoring configuration for this instance. + $ref: '#/components/schemas/MonitoringConfig' tags: description: >- Optional. Input only. Immutable. Tag keys/values directly bound to @@ -464,767 +543,739 @@ components: type: object additionalProperties: type: string - maintenanceEvents: - description: Output only. The maintenance events for this instance. + name: + type: string readOnly: true - type: array - items: - $ref: '#/components/schemas/MaintenanceEvent' - loggingConfig: description: >- - Optional. The logging configuration for this instance. This field is - supported only in CDF versions 6.11.0 and above. - $ref: '#/components/schemas/LoggingConfig' - satisfiesPzi: - description: Output only. Reserved for future use. + Output only. The name of this instance is in the form of + projects/{project}/locations/{location}/instances/{instance}. + gcsBucket: + type: string readOnly: true + description: >- + Output only. Cloud Storage bucket generated by Data Fusion in the + customer project. + enableStackdriverLogging: type: boolean - NetworkConfig: - id: NetworkConfig - description: >- - Network configuration for a Data Fusion instance. These configurations - are used for peering with the customer network. Configurations are - optional when a public Data Fusion instance is to be created. However, - providing these configurations allows several benefits, such as reduced - network latency while accessing the customer resources from managed Data - Fusion instance nodes, as well as access to the customer on-prem - resources. - type: object - properties: - network: + description: Optional. Option to enable Dataproc Stackdriver Logging. + serviceEndpoint: + description: Output only. Endpoint on which the Data Fusion UI is accessible. + type: string + readOnly: true + createTime: + format: google-datetime + readOnly: true + type: string + description: Output only. The time the instance was created. + enableZoneSeparation: + type: boolean + description: Output only. Option to enable granular zone separation. + readOnly: true + networkConfig: + $ref: '#/components/schemas/NetworkConfig' description: >- - Optional. Name of the network in the customer project with which the - Tenant Project will be peered for executing pipelines. In case of - shared VPC where the network resides in another host project the - network should specified in the form of - projects/{host-project-id}/global/networks/{network}. This is only - required for connectivity type VPC_PEERING. + Optional. Network configuration options. These are required when a + private Data Fusion instance is to be created. + dataplexDataLineageIntegrationEnabled: + description: Optional. Option to enable the Dataplex Lineage Integration feature. + type: boolean + dataprocServiceAccount: + description: >- + Optional. User-managed service account to set on Dataproc when Cloud + Data Fusion creates Dataproc to run data processing pipelines. This + allows users to have fine-grained access control on Dataproc's + accesses to cloud resources. + type: string + patchRevision: + type: string + description: Optional. Current patch revision of the Data Fusion. + version: type: string - ipAllocation: description: >- - Optional. The IP range in CIDR notation to use for the managed Data - Fusion instance nodes. This range must not overlap with any other - ranges used in the Data Fusion instance network. This is required - only when using connection type VPC_PEERING. Format: a.b.c.d/22 - Example: 192.168.0.0/22 + Optional. Current version of the Data Fusion. Only specifiable in + Update. + stateMessage: type: string - connectionType: description: >- - Optional. Type of connection for establishing private IP - connectivity between the Data Fusion customer project VPC and the - corresponding tenant project from a predefined list of available - connection modes. If this field is unspecified for a private - instance, VPC peering is used. + Output only. Additional information about the current state of this + Data Fusion instance if available. + readOnly: true + maintenanceEvents: + items: + $ref: '#/components/schemas/MaintenanceEvent' + readOnly: true + type: array + description: Output only. The maintenance events for this instance. + type: type: string + description: Required. Instance type. enumDescriptions: + - No type specified. The instance creation will fail. - >- - No specific connection type was requested, the default value of - VPC_PEERING is chosen. + Basic Data Fusion instance. In Basic type, the user will be able + to create data pipelines using point and click UI. However, there + are certain limitations, such as fewer number of concurrent + pipelines, no support for streaming pipelines, etc. - >- - Requests the use of VPC peerings for connecting the consumer and - tenant projects. + Enterprise Data Fusion instance. In Enterprise type, the user will + have all features available, such as support for streaming + pipelines, higher number of concurrent pipelines, etc. - >- - Requests the use of Private Service Connect Interfaces for - connecting the consumer and tenant projects. + Developer Data Fusion instance. In Developer type, the user will + have all features available but with restrictive capabilities. + This is to help enterprises design and develop their data + ingestion and integration pipelines at low cost. enum: - - CONNECTION_TYPE_UNSPECIFIED - - VPC_PEERING - - PRIVATE_SERVICE_CONNECT_INTERFACES - privateServiceConnectConfig: - description: >- - Optional. Configuration for Private Service Connect. This is - required only when using connection type - PRIVATE_SERVICE_CONNECT_INTERFACES. - $ref: '#/components/schemas/PrivateServiceConnectConfig' - PrivateServiceConnectConfig: - id: PrivateServiceConnectConfig - description: >- - Configuration for using Private Service Connect to establish - connectivity between the Data Fusion consumer project and the - corresponding tenant project. - type: object - properties: - networkAttachment: + - TYPE_UNSPECIFIED + - BASIC + - ENTERPRISE + - DEVELOPER + disabledReason: + type: array + readOnly: true description: >- - Required. The reference to the network attachment used to establish - private connectivity. It will be of the form - projects/{project-id}/regions/{region}/networkAttachments/{network-attachment-id}. - type: string - unreachableCidrBlock: + Output only. If the instance state is DISABLED, the reason for + disabling the instance. + items: + enum: + - DISABLED_REASON_UNSPECIFIED + - KMS_KEY_ISSUE + - PROJECT_STATE_OFF + enumDescriptions: + - This is an unknown reason for disabling. + - >- + The KMS key used by the instance is either revoked or denied + access to + - The consumer project is in a non-ACTIVE state. + type: string + satisfiesPzi: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + privateInstance: + type: boolean description: >- - Optional. Input only. The CIDR block to which the CDF instance can't - route traffic to in the consumer project VPC. The size of this block - should be at least /25. This range should not overlap with the - primary address range of any subnetwork used by the network - attachment. This range can be used for other purposes in the - consumer VPC as long as there is no requirement for CDF to reach - destinations using these addresses. If this value is not provided, - the server chooses a non RFC 1918 address range. The format of this - field is governed by RFC 4632. Example: 192.168.0.0/25 - type: string - effectiveUnreachableCidrBlock: + Optional. Specifies whether the Data Fusion instance should be + private. If set to true, all Data Fusion nodes will have private IP + addresses and will not be able to access the public internet. + zone: description: >- - Output only. The CIDR block to which the CDF instance can't route - traffic to in the consumer project VPC. The size of this block is - /25. The format of this field is governed by RFC 4632. Example: - 240.0.0.0/25 - readOnly: true + Optional. Name of the zone in which the Data Fusion instance will be + created. Only DEVELOPER instances use this field. type: string - Accelerator: - id: Accelerator - description: Identifies Data Fusion accelerators for an instance. - type: object - properties: - acceleratorType: - description: Optional. The type of an accelator for a Cloud Data Fusion instance. + apiEndpoint: type: string - enumDescriptions: - - Default value, if unspecified. - - Change Data Capture accelerator for Cloud Data Fusion. - - Reserved for internal use. - - >- - Contact Center AI Insights This accelerator is used to enable - import and export pipelines custom built to streamline CCAI - Insights processing. - - Reserved for internal use. - enum: - - ACCELERATOR_TYPE_UNSPECIFIED - - CDC - - HEALTHCARE - - CCAI_INSIGHTS - - CLOUDSEARCH - state: - description: Output only. The state of the accelerator. readOnly: true + description: Output only. Endpoint on which the REST APIs is accessible. + cryptoKeyConfig: + $ref: '#/components/schemas/CryptoKeyConfig' + description: >- + Optional. The crypto key configuration. This field is used by the + Customer-Managed Encryption Keys (CMEK) feature. + enableRbac: + type: boolean + description: Optional. Option to enable granular role-based access control. + updateTime: + description: Output only. The time the instance was last updated. type: string - enumDescriptions: - - Default value, do not use. - - Indicates that the accelerator is enabled and available to use. - - >- - Indicates that the accelerator is disabled and not available to - use. - - >- - Indicates that accelerator state is currently unknown. Requests - for enable, disable could be retried while in this state. + readOnly: true + format: google-datetime + state: enum: - STATE_UNSPECIFIED - - ENABLED + - CREATING + - ACTIVE + - FAILED + - DELETING + - UPGRADING + - RESTARTING + - UPDATING + - AUTO_UPDATING + - AUTO_UPGRADING - DISABLED - - UNKNOWN - CryptoKeyConfig: - id: CryptoKeyConfig - description: >- - The crypto key configuration. This field is used by the Customer-managed - encryption keys (CMEK) feature. - type: object - properties: - keyReference: - description: >- - Optional. The name of the key which is used to encrypt/decrypt - customer data. For key in Cloud KMS, the key should be in the format - of `projects/*/locations/*/keyRings/*/cryptoKeys/*`. + - ENABLING type: string - EventPublishConfig: - id: EventPublishConfig - description: Confirguration of PubSubEventWriter. - type: object - properties: - enabled: - description: Required. Option to enable Event Publishing. - type: boolean - topic: - description: >- - Required. The resource name of the Pub/Sub topic. Format: - projects/{project_id}/topics/{topic_id} - type: string - MaintenancePolicy: - id: MaintenancePolicy - description: Maintenance policy of the instance. - type: object - properties: - maintenanceWindow: - description: Optional. The maintenance window of the instance. - $ref: '#/components/schemas/MaintenanceWindow' - maintenanceExclusionWindow: - description: Optional. The maintenance exclusion window of the instance. - $ref: '#/components/schemas/TimeWindow' - MaintenanceWindow: - id: MaintenanceWindow - description: Maintenance window of the instance. - type: object - properties: - recurringTimeWindow: - description: Required. The recurring time window of the maintenance window. - $ref: '#/components/schemas/RecurringTimeWindow' - RecurringTimeWindow: - id: RecurringTimeWindow - description: Represents an arbitrary window of time that recurs. - type: object - properties: - window: - description: >- - Required. The window representing the start and end time of - recurrences. This field ignores the date components of the provided - timestamps. Only the time of day and duration between start and end - time are relevant. - $ref: '#/components/schemas/TimeWindow' - recurrence: - description: >- - Required. An RRULE with format - [RFC-5545](https://tools.ietf.org/html/rfc5545#section-3.8.5.3) for - how this window reccurs. They go on for the span of time between the - start and end time. The only supported FREQ value is "WEEKLY". To - have something repeat every weekday, use: - "FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR". This specifies how frequently - the window starts. To have a 9 am - 5 pm UTC-4 window every weekday, - use something like: ``` start time = 2019-01-01T09:00:00-0400 end - time = 2019-01-01T17:00:00-0400 recurrence = - FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR ``` - type: string - TimeWindow: - id: TimeWindow - description: Represents an arbitrary window of time. - type: object - properties: - startTime: - description: >- - Required. The start time of the time window provided in [RFC - 3339](https://www.ietf.org/rfc/rfc3339.txt) format. Example: - "2024-01-01T12:04:06-04:00" - type: string - format: google-datetime - endTime: - description: >- - Required. The end time of the time window provided in [RFC - 3339](https://www.ietf.org/rfc/rfc3339.txt) format. The end time - should take place after the start time. Example: - "2024-01-02T12:04:06-06:00" - type: string - format: google-datetime - MaintenanceEvent: - id: MaintenanceEvent - description: Represents a maintenance event. - type: object - properties: - startTime: - description: >- - Output only. The start time of the maintenance event provided in - [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format. Example: - "2024-01-01T12:04:06-04:00" + description: Output only. The current state of this Data Fusion instance. + enumDescriptions: + - Instance does not have a state yet + - Instance is being created + - >- + Instance is active and ready for requests. This corresponds to + 'RUNNING' in datafusion.v1beta1. + - Instance creation failed + - Instance is being deleted + - Instance is being upgraded + - Instance is being restarted + - Instance is being updated on customer request + - Instance is being auto-updated + - Instance is being auto-upgraded + - Instance is disabled + - Instance is being enabled. readOnly: true + displayName: + description: Optional. Display name for an instance. type: string - format: google-datetime - endTime: - description: >- - Output only. The end time of the maintenance event provided in [RFC - 3339](https://www.ietf.org/rfc/rfc3339.txt) format. Example: - "2024-01-02T12:04:06-06:00" This field will be empty if the - maintenance event is not yet complete. - readOnly: true + tenantProjectId: type: string - format: google-datetime - state: - description: Output only. The state of the maintenance event. readOnly: true - type: string - enumDescriptions: - - The state of the maintenance event is unspecified. - - The maintenance is scheduled but has not started. - - The maintenance has been started. - - The maintenance has been completed. - enum: - - STATE_UNSPECIFIED - - SCHEDULED - - STARTED - - COMPLETED - LoggingConfig: - id: LoggingConfig - description: Logging configuration for a Data Fusion instance. - type: object - properties: - instanceCloudLoggingDisabled: + description: Output only. The name of the tenant project. + labels: + additionalProperties: + type: string + type: object description: >- - Optional. Option to determine whether instance logs should be - written to Cloud Logging. By default, instance logs are written to - Cloud Logging. - type: boolean - RestartInstanceRequest: - id: RestartInstanceRequest - description: Request message for restarting a Data Fusion instance. + The resource labels for instance to use to annotate any related + underlying resources such as Compute Engine VMs. The character '=' + is not allowed to be used within the labels. + Empty: + id: Empty type: object properties: {} - DnsPeering: - id: DnsPeering description: >- - DNS peering configuration. These configurations are used to create DNS - peering with the customer Cloud DNS. - type: object - properties: - name: - description: >- - Identifier. The resource name of the dns peering zone. Format: - projects/{project}/locations/{location}/instances/{instance}/dnsPeerings/{dns_peering} - type: string - domain: - description: Required. The dns name suffix of the zone. - type: string - description: - description: Optional. Optional description of the dns zone. - type: string - targetProject: - description: >- - Optional. Optional target project to which dns peering should - happen. - type: string - targetNetwork: - description: >- - Optional. Optional target network to which dns peering should - happen. - type: string - ListDnsPeeringsResponse: - id: ListDnsPeeringsResponse - description: Response message for list DNS peerings. + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + ListLocationsResponse: type: object properties: - dnsPeerings: - description: List of dns peering. + locations: type: array items: - $ref: '#/components/schemas/DnsPeering' - nextPageToken: + $ref: '#/components/schemas/Location' description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + A list of locations that matches the specified filter in the + request. + nextPageToken: type: string - ListLocationsResponse: - id: ListLocationsResponse + description: The standard List next-page token. description: The response message for Locations.ListLocations. - type: object + id: ListLocationsResponse + ListOperationsResponse: properties: - locations: + operations: + type: array + items: + $ref: '#/components/schemas/Operation' description: >- - A list of locations that matches the specified filter in the + A list of operations that matches the specified filter in the request. + unreachable: type: array items: - $ref: '#/components/schemas/Location' + type: string + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. nextPageToken: description: The standard List next-page token. type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + id: ListOperationsResponse + description: The response message for Operations.ListOperations. type: object - properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. SetIamPolicyRequest: - id: SetIamPolicyRequest description: Request message for `SetIamPolicy` method. type: object + id: SetIamPolicyRequest properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' updateMask: + type: string + format: google-fieldmask description: >- OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"` - type: string - format: google-fieldmask - Policy: - id: Policy + policy: + $ref: '#/components/schemas/Policy' + description: >- + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + Status: + id: Status description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). - type: object + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer + code: format: int32 - bindings: + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + details: + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. type: array + message: + type: string + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: object + Accelerator: + description: Identifies Data Fusion accelerators for an instance. + type: object + id: Accelerator + properties: + acceleratorType: + type: string + enumDescriptions: + - Default value, if unspecified. + - Change Data Capture accelerator for Cloud Data Fusion. + - Reserved for internal use. + - >- + Contact Center AI Insights This accelerator is used to enable + import and export pipelines custom built to streamline CCAI + Insights processing. + - Reserved for internal use. + enum: + - ACCELERATOR_TYPE_UNSPECIFIED + - CDC + - HEALTHCARE + - CCAI_INSIGHTS + - CLOUDSEARCH + description: Optional. The type of an accelator for a Cloud Data Fusion instance. + state: + enum: + - STATE_UNSPECIFIED + - ENABLED + - DISABLED + - UNKNOWN + readOnly: true + enumDescriptions: + - Default value, do not use. + - Indicates that the accelerator is enabled and available to use. + - >- + Indicates that the accelerator is disabled and not available to + use. + - >- + Indicates that accelerator state is currently unknown. Requests + for enable, disable could be retried while in this state. + description: Output only. The state of the accelerator. + type: string + ListAvailableVersionsResponse: + type: object + id: ListAvailableVersionsResponse + description: Response message for the list available versions request. + properties: + nextPageToken: + type: string + description: >- + Token to retrieve the next page of results or empty if there are no + more results in the list. + versions: items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. + $ref: '#/components/schemas/Version' + description: Represents a list of all versions. + type: array + availableVersions: type: array items: - $ref: '#/components/schemas/AuditConfig' - etag: + $ref: '#/components/schemas/Version' + deprecated: true description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + Represents a list of versions that are supported. Deprecated: Use + versions field instead. + CryptoKeyConfig: + properties: + keyReference: + description: >- + Optional. The name of the key which is used to encrypt/decrypt + customer data. For key in Cloud KMS, the key should be in the format + of `projects/*/locations/*/keyRings/*/cryptoKeys/*`. type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. type: object + id: CryptoKeyConfig + description: >- + The crypto key configuration. This field is used by the Customer-managed + encryption keys (CMEK) feature. + Version: + type: object + description: >- + The Data Fusion version. This proto message stores information about + certain Data Fusion version, which is used for Data Fusion version + upgrade. + id: Version properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + versionNumber: + description: The version number of the Data Fusion instance, such as '6.0.1.0'. type: string - members: - description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array + availableFeatures: items: type: string - condition: + description: Represents a list of available feature names for a given version. + type: array + defaultVersion: + description: Whether this is currently the default version for Cloud Data Fusion + type: boolean + type: + enumDescriptions: + - Version does not have availability yet + - Version is under development and not considered stable + - Version is available for public use + - Version is no longer supported. + type: string + enum: + - TYPE_UNSPECIFIED + - TYPE_PREVIEW + - TYPE_GENERAL_AVAILABILITY + - TYPE_DEPRECATED + description: Type represents the release availability of the version + NetworkConfig: + properties: + connectionType: + enumDescriptions: + - >- + No specific connection type was requested, the default value of + VPC_PEERING is chosen. + - >- + Requests the use of VPC peerings for connecting the consumer and + tenant projects. + - >- + Requests the use of Private Service Connect Interfaces for + connecting the consumer and tenant projects. description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr + Optional. Type of connection for establishing private IP + connectivity between the Data Fusion customer project VPC and the + corresponding tenant project from a predefined list of available + connection modes. If this field is unspecified for a private + instance, VPC peering is used. + enum: + - CONNECTION_TYPE_UNSPECIFIED + - VPC_PEERING + - PRIVATE_SERVICE_CONNECT_INTERFACES + type: string + ipAllocation: + type: string + description: >- + Optional. The IP range in CIDR notation to use for the managed Data + Fusion instance nodes. This range must not overlap with any other + ranges used in the Data Fusion instance network. This is required + only when using connection type VPC_PEERING. Format: a.b.c.d/22 + Example: 192.168.0.0/22 + privateServiceConnectConfig: + $ref: '#/components/schemas/PrivateServiceConnectConfig' + description: >- + Optional. Configuration for Private Service Connect. This is + required only when using connection type + PRIVATE_SERVICE_CONNECT_INTERFACES. + network: + type: string + description: >- + Optional. Name of the network in the customer project with which the + Tenant Project will be peered for executing pipelines. In case of + shared VPC where the network resides in another host project the + network should specified in the form of + projects/{host-project-id}/global/networks/{network}. This is only + required for connectivity type VPC_PEERING. description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + Network configuration for a Data Fusion instance. These configurations + are used for peering with the customer network. Configurations are + optional when a public Data Fusion instance is to be created. However, + providing these configurations allows several benefits, such as reduced + network latency while accessing the customer resources from managed Data + Fusion instance nodes, as well as access to the customer on-prem + resources. + type: object + id: NetworkConfig + RestartInstanceRequest: + description: Request message for restarting a Data Fusion instance. type: object + properties: {} + id: RestartInstanceRequest + DnsPeering: + description: >- + DNS peering configuration. These configurations are used to create DNS + peering with the customer Cloud DNS. + id: DnsPeering properties: - expression: + domain: + type: string + description: Required. The dns name suffix of the zone. + name: description: >- - Textual representation of an expression in Common Expression - Language syntax. + Identifier. The resource name of the dns peering zone. Format: + projects/{project}/locations/{location}/instances/{instance}/dnsPeerings/{dns_peering} type: string - title: + targetProject: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + Optional. Optional target project to which dns peering should + happen. type: string description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + description: Optional. Optional description of the dns zone. type: string - location: - description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + targetNetwork: type: string - AuditConfig: - id: AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + description: >- + Optional. Optional target network to which dns peering should + happen. type: object + RecurringTimeWindow: + id: RecurringTimeWindow + type: object + description: Represents an arbitrary window of time that recurs. properties: - service: + window: + $ref: '#/components/schemas/TimeWindow' description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. + Required. The window representing the start and end time of + recurrences. This field ignores the date components of the provided + timestamps. Only the time of day and duration between start and end + time are relevant. + recurrence: type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. + description: >- + Required. An RRULE with format + [RFC-5545](https://tools.ietf.org/html/rfc5545#section-3.8.5.3) for + how this window reccurs. They go on for the span of time between the + start and end time. The only supported FREQ value is "WEEKLY". To + have something repeat every weekday, use: + "FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR". This specifies how frequently + the window starts. To have a 9 am - 5 pm UTC-4 window every weekday, + use something like: ``` start time = 2019-01-01T09:00:00-0400 end + time = 2019-01-01T17:00:00-0400 recurrence = + FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR ``` + LoggingConfig: type: object properties: - logType: - description: The log type that this config enables. + instanceCloudLoggingDisabled: + description: >- + Optional. Option to determine whether instance logs should be + written to Cloud Logging. By default, instance logs are written to + Cloud Logging. + type: boolean + description: Logging configuration for a Data Fusion instance. + id: LoggingConfig + Location: + properties: + name: type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + labels: + type: object + additionalProperties: type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + displayName: + type: string + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + description: A resource that represents a Google Cloud location. + type: object + id: Location + MonitoringConfig: type: object + description: Monitoring configuration for a Data Fusion instance. + id: MonitoringConfig properties: - permissions: + enableInstanceV2Metrics: description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object + Optional. Option to enable the instance v2 metrics for this + instance. This field is supported only in CDF versions 6.11.1.1 and + above. + type: boolean + Operation: properties: - permissions: + metadata: + type: object description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + response: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + name: + type: string + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + type: object + description: >- + This resource represents a long-running operation that is the result of + a network API call. + id: Operation + Binding: + id: Binding + type: object + description: Associates `members`, or principals, with a `role`. + properties: + members: type: array items: type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of a long-running operation. - type: object - properties: - createTime: - description: The time the operation was created. - type: string - format: google-datetime - endTime: - description: The time the operation finished running. - type: string - format: google-datetime - target: - description: Server-defined resource path for the target of the operation. - type: string - verb: - description: Name of the verb executed by the operation. - type: string - statusDetail: - description: Human-readable status of the operation if any. - type: string - requestedCancellation: description: >- - Identifies whether the user has requested cancellation of the - operation. Operations that have successfully been cancelled have - google.longrunning.Operation.error value with a - google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - type: boolean - apiVersion: - description: API version used to start the operation. + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + role: + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). type: string - additionalStatus: + condition: + $ref: '#/components/schemas/Expr' description: >- - Map to hold any additional status info for the operation If there is - an accelerator being enabled/disabled/deleted, this will be - populated with accelerator name as key and status as ENABLING, - DISABLING or DELETING - type: object - additionalProperties: - type: string + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). parameters: + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string access_token: description: OAuth access token. in: query name: access_token schema: type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' alt: description: Data format for response. in: query @@ -1235,33 +1286,12 @@ components: - json - media - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string prettyPrint: description: Returns response with indentations and line breaks. in: query @@ -1283,128 +1313,108 @@ components: name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: uploadType + name: oauth_token schema: type: string - _.xgafv: - description: V1 error format. + callback: + description: JSONP in: query - name: $.xgafv + name: callback schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: - locations: - id: google.datafusion.locations - name: locations - title: Locations + dns_peerings: + id: google.datafusion.dns_peerings + name: dns_peerings + title: Dns_peerings methods: list: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations - get: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}~1dnsPeerings/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - operations: - id: google.datafusion.operations - name: operations - title: Operations - methods: - list: + objectKey: $.dnsPeerings + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}~1dnsPeerings/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}~1dnsPeerings~1{dnsPeeringsId}/delete response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/dns_peerings/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/dns_peerings/methods/create' + update: [] + replace: [] delete: + - $ref: '#/components/x-stackQL-resources/dns_peerings/methods/delete' + instances_iam_policies: + id: google.datafusion.instances_iam_policies + name: instances_iam_policies + title: Instances_iam_policies + methods: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - cancel: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' - insert: [] - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - versions: - id: google.datafusion.versions - name: versions - title: Versions - methods: - list: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1versions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.availableVersions + objectKey: $.bindings sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/versions/methods/list' + - $ref: >- + #/components/x-stackQL-resources/instances_iam_policies/methods/get_iam_policy insert: [] update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/instances_iam_policies/methods/set_iam_policy delete: [] instances: id: google.datafusion.instances name: instances title: Instances methods: - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.instances - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -1415,17 +1425,18 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances/get response: mediaType: application/json openAPIDocKey: '200' - patch: + objectKey: $.instances + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances/post response: mediaType: application/json openAPIDocKey: '200' @@ -1447,96 +1458,112 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/instances/methods/delete' - instances_iam_policies: - id: google.datafusion.instances_iam_policies - name: instances_iam_policies - title: Instances_iam_policies + operations: + id: google.datafusion.operations + name: operations + title: Operations methods: - set_iam_policy: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.operations sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/instances_iam_policies/methods/get_iam_policy + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/instances_iam_policies/methods/set_iam_policy - delete: [] - dns_peerings: - id: google.datafusion.dns_peerings - name: dns_peerings - title: Dns_peerings + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + versions: + id: google.datafusion.versions + name: versions + title: Versions methods: - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}~1dnsPeerings/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1versions/get response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.versions + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/versions/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + locations: + id: google.datafusion.locations + name: locations + title: Locations + methods: + get: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}~1dnsPeerings/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.dnsPeerings - delete: + list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}~1dnsPeerings~1{dnsPeeringsId}/delete + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.locations sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/dns_peerings/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/dns_peerings/methods/create' + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' + insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/dns_peerings/methods/delete' + delete: [] paths: - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}/dnsPeerings: parameters: &ref_1 + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/callback' get: - description: Lists information about the supported locations for this service. - operationId: datafusion.projects.locations.list + description: Lists DNS peerings for a given resource. + operationId: datafusion.projects.locations.instances.dnsPeerings.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1548,15 +1575,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/ListDnsPeeringsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: instancesId + required: true schema: type: string - in: query @@ -1568,15 +1601,14 @@ paths: name: pageToken schema: type: string - - in: query - name: extraLocationTypes - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 - get: - description: Gets information about a location. - operationId: datafusion.projects.locations.get + post: + description: Creates DNS peering on the given resource. + operationId: datafusion.projects.locations.instances.dnsPeerings.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DnsPeering' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1588,7 +1620,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/DnsPeering' parameters: - in: path name: projectsId @@ -1600,13 +1632,20 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + - in: path + name: instancesId + required: true + schema: + type: string + - in: query + name: dnsPeeringId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}/dnsPeerings/{dnsPeeringsId}: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: datafusion.projects.locations.operations.list + delete: + description: Deletes DNS peering on the given resource. + operationId: datafusion.projects.locations.instances.dnsPeerings.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1618,7 +1657,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -1630,27 +1669,29 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: instancesId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: dnsPeeringsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:setIamPolicy: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: datafusion.projects.locations.operations.get + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: datafusion.projects.locations.instances.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1662,7 +1703,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -1675,17 +1716,15 @@ paths: schema: type: string - in: path - name: operationsId + name: instancesId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}: + parameters: *ref_1 delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: datafusion.projects.locations.operations.delete + description: Deletes a single Date Fusion instance. + operationId: datafusion.projects.locations.instances.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1697,7 +1736,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -1710,29 +1749,22 @@ paths: schema: type: string - in: path - name: operationsId + name: instancesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: datafusion.projects.locations.operations.cancel + - in: query + name: force + schema: + type: boolean + patch: + description: Updates a single Data Fusion instance. + operationId: datafusion.projects.locations.instances.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/Instance' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1744,7 +1776,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -1757,17 +1789,18 @@ paths: schema: type: string - in: path - name: operationsId + name: instancesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/versions: - parameters: *ref_1 + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: >- - Lists possible versions for Data Fusion instances in the specified - project and location. - operationId: datafusion.projects.locations.versions.list + description: Gets details of a single Data Fusion instance. + operationId: datafusion.projects.locations.instances.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1779,7 +1812,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAvailableVersionsResponse' + $ref: '#/components/schemas/Instance' parameters: - in: path name: projectsId @@ -1791,19 +1824,11 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: latestPatchOnly + - in: path + name: instancesId + required: true schema: - type: boolean + type: string /v1/projects/{projectsId}/locations/{locationsId}/instances: parameters: *ref_1 get: @@ -1832,23 +1857,23 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: orderBy schema: type: string - in: query name: filter schema: type: string - - in: query - name: orderBy - schema: - type: string post: description: >- Creates a new Data Fusion instance in the specified project and @@ -1886,11 +1911,21 @@ paths: name: instanceId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}: + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:testIamPermissions: parameters: *ref_1 - get: - description: Gets details of a single Data Fusion instance. - operationId: datafusion.projects.locations.instances.get + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: datafusion.projects.locations.instances.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1902,7 +1937,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Instance' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -1919,9 +1954,18 @@ paths: required: true schema: type: string - delete: - description: Deletes a single Date Fusion instance. - operationId: datafusion.projects.locations.instances.delete + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:restart: + parameters: *ref_1 + post: + description: >- + Restart a single Data Fusion instance. At the end of an operation + instance is fully restarted. + operationId: datafusion.projects.locations.instances.restart + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RestartInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1950,18 +1994,13 @@ paths: required: true schema: type: string - - in: query - name: force - schema: - type: boolean - patch: - description: Updates a single Data Fusion instance. - operationId: datafusion.projects.locations.instances.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Instance' + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: datafusion.projects.locations.instances.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1973,7 +2012,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -1991,22 +2030,29 @@ paths: schema: type: string - in: query - name: updateMask + name: options.requestedPolicyVersion schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:restart: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Restart a single Data Fusion instance. At the end of an operation - instance is fully restarted. - operationId: datafusion.projects.locations.instances.restart + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: datafusion.projects.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/RestartInstanceRequest' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2018,7 +2064,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2031,23 +2077,18 @@ paths: schema: type: string - in: path - name: instancesId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - post: + get: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: datafusion.projects.locations.instances.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: datafusion.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2059,7 +2100,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2072,17 +2113,17 @@ paths: schema: type: string - in: path - name: instancesId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:getIamPolicy: - parameters: *ref_1 - get: + delete: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: datafusion.projects.locations.instances.getIamPolicy + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: datafusion.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2094,7 +2135,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2107,30 +2148,17 @@ paths: schema: type: string - in: path - name: instancesId + name: operationsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 - post: + get: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: datafusion.projects.locations.instances.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: datafusion.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2142,7 +2170,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -2154,21 +2182,30 @@ paths: required: true schema: type: string - - in: path - name: instancesId - required: true + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}/dnsPeerings: + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/versions: parameters: *ref_1 - post: - description: Creates DNS peering on the given resource. - operationId: datafusion.projects.locations.instances.dnsPeerings.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DnsPeering' + get: + description: >- + Lists possible versions for Data Fusion instances in the specified + project and location. + operationId: datafusion.projects.locations.versions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2180,7 +2217,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DnsPeering' + $ref: '#/components/schemas/ListAvailableVersionsResponse' parameters: - in: path name: projectsId @@ -2192,18 +2229,24 @@ paths: required: true schema: type: string - - in: path - name: instancesId - required: true + - in: query + name: latestPatchOnly schema: - type: string + type: boolean - in: query - name: dnsPeeringId + name: pageToken schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}: + parameters: *ref_1 get: - description: Lists DNS peerings for a given resource. - operationId: datafusion.projects.locations.instances.dnsPeerings.list + description: Gets information about a location. + operationId: datafusion.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2215,7 +2258,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDnsPeeringsResponse' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId @@ -2227,25 +2270,11 @@ paths: required: true schema: type: string - - in: path - name: instancesId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}/dnsPeerings/{dnsPeeringsId}: + /v1/projects/{projectsId}/locations: parameters: *ref_1 - delete: - description: Deletes DNS peering on the given resource. - operationId: datafusion.projects.locations.instances.dnsPeerings.delete + get: + description: Lists information about the supported locations for this service. + operationId: datafusion.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2257,25 +2286,27 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: filter schema: type: string - - in: path - name: instancesId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: dnsPeeringsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: extraLocationTypes schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/datalabeling.yaml b/providers/src/googleapis.com/v00.00.00000/services/datalabeling.yaml index 72245104..01629094 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/datalabeling.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/datalabeling.yaml @@ -8,7 +8,7 @@ info: description: Public API for Google Cloud AI Data Labeling Service. version: v1beta1 x-discovery-doc-revision: '20250723' - x-generated-date: '2025-08-28' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/data-labeling/docs/ servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/datalineage.yaml b/providers/src/googleapis.com/v00.00.00000/services/datalineage.yaml index 20ca46ae..ae5f883d 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/datalineage.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/datalineage.yaml @@ -7,8 +7,8 @@ info: title: Data Lineage API description: '' version: v1 - x-discovery-doc-revision: '20250801' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251201' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/data-catalog servers: @@ -34,93 +34,18 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleLongrunningListOperationsResponse: - id: GoogleLongrunningListOperationsResponse - description: The response message for Operations.ListOperations. - type: object - properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/GoogleLongrunningOperation' - nextPageToken: - description: The standard List next-page token. - type: string - GoogleLongrunningOperation: - id: GoogleLongrunningOperation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/GoogleRpcStatus' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. GoogleRpcStatus: - id: GoogleRpcStatus - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 message: + type: string description: >- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. - type: string + code: + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + format: int32 details: description: >- A list of messages that carry the error details. There is a common @@ -129,188 +54,156 @@ components: items: type: object additionalProperties: - type: any description: Properties of the object. Contains field @type with type URL. - GoogleProtobufEmpty: - id: GoogleProtobufEmpty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - GoogleLongrunningCancelOperationRequest: - id: GoogleLongrunningCancelOperationRequest - description: The request message for Operations.CancelOperation. + type: any + id: GoogleRpcStatus type: object - properties: {} - GoogleCloudDatacatalogLineageV1ProcessOpenLineageRunEventResponse: - id: GoogleCloudDatacatalogLineageV1ProcessOpenLineageRunEventResponse - description: Response message for ProcessOpenLineageRunEvent. + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + GoogleCloudDatacatalogLineageV1Link: + id: GoogleCloudDatacatalogLineageV1Link type: object properties: - process: + name: description: >- - Created process name. Format: - `projects/{project}/locations/{location}/processes/{process}`. + Output only. Immutable. The name of the link. Format: + `projects/{project}/locations/{location}/links/{link}`. type: string - run: - description: >- - Created run name. Format: - `projects/{project}/locations/{location}/processes/{process}/runs/{run}`. + readOnly: true + startTime: + description: The start of the first event establishing this link. type: string - lineageEvents: - description: >- - Created lineage event names. Format: - `projects/{project}/locations/{location}/processes/{process}/runs/{run}/lineageEvents/{lineage_event}`. - type: array - items: - type: string - GoogleCloudDatacatalogLineageV1Process: - id: GoogleCloudDatacatalogLineageV1Process - description: A process is the definition of a data transformation operation. - type: object + format: google-datetime + endTime: + format: google-datetime + description: The end of the last event establishing this link. + type: string + source: + description: The pointer to the entity that is the **source** of this link. + $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1EntityReference' + target: + description: The pointer to the entity that is the **target** of this link. + $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1EntityReference' + description: >- + Links represent the data flow between **source** (upstream) and + **target** (downstream) assets in transformation pipelines. Links are + created when LineageEvents record data transformation between related + assets. + GoogleCloudDatacatalogLineageV1ProcessLinkInfo: + description: Link details. + id: GoogleCloudDatacatalogLineageV1ProcessLinkInfo properties: - name: - description: >- - Immutable. The resource name of the lineage process. Format: - `projects/{project}/locations/{location}/processes/{process}`. Can - be specified or auto-assigned. {process} must be not longer than 200 - characters and only contain characters in a set: `a-zA-Z0-9_-:.` + endTime: + description: The end of the last event establishing this link-process tuple. + format: google-datetime type: string - displayName: - description: >- - Optional. A human-readable name you can set to display in a user - interface. Must be not longer than 200 characters and only contain - UTF-8 letters or numbers, spaces or characters like `_-:&.` + startTime: type: string - attributes: - description: >- - Optional. The attributes of the process. Should only be used for the - purpose of non-semantic management (classifying, describing or - labeling the process). Up to 100 attributes are allowed. - type: object - additionalProperties: - type: any - origin: + description: The start of the first event establishing this link-process tuple. + format: google-datetime + link: description: >- - Optional. The origin of this process and its runs and lineage - events. - $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1Origin' - GoogleCloudDatacatalogLineageV1Origin: - id: GoogleCloudDatacatalogLineageV1Origin - description: Origin of a process. + The name of the link in the format of + `projects/{project}/locations/{location}/links/{link}`. + type: string + type: object + GoogleCloudDatacatalogLineageV1OperationMetadata: type: object properties: - sourceType: - description: >- - Type of the source. Use of a source_type other than `CUSTOM` for - process creation or updating is highly discouraged. It might be - restricted in the future without notice. There will be increase in - cost if you use any of the source types other than `CUSTOM`. + resourceUuid: + type: string + description: Output only. The UUID of the resource being operated on. + readOnly: true + operationType: type: string enumDescriptions: - - Source is Unspecified - - A custom source - - BigQuery - - Data Fusion - - Composer - - Looker Studio - - Dataproc - - Vertex AI + - Unused. + - The resource deletion operation. + - The resource creation operation. + description: Output only. The type of the operation being performed. enum: - - SOURCE_TYPE_UNSPECIFIED - - CUSTOM - - BIGQUERY - - DATA_FUSION - - COMPOSER - - LOOKER_STUDIO - - DATAPROC - - VERTEX_AI - name: - description: >- - If the source_type isn't CUSTOM, the value of this field should be a - Google Cloud resource name of the system, which reports lineage. The - project and location parts of the resource name must match the - project and location of the lineage resource being created. - Examples: - `{source_type: COMPOSER, name: - "projects/foo/locations/us/environments/bar"}` - `{source_type: - BIGQUERY, name: "projects/foo/locations/eu"}` - `{source_type: - CUSTOM, name: "myCustomIntegration"}` + - TYPE_UNSPECIFIED + - DELETE + - CREATE + readOnly: true + createTime: + readOnly: true type: string - GoogleCloudDatacatalogLineageV1ListProcessesResponse: - id: GoogleCloudDatacatalogLineageV1ListProcessesResponse - description: Response message for ListProcesses. - type: object - properties: - processes: - description: The processes from the specified project and location. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1Process' - nextPageToken: + format: google-datetime description: >- - The token to specify as `page_token` in the next call to get the - next page. If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudDatacatalogLineageV1Run: - id: GoogleCloudDatacatalogLineageV1Run - description: >- - A lineage run represents an execution of a process that creates lineage - events. - type: object - properties: - name: + Output only. The timestamp of the operation submission to the + server. + endTime: + readOnly: true + format: google-datetime description: >- - Immutable. The resource name of the run. Format: - `projects/{project}/locations/{location}/processes/{process}/runs/{run}`. - Can be specified or auto-assigned. {run} must be not longer than 200 - characters and only contain characters in a set: `a-zA-Z0-9_-:.` + Output only. The timestamp of the operation termination, regardless + of its success. This field is unset if the operation is still + ongoing. type: string - displayName: + resource: description: >- - Optional. A human-readable name you can set to display in a user - interface. Must be not longer than 1024 characters and only contain - UTF-8 letters or numbers, spaces or characters like `_-:&.` + Output only. The [relative name] + (https://cloud.google.com//apis/design/resource_names#relative_resource_name) + of the resource being operated on. + readOnly: true type: string - attributes: - description: >- - Optional. The attributes of the run. Should only be used for the - purpose of non-semantic management (classifying, describing or - labeling the run). Up to 100 attributes are allowed. - type: object - additionalProperties: - type: any - startTime: - description: Required. The timestamp of the start of the run. + state: + description: Output only. The current operation state. + enumDescriptions: + - Unused. + - The operation has been created but is not yet started. + - The operation is underway. + - The operation completed successfully. + - The operation is no longer running and did not succeed. + readOnly: true + enum: + - STATE_UNSPECIFIED + - PENDING + - RUNNING + - SUCCEEDED + - FAILED type: string - format: google-datetime - endTime: - description: Optional. The timestamp of the end of the run. + id: GoogleCloudDatacatalogLineageV1OperationMetadata + description: Metadata describing the operation. + GoogleCloudDatacatalogLineageV1BatchSearchLinkProcessesResponse: + type: object + properties: + nextPageToken: + description: >- + The token to specify as `page_token` in the subsequent call to get + the next page. Omitted if there are no more pages in the response. type: string - format: google-datetime - state: - description: Required. The state of the run. + processLinks: + items: + $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1ProcessLinks' + description: An array of processes associated with the specified links. + type: array + description: Response message for BatchSearchLinkProcesses. + id: GoogleCloudDatacatalogLineageV1BatchSearchLinkProcessesResponse + GoogleCloudDatacatalogLineageV1ListProcessesResponse: + description: Response message for ListProcesses. + id: GoogleCloudDatacatalogLineageV1ListProcessesResponse + type: object + properties: + nextPageToken: type: string - enumDescriptions: - - >- - The state is unknown. The true state may be any of the below or a - different state that is not supported here explicitly. - - The run is still executing. - - The run completed. - - The run failed. - - The run aborted. - enum: - - UNKNOWN - - STARTED - - COMPLETED - - FAILED - - ABORTED + description: >- + The token to specify as `page_token` in the next call to get the + next page. If this field is omitted, there are no subsequent pages. + processes: + items: + $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1Process' + type: array + description: The processes from the specified project and location. GoogleCloudDatacatalogLineageV1ListRunsResponse: id: GoogleCloudDatacatalogLineageV1ListRunsResponse - description: Response message for ListRuns. - type: object properties: runs: description: The runs from the specified project and location. @@ -318,165 +211,197 @@ components: items: $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1Run' nextPageToken: + type: string description: >- The token to specify as `page_token` in the next call to get the next page. If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudDatacatalogLineageV1LineageEvent: - id: GoogleCloudDatacatalogLineageV1LineageEvent - description: >- - A lineage event represents an operation on assets. Within the operation, - the data flows from the source to the target defined in the links field. type: object + description: Response message for ListRuns. + GoogleLongrunningOperation: + id: GoogleLongrunningOperation + type: object + description: >- + This resource represents a long-running operation that is the result of + a network API call. properties: + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/GoogleRpcStatus' name: description: >- - Immutable. The resource name of the lineage event. Format: - `projects/{project}/locations/{location}/processes/{process}/runs/{run}/lineageEvents/{lineage_event}`. - Can be specified or auto-assigned. {lineage_event} must be not - longer than 200 characters and only contain characters in a set: - `a-zA-Z0-9_-:.` + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string - links: + response: description: >- - Optional. List of source-target pairs. Can't contain more than 100 - tuples. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1EventLink' - startTime: + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + done: description: >- - Required. The beginning of the transformation which resulted in this - lineage event. For streaming scenarios, it should be the beginning - of the period from which the lineage is being reported. - type: string - format: google-datetime - endTime: + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - Optional. The end of the transformation which resulted in this - lineage event. For streaming scenarios, it should be the end of the - period from which the lineage is being reported. - type: string - format: google-datetime + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object GoogleCloudDatacatalogLineageV1EventLink: - id: GoogleCloudDatacatalogLineageV1EventLink - description: A lineage between source and target entities. - type: object properties: - source: - description: Required. Reference to the source entity - $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1EntityReference' target: + $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1EntityReference' description: Required. Reference to the target entity + source: + description: Required. Reference to the source entity $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1EntityReference' + type: object + description: A lineage between source and target entities. + id: GoogleCloudDatacatalogLineageV1EventLink + GoogleCloudDatacatalogLineageV1SearchLinksResponse: + id: GoogleCloudDatacatalogLineageV1SearchLinksResponse + description: Response message for SearchLinks. + type: object + properties: + nextPageToken: + description: >- + The token to specify as `page_token` in the subsequent call to get + the next page. Omitted if there are no more pages in the response. + type: string + links: + items: + $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1Link' + type: array + description: >- + The list of links for a given asset. Can be empty if the asset has + no relations of requested type (source or target). GoogleCloudDatacatalogLineageV1EntityReference: - id: GoogleCloudDatacatalogLineageV1EntityReference - description: The soft reference to everything you can attach a lineage event to. type: object properties: fullyQualifiedName: + type: string description: >- Required. [Fully Qualified Name (FQN)](https://cloud.google.com/dataplex/docs/fully-qualified-names) of the entity. - type: string - GoogleCloudDatacatalogLineageV1ListLineageEventsResponse: - id: GoogleCloudDatacatalogLineageV1ListLineageEventsResponse - description: Response message for ListLineageEvents. + id: GoogleCloudDatacatalogLineageV1EntityReference + description: The soft reference to everything you can attach a lineage event to. + GoogleLongrunningCancelOperationRequest: + id: GoogleLongrunningCancelOperationRequest + description: The request message for Operations.CancelOperation. type: object - properties: - lineageEvents: - description: Lineage events from the specified project and location. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1LineageEvent' - nextPageToken: - description: >- - The token to specify as `page_token` in the next call to get the - next page. If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudDatacatalogLineageV1SearchLinksRequest: - id: GoogleCloudDatacatalogLineageV1SearchLinksRequest - description: Request message for SearchLinks. + properties: {} + GoogleCloudDatacatalogLineageV1LineageEvent: type: object + description: >- + A lineage event represents an operation on assets. Within the operation, + the data flows from the source to the target defined in the links field. + id: GoogleCloudDatacatalogLineageV1LineageEvent properties: - source: + startTime: description: >- - Optional. Send asset information in the **source** field to retrieve - all links that lead from the specified asset to downstream assets. - $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1EntityReference' - target: + Required. The beginning of the transformation which resulted in this + lineage event. For streaming scenarios, it should be the beginning + of the period from which the lineage is being reported. + type: string + format: google-datetime + endTime: description: >- - Optional. Send asset information in the **target** field to retrieve - all links that lead from upstream assets to the specified asset. - $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1EntityReference' - pageSize: + Optional. The end of the transformation which resulted in this + lineage event. For streaming scenarios, it should be the end of the + period from which the lineage is being reported. + format: google-datetime + type: string + links: description: >- - Optional. The maximum number of links to return in a single page of - the response. A page may contain fewer links than this value. If - unspecified, at most 10 links are returned. Maximum value is 100; - values greater than 100 are reduced to 100. - type: integer - format: int32 - pageToken: + Optional. List of source-target pairs. Can't contain more than 100 + tuples. + items: + $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1EventLink' + type: array + name: description: >- - Optional. The page token received from a previous - `SearchLinksRequest` call. Use it to get the next page. When - requesting subsequent pages of a response, remember that all - parameters must match the values you provided in the original - request. + Immutable. The resource name of the lineage event. Format: + `projects/{project}/locations/{location}/processes/{process}/runs/{run}/lineageEvents/{lineage_event}`. + Can be specified or auto-assigned. {lineage_event} must be not + longer than 200 characters and only contain characters in a set: + `a-zA-Z0-9_-:.` type: string - GoogleCloudDatacatalogLineageV1SearchLinksResponse: - id: GoogleCloudDatacatalogLineageV1SearchLinksResponse - description: Response message for SearchLinks. + GoogleCloudDatacatalogLineageV1ProcessLinks: type: object properties: + process: + type: string + description: >- + The process name in the format of + `projects/{project}/locations/{location}/processes/{process}`. links: description: >- - The list of links for a given asset. Can be empty if the asset has - no relations of requested type (source or target). + An array containing link details objects of the links provided in + the original request. A single process can result in creating + multiple links. If any of the links you provide in the request are + created by the same process, they all are included in this array. type: array items: - $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1Link' - nextPageToken: - description: >- - The token to specify as `page_token` in the subsequent call to get - the next page. Omitted if there are no more pages in the response. - type: string - GoogleCloudDatacatalogLineageV1Link: - id: GoogleCloudDatacatalogLineageV1Link - description: >- - Links represent the data flow between **source** (upstream) and - **target** (downstream) assets in transformation pipelines. Links are - created when LineageEvents record data transformation between related - assets. - type: object + $ref: >- + #/components/schemas/GoogleCloudDatacatalogLineageV1ProcessLinkInfo + description: Links associated with a specific process. + id: GoogleCloudDatacatalogLineageV1ProcessLinks + GoogleLongrunningListOperationsResponse: properties: - name: - description: >- - Output only. Immutable. The name of the link. Format: - `projects/{project}/locations/{location}/links/{link}`. - readOnly: true - type: string - source: - description: The pointer to the entity that is the **source** of this link. - $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1EntityReference' - target: - description: The pointer to the entity that is the **target** of this link. - $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1EntityReference' - startTime: - description: The start of the first event establishing this link. - type: string - format: google-datetime - endTime: - description: The end of the last event establishing this link. + nextPageToken: + description: The standard List next-page token. type: string - format: google-datetime + unreachable: + type: array + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + items: + type: string + operations: + description: >- + A list of operations that matches the specified filter in the + request. + type: array + items: + $ref: '#/components/schemas/GoogleLongrunningOperation' + type: object + id: GoogleLongrunningListOperationsResponse + description: The response message for Operations.ListOperations. GoogleCloudDatacatalogLineageV1BatchSearchLinkProcessesRequest: - id: GoogleCloudDatacatalogLineageV1BatchSearchLinkProcessesRequest - description: Request message for BatchSearchLinkProcesses. type: object + id: GoogleCloudDatacatalogLineageV1BatchSearchLinkProcessesRequest properties: + pageToken: + description: >- + The page token received from a previous `BatchSearchLinkProcesses` + call. Use it to get the next page. When requesting subsequent pages + of a response, remember that all parameters must match the values + you provided in the original request. + type: string links: description: >- Required. An array of links to check for their associated @@ -488,137 +413,251 @@ components: items: type: string pageSize: + format: int32 + type: integer description: >- The maximum number of processes to return in a single page of the response. A page may contain fewer results than this value. + description: Request message for BatchSearchLinkProcesses. + GoogleCloudDatacatalogLineageV1SearchLinksRequest: + type: object + id: GoogleCloudDatacatalogLineageV1SearchLinksRequest + description: Request message for SearchLinks. + properties: + pageSize: + description: >- + Optional. The maximum number of links to return in a single page of + the response. A page may contain fewer links than this value. If + unspecified, at most 10 links are returned. Maximum value is 100; + values greater than 100 are reduced to 100. type: integer format: int32 + target: + description: >- + Optional. Send asset information in the **target** field to retrieve + all links that lead from upstream assets to the specified asset. + $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1EntityReference' pageToken: description: >- - The page token received from a previous `BatchSearchLinkProcesses` - call. Use it to get the next page. When requesting subsequent pages - of a response, remember that all parameters must match the values - you provided in the original request. + Optional. The page token received from a previous + `SearchLinksRequest` call. Use it to get the next page. When + requesting subsequent pages of a response, remember that all + parameters must match the values you provided in the original + request. type: string - GoogleCloudDatacatalogLineageV1BatchSearchLinkProcessesResponse: - id: GoogleCloudDatacatalogLineageV1BatchSearchLinkProcessesResponse - description: Response message for BatchSearchLinkProcesses. + source: + $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1EntityReference' + description: >- + Optional. Send asset information in the **source** field to retrieve + all links that lead from the specified asset to downstream assets. + GoogleCloudDatacatalogLineageV1ProcessOpenLineageRunEventResponse: type: object properties: - processLinks: - description: An array of processes associated with the specified links. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1ProcessLinks' - nextPageToken: + run: description: >- - The token to specify as `page_token` in the subsequent call to get - the next page. Omitted if there are no more pages in the response. + Created run name. Format: + `projects/{project}/locations/{location}/processes/{process}/runs/{run}`. type: string - GoogleCloudDatacatalogLineageV1ProcessLinks: - id: GoogleCloudDatacatalogLineageV1ProcessLinks - description: Links associated with a specific process. - type: object - properties: process: description: >- - The process name in the format of + Created process name. Format: `projects/{project}/locations/{location}/processes/{process}`. type: string - links: - description: >- - An array containing link details objects of the links provided in - the original request. A single process can result in creating - multiple links. If any of the links you provide in the request are - created by the same process, they all are included in this array. + lineageEvents: type: array items: - $ref: >- - #/components/schemas/GoogleCloudDatacatalogLineageV1ProcessLinkInfo - GoogleCloudDatacatalogLineageV1ProcessLinkInfo: - id: GoogleCloudDatacatalogLineageV1ProcessLinkInfo - description: Link details. - type: object - properties: - link: + type: string description: >- - The name of the link in the format of - `projects/{project}/locations/{location}/links/{link}`. + Created lineage event names. Format: + `projects/{project}/locations/{location}/processes/{process}/runs/{run}/lineageEvents/{lineage_event}`. + description: Response message for ProcessOpenLineageRunEvent. + id: GoogleCloudDatacatalogLineageV1ProcessOpenLineageRunEventResponse + GoogleCloudDatacatalogLineageV1Run: + properties: + displayName: type: string + description: >- + Optional. A human-readable name you can set to display in a user + interface. Must be not longer than 1024 characters and only contain + UTF-8 letters or numbers, spaces or characters like `_-:&.` startTime: - description: The start of the first event establishing this link-process tuple. + description: Required. The timestamp of the start of the run. type: string format: google-datetime + state: + enumDescriptions: + - >- + The state is unknown. The true state may be any of the below or a + different state that is not supported here explicitly. + - The run is still executing. + - The run completed. + - The run failed. + - The run aborted. + enum: + - UNKNOWN + - STARTED + - COMPLETED + - FAILED + - ABORTED + description: Required. The state of the run. + type: string endTime: - description: The end of the last event establishing this link-process tuple. type: string + description: Optional. The timestamp of the end of the run. format: google-datetime - GoogleCloudDatacatalogLineageV1OperationMetadata: - id: GoogleCloudDatacatalogLineageV1OperationMetadata - description: Metadata describing the operation. + name: + type: string + description: >- + Immutable. The resource name of the run. Format: + `projects/{project}/locations/{location}/processes/{process}/runs/{run}`. + Can be specified or auto-assigned. {run} must be not longer than 200 + characters and only contain characters in a set: `a-zA-Z0-9_-:.` + attributes: + description: >- + Optional. The attributes of the run. Should only be used for the + purpose of non-semantic management (classifying, describing or + labeling the run). Up to 100 attributes are allowed. + additionalProperties: + type: any + type: object + type: object + id: GoogleCloudDatacatalogLineageV1Run + description: >- + A lineage run represents an execution of a process that creates lineage + events. + GoogleCloudDatacatalogLineageV1Process: type: object properties: - state: - description: Output only. The current operation state. - readOnly: true - type: string - enumDescriptions: - - Unused. - - The operation has been created but is not yet started. - - The operation is underway. - - The operation completed successfully. - - The operation is no longer running and did not succeed. - enum: - - STATE_UNSPECIFIED - - PENDING - - RUNNING - - SUCCEEDED - - FAILED - operationType: - description: Output only. The type of the operation being performed. - readOnly: true + attributes: + type: object + description: >- + Optional. The attributes of the process. Should only be used for the + purpose of non-semantic management (classifying, describing or + labeling the process). Up to 100 attributes are allowed. + additionalProperties: + type: any + origin: + $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1Origin' + description: >- + Optional. The origin of this process and its runs and lineage + events. + name: + description: >- + Immutable. The resource name of the lineage process. Format: + `projects/{project}/locations/{location}/processes/{process}`. Can + be specified or auto-assigned. {process} must be not longer than 200 + characters and only contain characters in a set: `a-zA-Z0-9_-:.` type: string - enumDescriptions: - - Unused. - - The resource deletion operation. - - The resource creation operation. - enum: - - TYPE_UNSPECIFIED - - DELETE - - CREATE - resource: + displayName: description: >- - Output only. The [relative name] - (https://cloud.google.com//apis/design/resource_names#relative_resource_name) - of the resource being operated on. - readOnly: true + Optional. A human-readable name you can set to display in a user + interface. Must be not longer than 200 characters and only contain + UTF-8 letters or numbers, spaces or characters like `_-:&.` type: string - resourceUuid: - description: Output only. The UUID of the resource being operated on. - readOnly: true + id: GoogleCloudDatacatalogLineageV1Process + description: A process is the definition of a data transformation operation. + GoogleCloudDatacatalogLineageV1Origin: + type: object + id: GoogleCloudDatacatalogLineageV1Origin + properties: + name: type: string - createTime: description: >- - Output only. The timestamp of the operation submission to the - server. - readOnly: true - type: string - format: google-datetime - endTime: + If the source_type isn't CUSTOM, the value of this field should be a + Google Cloud resource name of the system, which reports lineage. The + project and location parts of the resource name must match the + project and location of the lineage resource being created. + Examples: - `{source_type: COMPOSER, name: + "projects/foo/locations/us/environments/bar"}` - `{source_type: + BIGQUERY, name: "projects/foo/locations/eu"}` - `{source_type: + CUSTOM, name: "myCustomIntegration"}` + sourceType: + type: string + enumDescriptions: + - Source is Unspecified + - A custom source + - BigQuery + - Data Fusion + - Composer + - Looker Studio + - Dataproc + - Vertex AI + enum: + - SOURCE_TYPE_UNSPECIFIED + - CUSTOM + - BIGQUERY + - DATA_FUSION + - COMPOSER + - LOOKER_STUDIO + - DATAPROC + - VERTEX_AI + description: >- + Type of the source. Use of a source_type other than `CUSTOM` for + process creation or updating is highly discouraged. It might be + restricted in the future without notice. There will be increase in + cost if you use any of the source types other than `CUSTOM`. + description: Origin of a process. + GoogleCloudDatacatalogLineageV1ListLineageEventsResponse: + properties: + lineageEvents: + type: array + description: Lineage events from the specified project and location. + items: + $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1LineageEvent' + nextPageToken: description: >- - Output only. The timestamp of the operation termination, regardless - of its success. This field is unset if the operation is still - ongoing. - readOnly: true + The token to specify as `page_token` in the next call to get the + next page. If this field is omitted, there are no subsequent pages. type: string - format: google-datetime + id: GoogleCloudDatacatalogLineageV1ListLineageEventsResponse + description: Response message for ListLineageEvents. + type: object + GoogleProtobufEmpty: + properties: {} + type: object + id: GoogleProtobufEmpty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } parameters: + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string + callback: + description: JSONP + in: query + name: callback + schema: + type: string access_token: description: OAuth access token. in: query name: access_token schema: type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string alt: description: Data format for response. in: query @@ -629,48 +668,18 @@ components: - json - media - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string upload_protocol: description: Upload protocol for media (e.g. "raw", "multipart"). in: query @@ -698,17 +707,17 @@ components: name: locations title: Locations methods: - process_open_lineage_run_event: + search_links: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:processOpenLineageRunEvent/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:searchLinks/post response: mediaType: application/json openAPIDocKey: '200' - search_links: + process_open_lineage_run_event: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:searchLinks/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:processOpenLineageRunEvent/post response: mediaType: application/json openAPIDocKey: '200' @@ -730,14 +739,6 @@ components: name: operations title: Operations methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations get: operation: $ref: >- @@ -759,6 +760,14 @@ components: response: mediaType: application/json openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/operations/methods/get' @@ -773,39 +782,39 @@ components: name: processes title: Processes methods: - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1processes/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1processes~1{processesId}/patch response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1processes/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1processes~1{processesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.processes - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1processes~1{processesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1processes~1{processesId}/delete response: mediaType: application/json openAPIDocKey: '200' - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1processes~1{processesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1processes/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.processes + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1processes~1{processesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1processes/post response: mediaType: application/json openAPIDocKey: '200' @@ -877,13 +886,6 @@ components: name: lineage_events title: Lineage_events methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1processes~1{processesId}~1runs~1{runsId}~1lineageEvents/post - response: - mediaType: application/json - openAPIDocKey: '200' list: operation: $ref: >- @@ -892,10 +894,10 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.lineageEvents - get: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1processes~1{processesId}~1runs~1{runsId}~1lineageEvents~1{lineageEventsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1processes~1{processesId}~1runs~1{runsId}~1lineageEvents/post response: mediaType: application/json openAPIDocKey: '200' @@ -906,6 +908,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1processes~1{processesId}~1runs~1{runsId}~1lineageEvents~1{lineageEventsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/lineage_events/methods/get' @@ -917,56 +926,19 @@ components: delete: - $ref: '#/components/x-stackQL-resources/lineage_events/methods/delete' paths: - /v1/projects/{projectsId}/locations/{locationsId}:processOpenLineageRunEvent: + /v1/projects/{projectsId}/locations/{locationsId}:searchLinks: parameters: &ref_1 + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' - post: - description: >- - Creates new lineage events together with their parents: process and run. - Updates the process and run if they already exist. Mapped from Open - Lineage specification: - https://github.com/OpenLineage/OpenLineage/blob/main/spec/OpenLineage.json. - operationId: datalineage.projects.locations.processOpenLineageRunEvent - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDatacatalogLineageV1ProcessOpenLineageRunEventResponse - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: requestId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}:searchLinks: - parameters: *ref_1 post: description: >- Retrieve a list of links connected to a specific asset. Links represent @@ -1006,26 +978,15 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}:batchSearchLinkProcesses: + /v1/projects/{projectsId}/locations/{locationsId}:processOpenLineageRunEvent: parameters: *ref_1 post: description: >- - Retrieve information about LineageProcesses associated with specific - links. LineageProcesses are transformation pipelines that result in data - flowing from **source** to **target** assets. Links between assets - represent this operation. If you have specific link names, you can use - this method to verify which LineageProcesses contribute to creating - those links. See the SearchLinks method for more information on how to - retrieve link name. You can retrieve the LineageProcess information in - every project where you have the `datalineage.events.get` permission. - The project provided in the URL is used for Billing and Quota. - operationId: datalineage.projects.locations.batchSearchLinkProcesses - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDatacatalogLineageV1BatchSearchLinkProcessesRequest + Creates new lineage events together with their parents: process and run. + Updates the process and run if they already exist. Mapped from Open + Lineage specification: + https://github.com/OpenLineage/OpenLineage/blob/main/spec/OpenLineage.json. + operationId: datalineage.projects.locations.processOpenLineageRunEvent security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1038,7 +999,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDatacatalogLineageV1BatchSearchLinkProcessesResponse + #/components/schemas/GoogleCloudDatacatalogLineageV1ProcessOpenLineageRunEventResponse parameters: - in: path name: projectsId @@ -1050,13 +1011,30 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}:batchSearchLinkProcesses: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: datalineage.projects.locations.operations.list + post: + description: >- + Retrieve information about LineageProcesses associated with specific + links. LineageProcesses are transformation pipelines that result in data + flowing from **source** to **target** assets. Links between assets + represent this operation. If you have specific link names, you can use + this method to verify which LineageProcesses contribute to creating + those links. See the SearchLinks method for more information on how to + retrieve link name. You can retrieve the LineageProcess information in + every project where you have the `datalineage.events.get` permission. + The project provided in the URL is used for Billing and Quota. + operationId: datalineage.projects.locations.batchSearchLinkProcesses + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDatacatalogLineageV1BatchSearchLinkProcessesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1068,7 +1046,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudDatacatalogLineageV1BatchSearchLinkProcessesResponse parameters: - in: path name: projectsId @@ -1080,19 +1059,6 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: @@ -1211,16 +1177,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processes: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 - post: - description: Creates a new process. - operationId: datalineage.projects.locations.processes.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1Process' + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: datalineage.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1232,7 +1195,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1Process' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -1245,36 +1208,15 @@ paths: schema: type: string - in: query - name: requestId + name: filter schema: type: string - get: - description: >- - List processes in the given project and location. List order is - descending by insertion time. - operationId: datalineage.projects.locations.processes.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDatacatalogLineageV1ListProcessesResponse - parameters: - - in: path - name: projectsId - required: true + - in: query + name: returnPartialSuccess schema: - type: string - - in: path - name: locationsId - required: true + type: boolean + - in: query + name: pageToken schema: type: string - in: query @@ -1282,10 +1224,6 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string /v1/projects/{projectsId}/locations/{locationsId}/processes/{processesId}: parameters: *ref_1 patch: @@ -1324,15 +1262,15 @@ paths: required: true schema: type: string + - in: query + name: allowMissing + schema: + type: boolean - in: query name: updateMask schema: type: string format: google-fieldmask - - in: query - name: allowMissing - schema: - type: boolean - in: query name: requestId schema: @@ -1403,6 +1341,81 @@ paths: name: allowMissing schema: type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/processes: + parameters: *ref_1 + get: + description: >- + List processes in the given project and location. List order is + descending by insertion time. + operationId: datalineage.projects.locations.processes.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDatacatalogLineageV1ListProcessesResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + post: + description: Creates a new process. + operationId: datalineage.projects.locations.processes.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1Process' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1Process' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: requestId + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/processes/{processesId}/runs: parameters: *ref_1 post: @@ -1479,15 +1492,15 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string /v1/projects/{projectsId}/locations/{locationsId}/processes/{processesId}/runs/{runsId}: parameters: *ref_1 patch: @@ -1531,15 +1544,15 @@ paths: required: true schema: type: string + - in: query + name: allowMissing + schema: + type: boolean - in: query name: updateMask schema: type: string format: google-fieldmask - - in: query - name: allowMissing - schema: - type: boolean get: description: Gets the details of the specified run. operationId: datalineage.projects.locations.processes.runs.get @@ -1618,14 +1631,11 @@ paths: type: boolean /v1/projects/{projectsId}/locations/{locationsId}/processes/{processesId}/runs/{runsId}/lineageEvents: parameters: *ref_1 - post: - description: Creates a new lineage event. - operationId: datalineage.projects.locations.processes.runs.lineageEvents.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1LineageEvent' + get: + description: >- + Lists lineage events in the given project and location. The list order + is not defined. + operationId: datalineage.projects.locations.processes.runs.lineageEvents.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1638,7 +1648,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDatacatalogLineageV1LineageEvent + #/components/schemas/GoogleCloudDatacatalogLineageV1ListLineageEventsResponse parameters: - in: path name: projectsId @@ -1661,14 +1671,22 @@ paths: schema: type: string - in: query - name: requestId + name: pageToken schema: type: string - get: - description: >- - Lists lineage events in the given project and location. The list order - is not defined. - operationId: datalineage.projects.locations.processes.runs.lineageEvents.list + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a new lineage event. + operationId: datalineage.projects.locations.processes.runs.lineageEvents.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDatacatalogLineageV1LineageEvent' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1681,7 +1699,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDatacatalogLineageV1ListLineageEventsResponse + #/components/schemas/GoogleCloudDatacatalogLineageV1LineageEvent parameters: - in: path name: projectsId @@ -1704,19 +1722,14 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: requestId schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/processes/{processesId}/runs/{runsId}/lineageEvents/{lineageEventsId}: parameters: *ref_1 - get: - description: Gets details of a specified lineage event. - operationId: datalineage.projects.locations.processes.runs.lineageEvents.get + delete: + description: Deletes the lineage event with the specified name. + operationId: datalineage.projects.locations.processes.runs.lineageEvents.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1728,8 +1741,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDatacatalogLineageV1LineageEvent + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -1756,9 +1768,13 @@ paths: required: true schema: type: string - delete: - description: Deletes the lineage event with the specified name. - operationId: datalineage.projects.locations.processes.runs.lineageEvents.delete + - in: query + name: allowMissing + schema: + type: boolean + get: + description: Gets details of a specified lineage event. + operationId: datalineage.projects.locations.processes.runs.lineageEvents.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1770,7 +1786,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudDatacatalogLineageV1LineageEvent parameters: - in: path name: projectsId @@ -1797,7 +1814,3 @@ paths: required: true schema: type: string - - in: query - name: allowMissing - schema: - type: boolean diff --git a/providers/src/googleapis.com/v00.00.00000/services/datamigration.yaml b/providers/src/googleapis.com/v00.00.00000/services/datamigration.yaml index c414c349..b5df3ef6 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/datamigration.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/datamigration.yaml @@ -7,8 +7,8 @@ info: title: Database Migration API description: Manage Cloud Database Migration Service resources on Google Cloud Platform. version: v1 - x-discovery-doc-revision: '20250815' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251201' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/database-migration/ servers: @@ -49,6 +49,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -567,6 +576,11 @@ components: promoteWhenReady: description: Optional. Promote databases when ready. type: boolean + dagConfig: + description: >- + Optional. Configuration for distributed availability group (DAG) for + the SQL Server homogeneous migration. + $ref: '#/components/schemas/SqlServerDagConfig' SqlServerDatabaseBackup: id: SqlServerDatabaseBackup description: >- @@ -605,6 +619,23 @@ components: pvkPassword: description: Required. Input only. Password that encrypts the private key. type: string + SqlServerDagConfig: + id: SqlServerDagConfig + description: >- + Configuration for distributed availability group (DAG) for the SQL + Server homogeneous migration. + type: object + properties: + sourceAg: + description: >- + Required. The name of the source availability group. Only used by + DAG migrations. + type: string + linkedServer: + description: >- + Required. The name of the linked server that points to the source + SQL Server instance. Only used by DAG migrations. + type: string OracleToPostgresConfig: id: OracleToPostgresConfig description: >- @@ -1292,6 +1323,12 @@ components: description: Required. The network port of the source SQL Server database. type: integer format: int32 + dbmPort: + description: >- + Optional. The Database Mirroring (DBM) port of the source SQL Server + instance. + type: integer + format: int32 username: description: >- Required. The username that Database Migration Service will use to @@ -1316,6 +1353,11 @@ components: SSL configuration for the destination to connect to the source database. $ref: '#/components/schemas/SslConfig' + cloudSqlProjectId: + description: >- + Optional. The project id of the Cloud SQL instance. If not provided, + the project id of the connection profile will be used. + type: string cloudSqlId: description: >- If the source is a Cloud SQL database, use this field to provide the @@ -5783,6 +5825,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/datapipelines.yaml b/providers/src/googleapis.com/v00.00.00000/services/datapipelines.yaml index b38986ab..9bc2b6e5 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/datapipelines.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/datapipelines.yaml @@ -9,8 +9,8 @@ info: Data Pipelines provides an interface for creating, updating, and managing recurring Data Analytics jobs. version: v1 - x-discovery-doc-revision: '20250810' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251116' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/dataflow/docs/guides/data-pipelines servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/dataplex.yaml b/providers/src/googleapis.com/v00.00.00000/services/dataplex.yaml index b139f0e9..b2d0ae58 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/dataplex.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/dataplex.yaml @@ -7,8 +7,8 @@ info: title: Cloud Dataplex API description: A unified, intelligent governance solution for data and AI assets. version: v1 - x-discovery-doc-revision: '20250820' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251128' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/dataplex/docs servers: @@ -49,6 +49,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets ListOperationsRequest.return_partial_success and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + items: + type: string GoogleLongrunningOperation: id: GoogleLongrunningOperation description: >- @@ -300,6 +309,15 @@ components: and delete requests to ensure it has an up-to-date value before proceeding. type: string + dataClassification: + description: Optional. Immutable. Stores data classification of the aspect. + type: string + enumDescriptions: + - Denotes that the aspect contains only metadata. + - Metadata and data classification. + enum: + - DATA_CLASSIFICATION_UNSPECIFIED + - METADATA_AND_DATA authorization: description: Immutable. Defines the Authorization for this type. $ref: '#/components/schemas/GoogleCloudDataplexV1AspectTypeAuthorization' @@ -1046,12 +1064,12 @@ components: properties: entryGroups: description: >- - Required. The entry group that is in scope for the import job, - specified as a relative resource name in the format + Required. The entry groups that are in scope for the import job, + specified as relative resource names in the format projects/{project_number_or_id}/locations/{location_id}/entryGroups/{entry_group_id}. - Only entries and aspects that belong to the specified entry group - are affected by the job.Must contain exactly one element. The entry - group and the job must be in the same location. + Only entries and aspects that belong to the specified entry groups + are affected by the job.The entry groups and the job must be in the + same location. type: array items: type: string @@ -1707,6 +1725,9 @@ components: readOnly: true $ref: >- #/components/schemas/GoogleCloudDataplexV1EncryptionConfigFailureDetails + enableMetastoreEncryption: + description: Optional. Represent the state of CMEK opt-in for metastore. + type: boolean GoogleCloudDataplexV1EncryptionConfigFailureDetails: id: GoogleCloudDataplexV1EncryptionConfigFailureDetails description: Details of the failure if anything related to Cmek db fails. @@ -2533,7 +2554,11 @@ components: discovery: scans data in Cloud Storage buckets to extract and then catalog metadata. For more information, see Discover and catalog Cloud Storage data - (https://cloud.google.com/bigquery/docs/automatic-discovery). + (https://cloud.google.com/bigquery/docs/automatic-discovery). Data + documentation: analyzes the table details and generates insights + including descriptions and sample SQL queries for the table. For more + information, see Generate data insights in BigQuery + (https://cloud.google.com/bigquery/docs/data-insights). type: object properties: name: @@ -2614,11 +2639,13 @@ components: - Data quality scan. - Data profile scan. - Data discovery scan. + - Data documentation scan. enum: - DATA_SCAN_TYPE_UNSPECIFIED - DATA_QUALITY - DATA_PROFILE - DATA_DISCOVERY + - DATA_DOCUMENTATION dataQualitySpec: description: Settings for a data quality scan. $ref: '#/components/schemas/GoogleCloudDataplexV1DataQualitySpec' @@ -2628,6 +2655,9 @@ components: dataDiscoverySpec: description: Settings for a data discovery scan. $ref: '#/components/schemas/GoogleCloudDataplexV1DataDiscoverySpec' + dataDocumentationSpec: + description: Settings for a data documentation scan. + $ref: '#/components/schemas/GoogleCloudDataplexV1DataDocumentationSpec' dataQualityResult: description: Output only. The result of a data quality scan. readOnly: true @@ -2640,6 +2670,10 @@ components: description: Output only. The result of a data discovery scan. readOnly: true $ref: '#/components/schemas/GoogleCloudDataplexV1DataDiscoveryResult' + dataDocumentationResult: + description: Output only. The result of a data documentation scan. + readOnly: true + $ref: '#/components/schemas/GoogleCloudDataplexV1DataDocumentationResult' GoogleCloudDataplexV1DataSource: id: GoogleCloudDataplexV1DataSource description: The data source for DataScan. @@ -2657,8 +2691,8 @@ components: resource for a DataScan job to scan against. The field could either be: Cloud Storage bucket for DataDiscoveryScan Format: //storage.googleapis.com/projects/PROJECT_ID/buckets/BUCKET_ID or - BigQuery table of type "TABLE" for DataProfileScan/DataQualityScan - Format: + BigQuery table of type "TABLE" for + DataProfileScan/DataQualityScan/DataDocumentationScan Format: //bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID/tables/TABLE_ID type: string GoogleCloudDataplexV1DataScanExecutionSpec: @@ -2689,6 +2723,11 @@ components: schedule: description: The scan is scheduled to run periodically. $ref: '#/components/schemas/GoogleCloudDataplexV1TriggerSchedule' + oneTime: + description: >- + The scan runs once, and does not create an associated ScanJob child + resource. + $ref: '#/components/schemas/GoogleCloudDataplexV1TriggerOneTime' GoogleCloudDataplexV1TriggerOnDemand: id: GoogleCloudDataplexV1TriggerOnDemand description: The scan runs once via RunDataScan API. @@ -2711,6 +2750,20 @@ components: TZ=America/New_York 1 * * * *.This field is required for Schedule scans. type: string + GoogleCloudDataplexV1TriggerOneTime: + id: GoogleCloudDataplexV1TriggerOneTime + description: The scan runs once using create API. + type: object + properties: + ttlAfterScanCompletion: + description: >- + Optional. Time to live for OneTime scans. default value is 24 hours, + minimum value is 0 seconds, and maximum value is 365 days. The time + is calculated from the data scan job completion time. If value is + set as 0 seconds, the scan will be immediately deleted upon job + completion, regardless of whether the job succeeded or failed. + type: string + format: google-duration GoogleCloudDataplexV1DataScanExecutionStatus: id: GoogleCloudDataplexV1DataScanExecutionStatus description: Status of the data scan execution. @@ -3133,6 +3186,11 @@ components: include_fields value. $ref: >- #/components/schemas/GoogleCloudDataplexV1DataProfileSpecSelectedFields + catalogPublishingEnabled: + description: >- + Optional. If set, the latest DataScan job result will be published + as Dataplex Universal Catalog metadata. + type: boolean GoogleCloudDataplexV1DataProfileSpecPostScanActions: id: GoogleCloudDataplexV1DataProfileSpecPostScanActions description: The configuration of post scan actions of DataProfileScan job. @@ -3319,6 +3377,14 @@ components: data. If true, all columns are registered as their primitive types (strings, number, or boolean). type: boolean + GoogleCloudDataplexV1DataDocumentationSpec: + id: GoogleCloudDataplexV1DataDocumentationSpec + description: DataDocumentation scan related spec. + type: object + properties: + catalogPublishingEnabled: + description: Optional. Whether to publish result to Dataplex Catalog. + type: boolean GoogleCloudDataplexV1DataQualityResult: id: GoogleCloudDataplexV1DataQualityResult description: The output of a DataQualityScan. @@ -3383,6 +3449,11 @@ components: readOnly: true $ref: >- #/components/schemas/GoogleCloudDataplexV1DataScanCatalogPublishingStatus + anomalyDetectionGeneratedAssets: + description: Output only. The generated assets for anomaly detection. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDataplexV1DataQualityResultAnomalyDetectionGeneratedAssets GoogleCloudDataplexV1DataQualityDimensionResult: id: GoogleCloudDataplexV1DataQualityDimensionResult description: >- @@ -3596,6 +3667,37 @@ components: - STATE_UNSPECIFIED - SUCCEEDED - FAILED + GoogleCloudDataplexV1DataQualityResultAnomalyDetectionGeneratedAssets: + id: GoogleCloudDataplexV1DataQualityResultAnomalyDetectionGeneratedAssets + description: The assets generated by Anomaly Detection Data Scan. + type: object + properties: + resultTable: + description: >- + Output only. The result table for anomaly detection. Format: + PROJECT_ID.DATASET_ID.TABLE_ID If the result table is set at + AnomalyDetectionAssets, the result table here would be the same as + the one set in the AnomalyDetectionAssets.result_table. + readOnly: true + type: string + dataIntermediateTable: + description: >- + Output only. The intermediate table for data anomaly detection. + Format: PROJECT_ID.DATASET_ID.TABLE_ID + readOnly: true + type: string + freshnessIntermediateTable: + description: >- + Output only. The intermediate table for freshness anomaly detection. + Format: PROJECT_ID.DATASET_ID.TABLE_ID + readOnly: true + type: string + volumeIntermediateTable: + description: >- + Output only. The intermediate table for volume anomaly detection. + Format: PROJECT_ID.DATASET_ID.TABLE_ID + readOnly: true + type: string GoogleCloudDataplexV1DataProfileResult: id: GoogleCloudDataplexV1DataProfileResult description: >- @@ -3621,6 +3723,13 @@ components: readOnly: true $ref: >- #/components/schemas/GoogleCloudDataplexV1DataProfileResultPostScanActionsResult + catalogPublishingStatus: + description: >- + Output only. The status of publishing the data scan as Dataplex + Universal Catalog metadata. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDataplexV1DataScanCatalogPublishingStatus GoogleCloudDataplexV1DataProfileResultProfile: id: GoogleCloudDataplexV1DataProfileResultProfile description: Contains name, type, mode and field type specific profile information. @@ -3967,6 +4076,91 @@ components: description: The number of filesets updated. type: integer format: int32 + GoogleCloudDataplexV1DataDocumentationResult: + id: GoogleCloudDataplexV1DataDocumentationResult + description: The output of a DataDocumentation scan. + type: object + properties: + tableResult: + description: Output only. Table result for insights. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDataplexV1DataDocumentationResultTableResult + GoogleCloudDataplexV1DataDocumentationResultTableResult: + id: GoogleCloudDataplexV1DataDocumentationResultTableResult + description: Generated metadata about the table. + type: object + properties: + name: + description: >- + Output only. The service-qualified full resource name of the cloud + resource. Ex: + //bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID/tables/TABLE_ID + readOnly: true + type: string + overview: + description: Output only. Generated description of the table. + readOnly: true + type: string + schema: + description: >- + Output only. Schema of the table with generated metadata of the + columns in the schema. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDataplexV1DataDocumentationResultSchema + queries: + description: Output only. Sample SQL queries for the table. + readOnly: true + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDataplexV1DataDocumentationResultQuery + GoogleCloudDataplexV1DataDocumentationResultSchema: + id: GoogleCloudDataplexV1DataDocumentationResultSchema + description: Schema of the table with generated metadata of columns. + type: object + properties: + fields: + description: Output only. The list of columns. + readOnly: true + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDataplexV1DataDocumentationResultField + GoogleCloudDataplexV1DataDocumentationResultField: + id: GoogleCloudDataplexV1DataDocumentationResultField + description: Column of a table with generated metadata and nested fields. + type: object + properties: + name: + description: Output only. The name of the column. + readOnly: true + type: string + description: + description: Output only. Generated description for columns and fields. + readOnly: true + type: string + fields: + description: Output only. Nested fields. + readOnly: true + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDataplexV1DataDocumentationResultField + GoogleCloudDataplexV1DataDocumentationResultQuery: + id: GoogleCloudDataplexV1DataDocumentationResultQuery + description: A sample SQL query in data documentation. + type: object + properties: + sql: + description: Output only. The SQL query string which can be executed. + readOnly: true + type: string + description: + description: Output only. The description for the query. + readOnly: true + type: string GoogleCloudDataplexV1ListDataScansResponse: id: GoogleCloudDataplexV1ListDataScansResponse description: List dataScans response. @@ -4068,11 +4262,13 @@ components: - Data quality scan. - Data profile scan. - Data discovery scan. + - Data documentation scan. enum: - DATA_SCAN_TYPE_UNSPECIFIED - DATA_QUALITY - DATA_PROFILE - DATA_DISCOVERY + - DATA_DOCUMENTATION dataQualitySpec: description: Output only. Settings for a data quality scan. readOnly: true @@ -4085,6 +4281,10 @@ components: description: Output only. Settings for a data discovery scan. readOnly: true $ref: '#/components/schemas/GoogleCloudDataplexV1DataDiscoverySpec' + dataDocumentationSpec: + description: Output only. Settings for a data documentation scan. + readOnly: true + $ref: '#/components/schemas/GoogleCloudDataplexV1DataDocumentationSpec' dataQualityResult: description: Output only. The result of a data quality scan. readOnly: true @@ -4097,6 +4297,10 @@ components: description: Output only. The result of a data discovery scan. readOnly: true $ref: '#/components/schemas/GoogleCloudDataplexV1DataDiscoveryResult' + dataDocumentationResult: + description: Output only. The result of a data documentation scan. + readOnly: true + $ref: '#/components/schemas/GoogleCloudDataplexV1DataDocumentationResult' GoogleCloudDataplexV1ListDataScanJobsResponse: id: GoogleCloudDataplexV1ListDataScanJobsResponse description: List DataScanJobs response. @@ -6941,10 +7145,12 @@ components: - An unspecified trigger type. - Data scan triggers on demand. - Data scan triggers as per schedule. + - Data scan is run one time on creation. enum: - TRIGGER_UNSPECIFIED - ON_DEMAND - SCHEDULE + - ONE_TIME scope: description: The scope of the data scan (e.g. full, incremental). type: string @@ -9603,79 +9809,79 @@ components: - $ref: >- #/components/x-stackQL-resources/governance_rules_iam_policies/methods/projects_locations_governance_rules_set_iam_policy delete: [] - data_products_iam_policies: - id: google.dataplex.data_products_iam_policies - name: data_products_iam_policies - title: Data_products_iam_policies + change_requests_iam_policies: + id: google.dataplex.change_requests_iam_policies + name: change_requests_iam_policies + title: Change_requests_iam_policies methods: - projects_locations_data_products_set_iam_policy: + projects_locations_change_requests_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataProducts~1{dataProductsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1changeRequests~1{changeRequestsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_products_get_iam_policy: + projects_locations_change_requests_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataProducts~1{dataProductsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1changeRequests~1{changeRequestsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - projects_locations_data_products_test_iam_permissions: + projects_locations_change_requests_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataProducts~1{dataProductsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1changeRequests~1{changeRequestsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/data_products_iam_policies/methods/projects_locations_data_products_get_iam_policy + #/components/x-stackQL-resources/change_requests_iam_policies/methods/projects_locations_change_requests_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/data_products_iam_policies/methods/projects_locations_data_products_set_iam_policy + #/components/x-stackQL-resources/change_requests_iam_policies/methods/projects_locations_change_requests_set_iam_policy delete: [] - data_assets_iam_policies: - id: google.dataplex.data_assets_iam_policies - name: data_assets_iam_policies - title: Data_assets_iam_policies + data_products_iam_policies: + id: google.dataplex.data_products_iam_policies + name: data_products_iam_policies + title: Data_products_iam_policies methods: - projects_locations_data_products_data_assets_set_iam_policy: + projects_locations_data_products_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataProducts~1{dataProductsId}~1dataAssets~1{dataAssetsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataProducts~1{dataProductsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_products_data_assets_get_iam_policy: + projects_locations_data_products_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataProducts~1{dataProductsId}~1dataAssets~1{dataAssetsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataProducts~1{dataProductsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - projects_locations_data_products_data_assets_test_iam_permissions: + projects_locations_data_products_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataProducts~1{dataProductsId}~1dataAssets~1{dataAssetsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataProducts~1{dataProductsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/data_assets_iam_policies/methods/projects_locations_data_products_data_assets_get_iam_policy + #/components/x-stackQL-resources/data_products_iam_policies/methods/projects_locations_data_products_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/data_assets_iam_policies/methods/projects_locations_data_products_data_assets_set_iam_policy + #/components/x-stackQL-resources/data_products_iam_policies/methods/projects_locations_data_products_set_iam_policy delete: [] encryption_configs: id: google.dataplex.encryption_configs @@ -9786,7 +9992,13 @@ paths: - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' get: - description: Looks up an entry by name using the permission on the source system. + description: >- + Looks up an entry by name using the permission on the source system. + Caution: The Vertex AI, Bigtable, Spanner, Pub/Sub, Dataform, and + Dataproc Metastore metadata that is stored in Dataplex Universal Catalog + is changing. For more information, see Changes to metadata stored in + Dataplex Universal Catalog + (https://cloud.google.com/dataplex/docs/metadata-changes). operationId: dataplex.projects.locations.lookupEntry security: - Oauth2: @@ -9992,6 +10204,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: @@ -11119,7 +11335,12 @@ paths: schema: type: string get: - description: Lists Entries within an EntryGroup. + description: >- + Lists Entries within an EntryGroup. Caution: The Vertex AI, Bigtable, + Spanner, Pub/Sub, Dataform, and Dataproc Metastore metadata that is + stored in Dataplex Universal Catalog is changing. For more information, + see Changes to metadata stored in Dataplex Universal Catalog + (https://cloud.google.com/dataplex/docs/metadata-changes). operationId: dataplex.projects.locations.entryGroups.entries.list security: - Oauth2: @@ -11259,7 +11480,12 @@ paths: schema: type: string get: - description: Gets an Entry. + description: >- + Gets an Entry. Caution: The Vertex AI, Bigtable, Spanner, Pub/Sub, + Dataform, and Dataproc Metastore metadata that is stored in Dataplex + Universal Catalog is changing. For more information, see Changes to + metadata stored in Dataplex Universal Catalog + (https://cloud.google.com/dataplex/docs/metadata-changes). operationId: dataplex.projects.locations.entryGroups.entries.get security: - Oauth2: @@ -17744,14 +17970,14 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataProducts/{dataProductsId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/changeRequests/{changeRequestsId}:setIamPolicy: parameters: *ref_1 post: description: >- Sets the access control policy on the specified resource. Replaces any existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIED errors. - operationId: dataplex.projects.locations.dataProducts.setIamPolicy + operationId: dataplex.projects.locations.changeRequests.setIamPolicy requestBody: content: application/json: @@ -17781,17 +18007,17 @@ paths: schema: type: string - in: path - name: dataProductsId + name: changeRequestsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataProducts/{dataProductsId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/changeRequests/{changeRequestsId}:getIamPolicy: parameters: *ref_1 get: description: >- Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. - operationId: dataplex.projects.locations.dataProducts.getIamPolicy + operationId: dataplex.projects.locations.changeRequests.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17816,7 +18042,7 @@ paths: schema: type: string - in: path - name: dataProductsId + name: changeRequestsId required: true schema: type: string @@ -17825,7 +18051,7 @@ paths: schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/dataProducts/{dataProductsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/changeRequests/{changeRequestsId}:testIamPermissions: parameters: *ref_1 post: description: >- @@ -17834,7 +18060,7 @@ paths: not a NOT_FOUND error.Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. - operationId: dataplex.projects.locations.dataProducts.testIamPermissions + operationId: dataplex.projects.locations.changeRequests.testIamPermissions requestBody: content: application/json: @@ -17864,18 +18090,18 @@ paths: schema: type: string - in: path - name: dataProductsId + name: changeRequestsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataProducts/{dataProductsId}/dataAssets/{dataAssetsId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/dataProducts/{dataProductsId}:setIamPolicy: parameters: *ref_1 post: description: >- Sets the access control policy on the specified resource. Replaces any existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIED errors. - operationId: dataplex.projects.locations.dataProducts.dataAssets.setIamPolicy + operationId: dataplex.projects.locations.dataProducts.setIamPolicy requestBody: content: application/json: @@ -17909,18 +18135,13 @@ paths: required: true schema: type: string - - in: path - name: dataAssetsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataProducts/{dataProductsId}/dataAssets/{dataAssetsId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/dataProducts/{dataProductsId}:getIamPolicy: parameters: *ref_1 get: description: >- Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. - operationId: dataplex.projects.locations.dataProducts.dataAssets.getIamPolicy + operationId: dataplex.projects.locations.dataProducts.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17949,17 +18170,12 @@ paths: required: true schema: type: string - - in: path - name: dataAssetsId - required: true - schema: - type: string - in: query name: options.requestedPolicyVersion schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/dataProducts/{dataProductsId}/dataAssets/{dataAssetsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/dataProducts/{dataProductsId}:testIamPermissions: parameters: *ref_1 post: description: >- @@ -17968,7 +18184,7 @@ paths: not a NOT_FOUND error.Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. - operationId: dataplex.projects.locations.dataProducts.dataAssets.testIamPermissions + operationId: dataplex.projects.locations.dataProducts.testIamPermissions requestBody: content: application/json: @@ -18002,11 +18218,6 @@ paths: required: true schema: type: string - - in: path - name: dataAssetsId - required: true - schema: - type: string /v1/organizations/{organizationsId}/locations/{locationsId}/operations: parameters: *ref_1 get: @@ -18050,6 +18261,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/dataproc.yaml b/providers/src/googleapis.com/v00.00.00000/services/dataproc.yaml index 289ccb26..6021ae14 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/dataproc.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/dataproc.yaml @@ -7,8 +7,8 @@ info: title: Cloud Dataproc API description: Manages Hadoop-based clusters and jobs on Google Cloud Platform. version: v1 - x-discovery-doc-revision: '20250813' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251104' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/dataproc/ servers: @@ -34,116 +34,117 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object + DriverSchedulingConfig: properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + vcores: + description: Required. The number of vCPUs the driver is requesting. + type: integer + format: int32 + memoryMb: + format: int32 + description: Required. The amount of memory in MB the driver is requesting. + type: integer + description: Driver scheduling configuration. type: object + id: DriverSchedulingConfig + KerberosConfig: + id: KerberosConfig properties: - name: + kmsKeyUri: + description: Optional. The URI of the KMS key used to encrypt sensitive files. + type: string + crossRealmTrustKdc: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the name should be a resource name ending with - operations/{unique_id}. + Optional. The KDC (IP or hostname) for the remote trusted realm in a + cross realm trust relationship. + type: string + kdcDbKeyUri: type: string - metadata: description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + Optional. The Cloud Storage URI of a KMS encrypted file containing + the master key of the KDC database. + keyPasswordUri: description: >- - If the value is false, it means the operation is still in progress. - If true, the operation is completed, and either error or response is - available. - type: boolean - error: + Optional. The Cloud Storage URI of a KMS encrypted file containing + the password to the user provided key. For the self-signed + certificate, this password is generated by Dataproc. + type: string + keystoreUri: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + Optional. The Cloud Storage URI of the keystore file used for SSL + encryption. If not provided, Dataproc will provide a self-signed + certificate. + type: string + keystorePasswordUri: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as Delete, the response is - google.protobuf.Empty. If the original method is standard - Get/Create/Update, the response should be the resource. For other - methods, the response should have the type XxxResponse, where Xxx is - the original method name. For example, if the original method name - is TakeSnapshot(), the inferred response type is - TakeSnapshotResponse. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The Status type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by gRPC (https://github.com/grpc). Each Status message contains - three pieces of data: error code, error message, and error details.You - can find out more about this error model and how to work with it in the - API Design Guide (https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. + Optional. The Cloud Storage URI of a KMS encrypted file containing + the password to the user provided keystore. For the self-signed + certificate, this password is generated by Dataproc. + type: string + realm: + description: >- + Optional. The name of the on-cluster Kerberos realm. If not + specified, the uppercased domain of hostnames will be the realm. + type: string + tgtLifetimeHours: type: integer format: int32 - message: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + Optional. The lifetime of the ticket granting ticket, in hours. If + not specified, or user specifies 0, then default value 10 will be + used. + crossRealmTrustAdminServer: + description: >- + Optional. The admin server (IP or hostname) for the remote trusted + realm in a cross realm trust relationship. type: string - details: + truststoreUri: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + Optional. The Cloud Storage URI of the truststore file used for SSL + encryption. If not provided, Dataproc will provide a self-signed + certificate. + type: string + truststorePasswordUri: + description: >- + Optional. The Cloud Storage URI of a KMS encrypted file containing + the password to the user provided truststore. For the self-signed + certificate, this password is generated by Dataproc. + type: string + crossRealmTrustSharedPasswordUri: + description: >- + Optional. The Cloud Storage URI of a KMS encrypted file containing + the shared password between the on-cluster Kerberos realm and the + remote trusted realm, in a cross realm trust relationship. + type: string + crossRealmTrustRealm: + description: >- + Optional. The remote realm the Dataproc on-cluster KDC will trust, + should the user enable cross realm trust. + type: string + rootPrincipalPasswordUri: + description: >- + Optional. The Cloud Storage URI of a KMS encrypted file containing + the root principal password. + type: string + enableKerberos: + description: >- + Optional. Flag to indicate whether to Kerberize the cluster + (default: false). Set this field to true to enable Kerberos on a + cluster. + type: boolean + description: Specifies Kerberos related configuration. type: object - properties: {} AnalyzeBatchRequest: id: AnalyzeBatchRequest description: A request to analyze a batch workload. type: object properties: + requestorId: + deprecated: true + type: string + description: >- + Optional. The requestor ID is used to identify if the request comes + from a GCA investigation or the old Ask Gemini Experience. requestId: description: >- Optional. A unique ID used to identify the request. If the service @@ -157,3506 +158,3210 @@ components: underscores (_), and hyphens (-). The maximum length is 40 characters. type: string - requestorId: - description: >- - Optional. The requestor ID is used to identify if the request comes - from a GCA investigation or the old Ask Gemini Experience. - type: string - AutoscalingPolicy: - id: AutoscalingPolicy - description: Describes an autoscaling policy for Dataproc cluster autoscaler. - type: object + TaskData: properties: - id: - description: >- - Required. The policy id.The id must contain only letters (a-z, A-Z), - numbers (0-9), underscores (_), and hyphens (-). Cannot begin or end - with underscore or hyphen. Must consist of between 3 and 50 - characters. + speculative: + type: boolean + taskId: type: string - name: - description: >- - Output only. The "resource name" of the autoscaling policy, as - described in https://cloud.google.com/apis/design/resource_names. - For projects.regions.autoscalingPolicies, the resource name of the - policy has the following format: - projects/{project_id}/regions/{region}/autoscalingPolicies/{policy_id} - For projects.locations.autoscalingPolicies, the resource name of the - policy has the following format: - projects/{project_id}/locations/{location}/autoscalingPolicies/{policy_id} - readOnly: true + format: int64 + partitionId: + type: integer + format: int32 + taskMetrics: + $ref: '#/components/schemas/TaskMetrics' + status: type: string - basicAlgorithm: - $ref: '#/components/schemas/BasicAutoscalingAlgorithm' - workerConfig: - description: >- - Required. Describes how the autoscaler will operate for primary - workers. - $ref: '#/components/schemas/InstanceGroupAutoscalingPolicyConfig' - secondaryWorkerConfig: - description: >- - Optional. Describes how the autoscaler will operate for secondary - workers. - $ref: '#/components/schemas/InstanceGroupAutoscalingPolicyConfig' - labels: - description: >- - Optional. The labels to associate with this autoscaling policy. - Label keys must contain 1 to 63 characters, and must conform to RFC - 1035 (https://www.ietf.org/rfc/rfc1035.txt). Label values may be - empty, but, if present, must contain 1 to 63 characters, and must - conform to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). No more - than 32 labels can be associated with an autoscaling policy. - type: object - additionalProperties: - type: string - clusterType: - description: >- - Optional. The type of the clusters for which this autoscaling policy - is to be configured. + hasMetrics: + type: boolean + taskLocality: type: string - enumDescriptions: - - Not set. - - Standard dataproc cluster with a minimum of two primary workers. - - >- - Clusters that can use only secondary workers and be scaled down to - zero secondary worker nodes. - enum: - - CLUSTER_TYPE_UNSPECIFIED - - STANDARD - - ZERO_SCALE - BasicAutoscalingAlgorithm: - id: BasicAutoscalingAlgorithm - description: Basic algorithm for autoscaling. + attempt: + type: integer + format: int32 + launchTime: + type: string + format: google-datetime + index: + format: int32 + type: integer + durationMillis: + type: string + format: int64 + stageAttemptId: + type: integer + format: int32 + executorLogs: + type: object + additionalProperties: + type: string + gettingResultTimeMillis: + format: int64 + type: string + errorMessage: + type: string + accumulatorUpdates: + type: array + items: + $ref: '#/components/schemas/AccumulableInfo' + resultFetchStart: + format: google-datetime + type: string + executorId: + type: string + stageId: + format: int64 + type: string + schedulerDelayMillis: + type: string + format: int64 + host: + type: string + description: Data corresponding to tasks created by spark. + id: TaskData type: object + AccumulableInfo: properties: - yarnConfig: - description: Optional. YARN autoscaling configuration. - $ref: '#/components/schemas/BasicYarnAutoscalingConfig' - sparkStandaloneConfig: - description: Optional. Spark Standalone autoscaling configuration - $ref: '#/components/schemas/SparkStandaloneAutoscalingConfig' - cooldownPeriod: - description: >- - Optional. Duration between scaling events. A scaling period starts - after the update operation from the previous event has - completed.Bounds: 2m, 1d. Default: 2m. + name: type: string - format: google-duration - BasicYarnAutoscalingConfig: - id: BasicYarnAutoscalingConfig - description: Basic autoscaling configurations for YARN. + value: + type: string + update: + type: string + accumullableInfoId: + type: string + format: int64 type: object + id: AccumulableInfo + SearchSessionSparkApplicationExecutorsResponse: + type: object + description: List of Executors associated with a Spark Application. properties: - gracefulDecommissionTimeout: - description: >- - Required. Timeout for YARN graceful decommissioning of Node - Managers. Specifies the duration to wait for jobs to complete before - forcefully removing workers (and potentially interrupting jobs). - Only applicable to downscaling operations.Bounds: 0s, 1d. + nextPageToken: type: string - format: google-duration - scaleUpFactor: - description: >- - Required. Fraction of average YARN pending memory in the last - cooldown period for which to add workers. A scale-up factor of 1.0 - will result in scaling up so that there is no pending memory - remaining after the update (more aggressive scaling). A scale-up - factor closer to 0 will result in a smaller magnitude of scaling up - (less aggressive scaling). See How autoscaling works - (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/autoscaling#how_autoscaling_works) - for more information.Bounds: 0.0, 1.0. - type: number - format: double - scaleDownFactor: description: >- - Required. Fraction of average YARN pending memory in the last - cooldown period for which to remove workers. A scale-down factor of - 1 will result in scaling down so that there is no available memory - remaining after the update (more aggressive scaling). A scale-down - factor of 0 disables removing workers, which can be beneficial for - autoscaling a single job. See How autoscaling works - (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/autoscaling#how_autoscaling_works) - for more information.Bounds: 0.0, 1.0. - type: number - format: double - scaleUpMinWorkerFraction: + This token is included in the response if there are more results to + fetch. To fetch additional results, provide this value as the + page_token in a subsequent + SearchSessionSparkApplicationExecutorsRequest. + sparkApplicationExecutors: + type: array + description: Details about executors used by the application. + items: + $ref: '#/components/schemas/ExecutorSummary' + id: SearchSessionSparkApplicationExecutorsResponse + OutputQuantileMetrics: + type: object + id: OutputQuantileMetrics + properties: + recordsWritten: + $ref: '#/components/schemas/Quantiles' + bytesWritten: + $ref: '#/components/schemas/Quantiles' + KubernetesClusterConfig: + description: The configuration for running the Dataproc cluster on Kubernetes. + properties: + kubernetesSoftwareConfig: description: >- - Optional. Minimum scale-up threshold as a fraction of total cluster - size before scaling occurs. For example, in a 20-worker cluster, a - threshold of 0.1 means the autoscaler must recommend at least a - 2-worker scale-up for the cluster to scale. A threshold of 0 means - the autoscaler will scale up on any recommended change.Bounds: 0.0, - 1.0. Default: 0.0. - type: number - format: double - scaleDownMinWorkerFraction: + Optional. The software configuration for this Dataproc cluster + running on Kubernetes. + $ref: '#/components/schemas/KubernetesSoftwareConfig' + gkeClusterConfig: + $ref: '#/components/schemas/GkeClusterConfig' + description: Required. The configuration for running the Dataproc cluster on GKE. + kubernetesNamespace: + type: string description: >- - Optional. Minimum scale-down threshold as a fraction of total - cluster size before scaling occurs. For example, in a 20-worker - cluster, a threshold of 0.1 means the autoscaler must recommend at - least a 2 worker scale-down for the cluster to scale. A threshold of - 0 means the autoscaler will scale down on any recommended - change.Bounds: 0.0, 1.0. Default: 0.0. - type: number - format: double - SparkStandaloneAutoscalingConfig: - id: SparkStandaloneAutoscalingConfig - description: Basic autoscaling configurations for Spark Standalone. + Optional. A namespace within the Kubernetes cluster to deploy into. + If this namespace does not exist, it is created. If it exists, + Dataproc verifies that another Dataproc VirtualCluster is not + installed into it. If not specified, the name of the Dataproc + Cluster is used. + type: object + id: KubernetesClusterConfig + AccessSparkApplicationJobResponse: + description: Details of a particular job associated with Spark Application type: object + id: AccessSparkApplicationJobResponse properties: - gracefulDecommissionTimeout: - description: >- - Required. Timeout for Spark graceful decommissioning of spark - workers. Specifies the duration to wait for spark worker to complete - spark decommissioning tasks before forcefully removing workers. Only - applicable to downscaling operations.Bounds: 0s, 1d. + jobData: + description: Output only. Data corresponding to a spark job. + $ref: '#/components/schemas/JobData' + readOnly: true + ResourceInformation: + type: object + properties: + addresses: + type: array + items: + type: string + name: + type: string + id: ResourceInformation + SearchSparkApplicationExecutorStageSummaryResponse: + properties: + sparkApplicationStageExecutors: + items: + $ref: '#/components/schemas/ExecutorStageSummary' + type: array + description: Details about executors used by the application stage. + nextPageToken: type: string - format: google-duration - scaleUpFactor: description: >- - Required. Fraction of required workers to add to Spark Standalone - clusters. A scale-up factor of 1.0 will result in scaling up so that - there are no more required workers for the Spark Job (more - aggressive scaling). A scale-up factor closer to 0 will result in a - smaller magnitude of scaling up (less aggressive scaling).Bounds: - 0.0, 1.0. - type: number - format: double - scaleDownFactor: + This token is included in the response if there are more results to + fetch. To fetch additional results, provide this value as the + page_token in a subsequent + SearchSparkApplicationExecutorsListRequest. + type: object + id: SearchSparkApplicationExecutorStageSummaryResponse + description: List of Executors associated with a Spark Application Stage. + RuntimeInfo: + description: Runtime information about workload execution. + type: object + id: RuntimeInfo + properties: + currentUsage: + readOnly: true + description: Output only. Snapshot of current workload resource usage. + $ref: '#/components/schemas/UsageSnapshot' + endpoints: + additionalProperties: + type: string + type: object + readOnly: true description: >- - Required. Fraction of required executors to remove from Spark - Serverless clusters. A scale-down factor of 1.0 will result in - scaling down so that there are no more executors for the Spark - Job.(more aggressive scaling). A scale-down factor closer to 0 will - result in a smaller magnitude of scaling donw (less aggressive - scaling).Bounds: 0.0, 1.0. - type: number - format: double - scaleUpMinWorkerFraction: + Output only. Map of remote access endpoints (such as web interfaces + and APIs) to their URIs. + diagnosticOutputUri: + type: string description: >- - Optional. Minimum scale-up threshold as a fraction of total cluster - size before scaling occurs. For example, in a 20-worker cluster, a - threshold of 0.1 means the autoscaler must recommend at least a - 2-worker scale-up for the cluster to scale. A threshold of 0 means - the autoscaler will scale up on any recommended change.Bounds: 0.0, - 1.0. Default: 0.0. - type: number - format: double - scaleDownMinWorkerFraction: + Output only. A URI pointing to the location of the diagnostics + tarball. + readOnly: true + approximateUsage: + readOnly: true description: >- - Optional. Minimum scale-down threshold as a fraction of total - cluster size before scaling occurs. For example, in a 20-worker - cluster, a threshold of 0.1 means the autoscaler must recommend at - least a 2 worker scale-down for the cluster to scale. A threshold of - 0 means the autoscaler will scale down on any recommended - change.Bounds: 0.0, 1.0. Default: 0.0. - type: number - format: double - removeOnlyIdleWorkers: - description: Optional. Remove only idle workers when scaling down cluster + Output only. Approximate workload resource usage, calculated when + the workload completes (see Dataproc Serverless pricing + (https://cloud.google.com/dataproc-serverless/pricing)).Note: This + metric calculation may change in the future, for example, to capture + cumulative workload resource consumption during workload execution + (see the Dataproc Serverless release notes + (https://cloud.google.com/dataproc-serverless/docs/release-notes) + for announcements, changes, fixes and other Dataproc developments). + $ref: '#/components/schemas/UsageMetrics' + propertiesInfo: + $ref: '#/components/schemas/PropertiesInfo' + description: Optional. Properties of the workload organized by origin. + outputUri: + readOnly: true + description: >- + Output only. A URI pointing to the location of the stdout and stderr + of the workload. + type: string + ShieldedInstanceConfig: + type: object + properties: + enableVtpm: + description: Optional. Defines whether instances have the vTPM enabled. type: boolean - InstanceGroupAutoscalingPolicyConfig: - id: InstanceGroupAutoscalingPolicyConfig + enableSecureBoot: + type: boolean + description: Optional. Defines whether instances have Secure Boot enabled. + enableIntegrityMonitoring: + description: >- + Optional. Defines whether instances have integrity monitoring + enabled. + type: boolean + id: ShieldedInstanceConfig description: >- - Configuration for the size bounds of an instance group, including its - proportional size to other groups. + Shielded Instance Config for clusters using Compute Engine Shielded VMs + (https://cloud.google.com/security/shielded-cloud/shielded-vm). + InstanceSelection: + id: InstanceSelection type: object properties: - minInstances: - description: >- - Optional. Minimum number of instances for this group.Primary workers - - Bounds: 2, max_instances. Default: 2. Secondary workers - Bounds: - 0, max_instances. Default: 0. - type: integer + rank: format: int32 - maxInstances: - description: >- - Required. Maximum number of instances for this group. Required for - primary workers. Note that by default, clusters will not use - secondary workers. Required for secondary workers if the minimum - secondary instances is set.Primary workers - Bounds: [min_instances, - ). Secondary workers - Bounds: [min_instances, ). Default: 0. type: integer - format: int32 - weight: description: >- - Optional. Weight for the instance group, which is used to determine - the fraction of total workers in the cluster from this instance - group. For example, if primary workers have weight 2, and secondary - workers have weight 1, the cluster will have approximately 2 primary - workers for each secondary worker.The cluster may not reach the - specified balance if constrained by min/max bounds or other - autoscaling settings. For example, if max_instances for secondary - workers is 0, then only primary workers will be added. The cluster - can also be out of balance when created.If weight is not set on any - instance group, the cluster will default to equal weight for all - groups: the cluster will attempt to maintain an equal number of - workers in each group within the configured size bounds for each - group. If weight is set for one group only, the cluster will default - to zero weight on the unset group. For example if weight is set only - on primary workers, the cluster will use primary workers only and no - secondary workers. - type: integer - format: int32 - ListAutoscalingPoliciesResponse: - id: ListAutoscalingPoliciesResponse - description: A response to a request to list autoscaling policies in a project. + Optional. Preference of this instance selection. Lower number means + higher preference. Dataproc will first try to create a VM based on + the machine-type with priority rank and fallback to next rank based + on availability. Machine types and instance selections with the same + priority have the same preference. + machineTypes: + type: array + items: + type: string + description: Optional. Full machine-type names, e.g. "n1-standard-16". + description: Defines machines types and a rank to which the machines types belong. + EnvironmentConfig: type: object + id: EnvironmentConfig properties: - policies: - description: Output only. Autoscaling policies list. - readOnly: true - type: array + executionConfig: + $ref: '#/components/schemas/ExecutionConfig' + description: Optional. Execution configuration for a workload. + peripheralsConfig: + $ref: '#/components/schemas/PeripheralsConfig' + description: Optional. Peripherals configuration that workload has access to. + description: Environment configuration for a workload. + TestIamPermissionsRequest: + properties: + permissions: items: - $ref: '#/components/schemas/AutoscalingPolicy' - nextPageToken: + type: string description: >- - Output only. This token is included in the response if there are - more results to fetch. - readOnly: true - type: string - Batch: - id: Batch - description: A representation of a batch workload in the service. + The set of permissions to check for the resource. Permissions with + wildcards (such as * or storage.*) are not allowed. For more + information see IAM Overview + (https://cloud.google.com/iam/docs/overview#permissions). + type: array + description: Request message for TestIamPermissions method. + id: TestIamPermissionsRequest type: object + StartupConfig: properties: - name: - description: Output only. The resource name of the batch. - readOnly: true - type: string - uuid: + requiredRegistrationFraction: + format: double description: >- - Output only. A batch UUID (Unique Universal Identifier). The service - generates this value when it creates the batch. - readOnly: true - type: string - createTime: - description: Output only. The time when the batch was created. - readOnly: true + Optional. The config setting to enable cluster creation/ updation to + be successful only after required_registration_fraction of instances + are up and running. This configuration is applicable to only + secondary workers for now. The cluster will fail if + required_registration_fraction of instances are not available. This + will include instance creation, agent registration, and service + registration (if enabled). + type: number + id: StartupConfig + type: object + description: >- + Configuration to handle the startup of instances during cluster create + and update process. + SearchSparkApplicationStageAttemptTasksResponse: + id: SearchSparkApplicationStageAttemptTasksResponse + properties: + nextPageToken: + description: >- + This token is included in the response if there are more results to + fetch. To fetch additional results, provide this value as the + page_token in a subsequent + ListSparkApplicationStageAttemptTasksRequest. type: string - format: google-datetime - pysparkBatch: - description: Optional. PySpark batch config. - $ref: '#/components/schemas/PySparkBatch' - sparkBatch: - description: Optional. Spark batch config. - $ref: '#/components/schemas/SparkBatch' - sparkRBatch: - description: Optional. SparkR batch config. - $ref: '#/components/schemas/SparkRBatch' - sparkSqlBatch: - description: Optional. SparkSql batch config. - $ref: '#/components/schemas/SparkSqlBatch' - runtimeInfo: - description: Output only. Runtime information about batch execution. + sparkApplicationStageAttemptTasks: readOnly: true - $ref: '#/components/schemas/RuntimeInfo' - state: - description: Output only. The state of the batch. + type: array + description: Output only. Data corresponding to tasks created by spark. + items: + $ref: '#/components/schemas/TaskData' + type: object + description: List of tasks for a stage of a Spark Application + SearchSparkApplicationStageAttemptsResponse: + id: SearchSparkApplicationStageAttemptsResponse + description: A list of Stage Attempts for a Stage of a Spark Application. + properties: + sparkApplicationStageAttempts: + items: + $ref: '#/components/schemas/StageData' + description: Output only. Data corresponding to a stage attempts readOnly: true - type: string - enumDescriptions: - - The batch state is unknown. - - The batch is created before running. - - The batch is running. - - The batch is cancelling. - - The batch cancellation was successful. - - The batch completed successfully. - - The batch is no longer running due to an error. - enum: - - STATE_UNSPECIFIED - - PENDING - - RUNNING - - CANCELLING - - CANCELLED - - SUCCEEDED - - FAILED - stateMessage: + type: array + nextPageToken: description: >- - Output only. Batch state details, such as a failure description if - the state is FAILED. - readOnly: true + This token is included in the response if there are more results to + fetch. To fetch additional results, provide this value as the + page_token in a subsequent ListSparkApplicationStageAttemptsRequest. type: string - stateTime: - description: Output only. The time when the batch entered a current state. - readOnly: true + type: object + WriteSparkApplicationContextRequest: + properties: + parent: type: string - format: google-datetime - creator: - description: Output only. The email address of the user who created the batch. + description: Required. Parent (Batch) resource reference. + sparkWrapperObjects: + type: array + items: + $ref: '#/components/schemas/SparkWrapperObject' + id: WriteSparkApplicationContextRequest + description: Write Spark Application data to internal storage systems + type: object + SearchSessionSparkApplicationSqlQueriesResponse: + type: object + description: List of all queries for a Spark Application. + properties: + sparkApplicationSqlQueries: + type: array readOnly: true + items: + $ref: '#/components/schemas/SqlExecutionUiData' + description: Output only. SQL Execution Data + nextPageToken: type: string - labels: description: >- - Optional. The labels to associate with this batch. Label keys must - contain 1 to 63 characters, and must conform to RFC 1035 - (https://www.ietf.org/rfc/rfc1035.txt). Label values may be empty, - but, if present, must contain 1 to 63 characters, and must conform - to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). No more than 32 - labels can be associated with a batch. - type: object - additionalProperties: - type: string - runtimeConfig: - description: Optional. Runtime configuration for the batch execution. - $ref: '#/components/schemas/RuntimeConfig' - environmentConfig: - description: Optional. Environment configuration for the batch execution. - $ref: '#/components/schemas/EnvironmentConfig' - operation: + This token is included in the response if there are more results to + fetch. To fetch additional results, provide this value as the + page_token in a subsequent + SearchSessionSparkApplicationSqlQueriesRequest. + id: SearchSessionSparkApplicationSqlQueriesResponse + WriteSessionSparkApplicationContextRequest: + properties: + sparkWrapperObjects: description: >- - Output only. The resource name of the operation associated with this - batch. - readOnly: true - type: string - stateHistory: - description: Output only. Historical state information for the batch. - readOnly: true - type: array + Required. The batch of spark application context objects sent for + ingestion. items: - $ref: '#/components/schemas/StateHistory' - PySparkBatch: - id: PySparkBatch - description: >- - A configuration for running an Apache PySpark - (https://spark.apache.org/docs/latest/api/python/getting_started/quickstart.html) - batch workload. + $ref: '#/components/schemas/SparkWrapperObject' + type: array + parent: + type: string + description: Required. Parent (Batch) resource reference. + description: Write Spark Application data to internal storage systems + id: WriteSessionSparkApplicationContextRequest type: object + StreamingQueryData: properties: - mainPythonFileUri: - description: >- - Required. The HCFS URI of the main Python file to use as the Spark - driver. Must be a .py file. + name: type: string - args: - description: >- - Optional. The arguments to pass to the driver. Do not include - arguments that can be set as batch properties, such as --conf, since - a collision can occur that causes an incorrect batch submission. - type: array - items: - type: string - pythonFileUris: - description: >- - Optional. HCFS file URIs of Python files to pass to the PySpark - framework. Supported file types: .py, .egg, and .zip. - type: array - items: - type: string - jarFileUris: - description: >- - Optional. HCFS URIs of jar files to add to the classpath of the - Spark driver and tasks. - type: array - items: - type: string - fileUris: - description: >- - Optional. HCFS URIs of files to be placed in the working directory - of each executor. - type: array - items: - type: string - archiveUris: - description: >- - Optional. HCFS URIs of archives to be extracted into the working - directory of each executor. Supported file types: .jar, .tar, - .tar.gz, .tgz, and .zip. - type: array - items: - type: string - SparkBatch: - id: SparkBatch - description: >- - A configuration for running an Apache Spark (https://spark.apache.org/) - batch workload. + streamingQueryId: + type: string + runId: + type: string + startTimestamp: + format: int64 + type: string + endTimestamp: + type: string + format: int64 + isActive: + type: boolean + exception: + type: string + id: StreamingQueryData + type: object + description: Streaming + SparkPlanGraphCluster: type: object + description: Represents a tree of spark plan. properties: - mainJarFileUri: - description: Optional. The HCFS URI of the jar file that contains the main class. + sparkPlanGraphClusterId: type: string - mainClass: - description: >- - Optional. The name of the driver main class. The jar file that - contains the class must be in the classpath or specified in - jar_file_uris. + format: int64 + desc: type: string - args: - description: >- - Optional. The arguments to pass to the driver. Do not include - arguments that can be set as batch properties, such as --conf, since - a collision can occur that causes an incorrect batch submission. - type: array - items: - type: string - jarFileUris: - description: >- - Optional. HCFS URIs of jar files to add to the classpath of the - Spark driver and tasks. - type: array - items: - type: string - fileUris: - description: >- - Optional. HCFS URIs of files to be placed in the working directory - of each executor. + name: + type: string + nodes: type: array items: - type: string - archiveUris: - description: >- - Optional. HCFS URIs of archives to be extracted into the working - directory of each executor. Supported file types: .jar, .tar, - .tar.gz, .tgz, and .zip. + $ref: '#/components/schemas/SparkPlanGraphNodeWrapper' + metrics: type: array items: - type: string - SparkRBatch: - id: SparkRBatch - description: >- - A configuration for running an Apache SparkR - (https://spark.apache.org/docs/latest/sparkr.html) batch workload. - type: object + $ref: '#/components/schemas/SqlPlanMetric' + id: SparkPlanGraphCluster + Expr: properties: - mainRFileUri: + title: description: >- - Required. The HCFS URI of the main R file to use as the driver. Must - be a .R or .r file. + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + type: string + location: type: string - args: description: >- - Optional. The arguments to pass to the Spark driver. Do not include - arguments that can be set as batch properties, such as --conf, since - a collision can occur that causes an incorrect batch submission. - type: array - items: - type: string - fileUris: + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + expression: + type: string description: >- - Optional. HCFS URIs of files to be placed in the working directory - of each executor. - type: array - items: - type: string - archiveUris: + Textual representation of an expression in Common Expression + Language syntax. + description: + type: string description: >- - Optional. HCFS URIs of archives to be extracted into the working - directory of each executor. Supported file types: .jar, .tar, - .tar.gz, .tgz, and .zip. - type: array - items: - type: string - SparkSqlBatch: - id: SparkSqlBatch + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + id: Expr + type: object description: >- - A configuration for running Apache Spark SQL - (https://spark.apache.org/sql/) queries as a batch workload. + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec.Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + MetastoreConfig: + id: MetastoreConfig type: object + description: Specifies a Metastore configuration. properties: - queryFileUri: - description: >- - Required. The HCFS URI of the script that contains Spark SQL queries - to execute. + dataprocMetastoreService: type: string - queryVariables: description: >- - Optional. Mapping of query variable names to values (equivalent to - the Spark SQL command: SET name="value";). - type: object - additionalProperties: - type: string - jarFileUris: - description: Optional. HCFS URIs of jar files to be added to the Spark CLASSPATH. - type: array - items: - type: string - RuntimeInfo: - id: RuntimeInfo - description: Runtime information about workload execution. + Required. Resource name of an existing Dataproc Metastore + service.Example: + projects/[project_id]/locations/[dataproc_region]/services/[service-name] + SparkWrapperObject: type: object + id: SparkWrapperObject + description: >- + Outer message that contains the data obtained from spark listener, + packaged with information that is required to process it. properties: - endpoints: - description: >- - Output only. Map of remote access endpoints (such as web interfaces - and APIs) to their URIs. - readOnly: true - type: object - additionalProperties: - type: string - outputUri: - description: >- - Output only. A URI pointing to the location of the stdout and stderr - of the workload. - readOnly: true + eventTimestamp: type: string - diagnosticOutputUri: - description: >- - Output only. A URI pointing to the location of the diagnostics - tarball. - readOnly: true + description: VM Timestamp associated with the data object. + format: google-datetime + applicationId: + description: Application Id created by Spark. type: string - approximateUsage: - description: >- - Output only. Approximate workload resource usage, calculated when - the workload completes (see Dataproc Serverless pricing - (https://cloud.google.com/dataproc-serverless/pricing)).Note: This - metric calculation may change in the future, for example, to capture - cumulative workload resource consumption during workload execution - (see the Dataproc Serverless release notes - (https://cloud.google.com/dataproc-serverless/docs/release-notes) - for announcements, changes, fixes and other Dataproc developments). - readOnly: true - $ref: '#/components/schemas/UsageMetrics' - currentUsage: - description: Output only. Snapshot of current workload resource usage. - readOnly: true - $ref: '#/components/schemas/UsageSnapshot' - propertiesInfo: - description: Optional. Properties of the workload organized by origin. - $ref: '#/components/schemas/PropertiesInfo' - UsageMetrics: - id: UsageMetrics - description: >- - Usage metrics represent approximate total resources consumed by a - workload. + taskData: + $ref: '#/components/schemas/TaskData' + appSummary: + $ref: '#/components/schemas/AppSummary' + executorSummary: + $ref: '#/components/schemas/ExecutorSummary' + processSummary: + $ref: '#/components/schemas/ProcessSummary' + nativeSqlExecutionUiData: + description: Native SQL Execution Info + $ref: '#/components/schemas/NativeSqlExecutionUiData' + applicationEnvironmentInfo: + $ref: '#/components/schemas/ApplicationEnvironmentInfo' + streamingQueryProgress: + $ref: '#/components/schemas/StreamingQueryProgress' + resourceProfileInfo: + $ref: '#/components/schemas/ResourceProfileInfo' + speculationStageSummary: + $ref: '#/components/schemas/SpeculationStageSummary' + executorStageSummary: + $ref: '#/components/schemas/ExecutorStageSummary' + stageData: + $ref: '#/components/schemas/StageData' + applicationInfo: + $ref: '#/components/schemas/ApplicationInfo' + jobData: + $ref: '#/components/schemas/JobData' + streamBlockData: + $ref: '#/components/schemas/StreamBlockData' + sqlExecutionUiData: + $ref: '#/components/schemas/SqlExecutionUiData' + poolData: + $ref: '#/components/schemas/PoolData' + nativeBuildInfoUiData: + $ref: '#/components/schemas/NativeBuildInfoUiData' + description: Native Build Info + rddStorageInfo: + $ref: '#/components/schemas/RddStorageInfo' + rddOperationGraph: + $ref: '#/components/schemas/RddOperationGraph' + streamingQueryData: + $ref: '#/components/schemas/StreamingQueryData' + sparkPlanGraph: + $ref: '#/components/schemas/SparkPlanGraph' + TaskMetrics: type: object + description: Executor Task Metrics properties: - milliDcuSeconds: - description: >- - Optional. DCU (Dataproc Compute Units) usage in (milliDCU x seconds) - (see Dataproc Serverless pricing - (https://cloud.google.com/dataproc-serverless/pricing)). - type: string + diskBytesSpilled: format: int64 - shuffleStorageGbSeconds: - description: >- - Optional. Shuffle storage usage in (GB x seconds) (see Dataproc - Serverless pricing - (https://cloud.google.com/dataproc-serverless/pricing)). type: string - format: int64 - milliAcceleratorSeconds: - description: >- - Optional. Accelerator usage in (milliAccelerator x seconds) (see - Dataproc Serverless pricing - (https://cloud.google.com/dataproc-serverless/pricing)). + peakExecutionMemoryBytes: type: string format: int64 - acceleratorType: - description: Optional. Accelerator type being used, if any - type: string - milliSlotSeconds: - description: Optional. Slot usage in (milliSlot x seconds). + memoryBytesSpilled: type: string format: int64 - updateTime: - description: Optional. The timestamp of the usage metrics. - type: string - format: google-datetime - UsageSnapshot: - id: UsageSnapshot - description: >- - The usage snapshot represents the resources consumed by a workload at a - specified time. - type: object - properties: - milliDcu: - description: >- - Optional. Milli (one-thousandth) Dataproc Compute Units (DCUs) (see - Dataproc Serverless pricing - (https://cloud.google.com/dataproc-serverless/pricing)). + inputMetrics: + $ref: '#/components/schemas/InputMetrics' + resultSize: type: string format: int64 - shuffleStorageGb: - description: >- - Optional. Shuffle Storage in gigabytes (GB). (see Dataproc - Serverless pricing - (https://cloud.google.com/dataproc-serverless/pricing)) + shuffleReadMetrics: + $ref: '#/components/schemas/ShuffleReadMetrics' + resultSerializationTimeMillis: type: string format: int64 - milliDcuPremium: - description: >- - Optional. Milli (one-thousandth) Dataproc Compute Units (DCUs) - charged at premium tier (see Dataproc Serverless pricing - (https://cloud.google.com/dataproc-serverless/pricing)). + outputMetrics: + $ref: '#/components/schemas/OutputMetrics' + shuffleWriteMetrics: + $ref: '#/components/schemas/ShuffleWriteMetrics' + executorDeserializeCpuTimeNanos: type: string format: int64 - shuffleStorageGbPremium: - description: >- - Optional. Shuffle Storage in gigabytes (GB) charged at premium tier. - (see Dataproc Serverless pricing - (https://cloud.google.com/dataproc-serverless/pricing)) - type: string + jvmGcTimeMillis: format: int64 - milliAccelerator: - description: >- - Optional. Milli (one-thousandth) accelerator. (see Dataproc - Serverless pricing - (https://cloud.google.com/dataproc-serverless/pricing)) type: string + executorRunTimeMillis: format: int64 - acceleratorType: - description: Optional. Accelerator type being used, if any type: string - snapshotTime: - description: Optional. The timestamp of the usage snapshot. + executorCpuTimeNanos: type: string - format: google-datetime - milliSlot: - description: Optional. Milli (one-thousandth) Slot usage of the workload. + format: int64 + executorDeserializeTimeMillis: type: string format: int64 - PropertiesInfo: - id: PropertiesInfo - description: Properties of the workload organized by origin. - type: object + id: TaskMetrics + ApplicationEnvironmentInfo: properties: - autotuningProperties: - description: Output only. Properties set by autotuning engine. - readOnly: true + metricsProperties: type: object additionalProperties: - $ref: '#/components/schemas/ValueInfo' - ValueInfo: - id: ValueInfo - description: Annotatated property value. + type: string + systemProperties: + type: object + additionalProperties: + type: string + sparkProperties: + additionalProperties: + type: string + type: object + classpathEntries: + additionalProperties: + type: string + type: object + runtime: + $ref: '#/components/schemas/SparkRuntimeInfo' + resourceProfiles: + type: array + items: + $ref: '#/components/schemas/ResourceProfileInfo' + hadoopProperties: + type: object + additionalProperties: + type: string type: object + id: ApplicationEnvironmentInfo + description: Details about the Environment that the application is running in. + AppSummary: + id: AppSummary properties: - value: - description: Property value. - type: string - annotation: - description: Annotation, comment or explanation why the property was set. - type: string - overriddenValue: - description: Optional. Value which was replaced by the corresponding component. - type: string - RuntimeConfig: - id: RuntimeConfig - description: Runtime configuration for a workload. + numCompletedStages: + format: int32 + type: integer + numCompletedJobs: + format: int32 + type: integer type: object + ClusterStatus: + id: ClusterStatus properties: - version: - description: Optional. Version of the batch runtime. + stateStartTime: + format: google-datetime type: string - containerImage: description: >- - Optional. Optional custom container image for the job runtime - environment. If not specified, a default container image will be - used. + Output only. Time when this state was entered (see JSON + representation of Timestamp + (https://developers.google.com/protocol-buffers/docs/proto3#json)). + readOnly: true + substate: + readOnly: true + enumDescriptions: + - The cluster substate is unknown. + - >- + The cluster is known to be in an unhealthy state (for example, + critical daemons are not running or HDFS capacity is + exhausted).Applies to RUNNING state. + - >- + The agent-reported status is out of date (may occur if Dataproc + loses communication with Agent).Applies to RUNNING state. type: string - properties: - description: >- - Optional. A mapping of property names to values, which are used to - configure workload execution. - type: object - additionalProperties: - type: string - repositoryConfig: - description: Optional. Dependency repository configuration. - $ref: '#/components/schemas/RepositoryConfig' - autotuningConfig: - description: Optional. Autotuning configuration of the workload. - $ref: '#/components/schemas/AutotuningConfig' - cohort: + enum: + - UNSPECIFIED + - UNHEALTHY + - STALE_STATUS description: >- - Optional. Cohort identifier. Identifies families of the workloads - having the same shape, e.g. daily ETL jobs. + Output only. Additional state information that includes status + reported by the agent. + state: + description: Output only. The cluster's state. + readOnly: true + enum: + - UNKNOWN + - CREATING + - RUNNING + - ERROR + - ERROR_DUE_TO_UPDATE + - DELETING + - UPDATING + - STOPPING + - STOPPED + - STARTING + - REPAIRING + - SCHEDULED + enumDescriptions: + - The cluster state is unknown. + - The cluster is being created and set up. It is not ready for use. + - >- + The cluster is currently running and healthy. It is ready for + use.Note: The cluster state changes from "creating" to "running" + status after the master node(s), first two primary worker nodes + (and the last primary worker node if primary workers > 2) are + running. + - The cluster encountered an error. It is not ready for use. + - >- + The cluster has encountered an error while being updated. Jobs can + be submitted to the cluster, but the cluster cannot be updated. + - The cluster is being deleted. It cannot be used. + - >- + The cluster is being updated. It continues to accept and process + jobs. + - The cluster is being stopped. It cannot be used. + - The cluster is currently stopped. It is not ready for use. + - The cluster is being started. It is not ready for use. + - The cluster is being repaired. It is not ready for use. + - >- + Cluster creation is currently waiting for resources to be + available. Once all resources are available, it will transition to + CREATING and then RUNNING. type: string - RepositoryConfig: - id: RepositoryConfig - description: Configuration for dependency repositories - type: object - properties: - pypiRepositoryConfig: - description: Optional. Configuration for PyPi repository. - $ref: '#/components/schemas/PyPiRepositoryConfig' - PyPiRepositoryConfig: - id: PyPiRepositoryConfig - description: Configuration for PyPi repository - type: object - properties: - pypiRepository: - description: Optional. PyPi repository address + detail: type: string - AutotuningConfig: - id: AutotuningConfig - description: Autotuning configuration of the workload. + readOnly: true + description: Optional. Output only. Details of cluster's state. + description: The status of a cluster and its instances. type: object + BatchOperationMetadata: properties: - scenarios: - description: Optional. Scenarios for which tunings are applied. - type: array + description: + type: string + description: Short description of the operation. + batch: + description: Name of the batch for the operation. + type: string + batchUuid: + type: string + description: Batch UUID for the operation. + doneTime: + format: google-datetime + type: string + description: The time when the operation finished. + labels: + additionalProperties: + type: string + description: Labels associated with the operation. + type: object + createTime: + description: The time when the operation was created. + format: google-datetime + type: string + warnings: + description: Warnings encountered during operation execution. items: type: string - enumDescriptions: - - Default value. - - Scaling recommendations such as initialExecutors. - - Adding hints for potential relation broadcasts. - - Memory management for workloads. - - No autotuning. - - Automatic selection of scenarios. - enum: - - SCENARIO_UNSPECIFIED - - SCALING - - BROADCAST_HASH_JOIN - - MEMORY - - NONE - - AUTO - EnvironmentConfig: - id: EnvironmentConfig - description: Environment configuration for a workload. + type: array + operationType: + description: The operation type. + enum: + - BATCH_OPERATION_TYPE_UNSPECIFIED + - BATCH + enumDescriptions: + - Batch operation type is unknown. + - Batch operation type. + type: string type: object + description: Metadata describing the Batch operation. + id: BatchOperationMetadata + InputMetrics: properties: - executionConfig: - description: Optional. Execution configuration for a workload. - $ref: '#/components/schemas/ExecutionConfig' - peripheralsConfig: - description: Optional. Peripherals configuration that workload has access to. - $ref: '#/components/schemas/PeripheralsConfig' - ExecutionConfig: - id: ExecutionConfig - description: Execution configuration for a workload. + bytesRead: + type: string + format: int64 + recordsRead: + format: int64 + type: string + description: Metrics about the input data read by the task. + type: object + id: InputMetrics + EncryptionConfig: + description: Encryption settings for the cluster. type: object + id: EncryptionConfig properties: - serviceAccount: - description: Optional. Service account that used to execute workload. + gcePdKmsKeyName: type: string - networkUri: - description: Optional. Network URI to connect workload to. + description: >- + Optional. The Cloud KMS key resource name to use for persistent disk + encryption for all instances in the cluster. See Use CMEK with + cluster data + (https://cloud.google.com//dataproc/docs/concepts/configuring-clusters/customer-managed-encryption#use_cmek_with_cluster_data) + for more information. + kmsKey: + description: >- + Optional. The Cloud KMS key resource name to use for cluster + persistent disk and job argument encryption. See Use CMEK with + cluster data + (https://cloud.google.com//dataproc/docs/concepts/configuring-clusters/customer-managed-encryption#use_cmek_with_cluster_data) + for more information.When this key resource name is provided, the + following job arguments of the following job types submitted to the + cluster are encrypted using CMEK: FlinkJob args + (https://cloud.google.com/dataproc/docs/reference/rest/v1/FlinkJob) + HadoopJob args + (https://cloud.google.com/dataproc/docs/reference/rest/v1/HadoopJob) + SparkJob args + (https://cloud.google.com/dataproc/docs/reference/rest/v1/SparkJob) + SparkRJob args + (https://cloud.google.com/dataproc/docs/reference/rest/v1/SparkRJob) + PySparkJob args + (https://cloud.google.com/dataproc/docs/reference/rest/v1/PySparkJob) + SparkSqlJob + (https://cloud.google.com/dataproc/docs/reference/rest/v1/SparkSqlJob) + scriptVariables and queryList.queries HiveJob + (https://cloud.google.com/dataproc/docs/reference/rest/v1/HiveJob) + scriptVariables and queryList.queries PigJob + (https://cloud.google.com/dataproc/docs/reference/rest/v1/PigJob) + scriptVariables and queryList.queries PrestoJob + (https://cloud.google.com/dataproc/docs/reference/rest/v1/PrestoJob) + scriptVariables and queryList.queries type: string - subnetworkUri: - description: Optional. Subnetwork URI to connect workload to. + StageMetrics: + id: StageMetrics + properties: + resultSerializationTimeMillis: type: string - networkTags: - description: Optional. Tags used for network traffic control. - type: array - items: - type: string - kmsKey: - description: Optional. The Cloud KMS key to use for encryption. + format: int64 + peakExecutionMemoryBytes: + format: int64 type: string - idleTtl: - description: >- - Optional. Applies to sessions only. The duration to keep the session - alive while it's idling. Exceeding this threshold causes the session - to terminate. This field cannot be set on a batch workload. Minimum - value is 10 minutes; maximum value is 14 days (see JSON - representation of Duration - (https://developers.google.com/protocol-buffers/docs/proto3#json)). - Defaults to 1 hour if not set. If both ttl and idle_ttl are - specified for an interactive session, the conditions are treated as - OR conditions: the workload will be terminated when it has been idle - for idle_ttl or when ttl has been exceeded, whichever occurs first. + executorRunTimeMillis: + format: int64 type: string - format: google-duration - ttl: - description: >- - Optional. The duration after which the workload will be terminated, - specified as the JSON representation for Duration - (https://protobuf.dev/programming-guides/proto3/#json). When the - workload exceeds this duration, it will be unconditionally - terminated without waiting for ongoing work to finish. If ttl is not - specified for a batch workload, the workload will be allowed to run - until it exits naturally (or run forever without exiting). If ttl is - not specified for an interactive session, it defaults to 24 hours. - If ttl is not specified for a batch that uses 2.1+ runtime version, - it defaults to 4 hours. Minimum value is 10 minutes; maximum value - is 14 days. If both ttl and idle_ttl are specified (for an - interactive session), the conditions are treated as OR conditions: - the workload will be terminated when it has been idle for idle_ttl - or when ttl has been exceeded, whichever occurs first. + executorDeserializeTimeMillis: type: string - format: google-duration - stagingBucket: - description: >- - Optional. A Cloud Storage bucket used to stage workload - dependencies, config files, and store workload output and other - ephemeral data, such as Spark history files. If you do not specify a - staging bucket, Cloud Dataproc will determine a Cloud Storage - location according to the region where your workload is running, and - then create and manage project-level, per-location staging and - temporary buckets. This field requires a Cloud Storage bucket name, - not a gs://... URI to a Cloud Storage bucket. - type: string - authenticationConfig: - description: >- - Optional. Authentication configuration used to set the default - identity for the workload execution. The config specifies the type - of identity (service account or user) that will be used by workloads - to access resources on the project(s). - $ref: '#/components/schemas/AuthenticationConfig' - AuthenticationConfig: - id: AuthenticationConfig - description: >- - Authentication configuration for a workload is used to set the default - identity for the workload execution. The config specifies the type of - identity (service account or user) that will be used by workloads to - access resources on the project(s). - type: object - properties: - userWorkloadAuthenticationType: - description: >- - Optional. Authentication type for the user workload running in - containers. + format: int64 + memoryBytesSpilled: + format: int64 type: string - enumDescriptions: - - >- - If AuthenticationType is unspecified then END_USER_CREDENTIALS is - used for 3.0 and newer runtimes, and SERVICE_ACCOUNT is used for - older runtimes. - - >- - Use service account credentials for authenticating to other - services. - - >- - Use OAuth credentials associated with the workload creator/user - for authenticating to other services. - enum: - - AUTHENTICATION_TYPE_UNSPECIFIED - - SERVICE_ACCOUNT - - END_USER_CREDENTIALS - PeripheralsConfig: - id: PeripheralsConfig - description: Auxiliary services configuration for a workload. - type: object - properties: - metastoreService: - description: >- - Optional. Resource name of an existing Dataproc Metastore - service.Example: - projects/[project_id]/locations/[region]/services/[service_id] + diskBytesSpilled: + format: int64 type: string - sparkHistoryServerConfig: - description: Optional. The Spark History Server configuration for the workload. - $ref: '#/components/schemas/SparkHistoryServerConfig' - SparkHistoryServerConfig: - id: SparkHistoryServerConfig - description: Spark History Server configuration for the workload. - type: object - properties: - dataprocCluster: - description: >- - Optional. Resource name of an existing Dataproc Cluster to act as a - Spark History Server for the workload.Example: - projects/[project_id]/regions/[region]/clusters/[cluster_name] + resultSize: + format: int64 type: string - StateHistory: - id: StateHistory - description: Historical state information. - type: object - properties: - state: - description: Output only. The state of the batch at this point in history. - readOnly: true + executorCpuTimeNanos: type: string - enumDescriptions: - - The batch state is unknown. - - The batch is created before running. - - The batch is running. - - The batch is cancelling. - - The batch cancellation was successful. - - The batch completed successfully. - - The batch is no longer running due to an error. - enum: - - STATE_UNSPECIFIED - - PENDING - - RUNNING - - CANCELLING - - CANCELLED - - SUCCEEDED - - FAILED - stateMessage: - description: Output only. Details about the state at this point in history. - readOnly: true + format: int64 + executorDeserializeCpuTimeNanos: type: string - stateStartTime: - description: Output only. The time when the batch entered the historical state. - readOnly: true + format: int64 + stageOutputMetrics: + $ref: '#/components/schemas/StageOutputMetrics' + jvmGcTimeMillis: type: string - format: google-datetime - ListBatchesResponse: - id: ListBatchesResponse - description: A list of batch workloads. + format: int64 + stageShuffleReadMetrics: + $ref: '#/components/schemas/StageShuffleReadMetrics' + stageInputMetrics: + $ref: '#/components/schemas/StageInputMetrics' + stageShuffleWriteMetrics: + $ref: '#/components/schemas/StageShuffleWriteMetrics' + description: Stage Level Aggregated Metrics + type: object + RddOperationGraph: + description: >- + Graph representing RDD dependencies. Consists of edges and a root + cluster. + id: RddOperationGraph type: object properties: - batches: - description: Output only. The batches from the specified collection. - readOnly: true + incomingEdges: type: array items: - $ref: '#/components/schemas/Batch' - nextPageToken: - description: >- - A token, which can be sent as page_token to retrieve the next page. - If this field is omitted, there are no subsequent pages. + $ref: '#/components/schemas/RddOperationEdge' + rootCluster: + $ref: '#/components/schemas/RddOperationCluster' + stageId: type: string - unreachable: - description: >- - Output only. List of Batches that could not be included in the - response. Attempting to get one of these resources may indicate why - it was not included in the list response. - readOnly: true + format: int64 + outgoingEdges: type: array items: - type: string - WriteSparkApplicationContextRequest: - id: WriteSparkApplicationContextRequest - description: Write Spark Application data to internal storage systems - type: object - properties: - parent: - description: Required. Parent (Batch) resource reference. - type: string - sparkWrapperObjects: - type: array + $ref: '#/components/schemas/RddOperationEdge' + edges: items: - $ref: '#/components/schemas/SparkWrapperObject' - SparkWrapperObject: - id: SparkWrapperObject - description: >- - Outer message that contains the data obtained from spark listener, - packaged with information that is required to process it. - type: object + $ref: '#/components/schemas/RddOperationEdge' + type: array + SqlExecutionUiData: + description: SQL Execution Data properties: - eventTimestamp: - description: VM Timestamp associated with the data object. - type: string + submissionTime: format: google-datetime - applicationId: - description: Application Id created by Spark. - type: string - applicationInfo: - $ref: '#/components/schemas/ApplicationInfo' - applicationEnvironmentInfo: - $ref: '#/components/schemas/ApplicationEnvironmentInfo' - resourceProfileInfo: - $ref: '#/components/schemas/ResourceProfileInfo' - appSummary: - $ref: '#/components/schemas/AppSummary' - jobData: - $ref: '#/components/schemas/JobData' - stageData: - $ref: '#/components/schemas/StageData' - taskData: - $ref: '#/components/schemas/TaskData' - executorStageSummary: - $ref: '#/components/schemas/ExecutorStageSummary' - speculationStageSummary: - $ref: '#/components/schemas/SpeculationStageSummary' - executorSummary: - $ref: '#/components/schemas/ExecutorSummary' - rddStorageInfo: - $ref: '#/components/schemas/RddStorageInfo' - streamBlockData: - $ref: '#/components/schemas/StreamBlockData' - rddOperationGraph: - $ref: '#/components/schemas/RddOperationGraph' - poolData: - $ref: '#/components/schemas/PoolData' - processSummary: - $ref: '#/components/schemas/ProcessSummary' - sqlExecutionUiData: - $ref: '#/components/schemas/SqlExecutionUiData' - sparkPlanGraph: - $ref: '#/components/schemas/SparkPlanGraph' - streamingQueryData: - $ref: '#/components/schemas/StreamingQueryData' - streamingQueryProgress: - $ref: '#/components/schemas/StreamingQueryProgress' - nativeBuildInfoUiData: - description: Native Build Info - $ref: '#/components/schemas/NativeBuildInfoUiData' - nativeSqlExecutionUiData: - description: Native SQL Execution Info - $ref: '#/components/schemas/NativeSqlExecutionUiData' - ApplicationInfo: - id: ApplicationInfo - description: High level information corresponding to an application. - type: object - properties: - applicationId: type: string - name: + details: type: string - coresGranted: - type: integer - format: int32 - maxCores: - type: integer - format: int32 - coresPerExecutor: - type: integer - format: int32 - memoryPerExecutorMb: - type: integer - format: int32 - attempts: - type: array - items: - $ref: '#/components/schemas/ApplicationAttemptInfo' - applicationContextIngestionStatus: + description: type: string - enumDescriptions: - - '' - - '' - enum: - - APPLICATION_CONTEXT_INGESTION_STATUS_UNSPECIFIED - - APPLICATION_CONTEXT_INGESTION_STATUS_COMPLETED - quantileDataStatus: - type: string - enumDescriptions: - - '' - - '' - - '' - enum: - - QUANTILE_DATA_STATUS_UNSPECIFIED - - QUANTILE_DATA_STATUS_COMPLETED - - QUANTILE_DATA_STATUS_FAILED - ApplicationAttemptInfo: - id: ApplicationAttemptInfo - description: Specific attempt of an application. - type: object - properties: - attemptId: - type: string - startTime: - type: string - format: google-datetime - endTime: - type: string - format: google-datetime - lastUpdated: - type: string - format: google-datetime - durationMillis: + executionId: type: string format: int64 - sparkUser: - type: string - completed: - type: boolean - appSparkVersion: + completionTime: + format: google-datetime type: string - ApplicationEnvironmentInfo: - id: ApplicationEnvironmentInfo - description: Details about the Environment that the application is running in. - type: object - properties: - runtime: - $ref: '#/components/schemas/SparkRuntimeInfo' - sparkProperties: - type: object - additionalProperties: - type: string - hadoopProperties: - type: object + jobs: additionalProperties: type: string - systemProperties: + enum: + - JOB_EXECUTION_STATUS_UNSPECIFIED + - JOB_EXECUTION_STATUS_RUNNING + - JOB_EXECUTION_STATUS_SUCCEEDED + - JOB_EXECUTION_STATUS_FAILED + - JOB_EXECUTION_STATUS_UNKNOWN + enumDescriptions: + - '' + - '' + - '' + - '' + - '' type: object + modifiedConfigs: additionalProperties: type: string - metricsProperties: type: object - additionalProperties: - type: string - classpathEntries: + errorMessage: + type: string + rootExecutionId: + type: string + format: int64 + metricValues: type: object additionalProperties: type: string - resourceProfiles: + metricValuesIsNull: + type: boolean + stages: type: array items: - $ref: '#/components/schemas/ResourceProfileInfo' - SparkRuntimeInfo: - id: SparkRuntimeInfo - type: object - properties: - javaVersion: - type: string - javaHome: - type: string - scalaVersion: + format: int64 + type: string + physicalPlanDescription: type: string - ResourceProfileInfo: - id: ResourceProfileInfo + metrics: + items: + $ref: '#/components/schemas/SqlPlanMetric' + type: array + type: object + id: SqlExecutionUiData + AccessSessionSparkApplicationSqlSparkPlanGraphResponse: description: >- - Resource profile that contains information about all the resources - required by executors and tasks. + SparkPlanGraph for a Spark Application execution limited to maximum + 10000 clusters. type: object properties: - resourceProfileId: - type: integer - format: int32 - executorResources: - type: object - additionalProperties: - $ref: '#/components/schemas/ExecutorResourceRequest' - taskResources: - type: object - additionalProperties: - $ref: '#/components/schemas/TaskResourceRequest' - ExecutorResourceRequest: - id: ExecutorResourceRequest - description: Resources used per executor used by the application. + sparkPlanGraph: + description: SparkPlanGraph for a Spark Application execution. + $ref: '#/components/schemas/SparkPlanGraph' + id: AccessSessionSparkApplicationSqlSparkPlanGraphResponse + ShuffleReadQuantileMetrics: + properties: + remoteBytesReadToDisk: + $ref: '#/components/schemas/Quantiles' + shufflePushReadMetrics: + $ref: '#/components/schemas/ShufflePushReadQuantileMetrics' + readBytes: + $ref: '#/components/schemas/Quantiles' + fetchWaitTimeMillis: + $ref: '#/components/schemas/Quantiles' + remoteBlocksFetched: + $ref: '#/components/schemas/Quantiles' + localBlocksFetched: + $ref: '#/components/schemas/Quantiles' + remoteBytesRead: + $ref: '#/components/schemas/Quantiles' + readRecords: + $ref: '#/components/schemas/Quantiles' + remoteReqsDuration: + $ref: '#/components/schemas/Quantiles' + totalBlocksFetched: + $ref: '#/components/schemas/Quantiles' + id: ShuffleReadQuantileMetrics type: object + InstanceReference: properties: - resourceName: - type: string - amount: + publicKey: + description: The public RSA key used for sharing data with this instance. type: string - format: int64 - discoveryScript: + instanceId: type: string - vendor: + description: The unique identifier of the Compute Engine instance. + instanceName: + description: The user-friendly name of the Compute Engine instance. type: string - TaskResourceRequest: - id: TaskResourceRequest - description: Resources used per task created by the application. - type: object - properties: - resourceName: + publicEciesKey: + description: The public ECIES key used for sharing data with this instance. type: string - amount: - type: number - format: double - AppSummary: - id: AppSummary + description: A reference to a Compute Engine instance. + id: InstanceReference type: object - properties: - numCompletedJobs: - type: integer - format: int32 - numCompletedStages: - type: integer - format: int32 - JobData: - id: JobData - description: Data corresponding to a spark job. + SparkRBatch: + id: SparkRBatch type: object + description: >- + A configuration for running an Apache SparkR + (https://spark.apache.org/docs/latest/sparkr.html) batch workload. properties: - jobId: - type: string - format: int64 - name: - type: string - description: - type: string - submissionTime: - type: string - format: google-datetime - completionTime: + fileUris: + items: + type: string + type: array + description: >- + Optional. HCFS URIs of files to be placed in the working directory + of each executor. + mainRFileUri: type: string - format: google-datetime - stageIds: + description: >- + Required. The HCFS URI of the main R file to use as the driver. Must + be a .R or .r file. + args: + items: + type: string type: array + description: >- + Optional. The arguments to pass to the Spark driver. Do not include + arguments that can be set as batch properties, such as --conf, since + a collision can occur that causes an incorrect batch submission. + archiveUris: + description: >- + Optional. HCFS URIs of archives to be extracted into the working + directory of each executor. Supported file types: .jar, .tar, + .tar.gz, .tgz, and .zip. items: type: string - format: int64 - jobGroup: - type: string - status: - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - enum: - - JOB_EXECUTION_STATUS_UNSPECIFIED - - JOB_EXECUTION_STATUS_RUNNING - - JOB_EXECUTION_STATUS_SUCCEEDED - - JOB_EXECUTION_STATUS_FAILED - - JOB_EXECUTION_STATUS_UNKNOWN + type: array + StageAttemptTasksSummary: + type: object + description: Data related to tasks summary for a Spark Stage Attempt + id: StageAttemptTasksSummary + properties: numTasks: type: integer format: int32 - numActiveTasks: - type: integer + stageId: + format: int64 + type: string + numPendingTasks: format: int32 - numCompletedTasks: type: integer + numSuccessTasks: format: int32 - numSkippedTasks: type: integer - format: int32 numFailedTasks: - type: integer format: int32 - numKilledTasks: type: integer - format: int32 - numCompletedIndices: - type: integer - format: int32 - numActiveStages: + numRunningTasks: type: integer format: int32 - numCompletedStages: - type: integer + numKilledTasks: format: int32 - numSkippedStages: type: integer + applicationId: + type: string + stageAttemptId: format: int32 - numFailedStages: type: integer - format: int32 - killTasksSummary: - type: object - additionalProperties: - type: integer - format: int32 - skippedStages: + ClusterConfig: + properties: + configBucket: + description: >- + Optional. A Cloud Storage bucket used to stage job dependencies, + config files, and job driver console output. If you do not specify a + staging bucket, Cloud Dataproc will determine a Cloud Storage + location (US, ASIA, or EU) for your cluster's staging bucket + according to the Compute Engine zone where your cluster is deployed, + and then create and manage this project-level, per-location bucket + (see Dataproc staging and temp buckets + (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/staging-bucket)). + This field requires a Cloud Storage bucket name, not a gs://... URI + to a Cloud Storage bucket. + type: string + clusterTier: + description: Optional. The cluster tier. + type: string + enum: + - CLUSTER_TIER_UNSPECIFIED + - CLUSTER_TIER_STANDARD + - CLUSTER_TIER_PREMIUM + enumDescriptions: + - Not set. Works the same as CLUSTER_TIER_STANDARD. + - Standard Dataproc cluster. + - Premium Dataproc cluster. + initializationActions: + description: >- + Optional. Commands to execute on each node after config is + completed. By default, executables are run on master and all worker + nodes. You can test a node's role metadata to run an executable on a + master or worker node, as shown below using curl (you can also use + wget): ROLE=$(curl -H Metadata-Flavor:Google + http://metadata/computeMetadata/v1/instance/attributes/dataproc-role) + if [[ "${ROLE}" == 'Master' ]]; then ... master specific actions ... + else ... worker specific actions ... fi + items: + $ref: '#/components/schemas/NodeInitializationAction' type: array + gceClusterConfig: + $ref: '#/components/schemas/GceClusterConfig' + description: >- + Optional. The shared Compute Engine config settings for all + instances in a cluster. + metastoreConfig: + description: Optional. Metastore configuration. + $ref: '#/components/schemas/MetastoreConfig' + lifecycleConfig: + $ref: '#/components/schemas/LifecycleConfig' + description: Optional. Lifecycle setting for the cluster. + softwareConfig: + description: Optional. The config settings for cluster software. + $ref: '#/components/schemas/SoftwareConfig' + dataprocMetricConfig: + description: Optional. The config for Dataproc metrics. + $ref: '#/components/schemas/DataprocMetricConfig' + auxiliaryNodeGroups: items: - type: integer - format: int32 - sqlExecutionId: + $ref: '#/components/schemas/AuxiliaryNodeGroup' + type: array + description: Optional. The node group settings. + gkeClusterConfig: + description: >- + Optional. BETA. The Kubernetes Engine config for Dataproc clusters + deployed to The Kubernetes Engine config for Dataproc clusters + deployed to Kubernetes. These config settings are mutually exclusive + with Compute Engine-based options, such as gce_cluster_config, + master_config, worker_config, secondary_worker_config, and + autoscaling_config. + $ref: '#/components/schemas/GkeClusterConfig' + deprecated: true + securityConfig: + $ref: '#/components/schemas/SecurityConfig' + description: Optional. Security settings for the cluster. + workerConfig: + description: >- + Optional. The Compute Engine config settings for the cluster's + worker instances. + $ref: '#/components/schemas/InstanceGroupConfig' + clusterType: type: string - format: int64 - StageData: - id: StageData - description: Data corresponding to a stage. + enum: + - CLUSTER_TYPE_UNSPECIFIED + - STANDARD + - SINGLE_NODE + - ZERO_SCALE + description: Optional. The type of the cluster. + enumDescriptions: + - Not set. + - Standard dataproc cluster with a minimum of two primary workers. + - >- + https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/single-node-clusters + - >- + Clusters that can use only secondary workers and be scaled down to + zero secondary worker nodes. + endpointConfig: + description: Optional. Port/endpoint configuration for this cluster + $ref: '#/components/schemas/EndpointConfig' + secondaryWorkerConfig: + description: >- + Optional. The Compute Engine config settings for a cluster's + secondary worker instances + $ref: '#/components/schemas/InstanceGroupConfig' + autoscalingConfig: + $ref: '#/components/schemas/AutoscalingConfig' + description: >- + Optional. Autoscaling config for the policy associated with the + cluster. Cluster does not autoscale if this field is unset. + masterConfig: + $ref: '#/components/schemas/InstanceGroupConfig' + description: >- + Optional. The Compute Engine config settings for the cluster's + master instance. + encryptionConfig: + description: Optional. Encryption settings for the cluster. + $ref: '#/components/schemas/EncryptionConfig' + tempBucket: + description: >- + Optional. A Cloud Storage bucket used to store ephemeral cluster and + jobs data, such as Spark and MapReduce history files. If you do not + specify a temp bucket, Dataproc will determine a Cloud Storage + location (US, ASIA, or EU) for your cluster's temp bucket according + to the Compute Engine zone where your cluster is deployed, and then + create and manage this project-level, per-location bucket. The + default bucket has a TTL of 90 days, but you can use any TTL (or + none) if you specify a bucket (see Dataproc staging and temp buckets + (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/staging-bucket)). + This field requires a Cloud Storage bucket name, not a gs://... URI + to a Cloud Storage bucket. + type: string + diagnosticBucket: + type: string + description: >- + Optional. A Cloud Storage bucket used to collect checkpoint + diagnostic data + (https://cloud.google.com/dataproc/docs/support/diagnose-clusters#checkpoint_diagnostic_data). + If you do not specify a diagnostic bucket, Cloud Dataproc will use + the Dataproc temp bucket to collect the checkpoint diagnostic data. + This field requires a Cloud Storage bucket name, not a gs://... URI + to a Cloud Storage bucket. type: object + description: The cluster config. + id: ClusterConfig + SearchSessionSparkApplicationStageAttemptTasksResponse: properties: - status: + sparkApplicationStageAttemptTasks: + type: array + items: + $ref: '#/components/schemas/TaskData' + readOnly: true + description: Output only. Data corresponding to tasks created by spark. + nextPageToken: type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - STAGE_STATUS_UNSPECIFIED - - STAGE_STATUS_ACTIVE - - STAGE_STATUS_COMPLETE - - STAGE_STATUS_FAILED - - STAGE_STATUS_PENDING - - STAGE_STATUS_SKIPPED - stageId: + description: >- + This token is included in the response if there are more results to + fetch. To fetch additional results, provide this value as the + page_token in a subsequent + SearchSessionSparkApplicationStageAttemptTasksRequest. + id: SearchSessionSparkApplicationStageAttemptTasksResponse + description: List of tasks for a stage of a Spark Application + type: object + UsageMetrics: + type: object + description: >- + Usage metrics represent approximate total resources consumed by a + workload. + properties: + shuffleStorageGbSeconds: + format: int64 + description: >- + Optional. Shuffle storage usage in (GB x seconds) (see Dataproc + Serverless pricing + (https://cloud.google.com/dataproc-serverless/pricing)). type: string + milliDcuSeconds: format: int64 - stageAttemptId: - type: integer - format: int32 - numTasks: + description: >- + Optional. DCU (Dataproc Compute Units) usage in (milliDCU x seconds) + (see Dataproc Serverless pricing + (https://cloud.google.com/dataproc-serverless/pricing)). + type: string + milliAcceleratorSeconds: + type: string + format: int64 + description: >- + Optional. DEPRECATED Accelerator usage in (milliAccelerator x + seconds) (see Dataproc Serverless pricing + (https://cloud.google.com/dataproc-serverless/pricing)). + acceleratorType: + description: Optional. DEPRECATED Accelerator type being used, if any + type: string + updateTime: + format: google-datetime + description: Optional. The timestamp of the usage metrics. + type: string + id: UsageMetrics + AccessSparkApplicationEnvironmentInfoResponse: + id: AccessSparkApplicationEnvironmentInfoResponse + type: object + properties: + applicationEnvironmentInfo: + $ref: '#/components/schemas/ApplicationEnvironmentInfo' + description: Details about the Environment that the application is running in. + description: Environment details of a Saprk Application. + JobData: + properties: + jobGroup: + type: string + numActiveStages: type: integer format: int32 - numActiveTasks: + killTasksSummary: + additionalProperties: + type: integer + format: int32 + type: object + numCompletedIndices: type: integer format: int32 - numCompleteTasks: - type: integer + numCompletedStages: format: int32 - numFailedTasks: type: integer - format: int32 numKilledTasks: type: integer format: int32 - numCompletedIndices: + numFailedTasks: type: integer format: int32 submissionTime: - type: string format: google-datetime - firstTaskLaunchedTime: type: string - format: google-datetime - completionTime: + sqlExecutionId: type: string + format: int64 + numFailedStages: + type: integer + format: int32 + numActiveTasks: + format: int32 + type: integer + skippedStages: + items: + type: integer + format: int32 + type: array + completionTime: format: google-datetime - failureReason: type: string - stageMetrics: - $ref: '#/components/schemas/StageMetrics' name: type: string + numTasks: + type: integer + format: int32 description: type: string - details: - type: string - schedulingPool: - type: string - rddIds: - type: array - items: - type: string - format: int64 - accumulatorUpdates: - type: array - items: - $ref: '#/components/schemas/AccumulableInfo' - tasks: - type: object - additionalProperties: - $ref: '#/components/schemas/TaskData' - executorSummary: - type: object - additionalProperties: - $ref: '#/components/schemas/ExecutorStageSummary' - speculationSummary: - $ref: '#/components/schemas/SpeculationStageSummary' - killedTasksSummary: - type: object - additionalProperties: - type: integer - format: int32 - resourceProfileId: + numSkippedTasks: + format: int32 + type: integer + numSkippedStages: type: integer format: int32 - peakExecutorMetrics: - $ref: '#/components/schemas/ExecutorMetrics' - executorMetricsDistributions: - $ref: '#/components/schemas/ExecutorMetricsDistributions' - isShufflePushEnabled: - type: boolean - shuffleMergersCount: + numCompletedTasks: type: integer format: int32 - jobIds: - type: array + jobId: + type: string + format: int64 + stageIds: items: - type: string format: int64 - locality: - type: object - additionalProperties: type: string - format: int64 - parentStageIds: type: array - items: - type: string - format: int64 - taskQuantileMetrics: - description: >- - Summary metrics fields. These are included in response only if - present in summary_metrics_mask field in request - $ref: '#/components/schemas/TaskQuantileMetrics' - StageMetrics: - id: StageMetrics - description: Stage Level Aggregated Metrics + status: + enum: + - JOB_EXECUTION_STATUS_UNSPECIFIED + - JOB_EXECUTION_STATUS_RUNNING + - JOB_EXECUTION_STATUS_SUCCEEDED + - JOB_EXECUTION_STATUS_FAILED + - JOB_EXECUTION_STATUS_UNKNOWN + type: string + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + id: JobData + description: Data corresponding to a spark job. + type: object + WorkflowMetadata: type: object + id: WorkflowMetadata + description: A Dataproc workflow template resource. properties: - executorDeserializeTimeMillis: - type: string - format: int64 - executorDeserializeCpuTimeNanos: + dagStartTime: + description: >- + Output only. DAG start time, only set for workflows with dag_timeout + when DAG begins. + readOnly: true type: string - format: int64 - executorRunTimeMillis: + format: google-datetime + version: + type: integer + readOnly: true + format: int32 + description: >- + Output only. The version of template at the time of workflow + instantiation. + createCluster: + $ref: '#/components/schemas/ClusterOperation' + description: Output only. The create cluster operation metadata. + readOnly: true + state: + description: Output only. The workflow state. + readOnly: true + enum: + - UNKNOWN + - PENDING + - RUNNING + - DONE + enumDescriptions: + - Unused. + - The operation has been created. + - The operation is running. + - The operation is done; either cancelled or completed. type: string - format: int64 - executorCpuTimeNanos: + template: type: string - format: int64 - resultSize: + readOnly: true + description: >- + Output only. The resource name of the workflow template as described + in https://cloud.google.com/apis/design/resource_names. For + projects.regions.workflowTemplates, the resource name of the + template has the following format: + projects/{project_id}/regions/{region}/workflowTemplates/{template_id} + For projects.locations.workflowTemplates, the resource name of the + template has the following format: + projects/{project_id}/locations/{location}/workflowTemplates/{template_id} + dagTimeout: type: string - format: int64 - jvmGcTimeMillis: + readOnly: true + description: >- + Output only. The timeout duration for the DAG of jobs, expressed in + seconds (see JSON representation of duration + (https://developers.google.com/protocol-buffers/docs/proto3#json)). + format: google-duration + endTime: type: string - format: int64 - resultSerializationTimeMillis: + description: Output only. Workflow end time. + readOnly: true + format: google-datetime + clusterUuid: type: string - format: int64 - memoryBytesSpilled: + description: Output only. The UUID of target cluster. + readOnly: true + parameters: + description: >- + Map from parameter names to values that were used for those + parameters. + type: object + additionalProperties: + type: string + dagEndTime: + format: google-datetime type: string - format: int64 - diskBytesSpilled: + description: >- + Output only. DAG end time, only set for workflows with dag_timeout + when DAG ends. + readOnly: true + clusterName: type: string - format: int64 - peakExecutionMemoryBytes: + description: Output only. The name of the target cluster. + readOnly: true + startTime: + description: Output only. Workflow start time. type: string - format: int64 - stageInputMetrics: - $ref: '#/components/schemas/StageInputMetrics' - stageOutputMetrics: - $ref: '#/components/schemas/StageOutputMetrics' - stageShuffleReadMetrics: - $ref: '#/components/schemas/StageShuffleReadMetrics' - stageShuffleWriteMetrics: - $ref: '#/components/schemas/StageShuffleWriteMetrics' - StageInputMetrics: - id: StageInputMetrics - description: Metrics about the input read by the stage. + readOnly: true + format: google-datetime + deleteCluster: + $ref: '#/components/schemas/ClusterOperation' + description: Output only. The delete cluster operation metadata. + readOnly: true + graph: + $ref: '#/components/schemas/WorkflowGraph' + description: Output only. The workflow graph. + readOnly: true + StateOperatorProgress: type: object properties: - bytesRead: + memoryUsedBytes: type: string format: int64 - recordsRead: - type: string + numRowsUpdated: format: int64 - StageOutputMetrics: - id: StageOutputMetrics - description: Metrics about the output written by the stage. - type: object - properties: - bytesWritten: type: string - format: int64 - recordsWritten: + numShufflePartitions: type: string format: int64 - StageShuffleReadMetrics: - id: StageShuffleReadMetrics - description: Shuffle data read for the stage. - type: object - properties: - remoteBlocksFetched: + operatorName: type: string - format: int64 - localBlocksFetched: + customMetrics: + type: object + additionalProperties: + type: string + format: int64 + numRowsDroppedByWatermark: type: string format: int64 - fetchWaitTimeMillis: - type: string + allRemovalsTimeMs: format: int64 - remoteBytesRead: type: string + numStateStoreInstances: format: int64 - remoteBytesReadToDisk: type: string - format: int64 - localBytesRead: + commitTimeMs: type: string format: int64 - recordsRead: - type: string + numRowsTotal: format: int64 - bytesRead: type: string + numRowsRemoved: format: int64 - remoteReqsDuration: + type: string + allUpdatesTimeMs: type: string format: int64 - stageShufflePushReadMetrics: - $ref: '#/components/schemas/StageShufflePushReadMetrics' - StageShufflePushReadMetrics: - id: StageShufflePushReadMetrics + id: StateOperatorProgress + ExecutorPeakMetricsDistributions: type: object + id: ExecutorPeakMetricsDistributions properties: - corruptMergedBlockChunks: - type: string + quantiles: + type: array + items: + type: number + format: double + executorMetrics: + type: array + items: + $ref: '#/components/schemas/ExecutorMetrics' + ClusterMetrics: + id: ClusterMetrics + properties: + yarnMetrics: + description: YARN metrics. + type: object + additionalProperties: + type: string + format: int64 + hdfsMetrics: + additionalProperties: + type: string + format: int64 + description: The HDFS metrics. + type: object + type: object + description: >- + Contains cluster daemon metrics, such as HDFS and YARN stats.Beta + Feature: This report is available for testing purposes only. It may be + changed before final release. + SummarizeSessionSparkApplicationJobsResponse: + type: object + properties: + jobsSummary: + description: Summary of a Spark Application Jobs + $ref: '#/components/schemas/JobsSummary' + description: Summary of a Spark Application jobs. + id: SummarizeSessionSparkApplicationJobsResponse + ShuffleWriteMetrics: + description: Shuffle data written by task. + properties: + recordsWritten: format: int64 - mergedFetchFallbackCount: type: string + bytesWritten: format: int64 - remoteMergedBlocksFetched: type: string - format: int64 - localMergedBlocksFetched: + writeTimeNanos: type: string format: int64 - remoteMergedChunksFetched: + id: ShuffleWriteMetrics + type: object + Batch: + type: object + description: A representation of a batch workload in the service. + id: Batch + properties: + creator: type: string - format: int64 - localMergedChunksFetched: + description: Output only. The email address of the user who created the batch. + readOnly: true + stateTime: type: string - format: int64 - remoteMergedBytesRead: + readOnly: true + description: Output only. The time when the batch entered a current state. + format: google-datetime + labels: + type: object + additionalProperties: + type: string + description: >- + Optional. The labels to associate with this batch. Label keys must + contain 1 to 63 characters, and must conform to RFC 1035 + (https://www.ietf.org/rfc/rfc1035.txt). Label values may be empty, + but, if present, must contain 1 to 63 characters, and must conform + to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). No more than 32 + labels can be associated with a batch. + runtimeInfo: + $ref: '#/components/schemas/RuntimeInfo' + readOnly: true + description: Output only. Runtime information about batch execution. + name: type: string - format: int64 - localMergedBytesRead: + readOnly: true + description: Output only. The resource name of the batch. + stateMessage: type: string - format: int64 - remoteMergedReqsDuration: + readOnly: true + description: >- + Output only. Batch state details, such as a failure description if + the state is FAILED. + sparkSqlBatch: + $ref: '#/components/schemas/SparkSqlBatch' + description: Optional. SparkSql batch config. + state: + readOnly: true + enum: + - STATE_UNSPECIFIED + - PENDING + - RUNNING + - CANCELLING + - CANCELLED + - SUCCEEDED + - FAILED type: string - format: int64 - StageShuffleWriteMetrics: - id: StageShuffleWriteMetrics - description: Shuffle data written for the stage. - type: object - properties: - bytesWritten: + description: Output only. The state of the batch. + enumDescriptions: + - The batch state is unknown. + - The batch is created before running. + - The batch is running. + - The batch is cancelling. + - The batch cancellation was successful. + - The batch completed successfully. + - The batch is no longer running due to an error. + uuid: type: string - format: int64 - writeTimeNanos: + readOnly: true + description: >- + Output only. A batch UUID (Unique Universal Identifier). The service + generates this value when it creates the batch. + operation: + description: >- + Output only. The resource name of the operation associated with this + batch. + readOnly: true type: string - format: int64 - recordsWritten: + stateHistory: + readOnly: true + description: Output only. Historical state information for the batch. + type: array + items: + $ref: '#/components/schemas/StateHistory' + createTime: + description: Output only. The time when the batch was created. type: string - format: int64 - AccumulableInfo: - id: AccumulableInfo + readOnly: true + format: google-datetime + pysparkBatch: + description: Optional. PySpark batch config. + $ref: '#/components/schemas/PySparkBatch' + sparkRBatch: + description: Optional. SparkR batch config. + $ref: '#/components/schemas/SparkRBatch' + sparkBatch: + description: Optional. Spark batch config. + $ref: '#/components/schemas/SparkBatch' + runtimeConfig: + description: Optional. Runtime configuration for the batch execution. + $ref: '#/components/schemas/RuntimeConfig' + environmentConfig: + $ref: '#/components/schemas/EnvironmentConfig' + description: Optional. Environment configuration for the batch execution. + QueryList: + description: A list of queries to run on a cluster. type: object + id: QueryList properties: - accumullableInfoId: + queries: + description: >- + Required. The queries to execute. You do not need to end a query + expression with a semicolon. Multiple queries can be specified in + one string by separating each with a semicolon. Here is an example + of a Dataproc API snippet that uses a QueryList to specify a + HiveJob: "hiveJob": { "queryList": { "queries": [ "query1", + "query2", "query3;query4", ] } } + items: + type: string + type: array + TestIamPermissionsResponse: + properties: + permissions: + items: + type: string + type: array + description: >- + A subset of TestPermissionsRequest.permissions that the caller is + allowed. + type: object + description: Response message for TestIamPermissions method. + id: TestIamPermissionsResponse + ExecutorResourceRequest: + properties: + resourceName: type: string - format: int64 - name: + discoveryScript: type: string - update: + vendor: type: string - value: + amount: type: string - TaskData: - id: TaskData - description: Data corresponding to tasks created by spark. + format: int64 type: object + description: Resources used per executor used by the application. + id: ExecutorResourceRequest + SearchSessionSparkApplicationExecutorStageSummaryResponse: + id: SearchSessionSparkApplicationExecutorStageSummaryResponse properties: - stageId: + sparkApplicationStageExecutors: + items: + $ref: '#/components/schemas/ExecutorStageSummary' + description: Details about executors used by the application stage. + type: array + nextPageToken: type: string - format: int64 - stageAttemptId: - type: integer - format: int32 - taskId: + description: >- + This token is included in the response if there are more results to + fetch. To fetch additional results, provide this value as the + page_token in a subsequent + SearchSessionSparkApplicationExecutorStageSummaryRequest. + type: object + description: List of Executors associated with a Spark Application Stage. + DiagnoseClusterResults: + type: object + description: The location of diagnostic output. + properties: + outputUri: type: string - format: int64 - index: - type: integer - format: int32 - attempt: - type: integer - format: int32 - partitionId: - type: integer - format: int32 - launchTime: - type: string - format: google-datetime - resultFetchStart: - type: string - format: google-datetime - durationMillis: - type: string - format: int64 - executorId: - type: string - host: - type: string - status: - type: string - taskLocality: - type: string - speculative: - type: boolean - accumulatorUpdates: - type: array - items: - $ref: '#/components/schemas/AccumulableInfo' - errorMessage: - type: string - hasMetrics: - type: boolean - taskMetrics: - $ref: '#/components/schemas/TaskMetrics' - executorLogs: - type: object - additionalProperties: - type: string - schedulerDelayMillis: - type: string - format: int64 - gettingResultTimeMillis: - type: string - format: int64 - TaskMetrics: - id: TaskMetrics - description: Executor Task Metrics - type: object - properties: - executorDeserializeTimeMillis: - type: string - format: int64 - executorDeserializeCpuTimeNanos: - type: string - format: int64 - executorRunTimeMillis: - type: string - format: int64 - executorCpuTimeNanos: - type: string - format: int64 - resultSize: - type: string - format: int64 - jvmGcTimeMillis: - type: string - format: int64 - resultSerializationTimeMillis: - type: string - format: int64 - memoryBytesSpilled: - type: string - format: int64 - diskBytesSpilled: - type: string - format: int64 - peakExecutionMemoryBytes: - type: string - format: int64 - inputMetrics: - $ref: '#/components/schemas/InputMetrics' - outputMetrics: - $ref: '#/components/schemas/OutputMetrics' - shuffleReadMetrics: - $ref: '#/components/schemas/ShuffleReadMetrics' - shuffleWriteMetrics: - $ref: '#/components/schemas/ShuffleWriteMetrics' - InputMetrics: - id: InputMetrics - description: Metrics about the input data read by the task. - type: object - properties: - bytesRead: - type: string - format: int64 - recordsRead: - type: string - format: int64 - OutputMetrics: - id: OutputMetrics - description: Metrics about the data written by the task. - type: object - properties: - bytesWritten: - type: string - format: int64 - recordsWritten: - type: string - format: int64 - ShuffleReadMetrics: - id: ShuffleReadMetrics - description: Shuffle data read by the task. - type: object - properties: - remoteBlocksFetched: - type: string - format: int64 - localBlocksFetched: - type: string - format: int64 - fetchWaitTimeMillis: - type: string - format: int64 - remoteBytesRead: - type: string - format: int64 - remoteBytesReadToDisk: - type: string - format: int64 - localBytesRead: - type: string - format: int64 - recordsRead: - type: string - format: int64 - remoteReqsDuration: - type: string - format: int64 - shufflePushReadMetrics: - $ref: '#/components/schemas/ShufflePushReadMetrics' - ShufflePushReadMetrics: - id: ShufflePushReadMetrics - type: object - properties: - corruptMergedBlockChunks: - type: string - format: int64 - mergedFetchFallbackCount: - type: string - format: int64 - remoteMergedBlocksFetched: - type: string - format: int64 - localMergedBlocksFetched: - type: string - format: int64 - remoteMergedChunksFetched: - type: string - format: int64 - localMergedChunksFetched: - type: string - format: int64 - remoteMergedBytesRead: - type: string - format: int64 - localMergedBytesRead: - type: string - format: int64 - remoteMergedReqsDuration: - type: string - format: int64 - ShuffleWriteMetrics: - id: ShuffleWriteMetrics - description: Shuffle data written by task. - type: object - properties: - bytesWritten: - type: string - format: int64 - writeTimeNanos: - type: string - format: int64 - recordsWritten: - type: string - format: int64 - ExecutorStageSummary: - id: ExecutorStageSummary - description: Executor resources consumed by a stage. - type: object - properties: - stageId: - type: string - format: int64 - stageAttemptId: - type: integer - format: int32 - executorId: - type: string - taskTimeMillis: - type: string - format: int64 - failedTasks: - type: integer - format: int32 - succeededTasks: - type: integer - format: int32 - killedTasks: - type: integer - format: int32 - inputBytes: - type: string - format: int64 - inputRecords: - type: string - format: int64 - outputBytes: - type: string - format: int64 - outputRecords: - type: string - format: int64 - shuffleRead: - type: string - format: int64 - shuffleReadRecords: - type: string - format: int64 - shuffleWrite: - type: string - format: int64 - shuffleWriteRecords: - type: string - format: int64 - memoryBytesSpilled: - type: string - format: int64 - diskBytesSpilled: - type: string - format: int64 - isExcludedForStage: - type: boolean - peakMemoryMetrics: - $ref: '#/components/schemas/ExecutorMetrics' - ExecutorMetrics: - id: ExecutorMetrics - type: object - properties: - metrics: - type: object - additionalProperties: - type: string - format: int64 - SpeculationStageSummary: - id: SpeculationStageSummary - description: Details of the speculation task when speculative execution is enabled. - type: object - properties: - stageId: - type: string - format: int64 - stageAttemptId: - type: integer - format: int32 - numTasks: - type: integer - format: int32 - numActiveTasks: - type: integer - format: int32 - numCompletedTasks: - type: integer - format: int32 - numFailedTasks: - type: integer - format: int32 - numKilledTasks: - type: integer - format: int32 - ExecutorMetricsDistributions: - id: ExecutorMetricsDistributions - type: object - properties: - quantiles: - type: array - items: - type: number - format: double - taskTimeMillis: - type: array - items: - type: number - format: double - failedTasks: - type: array - items: - type: number - format: double - succeededTasks: - type: array - items: - type: number - format: double - killedTasks: - type: array - items: - type: number - format: double - inputBytes: - type: array - items: - type: number - format: double - inputRecords: - type: array - items: - type: number - format: double - outputBytes: - type: array - items: - type: number - format: double - outputRecords: - type: array - items: - type: number - format: double - shuffleRead: - type: array - items: - type: number - format: double - shuffleReadRecords: - type: array - items: - type: number - format: double - shuffleWrite: - type: array - items: - type: number - format: double - shuffleWriteRecords: - type: array - items: - type: number - format: double - memoryBytesSpilled: - type: array - items: - type: number - format: double - diskBytesSpilled: - type: array - items: - type: number - format: double - peakMemoryMetrics: - $ref: '#/components/schemas/ExecutorPeakMetricsDistributions' - ExecutorPeakMetricsDistributions: - id: ExecutorPeakMetricsDistributions - type: object + description: >- + Output only. The Cloud Storage URI of the diagnostic output. The + output report is a plain text file with a summary of collected + diagnostics. + readOnly: true + id: DiagnoseClusterResults + AutotuningConfig: + description: Autotuning configuration of the workload. properties: - quantiles: - type: array - items: - type: number - format: double - executorMetrics: - type: array + scenarios: items: - $ref: '#/components/schemas/ExecutorMetrics' - TaskQuantileMetrics: - id: TaskQuantileMetrics - type: object - properties: - durationMillis: - $ref: '#/components/schemas/Quantiles' - executorDeserializeTimeMillis: - $ref: '#/components/schemas/Quantiles' - executorDeserializeCpuTimeNanos: - $ref: '#/components/schemas/Quantiles' - executorRunTimeMillis: - $ref: '#/components/schemas/Quantiles' - executorCpuTimeNanos: - $ref: '#/components/schemas/Quantiles' - resultSize: - $ref: '#/components/schemas/Quantiles' - jvmGcTimeMillis: - $ref: '#/components/schemas/Quantiles' - resultSerializationTimeMillis: - $ref: '#/components/schemas/Quantiles' - gettingResultTimeMillis: - $ref: '#/components/schemas/Quantiles' - schedulerDelayMillis: - $ref: '#/components/schemas/Quantiles' - peakExecutionMemoryBytes: - $ref: '#/components/schemas/Quantiles' - memoryBytesSpilled: - $ref: '#/components/schemas/Quantiles' - diskBytesSpilled: - $ref: '#/components/schemas/Quantiles' - inputMetrics: - $ref: '#/components/schemas/InputQuantileMetrics' - outputMetrics: - $ref: '#/components/schemas/OutputQuantileMetrics' - shuffleReadMetrics: - $ref: '#/components/schemas/ShuffleReadQuantileMetrics' - shuffleWriteMetrics: - $ref: '#/components/schemas/ShuffleWriteQuantileMetrics' - Quantiles: - id: Quantiles - description: >- - Quantile metrics data related to Tasks. Units can be seconds, bytes, - milliseconds, etc depending on the message type. - type: object - properties: - minimum: - type: string - format: int64 - percentile25: - type: string - format: int64 - percentile50: - type: string - format: int64 - percentile75: - type: string - format: int64 - maximum: - type: string - format: int64 - sum: - type: string - format: int64 - count: - type: string - format: int64 - InputQuantileMetrics: - id: InputQuantileMetrics - type: object - properties: - bytesRead: - $ref: '#/components/schemas/Quantiles' - recordsRead: - $ref: '#/components/schemas/Quantiles' - OutputQuantileMetrics: - id: OutputQuantileMetrics + enum: + - SCENARIO_UNSPECIFIED + - SCALING + - BROADCAST_HASH_JOIN + - MEMORY + - NONE + - AUTO + enumDescriptions: + - Default value. + - Scaling recommendations such as initialExecutors. + - Adding hints for potential relation broadcasts. + - Memory management for workloads. + - No autotuning. + - Automatic selection of scenarios. + type: string + description: Optional. Scenarios for which tunings are applied. + type: array type: object - properties: - bytesWritten: - $ref: '#/components/schemas/Quantiles' - recordsWritten: - $ref: '#/components/schemas/Quantiles' - ShuffleReadQuantileMetrics: - id: ShuffleReadQuantileMetrics + id: AutotuningConfig + ClusterToRepair: type: object + description: Cluster to be repaired + id: ClusterToRepair properties: - readBytes: - $ref: '#/components/schemas/Quantiles' - readRecords: - $ref: '#/components/schemas/Quantiles' - remoteBlocksFetched: - $ref: '#/components/schemas/Quantiles' - localBlocksFetched: - $ref: '#/components/schemas/Quantiles' - fetchWaitTimeMillis: - $ref: '#/components/schemas/Quantiles' - remoteBytesRead: - $ref: '#/components/schemas/Quantiles' - remoteBytesReadToDisk: - $ref: '#/components/schemas/Quantiles' - totalBlocksFetched: - $ref: '#/components/schemas/Quantiles' - remoteReqsDuration: - $ref: '#/components/schemas/Quantiles' - shufflePushReadMetrics: - $ref: '#/components/schemas/ShufflePushReadQuantileMetrics' - ShufflePushReadQuantileMetrics: - id: ShufflePushReadQuantileMetrics - type: object + clusterRepairAction: + enumDescriptions: + - No action will be taken by default. + - Repair cluster in ERROR_DUE_TO_UPDATE states. + enum: + - CLUSTER_REPAIR_ACTION_UNSPECIFIED + - REPAIR_ERROR_DUE_TO_UPDATE_CLUSTER + description: Required. Repair action to take on the cluster resource. + type: string + InstanceFlexibilityPolicy: + id: InstanceFlexibilityPolicy + description: >- + Instance flexibility Policy allowing a mixture of VM shapes and + provisioning models. properties: - corruptMergedBlockChunks: - $ref: '#/components/schemas/Quantiles' - mergedFetchFallbackCount: - $ref: '#/components/schemas/Quantiles' - remoteMergedBlocksFetched: - $ref: '#/components/schemas/Quantiles' - localMergedBlocksFetched: - $ref: '#/components/schemas/Quantiles' - remoteMergedChunksFetched: - $ref: '#/components/schemas/Quantiles' - localMergedChunksFetched: - $ref: '#/components/schemas/Quantiles' - remoteMergedBytesRead: - $ref: '#/components/schemas/Quantiles' - localMergedBytesRead: - $ref: '#/components/schemas/Quantiles' - remoteMergedReqsDuration: - $ref: '#/components/schemas/Quantiles' - ShuffleWriteQuantileMetrics: - id: ShuffleWriteQuantileMetrics + provisioningModelMix: + description: >- + Optional. Defines how the Group selects the provisioning model to + ensure required reliability. + $ref: '#/components/schemas/ProvisioningModelMix' + instanceSelectionList: + type: array + items: + $ref: '#/components/schemas/InstanceSelection' + description: >- + Optional. List of instance selection options that the group will use + when creating new VMs. + instanceSelectionResults: + readOnly: true + type: array + description: Output only. A list of instance selection results in the group. + items: + $ref: '#/components/schemas/InstanceSelectionResult' type: object - properties: - writeBytes: - $ref: '#/components/schemas/Quantiles' - writeRecords: - $ref: '#/components/schemas/Quantiles' - writeTimeNanos: - $ref: '#/components/schemas/Quantiles' - ExecutorSummary: - id: ExecutorSummary - description: Details about executors used by the application. + SparkJob: + description: >- + A Dataproc job for running Apache Spark (https://spark.apache.org/) + applications on YARN. type: object properties: - executorId: - type: string - hostPort: - type: string - isActive: - type: boolean - rddBlocks: - type: integer - format: int32 - memoryUsed: - type: string - format: int64 - diskUsed: - type: string - format: int64 - totalCores: - type: integer - format: int32 - maxTasks: - type: integer - format: int32 - activeTasks: - type: integer - format: int32 - failedTasks: - type: integer - format: int32 - completedTasks: - type: integer - format: int32 - totalTasks: - type: integer - format: int32 - totalDurationMillis: - type: string - format: int64 - totalGcTimeMillis: - type: string - format: int64 - totalInputBytes: - type: string - format: int64 - totalShuffleRead: - type: string - format: int64 - totalShuffleWrite: - type: string - format: int64 - isExcluded: - type: boolean - maxMemory: - type: string - format: int64 - addTime: - type: string - format: google-datetime - removeTime: - type: string - format: google-datetime - removeReason: - type: string - executorLogs: - type: object - additionalProperties: + fileUris: + description: >- + Optional. HCFS URIs of files to be placed in the working directory + of each executor. Useful for naively parallel tasks. + type: array + items: type: string - memoryMetrics: - $ref: '#/components/schemas/MemoryMetrics' - excludedInStages: + archiveUris: type: array + description: >- + Optional. HCFS URIs of archives to be extracted into the working + directory of each executor. Supported file types: .jar, .tar, + .tar.gz, .tgz, and .zip. items: type: string - format: int64 - peakMemoryMetrics: - $ref: '#/components/schemas/ExecutorMetrics' - attributes: - type: object - additionalProperties: + jarFileUris: + description: >- + Optional. HCFS URIs of jar files to add to the CLASSPATHs of the + Spark driver and tasks. + type: array + items: type: string - resources: + properties: type: object additionalProperties: - $ref: '#/components/schemas/ResourceInformation' - resourceProfileId: - type: integer - format: int32 - MemoryMetrics: - id: MemoryMetrics - type: object - properties: - usedOnHeapStorageMemory: - type: string - format: int64 - usedOffHeapStorageMemory: - type: string - format: int64 - totalOnHeapStorageMemory: - type: string - format: int64 - totalOffHeapStorageMemory: + type: string + description: >- + Optional. A mapping of property names to values, used to configure + Spark. Properties that conflict with values set by the Dataproc API + might be overwritten. Can include properties set in + /etc/spark/conf/spark-defaults.conf and classes in user code. + mainJarFileUri: type: string - format: int64 - ResourceInformation: - id: ResourceInformation - type: object - properties: - name: + description: The HCFS URI of the jar file that contains the main class. + mainClass: + description: >- + The name of the driver's main class. The jar file that contains the + class must be in the default CLASSPATH or specified in + SparkJob.jar_file_uris. type: string - addresses: + args: type: array items: type: string - RddStorageInfo: - id: RddStorageInfo - description: Overall data about RDD storage. + description: >- + Optional. The arguments to pass to the driver. Do not include + arguments, such as --conf, that can be set as job properties, since + a collision may occur that causes an incorrect job submission. + loggingConfig: + $ref: '#/components/schemas/LoggingConfig' + description: Optional. The runtime log config for job execution. + id: SparkJob + AuxiliaryServicesConfig: type: object + description: Auxiliary services configuration for a Cluster. properties: - rddStorageId: - type: integer + sparkHistoryServerConfig: + $ref: '#/components/schemas/SparkHistoryServerConfig' + description: Optional. The Spark History Server configuration for the workload. + metastoreConfig: + description: Optional. The Hive Metastore configuration for this workload. + $ref: '#/components/schemas/MetastoreConfig' + id: AuxiliaryServicesConfig + GkeNodePoolAutoscalingConfig: + properties: + minNodeCount: + description: >- + The minimum number of nodes in the node pool. Must be >= 0 and <= + max_node_count. format: int32 - name: - type: string - numPartitions: type: integer - format: int32 - numCachedPartitions: + maxNodeCount: type: integer format: int32 - storageLevel: - type: string - memoryUsed: - type: string - format: int64 - diskUsed: - type: string - format: int64 - dataDistribution: - type: array - items: - $ref: '#/components/schemas/RddDataDistribution' - partitions: - type: array - items: - $ref: '#/components/schemas/RddPartitionInfo' - RddDataDistribution: - id: RddDataDistribution - description: Details about RDD usage. + description: >- + The maximum number of nodes in the node pool. Must be >= + min_node_count, and must be > 0. Note: Quota must be sufficient to + scale up the cluster. + id: GkeNodePoolAutoscalingConfig + type: object + description: >- + GkeNodePoolAutoscaling contains information the cluster autoscaler needs + to adjust the size of the node pool to the current cluster usage. + AccessSparkApplicationResponse: + description: A summary of Spark Application type: object + id: AccessSparkApplicationResponse properties: - address: - type: string - memoryUsed: - type: string - format: int64 - memoryRemaining: - type: string - format: int64 - diskUsed: - type: string - format: int64 - onHeapMemoryUsed: - type: string - format: int64 - offHeapMemoryUsed: - type: string - format: int64 - onHeapMemoryRemaining: - type: string - format: int64 - offHeapMemoryRemaining: - type: string - format: int64 - RddPartitionInfo: - id: RddPartitionInfo - description: Information about RDD partitions. + application: + $ref: '#/components/schemas/ApplicationInfo' + readOnly: true + description: Output only. High level information corresponding to an application. + AccessSparkApplicationStageRddOperationGraphResponse: + properties: + rddOperationGraph: + description: RDD operation graph for a Spark Application Stage. + $ref: '#/components/schemas/RddOperationGraph' + id: AccessSparkApplicationStageRddOperationGraphResponse type: object + description: >- + RDD operation graph for a Spark Application Stage limited to maximum + 10000 clusters. + GkeNodePoolTarget: properties: - blockName: - type: string - storageLevel: - type: string - memoryUsed: - type: string - format: int64 - diskUsed: - type: string - format: int64 - executors: + roles: type: array + description: Required. The roles associated with the GKE node pool. items: + enumDescriptions: + - Role is unspecified. + - >- + At least one node pool must have the DEFAULT role. Work assigned + to a role that is not associated with a node pool is assigned to + the node pool with the DEFAULT role. For example, work assigned + to the CONTROLLER role will be assigned to the node pool with + the DEFAULT role if no node pool has the CONTROLLER role. + - >- + Run work associated with the Dataproc control plane (for + example, controllers and webhooks). Very low resource + requirements. + - Run work associated with a Spark driver of a job. + - Run work associated with a Spark executor of a job. type: string - StreamBlockData: - id: StreamBlockData - description: Stream Block Data. + enum: + - ROLE_UNSPECIFIED + - DEFAULT + - CONTROLLER + - SPARK_DRIVER + - SPARK_EXECUTOR + nodePoolConfig: + description: >- + Input only. The configuration for the GKE node pool.If specified, + Dataproc attempts to create a node pool with the specified shape. If + one with the same name already exists, it is verified against all + specified fields. If a field differs, the virtual cluster creation + will fail.If omitted, any node pool with the specified name is used. + If a node pool with the specified name does not exist, Dataproc + create a node pool with default values.This is an input only field. + It will not be returned by the API. + $ref: '#/components/schemas/GkeNodePoolConfig' + nodePool: + type: string + description: >- + Required. The target GKE node pool. Format: + 'projects/{project}/locations/{location}/clusters/{cluster}/nodePools/{node_pool}' + id: GkeNodePoolTarget type: object + description: GKE node pools that Dataproc workloads run on. + RddOperationNode: + id: RddOperationNode properties: - name: - type: string - executorId: - type: string - hostPort: - type: string - storageLevel: - type: string - useMemory: - type: boolean - useDisk: + cached: type: boolean - deserialized: + nodeId: + type: integer + format: int32 + barrier: type: boolean - memSize: + name: type: string - format: int64 - diskSize: + outputDeterministicLevel: + enum: + - DETERMINISTIC_LEVEL_UNSPECIFIED + - DETERMINISTIC_LEVEL_DETERMINATE + - DETERMINISTIC_LEVEL_UNORDERED + - DETERMINISTIC_LEVEL_INDETERMINATE + enumDescriptions: + - '' + - '' + - '' + - '' + type: string + callsite: type: string - format: int64 - RddOperationGraph: - id: RddOperationGraph - description: >- - Graph representing RDD dependencies. Consists of edges and a root - cluster. type: object + description: A node in the RDD operation graph. Corresponds to a single RDD. + PoolData: properties: - stageId: - type: string - format: int64 - edges: - type: array - items: - $ref: '#/components/schemas/RddOperationEdge' - outgoingEdges: - type: array + stageIds: items: - $ref: '#/components/schemas/RddOperationEdge' - incomingEdges: + type: string + format: int64 type: array - items: - $ref: '#/components/schemas/RddOperationEdge' - rootCluster: - $ref: '#/components/schemas/RddOperationCluster' - RddOperationEdge: - id: RddOperationEdge - description: A directed edge representing dependency between two RDDs. + name: + type: string + id: PoolData + description: Pool Data type: object + SpeculationStageSummary: properties: - fromId: + stageAttemptId: type: integer format: int32 - toId: + stageId: + format: int64 + type: string + numActiveTasks: type: integer format: int32 - RddOperationCluster: - id: RddOperationCluster - description: >- - A grouping of nodes representing higher level constructs (stage, job - etc.). - type: object - properties: - rddClusterId: - type: string - name: - type: string - childNodes: - type: array - items: - $ref: '#/components/schemas/RddOperationNode' - childClusters: - type: array - items: - $ref: '#/components/schemas/RddOperationCluster' - RddOperationNode: - id: RddOperationNode - description: A node in the RDD operation graph. Corresponds to a single RDD. - type: object - properties: - nodeId: + numKilledTasks: + type: integer + format: int32 + numTasks: + type: integer + format: int32 + numCompletedTasks: type: integer format: int32 - name: - type: string - cached: - type: boolean - barrier: - type: boolean - callsite: + numFailedTasks: + format: int32 + type: integer + description: Details of the speculation task when speculative execution is enabled. + type: object + id: SpeculationStageSummary + JobReference: + id: JobReference + type: object + description: Encapsulates the full scoping used to reference a job. + properties: + projectId: + description: >- + Optional. The ID of the Google Cloud Platform project that the job + belongs to. If specified, must match the request project ID. type: string - outputDeterministicLevel: + jobId: type: string - enumDescriptions: - - '' - - '' - - '' - - '' - enum: - - DETERMINISTIC_LEVEL_UNSPECIFIED - - DETERMINISTIC_LEVEL_DETERMINATE - - DETERMINISTIC_LEVEL_UNORDERED - - DETERMINISTIC_LEVEL_INDETERMINATE - PoolData: - id: PoolData - description: Pool Data + description: >- + Optional. The job ID, which must be unique within the project.The ID + must contain only letters (a-z, A-Z), numbers (0-9), underscores + (_), or hyphens (-). The maximum length is 100 characters.If not + specified by the caller, the job ID will be provided by the server. + GetIamPolicyRequest: + description: Request message for GetIamPolicy method. type: object properties: + options: + $ref: '#/components/schemas/GetPolicyOptions' + description: >- + OPTIONAL: A GetPolicyOptions object for specifying options to + GetIamPolicy. + id: GetIamPolicyRequest + SqlPlanMetric: + description: Metrics related to SQL execution. + properties: + accumulatorId: + format: int64 + type: string + metricType: + type: string name: type: string - stageIds: - type: array - items: - type: string - format: int64 - ProcessSummary: - id: ProcessSummary - description: Process Summary + id: SqlPlanMetric type: object + SinkProgress: + id: SinkProgress properties: - processId: - type: string - hostPort: - type: string - isActive: - type: boolean - totalCores: - type: integer - format: int32 - addTime: + numOutputRows: type: string - format: google-datetime - removeTime: + format: int64 + description: type: string - format: google-datetime - processLogs: + metrics: type: object additionalProperties: type: string - SqlExecutionUiData: - id: SqlExecutionUiData - description: SQL Execution Data type: object + YarnApplication: + description: >- + A YARN application created by a job. Application information is a subset + of org.apache.hadoop.yarn.proto.YarnProtos.ApplicationReportProto.Beta + Feature: This report is available for testing purposes only. It may be + changed before final release. properties: - executionId: - type: string + memoryMbSeconds: + description: >- + Optional. The cumulative memory usage of the application for a job, + measured in mb-seconds. format: int64 - rootExecutionId: type: string - format: int64 - description: + state: + enumDescriptions: + - Status is unspecified. + - Status is NEW. + - Status is NEW_SAVING. + - Status is SUBMITTED. + - Status is ACCEPTED. + - Status is RUNNING. + - Status is FINISHED. + - Status is FAILED. + - Status is KILLED. + enum: + - STATE_UNSPECIFIED + - NEW + - NEW_SAVING + - SUBMITTED + - ACCEPTED + - RUNNING + - FINISHED + - FAILED + - KILLED + description: Required. The application state. type: string - details: + vcoreSeconds: + format: int64 + description: >- + Optional. The cumulative CPU time consumed by the application for a + job, measured in vcore-seconds. type: string - physicalPlanDescription: + progress: + description: Required. The numerical progress of the application, from 1 to 100. + format: float + type: number + trackingUrl: type: string - modifiedConfigs: - type: object - additionalProperties: - type: string - metrics: - type: array - items: - $ref: '#/components/schemas/SqlPlanMetric' - submissionTime: + description: >- + Optional. The HTTP URL of the ApplicationMaster, HistoryServer, or + TimelineServer that provides application-specific information. The + URL uses the internal hostname, and requires a proxy server for + resolution and, possibly, access. + name: + description: Required. The application name. type: string - format: google-datetime - completionTime: + type: object + id: YarnApplication + GceClusterConfig: + properties: + nodeGroupAffinity: + description: Optional. Node Group Affinity for sole-tenant clusters. + $ref: '#/components/schemas/NodeGroupAffinity' + privateIpv6GoogleAccess: + enumDescriptions: + - >- + If unspecified, Compute Engine default behavior will apply, which + is the same as INHERIT_FROM_SUBNETWORK. + - >- + Private access to and from Google Services configuration inherited + from the subnetwork configuration. This is the default Compute + Engine behavior. + - >- + Enables outbound private IPv6 access to Google Services from the + Dataproc cluster. + - >- + Enables bidirectional private IPv6 access between Google Services + and the Dataproc cluster. + enum: + - PRIVATE_IPV6_GOOGLE_ACCESS_UNSPECIFIED + - INHERIT_FROM_SUBNETWORK + - OUTBOUND + - BIDIRECTIONAL type: string - format: google-datetime - errorMessage: + description: Optional. The type of IPv6 access for a cluster. + networkUri: + description: >- + Optional. The Compute Engine network to be used for machine + communications. Cannot be specified with subnetwork_uri. If neither + network_uri nor subnetwork_uri is specified, the "default" network + of the project is used, if it exists. Cannot be a "Custom Subnet + Network" (see Using Subnetworks + (https://cloud.google.com/compute/docs/subnetworks) for more + information).A full URL, partial URI, or short name are valid. + Examples: + https://www.googleapis.com/compute/v1/projects/[project_id]/global/networks/default + projects/[project_id]/global/networks/default default type: string - jobs: + reservationAffinity: + $ref: '#/components/schemas/ReservationAffinity' + description: Optional. Reservation Affinity for consuming Zonal reservation. + resourceManagerTags: type: object + description: >- + Optional. Resource manager tags + (https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing) + to add to all instances (see Use secure tags in Dataproc + (https://cloud.google.com/dataproc/docs/guides/use-secure-tags)). additionalProperties: type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - enum: - - JOB_EXECUTION_STATUS_UNSPECIFIED - - JOB_EXECUTION_STATUS_RUNNING - - JOB_EXECUTION_STATUS_SUCCEEDED - - JOB_EXECUTION_STATUS_FAILED - - JOB_EXECUTION_STATUS_UNKNOWN - stages: + serviceAccount: + type: string + description: >- + Optional. The Dataproc service account + (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/service-accounts#service_accounts_in_dataproc) + (also see VM Data Plane identity + (https://cloud.google.com/dataproc/docs/concepts/iam/dataproc-principals#vm_service_account_data_plane_identity)) + used by Dataproc cluster VM instances to access Google Cloud + Platform services.If not specified, the Compute Engine default + service account + (https://cloud.google.com/compute/docs/access/service-accounts#default_service_account) + is used. + serviceAccountScopes: type: array + description: >- + Optional. The URIs of service account scopes to be included in + Compute Engine instances. The following base set of scopes is always + included: + https://www.googleapis.com/auth/cloud.useraccounts.readonly + https://www.googleapis.com/auth/devstorage.read_write + https://www.googleapis.com/auth/logging.writeIf no scopes are + specified, the following defaults are also provided: + https://www.googleapis.com/auth/bigquery + https://www.googleapis.com/auth/bigtable.admin.table + https://www.googleapis.com/auth/bigtable.data + https://www.googleapis.com/auth/devstorage.full_control + items: + type: string + internalIpOnly: + description: >- + Optional. This setting applies to subnetwork-enabled networks. It is + set to true by default in clusters created with image versions + 2.2.x.When set to true: All cluster VMs have internal IP addresses. + Google Private Access + (https://cloud.google.com/vpc/docs/private-google-access) must be + enabled to access Dataproc and other Google Cloud APIs. Off-cluster + dependencies must be configured to be accessible without external IP + addresses.When set to false: Cluster VMs are not restricted to + internal IP addresses. Ephemeral external IP addresses are assigned + to each cluster VM. + type: boolean + shieldedInstanceConfig: + description: >- + Optional. Shielded Instance Config for clusters using Compute Engine + Shielded VMs + (https://cloud.google.com/security/shielded-cloud/shielded-vm). + $ref: '#/components/schemas/ShieldedInstanceConfig' + confidentialInstanceConfig: + $ref: '#/components/schemas/ConfidentialInstanceConfig' + description: >- + Optional. Confidential Instance Config for clusters using + Confidential VMs + (https://cloud.google.com/compute/confidential-vm/docs). + tags: items: type: string - format: int64 - metricValuesIsNull: - type: boolean - metricValues: - type: object + description: >- + The Compute Engine network tags to add to all instances (see Tagging + instances + (https://cloud.google.com/vpc/docs/add-remove-network-tags)). + type: array + metadata: additionalProperties: type: string - SqlPlanMetric: - id: SqlPlanMetric - description: Metrics related to SQL execution. - type: object - properties: - name: - type: string - accumulatorId: - type: string - format: int64 - metricType: + type: object + description: >- + Optional. The Compute Engine metadata entries to add to all + instances (see Project and instance metadata + (https://cloud.google.com/compute/docs/storing-retrieving-metadata#project_and_instance_metadata)). + subnetworkUri: + description: >- + Optional. The Compute Engine subnetwork to be used for machine + communications. Cannot be specified with network_uri.A full URL, + partial URI, or short name are valid. Examples: + https://www.googleapis.com/compute/v1/projects/[project_id]/regions/[region]/subnetworks/sub0 + projects/[project_id]/regions/[region]/subnetworks/sub0 sub0 type: string - SparkPlanGraph: - id: SparkPlanGraph - description: A graph used for storing information of an executionPlan of DataFrame. - type: object - properties: - executionId: + zoneUri: + description: >- + Optional. The Compute Engine zone where the Dataproc cluster will be + located. If omitted, the service will pick a zone in the cluster's + Compute Engine region. On a get request, zone will always be + present.A full URL, partial URI, or short name are valid. Examples: + https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone] + projects/[project_id]/zones/[zone] [zone] type: string - format: int64 - nodes: - type: array - items: - $ref: '#/components/schemas/SparkPlanGraphNodeWrapper' - edges: - type: array - items: - $ref: '#/components/schemas/SparkPlanGraphEdge' - SparkPlanGraphNodeWrapper: - id: SparkPlanGraphNodeWrapper - description: Wrapper user to represent either a node or a cluster. type: object - properties: - node: - $ref: '#/components/schemas/SparkPlanGraphNode' - cluster: - $ref: '#/components/schemas/SparkPlanGraphCluster' - SparkPlanGraphNode: - id: SparkPlanGraphNode - description: Represents a node in the spark plan tree. + description: >- + Common config settings for resources of Compute Engine cluster + instances, applicable to all instances in the cluster. + id: GceClusterConfig + AnalyzeOperationMetadata: type: object + description: Metadata describing the Analyze operation. properties: - sparkPlanGraphNodeId: + analyzedWorkloadName: + description: Output only. name of the workload being analyzed. type: string - format: int64 - name: + readOnly: true + createTime: type: string - desc: + format: google-datetime + description: Output only. The time when the operation was created. + readOnly: true + labels: + description: Output only. Labels associated with the operation. + type: object + additionalProperties: + type: string + readOnly: true + description: + readOnly: true + description: Output only. Short description of the operation. type: string - metrics: - type: array - items: - $ref: '#/components/schemas/SqlPlanMetric' - SparkPlanGraphCluster: - id: SparkPlanGraphCluster - description: Represents a tree of spark plan. - type: object - properties: - sparkPlanGraphClusterId: + analyzedWorkloadType: + enum: + - WORKLOAD_TYPE_UNSPECIFIED + - BATCH type: string - format: int64 - name: + description: Output only. Type of the workload being analyzed. + enumDescriptions: + - Undefined option + - Serverless batch job + readOnly: true + doneTime: type: string - desc: + readOnly: true + description: Output only. The time when the operation finished. + format: google-datetime + analyzedWorkloadUuid: type: string - nodes: + readOnly: true + description: >- + Output only. unique identifier of the workload typically generated + by control plane. E.g. batch uuid. + warnings: type: array items: - $ref: '#/components/schemas/SparkPlanGraphNodeWrapper' - metrics: + type: string + description: Output only. Warnings encountered during operation execution. + readOnly: true + id: AnalyzeOperationMetadata + ListAutoscalingPoliciesResponse: + description: A response to a request to list autoscaling policies in a project. + properties: + policies: type: array + description: Output only. Autoscaling policies list. + readOnly: true items: - $ref: '#/components/schemas/SqlPlanMetric' - SparkPlanGraphEdge: - id: SparkPlanGraphEdge - description: Represents a directed edge in the spark plan tree from child to parent. - type: object - properties: - fromId: - type: string - format: int64 - toId: + $ref: '#/components/schemas/AutoscalingPolicy' + nextPageToken: + readOnly: true + description: >- + Output only. This token is included in the response if there are + more results to fetch. type: string - format: int64 - StreamingQueryData: - id: StreamingQueryData - description: Streaming type: object + id: ListAutoscalingPoliciesResponse + EndpointConfig: + id: EndpointConfig + type: object + description: Endpoint config for this cluster properties: - name: - type: string - streamingQueryId: - type: string - runId: - type: string - isActive: + enableHttpPortAccess: + description: >- + Optional. If true, enable http access to specific ports on the + cluster from external sources. Defaults to false. type: boolean - exception: - type: string - startTimestamp: - type: string - format: int64 - endTimestamp: - type: string - format: int64 - StreamingQueryProgress: - id: StreamingQueryProgress - type: object + httpPorts: + readOnly: true + type: object + additionalProperties: + type: string + description: >- + Output only. The map of port descriptions to URLs. Will only be + populated if enable_http_port_access is true. + SparkSqlJob: properties: - streamingQueryProgressId: - type: string - runId: - type: string - name: - type: string - timestamp: - type: string - batchId: - type: string - format: int64 - batchDuration: - type: string - format: int64 - durationMillis: + properties: + description: >- + Optional. A mapping of property names to values, used to configure + Spark SQL's SparkConf. Properties that conflict with values set by + the Dataproc API might be overwritten. type: object additionalProperties: type: string - format: int64 - eventTime: - type: object - additionalProperties: + loggingConfig: + $ref: '#/components/schemas/LoggingConfig' + description: Optional. The runtime log config for job execution. + scriptVariables: + additionalProperties: + type: string + type: object + description: >- + Optional. Mapping of query variable names to values (equivalent to + the Spark SQL command: SET name="value";). + queryFileUri: + type: string + description: The HCFS URI of the script that contains SQL queries. + jarFileUris: + description: Optional. HCFS URIs of jar files to be added to the Spark CLASSPATH. + type: array + items: + type: string + queryList: + description: A list of queries. + $ref: '#/components/schemas/QueryList' + description: >- + A Dataproc job for running Apache Spark SQL + (https://spark.apache.org/sql/) queries. + id: SparkSqlJob + type: object + PySparkJob: + description: >- + A Dataproc job for running Apache PySpark + (https://spark.apache.org/docs/latest/api/python/index.html#pyspark-overview) + applications on YARN. + properties: + pythonFileUris: + type: array + items: + type: string + description: >- + Optional. HCFS file URIs of Python files to pass to the PySpark + framework. Supported file types: .py, .egg, and .zip. + jarFileUris: + type: array + description: >- + Optional. HCFS URIs of jar files to add to the CLASSPATHs of the + Python driver and tasks. + items: + type: string + mainPythonFileUri: + type: string + description: >- + Required. The HCFS URI of the main Python file to use as the driver. + Must be a .py file. + args: + items: type: string - stateOperators: type: array + description: >- + Optional. The arguments to pass to the driver. Do not include + arguments, such as --conf, that can be set as job properties, since + a collision may occur that causes an incorrect job submission. + fileUris: + description: >- + Optional. HCFS URIs of files to be placed in the working directory + of each executor. Useful for naively parallel tasks. items: - $ref: '#/components/schemas/StateOperatorProgress' - sources: + type: string + type: array + archiveUris: + description: >- + Optional. HCFS URIs of archives to be extracted into the working + directory of each executor. Supported file types: .jar, .tar, + .tar.gz, .tgz, and .zip.Note: Spark applications must be deployed in + cluster mode + (https://spark.apache.org/docs/latest/cluster-overview.html) for + correct environment propagation. type: array items: - $ref: '#/components/schemas/SourceProgress' - sink: - $ref: '#/components/schemas/SinkProgress' - observedMetrics: - type: object + type: string + loggingConfig: + description: Optional. The runtime log config for job execution. + $ref: '#/components/schemas/LoggingConfig' + properties: + description: >- + Optional. A mapping of property names to values, used to configure + PySpark. Properties that conflict with values set by the Dataproc + API might be overwritten. Can include properties set in + /etc/spark/conf/spark-defaults.conf and classes in user code. additionalProperties: type: string - StateOperatorProgress: - id: StateOperatorProgress + type: object + type: object + id: PySparkJob + ExecutorStageSummary: type: object + description: Executor resources consumed by a stage. properties: - operatorName: - type: string - numRowsTotal: - type: string + peakMemoryMetrics: + $ref: '#/components/schemas/ExecutorMetrics' + failedTasks: + type: integer + format: int32 + inputRecords: format: int64 - numRowsUpdated: type: string + shuffleReadRecords: format: int64 - allUpdatesTimeMs: type: string - format: int64 - numRowsRemoved: + outputRecords: type: string format: int64 - allRemovalsTimeMs: + shuffleWriteRecords: type: string format: int64 - commitTimeMs: + stageAttemptId: + format: int32 + type: integer + executorId: type: string - format: int64 - memoryUsedBytes: + shuffleRead: type: string format: int64 - numRowsDroppedByWatermark: + taskTimeMillis: type: string format: int64 - numShufflePartitions: + outputBytes: type: string format: int64 - numStateStoreInstances: - type: string + memoryBytesSpilled: format: int64 - customMetrics: - type: object - additionalProperties: - type: string - format: int64 - SourceProgress: - id: SourceProgress - type: object - properties: - description: - type: string - startOffset: type: string - endOffset: - type: string - latestOffset: + isExcludedForStage: + type: boolean + stageId: type: string - numInputRows: + format: int64 + succeededTasks: + type: integer + format: int32 + shuffleWrite: type: string format: int64 - inputRowsPerSecond: - type: number - format: double - processedRowsPerSecond: - type: number - format: double - metrics: - type: object - additionalProperties: - type: string - SinkProgress: - id: SinkProgress - type: object - properties: - description: + diskBytesSpilled: type: string - numOutputRows: + format: int64 + inputBytes: type: string format: int64 - metrics: - type: object - additionalProperties: - type: string - NativeBuildInfoUiData: - id: NativeBuildInfoUiData + killedTasks: + type: integer + format: int32 + id: ExecutorStageSummary + SearchSparkApplicationsResponse: type: object properties: - buildInfo: - description: Optional. Build related details. - type: array + sparkApplications: + readOnly: true + description: Output only. High level information corresponding to an application. items: - $ref: '#/components/schemas/BuildInfo' - buildClass: - description: Optional. Build class of Native. + $ref: '#/components/schemas/SparkApplication' + type: array + nextPageToken: + description: >- + This token is included in the response if there are more results to + fetch. To fetch additional results, provide this value as the + page_token in a subsequent SearchSparkApplicationsRequest. type: string - BuildInfo: - id: BuildInfo - description: Native Build Info + description: A list of summary of Spark Applications + id: SearchSparkApplicationsResponse + ExecutionConfig: + id: ExecutionConfig type: object properties: - buildKey: - description: Optional. Build key. - type: string - buildValue: - description: Optional. Build value. + authenticationConfig: + description: >- + Optional. Authentication configuration used to set the default + identity for the workload execution. The config specifies the type + of identity (service account or user) that will be used by workloads + to access resources on the project(s). + $ref: '#/components/schemas/AuthenticationConfig' + ttl: type: string - NativeSqlExecutionUiData: - id: NativeSqlExecutionUiData - description: Native SQL Execution Data - type: object - properties: - executionId: - description: Required. Execution ID of the Native SQL Execution. + format: google-duration + description: >- + Optional. The duration after which the workload will be terminated, + specified as the JSON representation for Duration + (https://protobuf.dev/programming-guides/proto3/#json). When the + workload exceeds this duration, it will be unconditionally + terminated without waiting for ongoing work to finish. If ttl is not + specified for a batch workload, the workload will be allowed to run + until it exits naturally (or run forever without exiting). If ttl is + not specified for an interactive session, it defaults to 24 hours. + If ttl is not specified for a batch that uses 2.1+ runtime version, + it defaults to 4 hours. Minimum value is 10 minutes; maximum value + is 14 days. If both ttl and idle_ttl are specified (for an + interactive session), the conditions are treated as OR conditions: + the workload will be terminated when it has been idle for idle_ttl + or when ttl has been exceeded, whichever occurs first. + idleTtl: + description: >- + Optional. Applies to sessions only. The duration to keep the session + alive while it's idling. Exceeding this threshold causes the session + to terminate. This field cannot be set on a batch workload. Minimum + value is 10 minutes; maximum value is 14 days (see JSON + representation of Duration + (https://developers.google.com/protocol-buffers/docs/proto3#json)). + Defaults to 1 hour if not set. If both ttl and idle_ttl are + specified for an interactive session, the conditions are treated as + OR conditions: the workload will be terminated when it has been idle + for idle_ttl or when ttl has been exceeded, whichever occurs first. type: string - format: int64 - description: - description: Optional. Description of the execution. + format: google-duration + stagingBucket: type: string - numNativeNodes: - description: Optional. Number of nodes in Native. - type: integer - format: int32 - numFallbackNodes: - description: Optional. Number of nodes fallen back to Spark. - type: integer - format: int32 - fallbackDescription: - description: Optional. Description of the fallback. + description: >- + Optional. A Cloud Storage bucket used to stage workload + dependencies, config files, and store workload output and other + ephemeral data, such as Spark history files. If you do not specify a + staging bucket, Cloud Dataproc will determine a Cloud Storage + location according to the region where your workload is running, and + then create and manage project-level, per-location staging and + temporary buckets. This field requires a Cloud Storage bucket name, + not a gs://... URI to a Cloud Storage bucket. + serviceAccount: type: string - fallbackNodeToReason: - description: Optional. Fallback node to reason. + description: Optional. Service account that used to execute workload. + networkTags: + items: + type: string + description: Optional. Tags used for network traffic control. type: array - items: - $ref: '#/components/schemas/FallbackReason' - FallbackReason: - id: FallbackReason - description: Native SQL Execution Data - type: object - properties: - fallbackNode: - description: Optional. Fallback node information. + subnetworkUri: type: string - fallbackReason: - description: Optional. Fallback to Spark reason. + description: Optional. Subnetwork URI to connect workload to. + kmsKey: + description: Optional. The Cloud KMS key to use for encryption. type: string - WriteSparkApplicationContextResponse: - id: WriteSparkApplicationContextResponse - description: Response returned as an acknowledgement of receipt of data. - type: object - properties: {} - SearchSparkApplicationsResponse: - id: SearchSparkApplicationsResponse - description: A list of summary of Spark Applications + networkUri: + description: Optional. Network URI to connect workload to. + type: string + description: Execution configuration for a workload. + ListOperationsResponse: + description: The response message for Operations.ListOperations. type: object properties: - sparkApplications: - description: Output only. High level information corresponding to an application. - readOnly: true + nextPageToken: + description: The standard List next-page token. + type: string + unreachable: + items: + type: string type: array + description: >- + Unordered list. Unreachable resources. Populated when the request + sets ListOperationsRequest.return_partial_success and reads across + collections e.g. when attempting to list all resources across all + supported locations. + operations: items: - $ref: '#/components/schemas/SparkApplication' - nextPageToken: + $ref: '#/components/schemas/Operation' description: >- - This token is included in the response if there are more results to - fetch. To fetch additional results, provide this value as the - page_token in a subsequent SearchSparkApplicationsRequest. - type: string - SparkApplication: - id: SparkApplication - description: A summary of Spark Application - type: object + A list of operations that matches the specified filter in the + request. + type: array + id: ListOperationsResponse + GkeNodePoolAcceleratorConfig: + description: >- + A GkeNodeConfigAcceleratorConfig represents a Hardware Accelerator + request for a node pool. properties: - name: - description: Identifier. Name of the spark application + acceleratorCount: + format: int64 + description: The number of accelerator cards exposed to an instance. type: string - application: - description: Output only. High level information corresponding to an application. - readOnly: true - $ref: '#/components/schemas/ApplicationInfo' - AccessSparkApplicationResponse: - id: AccessSparkApplicationResponse - description: A summary of Spark Application - type: object - properties: - application: - description: Output only. High level information corresponding to an application. - readOnly: true - $ref: '#/components/schemas/ApplicationInfo' - SearchSparkApplicationJobsResponse: - id: SearchSparkApplicationJobsResponse - description: A list of Jobs associated with a Spark Application. - type: object - properties: - sparkApplicationJobs: - description: Output only. Data corresponding to a spark job. - readOnly: true - type: array - items: - $ref: '#/components/schemas/JobData' - nextPageToken: + gpuPartitionSize: description: >- - This token is included in the response if there are more results to - fetch. To fetch additional results, provide this value as the - page_token in a subsequent SearchSparkApplicationJobsRequest. + Size of partitions to create on the GPU. Valid values are described + in the NVIDIA mig user guide + (https://docs.nvidia.com/datacenter/tesla/mig-user-guide/#partitioning). type: string - AccessSparkApplicationJobResponse: - id: AccessSparkApplicationJobResponse - description: Details of a particular job associated with Spark Application + acceleratorType: + type: string + description: The accelerator type resource namename (see GPUs on Compute Engine). + id: GkeNodePoolAcceleratorConfig type: object - properties: - jobData: - description: Output only. Data corresponding to a spark job. - readOnly: true - $ref: '#/components/schemas/JobData' - SearchSparkApplicationStagesResponse: - id: SearchSparkApplicationStagesResponse - description: A list of stages associated with a Spark Application. + SecurityConfig: type: object + description: Security related configuration, including encryption, Kerberos, etc. properties: - sparkApplicationStages: - description: Output only. Data corresponding to a stage. - readOnly: true - type: array - items: - $ref: '#/components/schemas/StageData' - nextPageToken: + identityConfig: description: >- - This token is included in the response if there are more results to - fetch. To fetch additional results, provide this value as the - page_token in a subsequent SearchSparkApplicationStages. - type: string - SearchSparkApplicationStageAttemptsResponse: - id: SearchSparkApplicationStageAttemptsResponse - description: A list of Stage Attempts for a Stage of a Spark Application. + Optional. Identity related configuration, including service account + based secure multi-tenancy user mappings. + $ref: '#/components/schemas/IdentityConfig' + kerberosConfig: + description: Optional. Kerberos related configuration. + $ref: '#/components/schemas/KerberosConfig' + id: SecurityConfig + DataprocMetricConfig: + description: Dataproc metric config. + id: DataprocMetricConfig type: object properties: - sparkApplicationStageAttempts: - description: Output only. Data corresponding to a stage attempts - readOnly: true - type: array + metrics: items: - $ref: '#/components/schemas/StageData' - nextPageToken: - description: >- - This token is included in the response if there are more results to - fetch. To fetch additional results, provide this value as the - page_token in a subsequent ListSparkApplicationStageAttemptsRequest. - type: string - AccessSparkApplicationStageAttemptResponse: - id: AccessSparkApplicationStageAttemptResponse - description: Stage Attempt for a Stage of a Spark Application - type: object - properties: - stageData: - description: Output only. Data corresponding to a stage. - readOnly: true - $ref: '#/components/schemas/StageData' - SearchSparkApplicationStageAttemptTasksResponse: - id: SearchSparkApplicationStageAttemptTasksResponse - description: List of tasks for a stage of a Spark Application - type: object + $ref: '#/components/schemas/Metric' + description: Required. Metrics sources to enable. + type: array + SearchSparkApplicationSqlQueriesResponse: properties: - sparkApplicationStageAttemptTasks: - description: Output only. Data corresponding to tasks created by spark. + sparkApplicationSqlQueries: readOnly: true type: array + description: Output only. SQL Execution Data items: - $ref: '#/components/schemas/TaskData' + $ref: '#/components/schemas/SqlExecutionUiData' nextPageToken: + type: string description: >- This token is included in the response if there are more results to fetch. To fetch additional results, provide this value as the - page_token in a subsequent - ListSparkApplicationStageAttemptTasksRequest. - type: string - SearchSparkApplicationExecutorsResponse: - id: SearchSparkApplicationExecutorsResponse - description: List of Executors associated with a Spark Application. + page_token in a subsequent SearchSparkApplicationSqlQueriesRequest. type: object + description: List of all queries for a Spark Application. + id: SearchSparkApplicationSqlQueriesResponse + PigJob: properties: - sparkApplicationExecutors: - description: Details about executors used by the application. + properties: + type: object + additionalProperties: + type: string + description: >- + Optional. A mapping of property names to values, used to configure + Pig. Properties that conflict with values set by the Dataproc API + might be overwritten. Can include properties set in + /etc/hadoop/conf/*-site.xml, /etc/pig/conf/pig.properties, and + classes in user code. + jarFileUris: type: array items: - $ref: '#/components/schemas/ExecutorSummary' - nextPageToken: + type: string description: >- - This token is included in the response if there are more results to - fetch. To fetch additional results, provide this value as the - page_token in a subsequent - SearchSparkApplicationExecutorsListRequest. + Optional. HCFS URIs of jar files to add to the CLASSPATH of the Pig + Client and Hadoop MapReduce (MR) tasks. Can contain Pig UDFs. + continueOnFailure: + type: boolean + description: >- + Optional. Whether to continue executing queries if a query fails. + The default value is false. Setting to true can be useful when + executing independent parallel queries. + queryList: + description: A list of queries. + $ref: '#/components/schemas/QueryList' + loggingConfig: + description: Optional. The runtime log config for job execution. + $ref: '#/components/schemas/LoggingConfig' + queryFileUri: + description: The HCFS URI of the script that contains the Pig queries. type: string - SearchSparkApplicationExecutorStageSummaryResponse: - id: SearchSparkApplicationExecutorStageSummaryResponse - description: List of Executors associated with a Spark Application Stage. + scriptVariables: + type: object + description: >- + Optional. Mapping of query variable names to values (equivalent to + the Pig command: name=[value]). + additionalProperties: + type: string + description: >- + A Dataproc job for running Apache Pig (https://pig.apache.org/) queries + on YARN. type: object + id: PigJob + PrestoJob: properties: - sparkApplicationStageExecutors: - description: Details about executors used by the application stage. - type: array - items: - $ref: '#/components/schemas/ExecutorStageSummary' - nextPageToken: + properties: + additionalProperties: + type: string + type: object description: >- - This token is included in the response if there are more results to - fetch. To fetch additional results, provide this value as the - page_token in a subsequent - SearchSparkApplicationExecutorsListRequest. + Optional. A mapping of property names to values. Used to set Presto + session properties + (https://prestodb.io/docs/current/sql/set-session.html) Equivalent + to using the --session flag in the Presto CLI + outputFormat: + type: string + description: >- + Optional. The format in which query output will be displayed. See + the Presto documentation for supported output formats + queryFileUri: + description: The HCFS URI of the script that contains SQL queries. type: string - SearchSparkApplicationSqlQueriesResponse: - id: SearchSparkApplicationSqlQueriesResponse - description: List of all queries for a Spark Application. - type: object - properties: - sparkApplicationSqlQueries: - description: Output only. SQL Execution Data - readOnly: true - type: array + loggingConfig: + description: Optional. The runtime log config for job execution. + $ref: '#/components/schemas/LoggingConfig' + clientTags: + description: Optional. Presto client tags to attach to this query items: - $ref: '#/components/schemas/SqlExecutionUiData' - nextPageToken: + type: string + type: array + continueOnFailure: + type: boolean description: >- - This token is included in the response if there are more results to - fetch. To fetch additional results, provide this value as the - page_token in a subsequent SearchSparkApplicationSqlQueriesRequest. - type: string - AccessSparkApplicationSqlQueryResponse: - id: AccessSparkApplicationSqlQueryResponse - description: Details of a query for a Spark Application - type: object - properties: - executionData: - description: SQL Execution Data - $ref: '#/components/schemas/SqlExecutionUiData' - AccessSparkApplicationSqlSparkPlanGraphResponse: - id: AccessSparkApplicationSqlSparkPlanGraphResponse + Optional. Whether to continue executing queries if a query fails. + The default value is false. Setting to true can be useful when + executing independent parallel queries. + queryList: + description: A list of queries. + $ref: '#/components/schemas/QueryList' description: >- - SparkPlanGraph for a Spark Application execution limited to maximum - 10000 clusters. + A Dataproc job for running Presto (https://prestosql.io/) queries. + IMPORTANT: The Dataproc Presto Optional Component + (https://cloud.google.com/dataproc/docs/concepts/components/presto) must + be enabled when the cluster is created to submit a Presto job to the + cluster. type: object - properties: - sparkPlanGraph: - description: SparkPlanGraph for a Spark Application execution. - $ref: '#/components/schemas/SparkPlanGraph' - AccessSparkApplicationStageRddOperationGraphResponse: - id: AccessSparkApplicationStageRddOperationGraphResponse + id: PrestoJob + KubernetesSoftwareConfig: description: >- - RDD operation graph for a Spark Application Stage limited to maximum - 10000 clusters. - type: object - properties: - rddOperationGraph: - description: RDD operation graph for a Spark Application Stage. - $ref: '#/components/schemas/RddOperationGraph' - AccessSparkApplicationEnvironmentInfoResponse: - id: AccessSparkApplicationEnvironmentInfoResponse - description: Environment details of a Saprk Application. - type: object + The software configuration for this Dataproc cluster running on + Kubernetes. properties: - applicationEnvironmentInfo: - description: Details about the Environment that the application is running in. - $ref: '#/components/schemas/ApplicationEnvironmentInfo' - SummarizeSparkApplicationJobsResponse: - id: SummarizeSparkApplicationJobsResponse - description: Summary of a Spark Application jobs. + componentVersion: + additionalProperties: + type: string + description: >- + The components that should be installed in this Dataproc cluster. + The key must be a string from the KubernetesComponent enumeration. + The value is the version of the software to be installed. At least + one entry must be specified. + type: object + properties: + description: >- + The properties to set on daemon config files.Property keys are + specified in prefix:property format, for example + spark:spark.kubernetes.container.image. The following are supported + prefixes and their mappings: spark: spark-defaults.confFor more + information, see Cluster properties + (https://cloud.google.com/dataproc/docs/concepts/cluster-properties). + type: object + additionalProperties: + type: string + id: KubernetesSoftwareConfig type: object - properties: - jobsSummary: - description: Summary of a Spark Application Jobs - $ref: '#/components/schemas/JobsSummary' - JobsSummary: - id: JobsSummary - description: Data related to Jobs page summary + SummarizeSessionSparkApplicationExecutorsResponse: type: object properties: applicationId: description: Spark Application Id type: string - schedulingMode: - description: Spark Scheduling mode - type: string - activeJobs: - description: Number of active jobs - type: integer - format: int32 - completedJobs: - description: Number of completed jobs + deadExecutorSummary: + $ref: '#/components/schemas/ConsolidatedExecutorSummary' + description: Consolidated summary for dead executors. + activeExecutorSummary: + $ref: '#/components/schemas/ConsolidatedExecutorSummary' + description: Consolidated summary for active executors. + totalExecutorSummary: + description: Overall consolidated summary for all executors. + $ref: '#/components/schemas/ConsolidatedExecutorSummary' + description: Consolidated summary of executors for a Spark Application. + id: SummarizeSessionSparkApplicationExecutorsResponse + JobScheduling: + properties: + maxFailuresPerHour: + description: >- + Optional. Maximum number of times per hour a driver can be restarted + as a result of driver exiting with non-zero code before job is + reported failed.A job might be reported as thrashing if the driver + exits with a non-zero code four times within a 10-minute + window.Maximum value is 10.Note: This restartable job option is not + supported in Dataproc workflow templates + (https://cloud.google.com/dataproc/docs/concepts/workflows/using-workflows#adding_jobs_to_a_template). type: integer format: int32 - failedJobs: - description: Number of failed jobs + maxFailuresTotal: type: integer + description: >- + Optional. Maximum total number of times a driver can be restarted as + a result of the driver exiting with a non-zero code. After the + maximum number is reached, the job will be reported as + failed.Maximum value is 240.Note: Currently, this restartable job + option is not supported in Dataproc workflow templates + (https://cloud.google.com/dataproc/docs/concepts/workflows/using-workflows#adding_jobs_to_a_template). format: int32 - attempts: - description: Attempts info - type: array - items: - $ref: '#/components/schemas/ApplicationAttemptInfo' + type: object + id: JobScheduling + description: Job scheduling options. SummarizeSparkApplicationStagesResponse: - id: SummarizeSparkApplicationStagesResponse description: Summary of a Spark Application stages. - type: object + id: SummarizeSparkApplicationStagesResponse properties: stagesSummary: - description: Summary of a Spark Application Stages $ref: '#/components/schemas/StagesSummary' - StagesSummary: - id: StagesSummary - description: Data related to Stages page summary + description: Summary of a Spark Application Stages type: object + SummarizeSparkApplicationStageAttemptTasksResponse: properties: - applicationId: + stageAttemptTasksSummary: + description: Summary of tasks for a Spark Application Stage Attempt + $ref: '#/components/schemas/StageAttemptTasksSummary' + type: object + description: Summary of tasks for a Spark Application stage attempt. + id: SummarizeSparkApplicationStageAttemptTasksResponse + Session: + properties: + runtimeInfo: + readOnly: true + description: Output only. Runtime information about session execution. + $ref: '#/components/schemas/RuntimeInfo' + sparkConnectSession: + $ref: '#/components/schemas/SparkConnectConfig' + description: Optional. Spark connect session config. + labels: + additionalProperties: + type: string + type: object + description: >- + Optional. The labels to associate with the session. Label keys must + contain 1 to 63 characters, and must conform to RFC 1035 + (https://www.ietf.org/rfc/rfc1035.txt). Label values may be empty, + but, if present, must contain 1 to 63 characters, and must conform + to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). No more than 32 + labels can be associated with a session. + uuid: + description: >- + Output only. A session UUID (Unique Universal Identifier). The + service generates this value when it creates the session. + type: string + readOnly: true + createTime: + description: Output only. The time when the session was created. + type: string + format: google-datetime + readOnly: true + stateTime: + format: google-datetime + type: string + description: Output only. The time when the session entered the current state. + readOnly: true + user: + type: string + description: Optional. The email address of the user who owns the session. + runtimeConfig: + $ref: '#/components/schemas/RuntimeConfig' + description: Optional. Runtime configuration for the session execution. + jupyterSession: + $ref: '#/components/schemas/JupyterConfig' + description: Optional. Jupyter session config. + sessionTemplate: + type: string + description: >- + Optional. The session template used by the session.Only resource + names, including project ID and location, are valid.Example: * + https://www.googleapis.com/compute/v1/projects/[project_id]/locations/[dataproc_region]/sessionTemplates/[template_id] + * + projects/[project_id]/locations/[dataproc_region]/sessionTemplates/[template_id]The + template must be in the same project and Dataproc region as the + session. + environmentConfig: + description: Optional. Environment configuration for the session execution. + $ref: '#/components/schemas/EnvironmentConfig' + state: + enumDescriptions: + - The session state is unknown. + - The session is created prior to running. + - The session is running. + - The session is terminating. + - The session is terminated successfully. + - The session is no longer running due to an error. + description: Output only. A state of the session. + type: string + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - TERMINATING + - TERMINATED + - FAILED + readOnly: true + stateMessage: + readOnly: true + type: string + description: >- + Output only. Session state details, such as the failure description + if the state is FAILED. + name: type: string - numActiveStages: - type: integer - format: int32 - numCompletedStages: - type: integer - format: int32 - numSkippedStages: - type: integer - format: int32 - numFailedStages: - type: integer - format: int32 - numPendingStages: - type: integer - format: int32 - SummarizeSparkApplicationStageAttemptTasksResponse: - id: SummarizeSparkApplicationStageAttemptTasksResponse - description: Summary of tasks for a Spark Application stage attempt. + description: Identifier. The resource name of the session. + creator: + readOnly: true + description: Output only. The email address of the user who created the session. + type: string + stateHistory: + description: Output only. Historical state information for the session. + readOnly: true + type: array + items: + $ref: '#/components/schemas/SessionStateHistory' + description: A representation of a session. + id: Session type: object + SummarizeSparkApplicationJobsResponse: properties: - stageAttemptTasksSummary: - description: Summary of tasks for a Spark Application Stage Attempt - $ref: '#/components/schemas/StageAttemptTasksSummary' - StageAttemptTasksSummary: - id: StageAttemptTasksSummary - description: Data related to tasks summary for a Spark Stage Attempt + jobsSummary: + description: Summary of a Spark Application Jobs + $ref: '#/components/schemas/JobsSummary' + id: SummarizeSparkApplicationJobsResponse + description: Summary of a Spark Application jobs. + type: object + ManagedGroupConfig: type: object + id: ManagedGroupConfig properties: - applicationId: + instanceTemplateName: + description: >- + Output only. The name of the Instance Template used for the Managed + Instance Group. + readOnly: true type: string - stageId: + instanceGroupManagerName: + readOnly: true + description: Output only. The name of the Instance Group Manager for this group. type: string - format: int64 - stageAttemptId: - type: integer - format: int32 - numTasks: - type: integer - format: int32 - numRunningTasks: + instanceGroupManagerUri: + type: string + description: >- + Output only. The partial URI to the instance group manager for this + group. E.g. + projects/my-project/regions/us-central1/instanceGroupManagers/my-igm. + readOnly: true + description: Specifies the resources used to actively manage an instance group. + ExecutorSummary: + id: ExecutorSummary + description: Details about executors used by the application. + properties: + executorLogs: + type: object + additionalProperties: + type: string + resources: + additionalProperties: + $ref: '#/components/schemas/ResourceInformation' + type: object + totalCores: type: integer format: int32 - numSuccessTasks: + totalInputBytes: + type: string + format: int64 + excludedInStages: + type: array + items: + type: string + format: int64 + attributes: + additionalProperties: + type: string + type: object + rddBlocks: type: integer format: int32 - numFailedTasks: - type: integer + maxTasks: format: int32 - numKilledTasks: type: integer + isActive: + type: boolean + activeTasks: format: int32 - numPendingTasks: type: integer - format: int32 - SummarizeSparkApplicationExecutorsResponse: - id: SummarizeSparkApplicationExecutorsResponse - description: Consolidated summary of executors for a Spark Application. - type: object - properties: - applicationId: - description: Spark Application Id + maxMemory: + format: int64 type: string - activeExecutorSummary: - description: Consolidated summary for active executors. - $ref: '#/components/schemas/ConsolidatedExecutorSummary' - deadExecutorSummary: - description: Consolidated summary for dead executors. - $ref: '#/components/schemas/ConsolidatedExecutorSummary' - totalExecutorSummary: - description: Overall consolidated summary for all executors. - $ref: '#/components/schemas/ConsolidatedExecutorSummary' - ConsolidatedExecutorSummary: - id: ConsolidatedExecutorSummary - description: Consolidated summary about executors used by the application. - type: object - properties: - count: - type: integer + isExcluded: + type: boolean + resourceProfileId: format: int32 - rddBlocks: type: integer + totalTasks: format: int32 - memoryUsed: - type: string + type: integer + totalDurationMillis: format: int64 - diskUsed: type: string - format: int64 - totalCores: - type: integer - format: int32 - activeTasks: - type: integer - format: int32 failedTasks: type: integer format: int32 - completedTasks: - type: integer - format: int32 - totalTasks: - type: integer - format: int32 - totalDurationMillis: + hostPort: type: string - format: int64 - totalGcTimeMillis: + executorId: type: string + totalShuffleRead: format: int64 - totalInputBytes: type: string - format: int64 - totalShuffleRead: + diskUsed: type: string format: int64 - totalShuffleWrite: + memoryUsed: + format: int64 + type: string + removeReason: type: string + totalShuffleWrite: format: int64 - isExcluded: + type: string + completedTasks: type: integer format: int32 - maxMemory: + removeTime: type: string - format: int64 + format: google-datetime memoryMetrics: $ref: '#/components/schemas/MemoryMetrics' - Cluster: - id: Cluster - description: >- - Describes the identifying information, config, and status of a Dataproc - cluster + totalGcTimeMillis: + type: string + format: int64 + peakMemoryMetrics: + $ref: '#/components/schemas/ExecutorMetrics' + addTime: + type: string + format: google-datetime + type: object + SummarizeSparkApplicationExecutorsResponse: + description: Consolidated summary of executors for a Spark Application. + id: SummarizeSparkApplicationExecutorsResponse type: object properties: - projectId: - description: >- - Required. The Google Cloud Platform project ID that the cluster - belongs to. - type: string - clusterName: - description: >- - Required. The cluster name, which must be unique within a project. - The name must start with a lowercase letter, and can contain up to - 51 lowercase letters, numbers, and hyphens. It cannot end with a - hyphen. The name of a deleted cluster can be reused. + activeExecutorSummary: + $ref: '#/components/schemas/ConsolidatedExecutorSummary' + description: Consolidated summary for active executors. + applicationId: + description: Spark Application Id type: string - config: - description: >- - Optional. The cluster config for a cluster of Compute Engine - Instances. Note that Dataproc may set default values, and values may - change when clusters are updated.Exactly one of ClusterConfig or - VirtualClusterConfig must be specified. - $ref: '#/components/schemas/ClusterConfig' - virtualClusterConfig: - description: >- - Optional. The virtual cluster config is used when creating a - Dataproc cluster that does not directly control the underlying - compute resources, for example, when creating a Dataproc-on-GKE - cluster - (https://cloud.google.com/dataproc/docs/guides/dpgke/dataproc-gke-overview). - Dataproc may set default values, and values may change when clusters - are updated. Exactly one of config or virtual_cluster_config must be - specified. - $ref: '#/components/schemas/VirtualClusterConfig' - labels: - description: >- - Optional. The labels to associate with this cluster. Label keys must - contain 1 to 63 characters, and must conform to RFC 1035 - (https://www.ietf.org/rfc/rfc1035.txt). Label values may be empty, - but, if present, must contain 1 to 63 characters, and must conform - to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). No more than 32 - labels can be associated with a cluster. - type: object - additionalProperties: - type: string - status: - description: Output only. Cluster status. - readOnly: true - $ref: '#/components/schemas/ClusterStatus' - statusHistory: - description: Output only. The previous cluster status. - readOnly: true - type: array - items: - $ref: '#/components/schemas/ClusterStatus' - clusterUuid: + totalExecutorSummary: + description: Overall consolidated summary for all executors. + $ref: '#/components/schemas/ConsolidatedExecutorSummary' + deadExecutorSummary: + description: Consolidated summary for dead executors. + $ref: '#/components/schemas/ConsolidatedExecutorSummary' + BasicAutoscalingAlgorithm: + type: object + id: BasicAutoscalingAlgorithm + description: Basic algorithm for autoscaling. + properties: + yarnConfig: + $ref: '#/components/schemas/BasicYarnAutoscalingConfig' + description: Optional. YARN autoscaling configuration. + sparkStandaloneConfig: + description: Optional. Spark Standalone autoscaling configuration + $ref: '#/components/schemas/SparkStandaloneAutoscalingConfig' + cooldownPeriod: description: >- - Output only. A cluster UUID (Unique Universal Identifier). Dataproc - generates this value when it creates the cluster. - readOnly: true + Optional. Duration between scaling events. A scaling period starts + after the update operation from the previous event has + completed.Bounds: 2m, 1d. Default: 2m. type: string - metrics: - description: >- - Output only. Contains cluster daemon metrics such as HDFS and YARN - stats.Beta Feature: This report is available for testing purposes - only. It may be changed before final release. - readOnly: true - $ref: '#/components/schemas/ClusterMetrics' - ClusterConfig: - id: ClusterConfig - description: The cluster config. + format: google-duration + JupyterConfig: + description: Jupyter configuration for an interactive session. type: object properties: - clusterType: - description: Optional. The type of the cluster. - type: string - enumDescriptions: - - Not set. - - Standard dataproc cluster with a minimum of two primary workers. - - >- - https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/single-node-clusters - - >- - Clusters that can use only secondary workers and be scaled down to - zero secondary worker nodes. - enum: - - CLUSTER_TYPE_UNSPECIFIED - - STANDARD - - SINGLE_NODE - - ZERO_SCALE - clusterTier: - description: Optional. The cluster tier. + displayName: + description: Optional. Display name, shown in the Jupyter kernelspec card. type: string + kernel: enumDescriptions: - - Not set. Works the same as CLUSTER_TIER_STANDARD. - - Standard Dataproc cluster. - - Premium Dataproc cluster. + - The kernel is unknown. + - Python kernel. + - Scala kernel. enum: - - CLUSTER_TIER_UNSPECIFIED - - CLUSTER_TIER_STANDARD - - CLUSTER_TIER_PREMIUM - configBucket: - description: >- - Optional. A Cloud Storage bucket used to stage job dependencies, - config files, and job driver console output. If you do not specify a - staging bucket, Cloud Dataproc will determine a Cloud Storage - location (US, ASIA, or EU) for your cluster's staging bucket - according to the Compute Engine zone where your cluster is deployed, - and then create and manage this project-level, per-location bucket - (see Dataproc staging and temp buckets - (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/staging-bucket)). - This field requires a Cloud Storage bucket name, not a gs://... URI - to a Cloud Storage bucket. - type: string - tempBucket: - description: >- - Optional. A Cloud Storage bucket used to store ephemeral cluster and - jobs data, such as Spark and MapReduce history files. If you do not - specify a temp bucket, Dataproc will determine a Cloud Storage - location (US, ASIA, or EU) for your cluster's temp bucket according - to the Compute Engine zone where your cluster is deployed, and then - create and manage this project-level, per-location bucket. The - default bucket has a TTL of 90 days, but you can use any TTL (or - none) if you specify a bucket (see Dataproc staging and temp buckets - (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/staging-bucket)). - This field requires a Cloud Storage bucket name, not a gs://... URI - to a Cloud Storage bucket. + - KERNEL_UNSPECIFIED + - PYTHON + - SCALA + description: Optional. Kernel type: string - gceClusterConfig: - description: >- - Optional. The shared Compute Engine config settings for all - instances in a cluster. - $ref: '#/components/schemas/GceClusterConfig' - masterConfig: - description: >- - Optional. The Compute Engine config settings for the cluster's - master instance. - $ref: '#/components/schemas/InstanceGroupConfig' - workerConfig: - description: >- - Optional. The Compute Engine config settings for the cluster's - worker instances. - $ref: '#/components/schemas/InstanceGroupConfig' - secondaryWorkerConfig: - description: >- - Optional. The Compute Engine config settings for a cluster's - secondary worker instances - $ref: '#/components/schemas/InstanceGroupConfig' - softwareConfig: - description: Optional. The config settings for cluster software. - $ref: '#/components/schemas/SoftwareConfig' - initializationActions: - description: >- - Optional. Commands to execute on each node after config is - completed. By default, executables are run on master and all worker - nodes. You can test a node's role metadata to run an executable on a - master or worker node, as shown below using curl (you can also use - wget): ROLE=$(curl -H Metadata-Flavor:Google - http://metadata/computeMetadata/v1/instance/attributes/dataproc-role) - if [[ "${ROLE}" == 'Master' ]]; then ... master specific actions ... - else ... worker specific actions ... fi + id: JupyterConfig + ListSessionTemplatesResponse: + id: ListSessionTemplatesResponse + description: A list of session templates. + properties: + sessionTemplates: type: array items: - $ref: '#/components/schemas/NodeInitializationAction' - encryptionConfig: - description: Optional. Encryption settings for the cluster. - $ref: '#/components/schemas/EncryptionConfig' - autoscalingConfig: - description: >- - Optional. Autoscaling config for the policy associated with the - cluster. Cluster does not autoscale if this field is unset. - $ref: '#/components/schemas/AutoscalingConfig' - securityConfig: - description: Optional. Security settings for the cluster. - $ref: '#/components/schemas/SecurityConfig' - lifecycleConfig: - description: Optional. Lifecycle setting for the cluster. - $ref: '#/components/schemas/LifecycleConfig' - endpointConfig: - description: Optional. Port/endpoint configuration for this cluster - $ref: '#/components/schemas/EndpointConfig' - metastoreConfig: - description: Optional. Metastore configuration. - $ref: '#/components/schemas/MetastoreConfig' - gkeClusterConfig: + $ref: '#/components/schemas/SessionTemplate' + readOnly: true + description: Output only. Session template list + nextPageToken: + type: string description: >- - Optional. BETA. The Kubernetes Engine config for Dataproc clusters - deployed to The Kubernetes Engine config for Dataproc clusters - deployed to Kubernetes. These config settings are mutually exclusive - with Compute Engine-based options, such as gce_cluster_config, - master_config, worker_config, secondary_worker_config, and - autoscaling_config. - deprecated: true - $ref: '#/components/schemas/GkeClusterConfig' - dataprocMetricConfig: - description: Optional. The config for Dataproc metrics. - $ref: '#/components/schemas/DataprocMetricConfig' - auxiliaryNodeGroups: - description: Optional. The node group settings. - type: array - items: - $ref: '#/components/schemas/AuxiliaryNodeGroup' - GceClusterConfig: - id: GceClusterConfig + A token, which can be sent as page_token to retrieve the next page. + If this field is omitted, there are no subsequent pages. + type: object + UsageSnapshot: + id: UsageSnapshot description: >- - Common config settings for resources of Compute Engine cluster - instances, applicable to all instances in the cluster. + The usage snapshot represents the resources consumed by a workload at a + specified time. type: object properties: - zoneUri: - description: >- - Optional. The Compute Engine zone where the Dataproc cluster will be - located. If omitted, the service will pick a zone in the cluster's - Compute Engine region. On a get request, zone will always be - present.A full URL, partial URI, or short name are valid. Examples: - https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone] - projects/[project_id]/zones/[zone] [zone] - type: string - networkUri: - description: >- - Optional. The Compute Engine network to be used for machine - communications. Cannot be specified with subnetwork_uri. If neither - network_uri nor subnetwork_uri is specified, the "default" network - of the project is used, if it exists. Cannot be a "Custom Subnet - Network" (see Using Subnetworks - (https://cloud.google.com/compute/docs/subnetworks) for more - information).A full URL, partial URI, or short name are valid. - Examples: - https://www.googleapis.com/compute/v1/projects/[project_id]/global/networks/default - projects/[project_id]/global/networks/default default - type: string - subnetworkUri: - description: >- - Optional. The Compute Engine subnetwork to be used for machine - communications. Cannot be specified with network_uri.A full URL, - partial URI, or short name are valid. Examples: - https://www.googleapis.com/compute/v1/projects/[project_id]/regions/[region]/subnetworks/sub0 - projects/[project_id]/regions/[region]/subnetworks/sub0 sub0 + milliAccelerator: + format: int64 type: string - internalIpOnly: description: >- - Optional. This setting applies to subnetwork-enabled networks. It is - set to true by default in clusters created with image versions - 2.2.x.When set to true: All cluster VMs have internal IP addresses. - Google Private Access - (https://cloud.google.com/vpc/docs/private-google-access) must be - enabled to access Dataproc and other Google Cloud APIs. Off-cluster - dependencies must be configured to be accessible without external IP - addresses.When set to false: Cluster VMs are not restricted to - internal IP addresses. Ephemeral external IP addresses are assigned - to each cluster VM. - type: boolean - privateIpv6GoogleAccess: - description: Optional. The type of IPv6 access for a cluster. - type: string - enumDescriptions: - - >- - If unspecified, Compute Engine default behavior will apply, which - is the same as INHERIT_FROM_SUBNETWORK. - - >- - Private access to and from Google Services configuration inherited - from the subnetwork configuration. This is the default Compute - Engine behavior. - - >- - Enables outbound private IPv6 access to Google Services from the - Dataproc cluster. - - >- - Enables bidirectional private IPv6 access between Google Services - and the Dataproc cluster. - enum: - - PRIVATE_IPV6_GOOGLE_ACCESS_UNSPECIFIED - - INHERIT_FROM_SUBNETWORK - - OUTBOUND - - BIDIRECTIONAL - serviceAccount: + Optional. Milli (one-thousandth) accelerator. (see Dataproc + Serverless pricing + (https://cloud.google.com/dataproc-serverless/pricing)) + milliDcuPremium: + format: int64 + type: string description: >- - Optional. The Dataproc service account - (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/service-accounts#service_accounts_in_dataproc) - (also see VM Data Plane identity - (https://cloud.google.com/dataproc/docs/concepts/iam/dataproc-principals#vm_service_account_data_plane_identity)) - used by Dataproc cluster VM instances to access Google Cloud - Platform services.If not specified, the Compute Engine default - service account - (https://cloud.google.com/compute/docs/access/service-accounts#default_service_account) - is used. + Optional. Milli (one-thousandth) Dataproc Compute Units (DCUs) + charged at premium tier (see Dataproc Serverless pricing + (https://cloud.google.com/dataproc-serverless/pricing)). + shuffleStorageGb: type: string - serviceAccountScopes: description: >- - Optional. The URIs of service account scopes to be included in - Compute Engine instances. The following base set of scopes is always - included: - https://www.googleapis.com/auth/cloud.useraccounts.readonly - https://www.googleapis.com/auth/devstorage.read_write - https://www.googleapis.com/auth/logging.writeIf no scopes are - specified, the following defaults are also provided: - https://www.googleapis.com/auth/bigquery - https://www.googleapis.com/auth/bigtable.admin.table - https://www.googleapis.com/auth/bigtable.data - https://www.googleapis.com/auth/devstorage.full_control - type: array - items: - type: string - tags: + Optional. Shuffle Storage in gigabytes (GB). (see Dataproc + Serverless pricing + (https://cloud.google.com/dataproc-serverless/pricing)) + format: int64 + acceleratorType: + description: Optional. Accelerator type being used, if any + type: string + snapshotTime: + type: string + description: Optional. The timestamp of the usage snapshot. + format: google-datetime + shuffleStorageGbPremium: + format: int64 + type: string description: >- - The Compute Engine network tags to add to all instances (see Tagging - instances - (https://cloud.google.com/vpc/docs/add-remove-network-tags)). - type: array - items: - type: string - metadata: + Optional. Shuffle Storage in gigabytes (GB) charged at premium tier. + (see Dataproc Serverless pricing + (https://cloud.google.com/dataproc-serverless/pricing)) + milliDcu: + format: int64 description: >- - Optional. The Compute Engine metadata entries to add to all - instances (see Project and instance metadata - (https://cloud.google.com/compute/docs/storing-retrieving-metadata#project_and_instance_metadata)). - type: object - additionalProperties: - type: string - reservationAffinity: - description: Optional. Reservation Affinity for consuming Zonal reservation. - $ref: '#/components/schemas/ReservationAffinity' - nodeGroupAffinity: - description: Optional. Node Group Affinity for sole-tenant clusters. - $ref: '#/components/schemas/NodeGroupAffinity' - shieldedInstanceConfig: + Optional. Milli (one-thousandth) Dataproc Compute Units (DCUs) (see + Dataproc Serverless pricing + (https://cloud.google.com/dataproc-serverless/pricing)). + type: string + ProvisioningModelMix: + properties: + standardCapacityBase: + format: int32 description: >- - Optional. Shielded Instance Config for clusters using Compute Engine - Shielded VMs - (https://cloud.google.com/security/shielded-cloud/shielded-vm). - $ref: '#/components/schemas/ShieldedInstanceConfig' - confidentialInstanceConfig: + Optional. The base capacity that will always use Standard VMs to + avoid risk of more preemption than the minimum capacity you need. + Dataproc will create only standard VMs until it reaches + standard_capacity_base, then it will start using + standard_capacity_percent_above_base to mix Spot with Standard VMs. + eg. If 15 instances are requested and standard_capacity_base is 5, + Dataproc will create 5 standard VMs and then start mixing spot and + standard VMs for remaining 10 instances. + type: integer + standardCapacityPercentAboveBase: + format: int32 + type: integer description: >- - Optional. Confidential Instance Config for clusters using - Confidential VMs - (https://cloud.google.com/compute/confidential-vm/docs). - $ref: '#/components/schemas/ConfidentialInstanceConfig' - resourceManagerTags: + Optional. The percentage of target capacity that should use Standard + VM. The remaining percentage will use Spot VMs. The percentage + applies only to the capacity above standard_capacity_base. eg. If 15 + instances are requested and standard_capacity_base is 5 and + standard_capacity_percent_above_base is 30, Dataproc will create 5 + standard VMs and then start mixing spot and standard VMs for + remaining 10 instances. The mix will be 30% standard and 70% spot. + type: object + id: ProvisioningModelMix + description: >- + Defines how Dataproc should create VMs with a mixture of provisioning + models. + AuxiliaryNodeGroup: + id: AuxiliaryNodeGroup + description: Node group identification and configuration information. + properties: + nodeGroupId: description: >- - Optional. Resource manager tags - (https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing) - to add to all instances (see Use secure tags in Dataproc - (https://cloud.google.com/dataproc/docs/guides/attach-secure-tags)). - type: object - additionalProperties: - type: string + Optional. A node group ID. Generated if not specified.The ID must + contain only letters (a-z, A-Z), numbers (0-9), underscores (_), and + hyphens (-). Cannot begin or end with underscore or hyphen. Must + consist of from 3 to 33 characters. + type: string + nodeGroup: + $ref: '#/components/schemas/NodeGroup' + description: Required. Node group configuration. + type: object + NativeBuildInfoUiData: + type: object + id: NativeBuildInfoUiData + properties: + buildClass: + type: string + description: Optional. Build class of Native. + buildInfo: + items: + $ref: '#/components/schemas/BuildInfo' + type: array + description: Optional. Build related details. ReservationAffinity: - id: ReservationAffinity description: Reservation Affinity for consuming Zonal reservation. + id: ReservationAffinity type: object properties: - consumeReservationType: - description: Optional. Type of reservation to consume + key: + description: Optional. Corresponds to the label key of reservation resource. type: string + values: + type: array + description: Optional. Corresponds to the label values of reservation resource. + items: + type: string + consumeReservationType: enumDescriptions: - '' - Do not consume from any allocated capacity. @@ -3664,1843 +3369,2026 @@ components: - >- Must consume from a specific reservation. Must specify key value fields for specifying the reservations. + type: string enum: - TYPE_UNSPECIFIED - NO_RESERVATION - ANY_RESERVATION - SPECIFIC_RESERVATION - key: - description: Optional. Corresponds to the label key of reservation resource. + description: Optional. Type of reservation to consume + StageShuffleReadMetrics: + id: StageShuffleReadMetrics + description: Shuffle data read for the stage. + properties: + remoteBytesRead: type: string - values: - description: Optional. Corresponds to the label values of reservation resource. - type: array - items: - type: string - NodeGroupAffinity: - id: NodeGroupAffinity - description: >- - Node Group Affinity for clusters using sole-tenant node groups. The - Dataproc NodeGroupAffinity resource is not related to the Dataproc - NodeGroup resource. + format: int64 + bytesRead: + type: string + format: int64 + remoteBlocksFetched: + type: string + format: int64 + localBytesRead: + format: int64 + type: string + localBlocksFetched: + format: int64 + type: string + stageShufflePushReadMetrics: + $ref: '#/components/schemas/StageShufflePushReadMetrics' + remoteReqsDuration: + type: string + format: int64 + fetchWaitTimeMillis: + format: int64 + type: string + remoteBytesReadToDisk: + type: string + format: int64 + recordsRead: + type: string + format: int64 + type: object + BuildInfo: type: object properties: - nodeGroupUri: + buildKey: + type: string + description: Optional. Build key. + buildValue: + description: Optional. Build value. + type: string + id: BuildInfo + description: Native Build Info + InputQuantileMetrics: + id: InputQuantileMetrics + properties: + bytesRead: + $ref: '#/components/schemas/Quantiles' + recordsRead: + $ref: '#/components/schemas/Quantiles' + type: object + SparkConnectConfig: + id: SparkConnectConfig + properties: {} + description: Spark connect configuration for an interactive session. + type: object + InstantiateWorkflowTemplateRequest: + type: object + id: InstantiateWorkflowTemplateRequest + properties: + version: + type: integer + format: int32 description: >- - Required. The URI of a sole-tenant node group resource - (https://cloud.google.com/compute/docs/reference/rest/v1/nodeGroups) - that the cluster will be created on.A full URL, partial URI, or node - group name are valid. Examples: - https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone]/nodeGroups/node-group-1 - projects/[project_id]/zones/[zone]/nodeGroups/node-group-1 - node-group-1 + Optional. The version of workflow template to instantiate. If + specified, the workflow will be instantiated only if the current + version of the workflow template has the supplied version.This + option cannot be used to instantiate a previous version of workflow + template. + parameters: + additionalProperties: + type: string + description: >- + Optional. Map from parameter names to values that should be used for + those parameters. Values may not exceed 1000 characters. + type: object + requestId: + description: >- + Optional. A tag that prevents multiple concurrent workflow instances + with the same tag from running. This mitigates risk of concurrent + instances started due to retries.It is recommended to always set + this value to a UUID + (https://en.wikipedia.org/wiki/Universally_unique_identifier).The + tag must contain only letters (a-z, A-Z), numbers (0-9), underscores + (_), and hyphens (-). The maximum length is 40 characters. type: string - ShieldedInstanceConfig: - id: ShieldedInstanceConfig - description: >- - Shielded Instance Config for clusters using Compute Engine Shielded VMs - (https://cloud.google.com/security/shielded-cloud/shielded-vm). - type: object + description: A request to instantiate a workflow template. + NamespacedGkeDeploymentTarget: + deprecated: true properties: - enableSecureBoot: - description: Optional. Defines whether instances have Secure Boot enabled. - type: boolean - enableVtpm: - description: Optional. Defines whether instances have the vTPM enabled. - type: boolean - enableIntegrityMonitoring: + targetGkeCluster: + type: string description: >- - Optional. Defines whether instances have integrity monitoring - enabled. - type: boolean - ConfidentialInstanceConfig: - id: ConfidentialInstanceConfig + Optional. The target GKE cluster to deploy to. Format: + 'projects/{project}/locations/{location}/clusters/{cluster_id}' + clusterNamespace: + description: Optional. A namespace within the GKE cluster to deploy into. + type: string description: >- - Confidential Instance Config for clusters using Confidential VMs - (https://cloud.google.com/compute/confidential-vm/docs) + Deprecated. Used only for the deprecated beta. A full, + namespace-isolated deployment target for an existing GKE cluster. + id: NamespacedGkeDeploymentTarget type: object + PyPiRepositoryConfig: + description: Configuration for PyPi repository + id: PyPiRepositoryConfig properties: - enableConfidentialCompute: - description: >- - Optional. Defines whether the instance should have confidential - compute enabled. - type: boolean - InstanceGroupConfig: - id: InstanceGroupConfig - description: >- - The config settings for Compute Engine resources in an instance group, - such as a master or worker group. + pypiRepository: + type: string + description: Optional. PyPi repository address type: object + ClusterOperationMetadata: + id: ClusterOperationMetadata properties: - numInstances: - description: >- - Optional. The number of VM instances in the instance group. For HA - cluster master_config groups, must be set to 3. For standard cluster - master_config groups, must be set to 1. - type: integer - format: int32 - instanceNames: - description: >- - Output only. The list of instance names. Dataproc derives the names - from cluster_name, num_instances, and the instance group. + operationType: + readOnly: true + type: string + description: Output only. The operation type. + status: + description: Output only. Current operation status. readOnly: true + $ref: '#/components/schemas/ClusterOperationStatus' + childOperationIds: type: array + readOnly: true items: type: string - instanceReferences: - description: Output only. List of references to Compute Engine instances. + description: Output only. Child operation ids + clusterName: readOnly: true + type: string + description: Output only. Name of the cluster for the operation. + statusHistory: type: array + description: Output only. The previous operation status. items: - $ref: '#/components/schemas/InstanceReference' - imageUri: - description: >- - Optional. The Compute Engine image resource used for cluster - instances.The URI can represent an image or image family.Image - examples: - https://www.googleapis.com/compute/v1/projects/[project_id]/global/images/[image-id] - projects/[project_id]/global/images/[image-id] image-idImage family - examples. Dataproc will use the most recent image from the family: - https://www.googleapis.com/compute/v1/projects/[project_id]/global/images/family/[custom-image-family-name] - projects/[project_id]/global/images/family/[custom-image-family-name]If - the URI is unspecified, it will be inferred from - SoftwareConfig.image_version or the system default. - type: string - machineTypeUri: - description: >- - Optional. The Compute Engine machine type used for cluster - instances.A full URL, partial URI, or short name are valid. - Examples: - https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone]/machineTypes/n1-standard-2 - projects/[project_id]/zones/[zone]/machineTypes/n1-standard-2 - n1-standard-2Auto Zone Exception: If you are using the Dataproc Auto - Zone Placement - (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/auto-zone#using_auto_zone_placement) - feature, you must use the short name of the machine type resource, - for example, n1-standard-2. + $ref: '#/components/schemas/ClusterOperationStatus' + readOnly: true + description: + description: Output only. Short description of operation. type: string - diskConfig: - description: Optional. Disk option config settings. - $ref: '#/components/schemas/DiskConfig' - isPreemptible: - description: >- - Output only. Specifies that this instance group contains preemptible - instances. readOnly: true - type: boolean - preemptibility: - description: >- - Optional. Specifies the preemptibility of the instance group.The - default value for master and worker groups is NON_PREEMPTIBLE. This - default cannot be changed.The default value for secondary instances - is PREEMPTIBLE. + warnings: + items: + type: string + type: array + readOnly: true + description: Output only. Errors encountered during operation execution. + clusterUuid: + readOnly: true type: string - enumDescriptions: - - >- - Preemptibility is unspecified, the system will choose the - appropriate setting for each instance group. - - >- - Instances are non-preemptible.This option is allowed for all - instance groups and is the only valid value for Master and Worker - instance groups. - - >- - Instances are preemptible - (https://cloud.google.com/compute/docs/instances/preemptible).This - option is allowed only for secondary worker - (https://cloud.google.com/dataproc/docs/concepts/compute/secondary-vms) - groups. - - >- - Instances are Spot VMs - (https://cloud.google.com/compute/docs/instances/spot).This option - is allowed only for secondary worker - (https://cloud.google.com/dataproc/docs/concepts/compute/secondary-vms) - groups. Spot VMs are the latest version of preemptible VMs - (https://cloud.google.com/compute/docs/instances/preemptible), and - provide additional features. - enum: - - PREEMPTIBILITY_UNSPECIFIED - - NON_PREEMPTIBLE - - PREEMPTIBLE - - SPOT - managedGroupConfig: - description: >- - Output only. The config for Compute Engine Instance Group Manager - that manages this group. This is only used for preemptible instance - groups. + description: Output only. Cluster UUID for the operation. + labels: + type: object + additionalProperties: + type: string + description: Output only. Labels associated with the operation readOnly: true - $ref: '#/components/schemas/ManagedGroupConfig' + type: object + description: Metadata describing the operation. + GkeNodeConfig: + properties: accelerators: + items: + $ref: '#/components/schemas/GkeNodePoolAcceleratorConfig' description: >- - Optional. The Compute Engine accelerator configuration for these - instances. + Optional. A list of hardware accelerators + (https://cloud.google.com/compute/docs/gpus) to attach to each node. type: array - items: - $ref: '#/components/schemas/AcceleratorConfig' + bootDiskKmsKey: + type: string + description: >- + Optional. The Customer Managed Encryption Key (CMEK) + (https://cloud.google.com/kubernetes-engine/docs/how-to/using-cmek) + used to encrypt the boot disk attached to each node in the node + pool. Specify the key using the following format: + projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key} + machineType: + type: string + description: >- + Optional. The name of a Compute Engine machine type + (https://cloud.google.com/compute/docs/machine-types). minCpuPlatform: description: >- - Optional. Specifies the minimum cpu platform for the Instance Group. - See Dataproc -> Minimum CPU Platform - (https://cloud.google.com/dataproc/docs/concepts/compute/dataproc-min-cpu). + Optional. Minimum CPU platform + (https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform) + to be used by this instance. The instance may be scheduled on the + specified or a newer CPU platform. Specify the friendly names of CPU + platforms, such as "Intel Haswell"` or Intel Sandy Bridge". type: string - minNumInstances: + spot: description: >- - Optional. The minimum number of primary worker instances to create. - If min_num_instances is set, cluster creation will succeed if the - number of primary workers created is at least equal to the - min_num_instances number.Example: Cluster creation request with - num_instances = 5 and min_num_instances = 3: If 4 VMs are created - and 1 instance fails, the failed VM is deleted. The cluster is - resized to 4 instances and placed in a RUNNING state. If 2 instances - are created and 3 instances fail, the cluster in placed in an ERROR - state. The failed VMs are not deleted. + Optional. Whether the nodes are created as Spot VM instances + (https://cloud.google.com/compute/docs/instances/spot). Spot VMs are + the latest update to legacy preemptible VMs. Spot VMs do not have a + maximum lifetime. Legacy and Spot preemptible nodes cannot be used + in a node pool with the CONTROLLER role or in the DEFAULT node pool + if the CONTROLLER role is not assigned (the DEFAULT node pool will + assume the CONTROLLER role). + type: boolean + preemptible: + type: boolean + description: >- + Optional. Whether the nodes are created as legacy preemptible VM + instances + (https://cloud.google.com/compute/docs/instances/preemptible). Also + see Spot VMs, preemptible VM instances without a maximum lifetime. + Legacy and Spot preemptible nodes cannot be used in a node pool with + the CONTROLLER role or in the DEFAULT node pool if the CONTROLLER + role is not assigned (the DEFAULT node pool will assume the + CONTROLLER role). + localSsdCount: type: integer format: int32 - instanceFlexibilityPolicy: description: >- - Optional. Instance flexibility Policy allowing a mixture of VM - shapes and provisioning models. - $ref: '#/components/schemas/InstanceFlexibilityPolicy' - startupConfig: + Optional. The number of local SSD disks to attach to the node, which + is limited by the maximum number of disks allowable per zone (see + Adding Local SSDs + (https://cloud.google.com/compute/docs/disks/local-ssd)). + type: object + description: Parameters that describe cluster nodes. + id: GkeNodeConfig + ListWorkflowTemplatesResponse: + type: object + description: A response to a request to list workflow templates in a project. + id: ListWorkflowTemplatesResponse + properties: + nextPageToken: + readOnly: true + type: string + description: >- + Output only. This token is included in the response if there are + more results to fetch. To fetch additional results, provide this + value as the page_token in a subsequent + ListWorkflowTemplatesRequest. + unreachable: + items: + type: string description: >- - Optional. Configuration to handle the startup of instances during - cluster create and update process. - $ref: '#/components/schemas/StartupConfig' - InstanceReference: - id: InstanceReference - description: A reference to a Compute Engine instance. + Output only. List of workflow templates that could not be included + in the response. Attempting to get one of these resources may + indicate why it was not included in the list response. + type: array + readOnly: true + templates: + description: Output only. WorkflowTemplates list. + type: array + readOnly: true + items: + $ref: '#/components/schemas/WorkflowTemplate' + RegexValidation: + properties: + regexes: + type: array + description: >- + Required. RE2 regular expressions used to validate the parameter's + value. The value must match the regex in its entirety (substring + matches are not sufficient). + items: + type: string + description: Validation based on regular expressions. + id: RegexValidation + type: object + SparkPlanGraphEdge: type: object properties: - instanceName: - description: The user-friendly name of the Compute Engine instance. + fromId: + format: int64 type: string - instanceId: - description: The unique identifier of the Compute Engine instance. + toId: type: string - publicKey: - description: The public RSA key used for sharing data with this instance. + format: int64 + description: Represents a directed edge in the spark plan tree from child to parent. + id: SparkPlanGraphEdge + NodeInitializationAction: + id: NodeInitializationAction + type: object + properties: + executionTimeout: type: string - publicEciesKey: - description: The public ECIES key used for sharing data with this instance. + format: google-duration + description: >- + Optional. Amount of time executable has to complete. Default is 10 + minutes (see JSON representation of Duration + (https://developers.google.com/protocol-buffers/docs/proto3#json)).Cluster + creation fails with an explanatory error message (the name of the + executable that caused the error and the exceeded timeout period) if + the executable is not completed at end of the timeout period. + executableFile: + description: Required. Cloud Storage URI of executable file. type: string - DiskConfig: - id: DiskConfig description: >- - Specifies the config of boot disk and attached disk options for a group - of VM instances. - type: object + Specifies an executable to run on a fully configured node and a timeout + period for executable completion. + HadoopJob: properties: - bootDiskType: + jarFileUris: + type: array + items: + type: string description: >- - Optional. Type of the boot disk (default is "pd-standard"). Valid - values: "pd-balanced" (Persistent Disk Balanced Solid State Drive), - "pd-ssd" (Persistent Disk Solid State Drive), or "pd-standard" - (Persistent Disk Hard Disk Drive). See Disk types - (https://cloud.google.com/compute/docs/disks#disk-types). - type: string - bootDiskSizeGb: - description: Optional. Size in GB of the boot disk (default is 500GB). - type: integer - format: int32 - numLocalSsds: + Optional. Jar file URIs to add to the CLASSPATHs of the Hadoop + driver and tasks. + fileUris: + type: array description: >- - Optional. Number of attached SSDs, from 0 to 8 (default is 0). If - SSDs are not attached, the boot disk is used to store runtime logs - and HDFS - (https://hadoop.apache.org/docs/r1.2.1/hdfs_user_guide.html) data. - If one or more SSDs are attached, this runtime bulk data is spread - across them, and the boot disk contains only basic config and - installed binaries.Note: Local SSD options may vary by machine type - and number of vCPUs selected. - type: integer - format: int32 - localSsdInterface: + Optional. HCFS (Hadoop Compatible Filesystem) URIs of files to be + copied to the working directory of Hadoop drivers and distributed + tasks. Useful for naively parallel tasks. + items: + type: string + args: + items: + type: string description: >- - Optional. Interface type of local SSDs (default is "scsi"). Valid - values: "scsi" (Small Computer System Interface), "nvme" - (Non-Volatile Memory Express). See local SSD performance - (https://cloud.google.com/compute/docs/disks/local-ssd#performance). - type: string - bootDiskProvisionedIops: + Optional. The arguments to pass to the driver. Do not include + arguments, such as -libjars or -Dfoo=bar, that can be set as job + properties, since a collision might occur that causes an incorrect + job submission. + type: array + loggingConfig: + description: Optional. The runtime log config for job execution. + $ref: '#/components/schemas/LoggingConfig' + mainClass: description: >- - Optional. Indicates how many IOPS to provision for the disk. This - sets the number of I/O operations per second that the disk can - handle. This field is supported only if boot_disk_type is - hyperdisk-balanced. + The name of the driver's main class. The jar file containing the + class must be in the default CLASSPATH or specified in + jar_file_uris. type: string - format: int64 - bootDiskProvisionedThroughput: - description: >- - Optional. Indicates how much throughput to provision for the disk. - This sets the number of throughput mb per second that the disk can - handle. Values must be greater than or equal to 1. This field is - supported only if boot_disk_type is hyperdisk-balanced. + mainJarFileUri: type: string - format: int64 - ManagedGroupConfig: - id: ManagedGroupConfig - description: Specifies the resources used to actively manage an instance group. - type: object - properties: - instanceTemplateName: description: >- - Output only. The name of the Instance Template used for the Managed - Instance Group. - readOnly: true - type: string - instanceGroupManagerName: - description: Output only. The name of the Instance Group Manager for this group. - readOnly: true - type: string - instanceGroupManagerUri: + The HCFS URI of the jar file containing the main class. Examples: + 'gs://foo-bucket/analytics-binaries/extract-useful-metrics-mr.jar' + 'hdfs:/tmp/test-samples/custom-wordcount.jar' + 'file:///home/usr/lib/hadoop-mapreduce/hadoop-mapreduce-examples.jar' + archiveUris: description: >- - Output only. The partial URI to the instance group manager for this - group. E.g. - projects/my-project/regions/us-central1/instanceGroupManagers/my-igm. - readOnly: true - type: string - AcceleratorConfig: - id: AcceleratorConfig + Optional. HCFS URIs of archives to be extracted in the working + directory of Hadoop drivers and tasks. Supported file types: .jar, + .tar, .tar.gz, .tgz, or .zip. + type: array + items: + type: string + properties: + type: object + additionalProperties: + type: string + description: >- + Optional. A mapping of property names to values, used to configure + Hadoop. Properties that conflict with values set by the Dataproc API + might be overwritten. Can include properties set in + /etc/hadoop/conf/*-site and classes in user code. + id: HadoopJob + type: object description: >- - Specifies the type and number of accelerator cards attached to the - instances of an instance. See GPUs on Compute Engine - (https://cloud.google.com/compute/docs/gpus/). + A Dataproc job for running Apache Hadoop MapReduce + (https://hadoop.apache.org/docs/current/hadoop-mapreduce-client/hadoop-mapreduce-client-core/MapReduceTutorial.html) + jobs on Apache Hadoop YARN + (https://hadoop.apache.org/docs/r2.7.1/hadoop-yarn/hadoop-yarn-site/YARN.html). + Operation: type: object properties: - acceleratorTypeUri: + error: + $ref: '#/components/schemas/Status' description: >- - Full URL, partial URI, or short name of the accelerator type - resource to expose to this instance. See Compute Engine - AcceleratorTypes - (https://cloud.google.com/compute/docs/reference/v1/acceleratorTypes).Examples: - https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone]/acceleratorTypes/nvidia-tesla-t4 - projects/[project_id]/zones/[zone]/acceleratorTypes/nvidia-tesla-t4 - nvidia-tesla-t4Auto Zone Exception: If you are using the Dataproc - Auto Zone Placement - (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/auto-zone#using_auto_zone_placement) - feature, you must use the short name of the accelerator type - resource, for example, nvidia-tesla-t4. - type: string - acceleratorCount: + The error result of the operation in case of failure or + cancellation. + response: + type: object description: >- - The number of the accelerator cards of this type exposed to this - instance. - type: integer - format: int32 - InstanceFlexibilityPolicy: - id: InstanceFlexibilityPolicy + The normal, successful response of the operation. If the original + method returns no data on success, such as Delete, the response is + google.protobuf.Empty. If the original method is standard + Get/Create/Update, the response should be the resource. For other + methods, the response should have the type XxxResponse, where Xxx is + the original method name. For example, if the original method name + is TakeSnapshot(), the inferred response type is + TakeSnapshotResponse. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + done: + description: >- + If the value is false, it means the operation is still in progress. + If true, the operation is completed, and either error or response is + available. + type: boolean + metadata: + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the name should be a resource name ending with + operations/{unique_id}. + type: string description: >- - Instance flexibility Policy allowing a mixture of VM shapes and - provisioning models. + This resource represents a long-running operation that is the result of + a network API call. + id: Operation + ClusterOperation: + description: The cluster operation triggered by a workflow. type: object + id: ClusterOperation properties: - provisioningModelMix: - description: >- - Optional. Defines how the Group selects the provisioning model to - ensure required reliability. - $ref: '#/components/schemas/ProvisioningModelMix' - instanceSelectionList: - description: >- - Optional. List of instance selection options that the group will use - when creating new VMs. - type: array - items: - $ref: '#/components/schemas/InstanceSelection' - instanceSelectionResults: - description: Output only. A list of instance selection results in the group. + operationId: readOnly: true - type: array - items: - $ref: '#/components/schemas/InstanceSelectionResult' - ProvisioningModelMix: - id: ProvisioningModelMix - description: >- - Defines how Dataproc should create VMs with a mixture of provisioning - models. + type: string + description: Output only. The id of the cluster operation. + error: + description: Output only. Error, if operation failed. + type: string + readOnly: true + done: + readOnly: true + type: boolean + description: Output only. Indicates the operation is done. + SubmitJobRequest: type: object + description: A request to submit a job. + id: SubmitJobRequest properties: - standardCapacityBase: - description: >- - Optional. The base capacity that will always use Standard VMs to - avoid risk of more preemption than the minimum capacity you need. - Dataproc will create only standard VMs until it reaches - standard_capacity_base, then it will start using - standard_capacity_percent_above_base to mix Spot with Standard VMs. - eg. If 15 instances are requested and standard_capacity_base is 5, - Dataproc will create 5 standard VMs and then start mixing spot and - standard VMs for remaining 10 instances. - type: integer - format: int32 - standardCapacityPercentAboveBase: + requestId: + type: string description: >- - Optional. The percentage of target capacity that should use Standard - VM. The remaining percentage will use Spot VMs. The percentage - applies only to the capacity above standard_capacity_base. eg. If 15 - instances are requested and standard_capacity_base is 5 and - standard_capacity_percent_above_base is 30, Dataproc will create 5 - standard VMs and then start mixing spot and standard VMs for - remaining 10 instances. The mix will be 30% standard and 70% spot. - type: integer - format: int32 - InstanceSelection: - id: InstanceSelection - description: Defines machines types and a rank to which the machines types belong. + Optional. A unique id used to identify the request. If the server + receives two SubmitJobRequest + (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#google.cloud.dataproc.v1.SubmitJobRequest)s + with the same id, then the second request will be ignored and the + first Job created and stored in the backend is returned.It is + recommended to always set this value to a UUID + (https://en.wikipedia.org/wiki/Universally_unique_identifier).The id + must contain only letters (a-z, A-Z), numbers (0-9), underscores + (_), and hyphens (-). The maximum length is 40 characters. + job: + $ref: '#/components/schemas/Job' + description: Required. The job resource. + SparkHistoryServerConfig: type: object properties: - machineTypes: - description: Optional. Full machine-type names, e.g. "n1-standard-16". - type: array - items: - type: string - rank: + dataprocCluster: + type: string description: >- - Optional. Preference of this instance selection. Lower number means - higher preference. Dataproc will first try to create a VM based on - the machine-type with priority rank and fallback to next rank based - on availability. Machine types and instance selections with the same - priority have the same preference. - type: integer - format: int32 - InstanceSelectionResult: - id: InstanceSelectionResult - description: >- - Defines a mapping from machine types to the number of VMs that are - created with each machine type. + Optional. Resource name of an existing Dataproc Cluster to act as a + Spark History Server for the workload.Example: + projects/[project_id]/regions/[region]/clusters/[cluster_name] + description: Spark History Server configuration for the workload. + id: SparkHistoryServerConfig + SummarizeSessionSparkApplicationStageAttemptTasksResponse: + id: SummarizeSessionSparkApplicationStageAttemptTasksResponse type: object properties: - machineType: - description: Output only. Full machine-type names, e.g. "n1-standard-16". - readOnly: true - type: string - vmCount: - description: Output only. Number of VM provisioned with the machine_type. - readOnly: true - type: integer - format: int32 - StartupConfig: - id: StartupConfig - description: >- - Configuration to handle the startup of instances during cluster create - and update process. + stageAttemptTasksSummary: + description: Summary of tasks for a Spark Application Stage Attempt + $ref: '#/components/schemas/StageAttemptTasksSummary' + description: Summary of tasks for a Spark Application stage attempt. + PeripheralsConfig: + description: Auxiliary services configuration for a workload. type: object properties: - requiredRegistrationFraction: + metastoreService: description: >- - Optional. The config setting to enable cluster creation/ updation to - be successful only after required_registration_fraction of instances - are up and running. This configuration is applicable to only - secondary workers for now. The cluster will fail if - required_registration_fraction of instances are not available. This - will include instance creation, agent registration, and service - registration (if enabled). - type: number - format: double - SoftwareConfig: - id: SoftwareConfig - description: Specifies the selection and config of software inside the cluster. + Optional. Resource name of an existing Dataproc Metastore + service.Example: + projects/[project_id]/locations/[region]/services/[service_id] + type: string + sparkHistoryServerConfig: + description: Optional. The Spark History Server configuration for the workload. + $ref: '#/components/schemas/SparkHistoryServerConfig' + id: PeripheralsConfig + JobPlacement: + id: JobPlacement type: object + description: Dataproc job config. properties: - imageVersion: - description: >- - Optional. The version of software inside the cluster. It must be one - of the supported Dataproc Versions - (https://cloud.google.com/dataproc/docs/concepts/versioning/dataproc-versions#supported-dataproc-image-versions), - such as "1.2" (including a subminor version, such as "1.2.29"), or - the "preview" version - (https://cloud.google.com/dataproc/docs/concepts/versioning/dataproc-versions#other_versions). - If unspecified, it defaults to the latest Debian version. + clusterUuid: type: string - properties: description: >- - Optional. The properties to set on daemon config files.Property keys - are specified in prefix:property format, for example - core:hadoop.tmp.dir. The following are supported prefixes and their - mappings: capacity-scheduler: capacity-scheduler.xml core: - core-site.xml distcp: distcp-default.xml hdfs: hdfs-site.xml hive: - hive-site.xml mapred: mapred-site.xml pig: pig.properties spark: - spark-defaults.conf yarn: yarn-site.xmlFor more information, see - Cluster properties - (https://cloud.google.com/dataproc/docs/concepts/cluster-properties). + Output only. A cluster UUID generated by the Dataproc service when + the job is submitted. + readOnly: true + clusterLabels: + description: >- + Optional. Cluster labels to identify a cluster where the job will be + submitted. type: object additionalProperties: type: string - optionalComponents: - description: Optional. The set of components to activate on the cluster. - type: array - items: - type: string - enumDescriptions: - - >- - Unspecified component. Specifying this will cause Cluster - creation to fail. - - >- - The Anaconda component is no longer supported or applicable to - supported Dataproc on Compute Engine image versions - (https://cloud.google.com/dataproc/docs/concepts/versioning/dataproc-version-clusters#supported-dataproc-image-versions). - It cannot be activated on clusters created with supported - Dataproc on Compute Engine image versions. - - Delta Lake. - - Docker - - The Druid query engine. (alpha) - - Flink - - HBase. (beta) - - The Hive Web HCatalog (the REST service for accessing HCatalog). - - Hudi. - - Iceberg. - - The Jupyter Notebook. - - The Pig component. - - The Presto query engine. - - The Trino query engine. - - The Ranger service. - - The Solr service. - - The Zeppelin notebook. - - The Zookeeper service. - - The Jupyter Kernel Gateway. - enum: - - COMPONENT_UNSPECIFIED - - ANACONDA - - DELTA - - DOCKER - - DRUID - - FLINK - - HBASE - - HIVE_WEBHCAT - - HUDI - - ICEBERG - - JUPYTER - - PIG - - PRESTO - - TRINO - - RANGER - - SOLR - - ZEPPELIN - - ZOOKEEPER - - JUPYTER_KERNEL_GATEWAY - NodeInitializationAction: - id: NodeInitializationAction - description: >- - Specifies an executable to run on a fully configured node and a timeout - period for executable completion. + clusterName: + description: Required. The name of the cluster where the job will be submitted. + type: string + SparkPlanGraphNode: + description: Represents a node in the spark plan tree. type: object properties: - executableFile: - description: Required. Cloud Storage URI of executable file. + name: + type: string + metrics: + type: array + items: + $ref: '#/components/schemas/SqlPlanMetric' + sparkPlanGraphNodeId: type: string - executionTimeout: - description: >- - Optional. Amount of time executable has to complete. Default is 10 - minutes (see JSON representation of Duration - (https://developers.google.com/protocol-buffers/docs/proto3#json)).Cluster - creation fails with an explanatory error message (the name of the - executable that caused the error and the exceeded timeout period) if - the executable is not completed at end of the timeout period. + format: int64 + desc: type: string - format: google-duration - EncryptionConfig: - id: EncryptionConfig - description: Encryption settings for the cluster. + id: SparkPlanGraphNode + ValueInfo: + description: Annotatated property value. type: object + id: ValueInfo properties: - gcePdKmsKeyName: - description: >- - Optional. The Cloud KMS key resource name to use for persistent disk - encryption for all instances in the cluster. See Use CMEK with - cluster data - (https://cloud.google.com//dataproc/docs/concepts/configuring-clusters/customer-managed-encryption#use_cmek_with_cluster_data) - for more information. + overriddenValue: + description: Optional. Value which was replaced by the corresponding component. type: string - kmsKey: - description: >- - Optional. The Cloud KMS key resource name to use for cluster - persistent disk and job argument encryption. See Use CMEK with - cluster data - (https://cloud.google.com//dataproc/docs/concepts/configuring-clusters/customer-managed-encryption#use_cmek_with_cluster_data) - for more information.When this key resource name is provided, the - following job arguments of the following job types submitted to the - cluster are encrypted using CMEK: FlinkJob args - (https://cloud.google.com/dataproc/docs/reference/rest/v1/FlinkJob) - HadoopJob args - (https://cloud.google.com/dataproc/docs/reference/rest/v1/HadoopJob) - SparkJob args - (https://cloud.google.com/dataproc/docs/reference/rest/v1/SparkJob) - SparkRJob args - (https://cloud.google.com/dataproc/docs/reference/rest/v1/SparkRJob) - PySparkJob args - (https://cloud.google.com/dataproc/docs/reference/rest/v1/PySparkJob) - SparkSqlJob - (https://cloud.google.com/dataproc/docs/reference/rest/v1/SparkSqlJob) - scriptVariables and queryList.queries HiveJob - (https://cloud.google.com/dataproc/docs/reference/rest/v1/HiveJob) - scriptVariables and queryList.queries PigJob - (https://cloud.google.com/dataproc/docs/reference/rest/v1/PigJob) - scriptVariables and queryList.queries PrestoJob - (https://cloud.google.com/dataproc/docs/reference/rest/v1/PrestoJob) - scriptVariables and queryList.queries + value: + description: Property value. type: string - AutoscalingConfig: - id: AutoscalingConfig - description: Autoscaling Policy config associated with the cluster. + annotation: + description: Annotation, comment or explanation why the property was set. + type: string + PySparkBatch: + description: >- + A configuration for running an Apache PySpark + (https://spark.apache.org/docs/latest/api/python/getting_started/quickstart.html) + batch workload. type: object + id: PySparkBatch properties: - policyUri: + mainPythonFileUri: description: >- - Optional. The autoscaling policy used by the cluster.Only resource - names including projectid and location (region) are valid. Examples: - https://www.googleapis.com/compute/v1/projects/[project_id]/locations/[dataproc_region]/autoscalingPolicies/[policy_id] - projects/[project_id]/locations/[dataproc_region]/autoscalingPolicies/[policy_id]Note - that the policy must be in the same project and Dataproc region. + Required. The HCFS URI of the main Python file to use as the Spark + driver. Must be a .py file. type: string - SecurityConfig: - id: SecurityConfig - description: Security related configuration, including encryption, Kerberos, etc. + pythonFileUris: + description: >- + Optional. HCFS file URIs of Python files to pass to the PySpark + framework. Supported file types: .py, .egg, and .zip. + items: + type: string + type: array + fileUris: + type: array + description: >- + Optional. HCFS URIs of files to be placed in the working directory + of each executor. + items: + type: string + archiveUris: + items: + type: string + description: >- + Optional. HCFS URIs of archives to be extracted into the working + directory of each executor. Supported file types: .jar, .tar, + .tar.gz, .tgz, and .zip. + type: array + jarFileUris: + items: + type: string + type: array + description: >- + Optional. HCFS URIs of jar files to add to the classpath of the + Spark driver and tasks. + args: + items: + type: string + type: array + description: >- + Optional. The arguments to pass to the driver. Do not include + arguments that can be set as batch properties, such as --conf, since + a collision can occur that causes an incorrect batch submission. + WorkflowGraph: type: object properties: - kerberosConfig: - description: Optional. Kerberos related configuration. - $ref: '#/components/schemas/KerberosConfig' - identityConfig: + nodes: + description: Output only. The workflow nodes. + type: array + items: + $ref: '#/components/schemas/WorkflowNode' + readOnly: true + id: WorkflowGraph + description: The workflow graph. + ListClustersResponse: + properties: + clusters: + description: Output only. The clusters in the project. + items: + $ref: '#/components/schemas/Cluster' + type: array + readOnly: true + nextPageToken: description: >- - Optional. Identity related configuration, including service account - based secure multi-tenancy user mappings. - $ref: '#/components/schemas/IdentityConfig' - KerberosConfig: - id: KerberosConfig - description: Specifies Kerberos related configuration. + Output only. This token is included in the response if there are + more results to fetch. To fetch additional results, provide this + value as the page_token in a subsequent ListClustersRequest. + readOnly: true + type: string + id: ListClustersResponse type: object + description: The list of all clusters in a project. + SourceProgress: + id: SourceProgress properties: - enableKerberos: - description: >- - Optional. Flag to indicate whether to Kerberize the cluster - (default: false). Set this field to true to enable Kerberos on a - cluster. - type: boolean - rootPrincipalPasswordUri: - description: >- - Optional. The Cloud Storage URI of a KMS encrypted file containing - the root principal password. + endOffset: type: string - kmsKeyUri: - description: Optional. The URI of the KMS key used to encrypt sensitive files. + numInputRows: + format: int64 type: string - keystoreUri: - description: >- - Optional. The Cloud Storage URI of the keystore file used for SSL - encryption. If not provided, Dataproc will provide a self-signed - certificate. + description: type: string - truststoreUri: - description: >- - Optional. The Cloud Storage URI of the truststore file used for SSL - encryption. If not provided, Dataproc will provide a self-signed - certificate. + metrics: + additionalProperties: + type: string + type: object + latestOffset: type: string - keystorePasswordUri: - description: >- - Optional. The Cloud Storage URI of a KMS encrypted file containing - the password to the user provided keystore. For the self-signed - certificate, this password is generated by Dataproc. + processedRowsPerSecond: + format: double + type: number + inputRowsPerSecond: + type: number + format: double + startOffset: type: string - keyPasswordUri: + type: object + ExecutorMetrics: + id: ExecutorMetrics + properties: + metrics: + additionalProperties: + type: string + format: int64 + type: object + type: object + ManagedCluster: + description: Cluster that is managed by the workflow. + properties: + config: + description: Required. The cluster configuration. + $ref: '#/components/schemas/ClusterConfig' + clusterName: description: >- - Optional. The Cloud Storage URI of a KMS encrypted file containing - the password to the user provided key. For the self-signed - certificate, this password is generated by Dataproc. + Required. The cluster name prefix. A unique cluster name will be + formed by appending a random suffix.The name must contain only + lower-case letters (a-z), numbers (0-9), and hyphens (-). Must begin + with a letter. Cannot begin or end with hyphen. Must consist of + between 2 and 35 characters. type: string - truststorePasswordUri: + labels: + type: object description: >- - Optional. The Cloud Storage URI of a KMS encrypted file containing - the password to the user provided truststore. For the self-signed - certificate, this password is generated by Dataproc. - type: string - crossRealmTrustRealm: + Optional. The labels to associate with this cluster.Label keys must + be between 1 and 63 characters long, and must conform to the + following PCRE regular expression: \p{Ll}\p{Lo}{0,62}Label values + must be between 1 and 63 characters long, and must conform to the + following PCRE regular expression: \p{Ll}\p{Lo}\p{N}_-{0,63}No more + than 32 labels can be associated with a given cluster. + additionalProperties: + type: string + id: ManagedCluster + type: object + ListSessionsResponse: + type: object + description: A list of interactive sessions. + properties: + sessions: + type: array + items: + $ref: '#/components/schemas/Session' + readOnly: true + description: Output only. The sessions from the specified collection. + nextPageToken: description: >- - Optional. The remote realm the Dataproc on-cluster KDC will trust, - should the user enable cross realm trust. + A token, which can be sent as page_token, to retrieve the next page. + If this field is omitted, there are no subsequent pages. type: string - crossRealmTrustKdc: - description: >- - Optional. The KDC (IP or hostname) for the remote trusted realm in a - cross realm trust relationship. + id: ListSessionsResponse + MemoryMetrics: + properties: + totalOnHeapStorageMemory: type: string - crossRealmTrustAdminServer: - description: >- - Optional. The admin server (IP or hostname) for the remote trusted - realm in a cross realm trust relationship. + format: int64 + usedOnHeapStorageMemory: + format: int64 type: string - crossRealmTrustSharedPasswordUri: - description: >- - Optional. The Cloud Storage URI of a KMS encrypted file containing - the shared password between the on-cluster Kerberos realm and the - remote trusted realm, in a cross realm trust relationship. + totalOffHeapStorageMemory: type: string - kdcDbKeyUri: - description: >- - Optional. The Cloud Storage URI of a KMS encrypted file containing - the master key of the KDC database. + format: int64 + usedOffHeapStorageMemory: + type: string + format: int64 + id: MemoryMetrics + type: object + StartClusterRequest: + id: StartClusterRequest + properties: + requestId: type: string - tgtLifetimeHours: description: >- - Optional. The lifetime of the ticket granting ticket, in hours. If - not specified, or user specifies 0, then default value 10 will be - used. - type: integer - format: int32 - realm: + Optional. A unique ID used to identify the request. If the server + receives two StartClusterRequest + (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#google.cloud.dataproc.v1.StartClusterRequest)s + with the same id, then the second request will be ignored and the + first google.longrunning.Operation created and stored in the backend + is returned.Recommendation: Set this value to a UUID + (https://en.wikipedia.org/wiki/Universally_unique_identifier).The ID + must contain only letters (a-z, A-Z), numbers (0-9), underscores + (_), and hyphens (-). The maximum length is 40 characters. + clusterUuid: description: >- - Optional. The name of the on-cluster Kerberos realm. If not - specified, the uppercased domain of hostnames will be the realm. + Optional. Specifying the cluster_uuid means the RPC will fail (with + error NOT_FOUND) if a cluster with the specified UUID does not + exist. type: string - IdentityConfig: - id: IdentityConfig - description: >- - Identity related configuration, including service account based secure - multi-tenancy user mappings. type: object + description: A request to start a cluster. + StageOutputMetrics: properties: - userServiceAccountMapping: - description: Required. Map of user to service account. - type: object - additionalProperties: - type: string - LifecycleConfig: - id: LifecycleConfig - description: Specifies the cluster auto-delete schedule configuration. + bytesWritten: + format: int64 + type: string + recordsWritten: + type: string + format: int64 + description: Metrics about the output written by the stage. type: object + id: StageOutputMetrics + SparkBatch: properties: - idleDeleteTtl: - description: >- - Optional. The duration to keep the cluster alive while idling (when - no jobs are running). Passing this threshold will cause the cluster - to be deleted. Minimum value is 5 minutes; maximum value is 14 days - (see JSON representation of Duration - (https://developers.google.com/protocol-buffers/docs/proto3#json)). - type: string - format: google-duration - autoDeleteTime: - description: >- - Optional. The time when cluster will be auto-deleted (see JSON - representation of Timestamp - (https://developers.google.com/protocol-buffers/docs/proto3#json)). + mainJarFileUri: type: string - format: google-datetime - autoDeleteTtl: + description: Optional. The HCFS URI of the jar file that contains the main class. + args: description: >- - Optional. The lifetime duration of cluster. The cluster will be - auto-deleted at the end of this period. Minimum value is 10 minutes; - maximum value is 14 days (see JSON representation of Duration - (https://developers.google.com/protocol-buffers/docs/proto3#json)). - type: string - format: google-duration - idleStopTtl: + Optional. The arguments to pass to the driver. Do not include + arguments that can be set as batch properties, such as --conf, since + a collision can occur that causes an incorrect batch submission. + items: + type: string + type: array + fileUris: + type: array + items: + type: string description: >- - Optional. The duration to keep the cluster started while idling - (when no jobs are running). Passing this threshold will cause the - cluster to be stopped. Minimum value is 5 minutes; maximum value is - 14 days (see JSON representation of Duration - (https://developers.google.com/protocol-buffers/docs/proto3#json)). - type: string - format: google-duration - autoStopTime: + Optional. HCFS URIs of files to be placed in the working directory + of each executor. + jarFileUris: description: >- - Optional. The time when cluster will be auto-stopped (see JSON - representation of Timestamp - (https://developers.google.com/protocol-buffers/docs/proto3#json)). - type: string - format: google-datetime - autoStopTtl: + Optional. HCFS URIs of jar files to add to the classpath of the + Spark driver and tasks. + type: array + items: + type: string + archiveUris: + items: + type: string + type: array description: >- - Optional. The lifetime duration of the cluster. The cluster will be - auto-stopped at the end of this period, calculated from the time of - submission of the create or update cluster request. Minimum value is - 10 minutes; maximum value is 14 days (see JSON representation of - Duration - (https://developers.google.com/protocol-buffers/docs/proto3#json)). - type: string - format: google-duration - idleStartTime: + Optional. HCFS URIs of archives to be extracted into the working + directory of each executor. Supported file types: .jar, .tar, + .tar.gz, .tgz, and .zip. + mainClass: description: >- - Output only. The time when cluster became idle (most recent job - finished) and became eligible for deletion due to idleness (see JSON - representation of Timestamp - (https://developers.google.com/protocol-buffers/docs/proto3#json)). - readOnly: true + Optional. The name of the driver main class. The jar file that + contains the class must be in the classpath or specified in + jar_file_uris. type: string - format: google-datetime - EndpointConfig: - id: EndpointConfig - description: Endpoint config for this cluster type: object + id: SparkBatch + description: >- + A configuration for running an Apache Spark (https://spark.apache.org/) + batch workload. + SparkStandaloneAutoscalingConfig: properties: - httpPorts: + scaleDownFactor: description: >- - Output only. The map of port descriptions to URLs. Will only be - populated if enable_http_port_access is true. - readOnly: true - type: object - additionalProperties: - type: string - enableHttpPortAccess: + Required. Fraction of required executors to remove from Spark + Serverless clusters. A scale-down factor of 1.0 will result in + scaling down so that there are no more executors for the Spark + Job.(more aggressive scaling). A scale-down factor closer to 0 will + result in a smaller magnitude of scaling donw (less aggressive + scaling).Bounds: 0.0, 1.0. + type: number + format: double + scaleDownMinWorkerFraction: description: >- - Optional. If true, enable http access to specific ports on the - cluster from external sources. Defaults to false. + Optional. Minimum scale-down threshold as a fraction of total + cluster size before scaling occurs. For example, in a 20-worker + cluster, a threshold of 0.1 means the autoscaler must recommend at + least a 2 worker scale-down for the cluster to scale. A threshold of + 0 means the autoscaler will scale down on any recommended + change.Bounds: 0.0, 1.0. Default: 0.0. + format: double + type: number + scaleUpFactor: + format: double + description: >- + Required. Fraction of required workers to add to Spark Standalone + clusters. A scale-up factor of 1.0 will result in scaling up so that + there are no more required workers for the Spark Job (more + aggressive scaling). A scale-up factor closer to 0 will result in a + smaller magnitude of scaling up (less aggressive scaling).Bounds: + 0.0, 1.0. + type: number + removeOnlyIdleWorkers: + description: Optional. Remove only idle workers when scaling down cluster type: boolean - MetastoreConfig: - id: MetastoreConfig - description: Specifies a Metastore configuration. + scaleUpMinWorkerFraction: + description: >- + Optional. Minimum scale-up threshold as a fraction of total cluster + size before scaling occurs. For example, in a 20-worker cluster, a + threshold of 0.1 means the autoscaler must recommend at least a + 2-worker scale-up for the cluster to scale. A threshold of 0 means + the autoscaler will scale up on any recommended change.Bounds: 0.0, + 1.0. Default: 0.0. + type: number + format: double + gracefulDecommissionTimeout: + description: >- + Required. Timeout for Spark graceful decommissioning of spark + workers. Specifies the duration to wait for spark worker to complete + spark decommissioning tasks before forcefully removing workers. Only + applicable to downscaling operations.Bounds: 0s, 1d. + type: string + format: google-duration type: object + id: SparkStandaloneAutoscalingConfig + description: Basic autoscaling configurations for Spark Standalone. + JobMetadata: + id: JobMetadata properties: - dataprocMetastoreService: - description: >- - Required. Resource name of an existing Dataproc Metastore - service.Example: - projects/[project_id]/locations/[dataproc_region]/services/[service-name] + jobId: + type: string + readOnly: true + description: Output only. The job id. + operationType: + description: Output only. Operation type. + readOnly: true + type: string + startTime: + format: google-datetime type: string - GkeClusterConfig: - id: GkeClusterConfig - description: The cluster's GKE config. + readOnly: true + description: Output only. Job submission time. + status: + readOnly: true + description: Output only. Most recent job status. + $ref: '#/components/schemas/JobStatus' + type: object + description: Job Operation metadata. + AutoscalingPolicy: + id: AutoscalingPolicy type: object properties: - namespacedGkeDeploymentTarget: + id: + type: string description: >- - Optional. Deprecated. Use gkeClusterTarget. Used only for the - deprecated beta. A target for the deployment. - deprecated: true - $ref: '#/components/schemas/NamespacedGkeDeploymentTarget' - gkeClusterTarget: + Required. The policy id.The id must contain only letters (a-z, A-Z), + numbers (0-9), underscores (_), and hyphens (-). Cannot begin or end + with underscore or hyphen. Must consist of between 3 and 50 + characters. + basicAlgorithm: + $ref: '#/components/schemas/BasicAutoscalingAlgorithm' + labels: + additionalProperties: + type: string description: >- - Optional. A target GKE cluster to deploy to. It must be in the same - project and region as the Dataproc cluster (the GKE cluster can be - zonal or regional). Format: - 'projects/{project}/locations/{location}/clusters/{cluster_id}' + Optional. The labels to associate with this autoscaling policy. + Label keys must contain 1 to 63 characters, and must conform to RFC + 1035 (https://www.ietf.org/rfc/rfc1035.txt). Label values may be + empty, but, if present, must contain 1 to 63 characters, and must + conform to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). No more + than 32 labels can be associated with an autoscaling policy. + type: object + workerConfig: + $ref: '#/components/schemas/InstanceGroupAutoscalingPolicyConfig' + description: >- + Required. Describes how the autoscaler will operate for primary + workers. + clusterType: type: string - nodePoolTarget: + enumDescriptions: + - Not set. + - Standard dataproc cluster with a minimum of two primary workers. + - >- + Clusters that can use only secondary workers and be scaled down to + zero secondary worker nodes. description: >- - Optional. GKE node pools where workloads will be scheduled. At least - one node pool must be assigned the DEFAULT GkeNodePoolTarget.Role. - If a GkeNodePoolTarget is not specified, Dataproc constructs a - DEFAULT GkeNodePoolTarget. Each role can be given to only one - GkeNodePoolTarget. All node pools must have the same location - settings. - type: array - items: - $ref: '#/components/schemas/GkeNodePoolTarget' - NamespacedGkeDeploymentTarget: - id: NamespacedGkeDeploymentTarget - deprecated: true - description: >- - Deprecated. Used only for the deprecated beta. A full, - namespace-isolated deployment target for an existing GKE cluster. - type: object - properties: - targetGkeCluster: + Optional. The type of the clusters for which this autoscaling policy + is to be configured. + enum: + - CLUSTER_TYPE_UNSPECIFIED + - STANDARD + - ZERO_SCALE + secondaryWorkerConfig: description: >- - Optional. The target GKE cluster to deploy to. Format: - 'projects/{project}/locations/{location}/clusters/{cluster_id}' - type: string - clusterNamespace: - description: Optional. A namespace within the GKE cluster to deploy into. - type: string - GkeNodePoolTarget: - id: GkeNodePoolTarget - description: GKE node pools that Dataproc workloads run on. - type: object - properties: - nodePool: + Optional. Describes how the autoscaler will operate for secondary + workers. + $ref: '#/components/schemas/InstanceGroupAutoscalingPolicyConfig' + name: description: >- - Required. The target GKE node pool. Format: - 'projects/{project}/locations/{location}/clusters/{cluster}/nodePools/{node_pool}' + Output only. The "resource name" of the autoscaling policy, as + described in https://cloud.google.com/apis/design/resource_names. + For projects.regions.autoscalingPolicies, the resource name of the + policy has the following format: + projects/{project_id}/regions/{region}/autoscalingPolicies/{policy_id} + For projects.locations.autoscalingPolicies, the resource name of the + policy has the following format: + projects/{project_id}/locations/{location}/autoscalingPolicies/{policy_id} + readOnly: true type: string - roles: - description: Required. The roles associated with the GKE node pool. - type: array - items: - type: string - enumDescriptions: - - Role is unspecified. - - >- - At least one node pool must have the DEFAULT role. Work assigned - to a role that is not associated with a node pool is assigned to - the node pool with the DEFAULT role. For example, work assigned - to the CONTROLLER role will be assigned to the node pool with - the DEFAULT role if no node pool has the CONTROLLER role. - - >- - Run work associated with the Dataproc control plane (for - example, controllers and webhooks). Very low resource - requirements. - - Run work associated with a Spark driver of a job. - - Run work associated with a Spark executor of a job. - enum: - - ROLE_UNSPECIFIED - - DEFAULT - - CONTROLLER - - SPARK_DRIVER - - SPARK_EXECUTOR - nodePoolConfig: + description: Describes an autoscaling policy for Dataproc cluster autoscaler. + WorkflowTemplatePlacement: + properties: + clusterSelector: description: >- - Input only. The configuration for the GKE node pool.If specified, - Dataproc attempts to create a node pool with the specified shape. If - one with the same name already exists, it is verified against all - specified fields. If a field differs, the virtual cluster creation - will fail.If omitted, any node pool with the specified name is used. - If a node pool with the specified name does not exist, Dataproc - create a node pool with default values.This is an input only field. - It will not be returned by the API. - $ref: '#/components/schemas/GkeNodePoolConfig' - GkeNodePoolConfig: - id: GkeNodePoolConfig + Optional. A selector that chooses target cluster for jobs based on + metadata.The selector is evaluated at the time each job is + submitted. + $ref: '#/components/schemas/ClusterSelector' + managedCluster: + description: A cluster that is managed by the workflow. + $ref: '#/components/schemas/ManagedCluster' + type: object description: >- - The configuration of a GKE node pool used by a Dataproc-on-GKE cluster - (https://cloud.google.com/dataproc/docs/concepts/jobs/dataproc-gke#create-a-dataproc-on-gke-cluster). + Specifies workflow execution target.Either managed_cluster or + cluster_selector is required. + id: WorkflowTemplatePlacement + SparkPlanGraph: + description: A graph used for storing information of an executionPlan of DataFrame. type: object properties: - config: - description: Optional. The node pool configuration. - $ref: '#/components/schemas/GkeNodeConfig' - locations: - description: >- - Optional. The list of Compute Engine zones - (https://cloud.google.com/compute/docs/zones#available) where node - pool nodes associated with a Dataproc on GKE virtual cluster will be - located.Note: All node pools associated with a virtual cluster must - be located in the same region as the virtual cluster, and they must - be located in the same zone within that region.If a location is not - specified during node pool creation, Dataproc on GKE will choose the - zone. + edges: + items: + $ref: '#/components/schemas/SparkPlanGraphEdge' type: array + executionId: + format: int64 + type: string + nodes: items: - type: string - autoscaling: - description: >- - Optional. The autoscaler configuration for this node pool. The - autoscaler is enabled only when a valid configuration is present. - $ref: '#/components/schemas/GkeNodePoolAutoscalingConfig' - GkeNodeConfig: - id: GkeNodeConfig - description: Parameters that describe cluster nodes. + $ref: '#/components/schemas/SparkPlanGraphNodeWrapper' + type: array + id: SparkPlanGraph + StagesSummary: type: object properties: - machineType: - description: >- - Optional. The name of a Compute Engine machine type - (https://cloud.google.com/compute/docs/machine-types). + numSkippedStages: + type: integer + format: int32 + applicationId: type: string - localSsdCount: - description: >- - Optional. The number of local SSD disks to attach to the node, which - is limited by the maximum number of disks allowable per zone (see - Adding Local SSDs - (https://cloud.google.com/compute/docs/disks/local-ssd)). + numCompletedStages: + format: int32 + type: integer + numPendingStages: type: integer format: int32 - preemptible: - description: >- - Optional. Whether the nodes are created as legacy preemptible VM - instances - (https://cloud.google.com/compute/docs/instances/preemptible). Also - see Spot VMs, preemptible VM instances without a maximum lifetime. - Legacy and Spot preemptible nodes cannot be used in a node pool with - the CONTROLLER role or in the DEFAULT node pool if the CONTROLLER - role is not assigned (the DEFAULT node pool will assume the - CONTROLLER role). - type: boolean - accelerators: - description: >- - Optional. A list of hardware accelerators - (https://cloud.google.com/compute/docs/gpus) to attach to each node. - type: array + numFailedStages: + format: int32 + type: integer + numActiveStages: + format: int32 + type: integer + id: StagesSummary + description: Data related to Stages page summary + StateHistory: + properties: + stateMessage: + description: Output only. Details about the state at this point in history. + readOnly: true + type: string + state: + description: Output only. The state of the batch at this point in history. + type: string + enum: + - STATE_UNSPECIFIED + - PENDING + - RUNNING + - CANCELLING + - CANCELLED + - SUCCEEDED + - FAILED + readOnly: true + enumDescriptions: + - The batch state is unknown. + - The batch is created before running. + - The batch is running. + - The batch is cancelling. + - The batch cancellation was successful. + - The batch completed successfully. + - The batch is no longer running due to an error. + stateStartTime: + readOnly: true + type: string + format: google-datetime + description: Output only. The time when the batch entered the historical state. + description: Historical state information. + type: object + id: StateHistory + GkeClusterConfig: + properties: + nodePoolTarget: items: - $ref: '#/components/schemas/GkeNodePoolAcceleratorConfig' - minCpuPlatform: + $ref: '#/components/schemas/GkeNodePoolTarget' + type: array description: >- - Optional. Minimum CPU platform - (https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform) - to be used by this instance. The instance may be scheduled on the - specified or a newer CPU platform. Specify the friendly names of CPU - platforms, such as "Intel Haswell"` or Intel Sandy Bridge". - type: string - bootDiskKmsKey: + Optional. GKE node pools where workloads will be scheduled. At least + one node pool must be assigned the DEFAULT GkeNodePoolTarget.Role. + If a GkeNodePoolTarget is not specified, Dataproc constructs a + DEFAULT GkeNodePoolTarget. Each role can be given to only one + GkeNodePoolTarget. All node pools must have the same location + settings. + namespacedGkeDeploymentTarget: + $ref: '#/components/schemas/NamespacedGkeDeploymentTarget' + deprecated: true description: >- - Optional. The Customer Managed Encryption Key (CMEK) - (https://cloud.google.com/kubernetes-engine/docs/how-to/using-cmek) - used to encrypt the boot disk attached to each node in the node - pool. Specify the key using the following format: - projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key} + Optional. Deprecated. Use gkeClusterTarget. Used only for the + deprecated beta. A target for the deployment. + gkeClusterTarget: type: string - spot: description: >- - Optional. Whether the nodes are created as Spot VM instances - (https://cloud.google.com/compute/docs/instances/spot). Spot VMs are - the latest update to legacy preemptible VMs. Spot VMs do not have a - maximum lifetime. Legacy and Spot preemptible nodes cannot be used - in a node pool with the CONTROLLER role or in the DEFAULT node pool - if the CONTROLLER role is not assigned (the DEFAULT node pool will - assume the CONTROLLER role). - type: boolean - GkeNodePoolAcceleratorConfig: - id: GkeNodePoolAcceleratorConfig - description: >- - A GkeNodeConfigAcceleratorConfig represents a Hardware Accelerator - request for a node pool. + Optional. A target GKE cluster to deploy to. It must be in the same + project and region as the Dataproc cluster (the GKE cluster can be + zonal or regional). Format: + 'projects/{project}/locations/{location}/clusters/{cluster_id}' + description: The cluster's GKE config. + id: GkeClusterConfig type: object + StageShufflePushReadMetrics: + id: StageShufflePushReadMetrics properties: - acceleratorCount: - description: The number of accelerator cards exposed to an instance. + localMergedChunksFetched: + format: int64 type: string + remoteMergedBytesRead: format: int64 - acceleratorType: - description: The accelerator type resource namename (see GPUs on Compute Engine). type: string - gpuPartitionSize: - description: >- - Size of partitions to create on the GPU. Valid values are described - in the NVIDIA mig user guide - (https://docs.nvidia.com/datacenter/tesla/mig-user-guide/#partitioning). + corruptMergedBlockChunks: type: string - GkeNodePoolAutoscalingConfig: - id: GkeNodePoolAutoscalingConfig + format: int64 + localMergedBlocksFetched: + type: string + format: int64 + remoteMergedReqsDuration: + format: int64 + type: string + mergedFetchFallbackCount: + format: int64 + type: string + remoteMergedChunksFetched: + format: int64 + type: string + localMergedBytesRead: + type: string + format: int64 + remoteMergedBlocksFetched: + type: string + format: int64 + type: object + StageInputMetrics: + type: object + description: Metrics about the input read by the stage. + id: StageInputMetrics + properties: + bytesRead: + format: int64 + type: string + recordsRead: + format: int64 + type: string + IdentityConfig: + id: IdentityConfig description: >- - GkeNodePoolAutoscaling contains information the cluster autoscaler needs - to adjust the size of the node pool to the current cluster usage. + Identity related configuration, including service account based secure + multi-tenancy user mappings. type: object properties: - minNodeCount: - description: >- - The minimum number of nodes in the node pool. Must be >= 0 and <= - max_node_count. - type: integer - format: int32 - maxNodeCount: - description: >- - The maximum number of nodes in the node pool. Must be >= - min_node_count, and must be > 0. Note: Quota must be sufficient to - scale up the cluster. - type: integer - format: int32 - DataprocMetricConfig: - id: DataprocMetricConfig - description: Dataproc metric config. + userServiceAccountMapping: + additionalProperties: + type: string + description: Required. Map of user to service account. + type: object + RddPartitionInfo: type: object + description: Information about RDD partitions. properties: - metrics: - description: Required. Metrics sources to enable. + storageLevel: + type: string + diskUsed: + type: string + format: int64 + blockName: + type: string + executors: type: array items: - $ref: '#/components/schemas/Metric' - Metric: - id: Metric - description: A Dataproc custom metric. + type: string + memoryUsed: + format: int64 + type: string + id: RddPartitionInfo + DiagnoseClusterRequest: + id: DiagnoseClusterRequest type: object + description: A request to collect cluster diagnostic information. properties: - metricSource: + yarnApplicationIds: + items: + type: string + type: array description: >- - Required. A standard set of metrics is collected unless - metricOverrides are specified for the metric source (see Custom - metrics - (https://cloud.google.com/dataproc/docs/guides/dataproc-metrics#custom_metrics) - for more information). + Optional. Specifies a list of yarn applications on which diagnosis + is to be performed. + diagnosisInterval: + description: >- + Optional. Time interval in which diagnosis should be carried out on + the cluster. + $ref: '#/components/schemas/Interval' + yarnApplicationId: + type: string + description: >- + Optional. DEPRECATED Specifies the yarn application on which + diagnosis is to be performed. + deprecated: true + job: + deprecated: true + description: >- + Optional. DEPRECATED Specifies the job on which diagnosis is to be + performed. Format: projects/{project}/regions/{region}/jobs/{job} + type: string + tarballAccess: + enum: + - TARBALL_ACCESS_UNSPECIFIED + - GOOGLE_CLOUD_SUPPORT + - GOOGLE_DATAPROC_DIAGNOSE type: string + description: >- + Optional. (Optional) The access type to the diagnostic tarball. If + not specified, falls back to default access of the bucket enumDescriptions: - - Required unspecified metric source. - >- - Monitoring agent metrics. If this source is enabled, Dataproc - enables the monitoring agent in Compute Engine, and collects - monitoring agent metrics, which are published with an - agent.googleapis.com prefix. - - HDFS metric source. - - Spark metric source. - - YARN metric source. - - Spark History Server metric source. - - Hiveserver2 metric source. - - hivemetastore metric source - - flink metric source - enum: - - METRIC_SOURCE_UNSPECIFIED - - MONITORING_AGENT_DEFAULTS - - HDFS - - SPARK - - YARN - - SPARK_HISTORY_SERVER - - HIVESERVER2 - - HIVEMETASTORE - - FLINK - metricOverrides: + Tarball Access unspecified. Falls back to default access of the + bucket + - >- + Google Cloud Support group has read access to the diagnostic + tarball + - >- + Google Cloud Dataproc Diagnose service account has read access to + the diagnostic tarball + tarballGcsDir: description: >- - Optional. Specify one or more Custom metrics - (https://cloud.google.com/dataproc/docs/guides/dataproc-metrics#custom_metrics) - to collect for the metric course (for the SPARK metric source (any - Spark metric - (https://spark.apache.org/docs/latest/monitoring.html#metrics) can - be specified).Provide metrics in the following format: - METRIC_SOURCE: INSTANCE:GROUP:METRIC Use camelcase as - appropriate.Examples: - yarn:ResourceManager:QueueMetrics:AppsCompleted - spark:driver:DAGScheduler:job.allJobs - sparkHistoryServer:JVM:Memory:NonHeapMemoryUsage.committed - hiveserver2:JVM:Memory:NonHeapMemoryUsage.used Notes: Only the - specified overridden metrics are collected for the metric source. - For example, if one or more spark:executive metrics are listed as - metric overrides, other SPARK metrics are not collected. The - collection of the metrics for other enabled custom metric sources is - unaffected. For example, if both SPARK and YARN metric sources are - enabled, and overrides are provided for Spark metrics only, all YARN - metrics are collected. - type: array + Optional. (Optional) The output Cloud Storage directory for the + diagnostic tarball. If not specified, a task-specific directory in + the cluster's staging bucket will be used. + type: string + jobs: + description: >- + Optional. Specifies a list of jobs on which diagnosis is to be + performed. Format: projects/{project}/regions/{region}/jobs/{job} items: type: string - AuxiliaryNodeGroup: - id: AuxiliaryNodeGroup - description: Node group identification and configuration information. - type: object + type: array + WorkflowNode: properties: - nodeGroup: - description: Required. Node group configuration. - $ref: '#/components/schemas/NodeGroup' - nodeGroupId: - description: >- - Optional. A node group ID. Generated if not specified.The ID must - contain only letters (a-z, A-Z), numbers (0-9), underscores (_), and - hyphens (-). Cannot begin or end with underscore or hyphen. Must - consist of from 3 to 33 characters. + error: + description: Output only. The error detail. type: string - NodeGroup: - id: NodeGroup - description: >- - Dataproc Node Group. The Dataproc NodeGroup resource is not related to - the Dataproc NodeGroupAffinity resource. - type: object - properties: - name: - description: The Node group resource name (https://aip.dev/122). + readOnly: true + jobId: + description: >- + Output only. The job id; populated after the node enters RUNNING + state. type: string - roles: - description: Required. Node group roles. - type: array + readOnly: true + prerequisiteStepIds: + description: Output only. Node's prerequisite nodes. items: type: string - enumDescriptions: - - Required unspecified role. - - Job drivers run on the node pool. - enum: - - ROLE_UNSPECIFIED - - DRIVER - nodeGroupConfig: - description: Optional. The node group instance group configuration. - $ref: '#/components/schemas/InstanceGroupConfig' - labels: - description: >- - Optional. Node group labels. Label keys must consist of from 1 to 63 - characters and conform to RFC 1035 - (https://www.ietf.org/rfc/rfc1035.txt). Label values can be empty. - If specified, they must consist of from 1 to 63 characters and - conform to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). The node - group must have no more than 32 labels. - type: object - additionalProperties: - type: string - VirtualClusterConfig: - id: VirtualClusterConfig - description: >- - The Dataproc cluster config for a cluster that does not directly control - the underlying compute resources, such as a Dataproc-on-GKE cluster - (https://cloud.google.com/dataproc/docs/guides/dpgke/dataproc-gke-overview). - type: object - properties: - stagingBucket: - description: >- - Optional. A Cloud Storage bucket used to stage job dependencies, - config files, and job driver console output. If you do not specify a - staging bucket, Cloud Dataproc will determine a Cloud Storage - location (US, ASIA, or EU) for your cluster's staging bucket - according to the Compute Engine zone where your cluster is deployed, - and then create and manage this project-level, per-location bucket - (see Dataproc staging and temp buckets - (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/staging-bucket)). - This field requires a Cloud Storage bucket name, not a gs://... URI - to a Cloud Storage bucket. + readOnly: true + type: array + stepId: type: string - kubernetesClusterConfig: - description: >- - Required. The configuration for running the Dataproc cluster on - Kubernetes. - $ref: '#/components/schemas/KubernetesClusterConfig' - auxiliaryServicesConfig: - description: Optional. Configuration of auxiliary services used by this cluster. - $ref: '#/components/schemas/AuxiliaryServicesConfig' - KubernetesClusterConfig: - id: KubernetesClusterConfig - description: The configuration for running the Dataproc cluster on Kubernetes. + readOnly: true + description: Output only. The name of the node. + state: + enum: + - NODE_STATE_UNSPECIFIED + - BLOCKED + - RUNNABLE + - RUNNING + - COMPLETED + - FAILED + description: Output only. The node state. + readOnly: true + type: string + enumDescriptions: + - State is unspecified. + - The node is awaiting prerequisite node to finish. + - The node is runnable but not running. + - The node is running. + - The node completed successfully. + - >- + The node failed. A node can be marked FAILED because its ancestor + or peer failed. + id: WorkflowNode + description: The workflow node. type: object + SummarizeSessionSparkApplicationStagesResponse: + description: Summary of a Spark Application stages. + id: SummarizeSessionSparkApplicationStagesResponse properties: - kubernetesNamespace: - description: >- - Optional. A namespace within the Kubernetes cluster to deploy into. - If this namespace does not exist, it is created. If it exists, - Dataproc verifies that another Dataproc VirtualCluster is not - installed into it. If not specified, the name of the Dataproc - Cluster is used. - type: string - gkeClusterConfig: - description: Required. The configuration for running the Dataproc cluster on GKE. - $ref: '#/components/schemas/GkeClusterConfig' - kubernetesSoftwareConfig: - description: >- - Optional. The software configuration for this Dataproc cluster - running on Kubernetes. - $ref: '#/components/schemas/KubernetesSoftwareConfig' - KubernetesSoftwareConfig: - id: KubernetesSoftwareConfig + stagesSummary: + $ref: '#/components/schemas/StagesSummary' + description: Summary of a Spark Application Stages + type: object + SparkRJob: description: >- - The software configuration for this Dataproc cluster running on - Kubernetes. + A Dataproc job for running Apache SparkR + (https://spark.apache.org/docs/latest/sparkr.html) applications on YARN. type: object + id: SparkRJob properties: - componentVersion: + mainRFileUri: + type: string description: >- - The components that should be installed in this Dataproc cluster. - The key must be a string from the KubernetesComponent enumeration. - The value is the version of the software to be installed. At least - one entry must be specified. - type: object - additionalProperties: + Required. The HCFS URI of the main R file to use as the driver. Must + be a .R file. + args: + description: >- + Optional. The arguments to pass to the driver. Do not include + arguments, such as --conf, that can be set as job properties, since + a collision may occur that causes an incorrect job submission. + items: + type: string + type: array + archiveUris: + items: type: string + type: array + description: >- + Optional. HCFS URIs of archives to be extracted into the working + directory of each executor. Supported file types: .jar, .tar, + .tar.gz, .tgz, and .zip. + loggingConfig: + description: Optional. The runtime log config for job execution. + $ref: '#/components/schemas/LoggingConfig' properties: description: >- - The properties to set on daemon config files.Property keys are - specified in prefix:property format, for example - spark:spark.kubernetes.container.image. The following are supported - prefixes and their mappings: spark: spark-defaults.confFor more - information, see Cluster properties - (https://cloud.google.com/dataproc/docs/concepts/cluster-properties). - type: object + Optional. A mapping of property names to values, used to configure + SparkR. Properties that conflict with values set by the Dataproc API + might be overwritten. Can include properties set in + /etc/spark/conf/spark-defaults.conf and classes in user code. additionalProperties: type: string - AuxiliaryServicesConfig: - id: AuxiliaryServicesConfig - description: Auxiliary services configuration for a Cluster. - type: object + type: object + fileUris: + items: + type: string + type: array + description: >- + Optional. HCFS URIs of files to be placed in the working directory + of each executor. Useful for naively parallel tasks. + RddOperationEdge: + id: RddOperationEdge properties: - metastoreConfig: - description: Optional. The Hive Metastore configuration for this workload. - $ref: '#/components/schemas/MetastoreConfig' - sparkHistoryServerConfig: - description: Optional. The Spark History Server configuration for the workload. - $ref: '#/components/schemas/SparkHistoryServerConfig' - ClusterStatus: - id: ClusterStatus - description: The status of a cluster and its instances. + toId: + format: int32 + type: integer + fromId: + type: integer + format: int32 + description: A directed edge representing dependency between two RDDs. type: object - properties: - state: - description: Output only. The cluster's state. - readOnly: true - type: string - enumDescriptions: - - The cluster state is unknown. - - The cluster is being created and set up. It is not ready for use. - - >- - The cluster is currently running and healthy. It is ready for - use.Note: The cluster state changes from "creating" to "running" - status after the master node(s), first two primary worker nodes - (and the last primary worker node if primary workers > 2) are - running. - - The cluster encountered an error. It is not ready for use. - - >- - The cluster has encountered an error while being updated. Jobs can - be submitted to the cluster, but the cluster cannot be updated. - - The cluster is being deleted. It cannot be used. - - >- - The cluster is being updated. It continues to accept and process - jobs. - - The cluster is being stopped. It cannot be used. - - The cluster is currently stopped. It is not ready for use. - - The cluster is being started. It is not ready for use. - - The cluster is being repaired. It is not ready for use. - - >- - Cluster creation is currently waiting for resources to be - available. Once all resources are available, it will transition to - CREATING and then RUNNING. + ClusterOperationStatus: + type: object + properties: + state: enum: - UNKNOWN - - CREATING + - PENDING - RUNNING - - ERROR - - ERROR_DUE_TO_UPDATE - - DELETING - - UPDATING - - STOPPING - - STOPPED - - STARTING - - REPAIRING - - SCHEDULED - detail: - description: Optional. Output only. Details of cluster's state. + - DONE readOnly: true + enumDescriptions: + - Unused. + - The operation has been created. + - The operation is running. + - The operation is done; either cancelled or completed. + type: string + description: Output only. A message containing the operation state. + details: type: string + readOnly: true + description: Output only. A message containing any operation metadata details. stateStartTime: - description: >- - Output only. Time when this state was entered (see JSON - representation of Timestamp - (https://developers.google.com/protocol-buffers/docs/proto3#json)). readOnly: true type: string + description: Output only. The time this state was entered. format: google-datetime - substate: - description: >- - Output only. Additional state information that includes status - reported by the agent. - readOnly: true + innerState: type: string - enumDescriptions: - - The cluster substate is unknown. - - >- - The cluster is known to be in an unhealthy state (for example, - critical daemons are not running or HDFS capacity is - exhausted).Applies to RUNNING state. - - >- - The agent-reported status is out of date (may occur if Dataproc - loses communication with Agent).Applies to RUNNING state. - enum: - - UNSPECIFIED - - UNHEALTHY - - STALE_STATUS - ClusterMetrics: - id: ClusterMetrics - description: >- - Contains cluster daemon metrics, such as HDFS and YARN stats.Beta - Feature: This report is available for testing purposes only. It may be - changed before final release. - type: object - properties: - hdfsMetrics: - description: The HDFS metrics. - type: object - additionalProperties: - type: string - format: int64 - yarnMetrics: - description: YARN metrics. - type: object - additionalProperties: - type: string - format: int64 - StopClusterRequest: - id: StopClusterRequest - description: A request to stop a cluster. - type: object + description: Output only. A message containing the detailed operation state. + readOnly: true + id: ClusterOperationStatus + description: The status of the operation. + Policy: properties: - clusterUuid: + bindings: + type: array + items: + $ref: '#/components/schemas/Binding' description: >- - Optional. Specifying the cluster_uuid means the RPC will fail (with - error NOT_FOUND) if a cluster with the specified UUID does not - exist. + Associates a list of members, or principals, with a role. + Optionally, may specify a condition that determines how and when the + bindings are applied. Each of the bindings must contain at least one + principal.The bindings in a Policy can refer to up to 1,500 + principals; up to 250 of these principals can be Google groups. Each + occurrence of a principal counts towards these limits. For example, + if the bindings grant 50 different roles to user:alice@example.com, + and not to any other principal, then you can add another 1,450 + principals to the bindings in the Policy. + etag: + format: byte type: string - requestId: description: >- - Optional. A unique ID used to identify the request. If the server - receives two StopClusterRequest - (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#google.cloud.dataproc.v1.StopClusterRequest)s - with the same id, then the second request will be ignored and the - first google.longrunning.Operation created and stored in the backend - is returned.Recommendation: Set this value to a UUID - (https://en.wikipedia.org/wiki/Universally_unique_identifier).The ID - must contain only letters (a-z, A-Z), numbers (0-9), underscores - (_), and hyphens (-). The maximum length is 40 characters. - type: string - StartClusterRequest: - id: StartClusterRequest - description: A request to start a cluster. + etag is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the etag in + the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An etag is returned in the response to + getIamPolicy, and systems are expected to put that etag in the + request to setIamPolicy to ensure that their change will be applied + to the same version of the policy.Important: If you use IAM + Conditions, you must include the etag field whenever you call + setIamPolicy. If you omit this field, then IAM allows you to + overwrite a version 3 policy with a version 1 policy, and all of the + conditions in the version 3 policy are lost. + version: + description: >- + Specifies the format of the policy.Valid values are 0, 1, and 3. + Requests that specify an invalid value are rejected.Any operation + that affects conditional role bindings must specify version 3. This + requirement applies to the following operations: Getting a policy + that includes a conditional role binding Adding a conditional role + binding to a policy Changing a conditional role binding in a policy + Removing any role binding, with or without a condition, from a + policy that includes conditionsImportant: If you use IAM Conditions, + you must include the etag field whenever you call setIamPolicy. If + you omit this field, then IAM allows you to overwrite a version 3 + policy with a version 1 policy, and all of the conditions in the + version 3 policy are lost.If a policy does not include any + conditions, operations on that policy may specify any valid version + or leave the field unset.To learn which resources support conditions + in their IAM policies, see the IAM documentation + (https://cloud.google.com/iam/help/conditions/resource-policies). + format: int32 + type: integer + type: object + id: Policy + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources.A Policy is a collection of + bindings. A binding binds one or more members, or principals, to a + single role. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A role is a named list of + permissions; each role can be an IAM predefined role or a user-created + custom role.For some types of Google Cloud resources, a binding can also + specify a condition, which is a logical expression that allows access to + a resource only if the expression evaluates to true. A condition can add + constraints based on attributes of the request, the resource, or both. + To learn which resources support conditions in their IAM policies, see + the IAM documentation + (https://cloud.google.com/iam/help/conditions/resource-policies).JSON + example: { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } YAML example: bindings: - members: - + user:mike@example.com - group:admins@example.com - domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For + a description of IAM and its features, see the IAM documentation + (https://cloud.google.com/iam/docs/). + NativeSqlExecutionUiData: type: object properties: - clusterUuid: - description: >- - Optional. Specifying the cluster_uuid means the RPC will fail (with - error NOT_FOUND) if a cluster with the specified UUID does not - exist. + fallbackDescription: type: string - requestId: - description: >- - Optional. A unique ID used to identify the request. If the server - receives two StartClusterRequest - (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#google.cloud.dataproc.v1.StartClusterRequest)s - with the same id, then the second request will be ignored and the - first google.longrunning.Operation created and stored in the backend - is returned.Recommendation: Set this value to a UUID - (https://en.wikipedia.org/wiki/Universally_unique_identifier).The ID - must contain only letters (a-z, A-Z), numbers (0-9), underscores - (_), and hyphens (-). The maximum length is 40 characters. + description: Optional. Description of the fallback. + numFallbackNodes: + format: int32 + description: Optional. Number of nodes fallen back to Spark. + type: integer + numNativeNodes: + description: Optional. Number of nodes in Native. + format: int32 + type: integer + description: type: string - RepairClusterRequest: - id: RepairClusterRequest - description: A request to repair a cluster. + description: Optional. Description of the execution. + executionId: + type: string + description: Required. Execution ID of the Native SQL Execution. + format: int64 + fallbackNodeToReason: + description: Optional. Fallback node to reason. + items: + $ref: '#/components/schemas/FallbackReason' + type: array + description: Native SQL Execution Data + id: NativeSqlExecutionUiData + WriteSessionSparkApplicationContextResponse: + description: Response returned as an acknowledgement of receipt of data. + properties: {} + type: object + id: WriteSessionSparkApplicationContextResponse + TemplateParameter: type: object + id: TemplateParameter properties: - clusterUuid: + fields: + type: array description: >- - Optional. Specifying the cluster_uuid means the RPC will fail (with - error NOT_FOUND) if a cluster with the specified UUID does not - exist. + Required. Paths to all fields that the parameter replaces. A field + is allowed to appear in at most one parameter's list of field + paths.A field path is similar in syntax to a + google.protobuf.FieldMask. For example, a field path that references + the zone field of a workflow template's cluster selector would be + specified as placement.clusterSelector.zone.Also, field paths can + reference fields using the following syntax: Values in maps can be + referenced by key: labels'key' + placement.clusterSelector.clusterLabels'key' + placement.managedCluster.labels'key' + placement.clusterSelector.clusterLabels'key' + jobs'step-id'.labels'key' Jobs in the jobs list can be referenced by + step-id: jobs'step-id'.hadoopJob.mainJarFileUri + jobs'step-id'.hiveJob.queryFileUri + jobs'step-id'.pySparkJob.mainPythonFileUri + jobs'step-id'.hadoopJob.jarFileUris0 + jobs'step-id'.hadoopJob.archiveUris0 + jobs'step-id'.hadoopJob.fileUris0 + jobs'step-id'.pySparkJob.pythonFileUris0 Items in repeated fields + can be referenced by a zero-based index: + jobs'step-id'.sparkJob.args0 Other examples: + jobs'step-id'.hadoopJob.properties'key' + jobs'step-id'.hadoopJob.args0 + jobs'step-id'.hiveJob.scriptVariables'key' + jobs'step-id'.hadoopJob.mainJarFileUri + placement.clusterSelector.zoneIt may not be possible to parameterize + maps and repeated fields in their entirety since only individual map + values and individual items in repeated fields can be referenced. + For example, the following field paths are invalid: + placement.clusterSelector.clusterLabels jobs'step-id'.sparkJob.args + items: + type: string + name: type: string - requestId: description: >- - Optional. A unique ID used to identify the request. If the server - receives two RepairClusterRequests with the same ID, the second - request is ignored, and the first google.longrunning.Operation - created and stored in the backend is returned.Recommendation: Set - this value to a UUID - (https://en.wikipedia.org/wiki/Universally_unique_identifier).The ID - must contain only letters (a-z, A-Z), numbers (0-9), underscores - (_), and hyphens (-). The maximum length is 40 characters. + Required. Parameter name. The parameter name is used as the key, and + paired with the parameter value, which are passed to the template + when the template is instantiated. The name must contain only + capital letters (A-Z), numbers (0-9), and underscores (_), and must + not start with a number. The maximum length is 40 characters. + description: type: string - nodePools: - description: >- - Optional. Node pools and corresponding repair action to be taken. - All node pools should be unique in this request. i.e. Multiple - entries for the same node pool id are not allowed. - type: array - items: - $ref: '#/components/schemas/NodePool' - gracefulDecommissionTimeout: description: >- - Optional. Timeout for graceful YARN decommissioning. Graceful - decommissioning facilitates the removal of cluster nodes without - interrupting jobs in progress. The timeout specifies the amount of - time to wait for jobs finish before forcefully removing nodes. The - default timeout is 0 for forceful decommissioning, and the maximum - timeout period is 1 day. (see JSON Mapping—Duration - (https://developers.google.com/protocol-buffers/docs/proto3#json)).graceful_decommission_timeout - is supported in Dataproc image versions 1.2+. + Optional. Brief description of the parameter. Must not exceed 1024 + characters. + validation: + description: Optional. Validation rules to be applied to this parameter's value. + $ref: '#/components/schemas/ParameterValidation' + description: >- + A configurable parameter that replaces one or more fields in the + template. Parameterizable fields: - Labels - File uris - Job properties + - Job arguments - Script variables - Main class (in HadoopJob and + SparkJob) - Zone (in ClusterSelector) + OutputMetrics: + description: Metrics about the data written by the task. + type: object + id: OutputMetrics + properties: + recordsWritten: type: string - format: google-duration - parentOperationId: - description: >- - Optional. operation id of the parent operation sending the repair - request + format: int64 + bytesWritten: type: string - cluster: - description: Optional. Cluster to be repaired - $ref: '#/components/schemas/ClusterToRepair' - NodePool: - id: NodePool - description: indicating a list of workers of same type - type: object + format: int64 + Job: properties: - id: + flinkJob: + description: Optional. Job is a Flink job. + $ref: '#/components/schemas/FlinkJob' + driverControlFilesUri: + readOnly: true description: >- - Required. A unique id of the node pool. Primary and Secondary - workers can be specified using special reserved ids - PRIMARY_WORKER_POOL and SECONDARY_WORKER_POOL respectively. Aux node - pools can be referenced using corresponding pool id. + Output only. If present, the location of miscellaneous control files + which can be used as part of job setup and handling. If not present, + control files might be placed in the same location as + driver_output_uri. type: string - instanceNames: + prestoJob: + description: Optional. Job is a Presto job. + $ref: '#/components/schemas/PrestoJob' + yarnApplications: description: >- - Name of instances to be repaired. These instances must belong to - specified node pool. - type: array + Output only. The collection of YARN applications spun up by this + job.Beta Feature: This report is available for testing purposes + only. It might be changed before final release. items: - type: string - repairAction: + $ref: '#/components/schemas/YarnApplication' + readOnly: true + type: array + placement: + $ref: '#/components/schemas/JobPlacement' description: >- - Required. Repair action to take on specified resources of the node - pool. - type: string - enumDescriptions: - - No action will be taken by default. - - delete the specified list of nodes. - enum: - - REPAIR_ACTION_UNSPECIFIED - - DELETE - ClusterToRepair: - id: ClusterToRepair - description: Cluster to be repaired - type: object - properties: - clusterRepairAction: - description: Required. Repair action to take on the cluster resource. - type: string - enumDescriptions: - - No action will be taken by default. - - Repair cluster in ERROR_DUE_TO_UPDATE states. - enum: - - CLUSTER_REPAIR_ACTION_UNSPECIFIED - - REPAIR_ERROR_DUE_TO_UPDATE_CLUSTER - ListClustersResponse: - id: ListClustersResponse - description: The list of all clusters in a project. - type: object - properties: - clusters: - description: Output only. The clusters in the project. + Required. Job information, including how, when, and where to run the + job. + status: + $ref: '#/components/schemas/JobStatus' readOnly: true + description: >- + Output only. The job status. Additional application-specific status + information might be contained in the type_job and yarn_applications + fields. + pigJob: + description: Optional. Job is a Pig job. + $ref: '#/components/schemas/PigJob' + labels: + additionalProperties: + type: string + description: >- + Optional. The labels to associate with this job. Label keys must + contain 1 to 63 characters, and must conform to RFC 1035 + (https://www.ietf.org/rfc/rfc1035.txt). Label values can be empty, + but, if present, must contain 1 to 63 characters, and must conform + to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). No more than 32 + labels can be associated with a job. + type: object + driverSchedulingConfig: + $ref: '#/components/schemas/DriverSchedulingConfig' + description: Optional. Driver scheduling configuration. + statusHistory: type: array items: - $ref: '#/components/schemas/Cluster' - nextPageToken: - description: >- - Output only. This token is included in the response if there are - more results to fetch. To fetch additional results, provide this - value as the page_token in a subsequent ListClustersRequest. + $ref: '#/components/schemas/JobStatus' + description: Output only. The previous job status. readOnly: true + pysparkJob: + $ref: '#/components/schemas/PySparkJob' + description: Optional. Job is a PySpark job. + hadoopJob: + $ref: '#/components/schemas/HadoopJob' + description: Optional. Job is a Hadoop job. + jobUuid: type: string - DiagnoseClusterRequest: - id: DiagnoseClusterRequest - description: A request to collect cluster diagnostic information. - type: object - properties: - tarballGcsDir: + readOnly: true description: >- - Optional. (Optional) The output Cloud Storage directory for the - diagnostic tarball. If not specified, a task-specific directory in - the cluster's staging bucket will be used. + Output only. A UUID that uniquely identifies a job within the + project over time. This is in contrast to a user-settable + reference.job_id that might be reused over time. + sparkRJob: + description: Optional. Job is a SparkR job. + $ref: '#/components/schemas/SparkRJob' + sparkJob: + $ref: '#/components/schemas/SparkJob' + description: Optional. Job is a Spark job. + driverOutputResourceUri: type: string - tarballAccess: + readOnly: true description: >- - Optional. (Optional) The access type to the diagnostic tarball. If - not specified, falls back to default access of the bucket - type: string - enumDescriptions: - - >- - Tarball Access unspecified. Falls back to default access of the - bucket - - >- - Google Cloud Support group has read access to the diagnostic - tarball - - >- - Google Cloud Dataproc Diagnose service account has read access to - the diagnostic tarball - enum: - - TARBALL_ACCESS_UNSPECIFIED - - GOOGLE_CLOUD_SUPPORT - - GOOGLE_DATAPROC_DIAGNOSE - diagnosisInterval: + Output only. A URI pointing to the location of the stdout of the + job's driver program. + sparkSqlJob: + $ref: '#/components/schemas/SparkSqlJob' + description: Optional. Job is a SparkSql job. + scheduling: + description: Optional. Job scheduling configuration. + $ref: '#/components/schemas/JobScheduling' + done: description: >- - Optional. Time interval in which diagnosis should be carried out on - the cluster. - $ref: '#/components/schemas/Interval' - job: + Output only. Indicates whether the job is completed. If the value is + false, the job is still in progress. If true, the job is completed, + and status.state field will indicate if it was successful, failed, + or cancelled. + type: boolean + readOnly: true + hiveJob: + description: Optional. Job is a Hive job. + $ref: '#/components/schemas/HiveJob' + reference: description: >- - Optional. DEPRECATED Specifies the job on which diagnosis is to be - performed. Format: projects/{project}/regions/{region}/jobs/{job} - deprecated: true - type: string - yarnApplicationId: + Optional. The fully qualified reference to the job, which can be + used to obtain the equivalent REST path of the job resource. If this + property is not specified when a job is created, the server + generates a job_id. + $ref: '#/components/schemas/JobReference' + trinoJob: + $ref: '#/components/schemas/TrinoJob' + description: Optional. Job is a Trino job. + type: object + description: A Dataproc job resource. + id: Job + SearchSessionSparkApplicationsResponse: + properties: + nextPageToken: description: >- - Optional. DEPRECATED Specifies the yarn application on which - diagnosis is to be performed. - deprecated: true + This token is included in the response if there are more results to + fetch. To fetch additional results, provide this value as the + page_token in a subsequent SearchSessionSparkApplicationsRequest. type: string - jobs: - description: >- - Optional. Specifies a list of jobs on which diagnosis is to be - performed. Format: projects/{project}/regions/{region}/jobs/{job} - type: array - items: - type: string - yarnApplicationIds: - description: >- - Optional. Specifies a list of yarn applications on which diagnosis - is to be performed. + sparkApplications: + description: Output only. High level information corresponding to an application. + readOnly: true type: array items: - type: string - Interval: - id: Interval - description: >- - Represents a time interval, encoded as a Timestamp start (inclusive) and - a Timestamp end (exclusive).The start must be less than or equal to the - end. When the start equals the end, the interval is empty (matches no - time). When both start and end are unspecified, the interval matches any - time. + $ref: '#/components/schemas/SparkApplication' + description: A list of summary of Spark Applications + id: SearchSessionSparkApplicationsResponse type: object + RepairNodeGroupRequest: properties: - startTime: + instanceNames: + items: + type: string + type: array description: >- - Optional. Inclusive start of the interval.If specified, a Timestamp - matching this interval will have to be the same or after the start. + Required. Name of instances to be repaired. These instances must + belong to specified node pool. + requestId: type: string - format: google-datetime - endTime: description: >- - Optional. Exclusive end of the interval.If specified, a Timestamp - matching this interval will have to be before the end. + Optional. A unique ID used to identify the request. If the server + receives two RepairNodeGroupRequest with the same ID, the second + request is ignored and the first google.longrunning.Operation + created and stored in the backend is returned.Recommendation: Set + this value to a UUID + (https://en.wikipedia.org/wiki/Universally_unique_identifier).The ID + must contain only letters (a-z, A-Z), numbers (0-9), underscores + (_), and hyphens (-). The maximum length is 40 characters. + repairAction: + enumDescriptions: + - No action will be taken by default. + - replace the specified list of nodes. type: string - format: google-datetime + description: >- + Required. Repair action to take on specified resources of the node + pool. + enum: + - REPAIR_ACTION_UNSPECIFIED + - REPLACE + type: object + id: RepairNodeGroupRequest + ResourceProfileInfo: + properties: + resourceProfileId: + type: integer + format: int32 + executorResources: + additionalProperties: + $ref: '#/components/schemas/ExecutorResourceRequest' + type: object + taskResources: + additionalProperties: + $ref: '#/components/schemas/TaskResourceRequest' + type: object + type: object + description: >- + Resource profile that contains information about all the resources + required by executors and tasks. + id: ResourceProfileInfo InjectCredentialsRequest: id: InjectCredentialsRequest - description: A request to inject credentials into a cluster. - type: object properties: clusterUuid: description: Required. The cluster UUID. type: string credentialsCiphertext: + type: string description: >- Required. The encrypted credentials being injected in to the cluster.The client is responsible for encrypting the credentials in a way that is supported by the cluster.A wrapped value is used here so that the actual contents of the encrypted credentials are not written to audit logs. - type: string - SubmitJobRequest: - id: SubmitJobRequest - description: A request to submit a job. type: object - properties: - job: - description: Required. The job resource. - $ref: '#/components/schemas/Job' - requestId: - description: >- - Optional. A unique id used to identify the request. If the server - receives two SubmitJobRequest - (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#google.cloud.dataproc.v1.SubmitJobRequest)s - with the same id, then the second request will be ignored and the - first Job created and stored in the backend is returned.It is - recommended to always set this value to a UUID - (https://en.wikipedia.org/wiki/Universally_unique_identifier).The id - must contain only letters (a-z, A-Z), numbers (0-9), underscores - (_), and hyphens (-). The maximum length is 40 characters. - type: string - Job: - id: Job - description: A Dataproc job resource. + description: A request to inject credentials into a cluster. + AccessSparkApplicationSqlSparkPlanGraphResponse: type: object + description: >- + SparkPlanGraph for a Spark Application execution limited to maximum + 10000 clusters. properties: - reference: - description: >- - Optional. The fully qualified reference to the job, which can be - used to obtain the equivalent REST path of the job resource. If this - property is not specified when a job is created, the server - generates a job_id. - $ref: '#/components/schemas/JobReference' - placement: - description: >- - Required. Job information, including how, when, and where to run the - job. - $ref: '#/components/schemas/JobPlacement' - hadoopJob: - description: Optional. Job is a Hadoop job. - $ref: '#/components/schemas/HadoopJob' - sparkJob: - description: Optional. Job is a Spark job. - $ref: '#/components/schemas/SparkJob' - pysparkJob: - description: Optional. Job is a PySpark job. - $ref: '#/components/schemas/PySparkJob' - hiveJob: - description: Optional. Job is a Hive job. - $ref: '#/components/schemas/HiveJob' - pigJob: - description: Optional. Job is a Pig job. - $ref: '#/components/schemas/PigJob' - sparkRJob: - description: Optional. Job is a SparkR job. - $ref: '#/components/schemas/SparkRJob' - sparkSqlJob: - description: Optional. Job is a SparkSql job. - $ref: '#/components/schemas/SparkSqlJob' - prestoJob: - description: Optional. Job is a Presto job. - $ref: '#/components/schemas/PrestoJob' - trinoJob: - description: Optional. Job is a Trino job. - $ref: '#/components/schemas/TrinoJob' - flinkJob: - description: Optional. Job is a Flink job. - $ref: '#/components/schemas/FlinkJob' - status: - description: >- - Output only. The job status. Additional application-specific status - information might be contained in the type_job and yarn_applications - fields. - readOnly: true - $ref: '#/components/schemas/JobStatus' - statusHistory: - description: Output only. The previous job status. + sparkPlanGraph: + description: SparkPlanGraph for a Spark Application execution. + $ref: '#/components/schemas/SparkPlanGraph' + id: AccessSparkApplicationSqlSparkPlanGraphResponse + WorkflowTemplate: + properties: + createTime: readOnly: true + format: google-datetime + description: Output only. The time template was created. + type: string + jobs: + description: Required. The Directed Acyclic Graph of Jobs to submit. type: array items: - $ref: '#/components/schemas/JobStatus' - yarnApplications: + $ref: '#/components/schemas/OrderedJob' + encryptionConfig: description: >- - Output only. The collection of YARN applications spun up by this - job.Beta Feature: This report is available for testing purposes - only. It might be changed before final release. + Optional. Encryption settings for encrypting workflow template job + arguments. + $ref: >- + #/components/schemas/GoogleCloudDataprocV1WorkflowTemplateEncryptionConfig + id: + type: string + placement: + description: Required. WorkflowTemplate scheduling information. + $ref: '#/components/schemas/WorkflowTemplatePlacement' + name: readOnly: true - type: array - items: - $ref: '#/components/schemas/YarnApplication' - driverOutputResourceUri: description: >- - Output only. A URI pointing to the location of the stdout of the - job's driver program. - readOnly: true + Output only. The resource name of the workflow template, as + described in https://cloud.google.com/apis/design/resource_names. + For projects.regions.workflowTemplates, the resource name of the + template has the following format: + projects/{project_id}/regions/{region}/workflowTemplates/{template_id} + For projects.locations.workflowTemplates, the resource name of the + template has the following format: + projects/{project_id}/locations/{location}/workflowTemplates/{template_id} type: string - driverControlFilesUri: + parameters: + type: array description: >- - Output only. If present, the location of miscellaneous control files - which can be used as part of job setup and handling. If not present, - control files might be placed in the same location as - driver_output_uri. - readOnly: true - type: string + Optional. Template parameters whose values are substituted into the + template. Values for parameters must be provided when the template + is instantiated. + items: + $ref: '#/components/schemas/TemplateParameter' labels: - description: >- - Optional. The labels to associate with this job. Label keys must - contain 1 to 63 characters, and must conform to RFC 1035 - (https://www.ietf.org/rfc/rfc1035.txt). Label values can be empty, - but, if present, must contain 1 to 63 characters, and must conform - to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). No more than 32 - labels can be associated with a job. type: object + description: >- + Optional. The labels to associate with this template. These labels + will be propagated to all jobs and clusters created by the workflow + instance.Label keys must contain 1 to 63 characters, and must + conform to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt).Label + values may be empty, but, if present, must contain 1 to 63 + characters, and must conform to RFC 1035 + (https://www.ietf.org/rfc/rfc1035.txt).No more than 32 labels can be + associated with a template. additionalProperties: type: string - scheduling: - description: Optional. Job scheduling configuration. - $ref: '#/components/schemas/JobScheduling' - jobUuid: - description: >- - Output only. A UUID that uniquely identifies a job within the - project over time. This is in contrast to a user-settable - reference.job_id that might be reused over time. + updateTime: + description: Output only. The time template was last updated. + format: google-datetime readOnly: true type: string - done: + version: + format: int32 description: >- - Output only. Indicates whether the job is completed. If the value is - false, the job is still in progress. If true, the job is completed, - and status.state field will indicate if it was successful, failed, - or cancelled. - readOnly: true - type: boolean - driverSchedulingConfig: - description: Optional. Driver scheduling configuration. - $ref: '#/components/schemas/DriverSchedulingConfig' - JobReference: - id: JobReference - description: Encapsulates the full scoping used to reference a job. + Optional. Used to perform a consistent read-modify-write.This field + should be left blank for a CreateWorkflowTemplate request. It is + required for an UpdateWorkflowTemplate request, and must match the + current server version. A typical update template flow would fetch + the current template with a GetWorkflowTemplate request, which will + return the current template with the version field filled in with + the current server version. The user updates other fields in the + template, then returns it as part of the UpdateWorkflowTemplate + request. + type: integer + dagTimeout: + type: string + description: >- + Optional. Timeout duration for the DAG of jobs, expressed in seconds + (see JSON representation of duration + (https://developers.google.com/protocol-buffers/docs/proto3#json)). + The timeout duration must be from 10 minutes ("600s") to 24 hours + ("86400s"). The timer begins when the first job is submitted. If the + workflow is running at the end of the timeout period, any remaining + jobs are cancelled, the workflow is ended, and if the workflow was + running on a managed cluster, the cluster is deleted. + format: google-duration + description: A Dataproc workflow template resource. + id: WorkflowTemplate + type: object + Status: type: object + description: >- + The Status type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by gRPC (https://github.com/grpc). Each Status message contains + three pieces of data: error code, error message, and error details.You + can find out more about this error model and how to work with it in the + API Design Guide (https://cloud.google.com/apis/design/errors). + id: Status properties: - projectId: + details: + type: array description: >- - Optional. The ID of the Google Cloud Platform project that the job - belongs to. If specified, must match the request project ID. - type: string - jobId: + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + message: description: >- - Optional. The job ID, which must be unique within the project.The ID - must contain only letters (a-z, A-Z), numbers (0-9), underscores - (_), or hyphens (-). The maximum length is 100 characters.If not - specified by the caller, the job ID will be provided by the server. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - JobPlacement: - id: JobPlacement - description: Dataproc job config. + code: + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + format: int32 + RepositoryConfig: type: object + description: Configuration for dependency repositories properties: - clusterName: - description: Required. The name of the cluster where the job will be submitted. + pypiRepositoryConfig: + description: Optional. Configuration for PyPi repository. + $ref: '#/components/schemas/PyPiRepositoryConfig' + id: RepositoryConfig + CancelJobRequest: + description: A request to cancel a job. + type: object + id: CancelJobRequest + properties: {} + TrinoJob: + description: >- + A Dataproc job for running Trino (https://trino.io/) queries. IMPORTANT: + The Dataproc Trino Optional Component + (https://cloud.google.com/dataproc/docs/concepts/components/trino) must + be enabled when the cluster is created to submit a Trino job to the + cluster. + type: object + id: TrinoJob + properties: + continueOnFailure: + description: >- + Optional. Whether to continue executing queries if a query fails. + The default value is false. Setting to true can be useful when + executing independent parallel queries. + type: boolean + loggingConfig: + $ref: '#/components/schemas/LoggingConfig' + description: Optional. The runtime log config for job execution. + queryFileUri: + description: The HCFS URI of the script that contains SQL queries. + type: string + clientTags: + type: array + items: + type: string + description: Optional. Trino client tags to attach to this query + outputFormat: type: string - clusterUuid: description: >- - Output only. A cluster UUID generated by the Dataproc service when - the job is submitted. - readOnly: true + Optional. The format in which query output will be displayed. See + the Trino documentation for supported output formats + properties: + additionalProperties: + type: string + description: >- + Optional. A mapping of property names to values. Used to set Trino + session properties + (https://trino.io/docs/current/sql/set-session.html) Equivalent to + using the --session flag in the Trino CLI + type: object + queryList: + description: A list of queries. + $ref: '#/components/schemas/QueryList' + SparkSqlBatch: + properties: + queryFileUri: type: string - clusterLabels: description: >- - Optional. Cluster labels to identify a cluster where the job will be - submitted. + Required. The HCFS URI of the script that contains Spark SQL queries + to execute. + jarFileUris: + type: array + items: + type: string + description: Optional. HCFS URIs of jar files to be added to the Spark CLASSPATH. + queryVariables: type: object + description: >- + Optional. Mapping of query variable names to values (equivalent to + the Spark SQL command: SET name="value";). additionalProperties: type: string - HadoopJob: - id: HadoopJob + id: SparkSqlBatch + type: object description: >- - A Dataproc job for running Apache Hadoop MapReduce - (https://hadoop.apache.org/docs/current/hadoop-mapreduce-client/hadoop-mapreduce-client-core/MapReduceTutorial.html) - jobs on Apache Hadoop YARN - (https://hadoop.apache.org/docs/r2.7.1/hadoop-yarn/hadoop-yarn-site/YARN.html). + A configuration for running Apache Spark SQL + (https://spark.apache.org/sql/) queries as a batch workload. + RddStorageInfo: type: object + description: Overall data about RDD storage. + id: RddStorageInfo properties: - mainJarFileUri: - description: >- - The HCFS URI of the jar file containing the main class. Examples: - 'gs://foo-bucket/analytics-binaries/extract-useful-metrics-mr.jar' - 'hdfs:/tmp/test-samples/custom-wordcount.jar' - 'file:///home/usr/lib/hadoop-mapreduce/hadoop-mapreduce-examples.jar' + storageLevel: type: string - mainClass: - description: >- - The name of the driver's main class. The jar file containing the - class must be in the default CLASSPATH or specified in - jar_file_uris. + name: type: string - args: - description: >- - Optional. The arguments to pass to the driver. Do not include - arguments, such as -libjars or -Dfoo=bar, that can be set as job - properties, since a collision might occur that causes an incorrect - job submission. - type: array + numPartitions: + format: int32 + type: integer + partitions: items: - type: string - jarFileUris: - description: >- - Optional. Jar file URIs to add to the CLASSPATHs of the Hadoop - driver and tasks. + $ref: '#/components/schemas/RddPartitionInfo' type: array + rddStorageId: + type: integer + format: int32 + diskUsed: + format: int64 + type: string + dataDistribution: items: - type: string - fileUris: - description: >- - Optional. HCFS (Hadoop Compatible Filesystem) URIs of files to be - copied to the working directory of Hadoop drivers and distributed - tasks. Useful for naively parallel tasks. + $ref: '#/components/schemas/RddDataDistribution' type: array - items: - type: string - archiveUris: - description: >- - Optional. HCFS URIs of archives to be extracted in the working - directory of Hadoop drivers and tasks. Supported file types: .jar, - .tar, .tar.gz, .tgz, or .zip. + memoryUsed: + type: string + format: int64 + numCachedPartitions: + format: int32 + type: integer + AccessSessionSparkApplicationEnvironmentInfoResponse: + type: object + id: AccessSessionSparkApplicationEnvironmentInfoResponse + description: Environment details of a Saprk Application. + properties: + applicationEnvironmentInfo: + $ref: '#/components/schemas/ApplicationEnvironmentInfo' + description: Details about the Environment that the application is running in. + SearchSessionSparkApplicationStagesResponse: + type: object + description: A list of stages associated with a Spark Application. + id: SearchSessionSparkApplicationStagesResponse + properties: + sparkApplicationStages: type: array + readOnly: true + description: Output only. Data corresponding to a stage. items: - type: string - properties: + $ref: '#/components/schemas/StageData' + nextPageToken: + type: string description: >- - Optional. A mapping of property names to values, used to configure - Hadoop. Properties that conflict with values set by the Dataproc API - might be overwritten. Can include properties set in - /etc/hadoop/conf/*-site and classes in user code. + This token is included in the response if there are more results to + fetch. To fetch additional results, provide this value as the + page_token in a subsequent SearchSessionSparkApplicationStages. + ProcessSummary: + description: Process Summary + type: object + properties: + processLogs: type: object additionalProperties: type: string - loggingConfig: - description: Optional. The runtime log config for job execution. - $ref: '#/components/schemas/LoggingConfig' + hostPort: + type: string + processId: + type: string + isActive: + type: boolean + removeTime: + type: string + format: google-datetime + totalCores: + format: int32 + type: integer + addTime: + format: google-datetime + type: string + id: ProcessSummary LoggingConfig: - id: LoggingConfig description: The runtime logging config of the job. type: object + id: LoggingConfig properties: driverLogLevels: description: >- The per-package log levels for the driver. This can include "root" package name to configure rootLogger. Examples: - 'com.google = FATAL' - 'root = INFO' - 'org.apache = DEBUG' - type: object additionalProperties: type: string - enumDescriptions: - - Level is unspecified. Use default level for log4j. - - Use ALL level for log4j. - - Use TRACE level for log4j. - - Use DEBUG level for log4j. - - Use INFO level for log4j. - - Use WARN level for log4j. - - Use ERROR level for log4j. - - Use FATAL level for log4j. - - Turn off log4j. enum: - LEVEL_UNSPECIFIED - ALL @@ -5511,815 +5399,962 @@ components: - ERROR - FATAL - 'OFF' - SparkJob: - id: SparkJob + enumDescriptions: + - Level is unspecified. Use default level for log4j. + - Use ALL level for log4j. + - Use TRACE level for log4j. + - Use DEBUG level for log4j. + - Use INFO level for log4j. + - Use WARN level for log4j. + - Use ERROR level for log4j. + - Use FATAL level for log4j. + - Turn off log4j. + type: object + SparkPlanGraphNodeWrapper: + description: Wrapper user to represent either a node or a cluster. + type: object + id: SparkPlanGraphNodeWrapper + properties: + cluster: + $ref: '#/components/schemas/SparkPlanGraphCluster' + node: + $ref: '#/components/schemas/SparkPlanGraphNode' + AuthenticationConfig: description: >- - A Dataproc job for running Apache Spark (https://spark.apache.org/) - applications on YARN. + Authentication configuration for a workload is used to set the default + identity for the workload execution. The config specifies the type of + identity (service account or user) that will be used by workloads to + access resources on the project(s). type: object + id: AuthenticationConfig properties: - mainJarFileUri: - description: The HCFS URI of the jar file that contains the main class. + userWorkloadAuthenticationType: + description: >- + Optional. Authentication type for the user workload running in + containers. + enum: + - AUTHENTICATION_TYPE_UNSPECIFIED + - SERVICE_ACCOUNT + - END_USER_CREDENTIALS + type: string + enumDescriptions: + - >- + If AuthenticationType is unspecified then END_USER_CREDENTIALS is + used for 3.0 and newer runtimes, and SERVICE_ACCOUNT is used for + older runtimes. + - >- + Use service account credentials for authenticating to other + services. + - >- + Use OAuth credentials associated with the workload creator/user + for authenticating to other services. + OrderedJob: + description: A job executed by the workflow. + properties: + scheduling: + description: Optional. Job scheduling configuration. + $ref: '#/components/schemas/JobScheduling' + trinoJob: + description: Optional. Job is a Trino job. + $ref: '#/components/schemas/TrinoJob' + flinkJob: + description: Optional. Job is a Flink job. + $ref: '#/components/schemas/FlinkJob' + pysparkJob: + $ref: '#/components/schemas/PySparkJob' + description: Optional. Job is a PySpark job. + prestoJob: + description: Optional. Job is a Presto job. + $ref: '#/components/schemas/PrestoJob' + pigJob: + description: Optional. Job is a Pig job. + $ref: '#/components/schemas/PigJob' + stepId: + type: string + description: >- + Required. The step id. The id must be unique among all jobs within + the template.The step id is used as prefix for job id, as job + goog-dataproc-workflow-step-id label, and in prerequisiteStepIds + field from other steps.The id must contain only letters (a-z, A-Z), + numbers (0-9), underscores (_), and hyphens (-). Cannot begin or end + with underscore or hyphen. Must consist of between 3 and 50 + characters. + labels: + additionalProperties: + type: string + description: >- + Optional. The labels to associate with this job.Label keys must be + between 1 and 63 characters long, and must conform to the following + regular expression: \p{Ll}\p{Lo}{0,62}Label values must be between 1 + and 63 characters long, and must conform to the following regular + expression: \p{Ll}\p{Lo}\p{N}_-{0,63}No more than 32 labels can be + associated with a given job. + type: object + prerequisiteStepIds: + description: >- + Optional. The optional list of prerequisite job step_ids. If not + specified, the job will start at the beginning of workflow. + items: + type: string + type: array + hiveJob: + $ref: '#/components/schemas/HiveJob' + description: Optional. Job is a Hive job. + hadoopJob: + $ref: '#/components/schemas/HadoopJob' + description: Optional. Job is a Hadoop job. + sparkJob: + description: Optional. Job is a Spark job. + $ref: '#/components/schemas/SparkJob' + sparkRJob: + $ref: '#/components/schemas/SparkRJob' + description: Optional. Job is a SparkR job. + sparkSqlJob: + description: Optional. Job is a SparkSql job. + $ref: '#/components/schemas/SparkSqlJob' + type: object + id: OrderedJob + Binding: + properties: + members: + items: + type: string + description: >- + Specifies the principals requesting access for a Google Cloud + resource. members can have the following values: allUsers: A special + identifier that represents anyone who is on the internet; with or + without a Google account. allAuthenticatedUsers: A special + identifier that represents anyone who is authenticated with a Google + account or a service account. Does not include identities that come + from external identity providers (IdPs) through identity federation. + user:{emailid}: An email address that represents a specific Google + account. For example, alice@example.com . serviceAccount:{emailid}: + An email address that represents a Google service account. For + example, my-other-app@appspot.gserviceaccount.com. + serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: + An identifier for a Kubernetes service account + (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. + group:{emailid}: An email address that represents a Google group. + For example, admins@example.com. domain:{domain}: The G Suite domain + (primary) that represents all the users of that domain. For example, + google.com or example.com. + principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}: + A single identity in a workforce identity pool. + principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}: + All workforce identities in a group. + principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}: + All workforce identities with a specific attribute value. + principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*: + All identities in a workforce identity pool. + principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}: + A single identity in a workload identity pool. + principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}: + A workload identity pool group. + principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}: + All identities in a workload identity pool with a certain attribute. + principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*: + All identities in a workload identity pool. + deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique + identifier) representing a user that has been recently deleted. For + example, alice@example.com?uid=123456789012345678901. If the user is + recovered, this value reverts to user:{emailid} and the recovered + user retains the role in the binding. + deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. + If the service account is undeleted, this value reverts to + serviceAccount:{emailid} and the undeleted service account retains + the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An + email address (plus unique identifier) representing a Google group + that has been recently deleted. For example, + admins@example.com?uid=123456789012345678901. If the group is + recovered, this value reverts to group:{emailid} and the recovered + group retains the role in the binding. + deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}: + Deleted single identity in a workforce identity pool. For example, + deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value. + type: array + condition: + description: >- + The condition that is associated with this binding.If the condition + evaluates to true, then this binding applies to the current + request.If the condition evaluates to false, then this binding does + not apply to the current request. However, a different role binding + might grant the same role to one or more of the principals in this + binding.To learn which resources support conditions in their IAM + policies, see the IAM documentation + (https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + role: + description: >- + Role that is assigned to the list of members, or principals. For + example, roles/viewer, roles/editor, or roles/owner.For an overview + of the IAM roles and permissions, see the IAM documentation + (https://cloud.google.com/iam/docs/roles-overview). For a list of + the available pre-defined roles, see here + (https://cloud.google.com/iam/docs/understanding-roles). + type: string + description: Associates members, or principals, with a role. + id: Binding + type: object + JobStatus: + id: JobStatus + type: object + properties: + details: + readOnly: true + type: string + description: >- + Optional. Output only. Job state details, such as an error + description if the state is ERROR. + stateStartTime: + type: string + format: google-datetime + readOnly: true + description: Output only. The time when this state was entered. + substate: + enum: + - UNSPECIFIED + - SUBMITTED + - QUEUED + - STALE_STATUS + readOnly: true type: string - mainClass: + enumDescriptions: + - The job substate is unknown. + - The Job is submitted to the agent.Applies to RUNNING state. + - >- + The Job has been received and is awaiting execution (it might be + waiting for a condition to be met). See the "details" field for + the reason for the delay.Applies to RUNNING state. + - >- + The agent-reported status is out of date, which can be caused by a + loss of communication between the agent and Dataproc. If the agent + does not send a timely update, the job will fail.Applies to + RUNNING state. description: >- - The name of the driver's main class. The jar file that contains the - class must be in the default CLASSPATH or specified in - SparkJob.jar_file_uris. + Output only. Additional state information, which includes status + reported by the agent. + state: + description: Output only. A state message specifying the overall job state. type: string - args: - description: >- - Optional. The arguments to pass to the driver. Do not include - arguments, such as --conf, that can be set as job properties, since - a collision may occur that causes an incorrect job submission. - type: array - items: - type: string - jarFileUris: - description: >- - Optional. HCFS URIs of jar files to add to the CLASSPATHs of the - Spark driver and tasks. - type: array - items: - type: string - fileUris: - description: >- - Optional. HCFS URIs of files to be placed in the working directory - of each executor. Useful for naively parallel tasks. - type: array - items: - type: string - archiveUris: - description: >- - Optional. HCFS URIs of archives to be extracted into the working - directory of each executor. Supported file types: .jar, .tar, - .tar.gz, .tgz, and .zip. - type: array - items: - type: string - properties: - description: >- - Optional. A mapping of property names to values, used to configure - Spark. Properties that conflict with values set by the Dataproc API - might be overwritten. Can include properties set in - /etc/spark/conf/spark-defaults.conf and classes in user code. - type: object - additionalProperties: - type: string - loggingConfig: - description: Optional. The runtime log config for job execution. - $ref: '#/components/schemas/LoggingConfig' - PySparkJob: - id: PySparkJob + enumDescriptions: + - The job state is unknown. + - The job is pending; it has been submitted, but is not yet running. + - >- + Job has been received by the service and completed initial setup; + it will soon be submitted to the cluster. + - The job is running on the cluster. + - A CancelJob request has been received, but is pending. + - >- + Transient in-flight resources have been canceled, and the request + to cancel the running job has been issued to the cluster. + - The job cancellation was successful. + - The job has completed successfully. + - The job has completed, but encountered an error. + - >- + Job attempt has failed. The detail field contains failure details + for this attempt.Applies to restartable jobs only. + readOnly: true + enum: + - STATE_UNSPECIFIED + - PENDING + - SETUP_DONE + - RUNNING + - CANCEL_PENDING + - CANCEL_STARTED + - CANCELLED + - DONE + - ERROR + - ATTEMPT_FAILURE + description: Dataproc job status. + InstanceGroupConfig: description: >- - A Dataproc job for running Apache PySpark - (https://spark.apache.org/docs/latest/api/python/index.html#pyspark-overview) - applications on YARN. + The config settings for Compute Engine resources in an instance group, + such as a master or worker group. type: object properties: - mainPythonFileUri: + machineTypeUri: description: >- - Required. The HCFS URI of the main Python file to use as the driver. - Must be a .py file. + Optional. The Compute Engine machine type used for cluster + instances.A full URL, partial URI, or short name are valid. + Examples: + https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone]/machineTypes/n1-standard-2 + projects/[project_id]/zones/[zone]/machineTypes/n1-standard-2 + n1-standard-2Auto Zone Exception: If you are using the Dataproc Auto + Zone Placement + (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/auto-zone#using_auto_zone_placement) + feature, you must use the short name of the machine type resource, + for example, n1-standard-2. type: string - args: - description: >- - Optional. The arguments to pass to the driver. Do not include - arguments, such as --conf, that can be set as job properties, since - a collision may occur that causes an incorrect job submission. - type: array - items: - type: string - pythonFileUris: - description: >- - Optional. HCFS file URIs of Python files to pass to the PySpark - framework. Supported file types: .py, .egg, and .zip. - type: array - items: - type: string - jarFileUris: + diskConfig: + description: Optional. Disk option config settings. + $ref: '#/components/schemas/DiskConfig' + imageUri: description: >- - Optional. HCFS URIs of jar files to add to the CLASSPATHs of the - Python driver and tasks. - type: array - items: - type: string - fileUris: + Optional. The Compute Engine image resource used for cluster + instances.The URI can represent an image or image family.Image + examples: + https://www.googleapis.com/compute/v1/projects/[project_id]/global/images/[image-id] + projects/[project_id]/global/images/[image-id] image-idImage family + examples. Dataproc will use the most recent image from the family: + https://www.googleapis.com/compute/v1/projects/[project_id]/global/images/family/[custom-image-family-name] + projects/[project_id]/global/images/family/[custom-image-family-name]If + the URI is unspecified, it will be inferred from + SoftwareConfig.image_version or the system default. + type: string + numInstances: description: >- - Optional. HCFS URIs of files to be placed in the working directory - of each executor. Useful for naively parallel tasks. - type: array - items: - type: string - archiveUris: + Optional. The number of VM instances in the instance group. For HA + cluster master_config groups, must be set to 3. For standard cluster + master_config groups, must be set to 1. + type: integer + format: int32 + managedGroupConfig: + readOnly: true + $ref: '#/components/schemas/ManagedGroupConfig' description: >- - Optional. HCFS URIs of archives to be extracted into the working - directory of each executor. Supported file types: .jar, .tar, - .tar.gz, .tgz, and .zip. - type: array - items: - type: string - properties: + Output only. The config for Compute Engine Instance Group Manager + that manages this group. This is only used for preemptible instance + groups. + minNumInstances: + type: integer + format: int32 description: >- - Optional. A mapping of property names to values, used to configure - PySpark. Properties that conflict with values set by the Dataproc - API might be overwritten. Can include properties set in - /etc/spark/conf/spark-defaults.conf and classes in user code. - type: object - additionalProperties: - type: string - loggingConfig: - description: Optional. The runtime log config for job execution. - $ref: '#/components/schemas/LoggingConfig' - HiveJob: - id: HiveJob - description: >- - A Dataproc job for running Apache Hive (https://hive.apache.org/) - queries on YARN. - type: object - properties: - queryFileUri: - description: The HCFS URI of the script that contains Hive queries. + Optional. The minimum number of primary worker instances to create. + If min_num_instances is set, cluster creation will succeed if the + number of primary workers created is at least equal to the + min_num_instances number.Example: Cluster creation request with + num_instances = 5 and min_num_instances = 3: If 4 VMs are created + and 1 instance fails, the failed VM is deleted. The cluster is + resized to 4 instances and placed in a RUNNING state. If 2 instances + are created and 3 instances fail, the cluster in placed in an ERROR + state. The failed VMs are not deleted. + preemptibility: type: string - queryList: - description: A list of queries. - $ref: '#/components/schemas/QueryList' - continueOnFailure: description: >- - Optional. Whether to continue executing queries if a query fails. - The default value is false. Setting to true can be useful when - executing independent parallel queries. - type: boolean - scriptVariables: - description: >- - Optional. Mapping of query variable names to values (equivalent to - the Hive command: SET name="value";). - type: object - additionalProperties: - type: string - properties: + Optional. Specifies the preemptibility of the instance group.The + default value for master and worker groups is NON_PREEMPTIBLE. This + default cannot be changed.The default value for secondary instances + is PREEMPTIBLE. + enum: + - PREEMPTIBILITY_UNSPECIFIED + - NON_PREEMPTIBLE + - PREEMPTIBLE + - SPOT + enumDescriptions: + - >- + Preemptibility is unspecified, the system will choose the + appropriate setting for each instance group. + - >- + Instances are non-preemptible.This option is allowed for all + instance groups and is the only valid value for Master and Worker + instance groups. + - >- + Instances are preemptible + (https://cloud.google.com/compute/docs/instances/preemptible).This + option is allowed only for secondary worker + (https://cloud.google.com/dataproc/docs/concepts/compute/secondary-vms) + groups. + - >- + Instances are Spot VMs + (https://cloud.google.com/compute/docs/instances/spot).This option + is allowed only for secondary worker + (https://cloud.google.com/dataproc/docs/concepts/compute/secondary-vms) + groups. Spot VMs are the latest version of preemptible VMs + (https://cloud.google.com/compute/docs/instances/preemptible), and + provide additional features. + accelerators: + type: array + items: + $ref: '#/components/schemas/AcceleratorConfig' description: >- - Optional. A mapping of property names and values, used to configure - Hive. Properties that conflict with values set by the Dataproc API - might be overwritten. Can include properties set in - /etc/hadoop/conf/*-site.xml, /etc/hive/conf/hive-site.xml, and - classes in user code. - type: object - additionalProperties: - type: string - jarFileUris: + Optional. The Compute Engine accelerator configuration for these + instances. + minCpuPlatform: description: >- - Optional. HCFS URIs of jar files to add to the CLASSPATH of the Hive - server and Hadoop MapReduce (MR) tasks. Can contain Hive SerDes and - UDFs. + Optional. Specifies the minimum cpu platform for the Instance Group. + See Dataproc -> Minimum CPU Platform + (https://cloud.google.com/dataproc/docs/concepts/compute/dataproc-min-cpu). + type: string + instanceReferences: + description: Output only. List of references to Compute Engine instances. + readOnly: true type: array items: - type: string - QueryList: - id: QueryList - description: A list of queries to run on a cluster. - type: object - properties: - queries: + $ref: '#/components/schemas/InstanceReference' + startupConfig: description: >- - Required. The queries to execute. You do not need to end a query - expression with a semicolon. Multiple queries can be specified in - one string by separating each with a semicolon. Here is an example - of a Dataproc API snippet that uses a QueryList to specify a - HiveJob: "hiveJob": { "queryList": { "queries": [ "query1", - "query2", "query3;query4", ] } } - type: array + Optional. Configuration to handle the startup of instances during + cluster create and update process. + $ref: '#/components/schemas/StartupConfig' + instanceNames: items: type: string - PigJob: - id: PigJob - description: >- - A Dataproc job for running Apache Pig (https://pig.apache.org/) queries - on YARN. - type: object - properties: - queryFileUri: - description: The HCFS URI of the script that contains the Pig queries. - type: string - queryList: - description: A list of queries. - $ref: '#/components/schemas/QueryList' - continueOnFailure: - description: >- - Optional. Whether to continue executing queries if a query fails. - The default value is false. Setting to true can be useful when - executing independent parallel queries. - type: boolean - scriptVariables: description: >- - Optional. Mapping of query variable names to values (equivalent to - the Pig command: name=[value]). - type: object - additionalProperties: - type: string - properties: + Output only. The list of instance names. Dataproc derives the names + from cluster_name, num_instances, and the instance group. + type: array + readOnly: true + instanceFlexibilityPolicy: description: >- - Optional. A mapping of property names to values, used to configure - Pig. Properties that conflict with values set by the Dataproc API - might be overwritten. Can include properties set in - /etc/hadoop/conf/*-site.xml, /etc/pig/conf/pig.properties, and - classes in user code. - type: object - additionalProperties: - type: string - jarFileUris: + Optional. Instance flexibility Policy allowing a mixture of VM + shapes and provisioning models. + $ref: '#/components/schemas/InstanceFlexibilityPolicy' + isPreemptible: + type: boolean description: >- - Optional. HCFS URIs of jar files to add to the CLASSPATH of the Pig - Client and Hadoop MapReduce (MR) tasks. Can contain Pig UDFs. - type: array - items: - type: string - loggingConfig: - description: Optional. The runtime log config for job execution. - $ref: '#/components/schemas/LoggingConfig' - SparkRJob: - id: SparkRJob - description: >- - A Dataproc job for running Apache SparkR - (https://spark.apache.org/docs/latest/sparkr.html) applications on YARN. - type: object + Output only. Specifies that this instance group contains preemptible + instances. + readOnly: true + id: InstanceGroupConfig + GoogleCloudDataprocV1WorkflowTemplateEncryptionConfig: + description: Encryption settings for encrypting workflow template job arguments. properties: - mainRFileUri: + kmsKey: description: >- - Required. The HCFS URI of the main R file to use as the driver. Must - be a .R file. + Optional. The Cloud KMS key name to use for encrypting workflow + template job arguments.When this this key is provided, the following + workflow template job arguments + (https://cloud.google.com/dataproc/docs/concepts/workflows/use-workflows#adding_jobs_to_a_template), + if present, are CMEK encrypted + (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/customer-managed-encryption#use_cmek_with_workflow_template_data): + FlinkJob args + (https://cloud.google.com/dataproc/docs/reference/rest/v1/FlinkJob) + HadoopJob args + (https://cloud.google.com/dataproc/docs/reference/rest/v1/HadoopJob) + SparkJob args + (https://cloud.google.com/dataproc/docs/reference/rest/v1/SparkJob) + SparkRJob args + (https://cloud.google.com/dataproc/docs/reference/rest/v1/SparkRJob) + PySparkJob args + (https://cloud.google.com/dataproc/docs/reference/rest/v1/PySparkJob) + SparkSqlJob + (https://cloud.google.com/dataproc/docs/reference/rest/v1/SparkSqlJob) + scriptVariables and queryList.queries HiveJob + (https://cloud.google.com/dataproc/docs/reference/rest/v1/HiveJob) + scriptVariables and queryList.queries PigJob + (https://cloud.google.com/dataproc/docs/reference/rest/v1/PigJob) + scriptVariables and queryList.queries PrestoJob + (https://cloud.google.com/dataproc/docs/reference/rest/v1/PrestoJob) + scriptVariables and queryList.queries type: string - args: - description: >- - Optional. The arguments to pass to the driver. Do not include - arguments, such as --conf, that can be set as job properties, since - a collision may occur that causes an incorrect job submission. + type: object + id: GoogleCloudDataprocV1WorkflowTemplateEncryptionConfig + ExecutorMetricsDistributions: + type: object + properties: + taskTimeMillis: + items: + type: number + format: double + type: array + shuffleReadRecords: type: array items: - type: string - fileUris: - description: >- - Optional. HCFS URIs of files to be placed in the working directory - of each executor. Useful for naively parallel tasks. + format: double + type: number + diskBytesSpilled: + items: + type: number + format: double + type: array + shuffleWriteRecords: type: array items: - type: string - archiveUris: - description: >- - Optional. HCFS URIs of archives to be extracted into the working - directory of each executor. Supported file types: .jar, .tar, - .tar.gz, .tgz, and .zip. + type: number + format: double + inputRecords: + items: + type: number + format: double + type: array + memoryBytesSpilled: type: array items: - type: string - properties: - description: >- - Optional. A mapping of property names to values, used to configure - SparkR. Properties that conflict with values set by the Dataproc API - might be overwritten. Can include properties set in - /etc/spark/conf/spark-defaults.conf and classes in user code. - type: object - additionalProperties: - type: string - loggingConfig: - description: Optional. The runtime log config for job execution. - $ref: '#/components/schemas/LoggingConfig' - SparkSqlJob: - id: SparkSqlJob - description: >- - A Dataproc job for running Apache Spark SQL - (https://spark.apache.org/sql/) queries. - type: object - properties: - queryFileUri: - description: The HCFS URI of the script that contains SQL queries. - type: string - queryList: - description: A list of queries. - $ref: '#/components/schemas/QueryList' - scriptVariables: - description: >- - Optional. Mapping of query variable names to values (equivalent to - the Spark SQL command: SET name="value";). - type: object - additionalProperties: - type: string - properties: - description: >- - Optional. A mapping of property names to values, used to configure - Spark SQL's SparkConf. Properties that conflict with values set by - the Dataproc API might be overwritten. - type: object - additionalProperties: - type: string - jarFileUris: - description: Optional. HCFS URIs of jar files to be added to the Spark CLASSPATH. + type: number + format: double + peakMemoryMetrics: + $ref: '#/components/schemas/ExecutorPeakMetricsDistributions' + shuffleWrite: + type: array + items: + type: number + format: double + outputRecords: + items: + format: double + type: number + type: array + quantiles: + type: array + items: + format: double + type: number + outputBytes: + items: + format: double + type: number + type: array + shuffleRead: + type: array + items: + format: double + type: number + inputBytes: + items: + type: number + format: double type: array + succeededTasks: items: - type: string - loggingConfig: - description: Optional. The runtime log config for job execution. - $ref: '#/components/schemas/LoggingConfig' - PrestoJob: - id: PrestoJob - description: >- - A Dataproc job for running Presto (https://prestosql.io/) queries. - IMPORTANT: The Dataproc Presto Optional Component - (https://cloud.google.com/dataproc/docs/concepts/components/presto) must - be enabled when the cluster is created to submit a Presto job to the - cluster. - type: object - properties: - queryFileUri: - description: The HCFS URI of the script that contains SQL queries. - type: string - queryList: - description: A list of queries. - $ref: '#/components/schemas/QueryList' - continueOnFailure: - description: >- - Optional. Whether to continue executing queries if a query fails. - The default value is false. Setting to true can be useful when - executing independent parallel queries. - type: boolean - outputFormat: - description: >- - Optional. The format in which query output will be displayed. See - the Presto documentation for supported output formats - type: string - clientTags: - description: Optional. Presto client tags to attach to this query + format: double + type: number + type: array + failedTasks: type: array items: - type: string - properties: - description: >- - Optional. A mapping of property names to values. Used to set Presto - session properties - (https://prestodb.io/docs/current/sql/set-session.html) Equivalent - to using the --session flag in the Presto CLI - type: object - additionalProperties: - type: string - loggingConfig: - description: Optional. The runtime log config for job execution. - $ref: '#/components/schemas/LoggingConfig' - TrinoJob: - id: TrinoJob - description: >- - A Dataproc job for running Trino (https://trino.io/) queries. IMPORTANT: - The Dataproc Trino Optional Component - (https://cloud.google.com/dataproc/docs/concepts/components/trino) must - be enabled when the cluster is created to submit a Trino job to the - cluster. - type: object + format: double + type: number + killedTasks: + type: array + items: + type: number + format: double + id: ExecutorMetricsDistributions + ShufflePushReadMetrics: + id: ShufflePushReadMetrics properties: - queryFileUri: - description: The HCFS URI of the script that contains SQL queries. + localMergedBytesRead: type: string - queryList: - description: A list of queries. - $ref: '#/components/schemas/QueryList' - continueOnFailure: - description: >- - Optional. Whether to continue executing queries if a query fails. - The default value is false. Setting to true can be useful when - executing independent parallel queries. - type: boolean - outputFormat: - description: >- - Optional. The format in which query output will be displayed. See - the Trino documentation for supported output formats + format: int64 + localMergedBlocksFetched: type: string - clientTags: - description: Optional. Trino client tags to attach to this query - type: array - items: - type: string - properties: - description: >- - Optional. A mapping of property names to values. Used to set Trino - session properties - (https://trino.io/docs/current/sql/set-session.html) Equivalent to - using the --session flag in the Trino CLI - type: object - additionalProperties: - type: string - loggingConfig: - description: Optional. The runtime log config for job execution. - $ref: '#/components/schemas/LoggingConfig' - FlinkJob: - id: FlinkJob - description: A Dataproc job for running Apache Flink applications on YARN. + format: int64 + remoteMergedChunksFetched: + type: string + format: int64 + localMergedChunksFetched: + type: string + format: int64 + mergedFetchFallbackCount: + type: string + format: int64 + remoteMergedBlocksFetched: + format: int64 + type: string + corruptMergedBlockChunks: + format: int64 + type: string + remoteMergedReqsDuration: + format: int64 + type: string + remoteMergedBytesRead: + type: string + format: int64 type: object + RddOperationCluster: + id: RddOperationCluster properties: - mainJarFileUri: - description: The HCFS URI of the jar file that contains the main class. + childClusters: + type: array + items: + $ref: '#/components/schemas/RddOperationCluster' + name: type: string - mainClass: - description: >- - The name of the driver's main class. The jar file that contains the - class must be in the default CLASSPATH or specified in jarFileUris. + rddClusterId: type: string - args: - description: >- - Optional. The arguments to pass to the driver. Do not include - arguments, such as --conf, that can be set as job properties, since - a collision might occur that causes an incorrect job submission. - type: array + childNodes: items: - type: string - jarFileUris: - description: >- - Optional. HCFS URIs of jar files to add to the CLASSPATHs of the - Flink driver and tasks. + $ref: '#/components/schemas/RddOperationNode' type: array - items: - type: string - savepointUri: - description: >- - Optional. HCFS URI of the savepoint, which contains the last saved - progress for starting the current job. - type: string - properties: - description: >- - Optional. A mapping of property names to values, used to configure - Flink. Properties that conflict with values set by the Dataproc API - might be overwritten. Can include properties set in - /etc/flink/conf/flink-defaults.conf and classes in user code. - type: object - additionalProperties: - type: string - loggingConfig: - description: Optional. The runtime log config for job execution. - $ref: '#/components/schemas/LoggingConfig' - JobStatus: - id: JobStatus - description: Dataproc job status. + description: >- + A grouping of nodes representing higher level constructs (stage, job + etc.). type: object + Quantiles: properties: - state: - description: Output only. A state message specifying the overall job state. - readOnly: true + sum: type: string - enumDescriptions: - - The job state is unknown. - - The job is pending; it has been submitted, but is not yet running. - - >- - Job has been received by the service and completed initial setup; - it will soon be submitted to the cluster. - - The job is running on the cluster. - - A CancelJob request has been received, but is pending. - - >- - Transient in-flight resources have been canceled, and the request - to cancel the running job has been issued to the cluster. - - The job cancellation was successful. - - The job has completed successfully. - - The job has completed, but encountered an error. - - >- - Job attempt has failed. The detail field contains failure details - for this attempt.Applies to restartable jobs only. - enum: - - STATE_UNSPECIFIED - - PENDING - - SETUP_DONE - - RUNNING - - CANCEL_PENDING - - CANCEL_STARTED - - CANCELLED - - DONE - - ERROR - - ATTEMPT_FAILURE - details: - description: >- - Optional. Output only. Job state details, such as an error - description if the state is ERROR. - readOnly: true + format: int64 + minimum: + format: int64 type: string - stateStartTime: - description: Output only. The time when this state was entered. - readOnly: true + percentile25: + type: string + format: int64 + count: + format: int64 + type: string + percentile75: + format: int64 + type: string + percentile50: + format: int64 + type: string + maximum: + format: int64 + type: string + id: Quantiles + type: object + description: >- + Quantile metrics data related to Tasks. Units can be seconds, bytes, + milliseconds, etc depending on the message type. + Interval: + id: Interval + description: >- + Represents a time interval, encoded as a Timestamp start (inclusive) and + a Timestamp end (exclusive).The start must be less than or equal to the + end. When the start equals the end, the interval is empty (matches no + time). When both start and end are unspecified, the interval matches any + time. + type: object + properties: + endTime: + format: google-datetime type: string + description: >- + Optional. Exclusive end of the interval.If specified, a Timestamp + matching this interval will have to be before the end. + startTime: format: google-datetime - substate: + type: string description: >- - Output only. Additional state information, which includes status - reported by the agent. + Optional. Inclusive start of the interval.If specified, a Timestamp + matching this interval will have to be the same or after the start. + SearchSessionSparkApplicationJobsResponse: + id: SearchSessionSparkApplicationJobsResponse + properties: + sparkApplicationJobs: readOnly: true + items: + $ref: '#/components/schemas/JobData' + description: Output only. Data corresponding to a spark job. + type: array + nextPageToken: + description: >- + This token is included in the response if there are more results to + fetch. To fetch additional results, provide this value as the + page_token in a subsequent SearchSessionSparkApplicationJobsRequest. type: string - enumDescriptions: - - The job substate is unknown. - - The Job is submitted to the agent.Applies to RUNNING state. - - >- - The Job has been received and is awaiting execution (it might be - waiting for a condition to be met). See the "details" field for - the reason for the delay.Applies to RUNNING state. - - >- - The agent-reported status is out of date, which can be caused by a - loss of communication between the agent and Dataproc. If the agent - does not send a timely update, the job will fail.Applies to - RUNNING state. - enum: - - UNSPECIFIED - - SUBMITTED - - QUEUED - - STALE_STATUS - YarnApplication: - id: YarnApplication - description: >- - A YARN application created by a job. Application information is a subset - of org.apache.hadoop.yarn.proto.YarnProtos.ApplicationReportProto.Beta - Feature: This report is available for testing purposes only. It may be - changed before final release. type: object + description: A list of Jobs associated with a Spark Application. + AccessSessionSparkApplicationResponse: properties: - name: - description: Required. The application name. + application: + description: Output only. High level information corresponding to an application. + $ref: '#/components/schemas/ApplicationInfo' + readOnly: true + id: AccessSessionSparkApplicationResponse + description: A summary of Spark Application + type: object + PropertiesInfo: + type: object + description: Properties of the workload organized by origin. + id: PropertiesInfo + properties: + autotuningProperties: + description: Output only. Properties set by autotuning engine. + additionalProperties: + $ref: '#/components/schemas/ValueInfo' + type: object + readOnly: true + ConsolidatedExecutorSummary: + id: ConsolidatedExecutorSummary + properties: + memoryMetrics: + $ref: '#/components/schemas/MemoryMetrics' + memoryUsed: type: string - state: - description: Required. The application state. + format: int64 + count: + format: int32 + type: integer + diskUsed: + format: int64 type: string - enumDescriptions: - - Status is unspecified. - - Status is NEW. - - Status is NEW_SAVING. - - Status is SUBMITTED. - - Status is ACCEPTED. - - Status is RUNNING. - - Status is FINISHED. - - Status is FAILED. - - Status is KILLED. - enum: - - STATE_UNSPECIFIED - - NEW - - NEW_SAVING - - SUBMITTED - - ACCEPTED - - RUNNING - - FINISHED - - FAILED - - KILLED - progress: - description: Required. The numerical progress of the application, from 1 to 100. - type: number - format: float - trackingUrl: - description: >- - Optional. The HTTP URL of the ApplicationMaster, HistoryServer, or - TimelineServer that provides application-specific information. The - URL uses the internal hostname, and requires a proxy server for - resolution and, possibly, access. + totalShuffleRead: + format: int64 type: string - JobScheduling: - id: JobScheduling - description: Job scheduling options. - type: object - properties: - maxFailuresPerHour: - description: >- - Optional. Maximum number of times per hour a driver can be restarted - as a result of driver exiting with non-zero code before job is - reported failed.A job might be reported as thrashing if the driver - exits with a non-zero code four times within a 10-minute - window.Maximum value is 10.Note: This restartable job option is not - supported in Dataproc workflow templates - (https://cloud.google.com/dataproc/docs/concepts/workflows/using-workflows#adding_jobs_to_a_template). + totalShuffleWrite: + format: int64 + type: string + isExcluded: + format: int32 type: integer + totalDurationMillis: + type: string + format: int64 + totalCores: format: int32 - maxFailuresTotal: - description: >- - Optional. Maximum total number of times a driver can be restarted as - a result of the driver exiting with a non-zero code. After the - maximum number is reached, the job will be reported as - failed.Maximum value is 240.Note: Currently, this restartable job - option is not supported in Dataproc workflow templates - (https://cloud.google.com/dataproc/docs/concepts/workflows/using-workflows#adding_jobs_to_a_template). + type: integer + totalTasks: type: integer format: int32 - DriverSchedulingConfig: - id: DriverSchedulingConfig - description: Driver scheduling configuration. - type: object - properties: - memoryMb: - description: Required. The amount of memory in MB the driver is requesting. + rddBlocks: type: integer format: int32 - vcores: - description: Required. The number of vCPUs the driver is requesting. + totalGcTimeMillis: + format: int64 + type: string + failedTasks: + format: int32 type: integer + totalInputBytes: + format: int64 + type: string + activeTasks: format: int32 - ListJobsResponse: - id: ListJobsResponse - description: A list of jobs in a project. + type: integer + completedTasks: + type: integer + format: int32 + maxMemory: + type: string + format: int64 + type: object + description: Consolidated summary about executors used by the application. + AccessSparkApplicationStageAttemptResponse: + id: AccessSparkApplicationStageAttemptResponse + description: Stage Attempt for a Stage of a Spark Application type: object properties: - jobs: - description: Output only. Jobs list. + stageData: + $ref: '#/components/schemas/StageData' readOnly: true - type: array - items: - $ref: '#/components/schemas/Job' - nextPageToken: + description: Output only. Data corresponding to a stage. + Metric: + type: object + description: A Dataproc custom metric. + properties: + metricSource: + enumDescriptions: + - Required unspecified metric source. + - >- + Monitoring agent metrics. If this source is enabled, Dataproc + enables the monitoring agent in Compute Engine, and collects + monitoring agent metrics, which are published with an + agent.googleapis.com prefix. + - HDFS metric source. + - Spark metric source. + - YARN metric source. + - Spark History Server metric source. + - Hiveserver2 metric source. + - hivemetastore metric source + - flink metric source + enum: + - METRIC_SOURCE_UNSPECIFIED + - MONITORING_AGENT_DEFAULTS + - HDFS + - SPARK + - YARN + - SPARK_HISTORY_SERVER + - HIVESERVER2 + - HIVEMETASTORE + - FLINK description: >- - Optional. This token is included in the response if there are more - results to fetch. To fetch additional results, provide this value as - the page_token in a subsequent ListJobsRequest. + Required. A standard set of metrics is collected unless + metricOverrides are specified for the metric source (see Custom + metrics + (https://cloud.google.com/dataproc/docs/guides/dataproc-metrics#custom_metrics) + for more information). type: string - unreachable: + metricOverrides: description: >- - Output only. List of jobs with kms_key-encrypted parameters that - could not be decrypted. A response to a jobs.get request may - indicate the reason for the decryption failure for a specific job. - readOnly: true + Optional. Specify one or more Custom metrics + (https://cloud.google.com/dataproc/docs/guides/dataproc-metrics#custom_metrics) + to collect for the metric course (for the SPARK metric source (any + Spark metric + (https://spark.apache.org/docs/latest/monitoring.html#metrics) can + be specified).Provide metrics in the following format: + METRIC_SOURCE: INSTANCE:GROUP:METRIC Use camelcase as + appropriate.Examples: + yarn:ResourceManager:QueueMetrics:AppsCompleted + spark:driver:DAGScheduler:job.allJobs + sparkHistoryServer:JVM:Memory:NonHeapMemoryUsage.committed + hiveserver2:JVM:Memory:NonHeapMemoryUsage.used Notes: Only the + specified overridden metrics are collected for the metric source. + For example, if one or more spark:executive metrics are listed as + metric overrides, other SPARK metrics are not collected. The + collection of the metrics for other enabled custom metric sources is + unaffected. For example, if both SPARK and YARN metric sources are + enabled, and overrides are provided for Spark metrics only, all YARN + metrics are collected. type: array items: type: string - CancelJobRequest: - id: CancelJobRequest - description: A request to cancel a job. - type: object - properties: {} - Session: - id: Session - description: A representation of a session. - type: object + id: Metric + NodeGroupOperationMetadata: properties: - name: - description: Identifier. The resource name of the session. + clusterUuid: type: string - uuid: - description: >- - Output only. A session UUID (Unique Universal Identifier). The - service generates this value when it creates the session. + readOnly: true + description: Output only. Cluster UUID associated with the node group operation. + description: + description: Output only. Short description of operation. readOnly: true type: string - createTime: - description: Output only. The time when the session was created. + status: + $ref: '#/components/schemas/ClusterOperationStatus' + description: Output only. Current operation status. readOnly: true + nodeGroupId: type: string - format: google-datetime - jupyterSession: - description: Optional. Jupyter session config. - $ref: '#/components/schemas/JupyterConfig' - sparkConnectSession: - description: Optional. Spark connect session config. - $ref: '#/components/schemas/SparkConnectConfig' - runtimeInfo: - description: Output only. Runtime information about session execution. readOnly: true - $ref: '#/components/schemas/RuntimeInfo' - state: - description: Output only. A state of the session. + description: Output only. Node group ID for the operation. + statusHistory: readOnly: true + items: + $ref: '#/components/schemas/ClusterOperationStatus' + description: Output only. The previous operation status. + type: array + operationType: type: string + description: The operation type. enumDescriptions: - - The session state is unknown. - - The session is created prior to running. - - The session is running. - - The session is terminating. - - The session is terminated successfully. - - The session is no longer running due to an error. + - Node group operation type is unknown. + - Create node group operation type. + - Update node group operation type. + - Delete node group operation type. + - Resize node group operation type. + - Repair node group operation type. + - Update node group label operation type. + - Start node group operation type. + - Stop node group operation type. + - >- + This operation type is used to update the metadata config of a + node group. We update the metadata of the VMs in the node group + and await for intended config change to be completed at the node + group level. Currently, only the identity config update is + supported. enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - TERMINATING - - TERMINATED - - FAILED - stateMessage: - description: >- - Output only. Session state details, such as the failure description - if the state is FAILED. + - NODE_GROUP_OPERATION_TYPE_UNSPECIFIED + - CREATE + - UPDATE + - DELETE + - RESIZE + - REPAIR + - UPDATE_LABELS + - START + - STOP + - UPDATE_METADATA_CONFIG + labels: + type: object + description: Output only. Labels associated with the operation. readOnly: true - type: string - stateTime: - description: Output only. The time when the session entered the current state. + additionalProperties: + type: string + warnings: + readOnly: true + items: + type: string + type: array + description: Output only. Errors encountered during operation execution. + id: NodeGroupOperationMetadata + type: object + description: Metadata describing the node group operation. + AccessSessionSparkApplicationStageAttemptResponse: + type: object + id: AccessSessionSparkApplicationStageAttemptResponse + description: Stage Attempt for a Stage of a Spark Application + properties: + stageData: + $ref: '#/components/schemas/StageData' + description: Output only. Data corresponding to a stage. readOnly: true + SearchSparkApplicationJobsResponse: + description: A list of Jobs associated with a Spark Application. + type: object + id: SearchSparkApplicationJobsResponse + properties: + nextPageToken: + description: >- + This token is included in the response if there are more results to + fetch. To fetch additional results, provide this value as the + page_token in a subsequent SearchSparkApplicationJobsRequest. type: string - format: google-datetime - creator: - description: Output only. The email address of the user who created the session. + sparkApplicationJobs: readOnly: true + items: + $ref: '#/components/schemas/JobData' + description: Output only. Data corresponding to a spark job. + type: array + StreamingQueryProgress: + type: object + id: StreamingQueryProgress + properties: + runId: type: string - labels: - description: >- - Optional. The labels to associate with the session. Label keys must - contain 1 to 63 characters, and must conform to RFC 1035 - (https://www.ietf.org/rfc/rfc1035.txt). Label values may be empty, - but, if present, must contain 1 to 63 characters, and must conform - to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). No more than 32 - labels can be associated with a session. + observedMetrics: type: object additionalProperties: type: string - runtimeConfig: - description: Optional. Runtime configuration for the session execution. - $ref: '#/components/schemas/RuntimeConfig' - environmentConfig: - description: Optional. Environment configuration for the session execution. - $ref: '#/components/schemas/EnvironmentConfig' - user: - description: Optional. The email address of the user who owns the session. - type: string - stateHistory: - description: Output only. Historical state information for the session. - readOnly: true + durationMillis: + additionalProperties: + type: string + format: int64 + type: object + sink: + $ref: '#/components/schemas/SinkProgress' + stateOperators: type: array items: - $ref: '#/components/schemas/SessionStateHistory' - sessionTemplate: - description: >- - Optional. The session template used by the session.Only resource - names, including project ID and location, are valid.Example: * - https://www.googleapis.com/compute/v1/projects/[project_id]/locations/[dataproc_region]/sessionTemplates/[template_id] - * - projects/[project_id]/locations/[dataproc_region]/sessionTemplates/[template_id]The - template must be in the same project and Dataproc region as the - session. + $ref: '#/components/schemas/StateOperatorProgress' + timestamp: type: string - JupyterConfig: - id: JupyterConfig - description: Jupyter configuration for an interactive session. - type: object - properties: - kernel: - description: Optional. Kernel + eventTime: + additionalProperties: + type: string + type: object + batchDuration: + format: int64 type: string - enumDescriptions: - - The kernel is unknown. - - Python kernel. - - Scala kernel. - enum: - - KERNEL_UNSPECIFIED - - PYTHON - - SCALA - displayName: - description: Optional. Display name, shown in the Jupyter kernelspec card. + batchId: type: string - SparkConnectConfig: - id: SparkConnectConfig - description: Spark connect configuration for an interactive session. - type: object - properties: {} - SessionStateHistory: - id: SessionStateHistory - description: Historical state information. - type: object - properties: - state: - description: >- - Output only. The state of the session at this point in the session - history. - readOnly: true + format: int64 + sources: + type: array + items: + $ref: '#/components/schemas/SourceProgress' + streamingQueryProgressId: type: string - enumDescriptions: - - The session state is unknown. - - The session is created prior to running. - - The session is running. - - The session is terminating. - - The session is terminated successfully. - - The session is no longer running due to an error. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - TERMINATING - - TERMINATED - - FAILED - stateMessage: - description: >- - Output only. Details about the state at this point in the session - history. - readOnly: true + name: type: string - stateStartTime: - description: Output only. The time when the session entered the historical state. - readOnly: true + AutoscalingConfig: + properties: + policyUri: + description: >- + Optional. The autoscaling policy used by the cluster.Only resource + names including projectid and location (region) are valid. Examples: + https://www.googleapis.com/compute/v1/projects/[project_id]/locations/[dataproc_region]/autoscalingPolicies/[policy_id] + projects/[project_id]/locations/[dataproc_region]/autoscalingPolicies/[policy_id]Note + that the policy must be in the same project and Dataproc region. type: string - format: google-datetime - ListSessionsResponse: - id: ListSessionsResponse - description: A list of interactive sessions. type: object + description: Autoscaling Policy config associated with the cluster. + id: AutoscalingConfig + AccessSessionSparkApplicationJobResponse: properties: - sessions: - description: Output only. The sessions from the specified collection. + jobData: + description: Output only. Data corresponding to a spark job. readOnly: true - type: array - items: - $ref: '#/components/schemas/Session' - nextPageToken: - description: >- - A token, which can be sent as page_token, to retrieve the next page. - If this field is omitted, there are no subsequent pages. - type: string + $ref: '#/components/schemas/JobData' + type: object + description: Details of a particular job associated with Spark Application + id: AccessSessionSparkApplicationJobResponse + WriteSparkApplicationContextResponse: + id: WriteSparkApplicationContextResponse + description: Response returned as an acknowledgement of receipt of data. + properties: {} + type: object TerminateSessionRequest: id: TerminateSessionRequest - description: A request to terminate an interactive session. type: object properties: requestId: + type: string description: >- Optional. A unique ID used to identify the request. If the service receives two TerminateSessionRequest @@ -6330,211 +6365,446 @@ components: value must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), and hyphens (-). The maximum length is 40 characters. - type: string - WriteSessionSparkApplicationContextRequest: - id: WriteSessionSparkApplicationContextRequest - description: Write Spark Application data to internal storage systems - type: object + description: A request to terminate an interactive session. + SoftwareConfig: properties: - parent: - description: Required. Parent (Batch) resource reference. - type: string - sparkWrapperObjects: - description: >- - Required. The batch of spark application context objects sent for - ingestion. + optionalComponents: type: array items: - $ref: '#/components/schemas/SparkWrapperObject' - WriteSessionSparkApplicationContextResponse: - id: WriteSessionSparkApplicationContextResponse - description: Response returned as an acknowledgement of receipt of data. + enumDescriptions: + - >- + Unspecified component. Specifying this will cause Cluster + creation to fail. + - >- + The Anaconda component is no longer supported or applicable to + supported Dataproc on Compute Engine image versions + (https://cloud.google.com/dataproc/docs/concepts/versioning/dataproc-version-clusters#supported-dataproc-image-versions). + It cannot be activated on clusters created with supported + Dataproc on Compute Engine image versions. + - Delta Lake. + - Docker + - The Druid query engine. (alpha) + - Flink + - HBase. (beta) + - The Hive Web HCatalog (the REST service for accessing HCatalog). + - Hudi. + - Iceberg. + - The Jupyter Notebook. + - The Pig component. + - The Presto query engine. + - The Trino query engine. + - The Ranger service. + - The Solr service. + - The Zeppelin notebook. + - The Zookeeper service. + - The Jupyter Kernel Gateway. + enum: + - COMPONENT_UNSPECIFIED + - ANACONDA + - DELTA + - DOCKER + - DRUID + - FLINK + - HBASE + - HIVE_WEBHCAT + - HUDI + - ICEBERG + - JUPYTER + - PIG + - PRESTO + - TRINO + - RANGER + - SOLR + - ZEPPELIN + - ZOOKEEPER + - JUPYTER_KERNEL_GATEWAY + type: string + description: Optional. The set of components to activate on the cluster. + properties: + description: >- + Optional. The properties to set on daemon config files.Property keys + are specified in prefix:property format, for example + core:hadoop.tmp.dir. The following are supported prefixes and their + mappings: capacity-scheduler: capacity-scheduler.xml core: + core-site.xml distcp: distcp-default.xml hdfs: hdfs-site.xml hive: + hive-site.xml mapred: mapred-site.xml pig: pig.properties spark: + spark-defaults.conf yarn: yarn-site.xmlFor more information, see + Cluster properties + (https://cloud.google.com/dataproc/docs/concepts/cluster-properties). + additionalProperties: + type: string + type: object + imageVersion: + type: string + description: >- + Optional. The version of software inside the cluster. It must be one + of the supported Dataproc Versions + (https://cloud.google.com/dataproc/docs/concepts/versioning/dataproc-versions#supported-dataproc-image-versions), + such as "1.2" (including a subminor version, such as "1.2.29"), or + the "preview" version + (https://cloud.google.com/dataproc/docs/concepts/versioning/dataproc-versions#other_versions). + If unspecified, it defaults to the latest Debian version. + description: Specifies the selection and config of software inside the cluster. type: object - properties: {} - SearchSessionSparkApplicationsResponse: - id: SearchSessionSparkApplicationsResponse - description: A list of summary of Spark Applications + id: SoftwareConfig + SessionOperationMetadata: type: object + id: SessionOperationMetadata + description: Metadata describing the Session operation. properties: - sparkApplications: - description: Output only. High level information corresponding to an application. - readOnly: true - type: array + labels: + description: Labels associated with the operation. + type: object + additionalProperties: + type: string + description: + type: string + description: Short description of the operation. + warnings: + description: Warnings encountered during operation execution. items: - $ref: '#/components/schemas/SparkApplication' - nextPageToken: + type: string + type: array + operationType: + enum: + - SESSION_OPERATION_TYPE_UNSPECIFIED + - CREATE + - TERMINATE + - DELETE + type: string + enumDescriptions: + - Session operation type is unknown. + - Create Session operation type. + - Terminate Session operation type. + - Delete Session operation type. + description: The operation type. + session: + description: Name of the session for the operation. + type: string + createTime: + format: google-datetime + type: string + description: The time when the operation was created. + doneTime: + type: string + description: The time when the operation was finished. + format: google-datetime + sessionUuid: + type: string + description: Session UUID for the operation. + GetPolicyOptions: + id: GetPolicyOptions + description: Encapsulates settings provided to GetIamPolicy. + type: object + properties: + requestedPolicyVersion: + type: integer description: >- - This token is included in the response if there are more results to - fetch. To fetch additional results, provide this value as the - page_token in a subsequent SearchSessionSparkApplicationsRequest. + Optional. The maximum policy version that will be used to format the + policy.Valid values are 0, 1, and 3. Requests specifying an invalid + value will be rejected.Requests for policies with any conditional + role bindings must specify version 3. Policies with no conditional + role bindings may specify any valid value or leave the field + unset.The policy in the response might use the policy version that + you specified, or it might use a lower policy version. For example, + if you specify version 3, but the policy has no conditional role + bindings, the response uses version 1.To learn which resources + support conditions in their IAM policies, see the IAM documentation + (https://cloud.google.com/iam/help/conditions/resource-policies). + format: int32 + LifecycleConfig: + properties: + idleDeleteTtl: + format: google-duration + type: string + description: >- + Optional. The duration to keep the cluster alive while idling (when + no jobs are running). Passing this threshold will cause the cluster + to be deleted. Minimum value is 5 minutes; maximum value is 14 days + (see JSON representation of Duration + (https://developers.google.com/protocol-buffers/docs/proto3#json)). + autoStopTtl: + format: google-duration + type: string + description: >- + Optional. The lifetime duration of the cluster. The cluster will be + auto-stopped at the end of this period, calculated from the time of + submission of the create or update cluster request. Minimum value is + 10 minutes; maximum value is 14 days (see JSON representation of + Duration + (https://developers.google.com/protocol-buffers/docs/proto3#json)). + autoStopTime: + description: >- + Optional. The time when cluster will be auto-stopped (see JSON + representation of Timestamp + (https://developers.google.com/protocol-buffers/docs/proto3#json)). + type: string + format: google-datetime + autoDeleteTtl: + type: string + description: >- + Optional. The lifetime duration of cluster. The cluster will be + auto-deleted at the end of this period. Minimum value is 10 minutes; + maximum value is 14 days (see JSON representation of Duration + (https://developers.google.com/protocol-buffers/docs/proto3#json)). + format: google-duration + autoDeleteTime: + description: >- + Optional. The time when cluster will be auto-deleted (see JSON + representation of Timestamp + (https://developers.google.com/protocol-buffers/docs/proto3#json)). + type: string + format: google-datetime + idleStopTtl: + type: string + description: >- + Optional. The duration to keep the cluster started while idling + (when no jobs are running). Passing this threshold will cause the + cluster to be stopped. Minimum value is 5 minutes; maximum value is + 14 days (see JSON representation of Duration + (https://developers.google.com/protocol-buffers/docs/proto3#json)). + format: google-duration + idleStartTime: + readOnly: true type: string - AccessSessionSparkApplicationResponse: - id: AccessSessionSparkApplicationResponse - description: A summary of Spark Application + description: >- + Output only. The time when cluster became idle (most recent job + finished) and became eligible for deletion due to idleness (see JSON + representation of Timestamp + (https://developers.google.com/protocol-buffers/docs/proto3#json)). + format: google-datetime + description: Specifies the cluster auto-delete schedule configuration. type: object - properties: - application: - description: Output only. High level information corresponding to an application. - readOnly: true - $ref: '#/components/schemas/ApplicationInfo' - SearchSessionSparkApplicationJobsResponse: - id: SearchSessionSparkApplicationJobsResponse - description: A list of Jobs associated with a Spark Application. + id: LifecycleConfig + JobsSummary: type: object + description: Data related to Jobs page summary + id: JobsSummary properties: - sparkApplicationJobs: - description: Output only. Data corresponding to a spark job. - readOnly: true - type: array + attempts: + description: Attempts info items: - $ref: '#/components/schemas/JobData' - nextPageToken: - description: >- - This token is included in the response if there are more results to - fetch. To fetch additional results, provide this value as the - page_token in a subsequent SearchSessionSparkApplicationJobsRequest. + $ref: '#/components/schemas/ApplicationAttemptInfo' + type: array + failedJobs: + type: integer + description: Number of failed jobs + format: int32 + applicationId: + description: Spark Application Id type: string - AccessSessionSparkApplicationJobResponse: - id: AccessSessionSparkApplicationJobResponse - description: Details of a particular job associated with Spark Application - type: object + schedulingMode: + description: Spark Scheduling mode + type: string + completedJobs: + format: int32 + type: integer + description: Number of completed jobs + activeJobs: + format: int32 + description: Number of active jobs + type: integer + ApplicationAttemptInfo: properties: - jobData: - description: Output only. Data corresponding to a spark job. - readOnly: true - $ref: '#/components/schemas/JobData' - SearchSessionSparkApplicationStagesResponse: - id: SearchSessionSparkApplicationStagesResponse - description: A list of stages associated with a Spark Application. + startTime: + type: string + format: google-datetime + sparkUser: + type: string + durationMillis: + type: string + format: int64 + lastUpdated: + type: string + format: google-datetime + completed: + type: boolean + attemptId: + type: string + endTime: + type: string + format: google-datetime + appSparkVersion: + type: string + description: Specific attempt of an application. + type: object + id: ApplicationAttemptInfo + NodePool: + id: NodePool type: object properties: - sparkApplicationStages: - description: Output only. Data corresponding to a stage. - readOnly: true - type: array + instanceNames: items: - $ref: '#/components/schemas/StageData' - nextPageToken: + type: string + type: array description: >- - This token is included in the response if there are more results to - fetch. To fetch additional results, provide this value as the - page_token in a subsequent SearchSessionSparkApplicationStages. + Name of instances to be repaired. These instances must belong to + specified node pool. + repairAction: + enum: + - REPAIR_ACTION_UNSPECIFIED + - DELETE type: string - SearchSessionSparkApplicationStageAttemptsResponse: - id: SearchSessionSparkApplicationStageAttemptsResponse - description: A list of Stage Attempts for a Stage of a Spark Application. - type: object - properties: - sparkApplicationStageAttempts: - description: Output only. Data corresponding to a stage attempts - readOnly: true - type: array - items: - $ref: '#/components/schemas/StageData' - nextPageToken: description: >- - This token is included in the response if there are more results to - fetch. To fetch additional results, provide this value as the - page_token in a subsequent - SearchSessionSparkApplicationStageAttemptsRequest. + Required. Repair action to take on specified resources of the node + pool. + enumDescriptions: + - No action will be taken by default. + - delete the specified list of nodes. + id: type: string - AccessSessionSparkApplicationStageAttemptResponse: - id: AccessSessionSparkApplicationStageAttemptResponse - description: Stage Attempt for a Stage of a Spark Application + description: >- + Required. A unique id of the node pool. Primary and Secondary + workers can be specified using special reserved ids + PRIMARY_WORKER_POOL and SECONDARY_WORKER_POOL respectively. Aux node + pools can be referenced using corresponding pool id. + description: indicating a list of workers of same type + TaskQuantileMetrics: + id: TaskQuantileMetrics type: object properties: - stageData: - description: Output only. Data corresponding to a stage. - readOnly: true - $ref: '#/components/schemas/StageData' - SearchSessionSparkApplicationStageAttemptTasksResponse: - id: SearchSessionSparkApplicationStageAttemptTasksResponse - description: List of tasks for a stage of a Spark Application + resultSize: + $ref: '#/components/schemas/Quantiles' + diskBytesSpilled: + $ref: '#/components/schemas/Quantiles' + peakExecutionMemoryBytes: + $ref: '#/components/schemas/Quantiles' + outputMetrics: + $ref: '#/components/schemas/OutputQuantileMetrics' + memoryBytesSpilled: + $ref: '#/components/schemas/Quantiles' + schedulerDelayMillis: + $ref: '#/components/schemas/Quantiles' + executorDeserializeTimeMillis: + $ref: '#/components/schemas/Quantiles' + shuffleWriteMetrics: + $ref: '#/components/schemas/ShuffleWriteQuantileMetrics' + executorDeserializeCpuTimeNanos: + $ref: '#/components/schemas/Quantiles' + inputMetrics: + $ref: '#/components/schemas/InputQuantileMetrics' + executorRunTimeMillis: + $ref: '#/components/schemas/Quantiles' + executorCpuTimeNanos: + $ref: '#/components/schemas/Quantiles' + gettingResultTimeMillis: + $ref: '#/components/schemas/Quantiles' + resultSerializationTimeMillis: + $ref: '#/components/schemas/Quantiles' + durationMillis: + $ref: '#/components/schemas/Quantiles' + jvmGcTimeMillis: + $ref: '#/components/schemas/Quantiles' + shuffleReadMetrics: + $ref: '#/components/schemas/ShuffleReadQuantileMetrics' + StopClusterRequest: + id: StopClusterRequest type: object properties: - sparkApplicationStageAttemptTasks: - description: Output only. Data corresponding to tasks created by spark. - readOnly: true - type: array - items: - $ref: '#/components/schemas/TaskData' - nextPageToken: + clusterUuid: + type: string description: >- - This token is included in the response if there are more results to - fetch. To fetch additional results, provide this value as the - page_token in a subsequent - SearchSessionSparkApplicationStageAttemptTasksRequest. + Optional. Specifying the cluster_uuid means the RPC will fail (with + error NOT_FOUND) if a cluster with the specified UUID does not + exist. + requestId: + description: >- + Optional. A unique ID used to identify the request. If the server + receives two StopClusterRequest + (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#google.cloud.dataproc.v1.StopClusterRequest)s + with the same id, then the second request will be ignored and the + first google.longrunning.Operation created and stored in the backend + is returned.Recommendation: Set this value to a UUID + (https://en.wikipedia.org/wiki/Universally_unique_identifier).The ID + must contain only letters (a-z, A-Z), numbers (0-9), underscores + (_), and hyphens (-). The maximum length is 40 characters. type: string - SearchSessionSparkApplicationExecutorsResponse: - id: SearchSessionSparkApplicationExecutorsResponse - description: List of Executors associated with a Spark Application. + description: A request to stop a cluster. + NodeGroupAffinity: type: object properties: - sparkApplicationExecutors: - description: Details about executors used by the application. - type: array - items: - $ref: '#/components/schemas/ExecutorSummary' - nextPageToken: + nodeGroupUri: + type: string + description: >- + Required. The URI of a sole-tenant node group resource + (https://cloud.google.com/compute/docs/reference/rest/v1/nodeGroups) + that the cluster will be created on.A full URL, partial URI, or node + group name are valid. Examples: + https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone]/nodeGroups/node-group-1 + projects/[project_id]/zones/[zone]/nodeGroups/node-group-1 + node-group-1 + description: >- + Node Group Affinity for clusters using sole-tenant node groups. The + Dataproc NodeGroupAffinity resource is not related to the Dataproc + NodeGroup resource. + id: NodeGroupAffinity + InstanceGroupAutoscalingPolicyConfig: + description: >- + Configuration for the size bounds of an instance group, including its + proportional size to other groups. + properties: + weight: + format: int32 + description: >- + Optional. Weight for the instance group, which is used to determine + the fraction of total workers in the cluster from this instance + group. For example, if primary workers have weight 2, and secondary + workers have weight 1, the cluster will have approximately 2 primary + workers for each secondary worker.The cluster may not reach the + specified balance if constrained by min/max bounds or other + autoscaling settings. For example, if max_instances for secondary + workers is 0, then only primary workers will be added. The cluster + can also be out of balance when created.If weight is not set on any + instance group, the cluster will default to equal weight for all + groups: the cluster will attempt to maintain an equal number of + workers in each group within the configured size bounds for each + group. If weight is set for one group only, the cluster will default + to zero weight on the unset group. For example if weight is set only + on primary workers, the cluster will use primary workers only and no + secondary workers. + type: integer + minInstances: + type: integer + format: int32 description: >- - This token is included in the response if there are more results to - fetch. To fetch additional results, provide this value as the - page_token in a subsequent - SearchSessionSparkApplicationExecutorsRequest. - type: string - SearchSessionSparkApplicationExecutorStageSummaryResponse: - id: SearchSessionSparkApplicationExecutorStageSummaryResponse - description: List of Executors associated with a Spark Application Stage. - type: object - properties: - sparkApplicationStageExecutors: - description: Details about executors used by the application stage. - type: array - items: - $ref: '#/components/schemas/ExecutorStageSummary' - nextPageToken: + Optional. Minimum number of instances for this group.Primary workers + - Bounds: 2, max_instances. Default: 2. Secondary workers - Bounds: + 0, max_instances. Default: 0. + maxInstances: + type: integer description: >- - This token is included in the response if there are more results to - fetch. To fetch additional results, provide this value as the - page_token in a subsequent - SearchSessionSparkApplicationExecutorStageSummaryRequest. - type: string - SearchSessionSparkApplicationSqlQueriesResponse: - id: SearchSessionSparkApplicationSqlQueriesResponse - description: List of all queries for a Spark Application. + Required. Maximum number of instances for this group. Required for + primary workers. Note that by default, clusters will not use + secondary workers. Required for secondary workers if the minimum + secondary instances is set.Primary workers - Bounds: [min_instances, + ). Secondary workers - Bounds: [min_instances, ). Default: 0. + format: int32 type: object + id: InstanceGroupAutoscalingPolicyConfig + SparkApplication: + id: SparkApplication properties: - sparkApplicationSqlQueries: - description: Output only. SQL Execution Data - readOnly: true - type: array - items: - $ref: '#/components/schemas/SqlExecutionUiData' - nextPageToken: - description: >- - This token is included in the response if there are more results to - fetch. To fetch additional results, provide this value as the - page_token in a subsequent - SearchSessionSparkApplicationSqlQueriesRequest. + name: type: string - AccessSessionSparkApplicationSqlQueryResponse: - id: AccessSessionSparkApplicationSqlQueryResponse - description: Details of a query for a Spark Application + description: Identifier. Name of the spark application + application: + description: Output only. High level information corresponding to an application. + $ref: '#/components/schemas/ApplicationInfo' + readOnly: true + description: A summary of Spark Application type: object + SetIamPolicyRequest: properties: - executionData: - description: SQL Execution Data - $ref: '#/components/schemas/SqlExecutionUiData' - AccessSessionSparkApplicationSqlSparkPlanGraphResponse: - id: AccessSessionSparkApplicationSqlSparkPlanGraphResponse - description: >- - SparkPlanGraph for a Spark Application execution limited to maximum - 10000 clusters. + policy: + description: >- + REQUIRED: The complete policy to be applied to the resource. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' + description: Request message for SetIamPolicy method. type: object - properties: - sparkPlanGraph: - description: SparkPlanGraph for a Spark Application execution. - $ref: '#/components/schemas/SparkPlanGraph' + id: SetIamPolicyRequest AccessSessionSparkApplicationStageRddOperationGraphResponse: id: AccessSessionSparkApplicationStageRddOperationGraphResponse description: >- @@ -6543,1384 +6813,1155 @@ components: type: object properties: rddOperationGraph: - description: RDD operation graph for a Spark Application Stage. $ref: '#/components/schemas/RddOperationGraph' - AccessSessionSparkApplicationEnvironmentInfoResponse: - id: AccessSessionSparkApplicationEnvironmentInfoResponse - description: Environment details of a Saprk Application. - type: object - properties: - applicationEnvironmentInfo: - description: Details about the Environment that the application is running in. - $ref: '#/components/schemas/ApplicationEnvironmentInfo' - SummarizeSessionSparkApplicationJobsResponse: - id: SummarizeSessionSparkApplicationJobsResponse - description: Summary of a Spark Application jobs. - type: object - properties: - jobsSummary: - description: Summary of a Spark Application Jobs - $ref: '#/components/schemas/JobsSummary' - SummarizeSessionSparkApplicationStagesResponse: - id: SummarizeSessionSparkApplicationStagesResponse - description: Summary of a Spark Application stages. - type: object - properties: - stagesSummary: - description: Summary of a Spark Application Stages - $ref: '#/components/schemas/StagesSummary' - SummarizeSessionSparkApplicationStageAttemptTasksResponse: - id: SummarizeSessionSparkApplicationStageAttemptTasksResponse - description: Summary of tasks for a Spark Application stage attempt. - type: object - properties: - stageAttemptTasksSummary: - description: Summary of tasks for a Spark Application Stage Attempt - $ref: '#/components/schemas/StageAttemptTasksSummary' - SummarizeSessionSparkApplicationExecutorsResponse: - id: SummarizeSessionSparkApplicationExecutorsResponse - description: Consolidated summary of executors for a Spark Application. - type: object + description: RDD operation graph for a Spark Application Stage. + ApplicationInfo: properties: + coresPerExecutor: + type: integer + format: int32 + maxCores: + type: integer + format: int32 + memoryPerExecutorMb: + type: integer + format: int32 applicationId: - description: Spark Application Id - type: string - activeExecutorSummary: - description: Consolidated summary for active executors. - $ref: '#/components/schemas/ConsolidatedExecutorSummary' - deadExecutorSummary: - description: Consolidated summary for dead executors. - $ref: '#/components/schemas/ConsolidatedExecutorSummary' - totalExecutorSummary: - description: Overall consolidated summary for all executors. - $ref: '#/components/schemas/ConsolidatedExecutorSummary' - SessionTemplate: - id: SessionTemplate - description: A representation of a session template. - type: object - properties: - name: - description: Required. Identifier. The resource name of the session template. - type: string - description: - description: Optional. Brief description of the template. type: string - createTime: - description: Output only. The time when the template was created. - readOnly: true - type: string - format: google-datetime - jupyterSession: - description: Optional. Jupyter session config. - $ref: '#/components/schemas/JupyterConfig' - sparkConnectSession: - description: Optional. Spark connect session config. - $ref: '#/components/schemas/SparkConnectConfig' - creator: - description: Output only. The email address of the user who created the template. - readOnly: true + coresGranted: + type: integer + format: int32 + attempts: + items: + $ref: '#/components/schemas/ApplicationAttemptInfo' + type: array + quantileDataStatus: + enum: + - QUANTILE_DATA_STATUS_UNSPECIFIED + - QUANTILE_DATA_STATUS_COMPLETED + - QUANTILE_DATA_STATUS_FAILED type: string - labels: - description: >- - Optional. Labels to associate with sessions created using this - template. Label keys must contain 1 to 63 characters, and must - conform to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). Label - values can be empty, but, if present, must contain 1 to 63 - characters and conform to RFC 1035 - (https://www.ietf.org/rfc/rfc1035.txt). No more than 32 labels can - be associated with a session. - type: object - additionalProperties: - type: string - runtimeConfig: - description: Optional. Runtime configuration for session execution. - $ref: '#/components/schemas/RuntimeConfig' - environmentConfig: - description: Optional. Environment configuration for session execution. - $ref: '#/components/schemas/EnvironmentConfig' - updateTime: - description: Output only. The time the template was last updated. - readOnly: true + enumDescriptions: + - '' + - '' + - '' + name: type: string - format: google-datetime - uuid: - description: >- - Output only. A session template UUID (Unique Universal Identifier). - The service generates this value when it creates the session - template. - readOnly: true + applicationContextIngestionStatus: + enumDescriptions: + - '' + - '' + enum: + - APPLICATION_CONTEXT_INGESTION_STATUS_UNSPECIFIED + - APPLICATION_CONTEXT_INGESTION_STATUS_COMPLETED type: string - ListSessionTemplatesResponse: - id: ListSessionTemplatesResponse - description: A list of session templates. + id: ApplicationInfo + type: object + description: High level information corresponding to an application. + AccessSparkApplicationSqlQueryResponse: + id: AccessSparkApplicationSqlQueryResponse + description: Details of a query for a Spark Application + type: object + properties: + executionData: + $ref: '#/components/schemas/SqlExecutionUiData' + description: SQL Execution Data + ShufflePushReadQuantileMetrics: + id: ShufflePushReadQuantileMetrics + properties: + corruptMergedBlockChunks: + $ref: '#/components/schemas/Quantiles' + localMergedBytesRead: + $ref: '#/components/schemas/Quantiles' + mergedFetchFallbackCount: + $ref: '#/components/schemas/Quantiles' + remoteMergedBlocksFetched: + $ref: '#/components/schemas/Quantiles' + remoteMergedChunksFetched: + $ref: '#/components/schemas/Quantiles' + localMergedBlocksFetched: + $ref: '#/components/schemas/Quantiles' + remoteMergedBytesRead: + $ref: '#/components/schemas/Quantiles' + remoteMergedReqsDuration: + $ref: '#/components/schemas/Quantiles' + localMergedChunksFetched: + $ref: '#/components/schemas/Quantiles' + type: object + NodeGroup: + id: NodeGroup type: object properties: - sessionTemplates: - description: Output only. Session template list - readOnly: true + roles: + description: Required. Node group roles. type: array items: - $ref: '#/components/schemas/SessionTemplate' - nextPageToken: - description: >- - A token, which can be sent as page_token to retrieve the next page. - If this field is omitted, there are no subsequent pages. - type: string - WorkflowTemplate: - id: WorkflowTemplate - description: A Dataproc workflow template resource. - type: object - properties: - id: - type: string - name: - description: >- - Output only. The resource name of the workflow template, as - described in https://cloud.google.com/apis/design/resource_names. - For projects.regions.workflowTemplates, the resource name of the - template has the following format: - projects/{project_id}/regions/{region}/workflowTemplates/{template_id} - For projects.locations.workflowTemplates, the resource name of the - template has the following format: - projects/{project_id}/locations/{location}/workflowTemplates/{template_id} - readOnly: true - type: string - version: - description: >- - Optional. Used to perform a consistent read-modify-write.This field - should be left blank for a CreateWorkflowTemplate request. It is - required for an UpdateWorkflowTemplate request, and must match the - current server version. A typical update template flow would fetch - the current template with a GetWorkflowTemplate request, which will - return the current template with the version field filled in with - the current server version. The user updates other fields in the - template, then returns it as part of the UpdateWorkflowTemplate - request. - type: integer - format: int32 - createTime: - description: Output only. The time template was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time template was last updated. - readOnly: true - type: string - format: google-datetime + enumDescriptions: + - Required unspecified role. + - Job drivers run on the node pool. + enum: + - ROLE_UNSPECIFIED + - DRIVER + type: string labels: description: >- - Optional. The labels to associate with this template. These labels - will be propagated to all jobs and clusters created by the workflow - instance.Label keys must contain 1 to 63 characters, and must - conform to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt).Label - values may be empty, but, if present, must contain 1 to 63 - characters, and must conform to RFC 1035 - (https://www.ietf.org/rfc/rfc1035.txt).No more than 32 labels can be - associated with a template. + Optional. Node group labels. Label keys must consist of from 1 to 63 + characters and conform to RFC 1035 + (https://www.ietf.org/rfc/rfc1035.txt). Label values can be empty. + If specified, they must consist of from 1 to 63 characters and + conform to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). The node + group must have no more than 32 labels. type: object additionalProperties: type: string - placement: - description: Required. WorkflowTemplate scheduling information. - $ref: '#/components/schemas/WorkflowTemplatePlacement' - jobs: - description: Required. The Directed Acyclic Graph of Jobs to submit. - type: array - items: - $ref: '#/components/schemas/OrderedJob' - parameters: - description: >- - Optional. Template parameters whose values are substituted into the - template. Values for parameters must be provided when the template - is instantiated. - type: array - items: - $ref: '#/components/schemas/TemplateParameter' - dagTimeout: - description: >- - Optional. Timeout duration for the DAG of jobs, expressed in seconds - (see JSON representation of duration - (https://developers.google.com/protocol-buffers/docs/proto3#json)). - The timeout duration must be from 10 minutes ("600s") to 24 hours - ("86400s"). The timer begins when the first job is submitted. If the - workflow is running at the end of the timeout period, any remaining - jobs are cancelled, the workflow is ended, and if the workflow was - running on a managed cluster, the cluster is deleted. + name: + description: The Node group resource name (https://aip.dev/122). type: string - format: google-duration - encryptionConfig: - description: >- - Optional. Encryption settings for encrypting workflow template job - arguments. - $ref: >- - #/components/schemas/GoogleCloudDataprocV1WorkflowTemplateEncryptionConfig - WorkflowTemplatePlacement: - id: WorkflowTemplatePlacement + nodeGroupConfig: + description: Optional. The node group instance group configuration. + $ref: '#/components/schemas/InstanceGroupConfig' description: >- - Specifies workflow execution target.Either managed_cluster or - cluster_selector is required. - type: object - properties: - managedCluster: - description: A cluster that is managed by the workflow. - $ref: '#/components/schemas/ManagedCluster' - clusterSelector: - description: >- - Optional. A selector that chooses target cluster for jobs based on - metadata.The selector is evaluated at the time each job is - submitted. - $ref: '#/components/schemas/ClusterSelector' - ManagedCluster: - id: ManagedCluster - description: Cluster that is managed by the workflow. - type: object + Dataproc Node Group. The Dataproc NodeGroup resource is not related to + the Dataproc NodeGroupAffinity resource. + RepairClusterRequest: properties: - clusterName: + gracefulDecommissionTimeout: + format: google-duration + type: string description: >- - Required. The cluster name prefix. A unique cluster name will be - formed by appending a random suffix.The name must contain only - lower-case letters (a-z), numbers (0-9), and hyphens (-). Must begin - with a letter. Cannot begin or end with hyphen. Must consist of - between 2 and 35 characters. + Optional. Timeout for graceful YARN decommissioning. Graceful + decommissioning facilitates the removal of cluster nodes without + interrupting jobs in progress. The timeout specifies the amount of + time to wait for jobs finish before forcefully removing nodes. The + default timeout is 0 for forceful decommissioning, and the maximum + timeout period is 1 day. (see JSON Mapping—Duration + (https://developers.google.com/protocol-buffers/docs/proto3#json)).graceful_decommission_timeout + is supported in Dataproc image versions 1.2+. + clusterUuid: type: string - config: - description: Required. The cluster configuration. - $ref: '#/components/schemas/ClusterConfig' - labels: description: >- - Optional. The labels to associate with this cluster.Label keys must - be between 1 and 63 characters long, and must conform to the - following PCRE regular expression: \p{Ll}\p{Lo}{0,62}Label values - must be between 1 and 63 characters long, and must conform to the - following PCRE regular expression: \p{Ll}\p{Lo}\p{N}_-{0,63}No more - than 32 labels can be associated with a given cluster. - type: object - additionalProperties: - type: string - ClusterSelector: - id: ClusterSelector - description: A selector that chooses target cluster for jobs based on metadata. - type: object - properties: - zone: + Optional. Specifying the cluster_uuid means the RPC will fail (with + error NOT_FOUND) if a cluster with the specified UUID does not + exist. + nodePools: + type: array + items: + $ref: '#/components/schemas/NodePool' description: >- - Optional. The zone where workflow process executes. This parameter - does not affect the selection of the cluster.If unspecified, the - zone of the first cluster matching the selector is used. + Optional. Node pools and corresponding repair action to be taken. + All node pools should be unique in this request. i.e. Multiple + entries for the same node pool id are not allowed. + parentOperationId: type: string - clusterLabels: - description: Required. The cluster labels. Cluster must have all labels to match. - type: object - additionalProperties: - type: string - OrderedJob: - id: OrderedJob - description: A job executed by the workflow. - type: object - properties: - stepId: description: >- - Required. The step id. The id must be unique among all jobs within - the template.The step id is used as prefix for job id, as job - goog-dataproc-workflow-step-id label, and in prerequisiteStepIds - field from other steps.The id must contain only letters (a-z, A-Z), - numbers (0-9), underscores (_), and hyphens (-). Cannot begin or end - with underscore or hyphen. Must consist of between 3 and 50 - characters. + Optional. operation id of the parent operation sending the repair + request + dataprocSuperUser: + type: boolean + description: >- + Optional. Whether the request is submitted by Dataproc super user. + If true, IAM will check 'dataproc.clusters.repair' permission + instead of 'dataproc.clusters.update' permission. This is to give + Dataproc superuser the ability to repair clusters without granting + the overly broad update permission. + cluster: + description: Optional. Cluster to be repaired + $ref: '#/components/schemas/ClusterToRepair' + requestId: type: string - hadoopJob: - description: Optional. Job is a Hadoop job. - $ref: '#/components/schemas/HadoopJob' - sparkJob: - description: Optional. Job is a Spark job. - $ref: '#/components/schemas/SparkJob' - pysparkJob: - description: Optional. Job is a PySpark job. - $ref: '#/components/schemas/PySparkJob' - hiveJob: - description: Optional. Job is a Hive job. - $ref: '#/components/schemas/HiveJob' - pigJob: - description: Optional. Job is a Pig job. - $ref: '#/components/schemas/PigJob' - sparkRJob: - description: Optional. Job is a SparkR job. - $ref: '#/components/schemas/SparkRJob' - sparkSqlJob: - description: Optional. Job is a SparkSql job. - $ref: '#/components/schemas/SparkSqlJob' - prestoJob: - description: Optional. Job is a Presto job. - $ref: '#/components/schemas/PrestoJob' - trinoJob: - description: Optional. Job is a Trino job. - $ref: '#/components/schemas/TrinoJob' - flinkJob: - description: Optional. Job is a Flink job. - $ref: '#/components/schemas/FlinkJob' - labels: description: >- - Optional. The labels to associate with this job.Label keys must be - between 1 and 63 characters long, and must conform to the following - regular expression: \p{Ll}\p{Lo}{0,62}Label values must be between 1 - and 63 characters long, and must conform to the following regular - expression: \p{Ll}\p{Lo}\p{N}_-{0,63}No more than 32 labels can be - associated with a given job. + Optional. A unique ID used to identify the request. If the server + receives two RepairClusterRequests with the same ID, the second + request is ignored, and the first google.longrunning.Operation + created and stored in the backend is returned.Recommendation: Set + this value to a UUID + (https://en.wikipedia.org/wiki/Universally_unique_identifier).The ID + must contain only letters (a-z, A-Z), numbers (0-9), underscores + (_), and hyphens (-). The maximum length is 40 characters. + type: object + description: A request to repair a cluster. + id: RepairClusterRequest + FlinkJob: + id: FlinkJob + properties: + properties: type: object additionalProperties: type: string - scheduling: - description: Optional. Job scheduling configuration. - $ref: '#/components/schemas/JobScheduling' - prerequisiteStepIds: description: >- - Optional. The optional list of prerequisite job step_ids. If not - specified, the job will start at the beginning of workflow. - type: array + Optional. A mapping of property names to values, used to configure + Flink. Properties that conflict with values set by the Dataproc API + might be overwritten. Can include properties set in + /etc/flink/conf/flink-defaults.conf and classes in user code. + jarFileUris: items: type: string - TemplateParameter: - id: TemplateParameter - description: >- - A configurable parameter that replaces one or more fields in the - template. Parameterizable fields: - Labels - File uris - Job properties - - Job arguments - Script variables - Main class (in HadoopJob and - SparkJob) - Zone (in ClusterSelector) - type: object - properties: - name: - description: >- - Required. Parameter name. The parameter name is used as the key, and - paired with the parameter value, which are passed to the template - when the template is instantiated. The name must contain only - capital letters (A-Z), numbers (0-9), and underscores (_), and must - not start with a number. The maximum length is 40 characters. - type: string - fields: description: >- - Required. Paths to all fields that the parameter replaces. A field - is allowed to appear in at most one parameter's list of field - paths.A field path is similar in syntax to a - google.protobuf.FieldMask. For example, a field path that references - the zone field of a workflow template's cluster selector would be - specified as placement.clusterSelector.zone.Also, field paths can - reference fields using the following syntax: Values in maps can be - referenced by key: labels'key' - placement.clusterSelector.clusterLabels'key' - placement.managedCluster.labels'key' - placement.clusterSelector.clusterLabels'key' - jobs'step-id'.labels'key' Jobs in the jobs list can be referenced by - step-id: jobs'step-id'.hadoopJob.mainJarFileUri - jobs'step-id'.hiveJob.queryFileUri - jobs'step-id'.pySparkJob.mainPythonFileUri - jobs'step-id'.hadoopJob.jarFileUris0 - jobs'step-id'.hadoopJob.archiveUris0 - jobs'step-id'.hadoopJob.fileUris0 - jobs'step-id'.pySparkJob.pythonFileUris0 Items in repeated fields - can be referenced by a zero-based index: - jobs'step-id'.sparkJob.args0 Other examples: - jobs'step-id'.hadoopJob.properties'key' - jobs'step-id'.hadoopJob.args0 - jobs'step-id'.hiveJob.scriptVariables'key' - jobs'step-id'.hadoopJob.mainJarFileUri - placement.clusterSelector.zoneIt may not be possible to parameterize - maps and repeated fields in their entirety since only individual map - values and individual items in repeated fields can be referenced. - For example, the following field paths are invalid: - placement.clusterSelector.clusterLabels jobs'step-id'.sparkJob.args + Optional. HCFS URIs of jar files to add to the CLASSPATHs of the + Flink driver and tasks. type: array + savepointUri: + description: >- + Optional. HCFS URI of the savepoint, which contains the last saved + progress for starting the current job. + type: string + args: items: type: string - description: + type: array description: >- - Optional. Brief description of the parameter. Must not exceed 1024 - characters. + Optional. The arguments to pass to the driver. Do not include + arguments, such as --conf, that can be set as job properties, since + a collision might occur that causes an incorrect job submission. + mainJarFileUri: type: string - validation: - description: Optional. Validation rules to be applied to this parameter's value. - $ref: '#/components/schemas/ParameterValidation' - ParameterValidation: - id: ParameterValidation - description: Configuration for parameter validation. + description: The HCFS URI of the jar file that contains the main class. + mainClass: + description: >- + The name of the driver's main class. The jar file that contains the + class must be in the default CLASSPATH or specified in jarFileUris. + type: string + loggingConfig: + $ref: '#/components/schemas/LoggingConfig' + description: Optional. The runtime log config for job execution. type: object + description: A Dataproc job for running Apache Flink applications on YARN. + ValueValidation: properties: - regex: - description: Validation based on regular expressions. - $ref: '#/components/schemas/RegexValidation' values: - description: Validation based on a list of allowed values. - $ref: '#/components/schemas/ValueValidation' - RegexValidation: - id: RegexValidation - description: Validation based on regular expressions. - type: object - properties: - regexes: - description: >- - Required. RE2 regular expressions used to validate the parameter's - value. The value must match the regex in its entirety (substring - matches are not sufficient). - type: array items: type: string - ValueValidation: - id: ValueValidation - description: Validation based on a list of allowed values. - type: object - properties: - values: description: Required. List of allowed values for the parameter. type: array - items: - type: string - GoogleCloudDataprocV1WorkflowTemplateEncryptionConfig: - id: GoogleCloudDataprocV1WorkflowTemplateEncryptionConfig - description: Encryption settings for encrypting workflow template job arguments. + description: Validation based on a list of allowed values. + id: ValueValidation + type: object + ShuffleReadMetrics: type: object properties: - kmsKey: - description: >- - Optional. The Cloud KMS key name to use for encrypting workflow - template job arguments.When this this key is provided, the following - workflow template job arguments - (https://cloud.google.com/dataproc/docs/concepts/workflows/use-workflows#adding_jobs_to_a_template), - if present, are CMEK encrypted - (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/customer-managed-encryption#use_cmek_with_workflow_template_data): - FlinkJob args - (https://cloud.google.com/dataproc/docs/reference/rest/v1/FlinkJob) - HadoopJob args - (https://cloud.google.com/dataproc/docs/reference/rest/v1/HadoopJob) - SparkJob args - (https://cloud.google.com/dataproc/docs/reference/rest/v1/SparkJob) - SparkRJob args - (https://cloud.google.com/dataproc/docs/reference/rest/v1/SparkRJob) - PySparkJob args - (https://cloud.google.com/dataproc/docs/reference/rest/v1/PySparkJob) - SparkSqlJob - (https://cloud.google.com/dataproc/docs/reference/rest/v1/SparkSqlJob) - scriptVariables and queryList.queries HiveJob - (https://cloud.google.com/dataproc/docs/reference/rest/v1/HiveJob) - scriptVariables and queryList.queries PigJob - (https://cloud.google.com/dataproc/docs/reference/rest/v1/PigJob) - scriptVariables and queryList.queries PrestoJob - (https://cloud.google.com/dataproc/docs/reference/rest/v1/PrestoJob) - scriptVariables and queryList.queries + remoteReqsDuration: type: string - InstantiateWorkflowTemplateRequest: - id: InstantiateWorkflowTemplateRequest - description: A request to instantiate a workflow template. + format: int64 + fetchWaitTimeMillis: + type: string + format: int64 + localBytesRead: + type: string + format: int64 + recordsRead: + format: int64 + type: string + localBlocksFetched: + format: int64 + type: string + remoteBytesReadToDisk: + type: string + format: int64 + remoteBytesRead: + type: string + format: int64 + remoteBlocksFetched: + format: int64 + type: string + shufflePushReadMetrics: + $ref: '#/components/schemas/ShufflePushReadMetrics' + description: Shuffle data read by the task. + id: ShuffleReadMetrics + SessionStateHistory: + id: SessionStateHistory type: object + description: Historical state information. properties: - version: + stateMessage: + type: string + readOnly: true description: >- - Optional. The version of workflow template to instantiate. If - specified, the workflow will be instantiated only if the current - version of the workflow template has the supplied version.This - option cannot be used to instantiate a previous version of workflow - template. - type: integer - format: int32 - requestId: + Output only. Details about the state at this point in the session + history. + state: + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - TERMINATING + - TERMINATED + - FAILED description: >- - Optional. A tag that prevents multiple concurrent workflow instances - with the same tag from running. This mitigates risk of concurrent - instances started due to retries.It is recommended to always set - this value to a UUID - (https://en.wikipedia.org/wiki/Universally_unique_identifier).The - tag must contain only letters (a-z, A-Z), numbers (0-9), underscores - (_), and hyphens (-). The maximum length is 40 characters. + Output only. The state of the session at this point in the session + history. + enumDescriptions: + - The session state is unknown. + - The session is created prior to running. + - The session is running. + - The session is terminating. + - The session is terminated successfully. + - The session is no longer running due to an error. + type: string + readOnly: true + stateStartTime: + readOnly: true + type: string + description: Output only. The time when the session entered the historical state. + format: google-datetime + SparkRuntimeInfo: + id: SparkRuntimeInfo + properties: + javaVersion: + type: string + javaHome: + type: string + scalaVersion: type: string - parameters: - description: >- - Optional. Map from parameter names to values that should be used for - those parameters. Values may not exceed 1000 characters. - type: object - additionalProperties: - type: string - ListWorkflowTemplatesResponse: - id: ListWorkflowTemplatesResponse - description: A response to a request to list workflow templates in a project. type: object + VirtualClusterConfig: properties: - templates: - description: Output only. WorkflowTemplates list. - readOnly: true - type: array - items: - $ref: '#/components/schemas/WorkflowTemplate' - nextPageToken: + auxiliaryServicesConfig: + description: Optional. Configuration of auxiliary services used by this cluster. + $ref: '#/components/schemas/AuxiliaryServicesConfig' + kubernetesClusterConfig: description: >- - Output only. This token is included in the response if there are - more results to fetch. To fetch additional results, provide this - value as the page_token in a subsequent - ListWorkflowTemplatesRequest. - readOnly: true - type: string - unreachable: + Required. The configuration for running the Dataproc cluster on + Kubernetes. + $ref: '#/components/schemas/KubernetesClusterConfig' + stagingBucket: description: >- - Output only. List of workflow templates that could not be included - in the response. Attempting to get one of these resources may - indicate why it was not included in the list response. - readOnly: true - type: array - items: - type: string - ResizeNodeGroupRequest: - id: ResizeNodeGroupRequest - description: A request to resize a node group. + Optional. A Cloud Storage bucket used to stage job dependencies, + config files, and job driver console output. If you do not specify a + staging bucket, Cloud Dataproc will determine a Cloud Storage + location (US, ASIA, or EU) for your cluster's staging bucket + according to the Compute Engine zone where your cluster is deployed, + and then create and manage this project-level, per-location bucket + (see Dataproc staging and temp buckets + (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/staging-bucket)). + This field requires a Cloud Storage bucket name, not a gs://... URI + to a Cloud Storage bucket. + type: string + id: VirtualClusterConfig + description: >- + The Dataproc cluster config for a cluster that does not directly control + the underlying compute resources, such as a Dataproc-on-GKE cluster + (https://cloud.google.com/dataproc/docs/guides/dpgke/dataproc-gke-overview). + type: object + BasicYarnAutoscalingConfig: type: object properties: - size: + scaleUpFactor: + type: number + format: double description: >- - Required. The number of running instances for the node group to - maintain. The group adds or removes instances to maintain the number - of instances specified by this parameter. - type: integer - format: int32 - requestId: + Required. Fraction of average YARN pending memory in the last + cooldown period for which to add workers. A scale-up factor of 1.0 + will result in scaling up so that there is no pending memory + remaining after the update (more aggressive scaling). A scale-up + factor closer to 0 will result in a smaller magnitude of scaling up + (less aggressive scaling). See How autoscaling works + (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/autoscaling#how_autoscaling_works) + for more information.Bounds: 0.0, 1.0. + scaleDownMinWorkerFraction: description: >- - Optional. A unique ID used to identify the request. If the server - receives two ResizeNodeGroupRequest - (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#google.cloud.dataproc.v1.ResizeNodeGroupRequests) - with the same ID, the second request is ignored and the first - google.longrunning.Operation created and stored in the backend is - returned.Recommendation: Set this value to a UUID - (https://en.wikipedia.org/wiki/Universally_unique_identifier).The ID - must contain only letters (a-z, A-Z), numbers (0-9), underscores - (_), and hyphens (-). The maximum length is 40 characters. - type: string + Optional. Minimum scale-down threshold as a fraction of total + cluster size before scaling occurs. For example, in a 20-worker + cluster, a threshold of 0.1 means the autoscaler must recommend at + least a 2 worker scale-down for the cluster to scale. A threshold of + 0 means the autoscaler will scale down on any recommended + change.Bounds: 0.0, 1.0. Default: 0.0. + type: number + format: double gracefulDecommissionTimeout: - description: >- - Optional. Timeout for graceful YARN decommissioning. Graceful - decommissioning - (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/scaling-clusters#graceful_decommissioning) - allows the removal of nodes from the Compute Engine node group - without interrupting jobs in progress. This timeout specifies how - long to wait for jobs in progress to finish before forcefully - removing nodes (and potentially interrupting jobs). Default timeout - is 0 (for forceful decommission), and the maximum allowed timeout is - 1 day. (see JSON representation of Duration - (https://developers.google.com/protocol-buffers/docs/proto3#json)).Only - supported on Dataproc image versions 1.2 and higher. - type: string format: google-duration - parentOperationId: - description: >- - Optional. operation id of the parent operation sending the resize - request type: string - RepairNodeGroupRequest: - id: RepairNodeGroupRequest + description: >- + Required. Timeout for YARN graceful decommissioning of Node + Managers. Specifies the duration to wait for jobs to complete before + forcefully removing workers (and potentially interrupting jobs). + Only applicable to downscaling operations.Bounds: 0s, 1d. + scaleUpMinWorkerFraction: + type: number + format: double + description: >- + Optional. Minimum scale-up threshold as a fraction of total cluster + size before scaling occurs. For example, in a 20-worker cluster, a + threshold of 0.1 means the autoscaler must recommend at least a + 2-worker scale-up for the cluster to scale. A threshold of 0 means + the autoscaler will scale up on any recommended change.Bounds: 0.0, + 1.0. Default: 0.0. + scaleDownFactor: + format: double + type: number + description: >- + Required. Fraction of average YARN pending memory in the last + cooldown period for which to remove workers. A scale-down factor of + 1 will result in scaling down so that there is no available memory + remaining after the update (more aggressive scaling). A scale-down + factor of 0 disables removing workers, which can be beneficial for + autoscaling a single job. See How autoscaling works + (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/autoscaling#how_autoscaling_works) + for more information.Bounds: 0.0, 1.0. + id: BasicYarnAutoscalingConfig + description: Basic autoscaling configurations for YARN. + ConfidentialInstanceConfig: + id: ConfidentialInstanceConfig + description: >- + Confidential Instance Config for clusters using Confidential VMs + (https://cloud.google.com/compute/confidential-vm/docs) type: object properties: - instanceNames: + enableConfidentialCompute: description: >- - Required. Name of instances to be repaired. These instances must - belong to specified node pool. - type: array - items: + Optional. Defines whether the instance should have confidential + compute enabled. + type: boolean + HiveJob: + description: >- + A Dataproc job for running Apache Hive (https://hive.apache.org/) + queries on YARN. + properties: + scriptVariables: + additionalProperties: type: string - repairAction: description: >- - Required. Repair action to take on specified resources of the node - pool. + Optional. Mapping of query variable names to values (equivalent to + the Hive command: SET name="value";). + type: object + queryFileUri: type: string - enumDescriptions: - - No action will be taken by default. - - replace the specified list of nodes. - enum: - - REPAIR_ACTION_UNSPECIFIED - - REPLACE - requestId: + description: The HCFS URI of the script that contains Hive queries. + properties: + type: object description: >- - Optional. A unique ID used to identify the request. If the server - receives two RepairNodeGroupRequest with the same ID, the second - request is ignored and the first google.longrunning.Operation - created and stored in the backend is returned.Recommendation: Set - this value to a UUID - (https://en.wikipedia.org/wiki/Universally_unique_identifier).The ID - must contain only letters (a-z, A-Z), numbers (0-9), underscores - (_), and hyphens (-). The maximum length is 40 characters. - type: string - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for SetIamPolicy method. - type: object - properties: - policy: + Optional. A mapping of property names and values, used to configure + Hive. Properties that conflict with values set by the Dataproc API + might be overwritten. Can include properties set in + /etc/hadoop/conf/*-site.xml, /etc/hive/conf/hive-site.xml, and + classes in user code. + additionalProperties: + type: string + continueOnFailure: description: >- - REQUIRED: The complete policy to be applied to the resource. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources.A Policy is a collection of - bindings. A binding binds one or more members, or principals, to a - single role. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A role is a named list of - permissions; each role can be an IAM predefined role or a user-created - custom role.For some types of Google Cloud resources, a binding can also - specify a condition, which is a logical expression that allows access to - a resource only if the expression evaluates to true. A condition can add - constraints based on attributes of the request, the resource, or both. - To learn which resources support conditions in their IAM policies, see - the IAM documentation - (https://cloud.google.com/iam/help/conditions/resource-policies).JSON - example: { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } YAML example: bindings: - members: - - user:mike@example.com - group:admins@example.com - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For - a description of IAM and its features, see the IAM documentation - (https://cloud.google.com/iam/docs/). + Optional. Whether to continue executing queries if a query fails. + The default value is false. Setting to true can be useful when + executing independent parallel queries. + type: boolean + queryList: + $ref: '#/components/schemas/QueryList' + description: A list of queries. + jarFileUris: + description: >- + Optional. HCFS URIs of jar files to add to the CLASSPATH of the Hive + server and Hadoop MapReduce (MR) tasks. Can contain Hive SerDes and + UDFs. + type: array + items: + type: string type: object + id: HiveJob + InstanceSelectionResult: properties: - version: - description: >- - Specifies the format of the policy.Valid values are 0, 1, and 3. - Requests that specify an invalid value are rejected.Any operation - that affects conditional role bindings must specify version 3. This - requirement applies to the following operations: Getting a policy - that includes a conditional role binding Adding a conditional role - binding to a policy Changing a conditional role binding in a policy - Removing any role binding, with or without a condition, from a - policy that includes conditionsImportant: If you use IAM Conditions, - you must include the etag field whenever you call setIamPolicy. If - you omit this field, then IAM allows you to overwrite a version 3 - policy with a version 1 policy, and all of the conditions in the - version 3 policy are lost.If a policy does not include any - conditions, operations on that policy may specify any valid version - or leave the field unset.To learn which resources support conditions - in their IAM policies, see the IAM documentation - (https://cloud.google.com/iam/help/conditions/resource-policies). + vmCount: + readOnly: true type: integer + description: Output only. Number of VM provisioned with the machine_type. format: int32 - bindings: - description: >- - Associates a list of members, or principals, with a role. - Optionally, may specify a condition that determines how and when the - bindings are applied. Each of the bindings must contain at least one - principal.The bindings in a Policy can refer to up to 1,500 - principals; up to 250 of these principals can be Google groups. Each - occurrence of a principal counts towards these limits. For example, - if the bindings grant 50 different roles to user:alice@example.com, - and not to any other principal, then you can add another 1,450 - principals to the bindings in the Policy. - type: array - items: - $ref: '#/components/schemas/Binding' - etag: - description: >- - etag is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the etag in - the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An etag is returned in the response to - getIamPolicy, and systems are expected to put that etag in the - request to setIamPolicy to ensure that their change will be applied - to the same version of the policy.Important: If you use IAM - Conditions, you must include the etag field whenever you call - setIamPolicy. If you omit this field, then IAM allows you to - overwrite a version 3 policy with a version 1 policy, and all of the - conditions in the version 3 policy are lost. + machineType: + description: Output only. Full machine-type names, e.g. "n1-standard-16". + readOnly: true type: string - format: byte - Binding: - id: Binding - description: Associates members, or principals, with a role. + id: InstanceSelectionResult + type: object + description: >- + Defines a mapping from machine types to the number of VMs that are + created with each machine type. + ParameterValidation: + description: Configuration for parameter validation. type: object + id: ParameterValidation properties: - role: - description: >- - Role that is assigned to the list of members, or principals. For - example, roles/viewer, roles/editor, or roles/owner.For an overview - of the IAM roles and permissions, see the IAM documentation - (https://cloud.google.com/iam/docs/roles-overview). For a list of - the available pre-defined roles, see here - (https://cloud.google.com/iam/docs/understanding-roles). - type: string - members: + regex: + description: Validation based on regular expressions. + $ref: '#/components/schemas/RegexValidation' + values: + description: Validation based on a list of allowed values. + $ref: '#/components/schemas/ValueValidation' + GkeNodePoolConfig: + description: >- + The configuration of a GKE node pool used by a Dataproc-on-GKE cluster + (https://cloud.google.com/dataproc/docs/concepts/jobs/dataproc-gke#create-a-dataproc-on-gke-cluster). + id: GkeNodePoolConfig + properties: + locations: description: >- - Specifies the principals requesting access for a Google Cloud - resource. members can have the following values: allUsers: A special - identifier that represents anyone who is on the internet; with or - without a Google account. allAuthenticatedUsers: A special - identifier that represents anyone who is authenticated with a Google - account or a service account. Does not include identities that come - from external identity providers (IdPs) through identity federation. - user:{emailid}: An email address that represents a specific Google - account. For example, alice@example.com . serviceAccount:{emailid}: - An email address that represents a Google service account. For - example, my-other-app@appspot.gserviceaccount.com. - serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: - An identifier for a Kubernetes service account - (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. - group:{emailid}: An email address that represents a Google group. - For example, admins@example.com. domain:{domain}: The G Suite domain - (primary) that represents all the users of that domain. For example, - google.com or example.com. - principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}: - A single identity in a workforce identity pool. - principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}: - All workforce identities in a group. - principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}: - All workforce identities with a specific attribute value. - principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*: - All identities in a workforce identity pool. - principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}: - A single identity in a workload identity pool. - principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}: - A workload identity pool group. - principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}: - All identities in a workload identity pool with a certain attribute. - principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*: - All identities in a workload identity pool. - deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique - identifier) representing a user that has been recently deleted. For - example, alice@example.com?uid=123456789012345678901. If the user is - recovered, this value reverts to user:{emailid} and the recovered - user retains the role in the binding. - deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. - If the service account is undeleted, this value reverts to - serviceAccount:{emailid} and the undeleted service account retains - the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An - email address (plus unique identifier) representing a Google group - that has been recently deleted. For example, - admins@example.com?uid=123456789012345678901. If the group is - recovered, this value reverts to group:{emailid} and the recovered - group retains the role in the binding. - deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}: - Deleted single identity in a workforce identity pool. For example, - deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value. - type: array + Optional. The list of Compute Engine zones + (https://cloud.google.com/compute/docs/zones#available) where node + pool nodes associated with a Dataproc on GKE virtual cluster will be + located.Note: All node pools associated with a virtual cluster must + be located in the same region as the virtual cluster, and they must + be located in the same zone within that region.If a location is not + specified during node pool creation, Dataproc on GKE will choose the + zone. items: type: string - condition: + type: array + config: + $ref: '#/components/schemas/GkeNodeConfig' + description: Optional. The node pool configuration. + autoscaling: description: >- - The condition that is associated with this binding.If the condition - evaluates to true, then this binding applies to the current - request.If the condition evaluates to false, then this binding does - not apply to the current request. However, a different role binding - might grant the same role to one or more of the principals in this - binding.To learn which resources support conditions in their IAM - policies, see the IAM documentation - (https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec.Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + Optional. The autoscaler configuration for this node pool. The + autoscaler is enabled only when a valid configuration is present. + $ref: '#/components/schemas/GkeNodePoolAutoscalingConfig' type: object + AcceleratorConfig: + description: >- + Specifies the type and number of accelerator cards attached to the + instances of an instance. See GPUs on Compute Engine + (https://cloud.google.com/compute/docs/gpus/). + id: AcceleratorConfig properties: - expression: + acceleratorCount: + format: int32 + type: integer description: >- - Textual representation of an expression in Common Expression - Language syntax. + The number of the accelerator cards of this type exposed to this + instance. + acceleratorTypeUri: + description: >- + Full URL, partial URI, or short name of the accelerator type + resource to expose to this instance. See Compute Engine + AcceleratorTypes + (https://cloud.google.com/compute/docs/reference/v1/acceleratorTypes).Examples: + https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone]/acceleratorTypes/nvidia-tesla-t4 + projects/[project_id]/zones/[zone]/acceleratorTypes/nvidia-tesla-t4 + nvidia-tesla-t4Auto Zone Exception: If you are using the Dataproc + Auto Zone Placement + (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/auto-zone#using_auto_zone_placement) + feature, you must use the short name of the accelerator type + resource, for example, nvidia-tesla-t4. type: string - title: + type: object + ResizeNodeGroupRequest: + properties: + size: + type: integer description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + Required. The number of running instances for the node group to + maintain. The group adds or removes instances to maintain the number + of instances specified by this parameter. + format: int32 + requestId: + description: >- + Optional. A unique ID used to identify the request. If the server + receives two ResizeNodeGroupRequest + (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#google.cloud.dataproc.v1.ResizeNodeGroupRequests) + with the same ID, the second request is ignored and the first + google.longrunning.Operation created and stored in the backend is + returned.Recommendation: Set this value to a UUID + (https://en.wikipedia.org/wiki/Universally_unique_identifier).The ID + must contain only letters (a-z, A-Z), numbers (0-9), underscores + (_), and hyphens (-). The maximum length is 40 characters. + type: string + gracefulDecommissionTimeout: type: string - description: description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + Optional. Timeout for graceful YARN decommissioning. Graceful + decommissioning + (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/scaling-clusters#graceful_decommissioning) + allows the removal of nodes from the Compute Engine node group + without interrupting jobs in progress. This timeout specifies how + long to wait for jobs in progress to finish before forcefully + removing nodes (and potentially interrupting jobs). Default timeout + is 0 (for forceful decommission), and the maximum allowed timeout is + 1 day. (see JSON representation of Duration + (https://developers.google.com/protocol-buffers/docs/proto3#json)).Only + supported on Dataproc image versions 1.2 and higher. + format: google-duration + parentOperationId: type: string - location: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - GetIamPolicyRequest: - id: GetIamPolicyRequest - description: Request message for GetIamPolicy method. + Optional. operation id of the parent operation sending the resize + request + id: ResizeNodeGroupRequest + description: A request to resize a node group. type: object - properties: - options: - description: >- - OPTIONAL: A GetPolicyOptions object for specifying options to - GetIamPolicy. - $ref: '#/components/schemas/GetPolicyOptions' - GetPolicyOptions: - id: GetPolicyOptions - description: Encapsulates settings provided to GetIamPolicy. + ShuffleWriteQuantileMetrics: + id: ShuffleWriteQuantileMetrics type: object properties: - requestedPolicyVersion: - description: >- - Optional. The maximum policy version that will be used to format the - policy.Valid values are 0, 1, and 3. Requests specifying an invalid - value will be rejected.Requests for policies with any conditional - role bindings must specify version 3. Policies with no conditional - role bindings may specify any valid value or leave the field - unset.The policy in the response might use the policy version that - you specified, or it might use a lower policy version. For example, - if you specify version 3, but the policy has no conditional role - bindings, the response uses version 1.To learn which resources - support conditions in their IAM policies, see the IAM documentation - (https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for TestIamPermissions method. - type: object + writeRecords: + $ref: '#/components/schemas/Quantiles' + writeTimeNanos: + $ref: '#/components/schemas/Quantiles' + writeBytes: + $ref: '#/components/schemas/Quantiles' + ListBatchesResponse: properties: - permissions: + nextPageToken: + type: string description: >- - The set of permissions to check for the resource. Permissions with - wildcards (such as * or storage.*) are not allowed. For more - information see IAM Overview - (https://cloud.google.com/iam/docs/overview#permissions). + A token, which can be sent as page_token to retrieve the next page. + If this field is omitted, there are no subsequent pages. + batches: type: array + readOnly: true + description: Output only. The batches from the specified collection. items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for TestIamPermissions method. - type: object - properties: - permissions: - description: >- - A subset of TestPermissionsRequest.permissions that the caller is - allowed. + $ref: '#/components/schemas/Batch' + unreachable: + readOnly: true type: array + description: >- + Output only. List of Batches that could not be included in the + response. Attempting to get one of these resources may indicate why + it was not included in the list response. items: type: string - AnalyzeOperationMetadata: - id: AnalyzeOperationMetadata - description: Metadata describing the Analyze operation. + description: A list of batch workloads. + id: ListBatchesResponse + type: object + Empty: type: object + id: Empty + properties: {} + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + StageShuffleWriteMetrics: + id: StageShuffleWriteMetrics properties: - analyzedWorkloadName: - description: Output only. name of the workload being analyzed. - readOnly: true + recordsWritten: type: string - analyzedWorkloadType: - description: Output only. Type of the workload being analyzed. - readOnly: true + format: int64 + writeTimeNanos: type: string - enumDescriptions: - - Undefined option - - Serverless batch job - enum: - - WORKLOAD_TYPE_UNSPECIFIED - - BATCH - analyzedWorkloadUuid: - description: >- - Output only. unique identifier of the workload typically generated - by control plane. E.g. batch uuid. - readOnly: true + format: int64 + bytesWritten: type: string - createTime: - description: Output only. The time when the operation was created. + format: int64 + description: Shuffle data written for the stage. + type: object + SessionTemplate: + id: SessionTemplate + type: object + description: A representation of a session template. + properties: + updateTime: + format: google-datetime readOnly: true type: string - format: google-datetime - doneTime: - description: Output only. The time when the operation finished. + description: Output only. The time the template was last updated. + creator: readOnly: true + description: Output only. The email address of the user who created the template. type: string - format: google-datetime + environmentConfig: + description: Optional. Environment configuration for session execution. + $ref: '#/components/schemas/EnvironmentConfig' description: - description: Output only. Short description of the operation. - readOnly: true type: string - labels: - description: Output only. Labels associated with the operation. + description: Optional. Brief description of the template. + createTime: + type: string readOnly: true - type: object + description: Output only. The time when the template was created. + format: google-datetime + labels: + description: >- + Optional. Labels to associate with sessions created using this + template. Label keys must contain 1 to 63 characters, and must + conform to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). Label + values can be empty, but, if present, must contain 1 to 63 + characters and conform to RFC 1035 + (https://www.ietf.org/rfc/rfc1035.txt). No more than 32 labels can + be associated with a session. additionalProperties: type: string - warnings: - description: Output only. Warnings encountered during operation execution. + type: object + jupyterSession: + description: Optional. Jupyter session config. + $ref: '#/components/schemas/JupyterConfig' + name: + type: string + description: Required. Identifier. The resource name of the session template. + uuid: + description: >- + Output only. A session template UUID (Unique Universal Identifier). + The service generates this value when it creates the session + template. + readOnly: true + type: string + runtimeConfig: + $ref: '#/components/schemas/RuntimeConfig' + description: Optional. Runtime configuration for session execution. + sparkConnectSession: + $ref: '#/components/schemas/SparkConnectConfig' + description: Optional. Spark connect session config. + SearchSessionSparkApplicationStageAttemptsResponse: + type: object + properties: + sparkApplicationStageAttempts: + readOnly: true + type: array + description: Output only. Data corresponding to a stage attempts + items: + $ref: '#/components/schemas/StageData' + nextPageToken: + type: string + description: >- + This token is included in the response if there are more results to + fetch. To fetch additional results, provide this value as the + page_token in a subsequent + SearchSessionSparkApplicationStageAttemptsRequest. + description: A list of Stage Attempts for a Stage of a Spark Application. + id: SearchSessionSparkApplicationStageAttemptsResponse + ListJobsResponse: + properties: + unreachable: readOnly: true + description: >- + Output only. List of jobs with kms_key-encrypted parameters that + could not be decrypted. A response to a jobs.get request may + indicate the reason for the decryption failure for a specific job. type: array items: type: string - BatchOperationMetadata: - id: BatchOperationMetadata - description: Metadata describing the Batch operation. + jobs: + items: + $ref: '#/components/schemas/Job' + description: Output only. Jobs list. + type: array + readOnly: true + nextPageToken: + description: >- + Optional. This token is included in the response if there are more + results to fetch. To fetch additional results, provide this value as + the page_token in a subsequent ListJobsRequest. + type: string + id: ListJobsResponse type: object + description: A list of jobs in a project. + SearchSparkApplicationStagesResponse: properties: - batch: - description: Name of the batch for the operation. - type: string - batchUuid: - description: Batch UUID for the operation. - type: string - createTime: - description: The time when the operation was created. - type: string - format: google-datetime - doneTime: - description: The time when the operation finished. - type: string - format: google-datetime - operationType: - description: The operation type. - type: string - enumDescriptions: - - Batch operation type is unknown. - - Batch operation type. - enum: - - BATCH_OPERATION_TYPE_UNSPECIFIED - - BATCH - description: - description: Short description of the operation. + nextPageToken: + description: >- + This token is included in the response if there are more results to + fetch. To fetch additional results, provide this value as the + page_token in a subsequent SearchSparkApplicationStages. type: string - labels: - description: Labels associated with the operation. - type: object - additionalProperties: - type: string - warnings: - description: Warnings encountered during operation execution. + sparkApplicationStages: type: array + description: Output only. Data corresponding to a stage. + readOnly: true items: - type: string - ClusterOperationMetadata: - id: ClusterOperationMetadata - description: Metadata describing the operation. + $ref: '#/components/schemas/StageData' + id: SearchSparkApplicationStagesResponse + type: object + description: A list of stages associated with a Spark Application. + Cluster: + description: >- + Describes the identifying information, config, and status of a Dataproc + cluster + id: Cluster type: object properties: - clusterName: - description: Output only. Name of the cluster for the operation. - readOnly: true + projectId: + description: >- + Required. The Google Cloud Platform project ID that the cluster + belongs to. type: string clusterUuid: - description: Output only. Cluster UUID for the operation. - readOnly: true type: string - status: - description: Output only. Current operation status. - readOnly: true - $ref: '#/components/schemas/ClusterOperationStatus' - statusHistory: - description: Output only. The previous operation status. - readOnly: true - type: array - items: - $ref: '#/components/schemas/ClusterOperationStatus' - operationType: - description: Output only. The operation type. + description: >- + Output only. A cluster UUID (Unique Universal Identifier). Dataproc + generates this value when it creates the cluster. readOnly: true - type: string - description: - description: Output only. Short description of operation. + status: + $ref: '#/components/schemas/ClusterStatus' + description: Output only. Cluster status. readOnly: true + config: + $ref: '#/components/schemas/ClusterConfig' + description: >- + Optional. The cluster config for a cluster of Compute Engine + Instances. Note that Dataproc may set default values, and values may + change when clusters are updated.Exactly one of ClusterConfig or + VirtualClusterConfig must be specified. + clusterName: + description: >- + Required. The cluster name, which must be unique within a project. + The name must start with a lowercase letter, and can contain up to + 51 lowercase letters, numbers, and hyphens. It cannot end with a + hyphen. The name of a deleted cluster can be reused. type: string labels: - description: Output only. Labels associated with the operation - readOnly: true - type: object + description: >- + Optional. The labels to associate with this cluster. Label keys must + contain 1 to 63 characters, and must conform to RFC 1035 + (https://www.ietf.org/rfc/rfc1035.txt). Label values may be empty, + but, if present, must contain 1 to 63 characters, and must conform + to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). No more than 32 + labels can be associated with a cluster. additionalProperties: type: string - warnings: - description: Output only. Errors encountered during operation execution. - readOnly: true + type: object + statusHistory: type: array + description: Output only. The previous cluster status. items: - type: string - childOperationIds: - description: Output only. Child operation ids + $ref: '#/components/schemas/ClusterStatus' readOnly: true - type: array - items: - type: string - ClusterOperationStatus: - id: ClusterOperationStatus - description: The status of the operation. + metrics: + readOnly: true + $ref: '#/components/schemas/ClusterMetrics' + description: >- + Output only. Contains cluster daemon metrics such as HDFS and YARN + stats.Beta Feature: This report is available for testing purposes + only. It may be changed before final release. + virtualClusterConfig: + $ref: '#/components/schemas/VirtualClusterConfig' + description: >- + Optional. The virtual cluster config is used when creating a + Dataproc cluster that does not directly control the underlying + compute resources, for example, when creating a Dataproc-on-GKE + cluster + (https://cloud.google.com/dataproc/docs/guides/dpgke/dataproc-gke-overview). + Dataproc may set default values, and values may change when clusters + are updated. Exactly one of config or virtual_cluster_config must be + specified. + FallbackReason: + properties: + fallbackReason: + description: Optional. Fallback to Spark reason. + type: string + fallbackNode: + type: string + description: Optional. Fallback node information. + description: Native SQL Execution Data type: object + id: FallbackReason + DiskConfig: + description: >- + Specifies the config of boot disk and attached disk options for a group + of VM instances. + id: DiskConfig properties: - state: - description: Output only. A message containing the operation state. - readOnly: true + localSsdInterface: + description: >- + Optional. Interface type of local SSDs (default is "scsi"). Valid + values: "scsi" (Small Computer System Interface), "nvme" + (Non-Volatile Memory Express). See local SSD performance + (https://cloud.google.com/compute/docs/disks/local-ssd#performance). type: string - enumDescriptions: - - Unused. - - The operation has been created. - - The operation is running. - - The operation is done; either cancelled or completed. - enum: - - UNKNOWN - - PENDING - - RUNNING - - DONE - innerState: - description: Output only. A message containing the detailed operation state. - readOnly: true + numLocalSsds: + description: >- + Optional. Number of attached SSDs, from 0 to 8 (default is 0). If + SSDs are not attached, the boot disk is used to store runtime logs + and HDFS + (https://hadoop.apache.org/docs/r1.2.1/hdfs_user_guide.html) data. + If one or more SSDs are attached, this runtime bulk data is spread + across them, and the boot disk contains only basic config and + installed binaries.Note: Local SSD options may vary by machine type + and number of vCPUs selected. + format: int32 + type: integer + bootDiskProvisionedIops: type: string - details: - description: Output only. A message containing any operation metadata details. - readOnly: true + description: >- + Optional. Indicates how many IOPS to provision for the disk. This + sets the number of I/O operations per second that the disk can + handle. This field is supported only if boot_disk_type is + hyperdisk-balanced. + format: int64 + bootDiskProvisionedThroughput: + format: int64 + description: >- + Optional. Indicates how much throughput to provision for the disk. + This sets the number of throughput mb per second that the disk can + handle. Values must be greater than or equal to 1. This field is + supported only if boot_disk_type is hyperdisk-balanced. type: string - stateStartTime: - description: Output only. The time this state was entered. - readOnly: true + bootDiskSizeGb: + format: int32 + description: Optional. Size in GB of the boot disk (default is 500GB). + type: integer + bootDiskType: type: string - format: google-datetime - DiagnoseClusterResults: - id: DiagnoseClusterResults - description: The location of diagnostic output. + description: >- + Optional. Type of the boot disk (default is "pd-standard"). Valid + values: "pd-balanced" (Persistent Disk Balanced Solid State Drive), + "pd-ssd" (Persistent Disk Solid State Drive), or "pd-standard" + (Persistent Disk Hard Disk Drive). See Disk types + (https://cloud.google.com/compute/docs/disks#disk-types). type: object + TaskResourceRequest: properties: - outputUri: - description: >- - Output only. The Cloud Storage URI of the diagnostic output. The - output report is a plain text file with a summary of collected - diagnostics. - readOnly: true + resourceName: type: string - JobMetadata: - id: JobMetadata - description: Job Operation metadata. + amount: + type: number + format: double + description: Resources used per task created by the application. type: object + id: TaskResourceRequest + RddDataDistribution: + description: Details about RDD usage. properties: - jobId: - description: Output only. The job id. - readOnly: true + memoryUsed: + format: int64 type: string - status: - description: Output only. Most recent job status. - readOnly: true - $ref: '#/components/schemas/JobStatus' - operationType: - description: Output only. Operation type. - readOnly: true + offHeapMemoryUsed: type: string - startTime: - description: Output only. Job submission time. - readOnly: true + format: int64 + address: type: string - format: google-datetime - SessionOperationMetadata: - id: SessionOperationMetadata - description: Metadata describing the Session operation. + onHeapMemoryRemaining: + type: string + format: int64 + memoryRemaining: + type: string + format: int64 + onHeapMemoryUsed: + format: int64 + type: string + diskUsed: + format: int64 + type: string + offHeapMemoryRemaining: + format: int64 + type: string + id: RddDataDistribution + type: object + AccessSessionSparkApplicationSqlQueryResponse: + id: AccessSessionSparkApplicationSqlQueryResponse + type: object + properties: + executionData: + description: SQL Execution Data + $ref: '#/components/schemas/SqlExecutionUiData' + description: Details of a query for a Spark Application + StreamBlockData: + description: Stream Block Data. + id: StreamBlockData type: object properties: - session: - description: Name of the session for the operation. + useDisk: + type: boolean + diskSize: + format: int64 type: string - sessionUuid: - description: Session UUID for the operation. + deserialized: + type: boolean + memSize: + format: int64 type: string - createTime: - description: The time when the operation was created. + storageLevel: type: string - format: google-datetime - doneTime: - description: The time when the operation was finished. + useMemory: + type: boolean + executorId: type: string - format: google-datetime - operationType: - description: The operation type. + hostPort: type: string - enumDescriptions: - - Session operation type is unknown. - - Create Session operation type. - - Terminate Session operation type. - - Delete Session operation type. - enum: - - SESSION_OPERATION_TYPE_UNSPECIFIED - - CREATE - - TERMINATE - - DELETE - description: - description: Short description of the operation. + name: type: string - labels: - description: Labels associated with the operation. - type: object - additionalProperties: - type: string - warnings: - description: Warnings encountered during operation execution. - type: array - items: - type: string - NodeGroupOperationMetadata: - id: NodeGroupOperationMetadata - description: Metadata describing the node group operation. + RuntimeConfig: + description: Runtime configuration for a workload. + id: RuntimeConfig type: object properties: - nodeGroupId: - description: Output only. Node group ID for the operation. - readOnly: true - type: string - clusterUuid: - description: Output only. Cluster UUID associated with the node group operation. - readOnly: true - type: string - status: - description: Output only. Current operation status. - readOnly: true - $ref: '#/components/schemas/ClusterOperationStatus' - statusHistory: - description: Output only. The previous operation status. - readOnly: true - type: array - items: - $ref: '#/components/schemas/ClusterOperationStatus' - operationType: - description: The operation type. - type: string - enumDescriptions: - - Node group operation type is unknown. - - Create node group operation type. - - Update node group operation type. - - Delete node group operation type. - - Resize node group operation type. - - Repair node group operation type. - - Update node group label operation type. - - Start node group operation type. - - Stop node group operation type. - - >- - This operation type is used to update the metadata config of a - node group. We update the metadata of the VMs in the node group - and await for intended config change to be completed at the node - group level. Currently, only the identity config update is - supported. - enum: - - NODE_GROUP_OPERATION_TYPE_UNSPECIFIED - - CREATE - - UPDATE - - DELETE - - RESIZE - - REPAIR - - UPDATE_LABELS - - START - - STOP - - UPDATE_METADATA_CONFIG - description: - description: Output only. Short description of operation. - readOnly: true + repositoryConfig: + $ref: '#/components/schemas/RepositoryConfig' + description: Optional. Dependency repository configuration. + autotuningConfig: + description: Optional. Autotuning configuration of the workload. + $ref: '#/components/schemas/AutotuningConfig' + version: + description: Optional. Version of the batch runtime. type: string - labels: - description: Output only. Labels associated with the operation. - readOnly: true - type: object + properties: additionalProperties: type: string - warnings: - description: Output only. Errors encountered during operation execution. - readOnly: true - type: array - items: - type: string - WorkflowMetadata: - id: WorkflowMetadata - description: A Dataproc workflow template resource. - type: object - properties: - template: description: >- - Output only. The resource name of the workflow template as described - in https://cloud.google.com/apis/design/resource_names. For - projects.regions.workflowTemplates, the resource name of the - template has the following format: - projects/{project_id}/regions/{region}/workflowTemplates/{template_id} - For projects.locations.workflowTemplates, the resource name of the - template has the following format: - projects/{project_id}/locations/{location}/workflowTemplates/{template_id} - readOnly: true + Optional. A mapping of property names to values, which are used to + configure workload execution. + type: object + containerImage: + description: >- + Optional. Optional custom container image for the job runtime + environment. If not specified, a default container image will be + used. type: string - version: + cohort: description: >- - Output only. The version of template at the time of workflow - instantiation. - readOnly: true + Optional. Cohort identifier. Identifies families of the workloads + having the same shape, e.g. daily ETL jobs. + type: string + StageData: + description: Data corresponding to a stage. + id: StageData + type: object + properties: + schedulingPool: + type: string + executorMetricsDistributions: + $ref: '#/components/schemas/ExecutorMetricsDistributions' + numFailedTasks: + format: int32 type: integer + numActiveTasks: format: int32 - createCluster: - description: Output only. The create cluster operation metadata. - readOnly: true - $ref: '#/components/schemas/ClusterOperation' - graph: - description: Output only. The workflow graph. - readOnly: true - $ref: '#/components/schemas/WorkflowGraph' - deleteCluster: - description: Output only. The delete cluster operation metadata. - readOnly: true - $ref: '#/components/schemas/ClusterOperation' - state: - description: Output only. The workflow state. - readOnly: true - type: string + type: integer + status: enumDescriptions: - - Unused. - - The operation has been created. - - The operation is running. - - The operation is done; either cancelled or completed. + - '' + - '' + - '' + - '' + - '' + - '' enum: - - UNKNOWN - - PENDING - - RUNNING - - DONE - clusterName: - description: Output only. The name of the target cluster. - readOnly: true + - STAGE_STATUS_UNSPECIFIED + - STAGE_STATUS_ACTIVE + - STAGE_STATUS_COMPLETE + - STAGE_STATUS_FAILED + - STAGE_STATUS_PENDING + - STAGE_STATUS_SKIPPED type: string - parameters: - description: >- - Map from parameter names to values that were used for those - parameters. + name: + type: string + executorSummary: type: object additionalProperties: + $ref: '#/components/schemas/ExecutorStageSummary' + rddIds: + items: + format: int64 type: string - startTime: - description: Output only. Workflow start time. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. Workflow end time. - readOnly: true + type: array + peakExecutorMetrics: + $ref: '#/components/schemas/ExecutorMetrics' + stageId: type: string + format: int64 + killedTasksSummary: + type: object + additionalProperties: + format: int32 + type: integer + accumulatorUpdates: + type: array + items: + $ref: '#/components/schemas/AccumulableInfo' + stageAttemptId: + format: int32 + type: integer + locality: + additionalProperties: + type: string + format: int64 + type: object + firstTaskLaunchedTime: format: google-datetime - clusterUuid: - description: Output only. The UUID of target cluster. - readOnly: true - type: string - dagTimeout: - description: >- - Output only. The timeout duration for the DAG of jobs, expressed in - seconds (see JSON representation of duration - (https://developers.google.com/protocol-buffers/docs/proto3#json)). - readOnly: true type: string - format: google-duration - dagStartTime: - description: >- - Output only. DAG start time, only set for workflows with dag_timeout - when DAG begins. - readOnly: true + numTasks: + format: int32 + type: integer + completionTime: type: string format: google-datetime - dagEndTime: - description: >- - Output only. DAG end time, only set for workflows with dag_timeout - when DAG ends. - readOnly: true + numCompletedIndices: + type: integer + format: int32 + numKilledTasks: + format: int32 + type: integer + shuffleMergersCount: + type: integer + format: int32 + numCompleteTasks: + type: integer + format: int32 + jobIds: + type: array + items: + format: int64 + type: string + failureReason: type: string + submissionTime: format: google-datetime - ClusterOperation: - id: ClusterOperation - description: The cluster operation triggered by a workflow. - type: object - properties: - operationId: - description: Output only. The id of the cluster operation. - readOnly: true type: string - error: - description: Output only. Error, if operation failed. - readOnly: true + parentStageIds: + items: + type: string + format: int64 + type: array + taskQuantileMetrics: + $ref: '#/components/schemas/TaskQuantileMetrics' + description: >- + Summary metrics fields. These are included in response only if + present in summary_metrics_mask field in request + details: type: string - done: - description: Output only. Indicates the operation is done. - readOnly: true + description: + type: string + isShufflePushEnabled: type: boolean - WorkflowGraph: - id: WorkflowGraph - description: The workflow graph. - type: object - properties: - nodes: - description: Output only. The workflow nodes. - readOnly: true - type: array - items: - $ref: '#/components/schemas/WorkflowNode' - WorkflowNode: - id: WorkflowNode - description: The workflow node. + stageMetrics: + $ref: '#/components/schemas/StageMetrics' + tasks: + additionalProperties: + $ref: '#/components/schemas/TaskData' + type: object + resourceProfileId: + type: integer + format: int32 + speculationSummary: + $ref: '#/components/schemas/SpeculationStageSummary' + ClusterSelector: type: object + description: A selector that chooses target cluster for jobs based on metadata. properties: - stepId: - description: Output only. The name of the node. - readOnly: true - type: string - prerequisiteStepIds: - description: Output only. Node's prerequisite nodes. - readOnly: true - type: array - items: + clusterLabels: + additionalProperties: type: string - jobId: + type: object + description: Required. The cluster labels. Cluster must have all labels to match. + zone: description: >- - Output only. The job id; populated after the node enters RUNNING - state. - readOnly: true - type: string - state: - description: Output only. The node state. - readOnly: true + Optional. The zone where workflow process executes. This parameter + does not affect the selection of the cluster.If unspecified, the + zone of the first cluster matching the selector is used. type: string - enumDescriptions: - - State is unspecified. - - The node is awaiting prerequisite node to finish. - - The node is runnable but not running. - - The node is running. - - The node completed successfully. - - >- - The node failed. A node can be marked FAILED because its ancestor - or peer failed. - enum: - - NODE_STATE_UNSPECIFIED - - BLOCKED - - RUNNABLE - - RUNNING - - COMPLETED - - FAILED - error: - description: Output only. The error detail. - readOnly: true + id: ClusterSelector + SearchSparkApplicationExecutorsResponse: + description: List of Executors associated with a Spark Application. + id: SearchSparkApplicationExecutorsResponse + properties: + nextPageToken: type: string + description: >- + This token is included in the response if there are more results to + fetch. To fetch additional results, provide this value as the + page_token in a subsequent + SearchSparkApplicationExecutorsListRequest. + sparkApplicationExecutors: + description: Details about executors used by the application. + items: + $ref: '#/components/schemas/ExecutorSummary' + type: array + type: object parameters: - access_token: - description: OAuth access token. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: access_token + name: oauth_token + schema: + type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields schema: type: string alt: @@ -7933,18 +7974,15 @@ components: - json - media - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. + _.xgafv: + description: V1 error format. in: query - name: fields + name: $.xgafv schema: type: string + enum: + - '1' + - '2' key: description: >- API key. Your API key identifies your project and provides you with API @@ -7954,18 +7992,18 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: oauth_token + name: uploadType schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: prettyPrint + name: upload_protocol schema: - type: boolean + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -7975,166 +8013,329 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + callback: + description: JSONP in: query - name: upload_protocol + name: callback schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + access_token: + description: OAuth access token. in: query - name: uploadType + name: access_token schema: type: string - _.xgafv: - description: V1 error format. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: $.xgafv + name: prettyPrint schema: - type: string - enum: - - '1' - - '2' + type: boolean x-stackQL-resources: - operations: - id: google.dataproc.operations - name: operations - title: Operations + workflow_templates: + id: google.dataproc.workflow_templates + name: workflow_templates + title: Workflow_templates methods: - projects_regions_operations_list: + projects_regions_workflow_templates_instantiate_inline: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates:instantiateInline/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_regions_workflow_templates_update: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates~1{workflowTemplatesId}/put + response: + mediaType: application/json + openAPIDocKey: '200' + projects_regions_workflow_templates_delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates~1{workflowTemplatesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_regions_workflow_templates_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates~1{workflowTemplatesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_regions_workflow_templates_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_regions_operations_get: + objectKey: $.unreachable + projects_regions_workflow_templates_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates/post response: mediaType: application/json openAPIDocKey: '200' - projects_regions_operations_delete: + projects_regions_workflow_templates_instantiate: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates~1{workflowTemplatesId}:instantiate/post response: mediaType: application/json openAPIDocKey: '200' - projects_regions_operations_cancel: + projects_locations_workflow_templates_instantiate: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates~1{workflowTemplatesId}:instantiate/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_operations_list: + projects_locations_workflow_templates_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_locations_operations_get: + projects_locations_workflow_templates_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_operations_delete: + objectKey: $.unreachable + projects_locations_workflow_templates_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates~1{workflowTemplatesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_operations_cancel: + projects_locations_workflow_templates_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates~1{workflowTemplatesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_workflow_templates_update: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates~1{workflowTemplatesId}/put + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_workflow_templates_instantiate_inline: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates:instantiateInline/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_regions_operations_get + #/components/x-stackQL-resources/workflow_templates/methods/projects_regions_workflow_templates_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get + #/components/x-stackQL-resources/workflow_templates/methods/projects_locations_workflow_templates_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_regions_operations_list + #/components/x-stackQL-resources/workflow_templates/methods/projects_regions_workflow_templates_list - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_list - insert: [] + #/components/x-stackQL-resources/workflow_templates/methods/projects_locations_workflow_templates_list + insert: + - $ref: >- + #/components/x-stackQL-resources/workflow_templates/methods/projects_regions_workflow_templates_create + - $ref: >- + #/components/x-stackQL-resources/workflow_templates/methods/projects_locations_workflow_templates_create update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/workflow_templates/methods/projects_regions_workflow_templates_update + - $ref: >- + #/components/x-stackQL-resources/workflow_templates/methods/projects_locations_workflow_templates_update delete: - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_regions_operations_delete + #/components/x-stackQL-resources/workflow_templates/methods/projects_regions_workflow_templates_delete - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_delete - operations_iam_policies: - id: google.dataproc.operations_iam_policies - name: operations_iam_policies - title: Operations_iam_policies + #/components/x-stackQL-resources/workflow_templates/methods/projects_locations_workflow_templates_delete + workflow_templates_iam_policies: + id: google.dataproc.workflow_templates_iam_policies + name: workflow_templates_iam_policies + title: Workflow_templates_iam_policies methods: - projects_regions_operations_set_iam_policy: + projects_regions_workflow_templates_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1operations~1{operationsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates~1{workflowTemplatesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - projects_regions_operations_get_iam_policy: + projects_regions_workflow_templates_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1operations~1{operationsId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates~1{workflowTemplatesId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - projects_regions_operations_test_iam_permissions: + projects_regions_workflow_templates_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1operations~1{operationsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates~1{workflowTemplatesId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_workflow_templates_set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates~1{workflowTemplatesId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_workflow_templates_get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates~1{workflowTemplatesId}:getIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + projects_locations_workflow_templates_test_iam_permissions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates~1{workflowTemplatesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/operations_iam_policies/methods/projects_regions_operations_get_iam_policy + #/components/x-stackQL-resources/workflow_templates_iam_policies/methods/projects_regions_workflow_templates_get_iam_policy + - $ref: >- + #/components/x-stackQL-resources/workflow_templates_iam_policies/methods/projects_locations_workflow_templates_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/operations_iam_policies/methods/projects_regions_operations_set_iam_policy + #/components/x-stackQL-resources/workflow_templates_iam_policies/methods/projects_regions_workflow_templates_set_iam_policy + - $ref: >- + #/components/x-stackQL-resources/workflow_templates_iam_policies/methods/projects_locations_workflow_templates_set_iam_policy delete: [] - autoscaling_policies: - id: google.dataproc.autoscaling_policies - name: autoscaling_policies - title: Autoscaling_policies + jobs: + id: google.dataproc.jobs + name: jobs + title: Jobs methods: - projects_regions_autoscaling_policies_create: + projects_regions_jobs_cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1autoscalingPolicies/post + #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1jobs~1{jobId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - projects_regions_autoscaling_policies_list: + projects_regions_jobs_submit: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1autoscalingPolicies/get + #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1jobs:submit/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.policies + projects_regions_jobs_delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1jobs~1{jobId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_regions_jobs_patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1jobs~1{jobId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_regions_jobs_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1jobs~1{jobId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_regions_jobs_list: + operation: + $ref: '#/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1jobs/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + projects_regions_jobs_submit_as_operation: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1jobs:submitAsOperation/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/jobs/methods/projects_regions_jobs_get + - $ref: >- + #/components/x-stackQL-resources/jobs/methods/projects_regions_jobs_list + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/jobs/methods/projects_regions_jobs_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/jobs/methods/projects_regions_jobs_delete + jobs_iam_policies: + id: google.dataproc.jobs_iam_policies + name: jobs_iam_policies + title: Jobs_iam_policies + methods: + projects_regions_jobs_test_iam_permissions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1jobs~1{jobsId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_regions_jobs_set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1jobs~1{jobsId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_regions_jobs_get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1jobs~1{jobsId}:getIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/jobs_iam_policies/methods/projects_regions_jobs_get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/jobs_iam_policies/methods/projects_regions_jobs_set_iam_policy + delete: [] + autoscaling_policies: + id: google.dataproc.autoscaling_policies + name: autoscaling_policies + title: Autoscaling_policies + methods: projects_regions_autoscaling_policies_update: operation: $ref: >- @@ -8156,6 +8357,21 @@ components: response: mediaType: application/json openAPIDocKey: '200' + projects_regions_autoscaling_policies_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1autoscalingPolicies/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.policies + projects_regions_autoscaling_policies_create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1autoscalingPolicies/post + response: + mediaType: application/json + openAPIDocKey: '200' projects_locations_autoscaling_policies_create: operation: $ref: >- @@ -8171,24 +8387,24 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.policies - projects_locations_autoscaling_policies_update: + projects_locations_autoscaling_policies_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autoscalingPolicies~1{autoscalingPoliciesId}/put + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autoscalingPolicies~1{autoscalingPoliciesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_autoscaling_policies_get: + projects_locations_autoscaling_policies_update: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autoscalingPolicies~1{autoscalingPoliciesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autoscalingPolicies~1{autoscalingPoliciesId}/put response: mediaType: application/json openAPIDocKey: '200' - projects_locations_autoscaling_policies_delete: + projects_locations_autoscaling_policies_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autoscalingPolicies~1{autoscalingPoliciesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autoscalingPolicies~1{autoscalingPoliciesId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -8223,13 +8439,6 @@ components: name: autoscaling_policies_iam_policies title: Autoscaling_policies_iam_policies methods: - projects_regions_autoscaling_policies_set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1autoscalingPolicies~1{autoscalingPoliciesId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' projects_regions_autoscaling_policies_get_iam_policy: operation: $ref: >- @@ -8245,10 +8454,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_autoscaling_policies_set_iam_policy: + projects_regions_autoscaling_policies_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autoscalingPolicies~1{autoscalingPoliciesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1autoscalingPolicies~1{autoscalingPoliciesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' @@ -8260,6 +8469,13 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings + projects_locations_autoscaling_policies_set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autoscalingPolicies~1{autoscalingPoliciesId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' projects_locations_autoscaling_policies_test_iam_permissions: operation: $ref: >- @@ -8301,13 +8517,6 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.clusters - projects_regions_clusters_patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1clusters~1{clusterName}/patch - response: - mediaType: application/json - openAPIDocKey: '200' projects_regions_clusters_delete: operation: $ref: >- @@ -8322,10 +8531,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_regions_clusters_stop: + projects_regions_clusters_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1clusters~1{clusterName}:stop/post + #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1clusters~1{clusterName}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -8336,17 +8545,17 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_regions_clusters_repair: + projects_regions_clusters_stop: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1clusters~1{clusterName}:repair/post + #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1clusters~1{clusterName}:stop/post response: mediaType: application/json openAPIDocKey: '200' - projects_regions_clusters_diagnose: + projects_regions_clusters_repair: operation: $ref: >- - #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1clusters~1{clusterName}:diagnose/post + #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1clusters~1{clusterName}:repair/post response: mediaType: application/json openAPIDocKey: '200' @@ -8357,6 +8566,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + projects_regions_clusters_diagnose: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1clusters~1{clusterName}:diagnose/post + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: >- @@ -8385,21 +8601,21 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_regions_clusters_get_iam_policy: + projects_regions_clusters_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1clusters~1{clustersId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1clusters~1{clustersId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_regions_clusters_test_iam_permissions: + projects_regions_clusters_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1clusters~1{clustersId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1clusters~1{clustersId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- @@ -8415,13 +8631,6 @@ components: name: node_groups title: Node_groups methods: - projects_regions_clusters_node_groups_create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1clusters~1{clustersId}~1nodeGroups/post - response: - mediaType: application/json - openAPIDocKey: '200' projects_regions_clusters_node_groups_resize: operation: $ref: >- @@ -8429,13 +8638,6 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_regions_clusters_node_groups_repair: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1clusters~1{clustersId}~1nodeGroups~1{nodeGroupsId}:repair/post - response: - mediaType: application/json - openAPIDocKey: '200' projects_regions_clusters_node_groups_get: operation: $ref: >- @@ -8443,652 +8645,487 @@ components: response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/node_groups/methods/projects_regions_clusters_node_groups_get - insert: - - $ref: >- - #/components/x-stackQL-resources/node_groups/methods/projects_regions_clusters_node_groups_create - update: [] - replace: [] - delete: [] - jobs: - id: google.dataproc.jobs - name: jobs - title: Jobs - methods: - projects_regions_jobs_submit: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1jobs:submit/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_regions_jobs_submit_as_operation: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1jobs:submitAsOperation/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_regions_jobs_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1jobs~1{jobId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_regions_jobs_patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1jobs~1{jobId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - projects_regions_jobs_delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1jobs~1{jobId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - projects_regions_jobs_list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1jobs/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.jobs - projects_regions_jobs_cancel: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectId}~1regions~1{region}~1jobs~1{jobId}:cancel/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/jobs/methods/projects_regions_jobs_get - - $ref: >- - #/components/x-stackQL-resources/jobs/methods/projects_regions_jobs_list - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/jobs/methods/projects_regions_jobs_patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/jobs/methods/projects_regions_jobs_delete - jobs_iam_policies: - id: google.dataproc.jobs_iam_policies - name: jobs_iam_policies - title: Jobs_iam_policies - methods: - projects_regions_jobs_set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1jobs~1{jobsId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_regions_jobs_get_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1jobs~1{jobsId}:getIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - projects_regions_jobs_test_iam_permissions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1jobs~1{jobsId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/jobs_iam_policies/methods/projects_regions_jobs_get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/jobs_iam_policies/methods/projects_regions_jobs_set_iam_policy - delete: [] - workflow_templates: - id: google.dataproc.workflow_templates - name: workflow_templates - title: Workflow_templates - methods: - projects_regions_workflow_templates_create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_regions_workflow_templates_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.templates - projects_regions_workflow_templates_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates~1{workflowTemplatesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_regions_workflow_templates_update: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates~1{workflowTemplatesId}/put - response: - mediaType: application/json - openAPIDocKey: '200' - projects_regions_workflow_templates_delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates~1{workflowTemplatesId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - projects_regions_workflow_templates_instantiate: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates~1{workflowTemplatesId}:instantiate/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_regions_workflow_templates_instantiate_inline: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates:instantiateInline/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_workflow_templates_create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_workflow_templates_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.templates - projects_locations_workflow_templates_get: + projects_regions_clusters_node_groups_repair: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates~1{workflowTemplatesId}/get + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1clusters~1{clustersId}~1nodeGroups~1{nodeGroupsId}:repair/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_workflow_templates_update: + projects_regions_clusters_node_groups_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates~1{workflowTemplatesId}/put + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1clusters~1{clustersId}~1nodeGroups/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_workflow_templates_delete: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/node_groups/methods/projects_regions_clusters_node_groups_get + insert: + - $ref: >- + #/components/x-stackQL-resources/node_groups/methods/projects_regions_clusters_node_groups_create + update: [] + replace: [] + delete: [] + operations_iam_policies: + id: google.dataproc.operations_iam_policies + name: operations_iam_policies + title: Operations_iam_policies + methods: + projects_regions_operations_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates~1{workflowTemplatesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1operations~1{operationsId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_workflow_templates_instantiate: + objectKey: $.bindings + projects_regions_operations_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates~1{workflowTemplatesId}:instantiate/post + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1operations~1{operationsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_workflow_templates_instantiate_inline: + projects_regions_operations_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates:instantiateInline/post + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1operations~1{operationsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/workflow_templates/methods/projects_regions_workflow_templates_get - - $ref: >- - #/components/x-stackQL-resources/workflow_templates/methods/projects_locations_workflow_templates_get - - $ref: >- - #/components/x-stackQL-resources/workflow_templates/methods/projects_regions_workflow_templates_list - - $ref: >- - #/components/x-stackQL-resources/workflow_templates/methods/projects_locations_workflow_templates_list - insert: - - $ref: >- - #/components/x-stackQL-resources/workflow_templates/methods/projects_regions_workflow_templates_create - - $ref: >- - #/components/x-stackQL-resources/workflow_templates/methods/projects_locations_workflow_templates_create + #/components/x-stackQL-resources/operations_iam_policies/methods/projects_regions_operations_get_iam_policy + insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/workflow_templates/methods/projects_regions_workflow_templates_update - - $ref: >- - #/components/x-stackQL-resources/workflow_templates/methods/projects_locations_workflow_templates_update - delete: - - $ref: >- - #/components/x-stackQL-resources/workflow_templates/methods/projects_regions_workflow_templates_delete - - $ref: >- - #/components/x-stackQL-resources/workflow_templates/methods/projects_locations_workflow_templates_delete - workflow_templates_iam_policies: - id: google.dataproc.workflow_templates_iam_policies - name: workflow_templates_iam_policies - title: Workflow_templates_iam_policies + #/components/x-stackQL-resources/operations_iam_policies/methods/projects_regions_operations_set_iam_policy + delete: [] + operations: + id: google.dataproc.operations + name: operations + title: Operations methods: - projects_regions_workflow_templates_set_iam_policy: + projects_regions_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates~1{workflowTemplatesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_regions_workflow_templates_get_iam_policy: + projects_regions_operations_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates~1{workflowTemplatesId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_regions_workflow_templates_test_iam_permissions: + projects_regions_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1workflowTemplates~1{workflowTemplatesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_workflow_templates_set_iam_policy: + objectKey: $.unreachable + projects_regions_operations_cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates~1{workflowTemplatesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1regions~1{regionsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_workflow_templates_get_iam_policy: + projects_locations_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates~1{workflowTemplatesId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_workflow_templates_test_iam_permissions: + projects_locations_operations_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflowTemplates~1{workflowTemplatesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_operations_cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_operations_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/workflow_templates_iam_policies/methods/projects_regions_workflow_templates_get_iam_policy + #/components/x-stackQL-resources/operations/methods/projects_regions_operations_get - $ref: >- - #/components/x-stackQL-resources/workflow_templates_iam_policies/methods/projects_locations_workflow_templates_get_iam_policy + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_regions_operations_list + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_list insert: [] update: [] - replace: + replace: [] + delete: - $ref: >- - #/components/x-stackQL-resources/workflow_templates_iam_policies/methods/projects_regions_workflow_templates_set_iam_policy + #/components/x-stackQL-resources/operations/methods/projects_regions_operations_delete - $ref: >- - #/components/x-stackQL-resources/workflow_templates_iam_policies/methods/projects_locations_workflow_templates_set_iam_policy - delete: [] - batches: - id: google.dataproc.batches - name: batches - title: Batches + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_delete + session_templates: + id: google.dataproc.session_templates + name: session_templates + title: Session_templates methods: - projects_locations_batches_analyze: + projects_locations_session_templates_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}:analyze/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessionTemplates~1{sessionTemplatesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_create: + projects_locations_session_templates_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessionTemplates~1{sessionTemplatesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_list: + projects_locations_session_templates_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessionTemplates~1{sessionTemplatesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.batches - projects_locations_batches_get: + projects_locations_session_templates_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessionTemplates/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_delete: + projects_locations_session_templates_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessionTemplates/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.sessionTemplates sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/batches/methods/projects_locations_batches_get + #/components/x-stackQL-resources/session_templates/methods/projects_locations_session_templates_get - $ref: >- - #/components/x-stackQL-resources/batches/methods/projects_locations_batches_list + #/components/x-stackQL-resources/session_templates/methods/projects_locations_session_templates_list insert: - $ref: >- - #/components/x-stackQL-resources/batches/methods/projects_locations_batches_create - update: [] + #/components/x-stackQL-resources/session_templates/methods/projects_locations_session_templates_create + update: + - $ref: >- + #/components/x-stackQL-resources/session_templates/methods/projects_locations_session_templates_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/batches/methods/projects_locations_batches_delete + #/components/x-stackQL-resources/session_templates/methods/projects_locations_session_templates_delete spark_applications: id: google.dataproc.spark_applications name: spark_applications title: Spark_applications methods: - projects_locations_batches_spark_applications_write: + projects_locations_sessions_spark_applications_search_stage_attempt_tasks: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:write/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:searchStageAttemptTasks/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_search: + projects_locations_sessions_spark_applications_access_sql_query: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications:search/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:accessSqlQuery/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_access: + projects_locations_sessions_spark_applications_access_environment_info: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:access/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:accessEnvironmentInfo/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_search_jobs: + projects_locations_sessions_spark_applications_search_executors: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:searchJobs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:searchExecutors/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_access_job: + projects_locations_sessions_spark_applications_search_jobs: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:accessJob/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:searchJobs/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_search_stages: + projects_locations_sessions_spark_applications_access_sql_plan: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:searchStages/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:accessSqlPlan/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_search_stage_attempts: + projects_locations_sessions_spark_applications_access_job: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:searchStageAttempts/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:accessJob/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_access_stage_attempt: + projects_locations_sessions_spark_applications_access: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:accessStageAttempt/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:access/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_search_stage_attempt_tasks: + projects_locations_sessions_spark_applications_search: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:searchStageAttemptTasks/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications:search/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_search_executors: + projects_locations_sessions_spark_applications_access_stage_rdd_graph: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:searchExecutors/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:accessStageRddGraph/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_search_executor_stage_summary: + projects_locations_sessions_spark_applications_write: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:searchExecutorStageSummary/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:write/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_search_sql_queries: + projects_locations_sessions_spark_applications_search_executor_stage_summary: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:searchSqlQueries/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:searchExecutorStageSummary/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_access_sql_query: + projects_locations_sessions_spark_applications_summarize_stage_attempt_tasks: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:accessSqlQuery/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:summarizeStageAttemptTasks/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_access_sql_plan: + projects_locations_sessions_spark_applications_summarize_executors: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:accessSqlPlan/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:summarizeExecutors/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_access_stage_rdd_graph: + projects_locations_sessions_spark_applications_summarize_stages: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:accessStageRddGraph/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:summarizeStages/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_access_environment_info: + projects_locations_sessions_spark_applications_search_sql_queries: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:accessEnvironmentInfo/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:searchSqlQueries/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_summarize_jobs: + projects_locations_sessions_spark_applications_summarize_jobs: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:summarizeJobs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:summarizeJobs/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_summarize_stages: + projects_locations_sessions_spark_applications_search_stages: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:summarizeStages/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:searchStages/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_summarize_stage_attempt_tasks: + projects_locations_sessions_spark_applications_access_stage_attempt: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:summarizeStageAttemptTasks/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:accessStageAttempt/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_batches_spark_applications_summarize_executors: + projects_locations_sessions_spark_applications_search_stage_attempts: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:summarizeExecutors/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:searchStageAttempts/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_write: + projects_locations_batches_spark_applications_search_executor_stage_summary: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:write/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:searchExecutorStageSummary/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_search: + projects_locations_batches_spark_applications_search_stage_attempts: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications:search/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:searchStageAttempts/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_access: + projects_locations_batches_spark_applications_summarize_stages: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:access/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:summarizeStages/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_search_jobs: + projects_locations_batches_spark_applications_search_sql_queries: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:searchJobs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:searchSqlQueries/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_access_job: + projects_locations_batches_spark_applications_access_stage_attempt: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:accessJob/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:accessStageAttempt/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_search_stages: + projects_locations_batches_spark_applications_search_stage_attempt_tasks: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:searchStages/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:searchStageAttemptTasks/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_search_stage_attempts: + projects_locations_batches_spark_applications_access_stage_rdd_graph: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:searchStageAttempts/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:accessStageRddGraph/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_access_stage_attempt: + projects_locations_batches_spark_applications_access: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:accessStageAttempt/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:access/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_search_stage_attempt_tasks: + projects_locations_batches_spark_applications_write: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:searchStageAttemptTasks/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:write/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_search_executors: + projects_locations_batches_spark_applications_search_jobs: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:searchExecutors/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:searchJobs/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_search_executor_stage_summary: + projects_locations_batches_spark_applications_search: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:searchExecutorStageSummary/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications:search/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_search_sql_queries: + projects_locations_batches_spark_applications_access_environment_info: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:searchSqlQueries/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:accessEnvironmentInfo/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_access_sql_query: + projects_locations_batches_spark_applications_search_executors: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:accessSqlQuery/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:searchExecutors/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_access_sql_plan: + projects_locations_batches_spark_applications_summarize_executors: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:accessSqlPlan/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:summarizeExecutors/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_access_stage_rdd_graph: + projects_locations_batches_spark_applications_access_sql_query: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:accessStageRddGraph/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:accessSqlQuery/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_access_environment_info: + projects_locations_batches_spark_applications_access_job: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:accessEnvironmentInfo/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:accessJob/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_summarize_jobs: + projects_locations_batches_spark_applications_access_sql_plan: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:summarizeJobs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:accessSqlPlan/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_summarize_stages: + projects_locations_batches_spark_applications_summarize_stage_attempt_tasks: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:summarizeStages/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:summarizeStageAttemptTasks/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_summarize_stage_attempt_tasks: + projects_locations_batches_spark_applications_summarize_jobs: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:summarizeStageAttemptTasks/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:summarizeJobs/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_spark_applications_summarize_executors: + projects_locations_batches_spark_applications_search_stages: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}~1sparkApplications~1{sparkApplicationsId}:summarizeExecutors/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}~1sparkApplications~1{sparkApplicationsId}:searchStages/get response: mediaType: application/json openAPIDocKey: '200' @@ -9103,28 +9140,28 @@ components: name: sessions title: Sessions methods: - projects_locations_sessions_create: + projects_locations_sessions_terminate: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}:terminate/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_list: + projects_locations_sessions_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sessions - projects_locations_sessions_get: + projects_locations_sessions_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.sessions projects_locations_sessions_delete: operation: $ref: >- @@ -9132,10 +9169,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sessions_terminate: + projects_locations_sessions_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}:terminate/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessions~1{sessionsId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -9153,82 +9190,203 @@ components: delete: - $ref: >- #/components/x-stackQL-resources/sessions/methods/projects_locations_sessions_delete - session_templates: - id: google.dataproc.session_templates - name: session_templates - title: Session_templates + batches: + id: google.dataproc.batches + name: batches + title: Batches methods: - projects_locations_session_templates_create: + projects_locations_batches_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessionTemplates/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_session_templates_list: + projects_locations_batches_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessionTemplates/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sessionTemplates - projects_locations_session_templates_patch: + objectKey: $.batches + projects_locations_batches_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessionTemplates~1{sessionTemplatesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_session_templates_get: + projects_locations_batches_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessionTemplates~1{sessionTemplatesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_session_templates_delete: + projects_locations_batches_analyze: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sessionTemplates~1{sessionTemplatesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1batches~1{batchesId}:analyze/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/session_templates/methods/projects_locations_session_templates_get + #/components/x-stackQL-resources/batches/methods/projects_locations_batches_get - $ref: >- - #/components/x-stackQL-resources/session_templates/methods/projects_locations_session_templates_list + #/components/x-stackQL-resources/batches/methods/projects_locations_batches_list insert: - $ref: >- - #/components/x-stackQL-resources/session_templates/methods/projects_locations_session_templates_create - update: - - $ref: >- - #/components/x-stackQL-resources/session_templates/methods/projects_locations_session_templates_patch + #/components/x-stackQL-resources/batches/methods/projects_locations_batches_create + update: [] replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/session_templates/methods/projects_locations_session_templates_delete + #/components/x-stackQL-resources/batches/methods/projects_locations_batches_delete paths: - /v1/projects/{projectsId}/regions/{regionsId}/operations: + /v1/projects/{projectsId}/regions/{regionsId}/workflowTemplates:instantiateInline: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/prettyPrint' + post: + description: >- + Instantiates a template and begins execution.This method is equivalent + to executing the sequence CreateWorkflowTemplate, + InstantiateWorkflowTemplate, DeleteWorkflowTemplate.The returned + Operation can be used to track execution of workflow by polling + operations.get. The Operation will complete when entire workflow is + finished.The running workflow can be aborted via operations.cancel. This + will cause any inflight jobs to be cancelled and workflow-owned clusters + to be deleted.The Operation.metadata will be WorkflowMetadata + (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#workflowmetadata). + Also see Using WorkflowMetadata + (https://cloud.google.com/dataproc/docs/concepts/workflows/debugging#using_workflowmetadata).On + successful completion, Operation.response will be Empty. + operationId: dataproc.projects.regions.workflowTemplates.instantiateInline + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowTemplate' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: regionsId + required: true + schema: + type: string + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/regions/{regionsId}/workflowTemplates/{workflowTemplatesId}: + parameters: *ref_1 + put: + description: >- + Updates (replaces) workflow template. The updated template must contain + version that matches the current server version. + operationId: dataproc.projects.regions.workflowTemplates.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowTemplate' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowTemplate' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: regionsId + required: true + schema: + type: string + - in: path + name: workflowTemplatesId + required: true + schema: + type: string + delete: + description: Deletes a workflow template. It does not cancel in-progress workflows. + operationId: dataproc.projects.regions.workflowTemplates.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: regionsId + required: true + schema: + type: string + - in: path + name: workflowTemplatesId + required: true + schema: + type: string + - in: query + name: version + schema: + type: integer + format: int32 get: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns UNIMPLEMENTED. - operationId: dataproc.projects.regions.operations.list + Retrieves the latest workflow template.Can retrieve previously + instantiated template by specifying optional version parameter. + operationId: dataproc.projects.regions.workflowTemplates.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9240,7 +9398,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/WorkflowTemplate' parameters: - in: path name: projectsId @@ -9252,27 +9410,31 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: workflowTemplatesId + required: true schema: type: string - in: query - name: pageSize + name: version schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/regions/{regionsId}/operations/{operationsId}: + /v1/projects/{projectsId}/regions/{regionsId}/workflowTemplates/{workflowTemplatesId}:testIamPermissions: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: dataproc.projects.regions.operations.get + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a NOT_FOUND error.Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: dataproc.projects.regions.workflowTemplates.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9284,7 +9446,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -9297,17 +9459,15 @@ paths: schema: type: string - in: path - name: operationsId + name: workflowTemplatesId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - google.rpc.Code.UNIMPLEMENTED. - operationId: dataproc.projects.regions.operations.delete + /v1/projects/{projectsId}/regions/{regionsId}/workflowTemplates: + parameters: *ref_1 + get: + description: Lists workflows that match the specified filter in the request. + operationId: dataproc.projects.regions.workflowTemplates.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9319,7 +9479,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListWorkflowTemplatesResponse' parameters: - in: path name: projectsId @@ -9331,25 +9491,23 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/operations/{operationsId}:cancel: - parameters: *ref_1 post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - google.rpc.Code.UNIMPLEMENTED. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - 1, corresponding to Code.CANCELLED. - operationId: dataproc.projects.regions.operations.cancel + description: Creates new workflow template. + operationId: dataproc.projects.regions.workflowTemplates.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowTemplate' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9361,7 +9519,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/WorkflowTemplate' parameters: - in: path name: projectsId @@ -9373,24 +9531,26 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/regions/{regionsId}/operations/{operationsId}:setIamPolicy: + /v1/projects/{projectsId}/regions/{regionsId}/workflowTemplates/{workflowTemplatesId}:instantiate: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and - PERMISSION_DENIED errors. - operationId: dataproc.projects.regions.operations.setIamPolicy + Instantiates a template and begins execution.The returned Operation can + be used to track execution of workflow by polling operations.get. The + Operation will complete when entire workflow is finished.The running + workflow can be aborted via operations.cancel. This will cause any + inflight jobs to be cancelled and workflow-owned clusters to be + deleted.The Operation.metadata will be WorkflowMetadata + (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#workflowmetadata). + Also see Using WorkflowMetadata + (https://cloud.google.com/dataproc/docs/concepts/workflows/debugging#using_workflowmetadata).On + successful completion, Operation.response will be Empty. + operationId: dataproc.projects.regions.workflowTemplates.instantiate requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/InstantiateWorkflowTemplateRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9402,7 +9562,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9415,17 +9575,17 @@ paths: schema: type: string - in: path - name: operationsId + name: workflowTemplatesId required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/operations/{operationsId}:getIamPolicy: + /v1/projects/{projectsId}/regions/{regionsId}/workflowTemplates/{workflowTemplatesId}:getIamPolicy: parameters: *ref_1 post: description: >- Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. - operationId: dataproc.projects.regions.operations.getIamPolicy + operationId: dataproc.projects.regions.workflowTemplates.getIamPolicy requestBody: content: application/json: @@ -9455,25 +9615,23 @@ paths: schema: type: string - in: path - name: operationsId + name: workflowTemplatesId required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/operations/{operationsId}:testIamPermissions: + /v1/projects/{projectsId}/regions/{regionsId}/workflowTemplates/{workflowTemplatesId}:setIamPolicy: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a NOT_FOUND error.Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: dataproc.projects.regions.operations.testIamPermissions + Sets the access control policy on the specified resource. Replaces any + existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and + PERMISSION_DENIED errors. + operationId: dataproc.projects.regions.workflowTemplates.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9485,7 +9643,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -9498,20 +9656,25 @@ paths: schema: type: string - in: path - name: operationsId + name: workflowTemplatesId required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/autoscalingPolicies: + /v1/projects/{projectId}/regions/{region}/jobs/{jobId}:cancel: parameters: *ref_1 post: - description: Creates new autoscaling policy. - operationId: dataproc.projects.regions.autoscalingPolicies.create + description: >- + Starts a job cancellation request. To access the job resource after + cancellation, call regions/{region}/jobs.list + (https://cloud.google.com/dataproc/docs/reference/rest/v1/projects.regions.jobs/list) + or regions/{region}/jobs.get + (https://cloud.google.com/dataproc/docs/reference/rest/v1/projects.regions.jobs/get). + operationId: dataproc.projects.regions.jobs.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/AutoscalingPolicy' + $ref: '#/components/schemas/CancelJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9523,21 +9686,38 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AutoscalingPolicy' + $ref: '#/components/schemas/Job' parameters: - in: path - name: projectsId + name: projectId required: true schema: type: string - in: path - name: regionsId + name: region required: true schema: type: string - get: - description: Lists autoscaling policies in the project. - operationId: dataproc.projects.regions.autoscalingPolicies.list + - in: path + name: jobId + required: true + schema: + type: string + /v1/projects/{projectsId}/regions/{regionsId}/jobs/{jobsId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a NOT_FOUND error.Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: dataproc.projects.regions.jobs.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9549,7 +9729,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAutoscalingPoliciesResponse' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -9561,27 +9741,24 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: jobsId + required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/autoscalingPolicies/{autoscalingPoliciesId}: + /v1/projects/{projectsId}/regions/{regionsId}/jobs/{jobsId}:setIamPolicy: parameters: *ref_1 - put: + post: description: >- - Updates (replaces) autoscaling policy.Disabled check for update_mask, - because all updates will be full replacements. - operationId: dataproc.projects.regions.autoscalingPolicies.update + Sets the access control policy on the specified resource. Replaces any + existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and + PERMISSION_DENIED errors. + operationId: dataproc.projects.regions.jobs.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/AutoscalingPolicy' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9593,7 +9770,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AutoscalingPolicy' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -9606,13 +9783,20 @@ paths: schema: type: string - in: path - name: autoscalingPoliciesId + name: jobsId required: true schema: type: string - get: - description: Retrieves autoscaling policy. - operationId: dataproc.projects.regions.autoscalingPolicies.get + /v1/projects/{projectId}/regions/{region}/jobs:submit: + parameters: *ref_1 + post: + description: Submits a job to a cluster. + operationId: dataproc.projects.regions.jobs.submit + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SubmitJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9624,28 +9808,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AutoscalingPolicy' + $ref: '#/components/schemas/Job' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: regionsId + name: projectId required: true schema: type: string - in: path - name: autoscalingPoliciesId + name: region required: true schema: type: string + /v1/projects/{projectId}/regions/{region}/jobs/{jobId}: + parameters: *ref_1 delete: description: >- - Deletes an autoscaling policy. It is an error to delete an autoscaling - policy that is in use by one or more clusters. - operationId: dataproc.projects.regions.autoscalingPolicies.delete + Deletes the job from the project. If the job is active, the delete + fails, and the response returns FAILED_PRECONDITION. + operationId: dataproc.projects.regions.jobs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9660,33 +9841,28 @@ paths: $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId + name: projectId required: true schema: type: string - in: path - name: regionsId + name: region required: true schema: type: string - in: path - name: autoscalingPoliciesId + name: jobId required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/autoscalingPolicies/{autoscalingPoliciesId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and - PERMISSION_DENIED errors. - operationId: dataproc.projects.regions.autoscalingPolicies.setIamPolicy + patch: + description: Updates a job in a project. + operationId: dataproc.projects.regions.jobs.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/Job' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9698,35 +9874,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Job' parameters: - in: path - name: projectsId + name: projectId required: true schema: type: string - in: path - name: regionsId + name: region required: true schema: type: string - in: path - name: autoscalingPoliciesId + name: jobId required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/autoscalingPolicies/{autoscalingPoliciesId}:getIamPolicy: - parameters: *ref_1 - post: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: dataproc.projects.regions.autoscalingPolicies.getIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets the resource representation for a job in a project. + operationId: dataproc.projects.regions.jobs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9738,38 +9910,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Job' parameters: - in: path - name: projectsId + name: projectId required: true schema: type: string - in: path - name: regionsId + name: region required: true schema: type: string - in: path - name: autoscalingPoliciesId + name: jobId required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/autoscalingPolicies/{autoscalingPoliciesId}:testIamPermissions: + /v1/projects/{projectsId}/regions/{regionsId}/jobs/{jobsId}:getIamPolicy: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a NOT_FOUND error.Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: dataproc.projects.regions.autoscalingPolicies.testIamPermissions + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: dataproc.projects.regions.jobs.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9781,7 +9950,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -9794,23 +9963,15 @@ paths: schema: type: string - in: path - name: autoscalingPoliciesId + name: jobsId required: true schema: type: string - /v1/projects/{projectId}/regions/{region}/clusters: + /v1/projects/{projectId}/regions/{region}/jobs: parameters: *ref_1 - post: - description: >- - Creates a cluster in a project. The returned Operation.metadata will be - ClusterOperationMetadata - (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#clusteroperationmetadata). - operationId: dataproc.projects.regions.clusters.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Cluster' + get: + description: Lists regions/{region}/jobs in a project. + operationId: dataproc.projects.regions.jobs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9822,7 +9983,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListJobsResponse' parameters: - in: path name: projectId @@ -9835,16 +9996,36 @@ paths: schema: type: string - in: query - name: requestId + name: clusterName schema: type: string - in: query - name: actionOnFailedPrimaryWorkers + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - get: - description: Lists all regions/{region}/clusters in a project alphabetically. - operationId: dataproc.projects.regions.clusters.list + - in: query + name: filter + schema: + type: string + - in: query + name: jobStateMatcher + schema: + type: string + /v1/projects/{projectId}/regions/{region}/jobs:submitAsOperation: + parameters: *ref_1 + post: + description: Submits job to a cluster. + operationId: dataproc.projects.regions.jobs.submitAsOperation + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SubmitJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9856,7 +10037,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListClustersResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectId @@ -9868,33 +10049,18 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectId}/regions/{region}/clusters/{clusterName}: + /v1/projects/{projectsId}/regions/{regionsId}/autoscalingPolicies/{autoscalingPoliciesId}: parameters: *ref_1 - patch: + put: description: >- - Updates a cluster in a project. The returned Operation.metadata will be - ClusterOperationMetadata - (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#clusteroperationmetadata). - The cluster must be in a RUNNING state or an error is returned. - operationId: dataproc.projects.regions.clusters.patch + Updates (replaces) autoscaling policy.Disabled check for update_mask, + because all updates will be full replacements. + operationId: dataproc.projects.regions.autoscalingPolicies.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/Cluster' + $ref: '#/components/schemas/AutoscalingPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9906,43 +10072,59 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/AutoscalingPolicy' parameters: - in: path - name: projectId + name: projectsId required: true schema: type: string - in: path - name: region + name: regionsId required: true schema: type: string - in: path - name: clusterName + name: autoscalingPoliciesId required: true schema: type: string - - in: query - name: gracefulDecommissionTimeout + get: + description: Retrieves autoscaling policy. + operationId: dataproc.projects.regions.autoscalingPolicies.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/AutoscalingPolicy' + parameters: + - in: path + name: projectsId + required: true schema: type: string - format: google-duration - - in: query - name: updateMask + - in: path + name: regionsId + required: true schema: type: string - format: google-fieldmask - - in: query - name: requestId + - in: path + name: autoscalingPoliciesId + required: true schema: type: string delete: description: >- - Deletes a cluster in a project. The returned Operation.metadata will be - ClusterOperationMetadata - (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#clusteroperationmetadata). - operationId: dataproc.projects.regions.clusters.delete + Deletes an autoscaling policy. It is an error to delete an autoscaling + policy that is in use by one or more clusters. + operationId: dataproc.projects.regions.autoscalingPolicies.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9954,39 +10136,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectId + name: projectsId required: true schema: type: string - in: path - name: region + name: regionsId required: true schema: type: string - in: path - name: clusterName + name: autoscalingPoliciesId required: true schema: type: string - - in: query - name: clusterUuid - schema: - type: string - - in: query - name: requestId - schema: - type: string - - in: query - name: gracefulTerminationTimeout - schema: - type: string - format: google-duration + /v1/projects/{projectsId}/regions/{regionsId}/autoscalingPolicies: + parameters: *ref_1 get: - description: Gets the resource representation for a cluster in a project. - operationId: dataproc.projects.regions.clusters.get + description: Lists autoscaling policies in the project. + operationId: dataproc.projects.regions.autoscalingPolicies.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9998,33 +10169,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Cluster' + $ref: '#/components/schemas/ListAutoscalingPoliciesResponse' parameters: - in: path - name: projectId + name: projectsId required: true schema: type: string - in: path - name: region + name: regionsId required: true schema: type: string - - in: path - name: clusterName - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectId}/regions/{region}/clusters/{clusterName}:stop: - parameters: *ref_1 post: - description: Stops a cluster in a project. - operationId: dataproc.projects.regions.clusters.stop + description: Creates new autoscaling policy. + operationId: dataproc.projects.regions.autoscalingPolicies.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/StopClusterRequest' + $ref: '#/components/schemas/AutoscalingPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10036,33 +10209,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/AutoscalingPolicy' parameters: - in: path - name: projectId - required: true - schema: - type: string - - in: path - name: region + name: projectsId required: true schema: type: string - in: path - name: clusterName + name: regionsId required: true schema: type: string - /v1/projects/{projectId}/regions/{region}/clusters/{clusterName}:start: + /v1/projects/{projectsId}/regions/{regionsId}/autoscalingPolicies/{autoscalingPoliciesId}:getIamPolicy: parameters: *ref_1 post: - description: Starts a cluster in a project. - operationId: dataproc.projects.regions.clusters.start + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: dataproc.projects.regions.autoscalingPolicies.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/StartClusterRequest' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10074,33 +10244,38 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: projectId + name: projectsId required: true schema: type: string - in: path - name: region + name: regionsId required: true schema: type: string - in: path - name: clusterName + name: autoscalingPoliciesId required: true schema: type: string - /v1/projects/{projectId}/regions/{region}/clusters/{clusterName}:repair: + /v1/projects/{projectsId}/regions/{regionsId}/autoscalingPolicies/{autoscalingPoliciesId}:testIamPermissions: parameters: *ref_1 post: - description: Repairs a cluster. - operationId: dataproc.projects.regions.clusters.repair + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a NOT_FOUND error.Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: dataproc.projects.regions.autoscalingPolicies.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/RepairClusterRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10112,39 +10287,36 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path - name: projectId + name: projectsId required: true schema: type: string - in: path - name: region + name: regionsId required: true schema: type: string - in: path - name: clusterName + name: autoscalingPoliciesId required: true schema: type: string - /v1/projects/{projectId}/regions/{region}/clusters/{clusterName}:diagnose: + /v1/projects/{projectsId}/regions/{regionsId}/autoscalingPolicies/{autoscalingPoliciesId}:setIamPolicy: parameters: *ref_1 post: description: >- - Gets cluster diagnostic information. The returned Operation.metadata - will be ClusterOperationMetadata - (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#clusteroperationmetadata). - After the operation completes, Operation.response contains - DiagnoseClusterResults - (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#diagnoseclusterresults). - operationId: dataproc.projects.regions.clusters.diagnose + Sets the access control policy on the specified resource. Replaces any + existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and + PERMISSION_DENIED errors. + operationId: dataproc.projects.regions.autoscalingPolicies.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/DiagnoseClusterRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10156,36 +10328,36 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: projectId + name: projectsId required: true schema: type: string - in: path - name: region + name: regionsId required: true schema: type: string - in: path - name: clusterName + name: autoscalingPoliciesId required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/clusters/{clustersId}:injectCredentials: + /v1/projects/{projectId}/regions/{region}/clusters: parameters: *ref_1 post: description: >- - Inject encrypted credentials into all of the VMs in a cluster.The target - cluster must be a personal auth cluster assigned to the user who is - issuing the RPC. - operationId: dataproc.projects.regions.clusters.injectCredentials + Creates a cluster in a project. The returned Operation.metadata will be + ClusterOperationMetadata + (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#clusteroperationmetadata). + operationId: dataproc.projects.regions.clusters.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/InjectCredentialsRequest' + $ref: '#/components/schemas/Cluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10200,33 +10372,26 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: projectId required: true schema: type: string - in: path - name: regionsId + name: region required: true schema: type: string - - in: path - name: clustersId - required: true + - in: query + name: actionOnFailedPrimaryWorkers schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/clusters/{clustersId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and - PERMISSION_DENIED errors. - operationId: dataproc.projects.regions.clusters.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + - in: query + name: requestId + schema: + type: string + get: + description: Lists all regions/{region}/clusters in a project alphabetically. + operationId: dataproc.projects.regions.clusters.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10238,35 +10403,44 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListClustersResponse' parameters: - in: path - name: projectsId + name: projectId required: true schema: type: string - in: path - name: regionsId + name: region required: true schema: type: string - - in: path - name: clustersId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/clusters/{clustersId}:getIamPolicy: + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/regions/{regionsId}/clusters/{clustersId}:setIamPolicy: parameters: *ref_1 post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: dataproc.projects.regions.clusters.getIamPolicy + Sets the access control policy on the specified resource. Replaces any + existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and + PERMISSION_DENIED errors. + operationId: dataproc.projects.regions.clusters.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10338,19 +10512,14 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/clusters/{clustersId}/nodeGroups: + /v1/projects/{projectId}/regions/{region}/clusters/{clusterName}: parameters: *ref_1 - post: + delete: description: >- - Creates a node group in a cluster. The returned Operation.metadata is - NodeGroupOperationMetadata - (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#nodegroupoperationmetadata). - operationId: dataproc.projects.regions.clusters.nodeGroups.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/NodeGroup' + Deletes a cluster in a project. The returned Operation.metadata will be + ClusterOperationMetadata + (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#clusteroperationmetadata). + operationId: dataproc.projects.regions.clusters.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10365,45 +10534,76 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: projectId required: true schema: type: string - in: path - name: regionsId + name: region required: true schema: type: string - in: path - name: clustersId + name: clusterName required: true schema: type: string - in: query - name: nodeGroupId + name: clusterUuid schema: type: string - in: query - name: requestId + name: gracefulTerminationTimeout schema: type: string + format: google-duration - in: query - name: parentOperationId + name: requestId schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/clusters/{clustersId}/nodeGroups/{nodeGroupsId}:resize: - parameters: *ref_1 - post: + get: + description: Gets the resource representation for a cluster in a project. + operationId: dataproc.projects.regions.clusters.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Cluster' + parameters: + - in: path + name: projectId + required: true + schema: + type: string + - in: path + name: region + required: true + schema: + type: string + - in: path + name: clusterName + required: true + schema: + type: string + patch: description: >- - Resizes a node group in a cluster. The returned Operation.metadata is - NodeGroupOperationMetadata - (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#nodegroupoperationmetadata). - operationId: dataproc.projects.regions.clusters.nodeGroups.resize + Updates a cluster in a project. The returned Operation.metadata will be + ClusterOperationMetadata + (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#clusteroperationmetadata). + The cluster must be in a RUNNING state or an error is returned. + operationId: dataproc.projects.regions.clusters.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/ResizeNodeGroupRequest' + $ref: '#/components/schemas/Cluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10418,35 +10618,44 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: projectId required: true schema: type: string - in: path - name: regionsId + name: region required: true schema: type: string - in: path - name: clustersId + name: clusterName required: true schema: type: string - - in: path - name: nodeGroupsId - required: true + - in: query + name: requestId schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/clusters/{clustersId}/nodeGroups/{nodeGroupsId}:repair: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: gracefulDecommissionTimeout + schema: + type: string + format: google-duration + /v1/projects/{projectId}/regions/{region}/clusters/{clusterName}:start: parameters: *ref_1 post: - description: Repair nodes in a node group. - operationId: dataproc.projects.regions.clusters.nodeGroups.repair + description: Starts a cluster in a project. + operationId: dataproc.projects.regions.clusters.start requestBody: content: application/json: schema: - $ref: '#/components/schemas/RepairNodeGroupRequest' + $ref: '#/components/schemas/StartClusterRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10461,30 +10670,32 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: regionsId + name: projectId required: true schema: type: string - in: path - name: clustersId + name: region required: true schema: type: string - in: path - name: nodeGroupsId + name: clusterName required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/clusters/{clustersId}/nodeGroups/{nodeGroupsId}: - parameters: *ref_1 - get: - description: Gets the resource representation for a node group in a cluster. - operationId: dataproc.projects.regions.clusters.nodeGroups.get + /v1/projects/{projectsId}/regions/{regionsId}/clusters/{clustersId}:getIamPolicy: + parameters: *ref_1 + post: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: dataproc.projects.regions.clusters.getIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10496,7 +10707,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NodeGroup' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -10513,21 +10724,16 @@ paths: required: true schema: type: string - - in: path - name: nodeGroupsId - required: true - schema: - type: string - /v1/projects/{projectId}/regions/{region}/jobs:submit: + /v1/projects/{projectId}/regions/{region}/clusters/{clusterName}:stop: parameters: *ref_1 post: - description: Submits a job to a cluster. - operationId: dataproc.projects.regions.jobs.submit + description: Stops a cluster in a project. + operationId: dataproc.projects.regions.clusters.stop requestBody: content: application/json: schema: - $ref: '#/components/schemas/SubmitJobRequest' + $ref: '#/components/schemas/StopClusterRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10539,7 +10745,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Job' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectId @@ -10551,16 +10757,21 @@ paths: required: true schema: type: string - /v1/projects/{projectId}/regions/{region}/jobs:submitAsOperation: + - in: path + name: clusterName + required: true + schema: + type: string + /v1/projects/{projectId}/regions/{region}/clusters/{clusterName}:repair: parameters: *ref_1 post: - description: Submits job to a cluster. - operationId: dataproc.projects.regions.jobs.submitAsOperation + description: Repairs a cluster. + operationId: dataproc.projects.regions.clusters.repair requestBody: content: application/json: schema: - $ref: '#/components/schemas/SubmitJobRequest' + $ref: '#/components/schemas/RepairClusterRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10584,11 +10795,24 @@ paths: required: true schema: type: string - /v1/projects/{projectId}/regions/{region}/jobs/{jobId}: + - in: path + name: clusterName + required: true + schema: + type: string + /v1/projects/{projectsId}/regions/{regionsId}/clusters/{clustersId}:injectCredentials: parameters: *ref_1 - get: - description: Gets the resource representation for a job in a project. - operationId: dataproc.projects.regions.jobs.get + post: + description: >- + Inject encrypted credentials into all of the VMs in a cluster.The target + cluster must be a personal auth cluster assigned to the user who is + issuing the RPC. + operationId: dataproc.projects.regions.clusters.injectCredentials + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InjectCredentialsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10600,31 +10824,39 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Job' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectId + name: projectsId required: true schema: type: string - in: path - name: region + name: regionsId required: true schema: type: string - in: path - name: jobId + name: clustersId required: true schema: type: string - patch: - description: Updates a job in a project. - operationId: dataproc.projects.regions.jobs.patch + /v1/projects/{projectId}/regions/{region}/clusters/{clusterName}:diagnose: + parameters: *ref_1 + post: + description: >- + Gets cluster diagnostic information. The returned Operation.metadata + will be ClusterOperationMetadata + (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#clusteroperationmetadata). + After the operation completes, Operation.response contains + DiagnoseClusterResults + (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#diagnoseclusterresults). + operationId: dataproc.projects.regions.clusters.diagnose requestBody: content: application/json: schema: - $ref: '#/components/schemas/Job' + $ref: '#/components/schemas/DiagnoseClusterRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10636,7 +10868,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Job' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectId @@ -10649,20 +10881,23 @@ paths: schema: type: string - in: path - name: jobId + name: clusterName required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: + /v1/projects/{projectsId}/regions/{regionsId}/clusters/{clustersId}/nodeGroups/{nodeGroupsId}:resize: + parameters: *ref_1 + post: description: >- - Deletes the job from the project. If the job is active, the delete - fails, and the response returns FAILED_PRECONDITION. - operationId: dataproc.projects.regions.jobs.delete + Resizes a node group in a cluster. The returned Operation.metadata is + NodeGroupOperationMetadata + (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#nodegroupoperationmetadata). + operationId: dataproc.projects.regions.clusters.nodeGroups.resize + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ResizeNodeGroupRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10674,28 +10909,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectId + name: projectsId required: true schema: type: string - in: path - name: region + name: regionsId required: true schema: type: string - in: path - name: jobId + name: clustersId required: true schema: type: string - /v1/projects/{projectId}/regions/{region}/jobs: + - in: path + name: nodeGroupsId + required: true + schema: + type: string + /v1/projects/{projectsId}/regions/{regionsId}/clusters/{clustersId}/nodeGroups/{nodeGroupsId}: parameters: *ref_1 get: - description: Lists regions/{region}/jobs in a project. - operationId: dataproc.projects.regions.jobs.list + description: Gets the resource representation for a node group in a cluster. + operationId: dataproc.projects.regions.clusters.nodeGroups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10707,54 +10947,38 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListJobsResponse' + $ref: '#/components/schemas/NodeGroup' parameters: - in: path - name: projectId + name: projectsId required: true schema: type: string - in: path - name: region + name: regionsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: clusterName - schema: - type: string - - in: query - name: jobStateMatcher + - in: path + name: clustersId + required: true schema: type: string - - in: query - name: filter + - in: path + name: nodeGroupsId + required: true schema: type: string - /v1/projects/{projectId}/regions/{region}/jobs/{jobId}:cancel: + /v1/projects/{projectsId}/regions/{regionsId}/clusters/{clustersId}/nodeGroups/{nodeGroupsId}:repair: parameters: *ref_1 post: - description: >- - Starts a job cancellation request. To access the job resource after - cancellation, call regions/{region}/jobs.list - (https://cloud.google.com/dataproc/docs/reference/rest/v1/projects.regions.jobs/list) - or regions/{region}/jobs.get - (https://cloud.google.com/dataproc/docs/reference/rest/v1/projects.regions.jobs/get). - operationId: dataproc.projects.regions.jobs.cancel + description: Repair nodes in a node group. + operationId: dataproc.projects.regions.clusters.nodeGroups.repair requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelJobRequest' + $ref: '#/components/schemas/RepairNodeGroupRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10766,36 +10990,41 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Job' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectId + name: projectsId required: true schema: type: string - in: path - name: region + name: regionsId required: true schema: type: string - in: path - name: jobId + name: clustersId required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/jobs/{jobsId}:setIamPolicy: + - in: path + name: nodeGroupsId + required: true + schema: + type: string + /v1/projects/{projectsId}/regions/{regionsId}/clusters/{clustersId}/nodeGroups: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and - PERMISSION_DENIED errors. - operationId: dataproc.projects.regions.jobs.setIamPolicy + Creates a node group in a cluster. The returned Operation.metadata is + NodeGroupOperationMetadata + (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#nodegroupoperationmetadata). + operationId: dataproc.projects.regions.clusters.nodeGroups.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/NodeGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10807,7 +11036,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -10820,17 +11049,29 @@ paths: schema: type: string - in: path - name: jobsId + name: clustersId required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/jobs/{jobsId}:getIamPolicy: + - in: query + name: requestId + schema: + type: string + - in: query + name: nodeGroupId + schema: + type: string + - in: query + name: parentOperationId + schema: + type: string + /v1/projects/{projectsId}/regions/{regionsId}/operations/{operationsId}:getIamPolicy: parameters: *ref_1 post: description: >- Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. - operationId: dataproc.projects.regions.jobs.getIamPolicy + operationId: dataproc.projects.regions.operations.getIamPolicy requestBody: content: application/json: @@ -10860,25 +11101,23 @@ paths: schema: type: string - in: path - name: jobsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/jobs/{jobsId}:testIamPermissions: + /v1/projects/{projectsId}/regions/{regionsId}/operations/{operationsId}:setIamPolicy: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a NOT_FOUND error.Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: dataproc.projects.regions.jobs.testIamPermissions + Sets the access control policy on the specified resource. Replaces any + existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and + PERMISSION_DENIED errors. + operationId: dataproc.projects.regions.operations.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10890,7 +11129,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -10903,20 +11142,18 @@ paths: schema: type: string - in: path - name: jobsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/workflowTemplates: + /v1/projects/{projectsId}/regions/{regionsId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Creates new workflow template. - operationId: dataproc.projects.regions.workflowTemplates.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/WorkflowTemplate' + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: dataproc.projects.regions.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10928,7 +11165,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WorkflowTemplate' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -10940,9 +11177,18 @@ paths: required: true schema: type: string - get: - description: Lists workflows that match the specified filter in the request. - operationId: dataproc.projects.regions.workflowTemplates.list + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + google.rpc.Code.UNIMPLEMENTED. + operationId: dataproc.projects.regions.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10954,7 +11200,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListWorkflowTemplatesResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -10966,22 +11212,18 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/workflowTemplates/{workflowTemplatesId}: + /v1/projects/{projectsId}/regions/{regionsId}/operations: parameters: *ref_1 get: description: >- - Retrieves the latest workflow template.Can retrieve previously - instantiated template by specifying optional version parameter. - operationId: dataproc.projects.regions.workflowTemplates.get + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns UNIMPLEMENTED. + operationId: dataproc.projects.regions.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10993,7 +11235,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WorkflowTemplate' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -11005,26 +11247,38 @@ paths: required: true schema: type: string - - in: path - name: workflowTemplatesId - required: true - schema: - type: string - in: query - name: version + name: pageSize schema: type: integer format: int32 - put: + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/regions/{regionsId}/operations/{operationsId}:testIamPermissions: + parameters: *ref_1 + post: description: >- - Updates (replaces) workflow template. The updated template must contain - version that matches the current server version. - operationId: dataproc.projects.regions.workflowTemplates.update + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a NOT_FOUND error.Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: dataproc.projects.regions.operations.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/WorkflowTemplate' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11036,7 +11290,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WorkflowTemplate' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -11049,13 +11303,24 @@ paths: schema: type: string - in: path - name: workflowTemplatesId + name: operationsId required: true schema: type: string - delete: - description: Deletes a workflow template. It does not cancel in-progress workflows. - operationId: dataproc.projects.regions.workflowTemplates.delete + /v1/projects/{projectsId}/regions/{regionsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + google.rpc.Code.UNIMPLEMENTED. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + 1, corresponding to Code.CANCELLED. + operationId: dataproc.projects.regions.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11080,35 +11345,15 @@ paths: schema: type: string - in: path - name: workflowTemplatesId + name: operationsId required: true schema: type: string - - in: query - name: version - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/regions/{regionsId}/workflowTemplates/{workflowTemplatesId}:instantiate: + /v1/projects/{projectsId}/locations/{locationsId}/sessionTemplates/{sessionTemplatesId}: parameters: *ref_1 - post: - description: >- - Instantiates a template and begins execution.The returned Operation can - be used to track execution of workflow by polling operations.get. The - Operation will complete when entire workflow is finished.The running - workflow can be aborted via operations.cancel. This will cause any - inflight jobs to be cancelled and workflow-owned clusters to be - deleted.The Operation.metadata will be WorkflowMetadata - (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#workflowmetadata). - Also see Using WorkflowMetadata - (https://cloud.google.com/dataproc/docs/concepts/workflows/debugging#using_workflowmetadata).On - successful completion, Operation.response will be Empty. - operationId: dataproc.projects.regions.workflowTemplates.instantiate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InstantiateWorkflowTemplateRequest' + get: + description: Gets the resource representation for a session template. + operationId: dataproc.projects.locations.sessionTemplates.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11120,7 +11365,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/SessionTemplate' parameters: - in: path name: projectsId @@ -11128,37 +11373,23 @@ paths: schema: type: string - in: path - name: regionsId + name: locationsId required: true schema: type: string - in: path - name: workflowTemplatesId + name: sessionTemplatesId required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/workflowTemplates:instantiateInline: - parameters: *ref_1 - post: - description: >- - Instantiates a template and begins execution.This method is equivalent - to executing the sequence CreateWorkflowTemplate, - InstantiateWorkflowTemplate, DeleteWorkflowTemplate.The returned - Operation can be used to track execution of workflow by polling - operations.get. The Operation will complete when entire workflow is - finished.The running workflow can be aborted via operations.cancel. This - will cause any inflight jobs to be cancelled and workflow-owned clusters - to be deleted.The Operation.metadata will be WorkflowMetadata - (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#workflowmetadata). - Also see Using WorkflowMetadata - (https://cloud.google.com/dataproc/docs/concepts/workflows/debugging#using_workflowmetadata).On - successful completion, Operation.response will be Empty. - operationId: dataproc.projects.regions.workflowTemplates.instantiateInline + patch: + description: Updates the session template synchronously. + operationId: dataproc.projects.locations.sessionTemplates.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/WorkflowTemplate' + $ref: '#/components/schemas/SessionTemplate' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11170,7 +11401,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/SessionTemplate' parameters: - in: path name: projectsId @@ -11178,27 +11409,18 @@ paths: schema: type: string - in: path - name: regionsId + name: locationsId required: true schema: type: string - - in: query - name: requestId + - in: path + name: sessionTemplatesId + required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/workflowTemplates/{workflowTemplatesId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and - PERMISSION_DENIED errors. - operationId: dataproc.projects.regions.workflowTemplates.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + delete: + description: Deletes a session template. + operationId: dataproc.projects.locations.sessionTemplates.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11210,7 +11432,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -11218,27 +11440,25 @@ paths: schema: type: string - in: path - name: regionsId + name: locationsId required: true schema: type: string - in: path - name: workflowTemplatesId + name: sessionTemplatesId required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/workflowTemplates/{workflowTemplatesId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/sessionTemplates: parameters: *ref_1 post: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: dataproc.projects.regions.workflowTemplates.getIamPolicy + description: Create a session template synchronously. + operationId: dataproc.projects.locations.sessionTemplates.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/SessionTemplate' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11250,7 +11470,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/SessionTemplate' parameters: - in: path name: projectsId @@ -11258,30 +11478,13 @@ paths: schema: type: string - in: path - name: regionsId - required: true - schema: - type: string - - in: path - name: workflowTemplatesId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/regions/{regionsId}/workflowTemplates/{workflowTemplatesId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a NOT_FOUND error.Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: dataproc.projects.regions.workflowTemplates.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + get: + description: Lists session templates. + operationId: dataproc.projects.locations.sessionTemplates.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11293,7 +11496,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ListSessionTemplatesResponse' parameters: - in: path name: projectsId @@ -11301,22 +11504,31 @@ paths: schema: type: string - in: path - name: regionsId + name: locationsId required: true schema: type: string - - in: path - name: workflowTemplatesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:searchStageAttemptTasks: parameters: *ref_1 get: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns UNIMPLEMENTED. - operationId: dataproc.projects.locations.operations.list + Obtain data corresponding to tasks for a spark stage attempt for a Spark + Application. + operationId: >- + dataproc.projects.locations.sessions.sparkApplications.searchStageAttemptTasks security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11328,20 +11540,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: >- + #/components/schemas/SearchSessionSparkApplicationStageAttemptTasksResponse parameters: - in: path - name: projectsId + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: sessionsId required: true schema: type: string - in: path - name: locationsId + name: sparkApplicationsId required: true schema: type: string - in: query - name: filter + name: parent + schema: + type: string + - in: query + name: pageToken schema: type: string - in: query @@ -11350,17 +11577,30 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: taskStatus schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + - in: query + name: sortRuntime + schema: + type: boolean + - in: query + name: stageId + schema: + type: string + format: int64 + - in: query + name: stageAttemptId + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:accessSqlQuery: parameters: *ref_1 get: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: dataproc.projects.locations.operations.get + Obtain data corresponding to a particular SQL Query for a Spark + Application. + operationId: dataproc.projects.locations.sessions.sparkApplications.accessSqlQuery security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11372,7 +11612,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: >- + #/components/schemas/AccessSessionSparkApplicationSqlQueryResponse parameters: - in: path name: projectsId @@ -11385,59 +11626,38 @@ paths: schema: type: string - in: path - name: operationsId + name: sessionsId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - google.rpc.Code.UNIMPLEMENTED. - operationId: dataproc.projects.locations.operations.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Empty' - parameters: - in: path - name: projectsId + name: sparkApplicationsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: parent schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: planDescription + schema: + type: boolean + - in: query + name: details + schema: + type: boolean + - in: query + name: executionId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + format: int64 + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:accessEnvironmentInfo: parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - google.rpc.Code.UNIMPLEMENTED. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - 1, corresponding to Code.CANCELLED. - operationId: dataproc.projects.locations.operations.cancel + get: + description: Obtain environment details for a Spark Application + operationId: >- + dataproc.projects.locations.sessions.sparkApplications.accessEnvironmentInfo security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11449,7 +11669,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: >- + #/components/schemas/AccessSessionSparkApplicationEnvironmentInfoResponse parameters: - in: path name: projectsId @@ -11462,20 +11683,24 @@ paths: schema: type: string - in: path - name: operationsId + name: sessionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}:analyze: + - in: path + name: sparkApplicationsId + required: true + schema: + type: string + - in: query + name: parent + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:searchExecutors: parameters: *ref_1 - post: - description: Analyze a Batch for possible recommendations and insights. - operationId: dataproc.projects.locations.batches.analyze - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AnalyzeBatchRequest' + get: + description: Obtain data corresponding to executors for a Spark Application. + operationId: dataproc.projects.locations.sessions.sparkApplications.searchExecutors security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11487,7 +11712,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: >- + #/components/schemas/SearchSessionSparkApplicationExecutorsResponse parameters: - in: path name: projectsId @@ -11500,54 +11726,37 @@ paths: schema: type: string - in: path - name: batchesId + name: sessionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/batches: - parameters: *ref_1 - post: - description: Creates a batch workload that executes asynchronously. - operationId: dataproc.projects.locations.batches.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Batch' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - in: path - name: projectsId + name: sparkApplicationsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: parent schema: type: string - in: query - name: batchId + name: pageToken schema: type: string - in: query - name: requestId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: executorStatus schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:searchJobs: + parameters: *ref_1 get: - description: Lists batch workloads. - operationId: dataproc.projects.locations.batches.list + description: Obtain list of spark jobs corresponding to a Spark Application. + operationId: dataproc.projects.locations.sessions.sparkApplications.searchJobs security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11559,7 +11768,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBatchesResponse' + $ref: '#/components/schemas/SearchSessionSparkApplicationJobsResponse' parameters: - in: path name: projectsId @@ -11571,28 +11780,45 @@ paths: required: true schema: type: string + - in: path + name: sessionsId + required: true + schema: + type: string + - in: path + name: sparkApplicationsId + required: true + schema: + type: string - in: query - name: pageSize + name: jobIds schema: - type: integer - format: int32 + type: string + format: int64 - in: query name: pageToken schema: type: string - in: query - name: filter + name: parent schema: type: string - in: query - name: orderBy + name: jobStatus schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:accessSqlPlan: parameters: *ref_1 get: - description: Gets the batch workload resource representation. - operationId: dataproc.projects.locations.batches.get + description: >- + Obtain Spark Plan Graph for a Spark Application SQL execution. Limits + the number of clusters returned as part of the graph to 10000. + operationId: dataproc.projects.locations.sessions.sparkApplications.accessSqlPlan security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11604,7 +11830,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Batch' + $ref: >- + #/components/schemas/AccessSessionSparkApplicationSqlSparkPlanGraphResponse parameters: - in: path name: projectsId @@ -11617,16 +11844,29 @@ paths: schema: type: string - in: path - name: batchesId + name: sessionsId required: true schema: type: string - delete: - description: >- - Deletes the batch workload resource. If the batch is not in a CANCELLED, - SUCCEEDED or FAILED State, the delete operation fails and the response - returns FAILED_PRECONDITION. - operationId: dataproc.projects.locations.batches.delete + - in: path + name: sparkApplicationsId + required: true + schema: + type: string + - in: query + name: executionId + schema: + type: string + format: int64 + - in: query + name: parent + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:accessJob: + parameters: *ref_1 + get: + description: Obtain data corresponding to a spark job for a Spark Application. + operationId: dataproc.projects.locations.sessions.sparkApplications.accessJob security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11638,7 +11878,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/AccessSessionSparkApplicationJobResponse' parameters: - in: path name: projectsId @@ -11651,20 +11891,31 @@ paths: schema: type: string - in: path - name: batchesId + name: sessionsId + required: true + schema: + type: string + - in: path + name: sparkApplicationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:write: + - in: query + name: jobId + schema: + type: string + format: int64 + - in: query + name: parent + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:access: parameters: *ref_1 - post: - description: Write wrapper objects from dataplane to spanner - operationId: dataproc.projects.locations.batches.sparkApplications.write - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/WriteSparkApplicationContextRequest' + get: + description: >- + Obtain high level information corresponding to a single Spark + Application. + operationId: dataproc.projects.locations.sessions.sparkApplications.access security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11676,7 +11927,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WriteSparkApplicationContextResponse' + $ref: '#/components/schemas/AccessSessionSparkApplicationResponse' parameters: - in: path name: projectsId @@ -11689,7 +11940,7 @@ paths: schema: type: string - in: path - name: batchesId + name: sessionsId required: true schema: type: string @@ -11698,13 +11949,17 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications:search: + - in: query + name: parent + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications:search: parameters: *ref_1 get: description: >- Obtain high level information and list of Spark Applications corresponding to a batch - operationId: dataproc.projects.locations.batches.sparkApplications.search + operationId: dataproc.projects.locations.sessions.sparkApplications.search security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11716,7 +11971,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SearchSparkApplicationsResponse' + $ref: '#/components/schemas/SearchSessionSparkApplicationsResponse' parameters: - in: path name: projectsId @@ -11729,31 +11984,22 @@ paths: schema: type: string - in: path - name: batchesId + name: sessionsId required: true schema: type: string - - in: query - name: applicationStatus - schema: - type: string - - in: query - name: minTime - schema: - type: string - format: google-datetime - in: query name: maxTime schema: type: string format: google-datetime - in: query - name: minEndTime + name: maxEndTime schema: type: string format: google-datetime - in: query - name: maxEndTime + name: minTime schema: type: string format: google-datetime @@ -11766,13 +12012,23 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:access: + - in: query + name: applicationStatus + schema: + type: string + - in: query + name: minEndTime + schema: + type: string + format: google-datetime + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:accessStageRddGraph: parameters: *ref_1 get: description: >- - Obtain high level information corresponding to a single Spark - Application. - operationId: dataproc.projects.locations.batches.sparkApplications.access + Obtain RDD operation graph for a Spark Application Stage. Limits the + number of clusters returned as part of the graph to 10000. + operationId: >- + dataproc.projects.locations.sessions.sparkApplications.accessStageRddGraph security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11784,7 +12040,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AccessSparkApplicationResponse' + $ref: >- + #/components/schemas/AccessSessionSparkApplicationStageRddOperationGraphResponse parameters: - in: path name: projectsId @@ -11797,7 +12054,7 @@ paths: schema: type: string - in: path - name: batchesId + name: sessionsId required: true schema: type: string @@ -11806,15 +12063,25 @@ paths: required: true schema: type: string + - in: query + name: stageId + schema: + type: string + format: int64 - in: query name: parent schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:searchJobs: + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:write: parameters: *ref_1 - get: - description: Obtain list of spark jobs corresponding to a Spark Application. - operationId: dataproc.projects.locations.batches.sparkApplications.searchJobs + post: + description: Write wrapper objects from dataplane to spanner + operationId: dataproc.projects.locations.sessions.sparkApplications.write + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/WriteSessionSparkApplicationContextRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11826,7 +12093,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SearchSparkApplicationJobsResponse' + $ref: >- + #/components/schemas/WriteSessionSparkApplicationContextResponse parameters: - in: path name: projectsId @@ -11839,7 +12107,7 @@ paths: schema: type: string - in: path - name: batchesId + name: sessionsId required: true schema: type: string @@ -11848,28 +12116,12 @@ paths: required: true schema: type: string - - in: query - name: parent - schema: - type: string - - in: query - name: jobStatus - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:accessJob: + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:searchExecutorStageSummary: parameters: *ref_1 get: - description: Obtain data corresponding to a spark job for a Spark Application. - operationId: dataproc.projects.locations.batches.sparkApplications.accessJob + description: Obtain executor summary with respect to a spark stage attempt. + operationId: >- + dataproc.projects.locations.sessions.sparkApplications.searchExecutorStageSummary security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11881,7 +12133,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AccessSparkApplicationJobResponse' + $ref: >- + #/components/schemas/SearchSessionSparkApplicationExecutorStageSummaryResponse parameters: - in: path name: projectsId @@ -11894,7 +12147,7 @@ paths: schema: type: string - in: path - name: batchesId + name: sessionsId required: true schema: type: string @@ -11903,20 +12156,35 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: parent schema: type: string - in: query - name: jobId + name: stageId schema: type: string format: int64 - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:searchStages: + - in: query + name: stageAttemptId + schema: + type: integer + format: int32 + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:summarizeStageAttemptTasks: parameters: *ref_1 get: - description: Obtain data corresponding to stages for a Spark Application. - operationId: dataproc.projects.locations.batches.sparkApplications.searchStages + description: Obtain summary of Tasks for a Spark Application Stage Attempt + operationId: >- + dataproc.projects.locations.sessions.sparkApplications.summarizeStageAttemptTasks security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11928,7 +12196,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SearchSparkApplicationStagesResponse' + $ref: >- + #/components/schemas/SummarizeSessionSparkApplicationStageAttemptTasksResponse parameters: - in: path name: projectsId @@ -11941,7 +12210,7 @@ paths: schema: type: string - in: path - name: batchesId + name: sessionsId required: true schema: type: string @@ -11955,31 +12224,21 @@ paths: schema: type: string - in: query - name: stageStatus + name: stageId schema: type: string + format: int64 - in: query - name: pageSize + name: stageAttemptId schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: summaryMetricsMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:searchStageAttempts: + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:summarizeExecutors: parameters: *ref_1 get: - description: >- - Obtain data corresponding to a spark stage attempts for a Spark - Application. + description: Obtain summary of Executor Summary for a Spark Application operationId: >- - dataproc.projects.locations.batches.sparkApplications.searchStageAttempts + dataproc.projects.locations.sessions.sparkApplications.summarizeExecutors security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11992,7 +12251,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/SearchSparkApplicationStageAttemptsResponse + #/components/schemas/SummarizeSessionSparkApplicationExecutorsResponse parameters: - in: path name: projectsId @@ -12005,7 +12264,7 @@ paths: schema: type: string - in: path - name: batchesId + name: sessionsId required: true schema: type: string @@ -12018,32 +12277,59 @@ paths: name: parent schema: type: string - - in: query - name: stageId + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:summarizeStages: + parameters: *ref_1 + get: + description: Obtain summary of Stages for a Spark Application + operationId: dataproc.projects.locations.sessions.sparkApplications.summarizeStages + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/SummarizeSessionSparkApplicationStagesResponse + parameters: + - in: path + name: projectsId + required: true schema: type: string - format: int64 - - in: query - name: pageSize + - in: path + name: locationsId + required: true schema: - type: integer - format: int32 + type: string + - in: path + name: sessionsId + required: true + schema: + type: string + - in: path + name: sparkApplicationsId + required: true + schema: + type: string - in: query - name: pageToken + name: stageIds schema: type: string + format: int64 - in: query - name: summaryMetricsMask + name: parent schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:accessStageAttempt: + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:searchSqlQueries: parameters: *ref_1 get: - description: >- - Obtain data corresponding to a spark stage attempt for a Spark - Application. - operationId: dataproc.projects.locations.batches.sparkApplications.accessStageAttempt + description: Obtain data corresponding to SQL Queries for a Spark Application. + operationId: dataproc.projects.locations.sessions.sparkApplications.searchSqlQueries security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12056,7 +12342,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/AccessSparkApplicationStageAttemptResponse + #/components/schemas/SearchSessionSparkApplicationSqlQueriesResponse parameters: - in: path name: projectsId @@ -12069,7 +12355,7 @@ paths: schema: type: string - in: path - name: batchesId + name: sessionsId required: true schema: type: string @@ -12078,33 +12364,36 @@ paths: required: true schema: type: string + - in: query + name: details + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 - in: query name: parent schema: type: string - in: query - name: stageId + name: planDescription schema: - type: string - format: int64 + type: boolean - in: query - name: stageAttemptId + name: pageToken schema: - type: integer - format: int32 + type: string - in: query - name: summaryMetricsMask + name: operationIds schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:searchStageAttemptTasks: + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:summarizeJobs: parameters: *ref_1 get: - description: >- - Obtain data corresponding to tasks for a spark stage attempt for a Spark - Application. - operationId: >- - dataproc.projects.locations.batches.sparkApplications.searchStageAttemptTasks + description: Obtain summary of Jobs for a Spark Application + operationId: dataproc.projects.locations.sessions.sparkApplications.summarizeJobs security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12117,7 +12406,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/SearchSparkApplicationStageAttemptTasksResponse + #/components/schemas/SummarizeSessionSparkApplicationJobsResponse parameters: - in: path name: projectsId @@ -12130,7 +12419,7 @@ paths: schema: type: string - in: path - name: batchesId + name: sessionsId required: true schema: type: string @@ -12144,37 +12433,15 @@ paths: schema: type: string - in: query - name: stageId + name: jobIds schema: type: string format: int64 - - in: query - name: stageAttemptId - schema: - type: integer - format: int32 - - in: query - name: sortRuntime - schema: - type: boolean - - in: query - name: taskStatus - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:searchExecutors: + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:searchStages: parameters: *ref_1 get: - description: Obtain data corresponding to executors for a Spark Application. - operationId: dataproc.projects.locations.batches.sparkApplications.searchExecutors + description: Obtain data corresponding to stages for a Spark Application. + operationId: dataproc.projects.locations.sessions.sparkApplications.searchStages security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12186,7 +12453,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SearchSparkApplicationExecutorsResponse' + $ref: >- + #/components/schemas/SearchSessionSparkApplicationStagesResponse parameters: - in: path name: projectsId @@ -12199,7 +12467,7 @@ paths: schema: type: string - in: path - name: batchesId + name: sessionsId required: true schema: type: string @@ -12209,28 +12477,40 @@ paths: schema: type: string - in: query - name: parent + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: summaryMetricsMask schema: type: string + format: google-fieldmask - in: query - name: executorStatus + name: stageIds schema: type: string + format: int64 - in: query - name: pageSize + name: stageStatus schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:searchExecutorStageSummary: + - in: query + name: parent + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:accessStageAttempt: parameters: *ref_1 get: - description: Obtain executor summary with respect to a spark stage attempt. + description: >- + Obtain data corresponding to a spark stage attempt for a Spark + Application. operationId: >- - dataproc.projects.locations.batches.sparkApplications.searchExecutorStageSummary + dataproc.projects.locations.sessions.sparkApplications.accessStageAttempt security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12243,7 +12523,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/SearchSparkApplicationExecutorStageSummaryResponse + #/components/schemas/AccessSessionSparkApplicationStageAttemptResponse parameters: - in: path name: projectsId @@ -12256,7 +12536,7 @@ paths: schema: type: string - in: path - name: batchesId + name: sessionsId required: true schema: type: string @@ -12269,30 +12549,29 @@ paths: name: parent schema: type: string - - in: query - name: stageId - schema: - type: string - format: int64 - in: query name: stageAttemptId schema: type: integer format: int32 - in: query - name: pageSize + name: stageId schema: - type: integer - format: int32 + type: string + format: int64 - in: query - name: pageToken + name: summaryMetricsMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:searchSqlQueries: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:searchStageAttempts: parameters: *ref_1 get: - description: Obtain data corresponding to SQL Queries for a Spark Application. - operationId: dataproc.projects.locations.batches.sparkApplications.searchSqlQueries + description: >- + Obtain data corresponding to a spark stage attempts for a Spark + Application. + operationId: >- + dataproc.projects.locations.sessions.sparkApplications.searchStageAttempts security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12304,7 +12583,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SearchSparkApplicationSqlQueriesResponse' + $ref: >- + #/components/schemas/SearchSessionSparkApplicationStageAttemptsResponse parameters: - in: path name: projectsId @@ -12317,7 +12597,7 @@ paths: schema: type: string - in: path - name: batchesId + name: sessionsId required: true schema: type: string @@ -12327,33 +12607,38 @@ paths: schema: type: string - in: query - name: parent + name: pageToken schema: type: string - in: query - name: details + name: pageSize schema: - type: boolean + type: integer + format: int32 - in: query - name: planDescription + name: stageId schema: - type: boolean + type: string + format: int64 - in: query - name: pageSize + name: parent schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: summaryMetricsMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:accessSqlQuery: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}:terminate: parameters: *ref_1 - get: - description: >- - Obtain data corresponding to a particular SQL Query for a Spark - Application. - operationId: dataproc.projects.locations.batches.sparkApplications.accessSqlQuery + post: + description: Terminates the interactive session. + operationId: dataproc.projects.locations.sessions.terminate + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TerminateSessionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12365,7 +12650,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AccessSparkApplicationSqlQueryResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -12378,39 +12663,54 @@ paths: schema: type: string - in: path - name: batchesId + name: sessionsId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/sessions: + parameters: *ref_1 + post: + description: Create an interactive session asynchronously. + operationId: dataproc.projects.locations.sessions.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Session' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: - in: path - name: sparkApplicationsId + name: projectsId required: true schema: type: string - - in: query - name: parent + - in: path + name: locationsId + required: true schema: type: string - in: query - name: executionId + name: requestId schema: type: string - format: int64 - in: query - name: details - schema: - type: boolean - - in: query - name: planDescription + name: sessionId schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:accessSqlPlan: - parameters: *ref_1 + type: string get: - description: >- - Obtain Spark Plan Graph for a Spark Application SQL execution. Limits - the number of clusters returned as part of the graph to 10000. - operationId: dataproc.projects.locations.batches.sparkApplications.accessSqlPlan + description: Lists interactive sessions. + operationId: dataproc.projects.locations.sessions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12422,8 +12722,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/AccessSparkApplicationSqlSparkPlanGraphResponse + $ref: '#/components/schemas/ListSessionsResponse' parameters: - in: path name: projectsId @@ -12435,33 +12734,26 @@ paths: required: true schema: type: string - - in: path - name: batchesId - required: true - schema: - type: string - - in: path - name: sparkApplicationsId - required: true + - in: query + name: filter schema: type: string - in: query - name: parent + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: executionId + name: pageToken schema: type: string - format: int64 - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:accessStageRddGraph: + /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}: parameters: *ref_1 - get: + delete: description: >- - Obtain RDD operation graph for a Spark Application Stage. Limits the - number of clusters returned as part of the graph to 10000. - operationId: >- - dataproc.projects.locations.batches.sparkApplications.accessStageRddGraph + Deletes the interactive session resource. If the session is not in + terminal state, it is terminated, and then deleted. + operationId: dataproc.projects.locations.sessions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12473,8 +12765,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/AccessSparkApplicationStageRddOperationGraphResponse + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -12487,30 +12778,17 @@ paths: schema: type: string - in: path - name: batchesId - required: true - schema: - type: string - - in: path - name: sparkApplicationsId + name: sessionsId required: true schema: type: string - in: query - name: parent - schema: - type: string - - in: query - name: stageId + name: requestId schema: type: string - format: int64 - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:accessEnvironmentInfo: - parameters: *ref_1 get: - description: Obtain environment details for a Spark Application - operationId: >- - dataproc.projects.locations.batches.sparkApplications.accessEnvironmentInfo + description: Gets the resource representation for an interactive session. + operationId: dataproc.projects.locations.sessions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12522,8 +12800,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/AccessSparkApplicationEnvironmentInfoResponse + $ref: '#/components/schemas/Session' parameters: - in: path name: projectsId @@ -12536,24 +12813,18 @@ paths: schema: type: string - in: path - name: batchesId - required: true - schema: - type: string - - in: path - name: sparkApplicationsId + name: sessionsId required: true schema: type: string - - in: query - name: parent - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:summarizeJobs: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: - description: Obtain summary of Jobs for a Spark Application - operationId: dataproc.projects.locations.batches.sparkApplications.summarizeJobs + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: dataproc.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12565,7 +12836,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SummarizeSparkApplicationJobsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -12578,24 +12849,17 @@ paths: schema: type: string - in: path - name: batchesId - required: true - schema: - type: string - - in: path - name: sparkApplicationsId + name: operationsId required: true schema: type: string - - in: query - name: parent - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:summarizeStages: - parameters: *ref_1 - get: - description: Obtain summary of Stages for a Spark Application - operationId: dataproc.projects.locations.batches.sparkApplications.summarizeStages + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + google.rpc.Code.UNIMPLEMENTED. + operationId: dataproc.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12607,7 +12871,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SummarizeSparkApplicationStagesResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -12620,25 +12884,24 @@ paths: schema: type: string - in: path - name: batchesId - required: true - schema: - type: string - - in: path - name: sparkApplicationsId + name: operationsId required: true schema: type: string - - in: query - name: parent - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:summarizeStageAttemptTasks: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: - description: Obtain summary of Tasks for a Spark Application Stage Attempt - operationId: >- - dataproc.projects.locations.batches.sparkApplications.summarizeStageAttemptTasks + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + google.rpc.Code.UNIMPLEMENTED. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + 1, corresponding to Code.CANCELLED. + operationId: dataproc.projects.locations.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12650,8 +12913,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/SummarizeSparkApplicationStageAttemptTasksResponse + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -12664,34 +12926,17 @@ paths: schema: type: string - in: path - name: batchesId - required: true - schema: - type: string - - in: path - name: sparkApplicationsId + name: operationsId required: true schema: type: string - - in: query - name: parent - schema: - type: string - - in: query - name: stageId - schema: - type: string - format: int64 - - in: query - name: stageAttemptId - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:summarizeExecutors: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 get: - description: Obtain summary of Executor Summary for a Spark Application - operationId: dataproc.projects.locations.batches.sparkApplications.summarizeExecutors + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns UNIMPLEMENTED. + operationId: dataproc.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12703,8 +12948,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/SummarizeSparkApplicationExecutorsResponse + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -12716,18 +12960,21 @@ paths: required: true schema: type: string - - in: path - name: batchesId - required: true + - in: query + name: returnPartialSuccess schema: - type: string - - in: path - name: sparkApplicationsId - required: true + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - in: query - name: parent + name: pageToken schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/autoscalingPolicies: @@ -12789,27 +13036,27 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/autoscalingPolicies/{autoscalingPoliciesId}: + /v1/projects/{projectsId}/locations/{locationsId}/autoscalingPolicies/{autoscalingPoliciesId}:getIamPolicy: parameters: *ref_1 - put: + post: description: >- - Updates (replaces) autoscaling policy.Disabled check for update_mask, - because all updates will be full replacements. - operationId: dataproc.projects.locations.autoscalingPolicies.update + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: dataproc.projects.locations.autoscalingPolicies.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/AutoscalingPolicy' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12821,7 +13068,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AutoscalingPolicy' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -12838,9 +13085,13 @@ paths: required: true schema: type: string - get: - description: Retrieves autoscaling policy. - operationId: dataproc.projects.locations.autoscalingPolicies.get + /v1/projects/{projectsId}/locations/{locationsId}/autoscalingPolicies/{autoscalingPoliciesId}: + parameters: *ref_1 + delete: + description: >- + Deletes an autoscaling policy. It is an error to delete an autoscaling + policy that is in use by one or more clusters. + operationId: dataproc.projects.locations.autoscalingPolicies.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12852,7 +13103,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AutoscalingPolicy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -12869,11 +13120,16 @@ paths: required: true schema: type: string - delete: + put: description: >- - Deletes an autoscaling policy. It is an error to delete an autoscaling - policy that is in use by one or more clusters. - operationId: dataproc.projects.locations.autoscalingPolicies.delete + Updates (replaces) autoscaling policy.Disabled check for update_mask, + because all updates will be full replacements. + operationId: dataproc.projects.locations.autoscalingPolicies.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AutoscalingPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12885,7 +13141,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/AutoscalingPolicy' parameters: - in: path name: projectsId @@ -12902,19 +13158,9 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/autoscalingPolicies/{autoscalingPoliciesId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and - PERMISSION_DENIED errors. - operationId: dataproc.projects.locations.autoscalingPolicies.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + get: + description: Retrieves autoscaling policy. + operationId: dataproc.projects.locations.autoscalingPolicies.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12926,7 +13172,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/AutoscalingPolicy' parameters: - in: path name: projectsId @@ -12943,18 +13189,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/autoscalingPolicies/{autoscalingPoliciesId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/autoscalingPolicies/{autoscalingPoliciesId}:setIamPolicy: parameters: *ref_1 post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: dataproc.projects.locations.autoscalingPolicies.getIamPolicy + Sets the access control policy on the specified resource. Replaces any + existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and + PERMISSION_DENIED errors. + operationId: dataproc.projects.locations.autoscalingPolicies.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13026,50 +13273,12 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/sessions: + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:searchExecutorStageSummary: parameters: *ref_1 - post: - description: Create an interactive session asynchronously. - operationId: dataproc.projects.locations.sessions.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Session' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: sessionId - schema: - type: string - - in: query - name: requestId - schema: - type: string get: - description: Lists interactive sessions. - operationId: dataproc.projects.locations.sessions.list + description: Obtain executor summary with respect to a spark stage attempt. + operationId: >- + dataproc.projects.locations.batches.sparkApplications.searchExecutorStageSummary security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13081,7 +13290,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSessionsResponse' + $ref: >- + #/components/schemas/SearchSparkApplicationExecutorStageSummaryResponse parameters: - in: path name: projectsId @@ -13093,24 +13303,47 @@ paths: required: true schema: type: string + - in: path + name: batchesId + required: true + schema: + type: string + - in: path + name: sparkApplicationsId + required: true + schema: + type: string + - in: query + name: stageId + schema: + type: string + format: int64 - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: parent schema: type: string - in: query - name: filter + name: stageAttemptId + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}: + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:searchStageAttempts: parameters: *ref_1 get: - description: Gets the resource representation for an interactive session. - operationId: dataproc.projects.locations.sessions.get + description: >- + Obtain data corresponding to a spark stage attempts for a Spark + Application. + operationId: >- + dataproc.projects.locations.batches.sparkApplications.searchStageAttempts security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13122,7 +13355,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Session' + $ref: >- + #/components/schemas/SearchSparkApplicationStageAttemptsResponse parameters: - in: path name: projectsId @@ -13135,57 +13369,43 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string - delete: - description: >- - Deletes the interactive session resource. If the session is not in - terminal state, it is terminated, and then deleted. - operationId: dataproc.projects.locations.sessions.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - in: path - name: projectsId + name: sparkApplicationsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: parent schema: type: string - - in: path - name: sessionsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - in: query - name: requestId + name: stageId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}:terminate: + format: int64 + - in: query + name: summaryMetricsMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:summarizeStages: parameters: *ref_1 - post: - description: Terminates the interactive session. - operationId: dataproc.projects.locations.sessions.terminate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TerminateSessionRequest' + get: + description: Obtain summary of Stages for a Spark Application + operationId: dataproc.projects.locations.batches.sparkApplications.summarizeStages security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13197,7 +13417,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/SummarizeSparkApplicationStagesResponse' parameters: - in: path name: projectsId @@ -13210,20 +13430,24 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:write: + - in: path + name: sparkApplicationsId + required: true + schema: + type: string + - in: query + name: parent + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:searchSqlQueries: parameters: *ref_1 - post: - description: Write wrapper objects from dataplane to spanner - operationId: dataproc.projects.locations.sessions.sparkApplications.write - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/WriteSessionSparkApplicationContextRequest' + get: + description: Obtain data corresponding to SQL Queries for a Spark Application. + operationId: dataproc.projects.locations.batches.sparkApplications.searchSqlQueries security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13235,8 +13459,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/WriteSessionSparkApplicationContextResponse + $ref: '#/components/schemas/SearchSparkApplicationSqlQueriesResponse' parameters: - in: path name: projectsId @@ -13249,7 +13472,7 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string @@ -13258,13 +13481,34 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications:search: + - in: query + name: details + schema: + type: boolean + - in: query + name: parent + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: planDescription + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:accessStageAttempt: parameters: *ref_1 get: description: >- - Obtain high level information and list of Spark Applications - corresponding to a batch - operationId: dataproc.projects.locations.sessions.sparkApplications.search + Obtain data corresponding to a spark stage attempt for a Spark + Application. + operationId: dataproc.projects.locations.batches.sparkApplications.accessStageAttempt security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13276,7 +13520,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SearchSessionSparkApplicationsResponse' + $ref: >- + #/components/schemas/AccessSparkApplicationStageAttemptResponse parameters: - in: path name: projectsId @@ -13289,50 +13534,42 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string - - in: query - name: applicationStatus - schema: - type: string - - in: query - name: minTime - schema: - type: string - format: google-datetime - - in: query - name: maxTime + - in: path + name: sparkApplicationsId + required: true schema: type: string - format: google-datetime - in: query - name: minEndTime + name: summaryMetricsMask schema: type: string - format: google-datetime + format: google-fieldmask - in: query - name: maxEndTime + name: stageId schema: type: string - format: google-datetime + format: int64 - in: query - name: pageSize + name: stageAttemptId schema: type: integer format: int32 - in: query - name: pageToken + name: parent schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:access: + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:searchStageAttemptTasks: parameters: *ref_1 get: description: >- - Obtain high level information corresponding to a single Spark + Obtain data corresponding to tasks for a spark stage attempt for a Spark Application. - operationId: dataproc.projects.locations.sessions.sparkApplications.access + operationId: >- + dataproc.projects.locations.batches.sparkApplications.searchStageAttemptTasks security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13344,7 +13581,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AccessSessionSparkApplicationResponse' + $ref: >- + #/components/schemas/SearchSparkApplicationStageAttemptTasksResponse parameters: - in: path name: projectsId @@ -13357,7 +13595,7 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string @@ -13366,15 +13604,45 @@ paths: required: true schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: sortRuntime + schema: + type: boolean + - in: query + name: stageId + schema: + type: string + format: int64 + - in: query + name: pageToken + schema: + type: string - in: query name: parent schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:searchJobs: + - in: query + name: stageAttemptId + schema: + type: integer + format: int32 + - in: query + name: taskStatus + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:accessStageRddGraph: parameters: *ref_1 get: - description: Obtain list of spark jobs corresponding to a Spark Application. - operationId: dataproc.projects.locations.sessions.sparkApplications.searchJobs + description: >- + Obtain RDD operation graph for a Spark Application Stage. Limits the + number of clusters returned as part of the graph to 10000. + operationId: >- + dataproc.projects.locations.batches.sparkApplications.accessStageRddGraph security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13386,7 +13654,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SearchSessionSparkApplicationJobsResponse' + $ref: >- + #/components/schemas/AccessSparkApplicationStageRddOperationGraphResponse parameters: - in: path name: projectsId @@ -13399,7 +13668,7 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string @@ -13409,32 +13678,21 @@ paths: schema: type: string - in: query - name: parent - schema: - type: string - - in: query - name: jobStatus - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: parent schema: type: string - in: query - name: jobIds + name: stageId schema: type: string format: int64 - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:accessJob: + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:access: parameters: *ref_1 get: - description: Obtain data corresponding to a spark job for a Spark Application. - operationId: dataproc.projects.locations.sessions.sparkApplications.accessJob + description: >- + Obtain high level information corresponding to a single Spark + Application. + operationId: dataproc.projects.locations.batches.sparkApplications.access security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13446,7 +13704,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AccessSessionSparkApplicationJobResponse' + $ref: '#/components/schemas/AccessSparkApplicationResponse' parameters: - in: path name: projectsId @@ -13459,7 +13717,7 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string @@ -13472,16 +13730,16 @@ paths: name: parent schema: type: string - - in: query - name: jobId - schema: - type: string - format: int64 - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:searchStages: + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:write: parameters: *ref_1 - get: - description: Obtain data corresponding to stages for a Spark Application. - operationId: dataproc.projects.locations.sessions.sparkApplications.searchStages + post: + description: Write wrapper objects from dataplane to spanner + operationId: dataproc.projects.locations.batches.sparkApplications.write + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/WriteSparkApplicationContextRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13493,8 +13751,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/SearchSessionSparkApplicationStagesResponse + $ref: '#/components/schemas/WriteSparkApplicationContextResponse' parameters: - in: path name: projectsId @@ -13507,7 +13764,7 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string @@ -13516,41 +13773,11 @@ paths: required: true schema: type: string - - in: query - name: parent - schema: - type: string - - in: query - name: stageStatus - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: summaryMetricsMask - schema: - type: string - format: google-fieldmask - - in: query - name: stageIds - schema: - type: string - format: int64 - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:searchStageAttempts: + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:searchJobs: parameters: *ref_1 get: - description: >- - Obtain data corresponding to a spark stage attempts for a Spark - Application. - operationId: >- - dataproc.projects.locations.sessions.sparkApplications.searchStageAttempts + description: Obtain list of spark jobs corresponding to a Spark Application. + operationId: dataproc.projects.locations.batches.sparkApplications.searchJobs security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13562,8 +13789,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/SearchSessionSparkApplicationStageAttemptsResponse + $ref: '#/components/schemas/SearchSparkApplicationJobsResponse' parameters: - in: path name: projectsId @@ -13576,7 +13802,7 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string @@ -13586,36 +13812,29 @@ paths: schema: type: string - in: query - name: parent + name: jobStatus schema: type: string - in: query - name: stageId + name: pageToken schema: type: string - format: int64 - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - - in: query - name: summaryMetricsMask + name: parent schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:accessStageAttempt: + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications:search: parameters: *ref_1 get: description: >- - Obtain data corresponding to a spark stage attempt for a Spark - Application. - operationId: >- - dataproc.projects.locations.sessions.sparkApplications.accessStageAttempt + Obtain high level information and list of Spark Applications + corresponding to a batch + operationId: dataproc.projects.locations.batches.sparkApplications.search security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13627,8 +13846,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/AccessSessionSparkApplicationStageAttemptResponse + $ref: '#/components/schemas/SearchSparkApplicationsResponse' parameters: - in: path name: projectsId @@ -13641,42 +13859,49 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string - - in: path - name: sparkApplicationsId - required: true + - in: query + name: minTime schema: type: string + format: google-datetime - in: query - name: parent + name: applicationStatus schema: type: string - in: query - name: stageId + name: maxEndTime schema: type: string - format: int64 + format: google-datetime - in: query - name: stageAttemptId + name: minEndTime + schema: + type: string + format: google-datetime + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize schema: type: integer format: int32 - in: query - name: summaryMetricsMask + name: maxTime schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:searchStageAttemptTasks: + format: google-datetime + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:accessEnvironmentInfo: parameters: *ref_1 get: - description: >- - Obtain data corresponding to tasks for a spark stage attempt for a Spark - Application. + description: Obtain environment details for a Spark Application operationId: >- - dataproc.projects.locations.sessions.sparkApplications.searchStageAttemptTasks + dataproc.projects.locations.batches.sparkApplications.accessEnvironmentInfo security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13689,7 +13914,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/SearchSessionSparkApplicationStageAttemptTasksResponse + #/components/schemas/AccessSparkApplicationEnvironmentInfoResponse parameters: - in: path name: projectsId @@ -13702,7 +13927,7 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string @@ -13715,38 +13940,11 @@ paths: name: parent schema: type: string - - in: query - name: stageId - schema: - type: string - format: int64 - - in: query - name: stageAttemptId - schema: - type: integer - format: int32 - - in: query - name: sortRuntime - schema: - type: boolean - - in: query - name: taskStatus - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:searchExecutors: + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:searchExecutors: parameters: *ref_1 get: description: Obtain data corresponding to executors for a Spark Application. - operationId: dataproc.projects.locations.sessions.sparkApplications.searchExecutors + operationId: dataproc.projects.locations.batches.sparkApplications.searchExecutors security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13758,8 +13956,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/SearchSessionSparkApplicationExecutorsResponse + $ref: '#/components/schemas/SearchSparkApplicationExecutorsResponse' parameters: - in: path name: projectsId @@ -13772,7 +13969,7 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string @@ -13781,12 +13978,16 @@ paths: required: true schema: type: string + - in: query + name: executorStatus + schema: + type: string - in: query name: parent schema: type: string - in: query - name: executorStatus + name: pageToken schema: type: string - in: query @@ -13794,16 +13995,11 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:searchExecutorStageSummary: + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:summarizeExecutors: parameters: *ref_1 get: - description: Obtain executor summary with respect to a spark stage attempt. - operationId: >- - dataproc.projects.locations.sessions.sparkApplications.searchExecutorStageSummary + description: Obtain summary of Executor Summary for a Spark Application + operationId: dataproc.projects.locations.batches.sparkApplications.summarizeExecutors security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13816,7 +14012,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/SearchSessionSparkApplicationExecutorStageSummaryResponse + #/components/schemas/SummarizeSparkApplicationExecutorsResponse parameters: - in: path name: projectsId @@ -13829,7 +14025,7 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string @@ -13842,30 +14038,13 @@ paths: name: parent schema: type: string - - in: query - name: stageId - schema: - type: string - format: int64 - - in: query - name: stageAttemptId - schema: - type: integer - format: int32 - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:searchSqlQueries: + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:accessSqlQuery: parameters: *ref_1 get: - description: Obtain data corresponding to SQL Queries for a Spark Application. - operationId: dataproc.projects.locations.sessions.sparkApplications.searchSqlQueries + description: >- + Obtain data corresponding to a particular SQL Query for a Spark + Application. + operationId: dataproc.projects.locations.batches.sparkApplications.accessSqlQuery security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13877,8 +14056,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/SearchSessionSparkApplicationSqlQueriesResponse + $ref: '#/components/schemas/AccessSparkApplicationSqlQueryResponse' parameters: - in: path name: projectsId @@ -13891,7 +14069,7 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string @@ -13904,34 +14082,24 @@ paths: name: parent schema: type: string - - in: query - name: details - schema: - type: boolean - in: query name: planDescription schema: type: boolean - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: details schema: - type: string + type: boolean - in: query - name: operationIds + name: executionId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:accessSqlQuery: + format: int64 + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:accessJob: parameters: *ref_1 - get: - description: >- - Obtain data corresponding to a particular SQL Query for a Spark - Application. - operationId: dataproc.projects.locations.sessions.sparkApplications.accessSqlQuery + get: + description: Obtain data corresponding to a spark job for a Spark Application. + operationId: dataproc.projects.locations.batches.sparkApplications.accessJob security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13943,8 +14111,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/AccessSessionSparkApplicationSqlQueryResponse + $ref: '#/components/schemas/AccessSparkApplicationJobResponse' parameters: - in: path name: projectsId @@ -13957,7 +14124,7 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string @@ -13967,29 +14134,21 @@ paths: schema: type: string - in: query - name: parent - schema: - type: string - - in: query - name: executionId + name: jobId schema: type: string format: int64 - in: query - name: details - schema: - type: boolean - - in: query - name: planDescription + name: parent schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:accessSqlPlan: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:accessSqlPlan: parameters: *ref_1 get: description: >- Obtain Spark Plan Graph for a Spark Application SQL execution. Limits the number of clusters returned as part of the graph to 10000. - operationId: dataproc.projects.locations.sessions.sparkApplications.accessSqlPlan + operationId: dataproc.projects.locations.batches.sparkApplications.accessSqlPlan security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14002,7 +14161,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/AccessSessionSparkApplicationSqlSparkPlanGraphResponse + #/components/schemas/AccessSparkApplicationSqlSparkPlanGraphResponse parameters: - in: path name: projectsId @@ -14015,7 +14174,7 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string @@ -14025,22 +14184,20 @@ paths: schema: type: string - in: query - name: parent + name: executionId schema: type: string + format: int64 - in: query - name: executionId + name: parent schema: type: string - format: int64 - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:accessStageRddGraph: + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:summarizeStageAttemptTasks: parameters: *ref_1 get: - description: >- - Obtain RDD operation graph for a Spark Application Stage. Limits the - number of clusters returned as part of the graph to 10000. + description: Obtain summary of Tasks for a Spark Application Stage Attempt operationId: >- - dataproc.projects.locations.sessions.sparkApplications.accessStageRddGraph + dataproc.projects.locations.batches.sparkApplications.summarizeStageAttemptTasks security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14053,7 +14210,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/AccessSessionSparkApplicationStageRddOperationGraphResponse + #/components/schemas/SummarizeSparkApplicationStageAttemptTasksResponse parameters: - in: path name: projectsId @@ -14066,7 +14223,7 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string @@ -14079,17 +14236,21 @@ paths: name: parent schema: type: string + - in: query + name: stageAttemptId + schema: + type: integer + format: int32 - in: query name: stageId schema: type: string format: int64 - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:accessEnvironmentInfo: + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:summarizeJobs: parameters: *ref_1 get: - description: Obtain environment details for a Spark Application - operationId: >- - dataproc.projects.locations.sessions.sparkApplications.accessEnvironmentInfo + description: Obtain summary of Jobs for a Spark Application + operationId: dataproc.projects.locations.batches.sparkApplications.summarizeJobs security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14101,8 +14262,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/AccessSessionSparkApplicationEnvironmentInfoResponse + $ref: '#/components/schemas/SummarizeSparkApplicationJobsResponse' parameters: - in: path name: projectsId @@ -14115,7 +14275,7 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string @@ -14128,11 +14288,11 @@ paths: name: parent schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:summarizeJobs: + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}/sparkApplications/{sparkApplicationsId}:searchStages: parameters: *ref_1 get: - description: Obtain summary of Jobs for a Spark Application - operationId: dataproc.projects.locations.sessions.sparkApplications.summarizeJobs + description: Obtain data corresponding to stages for a Spark Application. + operationId: dataproc.projects.locations.batches.sparkApplications.searchStages security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14144,8 +14304,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/SummarizeSessionSparkApplicationJobsResponse + $ref: '#/components/schemas/SearchSparkApplicationStagesResponse' parameters: - in: path name: projectsId @@ -14158,7 +14317,7 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string @@ -14167,20 +14326,38 @@ paths: required: true schema: type: string + - in: query + name: summaryMetricsMask + schema: + type: string + format: google-fieldmask + - in: query + name: pageToken + schema: + type: string - in: query name: parent schema: type: string - in: query - name: jobIds + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: stageStatus schema: type: string - format: int64 - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:summarizeStages: + /v1/projects/{projectsId}/locations/{locationsId}/batches: parameters: *ref_1 - get: - description: Obtain summary of Stages for a Spark Application - operationId: dataproc.projects.locations.sessions.sparkApplications.summarizeStages + post: + description: Creates a batch workload that executes asynchronously. + operationId: dataproc.projects.locations.batches.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Batch' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14192,8 +14369,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/SummarizeSessionSparkApplicationStagesResponse + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -14205,31 +14381,17 @@ paths: required: true schema: type: string - - in: path - name: sessionsId - required: true - schema: - type: string - - in: path - name: sparkApplicationsId - required: true - schema: - type: string - in: query - name: parent + name: requestId schema: type: string - in: query - name: stageIds + name: batchId schema: type: string - format: int64 - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:summarizeStageAttemptTasks: - parameters: *ref_1 get: - description: Obtain summary of Tasks for a Spark Application Stage Attempt - operationId: >- - dataproc.projects.locations.sessions.sparkApplications.summarizeStageAttemptTasks + description: Lists batch workloads. + operationId: dataproc.projects.locations.batches.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14241,8 +14403,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/SummarizeSessionSparkApplicationStageAttemptTasksResponse + $ref: '#/components/schemas/ListBatchesResponse' parameters: - in: path name: projectsId @@ -14254,36 +14415,28 @@ paths: required: true schema: type: string - - in: path - name: sessionsId - required: true - schema: - type: string - - in: path - name: sparkApplicationsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: parent + name: filter schema: type: string - in: query - name: stageId + name: orderBy schema: type: string - format: int64 - in: query - name: stageAttemptId + name: pageToken schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/sessions/{sessionsId}/sparkApplications/{sparkApplicationsId}:summarizeExecutors: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}: parameters: *ref_1 get: - description: Obtain summary of Executor Summary for a Spark Application - operationId: >- - dataproc.projects.locations.sessions.sparkApplications.summarizeExecutors + description: Gets the batch workload resource representation. + operationId: dataproc.projects.locations.batches.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14295,8 +14448,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/SummarizeSessionSparkApplicationExecutorsResponse + $ref: '#/components/schemas/Batch' parameters: - in: path name: projectsId @@ -14309,29 +14461,54 @@ paths: schema: type: string - in: path - name: sessionsId + name: batchesId required: true schema: type: string + delete: + description: >- + Deletes the batch workload resource. If the batch is not in a CANCELLED, + SUCCEEDED or FAILED State, the delete operation fails and the response + returns FAILED_PRECONDITION. + operationId: dataproc.projects.locations.batches.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: - in: path - name: sparkApplicationsId + name: projectsId required: true schema: type: string - - in: query - name: parent + - in: path + name: locationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/sessionTemplates: + - in: path + name: batchesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/batches/{batchesId}:analyze: parameters: *ref_1 post: - description: Create a session template synchronously. - operationId: dataproc.projects.locations.sessionTemplates.create + description: Analyze a Batch for possible recommendations and insights. + operationId: dataproc.projects.locations.batches.analyze requestBody: content: application/json: schema: - $ref: '#/components/schemas/SessionTemplate' + $ref: '#/components/schemas/AnalyzeBatchRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14343,7 +14520,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SessionTemplate' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -14355,9 +14532,24 @@ paths: required: true schema: type: string - get: - description: Lists session templates. - operationId: dataproc.projects.locations.sessionTemplates.list + - in: path + name: batchesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/workflowTemplates/{workflowTemplatesId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and + PERMISSION_DENIED errors. + operationId: dataproc.projects.locations.workflowTemplates.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14369,7 +14561,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSessionTemplatesResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -14381,29 +14573,23 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: workflowTemplatesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/sessionTemplates/{sessionTemplatesId}: + /v1/projects/{projectsId}/locations/{locationsId}/workflowTemplates/{workflowTemplatesId}:getIamPolicy: parameters: *ref_1 - patch: - description: Updates the session template synchronously. - operationId: dataproc.projects.locations.sessionTemplates.patch + post: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: dataproc.projects.locations.workflowTemplates.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/SessionTemplate' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14415,7 +14601,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SessionTemplate' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -14428,13 +14614,30 @@ paths: schema: type: string - in: path - name: sessionTemplatesId + name: workflowTemplatesId required: true schema: type: string - get: - description: Gets the resource representation for a session template. - operationId: dataproc.projects.locations.sessionTemplates.get + /v1/projects/{projectsId}/locations/{locationsId}/workflowTemplates/{workflowTemplatesId}:instantiate: + parameters: *ref_1 + post: + description: >- + Instantiates a template and begins execution.The returned Operation can + be used to track execution of workflow by polling operations.get. The + Operation will complete when entire workflow is finished.The running + workflow can be aborted via operations.cancel. This will cause any + inflight jobs to be cancelled and workflow-owned clusters to be + deleted.The Operation.metadata will be WorkflowMetadata + (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#workflowmetadata). + Also see Using WorkflowMetadata + (https://cloud.google.com/dataproc/docs/concepts/workflows/debugging#using_workflowmetadata).On + successful completion, Operation.response will be Empty. + operationId: dataproc.projects.locations.workflowTemplates.instantiate + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InstantiateWorkflowTemplateRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14446,7 +14649,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SessionTemplate' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -14459,13 +14662,25 @@ paths: schema: type: string - in: path - name: sessionTemplatesId + name: workflowTemplatesId required: true schema: type: string - delete: - description: Deletes a session template. - operationId: dataproc.projects.locations.sessionTemplates.delete + /v1/projects/{projectsId}/locations/{locationsId}/workflowTemplates/{workflowTemplatesId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a NOT_FOUND error.Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: dataproc.projects.locations.workflowTemplates.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14477,7 +14692,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -14490,7 +14705,7 @@ paths: schema: type: string - in: path - name: sessionTemplatesId + name: workflowTemplatesId required: true schema: type: string @@ -14564,11 +14779,9 @@ paths: type: string /v1/projects/{projectsId}/locations/{locationsId}/workflowTemplates/{workflowTemplatesId}: parameters: *ref_1 - get: - description: >- - Retrieves the latest workflow template.Can retrieve previously - instantiated template by specifying optional version parameter. - operationId: dataproc.projects.locations.workflowTemplates.get + delete: + description: Deletes a workflow template. It does not cancel in-progress workflows. + operationId: dataproc.projects.locations.workflowTemplates.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14580,7 +14793,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WorkflowTemplate' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -14602,16 +14815,11 @@ paths: schema: type: integer format: int32 - put: + get: description: >- - Updates (replaces) workflow template. The updated template must contain - version that matches the current server version. - operationId: dataproc.projects.locations.workflowTemplates.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/WorkflowTemplate' + Retrieves the latest workflow template.Can retrieve previously + instantiated template by specifying optional version parameter. + operationId: dataproc.projects.locations.workflowTemplates.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14640,62 +14848,21 @@ paths: required: true schema: type: string - delete: - description: Deletes a workflow template. It does not cancel in-progress workflows. - operationId: dataproc.projects.locations.workflowTemplates.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Empty' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: workflowTemplatesId - required: true - schema: - type: string - in: query name: version schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/workflowTemplates/{workflowTemplatesId}:instantiate: - parameters: *ref_1 - post: + put: description: >- - Instantiates a template and begins execution.The returned Operation can - be used to track execution of workflow by polling operations.get. The - Operation will complete when entire workflow is finished.The running - workflow can be aborted via operations.cancel. This will cause any - inflight jobs to be cancelled and workflow-owned clusters to be - deleted.The Operation.metadata will be WorkflowMetadata - (https://cloud.google.com/dataproc/docs/reference/rpc/google.cloud.dataproc.v1#workflowmetadata). - Also see Using WorkflowMetadata - (https://cloud.google.com/dataproc/docs/concepts/workflows/debugging#using_workflowmetadata).On - successful completion, Operation.response will be Empty. - operationId: dataproc.projects.locations.workflowTemplates.instantiate + Updates (replaces) workflow template. The updated template must contain + version that matches the current server version. + operationId: dataproc.projects.locations.workflowTemplates.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/InstantiateWorkflowTemplateRequest' + $ref: '#/components/schemas/WorkflowTemplate' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14707,7 +14874,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/WorkflowTemplate' parameters: - in: path name: projectsId @@ -14773,127 +14940,3 @@ paths: name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/workflowTemplates/{workflowTemplatesId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and - PERMISSION_DENIED errors. - operationId: dataproc.projects.locations.workflowTemplates.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Policy' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: workflowTemplatesId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/workflowTemplates/{workflowTemplatesId}:getIamPolicy: - parameters: *ref_1 - post: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: dataproc.projects.locations.workflowTemplates.getIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GetIamPolicyRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Policy' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: workflowTemplatesId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/workflowTemplates/{workflowTemplatesId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a NOT_FOUND error.Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: dataproc.projects.locations.workflowTemplates.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: workflowTemplatesId - required: true - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/datastore.yaml b/providers/src/googleapis.com/v00.00.00000/services/datastore.yaml index 1675f080..f18a5d62 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/datastore.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/datastore.yaml @@ -9,8 +9,8 @@ info: Accesses the schemaless NoSQL database to provide fully managed, robust, scalable storage for your application. version: v1 - x-discovery-doc-revision: '20250824' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251203' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/datastore/ servers: @@ -24,10 +24,10 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 + https://www.googleapis.com/auth/datastore: View and manage your Google Cloud Datastore data https://www.googleapis.com/auth/cloud-platform: >- See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account. - https://www.googleapis.com/auth/datastore: View and manage your Google Cloud Datastore data Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -37,976 +37,761 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleLongrunningListOperationsResponse: - id: GoogleLongrunningListOperationsResponse - description: The response message for Operations.ListOperations. - type: object + LookupRequest: + id: LookupRequest + description: The request for Datastore.Lookup. properties: - operations: + databaseId: + type: string description: >- - A list of operations that matches the specified filter in the - request. - type: array + The ID of the database against which to make the request. + '(default)' is not allowed; please use empty string '' to refer the + default database. + readOptions: + $ref: '#/components/schemas/ReadOptions' + description: The options for this lookup request. + keys: items: - $ref: '#/components/schemas/GoogleLongrunningOperation' - nextPageToken: - description: The standard List next-page token. - type: string - GoogleLongrunningOperation: - id: GoogleLongrunningOperation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + $ref: '#/components/schemas/Key' + type: array + description: Required. Keys of entities to look up. + propertyMask: + description: >- + The properties to return. Defaults to returning all properties. If + this field is set and an entity has a property not referenced in the + mask, it will be absent from LookupResponse.found.entity.properties. + The entity's key is always returned. + $ref: '#/components/schemas/PropertyMask' + type: object + BeginTransactionRequest: + description: The request for Datastore.BeginTransaction. type: object properties: - name: + databaseId: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + The ID of the database against which to make the request. + '(default)' is not allowed; please use empty string '' to refer the + default database. type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object + transactionOptions: + description: Options for a new transaction. + $ref: '#/components/schemas/TransactionOptions' + id: BeginTransactionRequest + Aggregation: properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + avg: + $ref: '#/components/schemas/Avg' + description: Average aggregator. + sum: + description: Sum aggregator. + $ref: '#/components/schemas/Sum' + alias: type: string - details: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + Optional. Optional name of the property to store the result of the + aggregation. If not provided, Datastore will pick a default name + following the format `property_`. For example: ``` AGGREGATE + COUNT_UP_TO(1) AS count_up_to_1, COUNT_UP_TO(2), COUNT_UP_TO(3) AS + count_up_to_3, COUNT(*) OVER ( ... ); ``` becomes: ``` AGGREGATE + COUNT_UP_TO(1) AS count_up_to_1, COUNT_UP_TO(2) AS property_1, + COUNT_UP_TO(3) AS count_up_to_3, COUNT(*) AS property_2 OVER ( ... + ); ``` Requires: * Must be unique across all aggregation aliases. * + Conform to entity property name limitations. + count: + description: Count aggregator. + $ref: '#/components/schemas/Count' type: object - properties: {} - GoogleDatastoreAdminV1ExportEntitiesRequest: - id: GoogleDatastoreAdminV1ExportEntitiesRequest - description: The request for google.datastore.admin.v1.DatastoreAdmin.ExportEntities. + id: Aggregation + description: Defines an aggregation that produces a single result. + GoogleLongrunningListOperationsResponse: type: object properties: - labels: - description: Client-assigned labels. - type: object - additionalProperties: - type: string - entityFilter: - description: Description of what data from the project is included in the export. - $ref: '#/components/schemas/GoogleDatastoreAdminV1EntityFilter' - outputUrlPrefix: + operations: + items: + $ref: '#/components/schemas/GoogleLongrunningOperation' + type: array description: >- - Required. Location for the export metadata and data files. The full - resource URL of the external storage location. Currently, only - Google Cloud Storage is supported. So output_url_prefix should be of - the form: `gs://BUCKET_NAME[/NAMESPACE_PATH]`, where `BUCKET_NAME` - is the name of the Cloud Storage bucket and `NAMESPACE_PATH` is an - optional Cloud Storage namespace path (this is not a Cloud Datastore - namespace). For more information about Cloud Storage namespace - paths, see [Object name - considerations](https://cloud.google.com/storage/docs/naming#object-considerations). - The resulting files will be nested deeper than the specified URL - prefix. The final output URL will be provided in the - google.datastore.admin.v1.ExportEntitiesResponse.output_url field. - That value should be used for subsequent ImportEntities operations. - By nesting the data files deeper, the same Cloud Storage bucket can - be used in multiple ExportEntities operations without conflict. + A list of operations that matches the specified filter in the + request. + nextPageToken: type: string - GoogleDatastoreAdminV1EntityFilter: - id: GoogleDatastoreAdminV1EntityFilter - description: >- - Identifies a subset of entities in a project. This is specified as - combinations of kinds and namespaces (either or both of which may be - all, as described in the following examples). Example usage: Entire - project: kinds=[], namespace_ids=[] Kinds Foo and Bar in all namespaces: - kinds=['Foo', 'Bar'], namespace_ids=[] Kinds Foo and Bar only in the - default namespace: kinds=['Foo', 'Bar'], namespace_ids=[''] Kinds Foo - and Bar in both the default and Baz namespaces: kinds=['Foo', 'Bar'], - namespace_ids=['', 'Baz'] The entire Baz namespace: kinds=[], - namespace_ids=['Baz'] - type: object - properties: - kinds: - description: If empty, then this represents all kinds. + description: The standard List next-page token. + unreachable: type: array - items: - type: string - namespaceIds: description: >- - An empty list represents all namespaces. This is the preferred usage - for projects that don't use namespaces. An empty string element - represents the default namespace. This should be used if the project - has data in non-default namespaces, but doesn't want to include - them. Each namespace in this list must be unique. - type: array + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. items: type: string - GoogleDatastoreAdminV1ImportEntitiesRequest: - id: GoogleDatastoreAdminV1ImportEntitiesRequest - description: The request for google.datastore.admin.v1.DatastoreAdmin.ImportEntities. - type: object - properties: - labels: - description: Client-assigned labels. - type: object - additionalProperties: - type: string - inputUrl: - description: >- - Required. The full resource URL of the external storage location. - Currently, only Google Cloud Storage is supported. So input_url - should be of the form: - `gs://BUCKET_NAME[/NAMESPACE_PATH]/OVERALL_EXPORT_METADATA_FILE`, - where `BUCKET_NAME` is the name of the Cloud Storage bucket, - `NAMESPACE_PATH` is an optional Cloud Storage namespace path (this - is not a Cloud Datastore namespace), and - `OVERALL_EXPORT_METADATA_FILE` is the metadata file written by the - ExportEntities operation. For more information about Cloud Storage - namespace paths, see [Object name - considerations](https://cloud.google.com/storage/docs/naming#object-considerations). - For more information, see - google.datastore.admin.v1.ExportEntitiesResponse.output_url. - type: string - entityFilter: - description: >- - Optionally specify which kinds/namespaces are to be imported. If - provided, the list must be a subset of the EntityFilter used in - creating the export, otherwise a FAILED_PRECONDITION error will be - returned. If no filter is specified then all entities from the - export are imported. - $ref: '#/components/schemas/GoogleDatastoreAdminV1EntityFilter' - GoogleDatastoreAdminV1Index: - id: GoogleDatastoreAdminV1Index - description: Datastore composite index definition. - type: object + id: GoogleLongrunningListOperationsResponse + description: The response message for Operations.ListOperations. + PropertyFilter: properties: - projectId: - description: Output only. Project ID. - readOnly: true - type: string - indexId: - description: Output only. The resource ID of the index. - readOnly: true - type: string - kind: - description: Required. The entity kind to which this index applies. - type: string - ancestor: - description: >- - Required. The index's ancestor mode. Must not be - ANCESTOR_MODE_UNSPECIFIED. - type: string - enumDescriptions: - - The ancestor mode is unspecified. - - Do not include the entity's ancestors in the index. - - Include all the entity's ancestors in the index. + value: + description: The value to compare the property to. + $ref: '#/components/schemas/Value' + op: enum: - - ANCESTOR_MODE_UNSPECIFIED - - NONE - - ALL_ANCESTORS - properties: - description: >- - Required. An ordered sequence of property names and their index - attributes. Requires: * A maximum of 100 properties. - type: array - items: - $ref: '#/components/schemas/GoogleDatastoreAdminV1IndexedProperty' - state: - description: Output only. The state of the index. - readOnly: true - type: string + - OPERATOR_UNSPECIFIED + - LESS_THAN + - LESS_THAN_OR_EQUAL + - GREATER_THAN + - GREATER_THAN_OR_EQUAL + - EQUAL + - IN + - NOT_EQUAL + - HAS_ANCESTOR + - NOT_IN enumDescriptions: - - The state is unspecified. + - Unspecified. This value must not be used. - >- - The index is being created, and cannot be used by queries. There - is an active long-running operation for the index. The index is - updated when writing an entity. Some index data may exist. + The given `property` is less than the given `value`. Requires: * + That `property` comes first in `order_by`. - >- - The index is ready to be used. The index is updated when writing - an entity. The index is fully populated from all stored entities - it applies to. + The given `property` is less than or equal to the given `value`. + Requires: * That `property` comes first in `order_by`. - >- - The index is being deleted, and cannot be used by queries. There - is an active long-running operation for the index. The index is - not updated when writing an entity. Some index data may exist. + The given `property` is greater than the given `value`. Requires: + * That `property` comes first in `order_by`. - >- - The index was being created or deleted, but something went wrong. - The index cannot by used by queries. There is no active - long-running operation for the index, and the most recently - finished long-running operation failed. The index is not updated - when writing an entity. Some index data may exist. - enum: - - STATE_UNSPECIFIED - - CREATING - - READY - - DELETING - - ERROR - GoogleDatastoreAdminV1IndexedProperty: - id: GoogleDatastoreAdminV1IndexedProperty - description: A property of an index. + The given `property` is greater than or equal to the given + `value`. Requires: * That `property` comes first in `order_by`. + - The given `property` is equal to the given `value`. + - >- + The given `property` is equal to at least one value in the given + array. Requires: * That `value` is a non-empty `ArrayValue`, + subject to disjunction limits. * No `NOT_IN` is in the same query. + - >- + The given `property` is not equal to the given `value`. Requires: + * No other `NOT_EQUAL` or `NOT_IN` is in the same query. * That + `property` comes first in the `order_by`. + - >- + Limit the result set to the given entity and its descendants. + Requires: * That `value` is an entity key. * All evaluated + disjunctions must have the same `HAS_ANCESTOR` filter. + - >- + The value of the `property` is not in the given array. Requires: * + That `value` is a non-empty `ArrayValue` with at most 10 values. * + No other `OR`, `IN`, `NOT_IN`, `NOT_EQUAL` is in the same query. * + That `field` comes first in the `order_by`. + type: string + description: The operator to filter by. + property: + description: The property to filter by. + $ref: '#/components/schemas/PropertyReference' + id: PropertyFilter + type: object + description: A filter on a specific property. + Filter: type: object + description: A holder for any type of filter. + id: Filter properties: - name: - description: Required. The property name to index. + compositeFilter: + $ref: '#/components/schemas/CompositeFilter' + description: A composite filter. + propertyFilter: + description: A filter on a property. + $ref: '#/components/schemas/PropertyFilter' + PartitionId: + properties: + projectId: + description: The ID of the project to which the entities belong. type: string - direction: - description: >- - Required. The indexed property's direction. Must not be - DIRECTION_UNSPECIFIED. + namespaceId: type: string - enumDescriptions: - - The direction is unspecified. - - >- - The property's values are indexed so as to support sequencing in - ascending order and also query by <, >, <=, >=, and =. - - >- - The property's values are indexed so as to support sequencing in - descending order and also query by <, >, <=, >=, and =. - enum: - - DIRECTION_UNSPECIFIED - - ASCENDING - - DESCENDING - GoogleDatastoreAdminV1ListIndexesResponse: - id: GoogleDatastoreAdminV1ListIndexesResponse - description: The response for google.datastore.admin.v1.DatastoreAdmin.ListIndexes. + description: If not empty, the ID of the namespace to which the entities belong. + databaseId: + type: string + description: If not empty, the ID of the database to which the entities belong. + description: >- + A partition ID identifies a grouping of entities. The grouping is always + by project and namespace, however the namespace ID may be empty. A + partition ID contains several dimensions: project ID and namespace ID. + Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must + have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of + any dimension matches regex `__.*__`, the partition is + reserved/read-only. A reserved/read-only partition ID is forbidden in + certain documented contexts. Foreign partition IDs (in which the project + ID does not match the context project ID ) are discouraged. Reads and + writes of foreign partition IDs may fail if the project is not in an + active state. type: object + id: PartitionId + CompositeFilter: + description: A filter that merges multiple other filters using the given operator. properties: - indexes: - description: The indexes. + filters: type: array items: - $ref: '#/components/schemas/GoogleDatastoreAdminV1Index' - nextPageToken: - description: The standard List next-page token. + $ref: '#/components/schemas/Filter' + description: >- + The list of filters to combine. Requires: * At least one filter is + present. + op: + enumDescriptions: + - Unspecified. This value must not be used. + - The results are required to satisfy each of the combined filters. + - >- + Documents are required to satisfy at least one of the combined + filters. + description: The operator for combining multiple filters. type: string - LookupRequest: - id: LookupRequest - description: The request for Datastore.Lookup. + enum: + - OPERATOR_UNSPECIFIED + - AND + - OR type: object + id: CompositeFilter + ExecutionStats: + type: object + description: Execution statistics for the query. + id: ExecutionStats properties: - databaseId: + resultsReturned: + format: int64 + type: string description: >- - The ID of the database against which to make the request. - '(default)' is not allowed; please use empty string '' to refer the - default database. + Total number of results returned, including documents, projections, + aggregation results, keys. + debugStats: + type: object + description: >- + Debugging statistics from the execution of the query. Note that the + debugging stats are subject to change as Firestore evolves. It could + include: { "indexes_entries_scanned": "1000", "documents_scanned": + "20", "billing_details" : { "documents_billable": "20", + "index_entries_billable": "1000", "min_query_cost": "0" } } + additionalProperties: + description: Properties of the object. + type: any + executionDuration: + description: Total time to execute the query in the backend. type: string - readOptions: - description: The options for this lookup request. - $ref: '#/components/schemas/ReadOptions' - keys: - description: Required. Keys of entities to look up. + format: google-duration + readOperations: + description: Total billable read operations. + format: int64 + type: string + ReserveIdsResponse: + type: object + description: The response for Datastore.ReserveIds. + properties: {} + id: ReserveIdsResponse + ArrayValue: + description: An array value. + type: object + id: ArrayValue + properties: + values: type: array - items: - $ref: '#/components/schemas/Key' - propertyMask: description: >- - The properties to return. Defaults to returning all properties. If - this field is set and an entity has a property not referenced in the - mask, it will be absent from LookupResponse.found.entity.properties. - The entity's key is always returned. - $ref: '#/components/schemas/PropertyMask' - ReadOptions: - id: ReadOptions - description: The options shared by read requests. + Values in the array. The order of values in an array is preserved as + long as all values have identical settings for + 'exclude_from_indexes'. + items: + $ref: '#/components/schemas/Value' + GoogleDatastoreAdminV1IndexOperationMetadata: type: object + id: GoogleDatastoreAdminV1IndexOperationMetadata properties: - readConsistency: - description: The non-transactional read consistency to use. + indexId: + description: The index resource ID that this operation is acting on. type: string - enumDescriptions: - - Unspecified. This value must not be used. - - Strong consistency. - - Eventual consistency. - enum: - - READ_CONSISTENCY_UNSPECIFIED - - STRONG - - EVENTUAL - transaction: - description: >- - The identifier of the transaction in which to read. A transaction - identifier is returned by a call to Datastore.BeginTransaction. - type: string - format: byte - newTransaction: - description: >- - Options for beginning a new transaction for this request. The new - transaction identifier will be returned in the corresponding - response as either LookupResponse.transaction or - RunQueryResponse.transaction. - $ref: '#/components/schemas/TransactionOptions' - readTime: + common: + description: Metadata common to all Datastore Admin operations. + $ref: '#/components/schemas/GoogleDatastoreAdminV1CommonMetadata' + progressEntities: + $ref: '#/components/schemas/GoogleDatastoreAdminV1Progress' + description: An estimate of the number of entities processed. + description: Metadata for Index operations. + GoogleDatastoreAdminV1beta1ImportEntitiesMetadata: + properties: + progressEntities: + $ref: '#/components/schemas/GoogleDatastoreAdminV1beta1Progress' + description: An estimate of the number of entities processed. + common: + $ref: '#/components/schemas/GoogleDatastoreAdminV1beta1CommonMetadata' + description: Metadata common to all Datastore Admin operations. + inputUrl: description: >- - Reads entities as they were at the given time. This value is only - supported for Cloud Firestore in Datastore mode. This must be a - microsecond precision timestamp within the past one hour, or if - Point-in-Time Recovery is enabled, can additionally be a whole - minute timestamp within the past 7 days. + The location of the import metadata file. This will be the same + value as the + google.datastore.admin.v1beta1.ExportEntitiesResponse.output_url + field. type: string - format: google-datetime - TransactionOptions: - id: TransactionOptions - description: >- - Options for beginning a new transaction. Transactions can be created - explicitly with calls to Datastore.BeginTransaction or implicitly by - setting ReadOptions.new_transaction in read requests. + progressBytes: + description: An estimate of the number of bytes processed. + $ref: '#/components/schemas/GoogleDatastoreAdminV1beta1Progress' + entityFilter: + $ref: '#/components/schemas/GoogleDatastoreAdminV1beta1EntityFilter' + description: Description of which entities are being imported. type: object + description: Metadata for ImportEntities operations. + id: GoogleDatastoreAdminV1beta1ImportEntitiesMetadata + ExplainMetrics: + description: Explain metrics for the query. properties: - readWrite: - description: The transaction should allow both reads and writes. - $ref: '#/components/schemas/ReadWrite' - readOnly: - description: The transaction should only allow reads. - $ref: '#/components/schemas/ReadOnly' - ReadWrite: - id: ReadWrite - description: Options specific to read / write transactions. + executionStats: + $ref: '#/components/schemas/ExecutionStats' + description: >- + Aggregated stats from the execution of the query. Only present when + ExplainOptions.analyze is set to true. + planSummary: + description: Planning phase information for the query. + $ref: '#/components/schemas/PlanSummary' type: object + id: ExplainMetrics + GoogleDatastoreAdminV1RedirectWritesStepDetails: properties: - previousTransaction: - description: The transaction identifier of the transaction being retried. + concurrencyMode: + description: The concurrency mode for this database. + enum: + - CONCURRENCY_MODE_UNSPECIFIED + - PESSIMISTIC + - OPTIMISTIC + - OPTIMISTIC_WITH_ENTITY_GROUPS type: string - format: byte - ReadOnly: - id: ReadOnly - description: Options specific to read-only transactions. + enumDescriptions: + - Unspecified. + - Pessimistic concurrency. + - Optimistic concurrency. + - Optimistic concurrency with entity groups. + description: Details for the `REDIRECT_WRITES` step. type: object + id: GoogleDatastoreAdminV1RedirectWritesStepDetails + QueryResultBatch: + id: QueryResultBatch properties: - readTime: - description: >- - Reads entities at the given time. This must be a microsecond - precision timestamp within the past one hour, or if Point-in-Time - Recovery is enabled, can additionally be a whole minute timestamp - within the past 7 days. + entityResultType: + description: The result type for every entity in `entity_results`. + enumDescriptions: + - Unspecified. This value is never used. + - The key and properties. + - A projected subset of properties. The entity may have no key. + - Only the key. + type: string + enum: + - RESULT_TYPE_UNSPECIFIED + - FULL + - PROJECTION + - KEY_ONLY + skippedResults: + format: int32 + description: The number of results skipped, typically because of an offset. + type: integer + skippedCursor: + format: byte type: string - format: google-datetime - Key: - id: Key - description: >- - A unique identifier for an entity. If a key's partition ID or any of its - path kinds or names are reserved/read-only, the key is - reserved/read-only. A reserved/read-only key is forbidden in certain - documented contexts. - type: object - properties: - partitionId: description: >- - Entities are partitioned into subsets, currently identified by a - project ID and namespace ID. Queries are scoped to a single - partition. - $ref: '#/components/schemas/PartitionId' - path: + A cursor that points to the position after the last skipped result. + Will be set when `skipped_results` != 0. + endCursor: + type: string + format: byte description: >- - The entity path. An entity path consists of one or more elements - composed of a kind and a string or numerical identifier, which - identify entities. The first element identifies a _root entity_, the - second element identifies a _child_ of the root entity, the third - element identifies a child of the second entity, and so forth. The - entities identified by all prefixes of the path are called the - element's _ancestors_. An entity path is always fully complete: - *all* of the entity's ancestors are required to be in the path along - with the entity identifier itself. The only exception is that in - some documented cases, the identifier in the last path element (for - the entity) itself may be omitted. For example, the last path - element of the key of `Mutation.insert` may have no identifier. A - path can never be empty, and a path can have at most 100 elements. - type: array + A cursor that points to the position after the last result in the + batch. + entityResults: items: - $ref: '#/components/schemas/PathElement' - PartitionId: - id: PartitionId - description: >- - A partition ID identifies a grouping of entities. The grouping is always - by project and namespace, however the namespace ID may be empty. A - partition ID contains several dimensions: project ID and namespace ID. - Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must - have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of - any dimension matches regex `__.*__`, the partition is - reserved/read-only. A reserved/read-only partition ID is forbidden in - certain documented contexts. Foreign partition IDs (in which the project - ID does not match the context project ID ) are discouraged. Reads and - writes of foreign partition IDs may fail if the project is not in an - active state. - type: object - properties: - projectId: - description: The ID of the project to which the entities belong. + $ref: '#/components/schemas/EntityResult' + type: array + description: The results for this batch. + snapshotVersion: + format: int64 type: string - databaseId: - description: If not empty, the ID of the database to which the entities belong. + description: >- + The version number of the snapshot this batch was returned from. + This applies to the range of results from the query's `start_cursor` + (or the beginning of the query if no cursor was given) to this + batch's `end_cursor` (not the query's `end_cursor`). In a single + transaction, subsequent query result batches for the same query can + have a greater snapshot version number. Each batch's snapshot + version is valid for all preceding batches. The value will be zero + for eventually consistent queries. + moreResults: + enumDescriptions: + - Unspecified. This value is never used. + - There may be additional batches to fetch from this query. + - >- + The query is finished, but there may be more results after the + limit. + - >- + The query is finished, but there may be more results after the end + cursor. + - The query is finished, and there are no more results. + description: The state of the query after the current batch. + enum: + - MORE_RESULTS_TYPE_UNSPECIFIED + - NOT_FINISHED + - MORE_RESULTS_AFTER_LIMIT + - MORE_RESULTS_AFTER_CURSOR + - NO_MORE_RESULTS type: string - namespaceId: - description: If not empty, the ID of the namespace to which the entities belong. + readTime: + description: >- + Read timestamp this batch was returned from. This applies to the + range of results from the query's `start_cursor` (or the beginning + of the query if no cursor was given) to this batch's `end_cursor` + (not the query's `end_cursor`). In a single transaction, subsequent + query result batches for the same query can have a greater + timestamp. Each batch's read timestamp is valid for all preceding + batches. This value will not be set for eventually consistent + queries in Cloud Datastore. type: string - PathElement: - id: PathElement - description: >- - A (kind, ID/name) pair used to construct a key path. If either name or - ID is set, the element is complete. If neither is set, the element is - incomplete. + format: google-datetime + description: A batch of results produced by a query. type: object + Value: properties: - kind: - description: >- - The kind of the entity. A kind matching regex `__.*__` is - reserved/read-only. A kind must not contain more than 1500 bytes - when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. - Legacy values that are not valid UTF-8 are encoded as `__bytes__` - where `` is the base-64 encoding of the bytes. + integerValue: + description: An integer value. + format: int64 type: string - id: + geoPointValue: + description: A geo point value representing a point on the surface of Earth. + $ref: '#/components/schemas/LatLng' + entityValue: + $ref: '#/components/schemas/Entity' description: >- - The auto-allocated ID of the entity. Never equal to zero. Values - less than zero are discouraged and may not be supported in the - future. - type: string - format: int64 - name: + An entity value. - May have no key. - May have a key with an + incomplete key path. - May have a reserved/read-only key. + booleanValue: + description: A boolean value. + type: boolean + excludeFromIndexes: description: >- - The name of the entity. A name matching regex `__.*__` is - reserved/read-only. A name must not be more than 1500 bytes when - UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy - values that are not valid UTF-8 are encoded as `__bytes__` where `` - is the base-64 encoding of the bytes. + If the value should be excluded from all indexes including those + defined explicitly. + type: boolean + nullValue: type: string - PropertyMask: - id: PropertyMask - description: >- - The set of arbitrarily nested property paths used to restrict an - operation to only a subset of properties in an entity. - type: object - properties: - paths: - description: >- - The paths to the properties covered by this mask. A path is a list - of property names separated by dots (`.`), for example `foo.bar` - means the property `bar` inside the entity property `foo` inside the - entity associated with this path. If a property name contains a dot - `.` or a backslash `\`, then that name must be escaped. A path must - not be empty, and may not reference a value inside an array value. - type: array - items: - type: string - LookupResponse: - id: LookupResponse - description: The response for Datastore.Lookup. - type: object - properties: - found: - description: >- - Entities found as `ResultType.FULL` entities. The order of results - in this field is undefined and has no relation to the order of the - keys in the input. - type: array - items: - $ref: '#/components/schemas/EntityResult' - missing: + enum: + - NULL_VALUE + description: A null value. + enumDescriptions: + - Null value. + meaning: + type: integer + format: int32 description: >- - Entities not found as `ResultType.KEY_ONLY` entities. The order of - results in this field is undefined and has no relation to the order - of the keys in the input. - type: array - items: - $ref: '#/components/schemas/EntityResult' - deferred: + The `meaning` field should only be populated for backwards + compatibility. + keyValue: + $ref: '#/components/schemas/Key' + description: A key value. + arrayValue: + $ref: '#/components/schemas/ArrayValue' description: >- - A list of keys that were not looked up due to resource constraints. - The order of results in this field is undefined and has no relation - to the order of the keys in the input. - type: array - items: - $ref: '#/components/schemas/Key' - transaction: + An array value. Cannot contain another array value. A `Value` + instance that sets field `array_value` must not set fields `meaning` + or `exclude_from_indexes`. + doubleValue: + type: number + format: double + description: A double value. + stringValue: description: >- - The identifier of the transaction that was started as part of this - Lookup request. Set only when ReadOptions.new_transaction was set in - LookupRequest.read_options. - type: string - format: byte - readTime: - description: The time at which these entities were read or found missing. + A UTF-8 encoded string value. When `exclude_from_indexes` is false + (it is indexed) , may have at most 1500 bytes. Otherwise, may be set + to at most 1,000,000 bytes. type: string - format: google-datetime - EntityResult: - id: EntityResult - description: The result of fetching an entity from Datastore. - type: object - properties: - entity: - description: The resulting entity. - $ref: '#/components/schemas/Entity' - version: - description: >- - The version of the entity, a strictly positive number that - monotonically increases with changes to the entity. This field is - set for `FULL` entity results. For missing entities in - `LookupResponse`, this is the version of the snapshot that was used - to look up the entity, and it is always set except for eventually - consistent reads. + timestampValue: type: string - format: int64 - createTime: description: >- - The time at which the entity was created. This field is set for - `FULL` entity results. If this entity is missing, this field will - not be set. - type: string + A timestamp value. When stored in the Datastore, precise only to + microseconds; any additional precision is rounded down. format: google-datetime - updateTime: - description: >- - The time at which the entity was last changed. This field is set for - `FULL` entity results. If this entity is missing, this field will - not be set. + blobValue: type: string - format: google-datetime - cursor: description: >- - A cursor that points to the position after the result entity. Set - only when the `EntityResult` is part of a `QueryResultBatch` - message. - type: string + A blob value. May have at most 1,000,000 bytes. When + `exclude_from_indexes` is false, may have at most 1500 bytes. In + JSON requests, must be base64-encoded. format: byte - Entity: - id: Entity - description: A Datastore data object. Must not exceed 1 MiB - 4 bytes. - type: object - properties: - key: - description: >- - The entity's key. An entity must have a key, unless otherwise - documented (for example, an entity in `Value.entity_value` may have - no key). An entity's kind is its key path's last element's kind, or - null if it has no key. - $ref: '#/components/schemas/Key' - properties: - description: >- - The entity's properties. The map's keys are property names. A - property name matching regex `__.*__` is reserved. A reserved - property name is forbidden in certain documented contexts. The map - keys, represented as UTF-8, must not exceed 1,500 bytes and cannot - be empty. - type: object - additionalProperties: - $ref: '#/components/schemas/Value' - Value: id: Value + type: object description: >- A message that can hold any of the supported value types and associated metadata. + GoogleDatastoreAdminV1MigrationStateEvent: + description: >- + An event signifying a change in state of a [migration from Cloud + Datastore to Cloud Firestore in Datastore + mode](https://cloud.google.com/datastore/docs/upgrade-to-firestore). type: object + id: GoogleDatastoreAdminV1MigrationStateEvent properties: - nullValue: - description: A null value. + state: + description: The new state of the migration. type: string enumDescriptions: - - Null value. + - Unspecified. + - The migration is running. + - The migration is paused. + - The migration is complete. enum: - - NULL_VALUE - booleanValue: - description: A boolean value. - type: boolean - integerValue: - description: An integer value. + - MIGRATION_STATE_UNSPECIFIED + - RUNNING + - PAUSED + - COMPLETE + TransactionOptions: + description: >- + Options for beginning a new transaction. Transactions can be created + explicitly with calls to Datastore.BeginTransaction or implicitly by + setting ReadOptions.new_transaction in read requests. + id: TransactionOptions + type: object + properties: + readOnly: + description: The transaction should only allow reads. + $ref: '#/components/schemas/ReadOnly' + readWrite: + $ref: '#/components/schemas/ReadWrite' + description: The transaction should allow both reads and writes. + PropertyOrder: + type: object + description: The desired order for a specific property. + properties: + property: + description: The property to order by. + $ref: '#/components/schemas/PropertyReference' + direction: type: string - format: int64 - doubleValue: - description: A double value. - type: number - format: double - timestampValue: + enumDescriptions: + - Unspecified. This value must not be used. + - Ascending. + - Descending. + description: The direction to order by. Defaults to `ASCENDING`. + enum: + - DIRECTION_UNSPECIFIED + - ASCENDING + - DESCENDING + id: PropertyOrder + RunAggregationQueryRequest: + id: RunAggregationQueryRequest + description: The request for Datastore.RunAggregationQuery. + type: object + properties: + databaseId: description: >- - A timestamp value. When stored in the Datastore, precise only to - microseconds; any additional precision is rounded down. + The ID of the database against which to make the request. + '(default)' is not allowed; please use empty string '' to refer the + default database. type: string - format: google-datetime - keyValue: - description: A key value. - $ref: '#/components/schemas/Key' - stringValue: + aggregationQuery: + $ref: '#/components/schemas/AggregationQuery' + description: The query to run. + readOptions: + description: The options for this query. + $ref: '#/components/schemas/ReadOptions' + explainOptions: description: >- - A UTF-8 encoded string value. When `exclude_from_indexes` is false - (it is indexed) , may have at most 1500 bytes. Otherwise, may be set - to at most 1,000,000 bytes. - type: string - blobValue: + Optional. Explain options for the query. If set, additional query + statistics will be returned. If not, only query results will be + returned. + $ref: '#/components/schemas/ExplainOptions' + gqlQuery: + description: The GQL query to run. This query must be an aggregation query. + $ref: '#/components/schemas/GqlQuery' + partitionId: description: >- - A blob value. May have at most 1,000,000 bytes. When - `exclude_from_indexes` is false, may have at most 1500 bytes. In - JSON requests, must be base64-encoded. + Entities are partitioned into subsets, identified by a partition ID. + Queries are scoped to a single partition. This partition ID is + normalized with the standard default context partition ID. + $ref: '#/components/schemas/PartitionId' + GoogleDatastoreAdminV1DatastoreFirestoreMigrationMetadata: + id: GoogleDatastoreAdminV1DatastoreFirestoreMigrationMetadata + description: >- + Metadata for Datastore to Firestore migration operations. The + DatastoreFirestoreMigration operation is not started by the end-user via + an explicit "creation" method. This is an intentional deviation from the + LRO design pattern. This singleton resource can be accessed at: + "projects/{project_id}/operations/datastore-firestore-migration" + type: object + properties: + migrationStep: + description: >- + The current step of migration from Cloud Datastore to Cloud + Firestore in Datastore mode. type: string - format: byte - geoPointValue: - description: A geo point value representing a point on the surface of Earth. - $ref: '#/components/schemas/LatLng' - entityValue: + enumDescriptions: + - Unspecified. + - 'Pre-migration: the database is prepared for migration.' + - Start of migration. + - Writes are applied synchronously to at least one replica. + - >- + Data is copied to Cloud Firestore and then verified to match the + data in Cloud Datastore. + - Eventually-consistent reads are redirected to Cloud Firestore. + - Strongly-consistent reads are redirected to Cloud Firestore. + - Writes are redirected to Cloud Firestore. + enum: + - MIGRATION_STEP_UNSPECIFIED + - PREPARE + - START + - APPLY_WRITES_SYNCHRONOUSLY + - COPY_AND_VERIFY + - REDIRECT_EVENTUALLY_CONSISTENT_READS + - REDIRECT_STRONGLY_CONSISTENT_READS + - REDIRECT_WRITES + migrationState: + enum: + - MIGRATION_STATE_UNSPECIFIED + - RUNNING + - PAUSED + - COMPLETE description: >- - An entity value. - May have no key. - May have a key with an - incomplete key path. - May have a reserved/read-only key. - $ref: '#/components/schemas/Entity' - arrayValue: + The current state of migration from Cloud Datastore to Cloud + Firestore in Datastore mode. + enumDescriptions: + - Unspecified. + - The migration is running. + - The migration is paused. + - The migration is complete. + type: string + GoogleLongrunningOperation: + properties: + error: + $ref: '#/components/schemas/Status' description: >- - An array value. Cannot contain another array value. A `Value` - instance that sets field `array_value` must not set fields `meaning` - or `exclude_from_indexes`. - $ref: '#/components/schemas/ArrayValue' - meaning: + The error result of the operation in case of failure or + cancellation. + response: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object description: >- - The `meaning` field should only be populated for backwards - compatibility. - type: integer - format: int32 - excludeFromIndexes: + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + name: + type: string description: >- - If the value should be excluded from all indexes including those - defined explicitly. + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. type: boolean - LatLng: - id: LatLng + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + type: object description: >- - An object that represents a latitude/longitude pair. This is expressed - as a pair of doubles to represent degrees latitude and degrees - longitude. Unless specified otherwise, this object must conform to the - WGS84 standard. Values must be within normalized ranges. + This resource represents a long-running operation that is the result of + a network API call. + id: GoogleLongrunningOperation + GoogleDatastoreAdminV1beta1Progress: + description: Measures the progress of a particular metric. type: object + id: GoogleDatastoreAdminV1beta1Progress properties: - latitude: - description: The latitude in degrees. It must be in the range [-90.0, +90.0]. - type: number - format: double - longitude: - description: The longitude in degrees. It must be in the range [-180.0, +180.0]. - type: number - format: double - ArrayValue: - id: ArrayValue - description: An array value. - type: object + workEstimated: + type: string + description: >- + An estimate of how much work needs to be performed. May be zero if + the work estimate is unavailable. + format: int64 + workCompleted: + type: string + format: int64 + description: >- + The amount of work that has been completed. Note that this may be + greater than work_estimated. + GoogleDatastoreAdminV1beta1ExportEntitiesMetadata: properties: - values: + outputUrlPrefix: + type: string description: >- - Values in the array. The order of values in an array is preserved as - long as all values have identical settings for - 'exclude_from_indexes'. - type: array - items: - $ref: '#/components/schemas/Value' - RunQueryRequest: - id: RunQueryRequest - description: The request for Datastore.RunQuery. + Location for the export metadata and data files. This will be the + same value as the + google.datastore.admin.v1beta1.ExportEntitiesRequest.output_url_prefix + field. The final output location is provided in + google.datastore.admin.v1beta1.ExportEntitiesResponse.output_url. + entityFilter: + description: Description of which entities are being exported. + $ref: '#/components/schemas/GoogleDatastoreAdminV1beta1EntityFilter' + common: + $ref: '#/components/schemas/GoogleDatastoreAdminV1beta1CommonMetadata' + description: Metadata common to all Datastore Admin operations. + progressEntities: + $ref: '#/components/schemas/GoogleDatastoreAdminV1beta1Progress' + description: An estimate of the number of entities processed. + progressBytes: + description: An estimate of the number of bytes processed. + $ref: '#/components/schemas/GoogleDatastoreAdminV1beta1Progress' + description: Metadata for ExportEntities operations. + id: GoogleDatastoreAdminV1beta1ExportEntitiesMetadata type: object + AllocateIdsRequest: + id: AllocateIdsRequest properties: + keys: + items: + $ref: '#/components/schemas/Key' + type: array + description: >- + Required. A list of keys with incomplete key paths for which to + allocate IDs. No key may be reserved/read-only. databaseId: description: >- The ID of the database against which to make the request. '(default)' is not allowed; please use empty string '' to refer the default database. type: string - partitionId: - description: >- - Entities are partitioned into subsets, identified by a partition ID. - Queries are scoped to a single partition. This partition ID is - normalized with the standard default context partition ID. - $ref: '#/components/schemas/PartitionId' - readOptions: - description: The options for this query. - $ref: '#/components/schemas/ReadOptions' - query: - description: The query to run. - $ref: '#/components/schemas/Query' - gqlQuery: - description: The GQL query to run. This query must be a non-aggregation query. - $ref: '#/components/schemas/GqlQuery' - propertyMask: - description: >- - The properties to return. This field must not be set for a - projection query. See LookupRequest.property_mask. - $ref: '#/components/schemas/PropertyMask' - explainOptions: + type: object + description: The request for Datastore.AllocateIds. + ExplainOptions: + id: ExplainOptions + type: object + properties: + analyze: description: >- - Optional. Explain options for the query. If set, additional query - statistics will be returned. If not, only query results will be - returned. - $ref: '#/components/schemas/ExplainOptions' - Query: - id: Query - description: >- - A query for entities. The query stages are executed in the following - order: 1. kind 2. filter 3. projection 4. order + start_cursor + - end_cursor 5. offset 6. limit 7. find_nearest + Optional. Whether to execute this query. When false (the default), + the query will be planned, returning only metrics from the planning + stages. When true, the query will be planned and executed, returning + the full query results along with both planning and execution stage + metrics. + type: boolean + description: Explain options for the query. + AggregationQuery: type: object + description: Datastore query for running an aggregation over a Query. properties: - projection: - description: The projection to return. Defaults to returning all properties. + nestedQuery: + description: Nested query for aggregation + $ref: '#/components/schemas/Query' + aggregations: type: array - items: - $ref: '#/components/schemas/Projection' - kind: - description: >- - The kinds to query (if empty, returns entities of all kinds). - Currently at most 1 kind may be specified. - type: array - items: - $ref: '#/components/schemas/KindExpression' - filter: - description: The filter to apply. - $ref: '#/components/schemas/Filter' - order: - description: >- - The order to apply to the query results (if empty, order is - unspecified). - type: array - items: - $ref: '#/components/schemas/PropertyOrder' - distinctOn: - description: >- - The properties to make distinct. The query results will contain the - first result for each distinct combination of values for the given - properties (if empty, all results are returned). Requires: * If - `order` is specified, the set of distinct on properties must appear - before the non-distinct on properties in `order`. - type: array - items: - $ref: '#/components/schemas/PropertyReference' - startCursor: - description: >- - A starting point for the query results. Query cursors are returned - in query result batches and [can only be used to continue the same - query](https://cloud.google.com/datastore/docs/concepts/queries#cursors_limits_and_offsets). - type: string - format: byte - endCursor: - description: >- - An ending point for the query results. Query cursors are returned in - query result batches and [can only be used to limit the same - query](https://cloud.google.com/datastore/docs/concepts/queries#cursors_limits_and_offsets). - type: string - format: byte - offset: - description: >- - The number of results to skip. Applies before limit, but after all - other constraints. Optional. Must be >= 0 if specified. - type: integer - format: int32 - limit: - description: >- - The maximum number of results to return. Applies after all other - constraints. Optional. Unspecified is interpreted as no limit. Must - be >= 0 if specified. - type: integer - format: int32 - findNearest: - description: >- - Optional. A potential Nearest Neighbors Search. Applies after all - other filters and ordering. Finds the closest vector embeddings to - the given query vector. - $ref: '#/components/schemas/FindNearest' - Projection: - id: Projection - description: A representation of a property in a projection. - type: object - properties: - property: - description: The property to project. - $ref: '#/components/schemas/PropertyReference' - PropertyReference: - id: PropertyReference - description: A reference to a property relative to the kind expressions. - type: object - properties: - name: - description: >- - A reference to a property. Requires: * MUST be a dot-delimited (`.`) - string of segments, where each segment conforms to entity property - name limitations. - type: string - KindExpression: - id: KindExpression - description: A representation of a kind. - type: object - properties: - name: - description: The name of the kind. - type: string - Filter: - id: Filter - description: A holder for any type of filter. - type: object - properties: - compositeFilter: - description: A composite filter. - $ref: '#/components/schemas/CompositeFilter' - propertyFilter: - description: A filter on a property. - $ref: '#/components/schemas/PropertyFilter' - CompositeFilter: - id: CompositeFilter - description: A filter that merges multiple other filters using the given operator. - type: object - properties: - op: - description: The operator for combining multiple filters. - type: string - enumDescriptions: - - Unspecified. This value must not be used. - - The results are required to satisfy each of the combined filters. - - >- - Documents are required to satisfy at least one of the combined - filters. - enum: - - OPERATOR_UNSPECIFIED - - AND - - OR - filters: description: >- - The list of filters to combine. Requires: * At least one filter is - present. - type: array + Optional. Series of aggregations to apply over the results of the + `nested_query`. Requires: * A minimum of one and maximum of five + aggregations per query. items: - $ref: '#/components/schemas/Filter' - PropertyFilter: - id: PropertyFilter - description: A filter on a specific property. - type: object - properties: - property: - description: The property to filter by. - $ref: '#/components/schemas/PropertyReference' - op: - description: The operator to filter by. - type: string - enumDescriptions: - - Unspecified. This value must not be used. - - >- - The given `property` is less than the given `value`. Requires: * - That `property` comes first in `order_by`. - - >- - The given `property` is less than or equal to the given `value`. - Requires: * That `property` comes first in `order_by`. - - >- - The given `property` is greater than the given `value`. Requires: - * That `property` comes first in `order_by`. - - >- - The given `property` is greater than or equal to the given - `value`. Requires: * That `property` comes first in `order_by`. - - The given `property` is equal to the given `value`. - - >- - The given `property` is equal to at least one value in the given - array. Requires: * That `value` is a non-empty `ArrayValue`, - subject to disjunction limits. * No `NOT_IN` is in the same query. - - >- - The given `property` is not equal to the given `value`. Requires: - * No other `NOT_EQUAL` or `NOT_IN` is in the same query. * That - `property` comes first in the `order_by`. - - >- - Limit the result set to the given entity and its descendants. - Requires: * That `value` is an entity key. * All evaluated - disjunctions must have the same `HAS_ANCESTOR` filter. - - >- - The value of the `property` is not in the given array. Requires: * - That `value` is a non-empty `ArrayValue` with at most 10 values. * - No other `OR`, `IN`, `NOT_IN`, `NOT_EQUAL` is in the same query. * - That `field` comes first in the `order_by`. - enum: - - OPERATOR_UNSPECIFIED - - LESS_THAN - - LESS_THAN_OR_EQUAL - - GREATER_THAN - - GREATER_THAN_OR_EQUAL - - EQUAL - - IN - - NOT_EQUAL - - HAS_ANCESTOR - - NOT_IN - value: - description: The value to compare the property to. - $ref: '#/components/schemas/Value' - PropertyOrder: - id: PropertyOrder - description: The desired order for a specific property. - type: object - properties: - property: - description: The property to order by. - $ref: '#/components/schemas/PropertyReference' - direction: - description: The direction to order by. Defaults to `ASCENDING`. - type: string - enumDescriptions: - - Unspecified. This value must not be used. - - Ascending. - - Descending. - enum: - - DIRECTION_UNSPECIFIED - - ASCENDING - - DESCENDING + $ref: '#/components/schemas/Aggregation' + id: AggregationQuery FindNearest: - id: FindNearest - description: >- - Nearest Neighbors search config. The ordering provided by FindNearest - supersedes the order_by stage. If multiple documents have the same - vector distance, the returned document order is not guaranteed to be - stable between queries. type: object properties: vectorProperty: @@ -1021,8 +806,11 @@ components: vector of no more than 2048 dimensions. $ref: '#/components/schemas/Value' distanceMeasure: - description: Required. The Distance Measure to use, required. - type: string + enum: + - DISTANCE_MEASURE_UNSPECIFIED + - EUCLIDEAN + - COSINE + - DOT_PRODUCT enumDescriptions: - Should not be set. - >- @@ -1045,23 +833,20 @@ components: See [Dot Product](https://en.wikipedia.org/wiki/Dot_product) to learn more. The resulting distance increases the more similar two vectors are. - enum: - - DISTANCE_MEASURE_UNSPECIFIED - - EUCLIDEAN - - COSINE - - DOT_PRODUCT + description: Required. The Distance Measure to use, required. + type: string limit: + format: int32 description: >- Required. The number of nearest neighbors to return. Must be a positive integer of no more than 100. type: integer - format: int32 distanceResultProperty: + type: string description: >- Optional. Optional name of the field to output the result of the vector distance calculation. Must conform to entity property limitations. - type: string distanceThreshold: description: >- Optional. Option to specify a threshold for which no less similar @@ -1073,406 +858,300 @@ components: distance >= distance_threshold type: number format: double - GqlQuery: - id: GqlQuery description: >- - A [GQL - query](https://cloud.google.com/datastore/docs/apis/gql/gql_reference). + Nearest Neighbors search config. The ordering provided by FindNearest + supersedes the order_by stage. If multiple documents have the same + vector distance, the returned document order is not guaranteed to be + stable between queries. + id: FindNearest + GoogleDatastoreAdminV1MigrationProgressEvent: type: object + description: >- + An event signifying the start of a new step in a [migration from Cloud + Datastore to Cloud Firestore in Datastore + mode](https://cloud.google.com/datastore/docs/upgrade-to-firestore). + id: GoogleDatastoreAdminV1MigrationProgressEvent properties: - queryString: - description: >- - A string of the format described - [here](https://cloud.google.com/datastore/docs/apis/gql/gql_reference). + prepareStepDetails: + $ref: '#/components/schemas/GoogleDatastoreAdminV1PrepareStepDetails' + description: Details for the `PREPARE` step. + step: type: string - allowLiterals: - description: >- - When false, the query string must not contain any literals and - instead must bind all values. For example, `SELECT * FROM Kind WHERE - a = 'string literal'` is not allowed, while `SELECT * FROM Kind - WHERE a = @value` is. - type: boolean - namedBindings: - description: >- - For each non-reserved named binding site in the query string, there - must be a named parameter with that name, but not necessarily the - inverse. Key must match regex `A-Za-z_$*`, must not match regex - `__.*__`, and must not be `""`. - type: object - additionalProperties: - $ref: '#/components/schemas/GqlQueryParameter' - positionalBindings: - description: >- - Numbered binding site @1 references the first numbered parameter, - effectively using 1-based indexing, rather than the usual 0. For - each binding site numbered i in `query_string`, there must be an - i-th numbered parameter. The inverse must also be true. - type: array - items: - $ref: '#/components/schemas/GqlQueryParameter' - GqlQueryParameter: - id: GqlQueryParameter - description: A binding parameter for a GQL query. - type: object - properties: - value: - description: A value parameter. - $ref: '#/components/schemas/Value' - cursor: - description: A query cursor. Query cursors are returned in query result batches. - type: string - format: byte - ExplainOptions: - id: ExplainOptions - description: Explain options for the query. - type: object - properties: - analyze: + enum: + - MIGRATION_STEP_UNSPECIFIED + - PREPARE + - START + - APPLY_WRITES_SYNCHRONOUSLY + - COPY_AND_VERIFY + - REDIRECT_EVENTUALLY_CONSISTENT_READS + - REDIRECT_STRONGLY_CONSISTENT_READS + - REDIRECT_WRITES + enumDescriptions: + - Unspecified. + - 'Pre-migration: the database is prepared for migration.' + - Start of migration. + - Writes are applied synchronously to at least one replica. + - >- + Data is copied to Cloud Firestore and then verified to match the + data in Cloud Datastore. + - Eventually-consistent reads are redirected to Cloud Firestore. + - Strongly-consistent reads are redirected to Cloud Firestore. + - Writes are redirected to Cloud Firestore. description: >- - Optional. Whether to execute this query. When false (the default), - the query will be planned, returning only metrics from the planning - stages. When true, the query will be planned and executed, returning - the full query results along with both planning and execution stage - metrics. - type: boolean - RunQueryResponse: - id: RunQueryResponse - description: The response for Datastore.RunQuery. - type: object + The step that is starting. An event with step set to `START` + indicates that the migration has been reverted back to the initial + pre-migration state. + redirectWritesStepDetails: + $ref: '#/components/schemas/GoogleDatastoreAdminV1RedirectWritesStepDetails' + description: Details for the `REDIRECT_WRITES` step. + RunAggregationQueryResponse: properties: - batch: - description: >- - A batch of query results. This is always present unless running a - query under explain-only mode: RunQueryRequest.explain_options was - provided and ExplainOptions.analyze was set to false. - $ref: '#/components/schemas/QueryResultBatch' query: + $ref: '#/components/schemas/AggregationQuery' description: The parsed form of the `GqlQuery` from the request, if it was set. - $ref: '#/components/schemas/Query' transaction: description: >- The identifier of the transaction that was started as part of this - RunQuery request. Set only when ReadOptions.new_transaction was set - in RunQueryRequest.read_options. - type: string + RunAggregationQuery request. Set only when + ReadOptions.new_transaction was set in + RunAggregationQueryRequest.read_options. format: byte + type: string + batch: + description: A batch of aggregation results. Always present. + $ref: '#/components/schemas/AggregationResultBatch' explainMetrics: description: >- Query explain metrics. This is only present when the - RunQueryRequest.explain_options is provided, and it is sent only - once with the last response in the stream. + RunAggregationQueryRequest.explain_options is provided, and it is + sent only once with the last response in the stream. $ref: '#/components/schemas/ExplainMetrics' - QueryResultBatch: - id: QueryResultBatch - description: A batch of results produced by a query. + description: The response for Datastore.RunAggregationQuery. type: object + id: RunAggregationQueryResponse + Avg: properties: - skippedResults: - description: The number of results skipped, typically because of an offset. - type: integer - format: int32 - skippedCursor: - description: >- - A cursor that points to the position after the last skipped result. - Will be set when `skipped_results` != 0. - type: string - format: byte - entityResultType: - description: The result type for every entity in `entity_results`. - type: string - enumDescriptions: - - Unspecified. This value is never used. - - The key and properties. - - A projected subset of properties. The entity may have no key. - - Only the key. - enum: - - RESULT_TYPE_UNSPECIFIED - - FULL - - PROJECTION - - KEY_ONLY - entityResults: - description: The results for this batch. - type: array - items: - $ref: '#/components/schemas/EntityResult' - endCursor: - description: >- - A cursor that points to the position after the last result in the - batch. - type: string - format: byte - moreResults: - description: The state of the query after the current batch. - type: string - enumDescriptions: - - Unspecified. This value is never used. - - There may be additional batches to fetch from this query. - - >- - The query is finished, but there may be more results after the - limit. - - >- - The query is finished, but there may be more results after the end - cursor. - - The query is finished, and there are no more results. - enum: - - MORE_RESULTS_TYPE_UNSPECIFIED - - NOT_FINISHED - - MORE_RESULTS_AFTER_LIMIT - - MORE_RESULTS_AFTER_CURSOR - - NO_MORE_RESULTS - snapshotVersion: - description: >- - The version number of the snapshot this batch was returned from. - This applies to the range of results from the query's `start_cursor` - (or the beginning of the query if no cursor was given) to this - batch's `end_cursor` (not the query's `end_cursor`). In a single - transaction, subsequent query result batches for the same query can - have a greater snapshot version number. Each batch's snapshot - version is valid for all preceding batches. The value will be zero - for eventually consistent queries. - type: string - format: int64 - readTime: - description: >- - Read timestamp this batch was returned from. This applies to the - range of results from the query's `start_cursor` (or the beginning - of the query if no cursor was given) to this batch's `end_cursor` - (not the query's `end_cursor`). In a single transaction, subsequent - query result batches for the same query can have a greater - timestamp. Each batch's read timestamp is valid for all preceding - batches. This value will not be set for eventually consistent - queries in Cloud Datastore. - type: string - format: google-datetime - ExplainMetrics: - id: ExplainMetrics - description: Explain metrics for the query. + property: + $ref: '#/components/schemas/PropertyReference' + description: The property to aggregate on. + id: Avg type: object + description: >- + Average of the values of the requested property. * Only numeric values + will be aggregated. All non-numeric values including `NULL` are skipped. + * If the aggregated values contain `NaN`, returns `NaN`. Infinity math + follows IEEE-754 standards. * If the aggregated value set is empty, + returns `NULL`. * Always returns the result as a double. + GoogleDatastoreAdminV1ExportEntitiesResponse: + description: >- + The response for + google.datastore.admin.v1.DatastoreAdmin.ExportEntities. properties: - planSummary: - description: Planning phase information for the query. - $ref: '#/components/schemas/PlanSummary' - executionStats: + outputUrl: + type: string description: >- - Aggregated stats from the execution of the query. Only present when - ExplainOptions.analyze is set to true. - $ref: '#/components/schemas/ExecutionStats' - PlanSummary: - id: PlanSummary - description: Planning phase information for the query. + Location of the output metadata file. This can be used to begin an + import into Cloud Datastore (this project or another project). See + google.datastore.admin.v1.ImportEntitiesRequest.input_url. Only + present if the operation completed successfully. type: object - properties: - indexesUsed: - description: >- - The indexes selected for the query. For example: [ {"query_scope": - "Collection", "properties": "(foo ASC, __name__ ASC)"}, - {"query_scope": "Collection", "properties": "(bar ASC, __name__ - ASC)"} ] - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. - ExecutionStats: - id: ExecutionStats - description: Execution statistics for the query. + id: GoogleDatastoreAdminV1ExportEntitiesResponse + PropertyTransform: type: object properties: - resultsReturned: + increment: + $ref: '#/components/schemas/Value' description: >- - Total number of results returned, including documents, projections, - aggregation results, keys. - type: string - format: int64 - executionDuration: - description: Total time to execute the query in the backend. - type: string - format: google-duration - readOperations: - description: Total billable read operations. + Adds the given value to the property's current value. This must be + an integer or a double value. If the property is not an integer or + double, or if the property does not yet exist, the transformation + will set the property to the given value. If either of the given + value or the current property value are doubles, both values will be + interpreted as doubles. Double arithmetic and representation of + double values follows IEEE 754 semantics. If there is + positive/negative integer overflow, the property is resolved to the + largest magnitude positive/negative integer. + property: type: string - format: int64 - debugStats: description: >- - Debugging statistics from the execution of the query. Note that the - debugging stats are subject to change as Firestore evolves. It could - include: { "indexes_entries_scanned": "1000", "documents_scanned": - "20", "billing_details" : { "documents_billable": "20", - "index_entries_billable": "1000", "min_query_cost": "0" } } - type: object - additionalProperties: - type: any - description: Properties of the object. - RunAggregationQueryRequest: - id: RunAggregationQueryRequest - description: The request for Datastore.RunAggregationQuery. - type: object + Optional. The name of the property. Property paths (a list of + property names separated by dots (`.`)) may be used to refer to + properties inside entity values. For example `foo.bar` means the + property `bar` inside the entity property `foo`. If a property name + contains a dot `.` or a backlslash `\`, then that name must be + escaped. + maximum: + description: >- + Sets the property to the maximum of its current value and the given + value. This must be an integer or a double value. If the property is + not an integer or double, or if the property does not yet exist, the + transformation will set the property to the given value. If a + maximum operation is applied where the property and the input value + are of mixed types (that is - one is an integer and one is a double) + the property takes on the type of the larger operand. If the + operands are equivalent (e.g. 3 and 3.0), the property does not + change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored + value and zero input value is always the stored value. The maximum + of any numeric value x and NaN is NaN. + $ref: '#/components/schemas/Value' + minimum: + $ref: '#/components/schemas/Value' + description: >- + Sets the property to the minimum of its current value and the given + value. This must be an integer or a double value. If the property is + not an integer or double, or if the property does not yet exist, the + transformation will set the property to the input value. If a + minimum operation is applied where the property and the input value + are of mixed types (that is - one is an integer and one is a double) + the property takes on the type of the smaller operand. If the + operands are equivalent (e.g. 3 and 3.0), the property does not + change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored + value and zero input value is always the stored value. The minimum + of any numeric value x and NaN is NaN. + appendMissingElements: + description: >- + Appends the given elements in order if they are not already present + in the current property value. If the property is not an array, or + if the property does not yet exist, it is first set to the empty + array. Equivalent numbers of different types (e.g. 3L and 3.0) are + considered equal when checking if a value is missing. NaN is equal + to NaN, and the null value is equal to the null value. If the input + contains multiple equivalent values, only the first will be + considered. The corresponding transform result will be the null + value. + $ref: '#/components/schemas/ArrayValue' + setToServerValue: + type: string + enumDescriptions: + - Unspecified. This value must not be used. + - >- + The time at which the server processed the request, with + millisecond precision. If used on multiple properties (same or + different entities) in a transaction, all the properties will get + the same server timestamp. + enum: + - SERVER_VALUE_UNSPECIFIED + - REQUEST_TIME + description: Sets the property to the given server value. + removeAllFromArray: + description: >- + Removes all of the given elements from the array in the property. If + the property is not an array, or if the property does not yet exist, + it is set to the empty array. Equivalent numbers of different types + (e.g. 3L and 3.0) are considered equal when deciding whether an + element should be removed. NaN is equal to NaN, and the null value + is equal to the null value. This will remove all equivalent values + if there are duplicates. The corresponding transform result will be + the null value. + $ref: '#/components/schemas/ArrayValue' + id: PropertyTransform + description: A transformation of an entity property. + CommitRequest: + description: The request for Datastore.Commit. properties: + mode: + type: string + enumDescriptions: + - Unspecified. This value must not be used. + - >- + Transactional: The mutations are either all applied, or none are + applied. Learn about transactions + [here](https://cloud.google.com/datastore/docs/concepts/transactions). + - 'Non-transactional: The mutations may not apply as all or none.' + description: The type of commit to perform. Defaults to `TRANSACTIONAL`. + enum: + - MODE_UNSPECIFIED + - TRANSACTIONAL + - NON_TRANSACTIONAL + singleUseTransaction: + $ref: '#/components/schemas/TransactionOptions' + description: >- + Options for beginning a new transaction for this request. The + transaction is committed when the request completes. If specified, + TransactionOptions.mode must be TransactionOptions.ReadWrite. databaseId: + type: string description: >- The ID of the database against which to make the request. '(default)' is not allowed; please use empty string '' to refer the default database. - type: string - partitionId: - description: >- - Entities are partitioned into subsets, identified by a partition ID. - Queries are scoped to a single partition. This partition ID is - normalized with the standard default context partition ID. - $ref: '#/components/schemas/PartitionId' - readOptions: - description: The options for this query. - $ref: '#/components/schemas/ReadOptions' - aggregationQuery: - description: The query to run. - $ref: '#/components/schemas/AggregationQuery' - gqlQuery: - description: The GQL query to run. This query must be an aggregation query. - $ref: '#/components/schemas/GqlQuery' - explainOptions: - description: >- - Optional. Explain options for the query. If set, additional query - statistics will be returned. If not, only query results will be - returned. - $ref: '#/components/schemas/ExplainOptions' - AggregationQuery: - id: AggregationQuery - description: Datastore query for running an aggregation over a Query. - type: object - properties: - nestedQuery: - description: Nested query for aggregation - $ref: '#/components/schemas/Query' - aggregations: + transaction: + format: byte description: >- - Optional. Series of aggregations to apply over the results of the - `nested_query`. Requires: * A minimum of one and maximum of five - aggregations per query. - type: array + The identifier of the transaction associated with the commit. A + transaction identifier is returned by a call to + Datastore.BeginTransaction. + type: string + mutations: items: - $ref: '#/components/schemas/Aggregation' - Aggregation: - id: Aggregation - description: Defines an aggregation that produces a single result. - type: object - properties: - count: - description: Count aggregator. - $ref: '#/components/schemas/Count' - sum: - description: Sum aggregator. - $ref: '#/components/schemas/Sum' - avg: - description: Average aggregator. - $ref: '#/components/schemas/Avg' - alias: + $ref: '#/components/schemas/Mutation' description: >- - Optional. Optional name of the property to store the result of the - aggregation. If not provided, Datastore will pick a default name - following the format `property_`. For example: ``` AGGREGATE - COUNT_UP_TO(1) AS count_up_to_1, COUNT_UP_TO(2), COUNT_UP_TO(3) AS - count_up_to_3, COUNT(*) OVER ( ... ); ``` becomes: ``` AGGREGATE - COUNT_UP_TO(1) AS count_up_to_1, COUNT_UP_TO(2) AS property_1, - COUNT_UP_TO(3) AS count_up_to_3, COUNT(*) AS property_2 OVER ( ... - ); ``` Requires: * Must be unique across all aggregation aliases. * - Conform to entity property name limitations. - type: string - Count: - id: Count - description: >- - Count of entities that match the query. The `COUNT(*)` aggregation - function operates on the entire entity so it does not require a field - reference. + The mutations to perform. When mode is `TRANSACTIONAL`, mutations + affecting a single entity are applied in order. The following + sequences of mutations affecting a single entity are not permitted + in a single `Commit` request: - `insert` followed by `insert` - + `update` followed by `insert` - `upsert` followed by `insert` - + `delete` followed by `update` When mode is `NON_TRANSACTIONAL`, no + two mutations may affect a single entity. + type: array + id: CommitRequest type: object - properties: - upTo: - description: >- - Optional. Optional constraint on the maximum number of entities to - count. This provides a way to set an upper bound on the number of - entities to scan, limiting latency, and cost. Unspecified is - interpreted as no bound. If a zero value is provided, a count result - of zero should always be expected. High-Level Example: ``` AGGREGATE - COUNT_UP_TO(1000) OVER ( SELECT * FROM k ); ``` Requires: * Must be - non-negative when present. - type: string - format: int64 - Sum: - id: Sum - description: >- - Sum of the values of the requested property. * Only numeric values will - be aggregated. All non-numeric values including `NULL` are skipped. * If - the aggregated values contain `NaN`, returns `NaN`. Infinity math - follows IEEE-754 standards. * If the aggregated value set is empty, - returns 0. * Returns a 64-bit integer if all aggregated numbers are - integers and the sum result does not overflow. Otherwise, the result is - returned as a double. Note that even if all the aggregated values are - integers, the result is returned as a double if it cannot fit within a - 64-bit signed integer. When this occurs, the returned value will lose - precision. * When underflow occurs, floating-point aggregation is - non-deterministic. This means that running the same query repeatedly - without any changes to the underlying values could produce slightly - different results each time. In those cases, values should be stored as - integers over floating-point numbers. + Projection: type: object properties: property: - description: The property to aggregate on. + description: The property to project. $ref: '#/components/schemas/PropertyReference' - Avg: - id: Avg - description: >- - Average of the values of the requested property. * Only numeric values - will be aggregated. All non-numeric values including `NULL` are skipped. - * If the aggregated values contain `NaN`, returns `NaN`. Infinity math - follows IEEE-754 standards. * If the aggregated value set is empty, - returns `NULL`. * Always returns the result as a double. + description: A representation of a property in a projection. + id: Projection + ReadWrite: + id: ReadWrite type: object properties: - property: - description: The property to aggregate on. - $ref: '#/components/schemas/PropertyReference' - RunAggregationQueryResponse: - id: RunAggregationQueryResponse - description: The response for Datastore.RunAggregationQuery. + previousTransaction: + description: The transaction identifier of the transaction being retried. + type: string + format: byte + description: Options specific to read / write transactions. + GoogleDatastoreAdminV1ListIndexesResponse: type: object + description: The response for google.datastore.admin.v1.DatastoreAdmin.ListIndexes. + id: GoogleDatastoreAdminV1ListIndexesResponse properties: - batch: - description: A batch of aggregation results. Always present. - $ref: '#/components/schemas/AggregationResultBatch' - query: - description: The parsed form of the `GqlQuery` from the request, if it was set. - $ref: '#/components/schemas/AggregationQuery' - transaction: - description: >- - The identifier of the transaction that was started as part of this - RunAggregationQuery request. Set only when - ReadOptions.new_transaction was set in - RunAggregationQueryRequest.read_options. + indexes: + items: + $ref: '#/components/schemas/GoogleDatastoreAdminV1Index' + type: array + description: The indexes. + nextPageToken: + description: The standard List next-page token. + type: string + PropertyReference: + type: object + description: A reference to a property relative to the kind expressions. + id: PropertyReference + properties: + name: type: string - format: byte - explainMetrics: description: >- - Query explain metrics. This is only present when the - RunAggregationQueryRequest.explain_options is provided, and it is - sent only once with the last response in the stream. - $ref: '#/components/schemas/ExplainMetrics' + A reference to a property. Requires: * MUST be a dot-delimited (`.`) + string of segments, where each segment conforms to entity property + name limitations. AggregationResultBatch: - id: AggregationResultBatch description: A batch of aggregation results produced by an aggregation query. - type: object properties: - aggregationResults: - description: The aggregation results for this batch. - type: array - items: - $ref: '#/components/schemas/AggregationResult' moreResults: + enum: + - MORE_RESULTS_TYPE_UNSPECIFIED + - NOT_FINISHED + - MORE_RESULTS_AFTER_LIMIT + - MORE_RESULTS_AFTER_CURSOR + - NO_MORE_RESULTS + type: string description: >- The state of the query after the current batch. Only COUNT(*) aggregations are supported in the initial launch. Therefore, expected result type is limited to `NO_MORE_RESULTS`. - type: string enumDescriptions: - Unspecified. This value is never used. - There may be additional batches to fetch from this query. @@ -1483,276 +1162,520 @@ components: The query is finished, but there may be more results after the end cursor. - The query is finished, and there are no more results. - enum: - - MORE_RESULTS_TYPE_UNSPECIFIED - - NOT_FINISHED - - MORE_RESULTS_AFTER_LIMIT - - MORE_RESULTS_AFTER_CURSOR - - NO_MORE_RESULTS readTime: description: >- Read timestamp this batch was returned from. In a single transaction, subsequent query result batches for the same query can have a greater timestamp. Each batch's read timestamp is valid for all preceding batches. + format: google-datetime type: string + aggregationResults: + items: + $ref: '#/components/schemas/AggregationResult' + type: array + description: The aggregation results for this batch. + id: AggregationResultBatch + type: object + ReadOnly: + type: object + properties: + readTime: + description: >- + Reads entities at the given time. This must be a microsecond + precision timestamp within the past one hour, or if Point-in-Time + Recovery is enabled, can additionally be a whole minute timestamp + within the past 7 days. format: google-datetime - AggregationResult: - id: AggregationResult + type: string + id: ReadOnly + description: Options specific to read-only transactions. + GoogleDatastoreAdminV1beta1ExportEntitiesResponse: + type: object + id: GoogleDatastoreAdminV1beta1ExportEntitiesResponse description: >- - The result of a single bucket from a Datastore aggregation query. The - keys of `aggregate_properties` are the same for all results in an - aggregation query, unlike entity queries which can have different fields - present for each result. + The response for + google.datastore.admin.v1beta1.DatastoreAdmin.ExportEntities. + properties: + outputUrl: + description: >- + Location of the output metadata file. This can be used to begin an + import into Cloud Datastore (this project or another project). See + google.datastore.admin.v1beta1.ImportEntitiesRequest.input_url. Only + present if the operation completed successfully. + type: string + MutationResult: type: object properties: - aggregateProperties: + conflictDetected: description: >- - The result of the aggregation functions, ex: `COUNT(*) AS - total_entities`. The key is the alias assigned to the aggregation - function on input and the size of this map equals the number of - aggregation functions in the query. - type: object - additionalProperties: + Whether a conflict was detected for this mutation. Always false when + a conflict detection strategy field is not set in the mutation. + type: boolean + version: + format: int64 + description: >- + The version of the entity on the server after processing the + mutation. If the mutation doesn't change anything on the server, + then the version will be the version of the current entity or, if no + entity is present, a version that is strictly greater than the + version of any previous entity and less than the version of any + possible future entity. + type: string + transformResults: + description: >- + The results of applying each PropertyTransform, in the same order of + the request. + type: array + items: $ref: '#/components/schemas/Value' - BeginTransactionRequest: - id: BeginTransactionRequest - description: The request for Datastore.BeginTransaction. + createTime: + type: string + description: >- + The create time of the entity. This field will not be set after a + 'delete'. + format: google-datetime + key: + $ref: '#/components/schemas/Key' + description: >- + The automatically allocated key. Set only when the mutation + allocated a key. + updateTime: + description: >- + The update time of the entity on the server after processing the + mutation. If the mutation doesn't change anything on the server, + then the timestamp will be the update timestamp of the current + entity. This field will not be set after a 'delete'. + format: google-datetime + type: string + description: The result of applying a mutation. + id: MutationResult + KindExpression: type: object + id: KindExpression + description: A representation of a kind. properties: - databaseId: - description: >- - The ID of the database against which to make the request. - '(default)' is not allowed; please use empty string '' to refer the - default database. + name: type: string - transactionOptions: - description: Options for a new transaction. - $ref: '#/components/schemas/TransactionOptions' + description: The name of the kind. BeginTransactionResponse: id: BeginTransactionResponse - description: The response for Datastore.BeginTransaction. type: object properties: transaction: + format: byte + type: string description: The transaction identifier (always present). + description: The response for Datastore.BeginTransaction. + GqlQueryParameter: + type: object + id: GqlQueryParameter + description: A binding parameter for a GQL query. + properties: + cursor: type: string format: byte - CommitRequest: - id: CommitRequest - description: The request for Datastore.Commit. + description: A query cursor. Query cursors are returned in query result batches. + value: + description: A value parameter. + $ref: '#/components/schemas/Value' + Sum: + id: Sum + properties: + property: + description: The property to aggregate on. + $ref: '#/components/schemas/PropertyReference' + type: object + description: >- + Sum of the values of the requested property. * Only numeric values will + be aggregated. All non-numeric values including `NULL` are skipped. * If + the aggregated values contain `NaN`, returns `NaN`. Infinity math + follows IEEE-754 standards. * If the aggregated value set is empty, + returns 0. * Returns a 64-bit integer if all aggregated numbers are + integers and the sum result does not overflow. Otherwise, the result is + returned as a double. Note that even if all the aggregated values are + integers, the result is returned as a double if it cannot fit within a + 64-bit signed integer. When this occurs, the returned value will lose + precision. * When underflow occurs, floating-point aggregation is + non-deterministic. This means that running the same query repeatedly + without any changes to the underlying values could produce slightly + different results each time. In those cases, values should be stored as + integers over floating-point numbers. + PropertyMask: + properties: + paths: + type: array + description: >- + The paths to the properties covered by this mask. A path is a list + of property names separated by dots (`.`), for example `foo.bar` + means the property `bar` inside the entity property `foo` inside the + entity associated with this path. If a property name contains a dot + `.` or a backslash `\`, then that name must be escaped. A path must + not be empty, and may not reference a value inside an array value. + items: + type: string + id: PropertyMask + type: object + description: >- + The set of arbitrarily nested property paths used to restrict an + operation to only a subset of properties in an entity. + ReserveIdsRequest: type: object + id: ReserveIdsRequest + description: The request for Datastore.ReserveIds. properties: + keys: + items: + $ref: '#/components/schemas/Key' + description: >- + Required. A list of keys with complete key paths whose numeric IDs + should not be auto-allocated. + type: array databaseId: description: >- The ID of the database against which to make the request. '(default)' is not allowed; please use empty string '' to refer the default database. type: string - mode: - description: The type of commit to perform. Defaults to `TRANSACTIONAL`. - type: string - enumDescriptions: - - Unspecified. This value must not be used. - - >- - Transactional: The mutations are either all applied, or none are - applied. Learn about transactions - [here](https://cloud.google.com/datastore/docs/concepts/transactions). - - 'Non-transactional: The mutations may not apply as all or none.' - enum: - - MODE_UNSPECIFIED - - TRANSACTIONAL - - NON_TRANSACTIONAL - transaction: - description: >- - The identifier of the transaction associated with the commit. A - transaction identifier is returned by a call to - Datastore.BeginTransaction. - type: string - format: byte - singleUseTransaction: + GoogleDatastoreAdminV1ExportEntitiesRequest: + id: GoogleDatastoreAdminV1ExportEntitiesRequest + properties: + labels: + description: Client-assigned labels. + type: object + additionalProperties: + type: string + outputUrlPrefix: description: >- - Options for beginning a new transaction for this request. The - transaction is committed when the request completes. If specified, - TransactionOptions.mode must be TransactionOptions.ReadWrite. - $ref: '#/components/schemas/TransactionOptions' - mutations: - description: >- - The mutations to perform. When mode is `TRANSACTIONAL`, mutations - affecting a single entity are applied in order. The following - sequences of mutations affecting a single entity are not permitted - in a single `Commit` request: - `insert` followed by `insert` - - `update` followed by `insert` - `upsert` followed by `insert` - - `delete` followed by `update` When mode is `NON_TRANSACTIONAL`, no - two mutations may affect a single entity. + Required. Location for the export metadata and data files. The full + resource URL of the external storage location. Currently, only + Google Cloud Storage is supported. So output_url_prefix should be of + the form: `gs://BUCKET_NAME[/NAMESPACE_PATH]`, where `BUCKET_NAME` + is the name of the Cloud Storage bucket and `NAMESPACE_PATH` is an + optional Cloud Storage namespace path (this is not a Cloud Datastore + namespace). For more information about Cloud Storage namespace + paths, see [Object name + considerations](https://cloud.google.com/storage/docs/naming#object-considerations). + The resulting files will be nested deeper than the specified URL + prefix. The final output URL will be provided in the + google.datastore.admin.v1.ExportEntitiesResponse.output_url field. + That value should be used for subsequent ImportEntities operations. + By nesting the data files deeper, the same Cloud Storage bucket can + be used in multiple ExportEntities operations without conflict. + type: string + entityFilter: + description: Description of what data from the project is included in the export. + $ref: '#/components/schemas/GoogleDatastoreAdminV1EntityFilter' + description: The request for google.datastore.admin.v1.DatastoreAdmin.ExportEntities. + type: object + GoogleDatastoreAdminV1Index: + type: object + description: Datastore composite index definition. + id: GoogleDatastoreAdminV1Index + properties: + properties: type: array + description: >- + Required. An ordered sequence of property names and their index + attributes. Requires: * A maximum of 100 properties. items: - $ref: '#/components/schemas/Mutation' - Mutation: - id: Mutation - description: A mutation to apply to an entity. + $ref: '#/components/schemas/GoogleDatastoreAdminV1IndexedProperty' + projectId: + type: string + readOnly: true + description: Output only. Project ID. + kind: + type: string + description: Required. The entity kind to which this index applies. + indexId: + description: Output only. The resource ID of the index. + readOnly: true + type: string + ancestor: + enumDescriptions: + - The ancestor mode is unspecified. + - Do not include the entity's ancestors in the index. + - Include all the entity's ancestors in the index. + description: >- + Required. The index's ancestor mode. Must not be + ANCESTOR_MODE_UNSPECIFIED. + enum: + - ANCESTOR_MODE_UNSPECIFIED + - NONE + - ALL_ANCESTORS + type: string + state: + readOnly: true + enumDescriptions: + - The state is unspecified. + - >- + The index is being created, and cannot be used by queries. There + is an active long-running operation for the index. The index is + updated when writing an entity. Some index data may exist. + - >- + The index is ready to be used. The index is updated when writing + an entity. The index is fully populated from all stored entities + it applies to. + - >- + The index is being deleted, and cannot be used by queries. There + is an active long-running operation for the index. The index is + not updated when writing an entity. Some index data may exist. + - >- + The index was being created or deleted, but something went wrong. + The index cannot by used by queries. There is no active + long-running operation for the index, and the most recently + finished long-running operation failed. The index is not updated + when writing an entity. Some index data may exist. + enum: + - STATE_UNSPECIFIED + - CREATING + - READY + - DELETING + - ERROR + type: string + description: Output only. The state of the index. + Status: + id: Status type: object + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). properties: - insert: + details: description: >- - The entity to insert. The entity must not already exist. The entity - key's final path element may be incomplete. - $ref: '#/components/schemas/Entity' - update: + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: array + code: + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + message: description: >- - The entity to update. The entity must already exist. Must have a - complete key path. - $ref: '#/components/schemas/Entity' - upsert: + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + Key: + description: >- + A unique identifier for an entity. If a key's partition ID or any of its + path kinds or names are reserved/read-only, the key is + reserved/read-only. A reserved/read-only key is forbidden in certain + documented contexts. + id: Key + type: object + properties: + partitionId: description: >- - The entity to upsert. The entity may or may not already exist. The - entity key's final path element may be incomplete. - $ref: '#/components/schemas/Entity' - delete: + Entities are partitioned into subsets, currently identified by a + project ID and namespace ID. Queries are scoped to a single + partition. + $ref: '#/components/schemas/PartitionId' + path: + type: array + items: + $ref: '#/components/schemas/PathElement' description: >- - The key of the entity to delete. The entity may or may not already - exist. Must have a complete key path and must not be - reserved/read-only. - $ref: '#/components/schemas/Key' - baseVersion: + The entity path. An entity path consists of one or more elements + composed of a kind and a string or numerical identifier, which + identify entities. The first element identifies a _root entity_, the + second element identifies a _child_ of the root entity, the third + element identifies a child of the second entity, and so forth. The + entities identified by all prefixes of the path are called the + element's _ancestors_. An entity path is always fully complete: + *all* of the entity's ancestors are required to be in the path along + with the entity identifier itself. The only exception is that in + some documented cases, the identifier in the last path element (for + the entity) itself may be omitted. For example, the last path + element of the key of `Mutation.insert` may have no identifier. A + path can never be empty, and a path can have at most 100 elements. + RunQueryResponse: + id: RunQueryResponse + description: The response for Datastore.RunQuery. + type: object + properties: + query: + description: The parsed form of the `GqlQuery` from the request, if it was set. + $ref: '#/components/schemas/Query' + transaction: + format: byte description: >- - The version of the entity that this mutation is being applied to. If - this does not match the current version on the server, the mutation - conflicts. + The identifier of the transaction that was started as part of this + RunQuery request. Set only when ReadOptions.new_transaction was set + in RunQueryRequest.read_options. type: string - format: int64 - updateTime: + explainMetrics: + $ref: '#/components/schemas/ExplainMetrics' description: >- - The update time of the entity that this mutation is being applied - to. If this does not match the current update time on the server, - the mutation conflicts. - type: string - format: google-datetime - conflictResolutionStrategy: + Query explain metrics. This is only present when the + RunQueryRequest.explain_options is provided, and it is sent only + once with the last response in the stream. + batch: description: >- - The strategy to use when a conflict is detected. Defaults to - `SERVER_VALUE`. If this is set, then `conflict_detection_strategy` - must also be set. - type: string - enumDescriptions: - - Unspecified. Defaults to `SERVER_VALUE`. - - The server entity is kept. - - The whole commit request fails. - enum: - - STRATEGY_UNSPECIFIED - - SERVER_VALUE - - FAIL - propertyMask: + A batch of query results. This is always present unless running a + query under explain-only mode: RunQueryRequest.explain_options was + provided and ExplainOptions.analyze was set to false. + $ref: '#/components/schemas/QueryResultBatch' + GoogleDatastoreAdminV1beta1EntityFilter: + id: GoogleDatastoreAdminV1beta1EntityFilter + properties: + namespaceIds: + items: + type: string + type: array description: >- - The properties to write in this mutation. None of the properties in - the mask may have a reserved name, except for `__key__`. This field - is ignored for `delete`. If the entity already exists, only - properties referenced in the mask are updated, others are left - untouched. Properties referenced in the mask but not in the entity - are deleted. - $ref: '#/components/schemas/PropertyMask' - propertyTransforms: + An empty list represents all namespaces. This is the preferred usage + for projects that don't use namespaces. An empty string element + represents the default namespace. This should be used if the project + has data in non-default namespaces, but doesn't want to include + them. Each namespace in this list must be unique. + kinds: + description: If empty, then this represents all kinds. + items: + type: string + type: array + description: >- + Identifies a subset of entities in a project. This is specified as + combinations of kinds and namespaces (either or both of which may be + all, as described in the following examples). Example usage: Entire + project: kinds=[], namespace_ids=[] Kinds Foo and Bar in all namespaces: + kinds=['Foo', 'Bar'], namespace_ids=[] Kinds Foo and Bar only in the + default namespace: kinds=['Foo', 'Bar'], namespace_ids=[''] Kinds Foo + and Bar in both the default and Baz namespaces: kinds=['Foo', 'Bar'], + namespace_ids=['', 'Baz'] The entire Baz namespace: kinds=[], + namespace_ids=['Baz'] + type: object + GoogleDatastoreAdminV1EntityFilter: + id: GoogleDatastoreAdminV1EntityFilter + properties: + namespaceIds: + type: array description: >- - Optional. The transforms to perform on the entity. This field can be - set only when the operation is `insert`, `update`, or `upsert`. If - present, the transforms are be applied to the entity regardless of - the property mask, in order, after the operation. + An empty list represents all namespaces. This is the preferred usage + for projects that don't use namespaces. An empty string element + represents the default namespace. This should be used if the project + has data in non-default namespaces, but doesn't want to include + them. Each namespace in this list must be unique. + items: + type: string + kinds: + description: If empty, then this represents all kinds. type: array items: - $ref: '#/components/schemas/PropertyTransform' - PropertyTransform: - id: PropertyTransform - description: A transformation of an entity property. + type: string + description: >- + Identifies a subset of entities in a project. This is specified as + combinations of kinds and namespaces (either or both of which may be + all, as described in the following examples). Example usage: Entire + project: kinds=[], namespace_ids=[] Kinds Foo and Bar in all namespaces: + kinds=['Foo', 'Bar'], namespace_ids=[] Kinds Foo and Bar only in the + default namespace: kinds=['Foo', 'Bar'], namespace_ids=[''] Kinds Foo + and Bar in both the default and Baz namespaces: kinds=['Foo', 'Bar'], + namespace_ids=['', 'Baz'] The entire Baz namespace: kinds=[], + namespace_ids=['Baz'] + type: object + Count: type: object properties: - property: - description: >- - Optional. The name of the property. Property paths (a list of - property names separated by dots (`.`)) may be used to refer to - properties inside entity values. For example `foo.bar` means the - property `bar` inside the entity property `foo`. If a property name - contains a dot `.` or a backlslash `\`, then that name must be - escaped. - type: string - setToServerValue: - description: Sets the property to the given server value. + upTo: type: string - enumDescriptions: - - Unspecified. This value must not be used. - - >- - The time at which the server processed the request, with - millisecond precision. If used on multiple properties (same or - different entities) in a transaction, all the properties will get - the same server timestamp. - enum: - - SERVER_VALUE_UNSPECIFIED - - REQUEST_TIME - increment: description: >- - Adds the given value to the property's current value. This must be - an integer or a double value. If the property is not an integer or - double, or if the property does not yet exist, the transformation - will set the property to the given value. If either of the given - value or the current property value are doubles, both values will be - interpreted as doubles. Double arithmetic and representation of - double values follows IEEE 754 semantics. If there is - positive/negative integer overflow, the property is resolved to the - largest magnitude positive/negative integer. - $ref: '#/components/schemas/Value' - maximum: + Optional. Optional constraint on the maximum number of entities to + count. This provides a way to set an upper bound on the number of + entities to scan, limiting latency, and cost. Unspecified is + interpreted as no bound. If a zero value is provided, a count result + of zero should always be expected. High-Level Example: ``` AGGREGATE + COUNT_UP_TO(1000) OVER ( SELECT * FROM k ); ``` Requires: * Must be + non-negative when present. + format: int64 + description: >- + Count of entities that match the query. The `COUNT(*)` aggregation + function operates on the entire entity so it does not require a field + reference. + id: Count + GoogleDatastoreAdminV1ImportEntitiesRequest: + type: object + description: The request for google.datastore.admin.v1.DatastoreAdmin.ImportEntities. + properties: + labels: + description: Client-assigned labels. + type: object + additionalProperties: + type: string + inputUrl: description: >- - Sets the property to the maximum of its current value and the given - value. This must be an integer or a double value. If the property is - not an integer or double, or if the property does not yet exist, the - transformation will set the property to the given value. If a - maximum operation is applied where the property and the input value - are of mixed types (that is - one is an integer and one is a double) - the property takes on the type of the larger operand. If the - operands are equivalent (e.g. 3 and 3.0), the property does not - change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored - value and zero input value is always the stored value. The maximum - of any numeric value x and NaN is NaN. - $ref: '#/components/schemas/Value' - minimum: + Required. The full resource URL of the external storage location. + Currently, only Google Cloud Storage is supported. So input_url + should be of the form: + `gs://BUCKET_NAME[/NAMESPACE_PATH]/OVERALL_EXPORT_METADATA_FILE`, + where `BUCKET_NAME` is the name of the Cloud Storage bucket, + `NAMESPACE_PATH` is an optional Cloud Storage namespace path (this + is not a Cloud Datastore namespace), and + `OVERALL_EXPORT_METADATA_FILE` is the metadata file written by the + ExportEntities operation. For more information about Cloud Storage + namespace paths, see [Object name + considerations](https://cloud.google.com/storage/docs/naming#object-considerations). + For more information, see + google.datastore.admin.v1.ExportEntitiesResponse.output_url. + type: string + entityFilter: + description: >- + Optionally specify which kinds/namespaces are to be imported. If + provided, the list must be a subset of the EntityFilter used in + creating the export, otherwise a FAILED_PRECONDITION error will be + returned. If no filter is specified then all entities from the + export are imported. + $ref: '#/components/schemas/GoogleDatastoreAdminV1EntityFilter' + id: GoogleDatastoreAdminV1ImportEntitiesRequest + RunQueryRequest: + id: RunQueryRequest + type: object + properties: + readOptions: + $ref: '#/components/schemas/ReadOptions' + description: The options for this query. + propertyMask: description: >- - Sets the property to the minimum of its current value and the given - value. This must be an integer or a double value. If the property is - not an integer or double, or if the property does not yet exist, the - transformation will set the property to the input value. If a - minimum operation is applied where the property and the input value - are of mixed types (that is - one is an integer and one is a double) - the property takes on the type of the smaller operand. If the - operands are equivalent (e.g. 3 and 3.0), the property does not - change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored - value and zero input value is always the stored value. The minimum - of any numeric value x and NaN is NaN. - $ref: '#/components/schemas/Value' - appendMissingElements: + The properties to return. This field must not be set for a + projection query. See LookupRequest.property_mask. + $ref: '#/components/schemas/PropertyMask' + databaseId: description: >- - Appends the given elements in order if they are not already present - in the current property value. If the property is not an array, or - if the property does not yet exist, it is first set to the empty - array. Equivalent numbers of different types (e.g. 3L and 3.0) are - considered equal when checking if a value is missing. NaN is equal - to NaN, and the null value is equal to the null value. If the input - contains multiple equivalent values, only the first will be - considered. The corresponding transform result will be the null - value. - $ref: '#/components/schemas/ArrayValue' - removeAllFromArray: + The ID of the database against which to make the request. + '(default)' is not allowed; please use empty string '' to refer the + default database. + type: string + partitionId: + $ref: '#/components/schemas/PartitionId' description: >- - Removes all of the given elements from the array in the property. If - the property is not an array, or if the property does not yet exist, - it is set to the empty array. Equivalent numbers of different types - (e.g. 3L and 3.0) are considered equal when deciding whether an - element should be removed. NaN is equal to NaN, and the null value - is equal to the null value. This will remove all equivalent values - if there are duplicates. The corresponding transform result will be - the null value. - $ref: '#/components/schemas/ArrayValue' + Entities are partitioned into subsets, identified by a partition ID. + Queries are scoped to a single partition. This partition ID is + normalized with the standard default context partition ID. + query: + description: The query to run. + $ref: '#/components/schemas/Query' + explainOptions: + $ref: '#/components/schemas/ExplainOptions' + description: >- + Optional. Explain options for the query. If set, additional query + statistics will be returned. If not, only query results will be + returned. + gqlQuery: + $ref: '#/components/schemas/GqlQuery' + description: The GQL query to run. This query must be a non-aggregation query. + description: The request for Datastore.RunQuery. CommitResponse: id: CommitResponse - description: The response for Datastore.Commit. type: object properties: mutationResults: @@ -1762,617 +1685,697 @@ components: type: array items: $ref: '#/components/schemas/MutationResult' + commitTime: + type: string + description: >- + The transaction commit timestamp. Not set for non-transactional + commits. + format: google-datetime indexUpdates: description: >- The number of index entries updated during the commit, or zero if none were updated. type: integer format: int32 - commitTime: + description: The response for Datastore.Commit. + ReadOptions: + properties: + transaction: + format: byte description: >- - The transaction commit timestamp. Not set for non-transactional - commits. + The identifier of the transaction in which to read. A transaction + identifier is returned by a call to Datastore.BeginTransaction. type: string + readTime: + description: >- + Reads entities as they were at the given time. This value is only + supported for Cloud Firestore in Datastore mode. This must be a + microsecond precision timestamp within the past one hour, or if + Point-in-Time Recovery is enabled, can additionally be a whole + minute timestamp within the past 7 days. format: google-datetime - MutationResult: - id: MutationResult - description: The result of applying a mutation. + type: string + newTransaction: + $ref: '#/components/schemas/TransactionOptions' + description: >- + Options for beginning a new transaction for this request. The new + transaction identifier will be returned in the corresponding + response as either LookupResponse.transaction or + RunQueryResponse.transaction. + readConsistency: + enumDescriptions: + - Unspecified. This value must not be used. + - Strong consistency. + - Eventual consistency. + enum: + - READ_CONSISTENCY_UNSPECIFIED + - STRONG + - EVENTUAL + description: The non-transactional read consistency to use. + type: string + type: object + description: The options shared by read requests. + id: ReadOptions + RollbackResponse: type: object + description: The response for Datastore.Rollback. (an empty message). + id: RollbackResponse + properties: {} + GoogleDatastoreAdminV1Progress: + id: GoogleDatastoreAdminV1Progress + description: Measures the progress of a particular metric. properties: - key: - description: >- - The automatically allocated key. Set only when the mutation - allocated a key. - $ref: '#/components/schemas/Key' - version: + workEstimated: description: >- - The version of the entity on the server after processing the - mutation. If the mutation doesn't change anything on the server, - then the version will be the version of the current entity or, if no - entity is present, a version that is strictly greater than the - version of any previous entity and less than the version of any - possible future entity. + An estimate of how much work needs to be performed. May be zero if + the work estimate is unavailable. type: string format: int64 - createTime: - description: >- - The create time of the entity. This field will not be set after a - 'delete'. - type: string - format: google-datetime - updateTime: + workCompleted: description: >- - The update time of the entity on the server after processing the - mutation. If the mutation doesn't change anything on the server, - then the timestamp will be the update timestamp of the current - entity. This field will not be set after a 'delete'. + The amount of work that has been completed. Note that this may be + greater than work_estimated. + format: int64 type: string - format: google-datetime - conflictDetected: + type: object + AllocateIdsResponse: + type: object + properties: + keys: + items: + $ref: '#/components/schemas/Key' + type: array description: >- - Whether a conflict was detected for this mutation. Always false when - a conflict detection strategy field is not set in the mutation. - type: boolean - transformResults: + The keys specified in the request (in the same order), each with its + key path completed with a newly allocated ID. + id: AllocateIdsResponse + description: The response for Datastore.AllocateIds. + LatLng: + properties: + longitude: + format: double + type: number + description: The longitude in degrees. It must be in the range [-180.0, +180.0]. + latitude: + description: The latitude in degrees. It must be in the range [-90.0, +90.0]. + type: number + format: double + type: object + id: LatLng + description: >- + An object that represents a latitude/longitude pair. This is expressed + as a pair of doubles to represent degrees latitude and degrees + longitude. Unless specified otherwise, this object must conform to the + WGS84 standard. Values must be within normalized ranges. + AggregationResult: + id: AggregationResult + properties: + aggregateProperties: description: >- - The results of applying each PropertyTransform, in the same order of - the request. - type: array - items: + The result of the aggregation functions, ex: `COUNT(*) AS + total_entities`. The key is the alias assigned to the aggregation + function on input and the size of this map equals the number of + aggregation functions in the query. + additionalProperties: $ref: '#/components/schemas/Value' - RollbackRequest: - id: RollbackRequest - description: The request for Datastore.Rollback. + type: object + type: object + description: >- + The result of a single bucket from a Datastore aggregation query. The + keys of `aggregate_properties` are the same for all results in an + aggregation query, unlike entity queries which can have different fields + present for each result. + Entity: type: object + id: Entity properties: - databaseId: + properties: + additionalProperties: + $ref: '#/components/schemas/Value' + type: object description: >- - The ID of the database against which to make the request. - '(default)' is not allowed; please use empty string '' to refer the - default database. - type: string - transaction: + The entity's properties. The map's keys are property names. A + property name matching regex `__.*__` is reserved. A reserved + property name is forbidden in certain documented contexts. The map + keys, represented as UTF-8, must not exceed 1,500 bytes and cannot + be empty. + key: + $ref: '#/components/schemas/Key' description: >- - Required. The transaction identifier, returned by a call to - Datastore.BeginTransaction. - type: string - format: byte - RollbackResponse: - id: RollbackResponse - description: The response for Datastore.Rollback. (an empty message). + The entity's key. An entity must have a key, unless otherwise + documented (for example, an entity in `Value.entity_value` may have + no key). An entity's kind is its key path's last element's kind, or + null if it has no key. + description: A Datastore data object. Must not exceed 1 MiB - 4 bytes. + GoogleDatastoreAdminV1ExportEntitiesMetadata: + description: Metadata for ExportEntities operations. type: object - properties: {} - AllocateIdsRequest: - id: AllocateIdsRequest - description: The request for Datastore.AllocateIds. + id: GoogleDatastoreAdminV1ExportEntitiesMetadata + properties: + progressBytes: + $ref: '#/components/schemas/GoogleDatastoreAdminV1Progress' + description: An estimate of the number of bytes processed. + common: + description: Metadata common to all Datastore Admin operations. + $ref: '#/components/schemas/GoogleDatastoreAdminV1CommonMetadata' + outputUrlPrefix: + type: string + description: >- + Location for the export metadata and data files. This will be the + same value as the + google.datastore.admin.v1.ExportEntitiesRequest.output_url_prefix + field. The final output location is provided in + google.datastore.admin.v1.ExportEntitiesResponse.output_url. + progressEntities: + $ref: '#/components/schemas/GoogleDatastoreAdminV1Progress' + description: An estimate of the number of entities processed. + entityFilter: + description: Description of which entities are being exported. + $ref: '#/components/schemas/GoogleDatastoreAdminV1EntityFilter' + RollbackRequest: + id: RollbackRequest type: object properties: databaseId: + type: string description: >- The ID of the database against which to make the request. '(default)' is not allowed; please use empty string '' to refer the default database. + transaction: type: string - keys: + format: byte description: >- - Required. A list of keys with incomplete key paths for which to - allocate IDs. No key may be reserved/read-only. - type: array - items: - $ref: '#/components/schemas/Key' - AllocateIdsResponse: - id: AllocateIdsResponse - description: The response for Datastore.AllocateIds. - type: object + Required. The transaction identifier, returned by a call to + Datastore.BeginTransaction. + description: The request for Datastore.Rollback. + Query: properties: - keys: + order: description: >- - The keys specified in the request (in the same order), each with its - key path completed with a newly allocated ID. - type: array + The order to apply to the query results (if empty, order is + unspecified). items: - $ref: '#/components/schemas/Key' - ReserveIdsRequest: - id: ReserveIdsRequest - description: The request for Datastore.ReserveIds. - type: object - properties: - databaseId: + $ref: '#/components/schemas/PropertyOrder' + type: array + findNearest: + $ref: '#/components/schemas/FindNearest' description: >- - The ID of the database against which to make the request. - '(default)' is not allowed; please use empty string '' to refer the - default database. + Optional. A potential Nearest Neighbors Search. Applies after all + other filters and ordering. Finds the closest vector embeddings to + the given query vector. + offset: + description: >- + The number of results to skip. Applies before limit, but after all + other constraints. Optional. Must be >= 0 if specified. + type: integer + format: int32 + kind: + description: >- + The kinds to query (if empty, returns entities of all kinds). + Currently at most 1 kind may be specified. + type: array + items: + $ref: '#/components/schemas/KindExpression' + startCursor: type: string - keys: + format: byte description: >- - Required. A list of keys with complete key paths whose numeric IDs - should not be auto-allocated. + A starting point for the query results. Query cursors are returned + in query result batches and [can only be used to continue the same + query](https://cloud.google.com/datastore/docs/concepts/queries#cursors_limits_and_offsets). + distinctOn: + items: + $ref: '#/components/schemas/PropertyReference' + description: >- + The properties to make distinct. The query results will contain the + first result for each distinct combination of values for the given + properties (if empty, all results are returned). Requires: * If + `order` is specified, the set of distinct on properties must appear + before the non-distinct on properties in `order`. type: array + limit: + type: integer + description: >- + The maximum number of results to return. Applies after all other + constraints. Optional. Unspecified is interpreted as no limit. Must + be >= 0 if specified. + format: int32 + projection: items: - $ref: '#/components/schemas/Key' - ReserveIdsResponse: - id: ReserveIdsResponse - description: The response for Datastore.ReserveIds. + $ref: '#/components/schemas/Projection' + type: array + description: The projection to return. Defaults to returning all properties. + endCursor: + type: string + format: byte + description: >- + An ending point for the query results. Query cursors are returned in + query result batches and [can only be used to limit the same + query](https://cloud.google.com/datastore/docs/concepts/queries#cursors_limits_and_offsets). + filter: + $ref: '#/components/schemas/Filter' + description: The filter to apply. type: object + id: Query + description: >- + A query for entities. The query stages are executed in the following + order: 1. kind 2. filter 3. projection 4. order + start_cursor + + end_cursor 5. offset 6. limit 7. find_nearest + Empty: + id: Empty properties: {} - GoogleDatastoreAdminV1beta1ExportEntitiesMetadata: - id: GoogleDatastoreAdminV1beta1ExportEntitiesMetadata - description: Metadata for ExportEntities operations. - type: object - properties: - common: - description: Metadata common to all Datastore Admin operations. - $ref: '#/components/schemas/GoogleDatastoreAdminV1beta1CommonMetadata' - progressEntities: - description: An estimate of the number of entities processed. - $ref: '#/components/schemas/GoogleDatastoreAdminV1beta1Progress' - progressBytes: - description: An estimate of the number of bytes processed. - $ref: '#/components/schemas/GoogleDatastoreAdminV1beta1Progress' - entityFilter: - description: Description of which entities are being exported. - $ref: '#/components/schemas/GoogleDatastoreAdminV1beta1EntityFilter' - outputUrlPrefix: - description: >- - Location for the export metadata and data files. This will be the - same value as the - google.datastore.admin.v1beta1.ExportEntitiesRequest.output_url_prefix - field. The final output location is provided in - google.datastore.admin.v1beta1.ExportEntitiesResponse.output_url. - type: string - GoogleDatastoreAdminV1beta1CommonMetadata: - id: GoogleDatastoreAdminV1beta1CommonMetadata - description: Metadata common to all Datastore Admin operations. + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } type: object + PathElement: properties: - startTime: - description: The time that work began on the operation. - type: string - format: google-datetime - endTime: - description: The time the operation ended, either successfully or otherwise. - type: string - format: google-datetime - operationType: - description: >- - The type of the operation. Can be used as a filter in - ListOperationsRequest. + kind: type: string - enumDescriptions: - - Unspecified. - - ExportEntities. - - ImportEntities. - enum: - - OPERATION_TYPE_UNSPECIFIED - - EXPORT_ENTITIES - - IMPORT_ENTITIES - labels: description: >- - The client-assigned labels which were provided when the operation - was created. May also include additional labels. - type: object - additionalProperties: - type: string - state: - description: The current state of the Operation. - type: string - enumDescriptions: - - Unspecified. - - Request is being prepared for processing. - - Request is actively being processed. - - >- - Request is in the process of being cancelled after user called - google.longrunning.Operations.CancelOperation on the operation. - - Request has been processed and is in its finalization stage. - - Request has completed successfully. - - Request has finished being processed, but encountered an error. - - >- - Request has finished being cancelled after user called - google.longrunning.Operations.CancelOperation. - enum: - - STATE_UNSPECIFIED - - INITIALIZING - - PROCESSING - - CANCELLING - - FINALIZING - - SUCCESSFUL - - FAILED - - CANCELLED - GoogleDatastoreAdminV1beta1Progress: - id: GoogleDatastoreAdminV1beta1Progress - description: Measures the progress of a particular metric. - type: object - properties: - workCompleted: + The kind of the entity. A kind matching regex `__.*__` is + reserved/read-only. A kind must not contain more than 1500 bytes + when UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. + Legacy values that are not valid UTF-8 are encoded as `__bytes__` + where `` is the base-64 encoding of the bytes. + name: description: >- - The amount of work that has been completed. Note that this may be - greater than work_estimated. + The name of the entity. A name matching regex `__.*__` is + reserved/read-only. A name must not be more than 1500 bytes when + UTF-8 encoded. Cannot be `""`. Must be valid UTF-8 bytes. Legacy + values that are not valid UTF-8 are encoded as `__bytes__` where `` + is the base-64 encoding of the bytes. type: string - format: int64 - workEstimated: + id: description: >- - An estimate of how much work needs to be performed. May be zero if - the work estimate is unavailable. + The auto-allocated ID of the entity. Never equal to zero. Values + less than zero are discouraged and may not be supported in the + future. type: string format: int64 - GoogleDatastoreAdminV1beta1EntityFilter: - id: GoogleDatastoreAdminV1beta1EntityFilter description: >- - Identifies a subset of entities in a project. This is specified as - combinations of kinds and namespaces (either or both of which may be - all, as described in the following examples). Example usage: Entire - project: kinds=[], namespace_ids=[] Kinds Foo and Bar in all namespaces: - kinds=['Foo', 'Bar'], namespace_ids=[] Kinds Foo and Bar only in the - default namespace: kinds=['Foo', 'Bar'], namespace_ids=[''] Kinds Foo - and Bar in both the default and Baz namespaces: kinds=['Foo', 'Bar'], - namespace_ids=['', 'Baz'] The entire Baz namespace: kinds=[], - namespace_ids=['Baz'] + A (kind, ID/name) pair used to construct a key path. If either name or + ID is set, the element is complete. If neither is set, the element is + incomplete. type: object + id: PathElement + GqlQuery: properties: - kinds: - description: If empty, then this represents all kinds. - type: array - items: - type: string - namespaceIds: + namedBindings: + type: object + description: >- + For each non-reserved named binding site in the query string, there + must be a named parameter with that name, but not necessarily the + inverse. Key must match regex `A-Za-z_$*`, must not match regex + `__.*__`, and must not be `""`. + additionalProperties: + $ref: '#/components/schemas/GqlQueryParameter' + allowLiterals: + type: boolean description: >- - An empty list represents all namespaces. This is the preferred usage - for projects that don't use namespaces. An empty string element - represents the default namespace. This should be used if the project - has data in non-default namespaces, but doesn't want to include - them. Each namespace in this list must be unique. + When false, the query string must not contain any literals and + instead must bind all values. For example, `SELECT * FROM Kind WHERE + a = 'string literal'` is not allowed, while `SELECT * FROM Kind + WHERE a = @value` is. + positionalBindings: + description: >- + Numbered binding site @1 references the first numbered parameter, + effectively using 1-based indexing, rather than the usual 0. For + each binding site numbered i in `query_string`, there must be an + i-th numbered parameter. The inverse must also be true. type: array items: - type: string - GoogleDatastoreAdminV1beta1ExportEntitiesResponse: - id: GoogleDatastoreAdminV1beta1ExportEntitiesResponse + $ref: '#/components/schemas/GqlQueryParameter' + queryString: + type: string + description: >- + A string of the format described + [here](https://cloud.google.com/datastore/docs/apis/gql/gql_reference). + id: GqlQuery description: >- - The response for - google.datastore.admin.v1beta1.DatastoreAdmin.ExportEntities. + A [GQL + query](https://cloud.google.com/datastore/docs/apis/gql/gql_reference). type: object - properties: - outputUrl: - description: >- - Location of the output metadata file. This can be used to begin an - import into Cloud Datastore (this project or another project). See - google.datastore.admin.v1beta1.ImportEntitiesRequest.input_url. Only - present if the operation completed successfully. - type: string - GoogleDatastoreAdminV1beta1ImportEntitiesMetadata: - id: GoogleDatastoreAdminV1beta1ImportEntitiesMetadata - description: Metadata for ImportEntities operations. + GoogleDatastoreAdminV1IndexedProperty: + description: A property of an index. type: object + id: GoogleDatastoreAdminV1IndexedProperty properties: - common: - description: Metadata common to all Datastore Admin operations. - $ref: '#/components/schemas/GoogleDatastoreAdminV1beta1CommonMetadata' - progressEntities: - description: An estimate of the number of entities processed. - $ref: '#/components/schemas/GoogleDatastoreAdminV1beta1Progress' - progressBytes: - description: An estimate of the number of bytes processed. - $ref: '#/components/schemas/GoogleDatastoreAdminV1beta1Progress' - entityFilter: - description: Description of which entities are being imported. - $ref: '#/components/schemas/GoogleDatastoreAdminV1beta1EntityFilter' - inputUrl: - description: >- - The location of the import metadata file. This will be the same - value as the - google.datastore.admin.v1beta1.ExportEntitiesResponse.output_url - field. + name: type: string - GoogleDatastoreAdminV1ExportEntitiesMetadata: - id: GoogleDatastoreAdminV1ExportEntitiesMetadata - description: Metadata for ExportEntities operations. - type: object - properties: - common: - description: Metadata common to all Datastore Admin operations. - $ref: '#/components/schemas/GoogleDatastoreAdminV1CommonMetadata' - progressEntities: - description: An estimate of the number of entities processed. - $ref: '#/components/schemas/GoogleDatastoreAdminV1Progress' - progressBytes: - description: An estimate of the number of bytes processed. - $ref: '#/components/schemas/GoogleDatastoreAdminV1Progress' - entityFilter: - description: Description of which entities are being exported. - $ref: '#/components/schemas/GoogleDatastoreAdminV1EntityFilter' - outputUrlPrefix: + description: Required. The property name to index. + direction: description: >- - Location for the export metadata and data files. This will be the - same value as the - google.datastore.admin.v1.ExportEntitiesRequest.output_url_prefix - field. The final output location is provided in - google.datastore.admin.v1.ExportEntitiesResponse.output_url. + Required. The indexed property's direction. Must not be + DIRECTION_UNSPECIFIED. + enumDescriptions: + - The direction is unspecified. + - >- + The property's values are indexed so as to support sequencing in + ascending order and also query by <, >, <=, >=, and =. + - >- + The property's values are indexed so as to support sequencing in + descending order and also query by <, >, <=, >=, and =. + enum: + - DIRECTION_UNSPECIFIED + - ASCENDING + - DESCENDING type: string - GoogleDatastoreAdminV1CommonMetadata: - id: GoogleDatastoreAdminV1CommonMetadata - description: Metadata common to all Datastore Admin operations. - type: object + Mutation: properties: - startTime: - description: The time that work began on the operation. + insert: + description: >- + The entity to insert. The entity must not already exist. The entity + key's final path element may be incomplete. + $ref: '#/components/schemas/Entity' + delete: + description: >- + The key of the entity to delete. The entity may or may not already + exist. Must have a complete key path and must not be + reserved/read-only. + $ref: '#/components/schemas/Key' + baseVersion: + description: >- + The version of the entity that this mutation is being applied to. If + this does not match the current version on the server, the mutation + conflicts. + format: int64 type: string + updateTime: format: google-datetime - endTime: - description: The time the operation ended, either successfully or otherwise. + description: >- + The update time of the entity that this mutation is being applied + to. If this does not match the current update time on the server, + the mutation conflicts. type: string - format: google-datetime - operationType: + upsert: description: >- - The type of the operation. Can be used as a filter in - ListOperationsRequest. + The entity to upsert. The entity may or may not already exist. The + entity key's final path element may be incomplete. + $ref: '#/components/schemas/Entity' + update: + description: >- + The entity to update. The entity must already exist. Must have a + complete key path. + $ref: '#/components/schemas/Entity' + propertyMask: + description: >- + The properties to write in this mutation. None of the properties in + the mask may have a reserved name, except for `__key__`. This field + is ignored for `delete`. If the entity already exists, only + properties referenced in the mask are updated, others are left + untouched. Properties referenced in the mask but not in the entity + are deleted. + $ref: '#/components/schemas/PropertyMask' + propertyTransforms: + description: >- + Optional. The transforms to perform on the entity. This field can be + set only when the operation is `insert`, `update`, or `upsert`. If + present, the transforms are be applied to the entity regardless of + the property mask, in order, after the operation. + type: array + items: + $ref: '#/components/schemas/PropertyTransform' + conflictResolutionStrategy: type: string + description: >- + The strategy to use when a conflict is detected. Defaults to + `SERVER_VALUE`. If this is set, then `conflict_detection_strategy` + must also be set. enumDescriptions: - - Unspecified. - - ExportEntities. - - ImportEntities. - - CreateIndex. - - DeleteIndex. + - Unspecified. Defaults to `SERVER_VALUE`. + - The server entity is kept. + - The whole commit request fails. enum: - - OPERATION_TYPE_UNSPECIFIED - - EXPORT_ENTITIES - - IMPORT_ENTITIES - - CREATE_INDEX - - DELETE_INDEX - labels: + - STRATEGY_UNSPECIFIED + - SERVER_VALUE + - FAIL + description: A mutation to apply to an entity. + id: Mutation + type: object + PlanSummary: + id: PlanSummary + type: object + description: Planning phase information for the query. + properties: + indexesUsed: + type: array description: >- - The client-assigned labels which were provided when the operation - was created. May also include additional labels. - type: object - additionalProperties: - type: string - state: - description: The current state of the Operation. - type: string + The indexes selected for the query. For example: [ {"query_scope": + "Collection", "properties": "(foo ASC, __name__ ASC)"}, + {"query_scope": "Collection", "properties": "(bar ASC, __name__ + ASC)"} ] + items: + additionalProperties: + description: Properties of the object. + type: any + type: object + GoogleDatastoreAdminV1PrepareStepDetails: + properties: + concurrencyMode: + description: >- + The concurrency mode this database will use when it reaches the + `REDIRECT_WRITES` step. enumDescriptions: - Unspecified. - - Request is being prepared for processing. - - Request is actively being processed. - - >- - Request is in the process of being cancelled after user called - google.longrunning.Operations.CancelOperation on the operation. - - Request has been processed and is in its finalization stage. - - Request has completed successfully. - - Request has finished being processed, but encountered an error. - - >- - Request has finished being cancelled after user called - google.longrunning.Operations.CancelOperation. + - Pessimistic concurrency. + - Optimistic concurrency. + - Optimistic concurrency with entity groups. enum: - - STATE_UNSPECIFIED - - INITIALIZING - - PROCESSING - - CANCELLING - - FINALIZING - - SUCCESSFUL - - FAILED - - CANCELLED - GoogleDatastoreAdminV1Progress: - id: GoogleDatastoreAdminV1Progress - description: Measures the progress of a particular metric. + - CONCURRENCY_MODE_UNSPECIFIED + - PESSIMISTIC + - OPTIMISTIC + - OPTIMISTIC_WITH_ENTITY_GROUPS + type: string + id: GoogleDatastoreAdminV1PrepareStepDetails + description: Details for the `PREPARE` step. + type: object + EntityResult: + description: The result of fetching an entity from Datastore. type: object + id: EntityResult properties: - workCompleted: + entity: + description: The resulting entity. + $ref: '#/components/schemas/Entity' + cursor: + format: byte + type: string description: >- - The amount of work that has been completed. Note that this may be - greater than work_estimated. + A cursor that points to the position after the result entity. Set + only when the `EntityResult` is part of a `QueryResultBatch` + message. + updateTime: type: string - format: int64 - workEstimated: + format: google-datetime description: >- - An estimate of how much work needs to be performed. May be zero if - the work estimate is unavailable. + The time at which the entity was last changed. This field is set for + `FULL` entity results. If this entity is missing, this field will + not be set. + createTime: type: string - format: int64 - GoogleDatastoreAdminV1ExportEntitiesResponse: - id: GoogleDatastoreAdminV1ExportEntitiesResponse - description: >- - The response for - google.datastore.admin.v1.DatastoreAdmin.ExportEntities. - type: object - properties: - outputUrl: description: >- - Location of the output metadata file. This can be used to begin an - import into Cloud Datastore (this project or another project). See - google.datastore.admin.v1.ImportEntitiesRequest.input_url. Only - present if the operation completed successfully. + The time at which the entity was created. This field is set for + `FULL` entity results. If this entity is missing, this field will + not be set. + format: google-datetime + version: + description: >- + The version of the entity, a strictly positive number that + monotonically increases with changes to the entity. This field is + set for `FULL` entity results. For missing entities in + `LookupResponse`, this is the version of the snapshot that was used + to look up the entity, and it is always set except for eventually + consistent reads. + format: int64 type: string GoogleDatastoreAdminV1ImportEntitiesMetadata: id: GoogleDatastoreAdminV1ImportEntitiesMetadata - description: Metadata for ImportEntities operations. type: object properties: - common: - description: Metadata common to all Datastore Admin operations. - $ref: '#/components/schemas/GoogleDatastoreAdminV1CommonMetadata' - progressEntities: - description: An estimate of the number of entities processed. - $ref: '#/components/schemas/GoogleDatastoreAdminV1Progress' - progressBytes: - description: An estimate of the number of bytes processed. - $ref: '#/components/schemas/GoogleDatastoreAdminV1Progress' - entityFilter: - description: Description of which entities are being imported. - $ref: '#/components/schemas/GoogleDatastoreAdminV1EntityFilter' inputUrl: + type: string description: >- The location of the import metadata file. This will be the same value as the google.datastore.admin.v1.ExportEntitiesResponse.output_url field. - type: string - GoogleDatastoreAdminV1IndexOperationMetadata: - id: GoogleDatastoreAdminV1IndexOperationMetadata - description: Metadata for Index operations. - type: object - properties: common: - description: Metadata common to all Datastore Admin operations. $ref: '#/components/schemas/GoogleDatastoreAdminV1CommonMetadata' + description: Metadata common to all Datastore Admin operations. + entityFilter: + $ref: '#/components/schemas/GoogleDatastoreAdminV1EntityFilter' + description: Description of which entities are being imported. progressEntities: + $ref: '#/components/schemas/GoogleDatastoreAdminV1Progress' description: An estimate of the number of entities processed. + progressBytes: + description: An estimate of the number of bytes processed. $ref: '#/components/schemas/GoogleDatastoreAdminV1Progress' - indexId: - description: The index resource ID that this operation is acting on. - type: string - GoogleDatastoreAdminV1DatastoreFirestoreMigrationMetadata: - id: GoogleDatastoreAdminV1DatastoreFirestoreMigrationMetadata - description: >- - Metadata for Datastore to Firestore migration operations. The - DatastoreFirestoreMigration operation is not started by the end-user via - an explicit "creation" method. This is an intentional deviation from the - LRO design pattern. This singleton resource can be accessed at: - "projects/{project_id}/operations/datastore-firestore-migration" - type: object + description: Metadata for ImportEntities operations. + GoogleDatastoreAdminV1CommonMetadata: properties: - migrationState: - description: >- - The current state of migration from Cloud Datastore to Cloud - Firestore in Datastore mode. + operationType: type: string - enumDescriptions: - - Unspecified. - - The migration is running. - - The migration is paused. - - The migration is complete. enum: - - MIGRATION_STATE_UNSPECIFIED - - RUNNING - - PAUSED - - COMPLETE - migrationStep: + - OPERATION_TYPE_UNSPECIFIED + - EXPORT_ENTITIES + - IMPORT_ENTITIES + - CREATE_INDEX + - DELETE_INDEX description: >- - The current step of migration from Cloud Datastore to Cloud - Firestore in Datastore mode. - type: string + The type of the operation. Can be used as a filter in + ListOperationsRequest. enumDescriptions: - Unspecified. - - 'Pre-migration: the database is prepared for migration.' - - Start of migration. - - Writes are applied synchronously to at least one replica. - - >- - Data is copied to Cloud Firestore and then verified to match the - data in Cloud Datastore. - - Eventually-consistent reads are redirected to Cloud Firestore. - - Strongly-consistent reads are redirected to Cloud Firestore. - - Writes are redirected to Cloud Firestore. - enum: - - MIGRATION_STEP_UNSPECIFIED - - PREPARE - - START - - APPLY_WRITES_SYNCHRONOUSLY - - COPY_AND_VERIFY - - REDIRECT_EVENTUALLY_CONSISTENT_READS - - REDIRECT_STRONGLY_CONSISTENT_READS - - REDIRECT_WRITES - GoogleDatastoreAdminV1MigrationProgressEvent: - id: GoogleDatastoreAdminV1MigrationProgressEvent - description: >- - An event signifying the start of a new step in a [migration from Cloud - Datastore to Cloud Firestore in Datastore - mode](https://cloud.google.com/datastore/docs/upgrade-to-firestore). - type: object - properties: - step: - description: >- - The step that is starting. An event with step set to `START` - indicates that the migration has been reverted back to the initial - pre-migration state. + - ExportEntities. + - ImportEntities. + - CreateIndex. + - DeleteIndex. + startTime: + format: google-datetime + type: string + description: The time that work began on the operation. + state: type: string + enum: + - STATE_UNSPECIFIED + - INITIALIZING + - PROCESSING + - CANCELLING + - FINALIZING + - SUCCESSFUL + - FAILED + - CANCELLED enumDescriptions: - Unspecified. - - 'Pre-migration: the database is prepared for migration.' - - Start of migration. - - Writes are applied synchronously to at least one replica. + - Request is being prepared for processing. + - Request is actively being processed. - >- - Data is copied to Cloud Firestore and then verified to match the - data in Cloud Datastore. - - Eventually-consistent reads are redirected to Cloud Firestore. - - Strongly-consistent reads are redirected to Cloud Firestore. - - Writes are redirected to Cloud Firestore. - enum: - - MIGRATION_STEP_UNSPECIFIED - - PREPARE - - START - - APPLY_WRITES_SYNCHRONOUSLY - - COPY_AND_VERIFY - - REDIRECT_EVENTUALLY_CONSISTENT_READS - - REDIRECT_STRONGLY_CONSISTENT_READS - - REDIRECT_WRITES - prepareStepDetails: - description: Details for the `PREPARE` step. - $ref: '#/components/schemas/GoogleDatastoreAdminV1PrepareStepDetails' - redirectWritesStepDetails: - description: Details for the `REDIRECT_WRITES` step. - $ref: '#/components/schemas/GoogleDatastoreAdminV1RedirectWritesStepDetails' - GoogleDatastoreAdminV1PrepareStepDetails: - id: GoogleDatastoreAdminV1PrepareStepDetails - description: Details for the `PREPARE` step. + Request is in the process of being cancelled after user called + google.longrunning.Operations.CancelOperation on the operation. + - Request has been processed and is in its finalization stage. + - Request has completed successfully. + - Request has finished being processed, but encountered an error. + - >- + Request has finished being cancelled after user called + google.longrunning.Operations.CancelOperation. + description: The current state of the Operation. + endTime: + description: The time the operation ended, either successfully or otherwise. + type: string + format: google-datetime + labels: + additionalProperties: + type: string + description: >- + The client-assigned labels which were provided when the operation + was created. May also include additional labels. + type: object + id: GoogleDatastoreAdminV1CommonMetadata + description: Metadata common to all Datastore Admin operations. type: object + LookupResponse: properties: - concurrencyMode: + missing: + type: array description: >- - The concurrency mode this database will use when it reaches the - `REDIRECT_WRITES` step. + Entities not found as `ResultType.KEY_ONLY` entities. The order of + results in this field is undefined and has no relation to the order + of the keys in the input. + items: + $ref: '#/components/schemas/EntityResult' + readTime: + format: google-datetime type: string - enumDescriptions: - - Unspecified. - - Pessimistic concurrency. - - Optimistic concurrency. - - Optimistic concurrency with entity groups. - enum: - - CONCURRENCY_MODE_UNSPECIFIED - - PESSIMISTIC - - OPTIMISTIC - - OPTIMISTIC_WITH_ENTITY_GROUPS - GoogleDatastoreAdminV1RedirectWritesStepDetails: - id: GoogleDatastoreAdminV1RedirectWritesStepDetails - description: Details for the `REDIRECT_WRITES` step. + description: The time at which these entities were read or found missing. + deferred: + description: >- + A list of keys that were not looked up due to resource constraints. + The order of results in this field is undefined and has no relation + to the order of the keys in the input. + type: array + items: + $ref: '#/components/schemas/Key' + transaction: + type: string + description: >- + The identifier of the transaction that was started as part of this + Lookup request. Set only when ReadOptions.new_transaction was set in + LookupRequest.read_options. + format: byte + found: + description: >- + Entities found as `ResultType.FULL` entities. The order of results + in this field is undefined and has no relation to the order of the + keys in the input. + items: + $ref: '#/components/schemas/EntityResult' + type: array + type: object + id: LookupResponse + description: The response for Datastore.Lookup. + GoogleDatastoreAdminV1beta1CommonMetadata: + id: GoogleDatastoreAdminV1beta1CommonMetadata type: object + description: Metadata common to all Datastore Admin operations. properties: - concurrencyMode: - description: The concurrency mode for this database. + operationType: type: string enumDescriptions: - Unspecified. - - Pessimistic concurrency. - - Optimistic concurrency. - - Optimistic concurrency with entity groups. + - ExportEntities. + - ImportEntities. enum: - - CONCURRENCY_MODE_UNSPECIFIED - - PESSIMISTIC - - OPTIMISTIC - - OPTIMISTIC_WITH_ENTITY_GROUPS - GoogleDatastoreAdminV1MigrationStateEvent: - id: GoogleDatastoreAdminV1MigrationStateEvent - description: >- - An event signifying a change in state of a [migration from Cloud - Datastore to Cloud Firestore in Datastore - mode](https://cloud.google.com/datastore/docs/upgrade-to-firestore). - type: object - properties: + - OPERATION_TYPE_UNSPECIFIED + - EXPORT_ENTITIES + - IMPORT_ENTITIES + description: >- + The type of the operation. Can be used as a filter in + ListOperationsRequest. state: - description: The new state of the migration. + description: The current state of the Operation. type: string enumDescriptions: - Unspecified. - - The migration is running. - - The migration is paused. - - The migration is complete. + - Request is being prepared for processing. + - Request is actively being processed. + - >- + Request is in the process of being cancelled after user called + google.longrunning.Operations.CancelOperation on the operation. + - Request has been processed and is in its finalization stage. + - Request has completed successfully. + - Request has finished being processed, but encountered an error. + - >- + Request has finished being cancelled after user called + google.longrunning.Operations.CancelOperation. enum: - - MIGRATION_STATE_UNSPECIFIED - - RUNNING - - PAUSED - - COMPLETE + - STATE_UNSPECIFIED + - INITIALIZING + - PROCESSING + - CANCELLING + - FINALIZING + - SUCCESSFUL + - FAILED + - CANCELLED + labels: + additionalProperties: + type: string + type: object + description: >- + The client-assigned labels which were provided when the operation + was created. May also include additional labels. + endTime: + description: The time the operation ended, either successfully or otherwise. + format: google-datetime + type: string + startTime: + format: google-datetime + description: The time that work began on the operation. + type: string parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string alt: description: Data format for response. in: query @@ -2383,52 +2386,61 @@ components: - json - media - proto - callback: - description: JSONP + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: callback + name: prettyPrint + schema: + type: boolean + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv schema: type: string + enum: + - '1' + - '2' fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string - key: + quotaUser: description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: key + name: quotaUser schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + callback: + description: JSONP in: query - name: oauth_token + name: callback schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + access_token: + description: OAuth access token. in: query - name: prettyPrint + name: access_token schema: - type: boolean - quotaUser: + type: string + key: description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: quotaUser + name: key schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: upload_protocol + name: oauth_token schema: type: string uploadType: @@ -2437,87 +2449,53 @@ components: name: uploadType schema: type: string - _.xgafv: - description: V1 error format. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: $.xgafv + name: upload_protocol schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: - projects: - id: google.datastore.projects - name: projects - title: Projects + indexes: + id: google.datastore.indexes + name: indexes + title: Indexes methods: - export: - operation: - $ref: '#/paths/~1v1~1projects~1{projectId}:export/post' - response: - mediaType: application/json - openAPIDocKey: '200' - import: - operation: - $ref: '#/paths/~1v1~1projects~1{projectId}:import/post' - response: - mediaType: application/json - openAPIDocKey: '200' - lookup: - operation: - $ref: '#/paths/~1v1~1projects~1{projectId}:lookup/post' - response: - mediaType: application/json - openAPIDocKey: '200' - run_query: - operation: - $ref: '#/paths/~1v1~1projects~1{projectId}:runQuery/post' - response: - mediaType: application/json - openAPIDocKey: '200' - run_aggregation_query: - operation: - $ref: '#/paths/~1v1~1projects~1{projectId}:runAggregationQuery/post' - response: - mediaType: application/json - openAPIDocKey: '200' - begin_transaction: - operation: - $ref: '#/paths/~1v1~1projects~1{projectId}:beginTransaction/post' - response: - mediaType: application/json - openAPIDocKey: '200' - commit: + delete: operation: - $ref: '#/paths/~1v1~1projects~1{projectId}:commit/post' + $ref: '#/paths/~1v1~1projects~1{projectId}~1indexes~1{indexId}/delete' response: mediaType: application/json openAPIDocKey: '200' - rollback: + get: operation: - $ref: '#/paths/~1v1~1projects~1{projectId}:rollback/post' + $ref: '#/paths/~1v1~1projects~1{projectId}~1indexes~1{indexId}/get' response: mediaType: application/json openAPIDocKey: '200' - allocate_ids: + list: operation: - $ref: '#/paths/~1v1~1projects~1{projectId}:allocateIds/post' + $ref: '#/paths/~1v1~1projects~1{projectId}~1indexes/get' response: mediaType: application/json openAPIDocKey: '200' - reserve_ids: + objectKey: $.indexes + create: operation: - $ref: '#/paths/~1v1~1projects~1{projectId}:reserveIds/post' + $ref: '#/paths/~1v1~1projects~1{projectId}~1indexes/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] - insert: [] + select: + - $ref: '#/components/x-stackQL-resources/indexes/methods/get' + - $ref: '#/components/x-stackQL-resources/indexes/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/indexes/methods/create' update: [] replace: [] - delete: [] + delete: + - $ref: '#/components/x-stackQL-resources/indexes/methods/delete' operations: id: google.datastore.operations name: operations @@ -2560,76 +2538,101 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - indexes: - id: google.datastore.indexes - name: indexes - title: Indexes + projects: + id: google.datastore.projects + name: projects + title: Projects methods: - create: + export: + operation: + $ref: '#/paths/~1v1~1projects~1{projectId}:export/post' + response: + mediaType: application/json + openAPIDocKey: '200' + run_aggregation_query: + operation: + $ref: '#/paths/~1v1~1projects~1{projectId}:runAggregationQuery/post' + response: + mediaType: application/json + openAPIDocKey: '200' + begin_transaction: + operation: + $ref: '#/paths/~1v1~1projects~1{projectId}:beginTransaction/post' + response: + mediaType: application/json + openAPIDocKey: '200' + import: + operation: + $ref: '#/paths/~1v1~1projects~1{projectId}:import/post' + response: + mediaType: application/json + openAPIDocKey: '200' + allocate_ids: operation: - $ref: '#/paths/~1v1~1projects~1{projectId}~1indexes/post' + $ref: '#/paths/~1v1~1projects~1{projectId}:allocateIds/post' response: mediaType: application/json openAPIDocKey: '200' - list: + lookup: operation: - $ref: '#/paths/~1v1~1projects~1{projectId}~1indexes/get' + $ref: '#/paths/~1v1~1projects~1{projectId}:lookup/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.indexes - delete: + reserve_ids: operation: - $ref: '#/paths/~1v1~1projects~1{projectId}~1indexes~1{indexId}/delete' + $ref: '#/paths/~1v1~1projects~1{projectId}:reserveIds/post' response: mediaType: application/json openAPIDocKey: '200' - get: + rollback: operation: - $ref: '#/paths/~1v1~1projects~1{projectId}~1indexes~1{indexId}/get' + $ref: '#/paths/~1v1~1projects~1{projectId}:rollback/post' + response: + mediaType: application/json + openAPIDocKey: '200' + run_query: + operation: + $ref: '#/paths/~1v1~1projects~1{projectId}:runQuery/post' + response: + mediaType: application/json + openAPIDocKey: '200' + commit: + operation: + $ref: '#/paths/~1v1~1projects~1{projectId}:commit/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/indexes/methods/get' - - $ref: '#/components/x-stackQL-resources/indexes/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/indexes/methods/create' + select: [] + insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/indexes/methods/delete' + delete: [] paths: - /v1/projects/{projectId}:export: + /v1/projects/{projectId}/indexes/{indexId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - post: + - $ref: '#/components/parameters/upload_protocol' + delete: description: >- - Exports a copy of all or a subset of entities from Google Cloud - Datastore to another storage system, such as Google Cloud Storage. - Recent updates to entities may not be reflected in the export. The - export occurs in the background and its progress can be monitored and - managed via the Operation resource that is created. The output of an - export may only be used once the associated operation is done. If an - export operation is cancelled before completion it may leave partial - data behind in Google Cloud Storage. - operationId: datastore.projects.export - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleDatastoreAdminV1ExportEntitiesRequest' + Deletes an existing index. An index can only be deleted if it is in a + `READY` or `ERROR` state. On successful execution of the request, the + index will be in a `DELETING` state. And on completion of the returned + google.longrunning.Operation, the index will be removed. During index + deletion, the process could result in an error, in which case the index + will move to the `ERROR` state. The process can be recovered by fixing + the data that caused the error, followed by calling delete again. + operationId: datastore.projects.indexes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2652,21 +2655,14 @@ paths: required: true schema: type: string - /v1/projects/{projectId}:import: - parameters: *ref_1 - post: - description: >- - Imports entities into Google Cloud Datastore. Existing entities with the - same key are overwritten. The import occurs in the background and its - progress can be monitored and managed via the Operation resource that is - created. If an ImportEntities operation is cancelled, it is possible - that a subset of the data has already been imported to Cloud Datastore. - operationId: datastore.projects.import - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleDatastoreAdminV1ImportEntitiesRequest' + - in: path + name: indexId + required: true + schema: + type: string + get: + description: Gets an index. + operationId: datastore.projects.indexes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2682,23 +2678,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleDatastoreAdminV1Index' parameters: - in: path name: projectId required: true schema: type: string - /v1/projects/{projectId}:lookup: + - in: path + name: indexId + required: true + schema: + type: string + /v1/projects/{projectId}/indexes: parameters: *ref_1 - post: - description: Looks up entities by key. - operationId: datastore.projects.lookup - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LookupRequest' + get: + description: >- + Lists the indexes that match the specified filters. Datastore uses an + eventually consistent query to fetch the list of indexes and may + occasionally return stale results. + operationId: datastore.projects.indexes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2714,23 +2713,42 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LookupResponse' + $ref: '#/components/schemas/GoogleDatastoreAdminV1ListIndexesResponse' parameters: - in: path name: projectId required: true schema: type: string - /v1/projects/{projectId}:runQuery: - parameters: *ref_1 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 post: - description: Queries for entities. - operationId: datastore.projects.runQuery + description: >- + Creates the specified index. A newly created index's initial state is + `CREATING`. On completion of the returned google.longrunning.Operation, + the state will be `READY`. If the index already exists, the call will + return an `ALREADY_EXISTS` status. During index creation, the process + could result in an error, in which case the index will move to the + `ERROR` state. The process can be recovered by fixing the data that + caused the error, removing the index with delete, then re-creating the + index with create. Indexes with a single property cannot be created. + operationId: datastore.projects.indexes.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/RunQueryRequest' + $ref: '#/components/schemas/GoogleDatastoreAdminV1Index' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2746,23 +2764,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RunQueryResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectId required: true schema: type: string - /v1/projects/{projectId}:runAggregationQuery: + /v1/projects/{projectsId}/operations: parameters: *ref_1 - post: - description: Runs an aggregation query. - operationId: datastore.projects.runAggregationQuery - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RunAggregationQueryRequest' + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: datastore.projects.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2778,23 +2793,38 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RunAggregationQueryResponse' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path - name: projectId + name: projectsId required: true schema: type: string - /v1/projects/{projectId}:beginTransaction: + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Begins a new transaction. - operationId: datastore.projects.beginTransaction - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BeginTransactionRequest' + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: datastore.projects.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2810,25 +2840,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BeginTransactionResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: projectId + name: projectsId required: true schema: type: string - /v1/projects/{projectId}:commit: - parameters: *ref_1 - post: + - in: path + name: operationsId + required: true + schema: + type: string + delete: description: >- - Commits a transaction, optionally creating, deleting or modifying some - entities. - operationId: datastore.projects.commit - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CommitRequest' + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: datastore.projects.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2844,23 +2874,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CommitResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectId + name: projectsId required: true schema: type: string - /v1/projects/{projectId}:rollback: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: - description: Rolls back a transaction. - operationId: datastore.projects.rollback - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RollbackRequest' + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: datastore.projects.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2876,25 +2915,36 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RollbackResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectId + name: projectsId required: true schema: type: string - /v1/projects/{projectId}:allocateIds: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectId}:export: parameters: *ref_1 post: description: >- - Allocates IDs for the given keys, which is useful for referencing an - entity before it is inserted. - operationId: datastore.projects.allocateIds + Exports a copy of all or a subset of entities from Google Cloud + Datastore to another storage system, such as Google Cloud Storage. + Recent updates to entities may not be reflected in the export. The + export occurs in the background and its progress can be monitored and + managed via the Operation resource that is created. The output of an + export may only be used once the associated operation is done. If an + export operation is cancelled before completion it may leave partial + data behind in Google Cloud Storage. + operationId: datastore.projects.export requestBody: content: application/json: schema: - $ref: '#/components/schemas/AllocateIdsRequest' + $ref: '#/components/schemas/GoogleDatastoreAdminV1ExportEntitiesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2910,25 +2960,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AllocateIdsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectId required: true schema: type: string - /v1/projects/{projectId}:reserveIds: + /v1/projects/{projectId}:runAggregationQuery: parameters: *ref_1 post: - description: >- - Prevents the supplied keys' IDs from being auto-allocated by Cloud - Datastore. - operationId: datastore.projects.reserveIds + description: Runs an aggregation query. + operationId: datastore.projects.runAggregationQuery requestBody: content: application/json: schema: - $ref: '#/components/schemas/ReserveIdsRequest' + $ref: '#/components/schemas/RunAggregationQueryRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2944,20 +2992,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ReserveIdsResponse' + $ref: '#/components/schemas/RunAggregationQueryResponse' parameters: - in: path name: projectId required: true schema: type: string - /v1/projects/{projectsId}/operations: + /v1/projects/{projectId}:beginTransaction: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: datastore.projects.operations.list + post: + description: Begins a new transaction. + operationId: datastore.projects.beginTransaction + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BeginTransactionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2973,34 +3024,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/BeginTransactionResponse' parameters: - in: path - name: projectsId + name: projectId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/operations/{operationsId}: + /v1/projects/{projectId}:import: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: datastore.projects.operations.get + Imports entities into Google Cloud Datastore. Existing entities with the + same key are overwritten. The import occurs in the background and its + progress can be monitored and managed via the Operation resource that is + created. If an ImportEntities operation is cancelled, it is possible + that a subset of the data has already been imported to Cloud Datastore. + operationId: datastore.projects.import + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleDatastoreAdminV1ImportEntitiesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3019,22 +3064,22 @@ paths: $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: operationsId + name: projectId required: true schema: type: string - delete: + /v1/projects/{projectId}:allocateIds: + parameters: *ref_1 + post: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: datastore.projects.operations.delete + Allocates IDs for the given keys, which is useful for referencing an + entity before it is inserted. + operationId: datastore.projects.allocateIds + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AllocateIdsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3050,32 +3095,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/AllocateIdsResponse' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: operationsId + name: projectId required: true schema: type: string - /v1/projects/{projectsId}/operations/{operationsId}:cancel: + /v1/projects/{projectId}:lookup: parameters: *ref_1 post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: datastore.projects.operations.cancel + description: Looks up entities by key. + operationId: datastore.projects.lookup + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LookupRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3091,36 +3127,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/LookupResponse' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: operationsId + name: projectId required: true schema: type: string - /v1/projects/{projectId}/indexes: + /v1/projects/{projectId}:reserveIds: parameters: *ref_1 post: description: >- - Creates the specified index. A newly created index's initial state is - `CREATING`. On completion of the returned google.longrunning.Operation, - the state will be `READY`. If the index already exists, the call will - return an `ALREADY_EXISTS` status. During index creation, the process - could result in an error, in which case the index will move to the - `ERROR` state. The process can be recovered by fixing the data that - caused the error, removing the index with delete, then re-creating the - index with create. Indexes with a single property cannot be created. - operationId: datastore.projects.indexes.create + Prevents the supplied keys' IDs from being auto-allocated by Cloud + Datastore. + operationId: datastore.projects.reserveIds requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleDatastoreAdminV1Index' + $ref: '#/components/schemas/ReserveIdsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3136,19 +3161,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/ReserveIdsResponse' parameters: - in: path name: projectId required: true schema: type: string - get: - description: >- - Lists the indexes that match the specified filters. Datastore uses an - eventually consistent query to fetch the list of indexes and may - occasionally return stale results. - operationId: datastore.projects.indexes.list + /v1/projects/{projectId}:rollback: + parameters: *ref_1 + post: + description: Rolls back a transaction. + operationId: datastore.projects.rollback + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RollbackRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3164,38 +3193,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleDatastoreAdminV1ListIndexesResponse' + $ref: '#/components/schemas/RollbackResponse' parameters: - in: path name: projectId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectId}/indexes/{indexId}: + /v1/projects/{projectId}:runQuery: parameters: *ref_1 - delete: - description: >- - Deletes an existing index. An index can only be deleted if it is in a - `READY` or `ERROR` state. On successful execution of the request, the - index will be in a `DELETING` state. And on completion of the returned - google.longrunning.Operation, the index will be removed. During index - deletion, the process could result in an error, in which case the index - will move to the `ERROR` state. The process can be recovered by fixing - the data that caused the error, followed by calling delete again. - operationId: datastore.projects.indexes.delete + post: + description: Queries for entities. + operationId: datastore.projects.runQuery + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RunQueryRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3211,21 +3225,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/RunQueryResponse' parameters: - in: path name: projectId required: true schema: type: string - - in: path - name: indexId - required: true - schema: - type: string - get: - description: Gets an index. - operationId: datastore.projects.indexes.get + /v1/projects/{projectId}:commit: + parameters: *ref_1 + post: + description: >- + Commits a transaction, optionally creating, deleting or modifying some + entities. + operationId: datastore.projects.commit + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CommitRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3241,15 +3259,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleDatastoreAdminV1Index' + $ref: '#/components/schemas/CommitResponse' parameters: - in: path name: projectId required: true schema: type: string - - in: path - name: indexId - required: true - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/datastream.yaml b/providers/src/googleapis.com/v00.00.00000/services/datastream.yaml index d80bf12c..e0ca8030 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/datastream.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/datastream.yaml @@ -7,8 +7,8 @@ info: title: Datastream API description: '' version: v1 - x-discovery-doc-revision: '20250820' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251112' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/datastream/ servers: @@ -49,6 +49,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -1391,6 +1400,11 @@ components: description: Output only. Reserved for future use. readOnly: true type: boolean + ruleSets: + description: Optional. Rule sets to apply to the stream. + type: array + items: + $ref: '#/components/schemas/RuleSet' SourceConfig: id: SourceConfig description: The configuration of the stream source. @@ -1638,6 +1652,17 @@ components: set to 0), the system's default value is used type: integer format: int32 + jsonMode: + description: Optional. MongoDB JSON mode to use for the stream. + type: string + enumDescriptions: + - Unspecified JSON mode. + - Strict JSON mode. + - Canonical JSON mode. + enum: + - MONGODB_JSON_MODE_UNSPECIFIED + - STRICT + - CANONICAL DestinationConfig: id: DestinationConfig description: The configuration of the stream destination. @@ -1897,6 +1922,222 @@ components: type: object additionalProperties: type: string + RuleSet: + id: RuleSet + description: A set of rules to apply to a set of objects. + type: object + properties: + customizationRules: + description: Required. List of customization rules to apply. + type: array + items: + $ref: '#/components/schemas/CustomizationRule' + objectFilter: + description: Required. Object filter to apply the customization rules to. + $ref: '#/components/schemas/ObjectFilter' + CustomizationRule: + id: CustomizationRule + description: A customization rule to apply to a set of objects. + type: object + properties: + bigqueryPartitioning: + description: BigQuery partitioning rule. + $ref: '#/components/schemas/BigQueryPartitioning' + bigqueryClustering: + description: BigQuery clustering rule. + $ref: '#/components/schemas/BigQueryClustering' + BigQueryPartitioning: + id: BigQueryPartitioning + description: BigQuery partitioning configuration. + type: object + properties: + integerRangePartition: + description: Integer range partitioning. + $ref: '#/components/schemas/IntegerRangePartition' + timeUnitPartition: + description: Time unit column partitioning. + $ref: '#/components/schemas/TimeUnitPartition' + ingestionTimePartition: + description: Ingestion time partitioning. + $ref: '#/components/schemas/IngestionTimePartition' + requirePartitionFilter: + description: >- + Optional. If true, queries over the table require a partition + filter. + type: boolean + IntegerRangePartition: + id: IntegerRangePartition + description: >- + Integer range partitioning. see + https://cloud.google.com/bigquery/docs/partitioned-tables#integer_range + type: object + properties: + column: + description: Required. The partitioning column. + type: string + start: + description: Required. The starting value for range partitioning (inclusive). + type: string + format: int64 + end: + description: Required. The ending value for range partitioning (exclusive). + type: string + format: int64 + interval: + description: Required. The interval of each range within the partition. + type: string + format: int64 + TimeUnitPartition: + id: TimeUnitPartition + description: >- + Time unit column partitioning. see + https://cloud.google.com/bigquery/docs/partitioned-tables#date_timestamp_partitioned_tables + type: object + properties: + column: + description: Required. The partitioning column. + type: string + partitioningTimeGranularity: + description: Optional. Partition granularity. + type: string + enumDescriptions: + - Unspecified partitioing interval. + - Hourly partitioning. + - Daily partitioning. + - Monthly partitioning. + - Yearly partitioning. + enum: + - PARTITIONING_TIME_GRANULARITY_UNSPECIFIED + - PARTITIONING_TIME_GRANULARITY_HOUR + - PARTITIONING_TIME_GRANULARITY_DAY + - PARTITIONING_TIME_GRANULARITY_MONTH + - PARTITIONING_TIME_GRANULARITY_YEAR + IngestionTimePartition: + id: IngestionTimePartition + description: >- + Ingestion time partitioning. see + https://cloud.google.com/bigquery/docs/partitioned-tables#ingestion_time + type: object + properties: + partitioningTimeGranularity: + description: Optional. Partition granularity + type: string + enumDescriptions: + - Unspecified partitioing interval. + - Hourly partitioning. + - Daily partitioning. + - Monthly partitioning. + - Yearly partitioning. + enum: + - PARTITIONING_TIME_GRANULARITY_UNSPECIFIED + - PARTITIONING_TIME_GRANULARITY_HOUR + - PARTITIONING_TIME_GRANULARITY_DAY + - PARTITIONING_TIME_GRANULARITY_MONTH + - PARTITIONING_TIME_GRANULARITY_YEAR + BigQueryClustering: + id: BigQueryClustering + description: BigQuery clustering configuration. + type: object + properties: + columns: + description: Required. Column names to set as clustering columns. + type: array + items: + type: string + ObjectFilter: + id: ObjectFilter + description: Object filter to apply the rules to. + type: object + properties: + sourceObjectIdentifier: + description: Specific source object identifier. + $ref: '#/components/schemas/SourceObjectIdentifier' + SourceObjectIdentifier: + id: SourceObjectIdentifier + description: Represents an identifier of an object in the data source. + type: object + properties: + oracleIdentifier: + description: Oracle data source object identifier. + $ref: '#/components/schemas/OracleObjectIdentifier' + mysqlIdentifier: + description: Mysql data source object identifier. + $ref: '#/components/schemas/MysqlObjectIdentifier' + postgresqlIdentifier: + description: PostgreSQL data source object identifier. + $ref: '#/components/schemas/PostgresqlObjectIdentifier' + sqlServerIdentifier: + description: SQLServer data source object identifier. + $ref: '#/components/schemas/SqlServerObjectIdentifier' + salesforceIdentifier: + description: Salesforce data source object identifier. + $ref: '#/components/schemas/SalesforceObjectIdentifier' + mongodbIdentifier: + description: MongoDB data source object identifier. + $ref: '#/components/schemas/MongodbObjectIdentifier' + OracleObjectIdentifier: + id: OracleObjectIdentifier + description: Oracle data source object identifier. + type: object + properties: + schema: + description: Required. The schema name. + type: string + table: + description: Required. The table name. + type: string + MysqlObjectIdentifier: + id: MysqlObjectIdentifier + description: Mysql data source object identifier. + type: object + properties: + database: + description: Required. The database name. + type: string + table: + description: Required. The table name. + type: string + PostgresqlObjectIdentifier: + id: PostgresqlObjectIdentifier + description: PostgreSQL data source object identifier. + type: object + properties: + schema: + description: Required. The schema name. + type: string + table: + description: Required. The table name. + type: string + SqlServerObjectIdentifier: + id: SqlServerObjectIdentifier + description: SQLServer data source object identifier. + type: object + properties: + schema: + description: Required. The schema name. + type: string + table: + description: Required. The table name. + type: string + SalesforceObjectIdentifier: + id: SalesforceObjectIdentifier + description: Salesforce data source object identifier. + type: object + properties: + objectName: + description: Required. The object name. + type: string + MongodbObjectIdentifier: + id: MongodbObjectIdentifier + description: MongoDB data source object identifier. + type: object + properties: + database: + description: Required. The database name. + type: string + collection: + description: Required. The collection name. + type: string RunStreamRequest: id: RunStreamRequest description: Request message for running a stream. @@ -1961,6 +2202,9 @@ components: mysqlGtidPosition: description: MySQL GTID set to start replicating from. $ref: '#/components/schemas/MysqlGtidPosition' + mongodbChangeStreamPosition: + description: MongoDB change stream position to start replicating from. + $ref: '#/components/schemas/MongodbChangeStreamPosition' MysqlLogPosition: id: MysqlLogPosition description: MySQL log position @@ -2000,6 +2244,15 @@ components: gtidSet: description: Required. The gtid set to start replication from. type: string + MongodbChangeStreamPosition: + id: MongodbChangeStreamPosition + description: MongoDB change stream position + type: object + properties: + startTime: + description: Required. The timestamp to start change stream from. + type: string + format: google-datetime StreamObject: id: StreamObject description: A specific stream object (e.g a specific DB table). @@ -2034,6 +2287,15 @@ components: sourceObject: description: The object identifier in the data source. $ref: '#/components/schemas/SourceObjectIdentifier' + customizationRules: + description: >- + Output only. The customization rules for the object. These rules are + derived from the parent Stream's `rule_sets` and represent the + intended configuration for the object. + readOnly: true + type: array + items: + $ref: '#/components/schemas/CustomizationRule' BackfillJob: id: BackfillJob description: Represents a backfill job on a specific stream object. @@ -2097,92 +2359,6 @@ components: type: array items: $ref: '#/components/schemas/Error' - SourceObjectIdentifier: - id: SourceObjectIdentifier - description: Represents an identifier of an object in the data source. - type: object - properties: - oracleIdentifier: - description: Oracle data source object identifier. - $ref: '#/components/schemas/OracleObjectIdentifier' - mysqlIdentifier: - description: Mysql data source object identifier. - $ref: '#/components/schemas/MysqlObjectIdentifier' - postgresqlIdentifier: - description: PostgreSQL data source object identifier. - $ref: '#/components/schemas/PostgresqlObjectIdentifier' - sqlServerIdentifier: - description: SQLServer data source object identifier. - $ref: '#/components/schemas/SqlServerObjectIdentifier' - salesforceIdentifier: - description: Salesforce data source object identifier. - $ref: '#/components/schemas/SalesforceObjectIdentifier' - mongodbIdentifier: - description: MongoDB data source object identifier. - $ref: '#/components/schemas/MongodbObjectIdentifier' - OracleObjectIdentifier: - id: OracleObjectIdentifier - description: Oracle data source object identifier. - type: object - properties: - schema: - description: Required. The schema name. - type: string - table: - description: Required. The table name. - type: string - MysqlObjectIdentifier: - id: MysqlObjectIdentifier - description: Mysql data source object identifier. - type: object - properties: - database: - description: Required. The database name. - type: string - table: - description: Required. The table name. - type: string - PostgresqlObjectIdentifier: - id: PostgresqlObjectIdentifier - description: PostgreSQL data source object identifier. - type: object - properties: - schema: - description: Required. The schema name. - type: string - table: - description: Required. The table name. - type: string - SqlServerObjectIdentifier: - id: SqlServerObjectIdentifier - description: SQLServer data source object identifier. - type: object - properties: - schema: - description: Required. The schema name. - type: string - table: - description: Required. The table name. - type: string - SalesforceObjectIdentifier: - id: SalesforceObjectIdentifier - description: Salesforce data source object identifier. - type: object - properties: - objectName: - description: Required. The object name. - type: string - MongodbObjectIdentifier: - id: MongodbObjectIdentifier - description: MongoDB data source object identifier. - type: object - properties: - database: - description: Required. The database name. - type: string - collection: - description: Required. The collection name. - type: string LookupStreamObjectRequest: id: LookupStreamObjectRequest description: >- @@ -2216,7 +2392,24 @@ components: Request for manually initiating a backfill job for a specific stream object. type: object - properties: {} + properties: + eventFilter: + description: >- + Optional. Optional event filter. If not set, or empty, the backfill + will be performed on the entire object. This is currently used for + partial backfill and only supported for SQL Server sources. + $ref: '#/components/schemas/EventFilter' + EventFilter: + id: EventFilter + description: Represents a filter for included data on a stream object. + type: object + properties: + sqlWhereClause: + description: >- + An SQL-query Where clause selecting which data should be included, + not including the "WHERE" keyword. E.g., "t.key1 = 'value1' AND + t.key2 = 'value2'". + type: string StartBackfillJobResponse: id: StartBackfillJobResponse description: >- @@ -3184,6 +3377,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/deploymentmanager.yaml b/providers/src/googleapis.com/v00.00.00000/services/deploymentmanager.yaml index 1c7b6324..74c07036 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/deploymentmanager.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/deploymentmanager.yaml @@ -10,8 +10,8 @@ info: configuring, deploying, and viewing Google Cloud services and APIs via templates which specify deployments of Cloud resources. version: v2 - x-discovery-doc-revision: '20250822' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251128' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/deployment-manager servers: @@ -25,15 +25,15 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 - https://www.googleapis.com/auth/cloud-platform: >- - See, edit, configure, and delete your Google Cloud data and see - the email address for your Google Account. - https://www.googleapis.com/auth/cloud-platform.read-only: >- - View your data across Google Cloud services and see the email - address of your Google Account https://www.googleapis.com/auth/ndev.cloudman: >- View and manage your Google Cloud Platform management resources and deployment status information + https://www.googleapis.com/auth/cloud-platform.read-only: >- + View your data across Google Cloud services and see the email + address of your Google Account + https://www.googleapis.com/auth/cloud-platform: >- + See, edit, configure, and delete your Google Cloud data and see + the email address for your Google Account. https://www.googleapis.com/auth/ndev.cloudman.readonly: >- View your Google Cloud Platform management resources and deployment status information @@ -46,83 +46,161 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - Deployment: - id: Deployment + QuotaExceededInfo: + description: Additional details for quota exceeded error for resource quota. type: object properties: - id: - type: string - format: uint64 - name: + futureLimit: description: >- - Name of the resource; provided by the client when the resource is - created. The name must be 1-63 characters long, and comply with - RFC1035. Specifically, the name must be 1-63 characters long and - match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which - means the first character must be a lowercase letter, and all - following characters must be a dash, lowercase letter, or digit, - except the last character, which cannot be a dash. + Future quota limit being rolled out. The limit's unit depends on the + quota type or metric. + format: double + type: number + rolloutStatus: + enum: + - ROLLOUT_STATUS_UNSPECIFIED + - IN_PROGRESS + enumDescriptions: + - >- + ROLLOUT_STATUS_UNSPECIFIED - Rollout status is not specified. The + default value. + - >- + IN_PROGRESS - A rollout is in process which will change the limit + value to future limit. + description: Rollout status of the future quota limit. type: string - description: - description: An optional user-provided description of the deployment. + metricName: type: string - operation: - description: >- - Output only. The Operation that most recently ran, or is currently - running, on this deployment. - $ref: '#/components/schemas/Operation' - fingerprint: + description: The Compute Engine quota metric name. + limit: + format: double + type: number description: >- - Provides a fingerprint to use in requests to modify a deployment, - such as `update()`, `stop()`, and `cancelPreview()` requests. A - fingerprint is a randomly generated value that must be provided with - `update()`, `stop()`, and `cancelPreview()` requests to perform - optimistic locking. This ensures optimistic concurrency so that only - one request happens at a time. The fingerprint is initially - generated by Deployment Manager and changes after every request to - modify data. To get the latest fingerprint value, perform a `get()` - request to a deployment. + Current effective quota limit. The limit's unit depends on the quota + type or metric. + dimensions: + type: object + additionalProperties: + type: string + description: The map holding related quota dimensions. + limitName: + description: The name of the quota limit. type: string - format: byte - manifest: + id: QuotaExceededInfo + GlobalSetPolicyRequest: + type: object + properties: + policy: + $ref: '#/components/schemas/Policy' description: >- - Output only. URL of the manifest representing the last manifest that - was successfully deployed. If no manifest has been successfully - deployed, this field will be absent. + REQUIRED: The complete policy to be applied to the 'resource'. The + size of the policy is limited to a few 10s of KB. An empty policy is + in general a valid policy but certain services (like Projects) might + reject them. + etag: + format: byte type: string - update: description: >- - Output only. If Deployment Manager is currently updating or - previewing an update to this deployment, the updated configuration - appears here. - $ref: '#/components/schemas/DeploymentUpdate' - insertTime: - description: Output only. Creation timestamp in RFC3339 text format. + Flatten Policy to create a backward compatible wire-format. + Deprecated. Use 'policy' to specify the etag. + bindings: + type: array + description: >- + Flatten Policy to create a backward compatible wire-format. + Deprecated. Use 'policy' to specify bindings. + items: + $ref: '#/components/schemas/Binding' + updateMask: + description: Update mask for the policy. type: string - updateTime: - description: Output only. Update timestamp in RFC3339 text format. + format: google-fieldmask + id: GlobalSetPolicyRequest + ManifestsListResponse: + type: object + id: ManifestsListResponse + properties: + manifests: + items: + $ref: '#/components/schemas/Manifest' + description: Output only. Manifests contained in this list response. + type: array + nextPageToken: + description: Output only. A token used to continue a truncated list request. + type: string + description: >- + A response containing a partial list of manifests and a page token used + to build the next request if the request has been truncated. + DebugInfo: + description: Describes additional debugging info. + id: DebugInfo + type: object + properties: + detail: + description: Additional debugging information provided by the server. + type: string + stackEntries: + description: The stack trace entries indicating where the error occurred. + type: array + items: + type: string + ErrorInfo: + properties: + reason: type: string - target: description: >- - [Input Only] The parameters that define your deployment, including - the deployment configuration and relevant templates. - $ref: '#/components/schemas/TargetConfiguration' - labels: + The reason of the error. This is a constant value that identifies + the proximate cause of the error. Error reasons are unique within a + particular domain of errors. This should be at most 63 characters + and match a regular expression of `A-Z+[A-Z0-9]`, which represents + UPPER_SNAKE_CASE. + metadatas: description: >- - Map of One Platform labels; provided by the client when the resource - is created or updated. Specifically: Label keys must be between 1 - and 63 characters long and must conform to the following regular - expression: `[a-z]([-a-z0-9]*[a-z0-9])?` Label values must be - between 0 and 63 characters long and must conform to the regular - expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`. + Additional structured details about this error. Keys must match a + regular expression of `a-z+` but should ideally be lowerCamelCase. + Also, they must be limited to 64 characters in length. When + identifying the current value of an exceeded limit, the units should + be contained in the key, not the value. For example, rather than + `{"instanceLimit": "100/request"}`, should be returned as, + `{"instanceLimitPerRequest": "100"}`, if the client exceeds the + number of instances that can be created in a single (batch) request. + additionalProperties: + type: string + type: object + domain: + description: >- + The logical grouping to which the "reason" belongs. The error domain + is typically the registered service name of the tool or product that + generates the error. Example: "pubsub.googleapis.com". If the error + is generated by some common infrastructure, the error domain must be + a globally unique value that identifies the infrastructure. For + Google API infrastructure, the error domain is "googleapis.com". + type: string + description: >- + Describes the cause of the error with structured details. Example of an + error when contacting the "pubsub.googleapis.com" API when it is not + enabled: { "reason": "API_DISABLED" "domain": "googleapis.com" + "metadata": { "resource": "projects/123", "service": + "pubsub.googleapis.com" } } This response indicates that the + pubsub.googleapis.com API is not enabled. Example of an error that is + returned when attempting to create a Spanner instance in a region that + is out of stock: { "reason": "STOCKOUT" "domain": + "spanner.googleapis.com", "metadata": { "availableRegions": + "us-central1,us-east2" } } + type: object + id: ErrorInfo + TestPermissionsRequest: + properties: + permissions: + description: >- + The set of permissions to check for the 'resource'. Permissions with + wildcards (such as '*' or 'storage.*') are not allowed. type: array items: - $ref: '#/components/schemas/DeploymentLabelEntry' - selfLink: - description: Output only. Server defined URL for the resource. - type: string + type: string + id: TestPermissionsRequest + type: object Operation: - id: Operation + type: object description: >- Represents an Operation resource. Google Compute Engine has three Operation resources: * @@ -137,271 +215,231 @@ components: `zoneOperations` resource. For more information, read Global, Regional, and Zonal Resources. Note that completed Operation resources have a limited retention period. - type: object properties: - kind: + selfLink: + type: string + description: '[Output Only] Server-defined URL for the resource.' + user: description: >- - [Output Only] Type of the resource. Always `compute#operation` for - Operation resources. - default: compute#operation + [Output Only] User who requested the operation, for example: + `user@example.com` or `alice_smith_identifier + (global/workforcePools/example-com-us-employees)`. + type: string + insertTime: type: string + description: >- + [Output Only] The time that this operation was requested. This value + is in RFC3339 text format. id: description: >- [Output Only] The unique identifier for the operation. This identifier is defined by the server. - type: string format: uint64 - creationTimestamp: - description: '[Deprecated] This field is deprecated.' - type: string - name: - description: '[Output Only] Name of the operation.' - type: string - zone: - description: >- - [Output Only] The URL of the zone where the operation resides. Only - applicable when performing per-zone operations. - type: string - clientOperationId: - description: >- - [Output Only] The value of `requestId` if you provided it in the - request. Not present otherwise. type: string operationType: description: >- [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on. type: string - targetLink: + startTime: description: >- - [Output Only] The URL of the resource that the operation modifies. - For operations related to creating a snapshot, this points to the - disk that the snapshot was created from. + [Output Only] The time that this operation was started by the + server. This value is in RFC3339 text format. type: string - targetId: - description: >- - [Output Only] The unique target ID, which identifies a specific - incarnation of the target resource. + kind: type: string - format: uint64 - status: description: >- - [Output Only] The status of the operation, which can be one of the - following: `PENDING`, `RUNNING`, or `DONE`. + Output only. [Output Only] Type of the resource. Always + `compute#operation` for Operation resources. + readOnly: true + default: compute#operation + zone: + description: >- + [Output Only] The URL of the zone where the operation resides. Only + applicable when performing per-zone operations. + type: string + status: type: string - enumDescriptions: - - '' - - '' - - '' enum: - PENDING - RUNNING - DONE + enumDescriptions: + - '' + - '' + - '' + description: >- + [Output Only] The status of the operation, which can be one of the + following: `PENDING`, `RUNNING`, or `DONE`. statusMessage: + type: string description: >- [Output Only] An optional textual description of the current status of the operation. + operationGroupId: type: string - user: + readOnly: true description: >- - [Output Only] User who requested the operation, for example: - `user@example.com` or `alice_smith_identifier - (global/workforcePools/example-com-us-employees)`. + Output only. [Output Only] An ID that represents a group of + operations, such as when a group of operations results from a + `bulkInsert` API request. + endTime: type: string - progress: - description: >- - [Output Only] An optional progress indicator that ranges from 0 to - 100. There is no requirement that this be linear or support any - granularity of operations. This should not be used to guess when the - operation will be complete. This number should monotonically - increase as the operation progresses. - type: integer - format: int32 - insertTime: description: >- - [Output Only] The time that this operation was requested. This value + [Output Only] The time that this operation was completed. This value is in RFC3339 text format. + name: type: string - startTime: + description: '[Output Only] Name of the operation.' + description: description: >- - [Output Only] The time that this operation was started by the - server. This value is in RFC3339 text format. + [Output Only] A textual description of the operation, which is set + when the operation is created. type: string - endTime: + selfLinkWithId: + type: string + readOnly: true description: >- - [Output Only] The time that this operation was completed. This value - is in RFC3339 text format. + Output only. [Output Only] Server-defined URL for this resource with + the resource id. + instancesBulkInsertOperationMetadata: + $ref: '#/components/schemas/InstancesBulkInsertOperationMetadata' + targetId: + format: uint64 type: string - error: description: >- - [Output Only] If errors are generated during processing of the - operation, this field will be populated. + [Output Only] The unique target ID, which identifies a specific + incarnation of the target resource. + creationTimestamp: + description: '[Deprecated] This field is deprecated.' + type: string + setAutoscalerLinkOperationMetadata: + $ref: '#/components/schemas/SetAutoscalerLinkOperationMetadata' + description: >- + This field is used internally by the Autoscaler team and should not + be promoted to "alpha/beta/v1". + region: + description: >- + [Output Only] The URL of the region where the operation resides. + Only applicable when performing regional operations. + type: string + error: type: object properties: errors: - description: >- - [Output Only] The array of errors encountered while processing - this operation. type: array items: type: object properties: - code: - description: '[Output Only] The error type identifier for this error.' - type: string - location: - description: >- - [Output Only] Indicates the field in the request that - caused the error. This property is optional. - type: string - message: - description: '[Output Only] An optional, human-readable error message.' - type: string arguments: + readOnly: true + type: array + items: + type: string description: >- - [Output Only] Optional error details WARNING: DO NOT MAKE - VISIBLE This is for internal use-only (like + Output only. [Output Only] Optional error details WARNING: + DO NOT MAKE VISIBLE This is for internal use-only (like componentization) (thus the visibility "none") and in case of public exposure it is strongly recommended to follow pattern of: https://aip.dev/193 and expose as details field. - type: array - items: - type: string - debugInfo: - $ref: '#/components/schemas/DebugInfo' + code: + description: '[Output Only] The error type identifier for this error.' + type: string errorDetails: - description: >- - [Output Only] An optional list of messages that contain - the error details. There is a set of defined message types - to use for providing details.The syntax depends on the - error code. For example, QuotaExceededInfo will have - details when the error code is QUOTA_EXCEEDED. type: array items: - type: object properties: - errorInfo: - $ref: '#/components/schemas/ErrorInfo' quotaInfo: $ref: '#/components/schemas/QuotaExceededInfo' help: $ref: '#/components/schemas/Help' localizedMessage: $ref: '#/components/schemas/LocalizedMessage' - warnings: + errorInfo: + $ref: '#/components/schemas/ErrorInfo' + type: object + description: >- + [Output Only] An optional list of messages that contain + the error details. There is a set of defined message types + to use for providing details.The syntax depends on the + error code. For example, QuotaExceededInfo will have + details when the error code is QUOTA_EXCEEDED. + location: + type: string + description: >- + [Output Only] Indicates the field in the request that + caused the error. This property is optional. + debugInfo: + $ref: '#/components/schemas/DebugInfo' + readOnly: true + message: + description: '[Output Only] An optional, human-readable error message.' + type: string + description: >- + [Output Only] The array of errors encountered while processing + this operation. description: >- - [Output Only] If warning messages are generated during processing of - the operation, this field will be populated. - type: array + [Output Only] If errors are generated during processing of the + operation, this field will be populated. + progress: + type: integer + format: int32 + description: >- + [Output Only] An optional progress indicator that ranges from 0 to + 100. There is no requirement that this be linear or support any + granularity of operations. This should not be used to guess when the + operation will be complete. This number should monotonically + increase as the operation progresses. + clientOperationId: + description: >- + [Output Only] The value of `requestId` if you provided it in the + request. Not present otherwise. + type: string + warnings: items: type: object properties: - code: + message: description: >- - [Output Only] A warning code, if applicable. For example, - Compute Engine returns NO_RESULTS_ON_PAGE if there are no - results in the response. + [Output Only] A human-readable description of the warning + code. type: string - enumDescriptions: - - A link to a deprecated resource was created. - - No results are present on a particular list page. - - A given scope cannot be reached. - - >- - The route's nextHopIp address is not assigned to an instance - on the network. - - >- - The route's nextHopInstance URL refers to an instance that - does not exist. - - >- - The route's nextHopInstance URL refers to an instance that - is not on the same network as the route. - - The route's next hop instance cannot ip forward. - - >- - The route's next hop instance does not have a status of - RUNNING. - - >- - The operation involved use of an injected kernel, which is - deprecated. - - >- - The user attempted to use a resource that requires a TOS - they have not accepted. - - The user created a boot disk that is larger than image size. - - >- - One or more of the resources set to auto-delete could not be - deleted because they were in use. - - >- - Instance template used in instance group manager is valid as - such, but its application does not make a lot of sense, - because it allows only single instance in instance group. - - >- - Error which is not critical. We decided to continue the - process despite the mentioned error. - - >- - Warning about failed cleanup of transient changes made by a - failed operation. - - >- - Warning that value of a field has been overridden. - Deprecated unused field. - - Warning that a resource is in use. - - Warning that network endpoint was not detached. - - >- - Current page contains less results than requested but a next - page token exists. - - >- - Warning that SSL policy resource in the response does not - contain information about the list of enabled features. - - Warning that a resource is not found. - - A resource depends on a missing type - - Warning that is present in an external api call - - When a resource schema validation is ignored. - - When undeclared properties in the schema are present - - >- - When deploying and at least one of the resources has a type - marked as experimental - - >- - When deploying and at least one of the resources has a type - marked as deprecated - - >- - Success is reported, but some results may be missing due to - errors - - >- - When deploying a deployment with a exceedingly large number - of resources - - >- - The route's nextHopInstance URL refers to an instance that - does not have an ipv6 interface on the same network as the - route. - - >- - A WEIGHTED_MAGLEV backend service is associated with a - health check that is not of type HTTP/HTTPS/HTTP2. - - >- - Resource can't be retrieved due to list overhead quota - exceed which captures the amount of resources filtered out - by user-defined list filter. - - >- - Quota information is not available to client requests (e.g: - regions.list). - - >- - Indicates that a VM is using global DNS. Can also be used to - indicate that a resource has attributes that could result in - the creation of a VM that uses global DNS. - - Resource can't be retrieved due to api quota exceeded. - - >- - Reserved entries for quickly adding new warnings without - breaking dependent clients. - - '' - - '' - - '' - - '' - enumDeprecated: - - false - - false - - false - - false - - false - - false - - false + data: + type: array + description: >- + [Output Only] Metadata about this warning in key: value + format. For example: "data": [ { "key": "scope", "value": + "zones/us-east1-d" } + items: + properties: + key: + type: string + description: >- + [Output Only] A key that provides more detail on the + warning being returned. For example, for warnings where + there are no results in a list request for a particular + zone, this key might be scope and the key value might be + the zone name. Other examples might be a key indicating + a deprecated resource and a suggested replacement, or a + warning about invalid network settings (for example, if + an instance attempts to perform IP forwarding but is not + enabled for IP forwarding). + value: + description: >- + [Output Only] A warning data value corresponding to the + key. + type: string + type: object + code: + enumDeprecated: + - false + - false + - false + - false + - false + - false + - false - false - false - false @@ -435,6 +473,8 @@ components: - false - false - false + - false + type: string enum: - DEPRECATED_RESOURCE_USED - NO_RESULTS_ON_PAGE @@ -471,392 +511,424 @@ components: - QUOTA_INFO_UNAVAILABLE - RESOURCE_USES_GLOBAL_DNS - RATE_LIMIT_EXCEEDED - - RESERVED_ENTRY_135 + - UPCOMING_MAINTENANCES_UNAVAILABLE - RESERVED_ENTRY_136 - RESERVED_ENTRY_139 - RESERVED_ENTRY_141 - RESERVED_ENTRY_142 - message: - description: >- - [Output Only] A human-readable description of the warning - code. - type: string - data: + - RESERVED_ENTRY_143 + enumDescriptions: + - A link to a deprecated resource was created. + - No results are present on a particular list page. + - A given scope cannot be reached. + - >- + The route's nextHopIp address is not assigned to an instance + on the network. + - >- + The route's nextHopInstance URL refers to an instance that + does not exist. + - >- + The route's nextHopInstance URL refers to an instance that + is not on the same network as the route. + - The route's next hop instance cannot ip forward. + - >- + The route's next hop instance does not have a status of + RUNNING. + - >- + The operation involved use of an injected kernel, which is + deprecated. + - >- + The user attempted to use a resource that requires a TOS + they have not accepted. + - The user created a boot disk that is larger than image size. + - >- + One or more of the resources set to auto-delete could not be + deleted because they were in use. + - >- + Instance template used in instance group manager is valid as + such, but its application does not make a lot of sense, + because it allows only single instance in instance group. + - >- + Error which is not critical. We decided to continue the + process despite the mentioned error. + - >- + Warning about failed cleanup of transient changes made by a + failed operation. + - >- + Warning that value of a field has been overridden. + Deprecated unused field. + - Warning that a resource is in use. + - Warning that network endpoint was not detached. + - >- + Current page contains less results than requested but a next + page token exists. + - >- + Warning that SSL policy resource in the response does not + contain information about the list of enabled features. + - Warning that a resource is not found. + - A resource depends on a missing type + - Warning that is present in an external api call + - When a resource schema validation is ignored. + - When undeclared properties in the schema are present + - >- + When deploying and at least one of the resources has a type + marked as experimental + - >- + When deploying and at least one of the resources has a type + marked as deprecated + - >- + Success is reported, but some results may be missing due to + errors + - >- + When deploying a deployment with a exceedingly large number + of resources + - >- + The route's nextHopInstance URL refers to an instance that + does not have an ipv6 interface on the same network as the + route. + - >- + A WEIGHTED_MAGLEV backend service is associated with a + health check that is not of type HTTP/HTTPS/HTTP2. + - >- + Resource can't be retrieved due to list overhead quota + exceed which captures the amount of resources filtered out + by user-defined list filter. + - >- + Quota information is not available to client requests (e.g: + regions.list). + - >- + Indicates that a VM is using global DNS. Can also be used to + indicate that a resource has attributes that could result in + the creation of a VM that uses global DNS. + - Resource can't be retrieved due to api quota exceeded. + - >- + Upcoming maintenance schedule is unavailable for the + resource. + - >- + Reserved entries for quickly adding new warnings without + breaking dependent clients. + - '' + - '' + - '' + - '' description: >- - [Output Only] Metadata about this warning in key: value - format. For example: "data": [ { "key": "scope", "value": - "zones/us-east1-d" } - type: array - items: - type: object - properties: - key: - description: >- - [Output Only] A key that provides more detail on the - warning being returned. For example, for warnings where - there are no results in a list request for a particular - zone, this key might be scope and the key value might be - the zone name. Other examples might be a key indicating - a deprecated resource and a suggested replacement, or a - warning about invalid network settings (for example, if - an instance attempts to perform IP forwarding but is not - enabled for IP forwarding). - type: string - value: - description: >- - [Output Only] A warning data value corresponding to the - key. - type: string + [Output Only] A warning code, if applicable. For example, + Compute Engine returns NO_RESULTS_ON_PAGE if there are no + results in the response. + description: >- + [Output Only] If warning messages are generated during processing of + the operation, this field will be populated. + type: array + firewallPolicyRuleOperationMetadata: + $ref: '#/components/schemas/FirewallPolicyRuleOperationMetadata' + targetLink: + description: >- + [Output Only] The URL of the resource that the operation modifies. + For operations related to creating a snapshot, this points to the + disk that the snapshot was created from. + type: string + setCommonInstanceMetadataOperationMetadata: + $ref: '#/components/schemas/SetCommonInstanceMetadataOperationMetadata' + readOnly: true + description: >- + Output only. [Output Only] If the operation is for + projects.setCommonInstanceMetadata, this field will contain + information on all underlying zonal actions and their state. httpErrorStatusCode: + format: int32 description: >- [Output Only] If the operation fails, this field contains the HTTP error status code that was returned. For example, a `404` means the resource was not found. type: integer - format: int32 httpErrorMessage: description: >- [Output Only] If the operation fails, this field contains the HTTP error message that was returned, such as `NOT FOUND`. type: string + id: Operation + Manifest: + id: Manifest + type: object + properties: + insertTime: + type: string + description: Output only. Creation timestamp in RFC3339 text format. + imports: + description: Output only. The imported files for this manifest. + type: array + items: + $ref: '#/components/schemas/ImportFile' + layout: + description: Output only. The YAML layout for this manifest. + type: string + config: + description: Output only. The YAML configuration for this manifest. + $ref: '#/components/schemas/ConfigFile' selfLink: - description: '[Output Only] Server-defined URL for the resource.' + description: Output only. Self link for the manifest. type: string - selfLinkWithId: - description: >- - [Output Only] Server-defined URL for this resource with the resource - id. + name: + description: Output only. The name of the manifest. type: string - region: - description: >- - [Output Only] The URL of the region where the operation resides. - Only applicable when performing regional operations. + id: type: string - description: - description: >- - [Output Only] A textual description of the operation, which is set - when the operation is created. + format: uint64 + manifestSizeBytes: + description: Output only. The computed size of the fully expanded manifest. type: string - operationGroupId: - description: >- - [Output Only] An ID that represents a group of operations, such as - when a group of operations results from a `bulkInsert` API request. + format: int64 + manifestSizeLimitBytes: + format: int64 + description: Output only. The size limit for expanded manifests in the project. type: string - setCommonInstanceMetadataOperationMetadata: - description: >- - [Output Only] If the operation is for - projects.setCommonInstanceMetadata, this field will contain - information on all underlying zonal actions and their state. - $ref: '#/components/schemas/SetCommonInstanceMetadataOperationMetadata' - instancesBulkInsertOperationMetadata: - $ref: '#/components/schemas/InstancesBulkInsertOperationMetadata' - setAutoscalerLinkOperationMetadata: + expandedConfig: description: >- - This field is used internally by the Autoscaler team and should not - be promoted to "alpha/beta/v1". - $ref: '#/components/schemas/SetAutoscalerLinkOperationMetadata' - DebugInfo: - id: DebugInfo - description: Describes additional debugging info. - type: object + Output only. The fully-expanded configuration file, including any + templates and references. + type: string + ResourcesListResponse: properties: - stackEntries: - description: The stack trace entries indicating where the error occurred. + nextPageToken: + type: string + description: A token used to continue a truncated list request. + resources: + description: Resources contained in this list response. type: array items: - type: string - detail: - description: Additional debugging information provided by the server. - type: string - ErrorInfo: - id: ErrorInfo - description: >- - Describes the cause of the error with structured details. Example of an - error when contacting the "pubsub.googleapis.com" API when it is not - enabled: { "reason": "API_DISABLED" "domain": "googleapis.com" - "metadata": { "resource": "projects/123", "service": - "pubsub.googleapis.com" } } This response indicates that the - pubsub.googleapis.com API is not enabled. Example of an error that is - returned when attempting to create a Spanner instance in a region that - is out of stock: { "reason": "STOCKOUT" "domain": - "spanner.googleapis.com", "metadata": { "availableRegions": - "us-central1,us-east2" } } + $ref: '#/components/schemas/Resource' + id: ResourcesListResponse + description: >- + A response containing a partial list of resources and a page token used + to build the next request if the request has been truncated. type: object + InstancesBulkInsertOperationMetadata: + id: InstancesBulkInsertOperationMetadata properties: - reason: - description: >- - The reason of the error. This is a constant value that identifies - the proximate cause of the error. Error reasons are unique within a - particular domain of errors. This should be at most 63 characters - and match a regular expression of `A-Z+[A-Z0-9]`, which represents - UPPER_SNAKE_CASE. - type: string - domain: + machineType: description: >- - The logical grouping to which the "reason" belongs. The error domain - is typically the registered service name of the tool or product that - generates the error. Example: "pubsub.googleapis.com". If the error - is generated by some common infrastructure, the error domain must be - a globally unique value that identifies the infrastructure. For - Google API infrastructure, the error domain is "googleapis.com". + [Output Only] The machine type of the VMs that were created used + internally only by KCP flex bulk insert. type: string - metadatas: + perLocationStatus: description: >- - Additional structured details about this error. Keys must match a - regular expression of `a-z+` but should ideally be lowerCamelCase. - Also, they must be limited to 64 characters in length. When - identifying the current value of an exceeded limit, the units should - be contained in the key, not the value. For example, rather than - `{"instanceLimit": "100/request"}`, should be returned as, - `{"instanceLimitPerRequest": "100"}`, if the client exceeds the - number of instances that can be created in a single (batch) request. + Status information per location (location name is key). Example key: + zones/us-central1-a type: object additionalProperties: - type: string - QuotaExceededInfo: - id: QuotaExceededInfo - description: Additional details for quota exceeded error for resource quota. + $ref: '#/components/schemas/BulkInsertOperationStatus' type: object + SetAutoscalerLinkOperationMetadata: properties: - metricName: - description: The Compute Engine quota metric name. - type: string - limitName: - description: The name of the quota limit. - type: string - dimensions: - description: The map holding related quota dimensions. + zonalIgmIds: + items: + format: int64 + type: string + type: array + description: List of zonal IGM IDs part of the RMIG. + zoneToIgmIds: type: object additionalProperties: type: string - limit: - description: >- - Current effective quota limit. The limit's unit depends on the quota - type or metric. - type: number - format: double - futureLimit: - description: >- - Future quota limit being rolled out. The limit's unit depends on the - quota type or metric. - type: number - format: double - rolloutStatus: - description: Rollout status of the future quota limit. - type: string - enumDescriptions: - - >- - ROLLOUT_STATUS_UNSPECIFIED - Rollout status is not specified. The - default value. - - >- - IN_PROGRESS - A rollout is in process which will change the limit - value to future limit. - enum: - - ROLLOUT_STATUS_UNSPECIFIED - - IN_PROGRESS - Help: - id: Help - description: >- - Provides links to documentation or for performing an out of band action. - For example, if a quota check failed with an error indicating the - calling project hasn't enabled the accessed service, this can contain a - URL pointing directly to the right place in the developer console to - flip the bit. + format: int64 + description: Map of zone to an ID of the zonal IGM belonging to the RMIG. + type: object + id: SetAutoscalerLinkOperationMetadata + ConfigFile: + id: ConfigFile type: object properties: - links: - description: >- - URL(s) pointing to additional information on handling the current - error. - type: array - items: - $ref: '#/components/schemas/HelpLink' - HelpLink: - id: HelpLink - description: Describes a URL link. + content: + description: The contents of the file. + type: string + DeploymentUpdateLabelEntry: + description: Label object for DeploymentUpdate type: object + id: DeploymentUpdateLabelEntry properties: - description: - description: Describes what the link offers. + key: + description: Key of the label type: string - url: - description: The URL of the link. + value: type: string + description: Value of the label LocalizedMessage: - id: LocalizedMessage - description: >- - Provides a localized error message that is safe to return to the user - which can be attached to an RPC error. - type: object properties: locale: + type: string description: >- The locale used following the specification defined at https://www.rfc-editor.org/rfc/bcp/bcp47.txt. Examples are: "en-US", "fr-CH", "es-MX" - type: string message: - description: The localized error message in the above locale. - type: string - SetCommonInstanceMetadataOperationMetadata: - id: SetCommonInstanceMetadataOperationMetadata - type: object - properties: - clientOperationId: - description: '[Output Only] The client operation id.' type: string - perLocationOperations: - description: >- - [Output Only] Status information per location (location name is - key). Example key: zones/us-central1-a - type: object - additionalProperties: - $ref: >- - #/components/schemas/SetCommonInstanceMetadataOperationMetadataPerLocationOperationInfo - SetCommonInstanceMetadataOperationMetadataPerLocationOperationInfo: - id: SetCommonInstanceMetadataOperationMetadataPerLocationOperationInfo + description: The localized error message in the above locale. type: object - properties: - state: - description: >- - [Output Only] Status of the action, which can be one of the - following: `PROPAGATING`, `PROPAGATED`, `ABANDONED`, `FAILED`, or - `DONE`. - type: string - enumDescriptions: - - '' - - >- - Operation is not yet confirmed to have been created in the - location. - - Operation is confirmed to be in the location. - - >- - Operation not tracked in this location e.g. zone is marked as - DOWN. - - Operation is in an error state. - - Operation has completed successfully. - enum: - - UNSPECIFIED - - PROPAGATING - - PROPAGATED - - ABANDONED - - FAILED - - DONE - error: - description: >- - [Output Only] If state is `ABANDONED` or `FAILED`, this field is - populated. - $ref: '#/components/schemas/Status' - Status: - id: Status + id: LocalizedMessage description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object + Provides a localized error message that is safe to return to the user + which can be attached to an RPC error. + TypesListResponse: properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: + types: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + Output only. A list of resource types supported by Deployment + Manager. type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - InstancesBulkInsertOperationMetadata: - id: InstancesBulkInsertOperationMetadata - type: object - properties: - perLocationStatus: - description: >- - Status information per location (location name is key). Example key: - zones/us-central1-a - type: object - additionalProperties: - $ref: '#/components/schemas/BulkInsertOperationStatus' - machineType: - description: >- - [Output Only] The machine type of the VMs that were created used - internally only by KCP flex bulk insert. + $ref: '#/components/schemas/Type' + nextPageToken: + description: A token used to continue a truncated list request. type: string - BulkInsertOperationStatus: - id: BulkInsertOperationStatus + id: TypesListResponse + description: A response that returns all Types supported by Deployment Manager type: object + TargetConfiguration: properties: - status: + imports: + type: array description: >- - [Output Only] Creation status of BulkInsert operation - information - if the flow is rolling forward or rolling back. - type: string - enumDescriptions: - - '' - - Rolling forward - creating VMs. - - Rolling back - cleaning up after an error. - - Done - enum: - - STATUS_UNSPECIFIED - - CREATING - - ROLLING_BACK - - DONE - targetVmCount: - description: '[Output Only] Count of VMs originally planned to be created.' - type: integer - format: int32 - createdVmCount: - description: '[Output Only] Count of VMs successfully created so far.' - type: integer - format: int32 - failedToCreateVmCount: - description: >- - [Output Only] Count of VMs that started creating but encountered an - error. - type: integer - format: int32 - deletedVmCount: - description: '[Output Only] Count of VMs that got deleted during rollback.' - type: integer - format: int32 - SetAutoscalerLinkOperationMetadata: - id: SetAutoscalerLinkOperationMetadata + Specifies any files to import for this configuration. This can be + used to import templates or other files. For example, you might + import a text file in order to use the file in a template. + items: + $ref: '#/components/schemas/ImportFile' + config: + description: The configuration to use for this deployment. + $ref: '#/components/schemas/ConfigFile' type: object + id: TargetConfiguration + OperationsListResponse: + type: object + description: >- + A response containing a partial list of operations and a page token used + to build the next request if the request has been truncated. + id: OperationsListResponse properties: - zonalIgmIds: - description: List of zonal IGM IDs part of the RMIG. - type: array + operations: + description: Output only. Operations contained in this list response. items: - type: string - format: int64 - zoneToIgmIds: - description: Map of zone to an ID of the zonal IGM belonging to the RMIG. - type: object - additionalProperties: - type: string - format: int64 - DeploymentUpdate: - id: DeploymentUpdate + $ref: '#/components/schemas/Operation' + type: array + nextPageToken: + type: string + description: Output only. A token used to continue a truncated list request. + Type: + type: object + description: A resource type supported by Deployment Manager. + id: Type + properties: + id: + type: string + format: uint64 + selfLink: + type: string + description: Output only. Server defined URL for the resource. + name: + type: string + description: Name of the type. + insertTime: + description: Output only. Creation timestamp in RFC3339 text format. + type: string + operation: + description: >- + Output only. The Operation that most recently ran, or is currently + running, on this type. + $ref: '#/components/schemas/Operation' + Expr: + id: Expr type: object properties: + description: + type: string + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + title: + type: string + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + expression: + type: string + description: >- + Textual representation of an expression in Common Expression + Language syntax. + location: + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: string + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + Deployment: + id: Deployment + properties: + updateTime: + description: Output only. Update timestamp in RFC3339 text format. + type: string + insertTime: + type: string + description: Output only. Creation timestamp in RFC3339 text format. manifest: + type: string description: >- - Output only. URL of the manifest representing the update - configuration of this deployment. + Output only. URL of the manifest representing the last manifest that + was successfully deployed. If no manifest has been successfully + deployed, this field will be absent. + description: + type: string + description: An optional user-provided description of the deployment. + fingerprint: + format: byte + description: >- + Provides a fingerprint to use in requests to modify a deployment, + such as `update()`, `stop()`, and `cancelPreview()` requests. A + fingerprint is a randomly generated value that must be provided with + `update()`, `stop()`, and `cancelPreview()` requests to perform + optimistic locking. This ensures optimistic concurrency so that only + one request happens at a time. The fingerprint is initially + generated by Deployment Manager and changes after every request to + modify data. To get the latest fingerprint value, perform a `get()` + request to a deployment. + type: string + name: + description: >- + Name of the resource; provided by the client when the resource is + created. The name must be 1-63 characters long, and comply with + RFC1035. Specifically, the name must be 1-63 characters long and + match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which + means the first character must be a lowercase letter, and all + following characters must be a dash, lowercase letter, or digit, + except the last character, which cannot be a dash. + type: string + target: + description: >- + [Input Only] The parameters that define your deployment, including + the deployment configuration and relevant templates. + $ref: '#/components/schemas/TargetConfiguration' + selfLink: + description: Output only. Server defined URL for the resource. type: string labels: + items: + $ref: '#/components/schemas/DeploymentLabelEntry' description: >- Map of One Platform labels; provided by the client when the resource is created or updated. Specifically: Label keys must be between 1 @@ -865,587 +937,232 @@ components: between 0 and 63 characters long and must conform to the regular expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`. type: array - items: - $ref: '#/components/schemas/DeploymentUpdateLabelEntry' - description: + operation: + $ref: '#/components/schemas/Operation' description: >- - Output only. An optional user-provided description of the deployment - after the current update has been applied. + Output only. The Operation that most recently ran, or is currently + running, on this deployment. + update: + $ref: '#/components/schemas/DeploymentUpdate' + description: >- + Output only. If Deployment Manager is currently updating or + previewing an update to this deployment, the updated configuration + appears here. + id: type: string - DeploymentUpdateLabelEntry: - id: DeploymentUpdateLabelEntry - description: Label object for DeploymentUpdate + format: uint64 + type: object + ResourceAccessControl: type: object properties: - key: - description: Key of the label - type: string - value: - description: Value of the label + gcpIamPolicy: + description: The GCP IAM Policy to set on the resource. type: string - TargetConfiguration: - id: TargetConfiguration + id: ResourceAccessControl + description: The access controls set on the resource. + Status: type: object properties: - config: - description: The configuration to use for this deployment. - $ref: '#/components/schemas/ConfigFile' - imports: + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer + details: + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - Specifies any files to import for this configuration. This can be - used to import templates or other files. For example, you might - import a text file in order to use the file in a template. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. type: array - items: - $ref: '#/components/schemas/ImportFile' - ConfigFile: - id: ConfigFile - type: object - properties: - content: - description: The contents of the file. + message: type: string - ImportFile: - id: ImportFile + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + id: Status + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + DeploymentUpdate: + id: DeploymentUpdate type: object properties: - name: - description: The name of the file. + manifest: + description: >- + Output only. URL of the manifest representing the update + configuration of this deployment. type: string - content: - description: The contents of the file. - type: string - DeploymentLabelEntry: - id: DeploymentLabelEntry - description: Label object for Deployments - type: object - properties: - key: - description: Key of the label - type: string - value: - description: Value of the label + description: type: string - DeploymentsListResponse: - id: DeploymentsListResponse - description: >- - A response containing a partial list of deployments and a page token - used to build the next request if the request has been truncated. - type: object - properties: - deployments: - description: Output only. The deployments contained in this response. - type: array + description: >- + Output only. An optional user-provided description of the deployment + after the current update has been applied. + labels: items: - $ref: '#/components/schemas/Deployment' - nextPageToken: - description: Output only. A token used to continue a truncated list request. - type: string - DeploymentsCancelPreviewRequest: - id: DeploymentsCancelPreviewRequest - type: object - properties: - fingerprint: + $ref: '#/components/schemas/DeploymentUpdateLabelEntry' description: >- - Specifies a fingerprint for `cancelPreview()` requests. A - fingerprint is a randomly generated value that must be provided in - `cancelPreview()` requests to perform optimistic locking. This - ensures optimistic concurrency so that the deployment does not have - conflicting requests (e.g. if someone attempts to make a new update - request while another user attempts to cancel a preview, this would - prevent one of the requests). The fingerprint is initially generated - by Deployment Manager and changes after every request to modify a - deployment. To get the latest fingerprint value, perform a `get()` - request on the deployment. - type: string - format: byte - DeploymentsStopRequest: - id: DeploymentsStopRequest - type: object + Map of One Platform labels; provided by the client when the resource + is created or updated. Specifically: Label keys must be between 1 + and 63 characters long and must conform to the following regular + expression: `[a-z]([-a-z0-9]*[a-z0-9])?` Label values must be + between 0 and 63 characters long and must conform to the regular + expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`. + type: array + FirewallPolicyRuleOperationMetadata: + id: FirewallPolicyRuleOperationMetadata properties: - fingerprint: + allocatedPriority: + format: int32 + type: integer description: >- - Specifies a fingerprint for `stop()` requests. A fingerprint is a - randomly generated value that must be provided in `stop()` requests - to perform optimistic locking. This ensures optimistic concurrency - so that the deployment does not have conflicting requests (e.g. if - someone attempts to make a new update request while another user - attempts to stop an ongoing update request, this would prevent a - collision). The fingerprint is initially generated by Deployment - Manager and changes after every request to modify a deployment. To - get the latest fingerprint value, perform a `get()` request on the - deployment. - type: string - format: byte - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + The priority allocated for the firewall policy rule if query + parameters specified minPriority/maxPriority. + type: object + ResourceUpdate: + id: ResourceUpdate type: object properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + accessControl: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. - type: array - items: - $ref: '#/components/schemas/AuditConfig' - etag: + The Access Control Policy to set on this resource after updating the + resource itself. + $ref: '#/components/schemas/ResourceAccessControl' + properties: description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + Output only. The set of updated properties for this resource, before + references are expanded. Returned as serialized YAML. + type: string + finalProperties: type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. - type: object - properties: - role: description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + Output only. The expanded properties of the resource with reference + values expanded. Returned as serialized YAML. + state: + description: Output only. The state of the resource. + enum: + - PENDING + - IN_PROGRESS + - IN_PREVIEW + - FAILED + - ABORTED + type: string + enumDescriptions: + - There are changes pending for this resource. + - The service is executing changes on the resource. + - The service is previewing changes on the resource. + - The service has failed to change the resource. + - The service has aborted trying to change the resource. + manifest: type: string - members: description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - type: object - properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string - title: - description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. - type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: - description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - AuditConfig: - id: AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. - type: object - properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - type: object - properties: - logType: - description: The log type that this config enables. - type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: - description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: - type: string - GlobalSetPolicyRequest: - id: GlobalSetPolicyRequest - type: object - properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the 'resource'. The - size of the policy is limited to a few 10s of KB. An empty policy is - in general a valid policy but certain services (like Projects) might - reject them. - $ref: '#/components/schemas/Policy' - updateMask: - type: string - format: google-fieldmask - bindings: - description: >- - Flatten Policy to create a backward compatible wire-format. - Deprecated. Use 'policy' to specify bindings. - type: array - items: - $ref: '#/components/schemas/Binding' - etag: - description: >- - Flatten Policy to create a backward compatible wire-format. - Deprecated. Use 'policy' to specify the etag. - type: string - format: byte - TestPermissionsRequest: - id: TestPermissionsRequest - type: object - properties: - permissions: - description: >- - The set of permissions to check for the 'resource'. Permissions with - wildcards (such as '*' or 'storage.*') are not allowed. - type: array - items: - type: string - TestPermissionsResponse: - id: TestPermissionsResponse - type: object - properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - Manifest: - id: Manifest - type: object - properties: - selfLink: - description: Output only. Self link for the manifest. - type: string - id: - type: string - format: uint64 - name: - description: Output only. The name of the manifest. - type: string - config: - description: Output only. The YAML configuration for this manifest. - $ref: '#/components/schemas/ConfigFile' - imports: - description: Output only. The imported files for this manifest. - type: array - items: - $ref: '#/components/schemas/ImportFile' - expandedConfig: - description: >- - Output only. The fully-expanded configuration file, including any - templates and references. - type: string - insertTime: - description: Output only. Creation timestamp in RFC3339 text format. - type: string - layout: - description: Output only. The YAML layout for this manifest. - type: string - manifestSizeBytes: - description: Output only. The computed size of the fully expanded manifest. - type: string - format: int64 - manifestSizeLimitBytes: - description: Output only. The size limit for expanded manifests in the project. - type: string - format: int64 - ManifestsListResponse: - id: ManifestsListResponse - description: >- - A response containing a partial list of manifests and a page token used - to build the next request if the request has been truncated. - type: object - properties: - manifests: - description: Output only. Manifests contained in this list response. - type: array - items: - $ref: '#/components/schemas/Manifest' - nextPageToken: - description: Output only. A token used to continue a truncated list request. - type: string - OperationsListResponse: - id: OperationsListResponse - description: >- - A response containing a partial list of operations and a page token used - to build the next request if the request has been truncated. - type: object - properties: - operations: - description: Output only. Operations contained in this list response. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: Output only. A token used to continue a truncated list request. - type: string - Resource: - id: Resource - type: object - properties: - id: - type: string - format: uint64 - name: - description: >- - Output only. The name of the resource as it appears in the YAML - config. - type: string - type: - description: >- - Output only. The type of the resource, for example - `compute.v1.instance`, or `cloudfunctions.v1beta1.function`. - type: string - manifest: - description: >- - Output only. URL of the manifest representing the current + Output only. URL of the manifest representing the update configuration of this resource. - type: string - url: - description: Output only. The URL of the actual resource. - type: string - properties: - description: >- - Output only. The current properties of the resource before any - references have been filled in. Returned as serialized YAML. - type: string - finalProperties: - description: >- - Output only. The evaluated properties of the resource with - references expanded. Returned as serialized YAML. - type: string - accessControl: - description: The Access Control Policy set on this resource. - $ref: '#/components/schemas/ResourceAccessControl' - update: + error: description: >- - Output only. If Deployment Manager is currently updating or - previewing an update to this resource, the updated configuration - appears here. - $ref: '#/components/schemas/ResourceUpdate' - insertTime: - description: Output only. Creation timestamp in RFC3339 text format. - type: string - updateTime: - description: Output only. Update timestamp in RFC3339 text format. - type: string + Output only. If errors are generated during update of the resource, + this field will be populated. + type: object + properties: + errors: + type: array + items: + properties: + errorDetails: + items: + properties: + quotaInfo: + $ref: '#/components/schemas/QuotaExceededInfo' + localizedMessage: + $ref: '#/components/schemas/LocalizedMessage' + errorInfo: + $ref: '#/components/schemas/ErrorInfo' + help: + $ref: '#/components/schemas/Help' + type: object + description: >- + [Output Only] An optional list of messages that contain + the error details. There is a set of defined message types + to use for providing details.The syntax depends on the + error code. For example, QuotaExceededInfo will have + details when the error code is QUOTA_EXCEEDED. + type: array + message: + description: '[Output Only] An optional, human-readable error message.' + type: string + debugInfo: + readOnly: true + $ref: '#/components/schemas/DebugInfo' + code: + type: string + description: '[Output Only] The error type identifier for this error.' + arguments: + description: >- + Output only. [Output Only] Optional error details WARNING: + DO NOT MAKE VISIBLE This is for internal use-only (like + componentization) (thus the visibility "none") and in case + of public exposure it is strongly recommended to follow + pattern of: https://aip.dev/193 and expose as details + field. + readOnly: true + items: + type: string + type: array + location: + type: string + description: >- + [Output Only] Indicates the field in the request that + caused the error. This property is optional. + type: object + description: >- + [Output Only] The array of errors encountered while processing + this operation. warnings: description: >- Output only. If warning messages are generated during processing of this resource, this field will be populated. - type: array items: - type: object - properties: - code: - description: >- - [Output Only] A warning code, if applicable. For example, - Compute Engine returns NO_RESULTS_ON_PAGE if there are no - results in the response. + properties: + message: type: string + description: >- + [Output Only] A human-readable description of the warning + code. + data: + description: >- + [Output Only] Metadata about this warning in key: value + format. For example: "data": [ { "key": "scope", "value": + "zones/us-east1-d" } + type: array + items: + properties: + key: + description: >- + [Output Only] A key that provides more detail on the + warning being returned. For example, for warnings where + there are no results in a list request for a particular + zone, this key might be scope and the key value might be + the zone name. Other examples might be a key indicating + a deprecated resource and a suggested replacement, or a + warning about invalid network settings (for example, if + an instance attempts to perform IP forwarding but is not + enabled for IP forwarding). + type: string + value: + type: string + description: >- + [Output Only] A warning data value corresponding to the + key. + type: object + code: enumDescriptions: - A link to a deprecated resource was created. - No results are present on a particular list page. @@ -1530,6 +1247,9 @@ components: indicate that a resource has attributes that could result in the creation of a VM that uses global DNS. - Resource can't be retrieved due to api quota exceeded. + - >- + Upcoming maintenance schedule is unavailable for the + resource. - >- Reserved entries for quickly adding new warnings without breaking dependent clients. @@ -1537,47 +1257,6 @@ components: - '' - '' - '' - enumDeprecated: - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - true - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false enum: - DEPRECATED_RESOURCE_USED - NO_RESULTS_ON_PAGE @@ -1614,130 +1293,462 @@ components: - QUOTA_INFO_UNAVAILABLE - RESOURCE_USES_GLOBAL_DNS - RATE_LIMIT_EXCEEDED - - RESERVED_ENTRY_135 + - UPCOMING_MAINTENANCES_UNAVAILABLE - RESERVED_ENTRY_136 - RESERVED_ENTRY_139 - RESERVED_ENTRY_141 - RESERVED_ENTRY_142 - message: - description: >- - [Output Only] A human-readable description of the warning - code. + - RESERVED_ENTRY_143 type: string - data: description: >- - [Output Only] Metadata about this warning in key: value - format. For example: "data": [ { "key": "scope", "value": - "zones/us-east1-d" } - type: array - items: - type: object - properties: - key: - description: >- - [Output Only] A key that provides more detail on the - warning being returned. For example, for warnings where - there are no results in a list request for a particular - zone, this key might be scope and the key value might be - the zone name. Other examples might be a key indicating - a deprecated resource and a suggested replacement, or a - warning about invalid network settings (for example, if - an instance attempts to perform IP forwarding but is not - enabled for IP forwarding). - type: string - value: - description: >- - [Output Only] A warning data value corresponding to the - key. - type: string - ResourceAccessControl: - id: ResourceAccessControl - description: The access controls set on the resource. + [Output Only] A warning code, if applicable. For example, + Compute Engine returns NO_RESULTS_ON_PAGE if there are no + results in the response. + enumDeprecated: + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - true + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + type: object + type: array + intent: + description: >- + Output only. The intent of the resource: `PREVIEW`, `UPDATE`, or + `CANCEL`. + enumDescriptions: + - >- + The resource is scheduled to be created, or if it already exists, + acquired. + - The resource is scheduled to be deleted. + - The resource is scheduled to be acquired. + - The resource is scheduled to be updated via the UPDATE method. + - The resource is scheduled to be abandoned. + - The resource is scheduled to be created. + enum: + - CREATE_OR_ACQUIRE + - DELETE + - ACQUIRE + - UPDATE + - ABANDON + - CREATE + type: string + AuditConfig: + properties: + service: + description: >- + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + type: string + auditLogConfigs: + description: The configuration for logging of each type of permission. + items: + $ref: '#/components/schemas/AuditLogConfig' + type: array + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + type: object + id: AuditConfig + AuditLogConfig: + type: object + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + id: AuditLogConfig + properties: + exemptedMembers: + description: >- + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + items: + type: string + type: array + logType: + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + type: string + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + description: The log type that this config enables. + BulkInsertOperationStatus: + type: object + properties: + failedToCreateVmCount: + format: int32 + type: integer + description: >- + [Output Only] Count of VMs that started creating but encountered an + error. + targetVmCount: + format: int32 + type: integer + description: '[Output Only] Count of VMs originally planned to be created.' + status: + type: string + enum: + - STATUS_UNSPECIFIED + - CREATING + - ROLLING_BACK + - DONE + description: >- + [Output Only] Creation status of BulkInsert operation - information + if the flow is rolling forward or rolling back. + enumDescriptions: + - '' + - Rolling forward - creating VMs. + - Rolling back - cleaning up after an error. + - Done + createdVmCount: + description: '[Output Only] Count of VMs successfully created so far.' + format: int32 + type: integer + deletedVmCount: + description: '[Output Only] Count of VMs that got deleted during rollback.' + format: int32 + type: integer + id: BulkInsertOperationStatus + DeploymentLabelEntry: + properties: + value: + description: Value of the label + type: string + key: + description: Key of the label + type: string type: object + description: Label object for Deployments + id: DeploymentLabelEntry + SetCommonInstanceMetadataOperationMetadata: + id: SetCommonInstanceMetadataOperationMetadata properties: - gcpIamPolicy: - description: The GCP IAM Policy to set on the resource. + clientOperationId: type: string - ResourceUpdate: - id: ResourceUpdate + description: '[Output Only] The client operation id.' + perLocationOperations: + additionalProperties: + $ref: >- + #/components/schemas/SetCommonInstanceMetadataOperationMetadataPerLocationOperationInfo + description: >- + [Output Only] Status information per location (location name is + key). Example key: zones/us-central1-a + type: object + type: object + SetCommonInstanceMetadataOperationMetadataPerLocationOperationInfo: type: object properties: - manifest: + state: description: >- - Output only. URL of the manifest representing the update - configuration of this resource. + [Output Only] Status of the action, which can be one of the + following: `PROPAGATING`, `PROPAGATED`, `ABANDONED`, `FAILED`, or + `DONE`. + enumDescriptions: + - '' + - >- + Operation is not yet confirmed to have been created in the + location. + - Operation is confirmed to be in the location. + - >- + Operation not tracked in this location e.g. zone is marked as + DOWN. + - Operation is in an error state. + - Operation has completed successfully. + enum: + - UNSPECIFIED + - PROPAGATING + - PROPAGATED + - ABANDONED + - FAILED + - DONE type: string error: description: >- - Output only. If errors are generated during update of the resource, - this field will be populated. - type: object - properties: - errors: - description: >- - [Output Only] The array of errors encountered while processing - this operation. - type: array - items: - type: object - properties: - code: - description: '[Output Only] The error type identifier for this error.' - type: string - location: - description: >- - [Output Only] Indicates the field in the request that - caused the error. This property is optional. - type: string - message: - description: '[Output Only] An optional, human-readable error message.' - type: string - arguments: - description: >- - [Output Only] Optional error details WARNING: DO NOT MAKE - VISIBLE This is for internal use-only (like - componentization) (thus the visibility "none") and in case - of public exposure it is strongly recommended to follow - pattern of: https://aip.dev/193 and expose as details - field. - type: array - items: - type: string - debugInfo: - $ref: '#/components/schemas/DebugInfo' - errorDetails: - description: >- - [Output Only] An optional list of messages that contain - the error details. There is a set of defined message types - to use for providing details.The syntax depends on the - error code. For example, QuotaExceededInfo will have - details when the error code is QUOTA_EXCEEDED. - type: array - items: - type: object - properties: - errorInfo: - $ref: '#/components/schemas/ErrorInfo' - quotaInfo: - $ref: '#/components/schemas/QuotaExceededInfo' - help: - $ref: '#/components/schemas/Help' - localizedMessage: - $ref: '#/components/schemas/LocalizedMessage' - warnings: + [Output Only] If state is `ABANDONED` or `FAILED`, this field is + populated. + $ref: '#/components/schemas/Status' + id: SetCommonInstanceMetadataOperationMetadataPerLocationOperationInfo + Help: + type: object + description: >- + Provides links to documentation or for performing an out of band action. + For example, if a quota check failed with an error indicating the + calling project hasn't enabled the accessed service, this can contain a + URL pointing directly to the right place in the developer console to + flip the bit. + id: Help + properties: + links: + type: array + description: >- + URL(s) pointing to additional information on handling the current + error. + items: + $ref: '#/components/schemas/HelpLink' + DeploymentsCancelPreviewRequest: + type: object + id: DeploymentsCancelPreviewRequest + properties: + fingerprint: + format: byte + type: string + description: >- + Specifies a fingerprint for `cancelPreview()` requests. A + fingerprint is a randomly generated value that must be provided in + `cancelPreview()` requests to perform optimistic locking. This + ensures optimistic concurrency so that the deployment does not have + conflicting requests (e.g. if someone attempts to make a new update + request while another user attempts to cancel a preview, this would + prevent one of the requests). The fingerprint is initially generated + by Deployment Manager and changes after every request to modify a + deployment. To get the latest fingerprint value, perform a `get()` + request on the deployment. + DeploymentsStopRequest: + type: object + id: DeploymentsStopRequest + properties: + fingerprint: + format: byte + description: >- + Specifies a fingerprint for `stop()` requests. A fingerprint is a + randomly generated value that must be provided in `stop()` requests + to perform optimistic locking. This ensures optimistic concurrency + so that the deployment does not have conflicting requests (e.g. if + someone attempts to make a new update request while another user + attempts to stop an ongoing update request, this would prevent a + collision). The fingerprint is initially generated by Deployment + Manager and changes after every request to modify a deployment. To + get the latest fingerprint value, perform a `get()` request on the + deployment. + type: string + Binding: + id: Binding + properties: + condition: + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + role: + type: string + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + members: + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + items: + type: string + type: array + description: Associates `members`, or principals, with a `role`. + type: object + HelpLink: + properties: + url: + description: The URL of the link. + type: string + description: + type: string + description: Describes what the link offers. + type: object + id: HelpLink + description: Describes a URL link. + TestPermissionsResponse: + properties: + permissions: description: >- - Output only. If warning messages are generated during processing of - this resource, this field will be populated. + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + items: + type: string type: array + id: TestPermissionsResponse + type: object + Resource: + properties: + finalProperties: + type: string + description: >- + Output only. The evaluated properties of the resource with + references expanded. Returned as serialized YAML. + type: + type: string + description: >- + Output only. The type of the resource, for example + `compute.v1.instance`, or `cloudfunctions.v1beta1.function`. + warnings: items: - type: object properties: code: - description: >- - [Output Only] A warning code, if applicable. For example, - Compute Engine returns NO_RESULTS_ON_PAGE if there are no - results in the response. - type: string + enum: + - DEPRECATED_RESOURCE_USED + - NO_RESULTS_ON_PAGE + - UNREACHABLE + - NEXT_HOP_ADDRESS_NOT_ASSIGNED + - NEXT_HOP_INSTANCE_NOT_FOUND + - NEXT_HOP_INSTANCE_NOT_ON_NETWORK + - NEXT_HOP_CANNOT_IP_FORWARD + - NEXT_HOP_NOT_RUNNING + - INJECTED_KERNELS_DEPRECATED + - REQUIRED_TOS_AGREEMENT + - DISK_SIZE_LARGER_THAN_IMAGE_SIZE + - RESOURCE_NOT_DELETED + - SINGLE_INSTANCE_PROPERTY_TEMPLATE + - NOT_CRITICAL_ERROR + - CLEANUP_FAILED + - FIELD_VALUE_OVERRIDEN + - RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING + - NETWORK_ENDPOINT_NOT_DETACHED + - PAGE_MISSING_RESULTS + - SSL_POLICY_ENABLED_FEATURES_NOT_FETCHED + - RESOURCE_NOT_FOUND_WARNING + - MISSING_TYPE_DEPENDENCY + - EXTERNAL_API_WARNING + - SCHEMA_VALIDATION_IGNORED + - UNDECLARED_PROPERTIES + - EXPERIMENTAL_TYPE_USED + - DEPRECATED_TYPE_USED + - PARTIAL_SUCCESS + - LARGE_DEPLOYMENT_WARNING + - NEXT_HOP_INSTANCE_HAS_NO_IPV6_INTERFACE + - INVALID_HEALTH_CHECK_FOR_DYNAMIC_WIEGHTED_LB + - LIST_OVERHEAD_QUOTA_EXCEED + - QUOTA_INFO_UNAVAILABLE + - RESOURCE_USES_GLOBAL_DNS + - RATE_LIMIT_EXCEEDED + - UPCOMING_MAINTENANCES_UNAVAILABLE + - RESERVED_ENTRY_136 + - RESERVED_ENTRY_139 + - RESERVED_ENTRY_141 + - RESERVED_ENTRY_142 + - RESERVED_ENTRY_143 enumDescriptions: - A link to a deprecated resource was created. - No results are present on a particular list page. @@ -1822,6 +1833,9 @@ components: indicate that a resource has attributes that could result in the creation of a VM that uses global DNS. - Resource can't be retrieved due to api quota exceeded. + - >- + Upcoming maintenance schedule is unavailable for the + resource. - >- Reserved entries for quickly adding new warnings without breaking dependent clients. @@ -1870,62 +1884,33 @@ components: - false - false - false - enum: - - DEPRECATED_RESOURCE_USED - - NO_RESULTS_ON_PAGE - - UNREACHABLE - - NEXT_HOP_ADDRESS_NOT_ASSIGNED - - NEXT_HOP_INSTANCE_NOT_FOUND - - NEXT_HOP_INSTANCE_NOT_ON_NETWORK - - NEXT_HOP_CANNOT_IP_FORWARD - - NEXT_HOP_NOT_RUNNING - - INJECTED_KERNELS_DEPRECATED - - REQUIRED_TOS_AGREEMENT - - DISK_SIZE_LARGER_THAN_IMAGE_SIZE - - RESOURCE_NOT_DELETED - - SINGLE_INSTANCE_PROPERTY_TEMPLATE - - NOT_CRITICAL_ERROR - - CLEANUP_FAILED - - FIELD_VALUE_OVERRIDEN - - RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING - - NETWORK_ENDPOINT_NOT_DETACHED - - PAGE_MISSING_RESULTS - - SSL_POLICY_ENABLED_FEATURES_NOT_FETCHED - - RESOURCE_NOT_FOUND_WARNING - - MISSING_TYPE_DEPENDENCY - - EXTERNAL_API_WARNING - - SCHEMA_VALIDATION_IGNORED - - UNDECLARED_PROPERTIES - - EXPERIMENTAL_TYPE_USED - - DEPRECATED_TYPE_USED - - PARTIAL_SUCCESS - - LARGE_DEPLOYMENT_WARNING - - NEXT_HOP_INSTANCE_HAS_NO_IPV6_INTERFACE - - INVALID_HEALTH_CHECK_FOR_DYNAMIC_WIEGHTED_LB - - LIST_OVERHEAD_QUOTA_EXCEED - - QUOTA_INFO_UNAVAILABLE - - RESOURCE_USES_GLOBAL_DNS - - RATE_LIMIT_EXCEEDED - - RESERVED_ENTRY_135 - - RESERVED_ENTRY_136 - - RESERVED_ENTRY_139 - - RESERVED_ENTRY_141 - - RESERVED_ENTRY_142 + - false + type: string + description: >- + [Output Only] A warning code, if applicable. For example, + Compute Engine returns NO_RESULTS_ON_PAGE if there are no + results in the response. message: description: >- [Output Only] A human-readable description of the warning code. type: string data: + type: array description: >- [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" } - type: array items: type: object properties: + value: + type: string + description: >- + [Output Only] A warning data value corresponding to the + key. key: + type: string description: >- [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where @@ -1936,216 +1921,295 @@ components: warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding). - type: string - value: - description: >- - [Output Only] A warning data value corresponding to the - key. - type: string - state: - description: Output only. The state of the resource. - type: string - enumDescriptions: - - There are changes pending for this resource. - - The service is executing changes on the resource. - - The service is previewing changes on the resource. - - The service has failed to change the resource. - - The service has aborted trying to change the resource. - enum: - - PENDING - - IN_PROGRESS - - IN_PREVIEW - - FAILED - - ABORTED - intent: + type: object description: >- - Output only. The intent of the resource: `PREVIEW`, `UPDATE`, or - `CANCEL`. + Output only. If warning messages are generated during processing of + this resource, this field will be populated. + type: array + id: + format: uint64 type: string - enumDescriptions: - - >- - The resource is scheduled to be created, or if it already exists, - acquired. - - The resource is scheduled to be deleted. - - The resource is scheduled to be acquired. - - The resource is scheduled to be updated via the UPDATE method. - - The resource is scheduled to be abandoned. - - The resource is scheduled to be created. - enum: - - CREATE_OR_ACQUIRE - - DELETE - - ACQUIRE - - UPDATE - - ABANDON - - CREATE - properties: - description: >- - Output only. The set of updated properties for this resource, before - references are expanded. Returned as serialized YAML. + insertTime: + description: Output only. Creation timestamp in RFC3339 text format. type: string - finalProperties: + update: description: >- - Output only. The expanded properties of the resource with reference - values expanded. Returned as serialized YAML. + Output only. If Deployment Manager is currently updating or + previewing an update to this resource, the updated configuration + appears here. + $ref: '#/components/schemas/ResourceUpdate' + name: type: string - accessControl: description: >- - The Access Control Policy to set on this resource after updating the - resource itself. + Output only. The name of the resource as it appears in the YAML + config. + accessControl: $ref: '#/components/schemas/ResourceAccessControl' - ResourcesListResponse: - id: ResourcesListResponse - description: >- - A response containing a partial list of resources and a page token used - to build the next request if the request has been truncated. + description: The Access Control Policy set on this resource. + manifest: + description: >- + Output only. URL of the manifest representing the current + configuration of this resource. + type: string + url: + type: string + description: Output only. The URL of the actual resource. + updateTime: + description: Output only. Update timestamp in RFC3339 text format. + type: string + properties: + description: >- + Output only. The current properties of the resource before any + references have been filled in. Returned as serialized YAML. + type: string + id: Resource + type: object + ImportFile: type: object properties: - resources: - description: Resources contained in this list response. + name: + type: string + description: The name of the file. + content: + description: The contents of the file. + type: string + id: ImportFile + DeploymentsListResponse: + id: DeploymentsListResponse + description: >- + A response containing a partial list of deployments and a page token + used to build the next request if the request has been truncated. + properties: + deployments: + description: Output only. The deployments contained in this response. type: array items: - $ref: '#/components/schemas/Resource' + $ref: '#/components/schemas/Deployment' nextPageToken: - description: A token used to continue a truncated list request. type: string - TypesListResponse: - id: TypesListResponse - description: A response that returns all Types supported by Deployment Manager + description: Output only. A token used to continue a truncated list request. type: object + Policy: properties: - types: + version: + type: integer description: >- - Output only. A list of resource types supported by Deployment - Manager. - type: array + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + format: int32 + bindings: items: - $ref: '#/components/schemas/Type' - nextPageToken: - description: A token used to continue a truncated list request. - type: string - Type: - id: Type - description: A resource type supported by Deployment Manager. - type: object - properties: - name: - description: Name of the type. - type: string - id: - type: string - format: uint64 - insertTime: - description: Output only. Creation timestamp in RFC3339 text format. - type: string - selfLink: - description: Output only. Server defined URL for the resource. + $ref: '#/components/schemas/Binding' + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + type: array + etag: + format: byte type: string - operation: description: >- - Output only. The Operation that most recently ran, or is currently - running, on this type. - $ref: '#/components/schemas/Operation' + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + auditConfigs: + type: array + items: + $ref: '#/components/schemas/AuditConfig' + description: Specifies cloud audit logging configuration for this policy. + id: Policy + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + type: object parameters: - access_token: - description: OAuth access token. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: access_token + name: uploadType schema: type: string - alt: - description: Data format for response. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: alt + name: fields schema: type: string - enum: - - json - - media - - proto - callback: - description: JSONP + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: callback + name: oauth_token schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + access_token: + description: OAuth access token. in: query - name: fields + name: access_token schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + callback: + description: JSONP in: query - name: key + name: callback schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + _.xgafv: + description: V1 error format. in: query - name: oauth_token + name: $.xgafv schema: type: string + enum: + - '1' + - '2' prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string upload_protocol: description: Upload protocol for media (e.g. "raw", "multipart"). in: query name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + alt: + description: Data format for response. in: query - name: uploadType + name: alt schema: type: string - _.xgafv: - description: V1 error format. + enum: + - json + - media + - proto + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: $.xgafv + name: quotaUser + schema: + type: string + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: + operations: + id: google.deploymentmanager.operations + name: operations + title: Operations + methods: + get: + operation: + $ref: >- + #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1operations~1{operation}/get + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.operations + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' + insert: [] + update: [] + replace: [] + delete: [] deployments: id: google.deploymentmanager.deployments name: deployments title: Deployments methods: - insert: + delete: operation: $ref: >- - #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments/post + #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments~1{deployment}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments/get + #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments~1{deployment}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.deployments update: operation: $ref: >- @@ -2160,17 +2224,18 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments~1{deployment}/delete + #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments/get response: mediaType: application/json openAPIDocKey: '200' - get: + objectKey: $.deployments + insert: operation: $ref: >- - #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments~1{deployment}/get + #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments/post response: mediaType: application/json openAPIDocKey: '200' @@ -2205,14 +2270,13 @@ components: name: deployments_iam_policies title: Deployments_iam_policies methods: - get_iam_policy: + test_iam_permissions: operation: $ref: >- - #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments~1{resource}~1getIamPolicy/get + #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments~1{resource}~1testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings set_iam_policy: operation: $ref: >- @@ -2220,13 +2284,14 @@ components: response: mediaType: application/json openAPIDocKey: '200' - test_iam_permissions: + get_iam_policy: operation: $ref: >- - #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments~1{resource}~1testIamPermissions/post + #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments~1{resource}~1getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- @@ -2237,86 +2302,58 @@ components: - $ref: >- #/components/x-stackQL-resources/deployments_iam_policies/methods/set_iam_policy delete: [] - manifests: - id: google.deploymentmanager.manifests - name: manifests - title: Manifests - methods: - get: - operation: - $ref: >- - #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments~1{deployment}~1manifests~1{manifest}/get - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: >- - #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments~1{deployment}~1manifests/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.manifests - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/manifests/methods/get' - - $ref: '#/components/x-stackQL-resources/manifests/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - operations: - id: google.deploymentmanager.operations - name: operations - title: Operations + resources: + id: google.deploymentmanager.resources + name: resources + title: Resources methods: get: operation: $ref: >- - #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1operations~1{operation}/get + #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments~1{deployment}~1resources~1{resource}/get response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1operations/get + #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments~1{deployment}~1resources/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations + objectKey: $.resources sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' + - $ref: '#/components/x-stackQL-resources/resources/methods/get' + - $ref: '#/components/x-stackQL-resources/resources/methods/list' insert: [] update: [] replace: [] delete: [] - resources: - id: google.deploymentmanager.resources - name: resources - title: Resources + manifests: + id: google.deploymentmanager.manifests + name: manifests + title: Manifests methods: get: operation: $ref: >- - #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments~1{deployment}~1resources~1{resource}/get + #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments~1{deployment}~1manifests~1{manifest}/get response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments~1{deployment}~1resources/get + #/paths/~1deploymentmanager~1v2~1projects~1{project}~1global~1deployments~1{deployment}~1manifests/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.resources + objectKey: $.manifests sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/resources/methods/get' - - $ref: '#/components/x-stackQL-resources/resources/methods/list' + - $ref: '#/components/x-stackQL-resources/manifests/methods/get' + - $ref: '#/components/x-stackQL-resources/manifests/methods/list' insert: [] update: [] replace: [] @@ -2342,38 +2379,39 @@ components: replace: [] delete: [] paths: - /deploymentmanager/v2/projects/{project}/global/deployments: + /deploymentmanager/v2/projects/{project}/global/operations/{operation}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - post: - description: >- - Creates a deployment and all of the resources described by the - deployment manifest. - operationId: deploymentmanager.deployments.insert - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Deployment' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/key' + get: + description: Gets information about a specific operation. + operationId: deploymentmanager.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/ndev.cloudman Oauth2c: - https://www.googleapis.com/auth/ndev.cloudman + - Oauth2: + - https://www.googleapis.com/auth/ndev.cloudman.readonly + Oauth2c: + - https://www.googleapis.com/auth/ndev.cloudman.readonly responses: '200': description: Successful response @@ -2387,21 +2425,20 @@ paths: required: true schema: type: string - - in: query - name: preview - schema: - type: boolean - - in: query - name: createPolicy + - in: path + name: operation + required: true schema: type: string - in: query name: header.bypassBillingFilter schema: type: boolean + /deploymentmanager/v2/projects/{project}/global/operations: + parameters: *ref_1 get: - description: Lists all deployments for a given project. - operationId: deploymentmanager.deployments.list + description: Lists all operations for a project. + operationId: deploymentmanager.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2425,18 +2462,13 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DeploymentsListResponse' + $ref: '#/components/schemas/OperationsListResponse' parameters: - in: path name: project required: true schema: type: string - - in: query - name: maxResults - schema: - type: integer - format: uint32 - in: query name: pageToken schema: @@ -2449,18 +2481,16 @@ paths: name: orderBy schema: type: string + - in: query + name: maxResults + schema: + type: integer + format: uint32 /deploymentmanager/v2/projects/{project}/global/deployments/{deployment}: parameters: *ref_1 - put: - description: >- - Updates a deployment and all of the resources described by the - deployment manifest. - operationId: deploymentmanager.deployments.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Deployment' + delete: + description: Deletes a deployment and all of the resources in the deployment. + operationId: deploymentmanager.deployments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2489,47 +2519,40 @@ paths: schema: type: string - in: query - name: createPolicy + name: header.bypassBillingFilter schema: - type: string + type: boolean - in: query name: deletePolicy schema: type: string - - in: query - name: preview - schema: - type: boolean - - in: query - name: header.bypassBillingFilter - schema: - type: boolean - patch: - description: >- - Patches a deployment and all of the resources described by the - deployment manifest. - operationId: deploymentmanager.deployments.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Deployment' + get: + description: Gets information about a specific deployment. + operationId: deploymentmanager.deployments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/ndev.cloudman Oauth2c: - https://www.googleapis.com/auth/ndev.cloudman + - Oauth2: + - https://www.googleapis.com/auth/ndev.cloudman.readonly + Oauth2c: + - https://www.googleapis.com/auth/ndev.cloudman.readonly responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Deployment' parameters: - in: path name: project @@ -2541,25 +2564,20 @@ paths: required: true schema: type: string - - in: query - name: createPolicy - schema: - type: string - - in: query - name: deletePolicy - schema: - type: string - - in: query - name: preview - schema: - type: boolean - in: query name: header.bypassBillingFilter schema: type: boolean - delete: - description: Deletes a deployment and all of the resources in the deployment. - operationId: deploymentmanager.deployments.delete + put: + description: >- + Updates a deployment and all of the resources described by the + deployment manifest. + operationId: deploymentmanager.deployments.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Deployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2591,37 +2609,44 @@ paths: name: deletePolicy schema: type: string + - in: query + name: preview + schema: + type: boolean - in: query name: header.bypassBillingFilter schema: type: boolean - get: - description: Gets information about a specific deployment. - operationId: deploymentmanager.deployments.get + - in: query + name: createPolicy + schema: + type: string + patch: + description: >- + Patches a deployment and all of the resources described by the + deployment manifest. + operationId: deploymentmanager.deployments.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Deployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/ndev.cloudman Oauth2c: - https://www.googleapis.com/auth/ndev.cloudman - - Oauth2: - - https://www.googleapis.com/auth/ndev.cloudman.readonly - Oauth2c: - - https://www.googleapis.com/auth/ndev.cloudman.readonly responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Deployment' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project @@ -2633,22 +2658,32 @@ paths: required: true schema: type: string + - in: query + name: createPolicy + schema: + type: string + - in: query + name: preview + schema: + type: boolean - in: query name: header.bypassBillingFilter schema: type: boolean - /deploymentmanager/v2/projects/{project}/global/deployments/{deployment}/cancelPreview: + - in: query + name: deletePolicy + schema: + type: string + /deploymentmanager/v2/projects/{project}/global/deployments/{resource}/testIamPermissions: parameters: *ref_1 post: - description: >- - Cancels and removes the preview currently associated with the - deployment. - operationId: deploymentmanager.deployments.cancelPreview + description: Returns permissions that a caller has on the specified resource. + operationId: deploymentmanager.deployments.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/DeploymentsCancelPreviewRequest' + $ref: '#/components/schemas/TestPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2664,7 +2699,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestPermissionsResponse' parameters: - in: path name: project @@ -2672,56 +2707,76 @@ paths: schema: type: string - in: path - name: deployment + name: resource required: true schema: type: string - /deploymentmanager/v2/projects/{project}/global/deployments/{deployment}/stop: + - in: query + name: header.bypassBillingFilter + schema: + type: boolean + /deploymentmanager/v2/projects/{project}/global/deployments: parameters: *ref_1 - post: - description: >- - Stops an ongoing operation. This does not roll back any work that has - already been completed, but prevents any new work from being started. - operationId: deploymentmanager.deployments.stop - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DeploymentsStopRequest' + get: + description: Lists all deployments for a given project. + operationId: deploymentmanager.deployments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/ndev.cloudman Oauth2c: - https://www.googleapis.com/auth/ndev.cloudman + - Oauth2: + - https://www.googleapis.com/auth/ndev.cloudman.readonly + Oauth2c: + - https://www.googleapis.com/auth/ndev.cloudman.readonly responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/DeploymentsListResponse' parameters: - in: path name: project required: true schema: type: string - - in: path - name: deployment - required: true + - in: query + name: pageToken schema: type: string - /deploymentmanager/v2/projects/{project}/global/deployments/{resource}/getIamPolicy: - parameters: *ref_1 - get: + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: maxResults + schema: + type: integer + format: uint32 + post: description: >- - Gets the access control policy for a resource. May be empty if no such - policy or resource exists. - operationId: deploymentmanager.deployments.getIamPolicy + Creates a deployment and all of the resources described by the + deployment manifest. + operationId: deploymentmanager.deployments.insert + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Deployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2737,25 +2792,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project required: true schema: type: string - - in: path - name: resource - required: true + - in: query + name: createPolicy schema: type: string - in: query - name: optionsRequestedPolicyVersion + name: header.bypassBillingFilter schema: - type: integer - format: int32 + type: boolean - in: query - name: header.bypassBillingFilter + name: preview schema: type: boolean /deploymentmanager/v2/projects/{project}/global/deployments/{resource}/setIamPolicy: @@ -2797,16 +2850,18 @@ paths: required: true schema: type: string - /deploymentmanager/v2/projects/{project}/global/deployments/{resource}/testIamPermissions: + /deploymentmanager/v2/projects/{project}/global/deployments/{deployment}/cancelPreview: parameters: *ref_1 post: - description: Returns permissions that a caller has on the specified resource. - operationId: deploymentmanager.deployments.testIamPermissions + description: >- + Cancels and removes the preview currently associated with the + deployment. + operationId: deploymentmanager.deployments.cancelPreview requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestPermissionsRequest' + $ref: '#/components/schemas/DeploymentsCancelPreviewRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2822,7 +2877,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project @@ -2830,43 +2885,38 @@ paths: schema: type: string - in: path - name: resource + name: deployment required: true schema: type: string - - in: query - name: header.bypassBillingFilter - schema: - type: boolean - /deploymentmanager/v2/projects/{project}/global/deployments/{deployment}/manifests/{manifest}: + /deploymentmanager/v2/projects/{project}/global/deployments/{deployment}/stop: parameters: *ref_1 - get: - description: Gets information about a specific manifest. - operationId: deploymentmanager.manifests.get + post: + description: >- + Stops an ongoing operation. This does not roll back any work that has + already been completed, but prevents any new work from being started. + operationId: deploymentmanager.deployments.stop + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DeploymentsStopRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/ndev.cloudman Oauth2c: - https://www.googleapis.com/auth/ndev.cloudman - - Oauth2: - - https://www.googleapis.com/auth/ndev.cloudman.readonly - Oauth2c: - - https://www.googleapis.com/auth/ndev.cloudman.readonly responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Manifest' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project @@ -2878,44 +2928,29 @@ paths: required: true schema: type: string - - in: path - name: manifest - required: true - schema: - type: string - - in: query - name: header.bypassBillingFilter - schema: - type: boolean - /deploymentmanager/v2/projects/{project}/global/deployments/{deployment}/manifests: + /deploymentmanager/v2/projects/{project}/global/deployments/{resource}/getIamPolicy: parameters: *ref_1 get: - description: Lists all manifests for a given deployment. - operationId: deploymentmanager.manifests.list + description: >- + Gets the access control policy for a resource. May be empty if no such + policy or resource exists. + operationId: deploymentmanager.deployments.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/ndev.cloudman Oauth2c: - https://www.googleapis.com/auth/ndev.cloudman - - Oauth2: - - https://www.googleapis.com/auth/ndev.cloudman.readonly - Oauth2c: - - https://www.googleapis.com/auth/ndev.cloudman.readonly responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ManifestsListResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: project @@ -2923,32 +2958,24 @@ paths: schema: type: string - in: path - name: deployment + name: resource required: true schema: type: string - in: query - name: maxResults - schema: - type: integer - format: uint32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: header.bypassBillingFilter schema: - type: string + type: boolean - in: query - name: orderBy + name: optionsRequestedPolicyVersion schema: - type: string - /deploymentmanager/v2/projects/{project}/global/operations/{operation}: + type: integer + format: int32 + /deploymentmanager/v2/projects/{project}/global/deployments/{deployment}/resources/{resource}: parameters: *ref_1 get: - description: Gets information about a specific operation. - operationId: deploymentmanager.operations.get + description: Gets information about a single resource. + operationId: deploymentmanager.resources.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2972,7 +2999,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Resource' parameters: - in: path name: project @@ -2980,7 +3007,12 @@ paths: schema: type: string - in: path - name: operation + name: deployment + required: true + schema: + type: string + - in: path + name: resource required: true schema: type: string @@ -2988,11 +3020,11 @@ paths: name: header.bypassBillingFilter schema: type: boolean - /deploymentmanager/v2/projects/{project}/global/operations: + /deploymentmanager/v2/projects/{project}/global/deployments/{deployment}/resources: parameters: *ref_1 get: - description: Lists all operations for a project. - operationId: deploymentmanager.operations.list + description: Lists all resources in a given deployment. + operationId: deploymentmanager.resources.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3016,13 +3048,22 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/OperationsListResponse' + $ref: '#/components/schemas/ResourcesListResponse' parameters: - in: path name: project required: true schema: type: string + - in: path + name: deployment + required: true + schema: + type: string + - in: query + name: orderBy + schema: + type: string - in: query name: maxResults schema: @@ -3036,15 +3077,11 @@ paths: name: filter schema: type: string - - in: query - name: orderBy - schema: - type: string - /deploymentmanager/v2/projects/{project}/global/deployments/{deployment}/resources/{resource}: + /deploymentmanager/v2/projects/{project}/global/deployments/{deployment}/manifests/{manifest}: parameters: *ref_1 get: - description: Gets information about a single resource. - operationId: deploymentmanager.resources.get + description: Gets information about a specific manifest. + operationId: deploymentmanager.manifests.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3068,7 +3105,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Resource' + $ref: '#/components/schemas/Manifest' parameters: - in: path name: project @@ -3081,7 +3118,7 @@ paths: schema: type: string - in: path - name: resource + name: manifest required: true schema: type: string @@ -3089,11 +3126,11 @@ paths: name: header.bypassBillingFilter schema: type: boolean - /deploymentmanager/v2/projects/{project}/global/deployments/{deployment}/resources: + /deploymentmanager/v2/projects/{project}/global/deployments/{deployment}/manifests: parameters: *ref_1 get: - description: Lists all resources in a given deployment. - operationId: deploymentmanager.resources.list + description: Lists all manifests for a given deployment. + operationId: deploymentmanager.manifests.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3117,7 +3154,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ResourcesListResponse' + $ref: '#/components/schemas/ManifestsListResponse' parameters: - in: path name: project @@ -3129,21 +3166,21 @@ paths: required: true schema: type: string + - in: query + name: filter + schema: + type: string - in: query name: maxResults schema: type: integer format: uint32 - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: orderBy schema: type: string - in: query - name: orderBy + name: pageToken schema: type: string /deploymentmanager/v2/projects/{project}/global/types: @@ -3181,20 +3218,20 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: maxResults schema: type: integer format: uint32 - in: query - name: pageToken + name: orderBy schema: type: string - in: query name: filter schema: type: string - - in: query - name: orderBy - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/developerconnect.yaml b/providers/src/googleapis.com/v00.00.00000/services/developerconnect.yaml index e324b9d6..0d8154b0 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/developerconnect.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/developerconnect.yaml @@ -7,8 +7,8 @@ info: title: Developer Connect API description: Connect third-party source code management to Google version: v1 - x-discovery-doc-revision: '20250731' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251201' + x-generated-date: '2025-12-10' externalDocs: url: http://cloud.google.com/developer-connect/docs/overview servers: @@ -34,73 +34,42 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object + FetchGitRefsResponse: + description: Response for fetching git refs. + id: FetchGitRefsResponse properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array + refNames: items: - $ref: '#/components/schemas/Operation' + type: string + description: Name of the refs fetched. + type: array nextPageToken: - description: The standard List next-page token. + description: A token identifying a page of results the server should return. type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + type: object + Status: type: object properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + message: type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + details: + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + type: array description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status + A list of messages that carry the error details. There is a common + set of message types for APIs to use. description: >- The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It @@ -109,1297 +78,1395 @@ components: details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). + id: Status + HttpBody: type: object + id: HttpBody + description: >- + Message that represents an arbitrary HTTP body. It should only be used + for payload formats that can't be represented as JSON, such as raw + binary or an HTML page. This message can be used both in streaming and + non-streaming API methods in the request as well as the response. It can + be used as a top-level request field, which is convenient if one wants + to extract parameters from either the URL or HTTP template into the + request fields and also want access to the raw HTTP body. Example: + message GetResourceRequest { // A unique request id. string request_id = + 1; // The raw HTTP body is bound to this field. google.api.HttpBody + http_body = 2; } service ResourceService { rpc + GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc + UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } + Example with streaming methods: service CaldavService { rpc + GetCalendar(stream google.api.HttpBody) returns (stream + google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) + returns (stream google.api.HttpBody); } Use of this type only changes + how the request and response bodies are handled, all other features will + continue to work unchanged. properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + data: type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array + description: The HTTP request/response body as raw binary. + format: byte + extensions: items: type: object additionalProperties: - type: any description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object + type: any + type: array + description: >- + Application specific response metadata. Must be set in the first + response for streaming APIs. + contentType: + type: string + description: >- + The HTTP Content-Type header value specifying the content type of + the body. + FetchReadWriteTokenRequest: properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. + id: FetchReadWriteTokenRequest + description: Message for fetching SCM read/write token. + type: object + FetchAccessTokenRequest: + id: FetchAccessTokenRequest + description: Message for fetching an OAuth access token. type: object properties: {} - ListConnectionsResponse: - id: ListConnectionsResponse - description: Message for response to listing Connections + GitLabConfig: + description: Configuration for connections to gitlab.com. + properties: + readAuthorizerCredential: + $ref: '#/components/schemas/UserCredential' + description: >- + Required. A GitLab personal access token with the minimum `read_api` + scope access and a minimum role of `reporter`. The GitLab Projects + visible to this Personal Access Token will control which Projects + Developer Connect has access to. + authorizerCredential: + description: >- + Required. A GitLab personal access token with the minimum `api` + scope access and a minimum role of `maintainer`. The GitLab Projects + visible to this Personal Access Token will control which Projects + Developer Connect has access to. + $ref: '#/components/schemas/UserCredential' + webhookSecretSecretVersion: + description: >- + Required. Immutable. SecretManager resource containing the webhook + secret of a GitLab project, formatted as + `projects/*/secrets/*/versions/*` or + `projects/*/locations/*/secrets/*/versions/*` (if regional secrets + are supported in that location). This is used to validate webhooks. + type: string + type: object + id: GitLabConfig + ListAccountConnectorsResponse: type: object + description: Message for response to listing AccountConnectors + id: ListAccountConnectorsResponse properties: - connections: - description: The list of Connection + unreachable: type: array + description: Locations that could not be reached. items: - $ref: '#/components/schemas/Connection' + type: string + accountConnectors: + type: array + items: + $ref: '#/components/schemas/AccountConnector' + description: The list of AccountConnectors + nextPageToken: + type: string + description: A token identifying a page of results the server should return. + ProcessBitbucketDataCenterWebhookRequest: + description: >- + RPC request object accepted by the ProcessBitbucketDataCenterWebhook RPC + method. + id: ProcessBitbucketDataCenterWebhookRequest + type: object + properties: + body: + description: Required. HTTP request body. + $ref: '#/components/schemas/HttpBody' + ListUsersResponse: + properties: nextPageToken: description: A token identifying a page of results the server should return. type: string - unreachable: - description: Locations that could not be reached. + users: + items: + $ref: '#/components/schemas/User' + description: The list of Users type: array + unreachable: items: type: string - Connection: - id: Connection - description: Message describing Connection object + description: Locations that could not be reached. + type: array + description: Message for response to listing Users + id: ListUsersResponse + type: object + ProcessGitLabWebhookRequest: type: object properties: - githubConfig: - description: Configuration for connections to github.com. - $ref: '#/components/schemas/GitHubConfig' - githubEnterpriseConfig: - description: Configuration for connections to an instance of GitHub Enterprise. - $ref: '#/components/schemas/GitHubEnterpriseConfig' - gitlabConfig: - description: Configuration for connections to gitlab.com. - $ref: '#/components/schemas/GitLabConfig' - gitlabEnterpriseConfig: - description: Configuration for connections to an instance of GitLab Enterprise. - $ref: '#/components/schemas/GitLabEnterpriseConfig' - bitbucketDataCenterConfig: + body: + description: Required. HTTP request body. + $ref: '#/components/schemas/HttpBody' + id: ProcessGitLabWebhookRequest + description: RPC request object accepted by the ProcessGitLabWebhook RPC method. + ArtifactConfig: + type: object + properties: + googleArtifactRegistry: + $ref: '#/components/schemas/GoogleArtifactRegistry' + description: Optional. Set if the artifact is stored in Artifact registry. + googleArtifactAnalysis: description: >- - Configuration for connections to an instance of Bitbucket Data - Center. - $ref: '#/components/schemas/BitbucketDataCenterConfig' - bitbucketCloudConfig: - description: Configuration for connections to an instance of Bitbucket Clouds. - $ref: '#/components/schemas/BitbucketCloudConfig' - name: - description: >- - Identifier. The resource name of the connection, in the format - `projects/{project}/locations/{location}/connections/{connection_id}`. - type: string - createTime: - description: Output only. [Output only] Create timestamp - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. [Output only] Update timestamp - readOnly: true - type: string - format: google-datetime - deleteTime: - description: Output only. [Output only] Delete timestamp - readOnly: true - type: string - format: google-datetime - labels: - description: Optional. Labels as key value pairs - type: object - additionalProperties: - type: string - installationState: - description: Output only. Installation state of the Connection. - readOnly: true - $ref: '#/components/schemas/InstallationState' - disabled: - description: >- - Optional. If disabled is set to true, functionality is disabled for - this connection. Repository based API methods and webhooks - processing for repositories in this connection will be disabled. - type: boolean - reconciling: - description: >- - Output only. Set to true when the connection is being set up or - updated in the background. - readOnly: true - type: boolean - annotations: - description: Optional. Allows clients to store small amounts of arbitrary data. - type: object - additionalProperties: - type: string - etag: - description: >- - Optional. This checksum is computed by the server based on the value - of other fields, and may be sent on update and delete requests to - ensure the client has an up-to-date value before proceeding. - type: string - uid: - description: Output only. A system-assigned unique identifier for the Connection. - readOnly: true + Optional. Set if the artifact metadata is stored in Artifact + analysis. + $ref: '#/components/schemas/GoogleArtifactAnalysis' + uri: type: string - cryptoKeyConfig: - description: >- - Optional. The crypto key configuration. This field is used by the - Customer-Managed Encryption Keys (CMEK) feature. - $ref: '#/components/schemas/CryptoKeyConfig' - gitProxyConfig: description: >- - Optional. Configuration for the git proxy feature. Enabling the git - proxy allows clients to perform git operations on the repositories - linked in the connection. - $ref: '#/components/schemas/GitProxyConfig' - GitHubConfig: - id: GitHubConfig - description: Configuration for connections to github.com. + Required. Immutable. The URI of the artifact that is deployed. e.g. + `us-docker.pkg.dev/my-project/my-repo/image`. The URI does not + include the tag / digest because it captures a lineage of artifacts. + description: The artifact config of the artifact that is deployed. + id: ArtifactConfig + ProcessGitLabEnterpriseWebhookRequest: + properties: + body: + $ref: '#/components/schemas/HttpBody' + description: Required. HTTP request body. + id: ProcessGitLabEnterpriseWebhookRequest + type: object + description: >- + RPC request object accepted by the ProcessGitLabEnterpriseWebhook RPC + method. + UserCredential: + id: UserCredential + description: >- + Represents a personal access token that authorized the Connection, and + associated metadata. type: object properties: - githubApp: - description: >- - Required. Immutable. The GitHub Application that was installed to - the GitHub user or organization. + userTokenSecretVersion: type: string - enumDescriptions: - - GitHub App not specified. - - The Developer Connect GitHub Application. - - The Firebase GitHub Application. - enum: - - GIT_HUB_APP_UNSPECIFIED - - DEVELOPER_CONNECT - - FIREBASE - authorizerCredential: description: >- - Optional. OAuth credential of the account that authorized the GitHub - App. It is recommended to use a robot account instead of a human - user account. The OAuth token must be tied to the GitHub App of this - config. - $ref: '#/components/schemas/OAuthCredential' - appInstallationId: - description: Optional. GitHub App installation id. + Required. A SecretManager resource containing the user token that + authorizes the Developer Connect connection. Format: + `projects/*/secrets/*/versions/*` or + `projects/*/locations/*/secrets/*/versions/*` (if regional secrets + are supported in that location). + username: type: string - format: int64 - installationUri: - description: >- - Output only. The URI to navigate to in order to manage the - installation associated with this GitHubConfig. readOnly: true - type: string + description: Output only. The username associated with this token. OAuthCredential: id: OAuthCredential - description: >- - Represents an OAuth token of the account that authorized the Connection, - and associated metadata. type: object properties: oauthTokenSecretVersion: description: >- Required. A SecretManager resource containing the OAuth token that - authorizes the connection. Format: - `projects/*/secrets/*/versions/*`. + authorizes the connection. Format: `projects/*/secrets/*/versions/*` + or `projects/*/locations/*/secrets/*/versions/*` (if regional + secrets are supported in that location). type: string username: - description: Output only. The username associated with this token. readOnly: true + description: Output only. The username associated with this token. type: string - GitHubEnterpriseConfig: - id: GitHubEnterpriseConfig - description: Configuration for connections to an instance of GitHub Enterprise. + description: >- + Represents an OAuth token of the account that authorized the Connection, + and associated metadata. + GKEWorkload: type: object + description: GKEWorkload represents the Google Kubernetes Engine runtime. + id: GKEWorkload properties: - hostUri: + cluster: description: >- - Required. The URI of the GitHub Enterprise host this connection is - for. + Required. Immutable. The name of the GKE cluster. Format: + `projects/{project}/locations/{location}/clusters/{cluster}`. type: string - appId: - description: Optional. ID of the GitHub App created from the manifest. + deployment: type: string - format: int64 - appSlug: - description: Output only. The URL-friendly name of the GitHub App. readOnly: true - type: string - privateKeySecretVersion: description: >- - Optional. SecretManager resource containing the private key of the - GitHub App, formatted as `projects/*/secrets/*/versions/*`. - type: string - webhookSecretSecretVersion: + Output only. The name of the GKE deployment. Format: + `projects/{project}/locations/{location}/clusters/{cluster}/namespaces/{namespace}/deployments/{deployment}`. + FetchGitHubInstallationsResponse: + id: FetchGitHubInstallationsResponse + description: Response of fetching github installations. + type: object + properties: + installations: + type: array + items: + $ref: '#/components/schemas/Installation' description: >- - Optional. SecretManager resource containing the webhook secret of - the GitHub App, formatted as `projects/*/secrets/*/versions/*`. - type: string - appInstallationId: - description: Optional. ID of the installation of the GitHub App. + List of installations available to the OAuth user (for github.com) + or all the installations (for GitHub enterprise). + FetchAccessTokenResponse: + description: Message for responding to getting an OAuth access token. + properties: + token: type: string - format: int64 - installationUri: - description: >- - Output only. The URI to navigate to in order to manage the - installation associated with this GitHubEnterpriseConfig. - readOnly: true + description: The token content. + expirationTime: + description: Expiration timestamp. Can be empty if unknown or non-expiring. + format: google-datetime type: string - serviceDirectoryConfig: + scopes: + description: The scopes of the access token. + items: + type: string + type: array + exchangeError: description: >- - Optional. Configuration for using Service Directory to privately - connect to a GitHub Enterprise server. This should only be set if - the GitHub Enterprise server is hosted on-premises and not reachable - by public internet. If this field is left empty, calls to the GitHub - Enterprise server will be made over the public internet. - $ref: '#/components/schemas/ServiceDirectoryConfig' - serverVersion: - description: Output only. GitHub Enterprise version installed at the host_uri. - readOnly: true - type: string - sslCaCertificate: - description: Optional. SSL certificate to use for requests to GitHub Enterprise. - type: string - ServiceDirectoryConfig: - id: ServiceDirectoryConfig - description: >- - ServiceDirectoryConfig represents Service Directory configuration for a - connection. + The error resulted from exchanging OAuth tokens from the service + provider. + $ref: '#/components/schemas/ExchangeError' + id: FetchAccessTokenResponse type: object - properties: - service: - description: >- - Required. The Service Directory service name. Format: - projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. - type: string - GitLabConfig: - id: GitLabConfig - description: Configuration for connections to gitlab.com. + InsightsConfig: type: object properties: - webhookSecretSecretVersion: - description: >- - Required. Immutable. SecretManager resource containing the webhook - secret of a GitLab project, formatted as - `projects/*/secrets/*/versions/*`. This is used to validate - webhooks. + updateTime: + readOnly: true + description: Output only. Update timestamp. + format: google-datetime type: string - readAuthorizerCredential: + name: description: >- - Required. A GitLab personal access token with the minimum `read_api` - scope access and a minimum role of `reporter`. The GitLab Projects - visible to this Personal Access Token will control which Projects - Developer Connect has access to. - $ref: '#/components/schemas/UserCredential' - authorizerCredential: + Identifier. The name of the InsightsConfig. Format: + projects/{project}/locations/{location}/insightsConfigs/{insightsConfig} + type: string + reconciling: + readOnly: true + type: boolean description: >- - Required. A GitLab personal access token with the minimum `api` - scope access and a minimum role of `maintainer`. The GitLab Projects - visible to this Personal Access Token will control which Projects - Developer Connect has access to. - $ref: '#/components/schemas/UserCredential' - UserCredential: - id: UserCredential - description: >- - Represents a personal access token that authorized the Connection, and - associated metadata. - type: object - properties: - userTokenSecretVersion: + Output only. Reconciling + (https://google.aip.dev/128#reconciliation). Set to true if the + current state of InsightsConfig does not match the user's intended + state, and the service is actively updating the resource to + reconcile them. This can happen due to user-triggered updates or + system actions like failover or maintenance. + labels: + additionalProperties: + type: string + type: object + description: Optional. Set of labels associated with an InsightsConfig. + runtimeConfigs: description: >- - Required. A SecretManager resource containing the user token that - authorizes the Developer Connect connection. Format: - `projects/*/secrets/*/versions/*`. + Output only. The runtime configurations where the application is + deployed. + items: + $ref: '#/components/schemas/RuntimeConfig' + type: array + readOnly: true + annotations: + additionalProperties: + type: string + description: >- + Optional. User specified annotations. See + https://google.aip.dev/148#annotations for more details such as + format and size limitations. + type: object + state: + description: Optional. Output only. The state of the InsightsConfig. type: string - username: - description: Output only. The username associated with this token. + enumDescriptions: + - No state specified. + - >- + The InsightsConfig is pending application discovery/runtime + discovery. + - The initial discovery process is complete. + - The InsightsConfig is in an error state. + enum: + - STATE_UNSPECIFIED + - PENDING + - COMPLETE + - ERROR + artifactConfigs: + items: + $ref: '#/components/schemas/ArtifactConfig' + type: array + description: >- + Optional. The artifact configurations of the artifacts that are + deployed. + errors: + readOnly: true + items: + $ref: '#/components/schemas/Status' + type: array + description: >- + Output only. Any errors that occurred while setting up the + InsightsConfig. Each error will be in the format: `field_name: + error_message`, e.g. GetAppHubApplication: Permission denied while + getting App Hub application. Please grant permissions to the P4SA. + createTime: readOnly: true + description: Output only. Create timestamp. + format: google-datetime type: string - GitLabEnterpriseConfig: - id: GitLabEnterpriseConfig - description: Configuration for connections to an instance of GitLab Enterprise. + appHubApplication: + description: >- + Optional. The name of the App Hub Application. Format: + projects/{project}/locations/{location}/applications/{application} + type: string + description: >- + The InsightsConfig resource is the core configuration object to capture + events from your Software Development Lifecycle. It acts as the central + hub for managing how Developer connect understands your application, its + runtime environments, and the artifacts deployed within them. + id: InsightsConfig + FetchLinkableGitRepositoriesResponse: + id: FetchLinkableGitRepositoriesResponse type: object properties: - hostUri: - description: >- - Required. The URI of the GitLab Enterprise host this connection is - for. + linkableGitRepositories: + items: + $ref: '#/components/schemas/LinkableGitRepository' + type: array + description: The git repositories that can be linked to the connection. + nextPageToken: + description: A token identifying a page of results the server should return. type: string - webhookSecretSecretVersion: + description: Response message for FetchLinkableGitRepositories. + GoogleArtifactAnalysis: + description: Google Artifact Analysis configurations. + type: object + properties: + projectId: description: >- - Required. Immutable. SecretManager resource containing the webhook - secret of a GitLab project, formatted as - `projects/*/secrets/*/versions/*`. This is used to validate - webhooks. + Required. The project id of the project where the provenance is + stored. type: string - readAuthorizerCredential: + id: GoogleArtifactAnalysis + CancelOperationRequest: + properties: {} + description: The request message for Operations.CancelOperation. + id: CancelOperationRequest + type: object + GitHubEnterpriseConfig: + properties: + serverVersion: + readOnly: true + description: Output only. GitHub Enterprise version installed at the host_uri. + type: string + installationUri: + readOnly: true description: >- - Required. A GitLab personal access token with the minimum `read_api` - scope access and a minimum role of `reporter`. The GitLab Projects - visible to this Personal Access Token will control which Projects - Developer Connect has access to. - $ref: '#/components/schemas/UserCredential' - authorizerCredential: + Output only. The URI to navigate to in order to manage the + installation associated with this GitHubEnterpriseConfig. + type: string + appSlug: + type: string + readOnly: true + description: Output only. The URL-friendly name of the GitHub App. + privateKeySecretVersion: description: >- - Required. A GitLab personal access token with the minimum `api` - scope access and a minimum role of `maintainer`. The GitLab Projects - visible to this Personal Access Token will control which Projects - Developer Connect has access to. - $ref: '#/components/schemas/UserCredential' + Optional. SecretManager resource containing the private key of the + GitHub App, formatted as `projects/*/secrets/*/versions/*` or + `projects/*/locations/*/secrets/*/versions/*` (if regional secrets + are supported in that location). + type: string + appInstallationId: + format: int64 + type: string + description: Optional. ID of the installation of the GitHub App. + sslCaCertificate: + type: string + description: Optional. SSL certificate to use for requests to GitHub Enterprise. serviceDirectoryConfig: description: >- Optional. Configuration for using Service Directory to privately - connect to a GitLab Enterprise instance. This should only be set if - the GitLab Enterprise server is hosted on-premises and not reachable - by public internet. If this field is left empty, calls to the GitLab + connect to a GitHub Enterprise server. This should only be set if + the GitHub Enterprise server is hosted on-premises and not reachable + by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet. $ref: '#/components/schemas/ServiceDirectoryConfig' - sslCaCertificate: + hostUri: description: >- - Optional. SSL Certificate Authority certificate to use for requests - to GitLab Enterprise instance. + Required. The URI of the GitHub Enterprise host this connection is + for. type: string - serverVersion: + webhookSecretSecretVersion: description: >- - Output only. Version of the GitLab Enterprise server running on the - `host_uri`. - readOnly: true + Optional. SecretManager resource containing the webhook secret of + the GitHub App, formatted as `projects/*/secrets/*/versions/*` or + `projects/*/locations/*/secrets/*/versions/*` (if regional secrets + are supported in that location). type: string - BitbucketDataCenterConfig: - id: BitbucketDataCenterConfig - description: Configuration for connections to an instance of Bitbucket Data Center. + appId: + type: string + format: int64 + description: Optional. ID of the GitHub App created from the manifest. + type: object + description: Configuration for connections to an instance of GitHub Enterprise. + id: GitHubEnterpriseConfig + GitProxyConfig: + description: The git proxy configuration. type: object + id: GitProxyConfig properties: - hostUri: - description: >- - Required. The URI of the Bitbucket Data Center host this connection - is for. - type: string - webhookSecretSecretVersion: + enabled: description: >- - Required. Immutable. SecretManager resource containing the webhook - secret used to verify webhook events, formatted as - `projects/*/secrets/*/versions/*`. This is used to validate - webhooks. + Optional. Setting this to true allows the git proxy to be used for + performing git operations on the repositories linked in the + connection. + type: boolean + ExchangeError: + properties: + code: type: string - readAuthorizerCredential: - description: >- - Required. An http access token with the minimum `Repository read` - access. It's recommended to use a system account to generate the - credentials. - $ref: '#/components/schemas/UserCredential' - authorizerCredential: - description: >- - Required. An http access token with the minimum `Repository admin` - scope access. This is needed to create webhooks. It's recommended to - use a system account to generate these credentials. - $ref: '#/components/schemas/UserCredential' - serviceDirectoryConfig: - description: >- - Optional. Configuration for using Service Directory to privately - connect to a Bitbucket Data Center instance. This should only be set - if the Bitbucket Data Center is hosted on-premises and not reachable - by public internet. If this field is left empty, calls to the - Bitbucket Data Center will be made over the public internet. - $ref: '#/components/schemas/ServiceDirectoryConfig' - sslCaCertificate: + description: https://datatracker.ietf.org/doc/html/rfc6749#section-5.2 - error + description: description: >- - Optional. SSL certificate authority to trust when making requests to - Bitbucket Data Center. + https://datatracker.ietf.org/doc/html/rfc6749#section-5.2 - + error_description type: string - serverVersion: + id: ExchangeError + description: Message for representing an error from exchanging OAuth tokens. + type: object + GoogleCloudRun: + description: GoogleCloudRun represents the Cloud Run runtime. + id: GoogleCloudRun + properties: + serviceUri: description: >- - Output only. Version of the Bitbucket Data Center server running on - the `host_uri`. - readOnly: true + Required. Immutable. The name of the Cloud Run service. Format: + `projects/{project}/locations/{location}/services/{service}`. type: string - BitbucketCloudConfig: - id: BitbucketCloudConfig - description: Configuration for connections to an instance of Bitbucket Cloud. + type: object + GitHubConfig: type: object properties: - workspace: + githubApp: description: >- - Required. The Bitbucket Cloud Workspace ID to be connected to Google - Cloud Platform. + Required. Immutable. The GitHub Application that was installed to + the GitHub user or organization. + enum: + - GIT_HUB_APP_UNSPECIFIED + - DEVELOPER_CONNECT + - FIREBASE + - GEMINI_CODE_ASSIST type: string - webhookSecretSecretVersion: + enumDescriptions: + - GitHub App not specified. + - The Developer Connect GitHub Application. + - The Firebase GitHub Application. + - The Gemini Code Assist Application. + authorizerCredential: description: >- - Required. Immutable. SecretManager resource containing the webhook - secret used to verify webhook events, formatted as - `projects/*/secrets/*/versions/*`. This is used to validate and - create webhooks. - type: string - readAuthorizerCredential: - description: >- - Required. An access token with the minimum `repository` access. It - can either be a workspace, project or repository access token. It's - recommended to use a system account to generate the credentials. - $ref: '#/components/schemas/UserCredential' - authorizerCredential: + Optional. OAuth credential of the account that authorized the GitHub + App. It is recommended to use a robot account instead of a human + user account. The OAuth token must be tied to the GitHub App of this + config. + $ref: '#/components/schemas/OAuthCredential' + installationUri: description: >- - Required. An access token with the minimum `repository`, - `pullrequest` and `webhook` scope access. It can either be a - workspace, project or repository access token. This is needed to - create webhooks. It's recommended to use a system account to - generate these credentials. - $ref: '#/components/schemas/UserCredential' - InstallationState: - id: InstallationState - description: >- - Describes stage and necessary actions to be taken by the user to - complete the installation. Used for GitHub and GitHub Enterprise based - connections. - type: object - properties: - stage: - description: Output only. Current step of the installation process. + Output only. The URI to navigate to in order to manage the + installation associated with this GitHubConfig. readOnly: true type: string - enumDescriptions: - - No stage specified. - - >- - Only for GitHub Enterprise. An App creation has been requested. - The user needs to confirm the creation in their GitHub enterprise - host. - - User needs to authorize the GitHub (or Enterprise) App via OAuth. - - >- - User needs to follow the link to install the GitHub (or - Enterprise) App. - - Installation process has been completed. - enum: - - STAGE_UNSPECIFIED - - PENDING_CREATE_APP - - PENDING_USER_OAUTH - - PENDING_INSTALL_APP - - COMPLETE - message: + appInstallationId: + type: string + description: Optional. GitHub App installation id. + format: int64 + description: Configuration for connections to github.com. + id: GitHubConfig + Location: + properties: + displayName: description: >- - Output only. Message of what the user should do next to continue the - installation. Empty string if the installation is already complete. - readOnly: true + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". type: string - actionUri: + name: description: >- - Output only. Link to follow for next action. Empty string if the - installation is already complete. - readOnly: true + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` type: string - CryptoKeyConfig: - id: CryptoKeyConfig - description: >- - The crypto key configuration. This field is used by the Customer-managed - encryption keys (CMEK) feature. - type: object - properties: - keyReference: + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object description: >- - Required. The name of the key which is used to encrypt/decrypt - customer data. For key in Cloud KMS, the key should be in the format - of `projects/*/locations/*/keyRings/*/cryptoKeys/*`. + Service-specific metadata. For example the available capacity at the + given location. + locationId: type: string - GitProxyConfig: - id: GitProxyConfig - description: The git proxy configuration. + description: 'The canonical id for this location. For example: `"us-east1"`.' + labels: + type: object + additionalProperties: + type: string + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + description: A resource that represents a Google Cloud location. + id: Location + type: object + RuntimeConfig: type: object + description: RuntimeConfig represents the runtimes where the application is deployed. + id: RuntimeConfig properties: - enabled: + uri: description: >- - Optional. Setting this to true allows the git proxy to be used for - performing git operations on the repositories linked in the - connection. - type: boolean - GitRepositoryLink: - id: GitRepositoryLink - description: Message describing the GitRepositoryLink object + Required. Immutable. The URI of the runtime configuration. For GKE, + this is the cluster name. For Cloud Run, this is the service name. + type: string + gkeWorkload: + $ref: '#/components/schemas/GKEWorkload' + readOnly: true + description: Output only. Google Kubernetes Engine runtime. + appHubService: + readOnly: true + description: Output only. App Hub Service. + $ref: '#/components/schemas/AppHubService' + googleCloudRun: + $ref: '#/components/schemas/GoogleCloudRun' + description: Output only. Cloud Run runtime. + readOnly: true + state: + readOnly: true + enumDescriptions: + - No state specified. + - The runtime configuration has been linked to the InsightsConfig. + - The runtime configuration has been unlinked to the InsightsConfig. + description: Output only. The state of the Runtime. + enum: + - STATE_UNSPECIFIED + - LINKED + - UNLINKED + type: string + appHubWorkload: + $ref: '#/components/schemas/AppHubWorkload' + description: Output only. App Hub Workload. + readOnly: true + ListOperationsResponse: type: object + id: ListOperationsResponse + description: The response message for Operations.ListOperations. properties: - name: + unreachable: + items: + type: string description: >- - Identifier. Resource name of the repository, in the format - `projects/*/locations/*/connections/*/gitRepositoryLinks/*`. + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + nextPageToken: + description: The standard List next-page token. type: string - cloneUri: - description: Required. Git Clone URI. + operations: + items: + $ref: '#/components/schemas/Operation' + description: >- + A list of operations that matches the specified filter in the + request. + type: array + AppHubService: + id: AppHubService + type: object + properties: + apphubService: type: string - createTime: - description: Output only. [Output only] Create timestamp + description: >- + Required. Output only. Immutable. The name of the App Hub Service. + Format: + `projects/{project}/locations/{location}/applications/{application}/services/{service}`. readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. [Output only] Update timestamp + environment: + description: Output only. The environment of the App Hub Service. readOnly: true type: string - format: google-datetime - deleteTime: - description: Output only. [Output only] Delete timestamp + criticality: readOnly: true type: string - format: google-datetime - labels: - description: Optional. Labels as key value pairs - type: object - additionalProperties: - type: string - etag: - description: >- - Optional. This checksum is computed by the server based on the value - of other fields, and may be sent on update and delete requests to - ensure the client has an up-to-date value before proceeding. + description: Output only. The criticality of the App Hub Service. + description: AppHubService represents the App Hub Service. + AccountConnector: + id: AccountConnector + description: >- + AccountConnector encapsulates what a platform administrator needs to + configure for users to connect to the service providers, which includes, + among other fields, the OAuth client ID, client secret, and + authorization and token endpoints. + properties: + name: type: string - reconciling: description: >- - Output only. Set to true when the connection is being set up or - updated in the background. - readOnly: true - type: boolean + Identifier. The resource name of the accountConnector, in the format + `projects/{project}/locations/{location}/accountConnectors/{account_connector_id}`. annotations: - description: Optional. Allows clients to store small amounts of arbitrary data. type: object + description: Optional. Allows users to store small amounts of arbitrary data. additionalProperties: type: string - uid: - description: >- - Output only. A system-assigned unique identifier for the - GitRepositoryLink. + createTime: readOnly: true + format: google-datetime + type: string + description: Output only. The timestamp when the accountConnector was created. + oauthStartUri: type: string - webhookId: - description: Output only. External ID of the webhook created for the repository. readOnly: true + description: Output only. Start OAuth flow by clicking on this URL. + etag: type: string - gitProxyUri: description: >- - Output only. URI to access the linked repository through the Git - Proxy. This field is only populated if the git proxy is enabled for - the connection. + Optional. This checksum is computed by the server based on the value + of other fields, and may be sent on update and delete requests to + ensure the client has an up-to-date value before proceeding. + providerOauthConfig: + description: Provider OAuth config. + $ref: '#/components/schemas/ProviderOAuthConfig' + updateTime: readOnly: true + description: Output only. The timestamp when the accountConnector was updated. + format: google-datetime type: string - ListGitRepositoryLinksResponse: - id: ListGitRepositoryLinksResponse - description: Message for response to listing GitRepositoryLinks + labels: + type: object + additionalProperties: + type: string + description: Optional. Labels as key value pairs type: object + ListGitRepositoryLinksResponse: properties: - gitRepositoryLinks: - description: The list of GitRepositoryLinks - type: array - items: - $ref: '#/components/schemas/GitRepositoryLink' nextPageToken: - description: A token identifying a page of results the server should return. type: string + description: A token identifying a page of results the server should return. unreachable: - description: Locations that could not be reached. - type: array items: type: string - FetchReadWriteTokenRequest: - id: FetchReadWriteTokenRequest - description: Message for fetching SCM read/write token. - type: object - properties: {} - FetchReadWriteTokenResponse: - id: FetchReadWriteTokenResponse - description: Message for responding to get read/write token. + type: array + description: Locations that could not be reached. + gitRepositoryLinks: + description: The list of GitRepositoryLinks + items: + $ref: '#/components/schemas/GitRepositoryLink' + type: array + id: ListGitRepositoryLinksResponse + description: Message for response to listing GitRepositoryLinks + type: object + InstallationState: type: object + description: >- + Describes stage and necessary actions to be taken by the user to + complete the installation. Used for GitHub and GitHub Enterprise based + connections. + id: InstallationState properties: - token: - description: The token content. + actionUri: + readOnly: true + description: >- + Output only. Link to follow for next action. Empty string if the + installation is already complete. type: string - expirationTime: - description: Expiration timestamp. Can be empty if unknown or non-expiring. + stage: + enumDescriptions: + - No stage specified. + - >- + Only for GitHub Enterprise. An App creation has been requested. + The user needs to confirm the creation in their GitHub enterprise + host. + - User needs to authorize the GitHub (or Enterprise) App via OAuth. + - >- + User needs to follow the link to install the GitHub (or + Enterprise) App. + - Installation process has been completed. + description: Output only. Current step of the installation process. + enum: + - STAGE_UNSPECIFIED + - PENDING_CREATE_APP + - PENDING_USER_OAUTH + - PENDING_INSTALL_APP + - COMPLETE + readOnly: true type: string - format: google-datetime - gitUsername: + message: + readOnly: true description: >- - The git_username to specify when making a git clone with the token. - For example, for GitHub GitRepositoryLinks, this would be - "x-access-token" + Output only. Message of what the user should do next to continue the + installation. Empty string if the installation is already complete. type: string - FetchReadTokenRequest: - id: FetchReadTokenRequest - description: Message for fetching SCM read token. + ListConnectionsResponse: + id: ListConnectionsResponse + properties: + unreachable: + items: + type: string + type: array + description: Locations that could not be reached. + connections: + type: array + description: The list of Connection + items: + $ref: '#/components/schemas/Connection' + nextPageToken: + type: string + description: A token identifying a page of results the server should return. + description: Message for response to listing Connections type: object - properties: {} - FetchReadTokenResponse: - id: FetchReadTokenResponse - description: Message for responding to get read token. + BitbucketDataCenterConfig: + description: Configuration for connections to an instance of Bitbucket Data Center. + id: BitbucketDataCenterConfig type: object properties: - token: - description: The token content. + readAuthorizerCredential: + description: >- + Required. An http access token with the minimum `Repository read` + access. It's recommended to use a system account to generate the + credentials. + $ref: '#/components/schemas/UserCredential' + authorizerCredential: + $ref: '#/components/schemas/UserCredential' + description: >- + Required. An http access token with the minimum `Repository admin` + scope access. This is needed to create webhooks. It's recommended to + use a system account to generate these credentials. + webhookSecretSecretVersion: + description: >- + Required. Immutable. SecretManager resource containing the webhook + secret used to verify webhook events, formatted as + `projects/*/secrets/*/versions/*` or + `projects/*/locations/*/secrets/*/versions/*` (if regional secrets + are supported in that location). This is used to validate webhooks. type: string - expirationTime: - description: Expiration timestamp. Can be empty if unknown or non-expiring. + serviceDirectoryConfig: + description: >- + Optional. Configuration for using Service Directory to privately + connect to a Bitbucket Data Center instance. This should only be set + if the Bitbucket Data Center is hosted on-premises and not reachable + by public internet. If this field is left empty, calls to the + Bitbucket Data Center will be made over the public internet. + $ref: '#/components/schemas/ServiceDirectoryConfig' + sslCaCertificate: type: string - format: google-datetime - gitUsername: description: >- - The git_username to specify when making a git clone with the token. - For example, for GitHub GitRepositoryLinks, this would be - "x-access-token" + Optional. SSL certificate authority to trust when making requests to + Bitbucket Data Center. + hostUri: type: string - FetchLinkableGitRepositoriesResponse: - id: FetchLinkableGitRepositoriesResponse - description: Response message for FetchLinkableGitRepositories. + description: >- + Required. The URI of the Bitbucket Data Center host this connection + is for. + serverVersion: + type: string + readOnly: true + description: >- + Output only. Version of the Bitbucket Data Center server running on + the `host_uri`. + ListLocationsResponse: type: object properties: - linkableGitRepositories: - description: The git repositories that can be linked to the connection. + locations: + items: + $ref: '#/components/schemas/Location' + type: array + description: >- + A list of locations that matches the specified filter in the + request. + nextPageToken: + description: The standard List next-page token. + type: string + id: ListLocationsResponse + description: The response message for Locations.ListLocations. + ListInsightsConfigsResponse: + id: ListInsightsConfigsResponse + type: object + properties: + unreachable: + description: Locations that could not be reached. type: array items: - $ref: '#/components/schemas/LinkableGitRepository' + type: string nextPageToken: description: A token identifying a page of results the server should return. type: string + insightsConfigs: + type: array + items: + $ref: '#/components/schemas/InsightsConfig' + description: The list of InsightsConfigs. + description: Request for response to listing InsightsConfigs. LinkableGitRepository: - id: LinkableGitRepository - description: >- - LinkableGitRepository represents a git repository that can be linked to - a connection. type: object properties: cloneUri: + type: string description: The clone uri of the repository. + description: >- + LinkableGitRepository represents a git repository that can be linked to + a connection. + id: LinkableGitRepository + FetchReadTokenResponse: + id: FetchReadTokenResponse + properties: + token: + description: The token content. type: string - FetchGitHubInstallationsResponse: - id: FetchGitHubInstallationsResponse - description: Response of fetching github installations. + gitUsername: + description: >- + The git_username to specify when making a git clone with the token. + For example, for GitHub GitRepositoryLinks, this would be + "x-access-token" + type: string + expirationTime: + description: Expiration timestamp. Can be empty if unknown or non-expiring. + type: string + format: google-datetime + description: Message for responding to get read token. + type: object + ProcessBitbucketCloudWebhookRequest: type: object + description: >- + RPC request object accepted by the ProcessBitbucketCloudWebhook RPC + method. + id: ProcessBitbucketCloudWebhookRequest properties: - installations: - description: >- - List of installations available to the OAuth user (for github.com) - or all the installations (for GitHub enterprise). - type: array - items: - $ref: '#/components/schemas/Installation' + body: + $ref: '#/components/schemas/HttpBody' + description: Required. HTTP request body. Installation: id: Installation - description: Represents an installation of the GitHub App. - type: object properties: - id: - description: ID of the installation in GitHub. + type: + description: Either "user" or "organization". type: string - format: int64 name: - description: Name of the GitHub user or organization that owns this installation. type: string - type: - description: Either "user" or "organization". + description: Name of the GitHub user or organization that owns this installation. + id: + description: ID of the installation in GitHub. + format: int64 type: string - FetchGitRefsResponse: - id: FetchGitRefsResponse - description: Response for fetching git refs. + description: Represents an installation of the GitHub App. + type: object + FetchReadWriteTokenResponse: type: object + id: FetchReadWriteTokenResponse + description: Message for responding to get read/write token. properties: - refNames: - description: Name of the refs fetched. - type: array - items: - type: string - nextPageToken: - description: A token identifying a page of results the server should return. + expirationTime: type: string - ListAccountConnectorsResponse: - id: ListAccountConnectorsResponse - description: Message for response to listing AccountConnectors + description: Expiration timestamp. Can be empty if unknown or non-expiring. + format: google-datetime + token: + type: string + description: The token content. + gitUsername: + description: >- + The git_username to specify when making a git clone with the token. + For example, for GitHub GitRepositoryLinks, this would be + "x-access-token" + type: string + User: + id: User type: object + description: >- + User represents a user connected to the service providers through a + AccountConnector. properties: - accountConnectors: - description: The list of AccountConnectors - type: array - items: - $ref: '#/components/schemas/AccountConnector' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - AccountConnector: - id: AccountConnector - description: >- - AccountConnector encapsulates what a platform administrator needs to - configure for users to connect to the service providers, which includes, - among other fields, the OAuth client ID, client secret, and - authorization and token endpoints. - type: object - properties: - providerOauthConfig: - description: Provider OAuth config. - $ref: '#/components/schemas/ProviderOAuthConfig' name: - description: >- - Identifier. The resource name of the accountConnector, in the format - `projects/{project}/locations/{location}/accountConnectors/{account_connector_id}`. type: string - createTime: - description: Output only. The timestamp when the accountConnector was created. - readOnly: true + description: >- + Identifier. Resource name of the user, in the format + `projects/*/locations/*/accountConnectors/*/users/*`. + lastTokenRequestTime: type: string + description: Output only. The timestamp when the token was last requested. format: google-datetime - updateTime: - description: Output only. The timestamp when the accountConnector was updated. readOnly: true + createTime: type: string format: google-datetime - annotations: - description: Optional. Allows users to store small amounts of arbitrary data. - type: object - additionalProperties: - type: string - etag: - description: >- - Optional. This checksum is computed by the server based on the value - of other fields, and may be sent on update and delete requests to - ensure the client has an up-to-date value before proceeding. - type: string - labels: - description: Optional. Labels as key value pairs - type: object - additionalProperties: - type: string - oauthStartUri: - description: Output only. Start OAuth flow by clicking on this URL. + description: Output only. The timestamp when the user was created. + readOnly: true + displayName: readOnly: true - type: string - ProviderOAuthConfig: - id: ProviderOAuthConfig - description: ProviderOAuthConfig is the OAuth config for a provider. - type: object - properties: - systemProviderId: - description: Immutable. Developer Connect provided OAuth. - type: string - enumDescriptions: - - No system provider specified. - - >- - GitHub provider. Scopes can be found at - https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps#available-scopes - - >- - GitLab provider. Scopes can be found at - https://docs.gitlab.com/user/profile/personal_access_tokens/#personal-access-token-scopes - - >- - Google provider. Recommended scopes: - "https://www.googleapis.com/auth/drive.readonly", - "https://www.googleapis.com/auth/documents.readonly" - - >- - Sentry provider. Scopes can be found at - https://docs.sentry.io/api/permissions/ - - Rovo provider. Must select the "rovo" scope. - - New Relic provider. No scopes are allowed. - - Datastax provider. No scopes are allowed. - - Dynatrace provider. - enum: - - SYSTEM_PROVIDER_UNSPECIFIED - - GITHUB - - GITLAB - - GOOGLE - - SENTRY - - ROVO - - NEW_RELIC - - DATASTAX - - DYNATRACE - scopes: description: >- - Required. User selected scopes to apply to the Oauth config In the - event of changing scopes, user records under AccountConnector will - be deleted and users will re-auth again. - type: array - items: - type: string - FetchAccessTokenRequest: - id: FetchAccessTokenRequest - description: Message for fetching an OAuth access token. + Output only. Developer Connect automatically converts user identity + to some human readable description, e.g., email address. + type: string + FetchReadTokenRequest: + id: FetchReadTokenRequest type: object properties: {} - FetchAccessTokenResponse: - id: FetchAccessTokenResponse - description: Message for responding to getting an OAuth access token. - type: object + description: Message for fetching SCM read token. + ProcessGitHubEnterpriseWebhookRequest: properties: - token: - description: The token content. - type: string - expirationTime: - description: Expiration timestamp. Can be empty if unknown or non-expiring. - type: string - format: google-datetime - scopes: - description: The scopes of the access token. - type: array - items: - type: string - exchangeError: - description: >- - The error resulted from exchanging OAuth tokens from the service - provider. - $ref: '#/components/schemas/ExchangeError' - ExchangeError: - id: ExchangeError - description: Message for representing an error from exchanging OAuth tokens. + body: + description: Required. HTTP request body. + $ref: '#/components/schemas/HttpBody' type: object + id: ProcessGitHubEnterpriseWebhookRequest + description: >- + RPC request object accepted by the ProcessGitHubEnterpriseWebhook RPC + method. + GoogleArtifactRegistry: + id: GoogleArtifactRegistry + description: Google Artifact Registry configurations. properties: - code: - description: https://datatracker.ietf.org/doc/html/rfc6749#section-5.2 - error + artifactRegistryPackage: + description: Required. Immutable. The name of the artifact registry package. type: string - description: - description: >- - https://datatracker.ietf.org/doc/html/rfc6749#section-5.2 - - error_description + projectId: + description: Required. The host project of Artifact Registry. type: string - ListUsersResponse: - id: ListUsersResponse - description: Message for response to listing Users type: object - properties: - users: - description: The list of Users - type: array - items: - $ref: '#/components/schemas/User' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - User: - id: User - description: >- - User represents a user connected to the service providers through a - AccountConnector. + OperationMetadata: type: object properties: - name: - description: >- - Identifier. Resource name of the user, in the format - `projects/*/locations/*/accountConnectors/*/users/*`. - type: string - displayName: - description: >- - Output only. Developer Connect automatically converts user identity - to some human readable description, e.g., email address. + verb: readOnly: true type: string + description: Output only. Name of the verb executed by the operation. createTime: - description: Output only. The timestamp when the user was created. readOnly: true type: string + description: Output only. The time the operation was created. format: google-datetime - lastTokenRequestTime: - description: Output only. The timestamp when the token was last requested. + statusMessage: + description: Output only. Human-readable status of the operation, if any. readOnly: true type: string - format: google-datetime - ListInsightsConfigsResponse: - id: ListInsightsConfigsResponse - description: Request for response to listing InsightsConfigs. - type: object - properties: - insightsConfigs: - description: The list of InsightsConfigs. - type: array - items: - $ref: '#/components/schemas/InsightsConfig' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - InsightsConfig: - id: InsightsConfig - description: >- - The InsightsConfig resource is the core configuration object to capture - events from your Software Development Lifecycle. It acts as the central - hub for managing how Developer connect understands your application, its - runtime environments, and the artifacts deployed within them. - type: object - properties: - appHubApplication: - description: >- - Optional. The name of the App Hub Application. Format: - projects/{project}/locations/{location}/applications/{application} - type: string - name: - description: >- - Identifier. The name of the InsightsConfig. Format: - projects/{project}/locations/{location}/insightsConfigs/{insightsConfig} + endTime: + description: Output only. The time the operation finished running. type: string - createTime: - description: Output only. [Output only] Create timestamp readOnly: true - type: string format: google-datetime - updateTime: - description: Output only. [Output only] Update timestamp + target: readOnly: true + description: >- + Output only. Server-defined resource path for the target of the + operation. type: string - format: google-datetime - runtimeConfigs: + requestedCancellation: + type: boolean description: >- - Output only. The runtime configurations where the application is - deployed. + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have been cancelled successfully + have google.longrunning.Operation.error value with a + google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. readOnly: true - type: array - items: - $ref: '#/components/schemas/RuntimeConfig' - artifactConfigs: - description: >- - Optional. The artifact configurations of the artifacts that are - deployed. - type: array - items: - $ref: '#/components/schemas/ArtifactConfig' - state: - description: Optional. Output only. The state of the InsightsConfig. - type: string - enumDescriptions: - - No state specified. - - >- - The InsightsConfig is pending application discovery/runtime - discovery. - - The initial discovery process is complete. - - The InsightsConfig is in an error state. - enum: - - STATE_UNSPECIFIED - - PENDING - - COMPLETE - - ERROR - annotations: - description: >- - Optional. User specified annotations. See - https://google.aip.dev/148#annotations for more details such as - format and size limitations. - type: object - additionalProperties: - type: string - labels: - description: Optional. Set of labels associated with an InsightsConfig. - type: object - additionalProperties: - type: string - reconciling: - description: >- - Output only. Reconciling - (https://google.aip.dev/128#reconciliation). Set to true if the - current state of InsightsConfig does not match the user's intended - state, and the service is actively updating the resource to - reconcile them. This can happen due to user-triggered updates or - system actions like failover or maintenance. + apiVersion: readOnly: true - type: boolean - errors: + type: string + description: Output only. API version used to start the operation. + description: Represents the metadata of the long-running operation. + id: OperationMetadata + CryptoKeyConfig: + id: CryptoKeyConfig + description: >- + The crypto key configuration. This field is used by the Customer-managed + encryption keys (CMEK) feature. + type: object + properties: + keyReference: + type: string description: >- - Output only. Any errors that occurred while setting up the - InsightsConfig. Each error will be in the format: `field_name: - error_message`, e.g. GetAppHubApplication: Permission denied while - getting App Hub application. Please grant permissions to the P4SA. - readOnly: true - type: array - items: - $ref: '#/components/schemas/Status' - RuntimeConfig: - id: RuntimeConfig - description: RuntimeConfig represents the runtimes where the application is deployed. + Required. The name of the key which is used to encrypt/decrypt + customer data. For key in Cloud KMS, the key should be in the format + of `projects/*/locations/*/keyRings/*/cryptoKeys/*`. + GitLabEnterpriseConfig: + id: GitLabEnterpriseConfig + description: Configuration for connections to an instance of GitLab Enterprise. type: object properties: - gkeWorkload: - description: Output only. Google Kubernetes Engine runtime. - readOnly: true - $ref: '#/components/schemas/GKEWorkload' - appHubWorkload: - description: Output only. App Hub Workload. - readOnly: true - $ref: '#/components/schemas/AppHubWorkload' - uri: + sslCaCertificate: description: >- - Required. Immutable. The URI of the runtime configuration. For GKE, - this is the cluster name. For Cloud Run, this is the service name. + Optional. SSL Certificate Authority certificate to use for requests + to GitLab Enterprise instance. type: string - state: - description: Output only. The state of the Runtime. - readOnly: true + serviceDirectoryConfig: + $ref: '#/components/schemas/ServiceDirectoryConfig' + description: >- + Optional. Configuration for using Service Directory to privately + connect to a GitLab Enterprise instance. This should only be set if + the GitLab Enterprise server is hosted on-premises and not reachable + by public internet. If this field is left empty, calls to the GitLab + Enterprise server will be made over the public internet. + authorizerCredential: + $ref: '#/components/schemas/UserCredential' + description: >- + Required. A GitLab personal access token with the minimum `api` + scope access and a minimum role of `maintainer`. The GitLab Projects + visible to this Personal Access Token will control which Projects + Developer Connect has access to. + webhookSecretSecretVersion: type: string - enumDescriptions: - - No state specified. - - The runtime configuration has been linked to the InsightsConfig. - - The runtime configuration has been unlinked to the InsightsConfig. - enum: - - STATE_UNSPECIFIED - - LINKED - - UNLINKED - GKEWorkload: - id: GKEWorkload - description: GKEWorkload represents the Google Kubernetes Engine runtime. - type: object - properties: - cluster: description: >- - Required. Immutable. The name of the GKE cluster. Format: - `projects/{project}/locations/{location}/clusters/{cluster}`. + Required. Immutable. SecretManager resource containing the webhook + secret of a GitLab project, formatted as + `projects/*/secrets/*/versions/*` or + `projects/*/locations/*/secrets/*/versions/*` (if regional secrets + are supported in that location). This is used to validate webhooks. + hostUri: type: string - deployment: description: >- - Output only. The name of the GKE deployment. Format: - `projects/{project}/locations/{location}/clusters/{cluster}/namespaces/{namespace}/deployments/{deployment}`. + Required. The URI of the GitLab Enterprise host this connection is + for. + serverVersion: + description: >- + Output only. Version of the GitLab Enterprise server running on the + `host_uri`. + type: string readOnly: true + readAuthorizerCredential: + description: >- + Required. A GitLab personal access token with the minimum `read_api` + scope access and a minimum role of `reporter`. The GitLab Projects + visible to this Personal Access Token will control which Projects + Developer Connect has access to. + $ref: '#/components/schemas/UserCredential' + ServiceDirectoryConfig: + properties: + service: type: string - AppHubWorkload: - id: AppHubWorkload - description: AppHubWorkload represents the App Hub Workload. + description: >- + Required. The Service Directory service name. Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}. + description: >- + ServiceDirectoryConfig represents Service Directory configuration for a + connection. + id: ServiceDirectoryConfig + type: object + Connection: type: object properties: - workload: + name: + type: string description: >- - Required. Output only. Immutable. The name of the App Hub Workload. - Format: - `projects/{project}/locations/{location}/applications/{application}/workloads/{workload}`. + Identifier. The resource name of the connection, in the format + `projects/{project}/locations/{location}/connections/{connection_id}`. + annotations: + additionalProperties: + type: string + description: Optional. Allows clients to store small amounts of arbitrary data. + type: object + updateTime: + description: Output only. [Output only] Update timestamp readOnly: true + format: google-datetime type: string - criticality: - description: Output only. The criticality of the App Hub Workload. + githubEnterpriseConfig: + description: Configuration for connections to an instance of GitHub Enterprise. + $ref: '#/components/schemas/GitHubEnterpriseConfig' + bitbucketCloudConfig: + $ref: '#/components/schemas/BitbucketCloudConfig' + description: Configuration for connections to an instance of Bitbucket Clouds. + githubConfig: + description: Configuration for connections to github.com. + $ref: '#/components/schemas/GitHubConfig' + installationState: readOnly: true - type: string - environment: - description: Output only. The environment of the App Hub Workload. + description: Output only. Installation state of the Connection. + $ref: '#/components/schemas/InstallationState' + deleteTime: readOnly: true type: string - ArtifactConfig: - id: ArtifactConfig - description: The artifact config of the artifact that is deployed. - type: object - properties: - googleArtifactRegistry: - description: Optional. Set if the artifact is stored in Artifact registry. - $ref: '#/components/schemas/GoogleArtifactRegistry' - googleArtifactAnalysis: - description: >- - Optional. Set if the artifact metadata is stored in Artifact - analysis. - $ref: '#/components/schemas/GoogleArtifactAnalysis' - uri: + format: google-datetime + description: Output only. [Output only] Delete timestamp + gitProxyConfig: description: >- - Required. Immutable. The URI of the artifact that is deployed. e.g. - `us-docker.pkg.dev/my-project/my-repo/image`. The URI does not - include the tag / digest because it captures a lineage of artifacts. - type: string - GoogleArtifactRegistry: - id: GoogleArtifactRegistry - description: Google Artifact Registry configurations. - type: object - properties: - projectId: - description: Required. The host project of Artifact Registry. + Optional. Configuration for the git proxy feature. Enabling the git + proxy allows clients to perform git operations on the repositories + linked in the connection. + $ref: '#/components/schemas/GitProxyConfig' + createTime: type: string - artifactRegistryPackage: - description: Required. Immutable. The name of the artifact registry package. + description: Output only. [Output only] Create timestamp + format: google-datetime + readOnly: true + reconciling: + type: boolean + readOnly: true + description: >- + Output only. Set to true when the connection is being set up or + updated in the background. + gitlabEnterpriseConfig: + $ref: '#/components/schemas/GitLabEnterpriseConfig' + description: Configuration for connections to an instance of GitLab Enterprise. + bitbucketDataCenterConfig: + description: >- + Configuration for connections to an instance of Bitbucket Data + Center. + $ref: '#/components/schemas/BitbucketDataCenterConfig' + cryptoKeyConfig: + description: >- + Optional. The crypto key configuration. This field is used by the + Customer-Managed Encryption Keys (CMEK) feature. + $ref: '#/components/schemas/CryptoKeyConfig' + etag: type: string - GoogleArtifactAnalysis: - id: GoogleArtifactAnalysis - description: Google Artifact Analysis configurations. - type: object - properties: - projectId: description: >- - Required. The project id of the project where the provenance is - stored. + Optional. This checksum is computed by the server based on the value + of other fields, and may be sent on update and delete requests to + ensure the client has an up-to-date value before proceeding. + labels: + type: object + additionalProperties: + type: string + description: Optional. Labels as key value pairs + disabled: + description: >- + Optional. If disabled is set to true, functionality is disabled for + this connection. Repository based API methods and webhooks + processing for repositories in this connection will be disabled. + type: boolean + uid: type: string - ProcessGitHubEnterpriseWebhookRequest: - id: ProcessGitHubEnterpriseWebhookRequest - description: >- - RPC request object accepted by the ProcessGitHubEnterpriseWebhook RPC - method. - type: object - properties: - body: - description: Required. HTTP request body. - $ref: '#/components/schemas/HttpBody' - HttpBody: - id: HttpBody - description: >- - Message that represents an arbitrary HTTP body. It should only be used - for payload formats that can't be represented as JSON, such as raw - binary or an HTML page. This message can be used both in streaming and - non-streaming API methods in the request as well as the response. It can - be used as a top-level request field, which is convenient if one wants - to extract parameters from either the URL or HTTP template into the - request fields and also want access to the raw HTTP body. Example: - message GetResourceRequest { // A unique request id. string request_id = - 1; // The raw HTTP body is bound to this field. google.api.HttpBody - http_body = 2; } service ResourceService { rpc - GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc - UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } - Example with streaming methods: service CaldavService { rpc - GetCalendar(stream google.api.HttpBody) returns (stream - google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) - returns (stream google.api.HttpBody); } Use of this type only changes - how the request and response bodies are handled, all other features will - continue to work unchanged. + description: Output only. A system-assigned unique identifier for the Connection. + readOnly: true + gitlabConfig: + description: Configuration for connections to gitlab.com. + $ref: '#/components/schemas/GitLabConfig' + description: Message describing Connection object + id: Connection + GitRepositoryLink: + id: GitRepositoryLink type: object + description: Message describing the GitRepositoryLink object properties: - contentType: + labels: + additionalProperties: + type: string + type: object + description: Optional. Labels as key value pairs + webhookId: + description: Output only. External ID of the webhook created for the repository. + readOnly: true + type: string + annotations: + additionalProperties: + type: string + description: Optional. Allows clients to store small amounts of arbitrary data. + type: object + gitProxyUri: description: >- - The HTTP Content-Type header value specifying the content type of - the body. + Output only. URI to access the linked repository through the Git + Proxy. This field is only populated if the git proxy is enabled for + the connection. type: string - data: - description: The HTTP request/response body as raw binary. + readOnly: true + uid: type: string - format: byte - extensions: description: >- - Application specific response metadata. Must be set in the first - response for streaming APIs. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ProcessGitLabEnterpriseWebhookRequest: - id: ProcessGitLabEnterpriseWebhookRequest - description: >- - RPC request object accepted by the ProcessGitLabEnterpriseWebhook RPC - method. - type: object - properties: - body: - description: Required. HTTP request body. - $ref: '#/components/schemas/HttpBody' - ProcessGitLabWebhookRequest: - id: ProcessGitLabWebhookRequest - description: RPC request object accepted by the ProcessGitLabWebhook RPC method. - type: object - properties: - body: - description: Required. HTTP request body. - $ref: '#/components/schemas/HttpBody' - ProcessBitbucketDataCenterWebhookRequest: - id: ProcessBitbucketDataCenterWebhookRequest - description: >- - RPC request object accepted by the ProcessBitbucketDataCenterWebhook RPC - method. - type: object - properties: - body: - description: Required. HTTP request body. - $ref: '#/components/schemas/HttpBody' - ProcessBitbucketCloudWebhookRequest: - id: ProcessBitbucketCloudWebhookRequest - description: >- - RPC request object accepted by the ProcessBitbucketCloudWebhook RPC - method. - type: object - properties: - body: - description: Required. HTTP request body. - $ref: '#/components/schemas/HttpBody' - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object - properties: - locations: + Output only. A system-assigned unique identifier for the + GitRepositoryLink. + readOnly: true + reconciling: + readOnly: true + type: boolean description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: - name: + Output only. Set to true when the connection is being set up or + updated in the background. + etag: description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + Optional. This checksum is computed by the server based on the value + of other fields, and may be sent on update and delete requests to + ensure the client has an up-to-date value before proceeding. type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + createTime: type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + format: google-datetime + readOnly: true + description: Output only. [Output only] Create timestamp + deleteTime: + readOnly: true + type: string + description: Output only. [Output only] Delete timestamp + format: google-datetime + updateTime: + description: Output only. [Output only] Update timestamp + readOnly: true + format: google-datetime + type: string + cloneUri: + type: string + description: Required. Git Clone URI. + name: type: string - labels: description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string + Identifier. Resource name of the repository, in the format + `projects/*/locations/*/connections/*/gitRepositoryLinks/*`. + Operation: + type: object + properties: metadata: description: >- - Service-specific metadata. For example the available capacity at the - given location. + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + response: + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. - type: object + type: object + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + description: >- + This resource represents a long-running operation that is the result of + a network API call. + id: Operation + AppHubWorkload: properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + criticality: + description: Output only. The criticality of the App Hub Workload. type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. readOnly: true + environment: type: string - format: google-datetime - target: + readOnly: true + description: Output only. The environment of the App Hub Workload. + workload: description: >- - Output only. Server-defined resource path for the target of the - operation. + Required. Output only. Immutable. The name of the App Hub Workload. + Format: + `projects/{project}/locations/{location}/applications/{application}/workloads/{workload}`. readOnly: true type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true + type: object + description: AppHubWorkload represents the App Hub Workload. + id: AppHubWorkload + Empty: + id: Empty + type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + properties: {} + BitbucketCloudConfig: + id: BitbucketCloudConfig + properties: + workspace: + description: >- + Required. The Bitbucket Cloud Workspace ID to be connected to Google + Cloud Platform. type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true + webhookSecretSecretVersion: type: string - requestedCancellation: description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been cancelled successfully - have google.longrunning.Operation.error value with a - google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + Required. Immutable. SecretManager resource containing the webhook + secret used to verify webhook events, formatted as + `projects/*/secrets/*/versions/*` or + `projects/*/locations/*/secrets/*/versions/*` (if regional secrets + are supported in that location). This is used to validate and create + webhooks. + authorizerCredential: + description: >- + Required. An access token with the minimum `repository`, + `pullrequest` and `webhook` scope access. It can either be a + workspace, project or repository access token. This is needed to + create webhooks. It's recommended to use a system account to + generate these credentials. + $ref: '#/components/schemas/UserCredential' + readAuthorizerCredential: + $ref: '#/components/schemas/UserCredential' + description: >- + Required. An access token with the minimum `repository` access. It + can either be a workspace, project or repository access token. It's + recommended to use a system account to generate the credentials. + description: Configuration for connections to an instance of Bitbucket Cloud. + type: object + ProviderOAuthConfig: + description: ProviderOAuthConfig is the OAuth config for a provider. + properties: + scopes: + description: >- + Required. User selected scopes to apply to the Oauth config In the + event of changing scopes, user records under AccountConnector will + be deleted and users will re-auth again. + items: + type: string + type: array + systemProviderId: type: string + enum: + - SYSTEM_PROVIDER_UNSPECIFIED + - GITHUB + - GITLAB + - GOOGLE + - SENTRY + - ROVO + - NEW_RELIC + - DATASTAX + - DYNATRACE + description: Immutable. Developer Connect provided OAuth. + enumDescriptions: + - No system provider specified. + - >- + GitHub provider. Scopes can be found at + https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps#available-scopes + - >- + GitLab provider. Scopes can be found at + https://docs.gitlab.com/user/profile/personal_access_tokens/#personal-access-token-scopes + - >- + Google provider. Recommended scopes: + "https://www.googleapis.com/auth/drive.readonly", + "https://www.googleapis.com/auth/documents.readonly" + - >- + Sentry provider. Scopes can be found at + https://docs.sentry.io/api/permissions/ + - Rovo provider. Must select the "rovo" scope. + - New Relic provider. No scopes are allowed. + - Datastax provider. No scopes are allowed. + - Dynatrace provider. + id: ProviderOAuthConfig + type: object parameters: - access_token: - description: OAuth access token. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: access_token + name: upload_protocol + schema: + type: string + callback: + description: JSONP + in: query + name: callback schema: type: string alt: @@ -1412,16 +1479,13 @@ components: - json - media - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: fields + name: quotaUser schema: type: string key: @@ -1430,34 +1494,19 @@ components: access, quota, and reports. Required unless you provide an OAuth 2.0 token. in: query - name: key - schema: - type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser + name: key schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: upload_protocol + name: prettyPrint + schema: + type: boolean + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields schema: type: string uploadType: @@ -1475,25 +1524,37 @@ components: enum: - '1' - '2' + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string x-stackQL-resources: locations: id: google.developerconnect.locations name: locations title: Locations methods: - list: + get: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.locations - get: + list: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.locations sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/locations/methods/get' @@ -1507,14 +1568,6 @@ components: name: operations title: Operations methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations get: operation: $ref: >- @@ -1536,6 +1589,14 @@ components: response: mediaType: application/json openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/operations/methods/get' @@ -1545,235 +1606,235 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - connections: - id: google.developerconnect.connections - name: connections - title: Connections + git_repository_links_git_refs: + id: google.developerconnect.git_repository_links_git_refs + name: git_repository_links_git_refs + title: Git_repository_links_git_refs + methods: + fetch_git_refs: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}:fetchGitRefs/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/git_repository_links_git_refs/methods/fetch_git_refs + insert: [] + update: [] + replace: [] + delete: [] + git_repository_links: + id: google.developerconnect.git_repository_links + name: git_repository_links + title: Git_repository_links methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.connections + objectKey: $.unreachable create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks/post response: mediaType: application/json openAPIDocKey: '200' - get: + processgitlab_webhook: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}:processGitLabWebhook/post response: mediaType: application/json openAPIDocKey: '200' - patch: + processgitlab_enterprise_webhook: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}:processGitLabEnterpriseWebhook/post + response: + mediaType: application/json + openAPIDocKey: '200' + process_bitbucket_data_center_webhook: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}:processBitbucketDataCenterWebhook/post + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}/get response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}/delete response: mediaType: application/json openAPIDocKey: '200' - processgithub_enterprise_webhook: + process_bitbucket_cloud_webhook: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections:processGitHubEnterpriseWebhook/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}:processBitbucketCloudWebhook/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/connections/methods/get' - - $ref: '#/components/x-stackQL-resources/connections/methods/list' + - $ref: '#/components/x-stackQL-resources/git_repository_links/methods/get' + - $ref: '#/components/x-stackQL-resources/git_repository_links/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/connections/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/connections/methods/patch' + - $ref: >- + #/components/x-stackQL-resources/git_repository_links/methods/create + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/connections/methods/delete' - linkable_git_repositories: - id: google.developerconnect.linkable_git_repositories - name: linkable_git_repositories - title: Linkable_git_repositories + - $ref: >- + #/components/x-stackQL-resources/git_repository_links/methods/delete + git_repository_links_read_token: + id: google.developerconnect.git_repository_links_read_token + name: git_repository_links_read_token + title: Git_repository_links_read_token methods: - fetch_linkable_git_repositories: + fetch_read_token: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:fetchLinkableGitRepositories/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}:fetchReadToken/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/linkable_git_repositories/methods/fetch_linkable_git_repositories + #/components/x-stackQL-resources/git_repository_links_read_token/methods/fetch_read_token insert: [] update: [] replace: [] delete: [] - github_installations: - id: google.developerconnect.github_installations - name: github_installations - title: Github_installations + git_repository_links_read_write_token: + id: google.developerconnect.git_repository_links_read_write_token + name: git_repository_links_read_write_token + title: Git_repository_links_read_write_token methods: - fetchgithub_installations: + fetch_read_write_token: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:fetchGitHubInstallations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}:fetchReadWriteToken/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/github_installations/methods/fetchgithub_installations + #/components/x-stackQL-resources/git_repository_links_read_write_token/methods/fetch_read_write_token insert: [] update: [] replace: [] delete: [] - git_repository_links: - id: google.developerconnect.git_repository_links - name: git_repository_links - title: Git_repository_links + connections: + id: google.developerconnect.connections + name: connections + title: Connections methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.gitRepositoryLinks - delete: + processgithub_enterprise_webhook: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections:processGitHubEnterpriseWebhook/post response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}/get response: mediaType: application/json openAPIDocKey: '200' - processgitlab_enterprise_webhook: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}:processGitLabEnterpriseWebhook/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - processgitlab_webhook: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}:processGitLabWebhook/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - process_bitbucket_data_center_webhook: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}:processBitbucketDataCenterWebhook/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections/post response: mediaType: application/json openAPIDocKey: '200' - process_bitbucket_cloud_webhook: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}:processBitbucketCloudWebhook/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/git_repository_links/methods/get' - - $ref: '#/components/x-stackQL-resources/git_repository_links/methods/list' + - $ref: '#/components/x-stackQL-resources/connections/methods/get' + - $ref: '#/components/x-stackQL-resources/connections/methods/list' insert: - - $ref: >- - #/components/x-stackQL-resources/git_repository_links/methods/create - update: [] + - $ref: '#/components/x-stackQL-resources/connections/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/connections/methods/patch' replace: [] delete: - - $ref: >- - #/components/x-stackQL-resources/git_repository_links/methods/delete - git_repository_links_read_write_token: - id: google.developerconnect.git_repository_links_read_write_token - name: git_repository_links_read_write_token - title: Git_repository_links_read_write_token - methods: - fetch_read_write_token: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}:fetchReadWriteToken/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/git_repository_links_read_write_token/methods/fetch_read_write_token - insert: [] - update: [] - replace: [] - delete: [] - git_repository_links_read_token: - id: google.developerconnect.git_repository_links_read_token - name: git_repository_links_read_token - title: Git_repository_links_read_token + - $ref: '#/components/x-stackQL-resources/connections/methods/delete' + github_installations: + id: google.developerconnect.github_installations + name: github_installations + title: Github_installations methods: - fetch_read_token: + fetchgithub_installations: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}:fetchReadToken/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:fetchGitHubInstallations/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/git_repository_links_read_token/methods/fetch_read_token + #/components/x-stackQL-resources/github_installations/methods/fetchgithub_installations insert: [] update: [] replace: [] delete: [] - git_repository_links_git_refs: - id: google.developerconnect.git_repository_links_git_refs - name: git_repository_links_git_refs - title: Git_repository_links_git_refs + linkable_git_repositories: + id: google.developerconnect.linkable_git_repositories + name: linkable_git_repositories + title: Linkable_git_repositories methods: - fetch_git_refs: + fetch_linkable_git_repositories: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1gitRepositoryLinks~1{gitRepositoryLinksId}:fetchGitRefs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}:fetchLinkableGitRepositories/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/git_repository_links_git_refs/methods/fetch_git_refs + #/components/x-stackQL-resources/linkable_git_repositories/methods/fetch_linkable_git_repositories insert: [] update: [] replace: [] @@ -1783,18 +1844,17 @@ components: name: account_connectors title: Account_connectors methods: - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1accountConnectors/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1accountConnectors~1{accountConnectorsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.accountConnectors - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1accountConnectors/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1accountConnectors~1{accountConnectorsId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -1805,17 +1865,18 @@ components: response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1accountConnectors~1{accountConnectorsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1accountConnectors/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.unreachable + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1accountConnectors~1{accountConnectorsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1accountConnectors/post response: mediaType: application/json openAPIDocKey: '200' @@ -1830,26 +1891,33 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/account_connectors/methods/delete' - users_access_token: - id: google.developerconnect.users_access_token - name: users_access_token - title: Users_access_token + users_self: + id: google.developerconnect.users_self + name: users_self + title: Users_self methods: - fetch_access_token: + fetch_self: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1accountConnectors~1{accountConnectorsId}~1users:fetchAccessToken/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1accountConnectors~1{accountConnectorsId}~1users:fetchSelf/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete_self: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1accountConnectors~1{accountConnectorsId}~1users:deleteSelf/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/users_access_token/methods/fetch_access_token + - $ref: '#/components/x-stackQL-resources/users_self/methods/fetch_self' insert: [] update: [] replace: [] - delete: [] + delete: + - $ref: '#/components/x-stackQL-resources/users_self/methods/delete_self' users: id: google.developerconnect.users name: users @@ -1878,57 +1946,50 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/users/methods/delete' - users_self: - id: google.developerconnect.users_self - name: users_self - title: Users_self + users_access_token: + id: google.developerconnect.users_access_token + name: users_access_token + title: Users_access_token methods: - fetch_self: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1accountConnectors~1{accountConnectorsId}~1users:fetchSelf/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete_self: + fetch_access_token: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1accountConnectors~1{accountConnectorsId}~1users:deleteSelf/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1accountConnectors~1{accountConnectorsId}~1users:fetchAccessToken/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/users_self/methods/fetch_self' + - $ref: >- + #/components/x-stackQL-resources/users_access_token/methods/fetch_access_token insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/users_self/methods/delete_self' + delete: [] insights_configs: id: google.developerconnect.insights_configs name: insights_configs title: Insights_configs methods: - list: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1insightsConfigs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1insightsConfigs/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.insightsConfigs - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1insightsConfigs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1insightsConfigs/get response: mediaType: application/json openAPIDocKey: '200' - get: + objectKey: $.unreachable + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1insightsConfigs~1{insightsConfigsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1insightsConfigs~1{insightsConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -1939,10 +2000,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1insightsConfigs~1{insightsConfigsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1insightsConfigs~1{insightsConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -1958,59 +2019,19 @@ components: delete: - $ref: '#/components/x-stackQL-resources/insights_configs/methods/delete' paths: - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' - get: - description: Lists information about the supported locations for this service. - operationId: developerconnect.projects.locations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListLocationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/access_token' get: description: Gets information about a location. operationId: developerconnect.projects.locations.get @@ -2037,13 +2058,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + /v1/projects/{projectsId}/locations: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: developerconnect.projects.locations.operations.list + description: Lists information about the supported locations for this service. + operationId: developerconnect.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2055,20 +2074,19 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: filter + name: extraLocationTypes schema: type: string - in: query @@ -2077,7 +2095,7 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: @@ -2198,11 +2216,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 get: - description: Lists Connections in a given project and location. - operationId: developerconnect.projects.locations.connections.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: developerconnect.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2214,7 +2234,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListConnectionsResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -2226,31 +2246,29 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: returnPartialSuccess schema: - type: string + type: boolean - in: query name: filter schema: type: string - - in: query - name: orderBy - schema: - type: string - post: - description: Creates a new Connection in a given project and location. - operationId: developerconnect.projects.locations.connections.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Connection' + /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks/{gitRepositoryLinksId}:fetchGitRefs: + parameters: *ref_1 + get: + description: Fetch the list of branches or tags for a given repository. + operationId: >- + developerconnect.projects.locations.connections.gitRepositoryLinks.fetchGitRefs security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2262,7 +2280,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/FetchGitRefsResponse' parameters: - in: path name: projectsId @@ -2274,59 +2292,34 @@ paths: required: true schema: type: string - - in: query - name: connectionId - schema: - type: string - - in: query - name: requestId - schema: - type: string - - in: query - name: validateOnly - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}: - parameters: *ref_1 - get: - description: Gets details of a single Connection. - operationId: developerconnect.projects.locations.connections.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Connection' - parameters: - in: path - name: projectsId + name: connectionsId required: true schema: type: string - in: path - name: locationsId + name: gitRepositoryLinksId required: true schema: type: string - - in: path - name: connectionsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - patch: - description: Updates the parameters of a single Connection. - operationId: developerconnect.projects.locations.connections.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Connection' + - in: query + name: refType + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks: + parameters: *ref_1 + get: + description: Lists GitRepositoryLinks in a given project, location, and connection. + operationId: developerconnect.projects.locations.connections.gitRepositoryLinks.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2338,7 +2331,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListGitRepositoryLinksResponse' parameters: - in: path name: projectsId @@ -2356,25 +2349,38 @@ paths: schema: type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - in: query - name: requestId + name: filter schema: type: string - in: query - name: allowMissing + name: orderBy schema: - type: boolean + type: string - in: query - name: validateOnly + name: pageSize schema: - type: boolean - delete: - description: Deletes a single Connection. - operationId: developerconnect.projects.locations.connections.delete + type: integer + format: int32 + post: + description: >- + Creates a GitRepositoryLink. Upon linking a Git Repository, Developer + Connect will configure the Git Repository to send webhook events to + Developer Connect. Connections that use Firebase GitHub Application will + have events forwarded to the Firebase service. Connections that use + Gemini Code Assist will have events forwarded to Gemini Code Assist + service. All other Connections will have events forwarded to Cloud + Build. + operationId: >- + developerconnect.projects.locations.connections.gitRepositoryLinks.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GitRepositoryLink' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2403,38 +2409,37 @@ paths: required: true schema: type: string - - in: query - name: requestId - schema: - type: string - in: query name: validateOnly schema: type: boolean - in: query - name: etag + name: gitRepositoryLinkId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:fetchLinkableGitRepositories: + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks/{gitRepositoryLinksId}:processGitLabWebhook: parameters: *ref_1 - get: - description: >- - FetchLinkableGitRepositories returns a list of git repositories from an - SCM that are available to be added to a Connection. + post: + description: ProcessGitLabWebhook is called by the GitLab.com for notifying events. operationId: >- - developerconnect.projects.locations.connections.fetchLinkableGitRepositories - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + developerconnect.projects.locations.connections.gitRepositoryLinks.processGitLabWebhook + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ProcessGitLabWebhookRequest' + security: [] responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/FetchLinkableGitRepositoriesResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2451,36 +2456,32 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: gitRepositoryLinksId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:fetchGitHubInstallations: + /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks/{gitRepositoryLinksId}:processGitLabEnterpriseWebhook: parameters: *ref_1 - get: + post: description: >- - FetchGitHubInstallations returns the list of GitHub Installations that - are available to be added to a Connection. For github.com, only - installations accessible to the authorizer token are returned. For - GitHub Enterprise, all installations are returned. - operationId: developerconnect.projects.locations.connections.fetchGitHubInstallations - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + ProcessGitLabEnterpriseWebhook is called by the external GitLab + Enterprise instances for notifying events. + operationId: >- + developerconnect.projects.locations.connections.gitRepositoryLinks.processGitLabEnterpriseWebhook + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ProcessGitLabEnterpriseWebhookRequest' + security: [] responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/FetchGitHubInstallationsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2497,19 +2498,24 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections:processGitHubEnterpriseWebhook: + - in: path + name: gitRepositoryLinksId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks/{gitRepositoryLinksId}:processBitbucketDataCenterWebhook: parameters: *ref_1 post: description: >- - ProcessGitHubEnterpriseWebhook is called by the external GitHub - Enterprise instances for notifying events. + ProcessBitbucketDataCenterWebhook is called by the external Bitbucket + Data Center instances for notifying events. operationId: >- - developerconnect.projects.locations.connections.processGitHubEnterpriseWebhook + developerconnect.projects.locations.connections.gitRepositoryLinks.processBitbucketDataCenterWebhook requestBody: content: application/json: schema: - $ref: '#/components/schemas/ProcessGitHubEnterpriseWebhookRequest' + $ref: '#/components/schemas/ProcessBitbucketDataCenterWebhookRequest' security: [] responses: '200': @@ -2529,22 +2535,27 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks: + - in: path + name: connectionsId + required: true + schema: + type: string + - in: path + name: gitRepositoryLinksId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks/{gitRepositoryLinksId}:fetchReadToken: parameters: *ref_1 post: - description: >- - Creates a GitRepositoryLink. Upon linking a Git Repository, Developer - Connect will configure the Git Repository to send webhook events to - Developer Connect. Connections that use Firebase GitHub Application will - have events forwarded to the Firebase service. All other Connections - will have events forwarded to Cloud Build. + description: Fetches read token of a given gitRepositoryLink. operationId: >- - developerconnect.projects.locations.connections.gitRepositoryLinks.create + developerconnect.projects.locations.connections.gitRepositoryLinks.fetchReadToken requestBody: content: application/json: schema: - $ref: '#/components/schemas/GitRepositoryLink' + $ref: '#/components/schemas/FetchReadTokenRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2556,7 +2567,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/FetchReadTokenResponse' parameters: - in: path name: projectsId @@ -2573,21 +2584,16 @@ paths: required: true schema: type: string - - in: query - name: gitRepositoryLinkId - schema: - type: string - - in: query - name: requestId + - in: path + name: gitRepositoryLinksId + required: true schema: type: string - - in: query - name: validateOnly - schema: - type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks/{gitRepositoryLinksId}: + parameters: *ref_1 get: - description: Lists GitRepositoryLinks in a given project, location, and connection. - operationId: developerconnect.projects.locations.connections.gitRepositoryLinks.list + description: Gets details of a single GitRepositoryLink. + operationId: developerconnect.projects.locations.connections.gitRepositoryLinks.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2599,7 +2605,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListGitRepositoryLinksResponse' + $ref: '#/components/schemas/GitRepositoryLink' parameters: - in: path name: projectsId @@ -2616,25 +2622,11 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: gitRepositoryLinksId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks/{gitRepositoryLinksId}: - parameters: *ref_1 delete: description: Deletes a single GitRepositoryLink. operationId: >- @@ -2684,9 +2676,59 @@ paths: name: etag schema: type: string - get: - description: Gets details of a single GitRepositoryLink. - operationId: developerconnect.projects.locations.connections.gitRepositoryLinks.get + /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks/{gitRepositoryLinksId}:processBitbucketCloudWebhook: + parameters: *ref_1 + post: + description: >- + ProcessBitbucketCloudWebhook is called by the external Bitbucket Cloud + instances for notifying events. + operationId: >- + developerconnect.projects.locations.connections.gitRepositoryLinks.processBitbucketCloudWebhook + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ProcessBitbucketCloudWebhookRequest' + security: [] + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: connectionsId + required: true + schema: + type: string + - in: path + name: gitRepositoryLinksId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks/{gitRepositoryLinksId}:fetchReadWriteToken: + parameters: *ref_1 + post: + description: Fetches read/write token of a given gitRepositoryLink. + operationId: >- + developerconnect.projects.locations.connections.gitRepositoryLinks.fetchReadWriteToken + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FetchReadWriteTokenRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2698,7 +2740,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GitRepositoryLink' + $ref: '#/components/schemas/FetchReadWriteTokenResponse' parameters: - in: path name: projectsId @@ -2720,17 +2762,47 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks/{gitRepositoryLinksId}:fetchReadWriteToken: + /v1/projects/{projectsId}/locations/{locationsId}/connections:processGitHubEnterpriseWebhook: parameters: *ref_1 post: - description: Fetches read/write token of a given gitRepositoryLink. + description: >- + ProcessGitHubEnterpriseWebhook is called by the external GitHub + Enterprise instances for notifying events. operationId: >- - developerconnect.projects.locations.connections.gitRepositoryLinks.fetchReadWriteToken + developerconnect.projects.locations.connections.processGitHubEnterpriseWebhook requestBody: content: application/json: schema: - $ref: '#/components/schemas/FetchReadWriteTokenRequest' + $ref: '#/components/schemas/ProcessGitHubEnterpriseWebhookRequest' + security: [] + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:fetchGitHubInstallations: + parameters: *ref_1 + get: + description: >- + FetchGitHubInstallations returns the list of GitHub Installations that + are available to be added to a Connection. For github.com, only + installations accessible to the authorizer token are returned. For + GitHub Enterprise, all installations are returned. + operationId: developerconnect.projects.locations.connections.fetchGitHubInstallations security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2742,7 +2814,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchReadWriteTokenResponse' + $ref: '#/components/schemas/FetchGitHubInstallationsResponse' parameters: - in: path name: projectsId @@ -2759,22 +2831,11 @@ paths: required: true schema: type: string - - in: path - name: gitRepositoryLinksId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks/{gitRepositoryLinksId}:fetchReadToken: + /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}: parameters: *ref_1 - post: - description: Fetches read token of a given gitRepositoryLink. - operationId: >- - developerconnect.projects.locations.connections.gitRepositoryLinks.fetchReadToken - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/FetchReadTokenRequest' + get: + description: Gets details of a single Connection. + operationId: developerconnect.projects.locations.connections.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2786,7 +2847,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchReadTokenResponse' + $ref: '#/components/schemas/Connection' parameters: - in: path name: projectsId @@ -2803,17 +2864,9 @@ paths: required: true schema: type: string - - in: path - name: gitRepositoryLinksId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks/{gitRepositoryLinksId}:fetchGitRefs: - parameters: *ref_1 - get: - description: Fetch the list of branches or tags for a given repository. - operationId: >- - developerconnect.projects.locations.connections.gitRepositoryLinks.fetchGitRefs + delete: + description: Deletes a single Connection. + operationId: developerconnect.projects.locations.connections.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2825,7 +2878,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchGitRefsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2842,45 +2895,38 @@ paths: required: true schema: type: string - - in: path - name: gitRepositoryLinksId - required: true - schema: - type: string - in: query - name: refType + name: etag schema: type: string - in: query - name: pageSize + name: validateOnly schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks/{gitRepositoryLinksId}:processGitLabEnterpriseWebhook: - parameters: *ref_1 - post: - description: >- - ProcessGitLabEnterpriseWebhook is called by the external GitLab - Enterprise instances for notifying events. - operationId: >- - developerconnect.projects.locations.connections.gitRepositoryLinks.processGitLabEnterpriseWebhook + patch: + description: Updates the parameters of a single Connection. + operationId: developerconnect.projects.locations.connections.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/ProcessGitLabEnterpriseWebhookRequest' - security: [] + $ref: '#/components/schemas/Connection' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2897,30 +2943,45 @@ paths: required: true schema: type: string - - in: path - name: gitRepositoryLinksId - required: true + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: allowMissing + schema: + type: boolean + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks/{gitRepositoryLinksId}:processGitLabWebhook: + format: google-fieldmask + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/connections: parameters: *ref_1 post: - description: ProcessGitLabWebhook is called by the GitLab.com for notifying events. - operationId: >- - developerconnect.projects.locations.connections.gitRepositoryLinks.processGitLabWebhook + description: Creates a new Connection in a given project and location. + operationId: developerconnect.projects.locations.connections.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/ProcessGitLabWebhookRequest' - security: [] + $ref: '#/components/schemas/Connection' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2932,37 +2993,33 @@ paths: required: true schema: type: string - - in: path - name: connectionsId - required: true + - in: query + name: requestId schema: type: string - - in: path - name: gitRepositoryLinksId - required: true + - in: query + name: connectionId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks/{gitRepositoryLinksId}:processBitbucketDataCenterWebhook: - parameters: *ref_1 - post: - description: >- - ProcessBitbucketDataCenterWebhook is called by the external Bitbucket - Data Center instances for notifying events. - operationId: >- - developerconnect.projects.locations.connections.gitRepositoryLinks.processBitbucketDataCenterWebhook - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ProcessBitbucketDataCenterWebhookRequest' - security: [] + - in: query + name: validateOnly + schema: + type: boolean + get: + description: Lists Connections in a given project and location. + operationId: developerconnect.projects.locations.connections.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListConnectionsResponse' parameters: - in: path name: projectsId @@ -2974,37 +3031,43 @@ paths: required: true schema: type: string - - in: path - name: connectionsId - required: true + - in: query + name: orderBy schema: type: string - - in: path - name: gitRepositoryLinksId - required: true + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/gitRepositoryLinks/{gitRepositoryLinksId}:processBitbucketCloudWebhook: + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}:fetchLinkableGitRepositories: parameters: *ref_1 - post: + get: description: >- - ProcessBitbucketCloudWebhook is called by the external Bitbucket Cloud - instances for notifying events. + FetchLinkableGitRepositories returns a list of git repositories from an + SCM that are available to be added to a Connection. operationId: >- - developerconnect.projects.locations.connections.gitRepositoryLinks.processBitbucketCloudWebhook - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ProcessBitbucketCloudWebhookRequest' - security: [] + developerconnect.projects.locations.connections.fetchLinkableGitRepositories + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/FetchLinkableGitRepositoriesResponse' parameters: - in: path name: projectsId @@ -3021,16 +3084,20 @@ paths: required: true schema: type: string - - in: path - name: gitRepositoryLinksId - required: true + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/accountConnectors: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/accountConnectors/{accountConnectorsId}: parameters: *ref_1 - get: - description: Lists AccountConnectors in a given project and location. - operationId: developerconnect.projects.locations.accountConnectors.list + delete: + description: Deletes a single AccountConnector. + operationId: developerconnect.projects.locations.accountConnectors.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3042,7 +3109,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAccountConnectorsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3054,26 +3121,30 @@ paths: required: true schema: type: string + - in: path + name: accountConnectorsId + required: true + schema: + type: string - in: query - name: pageSize + name: force schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: validateOnly schema: - type: string + type: boolean - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: etag schema: type: string - post: - description: Creates a new AccountConnector in a given project and location. - operationId: developerconnect.projects.locations.accountConnectors.create + patch: + description: Updates the parameters of a single AccountConnector. + operationId: developerconnect.projects.locations.accountConnectors.patch requestBody: content: application/json: @@ -3102,20 +3173,28 @@ paths: required: true schema: type: string + - in: path + name: accountConnectorsId + required: true + schema: + type: string - in: query - name: accountConnectorId + name: updateMask schema: type: string + format: google-fieldmask - in: query - name: requestId + name: allowMissing schema: - type: string + type: boolean - in: query name: validateOnly schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/accountConnectors/{accountConnectorsId}: - parameters: *ref_1 + - in: query + name: requestId + schema: + type: string get: description: Gets details of a single AccountConnector. operationId: developerconnect.projects.locations.accountConnectors.get @@ -3147,14 +3226,11 @@ paths: required: true schema: type: string - patch: - description: Updates the parameters of a single AccountConnector. - operationId: developerconnect.projects.locations.accountConnectors.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AccountConnector' + /v1/projects/{projectsId}/locations/{locationsId}/accountConnectors: + parameters: *ref_1 + get: + description: Lists AccountConnectors in a given project and location. + operationId: developerconnect.projects.locations.accountConnectors.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3166,7 +3242,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListAccountConnectorsResponse' parameters: - in: path name: projectsId @@ -3178,31 +3254,31 @@ paths: required: true schema: type: string - - in: path - name: accountConnectorsId - required: true - schema: - type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - in: query - name: requestId + name: orderBy schema: type: string - in: query - name: allowMissing + name: pageSize schema: - type: boolean + type: integer + format: int32 - in: query - name: validateOnly + name: filter schema: - type: boolean - delete: - description: Deletes a single AccountConnector. - operationId: developerconnect.projects.locations.accountConnectors.delete + type: string + post: + description: Creates a new AccountConnector in a given project and location. + operationId: developerconnect.projects.locations.accountConnectors.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AccountConnector' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3226,9 +3302,8 @@ paths: required: true schema: type: string - - in: path - name: accountConnectorsId - required: true + - in: query + name: accountConnectorId schema: type: string - in: query @@ -3239,25 +3314,11 @@ paths: name: validateOnly schema: type: boolean - - in: query - name: etag - schema: - type: string - - in: query - name: force - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/accountConnectors/{accountConnectorsId}/users:fetchAccessToken: + /v1/projects/{projectsId}/locations/{locationsId}/accountConnectors/{accountConnectorsId}/users:fetchSelf: parameters: *ref_1 - post: - description: Fetches OAuth access token based on end user credentials. - operationId: >- - developerconnect.projects.locations.accountConnectors.users.fetchAccessToken - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/FetchAccessTokenRequest' + get: + description: Fetch the User based on the user credentials. + operationId: developerconnect.projects.locations.accountConnectors.users.fetchSelf security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3269,7 +3330,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchAccessTokenResponse' + $ref: '#/components/schemas/User' parameters: - in: path name: projectsId @@ -3319,28 +3380,28 @@ paths: required: true schema: type: string + - in: query + name: filter + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: orderBy schema: type: string - in: query - name: orderBy + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/accountConnectors/{accountConnectorsId}/users/{usersId}: + /v1/projects/{projectsId}/locations/{locationsId}/accountConnectors/{accountConnectorsId}/users:deleteSelf: parameters: *ref_1 delete: - description: Deletes a single User. - operationId: developerconnect.projects.locations.accountConnectors.users.delete + description: Delete the User based on the user credentials. + operationId: developerconnect.projects.locations.accountConnectors.users.deleteSelf security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3369,28 +3430,17 @@ paths: required: true schema: type: string - - in: path - name: usersId - required: true - schema: - type: string - - in: query - name: requestId - schema: - type: string - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: etag - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/accountConnectors/{accountConnectorsId}/users:fetchSelf: + /v1/projects/{projectsId}/locations/{locationsId}/accountConnectors/{accountConnectorsId}/users:fetchAccessToken: parameters: *ref_1 - get: - description: Fetch the User based on the user credentials. - operationId: developerconnect.projects.locations.accountConnectors.users.fetchSelf + post: + description: Fetches OAuth access token based on end user credentials. + operationId: >- + developerconnect.projects.locations.accountConnectors.users.fetchAccessToken + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FetchAccessTokenRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3402,7 +3452,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/User' + $ref: '#/components/schemas/FetchAccessTokenResponse' parameters: - in: path name: projectsId @@ -3419,11 +3469,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/accountConnectors/{accountConnectorsId}/users:deleteSelf: + /v1/projects/{projectsId}/locations/{locationsId}/accountConnectors/{accountConnectorsId}/users/{usersId}: parameters: *ref_1 delete: - description: Delete the User based on the user credentials. - operationId: developerconnect.projects.locations.accountConnectors.users.deleteSelf + description: Deletes a single User. + operationId: developerconnect.projects.locations.accountConnectors.users.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3452,11 +3502,33 @@ paths: required: true schema: type: string + - in: path + name: usersId + required: true + schema: + type: string + - in: query + name: etag + schema: + type: string + - in: query + name: requestId + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/insightsConfigs: parameters: *ref_1 - get: - description: Lists InsightsConfigs in a given project and location. - operationId: developerconnect.projects.locations.insightsConfigs.list + post: + description: Creates a new InsightsConfig in a given project and location. + operationId: developerconnect.projects.locations.insightsConfigs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InsightsConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3468,7 +3540,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInsightsConfigsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3481,30 +3553,16 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: insightsConfigId schema: type: string - in: query - name: orderBy + name: validateOnly schema: - type: string - post: - description: Creates a new InsightsConfig in a given project and location. - operationId: developerconnect.projects.locations.insightsConfigs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InsightsConfig' + type: boolean + get: + description: Lists InsightsConfigs in a given project and location. + operationId: developerconnect.projects.locations.insightsConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3516,7 +3574,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListInsightsConfigsResponse' parameters: - in: path name: projectsId @@ -3529,18 +3587,27 @@ paths: schema: type: string - in: query - name: insightsConfigId + name: filter schema: type: string - in: query - name: validateOnly + name: orderBy schema: - type: boolean + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 /v1/projects/{projectsId}/locations/{locationsId}/insightsConfigs/{insightsConfigsId}: parameters: *ref_1 - get: - description: Gets details of a single Insight. - operationId: developerconnect.projects.locations.insightsConfigs.get + delete: + description: Deletes a single Insight. + operationId: developerconnect.projects.locations.insightsConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3552,7 +3619,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/InsightsConfig' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3569,6 +3636,18 @@ paths: required: true schema: type: string + - in: query + name: requestId + schema: + type: string + - in: query + name: etag + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean patch: description: Updates the parameters of a single InsightsConfig. operationId: developerconnect.projects.locations.insightsConfigs.patch @@ -3610,16 +3689,16 @@ paths: schema: type: string - in: query - name: allowMissing + name: validateOnly schema: type: boolean - in: query - name: validateOnly + name: allowMissing schema: type: boolean - delete: - description: Delete a single Insight. - operationId: developerconnect.projects.locations.insightsConfigs.delete + get: + description: Gets details of a single Insight. + operationId: developerconnect.projects.locations.insightsConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3631,7 +3710,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/InsightsConfig' parameters: - in: path name: projectsId @@ -3648,15 +3727,3 @@ paths: required: true schema: type: string - - in: query - name: requestId - schema: - type: string - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: etag - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/dialogflow.yaml b/providers/src/googleapis.com/v00.00.00000/services/dialogflow.yaml index cd663af5..59bb3d45 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/dialogflow.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/dialogflow.yaml @@ -9,8 +9,8 @@ info: Builds conversational interfaces (for example, chatbots, and voice-powered apps and devices). version: v3 - x-discovery-doc-revision: '20250820' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251203' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/dialogflow/ servers: @@ -1035,6 +1035,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string GoogleLongrunningOperation: id: GoogleLongrunningOperation description: >- @@ -5291,6 +5300,10 @@ components: - NONE - ID_TOKEN - ACCESS_TOKEN + serviceAccountAuthConfig: + description: Optional. Configuration for service account authentication. + $ref: >- + #/components/schemas/GoogleCloudDialogflowCxV3WebhookGenericWebServiceServiceAccountAuthConfig webhookType: description: Optional. Type of the webhook. type: string @@ -5382,6 +5395,22 @@ components: type: array items: type: string + GoogleCloudDialogflowCxV3WebhookGenericWebServiceServiceAccountAuthConfig: + id: >- + GoogleCloudDialogflowCxV3WebhookGenericWebServiceServiceAccountAuthConfig + description: Configuration for authentication using a service account. + type: object + properties: + serviceAccount: + description: >- + Required. The email address of the service account used to + authenticate the webhook call. Dialogflow uses this service account + to exchange an access token and the access token is then sent in the + `Authorization` header of the webhook request. The service account + must have the `roles/iam.serviceAccountTokenCreator` role granted to + the [Dialogflow service + agent](https://cloud.google.com/iam/docs/service-agents#dialogflow-service-agent). + type: string GoogleCloudDialogflowCxV3WebhookServiceDirectoryConfig: id: GoogleCloudDialogflowCxV3WebhookServiceDirectoryConfig description: >- @@ -6451,6 +6480,21 @@ components: type: array items: type: string + inlineActions: + description: >- + Optional. Output only. Names of inline actions scoped to this + playbook. These actions are in addition to those belonging to + referenced tools, child playbooks, and flows, e.g. actions that are + defined in the playbook's code block. + readOnly: true + type: array + items: + type: string + codeBlock: + description: >- + Optional. The playbook's scoped code block, which may implement + handlers and actions. + $ref: '#/components/schemas/GoogleCloudDialogflowCxV3CodeBlock' llmModelSettings: description: Optional. Llm model settings for the playbook. $ref: '#/components/schemas/GoogleCloudDialogflowCxV3LlmModelSettings' @@ -6504,6 +6548,14 @@ components: type: array items: $ref: '#/components/schemas/GoogleCloudDialogflowCxV3PlaybookStep' + GoogleCloudDialogflowCxV3CodeBlock: + id: GoogleCloudDialogflowCxV3CodeBlock + description: Represents a code block. + type: object + properties: + code: + description: Optional. Source code of the block in Python. + type: string GoogleCloudDialogflowCxV3Handler: id: GoogleCloudDialogflowCxV3Handler description: >- @@ -6867,6 +6919,10 @@ components: description: Config for bearer token auth. $ref: >- #/components/schemas/GoogleCloudDialogflowCxV3ToolAuthenticationBearerTokenConfig + serviceAccountAuthConfig: + description: Configuration for service account authentication. + $ref: >- + #/components/schemas/GoogleCloudDialogflowCxV3ToolAuthenticationServiceAccountAuthConfig GoogleCloudDialogflowCxV3ToolAuthenticationApiKeyConfig: id: GoogleCloudDialogflowCxV3ToolAuthenticationApiKeyConfig description: Config for authentication with API key. @@ -6995,6 +7051,21 @@ components: will be ignored. Format: `projects/{project}/secrets/{secret}/versions/{version}` type: string + GoogleCloudDialogflowCxV3ToolAuthenticationServiceAccountAuthConfig: + id: GoogleCloudDialogflowCxV3ToolAuthenticationServiceAccountAuthConfig + description: Configuration for authentication using a service account. + type: object + properties: + serviceAccount: + description: >- + Required. The email address of the service account used to + authenticate the tool call. Dialogflow uses this service account to + exchange an access token and the access token is then sent in the + `Authorization` header of the tool request. The service account must + have the `roles/iam.serviceAccountTokenCreator` role granted to the + [Dialogflow service + agent](https://cloud.google.com/iam/docs/service-agents#dialogflow-service-agent). + type: string GoogleCloudDialogflowCxV3ToolTLSConfig: id: GoogleCloudDialogflowCxV3ToolTLSConfig description: The TLS configuration. @@ -10694,6 +10765,10 @@ components: - NONE - ID_TOKEN - ACCESS_TOKEN + serviceAccountAuthConfig: + description: Optional. Configuration for service account authentication. + $ref: >- + #/components/schemas/GoogleCloudDialogflowCxV3beta1WebhookGenericWebServiceServiceAccountAuthConfig webhookType: description: Optional. Type of the webhook. type: string @@ -10785,6 +10860,22 @@ components: type: array items: type: string + GoogleCloudDialogflowCxV3beta1WebhookGenericWebServiceServiceAccountAuthConfig: + id: >- + GoogleCloudDialogflowCxV3beta1WebhookGenericWebServiceServiceAccountAuthConfig + description: Configuration for authentication using a service account. + type: object + properties: + serviceAccount: + description: >- + Required. The email address of the service account used to + authenticate the webhook call. Dialogflow uses this service account + to exchange an access token and the access token is then sent in the + `Authorization` header of the webhook request. The service account + must have the `roles/iam.serviceAccountTokenCreator` role granted to + the [Dialogflow service + agent](https://cloud.google.com/iam/docs/service-agents#dialogflow-service-agent). + type: string GoogleCloudDialogflowCxV3beta1WebhookServiceDirectoryConfig: id: GoogleCloudDialogflowCxV3beta1WebhookServiceDirectoryConfig description: >- @@ -12007,7 +12098,8 @@ components: - >- An existing conversation has closed. This is fired when a telephone call is terminated, or a conversation is closed via the - API. + API. The event is fired for every CompleteConversation call, even + if the conversation is already closed. - >- An existing conversation has received notification from Dialogflow that human intervention is required. @@ -12708,6 +12800,9 @@ components: summarySuggestion: description: Optional. Suggested summary. $ref: '#/components/schemas/GoogleCloudDialogflowV2SummarySuggestion' + agentCoachingSuggestion: + description: Optional. Suggestion to coach the agent. + $ref: '#/components/schemas/GoogleCloudDialogflowV2AgentCoachingSuggestion' toolCallInfo: description: Optional. List of request and response for tool calls executed. type: array @@ -12744,6 +12839,198 @@ components: summary: description: Required. Summary text for the section. type: string + GoogleCloudDialogflowV2AgentCoachingSuggestion: + id: GoogleCloudDialogflowV2AgentCoachingSuggestion + description: Suggestion for coaching agents. + type: object + properties: + applicableInstructions: + description: Optional. Instructions applicable based on the current context. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2AgentCoachingInstruction + agentActionSuggestions: + description: Optional. Suggested actions for the agent to take. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2AgentCoachingSuggestionAgentActionSuggestion + sampleResponses: + description: Optional. Sample response for the Agent. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2AgentCoachingSuggestionSampleResponse + GoogleCloudDialogflowV2AgentCoachingInstruction: + id: GoogleCloudDialogflowV2AgentCoachingInstruction + description: Agent Coaching instructions that customer can configure. + type: object + properties: + displayName: + description: Optional. Display name for the instruction. + type: string + displayDetails: + description: Optional. The detailed description of this instruction. + type: string + condition: + description: >- + Optional. The condition of the instruction. For example, "the + customer wants to cancel an order". If the users want the + instruction to be triggered unconditionally, the condition can be + empty. + type: string + agentAction: + description: >- + Optional. The action that human agent should take. For example, + "apologize for the slow shipping". If the users only want to use + agent coaching for intent detection, agent_action can be empty + type: string + systemAction: + description: >- + Optional. The action that system should take. For example, "call + GetOrderTime with order_number={order number provided by the + customer}". If the users don't have plugins or don't want to trigger + plugins, the system_action can be empty + type: string + duplicateCheckResult: + description: Output only. Duplication check for the AgentCoachingInstruction. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2AgentCoachingInstructionDuplicateCheckResult + GoogleCloudDialogflowV2AgentCoachingInstructionDuplicateCheckResult: + id: GoogleCloudDialogflowV2AgentCoachingInstructionDuplicateCheckResult + description: Duplication check for the suggestion. + type: object + properties: + duplicateSuggestions: + description: Output only. The duplicate suggestions. + readOnly: true + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2AgentCoachingInstructionDuplicateCheckResultDuplicateSuggestion + GoogleCloudDialogflowV2AgentCoachingInstructionDuplicateCheckResultDuplicateSuggestion: + id: >- + GoogleCloudDialogflowV2AgentCoachingInstructionDuplicateCheckResultDuplicateSuggestion + description: The duplicate suggestion details. + type: object + properties: + answerRecord: + description: Output only. The answer record id of the past duplicate suggestion. + readOnly: true + type: string + suggestionIndex: + description: >- + Output only. The index of the duplicate suggestion in the past + suggestion list. + readOnly: true + type: integer + format: int32 + similarityScore: + description: >- + Output only. The similarity score of between the past and current + suggestion. + readOnly: true + type: number + format: float + GoogleCloudDialogflowV2AgentCoachingSuggestionAgentActionSuggestion: + id: GoogleCloudDialogflowV2AgentCoachingSuggestionAgentActionSuggestion + description: >- + Actions suggested for the agent. This is based on applicable + instructions. + type: object + properties: + agentAction: + description: Optional. The suggested action for the agent. + type: string + sources: + description: Output only. Sources for the agent action suggestion. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2AgentCoachingSuggestionSources + duplicateCheckResult: + description: Output only. Duplicate check result for the agent action suggestion. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2AgentCoachingSuggestionDuplicateCheckResult + GoogleCloudDialogflowV2AgentCoachingSuggestionSources: + id: GoogleCloudDialogflowV2AgentCoachingSuggestionSources + description: Sources for the suggestion. + type: object + properties: + instructionIndexes: + description: >- + Output only. Source instruction indexes for the suggestion. This is + the index of the applicable_instructions field. + readOnly: true + type: array + items: + type: integer + format: int32 + GoogleCloudDialogflowV2AgentCoachingSuggestionDuplicateCheckResult: + id: GoogleCloudDialogflowV2AgentCoachingSuggestionDuplicateCheckResult + description: Duplication check for the suggestion. + type: object + properties: + duplicateSuggestions: + description: Output only. The duplicate suggestions. + readOnly: true + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2AgentCoachingSuggestionDuplicateCheckResultDuplicateSuggestion + GoogleCloudDialogflowV2AgentCoachingSuggestionDuplicateCheckResultDuplicateSuggestion: + id: >- + GoogleCloudDialogflowV2AgentCoachingSuggestionDuplicateCheckResultDuplicateSuggestion + description: >- + The duplicate suggestion details. Keeping answer_record and sources + together as they are identifiers for duplicate suggestions. + type: object + properties: + answerRecord: + description: Output only. The answer record id of the past duplicate suggestion. + readOnly: true + type: string + sources: + description: Output only. Sources for the suggestion. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2AgentCoachingSuggestionSources + suggestionIndex: + description: >- + Output only. The index of the duplicate suggestion in the past + suggestion list. + readOnly: true + type: integer + format: int32 + similarityScore: + description: >- + Output only. The similarity score of between the past and current + suggestion. + readOnly: true + type: number + format: float + GoogleCloudDialogflowV2AgentCoachingSuggestionSampleResponse: + id: GoogleCloudDialogflowV2AgentCoachingSuggestionSampleResponse + description: >- + Sample response that the agent can use. This could be based on + applicable instructions and ingested data from other systems. + type: object + properties: + responseText: + description: Optional. Sample response for Agent in text. + type: string + sources: + description: Output only. Sources for the Sample Response. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2AgentCoachingSuggestionSources + duplicateCheckResult: + description: Output only. Duplicate check result for the sample response. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2AgentCoachingSuggestionDuplicateCheckResult GoogleCloudDialogflowV2GeneratorSuggestionToolCallInfo: id: GoogleCloudDialogflowV2GeneratorSuggestionToolCallInfo description: Request and response for a tool call. @@ -12765,6 +13052,14 @@ components: Optional. The tool associated with this call. Format: `projects//locations//tools/`. type: string + toolDisplayName: + description: >- + Optional. A human readable short name of the tool, to be shown on + the UI. + type: string + toolDisplayDetails: + description: Optional. A human readable description of the tool. + type: string action: description: Optional. The name of the tool's action associated with this call. type: string @@ -12779,6 +13074,21 @@ components: readOnly: true type: string format: google-datetime + answerRecord: + description: Optional. The answer record associated with this tool call. + type: string + state: + description: Output only. State of the tool call. + readOnly: true + type: string + enumDescriptions: + - Default value. + - The tool call has been triggered. + - The tool call requires confirmation from a human. + enum: + - STATE_UNSPECIFIED + - TRIGGERED + - NEEDS_CONFIRMATION GoogleCloudDialogflowV2ToolCallResult: id: GoogleCloudDialogflowV2ToolCallResult description: The result of calling a tool's action. @@ -12809,6 +13119,9 @@ components: readOnly: true type: string format: google-datetime + answerRecord: + description: Optional. The answer record associated with this tool call result. + type: string GoogleCloudDialogflowV2ToolCallResultError: id: GoogleCloudDialogflowV2ToolCallResultError description: An error produced by the tool call. @@ -15145,7 +15458,8 @@ components: - >- An existing conversation has closed. This is fired when a telephone call is terminated, or a conversation is closed via the - API. + API. The event is fired for every CompleteConversation call, even + if the conversation is already closed. - >- An existing conversation has received notification from Dialogflow that human intervention is required. @@ -16324,6 +16638,10 @@ components: summarySuggestion: description: Optional. Suggested summary. $ref: '#/components/schemas/GoogleCloudDialogflowV2beta1SummarySuggestion' + agentCoachingSuggestion: + description: Optional. Suggestion to coach the agent. + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2beta1AgentCoachingSuggestion toolCallInfo: description: Optional. List of request and response for tool calls executed. type: array @@ -16360,6 +16678,198 @@ components: summary: description: Required. Summary text for the section. type: string + GoogleCloudDialogflowV2beta1AgentCoachingSuggestion: + id: GoogleCloudDialogflowV2beta1AgentCoachingSuggestion + description: Suggestion for coaching agents. + type: object + properties: + applicableInstructions: + description: Optional. Instructions applicable based on the current context. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2beta1AgentCoachingInstruction + agentActionSuggestions: + description: Optional. Suggested actions for the agent to take. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2beta1AgentCoachingSuggestionAgentActionSuggestion + sampleResponses: + description: Optional. Sample response for the Agent. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2beta1AgentCoachingSuggestionSampleResponse + GoogleCloudDialogflowV2beta1AgentCoachingInstruction: + id: GoogleCloudDialogflowV2beta1AgentCoachingInstruction + description: Agent Coaching instructions that customer can configure. + type: object + properties: + displayName: + description: Optional. Display name for the instruction. + type: string + displayDetails: + description: Optional. The detailed description of this instruction. + type: string + condition: + description: >- + Optional. The condition of the instruction. For example, "the + customer wants to cancel an order". If the users want the + instruction to be triggered unconditionally, the condition can be + empty. + type: string + agentAction: + description: >- + Optional. The action that human agent should take. For example, + "apologize for the slow shipping". If the users only want to use + agent coaching for intent detection, agent_action can be empty + type: string + systemAction: + description: >- + Optional. The action that system should take. For example, "call + GetOrderTime with order_number={order number provided by the + customer}". If the users don't have plugins or don't want to trigger + plugins, the system_action can be empty + type: string + duplicateCheckResult: + description: Output only. Duplication check for the AgentCoachingInstruction. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2beta1AgentCoachingInstructionDuplicateCheckResult + GoogleCloudDialogflowV2beta1AgentCoachingInstructionDuplicateCheckResult: + id: GoogleCloudDialogflowV2beta1AgentCoachingInstructionDuplicateCheckResult + description: Duplication check for the suggestion. + type: object + properties: + duplicateSuggestions: + description: Output only. The duplicate suggestions. + readOnly: true + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2beta1AgentCoachingInstructionDuplicateCheckResultDuplicateSuggestion + GoogleCloudDialogflowV2beta1AgentCoachingInstructionDuplicateCheckResultDuplicateSuggestion: + id: >- + GoogleCloudDialogflowV2beta1AgentCoachingInstructionDuplicateCheckResultDuplicateSuggestion + description: The duplicate suggestion details. + type: object + properties: + answerRecord: + description: Output only. The answer record id of the past duplicate suggestion. + readOnly: true + type: string + suggestionIndex: + description: >- + Output only. The index of the duplicate suggestion in the past + suggestion list. + readOnly: true + type: integer + format: int32 + similarityScore: + description: >- + Output only. The similarity score of between the past and current + suggestion. + readOnly: true + type: number + format: float + GoogleCloudDialogflowV2beta1AgentCoachingSuggestionAgentActionSuggestion: + id: GoogleCloudDialogflowV2beta1AgentCoachingSuggestionAgentActionSuggestion + description: >- + Actions suggested for the agent. This is based on applicable + instructions. + type: object + properties: + agentAction: + description: Optional. The suggested action for the agent. + type: string + sources: + description: Output only. Sources for the agent action suggestion. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2beta1AgentCoachingSuggestionSources + duplicateCheckResult: + description: Output only. Duplicate check result for the agent action suggestion. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2beta1AgentCoachingSuggestionDuplicateCheckResult + GoogleCloudDialogflowV2beta1AgentCoachingSuggestionSources: + id: GoogleCloudDialogflowV2beta1AgentCoachingSuggestionSources + description: Sources for the suggestion. + type: object + properties: + instructionIndexes: + description: >- + Output only. Source instruction indexes for the suggestion. This is + the index of the applicable_instructions field. + readOnly: true + type: array + items: + type: integer + format: int32 + GoogleCloudDialogflowV2beta1AgentCoachingSuggestionDuplicateCheckResult: + id: GoogleCloudDialogflowV2beta1AgentCoachingSuggestionDuplicateCheckResult + description: Duplication check for the suggestion. + type: object + properties: + duplicateSuggestions: + description: Output only. The duplicate suggestions. + readOnly: true + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2beta1AgentCoachingSuggestionDuplicateCheckResultDuplicateSuggestion + GoogleCloudDialogflowV2beta1AgentCoachingSuggestionDuplicateCheckResultDuplicateSuggestion: + id: >- + GoogleCloudDialogflowV2beta1AgentCoachingSuggestionDuplicateCheckResultDuplicateSuggestion + description: >- + The duplicate suggestion details. Keeping answer_record and sources + together as they are identifiers for duplicate suggestions. + type: object + properties: + answerRecord: + description: Output only. The answer record id of the past duplicate suggestion. + readOnly: true + type: string + sources: + description: Output only. Sources for the suggestion. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2beta1AgentCoachingSuggestionSources + suggestionIndex: + description: >- + Output only. The index of the duplicate suggestion in the past + suggestion list. + readOnly: true + type: integer + format: int32 + similarityScore: + description: >- + Output only. The similarity score of between the past and current + suggestion. + readOnly: true + type: number + format: float + GoogleCloudDialogflowV2beta1AgentCoachingSuggestionSampleResponse: + id: GoogleCloudDialogflowV2beta1AgentCoachingSuggestionSampleResponse + description: >- + Sample response that the agent can use. This could be based on + applicable instructions and ingested data from other systems. + type: object + properties: + responseText: + description: Optional. Sample response for Agent in text. + type: string + sources: + description: Output only. Sources for the Sample Response. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2beta1AgentCoachingSuggestionSources + duplicateCheckResult: + description: Output only. Duplicate check result for the sample response. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDialogflowV2beta1AgentCoachingSuggestionDuplicateCheckResult GoogleCloudDialogflowV2beta1GeneratorSuggestionToolCallInfo: id: GoogleCloudDialogflowV2beta1GeneratorSuggestionToolCallInfo description: Request and response for a tool call. @@ -16381,6 +16891,14 @@ components: Optional. The tool associated with this call. Format: `projects//locations//tools/`. type: string + toolDisplayName: + description: >- + Optional. A human readable short name of the tool, to be shown on + the UI. + type: string + toolDisplayDetails: + description: Optional. A human readable description of the tool. + type: string action: description: Optional. The name of the tool's action associated with this call. type: string @@ -16395,6 +16913,21 @@ components: readOnly: true type: string format: google-datetime + answerRecord: + description: Optional. The answer record associated with this tool call. + type: string + state: + description: Output only. State of the tool call + readOnly: true + type: string + enumDescriptions: + - Default value. + - The tool call has been triggered. + - The tool call requires confirmation from a human. + enum: + - STATE_UNSPECIFIED + - TRIGGERED + - NEEDS_CONFIRMATION GoogleCloudDialogflowV2beta1ToolCallResult: id: GoogleCloudDialogflowV2beta1ToolCallResult description: The result of calling a tool's action. @@ -16425,6 +16958,9 @@ components: readOnly: true type: string format: google-datetime + answerRecord: + description: Optional. The answer record associated with this tool call result. + type: string GoogleCloudDialogflowV2beta1ToolCallResultError: id: GoogleCloudDialogflowV2beta1ToolCallResultError description: An error produced by the tool call. @@ -18715,6 +19251,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v3/projects/{projectsId}/operations/{operationsId}: parameters: *ref_1 get: @@ -18914,6 +19454,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v3/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/discoveryengine.yaml b/providers/src/googleapis.com/v00.00.00000/services/discoveryengine.yaml index df48a8a2..cf5dcbf7 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/discoveryengine.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/discoveryengine.yaml @@ -7,8 +7,8 @@ info: title: Discovery Engine API description: Discovery Engine API. version: v1 - x-discovery-doc-revision: '20250816' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251209' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/generative-ai-app-builder/docs/ servers: @@ -22,10 +22,19 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 + https://www.googleapis.com/auth/discoveryengine.assist.readwrite: >- + View your Agentspace chat history, including uploaded files and + generated reports and visualizations, and interact with the + Agentspace assistant on your behalf. + https://www.googleapis.com/auth/cloud_search.query: Search your organization's data in the Cloud Search index https://www.googleapis.com/auth/cloud-platform: >- See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account. - https://www.googleapis.com/auth/cloud_search.query: Search your organization's data in the Cloud Search index + https://www.googleapis.com/auth/discoveryengine.readwrite: >- + View, edit, create, and delete all your data associated with any + Discovery Engine API product, such as Agentspace, Vertex AI + Search, or NotebookLM Enterprise, including both end user data and + administration or configuration data. Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -35,183 +44,267 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleLongrunningListOperationsResponse: - id: GoogleLongrunningListOperationsResponse - description: The response message for Operations.ListOperations. + GoogleCloudDiscoveryengineV1alphaControlFilterAction: + description: >- + Specified which products may be included in results. Uses same filter as + boost. + id: GoogleCloudDiscoveryengineV1alphaControlFilterAction type: object properties: - operations: + filter: description: >- - A list of operations that matches the specified filter in the - request. + Required. A filter to apply on the matching condition results. + Required Syntax documentation: + https://cloud.google.com/retail/docs/filter-and-order Maximum length + is 5000 characters. Otherwise an INVALID ARGUMENT error is thrown. + type: string + dataStore: + description: >- + Required. Specifies which data store's documents can be filtered by + this control. Full data store name e.g. + projects/123/locations/global/collections/default_collection/dataStores/default_data_store + type: string + GoogleCloudDiscoveryengineV1CustomAttribute: + type: object + properties: + text: type: array items: - $ref: '#/components/schemas/GoogleLongrunningOperation' - nextPageToken: - description: The standard List next-page token. + type: string + description: >- + The textual values of this custom attribute. For example, + `["yellow", "green"]` when the key is "color". Empty string is not + allowed. Otherwise, an `INVALID_ARGUMENT` error is returned. Exactly + one of CustomAttribute.text or CustomAttribute.numbers should be + set. Otherwise, an `INVALID_ARGUMENT` error is returned. + numbers: + items: + type: number + format: double + description: >- + The numerical values of this custom attribute. For example, `[2.3, + 15.4]` when the key is "lengths_cm". Exactly one of + CustomAttribute.text or CustomAttribute.numbers should be set. + Otherwise, an `INVALID_ARGUMENT` error is returned. + type: array + id: GoogleCloudDiscoveryengineV1CustomAttribute + description: >- + A custom attribute that is not explicitly modeled in a resource, e.g. + UserEvent. + GoogleCloudDiscoveryengineV1betaBatchUpdateUserLicensesMetadata: + properties: + updateTime: + type: string + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + successCount: + description: Count of user licenses successfully updated. + format: int64 + type: string + failureCount: + description: Count of user licenses that failed to be updated. + type: string + format: int64 + createTime: + description: Operation create time. + format: google-datetime type: string - GoogleLongrunningOperation: - id: GoogleLongrunningOperation description: >- - This resource represents a long-running operation that is the result of - a network API call. + Metadata related to the progress of the + UserLicenseService.BatchUpdateUserLicenses operation. This will be + returned by the google.longrunning.Operation.metadata field. + type: object + id: GoogleCloudDiscoveryengineV1betaBatchUpdateUserLicensesMetadata + GoogleCloudDiscoveryengineV1betaImportSuggestionDenyListEntriesResponse: + description: >- + Response message for CompletionService.ImportSuggestionDenyListEntries + method. type: object + id: GoogleCloudDiscoveryengineV1betaImportSuggestionDenyListEntriesResponse properties: - name: + importedEntriesCount: + description: Count of deny list entries successfully imported. + format: int64 + type: string + failedEntriesCount: + format: int64 + type: string + description: Count of deny list entries that failed to be imported. + errorSamples: + description: A sample of errors encountered while processing the request. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + GoogleCloudDiscoveryengineV1RankRequest: + id: GoogleCloudDiscoveryengineV1RankRequest + type: object + properties: + topN: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + The number of results to return. If this is unset or no bigger than + zero, returns all results. + format: int32 + type: integer + query: type: string - metadata: + description: The query to use. + userLabels: description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object + The user labels applied to a resource must meet the following + requirements: * Each resource can have multiple labels, up to a + maximum of 64. * Each label must be a key-value pair. * Keys have a + minimum length of 1 character and a maximum length of 63 characters + and cannot be empty. Values can be empty and have a maximum length + of 63 characters. * Keys and values can contain only lowercase + letters, numeric characters, underscores, and dashes. All characters + must use UTF-8 encoding, and international characters are allowed. * + The key portion of a label must be unique. However, you can use the + same key with multiple resources. * Keys must start with a lowercase + letter or international character. See [Google Cloud + Document](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) + for more details. additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + type: string + type: object + ignoreRecordDetailsInResponse: + type: boolean description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. + If true, the response will contain only record ID and score. By + default, it is false, the response will contain record details. + records: + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1RankingRecord' + description: Required. A list of records to rank. + type: array + model: + description: >- + The identifier of the model to use. It is one of: * + `semantic-ranker-512@latest`: Semantic ranking model with maximum + input token size 512. It is set to `semantic-ranker-512@latest` by + default if unspecified. + type: string + description: Request message for RankService.Rank method. + GoogleCloudDiscoveryengineV1betaHealthcareFhirConfig: + id: GoogleCloudDiscoveryengineV1betaHealthcareFhirConfig + type: object + properties: + enableConfigurableSchema: type: boolean - error: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/GoogleRpcStatus' - response: + Whether to enable configurable schema for `HEALTHCARE_FHIR` + vertical. If set to `true`, the predefined healthcare fhir schema + can be extended for more customized searching and filtering. + enableStaticIndexingForBatchIngestion: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleRpcStatus: - id: GoogleRpcStatus - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + Whether to enable static indexing for `HEALTHCARE_FHIR` batch + ingestion. If set to `true`, the batch ingestion will be processed + in a static indexing mode which is slower but more capable of + handling larger volume. + type: boolean + description: Config to data store for `HEALTHCARE_FHIR` vertical. + GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecChunkSpec: + id: GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecChunkSpec type: object properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer + numPreviousChunks: format: int32 - message: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: + The number of previous chunks to be returned of the current chunk. + The maximum allowed value is 3. If not specified, no previous chunks + will be returned. + type: integer + numNextChunks: + type: integer + format: int32 description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleLongrunningCancelOperationRequest: - id: GoogleLongrunningCancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - GoogleProtobufEmpty: - id: GoogleProtobufEmpty + The number of next chunks to be returned of the current chunk. The + maximum allowed value is 3. If not specified, no next chunks will be + returned. description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + Specifies the chunk spec to be returned from the search response. Only + available if the SearchRequest.ContentSearchSpec.search_result_mode is + set to CHUNKS + GoogleCloudDiscoveryengineV1Principal: type: object - properties: {} - GoogleCloudDiscoveryengineV1SearchRequest: - id: GoogleCloudDiscoveryengineV1SearchRequest - description: Request message for SearchService.Search method. + properties: + groupId: + type: string + description: >- + Group identifier. For Google Workspace user account, group_id should + be the google workspace group email. For non-google identity + provider user account, group_id is the mapped group identifier + configured during the workforcepool config. + userId: + type: string + description: >- + User identifier. For Google Workspace user account, user_id should + be the google workspace user email. For non-google identity provider + user account, user_id is the mapped user identifier configured + during the workforcepool config. + externalEntityId: + type: string + description: >- + For 3P application identities which are not present in the customer + identity provider. + id: GoogleCloudDiscoveryengineV1Principal + description: Principal identifier of a user or a group. + GoogleCloudDiscoveryengineV1AlloyDbSource: type: object + description: AlloyDB source import data from. properties: - branch: + gcsStagingDir: description: >- - The branch resource name, such as - `projects/*/locations/global/collections/default_collection/dataStores/default_data_store/branches/0`. - Use `default_branch` as the branch ID or leave this field empty, to - search documents under the default branch. + Intermediate Cloud Storage directory used for the import with a + length limit of 2,000 characters. Can be specified if one wants to + have the AlloyDB export to a specific Cloud Storage directory. + Ensure that the AlloyDB service account has the necessary Cloud + Storage Admin permissions to access the specified Cloud Storage + directory. type: string - query: - description: Raw search query. + tableId: + description: >- + Required. The AlloyDB table to copy the data from with a length + limit of 256 characters. type: string - imageQuery: - description: Raw image query. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestImageQuery - pageSize: + locationId: description: >- - Maximum number of Documents to return. The maximum allowed value - depends on the data type. Values above the maximum value are coerced - to the maximum value. * Websites with basic indexing: Default `10`, - Maximum `25`. * Websites with advanced indexing: Default `25`, - Maximum `50`. * Other: Default `50`, Maximum `100`. If this field is - negative, an `INVALID_ARGUMENT` is returned. - type: integer - format: int32 - pageToken: + Required. The AlloyDB location to copy the data from with a length + limit of 256 characters. + type: string + clusterId: + type: string description: >- - A page token received from a previous SearchService.Search call. - Provide this to retrieve the subsequent page. When paginating, all - other parameters provided to SearchService.Search must match the - call that provided the page token. Otherwise, an `INVALID_ARGUMENT` - error is returned. + Required. The AlloyDB cluster to copy the data from with a length + limit of 256 characters. + projectId: type: string - offset: description: >- - A 0-indexed integer that specifies the current offset (that is, - starting result location, amongst the Documents deemed by the API as - relevant) in search results. This field is only considered if - page_token is unset. If this field is negative, an - `INVALID_ARGUMENT` is returned. - type: integer - format: int32 - oneBoxPageSize: + The project ID that contains the AlloyDB source. Has a length limit + of 128 characters. If not specified, inherits the project ID from + the parent request. + databaseId: + type: string description: >- - The maximum number of results to return for OneBox. This applies to - each OneBox type individually. Default number is 10. - type: integer - format: int32 + Required. The AlloyDB database to copy the data from with a length + limit of 256 characters. + id: GoogleCloudDiscoveryengineV1AlloyDbSource + GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecVertexAiSearchSpec: + properties: dataStoreSpecs: description: >- - Specifications that define the specific DataStores to be searched, - along with configurations for those data stores. This is only - considered for Engines with multiple data stores. For engines with a - single data store, the specs directly under SearchRequest should be - used. - type: array + Optional. Specs defining DataStores to filter on in a search call + and configurations for those data stores. This is only considered + for Engines with multiple data stores. items: $ref: >- #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestDataStoreSpec + type: array filter: + type: string description: >- - The filter syntax consists of an expression language for + Optional. The filter syntax consists of an expression language for constructing a predicate from one or more fields of the documents being filtered. Filter expression is case-sensitive. If this field is unrecognizable, an `INVALID_ARGUMENT` is returned. Filtering in @@ -223,109 +316,480 @@ components: more information about filtering including syntax and filter operators, see [Filter](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) - type: string - canonicalFilter: + id: >- + GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecVertexAiSearchSpec + type: object + description: Specification of the Vertex AI Search tool. + GoogleCloudDiscoveryengineV1ImportUserEventsRequest: + properties: + errorConfig: description: >- - The default filter that is applied when a user performs a search - without checking any filters on the search page. The filter applied - to every search request when quality improvement such as query - expansion is needed. In the case a query does not have a sufficient - amount of results this filter will be used to determine whether or - not to enable the query expansion flow. The original filter will - still be used for the query expanded search. This field is strongly - recommended to achieve high search quality. For more information - about filter syntax, see SearchRequest.filter. + The desired location of errors incurred during the Import. Cannot be + set for inline user event imports. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ImportErrorConfig' + inlineSource: + description: The Inline source for the input content for UserEvents. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ImportUserEventsRequestInlineSource + gcsSource: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1GcsSource' + description: Cloud Storage location for the input content. + bigquerySource: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1BigQuerySource' + description: BigQuery input source. + id: GoogleCloudDiscoveryengineV1ImportUserEventsRequest + type: object + description: Request message for the ImportUserEvents request. + GoogleCloudDiscoveryengineV1betaUserStore: + description: Configures metadata that is used for End User entities. + properties: + name: type: string - orderBy: description: >- - The order in which documents are returned. Documents can be ordered - by a field in an Document object. Leave it unset if ordered by - relevance. `order_by` expression is case-sensitive. For more - information on ordering the website search results, see [Order web - search - results](https://cloud.google.com/generative-ai-app-builder/docs/order-web-search-results). - For more information on ordering the healthcare search results, see - [Order healthcare search - results](https://cloud.google.com/generative-ai-app-builder/docs/order-hc-results). - If this field is unrecognizable, an `INVALID_ARGUMENT` is returned. - type: string - userInfo: + Immutable. The full resource name of the User Store, in the format + of + `projects/{project}/locations/{location}/userStores/{user_store}`. + This field must be a UTF-8 encoded string with a length limit of + 1024 characters. + enableExpiredLicenseAutoUpdate: + type: boolean description: >- - Information about the end user. Highly recommended for analytics and - personalization. UserInfo.user_agent is used to deduce `device_type` - for analytics. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserInfo' - languageCode: + Optional. Whether to enable license auto update for users in this + User Store. If true, users with expired licenses will automatically + be updated to use the default license config as long as the default + license config has seats left. + defaultLicenseConfig: + description: >- + Optional. The default subscription LicenseConfig for the UserStore, + if UserStore.enable_license_auto_register is true, new users will + automatically register under the default subscription. If default + LicenseConfig doesn't have remaining license seats left, new users + will not be assigned with license and will be blocked for Vertex AI + Search features. This is used if `license_assignment_tier_rules` is + not configured. + type: string + enableLicenseAutoRegister: + type: boolean description: >- - The BCP-47 language code, such as "en-US" or "sr-Latn". For more - information, see [Standard - fields](https://cloud.google.com/apis/design/standard_fields). This - field helps to better interpret the query. If a value isn't - specified, the query language code is automatically detected, which - may not be accurate. + Optional. Whether to enable license auto register for users in this + User Store. If true, new users will automatically register under the + default license config as long as the default license config has + seats left. + displayName: type: string - facetSpecs: - description: >- - Facet specifications for faceted search. If empty, no facets are - returned. A maximum of 100 values are allowed. Otherwise, an - `INVALID_ARGUMENT` error is returned. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestFacetSpec - boostSpec: - description: >- - Boost specification to boost certain documents. For more information - on boosting, see - [Boosting](https://cloud.google.com/generative-ai-app-builder/docs/boost-search-results) + description: The display name of the User Store. + id: GoogleCloudDiscoveryengineV1betaUserStore + type: object + GoogleCloudDiscoveryengineV1betaEngine: + properties: + chatEngineMetadata: + readOnly: true $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestBoostSpec - params: + #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineChatEngineMetadata description: >- - Additional search parameters. For public website search only, - supported values are: * `user_country_code`: string. Default empty. - If set to non-empty, results are restricted or boosted based on the - location provided. For example, `user_country_code: "au"` For - available codes see [Country - Codes](https://developers.google.com/custom-search/docs/json_api_reference#countryCodes) - * `search_type`: double. Default empty. Enables non-webpage - searching depending on the value. The only valid non-default value - is 1, which enables image searching. For example, `search_type: 1` - type: object - additionalProperties: - type: any - queryExpansionSpec: + Output only. Additional information of the Chat Engine. Only + applicable if solution_type is SOLUTION_TYPE_CHAT. + solutionType: + description: Required. The solutions of the engine. + type: string + enumDescriptions: + - Default value. + - Used for Recommendations AI. + - Used for Discovery Search. + - Used for use cases related to the Generative AI agent. + - >- + Used for use cases related to the Generative Chat agent. It's used + for Generative chat engine only, the associated data stores must + enrolled with `SOLUTION_TYPE_CHAT` solution. + enum: + - SOLUTION_TYPE_UNSPECIFIED + - SOLUTION_TYPE_RECOMMENDATION + - SOLUTION_TYPE_SEARCH + - SOLUTION_TYPE_CHAT + - SOLUTION_TYPE_GENERATIVE_CHAT + searchEngineConfig: description: >- - The query expansion specification that specifies the conditions - under which query expansion occurs. + Configurations for the Search Engine. Only applicable if + solution_type is SOLUTION_TYPE_SEARCH. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestQueryExpansionSpec - spellCorrectionSpec: + #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineSearchEngineConfig + mediaRecommendationEngineConfig: description: >- - The spell correction specification that specifies the mode under - which spell correction takes effect. + Configurations for the Media Engine. Only applicable on the data + stores with solution_type SOLUTION_TYPE_RECOMMENDATION and + IndustryVertical.MEDIA vertical. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestSpellCorrectionSpec - userPseudoId: + #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfig + chatEngineConfig: description: >- - A unique identifier for tracking visitors. For example, this could - be implemented with an HTTP cookie, which should be able to uniquely - identify a visitor on a single device. This unique identifier should - not change if the visitor logs in or out of the website. This field - should NOT have a fixed value such as `unknown_visitor`. This should - be the same identifier as UserEvent.user_pseudo_id and - CompleteQueryRequest.user_pseudo_id The field must be a UTF-8 - encoded string with a length limit of 128 characters. Otherwise, an - `INVALID_ARGUMENT` error is returned. - type: string - contentSearchSpec: - description: A specification for configuring the behavior of content search. + Configurations for the Chat Engine. Only applicable if solution_type + is SOLUTION_TYPE_CHAT. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpec - rankingExpression: - description: >- - Optional. The ranking expression controls the customized ranking on - retrieval documents. This overrides + #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineChatEngineConfig + modelConfigs: + additionalProperties: + enumDescriptions: + - The model state is unspecified. + - The model is enabled by admin. + - The model is disabled by admin. + type: string + enum: + - MODEL_STATE_UNSPECIFIED + - MODEL_ENABLED + - MODEL_DISABLED + description: >- + Optional. Maps a model name to its specific configuration for this + engine. This allows admin users to turn on/off individual models. + This only stores models whose states are overridden by the admin. + When the state is unspecified, or model_configs is empty for this + model, the system will decide if this model should be available or + not based on the default configuration. For example, a preview model + should be disabled by default if the admin has not chosen to enable + it. + type: object + industryVertical: + type: string + enumDescriptions: + - Value used when unset. + - >- + The generic vertical for documents that are not specific to any + industry vertical. + - The media industry vertical. + - The healthcare FHIR vertical. + enum: + - INDUSTRY_VERTICAL_UNSPECIFIED + - GENERIC + - MEDIA + - HEALTHCARE_FHIR + description: >- + Optional. The industry vertical that the engine registers. The + restriction of the Engine industry vertical is based on DataStore: + Vertical on Engine has to match vertical of the DataStore linked to + the engine. + dataStoreIds: + items: + type: string + description: >- + Optional. The data stores associated with this engine. For + SOLUTION_TYPE_SEARCH and SOLUTION_TYPE_RECOMMENDATION type of + engines, they can only associate with at most one data store. If + solution_type is SOLUTION_TYPE_CHAT, multiple DataStores in the same + Collection can be associated here. Note that when used in + CreateEngineRequest, one DataStore id must be provided as the system + will use it for necessary initializations. + type: array + appType: + enumDescriptions: + - All non specified apps. + - App type for intranet search and Agentspace. + enum: + - APP_TYPE_UNSPECIFIED + - APP_TYPE_INTRANET + description: >- + Optional. Immutable. This the application type which this engine + resource represents. NOTE: this is a new concept independ of + existing industry vertical or solution type. + type: string + configurableBillingApproach: + type: string + enum: + - CONFIGURABLE_BILLING_APPROACH_UNSPECIFIED + - CONFIGURABLE_BILLING_APPROACH_ENABLED + description: Optional. Configuration for configurable billing approach. + enumDescriptions: + - >- + Default value. For Spark and non-Spark non-configurable billing + approach. General pricing model. + - The billing approach follows configurations specified by customer. + createTime: + type: string + readOnly: true + format: google-datetime + description: Output only. Timestamp the Recommendation Engine was created at. + updateTime: + description: Output only. Timestamp the Recommendation Engine was last updated. + readOnly: true + format: google-datetime + type: string + displayName: + type: string + description: >- + Required. The display name of the engine. Should be human readable. + UTF-8 encoded string with limit of 1024 characters. + cmekConfig: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaCmekConfig' + description: Output only. CMEK-related information for the Engine. + readOnly: true + disableAnalytics: + type: boolean + description: >- + Optional. Whether to disable analytics for searches performed on + this engine. + name: + type: string + description: >- + Immutable. Identifier. The fully qualified resource name of the + engine. This field must be a UTF-8 encoded string with a length + limit of 1024 characters. Format: + `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}` + engine should be 1-63 characters, and valid characters are + /a-z0-9*/. Otherwise, an INVALID_ARGUMENT error is returned. + features: + type: object + description: >- + Optional. Feature config for the engine to opt in or opt out of + features. Supported keys: * `*`: all features, if it's present, all + other feature state settings are ignored. * `agent-gallery` * + `no-code-agent-builder` * `prompt-gallery` * `model-selector` * + `notebook-lm` * `people-search` * `people-search-org-chart` * + `bi-directional-audio` * `feedback` * `session-sharing` * + `personalization-memory` * `disable-agent-sharing` * + `disable-image-generation` * `disable-video-generation` * + `disable-onedrive-upload` * `disable-talk-to-content` * + `disable-google-drive-upload` + additionalProperties: + enumDescriptions: + - The feature state is unspecified. + - The feature is turned on to be accessible. + - The feature is turned off to be inaccessible. + type: string + enum: + - FEATURE_STATE_UNSPECIFIED + - FEATURE_STATE_ON + - FEATURE_STATE_OFF + commonConfig: + description: Common config spec that specifies the metadata of the engine. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineCommonConfig + id: GoogleCloudDiscoveryengineV1betaEngine + description: >- + Metadata that describes the training and serving parameters of an + Engine. + type: object + GoogleCloudDiscoveryengineV1alphaIdentityMappingEntryOperationMetadata: + properties: + successCount: + type: string + description: >- + The number of IdentityMappingEntries that were successfully + processed. + format: int64 + failureCount: + description: The number of IdentityMappingEntries that failed to be processed. + format: int64 + type: string + totalCount: + format: int64 + type: string + description: The total number of IdentityMappingEntries that were processed. + description: >- + IdentityMappingEntry LongRunningOperation metadata for + IdentityMappingStoreService.ImportIdentityMappings and + IdentityMappingStoreService.PurgeIdentityMappings + type: object + id: GoogleCloudDiscoveryengineV1alphaIdentityMappingEntryOperationMetadata + GoogleCloudDiscoveryengineV1betaSearchRequest: + description: Request message for SearchService.Search method. + type: object + properties: + userLabels: + additionalProperties: + type: string + description: >- + The user labels applied to a resource must meet the following + requirements: * Each resource can have multiple labels, up to a + maximum of 64. * Each label must be a key-value pair. * Keys have a + minimum length of 1 character and a maximum length of 63 characters + and cannot be empty. Values can be empty and have a maximum length + of 63 characters. * Keys and values can contain only lowercase + letters, numeric characters, underscores, and dashes. All characters + must use UTF-8 encoding, and international characters are allowed. * + The key portion of a label must be unique. However, you can use the + same key with multiple resources. * Keys must start with a lowercase + letter or international character. See [Google Cloud + Document](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) + for more details. + type: object + servingConfig: + type: string + description: >- + Required. The resource name of the Search serving config, such as + `projects/*/locations/global/collections/default_collection/engines/*/servingConfigs/default_serving_config`, + or + `projects/*/locations/global/collections/default_collection/dataStores/default_data_store/servingConfigs/default_serving_config`. + This field is used to identify the serving configuration name, set + of models used to make the search. + orderBy: + description: >- + The order in which documents are returned. Documents can be ordered + by a field in an Document object. Leave it unset if ordered by + relevance. `order_by` expression is case-sensitive. For more + information on ordering the website search results, see [Order web + search + results](https://cloud.google.com/generative-ai-app-builder/docs/order-web-search-results). + For more information on ordering the healthcare search results, see + [Order healthcare search + results](https://cloud.google.com/generative-ai-app-builder/docs/order-hc-results). + If this field is unrecognizable, an `INVALID_ARGUMENT` is returned. + type: string + boostSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpec + description: >- + Boost specification to boost certain documents. For more information + on boosting, see + [Boosting](https://cloud.google.com/generative-ai-app-builder/docs/boost-search-results) + session: + description: >- + The session resource name. Optional. Session allows users to do + multi-turn /search API calls or coordination between /search API + calls and /answer API calls. Example #1 (multi-turn /search API + calls): Call /search API with the session ID generated in the first + call. Here, the previous search query gets considered in query + standing. I.e., if the first query is "How did Alphabet do in 2022?" + and the current query is "How about 2023?", the current query will + be interpreted as "How did Alphabet do in 2023?". Example #2 + (coordination between /search API calls and /answer API calls): Call + /answer API with the session ID generated in the first call. Here, + the answer generation happens in the context of the search results + from the first search call. Multi-turn Search feature is currently + at private GA stage. Please use v1alpha or v1beta version instead + before we launch this feature to public GA. Or ask for allowlisting + through Google Support team. + type: string + relevanceThreshold: + enum: + - RELEVANCE_THRESHOLD_UNSPECIFIED + - LOWEST + - LOW + - MEDIUM + - HIGH + type: string + description: >- + The relevance threshold of the search results. Default to Google + defined threshold, leveraging a balance of precision and recall to + deliver both highly accurate results and comprehensive coverage of + relevant information. This feature is not supported for healthcare + search. + enumDescriptions: + - >- + Default value. In this case, server behavior defaults to Google + defined threshold. + - Lowest relevance threshold. + - Low relevance threshold. + - Medium relevance threshold. + - High relevance threshold. + sessionSpec: + description: Session specification. Can be used only when `session` is set. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestSessionSpec + pageSize: + description: >- + Maximum number of Documents to return. The maximum allowed value + depends on the data type. Values above the maximum value are coerced + to the maximum value. * Websites with basic indexing: Default `10`, + Maximum `25`. * Websites with advanced indexing: Default `25`, + Maximum `50`. * Other: Default `50`, Maximum `100`. If this field is + negative, an `INVALID_ARGUMENT` is returned. + type: integer + format: int32 + pageCategories: + description: >- + Optional. The categories associated with a category page. Must be + set for category navigation queries to achieve good search quality. + The format should be the same as UserEvent.PageInfo.page_category. + This field is the equivalent of the query for browse (navigation) + queries. It's used by the browse model when the query is empty. If + the field is empty, it will not be used by the browse model. If the + field contains more than one element, only the first element will be + used. To represent full path of a category, use '>' character to + separate different hierarchies. If '>' is part of the category name, + replace it with other character(s). For example, `Graphics Cards > + RTX>4090 > Founders Edition` where "RTX > 4090" represents one + level, can be rewritten as `Graphics Cards > RTX_4090 > Founders + Edition` + items: + type: string + type: array + safeSearch: + type: boolean + description: >- + Whether to turn on safe search. This is only supported for website + search. + naturalLanguageQueryUnderstandingSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestNaturalLanguageQueryUnderstandingSpec + description: >- + Optional. Config for natural language query understanding + capabilities, such as extracting structured field filters from the + query. Refer to [this + documentation](https://cloud.google.com/generative-ai-app-builder/docs/natural-language-queries) + for more information. If `naturalLanguageQueryUnderstandingSpec` is + not specified, no additional natural language query understanding + will be done. + relevanceScoreSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestRelevanceScoreSpec + description: Optional. The specification for returning the relevance score. + canonicalFilter: + type: string + description: >- + The default filter that is applied when a user performs a search + without checking any filters on the search page. The filter applied + to every search request when quality improvement such as query + expansion is needed. In the case a query does not have a sufficient + amount of results this filter will be used to determine whether or + not to enable the query expansion flow. The original filter will + still be used for the query expanded search. This field is strongly + recommended to achieve high search quality. For more information + about filter syntax, see SearchRequest.filter. + queryExpansionSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestQueryExpansionSpec + description: >- + The query expansion specification that specifies the conditions + under which query expansion occurs. + filter: + type: string + description: >- + The filter syntax consists of an expression language for + constructing a predicate from one or more fields of the documents + being filtered. Filter expression is case-sensitive. If this field + is unrecognizable, an `INVALID_ARGUMENT` is returned. Filtering in + Vertex AI Search is done by mapping the LHS filter key to a key + property defined in the Vertex AI Search backend -- this mapping is + defined by the customer in their schema. For example a media + customer might have a field 'name' in their schema. In this case the + filter would look like this: filter --> name:'ANY("king kong")' For + more information about filtering including syntax and filter + operators, see + [Filter](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) + searchAsYouTypeSpec: + description: >- + Search as you type configuration. Only supported for the + IndustryVertical.MEDIA vertical. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestSearchAsYouTypeSpec + crowdingSpecs: + type: array + description: >- + Optional. Crowding specifications for improving result diversity. If + multiple CrowdingSpecs are specified, crowding will be evaluated on + each unique combination of the `field` values, and max_count will be + the maximum value of `max_count` across all CrowdingSpecs. For + example, if the first CrowdingSpec has `field` = "color" and + `max_count` = 3, and the second CrowdingSpec has `field` = "size" + and `max_count` = 2, then after 3 documents that share the same + color AND size have been returned, subsequent ones should be removed + or demoted. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestCrowdingSpec + rankingExpression: + type: string + description: >- + Optional. The ranking expression controls the customized ranking on + retrieval documents. This overrides ServingConfig.ranking_expression. The syntax and supported features depend on the `ranking_expression_backend` value. If `ranking_expression_backend` is not provided, it defaults to @@ -384,10 +848,155 @@ components: proprietary Google model to determine the keyword-based overlap between the query and the document. * `base_rank`: the default rank of the result + offset: + type: integer + description: >- + A 0-indexed integer that specifies the current offset (that is, + starting result location, amongst the Documents deemed by the API as + relevant) in search results. This field is only considered if + page_token is unset. If this field is negative, an + `INVALID_ARGUMENT` is returned. A large offset may be capped to a + reasonable threshold. + format: int32 + dataStoreSpecs: + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestDataStoreSpec + type: array + description: >- + Specifications that define the specific DataStores to be searched, + along with configurations for those data stores. This is only + considered for Engines with multiple data stores. For engines with a + single data store, the specs directly under SearchRequest should be + used. + oneBoxPageSize: + type: integer + format: int32 + description: >- + The maximum number of results to return for OneBox. This applies to + each OneBox type individually. Default number is 10. + facetSpecs: + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestFacetSpec + description: >- + Facet specifications for faceted search. If empty, no facets are + returned. A maximum of 100 values are allowed. Otherwise, an + `INVALID_ARGUMENT` error is returned. + type: array + spellCorrectionSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestSpellCorrectionSpec + description: >- + The spell correction specification that specifies the mode under + which spell correction takes effect. + branch: + description: >- + The branch resource name, such as + `projects/*/locations/global/collections/default_collection/dataStores/default_data_store/branches/0`. + Use `default_branch` as the branch ID or leave this field empty, to + search documents under the default branch. + type: string + query: + type: string + description: Raw search query. + displaySpec: + description: >- + Optional. Config for display feature, like match highlighting on + search results. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestDisplaySpec + contentSearchSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpec + description: A specification for configuring the behavior of content search. + imageQuery: + description: Raw image query. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestImageQuery + searchAddonSpec: + description: >- + Optional. SearchAddonSpec is used to disable add-ons for search as + per new repricing model. This field is only supported for search + requests. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestSearchAddonSpec + regionCode: + type: string + description: >- + The Unicode country/region code (CLDR) of a location, such as "US" + and "419". For more information, see [Standard + fields](https://cloud.google.com/apis/design/standard_fields). If + set, then results will be boosted based on the region_code provided. + pageToken: + type: string + description: >- + A page token received from a previous SearchService.Search call. + Provide this to retrieve the subsequent page. When paginating, all + other parameters provided to SearchService.Search must match the + call that provided the page token. Otherwise, an `INVALID_ARGUMENT` + error is returned. + userInfo: + description: >- + Information about the end user. Highly recommended for analytics and + personalization. UserInfo.user_agent is used to deduce `device_type` + for analytics. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaUserInfo' + personalizationSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestPersonalizationSpec + description: >- + The specification for personalization. Notice that if both + ServingConfig.personalization_spec and + SearchRequest.personalization_spec are set, + SearchRequest.personalization_spec overrides + ServingConfig.personalization_spec. + userPseudoId: + description: >- + Optional. A unique identifier for tracking visitors. For example, + this could be implemented with an HTTP cookie, which should be able + to uniquely identify a visitor on a single device. This unique + identifier should not change if the visitor logs in or out of the + website. This field should NOT have a fixed value such as + `unknown_visitor`. This should be the same identifier as + UserEvent.user_pseudo_id and CompleteQueryRequest.user_pseudo_id The + field must be a UTF-8 encoded string with a length limit of 128 + characters. Otherwise, an `INVALID_ARGUMENT` error is returned. + type: string + embeddingSpec: + description: >- + Uses the provided embedding to do additional semantic document + retrieval. The retrieval is based on the dot product of + SearchRequest.EmbeddingSpec.EmbeddingVector.vector and the document + embedding that is provided in + SearchRequest.EmbeddingSpec.EmbeddingVector.field_path. If + SearchRequest.EmbeddingSpec.EmbeddingVector.field_path is not + provided, it will use ServingConfig.EmbeddingConfig.field_path. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestEmbeddingSpec + languageCode: type: string + description: >- + The BCP-47 language code, such as "en-US" or "sr-Latn". For more + information, see [Standard + fields](https://cloud.google.com/apis/design/standard_fields). This + field helps to better interpret the query. If a value isn't + specified, the query language code is automatically detected, which + may not be accurate. rankingExpressionBackend: - description: Optional. The backend to use for the ranking expression evaluation. + enumDeprecated: + - false + - true + - true + - false + - false type: string + enum: + - RANKING_EXPRESSION_BACKEND_UNSPECIFIED + - BYOE + - CLEARBOX + - RANK_BY_EMBEDDING + - RANK_BY_FORMULA enumDescriptions: - Default option for unspecified/unknown values. - >- @@ -403,1075 +1012,614 @@ components: Ranking by custom embedding model, the default way to evaluate the ranking expression. - Ranking by custom formula. - enumDeprecated: - - false - - true - - true - - false - - false - enum: - - RANKING_EXPRESSION_BACKEND_UNSPECIFIED - - BYOE - - CLEARBOX - - RANK_BY_EMBEDDING - - RANK_BY_FORMULA - safeSearch: - description: >- - Whether to turn on safe search. This is only supported for website - search. - type: boolean - userLabels: + description: Optional. The backend to use for the ranking expression evaluation. + params: description: >- - The user labels applied to a resource must meet the following - requirements: * Each resource can have multiple labels, up to a - maximum of 64. * Each label must be a key-value pair. * Keys have a - minimum length of 1 character and a maximum length of 63 characters - and cannot be empty. Values can be empty and have a maximum length - of 63 characters. * Keys and values can contain only lowercase - letters, numeric characters, underscores, and dashes. All characters - must use UTF-8 encoding, and international characters are allowed. * - The key portion of a label must be unique. However, you can use the - same key with multiple resources. * Keys must start with a lowercase - letter or international character. See [Google Cloud - Document](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) - for more details. - type: object + Additional search parameters. For public website search only, + supported values are: * `user_country_code`: string. Default empty. + If set to non-empty, results are restricted or boosted based on the + location provided. For example, `user_country_code: "au"` For + available codes see [Country + Codes](https://developers.google.com/custom-search/docs/json_api_reference#countryCodes) + * `search_type`: double. Default empty. Enables non-webpage + searching depending on the value. The only valid non-default value + is 1, which enables image searching. For example, `search_type: 1` additionalProperties: - type: string - searchAsYouTypeSpec: - description: >- - Search as you type configuration. Only supported for the - IndustryVertical.MEDIA vertical. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestSearchAsYouTypeSpec - displaySpec: + type: any + type: object + id: GoogleCloudDiscoveryengineV1betaSearchRequest + GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint: + id: >- + GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint + properties: + boostAmount: + type: number description: >- - Optional. Config for display feature, like match highlighting on - search results. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestDisplaySpec - session: + The value between -1 to 1 by which to boost the score if the + attribute_value evaluates to the value specified above. + format: float + attributeValue: + type: string description: >- - The session resource name. Optional. Session allows users to do - multi-turn /search API calls or coordination between /search API - calls and /answer API calls. Example #1 (multi-turn /search API - calls): Call /search API with the session ID generated in the first - call. Here, the previous search query gets considered in query - standing. I.e., if the first query is "How did Alphabet do in 2022?" - and the current query is "How about 2023?", the current query will - be interpreted as "How did Alphabet do in 2023?". Example #2 - (coordination between /search API calls and /answer API calls): Call - /answer API with the session ID generated in the first call. Here, - the answer generation happens in the context of the search results - from the first search call. Multi-turn Search feature is currently - at private GA stage. Please use v1alpha or v1beta version instead - before we launch this feature to public GA. Or ask for allowlisting - through Google Support team. - type: string - sessionSpec: - description: Session specification. Can be used only when `session` is set. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestSessionSpec - relevanceThreshold: - description: >- - The relevance threshold of the search results. Default to Google - defined threshold, leveraging a balance of precision and recall to - deliver both highly accurate results and comprehensive coverage of - relevant information. This feature is not supported for healthcare - search. - type: string - enumDescriptions: - - >- - Default value. In this case, server behavior defaults to Google - defined threshold. - - Lowest relevance threshold. - - Low relevance threshold. - - Medium relevance threshold. - - High relevance threshold. - enum: - - RELEVANCE_THRESHOLD_UNSPECIFIED - - LOWEST - - LOW - - MEDIUM - - HIGH - relevanceScoreSpec: - description: Optional. The specification for returning the relevance score. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestRelevanceScoreSpec - GoogleCloudDiscoveryengineV1SearchRequestImageQuery: - id: GoogleCloudDiscoveryengineV1SearchRequestImageQuery - description: Specifies the image query input. + Can be one of: 1. The numerical field value. 2. The duration spec + for freshness: The value must be formatted as an XSD + `dayTimeDuration` value (a restricted subset of an ISO 8601 duration + value). The pattern for this is: `nDnM]`. type: object - properties: - imageBytes: - description: >- - Base64 encoded image bytes. Supported image formats: JPEG, PNG, and - BMP. - type: string - GoogleCloudDiscoveryengineV1SearchRequestDataStoreSpec: - id: GoogleCloudDiscoveryengineV1SearchRequestDataStoreSpec description: >- - A struct to define data stores to filter on in a search call and - configurations for those data stores. Otherwise, an `INVALID_ARGUMENT` - error is returned. + The control points used to define the curve. The curve defined through + these control points can only be monotonically increasing or + decreasing(constant values are acceptable). + GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponse: + description: Response message for CompletionService.AdvancedCompleteQuery method. type: object + id: GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponse properties: - dataStore: - description: >- - Required. Full resource name of DataStore, such as - `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}`. - The path must include the project number, project id is not - supported for this field. - type: string - filter: + recentSearchSuggestions: description: >- - Optional. Filter specification to filter documents in the data store - specified by data_store field. For more information on filtering, - see - [Filtering](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) - type: string - boostSpec: + Results of the matched "recent search" suggestions. The result list + is ordered and the first result is the top suggestion. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseRecentSearchSuggestion + tailMatchTriggered: description: >- - Optional. Boost specification to boost certain documents. For more - information on boosting, see - [Boosting](https://cloud.google.com/generative-ai-app-builder/docs/boost-search-results) - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestBoostSpec - customSearchOperators: + True if the returned suggestions are all tail suggestions. For tail + matching to be triggered, include_tail_suggestions in the request + must be true and there must be no suggestions that match the full + query. + type: boolean + querySuggestions: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseQuerySuggestion description: >- - Optional. Custom search operators which if specified will be used to - filter results from workspace data stores. For more information on - custom search operators, see - [SearchOperators](https://support.google.com/cloudsearch/answer/6172299). - type: string - GoogleCloudDiscoveryengineV1SearchRequestBoostSpec: - id: GoogleCloudDiscoveryengineV1SearchRequestBoostSpec - description: Boost specification to boost certain documents. - type: object - properties: - conditionBoostSpecs: + Results of the matched query suggestions. The result list is ordered + and the first result is a top suggestion. + peopleSuggestions: description: >- - Condition boost specifications. If a document matches multiple - conditions in the specifications, boost scores from these - specifications are all applied and combined in a non-linear way. - Maximum number of specifications is 20. + Results of the matched people suggestions. The result list is + ordered and the first result is the top suggestion. type: array items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpec - GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpec: - id: GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpec - description: Boost applies to documents which match a condition. + #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponsePersonSuggestion + contentSuggestions: + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseContentSuggestion + type: array + description: >- + Results of the matched content suggestions. The result list is + ordered and the first result is the top suggestion. + GoogleCloudDiscoveryengineV1Engine: type: object + description: >- + Metadata that describes the training and serving parameters of an + Engine. properties: - condition: - description: >- - An expression which specifies a boost condition. The syntax and - supported fields are the same as a filter expression. See - SearchRequest.filter for detail syntax and limitations. Examples: * - To boost documents with document ID "doc_1" or "doc_2", and color - "Red" or "Blue": `(document_id: ANY("doc_1", "doc_2")) AND (color: - ANY("Red", "Blue"))` + updateTime: type: string - boost: - description: >- - Strength of the condition boost, which should be in [-1, 1]. - Negative boost means demotion. Default is 0.0. Setting to 1.0 gives - the document a big promotion. However, it does not necessarily mean - that the boosted document will be the top result at all times, nor - that other documents will be excluded. Results could still be shown - even when none of them matches the condition. And results that are - significantly more relevant to the search query can still trump your - heavily favored but irrelevant documents. Setting to -1.0 gives the - document a big demotion. However, results that are deeply relevant - might still be shown. The document will have an upstream battle to - get a fairly high ranking, but it is not blocked out completely. - Setting to 0.0 means no boost applied. The boosting condition is - ignored. Only one of the (condition, boost) combination or the - boost_control_spec below are set. If both are set then the global - boost is ignored and the more fine-grained boost_control_spec is - applied. - type: number - format: float - boostControlSpec: + description: Output only. Timestamp the Recommendation Engine was last updated. + readOnly: true + format: google-datetime + chatEngineMetadata: + readOnly: true description: >- - Complex specification for custom ranking based on customer defined - attribute value. + Output only. Additional information of the Chat Engine. Only + applicable if solution_type is SOLUTION_TYPE_CHAT. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpecBoostControlSpec - GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpecBoostControlSpec: - id: >- - GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpecBoostControlSpec - description: >- - Specification for custom ranking based on customer specified attribute - value. It provides more controls for customized ranking than the simple - (condition, boost) combination above. - type: object - properties: - fieldName: - description: >- - The name of the field whose value will be used to determine the - boost amount. - type: string - attributeType: + #/components/schemas/GoogleCloudDiscoveryengineV1EngineChatEngineMetadata + dataStoreIds: + items: + type: string + type: array description: >- - The attribute type to be used to determine the boost amount. The - attribute value can be derived from the field value of the specified - field_name. In the case of numerical it is straightforward i.e. - attribute_value = numerical_field_value. In the case of freshness - however, attribute_value = (time.now() - datetime_field_value). + Optional. The data stores associated with this engine. For + SOLUTION_TYPE_SEARCH and SOLUTION_TYPE_RECOMMENDATION type of + engines, they can only associate with at most one data store. If + solution_type is SOLUTION_TYPE_CHAT, multiple DataStores in the same + Collection can be associated here. Note that when used in + CreateEngineRequest, one DataStore id must be provided as the system + will use it for necessary initializations. + configurableBillingApproach: type: string + enum: + - CONFIGURABLE_BILLING_APPROACH_UNSPECIFIED + - CONFIGURABLE_BILLING_APPROACH_ENABLED + description: Optional. Configuration for configurable billing approach. enumDescriptions: - - Unspecified AttributeType. - >- - The value of the numerical field will be used to dynamically - update the boost amount. In this case, the attribute_value (the x - value) of the control point will be the actual value of the - numerical field for which the boost_amount is specified. + Default value. For Spark and non-Spark non-configurable billing + approach. General pricing model. + - The billing approach follows configurations specified by customer. + industryVertical: + type: string + description: >- + Optional. The industry vertical that the engine registers. The + restriction of the Engine industry vertical is based on DataStore: + Vertical on Engine has to match vertical of the DataStore linked to + the engine. + enum: + - INDUSTRY_VERTICAL_UNSPECIFIED + - GENERIC + - MEDIA + - HEALTHCARE_FHIR + enumDescriptions: + - Value used when unset. - >- - For the freshness use case the attribute value will be the - duration between the current time and the date in the datetime - field specified. The value must be formatted as an XSD - `dayTimeDuration` value (a restricted subset of an ISO 8601 - duration value). The pattern for this is: `nDnM]`. For example, - `5D`, `3DT12H30M`, `T24H`. + The generic vertical for documents that are not specific to any + industry vertical. + - The media industry vertical. + - The healthcare FHIR vertical. + mediaRecommendationEngineConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfig + description: >- + Configurations for the Media Engine. Only applicable on the data + stores with solution_type SOLUTION_TYPE_RECOMMENDATION and + IndustryVertical.MEDIA vertical. + chatEngineConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1EngineChatEngineConfig + description: >- + Configurations for the Chat Engine. Only applicable if solution_type + is SOLUTION_TYPE_CHAT. + appType: + enumDescriptions: + - All non specified apps. + - App type for intranet search and Agentspace. + description: >- + Optional. Immutable. This the application type which this engine + resource represents. NOTE: this is a new concept independ of + existing industry vertical or solution type. + type: string enum: - - ATTRIBUTE_TYPE_UNSPECIFIED - - NUMERICAL - - FRESHNESS - interpolationType: + - APP_TYPE_UNSPECIFIED + - APP_TYPE_INTRANET + disableAnalytics: + type: boolean description: >- - The interpolation type to be applied to connect the control points - listed below. + Optional. Whether to disable analytics for searches performed on + this engine. + createTime: + format: google-datetime + type: string + description: Output only. Timestamp the Recommendation Engine was created at. + readOnly: true + name: + description: >- + Immutable. Identifier. The fully qualified resource name of the + engine. This field must be a UTF-8 encoded string with a length + limit of 1024 characters. Format: + `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}` + engine should be 1-63 characters, and valid characters are + /a-z0-9*/. Otherwise, an INVALID_ARGUMENT error is returned. type: string + modelConfigs: + additionalProperties: + type: string + enum: + - MODEL_STATE_UNSPECIFIED + - MODEL_ENABLED + - MODEL_DISABLED + enumDescriptions: + - The model state is unspecified. + - The model is enabled by admin. + - The model is disabled by admin. + description: >- + Optional. Maps a model name to its specific configuration for this + engine. This allows admin users to turn on/off individual models. + This only stores models whose states are overridden by the admin. + When the state is unspecified, or model_configs is empty for this + model, the system will decide if this model should be available or + not based on the default configuration. For example, a preview model + should be disabled by default if the admin has not chosen to enable + it. + type: object + solutionType: + description: Required. The solutions of the engine. enumDescriptions: + - Default value. + - Used for Recommendations AI. + - Used for Discovery Search. + - Used for use cases related to the Generative AI agent. - >- - Interpolation type is unspecified. In this case, it defaults to - Linear. - - Piecewise linear interpolation will be applied. + Used for use cases related to the Generative Chat agent. It's used + for Generative chat engine only, the associated data stores must + enrolled with `SOLUTION_TYPE_CHAT` solution. + type: string enum: - - INTERPOLATION_TYPE_UNSPECIFIED - - LINEAR - controlPoints: + - SOLUTION_TYPE_UNSPECIFIED + - SOLUTION_TYPE_RECOMMENDATION + - SOLUTION_TYPE_SEARCH + - SOLUTION_TYPE_CHAT + - SOLUTION_TYPE_GENERATIVE_CHAT + displayName: description: >- - The control points used to define the curve. The monotonic function - (defined through the interpolation_type above) passes through the - control points listed here. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint - GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint: - id: >- - GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint + Required. The display name of the engine. Should be human readable. + UTF-8 encoded string with limit of 1024 characters. + type: string + cmekConfig: + readOnly: true + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CmekConfig' + description: Output only. CMEK-related information for the Engine. + searchEngineConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1EngineSearchEngineConfig + description: >- + Configurations for the Search Engine. Only applicable if + solution_type is SOLUTION_TYPE_SEARCH. + commonConfig: + description: Common config spec that specifies the metadata of the engine. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1EngineCommonConfig' + features: + description: >- + Optional. Feature config for the engine to opt in or opt out of + features. Supported keys: * `*`: all features, if it's present, all + other feature state settings are ignored. * `agent-gallery` * + `no-code-agent-builder` * `prompt-gallery` * `model-selector` * + `notebook-lm` * `people-search` * `people-search-org-chart` * + `bi-directional-audio` * `feedback` * `session-sharing` * + `personalization-memory` * `disable-agent-sharing` * + `disable-image-generation` * `disable-video-generation` * + `disable-onedrive-upload` * `disable-talk-to-content` * + `disable-google-drive-upload` + additionalProperties: + enum: + - FEATURE_STATE_UNSPECIFIED + - FEATURE_STATE_ON + - FEATURE_STATE_OFF + enumDescriptions: + - The feature state is unspecified. + - The feature is turned on to be accessible. + - The feature is turned off to be inaccessible. + type: string + type: object + id: GoogleCloudDiscoveryengineV1Engine + GoogleApiMonitoredResourceMetadata: + type: object + properties: + userLabels: + description: Output only. A map of user-defined metadata labels. + type: object + additionalProperties: + type: string + systemLabels: + type: object + additionalProperties: + type: any + description: Properties of the object. + description: >- + Output only. Values for predefined system metadata labels. System + labels are a kind of metadata extracted by Google, including + "machine_image", "vpc", "subnet_id", "security_group", "name", etc. + System label values can be only strings, Boolean values, or a list + of strings. For example: { "name": "my-test-instance", + "security_group": ["a", "b", "c"], "spot_instance": false } + id: GoogleApiMonitoredResourceMetadata description: >- - The control points used to define the curve. The curve defined through - these control points can only be monotonically increasing or - decreasing(constant values are acceptable). + Auxiliary metadata for a MonitoredResource object. MonitoredResource + objects contain the minimum set of information to uniquely identify a + monitored resource instance. There is some other useful auxiliary + metadata. Monitoring and Logging use an ingestion pipeline to extract + metadata for cloud resources of all types, and store the metadata in + this message. + GoogleCloudDiscoveryengineV1betaLanguageInfo: type: object + description: Language info for DataStore. properties: - attributeValue: + languageCode: + description: The language code for the DataStore. + type: string + region: description: >- - Can be one of: 1. The numerical field value. 2. The duration spec - for freshness: The value must be formatted as an XSD - `dayTimeDuration` value (a restricted subset of an ISO 8601 duration - value). The pattern for this is: `nDnM]`. + Output only. Region part of normalized_language_code, if present. + E.g.: `en-US` -> `US`, `zh-Hans-HK` -> `HK`, `en` -> ``. type: string - boostAmount: + readOnly: true + language: + readOnly: true description: >- - The value between -1 to 1 by which to boost the score if the - attribute_value evaluates to the value specified above. - type: number - format: float - GoogleCloudDiscoveryengineV1UserInfo: - id: GoogleCloudDiscoveryengineV1UserInfo - description: Information of an end user. + Output only. Language part of normalized_language_code. E.g.: + `en-US` -> `en`, `zh-Hans-HK` -> `zh`, `en` -> `en`. + type: string + normalizedLanguageCode: + readOnly: true + description: >- + Output only. This is the normalized form of language_code. E.g.: + language_code of `en-GB`, `en_GB`, `en-UK` or `en-gb` will have + normalized_language_code of `en-GB`. + type: string + id: GoogleCloudDiscoveryengineV1betaLanguageInfo + GoogleCloudDiscoveryengineV1betaImportSampleQueriesMetadata: + id: GoogleCloudDiscoveryengineV1betaImportSampleQueriesMetadata type: object properties: - userId: - description: >- - Highly recommended for logged-in users. Unique identifier for - logged-in user, such as a user name. Don't set for anonymous users. - Always use a hashed value for this ID. Don't set the field to the - same fixed ID for different users. This mixes the event history of - those users together, which results in degraded model quality. The - field must be a UTF-8 encoded string with a length limit of 128 - characters. Otherwise, an `INVALID_ARGUMENT` error is returned. + failureCount: + description: Count of SampleQuerys that failed to be imported. type: string - userAgent: + format: int64 + createTime: + description: ImportSampleQueries operation create time. + format: google-datetime + type: string + updateTime: + type: string + format: google-datetime description: >- - User agent as included in the HTTP header. The field must be a UTF-8 - encoded string with a length limit of 1,000 characters. Otherwise, - an `INVALID_ARGUMENT` error is returned. This should not be set when - using the client side event reporting with GTM or JavaScript tag in - UserEventService.CollectUserEvent or if - UserEvent.direct_user_request is set. + ImportSampleQueries operation last update time. If the operation is + done, this is also the finish time. + totalCount: type: string - timeZone: - description: Optional. IANA time zone, e.g. Europe/Budapest. + description: Total count of SampleQuerys that were processed. + format: int64 + successCount: + description: Count of SampleQuerys successfully imported. type: string - GoogleCloudDiscoveryengineV1SearchRequestFacetSpec: - id: GoogleCloudDiscoveryengineV1SearchRequestFacetSpec - description: A facet specification to perform faceted search. + format: int64 + description: >- + Metadata related to the progress of the ImportSampleQueries operation. + This will be returned by the google.longrunning.Operation.metadata + field. + GoogleCloudDiscoveryengineV1alphaUpdateCmekConfigMetadata: type: object + id: GoogleCloudDiscoveryengineV1alphaUpdateCmekConfigMetadata properties: - facetKey: - description: Required. The facet key specification. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestFacetSpecFacetKey - limit: + updateTime: + type: string + format: google-datetime description: >- - Maximum facet values that are returned for this facet. If - unspecified, defaults to 20. The maximum allowed value is 300. - Values above 300 are coerced to 300. For aggregation in healthcare - search, when the [FacetKey.key] is "healthcare_aggregation_key", the - limit will be overridden to 10,000 internally, regardless of the - value set here. If this field is negative, an `INVALID_ARGUMENT` is - returned. + Operation last update time. If the operation is done, this is also + the finish time. + createTime: + type: string + format: google-datetime + description: Operation create time. + description: >- + Metadata related to the progress of the + CmekConfigService.UpdateCmekConfig operation. This will be returned by + the google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecExtractiveContentSpec: + type: object + properties: + maxExtractiveSegmentCount: + format: int32 + description: >- + The max number of extractive segments returned in each search + result. Only applied if the DataStore is set to + DataStore.ContentConfig.CONTENT_REQUIRED or DataStore.solution_types + is SOLUTION_TYPE_CHAT. An extractive segment is a text segment + extracted from the original document that is relevant to the search + query, and, in general, more verbose than an extractive answer. The + segment could then be used as input for LLMs to generate summaries + and answers. If the number of matching segments is less than + `max_extractive_segment_count`, return all of the segments. + Otherwise, return the `max_extractive_segment_count`. + type: integer + numNextSegments: + description: >- + Return at most `num_next_segments` segments after each selected + segments. type: integer format: int32 - excludedFilterKeys: + numPreviousSegments: description: >- - List of keys to exclude when faceting. By default, FacetKey.key is - not excluded from the filter unless it is listed in this field. - Listing a facet key in this field allows its values to appear as - facet results, even when they are filtered out of search results. - Using this field does not affect what search results are returned. - For example, suppose there are 100 documents with the color facet - "Red" and 200 documents with the color facet "Blue". A query - containing the filter "color:ANY("Red")" and having "color" as - FacetKey.key would by default return only "Red" documents in the - search results, and also return "Red" with count 100 as the only - color facet. Although there are also blue documents available, - "Blue" would not be shown as an available facet value. If "color" is - listed in "excludedFilterKeys", then the query returns the facet - values "Red" with count 100 and "Blue" with count 200, because the - "color" key is now excluded from the filter. Because this field - doesn't affect search results, the search results are still - correctly filtered to return only "Red" documents. A maximum of 100 - values are allowed. Otherwise, an `INVALID_ARGUMENT` error is - returned. - type: array - items: - type: string - enableDynamicPosition: - description: >- - Enables dynamic position for this facet. If set to true, the - position of this facet among all facets in the response is - determined automatically. If dynamic facets are enabled, it is - ordered together. If set to false, the position of this facet in the - response is the same as in the request, and it is ranked before the - facets with dynamic position enable and all dynamic facets. For - example, you may always want to have rating facet returned in the - response, but it's not necessarily to always display the rating - facet at the top. In that case, you can set enable_dynamic_position - to true so that the position of rating facet in response is - determined automatically. Another example, assuming you have the - following facets in the request: * "rating", enable_dynamic_position - = true * "price", enable_dynamic_position = false * "brands", - enable_dynamic_position = false And also you have a dynamic facets - enabled, which generates a facet `gender`. Then the final order of - the facets in the response can be ("price", "brands", "rating", - "gender") or ("price", "brands", "gender", "rating") depends on how - API orders "gender" and "rating" facets. However, notice that - "price" and "brands" are always ranked at first and second position - because their enable_dynamic_position is false. - type: boolean - GoogleCloudDiscoveryengineV1SearchRequestFacetSpecFacetKey: - id: GoogleCloudDiscoveryengineV1SearchRequestFacetSpecFacetKey - description: Specifies how a facet is computed. - type: object - properties: - key: - description: >- - Required. Supported textual and numerical facet keys in Document - object, over which the facet values are computed. Facet key is - case-sensitive. - type: string - intervals: - description: >- - Set only if values should be bucketed into intervals. Must be set - for facets with numerical values. Must not be set for facet with - text values. Maximum number of intervals is 30. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Interval' - restrictedValues: - description: >- - Only get facet for the given restricted values. Only supported on - textual fields. For example, suppose "category" has three values - "Action > 2022", "Action > 2021" and "Sci-Fi > 2022". If set - "restricted_values" to "Action > 2022", the "category" facet only - contains "Action > 2022". Only supported on textual fields. Maximum - is 10. - type: array - items: - type: string - prefixes: - description: >- - Only get facet values that start with the given string prefix. For - example, suppose "category" has three values "Action > 2022", - "Action > 2021" and "Sci-Fi > 2022". If set "prefixes" to "Action", - the "category" facet only contains "Action > 2022" and "Action > - 2021". Only supported on textual fields. Maximum is 10. - type: array - items: - type: string - contains: + Specifies whether to also include the adjacent from each selected + segments. Return at most `num_previous_segments` segments before + each selected segments. + format: int32 + type: integer + maxExtractiveAnswerCount: + format: int32 + type: integer description: >- - Only get facet values that contain the given strings. For example, - suppose "category" has three values "Action > 2022", "Action > 2021" - and "Sci-Fi > 2022". If set "contains" to "2022", the "category" - facet only contains "Action > 2022" and "Sci-Fi > 2022". Only - supported on textual fields. Maximum is 10. - type: array - items: - type: string - caseInsensitive: + The maximum number of extractive answers returned in each search + result. An extractive answer is a verbatim answer extracted from the + original document, which provides a precise and contextually + relevant answer to the search query. If the number of matching + answers is less than the `max_extractive_answer_count`, return all + of the answers. Otherwise, return the `max_extractive_answer_count`. + At most five answers are returned for each SearchResult. + returnExtractiveSegmentScore: description: >- - True to make facet keys case insensitive when getting faceting - values with prefixes or contains; false otherwise. + Specifies whether to return the confidence score from the extractive + segments in each search result. This feature is available only for + new or allowlisted data stores. To allowlist your data store, + contact your Customer Engineer. The default value is `false`. type: boolean - orderBy: - description: >- - The order in which documents are returned. Allowed values are: * - "count desc", which means order by SearchResponse.Facet.values.count - descending. * "value desc", which means order by - SearchResponse.Facet.values.value descending. Only applies to - textual facets. If not set, textual values are sorted in [natural - order](https://en.wikipedia.org/wiki/Natural_sort_order); numerical - intervals are sorted in the order given by - FacetSpec.FacetKey.intervals. - type: string - GoogleCloudDiscoveryengineV1Interval: - id: GoogleCloudDiscoveryengineV1Interval - description: A floating point interval. - type: object - properties: - minimum: - description: Inclusive lower bound. - type: number - format: double - exclusiveMinimum: - description: Exclusive lower bound. - type: number - format: double - maximum: - description: Inclusive upper bound. - type: number - format: double - exclusiveMaximum: - description: Exclusive upper bound. - type: number - format: double - GoogleCloudDiscoveryengineV1SearchRequestQueryExpansionSpec: - id: GoogleCloudDiscoveryengineV1SearchRequestQueryExpansionSpec description: >- - Specification to determine under which conditions query expansion should - occur. + A specification for configuring the extractive content in a search + response. + id: >- + GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecExtractiveContentSpec + GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigMostPopularFeatureConfig: + id: >- + GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigMostPopularFeatureConfig type: object properties: - condition: - description: >- - The condition under which query expansion should occur. Default to - Condition.DISABLED. + timeWindowDays: type: string - enumDescriptions: - - >- - Unspecified query expansion condition. In this case, server - behavior defaults to Condition.DISABLED. - - >- - Disabled query expansion. Only the exact search query is used, - even if SearchResponse.total_size is zero. - - Automatic query expansion built by the Search API. - enum: - - CONDITION_UNSPECIFIED - - DISABLED - - AUTO - pinUnexpandedResults: + format: int64 description: >- - Whether to pin unexpanded results. If this field is set to true, - unexpanded products are always at the top of the search results, - followed by the expanded results. - type: boolean - GoogleCloudDiscoveryengineV1SearchRequestSpellCorrectionSpec: - id: GoogleCloudDiscoveryengineV1SearchRequestSpellCorrectionSpec - description: The specification for query spell correction. - type: object + The time window of which the engine is queried at training and + prediction time. Positive integers only. The value translates to the + last X days of events. Currently required for the + `most-popular-items` engine. + description: >- + Feature configurations that are required for creating a Most Popular + engine. + GoogleCloudDiscoveryengineV1betaUpdateSchemaMetadata: properties: - mode: + updateTime: + type: string description: >- - The mode under which spell correction replaces the original search - query. Defaults to Mode.AUTO. + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + createTime: + description: Operation create time. + format: google-datetime type: string - enumDescriptions: - - >- - Unspecified spell correction mode. In this case, server behavior - defaults to Mode.AUTO. - - >- - Search API tries to find a spelling suggestion. If a suggestion is - found, it is put in the SearchResponse.corrected_query. The - spelling suggestion won't be used as the search query. - - >- - Automatic spell correction built by the Search API. Search will be - based on the corrected query if found. - enum: - - MODE_UNSPECIFIED - - SUGGESTION_ONLY - - AUTO - GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpec: - id: GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpec - description: A specification for configuring the behavior of content search. type: object + id: GoogleCloudDiscoveryengineV1betaUpdateSchemaMetadata + description: Metadata for UpdateSchema LRO. + GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpec: properties: - snippetSpec: - description: >- - If `snippetSpec` is not specified, snippets are not included in the - search response. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSnippetSpec - summarySpec: - description: >- - If `summarySpec` is not specified, summaries are not included in the - search response. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpec - extractiveContentSpec: - description: >- - If there is no extractive_content_spec provided, there will be no - extractive answer in the search response. + searchParams: + description: Search parameters. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecExtractiveContentSpec - searchResultMode: - description: >- - Specifies the search result mode. If unspecified, the search result - mode defaults to `DOCUMENTS`. - type: string - enumDescriptions: - - Default value. - - Returns documents in the search result. - - >- - Returns chunks in the search result. Only available if the - DocumentProcessingConfig.chunking_config is specified. - enum: - - SEARCH_RESULT_MODE_UNSPECIFIED - - DOCUMENTS - - CHUNKS - chunkSpec: - description: >- - Specifies the chunk spec to be returned from the search response. - Only available if the - SearchRequest.ContentSearchSpec.search_result_mode is set to CHUNKS + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchParams + searchResultList: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecChunkSpec - GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSnippetSpec: - id: GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSnippetSpec - description: A specification for configuring snippets in a search response. + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultList + description: Search result list. type: object + description: Search specification. + id: GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpec + GoogleCloudDiscoveryengineV1CreateTargetSiteMetadata: + description: >- + Metadata related to the progress of the + SiteSearchEngineService.CreateTargetSite operation. This will be + returned by the google.longrunning.Operation.metadata field. properties: - maxSnippetCount: - description: >- - [DEPRECATED] This field is deprecated. To control snippet return, - use `return_snippet` field. For backwards compatibility, we will - return snippet if max_snippet_count > 0. - deprecated: true - type: integer - format: int32 - referenceOnly: - description: >- - [DEPRECATED] This field is deprecated and will have no affect on the - snippet. - deprecated: true - type: boolean - returnSnippet: + updateTime: + format: google-datetime description: >- - If `true`, then return snippet. If no snippet can be generated, we - return "No snippet is available for this page." A `snippet_status` - with `SUCCESS` or `NO_SNIPPET_AVAILABLE` will also be returned. - type: boolean - GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpec: - id: GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpec - description: A specification for configuring a summary returned in a search response. + Operation last update time. If the operation is done, this is also + the finish time. + type: string + createTime: + description: Operation create time. + type: string + format: google-datetime type: object + id: GoogleCloudDiscoveryengineV1CreateTargetSiteMetadata + GoogleCloudDiscoveryengineV1CloudSqlSource: properties: - summaryResultCount: - description: >- - The number of top results to generate the summary from. If the - number of results returned is less than `summaryResultCount`, the - summary is generated from all of the results. At most 10 results for - documents mode, or 50 for chunks mode, can be used to generate a - summary. The chunks mode is used when - SearchRequest.ContentSearchSpec.search_result_mode is set to CHUNKS. - type: integer - format: int32 - includeCitations: - description: >- - Specifies whether to include citations in the summary. The default - value is `false`. When this field is set to `true`, summaries - include in-line citation numbers. Example summary including - citations: BigQuery is Google Cloud's fully managed and completely - serverless enterprise data warehouse [1]. BigQuery supports all data - types, works across clouds, and has built-in machine learning and - business intelligence, all within a unified platform [2, 3]. The - citation numbers refer to the returned search results and are - 1-indexed. For example, [1] means that the sentence is attributed to - the first search result. [2, 3] means that the sentence is - attributed to both the second and third search results. - type: boolean - ignoreAdversarialQuery: - description: >- - Specifies whether to filter out adversarial queries. The default - value is `false`. Google employs search-query classification to - detect adversarial queries. No summary is returned if the search - query is classified as an adversarial query. For example, a user - might ask a question regarding negative comments about the company - or submit a query designed to generate unsafe, policy-violating - output. If this field is set to `true`, we skip generating summaries - for adversarial queries and return fallback messages instead. - type: boolean - ignoreNonSummarySeekingQuery: - description: >- - Specifies whether to filter out queries that are not - summary-seeking. The default value is `false`. Google employs - search-query classification to detect summary-seeking queries. No - summary is returned if the search query is classified as a - non-summary seeking query. For example, `why is the sky blue` and - `Who is the best soccer player in the world?` are summary-seeking - queries, but `SFO airport` and `world cup 2026` are not. They are - most likely navigational queries. If this field is set to `true`, we - skip generating summaries for non-summary seeking queries and return - fallback messages instead. - type: boolean - ignoreLowRelevantContent: - description: >- - Specifies whether to filter out queries that have low relevance. The - default value is `false`. If this field is set to `false`, all - search results are used regardless of relevance to generate answers. - If set to `true`, only queries with high relevance search results - will generate answers. - type: boolean - ignoreJailBreakingQuery: + offload: description: >- - Optional. Specifies whether to filter out jail-breaking queries. The - default value is `false`. Google employs search-query classification - to detect jail-breaking queries. No summary is returned if the - search query is classified as a jail-breaking query. A user might - add instructions to the query to change the tone, style, language, - content of the answer, or ask the model to act as a different - entity, e.g. "Reply in the tone of a competing company's CEO". If - this field is set to `true`, we skip generating summaries for - jail-breaking queries and return fallback messages instead. + Option for serverless export. Enabling this option will incur + additional cost. More info can be found + [here](https://cloud.google.com/sql/pricing#serverless). type: boolean - modelPromptSpec: + projectId: description: >- - If specified, the spec will be used to modify the prompt provided to - the LLM. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpecModelPromptSpec - languageCode: + The project ID that contains the Cloud SQL source. Has a length + limit of 128 characters. If not specified, inherits the project ID + from the parent request. + type: string + databaseId: description: >- - Language code for Summary. Use language tags defined by - [BCP47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). Note: This is - an experimental feature. + Required. The Cloud SQL database to copy the data from with a length + limit of 256 characters. + type: string + gcsStagingDir: type: string - modelSpec: description: >- - If specified, the spec will be used to modify the model - specification provided to the LLM. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpecModelSpec - useSemanticChunks: + Intermediate Cloud Storage directory used for the import with a + length limit of 2,000 characters. Can be specified if one wants to + have the Cloud SQL export to a specific Cloud Storage directory. + Ensure that the Cloud SQL service account has the necessary Cloud + Storage Admin permissions to access the specified Cloud Storage + directory. + tableId: description: >- - If true, answer will be generated from most relevant chunks from top - search results. This feature will improve summary quality. Note that - with this feature enabled, not all top search results will be - referenced and included in the reference list, so the citation - source index only points to the search results listed in the - reference list. - type: boolean - GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpecModelPromptSpec: - id: >- - GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpecModelPromptSpec - description: Specification of the prompt to use with the model. - type: object - properties: - preamble: + Required. The Cloud SQL table to copy the data from with a length + limit of 256 characters. + type: string + instanceId: description: >- - Text at the beginning of the prompt that instructs the assistant. - Examples are available in the user guide. + Required. The Cloud SQL instance to copy the data from with a length + limit of 256 characters. type: string - GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpecModelSpec: - id: >- - GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpecModelSpec - description: Specification of the model. + description: Cloud SQL source import data from. + id: GoogleCloudDiscoveryengineV1CloudSqlSource type: object + GoogleCloudDiscoveryengineV1betaProjectCustomerProvidedConfigNotebooklmConfigModelArmorConfig: properties: - version: + userPromptTemplate: + type: string description: >- - The model version used to generate the summary. Supported values - are: * `stable`: string. Default value when no value is specified. - Uses a generally available, fine-tuned model. For more information, - see [Answer generation model versions and - lifecycle](https://cloud.google.com/generative-ai-app-builder/docs/answer-generation-models). - * `preview`: string. (Public preview) Uses a preview model. For more - information, see [Answer generation model versions and - lifecycle](https://cloud.google.com/generative-ai-app-builder/docs/answer-generation-models). + Optional. The resource name of the Model Armor Template for + sanitizing user prompts. Format: + projects/{project}/locations/{location}/templates/{template_id} If + not specified, no sanitization will be applied to the user prompt. + responseTemplate: type: string - GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecExtractiveContentSpec: + description: >- + Optional. The resource name of the Model Armor Template for + sanitizing LLM responses. Format: + projects/{project}/locations/{location}/templates/{template_id} If + not specified, no sanitization will be applied to the LLM response. id: >- - GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecExtractiveContentSpec - description: >- - A specification for configuring the extractive content in a search - response. + GoogleCloudDiscoveryengineV1betaProjectCustomerProvidedConfigNotebooklmConfigModelArmorConfig type: object + description: >- + Configuration for customer defined Model Armor templates to be used for + sanitizing user prompts and LLM responses. + GoogleCloudDiscoveryengineV1alphaSearchRequestSessionSpec: + description: >- + Session specification. Multi-turn Search feature is currently at private + GA stage. Please use v1alpha or v1beta version instead before we launch + this feature to public GA. Or ask for allowlisting through Google + Support team. + id: GoogleCloudDiscoveryengineV1alphaSearchRequestSessionSpec properties: - maxExtractiveAnswerCount: + queryId: + type: string description: >- - The maximum number of extractive answers returned in each search - result. An extractive answer is a verbatim answer extracted from the - original document, which provides a precise and contextually - relevant answer to the search query. If the number of matching - answers is less than the `max_extractive_answer_count`, return all - of the answers. Otherwise, return the `max_extractive_answer_count`. - At most five answers are returned for each SearchResult. - type: integer + If set, the search result gets stored to the "turn" specified by + this query ID. Example: Let's say the session looks like this: + session { name: ".../sessions/xxx" turns { query { text: "What is + foo?" query_id: ".../questions/yyy" } answer: "Foo is ..." } turns { + query { text: "How about bar then?" query_id: ".../questions/zzz" } + } } The user can call /search API with a request like this: session: + ".../sessions/xxx" session_spec { query_id: ".../questions/zzz" } + Then, the API stores the search result, associated with the last + turn. The stored search result can be used by a subsequent /answer + API call (with the session ID and the query ID specified). Also, it + is possible to call /search and /answer in parallel with the same + session ID & query ID. + searchResultPersistenceCount: format: int32 - maxExtractiveSegmentCount: - description: >- - The max number of extractive segments returned in each search - result. Only applied if the DataStore is set to - DataStore.ContentConfig.CONTENT_REQUIRED or DataStore.solution_types - is SOLUTION_TYPE_CHAT. An extractive segment is a text segment - extracted from the original document that is relevant to the search - query, and, in general, more verbose than an extractive answer. The - segment could then be used as input for LLMs to generate summaries - and answers. If the number of matching segments is less than - `max_extractive_segment_count`, return all of the segments. - Otherwise, return the `max_extractive_segment_count`. type: integer - format: int32 - returnExtractiveSegmentScore: - description: >- - Specifies whether to return the confidence score from the extractive - segments in each search result. This feature is available only for - new or allowlisted data stores. To allowlist your data store, - contact your Customer Engineer. The default value is `false`. - type: boolean - numPreviousSegments: - description: >- - Specifies whether to also include the adjacent from each selected - segments. Return at most `num_previous_segments` segments before - each selected segments. - type: integer - format: int32 - numNextSegments: - description: >- - Return at most `num_next_segments` segments after each selected - segments. - type: integer - format: int32 - GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecChunkSpec: - id: GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecChunkSpec - description: >- - Specifies the chunk spec to be returned from the search response. Only - available if the SearchRequest.ContentSearchSpec.search_result_mode is - set to CHUNKS - type: object - properties: - numPreviousChunks: - description: >- - The number of previous chunks to be returned of the current chunk. - The maximum allowed value is 3. If not specified, no previous chunks - will be returned. - type: integer - format: int32 - numNextChunks: - description: >- - The number of next chunks to be returned of the current chunk. The - maximum allowed value is 3. If not specified, no next chunks will be - returned. - type: integer - format: int32 - GoogleCloudDiscoveryengineV1SearchRequestSearchAsYouTypeSpec: - id: GoogleCloudDiscoveryengineV1SearchRequestSearchAsYouTypeSpec - description: Specification for search as you type in search requests. - type: object - properties: - condition: - description: >- - The condition under which search as you type should occur. Default - to Condition.DISABLED. - type: string - enumDescriptions: - - Server behavior defaults to Condition.DISABLED. - - Disables Search As You Type. - - Enables Search As You Type. - - >- - Automatic switching between search-as-you-type and standard search - modes, ideal for single-API implementations (e.g., debouncing). - enum: - - CONDITION_UNSPECIFIED - - DISABLED - - ENABLED - - AUTO - GoogleCloudDiscoveryengineV1SearchRequestDisplaySpec: - id: GoogleCloudDiscoveryengineV1SearchRequestDisplaySpec - description: Specifies features for display, like match highlighting. - type: object - properties: - matchHighlightingCondition: - description: The condition under which match highlighting should occur. - type: string - enumDescriptions: - - Server behavior is the same as `MATCH_HIGHLIGHTING_DISABLED`. - - Disables match highlighting on all documents. - - Enables match highlighting on all documents. - enum: - - MATCH_HIGHLIGHTING_CONDITION_UNSPECIFIED - - MATCH_HIGHLIGHTING_DISABLED - - MATCH_HIGHLIGHTING_ENABLED - GoogleCloudDiscoveryengineV1SearchRequestSessionSpec: - id: GoogleCloudDiscoveryengineV1SearchRequestSessionSpec - description: >- - Session specification. Multi-turn Search feature is currently at private - GA stage. Please use v1alpha or v1beta version instead before we launch - this feature to public GA. Or ask for allowlisting through Google - Support team. - type: object - properties: - queryId: - description: >- - If set, the search result gets stored to the "turn" specified by - this query ID. Example: Let's say the session looks like this: - session { name: ".../sessions/xxx" turns { query { text: "What is - foo?" query_id: ".../questions/yyy" } answer: "Foo is ..." } turns { - query { text: "How about bar then?" query_id: ".../questions/zzz" } - } } The user can call /search API with a request like this: session: - ".../sessions/xxx" session_spec { query_id: ".../questions/zzz" } - Then, the API stores the search result, associated with the last - turn. The stored search result can be used by a subsequent /answer - API call (with the session ID and the query ID specified). Also, it - is possible to call /search and /answer in parallel with the same - session ID & query ID. - type: string - searchResultPersistenceCount: description: >- The number of top search results to persist. The persisted search results can be used for the subsequent /answer api call. This field is similar to the `summary_result_count` field in SearchRequest.ContentSearchSpec.SummarySpec.summary_result_count. At most 10 results for documents mode, or 50 for chunks mode. - type: integer - format: int32 - GoogleCloudDiscoveryengineV1SearchRequestRelevanceScoreSpec: - id: GoogleCloudDiscoveryengineV1SearchRequestRelevanceScoreSpec - description: The specification for returning the document relevance score. type: object - properties: - returnRelevanceScore: - description: >- - Optional. Whether to return the relevance score for search results. - The higher the score, the more relevant the document is to the - query. - type: boolean - GoogleCloudDiscoveryengineV1SearchResponse: - id: GoogleCloudDiscoveryengineV1SearchResponse - description: Response message for SearchService.Search method. + GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigOptimizationObjectiveConfig: type: object properties: - results: - description: A list of matched documents. The order represents the ranking. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSearchResult - facets: - description: Results of facets requested by user. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseFacet - totalSize: - description: >- - The estimated total count of matched items irrespective of - pagination. The count of results returned by pagination may be less - than the total_size that matches. - type: integer - format: int32 - attributionToken: - description: >- - A unique search token. This should be included in the UserEvent logs - resulting from this search, which enables accurate attribution of - search model performance. This also helps to identify a request - during the customer support scenarios. - type: string - redirectUri: - description: >- - The URI of a customer-defined redirect page. If redirect action is - triggered, no search is performed, and only redirect_uri and - attribution_token are set in the response. - type: string - nextPageToken: - description: >- - A token that can be sent as SearchRequest.page_token to retrieve the - next page. If this field is omitted, there are no subsequent pages. - type: string - correctedQuery: - description: >- - Contains the spell corrected query, if found. If the spell - correction type is AUTOMATIC, then the search results are based on - corrected_query. Otherwise the original query is used for search. + targetFieldValueFloat: + type: number + format: float + description: Required. The threshold to be applied to the target (e.g., 0.5). + targetField: type: string - summary: - description: >- - A summary as part of the search results. This field is only returned - if SearchRequest.ContentSearchSpec.summary_spec is set. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummary - queryExpansionInfo: - description: Query expansion information for the returned results. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseQueryExpansionInfo - sessionInfo: description: >- - Session information. Only set if SearchRequest.session is provided. - See its description for more details. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSessionInfo - searchLinkPromotions: - description: Promotions for site search. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchLinkPromotion - GoogleCloudDiscoveryengineV1SearchResponseSearchResult: - id: GoogleCloudDiscoveryengineV1SearchResponseSearchResult - description: Represents the search results. - type: object + Required. The name of the field to target. Currently supported + values: `watch-percentage`, `watch-time`. + description: Custom threshold for `cvr` optimization_objective. + id: >- + GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigOptimizationObjectiveConfig + GoogleCloudDiscoveryengineV1betaEngineCommonConfig: properties: - id: - description: Document.id of the searched Document. + companyName: type: string - document: - description: >- - The document data snippet in the search response. Only fields that - are marked as `retrievable` are populated. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' - chunk: description: >- - The chunk data in the search response if the - SearchRequest.ContentSearchSpec.search_result_mode is set to CHUNKS. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Chunk' - modelScores: - description: Output only. Google provided available scores. - readOnly: true - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DoubleList' - rankSignals: - description: Optional. A set of ranking signals associated with the result. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSearchResultRankSignals - GoogleCloudDiscoveryengineV1Document: - id: GoogleCloudDiscoveryengineV1Document - description: >- - Document captures all raw metadata information of items to be - recommended or searched. + The name of the company, business or entity that is associated with + the engine. Setting this may help improve LLM related features. + id: GoogleCloudDiscoveryengineV1betaEngineCommonConfig + description: Common configurations for an Engine. type: object - properties: - structData: - description: >- - The structured JSON data for the document. It should conform to the - registered Schema or an `INVALID_ARGUMENT` error is thrown. - type: object - additionalProperties: - type: any - description: Properties of the object. - jsonData: - description: >- - The JSON string representation of the document. It should conform to - the registered Schema or an `INVALID_ARGUMENT` error is thrown. - type: string - name: - description: >- - Immutable. The full resource name of the document. Format: - `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/branches/{branch}/documents/{document_id}`. - This field must be a UTF-8 encoded string with a length limit of - 1024 characters. - type: string - id: - description: >- - Immutable. The identifier of the document. Id should conform to - [RFC-1034](https://tools.ietf.org/html/rfc1034) standard with a - length limit of 128 characters. - type: string - schemaId: - description: The identifier of the schema located in the same data store. - type: string - content: - description: >- - The unstructured data linked to this document. Content can only be - set and must be set if this document is under a `CONTENT_REQUIRED` - data store. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DocumentContent' - parentDocumentId: - description: >- - The identifier of the parent document. Currently supports at most - two level document hierarchy. Id should conform to - [RFC-1034](https://tools.ietf.org/html/rfc1034) standard with a - length limit of 63 characters. - type: string - derivedStructData: - description: >- - Output only. This field is OUTPUT_ONLY. It contains derived data - that are not in the original input document. - readOnly: true - type: object - additionalProperties: - type: any - description: Properties of the object. - aclInfo: - description: Access control information for the document. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DocumentAclInfo' - indexTime: - description: >- - Output only. The last time the document was indexed. If this field - is set, the document could be returned in search results. This field - is OUTPUT_ONLY. If this field is not populated, it means the - document has never been indexed. - readOnly: true - type: string - format: google-datetime - indexStatus: - description: >- - Output only. The index status of the document. * If document is - indexed successfully, the index_time field is populated. * - Otherwise, if document is not indexed due to errors, the - error_samples field is populated. * Otherwise, if document's index - is in progress, the pending_message field is populated. - readOnly: true - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DocumentIndexStatus' GoogleCloudDiscoveryengineV1DocumentContent: - id: GoogleCloudDiscoveryengineV1DocumentContent - description: Unstructured data linked to this document. - type: object properties: - rawBytes: - description: >- - The content represented as a stream of bytes. The maximum length is - 1,000,000 bytes (1 MB / ~0.95 MiB). Note: As with all `bytes` - fields, this field is represented as pure binary in Protocol Buffers - and base64-encoded string in JSON. For example, `abc123!?$*&()'-=@~` - should be represented as `YWJjMTIzIT8kKiYoKSctPUB+` in JSON. See - https://developers.google.com/protocol-buffers/docs/proto3#json. - type: string - format: byte - uri: - description: >- - The URI of the content. Only Cloud Storage URIs (e.g. - `gs://bucket-name/path/to/file`) are supported. The maximum file - size is 2.5 MB for text-based formats, 200 MB for other formats. - type: string mimeType: description: >- The MIME type of the content. Supported types: * `application/pdf` @@ -1489,780 +1637,1381 @@ components: `image/jpeg` (JPEG) * `image/png` (PNG) * `image/tiff` (TIFF) See https://www.iana.org/assignments/media-types/media-types.xhtml. type: string - GoogleCloudDiscoveryengineV1DocumentAclInfo: - id: GoogleCloudDiscoveryengineV1DocumentAclInfo - description: ACL Information of the Document. + rawBytes: + format: byte + description: >- + The content represented as a stream of bytes. The maximum length is + 1,000,000 bytes (1 MB / ~0.95 MiB). Note: As with all `bytes` + fields, this field is represented as pure binary in Protocol Buffers + and base64-encoded string in JSON. For example, `abc123!?$*&()'-=@~` + should be represented as `YWJjMTIzIT8kKiYoKSctPUB+` in JSON. See + https://developers.google.com/protocol-buffers/docs/proto3#json. + type: string + uri: + type: string + description: >- + The URI of the content. Only Cloud Storage URIs (e.g. + `gs://bucket-name/path/to/file`) are supported. The maximum file + size is 2.5 MB for text-based formats, 200 MB for other formats. type: object - properties: - readers: - description: Readers of the document. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1DocumentAclInfoAccessRestriction - GoogleCloudDiscoveryengineV1DocumentAclInfoAccessRestriction: - id: GoogleCloudDiscoveryengineV1DocumentAclInfoAccessRestriction - description: >- - AclRestriction to model complex inheritance restrictions. Example: - Modeling a "Both Permit" inheritance, where to access a child document, - user needs to have access to parent document. Document Hierarchy - - Space_S --> Page_P. Readers: Space_S: group_1, user_1 Page_P: group_2, - group_3, user_2 Space_S ACL Restriction - { "acl_info": { "readers": [ { - "principals": [ { "group_id": "group_1" }, { "user_id": "user_1" } ] } ] - } } Page_P ACL Restriction. { "acl_info": { "readers": [ { "principals": - [ { "group_id": "group_2" }, { "group_id": "group_3" }, { "user_id": - "user_2" } ], }, { "principals": [ { "group_id": "group_1" }, { - "user_id": "user_1" } ], } ] } } + id: GoogleCloudDiscoveryengineV1DocumentContent + description: Unstructured data linked to this document. + GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpec: type: object + id: GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpec + description: Query understanding specification. properties: - principals: - description: List of principals. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Principal' - idpWide: - description: All users within the Identity Provider. + queryRephraserSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryRephraserSpec + description: Query rephraser specification. + queryClassificationSpec: + description: Query classification specification. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryClassificationSpec + disableSpellCorrection: + description: >- + Optional. Whether to disable spell correction. The default value is + `false`. type: boolean - GoogleCloudDiscoveryengineV1Principal: - id: GoogleCloudDiscoveryengineV1Principal - description: Principal identifier of a user or a group. + GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseContentSuggestion: + id: >- + GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseContentSuggestion type: object properties: - userId: - description: >- - User identifier. For Google Workspace user account, user_id should - be the google workspace user email. For non-google identity provider - user account, user_id is the mapped user identifier configured - during the workforcepool config. + suggestion: type: string - groupId: + description: The suggestion for the query. + document: description: >- - Group identifier. For Google Workspace user account, group_id should - be the google workspace group email. For non-google identity - provider user account, group_id is the mapped group identifier - configured during the workforcepool config. + The document data snippet in the suggestion. Only a subset of fields + will be populated. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' + iconUri: type: string - externalEntityId: - description: >- - For 3P application identities which are not present in the customer - identity provider. + description: The icon uri of the content suggestion. + destinationUri: + description: The destination uri of the content suggestion. type: string - GoogleCloudDiscoveryengineV1DocumentIndexStatus: - id: GoogleCloudDiscoveryengineV1DocumentIndexStatus - description: Index status of the document. - type: object + contentType: + type: string + enum: + - CONTENT_TYPE_UNSPECIFIED + - GOOGLE_WORKSPACE + - THIRD_PARTY + enumDescriptions: + - Default value. + - The suggestion is from a Google Workspace source. + - The suggestion is from a third party source. + description: The type of the content suggestion. + score: + type: number + format: double + description: The score of each suggestion. The score is in the range of [0, 1]. + dataStore: + type: string + description: The name of the dataStore that this suggestion belongs to. + description: Suggestions as content. + GoogleCloudDiscoveryengineV1alphaSessionTurn: properties: - indexTime: + detailedAnswer: + readOnly: true + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswer' description: >- - The time when the document was indexed. If this field is populated, - it means the document has been indexed. - type: string - format: google-datetime - errorSamples: + Output only. In ConversationalSearchService.GetSession API, if + GetSessionRequest.include_answer_details is set to true, this field + will be populated when getting answer query session. + query: description: >- - A sample of errors encountered while indexing the document. If this - field is populated, the document is not indexed due to errors. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - pendingMessage: + Optional. The user query. May not be set if this turn is merely + regenerating an answer to a different turn + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaQuery' + answer: description: >- - Immutable. The message indicates the document index is in progress. - If this field is populated, the document index is pending. + Optional. The resource name of the answer to the user query. Only + set if the answer generation (/answer API call) happened in this + turn. type: string - GoogleCloudDiscoveryengineV1Chunk: - id: GoogleCloudDiscoveryengineV1Chunk + detailedAssistAnswer: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaAssistAnswer' + readOnly: true + description: >- + Output only. In ConversationalSearchService.GetSession API, if + GetSessionRequest.include_answer_details is set to true, this field + will be populated when getting assistant session. + queryConfig: + description: >- + Optional. Represents metadata related to the query config, for + example LLM model and version used, model parameters (temperature, + grounding parameters, etc.). The prefix "google." is reserved for + Google-developed functionality. + additionalProperties: + type: string + type: object description: >- - Chunk captures all raw metadata information of items to be recommended - or searched in the chunk mode. + Represents a turn, including a query from the user and a answer from + service. + type: object + id: GoogleCloudDiscoveryengineV1alphaSessionTurn + GoogleCloudDiscoveryengineV1Reply: + id: GoogleCloudDiscoveryengineV1Reply type: object properties: - name: + summary: + description: Summary based on search results. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummary + description: Defines a reply message to user. + GoogleCloudDiscoveryengineV1alphaAssistAnswerCustomerPolicyEnforcementResult: + properties: + policyResults: + type: array description: >- - The full resource name of the chunk. Format: - `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/branches/{branch}/documents/{document_id}/chunks/{chunk_id}`. - This field must be a UTF-8 encoded string with a length limit of - 1024 characters. - type: string - id: - description: Unique chunk ID of the current chunk. - type: string - content: - description: Content is a string from a document (parsed content). + Customer policy enforcement results. Populated only if the assist + call was skipped due to a policy violation. It contains results from + those filters that blocked the processing of the query. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAssistAnswerCustomerPolicyEnforcementResultPolicyEnforcementResult + verdict: type: string - relevanceScore: + enum: + - UNSPECIFIED + - ALLOW + - BLOCK description: >- - Output only. Represents the relevance score based on similarity. - Higher score indicates higher chunk relevance. The score is in range - [-1.0, 1.0]. Only populated on SearchResponse. - readOnly: true - type: number - format: double - documentMetadata: - description: Metadata of the document from the current chunk. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ChunkDocumentMetadata - derivedStructData: + Final verdict of the customer policy enforcement. If only one policy + blocked the processing, the verdict is BLOCK. + enumDescriptions: + - Unknown value. + - There was no policy violation. + - Processing was blocked by the customer policy. + type: object + id: >- + GoogleCloudDiscoveryengineV1alphaAssistAnswerCustomerPolicyEnforcementResult + description: >- + Customer policy enforcement results. Contains the results of the various + policy checks, like the banned phrases or the Model Armor checks. + GoogleCloudDiscoveryengineV1SearchInfo: + properties: + searchQuery: + type: string description: >- - Output only. This field is OUTPUT_ONLY. It contains derived data - that are not in the original input document. + The user's search query. See SearchRequest.query for definition. The + value must be a UTF-8 encoded string with a length limit of 5,000 + characters. Otherwise, an `INVALID_ARGUMENT` error is returned. At + least one of search_query or PageInfo.page_category is required for + `search` events. Other event types should not set this field. + Otherwise, an `INVALID_ARGUMENT` error is returned. + offset: + format: int32 + type: integer + description: >- + An integer that specifies the current offset for pagination (the + 0-indexed starting location, amongst the products deemed by the API + as relevant). See SearchRequest.offset for definition. If this field + is negative, an `INVALID_ARGUMENT` is returned. This can only be set + for `search` events. Other event types should not set this field. + Otherwise, an `INVALID_ARGUMENT` error is returned. + orderBy: + description: >- + The order in which products are returned, if applicable. See + SearchRequest.order_by for definition and syntax. The value must be + a UTF-8 encoded string with a length limit of 1,000 characters. + Otherwise, an `INVALID_ARGUMENT` error is returned. This can only be + set for `search` events. Other event types should not set this + field. Otherwise, an `INVALID_ARGUMENT` error is returned. + type: string + id: GoogleCloudDiscoveryengineV1SearchInfo + type: object + description: Detailed search information. + GoogleCloudDiscoveryengineV1WidgetConfigImage: + description: Options to store an image. + type: object + properties: + url: + description: Image URL. + type: string + id: GoogleCloudDiscoveryengineV1WidgetConfigImage + GoogleCloudDiscoveryengineV1alphaListSessionsResponse: + description: Response for ListSessions method. + id: GoogleCloudDiscoveryengineV1alphaListSessionsResponse + properties: + sessions: + type: array + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaSession' + description: All the Sessions for a given data store. + nextPageToken: + type: string + description: Pagination token, if not returned indicates the last page. + type: object + GoogleCloudDiscoveryengineV1alphaEvaluation: + description: >- + An evaluation is a single execution (or run) of an evaluation process. + It encapsulates the state of the evaluation and the resulting data. + type: object + properties: + errorSamples: + type: array readOnly: true - type: object - additionalProperties: - type: any - description: Properties of the object. - pageSpan: - description: Page span of the chunk. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ChunkPageSpan' - chunkMetadata: - description: Output only. Metadata of the current chunk. + description: >- + Output only. A sample of errors encountered while processing the + request. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + createTime: readOnly: true - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ChunkChunkMetadata' - dataUrls: + type: string + format: google-datetime + description: Output only. Timestamp the Evaluation was created at. + evaluationSpec: + description: Required. The specification of the evaluation. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaEvaluationEvaluationSpec + qualityMetrics: + readOnly: true + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaQualityMetrics' description: >- - Output only. Image Data URLs if the current chunk contains images. - Data URLs are composed of four parts: a prefix (data:), a MIME type - indicating the type of data, an optional base64 token if - non-textual, and the data itself: data:, + Output only. The metrics produced by the evaluation, averaged across + all SampleQuerys in the SampleQuerySet. Only populated when the + evaluation's state is SUCCEEDED. + error: + $ref: '#/components/schemas/GoogleRpcStatus' readOnly: true - type: array - items: - type: string - annotationContents: description: >- - Output only. Annotation contents if the current chunk contains - annotations. + Output only. The error that occurred during evaluation. Only + populated when the evaluation's state is FAILED. + name: + description: >- + Identifier. The full resource name of the Evaluation, in the format + of + `projects/{project}/locations/{location}/evaluations/{evaluation}`. + This field must be a UTF-8 encoded string with a length limit of + 1024 characters. + type: string + endTime: + readOnly: true + format: google-datetime + type: string + description: Output only. Timestamp the Evaluation was completed at. + state: readOnly: true + type: string + enumDescriptions: + - The evaluation is unspecified. + - The service is preparing to run the evaluation. + - The evaluation is in progress. + - The evaluation completed successfully. + - The evaluation failed. + description: Output only. The state of the evaluation. + enum: + - STATE_UNSPECIFIED + - PENDING + - RUNNING + - SUCCEEDED + - FAILED + id: GoogleCloudDiscoveryengineV1alphaEvaluation + GoogleCloudDiscoveryengineV1alphaCondition: + properties: + activeTimeRange: + description: >- + Range of time(s) specifying when condition is active. Maximum of 10 + time ranges. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaConditionTimeRange type: array + queryTerms: items: - type: string - annotationMetadata: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaConditionQueryTerm description: >- - Output only. The annotation metadata includes structured content in - the current chunk. - readOnly: true + Search only A list of terms to match the query on. Cannot be set + when Condition.query_regex is set. Maximum of 10 query terms. type: array + queryRegex: + description: >- + Optional. Query regex to match the whole search query. Cannot be set + when Condition.query_terms is set. Only supported for Basic Site + Search promotion serving controls. + type: string + type: object + description: Defines circumstances to be checked before allowing a behavior + id: GoogleCloudDiscoveryengineV1alphaCondition + GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchParams: + type: object + properties: + boostSpec: + description: >- + Boost specification to boost certain documents in search results + which may affect the answer query response. For more information on + boosting, see + [Boosting](https://cloud.google.com/retail/docs/boosting#boost) + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestBoostSpec + dataStoreSpecs: + description: >- + Specs defining dataStores to filter on in a search call and + configurations for those dataStores. This is only considered for + engines with multiple dataStores use case. For single dataStore + within an engine, they should use the specs at the top level. items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ChunkAnnotationMetadata - GoogleCloudDiscoveryengineV1ChunkDocumentMetadata: - id: GoogleCloudDiscoveryengineV1ChunkDocumentMetadata + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestDataStoreSpec + type: array + orderBy: + type: string + description: >- + The order in which documents are returned. Documents can be ordered + by a field in an Document object. Leave it unset if ordered by + relevance. `order_by` expression is case-sensitive. For more + information on ordering, see + [Ordering](https://cloud.google.com/retail/docs/filter-and-order#order) + If this field is unrecognizable, an `INVALID_ARGUMENT` is returned. + searchResultMode: + enum: + - SEARCH_RESULT_MODE_UNSPECIFIED + - DOCUMENTS + - CHUNKS + description: >- + Specifies the search result mode. If unspecified, the search result + mode defaults to `DOCUMENTS`. See [parse and chunk + documents](https://cloud.google.com/generative-ai-app-builder/docs/parse-chunk-documents) + type: string + enumDescriptions: + - Default value. + - Returns documents in the search result. + - >- + Returns chunks in the search result. Only available if the + DocumentProcessingConfig.chunking_config is specified. + maxReturnResults: + type: integer + format: int32 + description: Number of search results to return. The default value is 10. + filter: + type: string + description: >- + The filter syntax consists of an expression language for + constructing a predicate from one or more fields of the documents + being filtered. Filter expression is case-sensitive. This will be + used to filter search results which may affect the Answer response. + If this field is unrecognizable, an `INVALID_ARGUMENT` is returned. + Filtering in Vertex AI Search is done by mapping the LHS filter key + to a key property defined in the Vertex AI Search backend -- this + mapping is defined by the customer in their schema. For example a + media customers might have a field 'name' in their schema. In this + case the filter would look like this: filter --> name:'ANY("king + kong")' For more information about filtering including syntax and + filter operators, see + [Filter](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) + description: Search parameters. + id: GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchParams + GoogleCloudDiscoveryengineV1WidgetConfigFacetField: + type: object description: >- - Document metadata contains the information of the document of the - current chunk. + Facet fields that store the mapping of fields to end user widget + appearance. + properties: + displayName: + description: Optional. The field name that end users will see. + type: string + field: + type: string + description: Required. Registered field name. The format is `field.abc`. + id: GoogleCloudDiscoveryengineV1WidgetConfigFacetField + GoogleCloudDiscoveryengineV1betaAdvancedSiteSearchConfig: + id: GoogleCloudDiscoveryengineV1betaAdvancedSiteSearchConfig type: object properties: - uri: - description: Uri of the document. + disableInitialIndex: + type: boolean + description: If set true, initial indexing is disabled for the DataStore. + disableAutomaticRefresh: + description: If set true, automatic refresh is disabled for the DataStore. + type: boolean + description: Configuration data for advance site search. + GoogleCloudDiscoveryengineV1ListTargetSitesResponse: + id: GoogleCloudDiscoveryengineV1ListTargetSitesResponse + type: object + properties: + nextPageToken: + description: >- + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. type: string - title: - description: Title of the document. + targetSites: + type: array + description: List of TargetSites. + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' + totalSize: + description: >- + The total number of items matching the request. This will always be + populated in the response. + format: int32 + type: integer + description: Response message for SiteSearchEngineService.ListTargetSites method. + GoogleCloudDiscoveryengineV1LicenseConfig: + properties: + endDate: + description: Optional. The planed end date. + $ref: '#/components/schemas/GoogleTypeDate' + licenseCount: + type: string + format: int64 + description: Required. Number of licenses purchased. + name: type: string - mimeType: description: >- - The mime type of the document. - https://www.iana.org/assignments/media-types/media-types.xhtml. + Immutable. Identifier. The fully qualified resource name of the + license config. Format: + `projects/{project}/locations/{location}/licenseConfigs/{license_config}` + geminiBundle: + type: boolean + description: Output only. Whether the license config is for Gemini bundle. + readOnly: true + startDate: + $ref: '#/components/schemas/GoogleTypeDate' + description: Required. The start date. + subscriptionTier: + enumDescriptions: + - Default value. + - >- + Search tier. Search tier can access VAIS search features and + NotebookLM features. + - >- + Search + assistant tier. Search + assistant tier can access VAIS + search features, NotebookLM features and assistant features. + - >- + NotebookLM tier. NotebookLM is a subscription tier can only access + NotebookLM features. + - Frontline worker tier. + - Agentspace Starter tier. + - Agentspace Business tier. + - Enterprise tier. + - EDU tier. + - EDU Pro tier. + - EDU emerging market tier. + - EDU Pro emerging market tier. + - Frontline starter tier. type: string - structData: + description: Required. Subscription tier information for the license config. + enum: + - SUBSCRIPTION_TIER_UNSPECIFIED + - SUBSCRIPTION_TIER_SEARCH + - SUBSCRIPTION_TIER_SEARCH_AND_ASSISTANT + - SUBSCRIPTION_TIER_NOTEBOOK_LM + - SUBSCRIPTION_TIER_FRONTLINE_WORKER + - SUBSCRIPTION_TIER_AGENTSPACE_STARTER + - SUBSCRIPTION_TIER_AGENTSPACE_BUSINESS + - SUBSCRIPTION_TIER_ENTERPRISE + - SUBSCRIPTION_TIER_EDU + - SUBSCRIPTION_TIER_EDU_PRO + - SUBSCRIPTION_TIER_EDU_EMERGING + - SUBSCRIPTION_TIER_EDU_PRO_EMERGING + - SUBSCRIPTION_TIER_FRONTLINE_STARTER + subscriptionTerm: + description: Required. Subscription term. + enumDescriptions: + - Default value, do not use. + - 1 month. + - 1 year. + - 3 years. + type: string + enum: + - SUBSCRIPTION_TERM_UNSPECIFIED + - SUBSCRIPTION_TERM_ONE_MONTH + - SUBSCRIPTION_TERM_ONE_YEAR + - SUBSCRIPTION_TERM_THREE_YEARS + freeTrial: + description: Optional. Whether the license config is for free trial. + type: boolean + state: + enum: + - STATE_UNSPECIFIED + - ACTIVE + - EXPIRED + - NOT_STARTED + readOnly: true + type: string + enumDescriptions: + - Default value. The license config does not exist. + - The license config is effective and being used. + - The license config has expired. + - >- + The license config has not started yet, and its start date is in + the future. + description: Output only. The state of the license config. + autoRenew: description: >- - Data representation. The structured JSON data for the document. It - should conform to the registered Schema or an `INVALID_ARGUMENT` - error is thrown. + Optional. Whether the license config should be auto renewed when it + reaches the end date. + type: boolean + description: Information about users' licenses. + type: object + id: GoogleCloudDiscoveryengineV1LicenseConfig + GoogleCloudDiscoveryengineV1SessionTurn: + id: GoogleCloudDiscoveryengineV1SessionTurn + type: object + description: >- + Represents a turn, including a query from the user and a answer from + service. + properties: + detailedAssistAnswer: + description: >- + Output only. In ConversationalSearchService.GetSession API, if + GetSessionRequest.include_answer_details is set to true, this field + will be populated when getting assistant session. + readOnly: true + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AssistAnswer' + detailedAnswer: + readOnly: true + description: >- + Output only. In ConversationalSearchService.GetSession API, if + GetSessionRequest.include_answer_details is set to true, this field + will be populated when getting answer query session. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Answer' + query: + description: >- + Optional. The user query. May not be set if this turn is merely + regenerating an answer to a different turn + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Query' + answer: + type: string + description: >- + Optional. The resource name of the answer to the user query. Only + set if the answer generation (/answer API call) happened in this + turn. + queryConfig: type: object + description: >- + Optional. Represents metadata related to the query config, for + example LLM model and version used, model parameters (temperature, + grounding parameters, etc.). The prefix "google." is reserved for + Google-developed functionality. additionalProperties: - type: any - description: Properties of the object. + type: string + GoogleCloudDiscoveryengineV1betaBatchUpdateUserLicensesResponse: + id: GoogleCloudDiscoveryengineV1betaBatchUpdateUserLicensesResponse + properties: + userLicenses: + description: UserLicenses successfully updated. + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaUserLicense' + type: array + errorSamples: + description: A sample of errors encountered while processing the request. + type: array + items: + $ref: '#/components/schemas/GoogleRpcStatus' + description: Response message for UserLicenseService.BatchUpdateUserLicenses method. + type: object + GoogleCloudDiscoveryengineV1alphaTuneEngineMetadata: + properties: + engine: + type: string + description: >- + Required. The resource name of the engine that this tune applies to. + Format: + `projects/{project}/locations/{location}/collections/{collection_id}/engines/{engine_id}` + id: GoogleCloudDiscoveryengineV1alphaTuneEngineMetadata + description: Metadata associated with a tune operation. + type: object GoogleCloudDiscoveryengineV1ChunkPageSpan: - id: GoogleCloudDiscoveryengineV1ChunkPageSpan - description: Page span of the chunk. type: object + description: Page span of the chunk. + id: GoogleCloudDiscoveryengineV1ChunkPageSpan properties: pageStart: description: The start page of the chunk. type: integer format: int32 pageEnd: - description: The end page of the chunk. type: integer + description: The end page of the chunk. format: int32 - GoogleCloudDiscoveryengineV1ChunkChunkMetadata: - id: GoogleCloudDiscoveryengineV1ChunkChunkMetadata + GoogleCloudDiscoveryengineV1TrainCustomModelResponse: description: >- - Metadata of the current chunk. This field is only populated on - SearchService.Search API. + Response of the TrainCustomModelRequest. This message is returned by the + google.longrunning.Operations.response field. type: object + id: GoogleCloudDiscoveryengineV1TrainCustomModelResponse properties: - previousChunks: + metrics: + description: The metrics of the trained model. + type: object + additionalProperties: + format: double + type: number + errorConfig: description: >- - The previous chunks of the current chunk. The number is controlled - by SearchRequest.ContentSearchSpec.ChunkSpec.num_previous_chunks. - This field is only populated on SearchService.Search API. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Chunk' - nextChunks: + Echoes the destination for the complete errors in the request if + set. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ImportErrorConfig' + modelStatus: description: >- - The next chunks of the current chunk. The number is controlled by - SearchRequest.ContentSearchSpec.ChunkSpec.num_next_chunks. This - field is only populated on SearchService.Search API. + The trained model status. Possible values are: * **bad-data**: The + training data quality is bad. * **no-improvement**: Tuning didn't + improve performance. Won't deploy. * **in-progress**: Model training + job creation is in progress. * **training**: Model is actively + training. * **evaluating**: The model is evaluating trained metrics. + * **indexing**: The model trained metrics are indexing. * **ready**: + The model is ready for serving. + type: string + modelName: + type: string + description: Fully qualified name of the CustomTuningModel. + errorSamples: type: array + description: A sample of errors encountered while processing the data. items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Chunk' - GoogleCloudDiscoveryengineV1ChunkAnnotationMetadata: - id: GoogleCloudDiscoveryengineV1ChunkAnnotationMetadata - description: >- - The annotation metadata includes structured content in the current - chunk. + $ref: '#/components/schemas/GoogleRpcStatus' + GoogleCloudDiscoveryengineV1alphaUserLicense: + id: GoogleCloudDiscoveryengineV1alphaUserLicense type: object properties: - structuredContent: - description: Output only. The structured content information. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ChunkStructuredContent - imageId: - description: >- - Output only. Image id is provided if the structured content is based - on an image. + createTime: readOnly: true + format: google-datetime type: string - GoogleCloudDiscoveryengineV1ChunkStructuredContent: - id: GoogleCloudDiscoveryengineV1ChunkStructuredContent - description: The structured content information. - type: object - properties: - structureType: - description: Output only. The structure type of the structured content. - readOnly: true + description: Output only. User created timestamp. + updateTime: + format: google-datetime + description: Output only. User update timestamp. type: string + readOnly: true + licenseAssignmentState: enumDescriptions: - Default value. - - Shareholder structure. - - Signature structure. - - Checkbox structure. + - License assigned to the user. + - >- + No license assigned to the user. Deprecated, translated to + NO_LICENSE. + - No license assigned to the user. + - >- + User attempted to login but no license assigned to the user. This + state is only used for no user first time login attempt but cannot + get license assigned. Users already logged in but cannot get + license assigned will be assigned NO_LICENSE state(License could + be unassigned by admin). + - User is blocked from assigning a license. enum: - - STRUCTURE_TYPE_UNSPECIFIED - - SHAREHOLDER_STRUCTURE - - SIGNATURE_STRUCTURE - - CHECKBOX_STRUCTURE - content: - description: Output only. The content of the structured content. + - LICENSE_ASSIGNMENT_STATE_UNSPECIFIED + - ASSIGNED + - UNASSIGNED + - NO_LICENSE + - NO_LICENSE_ATTEMPTED_LOGIN + - BLOCKED + type: string readOnly: true + description: >- + Output only. License assignment state of the user. If the user is + assigned with a license config, the user login will be assigned with + the license; If the user's license assignment state is unassigned or + unspecified, no license config will be associated to the user; + lastLoginTime: + description: >- + Output only. User last logged in time. If the user has not logged in + yet, this field will be empty. type: string - GoogleCloudDiscoveryengineV1DoubleList: - id: GoogleCloudDiscoveryengineV1DoubleList - description: Double list. - type: object - properties: - values: - description: Double values. - type: array - items: - type: number - format: double - GoogleCloudDiscoveryengineV1SearchResponseSearchResultRankSignals: - id: GoogleCloudDiscoveryengineV1SearchResponseSearchResultRankSignals - description: A set of ranking signals. + format: google-datetime + readOnly: true + userProfile: + description: >- + Optional. The user profile. We user user full name(First name + Last + name) as user profile. + type: string + userPrincipal: + type: string + description: >- + Required. Immutable. The user principal of the User, could be email + address or other prinical identifier. This field is immutable. Admin + assign licenses based on the user principal. + licenseConfig: + type: string + description: >- + Optional. The full resource name of the Subscription(LicenseConfig) + assigned to the user. + description: User License information assigned by the admin. + GoogleCloudDiscoveryengineV1IdpConfig: type: object properties: - keywordSimilarityScore: - description: Optional. Keyword matching adjustment. - type: number - format: float - relevanceScore: - description: Optional. Semantic relevance adjustment. - type: number - format: float - semanticSimilarityScore: - description: Optional. Semantic similarity adjustment. - type: number - format: float - pctrRank: - description: Optional. Predicted conversion rate adjustment as a rank. - type: number - format: float - topicalityRank: - description: Optional. Topicality adjustment as a rank. - type: number - format: float - documentAge: - description: Optional. Age of the document in hours. - type: number - format: float - boostingFactor: - description: Optional. Combined custom boosts for a doc. - type: number - format: float - defaultRank: - description: Optional. The default rank of the result. - type: number - format: float - customSignals: - description: Optional. A list of custom clearbox signals. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSearchResultRankSignalsCustomSignal - GoogleCloudDiscoveryengineV1SearchResponseSearchResultRankSignalsCustomSignal: + externalIdpConfig: + description: External Identity provider config. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1IdpConfigExternalIdpConfig + idpType: + enum: + - IDP_TYPE_UNSPECIFIED + - GSUITE + - THIRD_PARTY + description: Identity provider type configured. + enumDescriptions: + - Default value. ACL search not enabled. + - Google 1P provider. + - Third party provider. + type: string + description: Identity Provider Config. + id: GoogleCloudDiscoveryengineV1IdpConfig + GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResult: + type: object id: >- - GoogleCloudDiscoveryengineV1SearchResponseSearchResultRankSignalsCustomSignal - description: Custom clearbox signal represented by name and value pair. + GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResult + description: Search result. + properties: + unstructuredDocumentInfo: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfo + description: Unstructured document information. + chunkInfo: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultChunkInfo + description: Chunk information. + GoogleCloudDiscoveryengineV1BatchVerifyTargetSitesRequest: type: object + properties: {} + id: GoogleCloudDiscoveryengineV1BatchVerifyTargetSitesRequest + description: >- + Request message for SiteSearchEngineService.BatchVerifyTargetSites + method. + GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoDocumentContext: + id: >- + GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoDocumentContext properties: - name: - description: Optional. Name of the signal. + pageIdentifier: type: string - value: - description: >- - Optional. Float value representing the ranking signal (e.g. 1.25 for - BM25). - type: number - format: float - GoogleCloudDiscoveryengineV1SearchResponseFacet: - id: GoogleCloudDiscoveryengineV1SearchResponseFacet - description: A facet result. + description: Page identifier. + content: + description: Document content to be used for answer generation. + type: string + type: object + description: Document context. + GoogleCloudDiscoveryengineV1alphaEngine: type: object + description: >- + Metadata that describes the training and serving parameters of an + Engine. + id: GoogleCloudDiscoveryengineV1alphaEngine properties: - key: + chatEngineConfig: description: >- - The key for this facet. For example, `"colors"` or `"price"`. It - matches SearchRequest.FacetSpec.FacetKey.key. + Configurations for the Chat Engine. Only applicable if solution_type + is SOLUTION_TYPE_CHAT. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfig + name: type: string - values: - description: The facet values for this field. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseFacetFacetValue - dynamicFacet: - description: Whether the facet is dynamically generated. - type: boolean - GoogleCloudDiscoveryengineV1SearchResponseFacetFacetValue: - id: GoogleCloudDiscoveryengineV1SearchResponseFacetFacetValue - description: A facet value which contains value names and their count. - type: object - properties: - value: - description: Text value of a facet, such as "Black" for facet "colors". + description: >- + Immutable. Identifier. The fully qualified resource name of the + engine. This field must be a UTF-8 encoded string with a length + limit of 1024 characters. Format: + `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}` + engine should be 1-63 characters, and valid characters are + /a-z0-9*/. Otherwise, an INVALID_ARGUMENT error is returned. + modelConfigs: + additionalProperties: + enumDescriptions: + - The model state is unspecified. + - The model is enabled by admin. + - The model is disabled by admin. + enum: + - MODEL_STATE_UNSPECIFIED + - MODEL_ENABLED + - MODEL_DISABLED + type: string + description: >- + Optional. Maps a model name to its specific configuration for this + engine. This allows admin users to turn on/off individual models. + This only stores models whose states are overridden by the admin. + When the state is unspecified, or model_configs is empty for this + model, the system will decide if this model should be available or + not based on the default configuration. For example, a preview model + should be disabled by default if the admin has not chosen to enable + it. + type: object + industryVertical: type: string - interval: + enum: + - INDUSTRY_VERTICAL_UNSPECIFIED + - GENERIC + - MEDIA + - HEALTHCARE_FHIR + enumDescriptions: + - Value used when unset. + - >- + The generic vertical for documents that are not specific to any + industry vertical. + - The media industry vertical. + - The healthcare FHIR vertical. description: >- - Interval value for a facet, such as 10, 20) for facet "price". It - matches [SearchRequest.FacetSpec.FacetKey.intervals. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Interval' - count: - description: Number of items that have this facet value. + Optional. The industry vertical that the engine registers. The + restriction of the Engine industry vertical is based on DataStore: + Vertical on Engine has to match vertical of the DataStore linked to + the engine. + appType: + enumDescriptions: + - All non specified apps. + - App type for intranet search and Agentspace. + description: >- + Optional. Immutable. This the application type which this engine + resource represents. NOTE: this is a new concept independ of + existing industry vertical or solution type. type: string - format: int64 - GoogleCloudDiscoveryengineV1SearchResponseSummary: - id: GoogleCloudDiscoveryengineV1SearchResponseSummary - description: Summary of the top N search results specified by the summary spec. - type: object - properties: - summaryText: - description: The summary content. + enum: + - APP_TYPE_UNSPECIFIED + - APP_TYPE_INTRANET + configurableBillingApproach: + description: Optional. Configuration for configurable billing approach. + enum: + - CONFIGURABLE_BILLING_APPROACH_UNSPECIFIED + - CONFIGURABLE_BILLING_APPROACH_ENABLED type: string - summarySkippedReasons: - description: >- - Additional summary-skipped reasons. This provides the reason for - ignored cases. If nothing is skipped, this field is not set. - type: array - items: - type: string + enumDescriptions: + - >- + Default value. For Spark and non-Spark non-configurable billing + approach. General pricing model. + - The billing approach follows configurations specified by customer. + features: + additionalProperties: enumDescriptions: - - Default value. The summary skipped reason is not specified. - - >- - The adversarial query ignored case. Only used when - SummarySpec.ignore_adversarial_query is set to `true`. - - >- - The non-summary seeking query ignored case. Google skips the - summary if the query is chit chat. Only used when - SummarySpec.ignore_non_summary_seeking_query is set to `true`. - - >- - The out-of-domain query ignored case. Google skips the summary - if there are no high-relevance search results. For example, the - data store contains facts about company A but the user query is - asking questions about company B. - - >- - The potential policy violation case. Google skips the summary if - there is a potential policy violation detected. This includes - content that may be violent or toxic. - - >- - The LLM addon not enabled case. Google skips the summary if the - LLM addon is not enabled. - - >- - The no relevant content case. Google skips the summary if there - is no relevant content in the retrieved search results. - - >- - The jail-breaking query ignored case. For example, "Reply in the - tone of a competing company's CEO". Only used when - [SearchRequest.ContentSearchSpec.SummarySpec.ignore_jail_breaking_query] - is set to `true`. - - >- - The customer policy violation case. Google skips the summary if - there is a customer policy violation detected. The policy is - defined by the customer. - - >- - The non-answer seeking query ignored case. Google skips the - summary if the query doesn't have clear intent. Only used when - [SearchRequest.ContentSearchSpec.SummarySpec.ignore_non_answer_seeking_query] - is set to `true`. - - The time out case. Google skips the summary if the time out. + - The feature state is unspecified. + - The feature is turned on to be accessible. + - The feature is turned off to be inaccessible. enum: - - SUMMARY_SKIPPED_REASON_UNSPECIFIED - - ADVERSARIAL_QUERY_IGNORED - - NON_SUMMARY_SEEKING_QUERY_IGNORED - - OUT_OF_DOMAIN_QUERY_IGNORED - - POTENTIAL_POLICY_VIOLATION - - LLM_ADDON_NOT_ENABLED - - NO_RELEVANT_CONTENT - - JAIL_BREAKING_QUERY_IGNORED - - CUSTOMER_POLICY_VIOLATION - - NON_SUMMARY_SEEKING_QUERY_IGNORED_V2 - - TIME_OUT - safetyAttributes: + - FEATURE_STATE_UNSPECIFIED + - FEATURE_STATE_ON + - FEATURE_STATE_OFF + type: string description: >- - A collection of Safety Attribute categories and their associated - confidence scores. + Optional. Feature config for the engine to opt in or opt out of + features. Supported keys: * `*`: all features, if it's present, all + other feature state settings are ignored. * `agent-gallery` * + `no-code-agent-builder` * `prompt-gallery` * `model-selector` * + `notebook-lm` * `people-search` * `people-search-org-chart` * + `bi-directional-audio` * `feedback` * `session-sharing` * + `personalization-memory` * `disable-agent-sharing` * + `disable-image-generation` * `disable-video-generation` * + `disable-onedrive-upload` * `disable-talk-to-content` * + `disable-google-drive-upload` + type: object + displayName: + type: string + description: >- + Required. The display name of the engine. Should be human readable. + UTF-8 encoded string with limit of 1024 characters. + updateTime: + description: Output only. Timestamp the Recommendation Engine was last updated. + type: string + format: google-datetime + readOnly: true + cmekConfig: + description: Output only. CMEK-related information for the Engine. + readOnly: true + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaCmekConfig' + similarDocumentsConfig: + description: Additional config specs for a `similar-items` engine. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummarySafetyAttributes - summaryWithMetadata: - description: Summary with metadata information. + #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineSimilarDocumentsEngineConfig + disableAnalytics: + type: boolean + description: >- + Optional. Whether to disable analytics for searches performed on + this engine. + mediaRecommendationEngineConfig: + description: >- + Configurations for the Media Engine. Only applicable on the data + stores with solution_type SOLUTION_TYPE_RECOMMENDATION and + IndustryVertical.MEDIA vertical. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummarySummaryWithMetadata - GoogleCloudDiscoveryengineV1SearchResponseSummarySafetyAttributes: - id: GoogleCloudDiscoveryengineV1SearchResponseSummarySafetyAttributes - description: Safety Attribute categories and their associated confidence scores. - type: object - properties: - categories: + #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfig + searchEngineConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineSearchEngineConfig description: >- - The display names of Safety Attribute categories associated with the - generated content. Order matches the Scores. + Configurations for the Search Engine. Only applicable if + solution_type is SOLUTION_TYPE_SEARCH. + dataStoreIds: type: array + description: >- + Optional. The data stores associated with this engine. For + SOLUTION_TYPE_SEARCH and SOLUTION_TYPE_RECOMMENDATION type of + engines, they can only associate with at most one data store. If + solution_type is SOLUTION_TYPE_CHAT, multiple DataStores in the same + Collection can be associated here. Note that when used in + CreateEngineRequest, one DataStore id must be provided as the system + will use it for necessary initializations. items: type: string - scores: + createTime: + readOnly: true + description: Output only. Timestamp the Recommendation Engine was created at. + format: google-datetime + type: string + solutionType: + type: string + enumDescriptions: + - Default value. + - Used for Recommendations AI. + - Used for Discovery Search. + - Used for use cases related to the Generative AI agent. + - >- + Used for use cases related to the Generative Chat agent. It's used + for Generative chat engine only, the associated data stores must + enrolled with `SOLUTION_TYPE_CHAT` solution. + description: Required. The solutions of the engine. + enum: + - SOLUTION_TYPE_UNSPECIFIED + - SOLUTION_TYPE_RECOMMENDATION + - SOLUTION_TYPE_SEARCH + - SOLUTION_TYPE_CHAT + - SOLUTION_TYPE_GENERATIVE_CHAT + commonConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineCommonConfig + description: Common config spec that specifies the metadata of the engine. + chatEngineMetadata: + readOnly: true description: >- - The confidence scores of the each category, higher value means - higher confidence. Order matches the Categories. - type: array - items: - type: number - format: float - GoogleCloudDiscoveryengineV1SearchResponseSummarySummaryWithMetadata: - id: GoogleCloudDiscoveryengineV1SearchResponseSummarySummaryWithMetadata - description: Summary with metadata information. + Output only. Additional information of the Chat Engine. Only + applicable if solution_type is SOLUTION_TYPE_CHAT. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineChatEngineMetadata + recommendationMetadata: + readOnly: true + description: >- + Output only. Additional information of a recommendation engine. Only + applicable if solution_type is SOLUTION_TYPE_RECOMMENDATION. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineRecommendationMetadata + GoogleCloudDiscoveryengineV1ListSessionsResponse: type: object + id: GoogleCloudDiscoveryengineV1ListSessionsResponse properties: - summary: - description: Summary text with no citation information. + nextPageToken: + description: Pagination token, if not returned indicates the last page. type: string - citationMetadata: - description: Citation metadata for given summary. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummaryCitationMetadata - references: - description: Document References. + sessions: type: array items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummaryReference - GoogleCloudDiscoveryengineV1SearchResponseSummaryCitationMetadata: - id: GoogleCloudDiscoveryengineV1SearchResponseSummaryCitationMetadata - description: Citation metadata. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + description: All the Sessions for a given data store. + description: Response for ListSessions method. + GoogleCloudDiscoveryengineV1alphaPurgeCompletionSuggestionsResponse: type: object properties: - citations: - description: Citations for segments. + purgeSucceeded: + type: boolean + description: Whether the completion suggestions were successfully purged. + errorSamples: + description: A sample of errors encountered while processing the request. type: array items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummaryCitation - GoogleCloudDiscoveryengineV1SearchResponseSummaryCitation: - id: GoogleCloudDiscoveryengineV1SearchResponseSummaryCitation - description: Citation info for a segment. + $ref: '#/components/schemas/GoogleRpcStatus' + id: GoogleCloudDiscoveryengineV1alphaPurgeCompletionSuggestionsResponse + description: >- + Response message for CompletionService.PurgeCompletionSuggestions + method. + GoogleCloudDiscoveryengineV1alphaPurgeSuggestionDenyListEntriesResponse: + id: GoogleCloudDiscoveryengineV1alphaPurgeSuggestionDenyListEntriesResponse type: object + description: >- + Response message for CompletionService.PurgeSuggestionDenyListEntries + method. properties: - startIndex: - description: Index indicates the start of the segment, measured in bytes/unicode. - type: string + purgeCount: format: int64 - endIndex: - description: End of the attributed segment, exclusive. + description: Number of suggestion deny list entries purged. type: string - format: int64 - sources: - description: Citation sources for the attributed segment. - type: array + errorSamples: + description: A sample of errors encountered while processing the request. items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummaryCitationSource - GoogleCloudDiscoveryengineV1SearchResponseSummaryCitationSource: - id: GoogleCloudDiscoveryengineV1SearchResponseSummaryCitationSource - description: Citation source. - type: object - properties: - referenceIndex: - description: >- - Document reference index from SummaryWithMetadata.references. It is - 0-indexed and the value will be zero if the reference_index is not - set explicitly. - type: string - format: int64 - GoogleCloudDiscoveryengineV1SearchResponseSummaryReference: - id: GoogleCloudDiscoveryengineV1SearchResponseSummaryReference - description: Document reference. - type: object - properties: - title: - description: Title of the document. - type: string - document: - description: >- - Required. Document.name of the document. Full resource name of the - referenced document, in the format - `projects/*/locations/*/collections/*/dataStores/*/branches/*/documents/*`. - type: string - uri: - description: Cloud Storage or HTTP uri for the document. - type: string - chunkContents: - description: List of cited chunk contents derived from document content. + $ref: '#/components/schemas/GoogleRpcStatus' type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummaryReferenceChunkContent - GoogleCloudDiscoveryengineV1SearchResponseSummaryReferenceChunkContent: - id: GoogleCloudDiscoveryengineV1SearchResponseSummaryReferenceChunkContent - description: Chunk content. + GoogleCloudDiscoveryengineV1betaEnableAdvancedSiteSearchMetadata: + id: GoogleCloudDiscoveryengineV1betaEnableAdvancedSiteSearchMetadata type: object properties: - content: - description: Chunk textual content. + updateTime: + description: >- + Operation last update time. If the operation is done, this is also + the finish time. type: string - pageIdentifier: - description: Page identifier. + format: google-datetime + createTime: + format: google-datetime type: string - GoogleCloudDiscoveryengineV1SearchResponseQueryExpansionInfo: - id: GoogleCloudDiscoveryengineV1SearchResponseQueryExpansionInfo + description: Operation create time. description: >- - Information describing query expansion including whether expansion has - occurred. + Metadata related to the progress of the + SiteSearchEngineService.EnableAdvancedSiteSearch operation. This will be + returned by the google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1betaSearchRequestSearchAsYouTypeSpec: + id: GoogleCloudDiscoveryengineV1betaSearchRequestSearchAsYouTypeSpec type: object properties: - expandedQuery: - description: Bool describing whether query expansion has occurred. - type: boolean - pinnedResultCount: + condition: + enumDescriptions: + - Server behavior defaults to Condition.DISABLED. + - Disables Search As You Type. + - Enables Search As You Type. + - >- + Automatic switching between search-as-you-type and standard search + modes, ideal for single-API implementations (e.g., debouncing). + enum: + - CONDITION_UNSPECIFIED + - DISABLED + - ENABLED + - AUTO description: >- - Number of pinned results. This field will only be set when expansion - happens and SearchRequest.QueryExpansionSpec.pin_unexpanded_results - is set to true. + The condition under which search as you type should occur. Default + to Condition.DISABLED. type: string - format: int64 - GoogleCloudDiscoveryengineV1SearchResponseSessionInfo: - id: GoogleCloudDiscoveryengineV1SearchResponseSessionInfo - description: Information about the session. - type: object + description: Specification for search as you type in search requests. + GoogleCloudDiscoveryengineV1alphaDedicatedCrawlRateTimeSeries: properties: - name: + autoRefreshCrawlRate: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaCrawlRateTimeSeries description: >- - Name of the session. If the auto-session mode is used (when - SearchRequest.session ends with "-"), this field holds the newly - generated session name. - type: string - queryId: + Vertex AI's dedicated crawl rate time series of auto-refresh, which + is the crawl rate of Google-CloudVertexBot when dedicate crawl is + set, and the crawl rate is for best effort use cases like refreshing + urls periodically. + userTriggeredCrawlRate: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaCrawlRateTimeSeries description: >- - Query ID that corresponds to this search API call. One session can - have multiple turns, each with a unique query ID. By specifying the - session name and this query ID in the Answer API call, the answer - generation happens in the context of the search results from this - search call. - type: string - GoogleCloudDiscoveryengineV1SearchLinkPromotion: - id: GoogleCloudDiscoveryengineV1SearchLinkPromotion + Vertex AI's dedicated crawl rate time series of user triggered + crawl, which is the crawl rate of Google-CloudVertexBot when + dedicate crawl is set, and user triggered crawl rate is for + deterministic use cases like crawling urls or sitemaps specified by + users. + userTriggeredCrawlErrorRate: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaCrawlRateTimeSeries + description: >- + Vertex AI's error rate time series of user triggered dedicated + crawl. + autoRefreshCrawlErrorRate: + description: Vertex AI's error rate time series of auto-refresh dedicated crawl. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaCrawlRateTimeSeries description: >- - Promotion proto includes uri and other helping information to display - the promotion. + The historical dedicated crawl rate timeseries data, used for + monitoring. Dedicated crawl is used by Vertex AI to crawl the user's + website when dedicate crawl is set. + id: GoogleCloudDiscoveryengineV1alphaDedicatedCrawlRateTimeSeries + type: object + GoogleCloudDiscoveryengineV1betaConditionQueryTerm: type: object + description: Matcher for search request query properties: - title: + fullMatch: + description: Whether the search query needs to exactly match the query term. + type: boolean + value: description: >- - Required. The title of the promotion. Maximum length: 160 - characters. + The specific query value to match against Must be lowercase, must be + UTF-8. Can have at most 3 space separated terms if full_match is + true. Cannot be an empty string. Maximum length of 5000 characters. type: string - uri: + id: GoogleCloudDiscoveryengineV1betaConditionQueryTerm + GoogleCloudDiscoveryengineV1alphaCitationMetadata: + type: object + id: GoogleCloudDiscoveryengineV1alphaCitationMetadata + properties: + citations: + type: array + description: Output only. List of citations. + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaCitation' + readOnly: true + description: A collection of source attributions for a piece of content. + GoogleCloudDiscoveryengineV1SuggestionDenyListEntry: + description: >- + Suggestion deny list entry identifying the phrase to block from + suggestions and the applied operation for the phrase. + id: GoogleCloudDiscoveryengineV1SuggestionDenyListEntry + properties: + blockPhrase: description: >- - Optional. The URL for the page the user wants to promote. Must be - set for site search. For other verticals, this is optional. + Required. Phrase to block from suggestions served. Can be maximum + 125 characters. type: string - document: + matchOperator: description: >- - Optional. The Document the user wants to promote. For site search, - leave unset and only populate uri. Can be set along with uri. - type: string - imageUri: - description: Optional. The promotion thumbnail image url. - type: string - description: - description: 'Optional. The Promotion description. Maximum length: 200 characters.' + Required. The match operator to apply for this phrase. Whether to + block the exact phrase, or block any suggestions containing this + phrase. + enumDescriptions: + - Default value. Should not be used + - >- + If the suggestion is an exact match to the block_phrase, then + block it. + - If the suggestion contains the block_phrase, then block it. + enum: + - MATCH_OPERATOR_UNSPECIFIED + - EXACT_MATCH + - CONTAINS type: string - enabled: - description: >- - Optional. The enabled promotion will be returned for any serving - configs associated with the parent of the control this promotion is - attached to. This flag is used for basic site search only. - type: boolean - GoogleCloudDiscoveryengineV1StreamAssistRequest: - id: GoogleCloudDiscoveryengineV1StreamAssistRequest - description: Request for the AssistantService.StreamAssist method. type: object + GoogleCloudDiscoveryengineV1AssistantGenerationConfigSystemInstruction: + description: System instruction, also known as the prompt preamble for LLM calls. + id: GoogleCloudDiscoveryengineV1AssistantGenerationConfigSystemInstruction properties: - query: - description: >- - Optional. Current user query. Empty query is only supported if - `file_ids` are provided. In this case, the answer will be generated - based on those context files. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Query' - session: + additionalSystemInstruction: description: >- - Optional. The session to use for the request. If specified, the - assistant has access to the session history, and the query and the - answer are stored there. If `-` is specified as the session ID, or - it is left empty, then a new session is created with an - automatically generated ID. Format: - `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}/sessions/{session}` + Optional. Additional system instruction that will be added to the + default system instruction. type: string - userMetadata: - description: Optional. Information about the user initiating the query. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AssistUserMetadata' - toolsSpec: - description: Optional. Specification of tools that are used to serve the request. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpec - generationSpec: - description: >- - Optional. Specification of the generation configuration for the - request. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1StreamAssistRequestGenerationSpec - GoogleCloudDiscoveryengineV1Query: - id: GoogleCloudDiscoveryengineV1Query - description: Defines a user inputed query. type: object + GoogleCloudDiscoveryengineV1PurgeCompletionSuggestionsMetadata: + type: object + description: >- + Metadata related to the progress of the PurgeCompletionSuggestions + operation. This is returned by the google.longrunning.Operation.metadata + field. properties: - text: - description: Plain text. + createTime: + format: google-datetime type: string - queryId: - description: Output only. Unique Id for the query. - readOnly: true + description: Operation create time. + updateTime: + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime type: string - GoogleCloudDiscoveryengineV1AssistUserMetadata: - id: GoogleCloudDiscoveryengineV1AssistUserMetadata - description: User metadata of the request. - type: object + id: GoogleCloudDiscoveryengineV1PurgeCompletionSuggestionsMetadata + GoogleCloudDiscoveryengineV1betaDataStore: + id: GoogleCloudDiscoveryengineV1betaDataStore + description: DataStore captures global settings and configs at the DataStore level. properties: - timeZone: - description: Optional. IANA time zone, e.g. Europe/Budapest. + solutionTypes: + items: + enumDescriptions: + - Default value. + - Used for Recommendations AI. + - Used for Discovery Search. + - Used for use cases related to the Generative AI agent. + - >- + Used for use cases related to the Generative Chat agent. It's + used for Generative chat engine only, the associated data stores + must enrolled with `SOLUTION_TYPE_CHAT` solution. + type: string + enum: + - SOLUTION_TYPE_UNSPECIFIED + - SOLUTION_TYPE_RECOMMENDATION + - SOLUTION_TYPE_SEARCH + - SOLUTION_TYPE_CHAT + - SOLUTION_TYPE_GENERATIVE_CHAT + description: >- + The solutions that the data store enrolls. Available solutions for + each industry_vertical: * `MEDIA`: `SOLUTION_TYPE_RECOMMENDATION` + and `SOLUTION_TYPE_SEARCH`. * `SITE_SEARCH`: `SOLUTION_TYPE_SEARCH` + is automatically enrolled. Other solutions cannot be enrolled. + type: array + defaultSchemaId: + readOnly: true type: string - preferredLanguageCode: description: >- - Optional. Preferred language to be used for answering if language - detection fails. Also used as the language of error messages created - by actions, regardless of language detection results. + Output only. The id of the default Schema associated to this data + store. + identityMappingStore: + description: >- + Immutable. The fully qualified resource name of the associated + IdentityMappingStore. This field can only be set for acl_enabled + DataStores with `THIRD_PARTY` or `GSUITE` IdP. Format: + `projects/{project}/locations/{location}/identityMappingStores/{identity_mapping_store}`. type: string - GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpec: - id: GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpec - description: Specification of tools that are used to serve the request. - type: object - properties: - vertexAiSearchSpec: - description: Optional. Specification of the Vertex AI Search tool. + advancedSiteSearchConfig: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecVertexAiSearchSpec - webGroundingSpec: + #/components/schemas/GoogleCloudDiscoveryengineV1betaAdvancedSiteSearchConfig + description: Optional. Configuration for advanced site search. + workspaceConfig: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaWorkspaceConfig' description: >- - Optional. Specification of the web grounding tool. If field is - present, enables grounding with web search. Works only if - Assistant.web_grounding_type is WEB_GROUNDING_TYPE_GOOGLE_SEARCH or - WEB_GROUNDING_TYPE_ENTERPRISE_WEB_SEARCH. + Config to store data store type configuration for workspace data. + This must be set when DataStore.content_config is set as + DataStore.ContentConfig.GOOGLE_WORKSPACE. + isInfobotFaqDataStore: + description: Optional. If set, this DataStore is an Infobot FAQ DataStore. + type: boolean + createTime: + description: Output only. Timestamp the DataStore was created at. + type: string + readOnly: true + format: google-datetime + billingEstimation: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecWebGroundingSpec - imageGenerationSpec: - description: Optional. Specification of the image generation tool. + #/components/schemas/GoogleCloudDiscoveryengineV1betaDataStoreBillingEstimation + readOnly: true + description: Output only. Data size estimation for billing. + aclEnabled: + type: boolean + description: >- + Immutable. Whether data in the DataStore has ACL information. If set + to `true`, the source data must have ACL. ACL will be ingested when + data is ingested by DocumentService.ImportDocuments methods. When + ACL is enabled for the DataStore, Document can't be accessed by + calling DocumentService.GetDocument or + DocumentService.ListDocuments. Currently ACL is only supported in + `GENERIC` industry vertical with non-`PUBLIC_WEBSITE` content + config. + servingConfigDataStore: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecImageGenerationSpec - videoGenerationSpec: - description: Optional. Specification of the video generation tool. + #/components/schemas/GoogleCloudDiscoveryengineV1betaDataStoreServingConfigDataStore + description: Optional. Stores serving config at DataStore level. + documentProcessingConfig: + description: Configuration for Document understanding and enrichment. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecVideoGenerationSpec - GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecVertexAiSearchSpec: - id: >- - GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecVertexAiSearchSpec - description: Specification of the Vertex AI Search tool. - type: object - properties: - dataStoreSpecs: + #/components/schemas/GoogleCloudDiscoveryengineV1betaDocumentProcessingConfig + contentConfig: description: >- - Optional. Specs defining DataStores to filter on in a search call - and configurations for those data stores. This is only considered - for Engines with multiple data stores. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestDataStoreSpec - filter: + Immutable. The content config of the data store. If this field is + unset, the server behavior defaults to ContentConfig.NO_CONTENT. + type: string + enumDescriptions: + - Default value. + - Only contains documents without any Document.content. + - Only contains documents with Document.content. + - The data store is used for public website search. + - >- + The data store is used for workspace search. Details of workspace + data store are specified in the WorkspaceConfig. + enum: + - CONTENT_CONFIG_UNSPECIFIED + - NO_CONTENT + - CONTENT_REQUIRED + - PUBLIC_WEBSITE + - GOOGLE_WORKSPACE + name: description: >- - Optional. The filter syntax consists of an expression language for - constructing a predicate from one or more fields of the documents - being filtered. Filter expression is case-sensitive. If this field - is unrecognizable, an `INVALID_ARGUMENT` is returned. Filtering in - Vertex AI Search is done by mapping the LHS filter key to a key - property defined in the Vertex AI Search backend -- this mapping is - defined by the customer in their schema. For example a media - customer might have a field 'name' in their schema. In this case the - filter would look like this: filter --> name:'ANY("king kong")' For - more information about filtering including syntax and filter - operators, see - [Filter](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) + Immutable. Identifier. The full resource name of the data store. + Format: + `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}`. + This field must be a UTF-8 encoded string with a length limit of + 1024 characters. type: string - GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecWebGroundingSpec: - id: GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecWebGroundingSpec - description: Specification of the web grounding tool. - type: object - properties: {} - GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecImageGenerationSpec: - id: >- - GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecImageGenerationSpec - description: Specification of the image generation tool. - type: object - properties: {} - GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecVideoGenerationSpec: - id: >- - GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecVideoGenerationSpec - description: Specification of the video generation tool. - type: object - properties: {} - GoogleCloudDiscoveryengineV1StreamAssistRequestGenerationSpec: - id: GoogleCloudDiscoveryengineV1StreamAssistRequestGenerationSpec - description: >- - Assistant generation specification for the request. This allows to - override the default generation configuration at the engine level. + naturalLanguageQueryUnderstandingConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaNaturalLanguageQueryUnderstandingConfig + description: Optional. Configuration for Natural Language Query Understanding. + configurableBillingApproach: + enumDescriptions: + - >- + Default value. For Spark and non-Spark non-configurable billing + approach. + - >- + Use the subscription base + overage billing for indexing core for + non embedding storage. + - >- + Use the consumption pay-as-you-go billing for embedding storage + add-on. + enum: + - CONFIGURABLE_BILLING_APPROACH_UNSPECIFIED + - CONFIGURABLE_SUBSCRIPTION_INDEXING_CORE + - CONFIGURABLE_CONSUMPTION_EMBEDDING + type: string + description: Optional. Configuration for configurable billing approach. See + healthcareFhirConfig: + description: Optional. Configuration for `HEALTHCARE_FHIR` vertical. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaHealthcareFhirConfig + kmsKeyName: + description: >- + Input only. The KMS key to be used to protect this DataStore at + creation time. Must be set for requests that need to comply with + CMEK Org Policy protections. If this field is set and processed + successfully, the DataStore will be protected by the KMS key, as + indicated in the cmek_config field. + type: string + configurableBillingApproachUpdateTime: + readOnly: true + type: string + format: google-datetime + description: >- + Output only. The timestamp when configurable_billing_approach was + last updated. + startingSchema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaSchema' + description: >- + The start schema to use for this DataStore when provisioning it. If + unset, a default vertical specialized schema will be used. This + field is only used by CreateDataStore API, and will be ignored if + used in other APIs. This field will be omitted from all API + responses including CreateDataStore API. To retrieve a schema of a + DataStore, use SchemaService.GetSchema API instead. The provided + schema will be validated against certain rules on schema. Learn more + from [this + doc](https://cloud.google.com/generative-ai-app-builder/docs/provide-schema). + displayName: + description: >- + Required. The data store display name. This field must be a UTF-8 + encoded string with a length limit of 128 characters. Otherwise, an + INVALID_ARGUMENT error is returned. + type: string + languageInfo: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaLanguageInfo' + description: Language info for DataStore. + cmekConfig: + description: Output only. CMEK-related information for the DataStore. + readOnly: true + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaCmekConfig' + industryVertical: + type: string + description: Immutable. The industry vertical that the data store registers. + enumDescriptions: + - Value used when unset. + - >- + The generic vertical for documents that are not specific to any + industry vertical. + - The media industry vertical. + - The healthcare FHIR vertical. + enum: + - INDUSTRY_VERTICAL_UNSPECIFIED + - GENERIC + - MEDIA + - HEALTHCARE_FHIR type: object + GoogleCloudDiscoveryengineV1alphaAssistantGroundedContentTextGroundingMetadataSegment: + description: Grounding information for a segment of the text. properties: - modelId: + referenceIndices: + items: + type: integer + format: int32 + type: array + description: References for the segment. + groundingScore: + type: number + description: Score for the segment. + format: float + startIndex: + type: string description: >- - Optional. The Vertex AI model_id used for the generative model. If - not set, the default Assistant model will be used. + Zero-based index indicating the start of the segment, measured in + bytes of a UTF-8 string (i.e. characters encoded on multiple bytes + have a length of more than one). + format: int64 + endIndex: + description: End of the segment, exclusive. + type: string + format: int64 + text: + description: The text segment itself. type: string + type: object + id: >- + GoogleCloudDiscoveryengineV1alphaAssistantGroundedContentTextGroundingMetadataSegment GoogleCloudDiscoveryengineV1StreamAssistResponse: - id: GoogleCloudDiscoveryengineV1StreamAssistResponse description: Response for the AssistantService.StreamAssist method. type: object + id: GoogleCloudDiscoveryengineV1StreamAssistResponse properties: answer: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AssistAnswer' description: >- Assist answer resource object containing parts of the assistant's final answer for the user's query. Not present if the current @@ -2274,1221 +3023,1456 @@ components: responses. AssistAnswer.name won't be filled. If the state is `SUCCEEDED`, `FAILED` or `SKIPPED`, the response is the last response and AssistAnswer.name will have a value. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AssistAnswer' sessionInfo: - description: Session information. $ref: >- #/components/schemas/GoogleCloudDiscoveryengineV1StreamAssistResponseSessionInfo + description: >- + Session information. Only included in the final StreamAssistResponse + of the response stream. assistToken: description: >- A global unique ID that identifies the current pair of request and stream of responses. Used for feedback and support. type: string - GoogleCloudDiscoveryengineV1AssistAnswer: - id: GoogleCloudDiscoveryengineV1AssistAnswer - description: AssistAnswer resource, main part of AssistResponse. - type: object + invocationTools: + type: array + items: + type: string + description: The tool names of the tools that were invoked. + GoogleCloudDiscoveryengineV1alphaImportSampleQueriesMetadata: properties: - name: - description: >- - Immutable. Identifier. Resource name of the `AssistAnswer`. Format: - `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}/sessions/{session}/assistAnswers/{assist_answer}` - This field must be a UTF-8 encoded string with a length limit of - 1024 characters. + createTime: + description: ImportSampleQueries operation create time. + format: google-datetime type: string - state: - description: State of the answer generation. + successCount: + format: int64 type: string - enumDescriptions: - - Unknown. - - Assist operation is currently in progress. - - Assist operation has failed. - - Assist operation has succeeded. - - Assist operation has been skipped. - enum: - - STATE_UNSPECIFIED - - IN_PROGRESS - - FAILED - - SUCCEEDED - - SKIPPED - replies: - description: Replies of the assistant. + description: Count of SampleQuerys successfully imported. + failureCount: + format: int64 + description: Count of SampleQuerys that failed to be imported. + type: string + totalCount: + type: string + format: int64 + description: Total count of SampleQuerys that were processed. + updateTime: + format: google-datetime + type: string + description: >- + ImportSampleQueries operation last update time. If the operation is + done, this is also the finish time. + id: GoogleCloudDiscoveryengineV1alphaImportSampleQueriesMetadata + description: >- + Metadata related to the progress of the ImportSampleQueries operation. + This will be returned by the google.longrunning.Operation.metadata + field. + type: object + GoogleCloudDiscoveryengineV1alphaRecrawlUrisResponse: + properties: + failureSamples: type: array + description: Details for a sample of up to 10 `failed_uris`. items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AssistAnswerReply' - assistSkippedReasons: - description: Reasons for not answering the assist call. - type: array + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaRecrawlUrisResponseFailureInfo + failedUris: items: type: string - enumDescriptions: - - Default value. Skip reason is not specified. - - >- - The assistant ignored the query, because it did not appear to be - answer-seeking. - - >- - The assistant ignored the query or refused to answer because of - a customer policy violation (e.g., the query or the answer - contained a banned phrase). - enum: - - ASSIST_SKIPPED_REASON_UNSPECIFIED - - NON_ASSIST_SEEKING_QUERY_IGNORED - - CUSTOMER_POLICY_VIOLATION - GoogleCloudDiscoveryengineV1AssistAnswerReply: - id: GoogleCloudDiscoveryengineV1AssistAnswerReply - description: One part of the multi-part response of the assist call. + description: URIs that were not crawled before the LRO terminated. + type: array + description: Response message for SiteSearchEngineService.RecrawlUris method. + id: GoogleCloudDiscoveryengineV1alphaRecrawlUrisResponse type: object - properties: - groundedContent: - description: Possibly grounded response text or media from the assistant. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AssistantGroundedContent - GoogleCloudDiscoveryengineV1AssistantGroundedContent: - id: GoogleCloudDiscoveryengineV1AssistantGroundedContent - description: >- - A piece of content and possibly its grounding information. Not all - content needs grounding. Phrases like "Of course, I will gladly search - it for you." do not need grounding. + GoogleCloudDiscoveryengineV1alphaSetUriPatternDocumentDataResponse: type: object + id: GoogleCloudDiscoveryengineV1alphaSetUriPatternDocumentDataResponse + description: >- + Response message for SiteSearchEngineService.SetUriPatternDocumentData + method. + properties: {} + GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfig: + id: GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfig properties: - textGroundingMetadata: - description: Metadata for grounding based on text sources. + digitalParsingConfig: + description: Configurations applied to digital parser. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadata - content: - description: The content. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AssistantContent' - GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadata: - id: >- - GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadata - description: Grounding details for text sources. + #/components/schemas/GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigDigitalParsingConfig + layoutParsingConfig: + description: Configurations applied to layout parser. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigLayoutParsingConfig + ocrParsingConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigOcrParsingConfig + description: >- + Configurations applied to OCR parser. Currently it only applies to + PDFs. + description: Related configurations applied to a specific type of document parser. type: object + GoogleCloudDiscoveryengineV1alphaSearchRequestFacetSpec: properties: - segments: - description: Grounding information for parts of the text. - type: array + limit: + format: int32 + description: >- + Maximum facet values that are returned for this facet. If + unspecified, defaults to 20. The maximum allowed value is 300. + Values above 300 are coerced to 300. For aggregation in healthcare + search, when the [FacetKey.key] is "healthcare_aggregation_key", the + limit will be overridden to 10,000 internally, regardless of the + value set here. If this field is negative, an `INVALID_ARGUMENT` is + returned. + type: integer + excludedFilterKeys: items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataSegment - references: - description: References for the grounded text. + type: string + description: >- + List of keys to exclude when faceting. By default, FacetKey.key is + not excluded from the filter unless it is listed in this field. + Listing a facet key in this field allows its values to appear as + facet results, even when they are filtered out of search results. + Using this field does not affect what search results are returned. + For example, suppose there are 100 documents with the color facet + "Red" and 200 documents with the color facet "Blue". A query + containing the filter "color:ANY("Red")" and having "color" as + FacetKey.key would by default return only "Red" documents in the + search results, and also return "Red" with count 100 as the only + color facet. Although there are also blue documents available, + "Blue" would not be shown as an available facet value. If "color" is + listed in "excludedFilterKeys", then the query returns the facet + values "Red" with count 100 and "Blue" with count 200, because the + "color" key is now excluded from the filter. Because this field + doesn't affect search results, the search results are still + correctly filtered to return only "Red" documents. A maximum of 100 + values are allowed. Otherwise, an `INVALID_ARGUMENT` error is + returned. type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataReference - GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataSegment: - id: >- - GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataSegment - description: Grounding information for a segment of the text. + enableDynamicPosition: + description: >- + Enables dynamic position for this facet. If set to true, the + position of this facet among all facets in the response is + determined automatically. If dynamic facets are enabled, it is + ordered together. If set to false, the position of this facet in the + response is the same as in the request, and it is ranked before the + facets with dynamic position enable and all dynamic facets. For + example, you may always want to have rating facet returned in the + response, but it's not necessarily to always display the rating + facet at the top. In that case, you can set enable_dynamic_position + to true so that the position of rating facet in response is + determined automatically. Another example, assuming you have the + following facets in the request: * "rating", enable_dynamic_position + = true * "price", enable_dynamic_position = false * "brands", + enable_dynamic_position = false And also you have a dynamic facets + enabled, which generates a facet `gender`. Then the final order of + the facets in the response can be ("price", "brands", "rating", + "gender") or ("price", "brands", "gender", "rating") depends on how + API orders "gender" and "rating" facets. However, notice that + "price" and "brands" are always ranked at first and second position + because their enable_dynamic_position is false. + type: boolean + facetKey: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestFacetSpecFacetKey + description: Required. The facet key specification. + description: A facet specification to perform faceted search. + id: GoogleCloudDiscoveryengineV1alphaSearchRequestFacetSpec + type: object + GoogleLongrunningCancelOperationRequest: + description: The request message for Operations.CancelOperation. + type: object + id: GoogleLongrunningCancelOperationRequest + properties: {} + GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpec: + description: Boost applies to documents which match a condition. + id: GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpec type: object properties: - startIndex: + boostControlSpec: description: >- - Zero-based index indicating the start of the segment, measured in - bytes of a UTF-8 string (i.e. characters encoded on multiple bytes - have a length of more than one). + Complex specification for custom ranking based on customer defined + attribute value. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpecBoostControlSpec + condition: + description: >- + An expression which specifies a boost condition. The syntax and + supported fields are the same as a filter expression. See + SearchRequest.filter for detail syntax and limitations. Examples: * + To boost documents with document ID "doc_1" or "doc_2", and color + "Red" or "Blue": `(document_id: ANY("doc_1", "doc_2")) AND (color: + ANY("Red", "Blue"))` type: string - format: int64 - endIndex: - description: End of the segment, exclusive. + boost: + format: float + description: >- + Strength of the condition boost, which should be in [-1, 1]. + Negative boost means demotion. Default is 0.0. Setting to 1.0 gives + the document a big promotion. However, it does not necessarily mean + that the boosted document will be the top result at all times, nor + that other documents will be excluded. Results could still be shown + even when none of them matches the condition. And results that are + significantly more relevant to the search query can still trump your + heavily favored but irrelevant documents. Setting to -1.0 gives the + document a big demotion. However, results that are deeply relevant + might still be shown. The document will have an upstream battle to + get a fairly high ranking, but it is not blocked out completely. + Setting to 0.0 means no boost applied. The boosting condition is + ignored. Only one of the (condition, boost) combination or the + boost_control_spec below are set. If both are set then the global + boost is ignored and the more fine-grained boost_control_spec is + applied. + type: number + GoogleCloudDiscoveryengineV1alphaSearchRequestNaturalLanguageQueryUnderstandingSpec: + description: >- + Specification to enable natural language understanding capabilities for + search requests. + properties: + geoSearchQueryDetectionFieldNames: + type: array + description: >- + Field names used for location-based filtering, where geolocation + filters are detected in natural language search queries. Only valid + when the FilterExtractionCondition is set to `ENABLED`. If this + field is set, it overrides the field names set in + ServingConfig.geo_search_query_detection_field_names. + items: + type: string + extractedFilterBehavior: + enum: + - EXTRACTED_FILTER_BEHAVIOR_UNSPECIFIED + - HARD_FILTER + - SOFT_BOOST type: string - format: int64 - referenceIndices: - description: References for the segment. + description: >- + Optional. Controls behavior of how extracted filters are applied to + the search. The default behavior depends on the request. For single + datastore structured search, the default is `HARD_FILTER`. For + multi-datastore search, the default behavior is `SOFT_BOOST`. + Location-based filters are always applied as hard filters, and the + `SOFT_BOOST` setting will not affect them. This field is only used + if + SearchRequest.natural_language_query_understanding_spec.filter_extraction_condition + is set to FilterExtractionCondition.ENABLED. + enumDescriptions: + - >- + `EXTRACTED_FILTER_BEHAVIOR_UNSPECIFIED` will use the default + behavior for extracted filters. For single datastore search, the + default is to apply as hard filters. For multi-datastore search, + the default is to apply as soft boosts. + - >- + Applies all extracted filters as hard filters on the results. + Results that do not pass the extracted filters will not be + returned in the result set. + - >- + Applies all extracted filters as soft boosts. Results that pass + the filters will be boosted up to higher ranks in the result set. + allowedFieldNames: + description: >- + Optional. Allowlist of fields that can be used for natural language + filter extraction. By default, if this is unspecified, all indexable + fields are eligible for natural language filter extraction (but are + not guaranteed to be used). If any fields are specified in + allowed_field_names, only the fields that are both marked as + indexable in the schema and specified in the allowlist will be + eligible for natural language filter extraction. Note: for + multi-datastore search, this is not yet supported, and will be + ignored. type: array items: - type: integer - format: int32 - groundingScore: - description: Score for the segment. - type: number - format: float - text: - description: The text segment itself. + type: string + filterExtractionCondition: + enumDescriptions: + - Server behavior defaults to `DISABLED`. + - Disables NL filter extraction. + - Enables NL filter extraction. type: string - GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataReference: + description: >- + The condition under which filter extraction should occur. Server + behavior defaults to `DISABLED`. + enum: + - CONDITION_UNSPECIFIED + - DISABLED + - ENABLED id: >- - GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataReference - description: Referenced content and related document metadata. + GoogleCloudDiscoveryengineV1alphaSearchRequestNaturalLanguageQueryUnderstandingSpec + type: object + GoogleCloudDiscoveryengineV1alphaAssistantGroundedContentTextGroundingMetadataReference: type: object properties: content: - description: Referenced text content. type: string + description: Referenced text content. documentMetadata: - description: Document metadata. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataReferenceDocumentMetadata - GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataReferenceDocumentMetadata: + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAssistantGroundedContentTextGroundingMetadataReferenceDocumentMetadata + description: Document metadata. id: >- - GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataReferenceDocumentMetadata - description: Document metadata. + GoogleCloudDiscoveryengineV1alphaAssistantGroundedContentTextGroundingMetadataReference + description: Referenced content and related document metadata. + GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservation: type: object properties: - document: - description: Document resource name. - type: string - uri: - description: >- - URI for the document. It may contain a URL that redirects to the - actual website. - type: string - title: - description: Title. - type: string - pageIdentifier: - description: Page identifier. - type: string - domain: + searchResults: + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResult description: >- - Domain name from the document URI. Note that the `uri` field may - contain a URL that redirects to the actual website, in which case - this will contain the domain name of the target site. - type: string - GoogleCloudDiscoveryengineV1AssistantContent: - id: GoogleCloudDiscoveryengineV1AssistantContent - description: Multi-modal content. - type: object + Search results observed by the search action, it can be snippets + info or chunk info, depending on the citation type set by the user. + type: array + id: GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservation + description: Observation. + GoogleCloudDiscoveryengineV1alphaSearchRequest: + id: GoogleCloudDiscoveryengineV1alphaSearchRequest properties: - text: - description: Inline text. - type: string - inlineData: - description: Inline binary data. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AssistantContentBlob - file: - description: A file, e.g., an audio summary. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AssistantContentFile - executableCode: - description: Code generated by the model that is meant to be executed. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AssistantContentExecutableCode - codeExecutionResult: - description: Result of executing an ExecutableCode. + params: + description: >- + Additional search parameters. For public website search only, + supported values are: * `user_country_code`: string. Default empty. + If set to non-empty, results are restricted or boosted based on the + location provided. For example, `user_country_code: "au"` For + available codes see [Country + Codes](https://developers.google.com/custom-search/docs/json_api_reference#countryCodes) + * `search_type`: double. Default empty. Enables non-webpage + searching depending on the value. The only valid non-default value + is 1, which enables image searching. For example, `search_type: 1` + type: object + additionalProperties: + type: any + relevanceScoreSpec: + description: Optional. The specification for returning the relevance score. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AssistantContentCodeExecutionResult - role: - description: The producer of the content. Can be "model" or "user". - type: string - thought: - description: Optional. Indicates if the part is thought from the model. + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestRelevanceScoreSpec + useLatestData: + description: >- + Uses the Engine, ServingConfig and Control freshly read from the + database. Note: this skips config cache and introduces dependency on + databases, which could significantly increase the API latency. It + should only be used for testing, but not serving end users. type: boolean - GoogleCloudDiscoveryengineV1AssistantContentBlob: - id: GoogleCloudDiscoveryengineV1AssistantContentBlob - description: Inline blob. - type: object - properties: - mimeType: - description: Required. The media type (MIME type) of the generated data. - type: string - data: - description: Required. Raw bytes. - type: string - format: byte - GoogleCloudDiscoveryengineV1AssistantContentFile: - id: GoogleCloudDiscoveryengineV1AssistantContentFile - description: A file, e.g., an audio summary. - type: object - properties: - mimeType: - description: Required. The media type (MIME type) of the file. - type: string - fileId: - description: Required. The file ID. - type: string - GoogleCloudDiscoveryengineV1AssistantContentExecutableCode: - id: GoogleCloudDiscoveryengineV1AssistantContentExecutableCode - description: Code generated by the model that is meant to be executed by the model. - type: object - properties: - code: - description: Required. The code content. Currently only supports Python. - type: string - GoogleCloudDiscoveryengineV1AssistantContentCodeExecutionResult: - id: GoogleCloudDiscoveryengineV1AssistantContentCodeExecutionResult - description: Result of executing ExecutableCode. - type: object - properties: - outcome: - description: Required. Outcome of the code execution. - type: string - enumDescriptions: - - Unspecified status. This value should not be used. - - Code execution completed successfully. - - >- - Code execution finished but with a failure. `stderr` should - contain the reason. - - >- - Code execution ran for too long, and was cancelled. There may or - may not be a partial output present. - enum: - - OUTCOME_UNSPECIFIED - - OUTCOME_OK - - OUTCOME_FAILED - - OUTCOME_DEADLINE_EXCEEDED - output: + userInfo: description: >- - Optional. Contains stdout when code execution is successful, stderr - or other description otherwise. - type: string - GoogleCloudDiscoveryengineV1StreamAssistResponseSessionInfo: - id: GoogleCloudDiscoveryengineV1StreamAssistResponseSessionInfo - description: Information about the session. - type: object - properties: - session: + Information about the end user. Highly recommended for analytics and + personalization. UserInfo.user_agent is used to deduce `device_type` + for analytics. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaUserInfo' + searchAddonSpec: description: >- - Name of the newly generated or continued session. Format: - `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}/sessions/{session}`. - type: string - GdataMedia: - id: GdataMedia - description: A reference to data stored on the filesystem, on GFS or in blobstore. - type: object - properties: - contentType: - description: MIME type of the data + Optional. SearchAddonSpec is used to disable add-ons for search as + per new repricing model. This field is only supported for search + requests. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestSearchAddonSpec + orderBy: type: string - timestamp: description: >- - Time at which the media data was last updated, in milliseconds since - UNIX epoch - type: string - format: uint64 - token: - description: A unique fingerprint/version id for the media data - type: string - length: - description: Size of the data, in bytes - type: string - format: int64 - filename: - description: Original file name - type: string - referenceType: - description: Describes what the field reference contains. - type: string - enumDescriptions: - - Reference contains a GFS path or a local path. - - >- - Reference points to a blobstore object. This could be either a v1 - blob_ref or a v2 blobstore2_info. Clients should check - blobstore2_info first, since v1 is being deprecated. - - Data is included into this proto buffer - - >- - Data should be accessed from the current service using the - operation GetMedia. - - >- - The content for this media object is stored across multiple - partial media objects under the composite_media field. - - Reference points to a bigstore object - - Indicates the data is stored in diff_version_response. - - Indicates the data is stored in diff_checksums_response. - - Indicates the data is stored in diff_download_response. - - Indicates the data is stored in diff_upload_request. - - Indicates the data is stored in diff_upload_response. - - Indicates the data is stored in cosmo_binary_reference. - - >- - Informs Scotty to generate a response payload with the size - specified in the length field. The contents of the payload are - generated by Scotty and are undefined. This is useful for testing - download speeds between the user and Scotty without involving a - real payload source. Note: range is not supported when using - arbitrary_bytes. - enum: - - PATH - - BLOB_REF - - INLINE - - GET_MEDIA - - COMPOSITE_MEDIA - - BIGSTORE_REF - - DIFF_VERSION_RESPONSE - - DIFF_CHECKSUMS_RESPONSE - - DIFF_DOWNLOAD_RESPONSE - - DIFF_UPLOAD_REQUEST - - DIFF_UPLOAD_RESPONSE - - COSMO_BINARY_REFERENCE - - ARBITRARY_BYTES - path: - description: Path to the data, set if reference_type is PATH - type: string - blobRef: - description: >- - Blobstore v1 reference, set if reference_type is BLOBSTORE_REF This - should be the byte representation of a blobstore.BlobRef. Since - Blobstore is deprecating v1, use blobstore2_info instead. For now, - any v2 blob will also be represented in this field as v1 BlobRef. - deprecated: true - type: string - format: byte - inline: - description: Media data, set if reference_type is INLINE - type: string - format: byte - mediaId: + The order in which documents are returned. Documents can be ordered + by a field in an Document object. Leave it unset if ordered by + relevance. `order_by` expression is case-sensitive. For more + information on ordering the website search results, see [Order web + search + results](https://cloud.google.com/generative-ai-app-builder/docs/order-web-search-results). + For more information on ordering the healthcare search results, see + [Order healthcare search + results](https://cloud.google.com/generative-ai-app-builder/docs/order-hc-results). + If this field is unrecognizable, an `INVALID_ARGUMENT` is returned. + queryExpansionSpec: description: >- - Media id to forward to the operation GetMedia. Can be set if - reference_type is GET_MEDIA. - type: string - format: byte - hash: - description: >- - Deprecated, use one of explicit hash type fields instead. These two - hash related fields will only be populated on Scotty based media - uploads and will contain the content of the hash group in the - NotificationRequest: - http://cs/#google3/blobstore2/api/scotty/service/proto/upload_listener.proto&q=class:Hash - Hex encoded hash value of the uploaded media. - deprecated: true + The query expansion specification that specifies the conditions + under which query expansion occurs. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestQueryExpansionSpec + query: type: string - algorithm: + description: Raw search query. + facetSpecs: + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestFacetSpec + type: array description: >- - Deprecated, use one of explicit hash type fields instead. Algorithm - used for calculating the hash. As of 2011/01/21, "MD5" is the only - possible value for this field. New values may be added at any time. - deprecated: true + Facet specifications for faceted search. If empty, no facets are + returned. A maximum of 100 values are allowed. Otherwise, an + `INVALID_ARGUMENT` error is returned. + branch: type: string - compositeMedia: description: >- - A composite media composed of one or more media objects, set if - reference_type is COMPOSITE_MEDIA. The media length field must be - set to the sum of the lengths of all composite media objects. Note: - All composite media must have length specified. - type: array + The branch resource name, such as + `projects/*/locations/global/collections/default_collection/dataStores/default_data_store/branches/0`. + Use `default_branch` as the branch ID or leave this field empty, to + search documents under the default branch. + pageCategories: + description: >- + Optional. The categories associated with a category page. Must be + set for category navigation queries to achieve good search quality. + The format should be the same as UserEvent.PageInfo.page_category. + This field is the equivalent of the query for browse (navigation) + queries. It's used by the browse model when the query is empty. If + the field is empty, it will not be used by the browse model. If the + field contains more than one element, only the first element will be + used. To represent full path of a category, use '>' character to + separate different hierarchies. If '>' is part of the category name, + replace it with other character(s). For example, `Graphics Cards > + RTX>4090 > Founders Edition` where "RTX > 4090" represents one + level, can be rewritten as `Graphics Cards > RTX_4090 > Founders + Edition` items: - $ref: '#/components/schemas/GdataCompositeMedia' - bigstoreObjectRef: - description: Use object_id instead. - deprecated: true - type: string - format: byte - objectId: - description: Reference to a TI Blob, set if reference_type is BIGSTORE_REF. - $ref: '#/components/schemas/GdataObjectId' - blobstore2Info: - description: >- - Blobstore v2 info, set if reference_type is BLOBSTORE_REF and it - refers to a v2 blob. - $ref: '#/components/schemas/GdataBlobstore2Info' - diffVersionResponse: - description: Set if reference_type is DIFF_VERSION_RESPONSE. - $ref: '#/components/schemas/GdataDiffVersionResponse' - diffChecksumsResponse: - description: Set if reference_type is DIFF_CHECKSUMS_RESPONSE. - $ref: '#/components/schemas/GdataDiffChecksumsResponse' - diffDownloadResponse: - description: Set if reference_type is DIFF_DOWNLOAD_RESPONSE. - $ref: '#/components/schemas/GdataDiffDownloadResponse' - diffUploadRequest: - description: Set if reference_type is DIFF_UPLOAD_REQUEST. - $ref: '#/components/schemas/GdataDiffUploadRequest' - diffUploadResponse: - description: Set if reference_type is DIFF_UPLOAD_RESPONSE. - $ref: '#/components/schemas/GdataDiffUploadResponse' - contentTypeInfo: - description: Extended content type information provided for Scotty uploads. - $ref: '#/components/schemas/GdataContentTypeInfo' - downloadParameters: - description: Parameters for a media download. - $ref: '#/components/schemas/GdataDownloadParameters' - crc32cHash: - description: >- - For Scotty Uploads: Scotty-provided hashes for uploads For Scotty - Downloads: (WARNING: DO NOT USE WITHOUT PERMISSION FROM THE SCOTTY - TEAM.) A Hash provided by the agent to be used to verify the data - being downloaded. Currently only supported for inline payloads. - Further, only crc32c_hash is currently supported. - type: integer - format: uint32 - md5Hash: - description: Scotty-provided MD5 hash for an upload. - type: string - format: byte - sha1Hash: - description: Scotty-provided SHA1 hash for an upload. - type: string - format: byte - sha256Hash: - description: Scotty-provided SHA256 hash for an upload. - type: string - format: byte - isPotentialRetry: + type: string + type: array + dataStoreSpecs: + type: array description: >- - |is_potential_retry| is set false only when Scotty is certain that - it has not sent the request before. When a client resumes an upload, - this field must be set true in agent calls, because Scotty cannot be - certain that it has never sent the request before due to potential - failure in the session state persistence. - type: boolean - cosmoBinaryReference: + Specifications that define the specific DataStores to be searched, + along with configurations for those data stores. This is only + considered for Engines with multiple data stores. For engines with a + single data store, the specs directly under SearchRequest should be + used. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestDataStoreSpec + canonicalFilter: description: >- - A binary data reference for a media download. Serves as a - technology-agnostic binary reference in some Google infrastructure. - This value is a serialized storage_cosmo.BinaryReference proto. - Storing it as bytes is a hack to get around the fact that the cosmo - proto (as well as others it includes) doesn't support JavaScript. - This prevents us from including the actual type of this field. - type: string - format: byte - hashVerified: + The default filter that is applied when a user performs a search + without checking any filters on the search page. The filter applied + to every search request when quality improvement such as query + expansion is needed. In the case a query does not have a sufficient + amount of results this filter will be used to determine whether or + not to enable the query expansion flow. The original filter will + still be used for the query expanded search. This field is strongly + recommended to achieve high search quality. For more information + about filter syntax, see SearchRequest.filter. + type: string + boostSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpec description: >- - For Scotty uploads only. If a user sends a hash code and the backend - has requested that Scotty verify the upload against the client hash, - Scotty will perform the check on behalf of the backend and will - reject it if the hashes don't match. This is set to true if Scotty - performed this verification. - type: boolean - GdataCompositeMedia: - id: GdataCompositeMedia - description: >- - A sequence of media data references representing composite data. - Introduced to support Bigstore composite objects. For details, visit - http://go/bigstore-composites. - type: object - properties: - length: - description: Size of the data, in bytes + Boost specification to boost certain documents. For more information + on boosting, see + [Boosting](https://cloud.google.com/generative-ai-app-builder/docs/boost-search-results) + pageToken: type: string - format: int64 - referenceType: - description: Describes what the field reference contains. + description: >- + A page token received from a previous SearchService.Search call. + Provide this to retrieve the subsequent page. When paginating, all + other parameters provided to SearchService.Search must match the + call that provided the page token. Otherwise, an `INVALID_ARGUMENT` + error is returned. + oneBoxPageSize: + description: >- + The maximum number of results to return for OneBox. This applies to + each OneBox type individually. Default number is 10. + type: integer + format: int32 + userLabels: + type: object + description: >- + The user labels applied to a resource must meet the following + requirements: * Each resource can have multiple labels, up to a + maximum of 64. * Each label must be a key-value pair. * Keys have a + minimum length of 1 character and a maximum length of 63 characters + and cannot be empty. Values can be empty and have a maximum length + of 63 characters. * Keys and values can contain only lowercase + letters, numeric characters, underscores, and dashes. All characters + must use UTF-8 encoding, and international characters are allowed. * + The key portion of a label must be unique. However, you can use the + same key with multiple resources. * Keys must start with a lowercase + letter or international character. See [Google Cloud + Document](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) + for more details. + additionalProperties: + type: string + naturalLanguageQueryUnderstandingSpec: + description: >- + Optional. Config for natural language query understanding + capabilities, such as extracting structured field filters from the + query. Refer to [this + documentation](https://cloud.google.com/generative-ai-app-builder/docs/natural-language-queries) + for more information. If `naturalLanguageQueryUnderstandingSpec` is + not specified, no additional natural language query understanding + will be done. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestNaturalLanguageQueryUnderstandingSpec + filter: + description: >- + The filter syntax consists of an expression language for + constructing a predicate from one or more fields of the documents + being filtered. Filter expression is case-sensitive. If this field + is unrecognizable, an `INVALID_ARGUMENT` is returned. Filtering in + Vertex AI Search is done by mapping the LHS filter key to a key + property defined in the Vertex AI Search backend -- this mapping is + defined by the customer in their schema. For example a media + customer might have a field 'name' in their schema. In this case the + filter would look like this: filter --> name:'ANY("king kong")' For + more information about filtering including syntax and filter + operators, see + [Filter](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) + type: string + displaySpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestDisplaySpec + description: >- + Optional. Config for display feature, like match highlighting on + search results. + pageSize: + description: >- + Maximum number of Documents to return. The maximum allowed value + depends on the data type. Values above the maximum value are coerced + to the maximum value. * Websites with basic indexing: Default `10`, + Maximum `25`. * Websites with advanced indexing: Default `25`, + Maximum `50`. * Other: Default `50`, Maximum `100`. If this field is + negative, an `INVALID_ARGUMENT` is returned. + type: integer + format: int32 + sessionSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestSessionSpec + description: Session specification. Can be used only when `session` is set. + session: type: string + description: >- + The session resource name. Optional. Session allows users to do + multi-turn /search API calls or coordination between /search API + calls and /answer API calls. Example #1 (multi-turn /search API + calls): Call /search API with the session ID generated in the first + call. Here, the previous search query gets considered in query + standing. I.e., if the first query is "How did Alphabet do in 2022?" + and the current query is "How about 2023?", the current query will + be interpreted as "How did Alphabet do in 2023?". Example #2 + (coordination between /search API calls and /answer API calls): Call + /answer API with the session ID generated in the first call. Here, + the answer generation happens in the context of the search results + from the first search call. Multi-turn Search feature is currently + at private GA stage. Please use v1alpha or v1beta version instead + before we launch this feature to public GA. Or ask for allowlisting + through Google Support team. + safeSearch: + description: >- + Whether to turn on safe search. This is only supported for website + search. + type: boolean + contentSearchSpec: + description: A specification for configuring the behavior of content search. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpec + relevanceThreshold: enumDescriptions: - - Reference contains a GFS path or a local path. - >- - Reference points to a blobstore object. This could be either a v1 - blob_ref or a v2 blobstore2_info. Clients should check - blobstore2_info first, since v1 is being deprecated. - - Data is included into this proto buffer - - Reference points to a bigstore object - - Indicates the data is stored in cosmo_binary_reference. + Default value. In this case, server behavior defaults to Google + defined threshold. + - Lowest relevance threshold. + - Low relevance threshold. + - Medium relevance threshold. + - High relevance threshold. enum: - - PATH - - BLOB_REF - - INLINE - - BIGSTORE_REF - - COSMO_BINARY_REFERENCE - path: - description: Path to the data, set if reference_type is PATH - type: string - blobRef: - description: >- - Blobstore v1 reference, set if reference_type is BLOBSTORE_REF This - should be the byte representation of a blobstore.BlobRef. Since - Blobstore is deprecating v1, use blobstore2_info instead. For now, - any v2 blob will also be represented in this field as v1 BlobRef. - deprecated: true + - RELEVANCE_THRESHOLD_UNSPECIFIED + - LOWEST + - LOW + - MEDIUM + - HIGH type: string - format: byte - inline: - description: Media data, set if reference_type is INLINE + description: >- + The relevance threshold of the search results. Default to Google + defined threshold, leveraging a balance of precision and recall to + deliver both highly accurate results and comprehensive coverage of + relevant information. This feature is not supported for healthcare + search. + servingConfig: + description: >- + Required. The resource name of the Search serving config, such as + `projects/*/locations/global/collections/default_collection/engines/*/servingConfigs/default_serving_config`, + or + `projects/*/locations/global/collections/default_collection/dataStores/default_data_store/servingConfigs/default_serving_config`. + This field is used to identify the serving configuration name, set + of models used to make the search. type: string - format: byte - objectId: - description: Reference to a TI Blob, set if reference_type is BIGSTORE_REF. - $ref: '#/components/schemas/GdataObjectId' - blobstore2Info: - description: >- - Blobstore v2 info, set if reference_type is BLOBSTORE_REF and it - refers to a v2 blob. - $ref: '#/components/schemas/GdataBlobstore2Info' - cosmoBinaryReference: - description: >- - A binary data reference for a media download. Serves as a - technology-agnostic binary reference in some Google infrastructure. - This value is a serialized storage_cosmo.BinaryReference proto. - Storing it as bytes is a hack to get around the fact that the cosmo - proto (as well as others it includes) doesn't support JavaScript. - This prevents us from including the actual type of this field. + userPseudoId: type: string - format: byte - crc32cHash: - description: crc32.c hash for the payload. + description: >- + Optional. A unique identifier for tracking visitors. For example, + this could be implemented with an HTTP cookie, which should be able + to uniquely identify a visitor on a single device. This unique + identifier should not change if the visitor logs in or out of the + website. This field should NOT have a fixed value such as + `unknown_visitor`. This should be the same identifier as + UserEvent.user_pseudo_id and CompleteQueryRequest.user_pseudo_id The + field must be a UTF-8 encoded string with a length limit of 128 + characters. Otherwise, an `INVALID_ARGUMENT` error is returned. + searchAsYouTypeSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestSearchAsYouTypeSpec + description: >- + Search as you type configuration. Only supported for the + IndustryVertical.MEDIA vertical. + regionCode: + type: string + description: >- + The Unicode country/region code (CLDR) of a location, such as "US" + and "419". For more information, see [Standard + fields](https://cloud.google.com/apis/design/standard_fields). If + set, then results will be boosted based on the region_code provided. + rankingExpressionBackend: + description: Optional. The backend to use for the ranking expression evaluation. + enumDescriptions: + - Default option for unspecified/unknown values. + - >- + Deprecated: Use `RANK_BY_EMBEDDING` instead. Ranking by custom + embedding model, the default way to evaluate the ranking + expression. Legacy enum option, `RANK_BY_EMBEDDING` should be used + instead. + - >- + Deprecated: Use `RANK_BY_FORMULA` instead. Ranking by custom + formula. Legacy enum option, `RANK_BY_FORMULA` should be used + instead. + - >- + Ranking by custom embedding model, the default way to evaluate the + ranking expression. + - Ranking by custom formula. + enum: + - RANKING_EXPRESSION_BACKEND_UNSPECIFIED + - BYOE + - CLEARBOX + - RANK_BY_EMBEDDING + - RANK_BY_FORMULA + type: string + enumDeprecated: + - false + - true + - true + - false + - false + crowdingSpecs: + description: >- + Optional. Crowding specifications for improving result diversity. If + multiple CrowdingSpecs are specified, crowding will be evaluated on + each unique combination of the `field` values, and max_count will be + the maximum value of `max_count` across all CrowdingSpecs. For + example, if the first CrowdingSpec has `field` = "color" and + `max_count` = 3, and the second CrowdingSpec has `field` = "size" + and `max_count` = 2, then after 3 documents that share the same + color AND size have been returned, subsequent ones should be removed + or demoted. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestCrowdingSpec + type: array + offset: type: integer - format: uint32 - md5Hash: - description: MD5 hash for the payload. + description: >- + A 0-indexed integer that specifies the current offset (that is, + starting result location, amongst the Documents deemed by the API as + relevant) in search results. This field is only considered if + page_token is unset. If this field is negative, an + `INVALID_ARGUMENT` is returned. A large offset may be capped to a + reasonable threshold. + format: int32 + customFineTuningSpec: + description: >- + Custom fine tuning configs. If set, it has higher priority than the + configs set in ServingConfig.custom_fine_tuning_spec. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaCustomFineTuningSpec + rankingExpression: type: string - format: byte - sha1Hash: - description: SHA-1 hash for the payload. + description: >- + Optional. The ranking expression controls the customized ranking on + retrieval documents. This overrides + ServingConfig.ranking_expression. The syntax and supported features + depend on the `ranking_expression_backend` value. If + `ranking_expression_backend` is not provided, it defaults to + `RANK_BY_EMBEDDING`. If ranking_expression_backend is not provided + or set to `RANK_BY_EMBEDDING`, it should be a single function or + multiple functions that are joined by "+". * ranking_expression = + function, { " + ", function }; Supported functions: * double * + relevance_score * double * dotProduct(embedding_field_path) Function + variables: * `relevance_score`: pre-defined keywords, used for + measure relevance between query and document. * + `embedding_field_path`: the document embedding field used with query + embedding vector. * `dotProduct`: embedding function between + `embedding_field_path` and query embedding vector. Example ranking + expression: If document has an embedding field doc_embedding, the + ranking expression could be `0.5 * relevance_score + 0.3 * + dotProduct(doc_embedding)`. If ranking_expression_backend is set to + `RANK_BY_FORMULA`, the following expression types (and combinations + of those chained using + or * operators) are supported: * `double` * + `signal` * `log(signal)` * `exp(signal)` * `rr(signal, double > 0)` + -- reciprocal rank transformation with second argument being a + denominator constant. * `is_nan(signal)` -- returns 0 if signal is + NaN, 1 otherwise. * `fill_nan(signal1, signal2 | double)` -- if + signal1 is NaN, returns signal2 | double, else returns signal1. Here + are a few examples of ranking formulas that use the supported + ranking expression types: - `0.2 * semantic_similarity_score + 0.8 * + log(keyword_similarity_score)` -- mostly rank by the logarithm of + `keyword_similarity_score` with slight `semantic_smilarity_score` + adjustment. - `0.2 * exp(fill_nan(semantic_similarity_score, 0)) + + 0.3 * is_nan(keyword_similarity_score)` -- rank by the exponent of + `semantic_similarity_score` filling the value with 0 if it's NaN, + also add constant 0.3 adjustment to the final score if + `semantic_similarity_score` is NaN. - `0.2 * + rr(semantic_similarity_score, 16) + 0.8 * + rr(keyword_similarity_score, 16)` -- mostly rank by the reciprocal + rank of `keyword_similarity_score` with slight adjustment of + reciprocal rank of `semantic_smilarity_score`. The following signals + are supported: * `semantic_similarity_score`: semantic similarity + adjustment that is calculated using the embeddings generated by a + proprietary Google model. This score determines how semantically + similar a search query is to a document. * + `keyword_similarity_score`: keyword match adjustment uses the Best + Match 25 (BM25) ranking function. This score is calculated using a + probabilistic model to estimate the probability that a document is + relevant to a given query. * `relevance_score`: semantic relevance + adjustment that uses a proprietary Google model to determine the + meaning and intent behind a user's query in context with the content + in the documents. * `pctr_rank`: predicted conversion rate + adjustment as a rank use predicted Click-through rate (pCTR) to + gauge the relevance and attractiveness of a search result from a + user's perspective. A higher pCTR suggests that the result is more + likely to satisfy the user's query and intent, making it a valuable + signal for ranking. * `freshness_rank`: freshness adjustment as a + rank * `document_age`: The time in hours elapsed since the document + was last updated, a floating-point number (e.g., 0.25 means 15 + minutes). * `topicality_rank`: topicality adjustment as a rank. Uses + proprietary Google model to determine the keyword-based overlap + between the query and the document. * `base_rank`: the default rank + of the result + imageQuery: + description: Raw image query. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestImageQuery + embeddingSpec: + description: >- + Uses the provided embedding to do additional semantic document + retrieval. The retrieval is based on the dot product of + SearchRequest.EmbeddingSpec.EmbeddingVector.vector and the document + embedding that is provided in + SearchRequest.EmbeddingSpec.EmbeddingVector.field_path. If + SearchRequest.EmbeddingSpec.EmbeddingVector.field_path is not + provided, it will use ServingConfig.EmbeddingConfig.field_path. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestEmbeddingSpec + languageCode: + description: >- + The BCP-47 language code, such as "en-US" or "sr-Latn". For more + information, see [Standard + fields](https://cloud.google.com/apis/design/standard_fields). This + field helps to better interpret the query. If a value isn't + specified, the query language code is automatically detected, which + may not be accurate. type: string - format: byte - GdataObjectId: - id: GdataObjectId - description: >- - This is a copy of the tech.blob.ObjectId proto, which could not be used - directly here due to transitive closure issues with JavaScript support; - see http://b/8801763. + spellCorrectionSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestSpellCorrectionSpec + description: >- + The spell correction specification that specifies the mode under + which spell correction takes effect. + personalizationSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestPersonalizationSpec + description: >- + The specification for personalization. Notice that if both + ServingConfig.personalization_spec and + SearchRequest.personalization_spec are set, + SearchRequest.personalization_spec overrides + ServingConfig.personalization_spec. + description: Request message for SearchService.Search method. type: object + GoogleCloudDiscoveryengineV1DataConnectorFederatedConfig: properties: - bucketName: - description: The name of the bucket to which this object belongs. - type: string - objectName: - description: The name of the object. - type: string - generation: + authParams: description: >- - Generation of the object. Generations are monotonically increasing - across writes, allowing them to be be compared to determine which - generation is newer. If this is omitted in a request, then you are - requesting the live object. See http://go/bigstore-versions + Optional. Any authentication parameters specific to FEDERATED + connectors. + additionalProperties: + type: any + description: Properties of the object. + type: object + additionalParams: + additionalProperties: + type: any + description: Properties of the object. + type: object + description: Optional. Any additional parameters needed for FEDERATED. + jsonAuthParams: type: string - format: int64 - GdataBlobstore2Info: - id: GdataBlobstore2Info - description: Information to read/write to blobstore2. + description: >- + Optional. Any authentication parameters specific to FEDERATED + connectors in json string format. + id: GoogleCloudDiscoveryengineV1DataConnectorFederatedConfig + type: object + description: >- + Any params and credentials used specifically for hybrid connectors + supporting FEDERATED mode. + GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaDataChunkInfo: + description: Chunk information. + id: >- + GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaDataChunkInfo type: object properties: - blobId: - description: The blob id, e.g., /blobstore/prod/playground/scotty - type: string - blobGeneration: - description: The blob generation id. + content: type: string - format: int64 - readToken: + description: Chunk textual content. It is limited to 8000 characters. + documentMetadata: + description: Metadata of the document from the current chunk. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaDataChunkInfoDocumentMetadata + GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpecModelPromptSpec: + id: >- + GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpecModelPromptSpec + description: Specification of the prompt to use with the model. + type: object + properties: + preamble: description: >- - The blob read token. Needed to read blobs that have not been - replicated. Might not be available until the final call. + Text at the beginning of the prompt that instructs the assistant. + Examples are available in the user guide. type: string - uploadMetadataContainer: + GoogleCloudDiscoveryengineV1SearchResponseFacetFacetValue: + id: GoogleCloudDiscoveryengineV1SearchResponseFacetFacetValue + properties: + interval: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Interval' description: >- - Metadata passed from Blobstore -> Scotty for a new GCS upload. This - is a signed, serialized blobstore2.BlobMetadataContainer proto which - must never be consumed outside of Bigstore, and is not applicable to - non-GCS media uploads. + Interval value for a facet, such as 10, 20) for facet "price". It + matches [SearchRequest.FacetSpec.FacetKey.intervals. + count: + description: Number of items that have this facet value. + format: int64 type: string - format: byte - downloadReadHandle: - description: >- - Read handle passed from Bigstore -> Scotty for a GCS download. This - is a signed, serialized blobstore2.ReadHandle proto which must never - be set outside of Bigstore, and is not applicable to non-GCS media - downloads. + value: + description: Text value of a facet, such as "Black" for facet "colors". type: string - format: byte - GdataDiffVersionResponse: - id: GdataDiffVersionResponse - description: >- - Backend response for a Diff get version response. For details on the - Scotty Diff protocol, visit http://go/scotty-diff-protocol. + description: A facet value which contains value names and their count. type: object + GoogleCloudDiscoveryengineV1DeleteSchemaMetadata: + id: GoogleCloudDiscoveryengineV1DeleteSchemaMetadata + description: Metadata for DeleteSchema LRO. properties: - objectVersion: - description: The version of the object stored at the server. + updateTime: + format: google-datetime + description: >- + Operation last update time. If the operation is done, this is also + the finish time. type: string - objectSizeBytes: - description: The total size of the server object. + createTime: + description: Operation create time. type: string - format: int64 - GdataDiffChecksumsResponse: - id: GdataDiffChecksumsResponse + format: google-datetime + type: object + GoogleCloudDiscoveryengineV1PurgeSuggestionDenyListEntriesRequest: + id: GoogleCloudDiscoveryengineV1PurgeSuggestionDenyListEntriesRequest + properties: {} description: >- - Backend response for a Diff get checksums response. For details on the - Scotty Diff protocol, visit http://go/scotty-diff-protocol. + Request message for CompletionService.PurgeSuggestionDenyListEntries + method. type: object + GoogleCloudDiscoveryengineV1DeleteTargetSiteMetadata: properties: - objectVersion: - description: >- - The object version of the object the checksums are being returned - for. - type: string - objectSizeBytes: - description: The total size of the server object. + createTime: + description: Operation create time. type: string - format: int64 - chunkSizeBytes: - description: The chunk size of checksums. Must be a multiple of 256KB. + format: google-datetime + updateTime: type: string - format: int64 - checksumsLocation: description: >- - Exactly one of these fields must be populated. If checksums_location - is filled, the server will return the corresponding contents to the - user. If object_location is filled, the server will calculate the - checksums based on the content there and return that to the user. - For details on the format of the checksums, see - http://go/scotty-diff-protocol. - $ref: '#/components/schemas/GdataCompositeMedia' - objectLocation: - description: >- - If set, calculate the checksums based on the contents and return - them to the caller. - $ref: '#/components/schemas/GdataCompositeMedia' - GdataDiffDownloadResponse: - id: GdataDiffDownloadResponse + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + id: GoogleCloudDiscoveryengineV1DeleteTargetSiteMetadata description: >- - Backend response for a Diff download response. For details on the Scotty - Diff protocol, visit http://go/scotty-diff-protocol. + Metadata related to the progress of the + SiteSearchEngineService.DeleteTargetSite operation. This will be + returned by the google.longrunning.Operation.metadata field. type: object - properties: - objectLocation: - description: The original object location. - $ref: '#/components/schemas/GdataCompositeMedia' - GdataDiffUploadRequest: - id: GdataDiffUploadRequest - description: >- - A Diff upload request. For details on the Scotty Diff protocol, visit - http://go/scotty-diff-protocol. + GoogleCloudDiscoveryengineV1alphaAnswerReferenceChunkInfo: type: object + id: GoogleCloudDiscoveryengineV1alphaAnswerReferenceChunkInfo properties: - objectVersion: + relevanceScore: + format: float description: >- - The object version of the object that is the base version the - incoming diff script will be applied to. This field will always be - filled in. + The relevance of the chunk for a given query. Values range from 0.0 + (completely irrelevant) to 1.0 (completely relevant). This value is + for informational purpose only. It may change for the same query and + chunk at any time due to a model retraining or change in + implementation. + type: number + blobAttachmentIndexes: + type: array + description: Output only. Stores indexes of blobattachments linked to this chunk. + items: + type: string + format: int64 + readOnly: true + content: + description: Chunk textual content. type: string - objectInfo: - description: >- - The location of the new object. Agents must clone the object located - here, as the upload server will delete the contents once a response - is received. - $ref: '#/components/schemas/GdataCompositeMedia' - checksumsInfo: - description: >- - The location of the checksums for the new object. Agents must clone - the object located here, as the upload server will delete the - contents once a response is received. For details on the format of - the checksums, see http://go/scotty-diff-protocol. - $ref: '#/components/schemas/GdataCompositeMedia' - GdataDiffUploadResponse: - id: GdataDiffUploadResponse - description: >- - Backend response for a Diff upload request. For details on the Scotty - Diff protocol, visit http://go/scotty-diff-protocol. + chunk: + description: Chunk resource name. + type: string + documentMetadata: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerReferenceChunkInfoDocumentMetadata + description: Document metadata. + description: Chunk information. + GoogleCloudDiscoveryengineV1alphaAnswerStepAction: + description: Action. + id: GoogleCloudDiscoveryengineV1alphaAnswerStepAction + properties: + observation: + description: Observation. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservation + searchAction: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerStepActionSearchAction + description: Search action. type: object + GoogleCloudDiscoveryengineV1AnswerQueryRequestGroundingSpec: + id: GoogleCloudDiscoveryengineV1AnswerQueryRequestGroundingSpec + type: object + description: Grounding specification. properties: - objectVersion: + includeGroundingSupports: description: >- - The object version of the object at the server. Must be included in - the end notification response. The version in the end notification - response must correspond to the new version of the object that is - now stored at the server, after the upload. + Optional. Specifies whether to include grounding_supports in the + answer. The default value is `false`. When this field is set to + `true`, returned answer will have `grounding_score` and will contain + GroundingSupports for each claim. + type: boolean + filteringLevel: type: string - originalObject: description: >- - The location of the original file for a diff upload request. Must be - filled in if responding to an upload start notification. - $ref: '#/components/schemas/GdataCompositeMedia' - GdataContentTypeInfo: - id: GdataContentTypeInfo - description: >- - Detailed Content-Type information from Scotty. The Content-Type of the - media will typically be filled in by the header or Scotty's best_guess, - but this extended information provides the backend with more information - so that it can make a better decision if needed. This is only used on - media upload requests from Scotty. + Optional. Specifies whether to enable the filtering based on + grounding score and at what level. + enumDescriptions: + - Default is no filter + - Filter answers based on a low threshold. + - Filter answers based on a high threshold. + enum: + - FILTERING_LEVEL_UNSPECIFIED + - FILTERING_LEVEL_LOW + - FILTERING_LEVEL_HIGH + GoogleCloudDiscoveryengineV1ProjectConfigurableBillingStatus: type: object properties: - bestGuess: - description: Scotty's best guess of what the content type of the file is. - type: string - fromHeader: - description: >- - The content type of the file as specified in the request headers, - multipart headers, or RUPIO start request. + effectiveIndexingCoreThreshold: + format: int64 type: string - fromFileName: description: >- - The content type of the file derived from the file extension of the - original file name used by the client. - type: string - fromUrlPath: + Optional. The currently effective Indexing Core threshold. This is + the threshold against which Indexing Core usage is compared for + overage calculations. + startTime: description: >- - The content type of the file derived from the file extension of the - URL path. The URL path is assumed to represent a file name (which is - typically only true for agents that are providing a REST API). + Optional. The start time of the currently active billing + subscription. + format: google-datetime type: string - fromBytes: + effectiveSearchQpmThreshold: description: >- - The content type of the file derived by looking at specific bytes - (i.e. "magic bytes") of the actual file. + Optional. The currently effective Search QPM threshold in queries + per minute. This is the threshold against which QPM usage is + compared for overage calculations. + format: int64 type: string - GdataDownloadParameters: - id: GdataDownloadParameters - description: Parameters specific to media downloads. + description: >- + Represents the currently effective configurable billing parameters. + These values are derived from the customer's subscription history stored + internally and reflect the thresholds actively being used for billing + purposes at the time of the GetProject call. This includes the + start_time of the subscription and may differ from the values in + `customer_provided_config` due to billing rules (e.g., scale-downs + taking effect only at the start of a new month). + id: GoogleCloudDiscoveryengineV1ProjectConfigurableBillingStatus + GoogleCloudDiscoveryengineV1alphaExportMetricsResponse: type: object + properties: {} + id: GoogleCloudDiscoveryengineV1alphaExportMetricsResponse + description: >- + Response of the ExportMetricsRequest. If the long running operation was + successful, then this message is returned by the + google.longrunning.Operations.response field. + GoogleCloudDiscoveryengineV1alphaAssistAnswerCustomerPolicyEnforcementResultBannedPhraseEnforcementResult: + description: Customer policy enforcement result for the banned phrase policy. + id: >- + GoogleCloudDiscoveryengineV1alphaAssistAnswerCustomerPolicyEnforcementResultBannedPhraseEnforcementResult properties: - allowGzipCompression: - description: >- - A boolean to be returned in the response to Scotty. Allows/disallows - gzip encoding of the payload content when the server thinks it's - advantageous (hence, does not guarantee compression) which allows - Scotty to GZip the response to the client. - type: boolean - ignoreRange: - description: >- - Determining whether or not Apiary should skip the inclusion of any - Content-Range header on its response to Scotty. - type: boolean - GoogleCloudDiscoveryengineV1Assistant: - id: GoogleCloudDiscoveryengineV1Assistant - description: Discovery Engine Assistant resource. + bannedPhrases: + description: The banned phrases that were found in the query or the answer. + items: + type: string + type: array + type: object + GoogleCloudDiscoveryengineV1alphaProjectServiceTerms: type: object properties: - name: + state: description: >- - Immutable. Resource name of the assistant. Format: - `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}/assistants/{assistant}` - It must be a UTF-8 encoded string with a length limit of 1024 - characters. + Whether the project has accepted/rejected the service terms or it is + still pending. + enum: + - STATE_UNSPECIFIED + - TERMS_ACCEPTED + - TERMS_PENDING + - TERMS_DECLINED + enumDescriptions: + - The default value of the enum. This value is not actually used. + - The project has given consent to the terms of service. + - The project is pending to review and accept the terms of service. + - >- + The project has declined or revoked the agreement to terms of + service. type: string - generationConfig: + version: description: >- - Optional. Configuration for the generation of the assistant - response. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AssistantGenerationConfig - webGroundingType: - description: Optional. The type of web grounding to use. + The version string of the terms of service. For acceptable values, + see the comments for id above. type: string - enumDescriptions: - - Default, unspecified setting. This is the same as disabled. - - Web grounding is disabled. - - Grounding with Google Search is enabled. - - Grounding with Enterprise Web Search is enabled. - enum: - - WEB_GROUNDING_TYPE_UNSPECIFIED - - WEB_GROUNDING_TYPE_DISABLED - - WEB_GROUNDING_TYPE_GOOGLE_SEARCH - - WEB_GROUNDING_TYPE_ENTERPRISE_WEB_SEARCH - enabledTools: - description: >- - Optional. Note: not implemented yet. Use enabled_actions instead. - The enabled tools on this assistant. The keys are connector name, - for example - "projects/{projectId}/locations/{locationId}/collections/{collectionId}/dataconnector - The values consist of admin enabled tools towards the connector - instance. Admin can selectively enable multiple tools on any of the - connector instances that they created in the project. For example - {"jira1ConnectorName": [(toolId1, "createTicket"), (toolId2, - "transferTicket")], "gmail1ConnectorName": [(toolId3, - "sendEmail"),..] } - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AssistantToolList' - customerPolicy: - description: Optional. Customer policy for the assistant. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AssistantCustomerPolicy - GoogleCloudDiscoveryengineV1AssistantGenerationConfig: - id: GoogleCloudDiscoveryengineV1AssistantGenerationConfig - description: Configuration for the generation of the assistant response. - type: object - properties: - systemInstruction: - description: >- - System instruction, also known as the prompt preamble for LLM calls. - See also - https://cloud.google.com/vertex-ai/generative-ai/docs/learn/prompts/system-instructions - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AssistantGenerationConfigSystemInstruction - defaultLanguage: + declineTime: description: >- - The default language to use for the generation of the assistant - response. Use an ISO 639-1 language code such as `en`. If not - specified, the language will be automatically detected. + The last time when the project declined or revoked the agreement to + terms of service. + format: google-datetime type: string - GoogleCloudDiscoveryengineV1AssistantGenerationConfigSystemInstruction: - id: GoogleCloudDiscoveryengineV1AssistantGenerationConfigSystemInstruction - description: System instruction, also known as the prompt preamble for LLM calls. - type: object - properties: - additionalSystemInstruction: - description: >- - Optional. Additional system instruction that will be added to the - default system instruction. + acceptTime: type: string - GoogleCloudDiscoveryengineV1AssistantToolList: - id: GoogleCloudDiscoveryengineV1AssistantToolList - description: The enabled tools on a connector - type: object + format: google-datetime + description: The last time when the project agreed to the terms of service. + id: + type: string + description: >- + The unique identifier of this terms of service. Available terms: * + `GA_DATA_USE_TERMS`: [Terms for data + use](https://cloud.google.com/retail/data-use-terms). When using + this as `id`, the acceptable version to provide is `2022-11-23`. + id: GoogleCloudDiscoveryengineV1alphaProjectServiceTerms + description: Metadata about the terms of service. + GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadata: properties: - toolInfo: - description: The list of tools with corresponding tool information. + segments: + description: Grounding information for parts of the text. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataSegment type: array + references: + description: References for the grounded text. items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AssistantToolInfo' - GoogleCloudDiscoveryengineV1AssistantToolInfo: - id: GoogleCloudDiscoveryengineV1AssistantToolInfo - description: Information to identify a tool. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataReference + type: array + description: Grounding details for text sources. type: object + id: >- + GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadata + GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataReferenceDocumentMetadata: + id: >- + GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataReferenceDocumentMetadata properties: - toolName: + uri: + type: string description: >- - The name of the tool as defined by - DataConnectorService.QueryAvailableActions. Note: it's using - `action` in the DataConnectorService apis, but they are the same as - the `tool` here. + URI for the document. It may contain a URL that redirects to the + actual website. + title: type: string - toolDisplayName: - description: The display name of the tool. + description: Title. + mimeType: + description: >- + The mime type of the document. + https://www.iana.org/assignments/media-types/media-types.xhtml. type: string - GoogleCloudDiscoveryengineV1AssistantCustomerPolicy: - id: GoogleCloudDiscoveryengineV1AssistantCustomerPolicy - description: Customer-defined policy for the assistant. + pageIdentifier: + type: string + description: Page identifier. + domain: + description: >- + Domain name from the document URI. Note that the `uri` field may + contain a URL that redirects to the actual website, in which case + this will contain the domain name of the target site. + type: string + document: + description: Document resource name. + type: string + description: Document metadata. type: object - properties: - bannedPhrases: - description: Optional. List of banned phrases. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AssistantCustomerPolicyBannedPhrase - GoogleCloudDiscoveryengineV1AssistantCustomerPolicyBannedPhrase: - id: GoogleCloudDiscoveryengineV1AssistantCustomerPolicyBannedPhrase - description: >- - Definition of a customer-defined banned phrase. A banned phrase is not - allowed to appear in the user query or the LLM response, or else the - answer will be refused. + GoogleCloudDiscoveryengineV1SingleRegionKey: type: object properties: - phrase: - description: Required. The raw string content to be banned. - type: string - matchType: - description: Optional. Match type for the banned phrase. + kmsKey: type: string - enumDescriptions: - - Defaults to SIMPLE_STRING_MATCH. - - >- - The banned phrase matches if it is found anywhere in the text as - an exact substring. - - >- - Banned phrase only matches if the pattern found in the text is - surrounded by word delimiters. The phrase itself may still contain - word delimiters. - enum: - - BANNED_PHRASE_MATCH_TYPE_UNSPECIFIED - - SIMPLE_STRING_MATCH - - WORD_BOUNDARY_STRING_MATCH - ignoreDiacritics: description: >- - Optional. If true, diacritical marks (e.g., accents, umlauts) are - ignored when matching banned phrases. For example, "cafe" would - match "café". - type: boolean - GoogleCloudDiscoveryengineV1CmekConfig: - id: GoogleCloudDiscoveryengineV1CmekConfig - description: Configurations used to enable CMEK data encryption with Cloud KMS keys. + Required. Single-regional kms key resource name which will be used + to encrypt resources + `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{keyId}`. + description: Metadata for single-regional CMEKs. + id: GoogleCloudDiscoveryengineV1SingleRegionKey + GoogleCloudDiscoveryengineV1SearchRequestNaturalLanguageQueryUnderstandingSpec: + description: >- + Specification to enable natural language understanding capabilities for + search requests. type: object properties: - name: + filterExtractionCondition: + enumDescriptions: + - Server behavior defaults to `DISABLED`. + - Disables NL filter extraction. + - Enables NL filter extraction. + enum: + - CONDITION_UNSPECIFIED + - DISABLED + - ENABLED description: >- - Required. The name of the CmekConfig of the form - `projects/{project}/locations/{location}/cmekConfig` or - `projects/{project}/locations/{location}/cmekConfigs/{cmek_config}`. + The condition under which filter extraction should occur. Server + behavior defaults to `DISABLED`. type: string - kmsKey: - description: >- - Required. KMS key resource name which will be used to encrypt - resources - `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{keyId}`. + extractedFilterBehavior: type: string - kmsKeyVersion: description: >- - Output only. KMS key version resource name which will be used to - encrypt resources `/cryptoKeyVersions/{keyVersion}`. - readOnly: true - type: string - state: - description: Output only. The states of the CmekConfig. - readOnly: true - type: string + Optional. Controls behavior of how extracted filters are applied to + the search. The default behavior depends on the request. For single + datastore structured search, the default is `HARD_FILTER`. For + multi-datastore search, the default behavior is `SOFT_BOOST`. + Location-based filters are always applied as hard filters, and the + `SOFT_BOOST` setting will not affect them. This field is only used + if + SearchRequest.natural_language_query_understanding_spec.filter_extraction_condition + is set to FilterExtractionCondition.ENABLED. + enum: + - EXTRACTED_FILTER_BEHAVIOR_UNSPECIFIED + - HARD_FILTER + - SOFT_BOOST enumDescriptions: - - The CmekConfig state is unknown. - - The CmekConfig is creating. - - The CmekConfig can be used with DataStores. - >- - The CmekConfig is unavailable, most likely due to the KMS Key - being revoked. - - The CmekConfig is deleting. - - The CmekConfig deletion process failed. + `EXTRACTED_FILTER_BEHAVIOR_UNSPECIFIED` will use the default + behavior for extracted filters. For single datastore search, the + default is to apply as hard filters. For multi-datastore search, + the default is to apply as soft boosts. - >- - The CmekConfig is not usable, most likely due to some internal - issue. - - The KMS key version is being rotated. + Applies all extracted filters as hard filters on the results. + Results that do not pass the extracted filters will not be + returned in the result set. - >- - The KMS key is soft deleted. Some cleanup policy will eventually - be applied. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - KEY_ISSUE - - DELETING - - DELETE_FAILED - - UNUSABLE - - ACTIVE_ROTATING - - DELETED - isDefault: - description: Output only. The default CmekConfig for the Customer. - readOnly: true - type: boolean - lastRotationTimestampMicros: - description: Output only. The timestamp of the last key rotation. - readOnly: true - type: string - format: int64 - singleRegionKeys: - description: >- - Optional. Single-regional CMEKs that are required for some VAIS - features. + Applies all extracted filters as soft boosts. Results that pass + the filters will be boosted up to higher ranks in the result set. + allowedFieldNames: type: array + description: >- + Optional. Allowlist of fields that can be used for natural language + filter extraction. By default, if this is unspecified, all indexable + fields are eligible for natural language filter extraction (but are + not guaranteed to be used). If any fields are specified in + allowed_field_names, only the fields that are both marked as + indexable in the schema and specified in the allowlist will be + eligible for natural language filter extraction. Note: for + multi-datastore search, this is not yet supported, and will be + ignored. items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SingleRegionKey' - notebooklmState: - description: Output only. Whether the NotebookLM Corpus is ready to be used. - readOnly: true + type: string + geoSearchQueryDetectionFieldNames: + items: + type: string + type: array + description: >- + Field names used for location-based filtering, where geolocation + filters are detected in natural language search queries. Only valid + when the FilterExtractionCondition is set to `ENABLED`. If this + field is set, it overrides the field names set in + ServingConfig.geo_search_query_detection_field_names. + id: >- + GoogleCloudDiscoveryengineV1SearchRequestNaturalLanguageQueryUnderstandingSpec + GoogleCloudDiscoveryengineV1alphaAnswerCitationSource: + properties: + referenceId: type: string - enumDescriptions: - - The NotebookLM state is unknown. - - The NotebookLM is not ready. - - The NotebookLM is ready to be used. - - The NotebookLM is not enabled. - enum: - - NOTEBOOK_LM_STATE_UNSPECIFIED - - NOTEBOOK_LM_NOT_READY - - NOTEBOOK_LM_READY - - NOTEBOOK_LM_NOT_ENABLED - GoogleCloudDiscoveryengineV1SingleRegionKey: - id: GoogleCloudDiscoveryengineV1SingleRegionKey - description: Metadata for single-regional CMEKs. + description: ID of the citation source. type: object + id: GoogleCloudDiscoveryengineV1alphaAnswerCitationSource + description: Citation source. + GoogleCloudDiscoveryengineV1alphaAssistantContentCodeExecutionResult: properties: - kmsKey: + output: + type: string description: >- - Required. Single-regional kms key resource name which will be used - to encrypt resources - `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{keyId}`. + Optional. Contains stdout when code execution is successful, stderr + or other description otherwise. + outcome: + enumDescriptions: + - Unspecified status. This value should not be used. + - Code execution completed successfully. + - >- + Code execution finished but with a failure. `stderr` should + contain the reason. + - >- + Code execution ran for too long, and was cancelled. There may or + may not be a partial output present. + description: Required. Outcome of the code execution. type: string - GoogleCloudDiscoveryengineV1ListCmekConfigsResponse: - id: GoogleCloudDiscoveryengineV1ListCmekConfigsResponse - description: Response message for CmekConfigService.ListCmekConfigs method. + enum: + - OUTCOME_UNSPECIFIED + - OUTCOME_OK + - OUTCOME_FAILED + - OUTCOME_DEADLINE_EXCEEDED + type: object + description: Result of executing ExecutableCode. + id: GoogleCloudDiscoveryengineV1alphaAssistantContentCodeExecutionResult + GoogleCloudDiscoveryengineV1DisableAdvancedSiteSearchRequest: type: object + properties: {} + id: GoogleCloudDiscoveryengineV1DisableAdvancedSiteSearchRequest + description: >- + Request message for SiteSearchEngineService.DisableAdvancedSiteSearch + method. + GoogleCloudDiscoveryengineV1SearchRequestFacetSpecFacetKey: properties: - cmekConfigs: - description: All the customer's CmekConfigs. + orderBy: + type: string + description: >- + The order in which documents are returned. Allowed values are: * + "count desc", which means order by SearchResponse.Facet.values.count + descending. * "value desc", which means order by + SearchResponse.Facet.values.value descending. Only applies to + textual facets. If not set, textual values are sorted in [natural + order](https://en.wikipedia.org/wiki/Natural_sort_order); numerical + intervals are sorted in the order given by + FacetSpec.FacetKey.intervals. + key: + type: string + description: >- + Required. Supported textual and numerical facet keys in Document + object, over which the facet values are computed. Facet key is + case-sensitive. + contains: type: array items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CmekConfig' - GoogleCloudDiscoveryengineV1CompleteQueryResponse: - id: GoogleCloudDiscoveryengineV1CompleteQueryResponse - description: Response message for CompletionService.CompleteQuery method. - type: object - properties: - querySuggestions: + type: string description: >- - Results of the matched query suggestions. The result list is ordered - and the first result is a top suggestion. + Only get facet values that contain the given strings. For example, + suppose "category" has three values "Action > 2022", "Action > 2021" + and "Sci-Fi > 2022". If set "contains" to "2022", the "category" + facet only contains "Action > 2022" and "Sci-Fi > 2022". Only + supported on textual fields. Maximum is 10. + prefixes: + items: + type: string + description: >- + Only get facet values that start with the given string prefix. For + example, suppose "category" has three values "Action > 2022", + "Action > 2021" and "Sci-Fi > 2022". If set "prefixes" to "Action", + the "category" facet only contains "Action > 2022" and "Action > + 2021". Only supported on textual fields. Maximum is 10. + type: array + intervals: type: array + description: >- + Set only if values should be bucketed into intervals. Must be set + for facets with numerical values. Must not be set for facet with + text values. Maximum number of intervals is 30. items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1CompleteQueryResponseQuerySuggestion - tailMatchTriggered: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Interval' + caseInsensitive: description: >- - True if the returned suggestions are all tail suggestions. For tail - matching to be triggered, include_tail_suggestions in the request - must be true and there must be no suggestions that match the full - query. + True to make facet keys case insensitive when getting faceting + values with prefixes or contains; false otherwise. type: boolean - GoogleCloudDiscoveryengineV1CompleteQueryResponseQuerySuggestion: - id: GoogleCloudDiscoveryengineV1CompleteQueryResponseQuerySuggestion - description: Suggestions as search queries. + restrictedValues: + items: + type: string + type: array + description: >- + Only get facet for the given restricted values. Only supported on + textual fields. For example, suppose "category" has three values + "Action > 2022", "Action > 2021" and "Sci-Fi > 2022". If set + "restricted_values" to "Action > 2022", the "category" facet only + contains "Action > 2022". Only supported on textual fields. Maximum + is 10. + description: Specifies how a facet is computed. + id: GoogleCloudDiscoveryengineV1SearchRequestFacetSpecFacetKey + type: object + GoogleCloudDiscoveryengineV1CompletionInfo: + id: GoogleCloudDiscoveryengineV1CompletionInfo + description: >- + Detailed completion information including completion attribution token + and clicked completion info. type: object properties: - suggestion: - description: The suggestion for the query. - type: string - completableFieldPaths: + selectedPosition: + type: integer + format: int32 description: >- - The unique document field paths that serve as the source of this - suggestion if it was generated from completable fields. This field - is only populated for the document-completable model. + End user selected CompleteQueryResponse.QuerySuggestion.suggestion + position, starting from 0. + selectedSuggestion: + description: End user selected CompleteQueryResponse.QuerySuggestion.suggestion. + type: string + GoogleCloudDiscoveryengineV1betaPurgeSuggestionDenyListEntriesResponse: + type: object + description: >- + Response message for CompletionService.PurgeSuggestionDenyListEntries + method. + id: GoogleCloudDiscoveryengineV1betaPurgeSuggestionDenyListEntriesResponse + properties: + errorSamples: + description: A sample of errors encountered while processing the request. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + purgeCount: + description: Number of suggestion deny list entries purged. + type: string + format: int64 + GoogleCloudDiscoveryengineV1betaBatchCreateTargetSitesResponse: + id: GoogleCloudDiscoveryengineV1betaBatchCreateTargetSitesResponse + type: object + properties: + targetSites: type: array + description: TargetSites created. items: - type: string - GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequest: - id: GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequest - description: Request message for CompletionService.AdvancedCompleteQuery method. . + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaTargetSite' + description: >- + Response message for SiteSearchEngineService.BatchCreateTargetSites + method. + GoogleLongrunningOperation: type: object properties: - query: + error: + $ref: '#/components/schemas/GoogleRpcStatus' description: >- - Required. The typeahead input used to fetch suggestions. Maximum - length is 128 characters. The query can not be empty for most of the - suggestion types. If it is empty, an `INVALID_ARGUMENT` error is - returned. The exception is when the suggestion_types contains only - the type `RECENT_SEARCH`, the query can be an empty string. The is - called "zero prefix" feature, which returns user's recently searched - queries given the empty query. - type: string - queryModel: + The error result of the operation in case of failure or + cancellation. + response: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - Specifies the autocomplete query model, which only applies to the - QUERY SuggestionType. This overrides any model specified in the - Configuration > Autocomplete section of the Cloud console. Currently - supported values: * `document` - Using suggestions generated from - user-imported documents. * `search-history` - Using suggestions - generated from the past history of SearchService.Search API calls. - Do not use it when there is no traffic for Search API. * - `user-event` - Using suggestions generated from user-imported search - events. * `document-completable` - Using suggestions taken directly - from user-imported document fields marked as completable. Default - values: * `document` is the default model for regular dataStores. * - `search-history` is the default model for site search dataStores. - type: string - userPseudoId: - description: >- - A unique identifier for tracking visitors. For example, this could - be implemented with an HTTP cookie, which should be able to uniquely - identify a visitor on a single device. This unique identifier should - not change if the visitor logs in or out of the website. This field - should NOT have a fixed value such as `unknown_visitor`. This should - be the same identifier as UserEvent.user_pseudo_id and - SearchRequest.user_pseudo_id. The field must be a UTF-8 encoded - string with a length limit of 128 - type: string - userInfo: + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + done: + type: boolean description: >- - Optional. Information about the end user. This should be the same - identifier information as UserEvent.user_info and - SearchRequest.user_info. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserInfo' - includeTailSuggestions: + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + name: description: >- - Indicates if tail suggestions should be returned if there are no - suggestions that match the full query. Even if set to true, if there - are suggestions that match the full query, those are returned and no - tail suggestions are returned. - type: boolean - boostSpec: - description: Optional. Specification to boost suggestions matching the condition. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestBoostSpec - suggestionTypes: + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string + metadata: description: >- - Optional. Suggestion types to return. If empty or unspecified, query - suggestions are returned. Only one suggestion type is supported at - the moment. - type: array - items: - type: string - enumDescriptions: - - Default value. - - Returns query suggestions. - - Returns people suggestions. - - Returns content suggestions. - - Returns recent search suggestions. - - Returns Google Workspace suggestions. - enum: - - SUGGESTION_TYPE_UNSPECIFIED - - QUERY - - PEOPLE - - CONTENT - - RECENT_SEARCH - - GOOGLE_WORKSPACE - suggestionTypeSpecs: - description: Optional. Specification of each suggestion type. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestSuggestionTypeSpec - experimentIds: - description: Optional. Experiment ids for this request. - type: array - items: - type: string - GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestBoostSpec: - id: GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestBoostSpec + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + id: GoogleLongrunningOperation description: >- - Specification to boost suggestions based on the condtion of the - suggestion. + This resource represents a long-running operation that is the result of + a network API call. + GoogleCloudDiscoveryengineV1SearchResponseSearchResultRankSignals: + id: GoogleCloudDiscoveryengineV1SearchResponseSearchResultRankSignals type: object + description: A set of ranking signals. properties: - conditionBoostSpecs: - description: >- - Condition boost specifications. If a suggestion matches multiple - conditions in the specifications, boost values from these - specifications are all applied and combined in a non-linear way. - Maximum number of specifications is 20. Note: Currently only support - language condition boost. + relevanceScore: + format: float + type: number + description: Optional. Semantic relevance adjustment. + documentAge: + format: float + type: number + description: Optional. Age of the document in hours. + semanticSimilarityScore: + format: float + type: number + description: Optional. Semantic similarity adjustment. + keywordSimilarityScore: + description: Optional. Keyword matching adjustment. + type: number + format: float + topicalityRank: + type: number + format: float + description: Optional. Topicality adjustment as a rank. + pctrRank: + format: float + description: Optional. Predicted conversion rate adjustment as a rank. + type: number + defaultRank: + type: number + description: Optional. The default rank of the result. + format: float + boostingFactor: + format: float + description: Optional. Combined custom boosts for a doc. + type: number + customSignals: type: array + description: Optional. A list of custom clearbox signals. items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestBoostSpecConditionBoostSpec - GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestBoostSpecConditionBoostSpec: - id: >- - GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestBoostSpecConditionBoostSpec - description: Boost applies to suggestions which match a condition. + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSearchResultRankSignalsCustomSignal + GoogleCloudDiscoveryengineV1WidgetConfigUiBrandingSettings: + description: Describes widget UI branding settings. type: object + id: GoogleCloudDiscoveryengineV1WidgetConfigUiBrandingSettings properties: - condition: - description: >- - An expression which specifies a boost condition. The syntax is the - same as [filter expression - syntax](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata#filter-expression-syntax). - Currently, the only supported condition is a list of BCP-47 lang - codes. Example: * To boost suggestions in languages `en` or `fr`: - `(lang_code: ANY("en", "fr"))` + logo: + description: Logo image. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigImage' + GoogleCloudDiscoveryengineV1alphaDeleteEngineMetadata: + description: >- + Metadata related to the progress of the EngineService.DeleteEngine + operation. This will be returned by the + google.longrunning.Operation.metadata field. + properties: + createTime: + description: Operation create time. + format: google-datetime type: string - boost: + updateTime: description: >- - Strength of the boost, which should be in [-1, 1]. Negative boost - means demotion. Default is 0.0. Setting to 1.0 gives the suggestions - a big promotion. However, it does not necessarily mean that the top - result will be a boosted suggestion. Setting to -1.0 gives the - suggestions a big demotion. However, other suggestions that are - relevant might still be shown. Setting to 0.0 means no boost - applied. The boosting condition is ignored. - type: number - format: float - GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestSuggestionTypeSpec: - id: >- - GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestSuggestionTypeSpec - description: Specification of each suggestion type. + Operation last update time. If the operation is done, this is also + the finish time. + type: string + format: google-datetime + id: GoogleCloudDiscoveryengineV1alphaDeleteEngineMetadata type: object + GoogleCloudDiscoveryengineV1AssistantToolList: properties: - suggestionType: - description: Optional. Suggestion type. - type: string - enumDescriptions: - - Default value. - - Returns query suggestions. - - Returns people suggestions. - - Returns content suggestions. - - Returns recent search suggestions. - - Returns Google Workspace suggestions. - enum: - - SUGGESTION_TYPE_UNSPECIFIED - - QUERY - - PEOPLE - - CONTENT - - RECENT_SEARCH - - GOOGLE_WORKSPACE - maxSuggestions: - description: >- - Optional. Maximum number of suggestions to return for each - suggestion type. - type: integer - format: int32 - GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponse: - id: GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponse - description: Response message for CompletionService.AdvancedCompleteQuery method. + toolInfo: + description: The list of tools with corresponding tool information. + type: array + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AssistantToolInfo' + id: GoogleCloudDiscoveryengineV1AssistantToolList + description: The enabled tools on a connector type: object + GoogleCloudDiscoveryengineV1CompleteQueryResponse: + description: Response message for CompletionService.CompleteQuery method. properties: querySuggestions: - description: >- - Results of the matched query suggestions. The result list is ordered - and the first result is a top suggestion. type: array items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseQuerySuggestion + #/components/schemas/GoogleCloudDiscoveryengineV1CompleteQueryResponseQuerySuggestion + description: >- + Results of the matched query suggestions. The result list is ordered + and the first result is a top suggestion. tailMatchTriggered: description: >- True if the returned suggestions are all tail suggestions. For tail @@ -3496,1567 +4480,1597 @@ components: must be true and there must be no suggestions that match the full query. type: boolean - peopleSuggestions: - description: >- - Results of the matched people suggestions. The result list is - ordered and the first result is the top suggestion. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponsePersonSuggestion - contentSuggestions: - description: >- - Results of the matched content suggestions. The result list is - ordered and the first result is the top suggestion. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseContentSuggestion - recentSearchSuggestions: - description: >- - Results of the matched "recent search" suggestions. The result list - is ordered and the first result is the top suggestion. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseRecentSearchSuggestion - GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseQuerySuggestion: - id: GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseQuerySuggestion - description: Suggestions as search queries. + id: GoogleCloudDiscoveryengineV1CompleteQueryResponse type: object + GoogleCloudDiscoveryengineV1alphaSingleRegionKey: + id: GoogleCloudDiscoveryengineV1alphaSingleRegionKey properties: - suggestion: - description: The suggestion for the query. - type: string - completableFieldPaths: + kmsKey: description: >- - The unique document field paths that serve as the source of this - suggestion if it was generated from completable fields. This field - is only populated for the document-completable model. - type: array - items: - type: string - dataStore: - description: The name of the dataStore that this suggestion belongs to. + Required. Single-regional kms key resource name which will be used + to encrypt resources + `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{keyId}`. + type: string + description: Metadata for single-regional CMEKs. + type: object + GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpec: + description: End user specification. + id: GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpec + type: object + properties: + endUserMetadata: + description: Optional. End user metadata. type: array items: - type: string - score: - description: The score of each suggestion. The score is in the range of [0, 1]. - type: number - format: double - GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponsePersonSuggestion: - id: >- - GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponsePersonSuggestion - description: Suggestions as people. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaData + GoogleCloudDiscoveryengineV1alphaAnswerGroundingSupport: type: object properties: - suggestion: - description: The suggestion for the query. - type: string - personType: - description: The type of the person. + endIndex: + format: int64 + description: Required. End of the claim, exclusive. type: string - enumDescriptions: - - Default value. - - The suggestion is from a GOOGLE_IDENTITY source. - - The suggestion is from a THIRD_PARTY_IDENTITY source. - enum: - - PERSON_TYPE_UNSPECIFIED - - CLOUD_IDENTITY - - THIRD_PARTY_IDENTITY - document: + groundingCheckRequired: + type: boolean description: >- - The document data snippet in the suggestion. Only a subset of fields - is populated. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' - dataStore: - description: The name of the dataStore that this suggestion belongs to. - type: string - score: - description: The score of each suggestion. The score is in the range of [0, 1]. + Indicates that this claim required grounding check. When the system + decided this claim didn't require attribution/grounding check, this + field is set to false. In that case, no grounding check was done for + the claim and therefore `grounding_score`, `sources` is not + returned. + groundingScore: + description: >- + A score in the range of [0, 1] describing how grounded is a specific + claim by the references. Higher value means that the claim is better + supported by the reference chunks. type: number format: double - displayPhotoUri: - description: The photo uri of the person suggestion. - type: string - destinationUri: - description: The destination uri of the person suggestion. + startIndex: + description: >- + Required. Index indicates the start of the claim, measured in bytes + (UTF-8 unicode). + format: int64 type: string - GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseContentSuggestion: - id: >- - GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseContentSuggestion - description: Suggestions as content. + sources: + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerCitationSource + description: Optional. Citation sources for the claim. + type: array + id: GoogleCloudDiscoveryengineV1alphaAnswerGroundingSupport + description: Grounding support for a claim in `answer_text`. + GoogleCloudDiscoveryengineV1alphaTenant: + id: GoogleCloudDiscoveryengineV1alphaTenant type: object + description: >- + Tenant information for a connector source. This includes some of the + same information stored in the Credential message, but is limited to + only what is needed to provide a list of accessible tenants to the user. properties: - suggestion: - description: The suggestion for the query. - type: string - contentType: - description: The type of the content suggestion. - type: string - enumDescriptions: - - Default value. - - The suggestion is from a Google Workspace source. - - The suggestion is from a third party source. - enum: - - CONTENT_TYPE_UNSPECIFIED - - GOOGLE_WORKSPACE - - THIRD_PARTY - document: + id: description: >- - The document data snippet in the suggestion. Only a subset of fields - will be populated. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' - dataStore: - description: The name of the dataStore that this suggestion belongs to. + The tenant's instance ID. Examples: Jira + ("8594f221-9797-5f78-1fa4-485e198d7cd0"), Slack ("T123456"). type: string - score: - description: The score of each suggestion. The score is in the range of [0, 1]. - type: number - format: double - iconUri: - description: The icon uri of the content suggestion. + displayName: + description: Optional display name for the tenant, e.g. "My Slack Team". type: string - destinationUri: - description: The destination uri of the content suggestion. + uri: type: string - GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseRecentSearchSuggestion: - id: >- - GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseRecentSearchSuggestion - description: Suggestions from recent search history. - type: object + description: >- + The URI of the tenant, if applicable. For example, the URI of a Jira + instance is https://my-jira-instance.atlassian.net, and a Slack + tenant does not have a URI. + GoogleCloudDiscoveryengineV1MediaInfo: + description: Media-specific user event information. properties: - suggestion: - description: The suggestion for the query. - type: string - recentSearchTime: - description: The time when this recent rearch happened. + mediaProgressDuration: + format: google-duration + description: >- + The media progress time in seconds, if applicable. For example, if + the end user has finished 90 seconds of a playback video, then + MediaInfo.media_progress_duration.seconds should be set to 90. type: string - format: google-datetime - score: - description: The score of each suggestion. The score is in the range of [0, 1]. + mediaProgressPercentage: + format: float type: number - format: double - GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesRequest: - id: GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesRequest - description: >- - Request message for CompletionService.ImportSuggestionDenyListEntries - method. - type: object - properties: - inlineSource: - description: >- - The Inline source for the input content for suggestion deny list - entries. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesRequestInlineSource - gcsSource: description: >- - Cloud Storage location for the input content. Only 1 file can be - specified that contains all entries to import. Supported values - `gcs_source.schema` for autocomplete suggestion deny list entry - imports: * `suggestion_deny_list` (default): One JSON - [SuggestionDenyListEntry] per line. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1GcsSource' - GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesRequestInlineSource: - id: >- - GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesRequestInlineSource - description: The inline source for SuggestionDenyListEntry. + Media progress should be computed using only the + media_progress_duration relative to the media total length. This + value must be between `[0, 1.0]` inclusive. If this is not a + playback or the progress cannot be computed (e.g. ongoing + livestream), this field should be unset. + id: GoogleCloudDiscoveryengineV1MediaInfo type: object + GoogleCloudDiscoveryengineV1ImportUserEventsRequestInlineSource: properties: - entries: + userEvents: description: >- - Required. A list of all denylist entries to import. Max of 1000 + Required. A list of user events to import. Recommended max of 10k items. type: array items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SuggestionDenyListEntry - GoogleCloudDiscoveryengineV1SuggestionDenyListEntry: - id: GoogleCloudDiscoveryengineV1SuggestionDenyListEntry - description: >- - Suggestion deny list entry identifying the phrase to block from - suggestions and the applied operation for the phrase. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserEvent' + type: object + description: The inline source for the input config for ImportUserEvents method. + id: GoogleCloudDiscoveryengineV1ImportUserEventsRequestInlineSource + GoogleCloudDiscoveryengineV1alphaGetUriPatternDocumentDataResponse: type: object properties: - blockPhrase: + documentDataMap: description: >- - Required. Phrase to block from suggestions served. Can be maximum - 125 characters. - type: string - matchOperator: + Document data keyed by URI pattern. For example: document_data_map = + { "www.url1.com/*": { "Categories": ["category1", "category2"] }, + "www.url2.com/*": { "Categories": ["category3"] } } + additionalProperties: + additionalProperties: + type: any + description: Properties of the object. + type: object + type: object + description: >- + Response message for SiteSearchEngineService.GetUriPatternDocumentData + method. + id: GoogleCloudDiscoveryengineV1alphaGetUriPatternDocumentDataResponse + GoogleCloudDiscoveryengineV1betaTuneEngineMetadata: + properties: + engine: description: >- - Required. The match operator to apply for this phrase. Whether to - block the exact phrase, or block any suggestions containing this - phrase. + Required. The resource name of the engine that this tune applies to. + Format: + `projects/{project}/locations/{location}/collections/{collection_id}/engines/{engine_id}` type: string - enumDescriptions: - - Default value. Should not be used - - >- - If the suggestion is an exact match to the block_phrase, then - block it. - - If the suggestion contains the block_phrase, then block it. - enum: - - MATCH_OPERATOR_UNSPECIFIED - - EXACT_MATCH - - CONTAINS - GoogleCloudDiscoveryengineV1GcsSource: - id: GoogleCloudDiscoveryengineV1GcsSource - description: Cloud Storage location for input content. + id: GoogleCloudDiscoveryengineV1betaTuneEngineMetadata + description: Metadata associated with a tune operation. type: object + GoogleCloudDiscoveryengineV1CreateDataStoreMetadata: + id: GoogleCloudDiscoveryengineV1CreateDataStoreMetadata properties: - inputUris: - description: >- - Required. Cloud Storage URIs to input files. Each URI can be up to - 2000 characters long. URIs can match the full object path (for - example, `gs://bucket/directory/object.json`) or a pattern matching - one or more files, such as `gs://bucket/directory/*.json`. A request - can contain at most 100 files (or 100,000 files if `data_schema` is - `content`). Each file can be up to 2 GB (or 100 MB if `data_schema` - is `content`). - type: array - items: - type: string - dataSchema: - description: >- - The schema to use when parsing the data from the source. Supported - values for document imports: * `document` (default): One JSON - Document per line. Each document must have a valid Document.id. * - `content`: Unstructured data (e.g. PDF, HTML). Each file matched by - `input_uris` becomes a document, with the ID set to the first 128 - bits of SHA256(URI) encoded as a hex string. * `custom`: One custom - data JSON per row in arbitrary format that conforms to the defined - Schema of the data store. This can only be used by the GENERIC Data - Store vertical. * `csv`: A CSV file with header conforming to the - defined Schema of the data store. Each entry after the header is - imported as a Document. This can only be used by the GENERIC Data - Store vertical. Supported values for user event imports: * - `user_event` (default): One JSON UserEvent per line. + createTime: + format: google-datetime type: string - GoogleCloudDiscoveryengineV1PurgeSuggestionDenyListEntriesRequest: - id: GoogleCloudDiscoveryengineV1PurgeSuggestionDenyListEntriesRequest - description: >- - Request message for CompletionService.PurgeSuggestionDenyListEntries - method. - type: object - properties: {} - GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsRequest: - id: GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsRequest + description: Operation create time. + updateTime: + type: string + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime description: >- - Request message for CompletionService.ImportCompletionSuggestions - method. + Metadata related to the progress of the DataStoreService.CreateDataStore + operation. This will be returned by the + google.longrunning.Operation.metadata field. type: object + GoogleCloudDiscoveryengineV1AnswerReferenceStructuredDocumentInfo: + id: GoogleCloudDiscoveryengineV1AnswerReferenceStructuredDocumentInfo + description: Structured search information. properties: - inlineSource: - description: The Inline source for suggestion entries. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsRequestInlineSource - gcsSource: - description: Cloud Storage location for the input content. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1GcsSource' - bigquerySource: - description: BigQuery input source. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1BigQuerySource' - errorConfig: - description: The desired location of errors incurred during the Import. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ImportErrorConfig' - GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsRequestInlineSource: - id: >- - GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsRequestInlineSource - description: The inline source for CompletionSuggestions. + title: + type: string + readOnly: true + description: Output only. The title of the document. + structData: + type: object + additionalProperties: + description: Properties of the object. + type: any + description: Structured search data. + document: + type: string + description: Document resource name. + uri: + description: Output only. The URI of the document. + readOnly: true + type: string type: object - properties: - suggestions: - description: >- - Required. A list of all denylist entries to import. Max of 1000 - items. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1CompletionSuggestion - GoogleCloudDiscoveryengineV1CompletionSuggestion: - id: GoogleCloudDiscoveryengineV1CompletionSuggestion - description: Autocomplete suggestions that are imported from Customer. + GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultChunkInfo: type: object + id: >- + GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultChunkInfo + description: Chunk information. properties: - globalScore: - description: >- - Global score of this suggestion. Control how this suggestion would - be scored / ranked. - type: number - format: double - frequency: + chunk: + description: Chunk resource name. + type: string + documentMetadata: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultChunkInfoDocumentMetadata + description: Metadata of the document from the current chunk. + content: + type: string + description: Chunk textual content. + GoogleCloudDiscoveryengineV1IdentityMappingEntryOperationMetadata: + id: GoogleCloudDiscoveryengineV1IdentityMappingEntryOperationMetadata + properties: + successCount: + format: int64 + type: string description: >- - Frequency of this suggestion. Will be used to rank suggestions when - score is not available. + The number of IdentityMappingEntries that were successfully + processed. + totalCount: type: string + description: The total number of IdentityMappingEntries that were processed. format: int64 - suggestion: - description: Required. The suggestion text. + failureCount: + format: int64 + description: The number of IdentityMappingEntries that failed to be processed. type: string - languageCode: - description: BCP-47 language code of this suggestion. + description: >- + IdentityMappingEntry LongRunningOperation metadata for + IdentityMappingStoreService.ImportIdentityMappings and + IdentityMappingStoreService.PurgeIdentityMappings + type: object + GoogleCloudDiscoveryengineV1betaIdentityMappingEntryOperationMetadata: + id: GoogleCloudDiscoveryengineV1betaIdentityMappingEntryOperationMetadata + properties: + totalCount: type: string - groupId: + description: The total number of IdentityMappingEntries that were processed. + format: int64 + successCount: description: >- - If two suggestions have the same groupId, they will not be returned - together. Instead the one ranked higher will be returned. This can - be used to deduplicate semantically identical suggestions. + The number of IdentityMappingEntries that were successfully + processed. + format: int64 type: string - groupScore: - description: The score of this suggestion within its group. - type: number - format: double - alternativePhrases: - description: Alternative matching phrases for this suggestion. - type: array - items: - type: string - GoogleCloudDiscoveryengineV1BigQuerySource: - id: GoogleCloudDiscoveryengineV1BigQuerySource - description: BigQuery source import data from. + failureCount: + format: int64 + description: The number of IdentityMappingEntries that failed to be processed. + type: string + type: object + description: >- + IdentityMappingEntry LongRunningOperation metadata for + IdentityMappingStoreService.ImportIdentityMappings and + IdentityMappingStoreService.PurgeIdentityMappings + GoogleCloudDiscoveryengineV1AssistantContentExecutableCode: + id: GoogleCloudDiscoveryengineV1AssistantContentExecutableCode + description: Code generated by the model that is meant to be executed by the model. type: object properties: - partitionDate: + code: + description: Required. The code content. Currently only supports Python. + type: string + GoogleCloudDiscoveryengineV1DestinationConfig: + properties: + jsonParams: description: >- - BigQuery time partitioned table's _PARTITIONDATE in YYYY-MM-DD + Additional parameters for this destination config in json string format. - $ref: '#/components/schemas/GoogleTypeDate' - projectId: - description: >- - The project ID or the project number that contains the BigQuery - source. Has a length limit of 128 characters. If not specified, - inherits the project ID from the parent request. type: string - datasetId: + params: description: >- - Required. The BigQuery data set to copy the data from with a length - limit of 1,024 characters. + Optional. Additional parameters for this destination config in + structured json format. + additionalProperties: + type: any + description: Properties of the object. + type: object + destinations: + description: Optional. The destinations for the corresponding key. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1DestinationConfigDestination + key: type: string - tableId: description: >- - Required. The BigQuery table to copy the data from with a length - limit of 1,024 characters. + Optional. Unique destination identifier that is supported by the + connector. + id: GoogleCloudDiscoveryengineV1DestinationConfig + description: Defines target endpoints used to connect to third-party sources. + type: object + GoogleCloudDiscoveryengineV1alphaQuery: + properties: + text: + description: Plain text. type: string - gcsStagingDir: - description: >- - Intermediate Cloud Storage directory used for the import with a - length limit of 2,000 characters. Can be specified if one wants to - have the BigQuery export to a specific Cloud Storage directory. + queryId: + readOnly: true + description: Output only. Unique Id for the query. type: string - dataSchema: + description: Defines a user inputed query. + type: object + id: GoogleCloudDiscoveryengineV1alphaQuery + GoogleCloudDiscoveryengineV1EngineCommonConfig: + properties: + companyName: description: >- - The schema to use when parsing the data from the source. Supported - values for user event imports: * `user_event` (default): One - UserEvent per row. Supported values for document imports: * - `document` (default): One Document format per row. Each document - must have a valid Document.id and one of Document.json_data or - Document.struct_data. * `custom`: One custom data per row in - arbitrary format that conforms to the defined Schema of the data - store. This can only be used by the GENERIC Data Store vertical. + The name of the company, business or entity that is associated with + the engine. Setting this may help improve LLM related features. type: string - GoogleTypeDate: - id: GoogleTypeDate - description: >- - Represents a whole or partial calendar date, such as a birthday. The - time of day and time zone are either specified elsewhere or are - insignificant. The date is relative to the Gregorian Calendar. This can - represent one of the following: * A full date, with non-zero year, - month, and day values. * A month and day, with a zero year (for example, - an anniversary). * A year on its own, with a zero month and a zero day. - * A year and month, with a zero day (for example, a credit card - expiration date). Related types: * google.type.TimeOfDay * - google.type.DateTime * google.protobuf.Timestamp + id: GoogleCloudDiscoveryengineV1EngineCommonConfig + type: object + description: Common configurations for an Engine. + GoogleCloudDiscoveryengineV1betaOrganicCrawlRateTimeSeries: type: object + description: >- + The historical organic crawl rate timeseries data, used for monitoring. + Organic crawl is auto-determined by Google to crawl the user's website + when dedicate crawl is not set. Crawl rate is the QPS of crawl request + Google sends to the user's website. properties: - year: - description: >- - Year of the date. Must be from 1 to 9999, or 0 to specify a date - without a year. - type: integer - format: int32 - month: + vertexAiOrganicCrawlRate: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaCrawlRateTimeSeries description: >- - Month of a year. Must be from 1 to 12, or 0 to specify a year - without a month and day. - type: integer - format: int32 - day: + Vertex AI's organic crawl rate time series, which is the crawl rate + of Google-CloudVertexBot when dedicate crawl is not set. Please + refer to + https://developers.google.com/search/docs/crawling-indexing/google-common-crawlers#google-cloudvertexbot + for more details about Google-CloudVertexBot. + googleOrganicCrawlRate: description: >- - Day of a month. Must be from 1 to 31 and valid for the year and - month, or 0 to specify a year by itself or a year and month where - the day isn't significant. - type: integer - format: int32 - GoogleCloudDiscoveryengineV1ImportErrorConfig: - id: GoogleCloudDiscoveryengineV1ImportErrorConfig - description: Configuration of destination for Import related errors. + Google's organic crawl rate time series, which is the sum of all + googlebots' crawl rate. Please refer to + https://developers.google.com/search/docs/crawling-indexing/overview-google-crawlers + for more details about googlebots. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaCrawlRateTimeSeries + id: GoogleCloudDiscoveryengineV1betaOrganicCrawlRateTimeSeries + GoogleCloudDiscoveryengineV1alphaEstimateDataSizeResponse: type: object + description: >- + Response of the EstimateDataSize request. If the long running operation + was successful, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. properties: - gcsPrefix: - description: >- - Cloud Storage prefix for import errors. This must be an empty, - existing Cloud Storage directory. Import errors are written to - sharded files in this directory, one per line, as a JSON-encoded - `google.rpc.Status` message. + dataSizeBytes: + description: Data size in terms of bytes. + format: int64 type: string - GoogleCloudDiscoveryengineV1PurgeCompletionSuggestionsRequest: - id: GoogleCloudDiscoveryengineV1PurgeCompletionSuggestionsRequest - description: Request message for CompletionService.PurgeCompletionSuggestions method. - type: object - properties: {} - GoogleCloudDiscoveryengineV1Control: - id: GoogleCloudDiscoveryengineV1Control - description: >- - Defines a conditioned behavior to employ during serving. Must be - attached to a ServingConfig to be considered at serving time. Permitted - actions dependent on `SolutionType`. + documentCount: + format: int64 + type: string + description: Total number of documents. + id: GoogleCloudDiscoveryengineV1alphaEstimateDataSizeResponse + GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponseDocumentMetadataMatcherValue: type: object + description: The value of the matcher that was used to match the Document. + id: >- + GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponseDocumentMetadataMatcherValue properties: - boostAction: - description: Defines a boost-type control - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ControlBoostAction' - filterAction: - description: >- - Defines a filter-type control Currently not supported by - Recommendation - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ControlFilterAction' - redirectAction: - description: Defines a redirect-type control. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ControlRedirectAction - synonymsAction: - description: Treats a group of terms as synonyms of one another. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ControlSynonymsAction - promoteAction: - description: Promote certain links based on predefined trigger queries. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ControlPromoteAction - name: - description: >- - Immutable. Fully qualified name - `projects/*/locations/global/dataStore/*/controls/*` - type: string - displayName: - description: >- - Required. Human readable name. The identifier used in UI views. Must - be UTF-8 encoded string. Length limit is 128 characters. Otherwise - an INVALID ARGUMENT error is thrown. + fhirResource: type: string - associatedServingConfigIds: - description: >- - Output only. List of all ServingConfig IDs this control is attached - to. May take up to 10 minutes to update after changes. - readOnly: true - type: array - items: - type: string - solutionType: description: >- - Required. Immutable. What solution the control belongs to. Must be - compatible with vertical of resource. Otherwise an INVALID ARGUMENT - error is thrown. + Format: + projects/{project}/locations/{location}/datasets/{dataset}/fhirStores/{fhir_store}/fhir/{resource_type}/{fhir_resource_id} + uri: type: string - enumDescriptions: - - Default value. - - Used for Recommendations AI. - - Used for Discovery Search. - - Used for use cases related to the Generative AI agent. - - >- - Used for use cases related to the Generative Chat agent. It's used - for Generative chat engine only, the associated data stores must - enrolled with `SOLUTION_TYPE_CHAT` solution. - enum: - - SOLUTION_TYPE_UNSPECIFIED - - SOLUTION_TYPE_RECOMMENDATION - - SOLUTION_TYPE_SEARCH - - SOLUTION_TYPE_CHAT - - SOLUTION_TYPE_GENERATIVE_CHAT - useCases: - description: >- - Specifies the use case for the control. Affects what condition - fields can be set. Only applies to SOLUTION_TYPE_SEARCH. Currently - only allow one use case per control. Must be set when solution_type - is SolutionType.SOLUTION_TYPE_SEARCH. - type: array - items: - type: string - enumDescriptions: - - Value used when unset. Will not occur in CSS. - - Search use case. Expects the traffic has a non-empty query. - - Browse use case. Expects the traffic has an empty query. - enum: - - SEARCH_USE_CASE_UNSPECIFIED - - SEARCH_USE_CASE_SEARCH - - SEARCH_USE_CASE_BROWSE - conditions: - description: >- - Determines when the associated action will trigger. Omit to always - apply the action. Currently only a single condition may be - specified. Otherwise an INVALID ARGUMENT error is thrown. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Condition' - GoogleCloudDiscoveryengineV1ControlBoostAction: - id: GoogleCloudDiscoveryengineV1ControlBoostAction - description: Adjusts order of products in returned list. + description: If match by URI, the URI of the Document. + GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataSegment: + id: >- + GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataSegment type: object properties: - fixedBoost: - description: >- - Optional. Strength of the boost, which should be in [-1, 1]. - Negative boost means demotion. Default is 0.0 (No-op). - type: number + referenceIndices: + description: References for the segment. + items: + type: integer + format: int32 + type: array + endIndex: + description: End of the segment, exclusive. + type: string + format: int64 + text: + type: string + description: The text segment itself. + groundingScore: format: float - interpolationBoostSpec: - description: >- - Optional. Complex specification for custom ranking based on customer - defined attribute value. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ControlBoostActionInterpolationBoostSpec - boost: - description: >- - Strength of the boost, which should be in [-1, 1]. Negative boost - means demotion. Default is 0.0 (No-op). - deprecated: true type: number - format: float - filter: - description: >- - Required. Specifies which products to apply the boost to. If no - filter is provided all products will be boosted (No-op). Syntax - documentation: https://cloud.google.com/retail/docs/filter-and-order - Maximum length is 5000 characters. Otherwise an INVALID ARGUMENT - error is thrown. + description: Score for the segment. + startIndex: type: string - dataStore: + format: int64 description: >- - Required. Specifies which data store's documents can be boosted by - this control. Full data store name e.g. - projects/123/locations/global/collections/default_collection/dataStores/default_data_store - type: string - GoogleCloudDiscoveryengineV1ControlBoostActionInterpolationBoostSpec: - id: GoogleCloudDiscoveryengineV1ControlBoostActionInterpolationBoostSpec - description: >- - Specification for custom ranking based on customer specified attribute - value. It provides more controls for customized ranking than the simple - (condition, boost) combination above. + Zero-based index indicating the start of the segment, measured in + bytes of a UTF-8 string (i.e. characters encoded on multiple bytes + have a length of more than one). + description: Grounding information for a segment of the text. + GoogleCloudDiscoveryengineV1CreateSitemapMetadata: + id: GoogleCloudDiscoveryengineV1CreateSitemapMetadata type: object + description: >- + Metadata related to the progress of the + SiteSearchEngineService.CreateSitemap operation. This will be returned + by the google.longrunning.Operation.metadata field. properties: - fieldName: - description: >- - Optional. The name of the field whose value will be used to - determine the boost amount. + createTime: + description: Operation create time. type: string - attributeType: + format: google-datetime + updateTime: description: >- - Optional. The attribute type to be used to determine the boost - amount. The attribute value can be derived from the field value of - the specified field_name. In the case of numerical it is - straightforward i.e. attribute_value = numerical_field_value. In the - case of freshness however, attribute_value = (time.now() - - datetime_field_value). + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + type: string + GoogleCloudDiscoveryengineV1betaImportSuggestionDenyListEntriesMetadata: + id: GoogleCloudDiscoveryengineV1betaImportSuggestionDenyListEntriesMetadata + properties: + updateTime: + format: google-datetime type: string - enumDescriptions: - - Unspecified AttributeType. - - >- - The value of the numerical field will be used to dynamically - update the boost amount. In this case, the attribute_value (the x - value) of the control point will be the actual value of the - numerical field for which the boost_amount is specified. - - >- - For the freshness use case the attribute value will be the - duration between the current time and the date in the datetime - field specified. The value must be formatted as an XSD - `dayTimeDuration` value (a restricted subset of an ISO 8601 - duration value). The pattern for this is: `nDnM]`. For example, - `5D`, `3DT12H30M`, `T24H`. - enum: - - ATTRIBUTE_TYPE_UNSPECIFIED - - NUMERICAL - - FRESHNESS - interpolationType: description: >- - Optional. The interpolation type to be applied to connect the - control points listed below. + Operation last update time. If the operation is done, this is also + the finish time. + createTime: + description: Operation create time. + type: string + format: google-datetime + type: object + description: >- + Metadata related to the progress of the ImportSuggestionDenyListEntries + operation. This is returned by the google.longrunning.Operation.metadata + field. + GoogleCloudDiscoveryengineV1alphaCmekConfig: + properties: + name: + type: string + description: >- + Required. The name of the CmekConfig of the form + `projects/{project}/locations/{location}/cmekConfig` or + `projects/{project}/locations/{location}/cmekConfigs/{cmek_config}`. + lastRotationTimestampMicros: + description: Output only. The timestamp of the last key rotation. + type: string + format: int64 + readOnly: true + isDefault: + type: boolean + description: Output only. The default CmekConfig for the Customer. + readOnly: true + kmsKeyVersion: + description: >- + Output only. KMS key version resource name which will be used to + encrypt resources `/cryptoKeyVersions/{keyVersion}`. + type: string + readOnly: true + notebooklmState: + enum: + - NOTEBOOK_LM_STATE_UNSPECIFIED + - NOTEBOOK_LM_NOT_READY + - NOTEBOOK_LM_READY + - NOTEBOOK_LM_NOT_ENABLED type: string enumDescriptions: - - >- - Interpolation type is unspecified. In this case, it defaults to - Linear. - - Piecewise linear interpolation will be applied. + - The NotebookLM state is unknown. + - The NotebookLM is not ready. + - The NotebookLM is ready to be used. + - The NotebookLM is not enabled. + readOnly: true + description: Output only. Whether the NotebookLM Corpus is ready to be used. + state: enum: - - INTERPOLATION_TYPE_UNSPECIFIED - - LINEAR - controlPoints: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - KEY_ISSUE + - DELETING + - DELETE_FAILED + - UNUSABLE + - ACTIVE_ROTATING + - DELETED + - EXPIRED + readOnly: true + enumDescriptions: + - The CmekConfig state is unknown. + - The CmekConfig is creating. + - The CmekConfig can be used with DataStores. + - >- + The CmekConfig is unavailable, most likely due to the KMS Key + being revoked. + - The CmekConfig is deleting. + - The CmekConfig deletion process failed. + - >- + The CmekConfig is not usable, most likely due to some internal + issue. + - The KMS key version is being rotated. + - >- + The KMS key is soft deleted. Some cleanup policy will eventually + be applied. + - >- + The KMS key is expired, meaning the key has been disabled for 30+ + days. The customer can call DeleteCmekConfig to change the state + to DELETED. + description: Output only. The states of the CmekConfig. + type: string + singleRegionKeys: description: >- - Optional. The control points used to define the curve. The monotonic - function (defined through the interpolation_type above) passes - through the control points listed here. + Optional. Single-regional CMEKs that are required for some VAIS + features. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSingleRegionKey + type: array + kmsKey: + description: >- + Required. KMS key resource name which will be used to encrypt + resources + `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{keyId}`. + type: string + type: object + id: GoogleCloudDiscoveryengineV1alphaCmekConfig + description: Configurations used to enable CMEK data encryption with Cloud KMS keys. + GoogleCloudDiscoveryengineV1SearchResponseSummaryCitation: + description: Citation info for a segment. + type: object + id: GoogleCloudDiscoveryengineV1SearchResponseSummaryCitation + properties: + sources: type: array + description: Citation sources for the attributed segment. items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ControlBoostActionInterpolationBoostSpecControlPoint - GoogleCloudDiscoveryengineV1ControlBoostActionInterpolationBoostSpecControlPoint: - id: >- - GoogleCloudDiscoveryengineV1ControlBoostActionInterpolationBoostSpecControlPoint - description: >- - The control points used to define the curve. The curve defined through - these control points can only be monotonically increasing or - decreasing(constant values are acceptable). + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummaryCitationSource + startIndex: + format: int64 + type: string + description: Index indicates the start of the segment, measured in bytes/unicode. + endIndex: + format: int64 + type: string + description: End of the attributed segment, exclusive. + GoogleCloudDiscoveryengineV1alphaSearchRequestRelevanceScoreSpec: + id: GoogleCloudDiscoveryengineV1alphaSearchRequestRelevanceScoreSpec type: object properties: - attributeValue: + returnRelevanceScore: description: >- - Optional. Can be one of: 1. The numerical field value. 2. The - duration spec for freshness: The value must be formatted as an XSD - `dayTimeDuration` value (a restricted subset of an ISO 8601 duration - value). The pattern for this is: `nDnM]`. + Optional. Whether to return the relevance score for search results. + The higher the score, the more relevant the document is to the + query. + type: boolean + description: The specification for returning the document relevance score. + GoogleCloudDiscoveryengineV1AnswerReferenceChunkInfo: + type: object + id: GoogleCloudDiscoveryengineV1AnswerReferenceChunkInfo + properties: + chunk: + description: Chunk resource name. type: string - boostAmount: + content: + type: string + description: Chunk textual content. + relevanceScore: description: >- - Optional. The value between -1 to 1 by which to boost the score if - the attribute_value evaluates to the value specified above. + The relevance of the chunk for a given query. Values range from 0.0 + (completely irrelevant) to 1.0 (completely relevant). This value is + for informational purpose only. It may change for the same query and + chunk at any time due to a model retraining or change in + implementation. type: number format: float - GoogleCloudDiscoveryengineV1ControlFilterAction: - id: GoogleCloudDiscoveryengineV1ControlFilterAction + documentMetadata: + description: Document metadata. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerReferenceChunkInfoDocumentMetadata + description: Chunk information. + GoogleCloudDiscoveryengineV1DocumentProcessingConfig: description: >- - Specified which products may be included in results. Uses same filter as - boost. + A singleton resource of DataStore. If it's empty when DataStore is + created and DataStore is set to + DataStore.ContentConfig.CONTENT_REQUIRED, the default parser will + default to digital parser. + id: GoogleCloudDiscoveryengineV1DocumentProcessingConfig type: object properties: - filter: + parsingConfigOverrides: + type: object + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfig description: >- - Required. A filter to apply on the matching condition results. - Required Syntax documentation: - https://cloud.google.com/retail/docs/filter-and-order Maximum length - is 5000 characters. Otherwise an INVALID ARGUMENT error is thrown. - type: string - dataStore: + Map from file type to override the default parsing configuration + based on the file type. Supported keys: * `pdf`: Override parsing + config for PDF files, either digital parsing, ocr parsing or layout + parsing is supported. * `html`: Override parsing config for HTML + files, only digital parsing and layout parsing are supported. * + `docx`: Override parsing config for DOCX files, only digital parsing + and layout parsing are supported. * `pptx`: Override parsing config + for PPTX files, only digital parsing and layout parsing are + supported. * `xlsm`: Override parsing config for XLSM files, only + digital parsing and layout parsing are supported. * `xlsx`: Override + parsing config for XLSX files, only digital parsing and layout + parsing are supported. + name: description: >- - Required. Specifies which data store's documents can be filtered by - this control. Full data store name e.g. - projects/123/locations/global/collections/default_collection/dataStores/default_data_store + The full resource name of the Document Processing Config. Format: + `projects/*/locations/*/collections/*/dataStores/*/documentProcessingConfig`. type: string - GoogleCloudDiscoveryengineV1ControlRedirectAction: - id: GoogleCloudDiscoveryengineV1ControlRedirectAction - description: Redirects a shopper to the provided URI. - type: object - properties: - redirectUri: + defaultParsingConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfig description: >- - Required. The URI to which the shopper will be redirected. Required. - URI must have length equal or less than 2000 characters. Otherwise - an INVALID ARGUMENT error is thrown. - type: string - GoogleCloudDiscoveryengineV1ControlSynonymsAction: - id: GoogleCloudDiscoveryengineV1ControlSynonymsAction - description: >- - Creates a set of terms that will act as synonyms of one another. - Example: "happy" will also be considered as "glad", "glad" will also be - considered as "happy". + Configurations for default Document parser. If not specified, we + will configure it as default DigitalParsingConfig, and the default + parsing config will be applied to all file types for Document + parsing. + chunkingConfig: + description: Whether chunking mode is enabled. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1DocumentProcessingConfigChunkingConfig + GoogleCloudDiscoveryengineV1betaSearchRequestEmbeddingSpec: type: object + id: GoogleCloudDiscoveryengineV1betaSearchRequestEmbeddingSpec properties: - synonyms: - description: >- - Defines a set of synonyms. Can specify up to 100 synonyms. Must - specify at least 2 synonyms. Otherwise an INVALID ARGUMENT error is - thrown. - type: array + embeddingVectors: items: - type: string - GoogleCloudDiscoveryengineV1ControlPromoteAction: - id: GoogleCloudDiscoveryengineV1ControlPromoteAction + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestEmbeddingSpecEmbeddingVector + type: array + description: The embedding vector used for retrieval. Limit to 1. description: >- - Promote certain links based on some trigger queries. Example: Promote - shoe store link when searching for `shoe` keyword. The link can be - outside of associated data store. - type: object - properties: - dataStore: - description: Required. Data store with which this promotion is attached to. - type: string - searchLinkPromotion: - description: Required. Promotion attached to this action. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SearchLinkPromotion' - GoogleCloudDiscoveryengineV1Condition: - id: GoogleCloudDiscoveryengineV1Condition - description: Defines circumstances to be checked before allowing a behavior + The specification that uses customized query embedding vector to do + semantic document retrieval. + GoogleCloudDiscoveryengineV1alphaDeleteUserStoreMetadata: type: object properties: - queryTerms: - description: >- - Search only A list of terms to match the query on. Cannot be set - when Condition.query_regex is set. Maximum of 10 query terms. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ConditionQueryTerm - activeTimeRange: + successCount: + format: int64 description: >- - Range of time(s) specifying when condition is active. Maximum of 10 - time ranges. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ConditionTimeRange - queryRegex: + The number of end users under the user store that were successfully + deleted. + type: string + failureCount: description: >- - Optional. Query regex to match the whole search query. Cannot be set - when Condition.query_terms is set. Only supported for Basic Site - Search promotion serving controls. + The number of end users under the user store that failed to be + deleted. type: string - GoogleCloudDiscoveryengineV1ConditionQueryTerm: - id: GoogleCloudDiscoveryengineV1ConditionQueryTerm - description: Matcher for search request query + format: int64 + id: GoogleCloudDiscoveryengineV1alphaDeleteUserStoreMetadata + description: >- + Metadata related to the progress of the UserStoreService.DeleteUserStore + operation. This will be returned by the + google.longrunning.Operation.metadata field. Delete UserStore will + delete all the end users under the user store, return the number of end + users successfully deleted or failed to delete in the metadata. + GoogleCloudDiscoveryengineV1betaSingleRegionKey: + description: Metadata for single-regional CMEKs. + id: GoogleCloudDiscoveryengineV1betaSingleRegionKey type: object properties: - value: - description: >- - The specific query value to match against Must be lowercase, must be - UTF-8. Can have at most 3 space separated terms if full_match is - true. Cannot be an empty string. Maximum length of 5000 characters. + kmsKey: type: string - fullMatch: - description: Whether the search query needs to exactly match the query term. - type: boolean - GoogleCloudDiscoveryengineV1ConditionTimeRange: - id: GoogleCloudDiscoveryengineV1ConditionTimeRange - description: Used for time-dependent conditions. + description: >- + Required. Single-regional kms key resource name which will be used + to encrypt resources + `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{keyId}`. + GoogleCloudDiscoveryengineV1EngineChatEngineMetadata: + description: >- + Additional information of a Chat Engine. Fields in this message are + output only. type: object properties: - startTime: - description: Start of time range. Range is inclusive. - type: string - format: google-datetime - endTime: - description: End of time range. Range is inclusive. Must be in the future. + dialogflowAgent: type: string - format: google-datetime - GoogleCloudDiscoveryengineV1ListControlsResponse: - id: GoogleCloudDiscoveryengineV1ListControlsResponse - description: Response for ListControls method. - type: object + description: >- + The resource name of a Dialogflow agent, that this Chat Engine + refers to. Format: `projects//locations//agents/`. + id: GoogleCloudDiscoveryengineV1EngineChatEngineMetadata + GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResultSnippetInfo: properties: - controls: - description: All the Controls for a given data store. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' - nextPageToken: - description: Pagination token, if not returned indicates the last page. + snippet: + description: Snippet content. type: string - GoogleCloudDiscoveryengineV1ConverseConversationRequest: - id: GoogleCloudDiscoveryengineV1ConverseConversationRequest - description: >- - Request message for ConversationalSearchService.ConverseConversation - method. + snippetStatus: + type: string + description: Status of the snippet defined by the search team. + id: >- + GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResultSnippetInfo + type: object + description: Snippet information. + GoogleCloudDiscoveryengineV1TrainCustomModelRequestGcsTrainingInput: + id: GoogleCloudDiscoveryengineV1TrainCustomModelRequestGcsTrainingInput + description: Cloud Storage training data input. type: object properties: - query: - description: Required. Current user input. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TextInput' - servingConfig: - description: >- - The resource name of the Serving Config to use. Format: - `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store_id}/servingConfigs/{serving_config_id}` - If this is not set, the default serving config will be used. + trainDataPath: type: string - conversation: description: >- - The conversation to be used by auto session only. The name field - will be ignored as we automatically assign new name for the - conversation in auto session. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' - safeSearch: - description: Whether to turn on safe search. - type: boolean - userLabels: + Cloud Storage training data path whose format should be `gs:///`. + The file should be in tsv format. Each line should have the doc_id + and query_id and score (number). For search-tuning model, it should + have the query-id corpus-id score as tsv file header. The score + should be a number in `[0, inf+)`. The larger the number is, the + more relevant the pair is. Example: * `query-id\tcorpus-id\tscore` * + `query1\tdoc1\t1` + corpusDataPath: description: >- - The user labels applied to a resource must meet the following - requirements: * Each resource can have multiple labels, up to a - maximum of 64. * Each label must be a key-value pair. * Keys have a - minimum length of 1 character and a maximum length of 63 characters - and cannot be empty. Values can be empty and have a maximum length - of 63 characters. * Keys and values can contain only lowercase - letters, numeric characters, underscores, and dashes. All characters - must use UTF-8 encoding, and international characters are allowed. * - The key portion of a label must be unique. However, you can use the - same key with multiple resources. * Keys must start with a lowercase - letter or international character. See [Google Cloud - Document](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) - for more details. - type: object - additionalProperties: - type: string - summarySpec: + The Cloud Storage corpus data which could be associated in train + data. The data path format is `gs:///`. A newline delimited + jsonl/ndjson file. For search-tuning model, each line should have + the _id, title and text. Example: `{"_id": "doc1", title: "relevant + doc", "text": "relevant text"}` + type: string + testDataPath: + type: string description: >- - A specification for configuring the summary returned in the - response. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpec - filter: + Cloud Storage test data. Same format as train_data_path. If not + provided, a random 80/20 train/test split will be performed on + train_data_path. + queryDataPath: description: >- - The filter syntax consists of an expression language for - constructing a predicate from one or more fields of the documents - being filtered. Filter expression is case-sensitive. This will be - used to filter search results which may affect the summary response. - If this field is unrecognizable, an `INVALID_ARGUMENT` is returned. - Filtering in Vertex AI Search is done by mapping the LHS filter key - to a key property defined in the Vertex AI Search backend -- this - mapping is defined by the customer in their schema. For example a - media customer might have a field 'name' in their schema. In this - case the filter would look like this: filter --> name:'ANY("king - kong")' For more information about filtering including syntax and - filter operators, see - [Filter](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) + The gcs query data which could be associated in train data. The data + path format is `gs:///`. A newline delimited jsonl/ndjson file. For + search-tuning model, each line should have the _id and text. + Example: {"_id": "query1", "text": "example query"} type: string - boostSpec: - description: >- - Boost specification to boost certain documents in search results - which may affect the converse response. For more information on - boosting, see - [Boosting](https://cloud.google.com/retail/docs/boosting#boost) - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestBoostSpec - GoogleCloudDiscoveryengineV1TextInput: - id: GoogleCloudDiscoveryengineV1TextInput - description: Defines text input. + GoogleCloudDiscoveryengineV1betaProjectCustomerProvidedConfig: type: object properties: - input: - description: Text input. - type: string - context: - description: Conversation context of the input. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ConversationContext' - GoogleCloudDiscoveryengineV1ConversationContext: - id: GoogleCloudDiscoveryengineV1ConversationContext - description: Defines context of the conversation - type: object + notebooklmConfig: + description: Optional. Configuration for NotebookLM settings. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaProjectCustomerProvidedConfigNotebooklmConfig + id: GoogleCloudDiscoveryengineV1betaProjectCustomerProvidedConfig + description: Customer provided configurations. + GoogleCloudDiscoveryengineV1FhirStoreSource: properties: - contextDocuments: + gcsStagingDir: description: >- - The current list of documents the user is seeing. It contains the - document resource references. - type: array + Intermediate Cloud Storage directory used for the import with a + length limit of 2,000 characters. Can be specified if one wants to + have the FhirStore export to a specific Cloud Storage directory. + type: string + resourceTypes: + description: >- + The FHIR resource types to import. The resource types should be a + subset of all [supported FHIR resource + types](https://cloud.google.com/generative-ai-app-builder/docs/fhir-schema-reference#resource-level-specification). + Default to all supported FHIR resource types if empty. items: type: string - activeDocument: + type: array + updateFromLatestPredefinedSchema: description: >- - The current active document the user opened. It contains the - document resource reference. - type: string - GoogleCloudDiscoveryengineV1Conversation: - id: GoogleCloudDiscoveryengineV1Conversation - description: External conversation proto definition. - type: object - properties: - name: + Optional. Whether to update the DataStore schema to the latest + predefined schema. If true, the DataStore schema will be updated to + include any FHIR fields or resource types that have been added since + the last import and corresponding FHIR resources will be imported + from the FHIR store. Note this field cannot be used in conjunction + with `resource_types`. It should be used after initial import. + type: boolean + fhirStore: description: >- - Immutable. Fully qualified name - `projects/{project}/locations/global/collections/{collection}/dataStore/*/conversations/*` - or - `projects/{project}/locations/global/collections/{collection}/engines/*/conversations/*`. - type: string - state: - description: The state of the Conversation. - type: string - enumDescriptions: - - Unknown. - - Conversation is currently open. - - Conversation has been completed. - enum: - - STATE_UNSPECIFIED - - IN_PROGRESS - - COMPLETED - userPseudoId: - description: A unique identifier for tracking users. - type: string - messages: - description: Conversation messages. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ConversationMessage - startTime: - description: Output only. The time the conversation started. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the conversation finished. - readOnly: true - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1ConversationMessage: - id: GoogleCloudDiscoveryengineV1ConversationMessage - description: Defines a conversation message. - type: object - properties: - userInput: - description: User text input. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TextInput' - reply: - description: Search reply. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Reply' - createTime: - description: Output only. Message creation timestamp. - readOnly: true + Required. The full resource name of the FHIR store to import data + from, in the format of + `projects/{project}/locations/{location}/datasets/{dataset}/fhirStores/{fhir_store}`. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1Reply: - id: GoogleCloudDiscoveryengineV1Reply - description: Defines a reply message to user. - type: object - properties: - summary: - description: Summary based on search results. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummary - GoogleCloudDiscoveryengineV1ConverseConversationResponse: - id: GoogleCloudDiscoveryengineV1ConverseConversationResponse - description: >- - Response message for ConversationalSearchService.ConverseConversation - method. + description: Cloud FhirStore source import data from. + id: GoogleCloudDiscoveryengineV1FhirStoreSource type: object - properties: - reply: - description: Answer to the current query. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Reply' - conversation: - description: Updated conversation including the answer. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' - searchResults: - description: Search Results. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSearchResult - GoogleCloudDiscoveryengineV1ListConversationsResponse: - id: GoogleCloudDiscoveryengineV1ListConversationsResponse - description: Response for ListConversations method. + GoogleCloudDiscoveryengineV1PurgeDocumentsResponse: type: object properties: - conversations: - description: All the Conversations for a given data store. + purgeCount: + type: string + format: int64 + description: The total count of documents purged as a result of the operation. + purgeSample: + description: >- + A sample of document names that will be deleted. Only populated if + `force` is set to false. A max of 100 names will be returned and the + names are chosen at random. type: array items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' - nextPageToken: - description: Pagination token, if not returned indicates the last page. - type: string - GoogleCloudDiscoveryengineV1AnswerQueryRequest: - id: GoogleCloudDiscoveryengineV1AnswerQueryRequest - description: Request message for ConversationalSearchService.AnswerQuery method. + type: string + description: >- + Response message for DocumentService.PurgeDocuments method. If the long + running operation is successfully done, then this message is returned by + the google.longrunning.Operations.response field. + id: GoogleCloudDiscoveryengineV1PurgeDocumentsResponse + GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpec: type: object properties: - query: - description: Required. Current user query. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Query' - session: - description: >- - The session resource name. Not required. When session field is not - set, the API is in sessionless mode. We support auto session mode: - users can use the wildcard symbol `-` as session ID. A new ID will - be automatically generated and assigned. - type: string - safetySpec: - description: Model specification. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSafetySpec - relatedQuestionsSpec: - description: Related questions specification. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestRelatedQuestionsSpec - groundingSpec: - description: Optional. Grounding specification. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestGroundingSpec - answerGenerationSpec: - description: Answer generation specification. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpec - searchSpec: - description: Search specification. + videoGenerationSpec: + description: Optional. Specification of the video generation tool. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpec - queryUnderstandingSpec: - description: Query understanding specification. + #/components/schemas/GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecVideoGenerationSpec + vertexAiSearchSpec: + description: Optional. Specification of the Vertex AI Search tool. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpec - asynchronousMode: - description: >- - Deprecated: This field is deprecated. Streaming Answer API will be - supported. Asynchronous mode control. If enabled, the response will - be returned with answer/session resource name without final answer. - The API users need to do the polling to get the latest status of - answer/session by calling ConversationalSearchService.GetAnswer or - ConversationalSearchService.GetSession method. - deprecated: true - type: boolean - userPseudoId: - description: >- - A unique identifier for tracking visitors. For example, this could - be implemented with an HTTP cookie, which should be able to uniquely - identify a visitor on a single device. This unique identifier should - not change if the visitor logs in or out of the website. This field - should NOT have a fixed value such as `unknown_visitor`. The field - must be a UTF-8 encoded string with a length limit of 128 - characters. Otherwise, an `INVALID_ARGUMENT` error is returned. - type: string - userLabels: + #/components/schemas/GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecVertexAiSearchSpec + webGroundingSpec: description: >- - The user labels applied to a resource must meet the following - requirements: * Each resource can have multiple labels, up to a - maximum of 64. * Each label must be a key-value pair. * Keys have a - minimum length of 1 character and a maximum length of 63 characters - and cannot be empty. Values can be empty and have a maximum length - of 63 characters. * Keys and values can contain only lowercase - letters, numeric characters, underscores, and dashes. All characters - must use UTF-8 encoding, and international characters are allowed. * - The key portion of a label must be unique. However, you can use the - same key with multiple resources. * Keys must start with a lowercase - letter or international character. See [Google Cloud - Document](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) - for more details. - type: object - additionalProperties: - type: string - endUserSpec: - description: Optional. End user specification. + Optional. Specification of the web grounding tool. If field is + present, enables grounding with web search. Works only if + Assistant.web_grounding_type is WEB_GROUNDING_TYPE_GOOGLE_SEARCH or + WEB_GROUNDING_TYPE_ENTERPRISE_WEB_SEARCH. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpec - GoogleCloudDiscoveryengineV1AnswerQueryRequestSafetySpec: - id: GoogleCloudDiscoveryengineV1AnswerQueryRequestSafetySpec + #/components/schemas/GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecWebGroundingSpec + imageGenerationSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecImageGenerationSpec + description: Optional. Specification of the image generation tool. + id: GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpec + description: Specification of tools that are used to serve the request. + GoogleCloudDiscoveryengineV1alphaAssistantGroundedContent: description: >- - Safety specification. There are two use cases: 1. when only - safety_spec.enable is set, the BLOCK_LOW_AND_ABOVE threshold will be - applied for all categories. 2. when safety_spec.enable is set and some - safety_settings are set, only specified safety_settings are applied. + A piece of content and possibly its grounding information. Not all + content needs grounding. Phrases like "Of course, I will gladly search + it for you." do not need grounding. + id: GoogleCloudDiscoveryengineV1alphaAssistantGroundedContent type: object properties: - enable: - description: >- - Enable the safety filtering on the answer response. It is false by - default. - type: boolean - safetySettings: + textGroundingMetadata: + description: Metadata for grounding based on text sources. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAssistantGroundedContentTextGroundingMetadata + content: + description: The content. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAssistantContent + citationMetadata: description: >- - Optional. Safety settings. This settings are effective only when the - safety_spec.enable is true. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSafetySpecSafetySetting - GoogleCloudDiscoveryengineV1AnswerQueryRequestSafetySpecSafetySetting: - id: GoogleCloudDiscoveryengineV1AnswerQueryRequestSafetySpecSafetySetting - description: Safety settings. - type: object + Source attribution of the generated content. See also + https://cloud.google.com/vertex-ai/generative-ai/docs/learn/overview#citation_check + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaCitationMetadata + GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResultSnippetInfo: + id: >- + GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResultSnippetInfo + description: Snippet information. properties: - category: - description: Required. Harm category. + snippet: type: string - enumDescriptions: - - The harm category is unspecified. - - The harm category is hate speech. - - The harm category is dangerous content. - - The harm category is harassment. - - The harm category is sexually explicit content. - - The harm category is civic integrity. - enum: - - HARM_CATEGORY_UNSPECIFIED - - HARM_CATEGORY_HATE_SPEECH - - HARM_CATEGORY_DANGEROUS_CONTENT - - HARM_CATEGORY_HARASSMENT - - HARM_CATEGORY_SEXUALLY_EXPLICIT - - HARM_CATEGORY_CIVIC_INTEGRITY - threshold: - description: Required. The harm block threshold. + description: Snippet content. + snippetStatus: type: string - enumDescriptions: - - Unspecified harm block threshold. - - Block low threshold and above (i.e. block more). - - Block medium threshold and above. - - Block only high threshold (i.e. block less). - - Block none. - - Turn off the safety filter. - enum: - - HARM_BLOCK_THRESHOLD_UNSPECIFIED - - BLOCK_LOW_AND_ABOVE - - BLOCK_MEDIUM_AND_ABOVE - - BLOCK_ONLY_HIGH - - BLOCK_NONE - - 'OFF' - GoogleCloudDiscoveryengineV1AnswerQueryRequestRelatedQuestionsSpec: - id: GoogleCloudDiscoveryengineV1AnswerQueryRequestRelatedQuestionsSpec - description: Related questions specification. + description: Status of the snippet defined by the search team. type: object - properties: - enable: - description: Enable related questions feature if true. - type: boolean - GoogleCloudDiscoveryengineV1AnswerQueryRequestGroundingSpec: - id: GoogleCloudDiscoveryengineV1AnswerQueryRequestGroundingSpec - description: Grounding specification. + GoogleCloudDiscoveryengineV1betaControlBoostActionInterpolationBoostSpecControlPoint: type: object properties: - includeGroundingSupports: + attributeValue: + type: string description: >- - Optional. Specifies whether to include grounding_supports in the - answer. The default value is `false`. When this field is set to - `true`, returned answer will have `grounding_score` and will contain - GroundingSupports for each claim. - type: boolean - filteringLevel: + Optional. Can be one of: 1. The numerical field value. 2. The + duration spec for freshness: The value must be formatted as an XSD + `dayTimeDuration` value (a restricted subset of an ISO 8601 duration + value). The pattern for this is: `nDnM]`. + boostAmount: description: >- - Optional. Specifies whether to enable the filtering based on - grounding score and at what level. + Optional. The value between -1 to 1 by which to boost the score if + the attribute_value evaluates to the value specified above. + format: float + type: number + description: >- + The control points used to define the curve. The curve defined through + these control points can only be monotonically increasing or + decreasing(constant values are acceptable). + id: >- + GoogleCloudDiscoveryengineV1betaControlBoostActionInterpolationBoostSpecControlPoint + GoogleCloudDiscoveryengineV1AnswerQueryUnderstandingInfoQueryClassificationInfo: + properties: + type: + enum: + - TYPE_UNSPECIFIED + - ADVERSARIAL_QUERY + - NON_ANSWER_SEEKING_QUERY + - JAIL_BREAKING_QUERY + - NON_ANSWER_SEEKING_QUERY_V2 + - USER_DEFINED_CLASSIFICATION_QUERY type: string enumDescriptions: - - Default is no filter - - Filter answers based on a low threshold. - - Filter answers based on a high threshold. - enum: - - FILTERING_LEVEL_UNSPECIFIED - - FILTERING_LEVEL_LOW - - FILTERING_LEVEL_HIGH - GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpec: - id: GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpec - description: Answer generation specification. + - Unspecified query classification type. + - Adversarial query classification type. + - Non-answer-seeking query classification type, for chit chat. + - Jail-breaking query classification type. + - Non-answer-seeking query classification type, for no clear intent. + - User defined query classification type. + description: Query classification type. + positive: + type: boolean + description: Classification output. + description: Query classification information. type: object + id: >- + GoogleCloudDiscoveryengineV1AnswerQueryUnderstandingInfoQueryClassificationInfo + GoogleCloudDiscoveryengineV1Control: + description: >- + Defines a conditioned behavior to employ during serving. Must be + attached to a ServingConfig to be considered at serving time. Permitted + actions dependent on `SolutionType`. + id: GoogleCloudDiscoveryengineV1Control properties: - modelSpec: - description: Answer generation model specification. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpecModelSpec - promptSpec: - description: Answer generation prompt specification. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpecPromptSpec - includeCitations: + filterAction: description: >- - Specifies whether to include citation metadata in the answer. The - default value is `false`. - type: boolean - answerLanguageCode: + Defines a filter-type control Currently not supported by + Recommendation + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ControlFilterAction' + solutionType: description: >- - Language code for Answer. Use language tags defined by - [BCP47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). Note: This is - an experimental feature. + Required. Immutable. What solution the control belongs to. Must be + compatible with vertical of resource. Otherwise an INVALID ARGUMENT + error is thrown. + enum: + - SOLUTION_TYPE_UNSPECIFIED + - SOLUTION_TYPE_RECOMMENDATION + - SOLUTION_TYPE_SEARCH + - SOLUTION_TYPE_CHAT + - SOLUTION_TYPE_GENERATIVE_CHAT + enumDescriptions: + - Default value. + - Used for Recommendations AI. + - Used for Discovery Search. + - Used for use cases related to the Generative AI agent. + - >- + Used for use cases related to the Generative Chat agent. It's used + for Generative chat engine only, the associated data stores must + enrolled with `SOLUTION_TYPE_CHAT` solution. + type: string + displayName: type: string - ignoreAdversarialQuery: description: >- - Specifies whether to filter out adversarial queries. The default - value is `false`. Google employs search-query classification to - detect adversarial queries. No answer is returned if the search - query is classified as an adversarial query. For example, a user - might ask a question regarding negative comments about the company - or submit a query designed to generate unsafe, policy-violating - output. If this field is set to `true`, we skip generating answers - for adversarial queries and return fallback messages instead. - type: boolean - ignoreNonAnswerSeekingQuery: + Required. Human readable name. The identifier used in UI views. Must + be UTF-8 encoded string. Length limit is 128 characters. Otherwise + an INVALID ARGUMENT error is thrown. + useCases: + items: + enum: + - SEARCH_USE_CASE_UNSPECIFIED + - SEARCH_USE_CASE_SEARCH + - SEARCH_USE_CASE_BROWSE + enumDescriptions: + - Value used when unset. Will not occur in CSS. + - Search use case. Expects the traffic has a non-empty query. + - Browse use case. Expects the traffic has an empty query. + type: string description: >- - Specifies whether to filter out queries that are not answer-seeking. - The default value is `false`. Google employs search-query - classification to detect answer-seeking queries. No answer is - returned if the search query is classified as a non-answer seeking - query. If this field is set to `true`, we skip generating answers - for non-answer seeking queries and return fallback messages instead. - type: boolean - ignoreLowRelevantContent: + Specifies the use case for the control. Affects what condition + fields can be set. Only applies to SOLUTION_TYPE_SEARCH. Currently + only allow one use case per control. Must be set when solution_type + is SolutionType.SOLUTION_TYPE_SEARCH. + type: array + associatedServingConfigIds: + readOnly: true description: >- - Specifies whether to filter out queries that have low relevance. If - this field is set to `false`, all search results are used regardless - of relevance to generate answers. If set to `true` or unset, the - behavior will be determined automatically by the service. - type: boolean - ignoreJailBreakingQuery: + Output only. List of all ServingConfig IDs this control is attached + to. May take up to 10 minutes to update after changes. + items: + type: string + type: array + name: description: >- - Optional. Specifies whether to filter out jail-breaking queries. The - default value is `false`. Google employs search-query classification - to detect jail-breaking queries. No summary is returned if the - search query is classified as a jail-breaking query. A user might - add instructions to the query to change the tone, style, language, - content of the answer, or ask the model to act as a different - entity, e.g. "Reply in the tone of a competing company's CEO". If - this field is set to `true`, we skip generating summaries for - jail-breaking queries and return fallback messages instead. - type: boolean - GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpecModelSpec: - id: >- - GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpecModelSpec - description: Answer Generation Model specification. + Immutable. Fully qualified name + `projects/*/locations/global/dataStore/*/controls/*` + type: string + boostAction: + description: Defines a boost-type control + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ControlBoostAction' + promoteAction: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ControlPromoteAction + description: Promote certain links based on predefined trigger queries. + conditions: + type: array + description: >- + Determines when the associated action will trigger. Omit to always + apply the action. Currently only a single condition may be + specified. Otherwise an INVALID ARGUMENT error is thrown. + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Condition' + redirectAction: + description: Defines a redirect-type control. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ControlRedirectAction + synonymsAction: + description: Treats a group of terms as synonyms of one another. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ControlSynonymsAction type: object + GoogleCloudDiscoveryengineV1alphaDeleteSchemaMetadata: properties: - modelVersion: + updateTime: description: >- - Model version. If not set, it will use the default stable model. - Allowed values are: stable, preview. + Operation last update time. If the operation is done, this is also + the finish time. type: string - GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpecPromptSpec: - id: >- - GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpecPromptSpec - description: Answer generation prompt specification. - type: object - properties: - preamble: - description: Customized preamble. + format: google-datetime + createTime: type: string - GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpec: - id: GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpec - description: Search specification. + format: google-datetime + description: Operation create time. + description: Metadata for DeleteSchema LRO. + id: GoogleCloudDiscoveryengineV1alphaDeleteSchemaMetadata type: object + GoogleCloudDiscoveryengineV1alphaAnswerReferenceStructuredDocumentInfo: + type: object + id: GoogleCloudDiscoveryengineV1alphaAnswerReferenceStructuredDocumentInfo properties: - searchParams: - description: Search parameters. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchParams - searchResultList: - description: Search result list. + document: + type: string + description: Document resource name. + uri: + type: string + readOnly: true + description: Output only. The URI of the document. + structData: + additionalProperties: + description: Properties of the object. + type: any + type: object + description: Structured search data. + title: + description: Output only. The title of the document. + type: string + readOnly: true + description: Structured search information. + GoogleCloudDiscoveryengineV1betaImportCompletionSuggestionsResponse: + id: GoogleCloudDiscoveryengineV1betaImportCompletionSuggestionsResponse + properties: + errorSamples: + description: A sample of errors encountered while processing the request. + type: array + items: + $ref: '#/components/schemas/GoogleRpcStatus' + errorConfig: + description: The desired location of errors incurred during the Import. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultList - GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchParams: - id: GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchParams - description: Search parameters. + #/components/schemas/GoogleCloudDiscoveryengineV1betaImportErrorConfig type: object + description: >- + Response of the CompletionService.ImportCompletionSuggestions method. If + the long running operation is done, this message is returned by the + google.longrunning.Operations.response field if the operation is + successful. + GoogleCloudDiscoveryengineV1SearchRequestCrowdingSpec: + description: >- + Specification for crowding. Crowding improves the diversity of search + results by limiting the number of results that share the same field + value. For example, crowding on the color field with a max_count of 3 + and mode DROP_CROWDED_RESULTS will return at most 3 results with the + same color across all pages. properties: - maxReturnResults: - description: Number of search results to return. The default value is 10. + maxCount: type: integer format: int32 - filter: - description: >- - The filter syntax consists of an expression language for - constructing a predicate from one or more fields of the documents - being filtered. Filter expression is case-sensitive. This will be - used to filter search results which may affect the Answer response. - If this field is unrecognizable, an `INVALID_ARGUMENT` is returned. - Filtering in Vertex AI Search is done by mapping the LHS filter key - to a key property defined in the Vertex AI Search backend -- this - mapping is defined by the customer in their schema. For example a - media customers might have a field 'name' in their schema. In this - case the filter would look like this: filter --> name:'ANY("king - kong")' For more information about filtering including syntax and - filter operators, see - [Filter](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) - type: string - boostSpec: description: >- - Boost specification to boost certain documents in search results - which may affect the answer query response. For more information on - boosting, see - [Boosting](https://cloud.google.com/retail/docs/boosting#boost) - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestBoostSpec - orderBy: + The maximum number of documents to keep per value of the field. Once + there are at least max_count previous results which contain the same + value for the given field (according to the order specified in + `order_by`), later results with the same value are "crowded away". + If not specified, the default value is 1. + field: description: >- - The order in which documents are returned. Documents can be ordered - by a field in an Document object. Leave it unset if ordered by - relevance. `order_by` expression is case-sensitive. For more - information on ordering, see - [Ordering](https://cloud.google.com/retail/docs/filter-and-order#order) - If this field is unrecognizable, an `INVALID_ARGUMENT` is returned. + The field to use for crowding. Documents can be crowded by a field + in the Document object. Crowding field is case sensitive. type: string - searchResultMode: - description: >- - Specifies the search result mode. If unspecified, the search result - mode defaults to `DOCUMENTS`. See [parse and chunk - documents](https://cloud.google.com/generative-ai-app-builder/docs/parse-chunk-documents) + mode: + description: Mode to use for documents that are crowded away. type: string + enum: + - MODE_UNSPECIFIED + - DROP_CROWDED_RESULTS + - DEMOTE_CROWDED_RESULTS_TO_END enumDescriptions: - - Default value. - - Returns documents in the search result. - >- - Returns chunks in the search result. Only available if the - DocumentProcessingConfig.chunking_config is specified. - enum: - - SEARCH_RESULT_MODE_UNSPECIFIED - - DOCUMENTS - - CHUNKS - dataStoreSpecs: - description: >- - Specs defining dataStores to filter on in a search call and - configurations for those dataStores. This is only considered for - engines with multiple dataStores use case. For single dataStore - within an engine, they should use the specs at the top level. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestDataStoreSpec - GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultList: - id: GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultList - description: Search result list. + Unspecified crowding mode. In this case, server behavior defaults + to Mode.DROP_CROWDED_RESULTS. + - Drop crowded results. + - Demote crowded results to the later pages. + id: GoogleCloudDiscoveryengineV1SearchRequestCrowdingSpec type: object - properties: - searchResults: - description: Search results. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResult - GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResult: - id: >- - GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResult - description: Search result. + GoogleCloudDiscoveryengineV1betaProjectServiceTerms: + description: Metadata about the terms of service. + id: GoogleCloudDiscoveryengineV1betaProjectServiceTerms type: object properties: - unstructuredDocumentInfo: - description: Unstructured document information. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfo - chunkInfo: - description: Chunk information. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultChunkInfo - GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfo: - id: >- - GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfo - description: Unstructured document information. + acceptTime: + type: string + format: google-datetime + description: The last time when the project agreed to the terms of service. + declineTime: + description: >- + The last time when the project declined or revoked the agreement to + terms of service. + format: google-datetime + type: string + version: + type: string + description: >- + The version string of the terms of service. For acceptable values, + see the comments for id above. + id: + description: >- + The unique identifier of this terms of service. Available terms: * + `GA_DATA_USE_TERMS`: [Terms for data + use](https://cloud.google.com/retail/data-use-terms). When using + this as `id`, the acceptable version to provide is `2022-11-23`. + type: string + state: + enum: + - STATE_UNSPECIFIED + - TERMS_ACCEPTED + - TERMS_PENDING + - TERMS_DECLINED + type: string + description: >- + Whether the project has accepted/rejected the service terms or it is + still pending. + enumDescriptions: + - The default value of the enum. This value is not actually used. + - The project has given consent to the terms of service. + - The project is pending to review and accept the terms of service. + - >- + The project has declined or revoked the agreement to terms of + service. + GoogleCloudDiscoveryengineV1alphaSession: type: object + description: External session proto definition. properties: - document: - description: Document resource name. + displayName: + description: >- + Optional. The display name of the session. This field is used to + identify the session in the UI. By default, the display name is the + first turn query text in the session. type: string - uri: - description: URI for the document. + isPinned: + description: >- + Optional. Whether the session is pinned, pinned session will be + displayed on the top of the session list. + type: boolean + startTime: type: string - title: - description: Title. + format: google-datetime + readOnly: true + description: Output only. The time the session started. + userPseudoId: + description: A unique identifier for tracking users. type: string - documentContexts: + name: description: >- - List of document contexts. The content will be used for Answer - Generation. This is supposed to be the main content of the document - that can be long and comprehensive. + Immutable. Fully qualified name + `projects/{project}/locations/global/collections/{collection}/engines/{engine}/sessions/*` + type: string + labels: type: array items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoDocumentContext - extractiveSegments: - description: List of extractive segments. + type: string + description: >- + Optional. The labels for the session. Can be set as filter in + ListSessionsRequest. + turns: + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaSessionTurn' + type: array + description: Turns. + state: + enum: + - STATE_UNSPECIFIED + - IN_PROGRESS + type: string + description: The state of the session. + enumDescriptions: + - State is unspecified. + - The session is currently open. + endTime: + format: google-datetime + description: Output only. The time the session finished. + readOnly: true + type: string + id: GoogleCloudDiscoveryengineV1alphaSession + GoogleCloudDiscoveryengineV1CheckGroundingResponse: + properties: + citedChunks: + description: >- + List of facts cited across all claims in the answer candidate. These + are derived from the facts supplied in the request. + type: array + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1FactChunk' + supportScore: + type: number + format: float + description: >- + The support score for the input answer candidate. Higher the score, + higher is the fraction of claims that are supported by the provided + facts. This is always set when a response is returned. + citedFacts: type: array items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoExtractiveSegment - extractiveAnswers: + #/components/schemas/GoogleCloudDiscoveryengineV1CheckGroundingResponseCheckGroundingFactChunk description: >- - Deprecated: This field is deprecated and will have no effect on the - Answer generation. Please use document_contexts and - extractive_segments fields. List of extractive answers. - deprecated: true + List of facts cited across all claims in the answer candidate. These + are derived from the facts supplied in the request. + claims: type: array + description: >- + Claim texts and citation info across all claims in the answer + candidate. items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoExtractiveAnswer - GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoDocumentContext: - id: >- - GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoDocumentContext - description: Document context. + #/components/schemas/GoogleCloudDiscoveryengineV1CheckGroundingResponseClaim + description: >- + Response message for the GroundedGenerationService.CheckGrounding + method. type: object + id: GoogleCloudDiscoveryengineV1CheckGroundingResponse + GoogleCloudDiscoveryengineV1alphaDisableAdvancedSiteSearchMetadata: + type: object + id: GoogleCloudDiscoveryengineV1alphaDisableAdvancedSiteSearchMetadata properties: - pageIdentifier: - description: Page identifier. + updateTime: + format: google-datetime type: string - content: - description: Document content to be used for answer generation. + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + createTime: + description: Operation create time. + format: google-datetime type: string - GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoExtractiveSegment: - id: >- - GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoExtractiveSegment description: >- - Extractive segment. - [Guide](https://cloud.google.com/generative-ai-app-builder/docs/snippets#extractive-segments) - Answer generation will only use it if document_contexts is empty. This - is supposed to be shorter snippets. + Metadata related to the progress of the + SiteSearchEngineService.DisableAdvancedSiteSearch operation. This will + be returned by the google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1ControlRedirectAction: + id: GoogleCloudDiscoveryengineV1ControlRedirectAction + description: Redirects a shopper to the provided URI. type: object properties: - pageIdentifier: - description: Page identifier. - type: string - content: - description: Extractive segment content. + redirectUri: type: string - GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoExtractiveAnswer: - id: >- - GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoExtractiveAnswer - description: >- - Extractive answer. - [Guide](https://cloud.google.com/generative-ai-app-builder/docs/snippets#get-answers) - type: object + description: >- + Required. The URI to which the shopper will be redirected. Required. + URI must have length equal or less than 2000 characters. Otherwise + an INVALID ARGUMENT error is thrown. + GoogleCloudDiscoveryengineV1alphaDeleteCollectionMetadata: properties: - pageIdentifier: - description: Page identifier. + updateTime: type: string - content: - description: Extractive answer content. + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + createTime: + description: Operation create time. + format: google-datetime type: string - GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultChunkInfo: - id: >- - GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultChunkInfo - description: Chunk information. + description: >- + Metadata related to the progress of the + CollectionService.UpdateCollection operation. This will be returned by + the google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1alphaDeleteCollectionMetadata type: object + GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesRequest: properties: - chunk: - description: Chunk resource name. - type: string - content: - description: Chunk textual content. - type: string - documentMetadata: - description: Metadata of the document from the current chunk. + inlineSource: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultChunkInfoDocumentMetadata - GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultChunkInfoDocumentMetadata: - id: >- - GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultChunkInfoDocumentMetadata + #/components/schemas/GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesRequestInlineSource + description: The inline source for the input content for document embeddings. + deleteUnassignedUserLicenses: + type: boolean + description: >- + Optional. If true, if user licenses removed associated license + config, the user license will be deleted. By default which is false, + the user license will be updated to unassigned state. + type: object + id: GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesRequest + description: Request message for UserLicenseService.BatchUpdateUserLicenses method. + GoogleCloudDiscoveryengineV1SearchRequestSessionSpec: description: >- - Document metadata contains the information of the document of the - current chunk. + Session specification. Multi-turn Search feature is currently at private + GA stage. Please use v1alpha or v1beta version instead before we launch + this feature to public GA. Or ask for allowlisting through Google + Support team. + id: GoogleCloudDiscoveryengineV1SearchRequestSessionSpec type: object properties: - uri: - description: Uri of the document. - type: string - title: - description: Title of the document. + searchResultPersistenceCount: + format: int32 + type: integer + description: >- + The number of top search results to persist. The persisted search + results can be used for the subsequent /answer api call. This field + is similar to the `summary_result_count` field in + SearchRequest.ContentSearchSpec.SummarySpec.summary_result_count. At + most 10 results for documents mode, or 50 for chunks mode. + queryId: type: string - GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpec: - id: GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpec - description: Query understanding specification. - type: object - properties: - queryClassificationSpec: - description: Query classification specification. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryClassificationSpec - queryRephraserSpec: - description: Query rephraser specification. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryRephraserSpec - disableSpellCorrection: description: >- - Optional. Whether to disable spell correction. The default value is - `false`. - type: boolean - GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryClassificationSpec: - id: >- - GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryClassificationSpec - description: Query classification specification. - type: object + If set, the search result gets stored to the "turn" specified by + this query ID. Example: Let's say the session looks like this: + session { name: ".../sessions/xxx" turns { query { text: "What is + foo?" query_id: ".../questions/yyy" } answer: "Foo is ..." } turns { + query { text: "How about bar then?" query_id: ".../questions/zzz" } + } } The user can call /search API with a request like this: session: + ".../sessions/xxx" session_spec { query_id: ".../questions/zzz" } + Then, the API stores the search result, associated with the last + turn. The stored search result can be used by a subsequent /answer + API call (with the session ID and the query ID specified). Also, it + is possible to call /search and /answer in parallel with the same + session ID & query ID. + GoogleCloudDiscoveryengineV1alphaDataStore: + description: DataStore captures global settings and configs at the DataStore level. + id: GoogleCloudDiscoveryengineV1alphaDataStore properties: - types: - description: Enabled query classification types. + solutionTypes: + description: >- + The solutions that the data store enrolls. Available solutions for + each industry_vertical: * `MEDIA`: `SOLUTION_TYPE_RECOMMENDATION` + and `SOLUTION_TYPE_SEARCH`. * `SITE_SEARCH`: `SOLUTION_TYPE_SEARCH` + is automatically enrolled. Other solutions cannot be enrolled. type: array items: type: string enumDescriptions: - - Unspecified query classification type. - - Adversarial query classification type. - - Non-answer-seeking query classification type, for chit chat. - - Jail-breaking query classification type. + - Default value. + - Used for Recommendations AI. + - Used for Discovery Search. + - Used for use cases related to the Generative AI agent. - >- - Non-answer-seeking query classification type, for no clear - intent. - - User defined query classification type. + Used for use cases related to the Generative Chat agent. It's + used for Generative chat engine only, the associated data stores + must enrolled with `SOLUTION_TYPE_CHAT` solution. enum: - - TYPE_UNSPECIFIED - - ADVERSARIAL_QUERY - - NON_ANSWER_SEEKING_QUERY - - JAIL_BREAKING_QUERY - - NON_ANSWER_SEEKING_QUERY_V2 - - USER_DEFINED_CLASSIFICATION_QUERY - GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryRephraserSpec: - id: >- - GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryRephraserSpec - description: Query rephraser specification. - type: object - properties: - disable: - description: Disable query rephraser. - type: boolean - maxRephraseSteps: + - SOLUTION_TYPE_UNSPECIFIED + - SOLUTION_TYPE_RECOMMENDATION + - SOLUTION_TYPE_SEARCH + - SOLUTION_TYPE_CHAT + - SOLUTION_TYPE_GENERATIVE_CHAT + startingSchema: description: >- - Max rephrase steps. The max number is 5 steps. If not set or set to - < 1, it will be set to 1 by default. - type: integer - format: int32 - modelSpec: - description: Optional. Query Rephraser Model specification. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryRephraserSpecModelSpec - GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryRephraserSpecModelSpec: - id: >- - GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryRephraserSpecModelSpec - description: Query Rephraser Model specification. - type: object - properties: - modelType: + The start schema to use for this DataStore when provisioning it. If + unset, a default vertical specialized schema will be used. This + field is only used by CreateDataStore API, and will be ignored if + used in other APIs. This field will be omitted from all API + responses including CreateDataStore API. To retrieve a schema of a + DataStore, use SchemaService.GetSchema API instead. The provided + schema will be validated against certain rules on schema. Learn more + from [this + doc](https://cloud.google.com/generative-ai-app-builder/docs/provide-schema). + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaSchema' + configurableBillingApproach: + description: Optional. Configuration for configurable billing approach. See + enum: + - CONFIGURABLE_BILLING_APPROACH_UNSPECIFIED + - CONFIGURABLE_SUBSCRIPTION_INDEXING_CORE + - CONFIGURABLE_CONSUMPTION_EMBEDDING + enumDescriptions: + - >- + Default value. For Spark and non-Spark non-configurable billing + approach. + - >- + Use the subscription base + overage billing for indexing core for + non embedding storage. + - >- + Use the consumption pay-as-you-go billing for embedding storage + add-on. + type: string + kmsKeyName: description: >- - Optional. Enabled query rephraser model type. If not set, it will - use LARGE by default. + Input only. The KMS key to be used to protect this DataStore at + creation time. Must be set for requests that need to comply with + CMEK Org Policy protections. If this field is set and processed + successfully, the DataStore will be protected by the KMS key, as + indicated in the cmek_config field. type: string + documentProcessingConfig: + description: Configuration for Document understanding and enrichment. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfig + advancedSiteSearchConfig: + description: Optional. Configuration for advanced site search. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAdvancedSiteSearchConfig + isInfobotFaqDataStore: + description: Optional. If set, this DataStore is an Infobot FAQ DataStore. + type: boolean + workspaceConfig: + description: >- + Config to store data store type configuration for workspace data. + This must be set when DataStore.content_config is set as + DataStore.ContentConfig.GOOGLE_WORKSPACE. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaWorkspaceConfig + industryVertical: + enum: + - INDUSTRY_VERTICAL_UNSPECIFIED + - GENERIC + - MEDIA + - HEALTHCARE_FHIR enumDescriptions: - - Unspecified model type. - - Small query rephraser model. Gemini 1.0 XS model. - - Large query rephraser model. Gemini 1.0 Pro model. + - Value used when unset. + - >- + The generic vertical for documents that are not specific to any + industry vertical. + - The media industry vertical. + - The healthcare FHIR vertical. + type: string + description: Immutable. The industry vertical that the data store registers. + createTime: + readOnly: true + format: google-datetime + description: Output only. Timestamp the DataStore was created at. + type: string + defaultSchemaId: + readOnly: true + type: string + description: >- + Output only. The id of the default Schema associated to this data + store. + billingEstimation: + description: Output only. Data size estimation for billing. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDataStoreBillingEstimation + displayName: + description: >- + Required. The data store display name. This field must be a UTF-8 + encoded string with a length limit of 128 characters. Otherwise, an + INVALID_ARGUMENT error is returned. + type: string + healthcareFhirConfig: + description: Optional. Configuration for `HEALTHCARE_FHIR` vertical. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaHealthcareFhirConfig + idpConfig: + readOnly: true + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaIdpConfig' + description: Output only. Data store level identity provider config. + aclEnabled: + description: >- + Immutable. Whether data in the DataStore has ACL information. If set + to `true`, the source data must have ACL. ACL will be ingested when + data is ingested by DocumentService.ImportDocuments methods. When + ACL is enabled for the DataStore, Document can't be accessed by + calling DocumentService.GetDocument or + DocumentService.ListDocuments. Currently ACL is only supported in + `GENERIC` industry vertical with non-`PUBLIC_WEBSITE` content + config. + type: boolean + languageInfo: + description: Language info for DataStore. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaLanguageInfo' + configurableBillingApproachUpdateTime: + description: >- + Output only. The timestamp when configurable_billing_approach was + last updated. + readOnly: true + format: google-datetime + type: string + identityMappingStore: + description: >- + Immutable. The fully qualified resource name of the associated + IdentityMappingStore. This field can only be set for acl_enabled + DataStores with `THIRD_PARTY` or `GSUITE` IdP. Format: + `projects/{project}/locations/{location}/identityMappingStores/{identity_mapping_store}`. + type: string + name: + description: >- + Immutable. Identifier. The full resource name of the data store. + Format: + `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}`. + This field must be a UTF-8 encoded string with a length limit of + 1024 characters. + type: string + naturalLanguageQueryUnderstandingConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaNaturalLanguageQueryUnderstandingConfig + description: Optional. Configuration for Natural Language Query Understanding. + servingConfigDataStore: + description: Optional. Stores serving config at DataStore level. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDataStoreServingConfigDataStore + contentConfig: + type: string + enumDescriptions: + - Default value. + - Only contains documents without any Document.content. + - Only contains documents with Document.content. + - The data store is used for public website search. + - >- + The data store is used for workspace search. Details of workspace + data store are specified in the WorkspaceConfig. enum: - - MODEL_TYPE_UNSPECIFIED - - SMALL - - LARGE - GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpec: - id: GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpec - description: End user specification. - type: object - properties: - endUserMetadata: - description: Optional. End user metadata. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaData - GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaData: - id: GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaData - description: End user metadata. + - CONTENT_CONFIG_UNSPECIFIED + - NO_CONTENT + - CONTENT_REQUIRED + - PUBLIC_WEBSITE + - GOOGLE_WORKSPACE + description: >- + Immutable. The content config of the data store. If this field is + unset, the server behavior defaults to ContentConfig.NO_CONTENT. + cmekConfig: + description: Output only. CMEK-related information for the DataStore. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaCmekConfig' + readOnly: true type: object + GoogleCloudDiscoveryengineV1AssistAnswerCustomerPolicyEnforcementResultPolicyEnforcementResult: properties: - chunkInfo: - description: Chunk information. + modelArmorEnforcementResult: + description: The policy enforcement result for the Model Armor policy. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaDataChunkInfo - GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaDataChunkInfo: + #/components/schemas/GoogleCloudDiscoveryengineV1AssistAnswerCustomerPolicyEnforcementResultModelArmorEnforcementResult + bannedPhraseEnforcementResult: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AssistAnswerCustomerPolicyEnforcementResultBannedPhraseEnforcementResult + description: The policy enforcement result for the banned phrase policy. + type: object + description: Customer policy enforcement result for a single policy type. id: >- - GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaDataChunkInfo - description: Chunk information. + GoogleCloudDiscoveryengineV1AssistAnswerCustomerPolicyEnforcementResultPolicyEnforcementResult + GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpecPromptSpec: + id: >- + GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpecPromptSpec type: object properties: - content: - description: Chunk textual content. It is limited to 8000 characters. + preamble: type: string - documentMetadata: - description: Metadata of the document from the current chunk. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaDataChunkInfoDocumentMetadata - GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaDataChunkInfoDocumentMetadata: - id: >- - GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaDataChunkInfoDocumentMetadata - description: >- - Document metadata contains the information of the document of the - current chunk. + description: Customized preamble. + description: Answer generation prompt specification. + GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestBoostSpec: + properties: + conditionBoostSpecs: + description: >- + Condition boost specifications. If a suggestion matches multiple + conditions in the specifications, boost values from these + specifications are all applied and combined in a non-linear way. + Maximum number of specifications is 20. Note: Currently only support + language condition boost. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestBoostSpecConditionBoostSpec + type: array + id: GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestBoostSpec type: object + description: >- + Specification to boost suggestions based on the condtion of the + suggestion. + GoogleCloudDiscoveryengineV1betaSearchRequestDataStoreSpec: + id: GoogleCloudDiscoveryengineV1betaSearchRequestDataStoreSpec + description: >- + A struct to define data stores to filter on in a search call and + configurations for those data stores. Otherwise, an `INVALID_ARGUMENT` + error is returned. properties: - title: - description: Title of the document. + customSearchOperators: + type: string + description: >- + Optional. Custom search operators which if specified will be used to + filter results from workspace data stores. For more information on + custom search operators, see + [SearchOperators](https://support.google.com/cloudsearch/answer/6172299). + boostSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpec + description: >- + Optional. Boost specification to boost certain documents. For more + information on boosting, see + [Boosting](https://cloud.google.com/generative-ai-app-builder/docs/boost-search-results) + filter: + type: string + description: >- + Optional. Filter specification to filter documents in the data store + specified by data_store field. For more information on filtering, + see + [Filtering](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) + dataStore: type: string + description: >- + Required. Full resource name of DataStore, such as + `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}`. + The path must include the project number, project id is not + supported for this field. + type: object GoogleCloudDiscoveryengineV1AnswerQueryResponse: - id: GoogleCloudDiscoveryengineV1AnswerQueryResponse - description: Response message for ConversationalSearchService.AnswerQuery method. type: object + description: Response message for ConversationalSearchService.AnswerQuery method. properties: + answerQueryToken: + type: string + description: A global unique ID used for logging. + session: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + description: >- + Session resource object. It will be only available when session + field is set and valid in the AnswerQueryRequest request. answer: description: >- Answer resource object. If @@ -5064,2154 +6078,2451 @@ components: is greater than 1, use Answer.name to fetch answer information using ConversationalSearchService.GetAnswer API. $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Answer' - session: - description: >- - Session resource object. It will be only available when session - field is set and valid in the AnswerQueryRequest request. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' - answerQueryToken: - description: A global unique ID used for logging. - type: string - GoogleCloudDiscoveryengineV1Answer: - id: GoogleCloudDiscoveryengineV1Answer - description: Defines an answer. + id: GoogleCloudDiscoveryengineV1AnswerQueryResponse + GoogleCloudDiscoveryengineV1BigQuerySource: type: object + description: BigQuery source import data from. + id: GoogleCloudDiscoveryengineV1BigQuerySource properties: - name: + datasetId: description: >- - Immutable. Fully qualified name - `projects/{project}/locations/global/collections/{collection}/engines/{engine}/sessions/*/answers/*` - type: string - state: - description: The state of the answer generation. + Required. The BigQuery data set to copy the data from with a length + limit of 1,024 characters. type: string - enumDescriptions: - - Unknown. - - Answer generation is currently in progress. - - Answer generation currently failed. - - Answer generation has succeeded. - - Answer generation is currently in progress. - enum: - - STATE_UNSPECIFIED - - IN_PROGRESS - - FAILED - - SUCCEEDED - - STREAMING - answerText: - description: The textual answer. + dataSchema: + description: >- + The schema to use when parsing the data from the source. Supported + values for user event imports: * `user_event` (default): One + UserEvent per row. Supported values for document imports: * + `document` (default): One Document format per row. Each document + must have a valid Document.id and one of Document.json_data or + Document.struct_data. * `custom`: One custom data per row in + arbitrary format that conforms to the defined Schema of the data + store. This can only be used by the GENERIC Data Store vertical. type: string - groundingScore: + partitionDate: description: >- - A score in the range of [0, 1] describing how grounded the answer is - by the reference chunks. - type: number - format: double - citations: - description: Citations. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AnswerCitation' - groundingSupports: - description: Optional. Grounding supports. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerGroundingSupport - references: - description: References. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AnswerReference' - relatedQuestions: - description: Suggested related questions. - type: array - items: - type: string - steps: - description: Answer generation steps. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AnswerStep' - queryUnderstandingInfo: - description: Query understanding information. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryUnderstandingInfo - answerSkippedReasons: + BigQuery time partitioned table's _PARTITIONDATE in YYYY-MM-DD + format. + $ref: '#/components/schemas/GoogleTypeDate' + tableId: + type: string description: >- - Additional answer-skipped reasons. This provides the reason for - ignored cases. If nothing is skipped, this field is not set. - type: array - items: - type: string - enumDescriptions: - - Default value. The answer skipped reason is not specified. - - The adversarial query ignored case. - - >- - The non-answer seeking query ignored case Google skips the - answer if the query is chit chat. - - >- - The out-of-domain query ignored case. Google skips the answer if - there are no high-relevance search results. - - >- - The potential policy violation case. Google skips the answer if - there is a potential policy violation detected. This includes - content that may be violent or toxic. - - >- - The no relevant content case. Google skips the answer if there - is no relevant content in the retrieved search results. - - >- - The jail-breaking query ignored case. For example, "Reply in the - tone of a competing company's CEO". Google skips the answer if - the query is classified as a jail-breaking query. - - >- - The customer policy violation case. Google skips the summary if - there is a customer policy violation detected. The policy is - defined by the customer. - - >- - The non-answer seeking query ignored case. Google skips the - answer if the query doesn't have clear intent. - - >- - The low-grounded answer case. Google skips the answer if a well - grounded answer was unable to be generated. - - >- - The user defined query classification ignored case. Google skips - the answer if the query is classified as a user defined query - classification. - - >- - The unhelpful answer case. Google skips the answer if the answer - is not helpful. This can be due to a variety of factors, - including but not limited to: the query is not answerable, the - answer is not relevant to the query, or the answer is not - well-formatted. - enum: - - ANSWER_SKIPPED_REASON_UNSPECIFIED - - ADVERSARIAL_QUERY_IGNORED - - NON_ANSWER_SEEKING_QUERY_IGNORED - - OUT_OF_DOMAIN_QUERY_IGNORED - - POTENTIAL_POLICY_VIOLATION - - NO_RELEVANT_CONTENT - - JAIL_BREAKING_QUERY_IGNORED - - CUSTOMER_POLICY_VIOLATION - - NON_ANSWER_SEEKING_QUERY_IGNORED_V2 - - LOW_GROUNDED_ANSWER - - USER_DEFINED_CLASSIFICATION_QUERY_IGNORED - - UNHELPFUL_ANSWER - createTime: - description: Output only. Answer creation timestamp. - readOnly: true + Required. The BigQuery table to copy the data from with a length + limit of 1,024 characters. + projectId: type: string - format: google-datetime - completeTime: - description: Output only. Answer completed timestamp. - readOnly: true + description: >- + The project ID or the project number that contains the BigQuery + source. Has a length limit of 128 characters. If not specified, + inherits the project ID from the parent request. + gcsStagingDir: type: string - format: google-datetime - safetyRatings: - description: Optional. Safety ratings. - type: array + description: >- + Intermediate Cloud Storage directory used for the import with a + length limit of 2,000 characters. Can be specified if one wants to + have the BigQuery export to a specific Cloud Storage directory. + GoogleCloudDiscoveryengineV1ListEnginesResponse: + properties: + engines: items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SafetyRating' - GoogleCloudDiscoveryengineV1AnswerCitation: - id: GoogleCloudDiscoveryengineV1AnswerCitation - description: Citation info for a segment. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Engine' + type: array + description: All the customer's Engines. + nextPageToken: + description: Not supported. + type: string + type: object + id: GoogleCloudDiscoveryengineV1ListEnginesResponse + description: Response message for EngineService.ListEngines method. + GoogleCloudDiscoveryengineV1WorkspaceConfig: type: object properties: - startIndex: + dasherCustomerId: + type: string + description: Obfuscated Dasher customer ID. + superAdminEmailAddress: description: >- - Index indicates the start of the segment, measured in bytes (UTF-8 - unicode). If there are multi-byte characters,such as non-ASCII - characters, the index measurement is longer than the string length. + Optional. The super admin email address for the workspace that will + be used for access token generation. For now we only use it for + Native Google Drive connector data ingestion. type: string - format: int64 - endIndex: + type: + enumDescriptions: + - Defaults to an unspecified Workspace type. + - Workspace Data Store contains Drive data + - Workspace Data Store contains Mail data + - Workspace Data Store contains Sites data + - Workspace Data Store contains Calendar data + - Workspace Data Store contains Chat data + - Workspace Data Store contains Groups data + - Workspace Data Store contains Keep data + - Workspace Data Store contains People data + type: string + enum: + - TYPE_UNSPECIFIED + - GOOGLE_DRIVE + - GOOGLE_MAIL + - GOOGLE_SITES + - GOOGLE_CALENDAR + - GOOGLE_CHAT + - GOOGLE_GROUPS + - GOOGLE_KEEP + - GOOGLE_PEOPLE + description: The Google Workspace data source. + superAdminServiceAccount: description: >- - End of the attributed segment, exclusive. Measured in bytes (UTF-8 - unicode). If there are multi-byte characters,such as non-ASCII - characters, the index measurement is longer than the string length. + Optional. The super admin service account for the workspace that + will be used for access token generation. For now we only use it for + Native Google Drive connector data ingestion. type: string - format: int64 - sources: - description: Citation sources for the attributed segment. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerCitationSource - GoogleCloudDiscoveryengineV1AnswerCitationSource: - id: GoogleCloudDiscoveryengineV1AnswerCitationSource - description: Citation source. - type: object + id: GoogleCloudDiscoveryengineV1WorkspaceConfig + description: Config to store data store type configuration for workspace data + GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig: + description: >- + Additional feature configurations for creating a `recommended-for-you` + engine. properties: - referenceId: - description: ID of the citation source. + contextEventType: + description: >- + The type of event with which the engine is queried at prediction + time. If set to `generic`, only `view-item`, `media-play`,and + `media-complete` will be used as `context-event` in engine training. + If set to `view-home-page`, `view-home-page` will also be used as + `context-events` in addition to `view-item`, `media-play`, and + `media-complete`. Currently supported for the `recommended-for-you` + engine. Currently supported values: `view-home-page`, `generic`. type: string - GoogleCloudDiscoveryengineV1AnswerGroundingSupport: - id: GoogleCloudDiscoveryengineV1AnswerGroundingSupport - description: Grounding support for a claim in `answer_text`. type: object + id: >- + GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig + GoogleCloudDiscoveryengineV1betaSitemap: + id: GoogleCloudDiscoveryengineV1betaSitemap + type: object + description: A sitemap for the SiteSearchEngine. properties: - startIndex: + name: + readOnly: true description: >- - Required. Index indicates the start of the claim, measured in bytes - (UTF-8 unicode). + Output only. The fully qualified resource name of the sitemap. + `projects/*/locations/*/collections/*/dataStores/*/siteSearchEngine/sitemaps/*` + The `sitemap_id` suffix is system-generated. type: string - format: int64 - endIndex: - description: Required. End of the claim, exclusive. + uri: + type: string + description: Public URI for the sitemap, e.g. `www.example.com/sitemap.xml`. + createTime: + format: google-datetime + type: string + description: Output only. The sitemap's creation time. + readOnly: true + GoogleCloudDiscoveryengineV1betaIdpConfigExternalIdpConfig: + type: object + description: Third party IDP Config. + id: GoogleCloudDiscoveryengineV1betaIdpConfigExternalIdpConfig + properties: + workforcePoolName: type: string - format: int64 - groundingScore: description: >- - A score in the range of [0, 1] describing how grounded is a specific - claim by the references. Higher value means that the claim is better - supported by the reference chunks. - type: number - format: double - groundingCheckRequired: + Workforce pool name. Example: + "locations/global/workforcePools/pool_id" + GoogleCloudDiscoveryengineV1PurgeErrorConfig: + id: GoogleCloudDiscoveryengineV1PurgeErrorConfig + description: Configuration of destination for Purge related errors. + properties: + gcsPrefix: description: >- - Indicates that this claim required grounding check. When the system - decided this claim didn't require attribution/grounding check, this - field is set to false. In that case, no grounding check was done for - the claim and therefore `grounding_score`, `sources` is not - returned. - type: boolean - sources: - description: Optional. Citation sources for the claim. + Cloud Storage prefix for purge errors. This must be an empty, + existing Cloud Storage directory. Purge errors are written to + sharded files in this directory, one per line, as a JSON-encoded + `google.rpc.Status` message. + type: string + type: object + GoogleCloudDiscoveryengineV1alphaControlSynonymsAction: + properties: + synonyms: type: array + description: >- + Defines a set of synonyms. Can specify up to 100 synonyms. Must + specify at least 2 synonyms. Otherwise an INVALID ARGUMENT error is + thrown. items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerCitationSource - GoogleCloudDiscoveryengineV1AnswerReference: - id: GoogleCloudDiscoveryengineV1AnswerReference - description: Reference. + type: string type: object + description: >- + Creates a set of terms that will act as synonyms of one another. + Example: "happy" will also be considered as "glad", "glad" will also be + considered as "happy". + id: GoogleCloudDiscoveryengineV1alphaControlSynonymsAction + GoogleCloudDiscoveryengineV1SearchResponseSummarySummaryWithMetadata: properties: - unstructuredDocumentInfo: - description: Unstructured document information. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerReferenceUnstructuredDocumentInfo - chunkInfo: - description: Chunk information. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerReferenceChunkInfo - structuredDocumentInfo: - description: Structured document information. + references: + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummaryReference + type: array + description: Document References. + summary: + description: Summary text with no citation information. + type: string + citationMetadata: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerReferenceStructuredDocumentInfo - GoogleCloudDiscoveryengineV1AnswerReferenceUnstructuredDocumentInfo: - id: GoogleCloudDiscoveryengineV1AnswerReferenceUnstructuredDocumentInfo - description: Unstructured document information. + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummaryCitationMetadata + description: Citation metadata for given summary. + id: GoogleCloudDiscoveryengineV1SearchResponseSummarySummaryWithMetadata + description: Summary with metadata information. + type: object + GoogleCloudDiscoveryengineV1betaControlFilterAction: + description: >- + Specified which products may be included in results. Uses same filter as + boost. + id: GoogleCloudDiscoveryengineV1betaControlFilterAction type: object properties: - document: - description: Document resource name. - type: string - uri: - description: URI for the document. + dataStore: + description: >- + Required. Specifies which data store's documents can be filtered by + this control. Full data store name e.g. + projects/123/locations/global/collections/default_collection/dataStores/default_data_store type: string - title: - description: Title. + filter: type: string - chunkContents: - description: List of cited chunk contents derived from document content. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerReferenceUnstructuredDocumentInfoChunkContent - structData: description: >- - The structured JSON metadata for the document. It is populated from - the struct data from the Chunk in search result. - type: object - additionalProperties: - type: any - description: Properties of the object. - GoogleCloudDiscoveryengineV1AnswerReferenceUnstructuredDocumentInfoChunkContent: - id: >- - GoogleCloudDiscoveryengineV1AnswerReferenceUnstructuredDocumentInfoChunkContent - description: Chunk content. + Required. A filter to apply on the matching condition results. + Required Syntax documentation: + https://cloud.google.com/retail/docs/filter-and-order Maximum length + is 5000 characters. Otherwise an INVALID ARGUMENT error is thrown. + GoogleCloudDiscoveryengineV1BigtableOptionsBigtableColumnFamily: type: object properties: - content: - description: Chunk textual content. - type: string - pageIdentifier: - description: Page identifier. + encoding: type: string - relevanceScore: + enumDescriptions: + - The encoding is unspecified. + - Text encoding. + - Binary encoding. description: >- - The relevance of the chunk for a given query. Values range from 0.0 - (completely irrelevant) to 1.0 (completely relevant). This value is - for informational purpose only. It may change for the same query and - chunk at any time due to a model retraining or change in - implementation. - type: number - format: float - GoogleCloudDiscoveryengineV1AnswerReferenceChunkInfo: - id: GoogleCloudDiscoveryengineV1AnswerReferenceChunkInfo - description: Chunk information. - type: object - properties: - chunk: - description: Chunk resource name. + The encoding mode of the values when the type is not STRING. + Acceptable encoding values are: * `TEXT`: indicates values are + alphanumeric text strings. * `BINARY`: indicates values are encoded + using `HBase Bytes.toBytes` family of functions. This can be + overridden for a specific column by listing that column in `columns` + and specifying an encoding for it. + enum: + - ENCODING_UNSPECIFIED + - TEXT + - BINARY + fieldName: + description: >- + The field name to use for this column family in the document. The + name has to match the pattern `a-zA-Z0-9*`. If not set, it is parsed + from the family name with best effort. However, due to different + naming patterns, field name collisions could happen, where parsing + behavior is undefined. type: string - content: - description: Chunk textual content. + type: type: string - relevanceScore: + enumDescriptions: + - The type is unspecified. + - String type. + - Numerical type. + - Integer type. + - Variable length integer type. + - BigDecimal type. + - Boolean type. + - JSON type. + enum: + - TYPE_UNSPECIFIED + - STRING + - NUMBER + - INTEGER + - VAR_INTEGER + - BIG_NUMERIC + - BOOLEAN + - JSON description: >- - The relevance of the chunk for a given query. Values range from 0.0 - (completely irrelevant) to 1.0 (completely relevant). This value is - for informational purpose only. It may change for the same query and - chunk at any time due to a model retraining or change in - implementation. - type: number - format: float - documentMetadata: - description: Document metadata. + The type of values in this column family. The values are expected to + be encoded using `HBase Bytes.toBytes` function when the encoding + value is set to `BINARY`. + columns: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1BigtableOptionsBigtableColumn + description: >- + The list of objects that contains column level information for each + column. If a column is not present in this list it will be ignored. + description: The column family of the Bigtable. + id: GoogleCloudDiscoveryengineV1BigtableOptionsBigtableColumnFamily + GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsRequest: + properties: + inlineSource: + description: The Inline source for suggestion entries. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerReferenceChunkInfoDocumentMetadata - GoogleCloudDiscoveryengineV1AnswerReferenceChunkInfoDocumentMetadata: - id: GoogleCloudDiscoveryengineV1AnswerReferenceChunkInfoDocumentMetadata - description: Document metadata. + #/components/schemas/GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsRequestInlineSource + bigquerySource: + description: BigQuery input source. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1BigQuerySource' + errorConfig: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ImportErrorConfig' + description: The desired location of errors incurred during the Import. + gcsSource: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1GcsSource' + description: Cloud Storage location for the input content. + id: GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsRequest + type: object + description: >- + Request message for CompletionService.ImportCompletionSuggestions + method. + GoogleCloudDiscoveryengineV1WidgetConfigAccessSettings: type: object + description: Describes widget access settings. properties: - document: - description: Document resource name. - type: string - uri: - description: URI for the document. - type: string - title: - description: Title. - type: string - pageIdentifier: - description: Page identifier. + languageCode: + description: >- + Optional. Language code for user interface. Use language tags + defined by [BCP47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). If + unset, the default language code is "en-US". type: string - structData: + allowPublicAccess: + description: Whether public unauthenticated access is allowed. + type: boolean + workforceIdentityPoolProvider: description: >- - The structured JSON metadata for the document. It is populated from - the struct data from the Chunk in search result. - type: object - additionalProperties: - type: any - description: Properties of the object. - GoogleCloudDiscoveryengineV1AnswerReferenceStructuredDocumentInfo: - id: GoogleCloudDiscoveryengineV1AnswerReferenceStructuredDocumentInfo - description: Structured search information. + Optional. The workforce identity pool provider used to access the + widget. + type: string + enableWebApp: + description: Whether web app access is enabled. + type: boolean + allowlistedDomains: + items: + type: string + type: array + description: List of domains that are allowed to integrate the search widget. + id: GoogleCloudDiscoveryengineV1WidgetConfigAccessSettings + GoogleCloudDiscoveryengineV1WidgetConfigUIComponentField: type: object properties: - document: - description: Document resource name. - type: string - structData: - description: Structured search data. - type: object - additionalProperties: - type: any - description: Properties of the object. - title: - description: Output only. The title of the document. - readOnly: true + field: + description: Required. Registered field name. The format is `field.abc`. type: string - uri: - description: Output only. The URI of the document. - readOnly: true + displayTemplate: type: string - GoogleCloudDiscoveryengineV1AnswerStep: - id: GoogleCloudDiscoveryengineV1AnswerStep - description: Step information. + description: >- + The template to customize how the field is displayed. An example + value would be a string that looks like: "Price: {value}". + deviceVisibility: + description: The field visibility on different types of devices. + items: + type: string + enumDescriptions: + - >- + Default value when not specified. Server returns + INVALID_ARGUMENT if used in requests. + - The UI component is visible on Mobile devices. + - The UI component is visible on Browser-based client. + enum: + - DEVICE_VISIBILITY_UNSPECIFIED + - MOBILE + - DESKTOP + type: array + description: Facet field that maps to a UI Component. + id: GoogleCloudDiscoveryengineV1WidgetConfigUIComponentField + GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponseDocumentMetadata: type: object properties: + matcherValue: + description: The value of the matcher that was used to match the Document. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponseDocumentMetadataMatcherValue + dataIngestionSource: + description: >- + The data ingestion source of the Document. Allowed values are: * + `batch`: Data ingested via Batch API, e.g., ImportDocuments. * + `streaming` Data ingested via Streaming API, e.g., FHIR streaming. + type: string state: - description: The state of the step. + description: The state of the document. type: string enumDescriptions: - - Unknown. - - Step is currently in progress. - - Step currently failed. - - Step has succeeded. + - Should never be set. + - The Document is indexed. + - >- + The Document is not indexed because its URI is not in the + TargetSite. + - The Document is not indexed. enum: - STATE_UNSPECIFIED - - IN_PROGRESS - - FAILED - - SUCCEEDED - description: - description: The description of the step. - type: string - thought: - description: The thought of the step. + - INDEXED + - NOT_IN_TARGET_SITE + - NOT_IN_INDEX + lastRefreshedTime: + format: google-datetime + description: The timestamp of the last time the Document was last indexed. type: string - actions: - description: Actions. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AnswerStepAction' - GoogleCloudDiscoveryengineV1AnswerStepAction: - id: GoogleCloudDiscoveryengineV1AnswerStepAction - description: Action. - type: object - properties: - searchAction: - description: Search action. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerStepActionSearchAction - observation: - description: Observation. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerStepActionObservation - GoogleCloudDiscoveryengineV1AnswerStepActionSearchAction: - id: GoogleCloudDiscoveryengineV1AnswerStepActionSearchAction - description: Search action. + description: The metadata of a Document. + id: >- + GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponseDocumentMetadata + GoogleCloudDiscoveryengineV1DataStoreBillingEstimation: + id: GoogleCloudDiscoveryengineV1DataStoreBillingEstimation type: object properties: - query: - description: The query to search. + websiteDataSize: + format: int64 + description: Data size for websites in terms of bytes. type: string - GoogleCloudDiscoveryengineV1AnswerStepActionObservation: - id: GoogleCloudDiscoveryengineV1AnswerStepActionObservation - description: Observation. - type: object + structuredDataSize: + type: string + description: Data size for structured data in terms of bytes. + format: int64 + websiteDataUpdateTime: + type: string + description: Last updated timestamp for websites. + format: google-datetime + structuredDataUpdateTime: + description: Last updated timestamp for structured data. + format: google-datetime + type: string + unstructuredDataUpdateTime: + description: Last updated timestamp for unstructured data. + format: google-datetime + type: string + unstructuredDataSize: + description: Data size for unstructured data in terms of bytes. + format: int64 + type: string + description: Estimation of data size per data store. + GoogleCloudDiscoveryengineV1DeleteCmekConfigMetadata: properties: - searchResults: + createTime: + format: google-datetime + type: string + description: Operation create time. + updateTime: + format: google-datetime + type: string description: >- - Search results observed by the search action, it can be snippets - info or chunk info, depending on the citation type set by the user. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResult - GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResult: - id: GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResult + Operation last update time. If the operation is done, this is also + the finish time. + type: object + description: >- + Metadata related to the progress of the + CmekConfigService.DeleteCmekConfig operation. This will be returned by + the google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1DeleteCmekConfigMetadata + GoogleCloudDiscoveryengineV1betaDisableAdvancedSiteSearchMetadata: + description: >- + Metadata related to the progress of the + SiteSearchEngineService.DisableAdvancedSiteSearch operation. This will + be returned by the google.longrunning.Operation.metadata field. type: object properties: - document: - description: Document resource name. - type: string - uri: - description: URI for the document. + createTime: + format: google-datetime + description: Operation create time. type: string - title: - description: Title. + updateTime: + format: google-datetime + description: >- + Operation last update time. If the operation is done, this is also + the finish time. type: string - snippetInfo: + id: GoogleCloudDiscoveryengineV1betaDisableAdvancedSiteSearchMetadata + GoogleCloudDiscoveryengineV1alphaTrainCustomModelResponse: + id: GoogleCloudDiscoveryengineV1alphaTrainCustomModelResponse + type: object + properties: + errorConfig: description: >- - If citation_type is DOCUMENT_LEVEL_CITATION, populate document level - snippets. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResultSnippetInfo - chunkInfo: + Echoes the destination for the complete errors in the request if + set. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaImportErrorConfig + modelStatus: + type: string description: >- - If citation_type is CHUNK_LEVEL_CITATION and chunk mode is on, - populate chunk info. + The trained model status. Possible values are: * **bad-data**: The + training data quality is bad. * **no-improvement**: Tuning didn't + improve performance. Won't deploy. * **in-progress**: Model training + job creation is in progress. * **training**: Model is actively + training. * **evaluating**: The model is evaluating trained metrics. + * **indexing**: The model trained metrics are indexing. * **ready**: + The model is ready for serving. + errorSamples: + description: A sample of errors encountered while processing the data. type: array items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResultChunkInfo - structData: - description: >- - Data representation. The structured JSON data for the document. It's - populated from the struct data from the Document, or the Chunk in - search result. + $ref: '#/components/schemas/GoogleRpcStatus' + modelName: + description: Fully qualified name of the CustomTuningModel. + type: string + metrics: + description: The metrics of the trained model. type: object additionalProperties: - type: any - description: Properties of the object. - GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResultSnippetInfo: - id: >- - GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResultSnippetInfo - description: Snippet information. + type: number + format: double + description: >- + Response of the TrainCustomModelRequest. This message is returned by the + google.longrunning.Operations.response field. + GoogleCloudDiscoveryengineV1alphaProjectCustomerProvidedConfig: + id: GoogleCloudDiscoveryengineV1alphaProjectCustomerProvidedConfig + description: Customer provided configurations. + properties: + notebooklmConfig: + description: Optional. Configuration for NotebookLM settings. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaProjectCustomerProvidedConfigNotebooklmConfig type: object + GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigEngineFeaturesConfig: properties: - snippet: - description: Snippet content. - type: string - snippetStatus: - description: Status of the snippet defined by the search team. - type: string - GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResultChunkInfo: + mostPopularConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigMostPopularFeatureConfig + description: Most popular engine feature config. + recommendedForYouConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig + description: Recommended for you engine feature config. id: >- - GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResultChunkInfo - description: Chunk information. + GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigEngineFeaturesConfig + description: More feature configs of the selected engine type. + type: object + GoogleCloudDiscoveryengineV1DocumentIndexStatus: + id: GoogleCloudDiscoveryengineV1DocumentIndexStatus type: object properties: - chunk: - description: Chunk resource name. + errorSamples: + description: >- + A sample of errors encountered while indexing the document. If this + field is populated, the document is not indexed due to errors. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + pendingMessage: type: string - content: - description: Chunk textual content. + description: >- + Immutable. The message indicates the document index is in progress. + If this field is populated, the document index is pending. + indexTime: type: string - relevanceScore: description: >- - The relevance of the chunk for a given query. Values range from 0.0 - (completely irrelevant) to 1.0 (completely relevant). This value is - for informational purpose only. It may change for the same query and - chunk at any time due to a model retraining or change in - implementation. - type: number - format: float - GoogleCloudDiscoveryengineV1AnswerQueryUnderstandingInfo: - id: GoogleCloudDiscoveryengineV1AnswerQueryUnderstandingInfo - description: Query understanding information. + The time when the document was indexed. If this field is populated, + it means the document has been indexed. + format: google-datetime + description: Index status of the document. + GoogleTypeTimeZone: + id: GoogleTypeTimeZone type: object + description: >- + Represents a time zone from the [IANA Time Zone + Database](https://www.iana.org/time-zones). properties: - queryClassificationInfo: - description: Query classification information. - type: array + id: + type: string + description: IANA Time Zone Database time zone. For example "America/New_York". + version: + type: string + description: >- + Optional. IANA Time Zone Database version number. For example + "2019a". + GoogleCloudDiscoveryengineV1RankResponse: + description: Response message for RankService.Rank method. + type: object + id: GoogleCloudDiscoveryengineV1RankResponse + properties: + records: items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryUnderstandingInfoQueryClassificationInfo - GoogleCloudDiscoveryengineV1AnswerQueryUnderstandingInfoQueryClassificationInfo: - id: >- - GoogleCloudDiscoveryengineV1AnswerQueryUnderstandingInfoQueryClassificationInfo - description: Query classification information. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1RankingRecord' + type: array + description: A list of records sorted by descending score. + GoogleCloudDiscoveryengineV1alphaIdentityScheduleConfig: + properties: + nextSyncTime: + description: >- + Optional. The UTC time when the next data sync is expected to start + for the Data Connector. Customers are only able to specify the hour + and minute to schedule the data sync. This is utilized when the data + connector has a refresh interval greater than 1 day. + $ref: '#/components/schemas/GoogleTypeDateTime' + refreshInterval: + type: string + format: google-duration + description: >- + Optional. The refresh interval to sync the Access Control List + information for the documents ingested by this connector. If not + set, the access control list will be refreshed at the default + interval of 30 minutes. The identity refresh interval can be at + least 30 minutes and at most 7 days. + id: GoogleCloudDiscoveryengineV1alphaIdentityScheduleConfig type: object + description: The configuration for the identity data synchronization runs. + GoogleCloudDiscoveryengineV1AssistAnswerCustomerPolicyEnforcementResultModelArmorEnforcementResult: + description: Customer policy enforcement result for the Model Armor policy. + id: >- + GoogleCloudDiscoveryengineV1AssistAnswerCustomerPolicyEnforcementResultModelArmorEnforcementResult properties: - type: - description: Query classification type. + modelArmorViolation: + description: The Model Armor violation that was found. type: string - enumDescriptions: - - Unspecified query classification type. - - Adversarial query classification type. - - Non-answer-seeking query classification type, for chit chat. - - Jail-breaking query classification type. - - Non-answer-seeking query classification type, for no clear intent. - - User defined query classification type. - enum: - - TYPE_UNSPECIFIED - - ADVERSARIAL_QUERY - - NON_ANSWER_SEEKING_QUERY - - JAIL_BREAKING_QUERY - - NON_ANSWER_SEEKING_QUERY_V2 - - USER_DEFINED_CLASSIFICATION_QUERY - positive: - description: Classification output. - type: boolean - GoogleCloudDiscoveryengineV1SafetyRating: - id: GoogleCloudDiscoveryengineV1SafetyRating - description: Safety rating corresponding to the generated content. + error: + description: >- + The error returned by Model Armor if the policy enforcement failed + for some reason. + $ref: '#/components/schemas/GoogleRpcStatus' type: object + GoogleCloudDiscoveryengineV1BAPConfig: + description: The configuration for the BAP connector. + id: GoogleCloudDiscoveryengineV1BAPConfig properties: - category: - description: Output only. Harm category. - readOnly: true + enabledActions: + items: + type: string + type: array + description: Optional. The actions enabled on the associated BAP connection. + supportedConnectorModes: + items: + enumDescriptions: + - Connector mode unspecified. + - Connector utilized for data ingestion. + - Connector utilized for Actions + - Connector utilized for End User Authentication. + type: string + enum: + - CONNECTOR_MODE_UNSPECIFIED + - DATA_INGESTION + - ACTIONS + - END_USER_AUTHENTICATION + description: >- + Required. The supported connector modes for the associated BAP + connection. + type: array + type: object + GoogleCloudDiscoveryengineV1Tenant: + type: object + id: GoogleCloudDiscoveryengineV1Tenant + description: >- + Tenant information for a connector source. This includes some of the + same information stored in the Credential message, but is limited to + only what is needed to provide a list of accessible tenants to the user. + properties: + displayName: type: string - enumDescriptions: - - The harm category is unspecified. - - The harm category is hate speech. - - The harm category is dangerous content. - - The harm category is harassment. - - The harm category is sexually explicit content. - - The harm category is civic integrity. - enum: - - HARM_CATEGORY_UNSPECIFIED - - HARM_CATEGORY_HATE_SPEECH - - HARM_CATEGORY_DANGEROUS_CONTENT - - HARM_CATEGORY_HARASSMENT - - HARM_CATEGORY_SEXUALLY_EXPLICIT - - HARM_CATEGORY_CIVIC_INTEGRITY - probability: - description: Output only. Harm probability levels in the content. - readOnly: true + description: Optional display name for the tenant, e.g. "My Slack Team". + uri: + description: >- + The URI of the tenant, if applicable. For example, the URI of a Jira + instance is https://my-jira-instance.atlassian.net, and a Slack + tenant does not have a URI. type: string - enumDescriptions: - - Harm probability unspecified. - - Negligible level of harm. - - Low level of harm. - - Medium level of harm. - - High level of harm. - enum: - - HARM_PROBABILITY_UNSPECIFIED - - NEGLIGIBLE - - LOW - - MEDIUM - - HIGH - probabilityScore: - description: Output only. Harm probability score. - readOnly: true - type: number - format: float - severity: - description: Output only. Harm severity levels in the content. - readOnly: true + id: type: string - enumDescriptions: - - Harm severity unspecified. - - Negligible level of harm severity. - - Low level of harm severity. - - Medium level of harm severity. - - High level of harm severity. - enum: - - HARM_SEVERITY_UNSPECIFIED - - HARM_SEVERITY_NEGLIGIBLE - - HARM_SEVERITY_LOW - - HARM_SEVERITY_MEDIUM - - HARM_SEVERITY_HIGH - severityScore: - description: Output only. Harm severity score. - readOnly: true - type: number - format: float - blocked: description: >- - Output only. Indicates whether the content was filtered out because - of this rating. - readOnly: true - type: boolean - GoogleCloudDiscoveryengineV1Session: - id: GoogleCloudDiscoveryengineV1Session - description: External session proto definition. + The tenant's instance ID. Examples: Jira + ("8594f221-9797-5f78-1fa4-485e198d7cd0"), Slack ("T123456"). + GoogleCloudDiscoveryengineV1Schema: type: object properties: name: description: >- - Immutable. Fully qualified name - `projects/{project}/locations/global/collections/{collection}/engines/{engine}/sessions/*` + Immutable. The full resource name of the schema, in the format of + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/schemas/{schema}`. + This field must be a UTF-8 encoded string with a length limit of + 1024 characters. type: string - displayName: - description: >- - Optional. The display name of the session. This field is used to - identify the session in the UI. By default, the display name is the - first turn query text in the session. + structSchema: + type: object + description: The structured representation of the schema. + additionalProperties: + description: Properties of the object. + type: any + jsonSchema: + description: The JSON representation of the schema. type: string - state: - description: The state of the session. + id: GoogleCloudDiscoveryengineV1Schema + description: Defines the structure and layout of a type of document data. + GoogleCloudDiscoveryengineV1alphaAnswer: + type: object + id: GoogleCloudDiscoveryengineV1alphaAnswer + description: Defines an answer. + properties: + blobAttachments: + description: List of blob attachments in the answer. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerBlobAttachment + steps: + description: Answer generation steps. + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerStep' + type: array + safetyRatings: + description: Optional. Safety ratings. + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaSafetyRating' + type: array + createTime: type: string - enumDescriptions: - - State is unspecified. - - The session is currently open. + format: google-datetime + description: Output only. Answer creation timestamp. + readOnly: true + queryUnderstandingInfo: + description: Query understanding information. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerQueryUnderstandingInfo + state: enum: - STATE_UNSPECIFIED - IN_PROGRESS - userPseudoId: - description: A unique identifier for tracking users. + - FAILED + - SUCCEEDED + - STREAMING + description: The state of the answer generation. type: string - turns: - description: Turns. + enumDescriptions: + - Unknown. + - Answer generation is currently in progress. + - Answer generation currently failed. + - Answer generation has succeeded. + - Answer generation is currently in progress. + answerSkippedReasons: type: array items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SessionTurn' - startTime: - description: Output only. The time the session started. - readOnly: true + enumDescriptions: + - Default value. The answer skipped reason is not specified. + - The adversarial query ignored case. + - >- + The non-answer seeking query ignored case Google skips the + answer if the query is chit chat. + - >- + The out-of-domain query ignored case. Google skips the answer if + there are no high-relevance search results. + - >- + The potential policy violation case. Google skips the answer if + there is a potential policy violation detected. This includes + content that may be violent or toxic. + - >- + The no relevant content case. Google skips the answer if there + is no relevant content in the retrieved search results. + - >- + The jail-breaking query ignored case. For example, "Reply in the + tone of a competing company's CEO". Google skips the answer if + the query is classified as a jail-breaking query. + - >- + The customer policy violation case. Google skips the summary if + there is a customer policy violation detected. The policy is + defined by the customer. + - >- + The non-answer seeking query ignored case. Google skips the + answer if the query doesn't have clear intent. + - >- + The low-grounded answer case. Google skips the answer if a well + grounded answer was unable to be generated. + - >- + The user defined query classification ignored case. Google skips + the answer if the query is classified as a user defined query + classification. + - >- + The unhelpful answer case. Google skips the answer if the answer + is not helpful. This can be due to a variety of factors, + including but not limited to: the query is not answerable, the + answer is not relevant to the query, or the answer is not + well-formatted. + enum: + - ANSWER_SKIPPED_REASON_UNSPECIFIED + - ADVERSARIAL_QUERY_IGNORED + - NON_ANSWER_SEEKING_QUERY_IGNORED + - OUT_OF_DOMAIN_QUERY_IGNORED + - POTENTIAL_POLICY_VIOLATION + - NO_RELEVANT_CONTENT + - JAIL_BREAKING_QUERY_IGNORED + - CUSTOMER_POLICY_VIOLATION + - NON_ANSWER_SEEKING_QUERY_IGNORED_V2 + - LOW_GROUNDED_ANSWER + - USER_DEFINED_CLASSIFICATION_QUERY_IGNORED + - UNHELPFUL_ANSWER + type: string + description: >- + Additional answer-skipped reasons. This provides the reason for + ignored cases. If nothing is skipped, this field is not set. + name: + type: string + description: >- + Immutable. Fully qualified name + `projects/{project}/locations/global/collections/{collection}/engines/{engine}/sessions/*/answers/*` + references: + description: References. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerReference + answerText: + description: The textual answer. type: string + citations: + description: Citations. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerCitation + type: array + relatedQuestions: + description: Suggested related questions. + type: array + items: + type: string + completeTime: + description: Output only. Answer completed timestamp. format: google-datetime - endTime: - description: Output only. The time the session finished. readOnly: true type: string - format: google-datetime - isPinned: + groundingSupports: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerGroundingSupport + description: Optional. Grounding supports. + groundingScore: description: >- - Optional. Whether the session is pinned, pinned session will be - displayed on the top of the session list. - type: boolean - GoogleCloudDiscoveryengineV1SessionTurn: - id: GoogleCloudDiscoveryengineV1SessionTurn - description: >- - Represents a turn, including a query from the user and a answer from - service. + A score in the range of [0, 1] describing how grounded the answer is + by the reference chunks. + type: number + format: double + GoogleCloudDiscoveryengineV1betaCreateEvaluationMetadata: type: object + properties: {} + id: GoogleCloudDiscoveryengineV1betaCreateEvaluationMetadata + description: Metadata for EvaluationService.CreateEvaluation method. + GoogleCloudDiscoveryengineV1betaCondition: properties: - query: + activeTimeRange: + type: array description: >- - Optional. The user query. May not be set if this turn is merely - regenerating an answer to a different turn - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Query' - answer: + Range of time(s) specifying when condition is active. Maximum of 10 + time ranges. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaConditionTimeRange + queryTerms: + type: array description: >- - Optional. The resource name of the answer to the user query. Only - set if the answer generation (/answer API call) happened in this - turn. + Search only A list of terms to match the query on. Cannot be set + when Condition.query_regex is set. Maximum of 10 query terms. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaConditionQueryTerm + queryRegex: type: string - detailedAnswer: - description: >- - Output only. In ConversationalSearchService.GetSession API, if - GetSessionRequest.include_answer_details is set to true, this field - will be populated when getting answer query session. - readOnly: true - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Answer' - queryConfig: description: >- - Optional. Represents metadata related to the query config, for - example LLM model and version used, model parameters (temperature, - grounding parameters, etc.). The prefix "google." is reserved for - Google-developed functionality. - type: object - additionalProperties: - type: string - GoogleCloudDiscoveryengineV1DataStore: - id: GoogleCloudDiscoveryengineV1DataStore - description: DataStore captures global settings and configs at the DataStore level. + Optional. Query regex to match the whole search query. Cannot be set + when Condition.query_terms is set. Only supported for Basic Site + Search promotion serving controls. + description: Defines circumstances to be checked before allowing a behavior + id: GoogleCloudDiscoveryengineV1betaCondition + type: object + GoogleCloudDiscoveryengineV1DestinationConfigDestination: + id: GoogleCloudDiscoveryengineV1DestinationConfigDestination type: object properties: - name: - description: >- - Immutable. Identifier. The full resource name of the data store. - Format: - `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}`. - This field must be a UTF-8 encoded string with a length limit of - 1024 characters. - type: string - displayName: - description: >- - Required. The data store display name. This field must be a UTF-8 - encoded string with a length limit of 128 characters. Otherwise, an - INVALID_ARGUMENT error is returned. - type: string - industryVertical: - description: Immutable. The industry vertical that the data store registers. + port: + format: int32 + type: integer + description: Optional. Target port number accepted by the destination. + host: type: string - enumDescriptions: - - Value used when unset. - - >- - The generic vertical for documents that are not specific to any - industry vertical. - - The media industry vertical. - - The healthcare FHIR vertical. - enum: - - INDUSTRY_VERTICAL_UNSPECIFIED - - GENERIC - - MEDIA - - HEALTHCARE_FHIR - solutionTypes: - description: >- - The solutions that the data store enrolls. Available solutions for - each industry_vertical: * `MEDIA`: `SOLUTION_TYPE_RECOMMENDATION` - and `SOLUTION_TYPE_SEARCH`. * `SITE_SEARCH`: `SOLUTION_TYPE_SEARCH` - is automatically enrolled. Other solutions cannot be enrolled. - type: array + description: Publicly routable host. + description: Defines a target endpoint + GoogleCloudDiscoveryengineV1alphaEnableAdvancedSiteSearchResponse: + properties: {} + description: >- + Response message for SiteSearchEngineService.EnableAdvancedSiteSearch + method. + id: GoogleCloudDiscoveryengineV1alphaEnableAdvancedSiteSearchResponse + type: object + GoogleCloudDiscoveryengineV1SearchResponseSummary: + description: Summary of the top N search results specified by the summary spec. + type: object + id: GoogleCloudDiscoveryengineV1SearchResponseSummary + properties: + summarySkippedReasons: items: type: string enumDescriptions: - - Default value. - - Used for Recommendations AI. - - Used for Discovery Search. - - Used for use cases related to the Generative AI agent. + - Default value. The summary skipped reason is not specified. - >- - Used for use cases related to the Generative Chat agent. It's - used for Generative chat engine only, the associated data stores - must enrolled with `SOLUTION_TYPE_CHAT` solution. - enum: - - SOLUTION_TYPE_UNSPECIFIED - - SOLUTION_TYPE_RECOMMENDATION - - SOLUTION_TYPE_SEARCH - - SOLUTION_TYPE_CHAT - - SOLUTION_TYPE_GENERATIVE_CHAT - defaultSchemaId: + The adversarial query ignored case. Only used when + SummarySpec.ignore_adversarial_query is set to `true`. + - >- + The non-summary seeking query ignored case. Google skips the + summary if the query is chit chat. Only used when + SummarySpec.ignore_non_summary_seeking_query is set to `true`. + - >- + The out-of-domain query ignored case. Google skips the summary + if there are no high-relevance search results. For example, the + data store contains facts about company A but the user query is + asking questions about company B. + - >- + The potential policy violation case. Google skips the summary if + there is a potential policy violation detected. This includes + content that may be violent or toxic. + - >- + The LLM addon not enabled case. Google skips the summary if the + LLM addon is not enabled. + - >- + The no relevant content case. Google skips the summary if there + is no relevant content in the retrieved search results. + - >- + The jail-breaking query ignored case. For example, "Reply in the + tone of a competing company's CEO". Only used when + [SearchRequest.ContentSearchSpec.SummarySpec.ignore_jail_breaking_query] + is set to `true`. + - >- + The customer policy violation case. Google skips the summary if + there is a customer policy violation detected. The policy is + defined by the customer. + - >- + The non-answer seeking query ignored case. Google skips the + summary if the query doesn't have clear intent. Only used when + [SearchRequest.ContentSearchSpec.SummarySpec.ignore_non_answer_seeking_query] + is set to `true`. + - The time out case. Google skips the summary if the time out. + enum: + - SUMMARY_SKIPPED_REASON_UNSPECIFIED + - ADVERSARIAL_QUERY_IGNORED + - NON_SUMMARY_SEEKING_QUERY_IGNORED + - OUT_OF_DOMAIN_QUERY_IGNORED + - POTENTIAL_POLICY_VIOLATION + - LLM_ADDON_NOT_ENABLED + - NO_RELEVANT_CONTENT + - JAIL_BREAKING_QUERY_IGNORED + - CUSTOMER_POLICY_VIOLATION + - NON_SUMMARY_SEEKING_QUERY_IGNORED_V2 + - TIME_OUT description: >- - Output only. The id of the default Schema associated to this data - store. - readOnly: true - type: string - contentConfig: + Additional summary-skipped reasons. This provides the reason for + ignored cases. If nothing is skipped, this field is not set. + type: array + summaryWithMetadata: + description: Summary with metadata information. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummarySummaryWithMetadata + safetyAttributes: description: >- - Immutable. The content config of the data store. If this field is - unset, the server behavior defaults to ContentConfig.NO_CONTENT. + A collection of Safety Attribute categories and their associated + confidence scores. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummarySafetyAttributes + summaryText: type: string - enumDescriptions: - - Default value. - - Only contains documents without any Document.content. - - Only contains documents with Document.content. - - The data store is used for public website search. - - >- - The data store is used for workspace search. Details of workspace - data store are specified in the WorkspaceConfig. - enum: - - CONTENT_CONFIG_UNSPECIFIED - - NO_CONTENT - - CONTENT_REQUIRED - - PUBLIC_WEBSITE - - GOOGLE_WORKSPACE - createTime: - description: Output only. Timestamp the DataStore was created at. - readOnly: true + description: The summary content. + GoogleCloudDiscoveryengineV1SetUpDataConnectorMetadata: + properties: {} + type: object + id: GoogleCloudDiscoveryengineV1SetUpDataConnectorMetadata + description: Metadata for DataConnectorService.SetUpDataConnector method. + GoogleCloudDiscoveryengineLoggingImportErrorContext: + type: object + description: >- + The error payload that is populated on LRO import APIs, including the + following: * + `google.cloud.discoveryengine.v1alpha.DocumentService.ImportDocuments` * + `google.cloud.discoveryengine.v1alpha.UserEventService.ImportUserEvents` + properties: + document: + description: The detailed content which caused the error on importing a document. type: string - format: google-datetime - advancedSiteSearchConfig: - description: Optional. Configuration for advanced site search. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedSiteSearchConfig - kmsKeyName: + userEvent: description: >- - Input only. The KMS key to be used to protect this DataStore at - creation time. Must be set for requests that need to comply with - CMEK Org Policy protections. If this field is set and processed - successfully, the DataStore will be protected by the KMS key, as - indicated in the cmek_config field. + The detailed content which caused the error on importing a user + event. + type: string + lineNumber: type: string - cmekConfig: - description: Output only. CMEK-related information for the DataStore. - readOnly: true - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CmekConfig' - billingEstimation: - description: Output only. Data size estimation for billing. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1DataStoreBillingEstimation - aclEnabled: - description: >- - Immutable. Whether data in the DataStore has ACL information. If set - to `true`, the source data must have ACL. ACL will be ingested when - data is ingested by DocumentService.ImportDocuments methods. When - ACL is enabled for the DataStore, Document can't be accessed by - calling DocumentService.GetDocument or - DocumentService.ListDocuments. Currently ACL is only supported in - `GENERIC` industry vertical with non-`PUBLIC_WEBSITE` content - config. - type: boolean - workspaceConfig: - description: >- - Config to store data store type configuration for workspace data. - This must be set when DataStore.content_config is set as - DataStore.ContentConfig.GOOGLE_WORKSPACE. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1WorkspaceConfig' - documentProcessingConfig: - description: Configuration for Document understanding and enrichment. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1DocumentProcessingConfig - startingSchema: description: >- - The start schema to use for this DataStore when provisioning it. If - unset, a default vertical specialized schema will be used. This - field is only used by CreateDataStore API, and will be ignored if - used in other APIs. This field will be omitted from all API - responses including CreateDataStore API. To retrieve a schema of a - DataStore, use SchemaService.GetSchema API instead. The provided - schema will be validated against certain rules on schema. Learn more - from [this - doc](https://cloud.google.com/generative-ai-app-builder/docs/provide-schema). - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Schema' - healthcareFhirConfig: - description: Optional. Configuration for `HEALTHCARE_FHIR` vertical. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1HealthcareFhirConfig - servingConfigDataStore: - description: Optional. Stores serving config at DataStore level. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1DataStoreServingConfigDataStore - identityMappingStore: + Line number of the content in file. Should be empty for permission + or batch operation error. + gcsPath: description: >- - Immutable. The fully qualified resource name of the associated - IdentityMappingStore. This field can only be set for acl_enabled - DataStores with `THIRD_PARTY` or `GSUITE` IdP. Format: - `projects/{project}/locations/{location}/identityMappingStores/{identity_mapping_store}`. + Google Cloud Storage file path of the import source. Can be set for + batch operation error. type: string - isInfobotFaqDataStore: - description: Optional. If set, this DataStore is an Infobot FAQ DataStore. - type: boolean - GoogleCloudDiscoveryengineV1AdvancedSiteSearchConfig: - id: GoogleCloudDiscoveryengineV1AdvancedSiteSearchConfig - description: Configuration data for advance site search. + operation: + type: string + description: The operation resource name of the LRO. + id: GoogleCloudDiscoveryengineLoggingImportErrorContext + GoogleCloudDiscoveryengineV1alphaProjectCustomerProvidedConfigNotebooklmConfigModelArmorConfig: type: object + id: >- + GoogleCloudDiscoveryengineV1alphaProjectCustomerProvidedConfigNotebooklmConfigModelArmorConfig + description: >- + Configuration for customer defined Model Armor templates to be used for + sanitizing user prompts and LLM responses. properties: - disableInitialIndex: - description: If set true, initial indexing is disabled for the DataStore. - type: boolean - disableAutomaticRefresh: - description: If set true, automatic refresh is disabled for the DataStore. - type: boolean - GoogleCloudDiscoveryengineV1DataStoreBillingEstimation: - id: GoogleCloudDiscoveryengineV1DataStoreBillingEstimation - description: Estimation of data size per data store. + responseTemplate: + type: string + description: >- + Optional. The resource name of the Model Armor Template for + sanitizing LLM responses. Format: + projects/{project}/locations/{location}/templates/{template_id} If + not specified, no sanitization will be applied to the LLM response. + userPromptTemplate: + type: string + description: >- + Optional. The resource name of the Model Armor Template for + sanitizing user prompts. Format: + projects/{project}/locations/{location}/templates/{template_id} If + not specified, no sanitization will be applied to the user prompt. + GoogleCloudDiscoveryengineV1TrainCustomModelMetadata: type: object + description: >- + Metadata related to the progress of the TrainCustomModel operation. This + is returned by the google.longrunning.Operation.metadata field. properties: - structuredDataSize: - description: Data size for structured data in terms of bytes. + createTime: + description: Operation create time. type: string - format: int64 - unstructuredDataSize: - description: Data size for unstructured data in terms of bytes. + format: google-datetime + updateTime: type: string - format: int64 - websiteDataSize: - description: Data size for websites in terms of bytes. + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + id: GoogleCloudDiscoveryengineV1TrainCustomModelMetadata + GoogleCloudDiscoveryengineV1betaTargetSiteFailureReasonQuotaFailure: + properties: + totalRequiredQuota: type: string + description: >- + This number is an estimation on how much total quota this project + needs to successfully complete indexing. format: int64 - structuredDataUpdateTime: - description: Last updated timestamp for structured data. - type: string + id: GoogleCloudDiscoveryengineV1betaTargetSiteFailureReasonQuotaFailure + type: object + description: Failed due to insufficient quota. + GoogleCloudDiscoveryengineV1alphaImportSuggestionDenyListEntriesMetadata: + type: object + id: GoogleCloudDiscoveryengineV1alphaImportSuggestionDenyListEntriesMetadata + description: >- + Metadata related to the progress of the ImportSuggestionDenyListEntries + operation. This is returned by the google.longrunning.Operation.metadata + field. + properties: + updateTime: format: google-datetime - unstructuredDataUpdateTime: - description: Last updated timestamp for unstructured data. type: string - format: google-datetime - websiteDataUpdateTime: - description: Last updated timestamp for websites. + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + createTime: + description: Operation create time. type: string format: google-datetime - GoogleCloudDiscoveryengineV1WorkspaceConfig: - id: GoogleCloudDiscoveryengineV1WorkspaceConfig - description: Config to store data store type configuration for workspace data + GoogleCloudDiscoveryengineV1ConditionTimeRange: + description: Used for time-dependent conditions. type: object + id: GoogleCloudDiscoveryengineV1ConditionTimeRange properties: - type: - description: The Google Workspace data source. - type: string - enumDescriptions: - - Defaults to an unspecified Workspace type. - - Workspace Data Store contains Drive data - - Workspace Data Store contains Mail data - - Workspace Data Store contains Sites data - - Workspace Data Store contains Calendar data - - Workspace Data Store contains Chat data - - Workspace Data Store contains Groups data - - Workspace Data Store contains Keep data - - Workspace Data Store contains People data - enum: - - TYPE_UNSPECIFIED - - GOOGLE_DRIVE - - GOOGLE_MAIL - - GOOGLE_SITES - - GOOGLE_CALENDAR - - GOOGLE_CHAT - - GOOGLE_GROUPS - - GOOGLE_KEEP - - GOOGLE_PEOPLE - dasherCustomerId: - description: Obfuscated Dasher customer ID. - type: string - superAdminServiceAccount: - description: >- - Optional. The super admin service account for the workspace that - will be used for access token generation. For now we only use it for - Native Google Drive connector data ingestion. + startTime: + description: Start of time range. Range is inclusive. type: string - superAdminEmailAddress: - description: >- - Optional. The super admin email address for the workspace that will - be used for access token generation. For now we only use it for - Native Google Drive connector data ingestion. + format: google-datetime + endTime: + description: End of time range. Range is inclusive. Must be in the future. + format: google-datetime type: string - GoogleCloudDiscoveryengineV1DocumentProcessingConfig: - id: GoogleCloudDiscoveryengineV1DocumentProcessingConfig - description: >- - A singleton resource of DataStore. If it's empty when DataStore is - created and DataStore is set to - DataStore.ContentConfig.CONTENT_REQUIRED, the default parser will - default to digital parser. + GoogleCloudDiscoveryengineV1IdentityMappingStore: type: object + id: GoogleCloudDiscoveryengineV1IdentityMappingStore properties: name: description: >- - The full resource name of the Document Processing Config. Format: - `projects/*/locations/*/collections/*/dataStores/*/documentProcessingConfig`. + Immutable. The full resource name of the identity mapping store. + Format: + `projects/{project}/locations/{location}/identityMappingStores/{identity_mapping_store}`. + This field must be a UTF-8 encoded string with a length limit of + 1024 characters. type: string - chunkingConfig: - description: Whether chunking mode is enabled. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1DocumentProcessingConfigChunkingConfig - defaultParsingConfig: + kmsKeyName: description: >- - Configurations for default Document parser. If not specified, we - will configure it as default DigitalParsingConfig, and the default - parsing config will be applied to all file types for Document - parsing. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfig - parsingConfigOverrides: + Input only. The KMS key to be used to protect this Identity Mapping + Store at creation time. Must be set for requests that need to comply + with CMEK Org Policy protections. If this field is set and processed + successfully, the Identity Mapping Store will be protected by the + KMS key, as indicated in the cmek_config field. + type: string + cmekConfig: + readOnly: true + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CmekConfig' description: >- - Map from file type to override the default parsing configuration - based on the file type. Supported keys: * `pdf`: Override parsing - config for PDF files, either digital parsing, ocr parsing or layout - parsing is supported. * `html`: Override parsing config for HTML - files, only digital parsing and layout parsing are supported. * - `docx`: Override parsing config for DOCX files, only digital parsing - and layout parsing are supported. * `pptx`: Override parsing config - for PPTX files, only digital parsing and layout parsing are - supported. * `xlsm`: Override parsing config for XLSM files, only - digital parsing and layout parsing are supported. * `xlsx`: Override - parsing config for XLSX files, only digital parsing and layout - parsing are supported. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfig - GoogleCloudDiscoveryengineV1DocumentProcessingConfigChunkingConfig: - id: GoogleCloudDiscoveryengineV1DocumentProcessingConfigChunkingConfig - description: Configuration for chunking config. - type: object - properties: - layoutBasedChunkingConfig: - description: Configuration for the layout based chunking. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1DocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig - GoogleCloudDiscoveryengineV1DocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig: - id: >- - GoogleCloudDiscoveryengineV1DocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig - description: Configuration for the layout based chunking. - type: object + Output only. CMEK-related information for the Identity Mapping + Store. + description: Identity Mapping Store which contains Identity Mapping Entries. + GoogleCloudDiscoveryengineV1alphaSearchRequestSpellCorrectionSpec: + description: The specification for query spell correction. properties: - chunkSize: - description: >- - The token size limit for each chunk. Supported values: 100-500 - (inclusive). Default value: 500. - type: integer - format: int32 - includeAncestorHeadings: + mode: description: >- - Whether to include appending different levels of headings to chunks - from the middle of the document to prevent context loss. Default - value: False. - type: boolean - GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfig: - id: GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfig - description: Related configurations applied to a specific type of document parser. + The mode under which spell correction replaces the original search + query. Defaults to Mode.AUTO. + enum: + - MODE_UNSPECIFIED + - SUGGESTION_ONLY + - AUTO + type: string + enumDescriptions: + - >- + Unspecified spell correction mode. In this case, server behavior + defaults to Mode.AUTO. + - >- + Search API tries to find a spelling suggestion. If a suggestion is + found, it is put in the SearchResponse.corrected_query. The + spelling suggestion won't be used as the search query. + - >- + Automatic spell correction built by the Search API. Search will be + based on the corrected query if found. type: object + id: GoogleCloudDiscoveryengineV1alphaSearchRequestSpellCorrectionSpec + GoogleCloudDiscoveryengineV1betaTrainCustomModelResponse: properties: - digitalParsingConfig: - description: Configurations applied to digital parser. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigDigitalParsingConfig - ocrParsingConfig: + modelStatus: description: >- - Configurations applied to OCR parser. Currently it only applies to - PDFs. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigOcrParsingConfig - layoutParsingConfig: - description: Configurations applied to layout parser. + The trained model status. Possible values are: * **bad-data**: The + training data quality is bad. * **no-improvement**: Tuning didn't + improve performance. Won't deploy. * **in-progress**: Model training + job creation is in progress. * **training**: Model is actively + training. * **evaluating**: The model is evaluating trained metrics. + * **indexing**: The model trained metrics are indexing. * **ready**: + The model is ready for serving. + type: string + errorConfig: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigLayoutParsingConfig - GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigDigitalParsingConfig: - id: >- - GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigDigitalParsingConfig - description: The digital parsing configurations for documents. - type: object - properties: {} - GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigOcrParsingConfig: - id: >- - GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigOcrParsingConfig - description: The OCR parsing configurations for documents. - type: object - properties: - enhancedDocumentElements: + #/components/schemas/GoogleCloudDiscoveryengineV1betaImportErrorConfig description: >- - [DEPRECATED] This field is deprecated. To use the additional - enhanced document elements processing, please switch to - `layout_parsing_config`. - deprecated: true - type: array + Echoes the destination for the complete errors in the request if + set. + modelName: + description: Fully qualified name of the CustomTuningModel. + type: string + metrics: + description: The metrics of the trained model. + additionalProperties: + format: double + type: number + type: object + errorSamples: items: - type: string - useNativeText: - description: >- - If true, will use native text instead of OCR text on pages - containing native text. - type: boolean - GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigLayoutParsingConfig: - id: >- - GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigLayoutParsingConfig - description: The layout parsing configurations for documents. + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + description: A sample of errors encountered while processing the data. + type: object + description: >- + Response of the TrainCustomModelRequest. This message is returned by the + google.longrunning.Operations.response field. + id: GoogleCloudDiscoveryengineV1betaTrainCustomModelResponse + GoogleCloudDiscoveryengineV1Document: type: object properties: - enableTableAnnotation: + parentDocumentId: + type: string description: >- - Optional. If true, the LLM based annotation is added to the table - during parsing. - type: boolean - enableImageAnnotation: + The identifier of the parent document. Currently supports at most + two level document hierarchy. Id should conform to + [RFC-1034](https://tools.ietf.org/html/rfc1034) standard with a + length limit of 63 characters. + jsonData: description: >- - Optional. If true, the LLM based annotation is added to the image - during parsing. - type: boolean - structuredContentTypes: + The JSON string representation of the document. It should conform to + the registered Schema or an `INVALID_ARGUMENT` error is thrown. + type: string + content: description: >- - Optional. Contains the required structure types to extract from the - document. Supported values: * `shareholder-structure` - type: array - items: - type: string - excludeHtmlElements: - description: Optional. List of HTML elements to exclude from the parsed content. - type: array - items: - type: string - excludeHtmlClasses: - description: Optional. List of HTML classes to exclude from the parsed content. - type: array - items: - type: string - excludeHtmlIds: - description: Optional. List of HTML ids to exclude from the parsed content. - type: array - items: - type: string - enableGetProcessedDocument: + The unstructured data linked to this document. Content can only be + set and must be set if this document is under a `CONTENT_REQUIRED` + data store. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DocumentContent' + structData: + additionalProperties: + type: any + description: Properties of the object. description: >- - Optional. If true, the processed document will be made available for - the GetProcessedDocument API. - type: boolean - GoogleCloudDiscoveryengineV1Schema: - id: GoogleCloudDiscoveryengineV1Schema - description: Defines the structure and layout of a type of document data. - type: object - properties: - structSchema: - description: The structured representation of the schema. + The structured JSON data for the document. It should conform to the + registered Schema or an `INVALID_ARGUMENT` error is thrown. type: object + indexTime: + description: >- + Output only. The last time the document was indexed. If this field + is set, the document could be returned in search results. This field + is OUTPUT_ONLY. If this field is not populated, it means the + document has never been indexed. + type: string + format: google-datetime + readOnly: true + indexStatus: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DocumentIndexStatus' + readOnly: true + description: >- + Output only. The index status of the document. * If document is + indexed successfully, the index_time field is populated. * + Otherwise, if document is not indexed due to errors, the + error_samples field is populated. * Otherwise, if document's index + is in progress, the pending_message field is populated. + derivedStructData: additionalProperties: - type: any description: Properties of the object. - jsonSchema: - description: The JSON representation of the schema. + type: any + readOnly: true + description: >- + Output only. This field is OUTPUT_ONLY. It contains derived data + that are not in the original input document. + type: object + aclInfo: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DocumentAclInfo' + description: Access control information for the document. + id: + description: >- + Immutable. The identifier of the document. Id should conform to + [RFC-1034](https://tools.ietf.org/html/rfc1034) standard with a + length limit of 128 characters. + type: string + schemaId: + description: The identifier of the schema located in the same data store. type: string name: description: >- - Immutable. The full resource name of the schema, in the format of - `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/schemas/{schema}`. + Immutable. The full resource name of the document. Format: + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/branches/{branch}/documents/{document_id}`. This field must be a UTF-8 encoded string with a length limit of 1024 characters. type: string - GoogleCloudDiscoveryengineV1HealthcareFhirConfig: - id: GoogleCloudDiscoveryengineV1HealthcareFhirConfig - description: Config to data store for `HEALTHCARE_FHIR` vertical. - type: object - properties: - enableConfigurableSchema: - description: >- - Whether to enable configurable schema for `HEALTHCARE_FHIR` - vertical. If set to `true`, the predefined healthcare fhir schema - can be extended for more customized searching and filtering. - type: boolean - enableStaticIndexingForBatchIngestion: - description: >- - Whether to enable static indexing for `HEALTHCARE_FHIR` batch - ingestion. If set to `true`, the batch ingestion will be processed - in a static indexing mode which is slower but more capable of - handling larger volume. - type: boolean - GoogleCloudDiscoveryengineV1DataStoreServingConfigDataStore: - id: GoogleCloudDiscoveryengineV1DataStoreServingConfigDataStore + id: GoogleCloudDiscoveryengineV1Document description: >- - Stores information regarding the serving configurations at DataStore - level. - type: object - properties: - disabledForServing: - description: >- - Optional. If set true, the DataStore will not be available for - serving search requests. - type: boolean - GoogleCloudDiscoveryengineV1ListDataStoresResponse: - id: GoogleCloudDiscoveryengineV1ListDataStoresResponse - description: Response message for DataStoreService.ListDataStores method. - type: object + Document captures all raw metadata information of items to be + recommended or searched. + GoogleCloudDiscoveryengineV1betaUserInfo: + id: GoogleCloudDiscoveryengineV1betaUserInfo properties: - dataStores: - description: All the customer's DataStores. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' - nextPageToken: - description: >- - A token that can be sent as ListDataStoresRequest.page_token to - retrieve the next page. If this field is omitted, there are no - subsequent pages. + userAgent: type: string - GoogleCloudDiscoveryengineV1ListDocumentsResponse: - id: GoogleCloudDiscoveryengineV1ListDocumentsResponse - description: Response message for DocumentService.ListDocuments method. - type: object - properties: - documents: - description: The Documents. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' - nextPageToken: description: >- - A token that can be sent as ListDocumentsRequest.page_token to - retrieve the next page. If this field is omitted, there are no - subsequent pages. + User agent as included in the HTTP header. The field must be a UTF-8 + encoded string with a length limit of 1,000 characters. Otherwise, + an `INVALID_ARGUMENT` error is returned. This should not be set when + using the client side event reporting with GTM or JavaScript tag in + UserEventService.CollectUserEvent or if + UserEvent.direct_user_request is set. + timeZone: type: string - GoogleCloudDiscoveryengineV1ImportDocumentsRequest: - id: GoogleCloudDiscoveryengineV1ImportDocumentsRequest - description: Request message for Import methods. + description: Optional. IANA time zone, e.g. Europe/Budapest. + userId: + type: string + description: >- + Highly recommended for logged-in users. Unique identifier for + logged-in user, such as a user name. Don't set for anonymous users. + Always use a hashed value for this ID. Don't set the field to the + same fixed ID for different users. This mixes the event history of + those users together, which results in degraded model quality. The + field must be a UTF-8 encoded string with a length limit of 128 + characters. Otherwise, an `INVALID_ARGUMENT` error is returned. + description: Information of an end user. type: object + GoogleCloudDiscoveryengineV1TargetSite: properties: - inlineSource: - description: The Inline source for the input content for documents. + siteVerificationInfo: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ImportDocumentsRequestInlineSource - gcsSource: - description: Cloud Storage location for the input content. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1GcsSource' - bigquerySource: - description: BigQuery input source. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1BigQuerySource' - fhirStoreSource: - description: FhirStore input source. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1FhirStoreSource' - spannerSource: - description: Spanner input source. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SpannerSource' - cloudSqlSource: - description: Cloud SQL input source. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CloudSqlSource' - firestoreSource: - description: Firestore input source. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1FirestoreSource' - alloyDbSource: - description: AlloyDB input source. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AlloyDbSource' - bigtableSource: - description: Cloud Bigtable input source. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1BigtableSource' - errorConfig: - description: The desired location of errors incurred during the Import. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ImportErrorConfig' - reconciliationMode: + #/components/schemas/GoogleCloudDiscoveryengineV1SiteVerificationInfo + description: Output only. Site ownership and validity verification status. + readOnly: true + name: description: >- - The mode of reconciliation between existing documents and the - documents to be imported. Defaults to - ReconciliationMode.INCREMENTAL. + Output only. The fully qualified resource name of the target site. + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/siteSearchEngine/targetSites/{target_site}` + The `target_site_id` is system-generated. + readOnly: true + type: string + updateTime: + format: google-datetime + description: Output only. The target site's last updated time. + type: string + readOnly: true + generatedUriPattern: + type: string + description: >- + Output only. This is system-generated based on the + provided_uri_pattern. + readOnly: true + failureReason: + description: Output only. Failure reason. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1TargetSiteFailureReason + readOnly: true + indexingStatus: type: string + description: Output only. Indexing status. + readOnly: true enumDescriptions: - - Defaults to `INCREMENTAL`. - - Inserts new documents or updates existing documents. + - Defaults to SUCCEEDED. - >- - Calculates diff and replaces the entire document dataset. Existing - documents may be deleted if they are not present in the source - location. When using this mode, there won't be any downtime on the - dataset targeted. Any document that should remain unchanged or - that should be updated will continue serving while the operation - is running. + The target site is in the update queue and will be picked up by + indexing pipeline. + - The target site fails to be indexed. + - The target site has been indexed. + - >- + The previously indexed target site has been marked to be deleted. + This is a transitioning state which will resulted in either: 1. + target site deleted if unindexing is successful; 2. state reverts + to SUCCEEDED if the unindexing fails. + - The target site change is pending but cancellable. + - The target site change is cancelled. enum: - - RECONCILIATION_MODE_UNSPECIFIED - - INCREMENTAL - - FULL - updateMask: - description: >- - Indicates which fields in the provided imported documents to update. - If not set, the default is to update all fields. + - INDEXING_STATUS_UNSPECIFIED + - PENDING + - FAILED + - SUCCEEDED + - DELETING + - CANCELLABLE + - CANCELLED + rootDomainUri: type: string - format: google-fieldmask - autoGenerateIds: + readOnly: true + description: Output only. Root domain of the provided_uri_pattern. + exactMatch: description: >- - Whether to automatically generate IDs for the documents if absent. - If set to `true`, Document.ids are automatically generated based on - the hash of the payload, where IDs may not be consistent during - multiple imports. In which case ReconciliationMode.FULL is highly - recommended to avoid duplicate contents. If unset or set to `false`, - Document.ids have to be specified using id_field, otherwise, - documents without IDs fail to be imported. Supported data sources: * - GcsSource. GcsSource.data_schema must be `custom` or `csv`. - Otherwise, an INVALID_ARGUMENT error is thrown. * BigQuerySource. - BigQuerySource.data_schema must be `custom` or `csv`. Otherwise, an - INVALID_ARGUMENT error is thrown. * SpannerSource. * CloudSqlSource. - * FirestoreSource. * BigtableSource. + Immutable. If set to false, a uri_pattern is generated to include + all pages whose address contains the provided_uri_pattern. If set to + true, an uri_pattern is generated to try to be an exact match of the + provided_uri_pattern or just the specific page if the + provided_uri_pattern is a specific one. provided_uri_pattern is + always normalized to generate the URI pattern to be used by the + search engine. type: boolean - idField: + providedUriPattern: description: >- - The field indicates the ID field or column to be used as unique IDs - of the documents. For GcsSource it is the key of the JSON field. For - instance, `my_id` for JSON `{"my_id": "some_uuid"}`. For others, it - may be the column name of the table where the unique ids are stored. - The values of the JSON field or the table column are used as the - Document.ids. The JSON field or the table column must be of string - type, and the values must be set as valid strings conform to - [RFC-1034](https://tools.ietf.org/html/rfc1034) with 1-63 - characters. Otherwise, documents without valid IDs fail to be - imported. Only set this field when auto_generate_ids is unset or set - as `false`. Otherwise, an INVALID_ARGUMENT error is thrown. If it is - unset, a default value `_id` is used when importing from the allowed - data sources. Supported data sources: * GcsSource. - GcsSource.data_schema must be `custom` or `csv`. Otherwise, an - INVALID_ARGUMENT error is thrown. * BigQuerySource. - BigQuerySource.data_schema must be `custom` or `csv`. Otherwise, an - INVALID_ARGUMENT error is thrown. * SpannerSource. * CloudSqlSource. - * BigtableSource. + Required. Input only. The user provided URI pattern from which the + `generated_uri_pattern` is generated. type: string - forceRefreshContent: + type: description: >- - Optional. Whether to force refresh the unstructured content of the - documents. If set to `true`, the content part of the documents will - be refreshed regardless of the update status of the referencing - content. - type: boolean - GoogleCloudDiscoveryengineV1ImportDocumentsRequestInlineSource: - id: GoogleCloudDiscoveryengineV1ImportDocumentsRequestInlineSource - description: The inline source for the input config for ImportDocuments method. + The type of the target site, e.g., whether the site is to be + included or excluded. + enum: + - TYPE_UNSPECIFIED + - INCLUDE + - EXCLUDE + type: string + enumDescriptions: + - >- + This value is unused. In this case, server behavior defaults to + Type.INCLUDE. + - Include the target site. + - Exclude the target site. + description: A target site for the SiteSearchEngine. + id: GoogleCloudDiscoveryengineV1TargetSite type: object + GoogleCloudDiscoveryengineV1ImportDocumentsMetadata: properties: - documents: + updateTime: + format: google-datetime description: >- - Required. A list of documents to update/create. Each document must - have a valid Document.id. Recommended max of 100 items. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' - GoogleCloudDiscoveryengineV1FhirStoreSource: - id: GoogleCloudDiscoveryengineV1FhirStoreSource - description: Cloud FhirStore source import data from. + Operation last update time. If the operation is done, this is also + the finish time. + type: string + createTime: + format: google-datetime + type: string + description: Operation create time. + totalCount: + type: string + description: Total count of entries that were processed. + format: int64 + failureCount: + type: string + format: int64 + description: Count of entries that encountered errors while processing. + successCount: + type: string + format: int64 + description: Count of entries that were processed successfully. + description: >- + Metadata related to the progress of the ImportDocuments operation. This + is returned by the google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1ImportDocumentsMetadata + type: object + GoogleCloudDiscoveryengineV1alphaAssistantContent: + description: Multi-modal content. + id: GoogleCloudDiscoveryengineV1alphaAssistantContent type: object properties: - fhirStore: - description: >- - Required. The full resource name of the FHIR store to import data - from, in the format of - `projects/{project}/locations/{location}/datasets/{dataset}/fhirStores/{fhir_store}`. + inlineData: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAssistantContentBlob + description: Inline binary data. + executableCode: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAssistantContentExecutableCode + description: Code generated by the model that is meant to be executed. + file: + description: A file, e.g., an audio summary. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAssistantContentFile + text: + description: Inline text. type: string - gcsStagingDir: - description: >- - Intermediate Cloud Storage directory used for the import with a - length limit of 2,000 characters. Can be specified if one wants to - have the FhirStore export to a specific Cloud Storage directory. + role: type: string - resourceTypes: - description: >- - The FHIR resource types to import. The resource types should be a - subset of all [supported FHIR resource - types](https://cloud.google.com/generative-ai-app-builder/docs/fhir-schema-reference#resource-level-specification). - Default to all supported FHIR resource types if empty. - type: array - items: - type: string - updateFromLatestPredefinedSchema: - description: >- - Optional. Whether to update the DataStore schema to the latest - predefined schema. If true, the DataStore schema will be updated to - include any FHIR fields or resource types that have been added since - the last import and corresponding FHIR resources will be imported - from the FHIR store. Note this field cannot be used in conjunction - with `resource_types`. It should be used after initial import. + description: The producer of the content. Can be "model" or "user". + thought: + description: Optional. Indicates if the part is thought from the model. type: boolean - GoogleCloudDiscoveryengineV1SpannerSource: - id: GoogleCloudDiscoveryengineV1SpannerSource - description: The Spanner source for importing data + codeExecutionResult: + description: Result of executing an ExecutableCode. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAssistantContentCodeExecutionResult + GoogleCloudDiscoveryengineV1betaControlPromoteAction: + id: GoogleCloudDiscoveryengineV1betaControlPromoteAction type: object + description: >- + Promote certain links based on some trigger queries. Example: Promote + shoe store link when searching for `shoe` keyword. The link can be + outside of associated data store. properties: - projectId: - description: >- - The project ID that contains the Spanner source. Has a length limit - of 128 characters. If not specified, inherits the project ID from - the parent request. - type: string - instanceId: - description: Required. The instance ID of the source Spanner table. - type: string - databaseId: - description: Required. The database ID of the source Spanner table. - type: string - tableId: - description: >- - Required. The table name of the Spanner database that needs to be - imported. + searchLinkPromotion: + description: Required. Promotion attached to this action. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchLinkPromotion + dataStore: + description: Required. Data store with which this promotion is attached to. type: string - enableDataBoost: - description: >- - Whether to apply data boost on Spanner export. Enabling this option - will incur additional cost. More info can be found - [here](https://cloud.google.com/spanner/docs/databoost/databoost-overview#billing_and_quotas). - type: boolean - GoogleCloudDiscoveryengineV1CloudSqlSource: - id: GoogleCloudDiscoveryengineV1CloudSqlSource - description: Cloud SQL source import data from. + GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigChunkingConfig: + id: GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigChunkingConfig + description: Configuration for chunking config. + properties: + layoutBasedChunkingConfig: + description: Configuration for the layout based chunking. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig + type: object + GoogleCloudDiscoveryengineV1UserLicense: type: object + id: GoogleCloudDiscoveryengineV1UserLicense properties: - projectId: - description: >- - The project ID that contains the Cloud SQL source. Has a length - limit of 128 characters. If not specified, inherits the project ID - from the parent request. + licenseConfig: type: string - instanceId: description: >- - Required. The Cloud SQL instance to copy the data from with a length - limit of 256 characters. + Optional. The full resource name of the Subscription(LicenseConfig) + assigned to the user. + createTime: + format: google-datetime type: string - databaseId: - description: >- - Required. The Cloud SQL database to copy the data from with a length - limit of 256 characters. + description: Output only. User created timestamp. + readOnly: true + userProfile: type: string - tableId: description: >- - Required. The Cloud SQL table to copy the data from with a length - limit of 256 characters. + Optional. The user profile. We user user full name(First name + Last + name) as user profile. + lastLoginTime: type: string - gcsStagingDir: + format: google-datetime + readOnly: true description: >- - Intermediate Cloud Storage directory used for the import with a - length limit of 2,000 characters. Can be specified if one wants to - have the Cloud SQL export to a specific Cloud Storage directory. - Ensure that the Cloud SQL service account has the necessary Cloud - Storage Admin permissions to access the specified Cloud Storage - directory. + Output only. User last logged in time. If the user has not logged in + yet, this field will be empty. + updateTime: + description: Output only. User update timestamp. type: string - offload: - description: >- - Option for serverless export. Enabling this option will incur - additional cost. More info can be found - [here](https://cloud.google.com/sql/pricing#serverless). - type: boolean - GoogleCloudDiscoveryengineV1FirestoreSource: - id: GoogleCloudDiscoveryengineV1FirestoreSource - description: Firestore source import data from. - type: object - properties: - projectId: + readOnly: true + format: google-datetime + licenseAssignmentState: + readOnly: true + enum: + - LICENSE_ASSIGNMENT_STATE_UNSPECIFIED + - ASSIGNED + - UNASSIGNED + - NO_LICENSE + - NO_LICENSE_ATTEMPTED_LOGIN + - BLOCKED + enumDescriptions: + - Default value. + - License assigned to the user. + - >- + No license assigned to the user. Deprecated, translated to + NO_LICENSE. + - No license assigned to the user. + - >- + User attempted to login but no license assigned to the user. This + state is only used for no user first time login attempt but cannot + get license assigned. Users already logged in but cannot get + license assigned will be assigned NO_LICENSE state(License could + be unassigned by admin). + - User is blocked from assigning a license. description: >- - The project ID that the Cloud SQL source is in with a length limit - of 128 characters. If not specified, inherits the project ID from - the parent request. + Output only. License assignment state of the user. If the user is + assigned with a license config, the user login will be assigned with + the license; If the user's license assignment state is unassigned or + unspecified, no license config will be associated to the user; type: string - databaseId: + userPrincipal: description: >- - Required. The Firestore database to copy the data from with a length - limit of 256 characters. + Required. Immutable. The user principal of the User, could be email + address or other prinical identifier. This field is immutable. Admin + assign licenses based on the user principal. type: string - collectionId: - description: >- - Required. The Firestore collection (or entity) to copy the data from - with a length limit of 1,500 characters. + description: User License information assigned by the admin. + GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoExtractiveSegment: + description: >- + Extractive segment. + [Guide](https://cloud.google.com/generative-ai-app-builder/docs/snippets#extractive-segments) + Answer generation will only use it if document_contexts is empty. This + is supposed to be shorter snippets. + id: >- + GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoExtractiveSegment + type: object + properties: + pageIdentifier: + description: Page identifier. type: string - gcsStagingDir: + content: + description: Extractive segment content. + type: string + GoogleApiMetric: + properties: + labels: + type: object description: >- - Intermediate Cloud Storage directory used for the import with a - length limit of 2,000 characters. Can be specified if one wants to - have the Firestore export to a specific Cloud Storage directory. - Ensure that the Firestore service account has the necessary Cloud - Storage Admin permissions to access the specified Cloud Storage - directory. + The set of label values that uniquely identify this metric. All + labels listed in the `MetricDescriptor` must be assigned values. + additionalProperties: + type: string + type: type: string - GoogleCloudDiscoveryengineV1AlloyDbSource: - id: GoogleCloudDiscoveryengineV1AlloyDbSource - description: AlloyDB source import data from. + description: >- + An existing metric type, see google.api.MetricDescriptor. For + example, `custom.googleapis.com/invoice/paid/amount`. + type: object + description: >- + A specific metric, identified by specifying values for all of the labels + of a `MetricDescriptor`. + id: GoogleApiMetric + GoogleCloudDiscoveryengineV1betaSearchRequestNaturalLanguageQueryUnderstandingSpec: type: object + id: >- + GoogleCloudDiscoveryengineV1betaSearchRequestNaturalLanguageQueryUnderstandingSpec properties: - projectId: + allowedFieldNames: + type: array description: >- - The project ID that contains the AlloyDB source. Has a length limit - of 128 characters. If not specified, inherits the project ID from - the parent request. - type: string - locationId: + Optional. Allowlist of fields that can be used for natural language + filter extraction. By default, if this is unspecified, all indexable + fields are eligible for natural language filter extraction (but are + not guaranteed to be used). If any fields are specified in + allowed_field_names, only the fields that are both marked as + indexable in the schema and specified in the allowlist will be + eligible for natural language filter extraction. Note: for + multi-datastore search, this is not yet supported, and will be + ignored. + items: + type: string + geoSearchQueryDetectionFieldNames: + items: + type: string + type: array description: >- - Required. The AlloyDB location to copy the data from with a length - limit of 256 characters. + Field names used for location-based filtering, where geolocation + filters are detected in natural language search queries. Only valid + when the FilterExtractionCondition is set to `ENABLED`. If this + field is set, it overrides the field names set in + ServingConfig.geo_search_query_detection_field_names. + filterExtractionCondition: + enum: + - CONDITION_UNSPECIFIED + - DISABLED + - ENABLED type: string - clusterId: + enumDescriptions: + - Server behavior defaults to `DISABLED`. + - Disables NL filter extraction. + - Enables NL filter extraction. description: >- - Required. The AlloyDB cluster to copy the data from with a length - limit of 256 characters. - type: string - databaseId: + The condition under which filter extraction should occur. Server + behavior defaults to `DISABLED`. + extractedFilterBehavior: + enum: + - EXTRACTED_FILTER_BEHAVIOR_UNSPECIFIED + - HARD_FILTER + - SOFT_BOOST + enumDescriptions: + - >- + `EXTRACTED_FILTER_BEHAVIOR_UNSPECIFIED` will use the default + behavior for extracted filters. For single datastore search, the + default is to apply as hard filters. For multi-datastore search, + the default is to apply as soft boosts. + - >- + Applies all extracted filters as hard filters on the results. + Results that do not pass the extracted filters will not be + returned in the result set. + - >- + Applies all extracted filters as soft boosts. Results that pass + the filters will be boosted up to higher ranks in the result set. description: >- - Required. The AlloyDB database to copy the data from with a length - limit of 256 characters. + Optional. Controls behavior of how extracted filters are applied to + the search. The default behavior depends on the request. For single + datastore structured search, the default is `HARD_FILTER`. For + multi-datastore search, the default behavior is `SOFT_BOOST`. + Location-based filters are always applied as hard filters, and the + `SOFT_BOOST` setting will not affect them. This field is only used + if + SearchRequest.natural_language_query_understanding_spec.filter_extraction_condition + is set to FilterExtractionCondition.ENABLED. type: string - tableId: - description: >- - Required. The AlloyDB table to copy the data from with a length - limit of 256 characters. + description: >- + Specification to enable natural language understanding capabilities for + search requests. + GoogleCloudDiscoveryengineV1UpdateCmekConfigMetadata: + type: object + properties: + updateTime: type: string - gcsStagingDir: + format: google-datetime description: >- - Intermediate Cloud Storage directory used for the import with a - length limit of 2,000 characters. Can be specified if one wants to - have the AlloyDB export to a specific Cloud Storage directory. - Ensure that the AlloyDB service account has the necessary Cloud - Storage Admin permissions to access the specified Cloud Storage - directory. + Operation last update time. If the operation is done, this is also + the finish time. + createTime: + description: Operation create time. + format: google-datetime type: string - GoogleCloudDiscoveryengineV1BigtableSource: - id: GoogleCloudDiscoveryengineV1BigtableSource - description: The Cloud Bigtable source for importing data. + id: GoogleCloudDiscoveryengineV1UpdateCmekConfigMetadata + description: >- + Metadata related to the progress of the + CmekConfigService.UpdateCmekConfig operation. This will be returned by + the google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesMetadata: + id: GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesMetadata type: object properties: - projectId: - description: >- - The project ID that contains the Bigtable source. Has a length limit - of 128 characters. If not specified, inherits the project ID from - the parent request. + successCount: + format: int64 type: string - instanceId: - description: >- - Required. The instance ID of the Cloud Bigtable that needs to be - imported. + description: Count of user licenses successfully updated. + failureCount: type: string - tableId: + description: Count of user licenses that failed to be updated. + format: int64 + updateTime: + format: google-datetime description: >- - Required. The table ID of the Cloud Bigtable that needs to be - imported. + Operation last update time. If the operation is done, this is also + the finish time. + type: string + createTime: + format: google-datetime + description: Operation create time. type: string - bigtableOptions: - description: >- - Required. Bigtable options that contains information needed when - parsing data into typed structures. For example, column type - annotations. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1BigtableOptions' - GoogleCloudDiscoveryengineV1BigtableOptions: - id: GoogleCloudDiscoveryengineV1BigtableOptions description: >- - The Bigtable Options object that contains information to support the - import. + Metadata related to the progress of the + UserLicenseService.BatchUpdateUserLicenses operation. This will be + returned by the google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1alphaIdpConfigExternalIdpConfig: type: object properties: - keyFieldName: + workforcePoolName: description: >- - The field name used for saving row key value in the document. The - name has to match the pattern `a-zA-Z0-9*`. + Workforce pool name. Example: + "locations/global/workforcePools/pool_id" type: string - families: - description: >- - The mapping from family names to an object that contains column - families level information for the given column family. If a family - is not present in this map it will be ignored. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1BigtableOptionsBigtableColumnFamily - GoogleCloudDiscoveryengineV1BigtableOptionsBigtableColumnFamily: - id: GoogleCloudDiscoveryengineV1BigtableOptionsBigtableColumnFamily - description: The column family of the Bigtable. + description: Third party IDP Config. + id: GoogleCloudDiscoveryengineV1alphaIdpConfigExternalIdpConfig + GoogleCloudDiscoveryengineV1AnswerQueryRequestSafetySpec: + description: >- + Safety specification. There are two use cases: 1. when only + safety_spec.enable is set, the BLOCK_LOW_AND_ABOVE threshold will be + applied for all categories. 2. when safety_spec.enable is set and some + safety_settings are set, only specified safety_settings are applied. type: object properties: - fieldName: - description: >- - The field name to use for this column family in the document. The - name has to match the pattern `a-zA-Z0-9*`. If not set, it is parsed - from the family name with best effort. However, due to different - naming patterns, field name collisions could happen, where parsing - behavior is undefined. - type: string - encoding: - description: >- - The encoding mode of the values when the type is not STRING. - Acceptable encoding values are: * `TEXT`: indicates values are - alphanumeric text strings. * `BINARY`: indicates values are encoded - using `HBase Bytes.toBytes` family of functions. This can be - overridden for a specific column by listing that column in `columns` - and specifying an encoding for it. - type: string - enumDescriptions: - - The encoding is unspecified. - - Text encoding. - - Binary encoding. - enum: - - ENCODING_UNSPECIFIED - - TEXT - - BINARY - type: - description: >- - The type of values in this column family. The values are expected to - be encoded using `HBase Bytes.toBytes` function when the encoding - value is set to `BINARY`. - type: string - enumDescriptions: - - The type is unspecified. - - String type. - - Numerical type. - - Integer type. - - Variable length integer type. - - BigDecimal type. - - Boolean type. - - JSON type. - enum: - - TYPE_UNSPECIFIED - - STRING - - NUMBER - - INTEGER - - VAR_INTEGER - - BIG_NUMERIC - - BOOLEAN - - JSON - columns: + enable: description: >- - The list of objects that contains column level information for each - column. If a column is not present in this list it will be ignored. + Enable the safety filtering on the answer response. It is false by + default. + type: boolean + safetySettings: type: array items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1BigtableOptionsBigtableColumn - GoogleCloudDiscoveryengineV1BigtableOptionsBigtableColumn: - id: GoogleCloudDiscoveryengineV1BigtableOptionsBigtableColumn - description: The column of the Bigtable. + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSafetySpecSafetySetting + description: >- + Optional. Safety settings. This settings are effective only when the + safety_spec.enable is true. + id: GoogleCloudDiscoveryengineV1AnswerQueryRequestSafetySpec + GoogleCloudDiscoveryengineV1betaProject: + id: GoogleCloudDiscoveryengineV1betaProject type: object properties: - qualifier: - description: >- - Required. Qualifier of the column. If it cannot be decoded with - utf-8, use a base-64 encoded string instead. - type: string - format: byte - fieldName: - description: >- - The field name to use for this column in the document. The name has - to match the pattern `a-zA-Z0-9*`. If not set, it is parsed from the - qualifier bytes with best effort. However, due to different naming - patterns, field name collisions could happen, where parsing behavior - is undefined. - type: string - encoding: - description: >- - The encoding mode of the values when the type is not `STRING`. - Acceptable encoding values are: * `TEXT`: indicates values are - alphanumeric text strings. * `BINARY`: indicates values are encoded - using `HBase Bytes.toBytes` family of functions. This can be - overridden for a specific column by listing that column in `columns` - and specifying an encoding for it. - type: string - enumDescriptions: - - The encoding is unspecified. - - Text encoding. - - Binary encoding. - enum: - - ENCODING_UNSPECIFIED - - TEXT - - BINARY - type: + serviceTermsMap: description: >- - The type of values in this column family. The values are expected to - be encoded using `HBase Bytes.toBytes` function when the encoding - value is set to `BINARY`. + Output only. A map of terms of services. The key is the `id` of + ServiceTerms. + type: object + readOnly: true + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaProjectServiceTerms + customerProvidedConfig: + description: Optional. Customer provided configurations. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaProjectCustomerProvidedConfig + createTime: type: string - enumDescriptions: - - The type is unspecified. - - String type. - - Numerical type. - - Integer type. - - Variable length integer type. - - BigDecimal type. - - Boolean type. - - JSON type. - enum: - - TYPE_UNSPECIFIED - - STRING - - NUMBER - - INTEGER - - VAR_INTEGER - - BIG_NUMERIC - - BOOLEAN - - JSON - GoogleCloudDiscoveryengineV1PurgeDocumentsRequest: - id: GoogleCloudDiscoveryengineV1PurgeDocumentsRequest - description: Request message for DocumentService.PurgeDocuments method. - type: object - properties: - gcsSource: + readOnly: true + description: Output only. The timestamp when this project is created. + format: google-datetime + configurableBillingStatus: + readOnly: true description: >- - Cloud Storage location for the input content. Supported - `data_schema`: * `document_id`: One valid Document.id per line. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1GcsSource' - inlineSource: - description: Inline source for the input content for purge. + Output only. The current status of the project's configurable + billing. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1PurgeDocumentsRequestInlineSource - filter: + #/components/schemas/GoogleCloudDiscoveryengineV1betaProjectConfigurableBillingStatus + name: + type: string description: >- - Required. Filter matching documents to purge. Only currently - supported value is `*` (all items). + Output only. Full resource name of the project, for example + `projects/{project}`. Note that when making requests, project number + and project id are both acceptable, but the server will always + respond in project number. + readOnly: true + provisionCompletionTime: + format: google-datetime + readOnly: true type: string - errorConfig: - description: The desired location of errors incurred during the purge. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1PurgeErrorConfig' - force: description: >- - Actually performs the purge. If `force` is set to false, return the - expected purge count without deleting any documents. - type: boolean - GoogleCloudDiscoveryengineV1PurgeDocumentsRequestInlineSource: - id: GoogleCloudDiscoveryengineV1PurgeDocumentsRequestInlineSource + Output only. The timestamp when this project is successfully + provisioned. Empty value means this project is still provisioning + and is not ready for use. + description: Metadata and configurations for a Google Cloud project in the service. + GoogleCloudDiscoveryengineV1betaCreateSitemapMetadata: description: >- - The inline source for the input config for - DocumentService.PurgeDocuments method. - type: object - properties: - documents: - description: >- - Required. A list of full resource name of documents to purge. In the - format - `projects/*/locations/*/collections/*/dataStores/*/branches/*/documents/*`. - Recommended max of 100 items. - type: array - items: - type: string - GoogleCloudDiscoveryengineV1PurgeErrorConfig: - id: GoogleCloudDiscoveryengineV1PurgeErrorConfig - description: Configuration of destination for Purge related errors. + Metadata related to the progress of the + SiteSearchEngineService.CreateSitemap operation. This will be returned + by the google.longrunning.Operation.metadata field. type: object + id: GoogleCloudDiscoveryengineV1betaCreateSitemapMetadata properties: - gcsPrefix: + createTime: + description: Operation create time. + format: google-datetime + type: string + updateTime: + format: google-datetime description: >- - Cloud Storage prefix for purge errors. This must be an empty, - existing Cloud Storage directory. Purge errors are written to - sharded files in this directory, one per line, as a JSON-encoded - `google.rpc.Status` message. + Operation last update time. If the operation is done, this is also + the finish time. type: string - GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponse: - id: GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponse - description: Response message for DocumentService.BatchGetDocumentsMetadata method. + GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesResponse: type: object + description: >- + Response message for CompletionService.ImportSuggestionDenyListEntries + method. + id: GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesResponse properties: - documentsMetadata: - description: The metadata of the Documents. + failedEntriesCount: + description: Count of deny list entries that failed to be imported. + type: string + format: int64 + importedEntriesCount: + format: int64 + type: string + description: Count of deny list entries successfully imported. + errorSamples: + description: A sample of errors encountered while processing the request. type: array items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponseDocumentMetadata - GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponseDocumentMetadata: - id: >- - GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponseDocumentMetadata - description: The metadata of a Document. + $ref: '#/components/schemas/GoogleRpcStatus' + GoogleCloudDiscoveryengineV1alphaNaturalLanguageQueryUnderstandingConfig: + id: GoogleCloudDiscoveryengineV1alphaNaturalLanguageQueryUnderstandingConfig + description: Configuration for Natural Language Query Understanding. type: object properties: - matcherValue: - description: The value of the matcher that was used to match the Document. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponseDocumentMetadataMatcherValue - state: - description: The state of the document. + mode: type: string enumDescriptions: - - Should never be set. - - The Document is indexed. - - >- - The Document is not indexed because its URI is not in the - TargetSite. - - The Document is not indexed. + - Default value. + - Natural Language Query Understanding is disabled. + - Natural Language Query Understanding is enabled. enum: - - STATE_UNSPECIFIED - - INDEXED - - NOT_IN_TARGET_SITE - - NOT_IN_INDEX - lastRefreshedTime: - description: The timestamp of the last time the Document was last indexed. + - MODE_UNSPECIFIED + - DISABLED + - ENABLED + description: >- + Mode of Natural Language Query Understanding. If this field is + unset, the behavior defaults to + NaturalLanguageQueryUnderstandingConfig.Mode.DISABLED. + GoogleCloudDiscoveryengineV1AnswerReferenceUnstructuredDocumentInfoChunkContent: + type: object + id: >- + GoogleCloudDiscoveryengineV1AnswerReferenceUnstructuredDocumentInfoChunkContent + description: Chunk content. + properties: + content: type: string - format: google-datetime - dataIngestionSource: + description: Chunk textual content. + pageIdentifier: + description: Page identifier. + type: string + relevanceScore: + type: number + format: float description: >- - The data ingestion source of the Document. Allowed values are: * - `batch`: Data ingested via Batch API, e.g., ImportDocuments. * - `streaming` Data ingested via Streaming API, e.g., FHIR streaming. + The relevance of the chunk for a given query. Values range from 0.0 + (completely irrelevant) to 1.0 (completely relevant). This value is + for informational purpose only. It may change for the same query and + chunk at any time due to a model retraining or change in + implementation. + GoogleCloudDiscoveryengineV1SearchResponseSummaryReference: + description: Document reference. + properties: + chunkContents: + type: array + description: List of cited chunk contents derived from document content. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummaryReferenceChunkContent + document: + description: >- + Required. Document.name of the document. Full resource name of the + referenced document, in the format + `projects/*/locations/*/collections/*/dataStores/*/branches/*/documents/*`. type: string - GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponseDocumentMetadataMatcherValue: - id: >- - GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponseDocumentMetadataMatcherValue - description: The value of the matcher that was used to match the Document. + uri: + type: string + description: Cloud Storage or HTTP uri for the document. + title: + type: string + description: Title of the document. + type: object + id: GoogleCloudDiscoveryengineV1SearchResponseSummaryReference + GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResultChunkInfo: type: object + id: >- + GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResultChunkInfo properties: - uri: - description: If match by URI, the URI of the Document. + content: type: string - fhirResource: + description: Chunk textual content. + relevanceScore: description: >- - Format: - projects/{project}/locations/{location}/datasets/{dataset}/fhirStores/{fhir_store}/fhir/{resource_type}/{fhir_resource_id} + The relevance of the chunk for a given query. Values range from 0.0 + (completely irrelevant) to 1.0 (completely relevant). This value is + for informational purpose only. It may change for the same query and + chunk at any time due to a model retraining or change in + implementation. + type: number + format: float + chunk: + description: Chunk resource name. type: string - GoogleCloudDiscoveryengineV1Engine: - id: GoogleCloudDiscoveryengineV1Engine - description: >- - Metadata that describes the training and serving parameters of an - Engine. + description: Chunk information. + GoogleCloudDiscoveryengineLoggingErrorLog: + id: GoogleCloudDiscoveryengineLoggingErrorLog type: object + description: An error log which is reported to the Error Reporting system. properties: - chatEngineConfig: - description: >- - Configurations for the Chat Engine. Only applicable if solution_type - is SOLUTION_TYPE_CHAT. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1EngineChatEngineConfig - searchEngineConfig: - description: >- - Configurations for the Search Engine. Only applicable if - solution_type is SOLUTION_TYPE_SEARCH. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1EngineSearchEngineConfig - mediaRecommendationEngineConfig: + responsePayload: + additionalProperties: + description: Properties of the object. + type: any + type: object description: >- - Configurations for the Media Engine. Only applicable on the data - stores with solution_type SOLUTION_TYPE_RECOMMENDATION and - IndustryVertical.MEDIA vertical. + The API response payload, represented as a protocol buffer. This is + used to log some "soft errors", where the response is valid but we + consider there are some quality issues like unjoined events. The + following API responses are supported, and no PII is included: * + `google.cloud.discoveryengine.v1alpha.RecommendationService.Recommend` + * + `google.cloud.discoveryengine.v1alpha.UserEventService.WriteUserEvent` + * + `google.cloud.discoveryengine.v1alpha.UserEventService.CollectUserEvent` + context: + description: A description of the context in which the error occurred. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineLoggingErrorContext' + connectorRunPayload: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfig - chatEngineMetadata: + #/components/schemas/GoogleCloudDiscoveryengineLoggingConnectorRunErrorContext + description: The error payload that is populated on LRO connector sync APIs. + requestPayload: + type: object description: >- - Output only. Additional information of the Chat Engine. Only - applicable if solution_type is SOLUTION_TYPE_CHAT. - readOnly: true + The API request payload, represented as a protocol buffer. Most API + request types are supported—for example: * + `type.googleapis.com/google.cloud.discoveryengine.v1alpha.DocumentService.CreateDocumentRequest` + * + `type.googleapis.com/google.cloud.discoveryengine.v1alpha.UserEventService.WriteUserEventRequest` + additionalProperties: + type: any + description: Properties of the object. + importPayload: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1EngineChatEngineMetadata - name: - description: >- - Immutable. Identifier. The fully qualified resource name of the - engine. This field must be a UTF-8 encoded string with a length - limit of 1024 characters. Format: - `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}` - engine should be 1-63 characters, and valid characters are - /a-z0-9*/. Otherwise, an INVALID_ARGUMENT error is returned. + #/components/schemas/GoogleCloudDiscoveryengineLoggingImportErrorContext + description: The error payload that is populated on LRO import APIs. + status: + description: The RPC status associated with the error log. + $ref: '#/components/schemas/GoogleRpcStatus' + message: type: string - displayName: + description: A message describing the error. + serviceContext: + description: The service context in which this error has occurred. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineLoggingServiceContext' + GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpecBoostControlSpec: + description: >- + Specification for custom ranking based on customer specified attribute + value. It provides more controls for customized ranking than the simple + (condition, boost) combination above. + properties: + fieldName: description: >- - Required. The display name of the engine. Should be human readable. - UTF-8 encoded string with limit of 1024 characters. - type: string - createTime: - description: Output only. Timestamp the Recommendation Engine was created at. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Timestamp the Recommendation Engine was last updated. - readOnly: true + The name of the field whose value will be used to determine the + boost amount. type: string - format: google-datetime - dataStoreIds: + attributeType: description: >- - Optional. The data stores associated with this engine. For - SOLUTION_TYPE_SEARCH and SOLUTION_TYPE_RECOMMENDATION type of - engines, they can only associate with at most one data store. If - solution_type is SOLUTION_TYPE_CHAT, multiple DataStores in the same - Collection can be associated here. Note that when used in - CreateEngineRequest, one DataStore id must be provided as the system - will use it for necessary initializations. - type: array - items: - type: string - solutionType: - description: Required. The solutions of the engine. + The attribute type to be used to determine the boost amount. The + attribute value can be derived from the field value of the specified + field_name. In the case of numerical it is straightforward i.e. + attribute_value = numerical_field_value. In the case of freshness + however, attribute_value = (time.now() - datetime_field_value). + enum: + - ATTRIBUTE_TYPE_UNSPECIFIED + - NUMERICAL + - FRESHNESS type: string enumDescriptions: - - Default value. - - Used for Recommendations AI. - - Used for Discovery Search. - - Used for use cases related to the Generative AI agent. + - Unspecified AttributeType. - >- - Used for use cases related to the Generative Chat agent. It's used - for Generative chat engine only, the associated data stores must - enrolled with `SOLUTION_TYPE_CHAT` solution. - enum: - - SOLUTION_TYPE_UNSPECIFIED - - SOLUTION_TYPE_RECOMMENDATION - - SOLUTION_TYPE_SEARCH - - SOLUTION_TYPE_CHAT - - SOLUTION_TYPE_GENERATIVE_CHAT - industryVertical: + The value of the numerical field will be used to dynamically + update the boost amount. In this case, the attribute_value (the x + value) of the control point will be the actual value of the + numerical field for which the boost_amount is specified. + - >- + For the freshness use case the attribute value will be the + duration between the current time and the date in the datetime + field specified. The value must be formatted as an XSD + `dayTimeDuration` value (a restricted subset of an ISO 8601 + duration value). The pattern for this is: `nDnM]`. For example, + `5D`, `3DT12H30M`, `T24H`. + interpolationType: description: >- - Optional. The industry vertical that the engine registers. The - restriction of the Engine industry vertical is based on DataStore: - Vertical on Engine has to match vertical of the DataStore linked to - the engine. + The interpolation type to be applied to connect the control points + listed below. type: string enumDescriptions: - - Value used when unset. - >- - The generic vertical for documents that are not specific to any - industry vertical. - - The media industry vertical. - - The healthcare FHIR vertical. + Interpolation type is unspecified. In this case, it defaults to + Linear. + - Piecewise linear interpolation will be applied. enum: - - INDUSTRY_VERTICAL_UNSPECIFIED - - GENERIC - - MEDIA - - HEALTHCARE_FHIR - commonConfig: - description: Common config spec that specifies the metadata of the engine. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1EngineCommonConfig' - disableAnalytics: - description: >- - Optional. Whether to disable analytics for searches performed on - this engine. - type: boolean - features: + - INTERPOLATION_TYPE_UNSPECIFIED + - LINEAR + controlPoints: description: >- - Optional. Feature config for the engine to opt in or opt out of - features. Supported keys: * `*`: all features, if it's present, all - other feature state settings are ignored. * `agent-gallery` * - `no-code-agent-builder` * `prompt-gallery` * `model-selector` * - `notebook-lm` * `people-search` * `people-search-org-chart` * - `bi-directional-audio` * `feedback` * `session-sharing` * - `personalization-memory` - Enables personalization based on user - preferences. - type: object - additionalProperties: - type: string - enumDescriptions: - - The feature state is unspecified. - - The feature is turned on to be accessible. - - The feature is turned off to be inaccessible. - enum: - - FEATURE_STATE_UNSPECIFIED - - FEATURE_STATE_ON - - FEATURE_STATE_OFF - GoogleCloudDiscoveryengineV1EngineChatEngineConfig: - id: GoogleCloudDiscoveryengineV1EngineChatEngineConfig - description: Configurations for a Chat Engine. + The control points used to define the curve. The monotonic function + (defined through the interpolation_type above) passes through the + control points listed here. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint + type: array type: object + id: >- + GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpecBoostControlSpec + GoogleCloudDiscoveryengineV1alphaLanguageInfo: + id: GoogleCloudDiscoveryengineV1alphaLanguageInfo + description: Language info for DataStore. properties: - agentCreationConfig: + languageCode: + type: string + description: The language code for the DataStore. + language: description: >- - The configurationt generate the Dialogflow agent that is associated - to this Engine. Note that these configurations are one-time consumed - by and passed to Dialogflow service. It means they cannot be - retrieved using EngineService.GetEngine or EngineService.ListEngines - API after engine creation. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1EngineChatEngineConfigAgentCreationConfig - dialogflowAgentToLink: + Output only. Language part of normalized_language_code. E.g.: + `en-US` -> `en`, `zh-Hans-HK` -> `zh`, `en` -> `en`. + type: string + readOnly: true + region: + readOnly: true description: >- - The resource name of an exist Dialogflow agent to link to this Chat - Engine. Customers can either provide `agent_creation_config` to - create agent or provide an agent name that links the agent with the - Chat engine. Format: `projects//locations//agents/`. Note that the - `dialogflow_agent_to_link` are one-time consumed by and passed to - Dialogflow service. It means they cannot be retrieved using - EngineService.GetEngine or EngineService.ListEngines API after - engine creation. Use ChatEngineMetadata.dialogflow_agent for actual - agent association after Engine is created. + Output only. Region part of normalized_language_code, if present. + E.g.: `en-US` -> `US`, `zh-Hans-HK` -> `HK`, `en` -> ``. + type: string + normalizedLanguageCode: type: string - allowCrossRegion: description: >- - Optional. If the flag set to true, we allow the agent and engine are - in different locations, otherwise the agent and engine are required - to be in the same location. The flag is set to false by default. - Note that the `allow_cross_region` are one-time consumed by and - passed to EngineService.CreateEngine. It means they cannot be - retrieved using EngineService.GetEngine or EngineService.ListEngines - API after engine creation. + Output only. This is the normalized form of language_code. E.g.: + language_code of `en-GB`, `en_GB`, `en-UK` or `en-gb` will have + normalized_language_code of `en-GB`. + readOnly: true + type: object + GoogleCloudDiscoveryengineV1DocumentAclInfoAccessRestriction: + description: >- + AclRestriction to model complex inheritance restrictions. Example: + Modeling a "Both Permit" inheritance, where to access a child document, + user needs to have access to parent document. Document Hierarchy - + Space_S --> Page_P. Readers: Space_S: group_1, user_1 Page_P: group_2, + group_3, user_2 Space_S ACL Restriction - { "acl_info": { "readers": [ { + "principals": [ { "group_id": "group_1" }, { "user_id": "user_1" } ] } ] + } } Page_P ACL Restriction. { "acl_info": { "readers": [ { "principals": + [ { "group_id": "group_2" }, { "group_id": "group_3" }, { "user_id": + "user_2" } ], }, { "principals": [ { "group_id": "group_1" }, { + "user_id": "user_1" } ], } ] } } + properties: + idpWide: + description: All users within the Identity Provider. type: boolean - GoogleCloudDiscoveryengineV1EngineChatEngineConfigAgentCreationConfig: - id: GoogleCloudDiscoveryengineV1EngineChatEngineConfigAgentCreationConfig + principals: + type: array + description: List of principals. + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Principal' + id: GoogleCloudDiscoveryengineV1DocumentAclInfoAccessRestriction + type: object + GoogleCloudDiscoveryengineV1alphaControlBoostActionInterpolationBoostSpecControlPoint: + id: >- + GoogleCloudDiscoveryengineV1alphaControlBoostActionInterpolationBoostSpecControlPoint + properties: + attributeValue: + description: >- + Optional. Can be one of: 1. The numerical field value. 2. The + duration spec for freshness: The value must be formatted as an XSD + `dayTimeDuration` value (a restricted subset of an ISO 8601 duration + value). The pattern for this is: `nDnM]`. + type: string + boostAmount: + type: number + description: >- + Optional. The value between -1 to 1 by which to boost the score if + the attribute_value evaluates to the value specified above. + format: float description: >- - Configurations for generating a Dialogflow agent. Note that these - configurations are one-time consumed by and passed to Dialogflow - service. It means they cannot be retrieved using EngineService.GetEngine - or EngineService.ListEngines API after engine creation. + The control points used to define the curve. The curve defined through + these control points can only be monotonically increasing or + decreasing(constant values are acceptable). + type: object + GoogleCloudDiscoveryengineV1alphaAlertPolicyResourceConfigAlertEnrollment: + description: The alert enrollment status. type: object properties: - business: + notificationParams: + additionalProperties: + type: string + type: object description: >- - Name of the company, organization or other entity that the agent - represents. Used for knowledge connector LLM prompt and for - knowledge search. + Optional. Parameters used to instantiate a notification. Used for + notifications that are triggered when registered. Not stored. * + Gemini Business welcome emails. * Gemini Business user invitation + emails. + enrollState: type: string - defaultLanguageCode: + enum: + - ENROLL_STATE_UNSPECIFIED + - ENROLLED + - DECLINED + enumDescriptions: + - >- + Default value. Used for customers who have not responded to the + alert policy. + - Customer is enrolled in this policy. + - Customer declined this policy. + description: Required. The enrollment status of a customer. + alertId: + description: Immutable. The id of an alert. + type: string + id: >- + GoogleCloudDiscoveryengineV1alphaAlertPolicyResourceConfigAlertEnrollment + GoogleCloudDiscoveryengineV1WidgetConfigCollectionComponent: + description: >- + Read-only collection component that contains data store collections + fields that may be used for filtering + id: GoogleCloudDiscoveryengineV1WidgetConfigCollectionComponent + properties: + id: description: >- - Required. The default language of the agent as a language tag. See - [Language - Support](https://cloud.google.com/dialogflow/docs/reference/language) - for a list of the currently supported language codes. + Output only. the identifier of the collection, used for widget + service. For now it refers to collection_id, in the future we will + migrate the field to encrypted collection name UUID. + readOnly: true + type: string + displayName: + description: The display name of the collection. + type: string + name: type: string - timeZone: description: >- - Required. The time zone of the agent from the [time zone - database](https://www.iana.org/time-zones), e.g., America/New_York, - Europe/Paris. + The name of the collection. It should be collection resource name. + Format: + `projects/{project}/locations/{location}/collections/{collection_id}`. + For APIs under WidgetService, such as + WidgetService.LookUpWidgetConfig, the project number and location + part is erased in this field. + dataSource: type: string - location: description: >- - Agent location for Agent creation, supported values: global/us/eu. - If not provided, us Engine will create Agent using us-central-1 by - default; eu Engine will create Agent using eu-west-1 by default. + The name of the data source, retrieved from + `Collection.data_connector.data_source`. + dataStoreComponents: + type: array + description: For the data store collection, list of the children data stores. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigDataStoreComponent + connectorIconLink: + readOnly: true type: string - GoogleCloudDiscoveryengineV1EngineSearchEngineConfig: - id: GoogleCloudDiscoveryengineV1EngineSearchEngineConfig - description: Configurations for a Search Engine. + description: Output only. The icon link of the connector source. + dataSourceDisplayName: + readOnly: true + description: Output only. The display name of the data source. + type: string + type: object + GoogleCloudDiscoveryengineV1SearchRequestRelevanceScoreSpec: type: object + description: The specification for returning the document relevance score. properties: - searchTier: + returnRelevanceScore: + type: boolean description: >- - The search feature tier of this engine. Different tiers might have - different pricing. To learn more, check the pricing documentation. - Defaults to SearchTier.SEARCH_TIER_STANDARD if not specified. - type: string - enumDescriptions: - - >- - Default value when the enum is unspecified. This is invalid to - use. - - Standard tier. - - Enterprise tier. - enum: - - SEARCH_TIER_UNSPECIFIED - - SEARCH_TIER_STANDARD - - SEARCH_TIER_ENTERPRISE - searchAddOns: - description: The add-on that this search engine enables. - type: array - items: - type: string - enumDescriptions: - - >- - Default value when the enum is unspecified. This is invalid to - use. - - Large language model add-on. - enum: - - SEARCH_ADD_ON_UNSPECIFIED - - SEARCH_ADD_ON_LLM - GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfig: - id: GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfig - description: Additional config specs for a Media Recommendation engine. + Optional. Whether to return the relevance score for search results. + The higher the score, the more relevant the document is to the + query. + id: GoogleCloudDiscoveryengineV1SearchRequestRelevanceScoreSpec + GoogleCloudDiscoveryengineV1CmekConfig: + id: GoogleCloudDiscoveryengineV1CmekConfig + description: Configurations used to enable CMEK data encryption with Cloud KMS keys. type: object properties: - type: + kmsKeyVersion: + type: string + readOnly: true description: >- - Required. The type of engine. e.g., `recommended-for-you`. This - field together with optimization_objective describe engine metadata - to use to control engine training and serving. Currently supported - values: `recommended-for-you`, `others-you-may-like`, - `more-like-this`, `most-popular-items`. + Output only. KMS key version resource name which will be used to + encrypt resources `/cryptoKeyVersions/{keyVersion}`. + notebooklmState: + enum: + - NOTEBOOK_LM_STATE_UNSPECIFIED + - NOTEBOOK_LM_NOT_READY + - NOTEBOOK_LM_READY + - NOTEBOOK_LM_NOT_ENABLED + description: Output only. Whether the NotebookLM Corpus is ready to be used. + enumDescriptions: + - The NotebookLM state is unknown. + - The NotebookLM is not ready. + - The NotebookLM is ready to be used. + - The NotebookLM is not enabled. type: string - optimizationObjective: + readOnly: true + kmsKey: description: >- - The optimization objective. e.g., `cvr`. This field together with - optimization_objective describe engine metadata to use to control - engine training and serving. Currently supported values: `ctr`, - `cvr`. If not specified, we choose default based on engine type. - Default depends on type of recommendation: `recommended-for-you` => - `ctr` `others-you-may-like` => `ctr` + Required. KMS key resource name which will be used to encrypt + resources + `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{keyId}`. type: string - optimizationObjectiveConfig: + name: description: >- - Name and value of the custom threshold for cvr - optimization_objective. For target_field `watch-time`, - target_field_value must be an integer value indicating the media - progress time in seconds between (0, 86400] (excludes 0, includes - 86400) (e.g., 90). For target_field `watch-percentage`, the - target_field_value must be a valid float value between (0, 1.0] - (excludes 0, includes 1.0) (e.g., 0.5). + Required. The name of the CmekConfig of the form + `projects/{project}/locations/{location}/cmekConfig` or + `projects/{project}/locations/{location}/cmekConfigs/{cmek_config}`. + type: string + state: + description: Output only. The states of the CmekConfig. + readOnly: true + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - KEY_ISSUE + - DELETING + - DELETE_FAILED + - UNUSABLE + - ACTIVE_ROTATING + - DELETED + - EXPIRED + type: string + enumDescriptions: + - The CmekConfig state is unknown. + - The CmekConfig is creating. + - The CmekConfig can be used with DataStores. + - >- + The CmekConfig is unavailable, most likely due to the KMS Key + being revoked. + - The CmekConfig is deleting. + - The CmekConfig deletion process failed. + - >- + The CmekConfig is not usable, most likely due to some internal + issue. + - The KMS key version is being rotated. + - >- + The KMS key is soft deleted. Some cleanup policy will eventually + be applied. + - >- + The KMS key is expired, meaning the key has been disabled for 30+ + days. The customer can call DeleteCmekConfig to change the state + to DELETED. + isDefault: + type: boolean + readOnly: true + description: Output only. The default CmekConfig for the Customer. + lastRotationTimestampMicros: + type: string + description: Output only. The timestamp of the last key rotation. + readOnly: true + format: int64 + singleRegionKeys: + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SingleRegionKey' + description: >- + Optional. Single-regional CMEKs that are required for some VAIS + features. + type: array + GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpec: + description: A specification for configuring the behavior of content search. + type: object + properties: + summarySpec: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigOptimizationObjectiveConfig - trainingState: + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpec description: >- - The training state that the engine is in (e.g. `TRAINING` or - `PAUSED`). Since part of the cost of running the service is - frequency of training - this can be used to determine when to train - engine in order to control cost. If not specified: the default value - for `CreateEngine` method is `TRAINING`. The default value for - `UpdateEngine` method is to keep the state the same as before. - type: string + If `summarySpec` is not specified, summaries are not included in the + search response. + chunkSpec: + description: >- + Specifies the chunk spec to be returned from the search response. + Only available if the + SearchRequest.ContentSearchSpec.search_result_mode is set to CHUNKS + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecChunkSpec + snippetSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSnippetSpec + description: >- + If `snippetSpec` is not specified, snippets are not included in the + search response. + searchResultMode: enumDescriptions: - - Unspecified training state. - - The engine training is paused. - - The engine is training. + - Default value. + - Returns documents in the search result. + - >- + Returns chunks in the search result. Only available if the + DocumentProcessingConfig.chunking_config is specified. + type: string enum: - - TRAINING_STATE_UNSPECIFIED - - PAUSED - - TRAINING - engineFeaturesConfig: - description: Optional. Additional engine features config. + - SEARCH_RESULT_MODE_UNSPECIFIED + - DOCUMENTS + - CHUNKS + description: >- + Specifies the search result mode. If unspecified, the search result + mode defaults to `DOCUMENTS`. + extractiveContentSpec: + description: >- + If there is no extractive_content_spec provided, there will be no + extractive answer in the search response. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigEngineFeaturesConfig - GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigOptimizationObjectiveConfig: - id: >- - GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigOptimizationObjectiveConfig - description: Custom threshold for `cvr` optimization_objective. - type: object + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecExtractiveContentSpec + id: GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpec + GoogleCloudDiscoveryengineV1alphaCollection: + id: GoogleCloudDiscoveryengineV1alphaCollection + description: >- + Collection is a container for configuring resources and access to a set + of DataStores. properties: - targetField: + dataConnector: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaDataConnector' + readOnly: true description: >- - Required. The name of the field to target. Currently supported - values: `watch-percentage`, `watch-time`. + Output only. The data connector, if present, manages the connection + for data stores in the Collection. To set up the connector, use + DataConnectorService.SetUpDataConnector method, which creates a new + Collection while setting up the DataConnector singleton resource. + Setting up connector on an existing Collection is not supported. + This output only field contains a subset of the DataConnector + fields, including `name`, `data_source`, `entities.entity_name` and + `entities.data_store`. To get more details about a data connector, + use the DataConnectorService.GetDataConnector method. + name: type: string - targetFieldValueFloat: - description: Required. The threshold to be applied to the target (e.g., 0.5). - type: number - format: float - GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigEngineFeaturesConfig: - id: >- - GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigEngineFeaturesConfig - description: More feature configs of the selected engine type. + description: >- + Immutable. The full resource name of the Collection. Format: + `projects/{project}/locations/{location}/collections/{collection_id}`. + This field must be a UTF-8 encoded string with a length limit of + 1024 characters. + createTime: + format: google-datetime + description: Output only. Timestamp the Collection was created at. + readOnly: true + type: string + displayName: + type: string + description: >- + Required. The Collection display name. This field must be a UTF-8 + encoded string with a length limit of 128 characters. Otherwise, an + INVALID_ARGUMENT error is returned. type: object + GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpec: properties: - recommendedForYouConfig: - description: Recommended for you engine feature config. + ignoreJailBreakingQuery: + type: boolean + description: >- + Optional. Specifies whether to filter out jail-breaking queries. The + default value is `false`. Google employs search-query classification + to detect jail-breaking queries. No summary is returned if the + search query is classified as a jail-breaking query. A user might + add instructions to the query to change the tone, style, language, + content of the answer, or ask the model to act as a different + entity, e.g. "Reply in the tone of a competing company's CEO". If + this field is set to `true`, we skip generating summaries for + jail-breaking queries and return fallback messages instead. + modelSpec: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig - mostPopularConfig: - description: Most popular engine feature config. + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpecModelSpec + description: Answer generation model specification. + promptSpec: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigMostPopularFeatureConfig - GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig: - id: >- - GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig - description: >- - Additional feature configurations for creating a `recommended-for-you` - engine. - type: object - properties: - contextEventType: + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpecPromptSpec + description: Answer generation prompt specification. + ignoreAdversarialQuery: + type: boolean description: >- - The type of event with which the engine is queried at prediction - time. If set to `generic`, only `view-item`, `media-play`,and - `media-complete` will be used as `context-event` in engine training. - If set to `view-home-page`, `view-home-page` will also be used as - `context-events` in addition to `view-item`, `media-play`, and - `media-complete`. Currently supported for the `recommended-for-you` - engine. Currently supported values: `view-home-page`, `generic`. + Specifies whether to filter out adversarial queries. The default + value is `false`. Google employs search-query classification to + detect adversarial queries. No answer is returned if the search + query is classified as an adversarial query. For example, a user + might ask a question regarding negative comments about the company + or submit a query designed to generate unsafe, policy-violating + output. If this field is set to `true`, we skip generating answers + for adversarial queries and return fallback messages instead. + ignoreNonAnswerSeekingQuery: + description: >- + Specifies whether to filter out queries that are not answer-seeking. + The default value is `false`. Google employs search-query + classification to detect answer-seeking queries. No answer is + returned if the search query is classified as a non-answer seeking + query. If this field is set to `true`, we skip generating answers + for non-answer seeking queries and return fallback messages instead. + type: boolean + includeCitations: + description: >- + Specifies whether to include citation metadata in the answer. The + default value is `false`. + type: boolean + ignoreLowRelevantContent: + type: boolean + description: >- + Specifies whether to filter out queries that have low relevance. If + this field is set to `false`, all search results are used regardless + of relevance to generate answers. If set to `true` or unset, the + behavior will be determined automatically by the service. + answerLanguageCode: + description: >- + Language code for Answer. Use language tags defined by + [BCP47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). Note: This is + an experimental feature. type: string - GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigMostPopularFeatureConfig: - id: >- - GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigMostPopularFeatureConfig - description: >- - Feature configurations that are required for creating a Most Popular - engine. + id: GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpec + description: Answer generation specification. type: object + GoogleCloudDiscoveryengineV1alphaAssistantGroundedContentTextGroundingMetadataReferenceDocumentMetadata: properties: - timeWindowDays: + uri: description: >- - The time window of which the engine is queried at training and - prediction time. Positive integers only. The value translates to the - last X days of events. Currently required for the - `most-popular-items` engine. + URI for the document. It may contain a URL that redirects to the + actual website. + type: string + title: + description: Title. + type: string + document: + description: Document resource name. + type: string + mimeType: + type: string + description: >- + The mime type of the document. + https://www.iana.org/assignments/media-types/media-types.xhtml. + pageIdentifier: + description: Page identifier. + type: string + domain: + description: >- + Domain name from the document URI. Note that the `uri` field may + contain a URL that redirects to the actual website, in which case + this will contain the domain name of the target site. type: string - format: int64 - GoogleCloudDiscoveryengineV1EngineChatEngineMetadata: - id: GoogleCloudDiscoveryengineV1EngineChatEngineMetadata - description: >- - Additional information of a Chat Engine. Fields in this message are - output only. type: object + id: >- + GoogleCloudDiscoveryengineV1alphaAssistantGroundedContentTextGroundingMetadataReferenceDocumentMetadata + description: Document metadata. + GoogleCloudDiscoveryengineV1StreamAssistResponseSessionInfo: + type: object + id: GoogleCloudDiscoveryengineV1StreamAssistResponseSessionInfo + description: Information about the session. properties: - dialogflowAgent: + session: description: >- - The resource name of a Dialogflow agent, that this Chat Engine - refers to. Format: `projects//locations//agents/`. + Name of the newly generated or continued session. Format: + `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}/sessions/{session}`. type: string - GoogleCloudDiscoveryengineV1EngineCommonConfig: - id: GoogleCloudDiscoveryengineV1EngineCommonConfig - description: Common configurations for an Engine. + GoogleCloudDiscoveryengineV1betaEvaluationEvaluationSpecQuerySetSpec: type: object + description: Describes the specification of the query set. properties: - companyName: + sampleQuerySet: description: >- - The name of the company, business or entity that is associated with - the engine. Setting this may help improve LLM related features. + Optional. The full resource name of the SampleQuerySet used for the + evaluation, in the format of + `projects/{project}/locations/{location}/sampleQuerySets/{sampleQuerySet}`. type: string - GoogleCloudDiscoveryengineV1ListEnginesResponse: - id: GoogleCloudDiscoveryengineV1ListEnginesResponse - description: Response message for EngineService.ListEngines method. - type: object + id: GoogleCloudDiscoveryengineV1betaEvaluationEvaluationSpecQuerySetSpec + GoogleCloudDiscoveryengineV1ListAssistantsResponse: properties: - engines: - description: All the customer's Engines. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Engine' nextPageToken: - description: Not supported. type: string - GoogleCloudDiscoveryengineV1CheckGroundingRequest: - id: GoogleCloudDiscoveryengineV1CheckGroundingRequest - description: Request message for GroundedGenerationService.CheckGrounding method. + description: >- + A token that can be sent as ListAssistantsRequest.page_token to + retrieve the next page. If this field is omitted, there are no + subsequent pages. + assistants: + type: array + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Assistant' + description: All the customer's Assistants. + description: Response message for the AssistantService.ListAssistants method. + type: object + id: GoogleCloudDiscoveryengineV1ListAssistantsResponse + GoogleCloudDiscoveryengineV1ConverseConversationRequest: type: object + id: GoogleCloudDiscoveryengineV1ConverseConversationRequest + description: >- + Request message for ConversationalSearchService.ConverseConversation + method. properties: - answerCandidate: + summarySpec: description: >- - Answer candidate to check. It can have a maximum length of 4096 - tokens. + A specification for configuring the summary returned in the + response. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpec + servingConfig: type: string - facts: - description: List of facts for the grounding check. We support up to 200 facts. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1GroundingFact' - groundingSpec: - description: Configuration of the grounding check. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CheckGroundingSpec' + description: >- + The resource name of the Serving Config to use. Format: + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store_id}/servingConfigs/{serving_config_id}` + If this is not set, the default serving config will be used. + query: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TextInput' + description: Required. Current user input. userLabels: + additionalProperties: + type: string + type: object description: >- The user labels applied to a resource must meet the following requirements: * Each resource can have multiple labels, up to a @@ -7226,2649 +8537,2478 @@ components: letter or international character. See [Google Cloud Document](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) for more details. - type: object - additionalProperties: - type: string - GoogleCloudDiscoveryengineV1GroundingFact: - id: GoogleCloudDiscoveryengineV1GroundingFact - description: Grounding Fact. - type: object - properties: - factText: - description: Text content of the fact. Can be at most 10K characters long. - type: string - attributes: - description: >- - Attributes associated with the fact. Common attributes include - `source` (indicating where the fact was sourced from), `author` - (indicating the author of the fact), and so on. - type: object - additionalProperties: - type: string - GoogleCloudDiscoveryengineV1CheckGroundingSpec: - id: GoogleCloudDiscoveryengineV1CheckGroundingSpec - description: Specification for the grounding check. - type: object - properties: - citationThreshold: - description: >- - The threshold (in [0,1]) used for determining whether a fact must be - cited for a claim in the answer candidate. Choosing a higher - threshold will lead to fewer but very strong citations, while - choosing a lower threshold may lead to more but somewhat weaker - citations. If unset, the threshold will default to 0.6. - type: number - format: double - enableClaimLevelScore: - description: >- - The control flag that enables claim-level grounding score in the - response. + safeSearch: + description: Whether to turn on safe search. type: boolean - GoogleCloudDiscoveryengineV1CheckGroundingResponse: - id: GoogleCloudDiscoveryengineV1CheckGroundingResponse - description: >- - Response message for the GroundedGenerationService.CheckGrounding - method. - type: object - properties: - supportScore: - description: >- - The support score for the input answer candidate. Higher the score, - higher is the fraction of claims that are supported by the provided - facts. This is always set when a response is returned. - type: number - format: float - citedChunks: + boostSpec: description: >- - List of facts cited across all claims in the answer candidate. These - are derived from the facts supplied in the request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1FactChunk' - citedFacts: + Boost specification to boost certain documents in search results + which may affect the converse response. For more information on + boosting, see + [Boosting](https://cloud.google.com/retail/docs/boosting#boost) + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestBoostSpec + conversation: description: >- - List of facts cited across all claims in the answer candidate. These - are derived from the facts supplied in the request. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1CheckGroundingResponseCheckGroundingFactChunk - claims: + The conversation to be used by auto session only. The name field + will be ignored as we automatically assign new name for the + conversation in auto session. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + filter: description: >- - Claim texts and citation info across all claims in the answer - candidate. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1CheckGroundingResponseClaim - GoogleCloudDiscoveryengineV1FactChunk: - id: GoogleCloudDiscoveryengineV1FactChunk - description: Fact Chunk. - type: object + The filter syntax consists of an expression language for + constructing a predicate from one or more fields of the documents + being filtered. Filter expression is case-sensitive. This will be + used to filter search results which may affect the summary response. + If this field is unrecognizable, an `INVALID_ARGUMENT` is returned. + Filtering in Vertex AI Search is done by mapping the LHS filter key + to a key property defined in the Vertex AI Search backend -- this + mapping is defined by the customer in their schema. For example a + media customer might have a field 'name' in their schema. In this + case the filter would look like this: filter --> name:'ANY("king + kong")' For more information about filtering including syntax and + filter operators, see + [Filter](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) + type: string + GoogleCloudDiscoveryengineV1betaAclConfig: properties: - chunkText: - description: Text content of the fact chunk. Can be at most 10K characters long. + idpConfig: + description: Identity provider config. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaIdpConfig' + name: type: string - source: description: >- - Source from which this fact chunk was retrieved. If it was retrieved - from the GroundingFacts provided in the request then this field will - contain the index of the specific fact from which this chunk was - retrieved. - type: string - index: + Immutable. The full resource name of the acl configuration. Format: + `projects/{project}/locations/{location}/aclConfig`. This field must + be a UTF-8 encoded string with a length limit of 1024 characters. + description: Access Control Configuration. + type: object + id: GoogleCloudDiscoveryengineV1betaAclConfig + GoogleCloudDiscoveryengineV1betaSearchRequestFacetSpec: + description: A facet specification to perform faceted search. + properties: + limit: description: >- - The index of this chunk. Currently, only used for the streaming - mode. + Maximum facet values that are returned for this facet. If + unspecified, defaults to 20. The maximum allowed value is 300. + Values above 300 are coerced to 300. For aggregation in healthcare + search, when the [FacetKey.key] is "healthcare_aggregation_key", the + limit will be overridden to 10,000 internally, regardless of the + value set here. If this field is negative, an `INVALID_ARGUMENT` is + returned. type: integer format: int32 - sourceMetadata: - description: More fine-grained information for the source reference. - type: object - additionalProperties: - type: string - uri: - description: The URI of the source. - type: string - title: - description: The title of the source. - type: string - domain: - description: The domain of the source. - type: string - GoogleCloudDiscoveryengineV1CheckGroundingResponseCheckGroundingFactChunk: - id: >- - GoogleCloudDiscoveryengineV1CheckGroundingResponseCheckGroundingFactChunk - description: Fact chunk for grounding check. - type: object - properties: - chunkText: - description: Text content of the fact chunk. Can be at most 10K characters long. - type: string - GoogleCloudDiscoveryengineV1CheckGroundingResponseClaim: - id: GoogleCloudDiscoveryengineV1CheckGroundingResponseClaim - description: Text and citation info for a claim in the answer candidate. - type: object - properties: - startPos: - description: >- - Position indicating the start of the claim in the answer candidate, - measured in bytes. Note that this is not measured in characters and, - therefore, must be rendered in the user interface keeping in mind - that some characters may take more than one byte. For example, if - the claim text contains non-ASCII characters, the start and end - positions vary when measured in characters - (programming-language-dependent) and when measured in bytes - (programming-language-independent). - type: integer - format: int32 - endPos: - description: >- - Position indicating the end of the claim in the answer candidate, - exclusive, in bytes. Note that this is not measured in characters - and, therefore, must be rendered as such. For example, if the claim - text contains non-ASCII characters, the start and end positions vary - when measured in characters (programming-language-dependent) and - when measured in bytes (programming-language-independent). - type: integer - format: int32 - claimText: - description: >- - Text for the claim in the answer candidate. Always provided - regardless of whether citations or anti-citations are found. - type: string - citationIndices: + enableDynamicPosition: description: >- - A list of indices (into 'cited_chunks') specifying the citations - associated with the claim. For instance [1,3,4] means that - cited_chunks[1], cited_chunks[3], cited_chunks[4] are the facts - cited supporting for the claim. A citation to a fact indicates that - the claim is supported by the fact. + Enables dynamic position for this facet. If set to true, the + position of this facet among all facets in the response is + determined automatically. If dynamic facets are enabled, it is + ordered together. If set to false, the position of this facet in the + response is the same as in the request, and it is ranked before the + facets with dynamic position enable and all dynamic facets. For + example, you may always want to have rating facet returned in the + response, but it's not necessarily to always display the rating + facet at the top. In that case, you can set enable_dynamic_position + to true so that the position of rating facet in response is + determined automatically. Another example, assuming you have the + following facets in the request: * "rating", enable_dynamic_position + = true * "price", enable_dynamic_position = false * "brands", + enable_dynamic_position = false And also you have a dynamic facets + enabled, which generates a facet `gender`. Then the final order of + the facets in the response can be ("price", "brands", "rating", + "gender") or ("price", "brands", "gender", "rating") depends on how + API orders "gender" and "rating" facets. However, notice that + "price" and "brands" are always ranked at first and second position + because their enable_dynamic_position is false. + type: boolean + excludedFilterKeys: type: array - items: - type: integer - format: int32 - groundingCheckRequired: description: >- - Indicates that this claim required grounding check. When the system - decided this claim doesn't require attribution/grounding check, this - field will be set to false. In that case, no grounding check was - done for the claim and therefore citation_indices should not be + List of keys to exclude when faceting. By default, FacetKey.key is + not excluded from the filter unless it is listed in this field. + Listing a facet key in this field allows its values to appear as + facet results, even when they are filtered out of search results. + Using this field does not affect what search results are returned. + For example, suppose there are 100 documents with the color facet + "Red" and 200 documents with the color facet "Blue". A query + containing the filter "color:ANY("Red")" and having "color" as + FacetKey.key would by default return only "Red" documents in the + search results, and also return "Red" with count 100 as the only + color facet. Although there are also blue documents available, + "Blue" would not be shown as an available facet value. If "color" is + listed in "excludedFilterKeys", then the query returns the facet + values "Red" with count 100 and "Blue" with count 200, because the + "color" key is now excluded from the filter. Because this field + doesn't affect search results, the search results are still + correctly filtered to return only "Red" documents. A maximum of 100 + values are allowed. Otherwise, an `INVALID_ARGUMENT` error is returned. - type: boolean - score: - description: >- - Confidence score for the claim in the answer candidate, in the range - of [0, 1]. This is set only when - `CheckGroundingRequest.grounding_spec.enable_claim_level_score` is - true. - type: number - format: double - GoogleCloudDiscoveryengineV1IdentityMappingStore: - id: GoogleCloudDiscoveryengineV1IdentityMappingStore - description: Identity Mapping Store which contains Identity Mapping Entries. + items: + type: string + facetKey: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestFacetSpecFacetKey + description: Required. The facet key specification. + id: GoogleCloudDiscoveryengineV1betaSearchRequestFacetSpec type: object + GoogleCloudDiscoveryengineLoggingServiceContext: + description: Describes a running service that sends errors. + id: GoogleCloudDiscoveryengineLoggingServiceContext properties: - name: - description: >- - Immutable. The full resource name of the identity mapping store. - Format: - `projects/{project}/locations/{location}/identityMappingStores/{identity_mapping_store}`. - This field must be a UTF-8 encoded string with a length limit of - 1024 characters. - type: string - kmsKeyName: - description: >- - Input only. The KMS key to be used to protect this Identity Mapping - Store at creation time. Must be set for requests that need to comply - with CMEK Org Policy protections. If this field is set and processed - successfully, the Identity Mapping Store will be protected by the - KMS key, as indicated in the cmek_config field. + service: type: string - cmekConfig: description: >- - Output only. CMEK-related information for the Identity Mapping - Store. - readOnly: true - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CmekConfig' - GoogleCloudDiscoveryengineV1ImportIdentityMappingsRequest: - id: GoogleCloudDiscoveryengineV1ImportIdentityMappingsRequest - description: Request message for IdentityMappingStoreService.ImportIdentityMappings + An identifier of the service—for example, + `discoveryengine.googleapis.com`. type: object + GoogleCloudDiscoveryengineV1betaDataStoreServingConfigDataStore: properties: - inlineSource: - description: The inline source to import identity mapping entries from. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ImportIdentityMappingsRequestInlineSource - GoogleCloudDiscoveryengineV1ImportIdentityMappingsRequestInlineSource: - id: GoogleCloudDiscoveryengineV1ImportIdentityMappingsRequestInlineSource - description: The inline source to import identity mapping entries from. + disabledForServing: + description: >- + Optional. If set true, the DataStore will not be available for + serving search requests. + type: boolean + description: >- + Stores information regarding the serving configurations at DataStore + level. + type: object + id: GoogleCloudDiscoveryengineV1betaDataStoreServingConfigDataStore + GoogleApiDistributionExemplar: type: object properties: - identityMappingEntries: - description: A maximum of 10000 entries can be imported at one time - type: array + timestamp: + type: string + format: google-datetime + description: The observation (sampling) time of the above value. + value: + type: number + format: double + description: >- + Value of the exemplar point. This value determines to which bucket + the exemplar belongs. + attachments: items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1IdentityMappingEntry - GoogleCloudDiscoveryengineV1IdentityMappingEntry: - id: GoogleCloudDiscoveryengineV1IdentityMappingEntry + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + type: array + description: >- + Contextual information about the example value. Examples are: Trace: + type.googleapis.com/google.monitoring.v3.SpanContext Literal string: + type.googleapis.com/google.protobuf.StringValue Labels dropped + during aggregation: + type.googleapis.com/google.monitoring.v3.DroppedLabels There may be + only a single attachment of any given message type in a single + exemplar, and this is enforced by the system. + id: GoogleApiDistributionExemplar description: >- - Identity Mapping Entry that maps an external identity to an internal - identity. + Exemplars are example points that may be used to annotate aggregated + distribution values. They are metadata that gives information about a + particular value added to a Distribution bucket, such as a trace ID that + was active when a value was added. They may contain further information, + such as a example values and timestamps, origin, etc. + GoogleCloudDiscoveryengineV1alphaUpdateTargetSiteMetadata: + description: >- + Metadata related to the progress of the + SiteSearchEngineService.UpdateTargetSite operation. This will be + returned by the google.longrunning.Operation.metadata field. type: object properties: - userId: - description: >- - User identifier. For Google Workspace user account, user_id should - be the google workspace user email. For non-google identity - provider, user_id is the mapped user identifier configured during - the workforcepool config. - type: string - groupId: + updateTime: description: >- - Group identifier. For Google Workspace user account, group_id should - be the google workspace group email. For non-google identity - provider, group_id is the mapped group identifier configured during - the workforcepool config. + Operation last update time. If the operation is done, this is also + the finish time. type: string - externalIdentity: - description: >- - Required. Identity outside the customer identity provider. The - length limit of external identity will be of 100 characters. + format: google-datetime + createTime: type: string - GoogleCloudDiscoveryengineV1PurgeIdentityMappingsRequest: - id: GoogleCloudDiscoveryengineV1PurgeIdentityMappingsRequest - description: Request message for IdentityMappingStoreService.PurgeIdentityMappings + format: google-datetime + description: Operation create time. + id: GoogleCloudDiscoveryengineV1alphaUpdateTargetSiteMetadata + GoogleCloudDiscoveryengineV1WidgetConfigDataStoreUiConfig: + id: GoogleCloudDiscoveryengineV1WidgetConfigDataStoreUiConfig + description: UI component configuration for data store. type: object properties: - inlineSource: - description: The inline source to purge identity mapping entries from. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1PurgeIdentityMappingsRequestInlineSource - filter: + fieldsUiComponentsMap: + type: object description: >- - Filter matching identity mappings to purge. The eligible field for - filtering is: * `update_time`: in ISO 8601 "zulu" format. * - `external_id` Examples: * Deleting all identity mappings updated in - a time range: `update_time > "2012-04-23T18:25:43.511Z" AND - update_time < "2012-04-23T18:30:43.511Z"` * Deleting all identity - mappings for a given external_id: `external_id = "id1"` * Deleting - all identity mappings inside an identity mapping store: `*` The - filtering fields are assumed to have an implicit AND. Should not be - used with source. An error will be thrown, if both are provided. + The key is the UI component. Mock. Currently supported `title`, + `thumbnail`, `url`, `custom1`, `custom2`, `custom3`. The value is + the name of the field along with its device visibility. The 3 custom + fields are optional and can be added or removed. `title`, + `thumbnail`, `url` are required UI components that cannot be + removed. + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigUIComponentField + name: + description: >- + The name of the data store. It should be data store resource name + Format: + `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}`. + For APIs under WidgetService, such as + WidgetService.LookUpWidgetConfig, the project number and location + part is erased in this field. + type: string + id: + readOnly: true type: string - force: description: >- - Actually performs the purge. If `force` is set to false, return the - expected purge count without deleting any identity mappings. This - field is only supported for purge with filter. For input source this - field is ignored and data will be purged regardless of the value of - this field. - type: boolean - GoogleCloudDiscoveryengineV1PurgeIdentityMappingsRequestInlineSource: - id: GoogleCloudDiscoveryengineV1PurgeIdentityMappingsRequestInlineSource - description: The inline source to purge identity mapping entries from. - type: object - properties: - identityMappingEntries: - description: A maximum of 10000 entries can be purged at one time - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1IdentityMappingEntry - GoogleCloudDiscoveryengineV1ListIdentityMappingsResponse: - id: GoogleCloudDiscoveryengineV1ListIdentityMappingsResponse - description: Response message for IdentityMappingStoreService.ListIdentityMappings - type: object - properties: - identityMappingEntries: - description: The Identity Mapping Entries. - type: array + Output only. the identifier of the data store, used for widget + service. For now it refers to data_store_id, in the future we will + migrate the field to encrypted data store name UUID. + facetField: items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1IdentityMappingEntry - nextPageToken: + #/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigFacetField description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudDiscoveryengineV1ListIdentityMappingStoresResponse: - id: GoogleCloudDiscoveryengineV1ListIdentityMappingStoresResponse - description: >- - Response message for - IdentityMappingStoreService.ListIdentityMappingStores + Facet fields that store the mapping of fields to end user widget + appearance. + type: array + GoogleCloudDiscoveryengineV1AlertPolicyConfigAlertEnrollment: + id: GoogleCloudDiscoveryengineV1AlertPolicyConfigAlertEnrollment type: object properties: - identityMappingStores: - description: The Identity Mapping Stores. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1IdentityMappingStore - nextPageToken: - description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. + alertId: + description: Immutable. The id of an alert. type: string - GoogleCloudDiscoveryengineV1ProvisionProjectRequest: - id: GoogleCloudDiscoveryengineV1ProvisionProjectRequest - description: Request for ProjectService.ProvisionProject method. + enrollState: + enum: + - ENROLL_STATES_UNSPECIFIED + - ENROLLED + - DECLINED + description: Required. The enrollment status of a customer. + type: string + enumDescriptions: + - >- + Default value. Used for customers who have not responded to the + alert policy. + - Customer is enrolled in this policy. + - Customer declined this policy. + description: The alert enrollment status. + GoogleCloudDiscoveryengineV1LicenseConfigUsageStats: + description: Stats about users' licenses. + id: GoogleCloudDiscoveryengineV1LicenseConfigUsageStats type: object properties: - acceptDataUseTerms: - description: >- - Required. Set to `true` to specify that caller has read and would - like to give consent to the [Terms for data - use](https://cloud.google.com/retail/data-use-terms). - type: boolean - dataUseTermsVersion: - description: >- - Required. The version of the [Terms for data - use](https://cloud.google.com/retail/data-use-terms) that caller has - read and would like to give consent to. Acceptable version is - `2022-11-23`, and this may change over time. + usedLicenseCount: + format: int64 type: string - saasParams: - description: Optional. Parameters for Agentspace. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ProvisionProjectRequestSaasParams - GoogleCloudDiscoveryengineV1ProvisionProjectRequestSaasParams: - id: GoogleCloudDiscoveryengineV1ProvisionProjectRequestSaasParams - description: Parameters for Agentspace. + description: Required. The number of licenses used. + licenseConfig: + type: string + description: Required. The LicenseConfig name. + GoogleCloudDiscoveryengineV1BatchCreateTargetSiteMetadata: + description: >- + Metadata related to the progress of the + SiteSearchEngineService.BatchCreateTargetSites operation. This will be + returned by the google.longrunning.Operation.metadata field. type: object + id: GoogleCloudDiscoveryengineV1BatchCreateTargetSiteMetadata properties: - acceptBizQos: + updateTime: description: >- - Optional. Set to `true` to specify that caller has read and would - like to give consent to the [Terms for Agent Space quality of - service]. - type: boolean - GoogleCloudDiscoveryengineV1RankRequest: - id: GoogleCloudDiscoveryengineV1RankRequest - description: Request message for RankService.Rank method. + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + type: string + createTime: + format: google-datetime + description: Operation create time. + type: string + GoogleApiDistributionBucketOptionsLinear: + id: GoogleApiDistributionBucketOptionsLinear + description: >- + Specifies a linear sequence of buckets that all have the same width + (except overflow and underflow). Each bucket represents a constant + absolute uncertainty on the specific value in the bucket. There are + `num_finite_buckets + 2` (= N) buckets. Bucket `i` has the following + boundaries: Upper bound (0 <= i < N-1): offset + (width * i). Lower + bound (1 <= i < N): offset + (width * (i - 1)). type: object properties: - model: - description: >- - The identifier of the model to use. It is one of: * - `semantic-ranker-512@latest`: Semantic ranking model with maximum - input token size 512. It is set to `semantic-ranker-512@latest` by - default if unspecified. - type: string - topN: - description: >- - The number of results to return. If this is unset or no bigger than - zero, returns all results. + offset: + format: double + description: Lower bound of the first bucket. + type: number + width: + type: number + description: Must be greater than 0. + format: double + numFiniteBuckets: type: integer format: int32 - query: - description: The query to use. + description: Must be greater than 0. + GoogleCloudDiscoveryengineV1alphaEngineChatEngineMetadata: + description: >- + Additional information of a Chat Engine. Fields in this message are + output only. + type: object + properties: + dialogflowAgent: type: string - records: - description: Required. A list of records to rank. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1RankingRecord' - ignoreRecordDetailsInResponse: - description: >- - If true, the response will contain only record ID and score. By - default, it is false, the response will contain record details. - type: boolean - userLabels: description: >- - The user labels applied to a resource must meet the following - requirements: * Each resource can have multiple labels, up to a - maximum of 64. * Each label must be a key-value pair. * Keys have a - minimum length of 1 character and a maximum length of 63 characters - and cannot be empty. Values can be empty and have a maximum length - of 63 characters. * Keys and values can contain only lowercase - letters, numeric characters, underscores, and dashes. All characters - must use UTF-8 encoding, and international characters are allowed. * - The key portion of a label must be unique. However, you can use the - same key with multiple resources. * Keys must start with a lowercase - letter or international character. See [Google Cloud - Document](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) - for more details. - type: object - additionalProperties: - type: string - GoogleCloudDiscoveryengineV1RankingRecord: - id: GoogleCloudDiscoveryengineV1RankingRecord - description: Record message for RankService.Rank method. + The resource name of a Dialogflow agent, that this Chat Engine + refers to. Format: `projects//locations//agents/`. + id: GoogleCloudDiscoveryengineV1alphaEngineChatEngineMetadata + GoogleCloudDiscoveryengineV1FactChunk: + description: Fact Chunk. type: object + id: GoogleCloudDiscoveryengineV1FactChunk properties: - id: - description: The unique ID to represent the record. + chunkText: + description: Text content of the fact chunk. Can be at most 10K characters long. + type: string + uri: + description: The URI of the source. type: string title: - description: >- - The title of the record. Empty by default. At least one of title or - content should be set otherwise an INVALID_ARGUMENT error is thrown. type: string - content: + description: The title of the source. + index: + type: integer description: >- - The content of the record. Empty by default. At least one of title - or content should be set otherwise an INVALID_ARGUMENT error is - thrown. - type: string - score: + The index of this chunk. Currently, only used for the streaming + mode. + format: int32 + source: description: >- - The score of this record based on the given query and selected - model. The score will be rounded to 2 decimal places. If the score - is close to 0, it will be rounded to 0.0001 to avoid returning - unset. - type: number - format: float - GoogleCloudDiscoveryengineV1RankResponse: - id: GoogleCloudDiscoveryengineV1RankResponse - description: Response message for RankService.Rank method. + Source from which this fact chunk was retrieved. If it was retrieved + from the GroundingFacts provided in the request then this field will + contain the index of the specific fact from which this chunk was + retrieved. + type: string + sourceMetadata: + additionalProperties: + type: string + description: More fine-grained information for the source reference. + type: object + domain: + description: The domain of the source. + type: string + GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecWebGroundingSpec: + description: Specification of the web grounding tool. + type: object + properties: {} + id: GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecWebGroundingSpec + GoogleCloudDiscoveryengineV1ChunkChunkMetadata: + id: GoogleCloudDiscoveryengineV1ChunkChunkMetadata + description: >- + Metadata of the current chunk. This field is only populated on + SearchService.Search API. type: object properties: - records: - description: A list of records sorted by descending score. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1RankingRecord' - GoogleCloudDiscoveryengineV1RecommendRequest: - id: GoogleCloudDiscoveryengineV1RecommendRequest - description: Request message for Recommend method. - type: object - properties: - userEvent: - description: >- - Required. Context about the user, what they are looking at and what - action they took to trigger the Recommend request. Note that this - user event detail won't be ingested to userEvent logs. Thus, a - separate userEvent write request is required for event logging. - Don't set UserEvent.user_pseudo_id or UserEvent.user_info.user_id to - the same fixed ID for different users. If you are trying to receive - non-personalized recommendations (not recommended; this can - negatively impact model performance), instead set - UserEvent.user_pseudo_id to a random unique ID and leave - UserEvent.user_info.user_id unset. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserEvent' - pageSize: + previousChunks: description: >- - Maximum number of results to return. Set this property to the number - of recommendation results needed. If zero, the service chooses a - reasonable default. The maximum allowed value is 100. Values above - 100 are set to 100. - type: integer - format: int32 - filter: + The previous chunks of the current chunk. The number is controlled + by SearchRequest.ContentSearchSpec.ChunkSpec.num_previous_chunks. + This field is only populated on SearchService.Search API. + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Chunk' + type: array + nextChunks: + type: array + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Chunk' description: >- - Filter for restricting recommendation results with a length limit of - 5,000 characters. Currently, only filter expressions on the - `filter_tags` attribute is supported. Examples: * `(filter_tags: - ANY("Red", "Blue") OR filter_tags: ANY("Hot", "Cold"))` * - `(filter_tags: ANY("Red", "Blue")) AND NOT (filter_tags: - ANY("Green"))` If `attributeFilteringSyntax` is set to true under - the `params` field, then attribute-based expressions are expected - instead of the above described tag-based syntax. Examples: * - (language: ANY("en", "es")) AND NOT (categories: ANY("Movie")) * - (available: true) AND (language: ANY("en", "es")) OR (categories: - ANY("Movie")) If your filter blocks all results, the API returns - generic (unfiltered) popular Documents. If you only want results - strictly matching the filters, set `strictFiltering` to `true` in - RecommendRequest.params to receive empty results instead. Note that - the API never returns Documents with `storageStatus` as `EXPIRED` or - `DELETED` regardless of filter choices. + The next chunks of the current chunk. The number is controlled by + SearchRequest.ContentSearchSpec.ChunkSpec.num_next_chunks. This + field is only populated on SearchService.Search API. + GoogleCloudDiscoveryengineV1AnswerStep: + properties: + state: + enum: + - STATE_UNSPECIFIED + - IN_PROGRESS + - FAILED + - SUCCEEDED + type: string + enumDescriptions: + - Unknown. + - Step is currently in progress. + - Step currently failed. + - Step has succeeded. + description: The state of the step. + thought: + description: The thought of the step. + type: string + actions: + description: Actions. + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AnswerStepAction' + type: array + description: + description: The description of the step. type: string - validateOnly: - description: >- - Use validate only mode for this recommendation query. If set to - `true`, a fake model is used that returns arbitrary Document IDs. - Note that the validate only mode should only be used for testing the - API, or if the model is not ready. - type: boolean - params: - description: >- - Additional domain specific parameters for the recommendations. - Allowed values: * `returnDocument`: Boolean. If set to `true`, the - associated Document object is returned in - RecommendResponse.RecommendationResult.document. * `returnScore`: - Boolean. If set to true, the recommendation score corresponding to - each returned Document is set in - RecommendResponse.RecommendationResult.metadata. The given score - indicates the probability of a Document conversion given the user's - context and history. * `strictFiltering`: Boolean. True by default. - If set to `false`, the service returns generic (unfiltered) popular - Documents instead of empty if your filter blocks all recommendation - results. * `diversityLevel`: String. Default empty. If set to be - non-empty, then it needs to be one of: * `no-diversity` * - `low-diversity` * `medium-diversity` * `high-diversity` * - `auto-diversity` This gives request-level control and adjusts - recommendation results based on Document category. * - `attributeFilteringSyntax`: Boolean. False by default. If set to - true, the `filter` field is interpreted according to the new, - attribute-based syntax. - type: object - additionalProperties: - type: any - userLabels: - description: >- - The user labels applied to a resource must meet the following - requirements: * Each resource can have multiple labels, up to a - maximum of 64. * Each label must be a key-value pair. * Keys have a - minimum length of 1 character and a maximum length of 63 characters - and cannot be empty. Values can be empty and have a maximum length - of 63 characters. * Keys and values can contain only lowercase - letters, numeric characters, underscores, and dashes. All characters - must use UTF-8 encoding, and international characters are allowed. * - The key portion of a label must be unique. However, you can use the - same key with multiple resources. * Keys must start with a lowercase - letter or international character. See [Requirements for - labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) - for more details. - type: object - additionalProperties: - type: string - GoogleCloudDiscoveryengineV1UserEvent: - id: GoogleCloudDiscoveryengineV1UserEvent - description: >- - UserEvent captures all metadata information Discovery Engine API needs - to know about how end users interact with your website. type: object + id: GoogleCloudDiscoveryengineV1AnswerStep + description: Step information. + GoogleCloudDiscoveryengineV1alphaSearchRequestPersonalizationSpec: properties: - eventType: - description: >- - Required. User event type. Allowed values are: Generic values: * - `search`: Search for Documents. * `view-item`: Detailed page view of - a Document. * `view-item-list`: View of a panel or ordered list of - Documents. * `view-home-page`: View of the home page. * - `view-category-page`: View of a category page, e.g. Home > Men > - Jeans * `add-feedback`: Add a user feedback. Retail-related values: - * `add-to-cart`: Add an item(s) to cart, e.g. in Retail online - shopping * `purchase`: Purchase an item(s) Media-related values: * - `media-play`: Start/resume watching a video, playing a song, etc. * - `media-complete`: Finished or stopped midway through a video, song, - etc. Custom conversion value: * `conversion`: Customer defined - conversion event. + mode: + enum: + - MODE_UNSPECIFIED + - AUTO + - DISABLED type: string - conversionType: + enumDescriptions: + - >- + Default value. In this case, server behavior defaults to + Mode.AUTO. + - Personalization is enabled if data quality requirements are met. + - Disable personalization. description: >- - Optional. Conversion type. Required if UserEvent.event_type is - `conversion`. This is a customer-defined conversion name in - lowercase letters or numbers separated by "-", such as "watch", - "good-visit" etc. Do not set the field if UserEvent.event_type is - not `conversion`. This mixes the custom conversion event with - predefined events like `search`, `view-item` etc. + The personalization mode of the search request. Defaults to + Mode.AUTO. + description: The specification for personalization. + id: GoogleCloudDiscoveryengineV1alphaSearchRequestPersonalizationSpec + type: object + GoogleCloudDiscoveryengineV1RankingRecord: + id: GoogleCloudDiscoveryengineV1RankingRecord + description: Record message for RankService.Rank method. + type: object + properties: + id: type: string - userPseudoId: - description: >- - Required. A unique identifier for tracking visitors. For example, - this could be implemented with an HTTP cookie, which should be able - to uniquely identify a visitor on a single device. This unique - identifier should not change if the visitor log in/out of the - website. Do not set the field to the same fixed ID for different - users. This mixes the event history of those users together, which - results in degraded model quality. The field must be a UTF-8 encoded - string with a length limit of 128 characters. Otherwise, an - `INVALID_ARGUMENT` error is returned. The field should not contain - PII or user-data. We recommend to use Google Analytics [Client - ID](https://developers.google.com/analytics/devguides/collection/analyticsjs/field-reference#clientId) - for this field. + description: The unique ID to represent the record. + title: type: string - engine: description: >- - The Engine resource name, in the form of - `projects/{project}/locations/{location}/collections/{collection_id}/engines/{engine_id}`. - Optional. Only required for Engine produced user events. For - example, user events from blended search. - type: string - dataStore: + The title of the record. Empty by default. At least one of title or + content should be set otherwise an INVALID_ARGUMENT error is thrown. + content: description: >- - The DataStore resource full name, of the form - `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}`. - Optional. Only required for user events whose data store can't by - determined by UserEvent.engine or UserEvent.documents. If data store - is set in the parent of write/import/collect user event requests, - this field can be omitted. + The content of the record. Empty by default. At least one of title + or content should be set otherwise an INVALID_ARGUMENT error is + thrown. type: string - eventTime: + score: description: >- - Only required for UserEventService.ImportUserEvents method. - Timestamp of when the user event happened. - type: string - format: google-datetime - userInfo: - description: Information about the end user. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserInfo' - directUserRequest: + The score of this record based on the given query and selected + model. The score will be rounded to 2 decimal places. If the score + is close to 0, it will be rounded to 0.0001 to avoid returning + unset. + type: number + format: float + GoogleCloudDiscoveryengineV1WidgetConfigUiSettingsGenerativeAnswerConfig: + description: Describes configuration for generative answer. + type: object + properties: + maxRephraseSteps: + type: integer + format: int32 description: >- - Should set to true if the request is made directly from the end - user, in which case the UserEvent.user_info.user_agent can be - populated from the HTTP request. This flag should be set only if the - API request is made directly from the end user such as a mobile app - (and not if a gateway or a server is processing and pushing the user - events). This should not be set when using the JavaScript tag in - UserEventService.CollectUserEvent. + Max rephrase steps. The max number is 5 steps. If not set or set to + < 1, it will be set to 1 by default. + ignoreNonAnswerSeekingQuery: + description: >- + Optional. Specifies whether to filter out queries that are not + answer-seeking. The default value is `false`. No answer is returned + if the search query is classified as a non-answer seeking query. If + this field is set to `true`, we skip generating answers for + non-answer seeking queries and return fallback messages instead. type: boolean - sessionId: + modelPromptPreamble: description: >- - A unique identifier for tracking a visitor session with a length - limit of 128 bytes. A session is an aggregation of an end user - behavior in a time span. A general guideline to populate the - session_id: 1. If user has no activity for 30 min, a new session_id - should be assigned. 2. The session_id should be unique across users, - suggest use uuid or add UserEvent.user_pseudo_id as prefix. + Text at the beginning of the prompt that instructs the model that + generates the answer. type: string - pageInfo: - description: >- - Page metadata such as categories and other critical information for - certain event types such as `view-category-page`. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1PageInfo' - attributionToken: - description: >- - Token to attribute an API response to user action(s) to trigger the - event. Highly recommended for user events that are the result of - RecommendationService.Recommend. This field enables accurate - attribution of recommendation model performance. The value must be - one of: * RecommendResponse.attribution_token for events that are - the result of RecommendationService.Recommend. * - SearchResponse.attribution_token for events that are the result of - SearchService.Search. This token enables us to accurately attribute - page view or conversion completion back to the event and the - particular predict response containing this clicked/purchased - product. If user clicks on product K in the recommendation results, - pass RecommendResponse.attribution_token as a URL parameter to - product K's page. When recording events on product K's page, log the - RecommendResponse.attribution_token to this field. + modelVersion: + description: The model version used to generate the answer. type: string - filter: + ignoreAdversarialQuery: description: >- - The filter syntax consists of an expression language for - constructing a predicate from one or more fields of the documents - being filtered. One example is for `search` events, the associated - SearchRequest may contain a filter expression in - SearchRequest.filter conforming to - https://google.aip.dev/160#filtering. Similarly, for - `view-item-list` events that are generated from a RecommendRequest, - this field may be populated directly from RecommendRequest.filter - conforming to https://google.aip.dev/160#filtering. The value must - be a UTF-8 encoded string with a length limit of 1,000 characters. - Otherwise, an `INVALID_ARGUMENT` error is returned. + Optional. Specifies whether to filter out queries that are + adversarial. + type: boolean + imageSource: + enum: + - IMAGE_SOURCE_UNSPECIFIED + - ALL_AVAILABLE_SOURCES + - CORPUS_IMAGE_ONLY + - FIGURE_GENERATION_ONLY + enumDescriptions: + - >- + Unspecified image source (multimodal feature is disabled by + default) + - >- + Behavior when service determines the pick from all available + sources. + - Include image from corpus in the answer. + - Triggers figure generation in the answer. + description: Optional. Source of image returned in the answer. type: string - documents: - description: >- - List of Documents associated with this user event. This field is - optional except for the following event types: * `view-item` * - `add-to-cart` * `purchase` * `media-play` * `media-complete` In a - `search` event, this field represents the documents returned to the - end user on the current page (the end user may have not finished - browsing the whole page yet). When a new page is returned to the end - user, after pagination/filtering/ordering even for the same query, a - new `search` event with different UserEvent.documents is desired. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DocumentInfo' - panel: - description: Panel metadata associated with this user event. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1PanelInfo' - searchInfo: - description: >- - SearchService.Search details related to the event. This field should - be set for `search` event. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SearchInfo' - completionInfo: - description: >- - CompletionService.CompleteQuery details related to the event. This - field should be set for `search` event when autocomplete function is - enabled and the user clicks a suggestion for search. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CompletionInfo' - transactionInfo: - description: The transaction metadata (if any) associated with this user event. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TransactionInfo' - tagIds: - description: >- - A list of identifiers for the independent experiment groups this - user event belongs to. This is used to distinguish between user - events associated with different experiment setups. - type: array - items: - type: string - promotionIds: - description: >- - The promotion IDs if this is an event associated with promotions. - Currently, this field is restricted to at most one ID. - type: array - items: - type: string - attributes: + resultCount: + type: integer + format: int32 + description: The number of top results to generate the answer from. Up to 10. + disableRelatedQuestions: + type: boolean + description: Whether generated answer contains suggested related questions. + ignoreLowRelevantContent: description: >- - Extra user event features to include in the recommendation model. - These attributes must NOT contain data that needs to be parsed or - processed further, e.g. JSON or other encodings. If you provide - custom attributes for ingested user events, also include them in the - user events that you associate with prediction requests. Custom - attribute formatting must be consistent between imported events and - events provided with prediction requests. This lets the Discovery - Engine API use those custom attributes when training models and - serving predictions, which helps improve recommendation quality. - This field needs to pass all below criteria, otherwise an - `INVALID_ARGUMENT` error is returned: * The key must be a UTF-8 - encoded string with a length limit of 5,000 characters. * For text - attributes, at most 400 values are allowed. Empty values are not - allowed. Each value must be a UTF-8 encoded string with a length - limit of 256 characters. * For number attributes, at most 400 values - are allowed. For product recommendations, an example of extra user - information is `traffic_channel`, which is how a user arrives at the - site. Users can arrive at the site by coming to the site directly, - coming through Google search, or in other ways. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CustomAttribute' - mediaInfo: - description: Media-specific info. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1MediaInfo' - panels: + Optional. Specifies whether to filter out queries that are not + relevant to the content. + type: boolean + languageCode: description: >- - Optional. List of panels associated with this event. Used for - page-level impression data. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1PanelInfo' - GoogleCloudDiscoveryengineV1PageInfo: - id: GoogleCloudDiscoveryengineV1PageInfo - description: Detailed page information. + Language code for Summary. Use language tags defined by + [BCP47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). Note: This is + an experimental feature. + type: string + id: GoogleCloudDiscoveryengineV1WidgetConfigUiSettingsGenerativeAnswerConfig + GoogleCloudDiscoveryengineV1EnableAdvancedSiteSearchRequest: + id: GoogleCloudDiscoveryengineV1EnableAdvancedSiteSearchRequest + properties: {} + description: >- + Request message for SiteSearchEngineService.EnableAdvancedSiteSearch + method. type: object + GoogleCloudDiscoveryengineV1Collection: + id: GoogleCloudDiscoveryengineV1Collection + type: object + description: >- + Collection is a container for configuring resources and access to a set + of DataStores. properties: - pageviewId: - description: >- - A unique ID of a web page view. This should be kept the same for all - user events triggered from the same pageview. For example, an item - detail page view could trigger multiple events as the user is - browsing the page. The `pageview_id` property should be kept the - same for all these events so that they can be grouped together - properly. When using the client side event reporting with JavaScript - pixel and Google Tag Manager, this value is filled in automatically. - type: string - pageCategory: - description: >- - The most specific category associated with a category page. To - represent full path of category, use '>' sign to separate different - hierarchies. If '>' is part of the category name, replace it with - other character(s). Category pages include special pages such as - sales or promotions. For instance, a special sale page may have the - category hierarchy: `"pageCategory" : "Sales > 2017 Black Friday - Deals"`. Required for `view-category-page` events. Other event types - should not set this field. Otherwise, an `INVALID_ARGUMENT` error is - returned. + displayName: type: string - uri: description: >- - Complete URL (window.location.href) of the user's current page. When - using the client side event reporting with JavaScript pixel and - Google Tag Manager, this value is filled in automatically. Maximum - length 5,000 characters. + Required. The Collection display name. This field must be a UTF-8 + encoded string with a length limit of 128 characters. Otherwise, an + INVALID_ARGUMENT error is returned. + name: type: string - referrerUri: description: >- - The referrer URL of the current page. When using the client side - event reporting with JavaScript pixel and Google Tag Manager, this - value is filled in automatically. However, some browser privacy - restrictions may cause this field to be empty. + Immutable. The full resource name of the Collection. Format: + `projects/{project}/locations/{location}/collections/{collection_id}`. + This field must be a UTF-8 encoded string with a length limit of + 1024 characters. + createTime: + format: google-datetime + description: Output only. Timestamp the Collection was created at. type: string - GoogleCloudDiscoveryengineV1DocumentInfo: - id: GoogleCloudDiscoveryengineV1DocumentInfo - description: Detailed document information associated with a user event. + readOnly: true + GoogleCloudDiscoveryengineV1SearchLinkPromotion: + description: >- + Promotion proto includes uri and other helping information to display + the promotion. type: object + id: GoogleCloudDiscoveryengineV1SearchLinkPromotion properties: - id: - description: The Document resource ID. - type: string - name: + uri: description: >- - The Document resource full name, of the form: - `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}/branches/{branch_id}/documents/{document_id}` + Optional. The URL for the page the user wants to promote. Must be + set for site search. For other verticals, this is optional. type: string - uri: - description: The Document URI - only allowed for website data stores. + document: type: string - quantity: description: >- - Quantity of the Document associated with the user event. Defaults to - 1. For example, this field is 2 if two quantities of the same - Document are involved in a `add-to-cart` event. Required for events - of the following event types: * `add-to-cart` * `purchase` - type: integer - format: int32 - promotionIds: + Optional. The Document the user wants to promote. For site search, + leave unset and only populate uri. Can be set along with uri. + title: description: >- - The promotion IDs associated with this Document. Currently, this - field is restricted to at most one ID. - type: array - items: - type: string - joined: + Required. The title of the promotion. Maximum length: 160 + characters. + type: string + imageUri: + type: string + description: Optional. The promotion thumbnail image url. + enabled: description: >- - Output only. Whether the referenced Document can be found in the - data store. - readOnly: true + Optional. The enabled promotion will be returned for any serving + configs associated with the parent of the control this promotion is + attached to. This flag is used for basic site search only. type: boolean - conversionValue: - description: >- - Optional. The conversion value associated with this Document. Must - be set if UserEvent.event_type is "conversion". For example, a value - of 1000 signifies that 1000 seconds were spent viewing a Document - for the `watch` conversion type. - type: number - format: float - GoogleCloudDiscoveryengineV1PanelInfo: - id: GoogleCloudDiscoveryengineV1PanelInfo - description: Detailed panel information associated with a user event. + description: + description: 'Optional. The Promotion description. Maximum length: 200 characters.' + type: string + GoogleCloudDiscoveryengineV1ListSchemasResponse: + description: Response message for SchemaService.ListSchemas method. + id: GoogleCloudDiscoveryengineV1ListSchemasResponse type: object properties: - panelId: - description: Required. The panel ID. - type: string - displayName: - description: The display name of the panel. - type: string - panelPosition: - description: >- - The ordered position of the panel, if shown to the user with other - panels. If set, then total_panels must also be set. - type: integer - format: int32 - totalPanels: + nextPageToken: description: >- - The total number of panels, including this one, shown to the user. - Must be set if panel_position is set. - type: integer - format: int32 - documents: - description: Optional. The document IDs associated with this panel. + A token that can be sent as ListSchemasRequest.page_token to + retrieve the next page. If this field is omitted, there are no + subsequent pages. + type: string + schemas: type: array + description: The Schemas. items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DocumentInfo' - GoogleCloudDiscoveryengineV1SearchInfo: - id: GoogleCloudDiscoveryengineV1SearchInfo - description: Detailed search information. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Schema' + GoogleCloudDiscoveryengineV1alphaImportIdentityMappingsResponse: type: object properties: - searchQuery: - description: >- - The user's search query. See SearchRequest.query for definition. The - value must be a UTF-8 encoded string with a length limit of 5,000 - characters. Otherwise, an `INVALID_ARGUMENT` error is returned. At - least one of search_query or PageInfo.page_category is required for - `search` events. Other event types should not set this field. - Otherwise, an `INVALID_ARGUMENT` error is returned. - type: string - orderBy: + errorSamples: + items: + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + description: A sample of errors encountered while processing the request. + description: Response message for IdentityMappingStoreService.ImportIdentityMappings + id: GoogleCloudDiscoveryengineV1alphaImportIdentityMappingsResponse + GoogleCloudDiscoveryengineV1SearchResponseQueryExpansionInfo: + properties: + expandedQuery: + description: Bool describing whether query expansion has occurred. + type: boolean + pinnedResultCount: description: >- - The order in which products are returned, if applicable. See - SearchRequest.order_by for definition and syntax. The value must be - a UTF-8 encoded string with a length limit of 1,000 characters. - Otherwise, an `INVALID_ARGUMENT` error is returned. This can only be - set for `search` events. Other event types should not set this - field. Otherwise, an `INVALID_ARGUMENT` error is returned. + Number of pinned results. This field will only be set when expansion + happens and SearchRequest.QueryExpansionSpec.pin_unexpanded_results + is set to true. + format: int64 type: string - offset: - description: >- - An integer that specifies the current offset for pagination (the - 0-indexed starting location, amongst the products deemed by the API - as relevant). See SearchRequest.offset for definition. If this field - is negative, an `INVALID_ARGUMENT` is returned. This can only be set - for `search` events. Other event types should not set this field. - Otherwise, an `INVALID_ARGUMENT` error is returned. - type: integer - format: int32 - GoogleCloudDiscoveryengineV1CompletionInfo: - id: GoogleCloudDiscoveryengineV1CompletionInfo + type: object description: >- - Detailed completion information including completion attribution token - and clicked completion info. + Information describing query expansion including whether expansion has + occurred. + id: GoogleCloudDiscoveryengineV1SearchResponseQueryExpansionInfo + GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigChunkingConfig: type: object + description: Configuration for chunking config. properties: - selectedSuggestion: - description: End user selected CompleteQueryResponse.QuerySuggestion.suggestion. - type: string - selectedPosition: - description: >- - End user selected CompleteQueryResponse.QuerySuggestion.suggestion - position, starting from 0. - type: integer - format: int32 - GoogleCloudDiscoveryengineV1TransactionInfo: - id: GoogleCloudDiscoveryengineV1TransactionInfo - description: A transaction represents the entire purchase transaction. + layoutBasedChunkingConfig: + description: Configuration for the layout based chunking. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig + id: GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigChunkingConfig + GoogleCloudDiscoveryengineV1alphaAnswerStepActionSearchAction: type: object properties: - value: - description: >- - Required. Total non-zero value associated with the transaction. This - value may include shipping, tax, or other adjustments to the total - value that you want to include. - type: number - format: float - currency: - description: Required. Currency code. Use three-character ISO-4217 code. + query: + description: The query to search. type: string - transactionId: - description: The transaction ID with a length limit of 128 characters. + description: Search action. + id: GoogleCloudDiscoveryengineV1alphaAnswerStepActionSearchAction + GoogleCloudDiscoveryengineV1alphaDataStoreBillingEstimation: + description: Estimation of data size per data store. + id: GoogleCloudDiscoveryengineV1alphaDataStoreBillingEstimation + properties: + websiteDataSize: + description: Data size for websites in terms of bytes. type: string - tax: - description: All the taxes associated with the transaction. - type: number - format: float - cost: - description: >- - All the costs associated with the products. These can be - manufacturing costs, shipping expenses not borne by the end user, or - any other costs, such that: * Profit = value - tax - cost - type: number - format: float - discountValue: - description: >- - The total discount(s) value applied to this transaction. This figure - should be excluded from TransactionInfo.value For example, if a user - paid TransactionInfo.value amount, then nominal (pre-discount) value - of the transaction is the sum of TransactionInfo.value and - TransactionInfo.discount_value This means that profit is calculated - the same way, regardless of the discount value, and that - TransactionInfo.discount_value can be larger than - TransactionInfo.value: * Profit = value - tax - cost - type: number - format: float - GoogleCloudDiscoveryengineV1CustomAttribute: - id: GoogleCloudDiscoveryengineV1CustomAttribute - description: >- - A custom attribute that is not explicitly modeled in a resource, e.g. - UserEvent. + format: int64 + unstructuredDataSize: + description: Data size for unstructured data in terms of bytes. + format: int64 + type: string + structuredDataSize: + description: Data size for structured data in terms of bytes. + type: string + format: int64 + unstructuredDataUpdateTime: + description: Last updated timestamp for unstructured data. + type: string + format: google-datetime + websiteDataUpdateTime: + format: google-datetime + description: Last updated timestamp for websites. + type: string + structuredDataUpdateTime: + type: string + format: google-datetime + description: Last updated timestamp for structured data. type: object + GoogleCloudDiscoveryengineV1AnswerQueryUnderstandingInfo: + type: object + id: GoogleCloudDiscoveryengineV1AnswerQueryUnderstandingInfo properties: - text: - description: >- - The textual values of this custom attribute. For example, - `["yellow", "green"]` when the key is "color". Empty string is not - allowed. Otherwise, an `INVALID_ARGUMENT` error is returned. Exactly - one of CustomAttribute.text or CustomAttribute.numbers should be - set. Otherwise, an `INVALID_ARGUMENT` error is returned. - type: array + queryClassificationInfo: items: - type: string - numbers: - description: >- - The numerical values of this custom attribute. For example, `[2.3, - 15.4]` when the key is "lengths_cm". Exactly one of - CustomAttribute.text or CustomAttribute.numbers should be set. - Otherwise, an `INVALID_ARGUMENT` error is returned. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryUnderstandingInfoQueryClassificationInfo + description: Query classification information. type: array - items: - type: number - format: double - GoogleCloudDiscoveryengineV1MediaInfo: - id: GoogleCloudDiscoveryengineV1MediaInfo - description: Media-specific user event information. - type: object + description: Query understanding information. + GoogleCloudDiscoveryengineV1ListDataStoresResponse: properties: - mediaProgressDuration: + nextPageToken: description: >- - The media progress time in seconds, if applicable. For example, if - the end user has finished 90 seconds of a playback video, then - MediaInfo.media_progress_duration.seconds should be set to 90. + A token that can be sent as ListDataStoresRequest.page_token to + retrieve the next page. If this field is omitted, there are no + subsequent pages. type: string - format: google-duration - mediaProgressPercentage: - description: >- - Media progress should be computed using only the - media_progress_duration relative to the media total length. This - value must be between `[0, 1.0]` inclusive. If this is not a - playback or the progress cannot be computed (e.g. ongoing - livestream), this field should be unset. - type: number - format: float - GoogleCloudDiscoveryengineV1RecommendResponse: - id: GoogleCloudDiscoveryengineV1RecommendResponse - description: Response message for Recommend method. + dataStores: + type: array + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' + description: All the customer's DataStores. + type: object + id: GoogleCloudDiscoveryengineV1ListDataStoresResponse + description: Response message for DataStoreService.ListDataStores method. + GoogleCloudDiscoveryengineV1ImportDocumentsRequestInlineSource: type: object + description: The inline source for the input config for ImportDocuments method. + id: GoogleCloudDiscoveryengineV1ImportDocumentsRequestInlineSource properties: - results: + documents: description: >- - A list of recommended Documents. The order represents the ranking - (from the most relevant Document to the least). + Required. A list of documents to update/create. Each document must + have a valid Document.id. Recommended max of 100 items. type: array items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1RecommendResponseRecommendationResult - attributionToken: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' + GoogleCloudDiscoveryengineLoggingSourceLocation: + type: object + id: GoogleCloudDiscoveryengineLoggingSourceLocation + properties: + functionName: description: >- - A unique attribution token. This should be included in the UserEvent - logs resulting from this recommendation, which enables accurate - attribution of recommendation model performance. + Human-readable name of a function or method—for example, + `google.cloud.discoveryengine.v1alpha.RecommendationService.Recommend`. type: string - missingIds: - description: >- - IDs of documents in the request that were missing from the default - Branch associated with the requested ServingConfig. - type: array - items: - type: string - validateOnly: - description: True if RecommendRequest.validate_only was set. - type: boolean - GoogleCloudDiscoveryengineV1RecommendResponseRecommendationResult: - id: GoogleCloudDiscoveryengineV1RecommendResponseRecommendationResult description: >- - RecommendationResult represents a generic recommendation result with - associated metadata. + Indicates a location in the source code of the service for which errors + are reported. + GoogleCloudDiscoveryengineV1alphaEnableAdvancedSiteSearchMetadata: type: object + description: >- + Metadata related to the progress of the + SiteSearchEngineService.EnableAdvancedSiteSearch operation. This will be + returned by the google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1alphaEnableAdvancedSiteSearchMetadata properties: - id: - description: Resource ID of the recommended Document. + createTime: type: string - document: - description: Set if `returnDocument` is set to true in RecommendRequest.params. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' - metadata: + description: Operation create time. + format: google-datetime + updateTime: + type: string + format: google-datetime description: >- - Additional Document metadata or annotations. Possible values: * - `score`: Recommendation score in double value. Is set if - `returnScore` is set to true in RecommendRequest.params. - type: object - additionalProperties: - type: any - GoogleCloudDiscoveryengineV1ListSchemasResponse: - id: GoogleCloudDiscoveryengineV1ListSchemasResponse - description: Response message for SchemaService.ListSchemas method. + Operation last update time. If the operation is done, this is also + the finish time. + GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfig: + id: GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfig + description: Additional config specs for a Media Recommendation engine. type: object properties: - schemas: - description: The Schemas. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Schema' - nextPageToken: + trainingState: description: >- - A token that can be sent as ListSchemasRequest.page_token to - retrieve the next page. If this field is omitted, there are no - subsequent pages. + The training state that the engine is in (e.g. `TRAINING` or + `PAUSED`). Since part of the cost of running the service is + frequency of training - this can be used to determine when to train + engine in order to control cost. If not specified: the default value + for `CreateEngine` method is `TRAINING`. The default value for + `UpdateEngine` method is to keep the state the same as before. + enum: + - TRAINING_STATE_UNSPECIFIED + - PAUSED + - TRAINING type: string - GoogleCloudDiscoveryengineV1TrainCustomModelRequest: - id: GoogleCloudDiscoveryengineV1TrainCustomModelRequest - description: Request message for SearchTuningService.TrainCustomModel method. - type: object - properties: - gcsTrainingInput: - description: Cloud Storage training input. + enumDescriptions: + - Unspecified training state. + - The engine training is paused. + - The engine is training. + engineFeaturesConfig: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1TrainCustomModelRequestGcsTrainingInput - modelType: + #/components/schemas/GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigEngineFeaturesConfig + description: Optional. Additional engine features config. + type: description: >- - Model to be trained. Supported values are: * **search-tuning**: Fine - tuning the search system based on data provided. + Required. The type of engine. e.g., `recommended-for-you`. This + field together with optimization_objective describe engine metadata + to use to control engine training and serving. Currently supported + values: `recommended-for-you`, `others-you-may-like`, + `more-like-this`, `most-popular-items`. type: string - errorConfig: + optimizationObjectiveConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigOptimizationObjectiveConfig description: >- - The desired location of errors incurred during the data ingestion - and training. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ImportErrorConfig' - modelId: - description: If not provided, a UUID will be generated. + Name and value of the custom threshold for cvr + optimization_objective. For target_field `watch-time`, + target_field_value must be an integer value indicating the media + progress time in seconds between (0, 86400] (excludes 0, includes + 86400) (e.g., 90). For target_field `watch-percentage`, the + target_field_value must be a valid float value between (0, 1.0] + (excludes 0, includes 1.0) (e.g., 0.5). + optimizationObjective: type: string - GoogleCloudDiscoveryengineV1TrainCustomModelRequestGcsTrainingInput: - id: GoogleCloudDiscoveryengineV1TrainCustomModelRequestGcsTrainingInput - description: Cloud Storage training data input. + description: >- + The optimization objective. e.g., `cvr`. This field together with + optimization_objective describe engine metadata to use to control + engine training and serving. Currently supported values: `ctr`, + `cvr`. If not specified, we choose default based on engine type. + Default depends on type of recommendation: `recommended-for-you` => + `ctr` `others-you-may-like` => `ctr` + GoogleCloudDiscoveryengineV1IdentityScheduleConfig: + description: The configuration for the identity data synchronization runs. type: object properties: - corpusDataPath: - description: >- - The Cloud Storage corpus data which could be associated in train - data. The data path format is `gs:///`. A newline delimited - jsonl/ndjson file. For search-tuning model, each line should have - the _id, title and text. Example: `{"_id": "doc1", title: "relevant - doc", "text": "relevant text"}` - type: string - queryDataPath: - description: >- - The gcs query data which could be associated in train data. The data - path format is `gs:///`. A newline delimited jsonl/ndjson file. For - search-tuning model, each line should have the _id and text. - Example: {"_id": "query1", "text": "example query"} + refreshInterval: + format: google-duration type: string - trainDataPath: description: >- - Cloud Storage training data path whose format should be `gs:///`. - The file should be in tsv format. Each line should have the doc_id - and query_id and score (number). For search-tuning model, it should - have the query-id corpus-id score as tsv file header. The score - should be a number in `[0, inf+)`. The larger the number is, the - more relevant the pair is. Example: * `query-id\tcorpus-id\tscore` * - `query1\tdoc1\t1` - type: string - testDataPath: + Optional. The refresh interval to sync the Access Control List + information for the documents ingested by this connector. If not + set, the access control list will be refreshed at the default + interval of 30 minutes. The identity refresh interval can be at + least 30 minutes and at most 7 days. + nextSyncTime: + $ref: '#/components/schemas/GoogleTypeDateTime' description: >- - Cloud Storage test data. Same format as train_data_path. If not - provided, a random 80/20 train/test split will be performed on - train_data_path. - type: string - GoogleCloudDiscoveryengineV1ListCustomModelsResponse: - id: GoogleCloudDiscoveryengineV1ListCustomModelsResponse - description: Response message for SearchTuningService.ListCustomModels method. - type: object - properties: - models: - description: List of custom tuning models. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CustomTuningModel' - GoogleCloudDiscoveryengineV1CustomTuningModel: - id: GoogleCloudDiscoveryengineV1CustomTuningModel - description: Metadata that describes a custom tuned model. - type: object + Optional. The UTC time when the next data sync is expected to start + for the Data Connector. Customers are only able to specify the hour + and minute to schedule the data sync. This is utilized when the data + connector has a refresh interval greater than 1 day. + id: GoogleCloudDiscoveryengineV1IdentityScheduleConfig + GoogleCloudDiscoveryengineV1ImportDocumentsRequest: + description: Request message for Import methods. properties: - name: - description: >- - Required. The fully qualified resource name of the model. Format: - `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/customTuningModels/{custom_tuning_model}`. - Model must be an alpha-numerical string with limit of 40 characters. - type: string - displayName: - description: The display name of the model. - type: string - modelVersion: - description: The version of the model. - type: string - format: int64 - modelState: + cloudSqlSource: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CloudSqlSource' + description: Cloud SQL input source. + firestoreSource: + description: Firestore input source. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1FirestoreSource' + inlineSource: + description: The Inline source for the input content for documents. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ImportDocumentsRequestInlineSource + reconciliationMode: + enum: + - RECONCILIATION_MODE_UNSPECIFIED + - INCREMENTAL + - FULL description: >- - The state that the model is in (e.g.`TRAINING` or - `TRAINING_FAILED`). - type: string + The mode of reconciliation between existing documents and the + documents to be imported. Defaults to + ReconciliationMode.INCREMENTAL. enumDescriptions: - - Default value. - - The model is in a paused training state. - - The model is currently training. - - The model has successfully completed training. - - The model is ready for serving. - - The model training failed. + - Defaults to `INCREMENTAL`. + - Inserts new documents or updates existing documents. - >- - The model training finished successfully but metrics did not - improve. - - Input data validation failed. Model training didn't start. - enum: - - MODEL_STATE_UNSPECIFIED - - TRAINING_PAUSED - - TRAINING - - TRAINING_COMPLETE - - READY_FOR_SERVING - - TRAINING_FAILED - - NO_IMPROVEMENT - - INPUT_VALIDATION_FAILED - createTime: - description: 'Deprecated: Timestamp the Model was created at.' - deprecated: true - type: string - format: google-datetime - trainingStartTime: - description: Timestamp the model training was initiated. + Calculates diff and replaces the entire document dataset. Existing + documents may be deleted if they are not present in the source + location. When using this mode, there won't be any downtime on the + dataset targeted. Any document that should remain unchanged or + that should be updated will continue serving while the operation + is running. type: string - format: google-datetime - metrics: - description: The metrics of the trained model. - type: object - additionalProperties: - type: number - format: double - errorMessage: + autoGenerateIds: description: >- - Currently this is only populated if the model state is - `INPUT_VALIDATION_FAILED`. - type: string - GoogleCloudDiscoveryengineV1ServingConfig: - id: GoogleCloudDiscoveryengineV1ServingConfig - description: >- - Configures metadata that is used to generate serving time results (e.g. - search results or recommendation predictions). The ServingConfig is - passed in the search and predict request and generates results. - type: object - properties: - mediaConfig: - description: The MediaConfig of the serving configuration. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ServingConfigMediaConfig - genericConfig: - description: The GenericConfig of the serving configuration. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ServingConfigGenericConfig - name: - description: >- - Immutable. Fully qualified name - `projects/{project}/locations/{location}/collections/{collection_id}/engines/{engine_id}/servingConfigs/{serving_config_id}` - type: string - displayName: - description: >- - Required. The human readable serving config display name. Used in - Discovery UI. This field must be a UTF-8 encoded string with a - length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error - is returned. - type: string - solutionType: - description: >- - Required. Immutable. Specifies the solution type that a serving - config can be associated with. - type: string - enumDescriptions: - - Default value. - - Used for Recommendations AI. - - Used for Discovery Search. - - Used for use cases related to the Generative AI agent. - - >- - Used for use cases related to the Generative Chat agent. It's used - for Generative chat engine only, the associated data stores must - enrolled with `SOLUTION_TYPE_CHAT` solution. - enum: - - SOLUTION_TYPE_UNSPECIFIED - - SOLUTION_TYPE_RECOMMENDATION - - SOLUTION_TYPE_SEARCH - - SOLUTION_TYPE_CHAT - - SOLUTION_TYPE_GENERATIVE_CHAT - modelId: - description: >- - The id of the model to use at serving time. Currently only - RecommendationModels are supported. Can be changed but only to a - compatible model (e.g. others-you-may-like CTR to - others-you-may-like CVR). Required when SolutionType is - SOLUTION_TYPE_RECOMMENDATION. + Whether to automatically generate IDs for the documents if absent. + If set to `true`, Document.ids are automatically generated based on + the hash of the payload, where IDs may not be consistent during + multiple imports. In which case ReconciliationMode.FULL is highly + recommended to avoid duplicate contents. If unset or set to `false`, + Document.ids have to be specified using id_field, otherwise, + documents without IDs fail to be imported. Supported data sources: * + GcsSource. GcsSource.data_schema must be `custom` or `csv`. + Otherwise, an INVALID_ARGUMENT error is thrown. * BigQuerySource. + BigQuerySource.data_schema must be `custom` or `csv`. Otherwise, an + INVALID_ARGUMENT error is thrown. * SpannerSource. * CloudSqlSource. + * FirestoreSource. * BigtableSource. + type: boolean + spannerSource: + description: Spanner input source. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SpannerSource' + idField: type: string - diversityLevel: description: >- - How much diversity to use in recommendation model results e.g. - `medium-diversity` or `high-diversity`. Currently supported values: - * `no-diversity` * `low-diversity` * `medium-diversity` * - `high-diversity` * `auto-diversity` If not specified, we choose - default based on recommendation model type. Default value: - `no-diversity`. Can only be set if SolutionType is - SOLUTION_TYPE_RECOMMENDATION. - type: string - rankingExpression: + The field indicates the ID field or column to be used as unique IDs + of the documents. For GcsSource it is the key of the JSON field. For + instance, `my_id` for JSON `{"my_id": "some_uuid"}`. For others, it + may be the column name of the table where the unique ids are stored. + The values of the JSON field or the table column are used as the + Document.ids. The JSON field or the table column must be of string + type, and the values must be set as valid strings conform to + [RFC-1034](https://tools.ietf.org/html/rfc1034) with 1-63 + characters. Otherwise, documents without valid IDs fail to be + imported. Only set this field when auto_generate_ids is unset or set + as `false`. Otherwise, an INVALID_ARGUMENT error is thrown. If it is + unset, a default value `_id` is used when importing from the allowed + data sources. Supported data sources: * GcsSource. + GcsSource.data_schema must be `custom` or `csv`. Otherwise, an + INVALID_ARGUMENT error is thrown. * BigQuerySource. + BigQuerySource.data_schema must be `custom` or `csv`. Otherwise, an + INVALID_ARGUMENT error is thrown. * SpannerSource. * CloudSqlSource. + * BigtableSource. + fhirStoreSource: + description: FhirStore input source. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1FhirStoreSource' + errorConfig: + description: The desired location of errors incurred during the Import. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ImportErrorConfig' + forceRefreshContent: description: >- - The ranking expression controls the customized ranking on retrieval - documents. To leverage this, document embedding is required. The - ranking expression setting in ServingConfig applies to all search - requests served by the serving config. However, if - `SearchRequest.ranking_expression` is specified, it overrides the - ServingConfig ranking expression. The ranking expression is a single - function or multiple functions that are joined by "+". * - ranking_expression = function, { " + ", function }; Supported - functions: * double * relevance_score * double * - dotProduct(embedding_field_path) Function variables: * - `relevance_score`: pre-defined keywords, used for measure relevance - between query and document. * `embedding_field_path`: the document - embedding field used with query embedding vector. * `dotProduct`: - embedding function between embedding_field_path and query embedding - vector. Example ranking expression: If document has an embedding - field doc_embedding, the ranking expression could be `0.5 * - relevance_score + 0.3 * dotProduct(doc_embedding)`. - type: string - createTime: - description: Output only. ServingConfig created timestamp. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. ServingConfig updated timestamp. - readOnly: true + Optional. Whether to force refresh the unstructured content of the + documents. If set to `true`, the content part of the documents will + be refreshed regardless of the update status of the referencing + content. + type: boolean + bigquerySource: + description: BigQuery input source. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1BigQuerySource' + updateMask: type: string - format: google-datetime - filterControlIds: description: >- - Filter controls to use in serving path. All triggered filter - controls will be applied. Filter controls must be in the same data - store as the serving config. Maximum of 20 filter controls. - type: array - items: - type: string - boostControlIds: - description: >- - Boost controls to use in serving path. All triggered boost controls - will be applied. Boost controls must be in the same data store as - the serving config. Maximum of 20 boost controls. - type: array - items: - type: string - redirectControlIds: + Indicates which fields in the provided imported documents to update. + If not set, the default is to update all fields. + format: google-fieldmask + bigtableSource: + description: Cloud Bigtable input source. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1BigtableSource' + alloyDbSource: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AlloyDbSource' + description: AlloyDB input source. + gcsSource: + description: Cloud Storage location for the input content. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1GcsSource' + id: GoogleCloudDiscoveryengineV1ImportDocumentsRequest + type: object + GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecChunkSpec: + properties: + numNextChunks: + format: int32 description: >- - IDs of the redirect controls. Only the first triggered redirect - action is applied, even if multiple apply. Maximum number of - specifications is 100. Can only be set if SolutionType is - SOLUTION_TYPE_SEARCH. - type: array - items: - type: string - synonymsControlIds: + The number of next chunks to be returned of the current chunk. The + maximum allowed value is 3. If not specified, no next chunks will be + returned. + type: integer + numPreviousChunks: + format: int32 + type: integer description: >- - Condition synonyms specifications. If multiple synonyms conditions - match, all matching synonyms controls in the list will execute. - Maximum number of specifications is 100. Can only be set if - SolutionType is SOLUTION_TYPE_SEARCH. - type: array - items: - type: string - onewaySynonymsControlIds: + The number of previous chunks to be returned of the current chunk. + The maximum allowed value is 3. If not specified, no previous chunks + will be returned. + description: >- + Specifies the chunk spec to be returned from the search response. Only + available if the SearchRequest.ContentSearchSpec.search_result_mode is + set to CHUNKS + id: GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecChunkSpec + type: object + GoogleCloudDiscoveryengineV1alphaRecrawlUrisMetadata: + id: GoogleCloudDiscoveryengineV1alphaRecrawlUrisMetadata + description: >- + Metadata related to the progress of the + SiteSearchEngineService.RecrawlUris operation. This will be returned by + the google.longrunning.Operation.metadata field. + type: object + properties: + validUrisCount: + type: integer description: >- - Condition oneway synonyms specifications. If multiple oneway - synonyms conditions match, all matching oneway synonyms controls in - the list will execute. Maximum number of specifications is 100. Can - only be set if SolutionType is SOLUTION_TYPE_SEARCH. - type: array + Total number of unique URIs in the request that are not in + invalid_uris. + format: int32 + successCount: + description: Total number of URIs that have been crawled so far. + format: int32 + type: integer + noindexUris: items: type: string - dissociateControlIds: - description: >- - Condition do not associate specifications. If multiple do not - associate conditions match, all matching do not associate controls - in the list will execute. Order does not matter. Maximum number of - specifications is 100. Can only be set if SolutionType is - SOLUTION_TYPE_SEARCH. type: array - items: - type: string - replacementControlIds: - description: >- - Condition replacement specifications. Applied according to the order - in the list. A previously replaced term can not be re-replaced. - Maximum number of specifications is 100. Can only be set if - SolutionType is SOLUTION_TYPE_SEARCH. + description: URIs that have no index meta tag. Sample limited to 1000. + createTime: + type: string + description: Operation create time. + format: google-datetime + urisNotMatchingTargetSites: type: array - items: - type: string - ignoreControlIds: description: >- - Condition ignore specifications. If multiple ignore conditions - match, all matching ignore controls in the list will execute. Order - does not matter. Maximum number of specifications is 100. - type: array + Unique URIs in the request that don't match any TargetSite in the + DataStore, only match TargetSites that haven't been fully indexed, + or match a TargetSite with type EXCLUDE. Sample limited to 1000. items: type: string - promoteControlIds: + urisNotMatchingTargetSitesCount: + format: int32 + type: integer + description: Total number of URIs that don't match any TargetSites. + invalidUris: description: >- - Condition promote specifications. Maximum number of specifications - is 100. + Unique URIs in the request that have invalid format. Sample limited + to 1000. type: array items: type: string - answerGenerationSpec: - description: Optional. The specification for answer generation. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerGenerationSpec - GoogleCloudDiscoveryengineV1ServingConfigMediaConfig: - id: GoogleCloudDiscoveryengineV1ServingConfigMediaConfig - description: >- - Specifies the configurations needed for Media Discovery. Currently we - support: * `demote_content_watched`: Threshold for watched content - demotion. Customers can specify if using watched content demotion or use - viewed detail page. Using the content watched demotion, customers need - to specify the watched minutes or percentage exceeds the threshold, the - content will be demoted in the recommendation result. * - `promote_fresh_content`: cutoff days for fresh content promotion. - Customers can specify if using content freshness promotion. If the - content was published within the cutoff days, the content will be - promoted in the recommendation result. Can only be set if SolutionType - is SOLUTION_TYPE_RECOMMENDATION. - type: object - properties: - contentWatchedPercentageThreshold: + noindexUrisCount: + type: integer + format: int32 + description: Total number of URIs that have no index meta tag. + quotaExceededCount: description: >- - Specifies the content watched percentage threshold for demotion. - Threshold value must be between [0, 1.0] inclusive. - type: number - format: float - contentWatchedSecondsThreshold: - description: Specifies the content watched minutes threshold for demotion. - type: number - format: float - demotionEventType: + Total number of URIs that were rejected due to insufficient indexing + resources. + format: int32 + type: integer + updateTime: + format: google-datetime description: >- - Specifies the event type used for demoting recommendation result. - Currently supported values: * `view-item`: Item viewed. * - `media-play`: Start/resume watching a video, playing a song, etc. * - `media-complete`: Finished or stopped midway through a video, song, - etc. If unset, watch history demotion will not be applied. Content - freshness demotion will still be applied. + Operation last update time. If the operation is done, this is also + the finish time. type: string - demoteContentWatchedPastDays: - description: >- - Optional. Specifies the number of days to look back for demoting - watched content. If set to zero or unset, defaults to the maximum of - 365 days. - type: integer + invalidUrisCount: + description: Total number of unique URIs in the request that have invalid format. format: int32 - contentFreshnessCutoffDays: - description: >- - Specifies the content freshness used for recommendation result. - Contents will be demoted if contents were published for more than - content freshness cutoff days. type: integer + pendingCount: + description: Total number of URIs that have yet to be crawled. format: int32 - GoogleCloudDiscoveryengineV1ServingConfigGenericConfig: - id: GoogleCloudDiscoveryengineV1ServingConfigGenericConfig - description: >- - Specifies the configurations needed for Generic Discovery.Currently we - support: * `content_search_spec`: configuration for generic content - search. - type: object + type: integer + GoogleCloudDiscoveryengineV1SearchResponseSearchResult: properties: - contentSearchSpec: + id: + type: string + description: Document.id of the searched Document. + modelScores: + description: Output only. Google provided available scores. + type: object + readOnly: true + additionalProperties: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DoubleList' + document: description: >- - Specifies the expected behavior of content search. Only valid for - content-search enabled data store. + The document data snippet in the search response. Only fields that + are marked as `retrievable` are populated. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' + rankSignals: + description: Optional. A set of ranking signals associated with the result. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpec - GoogleCloudDiscoveryengineV1AnswerGenerationSpec: - id: GoogleCloudDiscoveryengineV1AnswerGenerationSpec - description: The specification for answer generation. + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSearchResultRankSignals + chunk: + description: >- + The chunk data in the search response if the + SearchRequest.ContentSearchSpec.search_result_mode is set to CHUNKS. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Chunk' + id: GoogleCloudDiscoveryengineV1SearchResponseSearchResult type: object + description: Represents the search results. + GoogleCloudDiscoveryengineV1ImportIdentityMappingsRequest: properties: - userDefinedClassifierSpec: - description: Optional. The specification for user specified classifier spec. + inlineSource: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerGenerationSpecUserDefinedClassifierSpec - GoogleCloudDiscoveryengineV1AnswerGenerationSpecUserDefinedClassifierSpec: - id: >- - GoogleCloudDiscoveryengineV1AnswerGenerationSpecUserDefinedClassifierSpec - description: The specification for user defined classifier. + #/components/schemas/GoogleCloudDiscoveryengineV1ImportIdentityMappingsRequestInlineSource + description: The inline source to import identity mapping entries from. + id: GoogleCloudDiscoveryengineV1ImportIdentityMappingsRequest type: object + description: Request message for IdentityMappingStoreService.ImportIdentityMappings + GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesMetadata: + description: >- + Metadata related to the progress of the ImportSuggestionDenyListEntries + operation. This is returned by the google.longrunning.Operation.metadata + field. properties: - enableUserDefinedClassifier: + updateTime: description: >- - Optional. Whether or not to enable and include user defined - classifier. - type: boolean - preamble: - description: Optional. The preamble to be used for the user defined classifier. + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime type: string - modelId: - description: Optional. The model id to be used for the user defined classifier. + createTime: + description: Operation create time. type: string - taskMarker: - description: >- - Optional. The task marker to be used for the user defined - classifier. + format: google-datetime + type: object + id: GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesMetadata + GoogleCloudDiscoveryengineV1betaDeleteTargetSiteMetadata: + description: >- + Metadata related to the progress of the + SiteSearchEngineService.DeleteTargetSite operation. This will be + returned by the google.longrunning.Operation.metadata field. + properties: + createTime: + format: google-datetime type: string - topP: - description: >- - Optional. The top-p value to be used for the user defined - classifier. - type: number - format: double - topK: + description: Operation create time. + updateTime: description: >- - Optional. The top-k value to be used for the user defined - classifier. + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + type: string + id: GoogleCloudDiscoveryengineV1betaDeleteTargetSiteMetadata + type: object + GoogleCloudDiscoveryengineV1EnableAdvancedSiteSearchMetadata: + properties: + updateTime: + format: google-datetime type: string - format: int64 - temperature: description: >- - Optional. The temperature value to be used for the user defined - classifier. - type: number - format: double - seed: - description: Optional. The seed value to be used for the user defined classifier. - type: integer - format: int32 - GoogleCloudDiscoveryengineV1ListSessionsResponse: - id: GoogleCloudDiscoveryengineV1ListSessionsResponse - description: Response for ListSessions method. + Operation last update time. If the operation is done, this is also + the finish time. + createTime: + description: Operation create time. + format: google-datetime + type: string type: object + id: GoogleCloudDiscoveryengineV1EnableAdvancedSiteSearchMetadata + description: >- + Metadata related to the progress of the + SiteSearchEngineService.EnableAdvancedSiteSearch operation. This will be + returned by the google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1alphaRecrawlUrisResponseFailureInfo: properties: - sessions: - description: All the Sessions for a given data store. + uri: + type: string + description: URI that failed to be crawled. + failureReasons: + description: List of failure reasons by corpus type (e.g. desktop, mobile). type: array items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' - nextPageToken: - description: Pagination token, if not returned indicates the last page. - type: string - GoogleCloudDiscoveryengineV1SiteSearchEngine: - id: GoogleCloudDiscoveryengineV1SiteSearchEngine + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaRecrawlUrisResponseFailureInfoFailureReason description: >- - SiteSearchEngine captures DataStore level site search persisting - configurations. It is a singleton value per data store. + Details about why a particular URI failed to be crawled. Each + FailureInfo contains one FailureReason per CorpusType. + id: GoogleCloudDiscoveryengineV1alphaRecrawlUrisResponseFailureInfo type: object + GoogleCloudDiscoveryengineV1alphaAssistAnswerCustomerPolicyEnforcementResultPolicyEnforcementResult: + id: >- + GoogleCloudDiscoveryengineV1alphaAssistAnswerCustomerPolicyEnforcementResultPolicyEnforcementResult + description: Customer policy enforcement result for a single policy type. properties: - name: - description: >- - The fully qualified resource name of the site search engine. Format: - `projects/*/locations/*/dataStores/*/siteSearchEngine` - type: string - GoogleCloudDiscoveryengineV1TargetSite: - id: GoogleCloudDiscoveryengineV1TargetSite - description: A target site for the SiteSearchEngine. + bannedPhraseEnforcementResult: + description: The policy enforcement result for the banned phrase policy. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAssistAnswerCustomerPolicyEnforcementResultBannedPhraseEnforcementResult + modelArmorEnforcementResult: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAssistAnswerCustomerPolicyEnforcementResultModelArmorEnforcementResult + description: The policy enforcement result for the Model Armor policy. type: object + GoogleCloudDiscoveryengineV1betaImportSampleQueriesResponse: + id: GoogleCloudDiscoveryengineV1betaImportSampleQueriesResponse + description: >- + Response of the SampleQueryService.ImportSampleQueries method. If the + long running operation is done, this message is returned by the + google.longrunning.Operations.response field if the operation is + successful. properties: - name: - description: >- - Output only. The fully qualified resource name of the target site. - `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/siteSearchEngine/targetSites/{target_site}` - The `target_site_id` is system-generated. - readOnly: true - type: string - providedUriPattern: - description: >- - Required. Input only. The user provided URI pattern from which the - `generated_uri_pattern` is generated. - type: string - type: - description: >- - The type of the target site, e.g., whether the site is to be - included or excluded. - type: string - enumDescriptions: - - >- - This value is unused. In this case, server behavior defaults to - Type.INCLUDE. - - Include the target site. - - Exclude the target site. - enum: - - TYPE_UNSPECIFIED - - INCLUDE - - EXCLUDE - exactMatch: - description: >- - Immutable. If set to false, a uri_pattern is generated to include - all pages whose address contains the provided_uri_pattern. If set to - true, an uri_pattern is generated to try to be an exact match of the - provided_uri_pattern or just the specific page if the - provided_uri_pattern is a specific one. provided_uri_pattern is - always normalized to generate the URI pattern to be used by the - search engine. + errorConfig: + description: The desired location of errors incurred during the Import. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaImportErrorConfig + errorSamples: + type: array + description: A sample of errors encountered while processing the request. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + type: object + GoogleCloudDiscoveryengineV1alphaConditionQueryTerm: + properties: + fullMatch: + description: Whether the search query needs to exactly match the query term. type: boolean - generatedUriPattern: + value: description: >- - Output only. This is system-generated based on the - provided_uri_pattern. - readOnly: true - type: string - rootDomainUri: - description: Output only. Root domain of the provided_uri_pattern. - readOnly: true - type: string - siteVerificationInfo: - description: Output only. Site ownership and validity verification status. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SiteVerificationInfo - indexingStatus: - description: Output only. Indexing status. - readOnly: true - type: string - enumDescriptions: - - Defaults to SUCCEEDED. - - >- - The target site is in the update queue and will be picked up by - indexing pipeline. - - The target site fails to be indexed. - - The target site has been indexed. - - >- - The previously indexed target site has been marked to be deleted. - This is a transitioning state which will resulted in either: 1. - target site deleted if unindexing is successful; 2. state reverts - to SUCCEEDED if the unindexing fails. - - The target site change is pending but cancellable. - - The target site change is cancelled. - enum: - - INDEXING_STATUS_UNSPECIFIED - - PENDING - - FAILED - - SUCCEEDED - - DELETING - - CANCELLABLE - - CANCELLED - updateTime: - description: Output only. The target site's last updated time. - readOnly: true + The specific query value to match against Must be lowercase, must be + UTF-8. Can have at most 3 space separated terms if full_match is + true. Cannot be an empty string. Maximum length of 5000 characters. type: string - format: google-datetime - failureReason: - description: Output only. Failure reason. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1TargetSiteFailureReason - GoogleCloudDiscoveryengineV1SiteVerificationInfo: - id: GoogleCloudDiscoveryengineV1SiteVerificationInfo - description: Verification information for target sites in advanced site search. + id: GoogleCloudDiscoveryengineV1alphaConditionQueryTerm type: object + description: Matcher for search request query + GoogleCloudDiscoveryengineV1alphaProjectConfigurableBillingStatus: + id: GoogleCloudDiscoveryengineV1alphaProjectConfigurableBillingStatus properties: - siteVerificationState: - description: Site verification state indicating the ownership and validity. + effectiveSearchQpmThreshold: + description: >- + Optional. The currently effective Search QPM threshold in queries + per minute. This is the threshold against which QPM usage is + compared for overage calculations. type: string - enumDescriptions: - - Defaults to VERIFIED. - - Site ownership verified. - - Site ownership pending verification or verification failed. - - >- - Site exempt from verification, e.g., a public website that opens - to all. - enum: - - SITE_VERIFICATION_STATE_UNSPECIFIED - - VERIFIED - - UNVERIFIED - - EXEMPTED - verifyTime: - description: Latest site verification time. + format: int64 + startTime: + description: >- + Optional. The start time of the currently active billing + subscription. type: string format: google-datetime - GoogleCloudDiscoveryengineV1TargetSiteFailureReason: - id: GoogleCloudDiscoveryengineV1TargetSiteFailureReason - description: Site search indexing failure reasons. - type: object - properties: - quotaFailure: - description: Failed due to insufficient quota. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1TargetSiteFailureReasonQuotaFailure - GoogleCloudDiscoveryengineV1TargetSiteFailureReasonQuotaFailure: - id: GoogleCloudDiscoveryengineV1TargetSiteFailureReasonQuotaFailure - description: Failed due to insufficient quota. - type: object - properties: - totalRequiredQuota: - description: >- - This number is an estimation on how much total quota this project - needs to successfully complete indexing. + effectiveIndexingCoreThreshold: type: string + description: >- + Optional. The currently effective Indexing Core threshold. This is + the threshold against which Indexing Core usage is compared for + overage calculations. format: int64 - GoogleCloudDiscoveryengineV1BatchCreateTargetSitesRequest: - id: GoogleCloudDiscoveryengineV1BatchCreateTargetSitesRequest description: >- - Request message for SiteSearchEngineService.BatchCreateTargetSites - method. + Represents the currently effective configurable billing parameters. + These values are derived from the customer's subscription history stored + internally and reflect the thresholds actively being used for billing + purposes at the time of the GetProject call. This includes the + start_time of the subscription and may differ from the values in + `customer_provided_config` due to billing rules (e.g., scale-downs + taking effect only at the start of a new month). type: object + GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpec: properties: - requests: + ignoreAdversarialQuery: + type: boolean description: >- - Required. The request message specifying the resources to create. A - maximum of 20 TargetSites can be created in a batch. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1CreateTargetSiteRequest - GoogleCloudDiscoveryengineV1CreateTargetSiteRequest: - id: GoogleCloudDiscoveryengineV1CreateTargetSiteRequest - description: Request message for SiteSearchEngineService.CreateTargetSite method. - type: object - properties: - parent: + Specifies whether to filter out adversarial queries. The default + value is `false`. Google employs search-query classification to + detect adversarial queries. No summary is returned if the search + query is classified as an adversarial query. For example, a user + might ask a question regarding negative comments about the company + or submit a query designed to generate unsafe, policy-violating + output. If this field is set to `true`, we skip generating summaries + for adversarial queries and return fallback messages instead. + multimodalSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecMultiModalSpec + description: Optional. Multimodal specification. + ignoreNonSummarySeekingQuery: + type: boolean description: >- - Required. Parent resource name of TargetSite, such as - `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/siteSearchEngine`. - type: string - targetSite: - description: Required. The TargetSite to create. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' - GoogleCloudDiscoveryengineV1ListTargetSitesResponse: - id: GoogleCloudDiscoveryengineV1ListTargetSitesResponse - description: Response message for SiteSearchEngineService.ListTargetSites method. - type: object - properties: - targetSites: - description: List of TargetSites. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' - nextPageToken: + Specifies whether to filter out queries that are not + summary-seeking. The default value is `false`. Google employs + search-query classification to detect summary-seeking queries. No + summary is returned if the search query is classified as a + non-summary seeking query. For example, `why is the sky blue` and + `Who is the best soccer player in the world?` are summary-seeking + queries, but `SFO airport` and `world cup 2026` are not. They are + most likely navigational queries. If this field is set to `true`, we + skip generating summaries for non-summary seeking queries and return + fallback messages instead. + modelPromptSpec: description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. - type: string - totalSize: + If specified, the spec will be used to modify the prompt provided to + the LLM. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecModelPromptSpec + summaryResultCount: + format: int32 description: >- - The total number of items matching the request. This will always be - populated in the response. + The number of top results to generate the summary from. If the + number of results returned is less than `summaryResultCount`, the + summary is generated from all of the results. At most 10 results for + documents mode, or 50 for chunks mode, can be used to generate a + summary. The chunks mode is used when + SearchRequest.ContentSearchSpec.search_result_mode is set to CHUNKS. type: integer - format: int32 - GoogleCloudDiscoveryengineV1Sitemap: - id: GoogleCloudDiscoveryengineV1Sitemap - description: A sitemap for the SiteSearchEngine. + modelSpec: + description: >- + If specified, the spec will be used to modify the model + specification provided to the LLM. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecModelSpec + languageCode: + type: string + description: >- + Language code for Summary. Use language tags defined by + [BCP47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). Note: This is + an experimental feature. + ignoreJailBreakingQuery: + description: >- + Optional. Specifies whether to filter out jail-breaking queries. The + default value is `false`. Google employs search-query classification + to detect jail-breaking queries. No summary is returned if the + search query is classified as a jail-breaking query. A user might + add instructions to the query to change the tone, style, language, + content of the answer, or ask the model to act as a different + entity, e.g. "Reply in the tone of a competing company's CEO". If + this field is set to `true`, we skip generating summaries for + jail-breaking queries and return fallback messages instead. + type: boolean + includeCitations: + description: >- + Specifies whether to include citations in the summary. The default + value is `false`. When this field is set to `true`, summaries + include in-line citation numbers. Example summary including + citations: BigQuery is Google Cloud's fully managed and completely + serverless enterprise data warehouse [1]. BigQuery supports all data + types, works across clouds, and has built-in machine learning and + business intelligence, all within a unified platform [2, 3]. The + citation numbers refer to the returned search results and are + 1-indexed. For example, [1] means that the sentence is attributed to + the first search result. [2, 3] means that the sentence is + attributed to both the second and third search results. + type: boolean + ignoreLowRelevantContent: + description: >- + Specifies whether to filter out queries that have low relevance. The + default value is `false`. If this field is set to `false`, all + search results are used regardless of relevance to generate answers. + If set to `true`, only queries with high relevance search results + will generate answers. + type: boolean + useSemanticChunks: + type: boolean + description: >- + If true, answer will be generated from most relevant chunks from top + search results. This feature will improve summary quality. Note that + with this feature enabled, not all top search results will be + referenced and included in the reference list, so the citation + source index only points to the search results listed in the + reference list. + type: object + description: A specification for configuring a summary returned in a search response. + id: >- + GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpec + GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfigAgentCreationConfig: + description: >- + Configurations for generating a Dialogflow agent. Note that these + configurations are one-time consumed by and passed to Dialogflow + service. It means they cannot be retrieved using EngineService.GetEngine + or EngineService.ListEngines API after engine creation. type: object + id: >- + GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfigAgentCreationConfig properties: - uri: - description: Public URI for the sitemap, e.g. `www.example.com/sitemap.xml`. + location: type: string - name: description: >- - Output only. The fully qualified resource name of the sitemap. - `projects/*/locations/*/collections/*/dataStores/*/siteSearchEngine/sitemaps/*` - The `sitemap_id` suffix is system-generated. - readOnly: true + Agent location for Agent creation, supported values: global/us/eu. + If not provided, us Engine will create Agent using us-central-1 by + default; eu Engine will create Agent using eu-west-1 by default. + defaultLanguageCode: type: string - createTime: - description: Output only. The sitemap's creation time. - readOnly: true + description: >- + Required. The default language of the agent as a language tag. See + [Language + Support](https://cloud.google.com/dialogflow/docs/reference/language) + for a list of the currently supported language codes. + business: + description: >- + Name of the company, organization or other entity that the agent + represents. Used for knowledge connector LLM prompt and for + knowledge search. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1FetchSitemapsResponse: - id: GoogleCloudDiscoveryengineV1FetchSitemapsResponse - description: Response message for SiteSearchEngineService.FetchSitemaps method. - type: object - properties: - sitemapsMetadata: - description: List of Sitemaps fetched. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1FetchSitemapsResponseSitemapMetadata - GoogleCloudDiscoveryengineV1FetchSitemapsResponseSitemapMetadata: - id: GoogleCloudDiscoveryengineV1FetchSitemapsResponseSitemapMetadata - description: Contains a Sitemap and its metadata. + timeZone: + type: string + description: >- + Required. The time zone of the agent from the [time zone + database](https://www.iana.org/time-zones), e.g., America/New_York, + Europe/Paris. + GoogleCloudDiscoveryengineV1betaQualityMetricsTopkMetrics: type: object properties: - sitemap: - description: The Sitemap. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Sitemap' - GoogleCloudDiscoveryengineV1EnableAdvancedSiteSearchRequest: - id: GoogleCloudDiscoveryengineV1EnableAdvancedSiteSearchRequest - description: >- - Request message for SiteSearchEngineService.EnableAdvancedSiteSearch - method. - type: object - properties: {} - GoogleCloudDiscoveryengineV1DisableAdvancedSiteSearchRequest: - id: GoogleCloudDiscoveryengineV1DisableAdvancedSiteSearchRequest + top1: + description: The top-1 value. + type: number + format: double + top3: + format: double + description: The top-3 value. + type: number + top5: + type: number + description: The top-5 value. + format: double + top10: + type: number + description: The top-10 value. + format: double + description: Stores the metric values at specific top-k levels. + id: GoogleCloudDiscoveryengineV1betaQualityMetricsTopkMetrics + GoogleCloudDiscoveryengineV1alphaPurgeUserEventsMetadata: description: >- - Request message for SiteSearchEngineService.DisableAdvancedSiteSearch - method. - type: object - properties: {} - GoogleCloudDiscoveryengineV1RecrawlUrisRequest: - id: GoogleCloudDiscoveryengineV1RecrawlUrisRequest - description: Request message for SiteSearchEngineService.RecrawlUris method. - type: object + Metadata related to the progress of the PurgeUserEvents operation. This + will be returned by the google.longrunning.Operation.metadata field. properties: - uris: + successCount: + type: string + format: int64 + description: Count of entries that were deleted successfully. + failureCount: + format: int64 + type: string + description: Count of entries that encountered errors while processing. + updateTime: description: >- - Required. List of URIs to crawl. At most 10K URIs are supported, - otherwise an INVALID_ARGUMENT error is thrown. Each URI should match - at least one TargetSite in `site_search_engine`. - type: array - items: - type: string - siteCredential: - description: Optional. Credential id to use for crawling. + Operation last update time. If the operation is done, this is also + the finish time. type: string - GoogleCloudDiscoveryengineV1BatchVerifyTargetSitesRequest: - id: GoogleCloudDiscoveryengineV1BatchVerifyTargetSitesRequest - description: >- - Request message for SiteSearchEngineService.BatchVerifyTargetSites - method. + format: google-datetime + createTime: + type: string + format: google-datetime + description: Operation create time. + id: GoogleCloudDiscoveryengineV1alphaPurgeUserEventsMetadata type: object - properties: {} - GoogleCloudDiscoveryengineV1FetchDomainVerificationStatusResponse: - id: GoogleCloudDiscoveryengineV1FetchDomainVerificationStatusResponse - description: >- - Response message for - SiteSearchEngineService.FetchDomainVerificationStatus method. + GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpec: + id: GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpec type: object properties: - targetSites: - description: List of TargetSites containing the site verification status. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' - nextPageToken: + summarySpec: description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. + If `summarySpec` is not specified, summaries are not included in the + search response. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpec + chunkSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecChunkSpec + description: >- + Specifies the chunk spec to be returned from the search response. + Only available if the + SearchRequest.ContentSearchSpec.search_result_mode is set to CHUNKS + searchResultMode: type: string - totalSize: description: >- - The total number of items matching the request. This will always be - populated in the response. - type: integer - format: int32 - GoogleApiHttpBody: - id: GoogleApiHttpBody - description: >- - Message that represents an arbitrary HTTP body. It should only be used - for payload formats that can't be represented as JSON, such as raw - binary or an HTML page. This message can be used both in streaming and - non-streaming API methods in the request as well as the response. It can - be used as a top-level request field, which is convenient if one wants - to extract parameters from either the URL or HTTP template into the - request fields and also want access to the raw HTTP body. Example: - message GetResourceRequest { // A unique request id. string request_id = - 1; // The raw HTTP body is bound to this field. google.api.HttpBody - http_body = 2; } service ResourceService { rpc - GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc - UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } - Example with streaming methods: service CaldavService { rpc - GetCalendar(stream google.api.HttpBody) returns (stream - google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) - returns (stream google.api.HttpBody); } Use of this type only changes - how the request and response bodies are handled, all other features will - continue to work unchanged. - type: object - properties: - contentType: + Specifies the search result mode. If unspecified, the search result + mode defaults to `DOCUMENTS`. + enum: + - SEARCH_RESULT_MODE_UNSPECIFIED + - DOCUMENTS + - CHUNKS + enumDescriptions: + - Default value. + - Returns documents in the search result. + - >- + Returns chunks in the search result. Only available if the + DocumentProcessingConfig.chunking_config is specified. + extractiveContentSpec: description: >- - The HTTP Content-Type header value specifying the content type of - the body. + If there is no extractive_content_spec provided, there will be no + extractive answer in the search response. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecExtractiveContentSpec + snippetSpec: + description: >- + If `snippetSpec` is not specified, snippets are not included in the + search response. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSnippetSpec + description: A specification for configuring the behavior of content search. + GoogleCloudDiscoveryengineV1betaDeleteSchemaMetadata: + properties: + createTime: type: string - data: - description: The HTTP request/response body as raw binary. + format: google-datetime + description: Operation create time. + updateTime: type: string - format: byte - extensions: description: >- - Application specific response metadata. Must be set in the first - response for streaming APIs. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleCloudDiscoveryengineV1PurgeUserEventsRequest: - id: GoogleCloudDiscoveryengineV1PurgeUserEventsRequest - description: Request message for PurgeUserEvents method. + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + id: GoogleCloudDiscoveryengineV1betaDeleteSchemaMetadata + type: object + description: Metadata for DeleteSchema LRO. + GoogleCloudDiscoveryengineV1PurgeIdentityMappingsRequest: + id: GoogleCloudDiscoveryengineV1PurgeIdentityMappingsRequest type: object properties: filter: - description: >- - Required. The filter string to specify the events to be deleted with - a length limit of 5,000 characters. The eligible fields for - filtering are: * `eventType`: Double quoted UserEvent.event_type - string. * `eventTime`: in ISO 8601 "zulu" format. * `userPseudoId`: - Double quoted string. Specifying this will delete all events - associated with a visitor. * `userId`: Double quoted string. - Specifying this will delete all events associated with a user. Note: - This API only supports purging a max range of 30 days. Examples: * - Deleting all events in a time range: `eventTime > - "2012-04-23T18:25:43.511Z" eventTime < "2012-04-23T18:30:43.511Z"` * - Deleting specific eventType in a time range: `eventTime > - "2012-04-23T18:25:43.511Z" eventTime < "2012-04-23T18:30:43.511Z" - eventType = "search"` * Deleting all events for a specific visitor - in a time range: `eventTime > "2012-04-23T18:25:43.511Z" eventTime < - "2012-04-23T18:30:43.511Z" userPseudoId = "visitor1024"` * Deleting - the past 30 days of events inside a DataStore: `*` The filtering - fields are assumed to have an implicit AND. type: string + description: >- + Filter matching identity mappings to purge. The eligible field for + filtering is: * `update_time`: in ISO 8601 "zulu" format. * + `external_id` Examples: * Deleting all identity mappings updated in + a time range: `update_time > "2012-04-23T18:25:43.511Z" AND + update_time < "2012-04-23T18:30:43.511Z"` * Deleting all identity + mappings for a given external_id: `external_id = "id1"` * Deleting + all identity mappings inside an identity mapping store: `*` The + filtering fields are assumed to have an implicit AND. Should not be + used with source. An error will be thrown, if both are provided. force: description: >- - The `force` field is currently not supported. Purge user event - requests will permanently delete all purgeable events. Once the - development is complete: If `force` is set to false, the method will - return the expected purge count without deleting any user events. - This field will default to false if not included in the request. + Actually performs the purge. If `force` is set to false, return the + expected purge count without deleting any identity mappings. This + field is only supported for purge with filter. For input source this + field is ignored and data will be purged regardless of the value of + this field. type: boolean - GoogleCloudDiscoveryengineV1ImportUserEventsRequest: - id: GoogleCloudDiscoveryengineV1ImportUserEventsRequest - description: Request message for the ImportUserEvents request. - type: object - properties: inlineSource: - description: The Inline source for the input content for UserEvents. + description: The inline source to purge identity mapping entries from. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ImportUserEventsRequestInlineSource - gcsSource: - description: Cloud Storage location for the input content. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1GcsSource' - bigquerySource: - description: BigQuery input source. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1BigQuerySource' - errorConfig: - description: >- - The desired location of errors incurred during the Import. Cannot be - set for inline user event imports. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ImportErrorConfig' - GoogleCloudDiscoveryengineV1ImportUserEventsRequestInlineSource: - id: GoogleCloudDiscoveryengineV1ImportUserEventsRequestInlineSource - description: The inline source for the input config for ImportUserEvents method. - type: object - properties: - userEvents: - description: >- - Required. A list of user events to import. Recommended max of 10k - items. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserEvent' - GoogleCloudDiscoveryengineV1ListUserLicensesResponse: - id: GoogleCloudDiscoveryengineV1ListUserLicensesResponse - description: Response message for UserLicenseService.ListUserLicenses. + #/components/schemas/GoogleCloudDiscoveryengineV1PurgeIdentityMappingsRequestInlineSource + description: Request message for IdentityMappingStoreService.PurgeIdentityMappings + GoogleCloudDiscoveryengineV1alphaRecrawlUrisResponseFailureInfoFailureReason: type: object + description: >- + Details about why crawling failed for a particular CorpusType, e.g., + DESKTOP and MOBILE crawling may fail for different reasons. + id: >- + GoogleCloudDiscoveryengineV1alphaRecrawlUrisResponseFailureInfoFailureReason properties: - userLicenses: - description: All the customer's UserLicenses. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserLicense' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + corpusType: + description: DESKTOP, MOBILE, or CORPUS_TYPE_UNSPECIFIED. + enum: + - CORPUS_TYPE_UNSPECIFIED + - DESKTOP + - MOBILE type: string - GoogleCloudDiscoveryengineV1UserLicense: - id: GoogleCloudDiscoveryengineV1UserLicense - description: User License information assigned by the admin. + enumDescriptions: + - Default value. + - Denotes a crawling attempt for the desktop version of a page. + - Denotes a crawling attempt for the mobile version of a page. + errorMessage: + description: Reason why the URI was not crawled. + type: string + GoogleCloudDiscoveryengineV1EngineSearchEngineConfig: + description: Configurations for a Search Engine. type: object properties: - userPrincipal: - description: >- - Required. Immutable. The user principal of the User, could be email - address or other prinical identifier. This field is immutable. Admin - assign licenses based on the user principal. - type: string - userProfile: - description: >- - Optional. The user profile. We user user full name(First name + Last - name) as user profile. - type: string - licenseAssignmentState: - description: >- - Output only. License assignment state of the user. If the user is - assigned with a license config, the user login will be assigned with - the license; If the user's license assignment state is unassigned or - unspecified, no license config will be associated to the user; - readOnly: true + requiredSubscriptionTier: type: string + enum: + - SUBSCRIPTION_TIER_UNSPECIFIED + - SUBSCRIPTION_TIER_SEARCH + - SUBSCRIPTION_TIER_SEARCH_AND_ASSISTANT + - SUBSCRIPTION_TIER_NOTEBOOK_LM + - SUBSCRIPTION_TIER_FRONTLINE_WORKER + - SUBSCRIPTION_TIER_AGENTSPACE_STARTER + - SUBSCRIPTION_TIER_AGENTSPACE_BUSINESS + - SUBSCRIPTION_TIER_ENTERPRISE + - SUBSCRIPTION_TIER_EDU + - SUBSCRIPTION_TIER_EDU_PRO + - SUBSCRIPTION_TIER_EDU_EMERGING + - SUBSCRIPTION_TIER_EDU_PRO_EMERGING + - SUBSCRIPTION_TIER_FRONTLINE_STARTER enumDescriptions: - Default value. - - License assigned to the user. - >- - No license assigned to the user. Deprecated, translated to - NO_LICENSE. - - No license assigned to the user. + Search tier. Search tier can access VAIS search features and + NotebookLM features. - >- - User attempted to login but no license assigned to the user. This - state is only used for no user first time login attempt but cannot - get license assigned. Users already logged in but cannot get - license assigned will be assigned NO_LICENSE state(License could - be unassigned by admin). - - User is blocked from assigning a license. - enum: - - LICENSE_ASSIGNMENT_STATE_UNSPECIFIED - - ASSIGNED - - UNASSIGNED - - NO_LICENSE - - NO_LICENSE_ATTEMPTED_LOGIN - - BLOCKED - licenseConfig: + Search + assistant tier. Search + assistant tier can access VAIS + search features, NotebookLM features and assistant features. + - >- + NotebookLM tier. NotebookLM is a subscription tier can only access + NotebookLM features. + - Frontline worker tier. + - Agentspace Starter tier. + - Agentspace Business tier. + - Enterprise tier. + - EDU tier. + - EDU Pro tier. + - EDU emerging market tier. + - EDU Pro emerging market tier. + - Frontline starter tier. + description: >- + Optional. The required subscription tier of this engine. They cannot + be modified after engine creation. If the required subscription tier + is search, user with higher license tier like assist can still + access the standalone app associated with this engine. + searchTier: description: >- - Optional. The full resource name of the Subscription(LicenseConfig) - assigned to the user. + The search feature tier of this engine. Different tiers might have + different pricing. To learn more, check the pricing documentation. + Defaults to SearchTier.SEARCH_TIER_STANDARD if not specified. + enumDescriptions: + - >- + Default value when the enum is unspecified. This is invalid to + use. + - Standard tier. + - Enterprise tier. + enum: + - SEARCH_TIER_UNSPECIFIED + - SEARCH_TIER_STANDARD + - SEARCH_TIER_ENTERPRISE type: string - createTime: - description: Output only. User created timestamp. - readOnly: true + searchAddOns: + items: + enum: + - SEARCH_ADD_ON_UNSPECIFIED + - SEARCH_ADD_ON_LLM + enumDescriptions: + - >- + Default value when the enum is unspecified. This is invalid to + use. + - Large language model add-on. + type: string + type: array + description: The add-on that this search engine enables. + id: GoogleCloudDiscoveryengineV1EngineSearchEngineConfig + GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsResponse: + properties: + errorSamples: + description: A sample of errors encountered while processing the request. + type: array + items: + $ref: '#/components/schemas/GoogleRpcStatus' + errorConfig: + description: The desired location of errors incurred during the Import. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ImportErrorConfig' + type: object + id: GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsResponse + description: >- + Response of the CompletionService.ImportCompletionSuggestions method. If + the long running operation is done, this message is returned by the + google.longrunning.Operations.response field if the operation is + successful. + GoogleCloudDiscoveryengineV1alphaWorkspaceConfig: + id: GoogleCloudDiscoveryengineV1alphaWorkspaceConfig + description: Config to store data store type configuration for workspace data + properties: + type: + description: The Google Workspace data source. + enum: + - TYPE_UNSPECIFIED + - GOOGLE_DRIVE + - GOOGLE_MAIL + - GOOGLE_SITES + - GOOGLE_CALENDAR + - GOOGLE_CHAT + - GOOGLE_GROUPS + - GOOGLE_KEEP + - GOOGLE_PEOPLE type: string - format: google-datetime - updateTime: - description: Output only. User update timestamp. - readOnly: true + enumDescriptions: + - Defaults to an unspecified Workspace type. + - Workspace Data Store contains Drive data + - Workspace Data Store contains Mail data + - Workspace Data Store contains Sites data + - Workspace Data Store contains Calendar data + - Workspace Data Store contains Chat data + - Workspace Data Store contains Groups data + - Workspace Data Store contains Keep data + - Workspace Data Store contains People data + superAdminEmailAddress: + description: >- + Optional. The super admin email address for the workspace that will + be used for access token generation. For now we only use it for + Native Google Drive connector data ingestion. + type: string + superAdminServiceAccount: type: string - format: google-datetime - lastLoginTime: description: >- - Output only. User last logged in time. If the user has not logged in - yet, this field will be empty. - readOnly: true + Optional. The super admin service account for the workspace that + will be used for access token generation. For now we only use it for + Native Google Drive connector data ingestion. + dasherCustomerId: type: string - format: google-datetime - GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesRequest: - id: GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesRequest - description: Request message for UserLicenseService.BatchUpdateUserLicenses method. + description: Obfuscated Dasher customer ID. type: object - properties: - inlineSource: - description: The inline source for the input content for document embeddings. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesRequestInlineSource - deleteUnassignedUserLicenses: - description: >- - Optional. If true, if user licenses removed associated license - config, the user license will be deleted. By default which is false, - the user license will be updated to unassigned state. - type: boolean - GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesRequestInlineSource: - id: GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesRequestInlineSource + GoogleCloudDiscoveryengineV1alphaSearchRequestDataStoreSpec: + id: GoogleCloudDiscoveryengineV1alphaSearchRequestDataStoreSpec description: >- - The inline source for the input config for BatchUpdateUserLicenses - method. + A struct to define data stores to filter on in a search call and + configurations for those data stores. Otherwise, an `INVALID_ARGUMENT` + error is returned. type: object properties: - userLicenses: + dataStore: description: >- - Required. A list of user licenses to update. Each user license must - have a valid UserLicense.user_principal. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserLicense' - updateMask: - description: Optional. The list of fields to update. + Required. Full resource name of DataStore, such as + `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}`. + The path must include the project number, project id is not + supported for this field. type: string - format: google-fieldmask - GoogleCloudDiscoveryengineLoggingErrorLog: - id: GoogleCloudDiscoveryengineLoggingErrorLog - description: An error log which is reported to the Error Reporting system. - type: object + customSearchOperators: + description: >- + Optional. Custom search operators which if specified will be used to + filter results from workspace data stores. For more information on + custom search operators, see + [SearchOperators](https://support.google.com/cloudsearch/answer/6172299). + type: string + filter: + type: string + description: >- + Optional. Filter specification to filter documents in the data store + specified by data_store field. For more information on filtering, + see + [Filtering](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) + boostSpec: + description: >- + Optional. Boost specification to boost certain documents. For more + information on boosting, see + [Boosting](https://cloud.google.com/generative-ai-app-builder/docs/boost-search-results) + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpec + GoogleCloudDiscoveryengineV1alphaDataConnectorFederatedConfig: + description: >- + Any params and credentials used specifically for hybrid connectors + supporting FEDERATED mode. + id: GoogleCloudDiscoveryengineV1alphaDataConnectorFederatedConfig properties: - serviceContext: - description: The service context in which this error has occurred. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineLoggingServiceContext' - context: - description: A description of the context in which the error occurred. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineLoggingErrorContext' - message: - description: A message describing the error. + jsonAuthParams: type: string - status: - description: The RPC status associated with the error log. - $ref: '#/components/schemas/GoogleRpcStatus' - requestPayload: description: >- - The API request payload, represented as a protocol buffer. Most API - request types are supported—for example: * - `type.googleapis.com/google.cloud.discoveryengine.v1alpha.DocumentService.CreateDocumentRequest` - * - `type.googleapis.com/google.cloud.discoveryengine.v1alpha.UserEventService.WriteUserEventRequest` - type: object + Optional. Any authentication parameters specific to FEDERATED + connectors in json string format. + additionalParams: + description: Optional. Any additional parameters needed for FEDERATED. additionalProperties: - type: any description: Properties of the object. - responsePayload: - description: >- - The API response payload, represented as a protocol buffer. This is - used to log some "soft errors", where the response is valid but we - consider there are some quality issues like unjoined events. The - following API responses are supported, and no PII is included: * - `google.cloud.discoveryengine.v1alpha.RecommendationService.Recommend` - * - `google.cloud.discoveryengine.v1alpha.UserEventService.WriteUserEvent` - * - `google.cloud.discoveryengine.v1alpha.UserEventService.CollectUserEvent` + type: any type: object + authParams: additionalProperties: - type: any description: Properties of the object. - importPayload: - description: The error payload that is populated on LRO import APIs. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineLoggingImportErrorContext - connectorRunPayload: - description: The error payload that is populated on LRO connector sync APIs. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineLoggingConnectorRunErrorContext - GoogleCloudDiscoveryengineLoggingServiceContext: - id: GoogleCloudDiscoveryengineLoggingServiceContext - description: Describes a running service that sends errors. + type: any + type: object + description: >- + Optional. Any authentication parameters specific to FEDERATED + connectors. type: object + GoogleCloudDiscoveryengineV1SearchResponseSummaryCitationSource: properties: - service: + referenceIndex: + format: int64 description: >- - An identifier of the service—for example, - `discoveryengine.googleapis.com`. + Document reference index from SummaryWithMetadata.references. It is + 0-indexed and the value will be zero if the reference_index is not + set explicitly. type: string - GoogleCloudDiscoveryengineLoggingErrorContext: - id: GoogleCloudDiscoveryengineLoggingErrorContext - description: A description of the context in which an error occurred. + description: Citation source. type: object + id: GoogleCloudDiscoveryengineV1SearchResponseSummaryCitationSource + GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseRecentSearchSuggestion: + description: Suggestions from recent search history. properties: - httpRequest: - description: The HTTP request which was processed when the error was triggered. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineLoggingHttpRequestContext - reportLocation: - description: >- - The location in the source code where the decision was made to - report the error, usually the place where it was logged. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineLoggingSourceLocation' - GoogleCloudDiscoveryengineLoggingHttpRequestContext: - id: GoogleCloudDiscoveryengineLoggingHttpRequestContext - description: HTTP request data that is related to a reported error. + suggestion: + type: string + description: The suggestion for the query. + score: + type: number + description: The score of each suggestion. The score is in the range of [0, 1]. + format: double + recentSearchTime: + format: google-datetime + description: The time when this recent rearch happened. + type: string type: object - properties: - responseStatusCode: - description: The HTTP response status code for the request. - type: integer - format: int32 - GoogleCloudDiscoveryengineLoggingSourceLocation: - id: GoogleCloudDiscoveryengineLoggingSourceLocation - description: >- - Indicates a location in the source code of the service for which errors - are reported. + id: >- + GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseRecentSearchSuggestion + GoogleCloudDiscoveryengineV1PurgeIdentityMappingsRequestInlineSource: type: object + id: GoogleCloudDiscoveryengineV1PurgeIdentityMappingsRequestInlineSource properties: - functionName: - description: >- - Human-readable name of a function or method—for example, - `google.cloud.discoveryengine.v1alpha.RecommendationService.Recommend`. + identityMappingEntries: + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1IdentityMappingEntry + description: A maximum of 10000 entries can be purged at one time + type: array + description: The inline source to purge identity mapping entries from. + GoogleCloudDiscoveryengineV1DataConnectorEndUserConfig: + id: GoogleCloudDiscoveryengineV1DataConnectorEndUserConfig + properties: + authParams: + description: Optional. Any authentication parameters specific to EUA connectors. + type: object + additionalProperties: + type: any + description: Properties of the object. + tenant: + description: Optional. The tenant project the connector is connected to. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Tenant' + additionalParams: + description: Optional. Any additional parameters needed for EUA. + additionalProperties: + description: Properties of the object. + type: any + type: object + jsonAuthParams: type: string - GoogleCloudDiscoveryengineLoggingImportErrorContext: - id: GoogleCloudDiscoveryengineLoggingImportErrorContext - description: >- - The error payload that is populated on LRO import APIs, including the - following: * - `google.cloud.discoveryengine.v1alpha.DocumentService.ImportDocuments` * - `google.cloud.discoveryengine.v1alpha.UserEventService.ImportUserEvents` + description: >- + Optional. Any authentication parameters specific to EUA connectors + in json string format. type: object + description: Any params and credentials used specifically for EUA connectors. + GoogleCloudDiscoveryengineV1alphaProject: properties: - operation: - description: The operation resource name of the LRO. - type: string - gcsPath: + serviceTermsMap: description: >- - Google Cloud Storage file path of the import source. Can be set for - batch operation error. + Output only. A map of terms of services. The key is the `id` of + ServiceTerms. + readOnly: true + type: object + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaProjectServiceTerms + name: type: string - lineNumber: description: >- - Line number of the content in file. Should be empty for permission - or batch operation error. - type: string - document: - description: The detailed content which caused the error on importing a document. + Output only. Full resource name of the project, for example + `projects/{project}`. Note that when making requests, project number + and project id are both acceptable, but the server will always + respond in project number. + readOnly: true + configurableBillingStatus: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaProjectConfigurableBillingStatus + description: >- + Output only. The current status of the project's configurable + billing. + readOnly: true + customerProvidedConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaProjectCustomerProvidedConfig + description: Optional. Customer provided configurations. + provisionCompletionTime: type: string - userEvent: + format: google-datetime description: >- - The detailed content which caused the error on importing a user - event. + Output only. The timestamp when this project is successfully + provisioned. Empty value means this project is still provisioning + and is not ready for use. + readOnly: true + createTime: type: string - GoogleCloudDiscoveryengineLoggingConnectorRunErrorContext: - id: GoogleCloudDiscoveryengineLoggingConnectorRunErrorContext - description: >- - The error payload that is populated on LRO sync APIs, including the - following: * - `google.cloud.discoveryengine.v1main.DataConnectorService.SetUpDataConnector` - * - `google.cloud.discoveryengine.v1main.DataConnectorService.StartConnectorRun` + description: Output only. The timestamp when this project is created. + format: google-datetime + readOnly: true + description: Metadata and configurations for a Google Cloud project in the service. + id: GoogleCloudDiscoveryengineV1alphaProject type: object + GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigEngineFeaturesConfig: properties: - operation: - description: The operation resource name of the LRO to sync the connector. - type: string - dataConnector: + recommendedForYouConfig: + description: Recommended for you engine feature config. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig + mostPopularConfig: + description: Most popular engine feature config. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigMostPopularFeatureConfig + description: More feature configs of the selected engine type. + type: object + id: >- + GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigEngineFeaturesConfig + GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigLayoutParsingConfig: + description: The layout parsing configurations for documents. + type: object + properties: + excludeHtmlIds: + items: + type: string + type: array + description: Optional. List of HTML ids to exclude from the parsed content. + structuredContentTypes: description: >- - The full resource name of the DataConnector. Format: - `projects/*/locations/*/collections/*/dataConnector`. - type: string - connectorRun: + Optional. Contains the required structure types to extract from the + document. Supported values: * `shareholder-structure` + items: + type: string + type: array + enableGetProcessedDocument: description: >- - The full resource name of the Connector Run. Format: - `projects/*/locations/*/collections/*/dataConnector/connectorRuns/*`. - The `connector_run_id` is system-generated. - type: string - entity: - description: The entity to sync for the connector run. - type: string - syncType: + Optional. If true, the processed document will be made available for + the GetProcessedDocument API. + type: boolean + enableLlmLayoutParsing: + description: Optional. If true, the pdf layout will be refined using an LLM. + type: boolean + enableTableAnnotation: description: >- - The type of sync run. Can be one of the following: * `FULL` * - `INCREMENTAL` - type: string - startTime: - description: The time when the connector run started. - type: string - format: google-datetime - endTime: - description: The time when the connector run ended. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1BatchCreateTargetSiteMetadata: - id: GoogleCloudDiscoveryengineV1BatchCreateTargetSiteMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.BatchCreateTargetSites operation. This will be - returned by the google.longrunning.Operation.metadata field. - type: object + Optional. If true, the LLM based annotation is added to the table + during parsing. + type: boolean + excludeHtmlElements: + description: Optional. List of HTML elements to exclude from the parsed content. + items: + type: string + type: array + enableImageAnnotation: + type: boolean + description: >- + Optional. If true, the LLM based annotation is added to the image + during parsing. + excludeHtmlClasses: + items: + type: string + description: Optional. List of HTML classes to exclude from the parsed content. + type: array + id: >- + GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigLayoutParsingConfig + GoogleCloudDiscoveryengineV1SearchResponseSearchResultRankSignalsCustomSignal: + description: Custom clearbox signal represented by name and value pair. properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + value: + format: float description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Optional. Float value representing the ranking signal (e.g. 1.25 for + BM25). + type: number + name: + description: Optional. Name of the signal. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1BatchCreateTargetSitesResponse: - id: GoogleCloudDiscoveryengineV1BatchCreateTargetSitesResponse - description: >- - Response message for SiteSearchEngineService.BatchCreateTargetSites - method. type: object - properties: - targetSites: - description: TargetSites created. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' - GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesMetadata: - id: GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesMetadata - description: >- - Metadata related to the progress of the - UserLicenseService.BatchUpdateUserLicenses operation. This will be - returned by the google.longrunning.Operation.metadata field. + id: >- + GoogleCloudDiscoveryengineV1SearchResponseSearchResultRankSignalsCustomSignal + GoogleCloudDiscoveryengineV1SearchResponseSessionInfo: type: object + description: Information about the session. + id: GoogleCloudDiscoveryengineV1SearchResponseSessionInfo properties: - createTime: - description: Operation create time. + name: type: string - format: google-datetime - updateTime: description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - successCount: - description: Count of user licenses successfully updated. - type: string - format: int64 - failureCount: - description: Count of user licenses that failed to be updated. + Name of the session. If the auto-session mode is used (when + SearchRequest.session ends with "-"), this field holds the newly + generated session name. + queryId: + description: >- + Query ID that corresponds to this search API call. One session can + have multiple turns, each with a unique query ID. By specifying the + session name and this query ID in the Answer API call, the answer + generation happens in the context of the search results from this + search call. type: string - format: int64 - GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesResponse: - id: GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesResponse - description: Response message for UserLicenseService.BatchUpdateUserLicenses method. - type: object + GoogleCloudDiscoveryengineV1betaImportIdentityMappingsResponse: + description: Response message for IdentityMappingStoreService.ImportIdentityMappings properties: - userLicenses: - description: UserLicenses successfully updated. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserLicense' errorSamples: description: A sample of errors encountered while processing the request. type: array items: $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1CreateDataStoreMetadata: - id: GoogleCloudDiscoveryengineV1CreateDataStoreMetadata - description: >- - Metadata related to the progress of the DataStoreService.CreateDataStore - operation. This will be returned by the - google.longrunning.Operation.metadata field. type: object + id: GoogleCloudDiscoveryengineV1betaImportIdentityMappingsResponse + GoogleCloudDiscoveryengineV1Conversation: + id: GoogleCloudDiscoveryengineV1Conversation + description: External conversation proto definition. properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + name: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Immutable. Fully qualified name + `projects/{project}/locations/global/collections/{collection}/dataStore/*/conversations/*` + or + `projects/{project}/locations/global/collections/{collection}/engines/*/conversations/*`. + type: string + messages: + type: array + description: Conversation messages. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ConversationMessage + userPseudoId: + type: string + description: A unique identifier for tracking users. + startTime: + readOnly: true type: string format: google-datetime - GoogleCloudDiscoveryengineV1CreateEngineMetadata: - id: GoogleCloudDiscoveryengineV1CreateEngineMetadata - description: >- - Metadata related to the progress of the EngineService.CreateEngine - operation. This will be returned by the - google.longrunning.Operation.metadata field. + description: Output only. The time the conversation started. + endTime: + readOnly: true + format: google-datetime + type: string + description: Output only. The time the conversation finished. + state: + enum: + - STATE_UNSPECIFIED + - IN_PROGRESS + - COMPLETED + enumDescriptions: + - Unknown. + - Conversation is currently open. + - Conversation has been completed. + type: string + description: The state of the Conversation. + type: object + GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataReference: + id: >- + GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataReference + description: Referenced content and related document metadata. type: object properties: - createTime: - description: Operation create time. + documentMetadata: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadataReferenceDocumentMetadata + description: Document metadata. + content: + description: Referenced text content. type: string - format: google-datetime - updateTime: + GoogleCloudDiscoveryengineV1alphaCustomFineTuningSpec: + id: GoogleCloudDiscoveryengineV1alphaCustomFineTuningSpec + description: Defines custom fine tuning spec. + type: object + properties: + enableSearchAdaptor: + type: boolean description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1CreateSchemaMetadata: - id: GoogleCloudDiscoveryengineV1CreateSchemaMetadata - description: Metadata for Create Schema LRO. + Whether or not to enable and include custom fine tuned search + adaptor model. + GoogleCloudDiscoveryengineV1ChunkStructuredContent: + description: The structured content information. type: object + id: GoogleCloudDiscoveryengineV1ChunkStructuredContent properties: - createTime: - description: Operation create time. + structureType: + enum: + - STRUCTURE_TYPE_UNSPECIFIED + - SHAREHOLDER_STRUCTURE + - SIGNATURE_STRUCTURE + - CHECKBOX_STRUCTURE + enumDescriptions: + - Default value. + - Shareholder structure. + - Signature structure. + - Checkbox structure. + readOnly: true + description: Output only. The structure type of the structured content. type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. + content: type: string - format: google-datetime - GoogleCloudDiscoveryengineV1CreateSitemapMetadata: - id: GoogleCloudDiscoveryengineV1CreateSitemapMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.CreateSitemap operation. This will be returned - by the google.longrunning.Operation.metadata field. + description: Output only. The content of the structured content. + readOnly: true + GoogleCloudDiscoveryengineV1alphaAlertPolicyResourceConfig: type: object + description: >- + The resource level alert config. Used in: * UserLicense * EngineUserData + The AlertPolicyConfig in data connector is of same usage. No easy way to + migrate. properties: - createTime: - description: Operation create time. + languageCode: + description: Optional. The language code used for notifications type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. + alertEnrollments: + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAlertPolicyResourceConfigAlertEnrollment + type: array + description: Optional. The enrollment state of each alert. + contactDetails: + description: Optional. The contact details for each alert policy. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaContactDetails + alertPolicy: type: string - format: google-datetime - GoogleCloudDiscoveryengineV1CreateTargetSiteMetadata: - id: GoogleCloudDiscoveryengineV1CreateTargetSiteMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.CreateTargetSite operation. This will be - returned by the google.longrunning.Operation.metadata field. + description: Immutable. The fully qualified resource name of the AlertPolicy. + id: GoogleCloudDiscoveryengineV1alphaAlertPolicyResourceConfig + GoogleCloudDiscoveryengineV1alphaImportErrorConfig: + description: Configuration of destination for Import related errors. type: object + id: GoogleCloudDiscoveryengineV1alphaImportErrorConfig properties: - createTime: - description: Operation create time. + gcsPrefix: type: string - format: google-datetime - updateTime: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Cloud Storage prefix for import errors. This must be an empty, + existing Cloud Storage directory. Import errors are written to + sharded files in this directory, one per line, as a JSON-encoded + `google.rpc.Status` message. + GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResultChunkInfo: + description: Chunk information. + id: >- + GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResultChunkInfo + properties: + relevanceScore: + format: float + type: number + description: >- + The relevance of the chunk for a given query. Values range from 0.0 + (completely irrelevant) to 1.0 (completely relevant). This value is + for informational purpose only. It may change for the same query and + chunk at any time due to a model retraining or change in + implementation. + content: + description: Chunk textual content. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1DeleteCmekConfigMetadata: - id: GoogleCloudDiscoveryengineV1DeleteCmekConfigMetadata - description: >- - Metadata related to the progress of the - CmekConfigService.DeleteCmekConfig operation. This will be returned by - the google.longrunning.Operation.metadata field. + chunk: + type: string + description: Chunk resource name. + type: object + GoogleMonitoringV3TypedValue: + description: A single strongly-typed value. + id: GoogleMonitoringV3TypedValue type: object properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + boolValue: + description: 'A Boolean value: `true` or `false`.' + type: boolean + doubleValue: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + A 64-bit double-precision floating-point number. Its magnitude is + approximately ±10±300 and it has 16 significant digits of precision. + format: double + type: number + int64Value: + format: int64 + description: A 64-bit integer. Its range is approximately ±9.2x1018. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1DeleteDataStoreMetadata: - id: GoogleCloudDiscoveryengineV1DeleteDataStoreMetadata - description: >- - Metadata related to the progress of the DataStoreService.DeleteDataStore - operation. This will be returned by the - google.longrunning.Operation.metadata field. + distributionValue: + $ref: '#/components/schemas/GoogleApiDistribution' + description: A distribution value. + stringValue: + type: string + description: A variable-length string value. + GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecImageGenerationSpec: + properties: {} + description: Specification of the image generation tool. + id: >- + GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecImageGenerationSpec type: object + GoogleCloudDiscoveryengineV1alphaObtainCrawlRateResponse: + id: GoogleCloudDiscoveryengineV1alphaObtainCrawlRateResponse properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + organicCrawlRateTimeSeries: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + The historical organic crawl rate timeseries data, used for + monitoring. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaOrganicCrawlRateTimeSeries + error: + description: Errors from service when handling the request. + $ref: '#/components/schemas/GoogleRpcStatus' + state: + enumDescriptions: + - The state is unspecified. + - The state is successful. + - The state is failed. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1DeleteEngineMetadata: - id: GoogleCloudDiscoveryengineV1DeleteEngineMetadata + enum: + - STATE_UNSPECIFIED + - SUCCEEDED + - FAILED + description: Output only. The state of the response. + readOnly: true + dedicatedCrawlRateTimeSeries: + description: >- + The historical dedicated crawl rate timeseries data, used for + monitoring. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDedicatedCrawlRateTimeSeries description: >- - Metadata related to the progress of the EngineService.DeleteEngine - operation. This will be returned by the - google.longrunning.Operation.metadata field. + Response message for CrawlRateManagementService.ObtainCrawlRate method. + The response contains organcic or dedicated crawl rate time series data + for monitoring, depending on whether dedicated crawl rate is set. type: object + GoogleApiHttpBody: properties: - createTime: - description: Operation create time. + data: type: string - format: google-datetime - updateTime: + description: The HTTP request/response body as raw binary. + format: byte + extensions: + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Application specific response metadata. Must be set in the first + response for streaming APIs. + type: array + contentType: type: string - format: google-datetime - GoogleCloudDiscoveryengineV1DeleteIdentityMappingStoreMetadata: - id: GoogleCloudDiscoveryengineV1DeleteIdentityMappingStoreMetadata + description: >- + The HTTP Content-Type header value specifying the content type of + the body. + id: GoogleApiHttpBody description: >- - Metadata related to the progress of the - IdentityMappingStoreService.DeleteIdentityMappingStore operation. This - will be returned by the google.longrunning.Operation.metadata field. + Message that represents an arbitrary HTTP body. It should only be used + for payload formats that can't be represented as JSON, such as raw + binary or an HTML page. This message can be used both in streaming and + non-streaming API methods in the request as well as the response. It can + be used as a top-level request field, which is convenient if one wants + to extract parameters from either the URL or HTTP template into the + request fields and also want access to the raw HTTP body. Example: + message GetResourceRequest { // A unique request id. string request_id = + 1; // The raw HTTP body is bound to this field. google.api.HttpBody + http_body = 2; } service ResourceService { rpc + GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc + UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } + Example with streaming methods: service CaldavService { rpc + GetCalendar(stream google.api.HttpBody) returns (stream + google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) + returns (stream google.api.HttpBody); } Use of this type only changes + how the request and response bodies are handled, all other features will + continue to work unchanged. + type: object + GoogleCloudDiscoveryengineV1alphaCreateSchemaMetadata: type: object properties: - createTime: - description: Operation create time. - type: string - format: google-datetime updateTime: + type: string description: >- Operation last update time. If the operation is done, this is also the finish time. - type: string format: google-datetime - GoogleCloudDiscoveryengineV1DeleteSchemaMetadata: - id: GoogleCloudDiscoveryengineV1DeleteSchemaMetadata - description: Metadata for DeleteSchema LRO. - type: object - properties: createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. type: string format: google-datetime - GoogleCloudDiscoveryengineV1DeleteSitemapMetadata: - id: GoogleCloudDiscoveryengineV1DeleteSitemapMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.DeleteSitemap operation. This will be returned - by the google.longrunning.Operation.metadata field. + description: Operation create time. + description: Metadata for Create Schema LRO. + id: GoogleCloudDiscoveryengineV1alphaCreateSchemaMetadata + GoogleCloudDiscoveryengineV1betaTargetSiteFailureReason: + description: Site search indexing failure reasons. + id: GoogleCloudDiscoveryengineV1betaTargetSiteFailureReason type: object properties: - createTime: - description: Operation create time. - type: string - format: google-datetime + quotaFailure: + description: Failed due to insufficient quota. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaTargetSiteFailureReasonQuotaFailure + GoogleCloudDiscoveryengineV1betaUserLicense: + description: User License information assigned by the admin. + properties: updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string format: google-datetime - GoogleCloudDiscoveryengineV1DeleteTargetSiteMetadata: - id: GoogleCloudDiscoveryengineV1DeleteTargetSiteMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.DeleteTargetSite operation. This will be - returned by the google.longrunning.Operation.metadata field. - type: object - properties: - createTime: - description: Operation create time. type: string + description: Output only. User update timestamp. + readOnly: true + userPrincipal: + type: string + description: >- + Required. Immutable. The user principal of the User, could be email + address or other prinical identifier. This field is immutable. Admin + assign licenses based on the user principal. + lastLoginTime: format: google-datetime - updateTime: + type: string + readOnly: true description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Output only. User last logged in time. If the user has not logged in + yet, this field will be empty. + userProfile: + description: >- + Optional. The user profile. We user user full name(First name + Last + name) as user profile. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1DisableAdvancedSiteSearchMetadata: - id: GoogleCloudDiscoveryengineV1DisableAdvancedSiteSearchMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.DisableAdvancedSiteSearch operation. This will - be returned by the google.longrunning.Operation.metadata field. - type: object - properties: + licenseAssignmentState: + readOnly: true + description: >- + Output only. License assignment state of the user. If the user is + assigned with a license config, the user login will be assigned with + the license; If the user's license assignment state is unassigned or + unspecified, no license config will be associated to the user; + type: string + enumDescriptions: + - Default value. + - License assigned to the user. + - >- + No license assigned to the user. Deprecated, translated to + NO_LICENSE. + - No license assigned to the user. + - >- + User attempted to login but no license assigned to the user. This + state is only used for no user first time login attempt but cannot + get license assigned. Users already logged in but cannot get + license assigned will be assigned NO_LICENSE state(License could + be unassigned by admin). + - User is blocked from assigning a license. + enum: + - LICENSE_ASSIGNMENT_STATE_UNSPECIFIED + - ASSIGNED + - UNASSIGNED + - NO_LICENSE + - NO_LICENSE_ATTEMPTED_LOGIN + - BLOCKED createTime: - description: Operation create time. type: string format: google-datetime - updateTime: + description: Output only. User created timestamp. + readOnly: true + licenseConfig: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Optional. The full resource name of the Subscription(LicenseConfig) + assigned to the user. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1DisableAdvancedSiteSearchResponse: - id: GoogleCloudDiscoveryengineV1DisableAdvancedSiteSearchResponse - description: >- - Response message for SiteSearchEngineService.DisableAdvancedSiteSearch - method. type: object - properties: {} - GoogleCloudDiscoveryengineV1EnableAdvancedSiteSearchMetadata: - id: GoogleCloudDiscoveryengineV1EnableAdvancedSiteSearchMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.EnableAdvancedSiteSearch operation. This will be - returned by the google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1betaUserLicense + GoogleCloudDiscoveryengineV1alphaQualityMetricsTopkMetrics: + id: GoogleCloudDiscoveryengineV1alphaQualityMetricsTopkMetrics + description: Stores the metric values at specific top-k levels. type: object properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + top3: + type: number + format: double + description: The top-3 value. + top1: + description: The top-1 value. + format: double + type: number + top10: + type: number + format: double + description: The top-10 value. + top5: + type: number + description: The top-5 value. + format: double + GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpecModelSpec: + properties: + modelVersion: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Model version. If not set, it will use the default stable model. + Allowed values are: stable, preview. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1EnableAdvancedSiteSearchResponse: - id: GoogleCloudDiscoveryengineV1EnableAdvancedSiteSearchResponse - description: >- - Response message for SiteSearchEngineService.EnableAdvancedSiteSearch - method. + id: >- + GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpecModelSpec + description: Answer Generation Model specification. type: object - properties: {} - GoogleCloudDiscoveryengineV1IdentityMappingEntryOperationMetadata: - id: GoogleCloudDiscoveryengineV1IdentityMappingEntryOperationMetadata - description: >- - IdentityMappingEntry LongRunningOperation metadata for - IdentityMappingStoreService.ImportIdentityMappings and - IdentityMappingStoreService.PurgeIdentityMappings + GoogleCloudDiscoveryengineV1alphaAnswerReferenceUnstructuredDocumentInfoChunkContent: type: object + id: >- + GoogleCloudDiscoveryengineV1alphaAnswerReferenceUnstructuredDocumentInfoChunkContent properties: - successCount: - description: >- - The number of IdentityMappingEntries that were successfully - processed. + content: type: string - format: int64 - failureCount: - description: The number of IdentityMappingEntries that failed to be processed. + description: Chunk textual content. + pageIdentifier: + description: Page identifier. type: string - format: int64 - totalCount: - description: The total number of IdentityMappingEntries that were processed. + relevanceScore: + description: >- + The relevance of the chunk for a given query. Values range from 0.0 + (completely irrelevant) to 1.0 (completely relevant). This value is + for informational purpose only. It may change for the same query and + chunk at any time due to a model retraining or change in + implementation. + format: float + type: number + blobAttachmentIndexes: + readOnly: true + items: + format: int64 + type: string + description: Output only. Stores indexes of blobattachments linked to this chunk. + type: array + description: Chunk content. + GoogleCloudDiscoveryengineV1betaIdpConfig: + description: Identity Provider Config. + id: GoogleCloudDiscoveryengineV1betaIdpConfig + properties: + idpType: + description: Identity provider type configured. type: string - format: int64 - GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsMetadata: - id: GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsMetadata - description: >- - Metadata related to the progress of the ImportCompletionSuggestions - operation. This will be returned by the - google.longrunning.Operation.metadata field. + enum: + - IDP_TYPE_UNSPECIFIED + - GSUITE + - THIRD_PARTY + enumDescriptions: + - Default value. ACL search not enabled. + - Google 1P provider. + - Third party provider. + externalIdpConfig: + description: External Identity provider config. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaIdpConfigExternalIdpConfig type: object + GoogleCloudDiscoveryengineV1alphaAssistantContentExecutableCode: properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. + code: + description: Required. The code content. Currently only supports Python. type: string + description: Code generated by the model that is meant to be executed by the model. + id: GoogleCloudDiscoveryengineV1alphaAssistantContentExecutableCode + type: object + GoogleCloudDiscoveryengineV1SiteVerificationInfo: + properties: + verifyTime: + description: Latest site verification time. format: google-datetime - successCount: - description: Count of CompletionSuggestions successfully imported. type: string - format: int64 - failureCount: - description: Count of CompletionSuggestions that failed to be imported. + siteVerificationState: + enum: + - SITE_VERIFICATION_STATE_UNSPECIFIED + - VERIFIED + - UNVERIFIED + - EXEMPTED + description: Site verification state indicating the ownership and validity. + enumDescriptions: + - Defaults to VERIFIED. + - Site ownership verified. + - Site ownership pending verification or verification failed. + - >- + Site exempt from verification, e.g., a public website that opens + to all. type: string - format: int64 - GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsResponse: - id: GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsResponse - description: >- - Response of the CompletionService.ImportCompletionSuggestions method. If - the long running operation is done, this message is returned by the - google.longrunning.Operations.response field if the operation is - successful. type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorConfig: - description: The desired location of errors incurred during the Import. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ImportErrorConfig' - GoogleCloudDiscoveryengineV1ImportDocumentsMetadata: - id: GoogleCloudDiscoveryengineV1ImportDocumentsMetadata - description: >- - Metadata related to the progress of the ImportDocuments operation. This - is returned by the google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1SiteVerificationInfo + description: Verification information for target sites in advanced site search. + GoogleCloudDiscoveryengineV1alphaSetDedicatedCrawlRateResponse: type: object + id: GoogleCloudDiscoveryengineV1alphaSetDedicatedCrawlRateResponse + description: >- + Response message for CrawlRateManagementService.SetDedicatedCrawlRate + method. It simply returns the state of the response, and an error + message if the state is FAILED. properties: - createTime: - description: Operation create time. + state: + enumDescriptions: + - The state is unspecified. + - The state is successful. + - The state is failed. + description: Output only. The state of the response. type: string - format: google-datetime - updateTime: + enum: + - STATE_UNSPECIFIED + - SUCCEEDED + - FAILED + readOnly: true + error: + $ref: '#/components/schemas/GoogleRpcStatus' + description: Errors from service when handling the request. + GoogleCloudDiscoveryengineV1ControlFilterAction: + description: >- + Specified which products may be included in results. Uses same filter as + boost. + id: GoogleCloudDiscoveryengineV1ControlFilterAction + properties: + dataStore: description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - successCount: - description: Count of entries that were processed successfully. - type: string - format: int64 - failureCount: - description: Count of entries that encountered errors while processing. + Required. Specifies which data store's documents can be filtered by + this control. Full data store name e.g. + projects/123/locations/global/collections/default_collection/dataStores/default_data_store type: string - format: int64 - totalCount: - description: Total count of entries that were processed. + filter: + description: >- + Required. A filter to apply on the matching condition results. + Required Syntax documentation: + https://cloud.google.com/retail/docs/filter-and-order Maximum length + is 5000 characters. Otherwise an INVALID ARGUMENT error is thrown. type: string - format: int64 - GoogleCloudDiscoveryengineV1ImportDocumentsResponse: - id: GoogleCloudDiscoveryengineV1ImportDocumentsResponse + type: object + GoogleCloudDiscoveryengineV1ImportUserEventsResponse: + type: object description: >- - Response of the ImportDocumentsRequest. If the long running operation is - done, then this message is returned by the + Response of the ImportUserEventsRequest. If the long running operation + was successful, then this message is returned by the google.longrunning.Operations.response field if the operation was successful. - type: object properties: errorSamples: - description: A sample of errors encountered while processing the request. type: array items: $ref: '#/components/schemas/GoogleRpcStatus' - errorConfig: + description: A sample of errors encountered while processing the request. + joinedEventsCount: + type: string + format: int64 + description: Count of user events imported with complete existing Documents. + unjoinedEventsCount: + type: string + format: int64 description: >- - Echoes the destination for the complete errors in the request if - set. + Count of user events imported, but with Document information not + found in the existing Branch. + errorConfig: $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ImportErrorConfig' - GoogleCloudDiscoveryengineV1ImportIdentityMappingsResponse: - id: GoogleCloudDiscoveryengineV1ImportIdentityMappingsResponse - description: Response message for IdentityMappingStoreService.ImportIdentityMappings - type: object + description: >- + Echoes the destination for the complete errors if this field was set + in the request. + id: GoogleCloudDiscoveryengineV1ImportUserEventsResponse + GoogleCloudDiscoveryengineV1DataConnectorRealtimeSyncConfigStreamingError: + id: >- + GoogleCloudDiscoveryengineV1DataConnectorRealtimeSyncConfigStreamingError + description: Streaming error details. properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesMetadata: - id: GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesMetadata + error: + description: Optional. Error details. + $ref: '#/components/schemas/GoogleRpcStatus' + streamingErrorReason: + enumDescriptions: + - Streaming error reason unspecified. + - Some error occurred while setting up resources for realtime sync. + - >- + Some error was encountered while running realtime sync for the + connector. + - >- + Ingress endpoint is required when setting up realtime sync in + private connectivity. + type: string + description: Optional. Streaming error. + enum: + - STREAMING_ERROR_REASON_UNSPECIFIED + - STREAMING_SETUP_ERROR + - STREAMING_SYNC_ERROR + - INGRESS_ENDPOINT_REQUIRED + type: object + GoogleCloudDiscoveryengineV1alphaDeleteIdentityMappingStoreMetadata: description: >- - Metadata related to the progress of the ImportSuggestionDenyListEntries - operation. This is returned by the google.longrunning.Operation.metadata - field. + Metadata related to the progress of the + IdentityMappingStoreService.DeleteIdentityMappingStore operation. This + will be returned by the google.longrunning.Operation.metadata field. type: object properties: createTime: @@ -9876,1177 +11016,687 @@ components: type: string format: google-datetime updateTime: + format: google-datetime + type: string description: >- Operation last update time. If the operation is done, this is also the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesResponse: - id: GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesResponse + id: GoogleCloudDiscoveryengineV1alphaDeleteIdentityMappingStoreMetadata + GoogleCloudDiscoveryengineV1alphaBatchCreateTargetSitesResponse: + id: GoogleCloudDiscoveryengineV1alphaBatchCreateTargetSitesResponse + type: object + properties: + targetSites: + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaTargetSite' + type: array + description: TargetSites created. description: >- - Response message for CompletionService.ImportSuggestionDenyListEntries + Response message for SiteSearchEngineService.BatchCreateTargetSites method. + GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigEngineFeaturesConfig: type: object + description: More feature configs of the selected engine type. properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - importedEntriesCount: - description: Count of deny list entries successfully imported. - type: string - format: int64 - failedEntriesCount: - description: Count of deny list entries that failed to be imported. - type: string - format: int64 - GoogleCloudDiscoveryengineV1ImportUserEventsMetadata: - id: GoogleCloudDiscoveryengineV1ImportUserEventsMetadata + recommendedForYouConfig: + description: Recommended for you engine feature config. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig + mostPopularConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigMostPopularFeatureConfig + description: Most popular engine feature config. + id: >- + GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigEngineFeaturesConfig + GoogleCloudDiscoveryengineV1alphaBatchUpdateUserLicensesMetadata: description: >- - Metadata related to the progress of the Import operation. This is + Metadata related to the progress of the + UserLicenseService.BatchUpdateUserLicenses operation. This will be returned by the google.longrunning.Operation.metadata field. type: object properties: - createTime: - description: Operation create time. - type: string - format: google-datetime updateTime: + format: google-datetime description: >- Operation last update time. If the operation is done, this is also the finish time. type: string - format: google-datetime - successCount: - description: Count of entries that were processed successfully. - type: string - format: int64 failureCount: - description: Count of entries that encountered errors while processing. - type: string - format: int64 - GoogleCloudDiscoveryengineV1ImportUserEventsResponse: - id: GoogleCloudDiscoveryengineV1ImportUserEventsResponse - description: >- - Response of the ImportUserEventsRequest. If the long running operation - was successful, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. - type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorConfig: - description: >- - Echoes the destination for the complete errors if this field was set - in the request. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ImportErrorConfig' - joinedEventsCount: - description: Count of user events imported with complete existing Documents. - type: string format: int64 - unjoinedEventsCount: - description: >- - Count of user events imported, but with Document information not - found in the existing Branch. type: string + description: Count of user licenses that failed to be updated. + successCount: format: int64 - GoogleCloudDiscoveryengineV1Project: - id: GoogleCloudDiscoveryengineV1Project - description: Metadata and configurations for a Google Cloud project in the service. - type: object - properties: - name: - description: >- - Output only. Full resource name of the project, for example - `projects/{project}`. Note that when making requests, project number - and project id are both acceptable, but the server will always - respond in project number. - readOnly: true + description: Count of user licenses successfully updated. type: string createTime: - description: Output only. The timestamp when this project is created. - readOnly: true + description: Operation create time. type: string format: google-datetime - provisionCompletionTime: - description: >- - Output only. The timestamp when this project is successfully - provisioned. Empty value means this project is still provisioning - and is not ready for use. - readOnly: true + id: GoogleCloudDiscoveryengineV1alphaBatchUpdateUserLicensesMetadata + GoogleCloudDiscoveryengineV1alphaPurgeDocumentsResponse: + id: GoogleCloudDiscoveryengineV1alphaPurgeDocumentsResponse + properties: + purgeCount: + description: The total count of documents purged as a result of the operation. + format: int64 type: string - format: google-datetime - serviceTermsMap: - description: >- - Output only. A map of terms of services. The key is the `id` of - ServiceTerms. - readOnly: true - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ProjectServiceTerms - GoogleCloudDiscoveryengineV1ProjectServiceTerms: - id: GoogleCloudDiscoveryengineV1ProjectServiceTerms - description: Metadata about the terms of service. - type: object - properties: - id: - description: >- - The unique identifier of this terms of service. Available terms: * - `GA_DATA_USE_TERMS`: [Terms for data - use](https://cloud.google.com/retail/data-use-terms). When using - this as `id`, the acceptable version to provide is `2022-11-23`. - type: string - version: - description: >- - The version string of the terms of service. For acceptable values, - see the comments for id above. - type: string - state: - description: >- - Whether the project has accepted/rejected the service terms or it is - still pending. - type: string - enumDescriptions: - - The default value of the enum. This value is not actually used. - - The project has given consent to the terms of service. - - The project is pending to review and accept the terms of service. - - >- - The project has declined or revoked the agreement to terms of - service. - enum: - - STATE_UNSPECIFIED - - TERMS_ACCEPTED - - TERMS_PENDING - - TERMS_DECLINED - acceptTime: - description: The last time when the project agreed to the terms of service. - type: string - format: google-datetime - declineTime: - description: >- - The last time when the project declined or revoked the agreement to - terms of service. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1ProvisionProjectMetadata: - id: GoogleCloudDiscoveryengineV1ProvisionProjectMetadata - description: Metadata associated with a project provision operation. - type: object - properties: {} - GoogleCloudDiscoveryengineV1PurgeCompletionSuggestionsMetadata: - id: GoogleCloudDiscoveryengineV1PurgeCompletionSuggestionsMetadata - description: >- - Metadata related to the progress of the PurgeCompletionSuggestions - operation. This is returned by the google.longrunning.Operation.metadata - field. - type: object - properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1PurgeCompletionSuggestionsResponse: - id: GoogleCloudDiscoveryengineV1PurgeCompletionSuggestionsResponse - description: >- - Response message for CompletionService.PurgeCompletionSuggestions - method. - type: object - properties: - purgeSucceeded: - description: Whether the completion suggestions were successfully purged. - type: boolean - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1PurgeDocumentsMetadata: - id: GoogleCloudDiscoveryengineV1PurgeDocumentsMetadata - description: >- - Metadata related to the progress of the PurgeDocuments operation. This - will be returned by the google.longrunning.Operation.metadata field. - type: object - properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - successCount: - description: Count of entries that were deleted successfully. - type: string - format: int64 - failureCount: - description: Count of entries that encountered errors while processing. - type: string - format: int64 - ignoredCount: - description: Count of entries that were ignored as entries were not found. - type: string - format: int64 - GoogleCloudDiscoveryengineV1PurgeDocumentsResponse: - id: GoogleCloudDiscoveryengineV1PurgeDocumentsResponse - description: >- - Response message for DocumentService.PurgeDocuments method. If the long - running operation is successfully done, then this message is returned by - the google.longrunning.Operations.response field. - type: object - properties: - purgeCount: - description: The total count of documents purged as a result of the operation. - type: string - format: int64 purgeSample: description: >- A sample of document names that will be deleted. Only populated if `force` is set to false. A max of 100 names will be returned and the names are chosen at random. - type: array items: type: string - GoogleCloudDiscoveryengineV1PurgeSuggestionDenyListEntriesMetadata: - id: GoogleCloudDiscoveryengineV1PurgeSuggestionDenyListEntriesMetadata + type: array + type: object description: >- - Metadata related to the progress of the PurgeSuggestionDenyListEntries - operation. This is returned by the google.longrunning.Operation.metadata - field. + Response message for DocumentService.PurgeDocuments method. If the long + running operation is successfully done, then this message is returned by + the google.longrunning.Operations.response field. + GoogleCloudDiscoveryengineV1SearchRequestSpellCorrectionSpec: type: object + description: The specification for query spell correction. + id: GoogleCloudDiscoveryengineV1SearchRequestSpellCorrectionSpec properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + mode: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + The mode under which spell correction replaces the original search + query. Defaults to Mode.AUTO. + enum: + - MODE_UNSPECIFIED + - SUGGESTION_ONLY + - AUTO + enumDescriptions: + - >- + Unspecified spell correction mode. In this case, server behavior + defaults to Mode.AUTO. + - >- + Search API tries to find a spelling suggestion. If a suggestion is + found, it is put in the SearchResponse.corrected_query. The + spelling suggestion won't be used as the search query. + - >- + Automatic spell correction built by the Search API. Search will be + based on the corrected query if found. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1PurgeSuggestionDenyListEntriesResponse: - id: GoogleCloudDiscoveryengineV1PurgeSuggestionDenyListEntriesResponse - description: >- - Response message for CompletionService.PurgeSuggestionDenyListEntries - method. + GoogleCloudDiscoveryengineV1alphaSitemap: type: object + description: A sitemap for the SiteSearchEngine. + id: GoogleCloudDiscoveryengineV1alphaSitemap properties: - purgeCount: - description: Number of suggestion deny list entries purged. + uri: + description: Public URI for the sitemap, e.g. `www.example.com/sitemap.xml`. type: string - format: int64 - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1TrainCustomModelMetadata: - id: GoogleCloudDiscoveryengineV1TrainCustomModelMetadata - description: >- - Metadata related to the progress of the TrainCustomModel operation. This - is returned by the google.longrunning.Operation.metadata field. - type: object - properties: - createTime: - description: Operation create time. + name: + readOnly: true type: string - format: google-datetime - updateTime: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Output only. The fully qualified resource name of the sitemap. + `projects/*/locations/*/collections/*/dataStores/*/siteSearchEngine/sitemaps/*` + The `sitemap_id` suffix is system-generated. + createTime: + description: Output only. The sitemap's creation time. type: string + readOnly: true format: google-datetime - GoogleCloudDiscoveryengineV1TrainCustomModelResponse: - id: GoogleCloudDiscoveryengineV1TrainCustomModelResponse - description: >- - Response of the TrainCustomModelRequest. This message is returned by the - google.longrunning.Operations.response field. + GoogleCloudDiscoveryengineV1ControlPromoteAction: type: object properties: - errorSamples: - description: A sample of errors encountered while processing the data. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorConfig: - description: >- - Echoes the destination for the complete errors in the request if - set. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ImportErrorConfig' - modelStatus: - description: >- - The trained model status. Possible values are: * **bad-data**: The - training data quality is bad. * **no-improvement**: Tuning didn't - improve performance. Won't deploy. * **in-progress**: Model training - job creation is in progress. * **training**: Model is actively - training. * **evaluating**: The model is evaluating trained metrics. - * **indexing**: The model trained metrics are indexing. * **ready**: - The model is ready for serving. - type: string - metrics: - description: The metrics of the trained model. - type: object - additionalProperties: - type: number - format: double - modelName: - description: Fully qualified name of the CustomTuningModel. + dataStore: type: string - GoogleCloudDiscoveryengineV1UpdateCmekConfigMetadata: - id: GoogleCloudDiscoveryengineV1UpdateCmekConfigMetadata + description: Required. Data store with which this promotion is attached to. + searchLinkPromotion: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SearchLinkPromotion' + description: Required. Promotion attached to this action. description: >- - Metadata related to the progress of the - CmekConfigService.UpdateCmekConfig operation. This will be returned by - the google.longrunning.Operation.metadata field. + Promote certain links based on some trigger queries. Example: Promote + shoe store link when searching for `shoe` keyword. The link can be + outside of associated data store. + id: GoogleCloudDiscoveryengineV1ControlPromoteAction + GoogleCloudDiscoveryengineV1ListConversationsResponse: type: object properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. + conversations: + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + type: array + description: All the Conversations for a given data store. + nextPageToken: type: string - format: google-datetime - GoogleCloudDiscoveryengineV1UpdateSchemaMetadata: - id: GoogleCloudDiscoveryengineV1UpdateSchemaMetadata - description: Metadata for UpdateSchema LRO. + description: Pagination token, if not returned indicates the last page. + id: GoogleCloudDiscoveryengineV1ListConversationsResponse + description: Response for ListConversations method. + GoogleCloudDiscoveryengineV1alphaCreateEvaluationMetadata: + id: GoogleCloudDiscoveryengineV1alphaCreateEvaluationMetadata + properties: {} + description: Metadata for EvaluationService.CreateEvaluation method. type: object + GoogleCloudDiscoveryengineV1betaSearchRequestSessionSpec: + id: GoogleCloudDiscoveryengineV1betaSearchRequestSessionSpec properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + queryId: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + If set, the search result gets stored to the "turn" specified by + this query ID. Example: Let's say the session looks like this: + session { name: ".../sessions/xxx" turns { query { text: "What is + foo?" query_id: ".../questions/yyy" } answer: "Foo is ..." } turns { + query { text: "How about bar then?" query_id: ".../questions/zzz" } + } } The user can call /search API with a request like this: session: + ".../sessions/xxx" session_spec { query_id: ".../questions/zzz" } + Then, the API stores the search result, associated with the last + turn. The stored search result can be used by a subsequent /answer + API call (with the session ID and the query ID specified). Also, it + is possible to call /search and /answer in parallel with the same + session ID & query ID. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1UpdateTargetSiteMetadata: - id: GoogleCloudDiscoveryengineV1UpdateTargetSiteMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.UpdateTargetSite operation. This will be - returned by the google.longrunning.Operation.metadata field. + searchResultPersistenceCount: + type: integer + format: int32 + description: >- + The number of top search results to persist. The persisted search + results can be used for the subsequent /answer api call. This field + is similar to the `summary_result_count` field in + SearchRequest.ContentSearchSpec.SummarySpec.summary_result_count. At + most 10 results for documents mode, or 50 for chunks mode. type: object + description: >- + Session specification. Multi-turn Search feature is currently at private + GA stage. Please use v1alpha or v1beta version instead before we launch + this feature to public GA. Or ask for allowlisting through Google + Support team. + GoogleCloudDiscoveryengineV1UserStore: properties: - createTime: - description: Operation create time. + displayName: type: string - format: google-datetime - updateTime: + description: The display name of the User Store. + defaultLicenseConfig: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Optional. The default subscription LicenseConfig for the UserStore, + if UserStore.enable_license_auto_register is true, new users will + automatically register under the default subscription. If default + LicenseConfig doesn't have remaining license seats left, new users + will not be assigned with license and will be blocked for Vertex AI + Search features. This is used if `license_assignment_tier_rules` is + not configured. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaAclConfig: - id: GoogleCloudDiscoveryengineV1alphaAclConfig - description: Access Control Configuration. - type: object - properties: + enableLicenseAutoRegister: + type: boolean + description: >- + Optional. Whether to enable license auto register for users in this + User Store. If true, new users will automatically register under the + default license config as long as the default license config has + seats left. + enableExpiredLicenseAutoUpdate: + description: >- + Optional. Whether to enable license auto update for users in this + User Store. If true, users with expired licenses will automatically + be updated to use the default license config as long as the default + license config has seats left. + type: boolean name: description: >- - Immutable. The full resource name of the acl configuration. Format: - `projects/{project}/locations/{location}/aclConfig`. This field must - be a UTF-8 encoded string with a length limit of 1024 characters. + Immutable. The full resource name of the User Store, in the format + of + `projects/{project}/locations/{location}/userStores/{user_store}`. + This field must be a UTF-8 encoded string with a length limit of + 1024 characters. type: string - idpConfig: - description: Identity provider config. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaIdpConfig' - GoogleCloudDiscoveryengineV1alphaIdpConfig: - id: GoogleCloudDiscoveryengineV1alphaIdpConfig - description: Identity Provider Config. + description: Configures metadata that is used for End User entities. + id: GoogleCloudDiscoveryengineV1UserStore type: object - properties: - idpType: - description: Identity provider type configured. - type: string - enumDescriptions: - - Default value. ACL search not enabled. - - Google 1P provider. - - Third party provider. - enum: - - IDP_TYPE_UNSPECIFIED - - GSUITE - - THIRD_PARTY - externalIdpConfig: - description: External Identity provider config. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaIdpConfigExternalIdpConfig - GoogleCloudDiscoveryengineV1alphaIdpConfigExternalIdpConfig: - id: GoogleCloudDiscoveryengineV1alphaIdpConfigExternalIdpConfig - description: Third party IDP Config. + GoogleCloudDiscoveryengineV1AssistantToolInfo: + id: GoogleCloudDiscoveryengineV1AssistantToolInfo type: object + description: Information to identify a tool. properties: - workforcePoolName: + toolDisplayName: + type: string + description: The display name of the tool. + toolName: description: >- - Workforce pool name. Example: - "locations/global/workforcePools/pool_id" + The name of the tool as defined by + DataConnectorService.QueryAvailableActions. Note: it's using + `action` in the DataConnectorService apis, but they are the same as + the `tool` here. type: string - GoogleCloudDiscoveryengineV1alphaAnswer: - id: GoogleCloudDiscoveryengineV1alphaAnswer - description: Defines an answer. - type: object + GoogleCloudDiscoveryengineV1UserEvent: + description: >- + UserEvent captures all metadata information Discovery Engine API needs + to know about how end users interact with your website. + id: GoogleCloudDiscoveryengineV1UserEvent properties: - name: + promotionIds: description: >- - Immutable. Fully qualified name - `projects/{project}/locations/global/collections/{collection}/engines/{engine}/sessions/*/answers/*` - type: string - state: - description: The state of the answer generation. + The promotion IDs if this is an event associated with promotions. + Currently, this field is restricted to at most one ID. + items: + type: string + type: array + attributionToken: type: string - enumDescriptions: - - Unknown. - - Answer generation is currently in progress. - - Answer generation currently failed. - - Answer generation has succeeded. - - Answer generation is currently in progress. - enum: - - STATE_UNSPECIFIED - - IN_PROGRESS - - FAILED - - SUCCEEDED - - STREAMING - answerText: - description: The textual answer. + description: >- + Token to attribute an API response to user action(s) to trigger the + event. Highly recommended for user events that are the result of + RecommendationService.Recommend. This field enables accurate + attribution of recommendation model performance. The value must be + one of: * RecommendResponse.attribution_token for events that are + the result of RecommendationService.Recommend. * + SearchResponse.attribution_token for events that are the result of + SearchService.Search. This token enables us to accurately attribute + page view or conversion completion back to the event and the + particular predict response containing this clicked/purchased + product. If user clicks on product K in the recommendation results, + pass RecommendResponse.attribution_token as a URL parameter to + product K's page. When recording events on product K's page, log the + RecommendResponse.attribution_token to this field. + panel: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1PanelInfo' + description: Panel metadata associated with this user event. + sessionId: + description: >- + A unique identifier for tracking a visitor session with a length + limit of 128 bytes. A session is an aggregation of an end user + behavior in a time span. A general guideline to populate the + session_id: 1. If user has no activity for 30 min, a new session_id + should be assigned. 2. The session_id should be unique across users, + suggest use uuid or add UserEvent.user_pseudo_id as prefix. type: string - groundingScore: + documents: description: >- - A score in the range of [0, 1] describing how grounded the answer is - by the reference chunks. - type: number - format: double - citations: - description: Citations. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerCitation - groundingSupports: - description: Optional. Grounding supports. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerGroundingSupport - references: - description: References. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerReference - blobAttachments: - description: List of blob attachments in the answer. - type: array + List of Documents associated with this user event. This field is + optional except for the following event types: * `view-item` * + `add-to-cart` * `purchase` * `media-play` * `media-complete` In a + `search` event, this field represents the documents returned to the + end user on the current page (the end user may have not finished + browsing the whole page yet). When a new page is returned to the end + user, after pagination/filtering/ordering even for the same query, a + new `search` event with different UserEvent.documents is desired. items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerBlobAttachment - relatedQuestions: - description: Suggested related questions. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DocumentInfo' type: array + dataStore: + description: >- + The DataStore resource full name, of the form + `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}`. + Optional. Only required for user events whose data store can't by + determined by UserEvent.engine or UserEvent.documents. If data store + is set in the parent of write/import/collect user event requests, + this field can be omitted. + type: string + pageInfo: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1PageInfo' + description: >- + Page metadata such as categories and other critical information for + certain event types such as `view-category-page`. + tagIds: + description: >- + A list of identifiers for the independent experiment groups this + user event belongs to. This is used to distinguish between user + events associated with different experiment setups. items: type: string - steps: - description: Answer generation steps. type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerStep' - queryUnderstandingInfo: - description: Query understanding information. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerQueryUnderstandingInfo - answerSkippedReasons: + completionInfo: description: >- - Additional answer-skipped reasons. This provides the reason for - ignored cases. If nothing is skipped, this field is not set. - type: array - items: - type: string - enumDescriptions: - - Default value. The answer skipped reason is not specified. - - The adversarial query ignored case. - - >- - The non-answer seeking query ignored case Google skips the - answer if the query is chit chat. - - >- - The out-of-domain query ignored case. Google skips the answer if - there are no high-relevance search results. - - >- - The potential policy violation case. Google skips the answer if - there is a potential policy violation detected. This includes - content that may be violent or toxic. - - >- - The no relevant content case. Google skips the answer if there - is no relevant content in the retrieved search results. - - >- - The jail-breaking query ignored case. For example, "Reply in the - tone of a competing company's CEO". Google skips the answer if - the query is classified as a jail-breaking query. - - >- - The customer policy violation case. Google skips the summary if - there is a customer policy violation detected. The policy is - defined by the customer. - - >- - The non-answer seeking query ignored case. Google skips the - answer if the query doesn't have clear intent. - - >- - The low-grounded answer case. Google skips the answer if a well - grounded answer was unable to be generated. - - >- - The user defined query classification ignored case. Google skips - the answer if the query is classified as a user defined query - classification. - - >- - The unhelpful answer case. Google skips the answer if the answer - is not helpful. This can be due to a variety of factors, - including but not limited to: the query is not answerable, the - answer is not relevant to the query, or the answer is not - well-formatted. - enum: - - ANSWER_SKIPPED_REASON_UNSPECIFIED - - ADVERSARIAL_QUERY_IGNORED - - NON_ANSWER_SEEKING_QUERY_IGNORED - - OUT_OF_DOMAIN_QUERY_IGNORED - - POTENTIAL_POLICY_VIOLATION - - NO_RELEVANT_CONTENT - - JAIL_BREAKING_QUERY_IGNORED - - CUSTOMER_POLICY_VIOLATION - - NON_ANSWER_SEEKING_QUERY_IGNORED_V2 - - LOW_GROUNDED_ANSWER - - USER_DEFINED_CLASSIFICATION_QUERY_IGNORED - - UNHELPFUL_ANSWER - createTime: - description: Output only. Answer creation timestamp. - readOnly: true + CompletionService.CompleteQuery details related to the event. This + field should be set for `search` event when autocomplete function is + enabled and the user clicks a suggestion for search. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CompletionInfo' + conversionType: type: string - format: google-datetime - completeTime: - description: Output only. Answer completed timestamp. - readOnly: true + description: >- + Optional. Conversion type. Required if UserEvent.event_type is + `conversion`. This is a customer-defined conversion name in + lowercase letters or numbers separated by "-", such as "watch", + "good-visit" etc. Do not set the field if UserEvent.event_type is + not `conversion`. This mixes the custom conversion event with + predefined events like `search`, `view-item` etc. + userPseudoId: + description: >- + Required. A unique identifier for tracking visitors. For example, + this could be implemented with an HTTP cookie, which should be able + to uniquely identify a visitor on a single device. This unique + identifier should not change if the visitor log in/out of the + website. Do not set the field to the same fixed ID for different + users. This mixes the event history of those users together, which + results in degraded model quality. The field must be a UTF-8 encoded + string with a length limit of 128 characters. Otherwise, an + `INVALID_ARGUMENT` error is returned. The field should not contain + PII or user-data. We recommend to use Google Analytics [Client + ID](https://developers.google.com/analytics/devguides/collection/analyticsjs/field-reference#clientId) + for this field. type: string - format: google-datetime - safetyRatings: - description: Optional. Safety ratings. + userInfo: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserInfo' + description: Information about the end user. + directUserRequest: + type: boolean + description: >- + Should set to true if the request is made directly from the end + user, in which case the UserEvent.user_info.user_agent can be + populated from the HTTP request. This flag should be set only if the + API request is made directly from the end user such as a mobile app + (and not if a gateway or a server is processing and pushing the user + events). This should not be set when using the JavaScript tag in + UserEventService.CollectUserEvent. + engine: + description: >- + The Engine resource name, in the form of + `projects/{project}/locations/{location}/collections/{collection_id}/engines/{engine_id}`. + Optional. Only required for Engine produced user events. For + example, user events from blended search. + type: string + panels: + description: >- + Optional. List of panels associated with this event. Used for + page-level impression data. type: array items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaSafetyRating' - GoogleCloudDiscoveryengineV1alphaAnswerCitation: - id: GoogleCloudDiscoveryengineV1alphaAnswerCitation - description: Citation info for a segment. - type: object - properties: - startIndex: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1PanelInfo' + attributes: + additionalProperties: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CustomAttribute' description: >- - Index indicates the start of the segment, measured in bytes (UTF-8 - unicode). If there are multi-byte characters,such as non-ASCII - characters, the index measurement is longer than the string length. + Extra user event features to include in the recommendation model. + These attributes must NOT contain data that needs to be parsed or + processed further, e.g. JSON or other encodings. If you provide + custom attributes for ingested user events, also include them in the + user events that you associate with prediction requests. Custom + attribute formatting must be consistent between imported events and + events provided with prediction requests. This lets the Discovery + Engine API use those custom attributes when training models and + serving predictions, which helps improve recommendation quality. + This field needs to pass all below criteria, otherwise an + `INVALID_ARGUMENT` error is returned: * The key must be a UTF-8 + encoded string with a length limit of 5,000 characters. * For text + attributes, at most 400 values are allowed. Empty values are not + allowed. Each value must be a UTF-8 encoded string with a length + limit of 256 characters. * For number attributes, at most 400 values + are allowed. For product recommendations, an example of extra user + information is `traffic_channel`, which is how a user arrives at the + site. Users can arrive at the site by coming to the site directly, + coming through Google search, or in other ways. + type: object + eventTime: + description: >- + Only required for UserEventService.ImportUserEvents method. + Timestamp of when the user event happened. + type: string + format: google-datetime + eventType: type: string - format: int64 - endIndex: description: >- - End of the attributed segment, exclusive. Measured in bytes (UTF-8 - unicode). If there are multi-byte characters,such as non-ASCII - characters, the index measurement is longer than the string length. + Required. User event type. Allowed values are: Generic values: * + `search`: Search for Documents. * `view-item`: Detailed page view of + a Document. * `view-item-list`: View of a panel or ordered list of + Documents. * `view-home-page`: View of the home page. * + `view-category-page`: View of a category page, e.g. Home > Men > + Jeans Retail-related values: * `add-to-cart`: Add an item(s) to + cart, e.g. in Retail online shopping * `purchase`: Purchase an + item(s) Media-related values: * `media-play`: Start/resume watching + a video, playing a song, etc. * `media-complete`: Finished or + stopped midway through a video, song, etc. Custom conversion value: + * `conversion`: Customer defined conversion event. + filter: type: string - format: int64 - sources: - description: Citation sources for the attributed segment. + description: >- + Optional. The filter syntax consists of an expression language for + constructing a predicate from one or more fields of the documents + being filtered. One example is for `search` events, the associated + SearchRequest may contain a filter expression in + SearchRequest.filter conforming to + https://google.aip.dev/160#filtering. Similarly, for + `view-item-list` events that are generated from a RecommendRequest, + this field may be populated directly from RecommendRequest.filter + conforming to https://google.aip.dev/160#filtering. The value must + be a UTF-8 encoded string with a length limit of 1,000 characters. + Otherwise, an `INVALID_ARGUMENT` error is returned. + searchInfo: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SearchInfo' + description: >- + SearchService.Search details related to the event. This field should + be set for `search` event. + transactionInfo: + description: The transaction metadata (if any) associated with this user event. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TransactionInfo' + mediaInfo: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1MediaInfo' + description: Media-specific info. + type: object + GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpecBoostControlSpec: + id: >- + GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpecBoostControlSpec + properties: + controlPoints: type: array items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerCitationSource - GoogleCloudDiscoveryengineV1alphaAnswerCitationSource: - id: GoogleCloudDiscoveryengineV1alphaAnswerCitationSource - description: Citation source. - type: object - properties: - referenceId: - description: ID of the citation source. + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint + description: >- + The control points used to define the curve. The monotonic function + (defined through the interpolation_type above) passes through the + control points listed here. + attributeType: + enum: + - ATTRIBUTE_TYPE_UNSPECIFIED + - NUMERICAL + - FRESHNESS type: string - GoogleCloudDiscoveryengineV1alphaAnswerGroundingSupport: - id: GoogleCloudDiscoveryengineV1alphaAnswerGroundingSupport - description: Grounding support for a claim in `answer_text`. + description: >- + The attribute type to be used to determine the boost amount. The + attribute value can be derived from the field value of the specified + field_name. In the case of numerical it is straightforward i.e. + attribute_value = numerical_field_value. In the case of freshness + however, attribute_value = (time.now() - datetime_field_value). + enumDescriptions: + - Unspecified AttributeType. + - >- + The value of the numerical field will be used to dynamically + update the boost amount. In this case, the attribute_value (the x + value) of the control point will be the actual value of the + numerical field for which the boost_amount is specified. + - >- + For the freshness use case the attribute value will be the + duration between the current time and the date in the datetime + field specified. The value must be formatted as an XSD + `dayTimeDuration` value (a restricted subset of an ISO 8601 + duration value). The pattern for this is: `nDnM]`. For example, + `5D`, `3DT12H30M`, `T24H`. + interpolationType: + enumDescriptions: + - >- + Interpolation type is unspecified. In this case, it defaults to + Linear. + - Piecewise linear interpolation will be applied. + enum: + - INTERPOLATION_TYPE_UNSPECIFIED + - LINEAR + description: >- + The interpolation type to be applied to connect the control points + listed below. + type: string + fieldName: + description: >- + The name of the field whose value will be used to determine the + boost amount. + type: string + type: object + description: >- + Specification for custom ranking based on customer specified attribute + value. It provides more controls for customized ranking than the simple + (condition, boost) combination above. + GoogleCloudDiscoveryengineV1alphaConnectorRunEntityRunProgress: + description: Represents the progress of a sync run. type: object + id: GoogleCloudDiscoveryengineV1alphaConnectorRunEntityRunProgress properties: - startIndex: - description: >- - Required. Index indicates the start of the claim, measured in bytes - (UTF-8 unicode). + totalCount: type: string + description: The total. format: int64 - endIndex: - description: Required. End of the claim, exclusive. + currentCount: + description: The current progress. type: string format: int64 - groundingScore: - description: >- - A score in the range of [0, 1] describing how grounded is a specific - claim by the references. Higher value means that the claim is better - supported by the reference chunks. + percentile: type: number - format: double - groundingCheckRequired: description: >- - Indicates that this claim required grounding check. When the system - decided this claim didn't require attribution/grounding check, this - field is set to false. In that case, no grounding check was done for - the claim and therefore `grounding_score`, `sources` is not - returned. - type: boolean - sources: - description: Optional. Citation sources for the claim. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerCitationSource - GoogleCloudDiscoveryengineV1alphaAnswerReference: - id: GoogleCloudDiscoveryengineV1alphaAnswerReference - description: Reference. + Derived. The percentile of the progress.current_count / total_count. + The value is between [0, 1.0] inclusive. + format: float + GoogleCloudDiscoveryengineV1ProjectCustomerProvidedConfig: + description: Customer provided configurations. type: object properties: - unstructuredDocumentInfo: - description: Unstructured document information. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerReferenceUnstructuredDocumentInfo - chunkInfo: - description: Chunk information. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerReferenceChunkInfo - structuredDocumentInfo: - description: Structured document information. + notebooklmConfig: + description: Optional. Configuration for NotebookLM settings. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerReferenceStructuredDocumentInfo - GoogleCloudDiscoveryengineV1alphaAnswerReferenceUnstructuredDocumentInfo: - id: GoogleCloudDiscoveryengineV1alphaAnswerReferenceUnstructuredDocumentInfo - description: Unstructured document information. + #/components/schemas/GoogleCloudDiscoveryengineV1ProjectCustomerProvidedConfigNotebooklmConfig + id: GoogleCloudDiscoveryengineV1ProjectCustomerProvidedConfig + GoogleCloudDiscoveryengineV1SearchResponseSummaryCitationMetadata: + description: Citation metadata. + id: GoogleCloudDiscoveryengineV1SearchResponseSummaryCitationMetadata type: object properties: - document: - description: Document resource name. + citations: + description: Citations for segments. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummaryCitation + type: array + GoogleCloudDiscoveryengineV1alphaUserInfo: + properties: + userId: + description: >- + Highly recommended for logged-in users. Unique identifier for + logged-in user, such as a user name. Don't set for anonymous users. + Always use a hashed value for this ID. Don't set the field to the + same fixed ID for different users. This mixes the event history of + those users together, which results in degraded model quality. The + field must be a UTF-8 encoded string with a length limit of 128 + characters. Otherwise, an `INVALID_ARGUMENT` error is returned. type: string - uri: - description: URI for the document. + timeZone: + description: Optional. IANA time zone, e.g. Europe/Budapest. type: string - title: - description: Title. + userAgent: + description: >- + User agent as included in the HTTP header. The field must be a UTF-8 + encoded string with a length limit of 1,000 characters. Otherwise, + an `INVALID_ARGUMENT` error is returned. This should not be set when + using the client side event reporting with GTM or JavaScript tag in + UserEventService.CollectUserEvent or if + UserEvent.direct_user_request is set. type: string - chunkContents: - description: List of cited chunk contents derived from document content. - type: array + description: Information of an end user. + id: GoogleCloudDiscoveryengineV1alphaUserInfo + type: object + GoogleCloudDiscoveryengineV1SearchResponseFacet: + description: A facet result. + id: GoogleCloudDiscoveryengineV1SearchResponseFacet + properties: + values: + description: The facet values for this field. items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerReferenceUnstructuredDocumentInfoChunkContent - structData: + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseFacetFacetValue + type: array + key: description: >- - The structured JSON metadata for the document. It is populated from - the struct data from the Chunk in search result. - type: object - additionalProperties: - type: any - description: Properties of the object. - GoogleCloudDiscoveryengineV1alphaAnswerReferenceUnstructuredDocumentInfoChunkContent: - id: >- - GoogleCloudDiscoveryengineV1alphaAnswerReferenceUnstructuredDocumentInfoChunkContent - description: Chunk content. + The key for this facet. For example, `"colors"` or `"price"`. It + matches SearchRequest.FacetSpec.FacetKey.key. + type: string + dynamicFacet: + type: boolean + description: Whether the facet is dynamically generated. type: object + GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecMultiModalSpec: properties: - content: - description: Chunk textual content. - type: string - pageIdentifier: - description: Page identifier. + imageSource: + enum: + - IMAGE_SOURCE_UNSPECIFIED + - ALL_AVAILABLE_SOURCES + - CORPUS_IMAGE_ONLY + - FIGURE_GENERATION_ONLY + description: Optional. Source of image returned in the answer. + enumDescriptions: + - >- + Unspecified image source (multimodal feature is disabled by + default). + - >- + Behavior when service determines the pick from all available + sources. + - Includes image from corpus in the answer. + - Triggers figure generation in the answer. type: string - relevanceScore: - description: >- - The relevance of the chunk for a given query. Values range from 0.0 - (completely irrelevant) to 1.0 (completely relevant). This value is - for informational purpose only. It may change for the same query and - chunk at any time due to a model retraining or change in - implementation. - type: number - format: float - blobAttachmentIndexes: - description: Output only. Stores indexes of blobattachments linked to this chunk. - readOnly: true - type: array - items: - type: string - format: int64 - GoogleCloudDiscoveryengineV1alphaAnswerReferenceChunkInfo: - id: GoogleCloudDiscoveryengineV1alphaAnswerReferenceChunkInfo - description: Chunk information. type: object + id: >- + GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecMultiModalSpec + description: >- + Multimodal specification: Will return an image from specified source. If + multiple sources are specified, the pick is a quality based decision. + GoogleCloudDiscoveryengineV1betaTargetSite: + id: GoogleCloudDiscoveryengineV1betaTargetSite + description: A target site for the SiteSearchEngine. properties: - chunk: - description: Chunk resource name. - type: string - content: - description: Chunk textual content. - type: string - relevanceScore: + exactMatch: description: >- - The relevance of the chunk for a given query. Values range from 0.0 - (completely irrelevant) to 1.0 (completely relevant). This value is - for informational purpose only. It may change for the same query and - chunk at any time due to a model retraining or change in - implementation. - type: number - format: float - documentMetadata: - description: Document metadata. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerReferenceChunkInfoDocumentMetadata - blobAttachmentIndexes: - description: Output only. Stores indexes of blobattachments linked to this chunk. + Immutable. If set to false, a uri_pattern is generated to include + all pages whose address contains the provided_uri_pattern. If set to + true, an uri_pattern is generated to try to be an exact match of the + provided_uri_pattern or just the specific page if the + provided_uri_pattern is a specific one. provided_uri_pattern is + always normalized to generate the URI pattern to be used by the + search engine. + type: boolean + updateTime: + description: Output only. The target site's last updated time. readOnly: true - type: array - items: - type: string - format: int64 - GoogleCloudDiscoveryengineV1alphaAnswerReferenceChunkInfoDocumentMetadata: - id: >- - GoogleCloudDiscoveryengineV1alphaAnswerReferenceChunkInfoDocumentMetadata - description: Document metadata. - type: object - properties: - document: - description: Document resource name. - type: string - uri: - description: URI for the document. + format: google-datetime type: string - title: - description: Title. + name: + readOnly: true + description: >- + Output only. The fully qualified resource name of the target site. + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/siteSearchEngine/targetSites/{target_site}` + The `target_site_id` is system-generated. type: string - pageIdentifier: - description: Page identifier. + siteVerificationInfo: + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSiteVerificationInfo + description: Output only. Site ownership and validity verification status. + generatedUriPattern: type: string - structData: + readOnly: true description: >- - The structured JSON metadata for the document. It is populated from - the struct data from the Chunk in search result. - type: object - additionalProperties: - type: any - description: Properties of the object. - GoogleCloudDiscoveryengineV1alphaAnswerReferenceStructuredDocumentInfo: - id: GoogleCloudDiscoveryengineV1alphaAnswerReferenceStructuredDocumentInfo - description: Structured search information. - type: object - properties: - document: - description: Document resource name. - type: string - structData: - description: Structured search data. - type: object - additionalProperties: - type: any - description: Properties of the object. - title: - description: Output only. The title of the document. - readOnly: true - type: string - uri: - description: Output only. The URI of the document. - readOnly: true - type: string - GoogleCloudDiscoveryengineV1alphaAnswerBlobAttachment: - id: GoogleCloudDiscoveryengineV1alphaAnswerBlobAttachment - description: >- - Stores binarydata attached to text answer, e.g. image, video, audio, - etc. - type: object - properties: - data: - description: Output only. The mime type and data of the blob. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerBlobAttachmentBlob - attributionType: - description: Output only. The attribution type of the blob. - readOnly: true - type: string - enumDescriptions: - - Unspecified attribution type. - - The attachment data is from the corpus. - - >- - The attachment data is generated by the model through code - generation. - enum: - - ATTRIBUTION_TYPE_UNSPECIFIED - - CORPUS - - GENERATED - GoogleCloudDiscoveryengineV1alphaAnswerBlobAttachmentBlob: - id: GoogleCloudDiscoveryengineV1alphaAnswerBlobAttachmentBlob - description: The media type and data of the blob. - type: object - properties: - mimeType: - description: >- - Output only. The media type (MIME type) of the generated or - retrieved data. - readOnly: true - type: string - data: - description: Output only. Raw bytes. - readOnly: true - type: string - format: byte - GoogleCloudDiscoveryengineV1alphaAnswerStep: - id: GoogleCloudDiscoveryengineV1alphaAnswerStep - description: Step information. - type: object - properties: - state: - description: The state of the step. - type: string - enumDescriptions: - - Unknown. - - Step is currently in progress. - - Step currently failed. - - Step has succeeded. - enum: - - STATE_UNSPECIFIED - - IN_PROGRESS - - FAILED - - SUCCEEDED - description: - description: The description of the step. - type: string - thought: - description: The thought of the step. - type: string - actions: - description: Actions. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerStepAction - GoogleCloudDiscoveryengineV1alphaAnswerStepAction: - id: GoogleCloudDiscoveryengineV1alphaAnswerStepAction - description: Action. - type: object - properties: - searchAction: - description: Search action. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerStepActionSearchAction - observation: - description: Observation. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservation - GoogleCloudDiscoveryengineV1alphaAnswerStepActionSearchAction: - id: GoogleCloudDiscoveryengineV1alphaAnswerStepActionSearchAction - description: Search action. - type: object - properties: - query: - description: The query to search. - type: string - GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservation: - id: GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservation - description: Observation. - type: object - properties: - searchResults: - description: >- - Search results observed by the search action, it can be snippets - info or chunk info, depending on the citation type set by the user. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResult - GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResult: - id: GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResult - type: object - properties: - document: - description: Document resource name. - type: string - uri: - description: URI for the document. - type: string - title: - description: Title. - type: string - snippetInfo: - description: >- - If citation_type is DOCUMENT_LEVEL_CITATION, populate document level - snippets. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResultSnippetInfo - chunkInfo: - description: >- - If citation_type is CHUNK_LEVEL_CITATION and chunk mode is on, - populate chunk info. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResultChunkInfo - structData: - description: >- - Data representation. The structured JSON data for the document. It's - populated from the struct data from the Document, or the Chunk in - search result. - type: object - additionalProperties: - type: any - description: Properties of the object. - GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResultSnippetInfo: - id: >- - GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResultSnippetInfo - description: Snippet information. - type: object - properties: - snippet: - description: Snippet content. - type: string - snippetStatus: - description: Status of the snippet defined by the search team. - type: string - GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResultChunkInfo: - id: >- - GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResultChunkInfo - description: Chunk information. - type: object - properties: - chunk: - description: Chunk resource name. - type: string - content: - description: Chunk textual content. - type: string - relevanceScore: - description: >- - The relevance of the chunk for a given query. Values range from 0.0 - (completely irrelevant) to 1.0 (completely relevant). This value is - for informational purpose only. It may change for the same query and - chunk at any time due to a model retraining or change in - implementation. - type: number - format: float - GoogleCloudDiscoveryengineV1alphaAnswerQueryUnderstandingInfo: - id: GoogleCloudDiscoveryengineV1alphaAnswerQueryUnderstandingInfo - description: Query understanding information. - type: object - properties: - queryClassificationInfo: - description: Query classification information. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerQueryUnderstandingInfoQueryClassificationInfo - GoogleCloudDiscoveryengineV1alphaAnswerQueryUnderstandingInfoQueryClassificationInfo: - id: >- - GoogleCloudDiscoveryengineV1alphaAnswerQueryUnderstandingInfoQueryClassificationInfo - description: Query classification information. - type: object - properties: - type: - description: Query classification type. - type: string - enumDescriptions: - - Unspecified query classification type. - - Adversarial query classification type. - - Non-answer-seeking query classification type, for chit chat. - - Jail-breaking query classification type. - - Non-answer-seeking query classification type, for no clear intent. - - User defined query classification type. - enum: - - TYPE_UNSPECIFIED - - ADVERSARIAL_QUERY - - NON_ANSWER_SEEKING_QUERY - - JAIL_BREAKING_QUERY - - NON_ANSWER_SEEKING_QUERY_V2 - - USER_DEFINED_CLASSIFICATION_QUERY - positive: - description: Classification output. - type: boolean - GoogleCloudDiscoveryengineV1alphaSafetyRating: - id: GoogleCloudDiscoveryengineV1alphaSafetyRating - description: Safety rating corresponding to the generated content. - type: object - properties: - category: - description: Output only. Harm category. - readOnly: true - type: string - enumDescriptions: - - The harm category is unspecified. - - The harm category is hate speech. - - The harm category is dangerous content. - - The harm category is harassment. - - The harm category is sexually explicit content. - - The harm category is civic integrity. - enum: - - HARM_CATEGORY_UNSPECIFIED - - HARM_CATEGORY_HATE_SPEECH - - HARM_CATEGORY_DANGEROUS_CONTENT - - HARM_CATEGORY_HARASSMENT - - HARM_CATEGORY_SEXUALLY_EXPLICIT - - HARM_CATEGORY_CIVIC_INTEGRITY - probability: - description: Output only. Harm probability levels in the content. - readOnly: true - type: string - enumDescriptions: - - Harm probability unspecified. - - Negligible level of harm. - - Low level of harm. - - Medium level of harm. - - High level of harm. - enum: - - HARM_PROBABILITY_UNSPECIFIED - - NEGLIGIBLE - - LOW - - MEDIUM - - HIGH - probabilityScore: - description: Output only. Harm probability score. - readOnly: true - type: number - format: float - severity: - description: Output only. Harm severity levels in the content. - readOnly: true - type: string - enumDescriptions: - - Harm severity unspecified. - - Negligible level of harm severity. - - Low level of harm severity. - - Medium level of harm severity. - - High level of harm severity. - enum: - - HARM_SEVERITY_UNSPECIFIED - - HARM_SEVERITY_NEGLIGIBLE - - HARM_SEVERITY_LOW - - HARM_SEVERITY_MEDIUM - - HARM_SEVERITY_HIGH - severityScore: - description: Output only. Harm severity score. - readOnly: true - type: number - format: float - blocked: - description: >- - Output only. Indicates whether the content was filtered out because - of this rating. - readOnly: true - type: boolean - GoogleCloudDiscoveryengineV1alphaBatchCreateTargetSiteMetadata: - id: GoogleCloudDiscoveryengineV1alphaBatchCreateTargetSiteMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.BatchCreateTargetSites operation. This will be - returned by the google.longrunning.Operation.metadata field. - type: object - properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaBatchCreateTargetSitesResponse: - id: GoogleCloudDiscoveryengineV1alphaBatchCreateTargetSitesResponse - description: >- - Response message for SiteSearchEngineService.BatchCreateTargetSites - method. - type: object - properties: - targetSites: - description: TargetSites created. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaTargetSite' - GoogleCloudDiscoveryengineV1alphaTargetSite: - id: GoogleCloudDiscoveryengineV1alphaTargetSite - description: A target site for the SiteSearchEngine. - type: object - properties: - name: - description: >- - Output only. The fully qualified resource name of the target site. - `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/siteSearchEngine/targetSites/{target_site}` - The `target_site_id` is system-generated. + Output only. This is system-generated based on the + provided_uri_pattern. + rootDomainUri: + description: Output only. Root domain of the provided_uri_pattern. readOnly: true type: string - providedUriPattern: - description: >- - Required. Input only. The user provided URI pattern from which the - `generated_uri_pattern` is generated. - type: string type: - description: >- - The type of the target site, e.g., whether the site is to be - included or excluded. - type: string enumDescriptions: - >- This value is unused. In this case, server behavior defaults to Type.INCLUDE. - Include the target site. - Exclude the target site. + type: string enum: - TYPE_UNSPECIFIED - INCLUDE - EXCLUDE - exactMatch: - description: >- - Immutable. If set to false, a uri_pattern is generated to include - all pages whose address contains the provided_uri_pattern. If set to - true, an uri_pattern is generated to try to be an exact match of the - provided_uri_pattern or just the specific page if the - provided_uri_pattern is a specific one. provided_uri_pattern is - always normalized to generate the URI pattern to be used by the - search engine. - type: boolean - generatedUriPattern: description: >- - Output only. This is system-generated based on the - provided_uri_pattern. - readOnly: true - type: string - rootDomainUri: - description: Output only. Root domain of the provided_uri_pattern. - readOnly: true - type: string - siteVerificationInfo: - description: Output only. Site ownership and validity verification status. + The type of the target site, e.g., whether the site is to be + included or excluded. + failureReason: readOnly: true $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSiteVerificationInfo + #/components/schemas/GoogleCloudDiscoveryengineV1betaTargetSiteFailureReason + description: Output only. Failure reason. indexingStatus: - description: Output only. Indexing status. - readOnly: true - type: string enumDescriptions: - Defaults to SUCCEEDED. - >- @@ -11061,6 +11711,7 @@ components: to SUCCEEDED if the unindexing fails. - The target site change is pending but cancellable. - The target site change is cancelled. + description: Output only. Indexing status. enum: - INDEXING_STATUS_UNSPECIFIED - PENDING @@ -11069,815 +11720,493 @@ components: - DELETING - CANCELLABLE - CANCELLED - updateTime: - description: Output only. The target site's last updated time. - readOnly: true type: string - format: google-datetime - failureReason: - description: Output only. Failure reason. readOnly: true - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaTargetSiteFailureReason - GoogleCloudDiscoveryengineV1alphaSiteVerificationInfo: - id: GoogleCloudDiscoveryengineV1alphaSiteVerificationInfo - description: Verification information for target sites in advanced site search. + providedUriPattern: + description: >- + Required. Input only. The user provided URI pattern from which the + `generated_uri_pattern` is generated. + type: string + type: object + GoogleCloudDiscoveryengineV1alphaUpdateSessionRequest: + description: Request for UpdateSession method. + type: object + id: GoogleCloudDiscoveryengineV1alphaUpdateSessionRequest + properties: + updateMask: + format: google-fieldmask + description: >- + Indicates which fields in the provided Session to update. The + following are NOT supported: * Session.name If not set or empty, all + supported fields are updated. + type: string + session: + description: Required. The Session to update. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaSession' + GoogleCloudDiscoveryengineV1betaEngineSearchEngineConfig: + description: Configurations for a Search Engine. type: object + id: GoogleCloudDiscoveryengineV1betaEngineSearchEngineConfig properties: - siteVerificationState: - description: Site verification state indicating the ownership and validity. + searchTier: + enum: + - SEARCH_TIER_UNSPECIFIED + - SEARCH_TIER_STANDARD + - SEARCH_TIER_ENTERPRISE type: string + description: >- + The search feature tier of this engine. Different tiers might have + different pricing. To learn more, check the pricing documentation. + Defaults to SearchTier.SEARCH_TIER_STANDARD if not specified. enumDescriptions: - - Defaults to VERIFIED. - - Site ownership verified. - - Site ownership pending verification or verification failed. - >- - Site exempt from verification, e.g., a public website that opens - to all. + Default value when the enum is unspecified. This is invalid to + use. + - Standard tier. + - Enterprise tier. + requiredSubscriptionTier: enum: - - SITE_VERIFICATION_STATE_UNSPECIFIED - - VERIFIED - - UNVERIFIED - - EXEMPTED - verifyTime: - description: Latest site verification time. + - SUBSCRIPTION_TIER_UNSPECIFIED + - SUBSCRIPTION_TIER_SEARCH + - SUBSCRIPTION_TIER_SEARCH_AND_ASSISTANT + - SUBSCRIPTION_TIER_NOTEBOOK_LM + - SUBSCRIPTION_TIER_FRONTLINE_WORKER + - SUBSCRIPTION_TIER_AGENTSPACE_STARTER + - SUBSCRIPTION_TIER_AGENTSPACE_BUSINESS + - SUBSCRIPTION_TIER_ENTERPRISE + - SUBSCRIPTION_TIER_EDU + - SUBSCRIPTION_TIER_EDU_PRO + - SUBSCRIPTION_TIER_EDU_EMERGING + - SUBSCRIPTION_TIER_EDU_PRO_EMERGING + - SUBSCRIPTION_TIER_FRONTLINE_STARTER + enumDescriptions: + - Default value. + - >- + Search tier. Search tier can access VAIS search features and + NotebookLM features. + - >- + Search + assistant tier. Search + assistant tier can access VAIS + search features, NotebookLM features and assistant features. + - >- + NotebookLM tier. NotebookLM is a subscription tier can only access + NotebookLM features. + - Frontline worker tier. + - Agentspace Starter tier. + - Agentspace Business tier. + - Enterprise tier. + - EDU tier. + - EDU Pro tier. + - EDU emerging market tier. + - EDU Pro emerging market tier. + - Frontline starter tier. + description: >- + Optional. The required subscription tier of this engine. They cannot + be modified after engine creation. If the required subscription tier + is search, user with higher license tier like assist can still + access the standalone app associated with this engine. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaTargetSiteFailureReason: - id: GoogleCloudDiscoveryengineV1alphaTargetSiteFailureReason - description: Site search indexing failure reasons. - type: object + searchAddOns: + items: + type: string + enum: + - SEARCH_ADD_ON_UNSPECIFIED + - SEARCH_ADD_ON_LLM + enumDescriptions: + - >- + Default value when the enum is unspecified. This is invalid to + use. + - Large language model add-on. + description: The add-on that this search engine enables. + type: array + GoogleCloudDiscoveryengineV1ListLicenseConfigsUsageStatsResponse: + description: >- + Response message for UserLicenseService.ListLicenseConfigUsageStats + method. properties: - quotaFailure: - description: Failed due to insufficient quota. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaTargetSiteFailureReasonQuotaFailure - GoogleCloudDiscoveryengineV1alphaTargetSiteFailureReasonQuotaFailure: - id: GoogleCloudDiscoveryengineV1alphaTargetSiteFailureReasonQuotaFailure - description: Failed due to insufficient quota. + licenseConfigUsageStats: + type: array + description: All the customer's LicenseConfigUsageStats. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1LicenseConfigUsageStats + id: GoogleCloudDiscoveryengineV1ListLicenseConfigsUsageStatsResponse + type: object + GoogleCloudDiscoveryengineV1betaImportCompletionSuggestionsMetadata: type: object + description: >- + Metadata related to the progress of the ImportCompletionSuggestions + operation. This will be returned by the + google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1betaImportCompletionSuggestionsMetadata properties: - totalRequiredQuota: + updateTime: description: >- - This number is an estimation on how much total quota this project - needs to successfully complete indexing. + Operation last update time. If the operation is done, this is also + the finish time. type: string + format: google-datetime + failureCount: format: int64 - GoogleCloudDiscoveryengineV1alphaBatchUpdateUserLicensesMetadata: - id: GoogleCloudDiscoveryengineV1alphaBatchUpdateUserLicensesMetadata - description: >- - Metadata related to the progress of the - UserLicenseService.BatchUpdateUserLicenses operation. This will be - returned by the google.longrunning.Operation.metadata field. - type: object - properties: + description: Count of CompletionSuggestions that failed to be imported. + type: string + successCount: + description: Count of CompletionSuggestions successfully imported. + format: int64 + type: string createTime: - description: Operation create time. type: string + description: Operation create time. format: google-datetime - updateTime: + GoogleCloudDiscoveryengineV1alphaConnectorRunEntityRun: + properties: + scheduledRecordCount: + format: int64 description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Optional. The number of documents scheduled to be crawled/extracted + from connector source. This only applies to third party connectors. type: string - format: google-datetime - successCount: - description: Count of user licenses successfully updated. + entityName: type: string - format: int64 - failureCount: - description: Count of user licenses that failed to be updated. + description: The name of the source entity. + extractedRecordCount: + description: >- + Optional. The number of documents extracted from connector source, + ready to be ingested to VAIS. type: string format: int64 - GoogleCloudDiscoveryengineV1alphaBatchUpdateUserLicensesResponse: - id: GoogleCloudDiscoveryengineV1alphaBatchUpdateUserLicensesResponse - description: Response message for UserLicenseService.BatchUpdateUserLicenses method. - type: object - properties: - userLicenses: - description: UserLicenses successfully updated. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaUserLicense' - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1alphaUserLicense: - id: GoogleCloudDiscoveryengineV1alphaUserLicense - description: User License information assigned by the admin. - type: object - properties: - userPrincipal: - description: >- - Required. Immutable. The user principal of the User, could be email - address or other prinical identifier. This field is immutable. Admin - assign licenses based on the user principal. + errorRecordCount: type: string - userProfile: description: >- - Optional. The user profile. We user user full name(First name + Last - name) as user profile. + Optional. The total number of documents failed at sync at indexing + stage. + format: int64 + sourceApiRequestCount: + format: int64 type: string - licenseAssignmentState: - description: >- - Output only. License assignment state of the user. If the user is - assigned with a license config, the user login will be assigned with - the license; If the user's license assignment state is unassigned or - unspecified, no license config will be associated to the user; - readOnly: true + description: Optional. The number of requests sent to 3p API. + stateUpdateTime: + format: google-datetime type: string + description: Timestamp at which the entity sync state was last updated. + state: + enum: + - STATE_UNSPECIFIED + - RUNNING + - SUCCEEDED + - FAILED + - OVERRUN + - CANCELLED + - PENDING + - WARNING + - SKIPPED + description: The state of the entity's sync run. enumDescriptions: - Default value. - - License assigned to the user. + - The data sync is ongoing. + - The data sync is finished. + - The data sync is failed. - >- - No license assigned to the user. Deprecated, translated to - NO_LICENSE. - - No license assigned to the user. + Data sync has been running longer than expected and is still + running at the time the next run is supposed to start. + - Data sync was scheduled but has been cancelled. + - Data sync is about to start. + - The data sync completed with non-fatal errors. - >- - User attempted to login but no license assigned to the user. This - state is only used for no user first time login attempt but cannot - get license assigned. Users already logged in but cannot get - license assigned will be assigned NO_LICENSE state(License could - be unassigned by admin). - - User is blocked from assigning a license. - enum: - - LICENSE_ASSIGNMENT_STATE_UNSPECIFIED - - ASSIGNED - - UNASSIGNED - - NO_LICENSE - - NO_LICENSE_ATTEMPTED_LOGIN - - BLOCKED - licenseConfig: - description: >- - Optional. The full resource name of the Subscription(LicenseConfig) - assigned to the user. + An ongoing connector run has been running longer than expected, + causing this run to be skipped. type: string - createTime: - description: Output only. User created timestamp. - readOnly: true + syncType: + enumDescriptions: + - Sync type unspecified. + - Sync triggers full sync of all documents. + - Incremental sync of updated documents. + - Realtime sync. + - Scala sync. type: string - format: google-datetime - updateTime: - description: Output only. User update timestamp. - readOnly: true + description: Sync type of this run. + enum: + - SYNC_TYPE_UNSPECIFIED + - FULL + - INCREMENTAL + - REALTIME + - SCALA_SYNC + indexedRecordCount: + description: Optional. The number of documents indexed. + format: int64 type: string - format: google-datetime - lastLoginTime: - description: >- - Output only. User last logged in time. If the user has not logged in - yet, this field will be empty. - readOnly: true + progress: + description: Metadata to generate the progress bar. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaConnectorRunEntityRunProgress + statsUpdateTime: type: string format: google-datetime - GoogleCloudDiscoveryengineV1alphaCmekConfig: - id: GoogleCloudDiscoveryengineV1alphaCmekConfig - description: Configurations used to enable CMEK data encryption with Cloud KMS keys. - type: object - properties: - name: - description: >- - Required. The name of the CmekConfig of the form - `projects/{project}/locations/{location}/cmekConfig` or - `projects/{project}/locations/{location}/cmekConfigs/{cmek_config}`. - type: string - kmsKey: - description: >- - Required. KMS key resource name which will be used to encrypt - resources - `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{keyId}`. - type: string - kmsKeyVersion: description: >- - Output only. KMS key version resource name which will be used to - encrypt resources `/cryptoKeyVersions/{keyVersion}`. - readOnly: true - type: string - state: - description: Output only. The states of the CmekConfig. - readOnly: true - type: string - enumDescriptions: - - The CmekConfig state is unknown. - - The CmekConfig is creating. - - The CmekConfig can be used with DataStores. - - >- - The CmekConfig is unavailable, most likely due to the KMS Key - being revoked. - - The CmekConfig is deleting. - - The CmekConfig deletion process failed. - - >- - The CmekConfig is not usable, most likely due to some internal - issue. - - The KMS key version is being rotated. - - >- - The KMS key is soft deleted. Some cleanup policy will eventually - be applied. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - KEY_ISSUE - - DELETING - - DELETE_FAILED - - UNUSABLE - - ACTIVE_ROTATING - - DELETED - isDefault: - description: Output only. The default CmekConfig for the Customer. - readOnly: true - type: boolean - lastRotationTimestampMicros: - description: Output only. The timestamp of the last key rotation. - readOnly: true + The timestamp for either extracted_documents_count, + indexed_documents_count and error_documents_count was last updated. + deletedRecordCount: type: string format: int64 - singleRegionKeys: + description: Optional. The number of documents deleted. + errors: description: >- - Optional. Single-regional CMEKs that are required for some VAIS - features. + The errors from the entity's sync run. Only exist if running into an + error state. Contains error code and error message. type: array items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSingleRegionKey - notebooklmState: - description: Output only. Whether the NotebookLM Corpus is ready to be used. - readOnly: true - type: string - enumDescriptions: - - The NotebookLM state is unknown. - - The NotebookLM is not ready. - - The NotebookLM is ready to be used. - - The NotebookLM is not enabled. - enum: - - NOTEBOOK_LM_STATE_UNSPECIFIED - - NOTEBOOK_LM_NOT_READY - - NOTEBOOK_LM_READY - - NOTEBOOK_LM_NOT_ENABLED - GoogleCloudDiscoveryengineV1alphaSingleRegionKey: - id: GoogleCloudDiscoveryengineV1alphaSingleRegionKey - description: Metadata for single-regional CMEKs. + $ref: '#/components/schemas/GoogleRpcStatus' type: object + id: GoogleCloudDiscoveryengineV1alphaConnectorRunEntityRun + description: Represents an entity that was synced in this ConnectorRun. + GoogleCloudDiscoveryengineV1UserInfo: + id: GoogleCloudDiscoveryengineV1UserInfo properties: - kmsKey: - description: >- - Required. Single-regional kms key resource name which will be used - to encrypt resources - `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{keyId}`. + timeZone: type: string - GoogleCloudDiscoveryengineV1alphaCollection: - id: GoogleCloudDiscoveryengineV1alphaCollection - description: >- - Collection is a container for configuring resources and access to a set - of DataStores. - type: object - properties: - name: - description: >- - Immutable. The full resource name of the Collection. Format: - `projects/{project}/locations/{location}/collections/{collection_id}`. - This field must be a UTF-8 encoded string with a length limit of - 1024 characters. + description: Optional. IANA time zone, e.g. Europe/Budapest. + userId: type: string - displayName: description: >- - Required. The Collection display name. This field must be a UTF-8 - encoded string with a length limit of 128 characters. Otherwise, an - INVALID_ARGUMENT error is returned. - type: string - dataConnector: + Highly recommended for logged-in users. Unique identifier for + logged-in user, such as a user name. Don't set for anonymous users. + Always use a hashed value for this ID. Don't set the field to the + same fixed ID for different users. This mixes the event history of + those users together, which results in degraded model quality. The + field must be a UTF-8 encoded string with a length limit of 128 + characters. Otherwise, an `INVALID_ARGUMENT` error is returned. + userAgent: description: >- - Output only. The data connector, if present, manages the connection - for data stores in the Collection. To set up the connector, use - DataConnectorService.SetUpDataConnector method, which creates a new - Collection while setting up the DataConnector singleton resource. - Setting up connector on an existing Collection is not supported. - This output only field contains a subset of the DataConnector - fields, including `name`, `data_source`, `entities.entity_name` and - `entities.data_store`. To get more details about a data connector, - use the DataConnectorService.GetDataConnector method. - readOnly: true - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaDataConnector' - createTime: - description: Output only. Timestamp the Collection was created at. - readOnly: true + User agent as included in the HTTP header. The field must be a UTF-8 + encoded string with a length limit of 1,000 characters. Otherwise, + an `INVALID_ARGUMENT` error is returned. This should not be set when + using the client side event reporting with GTM or JavaScript tag in + UserEventService.CollectUserEvent or if + UserEvent.direct_user_request is set. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaDataConnector: - id: GoogleCloudDiscoveryengineV1alphaDataConnector - description: >- - Manages the connection to external data sources for all data stores - grouped under a Collection. It's a singleton resource of Collection. The - initialization is only supported through - DataConnectorService.SetUpDataConnector method, which will create a new - Collection and initialize its DataConnector. + description: Information of an end user. type: object + GoogleCloudDiscoveryengineV1FetchSitemapsResponseSitemapMetadata: + id: GoogleCloudDiscoveryengineV1FetchSitemapsResponseSitemapMetadata properties: - name: - description: >- - Output only. The full resource name of the Data Connector. Format: - `projects/*/locations/*/collections/*/dataConnector`. - readOnly: true + sitemap: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Sitemap' + description: The Sitemap. + description: Contains a Sitemap and its metadata. + type: object + GoogleCloudDiscoveryengineV1alphaImportDocumentsMetadata: + id: GoogleCloudDiscoveryengineV1alphaImportDocumentsMetadata + type: object + properties: + createTime: type: string - state: - description: Output only. State of the connector. - readOnly: true + format: google-datetime + description: Operation create time. + failureCount: type: string - enumDescriptions: - - Default value. - - The connector is being set up. - - The connector is successfully set up and awaiting next sync run. - - >- - The connector is in error. The error details can be found in - DataConnector.errors. If the error is unfixable, the DataConnector - can be deleted by [CollectionService.DeleteCollection] API. - - The connector is actively syncing records from the data source. - - >- - The connector has completed a sync run, but encountered non-fatal - errors. - - >- - Connector initialization failed. Potential causes include runtime - errors or issues in the asynchronous pipeline, preventing the - request from reaching downstream services (except for some - connector types). - - Connector is in the process of an update. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - FAILED - - RUNNING - - WARNING - - INITIALIZATION_FAILED - - UPDATING - dataSource: + description: Count of entries that encountered errors while processing. + format: int64 + updateTime: description: >- - Required. The name of the data source. Supported values: - `salesforce`, `jira`, `confluence`, `bigquery`. + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + type: string + successCount: + type: string + description: Count of entries that were processed successfully. + format: int64 + totalCount: + description: Total count of entries that were processed. + format: int64 + type: string + description: >- + Metadata related to the progress of the ImportDocuments operation. This + is returned by the google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1FirestoreSource: + properties: + databaseId: type: string - params: description: >- - Required. Params needed to access the source in the format of (Key, - Value) pairs. Required parameters for all data sources: * Key: - `instance_uri` * Value: type STRING. The uri to access the data - source. Required parameters for sources that support OAUTH, i.e. - `salesforce`: * Key: `client_id` * Value: type STRING. The client ID - for the third party service provider to identify your application. * - Key: `client_secret` * Value:type STRING. The client secret - generated by the third party authorization server. * Key: - `access_token` * Value: type STRING. OAuth token for UCS to access - to the protected resource. * Key: `refresh_token` * Value: type - STRING. OAuth refresh token for UCS to obtain a new access token - without user interaction. Required parameters for sources that - support basic API token auth, i.e. `jira`, `confluence`: * Key: - `user_account` * Value: type STRING. The username or email with the - source. * Key: `api_token` * Value: type STRING. The API token - generated for the source account, that is used for authenticating - anywhere where you would have used a password. Example: ```json { - "instance_uri": "https://xxx.atlassian.net", "user_account": - "xxxx.xxx@xxx.com", "api_token": "test-token" } ``` Optional - parameter to specify the authorization type to use for multiple - authorization types support: * Key: `auth_type` * Value: type - STRING. The authorization type for the data source. Supported - values: `BASIC_AUTH`, `OAUTH`, `OAUTH_ACCESS_TOKEN`, - `OAUTH_TWO_LEGGED`, `OAUTH_JWT_BEARER`, `OAUTH_PASSWORD_GRANT`, - `JWT`, `API_TOKEN`, `FEDERATED_CREDENTIAL`. - type: object - additionalProperties: - type: any - description: Properties of the object. - refreshInterval: + Required. The Firestore database to copy the data from with a length + limit of 256 characters. + projectId: description: >- - Required. The refresh interval for data sync. If duration is set to - 0, the data will be synced in real time. The streaming feature is - not supported yet. The minimum is 30 minutes and maximum is 7 days. - When the refresh interval is set to the same value as the - incremental refresh interval, incremental sync will be disabled. + The project ID that the Cloud SQL source is in with a length limit + of 128 characters. If not specified, inherits the project ID from + the parent request. type: string - format: google-duration - nextSyncTime: + gcsStagingDir: description: >- - Defines the scheduled time for the next data synchronization. This - field requires hour , minute, and time_zone from the [IANA Time Zone - Database](https://www.iana.org/time-zones). This is utilized when - the data connector has a refresh interval greater than 1 day. When - the hours or minutes are not specified, we will assume a sync time - of 0:00. The user must provide a time zone to avoid ambiguity. - $ref: '#/components/schemas/GoogleTypeDateTime' - entities: - description: List of entities from the connected data source to ingest. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaDataConnectorSourceEntity - createTime: - description: Output only. Timestamp the DataConnector was created at. - readOnly: true + Intermediate Cloud Storage directory used for the import with a + length limit of 2,000 characters. Can be specified if one wants to + have the Firestore export to a specific Cloud Storage directory. + Ensure that the Firestore service account has the necessary Cloud + Storage Admin permissions to access the specified Cloud Storage + directory. type: string - format: google-datetime - latestPauseTime: + collectionId: description: >- - Output only. The most recent timestamp when this DataConnector was - paused, affecting all functionalities such as data synchronization. - Pausing a connector has the following effects: - All - functionalities, including data synchronization, are halted. - Any - ongoing data synchronization job will be canceled. - No future data - synchronization runs will be scheduled nor can be triggered. - readOnly: true + Required. The Firestore collection (or entity) to copy the data from + with a length limit of 1,500 characters. type: string + description: Firestore source import data from. + id: GoogleCloudDiscoveryengineV1FirestoreSource + type: object + GoogleCloudDiscoveryengineV1alphaUpdateCollectionMetadata: + description: >- + Metadata related to the progress of the + CollectionService.UpdateCollection operation. This will be returned by + the google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1alphaUpdateCollectionMetadata + properties: + createTime: format: google-datetime - lastSyncTime: - description: >- - Output only. For periodic connectors only, the last time a data sync - was completed. - readOnly: true + description: Operation create time. type: string - format: google-datetime updateTime: - description: Output only. Timestamp the DataConnector was last updated. - readOnly: true type: string format: google-datetime - errors: description: >- - Output only. The errors from initialization or from the latest - connector run. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - syncMode: - description: The data synchronization mode supported by the data connector. + Operation last update time. If the operation is done, this is also + the finish time. + type: object + GoogleCloudDiscoveryengineV1betaSetDedicatedCrawlRateMetadata: + id: GoogleCloudDiscoveryengineV1betaSetDedicatedCrawlRateMetadata + type: object + properties: + createTime: + format: google-datetime + description: Operation create time. type: string - enumDescriptions: - - >- - The connector will sync data periodically based on the - refresh_interval. Use it with auto_run_disabled to pause the - periodic sync, or indicate a one-time sync. - - The data will be synced in real time. - - Connector that doesn't ingest data will have this value - enum: - - PERIODIC - - STREAMING - - UNSPECIFIED - kmsKeyName: + updateTime: + format: google-datetime description: >- - Input only. The KMS key to be used to protect the DataStores managed - by this connector. Must be set for requests that need to comply with - CMEK Org Policy protections. If this field is set and processed - successfully, the DataStores created by this connector will be - protected by the KMS key. + Operation last update time. If the operation is done, this is also + the finish time. type: string - destinationConfigs: - description: >- - Optional. Any target destinations used to connect to third-party - services. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaDestinationConfig - actionState: - description: >- - Output only. State of the action connector. This reflects whether - the action connector is initializing, active or has encountered - errors. - readOnly: true - type: string - enumDescriptions: - - Default value. - - The connector is being set up. - - The connector is successfully set up and awaiting next sync run. - - >- - The connector is in error. The error details can be found in - DataConnector.errors. If the error is unfixable, the DataConnector - can be deleted by [CollectionService.DeleteCollection] API. - - The connector is actively syncing records from the data source. - - >- - The connector has completed a sync run, but encountered non-fatal - errors. - - >- - Connector initialization failed. Potential causes include runtime - errors or issues in the asynchronous pipeline, preventing the - request from reaching downstream services (except for some - connector types). - - Connector is in the process of an update. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - FAILED - - RUNNING - - WARNING - - INITIALIZATION_FAILED - - UPDATING - actionConfig: - description: >- - Optional. Action configurations to make the connector support - actions. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaActionConfig' - endUserConfig: - description: >- - Optional. Any params and credentials used specifically for EUA - connectors. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaDataConnectorEndUserConfig - connectorModes: - description: >- - Optional. The modes enabled for this connector. Default state is - CONNECTOR_MODE_UNSPECIFIED. - type: array - items: - type: string - enumDescriptions: - - Connector mode unspecified. - - Connector utilized for data ingestion. - - Connector utilized for actions. - - Connector utilized for federated search. - - Connector utilized for End User Authentication. - - >- - Hybrid connector utilized for federated search and End User - Authentication. - enum: - - CONNECTOR_MODE_UNSPECIFIED - - DATA_INGESTION - - ACTIONS - - FEDERATED - - EUA - - FEDERATED_AND_EUA - staticIpEnabled: - description: >- - Optional. Whether customer has enabled static IP addresses for this - connector. - type: boolean - staticIpAddresses: - description: Output only. The static IP addresses used by this connector. - readOnly: true - type: array + description: >- + Metadata related to the progress of the + CrawlRateManagementService.SetDedicatedCrawlRate operation. This will be + returned by the google.longrunning.Operation.metadata field. + GoogleRpcStatus: + properties: + details: items: - type: string - blockingReasons: - description: >- - Output only. User actions that must be completed before the - connector can start syncing data. - readOnly: true + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object type: array - items: - type: string - enumDescriptions: - - Default value. - - Connector requires customer to allowlist static IPs. - - >- - Connector requires customer to allowlist our project in their - service attachment. - enum: - - BLOCKING_REASON_UNSPECIFIED - - ALLOWLIST_STATIC_IP - - ALLOWLIST_IN_SERVICE_ATTACHMENT - identityRefreshInterval: description: >- - The refresh interval to sync the Access Control List information for - the documents ingested by this connector. If not set, the access - control list will be refreshed at the default interval of 30 - minutes. The identity refresh interval can be at least 30 minutes - and at most 7 days. - deprecated: true + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + message: type: string - format: google-duration - identityScheduleConfig: - description: >- - The configuration for the identity data synchronization runs. This - contains the refresh interval to sync the Access Control List - information for the documents ingested by this connector. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaIdentityScheduleConfig - privateConnectivityProjectId: description: >- - Output only. The tenant project ID associated with private - connectivity connectors. This project must be allowlisted by in - order for the connector to function. - readOnly: true - type: string - bapConfig: - description: Optional. The configuration for establishing a BAP connection. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaBAPConfig' - connectorType: + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + format: int32 + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + id: GoogleRpcStatus + type: object + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + GoogleCloudDiscoveryengineV1alphaAclConfig: + id: GoogleCloudDiscoveryengineV1alphaAclConfig + description: Access Control Configuration. + properties: + idpConfig: + description: Identity provider config. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaIdpConfig' + name: description: >- - Output only. The type of connector. Each source can only map to one - type. For example, salesforce, confluence and jira have THIRD_PARTY - connector type. It is not mutable once set by system. - readOnly: true - type: string - enumDescriptions: - - Default value. - - Third party connector to connector to third party application. - - Data connector connects between FHIR store and VAIS datastore. - - Big query connector. - - Google Cloud Storage connector. - - Gmail connector. - - Google Calendar connector. - - Google Drive connector. - - >- - Native Cloud Identity connector for people search powered by - People API. - - >- - Federated connector, it is a third party connector that doesn't - ingestion data, and search is powered by third party application's - API. - - Connector utilized for End User Authentication features. - - Google Cloud NetApp Volumes connector. - enum: - - CONNECTOR_TYPE_UNSPECIFIED - - THIRD_PARTY - - GCP_FHIR - - BIG_QUERY - - GCS - - GOOGLE_MAIL - - GOOGLE_CALENDAR - - GOOGLE_DRIVE - - NATIVE_CLOUD_IDENTITY - - THIRD_PARTY_FEDERATED - - THIRD_PARTY_EUA - - GCNV - realtimeState: - description: Output only. real-time sync state - readOnly: true + Immutable. The full resource name of the acl configuration. Format: + `projects/{project}/locations/{location}/aclConfig`. This field must + be a UTF-8 encoded string with a length limit of 1024 characters. type: string - enumDescriptions: - - Default value. - - The connector is being set up. - - The connector is successfully set up and awaiting next sync run. - - >- - The connector is in error. The error details can be found in - DataConnector.errors. If the error is unfixable, the DataConnector - can be deleted by [CollectionService.DeleteCollection] API. - - The connector is actively syncing records from the data source. - - >- - The connector has completed a sync run, but encountered non-fatal - errors. - - >- - Connector initialization failed. Potential causes include runtime - errors or issues in the asynchronous pipeline, preventing the - request from reaching downstream services (except for some - connector types). - - Connector is in the process of an update. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - FAILED - - RUNNING - - WARNING - - INITIALIZATION_FAILED - - UPDATING - alertPolicyConfigs: - description: Optional. The connector level alert config. + type: object + GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaData: + properties: + chunkInfo: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaDataChunkInfo + description: Chunk information. + type: object + id: GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaData + description: End user metadata. + GoogleCloudDiscoveryengineV1ListIdentityMappingsResponse: + id: GoogleCloudDiscoveryengineV1ListIdentityMappingsResponse + properties: + identityMappingEntries: type: array + description: The Identity Mapping Entries. items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAlertPolicyConfig - realtimeSyncConfig: - description: Optional. The configuration for realtime sync. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaDataConnectorRealtimeSyncConfig - aclEnabled: - description: >- - Optional. Whether the connector will be created with an ACL config. - Currently this field only affects Cloud Storage and BigQuery - connectors. - type: boolean - createEuaSaas: - description: >- - Optional. Whether the END USER AUTHENTICATION connector is created - in SaaS. - type: boolean - autoRunDisabled: - description: >- - Optional. Indicates whether the connector is disabled for auto run. - It can be used to pause periodical and real time sync. Update: with - the introduction of incremental_sync_disabled, auto_run_disabled is - used to pause/disable only full syncs - type: boolean - incrementalSyncDisabled: - description: >- - Optional. Indicates whether incremental syncs are paused for this - connector. This is independent of auto_run_disabled. Applicable to - only 3P connectors. When the refresh interval is set to the same - value as the incremental refresh interval, incremental sync will be - disabled, i.e. set to true. - type: boolean - incrementalRefreshInterval: + #/components/schemas/GoogleCloudDiscoveryengineV1IdentityMappingEntry + nextPageToken: description: >- - Optional. The refresh interval specifically for incremental data - syncs. If unset, incremental syncs will use the default from env, - set to 3hrs. The minimum is 30 minutes and maximum is 7 days. - Applicable to only 3P connectors. When the refresh interval is set - to the same value as the incremental refresh interval, incremental - sync will be disabled. + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. type: string - format: google-duration - hybridIngestionDisabled: - description: >- - Optional. If the connector is a hybrid connector, determines whether - ingestion is enabled and appropriate resources are provisioned - during connector creation. If the connector is not a hybrid - connector, this field is ignored. - type: boolean - GoogleTypeDateTime: - id: GoogleTypeDateTime - description: >- - Represents civil time (or occasionally physical time). This type can - represent a civil time in one of a few possible ways: * When utc_offset - is set and time_zone is unset: a civil time on a calendar day with a - particular offset from UTC. * When time_zone is set and utc_offset is - unset: a civil time on a calendar day in a particular time zone. * When - neither time_zone nor utc_offset is set: a civil time on a calendar day - in local time. The date is relative to the Proleptic Gregorian Calendar. - If year, month, or day are 0, the DateTime is considered not to have a - specific year, month, or day respectively. This type may also be used to - represent a physical time if all the date and time fields are set and - either case of the `time_offset` oneof is set. Consider using - `Timestamp` message for physical time instead. If your use case also - would like to store the user's timezone, that can be done in another - field. This type is more flexible than some applications may want. Make - sure to document and validate your application's limitations. + description: Response message for IdentityMappingStoreService.ListIdentityMappings type: object + GoogleCloudDiscoveryengineV1alphaAlertPolicyConfig: properties: - year: - description: >- - Optional. Year of date. Must be from 1 to 9999, or 0 if specifying a - datetime without a year. - type: integer - format: int32 - month: - description: >- - Optional. Month of year. Must be from 1 to 12, or 0 if specifying a - datetime without a month. - type: integer - format: int32 - day: - description: >- - Optional. Day of month. Must be from 1 to 31 and valid for the year - and month, or 0 if specifying a datetime without a day. - type: integer - format: int32 - hours: - description: >- - Optional. Hours of day in 24 hour format. Should be from 0 to 23, - defaults to 0 (midnight). An API may choose to allow the value - "24:00:00" for scenarios like business closing time. - type: integer - format: int32 - minutes: - description: >- - Optional. Minutes of hour of day. Must be from 0 to 59, defaults to - 0. - type: integer - format: int32 - seconds: - description: >- - Optional. Seconds of minutes of the time. Must normally be from 0 to - 59, defaults to 0. An API may allow the value 60 if it allows - leap-seconds. - type: integer - format: int32 - nanos: - description: >- - Optional. Fractions of seconds in nanoseconds. Must be from 0 to - 999,999,999, defaults to 0. - type: integer - format: int32 - utcOffset: - description: >- - UTC offset. Must be whole seconds, between -18 hours and +18 hours. - For example, a UTC offset of -4:00 would be represented as { - seconds: -14400 }. + alertPolicyName: + description: Immutable. The fully qualified resource name of the AlertPolicy. type: string - format: google-duration - timeZone: - description: Time zone. - $ref: '#/components/schemas/GoogleTypeTimeZone' - GoogleTypeTimeZone: - id: GoogleTypeTimeZone - description: >- - Represents a time zone from the [IANA Time Zone - Database](https://www.iana.org/time-zones). + alertEnrollments: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAlertPolicyConfigAlertEnrollment + description: Optional. The enrollment states of each alert. + description: The connector level alert config. + id: GoogleCloudDiscoveryengineV1alphaAlertPolicyConfig type: object + GoogleCloudDiscoveryengineV1betaDataStoreBillingEstimation: + id: GoogleCloudDiscoveryengineV1betaDataStoreBillingEstimation properties: - id: - description: IANA Time Zone Database time zone. For example "America/New_York". + websiteDataUpdateTime: type: string - version: - description: >- - Optional. IANA Time Zone Database version number. For example - "2019a". + description: Last updated timestamp for websites. + format: google-datetime + websiteDataSize: + format: int64 + description: Data size for websites in terms of bytes. type: string - GoogleCloudDiscoveryengineV1alphaDataConnectorSourceEntity: - id: GoogleCloudDiscoveryengineV1alphaDataConnectorSourceEntity + structuredDataSize: + description: Data size for structured data in terms of bytes. + format: int64 + type: string + unstructuredDataSize: + format: int64 + description: Data size for unstructured data in terms of bytes. + type: string + structuredDataUpdateTime: + type: string + description: Last updated timestamp for structured data. + format: google-datetime + unstructuredDataUpdateTime: + description: Last updated timestamp for unstructured data. + format: google-datetime + type: string + description: Estimation of data size per data store. + type: object + GoogleCloudDiscoveryengineV1DataConnectorSourceEntity: description: >- Represents an entity in the data source. For example, the `Account` object in Salesforce. - type: object + id: GoogleCloudDiscoveryengineV1DataConnectorSourceEntity properties: entityName: description: >- @@ -11886,36 +12215,22 @@ components: `Contract`, `Campaign` * Jira: `Issue` * Confluence: `Content`, `Space` type: string + healthcareFhirConfig: + description: Optional. Configuration for `HEALTHCARE_FHIR` vertical. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1HealthcareFhirConfig keyPropertyMappings: + type: object description: >- Attributes for indexing. Key: Field name. Value: The key property to map a field to, such as `title`, and `description`. Supported key properties: * `title`: The title for data record. This would be displayed on search results. * `description`: The description for data record. This would be displayed on search results. - type: object additionalProperties: type: string - dataStore: - description: >- - Output only. The full resource name of the associated data store for - the source entity. Format: - `projects/*/locations/*/collections/*/dataStores/*`. When the - connector is initialized by the - DataConnectorService.SetUpDataConnector method, a DataStore is - automatically created for each source entity. - readOnly: true - type: string - params: - description: >- - The parameters for the entity to facilitate data ingestion. E.g. for - BigQuery connectors: * Key: `document_id_column` * Value: type - STRING. The value of the column ID. - type: object - additionalProperties: - type: any - description: Properties of the object. startingSchema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Schema' description: >- Optional. The start schema to use for the DataStore created from this SourceEntity. If unset, a default vertical specialized schema @@ -11926,3501 +12241,4010 @@ components: provided schema will be validated against certain rules on schema. Learn more from [this doc](https://cloud.google.com/generative-ai-app-builder/docs/provide-schema). - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaSchema' - healthcareFhirConfig: - description: Optional. Configuration for `HEALTHCARE_FHIR` vertical. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaHealthcareFhirConfig - GoogleCloudDiscoveryengineV1alphaSchema: - id: GoogleCloudDiscoveryengineV1alphaSchema - description: Defines the structure and layout of a type of document data. - type: object - properties: - structSchema: - description: The structured representation of the schema. - type: object + params: additionalProperties: - type: any description: Properties of the object. - jsonSchema: - description: The JSON representation of the schema. - type: string - name: + type: any description: >- - Immutable. The full resource name of the schema, in the format of - `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/schemas/{schema}`. - This field must be a UTF-8 encoded string with a length limit of - 1024 characters. + The parameters for the entity to facilitate data ingestion in + structured json format. + type: object + dataStore: + description: >- + Output only. The full resource name of the associated data store for + the source entity. Format: + `projects/*/locations/*/collections/*/dataStores/*`. When the + connector is initialized by the + DataConnectorService.SetUpDataConnector method, a DataStore is + automatically created for each source entity. type: string - fieldConfigs: - description: Output only. Configurations for fields of the schema. readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaFieldConfig' - GoogleCloudDiscoveryengineV1alphaFieldConfig: - id: GoogleCloudDiscoveryengineV1alphaFieldConfig - description: >- - Configurations for fields of a schema. For example, configuring a field - is indexable, or searchable. + jsonParams: + type: string + description: >- + The parameters for the entity to facilitate data ingestion in json + string format. type: object + GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfigOcrParsingConfig: + description: The OCR parsing configurations for documents. + id: >- + GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfigOcrParsingConfig properties: - fieldPath: + enhancedDocumentElements: description: >- - Required. Field path of the schema field. For example: `title`, - `description`, `release_info.release_year`. + [DEPRECATED] This field is deprecated. To use the additional + enhanced document elements processing, please switch to + `layout_parsing_config`. + items: + type: string + deprecated: true + type: array + useNativeText: + type: boolean + description: >- + If true, will use native text instead of OCR text on pages + containing native text. + type: object + GoogleCloudDiscoveryengineV1alphaPurgeSuggestionDenyListEntriesMetadata: + type: object + properties: + createTime: + format: google-datetime type: string - fieldType: - description: Output only. Raw type of the field. - readOnly: true - type: string - enumDescriptions: - - Field type is unspecified. - - Field value type is Object. - - Field value type is String. - - Field value type is Number. - - Field value type is Integer. - - Field value type is Boolean. - - >- - Field value type is Geolocation. Geolocation is expressed as an - object with the following keys: * `id`: a string representing the - location id * `longitude`: a number representing the longitude - coordinate of the location * `latitude`: a number repesenting the - latitude coordinate of the location * `address`: a string - representing the full address of the location `latitude` and - `longitude` must always be provided together. At least one of a) - `address` or b) `latitude`-`longitude` pair must be provided. - - >- - Field value type is Datetime. Datetime can be expressed as either: - * a number representing milliseconds-since-the-epoch * a string - representing milliseconds-since-the-epoch. e.g. `"1420070400001"` - * a string representing the [ISO - 8601](https://en.wikipedia.org/wiki/ISO_8601) date or date and - time. e.g. `"2015-01-01"` or `"2015-01-01T12:10:30Z"` - enum: - - FIELD_TYPE_UNSPECIFIED - - OBJECT - - STRING - - NUMBER - - INTEGER - - BOOLEAN - - GEOLOCATION - - DATETIME - indexableOption: - description: >- - If indexable_option is INDEXABLE_ENABLED, field values are indexed - so that it can be filtered or faceted in SearchService.Search. If - indexable_option is unset, the server behavior defaults to - INDEXABLE_DISABLED for fields that support setting indexable - options. For those fields that do not support setting indexable - options, such as `object` and `boolean` and key properties, the - server will skip indexable_option setting, and setting - indexable_option for those fields will throw `INVALID_ARGUMENT` - error. - type: string - enumDescriptions: - - Value used when unset. - - Indexable option enabled for a schema field. - - Indexable option disabled for a schema field. - enum: - - INDEXABLE_OPTION_UNSPECIFIED - - INDEXABLE_ENABLED - - INDEXABLE_DISABLED - dynamicFacetableOption: - description: >- - If dynamic_facetable_option is DYNAMIC_FACETABLE_ENABLED, field - values are available for dynamic facet. Could only be - DYNAMIC_FACETABLE_DISABLED if FieldConfig.indexable_option is - INDEXABLE_DISABLED. Otherwise, an `INVALID_ARGUMENT` error will be - returned. If dynamic_facetable_option is unset, the server behavior - defaults to DYNAMIC_FACETABLE_DISABLED for fields that support - setting dynamic facetable options. For those fields that do not - support setting dynamic facetable options, such as `object` and - `boolean`, the server will skip dynamic facetable option setting, - and setting dynamic_facetable_option for those fields will throw - `INVALID_ARGUMENT` error. - type: string - enumDescriptions: - - Value used when unset. - - Dynamic facetable option enabled for a schema field. - - Dynamic facetable option disabled for a schema field. - enum: - - DYNAMIC_FACETABLE_OPTION_UNSPECIFIED - - DYNAMIC_FACETABLE_ENABLED - - DYNAMIC_FACETABLE_DISABLED - searchableOption: - description: >- - If searchable_option is SEARCHABLE_ENABLED, field values are - searchable by text queries in SearchService.Search. If - SEARCHABLE_ENABLED but field type is numerical, field values will - not be searchable by text queries in SearchService.Search, as there - are no text values associated to numerical fields. If - searchable_option is unset, the server behavior defaults to - SEARCHABLE_DISABLED for fields that support setting searchable - options. Only `string` fields that have no key property mapping - support setting searchable_option. For those fields that do not - support setting searchable options, the server will skip searchable - option setting, and setting searchable_option for those fields will - throw `INVALID_ARGUMENT` error. - type: string - enumDescriptions: - - Value used when unset. - - Searchable option enabled for a schema field. - - Searchable option disabled for a schema field. - enum: - - SEARCHABLE_OPTION_UNSPECIFIED - - SEARCHABLE_ENABLED - - SEARCHABLE_DISABLED - retrievableOption: - description: >- - If retrievable_option is RETRIEVABLE_ENABLED, field values are - included in the search results. If retrievable_option is unset, the - server behavior defaults to RETRIEVABLE_DISABLED for fields that - support setting retrievable options. For those fields that do not - support setting retrievable options, such as `object` and `boolean`, - the server will skip retrievable option setting, and setting - retrievable_option for those fields will throw `INVALID_ARGUMENT` - error. - type: string - enumDescriptions: - - Value used when unset. - - Retrievable option enabled for a schema field. - - Retrievable option disabled for a schema field. - enum: - - RETRIEVABLE_OPTION_UNSPECIFIED - - RETRIEVABLE_ENABLED - - RETRIEVABLE_DISABLED - completableOption: - description: >- - If completable_option is COMPLETABLE_ENABLED, field values are - directly used and returned as suggestions for Autocomplete in - CompletionService.CompleteQuery. If completable_option is unset, the - server behavior defaults to COMPLETABLE_DISABLED for fields that - support setting completable options, which are just `string` fields. - For those fields that do not support setting completable options, - the server will skip completable option setting, and setting - completable_option for those fields will throw `INVALID_ARGUMENT` - error. - type: string - enumDescriptions: - - Value used when unset. - - Completable option enabled for a schema field. - - Completable option disabled for a schema field. - enum: - - COMPLETABLE_OPTION_UNSPECIFIED - - COMPLETABLE_ENABLED - - COMPLETABLE_DISABLED - recsFilterableOption: - description: >- - If recs_filterable_option is FILTERABLE_ENABLED, field values are - filterable by filter expression in RecommendationService.Recommend. - If FILTERABLE_ENABLED but the field type is numerical, field values - are not filterable by text queries in - RecommendationService.Recommend. Only textual fields are supported. - If recs_filterable_option is unset, the default setting is - FILTERABLE_DISABLED for fields that support setting filterable - options. When a field set to [FILTERABLE_DISABLED] is filtered, a - warning is generated and an empty result is returned. - type: string - enumDescriptions: - - Value used when unset. - - Filterable option enabled for a schema field. - - Filterable option disabled for a schema field. - enum: - - FILTERABLE_OPTION_UNSPECIFIED - - FILTERABLE_ENABLED - - FILTERABLE_DISABLED - keyPropertyType: + description: Operation create time. + updateTime: + format: google-datetime description: >- - Output only. Type of the key property that this field is mapped to. - Empty string if this is not annotated as mapped to a key property. - Example types are `title`, `description`. Full list is defined by - `keyPropertyMapping` in the schema field annotation. If the schema - field has a `KeyPropertyMapping` annotation, `indexable_option` and - `searchable_option` of this field cannot be modified. - readOnly: true + Operation last update time. If the operation is done, this is also + the finish time. type: string - advancedSiteSearchDataSources: - description: >- - If this field is set, only the corresponding source will be indexed - for this field. Otherwise, the values from different sources are - merged. Assuming a page with `` in meta tag, and `` in page map: if - this enum is set to METATAGS, we will only index ``; if this enum is - not set, we will merge them and index ``. - type: array - items: - type: string - enumDescriptions: - - Value used when unset. - - Retrieve value from meta tag. - - Retrieve value from page map. - - >- - Retrieve value from the attributes set by - SiteSearchEngineService.SetUriPatternDocumentData API. - - Retrieve value from schema.org data. - enum: - - ADVANCED_SITE_SEARCH_DATA_SOURCE_UNSPECIFIED - - METATAGS - - PAGEMAP - - URI_PATTERN_MAPPING - - SCHEMA_ORG - schemaOrgPaths: + id: GoogleCloudDiscoveryengineV1alphaPurgeSuggestionDenyListEntriesMetadata + description: >- + Metadata related to the progress of the PurgeSuggestionDenyListEntries + operation. This is returned by the google.longrunning.Operation.metadata + field. + GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestBoostSpecConditionBoostSpec: + description: Boost applies to suggestions which match a condition. + id: >- + GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestBoostSpecConditionBoostSpec + properties: + boost: description: >- - Field paths for indexing custom attribute from schema.org data. More - details of schema.org and its defined types can be found at - [schema.org](https://schema.org). It is only used on advanced site - search schema. Currently only support full path from root. The full - path to a field is constructed by concatenating field names, - starting from `_root`, with a period `.` as the delimiter. Examples: - * Publish date of the root: _root.datePublished * Publish date of - the reviews: _root.review.datePublished - type: array - items: - type: string - metatagName: + Strength of the boost, which should be in [-1, 1]. Negative boost + means demotion. Default is 0.0. Setting to 1.0 gives the suggestions + a big promotion. However, it does not necessarily mean that the top + result will be a boosted suggestion. Setting to -1.0 gives the + suggestions a big demotion. However, other suggestions that are + relevant might still be shown. Setting to 0.0 means no boost + applied. The boosting condition is ignored. + type: number + format: float + condition: description: >- - Optional. The metatag name found in the HTML page. If user defines - this field, the value of this metatag name will be used to extract - metatag. If the user does not define this field, the - FieldConfig.field_path will be used to extract metatag. + An expression which specifies a boost condition. The syntax is the + same as [filter expression + syntax](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata#filter-expression-syntax). + Currently, the only supported condition is a list of BCP-47 lang + codes. Example: * To boost suggestions in languages `en` or `fr`: + `(lang_code: ANY("en", "fr"))` type: string - GoogleCloudDiscoveryengineV1alphaHealthcareFhirConfig: - id: GoogleCloudDiscoveryengineV1alphaHealthcareFhirConfig - description: Config to data store for `HEALTHCARE_FHIR` vertical. type: object + GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfig: + description: Related configurations applied to a specific type of document parser. properties: - enableConfigurableSchema: - description: >- - Whether to enable configurable schema for `HEALTHCARE_FHIR` - vertical. If set to `true`, the predefined healthcare fhir schema - can be extended for more customized searching and filtering. - type: boolean - enableStaticIndexingForBatchIngestion: + digitalParsingConfig: + description: Configurations applied to digital parser. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigDigitalParsingConfig + layoutParsingConfig: + description: Configurations applied to layout parser. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigLayoutParsingConfig + ocrParsingConfig: description: >- - Whether to enable static indexing for `HEALTHCARE_FHIR` batch - ingestion. If set to `true`, the batch ingestion will be processed - in a static indexing mode which is slower but more capable of - handling larger volume. - type: boolean - GoogleCloudDiscoveryengineV1alphaDestinationConfig: - id: GoogleCloudDiscoveryengineV1alphaDestinationConfig - description: Defines target endpoints used to connect to third-party sources. + Configurations applied to OCR parser. Currently it only applies to + PDFs. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigOcrParsingConfig type: object + id: GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfig + GoogleCloudDiscoveryengineV1betaDocumentProcessingConfig: properties: - key: + defaultParsingConfig: description: >- - Optional. Unique destination identifier that is supported by the - connector. - type: string - destinations: - description: Optional. The destinations for the corresponding key. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaDestinationConfigDestination - params: - description: Optional. Additional parameters for this destination config. + Configurations for default Document parser. If not specified, we + will configure it as default DigitalParsingConfig, and the default + parsing config will be applied to all file types for Document + parsing. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfig + chunkingConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigChunkingConfig + description: Whether chunking mode is enabled. + parsingConfigOverrides: type: object additionalProperties: - type: any - description: Properties of the object. - GoogleCloudDiscoveryengineV1alphaDestinationConfigDestination: - id: GoogleCloudDiscoveryengineV1alphaDestinationConfigDestination - description: Defines a target endpoint + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfig + description: >- + Map from file type to override the default parsing configuration + based on the file type. Supported keys: * `pdf`: Override parsing + config for PDF files, either digital parsing, ocr parsing or layout + parsing is supported. * `html`: Override parsing config for HTML + files, only digital parsing and layout parsing are supported. * + `docx`: Override parsing config for DOCX files, only digital parsing + and layout parsing are supported. * `pptx`: Override parsing config + for PPTX files, only digital parsing and layout parsing are + supported. * `xlsm`: Override parsing config for XLSM files, only + digital parsing and layout parsing are supported. * `xlsx`: Override + parsing config for XLSX files, only digital parsing and layout + parsing are supported. + name: + type: string + description: >- + The full resource name of the Document Processing Config. Format: + `projects/*/locations/*/collections/*/dataStores/*/documentProcessingConfig`. + id: GoogleCloudDiscoveryengineV1betaDocumentProcessingConfig + type: object + description: >- + A singleton resource of DataStore. If it's empty when DataStore is + created and DataStore is set to + DataStore.ContentConfig.CONTENT_REQUIRED, the default parser will + default to digital parser. + GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecMultiModalSpec: + id: >- + GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecMultiModalSpec type: object + description: >- + Multimodal specification: Will return an image from specified source. If + multiple sources are specified, the pick is a quality based decision. properties: - host: - description: Publicly routable host. + imageSource: type: string - port: - description: Optional. Target port number accepted by the destination. - type: integer - format: int32 - GoogleCloudDiscoveryengineV1alphaActionConfig: - id: GoogleCloudDiscoveryengineV1alphaActionConfig - description: Informations to support actions on the connector. + description: Optional. Source of image returned in the answer. + enumDescriptions: + - >- + Unspecified image source (multimodal feature is disabled by + default). + - >- + Behavior when service determines the pick from all available + sources. + - Includes image from corpus in the answer. + - Triggers figure generation in the answer. + enum: + - IMAGE_SOURCE_UNSPECIFIED + - ALL_AVAILABLE_SOURCES + - CORPUS_IMAGE_ONLY + - FIGURE_GENERATION_ONLY + GoogleCloudDiscoveryengineV1alphaConditionTimeRange: + id: GoogleCloudDiscoveryengineV1alphaConditionTimeRange + description: Used for time-dependent conditions. + properties: + endTime: + format: google-datetime + description: End of time range. Range is inclusive. Must be in the future. + type: string + startTime: + description: Start of time range. Range is inclusive. + format: google-datetime + type: string + type: object + GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSnippetSpec: + id: >- + GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSnippetSpec + description: A specification for configuring snippets in a search response. type: object properties: - isActionConfigured: - description: >- - Output only. The connector contains the necessary parameters and is - configured to support actions. - readOnly: true + returnSnippet: type: boolean - actionParams: description: >- - Required. Params needed to support actions in the format of (Key, - Value) pairs. Required parameters for sources that support OAUTH, - i.e. `gmail`, `google_calendar`, `jira`, `workday`, `salesforce`, - `confluence`: * Key: `client_id` * Value: type STRING. The client ID - for the service provider to identify your application. * Key: - `client_secret` * Value:type STRING. The client secret generated by - the application's authorization server. - type: object - additionalProperties: - type: any - description: Properties of the object. - serviceName: + If `true`, then return snippet. If no snippet can be generated, we + return "No snippet is available for this page." A `snippet_status` + with `SUCCESS` or `NO_SNIPPET_AVAILABLE` will also be returned. + maxSnippetCount: description: >- - Optional. The Service Directory resource name - (projects/*/locations/*/namespaces/*/services/*) representing a VPC - network endpoint used to connect to the data source's - `instance_uri`, defined in DataConnector.params. Required when VPC - Service Controls are enabled. - type: string - useStaticSecrets: + [DEPRECATED] This field is deprecated. To control snippet return, + use `return_snippet` field. For backwards compatibility, we will + return snippet if max_snippet_count > 0. + format: int32 + type: integer + deprecated: true + referenceOnly: + deprecated: true description: >- - Optional. Whether to use static secrets for the connector. If true, - the secrets provided in the action_params will be ignored. + [DEPRECATED] This field is deprecated and will have no affect on the + snippet. type: boolean - GoogleCloudDiscoveryengineV1alphaDataConnectorEndUserConfig: - id: GoogleCloudDiscoveryengineV1alphaDataConnectorEndUserConfig - description: Any params and credentials used specifically for EUA connectors. - type: object + GoogleCloudDiscoveryengineV1AnswerQueryRequestRelatedQuestionsSpec: properties: - authParams: - description: Optional. Any authentication parameters specific to EUA connectors. - type: object - additionalProperties: - type: any - description: Properties of the object. - additionalParams: - description: Optional. Any additional parameters needed for EUA. - type: object - additionalProperties: - type: any - description: Properties of the object. - tenant: - description: Optional. The tenant project the connector is connected to. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaTenant' - GoogleCloudDiscoveryengineV1alphaTenant: - id: GoogleCloudDiscoveryengineV1alphaTenant - description: >- - Tenant information for a connector source. This includes some of the - same information stored in the Credential message, but is limited to - only what is needed to provide a list of accessible tenants to the user. + enable: + description: Enable related questions feature if true. + type: boolean type: object - properties: - id: - description: >- - The tenant's instance ID. Examples: Jira - ("8594f221-9797-5f78-1fa4-485e198d7cd0"), Slack ("T123456"). - type: string - uri: - description: >- - The URI of the tenant, if applicable. For example, the URI of a Jira - instance is https://my-jira-instance.atlassian.net, and a Slack - tenant does not have a URI. - type: string - displayName: - description: Optional display name for the tenant, e.g. "My Slack Team". - type: string - GoogleCloudDiscoveryengineV1alphaIdentityScheduleConfig: - id: GoogleCloudDiscoveryengineV1alphaIdentityScheduleConfig - description: The configuration for the identity data synchronization runs. + description: Related questions specification. + id: GoogleCloudDiscoveryengineV1AnswerQueryRequestRelatedQuestionsSpec + GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSnippetSpec: + description: A specification for configuring snippets in a search response. + id: >- + GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSnippetSpec type: object properties: - refreshInterval: + referenceOnly: + type: boolean + deprecated: true description: >- - Optional. The refresh interval to sync the Access Control List - information for the documents ingested by this connector. If not - set, the access control list will be refreshed at the default - interval of 30 minutes. The identity refresh interval can be at - least 30 minutes and at most 7 days. - type: string - format: google-duration - nextSyncTime: + [DEPRECATED] This field is deprecated and will have no affect on the + snippet. + returnSnippet: + type: boolean description: >- - Optional. The UTC time when the next data sync is expected to start - for the Data Connector. Customers are only able to specify the hour - and minute to schedule the data sync. This is utilized when the data - connector has a refresh interval greater than 1 day. - $ref: '#/components/schemas/GoogleTypeDateTime' - GoogleCloudDiscoveryengineV1alphaBAPConfig: - id: GoogleCloudDiscoveryengineV1alphaBAPConfig - description: The configuration for the BAP connector. + If `true`, then return snippet. If no snippet can be generated, we + return "No snippet is available for this page." A `snippet_status` + with `SUCCESS` or `NO_SNIPPET_AVAILABLE` will also be returned. + maxSnippetCount: + type: integer + description: >- + [DEPRECATED] This field is deprecated. To control snippet return, + use `return_snippet` field. For backwards compatibility, we will + return snippet if max_snippet_count > 0. + format: int32 + deprecated: true + GoogleCloudDiscoveryengineV1alphaAnswerReference: type: object properties: - supportedConnectorModes: - description: >- - Required. The supported connector modes for the associated BAP - connection. - type: array - items: - type: string - enumDescriptions: - - Connector mode unspecified. - - Connector utilized for data ingestion. - - Connector utilized for Actions - - Connector utilized for End User Authentication. - enum: - - CONNECTOR_MODE_UNSPECIFIED - - DATA_INGESTION - - ACTIONS - - END_USER_AUTHENTICATION - GoogleCloudDiscoveryengineV1alphaAlertPolicyConfig: - id: GoogleCloudDiscoveryengineV1alphaAlertPolicyConfig - description: The connector level alert config. - type: object - properties: - alertPolicyName: - description: Immutable. The fully qualified resource name of the AlertPolicy. - type: string - alertEnrollments: - description: Optional. The enrollment states of each alert. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAlertPolicyConfigAlertEnrollment - GoogleCloudDiscoveryengineV1alphaAlertPolicyConfigAlertEnrollment: - id: GoogleCloudDiscoveryengineV1alphaAlertPolicyConfigAlertEnrollment - description: The alert enrollment status. - type: object + unstructuredDocumentInfo: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerReferenceUnstructuredDocumentInfo + description: Unstructured document information. + structuredDocumentInfo: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerReferenceStructuredDocumentInfo + description: Structured document information. + chunkInfo: + description: Chunk information. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerReferenceChunkInfo + description: Reference. + id: GoogleCloudDiscoveryengineV1alphaAnswerReference + GoogleCloudDiscoveryengineV1AnswerQueryRequestSafetySpecSafetySetting: properties: - alertId: - description: Immutable. The id of an alert. - type: string - enrollState: - description: Required. The enrollment status of a customer. + threshold: + description: Required. The harm block threshold. type: string enumDescriptions: - - >- - Default value. Used for customers who have not responded to the - alert policy. - - Customer is enrolled in this policy. - - Customer declined this policy. + - Unspecified harm block threshold. + - Block low threshold and above (i.e. block more). + - Block medium threshold and above. + - Block only high threshold (i.e. block less). + - Block none. + - Turn off the safety filter. enum: - - ENROLL_STATES_UNSPECIFIED - - ENROLLED - - DECLINED - GoogleCloudDiscoveryengineV1alphaDataConnectorRealtimeSyncConfig: - id: GoogleCloudDiscoveryengineV1alphaDataConnectorRealtimeSyncConfig + - HARM_BLOCK_THRESHOLD_UNSPECIFIED + - BLOCK_LOW_AND_ABOVE + - BLOCK_MEDIUM_AND_ABOVE + - BLOCK_ONLY_HIGH + - BLOCK_NONE + - 'OFF' + category: + description: Required. Harm category. + enum: + - HARM_CATEGORY_UNSPECIFIED + - HARM_CATEGORY_HATE_SPEECH + - HARM_CATEGORY_DANGEROUS_CONTENT + - HARM_CATEGORY_HARASSMENT + - HARM_CATEGORY_SEXUALLY_EXPLICIT + - HARM_CATEGORY_CIVIC_INTEGRITY + enumDescriptions: + - The harm category is unspecified. + - The harm category is hate speech. + - The harm category is dangerous content. + - The harm category is harassment. + - The harm category is sexually explicit content. + - The harm category is civic integrity. + type: string + type: object + id: GoogleCloudDiscoveryengineV1AnswerQueryRequestSafetySpecSafetySetting + description: Safety settings. + GoogleCloudDiscoveryengineV1betaEvaluation: + id: GoogleCloudDiscoveryengineV1betaEvaluation description: >- - The configuration for realtime sync to store additional params for - realtime sync. + An evaluation is a single execution (or run) of an evaluation process. + It encapsulates the state of the evaluation and the resulting data. type: object properties: - webhookUri: + endTime: + format: google-datetime + readOnly: true + type: string + description: Output only. Timestamp the Evaluation was completed at. + evaluationSpec: + description: Required. The specification of the evaluation. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaEvaluationEvaluationSpec + qualityMetrics: + readOnly: true + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaQualityMetrics' description: >- - Optional. Webhook url for the connector to specify additional params - for realtime sync. + Output only. The metrics produced by the evaluation, averaged across + all SampleQuerys in the SampleQuerySet. Only populated when the + evaluation's state is SUCCEEDED. + errorSamples: + type: array + description: >- + Output only. A sample of errors encountered while processing the + request. + readOnly: true + items: + $ref: '#/components/schemas/GoogleRpcStatus' + name: type: string - realtimeSyncSecret: description: >- - Optional. The ID of the Secret Manager secret used for webhook - secret. + Identifier. The full resource name of the Evaluation, in the format + of + `projects/{project}/locations/{location}/evaluations/{evaluation}`. + This field must be a UTF-8 encoded string with a length limit of + 1024 characters. + createTime: + description: Output only. Timestamp the Evaluation was created at. + readOnly: true type: string - streamingError: - description: Optional. Streaming error details. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaDataConnectorRealtimeSyncConfigStreamingError - GoogleCloudDiscoveryengineV1alphaDataConnectorRealtimeSyncConfigStreamingError: - id: >- - GoogleCloudDiscoveryengineV1alphaDataConnectorRealtimeSyncConfigStreamingError - description: Streaming error details. - type: object - properties: - streamingErrorReason: - description: Optional. Streaming error. + format: google-datetime + state: + readOnly: true + enum: + - STATE_UNSPECIFIED + - PENDING + - RUNNING + - SUCCEEDED + - FAILED type: string enumDescriptions: - - Streaming error reason unspecified. - - Some error occurred while setting up resources for realtime sync. - - >- - Some error was encountered while running realtime sync for the - connector. - - >- - Ingress endpoint is required when setting up realtime sync in - private connectivity. - enum: - - STREAMING_ERROR_REASON_UNSPECIFIED - - STREAMING_SETUP_ERROR - - STREAMING_SYNC_ERROR - - INGRESS_ENDPOINT_REQUIRED + - The evaluation is unspecified. + - The service is preparing to run the evaluation. + - The evaluation is in progress. + - The evaluation completed successfully. + - The evaluation failed. + description: Output only. The state of the evaluation. error: - description: Optional. Error details. + description: >- + Output only. The error that occurred during evaluation. Only + populated when the evaluation's state is FAILED. + readOnly: true $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1alphaConnectorRun: - id: GoogleCloudDiscoveryengineV1alphaConnectorRun - description: >- - A data sync run of DataConnector. After DataConnector is successfully - initialized, data syncs are scheduled at DataConnector.refresh_interval. - A ConnectorRun represents a data sync either in the past or onging that - the moment. // - type: object + GoogleCloudDiscoveryengineV1betaSchema: properties: name: description: >- - Output only. The full resource name of the Connector Run. Format: - `projects/*/locations/*/collections/*/dataConnector/connectorRuns/*`. - The `connector_run_id` is system-generated. + Immutable. The full resource name of the schema, in the format of + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/schemas/{schema}`. + This field must be a UTF-8 encoded string with a length limit of + 1024 characters. + type: string + structSchema: + type: object + additionalProperties: + description: Properties of the object. + type: any + description: The structured representation of the schema. + jsonSchema: + description: The JSON representation of the schema. + type: string + description: Defines the structure and layout of a type of document data. + id: GoogleCloudDiscoveryengineV1betaSchema + type: object + GoogleCloudDiscoveryengineV1alphaDeleteAgentMetadata: + id: GoogleCloudDiscoveryengineV1alphaDeleteAgentMetadata + type: object + properties: + updateTime: + type: string + format: google-datetime + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + createTime: + type: string + description: Operation create time. + format: google-datetime + description: >- + Metadata related to the progress of the AgentService.DeleteAgent + operation. This will be returned by the + google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1DataConnector: + properties: + incrementalSyncDisabled: + description: >- + Optional. Indicates whether incremental syncs are paused for this + connector. This is independent of auto_run_disabled. Applicable to + only 3P connectors. When the refresh interval is set to the same + value as the incremental refresh interval, incremental sync will be + disabled, i.e. set to true. + type: boolean + errors: + description: >- + Output only. The errors from initialization or from the latest + connector run. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + type: array readOnly: true + kmsKeyName: type: string - startTime: - description: Output only. The time when the connector run started. + description: >- + Input only. The KMS key to be used to protect the DataStores managed + by this connector. Must be set for requests that need to comply with + CMEK Org Policy protections. If this field is set and processed + successfully, the DataStores created by this connector will be + protected by the KMS key. + staticIpEnabled: + description: >- + Optional. Whether customer has enabled static IP addresses for this + connector. + type: boolean + endUserConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1DataConnectorEndUserConfig + description: >- + Optional. Any params and credentials used specifically for EUA + connectors. + aclEnabled: + type: boolean + description: >- + Optional. Whether the connector will be created with an ACL config. + Currently this field only affects Cloud Storage and BigQuery + connectors. + blockingReasons: + type: array + items: + type: string + enum: + - BLOCKING_REASON_UNSPECIFIED + - ALLOWLIST_STATIC_IP + - ALLOWLIST_IN_SERVICE_ATTACHMENT + - ALLOWLIST_SERVICE_ACCOUNT + enumDescriptions: + - Default value. + - Connector requires customer to allowlist static IPs. + - >- + Connector requires customer to allowlist our project in their + service attachment. + - >- + Connector requires customer to allowlist service account in + their project. readOnly: true + description: >- + Output only. User actions that must be completed before the + connector can start syncing data. + incrementalRefreshInterval: + description: >- + Optional. The refresh interval specifically for incremental data + syncs. If unset, incremental syncs will use the default from env, + set to 3hrs. The minimum is 30 minutes and maximum is 7 days. + Applicable to only 3P connectors. When the refresh interval is set + to the same value as the incremental refresh interval, incremental + sync will be disabled. type: string - format: google-datetime - endTime: - description: Output only. The time when the connector run ended. + format: google-duration + createTime: readOnly: true type: string format: google-datetime - state: - description: Output only. The state of the sync run. + description: Output only. Timestamp the DataConnector was created at. + privateConnectivityProjectId: + description: >- + Output only. The tenant project ID associated with private + connectivity connectors. This project must be allowlisted by in + order for the connector to function. readOnly: true type: string + connectorModes: + description: >- + Optional. The modes enabled for this connector. Default state is + CONNECTOR_MODE_UNSPECIFIED. + type: array + items: + enum: + - CONNECTOR_MODE_UNSPECIFIED + - DATA_INGESTION + - ACTIONS + - FEDERATED + - EUA + - FEDERATED_AND_EUA + type: string + enumDescriptions: + - Connector mode unspecified. + - Connector utilized for data ingestion. + - Connector utilized for actions. + - Connector utilized for federated search. + - Connector utilized for End User Authentication. + - >- + Hybrid connector utilized for federated search and End User + Authentication. + syncMode: + type: string + description: The data synchronization mode supported by the data connector. enumDescriptions: - - Default value. - - The data sync is ongoing. - - The data sync is finished. - - The data sync is failed. - - >- - Data sync has been running longer than expected and is still - running at the time the next run is supposed to start. - - Data sync was scheduled but has been cancelled. - - Data sync is about to start. - - The data sync completed with non-fatal errors. - >- - An ongoing connector run has been running longer than expected, - causing this run to be skipped. + The connector will sync data periodically based on the + refresh_interval. Use it with auto_run_disabled to pause the + periodic sync, or indicate a one-time sync. + - The data will be synced in real time. + - Connector that doesn't ingest data will have this value enum: - - STATE_UNSPECIFIED - - RUNNING - - SUCCEEDED - - FAILED - - OVERRUN - - CANCELLED - - PENDING - - WARNING - - SKIPPED - errors: + - PERIODIC + - STREAMING + - UNSPECIFIED + staticIpAddresses: + description: Output only. The static IP addresses used by this connector. + type: array + items: + type: string + readOnly: true + nextSyncTime: + $ref: '#/components/schemas/GoogleTypeDateTime' description: >- - Contains info about errors incurred during the sync. Only exist if - running into an error state. Contains error code and error message. - Use with the `state` field. + Defines the scheduled time for the next data synchronization. This + field requires hour , minute, and time_zone from the [IANA Time Zone + Database](https://www.iana.org/time-zones). This is utilized when + the data connector has a refresh interval greater than 1 day. When + the hours or minutes are not specified, we will assume a sync time + of 0:00. The user must provide a time zone to avoid ambiguity. + alertPolicyConfigs: + description: Optional. The connector level alert config. type: array items: - $ref: '#/components/schemas/GoogleRpcStatus' - stateUpdateTime: - description: Timestamp at which the connector run sync state was last updated. - type: string - format: google-datetime - latestPauseTime: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AlertPolicyConfig' + realtimeSyncConfig: + description: Optional. The configuration for realtime sync. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1DataConnectorRealtimeSyncConfig + identityRefreshInterval: description: >- - Output only. The time when the connector run was most recently - paused. - readOnly: true + The refresh interval to sync the Access Control List information for + the documents ingested by this connector. If not set, the access + control list will be refreshed at the default interval of 30 + minutes. The identity refresh interval can be at least 30 minutes + and at most 7 days. + format: google-duration type: string - format: google-datetime - entityRuns: + deprecated: true + dataSource: description: >- - Output only. The details of the entities synced at the ConnectorRun. - Each ConnectorRun consists of syncing one or more entities. + Required. The name of the data source. Supported values: + `salesforce`, `jira`, `confluence`, `bigquery`. + type: string + latestPauseTime: + type: string readOnly: true + description: >- + Output only. The most recent timestamp when this DataConnector was + paused, affecting all functionalities such as data synchronization. + Pausing a connector has the following effects: - All + functionalities, including data synchronization, are halted. - Any + ongoing data synchronization job will be canceled. - No future data + synchronization runs will be scheduled nor can be triggered. + format: google-datetime + entities: type: array + description: List of entities from the connected data source to ingest. items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaConnectorRunEntityRun - trigger: - description: Output only. The trigger for this ConnectorRun. - readOnly: true + #/components/schemas/GoogleCloudDiscoveryengineV1DataConnectorSourceEntity + jsonParams: + type: string + description: Required data connector parameters in json string format. + connectorType: type: string + readOnly: true + enum: + - CONNECTOR_TYPE_UNSPECIFIED + - THIRD_PARTY + - GCP_FHIR + - BIG_QUERY + - GCS + - GOOGLE_MAIL + - GOOGLE_CALENDAR + - GOOGLE_DRIVE + - NATIVE_CLOUD_IDENTITY + - THIRD_PARTY_FEDERATED + - THIRD_PARTY_EUA + - GCNV enumDescriptions: - Default value. + - Third party connector to connector to third party application. + - Data connector connects between FHIR store and VAIS datastore. + - Big query connector. + - Google Cloud Storage connector. + - Gmail connector. + - Google Calendar connector. + - Google Drive connector. - >- - ConnectorRun triggered by scheduler if connector has PERIODIC sync - mode. - - ConnectorRun auto triggered by connector initialization. - - ConnectorRun auto triggered by resuming connector. - - ConnectorRun triggered by user manually. - enum: - - TRIGGER_UNSPECIFIED - - SCHEDULER - - INITIALIZATION - - RESUME - - MANUAL - GoogleCloudDiscoveryengineV1alphaConnectorRunEntityRun: - id: GoogleCloudDiscoveryengineV1alphaConnectorRunEntityRun - description: Represents an entity that was synced in this ConnectorRun. - type: object - properties: - entityName: - description: The name of the source entity. - type: string + Native Cloud Identity connector for people search powered by + People API. + - >- + Federated connector, it is a third party connector that doesn't + ingestion data, and search is powered by third party application's + API. + - Connector utilized for End User Authentication features. + - Google Cloud NetApp Volumes connector. + description: >- + Output only. The type of connector. Each source can only map to one + type. For example, salesforce, confluence and jira have THIRD_PARTY + connector type. It is not mutable once set by system. state: - description: The state of the entity's sync run. + readOnly: true type: string enumDescriptions: - Default value. - - The data sync is ongoing. - - The data sync is finished. - - The data sync is failed. + - The connector is being set up. + - The connector is successfully set up and awaiting next sync run. - >- - Data sync has been running longer than expected and is still - running at the time the next run is supposed to start. - - Data sync was scheduled but has been cancelled. - - Data sync is about to start. - - The data sync completed with non-fatal errors. + The connector is in error. The error details can be found in + DataConnector.errors. If the error is unfixable, the DataConnector + can be deleted by [CollectionService.DeleteCollection] API. + - The connector is actively syncing records from the data source. - >- - An ongoing connector run has been running longer than expected, - causing this run to be skipped. + The connector has completed a sync run, but encountered non-fatal + errors. + - >- + Connector initialization failed. Potential causes include runtime + errors or issues in the asynchronous pipeline, preventing the + request from reaching downstream services (except for some + connector types). + - Connector is in the process of an update. enum: - STATE_UNSPECIFIED - - RUNNING - - SUCCEEDED + - CREATING + - ACTIVE - FAILED - - OVERRUN - - CANCELLED - - PENDING + - RUNNING - WARNING - - SKIPPED - errors: - description: >- - The errors from the entity's sync run. Only exist if running into an - error state. Contains error code and error message. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - stateUpdateTime: - description: Timestamp at which the entity sync state was last updated. + - INITIALIZATION_FAILED + - UPDATING + description: Output only. State of the connector. + realtimeState: + description: Output only. real-time sync state + readOnly: true + enumDescriptions: + - Default value. + - The connector is being set up. + - The connector is successfully set up and awaiting next sync run. + - >- + The connector is in error. The error details can be found in + DataConnector.errors. If the error is unfixable, the DataConnector + can be deleted by [CollectionService.DeleteCollection] API. + - The connector is actively syncing records from the data source. + - >- + The connector has completed a sync run, but encountered non-fatal + errors. + - >- + Connector initialization failed. Potential causes include runtime + errors or issues in the asynchronous pipeline, preventing the + request from reaching downstream services (except for some + connector types). + - Connector is in the process of an update. type: string + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - FAILED + - RUNNING + - WARNING + - INITIALIZATION_FAILED + - UPDATING + updateTime: format: google-datetime - scheduledRecordCount: - description: >- - Optional. The number of documents scheduled to be crawled/extracted - from connector source. This only applies to third party connectors. + description: Output only. Timestamp the DataConnector was last updated. type: string - format: int64 - extractedRecordCount: + readOnly: true + hybridIngestionDisabled: description: >- - Optional. The number of documents extracted from connector source, - ready to be ingested to VAIS. - type: string - format: int64 - indexedRecordCount: - description: Optional. The number of documents indexed. + Optional. If the connector is a hybrid connector, determines whether + ingestion is enabled and appropriate resources are provisioned + during connector creation. If the connector is not a hybrid + connector, this field is ignored. + type: boolean + name: + readOnly: true type: string - format: int64 - errorRecordCount: description: >- - Optional. The total number of documents failed at sync at indexing - stage. - type: string - format: int64 - sourceApiRequestCount: - description: Optional. The number of requests sent to 3p API. - type: string - format: int64 - deletedRecordCount: - description: Optional. The number of documents deleted. - type: string - format: int64 - progress: - description: Metadata to generate the progress bar. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaConnectorRunEntityRunProgress - statsUpdateTime: + Output only. The full resource name of the Data Connector. Format: + `projects/*/locations/*/collections/*/dataConnector`. + bapConfig: + description: Optional. The configuration for establishing a BAP connection. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1BAPConfig' + autoRunDisabled: description: >- - The timestamp for either extracted_documents_count, - indexed_documents_count and error_documents_count was last updated. - type: string - format: google-datetime - syncType: - description: Sync type of this run. - type: string - enumDescriptions: - - Sync type unspecified. - - Sync triggers full sync of all documents. - - Incremental sync of updated documents. - - Realtime sync. - - Scala sync. - enum: - - SYNC_TYPE_UNSPECIFIED - - FULL - - INCREMENTAL - - REALTIME - - SCALA_SYNC - GoogleCloudDiscoveryengineV1alphaConnectorRunEntityRunProgress: - id: GoogleCloudDiscoveryengineV1alphaConnectorRunEntityRunProgress - description: Represents the progress of a sync run. - type: object - properties: - currentCount: - description: The current progress. - type: string - format: int64 - totalCount: - description: The total. - type: string - format: int64 - percentile: + Optional. Indicates whether the connector is disabled for auto run. + It can be used to pause periodical and real time sync. Update: with + the introduction of incremental_sync_disabled, auto_run_disabled is + used to pause/disable only full syncs + type: boolean + destinationConfigs: + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DestinationConfig' + type: array description: >- - Derived. The percentile of the progress.current_count / total_count. - The value is between [0, 1.0] inclusive. - type: number - format: float - GoogleCloudDiscoveryengineV1alphaControl: - id: GoogleCloudDiscoveryengineV1alphaControl - description: >- - Defines a conditioned behavior to employ during serving. Must be - attached to a ServingConfig to be considered at serving time. Permitted - actions dependent on `SolutionType`. - type: object - properties: - boostAction: - description: Defines a boost-type control - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaControlBoostAction - filterAction: + Optional. Any target destinations used to connect to third-party + services. + removeParamKeys: + items: + type: string description: >- - Defines a filter-type control Currently not supported by - Recommendation - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaControlFilterAction - redirectAction: - description: Defines a redirect-type control. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaControlRedirectAction - synonymsAction: - description: Treats a group of terms as synonyms of one another. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaControlSynonymsAction - promoteAction: - description: Promote certain links based on predefined trigger queries. + Optional. Specifies keys to be removed from the 'params' field. This + is only active when 'params' is included in the 'update_mask' in an + UpdateDataConnectorRequest. Deletion takes precedence if a key is + both in 'remove_param_keys' and present in the 'params' field of the + request. + type: array + createEuaSaas: + type: boolean + description: >- + Optional. Whether the END USER AUTHENTICATION connector is created + in SaaS. + federatedConfig: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaControlPromoteAction - name: + #/components/schemas/GoogleCloudDiscoveryengineV1DataConnectorFederatedConfig description: >- - Immutable. Fully qualified name - `projects/*/locations/global/dataStore/*/controls/*` - type: string - displayName: + Optional. Any params and credentials used specifically for hybrid + connectors supporting FEDERATED mode. This field should only be set + if the connector is a hybrid connector and we want to enable + FEDERATED mode. + lastSyncTime: description: >- - Required. Human readable name. The identifier used in UI views. Must - be UTF-8 encoded string. Length limit is 128 characters. Otherwise - an INVALID ARGUMENT error is thrown. + Output only. For periodic connectors only, the last time a data sync + was completed. type: string - associatedServingConfigIds: - description: >- - Output only. List of all ServingConfig IDs this control is attached - to. May take up to 10 minutes to update after changes. readOnly: true - type: array - items: - type: string - solutionType: + format: google-datetime + refreshInterval: + type: string description: >- - Required. Immutable. What solution the control belongs to. Must be - compatible with vertical of resource. Otherwise an INVALID ARGUMENT - error is thrown. + Required. The refresh interval for data sync. If duration is set to + 0, the data will be synced in real time. The streaming feature is + not supported yet. The minimum is 30 minutes and maximum is 7 days. + When the refresh interval is set to the same value as the + incremental refresh interval, incremental sync will be disabled. + format: google-duration + actionState: + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - FAILED + - RUNNING + - WARNING + - INITIALIZATION_FAILED + - UPDATING type: string + readOnly: true + description: >- + Output only. State of the action connector. This reflects whether + the action connector is initializing, active or has encountered + errors. enumDescriptions: - Default value. - - Used for Recommendations AI. - - Used for Discovery Search. - - Used for use cases related to the Generative AI agent. + - The connector is being set up. + - The connector is successfully set up and awaiting next sync run. - >- - Used for use cases related to the Generative Chat agent. It's used - for Generative chat engine only, the associated data stores must - enrolled with `SOLUTION_TYPE_CHAT` solution. - enum: - - SOLUTION_TYPE_UNSPECIFIED - - SOLUTION_TYPE_RECOMMENDATION - - SOLUTION_TYPE_SEARCH - - SOLUTION_TYPE_CHAT - - SOLUTION_TYPE_GENERATIVE_CHAT - useCases: + The connector is in error. The error details can be found in + DataConnector.errors. If the error is unfixable, the DataConnector + can be deleted by [CollectionService.DeleteCollection] API. + - The connector is actively syncing records from the data source. + - >- + The connector has completed a sync run, but encountered non-fatal + errors. + - >- + Connector initialization failed. Potential causes include runtime + errors or issues in the asynchronous pipeline, preventing the + request from reaching downstream services (except for some + connector types). + - Connector is in the process of an update. + params: + type: object + additionalProperties: + type: any + description: Properties of the object. + description: Required data connector parameters in structured json format. + actionConfig: description: >- - Specifies the use case for the control. Affects what condition - fields can be set. Only applies to SOLUTION_TYPE_SEARCH. Currently - only allow one use case per control. Must be set when solution_type - is SolutionType.SOLUTION_TYPE_SEARCH. - type: array - items: - type: string - enumDescriptions: - - Value used when unset. Will not occur in CSS. - - Search use case. Expects the traffic has a non-empty query. - - Browse use case. Expects the traffic has an empty query. - enum: - - SEARCH_USE_CASE_UNSPECIFIED - - SEARCH_USE_CASE_SEARCH - - SEARCH_USE_CASE_BROWSE - conditions: + Optional. Action configurations to make the connector support + actions. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ActionConfig' + identityScheduleConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1IdentityScheduleConfig description: >- - Determines when the associated action will trigger. Omit to always - apply the action. Currently only a single condition may be - specified. Otherwise an INVALID ARGUMENT error is thrown. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaCondition' + The configuration for the identity data synchronization runs. This + contains the refresh interval to sync the Access Control List + information for the documents ingested by this connector. + description: >- + Manages the connection to external data sources for all data stores + grouped under a Collection. It's a singleton resource of Collection. The + initialization is only supported through + DataConnectorService.SetUpDataConnector method, which will create a new + Collection and initialize its DataConnector. + id: GoogleCloudDiscoveryengineV1DataConnector + type: object + GoogleCloudDiscoveryengineV1betaConditionTimeRange: + description: Used for time-dependent conditions. + properties: + endTime: + type: string + format: google-datetime + description: End of time range. Range is inclusive. Must be in the future. + startTime: + type: string + description: Start of time range. Range is inclusive. + format: google-datetime + type: object + id: GoogleCloudDiscoveryengineV1betaConditionTimeRange GoogleCloudDiscoveryengineV1alphaControlBoostAction: - id: GoogleCloudDiscoveryengineV1alphaControlBoostAction - description: Adjusts order of products in returned list. type: object properties: + filter: + type: string + description: >- + Required. Specifies which products to apply the boost to. If no + filter is provided all products will be boosted (No-op). Syntax + documentation: https://cloud.google.com/retail/docs/filter-and-order + Maximum length is 5000 characters. Otherwise an INVALID ARGUMENT + error is thrown. fixedBoost: + format: float + type: number description: >- Optional. Strength of the boost, which should be in [-1, 1]. Negative boost means demotion. Default is 0.0 (No-op). - type: number - format: float interpolationBoostSpec: description: >- Optional. Complex specification for custom ranking based on customer defined attribute value. $ref: >- #/components/schemas/GoogleCloudDiscoveryengineV1alphaControlBoostActionInterpolationBoostSpec - boost: - description: >- - Strength of the boost, which should be in [-1, 1]. Negative boost - means demotion. Default is 0.0 (No-op). - deprecated: true - type: number - format: float - filter: - description: >- - Required. Specifies which products to apply the boost to. If no - filter is provided all products will be boosted (No-op). Syntax - documentation: https://cloud.google.com/retail/docs/filter-and-order - Maximum length is 5000 characters. Otherwise an INVALID ARGUMENT - error is thrown. - type: string dataStore: + type: string description: >- Required. Specifies which data store's documents can be boosted by this control. Full data store name e.g. projects/123/locations/global/collections/default_collection/dataStores/default_data_store + boost: + type: number + deprecated: true + format: float + description: >- + Strength of the boost, which should be in [-1, 1]. Negative boost + means demotion. Default is 0.0 (No-op). + description: Adjusts order of products in returned list. + id: GoogleCloudDiscoveryengineV1alphaControlBoostAction + GoogleCloudDiscoveryengineV1alphaTargetSiteFailureReasonQuotaFailure: + properties: + totalRequiredQuota: + description: >- + This number is an estimation on how much total quota this project + needs to successfully complete indexing. type: string - GoogleCloudDiscoveryengineV1alphaControlBoostActionInterpolationBoostSpec: - id: >- - GoogleCloudDiscoveryengineV1alphaControlBoostActionInterpolationBoostSpec - description: >- - Specification for custom ranking based on customer specified attribute - value. It provides more controls for customized ranking than the simple - (condition, boost) combination above. + format: int64 + type: object + description: Failed due to insufficient quota. + id: GoogleCloudDiscoveryengineV1alphaTargetSiteFailureReasonQuotaFailure + GoogleCloudDiscoveryengineV1AdvancedSiteSearchConfig: + id: GoogleCloudDiscoveryengineV1AdvancedSiteSearchConfig type: object properties: - fieldName: + disableAutomaticRefresh: + description: If set true, automatic refresh is disabled for the DataStore. + type: boolean + disableInitialIndex: + type: boolean + description: If set true, initial indexing is disabled for the DataStore. + description: Configuration data for advance site search. + GoogleCloudDiscoveryengineV1alphaDataConnectorEndUserConfig: + id: GoogleCloudDiscoveryengineV1alphaDataConnectorEndUserConfig + properties: + jsonAuthParams: description: >- - Optional. The name of the field whose value will be used to - determine the boost amount. + Optional. Any authentication parameters specific to EUA connectors + in json string format. type: string - attributeType: + authParams: + type: object + additionalProperties: + type: any + description: Properties of the object. + description: Optional. Any authentication parameters specific to EUA connectors. + tenant: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaTenant' + description: Optional. The tenant project the connector is connected to. + additionalParams: + additionalProperties: + description: Properties of the object. + type: any + description: Optional. Any additional parameters needed for EUA. + type: object + type: object + description: Any params and credentials used specifically for EUA connectors. + GoogleCloudDiscoveryengineV1HealthcareFhirConfig: + type: object + properties: + enableConfigurableSchema: + type: boolean description: >- - Optional. The attribute type to be used to determine the boost - amount. The attribute value can be derived from the field value of - the specified field_name. In the case of numerical it is - straightforward i.e. attribute_value = numerical_field_value. In the - case of freshness however, attribute_value = (time.now() - - datetime_field_value). - type: string - enumDescriptions: - - Unspecified AttributeType. - - >- - The value of the numerical field will be used to dynamically - update the boost amount. In this case, the attribute_value (the x - value) of the control point will be the actual value of the - numerical field for which the boost_amount is specified. - - >- - For the freshness use case the attribute value will be the - duration between the current time and the date in the datetime - field specified. The value must be formatted as an XSD - `dayTimeDuration` value (a restricted subset of an ISO 8601 - duration value). The pattern for this is: `nDnM]`. For example, - `5D`, `3DT12H30M`, `T24H`. - enum: - - ATTRIBUTE_TYPE_UNSPECIFIED - - NUMERICAL - - FRESHNESS - interpolationType: + Whether to enable configurable schema for `HEALTHCARE_FHIR` + vertical. If set to `true`, the predefined healthcare fhir schema + can be extended for more customized searching and filtering. + enableStaticIndexingForBatchIngestion: + type: boolean description: >- - Optional. The interpolation type to be applied to connect the - control points listed below. + Whether to enable static indexing for `HEALTHCARE_FHIR` batch + ingestion. If set to `true`, the batch ingestion will be processed + in a static indexing mode which is slower but more capable of + handling larger volume. + description: Config to data store for `HEALTHCARE_FHIR` vertical. + id: GoogleCloudDiscoveryengineV1HealthcareFhirConfig + GoogleCloudDiscoveryengineV1AlertPolicyConfig: + id: GoogleCloudDiscoveryengineV1AlertPolicyConfig + properties: + alertPolicyName: + description: Immutable. The fully qualified resource name of the AlertPolicy. type: string - enumDescriptions: - - >- - Interpolation type is unspecified. In this case, it defaults to - Linear. - - Piecewise linear interpolation will be applied. - enum: - - INTERPOLATION_TYPE_UNSPECIFIED - - LINEAR - controlPoints: - description: >- - Optional. The control points used to define the curve. The monotonic - function (defined through the interpolation_type above) passes - through the control points listed here. + alertEnrollments: type: array items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaControlBoostActionInterpolationBoostSpecControlPoint - GoogleCloudDiscoveryengineV1alphaControlBoostActionInterpolationBoostSpecControlPoint: - id: >- - GoogleCloudDiscoveryengineV1alphaControlBoostActionInterpolationBoostSpecControlPoint - description: >- - The control points used to define the curve. The curve defined through - these control points can only be monotonically increasing or - decreasing(constant values are acceptable). + #/components/schemas/GoogleCloudDiscoveryengineV1AlertPolicyConfigAlertEnrollment + description: Optional. The enrollment states of each alert. type: object + description: The connector level alert config. + GoogleCloudDiscoveryengineV1AssistAnswer: + description: AssistAnswer resource, main part of AssistResponse. properties: - attributeValue: + replies: + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AssistAnswerReply' + description: Replies of the assistant. + type: array + customerPolicyEnforcementResult: description: >- - Optional. Can be one of: 1. The numerical field value. 2. The - duration spec for freshness: The value must be formatted as an XSD - `dayTimeDuration` value (a restricted subset of an ISO 8601 duration - value). The pattern for this is: `nDnM]`. + Optional. The field contains information about the various policy + checks' results like the banned phrases or the Model Armor checks. + This field is populated only if the assist call was skipped due to a + policy violation. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AssistAnswerCustomerPolicyEnforcementResult + state: + enumDescriptions: + - Unknown. + - Assist operation is currently in progress. + - Assist operation has failed. + - Assist operation has succeeded. + - Assist operation has been skipped. + enum: + - STATE_UNSPECIFIED + - IN_PROGRESS + - FAILED + - SUCCEEDED + - SKIPPED type: string - boostAmount: + description: State of the answer generation. + assistSkippedReasons: + description: Reasons for not answering the assist call. + type: array + items: + enum: + - ASSIST_SKIPPED_REASON_UNSPECIFIED + - NON_ASSIST_SEEKING_QUERY_IGNORED + - CUSTOMER_POLICY_VIOLATION + enumDescriptions: + - Default value. Skip reason is not specified. + - >- + The assistant ignored the query, because it did not appear to be + answer-seeking. + - >- + The assistant ignored the query or refused to answer because of + a customer policy violation (e.g., the query or the answer + contained a banned phrase). + type: string + name: description: >- - Optional. The value between -1 to 1 by which to boost the score if - the attribute_value evaluates to the value specified above. - type: number - format: float - GoogleCloudDiscoveryengineV1alphaControlFilterAction: - id: GoogleCloudDiscoveryengineV1alphaControlFilterAction + Immutable. Identifier. Resource name of the `AssistAnswer`. Format: + `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}/sessions/{session}/assistAnswers/{assist_answer}` + This field must be a UTF-8 encoded string with a length limit of + 1024 characters. + type: string + type: object + id: GoogleCloudDiscoveryengineV1AssistAnswer + GoogleCloudDiscoveryengineV1betaDisableAdvancedSiteSearchResponse: description: >- - Specified which products may be included in results. Uses same filter as - boost. + Response message for SiteSearchEngineService.DisableAdvancedSiteSearch + method. + type: object + properties: {} + id: GoogleCloudDiscoveryengineV1betaDisableAdvancedSiteSearchResponse + GoogleCloudDiscoveryengineV1alphaSafetyRating: type: object + id: GoogleCloudDiscoveryengineV1alphaSafetyRating properties: - filter: - description: >- - Required. A filter to apply on the matching condition results. - Required Syntax documentation: - https://cloud.google.com/retail/docs/filter-and-order Maximum length - is 5000 characters. Otherwise an INVALID ARGUMENT error is thrown. + severity: + description: Output only. Harm severity levels in the content. + enum: + - HARM_SEVERITY_UNSPECIFIED + - HARM_SEVERITY_NEGLIGIBLE + - HARM_SEVERITY_LOW + - HARM_SEVERITY_MEDIUM + - HARM_SEVERITY_HIGH + readOnly: true type: string - dataStore: + enumDescriptions: + - Harm severity unspecified. + - Negligible level of harm severity. + - Low level of harm severity. + - Medium level of harm severity. + - High level of harm severity. + probability: + enum: + - HARM_PROBABILITY_UNSPECIFIED + - NEGLIGIBLE + - LOW + - MEDIUM + - HIGH + readOnly: true + description: Output only. Harm probability levels in the content. + enumDescriptions: + - Harm probability unspecified. + - Negligible level of harm. + - Low level of harm. + - Medium level of harm. + - High level of harm. + type: string + blocked: description: >- - Required. Specifies which data store's documents can be filtered by - this control. Full data store name e.g. - projects/123/locations/global/collections/default_collection/dataStores/default_data_store + Output only. Indicates whether the content was filtered out because + of this rating. + type: boolean + readOnly: true + severityScore: + type: number + description: Output only. Harm severity score. + format: float + readOnly: true + category: type: string - GoogleCloudDiscoveryengineV1alphaControlRedirectAction: - id: GoogleCloudDiscoveryengineV1alphaControlRedirectAction - description: Redirects a shopper to the provided URI. - type: object + enumDescriptions: + - The harm category is unspecified. + - The harm category is hate speech. + - The harm category is dangerous content. + - The harm category is harassment. + - The harm category is sexually explicit content. + - The harm category is civic integrity. + enum: + - HARM_CATEGORY_UNSPECIFIED + - HARM_CATEGORY_HATE_SPEECH + - HARM_CATEGORY_DANGEROUS_CONTENT + - HARM_CATEGORY_HARASSMENT + - HARM_CATEGORY_SEXUALLY_EXPLICIT + - HARM_CATEGORY_CIVIC_INTEGRITY + description: Output only. Harm category. + readOnly: true + probabilityScore: + type: number + description: Output only. Harm probability score. + format: float + readOnly: true + description: Safety rating corresponding to the generated content. + GoogleCloudDiscoveryengineV1EngineChatEngineConfig: properties: - redirectUri: + agentCreationConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1EngineChatEngineConfigAgentCreationConfig description: >- - Required. The URI to which the shopper will be redirected. Required. - URI must have length equal or less than 2000 characters. Otherwise - an INVALID ARGUMENT error is thrown. + The configurationt generate the Dialogflow agent that is associated + to this Engine. Note that these configurations are one-time consumed + by and passed to Dialogflow service. It means they cannot be + retrieved using EngineService.GetEngine or EngineService.ListEngines + API after engine creation. + dialogflowAgentToLink: + description: >- + The resource name of an exist Dialogflow agent to link to this Chat + Engine. Customers can either provide `agent_creation_config` to + create agent or provide an agent name that links the agent with the + Chat engine. Format: `projects//locations//agents/`. Note that the + `dialogflow_agent_to_link` are one-time consumed by and passed to + Dialogflow service. It means they cannot be retrieved using + EngineService.GetEngine or EngineService.ListEngines API after + engine creation. Use ChatEngineMetadata.dialogflow_agent for actual + agent association after Engine is created. type: string - GoogleCloudDiscoveryengineV1alphaControlSynonymsAction: - id: GoogleCloudDiscoveryengineV1alphaControlSynonymsAction - description: >- - Creates a set of terms that will act as synonyms of one another. - Example: "happy" will also be considered as "glad", "glad" will also be - considered as "happy". - type: object - properties: - synonyms: + allowCrossRegion: + type: boolean description: >- - Defines a set of synonyms. Can specify up to 100 synonyms. Must - specify at least 2 synonyms. Otherwise an INVALID ARGUMENT error is - thrown. - type: array - items: - type: string - GoogleCloudDiscoveryengineV1alphaControlPromoteAction: - id: GoogleCloudDiscoveryengineV1alphaControlPromoteAction - description: >- - Promote certain links based on some trigger queries. Example: Promote - shoe store link when searching for `shoe` keyword. The link can be - outside of associated data store. + Optional. If the flag set to true, we allow the agent and engine are + in different locations, otherwise the agent and engine are required + to be in the same location. The flag is set to false by default. + Note that the `allow_cross_region` are one-time consumed by and + passed to EngineService.CreateEngine. It means they cannot be + retrieved using EngineService.GetEngine or EngineService.ListEngines + API after engine creation. + id: GoogleCloudDiscoveryengineV1EngineChatEngineConfig + description: Configurations for a Chat Engine. type: object - properties: - dataStore: - description: Required. Data store with which this promotion is attached to. - type: string - searchLinkPromotion: - description: Required. Promotion attached to this action. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchLinkPromotion - GoogleCloudDiscoveryengineV1alphaSearchLinkPromotion: - id: GoogleCloudDiscoveryengineV1alphaSearchLinkPromotion - description: >- - Promotion proto includes uri and other helping information to display - the promotion. + GoogleCloudDiscoveryengineV1ListCustomModelsResponse: type: object properties: - title: + models: + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CustomTuningModel' + description: List of custom tuning models. + type: array + id: GoogleCloudDiscoveryengineV1ListCustomModelsResponse + description: Response message for SearchTuningService.ListCustomModels method. + GoogleCloudDiscoveryengineV1DocumentInfo: + properties: + joined: + readOnly: true description: >- - Required. The title of the promotion. Maximum length: 160 - characters. - type: string - uri: + Output only. Whether the referenced Document can be found in the + data store. + type: boolean + conversionValue: + format: float + type: number description: >- - Optional. The URL for the page the user wants to promote. Must be - set for site search. For other verticals, this is optional. + Optional. The conversion value associated with this Document. Must + be set if UserEvent.event_type is "conversion". For example, a value + of 1000 signifies that 1000 seconds were spent viewing a Document + for the `watch` conversion type. + name: type: string - document: description: >- - Optional. The Document the user wants to promote. For site search, - leave unset and only populate uri. Can be set along with uri. - type: string - imageUri: - description: Optional. The promotion thumbnail image url. + The Document resource full name, of the form: + `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}/branches/{branch_id}/documents/{document_id}` + uri: type: string - description: - description: 'Optional. The Promotion description. Maximum length: 200 characters.' + description: The Document URI - only allowed for website data stores. + id: + description: The Document resource ID. type: string - enabled: + promotionIds: + type: array description: >- - Optional. The enabled promotion will be returned for any serving - configs associated with the parent of the control this promotion is - attached to. This flag is used for basic site search only. - type: boolean - GoogleCloudDiscoveryengineV1alphaCondition: - id: GoogleCloudDiscoveryengineV1alphaCondition - description: Defines circumstances to be checked before allowing a behavior + The promotion IDs associated with this Document. Currently, this + field is restricted to at most one ID. + items: + type: string + quantity: + description: >- + Quantity of the Document associated with the user event. Defaults to + 1. For example, this field is 2 if two quantities of the same + Document are involved in a `add-to-cart` event. Required for events + of the following event types: * `add-to-cart` * `purchase` + format: int32 + type: integer + type: object + description: Detailed document information associated with a user event. + id: GoogleCloudDiscoveryengineV1DocumentInfo + GoogleCloudDiscoveryengineV1FetchDomainVerificationStatusResponse: type: object + description: >- + Response message for + SiteSearchEngineService.FetchDomainVerificationStatus method. properties: - queryTerms: + totalSize: + type: integer description: >- - Search only A list of terms to match the query on. Cannot be set - when Condition.query_regex is set. Maximum of 10 query terms. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaConditionQueryTerm - activeTimeRange: + The total number of items matching the request. This will always be + populated in the response. + format: int32 + nextPageToken: + type: string description: >- - Range of time(s) specifying when condition is active. Maximum of 10 - time ranges. + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. + targetSites: + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' type: array + description: List of TargetSites containing the site verification status. + id: GoogleCloudDiscoveryengineV1FetchDomainVerificationStatusResponse + GoogleCloudDiscoveryengineV1WidgetConfigUiSettings: + type: object + id: GoogleCloudDiscoveryengineV1WidgetConfigUiSettings + description: >- + Describes general widget (or web app) UI settings as seen in the cloud + console UI configuration page. + properties: + enableSearchAsYouType: + description: Whether to enable search-as-you-type behavior for the search widget. + type: boolean + modelConfigs: + description: >- + Output only. Maps a model name to its specific configuration for + this engine. This allows admin users to turn on/off individual + models. This only stores models whose states are overridden by the + admin. When the state is unspecified, or model_configs is empty for + this model, the system will decide if this model should be available + or not based on the default configuration. For example, a preview + model should be disabled by default if the admin has not chosen to + enable it. + readOnly: true + additionalProperties: + enumDescriptions: + - The model state is unspecified. + - The model is enabled by admin. + - The model is disabled by admin. + type: string + enum: + - MODEL_STATE_UNSPECIFIED + - MODEL_ENABLED + - MODEL_DISABLED + type: object + generativeAnswerConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigUiSettingsGenerativeAnswerConfig + description: Describes generative answer configuration. + enableVisualContentSummary: + description: >- + If set to true, the widget will enable visual content summary on + applicable search requests. Only used by healthcare search. + type: boolean + enableCreateAgentButton: + type: boolean + description: >- + Optional. If set to true, the widget will enable the create agent + button. + disableUserEventsCollection: + description: If set to true, the widget will not collect user events. + type: boolean + dataStoreUiConfigs: + description: Per data store configuration. items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaConditionTimeRange - queryRegex: + #/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigDataStoreUiConfig + type: array + enableQualityFeedback: + type: boolean description: >- - Optional. Query regex to match the whole search query. Cannot be set - when Condition.query_terms is set. Only supported for Basic Site - Search promotion serving controls. - type: string - GoogleCloudDiscoveryengineV1alphaConditionQueryTerm: - id: GoogleCloudDiscoveryengineV1alphaConditionQueryTerm - description: Matcher for search request query - type: object - properties: - value: + Turn on or off collecting the search result quality feedback from + end users. + resultDescriptionType: description: >- - The specific query value to match against Must be lowercase, must be - UTF-8. Can have at most 3 space separated terms if full_match is - true. Cannot be an empty string. Maximum length of 5000 characters. + Controls whether result extract is display and how (snippet or + extractive answer). Default to no result if unspecified. + enumDescriptions: + - Unspecified display type (default to showing snippet). + - Display results from the snippet field. + - Display results from extractive answers field. type: string - fullMatch: - description: Whether the search query needs to exactly match the query term. + enum: + - RESULT_DISPLAY_TYPE_UNSPECIFIED + - SNIPPET + - EXTRACTIVE_ANSWER + enableAutocomplete: + description: Whether or not to enable autocomplete. type: boolean - GoogleCloudDiscoveryengineV1alphaConditionTimeRange: - id: GoogleCloudDiscoveryengineV1alphaConditionTimeRange - description: Used for time-dependent conditions. - type: object - properties: - startTime: - description: Start of time range. Range is inclusive. - type: string - format: google-datetime - endTime: - description: End of time range. Range is inclusive. Must be in the future. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaCreateDataStoreMetadata: - id: GoogleCloudDiscoveryengineV1alphaCreateDataStoreMetadata - description: >- - Metadata related to the progress of the DataStoreService.CreateDataStore - operation. This will be returned by the - google.longrunning.Operation.metadata field. - type: object - properties: - createTime: - description: Operation create time. + interactionType: + description: Describes widget (or web app) interaction type type: string - format: google-datetime - updateTime: + enum: + - INTERACTION_TYPE_UNSPECIFIED + - SEARCH_ONLY + - SEARCH_WITH_ANSWER + - SEARCH_WITH_FOLLOW_UPS + enumDescriptions: + - Not specified. Defaults to SEARCH_ONLY. + - Search without a generative answer. + - Search with the generative answer. + - >- + Search with the generative answer that supports follow up + questions. Also known as multi-turn search. + enablePeopleSearch: + description: Optional. If set to true, the widget will enable people search. + type: boolean + features: + additionalProperties: + type: string + enumDescriptions: + - The feature state is unspecified. + - The feature is turned on to be accessible. + - The feature is turned off to be inaccessible. + enum: + - FEATURE_STATE_UNSPECIFIED + - FEATURE_STATE_ON + - FEATURE_STATE_OFF description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Output only. Feature config for the engine to opt in or opt out of + features. Supported keys: * `agent-gallery` * + `no-code-agent-builder` * `prompt-gallery` * `model-selector` * + `notebook-lm` * `people-search` * `people-search-org-chart` * + `bi-directional-audio` * `feedback` * `session-sharing` * + `personalization-memory` * `disable-agent-sharing` * + `disable-image-generation` * `disable-video-generation` * + `disable-onedrive-upload` * `disable-talk-to-content` * + `disable-google-drive-upload` + type: object + readOnly: true + defaultSearchRequestOrderBy: + description: >- + The default ordering for search results if specified. Used to set + SearchRequest#order_by on applicable requests. + https://cloud.google.com/generative-ai-app-builder/docs/reference/rest/v1alpha/projects.locations.dataStores.servingConfigs/search#request-body type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaCreateEngineMetadata: - id: GoogleCloudDiscoveryengineV1alphaCreateEngineMetadata - description: >- - Metadata related to the progress of the EngineService.CreateEngine - operation. This will be returned by the - google.longrunning.Operation.metadata field. - type: object + enableSafeSearch: + description: Whether to enable safe search. + type: boolean + GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint: + id: >- + GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + attributeValue: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Can be one of: 1. The numerical field value. 2. The duration spec + for freshness: The value must be formatted as an XSD + `dayTimeDuration` value (a restricted subset of an ISO 8601 duration + value). The pattern for this is: `nDnM]`. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaCreateEvaluationMetadata: - id: GoogleCloudDiscoveryengineV1alphaCreateEvaluationMetadata - description: Metadata for EvaluationService.CreateEvaluation method. + boostAmount: + type: number + format: float + description: >- + The value between -1 to 1 by which to boost the score if the + attribute_value evaluates to the value specified above. type: object + description: >- + The control points used to define the curve. The curve defined through + these control points can only be monotonically increasing or + decreasing(constant values are acceptable). + GoogleProtobufEmpty: properties: {} - GoogleCloudDiscoveryengineV1alphaCreateSchemaMetadata: - id: GoogleCloudDiscoveryengineV1alphaCreateSchemaMetadata - description: Metadata for Create Schema LRO. + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: GoogleProtobufEmpty type: object + GoogleCloudDiscoveryengineV1PurgeDocumentsMetadata: properties: - createTime: - description: Operation create time. + ignoredCount: type: string - format: google-datetime + description: Count of entries that were ignored as entries were not found. + format: int64 updateTime: + format: google-datetime + type: string description: >- Operation last update time. If the operation is done, this is also the finish time. + successCount: + description: Count of entries that were deleted successfully. + type: string + format: int64 + failureCount: + type: string + format: int64 + description: Count of entries that encountered errors while processing. + createTime: type: string + description: Operation create time. format: google-datetime - GoogleCloudDiscoveryengineV1alphaCreateSitemapMetadata: - id: GoogleCloudDiscoveryengineV1alphaCreateSitemapMetadata description: >- - Metadata related to the progress of the - SiteSearchEngineService.CreateSitemap operation. This will be returned - by the google.longrunning.Operation.metadata field. + Metadata related to the progress of the PurgeDocuments operation. This + will be returned by the google.longrunning.Operation.metadata field. type: object + id: GoogleCloudDiscoveryengineV1PurgeDocumentsMetadata + GoogleCloudDiscoveryengineV1betaCreateSchemaMetadata: + description: Metadata for Create Schema LRO. properties: createTime: description: Operation create time. - type: string format: google-datetime + type: string updateTime: description: >- Operation last update time. If the operation is done, this is also the finish time. - type: string format: google-datetime - GoogleCloudDiscoveryengineV1alphaCreateTargetSiteMetadata: - id: GoogleCloudDiscoveryengineV1alphaCreateTargetSiteMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.CreateTargetSite operation. This will be - returned by the google.longrunning.Operation.metadata field. + type: string type: object + id: GoogleCloudDiscoveryengineV1betaCreateSchemaMetadata + GoogleCloudDiscoveryengineV1alphaSearchRequestDisplaySpec: + description: Specifies features for display, like match highlighting. properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. + matchHighlightingCondition: type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaDataStore: - id: GoogleCloudDiscoveryengineV1alphaDataStore - description: DataStore captures global settings and configs at the DataStore level. + enum: + - MATCH_HIGHLIGHTING_CONDITION_UNSPECIFIED + - MATCH_HIGHLIGHTING_DISABLED + - MATCH_HIGHLIGHTING_ENABLED + enumDescriptions: + - Server behavior is the same as `MATCH_HIGHLIGHTING_DISABLED`. + - Disables match highlighting on all documents. + - Enables match highlighting on all documents. + description: The condition under which match highlighting should occur. + id: GoogleCloudDiscoveryengineV1alphaSearchRequestDisplaySpec type: object + GoogleCloudDiscoveryengineV1SearchRequestDataStoreSpec: properties: - name: + boostSpec: description: >- - Immutable. Identifier. The full resource name of the data store. - Format: - `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}`. - This field must be a UTF-8 encoded string with a length limit of - 1024 characters. + Optional. Boost specification to boost certain documents. For more + information on boosting, see + [Boosting](https://cloud.google.com/generative-ai-app-builder/docs/boost-search-results) + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestBoostSpec + dataStore: type: string - displayName: description: >- - Required. The data store display name. This field must be a UTF-8 - encoded string with a length limit of 128 characters. Otherwise, an - INVALID_ARGUMENT error is returned. - type: string - industryVertical: - description: Immutable. The industry vertical that the data store registers. + Required. Full resource name of DataStore, such as + `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}`. + The path must include the project number, project id is not + supported for this field. + filter: + description: >- + Optional. Filter specification to filter documents in the data store + specified by data_store field. For more information on filtering, + see + [Filtering](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) type: string - enumDescriptions: - - Value used when unset. - - >- - The generic vertical for documents that are not specific to any - industry vertical. - - The media industry vertical. - - The healthcare FHIR vertical. - enum: - - INDUSTRY_VERTICAL_UNSPECIFIED - - GENERIC - - MEDIA - - HEALTHCARE_FHIR - solutionTypes: + customSearchOperators: description: >- - The solutions that the data store enrolls. Available solutions for - each industry_vertical: * `MEDIA`: `SOLUTION_TYPE_RECOMMENDATION` - and `SOLUTION_TYPE_SEARCH`. * `SITE_SEARCH`: `SOLUTION_TYPE_SEARCH` - is automatically enrolled. Other solutions cannot be enrolled. - type: array - items: - type: string - enumDescriptions: - - Default value. - - Used for Recommendations AI. - - Used for Discovery Search. - - Used for use cases related to the Generative AI agent. - - >- - Used for use cases related to the Generative Chat agent. It's - used for Generative chat engine only, the associated data stores - must enrolled with `SOLUTION_TYPE_CHAT` solution. - enum: - - SOLUTION_TYPE_UNSPECIFIED - - SOLUTION_TYPE_RECOMMENDATION - - SOLUTION_TYPE_SEARCH - - SOLUTION_TYPE_CHAT - - SOLUTION_TYPE_GENERATIVE_CHAT - defaultSchemaId: - description: >- - Output only. The id of the default Schema associated to this data - store. - readOnly: true + Optional. Custom search operators which if specified will be used to + filter results from workspace data stores. For more information on + custom search operators, see + [SearchOperators](https://support.google.com/cloudsearch/answer/6172299). type: string - contentConfig: + description: >- + A struct to define data stores to filter on in a search call and + configurations for those data stores. Otherwise, an `INVALID_ARGUMENT` + error is returned. + id: GoogleCloudDiscoveryengineV1SearchRequestDataStoreSpec + type: object + GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultList: + properties: + searchResults: + description: Search results. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResult + description: Search result list. + type: object + id: GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultList + GoogleCloudDiscoveryengineV1ListCmekConfigsResponse: + properties: + cmekConfigs: + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CmekConfig' + type: array + description: All the customer's CmekConfigs. + id: GoogleCloudDiscoveryengineV1ListCmekConfigsResponse + type: object + description: Response message for CmekConfigService.ListCmekConfigs method. + GoogleTypeDate: + properties: + day: + type: integer + format: int32 description: >- - Immutable. The content config of the data store. If this field is - unset, the server behavior defaults to ContentConfig.NO_CONTENT. - type: string - enumDescriptions: - - Default value. - - Only contains documents without any Document.content. - - Only contains documents with Document.content. - - The data store is used for public website search. - - >- - The data store is used for workspace search. Details of workspace - data store are specified in the WorkspaceConfig. - enum: - - CONTENT_CONFIG_UNSPECIFIED - - NO_CONTENT - - CONTENT_REQUIRED - - PUBLIC_WEBSITE - - GOOGLE_WORKSPACE - createTime: - description: Output only. Timestamp the DataStore was created at. - readOnly: true - type: string - format: google-datetime - advancedSiteSearchConfig: - description: Optional. Configuration for advanced site search. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaAdvancedSiteSearchConfig - languageInfo: - description: Language info for DataStore. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaLanguageInfo' - naturalLanguageQueryUnderstandingConfig: - description: Optional. Configuration for Natural Language Query Understanding. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaNaturalLanguageQueryUnderstandingConfig - kmsKeyName: + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. + year: + type: integer description: >- - Input only. The KMS key to be used to protect this DataStore at - creation time. Must be set for requests that need to comply with - CMEK Org Policy protections. If this field is set and processed - successfully, the DataStore will be protected by the KMS key, as - indicated in the cmek_config field. - type: string - cmekConfig: - description: Output only. CMEK-related information for the DataStore. - readOnly: true - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaCmekConfig' - idpConfig: - description: Output only. Data store level identity provider config. - readOnly: true - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaIdpConfig' - billingEstimation: - description: Output only. Data size estimation for billing. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaDataStoreBillingEstimation - aclEnabled: + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. + format: int32 + month: + format: int32 description: >- - Immutable. Whether data in the DataStore has ACL information. If set - to `true`, the source data must have ACL. ACL will be ingested when - data is ingested by DocumentService.ImportDocuments methods. When - ACL is enabled for the DataStore, Document can't be accessed by - calling DocumentService.GetDocument or - DocumentService.ListDocuments. Currently ACL is only supported in - `GENERIC` industry vertical with non-`PUBLIC_WEBSITE` content - config. + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. + type: integer + type: object + id: GoogleTypeDate + description: >- + Represents a whole or partial calendar date, such as a birthday. The + time of day and time zone are either specified elsewhere or are + insignificant. The date is relative to the Gregorian Calendar. This can + represent one of the following: * A full date, with non-zero year, + month, and day values. * A month and day, with a zero year (for example, + an anniversary). * A year on its own, with a zero month and a zero day. + * A year and month, with a zero day (for example, a credit card + expiration date). Related types: * google.type.TimeOfDay * + google.type.DateTime * google.protobuf.Timestamp + GoogleCloudDiscoveryengineV1alphaSearchRequestFacetSpecFacetKey: + description: Specifies how a facet is computed. + properties: + caseInsensitive: + description: >- + True to make facet keys case insensitive when getting faceting + values with prefixes or contains; false otherwise. type: boolean - workspaceConfig: + orderBy: description: >- - Config to store data store type configuration for workspace data. - This must be set when DataStore.content_config is set as - DataStore.ContentConfig.GOOGLE_WORKSPACE. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaWorkspaceConfig - documentProcessingConfig: - description: Configuration for Document understanding and enrichment. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfig - startingSchema: + The order in which documents are returned. Allowed values are: * + "count desc", which means order by SearchResponse.Facet.values.count + descending. * "value desc", which means order by + SearchResponse.Facet.values.value descending. Only applies to + textual facets. If not set, textual values are sorted in [natural + order](https://en.wikipedia.org/wiki/Natural_sort_order); numerical + intervals are sorted in the order given by + FacetSpec.FacetKey.intervals. + type: string + prefixes: description: >- - The start schema to use for this DataStore when provisioning it. If - unset, a default vertical specialized schema will be used. This - field is only used by CreateDataStore API, and will be ignored if - used in other APIs. This field will be omitted from all API - responses including CreateDataStore API. To retrieve a schema of a - DataStore, use SchemaService.GetSchema API instead. The provided - schema will be validated against certain rules on schema. Learn more - from [this - doc](https://cloud.google.com/generative-ai-app-builder/docs/provide-schema). - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaSchema' - healthcareFhirConfig: - description: Optional. Configuration for `HEALTHCARE_FHIR` vertical. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaHealthcareFhirConfig - servingConfigDataStore: - description: Optional. Stores serving config at DataStore level. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaDataStoreServingConfigDataStore - identityMappingStore: + Only get facet values that start with the given string prefix. For + example, suppose "category" has three values "Action > 2022", + "Action > 2021" and "Sci-Fi > 2022". If set "prefixes" to "Action", + the "category" facet only contains "Action > 2022" and "Action > + 2021". Only supported on textual fields. Maximum is 10. + items: + type: string + type: array + intervals: + type: array description: >- - Immutable. The fully qualified resource name of the associated - IdentityMappingStore. This field can only be set for acl_enabled - DataStores with `THIRD_PARTY` or `GSUITE` IdP. Format: - `projects/{project}/locations/{location}/identityMappingStores/{identity_mapping_store}`. + Set only if values should be bucketed into intervals. Must be set + for facets with numerical values. Must not be set for facet with + text values. Maximum number of intervals is 30. + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaInterval' + key: type: string - isInfobotFaqDataStore: - description: Optional. If set, this DataStore is an Infobot FAQ DataStore. - type: boolean - GoogleCloudDiscoveryengineV1alphaAdvancedSiteSearchConfig: - id: GoogleCloudDiscoveryengineV1alphaAdvancedSiteSearchConfig - description: Configuration data for advance site search. + description: >- + Required. Supported textual and numerical facet keys in Document + object, over which the facet values are computed. Facet key is + case-sensitive. + contains: + description: >- + Only get facet values that contain the given strings. For example, + suppose "category" has three values "Action > 2022", "Action > 2021" + and "Sci-Fi > 2022". If set "contains" to "2022", the "category" + facet only contains "Action > 2022" and "Sci-Fi > 2022". Only + supported on textual fields. Maximum is 10. + type: array + items: + type: string + restrictedValues: + items: + type: string + type: array + description: >- + Only get facet for the given restricted values. Only supported on + textual fields. For example, suppose "category" has three values + "Action > 2022", "Action > 2021" and "Sci-Fi > 2022". If set + "restricted_values" to "Action > 2022", the "category" facet only + contains "Action > 2022". Only supported on textual fields. Maximum + is 10. type: object + id: GoogleCloudDiscoveryengineV1alphaSearchRequestFacetSpecFacetKey + GoogleCloudDiscoveryengineV1PurgeCompletionSuggestionsResponse: + description: >- + Response message for CompletionService.PurgeCompletionSuggestions + method. properties: - disableInitialIndex: - description: If set true, initial indexing is disabled for the DataStore. - type: boolean - disableAutomaticRefresh: - description: If set true, automatic refresh is disabled for the DataStore. + purgeSucceeded: + description: Whether the completion suggestions were successfully purged. type: boolean - GoogleCloudDiscoveryengineV1alphaLanguageInfo: - id: GoogleCloudDiscoveryengineV1alphaLanguageInfo - description: Language info for DataStore. + errorSamples: + items: + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + description: A sample of errors encountered while processing the request. type: object + id: GoogleCloudDiscoveryengineV1PurgeCompletionSuggestionsResponse + GoogleCloudDiscoveryengineV1DeleteIdentityMappingStoreMetadata: properties: - languageCode: - description: The language code for the DataStore. - type: string - normalizedLanguageCode: - description: >- - Output only. This is the normalized form of language_code. E.g.: - language_code of `en-GB`, `en_GB`, `en-UK` or `en-gb` will have - normalized_language_code of `en-GB`. - readOnly: true - type: string - language: - description: >- - Output only. Language part of normalized_language_code. E.g.: - `en-US` -> `en`, `zh-Hans-HK` -> `zh`, `en` -> `en`. - readOnly: true + updateTime: + format: google-datetime type: string - region: description: >- - Output only. Region part of normalized_language_code, if present. - E.g.: `en-US` -> `US`, `zh-Hans-HK` -> `HK`, `en` -> ``. - readOnly: true + Operation last update time. If the operation is done, this is also + the finish time. + createTime: + format: google-datetime type: string - GoogleCloudDiscoveryengineV1alphaNaturalLanguageQueryUnderstandingConfig: - id: GoogleCloudDiscoveryengineV1alphaNaturalLanguageQueryUnderstandingConfig - description: Configuration for Natural Language Query Understanding. + description: Operation create time. + type: object + id: GoogleCloudDiscoveryengineV1DeleteIdentityMappingStoreMetadata + description: >- + Metadata related to the progress of the + IdentityMappingStoreService.DeleteIdentityMappingStore operation. This + will be returned by the google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1alphaInterval: + id: GoogleCloudDiscoveryengineV1alphaInterval type: object + description: A floating point interval. properties: - mode: + minimum: + description: Inclusive lower bound. + format: double + type: number + exclusiveMaximum: + format: double + type: number + description: Exclusive upper bound. + maximum: + format: double + description: Inclusive upper bound. + type: number + exclusiveMinimum: + format: double + description: Exclusive lower bound. + type: number + GoogleCloudDiscoveryengineLoggingConnectorRunErrorContext: + id: GoogleCloudDiscoveryengineLoggingConnectorRunErrorContext + description: >- + The error payload that is populated on LRO sync APIs, including the + following: * + `google.cloud.discoveryengine.v1main.DataConnectorService.SetUpDataConnector` + * + `google.cloud.discoveryengine.v1main.DataConnectorService.StartConnectorRun` + properties: + connectorRun: description: >- - Mode of Natural Language Query Understanding. If this field is - unset, the behavior defaults to - NaturalLanguageQueryUnderstandingConfig.Mode.DISABLED. + The full resource name of the Connector Run. Format: + `projects/*/locations/*/collections/*/dataConnector/connectorRuns/*`. + The `connector_run_id` is system-generated. type: string - enumDescriptions: - - Default value. - - Natural Language Query Understanding is disabled. - - Natural Language Query Understanding is enabled. - enum: - - MODE_UNSPECIFIED - - DISABLED - - ENABLED - GoogleCloudDiscoveryengineV1alphaDataStoreBillingEstimation: - id: GoogleCloudDiscoveryengineV1alphaDataStoreBillingEstimation - description: Estimation of data size per data store. - type: object - properties: - structuredDataSize: - description: Data size for structured data in terms of bytes. + entity: + description: The entity to sync for the connector run. type: string - format: int64 - unstructuredDataSize: - description: Data size for unstructured data in terms of bytes. + startTime: + format: google-datetime type: string - format: int64 - websiteDataSize: - description: Data size for websites in terms of bytes. + description: The time when the connector run started. + dataConnector: + description: >- + The full resource name of the DataConnector. Format: + `projects/*/locations/*/collections/*/dataConnector`. type: string - format: int64 - structuredDataUpdateTime: - description: Last updated timestamp for structured data. + syncType: type: string + description: >- + The type of sync run. Can be one of the following: * `FULL` * + `INCREMENTAL` + endTime: + description: The time when the connector run ended. format: google-datetime - unstructuredDataUpdateTime: - description: Last updated timestamp for unstructured data. type: string - format: google-datetime - websiteDataUpdateTime: - description: Last updated timestamp for websites. + operation: + description: The operation resource name of the LRO to sync the connector. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaWorkspaceConfig: - id: GoogleCloudDiscoveryengineV1alphaWorkspaceConfig - description: Config to store data store type configuration for workspace data + type: object + GoogleCloudDiscoveryengineV1betaPurgeDocumentsMetadata: + description: >- + Metadata related to the progress of the PurgeDocuments operation. This + will be returned by the google.longrunning.Operation.metadata field. type: object properties: - type: - description: The Google Workspace data source. + successCount: + description: Count of entries that were deleted successfully. type: string - enumDescriptions: - - Defaults to an unspecified Workspace type. - - Workspace Data Store contains Drive data - - Workspace Data Store contains Mail data - - Workspace Data Store contains Sites data - - Workspace Data Store contains Calendar data - - Workspace Data Store contains Chat data - - Workspace Data Store contains Groups data - - Workspace Data Store contains Keep data - - Workspace Data Store contains People data - enum: - - TYPE_UNSPECIFIED - - GOOGLE_DRIVE - - GOOGLE_MAIL - - GOOGLE_SITES - - GOOGLE_CALENDAR - - GOOGLE_CHAT - - GOOGLE_GROUPS - - GOOGLE_KEEP - - GOOGLE_PEOPLE - dasherCustomerId: - description: Obfuscated Dasher customer ID. + format: int64 + failureCount: + description: Count of entries that encountered errors while processing. + format: int64 type: string - superAdminServiceAccount: - description: >- - Optional. The super admin service account for the workspace that - will be used for access token generation. For now we only use it for - Native Google Drive connector data ingestion. + createTime: + format: google-datetime + description: Operation create time. type: string - superAdminEmailAddress: + ignoredCount: + format: int64 + type: string + description: Count of entries that were ignored as entries were not found. + updateTime: description: >- - Optional. The super admin email address for the workspace that will - be used for access token generation. For now we only use it for - Native Google Drive connector data ingestion. + Operation last update time. If the operation is done, this is also + the finish time. type: string - GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfig: - id: GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfig - description: >- - A singleton resource of DataStore. If it's empty when DataStore is - created and DataStore is set to - DataStore.ContentConfig.CONTENT_REQUIRED, the default parser will - default to digital parser. + format: google-datetime + id: GoogleCloudDiscoveryengineV1betaPurgeDocumentsMetadata + GoogleCloudDiscoveryengineV1ProjectCustomerProvidedConfigNotebooklmConfig: type: object properties: - name: - description: >- - The full resource name of the Document Processing Config. Format: - `projects/*/locations/*/collections/*/dataStores/*/documentProcessingConfig`. - type: string - chunkingConfig: - description: Whether chunking mode is enabled. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigChunkingConfig - defaultParsingConfig: + modelArmorConfig: description: >- - Configurations for default Document parser. If not specified, we - will configure it as default DigitalParsingConfig, and the default - parsing config will be applied to all file types for Document - parsing. + Model Armor configuration to be used for sanitizing user prompts and + LLM responses. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfig - parsingConfigOverrides: + #/components/schemas/GoogleCloudDiscoveryengineV1ProjectCustomerProvidedConfigNotebooklmConfigModelArmorConfig + optOutNotebookSharing: description: >- - Map from file type to override the default parsing configuration - based on the file type. Supported keys: * `pdf`: Override parsing - config for PDF files, either digital parsing, ocr parsing or layout - parsing is supported. * `html`: Override parsing config for HTML - files, only digital parsing and layout parsing are supported. * - `docx`: Override parsing config for DOCX files, only digital parsing - and layout parsing are supported. * `pptx`: Override parsing config - for PPTX files, only digital parsing and layout parsing are - supported. * `xlsm`: Override parsing config for XLSM files, only - digital parsing and layout parsing are supported. * `xlsx`: Override - parsing config for XLSX files, only digital parsing and layout - parsing are supported. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfig - GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigChunkingConfig: - id: GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigChunkingConfig - description: Configuration for chunking config. - type: object - properties: - layoutBasedChunkingConfig: - description: Configuration for the layout based chunking. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig - GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig: + Optional. Whether to disable the notebook sharing feature for the + project. Default to false if not specified. + type: boolean id: >- - GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig - description: Configuration for the layout based chunking. - type: object + GoogleCloudDiscoveryengineV1ProjectCustomerProvidedConfigNotebooklmConfig + description: Configuration for NotebookLM. + GoogleCloudDiscoveryengineV1betaControlBoostActionInterpolationBoostSpec: properties: - chunkSize: - description: >- - The token size limit for each chunk. Supported values: 100-500 - (inclusive). Default value: 500. - type: integer - format: int32 - includeAncestorHeadings: + attributeType: + type: string description: >- - Whether to include appending different levels of headings to chunks - from the middle of the document to prevent context loss. Default - value: False. - type: boolean - GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfig: - id: GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfig - description: Related configurations applied to a specific type of document parser. + Optional. The attribute type to be used to determine the boost + amount. The attribute value can be derived from the field value of + the specified field_name. In the case of numerical it is + straightforward i.e. attribute_value = numerical_field_value. In the + case of freshness however, attribute_value = (time.now() - + datetime_field_value). + enum: + - ATTRIBUTE_TYPE_UNSPECIFIED + - NUMERICAL + - FRESHNESS + enumDescriptions: + - Unspecified AttributeType. + - >- + The value of the numerical field will be used to dynamically + update the boost amount. In this case, the attribute_value (the x + value) of the control point will be the actual value of the + numerical field for which the boost_amount is specified. + - >- + For the freshness use case the attribute value will be the + duration between the current time and the date in the datetime + field specified. The value must be formatted as an XSD + `dayTimeDuration` value (a restricted subset of an ISO 8601 + duration value). The pattern for this is: `nDnM]`. For example, + `5D`, `3DT12H30M`, `T24H`. + fieldName: + description: >- + Optional. The name of the field whose value will be used to + determine the boost amount. + type: string + interpolationType: + enumDescriptions: + - >- + Interpolation type is unspecified. In this case, it defaults to + Linear. + - Piecewise linear interpolation will be applied. + type: string + description: >- + Optional. The interpolation type to be applied to connect the + control points listed below. + enum: + - INTERPOLATION_TYPE_UNSPECIFIED + - LINEAR + controlPoints: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaControlBoostActionInterpolationBoostSpecControlPoint + description: >- + Optional. The control points used to define the curve. The monotonic + function (defined through the interpolation_type above) passes + through the control points listed here. + description: >- + Specification for custom ranking based on customer specified attribute + value. It provides more controls for customized ranking than the simple + (condition, boost) combination above. type: object + id: GoogleCloudDiscoveryengineV1betaControlBoostActionInterpolationBoostSpec + GoogleCloudDiscoveryengineV1ListUserLicensesResponse: + description: Response message for UserLicenseService.ListUserLicenses. + id: GoogleCloudDiscoveryengineV1ListUserLicensesResponse properties: - digitalParsingConfig: - description: Configurations applied to digital parser. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigDigitalParsingConfig - ocrParsingConfig: + userLicenses: + type: array + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserLicense' + description: All the customer's UserLicenses. + nextPageToken: description: >- - Configurations applied to OCR parser. Currently it only applies to - PDFs. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigOcrParsingConfig - layoutParsingConfig: - description: Configurations applied to layout parser. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigLayoutParsingConfig - GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigDigitalParsingConfig: - id: >- - GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigDigitalParsingConfig - description: The digital parsing configurations for documents. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + type: object + GoogleCloudDiscoveryengineV1ProjectServiceTerms: + type: object + description: Metadata about the terms of service. + id: GoogleCloudDiscoveryengineV1ProjectServiceTerms + properties: + version: + type: string + description: >- + The version string of the terms of service. For acceptable values, + see the comments for id above. + id: + description: >- + The unique identifier of this terms of service. Available terms: * + `GA_DATA_USE_TERMS`: [Terms for data + use](https://cloud.google.com/retail/data-use-terms). When using + this as `id`, the acceptable version to provide is `2022-11-23`. + type: string + acceptTime: + format: google-datetime + description: The last time when the project agreed to the terms of service. + type: string + state: + enumDescriptions: + - The default value of the enum. This value is not actually used. + - The project has given consent to the terms of service. + - The project is pending to review and accept the terms of service. + - >- + The project has declined or revoked the agreement to terms of + service. + type: string + enum: + - STATE_UNSPECIFIED + - TERMS_ACCEPTED + - TERMS_PENDING + - TERMS_DECLINED + description: >- + Whether the project has accepted/rejected the service terms or it is + still pending. + declineTime: + type: string + description: >- + The last time when the project declined or revoked the agreement to + terms of service. + format: google-datetime + GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig: type: object - properties: {} - GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigOcrParsingConfig: id: >- - GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigOcrParsingConfig - description: The OCR parsing configurations for documents. + GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig + description: Configuration for the layout based chunking. + properties: + chunkSize: + format: int32 + type: integer + description: >- + The token size limit for each chunk. Supported values: 100-500 + (inclusive). Default value: 500. + includeAncestorHeadings: + description: >- + Whether to include appending different levels of headings to chunks + from the middle of the document to prevent context loss. Default + value: False. + type: boolean + GoogleCloudDiscoveryengineV1AssistantGroundedContent: + description: >- + A piece of content and possibly its grounding information. Not all + content needs grounding. Phrases like "Of course, I will gladly search + it for you." do not need grounding. + id: GoogleCloudDiscoveryengineV1AssistantGroundedContent + properties: + content: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AssistantContent' + description: The content. + textGroundingMetadata: + description: Metadata for grounding based on text sources. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AssistantGroundedContentTextGroundingMetadata + citationMetadata: + description: >- + Source attribution of the generated content. See also + https://cloud.google.com/vertex-ai/generative-ai/docs/learn/overview#citation_check + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CitationMetadata' + type: object + GoogleCloudDiscoveryengineV1AnswerStepActionSearchAction: + description: Search action. type: object + id: GoogleCloudDiscoveryengineV1AnswerStepActionSearchAction properties: - enhancedDocumentElements: + query: + type: string + description: The query to search. + GoogleCloudDiscoveryengineV1PanelInfo: + type: object + properties: + panelPosition: + format: int32 description: >- - [DEPRECATED] This field is deprecated. To use the additional - enhanced document elements processing, please switch to - `layout_parsing_config`. - deprecated: true + The ordered position of the panel, if shown to the user with other + panels. If set, then total_panels must also be set. + type: integer + documents: + description: Optional. The document IDs associated with this panel. type: array items: - type: string - useNativeText: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DocumentInfo' + displayName: + description: The display name of the panel. + type: string + totalPanels: + format: int32 + type: integer description: >- - If true, will use native text instead of OCR text on pages - containing native text. - type: boolean - GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigLayoutParsingConfig: - id: >- - GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigLayoutParsingConfig - description: The layout parsing configurations for documents. - type: object + The total number of panels, including this one, shown to the user. + Must be set if panel_position is set. + panelId: + description: Required. The panel ID. + type: string + description: Detailed panel information associated with a user event. + id: GoogleCloudDiscoveryengineV1PanelInfo + GoogleCloudDiscoveryengineV1alphaPurgeDocumentsMetadata: properties: - enableTableAnnotation: + ignoredCount: + description: Count of entries that were ignored as entries were not found. + type: string + format: int64 + updateTime: + format: google-datetime description: >- - Optional. If true, the LLM based annotation is added to the table - during parsing. - type: boolean - enableImageAnnotation: + Operation last update time. If the operation is done, this is also + the finish time. + type: string + failureCount: + description: Count of entries that encountered errors while processing. + format: int64 + type: string + successCount: + type: string + format: int64 + description: Count of entries that were deleted successfully. + createTime: + type: string + description: Operation create time. + format: google-datetime + type: object + description: >- + Metadata related to the progress of the PurgeDocuments operation. This + will be returned by the google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1alphaPurgeDocumentsMetadata + GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpec: + id: GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpec + description: Boost specification to boost certain documents. + type: object + properties: + conditionBoostSpecs: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpec description: >- - Optional. If true, the LLM based annotation is added to the image - during parsing. + Condition boost specifications. If a document matches multiple + conditions in the specifications, boost scores from these + specifications are all applied and combined in a non-linear way. + Maximum number of specifications is 20. + GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesResponse: + type: object + properties: + userLicenses: + type: array + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserLicense' + description: UserLicenses successfully updated. + errorSamples: + description: A sample of errors encountered while processing the request. + type: array + items: + $ref: '#/components/schemas/GoogleRpcStatus' + id: GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesResponse + description: Response message for UserLicenseService.BatchUpdateUserLicenses method. + GoogleCloudDiscoveryengineV1alphaDataConnectorRealtimeSyncConfigStreamingError: + id: >- + GoogleCloudDiscoveryengineV1alphaDataConnectorRealtimeSyncConfigStreamingError + description: Streaming error details. + type: object + properties: + error: + description: Optional. Error details. + $ref: '#/components/schemas/GoogleRpcStatus' + streamingErrorReason: + type: string + enum: + - STREAMING_ERROR_REASON_UNSPECIFIED + - STREAMING_SETUP_ERROR + - STREAMING_SYNC_ERROR + - INGRESS_ENDPOINT_REQUIRED + enumDescriptions: + - Streaming error reason unspecified. + - Some error occurred while setting up resources for realtime sync. + - >- + Some error was encountered while running realtime sync for the + connector. + - >- + Ingress endpoint is required when setting up realtime sync in + private connectivity. + description: Optional. Streaming error. + GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfigLayoutParsingConfig: + properties: + enableLlmLayoutParsing: + description: Optional. If true, the pdf layout will be refined using an LLM. type: boolean structuredContentTypes: description: >- Optional. Contains the required structure types to extract from the document. Supported values: * `shareholder-structure` - type: array items: type: string - excludeHtmlElements: - description: Optional. List of HTML elements to exclude from the parsed content. type: array - items: - type: string - excludeHtmlClasses: - description: Optional. List of HTML classes to exclude from the parsed content. + excludeHtmlIds: type: array + description: Optional. List of HTML ids to exclude from the parsed content. items: type: string - excludeHtmlIds: - description: Optional. List of HTML ids to exclude from the parsed content. + enableImageAnnotation: + type: boolean + description: >- + Optional. If true, the LLM based annotation is added to the image + during parsing. + excludeHtmlClasses: type: array items: type: string + description: Optional. List of HTML classes to exclude from the parsed content. enableGetProcessedDocument: + type: boolean description: >- Optional. If true, the processed document will be made available for the GetProcessedDocument API. + enableTableAnnotation: type: boolean - GoogleCloudDiscoveryengineV1alphaDataStoreServingConfigDataStore: - id: GoogleCloudDiscoveryengineV1alphaDataStoreServingConfigDataStore + description: >- + Optional. If true, the LLM based annotation is added to the table + during parsing. + excludeHtmlElements: + items: + type: string + description: Optional. List of HTML elements to exclude from the parsed content. + type: array + description: The layout parsing configurations for documents. + id: >- + GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfigLayoutParsingConfig + type: object + GoogleCloudDiscoveryengineV1ProjectCustomerProvidedConfigNotebooklmConfigModelArmorConfig: + type: object + properties: + userPromptTemplate: + description: >- + Optional. The resource name of the Model Armor Template for + sanitizing user prompts. Format: + projects/{project}/locations/{location}/templates/{template_id} If + not specified, no sanitization will be applied to the user prompt. + type: string + responseTemplate: + type: string + description: >- + Optional. The resource name of the Model Armor Template for + sanitizing LLM responses. Format: + projects/{project}/locations/{location}/templates/{template_id} If + not specified, no sanitization will be applied to the LLM response. + id: >- + GoogleCloudDiscoveryengineV1ProjectCustomerProvidedConfigNotebooklmConfigModelArmorConfig description: >- - Stores information regarding the serving configurations at DataStore - level. + Configuration for customer defined Model Armor templates to be used for + sanitizing user prompts and LLM responses. + GoogleCloudDiscoveryengineV1alphaEvaluationEvaluationSpec: + description: Describes the specification of the evaluation. type: object + id: GoogleCloudDiscoveryengineV1alphaEvaluationEvaluationSpec + properties: + querySetSpec: + description: Optional. The specification of the query set. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaEvaluationEvaluationSpecQuerySetSpec + searchRequest: + description: >- + Required. The search request that is used to perform the evaluation. + Only the following fields within SearchRequest are supported; if any + other fields are provided, an UNSUPPORTED error will be returned: * + SearchRequest.serving_config * SearchRequest.branch * + SearchRequest.canonical_filter * SearchRequest.query_expansion_spec + * SearchRequest.spell_correction_spec * + SearchRequest.content_search_spec * SearchRequest.user_pseudo_id + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequest' + GoogleCloudDiscoveryengineV1DataStoreServingConfigDataStore: + id: GoogleCloudDiscoveryengineV1DataStoreServingConfigDataStore properties: disabledForServing: description: >- Optional. If set true, the DataStore will not be available for serving search requests. type: boolean - GoogleCloudDiscoveryengineV1alphaDeleteCmekConfigMetadata: - id: GoogleCloudDiscoveryengineV1alphaDeleteCmekConfigMetadata description: >- - Metadata related to the progress of the - CmekConfigService.DeleteCmekConfig operation. This will be returned by - the google.longrunning.Operation.metadata field. + Stores information regarding the serving configurations at DataStore + level. type: object - properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaDeleteCollectionMetadata: - id: GoogleCloudDiscoveryengineV1alphaDeleteCollectionMetadata + GoogleCloudDiscoveryengineV1alphaProvisionProjectMetadata: + id: GoogleCloudDiscoveryengineV1alphaProvisionProjectMetadata + description: Metadata associated with a project provision operation. + properties: {} + type: object + GoogleCloudDiscoveryengineV1alphaEstimateDataSizeMetadata: description: >- - Metadata related to the progress of the - CollectionService.UpdateCollection operation. This will be returned by - the google.longrunning.Operation.metadata field. + Metadata related to the progress of the EstimateDataSize operation. This + is returned by the google.longrunning.Operation.metadata field. type: object + id: GoogleCloudDiscoveryengineV1alphaEstimateDataSizeMetadata properties: createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. type: string format: google-datetime - GoogleCloudDiscoveryengineV1alphaDeleteDataStoreMetadata: - id: GoogleCloudDiscoveryengineV1alphaDeleteDataStoreMetadata - description: >- - Metadata related to the progress of the DataStoreService.DeleteDataStore - operation. This will be returned by the - google.longrunning.Operation.metadata field. + description: Operation create time. + GoogleCloudDiscoveryengineV1alphaAdvancedSiteSearchConfig: + description: Configuration data for advance site search. + properties: + disableInitialIndex: + type: boolean + description: If set true, initial indexing is disabled for the DataStore. + disableAutomaticRefresh: + description: If set true, automatic refresh is disabled for the DataStore. + type: boolean type: object + id: GoogleCloudDiscoveryengineV1alphaAdvancedSiteSearchConfig + GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigOptimizationObjectiveConfig: properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + targetField: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Required. The name of the field to target. Currently supported + values: `watch-percentage`, `watch-time`. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaDeleteEngineMetadata: - id: GoogleCloudDiscoveryengineV1alphaDeleteEngineMetadata - description: >- - Metadata related to the progress of the EngineService.DeleteEngine - operation. This will be returned by the - google.longrunning.Operation.metadata field. + targetFieldValueFloat: + description: Required. The threshold to be applied to the target (e.g., 0.5). + format: float + type: number + type: object + id: >- + GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigOptimizationObjectiveConfig + description: Custom threshold for `cvr` optimization_objective. + GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigMostPopularFeatureConfig: + id: >- + GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigMostPopularFeatureConfig type: object properties: - createTime: - description: Operation create time. + timeWindowDays: type: string - format: google-datetime - updateTime: description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaDeleteIdentityMappingStoreMetadata: - id: GoogleCloudDiscoveryengineV1alphaDeleteIdentityMappingStoreMetadata + The time window of which the engine is queried at training and + prediction time. Positive integers only. The value translates to the + last X days of events. Currently required for the + `most-popular-items` engine. + format: int64 description: >- - Metadata related to the progress of the - IdentityMappingStoreService.DeleteIdentityMappingStore operation. This - will be returned by the google.longrunning.Operation.metadata field. - type: object + Feature configurations that are required for creating a Most Popular + engine. + GoogleCloudDiscoveryengineV1AnswerGenerationSpec: + description: The specification for answer generation. + id: GoogleCloudDiscoveryengineV1AnswerGenerationSpec properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaDeleteSchemaMetadata: - id: GoogleCloudDiscoveryengineV1alphaDeleteSchemaMetadata - description: Metadata for DeleteSchema LRO. + userDefinedClassifierSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerGenerationSpecUserDefinedClassifierSpec + description: Optional. The specification for user specified classifier spec. type: object + GoogleCloudDiscoveryengineV1AnswerGroundingSupport: + description: Grounding support for a claim in `answer_text`. properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. + startIndex: type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaDeleteSessionRequest: - id: GoogleCloudDiscoveryengineV1alphaDeleteSessionRequest - description: Request for DeleteSession method. - type: object - properties: - name: description: >- - Required. The resource name of the Session to delete. Format: - `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store_id}/sessions/{session_id}` - type: string - GoogleCloudDiscoveryengineV1alphaDeleteSitemapMetadata: - id: GoogleCloudDiscoveryengineV1alphaDeleteSitemapMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.DeleteSitemap operation. This will be returned - by the google.longrunning.Operation.metadata field. - type: object - properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + Required. Index indicates the start of the claim, measured in bytes + (UTF-8 unicode). + format: int64 + groundingScore: + type: number + format: double description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaDeleteTargetSiteMetadata: - id: GoogleCloudDiscoveryengineV1alphaDeleteTargetSiteMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.DeleteTargetSite operation. This will be - returned by the google.longrunning.Operation.metadata field. - type: object - properties: - createTime: - description: Operation create time. + A score in the range of [0, 1] describing how grounded is a specific + claim by the references. Higher value means that the claim is better + supported by the reference chunks. + endIndex: type: string - format: google-datetime - updateTime: + format: int64 + description: Required. End of the claim, exclusive. + groundingCheckRequired: description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaDisableAdvancedSiteSearchMetadata: - id: GoogleCloudDiscoveryengineV1alphaDisableAdvancedSiteSearchMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.DisableAdvancedSiteSearch operation. This will - be returned by the google.longrunning.Operation.metadata field. + Indicates that this claim required grounding check. When the system + decided this claim didn't require attribution/grounding check, this + field is set to false. In that case, no grounding check was done for + the claim and therefore `grounding_score`, `sources` is not + returned. + type: boolean + sources: + type: array + description: Optional. Citation sources for the claim. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerCitationSource + id: GoogleCloudDiscoveryengineV1AnswerGroundingSupport type: object + GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSnippetSpec: properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + returnSnippet: description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaDisableAdvancedSiteSearchResponse: - id: GoogleCloudDiscoveryengineV1alphaDisableAdvancedSiteSearchResponse - description: >- - Response message for SiteSearchEngineService.DisableAdvancedSiteSearch - method. + If `true`, then return snippet. If no snippet can be generated, we + return "No snippet is available for this page." A `snippet_status` + with `SUCCESS` or `NO_SNIPPET_AVAILABLE` will also be returned. + type: boolean + referenceOnly: + type: boolean + deprecated: true + description: >- + [DEPRECATED] This field is deprecated and will have no affect on the + snippet. + maxSnippetCount: + deprecated: true + format: int32 + description: >- + [DEPRECATED] This field is deprecated. To control snippet return, + use `return_snippet` field. For backwards compatibility, we will + return snippet if max_snippet_count > 0. + type: integer + description: A specification for configuring snippets in a search response. + id: GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSnippetSpec type: object - properties: {} - GoogleCloudDiscoveryengineV1alphaEnableAdvancedSiteSearchMetadata: - id: GoogleCloudDiscoveryengineV1alphaEnableAdvancedSiteSearchMetadata + GoogleCloudDiscoveryengineV1StreamAssistRequestGenerationSpec: description: >- - Metadata related to the progress of the - SiteSearchEngineService.EnableAdvancedSiteSearch operation. This will be - returned by the google.longrunning.Operation.metadata field. - type: object + Assistant generation specification for the request. This allows to + override the default generation configuration at the engine level. properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + modelId: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Optional. The Vertex AI model_id used for the generative model. If + not set, the default Assistant model will be used. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaEnableAdvancedSiteSearchResponse: - id: GoogleCloudDiscoveryengineV1alphaEnableAdvancedSiteSearchResponse - description: >- - Response message for SiteSearchEngineService.EnableAdvancedSiteSearch - method. + id: GoogleCloudDiscoveryengineV1StreamAssistRequestGenerationSpec type: object - properties: {} - GoogleCloudDiscoveryengineV1alphaEngine: - id: GoogleCloudDiscoveryengineV1alphaEngine - description: >- - Metadata that describes the training and serving parameters of an - Engine. + GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpec: + id: >- + GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpec + description: A specification for configuring a summary returned in a search response. type: object properties: - similarDocumentsConfig: - description: Additional config specs for a `similar-items` engine. + multimodalSpec: + description: Optional. Multimodal specification. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineSimilarDocumentsEngineConfig - chatEngineConfig: + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecMultiModalSpec + ignoreAdversarialQuery: + type: boolean description: >- - Configurations for the Chat Engine. Only applicable if solution_type - is SOLUTION_TYPE_CHAT. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfig - searchEngineConfig: + Specifies whether to filter out adversarial queries. The default + value is `false`. Google employs search-query classification to + detect adversarial queries. No summary is returned if the search + query is classified as an adversarial query. For example, a user + might ask a question regarding negative comments about the company + or submit a query designed to generate unsafe, policy-violating + output. If this field is set to `true`, we skip generating summaries + for adversarial queries and return fallback messages instead. + useSemanticChunks: + type: boolean description: >- - Configurations for the Search Engine. Only applicable if - solution_type is SOLUTION_TYPE_SEARCH. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineSearchEngineConfig - mediaRecommendationEngineConfig: + If true, answer will be generated from most relevant chunks from top + search results. This feature will improve summary quality. Note that + with this feature enabled, not all top search results will be + referenced and included in the reference list, so the citation + source index only points to the search results listed in the + reference list. + modelPromptSpec: description: >- - Configurations for the Media Engine. Only applicable on the data - stores with solution_type SOLUTION_TYPE_RECOMMENDATION and - IndustryVertical.MEDIA vertical. + If specified, the spec will be used to modify the prompt provided to + the LLM. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfig - recommendationMetadata: + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecModelPromptSpec + ignoreLowRelevantContent: description: >- - Output only. Additional information of a recommendation engine. Only - applicable if solution_type is SOLUTION_TYPE_RECOMMENDATION. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineRecommendationMetadata - chatEngineMetadata: + Specifies whether to filter out queries that have low relevance. The + default value is `false`. If this field is set to `false`, all + search results are used regardless of relevance to generate answers. + If set to `true`, only queries with high relevance search results + will generate answers. + type: boolean + ignoreNonSummarySeekingQuery: + type: boolean description: >- - Output only. Additional information of the Chat Engine. Only - applicable if solution_type is SOLUTION_TYPE_CHAT. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineChatEngineMetadata - name: + Specifies whether to filter out queries that are not + summary-seeking. The default value is `false`. Google employs + search-query classification to detect summary-seeking queries. No + summary is returned if the search query is classified as a + non-summary seeking query. For example, `why is the sky blue` and + `Who is the best soccer player in the world?` are summary-seeking + queries, but `SFO airport` and `world cup 2026` are not. They are + most likely navigational queries. If this field is set to `true`, we + skip generating summaries for non-summary seeking queries and return + fallback messages instead. + summaryResultCount: description: >- - Immutable. Identifier. The fully qualified resource name of the - engine. This field must be a UTF-8 encoded string with a length - limit of 1024 characters. Format: - `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}` - engine should be 1-63 characters, and valid characters are - /a-z0-9*/. Otherwise, an INVALID_ARGUMENT error is returned. - type: string - displayName: + The number of top results to generate the summary from. If the + number of results returned is less than `summaryResultCount`, the + summary is generated from all of the results. At most 10 results for + documents mode, or 50 for chunks mode, can be used to generate a + summary. The chunks mode is used when + SearchRequest.ContentSearchSpec.search_result_mode is set to CHUNKS. + format: int32 + type: integer + includeCitations: + type: boolean description: >- - Required. The display name of the engine. Should be human readable. - UTF-8 encoded string with limit of 1024 characters. - type: string - createTime: - description: Output only. Timestamp the Recommendation Engine was created at. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Timestamp the Recommendation Engine was last updated. - readOnly: true + Specifies whether to include citations in the summary. The default + value is `false`. When this field is set to `true`, summaries + include in-line citation numbers. Example summary including + citations: BigQuery is Google Cloud's fully managed and completely + serverless enterprise data warehouse [1]. BigQuery supports all data + types, works across clouds, and has built-in machine learning and + business intelligence, all within a unified platform [2, 3]. The + citation numbers refer to the returned search results and are + 1-indexed. For example, [1] means that the sentence is attributed to + the first search result. [2, 3] means that the sentence is + attributed to both the second and third search results. + languageCode: type: string - format: google-datetime - dataStoreIds: description: >- - Optional. The data stores associated with this engine. For - SOLUTION_TYPE_SEARCH and SOLUTION_TYPE_RECOMMENDATION type of - engines, they can only associate with at most one data store. If - solution_type is SOLUTION_TYPE_CHAT, multiple DataStores in the same - Collection can be associated here. Note that when used in - CreateEngineRequest, one DataStore id must be provided as the system - will use it for necessary initializations. - type: array - items: - type: string - solutionType: - description: Required. The solutions of the engine. - type: string - enumDescriptions: - - Default value. - - Used for Recommendations AI. - - Used for Discovery Search. - - Used for use cases related to the Generative AI agent. - - >- - Used for use cases related to the Generative Chat agent. It's used - for Generative chat engine only, the associated data stores must - enrolled with `SOLUTION_TYPE_CHAT` solution. - enum: - - SOLUTION_TYPE_UNSPECIFIED - - SOLUTION_TYPE_RECOMMENDATION - - SOLUTION_TYPE_SEARCH - - SOLUTION_TYPE_CHAT - - SOLUTION_TYPE_GENERATIVE_CHAT - industryVertical: + Language code for Summary. Use language tags defined by + [BCP47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). Note: This is + an experimental feature. + modelSpec: description: >- - Optional. The industry vertical that the engine registers. The - restriction of the Engine industry vertical is based on DataStore: - Vertical on Engine has to match vertical of the DataStore linked to - the engine. - type: string - enumDescriptions: - - Value used when unset. - - >- - The generic vertical for documents that are not specific to any - industry vertical. - - The media industry vertical. - - The healthcare FHIR vertical. - enum: - - INDUSTRY_VERTICAL_UNSPECIFIED - - GENERIC - - MEDIA - - HEALTHCARE_FHIR - commonConfig: - description: Common config spec that specifies the metadata of the engine. + If specified, the spec will be used to modify the model + specification provided to the LLM. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineCommonConfig - disableAnalytics: - description: >- - Optional. Whether to disable analytics for searches performed on - this engine. + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecModelSpec + ignoreJailBreakingQuery: type: boolean - features: description: >- - Optional. Feature config for the engine to opt in or opt out of - features. Supported keys: * `*`: all features, if it's present, all - other feature state settings are ignored. * `agent-gallery` * - `no-code-agent-builder` * `prompt-gallery` * `model-selector` * - `notebook-lm` * `people-search` * `people-search-org-chart` * - `bi-directional-audio` * `feedback` * `session-sharing` * - `personalization-memory` - Enables personalization based on user - preferences. - type: object - additionalProperties: - type: string - enumDescriptions: - - The feature state is unspecified. - - The feature is turned on to be accessible. - - The feature is turned off to be inaccessible. - enum: - - FEATURE_STATE_UNSPECIFIED - - FEATURE_STATE_ON - - FEATURE_STATE_OFF - GoogleCloudDiscoveryengineV1alphaEngineSimilarDocumentsEngineConfig: - id: GoogleCloudDiscoveryengineV1alphaEngineSimilarDocumentsEngineConfig - description: Additional config specs for a `similar-items` engine. + Optional. Specifies whether to filter out jail-breaking queries. The + default value is `false`. Google employs search-query classification + to detect jail-breaking queries. No summary is returned if the + search query is classified as a jail-breaking query. A user might + add instructions to the query to change the tone, style, language, + content of the answer, or ask the model to act as a different + entity, e.g. "Reply in the tone of a competing company's CEO". If + this field is set to `true`, we skip generating summaries for + jail-breaking queries and return fallback messages instead. + GoogleCloudDiscoveryengineV1AssistantContentFile: + id: GoogleCloudDiscoveryengineV1AssistantContentFile type: object - properties: {} - GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfig: - id: GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfig - description: Configurations for a Chat Engine. + description: A file, e.g., an audio summary. + properties: + fileId: + description: Required. The file ID. + type: string + mimeType: + description: Required. The media type (MIME type) of the file. + type: string + GoogleCloudDiscoveryengineV1alphaQualityMetrics: type: object + id: GoogleCloudDiscoveryengineV1alphaQualityMetrics + description: Describes the metrics produced by the evaluation. properties: - agentCreationConfig: + docPrecision: description: >- - The configurationt generate the Dialogflow agent that is associated - to this Engine. Note that these configurations are one-time consumed - by and passed to Dialogflow service. It means they cannot be - retrieved using EngineService.GetEngine or EngineService.ListEngines - API after engine creation. + Precision per document, at various top-k cutoff levels. Precision is + the fraction of retrieved documents that are relevant. Example + (top-5): * For a single SampleQuery, If 4 out of 5 retrieved + documents in the top-5 are relevant, precision@5 = 4/5 = 0.8 $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfigAgentCreationConfig - dialogflowAgentToLink: + #/components/schemas/GoogleCloudDiscoveryengineV1alphaQualityMetricsTopkMetrics + pageRecall: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaQualityMetricsTopkMetrics description: >- - The resource name of an exist Dialogflow agent to link to this Chat - Engine. Customers can either provide `agent_creation_config` to - create agent or provide an agent name that links the agent with the - Chat engine. Format: `projects//locations//agents/`. Note that the - `dialogflow_agent_to_link` are one-time consumed by and passed to - Dialogflow service. It means they cannot be retrieved using - EngineService.GetEngine or EngineService.ListEngines API after - engine creation. Use ChatEngineMetadata.dialogflow_agent for actual - agent association after Engine is created. - type: string - allowCrossRegion: + Recall per page, at various top-k cutoff levels. Recall is the + fraction of relevant pages retrieved out of all relevant pages. + Example (top-5): * For a single SampleQuery, if 3 out of 5 relevant + pages are retrieved in the top-5, recall@5 = 3/5 = 0.6 + docNdcg: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaQualityMetricsTopkMetrics description: >- - Optional. If the flag set to true, we allow the agent and engine are - in different locations, otherwise the agent and engine are required - to be in the same location. The flag is set to false by default. - Note that the `allow_cross_region` are one-time consumed by and - passed to EngineService.CreateEngine. It means they cannot be - retrieved using EngineService.GetEngine or EngineService.ListEngines - API after engine creation. - type: boolean - GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfigAgentCreationConfig: - id: >- - GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfigAgentCreationConfig - description: >- - Configurations for generating a Dialogflow agent. Note that these - configurations are one-time consumed by and passed to Dialogflow - service. It means they cannot be retrieved using EngineService.GetEngine - or EngineService.ListEngines API after engine creation. + Normalized discounted cumulative gain (NDCG) per document, at + various top-k cutoff levels. NDCG measures the ranking quality, + giving higher relevance to top results. Example (top-3): Suppose + SampleQuery with three retrieved documents (D1, D2, D3) and binary + relevance judgements (1 for relevant, 0 for not relevant): + Retrieved: [D3 (0), D1 (1), D2 (1)] Ideal: [D1 (1), D2 (1), D3 (0)] + Calculate NDCG@3 for each SampleQuery: * DCG@3: 0/log2(1+1) + + 1/log2(2+1) + 1/log2(3+1) = 1.13 * Ideal DCG@3: 1/log2(1+1) + + 1/log2(2+1) + 0/log2(3+1) = 1.63 * NDCG@3: 1.13/1.63 = 0.693 + pageNdcg: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaQualityMetricsTopkMetrics + description: >- + Normalized discounted cumulative gain (NDCG) per page, at various + top-k cutoff levels. NDCG measures the ranking quality, giving + higher relevance to top results. Example (top-3): Suppose + SampleQuery with three retrieved pages (P1, P2, P3) and binary + relevance judgements (1 for relevant, 0 for not relevant): + Retrieved: [P3 (0), P1 (1), P2 (1)] Ideal: [P1 (1), P2 (1), P3 (0)] + Calculate NDCG@3 for SampleQuery: * DCG@3: 0/log2(1+1) + 1/log2(2+1) + + 1/log2(3+1) = 1.13 * Ideal DCG@3: 1/log2(1+1) + 1/log2(2+1) + + 0/log2(3+1) = 1.63 * NDCG@3: 1.13/1.63 = 0.693 + docRecall: + description: >- + Recall per document, at various top-k cutoff levels. Recall is the + fraction of relevant documents retrieved out of all relevant + documents. Example (top-5): * For a single SampleQuery, If 3 out of + 5 relevant documents are retrieved in the top-5, recall@5 = 3/5 = + 0.6 + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaQualityMetricsTopkMetrics + GoogleCloudDiscoveryengineV1betaWorkspaceConfig: + description: Config to store data store type configuration for workspace data type: object + id: GoogleCloudDiscoveryengineV1betaWorkspaceConfig properties: - business: - description: >- - Name of the company, organization or other entity that the agent - represents. Used for knowledge connector LLM prompt and for - knowledge search. + type: + enumDescriptions: + - Defaults to an unspecified Workspace type. + - Workspace Data Store contains Drive data + - Workspace Data Store contains Mail data + - Workspace Data Store contains Sites data + - Workspace Data Store contains Calendar data + - Workspace Data Store contains Chat data + - Workspace Data Store contains Groups data + - Workspace Data Store contains Keep data + - Workspace Data Store contains People data type: string - defaultLanguageCode: - description: >- - Required. The default language of the agent as a language tag. See - [Language - Support](https://cloud.google.com/dialogflow/docs/reference/language) - for a list of the currently supported language codes. + description: The Google Workspace data source. + enum: + - TYPE_UNSPECIFIED + - GOOGLE_DRIVE + - GOOGLE_MAIL + - GOOGLE_SITES + - GOOGLE_CALENDAR + - GOOGLE_CHAT + - GOOGLE_GROUPS + - GOOGLE_KEEP + - GOOGLE_PEOPLE + superAdminServiceAccount: type: string - timeZone: description: >- - Required. The time zone of the agent from the [time zone - database](https://www.iana.org/time-zones), e.g., America/New_York, - Europe/Paris. + Optional. The super admin service account for the workspace that + will be used for access token generation. For now we only use it for + Native Google Drive connector data ingestion. + superAdminEmailAddress: type: string - location: description: >- - Agent location for Agent creation, supported values: global/us/eu. - If not provided, us Engine will create Agent using us-central-1 by - default; eu Engine will create Agent using eu-west-1 by default. + Optional. The super admin email address for the workspace that will + be used for access token generation. For now we only use it for + Native Google Drive connector data ingestion. + dasherCustomerId: + description: Obfuscated Dasher customer ID. type: string - GoogleCloudDiscoveryengineV1alphaEngineSearchEngineConfig: - id: GoogleCloudDiscoveryengineV1alphaEngineSearchEngineConfig - description: Configurations for a Search Engine. - type: object + GoogleCloudDiscoveryengineV1alphaProjectCustomerProvidedConfigNotebooklmConfig: properties: - searchTier: + optOutNotebookSharing: description: >- - The search feature tier of this engine. Different tiers might have - different pricing. To learn more, check the pricing documentation. - Defaults to SearchTier.SEARCH_TIER_STANDARD if not specified. - type: string - enumDescriptions: - - >- - Default value when the enum is unspecified. This is invalid to - use. - - Standard tier. - - Enterprise tier. - enum: - - SEARCH_TIER_UNSPECIFIED - - SEARCH_TIER_STANDARD - - SEARCH_TIER_ENTERPRISE - searchAddOns: - description: The add-on that this search engine enables. - type: array - items: - type: string - enumDescriptions: - - >- - Default value when the enum is unspecified. This is invalid to - use. - - Large language model add-on. - enum: - - SEARCH_ADD_ON_UNSPECIFIED - - SEARCH_ADD_ON_LLM - GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfig: - id: GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfig - description: Additional config specs for a Media Recommendation engine. + Optional. Whether to disable the notebook sharing feature for the + project. Default to false if not specified. + type: boolean + modelArmorConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaProjectCustomerProvidedConfigNotebooklmConfigModelArmorConfig + description: >- + Model Armor configuration to be used for sanitizing user prompts and + LLM responses. type: object + id: >- + GoogleCloudDiscoveryengineV1alphaProjectCustomerProvidedConfigNotebooklmConfig + description: Configuration for NotebookLM. + GoogleCloudDiscoveryengineV1betaCreateTargetSiteMetadata: properties: - type: + createTime: + format: google-datetime + type: string + description: Operation create time. + updateTime: + format: google-datetime + type: string description: >- - Required. The type of engine. e.g., `recommended-for-you`. This - field together with optimization_objective describe engine metadata - to use to control engine training and serving. Currently supported - values: `recommended-for-you`, `others-you-may-like`, - `more-like-this`, `most-popular-items`. + Operation last update time. If the operation is done, this is also + the finish time. + id: GoogleCloudDiscoveryengineV1betaCreateTargetSiteMetadata + description: >- + Metadata related to the progress of the + SiteSearchEngineService.CreateTargetSite operation. This will be + returned by the google.longrunning.Operation.metadata field. + type: object + GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecVideoGenerationSpec: + description: Specification of the video generation tool. + type: object + id: >- + GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpecVideoGenerationSpec + properties: {} + GoogleCloudDiscoveryengineV1CustomTuningModel: + properties: + metrics: + description: The metrics of the trained model. + additionalProperties: + type: number + format: double + type: object + modelVersion: + type: string + format: int64 + description: The version of the model. + errorMessage: type: string - optimizationObjective: description: >- - The optimization objective. e.g., `cvr`. This field together with - optimization_objective describe engine metadata to use to control - engine training and serving. Currently supported values: `ctr`, - `cvr`. If not specified, we choose default based on engine type. - Default depends on type of recommendation: `recommended-for-you` => - `ctr` `others-you-may-like` => `ctr` + Currently this is only populated if the model state is + `INPUT_VALIDATION_FAILED`. + trainingStartTime: + description: Timestamp the model training was initiated. + type: string + format: google-datetime + name: type: string - optimizationObjectiveConfig: description: >- - Name and value of the custom threshold for cvr - optimization_objective. For target_field `watch-time`, - target_field_value must be an integer value indicating the media - progress time in seconds between (0, 86400] (excludes 0, includes - 86400) (e.g., 90). For target_field `watch-percentage`, the - target_field_value must be a valid float value between (0, 1.0] - (excludes 0, includes 1.0) (e.g., 0.5). - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigOptimizationObjectiveConfig - trainingState: + Required. The fully qualified resource name of the model. Format: + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/customTuningModels/{custom_tuning_model}`. + Model must be an alpha-numerical string with limit of 40 characters. + modelState: description: >- - The training state that the engine is in (e.g. `TRAINING` or - `PAUSED`). Since part of the cost of running the service is - frequency of training - this can be used to determine when to train - engine in order to control cost. If not specified: the default value - for `CreateEngine` method is `TRAINING`. The default value for - `UpdateEngine` method is to keep the state the same as before. - type: string + The state that the model is in (e.g.`TRAINING` or + `TRAINING_FAILED`). enumDescriptions: - - Unspecified training state. - - The engine training is paused. - - The engine is training. + - Default value. + - The model is in a paused training state. + - The model is currently training. + - The model has successfully completed training. + - The model is ready for serving. + - The model training failed. + - >- + The model training finished successfully but metrics did not + improve. + - Input data validation failed. Model training didn't start. + type: string enum: - - TRAINING_STATE_UNSPECIFIED - - PAUSED + - MODEL_STATE_UNSPECIFIED + - TRAINING_PAUSED - TRAINING - engineFeaturesConfig: - description: Optional. Additional engine features config. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigEngineFeaturesConfig - GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigOptimizationObjectiveConfig: - id: >- - GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigOptimizationObjectiveConfig - description: Custom threshold for `cvr` optimization_objective. - type: object - properties: - targetField: - description: >- - Required. The name of the field to target. Currently supported - values: `watch-percentage`, `watch-time`. + - TRAINING_COMPLETE + - READY_FOR_SERVING + - TRAINING_FAILED + - NO_IMPROVEMENT + - INPUT_VALIDATION_FAILED + createTime: + deprecated: true + format: google-datetime + description: 'Deprecated: Timestamp the Model was created at.' type: string - targetFieldValueFloat: - description: Required. The threshold to be applied to the target (e.g., 0.5). - type: number - format: float - GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigEngineFeaturesConfig: - id: >- - GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigEngineFeaturesConfig - description: More feature configs of the selected engine type. - type: object - properties: - recommendedForYouConfig: - description: Recommended for you engine feature config. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig - mostPopularConfig: - description: Most popular engine feature config. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigMostPopularFeatureConfig - GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig: - id: >- - GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig - description: >- - Additional feature configurations for creating a `recommended-for-you` - engine. - type: object - properties: - contextEventType: - description: >- - The type of event with which the engine is queried at prediction - time. If set to `generic`, only `view-item`, `media-play`,and - `media-complete` will be used as `context-event` in engine training. - If set to `view-home-page`, `view-home-page` will also be used as - `context-events` in addition to `view-item`, `media-play`, and - `media-complete`. Currently supported for the `recommended-for-you` - engine. Currently supported values: `view-home-page`, `generic`. + displayName: + description: The display name of the model. type: string - GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigMostPopularFeatureConfig: - id: >- - GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigMostPopularFeatureConfig - description: >- - Feature configurations that are required for creating a Most Popular - engine. type: object + description: Metadata that describes a custom tuned model. + id: GoogleCloudDiscoveryengineV1CustomTuningModel + GoogleCloudDiscoveryengineV1ProvisionProjectRequestSaasParams: properties: - timeWindowDays: + acceptBizQos: + type: boolean description: >- - The time window of which the engine is queried at training and - prediction time. Positive integers only. The value translates to the - last X days of events. Currently required for the - `most-popular-items` engine. - type: string - format: int64 - GoogleCloudDiscoveryengineV1alphaEngineRecommendationMetadata: - id: GoogleCloudDiscoveryengineV1alphaEngineRecommendationMetadata - description: Additional information of a recommendation engine. + Optional. Set to `true` to specify that caller has read and would + like to give consent to the [Terms for Agent Space quality of + service]. + isBiz: + description: >- + Optional. Indicates if the current request is for Biz edition (= + true) or not (= false). + type: boolean + description: Parameters for Agentspace. + id: GoogleCloudDiscoveryengineV1ProvisionProjectRequestSaasParams type: object + GoogleCloudDiscoveryengineV1SafetyRating: + id: GoogleCloudDiscoveryengineV1SafetyRating + description: Safety rating corresponding to the generated content. properties: - servingState: - description: >- - Output only. The serving state of the engine: `ACTIVE`, - `NOT_ACTIVE`. + severityScore: + description: Output only. Harm severity score. + format: float + type: number + readOnly: true + probabilityScore: + description: Output only. Harm probability score. + format: float + type: number readOnly: true + probability: + enum: + - HARM_PROBABILITY_UNSPECIFIED + - NEGLIGIBLE + - LOW + - MEDIUM + - HIGH + description: Output only. Harm probability levels in the content. type: string + readOnly: true enumDescriptions: - - Unspecified serving state. - - The engine is not serving. - - The engine is serving and can be queried. - - The engine is trained on tuned hyperparameters and can be queried. - enum: - - SERVING_STATE_UNSPECIFIED - - INACTIVE - - ACTIVE - - TUNED - dataState: - description: >- - Output only. The state of data requirements for this engine: - `DATA_OK` and `DATA_ERROR`. Engine cannot be trained if the data is - in `DATA_ERROR` state. Engine can have `DATA_ERROR` state even if - serving state is `ACTIVE`: engines were trained successfully before, - but cannot be refreshed because the underlying engine no longer has - sufficient data for training. + - Harm probability unspecified. + - Negligible level of harm. + - Low level of harm. + - Medium level of harm. + - High level of harm. + blocked: + type: boolean readOnly: true + description: >- + Output only. Indicates whether the content was filtered out because + of this rating. + category: type: string + description: Output only. Harm category. + readOnly: true + enum: + - HARM_CATEGORY_UNSPECIFIED + - HARM_CATEGORY_HATE_SPEECH + - HARM_CATEGORY_DANGEROUS_CONTENT + - HARM_CATEGORY_HARASSMENT + - HARM_CATEGORY_SEXUALLY_EXPLICIT + - HARM_CATEGORY_CIVIC_INTEGRITY enumDescriptions: - - Unspecified default value, should never be explicitly set. - - The engine has sufficient training data. - - >- - The engine does not have sufficient training data. Error messages - can be queried via Stackdriver. + - The harm category is unspecified. + - The harm category is hate speech. + - The harm category is dangerous content. + - The harm category is harassment. + - The harm category is sexually explicit content. + - The harm category is civic integrity. + severity: + description: Output only. Harm severity levels in the content. + enumDescriptions: + - Harm severity unspecified. + - Negligible level of harm severity. + - Low level of harm severity. + - Medium level of harm severity. + - High level of harm severity. enum: - - DATA_STATE_UNSPECIFIED - - DATA_OK - - DATA_ERROR - lastTuneTime: - description: >- - Output only. The timestamp when the latest successful tune finished. - Only applicable on Media Recommendation engines. + - HARM_SEVERITY_UNSPECIFIED + - HARM_SEVERITY_NEGLIGIBLE + - HARM_SEVERITY_LOW + - HARM_SEVERITY_MEDIUM + - HARM_SEVERITY_HIGH readOnly: true type: string - format: google-datetime - lastTrainTime: - description: >- - Output only. The timestamp when the latest successful training - finished. Only applicable on Media Recommendation engines. - readOnly: true + type: object + GoogleCloudDiscoveryengineV1alphaCreateDataStoreMetadata: + properties: + updateTime: type: string - format: google-datetime - tuningOperation: description: >- - Output only. The latest tune operation id associated with the - engine. Only applicable on Media Recommendation engines. If present, - this operation id can be used to determine if there is an ongoing - tune for this engine. To check the operation status, send the - GetOperation request with this operation id in the engine resource - format. If no tuning has happened for this engine, the string is - empty. - readOnly: true + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + createTime: + format: google-datetime type: string - GoogleCloudDiscoveryengineV1alphaEngineChatEngineMetadata: - id: GoogleCloudDiscoveryengineV1alphaEngineChatEngineMetadata + description: Operation create time. + id: GoogleCloudDiscoveryengineV1alphaCreateDataStoreMetadata description: >- - Additional information of a Chat Engine. Fields in this message are - output only. + Metadata related to the progress of the DataStoreService.CreateDataStore + operation. This will be returned by the + google.longrunning.Operation.metadata field. type: object + GoogleCloudDiscoveryengineV1alphaRemoveDedicatedCrawlRateMetadata: properties: - dialogflowAgent: + updateTime: + type: string description: >- - The resource name of a Dialogflow agent, that this Chat Engine - refers to. Format: `projects//locations//agents/`. + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + createTime: type: string - GoogleCloudDiscoveryengineV1alphaEngineCommonConfig: - id: GoogleCloudDiscoveryengineV1alphaEngineCommonConfig - description: Common configurations for an Engine. + description: Operation create time. + format: google-datetime + description: >- + Metadata related to the progress of the + CrawlRateManagementService.RemoveDedicatedCrawlRate operation. This will + be returned by the google.longrunning.Operation.metadata field. + type: object + id: GoogleCloudDiscoveryengineV1alphaRemoveDedicatedCrawlRateMetadata + GoogleCloudDiscoveryengineV1alphaBatchUpdateUserLicensesResponse: + id: GoogleCloudDiscoveryengineV1alphaBatchUpdateUserLicensesResponse type: object + description: Response message for UserLicenseService.BatchUpdateUserLicenses method. properties: - companyName: + userLicenses: + description: UserLicenses successfully updated. + type: array + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaUserLicense' + errorSamples: + description: A sample of errors encountered while processing the request. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + GoogleCloudDiscoveryengineV1betaImportDocumentsResponse: + id: GoogleCloudDiscoveryengineV1betaImportDocumentsResponse + properties: + errorConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaImportErrorConfig description: >- - The name of the company, business or entity that is associated with - the engine. Setting this may help improve LLM related features. - type: string - GoogleCloudDiscoveryengineV1alphaEstimateDataSizeMetadata: - id: GoogleCloudDiscoveryengineV1alphaEstimateDataSizeMetadata + Echoes the destination for the complete errors in the request if + set. + errorSamples: + type: array + description: A sample of errors encountered while processing the request. + items: + $ref: '#/components/schemas/GoogleRpcStatus' description: >- - Metadata related to the progress of the EstimateDataSize operation. This - is returned by the google.longrunning.Operation.metadata field. + Response of the ImportDocumentsRequest. If the long running operation is + done, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. type: object + GoogleCloudDiscoveryengineV1betaDeleteDataStoreMetadata: properties: + updateTime: + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + type: string createTime: - description: Operation create time. type: string format: google-datetime - GoogleCloudDiscoveryengineV1alphaEstimateDataSizeResponse: - id: GoogleCloudDiscoveryengineV1alphaEstimateDataSizeResponse + description: Operation create time. + id: GoogleCloudDiscoveryengineV1betaDeleteDataStoreMetadata description: >- - Response of the EstimateDataSize request. If the long running operation - was successful, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. + Metadata related to the progress of the DataStoreService.DeleteDataStore + operation. This will be returned by the + google.longrunning.Operation.metadata field. type: object + GoogleCloudDiscoveryengineV1alphaAnswerQueryUnderstandingInfo: properties: - dataSizeBytes: - description: Data size in terms of bytes. + queryClassificationInfo: + description: Query classification information. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerQueryUnderstandingInfoQueryClassificationInfo + type: array + type: object + id: GoogleCloudDiscoveryengineV1alphaAnswerQueryUnderstandingInfo + description: Query understanding information. + GoogleCloudDiscoveryengineV1AnswerReference: + id: GoogleCloudDiscoveryengineV1AnswerReference + properties: + chunkInfo: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerReferenceChunkInfo + description: Chunk information. + structuredDocumentInfo: + description: Structured document information. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerReferenceStructuredDocumentInfo + unstructuredDocumentInfo: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerReferenceUnstructuredDocumentInfo + description: Unstructured document information. + description: Reference. + type: object + GoogleCloudDiscoveryengineV1CompletionSuggestion: + properties: + alternativePhrases: + items: + type: string + type: array + description: Alternative matching phrases for this suggestion. + suggestion: + description: Required. The suggestion text. type: string - format: int64 - documentCount: - description: Total number of documents. + languageCode: + description: BCP-47 language code of this suggestion. + type: string + groupId: + description: >- + If two suggestions have the same groupId, they will not be returned + together. Instead the one ranked higher will be returned. This can + be used to deduplicate semantically identical suggestions. type: string + groupScore: + type: number + format: double + description: The score of this suggestion within its group. + frequency: + description: >- + Frequency of this suggestion. Will be used to rank suggestions when + score is not available. format: int64 - GoogleCloudDiscoveryengineV1alphaEvaluation: - id: GoogleCloudDiscoveryengineV1alphaEvaluation - description: >- - An evaluation is a single execution (or run) of an evaluation process. - It encapsulates the state of the evaluation and the resulting data. + type: string + globalScore: + type: number + description: >- + Global score of this suggestion. Control how this suggestion would + be scored / ranked. + format: double + id: GoogleCloudDiscoveryengineV1CompletionSuggestion + description: Autocomplete suggestions that are imported from Customer. + type: object + GoogleCloudDiscoveryengineV1betaRemoveDedicatedCrawlRateResponse: type: object properties: - name: - description: >- - Identifier. The full resource name of the Evaluation, in the format - of - `projects/{project}/locations/{location}/evaluations/{evaluation}`. - This field must be a UTF-8 encoded string with a length limit of - 1024 characters. + state: type: string - evaluationSpec: - description: Required. The specification of the evaluation. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaEvaluationEvaluationSpec - qualityMetrics: - description: >- - Output only. The metrics produced by the evaluation, averaged across - all SampleQuerys in the SampleQuerySet. Only populated when the - evaluation's state is SUCCEEDED. readOnly: true - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaQualityMetrics' - state: - description: Output only. The state of the evaluation. - readOnly: true - type: string - enumDescriptions: - - The evaluation is unspecified. - - The service is preparing to run the evaluation. - - The evaluation is in progress. - - The evaluation completed successfully. - - The evaluation failed. enum: - STATE_UNSPECIFIED - - PENDING - - RUNNING - SUCCEEDED - FAILED + enumDescriptions: + - The state is unspecified. + - The state is successful. + - The state is failed. + description: Output only. The state of the response. error: - description: >- - Output only. The error that occurred during evaluation. Only - populated when the evaluation's state is FAILED. - readOnly: true + description: Errors from service when handling the request. $ref: '#/components/schemas/GoogleRpcStatus' + description: >- + Response message for CrawlRateManagementService.RemoveDedicatedCrawlRate + method. It simply returns the state of the response, and an error + message if the state is FAILED. + id: GoogleCloudDiscoveryengineV1betaRemoveDedicatedCrawlRateResponse + GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsMetadata: + properties: + successCount: + type: string + description: Count of CompletionSuggestions successfully imported. + format: int64 createTime: - description: Output only. Timestamp the Evaluation was created at. - readOnly: true + format: google-datetime + description: Operation create time. + type: string + failureCount: + format: int64 + type: string + description: Count of CompletionSuggestions that failed to be imported. + updateTime: + description: >- + Operation last update time. If the operation is done, this is also + the finish time. type: string format: google-datetime - endTime: - description: Output only. Timestamp the Evaluation was completed at. + type: object + description: >- + Metadata related to the progress of the ImportCompletionSuggestions + operation. This will be returned by the + google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsMetadata + GoogleCloudDiscoveryengineV1alphaActionConfig: + type: object + description: Informations to support actions on the connector. + id: GoogleCloudDiscoveryengineV1alphaActionConfig + properties: + serviceName: + description: >- + Optional. The Service Directory resource name + (projects/*/locations/*/namespaces/*/services/*) representing a VPC + network endpoint used to connect to the data source's + `instance_uri`, defined in DataConnector.params. Required when VPC + Service Controls are enabled. + type: string + jsonActionParams: + description: Optional. Action parameters in json string format. + type: string + actionParams: + description: Optional. Action parameters in structured json format. + additionalProperties: + type: any + description: Properties of the object. + type: object + useStaticSecrets: + description: >- + Optional. Whether to use static secrets for the connector. If true, + the secrets provided in the action_params will be ignored. + type: boolean + isActionConfigured: + type: boolean + description: >- + Output only. The connector contains the necessary parameters and is + configured to support actions. readOnly: true + GoogleCloudDiscoveryengineV1PurgeSuggestionDenyListEntriesMetadata: + properties: + createTime: + format: google-datetime type: string + description: Operation create time. + updateTime: format: google-datetime - errorSamples: + type: string description: >- - Output only. A sample of errors encountered while processing the - request. + Operation last update time. If the operation is done, this is also + the finish time. + id: GoogleCloudDiscoveryengineV1PurgeSuggestionDenyListEntriesMetadata + type: object + description: >- + Metadata related to the progress of the PurgeSuggestionDenyListEntries + operation. This is returned by the google.longrunning.Operation.metadata + field. + GoogleCloudDiscoveryengineV1betaCmekConfig: + properties: + lastRotationTimestampMicros: + type: string + description: Output only. The timestamp of the last key rotation. + format: int64 + readOnly: true + notebooklmState: + type: string + description: Output only. Whether the NotebookLM Corpus is ready to be used. + enum: + - NOTEBOOK_LM_STATE_UNSPECIFIED + - NOTEBOOK_LM_NOT_READY + - NOTEBOOK_LM_READY + - NOTEBOOK_LM_NOT_ENABLED + readOnly: true + enumDescriptions: + - The NotebookLM state is unknown. + - The NotebookLM is not ready. + - The NotebookLM is ready to be used. + - The NotebookLM is not enabled. + kmsKey: + type: string + description: >- + Required. KMS key resource name which will be used to encrypt + resources + `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{keyId}`. + state: + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - KEY_ISSUE + - DELETING + - DELETE_FAILED + - UNUSABLE + - ACTIVE_ROTATING + - DELETED + - EXPIRED + enumDescriptions: + - The CmekConfig state is unknown. + - The CmekConfig is creating. + - The CmekConfig can be used with DataStores. + - >- + The CmekConfig is unavailable, most likely due to the KMS Key + being revoked. + - The CmekConfig is deleting. + - The CmekConfig deletion process failed. + - >- + The CmekConfig is not usable, most likely due to some internal + issue. + - The KMS key version is being rotated. + - >- + The KMS key is soft deleted. Some cleanup policy will eventually + be applied. + - >- + The KMS key is expired, meaning the key has been disabled for 30+ + days. The customer can call DeleteCmekConfig to change the state + to DELETED. + description: Output only. The states of the CmekConfig. + type: string + readOnly: true + name: + type: string + description: >- + Required. The name of the CmekConfig of the form + `projects/{project}/locations/{location}/cmekConfig` or + `projects/{project}/locations/{location}/cmekConfigs/{cmek_config}`. + isDefault: + type: boolean readOnly: true + description: Output only. The default CmekConfig for the Customer. + singleRegionKeys: + description: >- + Optional. Single-regional CMEKs that are required for some VAIS + features. type: array items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1alphaEvaluationEvaluationSpec: - id: GoogleCloudDiscoveryengineV1alphaEvaluationEvaluationSpec - description: Describes the specification of the evaluation. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSingleRegionKey + kmsKeyVersion: + description: >- + Output only. KMS key version resource name which will be used to + encrypt resources `/cryptoKeyVersions/{keyVersion}`. + type: string + readOnly: true + id: GoogleCloudDiscoveryengineV1betaCmekConfig type: object + description: Configurations used to enable CMEK data encryption with Cloud KMS keys. + GoogleCloudDiscoveryengineV1ProvisionProjectRequest: + type: object + id: GoogleCloudDiscoveryengineV1ProvisionProjectRequest + description: Request for ProjectService.ProvisionProject method. properties: - searchRequest: + acceptDataUseTerms: description: >- - Required. The search request that is used to perform the evaluation. - Only the following fields within SearchRequest are supported; if any - other fields are provided, an UNSUPPORTED error will be returned: * - SearchRequest.serving_config * SearchRequest.branch * - SearchRequest.canonical_filter * SearchRequest.query_expansion_spec - * SearchRequest.spell_correction_spec * - SearchRequest.content_search_spec * SearchRequest.user_pseudo_id - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequest' - querySetSpec: - description: Optional. The specification of the query set. + Required. Set to `true` to specify that caller has read and would + like to give consent to the [Terms for data + use](https://cloud.google.com/retail/data-use-terms). + type: boolean + dataUseTermsVersion: + description: >- + Required. The version of the [Terms for data + use](https://cloud.google.com/retail/data-use-terms) that caller has + read and would like to give consent to. Acceptable version is + `2022-11-23`, and this may change over time. + type: string + saasParams: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaEvaluationEvaluationSpecQuerySetSpec - GoogleCloudDiscoveryengineV1alphaSearchRequest: - id: GoogleCloudDiscoveryengineV1alphaSearchRequest - description: Request message for SearchService.Search method. + #/components/schemas/GoogleCloudDiscoveryengineV1ProvisionProjectRequestSaasParams + description: Optional. Parameters for Agentspace. + GoogleCloudDiscoveryengineV1alphaGetSessionRequest: + id: GoogleCloudDiscoveryengineV1alphaGetSessionRequest type: object + description: Request for GetSession method. properties: - servingConfig: + name: description: >- - Required. The resource name of the Search serving config, such as - `projects/*/locations/global/collections/default_collection/engines/*/servingConfigs/default_serving_config`, - or - `projects/*/locations/global/collections/default_collection/dataStores/default_data_store/servingConfigs/default_serving_config`. - This field is used to identify the serving configuration name, set - of models used to make the search. + Required. The resource name of the Session to get. Format: + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store_id}/sessions/{session_id}` type: string - branch: + includeAnswerDetails: description: >- - The branch resource name, such as - `projects/*/locations/global/collections/default_collection/dataStores/default_data_store/branches/0`. - Use `default_branch` as the branch ID or leave this field empty, to - search documents under the default branch. + Optional. If set to true, the full session including all answer + details will be returned. + type: boolean + GoogleCloudDiscoveryengineV1ListIdentityMappingStoresResponse: + properties: + identityMappingStores: + description: The Identity Mapping Stores. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1IdentityMappingStore + nextPageToken: type: string - query: - description: Raw search query. + description: >- + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. + description: >- + Response message for + IdentityMappingStoreService.ListIdentityMappingStores + id: GoogleCloudDiscoveryengineV1ListIdentityMappingStoresResponse + type: object + GoogleCloudDiscoveryengineV1alphaListSessionsRequest: + properties: + filter: + description: >- + A comma-separated list of fields to filter by, in EBNF grammar. The + supported fields are: * `user_pseudo_id` * `state` * `display_name` + * `starred` * `is_pinned` * `labels` * `create_time` * `update_time` + Examples: * `user_pseudo_id = some_id` * `display_name = + "some_name"` * `starred = true` * `is_pinned=true AND (NOT + labels:hidden)` * `create_time > "1970-01-01T12:00:00Z"` + type: string + orderBy: type: string - imageQuery: - description: Raw image query. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestImageQuery - pageSize: description: >- - Maximum number of Documents to return. The maximum allowed value - depends on the data type. Values above the maximum value are coerced - to the maximum value. * Websites with basic indexing: Default `10`, - Maximum `25`. * Websites with advanced indexing: Default `25`, - Maximum `50`. * Other: Default `50`, Maximum `100`. If this field is - negative, an `INVALID_ARGUMENT` is returned. - type: integer - format: int32 - pageToken: + A comma-separated list of fields to order by, sorted in ascending + order. Use "desc" after a field name for descending. Supported + fields: * `update_time` * `create_time` * `session_name` * + `is_pinned` Example: * `update_time desc` * `create_time` * + `is_pinned desc,update_time desc`: list sessions by is_pinned first, + then by update_time. + parent: description: >- - A page token received from a previous SearchService.Search call. - Provide this to retrieve the subsequent page. When paginating, all - other parameters provided to SearchService.Search must match the - call that provided the page token. Otherwise, an `INVALID_ARGUMENT` - error is returned. + Required. The data store resource name. Format: + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store_id}` + type: string + pageToken: type: string - offset: description: >- - A 0-indexed integer that specifies the current offset (that is, - starting result location, amongst the Documents deemed by the API as - relevant) in search results. This field is only considered if - page_token is unset. If this field is negative, an - `INVALID_ARGUMENT` is returned. + A page token, received from a previous `ListSessions` call. Provide + this to retrieve the subsequent page. + pageSize: type: integer format: int32 - oneBoxPageSize: description: >- - The maximum number of results to return for OneBox. This applies to - each OneBox type individually. Default number is 10. - type: integer - format: int32 - dataStoreSpecs: + Maximum number of results to return. If unspecified, defaults to 50. + Max allowed value is 1000. + description: Request for ListSessions method. + id: GoogleCloudDiscoveryengineV1alphaListSessionsRequest + type: object + GoogleCloudDiscoveryengineV1SearchRequestFacetSpec: + properties: + enableDynamicPosition: + type: boolean description: >- - Specifications that define the specific DataStores to be searched, - along with configurations for those data stores. This is only - considered for Engines with multiple data stores. For engines with a - single data store, the specs directly under SearchRequest should be - used. + Enables dynamic position for this facet. If set to true, the + position of this facet among all facets in the response is + determined automatically. If dynamic facets are enabled, it is + ordered together. If set to false, the position of this facet in the + response is the same as in the request, and it is ranked before the + facets with dynamic position enable and all dynamic facets. For + example, you may always want to have rating facet returned in the + response, but it's not necessarily to always display the rating + facet at the top. In that case, you can set enable_dynamic_position + to true so that the position of rating facet in response is + determined automatically. Another example, assuming you have the + following facets in the request: * "rating", enable_dynamic_position + = true * "price", enable_dynamic_position = false * "brands", + enable_dynamic_position = false And also you have a dynamic facets + enabled, which generates a facet `gender`. Then the final order of + the facets in the response can be ("price", "brands", "rating", + "gender") or ("price", "brands", "gender", "rating") depends on how + API orders "gender" and "rating" facets. However, notice that + "price" and "brands" are always ranked at first and second position + because their enable_dynamic_position is false. + facetKey: + description: Required. The facet key specification. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestFacetSpecFacetKey + excludedFilterKeys: type: array items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestDataStoreSpec - filter: + type: string description: >- - The filter syntax consists of an expression language for - constructing a predicate from one or more fields of the documents - being filtered. Filter expression is case-sensitive. If this field - is unrecognizable, an `INVALID_ARGUMENT` is returned. Filtering in - Vertex AI Search is done by mapping the LHS filter key to a key - property defined in the Vertex AI Search backend -- this mapping is - defined by the customer in their schema. For example a media - customer might have a field 'name' in their schema. In this case the - filter would look like this: filter --> name:'ANY("king kong")' For - more information about filtering including syntax and filter - operators, see - [Filter](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) - type: string - canonicalFilter: + List of keys to exclude when faceting. By default, FacetKey.key is + not excluded from the filter unless it is listed in this field. + Listing a facet key in this field allows its values to appear as + facet results, even when they are filtered out of search results. + Using this field does not affect what search results are returned. + For example, suppose there are 100 documents with the color facet + "Red" and 200 documents with the color facet "Blue". A query + containing the filter "color:ANY("Red")" and having "color" as + FacetKey.key would by default return only "Red" documents in the + search results, and also return "Red" with count 100 as the only + color facet. Although there are also blue documents available, + "Blue" would not be shown as an available facet value. If "color" is + listed in "excludedFilterKeys", then the query returns the facet + values "Red" with count 100 and "Blue" with count 200, because the + "color" key is now excluded from the filter. Because this field + doesn't affect search results, the search results are still + correctly filtered to return only "Red" documents. A maximum of 100 + values are allowed. Otherwise, an `INVALID_ARGUMENT` error is + returned. + limit: + format: int32 + type: integer description: >- - The default filter that is applied when a user performs a search - without checking any filters on the search page. The filter applied - to every search request when quality improvement such as query - expansion is needed. In the case a query does not have a sufficient - amount of results this filter will be used to determine whether or - not to enable the query expansion flow. The original filter will - still be used for the query expanded search. This field is strongly - recommended to achieve high search quality. For more information - about filter syntax, see SearchRequest.filter. + Maximum facet values that are returned for this facet. If + unspecified, defaults to 20. The maximum allowed value is 300. + Values above 300 are coerced to 300. For aggregation in healthcare + search, when the [FacetKey.key] is "healthcare_aggregation_key", the + limit will be overridden to 10,000 internally, regardless of the + value set here. If this field is negative, an `INVALID_ARGUMENT` is + returned. + id: GoogleCloudDiscoveryengineV1SearchRequestFacetSpec + description: A facet specification to perform faceted search. + type: object + GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaDataChunkInfoDocumentMetadata: + description: >- + Document metadata contains the information of the document of the + current chunk. + type: object + id: >- + GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpecEndUserMetaDataChunkInfoDocumentMetadata + properties: + title: type: string - orderBy: + description: Title of the document. + GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequest: + properties: + queryModel: description: >- - The order in which documents are returned. Documents can be ordered - by a field in an Document object. Leave it unset if ordered by - relevance. `order_by` expression is case-sensitive. For more - information on ordering the website search results, see [Order web - search - results](https://cloud.google.com/generative-ai-app-builder/docs/order-web-search-results). - For more information on ordering the healthcare search results, see - [Order healthcare search - results](https://cloud.google.com/generative-ai-app-builder/docs/order-hc-results). - If this field is unrecognizable, an `INVALID_ARGUMENT` is returned. + Specifies the autocomplete query model, which only applies to the + QUERY SuggestionType. This overrides any model specified in the + Configuration > Autocomplete section of the Cloud console. Currently + supported values: * `document` - Using suggestions generated from + user-imported documents. * `search-history` - Using suggestions + generated from the past history of SearchService.Search API calls. + Do not use it when there is no traffic for Search API. * + `user-event` - Using suggestions generated from user-imported search + events. * `document-completable` - Using suggestions taken directly + from user-imported document fields marked as completable. Default + values: * `document` is the default model for regular dataStores. * + `search-history` is the default model for site search dataStores. type: string userInfo: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserInfo' description: >- - Information about the end user. Highly recommended for analytics and - personalization. UserInfo.user_agent is used to deduce `device_type` - for analytics. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaUserInfo' - languageCode: - description: >- - The BCP-47 language code, such as "en-US" or "sr-Latn". For more - information, see [Standard - fields](https://cloud.google.com/apis/design/standard_fields). This - field helps to better interpret the query. If a value isn't - specified, the query language code is automatically detected, which - may not be accurate. - type: string - regionCode: - description: >- - The Unicode country/region code (CLDR) of a location, such as "US" - and "419". For more information, see [Standard - fields](https://cloud.google.com/apis/design/standard_fields). If - set, then results will be boosted based on the region_code provided. - type: string - facetSpecs: + Optional. Information about the end user. This should be the same + identifier information as UserEvent.user_info and + SearchRequest.user_info. + suggestionTypes: + items: + type: string + enumDescriptions: + - Default value. + - Returns query suggestions. + - Returns people suggestions. + - Returns content suggestions. + - Returns recent search suggestions. + - Returns Google Workspace suggestions. + enum: + - SUGGESTION_TYPE_UNSPECIFIED + - QUERY + - PEOPLE + - CONTENT + - RECENT_SEARCH + - GOOGLE_WORKSPACE description: >- - Facet specifications for faceted search. If empty, no facets are - returned. A maximum of 100 values are allowed. Otherwise, an - `INVALID_ARGUMENT` error is returned. + Optional. Suggestion types to return. If empty or unspecified, query + suggestions are returned. Only one suggestion type is supported at + the moment. type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestFacetSpec boostSpec: - description: >- - Boost specification to boost certain documents. For more information - on boosting, see - [Boosting](https://cloud.google.com/generative-ai-app-builder/docs/boost-search-results) $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpec - params: + #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestBoostSpec + description: Optional. Specification to boost suggestions matching the condition. + includeTailSuggestions: description: >- - Additional search parameters. For public website search only, - supported values are: * `user_country_code`: string. Default empty. - If set to non-empty, results are restricted or boosted based on the - location provided. For example, `user_country_code: "au"` For - available codes see [Country - Codes](https://developers.google.com/custom-search/docs/json_api_reference#countryCodes) - * `search_type`: double. Default empty. Enables non-webpage - searching depending on the value. The only valid non-default value - is 1, which enables image searching. For example, `search_type: 1` - type: object - additionalProperties: - type: any - queryExpansionSpec: - description: >- - The query expansion specification that specifies the conditions - under which query expansion occurs. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestQueryExpansionSpec - spellCorrectionSpec: - description: >- - The spell correction specification that specifies the mode under - which spell correction takes effect. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestSpellCorrectionSpec + Indicates if tail suggestions should be returned if there are no + suggestions that match the full query. Even if set to true, if there + are suggestions that match the full query, those are returned and no + tail suggestions are returned. + type: boolean userPseudoId: description: >- - A unique identifier for tracking visitors. For example, this could - be implemented with an HTTP cookie, which should be able to uniquely - identify a visitor on a single device. This unique identifier should - not change if the visitor logs in or out of the website. This field - should NOT have a fixed value such as `unknown_visitor`. This should - be the same identifier as UserEvent.user_pseudo_id and - CompleteQueryRequest.user_pseudo_id The field must be a UTF-8 - encoded string with a length limit of 128 characters. Otherwise, an - `INVALID_ARGUMENT` error is returned. + Optional. A unique identifier for tracking visitors. For example, + this could be implemented with an HTTP cookie, which should be able + to uniquely identify a visitor on a single device. This unique + identifier should not change if the visitor logs in or out of the + website. This field should NOT have a fixed value such as + `unknown_visitor`. This should be the same identifier as + UserEvent.user_pseudo_id and SearchRequest.user_pseudo_id. The field + must be a UTF-8 encoded string with a length limit of 128 type: string - useLatestData: - description: >- - Uses the Engine, ServingConfig and Control freshly read from the - database. Note: this skips config cache and introduces dependency on - databases, which could significantly increase the API latency. It - should only be used for testing, but not serving end users. - type: boolean - contentSearchSpec: - description: A specification for configuring the behavior of content search. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpec - embeddingSpec: - description: >- - Uses the provided embedding to do additional semantic document - retrieval. The retrieval is based on the dot product of - SearchRequest.EmbeddingSpec.EmbeddingVector.vector and the document - embedding that is provided in - SearchRequest.EmbeddingSpec.EmbeddingVector.field_path. If - SearchRequest.EmbeddingSpec.EmbeddingVector.field_path is not - provided, it will use ServingConfig.EmbeddingConfig.field_path. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestEmbeddingSpec - rankingExpression: + query: description: >- - Optional. The ranking expression controls the customized ranking on - retrieval documents. This overrides - ServingConfig.ranking_expression. The syntax and supported features - depend on the `ranking_expression_backend` value. If - `ranking_expression_backend` is not provided, it defaults to - `RANK_BY_EMBEDDING`. If ranking_expression_backend is not provided - or set to `RANK_BY_EMBEDDING`, it should be a single function or - multiple functions that are joined by "+". * ranking_expression = - function, { " + ", function }; Supported functions: * double * - relevance_score * double * dotProduct(embedding_field_path) Function - variables: * `relevance_score`: pre-defined keywords, used for - measure relevance between query and document. * - `embedding_field_path`: the document embedding field used with query - embedding vector. * `dotProduct`: embedding function between - `embedding_field_path` and query embedding vector. Example ranking - expression: If document has an embedding field doc_embedding, the - ranking expression could be `0.5 * relevance_score + 0.3 * - dotProduct(doc_embedding)`. If ranking_expression_backend is set to - `RANK_BY_FORMULA`, the following expression types (and combinations - of those chained using + or * operators) are supported: * `double` * - `signal` * `log(signal)` * `exp(signal)` * `rr(signal, double > 0)` - -- reciprocal rank transformation with second argument being a - denominator constant. * `is_nan(signal)` -- returns 0 if signal is - NaN, 1 otherwise. * `fill_nan(signal1, signal2 | double)` -- if - signal1 is NaN, returns signal2 | double, else returns signal1. Here - are a few examples of ranking formulas that use the supported - ranking expression types: - `0.2 * semantic_similarity_score + 0.8 * - log(keyword_similarity_score)` -- mostly rank by the logarithm of - `keyword_similarity_score` with slight `semantic_smilarity_score` - adjustment. - `0.2 * exp(fill_nan(semantic_similarity_score, 0)) + - 0.3 * is_nan(keyword_similarity_score)` -- rank by the exponent of - `semantic_similarity_score` filling the value with 0 if it's NaN, - also add constant 0.3 adjustment to the final score if - `semantic_similarity_score` is NaN. - `0.2 * - rr(semantic_similarity_score, 16) + 0.8 * - rr(keyword_similarity_score, 16)` -- mostly rank by the reciprocal - rank of `keyword_similarity_score` with slight adjustment of - reciprocal rank of `semantic_smilarity_score`. The following signals - are supported: * `semantic_similarity_score`: semantic similarity - adjustment that is calculated using the embeddings generated by a - proprietary Google model. This score determines how semantically - similar a search query is to a document. * - `keyword_similarity_score`: keyword match adjustment uses the Best - Match 25 (BM25) ranking function. This score is calculated using a - probabilistic model to estimate the probability that a document is - relevant to a given query. * `relevance_score`: semantic relevance - adjustment that uses a proprietary Google model to determine the - meaning and intent behind a user's query in context with the content - in the documents. * `pctr_rank`: predicted conversion rate - adjustment as a rank use predicted Click-through rate (pCTR) to - gauge the relevance and attractiveness of a search result from a - user's perspective. A higher pCTR suggests that the result is more - likely to satisfy the user's query and intent, making it a valuable - signal for ranking. * `freshness_rank`: freshness adjustment as a - rank * `document_age`: The time in hours elapsed since the document - was last updated, a floating-point number (e.g., 0.25 means 15 - minutes). * `topicality_rank`: topicality adjustment as a rank. Uses - proprietary Google model to determine the keyword-based overlap - between the query and the document. * `base_rank`: the default rank - of the result - type: string - rankingExpressionBackend: - description: Optional. The backend to use for the ranking expression evaluation. + Required. The typeahead input used to fetch suggestions. Maximum + length is 128 characters. The query can not be empty for most of the + suggestion types. If it is empty, an `INVALID_ARGUMENT` error is + returned. The exception is when the suggestion_types contains only + the type `RECENT_SEARCH`, the query can be an empty string. The is + called "zero prefix" feature, which returns user's recently searched + queries given the empty query. type: string - enumDescriptions: - - Default option for unspecified/unknown values. - - >- - Deprecated: Use `RANK_BY_EMBEDDING` instead. Ranking by custom - embedding model, the default way to evaluate the ranking - expression. Legacy enum option, `RANK_BY_EMBEDDING` should be used - instead. - - >- - Deprecated: Use `RANK_BY_FORMULA` instead. Ranking by custom - formula. Legacy enum option, `RANK_BY_FORMULA` should be used - instead. - - >- - Ranking by custom embedding model, the default way to evaluate the - ranking expression. - - Ranking by custom formula. - enumDeprecated: - - false - - true - - true - - false - - false - enum: - - RANKING_EXPRESSION_BACKEND_UNSPECIFIED - - BYOE - - CLEARBOX - - RANK_BY_EMBEDDING - - RANK_BY_FORMULA - safeSearch: - description: >- - Whether to turn on safe search. This is only supported for website - search. - type: boolean - userLabels: - description: >- - The user labels applied to a resource must meet the following - requirements: * Each resource can have multiple labels, up to a - maximum of 64. * Each label must be a key-value pair. * Keys have a - minimum length of 1 character and a maximum length of 63 characters - and cannot be empty. Values can be empty and have a maximum length - of 63 characters. * Keys and values can contain only lowercase - letters, numeric characters, underscores, and dashes. All characters - must use UTF-8 encoding, and international characters are allowed. * - The key portion of a label must be unique. However, you can use the - same key with multiple resources. * Keys must start with a lowercase - letter or international character. See [Google Cloud - Document](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) - for more details. - type: object - additionalProperties: + suggestionTypeSpecs: + description: Optional. Specification of each suggestion type. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestSuggestionTypeSpec + experimentIds: + type: array + description: Optional. Experiment ids for this request. + items: type: string - naturalLanguageQueryUnderstandingSpec: - description: >- - Config for natural language query understanding capabilities, such - as extracting structured field filters from the query. Refer to - [this - documentation](https://cloud.google.com/generative-ai-app-builder/docs/natural-language-queries) - for more information. If `naturalLanguageQueryUnderstandingSpec` is - not specified, no additional natural language query understanding - will be done. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestNaturalLanguageQueryUnderstandingSpec - searchAsYouTypeSpec: - description: >- - Search as you type configuration. Only supported for the - IndustryVertical.MEDIA vertical. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestSearchAsYouTypeSpec - customFineTuningSpec: - description: >- - Custom fine tuning configs. If set, it has higher priority than the - configs set in ServingConfig.custom_fine_tuning_spec. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaCustomFineTuningSpec - displaySpec: + description: Request message for CompletionService.AdvancedCompleteQuery method. . + type: object + id: GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequest + GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfig: + description: Additional config specs for a Media Recommendation engine. + properties: + trainingState: description: >- - Optional. Config for display feature, like match highlighting on - search results. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestDisplaySpec - session: + The training state that the engine is in (e.g. `TRAINING` or + `PAUSED`). Since part of the cost of running the service is + frequency of training - this can be used to determine when to train + engine in order to control cost. If not specified: the default value + for `CreateEngine` method is `TRAINING`. The default value for + `UpdateEngine` method is to keep the state the same as before. + enumDescriptions: + - Unspecified training state. + - The engine training is paused. + - The engine is training. + type: string + enum: + - TRAINING_STATE_UNSPECIFIED + - PAUSED + - TRAINING + type: description: >- - The session resource name. Optional. Session allows users to do - multi-turn /search API calls or coordination between /search API - calls and /answer API calls. Example #1 (multi-turn /search API - calls): Call /search API with the session ID generated in the first - call. Here, the previous search query gets considered in query - standing. I.e., if the first query is "How did Alphabet do in 2022?" - and the current query is "How about 2023?", the current query will - be interpreted as "How did Alphabet do in 2023?". Example #2 - (coordination between /search API calls and /answer API calls): Call - /answer API with the session ID generated in the first call. Here, - the answer generation happens in the context of the search results - from the first search call. Multi-turn Search feature is currently - at private GA stage. Please use v1alpha or v1beta version instead - before we launch this feature to public GA. Or ask for allowlisting - through Google Support team. + Required. The type of engine. e.g., `recommended-for-you`. This + field together with optimization_objective describe engine metadata + to use to control engine training and serving. Currently supported + values: `recommended-for-you`, `others-you-may-like`, + `more-like-this`, `most-popular-items`. type: string - sessionSpec: - description: Session specification. Can be used only when `session` is set. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestSessionSpec - relevanceThreshold: + optimizationObjective: description: >- - The relevance threshold of the search results. Default to Google - defined threshold, leveraging a balance of precision and recall to - deliver both highly accurate results and comprehensive coverage of - relevant information. This feature is not supported for healthcare - search. + The optimization objective. e.g., `cvr`. This field together with + optimization_objective describe engine metadata to use to control + engine training and serving. Currently supported values: `ctr`, + `cvr`. If not specified, we choose default based on engine type. + Default depends on type of recommendation: `recommended-for-you` => + `ctr` `others-you-may-like` => `ctr` type: string - enumDescriptions: - - >- - Default value. In this case, server behavior defaults to Google - defined threshold. - - Lowest relevance threshold. - - Low relevance threshold. - - Medium relevance threshold. - - High relevance threshold. - enum: - - RELEVANCE_THRESHOLD_UNSPECIFIED - - LOWEST - - LOW - - MEDIUM - - HIGH - personalizationSpec: + optimizationObjectiveConfig: description: >- - The specification for personalization. Notice that if both - ServingConfig.personalization_spec and - SearchRequest.personalization_spec are set, - SearchRequest.personalization_spec overrides - ServingConfig.personalization_spec. + Name and value of the custom threshold for cvr + optimization_objective. For target_field `watch-time`, + target_field_value must be an integer value indicating the media + progress time in seconds between (0, 86400] (excludes 0, includes + 86400) (e.g., 90). For target_field `watch-percentage`, the + target_field_value must be a valid float value between (0, 1.0] + (excludes 0, includes 1.0) (e.g., 0.5). $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestPersonalizationSpec - relevanceScoreSpec: - description: Optional. The specification for returning the relevance score. + #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigOptimizationObjectiveConfig + engineFeaturesConfig: + description: Optional. Additional engine features config. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestRelevanceScoreSpec - GoogleCloudDiscoveryengineV1alphaSearchRequestImageQuery: - id: GoogleCloudDiscoveryengineV1alphaSearchRequestImageQuery - description: Specifies the image query input. + #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigEngineFeaturesConfig + id: GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfig type: object + GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecChunkSpec: properties: - imageBytes: + numNextChunks: + type: integer + format: int32 description: >- - Base64 encoded image bytes. Supported image formats: JPEG, PNG, and - BMP. + The number of next chunks to be returned of the current chunk. The + maximum allowed value is 3. If not specified, no next chunks will be + returned. + numPreviousChunks: + description: >- + The number of previous chunks to be returned of the current chunk. + The maximum allowed value is 3. If not specified, no previous chunks + will be returned. + format: int32 + type: integer + description: >- + Specifies the chunk spec to be returned from the search response. Only + available if the SearchRequest.ContentSearchSpec.search_result_mode is + set to CHUNKS + id: GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecChunkSpec + type: object + GoogleCloudDiscoveryengineV1WidgetConfigHomepageSettingShortcut: + properties: + icon: + description: Optional. Icon URL of shortcut. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigImage' + title: type: string - GoogleCloudDiscoveryengineV1alphaSearchRequestDataStoreSpec: - id: GoogleCloudDiscoveryengineV1alphaSearchRequestDataStoreSpec + description: Optional. Title of the shortcut. + destinationUri: + type: string + description: Optional. Destination URL of shortcut. + id: GoogleCloudDiscoveryengineV1WidgetConfigHomepageSettingShortcut description: >- - A struct to define data stores to filter on in a search call and - configurations for those data stores. Otherwise, an `INVALID_ARGUMENT` - error is returned. + Describes an entity of shortcut (aka pinned content) on the homepage. + The home page will render these shortcuts in the same order as what the + API returns. If a customer wants to reorder or remove a shortcut, the UI + should always provide the new full list of shortcuts. + type: object + GoogleCloudDiscoveryengineV1CheckGroundingSpec: + description: Specification for the grounding check. type: object + id: GoogleCloudDiscoveryengineV1CheckGroundingSpec properties: - dataStore: + citationThreshold: + format: double + type: number description: >- - Required. Full resource name of DataStore, such as - `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}`. - The path must include the project number, project id is not - supported for this field. - type: string - filter: + The threshold (in [0,1]) used for determining whether a fact must be + cited for a claim in the answer candidate. Choosing a higher + threshold will lead to fewer but very strong citations, while + choosing a lower threshold may lead to more but somewhat weaker + citations. If unset, the threshold will default to 0.6. + enableClaimLevelScore: + type: boolean description: >- - Optional. Filter specification to filter documents in the data store - specified by data_store field. For more information on filtering, - see - [Filtering](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) + The control flag that enables claim-level grounding score in the + response. + GoogleCloudDiscoveryengineV1PageInfo: + properties: + pageviewId: + description: >- + A unique ID of a web page view. This should be kept the same for all + user events triggered from the same pageview. For example, an item + detail page view could trigger multiple events as the user is + browsing the page. The `pageview_id` property should be kept the + same for all these events so that they can be grouped together + properly. When using the client side event reporting with JavaScript + pixel and Google Tag Manager, this value is filled in automatically. + type: string + referrerUri: type: string - boostSpec: description: >- - Optional. Boost specification to boost certain documents. For more - information on boosting, see - [Boosting](https://cloud.google.com/generative-ai-app-builder/docs/boost-search-results) - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpec - customSearchOperators: + The referrer URL of the current page. When using the client side + event reporting with JavaScript pixel and Google Tag Manager, this + value is filled in automatically. However, some browser privacy + restrictions may cause this field to be empty. + pageCategory: description: >- - Optional. Custom search operators which if specified will be used to - filter results from workspace data stores. For more information on - custom search operators, see - [SearchOperators](https://support.google.com/cloudsearch/answer/6172299). + The most specific category associated with a category page. To + represent full path of category, use '>' sign to separate different + hierarchies. If '>' is part of the category name, replace it with + other character(s). Category pages include special pages such as + sales or promotions. For instance, a special sale page may have the + category hierarchy: `"pageCategory" : "Sales > 2017 Black Friday + Deals"`. Required for `view-category-page` events. Other event types + should not set this field. Otherwise, an `INVALID_ARGUMENT` error is + returned. type: string - GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpec: - id: GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpec - description: Boost specification to boost certain documents. + uri: + description: >- + Complete URL (window.location.href) of the user's current page. When + using the client side event reporting with JavaScript pixel and + Google Tag Manager, this value is filled in automatically. Maximum + length 5,000 characters. + type: string + type: object + description: Detailed page information. + id: GoogleCloudDiscoveryengineV1PageInfo + GoogleCloudDiscoveryengineV1alphaTuneEngineResponse: + description: Response associated with a tune operation. + type: object + id: GoogleCloudDiscoveryengineV1alphaTuneEngineResponse + properties: {} + GoogleCloudDiscoveryengineV1alphaSearchRequestEmbeddingSpec: + description: >- + The specification that uses customized query embedding vector to do + semantic document retrieval. + id: GoogleCloudDiscoveryengineV1alphaSearchRequestEmbeddingSpec type: object properties: - conditionBoostSpecs: - description: >- - Condition boost specifications. If a document matches multiple - conditions in the specifications, boost scores from these - specifications are all applied and combined in a non-linear way. - Maximum number of specifications is 20. - type: array + embeddingVectors: items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpec - GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpec: - id: >- - GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpec - description: Boost applies to documents which match a condition. + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestEmbeddingSpecEmbeddingVector + type: array + description: The embedding vector used for retrieval. Limit to 1. + GoogleCloudDiscoveryengineV1SpannerSource: + description: The Spanner source for importing data + id: GoogleCloudDiscoveryengineV1SpannerSource type: object properties: - condition: - description: >- - An expression which specifies a boost condition. The syntax and - supported fields are the same as a filter expression. See - SearchRequest.filter for detail syntax and limitations. Examples: * - To boost documents with document ID "doc_1" or "doc_2", and color - "Red" or "Blue": `(document_id: ANY("doc_1", "doc_2")) AND (color: - ANY("Red", "Blue"))` + tableId: type: string - boost: - description: >- - Strength of the condition boost, which should be in [-1, 1]. - Negative boost means demotion. Default is 0.0. Setting to 1.0 gives - the document a big promotion. However, it does not necessarily mean - that the boosted document will be the top result at all times, nor - that other documents will be excluded. Results could still be shown - even when none of them matches the condition. And results that are - significantly more relevant to the search query can still trump your - heavily favored but irrelevant documents. Setting to -1.0 gives the - document a big demotion. However, results that are deeply relevant - might still be shown. The document will have an upstream battle to - get a fairly high ranking, but it is not blocked out completely. - Setting to 0.0 means no boost applied. The boosting condition is - ignored. Only one of the (condition, boost) combination or the - boost_control_spec below are set. If both are set then the global - boost is ignored and the more fine-grained boost_control_spec is - applied. - type: number - format: float - boostControlSpec: - description: >- - Complex specification for custom ranking based on customer defined - attribute value. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpecBoostControlSpec - GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpecBoostControlSpec: - id: >- - GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpecBoostControlSpec - description: >- - Specification for custom ranking based on customer specified attribute - value. It provides more controls for customized ranking than the simple - (condition, boost) combination above. - type: object - properties: - fieldName: description: >- - The name of the field whose value will be used to determine the - boost amount. + Required. The table name of the Spanner database that needs to be + imported. + instanceId: + description: Required. The instance ID of the source Spanner table. + type: string + projectId: type: string - attributeType: description: >- - The attribute type to be used to determine the boost amount. The - attribute value can be derived from the field value of the specified - field_name. In the case of numerical it is straightforward i.e. - attribute_value = numerical_field_value. In the case of freshness - however, attribute_value = (time.now() - datetime_field_value). + The project ID that contains the Spanner source. Has a length limit + of 128 characters. If not specified, inherits the project ID from + the parent request. + databaseId: type: string - enumDescriptions: - - Unspecified AttributeType. - - >- - The value of the numerical field will be used to dynamically - update the boost amount. In this case, the attribute_value (the x - value) of the control point will be the actual value of the - numerical field for which the boost_amount is specified. - - >- - For the freshness use case the attribute value will be the - duration between the current time and the date in the datetime - field specified. The value must be formatted as an XSD - `dayTimeDuration` value (a restricted subset of an ISO 8601 - duration value). The pattern for this is: `nDnM]`. For example, - `5D`, `3DT12H30M`, `T24H`. - enum: - - ATTRIBUTE_TYPE_UNSPECIFIED - - NUMERICAL - - FRESHNESS - interpolationType: + description: Required. The database ID of the source Spanner table. + enableDataBoost: description: >- - The interpolation type to be applied to connect the control points - listed below. + Whether to apply data boost on Spanner export. Enabling this option + will incur additional cost. More info can be found + [here](https://cloud.google.com/spanner/docs/databoost/databoost-overview#billing_and_quotas). + type: boolean + GoogleCloudDiscoveryengineV1alphaDeleteSessionRequest: + id: GoogleCloudDiscoveryengineV1alphaDeleteSessionRequest + properties: + name: type: string - enumDescriptions: - - >- - Interpolation type is unspecified. In this case, it defaults to - Linear. - - Piecewise linear interpolation will be applied. - enum: - - INTERPOLATION_TYPE_UNSPECIFIED - - LINEAR - controlPoints: description: >- - The control points used to define the curve. The monotonic function - (defined through the interpolation_type above) passes through the - control points listed here. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint - GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint: - id: >- - GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint - description: >- - The control points used to define the curve. The curve defined through - these control points can only be monotonically increasing or - decreasing(constant values are acceptable). + Required. The resource name of the Session to delete. Format: + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store_id}/sessions/{session_id}` + description: Request for DeleteSession method. + type: object + GoogleCloudDiscoveryengineV1betaPurgeSuggestionDenyListEntriesMetadata: + id: GoogleCloudDiscoveryengineV1betaPurgeSuggestionDenyListEntriesMetadata type: object + description: >- + Metadata related to the progress of the PurgeSuggestionDenyListEntries + operation. This is returned by the google.longrunning.Operation.metadata + field. properties: - attributeValue: - description: >- - Can be one of: 1. The numerical field value. 2. The duration spec - for freshness: The value must be formatted as an XSD - `dayTimeDuration` value (a restricted subset of an ISO 8601 duration - value). The pattern for this is: `nDnM]`. + createTime: + format: google-datetime type: string - boostAmount: + description: Operation create time. + updateTime: + format: google-datetime description: >- - The value between -1 to 1 by which to boost the score if the - attribute_value evaluates to the value specified above. - type: number - format: float - GoogleCloudDiscoveryengineV1alphaUserInfo: - id: GoogleCloudDiscoveryengineV1alphaUserInfo - description: Information of an end user. + Operation last update time. If the operation is done, this is also + the finish time. + type: string + GoogleCloudDiscoveryengineV1ProvisionProjectMetadata: + type: object + id: GoogleCloudDiscoveryengineV1ProvisionProjectMetadata + properties: {} + description: Metadata associated with a project provision operation. + GoogleCloudDiscoveryengineV1betaTrainCustomModelMetadata: type: object + id: GoogleCloudDiscoveryengineV1betaTrainCustomModelMetadata properties: - userId: - description: >- - Highly recommended for logged-in users. Unique identifier for - logged-in user, such as a user name. Don't set for anonymous users. - Always use a hashed value for this ID. Don't set the field to the - same fixed ID for different users. This mixes the event history of - those users together, which results in degraded model quality. The - field must be a UTF-8 encoded string with a length limit of 128 - characters. Otherwise, an `INVALID_ARGUMENT` error is returned. + updateTime: + format: google-datetime type: string - userAgent: description: >- - User agent as included in the HTTP header. The field must be a UTF-8 - encoded string with a length limit of 1,000 characters. Otherwise, - an `INVALID_ARGUMENT` error is returned. This should not be set when - using the client side event reporting with GTM or JavaScript tag in - UserEventService.CollectUserEvent or if - UserEvent.direct_user_request is set. - type: string - timeZone: - description: Optional. IANA time zone, e.g. Europe/Budapest. + Operation last update time. If the operation is done, this is also + the finish time. + createTime: type: string - GoogleCloudDiscoveryengineV1alphaSearchRequestFacetSpec: - id: GoogleCloudDiscoveryengineV1alphaSearchRequestFacetSpec - description: A facet specification to perform faceted search. + description: Operation create time. + format: google-datetime + description: >- + Metadata related to the progress of the TrainCustomModel operation. This + is returned by the google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1DocumentAclInfo: + description: ACL Information of the Document. + id: GoogleCloudDiscoveryengineV1DocumentAclInfo type: object properties: - facetKey: - description: Required. The facet key specification. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestFacetSpecFacetKey - limit: - description: >- - Maximum facet values that are returned for this facet. If - unspecified, defaults to 20. The maximum allowed value is 300. - Values above 300 are coerced to 300. For aggregation in healthcare - search, when the [FacetKey.key] is "healthcare_aggregation_key", the - limit will be overridden to 10,000 internally, regardless of the - value set here. If this field is negative, an `INVALID_ARGUMENT` is - returned. - type: integer - format: int32 - excludedFilterKeys: - description: >- - List of keys to exclude when faceting. By default, FacetKey.key is - not excluded from the filter unless it is listed in this field. - Listing a facet key in this field allows its values to appear as - facet results, even when they are filtered out of search results. - Using this field does not affect what search results are returned. - For example, suppose there are 100 documents with the color facet - "Red" and 200 documents with the color facet "Blue". A query - containing the filter "color:ANY("Red")" and having "color" as - FacetKey.key would by default return only "Red" documents in the - search results, and also return "Red" with count 100 as the only - color facet. Although there are also blue documents available, - "Blue" would not be shown as an available facet value. If "color" is - listed in "excludedFilterKeys", then the query returns the facet - values "Red" with count 100 and "Blue" with count 200, because the - "color" key is now excluded from the filter. Because this field - doesn't affect search results, the search results are still - correctly filtered to return only "Red" documents. A maximum of 100 - values are allowed. Otherwise, an `INVALID_ARGUMENT` error is - returned. - type: array + readers: items: - type: string - enableDynamicPosition: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1DocumentAclInfoAccessRestriction + type: array + description: Readers of the document. + GoogleCloudDiscoveryengineV1DeleteEngineMetadata: + description: >- + Metadata related to the progress of the EngineService.DeleteEngine + operation. This will be returned by the + google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1DeleteEngineMetadata + type: object + properties: + createTime: + format: google-datetime + type: string + description: Operation create time. + updateTime: + format: google-datetime description: >- - Enables dynamic position for this facet. If set to true, the - position of this facet among all facets in the response is - determined automatically. If dynamic facets are enabled, it is - ordered together. If set to false, the position of this facet in the - response is the same as in the request, and it is ranked before the - facets with dynamic position enable and all dynamic facets. For - example, you may always want to have rating facet returned in the - response, but it's not necessarily to always display the rating - facet at the top. In that case, you can set enable_dynamic_position - to true so that the position of rating facet in response is - determined automatically. Another example, assuming you have the - following facets in the request: * "rating", enable_dynamic_position - = true * "price", enable_dynamic_position = false * "brands", - enable_dynamic_position = false And also you have a dynamic facets - enabled, which generates a facet `gender`. Then the final order of - the facets in the response can be ("price", "brands", "rating", - "gender") or ("price", "brands", "gender", "rating") depends on how - API orders "gender" and "rating" facets. However, notice that - "price" and "brands" are always ranked at first and second position - because their enable_dynamic_position is false. - type: boolean - GoogleCloudDiscoveryengineV1alphaSearchRequestFacetSpecFacetKey: - id: GoogleCloudDiscoveryengineV1alphaSearchRequestFacetSpecFacetKey - description: Specifies how a facet is computed. + Operation last update time. If the operation is done, this is also + the finish time. + type: string + GoogleCloudDiscoveryengineV1betaDeleteIdentityMappingStoreMetadata: + properties: + updateTime: + type: string + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + createTime: + description: Operation create time. + type: string + format: google-datetime + id: GoogleCloudDiscoveryengineV1betaDeleteIdentityMappingStoreMetadata + type: object + description: >- + Metadata related to the progress of the + IdentityMappingStoreService.DeleteIdentityMappingStore operation. This + will be returned by the google.longrunning.Operation.metadata field. + GoogleApiDistribution: + description: >- + `Distribution` contains summary statistics for a population of values. + It optionally contains a histogram representing the distribution of + those values across a set of buckets. The summary statistics are the + count, mean, sum of the squared deviation from the mean, the minimum, + and the maximum of the set of population of values. The histogram is + based on a sequence of buckets and gives a count of values that fall + into each bucket. The boundaries of the buckets are given either + explicitly or by formulas for buckets of fixed or exponentially + increasing widths. Although it is not forbidden, it is generally a bad + idea to include non-finite values (infinities or NaNs) in the population + of values, as this will render the `mean` and `sum_of_squared_deviation` + fields meaningless. type: object + id: GoogleApiDistribution properties: - key: + range: description: >- - Required. Supported textual and numerical facet keys in Document - object, over which the facet values are computed. Facet key is - case-sensitive. + If specified, contains the range of the population values. The field + must not be present if the `count` is zero. + $ref: '#/components/schemas/GoogleApiDistributionRange' + count: + description: >- + The number of values in the population. Must be non-negative. This + value must equal the sum of the values in `bucket_counts` if a + histogram is provided. type: string - intervals: + format: int64 + mean: + format: double + type: number description: >- - Set only if values should be bucketed into intervals. Must be set - for facets with numerical values. Must not be set for facet with - text values. Maximum number of intervals is 30. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaInterval' - restrictedValues: + The arithmetic mean of the values in the population. If `count` is + zero then this field must be zero. + sumOfSquaredDeviation: + type: number + format: double description: >- - Only get facet for the given restricted values. Only supported on - textual fields. For example, suppose "category" has three values - "Action > 2022", "Action > 2021" and "Sci-Fi > 2022". If set - "restricted_values" to "Action > 2022", the "category" facet only - contains "Action > 2022". Only supported on textual fields. Maximum - is 10. - type: array - items: - type: string - prefixes: + The sum of squared deviations from the mean of the values in the + population. For values x_i this is: Sum[i=1..n]((x_i - mean)^2) + Knuth, "The Art of Computer Programming", Vol. 2, page 232, 3rd + edition describes Welford's method for accumulating this sum in one + pass. If `count` is zero then this field must be zero. + bucketOptions: + $ref: '#/components/schemas/GoogleApiDistributionBucketOptions' description: >- - Only get facet values that start with the given string prefix. For - example, suppose "category" has three values "Action > 2022", - "Action > 2021" and "Sci-Fi > 2022". If set "prefixes" to "Action", - the "category" facet only contains "Action > 2022" and "Action > - 2021". Only supported on textual fields. Maximum is 10. - type: array - items: - type: string - contains: + Defines the histogram bucket boundaries. If the distribution does + not contain a histogram, then omit this field. + bucketCounts: description: >- - Only get facet values that contain the given strings. For example, - suppose "category" has three values "Action > 2022", "Action > 2021" - and "Sci-Fi > 2022". If set "contains" to "2022", the "category" - facet only contains "Action > 2022" and "Sci-Fi > 2022". Only - supported on textual fields. Maximum is 10. + The number of values in each bucket of the histogram, as described + in `bucket_options`. If the distribution does not have a histogram, + then omit this field. If there is a histogram, then the sum of the + values in `bucket_counts` must equal the value in the `count` field + of the distribution. If present, `bucket_counts` should contain N + values, where N is the number of buckets specified in + `bucket_options`. If you supply fewer than N values, the remaining + values are assumed to be 0. The order of the values in + `bucket_counts` follows the bucket numbering schemes described for + the three bucket types. The first value must be the count for the + underflow bucket (number 0). The next N-2 values are the counts for + the finite buckets (number 1 through N-2). The N'th value in + `bucket_counts` is the count for the overflow bucket (number N-1). type: array items: type: string - caseInsensitive: + format: int64 + exemplars: + description: Must be in increasing order of `value` field. + items: + $ref: '#/components/schemas/GoogleApiDistributionExemplar' + type: array + GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryRephraserSpec: + description: Query rephraser specification. + id: >- + GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryRephraserSpec + properties: + maxRephraseSteps: description: >- - True to make facet keys case insensitive when getting faceting - values with prefixes or contains; false otherwise. + Max rephrase steps. The max number is 5 steps. If not set or set to + < 1, it will be set to 1 by default. + format: int32 + type: integer + modelSpec: + description: Optional. Query Rephraser Model specification. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryRephraserSpecModelSpec + disable: type: boolean - orderBy: - description: >- - The order in which documents are returned. Allowed values are: * - "count desc", which means order by SearchResponse.Facet.values.count - descending. * "value desc", which means order by - SearchResponse.Facet.values.value descending. Only applies to - textual facets. If not set, textual values are sorted in [natural - order](https://en.wikipedia.org/wiki/Natural_sort_order); numerical - intervals are sorted in the order given by - FacetSpec.FacetKey.intervals. - type: string - GoogleCloudDiscoveryengineV1alphaInterval: - id: GoogleCloudDiscoveryengineV1alphaInterval - description: A floating point interval. + description: Disable query rephraser. type: object + GoogleCloudDiscoveryengineV1betaCrawlRateTimeSeries: + description: The historical crawl rate timeseries data, used for monitoring. + id: GoogleCloudDiscoveryengineV1betaCrawlRateTimeSeries properties: - minimum: - description: Inclusive lower bound. - type: number - format: double - exclusiveMinimum: - description: Exclusive lower bound. - type: number - format: double - maximum: - description: Inclusive upper bound. - type: number - format: double - exclusiveMaximum: - description: Exclusive upper bound. - type: number - format: double - GoogleCloudDiscoveryengineV1alphaSearchRequestQueryExpansionSpec: - id: GoogleCloudDiscoveryengineV1alphaSearchRequestQueryExpansionSpec - description: >- - Specification to determine under which conditions query expansion should - occur. + qpsTimeSeries: + $ref: '#/components/schemas/GoogleMonitoringV3TimeSeries' + description: The QPS of the crawl rate. type: object + GoogleCloudDiscoveryengineV1betaImportUserEventsResponse: properties: - condition: - description: >- - The condition under which query expansion should occur. Default to - Condition.DISABLED. + joinedEventsCount: + format: int64 type: string - enumDescriptions: - - >- - Unspecified query expansion condition. In this case, server - behavior defaults to Condition.DISABLED. - - >- - Disabled query expansion. Only the exact search query is used, - even if SearchResponse.total_size is zero. - - Automatic query expansion built by the Search API. - enum: - - CONDITION_UNSPECIFIED - - DISABLED - - AUTO - pinUnexpandedResults: + description: Count of user events imported with complete existing Documents. + errorConfig: description: >- - Whether to pin unexpanded results. If this field is set to true, - unexpanded products are always at the top of the search results, - followed by the expanded results. - type: boolean - GoogleCloudDiscoveryengineV1alphaSearchRequestSpellCorrectionSpec: - id: GoogleCloudDiscoveryengineV1alphaSearchRequestSpellCorrectionSpec - description: The specification for query spell correction. + Echoes the destination for the complete errors if this field was set + in the request. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaImportErrorConfig + errorSamples: + type: array + description: A sample of errors encountered while processing the request. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + unjoinedEventsCount: + description: >- + Count of user events imported, but with Document information not + found in the existing Branch. + type: string + format: int64 type: object + id: GoogleCloudDiscoveryengineV1betaImportUserEventsResponse + description: >- + Response of the ImportUserEventsRequest. If the long running operation + was successful, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. + GoogleCloudDiscoveryengineV1alphaLicenseConfig: properties: - mode: + alertPolicyResourceConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAlertPolicyResourceConfig + description: Optional. The alert policy config for this license config. + freeTrial: + type: boolean + description: Optional. Whether the license config is for free trial. + name: + type: string description: >- - The mode under which spell correction replaces the original search - query. Defaults to Mode.AUTO. + Immutable. Identifier. The fully qualified resource name of the + license config. Format: + `projects/{project}/locations/{location}/licenseConfigs/{license_config}` + startDate: + $ref: '#/components/schemas/GoogleTypeDate' + description: Required. The start date. + autoRenew: + description: >- + Optional. Whether the license config should be auto renewed when it + reaches the end date. + type: boolean + geminiBundle: + type: boolean + description: Output only. Whether the license config is for Gemini bundle. + readOnly: true + subscriptionTerm: + enumDescriptions: + - Default value, do not use. + - 1 month. + - 1 year. + - 3 years. + description: Required. Subscription term. + type: string + enum: + - SUBSCRIPTION_TERM_UNSPECIFIED + - SUBSCRIPTION_TERM_ONE_MONTH + - SUBSCRIPTION_TERM_ONE_YEAR + - SUBSCRIPTION_TERM_THREE_YEARS + endDate: + description: Optional. The planed end date. + $ref: '#/components/schemas/GoogleTypeDate' + licenseCount: + format: int64 type: string + description: Required. Number of licenses purchased. + subscriptionTier: + enum: + - SUBSCRIPTION_TIER_UNSPECIFIED + - SUBSCRIPTION_TIER_SEARCH + - SUBSCRIPTION_TIER_SEARCH_AND_ASSISTANT + - SUBSCRIPTION_TIER_NOTEBOOK_LM + - SUBSCRIPTION_TIER_FRONTLINE_WORKER + - SUBSCRIPTION_TIER_AGENTSPACE_STARTER + - SUBSCRIPTION_TIER_AGENTSPACE_BUSINESS + - SUBSCRIPTION_TIER_ENTERPRISE + - SUBSCRIPTION_TIER_EDU + - SUBSCRIPTION_TIER_EDU_PRO + - SUBSCRIPTION_TIER_EDU_EMERGING + - SUBSCRIPTION_TIER_EDU_PRO_EMERGING + - SUBSCRIPTION_TIER_FRONTLINE_STARTER enumDescriptions: + - Default value. - >- - Unspecified spell correction mode. In this case, server behavior - defaults to Mode.AUTO. + Search tier. Search tier can access VAIS search features and + NotebookLM features. - >- - Search API tries to find a spelling suggestion. If a suggestion is - found, it is put in the SearchResponse.corrected_query. The - spelling suggestion won't be used as the search query. + Search + assistant tier. Search + assistant tier can access VAIS + search features, NotebookLM features and assistant features. - >- - Automatic spell correction built by the Search API. Search will be - based on the corrected query if found. + NotebookLM tier. NotebookLM is a subscription tier can only access + NotebookLM features. + - Frontline worker tier. + - Agentspace Starter tier. + - Agentspace Business tier. + - Enterprise tier. + - EDU tier. + - EDU Pro tier. + - EDU emerging market tier. + - EDU Pro emerging market tier. + - Frontline starter tier. + description: Required. Subscription tier information for the license config. + type: string + state: + readOnly: true + description: Output only. The state of the license config. enum: - - MODE_UNSPECIFIED - - SUGGESTION_ONLY - - AUTO - GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpec: - id: GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpec - description: A specification for configuring the behavior of content search. + - STATE_UNSPECIFIED + - ACTIVE + - EXPIRED + - NOT_STARTED + enumDescriptions: + - Default value. The license config does not exist. + - The license config is effective and being used. + - The license config has expired. + - >- + The license config has not started yet, and its start date is in + the future. + type: string + type: object + id: GoogleCloudDiscoveryengineV1alphaLicenseConfig + description: Information about users' licenses. + GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecExtractiveContentSpec: + id: >- + GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecExtractiveContentSpec + description: >- + A specification for configuring the extractive content in a search + response. type: object properties: - snippetSpec: - description: >- - If `snippetSpec` is not specified, snippets are not included in the - search response. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSnippetSpec - summarySpec: + numNextSegments: description: >- - If `summarySpec` is not specified, summaries are not included in the - search response. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpec - extractiveContentSpec: + Return at most `num_next_segments` segments after each selected + segments. + format: int32 + type: integer + numPreviousSegments: description: >- - If there is no extractive_content_spec provided, there will be no - extractive answer in the search response. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecExtractiveContentSpec - searchResultMode: - description: >- - Specifies the search result mode. If unspecified, the search result - mode defaults to `DOCUMENTS`. - type: string - enumDescriptions: - - Default value. - - Returns documents in the search result. - - >- - Returns chunks in the search result. Only available if the - DocumentProcessingConfig.chunking_config is specified. - enum: - - SEARCH_RESULT_MODE_UNSPECIFIED - - DOCUMENTS - - CHUNKS - chunkSpec: - description: >- - Specifies the chunk spec to be returned from the search response. - Only available if the - SearchRequest.ContentSearchSpec.search_result_mode is set to CHUNKS - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecChunkSpec - GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSnippetSpec: - id: >- - GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSnippetSpec - description: A specification for configuring snippets in a search response. - type: object - properties: - maxSnippetCount: - description: >- - [DEPRECATED] This field is deprecated. To control snippet return, - use `return_snippet` field. For backwards compatibility, we will - return snippet if max_snippet_count > 0. - deprecated: true + Specifies whether to also include the adjacent from each selected + segments. Return at most `num_previous_segments` segments before + each selected segments. type: integer format: int32 - referenceOnly: + maxExtractiveSegmentCount: description: >- - [DEPRECATED] This field is deprecated and will have no affect on the - snippet. - deprecated: true - type: boolean - returnSnippet: + The max number of extractive segments returned in each search + result. Only applied if the DataStore is set to + DataStore.ContentConfig.CONTENT_REQUIRED or DataStore.solution_types + is SOLUTION_TYPE_CHAT. An extractive segment is a text segment + extracted from the original document that is relevant to the search + query, and, in general, more verbose than an extractive answer. The + segment could then be used as input for LLMs to generate summaries + and answers. If the number of matching segments is less than + `max_extractive_segment_count`, return all of the segments. + Otherwise, return the `max_extractive_segment_count`. + format: int32 + type: integer + returnExtractiveSegmentScore: description: >- - If `true`, then return snippet. If no snippet can be generated, we - return "No snippet is available for this page." A `snippet_status` - with `SUCCESS` or `NO_SNIPPET_AVAILABLE` will also be returned. + Specifies whether to return the confidence score from the extractive + segments in each search result. This feature is available only for + new or allowlisted data stores. To allowlist your data store, + contact your Customer Engineer. The default value is `false`. type: boolean - GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpec: - id: >- - GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpec - description: A specification for configuring a summary returned in a search response. - type: object - properties: - summaryResultCount: + maxExtractiveAnswerCount: description: >- - The number of top results to generate the summary from. If the - number of results returned is less than `summaryResultCount`, the - summary is generated from all of the results. At most 10 results for - documents mode, or 50 for chunks mode, can be used to generate a - summary. The chunks mode is used when - SearchRequest.ContentSearchSpec.search_result_mode is set to CHUNKS. + The maximum number of extractive answers returned in each search + result. An extractive answer is a verbatim answer extracted from the + original document, which provides a precise and contextually + relevant answer to the search query. If the number of matching + answers is less than the `max_extractive_answer_count`, return all + of the answers. Otherwise, return the `max_extractive_answer_count`. + At most five answers are returned for each SearchResult. type: integer format: int32 - includeCitations: + GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryRephraserSpecModelSpec: + description: Query Rephraser Model specification. + properties: + modelType: + enumDescriptions: + - Unspecified model type. + - Small query rephraser model. Gemini 1.0 XS model. + - Large query rephraser model. Gemini 1.0 Pro model. + type: string + enum: + - MODEL_TYPE_UNSPECIFIED + - SMALL + - LARGE description: >- - Specifies whether to include citations in the summary. The default - value is `false`. When this field is set to `true`, summaries - include in-line citation numbers. Example summary including - citations: BigQuery is Google Cloud's fully managed and completely - serverless enterprise data warehouse [1]. BigQuery supports all data - types, works across clouds, and has built-in machine learning and - business intelligence, all within a unified platform [2, 3]. The - citation numbers refer to the returned search results and are - 1-indexed. For example, [1] means that the sentence is attributed to - the first search result. [2, 3] means that the sentence is - attributed to both the second and third search results. - type: boolean - ignoreAdversarialQuery: + Optional. Enabled query rephraser model type. If not set, it will + use LARGE by default. + type: object + id: >- + GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryRephraserSpecModelSpec + GoogleCloudDiscoveryengineV1betaControlSynonymsAction: + properties: + synonyms: + items: + type: string + type: array description: >- - Specifies whether to filter out adversarial queries. The default - value is `false`. Google employs search-query classification to - detect adversarial queries. No summary is returned if the search - query is classified as an adversarial query. For example, a user - might ask a question regarding negative comments about the company - or submit a query designed to generate unsafe, policy-violating - output. If this field is set to `true`, we skip generating summaries - for adversarial queries and return fallback messages instead. - type: boolean - ignoreNonSummarySeekingQuery: + Defines a set of synonyms. Can specify up to 100 synonyms. Must + specify at least 2 synonyms. Otherwise an INVALID ARGUMENT error is + thrown. + description: >- + Creates a set of terms that will act as synonyms of one another. + Example: "happy" will also be considered as "glad", "glad" will also be + considered as "happy". + id: GoogleCloudDiscoveryengineV1betaControlSynonymsAction + type: object + GoogleCloudDiscoveryengineV1alphaAssistAnswerReply: + type: object + id: GoogleCloudDiscoveryengineV1alphaAssistAnswerReply + properties: + replyId: description: >- - Specifies whether to filter out queries that are not - summary-seeking. The default value is `false`. Google employs - search-query classification to detect summary-seeking queries. No - summary is returned if the search query is classified as a - non-summary seeking query. For example, `why is the sky blue` and - `Who is the best soccer player in the world?` are summary-seeking - queries, but `SFO airport` and `world cup 2026` are not. They are - most likely navigational queries. If this field is set to `true`, we - skip generating summaries for non-summary seeking queries and return - fallback messages instead. - type: boolean - ignoreLowRelevantContent: + Output only. When set, uniquely identifies a reply within the + `AssistAnswer` resource. During an AssistantService.StreamAssist + call, multiple `Reply` messages with the same ID can occur within + the response stream (across multiple + AssistantService.StreamAssistResponse messages). These represent + parts of a single `Reply` message in the final `AssistAnswer` + resource. + type: string + readOnly: true + groundedContent: + description: Possibly grounded response text or media from the assistant. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAssistantGroundedContent + description: One part of the multi-part response of the assist call. + GoogleCloudDiscoveryengineV1AssistantContentBlob: + description: Inline blob. + properties: + data: + description: Required. Raw bytes. + type: string + format: byte + mimeType: + description: Required. The media type (MIME type) of the generated data. + type: string + id: GoogleCloudDiscoveryengineV1AssistantContentBlob + type: object + GoogleCloudDiscoveryengineV1alphaSearchLinkPromotion: + id: GoogleCloudDiscoveryengineV1alphaSearchLinkPromotion + description: >- + Promotion proto includes uri and other helping information to display + the promotion. + properties: + document: description: >- - Specifies whether to filter out queries that have low relevance. The - default value is `false`. If this field is set to `false`, all - search results are used regardless of relevance to generate answers. - If set to `true`, only queries with high relevance search results - will generate answers. - type: boolean - ignoreJailBreakingQuery: + Optional. The Document the user wants to promote. For site search, + leave unset and only populate uri. Can be set along with uri. + type: string + description: + type: string + description: 'Optional. The Promotion description. Maximum length: 200 characters.' + imageUri: + type: string + description: Optional. The promotion thumbnail image url. + uri: + type: string description: >- - Optional. Specifies whether to filter out jail-breaking queries. The - default value is `false`. Google employs search-query classification - to detect jail-breaking queries. No summary is returned if the - search query is classified as a jail-breaking query. A user might - add instructions to the query to change the tone, style, language, - content of the answer, or ask the model to act as a different - entity, e.g. "Reply in the tone of a competing company's CEO". If - this field is set to `true`, we skip generating summaries for - jail-breaking queries and return fallback messages instead. + Optional. The URL for the page the user wants to promote. Must be + set for site search. For other verticals, this is optional. + enabled: type: boolean - multimodalSpec: - description: Optional. Multimodal specification. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecMultiModalSpec - modelPromptSpec: - description: >- - If specified, the spec will be used to modify the prompt provided to - the LLM. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecModelPromptSpec - languageCode: description: >- - Language code for Summary. Use language tags defined by - [BCP47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). Note: This is - an experimental feature. + Optional. The enabled promotion will be returned for any serving + configs associated with the parent of the control this promotion is + attached to. This flag is used for basic site search only. + title: type: string - modelSpec: description: >- - If specified, the spec will be used to modify the model - specification provided to the LLM. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecModelSpec - useSemanticChunks: + Required. The title of the promotion. Maximum length: 160 + characters. + type: object + GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigMostPopularFeatureConfig: + properties: + timeWindowDays: + format: int64 description: >- - If true, answer will be generated from most relevant chunks from top - search results. This feature will improve summary quality. Note that - with this feature enabled, not all top search results will be - referenced and included in the reference list, so the citation - source index only points to the search results listed in the - reference list. - type: boolean - GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecMultiModalSpec: + The time window of which the engine is queried at training and + prediction time. Positive integers only. The value translates to the + last X days of events. Currently required for the + `most-popular-items` engine. + type: string id: >- - GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecMultiModalSpec + GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigMostPopularFeatureConfig + type: object description: >- - Multimodal specification: Will return an image from specified source. If - multiple sources are specified, the pick is a quality based decision. + Feature configurations that are required for creating a Most Popular + engine. + GoogleCloudDiscoveryengineV1alphaPurgeUserEventsResponse: + id: GoogleCloudDiscoveryengineV1alphaPurgeUserEventsResponse type: object properties: - imageSource: - description: Optional. Source of image returned in the answer. + purgeCount: type: string - enumDescriptions: - - >- - Unspecified image source (multimodal feature is disabled by - default). - - >- - Behavior when service determines the pick from all available - sources. - - Includes image from corpus in the answer. - - Triggers figure generation in the answer. - enum: - - IMAGE_SOURCE_UNSPECIFIED - - ALL_AVAILABLE_SOURCES - - CORPUS_IMAGE_ONLY - - FIGURE_GENERATION_ONLY - GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecModelPromptSpec: - id: >- - GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecModelPromptSpec - description: Specification of the prompt to use with the model. - type: object + format: int64 + description: The total count of events purged as a result of the operation. + description: >- + Response of the PurgeUserEventsRequest. If the long running operation is + successfully done, then this message is returned by the + google.longrunning.Operations.response field. + GoogleCloudDiscoveryengineV1alphaCreateEngineMetadata: + description: >- + Metadata related to the progress of the EngineService.CreateEngine + operation. This will be returned by the + google.longrunning.Operation.metadata field. properties: - preamble: + createTime: + type: string + format: google-datetime + description: Operation create time. + updateTime: + format: google-datetime description: >- - Text at the beginning of the prompt that instructs the assistant. - Examples are available in the user guide. + Operation last update time. If the operation is done, this is also + the finish time. type: string - GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecModelSpec: - id: >- - GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecModelSpec - description: Specification of the model. type: object + id: GoogleCloudDiscoveryengineV1alphaCreateEngineMetadata + GoogleCloudDiscoveryengineV1betaCreateDataStoreMetadata: + properties: + createTime: + description: Operation create time. + type: string + format: google-datetime + updateTime: + type: string + format: google-datetime + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + id: GoogleCloudDiscoveryengineV1betaCreateDataStoreMetadata + type: object + description: >- + Metadata related to the progress of the DataStoreService.CreateDataStore + operation. This will be returned by the + google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpecModelSpec: properties: version: + type: string description: >- The model version used to generate the summary. Supported values are: * `stable`: string. Default value when no value is specified. @@ -15430,3630 +16254,4256 @@ components: * `preview`: string. (Public preview) Uses a preview model. For more information, see [Answer generation model versions and lifecycle](https://cloud.google.com/generative-ai-app-builder/docs/answer-generation-models). - type: string - GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecExtractiveContentSpec: + description: Specification of the model. + type: object id: >- - GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecExtractiveContentSpec - description: >- - A specification for configuring the extractive content in a search - response. + GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpecModelSpec + GoogleCloudDiscoveryengineV1Assistant: + description: Discovery Engine Assistant resource. type: object properties: - maxExtractiveAnswerCount: + enabledTools: + additionalProperties: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AssistantToolList' + type: object description: >- - The maximum number of extractive answers returned in each search - result. An extractive answer is a verbatim answer extracted from the - original document, which provides a precise and contextually - relevant answer to the search query. If the number of matching - answers is less than the `max_extractive_answer_count`, return all - of the answers. Otherwise, return the `max_extractive_answer_count`. - At most five answers are returned for each SearchResult. - type: integer - format: int32 - maxExtractiveSegmentCount: + Optional. Note: not implemented yet. Use enabled_actions instead. + The enabled tools on this assistant. The keys are connector name, + for example + "projects/{projectId}/locations/{locationId}/collections/{collectionId}/dataconnector + The values consist of admin enabled tools towards the connector + instance. Admin can selectively enable multiple tools on any of the + connector instances that they created in the project. For example + {"jira1ConnectorName": [(toolId1, "createTicket"), (toolId2, + "transferTicket")], "gmail1ConnectorName": [(toolId3, + "sendEmail"),..] } + description: + type: string description: >- - The max number of extractive segments returned in each search - result. Only applied if the DataStore is set to - DataStore.ContentConfig.CONTENT_REQUIRED or DataStore.solution_types - is SOLUTION_TYPE_CHAT. An extractive segment is a text segment - extracted from the original document that is relevant to the search - query, and, in general, more verbose than an extractive answer. The - segment could then be used as input for LLMs to generate summaries - and answers. If the number of matching segments is less than - `max_extractive_segment_count`, return all of the segments. - Otherwise, return the `max_extractive_segment_count`. - type: integer - format: int32 - returnExtractiveSegmentScore: + Optional. Description for additional information. Expected to be + shown on the configuration UI, not to the users of the assistant. + name: description: >- - Specifies whether to return the confidence score from the extractive - segments in each search result. This feature is available only for - new or allowlisted data stores. To allowlist your data store, - contact your Customer Engineer. The default value is `false`. - type: boolean - numPreviousSegments: + Immutable. Resource name of the assistant. Format: + `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}/assistants/{assistant}` + It must be a UTF-8 encoded string with a length limit of 1024 + characters. + type: string + webGroundingType: + description: Optional. The type of web grounding to use. + enumDescriptions: + - Default, unspecified setting. This is the same as disabled. + - Web grounding is disabled. + - Grounding with Google Search is enabled. + - Grounding with Enterprise Web Search is enabled. + type: string + enum: + - WEB_GROUNDING_TYPE_UNSPECIFIED + - WEB_GROUNDING_TYPE_DISABLED + - WEB_GROUNDING_TYPE_GOOGLE_SEARCH + - WEB_GROUNDING_TYPE_ENTERPRISE_WEB_SEARCH + customerPolicy: + description: Optional. Customer policy for the assistant. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AssistantCustomerPolicy + generationConfig: description: >- - Specifies whether to also include the adjacent from each selected - segments. Return at most `num_previous_segments` segments before - each selected segments. - type: integer - format: int32 - numNextSegments: + Optional. Configuration for the generation of the assistant + response. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AssistantGenerationConfig + displayName: description: >- - Return at most `num_next_segments` segments after each selected - segments. - type: integer - format: int32 - GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecChunkSpec: - id: GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecChunkSpec - description: >- - Specifies the chunk spec to be returned from the search response. Only - available if the SearchRequest.ContentSearchSpec.search_result_mode is - set to CHUNKS + Required. The assistant display name. It must be a UTF-8 encoded + string with a length limit of 128 characters. + type: string + id: GoogleCloudDiscoveryengineV1Assistant + GoogleCloudDiscoveryengineV1WidgetConfigCustomerProvidedConfig: + id: GoogleCloudDiscoveryengineV1WidgetConfigCustomerProvidedConfig type: object properties: - numPreviousChunks: + customerType: + type: string + enumDescriptions: + - Default customer type. + - >- + Government customer type. Some features are disabled for + government customers due to legal requirements. + description: Customer type. + enum: + - DEFAULT_CUSTOMER + - GOVERNMENT_CUSTOMER + description: Customer provided configurations. + GoogleCloudDiscoveryengineV1GcsSource: + properties: + dataSchema: description: >- - The number of previous chunks to be returned of the current chunk. - The maximum allowed value is 3. If not specified, no previous chunks - will be returned. - type: integer - format: int32 - numNextChunks: + The schema to use when parsing the data from the source. Supported + values for document imports: * `document` (default): One JSON + Document per line. Each document must have a valid Document.id. * + `content`: Unstructured data (e.g. PDF, HTML). Each file matched by + `input_uris` becomes a document, with the ID set to the first 128 + bits of SHA256(URI) encoded as a hex string. * `custom`: One custom + data JSON per row in arbitrary format that conforms to the defined + Schema of the data store. This can only be used by the GENERIC Data + Store vertical. * `csv`: A CSV file with header conforming to the + defined Schema of the data store. Each entry after the header is + imported as a Document. This can only be used by the GENERIC Data + Store vertical. Supported values for user event imports: * + `user_event` (default): One JSON UserEvent per line. + type: string + inputUris: + type: array description: >- - The number of next chunks to be returned of the current chunk. The - maximum allowed value is 3. If not specified, no next chunks will be - returned. - type: integer - format: int32 - GoogleCloudDiscoveryengineV1alphaSearchRequestEmbeddingSpec: - id: GoogleCloudDiscoveryengineV1alphaSearchRequestEmbeddingSpec + Required. Cloud Storage URIs to input files. Each URI can be up to + 2000 characters long. URIs can match the full object path (for + example, `gs://bucket/directory/object.json`) or a pattern matching + one or more files, such as `gs://bucket/directory/*.json`. A request + can contain at most 100 files (or 100,000 files if `data_schema` is + `content`). Each file can be up to 2 GB (or 100 MB if `data_schema` + is `content`). + items: + type: string + description: Cloud Storage location for input content. + id: GoogleCloudDiscoveryengineV1GcsSource + type: object + GoogleCloudDiscoveryengineV1ControlSynonymsAction: description: >- - The specification that uses customized query embedding vector to do - semantic document retrieval. + Creates a set of terms that will act as synonyms of one another. + Example: "happy" will also be considered as "glad", "glad" will also be + considered as "happy". + id: GoogleCloudDiscoveryengineV1ControlSynonymsAction type: object properties: - embeddingVectors: - description: The embedding vector used for retrieval. Limit to 1. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestEmbeddingSpecEmbeddingVector - GoogleCloudDiscoveryengineV1alphaSearchRequestEmbeddingSpecEmbeddingVector: - id: >- - GoogleCloudDiscoveryengineV1alphaSearchRequestEmbeddingSpecEmbeddingVector - description: Embedding vector. - type: object - properties: - fieldPath: - description: Embedding field path in schema. - type: string - vector: - description: Query embedding vector. - type: array - items: - type: number - format: float - GoogleCloudDiscoveryengineV1alphaSearchRequestNaturalLanguageQueryUnderstandingSpec: - id: >- - GoogleCloudDiscoveryengineV1alphaSearchRequestNaturalLanguageQueryUnderstandingSpec - description: >- - Specification to enable natural language understanding capabilities for - search requests. - type: object - properties: - filterExtractionCondition: - description: >- - The condition under which filter extraction should occur. Server - behavior defaults to `DISABLED`. - type: string - enumDescriptions: - - Server behavior defaults to `DISABLED`. - - Disables NL filter extraction. - - Enables NL filter extraction. - enum: - - CONDITION_UNSPECIFIED - - DISABLED - - ENABLED - geoSearchQueryDetectionFieldNames: - description: >- - Field names used for location-based filtering, where geolocation - filters are detected in natural language search queries. Only valid - when the FilterExtractionCondition is set to `ENABLED`. If this - field is set, it overrides the field names set in - ServingConfig.geo_search_query_detection_field_names. - type: array + synonyms: items: type: string - extractedFilterBehavior: - description: >- - Optional. Controls behavior of how extracted filters are applied to - the search. The default behavior depends on the request. For single - datastore structured search, the default is `HARD_FILTER`. For - multi-datastore search, the default behavior is `SOFT_BOOST`. - Location-based filters are always applied as hard filters, and the - `SOFT_BOOST` setting will not affect them. This field is only used - if - SearchRequest.natural_language_query_understanding_spec.filter_extraction_condition - is set to FilterExtractionCondition.ENABLED. - type: string - enumDescriptions: - - >- - `EXTRACTED_FILTER_BEHAVIOR_UNSPECIFIED` will use the default - behavior for extracted filters. For single datastore search, the - default is to apply as hard filters. For multi-datastore search, - the default is to apply as soft boosts. - - >- - Applies all extracted filters as hard filters on the results. - Results that do not pass the extracted filters will not be - returned in the result set. - - >- - Applies all extracted filters as soft boosts. Results that pass - the filters will be boosted up to higher ranks in the result set. - enum: - - EXTRACTED_FILTER_BEHAVIOR_UNSPECIFIED - - HARD_FILTER - - SOFT_BOOST - GoogleCloudDiscoveryengineV1alphaSearchRequestSearchAsYouTypeSpec: - id: GoogleCloudDiscoveryengineV1alphaSearchRequestSearchAsYouTypeSpec - description: Specification for search as you type in search requests. - type: object - properties: - condition: - description: >- - The condition under which search as you type should occur. Default - to Condition.DISABLED. - type: string - enumDescriptions: - - Server behavior defaults to Condition.DISABLED. - - Disables Search As You Type. - - Enables Search As You Type. - - >- - Automatic switching between search-as-you-type and standard search - modes, ideal for single-API implementations (e.g., debouncing). - enum: - - CONDITION_UNSPECIFIED - - DISABLED - - ENABLED - - AUTO - GoogleCloudDiscoveryengineV1alphaCustomFineTuningSpec: - id: GoogleCloudDiscoveryengineV1alphaCustomFineTuningSpec - description: Defines custom fine tuning spec. - type: object - properties: - enableSearchAdaptor: + type: array description: >- - Whether or not to enable and include custom fine tuned search - adaptor model. - type: boolean - GoogleCloudDiscoveryengineV1alphaSearchRequestDisplaySpec: - id: GoogleCloudDiscoveryengineV1alphaSearchRequestDisplaySpec - description: Specifies features for display, like match highlighting. - type: object - properties: - matchHighlightingCondition: - description: The condition under which match highlighting should occur. - type: string - enumDescriptions: - - Server behavior is the same as `MATCH_HIGHLIGHTING_DISABLED`. - - Disables match highlighting on all documents. - - Enables match highlighting on all documents. - enum: - - MATCH_HIGHLIGHTING_CONDITION_UNSPECIFIED - - MATCH_HIGHLIGHTING_DISABLED - - MATCH_HIGHLIGHTING_ENABLED - GoogleCloudDiscoveryengineV1alphaSearchRequestSessionSpec: - id: GoogleCloudDiscoveryengineV1alphaSearchRequestSessionSpec + Defines a set of synonyms. Can specify up to 100 synonyms. Must + specify at least 2 synonyms. Otherwise an INVALID ARGUMENT error is + thrown. + GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfig: + id: GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfig description: >- - Session specification. Multi-turn Search feature is currently at private - GA stage. Please use v1alpha or v1beta version instead before we launch - this feature to public GA. Or ask for allowlisting through Google - Support team. + A singleton resource of DataStore. If it's empty when DataStore is + created and DataStore is set to + DataStore.ContentConfig.CONTENT_REQUIRED, the default parser will + default to digital parser. type: object properties: - queryId: + name: description: >- - If set, the search result gets stored to the "turn" specified by - this query ID. Example: Let's say the session looks like this: - session { name: ".../sessions/xxx" turns { query { text: "What is - foo?" query_id: ".../questions/yyy" } answer: "Foo is ..." } turns { - query { text: "How about bar then?" query_id: ".../questions/zzz" } - } } The user can call /search API with a request like this: session: - ".../sessions/xxx" session_spec { query_id: ".../questions/zzz" } - Then, the API stores the search result, associated with the last - turn. The stored search result can be used by a subsequent /answer - API call (with the session ID and the query ID specified). Also, it - is possible to call /search and /answer in parallel with the same - session ID & query ID. + The full resource name of the Document Processing Config. Format: + `projects/*/locations/*/collections/*/dataStores/*/documentProcessingConfig`. type: string - searchResultPersistenceCount: + chunkingConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigChunkingConfig + description: Whether chunking mode is enabled. + defaultParsingConfig: description: >- - The number of top search results to persist. The persisted search - results can be used for the subsequent /answer api call. This field - is similar to the `summary_result_count` field in - SearchRequest.ContentSearchSpec.SummarySpec.summary_result_count. At - most 10 results for documents mode, or 50 for chunks mode. - type: integer - format: int32 - GoogleCloudDiscoveryengineV1alphaSearchRequestPersonalizationSpec: - id: GoogleCloudDiscoveryengineV1alphaSearchRequestPersonalizationSpec - description: The specification for personalization. - type: object - properties: - mode: + Configurations for default Document parser. If not specified, we + will configure it as default DigitalParsingConfig, and the default + parsing config will be applied to all file types for Document + parsing. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfig + parsingConfigOverrides: + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfig + type: object description: >- - The personalization mode of the search request. Defaults to - Mode.AUTO. - type: string - enumDescriptions: - - >- - Default value. In this case, server behavior defaults to - Mode.AUTO. - - Personalization is enabled if data quality requirements are met. - - Disable personalization. - enum: - - MODE_UNSPECIFIED - - AUTO - - DISABLED - GoogleCloudDiscoveryengineV1alphaSearchRequestRelevanceScoreSpec: - id: GoogleCloudDiscoveryengineV1alphaSearchRequestRelevanceScoreSpec - description: The specification for returning the document relevance score. - type: object + Map from file type to override the default parsing configuration + based on the file type. Supported keys: * `pdf`: Override parsing + config for PDF files, either digital parsing, ocr parsing or layout + parsing is supported. * `html`: Override parsing config for HTML + files, only digital parsing and layout parsing are supported. * + `docx`: Override parsing config for DOCX files, only digital parsing + and layout parsing are supported. * `pptx`: Override parsing config + for PPTX files, only digital parsing and layout parsing are + supported. * `xlsm`: Override parsing config for XLSM files, only + digital parsing and layout parsing are supported. * `xlsx`: Override + parsing config for XLSX files, only digital parsing and layout + parsing are supported. + GoogleCloudDiscoveryengineV1PurgeUserEventsRequest: properties: - returnRelevanceScore: + force: description: >- - Optional. Whether to return the relevance score for search results. - The higher the score, the more relevant the document is to the - query. + The `force` field is currently not supported. Purge user event + requests will permanently delete all purgeable events. Once the + development is complete: If `force` is set to false, the method will + return the expected purge count without deleting any user events. + This field will default to false if not included in the request. type: boolean - GoogleCloudDiscoveryengineV1alphaEvaluationEvaluationSpecQuerySetSpec: - id: GoogleCloudDiscoveryengineV1alphaEvaluationEvaluationSpecQuerySetSpec - description: Describes the specification of the query set. - type: object - properties: - sampleQuerySet: + filter: description: >- - Optional. The full resource name of the SampleQuerySet used for the - evaluation, in the format of - `projects/{project}/locations/{location}/sampleQuerySets/{sampleQuerySet}`. + Required. The filter string to specify the events to be deleted with + a length limit of 5,000 characters. The eligible fields for + filtering are: * `eventType`: Double quoted UserEvent.event_type + string. * `eventTime`: in ISO 8601 "zulu" format. * `userPseudoId`: + Double quoted string. Specifying this will delete all events + associated with a visitor. * `userId`: Double quoted string. + Specifying this will delete all events associated with a user. Note: + This API only supports purging a max range of 30 days. Examples: * + Deleting all events in a time range: `eventTime > + "2012-04-23T18:25:43.511Z" eventTime < "2012-04-23T18:30:43.511Z"` * + Deleting specific eventType in a time range: `eventTime > + "2012-04-23T18:25:43.511Z" eventTime < "2012-04-23T18:30:43.511Z" + eventType = "search"` * Deleting all events for a specific visitor + in a time range: `eventTime > "2012-04-23T18:25:43.511Z" eventTime < + "2012-04-23T18:30:43.511Z" userPseudoId = "visitor1024"` * Deleting + the past 30 days of events inside a DataStore: `*` The filtering + fields are assumed to have an implicit AND. type: string - GoogleCloudDiscoveryengineV1alphaQualityMetrics: - id: GoogleCloudDiscoveryengineV1alphaQualityMetrics - description: Describes the metrics produced by the evaluation. - type: object - properties: - docRecall: - description: >- - Recall per document, at various top-k cutoff levels. Recall is the - fraction of relevant documents retrieved out of all relevant - documents. Example (top-5): * For a single SampleQuery, If 3 out of - 5 relevant documents are retrieved in the top-5, recall@5 = 3/5 = - 0.6 - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaQualityMetricsTopkMetrics - docPrecision: - description: >- - Precision per document, at various top-k cutoff levels. Precision is - the fraction of retrieved documents that are relevant. Example - (top-5): * For a single SampleQuery, If 4 out of 5 retrieved - documents in the top-5 are relevant, precision@5 = 4/5 = 0.8 - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaQualityMetricsTopkMetrics - docNdcg: - description: >- - Normalized discounted cumulative gain (NDCG) per document, at - various top-k cutoff levels. NDCG measures the ranking quality, - giving higher relevance to top results. Example (top-3): Suppose - SampleQuery with three retrieved documents (D1, D2, D3) and binary - relevance judgements (1 for relevant, 0 for not relevant): - Retrieved: [D3 (0), D1 (1), D2 (1)] Ideal: [D1 (1), D2 (1), D3 (0)] - Calculate NDCG@3 for each SampleQuery: * DCG@3: 0/log2(1+1) + - 1/log2(2+1) + 1/log2(3+1) = 1.13 * Ideal DCG@3: 1/log2(1+1) + - 1/log2(2+1) + 0/log2(3+1) = 1.63 * NDCG@3: 1.13/1.63 = 0.693 - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaQualityMetricsTopkMetrics - pageRecall: - description: >- - Recall per page, at various top-k cutoff levels. Recall is the - fraction of relevant pages retrieved out of all relevant pages. - Example (top-5): * For a single SampleQuery, if 3 out of 5 relevant - pages are retrieved in the top-5, recall@5 = 3/5 = 0.6 - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaQualityMetricsTopkMetrics - pageNdcg: - description: >- - Normalized discounted cumulative gain (NDCG) per page, at various - top-k cutoff levels. NDCG measures the ranking quality, giving - higher relevance to top results. Example (top-3): Suppose - SampleQuery with three retrieved pages (P1, P2, P3) and binary - relevance judgements (1 for relevant, 0 for not relevant): - Retrieved: [P3 (0), P1 (1), P2 (1)] Ideal: [P1 (1), P2 (1), P3 (0)] - Calculate NDCG@3 for SampleQuery: * DCG@3: 0/log2(1+1) + 1/log2(2+1) - + 1/log2(3+1) = 1.13 * Ideal DCG@3: 1/log2(1+1) + 1/log2(2+1) + - 0/log2(3+1) = 1.63 * NDCG@3: 1.13/1.63 = 0.693 - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaQualityMetricsTopkMetrics - GoogleCloudDiscoveryengineV1alphaQualityMetricsTopkMetrics: - id: GoogleCloudDiscoveryengineV1alphaQualityMetricsTopkMetrics - description: Stores the metric values at specific top-k levels. - type: object - properties: - top1: - description: The top-1 value. - type: number - format: double - top3: - description: The top-3 value. - type: number - format: double - top5: - description: The top-5 value. - type: number - format: double - top10: - description: The top-10 value. - type: number - format: double - GoogleCloudDiscoveryengineV1alphaExportMetricsMetadata: - id: GoogleCloudDiscoveryengineV1alphaExportMetricsMetadata - description: >- - Metadata related to the progress of the Export operation. This is - returned by the google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1PurgeUserEventsRequest type: object + description: Request message for PurgeUserEvents method. + GoogleCloudDiscoveryengineV1betaDeleteSitemapMetadata: properties: createTime: - description: Operation create time. type: string format: google-datetime + description: Operation create time. updateTime: + type: string description: >- Operation last update time. If the operation is done, this is also the finish time. - type: string format: google-datetime - GoogleCloudDiscoveryengineV1alphaExportMetricsResponse: - id: GoogleCloudDiscoveryengineV1alphaExportMetricsResponse + id: GoogleCloudDiscoveryengineV1betaDeleteSitemapMetadata description: >- - Response of the ExportMetricsRequest. If the long running operation was - successful, then this message is returned by the - google.longrunning.Operations.response field. - type: object - properties: {} - GoogleCloudDiscoveryengineV1alphaGetSessionRequest: - id: GoogleCloudDiscoveryengineV1alphaGetSessionRequest - description: Request for GetSession method. + Metadata related to the progress of the + SiteSearchEngineService.DeleteSitemap operation. This will be returned + by the google.longrunning.Operation.metadata field. type: object - properties: - name: - description: >- - Required. The resource name of the Session to get. Format: - `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store_id}/sessions/{session_id}` - type: string - includeAnswerDetails: - description: >- - Optional. If set to true, the full session including all answer - details will be returned. - type: boolean - GoogleCloudDiscoveryengineV1alphaGetUriPatternDocumentDataResponse: - id: GoogleCloudDiscoveryengineV1alphaGetUriPatternDocumentDataResponse + GoogleCloudDiscoveryengineV1alphaDataConnector: description: >- - Response message for SiteSearchEngineService.GetUriPatternDocumentData - method. + Manages the connection to external data sources for all data stores + grouped under a Collection. It's a singleton resource of Collection. The + initialization is only supported through + DataConnectorService.SetUpDataConnector method, which will create a new + Collection and initialize its DataConnector. type: object + id: GoogleCloudDiscoveryengineV1alphaDataConnector properties: - documentDataMap: - description: >- - Document data keyed by URI pattern. For example: document_data_map = - { "www.url1.com/*": { "Categories": ["category1", "category2"] }, - "www.url2.com/*": { "Categories": ["category3"] } } + params: + description: Required data connector parameters in structured json format. type: object additionalProperties: - type: object - additionalProperties: - type: any - description: Properties of the object. - GoogleCloudDiscoveryengineV1alphaIdentityMappingEntryOperationMetadata: - id: GoogleCloudDiscoveryengineV1alphaIdentityMappingEntryOperationMetadata - description: >- - IdentityMappingEntry LongRunningOperation metadata for - IdentityMappingStoreService.ImportIdentityMappings and - IdentityMappingStoreService.PurgeIdentityMappings - type: object - properties: - successCount: - description: >- - The number of IdentityMappingEntries that were successfully - processed. - type: string - format: int64 - failureCount: - description: The number of IdentityMappingEntries that failed to be processed. - type: string - format: int64 - totalCount: - description: The total number of IdentityMappingEntries that were processed. - type: string - format: int64 - GoogleCloudDiscoveryengineV1alphaImportCompletionSuggestionsMetadata: - id: GoogleCloudDiscoveryengineV1alphaImportCompletionSuggestionsMetadata - description: >- - Metadata related to the progress of the ImportCompletionSuggestions - operation. This will be returned by the - google.longrunning.Operation.metadata field. - type: object - properties: - createTime: - description: Operation create time. + description: Properties of the object. + type: any + dataSource: type: string - format: google-datetime - updateTime: description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - successCount: - description: Count of CompletionSuggestions successfully imported. - type: string - format: int64 - failureCount: - description: Count of CompletionSuggestions that failed to be imported. - type: string - format: int64 - GoogleCloudDiscoveryengineV1alphaImportCompletionSuggestionsResponse: - id: GoogleCloudDiscoveryengineV1alphaImportCompletionSuggestionsResponse - description: >- - Response of the CompletionService.ImportCompletionSuggestions method. If - the long running operation is done, this message is returned by the - google.longrunning.Operations.response field if the operation is - successful. - type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. + Required. The name of the data source. Supported values: + `salesforce`, `jira`, `confluence`, `bigquery`. + destinationConfigs: type: array + description: >- + Optional. Any target destinations used to connect to third-party + services. items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorConfig: - description: The desired location of errors incurred during the Import. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaImportErrorConfig - GoogleCloudDiscoveryengineV1alphaImportErrorConfig: - id: GoogleCloudDiscoveryengineV1alphaImportErrorConfig - description: Configuration of destination for Import related errors. - type: object - properties: - gcsPrefix: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDestinationConfig + incrementalRefreshInterval: description: >- - Cloud Storage prefix for import errors. This must be an empty, - existing Cloud Storage directory. Import errors are written to - sharded files in this directory, one per line, as a JSON-encoded - `google.rpc.Status` message. - type: string - GoogleCloudDiscoveryengineV1alphaImportDocumentsMetadata: - id: GoogleCloudDiscoveryengineV1alphaImportDocumentsMetadata - description: >- - Metadata related to the progress of the ImportDocuments operation. This - is returned by the google.longrunning.Operation.metadata field. - type: object - properties: - createTime: - description: Operation create time. + Optional. The refresh interval specifically for incremental data + syncs. If unset, incremental syncs will use the default from env, + set to 3hrs. The minimum is 30 minutes and maximum is 7 days. + Applicable to only 3P connectors. When the refresh interval is set + to the same value as the incremental refresh interval, incremental + sync will be disabled. type: string - format: google-datetime - updateTime: + format: google-duration + connectorModes: description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - successCount: - description: Count of entries that were processed successfully. - type: string - format: int64 - failureCount: - description: Count of entries that encountered errors while processing. - type: string - format: int64 - totalCount: - description: Total count of entries that were processed. - type: string - format: int64 - GoogleCloudDiscoveryengineV1alphaImportDocumentsResponse: - id: GoogleCloudDiscoveryengineV1alphaImportDocumentsResponse - description: >- - Response of the ImportDocumentsRequest. If the long running operation is - done, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. - type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. + Optional. The modes enabled for this connector. Default state is + CONNECTOR_MODE_UNSPECIFIED. type: array items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorConfig: - description: >- - Echoes the destination for the complete errors in the request if - set. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaImportErrorConfig - GoogleCloudDiscoveryengineV1alphaImportIdentityMappingsResponse: - id: GoogleCloudDiscoveryengineV1alphaImportIdentityMappingsResponse - description: Response message for IdentityMappingStoreService.ImportIdentityMappings - type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1alphaImportSampleQueriesMetadata: - id: GoogleCloudDiscoveryengineV1alphaImportSampleQueriesMetadata - description: >- - Metadata related to the progress of the ImportSampleQueries operation. - This will be returned by the google.longrunning.Operation.metadata - field. - type: object - properties: - createTime: - description: ImportSampleQueries operation create time. - type: string - format: google-datetime - updateTime: + type: string + enum: + - CONNECTOR_MODE_UNSPECIFIED + - DATA_INGESTION + - ACTIONS + - FEDERATED + - EUA + - FEDERATED_AND_EUA + enumDescriptions: + - Connector mode unspecified. + - Connector utilized for data ingestion. + - Connector utilized for actions. + - Connector utilized for federated search. + - Connector utilized for End User Authentication. + - >- + Hybrid connector utilized for federated search and End User + Authentication. + kmsKeyName: description: >- - ImportSampleQueries operation last update time. If the operation is - done, this is also the finish time. - type: string - format: google-datetime - successCount: - description: Count of SampleQuerys successfully imported. + Input only. The KMS key to be used to protect the DataStores managed + by this connector. Must be set for requests that need to comply with + CMEK Org Policy protections. If this field is set and processed + successfully, the DataStores created by this connector will be + protected by the KMS key. type: string - format: int64 - failureCount: - description: Count of SampleQuerys that failed to be imported. + incrementalSyncDisabled: + description: >- + Optional. Indicates whether incremental syncs are paused for this + connector. This is independent of auto_run_disabled. Applicable to + only 3P connectors. When the refresh interval is set to the same + value as the incremental refresh interval, incremental sync will be + disabled, i.e. set to true. + type: boolean + state: type: string - format: int64 - totalCount: - description: Total count of SampleQuerys that were processed. + description: Output only. State of the connector. + readOnly: true + enumDescriptions: + - Default value. + - The connector is being set up. + - The connector is successfully set up and awaiting next sync run. + - >- + The connector is in error. The error details can be found in + DataConnector.errors. If the error is unfixable, the DataConnector + can be deleted by [CollectionService.DeleteCollection] API. + - The connector is actively syncing records from the data source. + - >- + The connector has completed a sync run, but encountered non-fatal + errors. + - >- + Connector initialization failed. Potential causes include runtime + errors or issues in the asynchronous pipeline, preventing the + request from reaching downstream services (except for some + connector types). + - Connector is in the process of an update. + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - FAILED + - RUNNING + - WARNING + - INITIALIZATION_FAILED + - UPDATING + refreshInterval: + format: google-duration type: string - format: int64 - GoogleCloudDiscoveryengineV1alphaImportSampleQueriesResponse: - id: GoogleCloudDiscoveryengineV1alphaImportSampleQueriesResponse - description: >- - Response of the SampleQueryService.ImportSampleQueries method. If the - long running operation is done, this message is returned by the - google.longrunning.Operations.response field if the operation is - successful. - type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array + description: >- + Required. The refresh interval for data sync. If duration is set to + 0, the data will be synced in real time. The streaming feature is + not supported yet. The minimum is 30 minutes and maximum is 7 days. + When the refresh interval is set to the same value as the + incremental refresh interval, incremental sync will be disabled. + entities: + description: List of entities from the connected data source to ingest. items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorConfig: - description: The desired location of errors incurred during the Import. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaImportErrorConfig - GoogleCloudDiscoveryengineV1alphaImportSuggestionDenyListEntriesMetadata: - id: GoogleCloudDiscoveryengineV1alphaImportSuggestionDenyListEntriesMetadata - description: >- - Metadata related to the progress of the ImportSuggestionDenyListEntries - operation. This is returned by the google.longrunning.Operation.metadata - field. - type: object - properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDataConnectorSourceEntity + type: array + staticIpEnabled: + type: boolean description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string + Optional. Whether customer has enabled static IP addresses for this + connector. + lastSyncTime: format: google-datetime - GoogleCloudDiscoveryengineV1alphaImportSuggestionDenyListEntriesResponse: - id: GoogleCloudDiscoveryengineV1alphaImportSuggestionDenyListEntriesResponse - description: >- - Response message for CompletionService.ImportSuggestionDenyListEntries - method. - type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - importedEntriesCount: - description: Count of deny list entries successfully imported. - type: string - format: int64 - failedEntriesCount: - description: Count of deny list entries that failed to be imported. + readOnly: true + description: >- + Output only. For periodic connectors only, the last time a data sync + was completed. type: string - format: int64 - GoogleCloudDiscoveryengineV1alphaImportUserEventsMetadata: - id: GoogleCloudDiscoveryengineV1alphaImportUserEventsMetadata - description: >- - Metadata related to the progress of the Import operation. This is - returned by the google.longrunning.Operation.metadata field. - type: object - properties: - createTime: - description: Operation create time. + connectorType: type: string - format: google-datetime - updateTime: description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string + Output only. The type of connector. Each source can only map to one + type. For example, salesforce, confluence and jira have THIRD_PARTY + connector type. It is not mutable once set by system. + readOnly: true + enum: + - CONNECTOR_TYPE_UNSPECIFIED + - THIRD_PARTY + - GCP_FHIR + - BIG_QUERY + - GCS + - GOOGLE_MAIL + - GOOGLE_CALENDAR + - GOOGLE_DRIVE + - NATIVE_CLOUD_IDENTITY + - THIRD_PARTY_FEDERATED + - THIRD_PARTY_EUA + - GCNV + enumDescriptions: + - Default value. + - Third party connector to connector to third party application. + - Data connector connects between FHIR store and VAIS datastore. + - Big query connector. + - Google Cloud Storage connector. + - Gmail connector. + - Google Calendar connector. + - Google Drive connector. + - >- + Native Cloud Identity connector for people search powered by + People API. + - >- + Federated connector, it is a third party connector that doesn't + ingestion data, and search is powered by third party application's + API. + - Connector utilized for End User Authentication features. + - Google Cloud NetApp Volumes connector. + latestPauseTime: + description: >- + Output only. The most recent timestamp when this DataConnector was + paused, affecting all functionalities such as data synchronization. + Pausing a connector has the following effects: - All + functionalities, including data synchronization, are halted. - Any + ongoing data synchronization job will be canceled. - No future data + synchronization runs will be scheduled nor can be triggered. + readOnly: true format: google-datetime - successCount: - description: Count of entries that were processed successfully. type: string - format: int64 - failureCount: - description: Count of entries that encountered errors while processing. + createTime: type: string - format: int64 - GoogleCloudDiscoveryengineV1alphaImportUserEventsResponse: - id: GoogleCloudDiscoveryengineV1alphaImportUserEventsResponse - description: >- - Response of the ImportUserEventsRequest. If the long running operation - was successful, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. - type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorConfig: + format: google-datetime + readOnly: true + description: Output only. Timestamp the DataConnector was created at. + nextSyncTime: description: >- - Echoes the destination for the complete errors if this field was set - in the request. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaImportErrorConfig - joinedEventsCount: - description: Count of user events imported with complete existing Documents. + Defines the scheduled time for the next data synchronization. This + field requires hour , minute, and time_zone from the [IANA Time Zone + Database](https://www.iana.org/time-zones). This is utilized when + the data connector has a refresh interval greater than 1 day. When + the hours or minutes are not specified, we will assume a sync time + of 0:00. The user must provide a time zone to avoid ambiguity. + $ref: '#/components/schemas/GoogleTypeDateTime' + jsonParams: + description: Required data connector parameters in json string format. type: string - format: int64 - unjoinedEventsCount: + aclEnabled: description: >- - Count of user events imported, but with Document information not - found in the existing Branch. - type: string - format: int64 - GoogleCloudDiscoveryengineV1alphaListSessionsRequest: - id: GoogleCloudDiscoveryengineV1alphaListSessionsRequest - description: Request for ListSessions method. - type: object - properties: - parent: + Optional. Whether the connector will be created with an ACL config. + Currently this field only affects Cloud Storage and BigQuery + connectors. + type: boolean + endUserConfig: description: >- - Required. The data store resource name. Format: - `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store_id}` + Optional. Any params and credentials used specifically for EUA + connectors. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDataConnectorEndUserConfig + identityRefreshInterval: + deprecated: true type: string - pageSize: description: >- - Maximum number of results to return. If unspecified, defaults to 50. - Max allowed value is 1000. - type: integer - format: int32 - pageToken: + The refresh interval to sync the Access Control List information for + the documents ingested by this connector. If not set, the access + control list will be refreshed at the default interval of 30 + minutes. The identity refresh interval can be at least 30 minutes + and at most 7 days. + format: google-duration + removeParamKeys: description: >- - A page token, received from a previous `ListSessions` call. Provide - this to retrieve the subsequent page. - type: string - filter: + Optional. Specifies keys to be removed from the 'params' field. This + is only active when 'params' is included in the 'update_mask' in an + UpdateDataConnectorRequest. Deletion takes precedence if a key is + both in 'remove_param_keys' and present in the 'params' field of the + request. + items: + type: string + type: array + errors: + type: array + readOnly: true description: >- - A comma-separated list of fields to filter by, in EBNF grammar. The - supported fields are: * `user_pseudo_id` * `state` * `display_name` - * `starred` * `is_pinned` * `labels` * `create_time` * `update_time` - Examples: * `user_pseudo_id = some_id` * `display_name = - "some_name"` * `starred = true` * `is_pinned=true AND (NOT - labels:hidden)` * `create_time > "1970-01-01T12:00:00Z"` - type: string - orderBy: + Output only. The errors from initialization or from the latest + connector run. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + createEuaSaas: description: >- - A comma-separated list of fields to order by, sorted in ascending - order. Use "desc" after a field name for descending. Supported - fields: * `update_time` * `create_time` * `session_name` * - `is_pinned` Example: * `update_time desc` * `create_time` * - `is_pinned desc,update_time desc`: list sessions by is_pinned first, - then by update_time. - type: string - GoogleCloudDiscoveryengineV1alphaListSessionsResponse: - id: GoogleCloudDiscoveryengineV1alphaListSessionsResponse - description: Response for ListSessions method. - type: object - properties: - sessions: - description: All the Sessions for a given data store. + Optional. Whether the END USER AUTHENTICATION connector is created + in SaaS. + type: boolean + alertPolicyConfigs: + description: Optional. The connector level alert config. type: array items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaSession' - nextPageToken: - description: Pagination token, if not returned indicates the last page. - type: string - GoogleCloudDiscoveryengineV1alphaSession: - id: GoogleCloudDiscoveryengineV1alphaSession - description: External session proto definition. - type: object - properties: - name: - description: >- - Immutable. Fully qualified name - `projects/{project}/locations/global/collections/{collection}/engines/{engine}/sessions/*` - type: string - displayName: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAlertPolicyConfig + actionState: + readOnly: true description: >- - Optional. The display name of the session. This field is used to - identify the session in the UI. By default, the display name is the - first turn query text in the session. - type: string - state: - description: The state of the session. - type: string + Output only. State of the action connector. This reflects whether + the action connector is initializing, active or has encountered + errors. enumDescriptions: - - State is unspecified. - - The session is currently open. + - Default value. + - The connector is being set up. + - The connector is successfully set up and awaiting next sync run. + - >- + The connector is in error. The error details can be found in + DataConnector.errors. If the error is unfixable, the DataConnector + can be deleted by [CollectionService.DeleteCollection] API. + - The connector is actively syncing records from the data source. + - >- + The connector has completed a sync run, but encountered non-fatal + errors. + - >- + Connector initialization failed. Potential causes include runtime + errors or issues in the asynchronous pipeline, preventing the + request from reaching downstream services (except for some + connector types). + - Connector is in the process of an update. enum: - STATE_UNSPECIFIED - - IN_PROGRESS - userPseudoId: - description: A unique identifier for tracking users. + - CREATING + - ACTIVE + - FAILED + - RUNNING + - WARNING + - INITIALIZATION_FAILED + - UPDATING type: string - turns: - description: Turns. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaSessionTurn' - startTime: - description: Output only. The time the session started. + name: + description: >- + Output only. The full resource name of the Data Connector. Format: + `projects/*/locations/*/collections/*/dataConnector`. readOnly: true type: string - format: google-datetime - endTime: - description: Output only. The time the session finished. - readOnly: true + realtimeSyncConfig: + description: Optional. The configuration for realtime sync. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDataConnectorRealtimeSyncConfig + privateConnectivityProjectId: type: string - format: google-datetime - isPinned: + readOnly: true description: >- - Optional. Whether the session is pinned, pinned session will be - displayed on the top of the session list. + Output only. The tenant project ID associated with private + connectivity connectors. This project must be allowlisted by in + order for the connector to function. + hybridIngestionDisabled: type: boolean - GoogleCloudDiscoveryengineV1alphaSessionTurn: - id: GoogleCloudDiscoveryengineV1alphaSessionTurn - description: >- - Represents a turn, including a query from the user and a answer from - service. - type: object - properties: - query: description: >- - Optional. The user query. May not be set if this turn is merely - regenerating an answer to a different turn - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaQuery' - answer: - description: >- - Optional. The resource name of the answer to the user query. Only - set if the answer generation (/answer API call) happened in this - turn. + Optional. If the connector is a hybrid connector, determines whether + ingestion is enabled and appropriate resources are provisioned + during connector creation. If the connector is not a hybrid + connector, this field is ignored. + syncMode: + description: The data synchronization mode supported by the data connector. + enumDescriptions: + - >- + The connector will sync data periodically based on the + refresh_interval. Use it with auto_run_disabled to pause the + periodic sync, or indicate a one-time sync. + - The data will be synced in real time. + - Connector that doesn't ingest data will have this value type: string - detailedAnswer: - description: >- - Output only. In ConversationalSearchService.GetSession API, if - GetSessionRequest.include_answer_details is set to true, this field - will be populated when getting answer query session. - readOnly: true - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswer' - queryConfig: - description: >- - Optional. Represents metadata related to the query config, for - example LLM model and version used, model parameters (temperature, - grounding parameters, etc.). The prefix "google." is reserved for - Google-developed functionality. - type: object - additionalProperties: + enum: + - PERIODIC + - STREAMING + - UNSPECIFIED + staticIpAddresses: + description: Output only. The static IP addresses used by this connector. + items: type: string - GoogleCloudDiscoveryengineV1alphaQuery: - id: GoogleCloudDiscoveryengineV1alphaQuery - description: Defines a user inputed query. - type: object - properties: - text: - description: Plain text. - type: string - queryId: - description: Output only. Unique Id for the query. readOnly: true - type: string - GoogleCloudDiscoveryengineV1alphaObtainCrawlRateResponse: - id: GoogleCloudDiscoveryengineV1alphaObtainCrawlRateResponse - description: >- - Response message for CrawlRateManagementService.ObtainCrawlRate method. - The response contains organcic or dedicated crawl rate time series data - for monitoring, depending on whether dedicated crawl rate is set. - type: object - properties: - organicCrawlRateTimeSeries: - description: >- - The historical organic crawl rate timeseries data, used for - monitoring. + type: array + realtimeState: + enumDescriptions: + - Default value. + - The connector is being set up. + - The connector is successfully set up and awaiting next sync run. + - >- + The connector is in error. The error details can be found in + DataConnector.errors. If the error is unfixable, the DataConnector + can be deleted by [CollectionService.DeleteCollection] API. + - The connector is actively syncing records from the data source. + - >- + The connector has completed a sync run, but encountered non-fatal + errors. + - >- + Connector initialization failed. Potential causes include runtime + errors or issues in the asynchronous pipeline, preventing the + request from reaching downstream services (except for some + connector types). + - Connector is in the process of an update. + description: Output only. real-time sync state + readOnly: true + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - FAILED + - RUNNING + - WARNING + - INITIALIZATION_FAILED + - UPDATING + type: string + blockingReasons: + type: array + readOnly: true + description: >- + Output only. User actions that must be completed before the + connector can start syncing data. + items: + type: string + enum: + - BLOCKING_REASON_UNSPECIFIED + - ALLOWLIST_STATIC_IP + - ALLOWLIST_IN_SERVICE_ATTACHMENT + - ALLOWLIST_SERVICE_ACCOUNT + enumDescriptions: + - Default value. + - Connector requires customer to allowlist static IPs. + - >- + Connector requires customer to allowlist our project in their + service attachment. + - >- + Connector requires customer to allowlist service account in + their project. + identityScheduleConfig: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaOrganicCrawlRateTimeSeries - dedicatedCrawlRateTimeSeries: + #/components/schemas/GoogleCloudDiscoveryengineV1alphaIdentityScheduleConfig description: >- - The historical dedicated crawl rate timeseries data, used for - monitoring. + The configuration for the identity data synchronization runs. This + contains the refresh interval to sync the Access Control List + information for the documents ingested by this connector. + autoRunDisabled: + type: boolean + description: >- + Optional. Indicates whether the connector is disabled for auto run. + It can be used to pause periodical and real time sync. Update: with + the introduction of incremental_sync_disabled, auto_run_disabled is + used to pause/disable only full syncs + actionConfig: + description: >- + Optional. Action configurations to make the connector support + actions. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaActionConfig' + federatedConfig: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaDedicatedCrawlRateTimeSeries + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDataConnectorFederatedConfig + description: >- + Optional. Any params and credentials used specifically for hybrid + connectors supporting FEDERATED mode. This field should only be set + if the connector is a hybrid connector and we want to enable + FEDERATED mode. + bapConfig: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaBAPConfig' + description: Optional. The configuration for establishing a BAP connection. + updateTime: + description: Output only. Timestamp the DataConnector was last updated. + type: string + readOnly: true + format: google-datetime + GoogleCloudDiscoveryengineV1betaObtainCrawlRateResponse: + type: object + description: >- + Response message for CrawlRateManagementService.ObtainCrawlRate method. + The response contains organcic or dedicated crawl rate time series data + for monitoring, depending on whether dedicated crawl rate is set. + properties: + organicCrawlRateTimeSeries: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaOrganicCrawlRateTimeSeries + description: >- + The historical organic crawl rate timeseries data, used for + monitoring. + error: + $ref: '#/components/schemas/GoogleRpcStatus' + description: Errors from service when handling the request. state: - description: Output only. The state of the response. readOnly: true + description: Output only. The state of the response. + enum: + - STATE_UNSPECIFIED + - SUCCEEDED + - FAILED type: string enumDescriptions: - The state is unspecified. - The state is successful. - The state is failed. - enum: - - STATE_UNSPECIFIED - - SUCCEEDED - - FAILED - error: - description: Errors from service when handling the request. - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1alphaOrganicCrawlRateTimeSeries: - id: GoogleCloudDiscoveryengineV1alphaOrganicCrawlRateTimeSeries - description: >- - The historical organic crawl rate timeseries data, used for monitoring. - Organic crawl is auto-determined by Google to crawl the user's website - when dedicate crawl is not set. Crawl rate is the QPS of crawl request - Google sends to the user's website. - type: object - properties: - googleOrganicCrawlRate: - description: >- - Google's organic crawl rate time series, which is the sum of all - googlebots' crawl rate. Please refer to - https://developers.google.com/search/docs/crawling-indexing/overview-google-crawlers - for more details about googlebots. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaCrawlRateTimeSeries - vertexAiOrganicCrawlRate: + dedicatedCrawlRateTimeSeries: description: >- - Vertex AI's organic crawl rate time series, which is the crawl rate - of Google-CloudVertexBot when dedicate crawl is not set. Please - refer to - https://developers.google.com/search/docs/crawling-indexing/google-common-crawlers#google-cloudvertexbot - for more details about Google-CloudVertexBot. + The historical dedicated crawl rate timeseries data, used for + monitoring. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaCrawlRateTimeSeries - GoogleCloudDiscoveryengineV1alphaCrawlRateTimeSeries: - id: GoogleCloudDiscoveryengineV1alphaCrawlRateTimeSeries - description: The historical crawl rate timeseries data, used for monitoring. - type: object - properties: - qpsTimeSeries: - description: The QPS of the crawl rate. - $ref: '#/components/schemas/GoogleMonitoringV3TimeSeries' - GoogleMonitoringV3TimeSeries: - id: GoogleMonitoringV3TimeSeries - description: >- - A collection of data points that describes the time-varying values of a - metric. A time series is identified by a combination of a - fully-specified monitored resource and a fully-specified metric. This - type is used for both listing and creating time series. + #/components/schemas/GoogleCloudDiscoveryengineV1betaDedicatedCrawlRateTimeSeries + id: GoogleCloudDiscoveryengineV1betaObtainCrawlRateResponse + GoogleCloudDiscoveryengineV1alphaControlBoostActionInterpolationBoostSpec: + id: >- + GoogleCloudDiscoveryengineV1alphaControlBoostActionInterpolationBoostSpec type: object properties: - metric: - description: >- - The associated metric. A fully-specified metric used to identify the - time series. - $ref: '#/components/schemas/GoogleApiMetric' - resource: - description: >- - The associated monitored resource. Custom metrics can use only - certain monitored resource types in their time series data. For more - information, see [Monitored resources for custom - metrics](https://cloud.google.com/monitoring/custom-metrics/creating-metrics#custom-metric-resources). - $ref: '#/components/schemas/GoogleApiMonitoredResource' - metadata: - description: >- - Output only. The associated monitored resource metadata. When - reading a time series, this field will include metadata labels that - are explicitly named in the reduction. When creating a time series, - this field is ignored. - $ref: '#/components/schemas/GoogleApiMonitoredResourceMetadata' - metricKind: + fieldName: description: >- - The metric kind of the time series. When listing time series, this - metric kind might be different from the metric kind of the - associated metric if this time series is an alignment or reduction - of other time series. When creating a time series, this field is - optional. If present, it must be the same as the metric kind of the - associated metric. If the associated metric's descriptor must be - auto-created, then this field specifies the metric kind of the new - descriptor and must be either `GAUGE` (the default) or `CUMULATIVE`. + Optional. The name of the field whose value will be used to + determine the boost amount. type: string + interpolationType: + enum: + - INTERPOLATION_TYPE_UNSPECIFIED + - LINEAR enumDescriptions: - - Do not use this default value. - - An instantaneous measurement of a value. - - The change in a value during a time interval. - >- - A value accumulated over a time interval. Cumulative measurements - in a time series should have the same start time and increasing - end times, until an event resets the cumulative value to zero and - sets a new start time for the following points. - enum: - - METRIC_KIND_UNSPECIFIED - - GAUGE - - DELTA - - CUMULATIVE - valueType: + Interpolation type is unspecified. In this case, it defaults to + Linear. + - Piecewise linear interpolation will be applied. + type: string description: >- - The value type of the time series. When listing time series, this - value type might be different from the value type of the associated - metric if this time series is an alignment or reduction of other - time series. When creating a time series, this field is optional. If - present, it must be the same as the type of the data in the `points` - field. + Optional. The interpolation type to be applied to connect the + control points listed below. + attributeType: type: string + description: >- + Optional. The attribute type to be used to determine the boost + amount. The attribute value can be derived from the field value of + the specified field_name. In the case of numerical it is + straightforward i.e. attribute_value = numerical_field_value. In the + case of freshness however, attribute_value = (time.now() - + datetime_field_value). enumDescriptions: - - Do not use this default value. + - Unspecified AttributeType. - >- - The value is a boolean. This value type can be used only if the - metric kind is `GAUGE`. - - The value is a signed 64-bit integer. - - The value is a double precision floating point number. + The value of the numerical field will be used to dynamically + update the boost amount. In this case, the attribute_value (the x + value) of the control point will be the actual value of the + numerical field for which the boost_amount is specified. - >- - The value is a text string. This value type can be used only if - the metric kind is `GAUGE`. - - The value is a `Distribution`. - - The value is money. + For the freshness use case the attribute value will be the + duration between the current time and the date in the datetime + field specified. The value must be formatted as an XSD + `dayTimeDuration` value (a restricted subset of an ISO 8601 + duration value). The pattern for this is: `nDnM]`. For example, + `5D`, `3DT12H30M`, `T24H`. enum: - - VALUE_TYPE_UNSPECIFIED - - BOOL - - INT64 - - DOUBLE - - STRING - - DISTRIBUTION - - MONEY - points: - description: >- - The data points of this time series. When listing time series, - points are returned in reverse time order. When creating a time - series, this field must contain exactly one point and the point's - type must be the same as the value type of the associated metric. If - the associated metric's descriptor must be auto-created, then the - value type of the descriptor is determined by the point's type, - which must be `BOOL`, `INT64`, `DOUBLE`, or `DISTRIBUTION`. + - ATTRIBUTE_TYPE_UNSPECIFIED + - NUMERICAL + - FRESHNESS + controlPoints: type: array items: - $ref: '#/components/schemas/GoogleMonitoringV3Point' - unit: - description: >- - The units in which the metric value is reported. It is only - applicable if the `value_type` is `INT64`, `DOUBLE`, or - `DISTRIBUTION`. The `unit` defines the representation of the stored - metric values. This field can only be changed through - CreateTimeSeries when it is empty. - type: string - description: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaControlBoostActionInterpolationBoostSpecControlPoint description: >- - Input only. A detailed description of the time series that will be - associated with the google.api.MetricDescriptor for the metric. Once - set, this field cannot be changed through CreateTimeSeries. - type: string - GoogleApiMetric: - id: GoogleApiMetric + Optional. The control points used to define the curve. The monotonic + function (defined through the interpolation_type above) passes + through the control points listed here. description: >- - A specific metric, identified by specifying values for all of the labels - of a `MetricDescriptor`. + Specification for custom ranking based on customer specified attribute + value. It provides more controls for customized ranking than the simple + (condition, boost) combination above. + GoogleCloudDiscoveryengineV1ConverseConversationResponse: + id: GoogleCloudDiscoveryengineV1ConverseConversationResponse + properties: + conversation: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + description: Updated conversation including the answer. + searchResults: + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSearchResult + type: array + description: Search Results. + reply: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Reply' + description: Answer to the current query. type: object + description: >- + Response message for ConversationalSearchService.ConverseConversation + method. + GoogleCloudDiscoveryengineV1alphaAnswerQueryUnderstandingInfoQueryClassificationInfo: properties: type: - description: >- - An existing metric type, see google.api.MetricDescriptor. For - example, `custom.googleapis.com/invoice/paid/amount`. type: string - labels: + enum: + - TYPE_UNSPECIFIED + - ADVERSARIAL_QUERY + - NON_ANSWER_SEEKING_QUERY + - JAIL_BREAKING_QUERY + - NON_ANSWER_SEEKING_QUERY_V2 + - USER_DEFINED_CLASSIFICATION_QUERY + description: Query classification type. + enumDescriptions: + - Unspecified query classification type. + - Adversarial query classification type. + - Non-answer-seeking query classification type, for chit chat. + - Jail-breaking query classification type. + - Non-answer-seeking query classification type, for no clear intent. + - User defined query classification type. + positive: + description: Classification output. + type: boolean + type: object + description: Query classification information. + id: >- + GoogleCloudDiscoveryengineV1alphaAnswerQueryUnderstandingInfoQueryClassificationInfo + GoogleCloudDiscoveryengineV1betaSearchRequestImageQuery: + id: GoogleCloudDiscoveryengineV1betaSearchRequestImageQuery + properties: + imageBytes: description: >- - The set of label values that uniquely identify this metric. All - labels listed in the `MetricDescriptor` must be assigned values. - type: object - additionalProperties: - type: string - GoogleApiMonitoredResource: - id: GoogleApiMonitoredResource + Base64 encoded image bytes. Supported image formats: JPEG, PNG, and + BMP. + type: string + type: object + description: Specifies the image query input. + GoogleCloudDiscoveryengineV1alphaControl: description: >- - An object representing a resource that can be used for monitoring, - logging, billing, or other purposes. Examples include virtual machine - instances, databases, and storage devices such as disks. The `type` - field identifies a MonitoredResourceDescriptor object that describes the - resource's schema. Information in the `labels` field identifies the - actual resource and its attributes according to the schema. For example, - a particular Compute Engine VM instance could be represented by the - following object, because the MonitoredResourceDescriptor for - `"gce_instance"` has labels `"project_id"`, `"instance_id"` and - `"zone"`: { "type": "gce_instance", "labels": { "project_id": - "my-project", "instance_id": "12345678901234", "zone": "us-central1-a" - }} + Defines a conditioned behavior to employ during serving. Must be + attached to a ServingConfig to be considered at serving time. Permitted + actions dependent on `SolutionType`. type: object + id: GoogleCloudDiscoveryengineV1alphaControl properties: - type: + name: description: >- - Required. The monitored resource type. This field must match the - `type` field of a MonitoredResourceDescriptor object. For example, - the type of a Compute Engine VM instance is `gce_instance`. Some - descriptors include the service name in the type; for example, the - type of a Datastream stream is `datastream.googleapis.com/Stream`. + Immutable. Fully qualified name + `projects/*/locations/global/dataStore/*/controls/*` type: string - labels: + associatedServingConfigIds: + type: array + items: + type: string description: >- - Required. Values for all of the labels listed in the associated - monitored resource descriptor. For example, Compute Engine VM - instances use the labels `"project_id"`, `"instance_id"`, and - `"zone"`. - type: object - additionalProperties: + Output only. List of all ServingConfig IDs this control is attached + to. May take up to 10 minutes to update after changes. + readOnly: true + synonymsAction: + description: Treats a group of terms as synonyms of one another. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaControlSynonymsAction + redirectAction: + description: Defines a redirect-type control. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaControlRedirectAction + filterAction: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaControlFilterAction + description: >- + Defines a filter-type control Currently not supported by + Recommendation + useCases: + description: >- + Specifies the use case for the control. Affects what condition + fields can be set. Only applies to SOLUTION_TYPE_SEARCH. Currently + only allow one use case per control. Must be set when solution_type + is SolutionType.SOLUTION_TYPE_SEARCH. + items: type: string - GoogleApiMonitoredResourceMetadata: - id: GoogleApiMonitoredResourceMetadata + enum: + - SEARCH_USE_CASE_UNSPECIFIED + - SEARCH_USE_CASE_SEARCH + - SEARCH_USE_CASE_BROWSE + enumDescriptions: + - Value used when unset. Will not occur in CSS. + - Search use case. Expects the traffic has a non-empty query. + - Browse use case. Expects the traffic has an empty query. + type: array + boostAction: + description: Defines a boost-type control + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaControlBoostAction + solutionType: + type: string + description: >- + Required. Immutable. What solution the control belongs to. Must be + compatible with vertical of resource. Otherwise an INVALID ARGUMENT + error is thrown. + enumDescriptions: + - Default value. + - Used for Recommendations AI. + - Used for Discovery Search. + - Used for use cases related to the Generative AI agent. + - >- + Used for use cases related to the Generative Chat agent. It's used + for Generative chat engine only, the associated data stores must + enrolled with `SOLUTION_TYPE_CHAT` solution. + enum: + - SOLUTION_TYPE_UNSPECIFIED + - SOLUTION_TYPE_RECOMMENDATION + - SOLUTION_TYPE_SEARCH + - SOLUTION_TYPE_CHAT + - SOLUTION_TYPE_GENERATIVE_CHAT + displayName: + description: >- + Required. Human readable name. The identifier used in UI views. Must + be UTF-8 encoded string. Length limit is 128 characters. Otherwise + an INVALID ARGUMENT error is thrown. + type: string + promoteAction: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaControlPromoteAction + description: Promote certain links based on predefined trigger queries. + conditions: + type: array + description: >- + Determines when the associated action will trigger. Omit to always + apply the action. Currently only a single condition may be + specified. Otherwise an INVALID ARGUMENT error is thrown. + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaCondition' + GoogleCloudDiscoveryengineV1Chunk: description: >- - Auxiliary metadata for a MonitoredResource object. MonitoredResource - objects contain the minimum set of information to uniquely identify a - monitored resource instance. There is some other useful auxiliary - metadata. Monitoring and Logging use an ingestion pipeline to extract - metadata for cloud resources of all types, and store the metadata in - this message. - type: object + Chunk captures all raw metadata information of items to be recommended + or searched in the chunk mode. + id: GoogleCloudDiscoveryengineV1Chunk properties: - systemLabels: + annotationMetadata: + readOnly: true description: >- - Output only. Values for predefined system metadata labels. System - labels are a kind of metadata extracted by Google, including - "machine_image", "vpc", "subnet_id", "security_group", "name", etc. - System label values can be only strings, Boolean values, or a list - of strings. For example: { "name": "my-test-instance", - "security_group": ["a", "b", "c"], "spot_instance": false } + Output only. The annotation metadata includes structured content in + the current chunk. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ChunkAnnotationMetadata + derivedStructData: + description: >- + Output only. This field is OUTPUT_ONLY. It contains derived data + that are not in the original input document. + readOnly: true type: object additionalProperties: type: any description: Properties of the object. - userLabels: - description: Output only. A map of user-defined metadata labels. - type: object - additionalProperties: + annotationContents: + description: >- + Output only. Annotation contents if the current chunk contains + annotations. + type: array + items: type: string - GoogleMonitoringV3Point: - id: GoogleMonitoringV3Point - description: A single data point in a time series. + readOnly: true + chunkMetadata: + description: Output only. Metadata of the current chunk. + readOnly: true + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ChunkChunkMetadata' + id: + description: Unique chunk ID of the current chunk. + type: string + documentMetadata: + description: Metadata of the document from the current chunk. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ChunkDocumentMetadata + relevanceScore: + readOnly: true + description: >- + Output only. Represents the relevance score based on similarity. + Higher score indicates higher chunk relevance. The score is in range + [-1.0, 1.0]. Only populated on SearchResponse. + type: number + format: double + name: + description: >- + The full resource name of the chunk. Format: + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/branches/{branch}/documents/{document_id}/chunks/{chunk_id}`. + This field must be a UTF-8 encoded string with a length limit of + 1024 characters. + type: string + dataUrls: + items: + type: string + readOnly: true + type: array + description: >- + Output only. Image Data URLs if the current chunk contains images. + Data URLs are composed of four parts: a prefix (data:), a MIME type + indicating the type of data, an optional base64 token if + non-textual, and the data itself: data:, + pageSpan: + description: Page span of the chunk. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ChunkPageSpan' + content: + description: Content is a string from a document (parsed content). + type: string + type: object + GoogleCloudDiscoveryengineV1BatchCreateTargetSitesResponse: + id: GoogleCloudDiscoveryengineV1BatchCreateTargetSitesResponse + description: >- + Response message for SiteSearchEngineService.BatchCreateTargetSites + method. type: object properties: - interval: - description: >- - The time interval to which the data point applies. For `GAUGE` - metrics, the start time is optional, but if it is supplied, it must - equal the end time. For `DELTA` metrics, the start and end time - should specify a non-zero interval, with subsequent points - specifying contiguous and non-overlapping intervals. For - `CUMULATIVE` metrics, the start and end time should specify a - non-zero interval, with subsequent points specifying the same start - time and increasing end times, until an event resets the cumulative - value to zero and sets a new start time for the following points. - $ref: '#/components/schemas/GoogleMonitoringV3TimeInterval' - value: - description: The value of the data point. - $ref: '#/components/schemas/GoogleMonitoringV3TypedValue' + targetSites: + type: array + description: TargetSites created. + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' GoogleMonitoringV3TimeInterval: id: GoogleMonitoringV3TimeInterval - description: >- - A time interval extending just after a start time through an end time. - If the start time is the same as the end time, then the interval - represents a single point in time. type: object properties: - endTime: - description: Required. The end of the time interval. - type: string - format: google-datetime startTime: description: >- Optional. The beginning of the time interval. The default value for the start time is the end time. The start time must not be later than the end time. - type: string format: google-datetime - GoogleMonitoringV3TypedValue: - id: GoogleMonitoringV3TypedValue - description: A single strongly-typed value. - type: object - properties: - boolValue: - description: 'A Boolean value: `true` or `false`.' - type: boolean - int64Value: - description: A 64-bit integer. Its range is approximately ±9.2x1018. type: string - format: int64 - doubleValue: - description: >- - A 64-bit double-precision floating-point number. Its magnitude is - approximately ±10±300 and it has 16 significant digits of precision. - type: number - format: double - stringValue: - description: A variable-length string value. + endTime: + format: google-datetime type: string - distributionValue: - description: A distribution value. - $ref: '#/components/schemas/GoogleApiDistribution' - GoogleApiDistribution: - id: GoogleApiDistribution + description: Required. The end of the time interval. description: >- - `Distribution` contains summary statistics for a population of values. - It optionally contains a histogram representing the distribution of - those values across a set of buckets. The summary statistics are the - count, mean, sum of the squared deviation from the mean, the minimum, - and the maximum of the set of population of values. The histogram is - based on a sequence of buckets and gives a count of values that fall - into each bucket. The boundaries of the buckets are given either - explicitly or by formulas for buckets of fixed or exponentially - increasing widths. Although it is not forbidden, it is generally a bad - idea to include non-finite values (infinities or NaNs) in the population - of values, as this will render the `mean` and `sum_of_squared_deviation` - fields meaningless. + A time interval extending just after a start time through an end time. + If the start time is the same as the end time, then the interval + represents a single point in time. + GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesRequestInlineSource: + id: >- + GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesRequestInlineSource type: object properties: - count: + entries: + type: array description: >- - The number of values in the population. Must be non-negative. This - value must equal the sum of the values in `bucket_counts` if a - histogram is provided. + Required. A list of all denylist entries to import. Max of 1000 + items. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SuggestionDenyListEntry + description: The inline source for SuggestionDenyListEntry. + GoogleCloudDiscoveryengineV1RecommendRequest: + description: Request message for Recommend method. + properties: + pageSize: + type: integer + description: >- + Maximum number of results to return. Set this property to the number + of recommendation results needed. If zero, the service chooses a + reasonable default. The maximum allowed value is 100. Values above + 100 are set to 100. + format: int32 + filter: type: string - format: int64 - mean: description: >- - The arithmetic mean of the values in the population. If `count` is - zero then this field must be zero. - type: number - format: double - sumOfSquaredDeviation: + Filter for restricting recommendation results with a length limit of + 5,000 characters. Currently, only filter expressions on the + `filter_tags` attribute is supported. Examples: * `(filter_tags: + ANY("Red", "Blue") OR filter_tags: ANY("Hot", "Cold"))` * + `(filter_tags: ANY("Red", "Blue")) AND NOT (filter_tags: + ANY("Green"))` If `attributeFilteringSyntax` is set to true under + the `params` field, then attribute-based expressions are expected + instead of the above described tag-based syntax. Examples: * + (language: ANY("en", "es")) AND NOT (categories: ANY("Movie")) * + (available: true) AND (language: ANY("en", "es")) OR (categories: + ANY("Movie")) If your filter blocks all results, the API returns + generic (unfiltered) popular Documents. If you only want results + strictly matching the filters, set `strictFiltering` to `true` in + RecommendRequest.params to receive empty results instead. Note that + the API never returns Documents with `storageStatus` as `EXPIRED` or + `DELETED` regardless of filter choices. + validateOnly: description: >- - The sum of squared deviations from the mean of the values in the - population. For values x_i this is: Sum[i=1..n]((x_i - mean)^2) - Knuth, "The Art of Computer Programming", Vol. 2, page 232, 3rd - edition describes Welford's method for accumulating this sum in one - pass. If `count` is zero then this field must be zero. - type: number - format: double - range: + Use validate only mode for this recommendation query. If set to + `true`, a fake model is used that returns arbitrary Document IDs. + Note that the validate only mode should only be used for testing the + API, or if the model is not ready. + type: boolean + params: + type: object description: >- - If specified, contains the range of the population values. The field - must not be present if the `count` is zero. - $ref: '#/components/schemas/GoogleApiDistributionRange' - bucketOptions: + Additional domain specific parameters for the recommendations. + Allowed values: * `returnDocument`: Boolean. If set to `true`, the + associated Document object is returned in + RecommendResponse.RecommendationResult.document. * `returnScore`: + Boolean. If set to true, the recommendation score corresponding to + each returned Document is set in + RecommendResponse.RecommendationResult.metadata. The given score + indicates the probability of a Document conversion given the user's + context and history. * `strictFiltering`: Boolean. True by default. + If set to `false`, the service returns generic (unfiltered) popular + Documents instead of empty if your filter blocks all recommendation + results. * `diversityLevel`: String. Default empty. If set to be + non-empty, then it needs to be one of: * `no-diversity` * + `low-diversity` * `medium-diversity` * `high-diversity` * + `auto-diversity` This gives request-level control and adjusts + recommendation results based on Document category. * + `attributeFilteringSyntax`: Boolean. False by default. If set to + true, the `filter` field is interpreted according to the new, + attribute-based syntax. + additionalProperties: + type: any + userLabels: + type: object description: >- - Defines the histogram bucket boundaries. If the distribution does - not contain a histogram, then omit this field. - $ref: '#/components/schemas/GoogleApiDistributionBucketOptions' - bucketCounts: + The user labels applied to a resource must meet the following + requirements: * Each resource can have multiple labels, up to a + maximum of 64. * Each label must be a key-value pair. * Keys have a + minimum length of 1 character and a maximum length of 63 characters + and cannot be empty. Values can be empty and have a maximum length + of 63 characters. * Keys and values can contain only lowercase + letters, numeric characters, underscores, and dashes. All characters + must use UTF-8 encoding, and international characters are allowed. * + The key portion of a label must be unique. However, you can use the + same key with multiple resources. * Keys must start with a lowercase + letter or international character. See [Requirements for + labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) + for more details. + additionalProperties: + type: string + userEvent: description: >- - The number of values in each bucket of the histogram, as described - in `bucket_options`. If the distribution does not have a histogram, - then omit this field. If there is a histogram, then the sum of the - values in `bucket_counts` must equal the value in the `count` field - of the distribution. If present, `bucket_counts` should contain N - values, where N is the number of buckets specified in - `bucket_options`. If you supply fewer than N values, the remaining - values are assumed to be 0. The order of the values in - `bucket_counts` follows the bucket numbering schemes described for - the three bucket types. The first value must be the count for the - underflow bucket (number 0). The next N-2 values are the counts for - the finite buckets (number 1 through N-2). The N'th value in - `bucket_counts` is the count for the overflow bucket (number N-1). - type: array + Required. Context about the user, what they are looking at and what + action they took to trigger the Recommend request. Note that this + user event detail won't be ingested to userEvent logs. Thus, a + separate userEvent write request is required for event logging. + Don't set UserEvent.user_pseudo_id or UserEvent.user_info.user_id to + the same fixed ID for different users. If you are trying to receive + non-personalized recommendations (not recommended; this can + negatively impact model performance), instead set + UserEvent.user_pseudo_id to a random unique ID and leave + UserEvent.user_info.user_id unset. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserEvent' + id: GoogleCloudDiscoveryengineV1RecommendRequest + type: object + GoogleCloudDiscoveryengineV1alphaBAPConfig: + description: The configuration for the BAP connector. + id: GoogleCloudDiscoveryengineV1alphaBAPConfig + properties: + supportedConnectorModes: items: + enumDescriptions: + - Connector mode unspecified. + - Connector utilized for data ingestion. + - Connector utilized for Actions + - Connector utilized for End User Authentication. + enum: + - CONNECTOR_MODE_UNSPECIFIED + - DATA_INGESTION + - ACTIONS + - END_USER_AUTHENTICATION type: string - format: int64 - exemplars: - description: Must be in increasing order of `value` field. + description: >- + Required. The supported connector modes for the associated BAP + connection. type: array + enabledActions: + description: Optional. The actions enabled on the associated BAP connection. items: - $ref: '#/components/schemas/GoogleApiDistributionExemplar' - GoogleApiDistributionRange: - id: GoogleApiDistributionRange - description: The range of the population values. - type: object - properties: - min: - description: The minimum of the population values. - type: number - format: double - max: - description: The maximum of the population values. - type: number - format: double - GoogleApiDistributionBucketOptions: - id: GoogleApiDistributionBucketOptions - description: >- - `BucketOptions` describes the bucket boundaries used to create a - histogram for the distribution. The buckets can be in a linear sequence, - an exponential sequence, or each bucket can be specified explicitly. - `BucketOptions` does not include the number of values in each bucket. A - bucket has an inclusive lower bound and exclusive upper bound for the - values that are counted for that bucket. The upper bound of a bucket - must be strictly greater than the lower bound. The sequence of N buckets - for a distribution consists of an underflow bucket (number 0), zero or - more finite buckets (number 1 through N - 2) and an overflow bucket - (number N - 1). The buckets are contiguous: the lower bound of bucket i - (i > 0) is the same as the upper bound of bucket i - 1. The buckets span - the whole range of finite values: lower bound of the underflow bucket is - -infinity and the upper bound of the overflow bucket is +infinity. The - finite buckets are so-called because both bounds are finite. + type: string + type: array type: object + GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpec: + id: GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpec + description: A specification for configuring a summary returned in a search response. properties: - linearBuckets: - description: The linear bucket. - $ref: '#/components/schemas/GoogleApiDistributionBucketOptionsLinear' - exponentialBuckets: - description: The exponential buckets. - $ref: '#/components/schemas/GoogleApiDistributionBucketOptionsExponential' - explicitBuckets: - description: The explicit buckets. - $ref: '#/components/schemas/GoogleApiDistributionBucketOptionsExplicit' - GoogleApiDistributionBucketOptionsLinear: - id: GoogleApiDistributionBucketOptionsLinear - description: >- - Specifies a linear sequence of buckets that all have the same width - (except overflow and underflow). Each bucket represents a constant - absolute uncertainty on the specific value in the bucket. There are - `num_finite_buckets + 2` (= N) buckets. Bucket `i` has the following - boundaries: Upper bound (0 <= i < N-1): offset + (width * i). Lower - bound (1 <= i < N): offset + (width * (i - 1)). + ignoreLowRelevantContent: + description: >- + Specifies whether to filter out queries that have low relevance. The + default value is `false`. If this field is set to `false`, all + search results are used regardless of relevance to generate answers. + If set to `true`, only queries with high relevance search results + will generate answers. + type: boolean + modelSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpecModelSpec + description: >- + If specified, the spec will be used to modify the model + specification provided to the LLM. + ignoreJailBreakingQuery: + type: boolean + description: >- + Optional. Specifies whether to filter out jail-breaking queries. The + default value is `false`. Google employs search-query classification + to detect jail-breaking queries. No summary is returned if the + search query is classified as a jail-breaking query. A user might + add instructions to the query to change the tone, style, language, + content of the answer, or ask the model to act as a different + entity, e.g. "Reply in the tone of a competing company's CEO". If + this field is set to `true`, we skip generating summaries for + jail-breaking queries and return fallback messages instead. + ignoreAdversarialQuery: + type: boolean + description: >- + Specifies whether to filter out adversarial queries. The default + value is `false`. Google employs search-query classification to + detect adversarial queries. No summary is returned if the search + query is classified as an adversarial query. For example, a user + might ask a question regarding negative comments about the company + or submit a query designed to generate unsafe, policy-violating + output. If this field is set to `true`, we skip generating summaries + for adversarial queries and return fallback messages instead. + includeCitations: + type: boolean + description: >- + Specifies whether to include citations in the summary. The default + value is `false`. When this field is set to `true`, summaries + include in-line citation numbers. Example summary including + citations: BigQuery is Google Cloud's fully managed and completely + serverless enterprise data warehouse [1]. BigQuery supports all data + types, works across clouds, and has built-in machine learning and + business intelligence, all within a unified platform [2, 3]. The + citation numbers refer to the returned search results and are + 1-indexed. For example, [1] means that the sentence is attributed to + the first search result. [2, 3] means that the sentence is + attributed to both the second and third search results. + languageCode: + description: >- + Language code for Summary. Use language tags defined by + [BCP47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). Note: This is + an experimental feature. + type: string + summaryResultCount: + type: integer + format: int32 + description: >- + The number of top results to generate the summary from. If the + number of results returned is less than `summaryResultCount`, the + summary is generated from all of the results. At most 10 results for + documents mode, or 50 for chunks mode, can be used to generate a + summary. The chunks mode is used when + SearchRequest.ContentSearchSpec.search_result_mode is set to CHUNKS. + modelPromptSpec: + description: >- + If specified, the spec will be used to modify the prompt provided to + the LLM. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpecSummarySpecModelPromptSpec + useSemanticChunks: + type: boolean + description: >- + If true, answer will be generated from most relevant chunks from top + search results. This feature will improve summary quality. Note that + with this feature enabled, not all top search results will be + referenced and included in the reference list, so the citation + source index only points to the search results listed in the + reference list. + ignoreNonSummarySeekingQuery: + description: >- + Specifies whether to filter out queries that are not + summary-seeking. The default value is `false`. Google employs + search-query classification to detect summary-seeking queries. No + summary is returned if the search query is classified as a + non-summary seeking query. For example, `why is the sky blue` and + `Who is the best soccer player in the world?` are summary-seeking + queries, but `SFO airport` and `world cup 2026` are not. They are + most likely navigational queries. If this field is set to `true`, we + skip generating summaries for non-summary seeking queries and return + fallback messages instead. + type: boolean type: object + GoogleCloudDiscoveryengineV1alphaDestinationConfigDestination: + id: GoogleCloudDiscoveryengineV1alphaDestinationConfigDestination properties: - numFiniteBuckets: - description: Must be greater than 0. - type: integer + host: + description: Publicly routable host. + type: string + port: format: int32 - width: - description: Must be greater than 0. - type: number - format: double - offset: - description: Lower bound of the first bucket. - type: number - format: double - GoogleApiDistributionBucketOptionsExponential: - id: GoogleApiDistributionBucketOptionsExponential - description: >- - Specifies an exponential sequence of buckets that have a width that is - proportional to the value of the lower bound. Each bucket represents a - constant relative uncertainty on a specific value in the bucket. There - are `num_finite_buckets + 2` (= N) buckets. Bucket `i` has the following - boundaries: Upper bound (0 <= i < N-1): scale * (growth_factor ^ i). - Lower bound (1 <= i < N): scale * (growth_factor ^ (i - 1)). + description: Optional. Target port number accepted by the destination. + type: integer + description: Defines a target endpoint + type: object + GoogleCloudDiscoveryengineV1Citation: type: object + id: GoogleCloudDiscoveryengineV1Citation properties: - numFiniteBuckets: - description: Must be greater than 0. + title: + readOnly: true + description: Output only. Title of the attribution. + type: string + endIndex: + format: int32 + type: integer + description: Output only. End index into the content. + readOnly: true + license: + type: string + description: Output only. License of the attribution. + readOnly: true + publicationDate: + $ref: '#/components/schemas/GoogleTypeDate' + readOnly: true + description: Output only. Publication date of the attribution. + startIndex: type: integer format: int32 - growthFactor: - description: Must be greater than 1. - type: number - format: double - scale: - description: Must be greater than 0. - type: number - format: double - GoogleApiDistributionBucketOptionsExplicit: - id: GoogleApiDistributionBucketOptionsExplicit + readOnly: true + description: Output only. Start index into the content. + uri: + readOnly: true + type: string + description: Output only. Url reference of the attribution. + description: Source attributions for content. + GoogleCloudDiscoveryengineV1betaProjectConfigurableBillingStatus: + properties: + effectiveSearchQpmThreshold: + type: string + format: int64 + description: >- + Optional. The currently effective Search QPM threshold in queries + per minute. This is the threshold against which QPM usage is + compared for overage calculations. + startTime: + format: google-datetime + type: string + description: >- + Optional. The start time of the currently active billing + subscription. + effectiveIndexingCoreThreshold: + description: >- + Optional. The currently effective Indexing Core threshold. This is + the threshold against which Indexing Core usage is compared for + overage calculations. + format: int64 + type: string description: >- - Specifies a set of buckets with arbitrary widths. There are - `size(bounds) + 1` (= N) buckets. Bucket `i` has the following - boundaries: Upper bound (0 <= i < N-1): bounds[i] Lower bound (1 <= i < - N); bounds[i - 1] The `bounds` field must contain at least one element. - If `bounds` has only one element, then there are no finite buckets, and - that single element is the common boundary of the overflow and underflow - buckets. + Represents the currently effective configurable billing parameters. + These values are derived from the customer's subscription history stored + internally and reflect the thresholds actively being used for billing + purposes at the time of the GetProject call. This includes the + start_time of the subscription and may differ from the values in + `customer_provided_config` due to billing rules (e.g., scale-downs + taking effect only at the start of a new month). type: object + id: GoogleCloudDiscoveryengineV1betaProjectConfigurableBillingStatus + GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResult: properties: - bounds: - description: The values must be monotonically increasing. - type: array - items: - type: number - format: double - GoogleApiDistributionExemplar: - id: GoogleApiDistributionExemplar - description: >- - Exemplars are example points that may be used to annotate aggregated - distribution values. They are metadata that gives information about a - particular value added to a Distribution bucket, such as a trace ID that - was active when a value was added. They may contain further information, - such as a example values and timestamps, origin, etc. - type: object - properties: - value: + document: + type: string + description: Document resource name. + structData: + additionalProperties: + type: any + description: Properties of the object. + type: object description: >- - Value of the exemplar point. This value determines to which bucket - the exemplar belongs. - type: number - format: double - timestamp: - description: The observation (sampling) time of the above value. + Data representation. The structured JSON data for the document. It's + populated from the struct data from the Document, or the Chunk in + search result. + title: type: string - format: google-datetime - attachments: + description: Title. + uri: + type: string + description: URI for the document. + chunkInfo: description: >- - Contextual information about the example value. Examples are: Trace: - type.googleapis.com/google.monitoring.v3.SpanContext Literal string: - type.googleapis.com/google.protobuf.StringValue Labels dropped - during aggregation: - type.googleapis.com/google.monitoring.v3.DroppedLabels There may be - only a single attachment of any given message type in a single - exemplar, and this is enforced by the system. + If citation_type is CHUNK_LEVEL_CITATION and chunk mode is on, + populate chunk info. type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleCloudDiscoveryengineV1alphaDedicatedCrawlRateTimeSeries: - id: GoogleCloudDiscoveryengineV1alphaDedicatedCrawlRateTimeSeries - description: >- - The historical dedicated crawl rate timeseries data, used for - monitoring. Dedicated crawl is used by Vertex AI to crawl the user's - website when dedicate crawl is set. - type: object - properties: - userTriggeredCrawlRate: - description: >- - Vertex AI's dedicated crawl rate time series of user triggered - crawl, which is the crawl rate of Google-CloudVertexBot when - dedicate crawl is set, and user triggered crawl rate is for - deterministic use cases like crawling urls or sitemaps specified by - users. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaCrawlRateTimeSeries - autoRefreshCrawlRate: - description: >- - Vertex AI's dedicated crawl rate time series of auto-refresh, which - is the crawl rate of Google-CloudVertexBot when dedicate crawl is - set, and the crawl rate is for best effort use cases like refreshing - urls periodically. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaCrawlRateTimeSeries - userTriggeredCrawlErrorRate: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResultChunkInfo + snippetInfo: description: >- - Vertex AI's error rate time series of user triggered dedicated - crawl. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaCrawlRateTimeSeries - autoRefreshCrawlErrorRate: - description: Vertex AI's error rate time series of auto-refresh dedicated crawl. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaCrawlRateTimeSeries - GoogleCloudDiscoveryengineV1alphaProject: - id: GoogleCloudDiscoveryengineV1alphaProject - description: Metadata and configurations for a Google Cloud project in the service. + If citation_type is DOCUMENT_LEVEL_CITATION, populate document level + snippets. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResultSnippetInfo + id: GoogleCloudDiscoveryengineV1alphaAnswerStepActionObservationSearchResult type: object + GoogleCloudDiscoveryengineV1DeleteSitemapMetadata: properties: - name: - description: >- - Output only. Full resource name of the project, for example - `projects/{project}`. Note that when making requests, project number - and project id are both acceptable, but the server will always - respond in project number. - readOnly: true + updateTime: + format: google-datetime type: string + description: >- + Operation last update time. If the operation is done, this is also + the finish time. createTime: - description: Output only. The timestamp when this project is created. - readOnly: true + description: Operation create time. type: string format: google-datetime - provisionCompletionTime: - description: >- - Output only. The timestamp when this project is successfully - provisioned. Empty value means this project is still provisioning - and is not ready for use. - readOnly: true + type: object + id: GoogleCloudDiscoveryengineV1DeleteSitemapMetadata + description: >- + Metadata related to the progress of the + SiteSearchEngineService.DeleteSitemap operation. This will be returned + by the google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfo: + description: Unstructured document information. + id: >- + GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfo + properties: + title: type: string - format: google-datetime - serviceTermsMap: + description: Title. + uri: + type: string + description: URI for the document. + extractiveAnswers: + deprecated: true description: >- - Output only. A map of terms of services. The key is the `id` of - ServiceTerms. - readOnly: true - type: object - additionalProperties: + Deprecated: This field is deprecated and will have no effect on the + Answer generation. Please use document_contexts and + extractive_segments fields. List of extractive answers. + type: array + items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaProjectServiceTerms - GoogleCloudDiscoveryengineV1alphaProjectServiceTerms: - id: GoogleCloudDiscoveryengineV1alphaProjectServiceTerms - description: Metadata about the terms of service. + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoExtractiveAnswer + extractiveSegments: + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoExtractiveSegment + description: List of extractive segments. + type: array + documentContexts: + description: >- + List of document contexts. The content will be used for Answer + Generation. This is supposed to be the main content of the document + that can be long and comprehensive. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoDocumentContext + document: + type: string + description: Document resource name. + type: object + GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoExtractiveAnswer: type: object + id: >- + GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultUnstructuredDocumentInfoExtractiveAnswer + description: >- + Extractive answer. + [Guide](https://cloud.google.com/generative-ai-app-builder/docs/snippets#get-answers) properties: - id: - description: >- - The unique identifier of this terms of service. Available terms: * - `GA_DATA_USE_TERMS`: [Terms for data - use](https://cloud.google.com/retail/data-use-terms). When using - this as `id`, the acceptable version to provide is `2022-11-23`. + content: type: string - version: - description: >- - The version string of the terms of service. For acceptable values, - see the comments for id above. + description: Extractive answer content. + pageIdentifier: + description: Page identifier. type: string - state: + GoogleCloudDiscoveryengineV1alphaEvaluationEvaluationSpecQuerySetSpec: + properties: + sampleQuerySet: description: >- - Whether the project has accepted/rejected the service terms or it is - still pending. + Optional. The full resource name of the SampleQuerySet used for the + evaluation, in the format of + `projects/{project}/locations/{location}/sampleQuerySets/{sampleQuerySet}`. + type: string + type: object + id: GoogleCloudDiscoveryengineV1alphaEvaluationEvaluationSpecQuerySetSpec + description: Describes the specification of the query set. + GoogleCloudDiscoveryengineV1ControlBoostActionInterpolationBoostSpec: + id: GoogleCloudDiscoveryengineV1ControlBoostActionInterpolationBoostSpec + description: >- + Specification for custom ranking based on customer specified attribute + value. It provides more controls for customized ranking than the simple + (condition, boost) combination above. + properties: + fieldName: type: string + description: >- + Optional. The name of the field whose value will be used to + determine the boost amount. + interpolationType: enumDescriptions: - - The default value of the enum. This value is not actually used. - - The project has given consent to the terms of service. - - The project is pending to review and accept the terms of service. - >- - The project has declined or revoked the agreement to terms of - service. - enum: - - STATE_UNSPECIFIED - - TERMS_ACCEPTED - - TERMS_PENDING - - TERMS_DECLINED - acceptTime: - description: The last time when the project agreed to the terms of service. + Interpolation type is unspecified. In this case, it defaults to + Linear. + - Piecewise linear interpolation will be applied. type: string - format: google-datetime - declineTime: description: >- - The last time when the project declined or revoked the agreement to - terms of service. + Optional. The interpolation type to be applied to connect the + control points listed below. + enum: + - INTERPOLATION_TYPE_UNSPECIFIED + - LINEAR + controlPoints: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ControlBoostActionInterpolationBoostSpecControlPoint + description: >- + Optional. The control points used to define the curve. The monotonic + function (defined through the interpolation_type above) passes + through the control points listed here. + attributeType: + enumDescriptions: + - Unspecified AttributeType. + - >- + The value of the numerical field will be used to dynamically + update the boost amount. In this case, the attribute_value (the x + value) of the control point will be the actual value of the + numerical field for which the boost_amount is specified. + - >- + For the freshness use case the attribute value will be the + duration between the current time and the date in the datetime + field specified. The value must be formatted as an XSD + `dayTimeDuration` value (a restricted subset of an ISO 8601 + duration value). The pattern for this is: `nDnM]`. For example, + `5D`, `3DT12H30M`, `T24H`. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaProvisionProjectMetadata: - id: GoogleCloudDiscoveryengineV1alphaProvisionProjectMetadata - description: Metadata associated with a project provision operation. + enum: + - ATTRIBUTE_TYPE_UNSPECIFIED + - NUMERICAL + - FRESHNESS + description: >- + Optional. The attribute type to be used to determine the boost + amount. The attribute value can be derived from the field value of + the specified field_name. In the case of numerical it is + straightforward i.e. attribute_value = numerical_field_value. In the + case of freshness however, attribute_value = (time.now() - + datetime_field_value). type: object - properties: {} - GoogleCloudDiscoveryengineV1alphaPurgeCompletionSuggestionsMetadata: - id: GoogleCloudDiscoveryengineV1alphaPurgeCompletionSuggestionsMetadata - description: >- - Metadata related to the progress of the PurgeCompletionSuggestions - operation. This is returned by the google.longrunning.Operation.metadata - field. + GoogleCloudDiscoveryengineV1ControlBoostActionInterpolationBoostSpecControlPoint: + id: >- + GoogleCloudDiscoveryengineV1ControlBoostActionInterpolationBoostSpecControlPoint type: object properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + attributeValue: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Optional. Can be one of: 1. The numerical field value. 2. The + duration spec for freshness: The value must be formatted as an XSD + `dayTimeDuration` value (a restricted subset of an ISO 8601 duration + value). The pattern for this is: `nDnM]`. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaPurgeCompletionSuggestionsResponse: - id: GoogleCloudDiscoveryengineV1alphaPurgeCompletionSuggestionsResponse + boostAmount: + description: >- + Optional. The value between -1 to 1 by which to boost the score if + the attribute_value evaluates to the value specified above. + format: float + type: number description: >- - Response message for CompletionService.PurgeCompletionSuggestions - method. - type: object - properties: - purgeSucceeded: - description: Whether the completion suggestions were successfully purged. - type: boolean - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1alphaPurgeDocumentsMetadata: - id: GoogleCloudDiscoveryengineV1alphaPurgeDocumentsMetadata + The control points used to define the curve. The curve defined through + these control points can only be monotonically increasing or + decreasing(constant values are acceptable). + GoogleCloudDiscoveryengineV1betaImportDocumentsMetadata: + id: GoogleCloudDiscoveryengineV1betaImportDocumentsMetadata description: >- - Metadata related to the progress of the PurgeDocuments operation. This - will be returned by the google.longrunning.Operation.metadata field. + Metadata related to the progress of the ImportDocuments operation. This + is returned by the google.longrunning.Operation.metadata field. type: object properties: createTime: + format: google-datetime description: Operation create time. type: string - format: google-datetime updateTime: + format: google-datetime description: >- Operation last update time. If the operation is done, this is also the finish time. type: string - format: google-datetime successCount: - description: Count of entries that were deleted successfully. type: string format: int64 + description: Count of entries that were processed successfully. failureCount: description: Count of entries that encountered errors while processing. type: string format: int64 - ignoredCount: - description: Count of entries that were ignored as entries were not found. + totalCount: type: string format: int64 - GoogleCloudDiscoveryengineV1alphaPurgeDocumentsResponse: - id: GoogleCloudDiscoveryengineV1alphaPurgeDocumentsResponse - description: >- - Response message for DocumentService.PurgeDocuments method. If the long - running operation is successfully done, then this message is returned by - the google.longrunning.Operations.response field. + description: Total count of entries that were processed. + GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigOptimizationObjectiveConfig: + description: Custom threshold for `cvr` optimization_objective. + id: >- + GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigOptimizationObjectiveConfig type: object properties: - purgeCount: - description: The total count of documents purged as a result of the operation. + targetFieldValueFloat: + type: number + format: float + description: Required. The threshold to be applied to the target (e.g., 0.5). + targetField: + description: >- + Required. The name of the field to target. Currently supported + values: `watch-percentage`, `watch-time`. type: string - format: int64 - purgeSample: + GoogleCloudDiscoveryengineV1alphaSetUpDataConnectorMetadata: + properties: {} + type: object + description: Metadata for DataConnectorService.SetUpDataConnector method. + id: GoogleCloudDiscoveryengineV1alphaSetUpDataConnectorMetadata + GoogleCloudDiscoveryengineV1betaQualityMetrics: + id: GoogleCloudDiscoveryengineV1betaQualityMetrics + description: Describes the metrics produced by the evaluation. + properties: + docPrecision: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaQualityMetricsTopkMetrics description: >- - A sample of document names that will be deleted. Only populated if - `force` is set to false. A max of 100 names will be returned and the - names are chosen at random. - type: array - items: - type: string - GoogleCloudDiscoveryengineV1alphaPurgeSuggestionDenyListEntriesMetadata: - id: GoogleCloudDiscoveryengineV1alphaPurgeSuggestionDenyListEntriesMetadata - description: >- - Metadata related to the progress of the PurgeSuggestionDenyListEntries - operation. This is returned by the google.longrunning.Operation.metadata - field. + Precision per document, at various top-k cutoff levels. Precision is + the fraction of retrieved documents that are relevant. Example + (top-5): * For a single SampleQuery, If 4 out of 5 retrieved + documents in the top-5 are relevant, precision@5 = 4/5 = 0.8 + docNdcg: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaQualityMetricsTopkMetrics + description: >- + Normalized discounted cumulative gain (NDCG) per document, at + various top-k cutoff levels. NDCG measures the ranking quality, + giving higher relevance to top results. Example (top-3): Suppose + SampleQuery with three retrieved documents (D1, D2, D3) and binary + relevance judgements (1 for relevant, 0 for not relevant): + Retrieved: [D3 (0), D1 (1), D2 (1)] Ideal: [D1 (1), D2 (1), D3 (0)] + Calculate NDCG@3 for each SampleQuery: * DCG@3: 0/log2(1+1) + + 1/log2(2+1) + 1/log2(3+1) = 1.13 * Ideal DCG@3: 1/log2(1+1) + + 1/log2(2+1) + 0/log2(3+1) = 1.63 * NDCG@3: 1.13/1.63 = 0.693 + pageRecall: + description: >- + Recall per page, at various top-k cutoff levels. Recall is the + fraction of relevant pages retrieved out of all relevant pages. + Example (top-5): * For a single SampleQuery, if 3 out of 5 relevant + pages are retrieved in the top-5, recall@5 = 3/5 = 0.6 + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaQualityMetricsTopkMetrics + pageNdcg: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaQualityMetricsTopkMetrics + description: >- + Normalized discounted cumulative gain (NDCG) per page, at various + top-k cutoff levels. NDCG measures the ranking quality, giving + higher relevance to top results. Example (top-3): Suppose + SampleQuery with three retrieved pages (P1, P2, P3) and binary + relevance judgements (1 for relevant, 0 for not relevant): + Retrieved: [P3 (0), P1 (1), P2 (1)] Ideal: [P1 (1), P2 (1), P3 (0)] + Calculate NDCG@3 for SampleQuery: * DCG@3: 0/log2(1+1) + 1/log2(2+1) + + 1/log2(3+1) = 1.13 * Ideal DCG@3: 1/log2(1+1) + 1/log2(2+1) + + 0/log2(3+1) = 1.63 * NDCG@3: 1.13/1.63 = 0.693 + docRecall: + description: >- + Recall per document, at various top-k cutoff levels. Recall is the + fraction of relevant documents retrieved out of all relevant + documents. Example (top-5): * For a single SampleQuery, If 3 out of + 5 relevant documents are retrieved in the top-5, recall@5 = 3/5 = + 0.6 + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaQualityMetricsTopkMetrics type: object + GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesRequest: + type: object + id: GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesRequest properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + inlineSource: description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaPurgeSuggestionDenyListEntriesResponse: - id: GoogleCloudDiscoveryengineV1alphaPurgeSuggestionDenyListEntriesResponse + The Inline source for the input content for suggestion deny list + entries. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesRequestInlineSource + gcsSource: + description: >- + Cloud Storage location for the input content. Only 1 file can be + specified that contains all entries to import. Supported values + `gcs_source.schema` for autocomplete suggestion deny list entry + imports: * `suggestion_deny_list` (default): One JSON + [SuggestionDenyListEntry] per line. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1GcsSource' description: >- - Response message for CompletionService.PurgeSuggestionDenyListEntries + Request message for CompletionService.ImportSuggestionDenyListEntries method. + GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpec: type: object properties: - purgeCount: - description: Number of suggestion deny list entries purged. - type: string - format: int64 - errorSamples: - description: A sample of errors encountered while processing the request. - type: array + conditionBoostSpecs: items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1alphaPurgeUserEventsMetadata: - id: GoogleCloudDiscoveryengineV1alphaPurgeUserEventsMetadata - description: >- - Metadata related to the progress of the PurgeUserEvents operation. This - will be returned by the google.longrunning.Operation.metadata field. - type: object + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpec + type: array + description: >- + Condition boost specifications. If a document matches multiple + conditions in the specifications, boost scores from these + specifications are all applied and combined in a non-linear way. + Maximum number of specifications is 20. + id: GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpec + description: Boost specification to boost certain documents. + GoogleCloudDiscoveryengineV1ConditionQueryTerm: + description: Matcher for search request query properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + fullMatch: + description: Whether the search query needs to exactly match the query term. + type: boolean + value: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + The specific query value to match against Must be lowercase, must be + UTF-8. Can have at most 3 space separated terms if full_match is + true. Cannot be an empty string. Maximum length of 5000 characters. type: string - format: google-datetime - successCount: - description: Count of entries that were deleted successfully. - type: string - format: int64 - failureCount: - description: Count of entries that encountered errors while processing. - type: string - format: int64 - GoogleCloudDiscoveryengineV1alphaPurgeUserEventsResponse: - id: GoogleCloudDiscoveryengineV1alphaPurgeUserEventsResponse - description: >- - Response of the PurgeUserEventsRequest. If the long running operation is - successfully done, then this message is returned by the - google.longrunning.Operations.response field. + id: GoogleCloudDiscoveryengineV1ConditionQueryTerm type: object - properties: - purgeCount: - description: The total count of events purged as a result of the operation. - type: string - format: int64 - GoogleCloudDiscoveryengineV1alphaRecrawlUrisMetadata: - id: GoogleCloudDiscoveryengineV1alphaRecrawlUrisMetadata + GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecExtractiveContentSpec: description: >- - Metadata related to the progress of the - SiteSearchEngineService.RecrawlUris operation. This will be returned by - the google.longrunning.Operation.metadata field. + A specification for configuring the extractive content in a search + response. type: object + id: >- + GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecExtractiveContentSpec properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - invalidUris: - description: >- - Unique URIs in the request that have invalid format. Sample limited - to 1000. - type: array - items: - type: string - invalidUrisCount: - description: Total number of unique URIs in the request that have invalid format. - type: integer + numPreviousSegments: format: int32 - noindexUris: - description: URIs that have no index meta tag. Sample limited to 1000. - type: array - items: - type: string - noindexUrisCount: - description: Total number of URIs that have no index meta tag. type: integer - format: int32 - urisNotMatchingTargetSites: description: >- - Unique URIs in the request that don't match any TargetSite in the - DataStore, only match TargetSites that haven't been fully indexed, - or match a TargetSite with type EXCLUDE. Sample limited to 1000. - type: array - items: - type: string - urisNotMatchingTargetSitesCount: - description: Total number of URIs that don't match any TargetSites. - type: integer + Specifies whether to also include the adjacent from each selected + segments. Return at most `num_previous_segments` segments before + each selected segments. + numNextSegments: format: int32 - validUrisCount: description: >- - Total number of unique URIs in the request that are not in - invalid_uris. + Return at most `num_next_segments` segments after each selected + segments. type: integer + maxExtractiveAnswerCount: format: int32 - successCount: - description: Total number of URIs that have been crawled so far. type: integer + description: >- + The maximum number of extractive answers returned in each search + result. An extractive answer is a verbatim answer extracted from the + original document, which provides a precise and contextually + relevant answer to the search query. If the number of matching + answers is less than the `max_extractive_answer_count`, return all + of the answers. Otherwise, return the `max_extractive_answer_count`. + At most five answers are returned for each SearchResult. + maxExtractiveSegmentCount: format: int32 - pendingCount: - description: Total number of URIs that have yet to be crawled. type: integer - format: int32 - quotaExceededCount: description: >- - Total number of URIs that were rejected due to insufficient indexing - resources. - type: integer - format: int32 - GoogleCloudDiscoveryengineV1alphaRecrawlUrisResponse: - id: GoogleCloudDiscoveryengineV1alphaRecrawlUrisResponse - description: Response message for SiteSearchEngineService.RecrawlUris method. + The max number of extractive segments returned in each search + result. Only applied if the DataStore is set to + DataStore.ContentConfig.CONTENT_REQUIRED or DataStore.solution_types + is SOLUTION_TYPE_CHAT. An extractive segment is a text segment + extracted from the original document that is relevant to the search + query, and, in general, more verbose than an extractive answer. The + segment could then be used as input for LLMs to generate summaries + and answers. If the number of matching segments is less than + `max_extractive_segment_count`, return all of the segments. + Otherwise, return the `max_extractive_segment_count`. + returnExtractiveSegmentScore: + type: boolean + description: >- + Specifies whether to return the confidence score from the extractive + segments in each search result. This feature is available only for + new or allowlisted data stores. To allowlist your data store, + contact your Customer Engineer. The default value is `false`. + GoogleCloudDiscoveryengineV1ImportErrorConfig: + description: Configuration of destination for Import related errors. type: object + id: GoogleCloudDiscoveryengineV1ImportErrorConfig properties: - failureSamples: - description: Details for a sample of up to 10 `failed_uris`. + gcsPrefix: + type: string + description: >- + Cloud Storage prefix for import errors. This must be an empty, + existing Cloud Storage directory. Import errors are written to + sharded files in this directory, one per line, as a JSON-encoded + `google.rpc.Status` message. + GoogleCloudDiscoveryengineV1AssistAnswerCustomerPolicyEnforcementResult: + properties: + policyResults: type: array + description: >- + Customer policy enforcement results. Populated only if the assist + call was skipped due to a policy violation. It contains results from + those filters that blocked the processing of the query. items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaRecrawlUrisResponseFailureInfo - failedUris: - description: URIs that were not crawled before the LRO terminated. - type: array - items: - type: string - GoogleCloudDiscoveryengineV1alphaRecrawlUrisResponseFailureInfo: - id: GoogleCloudDiscoveryengineV1alphaRecrawlUrisResponseFailureInfo + #/components/schemas/GoogleCloudDiscoveryengineV1AssistAnswerCustomerPolicyEnforcementResultPolicyEnforcementResult + verdict: + description: >- + Final verdict of the customer policy enforcement. If only one policy + blocked the processing, the verdict is BLOCK. + enumDescriptions: + - Unknown value. + - There was no policy violation. + - Processing was blocked by the customer policy. + enum: + - UNSPECIFIED + - ALLOW + - BLOCK + type: string description: >- - Details about why a particular URI failed to be crawled. Each - FailureInfo contains one FailureReason per CorpusType. + Customer policy enforcement results. Contains the results of the various + policy checks, like the banned phrases or the Model Armor checks. + type: object + id: GoogleCloudDiscoveryengineV1AssistAnswerCustomerPolicyEnforcementResult + GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryClassificationSpec: + description: Query classification specification. + id: >- + GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpecQueryClassificationSpec type: object properties: - uri: - description: URI that failed to be crawled. - type: string - failureReasons: - description: List of failure reasons by corpus type (e.g. desktop, mobile). + types: + description: Enabled query classification types. + items: + enumDescriptions: + - Unspecified query classification type. + - Adversarial query classification type. + - Non-answer-seeking query classification type, for chit chat. + - Jail-breaking query classification type. + - >- + Non-answer-seeking query classification type, for no clear + intent. + - User defined query classification type. + enum: + - TYPE_UNSPECIFIED + - ADVERSARIAL_QUERY + - NON_ANSWER_SEEKING_QUERY + - JAIL_BREAKING_QUERY + - NON_ANSWER_SEEKING_QUERY_V2 + - USER_DEFINED_CLASSIFICATION_QUERY + type: string type: array + GoogleCloudDiscoveryengineV1betaSearchRequestRelevanceScoreSpec: + type: object + id: GoogleCloudDiscoveryengineV1betaSearchRequestRelevanceScoreSpec + properties: + returnRelevanceScore: + description: >- + Optional. Whether to return the relevance score for search results. + The higher the score, the more relevant the document is to the + query. + type: boolean + description: The specification for returning the document relevance score. + GoogleCloudDiscoveryengineV1AnswerStepActionObservation: + description: Observation. + properties: + searchResults: items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaRecrawlUrisResponseFailureInfoFailureReason - GoogleCloudDiscoveryengineV1alphaRecrawlUrisResponseFailureInfoFailureReason: - id: >- - GoogleCloudDiscoveryengineV1alphaRecrawlUrisResponseFailureInfoFailureReason - description: >- - Details about why crawling failed for a particular CorpusType, e.g., - DESKTOP and MOBILE crawling may fail for different reasons. + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResult + description: >- + Search results observed by the search action, it can be snippets + info or chunk info, depending on the citation type set by the user. + type: array + id: GoogleCloudDiscoveryengineV1AnswerStepActionObservation type: object - properties: - corpusType: - description: DESKTOP, MOBILE, or CORPUS_TYPE_UNSPECIFIED. - type: string - enumDescriptions: - - Default value. - - Denotes a crawling attempt for the desktop version of a page. - - Denotes a crawling attempt for the mobile version of a page. - enum: - - CORPUS_TYPE_UNSPECIFIED - - DESKTOP - - MOBILE - errorMessage: - description: Reason why the URI was not crawled. - type: string - GoogleCloudDiscoveryengineV1alphaRemoveDedicatedCrawlRateMetadata: - id: GoogleCloudDiscoveryengineV1alphaRemoveDedicatedCrawlRateMetadata - description: >- - Metadata related to the progress of the - CrawlRateManagementService.RemoveDedicatedCrawlRate operation. This will - be returned by the google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1DeleteCollectionMetadata: + id: GoogleCloudDiscoveryengineV1DeleteCollectionMetadata type: object properties: - createTime: - description: Operation create time. - type: string - format: google-datetime updateTime: + format: google-datetime description: >- Operation last update time. If the operation is done, this is also the finish time. type: string + createTime: + description: Operation create time. + type: string format: google-datetime - GoogleCloudDiscoveryengineV1alphaRemoveDedicatedCrawlRateResponse: - id: GoogleCloudDiscoveryengineV1alphaRemoveDedicatedCrawlRateResponse description: >- - Response message for CrawlRateManagementService.RemoveDedicatedCrawlRate - method. It simply returns the state of the response, and an error - message if the state is FAILED. + Metadata related to the progress of the + CollectionService.UpdateCollection operation. This will be returned by + the google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1ImportIdentityMappingsResponse: + description: Response message for IdentityMappingStoreService.ImportIdentityMappings + properties: + errorSamples: + type: array + items: + $ref: '#/components/schemas/GoogleRpcStatus' + description: A sample of errors encountered while processing the request. + type: object + id: GoogleCloudDiscoveryengineV1ImportIdentityMappingsResponse + GoogleCloudDiscoveryengineV1AnswerCitation: type: object + id: GoogleCloudDiscoveryengineV1AnswerCitation properties: - state: - description: Output only. The state of the response. - readOnly: true + endIndex: + type: string + format: int64 + description: >- + End of the attributed segment, exclusive. Measured in bytes (UTF-8 + unicode). If there are multi-byte characters,such as non-ASCII + characters, the index measurement is longer than the string length. + sources: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerCitationSource + description: Citation sources for the attributed segment. + startIndex: + format: int64 + type: string + description: >- + Index indicates the start of the segment, measured in bytes (UTF-8 + unicode). If there are multi-byte characters,such as non-ASCII + characters, the index measurement is longer than the string length. + description: Citation info for a segment. + GoogleCloudDiscoveryengineV1alphaEngineRecommendationMetadata: + description: Additional information of a recommendation engine. + properties: + servingState: type: string enumDescriptions: - - The state is unspecified. - - The state is successful. - - The state is failed. + - Unspecified serving state. + - The engine is not serving. + - The engine is serving and can be queried. + - The engine is trained on tuned hyperparameters and can be queried. + description: >- + Output only. The serving state of the engine: `ACTIVE`, + `NOT_ACTIVE`. + readOnly: true enum: - - STATE_UNSPECIFIED - - SUCCEEDED - - FAILED - error: - description: Errors from service when handling the request. - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1alphaSetDedicatedCrawlRateMetadata: - id: GoogleCloudDiscoveryengineV1alphaSetDedicatedCrawlRateMetadata - description: >- - Metadata related to the progress of the - CrawlRateManagementService.SetDedicatedCrawlRate operation. This will be - returned by the google.longrunning.Operation.metadata field. - type: object - properties: - createTime: - description: Operation create time. + - SERVING_STATE_UNSPECIFIED + - INACTIVE + - ACTIVE + - TUNED + lastTuneTime: + description: >- + Output only. The timestamp when the latest successful tune finished. + Only applicable on Media Recommendation engines. type: string + readOnly: true format: google-datetime - updateTime: + dataState: + type: string + enum: + - DATA_STATE_UNSPECIFIED + - DATA_OK + - DATA_ERROR description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Output only. The state of data requirements for this engine: + `DATA_OK` and `DATA_ERROR`. Engine cannot be trained if the data is + in `DATA_ERROR` state. Engine can have `DATA_ERROR` state even if + serving state is `ACTIVE`: engines were trained successfully before, + but cannot be refreshed because the underlying engine no longer has + sufficient data for training. + enumDescriptions: + - Unspecified default value, should never be explicitly set. + - The engine has sufficient training data. + - >- + The engine does not have sufficient training data. Error messages + can be queried via Stackdriver. + readOnly: true + tuningOperation: + description: >- + Output only. The latest tune operation id associated with the + engine. Only applicable on Media Recommendation engines. If present, + this operation id can be used to determine if there is an ongoing + tune for this engine. To check the operation status, send the + GetOperation request with this operation id in the engine resource + format. If no tuning has happened for this engine, the string is + empty. + readOnly: true + type: string + lastTrainTime: type: string + description: >- + Output only. The timestamp when the latest successful training + finished. Only applicable on Media Recommendation engines. + readOnly: true format: google-datetime - GoogleCloudDiscoveryengineV1alphaSetDedicatedCrawlRateResponse: - id: GoogleCloudDiscoveryengineV1alphaSetDedicatedCrawlRateResponse - description: >- - Response message for CrawlRateManagementService.SetDedicatedCrawlRate - method. It simply returns the state of the response, and an error - message if the state is FAILED. type: object - properties: - state: - description: Output only. The state of the response. - readOnly: true - type: string - enumDescriptions: - - The state is unspecified. - - The state is successful. - - The state is failed. - enum: - - STATE_UNSPECIFIED - - SUCCEEDED - - FAILED - error: - description: Errors from service when handling the request. - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1alphaSetUpDataConnectorMetadata: - id: GoogleCloudDiscoveryengineV1alphaSetUpDataConnectorMetadata - description: Metadata for DataConnectorService.SetUpDataConnector method. + id: GoogleCloudDiscoveryengineV1alphaEngineRecommendationMetadata + GoogleCloudDiscoveryengineV1PurgeCompletionSuggestionsRequest: type: object properties: {} - GoogleCloudDiscoveryengineV1alphaSetUriPatternDocumentDataMetadata: - id: GoogleCloudDiscoveryengineV1alphaSetUriPatternDocumentDataMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.SetUriPatternDocumentData operation. This will - be returned by the google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1PurgeCompletionSuggestionsRequest + description: Request message for CompletionService.PurgeCompletionSuggestions method. + GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpec: + description: A specification for configuring the behavior of content search. type: object + id: GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpec properties: - createTime: - description: Operation create time. + summarySpec: + description: >- + If `summarySpec` is not specified, summaries are not included in the + search response. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpec + chunkSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecChunkSpec + description: >- + Specifies the chunk spec to be returned from the search response. + Only available if the + SearchRequest.ContentSearchSpec.search_result_mode is set to CHUNKS + snippetSpec: + description: >- + If `snippetSpec` is not specified, snippets are not included in the + search response. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSnippetSpec + searchResultMode: + enumDescriptions: + - Default value. + - Returns documents in the search result. + - >- + Returns chunks in the search result. Only available if the + DocumentProcessingConfig.chunking_config is specified. + enum: + - SEARCH_RESULT_MODE_UNSPECIFIED + - DOCUMENTS + - CHUNKS + description: >- + Specifies the search result mode. If unspecified, the search result + mode defaults to `DOCUMENTS`. type: string + extractiveContentSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecExtractiveContentSpec + description: >- + If there is no extractive_content_spec provided, there will be no + extractive answer in the search response. + GoogleCloudDiscoveryengineV1alphaDeleteDataStoreMetadata: + properties: + createTime: format: google-datetime + type: string + description: Operation create time. updateTime: + type: string description: >- Operation last update time. If the operation is done, this is also the finish time. - type: string format: google-datetime - GoogleCloudDiscoveryengineV1alphaSetUriPatternDocumentDataResponse: - id: GoogleCloudDiscoveryengineV1alphaSetUriPatternDocumentDataResponse description: >- - Response message for SiteSearchEngineService.SetUriPatternDocumentData - method. + Metadata related to the progress of the DataStoreService.DeleteDataStore + operation. This will be returned by the + google.longrunning.Operation.metadata field. type: object + id: GoogleCloudDiscoveryengineV1alphaDeleteDataStoreMetadata + GoogleCloudDiscoveryengineV1alphaEngineSimilarDocumentsEngineConfig: properties: {} - GoogleCloudDiscoveryengineV1alphaSitemap: - id: GoogleCloudDiscoveryengineV1alphaSitemap - description: A sitemap for the SiteSearchEngine. type: object + id: GoogleCloudDiscoveryengineV1alphaEngineSimilarDocumentsEngineConfig + description: Additional config specs for a `similar-items` engine. + GoogleCloudDiscoveryengineV1ChunkAnnotationMetadata: properties: - uri: - description: Public URI for the sitemap, e.g. `www.example.com/sitemap.xml`. - type: string - name: - description: >- - Output only. The fully qualified resource name of the sitemap. - `projects/*/locations/*/collections/*/dataStores/*/siteSearchEngine/sitemaps/*` - The `sitemap_id` suffix is system-generated. + structuredContent: readOnly: true - type: string - createTime: - description: Output only. The sitemap's creation time. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ChunkStructuredContent + description: Output only. The structured content information. + imageId: + description: >- + Output only. Image id is provided if the structured content is based + on an image. readOnly: true type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaTrainCustomModelMetadata: - id: GoogleCloudDiscoveryengineV1alphaTrainCustomModelMetadata description: >- - Metadata related to the progress of the TrainCustomModel operation. This - is returned by the google.longrunning.Operation.metadata field. + The annotation metadata includes structured content in the current + chunk. + id: GoogleCloudDiscoveryengineV1ChunkAnnotationMetadata + type: object + GoogleCloudDiscoveryengineV1WidgetConfigDataStoreComponent: type: object properties: - createTime: - description: Operation create time. + name: + description: >- + The name of the data store. It should be data store resource name + Format: + `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}`. + For APIs under WidgetService, such as + WidgetService.LookUpWidgetConfig, the project number and location + part is erased in this field. + type: string + entityName: type: string - format: google-datetime - updateTime: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + The name of the entity, retrieved from + `Collection.data_connector.entities.entityName`. + id: + readOnly: true + description: >- + Output only. the identifier of the data store, used for widget + service. For now it refers to data_store_id, in the future we will + migrate the field to encrypted data store name UUID. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaTrainCustomModelResponse: - id: GoogleCloudDiscoveryengineV1alphaTrainCustomModelResponse + dataStoreConfigType: + readOnly: true + type: string + enum: + - DATA_STORE_CONFIG_TYPE_UNSPECIFIED + - ALLOW_DB_CONFIG + - THIRD_PARTY_OAUTH_CONFIG + - NOTEBOOKLM_CONFIG + enumDescriptions: + - Default value. This value is unused. + - The data store is connected to AlloyDB + - The data store is a connected to a third party data source. + - The data store is a connected to NotebookLM Enterprise. + description: Output only. The type of the data store config. + displayName: + description: The display name of the data store. + type: string + id: GoogleCloudDiscoveryengineV1WidgetConfigDataStoreComponent description: >- - Response of the TrainCustomModelRequest. This message is returned by the - google.longrunning.Operations.response field. + Read-only data store component that contains data stores fields that may + be used for filtering, it's the child of `CollectionComponent`. + GoogleApiDistributionRange: type: object + description: The range of the population values. + id: GoogleApiDistributionRange properties: - errorSamples: - description: A sample of errors encountered while processing the data. - type: array + max: + description: The maximum of the population values. + format: double + type: number + min: + type: number + format: double + description: The minimum of the population values. + GoogleCloudDiscoveryengineV1FetchSitemapsResponse: + type: object + properties: + sitemapsMetadata: items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1FetchSitemapsResponseSitemapMetadata + description: List of Sitemaps fetched. + type: array + id: GoogleCloudDiscoveryengineV1FetchSitemapsResponse + description: Response message for SiteSearchEngineService.FetchSitemaps method. + GoogleCloudDiscoveryengineV1DocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig: + description: Configuration for the layout based chunking. + type: object + properties: + includeAncestorHeadings: description: >- - Echoes the destination for the complete errors in the request if - set. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1alphaImportErrorConfig - modelStatus: + Whether to include appending different levels of headings to chunks + from the middle of the document to prevent context loss. Default + value: False. + type: boolean + chunkSize: + format: int32 description: >- - The trained model status. Possible values are: * **bad-data**: The - training data quality is bad. * **no-improvement**: Tuning didn't - improve performance. Won't deploy. * **in-progress**: Model training - job creation is in progress. * **training**: Model is actively - training. * **evaluating**: The model is evaluating trained metrics. - * **indexing**: The model trained metrics are indexing. * **ready**: - The model is ready for serving. + The token size limit for each chunk. Supported values: 100-500 + (inclusive). Default value: 500. + type: integer + id: >- + GoogleCloudDiscoveryengineV1DocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig + GoogleMonitoringV3TimeSeries: + properties: + valueType: + description: >- + The value type of the time series. When listing time series, this + value type might be different from the value type of the associated + metric if this time series is an alignment or reduction of other + time series. When creating a time series, this field is optional. If + present, it must be the same as the type of the data in the `points` + field. type: string - metrics: - description: The metrics of the trained model. - type: object - additionalProperties: - type: number - format: double - modelName: - description: Fully qualified name of the CustomTuningModel. + enum: + - VALUE_TYPE_UNSPECIFIED + - BOOL + - INT64 + - DOUBLE + - STRING + - DISTRIBUTION + - MONEY + enumDescriptions: + - Do not use this default value. + - >- + The value is a boolean. This value type can be used only if the + metric kind is `GAUGE`. + - The value is a signed 64-bit integer. + - The value is a double precision floating point number. + - >- + The value is a text string. This value type can be used only if + the metric kind is `GAUGE`. + - The value is a `Distribution`. + - The value is money. + resource: + $ref: '#/components/schemas/GoogleApiMonitoredResource' + description: >- + The associated monitored resource. Custom metrics can use only + certain monitored resource types in their time series data. For more + information, see [Monitored resources for custom + metrics](https://cloud.google.com/monitoring/custom-metrics/creating-metrics#custom-metric-resources). + metric: + description: >- + The associated metric. A fully-specified metric used to identify the + time series. + $ref: '#/components/schemas/GoogleApiMetric' + unit: + description: >- + The units in which the metric value is reported. It is only + applicable if the `value_type` is `INT64`, `DOUBLE`, or + `DISTRIBUTION`. The `unit` defines the representation of the stored + metric values. This field can only be changed through + CreateTimeSeries when it is empty. + type: string + description: type: string - GoogleCloudDiscoveryengineV1alphaTuneEngineMetadata: - id: GoogleCloudDiscoveryengineV1alphaTuneEngineMetadata - description: Metadata associated with a tune operation. - type: object - properties: - engine: description: >- - Required. The resource name of the engine that this tune applies to. - Format: - `projects/{project}/locations/{location}/collections/{collection_id}/engines/{engine_id}` + Input only. A detailed description of the time series that will be + associated with the google.api.MetricDescriptor for the metric. Once + set, this field cannot be changed through CreateTimeSeries. + points: + description: >- + The data points of this time series. When listing time series, + points are returned in reverse time order. When creating a time + series, this field must contain exactly one point and the point's + type must be the same as the value type of the associated metric. If + the associated metric's descriptor must be auto-created, then the + value type of the descriptor is determined by the point's type, + which must be `BOOL`, `INT64`, `DOUBLE`, or `DISTRIBUTION`. + items: + $ref: '#/components/schemas/GoogleMonitoringV3Point' + type: array + metricKind: type: string - GoogleCloudDiscoveryengineV1alphaTuneEngineResponse: - id: GoogleCloudDiscoveryengineV1alphaTuneEngineResponse - description: Response associated with a tune operation. + enum: + - METRIC_KIND_UNSPECIFIED + - GAUGE + - DELTA + - CUMULATIVE + description: >- + The metric kind of the time series. When listing time series, this + metric kind might be different from the metric kind of the + associated metric if this time series is an alignment or reduction + of other time series. When creating a time series, this field is + optional. If present, it must be the same as the metric kind of the + associated metric. If the associated metric's descriptor must be + auto-created, then this field specifies the metric kind of the new + descriptor and must be either `GAUGE` (the default) or `CUMULATIVE`. + enumDescriptions: + - Do not use this default value. + - An instantaneous measurement of a value. + - The change in a value during a time interval. + - >- + A value accumulated over a time interval. Cumulative measurements + in a time series should have the same start time and increasing + end times, until an event resets the cumulative value to zero and + sets a new start time for the following points. + metadata: + description: >- + Output only. The associated monitored resource metadata. When + reading a time series, this field will include metadata labels that + are explicitly named in the reduction. When creating a time series, + this field is ignored. + $ref: '#/components/schemas/GoogleApiMonitoredResourceMetadata' type: object - properties: {} - GoogleCloudDiscoveryengineV1alphaUpdateCmekConfigMetadata: - id: GoogleCloudDiscoveryengineV1alphaUpdateCmekConfigMetadata + id: GoogleMonitoringV3TimeSeries description: >- - Metadata related to the progress of the - CmekConfigService.UpdateCmekConfig operation. This will be returned by - the google.longrunning.Operation.metadata field. + A collection of data points that describes the time-varying values of a + metric. A time series is identified by a combination of a + fully-specified monitored resource and a fully-specified metric. This + type is used for both listing and creating time series. + GoogleCloudDiscoveryengineV1alphaTargetSiteFailureReason: + id: GoogleCloudDiscoveryengineV1alphaTargetSiteFailureReason + properties: + quotaFailure: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaTargetSiteFailureReasonQuotaFailure + description: Failed due to insufficient quota. + description: Site search indexing failure reasons. + type: object + GoogleCloudDiscoveryengineV1ConversationContext: type: object + description: Defines context of the conversation + id: GoogleCloudDiscoveryengineV1ConversationContext properties: - createTime: - description: Operation create time. + contextDocuments: + items: + type: string + type: array + description: >- + The current list of documents the user is seeing. It contains the + document resource references. + activeDocument: + description: >- + The current active document the user opened. It contains the + document resource reference. type: string - format: google-datetime - updateTime: + GoogleCloudDiscoveryengineV1alphaAnswerReferenceUnstructuredDocumentInfo: + type: object + properties: + structData: + additionalProperties: + description: Properties of the object. + type: any description: >- - Operation last update time. If the operation is done, this is also - the finish time. + The structured JSON metadata for the document. It is populated from + the struct data from the Chunk in search result. + type: object + document: type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaUpdateCollectionMetadata: - id: GoogleCloudDiscoveryengineV1alphaUpdateCollectionMetadata - description: >- - Metadata related to the progress of the - CollectionService.UpdateCollection operation. This will be returned by - the google.longrunning.Operation.metadata field. + description: Document resource name. + title: + description: Title. + type: string + uri: + description: URI for the document. + type: string + chunkContents: + type: array + description: List of cited chunk contents derived from document content. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerReferenceUnstructuredDocumentInfoChunkContent + id: GoogleCloudDiscoveryengineV1alphaAnswerReferenceUnstructuredDocumentInfo + description: Unstructured document information. + GoogleCloudDiscoveryengineV1ListDocumentsResponse: type: object properties: - createTime: - description: Operation create time. + documents: + description: The Documents. + type: array + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' + nextPageToken: + description: >- + A token that can be sent as ListDocumentsRequest.page_token to + retrieve the next page. If this field is omitted, there are no + subsequent pages. + type: string + description: Response message for DocumentService.ListDocuments method. + id: GoogleCloudDiscoveryengineV1ListDocumentsResponse + GoogleCloudDiscoveryengineV1AssistUserMetadata: + properties: + preferredLanguageCode: type: string - format: google-datetime - updateTime: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Optional. Preferred language to be used for answering if language + detection fails. Also used as the language of error messages created + by actions, regardless of language detection results. + timeZone: + description: Optional. IANA time zone, e.g. Europe/Budapest. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaUpdateSchemaMetadata: - id: GoogleCloudDiscoveryengineV1alphaUpdateSchemaMetadata - description: Metadata for UpdateSchema LRO. + id: GoogleCloudDiscoveryengineV1AssistUserMetadata type: object + description: User metadata of the request. + GoogleCloudDiscoveryengineV1alphaImportCompletionSuggestionsMetadata: properties: createTime: + format: google-datetime + type: string description: Operation create time. + successCount: type: string - format: google-datetime + format: int64 + description: Count of CompletionSuggestions successfully imported. + failureCount: + format: int64 + type: string + description: Count of CompletionSuggestions that failed to be imported. updateTime: + format: google-datetime description: >- Operation last update time. If the operation is done, this is also the finish time. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1alphaUpdateSessionRequest: - id: GoogleCloudDiscoveryengineV1alphaUpdateSessionRequest - description: Request for UpdateSession method. + id: GoogleCloudDiscoveryengineV1alphaImportCompletionSuggestionsMetadata type: object + description: >- + Metadata related to the progress of the ImportCompletionSuggestions + operation. This will be returned by the + google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1alphaIdpConfig: properties: - session: - description: Required. The Session to update. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaSession' - updateMask: - description: >- - Indicates which fields in the provided Session to update. The - following are NOT supported: * Session.name If not set or empty, all - supported fields are updated. + idpType: + enum: + - IDP_TYPE_UNSPECIFIED + - GSUITE + - THIRD_PARTY + description: Identity provider type configured. type: string - format: google-fieldmask - GoogleCloudDiscoveryengineV1alphaUpdateTargetSiteMetadata: - id: GoogleCloudDiscoveryengineV1alphaUpdateTargetSiteMetadata + enumDescriptions: + - Default value. ACL search not enabled. + - Google 1P provider. + - Third party provider. + externalIdpConfig: + description: External Identity provider config. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaIdpConfigExternalIdpConfig + description: Identity Provider Config. + type: object + id: GoogleCloudDiscoveryengineV1alphaIdpConfig + GoogleCloudDiscoveryengineV1BatchCreateTargetSitesRequest: + type: object description: >- - Metadata related to the progress of the - SiteSearchEngineService.UpdateTargetSite operation. This will be - returned by the google.longrunning.Operation.metadata field. + Request message for SiteSearchEngineService.BatchCreateTargetSites + method. + properties: + requests: + type: array + description: >- + Required. The request message specifying the resources to create. A + maximum of 20 TargetSites can be created in a batch. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1CreateTargetSiteRequest + id: GoogleCloudDiscoveryengineV1BatchCreateTargetSitesRequest + GoogleCloudDiscoveryengineV1WidgetConfigHomepageSetting: + properties: + shortcuts: + type: array + description: Optional. The shortcuts to display on the homepage. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigHomepageSettingShortcut type: object + id: GoogleCloudDiscoveryengineV1WidgetConfigHomepageSetting + description: >- + Describes the homepage setting of the widget. It includes all homepage + related settings and configurations, such as shortcuts. + GoogleCloudDiscoveryengineV1Query: + description: Defines a user inputed query. properties: - createTime: - description: Operation create time. + text: + description: Plain text. type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. + queryId: + readOnly: true type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaBatchCreateTargetSiteMetadata: - id: GoogleCloudDiscoveryengineV1betaBatchCreateTargetSiteMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.BatchCreateTargetSites operation. This will be - returned by the google.longrunning.Operation.metadata field. + description: Output only. Unique Id for the query. + id: GoogleCloudDiscoveryengineV1Query + type: object + GoogleCloudDiscoveryengineV1CreateSchemaMetadata: type: object + description: Metadata for Create Schema LRO. + id: GoogleCloudDiscoveryengineV1CreateSchemaMetadata properties: createTime: - description: Operation create time. - type: string format: google-datetime + type: string + description: Operation create time. updateTime: description: >- Operation last update time. If the operation is done, this is also the finish time. type: string format: google-datetime - GoogleCloudDiscoveryengineV1betaBatchCreateTargetSitesResponse: - id: GoogleCloudDiscoveryengineV1betaBatchCreateTargetSitesResponse - description: >- - Response message for SiteSearchEngineService.BatchCreateTargetSites - method. - type: object - properties: - targetSites: - description: TargetSites created. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaTargetSite' - GoogleCloudDiscoveryengineV1betaTargetSite: - id: GoogleCloudDiscoveryengineV1betaTargetSite - description: A target site for the SiteSearchEngine. - type: object + GoogleCloudDiscoveryengineV1AssistantCustomerPolicyModelArmorConfig: properties: - name: - description: >- - Output only. The fully qualified resource name of the target site. - `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/siteSearchEngine/targetSites/{target_site}` - The `target_site_id` is system-generated. - readOnly: true - type: string - providedUriPattern: + responseTemplate: description: >- - Required. Input only. The user provided URI pattern from which the - `generated_uri_pattern` is generated. + Optional. The resource name of the Model Armor template for + sanitizing assistant responses. Format: + `projects/{project}/locations/{location}/templates/{template_id}` If + not specified, no sanitization will be applied to the assistant + response. type: string - type: + userPromptTemplate: description: >- - The type of the target site, e.g., whether the site is to be - included or excluded. + Optional. The resource name of the Model Armor template for + sanitizing user prompts. Format: + `projects/{project}/locations/{location}/templates/{template_id}` If + not specified, no sanitization will be applied to the user prompt. type: string + failureMode: enumDescriptions: + - Unspecified failure mode, default behavior is `FAIL_CLOSED`. - >- - This value is unused. In this case, server behavior defaults to - Type.INCLUDE. - - Include the target site. - - Exclude the target site. + In case of a Model Armor processing failure, the request is + allowed to proceed without any changes. + - >- + In case of a Model Armor processing failure, the request is + rejected. + type: string + description: Optional. Defines the failure mode for Model Armor sanitization. enum: - - TYPE_UNSPECIFIED - - INCLUDE - - EXCLUDE - exactMatch: - description: >- - Immutable. If set to false, a uri_pattern is generated to include - all pages whose address contains the provided_uri_pattern. If set to - true, an uri_pattern is generated to try to be an exact match of the - provided_uri_pattern or just the specific page if the - provided_uri_pattern is a specific one. provided_uri_pattern is - always normalized to generate the URI pattern to be used by the - search engine. - type: boolean - generatedUriPattern: + - FAILURE_MODE_UNSPECIFIED + - FAIL_OPEN + - FAIL_CLOSED + id: GoogleCloudDiscoveryengineV1AssistantCustomerPolicyModelArmorConfig + description: >- + Configuration for customer defined Model Armor templates to be used for + sanitizing user prompts and assistant responses. + type: object + GoogleCloudDiscoveryengineV1EngineChatEngineConfigAgentCreationConfig: + id: GoogleCloudDiscoveryengineV1EngineChatEngineConfigAgentCreationConfig + type: object + properties: + location: description: >- - Output only. This is system-generated based on the - provided_uri_pattern. - readOnly: true + Agent location for Agent creation, supported values: global/us/eu. + If not provided, us Engine will create Agent using us-central-1 by + default; eu Engine will create Agent using eu-west-1 by default. type: string - rootDomainUri: - description: Output only. Root domain of the provided_uri_pattern. - readOnly: true + timeZone: + description: >- + Required. The time zone of the agent from the [time zone + database](https://www.iana.org/time-zones), e.g., America/New_York, + Europe/Paris. type: string - siteVerificationInfo: - description: Output only. Site ownership and validity verification status. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSiteVerificationInfo - indexingStatus: - description: Output only. Indexing status. - readOnly: true + defaultLanguageCode: + description: >- + Required. The default language of the agent as a language tag. See + [Language + Support](https://cloud.google.com/dialogflow/docs/reference/language) + for a list of the currently supported language codes. type: string - enumDescriptions: - - Defaults to SUCCEEDED. - - >- - The target site is in the update queue and will be picked up by - indexing pipeline. - - The target site fails to be indexed. - - The target site has been indexed. - - >- - The previously indexed target site has been marked to be deleted. - This is a transitioning state which will resulted in either: 1. - target site deleted if unindexing is successful; 2. state reverts - to SUCCEEDED if the unindexing fails. - - The target site change is pending but cancellable. - - The target site change is cancelled. - enum: - - INDEXING_STATUS_UNSPECIFIED - - PENDING - - FAILED - - SUCCEEDED - - DELETING - - CANCELLABLE - - CANCELLED - updateTime: - description: Output only. The target site's last updated time. - readOnly: true + business: + description: >- + Name of the company, organization or other entity that the agent + represents. Used for knowledge connector LLM prompt and for + knowledge search. type: string - format: google-datetime - failureReason: - description: Output only. Failure reason. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaTargetSiteFailureReason - GoogleCloudDiscoveryengineV1betaSiteVerificationInfo: - id: GoogleCloudDiscoveryengineV1betaSiteVerificationInfo - description: Verification information for target sites in advanced site search. - type: object + description: >- + Configurations for generating a Dialogflow agent. Note that these + configurations are one-time consumed by and passed to Dialogflow + service. It means they cannot be retrieved using EngineService.GetEngine + or EngineService.ListEngines API after engine creation. + GoogleCloudDiscoveryengineV1betaInterval: properties: - siteVerificationState: - description: Site verification state indicating the ownership and validity. - type: string - enumDescriptions: - - Defaults to VERIFIED. - - Site ownership verified. - - Site ownership pending verification or verification failed. - - >- - Site exempt from verification, e.g., a public website that opens - to all. - enum: - - SITE_VERIFICATION_STATE_UNSPECIFIED - - VERIFIED - - UNVERIFIED - - EXEMPTED - verifyTime: - description: Latest site verification time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaTargetSiteFailureReason: - id: GoogleCloudDiscoveryengineV1betaTargetSiteFailureReason - description: Site search indexing failure reasons. + exclusiveMinimum: + format: double + type: number + description: Exclusive lower bound. + maximum: + type: number + description: Inclusive upper bound. + format: double + exclusiveMaximum: + format: double + type: number + description: Exclusive upper bound. + minimum: + description: Inclusive lower bound. + type: number + format: double + description: A floating point interval. + id: GoogleCloudDiscoveryengineV1betaInterval type: object - properties: - quotaFailure: - description: Failed due to insufficient quota. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaTargetSiteFailureReasonQuotaFailure - GoogleCloudDiscoveryengineV1betaTargetSiteFailureReasonQuotaFailure: - id: GoogleCloudDiscoveryengineV1betaTargetSiteFailureReasonQuotaFailure - description: Failed due to insufficient quota. + GoogleTypeDateTime: + id: GoogleTypeDateTime type: object + description: >- + Represents civil time (or occasionally physical time). This type can + represent a civil time in one of a few possible ways: * When utc_offset + is set and time_zone is unset: a civil time on a calendar day with a + particular offset from UTC. * When time_zone is set and utc_offset is + unset: a civil time on a calendar day in a particular time zone. * When + neither time_zone nor utc_offset is set: a civil time on a calendar day + in local time. The date is relative to the Proleptic Gregorian Calendar. + If year, month, or day are 0, the DateTime is considered not to have a + specific year, month, or day respectively. This type may also be used to + represent a physical time if all the date and time fields are set and + either case of the `time_offset` oneof is set. Consider using + `Timestamp` message for physical time instead. If your use case also + would like to store the user's timezone, that can be done in another + field. This type is more flexible than some applications may want. Make + sure to document and validate your application's limitations. properties: - totalRequiredQuota: + year: + format: int32 description: >- - This number is an estimation on how much total quota this project - needs to successfully complete indexing. + Optional. Year of date. Must be from 1 to 9999, or 0 if specifying a + datetime without a year. + type: integer + seconds: + format: int32 + description: >- + Optional. Seconds of minutes of the time. Must normally be from 0 to + 59, defaults to 0. An API may allow the value 60 if it allows + leap-seconds. + type: integer + hours: + type: integer + format: int32 + description: >- + Optional. Hours of day in 24 hour format. Should be from 0 to 23, + defaults to 0 (midnight). An API may choose to allow the value + "24:00:00" for scenarios like business closing time. + timeZone: + $ref: '#/components/schemas/GoogleTypeTimeZone' + description: Time zone. + minutes: + format: int32 + description: >- + Optional. Minutes of hour of day. Must be from 0 to 59, defaults to + 0. + type: integer + utcOffset: + format: google-duration + description: >- + UTC offset. Must be whole seconds, between -18 hours and +18 hours. + For example, a UTC offset of -4:00 would be represented as { + seconds: -14400 }. type: string - format: int64 - GoogleCloudDiscoveryengineV1betaBatchUpdateUserLicensesMetadata: - id: GoogleCloudDiscoveryengineV1betaBatchUpdateUserLicensesMetadata - description: >- - Metadata related to the progress of the - UserLicenseService.BatchUpdateUserLicenses operation. This will be - returned by the google.longrunning.Operation.metadata field. + day: + type: integer + description: >- + Optional. Day of month. Must be from 1 to 31 and valid for the year + and month, or 0 if specifying a datetime without a day. + format: int32 + nanos: + format: int32 + description: >- + Optional. Fractions of seconds in nanoseconds. Must be from 0 to + 999,999,999, defaults to 0. + type: integer + month: + description: >- + Optional. Month of year. Must be from 1 to 12, or 0 if specifying a + datetime without a month. + format: int32 + type: integer + GoogleCloudDiscoveryengineV1SearchResponseSummaryReferenceChunkContent: type: object + id: GoogleCloudDiscoveryengineV1SearchResponseSummaryReferenceChunkContent properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - successCount: - description: Count of user licenses successfully updated. + content: + description: Chunk textual content. type: string - format: int64 - failureCount: - description: Count of user licenses that failed to be updated. + pageIdentifier: + description: Page identifier. type: string - format: int64 - GoogleCloudDiscoveryengineV1betaBatchUpdateUserLicensesResponse: - id: GoogleCloudDiscoveryengineV1betaBatchUpdateUserLicensesResponse - description: Response message for UserLicenseService.BatchUpdateUserLicenses method. - type: object - properties: - userLicenses: - description: UserLicenses successfully updated. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaUserLicense' - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1betaUserLicense: - id: GoogleCloudDiscoveryengineV1betaUserLicense - description: User License information assigned by the admin. - type: object + description: Chunk content. + GoogleCloudDiscoveryengineV1Sitemap: + id: GoogleCloudDiscoveryengineV1Sitemap + description: A sitemap for the SiteSearchEngine. properties: - userPrincipal: - description: >- - Required. Immutable. The user principal of the User, could be email - address or other prinical identifier. This field is immutable. Admin - assign licenses based on the user principal. - type: string - userProfile: - description: >- - Optional. The user profile. We user user full name(First name + Last - name) as user profile. + uri: type: string - licenseAssignmentState: - description: >- - Output only. License assignment state of the user. If the user is - assigned with a license config, the user login will be assigned with - the license; If the user's license assignment state is unassigned or - unspecified, no license config will be associated to the user; + description: Public URI for the sitemap, e.g. `www.example.com/sitemap.xml`. + name: readOnly: true type: string - enumDescriptions: - - Default value. - - License assigned to the user. - - >- - No license assigned to the user. Deprecated, translated to - NO_LICENSE. - - No license assigned to the user. - - >- - User attempted to login but no license assigned to the user. This - state is only used for no user first time login attempt but cannot - get license assigned. Users already logged in but cannot get - license assigned will be assigned NO_LICENSE state(License could - be unassigned by admin). - - User is blocked from assigning a license. - enum: - - LICENSE_ASSIGNMENT_STATE_UNSPECIFIED - - ASSIGNED - - UNASSIGNED - - NO_LICENSE - - NO_LICENSE_ATTEMPTED_LOGIN - - BLOCKED - licenseConfig: description: >- - Optional. The full resource name of the Subscription(LicenseConfig) - assigned to the user. - type: string + Output only. The fully qualified resource name of the sitemap. + `projects/*/locations/*/collections/*/dataStores/*/siteSearchEngine/sitemaps/*` + The `sitemap_id` suffix is system-generated. createTime: - description: Output only. User created timestamp. readOnly: true type: string format: google-datetime - updateTime: - description: Output only. User update timestamp. - readOnly: true + description: Output only. The sitemap's creation time. + type: object + GoogleCloudDiscoveryengineV1ListControlsResponse: + description: Response for ListControls method. + id: GoogleCloudDiscoveryengineV1ListControlsResponse + properties: + controls: + description: All the Controls for a given data store. + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' + type: array + nextPageToken: + description: Pagination token, if not returned indicates the last page. type: string + type: object + GoogleCloudDiscoveryengineV1alphaUpdateSchemaMetadata: + id: GoogleCloudDiscoveryengineV1alphaUpdateSchemaMetadata + type: object + description: Metadata for UpdateSchema LRO. + properties: + createTime: format: google-datetime - lastLoginTime: - description: >- - Output only. User last logged in time. If the user has not logged in - yet, this field will be empty. - readOnly: true + description: Operation create time. type: string + updateTime: format: google-datetime - GoogleCloudDiscoveryengineV1betaControl: - id: GoogleCloudDiscoveryengineV1betaControl + type: string + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + GoogleCloudDiscoveryengineV1alphaImportDocumentsResponse: description: >- - Defines a conditioned behavior to employ during serving. Must be - attached to a ServingConfig to be considered at serving time. Permitted - actions dependent on `SolutionType`. - type: object + Response of the ImportDocumentsRequest. If the long running operation is + done, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. properties: - boostAction: - description: Defines a boost-type control + errorSamples: + description: A sample of errors encountered while processing the request. + type: array + items: + $ref: '#/components/schemas/GoogleRpcStatus' + errorConfig: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaControlBoostAction - filterAction: + #/components/schemas/GoogleCloudDiscoveryengineV1alphaImportErrorConfig description: >- - Defines a filter-type control Currently not supported by - Recommendation - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaControlFilterAction - redirectAction: - description: Defines a redirect-type control. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaControlRedirectAction - synonymsAction: - description: Treats a group of terms as synonyms of one another. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaControlSynonymsAction - promoteAction: - description: Promote certain links based on predefined trigger queries. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaControlPromoteAction - name: + Echoes the destination for the complete errors in the request if + set. + type: object + id: GoogleCloudDiscoveryengineV1alphaImportDocumentsResponse + GoogleCloudDiscoveryengineV1betaSearchRequestFacetSpecFacetKey: + type: object + description: Specifies how a facet is computed. + properties: + contains: description: >- - Immutable. Fully qualified name - `projects/*/locations/global/dataStore/*/controls/*` - type: string - displayName: + Only get facet values that contain the given strings. For example, + suppose "category" has three values "Action > 2022", "Action > 2021" + and "Sci-Fi > 2022". If set "contains" to "2022", the "category" + facet only contains "Action > 2022" and "Sci-Fi > 2022". Only + supported on textual fields. Maximum is 10. + items: + type: string + type: array + key: description: >- - Required. Human readable name. The identifier used in UI views. Must - be UTF-8 encoded string. Length limit is 128 characters. Otherwise - an INVALID ARGUMENT error is thrown. + Required. Supported textual and numerical facet keys in Document + object, over which the facet values are computed. Facet key is + case-sensitive. type: string - associatedServingConfigIds: + prefixes: description: >- - Output only. List of all ServingConfig IDs this control is attached - to. May take up to 10 minutes to update after changes. - readOnly: true + Only get facet values that start with the given string prefix. For + example, suppose "category" has three values "Action > 2022", + "Action > 2021" and "Sci-Fi > 2022". If set "prefixes" to "Action", + the "category" facet only contains "Action > 2022" and "Action > + 2021". Only supported on textual fields. Maximum is 10. type: array items: type: string - solutionType: + restrictedValues: + items: + type: string + type: array description: >- - Required. Immutable. What solution the control belongs to. Must be - compatible with vertical of resource. Otherwise an INVALID ARGUMENT - error is thrown. + Only get facet for the given restricted values. Only supported on + textual fields. For example, suppose "category" has three values + "Action > 2022", "Action > 2021" and "Sci-Fi > 2022". If set + "restricted_values" to "Action > 2022", the "category" facet only + contains "Action > 2022". Only supported on textual fields. Maximum + is 10. + orderBy: type: string - enumDescriptions: - - Default value. - - Used for Recommendations AI. - - Used for Discovery Search. - - Used for use cases related to the Generative AI agent. - - >- - Used for use cases related to the Generative Chat agent. It's used - for Generative chat engine only, the associated data stores must - enrolled with `SOLUTION_TYPE_CHAT` solution. - enum: - - SOLUTION_TYPE_UNSPECIFIED - - SOLUTION_TYPE_RECOMMENDATION - - SOLUTION_TYPE_SEARCH - - SOLUTION_TYPE_CHAT - - SOLUTION_TYPE_GENERATIVE_CHAT - useCases: description: >- - Specifies the use case for the control. Affects what condition - fields can be set. Only applies to SOLUTION_TYPE_SEARCH. Currently - only allow one use case per control. Must be set when solution_type - is SolutionType.SOLUTION_TYPE_SEARCH. + The order in which documents are returned. Allowed values are: * + "count desc", which means order by SearchResponse.Facet.values.count + descending. * "value desc", which means order by + SearchResponse.Facet.values.value descending. Only applies to + textual facets. If not set, textual values are sorted in [natural + order](https://en.wikipedia.org/wiki/Natural_sort_order); numerical + intervals are sorted in the order given by + FacetSpec.FacetKey.intervals. + intervals: type: array + description: >- + Set only if values should be bucketed into intervals. Must be set + for facets with numerical values. Must not be set for facet with + text values. Maximum number of intervals is 30. items: - type: string - enumDescriptions: - - Value used when unset. Will not occur in CSS. - - Search use case. Expects the traffic has a non-empty query. - - Browse use case. Expects the traffic has an empty query. - enum: - - SEARCH_USE_CASE_UNSPECIFIED - - SEARCH_USE_CASE_SEARCH - - SEARCH_USE_CASE_BROWSE - conditions: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaInterval' + caseInsensitive: + type: boolean description: >- - Determines when the associated action will trigger. Omit to always - apply the action. Currently only a single condition may be - specified. Otherwise an INVALID ARGUMENT error is thrown. + True to make facet keys case insensitive when getting faceting + values with prefixes or contains; false otherwise. + id: GoogleCloudDiscoveryengineV1betaSearchRequestFacetSpecFacetKey + GoogleCloudDiscoveryengineV1AssistAnswerCustomerPolicyEnforcementResultBannedPhraseEnforcementResult: + description: Customer policy enforcement result for the banned phrase policy. + properties: + bannedPhrases: type: array + description: The banned phrases that were found in the query or the answer. items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaCondition' - GoogleCloudDiscoveryengineV1betaControlBoostAction: - id: GoogleCloudDiscoveryengineV1betaControlBoostAction - description: Adjusts order of products in returned list. + type: string type: object + id: >- + GoogleCloudDiscoveryengineV1AssistAnswerCustomerPolicyEnforcementResultBannedPhraseEnforcementResult + GoogleCloudDiscoveryengineV1ActionConfig: properties: - fixedBoost: - description: >- - Optional. Strength of the boost, which should be in [-1, 1]. - Negative boost means demotion. Default is 0.0 (No-op). - type: number - format: float - interpolationBoostSpec: - description: >- - Optional. Complex specification for custom ranking based on customer - defined attribute value. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaControlBoostActionInterpolationBoostSpec - boost: + jsonActionParams: + type: string + description: Optional. Action parameters in json string format. + isActionConfigured: description: >- - Strength of the boost, which should be in [-1, 1]. Negative boost - means demotion. Default is 0.0 (No-op). - deprecated: true - type: number - format: float - filter: + Output only. The connector contains the necessary parameters and is + configured to support actions. + type: boolean + readOnly: true + actionParams: + description: Optional. Action parameters in structured json format. + type: object + additionalProperties: + type: any + description: Properties of the object. + useStaticSecrets: + type: boolean description: >- - Required. Specifies which products to apply the boost to. If no - filter is provided all products will be boosted (No-op). Syntax - documentation: https://cloud.google.com/retail/docs/filter-and-order - Maximum length is 5000 characters. Otherwise an INVALID ARGUMENT - error is thrown. + Optional. Whether to use static secrets for the connector. If true, + the secrets provided in the action_params will be ignored. + serviceName: type: string - dataStore: description: >- - Required. Specifies which data store's documents can be boosted by - this control. Full data store name e.g. - projects/123/locations/global/collections/default_collection/dataStores/default_data_store - type: string - GoogleCloudDiscoveryengineV1betaControlBoostActionInterpolationBoostSpec: - id: GoogleCloudDiscoveryengineV1betaControlBoostActionInterpolationBoostSpec - description: >- - Specification for custom ranking based on customer specified attribute - value. It provides more controls for customized ranking than the simple - (condition, boost) combination above. + Optional. The Service Directory resource name + (projects/*/locations/*/namespaces/*/services/*) representing a VPC + network endpoint used to connect to the data source's + `instance_uri`, defined in DataConnector.params. Required when VPC + Service Controls are enabled. + id: GoogleCloudDiscoveryengineV1ActionConfig + description: Informations to support actions on the connector. + type: object + GoogleCloudDiscoveryengineV1alphaDataStoreServingConfigDataStore: type: object + id: GoogleCloudDiscoveryengineV1alphaDataStoreServingConfigDataStore properties: - fieldName: - description: >- - Optional. The name of the field whose value will be used to - determine the boost amount. - type: string - attributeType: + disabledForServing: + type: boolean description: >- - Optional. The attribute type to be used to determine the boost - amount. The attribute value can be derived from the field value of - the specified field_name. In the case of numerical it is - straightforward i.e. attribute_value = numerical_field_value. In the - case of freshness however, attribute_value = (time.now() - - datetime_field_value). + Optional. If set true, the DataStore will not be available for + serving search requests. + description: >- + Stores information regarding the serving configurations at DataStore + level. + GoogleCloudDiscoveryengineV1alphaCrawlRateTimeSeries: + id: GoogleCloudDiscoveryengineV1alphaCrawlRateTimeSeries + properties: + qpsTimeSeries: + $ref: '#/components/schemas/GoogleMonitoringV3TimeSeries' + description: The QPS of the crawl rate. + type: object + description: The historical crawl rate timeseries data, used for monitoring. + GoogleCloudDiscoveryengineV1alphaConnectorRun: + properties: + state: type: string + readOnly: true enumDescriptions: - - Unspecified AttributeType. + - Default value. + - The data sync is ongoing. + - The data sync is finished. + - The data sync is failed. - >- - The value of the numerical field will be used to dynamically - update the boost amount. In this case, the attribute_value (the x - value) of the control point will be the actual value of the - numerical field for which the boost_amount is specified. + Data sync has been running longer than expected and is still + running at the time the next run is supposed to start. + - Data sync was scheduled but has been cancelled. + - Data sync is about to start. + - The data sync completed with non-fatal errors. - >- - For the freshness use case the attribute value will be the - duration between the current time and the date in the datetime - field specified. The value must be formatted as an XSD - `dayTimeDuration` value (a restricted subset of an ISO 8601 - duration value). The pattern for this is: `nDnM]`. For example, - `5D`, `3DT12H30M`, `T24H`. + An ongoing connector run has been running longer than expected, + causing this run to be skipped. + description: Output only. The state of the sync run. enum: - - ATTRIBUTE_TYPE_UNSPECIFIED - - NUMERICAL - - FRESHNESS - interpolationType: + - STATE_UNSPECIFIED + - RUNNING + - SUCCEEDED + - FAILED + - OVERRUN + - CANCELLED + - PENDING + - WARNING + - SKIPPED + endTime: + type: string + format: google-datetime + description: Output only. The time when the connector run ended. + readOnly: true + name: + readOnly: true description: >- - Optional. The interpolation type to be applied to connect the - control points listed below. + Output only. The full resource name of the Connector Run. Format: + `projects/*/locations/*/collections/*/dataConnector/connectorRuns/*`. + The `connector_run_id` is system-generated. type: string - enumDescriptions: - - >- - Interpolation type is unspecified. In this case, it defaults to - Linear. - - Piecewise linear interpolation will be applied. - enum: - - INTERPOLATION_TYPE_UNSPECIFIED - - LINEAR - controlPoints: + stateUpdateTime: + type: string + format: google-datetime + description: Timestamp at which the connector run sync state was last updated. + latestPauseTime: + type: string + readOnly: true + format: google-datetime description: >- - Optional. The control points used to define the curve. The monotonic - function (defined through the interpolation_type above) passes - through the control points listed here. + Output only. The time when the connector run was most recently + paused. + entityRuns: type: array items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaControlBoostActionInterpolationBoostSpecControlPoint - GoogleCloudDiscoveryengineV1betaControlBoostActionInterpolationBoostSpecControlPoint: - id: >- - GoogleCloudDiscoveryengineV1betaControlBoostActionInterpolationBoostSpecControlPoint - description: >- - The control points used to define the curve. The curve defined through - these control points can only be monotonically increasing or - decreasing(constant values are acceptable). + #/components/schemas/GoogleCloudDiscoveryengineV1alphaConnectorRunEntityRun + readOnly: true + description: >- + Output only. The details of the entities synced at the ConnectorRun. + Each ConnectorRun consists of syncing one or more entities. + errors: + items: + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + description: >- + Contains info about errors incurred during the sync. Only exist if + running into an error state. Contains error code and error message. + Use with the `state` field. + trigger: + description: Output only. The trigger for this ConnectorRun. + type: string + enum: + - TRIGGER_UNSPECIFIED + - SCHEDULER + - INITIALIZATION + - RESUME + - MANUAL + readOnly: true + enumDescriptions: + - Default value. + - >- + ConnectorRun triggered by scheduler if connector has PERIODIC sync + mode. + - ConnectorRun auto triggered by connector initialization. + - ConnectorRun auto triggered by resuming connector. + - ConnectorRun triggered by user manually. + startTime: + readOnly: true + type: string + description: Output only. The time when the connector run started. + format: google-datetime + id: GoogleCloudDiscoveryengineV1alphaConnectorRun type: object + description: >- + A data sync run of DataConnector. After DataConnector is successfully + initialized, data syncs are scheduled at DataConnector.refresh_interval. + A ConnectorRun represents a data sync either in the past or onging that + the moment. // + GoogleCloudDiscoveryengineV1TargetSiteFailureReasonQuotaFailure: + description: Failed due to insufficient quota. + id: GoogleCloudDiscoveryengineV1TargetSiteFailureReasonQuotaFailure properties: - attributeValue: + totalRequiredQuota: + format: int64 description: >- - Optional. Can be one of: 1. The numerical field value. 2. The - duration spec for freshness: The value must be formatted as an XSD - `dayTimeDuration` value (a restricted subset of an ISO 8601 duration - value). The pattern for this is: `nDnM]`. + This number is an estimation on how much total quota this project + needs to successfully complete indexing. type: string - boostAmount: - description: >- - Optional. The value between -1 to 1 by which to boost the score if - the attribute_value evaluates to the value specified above. - type: number - format: float - GoogleCloudDiscoveryengineV1betaControlFilterAction: - id: GoogleCloudDiscoveryengineV1betaControlFilterAction - description: >- - Specified which products may be included in results. Uses same filter as - boost. type: object + GoogleCloudDiscoveryengineV1alphaHealthcareFhirConfig: + id: GoogleCloudDiscoveryengineV1alphaHealthcareFhirConfig properties: - filter: + enableConfigurableSchema: + type: boolean description: >- - Required. A filter to apply on the matching condition results. - Required Syntax documentation: - https://cloud.google.com/retail/docs/filter-and-order Maximum length - is 5000 characters. Otherwise an INVALID ARGUMENT error is thrown. - type: string - dataStore: + Whether to enable configurable schema for `HEALTHCARE_FHIR` + vertical. If set to `true`, the predefined healthcare fhir schema + can be extended for more customized searching and filtering. + enableStaticIndexingForBatchIngestion: + type: boolean description: >- - Required. Specifies which data store's documents can be filtered by - this control. Full data store name e.g. - projects/123/locations/global/collections/default_collection/dataStores/default_data_store - type: string - GoogleCloudDiscoveryengineV1betaControlRedirectAction: - id: GoogleCloudDiscoveryengineV1betaControlRedirectAction - description: Redirects a shopper to the provided URI. + Whether to enable static indexing for `HEALTHCARE_FHIR` batch + ingestion. If set to `true`, the batch ingestion will be processed + in a static indexing mode which is slower but more capable of + handling larger volume. + description: Config to data store for `HEALTHCARE_FHIR` vertical. type: object + GoogleCloudDiscoveryengineV1DisableAdvancedSiteSearchMetadata: properties: - redirectUri: + updateTime: + type: string + format: google-datetime description: >- - Required. The URI to which the shopper will be redirected. Required. - URI must have length equal or less than 2000 characters. Otherwise - an INVALID ARGUMENT error is thrown. + Operation last update time. If the operation is done, this is also + the finish time. + createTime: type: string - GoogleCloudDiscoveryengineV1betaControlSynonymsAction: - id: GoogleCloudDiscoveryengineV1betaControlSynonymsAction + description: Operation create time. + format: google-datetime description: >- - Creates a set of terms that will act as synonyms of one another. - Example: "happy" will also be considered as "glad", "glad" will also be - considered as "happy". + Metadata related to the progress of the + SiteSearchEngineService.DisableAdvancedSiteSearch operation. This will + be returned by the google.longrunning.Operation.metadata field. + type: object + id: GoogleCloudDiscoveryengineV1DisableAdvancedSiteSearchMetadata + GoogleCloudDiscoveryengineV1PurgeSuggestionDenyListEntriesResponse: type: object + id: GoogleCloudDiscoveryengineV1PurgeSuggestionDenyListEntriesResponse properties: - synonyms: - description: >- - Defines a set of synonyms. Can specify up to 100 synonyms. Must - specify at least 2 synonyms. Otherwise an INVALID ARGUMENT error is - thrown. - type: array + errorSamples: + description: A sample of errors encountered while processing the request. items: - type: string - GoogleCloudDiscoveryengineV1betaControlPromoteAction: - id: GoogleCloudDiscoveryengineV1betaControlPromoteAction + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + purgeCount: + type: string + description: Number of suggestion deny list entries purged. + format: int64 description: >- - Promote certain links based on some trigger queries. Example: Promote - shoe store link when searching for `shoe` keyword. The link can be - outside of associated data store. + Response message for CompletionService.PurgeSuggestionDenyListEntries + method. + GoogleCloudDiscoveryengineV1betaEnableAdvancedSiteSearchResponse: + properties: {} + id: GoogleCloudDiscoveryengineV1betaEnableAdvancedSiteSearchResponse type: object + description: >- + Response message for SiteSearchEngineService.EnableAdvancedSiteSearch + method. + GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponsePersonSuggestion: properties: dataStore: - description: Required. Data store with which this promotion is attached to. type: string - searchLinkPromotion: - description: Required. Promotion attached to this action. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchLinkPromotion - GoogleCloudDiscoveryengineV1betaSearchLinkPromotion: - id: GoogleCloudDiscoveryengineV1betaSearchLinkPromotion - description: >- - Promotion proto includes uri and other helping information to display - the promotion. - type: object - properties: - title: - description: >- - Required. The title of the promotion. Maximum length: 160 - characters. + description: The name of the dataStore that this suggestion belongs to. + score: + format: double + description: The score of each suggestion. The score is in the range of [0, 1]. + type: number + displayPhotoUri: type: string - uri: - description: >- - Optional. The URL for the page the user wants to promote. Must be - set for site search. For other verticals, this is optional. + description: The photo uri of the person suggestion. + destinationUri: + description: The destination uri of the person suggestion. type: string document: description: >- - Optional. The Document the user wants to promote. For site search, - leave unset and only populate uri. Can be set along with uri. - type: string - imageUri: - description: Optional. The promotion thumbnail image url. + The document data snippet in the suggestion. Only a subset of fields + is populated. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' + suggestion: type: string - description: - description: 'Optional. The Promotion description. Maximum length: 200 characters.' + description: The suggestion for the query. + personType: + enum: + - PERSON_TYPE_UNSPECIFIED + - CLOUD_IDENTITY + - THIRD_PARTY_IDENTITY + enumDescriptions: + - Default value. + - The suggestion is from a GOOGLE_IDENTITY source. + - The suggestion is from a THIRD_PARTY_IDENTITY source. type: string - enabled: - description: >- - Optional. The enabled promotion will be returned for any serving - configs associated with the parent of the control this promotion is - attached to. This flag is used for basic site search only. - type: boolean - GoogleCloudDiscoveryengineV1betaCondition: - id: GoogleCloudDiscoveryengineV1betaCondition - description: Defines circumstances to be checked before allowing a behavior + description: The type of the person. + id: >- + GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponsePersonSuggestion + description: Suggestions as people. type: object + GoogleCloudDiscoveryengineV1alphaImportUserEventsResponse: + id: GoogleCloudDiscoveryengineV1alphaImportUserEventsResponse + description: >- + Response of the ImportUserEventsRequest. If the long running operation + was successful, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. properties: - queryTerms: - description: >- - Search only A list of terms to match the query on. Cannot be set - when Condition.query_regex is set. Maximum of 10 query terms. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaConditionQueryTerm - activeTimeRange: + errorConfig: description: >- - Range of time(s) specifying when condition is active. Maximum of 10 - time ranges. + Echoes the destination for the complete errors if this field was set + in the request. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaImportErrorConfig + joinedEventsCount: + type: string + format: int64 + description: Count of user events imported with complete existing Documents. + errorSamples: + description: A sample of errors encountered while processing the request. type: array items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaConditionTimeRange - queryRegex: + $ref: '#/components/schemas/GoogleRpcStatus' + unjoinedEventsCount: + format: int64 description: >- - Optional. Query regex to match the whole search query. Cannot be set - when Condition.query_terms is set. Only supported for Basic Site - Search promotion serving controls. + Count of user events imported, but with Document information not + found in the existing Branch. type: string - GoogleCloudDiscoveryengineV1betaConditionQueryTerm: - id: GoogleCloudDiscoveryengineV1betaConditionQueryTerm - description: Matcher for search request query + type: object + GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig: type: object properties: - value: + chunkSize: + type: integer description: >- - The specific query value to match against Must be lowercase, must be - UTF-8. Can have at most 3 space separated terms if full_match is - true. Cannot be an empty string. Maximum length of 5000 characters. - type: string - fullMatch: - description: Whether the search query needs to exactly match the query term. + The token size limit for each chunk. Supported values: 100-500 + (inclusive). Default value: 500. + format: int32 + includeAncestorHeadings: + description: >- + Whether to include appending different levels of headings to chunks + from the middle of the document to prevent context loss. Default + value: False. type: boolean - GoogleCloudDiscoveryengineV1betaConditionTimeRange: - id: GoogleCloudDiscoveryengineV1betaConditionTimeRange - description: Used for time-dependent conditions. - type: object + id: >- + GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig + description: Configuration for the layout based chunking. + GoogleCloudDiscoveryengineV1betaSetDedicatedCrawlRateResponse: properties: - startTime: - description: Start of time range. Range is inclusive. - type: string - format: google-datetime - endTime: - description: End of time range. Range is inclusive. Must be in the future. + error: + $ref: '#/components/schemas/GoogleRpcStatus' + description: Errors from service when handling the request. + state: + readOnly: true + enum: + - STATE_UNSPECIFIED + - SUCCEEDED + - FAILED type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaCreateDataStoreMetadata: - id: GoogleCloudDiscoveryengineV1betaCreateDataStoreMetadata - description: >- - Metadata related to the progress of the DataStoreService.CreateDataStore - operation. This will be returned by the - google.longrunning.Operation.metadata field. + enumDescriptions: + - The state is unspecified. + - The state is successful. + - The state is failed. + description: Output only. The state of the response. type: object - properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaCreateEngineMetadata: - id: GoogleCloudDiscoveryengineV1betaCreateEngineMetadata + id: GoogleCloudDiscoveryengineV1betaSetDedicatedCrawlRateResponse description: >- - Metadata related to the progress of the EngineService.CreateEngine - operation. This will be returned by the - google.longrunning.Operation.metadata field. - type: object + Response message for CrawlRateManagementService.SetDedicatedCrawlRate + method. It simply returns the state of the response, and an error + message if the state is FAILED. + GoogleCloudDiscoveryengineV1ServingConfigMediaConfig: properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + contentWatchedPercentageThreshold: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Specifies the content watched percentage threshold for demotion. + Threshold value must be between [0, 1.0] inclusive. + type: number + format: float + demoteContentWatchedPastDays: + description: >- + Optional. Specifies the number of days to look back for demoting + watched content. If set to zero or unset, defaults to the maximum of + 365 days. + format: int32 + type: integer + contentWatchedSecondsThreshold: + type: number + format: float + description: Specifies the content watched minutes threshold for demotion. + contentFreshnessCutoffDays: + description: >- + Specifies the content freshness used for recommendation result. + Contents will be demoted if contents were published for more than + content freshness cutoff days. + format: int32 + type: integer + demotionEventType: + description: >- + Specifies the event type used for demoting recommendation result. + Currently supported values: * `view-item`: Item viewed. * + `media-play`: Start/resume watching a video, playing a song, etc. * + `media-complete`: Finished or stopped midway through a video, song, + etc. If unset, watch history demotion will not be applied. Content + freshness demotion will still be applied. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaCreateEvaluationMetadata: - id: GoogleCloudDiscoveryengineV1betaCreateEvaluationMetadata - description: Metadata for EvaluationService.CreateEvaluation method. type: object + description: >- + Specifies the configurations needed for Media Discovery. Currently we + support: * `demote_content_watched`: Threshold for watched content + demotion. Customers can specify if using watched content demotion or use + viewed detail page. Using the content watched demotion, customers need + to specify the watched minutes or percentage exceeds the threshold, the + content will be demoted in the recommendation result. * + `promote_fresh_content`: cutoff days for fresh content promotion. + Customers can specify if using content freshness promotion. If the + content was published within the cutoff days, the content will be + promoted in the recommendation result. Can only be set if SolutionType + is SOLUTION_TYPE_RECOMMENDATION. + id: GoogleCloudDiscoveryengineV1ServingConfigMediaConfig + GoogleCloudDiscoveryengineV1betaTuneEngineResponse: + type: object + id: GoogleCloudDiscoveryengineV1betaTuneEngineResponse + description: Response associated with a tune operation. properties: {} - GoogleCloudDiscoveryengineV1betaCreateSchemaMetadata: - id: GoogleCloudDiscoveryengineV1betaCreateSchemaMetadata - description: Metadata for Create Schema LRO. + GoogleApiMonitoredResource: type: object properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + type: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Required. The monitored resource type. This field must match the + `type` field of a MonitoredResourceDescriptor object. For example, + the type of a Compute Engine VM instance is `gce_instance`. Some + descriptors include the service name in the type; for example, the + type of a Datastream stream is `datastream.googleapis.com/Stream`. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaCreateSitemapMetadata: - id: GoogleCloudDiscoveryengineV1betaCreateSitemapMetadata + labels: + description: >- + Required. Values for all of the labels listed in the associated + monitored resource descriptor. For example, Compute Engine VM + instances use the labels `"project_id"`, `"instance_id"`, and + `"zone"`. + type: object + additionalProperties: + type: string description: >- - Metadata related to the progress of the - SiteSearchEngineService.CreateSitemap operation. This will be returned - by the google.longrunning.Operation.metadata field. + An object representing a resource that can be used for monitoring, + logging, billing, or other purposes. Examples include virtual machine + instances, databases, and storage devices such as disks. The `type` + field identifies a MonitoredResourceDescriptor object that describes the + resource's schema. Information in the `labels` field identifies the + actual resource and its attributes according to the schema. For example, + a particular Compute Engine VM instance could be represented by the + following object, because the MonitoredResourceDescriptor for + `"gce_instance"` has labels `"project_id"`, `"instance_id"` and + `"zone"`: { "type": "gce_instance", "labels": { "project_id": + "my-project", "instance_id": "12345678901234", "zone": "us-central1-a" + }} + id: GoogleApiMonitoredResource + GoogleCloudDiscoveryengineV1alphaSearchRequestCrowdingSpec: type: object + description: >- + Specification for crowding. Crowding improves the diversity of search + results by limiting the number of results that share the same field + value. For example, crowding on the color field with a max_count of 3 + and mode DROP_CROWDED_RESULTS will return at most 3 results with the + same color across all pages. properties: - createTime: - description: Operation create time. + field: type: string - format: google-datetime - updateTime: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + The field to use for crowding. Documents can be crowded by a field + in the Document object. Crowding field is case sensitive. + mode: + description: Mode to use for documents that are crowded away. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaCreateTargetSiteMetadata: - id: GoogleCloudDiscoveryengineV1betaCreateTargetSiteMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.CreateTargetSite operation. This will be - returned by the google.longrunning.Operation.metadata field. - type: object + enumDescriptions: + - >- + Unspecified crowding mode. In this case, server behavior defaults + to Mode.DROP_CROWDED_RESULTS. + - Drop crowded results. + - Demote crowded results to the later pages. + enum: + - MODE_UNSPECIFIED + - DROP_CROWDED_RESULTS + - DEMOTE_CROWDED_RESULTS_TO_END + maxCount: + description: >- + The maximum number of documents to keep per value of the field. Once + there are at least max_count previous results which contain the same + value for the given field (according to the order specified in + `order_by`), later results with the same value are "crowded away". + If not specified, the default value is 1. + type: integer + format: int32 + id: GoogleCloudDiscoveryengineV1alphaSearchRequestCrowdingSpec + GoogleCloudDiscoveryengineV1DocumentProcessingConfigChunkingConfig: + description: Configuration for chunking config. + id: GoogleCloudDiscoveryengineV1DocumentProcessingConfigChunkingConfig properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaDataStore: - id: GoogleCloudDiscoveryengineV1betaDataStore - description: DataStore captures global settings and configs at the DataStore level. + layoutBasedChunkingConfig: + description: Configuration for the layout based chunking. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1DocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig type: object + GoogleCloudDiscoveryengineV1betaProjectCustomerProvidedConfigNotebooklmConfig: + type: object + id: >- + GoogleCloudDiscoveryengineV1betaProjectCustomerProvidedConfigNotebooklmConfig properties: - name: - description: >- - Immutable. Identifier. The full resource name of the data store. - Format: - `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}`. - This field must be a UTF-8 encoded string with a length limit of - 1024 characters. - type: string - displayName: + optOutNotebookSharing: + type: boolean description: >- - Required. The data store display name. This field must be a UTF-8 - encoded string with a length limit of 128 characters. Otherwise, an - INVALID_ARGUMENT error is returned. - type: string - industryVertical: - description: Immutable. The industry vertical that the data store registers. - type: string - enumDescriptions: - - Value used when unset. - - >- - The generic vertical for documents that are not specific to any - industry vertical. - - The media industry vertical. - - The healthcare FHIR vertical. - enum: - - INDUSTRY_VERTICAL_UNSPECIFIED - - GENERIC - - MEDIA - - HEALTHCARE_FHIR - solutionTypes: + Optional. Whether to disable the notebook sharing feature for the + project. Default to false if not specified. + modelArmorConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaProjectCustomerProvidedConfigNotebooklmConfigModelArmorConfig description: >- - The solutions that the data store enrolls. Available solutions for - each industry_vertical: * `MEDIA`: `SOLUTION_TYPE_RECOMMENDATION` - and `SOLUTION_TYPE_SEARCH`. * `SITE_SEARCH`: `SOLUTION_TYPE_SEARCH` - is automatically enrolled. Other solutions cannot be enrolled. + Model Armor configuration to be used for sanitizing user prompts and + LLM responses. + description: Configuration for NotebookLM. + GoogleCloudDiscoveryengineV1AssistantCustomerPolicy: + id: GoogleCloudDiscoveryengineV1AssistantCustomerPolicy + description: Customer-defined policy for the assistant. + properties: + bannedPhrases: + description: Optional. List of banned phrases. type: array items: - type: string - enumDescriptions: - - Default value. - - Used for Recommendations AI. - - Used for Discovery Search. - - Used for use cases related to the Generative AI agent. - - >- - Used for use cases related to the Generative Chat agent. It's - used for Generative chat engine only, the associated data stores - must enrolled with `SOLUTION_TYPE_CHAT` solution. - enum: - - SOLUTION_TYPE_UNSPECIFIED - - SOLUTION_TYPE_RECOMMENDATION - - SOLUTION_TYPE_SEARCH - - SOLUTION_TYPE_CHAT - - SOLUTION_TYPE_GENERATIVE_CHAT - defaultSchemaId: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AssistantCustomerPolicyBannedPhrase + modelArmorConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AssistantCustomerPolicyModelArmorConfig description: >- - Output only. The id of the default Schema associated to this data - store. - readOnly: true - type: string - contentConfig: + Optional. Model Armor configuration to be used for sanitizing user + prompts and assistant responses. + type: object + GoogleCloudDiscoveryengineV1betaSearchRequestSpellCorrectionSpec: + id: GoogleCloudDiscoveryengineV1betaSearchRequestSpellCorrectionSpec + properties: + mode: description: >- - Immutable. The content config of the data store. If this field is - unset, the server behavior defaults to ContentConfig.NO_CONTENT. - type: string + The mode under which spell correction replaces the original search + query. Defaults to Mode.AUTO. enumDescriptions: - - Default value. - - Only contains documents without any Document.content. - - Only contains documents with Document.content. - - The data store is used for public website search. - >- - The data store is used for workspace search. Details of workspace - data store are specified in the WorkspaceConfig. + Unspecified spell correction mode. In this case, server behavior + defaults to Mode.AUTO. + - >- + Search API tries to find a spelling suggestion. If a suggestion is + found, it is put in the SearchResponse.corrected_query. The + spelling suggestion won't be used as the search query. + - >- + Automatic spell correction built by the Search API. Search will be + based on the corrected query if found. enum: - - CONTENT_CONFIG_UNSPECIFIED - - NO_CONTENT - - CONTENT_REQUIRED - - PUBLIC_WEBSITE - - GOOGLE_WORKSPACE - createTime: - description: Output only. Timestamp the DataStore was created at. - readOnly: true + - MODE_UNSPECIFIED + - SUGGESTION_ONLY + - AUTO type: string - format: google-datetime - advancedSiteSearchConfig: - description: Optional. Configuration for advanced site search. + description: The specification for query spell correction. + type: object + GoogleCloudDiscoveryengineV1alphaOrganicCrawlRateTimeSeries: + type: object + properties: + googleOrganicCrawlRate: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaAdvancedSiteSearchConfig - languageInfo: - description: Language info for DataStore. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaLanguageInfo' - naturalLanguageQueryUnderstandingConfig: - description: Optional. Configuration for Natural Language Query Understanding. + #/components/schemas/GoogleCloudDiscoveryengineV1alphaCrawlRateTimeSeries + description: >- + Google's organic crawl rate time series, which is the sum of all + googlebots' crawl rate. Please refer to + https://developers.google.com/search/docs/crawling-indexing/overview-google-crawlers + for more details about googlebots. + vertexAiOrganicCrawlRate: + description: >- + Vertex AI's organic crawl rate time series, which is the crawl rate + of Google-CloudVertexBot when dedicate crawl is not set. Please + refer to + https://developers.google.com/search/docs/crawling-indexing/google-common-crawlers#google-cloudvertexbot + for more details about Google-CloudVertexBot. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaNaturalLanguageQueryUnderstandingConfig - kmsKeyName: + #/components/schemas/GoogleCloudDiscoveryengineV1alphaCrawlRateTimeSeries + id: GoogleCloudDiscoveryengineV1alphaOrganicCrawlRateTimeSeries + description: >- + The historical organic crawl rate timeseries data, used for monitoring. + Organic crawl is auto-determined by Google to crawl the user's website + when dedicate crawl is not set. Crawl rate is the QPS of crawl request + Google sends to the user's website. + GoogleCloudDiscoveryengineV1AnswerQueryRequest: + id: GoogleCloudDiscoveryengineV1AnswerQueryRequest + type: object + properties: + userLabels: + type: object description: >- - Input only. The KMS key to be used to protect this DataStore at - creation time. Must be set for requests that need to comply with - CMEK Org Policy protections. If this field is set and processed - successfully, the DataStore will be protected by the KMS key, as - indicated in the cmek_config field. - type: string - cmekConfig: - description: Output only. CMEK-related information for the DataStore. - readOnly: true - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaCmekConfig' - billingEstimation: - description: Output only. Data size estimation for billing. - readOnly: true + The user labels applied to a resource must meet the following + requirements: * Each resource can have multiple labels, up to a + maximum of 64. * Each label must be a key-value pair. * Keys have a + minimum length of 1 character and a maximum length of 63 characters + and cannot be empty. Values can be empty and have a maximum length + of 63 characters. * Keys and values can contain only lowercase + letters, numeric characters, underscores, and dashes. All characters + must use UTF-8 encoding, and international characters are allowed. * + The key portion of a label must be unique. However, you can use the + same key with multiple resources. * Keys must start with a lowercase + letter or international character. See [Google Cloud + Document](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) + for more details. + additionalProperties: + type: string + searchSpec: + description: Search specification. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaDataStoreBillingEstimation - aclEnabled: + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpec + query: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Query' + description: Required. Current user query. + endUserSpec: + description: Optional. End user specification. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestEndUserSpec + queryUnderstandingSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestQueryUnderstandingSpec + description: Query understanding specification. + relatedQuestionsSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestRelatedQuestionsSpec + description: Related questions specification. + safetySpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestSafetySpec + description: Model specification. + asynchronousMode: description: >- - Immutable. Whether data in the DataStore has ACL information. If set - to `true`, the source data must have ACL. ACL will be ingested when - data is ingested by DocumentService.ImportDocuments methods. When - ACL is enabled for the DataStore, Document can't be accessed by - calling DocumentService.GetDocument or - DocumentService.ListDocuments. Currently ACL is only supported in - `GENERIC` industry vertical with non-`PUBLIC_WEBSITE` content - config. + Deprecated: This field is deprecated. Streaming Answer API will be + supported. Asynchronous mode control. If enabled, the response will + be returned with answer/session resource name without final answer. + The API users need to do the polling to get the latest status of + answer/session by calling ConversationalSearchService.GetAnswer or + ConversationalSearchService.GetSession method. + deprecated: true type: boolean - workspaceConfig: + session: description: >- - Config to store data store type configuration for workspace data. - This must be set when DataStore.content_config is set as - DataStore.ContentConfig.GOOGLE_WORKSPACE. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaWorkspaceConfig' - documentProcessingConfig: - description: Configuration for Document understanding and enrichment. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaDocumentProcessingConfig - startingSchema: + The session resource name. Not required. When session field is not + set, the API is in sessionless mode. We support auto session mode: + users can use the wildcard symbol `-` as session ID. A new ID will + be automatically generated and assigned. + type: string + userPseudoId: description: >- - The start schema to use for this DataStore when provisioning it. If - unset, a default vertical specialized schema will be used. This - field is only used by CreateDataStore API, and will be ignored if - used in other APIs. This field will be omitted from all API - responses including CreateDataStore API. To retrieve a schema of a - DataStore, use SchemaService.GetSchema API instead. The provided - schema will be validated against certain rules on schema. Learn more - from [this - doc](https://cloud.google.com/generative-ai-app-builder/docs/provide-schema). - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaSchema' - healthcareFhirConfig: - description: Optional. Configuration for `HEALTHCARE_FHIR` vertical. + A unique identifier for tracking visitors. For example, this could + be implemented with an HTTP cookie, which should be able to uniquely + identify a visitor on a single device. This unique identifier should + not change if the visitor logs in or out of the website. This field + should NOT have a fixed value such as `unknown_visitor`. The field + must be a UTF-8 encoded string with a length limit of 128 + characters. Otherwise, an `INVALID_ARGUMENT` error is returned. + type: string + groundingSpec: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaHealthcareFhirConfig - servingConfigDataStore: - description: Optional. Stores serving config at DataStore level. + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestGroundingSpec + description: Optional. Grounding specification. + answerGenerationSpec: + description: Answer generation specification. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaDataStoreServingConfigDataStore - identityMappingStore: + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequestAnswerGenerationSpec + description: Request message for ConversationalSearchService.AnswerQuery method. + GoogleLongrunningListOperationsResponse: + properties: + unreachable: + type: array + items: + type: string description: >- - Immutable. The fully qualified resource name of the associated - IdentityMappingStore. This field can only be set for acl_enabled - DataStores with `THIRD_PARTY` or `GSUITE` IdP. Format: - `projects/{project}/locations/{location}/identityMappingStores/{identity_mapping_store}`. + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + operations: + type: array + description: >- + A list of operations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/GoogleLongrunningOperation' + nextPageToken: + description: The standard List next-page token. type: string - isInfobotFaqDataStore: - description: Optional. If set, this DataStore is an Infobot FAQ DataStore. - type: boolean - GoogleCloudDiscoveryengineV1betaAdvancedSiteSearchConfig: - id: GoogleCloudDiscoveryengineV1betaAdvancedSiteSearchConfig - description: Configuration data for advance site search. + description: The response message for Operations.ListOperations. + id: GoogleLongrunningListOperationsResponse type: object + GoogleCloudDiscoveryengineV1AnswerCitationSource: properties: - disableInitialIndex: - description: If set true, initial indexing is disabled for the DataStore. - type: boolean - disableAutomaticRefresh: - description: If set true, automatic refresh is disabled for the DataStore. - type: boolean - GoogleCloudDiscoveryengineV1betaLanguageInfo: - id: GoogleCloudDiscoveryengineV1betaLanguageInfo - description: Language info for DataStore. + referenceId: + description: ID of the citation source. + type: string type: object + description: Citation source. + id: GoogleCloudDiscoveryengineV1AnswerCitationSource + GoogleCloudDiscoveryengineLoggingHttpRequestContext: properties: - languageCode: - description: The language code for the DataStore. - type: string - normalizedLanguageCode: + responseStatusCode: + format: int32 + type: integer + description: The HTTP response status code for the request. + id: GoogleCloudDiscoveryengineLoggingHttpRequestContext + type: object + description: HTTP request data that is related to a reported error. + GoogleApiDistributionBucketOptionsExplicit: + id: GoogleApiDistributionBucketOptionsExplicit + description: >- + Specifies a set of buckets with arbitrary widths. There are + `size(bounds) + 1` (= N) buckets. Bucket `i` has the following + boundaries: Upper bound (0 <= i < N-1): bounds[i] Lower bound (1 <= i < + N); bounds[i - 1] The `bounds` field must contain at least one element. + If `bounds` has only one element, then there are no finite buckets, and + that single element is the common boundary of the overflow and underflow + buckets. + type: object + properties: + bounds: + type: array + items: + type: number + format: double + description: The values must be monotonically increasing. + GoogleCloudDiscoveryengineV1SiteSearchEngine: + type: object + id: GoogleCloudDiscoveryengineV1SiteSearchEngine + properties: + name: description: >- - Output only. This is the normalized form of language_code. E.g.: - language_code of `en-GB`, `en_GB`, `en-UK` or `en-gb` will have - normalized_language_code of `en-GB`. - readOnly: true + The fully qualified resource name of the site search engine. Format: + `projects/*/locations/*/dataStores/*/siteSearchEngine` type: string - language: - description: >- - Output only. Language part of normalized_language_code. E.g.: - `en-US` -> `en`, `zh-Hans-HK` -> `zh`, `en` -> `en`. - readOnly: true + description: >- + SiteSearchEngine captures DataStore level site search persisting + configurations. It is a singleton value per data store. + GoogleCloudDiscoveryengineV1BigtableOptionsBigtableColumn: + description: The column of the Bigtable. + type: object + properties: + fieldName: type: string - region: description: >- - Output only. Region part of normalized_language_code, if present. - E.g.: `en-US` -> `US`, `zh-Hans-HK` -> `HK`, `en` -> ``. - readOnly: true + The field name to use for this column in the document. The name has + to match the pattern `a-zA-Z0-9*`. If not set, it is parsed from the + qualifier bytes with best effort. However, due to different naming + patterns, field name collisions could happen, where parsing behavior + is undefined. + qualifier: + description: >- + Required. Qualifier of the column. If it cannot be decoded with + utf-8, use a base-64 encoded string instead. + type: string + format: byte + encoding: type: string - GoogleCloudDiscoveryengineV1betaNaturalLanguageQueryUnderstandingConfig: - id: GoogleCloudDiscoveryengineV1betaNaturalLanguageQueryUnderstandingConfig - description: Configuration for Natural Language Query Understanding. - type: object - properties: - mode: description: >- - Mode of Natural Language Query Understanding. If this field is - unset, the behavior defaults to - NaturalLanguageQueryUnderstandingConfig.Mode.DISABLED. + The encoding mode of the values when the type is not `STRING`. + Acceptable encoding values are: * `TEXT`: indicates values are + alphanumeric text strings. * `BINARY`: indicates values are encoded + using `HBase Bytes.toBytes` family of functions. This can be + overridden for a specific column by listing that column in `columns` + and specifying an encoding for it. + enum: + - ENCODING_UNSPECIFIED + - TEXT + - BINARY + enumDescriptions: + - The encoding is unspecified. + - Text encoding. + - Binary encoding. + type: type: string enumDescriptions: - - Default value. - - Natural Language Query Understanding is disabled. - - Natural Language Query Understanding is enabled. + - The type is unspecified. + - String type. + - Numerical type. + - Integer type. + - Variable length integer type. + - BigDecimal type. + - Boolean type. + - JSON type. enum: - - MODE_UNSPECIFIED - - DISABLED - - ENABLED - GoogleCloudDiscoveryengineV1betaCmekConfig: - id: GoogleCloudDiscoveryengineV1betaCmekConfig - description: Configurations used to enable CMEK data encryption with Cloud KMS keys. + - TYPE_UNSPECIFIED + - STRING + - NUMBER + - INTEGER + - VAR_INTEGER + - BIG_NUMERIC + - BOOLEAN + - JSON + description: >- + The type of values in this column family. The values are expected to + be encoded using `HBase Bytes.toBytes` function when the encoding + value is set to `BINARY`. + id: GoogleCloudDiscoveryengineV1BigtableOptionsBigtableColumn + GoogleCloudDiscoveryengineV1betaImportErrorConfig: + description: Configuration of destination for Import related errors. + id: GoogleCloudDiscoveryengineV1betaImportErrorConfig + properties: + gcsPrefix: + description: >- + Cloud Storage prefix for import errors. This must be an empty, + existing Cloud Storage directory. Import errors are written to + sharded files in this directory, one per line, as a JSON-encoded + `google.rpc.Status` message. + type: string + type: object + GoogleCloudDiscoveryengineV1AclConfig: + description: Access Control Configuration. type: object + id: GoogleCloudDiscoveryengineV1AclConfig properties: name: - description: >- - Required. The name of the CmekConfig of the form - `projects/{project}/locations/{location}/cmekConfig` or - `projects/{project}/locations/{location}/cmekConfigs/{cmek_config}`. type: string - kmsKey: description: >- - Required. KMS key resource name which will be used to encrypt - resources - `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{keyId}`. - type: string - kmsKeyVersion: + Immutable. The full resource name of the acl configuration. Format: + `projects/{project}/locations/{location}/aclConfig`. This field must + be a UTF-8 encoded string with a length limit of 1024 characters. + idpConfig: + description: Identity provider config. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1IdpConfig' + GoogleCloudDiscoveryengineV1betaSearchRequestCrowdingSpec: + description: >- + Specification for crowding. Crowding improves the diversity of search + results by limiting the number of results that share the same field + value. For example, crowding on the color field with a max_count of 3 + and mode DROP_CROWDED_RESULTS will return at most 3 results with the + same color across all pages. + type: object + properties: + maxCount: description: >- - Output only. KMS key version resource name which will be used to - encrypt resources `/cryptoKeyVersions/{keyVersion}`. - readOnly: true - type: string - state: - description: Output only. The states of the CmekConfig. - readOnly: true + The maximum number of documents to keep per value of the field. Once + there are at least max_count previous results which contain the same + value for the given field (according to the order specified in + `order_by`), later results with the same value are "crowded away". + If not specified, the default value is 1. + type: integer + format: int32 + field: + description: >- + The field to use for crowding. Documents can be crowded by a field + in the Document object. Crowding field is case sensitive. type: string + mode: enumDescriptions: - - The CmekConfig state is unknown. - - The CmekConfig is creating. - - The CmekConfig can be used with DataStores. - - >- - The CmekConfig is unavailable, most likely due to the KMS Key - being revoked. - - The CmekConfig is deleting. - - The CmekConfig deletion process failed. - - >- - The CmekConfig is not usable, most likely due to some internal - issue. - - The KMS key version is being rotated. - >- - The KMS key is soft deleted. Some cleanup policy will eventually - be applied. + Unspecified crowding mode. In this case, server behavior defaults + to Mode.DROP_CROWDED_RESULTS. + - Drop crowded results. + - Demote crowded results to the later pages. + description: Mode to use for documents that are crowded away. enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - KEY_ISSUE - - DELETING - - DELETE_FAILED - - UNUSABLE - - ACTIVE_ROTATING - - DELETED - isDefault: - description: Output only. The default CmekConfig for the Customer. - readOnly: true - type: boolean - lastRotationTimestampMicros: - description: Output only. The timestamp of the last key rotation. - readOnly: true + - MODE_UNSPECIFIED + - DROP_CROWDED_RESULTS + - DEMOTE_CROWDED_RESULTS_TO_END type: string - format: int64 - singleRegionKeys: + id: GoogleCloudDiscoveryengineV1betaSearchRequestCrowdingSpec + GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigDigitalParsingConfig: + type: object + id: >- + GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigDigitalParsingConfig + description: The digital parsing configurations for documents. + properties: {} + GoogleCloudDiscoveryengineV1BigtableOptions: + properties: + families: + type: object description: >- - Optional. Single-regional CMEKs that are required for some VAIS - features. - type: array - items: + The mapping from family names to an object that contains column + families level information for the given column family. If a family + is not present in this map it will be ignored. + additionalProperties: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSingleRegionKey - notebooklmState: - description: Output only. Whether the NotebookLM Corpus is ready to be used. - readOnly: true + #/components/schemas/GoogleCloudDiscoveryengineV1BigtableOptionsBigtableColumnFamily + keyFieldName: type: string - enumDescriptions: - - The NotebookLM state is unknown. - - The NotebookLM is not ready. - - The NotebookLM is ready to be used. - - The NotebookLM is not enabled. - enum: - - NOTEBOOK_LM_STATE_UNSPECIFIED - - NOTEBOOK_LM_NOT_READY - - NOTEBOOK_LM_READY - - NOTEBOOK_LM_NOT_ENABLED - GoogleCloudDiscoveryengineV1betaSingleRegionKey: - id: GoogleCloudDiscoveryengineV1betaSingleRegionKey - description: Metadata for single-regional CMEKs. + description: >- + The field name used for saving row key value in the document. The + name has to match the pattern `a-zA-Z0-9*`. type: object + id: GoogleCloudDiscoveryengineV1BigtableOptions + description: >- + The Bigtable Options object that contains information to support the + import. + GoogleCloudDiscoveryengineV1SearchRequestImageQuery: + id: GoogleCloudDiscoveryengineV1SearchRequestImageQuery properties: - kmsKey: - description: >- - Required. Single-regional kms key resource name which will be used - to encrypt resources - `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{keyId}`. + imageBytes: type: string - GoogleCloudDiscoveryengineV1betaDataStoreBillingEstimation: - id: GoogleCloudDiscoveryengineV1betaDataStoreBillingEstimation - description: Estimation of data size per data store. + description: >- + Base64 encoded image bytes. Supported image formats: JPEG, PNG, and + BMP. type: object + description: Specifies the image query input. + GoogleCloudDiscoveryengineV1alphaContactDetails: + type: object + description: >- + The contact info stored in resource level. If both project level and + resource level is populated, the resource level contact info will + override the project level contact info. properties: - structuredDataSize: - description: Data size for structured data in terms of bytes. - type: string - format: int64 - unstructuredDataSize: - description: Data size for unstructured data in terms of bytes. - type: string - format: int64 - websiteDataSize: - description: Data size for websites in terms of bytes. + emailAddress: + description: Optional. The email address of the contact. type: string - format: int64 - structuredDataUpdateTime: - description: Last updated timestamp for structured data. + id: GoogleCloudDiscoveryengineV1alphaContactDetails + GoogleCloudDiscoveryengineV1DeleteDataStoreMetadata: + description: >- + Metadata related to the progress of the DataStoreService.DeleteDataStore + operation. This will be returned by the + google.longrunning.Operation.metadata field. + properties: + updateTime: + description: >- + Operation last update time. If the operation is done, this is also + the finish time. type: string format: google-datetime - unstructuredDataUpdateTime: - description: Last updated timestamp for unstructured data. - type: string + createTime: + description: Operation create time. format: google-datetime - websiteDataUpdateTime: - description: Last updated timestamp for websites. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaWorkspaceConfig: - id: GoogleCloudDiscoveryengineV1betaWorkspaceConfig - description: Config to store data store type configuration for workspace data + id: GoogleCloudDiscoveryengineV1DeleteDataStoreMetadata + type: object + GoogleCloudDiscoveryengineV1betaControlRedirectAction: type: object properties: - type: - description: The Google Workspace data source. - type: string - enumDescriptions: - - Defaults to an unspecified Workspace type. - - Workspace Data Store contains Drive data - - Workspace Data Store contains Mail data - - Workspace Data Store contains Sites data - - Workspace Data Store contains Calendar data - - Workspace Data Store contains Chat data - - Workspace Data Store contains Groups data - - Workspace Data Store contains Keep data - - Workspace Data Store contains People data - enum: - - TYPE_UNSPECIFIED - - GOOGLE_DRIVE - - GOOGLE_MAIL - - GOOGLE_SITES - - GOOGLE_CALENDAR - - GOOGLE_CHAT - - GOOGLE_GROUPS - - GOOGLE_KEEP - - GOOGLE_PEOPLE - dasherCustomerId: - description: Obfuscated Dasher customer ID. - type: string - superAdminServiceAccount: - description: >- - Optional. The super admin service account for the workspace that - will be used for access token generation. For now we only use it for - Native Google Drive connector data ingestion. + redirectUri: type: string - superAdminEmailAddress: description: >- - Optional. The super admin email address for the workspace that will - be used for access token generation. For now we only use it for - Native Google Drive connector data ingestion. - type: string - GoogleCloudDiscoveryengineV1betaDocumentProcessingConfig: - id: GoogleCloudDiscoveryengineV1betaDocumentProcessingConfig + Required. The URI to which the shopper will be redirected. Required. + URI must have length equal or less than 2000 characters. Otherwise + an INVALID ARGUMENT error is thrown. + id: GoogleCloudDiscoveryengineV1betaControlRedirectAction + description: Redirects a shopper to the provided URI. + GoogleCloudDiscoveryengineV1ImportUserEventsMetadata: description: >- - A singleton resource of DataStore. If it's empty when DataStore is - created and DataStore is set to - DataStore.ContentConfig.CONTENT_REQUIRED, the default parser will - default to digital parser. + Metadata related to the progress of the Import operation. This is + returned by the google.longrunning.Operation.metadata field. type: object properties: - name: + updateTime: description: >- - The full resource name of the Document Processing Config. Format: - `projects/*/locations/*/collections/*/dataStores/*/documentProcessingConfig`. + Operation last update time. If the operation is done, this is also + the finish time. type: string - chunkingConfig: - description: Whether chunking mode is enabled. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigChunkingConfig - defaultParsingConfig: + format: google-datetime + failureCount: + format: int64 + description: Count of entries that encountered errors while processing. + type: string + createTime: + description: Operation create time. + format: google-datetime + type: string + successCount: + description: Count of entries that were processed successfully. + format: int64 + type: string + id: GoogleCloudDiscoveryengineV1ImportUserEventsMetadata + GoogleCloudDiscoveryengineV1betaSearchRequestQueryExpansionSpec: + properties: + pinUnexpandedResults: + type: boolean description: >- - Configurations for default Document parser. If not specified, we - will configure it as default DigitalParsingConfig, and the default - parsing config will be applied to all file types for Document - parsing. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfig - parsingConfigOverrides: + Whether to pin unexpanded results. If this field is set to true, + unexpanded products are always at the top of the search results, + followed by the expanded results. + condition: description: >- - Map from file type to override the default parsing configuration - based on the file type. Supported keys: * `pdf`: Override parsing - config for PDF files, either digital parsing, ocr parsing or layout - parsing is supported. * `html`: Override parsing config for HTML - files, only digital parsing and layout parsing are supported. * - `docx`: Override parsing config for DOCX files, only digital parsing - and layout parsing are supported. * `pptx`: Override parsing config - for PPTX files, only digital parsing and layout parsing are - supported. * `xlsm`: Override parsing config for XLSM files, only - digital parsing and layout parsing are supported. * `xlsx`: Override - parsing config for XLSX files, only digital parsing and layout - parsing are supported. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfig - GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigChunkingConfig: - id: GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigChunkingConfig - description: Configuration for chunking config. + The condition under which query expansion should occur. Default to + Condition.DISABLED. + type: string + enum: + - CONDITION_UNSPECIFIED + - DISABLED + - AUTO + enumDescriptions: + - >- + Unspecified query expansion condition. In this case, server + behavior defaults to Condition.DISABLED. + - >- + Disabled query expansion. Only the exact search query is used, + even if SearchResponse.total_size is zero. + - Automatic query expansion built by the Search API. + description: >- + Specification to determine under which conditions query expansion should + occur. type: object + id: GoogleCloudDiscoveryengineV1betaSearchRequestQueryExpansionSpec + GoogleCloudDiscoveryengineV1betaNaturalLanguageQueryUnderstandingConfig: properties: - layoutBasedChunkingConfig: - description: Configuration for the layout based chunking. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig - GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig: - id: >- - GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigChunkingConfigLayoutBasedChunkingConfig - description: Configuration for the layout based chunking. + mode: + enum: + - MODE_UNSPECIFIED + - DISABLED + - ENABLED + type: string + enumDescriptions: + - Default value. + - Natural Language Query Understanding is disabled. + - Natural Language Query Understanding is enabled. + description: >- + Mode of Natural Language Query Understanding. If this field is + unset, the behavior defaults to + NaturalLanguageQueryUnderstandingConfig.Mode.DISABLED. + id: GoogleCloudDiscoveryengineV1betaNaturalLanguageQueryUnderstandingConfig + description: Configuration for Natural Language Query Understanding. type: object + GoogleCloudDiscoveryengineV1alphaDeleteTargetSiteMetadata: properties: - chunkSize: - description: >- - The token size limit for each chunk. Supported values: 100-500 - (inclusive). Default value: 500. - type: integer - format: int32 - includeAncestorHeadings: + createTime: + format: google-datetime + type: string + description: Operation create time. + updateTime: + format: google-datetime + type: string description: >- - Whether to include appending different levels of headings to chunks - from the middle of the document to prevent context loss. Default - value: False. - type: boolean + Operation last update time. If the operation is done, this is also + the finish time. + description: >- + Metadata related to the progress of the + SiteSearchEngineService.DeleteTargetSite operation. This will be + returned by the google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1alphaDeleteTargetSiteMetadata + type: object GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfig: - id: GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfig description: Related configurations applied to a specific type of document parser. type: object properties: - digitalParsingConfig: - description: Configurations applied to digital parser. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfigDigitalParsingConfig ocrParsingConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfigOcrParsingConfig description: >- Configurations applied to OCR parser. Currently it only applies to PDFs. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfigOcrParsingConfig layoutParsingConfig: description: Configurations applied to layout parser. $ref: >- #/components/schemas/GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfigLayoutParsingConfig - GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfigDigitalParsingConfig: - id: >- - GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfigDigitalParsingConfig - description: The digital parsing configurations for documents. - type: object - properties: {} - GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfigOcrParsingConfig: - id: >- - GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfigOcrParsingConfig - description: The OCR parsing configurations for documents. - type: object + digitalParsingConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfigDigitalParsingConfig + description: Configurations applied to digital parser. + id: GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfig + GoogleCloudDiscoveryengineV1alphaSearchRequestSearchAddonSpec: properties: - enhancedDocumentElements: + disableGenerativeAnswerAddOn: description: >- - [DEPRECATED] This field is deprecated. To use the additional - enhanced document elements processing, please switch to - `layout_parsing_config`. - deprecated: true - type: array - items: - type: string - useNativeText: + Optional. If true, generative answer add-on is disabled. Generative + answer add-on includes natural language to filters and simple + answers. + type: boolean + disableSemanticAddOn: description: >- - If true, will use native text instead of OCR text on pages - containing native text. + Optional. If true, semantic add-on is disabled. Semantic add-on + includes embeddings and jetstream. type: boolean - GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfigLayoutParsingConfig: - id: >- - GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfigLayoutParsingConfig - description: The layout parsing configurations for documents. + disableKpiPersonalizationAddOn: + description: >- + Optional. If true, disables event re-ranking and personalization to + optimize KPIs & personalize results. + type: boolean + type: object + description: >- + SearchAddonSpec is used to disable add-ons for search as per new + repricing model. By default if the SearchAddonSpec is not specified, we + consider that the customer wants to enable them wherever applicable. + id: GoogleCloudDiscoveryengineV1alphaSearchRequestSearchAddonSpec + GoogleCloudDiscoveryengineV1DisableAdvancedSiteSearchResponse: + type: object + properties: {} + description: >- + Response message for SiteSearchEngineService.DisableAdvancedSiteSearch + method. + id: GoogleCloudDiscoveryengineV1DisableAdvancedSiteSearchResponse + GoogleCloudDiscoveryengineV1AnswerGenerationSpecUserDefinedClassifierSpec: type: object + id: >- + GoogleCloudDiscoveryengineV1AnswerGenerationSpecUserDefinedClassifierSpec + description: The specification for user defined classifier. properties: - enableTableAnnotation: + temperature: description: >- - Optional. If true, the LLM based annotation is added to the table - during parsing. - type: boolean - enableImageAnnotation: + Optional. The temperature value to be used for the user defined + classifier. + format: double + type: number + modelId: + type: string + description: Optional. The model id to be used for the user defined classifier. + topK: + type: string + format: int64 description: >- - Optional. If true, the LLM based annotation is added to the image - during parsing. - type: boolean - structuredContentTypes: + Optional. The top-k value to be used for the user defined + classifier. + taskMarker: description: >- - Optional. Contains the required structure types to extract from the - document. Supported values: * `shareholder-structure` - type: array - items: - type: string - excludeHtmlElements: - description: Optional. List of HTML elements to exclude from the parsed content. - type: array - items: - type: string - excludeHtmlClasses: - description: Optional. List of HTML classes to exclude from the parsed content. - type: array - items: - type: string - excludeHtmlIds: - description: Optional. List of HTML ids to exclude from the parsed content. - type: array - items: - type: string - enableGetProcessedDocument: + Optional. The task marker to be used for the user defined + classifier. + type: string + topP: + type: number + format: double description: >- - Optional. If true, the processed document will be made available for - the GetProcessedDocument API. + Optional. The top-p value to be used for the user defined + classifier. + enableUserDefinedClassifier: type: boolean - GoogleCloudDiscoveryengineV1betaSchema: - id: GoogleCloudDiscoveryengineV1betaSchema - description: Defines the structure and layout of a type of document data. - type: object + description: >- + Optional. Whether or not to enable and include user defined + classifier. + preamble: + type: string + description: Optional. The preamble to be used for the user defined classifier. + seed: + format: int32 + description: Optional. The seed value to be used for the user defined classifier. + type: integer + GoogleCloudDiscoveryengineV1alphaSearchRequestImageQuery: + description: Specifies the image query input. properties: - structSchema: - description: The structured representation of the schema. - type: object - additionalProperties: - type: any - description: Properties of the object. - jsonSchema: - description: The JSON representation of the schema. + imageBytes: type: string - name: description: >- - Immutable. The full resource name of the schema, in the format of - `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/schemas/{schema}`. - This field must be a UTF-8 encoded string with a length limit of - 1024 characters. - type: string - GoogleCloudDiscoveryengineV1betaHealthcareFhirConfig: - id: GoogleCloudDiscoveryengineV1betaHealthcareFhirConfig - description: Config to data store for `HEALTHCARE_FHIR` vertical. + Base64 encoded image bytes. Supported image formats: JPEG, PNG, and + BMP. + id: GoogleCloudDiscoveryengineV1alphaSearchRequestImageQuery type: object + GoogleCloudDiscoveryengineV1Condition: properties: - enableConfigurableSchema: + queryRegex: description: >- - Whether to enable configurable schema for `HEALTHCARE_FHIR` - vertical. If set to `true`, the predefined healthcare fhir schema - can be extended for more customized searching and filtering. - type: boolean - enableStaticIndexingForBatchIngestion: + Optional. Query regex to match the whole search query. Cannot be set + when Condition.query_terms is set. Only supported for Basic Site + Search promotion serving controls. + type: string + queryTerms: + type: array description: >- - Whether to enable static indexing for `HEALTHCARE_FHIR` batch - ingestion. If set to `true`, the batch ingestion will be processed - in a static indexing mode which is slower but more capable of - handling larger volume. - type: boolean - GoogleCloudDiscoveryengineV1betaDataStoreServingConfigDataStore: - id: GoogleCloudDiscoveryengineV1betaDataStoreServingConfigDataStore - description: >- - Stores information regarding the serving configurations at DataStore - level. - type: object - properties: - disabledForServing: + Search only A list of terms to match the query on. Cannot be set + when Condition.query_regex is set. Maximum of 10 query terms. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ConditionQueryTerm + activeTimeRange: + type: array description: >- - Optional. If set true, the DataStore will not be available for - serving search requests. - type: boolean - GoogleCloudDiscoveryengineV1betaDeleteDataStoreMetadata: - id: GoogleCloudDiscoveryengineV1betaDeleteDataStoreMetadata - description: >- - Metadata related to the progress of the DataStoreService.DeleteDataStore - operation. This will be returned by the - google.longrunning.Operation.metadata field. + Range of time(s) specifying when condition is active. Maximum of 10 + time ranges. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ConditionTimeRange + description: Defines circumstances to be checked before allowing a behavior + type: object + id: GoogleCloudDiscoveryengineV1Condition + GoogleCloudDiscoveryengineV1UpdateTargetSiteMetadata: type: object properties: createTime: + format: google-datetime description: Operation create time. type: string - format: google-datetime updateTime: + type: string + format: google-datetime description: >- Operation last update time. If the operation is done, this is also the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaDeleteEngineMetadata: - id: GoogleCloudDiscoveryengineV1betaDeleteEngineMetadata - description: >- - Metadata related to the progress of the EngineService.DeleteEngine - operation. This will be returned by the - google.longrunning.Operation.metadata field. - type: object - properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaDeleteIdentityMappingStoreMetadata: - id: GoogleCloudDiscoveryengineV1betaDeleteIdentityMappingStoreMetadata description: >- Metadata related to the progress of the - IdentityMappingStoreService.DeleteIdentityMappingStore operation. This - will be returned by the google.longrunning.Operation.metadata field. - type: object + SiteSearchEngineService.UpdateTargetSite operation. This will be + returned by the google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1UpdateTargetSiteMetadata + GoogleCloudDiscoveryengineV1alphaAssistAnswerCustomerPolicyEnforcementResultModelArmorEnforcementResult: + id: >- + GoogleCloudDiscoveryengineV1alphaAssistAnswerCustomerPolicyEnforcementResultModelArmorEnforcementResult properties: - createTime: - description: Operation create time. + modelArmorViolation: + description: The Model Armor violation that was found. type: string - format: google-datetime - updateTime: + error: description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaDeleteSchemaMetadata: - id: GoogleCloudDiscoveryengineV1betaDeleteSchemaMetadata - description: Metadata for DeleteSchema LRO. + The error returned by Model Armor if the policy enforcement failed + for some reason. + $ref: '#/components/schemas/GoogleRpcStatus' + description: Customer policy enforcement result for the Model Armor policy. + type: object + GoogleCloudDiscoveryengineV1ImportDocumentsResponse: + id: GoogleCloudDiscoveryengineV1ImportDocumentsResponse type: object + description: >- + Response of the ImportDocumentsRequest. If the long running operation is + done, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + errorConfig: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ImportErrorConfig' description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaDeleteSitemapMetadata: - id: GoogleCloudDiscoveryengineV1betaDeleteSitemapMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.DeleteSitemap operation. This will be returned - by the google.longrunning.Operation.metadata field. + Echoes the destination for the complete errors in the request if + set. + errorSamples: + description: A sample of errors encountered while processing the request. + type: array + items: + $ref: '#/components/schemas/GoogleRpcStatus' + GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigOcrParsingConfig: type: object properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + useNativeText: description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaDeleteTargetSiteMetadata: - id: GoogleCloudDiscoveryengineV1betaDeleteTargetSiteMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.DeleteTargetSite operation. This will be - returned by the google.longrunning.Operation.metadata field. - type: object + If true, will use native text instead of OCR text on pages + containing native text. + type: boolean + enhancedDocumentElements: + items: + type: string + type: array + description: >- + [DEPRECATED] This field is deprecated. To use the additional + enhanced document elements processing, please switch to + `layout_parsing_config`. + deprecated: true + id: >- + GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigOcrParsingConfig + description: The OCR parsing configurations for documents. + GoogleCloudDiscoveryengineV1alphaAnswerCitation: + id: GoogleCloudDiscoveryengineV1alphaAnswerCitation properties: - createTime: - description: Operation create time. + sources: + type: array + description: Citation sources for the attributed segment. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerCitationSource + startIndex: type: string - format: google-datetime - updateTime: + format: int64 description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Index indicates the start of the segment, measured in bytes (UTF-8 + unicode). If there are multi-byte characters,such as non-ASCII + characters, the index measurement is longer than the string length. + endIndex: type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaDisableAdvancedSiteSearchMetadata: - id: GoogleCloudDiscoveryengineV1betaDisableAdvancedSiteSearchMetadata + format: int64 + description: >- + End of the attributed segment, exclusive. Measured in bytes (UTF-8 + unicode). If there are multi-byte characters,such as non-ASCII + characters, the index measurement is longer than the string length. + description: Citation info for a segment. + type: object + GoogleCloudDiscoveryengineV1betaControl: + id: GoogleCloudDiscoveryengineV1betaControl description: >- - Metadata related to the progress of the - SiteSearchEngineService.DisableAdvancedSiteSearch operation. This will - be returned by the google.longrunning.Operation.metadata field. + Defines a conditioned behavior to employ during serving. Must be + attached to a ServingConfig to be considered at serving time. Permitted + actions dependent on `SolutionType`. type: object properties: - createTime: - description: Operation create time. + useCases: + description: >- + Specifies the use case for the control. Affects what condition + fields can be set. Only applies to SOLUTION_TYPE_SEARCH. Currently + only allow one use case per control. Must be set when solution_type + is SolutionType.SOLUTION_TYPE_SEARCH. + type: array + items: + enumDescriptions: + - Value used when unset. Will not occur in CSS. + - Search use case. Expects the traffic has a non-empty query. + - Browse use case. Expects the traffic has an empty query. + type: string + enum: + - SEARCH_USE_CASE_UNSPECIFIED + - SEARCH_USE_CASE_SEARCH + - SEARCH_USE_CASE_BROWSE + displayName: + description: >- + Required. Human readable name. The identifier used in UI views. Must + be UTF-8 encoded string. Length limit is 128 characters. Otherwise + an INVALID ARGUMENT error is thrown. type: string - format: google-datetime - updateTime: + boostAction: + description: Defines a boost-type control + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaControlBoostAction + synonymsAction: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaControlSynonymsAction + description: Treats a group of terms as synonyms of one another. + redirectAction: + description: Defines a redirect-type control. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaControlRedirectAction + promoteAction: + description: Promote certain links based on predefined trigger queries. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaControlPromoteAction + filterAction: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaControlFilterAction description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Defines a filter-type control Currently not supported by + Recommendation + associatedServingConfigIds: + description: >- + Output only. List of all ServingConfig IDs this control is attached + to. May take up to 10 minutes to update after changes. + items: + type: string + type: array + readOnly: true + conditions: + description: >- + Determines when the associated action will trigger. Omit to always + apply the action. Currently only a single condition may be + specified. Otherwise an INVALID ARGUMENT error is thrown. + type: array + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaCondition' + solutionType: + enumDescriptions: + - Default value. + - Used for Recommendations AI. + - Used for Discovery Search. + - Used for use cases related to the Generative AI agent. + - >- + Used for use cases related to the Generative Chat agent. It's used + for Generative chat engine only, the associated data stores must + enrolled with `SOLUTION_TYPE_CHAT` solution. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaDisableAdvancedSiteSearchResponse: - id: GoogleCloudDiscoveryengineV1betaDisableAdvancedSiteSearchResponse - description: >- - Response message for SiteSearchEngineService.DisableAdvancedSiteSearch - method. - type: object - properties: {} - GoogleCloudDiscoveryengineV1betaEnableAdvancedSiteSearchMetadata: - id: GoogleCloudDiscoveryengineV1betaEnableAdvancedSiteSearchMetadata - description: >- - Metadata related to the progress of the - SiteSearchEngineService.EnableAdvancedSiteSearch operation. This will be - returned by the google.longrunning.Operation.metadata field. + description: >- + Required. Immutable. What solution the control belongs to. Must be + compatible with vertical of resource. Otherwise an INVALID ARGUMENT + error is thrown. + enum: + - SOLUTION_TYPE_UNSPECIFIED + - SOLUTION_TYPE_RECOMMENDATION + - SOLUTION_TYPE_SEARCH + - SOLUTION_TYPE_CHAT + - SOLUTION_TYPE_GENERATIVE_CHAT + name: + type: string + description: >- + Immutable. Fully qualified name + `projects/*/locations/global/dataStore/*/controls/*` + GoogleCloudDiscoveryengineV1TargetSiteFailureReason: + description: Site search indexing failure reasons. + id: GoogleCloudDiscoveryengineV1TargetSiteFailureReason type: object properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + quotaFailure: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1TargetSiteFailureReasonQuotaFailure + description: Failed due to insufficient quota. + GoogleCloudDiscoveryengineLoggingErrorContext: + properties: + reportLocation: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineLoggingSourceLocation' description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaEnableAdvancedSiteSearchResponse: - id: GoogleCloudDiscoveryengineV1betaEnableAdvancedSiteSearchResponse - description: >- - Response message for SiteSearchEngineService.EnableAdvancedSiteSearch - method. + The location in the source code where the decision was made to + report the error, usually the place where it was logged. + httpRequest: + description: The HTTP request which was processed when the error was triggered. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineLoggingHttpRequestContext + description: A description of the context in which an error occurred. type: object - properties: {} - GoogleCloudDiscoveryengineV1betaEngine: - id: GoogleCloudDiscoveryengineV1betaEngine - description: >- - Metadata that describes the training and serving parameters of an - Engine. + id: GoogleCloudDiscoveryengineLoggingErrorContext + GoogleCloudDiscoveryengineV1PurgeDocumentsRequest: type: object + description: Request message for DocumentService.PurgeDocuments method. + id: GoogleCloudDiscoveryengineV1PurgeDocumentsRequest properties: - chatEngineConfig: + force: description: >- - Configurations for the Chat Engine. Only applicable if solution_type - is SOLUTION_TYPE_CHAT. + Actually performs the purge. If `force` is set to false, return the + expected purge count without deleting any documents. + type: boolean + inlineSource: + description: Inline source for the input content for purge. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineChatEngineConfig - searchEngineConfig: + #/components/schemas/GoogleCloudDiscoveryengineV1PurgeDocumentsRequestInlineSource + errorConfig: + description: The desired location of errors incurred during the purge. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1PurgeErrorConfig' + gcsSource: description: >- - Configurations for the Search Engine. Only applicable if - solution_type is SOLUTION_TYPE_SEARCH. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineSearchEngineConfig - mediaRecommendationEngineConfig: + Cloud Storage location for the input content. Supported + `data_schema`: * `document_id`: One valid Document.id per line. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1GcsSource' + filter: + type: string description: >- - Configurations for the Media Engine. Only applicable on the data - stores with solution_type SOLUTION_TYPE_RECOMMENDATION and - IndustryVertical.MEDIA vertical. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfig - chatEngineMetadata: + Required. Filter matching documents to purge. Only currently + supported value is `*` (all items). + GoogleCloudDiscoveryengineV1WidgetConfig: + id: GoogleCloudDiscoveryengineV1WidgetConfig + type: object + properties: + resultDisplayType: + enum: + - RESULT_DISPLAY_TYPE_UNSPECIFIED + - SNIPPET + - EXTRACTIVE_ANSWER + description: >- + The type of snippet to display in UCS widget. - + RESULT_DISPLAY_TYPE_UNSPECIFIED for existing users. - SNIPPET for + new non-enterprise search users. - EXTRACTIVE_ANSWER for new + enterprise search users. + deprecated: true + type: string + enumDescriptions: + - Unspecified display type (default to showing snippet). + - Display results from the snippet field. + - Display results from extractive answers field. + defaultSearchRequestOrderBy: + type: string description: >- - Output only. Additional information of the Chat Engine. Only - applicable if solution_type is SOLUTION_TYPE_CHAT. + The default ordering for search results if specified. Used to set + SearchRequest#order_by on applicable requests. + https://cloud.google.com/generative-ai-app-builder/docs/reference/rest/v1alpha/projects.locations.dataStores.servingConfigs/search#request-body + deprecated: true + llmEnabled: readOnly: true - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineChatEngineMetadata - name: + type: boolean + description: Output only. Whether LLM is enabled in the corresponding data store. + allowPublicAccess: + deprecated: true description: >- - Immutable. Identifier. The fully qualified resource name of the - engine. This field must be a UTF-8 encoded string with a length - limit of 1024 characters. Format: - `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}` - engine should be 1-63 characters, and valid characters are - /a-z0-9*/. Otherwise, an INVALID_ARGUMENT error is returned. + Whether allow no-auth integration with widget. If set true, public + access to search or other solutions from widget is allowed without + authenication token provided by customer hosted backend server. + type: boolean + updateTime: + description: Output only. Timestamp the WidgetConfig was updated. + format: google-datetime + readOnly: true type: string - displayName: + enableSnippetResultSummary: + description: Turn on or off summary for each snippets result. + type: boolean + deprecated: true + allowlistedDomains: + type: array + deprecated: true + items: + type: string + description: Allowlisted domains that can load this widget. + enableSearchAsYouType: + description: Whether to enable search-as-you-type behavior for the search widget + deprecated: true + type: boolean + enablePrivateKnowledgeGraph: + type: boolean + description: Optional. Output only. Whether to enable private knowledge graph. + readOnly: true + contentSearchSpec: + deprecated: true description: >- - Required. The display name of the engine. Should be human readable. - UTF-8 encoded string with limit of 1024 characters. + The content search spec that configs the desired behavior of content + search. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpec + enableAutocomplete: + description: Whether or not to enable autocomplete. + type: boolean + deprecated: true + customerProvidedConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigCustomerProvidedConfig + description: >- + Optional. Output only. Describes the customer related + configurations, currently only used for government customers. This + field cannot be modified after project onboarding. + readOnly: true + enableWebApp: + deprecated: true + description: Whether to enable standalone web app. + type: boolean + enableSummarization: + description: Turn on or off summarization for the search response. + type: boolean + deprecated: true + enableSafeSearch: + description: Whether to enable safe search. + type: boolean + deprecated: true + enableResultScore: + description: Whether to show the result score. + type: boolean + configId: type: string + description: Output only. Unique obfuscated identifier of a WidgetConfig. + readOnly: true createTime: - description: Output only. Timestamp the Recommendation Engine was created at. readOnly: true type: string format: google-datetime - updateTime: - description: Output only. Timestamp the Recommendation Engine was last updated. - readOnly: true + description: Output only. Timestamp the WidgetConfig was created. + uiSettings: + description: >- + Describes general widget search settings as seen in cloud console + widget configuration page. Replaces top deprecated top level + properties. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigUiSettings + name: type: string - format: google-datetime - dataStoreIds: description: >- - Optional. The data stores associated with this engine. For - SOLUTION_TYPE_SEARCH and SOLUTION_TYPE_RECOMMENDATION type of - engines, they can only associate with at most one data store. If - solution_type is SOLUTION_TYPE_CHAT, multiple DataStores in the same - Collection can be associated here. Note that when used in - CreateEngineRequest, one DataStore id must be provided as the system - will use it for necessary initializations. - type: array + Immutable. The full resource name of the widget config. Format: + `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}/widgetConfigs/{widget_config_id}`. + This field must be a UTF-8 encoded string with a length limit of + 1024 characters. + collectionComponents: items: - type: string + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigCollectionComponent + description: >- + Output only. Collection components that lists all collections and + child data stores associated with the widget config, those data + sources can be used for filtering in widget service APIs, users can + return results that from selected data sources. + type: array + readOnly: true + fieldsUiComponentsMap: + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigUIComponentField + type: object + deprecated: true + description: >- + The key is the UI component. Mock. Currently supported `title`, + `thumbnail`, `url`, `custom1`, `custom2`, `custom3`. The value is + the name of the field along with its device visibility. The 3 custom + fields are optional and can be added or removed. `title`, + `thumbnail`, `url` are required UI components that cannot be + removed. + enableQualityFeedback: + deprecated: true + type: boolean + description: >- + Turn on or off collecting the search result quality feedback from + end users. + minimumDataTermAccepted: + type: boolean + readOnly: true + description: Output only. Whether the customer accepted data use terms. + uiBranding: + description: >- + Describes search widget UI branding settings, such as the widget + title, logo, favicons, and colors. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigUiBrandingSettings solutionType: - description: Required. The solutions of the engine. - type: string enumDescriptions: - Default value. - Used for Recommendations AI. @@ -19063,171 +20513,228 @@ components: Used for use cases related to the Generative Chat agent. It's used for Generative chat engine only, the associated data stores must enrolled with `SOLUTION_TYPE_CHAT` solution. + description: >- + Required. Immutable. Specifies the solution type that this + WidgetConfig can be used for. + type: string enum: - SOLUTION_TYPE_UNSPECIFIED - SOLUTION_TYPE_RECOMMENDATION - SOLUTION_TYPE_SEARCH - SOLUTION_TYPE_CHAT - SOLUTION_TYPE_GENERATIVE_CHAT - industryVertical: + geminiBundle: + readOnly: true + description: Output only. Whether the subscription is gemini bundle or not. + type: boolean + accessSettings: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigAccessSettings description: >- - Optional. The industry vertical that the engine registers. The - restriction of the Engine industry vertical is based on DataStore: - Vertical on Engine has to match vertical of the DataStore linked to - the engine. + Will be used for all widget access settings seen in cloud console + integration page. Replaces top deprecated top level properties. + displayName: + description: >- + Required. The human readable widget config display name. Used in + Discovery UI. This field must be a UTF-8 encoded string with a + length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error + is returned. + type: string + dataStoreUiConfigs: + deprecated: true + type: array + description: Configurable UI configurations per data store. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigDataStoreUiConfig + dataStoreType: type: string enumDescriptions: - - Value used when unset. + - Unspecified data store type. + - The parent data store contains a site search engine. - >- - The generic vertical for documents that are not specific to any - industry vertical. - - The media industry vertical. - - The healthcare FHIR vertical. + The parent data store contains a search engine for structured + data. + - >- + The parent data store contains a search engine for unstructured + data. + - >- + The parent data store is served for blended search with multiple + data stores. enum: - - INDUSTRY_VERTICAL_UNSPECIFIED - - GENERIC - - MEDIA - - HEALTHCARE_FHIR - commonConfig: - description: Common config spec that specifies the metadata of the engine. + - DATA_STORE_TYPE_UNSPECIFIED + - SITE_SEARCH + - STRUCTURED + - UNSTRUCTURED + - BLENDED + description: Output only. The type of the parent data store. + readOnly: true + assistantSettings: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineCommonConfig - disableAnalytics: - description: >- - Optional. Whether to disable analytics for searches performed on - this engine. - type: boolean - features: - description: >- - Optional. Feature config for the engine to opt in or opt out of - features. Supported keys: * `*`: all features, if it's present, all - other feature state settings are ignored. * `agent-gallery` * - `no-code-agent-builder` * `prompt-gallery` * `model-selector` * - `notebook-lm` * `people-search` * `people-search-org-chart` * - `bi-directional-audio` * `feedback` * `session-sharing` * - `personalization-memory` - Enables personalization based on user - preferences. - type: object - additionalProperties: - type: string - enumDescriptions: - - The feature state is unspecified. - - The feature is turned on to be accessible. - - The feature is turned off to be inaccessible. - enum: - - FEATURE_STATE_UNSPECIFIED - - FEATURE_STATE_ON - - FEATURE_STATE_OFF - GoogleCloudDiscoveryengineV1betaEngineChatEngineConfig: - id: GoogleCloudDiscoveryengineV1betaEngineChatEngineConfig - description: Configurations for a Chat Engine. - type: object - properties: - agentCreationConfig: + #/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigAssistantSettings + readOnly: true description: >- - The configurationt generate the Dialogflow agent that is associated - to this Engine. Note that these configurations are one-time consumed - by and passed to Dialogflow service. It means they cannot be - retrieved using EngineService.GetEngine or EngineService.ListEngines - API after engine creation. + Optional. Output only. Describes the assistant settings of the + widget. + homepageSetting: + description: Optional. Describes the homepage settings of the widget. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineChatEngineConfigAgentCreationConfig - dialogflowAgentToLink: + #/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigHomepageSetting + enableConversationalSearch: + deprecated: true description: >- - The resource name of an exist Dialogflow agent to link to this Chat - Engine. Customers can either provide `agent_creation_config` to - create agent or provide an agent name that links the agent with the - Chat engine. Format: `projects//locations//agents/`. Note that the - `dialogflow_agent_to_link` are one-time consumed by and passed to - Dialogflow service. It means they cannot be retrieved using - EngineService.GetEngine or EngineService.ListEngines API after - engine creation. Use ChatEngineMetadata.dialogflow_agent for actual - agent association after Engine is created. + Whether to allow conversational search (LLM, multi-turn) or not + (non-LLM, single-turn). + type: boolean + industryVertical: type: string - allowCrossRegion: + readOnly: true + enum: + - INDUSTRY_VERTICAL_UNSPECIFIED + - GENERIC + - MEDIA + - HEALTHCARE_FHIR + enumDescriptions: + - Value used when unset. + - >- + The generic vertical for documents that are not specific to any + industry vertical. + - The media industry vertical. + - The healthcare FHIR vertical. description: >- - Optional. If the flag set to true, we allow the agent and engine are - in different locations, otherwise the agent and engine are required - to be in the same location. The flag is set to false by default. - Note that the `allow_cross_region` are one-time consumed by and - passed to EngineService.CreateEngine. It means they cannot be - retrieved using EngineService.GetEngine or EngineService.ListEngines - API after engine creation. - type: boolean - GoogleCloudDiscoveryengineV1betaEngineChatEngineConfigAgentCreationConfig: - id: >- - GoogleCloudDiscoveryengineV1betaEngineChatEngineConfigAgentCreationConfig - description: >- - Configurations for generating a Dialogflow agent. Note that these - configurations are one-time consumed by and passed to Dialogflow - service. It means they cannot be retrieved using EngineService.GetEngine - or EngineService.ListEngines API after engine creation. + Output only. The industry vertical that the WidgetConfig registers. + The WidgetConfig industry vertical is based on the associated + Engine. + facetField: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfigFacetField + deprecated: true + description: The configuration and appearance of facets in the end user view. + description: WidgetConfig captures configs at the Widget level. + GoogleCloudDiscoveryengineV1alphaSiteVerificationInfo: + properties: + verifyTime: + description: Latest site verification time. + format: google-datetime + type: string + siteVerificationState: + type: string + description: Site verification state indicating the ownership and validity. + enumDescriptions: + - Defaults to VERIFIED. + - Site ownership verified. + - Site ownership pending verification or verification failed. + - >- + Site exempt from verification, e.g., a public website that opens + to all. + enum: + - SITE_VERIFICATION_STATE_UNSPECIFIED + - VERIFIED + - UNVERIFIED + - EXEMPTED + type: object + description: Verification information for target sites in advanced site search. + id: GoogleCloudDiscoveryengineV1alphaSiteVerificationInfo + GoogleCloudDiscoveryengineV1alphaImportCompletionSuggestionsResponse: type: object + description: >- + Response of the CompletionService.ImportCompletionSuggestions method. If + the long running operation is done, this message is returned by the + google.longrunning.Operations.response field if the operation is + successful. properties: - business: - description: >- - Name of the company, organization or other entity that the agent - represents. Used for knowledge connector LLM prompt and for - knowledge search. + errorConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaImportErrorConfig + description: The desired location of errors incurred during the Import. + errorSamples: + type: array + items: + $ref: '#/components/schemas/GoogleRpcStatus' + description: A sample of errors encountered while processing the request. + id: GoogleCloudDiscoveryengineV1alphaImportCompletionSuggestionsResponse + GoogleCloudDiscoveryengineV1betaSearchRequestEmbeddingSpecEmbeddingVector: + description: Embedding vector. + id: >- + GoogleCloudDiscoveryengineV1betaSearchRequestEmbeddingSpecEmbeddingVector + properties: + fieldPath: + description: Embedding field path in schema. type: string - defaultLanguageCode: + vector: + items: + type: number + format: float + type: array + description: Query embedding vector. + type: object + GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpec: + id: >- + GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpec + description: Boost applies to documents which match a condition. + properties: + boostControlSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpecBoostControlSpec description: >- - Required. The default language of the agent as a language tag. See - [Language - Support](https://cloud.google.com/dialogflow/docs/reference/language) - for a list of the currently supported language codes. - type: string - timeZone: + Complex specification for custom ranking based on customer defined + attribute value. + condition: description: >- - Required. The time zone of the agent from the [time zone - database](https://www.iana.org/time-zones), e.g., America/New_York, - Europe/Paris. + An expression which specifies a boost condition. The syntax and + supported fields are the same as a filter expression. See + SearchRequest.filter for detail syntax and limitations. Examples: * + To boost documents with document ID "doc_1" or "doc_2", and color + "Red" or "Blue": `(document_id: ANY("doc_1", "doc_2")) AND (color: + ANY("Red", "Blue"))` type: string - location: + boost: + type: number description: >- - Agent location for Agent creation, supported values: global/us/eu. - If not provided, us Engine will create Agent using us-central-1 by - default; eu Engine will create Agent using eu-west-1 by default. - type: string - GoogleCloudDiscoveryengineV1betaEngineSearchEngineConfig: - id: GoogleCloudDiscoveryengineV1betaEngineSearchEngineConfig - description: Configurations for a Search Engine. + Strength of the condition boost, which should be in [-1, 1]. + Negative boost means demotion. Default is 0.0. Setting to 1.0 gives + the document a big promotion. However, it does not necessarily mean + that the boosted document will be the top result at all times, nor + that other documents will be excluded. Results could still be shown + even when none of them matches the condition. And results that are + significantly more relevant to the search query can still trump your + heavily favored but irrelevant documents. Setting to -1.0 gives the + document a big demotion. However, results that are deeply relevant + might still be shown. The document will have an upstream battle to + get a fairly high ranking, but it is not blocked out completely. + Setting to 0.0 means no boost applied. The boosting condition is + ignored. Only one of the (condition, boost) combination or the + boost_control_spec below are set. If both are set then the global + boost is ignored and the more fine-grained boost_control_spec is + applied. + format: float + type: object + GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfig: type: object properties: - searchTier: + engineFeaturesConfig: + description: Optional. Additional engine features config. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigEngineFeaturesConfig + trainingState: description: >- - The search feature tier of this engine. Different tiers might have - different pricing. To learn more, check the pricing documentation. - Defaults to SearchTier.SEARCH_TIER_STANDARD if not specified. + The training state that the engine is in (e.g. `TRAINING` or + `PAUSED`). Since part of the cost of running the service is + frequency of training - this can be used to determine when to train + engine in order to control cost. If not specified: the default value + for `CreateEngine` method is `TRAINING`. The default value for + `UpdateEngine` method is to keep the state the same as before. + enum: + - TRAINING_STATE_UNSPECIFIED + - PAUSED + - TRAINING type: string enumDescriptions: - - >- - Default value when the enum is unspecified. This is invalid to - use. - - Standard tier. - - Enterprise tier. - enum: - - SEARCH_TIER_UNSPECIFIED - - SEARCH_TIER_STANDARD - - SEARCH_TIER_ENTERPRISE - searchAddOns: - description: The add-on that this search engine enables. - type: array - items: - type: string - enumDescriptions: - - >- - Default value when the enum is unspecified. This is invalid to - use. - - Large language model add-on. - enum: - - SEARCH_ADD_ON_UNSPECIFIED - - SEARCH_ADD_ON_LLM - GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfig: - id: GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfig - description: Additional config specs for a Media Recommendation engine. - type: object - properties: + - Unspecified training state. + - The engine training is paused. + - The engine is training. type: description: >- Required. The type of engine. e.g., `recommended-for-you`. This @@ -19237,6 +20744,7 @@ components: `more-like-this`, `most-popular-items`. type: string optimizationObjective: + type: string description: >- The optimization objective. e.g., `cvr`. This field together with optimization_objective describe engine metadata to use to control @@ -19244,8 +20752,9 @@ components: `cvr`. If not specified, we choose default based on engine type. Default depends on type of recommendation: `recommended-for-you` => `ctr` `others-you-may-like` => `ctr` - type: string optimizationObjectiveConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigOptimizationObjectiveConfig description: >- Name and value of the custom threshold for cvr optimization_objective. For target_field `watch-time`, @@ -19254,2676 +20763,4678 @@ components: 86400) (e.g., 90). For target_field `watch-percentage`, the target_field_value must be a valid float value between (0, 1.0] (excludes 0, includes 1.0) (e.g., 0.5). - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigOptimizationObjectiveConfig - trainingState: - description: >- - The training state that the engine is in (e.g. `TRAINING` or - `PAUSED`). Since part of the cost of running the service is - frequency of training - this can be used to determine when to train - engine in order to control cost. If not specified: the default value - for `CreateEngine` method is `TRAINING`. The default value for - `UpdateEngine` method is to keep the state the same as before. - type: string - enumDescriptions: - - Unspecified training state. - - The engine training is paused. - - The engine is training. - enum: - - TRAINING_STATE_UNSPECIFIED - - PAUSED - - TRAINING - engineFeaturesConfig: - description: Optional. Additional engine features config. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigEngineFeaturesConfig - GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigOptimizationObjectiveConfig: - id: >- - GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigOptimizationObjectiveConfig - description: Custom threshold for `cvr` optimization_objective. + id: GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfig + description: Additional config specs for a Media Recommendation engine. + GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResult: type: object + id: GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResult properties: - targetField: + document: + description: Document resource name. + type: string + uri: + description: URI for the document. + type: string + chunkInfo: description: >- - Required. The name of the field to target. Currently supported - values: `watch-percentage`, `watch-time`. + If citation_type is CHUNK_LEVEL_CITATION and chunk mode is on, + populate chunk info. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResultChunkInfo + type: array + structData: + type: object + description: >- + Data representation. The structured JSON data for the document. It's + populated from the struct data from the Document, or the Chunk in + search result. + additionalProperties: + type: any + description: Properties of the object. + title: type: string - targetFieldValueFloat: - description: Required. The threshold to be applied to the target (e.g., 0.5). - type: number - format: float - GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigEngineFeaturesConfig: - id: >- - GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigEngineFeaturesConfig - description: More feature configs of the selected engine type. + description: Title. + snippetInfo: + description: >- + If citation_type is DOCUMENT_LEVEL_CITATION, populate document level + snippets. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerStepActionObservationSearchResultSnippetInfo + type: array + GoogleCloudDiscoveryengineV1DoubleList: + properties: + values: + items: + type: number + format: double + description: Double values. + type: array type: object + description: Double list. + id: GoogleCloudDiscoveryengineV1DoubleList + GoogleCloudDiscoveryengineV1CitationMetadata: + id: GoogleCloudDiscoveryengineV1CitationMetadata + description: A collection of source attributions for a piece of content. properties: - recommendedForYouConfig: - description: Recommended for you engine feature config. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig - mostPopularConfig: - description: Most popular engine feature config. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigMostPopularFeatureConfig - GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig: - id: >- - GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig - description: >- - Additional feature configurations for creating a `recommended-for-you` - engine. + citations: + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Citation' + readOnly: true + description: Output only. List of citations. + type: array + type: object + GoogleCloudDiscoveryengineV1TransactionInfo: + id: GoogleCloudDiscoveryengineV1TransactionInfo type: object + description: A transaction represents the entire purchase transaction. properties: - contextEventType: + transactionId: + type: string + description: The transaction ID with a length limit of 128 characters. + value: + format: float + type: number description: >- - The type of event with which the engine is queried at prediction - time. If set to `generic`, only `view-item`, `media-play`,and - `media-complete` will be used as `context-event` in engine training. - If set to `view-home-page`, `view-home-page` will also be used as - `context-events` in addition to `view-item`, `media-play`, and - `media-complete`. Currently supported for the `recommended-for-you` - engine. Currently supported values: `view-home-page`, `generic`. + Required. Total non-zero value associated with the transaction. This + value may include shipping, tax, or other adjustments to the total + value that you want to include. + currency: type: string - GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigMostPopularFeatureConfig: - id: >- - GoogleCloudDiscoveryengineV1betaEngineMediaRecommendationEngineConfigMostPopularFeatureConfig - description: >- - Feature configurations that are required for creating a Most Popular - engine. - type: object + description: Required. Currency code. Use three-character ISO-4217 code. + tax: + type: number + format: float + description: All the taxes associated with the transaction. + cost: + description: >- + All the costs associated with the products. These can be + manufacturing costs, shipping expenses not borne by the end user, or + any other costs, such that: * Profit = value - tax - cost + format: float + type: number + discountValue: + type: number + format: float + description: >- + The total discount(s) value applied to this transaction. This figure + should be excluded from TransactionInfo.value For example, if a user + paid TransactionInfo.value amount, then nominal (pre-discount) value + of the transaction is the sum of TransactionInfo.value and + TransactionInfo.discount_value This means that profit is calculated + the same way, regardless of the discount value, and that + TransactionInfo.discount_value can be larger than + TransactionInfo.value: * Profit = value - tax - cost + GoogleCloudDiscoveryengineV1IdentityMappingEntry: + id: GoogleCloudDiscoveryengineV1IdentityMappingEntry properties: - timeWindowDays: + groupId: + type: string description: >- - The time window of which the engine is queried at training and - prediction time. Positive integers only. The value translates to the - last X days of events. Currently required for the - `most-popular-items` engine. + Group identifier. For Google Workspace user account, group_id should + be the google workspace group email. For non-google identity + provider, group_id is the mapped group identifier configured during + the workforcepool config. + userId: type: string - format: int64 - GoogleCloudDiscoveryengineV1betaEngineChatEngineMetadata: - id: GoogleCloudDiscoveryengineV1betaEngineChatEngineMetadata + description: >- + User identifier. For Google Workspace user account, user_id should + be the google workspace user email. For non-google identity + provider, user_id is the mapped user identifier configured during + the workforcepool config. + externalIdentityName: + type: string + description: Optional. The name of the external identity. + externalIdentity: + type: string + description: >- + Required. Identity outside the customer identity provider. The + length limit of external identity will be of 100 characters. description: >- - Additional information of a Chat Engine. Fields in this message are - output only. + Identity Mapping Entry that maps an external identity to an internal + identity. type: object + GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseQuerySuggestion: + description: Suggestions as search queries. + id: GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponseQuerySuggestion properties: - dialogflowAgent: - description: >- - The resource name of a Dialogflow agent, that this Chat Engine - refers to. Format: `projects//locations//agents/`. + dataStore: + type: array + items: + type: string + description: The name of the dataStore that this suggestion belongs to. + suggestion: + description: The suggestion for the query. type: string - GoogleCloudDiscoveryengineV1betaEngineCommonConfig: - id: GoogleCloudDiscoveryengineV1betaEngineCommonConfig - description: Common configurations for an Engine. + completableFieldPaths: + items: + type: string + type: array + description: >- + The unique document field paths that serve as the source of this + suggestion if it was generated from completable fields. This field + is only populated for the document-completable model. + score: + format: double + description: The score of each suggestion. The score is in the range of [0, 1]. + type: number + type: object + GoogleCloudDiscoveryengineV1WidgetConfigAssistantSettings: type: object properties: - companyName: + defaultWebGroundingToggleOff: + type: boolean description: >- - The name of the company, business or entity that is associated with - the engine. Setting this may help improve LLM related features. + Output only. This field controls the default web grounding toggle + for end users if `web_grounding_type` is set to + `WEB_GROUNDING_TYPE_GOOGLE_SEARCH` or + `WEB_GROUNDING_TYPE_ENTERPRISE_WEB_SEARCH`. By default, this field + is set to false. If `web_grounding_type` is + `WEB_GROUNDING_TYPE_GOOGLE_SEARCH` or + `WEB_GROUNDING_TYPE_ENTERPRISE_WEB_SEARCH`, end users will have web + grounding enabled by default on UI. If true, grounding toggle will + be disabled by default on UI. End users can still enable web + grounding in the UI if web grounding is enabled. + readOnly: true + googleSearchGroundingEnabled: + description: >- + Whether or not the Google search grounding toggle is shown. + Deprecated. Use web_grounding_type instead. + deprecated: true + type: boolean + webGroundingType: + description: Optional. The type of web grounding to use. + enumDescriptions: + - Default, unspecified setting. This is the same as disabled. + - Web grounding is disabled. + - Grounding with Google Search is enabled. + - Grounding with Enterprise Web Search is enabled. type: string - GoogleCloudDiscoveryengineV1betaEvaluation: - id: GoogleCloudDiscoveryengineV1betaEvaluation - description: >- - An evaluation is a single execution (or run) of an evaluation process. - It encapsulates the state of the evaluation and the resulting data. + enum: + - WEB_GROUNDING_TYPE_UNSPECIFIED + - WEB_GROUNDING_TYPE_DISABLED + - WEB_GROUNDING_TYPE_GOOGLE_SEARCH + - WEB_GROUNDING_TYPE_ENTERPRISE_WEB_SEARCH + disableLocationContext: + description: Optional. Output only. Whether to disable user location context. + readOnly: true + type: boolean + id: GoogleCloudDiscoveryengineV1WidgetConfigAssistantSettings + description: Describes the assistant settings of the widget. + GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesRequestInlineSource: type: object + description: >- + The inline source for the input config for BatchUpdateUserLicenses + method. + id: GoogleCloudDiscoveryengineV1BatchUpdateUserLicensesRequestInlineSource properties: - name: - description: >- - Identifier. The full resource name of the Evaluation, in the format - of - `projects/{project}/locations/{location}/evaluations/{evaluation}`. - This field must be a UTF-8 encoded string with a length limit of - 1024 characters. + updateMask: + format: google-fieldmask + description: Optional. The list of fields to update. type: string - evaluationSpec: - description: Required. The specification of the evaluation. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaEvaluationEvaluationSpec - qualityMetrics: + userLicenses: description: >- - Output only. The metrics produced by the evaluation, averaged across - all SampleQuerys in the SampleQuerySet. Only populated when the - evaluation's state is SUCCEEDED. - readOnly: true - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaQualityMetrics' + Required. A list of user licenses to update. Each user license must + have a valid UserLicense.user_principal. + type: array + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserLicense' + GoogleCloudDiscoveryengineV1alphaAnswerStep: + description: Step information. + properties: state: - description: Output only. The state of the evaluation. - readOnly: true - type: string - enumDescriptions: - - The evaluation is unspecified. - - The service is preparing to run the evaluation. - - The evaluation is in progress. - - The evaluation completed successfully. - - The evaluation failed. enum: - STATE_UNSPECIFIED - - PENDING - - RUNNING - - SUCCEEDED + - IN_PROGRESS - FAILED - error: - description: >- - Output only. The error that occurred during evaluation. Only - populated when the evaluation's state is FAILED. - readOnly: true - $ref: '#/components/schemas/GoogleRpcStatus' - createTime: - description: Output only. Timestamp the Evaluation was created at. - readOnly: true + - SUCCEEDED + enumDescriptions: + - Unknown. + - Step is currently in progress. + - Step currently failed. + - Step has succeeded. type: string - format: google-datetime - endTime: - description: Output only. Timestamp the Evaluation was completed at. - readOnly: true + description: The state of the step. + description: + description: The description of the step. type: string - format: google-datetime - errorSamples: - description: >- - Output only. A sample of errors encountered while processing the - request. - readOnly: true + actions: type: array items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1betaEvaluationEvaluationSpec: - id: GoogleCloudDiscoveryengineV1betaEvaluationEvaluationSpec - description: Describes the specification of the evaluation. - type: object - properties: - searchRequest: - description: >- - Required. The search request that is used to perform the evaluation. - Only the following fields within SearchRequest are supported; if any - other fields are provided, an UNSUPPORTED error will be returned: * - SearchRequest.serving_config * SearchRequest.branch * - SearchRequest.canonical_filter * SearchRequest.query_expansion_spec - * SearchRequest.spell_correction_spec * - SearchRequest.content_search_spec * SearchRequest.user_pseudo_id - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequest' - querySetSpec: - description: Optional. The specification of the query set. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaEvaluationEvaluationSpecQuerySetSpec - GoogleCloudDiscoveryengineV1betaSearchRequest: - id: GoogleCloudDiscoveryengineV1betaSearchRequest - description: Request message for SearchService.Search method. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerStepAction + description: Actions. + thought: + type: string + description: The thought of the step. type: object + id: GoogleCloudDiscoveryengineV1alphaAnswerStep + GoogleCloudDiscoveryengineV1betaDeleteEngineMetadata: + type: object + id: GoogleCloudDiscoveryengineV1betaDeleteEngineMetadata + description: >- + Metadata related to the progress of the EngineService.DeleteEngine + operation. This will be returned by the + google.longrunning.Operation.metadata field. properties: - servingConfig: + createTime: + format: google-datetime + type: string + description: Operation create time. + updateTime: + type: string + format: google-datetime description: >- - Required. The resource name of the Search serving config, such as - `projects/*/locations/global/collections/default_collection/engines/*/servingConfigs/default_serving_config`, - or - `projects/*/locations/global/collections/default_collection/dataStores/default_data_store/servingConfigs/default_serving_config`. - This field is used to identify the serving configuration name, set - of models used to make the search. + Operation last update time. If the operation is done, this is also + the finish time. + GoogleCloudDiscoveryengineV1alphaSearchRequestQueryExpansionSpec: + properties: + condition: + description: >- + The condition under which query expansion should occur. Default to + Condition.DISABLED. type: string - branch: + enumDescriptions: + - >- + Unspecified query expansion condition. In this case, server + behavior defaults to Condition.DISABLED. + - >- + Disabled query expansion. Only the exact search query is used, + even if SearchResponse.total_size is zero. + - Automatic query expansion built by the Search API. + enum: + - CONDITION_UNSPECIFIED + - DISABLED + - AUTO + pinUnexpandedResults: description: >- - The branch resource name, such as - `projects/*/locations/global/collections/default_collection/dataStores/default_data_store/branches/0`. - Use `default_branch` as the branch ID or leave this field empty, to - search documents under the default branch. + Whether to pin unexpanded results. If this field is set to true, + unexpanded products are always at the top of the search results, + followed by the expanded results. + type: boolean + id: GoogleCloudDiscoveryengineV1alphaSearchRequestQueryExpansionSpec + description: >- + Specification to determine under which conditions query expansion should + occur. + type: object + GoogleCloudDiscoveryengineV1alphaSetUriPatternDocumentDataMetadata: + description: >- + Metadata related to the progress of the + SiteSearchEngineService.SetUriPatternDocumentData operation. This will + be returned by the google.longrunning.Operation.metadata field. + type: object + id: GoogleCloudDiscoveryengineV1alphaSetUriPatternDocumentDataMetadata + properties: + createTime: + description: Operation create time. + format: google-datetime type: string - query: - description: Raw search query. + updateTime: + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + type: string + format: google-datetime + GoogleCloudDiscoveryengineV1ServingConfig: + properties: + name: type: string - imageQuery: - description: Raw image query. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestImageQuery - pageSize: description: >- - Maximum number of Documents to return. The maximum allowed value - depends on the data type. Values above the maximum value are coerced - to the maximum value. * Websites with basic indexing: Default `10`, - Maximum `25`. * Websites with advanced indexing: Default `25`, - Maximum `50`. * Other: Default `50`, Maximum `100`. If this field is - negative, an `INVALID_ARGUMENT` is returned. - type: integer - format: int32 - pageToken: + Immutable. Fully qualified name + `projects/{project}/locations/{location}/collections/{collection_id}/engines/{engine_id}/servingConfigs/{serving_config_id}` + redirectControlIds: description: >- - A page token received from a previous SearchService.Search call. - Provide this to retrieve the subsequent page. When paginating, all - other parameters provided to SearchService.Search must match the - call that provided the page token. Otherwise, an `INVALID_ARGUMENT` - error is returned. + IDs of the redirect controls. Only the first triggered redirect + action is applied, even if multiple apply. Maximum number of + specifications is 100. Can only be set if SolutionType is + SOLUTION_TYPE_SEARCH. + items: + type: string + type: array + synonymsControlIds: + type: array + items: + type: string + description: >- + Condition synonyms specifications. If multiple synonyms conditions + match, all matching synonyms controls in the list will execute. + Maximum number of specifications is 100. Can only be set if + SolutionType is SOLUTION_TYPE_SEARCH. + genericConfig: + description: The GenericConfig of the serving configuration. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ServingConfigGenericConfig + mediaConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ServingConfigMediaConfig + description: The MediaConfig of the serving configuration. + updateTime: + description: Output only. ServingConfig updated timestamp. + format: google-datetime type: string - offset: + readOnly: true + boostControlIds: + items: + type: string + type: array description: >- - A 0-indexed integer that specifies the current offset (that is, - starting result location, amongst the Documents deemed by the API as - relevant) in search results. This field is only considered if - page_token is unset. If this field is negative, an - `INVALID_ARGUMENT` is returned. - type: integer - format: int32 - oneBoxPageSize: + Boost controls to use in serving path. All triggered boost controls + will be applied. Boost controls must be in the same data store as + the serving config. Maximum of 20 boost controls. + ignoreControlIds: + type: array description: >- - The maximum number of results to return for OneBox. This applies to - each OneBox type individually. Default number is 10. - type: integer - format: int32 - dataStoreSpecs: + Condition ignore specifications. If multiple ignore conditions + match, all matching ignore controls in the list will execute. Order + does not matter. Maximum number of specifications is 100. + items: + type: string + onewaySynonymsControlIds: description: >- - Specifications that define the specific DataStores to be searched, - along with configurations for those data stores. This is only - considered for Engines with multiple data stores. For engines with a - single data store, the specs directly under SearchRequest should be - used. + Condition oneway synonyms specifications. If multiple oneway + synonyms conditions match, all matching oneway synonyms controls in + the list will execute. Maximum number of specifications is 100. Can + only be set if SolutionType is SOLUTION_TYPE_SEARCH. type: array items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestDataStoreSpec - filter: + type: string + solutionType: description: >- - The filter syntax consists of an expression language for - constructing a predicate from one or more fields of the documents - being filtered. Filter expression is case-sensitive. If this field - is unrecognizable, an `INVALID_ARGUMENT` is returned. Filtering in - Vertex AI Search is done by mapping the LHS filter key to a key - property defined in the Vertex AI Search backend -- this mapping is - defined by the customer in their schema. For example a media - customer might have a field 'name' in their schema. In this case the - filter would look like this: filter --> name:'ANY("king kong")' For - more information about filtering including syntax and filter - operators, see - [Filter](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) + Required. Immutable. Specifies the solution type that a serving + config can be associated with. type: string - canonicalFilter: + enumDescriptions: + - Default value. + - Used for Recommendations AI. + - Used for Discovery Search. + - Used for use cases related to the Generative AI agent. + - >- + Used for use cases related to the Generative Chat agent. It's used + for Generative chat engine only, the associated data stores must + enrolled with `SOLUTION_TYPE_CHAT` solution. + enum: + - SOLUTION_TYPE_UNSPECIFIED + - SOLUTION_TYPE_RECOMMENDATION + - SOLUTION_TYPE_SEARCH + - SOLUTION_TYPE_CHAT + - SOLUTION_TYPE_GENERATIVE_CHAT + dissociateControlIds: + items: + type: string description: >- - The default filter that is applied when a user performs a search - without checking any filters on the search page. The filter applied - to every search request when quality improvement such as query - expansion is needed. In the case a query does not have a sufficient - amount of results this filter will be used to determine whether or - not to enable the query expansion flow. The original filter will - still be used for the query expanded search. This field is strongly - recommended to achieve high search quality. For more information - about filter syntax, see SearchRequest.filter. + Condition do not associate specifications. If multiple do not + associate conditions match, all matching do not associate controls + in the list will execute. Order does not matter. Maximum number of + specifications is 100. Can only be set if SolutionType is + SOLUTION_TYPE_SEARCH. + type: array + rankingExpression: + description: >- + The ranking expression controls the customized ranking on retrieval + documents. To leverage this, document embedding is required. The + ranking expression setting in ServingConfig applies to all search + requests served by the serving config. However, if + `SearchRequest.ranking_expression` is specified, it overrides the + ServingConfig ranking expression. The ranking expression is a single + function or multiple functions that are joined by "+". * + ranking_expression = function, { " + ", function }; Supported + functions: * double * relevance_score * double * + dotProduct(embedding_field_path) Function variables: * + `relevance_score`: pre-defined keywords, used for measure relevance + between query and document. * `embedding_field_path`: the document + embedding field used with query embedding vector. * `dotProduct`: + embedding function between embedding_field_path and query embedding + vector. Example ranking expression: If document has an embedding + field doc_embedding, the ranking expression could be `0.5 * + relevance_score + 0.3 * dotProduct(doc_embedding)`. type: string - orderBy: + promoteControlIds: + type: array description: >- - The order in which documents are returned. Documents can be ordered - by a field in an Document object. Leave it unset if ordered by - relevance. `order_by` expression is case-sensitive. For more - information on ordering the website search results, see [Order web - search - results](https://cloud.google.com/generative-ai-app-builder/docs/order-web-search-results). - For more information on ordering the healthcare search results, see - [Order healthcare search - results](https://cloud.google.com/generative-ai-app-builder/docs/order-hc-results). - If this field is unrecognizable, an `INVALID_ARGUMENT` is returned. + Condition promote specifications. Maximum number of specifications + is 100. + items: + type: string + createTime: + description: Output only. ServingConfig created timestamp. + format: google-datetime + type: string + readOnly: true + diversityLevel: type: string - userInfo: description: >- - Information about the end user. Highly recommended for analytics and - personalization. UserInfo.user_agent is used to deduce `device_type` - for analytics. - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaUserInfo' - languageCode: + How much diversity to use in recommendation model results e.g. + `medium-diversity` or `high-diversity`. Currently supported values: + * `no-diversity` * `low-diversity` * `medium-diversity` * + `high-diversity` * `auto-diversity` If not specified, we choose + default based on recommendation model type. Default value: + `no-diversity`. Can only be set if SolutionType is + SOLUTION_TYPE_RECOMMENDATION. + displayName: description: >- - The BCP-47 language code, such as "en-US" or "sr-Latn". For more - information, see [Standard - fields](https://cloud.google.com/apis/design/standard_fields). This - field helps to better interpret the query. If a value isn't - specified, the query language code is automatically detected, which - may not be accurate. + Required. The human readable serving config display name. Used in + Discovery UI. This field must be a UTF-8 encoded string with a + length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error + is returned. type: string - regionCode: + modelId: description: >- - The Unicode country/region code (CLDR) of a location, such as "US" - and "419". For more information, see [Standard - fields](https://cloud.google.com/apis/design/standard_fields). If - set, then results will be boosted based on the region_code provided. + The id of the model to use at serving time. Currently only + RecommendationModels are supported. Can be changed but only to a + compatible model (e.g. others-you-may-like CTR to + others-you-may-like CVR). Required when SolutionType is + SOLUTION_TYPE_RECOMMENDATION. type: string - facetSpecs: + filterControlIds: description: >- - Facet specifications for faceted search. If empty, no facets are - returned. A maximum of 100 values are allowed. Otherwise, an - `INVALID_ARGUMENT` error is returned. + Filter controls to use in serving path. All triggered filter + controls will be applied. Filter controls must be in the same data + store as the serving config. Maximum of 20 filter controls. + items: + type: string + type: array + answerGenerationSpec: + description: Optional. The specification for answer generation. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerGenerationSpec + replacementControlIds: + description: >- + Condition replacement specifications. Applied according to the order + in the list. A previously replaced term can not be re-replaced. + Maximum number of specifications is 100. Can only be set if + SolutionType is SOLUTION_TYPE_SEARCH. type: array items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestFacetSpec - boostSpec: + type: string + description: >- + Configures metadata that is used to generate serving time results (e.g. + search results or recommendation predictions). The ServingConfig is + passed in the search and predict request and generates results. + id: GoogleCloudDiscoveryengineV1ServingConfig + type: object + GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecModelPromptSpec: + type: object + properties: + preamble: description: >- - Boost specification to boost certain documents. For more information - on boosting, see - [Boosting](https://cloud.google.com/generative-ai-app-builder/docs/boost-search-results) + Text at the beginning of the prompt that instructs the assistant. + Examples are available in the user guide. + type: string + id: >- + GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecModelPromptSpec + description: Specification of the prompt to use with the model. + GoogleCloudDiscoveryengineV1TrainCustomModelRequest: + properties: + gcsTrainingInput: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpec - params: + #/components/schemas/GoogleCloudDiscoveryengineV1TrainCustomModelRequestGcsTrainingInput + description: Cloud Storage training input. + errorConfig: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ImportErrorConfig' description: >- - Additional search parameters. For public website search only, - supported values are: * `user_country_code`: string. Default empty. - If set to non-empty, results are restricted or boosted based on the - location provided. For example, `user_country_code: "au"` For - available codes see [Country - Codes](https://developers.google.com/custom-search/docs/json_api_reference#countryCodes) - * `search_type`: double. Default empty. Enables non-webpage - searching depending on the value. The only valid non-default value - is 1, which enables image searching. For example, `search_type: 1` - type: object - additionalProperties: - type: any - queryExpansionSpec: + The desired location of errors incurred during the data ingestion + and training. + modelId: + description: If not provided, a UUID will be generated. + type: string + modelType: + type: string description: >- - The query expansion specification that specifies the conditions - under which query expansion occurs. + Model to be trained. Supported values are: * **search-tuning**: Fine + tuning the search system based on data provided. + id: GoogleCloudDiscoveryengineV1TrainCustomModelRequest + type: object + description: Request message for SearchTuningService.TrainCustomModel method. + GoogleCloudDiscoveryengineV1betaSearchRequestDisplaySpec: + properties: + matchHighlightingCondition: + description: The condition under which match highlighting should occur. + type: string + enumDescriptions: + - Server behavior is the same as `MATCH_HIGHLIGHTING_DISABLED`. + - Disables match highlighting on all documents. + - Enables match highlighting on all documents. + enum: + - MATCH_HIGHLIGHTING_CONDITION_UNSPECIFIED + - MATCH_HIGHLIGHTING_DISABLED + - MATCH_HIGHLIGHTING_ENABLED + id: GoogleCloudDiscoveryengineV1betaSearchRequestDisplaySpec + description: Specifies features for display, like match highlighting. + type: object + GoogleCloudDiscoveryengineV1AssistantContentCodeExecutionResult: + type: object + description: Result of executing ExecutableCode. + id: GoogleCloudDiscoveryengineV1AssistantContentCodeExecutionResult + properties: + outcome: + type: string + enumDescriptions: + - Unspecified status. This value should not be used. + - Code execution completed successfully. + - >- + Code execution finished but with a failure. `stderr` should + contain the reason. + - >- + Code execution ran for too long, and was cancelled. There may or + may not be a partial output present. + description: Required. Outcome of the code execution. + enum: + - OUTCOME_UNSPECIFIED + - OUTCOME_OK + - OUTCOME_FAILED + - OUTCOME_DEADLINE_EXCEEDED + output: + type: string + description: >- + Optional. Contains stdout when code execution is successful, stderr + or other description otherwise. + GoogleCloudDiscoveryengineV1betaDedicatedCrawlRateTimeSeries: + type: object + id: GoogleCloudDiscoveryengineV1betaDedicatedCrawlRateTimeSeries + description: >- + The historical dedicated crawl rate timeseries data, used for + monitoring. Dedicated crawl is used by Vertex AI to crawl the user's + website when dedicate crawl is set. + properties: + userTriggeredCrawlRate: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestQueryExpansionSpec - spellCorrectionSpec: + #/components/schemas/GoogleCloudDiscoveryengineV1betaCrawlRateTimeSeries description: >- - The spell correction specification that specifies the mode under - which spell correction takes effect. + Vertex AI's dedicated crawl rate time series of user triggered + crawl, which is the crawl rate of Google-CloudVertexBot when + dedicate crawl is set, and user triggered crawl rate is for + deterministic use cases like crawling urls or sitemaps specified by + users. + autoRefreshCrawlErrorRate: + description: Vertex AI's error rate time series of auto-refresh dedicated crawl. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestSpellCorrectionSpec - userPseudoId: + #/components/schemas/GoogleCloudDiscoveryengineV1betaCrawlRateTimeSeries + autoRefreshCrawlRate: description: >- - A unique identifier for tracking visitors. For example, this could - be implemented with an HTTP cookie, which should be able to uniquely - identify a visitor on a single device. This unique identifier should - not change if the visitor logs in or out of the website. This field - should NOT have a fixed value such as `unknown_visitor`. This should - be the same identifier as UserEvent.user_pseudo_id and - CompleteQueryRequest.user_pseudo_id The field must be a UTF-8 - encoded string with a length limit of 128 characters. Otherwise, an - `INVALID_ARGUMENT` error is returned. - type: string - contentSearchSpec: - description: A specification for configuring the behavior of content search. + Vertex AI's dedicated crawl rate time series of auto-refresh, which + is the crawl rate of Google-CloudVertexBot when dedicate crawl is + set, and the crawl rate is for best effort use cases like refreshing + urls periodically. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpec - embeddingSpec: + #/components/schemas/GoogleCloudDiscoveryengineV1betaCrawlRateTimeSeries + userTriggeredCrawlErrorRate: description: >- - Uses the provided embedding to do additional semantic document - retrieval. The retrieval is based on the dot product of - SearchRequest.EmbeddingSpec.EmbeddingVector.vector and the document - embedding that is provided in - SearchRequest.EmbeddingSpec.EmbeddingVector.field_path. If - SearchRequest.EmbeddingSpec.EmbeddingVector.field_path is not - provided, it will use ServingConfig.EmbeddingConfig.field_path. + Vertex AI's error rate time series of user triggered dedicated + crawl. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestEmbeddingSpec - rankingExpression: + #/components/schemas/GoogleCloudDiscoveryengineV1betaCrawlRateTimeSeries + GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigLayoutParsingConfig: + type: object + description: The layout parsing configurations for documents. + properties: + excludeHtmlElements: + description: Optional. List of HTML elements to exclude from the parsed content. + type: array + items: + type: string + excludeHtmlClasses: + type: array + items: + type: string + description: Optional. List of HTML classes to exclude from the parsed content. + enableGetProcessedDocument: description: >- - Optional. The ranking expression controls the customized ranking on - retrieval documents. This overrides - ServingConfig.ranking_expression. The syntax and supported features - depend on the `ranking_expression_backend` value. If - `ranking_expression_backend` is not provided, it defaults to - `RANK_BY_EMBEDDING`. If ranking_expression_backend is not provided - or set to `RANK_BY_EMBEDDING`, it should be a single function or - multiple functions that are joined by "+". * ranking_expression = - function, { " + ", function }; Supported functions: * double * - relevance_score * double * dotProduct(embedding_field_path) Function - variables: * `relevance_score`: pre-defined keywords, used for - measure relevance between query and document. * - `embedding_field_path`: the document embedding field used with query - embedding vector. * `dotProduct`: embedding function between - `embedding_field_path` and query embedding vector. Example ranking - expression: If document has an embedding field doc_embedding, the - ranking expression could be `0.5 * relevance_score + 0.3 * - dotProduct(doc_embedding)`. If ranking_expression_backend is set to - `RANK_BY_FORMULA`, the following expression types (and combinations - of those chained using + or * operators) are supported: * `double` * - `signal` * `log(signal)` * `exp(signal)` * `rr(signal, double > 0)` - -- reciprocal rank transformation with second argument being a - denominator constant. * `is_nan(signal)` -- returns 0 if signal is - NaN, 1 otherwise. * `fill_nan(signal1, signal2 | double)` -- if - signal1 is NaN, returns signal2 | double, else returns signal1. Here - are a few examples of ranking formulas that use the supported - ranking expression types: - `0.2 * semantic_similarity_score + 0.8 * - log(keyword_similarity_score)` -- mostly rank by the logarithm of - `keyword_similarity_score` with slight `semantic_smilarity_score` - adjustment. - `0.2 * exp(fill_nan(semantic_similarity_score, 0)) + - 0.3 * is_nan(keyword_similarity_score)` -- rank by the exponent of - `semantic_similarity_score` filling the value with 0 if it's NaN, - also add constant 0.3 adjustment to the final score if - `semantic_similarity_score` is NaN. - `0.2 * - rr(semantic_similarity_score, 16) + 0.8 * - rr(keyword_similarity_score, 16)` -- mostly rank by the reciprocal - rank of `keyword_similarity_score` with slight adjustment of - reciprocal rank of `semantic_smilarity_score`. The following signals - are supported: * `semantic_similarity_score`: semantic similarity - adjustment that is calculated using the embeddings generated by a - proprietary Google model. This score determines how semantically - similar a search query is to a document. * - `keyword_similarity_score`: keyword match adjustment uses the Best - Match 25 (BM25) ranking function. This score is calculated using a - probabilistic model to estimate the probability that a document is - relevant to a given query. * `relevance_score`: semantic relevance - adjustment that uses a proprietary Google model to determine the - meaning and intent behind a user's query in context with the content - in the documents. * `pctr_rank`: predicted conversion rate - adjustment as a rank use predicted Click-through rate (pCTR) to - gauge the relevance and attractiveness of a search result from a - user's perspective. A higher pCTR suggests that the result is more - likely to satisfy the user's query and intent, making it a valuable - signal for ranking. * `freshness_rank`: freshness adjustment as a - rank * `document_age`: The time in hours elapsed since the document - was last updated, a floating-point number (e.g., 0.25 means 15 - minutes). * `topicality_rank`: topicality adjustment as a rank. Uses - proprietary Google model to determine the keyword-based overlap - between the query and the document. * `base_rank`: the default rank - of the result - type: string - rankingExpressionBackend: - description: Optional. The backend to use for the ranking expression evaluation. - type: string - enumDescriptions: - - Default option for unspecified/unknown values. - - >- - Deprecated: Use `RANK_BY_EMBEDDING` instead. Ranking by custom - embedding model, the default way to evaluate the ranking - expression. Legacy enum option, `RANK_BY_EMBEDDING` should be used - instead. - - >- - Deprecated: Use `RANK_BY_FORMULA` instead. Ranking by custom - formula. Legacy enum option, `RANK_BY_FORMULA` should be used - instead. - - >- - Ranking by custom embedding model, the default way to evaluate the - ranking expression. - - Ranking by custom formula. - enumDeprecated: - - false - - true - - true - - false - - false - enum: - - RANKING_EXPRESSION_BACKEND_UNSPECIFIED - - BYOE - - CLEARBOX - - RANK_BY_EMBEDDING - - RANK_BY_FORMULA - safeSearch: - description: >- - Whether to turn on safe search. This is only supported for website - search. + Optional. If true, the processed document will be made available for + the GetProcessedDocument API. type: boolean - userLabels: - description: >- - The user labels applied to a resource must meet the following - requirements: * Each resource can have multiple labels, up to a - maximum of 64. * Each label must be a key-value pair. * Keys have a - minimum length of 1 character and a maximum length of 63 characters - and cannot be empty. Values can be empty and have a maximum length - of 63 characters. * Keys and values can contain only lowercase - letters, numeric characters, underscores, and dashes. All characters - must use UTF-8 encoding, and international characters are allowed. * - The key portion of a label must be unique. However, you can use the - same key with multiple resources. * Keys must start with a lowercase - letter or international character. See [Google Cloud - Document](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) - for more details. - type: object - additionalProperties: + structuredContentTypes: + items: type: string - naturalLanguageQueryUnderstandingSpec: - description: >- - Config for natural language query understanding capabilities, such - as extracting structured field filters from the query. Refer to - [this - documentation](https://cloud.google.com/generative-ai-app-builder/docs/natural-language-queries) - for more information. If `naturalLanguageQueryUnderstandingSpec` is - not specified, no additional natural language query understanding - will be done. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestNaturalLanguageQueryUnderstandingSpec - searchAsYouTypeSpec: - description: >- - Search as you type configuration. Only supported for the - IndustryVertical.MEDIA vertical. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestSearchAsYouTypeSpec - displaySpec: - description: >- - Optional. Config for display feature, like match highlighting on - search results. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestDisplaySpec - session: - description: >- - The session resource name. Optional. Session allows users to do - multi-turn /search API calls or coordination between /search API - calls and /answer API calls. Example #1 (multi-turn /search API - calls): Call /search API with the session ID generated in the first - call. Here, the previous search query gets considered in query - standing. I.e., if the first query is "How did Alphabet do in 2022?" - and the current query is "How about 2023?", the current query will - be interpreted as "How did Alphabet do in 2023?". Example #2 - (coordination between /search API calls and /answer API calls): Call - /answer API with the session ID generated in the first call. Here, - the answer generation happens in the context of the search results - from the first search call. Multi-turn Search feature is currently - at private GA stage. Please use v1alpha or v1beta version instead - before we launch this feature to public GA. Or ask for allowlisting - through Google Support team. - type: string - sessionSpec: - description: Session specification. Can be used only when `session` is set. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestSessionSpec - relevanceThreshold: description: >- - The relevance threshold of the search results. Default to Google - defined threshold, leveraging a balance of precision and recall to - deliver both highly accurate results and comprehensive coverage of - relevant information. This feature is not supported for healthcare - search. - type: string - enumDescriptions: - - >- - Default value. In this case, server behavior defaults to Google - defined threshold. - - Lowest relevance threshold. - - Low relevance threshold. - - Medium relevance threshold. - - High relevance threshold. - enum: - - RELEVANCE_THRESHOLD_UNSPECIFIED - - LOWEST - - LOW - - MEDIUM - - HIGH - personalizationSpec: + Optional. Contains the required structure types to extract from the + document. Supported values: * `shareholder-structure` + type: array + enableImageAnnotation: + type: boolean description: >- - The specification for personalization. Notice that if both - ServingConfig.personalization_spec and - SearchRequest.personalization_spec are set, - SearchRequest.personalization_spec overrides - ServingConfig.personalization_spec. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestPersonalizationSpec - relevanceScoreSpec: - description: Optional. The specification for returning the relevance score. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestRelevanceScoreSpec - GoogleCloudDiscoveryengineV1betaSearchRequestImageQuery: - id: GoogleCloudDiscoveryengineV1betaSearchRequestImageQuery - description: Specifies the image query input. - type: object - properties: - imageBytes: + Optional. If true, the LLM based annotation is added to the image + during parsing. + enableTableAnnotation: description: >- - Base64 encoded image bytes. Supported image formats: JPEG, PNG, and - BMP. - type: string - GoogleCloudDiscoveryengineV1betaSearchRequestDataStoreSpec: - id: GoogleCloudDiscoveryengineV1betaSearchRequestDataStoreSpec + Optional. If true, the LLM based annotation is added to the table + during parsing. + type: boolean + enableLlmLayoutParsing: + description: Optional. If true, the pdf layout will be refined using an LLM. + type: boolean + excludeHtmlIds: + description: Optional. List of HTML ids to exclude from the parsed content. + type: array + items: + type: string + id: >- + GoogleCloudDiscoveryengineV1alphaDocumentProcessingConfigParsingConfigLayoutParsingConfig + GoogleCloudDiscoveryengineV1alphaDisableAdvancedSiteSearchResponse: description: >- - A struct to define data stores to filter on in a search call and - configurations for those data stores. Otherwise, an `INVALID_ARGUMENT` - error is returned. + Response message for SiteSearchEngineService.DisableAdvancedSiteSearch + method. + type: object + properties: {} + id: GoogleCloudDiscoveryengineV1alphaDisableAdvancedSiteSearchResponse + GoogleCloudDiscoveryengineV1alphaImportSuggestionDenyListEntriesResponse: type: object properties: - dataStore: - description: >- - Required. Full resource name of DataStore, such as - `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}`. - The path must include the project number, project id is not - supported for this field. + importedEntriesCount: + description: Count of deny list entries successfully imported. + format: int64 type: string - filter: - description: >- - Optional. Filter specification to filter documents in the data store - specified by data_store field. For more information on filtering, - see - [Filtering](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) + errorSamples: + type: array + items: + $ref: '#/components/schemas/GoogleRpcStatus' + description: A sample of errors encountered while processing the request. + failedEntriesCount: type: string - boostSpec: - description: >- - Optional. Boost specification to boost certain documents. For more - information on boosting, see - [Boosting](https://cloud.google.com/generative-ai-app-builder/docs/boost-search-results) - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpec - customSearchOperators: - description: >- - Optional. Custom search operators which if specified will be used to - filter results from workspace data stores. For more information on - custom search operators, see - [SearchOperators](https://support.google.com/cloudsearch/answer/6172299). + format: int64 + description: Count of deny list entries that failed to be imported. + description: >- + Response message for CompletionService.ImportSuggestionDenyListEntries + method. + id: GoogleCloudDiscoveryengineV1alphaImportSuggestionDenyListEntriesResponse + GoogleCloudDiscoveryengineV1CheckGroundingResponseCheckGroundingFactChunk: + properties: + chunkText: type: string - GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpec: - id: GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpec - description: Boost specification to boost certain documents. + description: Text content of the fact chunk. Can be at most 10K characters long. + type: object + id: >- + GoogleCloudDiscoveryengineV1CheckGroundingResponseCheckGroundingFactChunk + description: Fact chunk for grounding check. + GoogleCloudDiscoveryengineV1Answer: type: object + id: GoogleCloudDiscoveryengineV1Answer + description: Defines an answer. properties: - conditionBoostSpecs: - description: >- - Condition boost specifications. If a document matches multiple - conditions in the specifications, boost scores from these - specifications are all applied and combined in a non-linear way. - Maximum number of specifications is 20. + state: + enumDescriptions: + - Unknown. + - Answer generation is currently in progress. + - Answer generation currently failed. + - Answer generation has succeeded. + - Answer generation is currently in progress. + enum: + - STATE_UNSPECIFIED + - IN_PROGRESS + - FAILED + - SUCCEEDED + - STREAMING + type: string + description: The state of the answer generation. + answerText: + description: The textual answer. + type: string + relatedQuestions: + type: array + items: + type: string + description: Suggested related questions. + safetyRatings: + description: Optional. Safety ratings. + type: array + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SafetyRating' + steps: + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AnswerStep' + description: Answer generation steps. + type: array + citations: type: array + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AnswerCitation' + description: Citations. + createTime: + type: string + format: google-datetime + description: Output only. Answer creation timestamp. + readOnly: true + groundingSupports: items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpec - GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpec: - id: GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpec - description: Boost applies to documents which match a condition. - type: object - properties: - condition: - description: >- - An expression which specifies a boost condition. The syntax and - supported fields are the same as a filter expression. See - SearchRequest.filter for detail syntax and limitations. Examples: * - To boost documents with document ID "doc_1" or "doc_2", and color - "Red" or "Blue": `(document_id: ANY("doc_1", "doc_2")) AND (color: - ANY("Red", "Blue"))` + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerGroundingSupport + description: Optional. Grounding supports. + type: array + completeTime: type: string - boost: + format: google-datetime + description: Output only. Answer completed timestamp. + readOnly: true + name: description: >- - Strength of the condition boost, which should be in [-1, 1]. - Negative boost means demotion. Default is 0.0. Setting to 1.0 gives - the document a big promotion. However, it does not necessarily mean - that the boosted document will be the top result at all times, nor - that other documents will be excluded. Results could still be shown - even when none of them matches the condition. And results that are - significantly more relevant to the search query can still trump your - heavily favored but irrelevant documents. Setting to -1.0 gives the - document a big demotion. However, results that are deeply relevant - might still be shown. The document will have an upstream battle to - get a fairly high ranking, but it is not blocked out completely. - Setting to 0.0 means no boost applied. The boosting condition is - ignored. Only one of the (condition, boost) combination or the - boost_control_spec below are set. If both are set then the global - boost is ignored and the more fine-grained boost_control_spec is - applied. + Immutable. Fully qualified name + `projects/{project}/locations/global/collections/{collection}/engines/{engine}/sessions/*/answers/*` + type: string + groundingScore: + format: double type: number - format: float - boostControlSpec: description: >- - Complex specification for custom ranking based on customer defined - attribute value. + A score in the range of [0, 1] describing how grounded the answer is + by the reference chunks. + answerSkippedReasons: + description: >- + Additional answer-skipped reasons. This provides the reason for + ignored cases. If nothing is skipped, this field is not set. + items: + enumDescriptions: + - Default value. The answer skipped reason is not specified. + - The adversarial query ignored case. + - >- + The non-answer seeking query ignored case Google skips the + answer if the query is chit chat. + - >- + The out-of-domain query ignored case. Google skips the answer if + there are no high-relevance search results. + - >- + The potential policy violation case. Google skips the answer if + there is a potential policy violation detected. This includes + content that may be violent or toxic. + - >- + The no relevant content case. Google skips the answer if there + is no relevant content in the retrieved search results. + - >- + The jail-breaking query ignored case. For example, "Reply in the + tone of a competing company's CEO". Google skips the answer if + the query is classified as a jail-breaking query. + - >- + The customer policy violation case. Google skips the summary if + there is a customer policy violation detected. The policy is + defined by the customer. + - >- + The non-answer seeking query ignored case. Google skips the + answer if the query doesn't have clear intent. + - >- + The low-grounded answer case. Google skips the answer if a well + grounded answer was unable to be generated. + - >- + The user defined query classification ignored case. Google skips + the answer if the query is classified as a user defined query + classification. + - >- + The unhelpful answer case. Google skips the answer if the answer + is not helpful. This can be due to a variety of factors, + including but not limited to: the query is not answerable, the + answer is not relevant to the query, or the answer is not + well-formatted. + enum: + - ANSWER_SKIPPED_REASON_UNSPECIFIED + - ADVERSARIAL_QUERY_IGNORED + - NON_ANSWER_SEEKING_QUERY_IGNORED + - OUT_OF_DOMAIN_QUERY_IGNORED + - POTENTIAL_POLICY_VIOLATION + - NO_RELEVANT_CONTENT + - JAIL_BREAKING_QUERY_IGNORED + - CUSTOMER_POLICY_VIOLATION + - NON_ANSWER_SEEKING_QUERY_IGNORED_V2 + - LOW_GROUNDED_ANSWER + - USER_DEFINED_CLASSIFICATION_QUERY_IGNORED + - UNHELPFUL_ANSWER + type: string + type: array + queryUnderstandingInfo: + description: Query understanding information. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpecBoostControlSpec - GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpecBoostControlSpec: - id: >- - GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpecBoostControlSpec - description: >- - Specification for custom ranking based on customer specified attribute - value. It provides more controls for customized ranking than the simple - (condition, boost) combination above. + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryUnderstandingInfo + references: + type: array + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AnswerReference' + description: References. + GoogleCloudDiscoveryengineV1betaSearchRequestPersonalizationSpec: + id: GoogleCloudDiscoveryengineV1betaSearchRequestPersonalizationSpec type: object properties: - fieldName: - description: >- - The name of the field whose value will be used to determine the - boost amount. - type: string - attributeType: + mode: description: >- - The attribute type to be used to determine the boost amount. The - attribute value can be derived from the field value of the specified - field_name. In the case of numerical it is straightforward i.e. - attribute_value = numerical_field_value. In the case of freshness - however, attribute_value = (time.now() - datetime_field_value). + The personalization mode of the search request. Defaults to + Mode.AUTO. type: string - enumDescriptions: - - Unspecified AttributeType. - - >- - The value of the numerical field will be used to dynamically - update the boost amount. In this case, the attribute_value (the x - value) of the control point will be the actual value of the - numerical field for which the boost_amount is specified. - - >- - For the freshness use case the attribute value will be the - duration between the current time and the date in the datetime - field specified. The value must be formatted as an XSD - `dayTimeDuration` value (a restricted subset of an ISO 8601 - duration value). The pattern for this is: `nDnM]`. For example, - `5D`, `3DT12H30M`, `T24H`. enum: - - ATTRIBUTE_TYPE_UNSPECIFIED - - NUMERICAL - - FRESHNESS - interpolationType: - description: >- - The interpolation type to be applied to connect the control points - listed below. - type: string + - MODE_UNSPECIFIED + - AUTO + - DISABLED enumDescriptions: - >- - Interpolation type is unspecified. In this case, it defaults to - Linear. - - Piecewise linear interpolation will be applied. - enum: - - INTERPOLATION_TYPE_UNSPECIFIED - - LINEAR - controlPoints: - description: >- - The control points used to define the curve. The monotonic function - (defined through the interpolation_type above) passes through the - control points listed here. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint - GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint: - id: >- - GoogleCloudDiscoveryengineV1betaSearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint - description: >- - The control points used to define the curve. The curve defined through - these control points can only be monotonically increasing or - decreasing(constant values are acceptable). + Default value. In this case, server behavior defaults to + Mode.AUTO. + - Personalization is enabled if data quality requirements are met. + - Disable personalization. + description: The specification for personalization. + GoogleCloudDiscoveryengineV1alphaAssistAnswer: + description: AssistAnswer resource, main part of AssistResponse. type: object properties: - attributeValue: + customerPolicyEnforcementResult: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAssistAnswerCustomerPolicyEnforcementResult description: >- - Can be one of: 1. The numerical field value. 2. The duration spec - for freshness: The value must be formatted as an XSD - `dayTimeDuration` value (a restricted subset of an ISO 8601 duration - value). The pattern for this is: `nDnM]`. + Optional. The field contains information about the various policy + checks' results like the banned phrases or the Model Armor checks. + This field is populated only if the assist call was skipped due to a + policy violation. + replies: + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAssistAnswerReply + description: Replies of the assistant. + type: array + assistSkippedReasons: + description: Reasons for not answering the assist call. + type: array + items: + enumDescriptions: + - Default value. Skip reason is not specified. + - >- + The assistant ignored the query, because it did not appear to be + answer-seeking. + - >- + The assistant ignored the query or refused to answer because of + a customer policy violation (e.g., the query or the answer + contained a banned phrase). + type: string + enum: + - ASSIST_SKIPPED_REASON_UNSPECIFIED + - NON_ASSIST_SEEKING_QUERY_IGNORED + - CUSTOMER_POLICY_VIOLATION + name: + description: >- + Immutable. Identifier. Resource name of the `AssistAnswer`. Format: + `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}/sessions/{session}/assistAnswers/{assist_answer}` + This field must be a UTF-8 encoded string with a length limit of + 1024 characters. + type: string + state: + enumDescriptions: + - Unknown. + - Assist operation is currently in progress. + - Assist operation has failed. + - Assist operation has succeeded. + - Assist operation has been skipped. + enum: + - STATE_UNSPECIFIED + - IN_PROGRESS + - FAILED + - SUCCEEDED + - SKIPPED + type: string + description: State of the answer generation. + id: GoogleCloudDiscoveryengineV1alphaAssistAnswer + GoogleCloudDiscoveryengineV1betaRemoveDedicatedCrawlRateMetadata: + type: object + properties: + createTime: + format: google-datetime + description: Operation create time. + type: string + updateTime: + format: google-datetime type: string - boostAmount: description: >- - The value between -1 to 1 by which to boost the score if the - attribute_value evaluates to the value specified above. - type: number - format: float - GoogleCloudDiscoveryengineV1betaUserInfo: - id: GoogleCloudDiscoveryengineV1betaUserInfo - description: Information of an end user. + Operation last update time. If the operation is done, this is also + the finish time. + description: >- + Metadata related to the progress of the + CrawlRateManagementService.RemoveDedicatedCrawlRate operation. This will + be returned by the google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1betaRemoveDedicatedCrawlRateMetadata + GoogleCloudDiscoveryengineV1IdpConfigExternalIdpConfig: + properties: + workforcePoolName: + description: >- + Workforce pool name. Example: + "locations/global/workforcePools/pool_id" + type: string type: object + id: GoogleCloudDiscoveryengineV1IdpConfigExternalIdpConfig + description: Third party IDP Config. + GoogleCloudDiscoveryengineV1betaLicenseConfig: properties: - userId: + licenseCount: + description: Required. Number of licenses purchased. + format: int64 + type: string + subscriptionTerm: + description: Required. Subscription term. + enum: + - SUBSCRIPTION_TERM_UNSPECIFIED + - SUBSCRIPTION_TERM_ONE_MONTH + - SUBSCRIPTION_TERM_ONE_YEAR + - SUBSCRIPTION_TERM_THREE_YEARS + type: string + enumDescriptions: + - Default value, do not use. + - 1 month. + - 1 year. + - 3 years. + geminiBundle: + description: Output only. Whether the license config is for Gemini bundle. + readOnly: true + type: boolean + state: + enum: + - STATE_UNSPECIFIED + - ACTIVE + - EXPIRED + - NOT_STARTED + readOnly: true + description: Output only. The state of the license config. + type: string + enumDescriptions: + - Default value. The license config does not exist. + - The license config is effective and being used. + - The license config has expired. + - >- + The license config has not started yet, and its start date is in + the future. + endDate: + description: Optional. The planed end date. + $ref: '#/components/schemas/GoogleTypeDate' + subscriptionTier: + enum: + - SUBSCRIPTION_TIER_UNSPECIFIED + - SUBSCRIPTION_TIER_SEARCH + - SUBSCRIPTION_TIER_SEARCH_AND_ASSISTANT + - SUBSCRIPTION_TIER_NOTEBOOK_LM + - SUBSCRIPTION_TIER_FRONTLINE_WORKER + - SUBSCRIPTION_TIER_AGENTSPACE_STARTER + - SUBSCRIPTION_TIER_AGENTSPACE_BUSINESS + - SUBSCRIPTION_TIER_ENTERPRISE + - SUBSCRIPTION_TIER_EDU + - SUBSCRIPTION_TIER_EDU_PRO + - SUBSCRIPTION_TIER_EDU_EMERGING + - SUBSCRIPTION_TIER_EDU_PRO_EMERGING + - SUBSCRIPTION_TIER_FRONTLINE_STARTER + description: Required. Subscription tier information for the license config. + enumDescriptions: + - Default value. + - >- + Search tier. Search tier can access VAIS search features and + NotebookLM features. + - >- + Search + assistant tier. Search + assistant tier can access VAIS + search features, NotebookLM features and assistant features. + - >- + NotebookLM tier. NotebookLM is a subscription tier can only access + NotebookLM features. + - Frontline worker tier. + - Agentspace Starter tier. + - Agentspace Business tier. + - Enterprise tier. + - EDU tier. + - EDU Pro tier. + - EDU emerging market tier. + - EDU Pro emerging market tier. + - Frontline starter tier. + type: string + autoRenew: + type: boolean description: >- - Highly recommended for logged-in users. Unique identifier for - logged-in user, such as a user name. Don't set for anonymous users. - Always use a hashed value for this ID. Don't set the field to the - same fixed ID for different users. This mixes the event history of - those users together, which results in degraded model quality. The - field must be a UTF-8 encoded string with a length limit of 128 - characters. Otherwise, an `INVALID_ARGUMENT` error is returned. + Optional. Whether the license config should be auto renewed when it + reaches the end date. + startDate: + description: Required. The start date. + $ref: '#/components/schemas/GoogleTypeDate' + freeTrial: + description: Optional. Whether the license config is for free trial. + type: boolean + name: type: string - userAgent: description: >- - User agent as included in the HTTP header. The field must be a UTF-8 - encoded string with a length limit of 1,000 characters. Otherwise, - an `INVALID_ARGUMENT` error is returned. This should not be set when - using the client side event reporting with GTM or JavaScript tag in - UserEventService.CollectUserEvent or if - UserEvent.direct_user_request is set. + Immutable. Identifier. The fully qualified resource name of the + license config. Format: + `projects/{project}/locations/{location}/licenseConfigs/{license_config}` + id: GoogleCloudDiscoveryengineV1betaLicenseConfig + description: Information about users' licenses. + type: object + GoogleCloudDiscoveryengineV1alphaAssistantContentFile: + id: GoogleCloudDiscoveryengineV1alphaAssistantContentFile + type: object + properties: + mimeType: type: string - timeZone: - description: Optional. IANA time zone, e.g. Europe/Budapest. + description: Required. The media type (MIME type) of the file. + fileId: + description: Required. The file ID. type: string - GoogleCloudDiscoveryengineV1betaSearchRequestFacetSpec: - id: GoogleCloudDiscoveryengineV1betaSearchRequestFacetSpec - description: A facet specification to perform faceted search. + description: A file, e.g., an audio summary. + GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigDigitalParsingConfig: + type: object + description: The digital parsing configurations for documents. + id: >- + GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigDigitalParsingConfig + properties: {} + GoogleCloudDiscoveryengineV1SearchRequestBoostSpec: + description: Boost specification to boost certain documents. type: object properties: - facetKey: - description: Required. The facet key specification. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestFacetSpecFacetKey - limit: + conditionBoostSpecs: + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpec + type: array description: >- - Maximum facet values that are returned for this facet. If - unspecified, defaults to 20. The maximum allowed value is 300. - Values above 300 are coerced to 300. For aggregation in healthcare - search, when the [FacetKey.key] is "healthcare_aggregation_key", the - limit will be overridden to 10,000 internally, regardless of the - value set here. If this field is negative, an `INVALID_ARGUMENT` is - returned. - type: integer - format: int32 - excludedFilterKeys: + Condition boost specifications. If a document matches multiple + conditions in the specifications, boost scores from these + specifications are all applied and combined in a non-linear way. + Maximum number of specifications is 20. + id: GoogleCloudDiscoveryengineV1SearchRequestBoostSpec + GoogleCloudDiscoveryengineV1alphaTrainCustomModelMetadata: + id: GoogleCloudDiscoveryengineV1alphaTrainCustomModelMetadata + properties: + createTime: + type: string + description: Operation create time. + format: google-datetime + updateTime: + type: string description: >- - List of keys to exclude when faceting. By default, FacetKey.key is - not excluded from the filter unless it is listed in this field. - Listing a facet key in this field allows its values to appear as - facet results, even when they are filtered out of search results. - Using this field does not affect what search results are returned. - For example, suppose there are 100 documents with the color facet - "Red" and 200 documents with the color facet "Blue". A query - containing the filter "color:ANY("Red")" and having "color" as - FacetKey.key would by default return only "Red" documents in the - search results, and also return "Red" with count 100 as the only - color facet. Although there are also blue documents available, - "Blue" would not be shown as an available facet value. If "color" is - listed in "excludedFilterKeys", then the query returns the facet - values "Red" with count 100 and "Blue" with count 200, because the - "color" key is now excluded from the filter. Because this field - doesn't affect search results, the search results are still - correctly filtered to return only "Red" documents. A maximum of 100 - values are allowed. Otherwise, an `INVALID_ARGUMENT` error is - returned. - type: array + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + description: >- + Metadata related to the progress of the TrainCustomModel operation. This + is returned by the google.longrunning.Operation.metadata field. + type: object + GoogleCloudDiscoveryengineV1AssistantGenerationConfig: + id: GoogleCloudDiscoveryengineV1AssistantGenerationConfig + description: Configuration for the generation of the assistant response. + type: object + properties: + defaultLanguage: + description: >- + The default language to use for the generation of the assistant + response. Use an ISO 639-1 language code such as `en`. If not + specified, the language will be automatically detected. + type: string + allowedModelIds: items: type: string - enableDynamicPosition: + type: array description: >- - Enables dynamic position for this facet. If set to true, the - position of this facet among all facets in the response is - determined automatically. If dynamic facets are enabled, it is - ordered together. If set to false, the position of this facet in the - response is the same as in the request, and it is ranked before the - facets with dynamic position enable and all dynamic facets. For - example, you may always want to have rating facet returned in the - response, but it's not necessarily to always display the rating - facet at the top. In that case, you can set enable_dynamic_position - to true so that the position of rating facet in response is - determined automatically. Another example, assuming you have the - following facets in the request: * "rating", enable_dynamic_position - = true * "price", enable_dynamic_position = false * "brands", - enable_dynamic_position = false And also you have a dynamic facets - enabled, which generates a facet `gender`. Then the final order of - the facets in the response can be ("price", "brands", "rating", - "gender") or ("price", "brands", "gender", "rating") depends on how - API orders "gender" and "rating" facets. However, notice that - "price" and "brands" are always ranked at first and second position - because their enable_dynamic_position is false. - type: boolean - GoogleCloudDiscoveryengineV1betaSearchRequestFacetSpecFacetKey: - id: GoogleCloudDiscoveryengineV1betaSearchRequestFacetSpecFacetKey - description: Specifies how a facet is computed. + Optional. The list of models that are allowed to be used for + assistant. + systemInstruction: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AssistantGenerationConfigSystemInstruction + description: >- + System instruction, also known as the prompt preamble for LLM calls. + See also + https://cloud.google.com/vertex-ai/generative-ai/docs/learn/prompts/system-instructions + defaultModelId: + description: Optional. The default model to use for assistant. + type: string + GoogleCloudDiscoveryengineV1Session: type: object + id: GoogleCloudDiscoveryengineV1Session + description: External session proto definition. properties: - key: - description: >- - Required. Supported textual and numerical facet keys in Document - object, over which the facet values are computed. Facet key is - case-sensitive. + turns: + description: Turns. + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SessionTurn' + type: array + state: + description: The state of the session. + enum: + - STATE_UNSPECIFIED + - IN_PROGRESS + enumDescriptions: + - State is unspecified. + - The session is currently open. type: string - intervals: + endTime: + description: Output only. The time the session finished. + type: string + readOnly: true + format: google-datetime + isPinned: + type: boolean description: >- - Set only if values should be bucketed into intervals. Must be set - for facets with numerical values. Must not be set for facet with - text values. Maximum number of intervals is 30. - type: array - items: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaInterval' - restrictedValues: + Optional. Whether the session is pinned, pinned session will be + displayed on the top of the session list. + startTime: + description: Output only. The time the session started. + format: google-datetime + readOnly: true + type: string + userPseudoId: + description: A unique identifier for tracking users. + type: string + name: + type: string description: >- - Only get facet for the given restricted values. Only supported on - textual fields. For example, suppose "category" has three values - "Action > 2022", "Action > 2021" and "Sci-Fi > 2022". If set - "restricted_values" to "Action > 2022", the "category" facet only - contains "Action > 2022". Only supported on textual fields. Maximum - is 10. - type: array - items: - type: string - prefixes: + Immutable. Fully qualified name + `projects/{project}/locations/global/collections/{collection}/engines/{engine}/sessions/*` + displayName: + type: string description: >- - Only get facet values that start with the given string prefix. For - example, suppose "category" has three values "Action > 2022", - "Action > 2021" and "Sci-Fi > 2022". If set "prefixes" to "Action", - the "category" facet only contains "Action > 2022" and "Action > - 2021". Only supported on textual fields. Maximum is 10. + Optional. The display name of the session. This field is used to + identify the session in the UI. By default, the display name is the + first turn query text in the session. + labels: type: array - items: - type: string - contains: description: >- - Only get facet values that contain the given strings. For example, - suppose "category" has three values "Action > 2022", "Action > 2021" - and "Sci-Fi > 2022". If set "contains" to "2022", the "category" - facet only contains "Action > 2022" and "Sci-Fi > 2022". Only - supported on textual fields. Maximum is 10. - type: array + Optional. The labels for the session. Can be set as filter in + ListSessionsRequest. items: type: string - caseInsensitive: - description: >- - True to make facet keys case insensitive when getting faceting - values with prefixes or contains; false otherwise. + GoogleCloudDiscoveryengineV1AssistantContent: + description: Multi-modal content. + id: GoogleCloudDiscoveryengineV1AssistantContent + type: object + properties: + executableCode: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AssistantContentExecutableCode + description: Code generated by the model that is meant to be executed. + file: + description: A file, e.g., an audio summary. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AssistantContentFile + role: + description: The producer of the content. Can be "model" or "user". + type: string + inlineData: + description: Inline binary data. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AssistantContentBlob + codeExecutionResult: + description: Result of executing an ExecutableCode. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AssistantContentCodeExecutionResult + text: + type: string + description: Inline text. + thought: + description: Optional. Indicates if the part is thought from the model. type: boolean - orderBy: - description: >- - The order in which documents are returned. Allowed values are: * - "count desc", which means order by SearchResponse.Facet.values.count - descending. * "value desc", which means order by - SearchResponse.Facet.values.value descending. Only applies to - textual facets. If not set, textual values are sorted in [natural - order](https://en.wikipedia.org/wiki/Natural_sort_order); numerical - intervals are sorted in the order given by - FacetSpec.FacetKey.intervals. + GoogleCloudDiscoveryengineV1alphaAnswerBlobAttachment: + properties: + data: + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAnswerBlobAttachmentBlob + description: Output only. The mime type and data of the blob. + attributionType: + enum: + - ATTRIBUTION_TYPE_UNSPECIFIED + - CORPUS + - GENERATED type: string - GoogleCloudDiscoveryengineV1betaInterval: - id: GoogleCloudDiscoveryengineV1betaInterval - description: A floating point interval. + readOnly: true + enumDescriptions: + - Unspecified attribution type. + - The attachment data is from the corpus. + - >- + The attachment data is generated by the model through code + generation. + description: Output only. The attribution type of the blob. + id: GoogleCloudDiscoveryengineV1alphaAnswerBlobAttachment type: object - properties: - minimum: - description: Inclusive lower bound. - type: number - format: double - exclusiveMinimum: - description: Exclusive lower bound. - type: number - format: double - maximum: - description: Inclusive upper bound. - type: number - format: double - exclusiveMaximum: - description: Exclusive upper bound. - type: number - format: double - GoogleCloudDiscoveryengineV1betaSearchRequestQueryExpansionSpec: - id: GoogleCloudDiscoveryengineV1betaSearchRequestQueryExpansionSpec description: >- - Specification to determine under which conditions query expansion should - occur. - type: object + Stores binarydata attached to text answer, e.g. image, video, audio, + etc. + GoogleCloudDiscoveryengineV1ChunkDocumentMetadata: properties: - condition: + title: + type: string + description: Title of the document. + structData: + additionalProperties: + type: any + description: Properties of the object. description: >- - The condition under which query expansion should occur. Default to - Condition.DISABLED. + Data representation. The structured JSON data for the document. It + should conform to the registered Schema or an `INVALID_ARGUMENT` + error is thrown. + type: object + mimeType: type: string - enumDescriptions: - - >- - Unspecified query expansion condition. In this case, server - behavior defaults to Condition.DISABLED. - - >- - Disabled query expansion. Only the exact search query is used, - even if SearchResponse.total_size is zero. - - Automatic query expansion built by the Search API. - enum: - - CONDITION_UNSPECIFIED - - DISABLED - - AUTO - pinUnexpandedResults: description: >- - Whether to pin unexpanded results. If this field is set to true, - unexpanded products are always at the top of the search results, - followed by the expanded results. - type: boolean - GoogleCloudDiscoveryengineV1betaSearchRequestSpellCorrectionSpec: - id: GoogleCloudDiscoveryengineV1betaSearchRequestSpellCorrectionSpec - description: The specification for query spell correction. + The mime type of the document. + https://www.iana.org/assignments/media-types/media-types.xhtml. + uri: + description: Uri of the document. + type: string + id: GoogleCloudDiscoveryengineV1ChunkDocumentMetadata + description: >- + Document metadata contains the information of the document of the + current chunk. + type: object + GoogleCloudDiscoveryengineV1alphaEngineSearchEngineConfig: + description: Configurations for a Search Engine. type: object properties: - mode: + searchAddOns: + type: array + description: The add-on that this search engine enables. + items: + enumDescriptions: + - >- + Default value when the enum is unspecified. This is invalid to + use. + - Large language model add-on. + enum: + - SEARCH_ADD_ON_UNSPECIFIED + - SEARCH_ADD_ON_LLM + type: string + requiredSubscriptionTier: description: >- - The mode under which spell correction replaces the original search - query. Defaults to Mode.AUTO. + Optional. The required subscription tier of this engine. They cannot + be modified after engine creation. If the required subscription tier + is search, user with higher license tier like assist can still + access the standalone app associated with this engine. type: string + enum: + - SUBSCRIPTION_TIER_UNSPECIFIED + - SUBSCRIPTION_TIER_SEARCH + - SUBSCRIPTION_TIER_SEARCH_AND_ASSISTANT + - SUBSCRIPTION_TIER_NOTEBOOK_LM + - SUBSCRIPTION_TIER_FRONTLINE_WORKER + - SUBSCRIPTION_TIER_AGENTSPACE_STARTER + - SUBSCRIPTION_TIER_AGENTSPACE_BUSINESS + - SUBSCRIPTION_TIER_ENTERPRISE + - SUBSCRIPTION_TIER_EDU + - SUBSCRIPTION_TIER_EDU_PRO + - SUBSCRIPTION_TIER_EDU_EMERGING + - SUBSCRIPTION_TIER_EDU_PRO_EMERGING + - SUBSCRIPTION_TIER_FRONTLINE_STARTER enumDescriptions: + - Default value. - >- - Unspecified spell correction mode. In this case, server behavior - defaults to Mode.AUTO. + Search tier. Search tier can access VAIS search features and + NotebookLM features. - >- - Search API tries to find a spelling suggestion. If a suggestion is - found, it is put in the SearchResponse.corrected_query. The - spelling suggestion won't be used as the search query. + Search + assistant tier. Search + assistant tier can access VAIS + search features, NotebookLM features and assistant features. - >- - Automatic spell correction built by the Search API. Search will be - based on the corrected query if found. + NotebookLM tier. NotebookLM is a subscription tier can only access + NotebookLM features. + - Frontline worker tier. + - Agentspace Starter tier. + - Agentspace Business tier. + - Enterprise tier. + - EDU tier. + - EDU Pro tier. + - EDU emerging market tier. + - EDU Pro emerging market tier. + - Frontline starter tier. + searchTier: enum: - - MODE_UNSPECIFIED - - SUGGESTION_ONLY - - AUTO - GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpec: - id: GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpec - description: A specification for configuring the behavior of content search. - type: object - properties: - snippetSpec: - description: >- - If `snippetSpec` is not specified, snippets are not included in the - search response. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSnippetSpec - summarySpec: - description: >- - If `summarySpec` is not specified, summaries are not included in the - search response. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpec - extractiveContentSpec: - description: >- - If there is no extractive_content_spec provided, there will be no - extractive answer in the search response. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecExtractiveContentSpec - searchResultMode: - description: >- - Specifies the search result mode. If unspecified, the search result - mode defaults to `DOCUMENTS`. - type: string + - SEARCH_TIER_UNSPECIFIED + - SEARCH_TIER_STANDARD + - SEARCH_TIER_ENTERPRISE enumDescriptions: - - Default value. - - Returns documents in the search result. - >- - Returns chunks in the search result. Only available if the - DocumentProcessingConfig.chunking_config is specified. - enum: - - SEARCH_RESULT_MODE_UNSPECIFIED - - DOCUMENTS - - CHUNKS - chunkSpec: + Default value when the enum is unspecified. This is invalid to + use. + - Standard tier. + - Enterprise tier. + type: string description: >- - Specifies the chunk spec to be returned from the search response. - Only available if the - SearchRequest.ContentSearchSpec.search_result_mode is set to CHUNKS - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecChunkSpec - GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSnippetSpec: - id: >- - GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSnippetSpec - description: A specification for configuring snippets in a search response. + The search feature tier of this engine. Different tiers might have + different pricing. To learn more, check the pricing documentation. + Defaults to SearchTier.SEARCH_TIER_STANDARD if not specified. + id: GoogleCloudDiscoveryengineV1alphaEngineSearchEngineConfig + GoogleCloudDiscoveryengineV1betaEngineChatEngineConfigAgentCreationConfig: + description: >- + Configurations for generating a Dialogflow agent. Note that these + configurations are one-time consumed by and passed to Dialogflow + service. It means they cannot be retrieved using EngineService.GetEngine + or EngineService.ListEngines API after engine creation. type: object - properties: - maxSnippetCount: - description: >- - [DEPRECATED] This field is deprecated. To control snippet return, - use `return_snippet` field. For backwards compatibility, we will - return snippet if max_snippet_count > 0. - deprecated: true - type: integer - format: int32 - referenceOnly: - description: >- - [DEPRECATED] This field is deprecated and will have no affect on the - snippet. - deprecated: true - type: boolean - returnSnippet: - description: >- - If `true`, then return snippet. If no snippet can be generated, we - return "No snippet is available for this page." A `snippet_status` - with `SUCCESS` or `NO_SNIPPET_AVAILABLE` will also be returned. - type: boolean - GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpec: id: >- - GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpec - description: A specification for configuring a summary returned in a search response. - type: object + GoogleCloudDiscoveryengineV1betaEngineChatEngineConfigAgentCreationConfig properties: - summaryResultCount: - description: >- - The number of top results to generate the summary from. If the - number of results returned is less than `summaryResultCount`, the - summary is generated from all of the results. At most 10 results for - documents mode, or 50 for chunks mode, can be used to generate a - summary. The chunks mode is used when - SearchRequest.ContentSearchSpec.search_result_mode is set to CHUNKS. - type: integer - format: int32 - includeCitations: - description: >- - Specifies whether to include citations in the summary. The default - value is `false`. When this field is set to `true`, summaries - include in-line citation numbers. Example summary including - citations: BigQuery is Google Cloud's fully managed and completely - serverless enterprise data warehouse [1]. BigQuery supports all data - types, works across clouds, and has built-in machine learning and - business intelligence, all within a unified platform [2, 3]. The - citation numbers refer to the returned search results and are - 1-indexed. For example, [1] means that the sentence is attributed to - the first search result. [2, 3] means that the sentence is - attributed to both the second and third search results. - type: boolean - ignoreAdversarialQuery: - description: >- - Specifies whether to filter out adversarial queries. The default - value is `false`. Google employs search-query classification to - detect adversarial queries. No summary is returned if the search - query is classified as an adversarial query. For example, a user - might ask a question regarding negative comments about the company - or submit a query designed to generate unsafe, policy-violating - output. If this field is set to `true`, we skip generating summaries - for adversarial queries and return fallback messages instead. - type: boolean - ignoreNonSummarySeekingQuery: - description: >- - Specifies whether to filter out queries that are not - summary-seeking. The default value is `false`. Google employs - search-query classification to detect summary-seeking queries. No - summary is returned if the search query is classified as a - non-summary seeking query. For example, `why is the sky blue` and - `Who is the best soccer player in the world?` are summary-seeking - queries, but `SFO airport` and `world cup 2026` are not. They are - most likely navigational queries. If this field is set to `true`, we - skip generating summaries for non-summary seeking queries and return - fallback messages instead. - type: boolean - ignoreLowRelevantContent: - description: >- - Specifies whether to filter out queries that have low relevance. The - default value is `false`. If this field is set to `false`, all - search results are used regardless of relevance to generate answers. - If set to `true`, only queries with high relevance search results - will generate answers. - type: boolean - ignoreJailBreakingQuery: - description: >- - Optional. Specifies whether to filter out jail-breaking queries. The - default value is `false`. Google employs search-query classification - to detect jail-breaking queries. No summary is returned if the - search query is classified as a jail-breaking query. A user might - add instructions to the query to change the tone, style, language, - content of the answer, or ask the model to act as a different - entity, e.g. "Reply in the tone of a competing company's CEO". If - this field is set to `true`, we skip generating summaries for - jail-breaking queries and return fallback messages instead. - type: boolean - multimodalSpec: - description: Optional. Multimodal specification. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecMultiModalSpec - modelPromptSpec: + business: + type: string description: >- - If specified, the spec will be used to modify the prompt provided to - the LLM. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecModelPromptSpec - languageCode: + Name of the company, organization or other entity that the agent + represents. Used for knowledge connector LLM prompt and for + knowledge search. + defaultLanguageCode: description: >- - Language code for Summary. Use language tags defined by - [BCP47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). Note: This is - an experimental feature. + Required. The default language of the agent as a language tag. See + [Language + Support](https://cloud.google.com/dialogflow/docs/reference/language) + for a list of the currently supported language codes. + type: string + timeZone: type: string - modelSpec: description: >- - If specified, the spec will be used to modify the model - specification provided to the LLM. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecModelSpec - useSemanticChunks: + Required. The time zone of the agent from the [time zone + database](https://www.iana.org/time-zones), e.g., America/New_York, + Europe/Paris. + location: description: >- - If true, answer will be generated from most relevant chunks from top - search results. This feature will improve summary quality. Note that - with this feature enabled, not all top search results will be - referenced and included in the reference list, so the citation - source index only points to the search results listed in the - reference list. - type: boolean - GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecMultiModalSpec: - id: >- - GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecMultiModalSpec - description: >- - Multimodal specification: Will return an image from specified source. If - multiple sources are specified, the pick is a quality based decision. - type: object - properties: - imageSource: - description: Optional. Source of image returned in the answer. + Agent location for Agent creation, supported values: global/us/eu. + If not provided, us Engine will create Agent using us-central-1 by + default; eu Engine will create Agent using eu-west-1 by default. type: string - enumDescriptions: - - >- - Unspecified image source (multimodal feature is disabled by - default). - - >- - Behavior when service determines the pick from all available - sources. - - Includes image from corpus in the answer. - - Triggers figure generation in the answer. - enum: - - IMAGE_SOURCE_UNSPECIFIED - - ALL_AVAILABLE_SOURCES - - CORPUS_IMAGE_ONLY - - FIGURE_GENERATION_ONLY - GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecModelPromptSpec: + GoogleCloudDiscoveryengineV1alphaSearchRequestEmbeddingSpecEmbeddingVector: id: >- - GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecModelPromptSpec - description: Specification of the prompt to use with the model. - type: object + GoogleCloudDiscoveryengineV1alphaSearchRequestEmbeddingSpecEmbeddingVector properties: - preamble: - description: >- - Text at the beginning of the prompt that instructs the assistant. - Examples are available in the user guide. + vector: + description: Query embedding vector. + items: + format: float + type: number + type: array + fieldPath: + description: Embedding field path in schema. type: string - GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecModelSpec: - id: >- - GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecModelSpec - description: Specification of the model. + description: Embedding vector. type: object - properties: - version: - description: >- - The model version used to generate the summary. Supported values - are: * `stable`: string. Default value when no value is specified. - Uses a generally available, fine-tuned model. For more information, - see [Answer generation model versions and - lifecycle](https://cloud.google.com/generative-ai-app-builder/docs/answer-generation-models). - * `preview`: string. (Public preview) Uses a preview model. For more - information, see [Answer generation model versions and - lifecycle](https://cloud.google.com/generative-ai-app-builder/docs/answer-generation-models). - type: string - GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecExtractiveContentSpec: - id: >- - GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecExtractiveContentSpec - description: >- - A specification for configuring the extractive content in a search - response. + GoogleCloudDiscoveryengineV1betaPurgeDocumentsResponse: type: object + id: GoogleCloudDiscoveryengineV1betaPurgeDocumentsResponse + description: >- + Response message for DocumentService.PurgeDocuments method. If the long + running operation is successfully done, then this message is returned by + the google.longrunning.Operations.response field. properties: - maxExtractiveAnswerCount: - description: >- - The maximum number of extractive answers returned in each search - result. An extractive answer is a verbatim answer extracted from the - original document, which provides a precise and contextually - relevant answer to the search query. If the number of matching - answers is less than the `max_extractive_answer_count`, return all - of the answers. Otherwise, return the `max_extractive_answer_count`. - At most five answers are returned for each SearchResult. - type: integer - format: int32 - maxExtractiveSegmentCount: - description: >- - The max number of extractive segments returned in each search - result. Only applied if the DataStore is set to - DataStore.ContentConfig.CONTENT_REQUIRED or DataStore.solution_types - is SOLUTION_TYPE_CHAT. An extractive segment is a text segment - extracted from the original document that is relevant to the search - query, and, in general, more verbose than an extractive answer. The - segment could then be used as input for LLMs to generate summaries - and answers. If the number of matching segments is less than - `max_extractive_segment_count`, return all of the segments. - Otherwise, return the `max_extractive_segment_count`. - type: integer - format: int32 - returnExtractiveSegmentScore: + purgeCount: + description: The total count of documents purged as a result of the operation. + type: string + format: int64 + purgeSample: + type: array + items: + type: string description: >- - Specifies whether to return the confidence score from the extractive - segments in each search result. This feature is available only for - new or allowlisted data stores. To allowlist your data store, - contact your Customer Engineer. The default value is `false`. - type: boolean - numPreviousSegments: + A sample of document names that will be deleted. Only populated if + `force` is set to false. A max of 100 names will be returned and the + names are chosen at random. + GoogleCloudDiscoveryengineV1CheckGroundingRequest: + properties: + facts: + type: array + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1GroundingFact' + description: List of facts for the grounding check. We support up to 200 facts. + answerCandidate: description: >- - Specifies whether to also include the adjacent from each selected - segments. Return at most `num_previous_segments` segments before - each selected segments. - type: integer - format: int32 - numNextSegments: + Answer candidate to check. It can have a maximum length of 4096 + tokens. + type: string + userLabels: description: >- - Return at most `num_next_segments` segments after each selected - segments. - type: integer - format: int32 - GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecChunkSpec: - id: GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecChunkSpec - description: >- - Specifies the chunk spec to be returned from the search response. Only - available if the SearchRequest.ContentSearchSpec.search_result_mode is - set to CHUNKS + The user labels applied to a resource must meet the following + requirements: * Each resource can have multiple labels, up to a + maximum of 64. * Each label must be a key-value pair. * Keys have a + minimum length of 1 character and a maximum length of 63 characters + and cannot be empty. Values can be empty and have a maximum length + of 63 characters. * Keys and values can contain only lowercase + letters, numeric characters, underscores, and dashes. All characters + must use UTF-8 encoding, and international characters are allowed. * + The key portion of a label must be unique. However, you can use the + same key with multiple resources. * Keys must start with a lowercase + letter or international character. See [Google Cloud + Document](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) + for more details. + additionalProperties: + type: string + type: object + groundingSpec: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CheckGroundingSpec' + description: Configuration of the grounding check. + id: GoogleCloudDiscoveryengineV1CheckGroundingRequest + type: object + description: Request message for GroundedGenerationService.CheckGrounding method. + GoogleCloudDiscoveryengineV1alphaBatchCreateTargetSiteMetadata: type: object properties: - numPreviousChunks: - description: >- - The number of previous chunks to be returned of the current chunk. - The maximum allowed value is 3. If not specified, no previous chunks - will be returned. - type: integer - format: int32 - numNextChunks: + updateTime: + type: string + format: google-datetime description: >- - The number of next chunks to be returned of the current chunk. The - maximum allowed value is 3. If not specified, no next chunks will be - returned. - type: integer - format: int32 - GoogleCloudDiscoveryengineV1betaSearchRequestEmbeddingSpec: - id: GoogleCloudDiscoveryengineV1betaSearchRequestEmbeddingSpec + Operation last update time. If the operation is done, this is also + the finish time. + createTime: + description: Operation create time. + format: google-datetime + type: string description: >- - The specification that uses customized query embedding vector to do - semantic document retrieval. + Metadata related to the progress of the + SiteSearchEngineService.BatchCreateTargetSites operation. This will be + returned by the google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1alphaBatchCreateTargetSiteMetadata + GoogleCloudDiscoveryengineV1AnswerReferenceUnstructuredDocumentInfo: type: object + id: GoogleCloudDiscoveryengineV1AnswerReferenceUnstructuredDocumentInfo + description: Unstructured document information. properties: - embeddingVectors: - description: The embedding vector used for retrieval. Limit to 1. - type: array + document: + description: Document resource name. + type: string + structData: + description: >- + The structured JSON metadata for the document. It is populated from + the struct data from the Chunk in search result. + additionalProperties: + type: any + description: Properties of the object. + type: object + chunkContents: items: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequestEmbeddingSpecEmbeddingVector - GoogleCloudDiscoveryengineV1betaSearchRequestEmbeddingSpecEmbeddingVector: - id: >- - GoogleCloudDiscoveryengineV1betaSearchRequestEmbeddingSpecEmbeddingVector - description: Embedding vector. - type: object - properties: - fieldPath: - description: Embedding field path in schema. - type: string - vector: - description: Query embedding vector. + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerReferenceUnstructuredDocumentInfoChunkContent type: array - items: - type: number - format: float - GoogleCloudDiscoveryengineV1betaSearchRequestNaturalLanguageQueryUnderstandingSpec: - id: >- - GoogleCloudDiscoveryengineV1betaSearchRequestNaturalLanguageQueryUnderstandingSpec - description: >- - Specification to enable natural language understanding capabilities for - search requests. + description: List of cited chunk contents derived from document content. + uri: + type: string + description: URI for the document. + title: + type: string + description: Title. + GoogleCloudDiscoveryengineV1UpdateSchemaMetadata: type: object + description: Metadata for UpdateSchema LRO. properties: - filterExtractionCondition: - description: >- - The condition under which filter extraction should occur. Server - behavior defaults to `DISABLED`. + createTime: + description: Operation create time. + format: google-datetime type: string - enumDescriptions: - - Server behavior defaults to `DISABLED`. - - Disables NL filter extraction. - - Enables NL filter extraction. + updateTime: + format: google-datetime + type: string + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + id: GoogleCloudDiscoveryengineV1UpdateSchemaMetadata + GoogleCloudDiscoveryengineV1alphaSearchRequestSearchAsYouTypeSpec: + properties: + condition: enum: - CONDITION_UNSPECIFIED - DISABLED - ENABLED - geoSearchQueryDetectionFieldNames: - description: >- - Field names used for location-based filtering, where geolocation - filters are detected in natural language search queries. Only valid - when the FilterExtractionCondition is set to `ENABLED`. If this - field is set, it overrides the field names set in - ServingConfig.geo_search_query_detection_field_names. - type: array - items: - type: string - extractedFilterBehavior: - description: >- - Optional. Controls behavior of how extracted filters are applied to - the search. The default behavior depends on the request. For single - datastore structured search, the default is `HARD_FILTER`. For - multi-datastore search, the default behavior is `SOFT_BOOST`. - Location-based filters are always applied as hard filters, and the - `SOFT_BOOST` setting will not affect them. This field is only used - if - SearchRequest.natural_language_query_understanding_spec.filter_extraction_condition - is set to FilterExtractionCondition.ENABLED. + - AUTO type: string enumDescriptions: + - Server behavior defaults to Condition.DISABLED. + - Disables Search As You Type. + - Enables Search As You Type. - >- - `EXTRACTED_FILTER_BEHAVIOR_UNSPECIFIED` will use the default - behavior for extracted filters. For single datastore search, the - default is to apply as hard filters. For multi-datastore search, - the default is to apply as soft boosts. - - >- - Applies all extracted filters as hard filters on the results. - Results that do not pass the extracted filters will not be - returned in the result set. - - >- - Applies all extracted filters as soft boosts. Results that pass - the filters will be boosted up to higher ranks in the result set. - enum: - - EXTRACTED_FILTER_BEHAVIOR_UNSPECIFIED - - HARD_FILTER - - SOFT_BOOST - GoogleCloudDiscoveryengineV1betaSearchRequestSearchAsYouTypeSpec: - id: GoogleCloudDiscoveryengineV1betaSearchRequestSearchAsYouTypeSpec - description: Specification for search as you type in search requests. - type: object - properties: - condition: + Automatic switching between search-as-you-type and standard search + modes, ideal for single-API implementations (e.g., debouncing). description: >- The condition under which search as you type should occur. Default to Condition.DISABLED. - type: string - enumDescriptions: - - Server behavior defaults to Condition.DISABLED. - - Disables Search As You Type. - - Enables Search As You Type. - - >- - Automatic switching between search-as-you-type and standard search - modes, ideal for single-API implementations (e.g., debouncing). - enum: - - CONDITION_UNSPECIFIED - - DISABLED - - ENABLED - - AUTO - GoogleCloudDiscoveryengineV1betaSearchRequestDisplaySpec: - id: GoogleCloudDiscoveryengineV1betaSearchRequestDisplaySpec - description: Specifies features for display, like match highlighting. type: object + id: GoogleCloudDiscoveryengineV1alphaSearchRequestSearchAsYouTypeSpec + description: Specification for search as you type in search requests. + GoogleCloudDiscoveryengineV1TextInput: + type: object + id: GoogleCloudDiscoveryengineV1TextInput + description: Defines text input. properties: - matchHighlightingCondition: - description: The condition under which match highlighting should occur. + input: + description: Text input. type: string - enumDescriptions: - - Server behavior is the same as `MATCH_HIGHLIGHTING_DISABLED`. - - Disables match highlighting on all documents. - - Enables match highlighting on all documents. - enum: - - MATCH_HIGHLIGHTING_CONDITION_UNSPECIFIED - - MATCH_HIGHLIGHTING_DISABLED - - MATCH_HIGHLIGHTING_ENABLED - GoogleCloudDiscoveryengineV1betaSearchRequestSessionSpec: - id: GoogleCloudDiscoveryengineV1betaSearchRequestSessionSpec - description: >- - Session specification. Multi-turn Search feature is currently at private - GA stage. Please use v1alpha or v1beta version instead before we launch - this feature to public GA. Or ask for allowlisting through Google - Support team. + context: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ConversationContext' + description: Conversation context of the input. + GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpec: + description: Boost applies to documents which match a condition. + id: GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpec type: object properties: - queryId: + condition: description: >- - If set, the search result gets stored to the "turn" specified by - this query ID. Example: Let's say the session looks like this: - session { name: ".../sessions/xxx" turns { query { text: "What is - foo?" query_id: ".../questions/yyy" } answer: "Foo is ..." } turns { - query { text: "How about bar then?" query_id: ".../questions/zzz" } - } } The user can call /search API with a request like this: session: - ".../sessions/xxx" session_spec { query_id: ".../questions/zzz" } - Then, the API stores the search result, associated with the last - turn. The stored search result can be used by a subsequent /answer - API call (with the session ID and the query ID specified). Also, it - is possible to call /search and /answer in parallel with the same - session ID & query ID. + An expression which specifies a boost condition. The syntax and + supported fields are the same as a filter expression. See + SearchRequest.filter for detail syntax and limitations. Examples: * + To boost documents with document ID "doc_1" or "doc_2", and color + "Red" or "Blue": `(document_id: ANY("doc_1", "doc_2")) AND (color: + ANY("Red", "Blue"))` type: string - searchResultPersistenceCount: + boost: description: >- - The number of top search results to persist. The persisted search - results can be used for the subsequent /answer api call. This field - is similar to the `summary_result_count` field in - SearchRequest.ContentSearchSpec.SummarySpec.summary_result_count. At - most 10 results for documents mode, or 50 for chunks mode. - type: integer - format: int32 - GoogleCloudDiscoveryengineV1betaSearchRequestPersonalizationSpec: - id: GoogleCloudDiscoveryengineV1betaSearchRequestPersonalizationSpec - description: The specification for personalization. + Strength of the condition boost, which should be in [-1, 1]. + Negative boost means demotion. Default is 0.0. Setting to 1.0 gives + the document a big promotion. However, it does not necessarily mean + that the boosted document will be the top result at all times, nor + that other documents will be excluded. Results could still be shown + even when none of them matches the condition. And results that are + significantly more relevant to the search query can still trump your + heavily favored but irrelevant documents. Setting to -1.0 gives the + document a big demotion. However, results that are deeply relevant + might still be shown. The document will have an upstream battle to + get a fairly high ranking, but it is not blocked out completely. + Setting to 0.0 means no boost applied. The boosting condition is + ignored. Only one of the (condition, boost) combination or the + boost_control_spec below are set. If both are set then the global + boost is ignored and the more fine-grained boost_control_spec is + applied. + type: number + format: float + boostControlSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpecBoostControlSpec + description: >- + Complex specification for custom ranking based on customer defined + attribute value. + GoogleCloudDiscoveryengineV1alphaSetDedicatedCrawlRateMetadata: + description: >- + Metadata related to the progress of the + CrawlRateManagementService.SetDedicatedCrawlRate operation. This will be + returned by the google.longrunning.Operation.metadata field. type: object + id: GoogleCloudDiscoveryengineV1alphaSetDedicatedCrawlRateMetadata properties: - mode: + updateTime: + format: google-datetime + type: string description: >- - The personalization mode of the search request. Defaults to - Mode.AUTO. + Operation last update time. If the operation is done, this is also + the finish time. + createTime: + format: google-datetime + description: Operation create time. type: string - enumDescriptions: - - >- - Default value. In this case, server behavior defaults to - Mode.AUTO. - - Personalization is enabled if data quality requirements are met. - - Disable personalization. - enum: - - MODE_UNSPECIFIED - - AUTO - - DISABLED - GoogleCloudDiscoveryengineV1betaSearchRequestRelevanceScoreSpec: - id: GoogleCloudDiscoveryengineV1betaSearchRequestRelevanceScoreSpec - description: The specification for returning the document relevance score. - type: object + GoogleCloudDiscoveryengineV1alphaControlRedirectAction: properties: - returnRelevanceScore: + redirectUri: description: >- - Optional. Whether to return the relevance score for search results. - The higher the score, the more relevant the document is to the - query. - type: boolean - GoogleCloudDiscoveryengineV1betaEvaluationEvaluationSpecQuerySetSpec: - id: GoogleCloudDiscoveryengineV1betaEvaluationEvaluationSpecQuerySetSpec - description: Describes the specification of the query set. + Required. The URI to which the shopper will be redirected. Required. + URI must have length equal or less than 2000 characters. Otherwise + an INVALID ARGUMENT error is thrown. + type: string type: object + id: GoogleCloudDiscoveryengineV1alphaControlRedirectAction + description: Redirects a shopper to the provided URI. + GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig: + description: >- + Additional feature configurations for creating a `recommended-for-you` + engine. properties: - sampleQuerySet: + contextEventType: description: >- - Optional. The full resource name of the SampleQuerySet used for the - evaluation, in the format of - `projects/{project}/locations/{location}/sampleQuerySets/{sampleQuerySet}`. + The type of event with which the engine is queried at prediction + time. If set to `generic`, only `view-item`, `media-play`,and + `media-complete` will be used as `context-event` in engine training. + If set to `view-home-page`, `view-home-page` will also be used as + `context-events` in addition to `view-item`, `media-play`, and + `media-complete`. Currently supported for the `recommended-for-you` + engine. Currently supported values: `view-home-page`, `generic`. type: string - GoogleCloudDiscoveryengineV1betaQualityMetrics: - id: GoogleCloudDiscoveryengineV1betaQualityMetrics - description: Describes the metrics produced by the evaluation. + id: >- + GoogleCloudDiscoveryengineV1EngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig type: object + GoogleCloudDiscoveryengineV1RecommendResponseRecommendationResult: + description: >- + RecommendationResult represents a generic recommendation result with + associated metadata. properties: - docRecall: - description: >- - Recall per document, at various top-k cutoff levels. Recall is the - fraction of relevant documents retrieved out of all relevant - documents. Example (top-5): * For a single SampleQuery, If 3 out of - 5 relevant documents are retrieved in the top-5, recall@5 = 3/5 = - 0.6 - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaQualityMetricsTopkMetrics - docPrecision: - description: >- - Precision per document, at various top-k cutoff levels. Precision is - the fraction of retrieved documents that are relevant. Example - (top-5): * For a single SampleQuery, If 4 out of 5 retrieved - documents in the top-5 are relevant, precision@5 = 4/5 = 0.8 - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaQualityMetricsTopkMetrics - docNdcg: - description: >- - Normalized discounted cumulative gain (NDCG) per document, at - various top-k cutoff levels. NDCG measures the ranking quality, - giving higher relevance to top results. Example (top-3): Suppose - SampleQuery with three retrieved documents (D1, D2, D3) and binary - relevance judgements (1 for relevant, 0 for not relevant): - Retrieved: [D3 (0), D1 (1), D2 (1)] Ideal: [D1 (1), D2 (1), D3 (0)] - Calculate NDCG@3 for each SampleQuery: * DCG@3: 0/log2(1+1) + - 1/log2(2+1) + 1/log2(3+1) = 1.13 * Ideal DCG@3: 1/log2(1+1) + - 1/log2(2+1) + 0/log2(3+1) = 1.63 * NDCG@3: 1.13/1.63 = 0.693 - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaQualityMetricsTopkMetrics - pageRecall: - description: >- - Recall per page, at various top-k cutoff levels. Recall is the - fraction of relevant pages retrieved out of all relevant pages. - Example (top-5): * For a single SampleQuery, if 3 out of 5 relevant - pages are retrieved in the top-5, recall@5 = 3/5 = 0.6 - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaQualityMetricsTopkMetrics - pageNdcg: + id: + type: string + description: Resource ID of the recommended Document. + document: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' + description: Set if `returnDocument` is set to true in RecommendRequest.params. + metadata: description: >- - Normalized discounted cumulative gain (NDCG) per page, at various - top-k cutoff levels. NDCG measures the ranking quality, giving - higher relevance to top results. Example (top-3): Suppose - SampleQuery with three retrieved pages (P1, P2, P3) and binary - relevance judgements (1 for relevant, 0 for not relevant): - Retrieved: [P3 (0), P1 (1), P2 (1)] Ideal: [P1 (1), P2 (1), P3 (0)] - Calculate NDCG@3 for SampleQuery: * DCG@3: 0/log2(1+1) + 1/log2(2+1) - + 1/log2(3+1) = 1.13 * Ideal DCG@3: 1/log2(1+1) + 1/log2(2+1) + - 0/log2(3+1) = 1.63 * NDCG@3: 1.13/1.63 = 0.693 - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaQualityMetricsTopkMetrics - GoogleCloudDiscoveryengineV1betaQualityMetricsTopkMetrics: - id: GoogleCloudDiscoveryengineV1betaQualityMetricsTopkMetrics - description: Stores the metric values at specific top-k levels. + Additional Document metadata or annotations. Possible values: * + `score`: Recommendation score in double value. Is set if + `returnScore` is set to true in RecommendRequest.params. + type: object + additionalProperties: + type: any type: object + id: GoogleCloudDiscoveryengineV1RecommendResponseRecommendationResult + GoogleCloudDiscoveryengineV1AssistAnswerReply: + id: GoogleCloudDiscoveryengineV1AssistAnswerReply properties: - top1: - description: The top-1 value. - type: number - format: double - top3: - description: The top-3 value. - type: number - format: double - top5: - description: The top-5 value. - type: number - format: double - top10: - description: The top-10 value. - type: number - format: double - GoogleCloudDiscoveryengineV1betaIdentityMappingEntryOperationMetadata: - id: GoogleCloudDiscoveryengineV1betaIdentityMappingEntryOperationMetadata - description: >- - IdentityMappingEntry LongRunningOperation metadata for - IdentityMappingStoreService.ImportIdentityMappings and - IdentityMappingStoreService.PurgeIdentityMappings + groundedContent: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AssistantGroundedContent + description: Possibly grounded response text or media from the assistant. + description: One part of the multi-part response of the assist call. type: object - properties: - successCount: - description: >- - The number of IdentityMappingEntries that were successfully - processed. - type: string - format: int64 - failureCount: - description: The number of IdentityMappingEntries that failed to be processed. - type: string - format: int64 - totalCount: - description: The total number of IdentityMappingEntries that were processed. - type: string - format: int64 - GoogleCloudDiscoveryengineV1betaImportCompletionSuggestionsMetadata: - id: GoogleCloudDiscoveryengineV1betaImportCompletionSuggestionsMetadata - description: >- - Metadata related to the progress of the ImportCompletionSuggestions - operation. This will be returned by the - google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1SearchResponseSummarySafetyAttributes: + description: Safety Attribute categories and their associated confidence scores. type: object properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: + scores: + type: array description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - successCount: - description: Count of CompletionSuggestions successfully imported. - type: string - format: int64 - failureCount: - description: Count of CompletionSuggestions that failed to be imported. - type: string - format: int64 - GoogleCloudDiscoveryengineV1betaImportCompletionSuggestionsResponse: - id: GoogleCloudDiscoveryengineV1betaImportCompletionSuggestionsResponse - description: >- - Response of the CompletionService.ImportCompletionSuggestions method. If - the long running operation is done, this message is returned by the - google.longrunning.Operations.response field if the operation is - successful. + The confidence scores of the each category, higher value means + higher confidence. Order matches the Categories. + items: + format: float + type: number + categories: + items: + type: string + description: >- + The display names of Safety Attribute categories associated with the + generated content. Order matches the Scores. + type: array + id: GoogleCloudDiscoveryengineV1SearchResponseSummarySafetyAttributes + GoogleCloudDiscoveryengineV1ImportIdentityMappingsRequestInlineSource: type: object + description: The inline source to import identity mapping entries from. properties: - errorSamples: - description: A sample of errors encountered while processing the request. + identityMappingEntries: + description: A maximum of 10000 entries can be imported at one time type: array items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorConfig: - description: The desired location of errors incurred during the Import. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaImportErrorConfig - GoogleCloudDiscoveryengineV1betaImportErrorConfig: - id: GoogleCloudDiscoveryengineV1betaImportErrorConfig - description: Configuration of destination for Import related errors. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1IdentityMappingEntry + id: GoogleCloudDiscoveryengineV1ImportIdentityMappingsRequestInlineSource + GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecModelSpec: + id: >- + GoogleCloudDiscoveryengineV1alphaSearchRequestContentSearchSpecSummarySpecModelSpec + description: Specification of the model. type: object properties: - gcsPrefix: + version: description: >- - Cloud Storage prefix for import errors. This must be an empty, - existing Cloud Storage directory. Import errors are written to - sharded files in this directory, one per line, as a JSON-encoded - `google.rpc.Status` message. + The model version used to generate the summary. Supported values + are: * `stable`: string. Default value when no value is specified. + Uses a generally available, fine-tuned model. For more information, + see [Answer generation model versions and + lifecycle](https://cloud.google.com/generative-ai-app-builder/docs/answer-generation-models). + * `preview`: string. (Public preview) Uses a preview model. For more + information, see [Answer generation model versions and + lifecycle](https://cloud.google.com/generative-ai-app-builder/docs/answer-generation-models). type: string - GoogleCloudDiscoveryengineV1betaImportDocumentsMetadata: - id: GoogleCloudDiscoveryengineV1betaImportDocumentsMetadata - description: >- - Metadata related to the progress of the ImportDocuments operation. This - is returned by the google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1betaSearchLinkPromotion: type: object + id: GoogleCloudDiscoveryengineV1betaSearchLinkPromotion + description: >- + Promotion proto includes uri and other helping information to display + the promotion. properties: - createTime: - description: Operation create time. + title: + description: >- + Required. The title of the promotion. Maximum length: 160 + characters. type: string - format: google-datetime - updateTime: + document: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Optional. The Document the user wants to promote. For site search, + leave unset and only populate uri. Can be set along with uri. type: string - format: google-datetime - successCount: - description: Count of entries that were processed successfully. + uri: type: string - format: int64 - failureCount: - description: Count of entries that encountered errors while processing. + description: >- + Optional. The URL for the page the user wants to promote. Must be + set for site search. For other verticals, this is optional. + description: + description: 'Optional. The Promotion description. Maximum length: 200 characters.' type: string - format: int64 - totalCount: - description: Total count of entries that were processed. + imageUri: + description: Optional. The promotion thumbnail image url. type: string - format: int64 - GoogleCloudDiscoveryengineV1betaImportDocumentsResponse: - id: GoogleCloudDiscoveryengineV1betaImportDocumentsResponse - description: >- - Response of the ImportDocumentsRequest. If the long running operation is - done, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. - type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorConfig: + enabled: + type: boolean description: >- - Echoes the destination for the complete errors in the request if - set. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaImportErrorConfig - GoogleCloudDiscoveryengineV1betaImportIdentityMappingsResponse: - id: GoogleCloudDiscoveryengineV1betaImportIdentityMappingsResponse - description: Response message for IdentityMappingStoreService.ImportIdentityMappings - type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1betaImportSampleQueriesMetadata: - id: GoogleCloudDiscoveryengineV1betaImportSampleQueriesMetadata - description: >- - Metadata related to the progress of the ImportSampleQueries operation. - This will be returned by the google.longrunning.Operation.metadata - field. - type: object + Optional. The enabled promotion will be returned for any serving + configs associated with the parent of the control this promotion is + attached to. This flag is used for basic site search only. + GoogleCloudDiscoveryengineV1betaSiteVerificationInfo: properties: - createTime: - description: ImportSampleQueries operation create time. + siteVerificationState: + description: Site verification state indicating the ownership and validity. type: string - format: google-datetime - updateTime: - description: >- - ImportSampleQueries operation last update time. If the operation is - done, this is also the finish time. + enum: + - SITE_VERIFICATION_STATE_UNSPECIFIED + - VERIFIED + - UNVERIFIED + - EXEMPTED + enumDescriptions: + - Defaults to VERIFIED. + - Site ownership verified. + - Site ownership pending verification or verification failed. + - >- + Site exempt from verification, e.g., a public website that opens + to all. + verifyTime: type: string format: google-datetime - successCount: - description: Count of SampleQuerys successfully imported. - type: string - format: int64 - failureCount: - description: Count of SampleQuerys that failed to be imported. - type: string - format: int64 - totalCount: - description: Total count of SampleQuerys that were processed. - type: string - format: int64 - GoogleCloudDiscoveryengineV1betaImportSampleQueriesResponse: - id: GoogleCloudDiscoveryengineV1betaImportSampleQueriesResponse - description: >- - Response of the SampleQueryService.ImportSampleQueries method. If the - long running operation is done, this message is returned by the - google.longrunning.Operations.response field if the operation is - successful. + description: Latest site verification time. + description: Verification information for target sites in advanced site search. + type: object + id: GoogleCloudDiscoveryengineV1betaSiteVerificationInfo + GoogleCloudDiscoveryengineV1betaEngineChatEngineConfig: type: object + id: GoogleCloudDiscoveryengineV1betaEngineChatEngineConfig properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorConfig: - description: The desired location of errors incurred during the Import. + allowCrossRegion: + type: boolean + description: >- + Optional. If the flag set to true, we allow the agent and engine are + in different locations, otherwise the agent and engine are required + to be in the same location. The flag is set to false by default. + Note that the `allow_cross_region` are one-time consumed by and + passed to EngineService.CreateEngine. It means they cannot be + retrieved using EngineService.GetEngine or EngineService.ListEngines + API after engine creation. + dialogflowAgentToLink: + type: string + description: >- + The resource name of an exist Dialogflow agent to link to this Chat + Engine. Customers can either provide `agent_creation_config` to + create agent or provide an agent name that links the agent with the + Chat engine. Format: `projects//locations//agents/`. Note that the + `dialogflow_agent_to_link` are one-time consumed by and passed to + Dialogflow service. It means they cannot be retrieved using + EngineService.GetEngine or EngineService.ListEngines API after + engine creation. Use ChatEngineMetadata.dialogflow_agent for actual + agent association after Engine is created. + agentCreationConfig: + description: >- + The configurationt generate the Dialogflow agent that is associated + to this Engine. Note that these configurations are one-time consumed + by and passed to Dialogflow service. It means they cannot be + retrieved using EngineService.GetEngine or EngineService.ListEngines + API after engine creation. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaImportErrorConfig - GoogleCloudDiscoveryengineV1betaImportSuggestionDenyListEntriesMetadata: - id: GoogleCloudDiscoveryengineV1betaImportSuggestionDenyListEntriesMetadata - description: >- - Metadata related to the progress of the ImportSuggestionDenyListEntries - operation. This is returned by the google.longrunning.Operation.metadata - field. - type: object + #/components/schemas/GoogleCloudDiscoveryengineV1betaEngineChatEngineConfigAgentCreationConfig + description: Configurations for a Chat Engine. + GoogleCloudDiscoveryengineV1alphaTargetSite: properties: - createTime: - description: Operation create time. + siteVerificationInfo: + readOnly: true + description: Output only. Site ownership and validity verification status. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSiteVerificationInfo + indexingStatus: + enum: + - INDEXING_STATUS_UNSPECIFIED + - PENDING + - FAILED + - SUCCEEDED + - DELETING + - CANCELLABLE + - CANCELLED + enumDescriptions: + - Defaults to SUCCEEDED. + - >- + The target site is in the update queue and will be picked up by + indexing pipeline. + - The target site fails to be indexed. + - The target site has been indexed. + - >- + The previously indexed target site has been marked to be deleted. + This is a transitioning state which will resulted in either: 1. + target site deleted if unindexing is successful; 2. state reverts + to SUCCEEDED if the unindexing fails. + - The target site change is pending but cancellable. + - The target site change is cancelled. + description: Output only. Indexing status. + type: string + readOnly: true + providedUriPattern: type: string - format: google-datetime - updateTime: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Required. Input only. The user provided URI pattern from which the + `generated_uri_pattern` is generated. + exactMatch: + description: >- + Immutable. If set to false, a uri_pattern is generated to include + all pages whose address contains the provided_uri_pattern. If set to + true, an uri_pattern is generated to try to be an exact match of the + provided_uri_pattern or just the specific page if the + provided_uri_pattern is a specific one. provided_uri_pattern is + always normalized to generate the URI pattern to be used by the + search engine. + type: boolean + updateTime: + description: Output only. The target site's last updated time. type: string + readOnly: true format: google-datetime - GoogleCloudDiscoveryengineV1betaImportSuggestionDenyListEntriesResponse: - id: GoogleCloudDiscoveryengineV1betaImportSuggestionDenyListEntriesResponse - description: >- - Response message for CompletionService.ImportSuggestionDenyListEntries - method. + generatedUriPattern: + description: >- + Output only. This is system-generated based on the + provided_uri_pattern. + readOnly: true + type: string + failureReason: + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaTargetSiteFailureReason + description: Output only. Failure reason. + type: + type: string + enumDescriptions: + - >- + This value is unused. In this case, server behavior defaults to + Type.INCLUDE. + - Include the target site. + - Exclude the target site. + enum: + - TYPE_UNSPECIFIED + - INCLUDE + - EXCLUDE + description: >- + The type of the target site, e.g., whether the site is to be + included or excluded. + name: + readOnly: true + type: string + description: >- + Output only. The fully qualified resource name of the target site. + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/siteSearchEngine/targetSites/{target_site}` + The `target_site_id` is system-generated. + rootDomainUri: + description: Output only. Root domain of the provided_uri_pattern. + readOnly: true + type: string + type: object + description: A target site for the SiteSearchEngine. + id: GoogleCloudDiscoveryengineV1alphaTargetSite + GoogleCloudDiscoveryengineV1SearchRequestSearchAsYouTypeSpec: type: object + id: GoogleCloudDiscoveryengineV1SearchRequestSearchAsYouTypeSpec properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - importedEntriesCount: - description: Count of deny list entries successfully imported. - type: string - format: int64 - failedEntriesCount: - description: Count of deny list entries that failed to be imported. + condition: + enum: + - CONDITION_UNSPECIFIED + - DISABLED + - ENABLED + - AUTO + description: >- + The condition under which search as you type should occur. Default + to Condition.DISABLED. + enumDescriptions: + - Server behavior defaults to Condition.DISABLED. + - Disables Search As You Type. + - Enables Search As You Type. + - >- + Automatic switching between search-as-you-type and standard search + modes, ideal for single-API implementations (e.g., debouncing). type: string - format: int64 - GoogleCloudDiscoveryengineV1betaImportUserEventsMetadata: - id: GoogleCloudDiscoveryengineV1betaImportUserEventsMetadata - description: >- - Metadata related to the progress of the Import operation. This is - returned by the google.longrunning.Operation.metadata field. + description: Specification for search as you type in search requests. + GoogleCloudDiscoveryengineV1DataStore: type: object + id: GoogleCloudDiscoveryengineV1DataStore + description: DataStore captures global settings and configs at the DataStore level. properties: - createTime: - description: Operation create time. + kmsKeyName: + description: >- + Input only. The KMS key to be used to protect this DataStore at + creation time. Must be set for requests that need to comply with + CMEK Org Policy protections. If this field is set and processed + successfully, the DataStore will be protected by the KMS key, as + indicated in the cmek_config field. type: string + startingSchema: + description: >- + The start schema to use for this DataStore when provisioning it. If + unset, a default vertical specialized schema will be used. This + field is only used by CreateDataStore API, and will be ignored if + used in other APIs. This field will be omitted from all API + responses including CreateDataStore API. To retrieve a schema of a + DataStore, use SchemaService.GetSchema API instead. The provided + schema will be validated against certain rules on schema. Learn more + from [this + doc](https://cloud.google.com/generative-ai-app-builder/docs/provide-schema). + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Schema' + configurableBillingApproachUpdateTime: + readOnly: true + description: >- + Output only. The timestamp when configurable_billing_approach was + last updated. format: google-datetime - updateTime: + type: string + name: + type: string description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Immutable. Identifier. The full resource name of the data store. + Format: + `projects/{project}/locations/{location}/collections/{collection_id}/dataStores/{data_store_id}`. + This field must be a UTF-8 encoded string with a length limit of + 1024 characters. + cmekConfig: + description: Output only. CMEK-related information for the DataStore. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CmekConfig' + readOnly: true + naturalLanguageQueryUnderstandingConfig: + description: Optional. Configuration for Natural Language Query Understanding. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1NaturalLanguageQueryUnderstandingConfig + contentConfig: + enumDescriptions: + - Default value. + - Only contains documents without any Document.content. + - Only contains documents with Document.content. + - The data store is used for public website search. + - >- + The data store is used for workspace search. Details of workspace + data store are specified in the WorkspaceConfig. + description: >- + Immutable. The content config of the data store. If this field is + unset, the server behavior defaults to ContentConfig.NO_CONTENT. type: string + enum: + - CONTENT_CONFIG_UNSPECIFIED + - NO_CONTENT + - CONTENT_REQUIRED + - PUBLIC_WEBSITE + - GOOGLE_WORKSPACE + documentProcessingConfig: + description: Configuration for Document understanding and enrichment. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1DocumentProcessingConfig + createTime: + readOnly: true + description: Output only. Timestamp the DataStore was created at. format: google-datetime - successCount: - description: Count of entries that were processed successfully. type: string - format: int64 - failureCount: - description: Count of entries that encountered errors while processing. + displayName: type: string - format: int64 - GoogleCloudDiscoveryengineV1betaImportUserEventsResponse: - id: GoogleCloudDiscoveryengineV1betaImportUserEventsResponse - description: >- - Response of the ImportUserEventsRequest. If the long running operation - was successful, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. - type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. + description: >- + Required. The data store display name. This field must be a UTF-8 + encoded string with a length limit of 128 characters. Otherwise, an + INVALID_ARGUMENT error is returned. + solutionTypes: type: array items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorConfig: + type: string + enum: + - SOLUTION_TYPE_UNSPECIFIED + - SOLUTION_TYPE_RECOMMENDATION + - SOLUTION_TYPE_SEARCH + - SOLUTION_TYPE_CHAT + - SOLUTION_TYPE_GENERATIVE_CHAT + enumDescriptions: + - Default value. + - Used for Recommendations AI. + - Used for Discovery Search. + - Used for use cases related to the Generative AI agent. + - >- + Used for use cases related to the Generative Chat agent. It's + used for Generative chat engine only, the associated data stores + must enrolled with `SOLUTION_TYPE_CHAT` solution. description: >- - Echoes the destination for the complete errors if this field was set - in the request. + The solutions that the data store enrolls. Available solutions for + each industry_vertical: * `MEDIA`: `SOLUTION_TYPE_RECOMMENDATION` + and `SOLUTION_TYPE_SEARCH`. * `SITE_SEARCH`: `SOLUTION_TYPE_SEARCH` + is automatically enrolled. Other solutions cannot be enrolled. + billingEstimation: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaImportErrorConfig - joinedEventsCount: - description: Count of user events imported with complete existing Documents. - type: string - format: int64 - unjoinedEventsCount: - description: >- - Count of user events imported, but with Document information not - found in the existing Branch. + #/components/schemas/GoogleCloudDiscoveryengineV1DataStoreBillingEstimation + readOnly: true + description: Output only. Data size estimation for billing. + defaultSchemaId: + readOnly: true type: string - format: int64 - GoogleCloudDiscoveryengineV1betaObtainCrawlRateResponse: - id: GoogleCloudDiscoveryengineV1betaObtainCrawlRateResponse - description: >- - Response message for CrawlRateManagementService.ObtainCrawlRate method. - The response contains organcic or dedicated crawl rate time series data - for monitoring, depending on whether dedicated crawl rate is set. - type: object - properties: - organicCrawlRateTimeSeries: description: >- - The historical organic crawl rate timeseries data, used for - monitoring. + Output only. The id of the default Schema associated to this data + store. + healthcareFhirConfig: + description: Optional. Configuration for `HEALTHCARE_FHIR` vertical. $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaOrganicCrawlRateTimeSeries - dedicatedCrawlRateTimeSeries: + #/components/schemas/GoogleCloudDiscoveryengineV1HealthcareFhirConfig + aclEnabled: + type: boolean description: >- - The historical dedicated crawl rate timeseries data, used for - monitoring. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaDedicatedCrawlRateTimeSeries - state: - description: Output only. The state of the response. - readOnly: true + Immutable. Whether data in the DataStore has ACL information. If set + to `true`, the source data must have ACL. ACL will be ingested when + data is ingested by DocumentService.ImportDocuments methods. When + ACL is enabled for the DataStore, Document can't be accessed by + calling DocumentService.GetDocument or + DocumentService.ListDocuments. Currently ACL is only supported in + `GENERIC` industry vertical with non-`PUBLIC_WEBSITE` content + config. + industryVertical: type: string + description: Immutable. The industry vertical that the data store registers. + enum: + - INDUSTRY_VERTICAL_UNSPECIFIED + - GENERIC + - MEDIA + - HEALTHCARE_FHIR enumDescriptions: - - The state is unspecified. - - The state is successful. - - The state is failed. + - Value used when unset. + - >- + The generic vertical for documents that are not specific to any + industry vertical. + - The media industry vertical. + - The healthcare FHIR vertical. + configurableBillingApproach: enum: - - STATE_UNSPECIFIED - - SUCCEEDED - - FAILED - error: - description: Errors from service when handling the request. - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1betaOrganicCrawlRateTimeSeries: - id: GoogleCloudDiscoveryengineV1betaOrganicCrawlRateTimeSeries - description: >- - The historical organic crawl rate timeseries data, used for monitoring. - Organic crawl is auto-determined by Google to crawl the user's website - when dedicate crawl is not set. Crawl rate is the QPS of crawl request - Google sends to the user's website. - type: object - properties: - googleOrganicCrawlRate: + - CONFIGURABLE_BILLING_APPROACH_UNSPECIFIED + - CONFIGURABLE_SUBSCRIPTION_INDEXING_CORE + - CONFIGURABLE_CONSUMPTION_EMBEDDING + description: Optional. Configuration for configurable billing approach. See + type: string + enumDescriptions: + - >- + Default value. For Spark and non-Spark non-configurable billing + approach. + - >- + Use the subscription base + overage billing for indexing core for + non embedding storage. + - >- + Use the consumption pay-as-you-go billing for embedding storage + add-on. + workspaceConfig: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1WorkspaceConfig' description: >- - Google's organic crawl rate time series, which is the sum of all - googlebots' crawl rate. Please refer to - https://developers.google.com/search/docs/crawling-indexing/overview-google-crawlers - for more details about googlebots. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaCrawlRateTimeSeries - vertexAiOrganicCrawlRate: + Config to store data store type configuration for workspace data. + This must be set when DataStore.content_config is set as + DataStore.ContentConfig.GOOGLE_WORKSPACE. + identityMappingStore: + type: string description: >- - Vertex AI's organic crawl rate time series, which is the crawl rate - of Google-CloudVertexBot when dedicate crawl is not set. Please - refer to - https://developers.google.com/search/docs/crawling-indexing/google-common-crawlers#google-cloudvertexbot - for more details about Google-CloudVertexBot. + Immutable. The fully qualified resource name of the associated + IdentityMappingStore. This field can only be set for acl_enabled + DataStores with `THIRD_PARTY` or `GSUITE` IdP. Format: + `projects/{project}/locations/{location}/identityMappingStores/{identity_mapping_store}`. + advancedSiteSearchConfig: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaCrawlRateTimeSeries - GoogleCloudDiscoveryengineV1betaCrawlRateTimeSeries: - id: GoogleCloudDiscoveryengineV1betaCrawlRateTimeSeries - description: The historical crawl rate timeseries data, used for monitoring. + #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedSiteSearchConfig + description: Optional. Configuration for advanced site search. + isInfobotFaqDataStore: + description: Optional. If set, this DataStore is an Infobot FAQ DataStore. + type: boolean + servingConfigDataStore: + description: Optional. Stores serving config at DataStore level. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1DataStoreServingConfigDataStore + GoogleCloudDiscoveryengineV1betaEngineChatEngineMetadata: type: object properties: - qpsTimeSeries: - description: The QPS of the crawl rate. - $ref: '#/components/schemas/GoogleMonitoringV3TimeSeries' - GoogleCloudDiscoveryengineV1betaDedicatedCrawlRateTimeSeries: - id: GoogleCloudDiscoveryengineV1betaDedicatedCrawlRateTimeSeries + dialogflowAgent: + description: >- + The resource name of a Dialogflow agent, that this Chat Engine + refers to. Format: `projects//locations//agents/`. + type: string + id: GoogleCloudDiscoveryengineV1betaEngineChatEngineMetadata description: >- - The historical dedicated crawl rate timeseries data, used for - monitoring. Dedicated crawl is used by Vertex AI to crawl the user's - website when dedicate crawl is set. - type: object + Additional information of a Chat Engine. Fields in this message are + output only. + GoogleCloudDiscoveryengineV1alphaEngineCommonConfig: + description: Common configurations for an Engine. properties: - userTriggeredCrawlRate: - description: >- - Vertex AI's dedicated crawl rate time series of user triggered - crawl, which is the crawl rate of Google-CloudVertexBot when - dedicate crawl is set, and user triggered crawl rate is for - deterministic use cases like crawling urls or sitemaps specified by - users. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaCrawlRateTimeSeries - autoRefreshCrawlRate: - description: >- - Vertex AI's dedicated crawl rate time series of auto-refresh, which - is the crawl rate of Google-CloudVertexBot when dedicate crawl is - set, and the crawl rate is for best effort use cases like refreshing - urls periodically. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaCrawlRateTimeSeries - userTriggeredCrawlErrorRate: + companyName: + type: string description: >- - Vertex AI's error rate time series of user triggered dedicated - crawl. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaCrawlRateTimeSeries - autoRefreshCrawlErrorRate: - description: Vertex AI's error rate time series of auto-refresh dedicated crawl. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaCrawlRateTimeSeries - GoogleCloudDiscoveryengineV1betaProject: - id: GoogleCloudDiscoveryengineV1betaProject - description: Metadata and configurations for a Google Cloud project in the service. + The name of the company, business or entity that is associated with + the engine. Setting this may help improve LLM related features. type: object + id: GoogleCloudDiscoveryengineV1alphaEngineCommonConfig + GoogleCloudDiscoveryengineV1alphaImportUserEventsMetadata: properties: - name: - description: >- - Output only. Full resource name of the project, for example - `projects/{project}`. Note that when making requests, project number - and project id are both acceptable, but the server will always - respond in project number. - readOnly: true + successCount: + format: int64 type: string + description: Count of entries that were processed successfully. createTime: - description: Output only. The timestamp when this project is created. - readOnly: true - type: string format: google-datetime - provisionCompletionTime: - description: >- - Output only. The timestamp when this project is successfully - provisioned. Empty value means this project is still provisioning - and is not ready for use. - readOnly: true + description: Operation create time. + type: string + failureCount: + format: int64 + description: Count of entries that encountered errors while processing. + type: string + updateTime: type: string format: google-datetime - serviceTermsMap: description: >- - Output only. A map of terms of services. The key is the `id` of - ServiceTerms. - readOnly: true - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaProjectServiceTerms - GoogleCloudDiscoveryengineV1betaProjectServiceTerms: - id: GoogleCloudDiscoveryengineV1betaProjectServiceTerms - description: Metadata about the terms of service. + Operation last update time. If the operation is done, this is also + the finish time. + id: GoogleCloudDiscoveryengineV1alphaImportUserEventsMetadata type: object - properties: - id: - description: >- - The unique identifier of this terms of service. Available terms: * - `GA_DATA_USE_TERMS`: [Terms for data - use](https://cloud.google.com/retail/data-use-terms). When using - this as `id`, the acceptable version to provide is `2022-11-23`. - type: string - version: - description: >- - The version string of the terms of service. For acceptable values, - see the comments for id above. - type: string - state: - description: >- - Whether the project has accepted/rejected the service terms or it is - still pending. - type: string - enumDescriptions: - - The default value of the enum. This value is not actually used. - - The project has given consent to the terms of service. - - The project is pending to review and accept the terms of service. - - >- - The project has declined or revoked the agreement to terms of - service. - enum: - - STATE_UNSPECIFIED - - TERMS_ACCEPTED - - TERMS_PENDING - - TERMS_DECLINED - acceptTime: - description: The last time when the project agreed to the terms of service. - type: string - format: google-datetime - declineTime: - description: >- - The last time when the project declined or revoked the agreement to - terms of service. - type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaProvisionProjectMetadata: - id: GoogleCloudDiscoveryengineV1betaProvisionProjectMetadata - description: Metadata associated with a project provision operation. - type: object - properties: {} - GoogleCloudDiscoveryengineV1betaPurgeDocumentsMetadata: - id: GoogleCloudDiscoveryengineV1betaPurgeDocumentsMetadata description: >- - Metadata related to the progress of the PurgeDocuments operation. This - will be returned by the google.longrunning.Operation.metadata field. + Metadata related to the progress of the Import operation. This is + returned by the google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1alphaAssistantGroundedContentTextGroundingMetadata: type: object + id: >- + GoogleCloudDiscoveryengineV1alphaAssistantGroundedContentTextGroundingMetadata properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - successCount: - description: Count of entries that were deleted successfully. - type: string - format: int64 - failureCount: - description: Count of entries that encountered errors while processing. - type: string - format: int64 - ignoredCount: - description: Count of entries that were ignored as entries were not found. - type: string - format: int64 - GoogleCloudDiscoveryengineV1betaPurgeDocumentsResponse: - id: GoogleCloudDiscoveryengineV1betaPurgeDocumentsResponse + references: + description: References for the grounded text. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAssistantGroundedContentTextGroundingMetadataReference + type: array + segments: + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaAssistantGroundedContentTextGroundingMetadataSegment + description: Grounding information for parts of the text. + type: array + description: Grounding details for text sources. + GoogleCloudDiscoveryengineV1ServingConfigGenericConfig: + type: object description: >- - Response message for DocumentService.PurgeDocuments method. If the long - running operation is successfully done, then this message is returned by - the google.longrunning.Operations.response field. + Specifies the configurations needed for Generic Discovery.Currently we + support: * `content_search_spec`: configuration for generic content + search. + properties: + contentSearchSpec: + description: >- + Specifies the expected behavior of content search. Only valid for + content-search enabled data store. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpec + id: GoogleCloudDiscoveryengineV1ServingConfigGenericConfig + GoogleCloudDiscoveryengineV1RecommendResponse: + description: Response message for Recommend method. + id: GoogleCloudDiscoveryengineV1RecommendResponse type: object properties: - purgeCount: - description: The total count of documents purged as a result of the operation. - type: string - format: int64 - purgeSample: + results: + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1RecommendResponseRecommendationResult description: >- - A sample of document names that will be deleted. Only populated if - `force` is set to false. A max of 100 names will be returned and the - names are chosen at random. + A list of recommended Documents. The order represents the ranking + (from the most relevant Document to the least). + type: array + missingIds: type: array items: type: string - GoogleCloudDiscoveryengineV1betaPurgeSuggestionDenyListEntriesMetadata: - id: GoogleCloudDiscoveryengineV1betaPurgeSuggestionDenyListEntriesMetadata - description: >- - Metadata related to the progress of the PurgeSuggestionDenyListEntries - operation. This is returned by the google.longrunning.Operation.metadata - field. - type: object - properties: - createTime: - description: Operation create time. - type: string - format: google-datetime - updateTime: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + IDs of documents in the request that were missing from the default + Branch associated with the requested ServingConfig. + validateOnly: + description: True if RecommendRequest.validate_only was set. + type: boolean + attributionToken: + description: >- + A unique attribution token. This should be included in the UserEvent + logs resulting from this recommendation, which enables accurate + attribution of recommendation model performance. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaPurgeSuggestionDenyListEntriesResponse: - id: GoogleCloudDiscoveryengineV1betaPurgeSuggestionDenyListEntriesResponse + GoogleCloudDiscoveryengineV1PurgeDocumentsRequestInlineSource: description: >- - Response message for CompletionService.PurgeSuggestionDenyListEntries - method. + The inline source for the input config for + DocumentService.PurgeDocuments method. type: object properties: - purgeCount: - description: Number of suggestion deny list entries purged. - type: string - format: int64 - errorSamples: - description: A sample of errors encountered while processing the request. + documents: + description: >- + Required. A list of full resource name of documents to purge. In the + format + `projects/*/locations/*/collections/*/dataStores/*/branches/*/documents/*`. + Recommended max of 100 items. type: array items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1betaRemoveDedicatedCrawlRateMetadata: - id: GoogleCloudDiscoveryengineV1betaRemoveDedicatedCrawlRateMetadata + type: string + id: GoogleCloudDiscoveryengineV1PurgeDocumentsRequestInlineSource + GoogleCloudDiscoveryengineV1betaBatchCreateTargetSiteMetadata: description: >- Metadata related to the progress of the - CrawlRateManagementService.RemoveDedicatedCrawlRate operation. This will - be returned by the google.longrunning.Operation.metadata field. - type: object + SiteSearchEngineService.BatchCreateTargetSites operation. This will be + returned by the google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1betaBatchCreateTargetSiteMetadata properties: createTime: + format: google-datetime description: Operation create time. type: string - format: google-datetime updateTime: + type: string description: >- Operation last update time. If the operation is done, this is also the finish time. - type: string format: google-datetime - GoogleCloudDiscoveryengineV1betaRemoveDedicatedCrawlRateResponse: - id: GoogleCloudDiscoveryengineV1betaRemoveDedicatedCrawlRateResponse - description: >- - Response message for CrawlRateManagementService.RemoveDedicatedCrawlRate - method. It simply returns the state of the response, and an error - message if the state is FAILED. type: object + GoogleCloudDiscoveryengineV1alphaAnswerBlobAttachmentBlob: properties: - state: - description: Output only. The state of the response. + mimeType: + type: string readOnly: true + description: >- + Output only. The media type (MIME type) of the generated or + retrieved data. + data: + description: Output only. Raw bytes. type: string - enumDescriptions: - - The state is unspecified. - - The state is successful. - - The state is failed. - enum: - - STATE_UNSPECIFIED - - SUCCEEDED - - FAILED - error: - description: Errors from service when handling the request. - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1betaSetDedicatedCrawlRateMetadata: - id: GoogleCloudDiscoveryengineV1betaSetDedicatedCrawlRateMetadata - description: >- - Metadata related to the progress of the - CrawlRateManagementService.SetDedicatedCrawlRate operation. This will be - returned by the google.longrunning.Operation.metadata field. + readOnly: true + format: byte type: object + description: The media type and data of the blob. + id: GoogleCloudDiscoveryengineV1alphaAnswerBlobAttachmentBlob + GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecModelSpec: + id: >- + GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecModelSpec + description: Specification of the model. properties: - createTime: - description: Operation create time. + version: type: string - format: google-datetime - updateTime: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + The model version used to generate the summary. Supported values + are: * `stable`: string. Default value when no value is specified. + Uses a generally available, fine-tuned model. For more information, + see [Answer generation model versions and + lifecycle](https://cloud.google.com/generative-ai-app-builder/docs/answer-generation-models). + * `preview`: string. (Public preview) Uses a preview model. For more + information, see [Answer generation model versions and + lifecycle](https://cloud.google.com/generative-ai-app-builder/docs/answer-generation-models). + type: object + GoogleCloudDiscoveryengineV1CreateTargetSiteRequest: + properties: + targetSite: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' + description: Required. The TargetSite to create. + parent: + description: >- + Required. Parent resource name of TargetSite, such as + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/siteSearchEngine`. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaSetDedicatedCrawlRateResponse: - id: GoogleCloudDiscoveryengineV1betaSetDedicatedCrawlRateResponse + description: Request message for SiteSearchEngineService.CreateTargetSite method. + id: GoogleCloudDiscoveryengineV1CreateTargetSiteRequest + type: object + GoogleCloudDiscoveryengineV1alphaRemoveDedicatedCrawlRateResponse: + id: GoogleCloudDiscoveryengineV1alphaRemoveDedicatedCrawlRateResponse description: >- - Response message for CrawlRateManagementService.SetDedicatedCrawlRate + Response message for CrawlRateManagementService.RemoveDedicatedCrawlRate method. It simply returns the state of the response, and an error message if the state is FAILED. type: object properties: state: + type: string description: Output only. The state of the response. readOnly: true - type: string - enumDescriptions: - - The state is unspecified. - - The state is successful. - - The state is failed. enum: - STATE_UNSPECIFIED - SUCCEEDED - FAILED + enumDescriptions: + - The state is unspecified. + - The state is successful. + - The state is failed. error: - description: Errors from service when handling the request. $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDiscoveryengineV1betaSitemap: - id: GoogleCloudDiscoveryengineV1betaSitemap - description: A sitemap for the SiteSearchEngine. - type: object + description: Errors from service when handling the request. + GoogleCloudDiscoveryengineV1AnswerReferenceChunkInfoDocumentMetadata: properties: + document: + description: Document resource name. + type: string + pageIdentifier: + description: Page identifier. + type: string + structData: + additionalProperties: + type: any + description: Properties of the object. + description: >- + The structured JSON metadata for the document. It is populated from + the struct data from the Chunk in search result. + type: object + title: + description: Title. + type: string uri: - description: Public URI for the sitemap, e.g. `www.example.com/sitemap.xml`. type: string - name: + description: URI for the document. + type: object + description: Document metadata. + id: GoogleCloudDiscoveryengineV1AnswerReferenceChunkInfoDocumentMetadata + GoogleCloudDiscoveryengineV1SetUpDataConnectorRequest: + id: GoogleCloudDiscoveryengineV1SetUpDataConnectorRequest + properties: + collectionId: description: >- - Output only. The fully qualified resource name of the sitemap. - `projects/*/locations/*/collections/*/dataStores/*/siteSearchEngine/sitemaps/*` - The `sitemap_id` suffix is system-generated. - readOnly: true + Required. The ID to use for the Collection, which will become the + final component of the Collection's resource name. A new Collection + is created as part of the DataConnector setup. DataConnector is a + singleton resource under Collection, managing all DataStores of the + Collection. This field must conform to + [RFC-1034](https://tools.ietf.org/html/rfc1034) standard with a + length limit of 63 characters. Otherwise, an INVALID_ARGUMENT error + is returned. + type: string + collectionDisplayName: + description: >- + Required. The display name of the Collection. Should be human + readable, used to display collections in the Console Dashboard. + UTF-8 encoded string with limit of 1024 characters. type: string + dataConnector: + description: >- + Required. The DataConnector to initialize in the newly created + Collection. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataConnector' + type: object + description: Request for DataConnectorService.SetUpDataConnector method. + GoogleCloudDiscoveryengineV1ConversationMessage: + type: object + properties: + reply: + description: Search reply. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Reply' createTime: - description: Output only. The sitemap's creation time. + format: google-datetime readOnly: true + description: Output only. Message creation timestamp. type: string - format: google-datetime - GoogleCloudDiscoveryengineV1betaTrainCustomModelMetadata: - id: GoogleCloudDiscoveryengineV1betaTrainCustomModelMetadata - description: >- - Metadata related to the progress of the TrainCustomModel operation. This - is returned by the google.longrunning.Operation.metadata field. + userInput: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TextInput' + description: User text input. + id: GoogleCloudDiscoveryengineV1ConversationMessage + description: Defines a conversation message. + GoogleCloudDiscoveryengineV1betaCreateEngineMetadata: type: object + id: GoogleCloudDiscoveryengineV1betaCreateEngineMetadata + description: >- + Metadata related to the progress of the EngineService.CreateEngine + operation. This will be returned by the + google.longrunning.Operation.metadata field. properties: - createTime: - description: Operation create time. + updateTime: type: string format: google-datetime - updateTime: description: >- Operation last update time. If the operation is done, this is also the finish time. + createTime: type: string + description: Operation create time. format: google-datetime - GoogleCloudDiscoveryengineV1betaTrainCustomModelResponse: - id: GoogleCloudDiscoveryengineV1betaTrainCustomModelResponse - description: >- - Response of the TrainCustomModelRequest. This message is returned by the - google.longrunning.Operations.response field. + GoogleCloudDiscoveryengineV1Interval: + id: GoogleCloudDiscoveryengineV1Interval + description: A floating point interval. type: object properties: - errorSamples: - description: A sample of errors encountered while processing the data. + exclusiveMinimum: + type: number + format: double + description: Exclusive lower bound. + exclusiveMaximum: + description: Exclusive upper bound. + type: number + format: double + minimum: + type: number + description: Inclusive lower bound. + format: double + maximum: + description: Inclusive upper bound. + type: number + format: double + GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsRequestInlineSource: + properties: + suggestions: + description: >- + Required. A list of all denylist entries to import. Max of 1000 + items. type: array items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorConfig: - description: >- - Echoes the destination for the complete errors in the request if - set. - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1betaImportErrorConfig - modelStatus: - description: >- - The trained model status. Possible values are: * **bad-data**: The - training data quality is bad. * **no-improvement**: Tuning didn't - improve performance. Won't deploy. * **in-progress**: Model training - job creation is in progress. * **training**: Model is actively - training. * **evaluating**: The model is evaluating trained metrics. - * **indexing**: The model trained metrics are indexing. * **ready**: - The model is ready for serving. - type: string - metrics: - description: The metrics of the trained model. - type: object - additionalProperties: - type: number - format: double - modelName: - description: Fully qualified name of the CustomTuningModel. - type: string - GoogleCloudDiscoveryengineV1betaTuneEngineMetadata: - id: GoogleCloudDiscoveryengineV1betaTuneEngineMetadata - description: Metadata associated with a tune operation. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1CompletionSuggestion type: object + id: >- + GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsRequestInlineSource + description: The inline source for CompletionSuggestions. + GoogleApiDistributionBucketOptions: properties: - engine: - description: >- - Required. The resource name of the engine that this tune applies to. - Format: - `projects/{project}/locations/{location}/collections/{collection_id}/engines/{engine_id}` - type: string - GoogleCloudDiscoveryengineV1betaTuneEngineResponse: - id: GoogleCloudDiscoveryengineV1betaTuneEngineResponse - description: Response associated with a tune operation. + exponentialBuckets: + description: The exponential buckets. + $ref: '#/components/schemas/GoogleApiDistributionBucketOptionsExponential' + linearBuckets: + description: The linear bucket. + $ref: '#/components/schemas/GoogleApiDistributionBucketOptionsLinear' + explicitBuckets: + description: The explicit buckets. + $ref: '#/components/schemas/GoogleApiDistributionBucketOptionsExplicit' + type: object + id: GoogleApiDistributionBucketOptions + description: >- + `BucketOptions` describes the bucket boundaries used to create a + histogram for the distribution. The buckets can be in a linear sequence, + an exponential sequence, or each bucket can be specified explicitly. + `BucketOptions` does not include the number of values in each bucket. A + bucket has an inclusive lower bound and exclusive upper bound for the + values that are counted for that bucket. The upper bound of a bucket + must be strictly greater than the lower bound. The sequence of N buckets + for a distribution consists of an underflow bucket (number 0), zero or + more finite buckets (number 1 through N - 2) and an overflow bucket + (number N - 1). The buckets are contiguous: the lower bound of bucket i + (i > 0) is the same as the upper bound of bucket i - 1. The buckets span + the whole range of finite values: lower bound of the underflow bucket is + -infinity and the upper bound of the overflow bucket is +infinity. The + finite buckets are so-called because both bounds are finite. + GoogleCloudDiscoveryengineV1betaProvisionProjectMetadata: + description: Metadata associated with a project provision operation. type: object + id: GoogleCloudDiscoveryengineV1betaProvisionProjectMetadata properties: {} - GoogleCloudDiscoveryengineV1betaUpdateSchemaMetadata: - id: GoogleCloudDiscoveryengineV1betaUpdateSchemaMetadata - description: Metadata for UpdateSchema LRO. + GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecModelPromptSpec: + description: Specification of the prompt to use with the model. + id: >- + GoogleCloudDiscoveryengineV1betaSearchRequestContentSearchSpecSummarySpecModelPromptSpec + type: object + properties: + preamble: + description: >- + Text at the beginning of the prompt that instructs the assistant. + Examples are available in the user guide. + type: string + GoogleCloudDiscoveryengineV1alphaDeleteCmekConfigMetadata: type: object properties: createTime: - description: Operation create time. type: string + description: Operation create time. format: google-datetime updateTime: + type: string description: >- Operation last update time. If the operation is done, this is also the finish time. - type: string format: google-datetime - GoogleCloudDiscoveryengineV1betaUpdateTargetSiteMetadata: - id: GoogleCloudDiscoveryengineV1betaUpdateTargetSiteMetadata + id: GoogleCloudDiscoveryengineV1alphaDeleteCmekConfigMetadata description: >- Metadata related to the progress of the - SiteSearchEngineService.UpdateTargetSite operation. This will be - returned by the google.longrunning.Operation.metadata field. + CmekConfigService.DeleteCmekConfig operation. This will be returned by + the google.longrunning.Operation.metadata field. + GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultChunkInfoDocumentMetadata: type: object properties: - createTime: - description: Operation create time. + uri: + description: Uri of the document. type: string - format: google-datetime - updateTime: - description: >- - Operation last update time. If the operation is done, this is also - the finish time. + title: type: string - format: google-datetime - parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: + description: Title of the document. description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - _.xgafv: - description: V1 error format. - in: query - name: $.xgafv - schema: - type: string - enum: - - '1' - - '2' - x-stackQL-resources: - media: - id: google.discoveryengine.media - name: media - title: Media - methods: - media_download: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1sessions~1{sessionsId}:downloadFile/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - projects: - id: google.discoveryengine.projects - name: projects - title: Projects - methods: - projects_provision: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}:provision/post' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - operations: - id: google.discoveryengine.operations - name: operations - title: Operations - methods: - projects_operations_list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1operations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_operations_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_operations_cancel: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1operations~1{operationsId}:cancel/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_collections_data_connector_operations_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataConnector~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_collections_data_connector_operations_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataConnector~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_collections_operations_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_collections_operations_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_collections_data_stores_models_operations_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1models~1{modelsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_collections_data_stores_models_operations_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1models~1{modelsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_collections_data_stores_operations_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_collections_data_stores_branches_operations_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_collections_data_stores_branches_operations_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_collections_data_stores_branches_operations_cancel: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1operations~1{operationsId}:cancel/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_collections_data_stores_schemas_operations_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1schemas~1{schemasId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_collections_data_stores_schemas_operations_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1schemas~1{schemasId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_collections_engines_operations_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_collections_engines_operations_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_collections_engines_operations_cancel: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1operations~1{operationsId}:cancel/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_operations_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_operations_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_podcasts_operations_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1podcasts~1{podcastsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_data_stores_models_operations_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1models~1{modelsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_data_stores_models_operations_get: - operation: + Document metadata contains the information of the document of the + current chunk. + id: >- + GoogleCloudDiscoveryengineV1AnswerQueryRequestSearchSpecSearchResultListSearchResultChunkInfoDocumentMetadata + GoogleCloudDiscoveryengineV1CompleteQueryResponseQuerySuggestion: + type: object + properties: + suggestion: + type: string + description: The suggestion for the query. + completableFieldPaths: + description: >- + The unique document field paths that serve as the source of this + suggestion if it was generated from completable fields. This field + is only populated for the document-completable model. + items: + type: string + type: array + description: Suggestions as search queries. + id: GoogleCloudDiscoveryengineV1CompleteQueryResponseQuerySuggestion + GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestSuggestionTypeSpec: + type: object + properties: + suggestionType: + enumDescriptions: + - Default value. + - Returns query suggestions. + - Returns people suggestions. + - Returns content suggestions. + - Returns recent search suggestions. + - Returns Google Workspace suggestions. + type: string + description: Optional. Suggestion type. + enum: + - SUGGESTION_TYPE_UNSPECIFIED + - QUERY + - PEOPLE + - CONTENT + - RECENT_SEARCH + - GOOGLE_WORKSPACE + maxSuggestions: + format: int32 + description: >- + Optional. Maximum number of suggestions to return for each + suggestion type. + type: integer + id: >- + GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequestSuggestionTypeSpec + description: Specification of each suggestion type. + GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponse: + properties: + documentsMetadata: + description: The metadata of the Documents. + type: array + items: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1models~1{modelsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_data_stores_operations_list: - operation: + #/components/schemas/GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponseDocumentMetadata + description: Response message for DocumentService.BatchGetDocumentsMetadata method. + type: object + id: GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponse + GoogleCloudDiscoveryengineV1alphaAssistantContentBlob: + type: object + properties: + mimeType: + type: string + description: Required. The media type (MIME type) of the generated data. + data: + format: byte + type: string + description: Required. Raw bytes. + id: GoogleCloudDiscoveryengineV1alphaAssistantContentBlob + description: Inline blob. + GoogleCloudDiscoveryengineV1SearchRequestDisplaySpec: + description: Specifies features for display, like match highlighting. + properties: + matchHighlightingCondition: + enumDescriptions: + - Server behavior is the same as `MATCH_HIGHLIGHTING_DISABLED`. + - Disables match highlighting on all documents. + - Enables match highlighting on all documents. + enum: + - MATCH_HIGHLIGHTING_CONDITION_UNSPECIFIED + - MATCH_HIGHLIGHTING_DISABLED + - MATCH_HIGHLIGHTING_ENABLED + description: The condition under which match highlighting should occur. + type: string + type: object + id: GoogleCloudDiscoveryengineV1SearchRequestDisplaySpec + GoogleCloudDiscoveryengineV1alphaDataConnectorSourceEntity: + properties: + keyPropertyMappings: + additionalProperties: + type: string + description: >- + Attributes for indexing. Key: Field name. Value: The key property to + map a field to, such as `title`, and `description`. Supported key + properties: * `title`: The title for data record. This would be + displayed on search results. * `description`: The description for + data record. This would be displayed on search results. + type: object + entityName: + description: >- + The name of the entity. Supported values by data source: * + Salesforce: `Lead`, `Opportunity`, `Contact`, `Account`, `Case`, + `Contract`, `Campaign` * Jira: `Issue` * Confluence: `Content`, + `Space` + type: string + startingSchema: + description: >- + Optional. The start schema to use for the DataStore created from + this SourceEntity. If unset, a default vertical specialized schema + will be used. This field is only used by SetUpDataConnector API, and + will be ignored if used in other APIs. This field will be omitted + from all API responses including GetDataConnector API. To retrieve a + schema of a DataStore, use SchemaService.GetSchema API instead. The + provided schema will be validated against certain rules on schema. + Learn more from [this + doc](https://cloud.google.com/generative-ai-app-builder/docs/provide-schema). + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaSchema' + params: + type: object + description: >- + The parameters for the entity to facilitate data ingestion in + structured json format. + additionalProperties: + type: any + description: Properties of the object. + healthcareFhirConfig: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaHealthcareFhirConfig + description: Optional. Configuration for `HEALTHCARE_FHIR` vertical. + jsonParams: + type: string + description: >- + The parameters for the entity to facilitate data ingestion in json + string format. + dataStore: + type: string + description: >- + Output only. The full resource name of the associated data store for + the source entity. Format: + `projects/*/locations/*/collections/*/dataStores/*`. When the + connector is initialized by the + DataConnectorService.SetUpDataConnector method, a DataStore is + automatically created for each source entity. + readOnly: true + description: >- + Represents an entity in the data source. For example, the `Account` + object in Salesforce. + id: GoogleCloudDiscoveryengineV1alphaDataConnectorSourceEntity + type: object + GoogleCloudDiscoveryengineV1alphaImportSampleQueriesResponse: + properties: + errorSamples: + description: A sample of errors encountered while processing the request. + type: array + items: + $ref: '#/components/schemas/GoogleRpcStatus' + errorConfig: + description: The desired location of errors incurred during the Import. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaImportErrorConfig + id: GoogleCloudDiscoveryengineV1alphaImportSampleQueriesResponse + description: >- + Response of the SampleQueryService.ImportSampleQueries method. If the + long running operation is done, this message is returned by the + google.longrunning.Operations.response field if the operation is + successful. + type: object + GoogleCloudDiscoveryengineV1betaEvaluationEvaluationSpec: + type: object + description: Describes the specification of the evaluation. + id: GoogleCloudDiscoveryengineV1betaEvaluationEvaluationSpec + properties: + searchRequest: + description: >- + Required. The search request that is used to perform the evaluation. + Only the following fields within SearchRequest are supported; if any + other fields are provided, an UNSUPPORTED error will be returned: * + SearchRequest.serving_config * SearchRequest.branch * + SearchRequest.canonical_filter * SearchRequest.query_expansion_spec + * SearchRequest.spell_correction_spec * + SearchRequest.content_search_spec * SearchRequest.user_pseudo_id + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1betaSearchRequest' + querySetSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaEvaluationEvaluationSpecQuerySetSpec + description: Optional. The specification of the query set. + GoogleCloudDiscoveryengineV1betaUpdateTargetSiteMetadata: + description: >- + Metadata related to the progress of the + SiteSearchEngineService.UpdateTargetSite operation. This will be + returned by the google.longrunning.Operation.metadata field. + properties: + updateTime: + format: google-datetime + type: string + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + createTime: + type: string + format: google-datetime + description: Operation create time. + type: object + id: GoogleCloudDiscoveryengineV1betaUpdateTargetSiteMetadata + GoogleCloudDiscoveryengineV1SearchResponse: + description: Response message for SearchService.Search method. + type: object + properties: + results: + items: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_data_stores_operations_get: - operation: + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSearchResult + type: array + description: A list of matched documents. The order represents the ranking. + redirectUri: + description: >- + The URI of a customer-defined redirect page. If redirect action is + triggered, no search is performed, and only redirect_uri and + attribution_token are set in the response. + type: string + correctedQuery: + type: string + description: >- + Contains the spell corrected query, if found. If the spell + correction type is AUTOMATIC, then the search results are based on + corrected_query. Otherwise the original query is used for search. + searchLinkPromotions: + description: Promotions for site search. + type: array + items: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_data_stores_branches_operations_list: - operation: + #/components/schemas/GoogleCloudDiscoveryengineV1SearchLinkPromotion + summary: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSummary + description: >- + A summary as part of the search results. This field is only returned + if SearchRequest.ContentSearchSpec.summary_spec is set. + totalSize: + format: int32 + type: integer + description: >- + The estimated total count of matched items irrespective of + pagination. The count of results returned by pagination may be less + than the total_size that matches. + sessionInfo: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseSessionInfo + description: >- + Session information. Only set if SearchRequest.session is provided. + See its description for more details. + facets: + type: array + items: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_data_stores_branches_operations_get: + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseFacet + description: Results of facets requested by user. + attributionToken: + type: string + description: >- + A unique search token. This should be included in the UserEvent logs + resulting from this search, which enables accurate attribution of + search model performance. This also helps to identify a request + during the customer support scenarios. + nextPageToken: + type: string + description: >- + A token that can be sent as SearchRequest.page_token to retrieve the + next page. If this field is omitted, there are no subsequent pages. + semanticState: + type: string + enumDescriptions: + - Default value. Should not be used. + - Semantic search was disabled for this search response. + - Semantic search was enabled for this search response. + enum: + - SEMANTIC_STATE_UNSPECIFIED + - DISABLED + - ENABLED + readOnly: true + description: Output only. Indicates the semantic state of the search response. + queryExpansionInfo: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponseQueryExpansionInfo + description: Query expansion information for the returned results. + id: GoogleCloudDiscoveryengineV1SearchResponse + GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint: + id: >- + GoogleCloudDiscoveryengineV1alphaSearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint + description: >- + The control points used to define the curve. The curve defined through + these control points can only be monotonically increasing or + decreasing(constant values are acceptable). + type: object + properties: + attributeValue: + description: >- + Can be one of: 1. The numerical field value. 2. The duration spec + for freshness: The value must be formatted as an XSD + `dayTimeDuration` value (a restricted subset of an ISO 8601 duration + value). The pattern for this is: `nDnM]`. + type: string + boostAmount: + type: number + description: >- + The value between -1 to 1 by which to boost the score if the + attribute_value evaluates to the value specified above. + format: float + GoogleCloudDiscoveryengineV1alphaExportMetricsMetadata: + description: >- + Metadata related to the progress of the Export operation. This is + returned by the google.longrunning.Operation.metadata field. + type: object + properties: + updateTime: + type: string + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + createTime: + format: google-datetime + type: string + description: Operation create time. + id: GoogleCloudDiscoveryengineV1alphaExportMetricsMetadata + GoogleCloudDiscoveryengineV1ControlBoostAction: + id: GoogleCloudDiscoveryengineV1ControlBoostAction + type: object + properties: + fixedBoost: + format: float + description: >- + Optional. Strength of the boost, which should be in [-1, 1]. + Negative boost means demotion. Default is 0.0 (No-op). + type: number + boost: + type: number + description: >- + Strength of the boost, which should be in [-1, 1]. Negative boost + means demotion. Default is 0.0 (No-op). + format: float + deprecated: true + interpolationBoostSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ControlBoostActionInterpolationBoostSpec + description: >- + Optional. Complex specification for custom ranking based on customer + defined attribute value. + dataStore: + description: >- + Required. Specifies which data store's documents can be boosted by + this control. Full data store name e.g. + projects/123/locations/global/collections/default_collection/dataStores/default_data_store + type: string + filter: + type: string + description: >- + Required. Specifies which products to apply the boost to. If no + filter is provided all products will be boosted (No-op). Syntax + documentation: https://cloud.google.com/retail/docs/filter-and-order + Maximum length is 5000 characters. Otherwise an INVALID ARGUMENT + error is thrown. + description: Adjusts order of products in returned list. + GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig: + id: >- + GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigRecommendedForYouFeatureConfig + type: object + properties: + contextEventType: + description: >- + The type of event with which the engine is queried at prediction + time. If set to `generic`, only `view-item`, `media-play`,and + `media-complete` will be used as `context-event` in engine training. + If set to `view-home-page`, `view-home-page` will also be used as + `context-events` in addition to `view-item`, `media-play`, and + `media-complete`. Currently supported for the `recommended-for-you` + engine. Currently supported values: `view-home-page`, `generic`. + type: string + description: >- + Additional feature configurations for creating a `recommended-for-you` + engine. + GoogleCloudDiscoveryengineV1alphaFieldConfig: + id: GoogleCloudDiscoveryengineV1alphaFieldConfig + description: >- + Configurations for fields of a schema. For example, configuring a field + is indexable, or searchable. + properties: + fieldPath: + description: >- + Required. Field path of the schema field. For example: `title`, + `description`, `release_info.release_year`. + type: string + dynamicFacetableOption: + enum: + - DYNAMIC_FACETABLE_OPTION_UNSPECIFIED + - DYNAMIC_FACETABLE_ENABLED + - DYNAMIC_FACETABLE_DISABLED + description: >- + If dynamic_facetable_option is DYNAMIC_FACETABLE_ENABLED, field + values are available for dynamic facet. Could only be + DYNAMIC_FACETABLE_DISABLED if FieldConfig.indexable_option is + INDEXABLE_DISABLED. Otherwise, an `INVALID_ARGUMENT` error will be + returned. If dynamic_facetable_option is unset, the server behavior + defaults to DYNAMIC_FACETABLE_DISABLED for fields that support + setting dynamic facetable options. For those fields that do not + support setting dynamic facetable options, such as `object` and + `boolean`, the server will skip dynamic facetable option setting, + and setting dynamic_facetable_option for those fields will throw + `INVALID_ARGUMENT` error. + enumDescriptions: + - Value used when unset. + - Dynamic facetable option enabled for a schema field. + - Dynamic facetable option disabled for a schema field. + type: string + indexableOption: + type: string + enum: + - INDEXABLE_OPTION_UNSPECIFIED + - INDEXABLE_ENABLED + - INDEXABLE_DISABLED + description: >- + If indexable_option is INDEXABLE_ENABLED, field values are indexed + so that it can be filtered or faceted in SearchService.Search. If + indexable_option is unset, the server behavior defaults to + INDEXABLE_DISABLED for fields that support setting indexable + options. For those fields that do not support setting indexable + options, such as `object` and `boolean` and key properties, the + server will skip indexable_option setting, and setting + indexable_option for those fields will throw `INVALID_ARGUMENT` + error. + enumDescriptions: + - Value used when unset. + - Indexable option enabled for a schema field. + - Indexable option disabled for a schema field. + keyPropertyType: + readOnly: true + type: string + description: >- + Output only. Type of the key property that this field is mapped to. + Empty string if this is not annotated as mapped to a key property. + Example types are `title`, `description`. Full list is defined by + `keyPropertyMapping` in the schema field annotation. If the schema + field has a `KeyPropertyMapping` annotation, `indexable_option` and + `searchable_option` of this field cannot be modified. + searchableOption: + enum: + - SEARCHABLE_OPTION_UNSPECIFIED + - SEARCHABLE_ENABLED + - SEARCHABLE_DISABLED + enumDescriptions: + - Value used when unset. + - Searchable option enabled for a schema field. + - Searchable option disabled for a schema field. + description: >- + If searchable_option is SEARCHABLE_ENABLED, field values are + searchable by text queries in SearchService.Search. If + SEARCHABLE_ENABLED but field type is numerical, field values will + not be searchable by text queries in SearchService.Search, as there + are no text values associated to numerical fields. If + searchable_option is unset, the server behavior defaults to + SEARCHABLE_DISABLED for fields that support setting searchable + options. Only `string` fields that have no key property mapping + support setting searchable_option. For those fields that do not + support setting searchable options, the server will skip searchable + option setting, and setting searchable_option for those fields will + throw `INVALID_ARGUMENT` error. + type: string + advancedSiteSearchDataSources: + items: + type: string + enumDescriptions: + - Value used when unset. + - Retrieve value from meta tag. + - Retrieve value from page map. + - >- + Retrieve value from the attributes set by + SiteSearchEngineService.SetUriPatternDocumentData API. + - Retrieve value from schema.org data. + enum: + - ADVANCED_SITE_SEARCH_DATA_SOURCE_UNSPECIFIED + - METATAGS + - PAGEMAP + - URI_PATTERN_MAPPING + - SCHEMA_ORG + type: array + description: >- + If this field is set, only the corresponding source will be indexed + for this field. Otherwise, the values from different sources are + merged. Assuming a page with `` in meta tag, and `` in page map: if + this enum is set to METATAGS, we will only index ``; if this enum is + not set, we will merge them and index ``. + recsFilterableOption: + enum: + - FILTERABLE_OPTION_UNSPECIFIED + - FILTERABLE_ENABLED + - FILTERABLE_DISABLED + enumDescriptions: + - Value used when unset. + - Filterable option enabled for a schema field. + - Filterable option disabled for a schema field. + type: string + description: >- + If recs_filterable_option is FILTERABLE_ENABLED, field values are + filterable by filter expression in RecommendationService.Recommend. + If FILTERABLE_ENABLED but the field type is numerical, field values + are not filterable by text queries in + RecommendationService.Recommend. Only textual fields are supported. + If recs_filterable_option is unset, the default setting is + FILTERABLE_DISABLED for fields that support setting filterable + options. When a field set to [FILTERABLE_DISABLED] is filtered, a + warning is generated and an empty result is returned. + fieldType: + type: string + enumDescriptions: + - Field type is unspecified. + - Field value type is Object. + - Field value type is String. + - Field value type is Number. + - Field value type is Integer. + - Field value type is Boolean. + - >- + Field value type is Geolocation. Geolocation is expressed as an + object with the following keys: * `id`: a string representing the + location id * `longitude`: a number representing the longitude + coordinate of the location * `latitude`: a number repesenting the + latitude coordinate of the location * `address`: a string + representing the full address of the location `latitude` and + `longitude` must always be provided together. At least one of a) + `address` or b) `latitude`-`longitude` pair must be provided. + - >- + Field value type is Datetime. Datetime can be expressed as either: + * a number representing milliseconds-since-the-epoch * a string + representing milliseconds-since-the-epoch. e.g. `"1420070400001"` + * a string representing the [ISO + 8601](https://en.wikipedia.org/wiki/ISO_8601) date or date and + time. e.g. `"2015-01-01"` or `"2015-01-01T12:10:30Z"` + readOnly: true + description: Output only. Raw type of the field. + enum: + - FIELD_TYPE_UNSPECIFIED + - OBJECT + - STRING + - NUMBER + - INTEGER + - BOOLEAN + - GEOLOCATION + - DATETIME + metatagName: + type: string + description: >- + Optional. The metatag name found in the HTML page. If user defines + this field, the value of this metatag name will be used to extract + metatag. If the user does not define this field, the + FieldConfig.field_path will be used to extract metatag. + schemaOrgPaths: + items: + type: string + type: array + description: >- + Field paths for indexing custom attribute from schema.org data. More + details of schema.org and its defined types can be found at + [schema.org](https://schema.org). It is only used on advanced site + search schema. Currently only support full path from root. The full + path to a field is constructed by concatenating field names, + starting from `_root`, with a period `.` as the delimiter. Examples: + * Publish date of the root: _root.datePublished * Publish date of + the reviews: _root.review.datePublished + completableOption: + enumDescriptions: + - Value used when unset. + - Completable option enabled for a schema field. + - Completable option disabled for a schema field. + enum: + - COMPLETABLE_OPTION_UNSPECIFIED + - COMPLETABLE_ENABLED + - COMPLETABLE_DISABLED + type: string + description: >- + If completable_option is COMPLETABLE_ENABLED, field values are + directly used and returned as suggestions for Autocomplete in + CompletionService.CompleteQuery. If completable_option is unset, the + server behavior defaults to COMPLETABLE_DISABLED for fields that + support setting completable options, which are just `string` fields. + For those fields that do not support setting completable options, + the server will skip completable option setting, and setting + completable_option for those fields will throw `INVALID_ARGUMENT` + error. + retrievableOption: + enum: + - RETRIEVABLE_OPTION_UNSPECIFIED + - RETRIEVABLE_ENABLED + - RETRIEVABLE_DISABLED + description: >- + If retrievable_option is RETRIEVABLE_ENABLED, field values are + included in the search results. If retrievable_option is unset, the + server behavior defaults to RETRIEVABLE_DISABLED for fields that + support setting retrievable options. For those fields that do not + support setting retrievable options, such as `object` and `boolean`, + the server will skip retrievable option setting, and setting + retrievable_option for those fields will throw `INVALID_ARGUMENT` + error. + enumDescriptions: + - Value used when unset. + - Retrievable option enabled for a schema field. + - Retrievable option disabled for a schema field. + type: string + type: object + GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigOcrParsingConfig: + description: The OCR parsing configurations for documents. + type: object + id: >- + GoogleCloudDiscoveryengineV1DocumentProcessingConfigParsingConfigOcrParsingConfig + properties: + useNativeText: + description: >- + If true, will use native text instead of OCR text on pages + containing native text. + type: boolean + enhancedDocumentElements: + deprecated: true + type: array + items: + type: string + description: >- + [DEPRECATED] This field is deprecated. To use the additional + enhanced document elements processing, please switch to + `layout_parsing_config`. + GoogleCloudDiscoveryengineV1NaturalLanguageQueryUnderstandingConfig: + type: object + description: Configuration for Natural Language Query Understanding. + id: GoogleCloudDiscoveryengineV1NaturalLanguageQueryUnderstandingConfig + properties: + mode: + type: string + description: >- + Mode of Natural Language Query Understanding. If this field is + unset, the behavior defaults to + NaturalLanguageQueryUnderstandingConfig.Mode.DISABLED. + enumDescriptions: + - Default value. + - Natural Language Query Understanding is disabled. + - Natural Language Query Understanding is enabled. + enum: + - MODE_UNSPECIFIED + - DISABLED + - ENABLED + GoogleCloudDiscoveryengineV1alphaPurgeCompletionSuggestionsMetadata: + type: object + properties: + createTime: + type: string + format: google-datetime + description: Operation create time. + updateTime: + type: string + format: google-datetime + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + description: >- + Metadata related to the progress of the PurgeCompletionSuggestions + operation. This is returned by the google.longrunning.Operation.metadata + field. + id: GoogleCloudDiscoveryengineV1alphaPurgeCompletionSuggestionsMetadata + GoogleCloudDiscoveryengineV1alphaControlPromoteAction: + description: >- + Promote certain links based on some trigger queries. Example: Promote + shoe store link when searching for `shoe` keyword. The link can be + outside of associated data store. + properties: + dataStore: + description: Required. Data store with which this promotion is attached to. + type: string + searchLinkPromotion: + description: Required. Promotion attached to this action. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaSearchLinkPromotion + id: GoogleCloudDiscoveryengineV1alphaControlPromoteAction + type: object + GoogleCloudDiscoveryengineV1alphaCreateTargetSiteMetadata: + type: object + properties: + createTime: + format: google-datetime + type: string + description: Operation create time. + updateTime: + format: google-datetime + type: string + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + description: >- + Metadata related to the progress of the + SiteSearchEngineService.CreateTargetSite operation. This will be + returned by the google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1alphaCreateTargetSiteMetadata + GoogleCloudDiscoveryengineV1RecrawlUrisRequest: + properties: + uris: + type: array + items: + type: string + description: >- + Required. List of URIs to crawl. At most 10K URIs are supported, + otherwise an INVALID_ARGUMENT error is thrown. Each URI should match + at least one TargetSite in `site_search_engine`. + siteCredential: + description: Optional. Credential id to use for crawling. + type: string + id: GoogleCloudDiscoveryengineV1RecrawlUrisRequest + description: Request message for SiteSearchEngineService.RecrawlUris method. + type: object + GoogleCloudDiscoveryengineV1alphaAnswerReferenceChunkInfoDocumentMetadata: + id: >- + GoogleCloudDiscoveryengineV1alphaAnswerReferenceChunkInfoDocumentMetadata + type: object + description: Document metadata. + properties: + structData: + type: object + additionalProperties: + description: Properties of the object. + type: any + description: >- + The structured JSON metadata for the document. It is populated from + the struct data from the Chunk in search result. + title: + description: Title. + type: string + uri: + type: string + description: URI for the document. + pageIdentifier: + type: string + description: Page identifier. + document: + description: Document resource name. + type: string + GoogleCloudDiscoveryengineV1betaImportUserEventsMetadata: + description: >- + Metadata related to the progress of the Import operation. This is + returned by the google.longrunning.Operation.metadata field. + properties: + createTime: + description: Operation create time. + type: string + format: google-datetime + successCount: + description: Count of entries that were processed successfully. + format: int64 + type: string + failureCount: + description: Count of entries that encountered errors while processing. + type: string + format: int64 + updateTime: + type: string + format: google-datetime + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + type: object + id: GoogleCloudDiscoveryengineV1betaImportUserEventsMetadata + GoogleApiDistributionBucketOptionsExponential: + type: object + description: >- + Specifies an exponential sequence of buckets that have a width that is + proportional to the value of the lower bound. Each bucket represents a + constant relative uncertainty on a specific value in the bucket. There + are `num_finite_buckets + 2` (= N) buckets. Bucket `i` has the following + boundaries: Upper bound (0 <= i < N-1): scale * (growth_factor ^ i). + Lower bound (1 <= i < N): scale * (growth_factor ^ (i - 1)). + properties: + growthFactor: + format: double + description: Must be greater than 1. + type: number + scale: + type: number + description: Must be greater than 0. + format: double + numFiniteBuckets: + description: Must be greater than 0. + format: int32 + type: integer + id: GoogleApiDistributionBucketOptionsExponential + GoogleCloudDiscoveryengineV1ListServingConfigsResponse: + description: Response for ListServingConfigs method. + type: object + id: GoogleCloudDiscoveryengineV1ListServingConfigsResponse + properties: + servingConfigs: + description: All the ServingConfigs for a given dataStore. + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ServingConfig' + type: array + nextPageToken: + type: string + description: Pagination token, if not returned indicates the last page. + GoogleCloudDiscoveryengineV1alphaSchema: + id: GoogleCloudDiscoveryengineV1alphaSchema + properties: + fieldConfigs: + type: array + readOnly: true + items: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1alphaFieldConfig' + description: Output only. Configurations for fields of the schema. + jsonSchema: + type: string + description: The JSON representation of the schema. + name: + description: >- + Immutable. The full resource name of the schema, in the format of + `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}/schemas/{schema}`. + This field must be a UTF-8 encoded string with a length limit of + 1024 characters. + type: string + structSchema: + additionalProperties: + type: any + description: Properties of the object. + description: The structured representation of the schema. + type: object + description: Defines the structure and layout of a type of document data. + type: object + GoogleCloudDiscoveryengineV1StreamAssistRequest: + id: GoogleCloudDiscoveryengineV1StreamAssistRequest + properties: + session: + type: string + description: >- + Optional. The session to use for the request. If specified, the + assistant has access to the session history, and the query and the + answer are stored there. If `-` is specified as the session ID, or + it is left empty, then a new session is created with an + automatically generated ID. Format: + `projects/{project}/locations/{location}/collections/{collection}/engines/{engine}/sessions/{session}` + toolsSpec: + description: Optional. Specification of tools that are used to serve the request. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1StreamAssistRequestToolsSpec + generationSpec: + description: >- + Optional. Specification of the generation configuration for the + request. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1StreamAssistRequestGenerationSpec + query: + description: >- + Optional. Current user query. Empty query is only supported if + `file_ids` are provided. In this case, the answer will be generated + based on those context files. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Query' + userMetadata: + description: Optional. Information about the user initiating the query. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AssistUserMetadata' + description: Request for the AssistantService.StreamAssist method. + type: object + GoogleCloudDiscoveryengineV1EnableAdvancedSiteSearchResponse: + type: object + description: >- + Response message for SiteSearchEngineService.EnableAdvancedSiteSearch + method. + properties: {} + id: GoogleCloudDiscoveryengineV1EnableAdvancedSiteSearchResponse + GoogleCloudDiscoveryengineV1CreateEngineMetadata: + type: object + description: >- + Metadata related to the progress of the EngineService.CreateEngine + operation. This will be returned by the + google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1CreateEngineMetadata + properties: + updateTime: + type: string + format: google-datetime + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + createTime: + description: Operation create time. + format: google-datetime + type: string + GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfig: + type: object + id: GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfig + properties: + allowCrossRegion: + description: >- + Optional. If the flag set to true, we allow the agent and engine are + in different locations, otherwise the agent and engine are required + to be in the same location. The flag is set to false by default. + Note that the `allow_cross_region` are one-time consumed by and + passed to EngineService.CreateEngine. It means they cannot be + retrieved using EngineService.GetEngine or EngineService.ListEngines + API after engine creation. + type: boolean + agentCreationConfig: + description: >- + The configurationt generate the Dialogflow agent that is associated + to this Engine. Note that these configurations are one-time consumed + by and passed to Dialogflow service. It means they cannot be + retrieved using EngineService.GetEngine or EngineService.ListEngines + API after engine creation. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfigAgentCreationConfig + dialogflowAgentToLink: + description: >- + The resource name of an exist Dialogflow agent to link to this Chat + Engine. Customers can either provide `agent_creation_config` to + create agent or provide an agent name that links the agent with the + Chat engine. Format: `projects//locations//agents/`. Note that the + `dialogflow_agent_to_link` are one-time consumed by and passed to + Dialogflow service. It means they cannot be retrieved using + EngineService.GetEngine or EngineService.ListEngines API after + engine creation. Use ChatEngineMetadata.dialogflow_agent for actual + agent association after Engine is created. + type: string + description: Configurations for a Chat Engine. + GoogleCloudDiscoveryengineV1AssistantCustomerPolicyBannedPhrase: + id: GoogleCloudDiscoveryengineV1AssistantCustomerPolicyBannedPhrase + type: object + properties: + ignoreDiacritics: + description: >- + Optional. If true, diacritical marks (e.g., accents, umlauts) are + ignored when matching banned phrases. For example, "cafe" would + match "café". + type: boolean + phrase: + description: Required. The raw string content to be banned. + type: string + matchType: + enumDescriptions: + - Defaults to SIMPLE_STRING_MATCH. + - >- + The banned phrase matches if it is found anywhere in the text as + an exact substring. + - >- + Banned phrase only matches if the pattern found in the text is + surrounded by word delimiters. The phrase itself may still contain + word delimiters. + type: string + enum: + - BANNED_PHRASE_MATCH_TYPE_UNSPECIFIED + - SIMPLE_STRING_MATCH + - WORD_BOUNDARY_STRING_MATCH + description: Optional. Match type for the banned phrase. + description: >- + Definition of a customer-defined banned phrase. A banned phrase is not + allowed to appear in the user query or the LLM response, or else the + answer will be refused. + GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpecBoostControlSpec: + id: >- + GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpecBoostControlSpec + type: object + description: >- + Specification for custom ranking based on customer specified attribute + value. It provides more controls for customized ranking than the simple + (condition, boost) combination above. + properties: + interpolationType: + enumDescriptions: + - >- + Interpolation type is unspecified. In this case, it defaults to + Linear. + - Piecewise linear interpolation will be applied. + enum: + - INTERPOLATION_TYPE_UNSPECIFIED + - LINEAR + type: string + description: >- + The interpolation type to be applied to connect the control points + listed below. + controlPoints: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestBoostSpecConditionBoostSpecBoostControlSpecControlPoint + description: >- + The control points used to define the curve. The monotonic function + (defined through the interpolation_type above) passes through the + control points listed here. + attributeType: + description: >- + The attribute type to be used to determine the boost amount. The + attribute value can be derived from the field value of the specified + field_name. In the case of numerical it is straightforward i.e. + attribute_value = numerical_field_value. In the case of freshness + however, attribute_value = (time.now() - datetime_field_value). + type: string + enum: + - ATTRIBUTE_TYPE_UNSPECIFIED + - NUMERICAL + - FRESHNESS + enumDescriptions: + - Unspecified AttributeType. + - >- + The value of the numerical field will be used to dynamically + update the boost amount. In this case, the attribute_value (the x + value) of the control point will be the actual value of the + numerical field for which the boost_amount is specified. + - >- + For the freshness use case the attribute value will be the + duration between the current time and the date in the datetime + field specified. The value must be formatted as an XSD + `dayTimeDuration` value (a restricted subset of an ISO 8601 + duration value). The pattern for this is: `nDnM]`. For example, + `5D`, `3DT12H30M`, `T24H`. + fieldName: + description: >- + The name of the field whose value will be used to determine the + boost amount. + type: string + GoogleMonitoringV3Point: + id: GoogleMonitoringV3Point + properties: + value: + $ref: '#/components/schemas/GoogleMonitoringV3TypedValue' + description: The value of the data point. + interval: + description: >- + The time interval to which the data point applies. For `GAUGE` + metrics, the start time is optional, but if it is supplied, it must + equal the end time. For `DELTA` metrics, the start and end time + should specify a non-zero interval, with subsequent points + specifying contiguous and non-overlapping intervals. For + `CUMULATIVE` metrics, the start and end time should specify a + non-zero interval, with subsequent points specifying the same start + time and increasing end times, until an event resets the cumulative + value to zero and sets a new start time for the following points. + $ref: '#/components/schemas/GoogleMonitoringV3TimeInterval' + type: object + description: A single data point in a time series. + GoogleCloudDiscoveryengineV1BigtableSource: + description: The Cloud Bigtable source for importing data. + id: GoogleCloudDiscoveryengineV1BigtableSource + type: object + properties: + bigtableOptions: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1BigtableOptions' + description: >- + Required. Bigtable options that contains information needed when + parsing data into typed structures. For example, column type + annotations. + tableId: + description: >- + Required. The table ID of the Cloud Bigtable that needs to be + imported. + type: string + projectId: + description: >- + The project ID that contains the Bigtable source. Has a length limit + of 128 characters. If not specified, inherits the project ID from + the parent request. + type: string + instanceId: + description: >- + Required. The instance ID of the Cloud Bigtable that needs to be + imported. + type: string + GoogleCloudDiscoveryengineV1betaSearchRequestSearchAddonSpec: + type: object + properties: + disableSemanticAddOn: + description: >- + Optional. If true, semantic add-on is disabled. Semantic add-on + includes embeddings and jetstream. + type: boolean + disableKpiPersonalizationAddOn: + description: >- + Optional. If true, disables event re-ranking and personalization to + optimize KPIs & personalize results. + type: boolean + disableGenerativeAnswerAddOn: + description: >- + Optional. If true, generative answer add-on is disabled. Generative + answer add-on includes natural language to filters and simple + answers. + type: boolean + id: GoogleCloudDiscoveryengineV1betaSearchRequestSearchAddonSpec + description: >- + SearchAddonSpec is used to disable add-ons for search as per new + repricing model. By default if the SearchAddonSpec is not specified, we + consider that the customer wants to enable them wherever applicable. + GoogleCloudDiscoveryengineV1SearchRequestQueryExpansionSpec: + type: object + description: >- + Specification to determine under which conditions query expansion should + occur. + properties: + pinUnexpandedResults: + type: boolean + description: >- + Whether to pin unexpanded results. If this field is set to true, + unexpanded products are always at the top of the search results, + followed by the expanded results. + condition: + enumDescriptions: + - >- + Unspecified query expansion condition. In this case, server + behavior defaults to Condition.DISABLED. + - >- + Disabled query expansion. Only the exact search query is used, + even if SearchResponse.total_size is zero. + - Automatic query expansion built by the Search API. + type: string + description: >- + The condition under which query expansion should occur. Default to + Condition.DISABLED. + enum: + - CONDITION_UNSPECIFIED + - DISABLED + - AUTO + id: GoogleCloudDiscoveryengineV1SearchRequestQueryExpansionSpec + GoogleCloudDiscoveryengineV1alphaCitation: + id: GoogleCloudDiscoveryengineV1alphaCitation + properties: + uri: + readOnly: true + description: Output only. Url reference of the attribution. + type: string + title: + type: string + readOnly: true + description: Output only. Title of the attribution. + startIndex: + readOnly: true + description: Output only. Start index into the content. + type: integer + format: int32 + endIndex: + readOnly: true + description: Output only. End index into the content. + format: int32 + type: integer + license: + description: Output only. License of the attribution. + readOnly: true + type: string + publicationDate: + readOnly: true + description: Output only. Publication date of the attribution. + $ref: '#/components/schemas/GoogleTypeDate' + type: object + description: Source attributions for content. + GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfigDigitalParsingConfig: + description: The digital parsing configurations for documents. + type: object + properties: {} + id: >- + GoogleCloudDiscoveryengineV1betaDocumentProcessingConfigParsingConfigDigitalParsingConfig + GoogleCloudDiscoveryengineV1CheckGroundingResponseClaim: + properties: + startPos: + type: integer + description: >- + Position indicating the start of the claim in the answer candidate, + measured in bytes. Note that this is not measured in characters and, + therefore, must be rendered in the user interface keeping in mind + that some characters may take more than one byte. For example, if + the claim text contains non-ASCII characters, the start and end + positions vary when measured in characters + (programming-language-dependent) and when measured in bytes + (programming-language-independent). + format: int32 + endPos: + type: integer + description: >- + Position indicating the end of the claim in the answer candidate, + exclusive, in bytes. Note that this is not measured in characters + and, therefore, must be rendered as such. For example, if the claim + text contains non-ASCII characters, the start and end positions vary + when measured in characters (programming-language-dependent) and + when measured in bytes (programming-language-independent). + format: int32 + groundingCheckRequired: + type: boolean + description: >- + Indicates that this claim required grounding check. When the system + decided this claim doesn't require attribution/grounding check, this + field will be set to false. In that case, no grounding check was + done for the claim and therefore citation_indices should not be + returned. + claimText: + type: string + description: >- + Text for the claim in the answer candidate. Always provided + regardless of whether citations or anti-citations are found. + citationIndices: + type: array + description: >- + A list of indices (into 'cited_chunks') specifying the citations + associated with the claim. For instance [1,3,4] means that + cited_chunks[1], cited_chunks[3], cited_chunks[4] are the facts + cited supporting for the claim. A citation to a fact indicates that + the claim is supported by the fact. + items: + type: integer + format: int32 + score: + format: double + type: number + description: >- + Confidence score for the claim in the answer candidate, in the range + of [0, 1]. This is set only when + `CheckGroundingRequest.grounding_spec.enable_claim_level_score` is + true. + id: GoogleCloudDiscoveryengineV1CheckGroundingResponseClaim + type: object + description: Text and citation info for a claim in the answer candidate. + GoogleCloudDiscoveryengineV1DataConnectorRealtimeSyncConfig: + type: object + properties: + streamingError: + description: Optional. Streaming error details. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1DataConnectorRealtimeSyncConfigStreamingError + webhookUri: + type: string + description: >- + Optional. Webhook url for the connector to specify additional params + for realtime sync. + realtimeSyncSecret: + type: string + description: >- + Optional. The ID of the Secret Manager secret used for webhook + secret. + description: >- + The configuration for realtime sync to store additional params for + realtime sync. + id: GoogleCloudDiscoveryengineV1DataConnectorRealtimeSyncConfig + GoogleCloudDiscoveryengineV1alphaCreateSitemapMetadata: + description: >- + Metadata related to the progress of the + SiteSearchEngineService.CreateSitemap operation. This will be returned + by the google.longrunning.Operation.metadata field. + id: GoogleCloudDiscoveryengineV1alphaCreateSitemapMetadata + properties: + createTime: + format: google-datetime + type: string + description: Operation create time. + updateTime: + format: google-datetime + type: string + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + type: object + GoogleCloudDiscoveryengineV1alphaDataConnectorRealtimeSyncConfig: + id: GoogleCloudDiscoveryengineV1alphaDataConnectorRealtimeSyncConfig + description: >- + The configuration for realtime sync to store additional params for + realtime sync. + properties: + webhookUri: + description: >- + Optional. Webhook url for the connector to specify additional params + for realtime sync. + type: string + realtimeSyncSecret: + description: >- + Optional. The ID of the Secret Manager secret used for webhook + secret. + type: string + streamingError: + description: Optional. Streaming error details. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDataConnectorRealtimeSyncConfigStreamingError + type: object + GoogleCloudDiscoveryengineV1SearchRequest: + type: object + properties: + displaySpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestDisplaySpec + description: >- + Optional. Config for display feature, like match highlighting on + search results. + relevanceThreshold: + description: >- + The relevance threshold of the search results. Default to Google + defined threshold, leveraging a balance of precision and recall to + deliver both highly accurate results and comprehensive coverage of + relevant information. This feature is not supported for healthcare + search. + type: string + enum: + - RELEVANCE_THRESHOLD_UNSPECIFIED + - LOWEST + - LOW + - MEDIUM + - HIGH + enumDescriptions: + - >- + Default value. In this case, server behavior defaults to Google + defined threshold. + - Lowest relevance threshold. + - Low relevance threshold. + - Medium relevance threshold. + - High relevance threshold. + imageQuery: + description: Raw image query. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestImageQuery + spellCorrectionSpec: + description: >- + The spell correction specification that specifies the mode under + which spell correction takes effect. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestSpellCorrectionSpec + safeSearch: + description: >- + Whether to turn on safe search. This is only supported for website + search. + type: boolean + queryExpansionSpec: + description: >- + The query expansion specification that specifies the conditions + under which query expansion occurs. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestQueryExpansionSpec + userPseudoId: + type: string + description: >- + Optional. A unique identifier for tracking visitors. For example, + this could be implemented with an HTTP cookie, which should be able + to uniquely identify a visitor on a single device. This unique + identifier should not change if the visitor logs in or out of the + website. This field should NOT have a fixed value such as + `unknown_visitor`. This should be the same identifier as + UserEvent.user_pseudo_id and CompleteQueryRequest.user_pseudo_id The + field must be a UTF-8 encoded string with a length limit of 128 + characters. Otherwise, an `INVALID_ARGUMENT` error is returned. + rankingExpressionBackend: + enumDescriptions: + - Default option for unspecified/unknown values. + - >- + Deprecated: Use `RANK_BY_EMBEDDING` instead. Ranking by custom + embedding model, the default way to evaluate the ranking + expression. Legacy enum option, `RANK_BY_EMBEDDING` should be used + instead. + - >- + Deprecated: Use `RANK_BY_FORMULA` instead. Ranking by custom + formula. Legacy enum option, `RANK_BY_FORMULA` should be used + instead. + - >- + Ranking by custom embedding model, the default way to evaluate the + ranking expression. + - Ranking by custom formula. + enumDeprecated: + - false + - true + - true + - false + - false + enum: + - RANKING_EXPRESSION_BACKEND_UNSPECIFIED + - BYOE + - CLEARBOX + - RANK_BY_EMBEDDING + - RANK_BY_FORMULA + description: Optional. The backend to use for the ranking expression evaluation. + type: string + relevanceScoreSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestRelevanceScoreSpec + description: Optional. The specification for returning the relevance score. + session: + description: >- + The session resource name. Optional. Session allows users to do + multi-turn /search API calls or coordination between /search API + calls and /answer API calls. Example #1 (multi-turn /search API + calls): Call /search API with the session ID generated in the first + call. Here, the previous search query gets considered in query + standing. I.e., if the first query is "How did Alphabet do in 2022?" + and the current query is "How about 2023?", the current query will + be interpreted as "How did Alphabet do in 2023?". Example #2 + (coordination between /search API calls and /answer API calls): Call + /answer API with the session ID generated in the first call. Here, + the answer generation happens in the context of the search results + from the first search call. Multi-turn Search feature is currently + at private GA stage. Please use v1alpha or v1beta version instead + before we launch this feature to public GA. Or ask for allowlisting + through Google Support team. + type: string + searchAsYouTypeSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestSearchAsYouTypeSpec + description: >- + Search as you type configuration. Only supported for the + IndustryVertical.MEDIA vertical. + dataStoreSpecs: + type: array + description: >- + Specifications that define the specific DataStores to be searched, + along with configurations for those data stores. This is only + considered for Engines with multiple data stores. For engines with a + single data store, the specs directly under SearchRequest should be + used. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestDataStoreSpec + filter: + type: string + description: >- + The filter syntax consists of an expression language for + constructing a predicate from one or more fields of the documents + being filtered. Filter expression is case-sensitive. If this field + is unrecognizable, an `INVALID_ARGUMENT` is returned. Filtering in + Vertex AI Search is done by mapping the LHS filter key to a key + property defined in the Vertex AI Search backend -- this mapping is + defined by the customer in their schema. For example a media + customer might have a field 'name' in their schema. In this case the + filter would look like this: filter --> name:'ANY("king kong")' For + more information about filtering including syntax and filter + operators, see + [Filter](https://cloud.google.com/generative-ai-app-builder/docs/filter-search-metadata) + boostSpec: + description: >- + Boost specification to boost certain documents. For more information + on boosting, see + [Boosting](https://cloud.google.com/generative-ai-app-builder/docs/boost-search-results) + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestBoostSpec + canonicalFilter: + description: >- + The default filter that is applied when a user performs a search + without checking any filters on the search page. The filter applied + to every search request when quality improvement such as query + expansion is needed. In the case a query does not have a sufficient + amount of results this filter will be used to determine whether or + not to enable the query expansion flow. The original filter will + still be used for the query expanded search. This field is strongly + recommended to achieve high search quality. For more information + about filter syntax, see SearchRequest.filter. + type: string + params: + description: >- + Additional search parameters. For public website search only, + supported values are: * `user_country_code`: string. Default empty. + If set to non-empty, results are restricted or boosted based on the + location provided. For example, `user_country_code: "au"` For + available codes see [Country + Codes](https://developers.google.com/custom-search/docs/json_api_reference#countryCodes) + * `search_type`: double. Default empty. Enables non-webpage + searching depending on the value. The only valid non-default value + is 1, which enables image searching. For example, `search_type: 1` + additionalProperties: + type: any + type: object + crowdingSpecs: + type: array + description: >- + Optional. Crowding specifications for improving result diversity. If + multiple CrowdingSpecs are specified, crowding will be evaluated on + each unique combination of the `field` values, and max_count will be + the maximum value of `max_count` across all CrowdingSpecs. For + example, if the first CrowdingSpec has `field` = "color" and + `max_count` = 3, and the second CrowdingSpec has `field` = "size" + and `max_count` = 2, then after 3 documents that share the same + color AND size have been returned, subsequent ones should be removed + or demoted. + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestCrowdingSpec + userLabels: + additionalProperties: + type: string + description: >- + The user labels applied to a resource must meet the following + requirements: * Each resource can have multiple labels, up to a + maximum of 64. * Each label must be a key-value pair. * Keys have a + minimum length of 1 character and a maximum length of 63 characters + and cannot be empty. Values can be empty and have a maximum length + of 63 characters. * Keys and values can contain only lowercase + letters, numeric characters, underscores, and dashes. All characters + must use UTF-8 encoding, and international characters are allowed. * + The key portion of a label must be unique. However, you can use the + same key with multiple resources. * Keys must start with a lowercase + letter or international character. See [Google Cloud + Document](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) + for more details. + type: object + userInfo: + description: >- + Information about the end user. Highly recommended for analytics and + personalization. UserInfo.user_agent is used to deduce `device_type` + for analytics. + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserInfo' + contentSearchSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestContentSearchSpec + description: A specification for configuring the behavior of content search. + naturalLanguageQueryUnderstandingSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestNaturalLanguageQueryUnderstandingSpec + description: >- + Optional. Config for natural language query understanding + capabilities, such as extracting structured field filters from the + query. Refer to [this + documentation](https://cloud.google.com/generative-ai-app-builder/docs/natural-language-queries) + for more information. If `naturalLanguageQueryUnderstandingSpec` is + not specified, no additional natural language query understanding + will be done. + query: + description: Raw search query. + type: string + orderBy: + description: >- + The order in which documents are returned. Documents can be ordered + by a field in an Document object. Leave it unset if ordered by + relevance. `order_by` expression is case-sensitive. For more + information on ordering the website search results, see [Order web + search + results](https://cloud.google.com/generative-ai-app-builder/docs/order-web-search-results). + For more information on ordering the healthcare search results, see + [Order healthcare search + results](https://cloud.google.com/generative-ai-app-builder/docs/order-hc-results). + If this field is unrecognizable, an `INVALID_ARGUMENT` is returned. + type: string + oneBoxPageSize: + format: int32 + description: >- + The maximum number of results to return for OneBox. This applies to + each OneBox type individually. Default number is 10. + type: integer + pageToken: + type: string + description: >- + A page token received from a previous SearchService.Search call. + Provide this to retrieve the subsequent page. When paginating, all + other parameters provided to SearchService.Search must match the + call that provided the page token. Otherwise, an `INVALID_ARGUMENT` + error is returned. + sessionSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestSessionSpec + description: Session specification. Can be used only when `session` is set. + rankingExpression: + description: >- + Optional. The ranking expression controls the customized ranking on + retrieval documents. This overrides + ServingConfig.ranking_expression. The syntax and supported features + depend on the `ranking_expression_backend` value. If + `ranking_expression_backend` is not provided, it defaults to + `RANK_BY_EMBEDDING`. If ranking_expression_backend is not provided + or set to `RANK_BY_EMBEDDING`, it should be a single function or + multiple functions that are joined by "+". * ranking_expression = + function, { " + ", function }; Supported functions: * double * + relevance_score * double * dotProduct(embedding_field_path) Function + variables: * `relevance_score`: pre-defined keywords, used for + measure relevance between query and document. * + `embedding_field_path`: the document embedding field used with query + embedding vector. * `dotProduct`: embedding function between + `embedding_field_path` and query embedding vector. Example ranking + expression: If document has an embedding field doc_embedding, the + ranking expression could be `0.5 * relevance_score + 0.3 * + dotProduct(doc_embedding)`. If ranking_expression_backend is set to + `RANK_BY_FORMULA`, the following expression types (and combinations + of those chained using + or * operators) are supported: * `double` * + `signal` * `log(signal)` * `exp(signal)` * `rr(signal, double > 0)` + -- reciprocal rank transformation with second argument being a + denominator constant. * `is_nan(signal)` -- returns 0 if signal is + NaN, 1 otherwise. * `fill_nan(signal1, signal2 | double)` -- if + signal1 is NaN, returns signal2 | double, else returns signal1. Here + are a few examples of ranking formulas that use the supported + ranking expression types: - `0.2 * semantic_similarity_score + 0.8 * + log(keyword_similarity_score)` -- mostly rank by the logarithm of + `keyword_similarity_score` with slight `semantic_smilarity_score` + adjustment. - `0.2 * exp(fill_nan(semantic_similarity_score, 0)) + + 0.3 * is_nan(keyword_similarity_score)` -- rank by the exponent of + `semantic_similarity_score` filling the value with 0 if it's NaN, + also add constant 0.3 adjustment to the final score if + `semantic_similarity_score` is NaN. - `0.2 * + rr(semantic_similarity_score, 16) + 0.8 * + rr(keyword_similarity_score, 16)` -- mostly rank by the reciprocal + rank of `keyword_similarity_score` with slight adjustment of + reciprocal rank of `semantic_smilarity_score`. The following signals + are supported: * `semantic_similarity_score`: semantic similarity + adjustment that is calculated using the embeddings generated by a + proprietary Google model. This score determines how semantically + similar a search query is to a document. * + `keyword_similarity_score`: keyword match adjustment uses the Best + Match 25 (BM25) ranking function. This score is calculated using a + probabilistic model to estimate the probability that a document is + relevant to a given query. * `relevance_score`: semantic relevance + adjustment that uses a proprietary Google model to determine the + meaning and intent behind a user's query in context with the content + in the documents. * `pctr_rank`: predicted conversion rate + adjustment as a rank use predicted Click-through rate (pCTR) to + gauge the relevance and attractiveness of a search result from a + user's perspective. A higher pCTR suggests that the result is more + likely to satisfy the user's query and intent, making it a valuable + signal for ranking. * `freshness_rank`: freshness adjustment as a + rank * `document_age`: The time in hours elapsed since the document + was last updated, a floating-point number (e.g., 0.25 means 15 + minutes). * `topicality_rank`: topicality adjustment as a rank. Uses + proprietary Google model to determine the keyword-based overlap + between the query and the document. * `base_rank`: the default rank + of the result + type: string + pageSize: + description: >- + Maximum number of Documents to return. The maximum allowed value + depends on the data type. Values above the maximum value are coerced + to the maximum value. * Websites with basic indexing: Default `10`, + Maximum `25`. * Websites with advanced indexing: Default `25`, + Maximum `50`. * Other: Default `50`, Maximum `100`. If this field is + negative, an `INVALID_ARGUMENT` is returned. + format: int32 + type: integer + offset: + type: integer + description: >- + A 0-indexed integer that specifies the current offset (that is, + starting result location, amongst the Documents deemed by the API as + relevant) in search results. This field is only considered if + page_token is unset. If this field is negative, an + `INVALID_ARGUMENT` is returned. A large offset may be capped to a + reasonable threshold. + format: int32 + branch: + type: string + description: >- + The branch resource name, such as + `projects/*/locations/global/collections/default_collection/dataStores/default_data_store/branches/0`. + Use `default_branch` as the branch ID or leave this field empty, to + search documents under the default branch. + pageCategories: + description: >- + Optional. The categories associated with a category page. Must be + set for category navigation queries to achieve good search quality. + The format should be the same as UserEvent.PageInfo.page_category. + This field is the equivalent of the query for browse (navigation) + queries. It's used by the browse model when the query is empty. If + the field is empty, it will not be used by the browse model. If the + field contains more than one element, only the first element will be + used. To represent full path of a category, use '>' character to + separate different hierarchies. If '>' is part of the category name, + replace it with other character(s). For example, `Graphics Cards > + RTX>4090 > Founders Edition` where "RTX > 4090" represents one + level, can be rewritten as `Graphics Cards > RTX_4090 > Founders + Edition` + items: + type: string + type: array + facetSpecs: + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchRequestFacetSpec + description: >- + Facet specifications for faceted search. If empty, no facets are + returned. A maximum of 100 values are allowed. Otherwise, an + `INVALID_ARGUMENT` error is returned. + type: array + languageCode: + description: >- + The BCP-47 language code, such as "en-US" or "sr-Latn". For more + information, see [Standard + fields](https://cloud.google.com/apis/design/standard_fields). This + field helps to better interpret the query. If a value isn't + specified, the query language code is automatically detected, which + may not be accurate. + type: string + description: Request message for SearchService.Search method. + id: GoogleCloudDiscoveryengineV1SearchRequest + GoogleCloudDiscoveryengineV1betaControlBoostAction: + id: GoogleCloudDiscoveryengineV1betaControlBoostAction + type: object + properties: + interpolationBoostSpec: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1betaControlBoostActionInterpolationBoostSpec + description: >- + Optional. Complex specification for custom ranking based on customer + defined attribute value. + fixedBoost: + description: >- + Optional. Strength of the boost, which should be in [-1, 1]. + Negative boost means demotion. Default is 0.0 (No-op). + type: number + format: float + filter: + type: string + description: >- + Required. Specifies which products to apply the boost to. If no + filter is provided all products will be boosted (No-op). Syntax + documentation: https://cloud.google.com/retail/docs/filter-and-order + Maximum length is 5000 characters. Otherwise an INVALID ARGUMENT + error is thrown. + dataStore: + description: >- + Required. Specifies which data store's documents can be boosted by + this control. Full data store name e.g. + projects/123/locations/global/collections/default_collection/dataStores/default_data_store + type: string + boost: + deprecated: true + type: number + description: >- + Strength of the boost, which should be in [-1, 1]. Negative boost + means demotion. Default is 0.0 (No-op). + format: float + description: Adjusts order of products in returned list. + GoogleCloudDiscoveryengineV1Project: + id: GoogleCloudDiscoveryengineV1Project + type: object + properties: + configurableBillingStatus: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ProjectConfigurableBillingStatus + description: >- + Output only. The current status of the project's configurable + billing. + readOnly: true + customerProvidedConfig: + description: Optional. Customer provided configurations. + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ProjectCustomerProvidedConfig + createTime: + format: google-datetime + type: string + description: Output only. The timestamp when this project is created. + readOnly: true + serviceTermsMap: + type: object + description: >- + Output only. A map of terms of services. The key is the `id` of + ServiceTerms. + readOnly: true + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ProjectServiceTerms + provisionCompletionTime: + description: >- + Output only. The timestamp when this project is successfully + provisioned. Empty value means this project is still provisioning + and is not ready for use. + format: google-datetime + readOnly: true + type: string + name: + description: >- + Output only. Full resource name of the project, for example + `projects/{project}`. Note that when making requests, project number + and project id are both acceptable, but the server will always + respond in project number. + type: string + readOnly: true + description: Metadata and configurations for a Google Cloud project in the service. + GoogleCloudDiscoveryengineV1AnswerStepAction: + properties: + searchAction: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerStepActionSearchAction + description: Search action. + observation: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerStepActionObservation + description: Observation. + description: Action. + type: object + id: GoogleCloudDiscoveryengineV1AnswerStepAction + GoogleCloudDiscoveryengineV1GroundingFact: + description: Grounding Fact. + properties: + factText: + description: Text content of the fact. Can be at most 10K characters long. + type: string + attributes: + type: object + description: >- + Attributes associated with the fact. Common attributes include + `source` (indicating where the fact was sourced from), `author` + (indicating the author of the fact), and so on. + additionalProperties: + type: string + type: object + id: GoogleCloudDiscoveryengineV1GroundingFact + GoogleCloudDiscoveryengineV1alphaAlertPolicyConfigAlertEnrollment: + id: GoogleCloudDiscoveryengineV1alphaAlertPolicyConfigAlertEnrollment + type: object + properties: + alertId: + description: Immutable. The id of an alert. + type: string + enrollState: + description: Required. The enrollment status of a customer. + type: string + enum: + - ENROLL_STATES_UNSPECIFIED + - ENROLLED + - DECLINED + enumDescriptions: + - >- + Default value. Used for customers who have not responded to the + alert policy. + - Customer is enrolled in this policy. + - Customer declined this policy. + description: The alert enrollment status. + GoogleCloudDiscoveryengineV1alphaDestinationConfig: + properties: + destinations: + items: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1alphaDestinationConfigDestination + description: Optional. The destinations for the corresponding key. + type: array + params: + type: object + description: >- + Optional. Additional parameters for this destination config in + structured json format. + additionalProperties: + description: Properties of the object. + type: any + key: + description: >- + Optional. Unique destination identifier that is supported by the + connector. + type: string + jsonParams: + type: string + description: >- + Additional parameters for this destination config in json string + format. + id: GoogleCloudDiscoveryengineV1alphaDestinationConfig + type: object + description: Defines target endpoints used to connect to third-party sources. + GoogleCloudDiscoveryengineV1alphaDeleteSitemapMetadata: + properties: + createTime: + description: Operation create time. + format: google-datetime + type: string + updateTime: + format: google-datetime + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + type: string + id: GoogleCloudDiscoveryengineV1alphaDeleteSitemapMetadata + description: >- + Metadata related to the progress of the + SiteSearchEngineService.DeleteSitemap operation. This will be returned + by the google.longrunning.Operation.metadata field. + type: object + parameters: + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string + alt: + description: Data format for response. + in: query + name: alt + schema: + type: string + enum: + - json + - media + - proto + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' + callback: + description: JSONP + in: query + name: callback + schema: + type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + x-stackQL-resources: + projects: + id: google.discoveryengine.projects + name: projects + title: Projects + methods: + projects_provision: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}:provision/post' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + acl_config: + id: google.discoveryengine.acl_config + name: acl_config + title: Acl_config + methods: + projects_locations_update_acl_config: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1aclConfig/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_get_acl_config: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1aclConfig/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/acl_config/methods/projects_locations_get_acl_config + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/acl_config/methods/projects_locations_update_acl_config + replace: [] + delete: [] + cmek_config: + id: google.discoveryengine.cmek_config + name: cmek_config + title: Cmek_config + methods: + projects_locations_update_cmek_config: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cmekConfig/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_get_cmek_config: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cmekConfig/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/cmek_config/methods/projects_locations_get_cmek_config + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/cmek_config/methods/projects_locations_update_cmek_config + replace: [] + delete: [] + locations: + id: google.discoveryengine.locations + name: locations + title: Locations + methods: + projects_locations_set_up_data_connector: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:setUpDataConnector/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_set_up_data_connector_v2: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:setUpDataConnectorV2/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + operations: + id: google.discoveryengine.operations + name: operations + title: Operations + methods: + projects_locations_collections_operations_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + projects_locations_collections_operations_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_engines_operations_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_engines_operations_cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1operations~1{operationsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_engines_operations_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + projects_locations_collections_engines_assistants_agents_operations_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1assistants~1{assistantsId}~1agents~1{agentsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_data_connector_operations_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataConnector~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_data_connector_operations_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataConnector~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + projects_locations_collections_data_stores_branches_operations_cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1operations~1{operationsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_data_stores_branches_operations_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_data_stores_branches_operations_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + projects_locations_collections_data_stores_operations_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + projects_locations_collections_data_stores_schemas_operations_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1schemas~1{schemasId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_data_stores_schemas_operations_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1schemas~1{schemasId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + projects_locations_collections_data_stores_models_operations_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1models~1{modelsId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + projects_locations_collections_data_stores_models_operations_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1models~1{modelsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_models_operations_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1models~1{modelsId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + projects_locations_data_stores_models_operations_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1models~1{modelsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_operations_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_operations_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable projects_locations_data_stores_branches_operations_cancel: operation: $ref: >- @@ -21931,14 +25442,28 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_identity_mapping_stores_operations_list: + projects_locations_data_stores_branches_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1identityMappingStores~1{identityMappingStoresId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + projects_locations_data_stores_branches_operations_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_podcasts_operations_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1podcasts~1{podcastsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations projects_locations_identity_mapping_stores_operations_get: operation: $ref: >- @@ -21946,36 +25471,80 @@ components: response: mediaType: application/json openAPIDocKey: '200' + projects_locations_identity_mapping_stores_operations_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1identityMappingStores~1{identityMappingStoresId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + projects_locations_operations_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + projects_locations_operations_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_operations_cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1operations~1{operationsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_operations_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_operations_list: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1operations/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_collections_data_stores_models_operations_get + #/components/x-stackQL-resources/operations/methods/projects_locations_collections_engines_assistants_agents_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_collections_data_stores_branches_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_collections_data_stores_schemas_operations_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_collections_data_stores_models_operations_list + #/components/x-stackQL-resources/operations/methods/projects_locations_collections_data_stores_models_operations_get + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_locations_collections_engines_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_collections_data_stores_branches_operations_list - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_collections_data_stores_schemas_operations_list - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_collections_engines_operations_get + #/components/x-stackQL-resources/operations/methods/projects_locations_collections_data_stores_models_operations_list - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_data_stores_models_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_data_stores_branches_operations_get - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_collections_data_connector_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_collections_operations_get - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_collections_data_stores_operations_list - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_collections_engines_operations_list - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_podcasts_operations_get + #/components/x-stackQL-resources/operations/methods/projects_locations_collections_data_connector_operations_get + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_locations_collections_data_stores_operations_list - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_data_stores_models_operations_list - $ref: >- @@ -21983,1776 +25552,2013 @@ components: - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_data_stores_branches_operations_list - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_identity_mapping_stores_operations_get + #/components/x-stackQL-resources/operations/methods/projects_locations_podcasts_operations_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_collections_data_connector_operations_list + #/components/x-stackQL-resources/operations/methods/projects_locations_identity_mapping_stores_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_collections_operations_list - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get + #/components/x-stackQL-resources/operations/methods/projects_locations_collections_data_connector_operations_list - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_data_stores_operations_list - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_identity_mapping_stores_operations_list - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_operations_get + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_operations_list + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_operations_list insert: [] update: [] replace: [] delete: [] - cmek_config: - id: google.discoveryengine.cmek_config - name: cmek_config - title: Cmek_config + widget_configs: + id: google.discoveryengine.widget_configs + name: widget_configs + title: Widget_configs methods: - projects_locations_update_cmek_config: + projects_locations_collections_engines_widget_configs_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cmekConfig/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1widgetConfigs~1{widgetConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_get_cmek_config: + projects_locations_collections_engines_widget_configs_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cmekConfig/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1widgetConfigs~1{widgetConfigsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_data_stores_widget_configs_patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1widgetConfigs~1{widgetConfigsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_data_stores_widget_configs_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1widgetConfigs~1{widgetConfigsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_widget_configs_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1widgetConfigs~1{widgetConfigsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_widget_configs_patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1widgetConfigs~1{widgetConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/cmek_config/methods/projects_locations_get_cmek_config + #/components/x-stackQL-resources/widget_configs/methods/projects_locations_collections_engines_widget_configs_get + - $ref: >- + #/components/x-stackQL-resources/widget_configs/methods/projects_locations_collections_data_stores_widget_configs_get + - $ref: >- + #/components/x-stackQL-resources/widget_configs/methods/projects_locations_data_stores_widget_configs_get insert: [] update: - $ref: >- - #/components/x-stackQL-resources/cmek_config/methods/projects_locations_update_cmek_config + #/components/x-stackQL-resources/widget_configs/methods/projects_locations_collections_engines_widget_configs_patch + - $ref: >- + #/components/x-stackQL-resources/widget_configs/methods/projects_locations_collections_data_stores_widget_configs_patch + - $ref: >- + #/components/x-stackQL-resources/widget_configs/methods/projects_locations_data_stores_widget_configs_patch replace: [] delete: [] - data_stores: - id: google.discoveryengine.data_stores - name: data_stores - title: Data_stores + controls: + id: google.discoveryengine.controls + name: controls + title: Controls methods: - projects_locations_collections_data_stores_complete_query: + projects_locations_collections_engines_controls_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}:completeQuery/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1controls~1{controlsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_create: + projects_locations_collections_engines_controls_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1controls~1{controlsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_list: + projects_locations_collections_engines_controls_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1controls~1{controlsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.dataStores - projects_locations_collections_data_stores_get: + projects_locations_collections_engines_controls_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1controls/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_delete: + objectKey: $.controls + projects_locations_collections_engines_controls_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1controls/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_patch: + projects_locations_collections_data_stores_controls_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1controls~1{controlsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_train_custom_model: + projects_locations_collections_data_stores_controls_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}:trainCustomModel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1controls~1{controlsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_complete_query: + projects_locations_collections_data_stores_controls_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}:completeQuery/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1controls~1{controlsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_create: + projects_locations_collections_data_stores_controls_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1controls/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_list: + projects_locations_collections_data_stores_controls_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1controls/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.dataStores - projects_locations_data_stores_get: + objectKey: $.controls + projects_locations_data_stores_controls_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1controls/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_delete: + projects_locations_data_stores_controls_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1controls/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_patch: + objectKey: $.controls + projects_locations_data_stores_controls_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1controls~1{controlsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_controls_delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1controls~1{controlsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_controls_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1controls~1{controlsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/data_stores/methods/projects_locations_collections_data_stores_get + #/components/x-stackQL-resources/controls/methods/projects_locations_collections_engines_controls_get - $ref: >- - #/components/x-stackQL-resources/data_stores/methods/projects_locations_collections_data_stores_list + #/components/x-stackQL-resources/controls/methods/projects_locations_collections_data_stores_controls_get - $ref: >- - #/components/x-stackQL-resources/data_stores/methods/projects_locations_data_stores_get + #/components/x-stackQL-resources/controls/methods/projects_locations_collections_engines_controls_list - $ref: >- - #/components/x-stackQL-resources/data_stores/methods/projects_locations_data_stores_list + #/components/x-stackQL-resources/controls/methods/projects_locations_collections_data_stores_controls_list + - $ref: >- + #/components/x-stackQL-resources/controls/methods/projects_locations_data_stores_controls_get + - $ref: >- + #/components/x-stackQL-resources/controls/methods/projects_locations_data_stores_controls_list insert: - $ref: >- - #/components/x-stackQL-resources/data_stores/methods/projects_locations_collections_data_stores_create + #/components/x-stackQL-resources/controls/methods/projects_locations_collections_engines_controls_create - $ref: >- - #/components/x-stackQL-resources/data_stores/methods/projects_locations_data_stores_create + #/components/x-stackQL-resources/controls/methods/projects_locations_collections_data_stores_controls_create + - $ref: >- + #/components/x-stackQL-resources/controls/methods/projects_locations_data_stores_controls_create update: - $ref: >- - #/components/x-stackQL-resources/data_stores/methods/projects_locations_collections_data_stores_patch + #/components/x-stackQL-resources/controls/methods/projects_locations_collections_engines_controls_patch - $ref: >- - #/components/x-stackQL-resources/data_stores/methods/projects_locations_data_stores_patch + #/components/x-stackQL-resources/controls/methods/projects_locations_collections_data_stores_controls_patch + - $ref: >- + #/components/x-stackQL-resources/controls/methods/projects_locations_data_stores_controls_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/data_stores/methods/projects_locations_collections_data_stores_delete + #/components/x-stackQL-resources/controls/methods/projects_locations_collections_engines_controls_delete - $ref: >- - #/components/x-stackQL-resources/data_stores/methods/projects_locations_data_stores_delete - data_stores_site_search_engine: - id: google.discoveryengine.data_stores_site_search_engine - name: data_stores_site_search_engine - title: Data_stores_site_search_engine + #/components/x-stackQL-resources/controls/methods/projects_locations_collections_data_stores_controls_delete + - $ref: >- + #/components/x-stackQL-resources/controls/methods/projects_locations_data_stores_controls_delete + conversations: + id: google.discoveryengine.conversations + name: conversations + title: Conversations methods: - projects_locations_collections_data_stores_get_site_search_engine: + projects_locations_collections_engines_conversations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1conversations/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_get_site_search_engine: + objectKey: $.conversations + projects_locations_collections_engines_conversations_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1conversations/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_engines_conversations_converse: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1conversations~1{conversationsId}:converse/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_engines_conversations_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1conversations~1{conversationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_engines_conversations_patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1conversations~1{conversationsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_engines_conversations_delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1conversations~1{conversationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_data_stores_conversations_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1conversations~1{conversationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_data_stores_conversations_delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1conversations~1{conversationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_data_stores_conversations_patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1conversations~1{conversationsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_data_stores_conversations_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1conversations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.conversations + projects_locations_collections_data_stores_conversations_create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1conversations/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_data_stores_conversations_converse: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1conversations~1{conversationsId}:converse/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_conversations_create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1conversations/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_conversations_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1conversations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.conversations + projects_locations_data_stores_conversations_delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1conversations~1{conversationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_conversations_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1conversations~1{conversationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_conversations_patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1conversations~1{conversationsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_conversations_converse: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1conversations~1{conversationsId}:converse/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/data_stores_site_search_engine/methods/projects_locations_collections_data_stores_get_site_search_engine + #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_engines_conversations_get - $ref: >- - #/components/x-stackQL-resources/data_stores_site_search_engine/methods/projects_locations_data_stores_get_site_search_engine - insert: [] - update: [] + #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_data_stores_conversations_get + - $ref: >- + #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_engines_conversations_list + - $ref: >- + #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_data_stores_conversations_list + - $ref: >- + #/components/x-stackQL-resources/conversations/methods/projects_locations_data_stores_conversations_get + - $ref: >- + #/components/x-stackQL-resources/conversations/methods/projects_locations_data_stores_conversations_list + insert: + - $ref: >- + #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_engines_conversations_create + - $ref: >- + #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_data_stores_conversations_create + - $ref: >- + #/components/x-stackQL-resources/conversations/methods/projects_locations_data_stores_conversations_create + update: + - $ref: >- + #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_engines_conversations_patch + - $ref: >- + #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_data_stores_conversations_patch + - $ref: >- + #/components/x-stackQL-resources/conversations/methods/projects_locations_data_stores_conversations_patch replace: [] - delete: [] - data_store_operations: - id: google.discoveryengine.data_store_operations - name: data_store_operations - title: Data_store_operations + delete: + - $ref: >- + #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_engines_conversations_delete + - $ref: >- + #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_data_stores_conversations_delete + - $ref: >- + #/components/x-stackQL-resources/conversations/methods/projects_locations_data_stores_conversations_delete + answers: + id: google.discoveryengine.answers + name: answers + title: Answers methods: - projects_locations_collections_data_stores_operations_get: + projects_locations_collections_engines_sessions_answers_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1sessions~1{sessionsId}~1answers~1{answersId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_data_stores_sessions_answers_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1sessions~1{sessionsId}~1answers~1{answersId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_sessions_answers_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1sessions~1{sessionsId}~1answers~1{answersId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/data_store_operations/methods/projects_locations_collections_data_stores_operations_get + #/components/x-stackQL-resources/answers/methods/projects_locations_collections_engines_sessions_answers_get + - $ref: >- + #/components/x-stackQL-resources/answers/methods/projects_locations_collections_data_stores_sessions_answers_get + - $ref: >- + #/components/x-stackQL-resources/answers/methods/projects_locations_data_stores_sessions_answers_get insert: [] update: [] replace: [] delete: [] - serving_configs: - id: google.discoveryengine.serving_configs - name: serving_configs - title: Serving_configs + sessions: + id: google.discoveryengine.sessions + name: sessions + title: Sessions methods: - projects_locations_collections_data_stores_serving_configs_search: + projects_locations_collections_engines_sessions_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:search/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1sessions/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_serving_configs_search_lite: + projects_locations_collections_engines_sessions_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:searchLite/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1sessions/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_serving_configs_answer: + objectKey: $.sessions + projects_locations_collections_engines_sessions_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:answer/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1sessions~1{sessionsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_serving_configs_stream_answer: + projects_locations_collections_engines_sessions_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:streamAnswer/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1sessions~1{sessionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_serving_configs_recommend: + projects_locations_collections_engines_sessions_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:recommend/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1sessions~1{sessionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_serving_configs_patch: + projects_locations_collections_data_stores_sessions_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1sessions~1{sessionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_serving_configs_search: + projects_locations_collections_data_stores_sessions_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1servingConfigs~1{servingConfigsId}:search/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1sessions~1{sessionsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_serving_configs_search_lite: + projects_locations_collections_data_stores_sessions_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1servingConfigs~1{servingConfigsId}:searchLite/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1sessions~1{sessionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_serving_configs_answer: + projects_locations_collections_data_stores_sessions_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1servingConfigs~1{servingConfigsId}:answer/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1sessions/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_serving_configs_stream_answer: + objectKey: $.sessions + projects_locations_collections_data_stores_sessions_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1servingConfigs~1{servingConfigsId}:streamAnswer/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1sessions/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_serving_configs_recommend: + projects_locations_data_stores_sessions_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1servingConfigs~1{servingConfigsId}:recommend/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1sessions/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_serving_configs_patch: + projects_locations_data_stores_sessions_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1servingConfigs~1{servingConfigsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1sessions/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_serving_configs_search: + objectKey: $.sessions + projects_locations_data_stores_sessions_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:search/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1sessions~1{sessionsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_serving_configs_search_lite: + projects_locations_data_stores_sessions_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:searchLite/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1sessions~1{sessionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_serving_configs_answer: + projects_locations_data_stores_sessions_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:answer/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1sessions~1{sessionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_serving_configs_stream_answer: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_engines_sessions_get + - $ref: >- + #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_data_stores_sessions_get + - $ref: >- + #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_engines_sessions_list + - $ref: >- + #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_data_stores_sessions_list + - $ref: >- + #/components/x-stackQL-resources/sessions/methods/projects_locations_data_stores_sessions_get + - $ref: >- + #/components/x-stackQL-resources/sessions/methods/projects_locations_data_stores_sessions_list + insert: + - $ref: >- + #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_engines_sessions_create + - $ref: >- + #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_data_stores_sessions_create + - $ref: >- + #/components/x-stackQL-resources/sessions/methods/projects_locations_data_stores_sessions_create + update: + - $ref: >- + #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_engines_sessions_patch + - $ref: >- + #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_data_stores_sessions_patch + - $ref: >- + #/components/x-stackQL-resources/sessions/methods/projects_locations_data_stores_sessions_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_engines_sessions_delete + - $ref: >- + #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_data_stores_sessions_delete + - $ref: >- + #/components/x-stackQL-resources/sessions/methods/projects_locations_data_stores_sessions_delete + assistants: + id: google.discoveryengine.assistants + name: assistants + title: Assistants + methods: + projects_locations_collections_engines_assistants_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:streamAnswer/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1assistants~1{assistantsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_serving_configs_recommend: + projects_locations_collections_engines_assistants_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:recommend/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1assistants~1{assistantsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_serving_configs_patch: + projects_locations_collections_engines_assistants_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1assistants~1{assistantsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_engines_assistants_create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1assistants/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_collections_engines_assistants_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1assistants/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.assistants + projects_locations_collections_engines_assistants_stream_assist: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1assistants~1{assistantsId}:streamAssist/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] - insert: [] - update: + select: - $ref: >- - #/components/x-stackQL-resources/serving_configs/methods/projects_locations_collections_data_stores_serving_configs_patch + #/components/x-stackQL-resources/assistants/methods/projects_locations_collections_engines_assistants_get - $ref: >- - #/components/x-stackQL-resources/serving_configs/methods/projects_locations_collections_engines_serving_configs_patch + #/components/x-stackQL-resources/assistants/methods/projects_locations_collections_engines_assistants_list + insert: - $ref: >- - #/components/x-stackQL-resources/serving_configs/methods/projects_locations_data_stores_serving_configs_patch + #/components/x-stackQL-resources/assistants/methods/projects_locations_collections_engines_assistants_create + update: + - $ref: >- + #/components/x-stackQL-resources/assistants/methods/projects_locations_collections_engines_assistants_patch replace: [] - delete: [] - completion_config: - id: google.discoveryengine.completion_config - name: completion_config - title: Completion_config + delete: + - $ref: >- + #/components/x-stackQL-resources/assistants/methods/projects_locations_collections_engines_assistants_delete + serving_configs: + id: google.discoveryengine.serving_configs + name: serving_configs + title: Serving_configs methods: - projects_locations_collections_data_stores_completion_config_complete_query: + projects_locations_collections_engines_serving_configs_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1completionConfig:completeQuery/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1servingConfigs~1{servingConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_completion_config_complete_query: + projects_locations_collections_engines_serving_configs_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1completionConfig:completeQuery/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1servingConfigs~1{servingConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_completion_config_complete_query: + projects_locations_collections_engines_serving_configs_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1completionConfig:completeQuery/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1servingConfigs~1{servingConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - suggestion_deny_list_entries: - id: google.discoveryengine.suggestion_deny_list_entries - name: suggestion_deny_list_entries - title: Suggestion_deny_list_entries - methods: - projects_locations_collections_data_stores_suggestion_deny_list_entries_import: + projects_locations_collections_engines_serving_configs_search: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1suggestionDenyListEntries:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1servingConfigs~1{servingConfigsId}:search/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_suggestion_deny_list_entries_purge: + projects_locations_collections_engines_serving_configs_stream_answer: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1suggestionDenyListEntries:purge/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1servingConfigs~1{servingConfigsId}:streamAnswer/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_suggestion_deny_list_entries_import: + projects_locations_collections_engines_serving_configs_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1suggestionDenyListEntries:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1servingConfigs/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_suggestion_deny_list_entries_purge: + objectKey: $.servingConfigs + projects_locations_collections_engines_serving_configs_answer: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1suggestionDenyListEntries:purge/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1servingConfigs~1{servingConfigsId}:answer/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - completion_suggestions: - id: google.discoveryengine.completion_suggestions - name: completion_suggestions - title: Completion_suggestions - methods: - projects_locations_collections_data_stores_completion_suggestions_import: + projects_locations_collections_engines_serving_configs_search_lite: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1completionSuggestions:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1servingConfigs~1{servingConfigsId}:searchLite/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_completion_suggestions_purge: + projects_locations_collections_engines_serving_configs_recommend: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1completionSuggestions:purge/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1servingConfigs~1{servingConfigsId}:recommend/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_completion_suggestions_import: + projects_locations_collections_data_stores_serving_configs_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1completionSuggestions:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_completion_suggestions_purge: + projects_locations_collections_data_stores_serving_configs_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1completionSuggestions:purge/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - controls: - id: google.discoveryengine.controls - name: controls - title: Controls - methods: - projects_locations_collections_data_stores_controls_create: + projects_locations_collections_data_stores_serving_configs_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1controls/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_controls_list: + projects_locations_collections_data_stores_serving_configs_recommend: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1controls/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:recommend/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.controls - projects_locations_collections_data_stores_controls_delete: + projects_locations_collections_data_stores_serving_configs_search: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1controls~1{controlsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:search/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_controls_patch: + projects_locations_collections_data_stores_serving_configs_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1controls~1{controlsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1servingConfigs/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_controls_get: + objectKey: $.servingConfigs + projects_locations_collections_data_stores_serving_configs_answer: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1controls~1{controlsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:answer/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_controls_create: + projects_locations_collections_data_stores_serving_configs_stream_answer: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1controls/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:streamAnswer/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_controls_list: + projects_locations_collections_data_stores_serving_configs_search_lite: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1controls/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:searchLite/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.controls - projects_locations_collections_engines_controls_delete: + projects_locations_data_stores_serving_configs_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1controls~1{controlsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1servingConfigs/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_controls_patch: + objectKey: $.servingConfigs + projects_locations_data_stores_serving_configs_search: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1controls~1{controlsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:search/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_controls_get: + projects_locations_data_stores_serving_configs_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1controls~1{controlsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_controls_create: + projects_locations_data_stores_serving_configs_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1controls/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_controls_list: + projects_locations_data_stores_serving_configs_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1controls/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.controls - projects_locations_data_stores_controls_delete: + projects_locations_data_stores_serving_configs_recommend: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1controls~1{controlsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:recommend/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_controls_patch: + projects_locations_data_stores_serving_configs_stream_answer: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1controls~1{controlsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:streamAnswer/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_controls_get: + projects_locations_data_stores_serving_configs_answer: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1controls~1{controlsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:answer/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_serving_configs_search_lite: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1servingConfigs~1{servingConfigsId}:searchLite/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_collections_data_stores_controls_get - - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_collections_engines_controls_get - - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_collections_data_stores_controls_list - - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_collections_engines_controls_list + #/components/x-stackQL-resources/serving_configs/methods/projects_locations_collections_engines_serving_configs_get - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_data_stores_controls_get + #/components/x-stackQL-resources/serving_configs/methods/projects_locations_collections_data_stores_serving_configs_get - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_data_stores_controls_list - insert: + #/components/x-stackQL-resources/serving_configs/methods/projects_locations_collections_engines_serving_configs_list - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_collections_data_stores_controls_create + #/components/x-stackQL-resources/serving_configs/methods/projects_locations_collections_data_stores_serving_configs_list - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_collections_engines_controls_create + #/components/x-stackQL-resources/serving_configs/methods/projects_locations_data_stores_serving_configs_get - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_data_stores_controls_create + #/components/x-stackQL-resources/serving_configs/methods/projects_locations_data_stores_serving_configs_list + insert: [] update: - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_collections_data_stores_controls_patch + #/components/x-stackQL-resources/serving_configs/methods/projects_locations_collections_engines_serving_configs_patch - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_collections_engines_controls_patch + #/components/x-stackQL-resources/serving_configs/methods/projects_locations_collections_data_stores_serving_configs_patch - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_data_stores_controls_patch + #/components/x-stackQL-resources/serving_configs/methods/projects_locations_data_stores_serving_configs_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_collections_data_stores_controls_delete + #/components/x-stackQL-resources/serving_configs/methods/projects_locations_collections_engines_serving_configs_delete - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_collections_engines_controls_delete + #/components/x-stackQL-resources/serving_configs/methods/projects_locations_collections_data_stores_serving_configs_delete - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_data_stores_controls_delete - conversations: - id: google.discoveryengine.conversations - name: conversations - title: Conversations + #/components/x-stackQL-resources/serving_configs/methods/projects_locations_data_stores_serving_configs_delete + completion_config: + id: google.discoveryengine.completion_config + name: completion_config + title: Completion_config methods: - projects_locations_collections_data_stores_conversations_converse: + projects_locations_collections_engines_completion_config_complete_query: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1conversations~1{conversationsId}:converse/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1completionConfig:completeQuery/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_conversations_create: + projects_locations_collections_data_stores_completion_config_complete_query: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1conversations/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1completionConfig:completeQuery/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_conversations_list: + projects_locations_data_stores_completion_config_complete_query: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1conversations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1completionConfig:completeQuery/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.conversations - projects_locations_collections_data_stores_conversations_delete: + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + engines: + id: google.discoveryengine.engines + name: engines + title: Engines + methods: + projects_locations_collections_engines_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1conversations~1{conversationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_conversations_patch: + objectKey: $.engines + projects_locations_collections_engines_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1conversations~1{conversationsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_conversations_get: + projects_locations_collections_engines_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1conversations~1{conversationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_conversations_converse: + projects_locations_collections_engines_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1conversations~1{conversationsId}:converse/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_conversations_create: + projects_locations_collections_engines_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1conversations/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_conversations_list: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/engines/methods/projects_locations_collections_engines_get + - $ref: >- + #/components/x-stackQL-resources/engines/methods/projects_locations_collections_engines_list + insert: + - $ref: >- + #/components/x-stackQL-resources/engines/methods/projects_locations_collections_engines_create + update: + - $ref: >- + #/components/x-stackQL-resources/engines/methods/projects_locations_collections_engines_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/engines/methods/projects_locations_collections_engines_delete + custom_models: + id: google.discoveryengine.custom_models + name: custom_models + title: Custom_models + methods: + projects_locations_collections_data_stores_custom_models_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1conversations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1customModels/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.conversations - projects_locations_collections_engines_conversations_delete: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/custom_models/methods/projects_locations_collections_data_stores_custom_models_list + insert: [] + update: [] + replace: [] + delete: [] + target_sites: + id: google.discoveryengine.target_sites + name: target_sites + title: Target_sites + methods: + projects_locations_collections_data_stores_site_search_engine_target_sites_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1conversations~1{conversationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites~1{targetSitesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_conversations_patch: + projects_locations_collections_data_stores_site_search_engine_target_sites_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1conversations~1{conversationsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites~1{targetSitesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_conversations_get: + projects_locations_collections_data_stores_site_search_engine_target_sites_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1conversations~1{conversationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites~1{targetSitesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_conversations_converse: + projects_locations_collections_data_stores_site_search_engine_target_sites_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1conversations~1{conversationsId}:converse/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_conversations_create: + objectKey: $.targetSites + projects_locations_collections_data_stores_site_search_engine_target_sites_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1conversations/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_conversations_list: + projects_locations_collections_data_stores_site_search_engine_target_sites_batch_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1conversations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites:batchCreate/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.conversations - projects_locations_data_stores_conversations_delete: + projects_locations_data_stores_site_search_engine_target_sites_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1conversations~1{conversationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites~1{targetSitesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_conversations_patch: + projects_locations_data_stores_site_search_engine_target_sites_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1conversations~1{conversationsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites~1{targetSitesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_conversations_get: + projects_locations_data_stores_site_search_engine_target_sites_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1conversations~1{conversationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites~1{targetSitesId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_site_search_engine_target_sites_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.targetSites + projects_locations_data_stores_site_search_engine_target_sites_create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_site_search_engine_target_sites_batch_create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites:batchCreate/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_data_stores_conversations_get - - $ref: >- - #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_engines_conversations_get - - $ref: >- - #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_data_stores_conversations_list + #/components/x-stackQL-resources/target_sites/methods/projects_locations_collections_data_stores_site_search_engine_target_sites_get - $ref: >- - #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_engines_conversations_list + #/components/x-stackQL-resources/target_sites/methods/projects_locations_collections_data_stores_site_search_engine_target_sites_list - $ref: >- - #/components/x-stackQL-resources/conversations/methods/projects_locations_data_stores_conversations_get + #/components/x-stackQL-resources/target_sites/methods/projects_locations_data_stores_site_search_engine_target_sites_get - $ref: >- - #/components/x-stackQL-resources/conversations/methods/projects_locations_data_stores_conversations_list + #/components/x-stackQL-resources/target_sites/methods/projects_locations_data_stores_site_search_engine_target_sites_list insert: - $ref: >- - #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_data_stores_conversations_create + #/components/x-stackQL-resources/target_sites/methods/projects_locations_collections_data_stores_site_search_engine_target_sites_create - $ref: >- - #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_engines_conversations_create + #/components/x-stackQL-resources/target_sites/methods/projects_locations_collections_data_stores_site_search_engine_target_sites_batch_create - $ref: >- - #/components/x-stackQL-resources/conversations/methods/projects_locations_data_stores_conversations_create - update: + #/components/x-stackQL-resources/target_sites/methods/projects_locations_data_stores_site_search_engine_target_sites_create - $ref: >- - #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_data_stores_conversations_patch + #/components/x-stackQL-resources/target_sites/methods/projects_locations_data_stores_site_search_engine_target_sites_batch_create + update: - $ref: >- - #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_engines_conversations_patch + #/components/x-stackQL-resources/target_sites/methods/projects_locations_collections_data_stores_site_search_engine_target_sites_patch - $ref: >- - #/components/x-stackQL-resources/conversations/methods/projects_locations_data_stores_conversations_patch + #/components/x-stackQL-resources/target_sites/methods/projects_locations_data_stores_site_search_engine_target_sites_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_data_stores_conversations_delete + #/components/x-stackQL-resources/target_sites/methods/projects_locations_collections_data_stores_site_search_engine_target_sites_delete - $ref: >- - #/components/x-stackQL-resources/conversations/methods/projects_locations_collections_engines_conversations_delete + #/components/x-stackQL-resources/target_sites/methods/projects_locations_data_stores_site_search_engine_target_sites_delete + target_site_operations: + id: google.discoveryengine.target_site_operations + name: target_site_operations + title: Target_site_operations + methods: + projects_locations_collections_data_stores_site_search_engine_target_sites_operations_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + projects_locations_collections_data_stores_site_search_engine_target_sites_operations_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: - $ref: >- - #/components/x-stackQL-resources/conversations/methods/projects_locations_data_stores_conversations_delete - branches_documents_metadata: - id: google.discoveryengine.branches_documents_metadata - name: branches_documents_metadata - title: Branches_documents_metadata + #/components/x-stackQL-resources/target_site_operations/methods/projects_locations_collections_data_stores_site_search_engine_target_sites_operations_get + - $ref: >- + #/components/x-stackQL-resources/target_site_operations/methods/projects_locations_collections_data_stores_site_search_engine_target_sites_operations_list + insert: [] + update: [] + replace: [] + delete: [] + search_engine_operations: + id: google.discoveryengine.search_engine_operations + name: search_engine_operations + title: Search_engine_operations methods: - projects_locations_collections_data_stores_branches_batch_get_documents_metadata: + projects_locations_collections_data_stores_site_search_engine_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1batchGetDocumentsMetadata/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_branches_batch_get_documents_metadata: + projects_locations_collections_data_stores_site_search_engine_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1batchGetDocumentsMetadata/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/branches_documents_metadata/methods/projects_locations_collections_data_stores_branches_batch_get_documents_metadata + #/components/x-stackQL-resources/search_engine_operations/methods/projects_locations_collections_data_stores_site_search_engine_operations_get - $ref: >- - #/components/x-stackQL-resources/branches_documents_metadata/methods/projects_locations_data_stores_branches_batch_get_documents_metadata + #/components/x-stackQL-resources/search_engine_operations/methods/projects_locations_collections_data_stores_site_search_engine_operations_list insert: [] update: [] replace: [] delete: [] - documents: - id: google.discoveryengine.documents - name: documents - title: Documents + sitemaps: + id: google.discoveryengine.sitemaps + name: sitemaps + title: Sitemaps methods: - projects_locations_collections_data_stores_branches_documents_get: + projects_locations_collections_data_stores_site_search_engine_sitemaps_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents~1{documentsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1sitemaps/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_branches_documents_patch: + projects_locations_collections_data_stores_site_search_engine_sitemaps_fetch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents~1{documentsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1sitemaps:fetch/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_branches_documents_delete: + projects_locations_collections_data_stores_site_search_engine_sitemaps_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents~1{documentsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1sitemaps~1{sitemapsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_branches_documents_list: + projects_locations_data_stores_site_search_engine_sitemaps_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1sitemaps/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.documents - projects_locations_collections_data_stores_branches_documents_create: + projects_locations_data_stores_site_search_engine_sitemaps_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1sitemaps~1{sitemapsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_branches_documents_import: + projects_locations_data_stores_site_search_engine_sitemaps_fetch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1sitemaps:fetch/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_branches_documents_purge: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/sitemaps/methods/projects_locations_collections_data_stores_site_search_engine_sitemaps_fetch + - $ref: >- + #/components/x-stackQL-resources/sitemaps/methods/projects_locations_data_stores_site_search_engine_sitemaps_fetch + insert: + - $ref: >- + #/components/x-stackQL-resources/sitemaps/methods/projects_locations_collections_data_stores_site_search_engine_sitemaps_create + - $ref: >- + #/components/x-stackQL-resources/sitemaps/methods/projects_locations_data_stores_site_search_engine_sitemaps_create + update: [] + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/sitemaps/methods/projects_locations_collections_data_stores_site_search_engine_sitemaps_delete + - $ref: >- + #/components/x-stackQL-resources/sitemaps/methods/projects_locations_data_stores_site_search_engine_sitemaps_delete + site_search_engine_domain_verification_status: + id: google.discoveryengine.site_search_engine_domain_verification_status + name: site_search_engine_domain_verification_status + title: Site_search_engine_domain_verification_status + methods: + projects_locations_collections_data_stores_site_search_engine_fetch_domain_verification_status: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents:purge/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine:fetchDomainVerificationStatus/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_branches_documents_get: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/site_search_engine_domain_verification_status/methods/projects_locations_collections_data_stores_site_search_engine_fetch_domain_verification_status + insert: [] + update: [] + replace: [] + delete: [] + site_search_engine: + id: google.discoveryengine.site_search_engine + name: site_search_engine + title: Site_search_engine + methods: + projects_locations_collections_data_stores_site_search_engine_batch_verify_target_sites: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents~1{documentsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine:batchVerifyTargetSites/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_branches_documents_patch: + projects_locations_collections_data_stores_site_search_engine_recrawl_uris: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents~1{documentsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine:recrawlUris/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_branches_documents_delete: + projects_locations_collections_data_stores_site_search_engine_disable_advanced_site_search: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents~1{documentsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine:disableAdvancedSiteSearch/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_branches_documents_list: + projects_locations_collections_data_stores_site_search_engine_enable_advanced_site_search: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine:enableAdvancedSiteSearch/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.documents - projects_locations_data_stores_branches_documents_create: + projects_locations_data_stores_site_search_engine_disable_advanced_site_search: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine:disableAdvancedSiteSearch/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_branches_documents_import: + projects_locations_data_stores_site_search_engine_recrawl_uris: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine:recrawlUris/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_branches_documents_purge: + projects_locations_data_stores_site_search_engine_enable_advanced_site_search: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents:purge/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine:enableAdvancedSiteSearch/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/documents/methods/projects_locations_collections_data_stores_branches_documents_get - - $ref: >- - #/components/x-stackQL-resources/documents/methods/projects_locations_collections_data_stores_branches_documents_list - - $ref: >- - #/components/x-stackQL-resources/documents/methods/projects_locations_data_stores_branches_documents_get - - $ref: >- - #/components/x-stackQL-resources/documents/methods/projects_locations_data_stores_branches_documents_list - insert: - - $ref: >- - #/components/x-stackQL-resources/documents/methods/projects_locations_collections_data_stores_branches_documents_create - - $ref: >- - #/components/x-stackQL-resources/documents/methods/projects_locations_data_stores_branches_documents_create - update: - - $ref: >- - #/components/x-stackQL-resources/documents/methods/projects_locations_collections_data_stores_branches_documents_patch - - $ref: >- - #/components/x-stackQL-resources/documents/methods/projects_locations_data_stores_branches_documents_patch + select: [] + insert: [] + update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/documents/methods/projects_locations_collections_data_stores_branches_documents_delete - - $ref: >- - #/components/x-stackQL-resources/documents/methods/projects_locations_data_stores_branches_documents_delete - schemas: - id: google.discoveryengine.schemas - name: schemas - title: Schemas + delete: [] + user_events: + id: google.discoveryengine.user_events + name: user_events + title: User_events methods: - projects_locations_collections_data_stores_schemas_get: + projects_locations_collections_data_stores_user_events_purge: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1schemas~1{schemasId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1userEvents:purge/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_schemas_patch: + projects_locations_collections_data_stores_user_events_write: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1schemas~1{schemasId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1userEvents:write/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_schemas_delete: + projects_locations_collections_data_stores_user_events_collect: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1schemas~1{schemasId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1userEvents:collect/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_schemas_list: + projects_locations_collections_data_stores_user_events_import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1schemas/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1userEvents:import/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.schemas - projects_locations_collections_data_stores_schemas_create: + projects_locations_data_stores_user_events_purge: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1schemas/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1userEvents:purge/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_schemas_get: + projects_locations_data_stores_user_events_collect: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1schemas~1{schemasId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1userEvents:collect/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_schemas_patch: + projects_locations_data_stores_user_events_import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1schemas~1{schemasId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1userEvents:import/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_schemas_delete: + projects_locations_data_stores_user_events_write: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1schemas~1{schemasId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1userEvents:write/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_schemas_list: + projects_locations_user_events_write: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1schemas/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1userEvents:write/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.schemas - projects_locations_data_stores_schemas_create: + projects_locations_user_events_collect: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1schemas/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1userEvents:collect/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/schemas/methods/projects_locations_collections_data_stores_schemas_get - - $ref: >- - #/components/x-stackQL-resources/schemas/methods/projects_locations_collections_data_stores_schemas_list - - $ref: >- - #/components/x-stackQL-resources/schemas/methods/projects_locations_data_stores_schemas_get - - $ref: >- - #/components/x-stackQL-resources/schemas/methods/projects_locations_data_stores_schemas_list - insert: - - $ref: >- - #/components/x-stackQL-resources/schemas/methods/projects_locations_collections_data_stores_schemas_create - - $ref: >- - #/components/x-stackQL-resources/schemas/methods/projects_locations_data_stores_schemas_create - update: - - $ref: >- - #/components/x-stackQL-resources/schemas/methods/projects_locations_collections_data_stores_schemas_patch - - $ref: >- - #/components/x-stackQL-resources/schemas/methods/projects_locations_data_stores_schemas_patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/schemas/methods/projects_locations_collections_data_stores_schemas_delete - - $ref: >- - #/components/x-stackQL-resources/schemas/methods/projects_locations_data_stores_schemas_delete - custom_models: - id: google.discoveryengine.custom_models - name: custom_models - title: Custom_models - methods: - projects_locations_collections_data_stores_custom_models_list: + projects_locations_user_events_import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1customModels/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1userEvents:import/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/custom_models/methods/projects_locations_collections_data_stores_custom_models_list + select: [] insert: [] update: [] replace: [] delete: [] - sessions: - id: google.discoveryengine.sessions - name: sessions - title: Sessions + documents: + id: google.discoveryengine.documents + name: documents + title: Documents methods: - projects_locations_collections_data_stores_sessions_create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1sessions/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_collections_data_stores_sessions_list: + projects_locations_collections_data_stores_branches_documents_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1sessions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sessions - projects_locations_collections_data_stores_sessions_delete: + projects_locations_collections_data_stores_branches_documents_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1sessions~1{sessionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_sessions_patch: + objectKey: $.documents + projects_locations_collections_data_stores_branches_documents_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1sessions~1{sessionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents~1{documentsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_sessions_get: + projects_locations_collections_data_stores_branches_documents_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1sessions~1{sessionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents~1{documentsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_sessions_create: + projects_locations_collections_data_stores_branches_documents_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1sessions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents~1{documentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_sessions_list: + projects_locations_collections_data_stores_branches_documents_import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1sessions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents:import/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sessions - projects_locations_collections_engines_sessions_delete: + projects_locations_collections_data_stores_branches_documents_purge: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1sessions~1{sessionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents:purge/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_sessions_patch: + projects_locations_data_stores_branches_documents_import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1sessions~1{sessionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents:import/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_sessions_get: + projects_locations_data_stores_branches_documents_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1sessions~1{sessionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_sessions_create: + objectKey: $.documents + projects_locations_data_stores_branches_documents_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1sessions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_sessions_list: + projects_locations_data_stores_branches_documents_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1sessions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents~1{documentsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sessions - projects_locations_data_stores_sessions_delete: + projects_locations_data_stores_branches_documents_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1sessions~1{sessionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents~1{documentsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_sessions_patch: + projects_locations_data_stores_branches_documents_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1sessions~1{sessionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents~1{documentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_sessions_get: + projects_locations_data_stores_branches_documents_purge: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1sessions~1{sessionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1documents:purge/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_data_stores_sessions_get - - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_engines_sessions_get - - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_data_stores_sessions_list + #/components/x-stackQL-resources/documents/methods/projects_locations_collections_data_stores_branches_documents_get - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_engines_sessions_list + #/components/x-stackQL-resources/documents/methods/projects_locations_collections_data_stores_branches_documents_list - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_locations_data_stores_sessions_get + #/components/x-stackQL-resources/documents/methods/projects_locations_data_stores_branches_documents_get - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_locations_data_stores_sessions_list + #/components/x-stackQL-resources/documents/methods/projects_locations_data_stores_branches_documents_list insert: - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_data_stores_sessions_create - - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_engines_sessions_create + #/components/x-stackQL-resources/documents/methods/projects_locations_collections_data_stores_branches_documents_create - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_locations_data_stores_sessions_create + #/components/x-stackQL-resources/documents/methods/projects_locations_data_stores_branches_documents_create update: - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_data_stores_sessions_patch - - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_engines_sessions_patch + #/components/x-stackQL-resources/documents/methods/projects_locations_collections_data_stores_branches_documents_patch - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_locations_data_stores_sessions_patch + #/components/x-stackQL-resources/documents/methods/projects_locations_data_stores_branches_documents_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_data_stores_sessions_delete - - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_locations_collections_engines_sessions_delete + #/components/x-stackQL-resources/documents/methods/projects_locations_collections_data_stores_branches_documents_delete - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_locations_data_stores_sessions_delete - answers: - id: google.discoveryengine.answers - name: answers - title: Answers + #/components/x-stackQL-resources/documents/methods/projects_locations_data_stores_branches_documents_delete + branches_documents_metadata: + id: google.discoveryengine.branches_documents_metadata + name: branches_documents_metadata + title: Branches_documents_metadata methods: - projects_locations_collections_data_stores_sessions_answers_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1sessions~1{sessionsId}~1answers~1{answersId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_collections_engines_sessions_answers_get: + projects_locations_collections_data_stores_branches_batch_get_documents_metadata: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1sessions~1{sessionsId}~1answers~1{answersId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1batchGetDocumentsMetadata/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_sessions_answers_get: + projects_locations_data_stores_branches_batch_get_documents_metadata: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1sessions~1{sessionsId}~1answers~1{answersId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1branches~1{branchesId}~1batchGetDocumentsMetadata/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/answers/methods/projects_locations_collections_data_stores_sessions_answers_get - - $ref: >- - #/components/x-stackQL-resources/answers/methods/projects_locations_collections_engines_sessions_answers_get + #/components/x-stackQL-resources/branches_documents_metadata/methods/projects_locations_collections_data_stores_branches_batch_get_documents_metadata - $ref: >- - #/components/x-stackQL-resources/answers/methods/projects_locations_data_stores_sessions_answers_get - insert: [] - update: [] - replace: [] - delete: [] - site_search_engine: - id: google.discoveryengine.site_search_engine - name: site_search_engine - title: Site_search_engine - methods: - projects_locations_collections_data_stores_site_search_engine_enable_advanced_site_search: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine:enableAdvancedSiteSearch/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_collections_data_stores_site_search_engine_disable_advanced_site_search: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine:disableAdvancedSiteSearch/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_collections_data_stores_site_search_engine_recrawl_uris: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine:recrawlUris/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_collections_data_stores_site_search_engine_batch_verify_target_sites: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine:batchVerifyTargetSites/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_data_stores_site_search_engine_enable_advanced_site_search: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine:enableAdvancedSiteSearch/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_data_stores_site_search_engine_disable_advanced_site_search: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine:disableAdvancedSiteSearch/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_data_stores_site_search_engine_recrawl_uris: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine:recrawlUris/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: [] + #/components/x-stackQL-resources/branches_documents_metadata/methods/projects_locations_data_stores_branches_batch_get_documents_metadata insert: [] update: [] replace: [] delete: [] - site_search_engine_domain_verification_status: - id: google.discoveryengine.site_search_engine_domain_verification_status - name: site_search_engine_domain_verification_status - title: Site_search_engine_domain_verification_status + data_store_operations: + id: google.discoveryengine.data_store_operations + name: data_store_operations + title: Data_store_operations methods: - projects_locations_collections_data_stores_site_search_engine_fetch_domain_verification_status: + projects_locations_collections_data_stores_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine:fetchDomainVerificationStatus/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/site_search_engine_domain_verification_status/methods/projects_locations_collections_data_stores_site_search_engine_fetch_domain_verification_status + #/components/x-stackQL-resources/data_store_operations/methods/projects_locations_collections_data_stores_operations_get insert: [] update: [] replace: [] delete: [] - search_engine_operations: - id: google.discoveryengine.search_engine_operations - name: search_engine_operations - title: Search_engine_operations + completion_suggestions: + id: google.discoveryengine.completion_suggestions + name: completion_suggestions + title: Completion_suggestions methods: - projects_locations_collections_data_stores_site_search_engine_operations_list: + projects_locations_collections_data_stores_completion_suggestions_purge: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1completionSuggestions:purge/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_locations_collections_data_stores_site_search_engine_operations_get: + projects_locations_collections_data_stores_completion_suggestions_import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1completionSuggestions:import/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/search_engine_operations/methods/projects_locations_collections_data_stores_site_search_engine_operations_get - - $ref: >- - #/components/x-stackQL-resources/search_engine_operations/methods/projects_locations_collections_data_stores_site_search_engine_operations_list - insert: [] - update: [] - replace: [] - delete: [] - target_sites: - id: google.discoveryengine.target_sites - name: target_sites - title: Target_sites - methods: - projects_locations_collections_data_stores_site_search_engine_target_sites_create: + projects_locations_data_stores_completion_suggestions_import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1completionSuggestions:import/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_site_search_engine_target_sites_list: + projects_locations_data_stores_completion_suggestions_purge: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1completionSuggestions:purge/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.targetSites - projects_locations_collections_data_stores_site_search_engine_target_sites_batch_create: + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + schemas: + id: google.discoveryengine.schemas + name: schemas + title: Schemas + methods: + projects_locations_collections_data_stores_schemas_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites:batchCreate/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1schemas~1{schemasId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_site_search_engine_target_sites_get: + projects_locations_collections_data_stores_schemas_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites~1{targetSitesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1schemas~1{schemasId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_site_search_engine_target_sites_patch: + projects_locations_collections_data_stores_schemas_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites~1{targetSitesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1schemas~1{schemasId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_site_search_engine_target_sites_delete: + projects_locations_collections_data_stores_schemas_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites~1{targetSitesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1schemas/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_site_search_engine_target_sites_create: + objectKey: $.schemas + projects_locations_collections_data_stores_schemas_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1schemas/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_site_search_engine_target_sites_list: + projects_locations_data_stores_schemas_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1schemas~1{schemasId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.targetSites - projects_locations_data_stores_site_search_engine_target_sites_batch_create: + projects_locations_data_stores_schemas_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites:batchCreate/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1schemas~1{schemasId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_site_search_engine_target_sites_get: + projects_locations_data_stores_schemas_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites~1{targetSitesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1schemas~1{schemasId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_site_search_engine_target_sites_patch: + projects_locations_data_stores_schemas_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites~1{targetSitesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1schemas/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_site_search_engine_target_sites_delete: + objectKey: $.schemas + projects_locations_data_stores_schemas_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites~1{targetSitesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1schemas/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/target_sites/methods/projects_locations_collections_data_stores_site_search_engine_target_sites_get + #/components/x-stackQL-resources/schemas/methods/projects_locations_collections_data_stores_schemas_get - $ref: >- - #/components/x-stackQL-resources/target_sites/methods/projects_locations_collections_data_stores_site_search_engine_target_sites_list + #/components/x-stackQL-resources/schemas/methods/projects_locations_collections_data_stores_schemas_list - $ref: >- - #/components/x-stackQL-resources/target_sites/methods/projects_locations_data_stores_site_search_engine_target_sites_get + #/components/x-stackQL-resources/schemas/methods/projects_locations_data_stores_schemas_get - $ref: >- - #/components/x-stackQL-resources/target_sites/methods/projects_locations_data_stores_site_search_engine_target_sites_list + #/components/x-stackQL-resources/schemas/methods/projects_locations_data_stores_schemas_list insert: - $ref: >- - #/components/x-stackQL-resources/target_sites/methods/projects_locations_collections_data_stores_site_search_engine_target_sites_create - - $ref: >- - #/components/x-stackQL-resources/target_sites/methods/projects_locations_collections_data_stores_site_search_engine_target_sites_batch_create - - $ref: >- - #/components/x-stackQL-resources/target_sites/methods/projects_locations_data_stores_site_search_engine_target_sites_create + #/components/x-stackQL-resources/schemas/methods/projects_locations_collections_data_stores_schemas_create - $ref: >- - #/components/x-stackQL-resources/target_sites/methods/projects_locations_data_stores_site_search_engine_target_sites_batch_create + #/components/x-stackQL-resources/schemas/methods/projects_locations_data_stores_schemas_create update: - $ref: >- - #/components/x-stackQL-resources/target_sites/methods/projects_locations_collections_data_stores_site_search_engine_target_sites_patch + #/components/x-stackQL-resources/schemas/methods/projects_locations_collections_data_stores_schemas_patch - $ref: >- - #/components/x-stackQL-resources/target_sites/methods/projects_locations_data_stores_site_search_engine_target_sites_patch + #/components/x-stackQL-resources/schemas/methods/projects_locations_data_stores_schemas_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/target_sites/methods/projects_locations_collections_data_stores_site_search_engine_target_sites_delete - - $ref: >- - #/components/x-stackQL-resources/target_sites/methods/projects_locations_data_stores_site_search_engine_target_sites_delete - target_site_operations: - id: google.discoveryengine.target_site_operations - name: target_site_operations - title: Target_site_operations - methods: - projects_locations_collections_data_stores_site_search_engine_target_sites_operations_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_collections_data_stores_site_search_engine_target_sites_operations_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1targetSites~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/target_site_operations/methods/projects_locations_collections_data_stores_site_search_engine_target_sites_operations_get + #/components/x-stackQL-resources/schemas/methods/projects_locations_collections_data_stores_schemas_delete - $ref: >- - #/components/x-stackQL-resources/target_site_operations/methods/projects_locations_collections_data_stores_site_search_engine_target_sites_operations_list - insert: [] - update: [] - replace: [] - delete: [] - sitemaps: - id: google.discoveryengine.sitemaps - name: sitemaps - title: Sitemaps + #/components/x-stackQL-resources/schemas/methods/projects_locations_data_stores_schemas_delete + suggestion_deny_list_entries: + id: google.discoveryengine.suggestion_deny_list_entries + name: suggestion_deny_list_entries + title: Suggestion_deny_list_entries methods: - projects_locations_collections_data_stores_site_search_engine_sitemaps_create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1sitemaps/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_collections_data_stores_site_search_engine_sitemaps_delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1sitemaps~1{sitemapsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_collections_data_stores_site_search_engine_sitemaps_fetch: + projects_locations_collections_data_stores_suggestion_deny_list_entries_import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1sitemaps:fetch/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1suggestionDenyListEntries:import/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_site_search_engine_sitemaps_create: + projects_locations_collections_data_stores_suggestion_deny_list_entries_purge: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1sitemaps/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1suggestionDenyListEntries:purge/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_site_search_engine_sitemaps_delete: + projects_locations_data_stores_suggestion_deny_list_entries_purge: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1sitemaps~1{sitemapsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1suggestionDenyListEntries:purge/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_site_search_engine_sitemaps_fetch: + projects_locations_data_stores_suggestion_deny_list_entries_import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine~1sitemaps:fetch/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1suggestionDenyListEntries:import/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/sitemaps/methods/projects_locations_collections_data_stores_site_search_engine_sitemaps_fetch - - $ref: >- - #/components/x-stackQL-resources/sitemaps/methods/projects_locations_data_stores_site_search_engine_sitemaps_fetch - insert: - - $ref: >- - #/components/x-stackQL-resources/sitemaps/methods/projects_locations_collections_data_stores_site_search_engine_sitemaps_create - - $ref: >- - #/components/x-stackQL-resources/sitemaps/methods/projects_locations_data_stores_site_search_engine_sitemaps_create + select: [] + insert: [] update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/sitemaps/methods/projects_locations_collections_data_stores_site_search_engine_sitemaps_delete - - $ref: >- - #/components/x-stackQL-resources/sitemaps/methods/projects_locations_data_stores_site_search_engine_sitemaps_delete - user_events: - id: google.discoveryengine.user_events - name: user_events - title: User_events + delete: [] + data_stores: + id: google.discoveryengine.data_stores + name: data_stores + title: Data_stores methods: - projects_locations_collections_data_stores_user_events_write: + projects_locations_collections_data_stores_complete_query: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1userEvents:write/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}:completeQuery/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_user_events_collect: + projects_locations_collections_data_stores_train_custom_model: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1userEvents:collect/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}:trainCustomModel/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_user_events_purge: + projects_locations_collections_data_stores_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1userEvents:purge/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_data_stores_user_events_import: + projects_locations_collections_data_stores_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1userEvents:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_user_events_write: + projects_locations_collections_data_stores_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1userEvents:write/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_user_events_collect: + projects_locations_collections_data_stores_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1userEvents:collect/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_user_events_purge: + objectKey: $.dataStores + projects_locations_collections_data_stores_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1userEvents:purge/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_data_stores_user_events_import: + projects_locations_data_stores_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1userEvents:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_user_events_write: + projects_locations_data_stores_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1userEvents:write/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_user_events_collect: + objectKey: $.dataStores + projects_locations_data_stores_complete_query: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1userEvents:collect/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}:completeQuery/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_user_events_import: + projects_locations_data_stores_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1userEvents:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_data_stores_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] - insert: [] - update: [] + select: + - $ref: >- + #/components/x-stackQL-resources/data_stores/methods/projects_locations_collections_data_stores_get + - $ref: >- + #/components/x-stackQL-resources/data_stores/methods/projects_locations_collections_data_stores_list + - $ref: >- + #/components/x-stackQL-resources/data_stores/methods/projects_locations_data_stores_get + - $ref: >- + #/components/x-stackQL-resources/data_stores/methods/projects_locations_data_stores_list + insert: + - $ref: >- + #/components/x-stackQL-resources/data_stores/methods/projects_locations_collections_data_stores_create + - $ref: >- + #/components/x-stackQL-resources/data_stores/methods/projects_locations_data_stores_create + update: + - $ref: >- + #/components/x-stackQL-resources/data_stores/methods/projects_locations_collections_data_stores_patch + - $ref: >- + #/components/x-stackQL-resources/data_stores/methods/projects_locations_data_stores_patch replace: [] - delete: [] - engines: - id: google.discoveryengine.engines - name: engines - title: Engines + delete: + - $ref: >- + #/components/x-stackQL-resources/data_stores/methods/projects_locations_collections_data_stores_delete + - $ref: >- + #/components/x-stackQL-resources/data_stores/methods/projects_locations_data_stores_delete + data_stores_site_search_engine: + id: google.discoveryengine.data_stores_site_search_engine + name: data_stores_site_search_engine + title: Data_stores_site_search_engine methods: - projects_locations_collections_engines_create: + projects_locations_collections_data_stores_get_site_search_engine: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataStores~1{dataStoresId}~1siteSearchEngine/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_list: + projects_locations_data_stores_get_site_search_engine: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dataStores~1{dataStoresId}~1siteSearchEngine/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.engines - projects_locations_collections_engines_delete: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/data_stores_site_search_engine/methods/projects_locations_collections_data_stores_get_site_search_engine + - $ref: >- + #/components/x-stackQL-resources/data_stores_site_search_engine/methods/projects_locations_data_stores_get_site_search_engine + insert: [] + update: [] + replace: [] + delete: [] + collections: + id: google.discoveryengine.collections + name: collections + title: Collections + methods: + projects_locations_collections_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_patch: + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/collections/methods/projects_locations_collections_delete + collections_data_connector: + id: google.discoveryengine.collections_data_connector + name: collections_data_connector + title: Collections_data_connector + methods: + projects_locations_collections_update_data_connector: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataConnector/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_get: + projects_locations_collections_get_data_connector: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1dataConnector/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/engines/methods/projects_locations_collections_engines_get - - $ref: >- - #/components/x-stackQL-resources/engines/methods/projects_locations_collections_engines_list - insert: - - $ref: >- - #/components/x-stackQL-resources/engines/methods/projects_locations_collections_engines_create + #/components/x-stackQL-resources/collections_data_connector/methods/projects_locations_collections_get_data_connector + insert: [] update: - $ref: >- - #/components/x-stackQL-resources/engines/methods/projects_locations_collections_engines_patch + #/components/x-stackQL-resources/collections_data_connector/methods/projects_locations_collections_update_data_connector replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/engines/methods/projects_locations_collections_engines_delete - assistants: - id: google.discoveryengine.assistants - name: assistants - title: Assistants + delete: [] + license_configs: + id: google.discoveryengine.license_configs + name: license_configs + title: License_configs methods: - projects_locations_collections_engines_assistants_stream_assist: + projects_locations_license_configs_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1assistants~1{assistantsId}:streamAssist/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1licenseConfigs~1{licenseConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_assistants_patch: + projects_locations_license_configs_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1assistants~1{assistantsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1licenseConfigs~1{licenseConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_collections_engines_assistants_get: + projects_locations_license_configs_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collections~1{collectionsId}~1engines~1{enginesId}~1assistants~1{assistantsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1licenseConfigs/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/assistants/methods/projects_locations_collections_engines_assistants_get - insert: [] + #/components/x-stackQL-resources/license_configs/methods/projects_locations_license_configs_get + insert: + - $ref: >- + #/components/x-stackQL-resources/license_configs/methods/projects_locations_license_configs_create update: - $ref: >- - #/components/x-stackQL-resources/assistants/methods/projects_locations_collections_engines_assistants_patch + #/components/x-stackQL-resources/license_configs/methods/projects_locations_license_configs_patch replace: [] delete: [] cmek_configs: @@ -23760,17 +27566,17 @@ components: name: cmek_configs title: Cmek_configs methods: - projects_locations_cmek_configs_patch: + projects_locations_cmek_configs_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cmekConfigs~1{cmekConfigsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cmekConfigs~1{cmekConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_cmek_configs_get: + projects_locations_cmek_configs_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cmekConfigs~1{cmekConfigsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cmekConfigs~1{cmekConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -23802,58 +27608,40 @@ components: delete: - $ref: >- #/components/x-stackQL-resources/cmek_configs/methods/projects_locations_cmek_configs_delete - grounding_configs: - id: google.discoveryengine.grounding_configs - name: grounding_configs - title: Grounding_configs - methods: - projects_locations_grounding_configs_check: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1groundingConfigs~1{groundingConfigsId}:check/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] identity_mapping_stores: id: google.discoveryengine.identity_mapping_stores name: identity_mapping_stores title: Identity_mapping_stores methods: - projects_locations_identity_mapping_stores_create: + projects_locations_identity_mapping_stores_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1identityMappingStores/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1identityMappingStores~1{identityMappingStoresId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_identity_mapping_stores_list: + projects_locations_identity_mapping_stores_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1identityMappingStores/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1identityMappingStores~1{identityMappingStoresId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.identityMappingStores - projects_locations_identity_mapping_stores_get: + projects_locations_identity_mapping_stores_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1identityMappingStores~1{identityMappingStoresId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1identityMappingStores/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_identity_mapping_stores_delete: + projects_locations_identity_mapping_stores_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1identityMappingStores~1{identityMappingStoresId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1identityMappingStores/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.identityMappingStores projects_locations_identity_mapping_stores_import_identity_mappings: operation: $ref: >- @@ -23903,6 +27691,24 @@ components: update: [] replace: [] delete: [] + grounding_configs: + id: google.discoveryengine.grounding_configs + name: grounding_configs + title: Grounding_configs + methods: + projects_locations_grounding_configs_check: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1groundingConfigs~1{groundingConfigsId}:check/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] ranking_configs: id: google.discoveryengine.ranking_configs name: ranking_configs @@ -23926,6 +27732,34 @@ components: name: user_stores title: User_stores methods: + projects_locations_user_stores_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1userStores~1{userStoresId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_user_stores_delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1userStores~1{userStoresId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_user_stores_patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1userStores~1{userStoresId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_user_stores_create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1userStores/post + response: + mediaType: application/json + openAPIDocKey: '200' projects_locations_user_stores_batch_update_user_licenses: operation: $ref: >- @@ -23934,13 +27768,21 @@ components: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] - insert: [] + select: + - $ref: >- + #/components/x-stackQL-resources/user_stores/methods/projects_locations_user_stores_get + insert: + - $ref: >- + #/components/x-stackQL-resources/user_stores/methods/projects_locations_user_stores_create update: + - $ref: >- + #/components/x-stackQL-resources/user_stores/methods/projects_locations_user_stores_patch - $ref: >- #/components/x-stackQL-resources/user_stores/methods/projects_locations_user_stores_batch_update_user_licenses replace: [] - delete: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/user_stores/methods/projects_locations_user_stores_delete user_licenses: id: google.discoveryengine.user_licenses name: user_licenses @@ -23962,35 +27804,1423 @@ components: update: [] replace: [] delete: [] + license_configs_usage_stats: + id: google.discoveryengine.license_configs_usage_stats + name: license_configs_usage_stats + title: License_configs_usage_stats + methods: + projects_locations_user_stores_license_configs_usage_stats_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1userStores~1{userStoresId}~1licenseConfigsUsageStats/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/license_configs_usage_stats/methods/projects_locations_user_stores_license_configs_usage_stats_list + insert: [] + update: [] + replace: [] + delete: [] paths: - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/sessions/{sessionsId}:downloadFile: + /v1/projects/{projectsId}:provision: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/prettyPrint' + post: + description: >- + Provisions the project resource. During the process, related systems + will get prepared and initialized. Caller must read the [Terms for data + use](https://cloud.google.com/retail/data-use-terms), and optionally + specify in request to provide consent to that service terms. + operationId: discoveryengine.projects.provision + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ProvisionProjectRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/aclConfig: + parameters: *ref_1 + patch: + description: >- + Default ACL configuration for use in a location of a customer's project. + Updates will only reflect to new data stores. Existing data stores will + still use the old value. + operationId: discoveryengine.projects.locations.updateAclConfig + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AclConfig' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AclConfig' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + get: + description: Gets the AclConfig. + operationId: discoveryengine.projects.locations.getAclConfig + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1AclConfig' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/cmekConfig: + parameters: *ref_1 + patch: + description: >- + Provisions a CMEK key for use in a location of a customer's project. + This method will also conduct location validation on the provided + cmekConfig to make sure the key is valid and can be used in the selected + location. + operationId: discoveryengine.projects.locations.updateCmekConfig + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CmekConfig' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: setDefault + schema: + type: boolean + get: + description: Gets the CmekConfig. + operationId: discoveryengine.projects.locations.getCmekConfig + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CmekConfig' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}:setUpDataConnector: + parameters: *ref_1 + post: + description: >- + Creates a Collection and sets up the DataConnector for it. To stop a + DataConnector after setup, use the CollectionService.DeleteCollection + method. + operationId: discoveryengine.projects.locations.setUpDataConnector + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SetUpDataConnectorRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}:setUpDataConnectorV2: + parameters: *ref_1 + post: + description: >- + Creates a Collection and sets up the DataConnector for it. To stop a + DataConnector after setup, use the CollectionService.DeleteCollection + method. + operationId: discoveryengine.projects.locations.setUpDataConnectorV2 + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataConnector' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: collectionId + schema: + type: string + - in: query + name: collectionDisplayName + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: discoveryengine.projects.locations.collections.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: discoveryengine.projects.locations.collections.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/widgetConfigs/{widgetConfigsId}: + parameters: *ref_1 + patch: + description: Update a WidgetConfig. + operationId: >- + discoveryengine.projects.locations.collections.engines.widgetConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfig' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfig' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: path + name: widgetConfigsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets a WidgetConfig. + operationId: discoveryengine.projects.locations.collections.engines.widgetConfigs.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfig' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: path + name: widgetConfigsId + required: true + schema: + type: string + - in: query + name: acceptCache + schema: + type: boolean + - in: query + name: getWidgetConfigRequestOption.turnOffCollectionComponents + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/controls/{controlsId}: + parameters: *ref_1 + patch: + description: >- + Updates a Control. Control action type cannot be changed. If the Control + to update does not exist, a NOT_FOUND error is returned. + operationId: discoveryengine.projects.locations.collections.engines.controls.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: path + name: controlsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets a Control. + operationId: discoveryengine.projects.locations.collections.engines.controls.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: path + name: controlsId + required: true + schema: + type: string + delete: + description: >- + Deletes a Control. If the Control to delete does not exist, a NOT_FOUND + error is returned. + operationId: discoveryengine.projects.locations.collections.engines.controls.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: path + name: controlsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/controls: + parameters: *ref_1 + get: + description: Lists all Controls by their parent DataStore. + operationId: discoveryengine.projects.locations.collections.engines.controls.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListControlsResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + post: + description: >- + Creates a Control. By default 1000 controls are allowed for a data + store. A request can be submitted to adjust this limit. If the Control + to create already exists, an ALREADY_EXISTS error is returned. + operationId: discoveryengine.projects.locations.collections.engines.controls.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: query + name: controlId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/conversations: + parameters: *ref_1 + get: + description: Lists all Conversations by their parent DataStore. + operationId: >- + discoveryengine.projects.locations.collections.engines.conversations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListConversationsResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + post: + description: >- + Creates a Conversation. If the Conversation to create already exists, an + ALREADY_EXISTS error is returned. + operationId: >- + discoveryengine.projects.locations.collections.engines.conversations.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/conversations/{conversationsId}:converse: + parameters: *ref_1 + post: + description: Converses a conversation. + operationId: >- + discoveryengine.projects.locations.collections.engines.conversations.converse + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ConverseConversationRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ConverseConversationResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: path + name: conversationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/conversations/{conversationsId}: + parameters: *ref_1 + get: + description: Gets a Conversation. + operationId: discoveryengine.projects.locations.collections.engines.conversations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: path + name: conversationsId + required: true + schema: + type: string + patch: + description: >- + Updates a Conversation. Conversation action type cannot be changed. If + the Conversation to update does not exist, a NOT_FOUND error is + returned. + operationId: >- + discoveryengine.projects.locations.collections.engines.conversations.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: path + name: conversationsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: >- + Deletes a Conversation. If the Conversation to delete does not exist, a + NOT_FOUND error is returned. + operationId: >- + discoveryengine.projects.locations.collections.engines.conversations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: path + name: conversationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/sessions/{sessionsId}/answers/{answersId}: + parameters: *ref_1 + get: + description: Gets a Answer. + operationId: >- + discoveryengine.projects.locations.collections.engines.sessions.answers.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Answer' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: path + name: sessionsId + required: true + schema: + type: string + - in: path + name: answersId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/sessions: + parameters: *ref_1 + post: + description: >- + Creates a Session. If the Session to create already exists, an + ALREADY_EXISTS error is returned. + operationId: discoveryengine.projects.locations.collections.engines.sessions.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + get: + description: Lists all Sessions by their parent DataStore. + operationId: discoveryengine.projects.locations.collections.engines.sessions.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListSessionsResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/sessions/{sessionsId}: + parameters: *ref_1 get: - description: Downloads a file from the session. - operationId: discoveryengine.media.download + description: Gets a Session. + operationId: discoveryengine.projects.locations.collections.engines.sessions.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: path + name: sessionsId + required: true + schema: + type: string + - in: query + name: includeAnswerDetails + schema: + type: boolean + patch: + description: >- + Updates a Session. Session action type cannot be changed. If the Session + to update does not exist, a NOT_FOUND error is returned. + operationId: discoveryengine.projects.locations.collections.engines.sessions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: path + name: sessionsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: >- + Deletes a Session. If the Session to delete does not exist, a NOT_FOUND + error is returned. + operationId: discoveryengine.projects.locations.collections.engines.sessions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GdataMedia' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -24017,59 +29247,133 @@ paths: required: true schema: type: string - - in: query - name: fileId + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: discoveryengine.projects.locations.collections.engines.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true schema: type: string - - in: query - name: viewId + - in: path + name: locationsId + required: true schema: type: string - /v1/projects/{projectsId}:provision: + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Provisions the project resource. During the process, related systems - will get prepared and initialized. Caller must read the [Terms for data - use](https://cloud.google.com/retail/data-use-terms), and optionally - specify in request to provide consent to that service terms. - operationId: discoveryengine.projects.provision + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: discoveryengine.projects.locations.collections.engines.operations.cancel requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ProvisionProjectRequest + $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/operations: + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/operations: parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: discoveryengine.projects.operations.list + operationId: discoveryengine.projects.locations.collections.engines.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -24083,6 +29387,21 @@ paths: required: true schema: type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string - in: query name: filter schema: @@ -24092,23 +29411,32 @@ paths: schema: type: integer format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: pageToken schema: type: string - /v1/projects/{projectsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/assistants/{assistantsId}/agents/{agentsId}/operations/{operationsId}: parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: discoveryengine.projects.operations.get + operationId: >- + discoveryengine.projects.locations.collections.engines.assistants.agents.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -24123,44 +29451,27 @@ paths: schema: type: string - in: path - name: operationsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: discoveryengine.projects.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' - parameters: - in: path - name: projectsId + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: path + name: assistantsId + required: true + schema: + type: string + - in: path + name: agentsId required: true schema: type: string @@ -24169,32 +29480,31 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/cmekConfig: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/assistants/{assistantsId}: parameters: *ref_1 - patch: - description: >- - Provisions a CMEK key for use in a location of a customer's project. - This method will also conduct location validation on the provided - cmekConfig to make sure the key is valid and can be used in the selected - location. - operationId: discoveryengine.projects.locations.updateCmekConfig - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CmekConfig' + get: + description: Gets an Assistant. + operationId: discoveryengine.projects.locations.collections.engines.assistants.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Assistant' parameters: - in: path name: projectsId @@ -24206,25 +29516,44 @@ paths: required: true schema: type: string - - in: query - name: setDefault + - in: path + name: collectionsId + required: true schema: - type: boolean - get: - description: Gets the CmekConfig. - operationId: discoveryengine.projects.locations.getCmekConfig + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: path + name: assistantsId + required: true + schema: + type: string + delete: + description: Deletes an Assistant. + operationId: discoveryengine.projects.locations.collections.engines.assistants.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CmekConfig' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -24236,26 +29565,49 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataConnector/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: >- - discoveryengine.projects.locations.collections.dataConnector.operations.list + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: enginesId + required: true + schema: + type: string + - in: path + name: assistantsId + required: true + schema: + type: string + patch: + description: Updates an Assistant + operationId: discoveryengine.projects.locations.collections.engines.assistants.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Assistant' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Assistant' parameters: - in: path name: projectsId @@ -24272,40 +29624,51 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: enginesId + required: true schema: type: string - - in: query - name: pageSize + - in: path + name: assistantsId + required: true schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataConnector/operations/{operationsId}: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/assistants: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: >- - discoveryengine.projects.locations.collections.dataConnector.operations.get + post: + description: Creates an Assistant. + operationId: discoveryengine.projects.locations.collections.engines.assistants.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Assistant' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Assistant' parameters: - in: path name: projectsId @@ -24323,29 +29686,38 @@ paths: schema: type: string - in: path - name: operationsId + name: enginesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/operations: - parameters: *ref_1 + - in: query + name: assistantId + schema: + type: string get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: discoveryengine.projects.locations.collections.operations.list + description: Lists all Assistants under an Engine. + operationId: discoveryengine.projects.locations.collections.engines.assistants.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListAssistantsResponse parameters: - in: path name: projectsId @@ -24362,8 +29734,9 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: enginesId + required: true schema: type: string - in: query @@ -24375,26 +29748,39 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/assistants/{assistantsId}:streamAssist: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: discoveryengine.projects.locations.collections.operations.get + post: + description: Assists the user with a query in a streaming fashion. + operationId: >- + discoveryengine.projects.locations.collections.engines.assistants.streamAssist + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1StreamAssistRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1StreamAssistResponse parameters: - in: path name: projectsId @@ -24412,28 +29798,39 @@ paths: schema: type: string - in: path - name: operationsId + name: enginesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}:completeQuery: + - in: path + name: assistantsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/servingConfigs/{servingConfigsId}: parameters: *ref_1 - get: - description: Completes the specified user input with keyword suggestions. - operationId: discoveryengine.projects.locations.collections.dataStores.completeQuery + delete: + description: >- + Deletes a ServingConfig. Returns a NOT_FOUND error if the ServingConfig + does not exist. + operationId: >- + discoveryengine.projects.locations.collections.engines.servingConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1CompleteQueryResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -24451,51 +29848,42 @@ paths: schema: type: string - in: path - name: dataStoresId + name: enginesId required: true schema: type: string - - in: query - name: query - schema: - type: string - - in: query - name: queryModel - schema: - type: string - - in: query - name: userPseudoId + - in: path + name: servingConfigsId + required: true schema: type: string - - in: query - name: includeTailSuggestions - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores: - parameters: *ref_1 - post: + patch: description: >- - Creates a DataStore. DataStore is for storing Documents. To serve these - documents for Search, or Recommendation use case, an Engine needs to be - created separately. - operationId: discoveryengine.projects.locations.collections.dataStores.create + Updates a ServingConfig. Returns a NOT_FOUND error if the ServingConfig + does not exist. + operationId: >- + discoveryengine.projects.locations.collections.engines.servingConfigs.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ServingConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ServingConfig' parameters: - in: path name: projectsId @@ -24512,42 +29900,43 @@ paths: required: true schema: type: string - - in: query - name: cmekConfigName + - in: path + name: enginesId + required: true schema: type: string - - in: query - name: disableCmek - schema: - type: boolean - - in: query - name: dataStoreId + - in: path + name: servingConfigsId + required: true schema: type: string - in: query - name: createAdvancedSiteSearch - schema: - type: boolean - - in: query - name: skipDefaultSchemaCreation + name: updateMask schema: - type: boolean + type: string + format: google-fieldmask get: - description: Lists all the DataStores associated with the project. - operationId: discoveryengine.projects.locations.collections.dataStores.list + description: >- + Gets a ServingConfig. Returns a NotFound error if the ServingConfig does + not exist. + operationId: >- + discoveryengine.projects.locations.collections.engines.servingConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListDataStoresResponse + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ServingConfig' parameters: - in: path name: projectsId @@ -24564,36 +29953,48 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: enginesId + required: true schema: type: string - - in: query - name: filter + - in: path + name: servingConfigsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/servingConfigs/{servingConfigsId}:search: parameters: *ref_1 - get: - description: Gets a DataStore. - operationId: discoveryengine.projects.locations.collections.dataStores.get + post: + description: Performs a search. + operationId: >- + discoveryengine.projects.locations.collections.engines.servingConfigs.search + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SearchRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponse parameters: - in: path name: projectsId @@ -24611,25 +30012,46 @@ paths: schema: type: string - in: path - name: dataStoresId + name: enginesId required: true schema: type: string - delete: - description: Deletes a DataStore. - operationId: discoveryengine.projects.locations.collections.dataStores.delete + - in: path + name: servingConfigsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/servingConfigs/{servingConfigsId}:streamAnswer: + parameters: *ref_1 + post: + description: >- + Answer query method (streaming). It takes one AnswerQueryRequest and + returns multiple AnswerQueryResponse messages in a stream. + operationId: >- + discoveryengine.projects.locations.collections.engines.servingConfigs.streamAnswer + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryResponse parameters: - in: path name: projectsId @@ -24647,30 +30069,38 @@ paths: schema: type: string - in: path - name: dataStoresId + name: enginesId required: true schema: type: string - patch: - description: Updates a DataStore - operationId: discoveryengine.projects.locations.collections.dataStores.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' + - in: path + name: servingConfigsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/servingConfigs: + parameters: *ref_1 + get: + description: Lists all ServingConfigs linked to this dataStore. + operationId: >- + discoveryengine.projects.locations.collections.engines.servingConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListServingConfigsResponse parameters: - in: path name: projectsId @@ -24688,39 +30118,48 @@ paths: schema: type: string - in: path - name: dataStoresId + name: enginesId required: true schema: type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}:trainCustomModel: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/servingConfigs/{servingConfigsId}:answer: parameters: *ref_1 post: - description: Trains a custom model. + description: Answer query method. operationId: >- - discoveryengine.projects.locations.collections.dataStores.trainCustomModel + discoveryengine.projects.locations.collections.engines.servingConfigs.answer requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1TrainCustomModelRequest + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryResponse parameters: - in: path name: projectsId @@ -24738,21 +30177,48 @@ paths: schema: type: string - in: path - name: dataStoresId + name: enginesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine: + - in: path + name: servingConfigsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/servingConfigs/{servingConfigsId}:searchLite: parameters: *ref_1 - get: - description: Gets the SiteSearchEngine. + post: + description: >- + Performs a search. Similar to the SearchService.Search method, but a + lite version that allows API key for authentication, where OAuth and IAM + checks are not required. Only public website search is supported by this + method. If data stores and engines not associated with public website + search are specified, a `FAILED_PRECONDITION` error is returned. This + method can be used for easy onboarding without having to implement an + authentication backend. However, it is strongly recommended to use + SearchService.Search instead with required OAuth and IAM checks to + provide better data security. operationId: >- - discoveryengine.projects.locations.collections.dataStores.getSiteSearchEngine + discoveryengine.projects.locations.collections.engines.servingConfigs.searchLite + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SearchRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -24760,7 +30226,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SiteSearchEngine + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponse parameters: - in: path name: projectsId @@ -24778,30 +30244,44 @@ paths: schema: type: string - in: path - name: dataStoresId + name: enginesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/models/{modelsId}/operations: + - in: path + name: servingConfigsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/servingConfigs/{servingConfigsId}:recommend: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. + post: + description: Makes a recommendation, which requires a contextual user event. operationId: >- - discoveryengine.projects.locations.collections.dataStores.models.operations.list + discoveryengine.projects.locations.collections.engines.servingConfigs.recommend + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1RecommendRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1RecommendResponse parameters: - in: path name: projectsId @@ -24819,49 +30299,52 @@ paths: schema: type: string - in: path - name: dataStoresId + name: enginesId required: true schema: type: string - in: path - name: modelsId + name: servingConfigsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/models/{modelsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/completionConfig:completeQuery: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. + post: + description: Completes the user input with advanced keyword suggestions. operationId: >- - discoveryengine.projects.locations.collections.dataStores.models.operations.get + discoveryengine.projects.locations.collections.engines.completionConfig.completeQuery + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud_search.query + Oauth2c: + - https://www.googleapis.com/auth/cloud_search.query + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponse parameters: - in: path name: projectsId @@ -24879,40 +30362,32 @@ paths: schema: type: string - in: path - name: dataStoresId - required: true - schema: - type: string - - in: path - name: modelsId - required: true - schema: - type: string - - in: path - name: operationsId + name: enginesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: >- - discoveryengine.projects.locations.collections.dataStores.operations.list + description: Lists all the Engines associated with the project. + operationId: discoveryengine.projects.locations.collections.engines.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListEnginesResponse parameters: - in: path name: projectsId @@ -24929,11 +30404,6 @@ paths: required: true schema: type: string - - in: path - name: dataStoresId - required: true - schema: - type: string - in: query name: filter schema: @@ -24947,19 +30417,23 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/operations/{operationsId}: - parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: discoveryengine.projects.locations.collections.dataStores.operations.get + post: + description: Creates a Engine. + operationId: discoveryengine.projects.locations.collections.engines.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Engine' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -24983,40 +30457,76 @@ paths: required: true schema: type: string + - in: query + name: engineId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}: + parameters: *ref_1 + delete: + description: Deletes a Engine. + operationId: discoveryengine.projects.locations.collections.engines.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: dataStoresId + name: locationsId required: true schema: type: string - in: path - name: operationsId + name: collectionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:search: - parameters: *ref_1 - post: - description: Performs a search. - operationId: >- - discoveryengine.projects.locations.collections.dataStores.servingConfigs.search + - in: path + name: enginesId + required: true + schema: + type: string + patch: + description: Updates an Engine + operationId: discoveryengine.projects.locations.collections.engines.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SearchRequest' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Engine' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponse + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Engine' parameters: - in: path name: projectsId @@ -25034,48 +30544,34 @@ paths: schema: type: string - in: path - name: dataStoresId + name: enginesId required: true schema: type: string - - in: path - name: servingConfigsId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:searchLite: - parameters: *ref_1 - post: - description: >- - Performs a search. Similar to the SearchService.Search method, but a - lite version that allows API key for authentication, where OAuth and IAM - checks are not required. Only public website search is supported by this - method. If data stores and engines not associated with public website - search are specified, a `FAILED_PRECONDITION` error is returned. This - method can be used for easy onboarding without having to implement an - authentication backend. However, it is strongly recommended to use - SearchService.Search instead with required OAuth and IAM checks to - provide better data security. - operationId: >- - discoveryengine.projects.locations.collections.dataStores.servingConfigs.searchLite - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SearchRequest' + format: google-fieldmask + get: + description: Gets a Engine. + operationId: discoveryengine.projects.locations.collections.engines.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponse + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Engine' parameters: - in: path name: projectsId @@ -25093,40 +30589,35 @@ paths: schema: type: string - in: path - name: dataStoresId - required: true - schema: - type: string - - in: path - name: servingConfigsId + name: enginesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:answer: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataConnector/operations/{operationsId}: parameters: *ref_1 - post: - description: Answer query method. + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. operationId: >- - discoveryengine.projects.locations.collections.dataStores.servingConfigs.answer - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequest + discoveryengine.projects.locations.collections.dataConnector.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -25144,42 +30635,34 @@ paths: schema: type: string - in: path - name: dataStoresId - required: true - schema: - type: string - - in: path - name: servingConfigsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:streamAnswer: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataConnector/operations: parameters: *ref_1 - post: + get: description: >- - Answer query method (streaming). It takes one AnswerQueryRequest and - returns multiple AnswerQueryResponse messages in a stream. + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. operationId: >- - discoveryengine.projects.locations.collections.dataStores.servingConfigs.streamAnswer - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequest + discoveryengine.projects.locations.collections.dataConnector.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -25196,33 +30679,38 @@ paths: required: true schema: type: string - - in: path - name: dataStoresId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - - in: path - name: servingConfigsId - required: true + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:recommend: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/customModels: parameters: *ref_1 - post: - description: Makes a recommendation, which requires a contextual user event. + get: + description: Gets a list of all the custom models. operationId: >- - discoveryengine.projects.locations.collections.dataStores.servingConfigs.recommend - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1RecommendRequest + discoveryengine.projects.locations.collections.dataStores.customModels.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -25230,7 +30718,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1RecommendResponse + #/components/schemas/GoogleCloudDiscoveryengineV1ListCustomModelsResponse parameters: - in: path name: projectsId @@ -25252,36 +30740,28 @@ paths: required: true schema: type: string - - in: path - name: servingConfigsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/targetSites/{targetSitesId}: parameters: *ref_1 - patch: - description: >- - Updates a ServingConfig. Returns a NOT_FOUND error if the ServingConfig - does not exist. + delete: + description: Deletes a TargetSite. operationId: >- - discoveryengine.projects.locations.collections.dataStores.servingConfigs.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ServingConfig' + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.targetSites.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ServingConfig' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -25304,44 +30784,30 @@ paths: schema: type: string - in: path - name: servingConfigsId + name: targetSitesId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/completionConfig:completeQuery: - parameters: *ref_1 - post: - description: Completes the user input with advanced keyword suggestions. + get: + description: Gets a TargetSite. operationId: >- - discoveryengine.projects.locations.collections.dataStores.completionConfig.completeQuery - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequest + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.targetSites.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/cloud_search.query + - https://www.googleapis.com/auth/discoveryengine.readwrite Oauth2c: - - https://www.googleapis.com/auth/cloud_search.query + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponse + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' parameters: - in: path name: projectsId @@ -25363,23 +30829,29 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/suggestionDenyListEntries:import: - parameters: *ref_1 - post: - description: Imports all SuggestionDenyListEntry for a DataStore. + - in: path + name: targetSitesId + required: true + schema: + type: string + patch: + description: Updates a TargetSite. operationId: >- - discoveryengine.projects.locations.collections.dataStores.suggestionDenyListEntries.import + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.targetSites.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesRequest + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -25408,30 +30880,34 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/suggestionDenyListEntries:purge: + - in: path + name: targetSitesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/targetSites: parameters: *ref_1 - post: - description: Permanently deletes all SuggestionDenyListEntry for a DataStore. + get: + description: Gets a list of TargetSites. operationId: >- - discoveryengine.projects.locations.collections.dataStores.suggestionDenyListEntries.purge - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1PurgeSuggestionDenyListEntriesRequest + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.targetSites.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListTargetSitesResponse parameters: - in: path name: projectsId @@ -25453,23 +30929,33 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/completionSuggestions:import: - parameters: *ref_1 + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 post: - description: Imports CompletionSuggestions for a DataStore. + description: Creates a TargetSite. operationId: >- - discoveryengine.projects.locations.collections.dataStores.completionSuggestions.import + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.targetSites.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsRequest + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -25498,23 +30984,27 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/completionSuggestions:purge: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/targetSites:batchCreate: parameters: *ref_1 post: - description: Permanently deletes all CompletionSuggestions for a DataStore. + description: Creates TargetSite in a batch. operationId: >- - discoveryengine.projects.locations.collections.dataStores.completionSuggestions.purge + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.targetSites.batchCreate requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1PurgeCompletionSuggestionsRequest + #/components/schemas/GoogleCloudDiscoveryengineV1BatchCreateTargetSitesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -25543,32 +31033,30 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/controls: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/targetSites/operations: parameters: *ref_1 - post: + get: description: >- - Creates a Control. By default 1000 controls are allowed for a data - store. A request can be submitted to adjust this limit. If the Control - to create already exists, an ALREADY_EXISTS error is returned. + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. operationId: >- - discoveryengine.projects.locations.collections.dataStores.controls.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.targetSites.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -25591,25 +31079,47 @@ paths: schema: type: string - in: query - name: controlId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/targetSites/operations/{operationsId}: + parameters: *ref_1 get: - description: Lists all Controls by their parent DataStore. - operationId: discoveryengine.projects.locations.collections.dataStores.controls.list + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.targetSites.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListControlsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -25631,39 +31141,36 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/controls/{controlsId}: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/operations/{operationsId}: parameters: *ref_1 - delete: + get: description: >- - Deletes a Control. If the Control to delete does not exist, a NOT_FOUND - error is returned. + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. operationId: >- - discoveryengine.projects.locations.collections.dataStores.controls.delete + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -25686,32 +31193,34 @@ paths: schema: type: string - in: path - name: controlsId + name: operationsId required: true schema: type: string - patch: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/operations: + parameters: *ref_1 + get: description: >- - Updates a Control. Control action type cannot be changed. If the Control - to update does not exist, a NOT_FOUND error is returned. - operationId: discoveryengine.projects.locations.collections.dataStores.controls.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -25733,31 +31242,50 @@ paths: required: true schema: type: string - - in: path - name: controlsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - in: query - name: updateMask + name: filter schema: type: string - format: google-fieldmask - get: - description: Gets a Control. - operationId: discoveryengine.projects.locations.collections.dataStores.controls.get + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/sitemaps: + parameters: *ref_1 + post: + description: Creates a Sitemap. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.sitemaps.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Sitemap' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -25779,28 +31307,21 @@ paths: required: true schema: type: string - - in: path - name: controlsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/conversations/{conversationsId}:converse: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/sitemaps:fetch: parameters: *ref_1 - post: - description: Converses a conversation. + get: + description: Fetch Sitemaps in a DataStore. operationId: >- - discoveryengine.projects.locations.collections.dataStores.conversations.converse - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ConverseConversationRequest + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.sitemaps.fetch security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -25808,7 +31329,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ConverseConversationResponse + #/components/schemas/GoogleCloudDiscoveryengineV1FetchSitemapsResponse parameters: - in: path name: projectsId @@ -25830,36 +31351,32 @@ paths: required: true schema: type: string - - in: path - name: conversationsId - required: true + - in: query + name: matcher.urisMatcher.uris schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/conversations: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/sitemaps/{sitemapsId}: parameters: *ref_1 - post: - description: >- - Creates a Conversation. If the Conversation to create already exists, an - ALREADY_EXISTS error is returned. + delete: + description: Deletes a Sitemap. operationId: >- - discoveryengine.projects.locations.collections.dataStores.conversations.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.sitemaps.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -25881,15 +31398,29 @@ paths: required: true schema: type: string + - in: path + name: sitemapsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine:fetchDomainVerificationStatus: + parameters: *ref_1 get: - description: Lists all Conversations by their parent DataStore. + description: >- + Returns list of target sites with its domain verification status. This + method can only be called under data store with BASIC_SITE_SEARCH state + at the moment. operationId: >- - discoveryengine.projects.locations.collections.dataStores.conversations.list + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.fetchDomainVerificationStatus security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -25897,7 +31428,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListConversationsResponse + #/components/schemas/GoogleCloudDiscoveryengineV1FetchDomainVerificationStatusResponse parameters: - in: path name: projectsId @@ -25928,34 +31459,36 @@ paths: name: pageToken schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/conversations/{conversationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine:batchVerifyTargetSites: parameters: *ref_1 - delete: + post: description: >- - Deletes a Conversation. If the Conversation to delete does not exist, a - NOT_FOUND error is returned. + Verify target sites' ownership and validity. This API sends all the + target sites under site search engine for verification. operationId: >- - discoveryengine.projects.locations.collections.dataStores.conversations.delete + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.batchVerifyTargetSites + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1BatchVerifyTargetSitesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -25977,35 +31510,34 @@ paths: required: true schema: type: string - - in: path - name: conversationsId - required: true - schema: - type: string - patch: - description: >- - Updates a Conversation. Conversation action type cannot be changed. If - the Conversation to update does not exist, a NOT_FOUND error is - returned. + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine:recrawlUris: + parameters: *ref_1 + post: + description: Request on-demand recrawl for a list of URIs. operationId: >- - discoveryengine.projects.locations.collections.dataStores.conversations.patch + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.recrawlUris requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1RecrawlUrisRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -26027,32 +31559,34 @@ paths: required: true schema: type: string - - in: path - name: conversationsId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - get: - description: Gets a Conversation. + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine:disableAdvancedSiteSearch: + parameters: *ref_1 + post: + description: Downgrade from advanced site search to basic site search. operationId: >- - discoveryengine.projects.locations.collections.dataStores.conversations.get + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.disableAdvancedSiteSearch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1DisableAdvancedSiteSearchRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -26074,32 +31608,34 @@ paths: required: true schema: type: string - - in: path - name: conversationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/branches/{branchesId}/batchGetDocumentsMetadata: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine:enableAdvancedSiteSearch: parameters: *ref_1 - get: - description: >- - Gets index freshness metadata for Documents. Supported for website - search only. + post: + description: Upgrade from basic site search to advanced site search. operationId: >- - discoveryengine.projects.locations.collections.dataStores.branches.batchGetDocumentsMetadata + discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.enableAdvancedSiteSearch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1EnableAdvancedSiteSearchRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -26121,39 +31657,37 @@ paths: required: true schema: type: string - - in: path - name: branchesId - required: true - schema: - type: string - - in: query - name: matcher.urisMatcher.uris - schema: - type: string - - in: query - name: matcher.fhirMatcher.fhirResources - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/branches/{branchesId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/widgetConfigs/{widgetConfigsId}: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. + patch: + description: Update a WidgetConfig. operationId: >- - discoveryengine.projects.locations.collections.dataStores.branches.operations.list + discoveryengine.projects.locations.collections.dataStores.widgetConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfig' parameters: - in: path name: projectsId @@ -26176,44 +31710,39 @@ paths: schema: type: string - in: path - name: branchesId + name: widgetConfigsId required: true schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/branches/{branchesId}/operations/{operationsId}: - parameters: *ref_1 + format: google-fieldmask get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. + description: Gets a WidgetConfig. operationId: >- - discoveryengine.projects.locations.collections.dataStores.branches.operations.get + discoveryengine.projects.locations.collections.dataStores.widgetConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfig' parameters: - in: path name: projectsId @@ -26236,47 +31765,42 @@ paths: schema: type: string - in: path - name: branchesId + name: widgetConfigsId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: acceptCache schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/branches/{branchesId}/operations/{operationsId}:cancel: + type: boolean + - in: query + name: getWidgetConfigRequestOption.turnOffCollectionComponents + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}: parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. + Gets a ServingConfig. Returns a NotFound error if the ServingConfig does + not exist. operationId: >- - discoveryengine.projects.locations.collections.dataStores.branches.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' + discoveryengine.projects.locations.collections.dataStores.servingConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ServingConfig' parameters: - in: path name: projectsId @@ -26299,33 +31823,37 @@ paths: schema: type: string - in: path - name: branchesId - required: true - schema: - type: string - - in: path - name: operationsId + name: servingConfigsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/branches/{branchesId}/documents/{documentsId}: - parameters: *ref_1 - get: - description: Gets a Document. + patch: + description: >- + Updates a ServingConfig. Returns a NOT_FOUND error if the ServingConfig + does not exist. operationId: >- - discoveryengine.projects.locations.collections.dataStores.branches.documents.get + discoveryengine.projects.locations.collections.dataStores.servingConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ServingConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ServingConfig' parameters: - in: path name: projectsId @@ -26348,36 +31876,37 @@ paths: schema: type: string - in: path - name: branchesId + name: servingConfigsId required: true schema: type: string - - in: path - name: documentsId - required: true + - in: query + name: updateMask schema: type: string - patch: - description: Updates a Document. + format: google-fieldmask + delete: + description: >- + Deletes a ServingConfig. Returns a NOT_FOUND error if the ServingConfig + does not exist. operationId: >- - discoveryengine.projects.locations.collections.dataStores.branches.documents.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' + discoveryengine.projects.locations.collections.dataStores.servingConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -26400,40 +31929,39 @@ paths: schema: type: string - in: path - name: branchesId - required: true - schema: - type: string - - in: path - name: documentsId + name: servingConfigsId required: true schema: type: string - - in: query - name: allowMissing - schema: - type: boolean - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a Document. + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:recommend: + parameters: *ref_1 + post: + description: Makes a recommendation, which requires a contextual user event. operationId: >- - discoveryengine.projects.locations.collections.dataStores.branches.documents.delete + discoveryengine.projects.locations.collections.dataStores.servingConfigs.recommend + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1RecommendRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1RecommendResponse parameters: - in: path name: projectsId @@ -26456,26 +31984,34 @@ paths: schema: type: string - in: path - name: branchesId - required: true - schema: - type: string - - in: path - name: documentsId + name: servingConfigsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/branches/{branchesId}/documents: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:search: parameters: *ref_1 - get: - description: Gets a list of Documents. + post: + description: Performs a search. operationId: >- - discoveryengine.projects.locations.collections.dataStores.branches.documents.list + discoveryengine.projects.locations.collections.dataStores.servingConfigs.search + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SearchRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -26483,7 +32019,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListDocumentsResponse + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponse parameters: - in: path name: projectsId @@ -26506,40 +32042,33 @@ paths: schema: type: string - in: path - name: branchesId + name: servingConfigsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - post: - description: Creates a Document. + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/servingConfigs: + parameters: *ref_1 + get: + description: Lists all ServingConfigs linked to this dataStore. operationId: >- - discoveryengine.projects.locations.collections.dataStores.branches.documents.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' + discoveryengine.projects.locations.collections.dataStores.servingConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListServingConfigsResponse parameters: - in: path name: projectsId @@ -26561,42 +32090,44 @@ paths: required: true schema: type: string - - in: path - name: branchesId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: documentId + name: pageSize schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/branches/{branchesId}/documents:import: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:answer: parameters: *ref_1 post: - description: >- - Bulk import of multiple Documents. Request processing may be - synchronous. Non-existing items are created. Note: It is possible for a - subset of the Documents to be successfully updated. + description: Answer query method. operationId: >- - discoveryengine.projects.locations.collections.dataStores.branches.documents.import + discoveryengine.projects.locations.collections.dataStores.servingConfigs.answer requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ImportDocumentsRequest + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryResponse parameters: - in: path name: projectsId @@ -26619,41 +32150,41 @@ paths: schema: type: string - in: path - name: branchesId + name: servingConfigsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/branches/{branchesId}/documents:purge: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:streamAnswer: parameters: *ref_1 post: description: >- - Permanently deletes all selected Documents in a branch. This process is - asynchronous. Depending on the number of Documents to be deleted, this - operation can take hours to complete. Before the delete operation - completes, some Documents might still be returned by - DocumentService.GetDocument or DocumentService.ListDocuments. To get a - list of the Documents to be deleted, set PurgeDocumentsRequest.force to - false. + Answer query method (streaming). It takes one AnswerQueryRequest and + returns multiple AnswerQueryResponse messages in a stream. operationId: >- - discoveryengine.projects.locations.collections.dataStores.branches.documents.purge + discoveryengine.projects.locations.collections.dataStores.servingConfigs.streamAnswer requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1PurgeDocumentsRequest + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryResponse parameters: - in: path name: projectsId @@ -26676,27 +32207,51 @@ paths: schema: type: string - in: path - name: branchesId + name: servingConfigsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/schemas/{schemasId}: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:searchLite: parameters: *ref_1 - get: - description: Gets a Schema. - operationId: discoveryengine.projects.locations.collections.dataStores.schemas.get + post: + description: >- + Performs a search. Similar to the SearchService.Search method, but a + lite version that allows API key for authentication, where OAuth and IAM + checks are not required. Only public website search is supported by this + method. If data stores and engines not associated with public website + search are specified, a `FAILED_PRECONDITION` error is returned. This + method can be used for easy onboarding without having to implement an + authentication backend. However, it is strongly recommended to use + SearchService.Search instead with required OAuth and IAM checks to + provide better data security. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.servingConfigs.searchLite + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SearchRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Schema' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponse parameters: - in: path name: projectsId @@ -26719,23 +32274,39 @@ paths: schema: type: string - in: path - name: schemasId + name: servingConfigsId required: true schema: type: string - patch: - description: Updates a Schema. - operationId: discoveryengine.projects.locations.collections.dataStores.schemas.patch + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/userEvents:purge: + parameters: *ref_1 + post: + description: >- + Deletes permanently all user events specified by the filter provided. + Depending on the number of events specified by the filter, this + operation could take hours or days to complete. To test a filter, use + the list command first. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.userEvents.purge requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Schema' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1PurgeUserEventsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -26764,30 +32335,37 @@ paths: required: true schema: type: string - - in: path - name: schemasId - required: true - schema: - type: string - - in: query - name: allowMissing - schema: - type: boolean - delete: - description: Deletes a Schema. - operationId: discoveryengine.projects.locations.collections.dataStores.schemas.delete + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/userEvents:write: + parameters: *ref_1 + post: + description: Writes a single user event. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.userEvents.write + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserEvent' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserEvent' parameters: - in: path name: projectsId @@ -26809,29 +32387,40 @@ paths: required: true schema: type: string - - in: path - name: schemasId - required: true + - in: query + name: writeAsync schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/schemas: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/userEvents:collect: parameters: *ref_1 get: - description: Gets a list of Schemas. - operationId: discoveryengine.projects.locations.collections.dataStores.schemas.list + description: >- + Writes a single user event from the browser. This uses a GET request to + due to browser restriction of POST-ing to a third-party domain. This + method is used only by the Discovery Engine API JavaScript pixel and + Google Tag Manager. Users should not call this method directly. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.userEvents.collect security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListSchemasResponse + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: projectsId @@ -26854,27 +32443,48 @@ paths: schema: type: string - in: query - name: pageSize + name: uri schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: ets + schema: + type: string + format: int64 + - in: query + name: userEvent schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/userEvents:import: + parameters: *ref_1 post: - description: Creates a Schema. - operationId: discoveryengine.projects.locations.collections.dataStores.schemas.create + description: >- + Bulk import of user events. Request processing might be synchronous. + Events that already exist are skipped. Use this method for backfilling + historical user events. Operation.response is of type ImportResponse. + Note that it is possible for a subset of the items to be successfully + inserted. Operation.metadata is of type ImportMetadata. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.userEvents.import requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Schema' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ImportUserEventsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -26903,30 +32513,42 @@ paths: required: true schema: type: string - - in: query - name: schemaId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/schemas/{schemasId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/branches/{branchesId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. operationId: >- - discoveryengine.projects.locations.collections.dataStores.schemas.operations.list + discoveryengine.projects.locations.collections.dataStores.branches.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -26949,24 +32571,16 @@ paths: schema: type: string - in: path - name: schemasId + name: branchesId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/schemas/{schemasId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/branches/{branchesId}/operations/{operationsId}: parameters: *ref_1 get: description: >- @@ -26974,12 +32588,16 @@ paths: method to poll the operation result at intervals as recommended by the API service. operationId: >- - discoveryengine.projects.locations.collections.dataStores.schemas.operations.get + discoveryengine.projects.locations.collections.dataStores.branches.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -27009,7 +32627,7 @@ paths: schema: type: string - in: path - name: schemasId + name: branchesId required: true schema: type: string @@ -27018,25 +32636,30 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/customModels: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/branches/{branchesId}/operations: parameters: *ref_1 get: - description: Gets a list of all the custom models. + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. operationId: >- - discoveryengine.projects.locations.collections.dataStores.customModels.list + discoveryengine.projects.locations.collections.dataStores.branches.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListCustomModelsResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -27058,31 +32681,55 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/sessions: + - in: path + name: branchesId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/branches/{branchesId}/documents: parameters: *ref_1 post: - description: >- - Creates a Session. If the Session to create already exists, an - ALREADY_EXISTS error is returned. + description: Creates a Document. operationId: >- - discoveryengine.projects.locations.collections.dataStores.sessions.create + discoveryengine.projects.locations.collections.dataStores.branches.documents.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' parameters: - in: path name: projectsId @@ -27104,14 +32751,28 @@ paths: required: true schema: type: string + - in: path + name: branchesId + required: true + schema: + type: string + - in: query + name: documentId + schema: + type: string get: - description: Lists all Sessions by their parent DataStore. - operationId: discoveryengine.projects.locations.collections.dataStores.sessions.list + description: Gets a list of Documents. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.branches.documents.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -27119,7 +32780,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListSessionsResponse + #/components/schemas/GoogleCloudDiscoveryengineV1ListDocumentsResponse parameters: - in: path name: projectsId @@ -27141,43 +32802,47 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: branchesId + required: true schema: type: string - in: query - name: filter + name: pageToken schema: type: string - in: query - name: orderBy + name: pageSize schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/sessions/{sessionsId}: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/branches/{branchesId}/documents/{documentsId}: parameters: *ref_1 - delete: - description: >- - Deletes a Session. If the Session to delete does not exist, a NOT_FOUND - error is returned. + patch: + description: Updates a Document. operationId: >- - discoveryengine.projects.locations.collections.dataStores.sessions.delete + discoveryengine.projects.locations.collections.dataStores.branches.documents.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' parameters: - in: path name: projectsId @@ -27200,32 +32865,44 @@ paths: schema: type: string - in: path - name: sessionsId + name: branchesId required: true schema: type: string - patch: - description: >- - Updates a Session. Session action type cannot be changed. If the Session - to update does not exist, a NOT_FOUND error is returned. - operationId: discoveryengine.projects.locations.collections.dataStores.sessions.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + - in: path + name: documentsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: allowMissing + schema: + type: boolean + get: + description: Gets a Document. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.branches.documents.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' parameters: - in: path name: projectsId @@ -27248,30 +32925,35 @@ paths: schema: type: string - in: path - name: sessionsId + name: branchesId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: documentsId + required: true schema: type: string - format: google-fieldmask - get: - description: Gets a Session. - operationId: discoveryengine.projects.locations.collections.dataStores.sessions.get + delete: + description: Deletes a Document. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.branches.documents.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -27294,32 +32976,46 @@ paths: schema: type: string - in: path - name: sessionsId + name: branchesId required: true schema: type: string - - in: query - name: includeAnswerDetails + - in: path + name: documentsId + required: true schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/sessions/{sessionsId}/answers/{answersId}: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/branches/{branchesId}/documents:import: parameters: *ref_1 - get: - description: Gets a Answer. + post: + description: >- + Bulk import of multiple Documents. Request processing may be + synchronous. Non-existing items are created. Note: It is possible for a + subset of the Documents to be successfully updated. operationId: >- - discoveryengine.projects.locations.collections.dataStores.sessions.answers.get + discoveryengine.projects.locations.collections.dataStores.branches.documents.import + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ImportDocumentsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Answer' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -27342,32 +33038,38 @@ paths: schema: type: string - in: path - name: sessionsId - required: true - schema: - type: string - - in: path - name: answersId + name: branchesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine:enableAdvancedSiteSearch: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/branches/{branchesId}/documents:purge: parameters: *ref_1 post: - description: Upgrade from basic site search to advanced site search. + description: >- + Permanently deletes all selected Documents in a branch. This process is + asynchronous. Depending on the number of Documents to be deleted, this + operation can take hours to complete. Before the delete operation + completes, some Documents might still be returned by + DocumentService.GetDocument or DocumentService.ListDocuments. To get a + list of the Documents to be deleted, set PurgeDocumentsRequest.force to + false. operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.enableAdvancedSiteSearch + discoveryengine.projects.locations.collections.dataStores.branches.documents.purge requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1EnableAdvancedSiteSearchRequest + #/components/schemas/GoogleCloudDiscoveryengineV1PurgeDocumentsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -27396,30 +33098,94 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine:disableAdvancedSiteSearch: + - in: path + name: branchesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/branches/{branchesId}/batchGetDocumentsMetadata: parameters: *ref_1 - post: - description: Downgrade from advanced site search to basic site search. + get: + description: >- + Gets index freshness metadata for Documents. Supported for website + search only. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.branches.batchGetDocumentsMetadata + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: collectionsId + required: true + schema: + type: string + - in: path + name: dataStoresId + required: true + schema: + type: string + - in: path + name: branchesId + required: true + schema: + type: string + - in: query + name: matcher.fhirMatcher.fhirResources + schema: + type: string + - in: query + name: matcher.urisMatcher.uris + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/controls/{controlsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a Control. If the Control to delete does not exist, a NOT_FOUND + error is returned. operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.disableAdvancedSiteSearch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1DisableAdvancedSiteSearchRequest + discoveryengine.projects.locations.collections.dataStores.controls.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -27441,30 +33207,30 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine:recrawlUris: - parameters: *ref_1 - post: - description: Request on-demand recrawl for a list of URIs. - operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.recrawlUris - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1RecrawlUrisRequest + - in: path + name: controlsId + required: true + schema: + type: string + get: + description: Gets a Control. + operationId: discoveryengine.projects.locations.collections.dataStores.controls.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' parameters: - in: path name: projectsId @@ -27486,32 +33252,37 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine:batchVerifyTargetSites: - parameters: *ref_1 - post: + - in: path + name: controlsId + required: true + schema: + type: string + patch: description: >- - Verify target sites' ownership and validity. This API sends all the - target sites under site search engine for verification. - operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.batchVerifyTargetSites + Updates a Control. Control action type cannot be changed. If the Control + to update does not exist, a NOT_FOUND error is returned. + operationId: discoveryengine.projects.locations.collections.dataStores.controls.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1BatchVerifyTargetSitesRequest + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' parameters: - in: path name: projectsId @@ -27533,28 +33304,46 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine:fetchDomainVerificationStatus: + - in: path + name: controlsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/controls: parameters: *ref_1 - get: + post: description: >- - Returns list of target sites with its domain verification status. This - method can only be called under data store with BASIC_SITE_SEARCH state - at the moment. + Creates a Control. By default 1000 controls are allowed for a data + store. A request can be submitted to adjust this limit. If the Control + to create already exists, an ALREADY_EXISTS error is returned. operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.fetchDomainVerificationStatus + discoveryengine.projects.locations.collections.dataStores.controls.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1FetchDomainVerificationStatusResponse + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' parameters: - in: path name: projectsId @@ -27577,34 +33366,29 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: controlId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/operations: - parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.operations.list + description: Lists all Controls by their parent DataStore. + operationId: discoveryengine.projects.locations.collections.dataStores.controls.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListControlsResponse parameters: - in: path name: projectsId @@ -27626,40 +33410,56 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: filter + schema: + type: string - in: query name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/completionConfig:completeQuery: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. + post: + description: Completes the user input with advanced keyword suggestions. operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.operations.get + discoveryengine.projects.locations.collections.dataStores.completionConfig.completeQuery + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud_search.query + Oauth2c: + - https://www.googleapis.com/auth/cloud_search.query + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponse parameters: - in: path name: projectsId @@ -27681,34 +33481,30 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/targetSites: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/operations: parameters: *ref_1 - post: - description: Creates a TargetSite. + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.targetSites.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' + discoveryengine.projects.locations.collections.dataStores.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -27730,23 +33526,47 @@ paths: required: true schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/operations/{operationsId}: + parameters: *ref_1 get: - description: Gets a list of TargetSites. - operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.targetSites.list + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: discoveryengine.projects.locations.collections.dataStores.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListTargetSitesResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -27768,39 +33588,33 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/targetSites:batchCreate: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/conversations/{conversationsId}: parameters: *ref_1 - post: - description: Creates TargetSite in a batch. + get: + description: Gets a Conversation. operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.targetSites.batchCreate - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1BatchCreateTargetSitesRequest + discoveryengine.projects.locations.collections.dataStores.conversations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' parameters: - in: path name: projectsId @@ -27822,24 +33636,33 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/targetSites/{targetSitesId}: - parameters: *ref_1 - get: - description: Gets a TargetSite. + - in: path + name: conversationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a Conversation. If the Conversation to delete does not exist, a + NOT_FOUND error is returned. operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.targetSites.get + discoveryengine.projects.locations.collections.dataStores.conversations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -27862,31 +33685,38 @@ paths: schema: type: string - in: path - name: targetSitesId + name: conversationsId required: true schema: type: string patch: - description: Updates a TargetSite. + description: >- + Updates a Conversation. Conversation action type cannot be changed. If + the Conversation to update does not exist, a NOT_FOUND error is + returned. operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.targetSites.patch + discoveryengine.projects.locations.collections.dataStores.conversations.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' parameters: - in: path name: projectsId @@ -27909,26 +33739,38 @@ paths: schema: type: string - in: path - name: targetSitesId + name: conversationsId required: true schema: type: string - delete: - description: Deletes a TargetSite. + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/conversations: + parameters: *ref_1 + get: + description: Lists all Conversations by their parent DataStore. operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.targetSites.delete + discoveryengine.projects.locations.collections.dataStores.conversations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListConversationsResponse parameters: - in: path name: projectsId @@ -27950,31 +33792,50 @@ paths: required: true schema: type: string - - in: path - name: targetSitesId - required: true + - in: query + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/targetSites/operations: - parameters: *ref_1 - get: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. + Creates a Conversation. If the Conversation to create already exists, an + ALREADY_EXISTS error is returned. operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.targetSites.operations.list + discoveryengine.projects.locations.collections.dataStores.conversations.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' parameters: - in: path name: projectsId @@ -27996,40 +33857,35 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/targetSites/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/conversations/{conversationsId}:converse: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. + post: + description: Converses a conversation. operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.targetSites.operations.get + discoveryengine.projects.locations.collections.dataStores.conversations.converse + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ConverseConversationRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ConverseConversationResponse parameters: - in: path name: projectsId @@ -28052,26 +33908,35 @@ paths: schema: type: string - in: path - name: operationsId + name: conversationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/sitemaps: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/completionSuggestions:purge: parameters: *ref_1 post: - description: Creates a Sitemap. + description: Permanently deletes all CompletionSuggestions for a DataStore. operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.sitemaps.create + discoveryengine.projects.locations.collections.dataStores.completionSuggestions.purge requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Sitemap' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1PurgeCompletionSuggestionsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -28100,17 +33965,31 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/sitemaps/{sitemapsId}: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/completionSuggestions:import: parameters: *ref_1 - delete: - description: Deletes a Sitemap. + post: + description: Imports CompletionSuggestions for a DataStore. operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.sitemaps.delete + discoveryengine.projects.locations.collections.dataStores.completionSuggestions.import + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ImportCompletionSuggestionsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -28139,30 +34018,27 @@ paths: required: true schema: type: string - - in: path - name: sitemapsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine/sitemaps:fetch: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/schemas/{schemasId}: parameters: *ref_1 get: - description: Fetch Sitemaps in a DataStore. - operationId: >- - discoveryengine.projects.locations.collections.dataStores.siteSearchEngine.sitemaps.fetch + description: Gets a Schema. + operationId: discoveryengine.projects.locations.collections.dataStores.schemas.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1FetchSitemapsResponse + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Schema' parameters: - in: path name: projectsId @@ -28184,33 +34060,30 @@ paths: required: true schema: type: string - - in: query - name: matcher.urisMatcher.uris + - in: path + name: schemasId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/userEvents:write: - parameters: *ref_1 - post: - description: Writes a single user event. - operationId: >- - discoveryengine.projects.locations.collections.dataStores.userEvents.write - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserEvent' + delete: + description: Deletes a Schema. + operationId: discoveryengine.projects.locations.collections.dataStores.schemas.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserEvent' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -28232,32 +34105,35 @@ paths: required: true schema: type: string - - in: query - name: writeAsync + - in: path + name: schemasId + required: true schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/userEvents:collect: - parameters: *ref_1 - get: - description: >- - Writes a single user event from the browser. This uses a GET request to - due to browser restriction of POST-ing to a third-party domain. This - method is used only by the Discovery Engine API JavaScript pixel and - Google Tag Manager. Users should not call this method directly. - operationId: >- - discoveryengine.projects.locations.collections.dataStores.userEvents.collect + type: string + patch: + description: Updates a Schema. + operationId: discoveryengine.projects.locations.collections.dataStores.schemas.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Schema' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -28279,47 +34155,37 @@ paths: required: true schema: type: string - - in: query - name: userEvent - schema: - type: string - - in: query - name: uri + - in: path + name: schemasId + required: true schema: type: string - in: query - name: ets + name: allowMissing schema: - type: string - format: int64 - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/userEvents:purge: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/schemas: parameters: *ref_1 - post: - description: >- - Deletes permanently all user events specified by the filter provided. - Depending on the number of events specified by the filter, this - operation could take hours or days to complete. To test a filter, use - the list command first. - operationId: >- - discoveryengine.projects.locations.collections.dataStores.userEvents.purge - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1PurgeUserEventsRequest + get: + description: Gets a list of Schemas. + operationId: discoveryengine.projects.locations.collections.dataStores.schemas.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListSchemasResponse parameters: - in: path name: projectsId @@ -28341,28 +34207,32 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/userEvents:import: - parameters: *ref_1 + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 post: - description: >- - Bulk import of user events. Request processing might be synchronous. - Events that already exist are skipped. Use this method for backfilling - historical user events. Operation.response is of type ImportResponse. - Note that it is possible for a subset of the items to be successfully - inserted. Operation.metadata is of type ImportMetadata. - operationId: >- - discoveryengine.projects.locations.collections.dataStores.userEvents.import + description: Creates a Schema. + operationId: discoveryengine.projects.locations.collections.dataStores.schemas.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ImportUserEventsRequest + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Schema' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -28391,21 +34261,28 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines: + - in: query + name: schemaId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/schemas/{schemasId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Creates a Engine. - operationId: discoveryengine.projects.locations.collections.engines.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Engine' + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.schemas.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -28429,26 +34306,45 @@ paths: required: true schema: type: string - - in: query - name: engineId + - in: path + name: dataStoresId + required: true + schema: + type: string + - in: path + name: schemasId + required: true schema: type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/schemas/{schemasId}/operations: + parameters: *ref_1 get: - description: Lists all the Engines associated with the project. - operationId: discoveryengine.projects.locations.collections.engines.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.schemas.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListEnginesResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -28465,6 +34361,24 @@ paths: required: true schema: type: string + - in: path + name: dataStoresId + required: true + schema: + type: string + - in: path + name: schemasId + required: true + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string - in: query name: pageSize schema: @@ -28474,27 +34388,30 @@ paths: name: pageToken schema: type: string - - in: query - name: filter - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/models/{modelsId}/operations: parameters: *ref_1 - delete: - description: Deletes a Engine. - operationId: discoveryengine.projects.locations.collections.engines.delete + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.models.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -28512,30 +34429,57 @@ paths: schema: type: string - in: path - name: enginesId + name: dataStoresId required: true schema: type: string - patch: - description: Updates an Engine - operationId: discoveryengine.projects.locations.collections.engines.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Engine' + - in: path + name: modelsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/models/{modelsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.models.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Engine' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -28553,30 +34497,52 @@ paths: schema: type: string - in: path - name: enginesId + name: dataStoresId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: modelsId + required: true schema: type: string - format: google-fieldmask - get: - description: Gets a Engine. - operationId: discoveryengine.projects.locations.collections.engines.get + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/suggestionDenyListEntries:import: + parameters: *ref_1 + post: + description: Imports all SuggestionDenyListEntry for a DataStore. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.suggestionDenyListEntries.import + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Engine' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -28594,29 +34560,42 @@ paths: schema: type: string - in: path - name: enginesId + name: dataStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/suggestionDenyListEntries:purge: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: discoveryengine.projects.locations.collections.engines.operations.list + post: + description: Permanently deletes all SuggestionDenyListEntry for a DataStore. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.suggestionDenyListEntries.purge + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1PurgeSuggestionDenyListEntriesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -28634,43 +34613,32 @@ paths: schema: type: string - in: path - name: enginesId + name: dataStoresId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/sessions/{sessionsId}/answers/{answersId}: parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: discoveryengine.projects.locations.collections.engines.operations.get + description: Gets a Answer. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.sessions.answers.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Answer' parameters: - in: path name: projectsId @@ -28688,39 +34656,41 @@ paths: schema: type: string - in: path - name: enginesId + name: dataStoresId required: true schema: type: string - in: path - name: operationsId + name: sessionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/operations/{operationsId}:cancel: + - in: path + name: answersId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/sessions/{sessionsId}: parameters: *ref_1 - post: + delete: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: discoveryengine.projects.locations.collections.engines.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' + Deletes a Session. If the Session to delete does not exist, a NOT_FOUND + error is returned. + operationId: >- + discoveryengine.projects.locations.collections.dataStores.sessions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -28745,39 +34715,38 @@ paths: schema: type: string - in: path - name: enginesId + name: dataStoresId required: true schema: type: string - in: path - name: operationsId + name: sessionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/servingConfigs/{servingConfigsId}:search: - parameters: *ref_1 - post: - description: Performs a search. - operationId: >- - discoveryengine.projects.locations.collections.engines.servingConfigs.search - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SearchRequest' + get: + description: Gets a Session. + operationId: discoveryengine.projects.locations.collections.dataStores.sessions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponse + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' parameters: - in: path name: projectsId @@ -28795,48 +34764,49 @@ paths: schema: type: string - in: path - name: enginesId + name: dataStoresId required: true schema: type: string - in: path - name: servingConfigsId + name: sessionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/servingConfigs/{servingConfigsId}:searchLite: - parameters: *ref_1 - post: + - in: query + name: includeAnswerDetails + schema: + type: boolean + patch: description: >- - Performs a search. Similar to the SearchService.Search method, but a - lite version that allows API key for authentication, where OAuth and IAM - checks are not required. Only public website search is supported by this - method. If data stores and engines not associated with public website - search are specified, a `FAILED_PRECONDITION` error is returned. This - method can be used for easy onboarding without having to implement an - authentication backend. However, it is strongly recommended to use - SearchService.Search instead with required OAuth and IAM checks to - provide better data security. - operationId: >- - discoveryengine.projects.locations.collections.engines.servingConfigs.searchLite + Updates a Session. Session action type cannot be changed. If the Session + to update does not exist, a NOT_FOUND error is returned. + operationId: discoveryengine.projects.locations.collections.dataStores.sessions.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SearchRequest' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponse + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' parameters: - in: path name: projectsId @@ -28854,32 +34824,38 @@ paths: schema: type: string - in: path - name: enginesId + name: dataStoresId required: true schema: type: string - in: path - name: servingConfigsId + name: sessionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/servingConfigs/{servingConfigsId}:answer: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/sessions: parameters: *ref_1 - post: - description: Answer query method. - operationId: >- - discoveryengine.projects.locations.collections.engines.servingConfigs.answer - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequest + get: + description: Lists all Sessions by their parent DataStore. + operationId: discoveryengine.projects.locations.collections.dataStores.sessions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -28887,7 +34863,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryResponse + #/components/schemas/GoogleCloudDiscoveryengineV1ListSessionsResponse parameters: - in: path name: projectsId @@ -28905,42 +34881,58 @@ paths: schema: type: string - in: path - name: enginesId + name: dataStoresId required: true schema: type: string - - in: path - name: servingConfigsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/servingConfigs/{servingConfigsId}:streamAnswer: - parameters: *ref_1 post: description: >- - Answer query method (streaming). It takes one AnswerQueryRequest and - returns multiple AnswerQueryResponse messages in a stream. + Creates a Session. If the Session to create already exists, an + ALREADY_EXISTS error is returned. operationId: >- - discoveryengine.projects.locations.collections.engines.servingConfigs.streamAnswer + discoveryengine.projects.locations.collections.dataStores.sessions.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequest + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryResponse + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' parameters: - in: path name: projectsId @@ -28958,32 +34950,28 @@ paths: schema: type: string - in: path - name: enginesId - required: true - schema: - type: string - - in: path - name: servingConfigsId + name: dataStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/servingConfigs/{servingConfigsId}:recommend: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}:completeQuery: parameters: *ref_1 - post: - description: Makes a recommendation, which requires a contextual user event. - operationId: >- - discoveryengine.projects.locations.collections.engines.servingConfigs.recommend - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1RecommendRequest + get: + description: Completes the specified user input with keyword suggestions. + operationId: discoveryengine.projects.locations.collections.dataStores.completeQuery security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -28991,7 +34979,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1RecommendResponse + #/components/schemas/GoogleCloudDiscoveryengineV1CompleteQueryResponse parameters: - in: path name: projectsId @@ -29009,40 +34997,54 @@ paths: schema: type: string - in: path - name: enginesId + name: dataStoresId required: true schema: type: string - - in: path - name: servingConfigsId - required: true + - in: query + name: query schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/servingConfigs/{servingConfigsId}: + - in: query + name: userPseudoId + schema: + type: string + - in: query + name: queryModel + schema: + type: string + - in: query + name: includeTailSuggestions + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}:trainCustomModel: parameters: *ref_1 - patch: - description: >- - Updates a ServingConfig. Returns a NOT_FOUND error if the ServingConfig - does not exist. + post: + description: Trains a custom model. operationId: >- - discoveryengine.projects.locations.collections.engines.servingConfigs.patch + discoveryengine.projects.locations.collections.dataStores.trainCustomModel requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ServingConfig' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1TrainCustomModelRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ServingConfig' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -29060,37 +35062,25 @@ paths: schema: type: string - in: path - name: enginesId - required: true - schema: - type: string - - in: path - name: servingConfigsId + name: dataStoresId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/assistants/{assistantsId}:streamAssist: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}/siteSearchEngine: parameters: *ref_1 - post: - description: Assists the user with a query in a streaming fashion. + get: + description: Gets the SiteSearchEngine. operationId: >- - discoveryengine.projects.locations.collections.engines.assistants.streamAssist - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1StreamAssistRequest + discoveryengine.projects.locations.collections.dataStores.getSiteSearchEngine security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -29098,7 +35088,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1StreamAssistResponse + #/components/schemas/GoogleCloudDiscoveryengineV1SiteSearchEngine parameters: - in: path name: projectsId @@ -29116,37 +35106,31 @@ paths: schema: type: string - in: path - name: enginesId - required: true - schema: - type: string - - in: path - name: assistantsId + name: dataStoresId required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/assistants/{assistantsId}: - parameters: *ref_1 - patch: - description: Updates an Assistant - operationId: discoveryengine.projects.locations.collections.engines.assistants.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Assistant' + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores/{dataStoresId}: + parameters: *ref_1 + delete: + description: Deletes a DataStore. + operationId: discoveryengine.projects.locations.collections.dataStores.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Assistant' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -29164,35 +35148,29 @@ paths: schema: type: string - in: path - name: enginesId - required: true - schema: - type: string - - in: path - name: assistantsId + name: dataStoresId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask get: - description: Gets an Assistant. - operationId: discoveryengine.projects.locations.collections.engines.assistants.get + description: Gets a DataStore. + operationId: discoveryengine.projects.locations.collections.dataStores.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Assistant' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' parameters: - in: path name: projectsId @@ -29210,44 +35188,34 @@ paths: schema: type: string - in: path - name: enginesId - required: true - schema: - type: string - - in: path - name: assistantsId + name: dataStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/completionConfig:completeQuery: - parameters: *ref_1 - post: - description: Completes the user input with advanced keyword suggestions. - operationId: >- - discoveryengine.projects.locations.collections.engines.completionConfig.completeQuery + patch: + description: Updates a DataStore + operationId: discoveryengine.projects.locations.collections.dataStores.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequest + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/cloud_search.query + - https://www.googleapis.com/auth/discoveryengine.readwrite Oauth2c: - - https://www.googleapis.com/auth/cloud_search.query + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponse + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' parameters: - in: path name: projectsId @@ -29265,35 +35233,37 @@ paths: schema: type: string - in: path - name: enginesId + name: dataStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/controls: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataStores: parameters: *ref_1 - post: - description: >- - Creates a Control. By default 1000 controls are allowed for a data - store. A request can be submitted to adjust this limit. If the Control - to create already exists, an ALREADY_EXISTS error is returned. - operationId: discoveryengine.projects.locations.collections.engines.controls.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' + get: + description: Lists all the DataStores associated with the project. + operationId: discoveryengine.projects.locations.collections.dataStores.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListDataStoresResponse parameters: - in: path name: projectsId @@ -29310,31 +35280,46 @@ paths: required: true schema: type: string - - in: path - name: enginesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - in: query - name: controlId + name: pageToken schema: type: string - get: - description: Lists all Controls by their parent DataStore. - operationId: discoveryengine.projects.locations.collections.engines.controls.list + post: + description: >- + Creates a DataStore. DataStore is for storing Documents. To serve these + documents for Search, or Recommendation use case, an Engine needs to be + created separately. + operationId: discoveryengine.projects.locations.collections.dataStores.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListControlsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -29351,43 +35336,47 @@ paths: required: true schema: type: string - - in: path - name: enginesId - required: true + - in: query + name: skipDefaultSchemaCreation + schema: + type: boolean + - in: query + name: cmekConfigName schema: type: string - in: query - name: pageSize + name: disableCmek schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: createAdvancedSiteSearch schema: - type: string + type: boolean - in: query - name: filter + name: dataStoreId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/controls/{controlsId}: + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}: parameters: *ref_1 delete: - description: >- - Deletes a Control. If the Control to delete does not exist, a NOT_FOUND - error is returned. - operationId: discoveryengine.projects.locations.collections.engines.controls.delete + description: Deletes a Collection. + operationId: discoveryengine.projects.locations.collections.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -29404,38 +35393,36 @@ paths: required: true schema: type: string - - in: path - name: enginesId - required: true - schema: - type: string - - in: path - name: controlsId - required: true - schema: - type: string + /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/dataConnector: + parameters: *ref_1 patch: - description: >- - Updates a Control. Control action type cannot be changed. If the Control - to update does not exist, a NOT_FOUND error is returned. - operationId: discoveryengine.projects.locations.collections.engines.controls.patch + description: Updates a DataConnector. + operationId: discoveryengine.projects.locations.collections.updateDataConnector requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataConnector' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataConnector' parameters: - in: path name: projectsId @@ -29452,36 +35439,36 @@ paths: required: true schema: type: string - - in: path - name: enginesId - required: true - schema: - type: string - - in: path - name: controlsId - required: true - schema: - type: string - in: query name: updateMask schema: type: string format: google-fieldmask get: - description: Gets a Control. - operationId: discoveryengine.projects.locations.collections.engines.controls.get + description: >- + Gets the DataConnector. DataConnector is a singleton resource for each + Collection. + operationId: discoveryengine.projects.locations.collections.getDataConnector security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataConnector' parameters: - in: path name: projectsId @@ -29498,41 +35485,35 @@ paths: required: true schema: type: string - - in: path - name: enginesId - required: true - schema: - type: string - - in: path - name: controlsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/conversations/{conversationsId}:converse: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores: parameters: *ref_1 post: - description: Converses a conversation. - operationId: >- - discoveryengine.projects.locations.collections.engines.conversations.converse + description: >- + Creates a DataStore. DataStore is for storing Documents. To serve these + documents for Search, or Recommendation use case, an Engine needs to be + created separately. + operationId: discoveryengine.projects.locations.dataStores.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ConverseConversationRequest + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ConverseConversationResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -29544,46 +35525,46 @@ paths: required: true schema: type: string - - in: path - name: collectionsId - required: true + - in: query + name: skipDefaultSchemaCreation schema: - type: string - - in: path - name: enginesId - required: true + type: boolean + - in: query + name: createAdvancedSiteSearch + schema: + type: boolean + - in: query + name: dataStoreId schema: type: string - - in: path - name: conversationsId - required: true + - in: query + name: disableCmek + schema: + type: boolean + - in: query + name: cmekConfigName schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/conversations: - parameters: *ref_1 - post: - description: >- - Creates a Conversation. If the Conversation to create already exists, an - ALREADY_EXISTS error is returned. - operationId: >- - discoveryengine.projects.locations.collections.engines.conversations.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + get: + description: Lists all the DataStores associated with the project. + operationId: discoveryengine.projects.locations.dataStores.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListDataStoresResponse parameters: - in: path name: projectsId @@ -29595,25 +35576,37 @@ paths: required: true schema: type: string - - in: path - name: collectionsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - - in: path - name: enginesId - required: true + - in: query + name: filter schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}:completeQuery: + parameters: *ref_1 get: - description: Lists all Conversations by their parent DataStore. - operationId: >- - discoveryengine.projects.locations.collections.engines.conversations.list + description: Completes the specified user input with keyword suggestions. + operationId: discoveryengine.projects.locations.dataStores.completeQuery security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -29621,7 +35614,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListConversationsResponse + #/components/schemas/GoogleCloudDiscoveryengineV1CompleteQueryResponse parameters: - in: path name: projectsId @@ -29634,52 +35627,47 @@ paths: schema: type: string - in: path - name: collectionsId - required: true - schema: - type: string - - in: path - name: enginesId + name: dataStoresId required: true schema: type: string - in: query - name: pageSize + name: userPseudoId schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: query schema: type: string - in: query - name: filter + name: includeTailSuggestions schema: - type: string + type: boolean - in: query - name: orderBy + name: queryModel schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/conversations/{conversationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}: parameters: *ref_1 delete: - description: >- - Deletes a Conversation. If the Conversation to delete does not exist, a - NOT_FOUND error is returned. - operationId: >- - discoveryengine.projects.locations.collections.engines.conversations.delete + description: Deletes a DataStore. + operationId: discoveryengine.projects.locations.dataStores.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -29692,44 +35680,34 @@ paths: schema: type: string - in: path - name: collectionsId - required: true - schema: - type: string - - in: path - name: enginesId - required: true - schema: - type: string - - in: path - name: conversationsId + name: dataStoresId required: true schema: type: string patch: - description: >- - Updates a Conversation. Conversation action type cannot be changed. If - the Conversation to update does not exist, a NOT_FOUND error is - returned. - operationId: >- - discoveryengine.projects.locations.collections.engines.conversations.patch + description: Updates a DataStore + operationId: discoveryengine.projects.locations.dataStores.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' parameters: - in: path name: projectsId @@ -29742,17 +35720,7 @@ paths: schema: type: string - in: path - name: collectionsId - required: true - schema: - type: string - - in: path - name: enginesId - required: true - schema: - type: string - - in: path - name: conversationsId + name: dataStoresId required: true schema: type: string @@ -29762,20 +35730,24 @@ paths: type: string format: google-fieldmask get: - description: Gets a Conversation. - operationId: discoveryengine.projects.locations.collections.engines.conversations.get + description: Gets a DataStore. + operationId: discoveryengine.projects.locations.dataStores.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' parameters: - in: path name: projectsId @@ -29788,44 +35760,76 @@ paths: schema: type: string - in: path - name: collectionsId + name: dataStoresId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine: + parameters: *ref_1 + get: + description: Gets the SiteSearchEngine. + operationId: discoveryengine.projects.locations.dataStores.getSiteSearchEngine + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SiteSearchEngine + parameters: + - in: path + name: projectsId required: true schema: type: string - in: path - name: enginesId + name: locationsId required: true schema: type: string - in: path - name: conversationsId + name: dataStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/sessions: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/conversations: parameters: *ref_1 post: description: >- - Creates a Session. If the Session to create already exists, an + Creates a Conversation. If the Conversation to create already exists, an ALREADY_EXISTS error is returned. - operationId: discoveryengine.projects.locations.collections.engines.sessions.create + operationId: discoveryengine.projects.locations.dataStores.conversations.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' parameters: - in: path name: projectsId @@ -29838,23 +35842,22 @@ paths: schema: type: string - in: path - name: collectionsId - required: true - schema: - type: string - - in: path - name: enginesId + name: dataStoresId required: true schema: type: string get: - description: Lists all Sessions by their parent DataStore. - operationId: discoveryengine.projects.locations.collections.engines.sessions.list + description: Lists all Conversations by their parent DataStore. + operationId: discoveryengine.projects.locations.dataStores.conversations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -29862,7 +35865,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListSessionsResponse + #/components/schemas/GoogleCloudDiscoveryengineV1ListConversationsResponse parameters: - in: path name: projectsId @@ -29875,12 +35878,7 @@ paths: schema: type: string - in: path - name: collectionsId - required: true - schema: - type: string - - in: path - name: enginesId + name: dataStoresId required: true schema: type: string @@ -29890,36 +35888,128 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query - name: filter + name: pageToken schema: type: string - in: query name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/sessions/{sessionsId}: - parameters: *ref_1 - delete: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/conversations/{conversationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a Conversation. If the Conversation to delete does not exist, a + NOT_FOUND error is returned. + operationId: discoveryengine.projects.locations.dataStores.conversations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: dataStoresId + required: true + schema: + type: string + - in: path + name: conversationsId + required: true + schema: + type: string + get: + description: Gets a Conversation. + operationId: discoveryengine.projects.locations.dataStores.conversations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: dataStoresId + required: true + schema: + type: string + - in: path + name: conversationsId + required: true + schema: + type: string + patch: description: >- - Deletes a Session. If the Session to delete does not exist, a NOT_FOUND - error is returned. - operationId: discoveryengine.projects.locations.collections.engines.sessions.delete + Updates a Conversation. Conversation action type cannot be changed. If + the Conversation to update does not exist, a NOT_FOUND error is + returned. + operationId: discoveryengine.projects.locations.dataStores.conversations.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' parameters: - in: path name: projectsId @@ -29932,42 +36022,48 @@ paths: schema: type: string - in: path - name: collectionsId + name: dataStoresId required: true schema: type: string - in: path - name: enginesId + name: conversationsId required: true schema: type: string - - in: path - name: sessionsId - required: true + - in: query + name: updateMask schema: type: string - patch: - description: >- - Updates a Session. Session action type cannot be changed. If the Session - to update does not exist, a NOT_FOUND error is returned. - operationId: discoveryengine.projects.locations.collections.engines.sessions.patch + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/conversations/{conversationsId}:converse: + parameters: *ref_1 + post: + description: Converses a conversation. + operationId: discoveryengine.projects.locations.dataStores.conversations.converse requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ConverseConversationRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ConverseConversationResponse parameters: - in: path name: projectsId @@ -29980,40 +36076,40 @@ paths: schema: type: string - in: path - name: collectionsId - required: true - schema: - type: string - - in: path - name: enginesId + name: dataStoresId required: true schema: type: string - in: path - name: sessionsId + name: conversationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/widgetConfigs/{widgetConfigsId}: + parameters: *ref_1 get: - description: Gets a Session. - operationId: discoveryengine.projects.locations.collections.engines.sessions.get + description: Gets a WidgetConfig. + operationId: discoveryengine.projects.locations.dataStores.widgetConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfig' parameters: - in: path name: projectsId @@ -30026,42 +36122,51 @@ paths: schema: type: string - in: path - name: collectionsId + name: dataStoresId required: true schema: type: string - in: path - name: enginesId + name: widgetConfigsId required: true schema: type: string - - in: path - name: sessionsId - required: true + - in: query + name: acceptCache schema: - type: string + type: boolean - in: query - name: includeAnswerDetails + name: getWidgetConfigRequestOption.turnOffCollectionComponents schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/collections/{collectionsId}/engines/{enginesId}/sessions/{sessionsId}/answers/{answersId}: - parameters: *ref_1 - get: - description: Gets a Answer. - operationId: >- - discoveryengine.projects.locations.collections.engines.sessions.answers.get + patch: + description: Update a WidgetConfig. + operationId: discoveryengine.projects.locations.dataStores.widgetConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Answer' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1WidgetConfig' parameters: - in: path name: projectsId @@ -30074,44 +36179,42 @@ paths: schema: type: string - in: path - name: collectionsId - required: true - schema: - type: string - - in: path - name: enginesId + name: dataStoresId required: true schema: type: string - in: path - name: sessionsId + name: widgetConfigsId required: true schema: type: string - - in: path - name: answersId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/servingConfigs: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: discoveryengine.projects.locations.operations.list + description: Lists all ServingConfigs linked to this dataStore. + operationId: discoveryengine.projects.locations.dataStores.servingConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListServingConfigsResponse parameters: - in: path name: projectsId @@ -30123,8 +36226,9 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: dataStoresId + required: true schema: type: string - in: query @@ -30136,26 +36240,37 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:search: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: discoveryengine.projects.locations.operations.get + post: + description: Performs a search. + operationId: discoveryengine.projects.locations.dataStores.servingConfigs.search + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SearchRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponse parameters: - in: path name: projectsId @@ -30168,30 +36283,38 @@ paths: schema: type: string - in: path - name: operationsId + name: dataStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/podcasts/{podcastsId}/operations/{operationsId}: + - in: path + name: servingConfigsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}: parameters: *ref_1 - get: + delete: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: discoveryengine.projects.locations.podcasts.operations.get + Deletes a ServingConfig. Returns a NOT_FOUND error if the ServingConfig + does not exist. + operationId: discoveryengine.projects.locations.dataStores.servingConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -30204,41 +36327,41 @@ paths: schema: type: string - in: path - name: podcastsId + name: dataStoresId required: true schema: type: string - in: path - name: operationsId + name: servingConfigsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/cmekConfigs/{cmekConfigsId}: - parameters: *ref_1 patch: description: >- - Provisions a CMEK key for use in a location of a customer's project. - This method will also conduct location validation on the provided - cmekConfig to make sure the key is valid and can be used in the selected - location. - operationId: discoveryengine.projects.locations.cmekConfigs.patch + Updates a ServingConfig. Returns a NOT_FOUND error if the ServingConfig + does not exist. + operationId: discoveryengine.projects.locations.dataStores.servingConfigs.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CmekConfig' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ServingConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ServingConfig' parameters: - in: path name: projectsId @@ -30251,29 +36374,41 @@ paths: schema: type: string - in: path - name: cmekConfigsId + name: dataStoresId + required: true + schema: + type: string + - in: path + name: servingConfigsId required: true schema: type: string - in: query - name: setDefault + name: updateMask schema: - type: boolean + type: string + format: google-fieldmask get: - description: Gets the CmekConfig. - operationId: discoveryengine.projects.locations.cmekConfigs.get + description: >- + Gets a ServingConfig. Returns a NotFound error if the ServingConfig does + not exist. + operationId: discoveryengine.projects.locations.dataStores.servingConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CmekConfig' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ServingConfig' parameters: - in: path name: projectsId @@ -30286,25 +36421,43 @@ paths: schema: type: string - in: path - name: cmekConfigsId + name: dataStoresId required: true schema: type: string - delete: - description: De-provisions a CmekConfig. - operationId: discoveryengine.projects.locations.cmekConfigs.delete + - in: path + name: servingConfigsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:recommend: + parameters: *ref_1 + post: + description: Makes a recommendation, which requires a contextual user event. + operationId: discoveryengine.projects.locations.dataStores.servingConfigs.recommend + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1RecommendRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1RecommendResponse parameters: - in: path name: projectsId @@ -30317,20 +36470,38 @@ paths: schema: type: string - in: path - name: cmekConfigsId + name: dataStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/cmekConfigs: + - in: path + name: servingConfigsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:streamAnswer: parameters: *ref_1 - get: - description: Lists all the CmekConfigs with the project. - operationId: discoveryengine.projects.locations.cmekConfigs.list + post: + description: >- + Answer query method (streaming). It takes one AnswerQueryRequest and + returns multiple AnswerQueryResponse messages in a stream. + operationId: >- + discoveryengine.projects.locations.dataStores.servingConfigs.streamAnswer + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -30338,7 +36509,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListCmekConfigsResponse + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryResponse parameters: - in: path name: projectsId @@ -30350,16 +36521,36 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}:completeQuery: + - in: path + name: dataStoresId + required: true + schema: + type: string + - in: path + name: servingConfigsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:answer: parameters: *ref_1 - get: - description: Completes the specified user input with keyword suggestions. - operationId: discoveryengine.projects.locations.dataStores.completeQuery + post: + description: Answer query method. + operationId: discoveryengine.projects.locations.dataStores.servingConfigs.answer + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -30367,7 +36558,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1CompleteQueryResponse + #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryResponse parameters: - in: path name: projectsId @@ -30384,47 +36575,51 @@ paths: required: true schema: type: string - - in: query - name: query - schema: - type: string - - in: query - name: queryModel - schema: - type: string - - in: query - name: userPseudoId + - in: path + name: servingConfigsId + required: true schema: type: string - - in: query - name: includeTailSuggestions - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/dataStores: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:searchLite: parameters: *ref_1 post: description: >- - Creates a DataStore. DataStore is for storing Documents. To serve these - documents for Search, or Recommendation use case, an Engine needs to be - created separately. - operationId: discoveryengine.projects.locations.dataStores.create + Performs a search. Similar to the SearchService.Search method, but a + lite version that allows API key for authentication, where OAuth and IAM + checks are not required. Only public website search is supported by this + method. If data stores and engines not associated with public website + search are specified, a `FAILED_PRECONDITION` error is returned. This + method can be used for easy onboarding without having to implement an + authentication backend. However, it is strongly recommended to use + SearchService.Search instead with required OAuth and IAM checks to + provide better data security. + operationId: discoveryengine.projects.locations.dataStores.servingConfigs.searchLite requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SearchRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponse parameters: - in: path name: projectsId @@ -30436,42 +36631,39 @@ paths: required: true schema: type: string - - in: query - name: cmekConfigName + - in: path + name: dataStoresId + required: true schema: type: string - - in: query - name: disableCmek - schema: - type: boolean - - in: query - name: dataStoreId + - in: path + name: servingConfigsId + required: true schema: type: string - - in: query - name: createAdvancedSiteSearch - schema: - type: boolean - - in: query - name: skipDefaultSchemaCreation - schema: - type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/models/{modelsId}/operations: + parameters: *ref_1 get: - description: Lists all the DataStores associated with the project. - operationId: discoveryengine.projects.locations.dataStores.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: discoveryengine.projects.locations.dataStores.models.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListDataStoresResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -30483,36 +36675,57 @@ paths: required: true schema: type: string + - in: path + name: dataStoresId + required: true + schema: + type: string + - in: path + name: modelsId + required: true + schema: + type: string - in: query - name: pageSize + name: returnPartialSuccess schema: - type: integer - format: int32 + type: boolean - in: query name: pageToken schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 - in: query name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/models/{modelsId}/operations/{operationsId}: parameters: *ref_1 get: - description: Gets a DataStore. - operationId: discoveryengine.projects.locations.dataStores.get + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: discoveryengine.projects.locations.dataStores.models.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -30529,96 +36742,51 @@ paths: required: true schema: type: string - delete: - description: Deletes a DataStore. - operationId: discoveryengine.projects.locations.dataStores.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - in: path - name: locationsId + name: modelsId required: true schema: type: string - in: path - name: dataStoresId + name: operationsId required: true schema: type: string - patch: - description: Updates a DataStore - operationId: discoveryengine.projects.locations.dataStores.patch + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/userEvents:purge: + parameters: *ref_1 + post: + description: >- + Deletes permanently all user events specified by the filter provided. + Depending on the number of events specified by the filter, this + operation could take hours or days to complete. To test a filter, use + the list command first. + operationId: discoveryengine.projects.locations.dataStores.userEvents.purge requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1PurgeUserEventsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1DataStore' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: dataStoresId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine: - parameters: *ref_1 - get: - description: Gets the SiteSearchEngine. - operationId: discoveryengine.projects.locations.dataStores.getSiteSearchEngine - security: - Oauth2: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SiteSearchEngine + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -30635,25 +36803,35 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/models/{modelsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/userEvents:collect: parameters: *ref_1 get: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: discoveryengine.projects.locations.dataStores.models.operations.list + Writes a single user event from the browser. This uses a GET request to + due to browser restriction of POST-ing to a third-party domain. This + method is used only by the Discovery Engine API JavaScript pixel and + Google Tag Manager. Users should not call this method directly. + operationId: discoveryengine.projects.locations.dataStores.userEvents.collect security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: projectsId @@ -30670,37 +36848,48 @@ paths: required: true schema: type: string - - in: path - name: modelsId - required: true - schema: - type: string - in: query - name: filter + name: userEvent schema: type: string - in: query - name: pageSize + name: ets schema: - type: integer - format: int32 + type: string + format: int64 - in: query - name: pageToken + name: uri schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/models/{modelsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/userEvents:import: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: discoveryengine.projects.locations.dataStores.models.operations.get + Bulk import of user events. Request processing might be synchronous. + Events that already exist are skipped. Use this method for backfilling + historical user events. Operation.response is of type ImportResponse. + Note that it is possible for a subset of the items to be successfully + inserted. Operation.metadata is of type ImportMetadata. + operationId: discoveryengine.projects.locations.dataStores.userEvents.import + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ImportUserEventsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -30724,35 +36913,36 @@ paths: required: true schema: type: string - - in: path - name: modelsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/userEvents:write: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: discoveryengine.projects.locations.dataStores.operations.list + post: + description: Writes a single user event. + operationId: discoveryengine.projects.locations.dataStores.userEvents.write + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserEvent' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserEvent' parameters: - in: path name: projectsId @@ -30770,18 +36960,9 @@ paths: schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: writeAsync schema: - type: string + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/operations/{operationsId}: parameters: *ref_1 get: @@ -30795,6 +36976,10 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -30823,29 +37008,29 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:search: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/operations: parameters: *ref_1 - post: - description: Performs a search. - operationId: discoveryengine.projects.locations.dataStores.servingConfigs.search - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SearchRequest' + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: discoveryengine.projects.locations.dataStores.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -30862,43 +37047,55 @@ paths: required: true schema: type: string - - in: path - name: servingConfigsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:searchLite: + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/suggestionDenyListEntries:purge: parameters: *ref_1 post: - description: >- - Performs a search. Similar to the SearchService.Search method, but a - lite version that allows API key for authentication, where OAuth and IAM - checks are not required. Only public website search is supported by this - method. If data stores and engines not associated with public website - search are specified, a `FAILED_PRECONDITION` error is returned. This - method can be used for easy onboarding without having to implement an - authentication backend. However, it is strongly recommended to use - SearchService.Search instead with required OAuth and IAM checks to - provide better data security. - operationId: discoveryengine.projects.locations.dataStores.servingConfigs.searchLite + description: Permanently deletes all SuggestionDenyListEntry for a DataStore. + operationId: >- + discoveryengine.projects.locations.dataStores.suggestionDenyListEntries.purge requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1SearchRequest' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1PurgeSuggestionDenyListEntriesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1SearchResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -30915,35 +37112,38 @@ paths: required: true schema: type: string - - in: path - name: servingConfigsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:answer: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/suggestionDenyListEntries:import: parameters: *ref_1 post: - description: Answer query method. - operationId: discoveryengine.projects.locations.dataStores.servingConfigs.answer + description: Imports all SuggestionDenyListEntry for a DataStore. + operationId: >- + discoveryengine.projects.locations.dataStores.suggestionDenyListEntries.import requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequest + #/components/schemas/GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -30960,38 +37160,27 @@ paths: required: true schema: type: string - - in: path - name: servingConfigsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:streamAnswer: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/schemas/{schemasId}: parameters: *ref_1 - post: - description: >- - Answer query method (streaming). It takes one AnswerQueryRequest and - returns multiple AnswerQueryResponse messages in a stream. - operationId: >- - discoveryengine.projects.locations.dataStores.servingConfigs.streamAnswer - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryRequest + get: + description: Gets a Schema. + operationId: discoveryengine.projects.locations.dataStores.schemas.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AnswerQueryResponse + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Schema' parameters: - in: path name: projectsId @@ -31009,34 +37198,29 @@ paths: schema: type: string - in: path - name: servingConfigsId + name: schemasId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}:recommend: - parameters: *ref_1 - post: - description: Makes a recommendation, which requires a contextual user event. - operationId: discoveryengine.projects.locations.dataStores.servingConfigs.recommend - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1RecommendRequest + delete: + description: Deletes a Schema. + operationId: discoveryengine.projects.locations.dataStores.schemas.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1RecommendResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -31054,34 +37238,34 @@ paths: schema: type: string - in: path - name: servingConfigsId + name: schemasId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/servingConfigs/{servingConfigsId}: - parameters: *ref_1 patch: - description: >- - Updates a ServingConfig. Returns a NOT_FOUND error if the ServingConfig - does not exist. - operationId: discoveryengine.projects.locations.dataStores.servingConfigs.patch + description: Updates a Schema. + operationId: discoveryengine.projects.locations.dataStores.schemas.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ServingConfig' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Schema' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1ServingConfig' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -31099,36 +37283,28 @@ paths: schema: type: string - in: path - name: servingConfigsId + name: schemasId required: true schema: type: string - in: query - name: updateMask + name: allowMissing schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/completionConfig:completeQuery: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/schemas: parameters: *ref_1 - post: - description: Completes the user input with advanced keyword suggestions. - operationId: >- - discoveryengine.projects.locations.dataStores.completionConfig.completeQuery - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequest + get: + description: Gets a list of Schemas. + operationId: discoveryengine.projects.locations.dataStores.schemas.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/cloud_search.query + - https://www.googleapis.com/auth/discoveryengine.readwrite Oauth2c: - - https://www.googleapis.com/auth/cloud_search.query + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -31136,7 +37312,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponse + #/components/schemas/GoogleCloudDiscoveryengineV1ListSchemasResponse parameters: - in: path name: projectsId @@ -31153,63 +37329,32 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/suggestionDenyListEntries:import: - parameters: *ref_1 - post: - description: Imports all SuggestionDenyListEntry for a DataStore. - operationId: >- - discoveryengine.projects.locations.dataStores.suggestionDenyListEntries.import - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ImportSuggestionDenyListEntriesRequest - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: dataStoresId - required: true + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/suggestionDenyListEntries:purge: - parameters: *ref_1 post: - description: Permanently deletes all SuggestionDenyListEntry for a DataStore. - operationId: >- - discoveryengine.projects.locations.dataStores.suggestionDenyListEntries.purge + description: Creates a Schema. + operationId: discoveryengine.projects.locations.dataStores.schemas.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1PurgeSuggestionDenyListEntriesRequest + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Schema' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -31233,6 +37378,10 @@ paths: required: true schema: type: string + - in: query + name: schemaId + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/completionSuggestions:import: parameters: *ref_1 post: @@ -31250,6 +37399,14 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -31290,6 +37447,14 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -31331,6 +37496,10 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -31366,6 +37535,10 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -31396,53 +37569,15 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query - name: filter + name: pageToken schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/controls/{controlsId}: parameters: *ref_1 - delete: - description: >- - Deletes a Control. If the Control to delete does not exist, a NOT_FOUND - error is returned. - operationId: discoveryengine.projects.locations.dataStores.controls.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: dataStoresId - required: true - schema: - type: string - - in: path - name: controlsId - required: true - schema: - type: string patch: description: >- Updates a Control. Control action type cannot be changed. If the Control @@ -31458,6 +37593,10 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -31491,21 +37630,27 @@ paths: schema: type: string format: google-fieldmask - get: - description: Gets a Control. - operationId: discoveryengine.projects.locations.dataStores.controls.get + delete: + description: >- + Deletes a Control. If the Control to delete does not exist, a NOT_FOUND + error is returned. + operationId: discoveryengine.projects.locations.dataStores.controls.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -31527,30 +37672,25 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/conversations/{conversationsId}:converse: - parameters: *ref_1 - post: - description: Converses a conversation. - operationId: discoveryengine.projects.locations.dataStores.conversations.converse - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ConverseConversationRequest + get: + description: Gets a Control. + operationId: discoveryengine.projects.locations.dataStores.controls.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ConverseConversationResponse + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Control' parameters: - in: path name: projectsId @@ -31568,118 +37708,47 @@ paths: schema: type: string - in: path - name: conversationsId + name: controlsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/conversations: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/completionConfig:completeQuery: parameters: *ref_1 post: - description: >- - Creates a Conversation. If the Conversation to create already exists, an - ALREADY_EXISTS error is returned. - operationId: discoveryengine.projects.locations.dataStores.conversations.create + description: Completes the user input with advanced keyword suggestions. + operationId: >- + discoveryengine.projects.locations.dataStores.completionConfig.completeQuery requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: dataStoresId - required: true - schema: - type: string - get: - description: Lists all Conversations by their parent DataStore. - operationId: discoveryengine.projects.locations.dataStores.conversations.list - security: - Oauth2: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/cloud_search.query Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListConversationsResponse - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: dataStoresId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/conversations/{conversationsId}: - parameters: *ref_1 - delete: - description: >- - Deletes a Conversation. If the Conversation to delete does not exist, a - NOT_FOUND error is returned. - operationId: discoveryengine.projects.locations.dataStores.conversations.delete - security: + - https://www.googleapis.com/auth/cloud_search.query - Oauth2: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1AdvancedCompleteQueryResponse parameters: - in: path name: projectsId @@ -31696,34 +37765,33 @@ paths: required: true schema: type: string - - in: path - name: conversationsId - required: true - schema: - type: string - patch: - description: >- - Updates a Conversation. Conversation action type cannot be changed. If - the Conversation to update does not exist, a NOT_FOUND error is - returned. - operationId: discoveryengine.projects.locations.dataStores.conversations.patch + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine/sitemaps: + parameters: *ref_1 + post: + description: Creates a Sitemap. + operationId: >- + discoveryengine.projects.locations.dataStores.siteSearchEngine.sitemaps.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Sitemap' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -31740,31 +37808,28 @@ paths: required: true schema: type: string - - in: path - name: conversationsId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - get: - description: Gets a Conversation. - operationId: discoveryengine.projects.locations.dataStores.conversations.get + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine/sitemaps/{sitemapsId}: + parameters: *ref_1 + delete: + description: Deletes a Sitemap. + operationId: >- + discoveryengine.projects.locations.dataStores.siteSearchEngine.sitemaps.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Conversation' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -31782,23 +37847,25 @@ paths: schema: type: string - in: path - name: conversationsId + name: sitemapsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/branches/{branchesId}/batchGetDocumentsMetadata: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine/sitemaps:fetch: parameters: *ref_1 get: - description: >- - Gets index freshness metadata for Documents. Supported for website - search only. + description: Fetch Sitemaps in a DataStore. operationId: >- - discoveryengine.projects.locations.dataStores.branches.batchGetDocumentsMetadata + discoveryengine.projects.locations.dataStores.siteSearchEngine.sitemaps.fetch security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -31806,7 +37873,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponse + #/components/schemas/GoogleCloudDiscoveryengineV1FetchSitemapsResponse parameters: - in: path name: projectsId @@ -31823,38 +37890,32 @@ paths: required: true schema: type: string - - in: path - name: branchesId - required: true - schema: - type: string - in: query name: matcher.urisMatcher.uris schema: type: string - - in: query - name: matcher.fhirMatcher.fhirResources - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/branches/{branchesId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine/targetSites/{targetSitesId}: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: discoveryengine.projects.locations.dataStores.branches.operations.list + delete: + description: Deletes a TargetSite. + operationId: >- + discoveryengine.projects.locations.dataStores.siteSearchEngine.targetSites.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -31872,43 +37933,30 @@ paths: schema: type: string - in: path - name: branchesId + name: targetSitesId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/branches/{branchesId}/operations/{operationsId}: - parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: discoveryengine.projects.locations.dataStores.branches.operations.get + description: Gets a TargetSite. + operationId: >- + discoveryengine.projects.locations.dataStores.siteSearchEngine.targetSites.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' parameters: - in: path name: projectsId @@ -31926,46 +37974,35 @@ paths: schema: type: string - in: path - name: branchesId - required: true - schema: - type: string - - in: path - name: operationsId + name: targetSitesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/branches/{branchesId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: discoveryengine.projects.locations.dataStores.branches.operations.cancel + patch: + description: Updates a TargetSite. + operationId: >- + discoveryengine.projects.locations.dataStores.siteSearchEngine.targetSites.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -31983,32 +38020,33 @@ paths: schema: type: string - in: path - name: branchesId - required: true - schema: - type: string - - in: path - name: operationsId + name: targetSitesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/branches/{branchesId}/documents/{documentsId}: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine/targetSites: parameters: *ref_1 get: - description: Gets a Document. - operationId: discoveryengine.projects.locations.dataStores.branches.documents.get + description: Gets a list of TargetSites. + operationId: >- + discoveryengine.projects.locations.dataStores.siteSearchEngine.targetSites.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListTargetSitesResponse parameters: - in: path name: projectsId @@ -32025,36 +38063,40 @@ paths: required: true schema: type: string - - in: path - name: branchesId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: documentsId - required: true + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - patch: - description: Updates a Document. - operationId: discoveryengine.projects.locations.dataStores.branches.documents.patch + post: + description: Creates a TargetSite. + operationId: >- + discoveryengine.projects.locations.dataStores.siteSearchEngine.targetSites.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -32071,40 +38113,34 @@ paths: required: true schema: type: string - - in: path - name: branchesId - required: true - schema: - type: string - - in: path - name: documentsId - required: true - schema: - type: string - - in: query - name: allowMissing - schema: - type: boolean - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a Document. - operationId: discoveryengine.projects.locations.dataStores.branches.documents.delete + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine/targetSites:batchCreate: + parameters: *ref_1 + post: + description: Creates TargetSite in a batch. + operationId: >- + discoveryengine.projects.locations.dataStores.siteSearchEngine.targetSites.batchCreate + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1BatchCreateTargetSitesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -32121,34 +38157,34 @@ paths: required: true schema: type: string - - in: path - name: branchesId - required: true - schema: - type: string - - in: path - name: documentsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/branches/{branchesId}/documents: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine:disableAdvancedSiteSearch: parameters: *ref_1 - get: - description: Gets a list of Documents. - operationId: discoveryengine.projects.locations.dataStores.branches.documents.list + post: + description: Downgrade from advanced site search to basic site search. + operationId: >- + discoveryengine.projects.locations.dataStores.siteSearchEngine.disableAdvancedSiteSearch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1DisableAdvancedSiteSearchRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListDocumentsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -32165,40 +38201,34 @@ paths: required: true schema: type: string - - in: path - name: branchesId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine:recrawlUris: + parameters: *ref_1 post: - description: Creates a Document. - operationId: discoveryengine.projects.locations.dataStores.branches.documents.create + description: Request on-demand recrawl for a list of URIs. + operationId: >- + discoveryengine.projects.locations.dataStores.siteSearchEngine.recrawlUris requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1RecrawlUrisRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -32215,34 +38245,27 @@ paths: required: true schema: type: string - - in: path - name: branchesId - required: true - schema: - type: string - - in: query - name: documentId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/branches/{branchesId}/documents:import: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine:enableAdvancedSiteSearch: parameters: *ref_1 post: - description: >- - Bulk import of multiple Documents. Request processing may be - synchronous. Non-existing items are created. Note: It is possible for a - subset of the Documents to be successfully updated. - operationId: discoveryengine.projects.locations.dataStores.branches.documents.import + description: Upgrade from basic site search to advanced site search. + operationId: >- + discoveryengine.projects.locations.dataStores.siteSearchEngine.enableAdvancedSiteSearch requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ImportDocumentsRequest + #/components/schemas/GoogleCloudDiscoveryengineV1EnableAdvancedSiteSearchRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -32266,34 +38289,29 @@ paths: required: true schema: type: string - - in: path - name: branchesId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/branches/{branchesId}/documents:purge: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/branches/{branchesId}/documents:import: parameters: *ref_1 post: description: >- - Permanently deletes all selected Documents in a branch. This process is - asynchronous. Depending on the number of Documents to be deleted, this - operation can take hours to complete. Before the delete operation - completes, some Documents might still be returned by - DocumentService.GetDocument or DocumentService.ListDocuments. To get a - list of the Documents to be deleted, set PurgeDocumentsRequest.force to - false. - operationId: discoveryengine.projects.locations.dataStores.branches.documents.purge + Bulk import of multiple Documents. Request processing may be + synchronous. Non-existing items are created. Note: It is possible for a + subset of the Documents to be successfully updated. + operationId: discoveryengine.projects.locations.dataStores.branches.documents.import requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1PurgeDocumentsRequest + #/components/schemas/GoogleCloudDiscoveryengineV1ImportDocumentsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -32322,23 +38340,28 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/schemas/{schemasId}: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/branches/{branchesId}/documents: parameters: *ref_1 get: - description: Gets a Schema. - operationId: discoveryengine.projects.locations.dataStores.schemas.get + description: Gets a list of Documents. + operationId: discoveryengine.projects.locations.dataStores.branches.documents.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Schema' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListDocumentsResponse parameters: - in: path name: projectsId @@ -32356,30 +38379,43 @@ paths: schema: type: string - in: path - name: schemasId + name: branchesId required: true schema: type: string - patch: - description: Updates a Schema. - operationId: discoveryengine.projects.locations.dataStores.schemas.patch + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a Document. + operationId: discoveryengine.projects.locations.dataStores.branches.documents.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Schema' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' parameters: - in: path name: projectsId @@ -32397,29 +38433,35 @@ paths: schema: type: string - in: path - name: schemasId + name: branchesId required: true schema: type: string - in: query - name: allowMissing + name: documentId schema: - type: boolean - delete: - description: Deletes a Schema. - operationId: discoveryengine.projects.locations.dataStores.schemas.delete + type: string + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/branches/{branchesId}/documents/{documentsId}: + parameters: *ref_1 + get: + description: Gets a Document. + operationId: discoveryengine.projects.locations.dataStores.branches.documents.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' parameters: - in: path name: projectsId @@ -32437,28 +38479,39 @@ paths: schema: type: string - in: path - name: schemasId + name: branchesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/schemas: - parameters: *ref_1 - get: - description: Gets a list of Schemas. - operationId: discoveryengine.projects.locations.dataStores.schemas.list + - in: path + name: documentsId + required: true + schema: + type: string + patch: + description: Updates a Document. + operationId: discoveryengine.projects.locations.dataStores.branches.documents.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListSchemasResponse + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Document' parameters: - in: path name: projectsId @@ -32475,35 +38528,44 @@ paths: required: true schema: type: string + - in: path + name: branchesId + required: true + schema: + type: string + - in: path + name: documentsId + required: true + schema: + type: string - in: query - name: pageSize + name: allowMissing schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: updateMask schema: type: string - post: - description: Creates a Schema. - operationId: discoveryengine.projects.locations.dataStores.schemas.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Schema' + format: google-fieldmask + delete: + description: Deletes a Document. + operationId: discoveryengine.projects.locations.dataStores.branches.documents.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -32520,66 +38582,50 @@ paths: required: true schema: type: string - - in: query - name: schemaId + - in: path + name: branchesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/sessions: + - in: path + name: documentsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/branches/{branchesId}/documents:purge: parameters: *ref_1 post: description: >- - Creates a Session. If the Session to create already exists, an - ALREADY_EXISTS error is returned. - operationId: discoveryengine.projects.locations.dataStores.sessions.create + Permanently deletes all selected Documents in a branch. This process is + asynchronous. Depending on the number of Documents to be deleted, this + operation can take hours to complete. Before the delete operation + completes, some Documents might still be returned by + DocumentService.GetDocument or DocumentService.ListDocuments. To get a + list of the Documents to be deleted, set PurgeDocumentsRequest.force to + false. + operationId: discoveryengine.projects.locations.dataStores.branches.documents.purge requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1PurgeDocumentsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: dataStoresId - required: true - schema: - type: string - get: - description: Lists all Sessions by their parent DataStore. - operationId: discoveryengine.projects.locations.dataStores.sessions.list - security: - Oauth2: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/discoveryengine.readwrite Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListSessionsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -32596,35 +38642,39 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: branchesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/sessions/{sessionsId}: + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/branches/{branchesId}/operations/{operationsId}:cancel: parameters: *ref_1 - delete: + post: description: >- - Deletes a Session. If the Session to delete does not exist, a NOT_FOUND - error is returned. - operationId: discoveryengine.projects.locations.dataStores.sessions.delete + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: discoveryengine.projects.locations.dataStores.branches.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -32649,32 +38699,38 @@ paths: schema: type: string - in: path - name: sessionsId + name: branchesId required: true schema: type: string - patch: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/branches/{branchesId}/operations: + parameters: *ref_1 + get: description: >- - Updates a Session. Session action type cannot be changed. If the Session - to update does not exist, a NOT_FOUND error is returned. - operationId: discoveryengine.projects.locations.dataStores.sessions.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: discoveryengine.projects.locations.dataStores.branches.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -32692,30 +38748,51 @@ paths: schema: type: string - in: path - name: sessionsId + name: branchesId required: true schema: type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/branches/{branchesId}/operations/{operationsId}: + parameters: *ref_1 get: - description: Gets a Session. - operationId: discoveryengine.projects.locations.dataStores.sessions.get + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: discoveryengine.projects.locations.dataStores.branches.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -32733,31 +38810,40 @@ paths: schema: type: string - in: path - name: sessionsId + name: branchesId required: true schema: type: string - - in: query - name: includeAnswerDetails + - in: path + name: operationsId + required: true schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/sessions/{sessionsId}/answers/{answersId}: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/branches/{branchesId}/batchGetDocumentsMetadata: parameters: *ref_1 get: - description: Gets a Answer. - operationId: discoveryengine.projects.locations.dataStores.sessions.answers.get + description: >- + Gets index freshness metadata for Documents. Supported for website + search only. + operationId: >- + discoveryengine.projects.locations.dataStores.branches.batchGetDocumentsMetadata security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Answer' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1BatchGetDocumentsMetadataResponse parameters: - in: path name: projectsId @@ -32775,39 +38861,50 @@ paths: schema: type: string - in: path - name: sessionsId + name: branchesId required: true schema: type: string - - in: path - name: answersId - required: true + - in: query + name: matcher.urisMatcher.uris schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine:enableAdvancedSiteSearch: + - in: query + name: matcher.fhirMatcher.fhirResources + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/sessions: parameters: *ref_1 post: - description: Upgrade from basic site search to advanced site search. - operationId: >- - discoveryengine.projects.locations.dataStores.siteSearchEngine.enableAdvancedSiteSearch + description: >- + Creates a Session. If the Session to create already exists, an + ALREADY_EXISTS error is returned. + operationId: discoveryengine.projects.locations.dataStores.sessions.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1EnableAdvancedSiteSearchRequest + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' parameters: - in: path name: projectsId @@ -32824,30 +38921,30 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine:disableAdvancedSiteSearch: - parameters: *ref_1 - post: - description: Downgrade from advanced site search to basic site search. - operationId: >- - discoveryengine.projects.locations.dataStores.siteSearchEngine.disableAdvancedSiteSearch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1DisableAdvancedSiteSearchRequest + get: + description: Lists all Sessions by their parent DataStore. + operationId: discoveryengine.projects.locations.dataStores.sessions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListSessionsResponse parameters: - in: path name: projectsId @@ -32864,30 +38961,48 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine:recrawlUris: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/sessions/{sessionsId}: parameters: *ref_1 - post: - description: Request on-demand recrawl for a list of URIs. - operationId: >- - discoveryengine.projects.locations.dataStores.siteSearchEngine.recrawlUris - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1RecrawlUrisRequest + get: + description: Gets a Session. + operationId: discoveryengine.projects.locations.dataStores.sessions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' parameters: - in: path name: projectsId @@ -32904,29 +39019,40 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine/targetSites: - parameters: *ref_1 - post: - description: Creates a TargetSite. - operationId: >- - discoveryengine.projects.locations.dataStores.siteSearchEngine.targetSites.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' + - in: path + name: sessionsId + required: true + schema: + type: string + - in: query + name: includeAnswerDetails + schema: + type: boolean + delete: + description: >- + Deletes a Session. If the Session to delete does not exist, a NOT_FOUND + error is returned. + operationId: discoveryengine.projects.locations.dataStores.sessions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -32943,23 +39069,41 @@ paths: required: true schema: type: string - get: - description: Gets a list of TargetSites. - operationId: >- - discoveryengine.projects.locations.dataStores.siteSearchEngine.targetSites.list + - in: path + name: sessionsId + required: true + schema: + type: string + patch: + description: >- + Updates a Session. Session action type cannot be changed. If the Session + to update does not exist, a NOT_FOUND error is returned. + operationId: discoveryengine.projects.locations.dataStores.sessions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListTargetSitesResponse + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Session' parameters: - in: path name: projectsId @@ -32976,39 +39120,37 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: sessionsId + required: true schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine/targetSites:batchCreate: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/sessions/{sessionsId}/answers/{answersId}: parameters: *ref_1 - post: - description: Creates TargetSite in a batch. - operationId: >- - discoveryengine.projects.locations.dataStores.siteSearchEngine.targetSites.batchCreate - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1BatchCreateTargetSitesRequest + get: + description: Gets a Answer. + operationId: discoveryengine.projects.locations.dataStores.sessions.answers.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Answer' parameters: - in: path name: projectsId @@ -33025,24 +39167,40 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine/targetSites/{targetSitesId}: + - in: path + name: sessionsId + required: true + schema: + type: string + - in: path + name: answersId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/podcasts/{podcastsId}/operations/{operationsId}: parameters: *ref_1 get: - description: Gets a TargetSite. - operationId: >- - discoveryengine.projects.locations.dataStores.siteSearchEngine.targetSites.get + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: discoveryengine.projects.locations.podcasts.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -33055,36 +39213,36 @@ paths: schema: type: string - in: path - name: dataStoresId + name: podcastsId required: true schema: type: string - in: path - name: targetSitesId + name: operationsId required: true schema: type: string - patch: - description: Updates a TargetSite. - operationId: >- - discoveryengine.projects.locations.dataStores.siteSearchEngine.targetSites.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1TargetSite' + /v1/projects/{projectsId}/locations/{locationsId}/licenseConfigs/{licenseConfigsId}: + parameters: *ref_1 + get: + description: Gets a LicenseConfig. + operationId: discoveryengine.projects.locations.licenseConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1LicenseConfig' parameters: - in: path name: projectsId @@ -33097,31 +39255,34 @@ paths: schema: type: string - in: path - name: dataStoresId - required: true - schema: - type: string - - in: path - name: targetSitesId + name: licenseConfigsId required: true schema: type: string - delete: - description: Deletes a TargetSite. - operationId: >- - discoveryengine.projects.locations.dataStores.siteSearchEngine.targetSites.delete + patch: + description: Updates the LicenseConfig + operationId: discoveryengine.projects.locations.licenseConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1LicenseConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1LicenseConfig' parameters: - in: path name: projectsId @@ -33134,38 +39295,41 @@ paths: schema: type: string - in: path - name: dataStoresId + name: licenseConfigsId required: true schema: type: string - - in: path - name: targetSitesId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine/sitemaps: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/licenseConfigs: parameters: *ref_1 post: - description: Creates a Sitemap. - operationId: >- - discoveryengine.projects.locations.dataStores.siteSearchEngine.sitemaps.create + description: Creates a LicenseConfig + operationId: discoveryengine.projects.locations.licenseConfigs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1Sitemap' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1LicenseConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1LicenseConfig' parameters: - in: path name: projectsId @@ -33177,29 +39341,40 @@ paths: required: true schema: type: string - - in: path - name: dataStoresId - required: true + - in: query + name: licenseConfigId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine/sitemaps/{sitemapsId}: + /v1/projects/{projectsId}/locations/{locationsId}/userEvents:write: parameters: *ref_1 - delete: - description: Deletes a Sitemap. - operationId: >- - discoveryengine.projects.locations.dataStores.siteSearchEngine.sitemaps.delete + post: + description: Writes a single user event. + operationId: discoveryengine.projects.locations.userEvents.write + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserEvent' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserEvent' parameters: - in: path name: projectsId @@ -33211,35 +39386,39 @@ paths: required: true schema: type: string - - in: path - name: dataStoresId - required: true - schema: - type: string - - in: path - name: sitemapsId - required: true + - in: query + name: writeAsync schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/siteSearchEngine/sitemaps:fetch: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/userEvents:collect: parameters: *ref_1 get: - description: Fetch Sitemaps in a DataStore. - operationId: >- - discoveryengine.projects.locations.dataStores.siteSearchEngine.sitemaps.fetch + description: >- + Writes a single user event from the browser. This uses a GET request to + due to browser restriction of POST-ing to a third-party domain. This + method is used only by the Discovery Engine API JavaScript pixel and + Google Tag Manager. Users should not call this method directly. + operationId: discoveryengine.projects.locations.userEvents.collect security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1FetchSitemapsResponse + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: projectsId @@ -33251,37 +39430,55 @@ paths: required: true schema: type: string - - in: path - name: dataStoresId - required: true + - in: query + name: userEvent schema: type: string - in: query - name: matcher.urisMatcher.uris + name: uri schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/userEvents:write: + - in: query + name: ets + schema: + type: string + format: int64 + /v1/projects/{projectsId}/locations/{locationsId}/userEvents:import: parameters: *ref_1 post: - description: Writes a single user event. - operationId: discoveryengine.projects.locations.dataStores.userEvents.write + description: >- + Bulk import of user events. Request processing might be synchronous. + Events that already exist are skipped. Use this method for backfilling + historical user events. Operation.response is of type ImportResponse. + Note that it is possible for a subset of the items to be successfully + inserted. Operation.metadata is of type ImportMetadata. + operationId: discoveryengine.projects.locations.userEvents.import requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserEvent' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ImportUserEventsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.assist.readwrite + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserEvent' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -33293,36 +39490,27 @@ paths: required: true schema: type: string - - in: path - name: dataStoresId - required: true - schema: - type: string - - in: query - name: writeAsync - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/userEvents:collect: + /v1/projects/{projectsId}/locations/{locationsId}/cmekConfigs/{cmekConfigsId}: parameters: *ref_1 get: - description: >- - Writes a single user event from the browser. This uses a GET request to - due to browser restriction of POST-ing to a third-party domain. This - method is used only by the Discovery Engine API JavaScript pixel and - Google Tag Manager. Users should not call this method directly. - operationId: discoveryengine.projects.locations.dataStores.userEvents.collect + description: Gets the CmekConfig. + operationId: discoveryengine.projects.locations.cmekConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CmekConfig' parameters: - in: path name: projectsId @@ -33335,43 +39523,70 @@ paths: schema: type: string - in: path - name: dataStoresId + name: cmekConfigsId required: true schema: type: string - - in: query - name: userEvent + patch: + description: >- + Provisions a CMEK key for use in a location of a customer's project. + This method will also conduct location validation on the provided + cmekConfig to make sure the key is valid and can be used in the selected + location. + operationId: discoveryengine.projects.locations.cmekConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1CmekConfig' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true schema: type: string - - in: query - name: uri + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: ets + - in: path + name: cmekConfigsId + required: true schema: type: string - format: int64 - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/userEvents:purge: - parameters: *ref_1 - post: - description: >- - Deletes permanently all user events specified by the filter provided. - Depending on the number of events specified by the filter, this - operation could take hours or days to complete. To test a filter, use - the list command first. - operationId: discoveryengine.projects.locations.dataStores.userEvents.purge - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1PurgeUserEventsRequest + - in: query + name: setDefault + schema: + type: boolean + delete: + description: De-provisions a CmekConfig. + operationId: discoveryengine.projects.locations.cmekConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -33391,38 +39606,32 @@ paths: schema: type: string - in: path - name: dataStoresId + name: cmekConfigsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dataStores/{dataStoresId}/userEvents:import: + /v1/projects/{projectsId}/locations/{locationsId}/cmekConfigs: parameters: *ref_1 - post: - description: >- - Bulk import of user events. Request processing might be synchronous. - Events that already exist are skipped. Use this method for backfilling - historical user events. Operation.response is of type ImportResponse. - Note that it is possible for a subset of the items to be successfully - inserted. Operation.metadata is of type ImportMetadata. - operationId: discoveryengine.projects.locations.dataStores.userEvents.import - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ImportUserEventsRequest + get: + description: Lists all the CmekConfigs with the project. + operationId: discoveryengine.projects.locations.cmekConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListCmekConfigsResponse parameters: - in: path name: projectsId @@ -33434,35 +39643,63 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/identityMappingStores/{identityMappingStoresId}: + parameters: *ref_1 + get: + description: Gets the Identity Mapping Store. + operationId: discoveryengine.projects.locations.identityMappingStores.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1IdentityMappingStore + parameters: - in: path - name: dataStoresId + name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/groundingConfigs/{groundingConfigsId}:check: - parameters: *ref_1 - post: - description: Performs a grounding check. - operationId: discoveryengine.projects.locations.groundingConfigs.check - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1CheckGroundingRequest + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: identityMappingStoresId + required: true + schema: + type: string + delete: + description: Deletes the Identity Mapping Store. + operationId: discoveryengine.projects.locations.identityMappingStores.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1CheckGroundingResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -33475,7 +39712,7 @@ paths: schema: type: string - in: path - name: groundingConfigsId + name: identityMappingStoresId required: true schema: type: string @@ -33495,6 +39732,10 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -33515,7 +39756,7 @@ paths: schema: type: string - in: query - name: cmekConfigName + name: identityMappingStoreId schema: type: string - in: query @@ -33523,7 +39764,7 @@ paths: schema: type: boolean - in: query - name: identityMappingStoreId + name: cmekConfigName schema: type: string get: @@ -33534,6 +39775,10 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -33553,33 +39798,43 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/identityMappingStores/{identityMappingStoresId}: + /v1/projects/{projectsId}/locations/{locationsId}/identityMappingStores/{identityMappingStoresId}:importIdentityMappings: parameters: *ref_1 - get: - description: Gets the Identity Mapping Store. - operationId: discoveryengine.projects.locations.identityMappingStores.get + post: + description: Imports a list of Identity Mapping Entries to an Identity Mapping Store. + operationId: >- + discoveryengine.projects.locations.identityMappingStores.importIdentityMappings + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ImportIdentityMappingsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1IdentityMappingStore + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -33596,21 +39851,29 @@ paths: required: true schema: type: string - delete: - description: Deletes the Identity Mapping Store. - operationId: discoveryengine.projects.locations.identityMappingStores.delete + /v1/projects/{projectsId}/locations/{locationsId}/identityMappingStores/{identityMappingStoresId}:listIdentityMappings: + parameters: *ref_1 + get: + description: Lists Identity Mappings in an Identity Mapping Store. + operationId: >- + discoveryengine.projects.locations.identityMappingStores.listIdentityMappings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListIdentityMappingsResponse parameters: - in: path name: projectsId @@ -33627,23 +39890,38 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/identityMappingStores/{identityMappingStoresId}:importIdentityMappings: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/identityMappingStores/{identityMappingStoresId}:purgeIdentityMappings: parameters: *ref_1 post: - description: Imports a list of Identity Mapping Entries to an Identity Mapping Store. + description: >- + Purges specified or all Identity Mapping Entries from an Identity + Mapping Store. operationId: >- - discoveryengine.projects.locations.identityMappingStores.importIdentityMappings + discoveryengine.projects.locations.identityMappingStores.purgeIdentityMappings requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ImportIdentityMappingsRequest + #/components/schemas/GoogleCloudDiscoveryengineV1PurgeIdentityMappingsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -33667,25 +39945,23 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/identityMappingStores/{identityMappingStoresId}:purgeIdentityMappings: + /v1/projects/{projectsId}/locations/{locationsId}/identityMappingStores/{identityMappingStoresId}/operations/{operationsId}: parameters: *ref_1 - post: + get: description: >- - Purges specified or all Identity Mapping Entries from an Identity - Mapping Store. - operationId: >- - discoveryengine.projects.locations.identityMappingStores.purgeIdentityMappings - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1PurgeIdentityMappingsRequest + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: discoveryengine.projects.locations.identityMappingStores.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -33709,25 +39985,34 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/identityMappingStores/{identityMappingStoresId}:listIdentityMappings: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/identityMappingStores/{identityMappingStoresId}/operations: parameters: *ref_1 get: - description: Lists Identity Mappings in an Identity Mapping Store. - operationId: >- - discoveryengine.projects.locations.identityMappingStores.listIdentityMappings + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: discoveryengine.projects.locations.identityMappingStores.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ListIdentityMappingsResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -33753,18 +40038,30 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/identityMappingStores/{identityMappingStoresId}/operations: + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: discoveryengine.projects.locations.identityMappingStores.operations.list + operationId: discoveryengine.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -33783,9 +40080,8 @@ paths: required: true schema: type: string - - in: path - name: identityMappingStoresId - required: true + - in: query + name: pageToken schema: type: string - in: query @@ -33798,22 +40094,26 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: returnPartialSuccess schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/identityMappingStores/{identityMappingStoresId}/operations/{operationsId}: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: discoveryengine.projects.locations.identityMappingStores.operations.get + operationId: discoveryengine.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -33833,12 +40133,51 @@ paths: schema: type: string - in: path - name: identityMappingStoresId + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/groundingConfigs/{groundingConfigsId}:check: + parameters: *ref_1 + post: + description: Performs a grounding check. + operationId: discoveryengine.projects.locations.groundingConfigs.check + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1CheckGroundingRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1CheckGroundingResponse + parameters: + - in: path + name: projectsId required: true schema: type: string - in: path - name: operationsId + name: locationsId + required: true + schema: + type: string + - in: path + name: groundingConfigsId required: true schema: type: string @@ -33857,6 +40196,10 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -33880,28 +40223,27 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/userEvents:write: + /v1/projects/{projectsId}/locations/{locationsId}/userStores/{userStoresId}: parameters: *ref_1 - post: - description: Writes a single user event. - operationId: discoveryengine.projects.locations.userEvents.write - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserEvent' + get: + description: Gets the User Store. + operationId: discoveryengine.projects.locations.userStores.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserEvent' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserStore' parameters: - in: path name: projectsId @@ -33913,31 +40255,30 @@ paths: required: true schema: type: string - - in: query - name: writeAsync + - in: path + name: userStoresId + required: true schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/userEvents:collect: - parameters: *ref_1 - get: - description: >- - Writes a single user event from the browser. This uses a GET request to - due to browser restriction of POST-ing to a third-party domain. This - method is used only by the Discovery Engine API JavaScript pixel and - Google Tag Manager. Users should not call this method directly. - operationId: discoveryengine.projects.locations.userEvents.collect + type: string + delete: + description: Deletes the User Store. + operationId: discoveryengine.projects.locations.userStores.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -33949,47 +40290,82 @@ paths: required: true schema: type: string - - in: query - name: userEvent + - in: path + name: userStoresId + required: true schema: type: string - - in: query - name: uri + patch: + description: Updates the User Store. + operationId: discoveryengine.projects.locations.userStores.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserStore' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserStore' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: userStoresId + required: true schema: type: string - in: query - name: ets + name: updateMask schema: type: string - format: int64 - /v1/projects/{projectsId}/locations/{locationsId}/userEvents:import: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/userStores: parameters: *ref_1 post: - description: >- - Bulk import of user events. Request processing might be synchronous. - Events that already exist are skipped. Use this method for backfilling - historical user events. Operation.response is of type ImportResponse. - Note that it is possible for a subset of the items to be successfully - inserted. Operation.metadata is of type ImportMetadata. - operationId: discoveryengine.projects.locations.userEvents.import + description: Creates a new User Store. + operationId: discoveryengine.projects.locations.userStores.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDiscoveryengineV1ImportUserEventsRequest + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserStore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDiscoveryengineV1UserStore' parameters: - in: path name: projectsId @@ -34001,6 +40377,10 @@ paths: required: true schema: type: string + - in: query + name: userStoreId + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/userStores/{userStoresId}:batchUpdateUserLicenses: parameters: *ref_1 post: @@ -34019,6 +40399,10 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -34052,6 +40436,10 @@ paths: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite responses: '200': description: Successful response @@ -34076,6 +40464,10 @@ paths: required: true schema: type: string + - in: query + name: orderBy + schema: + type: string - in: query name: pageSize schema: @@ -34085,7 +40477,169 @@ paths: name: pageToken schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/userStores/{userStoresId}/licenseConfigsUsageStats: + parameters: *ref_1 + get: + description: Lists all the LicenseConfigUsageStatss associated with the project. + operationId: >- + discoveryengine.projects.locations.userStores.licenseConfigsUsageStats.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDiscoveryengineV1ListLicenseConfigsUsageStatsResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: userStoresId + required: true + schema: + type: string + /v1/projects/{projectsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: discoveryengine.projects.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: discoveryengine.projects.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: discoveryengine.projects.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/discoveryengine.readwrite + Oauth2c: + - https://www.googleapis.com/auth/discoveryengine.readwrite + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: query name: filter schema: type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean diff --git a/providers/src/googleapis.com/v00.00.00000/services/dlp.yaml b/providers/src/googleapis.com/v00.00.00000/services/dlp.yaml index 0395b098..002b5c51 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/dlp.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/dlp.yaml @@ -10,8 +10,8 @@ info: to help you discover, classify, and protect your valuable data assets with ease. version: v2 - x-discovery-doc-revision: '20250824' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251202' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/sensitive-data-protection/docs/ servers: @@ -37,304 +37,440 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GooglePrivacyDlpV2InspectContentRequest: - id: GooglePrivacyDlpV2InspectContentRequest - description: Request to search for potentially sensitive info in a ContentItem. + GooglePrivacyDlpV2AwsAccount: type: object + id: GooglePrivacyDlpV2AwsAccount properties: - inspectConfig: - description: >- - Configuration for the inspector. What specified here will override - the template referenced by the inspect_template_name argument. - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectConfig' - item: - description: The item to inspect. - $ref: '#/components/schemas/GooglePrivacyDlpV2ContentItem' - inspectTemplateName: - description: >- - Template to use. Any configuration directly specified in - inspect_config will override those set in the template. Singular - fields that are set in this request will replace their corresponding - fields in the template. Repeated fields are appended. Singular - sub-messages and groups are recursively merged. - type: string - locationId: - description: Deprecated. This field has no effect. + accountId: type: string - GooglePrivacyDlpV2InspectConfig: - id: GooglePrivacyDlpV2InspectConfig - description: >- - Configuration description of the scanning process. When used with - redactContent only info_types and min_likelihood are currently used. + description: Required. AWS account ID. + description: AWS account. + GooglePrivacyDlpV2FileStoreInfoTypeSummary: type: object properties: - infoTypes: - description: >- - Restricts what info_types to look for. The values must correspond to - InfoType values returned by ListInfoTypes or listed at - https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference. - When no InfoTypes or CustomInfoTypes are specified in a request, the - system may automatically choose a default list of detectors to run, - which may change over time. If you need precise control and - predictability as to what detectors are run you should specify - specific InfoTypes listed in the reference, otherwise a default list - will be used, which may change over time. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - minLikelihood: + infoType: + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' + description: The InfoType seen. + id: GooglePrivacyDlpV2FileStoreInfoTypeSummary + description: Information regarding the discovered InfoType. + GooglePrivacyDlpV2InspectTemplate: + type: object + properties: + updateTime: + description: Output only. The last update timestamp of an inspectTemplate. + format: google-datetime + type: string + readOnly: true + createTime: + description: Output only. The creation timestamp of an inspectTemplate. + readOnly: true + type: string + format: google-datetime + description: + type: string + description: Short description (max 256 chars). + displayName: + type: string + description: Display name (max 256 chars). + name: + readOnly: true description: >- - Only returns findings equal to or above this threshold. The default - is POSSIBLE. In general, the highest likelihood setting yields the - fewest findings in results and the lowest chance of a false - positive. For more information, see [Match - likelihood](https://cloud.google.com/sensitive-data-protection/docs/likelihood). + Output only. The template name. The template will have one of the + following formats: + `projects/PROJECT_ID/inspectTemplates/TEMPLATE_ID` OR + `organizations/ORGANIZATION_ID/inspectTemplates/TEMPLATE_ID`; type: string - enumDescriptions: - - Default value; same as POSSIBLE. - - Highest chance of a false positive. - - High chance of a false positive. - - Some matching signals. The default value. - - Low chance of a false positive. - - Confidence level is high. Lowest chance of a false positive. - enum: - - LIKELIHOOD_UNSPECIFIED - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - minLikelihoodPerInfoType: + inspectConfig: description: >- - Minimum likelihood per infotype. For each infotype, a user can - specify a minimum likelihood. The system only returns a finding if - its likelihood is above this threshold. If this field is not set, - the system uses the InspectConfig min_likelihood. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeLikelihood' - limits: + The core content of the template. Configuration of the scanning + process. + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectConfig' + id: GooglePrivacyDlpV2InspectTemplate + description: >- + The inspectTemplate contains a configuration (set of types of sensitive + data to be detected) to be used anywhere you otherwise would normally + specify InspectConfig. See + https://cloud.google.com/sensitive-data-protection/docs/concepts-templates + to learn more. + GooglePrivacyDlpV2JobNotificationEmails: + type: object + description: >- + Sends an email when the job completes. The email goes to IAM project + owners and technical [Essential + Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). + properties: {} + id: GooglePrivacyDlpV2JobNotificationEmails + GooglePrivacyDlpV2RequestedDeidentifyOptions: + type: object + properties: + snapshotStructuredDeidentifyTemplate: + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' description: >- - Configuration to control the number of findings returned. This is - not used for data profiling. When redacting sensitive data from - images, finding limits don't apply. They can cause unexpected or - inconsistent results, where only some data is redacted. Don't - include finding limits in RedactImage requests. Otherwise, Cloud DLP - returns an error. When set within an InspectJobConfig, the specified - maximum values aren't hard limits. If an inspection job reaches - these limits, the job ends gradually, not abruptly. Therefore, the - actual number of findings that Cloud DLP returns can be multiple - times higher than these maximum values. - $ref: '#/components/schemas/GooglePrivacyDlpV2FindingLimits' - includeQuote: + Snapshot of the state of the structured `DeidentifyTemplate` from + the `Deidentify` action at the time this job was run. + snapshotDeidentifyTemplate: description: >- - When true, a contextual quote from the data that triggered a finding - is included in the response; see Finding.quote. This is not used for - data profiling. - type: boolean - excludeInfoTypes: + Snapshot of the state of the `DeidentifyTemplate` from the + Deidentify action at the time this job was run. + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' + snapshotImageRedactTemplate: description: >- - When true, excludes type information of the findings. This is not - used for data profiling. - type: boolean - customInfoTypes: + Snapshot of the state of the image transformation + `DeidentifyTemplate` from the `Deidentify` action at the time this + job was run. + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' + id: GooglePrivacyDlpV2RequestedDeidentifyOptions + description: De-identification options. + GooglePrivacyDlpV2CloudStorageResourceReference: + id: GooglePrivacyDlpV2CloudStorageResourceReference + type: object + description: Identifies a single Cloud Storage bucket. + properties: + bucketName: + description: Required. The bucket to scan. + type: string + projectId: + type: string description: >- - CustomInfoTypes provided by the user. See - https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes - to learn more. - type: array + Required. If within a project-level config, then this must match the + config's project id. + GooglePrivacyDlpV2FileExtensionInfo: + description: Information regarding the discovered file extension. + properties: + fileExtension: + description: The file extension if set. (aka .pdf, .jpg, .txt) + type: string + type: object + id: GooglePrivacyDlpV2FileExtensionInfo + GooglePrivacyDlpV2Row: + properties: + values: items: - $ref: '#/components/schemas/GooglePrivacyDlpV2CustomInfoType' - contentOptions: - description: Deprecated and unused. + $ref: '#/components/schemas/GooglePrivacyDlpV2Value' + description: Individual cells. type: array + description: Values of the row. + id: GooglePrivacyDlpV2Row + type: object + GooglePrivacyDlpV2ListInfoTypesResponse: + id: GooglePrivacyDlpV2ListInfoTypesResponse + properties: + infoTypes: items: - type: string - enumDescriptions: - - Includes entire content of a file or a data stream. - - Text content within the data, excluding any metadata. - - Images found in the data. - enum: - - CONTENT_UNSPECIFIED - - CONTENT_TEXT - - CONTENT_IMAGE - ruleSet: - description: >- - Set of rules to apply to the findings for this InspectConfig. - Exclusion rules, contained in the set are executed in the end, other - rules are executed in the order they are specified for each info - type. + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeDescription' + description: Set of sensitive infoTypes. type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectionRuleSet' - GooglePrivacyDlpV2InfoType: - id: GooglePrivacyDlpV2InfoType - description: Type of information detected by the API. type: object + description: Response to the ListInfoTypes request. + GooglePrivacyDlpV2DiscoveryCloudStorageGenerationCadence: + description: >- + How often existing buckets should have their profiles refreshed. New + buckets are scanned as quickly as possible depending on system capacity. + id: GooglePrivacyDlpV2DiscoveryCloudStorageGenerationCadence properties: - name: + inspectTemplateModifiedCadence: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2DiscoveryInspectTemplateModifiedCadence description: >- - Name of the information type. Either a name of your choosing when - creating a CustomInfoType, or one of the names listed at - https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference - when specifying a built-in type. When sending Cloud DLP results to - Data Catalog, infoType names should conform to the pattern - `[A-Za-z0-9$_-]{1,64}`. - type: string - version: - description: Optional version name for this InfoType. - type: string - sensitivityScore: + Optional. Governs when to update data profiles when the inspection + rules defined by the `InspectTemplate` change. If not set, changing + the template will not cause a data profile to update. + refreshFrequency: description: >- - Optional custom sensitivity for this InfoType. This only applies to - data profiling. - $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' - GooglePrivacyDlpV2SensitivityScore: - id: GooglePrivacyDlpV2SensitivityScore - description: >- - Score is calculated from of all elements in the data profile. A higher - level means the data is more sensitive. + Optional. Data changes in Cloud Storage can't trigger reprofiling. + If you set this field, profiles are refreshed at this frequency + regardless of whether the underlying buckets have changed. Defaults + to never. + enum: + - UPDATE_FREQUENCY_UNSPECIFIED + - UPDATE_FREQUENCY_NEVER + - UPDATE_FREQUENCY_DAILY + - UPDATE_FREQUENCY_MONTHLY + enumDescriptions: + - Unspecified. + - After the data profile is created, it will never be updated. + - The data profile can be updated up to once every 24 hours. + - The data profile can be updated up to once every 30 days. Default. + type: string + type: object + GooglePrivacyDlpV2InfoTypeDescription: type: object properties: - score: - description: The sensitivity score applied to the resource. + sensitivityScore: + $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' + description: The default sensitivity of the infoType. + specificInfoTypes: + description: >- + If this field is set, this infoType is a general infoType and these + specific infoTypes are contained within it. General infoTypes are + infoTypes that encompass multiple specific infoTypes. For example, + the "GEOGRAPHIC_DATA" general infoType would have set for this field + "LOCATION", "LOCATION_COORDINATES", and "STREET_ADDRESS". + type: array + items: + type: string + displayName: type: string - enumDescriptions: - - Unused. - - >- - No sensitive information detected. The resource isn't publicly - accessible. - - Unable to determine sensitivity. - - >- - Medium risk. Contains personally identifiable information (PII), - potentially sensitive data, or fields with free-text data that are - at a higher risk of having intermittent sensitive data. Consider - limiting access. - - >- - High risk. Sensitive personally identifiable information (SPII) - can be present. Exfiltration of data can lead to user data loss. - Re-identification of users might be possible. Consider limiting - usage and or removing SPII. - enum: - - SENSITIVITY_SCORE_UNSPECIFIED - - SENSITIVITY_LOW - - SENSITIVITY_UNKNOWN - - SENSITIVITY_MODERATE - - SENSITIVITY_HIGH - GooglePrivacyDlpV2InfoTypeLikelihood: - id: GooglePrivacyDlpV2InfoTypeLikelihood + description: Human readable form of the infoType name. + example: + type: string + description: A sample that is a true positive for this infoType. + name: + description: Internal name of the infoType. + type: string + description: + type: string + description: >- + Description of the infotype. Translated when language is provided in + the request. + categories: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeCategory' + description: The category of the infoType. + type: array + locationSupport: + description: Locations at which this feature can be used. May change over time. + $ref: '#/components/schemas/GooglePrivacyDlpV2LocationSupport' + supportedBy: + items: + enumDescriptions: + - Unused. + - Supported by the inspect operations. + - Supported by the risk analysis operations. + enum: + - ENUM_TYPE_UNSPECIFIED + - INSPECT + - RISK_ANALYSIS + type: string + description: Which parts of the API supports this InfoType. + type: array + versions: + type: array + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2VersionDescription' + description: A list of available versions for the infotype. + description: InfoType description. + id: GooglePrivacyDlpV2InfoTypeDescription + GooglePrivacyDlpV2FileStoreRegexes: + properties: + patterns: + type: array + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreRegex' + description: >- + Required. The group of regular expression patterns to match against + one or more file stores. Maximum of 100 entries. The sum of all + regular expression's length can't exceed 10 KiB. description: >- - Configuration for setting a minimum likelihood per infotype. Used to - customize the minimum likelihood level for specific infotypes in the - request. For example, use this if you want to lower the precision for - PERSON_NAME without lowering the precision for the other infotypes in - the request. + A collection of regular expressions to determine what file store to + match against. + id: GooglePrivacyDlpV2FileStoreRegexes type: object + GooglePrivacyDlpV2TableLocation: + id: GooglePrivacyDlpV2TableLocation properties: - infoType: - description: >- - Type of information the likelihood threshold applies to. Only one - likelihood per info_type should be provided. If InfoTypeLikelihood - does not have an info_type, the configuration fails. - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - minLikelihood: + rowIndex: description: >- - Only returns findings equal to or above this threshold. This field - is required or else the configuration fails. + The zero-based index of the row where the finding is located. Only + populated for resources that have a natural ordering, not BigQuery. + In BigQuery, to identify the row a finding came from, populate + BigQueryOptions.identifying_fields with your primary key column + names and when you store the findings the value of those columns + will be stored inside of Finding. + format: int64 type: string - enumDescriptions: - - Default value; same as POSSIBLE. - - Highest chance of a false positive. - - High chance of a false positive. - - Some matching signals. The default value. - - Low chance of a false positive. - - Confidence level is high. Lowest chance of a false positive. - enum: - - LIKELIHOOD_UNSPECIFIED - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - GooglePrivacyDlpV2FindingLimits: - id: GooglePrivacyDlpV2FindingLimits - description: >- - Configuration to control the number of findings returned for inspection. - This is not used for de-identification or data profiling. When redacting - sensitive data from images, finding limits don't apply. They can cause - unexpected or inconsistent results, where only some data is redacted. - Don't include finding limits in RedactImage requests. Otherwise, Cloud - DLP returns an error. + description: Location of a finding within a table. type: object + GooglePrivacyDlpV2DiscoveryOtherCloudFilter: + description: >- + Determines which resources from the other cloud will have profiles + generated. Includes the ability to filter by resource names. + id: GooglePrivacyDlpV2DiscoveryOtherCloudFilter properties: - maxFindingsPerItem: + others: description: >- - Max number of findings that are returned for each item scanned. When - set within an InspectContentRequest, this field is ignored. This - value isn't a hard limit. If the number of findings for an item - reaches this limit, the inspection of that item ends gradually, not - abruptly. Therefore, the actual number of findings that Cloud DLP - returns for the item can be multiple times higher than this value. - type: integer - format: int32 - maxFindingsPerRequest: + Optional. Catch-all. This should always be the last target in the + list because anything above it will apply first. Should only appear + once in a configuration. If none is specified, a default one will be + added automatically. + $ref: '#/components/schemas/GooglePrivacyDlpV2AllOtherResources' + collection: + description: A collection of resources for this filter to apply to. + $ref: '#/components/schemas/GooglePrivacyDlpV2OtherCloudResourceCollection' + singleResource: description: >- - Max number of findings that are returned per request or job. If you - set this field in an InspectContentRequest, the resulting maximum - value is the value that you set or 3,000, whichever is lower. This - value isn't a hard limit. If an inspection reaches this limit, the - inspection ends gradually, not abruptly. Therefore, the actual - number of findings that Cloud DLP returns can be multiple times - higher than this value. - type: integer - format: int32 - maxFindingsPerInfoType: - description: Configuration of findings limit given for specified infoTypes. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeLimit' - GooglePrivacyDlpV2InfoTypeLimit: - id: GooglePrivacyDlpV2InfoTypeLimit + The resource to scan. Configs using this filter can only have one + target (the target with this single resource reference). + $ref: >- + #/components/schemas/GooglePrivacyDlpV2OtherCloudSingleResourceReference + type: object + GooglePrivacyDlpV2HotwordRule: + id: GooglePrivacyDlpV2HotwordRule description: >- - Max findings configuration per infoType, per content item or long - running DlpJob. + The rule that adjusts the likelihood of findings within a certain + proximity of hotwords. type: object properties: - infoType: + proximity: + $ref: '#/components/schemas/GooglePrivacyDlpV2Proximity' description: >- - Type of information the findings limit applies to. Only one limit - per info_type should be provided. If InfoTypeLimit does not have an - info_type, the DLP API applies the limit against all info_types that - are found but not specified in another InfoTypeLimit. - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - maxFindings: - description: Max findings limit for the given infoType. - type: integer - format: int32 - GooglePrivacyDlpV2CustomInfoType: - id: GooglePrivacyDlpV2CustomInfoType - description: >- - Custom information type provided by the user. Used to find - domain-specific sensitive information configurable to the data in - question. - type: object + Range of characters within which the entire hotword must reside. The + total length of the window cannot exceed 1000 characters. The + finding itself will be included in the window, so that hotwords can + be used to match substrings of the finding itself. Suppose you want + Cloud DLP to promote the likelihood of the phone number regex + "\(\d{3}\) \d{3}-\d{4}" if the area code is known to be the area + code of a company's office. In this case, use the hotword regex + "\(xxx\)", where "xxx" is the area code in question. For tabular + data, if you want to modify the likelihood of an entire column of + findngs, see [Hotword example: Set the match likelihood of a table + column] + (https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes-likelihood#match-column-values). + hotwordRegex: + $ref: '#/components/schemas/GooglePrivacyDlpV2Regex' + description: Regular expression pattern defining what qualifies as a hotword. + likelihoodAdjustment: + description: Likelihood adjustment to apply to all matching findings. + $ref: '#/components/schemas/GooglePrivacyDlpV2LikelihoodAdjustment' + GooglePrivacyDlpV2Condition: properties: - infoType: + value: + $ref: '#/components/schemas/GooglePrivacyDlpV2Value' + description: Value to compare against. [Mandatory, except for `EXISTS` tests.] + operator: description: >- - CustomInfoType can either be a new infoType, or an extension of - built-in infoType, when the name matches one of existing infoTypes - and that infoType is specified in `InspectContent.info_types` field. - Specifying the latter adds findings to the one detected by the - system. If built-in info type is not specified in - `InspectContent.info_types` list then the name is treated as a - custom info type. - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - likelihood: + Required. Operator used to compare the field or infoType to the + value. + type: string + enum: + - RELATIONAL_OPERATOR_UNSPECIFIED + - EQUAL_TO + - NOT_EQUAL_TO + - GREATER_THAN + - LESS_THAN + - GREATER_THAN_OR_EQUALS + - LESS_THAN_OR_EQUALS + - EXISTS + enumDescriptions: + - Unused + - Equal. Attempts to match even with incompatible types. + - Not equal to. Attempts to match even with incompatible types. + - Greater than. + - Less than. + - Greater than or equals. + - Less than or equals. + - Exists + field: description: >- - Likelihood to return for this CustomInfoType. This base value can be - altered by a detection rule if the finding meets the criteria - specified by the rule. Defaults to `VERY_LIKELY` if not specified. + Required. Field within the record this condition is evaluated + against. + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + description: >- + The field type of `value` and `field` do not need to match to be + considered equal, but not all comparisons are possible. EQUAL_TO and + NOT_EQUAL_TO attempt to compare even with incompatible types, but all + other comparisons are invalid with incompatible types. A `value` of + type: - `string` can be compared against all other types - `boolean` can + only be compared against other booleans - `integer` can be compared + against doubles or a string if the string value can be parsed as an + integer. - `double` can be compared against integers or a string if the + string can be parsed as a double. - `Timestamp` can be compared against + strings in RFC 3339 date string format. - `TimeOfDay` can be compared + against timestamps and strings in the format of 'HH:mm:ss'. If we fail + to compare do to type mismatch, a warning will be given and the + condition will evaluate to false. + type: object + id: GooglePrivacyDlpV2Condition + GooglePrivacyDlpV2DocumentLocation: + id: GooglePrivacyDlpV2DocumentLocation + type: object + properties: + fileOffset: + description: >- + Offset of the line, from the beginning of the file, where the + finding is located. + format: int64 + type: string + description: Location of a finding within a document. + GooglePrivacyDlpV2Schedule: + type: object + properties: + recurrencePeriodDuration: + description: >- + With this option a job is started on a regular periodic basis. For + example: every day (86400 seconds). A scheduled start time will be + skipped if the previous execution has not ended when its scheduled + time occurs. This value must be set to a time duration greater than + or equal to 1 day and can be no longer than 60 days. + type: string + format: google-duration + id: GooglePrivacyDlpV2Schedule + description: Schedule for inspect job triggers. + GooglePrivacyDlpV2InspectJobConfig: + properties: + inspectConfig: + description: How and what to scan for. + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectConfig' + actions: + type: array + description: Actions to execute at the completion of the job. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2Action' + inspectTemplateName: + description: >- + If provided, will be used as the default for all values in + InspectConfig. `inspect_config` will be merged into the values + persisted as part of the template. + type: string + storageConfig: + $ref: '#/components/schemas/GooglePrivacyDlpV2StorageConfig' + description: The data to scan. + id: GooglePrivacyDlpV2InspectJobConfig + description: Controls what and how to inspect for findings. + type: object + GooglePrivacyDlpV2InspectConfig: + properties: + includeQuote: + type: boolean + description: >- + When true, a contextual quote from the data that triggered a finding + is included in the response; see Finding.quote. This is not used for + data profiling. + excludeInfoTypes: + description: >- + When true, excludes type information of the findings. This is not + used for data profiling. + type: boolean + infoTypes: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' + type: array + description: >- + Restricts what info_types to look for. The values must correspond to + InfoType values returned by ListInfoTypes or listed at + https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference. + When no InfoTypes or CustomInfoTypes are specified in a request, the + system may automatically choose a default list of detectors to run, + which may change over time. If you need precise control and + predictability as to what detectors are run you should specify + specific InfoTypes listed in the reference, otherwise a default list + will be used, which may change over time. + customInfoTypes: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2CustomInfoType' + type: array + description: >- + CustomInfoTypes provided by the user. See + https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes + to learn more. + minLikelihood: type: string + description: >- + Only returns findings equal to or above this threshold. The default + is POSSIBLE. In general, the highest likelihood setting yields the + fewest findings in results and the lowest chance of a false + positive. For more information, see [Match + likelihood](https://cloud.google.com/sensitive-data-protection/docs/likelihood). enumDescriptions: - Default value; same as POSSIBLE. - Highest chance of a false positive. @@ -349,1722 +485,1657 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - dictionary: - description: A list of phrases to detect as a CustomInfoType. - $ref: '#/components/schemas/GooglePrivacyDlpV2Dictionary' - regex: - description: Regular expression based CustomInfoType. - $ref: '#/components/schemas/GooglePrivacyDlpV2Regex' - surrogateType: - description: >- - Message for detecting output from deidentification transformations - that support reversing. - $ref: '#/components/schemas/GooglePrivacyDlpV2SurrogateType' - storedType: - description: >- - Load an existing `StoredInfoType` resource for use in - `InspectDataSource`. Not currently supported in `InspectContent`. - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredType' - detectionRules: + contentOptions: + type: array + items: + enum: + - CONTENT_UNSPECIFIED + - CONTENT_TEXT + - CONTENT_IMAGE + type: string + enumDescriptions: + - Includes entire content of a file or a data stream. + - Text content within the data, excluding any metadata. + - Images found in the data. + description: Deprecated and unused. + minLikelihoodPerInfoType: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeLikelihood' description: >- - Set of detection rules to apply to all findings of this - CustomInfoType. Rules are applied in order that they are specified. - Not supported for the `surrogate_type` CustomInfoType. + Minimum likelihood per infotype. For each infotype, a user can + specify a minimum likelihood. The system only returns a finding if + its likelihood is above this threshold. If this field is not set, + the system uses the InspectConfig min_likelihood. type: array + ruleSet: items: - $ref: '#/components/schemas/GooglePrivacyDlpV2DetectionRule' - exclusionType: + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectionRuleSet' + type: array description: >- - If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a - finding to be returned. It still can be used for rules matching. - type: string - enumDescriptions: - - >- - A finding of this custom info type will not be excluded from - results. - - >- - A finding of this custom info type will be excluded from final - results, but can still affect rule execution. - enum: - - EXCLUSION_TYPE_UNSPECIFIED - - EXCLUSION_TYPE_EXCLUDE - sensitivityScore: + Set of rules to apply to the findings for this InspectConfig. + Exclusion rules, contained in the set are executed in the end, other + rules are executed in the order they are specified for each info + type. + limits: + $ref: '#/components/schemas/GooglePrivacyDlpV2FindingLimits' description: >- - Sensitivity for this CustomInfoType. If this CustomInfoType extends - an existing InfoType, the sensitivity here will take precedence over - that of the original InfoType. If unset for a CustomInfoType, it - will default to HIGH. This only applies to data profiling. - $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' - GooglePrivacyDlpV2Dictionary: - id: GooglePrivacyDlpV2Dictionary + Configuration to control the number of findings returned. This is + not used for data profiling. When redacting sensitive data from + images, finding limits don't apply. They can cause unexpected or + inconsistent results, where only some data is redacted. Don't + include finding limits in RedactImage requests. Otherwise, Cloud DLP + returns an error. When set within an InspectJobConfig, the specified + maximum values aren't hard limits. If an inspection job reaches + these limits, the job ends gradually, not abruptly. Therefore, the + actual number of findings that Cloud DLP returns can be multiple + times higher than these maximum values. + id: GooglePrivacyDlpV2InspectConfig + type: object description: >- - Custom information type based on a dictionary of words or phrases. This - can be used to match sensitive information specific to the data, such as - a list of employee IDs or job titles. Dictionary words are - case-insensitive and all characters other than letters and digits in the - unicode [Basic Multilingual - Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) - will be replaced with whitespace when scanning for matches, so the - dictionary phrase "Sam Johnson" will match all three phrases "sam - johnson", "Sam, Johnson", and "Sam (Johnson)". Additionally, the - characters surrounding any match must be of a different type than the - adjacent characters within the word, so letters must be next to - non-letters and digits next to non-digits. For example, the dictionary - word "jen" will match the first three letters of the text "jen123" but - will return no matches for "jennifer". Dictionary words containing a - large number of characters that are not letters or digits may result in - unexpected findings because such characters are treated as whitespace. - The [limits](https://cloud.google.com/sensitive-data-protection/limits) - page contains details about the size limits of dictionaries. For - dictionaries that do not fit within these constraints, consider using - `LargeCustomDictionaryConfig` in the `StoredInfoType` API. + Configuration description of the scanning process. When used with + redactContent only info_types and min_likelihood are currently used. + GooglePrivacyDlpV2CloudSqlDiscoveryTarget: + description: Target used to match against for discovery with Cloud SQL tables. type: object properties: - wordList: - description: List of words or phrases to search for. - $ref: '#/components/schemas/GooglePrivacyDlpV2WordList' - cloudStoragePath: + conditions: + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryCloudSqlConditions' description: >- - Newline-delimited file of words in Cloud Storage. Only a single file - is accepted. - $ref: '#/components/schemas/GooglePrivacyDlpV2CloudStoragePath' - GooglePrivacyDlpV2WordList: - id: GooglePrivacyDlpV2WordList - description: Message defining a list of words or phrases to search for in the data. - type: object - properties: - words: + In addition to matching the filter, these conditions must be true + before a profile is generated. + disabled: + $ref: '#/components/schemas/GooglePrivacyDlpV2Disabled' + description: Disable profiling for database resources that match this filter. + generationCadence: description: >- - Words or phrases defining the dictionary. The dictionary must - contain at least one phrase and every phrase must contain at least 2 - characters that are letters or digits. [required] - type: array - items: - type: string - GooglePrivacyDlpV2CloudStoragePath: - id: GooglePrivacyDlpV2CloudStoragePath - description: Message representing a single file or path in Cloud Storage. + How often and when to update profiles. New tables that match both + the filter and conditions are scanned as quickly as possible + depending on system capacity. + $ref: >- + #/components/schemas/GooglePrivacyDlpV2DiscoveryCloudSqlGenerationCadence + filter: + description: >- + Required. The tables the discovery cadence applies to. The first + target with a matching filter will be the one to apply to a table. + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryCloudSqlFilter' + id: GooglePrivacyDlpV2CloudSqlDiscoveryTarget + GooglePrivacyDlpV2TaggedField: type: object properties: - path: + infoType: description: >- - A URL representing a file or path (no wildcards) in Cloud Storage. - Example: `gs://[BUCKET_NAME]/dictionary.txt` + A column can be tagged with a InfoType to use the relevant public + dataset as a statistical model of population, if available. We + currently support US ZIP codes, region codes, ages and genders. To + programmatically obtain the list of supported InfoTypes, use + ListInfoTypes with the supported_by=RISK_ANALYSIS filter. + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' + field: + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + description: Required. Identifies the column. + inferred: + description: >- + If no semantic tag is indicated, we infer the statistical model from + the distribution of values in the input data + $ref: '#/components/schemas/GoogleProtobufEmpty' + customTag: + description: >- + A column can be tagged with a custom tag. In this case, the user + must indicate an auxiliary table that contains statistical + information on the possible values of this column. type: string - GooglePrivacyDlpV2Regex: - id: GooglePrivacyDlpV2Regex - description: Message defining a custom regular expression. + description: A column with a semantic tag attached. + id: GooglePrivacyDlpV2TaggedField + GooglePrivacyDlpV2InspectContentResponse: + id: GooglePrivacyDlpV2InspectContentResponse type: object properties: - pattern: - description: >- - Pattern defining the regular expression. Its syntax - (https://github.com/google/re2/wiki/Syntax) can be found under the - google/re2 repository on GitHub. - type: string - groupIndexes: - description: >- - The index of the submatch to extract as findings. When not - specified, the entire match is returned. No more than 3 may be - included. - type: array - items: - type: integer - format: int32 - GooglePrivacyDlpV2SurrogateType: - id: GooglePrivacyDlpV2SurrogateType + result: + description: The findings. + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectResult' + description: Results of inspecting an item. + GooglePrivacyDlpV2ExclusionRule: + id: GooglePrivacyDlpV2ExclusionRule description: >- - Message for detecting output from deidentification transformations such - as - [`CryptoReplaceFfxFpeConfig`](https://cloud.google.com/sensitive-data-protection/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig). - These types of transformations are those that perform pseudonymization, - thereby producing a "surrogate" as output. This should be used in - conjunction with a field on the transformation such as - `surrogate_info_type`. This CustomInfoType does not support the use of - `detection_rules`. - type: object - properties: {} - GooglePrivacyDlpV2StoredType: - id: GooglePrivacyDlpV2StoredType - description: A reference to a StoredInfoType to use with scanning. - type: object + The rule that specifies conditions when findings of infoTypes specified + in `InspectionRuleSet` are removed from results. properties: - name: - description: >- - Resource name of the requested `StoredInfoType`, for example - `organizations/433245324/storedInfoTypes/432452342` or - `projects/project-id/storedInfoTypes/432452342`. + regex: + description: Regular expression which defines the rule. + $ref: '#/components/schemas/GooglePrivacyDlpV2Regex' + excludeInfoTypes: + $ref: '#/components/schemas/GooglePrivacyDlpV2ExcludeInfoTypes' + description: Set of infoTypes for which findings would affect this rule. + dictionary: + description: Dictionary which defines the rule. + $ref: '#/components/schemas/GooglePrivacyDlpV2Dictionary' + matchingType: + enum: + - MATCHING_TYPE_UNSPECIFIED + - MATCHING_TYPE_FULL_MATCH + - MATCHING_TYPE_PARTIAL_MATCH + - MATCHING_TYPE_INVERSE_MATCH type: string - createTime: + description: How the rule is applied, see MatchingType documentation for details. + enumDescriptions: + - Invalid. + - >- + Full match. - Dictionary: join of Dictionary results matched the + complete finding quote - Regex: all regex matches fill a finding + quote from start to end - Exclude infoType: completely inside + affecting infoTypes findings + - >- + Partial match. - Dictionary: at least one of the tokens in the + finding matches - Regex: substring of the finding matches - + Exclude infoType: intersects with affecting infoTypes findings + - >- + Inverse match. - Dictionary: no tokens in the finding match the + dictionary - Regex: finding doesn't match the regex - Exclude + infoType: no intersection with affecting infoTypes findings + excludeByHotword: + $ref: '#/components/schemas/GooglePrivacyDlpV2ExcludeByHotword' description: >- - Timestamp indicating when the version of the `StoredInfoType` used - for inspection was created. Output-only field, populated by the - system. - type: string - format: google-datetime - GooglePrivacyDlpV2DetectionRule: - id: GooglePrivacyDlpV2DetectionRule - description: >- - Deprecated; use `InspectionRuleSet` instead. Rule for modifying a - `CustomInfoType` to alter behavior under certain circumstances, - depending on the specific details of the rule. Not supported for the - `surrogate_type` custom infoType. + Drop if the hotword rule is contained in the proximate context. For + tabular data, the context includes the column name. type: object + GooglePrivacyDlpV2QuasiIdField: properties: - hotwordRule: - description: Hotword-based detection rule. - $ref: '#/components/schemas/GooglePrivacyDlpV2HotwordRule' - GooglePrivacyDlpV2HotwordRule: - id: GooglePrivacyDlpV2HotwordRule + customTag: + description: A auxiliary field. + type: string + field: + description: Identifies the column. + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' description: >- - The rule that adjusts the likelihood of findings within a certain - proximity of hotwords. + A quasi-identifier column has a custom_tag, used to know which column in + the data corresponds to which column in the statistical model. + id: GooglePrivacyDlpV2QuasiIdField + type: object + GooglePrivacyDlpV2NumericalStatsResult: type: object + description: Result of the numerical stats computation. properties: - hotwordRegex: - description: Regular expression pattern defining what qualifies as a hotword. - $ref: '#/components/schemas/GooglePrivacyDlpV2Regex' - proximity: + minValue: + $ref: '#/components/schemas/GooglePrivacyDlpV2Value' + description: Minimum value appearing in the column. + quantileValues: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2Value' + type: array description: >- - Range of characters within which the entire hotword must reside. The - total length of the window cannot exceed 1000 characters. The - finding itself will be included in the window, so that hotwords can - be used to match substrings of the finding itself. Suppose you want - Cloud DLP to promote the likelihood of the phone number regex - "\(\d{3}\) \d{3}-\d{4}" if the area code is known to be the area - code of a company's office. In this case, use the hotword regex - "\(xxx\)", where "xxx" is the area code in question. For tabular - data, if you want to modify the likelihood of an entire column of - findngs, see [Hotword example: Set the match likelihood of a table - column] - (https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes-likelihood#match-column-values). - $ref: '#/components/schemas/GooglePrivacyDlpV2Proximity' - likelihoodAdjustment: - description: Likelihood adjustment to apply to all matching findings. - $ref: '#/components/schemas/GooglePrivacyDlpV2LikelihoodAdjustment' - GooglePrivacyDlpV2Proximity: - id: GooglePrivacyDlpV2Proximity + List of 99 values that partition the set of field values into 100 + equal sized buckets. + maxValue: + $ref: '#/components/schemas/GooglePrivacyDlpV2Value' + description: Maximum value appearing in the column. + id: GooglePrivacyDlpV2NumericalStatsResult + GooglePrivacyDlpV2LargeCustomDictionaryConfig: description: >- - Message for specifying a window around a finding to apply a detection - rule. + Configuration for a custom dictionary created from a data source of any + size up to the maximum size defined in the + [limits](https://cloud.google.com/sensitive-data-protection/limits) + page. The artifacts of dictionary creation are stored in the specified + Cloud Storage location. Consider using `CustomInfoType.Dictionary` for + smaller dictionaries that satisfy the size requirements. type: object properties: - windowBefore: + outputPath: + $ref: '#/components/schemas/GooglePrivacyDlpV2CloudStoragePath' description: >- - Number of characters before the finding to consider. For tabular - data, if you want to modify the likelihood of an entire column of - findngs, set this to 1. For more information, see [Hotword example: - Set the match likelihood of a table column] - (https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes-likelihood#match-column-values). - type: integer - format: int32 - windowAfter: - description: Number of characters after the finding to consider. - type: integer - format: int32 - GooglePrivacyDlpV2LikelihoodAdjustment: - id: GooglePrivacyDlpV2LikelihoodAdjustment - description: >- - Message for specifying an adjustment to the likelihood of a finding as - part of a detection rule. - type: object + Location to store dictionary artifacts in Cloud Storage. These files + will only be accessible by project owners and the DLP API. If any of + these artifacts are modified, the dictionary is considered invalid + and can no longer be used. + cloudStorageFileSet: + description: >- + Set of files containing newline-delimited lists of dictionary + phrases. + $ref: '#/components/schemas/GooglePrivacyDlpV2CloudStorageFileSet' + bigQueryField: + description: >- + Field in a BigQuery table where each cell represents a dictionary + phrase. + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryField' + id: GooglePrivacyDlpV2LargeCustomDictionaryConfig + GooglePrivacyDlpV2AmazonS3BucketRegex: properties: - fixedLikelihood: - description: Set the likelihood of a finding to a fixed value. + bucketNameRegex: + description: >- + Optional. Regex to test the bucket name against. If empty, all + buckets match. type: string - enumDescriptions: - - Default value; same as POSSIBLE. - - Highest chance of a false positive. - - High chance of a false positive. - - Some matching signals. The default value. - - Low chance of a false positive. - - Confidence level is high. Lowest chance of a false positive. - enum: - - LIKELIHOOD_UNSPECIFIED - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - relativeLikelihood: - description: >- - Increase or decrease the likelihood by the specified number of - levels. For example, if a finding would be `POSSIBLE` without the - detection rule and `relative_likelihood` is 1, then it is upgraded - to `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. - Likelihood may never drop below `VERY_UNLIKELY` or exceed - `VERY_LIKELY`, so applying an adjustment of 1 followed by an - adjustment of -1 when base likelihood is `VERY_LIKELY` will result - in a final likelihood of `LIKELY`. - type: integer - format: int32 - GooglePrivacyDlpV2InspectionRuleSet: - id: GooglePrivacyDlpV2InspectionRuleSet - description: >- - Rule set for modifying a set of infoTypes to alter behavior under - certain circumstances, depending on the specific details of the rules - within the set. + awsAccountRegex: + $ref: '#/components/schemas/GooglePrivacyDlpV2AwsAccountRegex' + description: The AWS account regex. type: object + id: GooglePrivacyDlpV2AmazonS3BucketRegex + description: Amazon S3 bucket regex. + GooglePrivacyDlpV2DataProfileJobConfig: properties: - infoTypes: - description: List of infoTypes this rule set is applied to. + location: + $ref: '#/components/schemas/GooglePrivacyDlpV2DataProfileLocation' + description: The data to scan. + dataProfileActions: + description: Actions to execute at the completion of the job. type: array items: - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - rules: + $ref: '#/components/schemas/GooglePrivacyDlpV2DataProfileAction' + otherCloudStartingLocation: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2OtherCloudDiscoveryStartingLocation + description: Must be set only when scanning other clouds. + inspectTemplates: description: >- - Set of rules to be applied to infoTypes. The rules are applied in - order. - type: array + Detection logic for profile generation. Not all template features + are used by profiles. FindingLimits, include_quote and + exclude_info_types have no impact on data profiling. Multiple + templates may be provided if there is data in multiple regions. At + most one template must be specified per-region (including "global"). + Each region is scanned using the applicable template. If no + region-specific template is specified, but a "global" template is + specified, it will be copied to that region and used instead. If no + global or region-specific template is provided for a region with + data, that region's data will not be scanned. For more information, + see + https://cloud.google.com/sensitive-data-protection/docs/data-profiles#data-residency. items: - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectionRule' - GooglePrivacyDlpV2InspectionRule: - id: GooglePrivacyDlpV2InspectionRule - description: >- - A single inspection rule to be applied to infoTypes, specified in - `InspectionRuleSet`. + type: string + type: array + projectId: + description: >- + The project that will run the scan. The DLP service account that + exists within this project must have access to all resources that + are profiled, and the DLP API must be enabled. + type: string type: object - properties: - hotwordRule: - description: Hotword-based detection rule. - $ref: '#/components/schemas/GooglePrivacyDlpV2HotwordRule' - exclusionRule: - description: Exclusion rule. - $ref: '#/components/schemas/GooglePrivacyDlpV2ExclusionRule' - GooglePrivacyDlpV2ExclusionRule: - id: GooglePrivacyDlpV2ExclusionRule description: >- - The rule that specifies conditions when findings of infoTypes specified - in `InspectionRuleSet` are removed from results. - type: object + Configuration for setting up a job to scan resources for profile + generation. Only one data profile configuration may exist per + organization, folder, or project. The generated data profiles are + retained according to the [data retention policy] + (https://cloud.google.com/sensitive-data-protection/docs/data-profiles#retention). + id: GooglePrivacyDlpV2DataProfileJobConfig + GooglePrivacyDlpV2TransformationConfig: + description: >- + User specified templates and configs for how to deidentify structured, + unstructures, and image files. User must provide either a unstructured + deidentify template or at least one redact image config. properties: - dictionary: - description: Dictionary which defines the rule. - $ref: '#/components/schemas/GooglePrivacyDlpV2Dictionary' - regex: - description: Regular expression which defines the rule. - $ref: '#/components/schemas/GooglePrivacyDlpV2Regex' - excludeInfoTypes: - description: Set of infoTypes for which findings would affect this rule. - $ref: '#/components/schemas/GooglePrivacyDlpV2ExcludeInfoTypes' - excludeByHotword: + structuredDeidentifyTemplate: + type: string description: >- - Drop if the hotword rule is contained in the proximate context. For - tabular data, the context includes the column name. - $ref: '#/components/schemas/GooglePrivacyDlpV2ExcludeByHotword' - matchingType: - description: How the rule is applied, see MatchingType documentation for details. + Structured de-identify template. If this template is specified, it + will serve as the de-identify template for structured content such + as delimited files and tables. If this template is not set but the + `deidentify_template` is set, then `deidentify_template` will also + apply to the structured content. If neither template is set, a + default `ReplaceWithInfoTypeConfig` will be used to de-identify + structured content. + deidentifyTemplate: + description: >- + De-identify template. If this template is specified, it will serve + as the default de-identify template. This template cannot contain + `record_transformations` since it can be used for unstructured + content such as free-form text files. If this template is not set, a + default `ReplaceWithInfoTypeConfig` will be used to de-identify + unstructured content. + type: string + imageRedactTemplate: type: string - enumDescriptions: - - Invalid. - - >- - Full match. - Dictionary: join of Dictionary results matched - complete finding quote - Regex: all regex matches fill a finding - quote start to end - Exclude info type: completely inside - affecting info types findings - - >- - Partial match. - Dictionary: at least one of the tokens in the - finding matches - Regex: substring of the finding matches - - Exclude info type: intersects with affecting info types findings - - >- - Inverse match. - Dictionary: no tokens in the finding match the - dictionary - Regex: finding doesn't match the regex - Exclude info - type: no intersection with affecting info types findings - enum: - - MATCHING_TYPE_UNSPECIFIED - - MATCHING_TYPE_FULL_MATCH - - MATCHING_TYPE_PARTIAL_MATCH - - MATCHING_TYPE_INVERSE_MATCH - GooglePrivacyDlpV2ExcludeInfoTypes: - id: GooglePrivacyDlpV2ExcludeInfoTypes - description: List of excluded infoTypes. - type: object - properties: - infoTypes: description: >- - InfoType list in ExclusionRule rule drops a finding when it overlaps - or contained within with a finding of an infoType from this list. - For example, for `InspectionRuleSet.info_types` containing - "PHONE_NUMBER"` and `exclusion_rule` containing - `exclude_info_types.info_types` with "EMAIL_ADDRESS" the phone - number findings are dropped if they overlap with EMAIL_ADDRESS - finding. That leads to "555-222-2222@example.org" to generate only a - single finding, namely email address. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - GooglePrivacyDlpV2ExcludeByHotword: - id: GooglePrivacyDlpV2ExcludeByHotword + Image redact template. If this template is specified, it will serve + as the de-identify template for images. If this template is not set, + all findings in the image will be redacted with a black box. + id: GooglePrivacyDlpV2TransformationConfig + type: object + GooglePrivacyDlpV2PartitionId: description: >- - The rule to exclude findings based on a hotword. For record inspection - of tables, column names are considered hotwords. An example of this is - to exclude a finding if it belongs to a BigQuery column that matches a - specific pattern. + Datastore partition ID. A partition ID identifies a grouping of + entities. The grouping is always by project and namespace, however the + namespace ID may be empty. A partition ID contains several dimensions: + project ID and namespace ID. type: object + id: GooglePrivacyDlpV2PartitionId properties: - hotwordRegex: - description: Regular expression pattern defining what qualifies as a hotword. - $ref: '#/components/schemas/GooglePrivacyDlpV2Regex' - proximity: - description: >- - Range of characters within which the entire hotword must reside. The - total length of the window cannot exceed 1000 characters. The - windowBefore property in proximity should be set to 1 if the hotword - needs to be included in a column header. - $ref: '#/components/schemas/GooglePrivacyDlpV2Proximity' - GooglePrivacyDlpV2ContentItem: - id: GooglePrivacyDlpV2ContentItem - description: Type of content to inspect. + namespaceId: + description: If not empty, the ID of the namespace to which the entities belong. + type: string + projectId: + description: The ID of the project to which the entities belong. + type: string + GooglePrivacyDlpV2PublishToStackdriver: + type: object + properties: {} + id: GooglePrivacyDlpV2PublishToStackdriver + description: >- + Enable Stackdriver metric dlp.googleapis.com/finding_count. This will + publish a metric to stack driver on each infotype requested and how many + findings were found for it. CustomDetectors will be bucketed as 'Custom' + under the Stackdriver label 'info_type'. + GooglePrivacyDlpV2CreateStoredInfoTypeRequest: + description: Request message for CreateStoredInfoType. type: object properties: - value: - description: String data to inspect or redact. + config: + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoTypeConfig' + description: Required. Configuration of the storedInfoType to create. + locationId: + description: Deprecated. This field has no effect. + type: string + storedInfoTypeId: type: string - table: description: >- - Structured content for inspection. See - https://cloud.google.com/sensitive-data-protection/docs/inspecting-text#inspecting_a_table - to learn more. - $ref: '#/components/schemas/GooglePrivacyDlpV2Table' - byteItem: - description: Content data to inspect or redact. Replaces `type` and `data`. - $ref: '#/components/schemas/GooglePrivacyDlpV2ByteContentItem' - GooglePrivacyDlpV2Table: - id: GooglePrivacyDlpV2Table - description: >- - Structured content to inspect. Up to 50,000 `Value`s per request - allowed. See - https://cloud.google.com/sensitive-data-protection/docs/inspecting-structured-text#inspecting_a_table - to learn more. + The storedInfoType ID can contain uppercase and lowercase letters, + numbers, and hyphens; that is, it must match the regular expression: + `[a-zA-Z\d-_]+`. The maximum length is 100 characters. Can be empty + to allow the system to generate one. + id: GooglePrivacyDlpV2CreateStoredInfoTypeRequest + GooglePrivacyDlpV2RecordSuppression: type: object + description: >- + Configuration to suppress records whose suppression conditions evaluate + to true. properties: - headers: - description: Headers of the table. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - rows: - description: Rows of the table. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Row' - GooglePrivacyDlpV2FieldId: - id: GooglePrivacyDlpV2FieldId - description: General identifier of a data field in a storage service. - type: object + condition: + $ref: '#/components/schemas/GooglePrivacyDlpV2RecordCondition' + description: >- + A condition that when it evaluates to true will result in the record + being evaluated to be suppressed from the transformed content. + id: GooglePrivacyDlpV2RecordSuppression + GooglePrivacyDlpV2UpdateConnectionRequest: + description: Request message for UpdateConnection. properties: - name: - description: Name describing the field. + updateMask: + format: google-fieldmask type: string - GooglePrivacyDlpV2Row: - id: GooglePrivacyDlpV2Row - description: Values of the row. + description: Optional. Mask to control which fields get updated. + connection: + $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' + description: Required. The connection with new values for the relevant fields. type: object + id: GooglePrivacyDlpV2UpdateConnectionRequest + GooglePrivacyDlpV2ListDlpJobsResponse: properties: - values: - description: Individual cells. - type: array + jobs: + description: A list of DlpJobs that matches the specified filter in the request. items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Value' - GooglePrivacyDlpV2Value: - id: GooglePrivacyDlpV2Value - description: >- - Set of primitive values supported by the system. Note that for the - purposes of inspection or transformation, the number of bytes considered - to comprise a 'Value' is based on its representation as a UTF-8 encoded - string. For example, if 'integer_value' is set to 123456789, the number - of bytes would be counted as 9, even though an int64 only holds up to 8 - bytes of data. + $ref: '#/components/schemas/GooglePrivacyDlpV2DlpJob' + type: array + nextPageToken: + description: The standard List next-page token. + type: string + id: GooglePrivacyDlpV2ListDlpJobsResponse + type: object + description: The response message for listing DLP jobs. + GooglePrivacyDlpV2RecordLocation: + description: Location of a finding within a row or record. type: object + id: GooglePrivacyDlpV2RecordLocation properties: - integerValue: - description: integer - type: string - format: int64 - floatValue: - description: float - type: number - format: double - stringValue: - description: string - type: string - booleanValue: - description: boolean - type: boolean - timestampValue: - description: timestamp - type: string - format: google-datetime - timeValue: - description: time of day - $ref: '#/components/schemas/GoogleTypeTimeOfDay' - dateValue: - description: date - $ref: '#/components/schemas/GoogleTypeDate' - dayOfWeekValue: - description: day of week - type: string - enumDescriptions: - - The day of the week is unspecified. - - Monday - - Tuesday - - Wednesday - - Thursday - - Friday - - Saturday - - Sunday - enum: - - DAY_OF_WEEK_UNSPECIFIED - - MONDAY - - TUESDAY - - WEDNESDAY - - THURSDAY - - FRIDAY - - SATURDAY - - SUNDAY - GoogleTypeTimeOfDay: - id: GoogleTypeTimeOfDay - description: >- - Represents a time of day. The date and time zone are either not - significant or are specified elsewhere. An API may choose to allow leap - seconds. Related types are google.type.Date and - `google.protobuf.Timestamp`. + recordKey: + $ref: '#/components/schemas/GooglePrivacyDlpV2RecordKey' + description: Key of the finding. + fieldId: + description: Field id of the field containing the finding. + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + tableLocation: + $ref: '#/components/schemas/GooglePrivacyDlpV2TableLocation' + description: Location within a `ContentItem.Table`. + GooglePrivacyDlpV2OtherCloudDiscoveryTarget: type: object + description: >- + Target used to match against for discovery of resources from other + clouds. An [AWS connector in Security Command Center + (Enterprise](https://cloud.google.com/security-command-center/docs/connect-scc-to-aws) + is required to use this feature. + id: GooglePrivacyDlpV2OtherCloudDiscoveryTarget properties: - hours: + dataSourceType: + $ref: '#/components/schemas/GooglePrivacyDlpV2DataSourceType' description: >- - Hours of a day in 24 hour format. Must be greater than or equal to 0 - and typically must be less than or equal to 23. An API may choose to - allow the value "24:00:00" for scenarios like business closing time. - type: integer - format: int32 - minutes: + Required. The type of data profiles generated by this discovery + target. Supported values are: * aws/s3/bucket + generationCadence: description: >- - Minutes of an hour. Must be greater than or equal to 0 and less than - or equal to 59. - type: integer - format: int32 - seconds: + How often and when to update data profiles. New resources that match + both the filter and conditions are scanned as quickly as possible + depending on system capacity. + $ref: >- + #/components/schemas/GooglePrivacyDlpV2DiscoveryOtherCloudGenerationCadence + filter: + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryOtherCloudFilter' description: >- - Seconds of a minute. Must be greater than or equal to 0 and - typically must be less than or equal to 59. An API may allow the - value 60 if it allows leap-seconds. - type: integer - format: int32 - nanos: + Required. The resources that the discovery cadence applies to. The + first target with a matching filter will be the one to apply to a + resource. + conditions: description: >- - Fractions of seconds, in nanoseconds. Must be greater than or equal - to 0 and less than or equal to 999,999,999. - type: integer - format: int32 - GoogleTypeDate: - id: GoogleTypeDate - description: >- - Represents a whole or partial calendar date, such as a birthday. The - time of day and time zone are either specified elsewhere or are - insignificant. The date is relative to the Gregorian Calendar. This can - represent one of the following: * A full date, with non-zero year, - month, and day values. * A month and day, with a zero year (for example, - an anniversary). * A year on its own, with a zero month and a zero day. - * A year and month, with a zero day (for example, a credit card - expiration date). Related types: * google.type.TimeOfDay * - google.type.DateTime * google.protobuf.Timestamp + Optional. In addition to matching the filter, these conditions must + be true before a profile is generated. + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryOtherCloudConditions' + disabled: + description: Disable profiling for resources that match this filter. + $ref: '#/components/schemas/GooglePrivacyDlpV2Disabled' + GooglePrivacyDlpV2TransientCryptoKey: + id: GooglePrivacyDlpV2TransientCryptoKey type: object properties: - year: - description: >- - Year of the date. Must be from 1 to 9999, or 0 to specify a date - without a year. - type: integer - format: int32 - month: + name: description: >- - Month of a year. Must be from 1 to 12, or 0 to specify a year - without a month and day. - type: integer - format: int32 - day: + Required. Name of the key. This is an arbitrary string used to + differentiate different keys. A unique key is generated per name: + two separate `TransientCryptoKey` protos share the same generated + key if their names are the same. When the data crypto key is + generated, this name is not used in any way (repeating the api call + will result in a different key being generated). + type: string + description: >- + Use this to have a random data crypto key generated. It will be + discarded after the request finishes. + GooglePrivacyDlpV2AuxiliaryTable: + type: object + description: >- + An auxiliary table contains statistical information on the relative + frequency of different quasi-identifiers values. It has one or several + quasi-identifiers columns, and one column that indicates the relative + frequency of each quasi-identifier tuple. If a tuple is present in the + data but not in the auxiliary table, the corresponding relative + frequency is assumed to be zero (and thus, the tuple is highly + reidentifiable). + properties: + table: + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' + description: Required. Auxiliary table location. + relativeFrequency: description: >- - Day of a month. Must be from 1 to 31 and valid for the year and - month, or 0 to specify a year by itself or a year and month where - the day isn't significant. - type: integer - format: int32 - GooglePrivacyDlpV2ByteContentItem: - id: GooglePrivacyDlpV2ByteContentItem - description: Container for bytes to inspect or redact. + Required. The relative frequency column must contain a + floating-point number between 0 and 1 (inclusive). Null values are + assumed to be zero. + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + quasiIds: + description: Required. Quasi-identifier columns. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2QuasiIdField' + type: array + id: GooglePrivacyDlpV2AuxiliaryTable + GooglePrivacyDlpV2Action: type: object + description: >- + A task to execute on the completion of a job. See + https://cloud.google.com/sensitive-data-protection/docs/concepts-actions + to learn more. + id: GooglePrivacyDlpV2Action properties: - type: + publishSummaryToCscc: + description: Publish summary to Cloud Security Command Center (Alpha). + $ref: '#/components/schemas/GooglePrivacyDlpV2PublishSummaryToCscc' + publishFindingsToCloudDataCatalog: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2PublishFindingsToCloudDataCatalog + deprecated: true description: >- - The type of data stored in the bytes string. Default will be - TEXT_UTF8. - type: string - enumDescriptions: - - Unused - - Any image type. - - jpeg - - bmp - - png - - svg - - plain text - - docx, docm, dotx, dotm - - pdf - - pptx, pptm, potx, potm, pot - - xlsx, xlsm, xltx, xltm - - avro - - csv - - tsv - - Audio file types. Only used for profiling. - - Video file types. Only used for profiling. - - Executable file types. Only used for profiling. - - AI model file types. Only used for profiling. - enum: - - BYTES_TYPE_UNSPECIFIED - - IMAGE - - IMAGE_JPEG - - IMAGE_BMP - - IMAGE_PNG - - IMAGE_SVG - - TEXT_UTF8 - - WORD_DOCUMENT - - PDF - - POWERPOINT_DOCUMENT - - EXCEL_DOCUMENT - - AVRO - - CSV - - TSV - - AUDIO - - VIDEO - - EXECUTABLE - - AI_MODEL - data: - description: Content data to inspect or redact. - type: string - format: byte - GooglePrivacyDlpV2InspectContentResponse: - id: GooglePrivacyDlpV2InspectContentResponse - description: Results of inspecting an item. - type: object - properties: - result: - description: The findings. - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectResult' - GooglePrivacyDlpV2InspectResult: - id: GooglePrivacyDlpV2InspectResult - description: All the findings for a single scanned item. - type: object - properties: - findings: - description: List of findings for an item. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Finding' - findingsTruncated: + Deprecated because Data Catalog is being turned down. Use + publish_findings_to_dataplex_catalog to publish findings to Dataplex + Universal Catalog. + saveFindings: + description: Save resulting findings in a provided location. + $ref: '#/components/schemas/GooglePrivacyDlpV2SaveFindings' + pubSub: + description: Publish a notification to a Pub/Sub topic. + $ref: '#/components/schemas/GooglePrivacyDlpV2PublishToPubSub' + publishFindingsToDataplexCatalog: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2PublishFindingsToDataplexCatalog + description: Publish findings as an aspect to Dataplex Universal Catalog. + publishToStackdriver: + description: Enable Stackdriver metric dlp.googleapis.com/finding_count. + $ref: '#/components/schemas/GooglePrivacyDlpV2PublishToStackdriver' + deidentify: + $ref: '#/components/schemas/GooglePrivacyDlpV2Deidentify' + description: Create a de-identified copy of the input data. + jobNotificationEmails: description: >- - If true, then this item might have more findings than were returned, - and the findings returned are an arbitrary subset of all findings. - The findings list might be truncated because the input items were - too large, or because the server reached the maximum amount of - resources allowed for a single API call. For best results, divide - the input into smaller batches. - type: boolean - GooglePrivacyDlpV2Finding: - id: GooglePrivacyDlpV2Finding - description: Represents a piece of potentially sensitive content. - type: object + Sends an email when the job completes. The email goes to IAM project + owners and technical [Essential + Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). + $ref: '#/components/schemas/GooglePrivacyDlpV2JobNotificationEmails' + GooglePrivacyDlpV2DlpJob: properties: - name: - description: >- - Resource name in format - projects/{project}/locations/{location}/findings/{finding} Populated - only when viewing persisted findings. + jobTriggerName: type: string - quote: description: >- - The content that was found. Even if the content is not textual, it - may be converted to a textual representation here. Provided if - `include_quote` is true and the finding is less than or equal to - 4096 bytes long. If the finding exceeds 4096 bytes in length, the - quote may be omitted. + If created by a job trigger, the resource name of the trigger that + instantiated the job. + startTime: + description: Time when the job started. type: string - infoType: - description: >- - The type of content that might have been found. Provided if - `excluded_types` is false. - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - likelihood: - description: Confidence of how likely it is that the `info_type` is correct. + format: google-datetime + actionDetails: + description: Events that should occur after the job has completed. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2ActionDetails' + type: array + state: + description: State of a job. + enum: + - JOB_STATE_UNSPECIFIED + - PENDING + - RUNNING + - DONE + - CANCELED + - FAILED + - ACTIVE type: string enumDescriptions: - - Default value; same as POSSIBLE. - - Highest chance of a false positive. - - High chance of a false positive. - - Some matching signals. The default value. - - Low chance of a false positive. - - Confidence level is high. Lowest chance of a false positive. - enum: - - LIKELIHOOD_UNSPECIFIED - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - location: - description: Where the content was found. - $ref: '#/components/schemas/GooglePrivacyDlpV2Location' - createTime: - description: Timestamp when finding was detected. + - Unused. + - The job has not yet started. + - >- + The job is currently running. Once a job has finished it will + transition to FAILED or DONE. + - The job is no longer running. + - The job was canceled before it could be completed. + - The job had an error and did not complete. + - >- + The job is currently accepting findings via hybridInspect. A + hybrid job in ACTIVE state may continue to have findings added to + it through the calling of hybridInspect. After the job has + finished no more calls to hybridInspect may be made. ACTIVE jobs + can transition to DONE. + inspectDetails: + description: Results from inspecting a data source. + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectDataSourceDetails' + endTime: + format: google-datetime + description: Time when the job finished. type: string + errors: + type: array + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2Error' + description: A stream of errors encountered running the job. + riskDetails: + description: Results from analyzing risk of a data source. + $ref: '#/components/schemas/GooglePrivacyDlpV2AnalyzeDataSourceRiskDetails' + createTime: format: google-datetime - quoteInfo: - description: >- - Contains data parsed from quotes. Only populated if include_quote - was set to true and a supported infoType was requested. Currently - supported infoTypes: DATE, DATE_OF_BIRTH and TIME. - $ref: '#/components/schemas/GooglePrivacyDlpV2QuoteInfo' - resourceName: - description: The job that stored the finding. + description: Time when the job was created. type: string - triggerName: - description: Job trigger name, if applicable, for this finding. + type: + enumDescriptions: + - Defaults to INSPECT_JOB. + - The job inspected Google Cloud for sensitive data. + - The job executed a Risk Analysis computation. + enum: + - DLP_JOB_TYPE_UNSPECIFIED + - INSPECT_JOB + - RISK_ANALYSIS_JOB + description: The type of job. type: string - labels: - description: >- - The labels associated with this `Finding`. Label keys must be - between 1 and 63 characters long and must conform to the following - regular expression: `[a-z]([-a-z0-9]*[a-z0-9])?`. Label values must - be between 0 and 63 characters long and must conform to the regular - expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`. No more than 10 labels - can be associated with a given finding. Examples: * `"environment" : - "production"` * `"pipeline" : "etl"` - type: object - additionalProperties: - type: string - jobCreateTime: - description: Time the job started that produced this finding. + lastModified: type: string format: google-datetime - jobName: - description: The job that stored the finding. - type: string - findingId: - description: The unique finding id. + description: Time when the job was last modified by the system. + name: type: string - GooglePrivacyDlpV2Location: - id: GooglePrivacyDlpV2Location - description: Specifies the location of the finding. + description: The server-assigned name. + type: object + id: GooglePrivacyDlpV2DlpJob + description: Combines all of the information about a DLP job. + GooglePrivacyDlpV2SaveToGcsFindingsOutput: type: object + description: >- + Collection of findings saved to a Cloud Storage bucket. This is used as + the proto schema for textproto files created when specifying a cloud + storage path to save Inspect findings. properties: - byteRange: - description: >- - Zero-based byte offsets delimiting the finding. These are relative - to the finding's containing element. Note that when the content is - not textual, this references the UTF-8 encoded textual - representation of the content. Omitted if content is an image. - $ref: '#/components/schemas/GooglePrivacyDlpV2Range' - codepointRange: - description: >- - Unicode character offsets delimiting the finding. These are relative - to the finding's containing element. Provided when the content is - text. - $ref: '#/components/schemas/GooglePrivacyDlpV2Range' - contentLocations: - description: >- - List of nested objects pointing to the precise location of the - finding within the file or record. - type: array + findings: items: - $ref: '#/components/schemas/GooglePrivacyDlpV2ContentLocation' - container: - description: >- - Information about the container where this finding occurred, if - available. - $ref: '#/components/schemas/GooglePrivacyDlpV2Container' - GooglePrivacyDlpV2Range: - id: GooglePrivacyDlpV2Range - description: Generic half-open interval [start, end) - type: object - properties: - start: - description: Index of the first character of the range (inclusive). - type: string - format: int64 - end: - description: Index of the last character of the range (exclusive). - type: string - format: int64 - GooglePrivacyDlpV2ContentLocation: - id: GooglePrivacyDlpV2ContentLocation - description: >- - Precise location of the finding within a document, record, image, or - metadata container. - type: object + $ref: '#/components/schemas/GooglePrivacyDlpV2Finding' + type: array + description: List of findings. + id: GooglePrivacyDlpV2SaveToGcsFindingsOutput + GooglePrivacyDlpV2CreateInspectTemplateRequest: + id: GooglePrivacyDlpV2CreateInspectTemplateRequest properties: - containerName: - description: >- - Name of the container where the finding is located. The top level - name is the source file name or table name. Names of some common - storage containers are formatted as follows: * BigQuery tables: - `{project_id}:{dataset_id}.{table_id}` * Cloud Storage files: - `gs://{bucket}/{path}` * Datastore namespace: {namespace} Nested - names could be absent if the embedded object has no string - identifier (for example, an image contained within a document). - type: string - recordLocation: - description: Location within a row or record of a database table. - $ref: '#/components/schemas/GooglePrivacyDlpV2RecordLocation' - imageLocation: - description: Location within an image's pixels. - $ref: '#/components/schemas/GooglePrivacyDlpV2ImageLocation' - documentLocation: - description: Location data for document files. - $ref: '#/components/schemas/GooglePrivacyDlpV2DocumentLocation' - metadataLocation: - description: Location within the metadata for inspected content. - $ref: '#/components/schemas/GooglePrivacyDlpV2MetadataLocation' - containerTimestamp: - description: >- - Finding container modification timestamp, if applicable. For Cloud - Storage, this field contains the last file modification timestamp. - For a BigQuery table, this field contains the last_modified_time - property. For Datastore, this field isn't populated. + inspectTemplate: + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' + description: Required. The InspectTemplate to create. + templateId: type: string - format: google-datetime - containerVersion: description: >- - Finding container version, if available ("generation" for Cloud - Storage). + The template id can contain uppercase and lowercase letters, + numbers, and hyphens; that is, it must match the regular expression: + `[a-zA-Z\d-_]+`. The maximum length is 100 characters. Can be empty + to allow the system to generate one. + locationId: + description: Deprecated. This field has no effect. type: string - GooglePrivacyDlpV2RecordLocation: - id: GooglePrivacyDlpV2RecordLocation - description: Location of a finding within a row or record. - type: object - properties: - recordKey: - description: Key of the finding. - $ref: '#/components/schemas/GooglePrivacyDlpV2RecordKey' - fieldId: - description: Field id of the field containing the finding. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - tableLocation: - description: Location within a `ContentItem.Table`. - $ref: '#/components/schemas/GooglePrivacyDlpV2TableLocation' - GooglePrivacyDlpV2RecordKey: - id: GooglePrivacyDlpV2RecordKey - description: Message for a unique key indicating a record that contains a finding. - type: object - properties: - datastoreKey: - description: BigQuery key - $ref: '#/components/schemas/GooglePrivacyDlpV2DatastoreKey' - bigQueryKey: - description: Datastore key - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryKey' - idValues: - description: >- - Values of identifying columns in the given row. Order of values - matches the order of `identifying_fields` specified in the scanning - request. - type: array - items: - type: string - GooglePrivacyDlpV2DatastoreKey: - id: GooglePrivacyDlpV2DatastoreKey - description: Record key for a finding in Cloud Datastore. type: object - properties: - entityKey: - description: Datastore entity key. - $ref: '#/components/schemas/GooglePrivacyDlpV2Key' - GooglePrivacyDlpV2Key: - id: GooglePrivacyDlpV2Key - description: >- - A unique identifier for a Datastore entity. If a key's partition ID or - any of its path kinds or names are reserved/read-only, the key is - reserved/read-only. A reserved/read-only key is forbidden in certain - documented contexts. + description: Request message for CreateInspectTemplate. + GooglePrivacyDlpV2DataProfileConfigSnapshot: type: object properties: - partitionId: + inspectConfig: description: >- - Entities are partitioned into subsets, currently identified by a - project ID and namespace ID. Queries are scoped to a single - partition. - $ref: '#/components/schemas/GooglePrivacyDlpV2PartitionId' - path: + A copy of the inspection config used to generate this profile. This + is a copy of the inspect_template specified in + `DataProfileJobConfig`. + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectConfig' + dataProfileJob: + $ref: '#/components/schemas/GooglePrivacyDlpV2DataProfileJobConfig' description: >- - The entity path. An entity path consists of one or more elements - composed of a kind and a string or numerical identifier, which - identify entities. The first element identifies a _root entity_, the - second element identifies a _child_ of the root entity, the third - element identifies a child of the second entity, and so forth. The - entities identified by all prefixes of the path are called the - element's _ancestors_. A path can never be empty, and a path can - have at most 100 elements. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2PathElement' - GooglePrivacyDlpV2PartitionId: - id: GooglePrivacyDlpV2PartitionId - description: >- - Datastore partition ID. A partition ID identifies a grouping of - entities. The grouping is always by project and namespace, however the - namespace ID may be empty. A partition ID contains several dimensions: - project ID and namespace ID. - type: object - properties: - projectId: - description: The ID of the project to which the entities belong. + A copy of the configuration used to generate this profile. This is + deprecated, and the DiscoveryConfig field is preferred moving + forward. DataProfileJobConfig will still be written here for + Discovery in BigQuery for backwards compatibility, but will not be + updated with new fields, while DiscoveryConfig will. + deprecated: true + discoveryConfig: + description: A copy of the configuration used to generate this profile. + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' + inspectTemplateModifiedTime: + format: google-datetime type: string - namespaceId: - description: If not empty, the ID of the namespace to which the entities belong. + description: Timestamp when the template was modified + inspectTemplateName: + description: Name of the inspection template used to generate this profile type: string - GooglePrivacyDlpV2PathElement: - id: GooglePrivacyDlpV2PathElement - description: >- - A (kind, ID/name) pair used to construct a key path. If either name or - ID is set, the element is complete. If neither is set, the element is - incomplete. + description: Snapshot of the configurations used to generate the profile. + id: GooglePrivacyDlpV2DataProfileConfigSnapshot + GooglePrivacyDlpV2AllOtherResources: + id: GooglePrivacyDlpV2AllOtherResources + description: Match discovery resources not covered by any other filter. type: object + properties: {} + GooglePrivacyDlpV2TransformationLocation: properties: - kind: - description: >- - The kind of the entity. A kind matching regex `__.*__` is - reserved/read-only. A kind must not contain more than 1500 bytes - when UTF-8 encoded. Cannot be `""`. + findingId: type: string - id: description: >- - The auto-allocated ID of the entity. Never equal to zero. Values - less than zero are discouraged and may not be supported in the - future. - type: string - format: int64 - name: + For infotype transformations, link to the corresponding findings ID + so that location information does not need to be duplicated. Each + findings ID correlates to an entry in the findings output table, + this table only gets created when users specify to save findings + (add the save findings action to the request). + recordTransformation: description: >- - The name of the entity. A name matching regex `__.*__` is - reserved/read-only. A name must not be more than 1500 bytes when - UTF-8 encoded. Cannot be `""`. + For record transformations, provide a field and container + information. + $ref: '#/components/schemas/GooglePrivacyDlpV2RecordTransformation' + containerType: + enumDescriptions: + - Unused. + - Body of a file. + - Metadata for a file. + - A table. + enum: + - TRANSFORM_UNKNOWN_CONTAINER + - TRANSFORM_BODY + - TRANSFORM_METADATA + - TRANSFORM_TABLE + description: >- + Information about the functionality of the container where this + finding occurred, if available. type: string - GooglePrivacyDlpV2BigQueryKey: - id: GooglePrivacyDlpV2BigQueryKey - description: Row key for identifying a record in BigQuery table. type: object + id: GooglePrivacyDlpV2TransformationLocation + description: Specifies the location of a transformation. + GooglePrivacyDlpV2UpdateDeidentifyTemplateRequest: properties: - tableReference: - description: Complete BigQuery table reference. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' - rowNumber: - description: >- - Row number inferred at the time the table was scanned. This value is - nondeterministic, cannot be queried, and may be null for inspection - jobs. To locate findings within a table, specify - `inspect_job.storage_config.big_query_options.identifying_fields` in - `CreateDlpJobRequest`. + updateMask: type: string - format: int64 - GooglePrivacyDlpV2BigQueryTable: - id: GooglePrivacyDlpV2BigQueryTable + format: google-fieldmask + description: Mask to control which fields get updated. + deidentifyTemplate: + description: New DeidentifyTemplate value. + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' + type: object + id: GooglePrivacyDlpV2UpdateDeidentifyTemplateRequest + description: Request message for UpdateDeidentifyTemplate. + GooglePrivacyDlpV2StoredInfoTypeVersion: + id: GooglePrivacyDlpV2StoredInfoTypeVersion description: >- - Message defining the location of a BigQuery table. A table is uniquely - identified by its project_id, dataset_id, and table_name. Within a query - a table is often referenced with a string in the format of: `:.` or - `..`. + Version of a StoredInfoType, including the configuration used to build + it, create timestamp, and current state. type: object properties: - projectId: + state: description: >- - The Google Cloud project ID of the project containing the table. If - omitted, project ID is inferred from the API call. - type: string - datasetId: - description: Dataset ID of the table. + Stored info type version state. Read-only, updated by the system + during dictionary creation. + enumDescriptions: + - Unused + - StoredInfoType version is being created. + - StoredInfoType version is ready for use. + - >- + StoredInfoType creation failed. All relevant error messages are + returned in the `StoredInfoTypeVersion` message. + - >- + StoredInfoType is no longer valid because artifacts stored in + user-controlled storage were modified. To fix an invalid + StoredInfoType, use the `UpdateStoredInfoType` method to create a + new version. type: string - tableId: - description: Name of the table. + enum: + - STORED_INFO_TYPE_STATE_UNSPECIFIED + - PENDING + - READY + - FAILED + - INVALID + createTime: + description: >- + Create timestamp of the version. Read-only, determined by the system + when the version is created. + format: google-datetime type: string - GooglePrivacyDlpV2TableLocation: - id: GooglePrivacyDlpV2TableLocation - description: Location of a finding within a table. + stats: + description: Statistics about this storedInfoType version. + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoTypeStats' + errors: + type: array + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2Error' + description: >- + Errors that occurred when creating this storedInfoType version, or + anomalies detected in the storedInfoType data that render it + unusable. Only the five most recent errors will be displayed, with + the most recent error appearing first. For example, some of the data + for stored custom dictionaries is put in the user's Cloud Storage + bucket, and if this data is modified or deleted by the user or + another system, the dictionary becomes invalid. If any errors occur, + fix the problem indicated by the error message and use the + UpdateStoredInfoType API method to create another version of the + storedInfoType to continue using it, reusing the same `config` if it + was not the source of the error. + config: + description: StoredInfoType configuration. + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoTypeConfig' + GooglePrivacyDlpV2FileSet: + description: Set of files to scan. type: object + id: GooglePrivacyDlpV2FileSet properties: - rowIndex: + url: description: >- - The zero-based index of the row where the finding is located. Only - populated for resources that have a natural ordering, not BigQuery. - In BigQuery, to identify the row a finding came from, populate - BigQueryOptions.identifying_fields with your primary key column - names and when you store the findings the value of those columns - will be stored inside of Finding. + The Cloud Storage url of the file(s) to scan, in the format + `gs:///`. Trailing wildcard in the path is allowed. If the url ends + in a trailing slash, the bucket or directory represented by the url + will be scanned non-recursively (content in sub-directories will not + be scanned). This means that `gs://mybucket/` is equivalent to + `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to + `gs://mybucket/directory/*`. Exactly one of `url` or + `regex_file_set` must be set. type: string - format: int64 - GooglePrivacyDlpV2ImageLocation: - id: GooglePrivacyDlpV2ImageLocation - description: Location of the finding within an image. - type: object - properties: - boundingBoxes: + regexFileSet: description: >- - Bounding boxes locating the pixels within the image containing the - finding. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2BoundingBox' - GooglePrivacyDlpV2BoundingBox: - id: GooglePrivacyDlpV2BoundingBox - description: Bounding box encompassing detected text within an image. + The regex-filtered set of files to scan. Exactly one of `url` or + `regex_file_set` must be set. + $ref: '#/components/schemas/GooglePrivacyDlpV2CloudStorageRegexFileSet' + GooglePrivacyDlpV2FileStoreCollection: type: object + id: GooglePrivacyDlpV2FileStoreCollection properties: - top: - description: Top coordinate of the bounding box. (0,0) is upper left. - type: integer - format: int32 - left: - description: Left coordinate of the bounding box. (0,0) is upper left. - type: integer - format: int32 - width: - description: Width of the bounding box in pixels. - type: integer - format: int32 - height: - description: Height of the bounding box in pixels. - type: integer - format: int32 - GooglePrivacyDlpV2DocumentLocation: - id: GooglePrivacyDlpV2DocumentLocation - description: Location of a finding within a document. + includeRegexes: + description: >- + Optional. A collection of regular expressions to match a file store + against. + $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreRegexes' + includeTags: + description: >- + Optional. To be included in the collection, a resource must meet all + of the following requirements: - If tag filters are provided, match + all provided tag filters. - If one or more patterns are specified, + match at least one pattern. For a resource to match the tag filters, + the resource must have all of the provided tags attached. Tags refer + to Resource Manager tags bound to the resource or its ancestors. For + more information, see [Manage + schedules](https://cloud.google.com/sensitive-data-protection/docs/profile-project-cloud-storage#manage-schedules). + $ref: '#/components/schemas/GooglePrivacyDlpV2TagFilters' + description: Match file stores (e.g. buckets) using filters. + GooglePrivacyDlpV2DiscoveryFileStoreConditions: type: object + description: >- + Requirements that must be true before a file store is scanned in + discovery for the first time. There is an AND relationship between the + top-level attributes. + id: GooglePrivacyDlpV2DiscoveryFileStoreConditions properties: - fileOffset: + createdAfter: + type: string description: >- - Offset of the line, from the beginning of the file, where the - finding is located. + Optional. File store must have been created after this date. Used to + avoid backfilling. + format: google-datetime + cloudStorageConditions: + description: Optional. Cloud Storage conditions. + $ref: >- + #/components/schemas/GooglePrivacyDlpV2DiscoveryCloudStorageConditions + minAge: type: string - format: int64 - GooglePrivacyDlpV2MetadataLocation: - id: GooglePrivacyDlpV2MetadataLocation - description: Metadata Location - type: object + format: google-duration + description: >- + Optional. Minimum age a file store must have. If set, the value must + be 1 hour or greater. + GooglePrivacyDlpV2UpdateDiscoveryConfigRequest: properties: - type: - description: Type of metadata containing the finding. + discoveryConfig: + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' + description: Required. New DiscoveryConfig value. + updateMask: type: string + description: Mask to control which fields get updated. + format: google-fieldmask + id: GooglePrivacyDlpV2UpdateDiscoveryConfigRequest + type: object + description: Request message for UpdateDiscoveryConfig. + GooglePrivacyDlpV2BigQueryDiscoveryTarget: + type: object + properties: + disabled: + $ref: '#/components/schemas/GooglePrivacyDlpV2Disabled' + description: Tables that match this filter will not have profiles created. + filter: + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryBigQueryFilter' + description: >- + Required. The tables the discovery cadence applies to. The first + target with a matching filter will be the one to apply to a table. + cadence: + description: >- + How often and when to update profiles. New tables that match both + the filter and conditions are scanned as quickly as possible + depending on system capacity. + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryGenerationCadence' + conditions: + description: >- + In addition to matching the filter, these conditions must be true + before a profile is generated. + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryBigQueryConditions' + id: GooglePrivacyDlpV2BigQueryDiscoveryTarget + description: Target used to match against for discovery with BigQuery tables + GooglePrivacyDlpV2TimePartConfig: + id: GooglePrivacyDlpV2TimePartConfig + properties: + partToExtract: enumDescriptions: - Unused - - General file metadata provided by Cloud Storage. + - '[0-9999]' + - '[1-12]' + - '[1-31]' + - '[1-7]' + - '[1-53]' + - '[0-23]' enum: - - METADATATYPE_UNSPECIFIED - - STORAGE_METADATA - storageLabel: - description: Storage metadata. - $ref: '#/components/schemas/GooglePrivacyDlpV2StorageMetadataLabel' - GooglePrivacyDlpV2StorageMetadataLabel: - id: GooglePrivacyDlpV2StorageMetadataLabel + - TIME_PART_UNSPECIFIED + - YEAR + - MONTH + - DAY_OF_MONTH + - DAY_OF_WEEK + - WEEK_OF_YEAR + - HOUR_OF_DAY + description: The part of the time to keep. + type: string description: >- - Storage metadata label to indicate which metadata entry contains - findings. + For use with `Date`, `Timestamp`, and `TimeOfDay`, extract or preserve a + portion of the value. type: object + GooglePrivacyDlpV2ImageFallbackLocation: + id: GooglePrivacyDlpV2ImageFallbackLocation properties: - key: - description: Label name. - type: string - GooglePrivacyDlpV2Container: - id: GooglePrivacyDlpV2Container + multiRegionProcessing: + description: >- + Processing occurs in a multi-region that contains the current region + if available. + $ref: '#/components/schemas/GooglePrivacyDlpV2MultiRegionProcessing' + globalProcessing: + $ref: '#/components/schemas/GooglePrivacyDlpV2GlobalProcessing' + description: Processing occurs in the global region. description: >- - Represents a container that may contain DLP findings. Examples of a - container include a file, table, or database record. + Configure image processing to fall back to any of the following + processing options if image processing is unavailable in the original + request location. + type: object + GooglePrivacyDlpV2BigQueryOptions: + description: Options defining BigQuery table and row identifiers. type: object properties: - type: - description: Container type, for example BigQuery or Cloud Storage. - type: string - projectId: - description: >- - Project where the finding was found. Can be different from the - project that owns the finding. - type: string - fullPath: + identifyingFields: + type: array + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' description: >- - A string representation of the full container name. Examples: - - BigQuery: 'Project:DataSetId.TableId' - Cloud Storage: - 'gs://Bucket/folders/filename.txt' + Table fields that may uniquely identify a row within the table. When + `actions.saveFindings.outputConfig.table` is specified, the values + of columns specified here are available in the output table under + `location.content_locations.record_location.record_key.id_values`. + Nested fields such as `person.birthdate.year` are allowed. + tableReference: + description: Complete BigQuery table reference. + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' + rowsLimitPercent: + type: integer + description: >- + Max percentage of rows to scan. The rest are omitted. The number of + rows scanned is rounded down. Must be between 0 and 100, + inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one + of rows_limit and rows_limit_percent can be specified. Cannot be + used in conjunction with TimespanConfig. Caution: A [known + issue](https://cloud.google.com/sensitive-data-protection/docs/known-issues#bq-sampling) + is causing the `rowsLimitPercent` field to behave unexpectedly. We + recommend using `rowsLimit` instead. + format: int32 + includedFields: + description: >- + Limit scanning only to these fields. When inspecting a table, we + recommend that you inspect all columns. Otherwise, findings might be + affected because hints from excluded columns will not be used. + type: array + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + excludedFields: + description: >- + References to fields excluded from scanning. This allows you to skip + inspection of entire columns which you know have no findings. When + inspecting a table, we recommend that you inspect all columns. + Otherwise, findings might be affected because hints from excluded + columns will not be used. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + type: array + sampleMethod: + enumDescriptions: + - No sampling. + - >- + Scan groups of rows in the order BigQuery provides (default). + Multiple groups of rows may be scanned in parallel, so results may + not appear in the same order the rows are read. + - Randomly pick groups of rows to scan. + description: How to sample the data. + enum: + - SAMPLE_METHOD_UNSPECIFIED + - TOP + - RANDOM_START + type: string + rowsLimit: type: string - rootPath: description: >- - The root of the container. Examples: - For BigQuery table - `project_id:dataset_id.table_id`, the root is `dataset_id` - For - Cloud Storage file `gs://bucket/folder/filename.txt`, the root is - `gs://bucket` + Max number of rows to scan. If the table has more rows than this + value, the rest of the rows are omitted. If not set, or if set to 0, + all rows will be scanned. Only one of rows_limit and + rows_limit_percent can be specified. Cannot be used in conjunction + with TimespanConfig. + format: int64 + id: GooglePrivacyDlpV2BigQueryOptions + GooglePrivacyDlpV2ColumnDataProfile: + properties: + dataRiskLevel: + description: The data risk level for this column. + $ref: '#/components/schemas/GooglePrivacyDlpV2DataRiskLevel' + estimatedUniquenessScore: type: string - relativePath: + enum: + - UNIQUENESS_SCORE_LEVEL_UNSPECIFIED + - UNIQUENESS_SCORE_LOW + - UNIQUENESS_SCORE_MEDIUM + - UNIQUENESS_SCORE_HIGH + description: Approximate uniqueness of the column. + enumDescriptions: + - >- + Some columns do not have estimated uniqueness. Possible reasons + include having too few values. + - >- + Low uniqueness, possibly a boolean, enum or similiarly typed + column. + - Medium uniqueness. + - >- + High uniqueness, possibly a column of free text or unique + identifiers. + tableDataProfile: + type: string + description: The resource name of the table data profile. + datasetId: description: >- - The rest of the path after the root. Examples: - For BigQuery table - `project_id:dataset_id.table_id`, the relative path is `table_id` - - For Cloud Storage file `gs://bucket/folder/filename.txt`, the - relative path is `folder/filename.txt` + The BigQuery dataset ID, if the resource profiled is a BigQuery + table. type: string - updateTime: + policyState: + type: string + enum: + - COLUMN_POLICY_STATE_UNSPECIFIED + - COLUMN_POLICY_TAGGED + description: Indicates if a policy tag has been applied to the column. + enumDescriptions: + - No policy tags. + - Column has policy tag applied. + tableId: + description: The table ID. + type: string + profileStatus: description: >- - Findings container modification timestamp, if applicable. For Cloud - Storage, this field contains the last file modification timestamp. - For a BigQuery table, this field contains the last_modified_time - property. For Datastore, this field isn't populated. + Success or error status from the most recent profile generation + attempt. May be empty if the profile is still being generated. + $ref: '#/components/schemas/GooglePrivacyDlpV2ProfileStatus' + datasetProjectId: + description: The Google Cloud project ID that owns the profiled resource. + type: string + columnType: + enum: + - COLUMN_DATA_TYPE_UNSPECIFIED + - TYPE_INT64 + - TYPE_BOOL + - TYPE_FLOAT64 + - TYPE_STRING + - TYPE_BYTES + - TYPE_TIMESTAMP + - TYPE_DATE + - TYPE_TIME + - TYPE_DATETIME + - TYPE_GEOGRAPHY + - TYPE_NUMERIC + - TYPE_RECORD + - TYPE_BIGNUMERIC + - TYPE_JSON + - TYPE_INTERVAL + - TYPE_RANGE_DATE + - TYPE_RANGE_DATETIME + - TYPE_RANGE_TIMESTAMP + description: The data type of a given column. + type: string + enumDescriptions: + - Invalid type. + - Encoded as a string in decimal format. + - Encoded as a boolean "false" or "true". + - Encoded as a number, or string "NaN", "Infinity" or "-Infinity". + - Encoded as a string value. + - Encoded as a base64 string per RFC 4648, section 4. + - >- + Encoded as an RFC 3339 timestamp with mandatory "Z" time zone + string: 1985-04-12T23:20:50.52Z + - 'Encoded as RFC 3339 full-date format string: 1985-04-12' + - 'Encoded as RFC 3339 partial-time format string: 23:20:50.52' + - >- + Encoded as RFC 3339 full-date "T" partial-time: + 1985-04-12T23:20:50.52 + - Encoded as WKT + - Encoded as a decimal string. + - Container of ordered fields, each with a type and field name. + - Decimal type. + - Json type. + - Interval type. + - '`Range` type.' + - '`Range` type.' + - '`Range` type.' + estimatedNullPercentage: + enumDescriptions: + - Unused. + - Very few null entries. + - Some null entries. + - A few null entries. + - A lot of null entries. type: string + description: Approximate percentage of entries being null in the column. + enum: + - NULL_PERCENTAGE_LEVEL_UNSPECIFIED + - NULL_PERCENTAGE_VERY_LOW + - NULL_PERCENTAGE_LOW + - NULL_PERCENTAGE_MEDIUM + - NULL_PERCENTAGE_HIGH + profileLastGenerated: format: google-datetime - version: + type: string + description: The last time the profile was generated. + freeTextScore: + format: double description: >- - Findings container version, if available ("generation" for Cloud - Storage). + The likelihood that this column contains free-form text. A value + close to 1 may indicate the column is likely to contain free-form or + natural language text. Range in 0-1. + type: number + sensitivityScore: + $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' + description: The sensitivity of this column. + tableFullResource: type: string - GooglePrivacyDlpV2QuoteInfo: - id: GooglePrivacyDlpV2QuoteInfo - description: Message for infoType-dependent details parsed from quote. - type: object - properties: - dateTime: - description: The date time indicated by the quote. - $ref: '#/components/schemas/GooglePrivacyDlpV2DateTime' - GooglePrivacyDlpV2DateTime: - id: GooglePrivacyDlpV2DateTime - description: Message for a date time object. e.g. 2018-01-01, 5th August. - type: object - properties: - date: + description: The resource name of the resource this column is within. + name: + description: The name of the profile. + type: string + otherMatches: + type: array + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2OtherInfoTypeSummary' + description: Other types found within this column. List will be unordered. + columnInfoType: + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeSummary' description: >- - One or more of the following must be set. Must be a valid date or - time value. - $ref: '#/components/schemas/GoogleTypeDate' - dayOfWeek: - description: Day of week + If it's been determined this column can be identified as a single + type, this will be set. Otherwise the column either has + unidentifiable content or mixed types. + state: type: string + description: State of a profile. enumDescriptions: - - The day of the week is unspecified. - - Monday - - Tuesday - - Wednesday - - Thursday - - Friday - - Saturday - - Sunday + - Unused. + - >- + The profile is currently running. Once a profile has finished it + will transition to DONE. + - >- + The profile is no longer generating. If profile_status.status.code + is 0, the profile succeeded, otherwise, it failed. enum: - - DAY_OF_WEEK_UNSPECIFIED - - MONDAY - - TUESDAY - - WEDNESDAY - - THURSDAY - - FRIDAY - - SATURDAY - - SUNDAY - time: - description: Time of day - $ref: '#/components/schemas/GoogleTypeTimeOfDay' - timeZone: - description: Time zone - $ref: '#/components/schemas/GooglePrivacyDlpV2TimeZone' - GooglePrivacyDlpV2TimeZone: - id: GooglePrivacyDlpV2TimeZone - description: Time zone of the date time object. - type: object - properties: - offsetMinutes: + - STATE_UNSPECIFIED + - RUNNING + - DONE + datasetLocation: + type: string description: >- - Set only if the offset can be determined. Positive for time ahead of - UTC. E.g. For "UTC-9", this value is -540. - type: integer - format: int32 - GooglePrivacyDlpV2RedactImageRequest: - id: GooglePrivacyDlpV2RedactImageRequest - description: >- - Request to search for potentially sensitive info in an image and redact - it by covering it with a colored rectangle. + If supported, the location where the dataset's data is stored. See + https://cloud.google.com/bigquery/docs/locations for supported + BigQuery locations. + column: + description: The name of the column. + type: string + description: The profile for a scanned column within a table. type: object + id: GooglePrivacyDlpV2ColumnDataProfile + GooglePrivacyDlpV2ListInspectTemplatesResponse: properties: - locationId: - description: Deprecated. This field has no effect. + nextPageToken: + description: >- + If the next page is available then the next page token to be used in + the following ListInspectTemplates request. type: string - inspectConfig: - description: Configuration for the inspector. - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectConfig' - imageRedactionConfigs: - description: The configuration for specifying what content to redact from images. + inspectTemplates: type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2ImageRedactionConfig' - includeFindings: description: >- - Whether the response should include findings along with the redacted - image. - type: boolean - byteItem: - description: The content must be PNG, JPEG, SVG or BMP. - $ref: '#/components/schemas/GooglePrivacyDlpV2ByteContentItem' - GooglePrivacyDlpV2ImageRedactionConfig: - id: GooglePrivacyDlpV2ImageRedactionConfig - description: Configuration for determining how redaction of images should occur. + List of inspectTemplates, up to page_size in + ListInspectTemplatesRequest. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' + description: Response message for ListInspectTemplates. + id: GooglePrivacyDlpV2ListInspectTemplatesResponse + type: object + GooglePrivacyDlpV2TransformationSummary: + id: GooglePrivacyDlpV2TransformationSummary type: object + description: >- + Summary of a single transformation. Only one of 'transformation', + 'field_transformation', or 'record_suppress' will be set. properties: + transformedBytes: + type: string + description: Total size in bytes that were transformed in some way. + format: int64 + transformation: + description: The specific transformation these stats apply to. + $ref: '#/components/schemas/GooglePrivacyDlpV2PrimitiveTransformation' infoType: - description: >- - Only one per info_type should be provided per request. If not - specified, and redact_all_text is false, the DLP API will redact all - text that it matches against all info_types that are found, but not - specified in another ImageRedactionConfig. + description: Set if the transformation was limited to a specific InfoType. $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - redactAllText: + recordSuppress: + $ref: '#/components/schemas/GooglePrivacyDlpV2RecordSuppression' + description: The specific suppression option these stats apply to. + field: + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + description: Set if the transformation was limited to a specific FieldId. + fieldTransformations: description: >- - If true, all text found in the image, regardless whether it matches - an info_type, is redacted. Only one should be provided. - type: boolean - redactionColor: + The field transformation that was applied. If multiple field + transformations are requested for a single field, this list will + contain all of them; otherwise, only one is supplied. + type: array + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldTransformation' + results: + type: array + description: Collection of all transformations that took place or had an error. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2SummaryResult' + GooglePrivacyDlpV2Key: + properties: + partitionId: description: >- - The color to use when redacting content from an image. If not - specified, the default is black. - $ref: '#/components/schemas/GooglePrivacyDlpV2Color' - GooglePrivacyDlpV2Color: - id: GooglePrivacyDlpV2Color - description: Represents a color in the RGB color space. + Entities are partitioned into subsets, currently identified by a + project ID and namespace ID. Queries are scoped to a single + partition. + $ref: '#/components/schemas/GooglePrivacyDlpV2PartitionId' + path: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2PathElement' + type: array + description: >- + The entity path. An entity path consists of one or more elements + composed of a kind and a string or numerical identifier, which + identify entities. The first element identifies a _root entity_, the + second element identifies a _child_ of the root entity, the third + element identifies a child of the second entity, and so forth. The + entities identified by all prefixes of the path are called the + element's _ancestors_. A path can never be empty, and a path can + have at most 100 elements. type: object + description: >- + A unique identifier for a Datastore entity. If a key's partition ID or + any of its path kinds or names are reserved/read-only, the key is + reserved/read-only. A reserved/read-only key is forbidden in certain + documented contexts. + id: GooglePrivacyDlpV2Key + GooglePrivacyDlpV2TransformationErrorHandling: + description: >- + How to handle transformation errors during de-identification. A + transformation error occurs when the requested transformation is + incompatible with the data. For example, trying to de-identify an IP + address using a `DateShift` transformation would result in a + transformation error, since date info cannot be extracted from an IP + address. Information about any incompatible transformations, and how + they were handled, is returned in the response as part of the + `TransformationOverviews`. + id: GooglePrivacyDlpV2TransformationErrorHandling properties: - red: - description: The amount of red in the color as a value in the interval [0, 1]. - type: number - format: float - green: - description: The amount of green in the color as a value in the interval [0, 1]. - type: number - format: float - blue: - description: The amount of blue in the color as a value in the interval [0, 1]. - type: number - format: float - GooglePrivacyDlpV2RedactImageResponse: - id: GooglePrivacyDlpV2RedactImageResponse - description: Results of redacting an image. + leaveUntransformed: + description: Ignore errors + $ref: '#/components/schemas/GooglePrivacyDlpV2LeaveUntransformed' + throwError: + description: Throw an error + $ref: '#/components/schemas/GooglePrivacyDlpV2ThrowError' + type: object + GooglePrivacyDlpV2DataProfilePubSubMessage: + id: GooglePrivacyDlpV2DataProfilePubSubMessage type: object + description: >- + Pub/Sub topic message for a DataProfileAction.PubSubNotification event. + To receive a message of protocol buffer schema type, convert the message + data to an object of this proto class. properties: - redactedImage: - description: The redacted image. The type will be the same as the original image. + event: + enumDescriptions: + - Unused. + - New profile (not a re-profile). + - >- + One of the following profile metrics changed: Data risk score, + Sensitivity score, Resource visibility, Encryption type, Predicted + infoTypes, Other infoTypes + - Table data risk score or sensitivity score increased. + - A user (non-internal) error occurred. + enum: + - EVENT_TYPE_UNSPECIFIED + - NEW_PROFILE + - CHANGED_PROFILE + - SCORE_INCREASED + - ERROR_CHANGED type: string - format: byte - extractedText: + description: The event that caused the Pub/Sub message to be sent. + profile: description: >- - If an image was being inspected and the InspectConfig's - include_quote was set to true, then this field will include all - text, if any, that was found in the image. - type: string - inspectResult: + If `DetailLevel` is `TABLE_PROFILE` this will be fully populated. + Otherwise, if `DetailLevel` is `RESOURCE_NAME`, then only `name` and + `full_resource` will be populated. + $ref: '#/components/schemas/GooglePrivacyDlpV2TableDataProfile' + fileStoreProfile: description: >- - The findings. Populated when include_findings in the request is - true. - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectResult' - GooglePrivacyDlpV2DeidentifyContentRequest: - id: GooglePrivacyDlpV2DeidentifyContentRequest - description: Request to de-identify a ContentItem. - type: object + If `DetailLevel` is `FILE_STORE_PROFILE` this will be fully + populated. Otherwise, if `DetailLevel` is `RESOURCE_NAME`, then only + `name` and `file_store_path` will be populated. + $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreDataProfile' + GooglePrivacyDlpV2ReplaceDictionaryConfig: properties: - deidentifyConfig: - description: >- - Configuration for the de-identification of the content item. Items - specified here will override the template referenced by the - deidentify_template_name argument. - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyConfig' - inspectConfig: - description: >- - Configuration for the inspector. Items specified here will override - the template referenced by the inspect_template_name argument. - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectConfig' - item: - description: >- - The item to de-identify. Will be treated as text. This value must be - of type Table if your deidentify_config is a RecordTransformations - object. - $ref: '#/components/schemas/GooglePrivacyDlpV2ContentItem' - inspectTemplateName: - description: >- - Template to use. Any configuration directly specified in - inspect_config will override those set in the template. Singular - fields that are set in this request will replace their corresponding - fields in the template. Repeated fields are appended. Singular - sub-messages and groups are recursively merged. - type: string - deidentifyTemplateName: + wordList: + $ref: '#/components/schemas/GooglePrivacyDlpV2WordList' description: >- - Template to use. Any configuration directly specified in - deidentify_config will override those set in the template. Singular - fields that are set in this request will replace their corresponding - fields in the template. Repeated fields are appended. Singular - sub-messages and groups are recursively merged. - type: string - locationId: - description: Deprecated. This field has no effect. - type: string - GooglePrivacyDlpV2DeidentifyConfig: - id: GooglePrivacyDlpV2DeidentifyConfig - description: The configuration that controls how the data will change. + A list of words to select from for random replacement. The + [limits](https://cloud.google.com/sensitive-data-protection/limits) + page contains details about the size limits of dictionaries. type: object - properties: - infoTypeTransformations: - description: >- - Treat the dataset as free-form text and apply the same free text - transformation everywhere. - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeTransformations' - recordTransformations: - description: >- - Treat the dataset as structured. Transformations can be applied to - specific locations within structured datasets, such as transforming - a column within a table. - $ref: '#/components/schemas/GooglePrivacyDlpV2RecordTransformations' - imageTransformations: - description: Treat the dataset as an image and redact. - $ref: '#/components/schemas/GooglePrivacyDlpV2ImageTransformations' - transformationErrorHandling: - description: >- - Mode for handling transformation errors. If left unspecified, the - default mode is `TransformationErrorHandling.ThrowError`. - $ref: '#/components/schemas/GooglePrivacyDlpV2TransformationErrorHandling' - GooglePrivacyDlpV2InfoTypeTransformations: - id: GooglePrivacyDlpV2InfoTypeTransformations description: >- - A type of transformation that will scan unstructured text and apply - various `PrimitiveTransformation`s to each finding, where the - transformation is applied to only values that were identified as a - specific info_type. + Replace each input value with a value randomly selected from the + dictionary. + id: GooglePrivacyDlpV2ReplaceDictionaryConfig + GooglePrivacyDlpV2ImageTransformations: type: object + description: A type of transformation that is applied over images. + id: GooglePrivacyDlpV2ImageTransformations properties: - transformations: - description: >- - Required. Transformation for each infoType. Cannot specify more than - one for a given infoType. + transforms: type: array items: - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeTransformation' - GooglePrivacyDlpV2InfoTypeTransformation: - id: GooglePrivacyDlpV2InfoTypeTransformation - description: >- - A transformation to apply to text that is identified as a specific - info_type. + $ref: '#/components/schemas/GooglePrivacyDlpV2ImageTransformation' + description: List of transforms to make. + GooglePrivacyDlpV2Dictionary: + id: GooglePrivacyDlpV2Dictionary type: object + description: >- + Custom information type based on a dictionary of words or phrases. This + can be used to match sensitive information specific to the data, such as + a list of employee IDs or job titles. Dictionary words are + case-insensitive and all characters other than letters and digits in the + unicode [Basic Multilingual + Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) + will be replaced with whitespace when scanning for matches, so the + dictionary phrase "Sam Johnson" will match all three phrases "sam + johnson", "Sam, Johnson", and "Sam (Johnson)". Additionally, the + characters surrounding any match must be of a different type than the + adjacent characters within the word, so letters must be next to + non-letters and digits next to non-digits. For example, the dictionary + word "jen" will match the first three letters of the text "jen123" but + will return no matches for "jennifer". Dictionary words containing a + large number of characters that are not letters or digits may result in + unexpected findings because such characters are treated as whitespace. + The [limits](https://cloud.google.com/sensitive-data-protection/limits) + page contains details about the size limits of dictionaries. For + dictionaries that do not fit within these constraints, consider using + `LargeCustomDictionaryConfig` in the `StoredInfoType` API. properties: - infoTypes: + wordList: + $ref: '#/components/schemas/GooglePrivacyDlpV2WordList' + description: List of words or phrases to search for. + cloudStoragePath: description: >- - InfoTypes to apply the transformation to. An empty list will cause - this transformation to apply to all findings that correspond to - infoTypes that were requested in `InspectConfig`. + Newline-delimited file of words in Cloud Storage. Only a single file + is accepted. + $ref: '#/components/schemas/GooglePrivacyDlpV2CloudStoragePath' + GooglePrivacyDlpV2DatabaseResourceRegexes: + id: GooglePrivacyDlpV2DatabaseResourceRegexes + description: >- + A collection of regular expressions to determine what database resources + to match against. + properties: + patterns: + description: >- + A group of regular expression patterns to match against one or more + database resources. Maximum of 100 entries. The sum of all regular + expression's length can't exceed 10 KiB. type: array items: - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - primitiveTransformation: - description: Required. Primitive transformation to apply to the infoType. - $ref: '#/components/schemas/GooglePrivacyDlpV2PrimitiveTransformation' - GooglePrivacyDlpV2PrimitiveTransformation: - id: GooglePrivacyDlpV2PrimitiveTransformation - description: A rule for transforming a value. + $ref: '#/components/schemas/GooglePrivacyDlpV2DatabaseResourceRegex' type: object + GooglePrivacyDlpV2DiscoveryOtherCloudConditions: + description: >- + Requirements that must be true before a resource is profiled for the + first time. + id: GooglePrivacyDlpV2DiscoveryOtherCloudConditions properties: - replaceConfig: - description: Replace with a specified value. - $ref: '#/components/schemas/GooglePrivacyDlpV2ReplaceValueConfig' - redactConfig: - description: Redact - $ref: '#/components/schemas/GooglePrivacyDlpV2RedactConfig' - characterMaskConfig: - description: Mask - $ref: '#/components/schemas/GooglePrivacyDlpV2CharacterMaskConfig' - cryptoReplaceFfxFpeConfig: - description: >- - Ffx-Fpe. Strongly discouraged, consider using - CryptoDeterministicConfig instead. Fpe is computationally expensive - incurring latency costs. - $ref: '#/components/schemas/GooglePrivacyDlpV2CryptoReplaceFfxFpeConfig' - fixedSizeBucketingConfig: - description: Fixed size bucketing - $ref: '#/components/schemas/GooglePrivacyDlpV2FixedSizeBucketingConfig' - bucketingConfig: - description: Bucketing - $ref: '#/components/schemas/GooglePrivacyDlpV2BucketingConfig' - replaceWithInfoTypeConfig: - description: Replace with infotype - $ref: '#/components/schemas/GooglePrivacyDlpV2ReplaceWithInfoTypeConfig' - timePartConfig: - description: Time extraction - $ref: '#/components/schemas/GooglePrivacyDlpV2TimePartConfig' - cryptoHashConfig: - description: Crypto - $ref: '#/components/schemas/GooglePrivacyDlpV2CryptoHashConfig' - dateShiftConfig: - description: Date Shift - $ref: '#/components/schemas/GooglePrivacyDlpV2DateShiftConfig' - cryptoDeterministicConfig: - description: Deterministic Crypto - $ref: '#/components/schemas/GooglePrivacyDlpV2CryptoDeterministicConfig' - replaceDictionaryConfig: + amazonS3BucketConditions: + description: Amazon S3 bucket conditions. + $ref: '#/components/schemas/GooglePrivacyDlpV2AmazonS3BucketConditions' + minAge: + type: string + format: google-duration description: >- - Replace with a value randomly drawn (with replacement) from a - dictionary. - $ref: '#/components/schemas/GooglePrivacyDlpV2ReplaceDictionaryConfig' - GooglePrivacyDlpV2ReplaceValueConfig: - id: GooglePrivacyDlpV2ReplaceValueConfig - description: Replace each input value with a given `Value`. + Minimum age a resource must be before Cloud DLP can profile it. + Value must be 1 hour or greater. type: object - properties: - newValue: - description: Value to replace it with. - $ref: '#/components/schemas/GooglePrivacyDlpV2Value' - GooglePrivacyDlpV2RedactConfig: - id: GooglePrivacyDlpV2RedactConfig - description: >- - Redact a given value. For example, if used with an - `InfoTypeTransformation` transforming PHONE_NUMBER, and input 'My phone - number is 206-555-0123', the output would be 'My phone number is '. + GooglePrivacyDlpV2LikelihoodAdjustment: type: object - properties: {} - GooglePrivacyDlpV2CharacterMaskConfig: - id: GooglePrivacyDlpV2CharacterMaskConfig description: >- - Partially mask a string by replacing a given number of characters with a - fixed character. Masking can start from the beginning or end of the - string. This can be used on data of any type (numbers, longs, and so on) - and when de-identifying structured data we'll attempt to preserve the - original data's type. (This allows you to take a long like 123 and - modify it to a string like **3. + Message for specifying an adjustment to the likelihood of a finding as + part of a detection rule. + properties: + relativeLikelihood: + format: int32 + type: integer + description: >- + Increase or decrease the likelihood by the specified number of + levels. For example, if a finding would be `POSSIBLE` without the + detection rule and `relative_likelihood` is 1, then it is upgraded + to `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. + Likelihood may never drop below `VERY_UNLIKELY` or exceed + `VERY_LIKELY`, so applying an adjustment of 1 followed by an + adjustment of -1 when base likelihood is `VERY_LIKELY` will result + in a final likelihood of `LIKELY`. + fixedLikelihood: + enumDescriptions: + - Default value; same as POSSIBLE. + - Highest chance of a false positive. + - High chance of a false positive. + - Some matching signals. The default value. + - Low chance of a false positive. + - Confidence level is high. Lowest chance of a false positive. + description: Set the likelihood of a finding to a fixed value. + type: string + enum: + - LIKELIHOOD_UNSPECIFIED + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + id: GooglePrivacyDlpV2LikelihoodAdjustment + GooglePrivacyDlpV2BigQueryTableCollection: + id: GooglePrivacyDlpV2BigQueryTableCollection + description: Specifies a collection of BigQuery tables. Used for Discovery. + properties: + includeRegexes: + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryRegexes' + description: >- + A collection of regular expressions to match a BigQuery table + against. + type: object + GooglePrivacyDlpV2RedactImageResponse: + id: GooglePrivacyDlpV2RedactImageResponse type: object + description: Results of redacting an image. properties: - maskingCharacter: + redactedImage: + format: byte + description: The redacted image. The type will be the same as the original image. + type: string + inspectResult: + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectResult' description: >- - Character to use to mask the sensitive values—for example, `*` for - an alphabetic string such as a name, or `0` for a numeric string - such as ZIP code or credit card number. This string must have a - length of 1. If not supplied, this value defaults to `*` for - strings, and `0` for digits. + The findings. Populated when include_findings in the request is + true. + extractedText: type: string - numberToMask: description: >- - Number of characters to mask. If not set, all matching chars will be - masked. Skipped characters do not count towards this tally. If - `number_to_mask` is negative, this denotes inverse masking. Cloud - DLP masks all but a number of characters. For example, suppose you - have the following values: - `masking_character` is `*` - - `number_to_mask` is `-4` - `reverse_order` is `false` - - `CharsToIgnore` includes `-` - Input string is `1234-5678-9012-3456` - The resulting de-identified string is `****-****-****-3456`. Cloud - DLP masks all but the last four characters. If `reverse_order` is - `true`, all but the first four characters are masked as - `1234-****-****-****`. - type: integer - format: int32 - reverseOrder: - description: >- - Mask characters in reverse order. For example, if - `masking_character` is `0`, `number_to_mask` is `14`, and - `reverse_order` is `false`, then the input string - `1234-5678-9012-3456` is masked as `00000000000000-3456`. If - `masking_character` is `*`, `number_to_mask` is `3`, and - `reverse_order` is `true`, then the string `12345` is masked as - `12***`. - type: boolean - charactersToIgnore: - description: >- - When masking a string, items in this list will be skipped when - replacing characters. For example, if the input string is - `555-555-5555` and you instruct Cloud DLP to skip `-` and mask 5 - characters with `*`, Cloud DLP returns `***-**5-5555`. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2CharsToIgnore' - GooglePrivacyDlpV2CharsToIgnore: - id: GooglePrivacyDlpV2CharsToIgnore + If an image was being inspected and the InspectConfig's + include_quote was set to true, then this field will include all + text, if any, that was found in the image. + GooglePrivacyDlpV2NumericalStatsConfig: description: >- - Characters to skip when doing deidentification of a value. These will be - left alone and skipped. + Compute numerical stats over an individual column, including min, max, + and quantiles. type: object + id: GooglePrivacyDlpV2NumericalStatsConfig properties: - charactersToSkip: - description: Characters to not transform when masking. - type: string - commonCharactersToIgnore: + field: description: >- - Common characters to not transform when masking. Useful to avoid - removing punctuation. - type: string - enumDescriptions: - - Unused. - - 0-9 - - A-Z - - a-z - - US Punctuation, one of !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~ - - Whitespace character, one of [ \t\n\x0B\f\r] - enum: - - COMMON_CHARS_TO_IGNORE_UNSPECIFIED - - NUMERIC - - ALPHA_UPPER_CASE - - ALPHA_LOWER_CASE - - PUNCTUATION - - WHITESPACE - GooglePrivacyDlpV2CryptoReplaceFfxFpeConfig: - id: GooglePrivacyDlpV2CryptoReplaceFfxFpeConfig - description: >- - Replaces an identifier with a surrogate using Format Preserving - Encryption (FPE) with the FFX mode of operation; however when used in - the `ReidentifyContent` API method, it serves the opposite function by - reversing the surrogate back into the original identifier. The - identifier must be encoded as ASCII. For a given crypto key and context, - the same identifier will be replaced with the same surrogate. - Identifiers must be at least two characters long. In the case that the - identifier is the empty string, it will be skipped. See - https://cloud.google.com/sensitive-data-protection/docs/pseudonymization - to learn more. Note: We recommend using CryptoDeterministicConfig for - all use cases which do not require preserving the input alphabet space - and size, plus warrant referential integrity. FPE incurs significant - latency costs. + Field to compute numerical stats on. Supported types are integer, + float, date, datetime, timestamp, time. + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + GooglePrivacyDlpV2HybridOptions: type: object + description: >- + Configuration to control jobs where the content being inspected is + outside of Google Cloud Platform. + id: GooglePrivacyDlpV2HybridOptions properties: - cryptoKey: - description: Required. The key used by the encryption algorithm. - $ref: '#/components/schemas/GooglePrivacyDlpV2CryptoKey' - context: + tableOptions: description: >- - The 'tweak', a context may be used for higher security since the - same identifier in two different contexts won't be given the same - surrogate. If the context is not set, a default tweak will be used. - If the context is set but: 1. there is no record present when - transforming a given value or 1. the field is not present when - transforming a given value, a default tweak will be used. Note that - case (1) is expected when an `InfoTypeTransformation` is applied to - both structured and unstructured `ContentItem`s. Currently, the - referenced field may be of value type integer or string. The tweak - is constructed as a sequence of bytes in big endian byte order such - that: - a 64 bit integer is encoded followed by a single byte of - value 1 - a string is encoded in UTF-8 format followed by a single - byte of value 2 - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - commonAlphabet: - description: Common alphabets. - type: string - enumDescriptions: - - Unused. - - '`[0-9]` (radix of 10)' - - '`[0-9A-F]` (radix of 16)' - - '`[0-9A-Z]` (radix of 36)' - - '`[0-9A-Za-z]` (radix of 62)' - enum: - - FFX_COMMON_NATIVE_ALPHABET_UNSPECIFIED - - NUMERIC - - HEXADECIMAL - - UPPER_CASE_ALPHA_NUMERIC - - ALPHA_NUMERIC - customAlphabet: + If the container is a table, additional information to make findings + meaningful such as the columns that are primary keys. + $ref: '#/components/schemas/GooglePrivacyDlpV2TableOptions' + labels: + additionalProperties: + type: string description: >- - This is supported by mapping these to the alphanumeric characters - that the FFX mode natively supports. This happens before/after - encryption/decryption. Each character listed must appear only once. - Number of characters must be in the range [2, 95]. This must be - encoded as ASCII. The order of characters does not matter. The full - list of allowed characters is: - ``0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz~`!@#$%^&*()_-+={[}]|\:;"'<,>.?/`` + To organize findings, these labels will be added to each finding. + Label keys must be between 1 and 63 characters long and must conform + to the following regular expression: `[a-z]([-a-z0-9]*[a-z0-9])?`. + Label values must be between 0 and 63 characters long and must + conform to the regular expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`. + No more than 10 labels can be associated with a given finding. + Examples: * `"environment" : "production"` * `"pipeline" : "etl"` + type: object + description: + description: >- + A short description of where the data is coming from. Will be stored + once in the job. 256 max length. type: string - radix: - description: The native way to select the alphabet. Must be in the range [2, 95]. - type: integer - format: int32 - surrogateInfoType: + requiredFindingLabelKeys: + type: array description: >- - The custom infoType to annotate the surrogate with. This annotation - will be applied to the surrogate by prefixing it with the name of - the custom infoType followed by the number of characters comprising - the surrogate. The following scheme defines the format: - info_type_name(surrogate_character_count):surrogate For example, if - the name of custom infoType is 'MY_TOKEN_INFO_TYPE' and the - surrogate is 'abc', the full replacement value will be: - 'MY_TOKEN_INFO_TYPE(3):abc' This annotation identifies the surrogate - when inspecting content using the custom infoType - [`SurrogateType`](https://cloud.google.com/sensitive-data-protection/docs/reference/rest/v2/InspectConfig#surrogatetype). - This facilitates reversal of the surrogate when it occurs in free - text. In order for inspection to work properly, the name of this - infoType must not occur naturally anywhere in your data; otherwise, - inspection may find a surrogate that does not correspond to an - actual identifier. Therefore, choose your custom infoType name - carefully after considering what your data looks like. One way to - select a name that has a high chance of yielding reliable detection - is to include one or more unicode characters that are highly - improbable to exist in your data. For example, assuming your data is - entered from a regular ASCII keyboard, the symbol with the hex code - point 29DD might be used like so: ⧝MY_TOKEN_TYPE - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - GooglePrivacyDlpV2CryptoKey: - id: GooglePrivacyDlpV2CryptoKey - description: >- - This is a data encryption key (DEK) (as opposed to a key encryption key - (KEK) stored by Cloud Key Management Service (Cloud KMS). When using - Cloud KMS to wrap or unwrap a DEK, be sure to set an appropriate IAM - policy on the KEK to ensure an attacker cannot unwrap the DEK. + These are labels that each inspection request must include within + their 'finding_labels' map. Request may contain others, but any + missing one of these will be rejected. Label keys must be between 1 + and 63 characters long and must conform to the following regular + expression: `[a-z]([-a-z0-9]*[a-z0-9])?`. No more than 10 keys can + be required. + items: + type: string + GooglePrivacyDlpV2Conditions: + description: A collection of conditions. + id: GooglePrivacyDlpV2Conditions type: object properties: - transient: - description: Transient crypto key - $ref: '#/components/schemas/GooglePrivacyDlpV2TransientCryptoKey' - unwrapped: - description: Unwrapped crypto key - $ref: '#/components/schemas/GooglePrivacyDlpV2UnwrappedCryptoKey' - kmsWrapped: - description: Key wrapped using Cloud KMS - $ref: '#/components/schemas/GooglePrivacyDlpV2KmsWrappedCryptoKey' - GooglePrivacyDlpV2TransientCryptoKey: - id: GooglePrivacyDlpV2TransientCryptoKey - description: >- - Use this to have a random data crypto key generated. It will be - discarded after the request finishes. + conditions: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2Condition' + type: array + description: A collection of conditions. + GooglePrivacyDlpV2OtherCloudResourceCollection: + description: Match resources using regex filters. + properties: + includeRegexes: + $ref: '#/components/schemas/GooglePrivacyDlpV2OtherCloudResourceRegexes' + description: A collection of regular expressions to match a resource against. + id: GooglePrivacyDlpV2OtherCloudResourceCollection type: object + GooglePrivacyDlpV2HybridInspectJobTriggerRequest: + description: Request to search for potentially sensitive info in a custom location. properties: - name: - description: >- - Required. Name of the key. This is an arbitrary string used to - differentiate different keys. A unique key is generated per name: - two separate `TransientCryptoKey` protos share the same generated - key if their names are the same. When the data crypto key is - generated, this name is not used in any way (repeating the api call - will result in a different key being generated). - type: string - GooglePrivacyDlpV2UnwrappedCryptoKey: - id: GooglePrivacyDlpV2UnwrappedCryptoKey + hybridItem: + $ref: '#/components/schemas/GooglePrivacyDlpV2HybridContentItem' + description: The item to inspect. + type: object + id: GooglePrivacyDlpV2HybridInspectJobTriggerRequest + GooglePrivacyDlpV2PublishSummaryToCscc: description: >- - Using raw keys is prone to security risks due to accidentally leaking - the key. Choose another type of key if possible. + Publish the result summary of a DlpJob to [Security Command + Center](https://cloud.google.com/security-command-center). This action + is available for only projects that belong to an organization. This + action publishes the count of finding instances and their infoTypes. The + summary of findings are persisted in Security Command Center and are + governed by [service-specific policies for Security Command + Center](https://cloud.google.com/terms/service-terms). Only a single + instance of this action can be specified. Compatible with: Inspect + type: object + id: GooglePrivacyDlpV2PublishSummaryToCscc + properties: {} + GooglePrivacyDlpV2Finding: type: object + description: Represents a piece of potentially sensitive content. properties: - key: - description: Required. A 128/192/256 bit key. + jobName: type: string - format: byte - GooglePrivacyDlpV2KmsWrappedCryptoKey: - id: GooglePrivacyDlpV2KmsWrappedCryptoKey - description: >- - Include to use an existing data crypto key wrapped by KMS. The wrapped - key must be a 128-, 192-, or 256-bit key. Authorization requires the - following IAM permissions when sending a request to perform a crypto - transformation using a KMS-wrapped crypto key: dlp.kms.encrypt For more - information, see [Creating a wrapped key] - (https://cloud.google.com/sensitive-data-protection/docs/create-wrapped-key). - Note: When you use Cloud KMS for cryptographic operations, [charges - apply](https://cloud.google.com/kms/pricing). - type: object - properties: - wrappedKey: - description: Required. The wrapped data crypto key. + description: The job that stored the finding. + name: + description: >- + Resource name in format + projects/{project}/locations/{location}/findings/{finding} Populated + only when viewing persisted findings. type: string - format: byte - cryptoKeyName: + createTime: + format: google-datetime + description: Timestamp when finding was detected. + type: string + labels: description: >- - Required. The resource name of the KMS CryptoKey to use for - unwrapping. + The labels associated with this `Finding`. Label keys must be + between 1 and 63 characters long and must conform to the following + regular expression: `[a-z]([-a-z0-9]*[a-z0-9])?`. Label values must + be between 0 and 63 characters long and must conform to the regular + expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`. No more than 10 labels + can be associated with a given finding. Examples: * `"environment" : + "production"` * `"pipeline" : "etl"` + type: object + additionalProperties: + type: string + jobCreateTime: + description: Time the job started that produced this finding. type: string - GooglePrivacyDlpV2FixedSizeBucketingConfig: - id: GooglePrivacyDlpV2FixedSizeBucketingConfig - description: >- - Buckets values based on fixed size ranges. The Bucketing transformation - can provide all of this functionality, but requires more configuration. - This message is provided as a convenience to the user for simple - bucketing strategies. The transformed value will be a hyphenated string - of {lower_bound}-{upper_bound}. For example, if lower_bound = 10 and - upper_bound = 20, all values that are within this bucket will be - replaced with "10-20". This can be used on data of type: double, long. - If the bound Value type differs from the type of data being transformed, - we will first attempt converting the type of the data to be transformed - to match the type of the bound before comparing. See - https://cloud.google.com/sensitive-data-protection/docs/concepts-bucketing - to learn more. - type: object - properties: - lowerBound: + format: google-datetime + quoteInfo: description: >- - Required. Lower bound value of buckets. All values less than - `lower_bound` are grouped together into a single bucket; for example - if `lower_bound` = 10, then all values less than 10 are replaced - with the value "-10". - $ref: '#/components/schemas/GooglePrivacyDlpV2Value' - upperBound: + Contains data parsed from quotes. Only populated if include_quote + was set to true and a supported infoType was requested. Currently + supported infoTypes: DATE, DATE_OF_BIRTH and TIME. + $ref: '#/components/schemas/GooglePrivacyDlpV2QuoteInfo' + resourceName: + type: string + description: The job that stored the finding. + quote: description: >- - Required. Upper bound value of buckets. All values greater than - upper_bound are grouped together into a single bucket; for example - if `upper_bound` = 89, then all values greater than 89 are replaced - with the value "89+". - $ref: '#/components/schemas/GooglePrivacyDlpV2Value' - bucketSize: + The content that was found. Even if the content is not textual, it + may be converted to a textual representation here. Provided if + `include_quote` is true and the finding is less than or equal to + 4096 bytes long. If the finding exceeds 4096 bytes in length, the + quote may be omitted. + type: string + triggerName: + description: Job trigger name, if applicable, for this finding. + type: string + infoType: + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' description: >- - Required. Size of each bucket (except for minimum and maximum - buckets). So if `lower_bound` = 10, `upper_bound` = 89, and - `bucket_size` = 10, then the following buckets would be used: -10, - 10-20, 20-30, 30-40, 40-50, 50-60, 60-70, 70-80, 80-89, 89+. - Precision up to 2 decimals works. - type: number - format: double - GooglePrivacyDlpV2BucketingConfig: - id: GooglePrivacyDlpV2BucketingConfig - description: >- - Generalization function that buckets values based on ranges. The ranges - and replacement values are dynamically provided by the user for custom - behavior, such as 1-30 -> LOW, 31-65 -> MEDIUM, 66-100 -> HIGH. This can - be used on data of type: number, long, string, timestamp. If the bound - `Value` type differs from the type of data being transformed, we will - first attempt converting the type of the data to be transformed to match - the type of the bound before comparing. See - https://cloud.google.com/sensitive-data-protection/docs/concepts-bucketing - to learn more. - type: object - properties: - buckets: - description: Set of buckets. Ranges must be non-overlapping. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Bucket' - GooglePrivacyDlpV2Bucket: - id: GooglePrivacyDlpV2Bucket - description: Bucket is represented as a range, along with replacement values. - type: object + The type of content that might have been found. Provided if + `excluded_types` is false. + likelihood: + enum: + - LIKELIHOOD_UNSPECIFIED + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + type: string + enumDescriptions: + - Default value; same as POSSIBLE. + - Highest chance of a false positive. + - High chance of a false positive. + - Some matching signals. The default value. + - Low chance of a false positive. + - Confidence level is high. Lowest chance of a false positive. + description: Confidence of how likely it is that the `info_type` is correct. + location: + description: Where the content was found. + $ref: '#/components/schemas/GooglePrivacyDlpV2Location' + findingId: + type: string + description: The unique finding id. + id: GooglePrivacyDlpV2Finding + GooglePrivacyDlpV2ContentItem: + description: Type of content to inspect. + id: GooglePrivacyDlpV2ContentItem properties: - min: + byteItem: + $ref: '#/components/schemas/GooglePrivacyDlpV2ByteContentItem' + description: Content data to inspect or redact. Replaces `type` and `data`. + table: description: >- - Lower bound of the range, inclusive. Type should be the same as max - if used. - $ref: '#/components/schemas/GooglePrivacyDlpV2Value' - max: - description: Upper bound of the range, exclusive; type must match min. - $ref: '#/components/schemas/GooglePrivacyDlpV2Value' - replacementValue: - description: Required. Replacement value for this bucket. - $ref: '#/components/schemas/GooglePrivacyDlpV2Value' - GooglePrivacyDlpV2ReplaceWithInfoTypeConfig: - id: GooglePrivacyDlpV2ReplaceWithInfoTypeConfig - description: Replace each matching finding with the name of the info_type. + Structured content for inspection. See + https://cloud.google.com/sensitive-data-protection/docs/inspecting-text#inspecting_a_table + to learn more. + $ref: '#/components/schemas/GooglePrivacyDlpV2Table' + value: + description: String data to inspect or redact. + type: string type: object - properties: {} - GooglePrivacyDlpV2TimePartConfig: - id: GooglePrivacyDlpV2TimePartConfig + GooglePrivacyDlpV2CryptoKey: + id: GooglePrivacyDlpV2CryptoKey description: >- - For use with `Date`, `Timestamp`, and `TimeOfDay`, extract or preserve a - portion of the value. - type: object + This is a data encryption key (DEK) (as opposed to a key encryption key + (KEK) stored by Cloud Key Management Service (Cloud KMS). When using + Cloud KMS to wrap or unwrap a DEK, be sure to set an appropriate IAM + policy on the KEK to ensure an attacker cannot unwrap the DEK. properties: - partToExtract: - description: The part of the time to keep. - type: string - enumDescriptions: - - Unused - - '[0-9999]' - - '[1-12]' - - '[1-31]' - - '[1-7]' - - '[1-53]' - - '[0-23]' - enum: - - TIME_PART_UNSPECIFIED - - YEAR - - MONTH - - DAY_OF_MONTH - - DAY_OF_WEEK - - WEEK_OF_YEAR - - HOUR_OF_DAY + transient: + description: Transient crypto key + $ref: '#/components/schemas/GooglePrivacyDlpV2TransientCryptoKey' + unwrapped: + $ref: '#/components/schemas/GooglePrivacyDlpV2UnwrappedCryptoKey' + description: Unwrapped crypto key + kmsWrapped: + $ref: '#/components/schemas/GooglePrivacyDlpV2KmsWrappedCryptoKey' + description: Key wrapped using Cloud KMS + type: object GooglePrivacyDlpV2CryptoHashConfig: id: GooglePrivacyDlpV2CryptoHashConfig description: >- @@ -2080,147 +2151,65 @@ components: cryptoKey: description: The key used by the hash function. $ref: '#/components/schemas/GooglePrivacyDlpV2CryptoKey' - GooglePrivacyDlpV2DateShiftConfig: - id: GooglePrivacyDlpV2DateShiftConfig - description: >- - Shifts dates by random number of days, with option to be consistent for - the same context. See - https://cloud.google.com/sensitive-data-protection/docs/concepts-date-shifting - to learn more. - type: object + GooglePrivacyDlpV2BigQueryKey: + id: GooglePrivacyDlpV2BigQueryKey + description: Row key for identifying a record in BigQuery table. properties: - upperBoundDays: - description: >- - Required. Range of shift in days. Actual shift will be selected at - random within this range (inclusive ends). Negative means shift to - earlier in time. Must not be more than 365250 days (1000 years) each - direction. For example, 3 means shift date to at most 3 days into - the future. - type: integer - format: int32 - lowerBoundDays: - description: >- - Required. For example, -5 means shift date to at most 5 days back in - the past. - type: integer - format: int32 - context: - description: >- - Points to the field that contains the context, for example, an - entity id. If set, must also set cryptoKey. If set, shift will be - consistent for the given context. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - cryptoKey: + tableReference: + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' + description: Complete BigQuery table reference. + rowNumber: + format: int64 + type: string description: >- - Causes the shift to be computed based on this key and the context. - This results in the same shift for the same context and crypto_key. - If set, must also set context. Can only be applied to table items. - $ref: '#/components/schemas/GooglePrivacyDlpV2CryptoKey' - GooglePrivacyDlpV2CryptoDeterministicConfig: - id: GooglePrivacyDlpV2CryptoDeterministicConfig - description: >- - Pseudonymization method that generates deterministic encryption for the - given input. Outputs a base64 encoded representation of the encrypted - output. Uses AES-SIV based on the RFC - https://tools.ietf.org/html/rfc5297. + Row number inferred at the time the table was scanned. This value is + nondeterministic, cannot be queried, and may be null for inspection + jobs. To locate findings within a table, specify + `inspect_job.storage_config.big_query_options.identifying_fields` in + `CreateDlpJobRequest`. type: object - properties: - cryptoKey: - description: >- - The key used by the encryption function. For deterministic - encryption using AES-SIV, the provided key is internally expanded to - 64 bytes prior to use. - $ref: '#/components/schemas/GooglePrivacyDlpV2CryptoKey' - surrogateInfoType: - description: >- - The custom info type to annotate the surrogate with. This annotation - will be applied to the surrogate by prefixing it with the name of - the custom info type followed by the number of characters comprising - the surrogate. The following scheme defines the format: {info type - name}({surrogate character count}):{surrogate} For example, if the - name of custom info type is 'MY_TOKEN_INFO_TYPE' and the surrogate - is 'abc', the full replacement value will be: - 'MY_TOKEN_INFO_TYPE(3):abc' This annotation identifies the surrogate - when inspecting content using the custom info type 'Surrogate'. This - facilitates reversal of the surrogate when it occurs in free text. - Note: For record transformations where the entire cell in a table is - being transformed, surrogates are not mandatory. Surrogates are used - to denote the location of the token and are necessary for - re-identification in free form text. In order for inspection to work - properly, the name of this info type must not occur naturally - anywhere in your data; otherwise, inspection may either - reverse a - surrogate that does not correspond to an actual identifier - be - unable to parse the surrogate and result in an error Therefore, - choose your custom info type name carefully after considering what - your data looks like. One way to select a name that has a high - chance of yielding reliable detection is to include one or more - unicode characters that are highly improbable to exist in your data. - For example, assuming your data is entered from a regular ASCII - keyboard, the symbol with the hex code point 29DD might be used like - so: ⧝MY_TOKEN_TYPE. - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - context: - description: >- - A context may be used for higher security and maintaining - referential integrity such that the same identifier in two different - contexts will be given a distinct surrogate. The context is appended - to plaintext value being encrypted. On decryption the provided - context is validated against the value used during encryption. If a - context was provided during encryption, same context must be - provided during decryption as well. If the context is not set, - plaintext would be used as is for encryption. If the context is set - but: 1. there is no record present when transforming a given value - or 2. the field is not present when transforming a given value, - plaintext would be used as is for encryption. Note that case (1) is - expected when an `InfoTypeTransformation` is applied to both - structured and unstructured `ContentItem`s. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - GooglePrivacyDlpV2ReplaceDictionaryConfig: - id: GooglePrivacyDlpV2ReplaceDictionaryConfig - description: >- - Replace each input value with a value randomly selected from the - dictionary. + GooglePrivacyDlpV2FinishDlpJobRequest: + type: object + properties: {} + id: GooglePrivacyDlpV2FinishDlpJobRequest + description: The request message for finishing a DLP hybrid job. + GooglePrivacyDlpV2InspectDataSourceDetails: type: object + id: GooglePrivacyDlpV2InspectDataSourceDetails + description: The results of an inspect DataSource job. properties: - wordList: - description: >- - A list of words to select from for random replacement. The - [limits](https://cloud.google.com/sensitive-data-protection/limits) - page contains details about the size limits of dictionaries. - $ref: '#/components/schemas/GooglePrivacyDlpV2WordList' - GooglePrivacyDlpV2RecordTransformations: - id: GooglePrivacyDlpV2RecordTransformations - description: >- - A type of transformation that is applied over structured data such as a - table. + requestedOptions: + description: The configuration used for this job. + $ref: '#/components/schemas/GooglePrivacyDlpV2RequestedOptions' + result: + $ref: '#/components/schemas/GooglePrivacyDlpV2Result' + description: A summary of the outcome of this inspection job. + GooglePrivacyDlpV2InspectResult: + description: All the findings for a single scanned item. type: object + id: GooglePrivacyDlpV2InspectResult properties: - fieldTransformations: - description: Transform the record by applying various field transformations. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldTransformation' - recordSuppressions: + findingsTruncated: + type: boolean description: >- - Configuration defining which records get suppressed entirely. - Records that match any suppression rule are omitted from the output. - type: array + If true, then this item might have more findings than were returned, + and the findings returned are an arbitrary subset of all findings. + The findings list might be truncated because the input items were + too large, or because the server reached the maximum amount of + resources allowed for a single API call. For best results, divide + the input into smaller batches. + findings: items: - $ref: '#/components/schemas/GooglePrivacyDlpV2RecordSuppression' + $ref: '#/components/schemas/GooglePrivacyDlpV2Finding' + description: List of findings for an item. + type: array GooglePrivacyDlpV2FieldTransformation: - id: GooglePrivacyDlpV2FieldTransformation - description: The transformation to apply to the field. type: object + id: GooglePrivacyDlpV2FieldTransformation properties: - fields: - description: >- - Required. Input field(s) to apply the transformation to. When you - have columns that reference their position within a list, omit the - index from the FieldId. FieldId name matching ignores the index. For - example, instead of "contact.nums[0].type", use "contact.nums.type". - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + primitiveTransformation: + description: Apply the transformation to the entire field. + $ref: '#/components/schemas/GooglePrivacyDlpV2PrimitiveTransformation' condition: description: >- Only apply the transformation if the condition evaluates to true for @@ -2230,3619 +2219,3285 @@ components: the zip code column for the same record is within a specific range. - Redact a field if the date of birth field is greater than 85. $ref: '#/components/schemas/GooglePrivacyDlpV2RecordCondition' - primitiveTransformation: - description: Apply the transformation to the entire field. - $ref: '#/components/schemas/GooglePrivacyDlpV2PrimitiveTransformation' infoTypeTransformations: + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeTransformations' description: >- Treat the contents of the field as free text, and selectively transform content that matches an `InfoType`. - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeTransformations' - GooglePrivacyDlpV2RecordCondition: - id: GooglePrivacyDlpV2RecordCondition - description: >- - A condition for determining whether a transformation should be applied - to a field. - type: object - properties: - expressions: - description: An expression. - $ref: '#/components/schemas/GooglePrivacyDlpV2Expressions' - GooglePrivacyDlpV2Expressions: - id: GooglePrivacyDlpV2Expressions - description: An expression, consisting of an operator and conditions. - type: object - properties: - logicalOperator: - description: >- - The operator to apply to the result of conditions. Default and - currently only supported value is `AND`. - type: string - enumDescriptions: - - Unused - - Conditional AND - enum: - - LOGICAL_OPERATOR_UNSPECIFIED - - AND - conditions: - description: Conditions to apply to the expression. - $ref: '#/components/schemas/GooglePrivacyDlpV2Conditions' - GooglePrivacyDlpV2Conditions: - id: GooglePrivacyDlpV2Conditions - description: A collection of conditions. - type: object - properties: - conditions: - description: A collection of conditions. + fields: type: array items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Condition' - GooglePrivacyDlpV2Condition: - id: GooglePrivacyDlpV2Condition - description: >- - The field type of `value` and `field` do not need to match to be - considered equal, but not all comparisons are possible. EQUAL_TO and - NOT_EQUAL_TO attempt to compare even with incompatible types, but all - other comparisons are invalid with incompatible types. A `value` of - type: - `string` can be compared against all other types - `boolean` can - only be compared against other booleans - `integer` can be compared - against doubles or a string if the string value can be parsed as an - integer. - `double` can be compared against integers or a string if the - string can be parsed as a double. - `Timestamp` can be compared against - strings in RFC 3339 date string format. - `TimeOfDay` can be compared - against timestamps and strings in the format of 'HH:mm:ss'. If we fail - to compare do to type mismatch, a warning will be given and the - condition will evaluate to false. + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + description: >- + Required. Input field(s) to apply the transformation to. When you + have columns that reference their position within a list, omit the + index from the FieldId. FieldId name matching ignores the index. For + example, instead of "contact.nums[0].type", use "contact.nums.type". + description: The transformation to apply to the field. + GooglePrivacyDlpV2DiscoveryTarget: + description: Target used to match against for Discovery. type: object properties: - field: + secretsTarget: description: >- - Required. Field within the record this condition is evaluated - against. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - operator: + Discovery target that looks for credentials and secrets stored in + cloud resource metadata and reports them as vulnerabilities to + Security Command Center. Only one target of this type is allowed. + $ref: '#/components/schemas/GooglePrivacyDlpV2SecretsDiscoveryTarget' + bigQueryTarget: + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryDiscoveryTarget' description: >- - Required. Operator used to compare the field or infoType to the - value. - type: string - enumDescriptions: - - Unused - - Equal. Attempts to match even with incompatible types. - - Not equal to. Attempts to match even with incompatible types. - - Greater than. - - Less than. - - Greater than or equals. - - Less than or equals. - - Exists - enum: - - RELATIONAL_OPERATOR_UNSPECIFIED - - EQUAL_TO - - NOT_EQUAL_TO - - GREATER_THAN - - LESS_THAN - - GREATER_THAN_OR_EQUALS - - LESS_THAN_OR_EQUALS - - EXISTS - value: - description: Value to compare against. [Mandatory, except for `EXISTS` tests.] - $ref: '#/components/schemas/GooglePrivacyDlpV2Value' - GooglePrivacyDlpV2RecordSuppression: - id: GooglePrivacyDlpV2RecordSuppression - description: >- - Configuration to suppress records whose suppression conditions evaluate - to true. - type: object - properties: - condition: + BigQuery target for Discovery. The first target to match a table + will be the one applied. + vertexDatasetTarget: + $ref: '#/components/schemas/GooglePrivacyDlpV2VertexDatasetDiscoveryTarget' description: >- - A condition that when it evaluates to true will result in the record - being evaluated to be suppressed from the transformed content. - $ref: '#/components/schemas/GooglePrivacyDlpV2RecordCondition' - GooglePrivacyDlpV2ImageTransformations: - id: GooglePrivacyDlpV2ImageTransformations - description: A type of transformation that is applied over images. - type: object - properties: - transforms: - description: List of transforms to make. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2ImageTransformation' - GooglePrivacyDlpV2ImageTransformation: - id: GooglePrivacyDlpV2ImageTransformation - description: Configuration for determining how redaction of images should occur. - type: object - properties: - selectedInfoTypes: - description: Apply transformation to the selected info_types. - $ref: '#/components/schemas/GooglePrivacyDlpV2SelectedInfoTypes' - allInfoTypes: + Vertex AI dataset target for Discovery. The first target to match a + dataset will be the one applied. Note that discovery for Vertex AI + can incur Cloud Storage Class B operation charges for + storage.objects.get operations and retrieval fees. For more + information, see [Cloud Storage + pricing](https://cloud.google.com/storage/pricing#price-tables). + Note that discovery for Vertex AI dataset will not be able to scan + images unless + DiscoveryConfig.processing_location.image_fallback_location has + multi_region_processing or global_processing configured. + cloudSqlTarget: description: >- - Apply transformation to all findings not specified in other - ImageTransformation's selected_info_types. Only one instance is - allowed within the ImageTransformations message. - $ref: '#/components/schemas/GooglePrivacyDlpV2AllInfoTypes' - allText: + Cloud SQL target for Discovery. The first target to match a table + will be the one applied. + $ref: '#/components/schemas/GooglePrivacyDlpV2CloudSqlDiscoveryTarget' + cloudStorageTarget: description: >- - Apply transformation to all text that doesn't match an infoType. - Only one instance is allowed within the ImageTransformations - message. - $ref: '#/components/schemas/GooglePrivacyDlpV2AllText' - redactionColor: + Cloud Storage target for Discovery. The first target to match a + table will be the one applied. + $ref: '#/components/schemas/GooglePrivacyDlpV2CloudStorageDiscoveryTarget' + otherCloudTarget: + $ref: '#/components/schemas/GooglePrivacyDlpV2OtherCloudDiscoveryTarget' description: >- - The color to use when redacting content from an image. If not - specified, the default is black. - $ref: '#/components/schemas/GooglePrivacyDlpV2Color' - GooglePrivacyDlpV2SelectedInfoTypes: - id: GooglePrivacyDlpV2SelectedInfoTypes - description: Apply transformation to the selected info_types. - type: object + Other clouds target for discovery. The first target to match a + resource will be the one applied. + id: GooglePrivacyDlpV2DiscoveryTarget + GooglePrivacyDlpV2CustomInfoType: properties: - infoTypes: + exclusionType: + enumDescriptions: + - >- + A finding of this custom info type will not be excluded from + results. + - >- + A finding of this custom info type will be excluded from final + results, but can still affect rule execution. description: >- - Required. InfoTypes to apply the transformation to. Required. - Provided InfoType must be unique within the ImageTransformations - message. + If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a + finding to be returned. It still can be used for rules matching. + enum: + - EXCLUSION_TYPE_UNSPECIFIED + - EXCLUSION_TYPE_EXCLUDE + type: string + dictionary: + $ref: '#/components/schemas/GooglePrivacyDlpV2Dictionary' + description: A list of phrases to detect as a CustomInfoType. + infoType: + description: >- + CustomInfoType can either be a new infoType, or an extension of + built-in infoType, when the name matches one of existing infoTypes + and that infoType is specified in `InspectContent.info_types` field. + Specifying the latter adds findings to the one detected by the + system. If built-in info type is not specified in + `InspectContent.info_types` list then the name is treated as a + custom info type. + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' + sensitivityScore: + $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' + description: >- + Sensitivity for this CustomInfoType. If this CustomInfoType extends + an existing InfoType, the sensitivity here will take precedence over + that of the original InfoType. If unset for a CustomInfoType, it + will default to HIGH. This only applies to data profiling. + detectionRules: type: array + description: >- + Set of detection rules to apply to all findings of this + CustomInfoType. Rules are applied in order that they are specified. + Not supported for the `surrogate_type` CustomInfoType. items: - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - GooglePrivacyDlpV2AllInfoTypes: - id: GooglePrivacyDlpV2AllInfoTypes - description: Apply transformation to all findings. - type: object - properties: {} - GooglePrivacyDlpV2AllText: - id: GooglePrivacyDlpV2AllText - description: Apply to all text. - type: object - properties: {} - GooglePrivacyDlpV2TransformationErrorHandling: - id: GooglePrivacyDlpV2TransformationErrorHandling - description: >- - How to handle transformation errors during de-identification. A - transformation error occurs when the requested transformation is - incompatible with the data. For example, trying to de-identify an IP - address using a `DateShift` transformation would result in a - transformation error, since date info cannot be extracted from an IP - address. Information about any incompatible transformations, and how - they were handled, is returned in the response as part of the - `TransformationOverviews`. - type: object - properties: - throwError: - description: Throw an error - $ref: '#/components/schemas/GooglePrivacyDlpV2ThrowError' - leaveUntransformed: - description: Ignore errors - $ref: '#/components/schemas/GooglePrivacyDlpV2LeaveUntransformed' - GooglePrivacyDlpV2ThrowError: - id: GooglePrivacyDlpV2ThrowError - description: Throw an error and fail the request when a transformation error occurs. - type: object - properties: {} - GooglePrivacyDlpV2LeaveUntransformed: - id: GooglePrivacyDlpV2LeaveUntransformed + $ref: '#/components/schemas/GooglePrivacyDlpV2DetectionRule' + surrogateType: + $ref: '#/components/schemas/GooglePrivacyDlpV2SurrogateType' + description: >- + Message for detecting output from deidentification transformations + that support reversing. + regex: + description: Regular expression based CustomInfoType. + $ref: '#/components/schemas/GooglePrivacyDlpV2Regex' + storedType: + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredType' + description: >- + Load an existing `StoredInfoType` resource for use in + `InspectDataSource`. Not currently supported in `InspectContent`. + likelihood: + description: >- + Likelihood to return for this CustomInfoType. This base value can be + altered by a detection rule if the finding meets the criteria + specified by the rule. Defaults to `VERY_LIKELY` if not specified. + enum: + - LIKELIHOOD_UNSPECIFIED + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + enumDescriptions: + - Default value; same as POSSIBLE. + - Highest chance of a false positive. + - High chance of a false positive. + - Some matching signals. The default value. + - Low chance of a false positive. + - Confidence level is high. Lowest chance of a false positive. + type: string + id: GooglePrivacyDlpV2CustomInfoType description: >- - Skips the data without modifying it if the requested transformation - would cause an error. For example, if a `DateShift` transformation were - applied an an IP address, this mode would leave the IP address unchanged - in the response. - type: object - properties: {} - GooglePrivacyDlpV2DeidentifyContentResponse: - id: GooglePrivacyDlpV2DeidentifyContentResponse - description: Results of de-identifying a ContentItem. - type: object - properties: - item: - description: The de-identified item. - $ref: '#/components/schemas/GooglePrivacyDlpV2ContentItem' - overview: - description: An overview of the changes that were made on the `item`. - $ref: '#/components/schemas/GooglePrivacyDlpV2TransformationOverview' - GooglePrivacyDlpV2TransformationOverview: - id: GooglePrivacyDlpV2TransformationOverview - description: Overview of the modifications that occurred. + Custom information type provided by the user. Used to find + domain-specific sensitive information configurable to the data in + question. type: object + GooglePrivacyDlpV2ListJobTriggersResponse: properties: - transformedBytes: - description: Total size in bytes that were transformed in some way. + nextPageToken: + description: >- + If the next page is available then this value is the next page token + to be used in the following ListJobTriggers request. type: string - format: int64 - transformationSummaries: - description: Transformations applied to the dataset. + jobTriggers: type: array + description: List of triggeredJobs, up to page_size in ListJobTriggersRequest. items: - $ref: '#/components/schemas/GooglePrivacyDlpV2TransformationSummary' - GooglePrivacyDlpV2TransformationSummary: - id: GooglePrivacyDlpV2TransformationSummary - description: >- - Summary of a single transformation. Only one of 'transformation', - 'field_transformation', or 'record_suppress' will be set. + $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' type: object + description: Response message for ListJobTriggers. + id: GooglePrivacyDlpV2ListJobTriggersResponse + GooglePrivacyDlpV2Deidentify: + id: GooglePrivacyDlpV2Deidentify + description: >- + Create a de-identified copy of a storage bucket. Only compatible with + Cloud Storage buckets. A TransformationDetail will be created for each + transformation. Compatible with: Inspection of Cloud Storage properties: - infoType: - description: Set if the transformation was limited to a specific InfoType. - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - field: - description: Set if the transformation was limited to a specific FieldId. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - transformation: - description: The specific transformation these stats apply to. - $ref: '#/components/schemas/GooglePrivacyDlpV2PrimitiveTransformation' - fieldTransformations: + transformationConfig: description: >- - The field transformation that was applied. If multiple field - transformations are requested for a single field, this list will - contain all of them; otherwise, only one is supplied. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldTransformation' - recordSuppress: - description: The specific suppression option these stats apply to. - $ref: '#/components/schemas/GooglePrivacyDlpV2RecordSuppression' - results: - description: Collection of all transformations that took place or had an error. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2SummaryResult' - transformedBytes: - description: Total size in bytes that were transformed in some way. + User specified deidentify templates and configs for structured, + unstructured, and image files. + $ref: '#/components/schemas/GooglePrivacyDlpV2TransformationConfig' + cloudStorageOutput: type: string - format: int64 - GooglePrivacyDlpV2SummaryResult: - id: GooglePrivacyDlpV2SummaryResult - description: >- - A collection that informs the user the number of times a particular - `TransformationResultCode` and error details occurred. + description: >- + Required. User settable Cloud Storage bucket and folders to store + de-identified files. This field must be set for Cloud Storage + deidentification. The output Cloud Storage bucket must be different + from the input bucket. De-identified files will overwrite files in + the output path. Form of: gs://bucket/folder/ or gs://bucket + transformationDetailsStorageConfig: + description: >- + Config for storing transformation details. This field specifies the + configuration for storing detailed metadata about each + transformation performed during a de-identification process. The + metadata is stored separately from the de-identified content itself + and provides a granular record of both successful transformations + and any failures that occurred. Enabling this configuration is + essential for users who need to access comprehensive information + about the status, outcome, and specifics of each transformation. The + details are captured in the TransformationDetails message for each + operation. Key use cases: * **Auditing and compliance** * Provides a + verifiable audit trail of de-identification activities, which is + crucial for meeting regulatory requirements and internal data + governance policies. * Logs what data was transformed, what + transformations were applied, when they occurred, and their success + status. This helps demonstrate accountability and due diligence in + protecting sensitive data. * **Troubleshooting and debugging** * + Offers detailed error messages and context if a transformation + fails. This information is useful for diagnosing and resolving + issues in the de-identification pipeline. * Helps pinpoint the exact + location and nature of failures, speeding up the debugging process. + * **Process verification and quality assurance** * Allows users to + confirm that de-identification rules and transformations were + applied correctly and consistently across the dataset as intended. * + Helps in verifying the effectiveness of the chosen de-identification + strategies. * **Data lineage and impact analysis** * Creates a + record of how data elements were modified, contributing to data + lineage. This is useful for understanding the provenance of + de-identified data. * Aids in assessing the potential impact of + de-identification choices on downstream analytical processes or data + usability. * **Reporting and operational insights** * You can + analyze the metadata stored in a queryable BigQuery table to + generate reports on transformation success rates, common error + types, processing volumes (e.g., transformedBytes), and the types of + transformations applied. * These insights can inform optimization of + de-identification configurations and resource planning. To take + advantage of these benefits, set this configuration. The stored + details include a description of the transformation, success or + error codes, error messages, the number of bytes transformed, the + location of the transformed content, and identifiers for the job and + source data. + $ref: >- + #/components/schemas/GooglePrivacyDlpV2TransformationDetailsStorageConfig + fileTypesToTransform: + items: + enum: + - FILE_TYPE_UNSPECIFIED + - BINARY_FILE + - TEXT_FILE + - IMAGE + - WORD + - PDF + - AVRO + - CSV + - TSV + - POWERPOINT + - EXCEL + type: string + enumDescriptions: + - Includes all files. + - >- + Includes all file extensions not covered by another entry. + Binary scanning attempts to convert the content of the file to + utf_8 to scan the file. If you wish to avoid this fall back, + specify one or more of the other file types in your storage + scan. + - >- + Included file extensions: asc,asp, aspx, brf, c, cc,cfm, cgi, + cpp, csv, cxx, c++, cs, css, dart, dat, dot, eml,, epbub, ged, + go, h, hh, hpp, hxx, h++, hs, html, htm, mkd, markdown, m, ml, + mli, perl, pl, plist, pm, php, phtml, pht, properties, py, pyw, + rb, rbw, rs, rss, rc, scala, sh, sql, swift, tex, shtml, shtm, + xhtml, lhs, ics, ini, java, js, json, jsonl, kix, kml, ocaml, + md, txt, text, tsv, vb, vcard, vcs, wml, xcodeproj, xml, xsl, + xsd, yml, yaml. + - >- + Included file extensions: bmp, gif, jpg, jpeg, jpe, png. Setting + bytes_limit_per_file or bytes_limit_per_file_percent has no + effect on image files. Image inspection is restricted to the + `global`, `us`, `asia`, and `europe` regions. + - >- + Microsoft Word files larger than 30 MB will be scanned as binary + files. Included file extensions: docx, dotx, docm, dotm. Setting + `bytes_limit_per_file` or `bytes_limit_per_file_percent` has no + effect on Word files. + - >- + PDF files larger than 30 MB will be scanned as binary files. + Included file extensions: pdf. Setting `bytes_limit_per_file` or + `bytes_limit_per_file_percent` has no effect on PDF files. + - 'Included file extensions: avro' + - 'Included file extensions: csv' + - 'Included file extensions: tsv' + - >- + Microsoft PowerPoint files larger than 30 MB will be scanned as + binary files. Included file extensions: pptx, pptm, potx, potm, + pot. Setting `bytes_limit_per_file` or + `bytes_limit_per_file_percent` has no effect on PowerPoint + files. + - >- + Microsoft Excel files larger than 30 MB will be scanned as + binary files. Included file extensions: xlsx, xlsm, xltx, xltm. + Setting `bytes_limit_per_file` or `bytes_limit_per_file_percent` + has no effect on Excel files. + description: >- + List of user-specified file type groups to transform. If specified, + only the files with these file types are transformed. If empty, all + supported files are transformed. Supported types may be + automatically added over time. Any unsupported file types that are + set in this field are excluded from de-identification. An error is + recorded for each unsupported file in the TransformationDetails + output table. Currently the only file types supported are: IMAGES, + TEXT_FILES, CSV, TSV. + type: array type: object + GooglePrivacyDlpV2Bucket: + id: GooglePrivacyDlpV2Bucket properties: - count: - description: Number of transformations counted by this result. - type: string - format: int64 - code: - description: Outcome of the transformation. - type: string - enumDescriptions: - - Unused - - Transformation completed without an error. - - Transformation had an error. - enum: - - TRANSFORMATION_RESULT_CODE_UNSPECIFIED - - SUCCESS - - ERROR - details: + max: + $ref: '#/components/schemas/GooglePrivacyDlpV2Value' + description: Upper bound of the range, exclusive; type must match min. + min: + $ref: '#/components/schemas/GooglePrivacyDlpV2Value' description: >- - A place for warnings or errors to show up if a transformation didn't - work as expected. - type: string - GooglePrivacyDlpV2ReidentifyContentRequest: - id: GooglePrivacyDlpV2ReidentifyContentRequest - description: Request to re-identify an item. + Lower bound of the range, inclusive. Type should be the same as max + if used. + replacementValue: + description: Required. Replacement value for this bucket. + $ref: '#/components/schemas/GooglePrivacyDlpV2Value' + description: Bucket is represented as a range, along with replacement values. type: object + GooglePrivacyDlpV2DetectionRule: + id: GooglePrivacyDlpV2DetectionRule properties: - reidentifyConfig: - description: >- - Configuration for the re-identification of the content item. This - field shares the same proto message type that is used for - de-identification, however its usage here is for the reversal of the - previous de-identification. Re-identification is performed by - examining the transformations used to de-identify the items and - executing the reverse. This requires that only reversible - transformations be provided here. The reversible transformations - are: - `CryptoDeterministicConfig` - `CryptoReplaceFfxFpeConfig` - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyConfig' - inspectConfig: - description: Configuration for the inspector. - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectConfig' - item: - description: The item to re-identify. Will be treated as text. - $ref: '#/components/schemas/GooglePrivacyDlpV2ContentItem' - inspectTemplateName: - description: >- - Template to use. Any configuration directly specified in - `inspect_config` will override those set in the template. Singular - fields that are set in this request will replace their corresponding - fields in the template. Repeated fields are appended. Singular - sub-messages and groups are recursively merged. + hotwordRule: + description: Hotword-based detection rule. + $ref: '#/components/schemas/GooglePrivacyDlpV2HotwordRule' + type: object + description: >- + Deprecated; use `InspectionRuleSet` instead. Rule for modifying a + `CustomInfoType` to alter behavior under certain circumstances, + depending on the specific details of the rule. Not supported for the + `surrogate_type` custom infoType. + GooglePrivacyDlpV2StoredType: + properties: + name: type: string - reidentifyTemplateName: description: >- - Template to use. References an instance of `DeidentifyTemplate`. Any - configuration directly specified in `reidentify_config` or - `inspect_config` will override those set in the template. The - `DeidentifyTemplate` used must include only reversible - transformations. Singular fields that are set in this request will - replace their corresponding fields in the template. Repeated fields - are appended. Singular sub-messages and groups are recursively - merged. - type: string - locationId: - description: Deprecated. This field has no effect. + Resource name of the requested `StoredInfoType`, for example + `organizations/433245324/storedInfoTypes/432452342` or + `projects/project-id/storedInfoTypes/432452342`. + createTime: type: string - GooglePrivacyDlpV2ReidentifyContentResponse: - id: GooglePrivacyDlpV2ReidentifyContentResponse - description: Results of re-identifying an item. + format: google-datetime + description: >- + Timestamp indicating when the version of the `StoredInfoType` used + for inspection was created. Output-only field, populated by the + system. type: object + id: GooglePrivacyDlpV2StoredType + description: A reference to a StoredInfoType to use with scanning. + GooglePrivacyDlpV2VertexDatasetRegex: + description: A pattern to match against one or more dataset resources. properties: - item: - description: The re-identified item. - $ref: '#/components/schemas/GooglePrivacyDlpV2ContentItem' - overview: - description: An overview of the changes that were made to the `item`. - $ref: '#/components/schemas/GooglePrivacyDlpV2TransformationOverview' - GooglePrivacyDlpV2ListInfoTypesResponse: - id: GooglePrivacyDlpV2ListInfoTypesResponse - description: Response to the ListInfoTypes request. + projectIdRegex: + description: >- + For organizations, if unset, will match all projects. Has no effect + for configurations created within a project. + type: string type: object - properties: - infoTypes: - description: Set of sensitive infoTypes. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeDescription' - GooglePrivacyDlpV2InfoTypeDescription: - id: GooglePrivacyDlpV2InfoTypeDescription - description: InfoType description. + id: GooglePrivacyDlpV2VertexDatasetRegex + GooglePrivacyDlpV2CloudStorageFileSet: + description: Message representing a set of files in Cloud Storage. type: object + id: GooglePrivacyDlpV2CloudStorageFileSet properties: - name: - description: Internal name of the infoType. - type: string - displayName: - description: Human readable form of the infoType name. + url: type: string - supportedBy: - description: Which parts of the API supports this InfoType. - type: array - items: - type: string - enumDescriptions: - - Unused. - - Supported by the inspect operations. - - Supported by the risk analysis operations. - enum: - - ENUM_TYPE_UNSPECIFIED - - INSPECT - - RISK_ANALYSIS - description: description: >- - Description of the infotype. Translated when language is provided in - the request. + The url, in the format `gs:///`. Trailing wildcard in the path is + allowed. + GooglePrivacyDlpV2KMapEstimationHistogramBucket: + id: GooglePrivacyDlpV2KMapEstimationHistogramBucket + description: >- + A KMapEstimationHistogramBucket message with the following values: + min_anonymity: 3 max_anonymity: 5 frequency: 42 means that there are 42 + records whose quasi-identifier values correspond to 3, 4 or 5 people in + the overlying population. An important particular case is when + min_anonymity = max_anonymity = 1: the frequency field then corresponds + to the number of uniquely identifiable records. + type: object + properties: + maxAnonymity: + description: Always greater than or equal to min_anonymity. type: string - locationSupport: - description: Locations at which this feature can be used. May change over time. - $ref: '#/components/schemas/GooglePrivacyDlpV2LocationSupport' - example: - description: A sample that is a true positive for this infoType. + format: int64 + bucketValueCount: + description: >- + Total number of distinct quasi-identifier tuple values in this + bucket. + format: int64 type: string - versions: - description: A list of available versions for the infotype. + bucketSize: + format: int64 + type: string + description: Number of records within these anonymity bounds. + minAnonymity: + type: string + format: int64 + description: Always positive. + bucketValues: + description: >- + Sample of quasi-identifier tuple values in this bucket. The total + number of classes returned per bucket is capped at 20. type: array items: - $ref: '#/components/schemas/GooglePrivacyDlpV2VersionDescription' - categories: - description: The category of the infoType. + $ref: '#/components/schemas/GooglePrivacyDlpV2KMapEstimationQuasiIdValues' + GooglePrivacyDlpV2Range: + properties: + start: + format: int64 + type: string + description: Index of the first character of the range (inclusive). + end: + format: int64 + type: string + description: Index of the last character of the range (exclusive). + description: Generic half-open interval [start, end) + id: GooglePrivacyDlpV2Range + type: object + GooglePrivacyDlpV2SecretsDiscoveryTarget: + type: object + id: GooglePrivacyDlpV2SecretsDiscoveryTarget + description: >- + Discovery target for credentials and secrets in cloud resource metadata. + This target does not include any filtering or frequency controls. Cloud + DLP will scan cloud resource metadata for secrets daily. No inspect + template should be included in the discovery config for a security + benchmarks scan. Instead, the built-in list of secrets and credentials + infoTypes will be used (see + https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference#credentials_and_secrets). + Credentials and secrets discovered will be reported as vulnerabilities + to Security Command Center. + properties: {} + GooglePrivacyDlpV2ListColumnDataProfilesResponse: + id: GooglePrivacyDlpV2ListColumnDataProfilesResponse + properties: + nextPageToken: + type: string + description: The next page token. + columnDataProfiles: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2ColumnDataProfile' type: array + description: List of data profiles. + type: object + description: List of profiles generated for a given organization or project. + GooglePrivacyDlpV2DiscoveryCloudSqlConditions: + description: >- + Requirements that must be true before a table is profiled for the first + time. + type: object + properties: + types: + description: >- + Data profiles will only be generated for the database resource types + specified in this field. If not specified, defaults to + [DATABASE_RESOURCE_TYPE_ALL_SUPPORTED_TYPES]. items: - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeCategory' - sensitivityScore: - description: The default sensitivity of the infoType. - $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' - specificInfoTypes: + type: string + enum: + - DATABASE_RESOURCE_TYPE_UNSPECIFIED + - DATABASE_RESOURCE_TYPE_ALL_SUPPORTED_TYPES + - DATABASE_RESOURCE_TYPE_TABLE + enumDescriptions: + - Unused. + - >- + Includes database resource types that become supported at a + later time. + - Tables. + type: array + databaseEngines: description: >- - If this field is set, this infoType is a general infoType and these - specific infoTypes are contained within it. General infoTypes are - infoTypes that encompass multiple specific infoTypes. For example, - the "GEOGRAPHIC_DATA" general infoType would have set for this field - "LOCATION", "LOCATION_COORDINATES", and "STREET_ADDRESS". + Optional. Database engines that should be profiled. Optional. + Defaults to ALL_SUPPORTED_DATABASE_ENGINES if unspecified. type: array items: + enumDescriptions: + - Unused. + - Include all supported database engines. + - MySQL database. + - PostgreSQL database. type: string - GooglePrivacyDlpV2LocationSupport: - id: GooglePrivacyDlpV2LocationSupport - description: Locations at which a feature can be used. - type: object + enum: + - DATABASE_ENGINE_UNSPECIFIED + - ALL_SUPPORTED_DATABASE_ENGINES + - MYSQL + - POSTGRES + id: GooglePrivacyDlpV2DiscoveryCloudSqlConditions + GooglePrivacyDlpV2AmazonS3BucketConditions: + id: GooglePrivacyDlpV2AmazonS3BucketConditions + description: Amazon S3 bucket conditions. properties: - regionalizationScope: - description: >- - The current scope for location on this feature. This may expand over - time. - type: string - enumDescriptions: - - Invalid. - - >- - Feature may be used with one or more regions. See locations for - details. - - Feature may be used anywhere. Default value. - enum: - - REGIONALIZATION_SCOPE_UNSPECIFIED - - REGIONAL - - ANY_LOCATION - locations: + bucketTypes: description: >- - Specific locations where the feature may be used. Examples: - us-central1, us, asia, global If scope is ANY_LOCATION, no regions - will be listed. + Optional. Bucket types that should be profiled. Optional. Defaults + to TYPE_ALL_SUPPORTED if unspecified. + type: array + items: + enumDescriptions: + - Unused. + - All supported classes. + - A general purpose Amazon S3 bucket. + enum: + - TYPE_UNSPECIFIED + - TYPE_ALL_SUPPORTED + - TYPE_GENERAL_PURPOSE + type: string + objectStorageClasses: type: array + description: >- + Optional. Object classes that should be profiled. Optional. Defaults + to ALL_SUPPORTED_CLASSES if unspecified. items: type: string - GooglePrivacyDlpV2VersionDescription: - id: GooglePrivacyDlpV2VersionDescription - description: Details about each available version for an infotype. + enumDescriptions: + - Unused. + - All supported classes. + - Standard object class. + - Standard - infrequent access object class. + - Glacier - instant retrieval object class. + - Objects in the S3 Intelligent-Tiering access tiers. + enum: + - UNSPECIFIED + - ALL_SUPPORTED_CLASSES + - STANDARD + - STANDARD_INFREQUENT_ACCESS + - GLACIER_INSTANT_RETRIEVAL + - INTELLIGENT_TIERING type: object + GooglePrivacyDlpV2KindExpression: + id: GooglePrivacyDlpV2KindExpression properties: - version: - description: Name of the version - type: string - description: - description: Description of the version. + name: + description: The name of the kind. type: string - GooglePrivacyDlpV2InfoTypeCategory: - id: GooglePrivacyDlpV2InfoTypeCategory - description: >- - Classification of infoTypes to organize them according to geographic - location, industry, and data type. + description: A representation of a Datastore kind. + type: object + GooglePrivacyDlpV2DiscoveryCloudSqlGenerationCadence: + id: GooglePrivacyDlpV2DiscoveryCloudSqlGenerationCadence type: object + description: >- + How often existing tables should have their profiles refreshed. New + tables are scanned as quickly as possible depending on system capacity. properties: - locationCategory: - description: >- - The region or country that issued the ID or document represented by - the infoType. - type: string + refreshFrequency: enumDescriptions: - - Unused location - - >- - The infoType is not issued by or tied to a specific region, but is - used almost everywhere. - - The infoType is typically used in Argentina. - - The infoType is typically used in Armenia. - - The infoType is typically used in Australia. - - The infoType is typically used in Austria. - - The infoType is typically used in Azerbaijan. - - The infoType is typically used in Belarus. - - The infoType is typically used in Belgium. - - The infoType is typically used in Brazil. - - The infoType is typically used in Canada. - - The infoType is typically used in Chile. - - The infoType is typically used in China. - - The infoType is typically used in Colombia. - - The infoType is typically used in Croatia. - - The infoType is typically used in Czechia. - - The infoType is typically used in Denmark. - - The infoType is typically used in France. - - The infoType is typically used in Finland. - - The infoType is typically used in Germany. - - The infoType is typically used in Hong Kong. - - The infoType is typically used in India. - - The infoType is typically used in Indonesia. - - The infoType is typically used in Ireland. - - The infoType is typically used in Israel. - - The infoType is typically used in Italy. - - The infoType is typically used in Japan. - - The infoType is typically used in Kazakhstan. - - The infoType is typically used in Korea. - - The infoType is typically used in Mexico. - - The infoType is typically used in the Netherlands. - - The infoType is typically used in New Zealand. - - The infoType is typically used in Norway. - - The infoType is typically used in Paraguay. - - The infoType is typically used in Peru. - - The infoType is typically used in Poland. - - The infoType is typically used in Portugal. - - The infoType is typically used in Russia. - - The infoType is typically used in Singapore. - - The infoType is typically used in South Africa. - - The infoType is typically used in Spain. - - The infoType is typically used in Sweden. - - The infoType is typically used in Switzerland. - - The infoType is typically used in Taiwan. - - The infoType is typically used in Thailand. - - The infoType is typically used in Turkey. - - The infoType is typically used in Ukraine. - - The infoType is typically used in the United Kingdom. - - The infoType is typically used in the United States. - - The infoType is typically used in Uruguay. - - The infoType is typically used in Uzbekistan. - - The infoType is typically used in Venezuela. - - The infoType is typically used in Google internally. - enum: - - LOCATION_UNSPECIFIED - - GLOBAL - - ARGENTINA - - ARMENIA - - AUSTRALIA - - AUSTRIA - - AZERBAIJAN - - BELARUS - - BELGIUM - - BRAZIL - - CANADA - - CHILE - - CHINA - - COLOMBIA - - CROATIA - - CZECHIA - - DENMARK - - FRANCE - - FINLAND - - GERMANY - - HONG_KONG - - INDIA - - INDONESIA - - IRELAND - - ISRAEL - - ITALY - - JAPAN - - KAZAKHSTAN - - KOREA - - MEXICO - - THE_NETHERLANDS - - NEW_ZEALAND - - NORWAY - - PARAGUAY - - PERU - - POLAND - - PORTUGAL - - RUSSIA - - SINGAPORE - - SOUTH_AFRICA - - SPAIN - - SWEDEN - - SWITZERLAND - - TAIWAN - - THAILAND - - TURKEY - - UKRAINE - - UNITED_KINGDOM - - UNITED_STATES - - URUGUAY - - UZBEKISTAN - - VENEZUELA - - INTERNAL - industryCategory: - description: >- - The group of relevant businesses where this infoType is commonly - used + - Unspecified. + - After the data profile is created, it will never be updated. + - The data profile can be updated up to once every 24 hours. + - The data profile can be updated up to once every 30 days. Default. type: string - enumDescriptions: - - Unused industry - - The infoType is typically used in the finance industry. - - The infoType is typically used in the health industry. - - The infoType is typically used in the telecommunications industry. + description: >- + Data changes (non-schema changes) in Cloud SQL tables can't trigger + reprofiling. If you set this field, profiles are refreshed at this + frequency regardless of whether the underlying tables have changed. + Defaults to never. enum: - - INDUSTRY_UNSPECIFIED - - FINANCE - - HEALTH - - TELECOMMUNICATIONS - typeCategory: - description: The class of identifiers where this infoType belongs - type: string + - UPDATE_FREQUENCY_UNSPECIFIED + - UPDATE_FREQUENCY_NEVER + - UPDATE_FREQUENCY_DAILY + - UPDATE_FREQUENCY_MONTHLY + inspectTemplateModifiedCadence: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2DiscoveryInspectTemplateModifiedCadence + description: >- + Governs when to update data profiles when the inspection rules + defined by the `InspectTemplate` change. If not set, changing the + template will not cause a data profile to update. + schemaModifiedCadence: + description: When to reprofile if the schema has changed. + $ref: '#/components/schemas/GooglePrivacyDlpV2SchemaModifiedCadence' + GooglePrivacyDlpV2OutputStorageConfig: + description: Cloud repository for storing output. + id: GooglePrivacyDlpV2OutputStorageConfig + properties: + table: + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' + description: >- + Store findings in an existing table or a new table in an existing + dataset. If table_id is not set a new one will be generated for you + with the following format: dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. + Pacific time zone will be used for generating the date details. For + Inspect, each column in an existing output table must have the same + name, type, and mode of a field in the `Finding` object. For Risk, + an existing output table should be the output of a previous Risk + analysis job run on the same source table, with the same privacy + metric and quasi-identifiers. Risk jobs that analyze the same table + but compute a different privacy metric, or use different sets of + quasi-identifiers, cannot store their results in the same table. + storagePath: + description: >- + Store findings in an existing Cloud Storage bucket. Files will be + generated with the job ID and file part number as the filename and + will contain findings in textproto format as + SaveToGcsFindingsOutput. The filename will follow the naming + convention `-`. Example: `my-job-id-2`. Supported for Inspect jobs. + The bucket must not be the same as the bucket being inspected. If + storing findings to Cloud Storage, the output schema field should + not be set. If set, it will be ignored. + $ref: '#/components/schemas/GooglePrivacyDlpV2CloudStoragePath' + outputSchema: + description: >- + Schema used for writing the findings for Inspect jobs. This field is + only used for Inspect and must be unspecified for Risk jobs. Columns + are derived from the `Finding` object. If appending to an existing + table, any columns from the predefined schema that are missing will + be added. No columns in the existing table will be deleted. If + unspecified, then all available columns will be used for a new table + or an (existing) table with no schema, and no changes will be made + to an existing table that has a schema. Only for use with external + storage. enumDescriptions: - - Unused type - - >- - Personally identifiable information, for example, a name or phone - number - - >- - Personally identifiable information that is especially sensitive, - for example, a passport number. - - >- - Attributes that can partially identify someone, especially in - combination with other attributes, like age, height, and gender. - - Confidential or secret information, for example, a password. - - An identification document issued by a government. - - A document, for example, a resume or source code. + - Unused. - >- - Information that is not sensitive on its own, but provides details - about the circumstances surrounding an entity or an event. - - Category for `CustomInfoType` types. + Basic schema including only `info_type`, `quote`, `certainty`, and + `timestamp`. + - Schema tailored to findings from scanning Cloud Storage. + - Schema tailored to findings from scanning Google Datastore. + - Schema tailored to findings from scanning Google BigQuery. + - Schema containing all columns. enum: - - TYPE_UNSPECIFIED - - PII - - SPII - - DEMOGRAPHIC - - CREDENTIAL - - GOVERNMENT_ID - - DOCUMENT - - CONTEXTUAL_INFORMATION - - CUSTOM - GooglePrivacyDlpV2CreateInspectTemplateRequest: - id: GooglePrivacyDlpV2CreateInspectTemplateRequest - description: Request message for CreateInspectTemplate. + - OUTPUT_SCHEMA_UNSPECIFIED + - BASIC_COLUMNS + - GCS_COLUMNS + - DATASTORE_COLUMNS + - BIG_QUERY_COLUMNS + - ALL_COLUMNS + type: string + type: object + GooglePrivacyDlpV2TagValue: + id: GooglePrivacyDlpV2TagValue + description: A value of a tag. type: object properties: - inspectTemplate: - description: Required. The InspectTemplate to create. - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' - templateId: - description: >- - The template id can contain uppercase and lowercase letters, - numbers, and hyphens; that is, it must match the regular expression: - `[a-zA-Z\d-_]+`. The maximum length is 100 characters. Can be empty - to allow the system to generate one. - type: string - locationId: - description: Deprecated. This field has no effect. + namespacedValue: type: string - GooglePrivacyDlpV2InspectTemplate: - id: GooglePrivacyDlpV2InspectTemplate + description: >- + The namespaced name for the tag value to attach to resources. Must + be in the format `{parent_id}/{tag_key_short_name}/{short_name}`, + for example, "123456/environment/prod" for an organization parent, + or "my-project/environment/prod" for a project parent. + GooglePrivacyDlpV2EntityId: + id: GooglePrivacyDlpV2EntityId + properties: + field: + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + description: Composite key indicating which field contains the entity identifier. + type: object description: >- - The inspectTemplate contains a configuration (set of types of sensitive - data to be detected) to be used anywhere you otherwise would normally - specify InspectConfig. See - https://cloud.google.com/sensitive-data-protection/docs/concepts-templates - to learn more. + An entity in a dataset is a field or set of fields that correspond to a + single person. For example, in medical records the `EntityId` might be a + patient identifier, or for financial records it might be an account + identifier. This message is used when generalizations or analysis must + take into account that multiple rows correspond to the same entity. + GooglePrivacyDlpV2CreateConnectionRequest: + description: Request message for CreateConnection. type: object + id: GooglePrivacyDlpV2CreateConnectionRequest properties: - name: + connection: + $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' + description: Required. The connection resource. + GooglePrivacyDlpV2TagResources: + type: object + properties: + tagConditions: + type: array + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2TagCondition' + description: The tags to associate with different conditions. + profileGenerationsToTag: description: >- - Output only. The template name. The template will have one of the - following formats: - `projects/PROJECT_ID/inspectTemplates/TEMPLATE_ID` OR - `organizations/ORGANIZATION_ID/inspectTemplates/TEMPLATE_ID`; - readOnly: true + The profile generations for which the tag should be attached to + resources. If you attach a tag to only new profiles, then if the + sensitivity score of a profile subsequently changes, its tag doesn't + change. By default, this field includes only new profiles. To + include both new and updated profiles for tagging, this field should + explicitly include both `PROFILE_GENERATION_NEW` and + `PROFILE_GENERATION_UPDATE`. + items: + enumDescriptions: + - Unused. + - The profile is the first profile for the resource. + - The profile is an update to a previous profile. + enum: + - PROFILE_GENERATION_UNSPECIFIED + - PROFILE_GENERATION_NEW + - PROFILE_GENERATION_UPDATE + type: string + type: array + lowerDataRiskToLow: + description: >- + Whether applying a tag to a resource should lower the risk of the + profile for that resource. For example, in conjunction with an [IAM + deny policy](https://cloud.google.com/iam/docs/deny-overview), you + can deny all principals a permission if a tag value is present, + mitigating the risk of the resource. This also lowers the data risk + of resources at the lower levels of the resource hierarchy. For + example, reducing the data risk of a table data profile also reduces + the data risk of the constituent column data profiles. + type: boolean + description: >- + If set, attaches the [tags] + (https://cloud.google.com/resource-manager/docs/tags/tags-overview) + provided to profiled resources. Tags support [access + control](https://cloud.google.com/iam/docs/tags-access-control). You can + conditionally grant or deny access to a resource based on whether the + resource has a specific tag. + id: GooglePrivacyDlpV2TagResources + GooglePrivacyDlpV2ContentLocation: + id: GooglePrivacyDlpV2ContentLocation + properties: + documentLocation: + description: Location data for document files. + $ref: '#/components/schemas/GooglePrivacyDlpV2DocumentLocation' + containerTimestamp: + format: google-datetime type: string - displayName: - description: Display name (max 256 chars). + description: >- + Finding container modification timestamp, if applicable. For Cloud + Storage, this field contains the last file modification timestamp. + For a BigQuery table, this field contains the last_modified_time + property. For Datastore, this field isn't populated. + metadataLocation: + description: Location within the metadata for inspected content. + $ref: '#/components/schemas/GooglePrivacyDlpV2MetadataLocation' + containerVersion: type: string - description: - description: Short description (max 256 chars). + description: >- + Finding container version, if available ("generation" for Cloud + Storage). + imageLocation: + $ref: '#/components/schemas/GooglePrivacyDlpV2ImageLocation' + description: Location within an image's pixels. + containerName: type: string - createTime: - description: Output only. The creation timestamp of an inspectTemplate. - readOnly: true + description: >- + Name of the container where the finding is located. The top level + name is the source file name or table name. Names of some common + storage containers are formatted as follows: * BigQuery tables: + `{project_id}:{dataset_id}.{table_id}` * Cloud Storage files: + `gs://{bucket}/{path}` * Datastore namespace: {namespace} Nested + names could be absent if the embedded object has no string + identifier (for example, an image contained within a document). + recordLocation: + $ref: '#/components/schemas/GooglePrivacyDlpV2RecordLocation' + description: Location within a row or record of a database table. + type: object + description: >- + Precise location of the finding within a document, record, image, or + metadata container. + GooglePrivacyDlpV2DiscoveryBigQueryConditions: + id: GooglePrivacyDlpV2DiscoveryBigQueryConditions + properties: + typeCollection: + enumDescriptions: + - Unused. + - >- + Automatically generate profiles for all tables, even if the table + type is not yet fully supported for analysis. Profiles for + unsupported tables will be generated with errors to indicate their + partial support. When full support is added, the tables will + automatically be profiled during the next scheduled run. + - >- + Only those types fully supported will be profiled. Will expand + automatically as Cloud DLP adds support for new table types. + Unsupported table types will not have partial profiles generated. + description: Restrict discovery to categories of table types. type: string + enum: + - BIG_QUERY_COLLECTION_UNSPECIFIED + - BIG_QUERY_COLLECTION_ALL_TYPES + - BIG_QUERY_COLLECTION_ONLY_SUPPORTED_TYPES + createdAfter: + description: >- + BigQuery table must have been created after this date. Used to avoid + backfilling. format: google-datetime - updateTime: - description: Output only. The last update timestamp of an inspectTemplate. - readOnly: true type: string - format: google-datetime - inspectConfig: + types: + description: Restrict discovery to specific table types. + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTableTypes' + orConditions: + $ref: '#/components/schemas/GooglePrivacyDlpV2OrConditions' description: >- - The core content of the template. Configuration of the scanning - process. - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectConfig' - GooglePrivacyDlpV2UpdateInspectTemplateRequest: - id: GooglePrivacyDlpV2UpdateInspectTemplateRequest - description: Request message for UpdateInspectTemplate. + At least one of the conditions must be true for a table to be + scanned. + description: >- + Requirements that must be true before a table is scanned in discovery + for the first time. There is an AND relationship between the top-level + attributes. Additionally, minimum conditions with an OR relationship + that must be met before Cloud DLP scans a table can be set (like a + minimum row count or a minimum table age). type: object + GooglePrivacyDlpV2DiscoveryOtherCloudGenerationCadence: + description: >- + How often existing resources should have their profiles refreshed. New + resources are scanned as quickly as possible depending on system + capacity. properties: - inspectTemplate: - description: New InspectTemplate value. - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' - updateMask: - description: Mask to control which fields get updated. + refreshFrequency: + enum: + - UPDATE_FREQUENCY_UNSPECIFIED + - UPDATE_FREQUENCY_NEVER + - UPDATE_FREQUENCY_DAILY + - UPDATE_FREQUENCY_MONTHLY type: string - format: google-fieldmask - GooglePrivacyDlpV2ListInspectTemplatesResponse: - id: GooglePrivacyDlpV2ListInspectTemplatesResponse - description: Response message for ListInspectTemplates. - type: object - properties: - inspectTemplates: + enumDescriptions: + - Unspecified. + - After the data profile is created, it will never be updated. + - The data profile can be updated up to once every 24 hours. + - The data profile can be updated up to once every 30 days. Default. description: >- - List of inspectTemplates, up to page_size in - ListInspectTemplatesRequest. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' - nextPageToken: + Optional. Frequency to update profiles regardless of whether the + underlying resource has changes. Defaults to never. + inspectTemplateModifiedCadence: description: >- - If the next page is available then the next page token to be used in - the following ListInspectTemplates request. - type: string - GoogleProtobufEmpty: - id: GoogleProtobufEmpty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - GooglePrivacyDlpV2CreateDeidentifyTemplateRequest: - id: GooglePrivacyDlpV2CreateDeidentifyTemplateRequest - description: Request message for CreateDeidentifyTemplate. + Optional. Governs when to update data profiles when the inspection + rules defined by the `InspectTemplate` change. If not set, changing + the template will not cause a data profile to update. + $ref: >- + #/components/schemas/GooglePrivacyDlpV2DiscoveryInspectTemplateModifiedCadence + id: GooglePrivacyDlpV2DiscoveryOtherCloudGenerationCadence type: object + GooglePrivacyDlpV2CategoricalStatsHistogramBucket: + description: Histogram of value frequencies in the column. properties: - deidentifyTemplate: - description: Required. The DeidentifyTemplate to create. - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' - templateId: + bucketSize: + format: int64 + type: string + description: Total number of values in this bucket. + bucketValues: description: >- - The template id can contain uppercase and lowercase letters, - numbers, and hyphens; that is, it must match the regular expression: - `[a-zA-Z\d-_]+`. The maximum length is 100 characters. Can be empty - to allow the system to generate one. + Sample of value frequencies in this bucket. The total number of + values returned per bucket is capped at 20. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2ValueFrequency' + type: array + bucketValueCount: + format: int64 type: string - locationId: - description: Deprecated. This field has no effect. + description: Total number of distinct values in this bucket. + valueFrequencyUpperBound: + format: int64 type: string - GooglePrivacyDlpV2DeidentifyTemplate: - id: GooglePrivacyDlpV2DeidentifyTemplate - description: >- - DeidentifyTemplates contains instructions on how to de-identify content. - See - https://cloud.google.com/sensitive-data-protection/docs/concepts-templates - to learn more. + description: Upper bound on the value frequency of the values in this bucket. + valueFrequencyLowerBound: + type: string + description: Lower bound on the value frequency of the values in this bucket. + format: int64 type: object + id: GooglePrivacyDlpV2CategoricalStatsHistogramBucket + UtilStatusProto: + id: UtilStatusProto + description: Wire-format for a Status object properties: - name: + messageSet: description: >- - Output only. The template name. The template will have one of the - following formats: - `projects/PROJECT_ID/deidentifyTemplates/TEMPLATE_ID` OR - `organizations/ORGANIZATION_ID/deidentifyTemplates/TEMPLATE_ID` - readOnly: true - type: string - displayName: - description: Display name (max 256 chars). - type: string - description: - description: Short description (max 256 chars). - type: string - createTime: - description: Output only. The creation timestamp of an inspectTemplate. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The last update timestamp of an inspectTemplate. - readOnly: true + message_set associates an arbitrary proto message with the status. + copybara:strip_begin(b/383363683) copybara:strip_end_and_replace + optional proto2.bridge.MessageSet message_set = 5; + $ref: '#/components/schemas/Proto2BridgeMessageSet' + canonicalCode: + type: integer + format: int32 + description: >- + copybara:strip_begin(b/383363683) copybara:strip_end_and_replace + optional int32 canonical_code = 6; + space: + description: >- + copybara:strip_begin(b/383363683) Space to which this status belongs + copybara:strip_end_and_replace optional string space = 2; // Space + to which this status belongs type: string - format: google-datetime - deidentifyConfig: - description: The core content of the template. - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyConfig' - GooglePrivacyDlpV2UpdateDeidentifyTemplateRequest: - id: GooglePrivacyDlpV2UpdateDeidentifyTemplateRequest - description: Request message for UpdateDeidentifyTemplate. + code: + description: >- + Numeric code drawn from the space specified below. Often, this is + the canonical error space, and code is drawn from + google3/util/task/codes.proto copybara:strip_begin(b/383363683) + copybara:strip_end_and_replace optional int32 code = 1; + format: int32 + type: integer + message: + type: string + description: >- + Detail message copybara:strip_begin(b/383363683) + copybara:strip_end_and_replace optional string message = 3; + type: object + GooglePrivacyDlpV2DataProfileLocation: + description: The data that will be profiled. type: object + id: GooglePrivacyDlpV2DataProfileLocation properties: - deidentifyTemplate: - description: New DeidentifyTemplate value. - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' - updateMask: - description: Mask to control which fields get updated. + organizationId: + format: int64 + description: The ID of an organization to scan. type: string - format: google-fieldmask - GooglePrivacyDlpV2ListDeidentifyTemplatesResponse: - id: GooglePrivacyDlpV2ListDeidentifyTemplatesResponse - description: Response message for ListDeidentifyTemplates. + folderId: + format: int64 + description: The ID of the folder within an organization to scan. + type: string + GooglePrivacyDlpV2DiscoveryVertexDatasetFilter: + description: >- + Determines what datasets will have profiles generated within an + organization or project. Includes the ability to filter by regular + expression patterns on project ID or dataset regex. type: object properties: - deidentifyTemplates: + collection: + $ref: '#/components/schemas/GooglePrivacyDlpV2VertexDatasetCollection' + description: A specific set of Vertex AI datasets for this filter to apply to. + vertexDatasetResourceReference: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2VertexDatasetResourceReference description: >- - List of deidentify templates, up to page_size in - ListDeidentifyTemplatesRequest. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' - nextPageToken: + The dataset resource to scan. Targets including this can only + include one target (the target with this dataset resource + reference). + others: description: >- - If the next page is available then the next page token to be used in - the following ListDeidentifyTemplates request. - type: string - GooglePrivacyDlpV2CreateJobTriggerRequest: - id: GooglePrivacyDlpV2CreateJobTriggerRequest - description: Request message for CreateJobTrigger. - type: object + Catch-all. This should always be the last target in the list because + anything above it will apply first. Should only appear once in a + configuration. If none is specified, a default one will be added + automatically. + $ref: '#/components/schemas/GooglePrivacyDlpV2AllOtherResources' + id: GooglePrivacyDlpV2DiscoveryVertexDatasetFilter + GooglePrivacyDlpV2CloudStorageRegex: properties: - jobTrigger: - description: Required. The JobTrigger to create. - $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' - triggerId: - description: >- - The trigger id can contain uppercase and lowercase letters, numbers, - and hyphens; that is, it must match the regular expression: - `[a-zA-Z\d-_]+`. The maximum length is 100 characters. Can be empty - to allow the system to generate one. + projectIdRegex: + description: Optional. For organizations, if unset, will match all projects. type: string - locationId: - description: Deprecated. This field has no effect. + bucketNameRegex: + description: >- + Optional. Regex to test the bucket name against. If empty, all + buckets match. Example: "marketing2021" or "(marketing)\d{4}" will + both match the bucket gs://marketing2021 type: string - GooglePrivacyDlpV2JobTrigger: - id: GooglePrivacyDlpV2JobTrigger + id: GooglePrivacyDlpV2CloudStorageRegex + type: object description: >- - Contains a configuration to make API calls on a repeating basis. See - https://cloud.google.com/sensitive-data-protection/docs/concepts-job-triggers - to learn more. + A pattern to match against one or more file stores. At least one pattern + must be specified. Regular expressions use RE2 + [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be + found under the google/re2 repository on GitHub. + GooglePrivacyDlpV2ValueFrequency: type: object + id: GooglePrivacyDlpV2ValueFrequency + description: A value of a field, including its frequency. properties: - name: - description: >- - Unique resource name for the triggeredJob, assigned by the service - when the triggeredJob is created, for example - `projects/dlp-test-project/jobTriggers/53234423`. - type: string - displayName: - description: Display name (max 100 chars) - type: string - description: - description: User provided description (max 256 chars) + value: + $ref: '#/components/schemas/GooglePrivacyDlpV2Value' + description: A value contained in the field in question. + count: + description: How many times the value is contained in the field. + format: int64 type: string - inspectJob: - description: For inspect jobs, a snapshot of the configuration. - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectJobConfig' - triggers: - description: >- - A list of triggers which will be OR'ed together. Only one in the - list needs to trigger for a job to be started. The list may contain - only a single Schedule trigger and must have at least one object. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Trigger' - errors: - description: >- - Output only. A stream of errors encountered when the trigger was - activated. Repeated errors may result in the JobTrigger - automatically being paused. Will return the last 100 errors. - Whenever the JobTrigger is modified this list will be cleared. - readOnly: true + GooglePrivacyDlpV2ListDiscoveryConfigsResponse: + id: GooglePrivacyDlpV2ListDiscoveryConfigsResponse + type: object + properties: + discoveryConfigs: type: array items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Error' - createTime: - description: Output only. The creation timestamp of a triggeredJob. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The last update timestamp of a triggeredJob. - readOnly: true - type: string - format: google-datetime - lastRunTime: - description: Output only. The timestamp of the last time this trigger executed. - readOnly: true - type: string - format: google-datetime - status: - description: Required. A status for this trigger. + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' + description: List of configs, up to page_size in ListDiscoveryConfigsRequest. + nextPageToken: type: string - enumDescriptions: - - Unused. - - Trigger is healthy. - - Trigger is temporarily paused. - - Trigger is cancelled and can not be resumed. - enum: - - STATUS_UNSPECIFIED - - HEALTHY - - PAUSED - - CANCELLED - GooglePrivacyDlpV2InspectJobConfig: - id: GooglePrivacyDlpV2InspectJobConfig - description: Controls what and how to inspect for findings. + description: >- + If the next page is available then this value is the next page token + to be used in the following ListDiscoveryConfigs request. + description: Response message for ListDiscoveryConfigs. + GooglePrivacyDlpV2UpdateStoredInfoTypeRequest: + id: GooglePrivacyDlpV2UpdateStoredInfoTypeRequest + description: Request message for UpdateStoredInfoType. type: object properties: - storageConfig: - description: The data to scan. - $ref: '#/components/schemas/GooglePrivacyDlpV2StorageConfig' - inspectConfig: - description: How and what to scan for. - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectConfig' - inspectTemplateName: + config: + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoTypeConfig' description: >- - If provided, will be used as the default for all values in - InspectConfig. `inspect_config` will be merged into the values - persisted as part of the template. + Updated configuration for the storedInfoType. If not provided, a new + version of the storedInfoType will be created with the existing + configuration. + updateMask: + format: google-fieldmask + description: Mask to control which fields get updated. type: string - actions: - description: Actions to execute at the completion of the job. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Action' - GooglePrivacyDlpV2StorageConfig: - id: GooglePrivacyDlpV2StorageConfig - description: Shared message indicating Cloud storage type. - type: object - properties: - datastoreOptions: - description: Google Cloud Datastore options. - $ref: '#/components/schemas/GooglePrivacyDlpV2DatastoreOptions' - cloudStorageOptions: - description: Cloud Storage options. - $ref: '#/components/schemas/GooglePrivacyDlpV2CloudStorageOptions' - bigQueryOptions: - description: BigQuery options. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryOptions' - hybridOptions: - description: Hybrid inspection options. - $ref: '#/components/schemas/GooglePrivacyDlpV2HybridOptions' - timespanConfig: - description: Configuration of the timespan of the items to include in scanning. - $ref: '#/components/schemas/GooglePrivacyDlpV2TimespanConfig' - GooglePrivacyDlpV2DatastoreOptions: - id: GooglePrivacyDlpV2DatastoreOptions - description: Options defining a data set within Google Cloud Datastore. + GooglePrivacyDlpV2PublishFindingsToDataplexCatalog: + properties: {} + id: GooglePrivacyDlpV2PublishFindingsToDataplexCatalog + description: >- + Publish findings of a DlpJob to Dataplex Universal Catalog as a + `sensitive-data-protection-job-result` aspect. For more information, see + [Send inspection results to Dataplex Universal Catalog as + aspects](https://cloud.google.com/sensitive-data-protection/docs/add-aspects-inspection-job). + Aspects are stored in Dataplex Universal Catalog storage and are + governed by service-specific policies for Dataplex Universal Catalog. + For more information, see [Service Specific + Terms](https://cloud.google.com/terms/service-terms). Only a single + instance of this action can be specified. This action is allowed only if + all resources being scanned are BigQuery tables. Compatible with: + Inspect type: object + GooglePrivacyDlpV2Proximity: properties: - partitionId: - description: >- - A partition ID identifies a grouping of entities. The grouping is - always by project and namespace, however the namespace ID may be - empty. - $ref: '#/components/schemas/GooglePrivacyDlpV2PartitionId' - kind: - description: The kind to process. - $ref: '#/components/schemas/GooglePrivacyDlpV2KindExpression' - GooglePrivacyDlpV2KindExpression: - id: GooglePrivacyDlpV2KindExpression - description: A representation of a Datastore kind. + windowBefore: + type: integer + format: int32 + description: >- + Number of characters before the finding to consider. For tabular + data, if you want to modify the likelihood of an entire column of + findngs, set this to 1. For more information, see [Hotword example: + Set the match likelihood of a table column] + (https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes-likelihood#match-column-values). + windowAfter: + format: int32 + description: Number of characters after the finding to consider. + type: integer + id: GooglePrivacyDlpV2Proximity + description: >- + Message for specifying a window around a finding to apply a detection + rule. + type: object + Proto2BridgeMessageSet: type: object + description: >- + This is proto2's version of MessageSet. DEPRECATED: DO NOT USE FOR NEW + FIELDS. If you are using editions or proto2, please make your own + extendable messages for your use case. If you are using proto3, please + use `Any` instead. MessageSet was the implementation of extensions for + proto1. When proto2 was introduced, extensions were implemented as a + first-class feature. This schema for MessageSet was meant to be a + "bridge" solution to migrate MessageSet-bearing messages from proto1 to + proto2. This schema has been open-sourced only to facilitate the + migration of Google products with MessageSet-bearing messages to + open-source environments. + deprecated: true + id: Proto2BridgeMessageSet + properties: {} + GooglePrivacyDlpV2ActionDetails: + id: GooglePrivacyDlpV2ActionDetails properties: - name: - description: The name of the kind. - type: string - GooglePrivacyDlpV2CloudStorageOptions: - id: GooglePrivacyDlpV2CloudStorageOptions - description: Options defining a file or a set of files within a Cloud Storage bucket. + deidentifyDetails: + description: Outcome of a de-identification action. + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyDataSourceDetails' type: object + description: The results of an Action. + GooglePrivacyDlpV2HybridInspectStatistics: + description: Statistics related to processing hybrid inspect requests. + id: GooglePrivacyDlpV2HybridInspectStatistics properties: - fileSet: - description: The set of one or more files to scan. - $ref: '#/components/schemas/GooglePrivacyDlpV2FileSet' - bytesLimitPerFile: + abortedCount: + type: string description: >- - Max number of bytes to scan from a file. If a scanned file's size is - bigger than this value then the rest of the bytes are omitted. Only - one of `bytes_limit_per_file` and `bytes_limit_per_file_percent` can - be specified. This field can't be set if de-identification is - requested. For certain file types, setting this field has no effect. - For more information, see [Limits on bytes scanned per - file](https://cloud.google.com/sensitive-data-protection/docs/supported-file-types#max-byte-size-per-file). + The number of hybrid inspection requests aborted because the job ran + out of quota or was ended before they could be processed. + format: int64 + processedCount: + format: int64 + description: The number of hybrid inspection requests processed within this job. + type: string + pendingCount: + description: >- + The number of hybrid requests currently being processed. Only + populated when called via method `getDlpJob`. A burst of traffic may + cause hybrid inspect requests to be enqueued. Processing will take + place as quickly as possible, but resource limitations may impact + how long a request is enqueued for. type: string format: int64 - bytesLimitPerFilePercent: + type: object + GooglePrivacyDlpV2ThrowError: + properties: {} + description: Throw an error and fail the request when a transformation error occurs. + type: object + id: GooglePrivacyDlpV2ThrowError + GooglePrivacyDlpV2DeidentifyConfig: + id: GooglePrivacyDlpV2DeidentifyConfig + type: object + description: The configuration that controls how the data will change. + properties: + recordTransformations: + $ref: '#/components/schemas/GooglePrivacyDlpV2RecordTransformations' description: >- - Max percentage of bytes to scan from a file. The rest are omitted. - The number of bytes scanned is rounded down. Must be between 0 and - 100, inclusively. Both 0 and 100 means no limit. Defaults to 0. Only - one of bytes_limit_per_file and bytes_limit_per_file_percent can be - specified. This field can't be set if de-identification is - requested. For certain file types, setting this field has no effect. - For more information, see [Limits on bytes scanned per - file](https://cloud.google.com/sensitive-data-protection/docs/supported-file-types#max-byte-size-per-file). - type: integer - format: int32 - fileTypes: + Treat the dataset as structured. Transformations can be applied to + specific locations within structured datasets, such as transforming + a column within a table. + imageTransformations: + description: Treat the dataset as an image and redact. + $ref: '#/components/schemas/GooglePrivacyDlpV2ImageTransformations' + infoTypeTransformations: description: >- - List of file type groups to include in the scan. If empty, all files - are scanned and available data format processors are applied. In - addition, the binary content of the selected files is always scanned - as well. Images are scanned only as binary if the specified region - does not support image inspection and no file_types were specified. - Image inspection is restricted to 'global', 'us', 'asia', and - 'europe'. + Treat the dataset as free-form text and apply the same free text + transformation everywhere. + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeTransformations' + transformationErrorHandling: + description: >- + Mode for handling transformation errors. If left unspecified, the + default mode is `TransformationErrorHandling.ThrowError`. + $ref: '#/components/schemas/GooglePrivacyDlpV2TransformationErrorHandling' + GooglePrivacyDlpV2Table: + type: object + id: GooglePrivacyDlpV2Table + description: >- + Structured content to inspect. Up to 50,000 `Value`s per request + allowed. See + https://cloud.google.com/sensitive-data-protection/docs/inspecting-structured-text#inspecting_a_table + to learn more. + properties: + rows: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2Row' + description: Rows of the table. type: array + headers: items: - type: string - enumDescriptions: - - Includes all files. - - >- - Includes all file extensions not covered by another entry. - Binary scanning attempts to convert the content of the file to - utf_8 to scan the file. If you wish to avoid this fall back, - specify one or more of the other file types in your storage - scan. - - >- - Included file extensions: asc,asp, aspx, brf, c, cc,cfm, cgi, - cpp, csv, cxx, c++, cs, css, dart, dat, dot, eml,, epbub, ged, - go, h, hh, hpp, hxx, h++, hs, html, htm, mkd, markdown, m, ml, - mli, perl, pl, plist, pm, php, phtml, pht, properties, py, pyw, - rb, rbw, rs, rss, rc, scala, sh, sql, swift, tex, shtml, shtm, - xhtml, lhs, ics, ini, java, js, json, jsonl, kix, kml, ocaml, - md, txt, text, tsv, vb, vcard, vcs, wml, xcodeproj, xml, xsl, - xsd, yml, yaml. - - >- - Included file extensions: bmp, gif, jpg, jpeg, jpe, png. Setting - bytes_limit_per_file or bytes_limit_per_file_percent has no - effect on image files. Image inspection is restricted to the - `global`, `us`, `asia`, and `europe` regions. - - >- - Microsoft Word files larger than 30 MB will be scanned as binary - files. Included file extensions: docx, dotx, docm, dotm. Setting - `bytes_limit_per_file` or `bytes_limit_per_file_percent` has no - effect on Word files. - - >- - PDF files larger than 30 MB will be scanned as binary files. - Included file extensions: pdf. Setting `bytes_limit_per_file` or - `bytes_limit_per_file_percent` has no effect on PDF files. - - 'Included file extensions: avro' - - 'Included file extensions: csv' - - 'Included file extensions: tsv' - - >- - Microsoft PowerPoint files larger than 30 MB will be scanned as - binary files. Included file extensions: pptx, pptm, potx, potm, - pot. Setting `bytes_limit_per_file` or - `bytes_limit_per_file_percent` has no effect on PowerPoint - files. - - >- - Microsoft Excel files larger than 30 MB will be scanned as - binary files. Included file extensions: xlsx, xlsm, xltx, xltm. - Setting `bytes_limit_per_file` or `bytes_limit_per_file_percent` - has no effect on Excel files. - enum: - - FILE_TYPE_UNSPECIFIED - - BINARY_FILE - - TEXT_FILE - - IMAGE - - WORD - - PDF - - AVRO - - CSV - - TSV - - POWERPOINT - - EXCEL - sampleMethod: - description: How to sample the data. - type: string - enumDescriptions: - - No sampling. - - Scan from the top (default). - - >- - For each file larger than bytes_limit_per_file, randomly pick the - offset to start scanning. The scanned bytes are contiguous. - enum: - - SAMPLE_METHOD_UNSPECIFIED - - TOP - - RANDOM_START - filesLimitPercent: - description: >- - Limits the number of files to scan to this percentage of the input - FileSet. Number of files scanned is rounded down. Must be between 0 - and 100, inclusively. Both 0 and 100 means no limit. Defaults to 0. - type: integer - format: int32 - GooglePrivacyDlpV2FileSet: - id: GooglePrivacyDlpV2FileSet - description: Set of files to scan. + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + description: Headers of the table. + type: array + GooglePrivacyDlpV2DiscoveryCloudStorageFilter: + id: GooglePrivacyDlpV2DiscoveryCloudStorageFilter + description: >- + Determines which buckets will have profiles generated within an + organization or project. Includes the ability to filter by regular + expression patterns on project ID and bucket name. type: object properties: - url: - description: >- - The Cloud Storage url of the file(s) to scan, in the format - `gs:///`. Trailing wildcard in the path is allowed. If the url ends - in a trailing slash, the bucket or directory represented by the url - will be scanned non-recursively (content in sub-directories will not - be scanned). This means that `gs://mybucket/` is equivalent to - `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to - `gs://mybucket/directory/*`. Exactly one of `url` or - `regex_file_set` must be set. - type: string - regexFileSet: + collection: + $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreCollection' + description: Optional. A specific set of buckets for this filter to apply to. + others: description: >- - The regex-filtered set of files to scan. Exactly one of `url` or - `regex_file_set` must be set. - $ref: '#/components/schemas/GooglePrivacyDlpV2CloudStorageRegexFileSet' - GooglePrivacyDlpV2CloudStorageRegexFileSet: - id: GooglePrivacyDlpV2CloudStorageRegexFileSet - description: >- - Message representing a set of files in a Cloud Storage bucket. Regular - expressions are used to allow fine-grained control over which files in - the bucket to include. Included files are those that match at least one - item in `include_regex` and do not match any items in `exclude_regex`. - Note that a file that matches items from both lists will _not_ be - included. For a match to occur, the entire file path (i.e., everything - in the url after the bucket name) must match the regular expression. For - example, given the input `{bucket_name: "mybucket", include_regex: - ["directory1/.*"], exclude_regex: ["directory1/excluded.*"]}`: * - `gs://mybucket/directory1/myfile` will be included * - `gs://mybucket/directory1/directory2/myfile` will be included (`.*` - matches across `/`) * `gs://mybucket/directory0/directory1/myfile` will - _not_ be included (the full path doesn't match any items in - `include_regex`) * `gs://mybucket/directory1/excludedfile` will _not_ be - included (the path matches an item in `exclude_regex`) If - `include_regex` is left empty, it will match all files by default (this - is equivalent to setting `include_regex: [".*"]`). Some other common use - cases: * `{bucket_name: "mybucket", exclude_regex: [".*\.pdf"]}` will - include all files in `mybucket` except for .pdf files * `{bucket_name: - "mybucket", include_regex: ["directory/[^/]+"]}` will include all files - directly under `gs://mybucket/directory/`, without matching across `/` - type: object + Optional. Catch-all. This should always be the last target in the + list because anything above it will apply first. Should only appear + once in a configuration. If none is specified, a default one will be + added automatically. + $ref: '#/components/schemas/GooglePrivacyDlpV2AllOtherResources' + cloudStorageResourceReference: + description: >- + Optional. The bucket to scan. Targets including this can only + include one target (the target with this bucket). This enables + profiling the contents of a single bucket, while the other options + allow for easy profiling of many bucets within a project or an + organization. + $ref: '#/components/schemas/GooglePrivacyDlpV2CloudStorageResourceReference' + GooglePrivacyDlpV2PrimitiveTransformation: + id: GooglePrivacyDlpV2PrimitiveTransformation properties: - bucketName: - description: The name of a Cloud Storage bucket. Required. - type: string - includeRegex: + characterMaskConfig: + description: Mask + $ref: '#/components/schemas/GooglePrivacyDlpV2CharacterMaskConfig' + cryptoDeterministicConfig: + description: Deterministic Crypto + $ref: '#/components/schemas/GooglePrivacyDlpV2CryptoDeterministicConfig' + timePartConfig: + $ref: '#/components/schemas/GooglePrivacyDlpV2TimePartConfig' + description: Time extraction + dateShiftConfig: + description: Date Shift + $ref: '#/components/schemas/GooglePrivacyDlpV2DateShiftConfig' + replaceDictionaryConfig: description: >- - A list of regular expressions matching file paths to include. All - files in the bucket that match at least one of these regular - expressions will be included in the set of files, except for those - that also match an item in `exclude_regex`. Leaving this field empty - will match all files by default (this is equivalent to including - `.*` in the list). Regular expressions use RE2 - [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be - found under the google/re2 repository on GitHub. - type: array - items: - type: string - excludeRegex: + Replace with a value randomly drawn (with replacement) from a + dictionary. + $ref: '#/components/schemas/GooglePrivacyDlpV2ReplaceDictionaryConfig' + redactConfig: + description: Redact + $ref: '#/components/schemas/GooglePrivacyDlpV2RedactConfig' + replaceConfig: + description: Replace with a specified value. + $ref: '#/components/schemas/GooglePrivacyDlpV2ReplaceValueConfig' + replaceWithInfoTypeConfig: + description: Replace with infotype + $ref: '#/components/schemas/GooglePrivacyDlpV2ReplaceWithInfoTypeConfig' + cryptoHashConfig: + description: Crypto + $ref: '#/components/schemas/GooglePrivacyDlpV2CryptoHashConfig' + fixedSizeBucketingConfig: + description: Fixed size bucketing + $ref: '#/components/schemas/GooglePrivacyDlpV2FixedSizeBucketingConfig' + bucketingConfig: + $ref: '#/components/schemas/GooglePrivacyDlpV2BucketingConfig' + description: Bucketing + cryptoReplaceFfxFpeConfig: + $ref: '#/components/schemas/GooglePrivacyDlpV2CryptoReplaceFfxFpeConfig' description: >- - A list of regular expressions matching file paths to exclude. All - files in the bucket that match at least one of these regular - expressions will be excluded from the scan. Regular expressions use - RE2 [syntax](https://github.com/google/re2/wiki/Syntax); a guide can - be found under the google/re2 repository on GitHub. - type: array - items: - type: string - GooglePrivacyDlpV2BigQueryOptions: - id: GooglePrivacyDlpV2BigQueryOptions - description: Options defining BigQuery table and row identifiers. + Ffx-Fpe. Strongly discouraged, consider using + CryptoDeterministicConfig instead. Fpe is computationally expensive + incurring latency costs. + description: A rule for transforming a value. type: object + GooglePrivacyDlpV2TimeZone: + description: Time zone of the date time object. properties: - tableReference: - description: Complete BigQuery table reference. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' - identifyingFields: + offsetMinutes: + format: int32 + type: integer description: >- - Table fields that may uniquely identify a row within the table. When - `actions.saveFindings.outputConfig.table` is specified, the values - of columns specified here are available in the output table under - `location.content_locations.record_location.record_key.id_values`. - Nested fields such as `person.birthdate.year` are allowed. + Set only if the offset can be determined. Positive for time ahead of + UTC. E.g. For "UTC-9", this value is -540. + id: GooglePrivacyDlpV2TimeZone + type: object + GoogleProtobufEmpty: + type: object + id: GoogleProtobufEmpty + properties: {} + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + GooglePrivacyDlpV2ListStoredInfoTypesResponse: + type: object + properties: + nextPageToken: + description: >- + If the next page is available then the next page token to be used in + the following ListStoredInfoTypes request. + type: string + storedInfoTypes: type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - rowsLimit: description: >- - Max number of rows to scan. If the table has more rows than this - value, the rest of the rows are omitted. If not set, or if set to 0, - all rows will be scanned. Only one of rows_limit and - rows_limit_percent can be specified. Cannot be used in conjunction - with TimespanConfig. + List of storedInfoTypes, up to page_size in + ListStoredInfoTypesRequest. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' + id: GooglePrivacyDlpV2ListStoredInfoTypesResponse + description: Response message for ListStoredInfoTypes. + GooglePrivacyDlpV2KAnonymityHistogramBucket: + description: Histogram of k-anonymity equivalence classes. + id: GooglePrivacyDlpV2KAnonymityHistogramBucket + properties: + equivalenceClassSizeUpperBound: + description: Upper bound on the size of the equivalence classes in this bucket. type: string format: int64 - rowsLimitPercent: - description: >- - Max percentage of rows to scan. The rest are omitted. The number of - rows scanned is rounded down. Must be between 0 and 100, - inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one - of rows_limit and rows_limit_percent can be specified. Cannot be - used in conjunction with TimespanConfig. Caution: A [known - issue](https://cloud.google.com/sensitive-data-protection/docs/known-issues#bq-sampling) - is causing the `rowsLimitPercent` field to behave unexpectedly. We - recommend using `rowsLimit` instead. - type: integer - format: int32 - sampleMethod: - description: How to sample the data. + equivalenceClassSizeLowerBound: + format: int64 type: string - enumDescriptions: - - No sampling. - - >- - Scan groups of rows in the order BigQuery provides (default). - Multiple groups of rows may be scanned in parallel, so results may - not appear in the same order the rows are read. - - Randomly pick groups of rows to scan. - enum: - - SAMPLE_METHOD_UNSPECIFIED - - TOP - - RANDOM_START - excludedFields: - description: >- - References to fields excluded from scanning. This allows you to skip - inspection of entire columns which you know have no findings. When - inspecting a table, we recommend that you inspect all columns. - Otherwise, findings might be affected because hints from excluded - columns will not be used. - type: array + description: Lower bound on the size of the equivalence classes in this bucket. + bucketValues: items: - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - includedFields: + $ref: '#/components/schemas/GooglePrivacyDlpV2KAnonymityEquivalenceClass' description: >- - Limit scanning only to these fields. When inspecting a table, we - recommend that you inspect all columns. Otherwise, findings might be - affected because hints from excluded columns will not be used. + Sample of equivalence classes in this bucket. The total number of + classes returned per bucket is capped at 20. type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - GooglePrivacyDlpV2HybridOptions: - id: GooglePrivacyDlpV2HybridOptions - description: >- - Configuration to control jobs where the content being inspected is - outside of Google Cloud Platform. + bucketValueCount: + description: Total number of distinct equivalence classes in this bucket. + type: string + format: int64 + bucketSize: + description: Total number of equivalence classes in this bucket. + type: string + format: int64 type: object + GooglePrivacyDlpV2VersionDescription: + id: GooglePrivacyDlpV2VersionDescription + description: Details about each available version for an infotype. properties: description: - description: >- - A short description of where the data is coming from. Will be stored - once in the job. 256 max length. + description: Description of the version. type: string - requiredFindingLabelKeys: + version: + description: Name of the version + type: string + type: object + GooglePrivacyDlpV2Manual: + id: GooglePrivacyDlpV2Manual + description: >- + Job trigger option for hybrid jobs. Jobs must be manually created and + finished. + type: object + properties: {} + GooglePrivacyDlpV2SelectedInfoTypes: + description: Apply transformation to the selected info_types. + properties: + infoTypes: description: >- - These are labels that each inspection request must include within - their 'finding_labels' map. Request may contain others, but any - missing one of these will be rejected. Label keys must be between 1 - and 63 characters long and must conform to the following regular - expression: `[a-z]([-a-z0-9]*[a-z0-9])?`. No more than 10 keys can - be required. - type: array + Required. InfoTypes to apply the transformation to. Required. + Provided InfoType must be unique within the ImageTransformations + message. items: - type: string - labels: - description: >- - To organize findings, these labels will be added to each finding. - Label keys must be between 1 and 63 characters long and must conform - to the following regular expression: `[a-z]([-a-z0-9]*[a-z0-9])?`. - Label values must be between 0 and 63 characters long and must - conform to the regular expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`. - No more than 10 labels can be associated with a given finding. - Examples: * `"environment" : "production"` * `"pipeline" : "etl"` - type: object - additionalProperties: - type: string - tableOptions: - description: >- - If the container is a table, additional information to make findings - meaningful such as the columns that are primary keys. - $ref: '#/components/schemas/GooglePrivacyDlpV2TableOptions' - GooglePrivacyDlpV2TableOptions: - id: GooglePrivacyDlpV2TableOptions - description: Instructions regarding the table content being inspected. - type: object - properties: - identifyingFields: - description: >- - The columns that are the primary keys for table objects included in - ContentItem. A copy of this cell's value will stored alongside - alongside each finding so that the finding can be traced to the - specific row it came from. No more than 3 may be provided. + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - GooglePrivacyDlpV2TimespanConfig: - id: GooglePrivacyDlpV2TimespanConfig - description: >- - Configuration of the timespan of the items to include in scanning. - Currently only supported when inspecting Cloud Storage and BigQuery. + id: GooglePrivacyDlpV2SelectedInfoTypes type: object + GooglePrivacyDlpV2CryptoReplaceFfxFpeConfig: + id: GooglePrivacyDlpV2CryptoReplaceFfxFpeConfig + description: >- + Replaces an identifier with a surrogate using Format Preserving + Encryption (FPE) with the FFX mode of operation; however when used in + the `ReidentifyContent` API method, it serves the opposite function by + reversing the surrogate back into the original identifier. The + identifier must be encoded as ASCII. For a given crypto key and context, + the same identifier will be replaced with the same surrogate. + Identifiers must be at least two characters long. In the case that the + identifier is the empty string, it will be skipped. See + https://cloud.google.com/sensitive-data-protection/docs/pseudonymization + to learn more. Note: We recommend using CryptoDeterministicConfig for + all use cases which do not require preserving the input alphabet space + and size, plus warrant referential integrity. FPE incurs significant + latency costs. properties: - startTime: + radix: + type: integer + description: The native way to select the alphabet. Must be in the range [2, 95]. + format: int32 + cryptoKey: + description: Required. The key used by the encryption algorithm. + $ref: '#/components/schemas/GooglePrivacyDlpV2CryptoKey' + customAlphabet: description: >- - Exclude files, tables, or rows older than this value. If not set, no - lower time limit is applied. + This is supported by mapping these to the alphanumeric characters + that the FFX mode natively supports. This happens before/after + encryption/decryption. Each character listed must appear only once. + Number of characters must be in the range [2, 95]. This must be + encoded as ASCII. The order of characters does not matter. The full + list of allowed characters is: + ``0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz~`!@#$%^&*()_-+={[}]|\:;"'<,>.?/`` type: string - format: google-datetime - endTime: + surrogateInfoType: description: >- - Exclude files, tables, or rows newer than this value. If not set, no - upper time limit is applied. + The custom infoType to annotate the surrogate with. This annotation + will be applied to the surrogate by prefixing it with the name of + the custom infoType followed by the number of characters comprising + the surrogate. The following scheme defines the format: + info_type_name(surrogate_character_count):surrogate For example, if + the name of custom infoType is 'MY_TOKEN_INFO_TYPE' and the + surrogate is 'abc', the full replacement value will be: + 'MY_TOKEN_INFO_TYPE(3):abc' This annotation identifies the surrogate + when inspecting content using the custom infoType + [`SurrogateType`](https://cloud.google.com/sensitive-data-protection/docs/reference/rest/v2/InspectConfig#surrogatetype). + This facilitates reversal of the surrogate when it occurs in free + text. In order for inspection to work properly, the name of this + infoType must not occur naturally anywhere in your data; otherwise, + inspection may find a surrogate that does not correspond to an + actual identifier. Therefore, choose your custom infoType name + carefully after considering what your data looks like. One way to + select a name that has a high chance of yielding reliable detection + is to include one or more unicode characters that are highly + improbable to exist in your data. For example, assuming your data is + entered from a regular ASCII keyboard, the symbol with the hex code + point 29DD might be used like so: ⧝MY_TOKEN_TYPE + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' + commonAlphabet: + description: Common alphabets. type: string - format: google-datetime - timestampField: + enum: + - FFX_COMMON_NATIVE_ALPHABET_UNSPECIFIED + - NUMERIC + - HEXADECIMAL + - UPPER_CASE_ALPHA_NUMERIC + - ALPHA_NUMERIC + enumDescriptions: + - Unused. + - '`[0-9]` (radix of 10)' + - '`[0-9A-F]` (radix of 16)' + - '`[0-9A-Z]` (radix of 36)' + - '`[0-9A-Za-z]` (radix of 62)' + context: description: >- - Specification of the field containing the timestamp of scanned - items. Used for data sources like Datastore and BigQuery. **For - BigQuery** If this value is not specified and the table was modified - between the given start and end times, the entire table will be - scanned. If this value is specified, then rows are filtered based on - the given start and end times. Rows with a `NULL` value in the - provided BigQuery column are skipped. Valid data types of the - provided BigQuery column are: `INTEGER`, `DATE`, `TIMESTAMP`, and - `DATETIME`. If your BigQuery table is [partitioned at ingestion - time](https://cloud.google.com/bigquery/docs/partitioned-tables#ingestion_time), - you can use any of the following pseudo-columns as your timestamp - field. When used with Cloud DLP, these pseudo-column names are case - sensitive. - `_PARTITIONTIME` - `_PARTITIONDATE` - - `_PARTITION_LOAD_TIME` **For Datastore** If this value is specified, - then entities are filtered based on the given start and end times. - If an entity does not contain the provided timestamp property or - contains empty or invalid values, then it is included. Valid data - types of the provided timestamp property are: `TIMESTAMP`. See the - [known - issue](https://cloud.google.com/sensitive-data-protection/docs/known-issues#bq-timespan) - related to this operation. + The 'tweak', a context may be used for higher security since the + same identifier in two different contexts won't be given the same + surrogate. If the context is not set, a default tweak will be used. + If the context is set but: 1. there is no record present when + transforming a given value or 1. the field is not present when + transforming a given value, a default tweak will be used. Note that + case (1) is expected when an `InfoTypeTransformation` is applied to + both structured and unstructured `ContentItem`s. Currently, the + referenced field may be of value type integer or string. The tweak + is constructed as a sequence of bytes in big endian byte order such + that: - a 64 bit integer is encoded followed by a single byte of + value 1 - a string is encoded in UTF-8 format followed by a single + byte of value 2 $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - enableAutoPopulationOfTimespanConfig: - description: >- - When the job is started by a JobTrigger we will automatically figure - out a valid start_time to avoid scanning files that have not been - modified since the last time the JobTrigger executed. This will be - based on the time of the execution of the last run of the JobTrigger - or the timespan end_time used in the last run of the JobTrigger. - **For BigQuery** Inspect jobs triggered by automatic population will - scan data that is at least three hours old when the job starts. This - is because streaming buffer rows are not read during inspection and - reading up to the current timestamp will result in skipped rows. See - the [known - issue](https://cloud.google.com/sensitive-data-protection/docs/known-issues#recently-streamed-data) - related to this operation. - type: boolean - GooglePrivacyDlpV2Action: - id: GooglePrivacyDlpV2Action - description: >- - A task to execute on the completion of a job. See - https://cloud.google.com/sensitive-data-protection/docs/concepts-actions - to learn more. - type: object - properties: - saveFindings: - description: Save resulting findings in a provided location. - $ref: '#/components/schemas/GooglePrivacyDlpV2SaveFindings' - pubSub: - description: Publish a notification to a Pub/Sub topic. - $ref: '#/components/schemas/GooglePrivacyDlpV2PublishToPubSub' - publishSummaryToCscc: - description: Publish summary to Cloud Security Command Center (Alpha). - $ref: '#/components/schemas/GooglePrivacyDlpV2PublishSummaryToCscc' - publishFindingsToCloudDataCatalog: - description: Publish findings to Cloud Datahub. - $ref: >- - #/components/schemas/GooglePrivacyDlpV2PublishFindingsToCloudDataCatalog - deidentify: - description: Create a de-identified copy of the input data. - $ref: '#/components/schemas/GooglePrivacyDlpV2Deidentify' - jobNotificationEmails: - description: >- - Sends an email when the job completes. The email goes to IAM project - owners and technical [Essential - Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). - $ref: '#/components/schemas/GooglePrivacyDlpV2JobNotificationEmails' - publishToStackdriver: - description: Enable Stackdriver metric dlp.googleapis.com/finding_count. - $ref: '#/components/schemas/GooglePrivacyDlpV2PublishToStackdriver' - GooglePrivacyDlpV2SaveFindings: - id: GooglePrivacyDlpV2SaveFindings - description: >- - If set, the detailed findings will be persisted to the specified - OutputStorageConfig. Only a single instance of this action can be - specified. Compatible with: Inspect, Risk type: object - properties: - outputConfig: - description: Location to store findings outside of DLP. - $ref: '#/components/schemas/GooglePrivacyDlpV2OutputStorageConfig' - GooglePrivacyDlpV2OutputStorageConfig: - id: GooglePrivacyDlpV2OutputStorageConfig - description: Cloud repository for storing output. + GooglePrivacyDlpV2Connection: type: object + id: GooglePrivacyDlpV2Connection + description: >- + A data connection to allow the DLP API to profile data in locations that + require additional configuration. properties: - table: - description: >- - Store findings in an existing table or a new table in an existing - dataset. If table_id is not set a new one will be generated for you - with the following format: dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. - Pacific time zone will be used for generating the date details. For - Inspect, each column in an existing output table must have the same - name, type, and mode of a field in the `Finding` object. For Risk, - an existing output table should be the output of a previous Risk - analysis job run on the same source table, with the same privacy - metric and quasi-identifiers. Risk jobs that analyze the same table - but compute a different privacy metric, or use different sets of - quasi-identifiers, cannot store their results in the same table. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' - outputSchema: - description: >- - Schema used for writing the findings for Inspect jobs. This field is - only used for Inspect and must be unspecified for Risk jobs. Columns - are derived from the `Finding` object. If appending to an existing - table, any columns from the predefined schema that are missing will - be added. No columns in the existing table will be deleted. If - unspecified, then all available columns will be used for a new table - or an (existing) table with no schema, and no changes will be made - to an existing table that has a schema. Only for use with external - storage. + state: type: string + description: Required. The connection's state in its lifecycle. enumDescriptions: - - Unused. + - Unused - >- - Basic schema including only `info_type`, `quote`, `certainty`, and - `timestamp`. - - Schema tailored to findings from scanning Cloud Storage. - - Schema tailored to findings from scanning Google Datastore. - - Schema tailored to findings from scanning Google BigQuery. - - Schema containing all columns. - enum: - - OUTPUT_SCHEMA_UNSPECIFIED - - BASIC_COLUMNS - - GCS_COLUMNS - - DATASTORE_COLUMNS - - BIG_QUERY_COLUMNS - - ALL_COLUMNS - GooglePrivacyDlpV2PublishToPubSub: - id: GooglePrivacyDlpV2PublishToPubSub - description: >- - Publish a message into a given Pub/Sub topic when DlpJob has completed. - The message contains a single field, `DlpJobName`, which is equal to the - finished job's - [`DlpJob.name`](https://cloud.google.com/sensitive-data-protection/docs/reference/rest/v2/projects.dlpJobs#DlpJob). - Compatible with: Inspect, Risk - type: object - properties: - topic: + The DLP API automatically created this connection during an + initial scan, and it is awaiting full configuration by a user. + - A configured connection that has not encountered any errors. + - >- + A configured connection that encountered errors during its last + use. It will not be used again until it is set to AVAILABLE. If + the resolution requires external action, then the client must send + a request to set the status to AVAILABLE when the connection is + ready for use. If the resolution doesn't require external action, + then any changes to the connection properties will automatically + mark it as AVAILABLE. + enum: + - CONNECTION_STATE_UNSPECIFIED + - MISSING_CREDENTIALS + - AVAILABLE + - ERROR + name: + readOnly: true description: >- - Cloud Pub/Sub topic to send notifications to. The topic must have - given publishing access rights to the DLP API service account - executing the long running DlpJob sending the notifications. Format - is projects/{project}/topics/{topic}. + Output only. Name of the connection: + `projects/{project}/locations/{location}/connections/{name}`. type: string - GooglePrivacyDlpV2PublishSummaryToCscc: - id: GooglePrivacyDlpV2PublishSummaryToCscc + errors: + description: >- + Output only. Set if status == ERROR, to provide additional details. + Will store the last 10 errors sorted with the most recent first. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2Error' + readOnly: true + type: array + cloudSql: + $ref: '#/components/schemas/GooglePrivacyDlpV2CloudSqlProperties' + description: Connect to a Cloud SQL instance. + GooglePrivacyDlpV2InspectionRule: + properties: + exclusionRule: + $ref: '#/components/schemas/GooglePrivacyDlpV2ExclusionRule' + description: Exclusion rule. + hotwordRule: + description: Hotword-based detection rule. + $ref: '#/components/schemas/GooglePrivacyDlpV2HotwordRule' + id: GooglePrivacyDlpV2InspectionRule description: >- - Publish the result summary of a DlpJob to [Security Command - Center](https://cloud.google.com/security-command-center). This action - is available for only projects that belong to an organization. This - action publishes the count of finding instances and their infoTypes. The - summary of findings are persisted in Security Command Center and are - governed by [service-specific policies for Security Command - Center](https://cloud.google.com/terms/service-terms). Only a single - instance of this action can be specified. Compatible with: Inspect + A single inspection rule to be applied to infoTypes, specified in + `InspectionRuleSet`. type: object - properties: {} - GooglePrivacyDlpV2PublishFindingsToCloudDataCatalog: - id: GooglePrivacyDlpV2PublishFindingsToCloudDataCatalog - description: >- - Publish findings of a DlpJob to Data Catalog. In Data Catalog, tag - templates are applied to the resource that Cloud DLP scanned. Data - Catalog tag templates are stored in the same project and region where - the BigQuery table exists. For Cloud DLP to create and apply the tag - template, the Cloud DLP service agent must have the - `roles/datacatalog.tagTemplateOwner` permission on the project. The tag - template contains fields summarizing the results of the DlpJob. Any - field values previously written by another DlpJob are deleted. InfoType - naming patterns are strictly enforced when using this feature. Findings - are persisted in Data Catalog storage and are governed by - service-specific policies for Data Catalog. For more information, see - [Service Specific Terms](https://cloud.google.com/terms/service-terms). - Only a single instance of this action can be specified. This action is - allowed only if all resources being scanned are BigQuery tables. - Compatible with: Inspect + GooglePrivacyDlpV2DataProfilePubSubCondition: + description: A condition for determining whether a Pub/Sub should be triggered. + properties: + expressions: + $ref: '#/components/schemas/GooglePrivacyDlpV2PubSubExpressions' + description: An expression. type: object + id: GooglePrivacyDlpV2DataProfilePubSubCondition + GooglePrivacyDlpV2LeaveUntransformed: + id: GooglePrivacyDlpV2LeaveUntransformed properties: {} - GooglePrivacyDlpV2Deidentify: - id: GooglePrivacyDlpV2Deidentify + type: object description: >- - Create a de-identified copy of a storage bucket. Only compatible with - Cloud Storage buckets. A TransformationDetail will be created for each - transformation. Compatible with: Inspection of Cloud Storage + Skips the data without modifying it if the requested transformation + would cause an error. For example, if a `DateShift` transformation were + applied an an IP address, this mode would leave the IP address unchanged + in the response. + GooglePrivacyDlpV2OrgConfig: type: object + id: GooglePrivacyDlpV2OrgConfig + description: >- + Project and scan location information. Only set when the parent is an + org. properties: - transformationConfig: + projectId: + type: string description: >- - User specified deidentify templates and configs for structured, - unstructured, and image files. - $ref: '#/components/schemas/GooglePrivacyDlpV2TransformationConfig' - transformationDetailsStorageConfig: + The project that will run the scan. The DLP service account that + exists within this project must have access to all resources that + are profiled, and the DLP API must be enabled. + location: + description: 'The data to scan: folder, org, or project' + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryStartingLocation' + GooglePrivacyDlpV2InfoType: + description: Type of information detected by the API. + properties: + name: + type: string description: >- - Config for storing transformation details. This field specifies the - configuration for storing detailed metadata about each - transformation performed during a de-identification process. The - metadata is stored separately from the de-identified content itself - and provides a granular record of both successful transformations - and any failures that occurred. Enabling this configuration is - essential for users who need to access comprehensive information - about the status, outcome, and specifics of each transformation. The - details are captured in the TransformationDetails message for each - operation. Key use cases: * **Auditing and compliance** * Provides a - verifiable audit trail of de-identification activities, which is - crucial for meeting regulatory requirements and internal data - governance policies. * Logs what data was transformed, what - transformations were applied, when they occurred, and their success - status. This helps demonstrate accountability and due diligence in - protecting sensitive data. * **Troubleshooting and debugging** * - Offers detailed error messages and context if a transformation - fails. This information is useful for diagnosing and resolving - issues in the de-identification pipeline. * Helps pinpoint the exact - location and nature of failures, speeding up the debugging process. - * **Process verification and quality assurance** * Allows users to - confirm that de-identification rules and transformations were - applied correctly and consistently across the dataset as intended. * - Helps in verifying the effectiveness of the chosen de-identification - strategies. * **Data lineage and impact analysis** * Creates a - record of how data elements were modified, contributing to data - lineage. This is useful for understanding the provenance of - de-identified data. * Aids in assessing the potential impact of - de-identification choices on downstream analytical processes or data - usability. * **Reporting and operational insights** * You can - analyze the metadata stored in a queryable BigQuery table to - generate reports on transformation success rates, common error - types, processing volumes (e.g., transformedBytes), and the types of - transformations applied. * These insights can inform optimization of - de-identification configurations and resource planning. To take - advantage of these benefits, set this configuration. The stored - details include a description of the transformation, success or - error codes, error messages, the number of bytes transformed, the - location of the transformed content, and identifiers for the job and - source data. - $ref: >- - #/components/schemas/GooglePrivacyDlpV2TransformationDetailsStorageConfig - cloudStorageOutput: + Name of the information type. Either a name of your choosing when + creating a CustomInfoType, or one of the names listed at + https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference + when specifying a built-in type. When sending Cloud DLP results to + Data Catalog, infoType names should conform to the pattern + `[A-Za-z0-9$_-]{1,64}`. + sensitivityScore: + $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' description: >- - Required. User settable Cloud Storage bucket and folders to store - de-identified files. This field must be set for Cloud Storage - deidentification. The output Cloud Storage bucket must be different - from the input bucket. De-identified files will overwrite files in - the output path. Form of: gs://bucket/folder/ or gs://bucket + Optional custom sensitivity for this InfoType. This only applies to + data profiling. + version: + type: string + description: Optional version name for this InfoType. + id: GooglePrivacyDlpV2InfoType + type: object + GooglePrivacyDlpV2Regex: + id: GooglePrivacyDlpV2Regex + properties: + pattern: type: string - fileTypesToTransform: description: >- - List of user-specified file type groups to transform. If specified, - only the files with these file types are transformed. If empty, all - supported files are transformed. Supported types may be - automatically added over time. Any unsupported file types that are - set in this field are excluded from de-identification. An error is - recorded for each unsupported file in the TransformationDetails - output table. Currently the only file types supported are: IMAGES, - TEXT_FILES, CSV, TSV. + Pattern defining the regular expression. Its syntax + (https://github.com/google/re2/wiki/Syntax) can be found under the + google/re2 repository on GitHub. + groupIndexes: type: array + description: >- + The index of the submatch to extract as findings. When not + specified, the entire match is returned. No more than 3 may be + included. items: - type: string - enumDescriptions: - - Includes all files. - - >- - Includes all file extensions not covered by another entry. - Binary scanning attempts to convert the content of the file to - utf_8 to scan the file. If you wish to avoid this fall back, - specify one or more of the other file types in your storage - scan. - - >- - Included file extensions: asc,asp, aspx, brf, c, cc,cfm, cgi, - cpp, csv, cxx, c++, cs, css, dart, dat, dot, eml,, epbub, ged, - go, h, hh, hpp, hxx, h++, hs, html, htm, mkd, markdown, m, ml, - mli, perl, pl, plist, pm, php, phtml, pht, properties, py, pyw, - rb, rbw, rs, rss, rc, scala, sh, sql, swift, tex, shtml, shtm, - xhtml, lhs, ics, ini, java, js, json, jsonl, kix, kml, ocaml, - md, txt, text, tsv, vb, vcard, vcs, wml, xcodeproj, xml, xsl, - xsd, yml, yaml. - - >- - Included file extensions: bmp, gif, jpg, jpeg, jpe, png. Setting - bytes_limit_per_file or bytes_limit_per_file_percent has no - effect on image files. Image inspection is restricted to the - `global`, `us`, `asia`, and `europe` regions. - - >- - Microsoft Word files larger than 30 MB will be scanned as binary - files. Included file extensions: docx, dotx, docm, dotm. Setting - `bytes_limit_per_file` or `bytes_limit_per_file_percent` has no - effect on Word files. - - >- - PDF files larger than 30 MB will be scanned as binary files. - Included file extensions: pdf. Setting `bytes_limit_per_file` or - `bytes_limit_per_file_percent` has no effect on PDF files. - - 'Included file extensions: avro' - - 'Included file extensions: csv' - - 'Included file extensions: tsv' - - >- - Microsoft PowerPoint files larger than 30 MB will be scanned as - binary files. Included file extensions: pptx, pptm, potx, potm, - pot. Setting `bytes_limit_per_file` or - `bytes_limit_per_file_percent` has no effect on PowerPoint - files. - - >- - Microsoft Excel files larger than 30 MB will be scanned as - binary files. Included file extensions: xlsx, xlsm, xltx, xltm. - Setting `bytes_limit_per_file` or `bytes_limit_per_file_percent` - has no effect on Excel files. - enum: - - FILE_TYPE_UNSPECIFIED - - BINARY_FILE - - TEXT_FILE - - IMAGE - - WORD - - PDF - - AVRO - - CSV - - TSV - - POWERPOINT - - EXCEL - GooglePrivacyDlpV2TransformationConfig: - id: GooglePrivacyDlpV2TransformationConfig - description: >- - User specified templates and configs for how to deidentify structured, - unstructures, and image files. User must provide either a unstructured - deidentify template or at least one redact image config. + format: int32 + type: integer + description: Message defining a custom regular expression. + type: object + GooglePrivacyDlpV2Container: type: object properties: - deidentifyTemplate: + relativePath: description: >- - De-identify template. If this template is specified, it will serve - as the default de-identify template. This template cannot contain - `record_transformations` since it can be used for unstructured - content such as free-form text files. If this template is not set, a - default `ReplaceWithInfoTypeConfig` will be used to de-identify - unstructured content. + The rest of the path after the root. Examples: - For BigQuery table + `project_id:dataset_id.table_id`, the relative path is `table_id` - + For Cloud Storage file `gs://bucket/folder/filename.txt`, the + relative path is `folder/filename.txt` type: string - structuredDeidentifyTemplate: + version: description: >- - Structured de-identify template. If this template is specified, it - will serve as the de-identify template for structured content such - as delimited files and tables. If this template is not set but the - `deidentify_template` is set, then `deidentify_template` will also - apply to the structured content. If neither template is set, a - default `ReplaceWithInfoTypeConfig` will be used to de-identify - structured content. + Findings container version, if available ("generation" for Cloud + Storage). type: string - imageRedactTemplate: + fullPath: description: >- - Image redact template. If this template is specified, it will serve - as the de-identify template for images. If this template is not set, - all findings in the image will be redacted with a black box. + A string representation of the full container name. Examples: - + BigQuery: 'Project:DataSetId.TableId' - Cloud Storage: + 'gs://Bucket/folders/filename.txt' type: string - GooglePrivacyDlpV2TransformationDetailsStorageConfig: - id: GooglePrivacyDlpV2TransformationDetailsStorageConfig - description: Config for storing transformation details. - type: object - properties: - table: - description: >- - The BigQuery table in which to store the output. This may be an - existing table or in a new table in an existing dataset. If table_id - is not set a new one will be generated for you with the following - format: - dlp_googleapis_transformation_details_yyyy_mm_dd_[dlp_job_id]. - Pacific time zone will be used for generating the date details. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' - GooglePrivacyDlpV2JobNotificationEmails: - id: GooglePrivacyDlpV2JobNotificationEmails - description: >- - Sends an email when the job completes. The email goes to IAM project - owners and technical [Essential - Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). - type: object - properties: {} - GooglePrivacyDlpV2PublishToStackdriver: - id: GooglePrivacyDlpV2PublishToStackdriver - description: >- - Enable Stackdriver metric dlp.googleapis.com/finding_count. This will - publish a metric to stack driver on each infotype requested and how many - findings were found for it. CustomDetectors will be bucketed as 'Custom' - under the Stackdriver label 'info_type'. - type: object - properties: {} - GooglePrivacyDlpV2Trigger: - id: GooglePrivacyDlpV2Trigger - description: What event needs to occur for a new job to be started. - type: object - properties: - schedule: - description: Create a job on a repeating basis based on the elapse of time. - $ref: '#/components/schemas/GooglePrivacyDlpV2Schedule' - manual: + updateTime: description: >- - For use with hybrid jobs. Jobs must be manually created and - finished. - $ref: '#/components/schemas/GooglePrivacyDlpV2Manual' - GooglePrivacyDlpV2Schedule: - id: GooglePrivacyDlpV2Schedule - description: Schedule for inspect job triggers. - type: object - properties: - recurrencePeriodDuration: + Findings container modification timestamp, if applicable. For Cloud + Storage, this field contains the last file modification timestamp. + For a BigQuery table, this field contains the last_modified_time + property. For Datastore, this field isn't populated. + type: string + format: google-datetime + type: + description: Container type, for example BigQuery or Cloud Storage. + type: string + rootPath: + type: string description: >- - With this option a job is started on a regular periodic basis. For - example: every day (86400 seconds). A scheduled start time will be - skipped if the previous execution has not ended when its scheduled - time occurs. This value must be set to a time duration greater than - or equal to 1 day and can be no longer than 60 days. + The root of the container. Examples: - For BigQuery table + `project_id:dataset_id.table_id`, the root is `dataset_id` - For + Cloud Storage file `gs://bucket/folder/filename.txt`, the root is + `gs://bucket` + projectId: type: string - format: google-duration - GooglePrivacyDlpV2Manual: - id: GooglePrivacyDlpV2Manual + description: >- + Project where the finding was found. Can be different from the + project that owns the finding. description: >- - Job trigger option for hybrid jobs. Jobs must be manually created and - finished. - type: object - properties: {} - GooglePrivacyDlpV2Error: - id: GooglePrivacyDlpV2Error + Represents a container that may contain DLP findings. Examples of a + container include a file, table, or database record. + id: GooglePrivacyDlpV2Container + GooglePrivacyDlpV2SchemaModifiedCadence: + id: GooglePrivacyDlpV2SchemaModifiedCadence description: >- - Details information about an error encountered during job execution or - the results of an unsuccessful activation of the JobTrigger. - type: object + How frequently to modify the profile when the table's schema is + modified. properties: - details: - description: Detailed error codes and messages. - $ref: '#/components/schemas/GoogleRpcStatus' - timestamps: + frequency: + enum: + - UPDATE_FREQUENCY_UNSPECIFIED + - UPDATE_FREQUENCY_NEVER + - UPDATE_FREQUENCY_DAILY + - UPDATE_FREQUENCY_MONTHLY + enumDescriptions: + - Unspecified. + - After the data profile is created, it will never be updated. + - The data profile can be updated up to once every 24 hours. + - The data profile can be updated up to once every 30 days. Default. description: >- - The times the error occurred. List includes the oldest timestamp and - the last 9 timestamps. + Frequency to regenerate data profiles when the schema is modified. + Defaults to monthly. + type: string + types: + description: >- + The types of schema modifications to consider. Defaults to + NEW_COLUMNS. type: array items: + enumDescriptions: + - Unused. + - New columns have appeared. + - Columns have been removed from the table. + enum: + - SQL_SCHEMA_MODIFICATION_UNSPECIFIED + - NEW_COLUMNS + - REMOVED_COLUMNS type: string - format: google-datetime - extraInfo: - description: Additional information about the error. - type: string - enumDescriptions: - - Unused. - - Image scan is not available in the region. - - File store cluster is not supported for profile generation. - enum: - - ERROR_INFO_UNSPECIFIED - - IMAGE_SCAN_UNAVAILABLE_IN_REGION - - FILE_STORE_CLUSTER_UNSUPPORTED - GoogleRpcStatus: - id: GoogleRpcStatus - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). type: object + GooglePrivacyDlpV2LDiversityEquivalenceClass: + type: object + description: The set of columns' values that share the same ldiversity value. properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + equivalenceClassSize: type: string - details: + description: Size of the k-anonymity equivalence class. + format: int64 + numDistinctSensitiveValues: + format: int64 + description: Number of distinct sensitive values in this equivalence class. + type: string + quasiIdsValues: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2Value' description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + Quasi-identifier values defining the k-anonymity equivalence class. + The order is always the same as the original request. + type: array + topSensitiveValues: type: array + description: Estimated frequencies of top sensitive values. items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GooglePrivacyDlpV2UpdateJobTriggerRequest: - id: GooglePrivacyDlpV2UpdateJobTriggerRequest - description: Request message for UpdateJobTrigger. - type: object - properties: - jobTrigger: - description: New JobTrigger value. - $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' - updateMask: - description: Mask to control which fields get updated. - type: string - format: google-fieldmask - GooglePrivacyDlpV2HybridInspectJobTriggerRequest: - id: GooglePrivacyDlpV2HybridInspectJobTriggerRequest - description: Request to search for potentially sensitive info in a custom location. + $ref: '#/components/schemas/GooglePrivacyDlpV2ValueFrequency' + id: GooglePrivacyDlpV2LDiversityEquivalenceClass + GooglePrivacyDlpV2FileStoreRegex: type: object + description: A pattern to match against one or more file stores. properties: - hybridItem: - description: The item to inspect. - $ref: '#/components/schemas/GooglePrivacyDlpV2HybridContentItem' - GooglePrivacyDlpV2HybridContentItem: - id: GooglePrivacyDlpV2HybridContentItem - description: >- - An individual hybrid item to inspect. Will be stored temporarily during - processing. + cloudStorageRegex: + $ref: '#/components/schemas/GooglePrivacyDlpV2CloudStorageRegex' + description: Optional. Regex for Cloud Storage. + id: GooglePrivacyDlpV2FileStoreRegex + GooglePrivacyDlpV2SaveFindings: + id: GooglePrivacyDlpV2SaveFindings type: object properties: - item: - description: The item to inspect. - $ref: '#/components/schemas/GooglePrivacyDlpV2ContentItem' - findingDetails: - description: Supplementary information that will be added to each finding. - $ref: '#/components/schemas/GooglePrivacyDlpV2HybridFindingDetails' - GooglePrivacyDlpV2HybridFindingDetails: - id: GooglePrivacyDlpV2HybridFindingDetails - description: Populate to associate additional data with each finding. + outputConfig: + description: Location to store findings outside of DLP. + $ref: '#/components/schemas/GooglePrivacyDlpV2OutputStorageConfig' + description: >- + If set, the detailed findings will be persisted to the specified + OutputStorageConfig. Only a single instance of this action can be + specified. Compatible with: Inspect, Risk + GooglePrivacyDlpV2ListFileStoreDataProfilesResponse: + description: >- + List of file store data profiles generated for a given organization or + project. type: object + id: GooglePrivacyDlpV2ListFileStoreDataProfilesResponse properties: - containerDetails: - description: >- - Details about the container where the content being inspected is - from. - $ref: '#/components/schemas/GooglePrivacyDlpV2Container' - fileOffset: - description: >- - Offset in bytes of the line, from the beginning of the file, where - the finding is located. Populate if the item being scanned is only - part of a bigger item, such as a shard of a file and you want to - track the absolute position of the finding. + fileStoreDataProfiles: + description: List of data profiles. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreDataProfile' + type: array + nextPageToken: type: string - format: int64 - rowOffset: + description: The next page token. + GooglePrivacyDlpV2OrConditions: + id: GooglePrivacyDlpV2OrConditions + properties: + minRowCount: + format: int32 description: >- - Offset of the row for tables. Populate if the row(s) being scanned - are part of a bigger dataset and you want to keep track of their - absolute position. + Minimum number of rows that should be present before Cloud DLP + profiles a table + type: integer + minAge: type: string - format: int64 - tableOptions: - description: >- - If the container is a table, additional information to make findings - meaningful such as the columns that are primary keys. If not known - ahead of time, can also be set within each inspect hybrid call and - the two will be merged. Note that identifying_fields will only be - stored to BigQuery, and only if the BigQuery action has been - included. - $ref: '#/components/schemas/GooglePrivacyDlpV2TableOptions' - labels: + format: google-duration description: >- - Labels to represent user provided metadata about the data being - inspected. If configured by the job, some key values may be - required. The labels associated with `Finding`'s produced by hybrid - inspection. Label keys must be between 1 and 63 characters long and - must conform to the following regular expression: - `[a-z]([-a-z0-9]*[a-z0-9])?`. Label values must be between 0 and 63 - characters long and must conform to the regular expression - `([a-z]([-a-z0-9]*[a-z0-9])?)?`. No more than 10 labels can be - associated with a given finding. Examples: * `"environment" : - "production"` * `"pipeline" : "etl"` - type: object - additionalProperties: - type: string - GooglePrivacyDlpV2HybridInspectResponse: - id: GooglePrivacyDlpV2HybridInspectResponse - description: Quota exceeded errors will be thrown once quota has been met. + Minimum age a table must have before Cloud DLP can profile it. Value + must be 1 hour or greater. + description: >- + There is an OR relationship between these attributes. They are used to + determine if a table should be scanned or not in Discovery. type: object - properties: {} - GooglePrivacyDlpV2ListJobTriggersResponse: - id: GooglePrivacyDlpV2ListJobTriggersResponse - description: Response message for ListJobTriggers. + GooglePrivacyDlpV2MultiRegionProcessing: type: object + description: >- + Processing occurs in a multi-region that contains the current region if + available. + id: GooglePrivacyDlpV2MultiRegionProcessing + properties: {} + GooglePrivacyDlpV2KmsWrappedCryptoKey: + id: GooglePrivacyDlpV2KmsWrappedCryptoKey + description: >- + Include to use an existing data crypto key wrapped by KMS. The wrapped + key must be a 128-, 192-, or 256-bit key. Authorization requires the + following IAM permissions when sending a request to perform a crypto + transformation using a KMS-wrapped crypto key: dlp.kms.encrypt For more + information, see [Creating a wrapped key] + (https://cloud.google.com/sensitive-data-protection/docs/create-wrapped-key). + Note: When you use Cloud KMS for cryptographic operations, [charges + apply](https://cloud.google.com/kms/pricing). properties: - jobTriggers: - description: List of triggeredJobs, up to page_size in ListJobTriggersRequest. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' - nextPageToken: + cryptoKeyName: description: >- - If the next page is available then this value is the next page token - to be used in the following ListJobTriggers request. + Required. The resource name of the KMS CryptoKey to use for + unwrapping. + type: string + wrappedKey: + description: Required. The wrapped data crypto key. + format: byte type: string - GooglePrivacyDlpV2ActivateJobTriggerRequest: - id: GooglePrivacyDlpV2ActivateJobTriggerRequest - description: Request message for ActivateJobTrigger. type: object - properties: {} - GooglePrivacyDlpV2DlpJob: - id: GooglePrivacyDlpV2DlpJob - description: Combines all of the information about a DLP job. + GooglePrivacyDlpV2CryptoDeterministicConfig: type: object properties: - name: - description: The server-assigned name. - type: string - type: - description: The type of job. + surrogateInfoType: + description: >- + The custom info type to annotate the surrogate with. This annotation + will be applied to the surrogate by prefixing it with the name of + the custom info type followed by the number of characters comprising + the surrogate. The following scheme defines the format: {info type + name}({surrogate character count}):{surrogate} For example, if the + name of custom info type is 'MY_TOKEN_INFO_TYPE' and the surrogate + is 'abc', the full replacement value will be: + 'MY_TOKEN_INFO_TYPE(3):abc' This annotation identifies the surrogate + when inspecting content using the custom info type 'Surrogate'. This + facilitates reversal of the surrogate when it occurs in free text. + Note: For record transformations where the entire cell in a table is + being transformed, surrogates are not mandatory. Surrogates are used + to denote the location of the token and are necessary for + re-identification in free form text. In order for inspection to work + properly, the name of this info type must not occur naturally + anywhere in your data; otherwise, inspection may either - reverse a + surrogate that does not correspond to an actual identifier - be + unable to parse the surrogate and result in an error Therefore, + choose your custom info type name carefully after considering what + your data looks like. One way to select a name that has a high + chance of yielding reliable detection is to include one or more + unicode characters that are highly improbable to exist in your data. + For example, assuming your data is entered from a regular ASCII + keyboard, the symbol with the hex code point 29DD might be used like + so: ⧝MY_TOKEN_TYPE. + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' + cryptoKey: + $ref: '#/components/schemas/GooglePrivacyDlpV2CryptoKey' + description: >- + The key used by the encryption function. For deterministic + encryption using AES-SIV, the provided key is internally expanded to + 64 bytes prior to use. + context: + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + description: >- + A context may be used for higher security and maintaining + referential integrity such that the same identifier in two different + contexts will be given a distinct surrogate. The context is appended + to plaintext value being encrypted. On decryption the provided + context is validated against the value used during encryption. If a + context was provided during encryption, same context must be + provided during decryption as well. If the context is not set, + plaintext would be used as is for encryption. If the context is set + but: 1. there is no record present when transforming a given value + or 2. the field is not present when transforming a given value, + plaintext would be used as is for encryption. Note that case (1) is + expected when an `InfoTypeTransformation` is applied to both + structured and unstructured `ContentItem`s. + id: GooglePrivacyDlpV2CryptoDeterministicConfig + description: >- + Pseudonymization method that generates deterministic encryption for the + given input. Outputs a base64 encoded representation of the encrypted + output. Uses AES-SIV based on the RFC + https://tools.ietf.org/html/rfc5297. + GooglePrivacyDlpV2PublishFindingsToCloudDataCatalog: + type: object + properties: {} + id: GooglePrivacyDlpV2PublishFindingsToCloudDataCatalog + description: >- + Publish findings of a DlpJob to Data Catalog. In Data Catalog, tag + templates are applied to the resource that Cloud DLP scanned. Data + Catalog tag templates are stored in the same project and region where + the BigQuery table exists. For Cloud DLP to create and apply the tag + template, the Cloud DLP service agent must have the + `roles/datacatalog.tagTemplateOwner` permission on the project. The tag + template contains fields summarizing the results of the DlpJob. Any + field values previously written by another DlpJob are deleted. InfoType + naming patterns are strictly enforced when using this feature. Findings + are persisted in Data Catalog storage and are governed by + service-specific policies for Data Catalog. For more information, see + [Service Specific Terms](https://cloud.google.com/terms/service-terms). + Only a single instance of this action can be specified. This action is + allowed only if all resources being scanned are BigQuery tables. + Compatible with: Inspect + GooglePrivacyDlpV2DiscoveryVertexDatasetGenerationCadence: + properties: + refreshFrequency: type: string - enumDescriptions: - - Defaults to INSPECT_JOB. - - The job inspected Google Cloud for sensitive data. - - The job executed a Risk Analysis computation. enum: - - DLP_JOB_TYPE_UNSPECIFIED - - INSPECT_JOB - - RISK_ANALYSIS_JOB - state: - description: State of a job. - type: string + - UPDATE_FREQUENCY_UNSPECIFIED + - UPDATE_FREQUENCY_NEVER + - UPDATE_FREQUENCY_DAILY + - UPDATE_FREQUENCY_MONTHLY + description: >- + If you set this field, profiles are refreshed at this frequency + regardless of whether the underlying datasets have changed. Defaults + to never. enumDescriptions: - - Unused. - - The job has not yet started. - - >- - The job is currently running. Once a job has finished it will - transition to FAILED or DONE. - - The job is no longer running. - - The job was canceled before it could be completed. - - The job had an error and did not complete. - - >- - The job is currently accepting findings via hybridInspect. A - hybrid job in ACTIVE state may continue to have findings added to - it through the calling of hybridInspect. After the job has - finished no more calls to hybridInspect may be made. ACTIVE jobs - can transition to DONE. - enum: - - JOB_STATE_UNSPECIFIED - - PENDING - - RUNNING - - DONE - - CANCELED - - FAILED - - ACTIVE - riskDetails: - description: Results from analyzing risk of a data source. - $ref: '#/components/schemas/GooglePrivacyDlpV2AnalyzeDataSourceRiskDetails' - inspectDetails: - description: Results from inspecting a data source. - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectDataSourceDetails' - createTime: - description: Time when the job was created. - type: string - format: google-datetime - startTime: - description: Time when the job started. - type: string - format: google-datetime - endTime: - description: Time when the job finished. - type: string - format: google-datetime - lastModified: - description: Time when the job was last modified by the system. - type: string - format: google-datetime - jobTriggerName: + - Unspecified. + - After the data profile is created, it will never be updated. + - The data profile can be updated up to once every 24 hours. + - The data profile can be updated up to once every 30 days. Default. + inspectTemplateModifiedCadence: description: >- - If created by a job trigger, the resource name of the trigger that - instantiated the job. - type: string - errors: - description: A stream of errors encountered running the job. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Error' - actionDetails: - description: Events that should occur after the job has completed. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2ActionDetails' - GooglePrivacyDlpV2AnalyzeDataSourceRiskDetails: - id: GooglePrivacyDlpV2AnalyzeDataSourceRiskDetails - description: Result of a risk analysis operation request. - type: object - properties: - requestedPrivacyMetric: - description: Privacy metric to compute. - $ref: '#/components/schemas/GooglePrivacyDlpV2PrivacyMetric' - requestedSourceTable: - description: Input dataset to compute metrics over. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' - numericalStatsResult: - description: Numerical stats result - $ref: '#/components/schemas/GooglePrivacyDlpV2NumericalStatsResult' - categoricalStatsResult: - description: Categorical stats result - $ref: '#/components/schemas/GooglePrivacyDlpV2CategoricalStatsResult' - kAnonymityResult: - description: K-anonymity result - $ref: '#/components/schemas/GooglePrivacyDlpV2KAnonymityResult' - lDiversityResult: - description: L-divesity result - $ref: '#/components/schemas/GooglePrivacyDlpV2LDiversityResult' - kMapEstimationResult: - description: K-map result - $ref: '#/components/schemas/GooglePrivacyDlpV2KMapEstimationResult' - deltaPresenceEstimationResult: - description: Delta-presence result - $ref: '#/components/schemas/GooglePrivacyDlpV2DeltaPresenceEstimationResult' - requestedOptions: - description: The configuration used for this job. - $ref: '#/components/schemas/GooglePrivacyDlpV2RequestedRiskAnalysisOptions' - GooglePrivacyDlpV2PrivacyMetric: - id: GooglePrivacyDlpV2PrivacyMetric - description: Privacy metric to compute for reidentification risk analysis. + Governs when to update data profiles when the inspection rules + defined by the `InspectTemplate` change. If not set, changing the + template will not cause a data profile to be updated. + $ref: >- + #/components/schemas/GooglePrivacyDlpV2DiscoveryInspectTemplateModifiedCadence + id: GooglePrivacyDlpV2DiscoveryVertexDatasetGenerationCadence type: object - properties: - numericalStatsConfig: - description: Numerical stats - $ref: '#/components/schemas/GooglePrivacyDlpV2NumericalStatsConfig' - categoricalStatsConfig: - description: Categorical stats - $ref: '#/components/schemas/GooglePrivacyDlpV2CategoricalStatsConfig' - kAnonymityConfig: - description: K-anonymity - $ref: '#/components/schemas/GooglePrivacyDlpV2KAnonymityConfig' - lDiversityConfig: - description: l-diversity - $ref: '#/components/schemas/GooglePrivacyDlpV2LDiversityConfig' - kMapEstimationConfig: - description: k-map - $ref: '#/components/schemas/GooglePrivacyDlpV2KMapEstimationConfig' - deltaPresenceEstimationConfig: - description: delta-presence - $ref: '#/components/schemas/GooglePrivacyDlpV2DeltaPresenceEstimationConfig' - GooglePrivacyDlpV2NumericalStatsConfig: - id: GooglePrivacyDlpV2NumericalStatsConfig description: >- - Compute numerical stats over an individual column, including min, max, - and quantiles. - type: object + How often existing datasets should have their profiles refreshed. New + datasets are scanned as quickly as possible depending on system + capacity. + GooglePrivacyDlpV2RequestedOptions: properties: - field: + jobConfig: + description: Inspect config. + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectJobConfig' + snapshotInspectTemplate: description: >- - Field to compute numerical stats on. Supported types are integer, - float, date, datetime, timestamp, time. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - GooglePrivacyDlpV2CategoricalStatsConfig: - id: GooglePrivacyDlpV2CategoricalStatsConfig - description: >- - Compute numerical stats over an individual column, including number of - distinct values and value count distribution. + If run with an InspectTemplate, a snapshot of its state at the time + of this run. + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' type: object - properties: - field: - description: >- - Field to compute categorical stats on. All column types are - supported except for arrays and structs. However, it may be more - informative to use NumericalStats when the field type is supported, - depending on the data. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - GooglePrivacyDlpV2KAnonymityConfig: - id: GooglePrivacyDlpV2KAnonymityConfig - description: k-anonymity metric, used for analysis of reidentification risk. + id: GooglePrivacyDlpV2RequestedOptions + description: Snapshot of the inspection configuration. + GooglePrivacyDlpV2Tag: + id: GooglePrivacyDlpV2Tag type: object + description: A tag associated with a resource. properties: - quasiIds: + key: + type: string description: >- - Set of fields to compute k-anonymity over. When multiple fields are - specified, they are considered a single composite key. Structs and - repeated data types are not supported; however, nested fields are - supported so long as they are not structs themselves or nested - within a repeated field. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - entityId: + The key of a tag key-value pair. For Google Cloud resources, this is + the resource name of the key, for example, "tagKeys/123456". + namespacedTagValue: description: >- - Message indicating that multiple rows might be associated to a - single individual. If the same entity_id is associated to multiple - quasi-identifier tuples over distinct rows, we consider the entire - collection of tuples as the composite quasi-identifier. This - collection is a multiset: the order in which the different tuples - appear in the dataset is ignored, but their frequency is taken into - account. Important note: a maximum of 1000 rows can be associated to - a single entity ID. If more rows are associated with the same entity - ID, some might be ignored. - $ref: '#/components/schemas/GooglePrivacyDlpV2EntityId' - GooglePrivacyDlpV2EntityId: - id: GooglePrivacyDlpV2EntityId - description: >- - An entity in a dataset is a field or set of fields that correspond to a - single person. For example, in medical records the `EntityId` might be a - patient identifier, or for financial records it might be an account - identifier. This message is used when generalizations or analysis must - take into account that multiple rows correspond to the same entity. + The namespaced name for the tag value to attach to Google Cloud + resources. Must be in the format + `{parent_id}/{tag_key_short_name}/{short_name}`, for example, + "123456/environment/prod" for an organization parent, or + "my-project/environment/prod" for a project parent. This is only set + for Google Cloud resources. + type: string + value: + description: >- + The value of a tag key-value pair. For Google Cloud resources, this + is the resource name of the value, for example, "tagValues/123456". + type: string + GooglePrivacyDlpV2ReidentifyContentResponse: type: object properties: - field: - description: Composite key indicating which field contains the entity identifier. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - GooglePrivacyDlpV2LDiversityConfig: - id: GooglePrivacyDlpV2LDiversityConfig - description: l-diversity metric, used for analysis of reidentification risk. - type: object + item: + $ref: '#/components/schemas/GooglePrivacyDlpV2ContentItem' + description: The re-identified item. + overview: + description: An overview of the changes that were made to the `item`. + $ref: '#/components/schemas/GooglePrivacyDlpV2TransformationOverview' + id: GooglePrivacyDlpV2ReidentifyContentResponse + description: Results of re-identifying an item. + GooglePrivacyDlpV2CloudSqlProperties: properties: - quasiIds: + connectionName: description: >- - Set of quasi-identifiers indicating how equivalence classes are - defined for the l-diversity computation. When multiple fields are - specified, they are considered a single composite key. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - sensitiveAttribute: - description: Sensitive field for computing the l-value. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - GooglePrivacyDlpV2KMapEstimationConfig: - id: GooglePrivacyDlpV2KMapEstimationConfig - description: >- - Reidentifiability metric. This corresponds to a risk model similar to - what is called "journalist risk" in the literature, except the attack - dataset is statistically modeled instead of being perfectly known. This - can be done using publicly available data (like the US Census), or using - a custom statistical model (indicated as one or several BigQuery - tables), or by extrapolating from the distribution of values in the - input dataset. - type: object - properties: - quasiIds: + Optional. Immutable. The Cloud SQL instance for which the connection + is defined. Only one connection per instance is allowed. This can + only be set at creation time, and cannot be updated. It is an error + to use a connection_name from different project or region than the + one that holds the connection. For example, a Connection resource + for Cloud SQL connection_name `project-id:us-central1:sql-instance` + must be created under the parent + `projects/project-id/locations/us-central1` + type: string + usernamePassword: + description: A username and password stored in Secret Manager. + $ref: '#/components/schemas/GooglePrivacyDlpV2SecretManagerCredential' + maxConnections: description: >- - Required. Fields considered to be quasi-identifiers. No two columns - can have the same tag. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2TaggedField' - regionCode: - description: >- - ISO 3166-1 alpha-2 region code to use in the statistical modeling. - Set if no column is tagged with a region-specific InfoType (like - US_ZIP_5) or a region code. + Required. The DLP API will limit its connections to max_connections. + Must be 2 or greater. + type: integer + format: int32 + cloudSqlIam: + description: Built-in IAM authentication (must be configured in Cloud SQL). + $ref: '#/components/schemas/GooglePrivacyDlpV2CloudSqlIamCredential' + databaseEngine: + enumDescriptions: + - >- + An engine that is not currently supported by Sensitive Data + Protection. + - Cloud SQL for MySQL instance. + - Cloud SQL for PostgreSQL instance. type: string - auxiliaryTables: + enum: + - DATABASE_ENGINE_UNKNOWN + - DATABASE_ENGINE_MYSQL + - DATABASE_ENGINE_POSTGRES description: >- - Several auxiliary tables can be used in the analysis. Each - custom_tag used to tag a quasi-identifiers column must appear in - exactly one column of one auxiliary table. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2AuxiliaryTable' - GooglePrivacyDlpV2TaggedField: - id: GooglePrivacyDlpV2TaggedField - description: A column with a semantic tag attached. + Required. The database engine used by the Cloud SQL instance that + this connection configures. + id: GooglePrivacyDlpV2CloudSqlProperties type: object + description: Cloud SQL connection properties. + GooglePrivacyDlpV2UpdateInspectTemplateRequest: + id: GooglePrivacyDlpV2UpdateInspectTemplateRequest properties: - field: - description: Required. Identifies the column. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - infoType: - description: >- - A column can be tagged with a InfoType to use the relevant public - dataset as a statistical model of population, if available. We - currently support US ZIP codes, region codes, ages and genders. To - programmatically obtain the list of supported InfoTypes, use - ListInfoTypes with the supported_by=RISK_ANALYSIS filter. - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - customTag: - description: >- - A column can be tagged with a custom tag. In this case, the user - must indicate an auxiliary table that contains statistical - information on the possible values of this column. + inspectTemplate: + description: New InspectTemplate value. + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' + updateMask: + format: google-fieldmask + description: Mask to control which fields get updated. type: string - inferred: - description: >- - If no semantic tag is indicated, we infer the statistical model from - the distribution of values in the input data - $ref: '#/components/schemas/GoogleProtobufEmpty' - GooglePrivacyDlpV2AuxiliaryTable: - id: GooglePrivacyDlpV2AuxiliaryTable - description: >- - An auxiliary table contains statistical information on the relative - frequency of different quasi-identifiers values. It has one or several - quasi-identifiers columns, and one column that indicates the relative - frequency of each quasi-identifier tuple. If a tuple is present in the - data but not in the auxiliary table, the corresponding relative - frequency is assumed to be zero (and thus, the tuple is highly - reidentifiable). + description: Request message for UpdateInspectTemplate. type: object + GooglePrivacyDlpV2DiscoveryCloudSqlFilter: + id: GooglePrivacyDlpV2DiscoveryCloudSqlFilter properties: - table: - description: Required. Auxiliary table location. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' - quasiIds: - description: Required. Quasi-identifier columns. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2QuasiIdField' - relativeFrequency: + collection: + $ref: '#/components/schemas/GooglePrivacyDlpV2DatabaseResourceCollection' + description: A specific set of database resources for this filter to apply to. + databaseResourceReference: description: >- - Required. The relative frequency column must contain a - floating-point number between 0 and 1 (inclusive). Null values are - assumed to be zero. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - GooglePrivacyDlpV2QuasiIdField: - id: GooglePrivacyDlpV2QuasiIdField + The database resource to scan. Targets including this can only + include one target (the target with this database resource + reference). + $ref: '#/components/schemas/GooglePrivacyDlpV2DatabaseResourceReference' + others: + $ref: '#/components/schemas/GooglePrivacyDlpV2AllOtherDatabaseResources' + description: >- + Catch-all. This should always be the last target in the list because + anything above it will apply first. Should only appear once in a + configuration. If none is specified, a default one will be added + automatically. description: >- - A quasi-identifier column has a custom_tag, used to know which column in - the data corresponds to which column in the statistical model. + Determines what tables will have profiles generated within an + organization or project. Includes the ability to filter by regular + expression patterns on project ID, location, instance, database, and + database resource name. type: object - properties: - field: - description: Identifies the column. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - customTag: - description: A auxiliary field. - type: string - GooglePrivacyDlpV2DeltaPresenceEstimationConfig: - id: GooglePrivacyDlpV2DeltaPresenceEstimationConfig - description: >- - δ-presence metric, used to estimate how likely it is for an attacker to - figure out that one given individual appears in a de-identified dataset. - Similarly to the k-map metric, we cannot compute δ-presence exactly - without knowing the attack dataset, so we use a statistical model - instead. + GooglePrivacyDlpV2DataProfileFinding: + id: GooglePrivacyDlpV2DataProfileFinding type: object properties: - quasiIds: - description: >- - Required. Fields considered to be quasi-identifiers. No two fields - can have the same tag. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2QuasiId' - regionCode: + dataSourceType: + description: The type of the resource that was profiled. + $ref: '#/components/schemas/GooglePrivacyDlpV2DataSourceType' + fullResourceName: description: >- - ISO 3166-1 alpha-2 region code to use in the statistical modeling. - Set if no column is tagged with a region-specific InfoType (like - US_ZIP_5) or a region code. + The [full resource + name](https://cloud.google.com/apis/design/resource_names#full_resource_name) + of the resource profiled for this finding. type: string - auxiliaryTables: - description: >- - Several auxiliary tables can be used in the analysis. Each - custom_tag used to tag a quasi-identifiers field must appear in - exactly one field of one auxiliary table. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2StatisticalTable' - GooglePrivacyDlpV2QuasiId: - id: GooglePrivacyDlpV2QuasiId - description: A column with a semantic tag attached. - type: object - properties: - field: - description: Required. Identifies the column. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - infoType: - description: >- - A column can be tagged with a InfoType to use the relevant public - dataset as a statistical model of population, if available. We - currently support US ZIP codes, region codes, ages and genders. To - programmatically obtain the list of supported InfoTypes, use - ListInfoTypes with the supported_by=RISK_ANALYSIS filter. + resourceVisibility: + enumDescriptions: + - Unused. + - Visible to any user. + - >- + May contain public items. For example, if a Cloud Storage bucket + has uniform bucket level access disabled, some objects inside it + may be public, but none are known yet. + - Visible only to specific users. + description: How broadly a resource has been shared. + enum: + - RESOURCE_VISIBILITY_UNSPECIFIED + - RESOURCE_VISIBILITY_PUBLIC + - RESOURCE_VISIBILITY_INCONCLUSIVE + - RESOURCE_VISIBILITY_RESTRICTED + type: string + dataProfileResourceName: + type: string + description: Resource name of the data profile associated with the finding. + infotype: $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - customTag: description: >- - A column can be tagged with a custom tag. In this case, the user - must indicate an auxiliary table that contains statistical - information on the possible values of this column. + The [type of + content](https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference) + that might have been found. + location: + $ref: '#/components/schemas/GooglePrivacyDlpV2DataProfileFindingLocation' + description: Where the content was found. + quoteInfo: + $ref: '#/components/schemas/GooglePrivacyDlpV2QuoteInfo' + description: >- + Contains data parsed from quotes. Currently supported infoTypes: + DATE, DATE_OF_BIRTH, and TIME. + quote: type: string - inferred: description: >- - If no semantic tag is indicated, we infer the statistical model from - the distribution of values in the input data - $ref: '#/components/schemas/GoogleProtobufEmpty' - GooglePrivacyDlpV2StatisticalTable: - id: GooglePrivacyDlpV2StatisticalTable + The content that was found. Even if the content is not textual, it + may be converted to a textual representation here. If the finding + exceeds 4096 bytes in length, the quote may be omitted. + findingId: + type: string + description: A unique identifier for the finding. + timestamp: + type: string + description: Timestamp when the finding was detected. + format: google-datetime description: >- - An auxiliary table containing statistical information on the relative - frequency of different quasi-identifiers values. It has one or several - quasi-identifiers columns, and one column that indicates the relative - frequency of each quasi-identifier tuple. If a tuple is present in the - data but not in the auxiliary table, the corresponding relative - frequency is assumed to be zero (and thus, the tuple is highly - reidentifiable). - type: object + Details about a piece of potentially sensitive information that was + detected when the data resource was profiled. + GooglePrivacyDlpV2InfoTypeTransformations: + description: >- + A type of transformation that will scan unstructured text and apply + various `PrimitiveTransformation`s to each finding, where the + transformation is applied to only values that were identified as a + specific info_type. properties: - table: - description: Required. Auxiliary table location. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' - quasiIds: - description: Required. Quasi-identifier columns. + transformations: + description: >- + Required. Transformation for each infoType. Cannot specify more than + one for a given infoType. type: array items: - $ref: '#/components/schemas/GooglePrivacyDlpV2QuasiIdentifierField' - relativeFrequency: - description: >- - Required. The relative frequency column must contain a - floating-point number between 0 and 1 (inclusive). Null values are - assumed to be zero. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - GooglePrivacyDlpV2QuasiIdentifierField: - id: GooglePrivacyDlpV2QuasiIdentifierField - description: >- - A quasi-identifier column has a custom_tag, used to know which column in - the data corresponds to which column in the statistical model. + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeTransformation' + id: GooglePrivacyDlpV2InfoTypeTransformations type: object - properties: - field: - description: Identifies the column. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - customTag: - description: >- - A column can be tagged with a custom tag. In this case, the user - must indicate an auxiliary table that contains statistical - information on the possible values of this column. - type: string - GooglePrivacyDlpV2NumericalStatsResult: - id: GooglePrivacyDlpV2NumericalStatsResult - description: Result of the numerical stats computation. + GooglePrivacyDlpV2ReidentifyContentRequest: type: object + description: Request to re-identify an item. properties: - minValue: - description: Minimum value appearing in the column. - $ref: '#/components/schemas/GooglePrivacyDlpV2Value' - maxValue: - description: Maximum value appearing in the column. - $ref: '#/components/schemas/GooglePrivacyDlpV2Value' - quantileValues: + reidentifyTemplateName: description: >- - List of 99 values that partition the set of field values into 100 - equal sized buckets. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Value' - GooglePrivacyDlpV2CategoricalStatsResult: - id: GooglePrivacyDlpV2CategoricalStatsResult - description: Result of the categorical stats computation. - type: object - properties: - valueFrequencyHistogramBuckets: - description: Histogram of value frequencies in the column. - type: array - items: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2CategoricalStatsHistogramBucket - GooglePrivacyDlpV2CategoricalStatsHistogramBucket: - id: GooglePrivacyDlpV2CategoricalStatsHistogramBucket - description: Histogram of value frequencies in the column. - type: object - properties: - valueFrequencyLowerBound: - description: Lower bound on the value frequency of the values in this bucket. + Template to use. References an instance of `DeidentifyTemplate`. Any + configuration directly specified in `reidentify_config` or + `inspect_config` will override those set in the template. The + `DeidentifyTemplate` used must include only reversible + transformations. Singular fields that are set in this request will + replace their corresponding fields in the template. Repeated fields + are appended. Singular sub-messages and groups are recursively + merged. type: string - format: int64 - valueFrequencyUpperBound: - description: Upper bound on the value frequency of the values in this bucket. + inspectConfig: + description: Configuration for the inspector. + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectConfig' + locationId: + description: Deprecated. This field has no effect. type: string - format: int64 - bucketSize: - description: Total number of values in this bucket. + item: + $ref: '#/components/schemas/GooglePrivacyDlpV2ContentItem' + description: The item to re-identify. Will be treated as text. + reidentifyConfig: + description: >- + Configuration for the re-identification of the content item. This + field shares the same proto message type that is used for + de-identification, however its usage here is for the reversal of the + previous de-identification. Re-identification is performed by + examining the transformations used to de-identify the items and + executing the reverse. This requires that only reversible + transformations be provided here. The reversible transformations + are: - `CryptoDeterministicConfig` - `CryptoReplaceFfxFpeConfig` + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyConfig' + inspectTemplateName: type: string - format: int64 - bucketValues: description: >- - Sample of value frequencies in this bucket. The total number of - values returned per bucket is capped at 20. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2ValueFrequency' - bucketValueCount: - description: Total number of distinct values in this bucket. + Template to use. Any configuration directly specified in + `inspect_config` will override those set in the template. Singular + fields that are set in this request will replace their corresponding + fields in the template. Repeated fields are appended. Singular + sub-messages and groups are recursively merged. + id: GooglePrivacyDlpV2ReidentifyContentRequest + GooglePrivacyDlpV2AwsDiscoveryStartingLocation: + id: GooglePrivacyDlpV2AwsDiscoveryStartingLocation + description: The AWS starting location for discovery. + properties: + allAssetInventoryAssets: + description: >- + All AWS assets stored in Asset Inventory that didn't match other AWS + discovery configs. + type: boolean + accountId: type: string - format: int64 - GooglePrivacyDlpV2ValueFrequency: - id: GooglePrivacyDlpV2ValueFrequency - description: A value of a field, including its frequency. + description: >- + The AWS account ID that this discovery config applies to. Within an + AWS organization, you can find the AWS account ID inside an AWS + account ARN. Example: + arn:{partition}:organizations::{management_account_id}:account/{org_id}/{account_id} type: object + GooglePrivacyDlpV2CloudSqlIamCredential: + properties: {} + type: object + id: GooglePrivacyDlpV2CloudSqlIamCredential + description: >- + Use IAM authentication to connect. This requires the Cloud SQL IAM + feature to be enabled on the instance, which is not the default for + Cloud SQL. See https://cloud.google.com/sql/docs/postgres/authentication + and https://cloud.google.com/sql/docs/mysql/authentication. + GooglePrivacyDlpV2DiscoveryInspectTemplateModifiedCadence: properties: - value: - description: A value contained in the field in question. - $ref: '#/components/schemas/GooglePrivacyDlpV2Value' - count: - description: How many times the value is contained in the field. + frequency: + enumDescriptions: + - Unspecified. + - After the data profile is created, it will never be updated. + - The data profile can be updated up to once every 24 hours. + - The data profile can be updated up to once every 30 days. Default. + description: >- + How frequently data profiles can be updated when the template is + modified. Defaults to never. + enum: + - UPDATE_FREQUENCY_UNSPECIFIED + - UPDATE_FREQUENCY_NEVER + - UPDATE_FREQUENCY_DAILY + - UPDATE_FREQUENCY_MONTHLY type: string - format: int64 - GooglePrivacyDlpV2KAnonymityResult: - id: GooglePrivacyDlpV2KAnonymityResult - description: Result of the k-anonymity computation. type: object - properties: - equivalenceClassHistogramBuckets: - description: Histogram of k-anonymity equivalence classes. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2KAnonymityHistogramBucket' - GooglePrivacyDlpV2KAnonymityHistogramBucket: - id: GooglePrivacyDlpV2KAnonymityHistogramBucket - description: Histogram of k-anonymity equivalence classes. + id: GooglePrivacyDlpV2DiscoveryInspectTemplateModifiedCadence + description: >- + The cadence at which to update data profiles when the inspection rules + defined by the `InspectTemplate` change. + GooglePrivacyDlpV2ListProjectDataProfilesResponse: type: object + id: GooglePrivacyDlpV2ListProjectDataProfilesResponse properties: - equivalenceClassSizeLowerBound: - description: Lower bound on the size of the equivalence classes in this bucket. - type: string - format: int64 - equivalenceClassSizeUpperBound: - description: Upper bound on the size of the equivalence classes in this bucket. - type: string - format: int64 - bucketSize: - description: Total number of equivalence classes in this bucket. + nextPageToken: type: string - format: int64 - bucketValues: - description: >- - Sample of equivalence classes in this bucket. The total number of - classes returned per bucket is capped at 20. + description: The next page token. + projectDataProfiles: + description: List of data profiles. type: array items: - $ref: '#/components/schemas/GooglePrivacyDlpV2KAnonymityEquivalenceClass' - bucketValueCount: - description: Total number of distinct equivalence classes in this bucket. - type: string - format: int64 - GooglePrivacyDlpV2KAnonymityEquivalenceClass: - id: GooglePrivacyDlpV2KAnonymityEquivalenceClass - description: The set of columns' values that share the same ldiversity value + $ref: '#/components/schemas/GooglePrivacyDlpV2ProjectDataProfile' + description: List of profiles generated for a given organization or project. + GooglePrivacyDlpV2SensitivityScore: type: object + description: >- + Score is calculated from of all elements in the data profile. A higher + level means the data is more sensitive. + id: GooglePrivacyDlpV2SensitivityScore properties: - quasiIdsValues: - description: >- - Set of values defining the equivalence class. One value per - quasi-identifier column in the original KAnonymity metric message. - The order is always the same as the original request. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Value' - equivalenceClassSize: - description: >- - Size of the equivalence class, for example number of rows with the - above set of values. + score: + description: The sensitivity score applied to the resource. + enumDescriptions: + - Unused. + - >- + No sensitive information detected. The resource isn't publicly + accessible. + - Unable to determine sensitivity. + - >- + Medium risk. Contains personally identifiable information (PII), + potentially sensitive data, or fields with free-text data that are + at a higher risk of having intermittent sensitive data. Consider + limiting access. + - >- + High risk. Sensitive personally identifiable information (SPII) + can be present. Exfiltration of data can lead to user data loss. + Re-identification of users might be possible. Consider limiting + usage and or removing SPII. + enum: + - SENSITIVITY_SCORE_UNSPECIFIED + - SENSITIVITY_LOW + - SENSITIVITY_UNKNOWN + - SENSITIVITY_MODERATE + - SENSITIVITY_HIGH type: string - format: int64 - GooglePrivacyDlpV2LDiversityResult: - id: GooglePrivacyDlpV2LDiversityResult - description: Result of the l-diversity computation. + GooglePrivacyDlpV2ListTableDataProfilesResponse: type: object properties: - sensitiveValueFrequencyHistogramBuckets: - description: >- - Histogram of l-diversity equivalence class sensitive value - frequencies. - type: array + tableDataProfiles: items: - $ref: '#/components/schemas/GooglePrivacyDlpV2LDiversityHistogramBucket' - GooglePrivacyDlpV2LDiversityHistogramBucket: - id: GooglePrivacyDlpV2LDiversityHistogramBucket - description: Histogram of l-diversity equivalence class sensitive value frequencies. - type: object - properties: - sensitiveValueFrequencyLowerBound: - description: >- - Lower bound on the sensitive value frequencies of the equivalence - classes in this bucket. - type: string - format: int64 - sensitiveValueFrequencyUpperBound: - description: >- - Upper bound on the sensitive value frequencies of the equivalence - classes in this bucket. - type: string - format: int64 - bucketSize: - description: Total number of equivalence classes in this bucket. - type: string - format: int64 - bucketValues: - description: >- - Sample of equivalence classes in this bucket. The total number of - classes returned per bucket is capped at 20. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2LDiversityEquivalenceClass' - bucketValueCount: - description: Total number of distinct equivalence classes in this bucket. - type: string - format: int64 - GooglePrivacyDlpV2LDiversityEquivalenceClass: - id: GooglePrivacyDlpV2LDiversityEquivalenceClass - description: The set of columns' values that share the same ldiversity value. - type: object - properties: - quasiIdsValues: - description: >- - Quasi-identifier values defining the k-anonymity equivalence class. - The order is always the same as the original request. + $ref: '#/components/schemas/GooglePrivacyDlpV2TableDataProfile' type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Value' - equivalenceClassSize: - description: Size of the k-anonymity equivalence class. - type: string - format: int64 - numDistinctSensitiveValues: - description: Number of distinct sensitive values in this equivalence class. + description: List of data profiles. + nextPageToken: + description: The next page token. type: string - format: int64 - topSensitiveValues: - description: Estimated frequencies of top sensitive values. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2ValueFrequency' - GooglePrivacyDlpV2KMapEstimationResult: - id: GooglePrivacyDlpV2KMapEstimationResult + description: List of profiles generated for a given organization or project. + id: GooglePrivacyDlpV2ListTableDataProfilesResponse + GooglePrivacyDlpV2RedactConfig: + properties: {} description: >- - Result of the reidentifiability analysis. Note that these results are an - estimation, not exact values. + Redact a given value. For example, if used with an + `InfoTypeTransformation` transforming PHONE_NUMBER, and input 'My phone + number is 206-555-0123', the output would be 'My phone number is '. + id: GooglePrivacyDlpV2RedactConfig type: object - properties: - kMapEstimationHistogram: - description: >- - The intervals [min_anonymity, max_anonymity] do not overlap. If a - value doesn't correspond to any such interval, the associated - frequency is zero. For example, the following records: - {min_anonymity: 1, max_anonymity: 1, frequency: 17} {min_anonymity: - 2, max_anonymity: 3, frequency: 42} {min_anonymity: 5, - max_anonymity: 10, frequency: 99} mean that there are no record with - an estimated anonymity of 4, 5, or larger than 10. - type: array - items: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2KMapEstimationHistogramBucket - GooglePrivacyDlpV2KMapEstimationHistogramBucket: - id: GooglePrivacyDlpV2KMapEstimationHistogramBucket + GooglePrivacyDlpV2InfoTypeCategory: description: >- - A KMapEstimationHistogramBucket message with the following values: - min_anonymity: 3 max_anonymity: 5 frequency: 42 means that there are 42 - records whose quasi-identifier values correspond to 3, 4 or 5 people in - the overlying population. An important particular case is when - min_anonymity = max_anonymity = 1: the frequency field then corresponds - to the number of uniquely identifiable records. + Classification of infoTypes to organize them according to geographic + location, industry, and data type. type: object + id: GooglePrivacyDlpV2InfoTypeCategory properties: - minAnonymity: - description: Always positive. - type: string - format: int64 - maxAnonymity: - description: Always greater than or equal to min_anonymity. - type: string - format: int64 - bucketSize: - description: Number of records within these anonymity bounds. + industryCategory: + enumDescriptions: + - Unused industry + - The infoType is typically used in the finance industry. + - The infoType is typically used in the health industry. + - The infoType is typically used in the telecommunications industry. + enum: + - INDUSTRY_UNSPECIFIED + - FINANCE + - HEALTH + - TELECOMMUNICATIONS type: string - format: int64 - bucketValues: description: >- - Sample of quasi-identifier tuple values in this bucket. The total - number of classes returned per bucket is capped at 20. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2KMapEstimationQuasiIdValues' - bucketValueCount: - description: >- - Total number of distinct quasi-identifier tuple values in this - bucket. + The group of relevant businesses where this infoType is commonly + used + typeCategory: + enum: + - TYPE_UNSPECIFIED + - PII + - SPII + - DEMOGRAPHIC + - CREDENTIAL + - GOVERNMENT_ID + - DOCUMENT + - CONTEXTUAL_INFORMATION + - CUSTOM + enumDescriptions: + - Unused type + - >- + Personally identifiable information, for example, a name or phone + number + - >- + Personally identifiable information that is especially sensitive, + for example, a passport number. + - >- + Attributes that can partially identify someone, especially in + combination with other attributes, like age, height, and gender. + - Confidential or secret information, for example, a password. + - An identification document issued by a government. + - A document, for example, a resume or source code. + - >- + Information that is not sensitive on its own, but provides details + about the circumstances surrounding an entity or an event. + - Category for `CustomInfoType` types. + description: The class of identifiers where this infoType belongs type: string - format: int64 - GooglePrivacyDlpV2KMapEstimationQuasiIdValues: - id: GooglePrivacyDlpV2KMapEstimationQuasiIdValues - description: A tuple of values for the quasi-identifier columns. - type: object - properties: - quasiIdsValues: - description: The quasi-identifier values. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Value' - estimatedAnonymity: - description: The estimated anonymity for these quasi-identifier values. + locationCategory: + enum: + - LOCATION_UNSPECIFIED + - GLOBAL + - ARGENTINA + - ARMENIA + - AUSTRALIA + - AUSTRIA + - AZERBAIJAN + - BELARUS + - BELGIUM + - BRAZIL + - CANADA + - CHILE + - CHINA + - COLOMBIA + - CROATIA + - CZECHIA + - DENMARK + - FRANCE + - FINLAND + - GERMANY + - HONG_KONG + - INDIA + - INDONESIA + - IRELAND + - ISRAEL + - ITALY + - JAPAN + - KAZAKHSTAN + - KOREA + - MEXICO + - THE_NETHERLANDS + - NEW_ZEALAND + - NORWAY + - PARAGUAY + - PERU + - POLAND + - PORTUGAL + - RUSSIA + - SINGAPORE + - SOUTH_AFRICA + - SPAIN + - SWEDEN + - SWITZERLAND + - TAIWAN + - THAILAND + - TURKEY + - UKRAINE + - UNITED_KINGDOM + - UNITED_STATES + - URUGUAY + - UZBEKISTAN + - VENEZUELA + - INTERNAL type: string - format: int64 - GooglePrivacyDlpV2DeltaPresenceEstimationResult: - id: GooglePrivacyDlpV2DeltaPresenceEstimationResult - description: >- - Result of the δ-presence computation. Note that these results are an - estimation, not exact values. - type: object - properties: - deltaPresenceEstimationHistogram: description: >- - The intervals [min_probability, max_probability) do not overlap. If - a value doesn't correspond to any such interval, the associated - frequency is zero. For example, the following records: - {min_probability: 0, max_probability: 0.1, frequency: 17} - {min_probability: 0.2, max_probability: 0.3, frequency: 42} - {min_probability: 0.3, max_probability: 0.4, frequency: 99} mean - that there are no record with an estimated probability in [0.1, 0.2) - nor larger or equal to 0.4. - type: array - items: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2DeltaPresenceEstimationHistogramBucket - GooglePrivacyDlpV2DeltaPresenceEstimationHistogramBucket: - id: GooglePrivacyDlpV2DeltaPresenceEstimationHistogramBucket - description: >- - A DeltaPresenceEstimationHistogramBucket message with the following - values: min_probability: 0.1 max_probability: 0.2 frequency: 42 means - that there are 42 records for which δ is in [0.1, 0.2). An important - particular case is when min_probability = max_probability = 1: then, - every individual who shares this quasi-identifier combination is in the - dataset. - type: object - properties: - minProbability: - description: Between 0 and 1. - type: number - format: double - maxProbability: - description: Always greater than or equal to min_probability. - type: number - format: double - bucketSize: - description: Number of records within these probability bounds. - type: string - format: int64 - bucketValues: + The region or country that issued the ID or document represented by + the infoType. + enumDescriptions: + - Unused location + - >- + The infoType is not issued by or tied to a specific region, but is + used almost everywhere. + - The infoType is typically used in Argentina. + - The infoType is typically used in Armenia. + - The infoType is typically used in Australia. + - The infoType is typically used in Austria. + - The infoType is typically used in Azerbaijan. + - The infoType is typically used in Belarus. + - The infoType is typically used in Belgium. + - The infoType is typically used in Brazil. + - The infoType is typically used in Canada. + - The infoType is typically used in Chile. + - The infoType is typically used in China. + - The infoType is typically used in Colombia. + - The infoType is typically used in Croatia. + - The infoType is typically used in Czechia. + - The infoType is typically used in Denmark. + - The infoType is typically used in France. + - The infoType is typically used in Finland. + - The infoType is typically used in Germany. + - The infoType is typically used in Hong Kong. + - The infoType is typically used in India. + - The infoType is typically used in Indonesia. + - The infoType is typically used in Ireland. + - The infoType is typically used in Israel. + - The infoType is typically used in Italy. + - The infoType is typically used in Japan. + - The infoType is typically used in Kazakhstan. + - The infoType is typically used in Korea. + - The infoType is typically used in Mexico. + - The infoType is typically used in the Netherlands. + - The infoType is typically used in New Zealand. + - The infoType is typically used in Norway. + - The infoType is typically used in Paraguay. + - The infoType is typically used in Peru. + - The infoType is typically used in Poland. + - The infoType is typically used in Portugal. + - The infoType is typically used in Russia. + - The infoType is typically used in Singapore. + - The infoType is typically used in South Africa. + - The infoType is typically used in Spain. + - The infoType is typically used in Sweden. + - The infoType is typically used in Switzerland. + - The infoType is typically used in Taiwan. + - The infoType is typically used in Thailand. + - The infoType is typically used in Turkey. + - The infoType is typically used in Ukraine. + - The infoType is typically used in the United Kingdom. + - The infoType is typically used in the United States. + - The infoType is typically used in Uruguay. + - The infoType is typically used in Uzbekistan. + - The infoType is typically used in Venezuela. + - The infoType is typically used in Google internally. + GooglePrivacyDlpV2Error: + properties: + details: + description: Detailed error codes and messages. + $ref: '#/components/schemas/GoogleRpcStatus' + timestamps: description: >- - Sample of quasi-identifier tuple values in this bucket. The total - number of classes returned per bucket is capped at 20. - type: array + The times the error occurred. List includes the oldest timestamp and + the last 9 timestamps. items: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2DeltaPresenceEstimationQuasiIdValues - bucketValueCount: - description: >- - Total number of distinct quasi-identifier tuple values in this - bucket. + type: string + format: google-datetime + type: array + extraInfo: + description: Additional information about the error. + enumDescriptions: + - Unused. + - Image scan is not available in the region. + - File store cluster is not supported for profile generation. + enum: + - ERROR_INFO_UNSPECIFIED + - IMAGE_SCAN_UNAVAILABLE_IN_REGION + - FILE_STORE_CLUSTER_UNSUPPORTED type: string - format: int64 - GooglePrivacyDlpV2DeltaPresenceEstimationQuasiIdValues: - id: GooglePrivacyDlpV2DeltaPresenceEstimationQuasiIdValues + description: >- + Details information about an error encountered during job execution or + the results of an unsuccessful activation of the JobTrigger. + type: object + id: GooglePrivacyDlpV2Error + GooglePrivacyDlpV2KMapEstimationQuasiIdValues: description: A tuple of values for the quasi-identifier columns. + id: GooglePrivacyDlpV2KMapEstimationQuasiIdValues type: object properties: quasiIdsValues: description: The quasi-identifier values. - type: array items: $ref: '#/components/schemas/GooglePrivacyDlpV2Value' - estimatedProbability: - description: >- - The estimated probability that a given individual sharing these - quasi-identifier values is in the dataset. This value, typically - called δ, is the ratio between the number of records in the dataset - with these quasi-identifier values, and the total number of - individuals (inside *and* outside the dataset) with these - quasi-identifier values. For example, if there are 15 individuals in - the dataset who share the same quasi-identifier values, and an - estimated 100 people in the entire population with these values, - then δ is 0.15. - type: number - format: double - GooglePrivacyDlpV2RequestedRiskAnalysisOptions: - id: GooglePrivacyDlpV2RequestedRiskAnalysisOptions - description: Risk analysis options. - type: object - properties: - jobConfig: - description: The job config for the risk job. - $ref: '#/components/schemas/GooglePrivacyDlpV2RiskAnalysisJobConfig' - GooglePrivacyDlpV2RiskAnalysisJobConfig: - id: GooglePrivacyDlpV2RiskAnalysisJobConfig - description: >- - Configuration for a risk analysis job. See - https://cloud.google.com/sensitive-data-protection/docs/concepts-risk-analysis - to learn more. - type: object - properties: - privacyMetric: - description: Privacy metric to compute. - $ref: '#/components/schemas/GooglePrivacyDlpV2PrivacyMetric' - sourceTable: - description: Input dataset to compute metrics over. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' - actions: - description: >- - Actions to execute at the completion of the job. Are executed in the - order provided. type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Action' - GooglePrivacyDlpV2InspectDataSourceDetails: - id: GooglePrivacyDlpV2InspectDataSourceDetails - description: The results of an inspect DataSource job. - type: object - properties: - requestedOptions: - description: The configuration used for this job. - $ref: '#/components/schemas/GooglePrivacyDlpV2RequestedOptions' - result: - description: A summary of the outcome of this inspection job. - $ref: '#/components/schemas/GooglePrivacyDlpV2Result' - GooglePrivacyDlpV2RequestedOptions: - id: GooglePrivacyDlpV2RequestedOptions - description: Snapshot of the inspection configuration. - type: object - properties: - snapshotInspectTemplate: - description: >- - If run with an InspectTemplate, a snapshot of its state at the time - of this run. - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' - jobConfig: - description: Inspect config. - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectJobConfig' - GooglePrivacyDlpV2Result: - id: GooglePrivacyDlpV2Result - description: All Result fields are updated while the job is processing. - type: object - properties: - processedBytes: - description: Total size in bytes that were processed. - type: string - format: int64 - totalEstimatedBytes: - description: Estimate of the number of bytes to process. + estimatedAnonymity: type: string format: int64 - infoTypeStats: - description: >- - Statistics of how many instances of each info type were found during - inspect job. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeStats' - numRowsProcessed: + description: The estimated anonymity for these quasi-identifier values. + GooglePrivacyDlpV2Expressions: + description: An expression, consisting of an operator and conditions. + id: GooglePrivacyDlpV2Expressions + properties: + conditions: + description: Conditions to apply to the expression. + $ref: '#/components/schemas/GooglePrivacyDlpV2Conditions' + logicalOperator: + enumDescriptions: + - Unused + - Conditional AND description: >- - Number of rows scanned after sampling and time filtering (applicable - for row based stores such as BigQuery). + The operator to apply to the result of conditions. Default and + currently only supported value is `AND`. + enum: + - LOGICAL_OPERATOR_UNSPECIFIED + - AND type: string - format: int64 - hybridStats: - description: Statistics related to the processing of hybrid inspect. - $ref: '#/components/schemas/GooglePrivacyDlpV2HybridInspectStatistics' - GooglePrivacyDlpV2InfoTypeStats: - id: GooglePrivacyDlpV2InfoTypeStats - description: Statistics regarding a specific InfoType. type: object + GooglePrivacyDlpV2SurrogateType: + properties: {} + description: >- + Message for detecting output from deidentification transformations such + as + [`CryptoReplaceFfxFpeConfig`](https://cloud.google.com/sensitive-data-protection/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig). + These types of transformations are those that perform pseudonymization, + thereby producing a "surrogate" as output. This should be used in + conjunction with a field on the transformation such as + `surrogate_info_type`. This CustomInfoType does not support the use of + `detection_rules`. + type: object + id: GooglePrivacyDlpV2SurrogateType + GooglePrivacyDlpV2TransformationDetailsStorageConfig: properties: - infoType: - description: The type of finding this stat is for. - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - count: - description: Number of findings for this infoType. - type: string - format: int64 - GooglePrivacyDlpV2HybridInspectStatistics: - id: GooglePrivacyDlpV2HybridInspectStatistics - description: Statistics related to processing hybrid inspect requests. + table: + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' + description: >- + The BigQuery table in which to store the output. This may be an + existing table or in a new table in an existing dataset. If table_id + is not set a new one will be generated for you with the following + format: + dlp_googleapis_transformation_details_yyyy_mm_dd_[dlp_job_id]. + Pacific time zone will be used for generating the date details. type: object + id: GooglePrivacyDlpV2TransformationDetailsStorageConfig + description: Config for storing transformation details. + GooglePrivacyDlpV2TagFilter: properties: - processedCount: - description: The number of hybrid inspection requests processed within this job. - type: string - format: int64 - abortedCount: + namespacedTagValue: description: >- - The number of hybrid inspection requests aborted because the job ran - out of quota or was ended before they could be processed. + The namespaced name for the tag value. Must be in the format + `{parent_id}/{tag_key_short_name}/{short_name}`, for example, + "123456/environment/prod" for an organization parent, or + "my-project/environment/prod" for a project parent. type: string - format: int64 - pendingCount: + namespacedTagKey: description: >- - The number of hybrid requests currently being processed. Only - populated when called via method `getDlpJob`. A burst of traffic may - cause hybrid inspect requests to be enqueued. Processing will take - place as quickly as possible, but resource limitations may impact - how long a request is enqueued for. + The namespaced name for the tag key. Must be in the format + `{parent_id}/{tag_key_short_name}`, for example, "123456/sensitive" + for an organization parent, or "my-project/sensitive" for a project + parent. type: string - format: int64 - GooglePrivacyDlpV2ActionDetails: - id: GooglePrivacyDlpV2ActionDetails - description: The results of an Action. - type: object - properties: - deidentifyDetails: - description: Outcome of a de-identification action. - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyDataSourceDetails' - GooglePrivacyDlpV2DeidentifyDataSourceDetails: - id: GooglePrivacyDlpV2DeidentifyDataSourceDetails - description: The results of a Deidentify action from an inspect job. + description: A single tag to filter against. + id: GooglePrivacyDlpV2TagFilter type: object - properties: - requestedOptions: - description: De-identification config used for the request. - $ref: '#/components/schemas/GooglePrivacyDlpV2RequestedDeidentifyOptions' - deidentifyStats: - description: Stats about the de-identification operation. - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyDataSourceStats' - GooglePrivacyDlpV2RequestedDeidentifyOptions: - id: GooglePrivacyDlpV2RequestedDeidentifyOptions - description: De-identification options. + GooglePrivacyDlpV2ListConnectionsResponse: + id: GooglePrivacyDlpV2ListConnectionsResponse + description: Response message for ListConnections. type: object properties: - snapshotDeidentifyTemplate: - description: >- - Snapshot of the state of the `DeidentifyTemplate` from the - Deidentify action at the time this job was run. - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' - snapshotStructuredDeidentifyTemplate: - description: >- - Snapshot of the state of the structured `DeidentifyTemplate` from - the `Deidentify` action at the time this job was run. - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' - snapshotImageRedactTemplate: - description: >- - Snapshot of the state of the image transformation - `DeidentifyTemplate` from the `Deidentify` action at the time this - job was run. - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' - GooglePrivacyDlpV2DeidentifyDataSourceStats: - id: GooglePrivacyDlpV2DeidentifyDataSourceStats - description: Summary of what was modified during a transformation. + connections: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' + type: array + description: List of connections. + nextPageToken: + description: >- + Token to retrieve the next page of results. An empty value means + there are no more results. + type: string + GooglePrivacyDlpV2AwsAccountRegex: type: object + id: GooglePrivacyDlpV2AwsAccountRegex + description: AWS account regex. properties: - transformedBytes: - description: Total size in bytes that were transformed in some way. + accountIdRegex: + type: string + description: >- + Optional. Regex to test the AWS account ID against. If empty, all + accounts match. + GooglePrivacyDlpV2Result: + description: All Result fields are updated while the job is processing. + properties: + numRowsProcessed: type: string format: int64 - transformationCount: - description: Number of successfully applied transformations. + description: >- + Number of rows scanned after sampling and time filtering (applicable + for row based stores such as BigQuery). + processedBytes: type: string + description: Total size in bytes that were processed. format: int64 - transformationErrorCount: - description: Number of errors encountered while trying to apply transformations. + infoTypeStats: + type: array + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeStats' + description: >- + Statistics of how many instances of each info type were found during + inspect job. + hybridStats: + description: Statistics related to the processing of hybrid inspect. + $ref: '#/components/schemas/GooglePrivacyDlpV2HybridInspectStatistics' + totalEstimatedBytes: type: string format: int64 - GooglePrivacyDlpV2CreateDiscoveryConfigRequest: - id: GooglePrivacyDlpV2CreateDiscoveryConfigRequest - description: Request message for CreateDiscoveryConfig. + description: Estimate of the number of bytes to process. + type: object + id: GooglePrivacyDlpV2Result + GoogleRpcStatus: + id: GoogleRpcStatus type: object properties: - discoveryConfig: - description: Required. The DiscoveryConfig to create. - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' - configId: + details: description: >- - The config ID can contain uppercase and lowercase letters, numbers, - and hyphens; that is, it must match the regular expression: - `[a-zA-Z\d-_]+`. The maximum length is 100 characters. Can be empty - to allow the system to generate one. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: array + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - GooglePrivacyDlpV2DiscoveryConfig: - id: GooglePrivacyDlpV2DiscoveryConfig + code: + format: int32 + type: integer + description: The status code, which should be an enum value of google.rpc.Code. description: >- - Configuration for discovery to scan resources for profile generation. - Only one discovery configuration may exist per organization, folder, or - project. The generated data profiles are retained according to the [data - retention policy] - (https://cloud.google.com/sensitive-data-protection/docs/data-profiles#retention). + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + GooglePrivacyDlpV2DiscoverySchemaModifiedCadence: + description: The cadence at which to update data profiles when a schema is modified. + id: GooglePrivacyDlpV2DiscoverySchemaModifiedCadence type: object properties: - name: + types: + items: + type: string + enum: + - SCHEMA_MODIFICATION_UNSPECIFIED + - SCHEMA_NEW_COLUMNS + - SCHEMA_REMOVED_COLUMNS + enumDescriptions: + - Unused + - >- + Profiles should be regenerated when new columns are added to the + table. Default. + - >- + Profiles should be regenerated when columns are removed from the + table. description: >- - Unique resource name for the DiscoveryConfig, assigned by the - service when the DiscoveryConfig is created, for example - `projects/dlp-test-project/locations/global/discoveryConfigs/53234423`. - type: string - displayName: - description: Display name (max 100 chars) + The type of events to consider when deciding if the table's schema + has been modified and should have the profile updated. Defaults to + NEW_COLUMNS. + type: array + frequency: type: string - orgConfig: - description: Only set when the parent is an org. - $ref: '#/components/schemas/GooglePrivacyDlpV2OrgConfig' - otherCloudStartingLocation: - description: Must be set only when scanning other clouds. - $ref: >- - #/components/schemas/GooglePrivacyDlpV2OtherCloudDiscoveryStartingLocation - inspectTemplates: description: >- - Detection logic for profile generation. Not all template features - are used by Discovery. FindingLimits, include_quote and - exclude_info_types have no impact on Discovery. Multiple templates - may be provided if there is data in multiple regions. At most one - template must be specified per-region (including "global"). Each - region is scanned using the applicable template. If no - region-specific template is specified, but a "global" template is - specified, it will be copied to that region and used instead. If no - global or region-specific template is provided for a region with - data, that region's data will not be scanned. For more information, - see - https://cloud.google.com/sensitive-data-protection/docs/data-profiles#data-residency. - type: array + How frequently profiles may be updated when schemas are modified. + Defaults to monthly. + enumDescriptions: + - Unspecified. + - After the data profile is created, it will never be updated. + - The data profile can be updated up to once every 24 hours. + - The data profile can be updated up to once every 30 days. Default. + enum: + - UPDATE_FREQUENCY_UNSPECIFIED + - UPDATE_FREQUENCY_NEVER + - UPDATE_FREQUENCY_DAILY + - UPDATE_FREQUENCY_MONTHLY + GooglePrivacyDlpV2ImageRedactionConfig: + properties: + redactionColor: + description: >- + The color to use when redacting content from an image. If not + specified, the default is black. + $ref: '#/components/schemas/GooglePrivacyDlpV2Color' + redactAllText: + type: boolean + description: >- + If true, all text found in the image, regardless whether it matches + an info_type, is redacted. Only one should be provided. + infoType: + description: >- + Only one per info_type should be provided per request. If not + specified, and redact_all_text is false, the DLP API will redact all + text that it matches against all info_types that are found, but not + specified in another ImageRedactionConfig. + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' + id: GooglePrivacyDlpV2ImageRedactionConfig + description: Configuration for determining how redaction of images should occur. + type: object + GooglePrivacyDlpV2RecordTransformations: + description: >- + A type of transformation that is applied over structured data such as a + table. + id: GooglePrivacyDlpV2RecordTransformations + type: object + properties: + recordSuppressions: + description: >- + Configuration defining which records get suppressed entirely. + Records that match any suppression rule are omitted from the output. items: - type: string - actions: - description: Actions to execute at the completion of scanning. + $ref: '#/components/schemas/GooglePrivacyDlpV2RecordSuppression' type: array + fieldTransformations: items: - $ref: '#/components/schemas/GooglePrivacyDlpV2DataProfileAction' - targets: - description: >- - Target to match against for determining what to scan and how - frequently. + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldTransformation' + description: Transform the record by applying various field transformations. type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryTarget' - errors: - description: >- - Output only. A stream of errors encountered when the config was - activated. Repeated errors may result in the config automatically - being paused. Output only field. Will return the last 100 errors. - Whenever the config is modified this list will be cleared. - readOnly: true + GooglePrivacyDlpV2RiskAnalysisJobConfig: + type: object + id: GooglePrivacyDlpV2RiskAnalysisJobConfig + properties: + privacyMetric: + $ref: '#/components/schemas/GooglePrivacyDlpV2PrivacyMetric' + description: Privacy metric to compute. + actions: type: array + description: >- + Actions to execute at the completion of the job. Are executed in the + order provided. items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Error' - createTime: - description: Output only. The creation timestamp of a DiscoveryConfig. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The last update timestamp of a DiscoveryConfig. - readOnly: true + $ref: '#/components/schemas/GooglePrivacyDlpV2Action' + sourceTable: + description: Input dataset to compute metrics over. + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' + description: >- + Configuration for a risk analysis job. See + https://cloud.google.com/sensitive-data-protection/docs/concepts-risk-analysis + to learn more. + GooglePrivacyDlpV2InfoTypeStats: + id: GooglePrivacyDlpV2InfoTypeStats + properties: + count: + description: Number of findings for this infoType. type: string - format: google-datetime - lastRunTime: + format: int64 + infoType: + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' + description: The type of finding this stat is for. + type: object + description: Statistics regarding a specific InfoType. + GooglePrivacyDlpV2OtherCloudSingleResourceReference: + id: GooglePrivacyDlpV2OtherCloudSingleResourceReference + properties: + amazonS3Bucket: + $ref: '#/components/schemas/GooglePrivacyDlpV2AmazonS3Bucket' + description: Amazon S3 bucket. + type: object + description: Identifies a single resource, like a single Amazon S3 bucket. + GooglePrivacyDlpV2InspectContentRequest: + id: GooglePrivacyDlpV2InspectContentRequest + type: object + description: Request to search for potentially sensitive info in a ContentItem. + properties: + inspectConfig: + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectConfig' description: >- - Output only. The timestamp of the last time this config was - executed. - readOnly: true + Configuration for the inspector. What specified here will override + the template referenced by the inspect_template_name argument. + locationId: + description: Deprecated. This field has no effect. type: string - format: google-datetime - status: - description: Required. A status for this configuration. + inspectTemplateName: type: string - enumDescriptions: - - Unused - - The discovery config is currently active. - - The discovery config is paused temporarily. - enum: - - STATUS_UNSPECIFIED - - RUNNING - - PAUSED - processingLocation: description: >- - Optional. Processing location configuration. Vertex AI dataset - scanning will set processing_location.image_fallback_type to - MultiRegionProcessing by default. - $ref: '#/components/schemas/GooglePrivacyDlpV2ProcessingLocation' - GooglePrivacyDlpV2OrgConfig: - id: GooglePrivacyDlpV2OrgConfig - description: >- - Project and scan location information. Only set when the parent is an - org. + Template to use. Any configuration directly specified in + inspect_config will override those set in the template. Singular + fields that are set in this request will replace their corresponding + fields in the template. Repeated fields are appended. Singular + sub-messages and groups are recursively merged. + item: + description: The item to inspect. + $ref: '#/components/schemas/GooglePrivacyDlpV2ContentItem' + GooglePrivacyDlpV2OtherCloudDiscoveryStartingLocation: + description: The other cloud starting location for discovery. + properties: + awsLocation: + $ref: '#/components/schemas/GooglePrivacyDlpV2AwsDiscoveryStartingLocation' + description: The AWS starting location for discovery. + id: GooglePrivacyDlpV2OtherCloudDiscoveryStartingLocation type: object + GooglePrivacyDlpV2HybridFindingDetails: + description: Populate to associate additional data with each finding. + id: GooglePrivacyDlpV2HybridFindingDetails properties: - location: - description: 'The data to scan: folder, org, or project' - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryStartingLocation' - projectId: + containerDetails: + $ref: '#/components/schemas/GooglePrivacyDlpV2Container' description: >- - The project that will run the scan. The DLP service account that - exists within this project must have access to all resources that - are profiled, and the DLP API must be enabled. + Details about the container where the content being inspected is + from. + rowOffset: + description: >- + Offset of the row for tables. Populate if the row(s) being scanned + are part of a bigger dataset and you want to keep track of their + absolute position. + format: int64 + type: string + tableOptions: + description: >- + If the container is a table, additional information to make findings + meaningful such as the columns that are primary keys. If not known + ahead of time, can also be set within each inspect hybrid call and + the two will be merged. Note that identifying_fields will only be + stored to BigQuery, and only if the BigQuery action has been + included. + $ref: '#/components/schemas/GooglePrivacyDlpV2TableOptions' + fileOffset: + format: int64 + description: >- + Offset in bytes of the line, from the beginning of the file, where + the finding is located. Populate if the item being scanned is only + part of a bigger item, such as a shard of a file and you want to + track the absolute position of the finding. type: string + labels: + type: object + description: >- + Labels to represent user provided metadata about the data being + inspected. If configured by the job, some key values may be + required. The labels associated with `Finding`'s produced by hybrid + inspection. Label keys must be between 1 and 63 characters long and + must conform to the following regular expression: + `[a-z]([-a-z0-9]*[a-z0-9])?`. Label values must be between 0 and 63 + characters long and must conform to the regular expression + `([a-z]([-a-z0-9]*[a-z0-9])?)?`. No more than 10 labels can be + associated with a given finding. Examples: * `"environment" : + "production"` * `"pipeline" : "etl"` + additionalProperties: + type: string + type: object + GooglePrivacyDlpV2ReplaceValueConfig: + description: Replace each input value with a given `Value`. + type: object + properties: + newValue: + $ref: '#/components/schemas/GooglePrivacyDlpV2Value' + description: Value to replace it with. + id: GooglePrivacyDlpV2ReplaceValueConfig GooglePrivacyDlpV2DiscoveryStartingLocation: - id: GooglePrivacyDlpV2DiscoveryStartingLocation description: >- The location to begin a discovery scan. Denotes an organization ID or folder ID within an organization. - type: object properties: organizationId: + format: int64 description: The ID of an organization to scan. type: string - format: int64 folderId: - description: The ID of the folder within an organization to be scanned. - type: string format: int64 - GooglePrivacyDlpV2OtherCloudDiscoveryStartingLocation: - id: GooglePrivacyDlpV2OtherCloudDiscoveryStartingLocation - description: The other cloud starting location for discovery. - type: object - properties: - awsLocation: - description: The AWS starting location for discovery. - $ref: '#/components/schemas/GooglePrivacyDlpV2AwsDiscoveryStartingLocation' - GooglePrivacyDlpV2AwsDiscoveryStartingLocation: - id: GooglePrivacyDlpV2AwsDiscoveryStartingLocation - description: The AWS starting location for discovery. - type: object - properties: - accountId: - description: >- - The AWS account ID that this discovery config applies to. Within an - AWS organization, you can find the AWS account ID inside an AWS - account ARN. Example: - arn:{partition}:organizations::{management_account_id}:account/{org_id}/{account_id} type: string - allAssetInventoryAssets: - description: >- - All AWS assets stored in Asset Inventory that didn't match other AWS - discovery configs. - type: boolean - GooglePrivacyDlpV2DataProfileAction: - id: GooglePrivacyDlpV2DataProfileAction - description: A task to execute when a data profile has been generated. + description: The ID of the folder within an organization to be scanned. type: object + id: GooglePrivacyDlpV2DiscoveryStartingLocation + GoogleTypeDate: + id: GoogleTypeDate properties: - exportData: - description: Export data profiles into a provided location. - $ref: '#/components/schemas/GooglePrivacyDlpV2Export' - pubSubNotification: - description: Publish a message into the Pub/Sub topic. - $ref: '#/components/schemas/GooglePrivacyDlpV2PubSubNotification' - publishToChronicle: + month: + type: integer description: >- - Publishes generated data profiles to Google Security Operations. For - more information, see [Use Sensitive Data Protection data in - context-aware - analytics](https://cloud.google.com/chronicle/docs/detection/usecase-dlp-high-risk-user-download). - $ref: '#/components/schemas/GooglePrivacyDlpV2PublishToChronicle' - publishToScc: - description: Publishes findings to Security Command Center for each data profile. - $ref: >- - #/components/schemas/GooglePrivacyDlpV2PublishToSecurityCommandCenter - tagResources: - description: Tags the profiled resources with the specified tag values. - $ref: '#/components/schemas/GooglePrivacyDlpV2TagResources' - publishToDataplexCatalog: + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. + format: int32 + year: description: >- - Publishes a portion of each profile to Dataplex Universal Catalog - with the aspect type Sensitive Data Protection Profile. - $ref: '#/components/schemas/GooglePrivacyDlpV2PublishToDataplexCatalog' - GooglePrivacyDlpV2Export: - id: GooglePrivacyDlpV2Export + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. + type: integer + format: int32 + day: + type: integer + description: >- + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. + format: int32 description: >- - If set, the detailed data profiles will be persisted to the location of - your choice whenever updated. + Represents a whole or partial calendar date, such as a birthday. The + time of day and time zone are either specified elsewhere or are + insignificant. The date is relative to the Gregorian Calendar. This can + represent one of the following: * A full date, with non-zero year, + month, and day values. * A month and day, with a zero year (for example, + an anniversary). * A year on its own, with a zero month and a zero day. + * A year and month, with a zero day (for example, a credit card + expiration date). Related types: * google.type.TimeOfDay * + google.type.DateTime * google.protobuf.Timestamp type: object + GooglePrivacyDlpV2ProfileStatus: + id: GooglePrivacyDlpV2ProfileStatus properties: - profileTable: - description: >- - Store all profiles to BigQuery. * The system will create a new - dataset and table for you if none are are provided. The dataset will - be named `sensitive_data_protection_discovery` and table will be - named `discovery_profiles`. This table will be placed in the same - project as the container project running the scan. After the first - profile is generated and the dataset and table are created, the - discovery scan configuration will be updated with the dataset and - table names. * See [Analyze data profiles stored in - BigQuery](https://cloud.google.com/sensitive-data-protection/docs/analyze-data-profiles). - * See [Sample queries for your BigQuery - table](https://cloud.google.com/sensitive-data-protection/docs/analyze-data-profiles#sample_sql_queries). - * Data is inserted using [streaming - insert](https://cloud.google.com/blog/products/bigquery/life-of-a-bigquery-streaming-insert) - and so data may be in the buffer for a period of time after the - profile has finished. * The Pub/Sub notification is sent before the - streaming buffer is guaranteed to be written, so data may not be - instantly visible to queries by the time your topic receives the - Pub/Sub notification. * The best practice is to use the same table - for an entire organization so that you can take advantage of the - [provided Looker - reports](https://cloud.google.com/sensitive-data-protection/docs/analyze-data-profiles#use_a_premade_report). - If you use VPC Service Controls to define security perimeters, then - you must use a separate table for each boundary. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' - sampleFindingsTable: + status: + $ref: '#/components/schemas/GoogleRpcStatus' description: >- - Store sample data profile findings in an existing table or a new - table in an existing dataset. Each regeneration will result in new - rows in BigQuery. Data is inserted using [streaming - insert](https://cloud.google.com/blog/products/bigquery/life-of-a-bigquery-streaming-insert) - and so data may be in the buffer for a period of time after the - profile has finished. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' - GooglePrivacyDlpV2PubSubNotification: - id: GooglePrivacyDlpV2PubSubNotification - description: >- - Send a Pub/Sub message into the given Pub/Sub topic to connect other - systems to data profile generation. The message payload data will be the - byte serialization of `DataProfilePubSubMessage`. + Profiling status code and optional message. The `status.code` value + is 0 (default value) for OK. + timestamp: + type: string + description: Time when the profile generation status was updated + format: google-datetime + description: Success or errors for the profile generation. type: object + GooglePrivacyDlpV2ActivateJobTriggerRequest: + type: object + id: GooglePrivacyDlpV2ActivateJobTriggerRequest + description: Request message for ActivateJobTrigger. + properties: {} + GooglePrivacyDlpV2VertexDatasetDiscoveryTarget: properties: - topic: - description: >- - Cloud Pub/Sub topic to send notifications to. Format is - projects/{project}/topics/{topic}. - type: string - event: + filter: description: >- - The type of event that triggers a Pub/Sub. At most one - `PubSubNotification` per EventType is permitted. - type: string - enumDescriptions: - - Unused. - - New profile (not a re-profile). - - >- - One of the following profile metrics changed: Data risk score, - Sensitivity score, Resource visibility, Encryption type, Predicted - infoTypes, Other infoTypes - - Table data risk score or sensitivity score increased. - - A user (non-internal) error occurred. - enum: - - EVENT_TYPE_UNSPECIFIED - - NEW_PROFILE - - CHANGED_PROFILE - - SCORE_INCREASED - - ERROR_CHANGED - pubsubCondition: + Required. The datasets the discovery cadence applies to. The first + target with a matching filter will be the one to apply to a dataset. + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryVertexDatasetFilter' + generationCadence: description: >- - Conditions (e.g., data risk or sensitivity level) for triggering a - Pub/Sub. - $ref: '#/components/schemas/GooglePrivacyDlpV2DataProfilePubSubCondition' - detailOfMessage: + How often and when to update profiles. New datasets that match both + the filter and conditions are scanned as quickly as possible + depending on system capacity. + $ref: >- + #/components/schemas/GooglePrivacyDlpV2DiscoveryVertexDatasetGenerationCadence + conditions: description: >- - How much data to include in the Pub/Sub message. If the user wishes - to limit the size of the message, they can use resource_name and - fetch the profile fields they wish to. Per table profile (not per - column). - type: string - enumDescriptions: - - Unused. - - The full table data profile. - - The name of the profiled resource. - - The full file store data profile. - enum: - - DETAIL_LEVEL_UNSPECIFIED - - TABLE_PROFILE - - RESOURCE_NAME - - FILE_STORE_PROFILE - GooglePrivacyDlpV2DataProfilePubSubCondition: - id: GooglePrivacyDlpV2DataProfilePubSubCondition - description: A condition for determining whether a Pub/Sub should be triggered. + In addition to matching the filter, these conditions must be true + before a profile is generated. + $ref: >- + #/components/schemas/GooglePrivacyDlpV2DiscoveryVertexDatasetConditions + disabled: + description: Disable profiling for datasets that match this filter. + $ref: '#/components/schemas/GooglePrivacyDlpV2Disabled' + description: Target used to match against for discovery with Vertex AI datasets. + id: GooglePrivacyDlpV2VertexDatasetDiscoveryTarget type: object + GooglePrivacyDlpV2StorageConfig: properties: - expressions: - description: An expression. - $ref: '#/components/schemas/GooglePrivacyDlpV2PubSubExpressions' - GooglePrivacyDlpV2PubSubExpressions: - id: GooglePrivacyDlpV2PubSubExpressions - description: An expression, consisting of an operator and conditions. + hybridOptions: + description: Hybrid inspection options. + $ref: '#/components/schemas/GooglePrivacyDlpV2HybridOptions' + timespanConfig: + $ref: '#/components/schemas/GooglePrivacyDlpV2TimespanConfig' + description: Configuration of the timespan of the items to include in scanning. + bigQueryOptions: + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryOptions' + description: BigQuery options. + datastoreOptions: + description: Google Cloud Datastore options. + $ref: '#/components/schemas/GooglePrivacyDlpV2DatastoreOptions' + cloudStorageOptions: + $ref: '#/components/schemas/GooglePrivacyDlpV2CloudStorageOptions' + description: Cloud Storage options. + id: GooglePrivacyDlpV2StorageConfig type: object - properties: - logicalOperator: - description: The operator to apply to the collection of conditions. - type: string - enumDescriptions: - - Unused. - - Conditional OR. - - Conditional AND. - enum: - - LOGICAL_OPERATOR_UNSPECIFIED - - OR - - AND - conditions: - description: Conditions to apply to the expression. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2PubSubCondition' - GooglePrivacyDlpV2PubSubCondition: - id: GooglePrivacyDlpV2PubSubCondition - description: A condition consisting of a value. + description: Shared message indicating Cloud storage type. + GooglePrivacyDlpV2RecordTransformation: type: object + id: GooglePrivacyDlpV2RecordTransformation + description: The field in a record to transform. properties: - minimumRiskScore: - description: The minimum data risk score that triggers the condition. + containerTimestamp: + format: google-datetime + description: Findings container modification timestamp, if applicable. type: string - enumDescriptions: - - Unused. - - High risk/sensitivity detected. - - Medium or high risk/sensitivity detected. - enum: - - PROFILE_SCORE_BUCKET_UNSPECIFIED - - HIGH - - MEDIUM_OR_HIGH - minimumSensitivityScore: - description: The minimum sensitivity level that triggers the condition. + containerVersion: type: string - enumDescriptions: - - Unused. - - High risk/sensitivity detected. - - Medium or high risk/sensitivity detected. - enum: - - PROFILE_SCORE_BUCKET_UNSPECIFIED - - HIGH - - MEDIUM_OR_HIGH - GooglePrivacyDlpV2PublishToChronicle: - id: GooglePrivacyDlpV2PublishToChronicle - description: Message expressing intention to publish to Google Security Operations. - type: object - properties: {} - GooglePrivacyDlpV2PublishToSecurityCommandCenter: - id: GooglePrivacyDlpV2PublishToSecurityCommandCenter - description: >- - If set, a summary finding will be created or updated in Security Command - Center for each profile. + description: Container version, if available ("generation" for Cloud Storage). + fieldId: + description: For record transformations, provide a field. + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + GooglePrivacyDlpV2SecretManagerCredential: + id: GooglePrivacyDlpV2SecretManagerCredential type: object - properties: {} - GooglePrivacyDlpV2TagResources: - id: GooglePrivacyDlpV2TagResources description: >- - If set, attaches the [tags] - (https://cloud.google.com/resource-manager/docs/tags/tags-overview) - provided to profiled resources. Tags support [access - control](https://cloud.google.com/iam/docs/tags-access-control). You can - conditionally grant or deny access to a resource based on whether the - resource has a specific tag. - type: object + A credential consisting of a username and password, where the password + is stored in a Secret Manager resource. Note: Secret Manager [charges + apply](https://cloud.google.com/secret-manager/pricing). properties: - tagConditions: - description: The tags to associate with different conditions. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2TagCondition' - profileGenerationsToTag: + passwordSecretVersionName: description: >- - The profile generations for which the tag should be attached to - resources. If you attach a tag to only new profiles, then if the - sensitivity score of a profile subsequently changes, its tag doesn't - change. By default, this field includes only new profiles. To - include both new and updated profiles for tagging, this field should - explicitly include both `PROFILE_GENERATION_NEW` and - `PROFILE_GENERATION_UPDATE`. - type: array + Required. The name of the Secret Manager resource that stores the + password, in the form + `projects/project-id/secrets/secret-name/versions/version`. + type: string + username: + type: string + description: Required. The username. + GooglePrivacyDlpV2LocationSupport: + type: object + properties: + locations: items: type: string - enumDescriptions: - - Unused. - - The profile is the first profile for the resource. - - The profile is an update to a previous profile. - enum: - - PROFILE_GENERATION_UNSPECIFIED - - PROFILE_GENERATION_NEW - - PROFILE_GENERATION_UPDATE - lowerDataRiskToLow: + type: array description: >- - Whether applying a tag to a resource should lower the risk of the - profile for that resource. For example, in conjunction with an [IAM - deny policy](https://cloud.google.com/iam/docs/deny-overview), you - can deny all principals a permission if a tag value is present, - mitigating the risk of the resource. This also lowers the data risk - of resources at the lower levels of the resource hierarchy. For - example, reducing the data risk of a table data profile also reduces - the data risk of the constituent column data profiles. - type: boolean - GooglePrivacyDlpV2TagCondition: - id: GooglePrivacyDlpV2TagCondition - description: >- - The tag to attach to profiles matching the condition. At most one - `TagCondition` can be specified per sensitivity level. - type: object + Specific locations where the feature may be used. Examples: + us-central1, us, asia, global If scope is ANY_LOCATION, no regions + will be listed. + regionalizationScope: + type: string + enum: + - REGIONALIZATION_SCOPE_UNSPECIFIED + - REGIONAL + - ANY_LOCATION + description: >- + The current scope for location on this feature. This may expand over + time. + enumDescriptions: + - Invalid. + - >- + Feature may be used with one or more regions. See locations for + details. + - Feature may be used anywhere. Default value. + id: GooglePrivacyDlpV2LocationSupport + description: Locations at which a feature can be used. + GooglePrivacyDlpV2StoredInfoTypeStats: properties: - tag: - description: The tag value to attach to resources. - $ref: '#/components/schemas/GooglePrivacyDlpV2TagValue' - sensitivityScore: + largeCustomDictionary: + $ref: '#/components/schemas/GooglePrivacyDlpV2LargeCustomDictionaryStats' description: >- - Conditions attaching the tag to a resource on its profile having - this sensitivity score. - $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' - GooglePrivacyDlpV2TagValue: - id: GooglePrivacyDlpV2TagValue - description: A value of a tag. + StoredInfoType where findings are defined by a dictionary of + phrases. + id: GooglePrivacyDlpV2StoredInfoTypeStats + description: Statistics for a StoredInfoType. type: object + GooglePrivacyDlpV2KAnonymityResult: properties: - namespacedValue: - description: >- - The namespaced name for the tag value to attach to resources. Must - be in the format `{parent_id}/{tag_key_short_name}/{short_name}`, - for example, "123456/environment/prod" for an organization parent, - or "my-project/environment/prod" for a project parent. - type: string - GooglePrivacyDlpV2PublishToDataplexCatalog: - id: GooglePrivacyDlpV2PublishToDataplexCatalog - description: >- - Create Dataplex Universal Catalog aspects for profiled resources with - the aspect type Sensitive Data Protection Profile. To learn more about - aspects, see - https://cloud.google.com/sensitive-data-protection/docs/add-aspects. + equivalenceClassHistogramBuckets: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2KAnonymityHistogramBucket' + description: Histogram of k-anonymity equivalence classes. + type: array + type: object + id: GooglePrivacyDlpV2KAnonymityResult + description: Result of the k-anonymity computation. + GooglePrivacyDlpV2PrivacyMetric: type: object properties: - lowerDataRiskToLow: - description: >- - Whether creating a Dataplex Universal Catalog aspect for a profiled - resource should lower the risk of the profile for that resource. - This also lowers the data risk of resources at the lower levels of - the resource hierarchy. For example, reducing the data risk of a - table data profile also reduces the data risk of the constituent - column data profiles. - type: boolean - GooglePrivacyDlpV2DiscoveryTarget: - id: GooglePrivacyDlpV2DiscoveryTarget - description: Target used to match against for Discovery. + kAnonymityConfig: + $ref: '#/components/schemas/GooglePrivacyDlpV2KAnonymityConfig' + description: K-anonymity + kMapEstimationConfig: + description: k-map + $ref: '#/components/schemas/GooglePrivacyDlpV2KMapEstimationConfig' + numericalStatsConfig: + $ref: '#/components/schemas/GooglePrivacyDlpV2NumericalStatsConfig' + description: Numerical stats + deltaPresenceEstimationConfig: + description: delta-presence + $ref: '#/components/schemas/GooglePrivacyDlpV2DeltaPresenceEstimationConfig' + lDiversityConfig: + $ref: '#/components/schemas/GooglePrivacyDlpV2LDiversityConfig' + description: l-diversity + categoricalStatsConfig: + description: Categorical stats + $ref: '#/components/schemas/GooglePrivacyDlpV2CategoricalStatsConfig' + description: Privacy metric to compute for reidentification risk analysis. + id: GooglePrivacyDlpV2PrivacyMetric + GooglePrivacyDlpV2DeidentifyContentResponse: type: object properties: - bigQueryTarget: - description: >- - BigQuery target for Discovery. The first target to match a table - will be the one applied. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryDiscoveryTarget' - cloudSqlTarget: - description: >- - Cloud SQL target for Discovery. The first target to match a table - will be the one applied. - $ref: '#/components/schemas/GooglePrivacyDlpV2CloudSqlDiscoveryTarget' - secretsTarget: - description: >- - Discovery target that looks for credentials and secrets stored in - cloud resource metadata and reports them as vulnerabilities to - Security Command Center. Only one target of this type is allowed. - $ref: '#/components/schemas/GooglePrivacyDlpV2SecretsDiscoveryTarget' - cloudStorageTarget: - description: >- - Cloud Storage target for Discovery. The first target to match a - table will be the one applied. - $ref: '#/components/schemas/GooglePrivacyDlpV2CloudStorageDiscoveryTarget' - otherCloudTarget: - description: >- - Other clouds target for discovery. The first target to match a - resource will be the one applied. - $ref: '#/components/schemas/GooglePrivacyDlpV2OtherCloudDiscoveryTarget' - vertexDatasetTarget: - description: >- - Vertex AI dataset target for Discovery. The first target to match a - dataset will be the one applied. Note that discovery for Vertex AI - can incur Cloud Storage Class B operation charges for - storage.objects.get operations and retrieval fees. For more - information, see [Cloud Storage - pricing](https://cloud.google.com/storage/pricing#price-tables). - Note that discovery for Vertex AI dataset will not be able to scan - images unless - DiscoveryConfig.processing_location.image_fallback_location has - multi_region_processing or global_processing configured. - $ref: '#/components/schemas/GooglePrivacyDlpV2VertexDatasetDiscoveryTarget' - GooglePrivacyDlpV2BigQueryDiscoveryTarget: - id: GooglePrivacyDlpV2BigQueryDiscoveryTarget - description: Target used to match against for discovery with BigQuery tables + item: + $ref: '#/components/schemas/GooglePrivacyDlpV2ContentItem' + description: The de-identified item. + overview: + $ref: '#/components/schemas/GooglePrivacyDlpV2TransformationOverview' + description: An overview of the changes that were made on the `item`. + id: GooglePrivacyDlpV2DeidentifyContentResponse + description: Results of de-identifying a ContentItem. + GooglePrivacyDlpV2Disabled: + id: GooglePrivacyDlpV2Disabled + description: Do not profile the tables. + properties: {} type: object + GooglePrivacyDlpV2DatabaseResourceRegex: + id: GooglePrivacyDlpV2DatabaseResourceRegex + type: object + description: >- + A pattern to match against one or more database resources. At least one + pattern must be specified. Regular expressions use RE2 + [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be + found under the google/re2 repository on GitHub. properties: - filter: + databaseResourceNameRegex: + type: string description: >- - Required. The tables the discovery cadence applies to. The first - target with a matching filter will be the one to apply to a table. - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryBigQueryFilter' - conditions: + Regex to test the database resource's name against. An example of a + database resource name is a table's name. Other database resource + names like view names could be included in the future. If empty, all + database resources match. + instanceRegex: description: >- - In addition to matching the filter, these conditions must be true - before a profile is generated. - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryBigQueryConditions' - cadence: + Regex to test the instance name against. If empty, all instances + match. + type: string + projectIdRegex: description: >- - How often and when to update profiles. New tables that match both - the filter and conditions are scanned as quickly as possible - depending on system capacity. - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryGenerationCadence' - disabled: - description: Tables that match this filter will not have profiles created. - $ref: '#/components/schemas/GooglePrivacyDlpV2Disabled' - GooglePrivacyDlpV2DiscoveryBigQueryFilter: - id: GooglePrivacyDlpV2DiscoveryBigQueryFilter - description: >- - Determines what tables will have profiles generated within an - organization or project. Includes the ability to filter by regular - expression patterns on project ID, dataset ID, and table ID. + For organizations, if unset, will match all projects. Has no effect + for configurations created within a project. + type: string + databaseRegex: + type: string + description: >- + Regex to test the database name against. If empty, all databases + match. + GooglePrivacyDlpV2ImageTransformation: + id: GooglePrivacyDlpV2ImageTransformation type: object + description: Configuration for determining how redaction of images should occur. properties: - tables: + selectedInfoTypes: + $ref: '#/components/schemas/GooglePrivacyDlpV2SelectedInfoTypes' + description: Apply transformation to the selected info_types. + allInfoTypes: description: >- - A specific set of tables for this filter to apply to. A table - collection must be specified in only one filter per config. If a - table id or dataset is empty, Cloud DLP assumes all tables in that - collection must be profiled. Must specify a project ID. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTableCollection' - otherTables: + Apply transformation to all findings not specified in other + ImageTransformation's selected_info_types. Only one instance is + allowed within the ImageTransformations message. + $ref: '#/components/schemas/GooglePrivacyDlpV2AllInfoTypes' + redactionColor: + $ref: '#/components/schemas/GooglePrivacyDlpV2Color' description: >- - Catch-all. This should always be the last filter in the list because - anything above it will apply first. Should only appear once in a - configuration. If none is specified, a default one will be added - automatically. - $ref: '#/components/schemas/GooglePrivacyDlpV2AllOtherBigQueryTables' - tableReference: + The color to use when redacting content from an image. If not + specified, the default is black. + allText: + $ref: '#/components/schemas/GooglePrivacyDlpV2AllText' description: >- - The table to scan. Discovery configurations including this can only - include one DiscoveryTarget (the DiscoveryTarget with this - TableReference). - $ref: '#/components/schemas/GooglePrivacyDlpV2TableReference' - GooglePrivacyDlpV2BigQueryTableCollection: - id: GooglePrivacyDlpV2BigQueryTableCollection - description: Specifies a collection of BigQuery tables. Used for Discovery. + Apply transformation to all text that doesn't match an infoType. + Only one instance is allowed within the ImageTransformations + message. + GooglePrivacyDlpV2VertexDatasetResourceReference: type: object properties: - includeRegexes: + datasetResourceName: description: >- - A collection of regular expressions to match a BigQuery table - against. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryRegexes' - GooglePrivacyDlpV2BigQueryRegexes: - id: GooglePrivacyDlpV2BigQueryRegexes - description: >- - A collection of regular expressions to determine what tables to match - against. - type: object + Required. The name of the Vertex AI resource. If set within a + project-level configuration, the specified resource must be within + the project. Examples: * + `projects/{project}/locations/{location}/datasets/{dataset}` + type: string + id: GooglePrivacyDlpV2VertexDatasetResourceReference + description: Identifies a single Vertex AI resource. Only datasets are supported. + GooglePrivacyDlpV2KAnonymityConfig: properties: - patterns: + quasiIds: description: >- - A single BigQuery regular expression pattern to match against one or - more tables, datasets, or projects that contain BigQuery tables. + Set of fields to compute k-anonymity over. When multiple fields are + specified, they are considered a single composite key. Structs and + repeated data types are not supported; however, nested fields are + supported so long as they are not structs themselves or nested + within a repeated field. type: array items: - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryRegex' - GooglePrivacyDlpV2BigQueryRegex: - id: GooglePrivacyDlpV2BigQueryRegex - description: >- - A pattern to match against one or more tables, datasets, or projects - that contain BigQuery tables. At least one pattern must be specified. - Regular expressions use RE2 - [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be - found under the google/re2 repository on GitHub. - type: object - properties: - projectIdRegex: + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + entityId: description: >- - For organizations, if unset, will match all projects. Has no effect - for data profile configurations created within a project. - type: string - datasetIdRegex: - description: If unset, this property matches all datasets. - type: string - tableIdRegex: - description: If unset, this property matches all tables. - type: string - GooglePrivacyDlpV2AllOtherBigQueryTables: - id: GooglePrivacyDlpV2AllOtherBigQueryTables - description: >- - Catch-all for all other tables not specified by other filters. Should - always be last, except for single-table configurations, which will only - have a TableReference target. + Message indicating that multiple rows might be associated to a + single individual. If the same entity_id is associated to multiple + quasi-identifier tuples over distinct rows, we consider the entire + collection of tuples as the composite quasi-identifier. This + collection is a multiset: the order in which the different tuples + appear in the dataset is ignored, but their frequency is taken into + account. Important note: a maximum of 1000 rows can be associated to + a single entity ID. If more rows are associated with the same entity + ID, some might be ignored. + $ref: '#/components/schemas/GooglePrivacyDlpV2EntityId' + id: GooglePrivacyDlpV2KAnonymityConfig + description: k-anonymity metric, used for analysis of reidentification risk. type: object - properties: {} - GooglePrivacyDlpV2TableReference: - id: GooglePrivacyDlpV2TableReference - description: >- - Message defining the location of a BigQuery table with the projectId - inferred from the parent project. + GooglePrivacyDlpV2DeidentifyDataSourceDetails: + id: GooglePrivacyDlpV2DeidentifyDataSourceDetails type: object + description: The results of a Deidentify action from an inspect job. properties: - datasetId: - description: Dataset ID of the table. - type: string - tableId: - description: Name of the table. - type: string - projectId: + deidentifyStats: + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyDataSourceStats' + description: Stats about the de-identification operation. + requestedOptions: + $ref: '#/components/schemas/GooglePrivacyDlpV2RequestedDeidentifyOptions' + description: De-identification config used for the request. + GooglePrivacyDlpV2ListDeidentifyTemplatesResponse: + description: Response message for ListDeidentifyTemplates. + id: GooglePrivacyDlpV2ListDeidentifyTemplatesResponse + properties: + deidentifyTemplates: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' + type: array description: >- - The Google Cloud project ID of the project containing the table. If - omitted, the project ID is inferred from the parent project. This - field is required if the parent resource is an organization. + List of deidentify templates, up to page_size in + ListDeidentifyTemplatesRequest. + nextPageToken: + description: >- + If the next page is available then the next page token to be used in + the following ListDeidentifyTemplates request. type: string - GooglePrivacyDlpV2DiscoveryBigQueryConditions: - id: GooglePrivacyDlpV2DiscoveryBigQueryConditions - description: >- - Requirements that must be true before a table is scanned in discovery - for the first time. There is an AND relationship between the top-level - attributes. Additionally, minimum conditions with an OR relationship - that must be met before Cloud DLP scans a table can be set (like a - minimum row count or a minimum table age). type: object + GooglePrivacyDlpV2FieldId: + id: GooglePrivacyDlpV2FieldId properties: - createdAfter: - description: >- - BigQuery table must have been created after this date. Used to avoid - backfilling. - type: string - format: google-datetime - types: - description: Restrict discovery to specific table types. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTableTypes' - typeCollection: - description: Restrict discovery to categories of table types. + name: type: string - enumDescriptions: - - Unused. - - >- - Automatically generate profiles for all tables, even if the table - type is not yet fully supported for analysis. Profiles for - unsupported tables will be generated with errors to indicate their - partial support. When full support is added, the tables will - automatically be profiled during the next scheduled run. - - >- - Only those types fully supported will be profiled. Will expand - automatically as Cloud DLP adds support for new table types. - Unsupported table types will not have partial profiles generated. - enum: - - BIG_QUERY_COLLECTION_UNSPECIFIED - - BIG_QUERY_COLLECTION_ALL_TYPES - - BIG_QUERY_COLLECTION_ONLY_SUPPORTED_TYPES - orConditions: + description: Name describing the field. + type: object + description: General identifier of a data field in a storage service. + GooglePrivacyDlpV2VertexDatasetRegexes: + id: GooglePrivacyDlpV2VertexDatasetRegexes + properties: + patterns: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2VertexDatasetRegex' description: >- - At least one of the conditions must be true for a table to be - scanned. - $ref: '#/components/schemas/GooglePrivacyDlpV2OrConditions' - GooglePrivacyDlpV2BigQueryTableTypes: - id: GooglePrivacyDlpV2BigQueryTableTypes - description: The types of BigQuery tables supported by Cloud DLP. + Required. The group of regular expression patterns to match against + one or more datasets. Maximum of 100 entries. The sum of the lengths + of all regular expressions can't exceed 10 KiB. + type: array + description: >- + A collection of regular expressions to determine what datasets to match + against. type: object + GooglePrivacyDlpV2DiscoveryCloudStorageConditions: properties: - types: - description: A set of BigQuery table types. + includedBucketAttributes: type: array + description: >- + Required. Only objects with the specified attributes will be + scanned. Defaults to [ALL_SUPPORTED_BUCKETS] if unset. + items: + enumDescriptions: + - Unused. + - Scan buckets regardless of the attribute. + - >- + Buckets with + [Autoclass](https://cloud.google.com/storage/docs/autoclass) + disabled. Only one of AUTOCLASS_DISABLED or AUTOCLASS_ENABLED + should be set. + - >- + Buckets with + [Autoclass](https://cloud.google.com/storage/docs/autoclass) + enabled. Only one of AUTOCLASS_DISABLED or AUTOCLASS_ENABLED + should be set. Scanning Autoclass-enabled buckets can affect + object storage classes. + enum: + - CLOUD_STORAGE_BUCKET_ATTRIBUTE_UNSPECIFIED + - ALL_SUPPORTED_BUCKETS + - AUTOCLASS_DISABLED + - AUTOCLASS_ENABLED + type: string + includedObjectAttributes: items: type: string enumDescriptions: - Unused. - - A normal BigQuery table. - - A table that references data stored in Cloud Storage. - - A snapshot of a BigQuery table. + - Scan objects regardless of the attribute. + - Scan objects with the standard storage class. + - >- + Scan objects with the nearline storage class. This will incur + retrieval fees. + - >- + Scan objects with the coldline storage class. This will incur + retrieval fees. + - >- + Scan objects with the archive storage class. This will incur + retrieval fees. + - Scan objects with the regional storage class. + - Scan objects with the multi-regional storage class. + - >- + Scan objects with the dual-regional storage class. This will + incur retrieval fees. enum: - - BIG_QUERY_TABLE_TYPE_UNSPECIFIED - - BIG_QUERY_TABLE_TYPE_TABLE - - BIG_QUERY_TABLE_TYPE_EXTERNAL_BIG_LAKE - - BIG_QUERY_TABLE_TYPE_SNAPSHOT - GooglePrivacyDlpV2OrConditions: - id: GooglePrivacyDlpV2OrConditions - description: >- - There is an OR relationship between these attributes. They are used to - determine if a table should be scanned or not in Discovery. - type: object - properties: - minRowCount: - description: >- - Minimum number of rows that should be present before Cloud DLP - profiles a table - type: integer - format: int32 - minAge: + - CLOUD_STORAGE_OBJECT_ATTRIBUTE_UNSPECIFIED + - ALL_SUPPORTED_OBJECTS + - STANDARD + - NEARLINE + - COLDLINE + - ARCHIVE + - REGIONAL + - MULTI_REGIONAL + - DURABLE_REDUCED_AVAILABILITY description: >- - Minimum age a table must have before Cloud DLP can profile it. Value - must be 1 hour or greater. - type: string - format: google-duration - GooglePrivacyDlpV2DiscoveryGenerationCadence: - id: GooglePrivacyDlpV2DiscoveryGenerationCadence + Required. Only objects with the specified attributes will be + scanned. If an object has one of the specified attributes but is + inside an excluded bucket, it will not be scanned. Defaults to + [ALL_SUPPORTED_OBJECTS]. A profile will be created even if no + objects match the included_object_attributes. + type: array + type: object + id: GooglePrivacyDlpV2DiscoveryCloudStorageConditions description: >- - What must take place for a profile to be updated and how frequently it - should occur. New tables are scanned as quickly as possible depending on - system capacity. + Requirements that must be true before a Cloud Storage bucket or object + is scanned in discovery for the first time. There is an AND relationship + between the top-level attributes. + GooglePrivacyDlpV2Export: type: object properties: - schemaModifiedCadence: - description: Governs when to update data profiles when a schema is modified. - $ref: >- - #/components/schemas/GooglePrivacyDlpV2DiscoverySchemaModifiedCadence - tableModifiedCadence: - description: Governs when to update data profiles when a table is modified. - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryTableModifiedCadence' - inspectTemplateModifiedCadence: - description: >- - Governs when to update data profiles when the inspection rules - defined by the `InspectTemplate` change. If not set, changing the - template will not cause a data profile to update. - $ref: >- - #/components/schemas/GooglePrivacyDlpV2DiscoveryInspectTemplateModifiedCadence - refreshFrequency: + profileTable: description: >- - Frequency at which profiles should be updated, regardless of whether - the underlying resource has changed. Defaults to never. - type: string - enumDescriptions: - - Unspecified. - - After the data profile is created, it will never be updated. - - The data profile can be updated up to once every 24 hours. - - The data profile can be updated up to once every 30 days. Default. - enum: - - UPDATE_FREQUENCY_UNSPECIFIED - - UPDATE_FREQUENCY_NEVER - - UPDATE_FREQUENCY_DAILY - - UPDATE_FREQUENCY_MONTHLY - GooglePrivacyDlpV2DiscoverySchemaModifiedCadence: - id: GooglePrivacyDlpV2DiscoverySchemaModifiedCadence - description: The cadence at which to update data profiles when a schema is modified. - type: object + Store all profiles to BigQuery. * The system will create a new + dataset and table for you if none are are provided. The dataset will + be named `sensitive_data_protection_discovery` and table will be + named `discovery_profiles`. This table will be placed in the same + project as the container project running the scan. After the first + profile is generated and the dataset and table are created, the + discovery scan configuration will be updated with the dataset and + table names. * See [Analyze data profiles stored in + BigQuery](https://cloud.google.com/sensitive-data-protection/docs/analyze-data-profiles). + * See [Sample queries for your BigQuery + table](https://cloud.google.com/sensitive-data-protection/docs/analyze-data-profiles#sample_sql_queries). + * Data is inserted using [streaming + insert](https://cloud.google.com/blog/products/bigquery/life-of-a-bigquery-streaming-insert) + and so data may be in the buffer for a period of time after the + profile has finished. * The Pub/Sub notification is sent before the + streaming buffer is guaranteed to be written, so data may not be + instantly visible to queries by the time your topic receives the + Pub/Sub notification. * The best practice is to use the same table + for an entire organization so that you can take advantage of the + [provided Looker + reports](https://cloud.google.com/sensitive-data-protection/docs/analyze-data-profiles#use_a_premade_report). + If you use VPC Service Controls to define security perimeters, then + you must use a separate table for each boundary. + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' + sampleFindingsTable: + description: >- + Store sample data profile findings in an existing table or a new + table in an existing dataset. Each regeneration will result in new + rows in BigQuery. Data is inserted using [streaming + insert](https://cloud.google.com/blog/products/bigquery/life-of-a-bigquery-streaming-insert) + and so data may be in the buffer for a period of time after the + profile has finished. + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' + id: GooglePrivacyDlpV2Export + description: >- + If set, the detailed data profiles will be persisted to the location of + your choice whenever updated. + GooglePrivacyDlpV2DiscoveryBigQueryFilter: + id: GooglePrivacyDlpV2DiscoveryBigQueryFilter properties: - types: + tables: + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTableCollection' description: >- - The type of events to consider when deciding if the table's schema - has been modified and should have the profile updated. Defaults to - NEW_COLUMNS. - type: array - items: - type: string - enumDescriptions: - - Unused - - >- - Profiles should be regenerated when new columns are added to the - table. Default. - - >- - Profiles should be regenerated when columns are removed from the - table. - enum: - - SCHEMA_MODIFICATION_UNSPECIFIED - - SCHEMA_NEW_COLUMNS - - SCHEMA_REMOVED_COLUMNS - frequency: + A specific set of tables for this filter to apply to. A table + collection must be specified in only one filter per config. If a + table id or dataset is empty, Cloud DLP assumes all tables in that + collection must be profiled. Must specify a project ID. + otherTables: description: >- - How frequently profiles may be updated when schemas are modified. - Defaults to monthly. - type: string - enumDescriptions: - - Unspecified. - - After the data profile is created, it will never be updated. - - The data profile can be updated up to once every 24 hours. - - The data profile can be updated up to once every 30 days. Default. - enum: - - UPDATE_FREQUENCY_UNSPECIFIED - - UPDATE_FREQUENCY_NEVER - - UPDATE_FREQUENCY_DAILY - - UPDATE_FREQUENCY_MONTHLY + Catch-all. This should always be the last filter in the list because + anything above it will apply first. Should only appear once in a + configuration. If none is specified, a default one will be added + automatically. + $ref: '#/components/schemas/GooglePrivacyDlpV2AllOtherBigQueryTables' + tableReference: + $ref: '#/components/schemas/GooglePrivacyDlpV2TableReference' + description: >- + The table to scan. Discovery configurations including this can only + include one DiscoveryTarget (the DiscoveryTarget with this + TableReference). + description: >- + Determines what tables will have profiles generated within an + organization or project. Includes the ability to filter by regular + expression patterns on project ID, dataset ID, and table ID. + type: object GooglePrivacyDlpV2DiscoveryTableModifiedCadence: - id: GooglePrivacyDlpV2DiscoveryTableModifiedCadence description: The cadence at which to update data profiles when a table is modified. type: object properties: types: + type: array description: >- The type of events to consider when deciding if the table has been modified and should have the profile updated. Defaults to MODIFIED_TIMESTAMP. - type: array items: type: string + enum: + - TABLE_MODIFICATION_UNSPECIFIED + - TABLE_MODIFIED_TIMESTAMP enumDescriptions: - Unused. - >- A table will be considered modified when the last_modified_time from BigQuery has been updated. - enum: - - TABLE_MODIFICATION_UNSPECIFIED - - TABLE_MODIFIED_TIMESTAMP frequency: - description: >- - How frequently data profiles can be updated when tables are - modified. Defaults to never. - type: string enumDescriptions: - Unspecified. - After the data profile is created, it will never be updated. @@ -5853,1338 +5508,1488 @@ components: - UPDATE_FREQUENCY_NEVER - UPDATE_FREQUENCY_DAILY - UPDATE_FREQUENCY_MONTHLY - GooglePrivacyDlpV2DiscoveryInspectTemplateModifiedCadence: - id: GooglePrivacyDlpV2DiscoveryInspectTemplateModifiedCadence - description: >- - The cadence at which to update data profiles when the inspection rules - defined by the `InspectTemplate` change. - type: object - properties: - frequency: description: >- - How frequently data profiles can be updated when the template is + How frequently data profiles can be updated when tables are modified. Defaults to never. type: string - enumDescriptions: - - Unspecified. - - After the data profile is created, it will never be updated. - - The data profile can be updated up to once every 24 hours. - - The data profile can be updated up to once every 30 days. Default. - enum: - - UPDATE_FREQUENCY_UNSPECIFIED - - UPDATE_FREQUENCY_NEVER - - UPDATE_FREQUENCY_DAILY - - UPDATE_FREQUENCY_MONTHLY - GooglePrivacyDlpV2Disabled: - id: GooglePrivacyDlpV2Disabled - description: Do not profile the tables. - type: object - properties: {} - GooglePrivacyDlpV2CloudSqlDiscoveryTarget: - id: GooglePrivacyDlpV2CloudSqlDiscoveryTarget - description: Target used to match against for discovery with Cloud SQL tables. + id: GooglePrivacyDlpV2DiscoveryTableModifiedCadence + GooglePrivacyDlpV2CreateDiscoveryConfigRequest: + id: GooglePrivacyDlpV2CreateDiscoveryConfigRequest type: object + description: Request message for CreateDiscoveryConfig. properties: - filter: + configId: + type: string description: >- - Required. The tables the discovery cadence applies to. The first - target with a matching filter will be the one to apply to a table. - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryCloudSqlFilter' - conditions: + The config ID can contain uppercase and lowercase letters, numbers, + and hyphens; that is, it must match the regular expression: + `[a-zA-Z\d-_]+`. The maximum length is 100 characters. Can be empty + to allow the system to generate one. + discoveryConfig: + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' + description: Required. The DiscoveryConfig to create. + GooglePrivacyDlpV2CreateDlpJobRequest: + type: object + description: >- + Request message for CreateDlpJobRequest. Used to initiate long running + jobs such as calculating risk metrics or inspecting Google Cloud + Storage. + id: GooglePrivacyDlpV2CreateDlpJobRequest + properties: + inspectJob: + description: An inspection job scans a storage repository for InfoTypes. + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectJobConfig' + locationId: + description: Deprecated. This field has no effect. + type: string + jobId: description: >- - In addition to matching the filter, these conditions must be true - before a profile is generated. - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryCloudSqlConditions' - generationCadence: + The job id can contain uppercase and lowercase letters, numbers, and + hyphens; that is, it must match the regular expression: + `[a-zA-Z\d-_]+`. The maximum length is 100 characters. Can be empty + to allow the system to generate one. + type: string + riskJob: description: >- - How often and when to update profiles. New tables that match both - the filter and conditions are scanned as quickly as possible - depending on system capacity. - $ref: >- - #/components/schemas/GooglePrivacyDlpV2DiscoveryCloudSqlGenerationCadence - disabled: - description: Disable profiling for database resources that match this filter. - $ref: '#/components/schemas/GooglePrivacyDlpV2Disabled' - GooglePrivacyDlpV2DiscoveryCloudSqlFilter: - id: GooglePrivacyDlpV2DiscoveryCloudSqlFilter + A risk analysis job calculates re-identification risk metrics for a + BigQuery table. + $ref: '#/components/schemas/GooglePrivacyDlpV2RiskAnalysisJobConfig' + GooglePrivacyDlpV2PathElement: description: >- - Determines what tables will have profiles generated within an - organization or project. Includes the ability to filter by regular - expression patterns on project ID, location, instance, database, and - database resource name. + A (kind, ID/name) pair used to construct a key path. If either name or + ID is set, the element is complete. If neither is set, the element is + incomplete. type: object properties: - collection: - description: A specific set of database resources for this filter to apply to. - $ref: '#/components/schemas/GooglePrivacyDlpV2DatabaseResourceCollection' - others: + name: + type: string description: >- - Catch-all. This should always be the last target in the list because - anything above it will apply first. Should only appear once in a - configuration. If none is specified, a default one will be added - automatically. - $ref: '#/components/schemas/GooglePrivacyDlpV2AllOtherDatabaseResources' - databaseResourceReference: + The name of the entity. A name matching regex `__.*__` is + reserved/read-only. A name must not be more than 1500 bytes when + UTF-8 encoded. Cannot be `""`. + id: + type: string description: >- - The database resource to scan. Targets including this can only - include one target (the target with this database resource - reference). - $ref: '#/components/schemas/GooglePrivacyDlpV2DatabaseResourceReference' - GooglePrivacyDlpV2DatabaseResourceCollection: - id: GooglePrivacyDlpV2DatabaseResourceCollection - description: >- - Match database resources using regex filters. Examples of database - resources are tables, views, and stored procedures. + The auto-allocated ID of the entity. Never equal to zero. Values + less than zero are discouraged and may not be supported in the + future. + format: int64 + kind: + type: string + description: >- + The kind of the entity. A kind matching regex `__.*__` is + reserved/read-only. A kind must not contain more than 1500 bytes + when UTF-8 encoded. Cannot be `""`. + id: GooglePrivacyDlpV2PathElement + GooglePrivacyDlpV2PubSubCondition: + id: GooglePrivacyDlpV2PubSubCondition + properties: + minimumSensitivityScore: + type: string + enumDescriptions: + - Unused. + - High risk/sensitivity detected. + - Medium or high risk/sensitivity detected. + enum: + - PROFILE_SCORE_BUCKET_UNSPECIFIED + - HIGH + - MEDIUM_OR_HIGH + description: The minimum sensitivity level that triggers the condition. + minimumRiskScore: + description: The minimum data risk score that triggers the condition. + enum: + - PROFILE_SCORE_BUCKET_UNSPECIFIED + - HIGH + - MEDIUM_OR_HIGH + enumDescriptions: + - Unused. + - High risk/sensitivity detected. + - Medium or high risk/sensitivity detected. + type: string + description: A condition consisting of a value. + type: object + GooglePrivacyDlpV2AmazonS3Bucket: + properties: + awsAccount: + description: The AWS account. + $ref: '#/components/schemas/GooglePrivacyDlpV2AwsAccount' + bucketName: + description: Required. The bucket name. + type: string + description: Amazon S3 bucket. type: object - properties: - includeRegexes: - description: >- - A collection of regular expressions to match a database resource - against. - $ref: '#/components/schemas/GooglePrivacyDlpV2DatabaseResourceRegexes' - GooglePrivacyDlpV2DatabaseResourceRegexes: - id: GooglePrivacyDlpV2DatabaseResourceRegexes - description: >- - A collection of regular expressions to determine what database resources - to match against. + id: GooglePrivacyDlpV2AmazonS3Bucket + GooglePrivacyDlpV2ReplaceWithInfoTypeConfig: + description: Replace each matching finding with the name of the info_type. + type: object + properties: {} + id: GooglePrivacyDlpV2ReplaceWithInfoTypeConfig + GooglePrivacyDlpV2CategoricalStatsResult: type: object + id: GooglePrivacyDlpV2CategoricalStatsResult + description: Result of the categorical stats computation. properties: - patterns: - description: >- - A group of regular expression patterns to match against one or more - database resources. Maximum of 100 entries. The sum of all regular - expression's length can't exceed 10 KiB. + valueFrequencyHistogramBuckets: type: array items: - $ref: '#/components/schemas/GooglePrivacyDlpV2DatabaseResourceRegex' - GooglePrivacyDlpV2DatabaseResourceRegex: - id: GooglePrivacyDlpV2DatabaseResourceRegex - description: >- - A pattern to match against one or more database resources. At least one - pattern must be specified. Regular expressions use RE2 - [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be - found under the google/re2 repository on GitHub. + $ref: >- + #/components/schemas/GooglePrivacyDlpV2CategoricalStatsHistogramBucket + description: Histogram of value frequencies in the column. + GooglePrivacyDlpV2FileClusterType: type: object + description: Message used to identify file cluster type being profiled. + id: GooglePrivacyDlpV2FileClusterType properties: - projectIdRegex: - description: >- - For organizations, if unset, will match all projects. Has no effect - for configurations created within a project. + cluster: + enum: + - CLUSTER_UNSPECIFIED + - CLUSTER_UNKNOWN + - CLUSTER_TEXT + - CLUSTER_STRUCTURED_DATA + - CLUSTER_SOURCE_CODE + - CLUSTER_RICH_DOCUMENT + - CLUSTER_IMAGE + - CLUSTER_ARCHIVE + - CLUSTER_MULTIMEDIA + - CLUSTER_EXECUTABLE + - CLUSTER_AI_MODEL + description: Cluster type. + enumDescriptions: + - Unused. + - Unsupported files. + - Plain text. + - Structured data like CSV, TSV etc. + - Source code. + - Rich document like docx, xlsx etc. + - Images like jpeg, bmp. + - Archives and containers like .zip, .tar etc. + - Multimedia like .mp4, .avi etc. + - Executable files like .exe, .class, .apk etc. + - AI models like .tflite etc. type: string - instanceRegex: + GooglePrivacyDlpV2CharacterMaskConfig: + description: >- + Partially mask a string by replacing a given number of characters with a + fixed character. Masking can start from the beginning or end of the + string. This can be used on data of any type (numbers, longs, and so on) + and when de-identifying structured data we'll attempt to preserve the + original data's type. (This allows you to take a long like 123 and + modify it to a string like **3. + properties: + numberToMask: + type: integer description: >- - Regex to test the instance name against. If empty, all instances - match. - type: string - databaseRegex: + Number of characters to mask. If not set, all matching chars will be + masked. Skipped characters do not count towards this tally. If + `number_to_mask` is negative, this denotes inverse masking. Cloud + DLP masks all but a number of characters. For example, suppose you + have the following values: - `masking_character` is `*` - + `number_to_mask` is `-4` - `reverse_order` is `false` - + `CharsToIgnore` includes `-` - Input string is `1234-5678-9012-3456` + The resulting de-identified string is `****-****-****-3456`. Cloud + DLP masks all but the last four characters. If `reverse_order` is + `true`, all but the first four characters are masked as + `1234-****-****-****`. + format: int32 + charactersToIgnore: + type: array description: >- - Regex to test the database name against. If empty, all databases - match. + When masking a string, items in this list will be skipped when + replacing characters. For example, if the input string is + `555-555-5555` and you instruct Cloud DLP to skip `-` and mask 5 + characters with `*`, Cloud DLP returns `***-**5-5555`. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2CharsToIgnore' + maskingCharacter: type: string - databaseResourceNameRegex: description: >- - Regex to test the database resource's name against. An example of a - database resource name is a table's name. Other database resource - names like view names could be included in the future. If empty, all - database resources match. - type: string - GooglePrivacyDlpV2AllOtherDatabaseResources: - id: GooglePrivacyDlpV2AllOtherDatabaseResources - description: Match database resources not covered by any other filter. + Character to use to mask the sensitive values—for example, `*` for + an alphabetic string such as a name, or `0` for a numeric string + such as ZIP code or credit card number. This string must have a + length of 1. If not supplied, this value defaults to `*` for + strings, and `0` for digits. + reverseOrder: + description: >- + Mask characters in reverse order. For example, if + `masking_character` is `0`, `number_to_mask` is `14`, and + `reverse_order` is `false`, then the input string + `1234-5678-9012-3456` is masked as `00000000000000-3456`. If + `masking_character` is `*`, `number_to_mask` is `3`, and + `reverse_order` is `true`, then the string `12345` is masked as + `12***`. + type: boolean + id: GooglePrivacyDlpV2CharacterMaskConfig type: object - properties: {} - GooglePrivacyDlpV2DatabaseResourceReference: - id: GooglePrivacyDlpV2DatabaseResourceReference - description: Identifies a single database resource, like a table within a database. + GooglePrivacyDlpV2PubSubExpressions: type: object + id: GooglePrivacyDlpV2PubSubExpressions + description: An expression, consisting of an operator and conditions. properties: - projectId: - description: >- - Required. If within a project-level config, then this must match the - config's project ID. - type: string - instance: - description: >- - Required. The instance where this resource is located. For example: - Cloud SQL instance ID. - type: string - database: - description: Required. Name of a database within the instance. - type: string - databaseResource: - description: >- - Required. Name of a database resource, for example, a table within - the database. + logicalOperator: + enumDescriptions: + - Unused. + - Conditional OR. + - Conditional AND. + enum: + - LOGICAL_OPERATOR_UNSPECIFIED + - OR + - AND type: string - GooglePrivacyDlpV2DiscoveryCloudSqlConditions: - id: GooglePrivacyDlpV2DiscoveryCloudSqlConditions - description: >- - Requirements that must be true before a table is profiled for the first - time. - type: object - properties: - databaseEngines: - description: >- - Optional. Database engines that should be profiled. Optional. - Defaults to ALL_SUPPORTED_DATABASE_ENGINES if unspecified. - type: array + description: The operator to apply to the collection of conditions. + conditions: + description: Conditions to apply to the expression. items: - type: string - enumDescriptions: - - Unused. - - Include all supported database engines. - - MySQL database. - - PostgreSQL database. - enum: - - DATABASE_ENGINE_UNSPECIFIED - - ALL_SUPPORTED_DATABASE_ENGINES - - MYSQL - - POSTGRES - types: - description: >- - Data profiles will only be generated for the database resource types - specified in this field. If not specified, defaults to - [DATABASE_RESOURCE_TYPE_ALL_SUPPORTED_TYPES]. + $ref: '#/components/schemas/GooglePrivacyDlpV2PubSubCondition' type: array - items: - type: string - enumDescriptions: - - Unused. - - >- - Includes database resource types that become supported at a - later time. - - Tables. - enum: - - DATABASE_RESOURCE_TYPE_UNSPECIFIED - - DATABASE_RESOURCE_TYPE_ALL_SUPPORTED_TYPES - - DATABASE_RESOURCE_TYPE_TABLE - GooglePrivacyDlpV2DiscoveryCloudSqlGenerationCadence: - id: GooglePrivacyDlpV2DiscoveryCloudSqlGenerationCadence - description: >- - How often existing tables should have their profiles refreshed. New - tables are scanned as quickly as possible depending on system capacity. + GooglePrivacyDlpV2BigQueryField: + description: Message defining a field of a BigQuery table. + properties: + table: + description: Source table of the field. + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' + field: + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + description: Designated field in the BigQuery table. type: object + id: GooglePrivacyDlpV2BigQueryField + GooglePrivacyDlpV2DateShiftConfig: properties: - schemaModifiedCadence: - description: When to reprofile if the schema has changed. - $ref: '#/components/schemas/GooglePrivacyDlpV2SchemaModifiedCadence' - refreshFrequency: + context: description: >- - Data changes (non-schema changes) in Cloud SQL tables can't trigger - reprofiling. If you set this field, profiles are refreshed at this - frequency regardless of whether the underlying tables have changed. - Defaults to never. - type: string - enumDescriptions: - - Unspecified. - - After the data profile is created, it will never be updated. - - The data profile can be updated up to once every 24 hours. - - The data profile can be updated up to once every 30 days. Default. - enum: - - UPDATE_FREQUENCY_UNSPECIFIED - - UPDATE_FREQUENCY_NEVER - - UPDATE_FREQUENCY_DAILY - - UPDATE_FREQUENCY_MONTHLY - inspectTemplateModifiedCadence: + Points to the field that contains the context, for example, an + entity id. If set, must also set cryptoKey. If set, shift will be + consistent for the given context. + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + lowerBoundDays: + format: int32 + description: >- + Required. For example, -5 means shift date to at most 5 days back in + the past. + type: integer + upperBoundDays: description: >- - Governs when to update data profiles when the inspection rules - defined by the `InspectTemplate` change. If not set, changing the - template will not cause a data profile to update. - $ref: >- - #/components/schemas/GooglePrivacyDlpV2DiscoveryInspectTemplateModifiedCadence - GooglePrivacyDlpV2SchemaModifiedCadence: - id: GooglePrivacyDlpV2SchemaModifiedCadence + Required. Range of shift in days. Actual shift will be selected at + random within this range (inclusive ends). Negative means shift to + earlier in time. Must not be more than 365250 days (1000 years) each + direction. For example, 3 means shift date to at most 3 days into + the future. + type: integer + format: int32 + cryptoKey: + $ref: '#/components/schemas/GooglePrivacyDlpV2CryptoKey' + description: >- + Causes the shift to be computed based on this key and the context. + This results in the same shift for the same context and crypto_key. + If set, must also set context. Can only be applied to table items. + id: GooglePrivacyDlpV2DateShiftConfig description: >- - How frequently to modify the profile when the table's schema is - modified. + Shifts dates by random number of days, with option to be consistent for + the same context. See + https://cloud.google.com/sensitive-data-protection/docs/concepts-date-shifting + to learn more. + type: object + GooglePrivacyDlpV2OtherCloudResourceRegexes: + id: GooglePrivacyDlpV2OtherCloudResourceRegexes type: object properties: - types: + patterns: description: >- - The types of schema modifications to consider. Defaults to - NEW_COLUMNS. - type: array + A group of regular expression patterns to match against one or more + resources. Maximum of 100 entries. The sum of all regular + expression's length can't exceed 10 KiB. items: - type: string - enumDescriptions: - - Unused. - - New columns have appeared. - - Columns have been removed from the table. - enum: - - SQL_SCHEMA_MODIFICATION_UNSPECIFIED - - NEW_COLUMNS - - REMOVED_COLUMNS - frequency: - description: >- - Frequency to regenerate data profiles when the schema is modified. - Defaults to monthly. - type: string - enumDescriptions: - - Unspecified. - - After the data profile is created, it will never be updated. - - The data profile can be updated up to once every 24 hours. - - The data profile can be updated up to once every 30 days. Default. - enum: - - UPDATE_FREQUENCY_UNSPECIFIED - - UPDATE_FREQUENCY_NEVER - - UPDATE_FREQUENCY_DAILY - - UPDATE_FREQUENCY_MONTHLY - GooglePrivacyDlpV2SecretsDiscoveryTarget: - id: GooglePrivacyDlpV2SecretsDiscoveryTarget + $ref: '#/components/schemas/GooglePrivacyDlpV2OtherCloudResourceRegex' + type: array description: >- - Discovery target for credentials and secrets in cloud resource metadata. - This target does not include any filtering or frequency controls. Cloud - DLP will scan cloud resource metadata for secrets daily. No inspect - template should be included in the discovery config for a security - benchmarks scan. Instead, the built-in list of secrets and credentials - infoTypes will be used (see - https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference#credentials_and_secrets). - Credentials and secrets discovered will be reported as vulnerabilities - to Security Command Center. + A collection of regular expressions to determine what resources to match + against. + GooglePrivacyDlpV2OtherCloudResourceRegex: + id: GooglePrivacyDlpV2OtherCloudResourceRegex type: object - properties: {} - GooglePrivacyDlpV2CloudStorageDiscoveryTarget: - id: GooglePrivacyDlpV2CloudStorageDiscoveryTarget - description: Target used to match against for discovery with Cloud Storage buckets. + properties: + amazonS3BucketRegex: + $ref: '#/components/schemas/GooglePrivacyDlpV2AmazonS3BucketRegex' + description: Regex for Amazon S3 buckets. + description: >- + A pattern to match against one or more resources. At least one pattern + must be specified. Regular expressions use RE2 + [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be + found under the google/re2 repository on GitHub. + GooglePrivacyDlpV2FixedSizeBucketingConfig: type: object + description: >- + Buckets values based on fixed size ranges. The Bucketing transformation + can provide all of this functionality, but requires more configuration. + This message is provided as a convenience to the user for simple + bucketing strategies. The transformed value will be a hyphenated string + of {lower_bound}-{upper_bound}. For example, if lower_bound = 10 and + upper_bound = 20, all values that are within this bucket will be + replaced with "10-20". This can be used on data of type: double, long. + If the bound Value type differs from the type of data being transformed, + we will first attempt converting the type of the data to be transformed + to match the type of the bound before comparing. See + https://cloud.google.com/sensitive-data-protection/docs/concepts-bucketing + to learn more. properties: - filter: + lowerBound: + $ref: '#/components/schemas/GooglePrivacyDlpV2Value' description: >- - Required. The buckets the generation_cadence applies to. The first - target with a matching filter will be the one to apply to a bucket. - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryCloudStorageFilter' - conditions: + Required. Lower bound value of buckets. All values less than + `lower_bound` are grouped together into a single bucket; for example + if `lower_bound` = 10, then all values less than 10 are replaced + with the value "-10". + bucketSize: + format: double + type: number description: >- - Optional. In addition to matching the filter, these conditions must - be true before a profile is generated. - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryFileStoreConditions' - generationCadence: + Required. Size of each bucket (except for minimum and maximum + buckets). So if `lower_bound` = 10, `upper_bound` = 89, and + `bucket_size` = 10, then the following buckets would be used: -10, + 10-20, 20-30, 30-40, 40-50, 50-60, 60-70, 70-80, 80-89, 89+. + Precision up to 2 decimals works. + upperBound: + $ref: '#/components/schemas/GooglePrivacyDlpV2Value' description: >- - Optional. How often and when to update profiles. New buckets that - match both the filter and conditions are scanned as quickly as - possible depending on system capacity. - $ref: >- - #/components/schemas/GooglePrivacyDlpV2DiscoveryCloudStorageGenerationCadence - disabled: - description: Optional. Disable profiling for buckets that match this filter. - $ref: '#/components/schemas/GooglePrivacyDlpV2Disabled' - GooglePrivacyDlpV2DiscoveryCloudStorageFilter: - id: GooglePrivacyDlpV2DiscoveryCloudStorageFilter + Required. Upper bound value of buckets. All values greater than + upper_bound are grouped together into a single bucket; for example + if `upper_bound` = 89, then all values greater than 89 are replaced + with the value "89+". + id: GooglePrivacyDlpV2FixedSizeBucketingConfig + GooglePrivacyDlpV2StoredInfoTypeConfig: + id: GooglePrivacyDlpV2StoredInfoTypeConfig description: >- - Determines which buckets will have profiles generated within an - organization or project. Includes the ability to filter by regular - expression patterns on project ID and bucket name. + Configuration for stored infoTypes. All fields and subfield are provided + by the user. For more information, see + https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes. type: object properties: - collection: - description: Optional. A specific set of buckets for this filter to apply to. - $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreCollection' - cloudStorageResourceReference: - description: >- - Optional. The bucket to scan. Targets including this can only - include one target (the target with this bucket). This enables - profiling the contents of a single bucket, while the other options - allow for easy profiling of many bucets within a project or an - organization. - $ref: '#/components/schemas/GooglePrivacyDlpV2CloudStorageResourceReference' - others: + regex: + description: Store regular expression-based StoredInfoType. + $ref: '#/components/schemas/GooglePrivacyDlpV2Regex' + largeCustomDictionary: + $ref: '#/components/schemas/GooglePrivacyDlpV2LargeCustomDictionaryConfig' description: >- - Optional. Catch-all. This should always be the last target in the - list because anything above it will apply first. Should only appear - once in a configuration. If none is specified, a default one will be - added automatically. - $ref: '#/components/schemas/GooglePrivacyDlpV2AllOtherResources' - GooglePrivacyDlpV2FileStoreCollection: - id: GooglePrivacyDlpV2FileStoreCollection - description: Match file stores (e.g. buckets) using filters. + StoredInfoType where findings are defined by a dictionary of + phrases. + description: + description: Description of the StoredInfoType (max 256 characters). + type: string + dictionary: + description: Store dictionary-based CustomInfoType. + $ref: '#/components/schemas/GooglePrivacyDlpV2Dictionary' + displayName: + type: string + description: Display name of the StoredInfoType (max 256 characters). + GooglePrivacyDlpV2TagCondition: type: object properties: - includeRegexes: + sensitivityScore: description: >- - Optional. A collection of regular expressions to match a file store - against. - $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreRegexes' - GooglePrivacyDlpV2FileStoreRegexes: - id: GooglePrivacyDlpV2FileStoreRegexes + Conditions attaching the tag to a resource on its profile having + this sensitivity score. + $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' + tag: + description: The tag value to attach to resources. + $ref: '#/components/schemas/GooglePrivacyDlpV2TagValue' + id: GooglePrivacyDlpV2TagCondition description: >- - A collection of regular expressions to determine what file store to - match against. + The tag to attach to profiles matching the condition. At most one + `TagCondition` can be specified per sensitivity level. + GooglePrivacyDlpV2AllOtherDatabaseResources: + description: Match database resources not covered by any other filter. + properties: {} + id: GooglePrivacyDlpV2AllOtherDatabaseResources + type: object + GooglePrivacyDlpV2DeltaPresenceEstimationResult: + id: GooglePrivacyDlpV2DeltaPresenceEstimationResult + description: >- + Result of the δ-presence computation. Note that these results are an + estimation, not exact values. type: object properties: - patterns: + deltaPresenceEstimationHistogram: + type: array description: >- - Required. The group of regular expression patterns to match against - one or more file stores. Maximum of 100 entries. The sum of all - regular expression's length can't exceed 10 KiB. + The intervals [min_probability, max_probability) do not overlap. If + a value doesn't correspond to any such interval, the associated + frequency is zero. For example, the following records: + {min_probability: 0, max_probability: 0.1, frequency: 17} + {min_probability: 0.2, max_probability: 0.3, frequency: 42} + {min_probability: 0.3, max_probability: 0.4, frequency: 99} mean + that there are no record with an estimated probability in [0.1, 0.2) + nor larger or equal to 0.4. + items: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2DeltaPresenceEstimationHistogramBucket + GooglePrivacyDlpV2InfoTypeTransformation: + description: >- + A transformation to apply to text that is identified as a specific + info_type. + id: GooglePrivacyDlpV2InfoTypeTransformation + properties: + primitiveTransformation: + description: Required. Primitive transformation to apply to the infoType. + $ref: '#/components/schemas/GooglePrivacyDlpV2PrimitiveTransformation' + infoTypes: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' + description: >- + InfoTypes to apply the transformation to. An empty list will cause + this transformation to apply to all findings that correspond to + infoTypes that were requested in `InspectConfig`. type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreRegex' - GooglePrivacyDlpV2FileStoreRegex: - id: GooglePrivacyDlpV2FileStoreRegex - description: A pattern to match against one or more file stores. type: object - properties: - cloudStorageRegex: - description: Optional. Regex for Cloud Storage. - $ref: '#/components/schemas/GooglePrivacyDlpV2CloudStorageRegex' - GooglePrivacyDlpV2CloudStorageRegex: - id: GooglePrivacyDlpV2CloudStorageRegex - description: >- - A pattern to match against one or more file stores. At least one pattern - must be specified. Regular expressions use RE2 - [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be - found under the google/re2 repository on GitHub. + GooglePrivacyDlpV2PubSubNotification: type: object + description: >- + Send a Pub/Sub message into the given Pub/Sub topic to connect other + systems to data profile generation. The message payload data will be the + byte serialization of `DataProfilePubSubMessage`. properties: - projectIdRegex: - description: Optional. For organizations, if unset, will match all projects. + event: type: string - bucketNameRegex: + enum: + - EVENT_TYPE_UNSPECIFIED + - NEW_PROFILE + - CHANGED_PROFILE + - SCORE_INCREASED + - ERROR_CHANGED + enumDescriptions: + - Unused. + - New profile (not a re-profile). + - >- + One of the following profile metrics changed: Data risk score, + Sensitivity score, Resource visibility, Encryption type, Predicted + infoTypes, Other infoTypes + - Table data risk score or sensitivity score increased. + - A user (non-internal) error occurred. description: >- - Optional. Regex to test the bucket name against. If empty, all - buckets match. Example: "marketing2021" or "(marketing)\d{4}" will - both match the bucket gs://marketing2021 + The type of event that triggers a Pub/Sub. At most one + `PubSubNotification` per EventType is permitted. + pubsubCondition: + $ref: '#/components/schemas/GooglePrivacyDlpV2DataProfilePubSubCondition' + description: >- + Conditions (e.g., data risk or sensitivity level) for triggering a + Pub/Sub. + detailOfMessage: + description: >- + How much data to include in the Pub/Sub message. If the user wishes + to limit the size of the message, they can use resource_name and + fetch the profile fields they wish to. Per table profile (not per + column). + enum: + - DETAIL_LEVEL_UNSPECIFIED + - TABLE_PROFILE + - RESOURCE_NAME + - FILE_STORE_PROFILE + enumDescriptions: + - Unused. + - The full table data profile. + - The name of the profiled resource. + - The full file store data profile. type: string - GooglePrivacyDlpV2CloudStorageResourceReference: - id: GooglePrivacyDlpV2CloudStorageResourceReference - description: Identifies a single Cloud Storage bucket. - type: object - properties: - bucketName: - description: Required. The bucket to scan. + topic: type: string - projectId: description: >- - Required. If within a project-level config, then this must match the - config's project id. - type: string - GooglePrivacyDlpV2AllOtherResources: - id: GooglePrivacyDlpV2AllOtherResources - description: Match discovery resources not covered by any other filter. - type: object - properties: {} - GooglePrivacyDlpV2DiscoveryFileStoreConditions: - id: GooglePrivacyDlpV2DiscoveryFileStoreConditions + Cloud Pub/Sub topic to send notifications to. Format is + projects/{project}/topics/{topic}. + id: GooglePrivacyDlpV2PubSubNotification + GooglePrivacyDlpV2DiscoveryVertexDatasetConditions: + id: GooglePrivacyDlpV2DiscoveryVertexDatasetConditions description: >- - Requirements that must be true before a file store is scanned in - discovery for the first time. There is an AND relationship between the - top-level attributes. - type: object + Requirements that must be true before a dataset is profiled for the + first time. properties: createdAfter: description: >- - Optional. File store must have been created after this date. Used to + Vertex AI dataset must have been created after this date. Used to avoid backfilling. type: string format: google-datetime minAge: description: >- - Optional. Minimum age a file store must have. If set, the value must - be 1 hour or greater. + Minimum age a Vertex AI dataset must have. If set, the value must be + 1 hour or greater. type: string format: google-duration - cloudStorageConditions: - description: Optional. Cloud Storage conditions. - $ref: >- - #/components/schemas/GooglePrivacyDlpV2DiscoveryCloudStorageConditions - GooglePrivacyDlpV2DiscoveryCloudStorageConditions: - id: GooglePrivacyDlpV2DiscoveryCloudStorageConditions - description: >- - Requirements that must be true before a Cloud Storage bucket or object - is scanned in discovery for the first time. There is an AND relationship - between the top-level attributes. type: object + GooglePrivacyDlpV2DeltaPresenceEstimationConfig: properties: - includedObjectAttributes: - description: >- - Required. Only objects with the specified attributes will be - scanned. If an object has one of the specified attributes but is - inside an excluded bucket, it will not be scanned. Defaults to - [ALL_SUPPORTED_OBJECTS]. A profile will be created even if no - objects match the included_object_attributes. + quasiIds: type: array + description: >- + Required. Fields considered to be quasi-identifiers. No two fields + can have the same tag. items: - type: string - enumDescriptions: - - Unused. - - Scan objects regardless of the attribute. - - Scan objects with the standard storage class. - - >- - Scan objects with the nearline storage class. This will incur - retrieval fees. - - >- - Scan objects with the coldline storage class. This will incur - retrieval fees. - - >- - Scan objects with the archive storage class. This will incur - retrieval fees. - - Scan objects with the regional storage class. - - Scan objects with the multi-regional storage class. - - >- - Scan objects with the dual-regional storage class. This will - incur retrieval fees. - enum: - - CLOUD_STORAGE_OBJECT_ATTRIBUTE_UNSPECIFIED - - ALL_SUPPORTED_OBJECTS - - STANDARD - - NEARLINE - - COLDLINE - - ARCHIVE - - REGIONAL - - MULTI_REGIONAL - - DURABLE_REDUCED_AVAILABILITY - includedBucketAttributes: + $ref: '#/components/schemas/GooglePrivacyDlpV2QuasiId' + auxiliaryTables: description: >- - Required. Only objects with the specified attributes will be - scanned. Defaults to [ALL_SUPPORTED_BUCKETS] if unset. + Several auxiliary tables can be used in the analysis. Each + custom_tag used to tag a quasi-identifiers field must appear in + exactly one field of one auxiliary table. type: array items: - type: string - enumDescriptions: - - Unused. - - Scan buckets regardless of the attribute. - - >- - Buckets with - [Autoclass](https://cloud.google.com/storage/docs/autoclass) - disabled. Only one of AUTOCLASS_DISABLED or AUTOCLASS_ENABLED - should be set. - - >- - Buckets with - [Autoclass](https://cloud.google.com/storage/docs/autoclass) - enabled. Only one of AUTOCLASS_DISABLED or AUTOCLASS_ENABLED - should be set. Scanning Autoclass-enabled buckets can affect - object storage classes. - enum: - - CLOUD_STORAGE_BUCKET_ATTRIBUTE_UNSPECIFIED - - ALL_SUPPORTED_BUCKETS - - AUTOCLASS_DISABLED - - AUTOCLASS_ENABLED - GooglePrivacyDlpV2DiscoveryCloudStorageGenerationCadence: - id: GooglePrivacyDlpV2DiscoveryCloudStorageGenerationCadence - description: >- - How often existing buckets should have their profiles refreshed. New - buckets are scanned as quickly as possible depending on system capacity. - type: object - properties: - refreshFrequency: - description: >- - Optional. Data changes in Cloud Storage can't trigger reprofiling. - If you set this field, profiles are refreshed at this frequency - regardless of whether the underlying buckets have changed. Defaults - to never. + $ref: '#/components/schemas/GooglePrivacyDlpV2StatisticalTable' + regionCode: type: string - enumDescriptions: - - Unspecified. - - After the data profile is created, it will never be updated. - - The data profile can be updated up to once every 24 hours. - - The data profile can be updated up to once every 30 days. Default. - enum: - - UPDATE_FREQUENCY_UNSPECIFIED - - UPDATE_FREQUENCY_NEVER - - UPDATE_FREQUENCY_DAILY - - UPDATE_FREQUENCY_MONTHLY - inspectTemplateModifiedCadence: description: >- - Optional. Governs when to update data profiles when the inspection - rules defined by the `InspectTemplate` change. If not set, changing - the template will not cause a data profile to update. - $ref: >- - #/components/schemas/GooglePrivacyDlpV2DiscoveryInspectTemplateModifiedCadence - GooglePrivacyDlpV2OtherCloudDiscoveryTarget: - id: GooglePrivacyDlpV2OtherCloudDiscoveryTarget - description: >- - Target used to match against for discovery of resources from other - clouds. An [AWS connector in Security Command Center - (Enterprise](https://cloud.google.com/security-command-center/docs/connect-scc-to-aws) - is required to use this feature. + ISO 3166-1 alpha-2 region code to use in the statistical modeling. + Set if no column is tagged with a region-specific InfoType (like + US_ZIP_5) or a region code. type: object - properties: - dataSourceType: - description: >- - Required. The type of data profiles generated by this discovery - target. Supported values are: * aws/s3/bucket - $ref: '#/components/schemas/GooglePrivacyDlpV2DataSourceType' - filter: - description: >- - Required. The resources that the discovery cadence applies to. The - first target with a matching filter will be the one to apply to a - resource. - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryOtherCloudFilter' - conditions: - description: >- - Optional. In addition to matching the filter, these conditions must - be true before a profile is generated. - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryOtherCloudConditions' - generationCadence: - description: >- - How often and when to update data profiles. New resources that match - both the filter and conditions are scanned as quickly as possible - depending on system capacity. - $ref: >- - #/components/schemas/GooglePrivacyDlpV2DiscoveryOtherCloudGenerationCadence - disabled: - description: Disable profiling for resources that match this filter. - $ref: '#/components/schemas/GooglePrivacyDlpV2Disabled' - GooglePrivacyDlpV2DataSourceType: - id: GooglePrivacyDlpV2DataSourceType - description: Message used to identify the type of resource being profiled. + id: GooglePrivacyDlpV2DeltaPresenceEstimationConfig + description: >- + δ-presence metric, used to estimate how likely it is for an attacker to + figure out that one given individual appears in a de-identified dataset. + Similarly to the k-map metric, we cannot compute δ-presence exactly + without knowing the attack dataset, so we use a statistical model + instead. + GooglePrivacyDlpV2ExcludeByHotword: type: object properties: - dataSource: + proximity: + $ref: '#/components/schemas/GooglePrivacyDlpV2Proximity' description: >- - Output only. An identifying string to the type of resource being - profiled. Current values: * google/bigquery/table * google/project * - google/sql/table * google/gcs/bucket - readOnly: true - type: string - GooglePrivacyDlpV2DiscoveryOtherCloudFilter: - id: GooglePrivacyDlpV2DiscoveryOtherCloudFilter + Range of characters within which the entire hotword must reside. The + total length of the window cannot exceed 1000 characters. The + windowBefore property in proximity should be set to 1 if the hotword + needs to be included in a column header. + hotwordRegex: + description: Regular expression pattern defining what qualifies as a hotword. + $ref: '#/components/schemas/GooglePrivacyDlpV2Regex' + id: GooglePrivacyDlpV2ExcludeByHotword description: >- - Determines which resources from the other cloud will have profiles - generated. Includes the ability to filter by resource names. + The rule to exclude findings based on a hotword. For record inspection + of tables, column names are considered hotwords. An example of this is + to exclude a finding if it belongs to a BigQuery column that matches a + specific pattern. + GooglePrivacyDlpV2DatastoreKey: + properties: + entityKey: + $ref: '#/components/schemas/GooglePrivacyDlpV2Key' + description: Datastore entity key. + type: object + id: GooglePrivacyDlpV2DatastoreKey + description: Record key for a finding in Cloud Datastore. + GooglePrivacyDlpV2ImageLocation: type: object + description: Location of the finding within an image. properties: - collection: - description: A collection of resources for this filter to apply to. - $ref: '#/components/schemas/GooglePrivacyDlpV2OtherCloudResourceCollection' - singleResource: - description: >- - The resource to scan. Configs using this filter can only have one - target (the target with this single resource reference). - $ref: >- - #/components/schemas/GooglePrivacyDlpV2OtherCloudSingleResourceReference - others: + boundingBoxes: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2BoundingBox' description: >- - Optional. Catch-all. This should always be the last target in the - list because anything above it will apply first. Should only appear - once in a configuration. If none is specified, a default one will be - added automatically. - $ref: '#/components/schemas/GooglePrivacyDlpV2AllOtherResources' - GooglePrivacyDlpV2OtherCloudResourceCollection: - id: GooglePrivacyDlpV2OtherCloudResourceCollection - description: Match resources using regex filters. + Bounding boxes locating the pixels within the image containing the + finding. + type: array + id: GooglePrivacyDlpV2ImageLocation + GooglePrivacyDlpV2TransformationOverview: + id: GooglePrivacyDlpV2TransformationOverview type: object + description: Overview of the modifications that occurred. properties: - includeRegexes: - description: A collection of regular expressions to match a resource against. - $ref: '#/components/schemas/GooglePrivacyDlpV2OtherCloudResourceRegexes' - GooglePrivacyDlpV2OtherCloudResourceRegexes: - id: GooglePrivacyDlpV2OtherCloudResourceRegexes - description: >- - A collection of regular expressions to determine what resources to match - against. - type: object + transformationSummaries: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2TransformationSummary' + type: array + description: Transformations applied to the dataset. + transformedBytes: + description: Total size in bytes that were transformed in some way. + type: string + format: int64 + GooglePrivacyDlpV2RecordKey: properties: - patterns: - description: >- - A group of regular expression patterns to match against one or more - resources. Maximum of 100 entries. The sum of all regular - expression's length can't exceed 10 KiB. + idValues: type: array + description: >- + Values of identifying columns in the given row. Order of values + matches the order of `identifying_fields` specified in the scanning + request. items: - $ref: '#/components/schemas/GooglePrivacyDlpV2OtherCloudResourceRegex' - GooglePrivacyDlpV2OtherCloudResourceRegex: - id: GooglePrivacyDlpV2OtherCloudResourceRegex - description: >- - A pattern to match against one or more resources. At least one pattern - must be specified. Regular expressions use RE2 - [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be - found under the google/re2 repository on GitHub. + type: string + bigQueryKey: + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryKey' + description: Datastore key + datastoreKey: + $ref: '#/components/schemas/GooglePrivacyDlpV2DatastoreKey' + description: BigQuery key + id: GooglePrivacyDlpV2RecordKey + description: Message for a unique key indicating a record that contains a finding. type: object - properties: - amazonS3BucketRegex: - description: Regex for Amazon S3 buckets. - $ref: '#/components/schemas/GooglePrivacyDlpV2AmazonS3BucketRegex' - GooglePrivacyDlpV2AmazonS3BucketRegex: - id: GooglePrivacyDlpV2AmazonS3BucketRegex - description: Amazon S3 bucket regex. + GooglePrivacyDlpV2Domain: type: object + id: GooglePrivacyDlpV2Domain + description: >- + A domain represents a thematic category that a data profile can fall + under. properties: - awsAccountRegex: - description: The AWS account regex. - $ref: '#/components/schemas/GooglePrivacyDlpV2AwsAccountRegex' - bucketNameRegex: - description: >- - Optional. Regex to test the bucket name against. If empty, all - buckets match. + category: + description: A domain category that this profile is related to. + enumDescriptions: + - Category unspecified. + - >- + Indicates that the data profile is related to artificial + intelligence. When set, all findings stored to Security Command + Center will set the corresponding AI domain field of `Finding` + objects. + - Indicates that the data profile is related to code. + enum: + - CATEGORY_UNSPECIFIED + - AI + - CODE type: string - GooglePrivacyDlpV2AwsAccountRegex: - id: GooglePrivacyDlpV2AwsAccountRegex - description: AWS account regex. + signals: + description: The collection of signals that influenced selection of the category. + items: + type: string + enum: + - SIGNAL_UNSPECIFIED + - MODEL + - TEXT_EMBEDDING + - VERTEX_PLUGIN + - VECTOR_PLUGIN + - SOURCE_CODE + - SERVICE + enumDescriptions: + - Unused. + - One or more machine learning models are present. + - A table appears to be a text embedding. + - >- + The [Cloud SQL Vertex + AI](https://cloud.google.com/sql/docs/postgres/integrate-cloud-sql-with-vertex-ai) + plugin is installed on the database. + - >- + Support for [Cloud SQL vector + embeddings](https://cloud.google.com/sql/docs/mysql/enable-vector-search) + is enabled on the database. + - Source code is present. + - >- + If the service determines the category type. For example, Vertex + AI assets would always have a `Category` of `AI`. + type: array + GooglePrivacyDlpV2FileStoreDataProfile: + description: >- + The profile for a file store. * Cloud Storage: maps 1:1 with a bucket. * + Amazon S3: maps 1:1 with a bucket. type: object + id: GooglePrivacyDlpV2FileStoreDataProfile properties: - accountIdRegex: + state: + description: State of a profile. + type: string + enumDescriptions: + - Unused. + - >- + The profile is currently running. Once a profile has finished it + will transition to DONE. + - >- + The profile is no longer generating. If profile_status.status.code + is 0, the profile succeeded, otherwise, it failed. + enum: + - STATE_UNSPECIFIED + - RUNNING + - DONE + resourceAttributes: + type: object + additionalProperties: + $ref: '#/components/schemas/GooglePrivacyDlpV2Value' description: >- - Optional. Regex to test the AWS account ID against. If empty, all - accounts match. + Attributes of the resource being profiled. Currently used + attributes: * customer_managed_encryption: boolean - true: the + resource is encrypted with a customer-managed key. - false: the + resource is encrypted with a provider-managed key. + fileStoreLocation: + description: >- + The location of the file store. * Cloud Storage: + https://cloud.google.com/storage/docs/locations#available-locations + * Amazon S3: + https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints type: string - GooglePrivacyDlpV2OtherCloudSingleResourceReference: - id: GooglePrivacyDlpV2OtherCloudSingleResourceReference - description: Identifies a single resource, like a single Amazon S3 bucket. - type: object - properties: - amazonS3Bucket: - description: Amazon S3 bucket. - $ref: '#/components/schemas/GooglePrivacyDlpV2AmazonS3Bucket' - GooglePrivacyDlpV2AmazonS3Bucket: - id: GooglePrivacyDlpV2AmazonS3Bucket - description: Amazon S3 bucket. - type: object - properties: - awsAccount: - description: The AWS account. - $ref: '#/components/schemas/GooglePrivacyDlpV2AwsAccount' - bucketName: - description: Required. The bucket name. + resourceVisibility: + enum: + - RESOURCE_VISIBILITY_UNSPECIFIED + - RESOURCE_VISIBILITY_PUBLIC + - RESOURCE_VISIBILITY_INCONCLUSIVE + - RESOURCE_VISIBILITY_RESTRICTED + type: string + description: How broadly a resource has been shared. + enumDescriptions: + - Unused. + - Visible to any user. + - >- + May contain public items. For example, if a Cloud Storage bucket + has uniform bucket level access disabled, some objects inside it + may be public, but none are known yet. + - Visible only to specific users. + dataSourceType: + $ref: '#/components/schemas/GooglePrivacyDlpV2DataSourceType' + description: The resource type that was profiled. + sampleFindingsTable: + description: The BigQuery table to which the sample findings are written. + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' + dataRiskLevel: + description: The data risk level of this resource. + $ref: '#/components/schemas/GooglePrivacyDlpV2DataRiskLevel' + projectDataProfile: + description: The resource name of the project data profile for this file store. type: string - GooglePrivacyDlpV2AwsAccount: - id: GooglePrivacyDlpV2AwsAccount - description: AWS account. - type: object - properties: - accountId: - description: Required. AWS account ID. + dataStorageLocations: + type: array + items: + type: string + description: >- + For resources that have multiple storage locations, these are those + regions. For Cloud Storage this is the list of regions chosen for + dual-region storage. `file_store_location` will normally be the + corresponding multi-region for the list of individual locations. The + first region is always picked as the processing and storage location + for the data profile. + relatedResources: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2RelatedResource' + type: array + description: Resources related to this profile. + fileClusterSummaries: + description: FileClusterSummary per each cluster. + type: array + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2FileClusterSummary' + lastModifiedTime: + type: string + description: The time the file store was last modified. + format: google-datetime + locationType: type: string - GooglePrivacyDlpV2DiscoveryOtherCloudConditions: - id: GooglePrivacyDlpV2DiscoveryOtherCloudConditions - description: >- - Requirements that must be true before a resource is profiled for the - first time. - type: object - properties: - minAge: description: >- - Minimum age a resource must be before Cloud DLP can profile it. - Value must be 1 hour or greater. + The location type of the file store (region, dual-region, + multi-region, etc). If dual-region, expect data_storage_locations to + be populated. + createTime: + type: string + format: google-datetime + description: The time the file store was first created. + fileStorePath: type: string - format: google-duration - amazonS3BucketConditions: - description: Amazon S3 bucket conditions. - $ref: '#/components/schemas/GooglePrivacyDlpV2AmazonS3BucketConditions' - GooglePrivacyDlpV2AmazonS3BucketConditions: - id: GooglePrivacyDlpV2AmazonS3BucketConditions - description: Amazon S3 bucket conditions. - type: object - properties: - bucketTypes: description: >- - Optional. Bucket types that should be profiled. Optional. Defaults - to TYPE_ALL_SUPPORTED if unspecified. + The file store path. * Cloud Storage: `gs://{bucket}` * Amazon S3: + `s3://{bucket}` * Vertex AI dataset: + `projects/{project_number}/locations/{location}/datasets/{dataset_id}` + sensitivityScore: + $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' + description: The sensitivity score of this resource. + domains: + description: Domains associated with the profile. type: array items: - type: string - enumDescriptions: - - Unused. - - All supported classes. - - A general purpose Amazon S3 bucket. - enum: - - TYPE_UNSPECIFIED - - TYPE_ALL_SUPPORTED - - TYPE_GENERAL_PURPOSE - objectStorageClasses: + $ref: '#/components/schemas/GooglePrivacyDlpV2Domain' + fileStoreIsEmpty: description: >- - Optional. Object classes that should be profiled. Optional. Defaults - to ALL_SUPPORTED_CLASSES if unspecified. + The file store does not have any files. If the profiling operation + failed, this is false. + type: boolean + configSnapshot: + description: The snapshot of the configurations used to generate the profile. + $ref: '#/components/schemas/GooglePrivacyDlpV2DataProfileConfigSnapshot' + tags: type: array - items: - type: string - enumDescriptions: - - Unused. - - All supported classes. - - Standard object class. - - Standard - infrequent access object class. - - Glacier - instant retrieval object class. - - Objects in the S3 Intelligent-Tiering access tiers. - enum: - - UNSPECIFIED - - ALL_SUPPORTED_CLASSES - - STANDARD - - STANDARD_INFREQUENT_ACCESS - - GLACIER_INSTANT_RETRIEVAL - - INTELLIGENT_TIERING - GooglePrivacyDlpV2DiscoveryOtherCloudGenerationCadence: - id: GooglePrivacyDlpV2DiscoveryOtherCloudGenerationCadence - description: >- - How often existing resources should have their profiles refreshed. New - resources are scanned as quickly as possible depending on system - capacity. - type: object - properties: - refreshFrequency: description: >- - Optional. Frequency to update profiles regardless of whether the - underlying resource has changes. Defaults to never. + The tags attached to the resource, including any tags attached + during profiling. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2Tag' + name: + description: The name of the profile. type: string - enumDescriptions: - - Unspecified. - - After the data profile is created, it will never be updated. - - The data profile can be updated up to once every 24 hours. - - The data profile can be updated up to once every 30 days. Default. - enum: - - UPDATE_FREQUENCY_UNSPECIFIED - - UPDATE_FREQUENCY_NEVER - - UPDATE_FREQUENCY_DAILY - - UPDATE_FREQUENCY_MONTHLY - inspectTemplateModifiedCadence: + profileStatus: + $ref: '#/components/schemas/GooglePrivacyDlpV2ProfileStatus' description: >- - Optional. Governs when to update data profiles when the inspection - rules defined by the `InspectTemplate` change. If not set, changing - the template will not cause a data profile to update. - $ref: >- - #/components/schemas/GooglePrivacyDlpV2DiscoveryInspectTemplateModifiedCadence - GooglePrivacyDlpV2VertexDatasetDiscoveryTarget: - id: GooglePrivacyDlpV2VertexDatasetDiscoveryTarget - description: Target used to match against for discovery with Vertex AI datasets. - type: object - properties: - filter: + Success or error status from the most recent profile generation + attempt. May be empty if the profile is still being generated. + fileStoreInfoTypeSummaries: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreInfoTypeSummary' + description: InfoTypes detected in this file store. + type: array + fullResource: description: >- - Required. The datasets the discovery cadence applies to. The first - target with a matching filter will be the one to apply to a dataset. - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryVertexDatasetFilter' - conditions: + The resource name of the resource profiled. + https://cloud.google.com/apis/design/resource_names#full_resource_name + Example format of an S3 bucket full resource name: + `//cloudasset.googleapis.com/organizations/{org_id}/otherCloudConnections/aws/arn:aws:s3:::{bucket_name}` + type: string + resourceLabels: description: >- - In addition to matching the filter, these conditions must be true - before a profile is generated. - $ref: >- - #/components/schemas/GooglePrivacyDlpV2DiscoveryVertexDatasetConditions - generationCadence: + The labels applied to the resource at the time the profile was + generated. + additionalProperties: + type: string + type: object + projectId: + type: string description: >- - How often and when to update profiles. New datasets that match both - the filter and conditions are scanned as quickly as possible - depending on system capacity. - $ref: >- - #/components/schemas/GooglePrivacyDlpV2DiscoveryVertexDatasetGenerationCadence - disabled: - description: Disable profiling for datasets that match this filter. - $ref: '#/components/schemas/GooglePrivacyDlpV2Disabled' - GooglePrivacyDlpV2DiscoveryVertexDatasetFilter: - id: GooglePrivacyDlpV2DiscoveryVertexDatasetFilter - description: >- - Determines what datasets will have profiles generated within an - organization or project. Includes the ability to filter by regular - expression patterns on project ID or dataset regex. + The Google Cloud project ID that owns the resource. For Amazon S3 + buckets, this is the AWS Account Id. + profileLastGenerated: + format: google-datetime + type: string + description: The last time the profile was generated. + GooglePrivacyDlpV2StatisticalTable: type: object + description: >- + An auxiliary table containing statistical information on the relative + frequency of different quasi-identifiers values. It has one or several + quasi-identifiers columns, and one column that indicates the relative + frequency of each quasi-identifier tuple. If a tuple is present in the + data but not in the auxiliary table, the corresponding relative + frequency is assumed to be zero (and thus, the tuple is highly + reidentifiable). properties: - collection: - description: A specific set of Vertex AI datasets for this filter to apply to. - $ref: '#/components/schemas/GooglePrivacyDlpV2VertexDatasetCollection' - vertexDatasetResourceReference: - description: >- - The dataset resource to scan. Targets including this can only - include one target (the target with this dataset resource - reference). - $ref: >- - #/components/schemas/GooglePrivacyDlpV2VertexDatasetResourceReference - others: + relativeFrequency: description: >- - Catch-all. This should always be the last target in the list because - anything above it will apply first. Should only appear once in a - configuration. If none is specified, a default one will be added - automatically. - $ref: '#/components/schemas/GooglePrivacyDlpV2AllOtherResources' - GooglePrivacyDlpV2VertexDatasetCollection: - id: GooglePrivacyDlpV2VertexDatasetCollection - description: Match dataset resources using regex filters. + Required. The relative frequency column must contain a + floating-point number between 0 and 1 (inclusive). Null values are + assumed to be zero. + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + quasiIds: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2QuasiIdentifierField' + type: array + description: Required. Quasi-identifier columns. + table: + description: Required. Auxiliary table location. + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' + id: GooglePrivacyDlpV2StatisticalTable + GooglePrivacyDlpV2QuasiIdentifierField: + id: GooglePrivacyDlpV2QuasiIdentifierField type: object properties: - vertexDatasetRegexes: - description: The regex used to filter dataset resources. - $ref: '#/components/schemas/GooglePrivacyDlpV2VertexDatasetRegexes' - GooglePrivacyDlpV2VertexDatasetRegexes: - id: GooglePrivacyDlpV2VertexDatasetRegexes + field: + description: Identifies the column. + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + customTag: + description: >- + A column can be tagged with a custom tag. In this case, the user + must indicate an auxiliary table that contains statistical + information on the possible values of this column. + type: string description: >- - A collection of regular expressions to determine what datasets to match - against. + A quasi-identifier column has a custom_tag, used to know which column in + the data corresponds to which column in the statistical model. + GooglePrivacyDlpV2QuoteInfo: + description: Message for infoType-dependent details parsed from quote. + properties: + dateTime: + $ref: '#/components/schemas/GooglePrivacyDlpV2DateTime' + description: The date time indicated by the quote. type: object + id: GooglePrivacyDlpV2QuoteInfo + GooglePrivacyDlpV2DeltaPresenceEstimationQuasiIdValues: + id: GooglePrivacyDlpV2DeltaPresenceEstimationQuasiIdValues properties: - patterns: + estimatedProbability: + type: number + format: double description: >- - Required. The group of regular expression patterns to match against - one or more datasets. Maximum of 100 entries. The sum of the lengths - of all regular expressions can't exceed 10 KiB. - type: array + The estimated probability that a given individual sharing these + quasi-identifier values is in the dataset. This value, typically + called δ, is the ratio between the number of records in the dataset + with these quasi-identifier values, and the total number of + individuals (inside *and* outside the dataset) with these + quasi-identifier values. For example, if there are 15 individuals in + the dataset who share the same quasi-identifier values, and an + estimated 100 people in the entire population with these values, + then δ is 0.15. + quasiIdsValues: items: - $ref: '#/components/schemas/GooglePrivacyDlpV2VertexDatasetRegex' - GooglePrivacyDlpV2VertexDatasetRegex: - id: GooglePrivacyDlpV2VertexDatasetRegex - description: A pattern to match against one or more dataset resources. + $ref: '#/components/schemas/GooglePrivacyDlpV2Value' + type: array + description: The quasi-identifier values. + description: A tuple of values for the quasi-identifier columns. type: object - properties: - projectIdRegex: - description: >- - For organizations, if unset, will match all projects. Has no effect - for configurations created within a project. - type: string - GooglePrivacyDlpV2VertexDatasetResourceReference: - id: GooglePrivacyDlpV2VertexDatasetResourceReference - description: Identifies a single Vertex AI dataset. + GooglePrivacyDlpV2TableOptions: type: object properties: - datasetResourceName: + identifyingFields: + type: array description: >- - Required. The name of the dataset resource. If set within a - project-level configuration, the specified resource must be within - the project. - type: string - GooglePrivacyDlpV2DiscoveryVertexDatasetConditions: - id: GooglePrivacyDlpV2DiscoveryVertexDatasetConditions - description: >- - Requirements that must be true before a dataset is profiled for the - first time. + The columns that are the primary keys for table objects included in + ContentItem. A copy of this cell's value will stored alongside + alongside each finding so that the finding can be traced to the + specific row it came from. No more than 3 may be provided. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + description: Instructions regarding the table content being inspected. + id: GooglePrivacyDlpV2TableOptions + GooglePrivacyDlpV2AllOtherBigQueryTables: type: object + description: >- + Catch-all for all other tables not specified by other filters. Should + always be last, except for single-table configurations, which will only + have a TableReference target. + id: GooglePrivacyDlpV2AllOtherBigQueryTables + properties: {} + GooglePrivacyDlpV2DatabaseResourceReference: properties: - createdAfter: - description: >- - Vertex AI dataset must have been created after this date. Used to - avoid backfilling. + database: + description: Required. Name of a database within the instance. type: string - format: google-datetime - minAge: + projectId: description: >- - Minimum age a Vertex AI dataset must have. If set, the value must be - 1 hour or greater. + Required. If within a project-level config, then this must match the + config's project ID. type: string - format: google-duration - GooglePrivacyDlpV2DiscoveryVertexDatasetGenerationCadence: - id: GooglePrivacyDlpV2DiscoveryVertexDatasetGenerationCadence - description: >- - How often existing datasets should have their profiles refreshed. New - datasets are scanned as quickly as possible depending on system - capacity. - type: object - properties: - refreshFrequency: + databaseResource: description: >- - If you set this field, profiles are refreshed at this frequency - regardless of whether the underlying datasets have changed. Defaults - to never. + Required. Name of a database resource, for example, a table within + the database. type: string - enumDescriptions: - - Unspecified. - - After the data profile is created, it will never be updated. - - The data profile can be updated up to once every 24 hours. - - The data profile can be updated up to once every 30 days. Default. - enum: - - UPDATE_FREQUENCY_UNSPECIFIED - - UPDATE_FREQUENCY_NEVER - - UPDATE_FREQUENCY_DAILY - - UPDATE_FREQUENCY_MONTHLY - inspectTemplateModifiedCadence: + instance: description: >- - Governs when to update data profiles when the inspection rules - defined by the `InspectTemplate` change. If not set, changing the - template will not cause a data profile to be updated. - $ref: >- - #/components/schemas/GooglePrivacyDlpV2DiscoveryInspectTemplateModifiedCadence - GooglePrivacyDlpV2ProcessingLocation: - id: GooglePrivacyDlpV2ProcessingLocation - description: >- - Configure processing location for discovery and inspection. For example, - image OCR is only provided in limited regions but configuring - ProcessingLocation will redirect OCR to a location where OCR is - provided. + Required. The instance where this resource is located. For example: + Cloud SQL instance ID. + type: string + id: GooglePrivacyDlpV2DatabaseResourceReference type: object - properties: - imageFallbackLocation: - description: Image processing falls back using this configuration. - $ref: '#/components/schemas/GooglePrivacyDlpV2ImageFallbackLocation' - documentFallbackLocation: - description: Document processing falls back using this configuration. - $ref: '#/components/schemas/GooglePrivacyDlpV2DocumentFallbackLocation' - GooglePrivacyDlpV2ImageFallbackLocation: - id: GooglePrivacyDlpV2ImageFallbackLocation - description: >- - Configure image processing to fall back to any of the following - processing options if image processing is unavailable in the original - request location. + description: Identifies a single database resource, like a table within a database. + GooglePrivacyDlpV2DataProfileFindingLocation: + description: Location of a data profile finding within a resource. + id: GooglePrivacyDlpV2DataProfileFindingLocation type: object properties: - multiRegionProcessing: + dataProfileFindingRecordLocation: description: >- - Processing occurs in a multi-region that contains the current region - if available. - $ref: '#/components/schemas/GooglePrivacyDlpV2MultiRegionProcessing' - globalProcessing: - description: Processing occurs in the global region. - $ref: '#/components/schemas/GooglePrivacyDlpV2GlobalProcessing' - GooglePrivacyDlpV2MultiRegionProcessing: - id: GooglePrivacyDlpV2MultiRegionProcessing - description: >- - Processing occurs in a multi-region that contains the current region if - available. - type: object - properties: {} - GooglePrivacyDlpV2GlobalProcessing: - id: GooglePrivacyDlpV2GlobalProcessing - description: Processing occurs in the global region. - type: object - properties: {} - GooglePrivacyDlpV2DocumentFallbackLocation: - id: GooglePrivacyDlpV2DocumentFallbackLocation - description: >- - Configure document processing to fall back to any of the following - processing options if document processing is unavailable in the original - request location. - type: object - properties: - multiRegionProcessing: + Location of a finding within a resource that produces a table data + profile. + $ref: >- + #/components/schemas/GooglePrivacyDlpV2DataProfileFindingRecordLocation + containerName: description: >- - Processing occurs in a multi-region that contains the current region - if available. - $ref: '#/components/schemas/GooglePrivacyDlpV2MultiRegionProcessing' - globalProcessing: - description: Processing occurs in the global region. - $ref: '#/components/schemas/GooglePrivacyDlpV2GlobalProcessing' - GooglePrivacyDlpV2UpdateDiscoveryConfigRequest: - id: GooglePrivacyDlpV2UpdateDiscoveryConfigRequest - description: Request message for UpdateDiscoveryConfig. - type: object - properties: - discoveryConfig: - description: Required. New DiscoveryConfig value. - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' - updateMask: - description: Mask to control which fields get updated. + Name of the container where the finding is located. The top-level + name is the source file name or table name. Names of some common + storage containers are formatted as follows: * BigQuery tables: + `{project_id}:{dataset_id}.{table_id}` * Cloud Storage files: + `gs://{bucket}/{path}` type: string - format: google-fieldmask - GooglePrivacyDlpV2ListDiscoveryConfigsResponse: - id: GooglePrivacyDlpV2ListDiscoveryConfigsResponse - description: Response message for ListDiscoveryConfigs. + GooglePrivacyDlpV2RecordCondition: + id: GooglePrivacyDlpV2RecordCondition type: object - properties: - discoveryConfigs: - description: List of configs, up to page_size in ListDiscoveryConfigsRequest. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' - nextPageToken: - description: >- - If the next page is available then this value is the next page token - to be used in the following ListDiscoveryConfigs request. - type: string - GooglePrivacyDlpV2CreateDlpJobRequest: - id: GooglePrivacyDlpV2CreateDlpJobRequest description: >- - Request message for CreateDlpJobRequest. Used to initiate long running - jobs such as calculating risk metrics or inspecting Google Cloud - Storage. + A condition for determining whether a transformation should be applied + to a field. + properties: + expressions: + description: An expression. + $ref: '#/components/schemas/GooglePrivacyDlpV2Expressions' + GooglePrivacyDlpV2AnalyzeDataSourceRiskDetails: type: object + description: Result of a risk analysis operation request. + properties: + lDiversityResult: + $ref: '#/components/schemas/GooglePrivacyDlpV2LDiversityResult' + description: L-divesity result + kMapEstimationResult: + $ref: '#/components/schemas/GooglePrivacyDlpV2KMapEstimationResult' + description: K-map result + kAnonymityResult: + description: K-anonymity result + $ref: '#/components/schemas/GooglePrivacyDlpV2KAnonymityResult' + requestedOptions: + description: The configuration used for this job. + $ref: '#/components/schemas/GooglePrivacyDlpV2RequestedRiskAnalysisOptions' + categoricalStatsResult: + $ref: '#/components/schemas/GooglePrivacyDlpV2CategoricalStatsResult' + description: Categorical stats result + requestedPrivacyMetric: + $ref: '#/components/schemas/GooglePrivacyDlpV2PrivacyMetric' + description: Privacy metric to compute. + requestedSourceTable: + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' + description: Input dataset to compute metrics over. + deltaPresenceEstimationResult: + description: Delta-presence result + $ref: '#/components/schemas/GooglePrivacyDlpV2DeltaPresenceEstimationResult' + numericalStatsResult: + description: Numerical stats result + $ref: '#/components/schemas/GooglePrivacyDlpV2NumericalStatsResult' + id: GooglePrivacyDlpV2AnalyzeDataSourceRiskDetails + GooglePrivacyDlpV2BigQueryRegex: properties: - inspectJob: - description: An inspection job scans a storage repository for InfoTypes. - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectJobConfig' - riskJob: - description: >- - A risk analysis job calculates re-identification risk metrics for a - BigQuery table. - $ref: '#/components/schemas/GooglePrivacyDlpV2RiskAnalysisJobConfig' - jobId: + tableIdRegex: + type: string + description: If unset, this property matches all tables. + projectIdRegex: description: >- - The job id can contain uppercase and lowercase letters, numbers, and - hyphens; that is, it must match the regular expression: - `[a-zA-Z\d-_]+`. The maximum length is 100 characters. Can be empty - to allow the system to generate one. + For organizations, if unset, will match all projects. Has no effect + for data profile configurations created within a project. type: string - locationId: - description: Deprecated. This field has no effect. + datasetIdRegex: + description: If unset, this property matches all datasets. type: string - GooglePrivacyDlpV2ListDlpJobsResponse: - id: GooglePrivacyDlpV2ListDlpJobsResponse - description: The response message for listing DLP jobs. + description: >- + A pattern to match against one or more tables, datasets, or projects + that contain BigQuery tables. At least one pattern must be specified. + Regular expressions use RE2 + [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be + found under the google/re2 repository on GitHub. + id: GooglePrivacyDlpV2BigQueryRegex type: object - properties: - jobs: - description: A list of DlpJobs that matches the specified filter in the request. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2DlpJob' - nextPageToken: - description: The standard List next-page token. - type: string - GooglePrivacyDlpV2CancelDlpJobRequest: - id: GooglePrivacyDlpV2CancelDlpJobRequest - description: The request message for canceling a DLP job. + GooglePrivacyDlpV2DataProfileFindingRecordLocation: type: object - properties: {} - GooglePrivacyDlpV2CreateStoredInfoTypeRequest: - id: GooglePrivacyDlpV2CreateStoredInfoTypeRequest - description: Request message for CreateStoredInfoType. + description: >- + Location of a finding within a resource that produces a table data + profile. + properties: + field: + description: Field ID of the column containing the finding. + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + id: GooglePrivacyDlpV2DataProfileFindingRecordLocation + GooglePrivacyDlpV2LDiversityResult: + id: GooglePrivacyDlpV2LDiversityResult + description: Result of the l-diversity computation. type: object properties: - config: - description: Required. Configuration of the storedInfoType to create. - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoTypeConfig' - storedInfoTypeId: + sensitiveValueFrequencyHistogramBuckets: description: >- - The storedInfoType ID can contain uppercase and lowercase letters, - numbers, and hyphens; that is, it must match the regular expression: - `[a-zA-Z\d-_]+`. The maximum length is 100 characters. Can be empty - to allow the system to generate one. - type: string - locationId: - description: Deprecated. This field has no effect. - type: string - GooglePrivacyDlpV2StoredInfoTypeConfig: - id: GooglePrivacyDlpV2StoredInfoTypeConfig - description: >- - Configuration for stored infoTypes. All fields and subfield are provided - by the user. For more information, see - https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes. + Histogram of l-diversity equivalence class sensitive value + frequencies. + type: array + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2LDiversityHistogramBucket' + GooglePrivacyDlpV2TableReference: type: object properties: - displayName: - description: Display name of the StoredInfoType (max 256 characters). + tableId: type: string - description: - description: Description of the StoredInfoType (max 256 characters). + description: Name of the table. + datasetId: + description: Dataset ID of the table. type: string - largeCustomDictionary: + projectId: description: >- - StoredInfoType where findings are defined by a dictionary of - phrases. - $ref: '#/components/schemas/GooglePrivacyDlpV2LargeCustomDictionaryConfig' - dictionary: - description: Store dictionary-based CustomInfoType. - $ref: '#/components/schemas/GooglePrivacyDlpV2Dictionary' - regex: - description: Store regular expression-based StoredInfoType. - $ref: '#/components/schemas/GooglePrivacyDlpV2Regex' - GooglePrivacyDlpV2LargeCustomDictionaryConfig: - id: GooglePrivacyDlpV2LargeCustomDictionaryConfig + The Google Cloud project ID of the project containing the table. If + omitted, the project ID is inferred from the parent project. This + field is required if the parent resource is an organization. + type: string description: >- - Configuration for a custom dictionary created from a data source of any - size up to the maximum size defined in the - [limits](https://cloud.google.com/sensitive-data-protection/limits) - page. The artifacts of dictionary creation are stored in the specified - Cloud Storage location. Consider using `CustomInfoType.Dictionary` for - smaller dictionaries that satisfy the size requirements. + Message defining the location of a BigQuery table with the projectId + inferred from the parent project. + id: GooglePrivacyDlpV2TableReference + GooglePrivacyDlpV2CloudStorageOptions: type: object + description: Options defining a file or a set of files within a Cloud Storage bucket. properties: - outputPath: + bytesLimitPerFilePercent: + format: int32 description: >- - Location to store dictionary artifacts in Cloud Storage. These files - will only be accessible by project owners and the DLP API. If any of - these artifacts are modified, the dictionary is considered invalid - and can no longer be used. - $ref: '#/components/schemas/GooglePrivacyDlpV2CloudStoragePath' - cloudStorageFileSet: + Max percentage of bytes to scan from a file. The rest are omitted. + The number of bytes scanned is rounded down. Must be between 0 and + 100, inclusively. Both 0 and 100 means no limit. Defaults to 0. Only + one of bytes_limit_per_file and bytes_limit_per_file_percent can be + specified. This field can't be set if de-identification is + requested. For certain file types, setting this field has no effect. + For more information, see [Limits on bytes scanned per + file](https://cloud.google.com/sensitive-data-protection/docs/supported-file-types#max-byte-size-per-file). + type: integer + fileTypes: + type: array description: >- - Set of files containing newline-delimited lists of dictionary - phrases. - $ref: '#/components/schemas/GooglePrivacyDlpV2CloudStorageFileSet' - bigQueryField: + List of file type groups to include in the scan. If empty, all files + are scanned and available data format processors are applied. In + addition, the binary content of the selected files is always scanned + as well. Images are scanned only as binary if the specified region + does not support image inspection and no file_types were specified. + Image inspection is restricted to 'global', 'us', 'asia', and + 'europe'. + items: + enumDescriptions: + - Includes all files. + - >- + Includes all file extensions not covered by another entry. + Binary scanning attempts to convert the content of the file to + utf_8 to scan the file. If you wish to avoid this fall back, + specify one or more of the other file types in your storage + scan. + - >- + Included file extensions: asc,asp, aspx, brf, c, cc,cfm, cgi, + cpp, csv, cxx, c++, cs, css, dart, dat, dot, eml,, epbub, ged, + go, h, hh, hpp, hxx, h++, hs, html, htm, mkd, markdown, m, ml, + mli, perl, pl, plist, pm, php, phtml, pht, properties, py, pyw, + rb, rbw, rs, rss, rc, scala, sh, sql, swift, tex, shtml, shtm, + xhtml, lhs, ics, ini, java, js, json, jsonl, kix, kml, ocaml, + md, txt, text, tsv, vb, vcard, vcs, wml, xcodeproj, xml, xsl, + xsd, yml, yaml. + - >- + Included file extensions: bmp, gif, jpg, jpeg, jpe, png. Setting + bytes_limit_per_file or bytes_limit_per_file_percent has no + effect on image files. Image inspection is restricted to the + `global`, `us`, `asia`, and `europe` regions. + - >- + Microsoft Word files larger than 30 MB will be scanned as binary + files. Included file extensions: docx, dotx, docm, dotm. Setting + `bytes_limit_per_file` or `bytes_limit_per_file_percent` has no + effect on Word files. + - >- + PDF files larger than 30 MB will be scanned as binary files. + Included file extensions: pdf. Setting `bytes_limit_per_file` or + `bytes_limit_per_file_percent` has no effect on PDF files. + - 'Included file extensions: avro' + - 'Included file extensions: csv' + - 'Included file extensions: tsv' + - >- + Microsoft PowerPoint files larger than 30 MB will be scanned as + binary files. Included file extensions: pptx, pptm, potx, potm, + pot. Setting `bytes_limit_per_file` or + `bytes_limit_per_file_percent` has no effect on PowerPoint + files. + - >- + Microsoft Excel files larger than 30 MB will be scanned as + binary files. Included file extensions: xlsx, xlsm, xltx, xltm. + Setting `bytes_limit_per_file` or `bytes_limit_per_file_percent` + has no effect on Excel files. + type: string + enum: + - FILE_TYPE_UNSPECIFIED + - BINARY_FILE + - TEXT_FILE + - IMAGE + - WORD + - PDF + - AVRO + - CSV + - TSV + - POWERPOINT + - EXCEL + fileSet: + description: The set of one or more files to scan. + $ref: '#/components/schemas/GooglePrivacyDlpV2FileSet' + sampleMethod: + enumDescriptions: + - No sampling. + - Scan from the top (default). + - >- + For each file larger than bytes_limit_per_file, randomly pick the + offset to start scanning. The scanned bytes are contiguous. + type: string + enum: + - SAMPLE_METHOD_UNSPECIFIED + - TOP + - RANDOM_START + description: How to sample the data. + bytesLimitPerFile: + type: string description: >- - Field in a BigQuery table where each cell represents a dictionary - phrase. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryField' - GooglePrivacyDlpV2CloudStorageFileSet: - id: GooglePrivacyDlpV2CloudStorageFileSet - description: Message representing a set of files in Cloud Storage. + Max number of bytes to scan from a file. If a scanned file's size is + bigger than this value then the rest of the bytes are omitted. Only + one of `bytes_limit_per_file` and `bytes_limit_per_file_percent` can + be specified. This field can't be set if de-identification is + requested. For certain file types, setting this field has no effect. + For more information, see [Limits on bytes scanned per + file](https://cloud.google.com/sensitive-data-protection/docs/supported-file-types#max-byte-size-per-file). + format: int64 + filesLimitPercent: + format: int32 + description: >- + Limits the number of files to scan to this percentage of the input + FileSet. Number of files scanned is rounded down. Must be between 0 + and 100, inclusively. Both 0 and 100 means no limit. Defaults to 0. + type: integer + id: GooglePrivacyDlpV2CloudStorageOptions + GooglePrivacyDlpV2ByteContentItem: + id: GooglePrivacyDlpV2ByteContentItem type: object properties: - url: - description: >- - The url, in the format `gs:///`. Trailing wildcard in the path is - allowed. + data: + format: byte type: string - GooglePrivacyDlpV2BigQueryField: - id: GooglePrivacyDlpV2BigQueryField - description: Message defining a field of a BigQuery table. - type: object + description: Content data to inspect or redact. + type: + enumDescriptions: + - Unused + - Any image type. + - jpeg + - bmp + - png + - svg + - plain text + - docx, docm, dotx, dotm + - pdf + - pptx, pptm, potx, potm, pot + - xlsx, xlsm, xltx, xltm + - avro + - csv + - tsv + - Audio file types. Only used for profiling. + - Video file types. Only used for profiling. + - Executable file types. Only used for profiling. + - AI model file types. Only used for profiling. + type: string + description: >- + The type of data stored in the bytes string. Default will be + TEXT_UTF8. + enum: + - BYTES_TYPE_UNSPECIFIED + - IMAGE + - IMAGE_JPEG + - IMAGE_BMP + - IMAGE_PNG + - IMAGE_SVG + - TEXT_UTF8 + - WORD_DOCUMENT + - PDF + - POWERPOINT_DOCUMENT + - EXCEL_DOCUMENT + - AVRO + - CSV + - TSV + - AUDIO + - VIDEO + - EXECUTABLE + - AI_MODEL + description: Container for bytes to inspect or redact. + GooglePrivacyDlpV2RequestedRiskAnalysisOptions: properties: - table: - description: Source table of the field. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' - field: - description: Designated field in the BigQuery table. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - GooglePrivacyDlpV2StoredInfoType: - id: GooglePrivacyDlpV2StoredInfoType - description: >- - StoredInfoType resource message that contains information about the - current version and any pending updates. + jobConfig: + description: The job config for the risk job. + $ref: '#/components/schemas/GooglePrivacyDlpV2RiskAnalysisJobConfig' + id: GooglePrivacyDlpV2RequestedRiskAnalysisOptions + type: object + description: Risk analysis options. + GooglePrivacyDlpV2AllInfoTypes: + type: object + properties: {} + id: GooglePrivacyDlpV2AllInfoTypes + description: Apply transformation to all findings. + GooglePrivacyDlpV2PublishToChronicle: + id: GooglePrivacyDlpV2PublishToChronicle + type: object + properties: {} + description: Message expressing intention to publish to Google Security Operations. + GooglePrivacyDlpV2Trigger: + description: What event needs to occur for a new job to be started. type: object + id: GooglePrivacyDlpV2Trigger properties: - name: - description: Resource name. - type: string - currentVersion: - description: Current version of the stored info type. - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoTypeVersion' - pendingVersions: + manual: description: >- - Pending versions of the stored info type. Empty if no versions are - pending. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoTypeVersion' - GooglePrivacyDlpV2StoredInfoTypeVersion: - id: GooglePrivacyDlpV2StoredInfoTypeVersion - description: >- - Version of a StoredInfoType, including the configuration used to build - it, create timestamp, and current state. + For use with hybrid jobs. Jobs must be manually created and + finished. + $ref: '#/components/schemas/GooglePrivacyDlpV2Manual' + schedule: + description: Create a job on a repeating basis based on the elapse of time. + $ref: '#/components/schemas/GooglePrivacyDlpV2Schedule' + GooglePrivacyDlpV2MetadataLocation: type: object properties: - config: - description: StoredInfoType configuration. - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoTypeConfig' - createTime: - description: >- - Create timestamp of the version. Read-only, determined by the system - when the version is created. - type: string - format: google-datetime - state: - description: >- - Stored info type version state. Read-only, updated by the system - during dictionary creation. - type: string + type: enumDescriptions: - Unused - - StoredInfoType version is being created. - - StoredInfoType version is ready for use. - - >- - StoredInfoType creation failed. All relevant error messages are - returned in the `StoredInfoTypeVersion` message. - - >- - StoredInfoType is no longer valid because artifacts stored in - user-controlled storage were modified. To fix an invalid - StoredInfoType, use the `UpdateStoredInfoType` method to create a - new version. + - General file metadata provided by Cloud Storage. + description: Type of metadata containing the finding. enum: - - STORED_INFO_TYPE_STATE_UNSPECIFIED - - PENDING - - READY - - FAILED - - INVALID - errors: - description: >- - Errors that occurred when creating this storedInfoType version, or - anomalies detected in the storedInfoType data that render it - unusable. Only the five most recent errors will be displayed, with - the most recent error appearing first. For example, some of the data - for stored custom dictionaries is put in the user's Cloud Storage - bucket, and if this data is modified or deleted by the user or - another system, the dictionary becomes invalid. If any errors occur, - fix the problem indicated by the error message and use the - UpdateStoredInfoType API method to create another version of the - storedInfoType to continue using it, reusing the same `config` if it - was not the source of the error. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Error' - stats: - description: Statistics about this storedInfoType version. - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoTypeStats' - GooglePrivacyDlpV2StoredInfoTypeStats: - id: GooglePrivacyDlpV2StoredInfoTypeStats - description: Statistics for a StoredInfoType. - type: object + - METADATATYPE_UNSPECIFIED + - STORAGE_METADATA + type: string + storageLabel: + description: Storage metadata. + $ref: '#/components/schemas/GooglePrivacyDlpV2StorageMetadataLabel' + id: GooglePrivacyDlpV2MetadataLocation + description: Metadata Location + GooglePrivacyDlpV2HybridContentItem: properties: - largeCustomDictionary: - description: >- - StoredInfoType where findings are defined by a dictionary of - phrases. - $ref: '#/components/schemas/GooglePrivacyDlpV2LargeCustomDictionaryStats' - GooglePrivacyDlpV2LargeCustomDictionaryStats: - id: GooglePrivacyDlpV2LargeCustomDictionaryStats - description: Summary statistics of a custom dictionary. + item: + $ref: '#/components/schemas/GooglePrivacyDlpV2ContentItem' + description: The item to inspect. + findingDetails: + $ref: '#/components/schemas/GooglePrivacyDlpV2HybridFindingDetails' + description: Supplementary information that will be added to each finding. + description: >- + An individual hybrid item to inspect. Will be stored temporarily during + processing. + id: GooglePrivacyDlpV2HybridContentItem + type: object + GooglePrivacyDlpV2AllText: + type: object + id: GooglePrivacyDlpV2AllText + description: Apply to all text. + properties: {} + GooglePrivacyDlpV2PublishToPubSub: + id: GooglePrivacyDlpV2PublishToPubSub type: object properties: - approxNumPhrases: - description: Approximate number of distinct phrases in the dictionary. + topic: type: string - format: int64 - GooglePrivacyDlpV2UpdateStoredInfoTypeRequest: - id: GooglePrivacyDlpV2UpdateStoredInfoTypeRequest - description: Request message for UpdateStoredInfoType. + description: >- + Cloud Pub/Sub topic to send notifications to. The topic must have + given publishing access rights to the DLP API service account + executing the long running DlpJob sending the notifications. Format + is projects/{project}/topics/{topic}. + description: >- + Publish a message into a given Pub/Sub topic when DlpJob has completed. + The message contains a single field, `DlpJobName`, which is equal to the + finished job's + [`DlpJob.name`](https://cloud.google.com/sensitive-data-protection/docs/reference/rest/v2/projects.dlpJobs#DlpJob). + Compatible with: Inspect, Risk + GooglePrivacyDlpV2InfoTypeLimit: + description: >- + Max findings configuration per infoType, per content item or long + running DlpJob. type: object properties: - config: + maxFindings: + type: integer + format: int32 + description: Max findings limit for the given infoType. + infoType: + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' description: >- - Updated configuration for the storedInfoType. If not provided, a new - version of the storedInfoType will be created with the existing - configuration. - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoTypeConfig' - updateMask: - description: Mask to control which fields get updated. - type: string - format: google-fieldmask - GooglePrivacyDlpV2ListStoredInfoTypesResponse: - id: GooglePrivacyDlpV2ListStoredInfoTypesResponse - description: Response message for ListStoredInfoTypes. + Type of information the findings limit applies to. Only one limit + per info_type should be provided. If InfoTypeLimit does not have an + info_type, the DLP API applies the limit against all info_types that + are found but not specified in another InfoTypeLimit. + id: GooglePrivacyDlpV2InfoTypeLimit + GooglePrivacyDlpV2CancelDlpJobRequest: + properties: {} + description: The request message for canceling a DLP job. + type: object + id: GooglePrivacyDlpV2CancelDlpJobRequest + GooglePrivacyDlpV2BigQueryTable: + id: GooglePrivacyDlpV2BigQueryTable + description: >- + Message defining the location of a BigQuery table. A table is uniquely + identified by its project_id, dataset_id, and table_name. Within a query + a table is often referenced with a string in the format of: `:.` or + `..`. type: object properties: - storedInfoTypes: + datasetId: + description: Dataset ID of the table. + type: string + tableId: + type: string + description: Name of the table. + projectId: description: >- - List of storedInfoTypes, up to page_size in - ListStoredInfoTypesRequest. + The Google Cloud project ID of the project containing the table. If + omitted, project ID is inferred from the API call. + type: string + GooglePrivacyDlpV2TagFilters: + id: GooglePrivacyDlpV2TagFilters + properties: + tagFilters: type: array items: - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' - nextPageToken: + $ref: '#/components/schemas/GooglePrivacyDlpV2TagFilter' description: >- - If the next page is available then the next page token to be used in - the following ListStoredInfoTypes request. - type: string - GooglePrivacyDlpV2ListProjectDataProfilesResponse: - id: GooglePrivacyDlpV2ListProjectDataProfilesResponse - description: List of profiles generated for a given organization or project. + Required. A resource must match ALL of the specified tag filters to + be included in the collection. + description: Tags to match against for filtering. + type: object + GooglePrivacyDlpV2KMapEstimationConfig: + description: >- + Reidentifiability metric. This corresponds to a risk model similar to + what is called "journalist risk" in the literature, except the attack + dataset is statistically modeled instead of being perfectly known. This + can be done using publicly available data (like the US Census), or using + a custom statistical model (indicated as one or several BigQuery + tables), or by extrapolating from the distribution of values in the + input dataset. + id: GooglePrivacyDlpV2KMapEstimationConfig type: object properties: - projectDataProfiles: - description: List of data profiles. + auxiliaryTables: + description: >- + Several auxiliary tables can be used in the analysis. Each + custom_tag used to tag a quasi-identifiers column must appear in + exactly one column of one auxiliary table. type: array items: - $ref: '#/components/schemas/GooglePrivacyDlpV2ProjectDataProfile' - nextPageToken: - description: The next page token. + $ref: '#/components/schemas/GooglePrivacyDlpV2AuxiliaryTable' + regionCode: type: string - GooglePrivacyDlpV2ProjectDataProfile: - id: GooglePrivacyDlpV2ProjectDataProfile + description: >- + ISO 3166-1 alpha-2 region code to use in the statistical modeling. + Set if no column is tagged with a region-specific InfoType (like + US_ZIP_5) or a region code. + quasiIds: + description: >- + Required. Fields considered to be quasi-identifiers. No two columns + can have the same tag. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2TaggedField' + type: array + GooglePrivacyDlpV2StoredInfoType: description: >- - An aggregated profile for this project, based on the resources profiled - within it. + StoredInfoType resource message that contains information about the + current version and any pending updates. type: object + id: GooglePrivacyDlpV2StoredInfoType properties: name: - description: The resource name of the profile. - type: string - projectId: - description: Project ID or account that was profiled. - type: string - profileLastGenerated: - description: The last time the profile was generated. + description: Resource name. type: string - format: google-datetime - sensitivityScore: - description: The sensitivity score of this project. - $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' - dataRiskLevel: - description: The data risk level of this project. - $ref: '#/components/schemas/GooglePrivacyDlpV2DataRiskLevel' - profileStatus: - description: Success or error status of the last attempt to profile the project. - $ref: '#/components/schemas/GooglePrivacyDlpV2ProfileStatus' - tableDataProfileCount: - description: The number of table data profiles generated for this project. + currentVersion: + description: Current version of the stored info type. + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoTypeVersion' + pendingVersions: + description: >- + Pending versions of the stored info type. Empty if no versions are + pending. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoTypeVersion' + type: array + GooglePrivacyDlpV2CreateJobTriggerRequest: + description: Request message for CreateJobTrigger. + properties: + triggerId: type: string - format: int64 - fileStoreDataProfileCount: - description: The number of file store data profiles generated for this project. + description: >- + The trigger id can contain uppercase and lowercase letters, numbers, + and hyphens; that is, it must match the regular expression: + `[a-zA-Z\d-_]+`. The maximum length is 100 characters. Can be empty + to allow the system to generate one. + locationId: + description: Deprecated. This field has no effect. type: string - format: int64 + jobTrigger: + $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' + description: Required. The JobTrigger to create. + type: object + id: GooglePrivacyDlpV2CreateJobTriggerRequest + GooglePrivacyDlpV2DataProfileAction: + type: object + properties: + tagResources: + $ref: '#/components/schemas/GooglePrivacyDlpV2TagResources' + description: Tags the profiled resources with the specified tag values. + pubSubNotification: + description: Publish a message into the Pub/Sub topic. + $ref: '#/components/schemas/GooglePrivacyDlpV2PubSubNotification' + exportData: + description: Export data profiles into a provided location. + $ref: '#/components/schemas/GooglePrivacyDlpV2Export' + publishToDataplexCatalog: + description: >- + Publishes a portion of each profile to Dataplex Universal Catalog + with the aspect type Sensitive Data Protection Profile. + $ref: '#/components/schemas/GooglePrivacyDlpV2PublishToDataplexCatalog' + publishToScc: + description: Publishes findings to Security Command Center for each data profile. + $ref: >- + #/components/schemas/GooglePrivacyDlpV2PublishToSecurityCommandCenter + publishToChronicle: + $ref: '#/components/schemas/GooglePrivacyDlpV2PublishToChronicle' + description: >- + Publishes generated data profiles to Google Security Operations. For + more information, see [Use Sensitive Data Protection data in + context-aware + analytics](https://cloud.google.com/chronicle/docs/detection/usecase-dlp-high-risk-user-download). + id: GooglePrivacyDlpV2DataProfileAction + description: A task to execute when a data profile has been generated. GooglePrivacyDlpV2DataRiskLevel: id: GooglePrivacyDlpV2DataRiskLevel - description: >- - Score is a summary of all elements in the data profile. A higher number - means more risk. type: object properties: score: - description: The score applied to the resource. - type: string enumDescriptions: - Unused. - >- @@ -7207,672 +7012,816 @@ components: - RISK_UNKNOWN - RISK_MODERATE - RISK_HIGH - GooglePrivacyDlpV2ProfileStatus: - id: GooglePrivacyDlpV2ProfileStatus - description: Success or errors for the profile generation. - type: object - properties: - status: - description: >- - Profiling status code and optional message. The `status.code` value - is 0 (default value) for OK. - $ref: '#/components/schemas/GoogleRpcStatus' - timestamp: - description: Time when the profile generation status was updated - type: string - format: google-datetime - GooglePrivacyDlpV2ListTableDataProfilesResponse: - id: GooglePrivacyDlpV2ListTableDataProfilesResponse - description: List of profiles generated for a given organization or project. - type: object - properties: - tableDataProfiles: - description: List of data profiles. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2TableDataProfile' - nextPageToken: - description: The next page token. + description: The score applied to the resource. type: string - GooglePrivacyDlpV2TableDataProfile: - id: GooglePrivacyDlpV2TableDataProfile - description: The profile for a scanned table. - type: object + description: >- + Score is a summary of all elements in the data profile. A higher number + means more risk. + GooglePrivacyDlpV2DeltaPresenceEstimationHistogramBucket: properties: - name: - description: The name of the profile. - type: string - dataSourceType: - description: The resource type that was profiled. - $ref: '#/components/schemas/GooglePrivacyDlpV2DataSourceType' - projectDataProfile: - description: The resource name of the project data profile for this table. + minProbability: + type: number + description: Between 0 and 1. + format: double + maxProbability: + description: Always greater than or equal to min_probability. + type: number + format: double + bucketSize: type: string - datasetProjectId: - description: The Google Cloud project ID that owns the resource. + description: Number of records within these probability bounds. + format: int64 + bucketValueCount: type: string - datasetLocation: + format: int64 description: >- - If supported, the location where the dataset's data is stored. See - https://cloud.google.com/bigquery/docs/locations for supported - locations. - type: string - datasetId: - description: If the resource is BigQuery, the dataset ID. + Total number of distinct quasi-identifier tuple values in this + bucket. + bucketValues: + description: >- + Sample of quasi-identifier tuple values in this bucket. The total + number of classes returned per bucket is capped at 20. + items: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2DeltaPresenceEstimationQuasiIdValues + type: array + id: GooglePrivacyDlpV2DeltaPresenceEstimationHistogramBucket + type: object + description: >- + A DeltaPresenceEstimationHistogramBucket message with the following + values: min_probability: 0.1 max_probability: 0.2 frequency: 42 means + that there are 42 records for which δ is in [0.1, 0.2). An important + particular case is when min_probability = max_probability = 1: then, + every individual who shares this quasi-identifier combination is in the + dataset. + GooglePrivacyDlpV2UpdateJobTriggerRequest: + properties: + jobTrigger: + description: New JobTrigger value. + $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' + updateMask: + description: Mask to control which fields get updated. type: string - tableId: - description: The table ID. + format: google-fieldmask + id: GooglePrivacyDlpV2UpdateJobTriggerRequest + type: object + description: Request message for UpdateJobTrigger. + GooglePrivacyDlpV2JobTrigger: + type: object + description: >- + Contains a configuration to make API calls on a repeating basis. See + https://cloud.google.com/sensitive-data-protection/docs/concepts-job-triggers + to learn more. + properties: + displayName: type: string - fullResource: - description: >- - The Cloud Asset Inventory resource that was profiled in order to - generate this TableDataProfile. - https://cloud.google.com/apis/design/resource_names#full_resource_name + description: Display name (max 100 chars) + inspectJob: + description: For inspect jobs, a snapshot of the configuration. + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectJobConfig' + name: type: string - profileStatus: - description: >- - Success or error status from the most recent profile generation - attempt. May be empty if the profile is still being generated. - $ref: '#/components/schemas/GooglePrivacyDlpV2ProfileStatus' - state: description: >- - State of a profile. This will always be set to DONE when the table - data profile is written to another service like BigQuery or Pub/Sub. + Unique resource name for the triggeredJob, assigned by the service + when the triggeredJob is created, for example + `projects/dlp-test-project/jobTriggers/53234423`. + updateTime: type: string + description: Output only. The last update timestamp of a triggeredJob. + format: google-datetime + readOnly: true + status: + enum: + - STATUS_UNSPECIFIED + - HEALTHY + - PAUSED + - CANCELLED enumDescriptions: - Unused. - - >- - The profile is currently running. Once a profile has finished it - will transition to DONE. - - >- - The profile is no longer generating. If profile_status.status.code - is 0, the profile succeeded, otherwise, it failed. - enum: - - STATE_UNSPECIFIED - - RUNNING - - DONE - sensitivityScore: - description: The sensitivity score of this table. - $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' - dataRiskLevel: - description: The data risk level of this table. - $ref: '#/components/schemas/GooglePrivacyDlpV2DataRiskLevel' - predictedInfoTypes: - description: The infoTypes predicted from this table's data. - type: array + - Trigger is healthy. + - Trigger is temporarily paused. + - Trigger is cancelled and can not be resumed. + description: Required. A status for this trigger. + type: string + description: + description: User provided description (max 256 chars) + type: string + triggers: items: - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeSummary' - otherInfoTypes: - description: Other infoTypes found in this table's data. + $ref: '#/components/schemas/GooglePrivacyDlpV2Trigger' + description: >- + A list of triggers which will be OR'ed together. Only one in the + list needs to trigger for a job to be started. The list may contain + only a single Schedule trigger and must have at least one object. type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2OtherInfoTypeSummary' - configSnapshot: - description: The snapshot of the configurations used to generate the profile. - $ref: '#/components/schemas/GooglePrivacyDlpV2DataProfileConfigSnapshot' - lastModifiedTime: - description: The time when this table was last modified - type: string + createTime: + description: Output only. The creation timestamp of a triggeredJob. format: google-datetime - expirationTime: - description: Optional. The time when this table expires. type: string + readOnly: true + errors: + type: array + description: >- + Output only. A stream of errors encountered when the trigger was + activated. Repeated errors may result in the JobTrigger + automatically being paused. Will return the last 100 errors. + Whenever the JobTrigger is modified this list will be cleared. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2Error' + readOnly: true + lastRunTime: + description: Output only. The timestamp of the last time this trigger executed. format: google-datetime - scannedColumnCount: - description: The number of columns profiled in the table. type: string - format: int64 - failedColumnCount: - description: The number of columns skipped in the table because of an error. + readOnly: true + id: GooglePrivacyDlpV2JobTrigger + GooglePrivacyDlpV2SearchConnectionsResponse: + description: Response message for SearchConnections. + id: GooglePrivacyDlpV2SearchConnectionsResponse + properties: + nextPageToken: + description: >- + Token to retrieve the next page of results. An empty value means + there are no more results. type: string + connections: + type: array + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' + description: >- + List of connections that match the search query. Note that only a + subset of the fields will be populated, and only "name" is + guaranteed to be set. For full details of a Connection, call + GetConnection with the name. + type: object + GooglePrivacyDlpV2TransformationDetails: + type: object + id: GooglePrivacyDlpV2TransformationDetails + description: >- + Details about a single transformation. This object contains a + description of the transformation, information about whether the + transformation was successfully applied, and the precise location where + the transformation occurred. These details are stored in a + user-specified BigQuery table. + properties: + transformedBytes: format: int64 - tableSizeBytes: - description: The size of the table when the profile was generated. type: string - format: int64 - rowCount: description: >- - Number of rows in the table when the profile was generated. This - will not be populated for BigLake tables. - type: string - format: int64 - encryptionStatus: - description: How the table is encrypted. + The number of bytes that were transformed. If transformation was + unsuccessful or did not take place because there was no content to + transform, this will be zero. + containerName: + description: >- + The top level name of the container where the transformation is + located (this will be the source file name or table name). type: string - enumDescriptions: - - Unused. - - Google manages server-side encryption keys on your behalf. - - Customer provides the key. - enum: - - ENCRYPTION_STATUS_UNSPECIFIED - - ENCRYPTION_GOOGLE_MANAGED - - ENCRYPTION_CUSTOMER_MANAGED - resourceVisibility: - description: How broadly a resource has been shared. + statusDetails: + description: >- + Status of the transformation, if transformation was not successful, + this will specify what caused it to fail, otherwise it will show + that the transformation was successful. + $ref: '#/components/schemas/GooglePrivacyDlpV2TransformationResultStatus' + transformation: + type: array + description: >- + Description of transformation. This would only contain more than one + element if there were multiple matching transformations and which + one to apply was ambiguous. Not set for states that contain no + transformation, currently only state that contains no transformation + is TransformationResultStateType.METADATA_UNRETRIEVABLE. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2TransformationDescription' + transformationLocation: + $ref: '#/components/schemas/GooglePrivacyDlpV2TransformationLocation' + description: >- + The precise location of the transformed content in the original + container. + resourceName: + description: The name of the job that completed the transformation. type: string - enumDescriptions: - - Unused. - - Visible to any user. - - >- - May contain public items. For example, if a Cloud Storage bucket - has uniform bucket level access disabled, some objects inside it - may be public, but none are known yet. - - Visible only to specific users. - enum: - - RESOURCE_VISIBILITY_UNSPECIFIED - - RESOURCE_VISIBILITY_PUBLIC - - RESOURCE_VISIBILITY_INCONCLUSIVE - - RESOURCE_VISIBILITY_RESTRICTED - profileLastGenerated: - description: The last time the profile was generated. + GooglePrivacyDlpV2ProcessingLocation: + description: >- + Configure processing location for discovery and inspection. For example, + image OCR is only provided in limited regions but configuring + ProcessingLocation will redirect OCR to a location where OCR is + provided. + properties: + imageFallbackLocation: + description: Image processing falls back using this configuration. + $ref: '#/components/schemas/GooglePrivacyDlpV2ImageFallbackLocation' + documentFallbackLocation: + $ref: '#/components/schemas/GooglePrivacyDlpV2DocumentFallbackLocation' + description: Document processing falls back using this configuration. + id: GooglePrivacyDlpV2ProcessingLocation + type: object + GooglePrivacyDlpV2Color: + type: object + id: GooglePrivacyDlpV2Color + description: Represents a color in the RGB color space. + properties: + blue: + description: The amount of blue in the color as a value in the interval [0, 1]. + format: float + type: number + green: + type: number + format: float + description: The amount of green in the color as a value in the interval [0, 1]. + red: + format: float + type: number + description: The amount of red in the color as a value in the interval [0, 1]. + GooglePrivacyDlpV2PublishToSecurityCommandCenter: + type: object + description: >- + If set, a summary finding will be created or updated in Security Command + Center for each profile. + properties: {} + id: GooglePrivacyDlpV2PublishToSecurityCommandCenter + GooglePrivacyDlpV2HybridInspectResponse: + type: object + properties: {} + description: Quota exceeded errors will be thrown once quota has been met. + id: GooglePrivacyDlpV2HybridInspectResponse + GooglePrivacyDlpV2RedactImageRequest: + type: object + id: GooglePrivacyDlpV2RedactImageRequest + description: >- + Request to search for potentially sensitive info in an image and redact + it by covering it with a colored rectangle. + properties: + locationId: type: string - format: google-datetime - resourceLabels: + description: Deprecated. This field has no effect. + deidentifyTemplate: description: >- - The labels applied to the resource at the time the profile was - generated. - type: object - additionalProperties: - type: string - createTime: - description: The time at which the table was created. + The full resource name of the de-identification template to use. + Settings in the main `image_redaction_configs` field override the + corresponding settings in this de-identification template. The + request fails if the type of the template's deidentify_config is not + image_transformations. type: string - format: google-datetime - sampleFindingsTable: - description: The BigQuery table to which the sample findings are written. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' - tags: + includeFindings: + type: boolean description: >- - The tags attached to the table, including any tags attached during - profiling. Because tags are attached to Cloud SQL instances rather - than Cloud SQL tables, this field is empty for Cloud SQL table - profiles. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Tag' - relatedResources: - description: Resources related to this profile. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2RelatedResource' - domains: - description: Domains associated with the profile. + Whether the response should include findings along with the redacted + image. + inspectConfig: + description: Configuration for the inspector. + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectConfig' + imageRedactionConfigs: type: array + description: The configuration for specifying what content to redact from images. items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Domain' - GooglePrivacyDlpV2InfoTypeSummary: - id: GooglePrivacyDlpV2InfoTypeSummary - description: The infoType details for this column. - type: object - properties: - infoType: - description: The infoType. - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - estimatedPrevalence: - description: Not populated for predicted infotypes. - deprecated: true - type: integer - format: int32 - GooglePrivacyDlpV2OtherInfoTypeSummary: - id: GooglePrivacyDlpV2OtherInfoTypeSummary - description: Infotype details for other infoTypes found within a column. + $ref: '#/components/schemas/GooglePrivacyDlpV2ImageRedactionConfig' + byteItem: + $ref: '#/components/schemas/GooglePrivacyDlpV2ByteContentItem' + description: The content must be PNG, JPEG, SVG or BMP. + inspectTemplate: + description: >- + The full resource name of the inspection template to use. Settings + in the main `inspect_config` field override the corresponding + settings in this inspection template. The merge behavior is as + follows: - Singular field: The main field's value replaces the value + of the corresponding field in the template. - Repeated fields: The + field values are appended to the list defined in the template. - + Sub-messages and groups: The fields are recursively merged. + type: string + GooglePrivacyDlpV2KAnonymityEquivalenceClass: + id: GooglePrivacyDlpV2KAnonymityEquivalenceClass + description: The set of columns' values that share the same ldiversity value type: object properties: - infoType: - description: The other infoType. - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - estimatedPrevalence: + equivalenceClassSize: + type: string description: >- - Approximate percentage of non-null rows that contained data detected - by this infotype. - type: integer - format: int32 - excludedFromAnalysis: + Size of the equivalence class, for example number of rows with the + above set of values. + format: int64 + quasiIdsValues: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2Value' + type: array description: >- - Whether this infoType was excluded from sensitivity and risk - analysis due to factors such as low prevalence (subject to change). - type: boolean - GooglePrivacyDlpV2DataProfileConfigSnapshot: - id: GooglePrivacyDlpV2DataProfileConfigSnapshot - description: Snapshot of the configurations used to generate the profile. + Set of values defining the equivalence class. One value per + quasi-identifier column in the original KAnonymity metric message. + The order is always the same as the original request. + GooglePrivacyDlpV2DeidentifyContentRequest: + id: GooglePrivacyDlpV2DeidentifyContentRequest type: object + description: Request to de-identify a ContentItem. properties: + locationId: + type: string + description: Deprecated. This field has no effect. + inspectTemplateName: + description: >- + Template to use. Any configuration directly specified in + inspect_config will override those set in the template. Singular + fields that are set in this request will replace their corresponding + fields in the template. Repeated fields are appended. Singular + sub-messages and groups are recursively merged. + type: string inspectConfig: description: >- - A copy of the inspection config used to generate this profile. This - is a copy of the inspect_template specified in - `DataProfileJobConfig`. + Configuration for the inspector. Items specified here will override + the template referenced by the inspect_template_name argument. $ref: '#/components/schemas/GooglePrivacyDlpV2InspectConfig' - dataProfileJob: + deidentifyTemplateName: description: >- - A copy of the configuration used to generate this profile. This is - deprecated, and the DiscoveryConfig field is preferred moving - forward. DataProfileJobConfig will still be written here for - Discovery in BigQuery for backwards compatibility, but will not be - updated with new fields, while DiscoveryConfig will. - deprecated: true - $ref: '#/components/schemas/GooglePrivacyDlpV2DataProfileJobConfig' - discoveryConfig: - description: A copy of the configuration used to generate this profile. - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' - inspectTemplateName: - description: Name of the inspection template used to generate this profile - type: string - inspectTemplateModifiedTime: - description: Timestamp when the template was modified + Template to use. Any configuration directly specified in + deidentify_config will override those set in the template. Singular + fields that are set in this request will replace their corresponding + fields in the template. Repeated fields are appended. Singular + sub-messages and groups are recursively merged. type: string - format: google-datetime - GooglePrivacyDlpV2DataProfileJobConfig: - id: GooglePrivacyDlpV2DataProfileJobConfig - description: >- - Configuration for setting up a job to scan resources for profile - generation. Only one data profile configuration may exist per - organization, folder, or project. The generated data profiles are - retained according to the [data retention policy] - (https://cloud.google.com/sensitive-data-protection/docs/data-profiles#retention). - type: object - properties: - location: - description: The data to scan. - $ref: '#/components/schemas/GooglePrivacyDlpV2DataProfileLocation' - projectId: + item: description: >- - The project that will run the scan. The DLP service account that - exists within this project must have access to all resources that - are profiled, and the DLP API must be enabled. - type: string - otherCloudStartingLocation: - description: Must be set only when scanning other clouds. - $ref: >- - #/components/schemas/GooglePrivacyDlpV2OtherCloudDiscoveryStartingLocation - inspectTemplates: + The item to de-identify. Will be treated as text. This value must be + of type Table if your deidentify_config is a RecordTransformations + object. + $ref: '#/components/schemas/GooglePrivacyDlpV2ContentItem' + deidentifyConfig: description: >- - Detection logic for profile generation. Not all template features - are used by profiles. FindingLimits, include_quote and - exclude_info_types have no impact on data profiling. Multiple - templates may be provided if there is data in multiple regions. At - most one template must be specified per-region (including "global"). - Each region is scanned using the applicable template. If no - region-specific template is specified, but a "global" template is - specified, it will be copied to that region and used instead. If no - global or region-specific template is provided for a region with - data, that region's data will not be scanned. For more information, - see - https://cloud.google.com/sensitive-data-protection/docs/data-profiles#data-residency. - type: array + Configuration for the de-identification of the content item. Items + specified here will override the template referenced by the + deidentify_template_name argument. + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyConfig' + GooglePrivacyDlpV2DataProfileBigQueryRowSchema: + properties: + columnProfile: + $ref: '#/components/schemas/GooglePrivacyDlpV2ColumnDataProfile' + description: Column data profile column + tableProfile: + description: Table data profile column + $ref: '#/components/schemas/GooglePrivacyDlpV2TableDataProfile' + fileStoreProfile: + $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreDataProfile' + description: File store data profile column. + type: object + description: >- + The schema of data to be saved to the BigQuery table when the + `DataProfileAction` is enabled. + id: GooglePrivacyDlpV2DataProfileBigQueryRowSchema + GooglePrivacyDlpV2BigQueryTableTypes: + description: The types of BigQuery tables supported by Cloud DLP. + properties: + types: + description: A set of BigQuery table types. items: + enumDescriptions: + - Unused. + - A normal BigQuery table. + - A table that references data stored in Cloud Storage. + - A snapshot of a BigQuery table. + enum: + - BIG_QUERY_TABLE_TYPE_UNSPECIFIED + - BIG_QUERY_TABLE_TYPE_TABLE + - BIG_QUERY_TABLE_TYPE_EXTERNAL_BIG_LAKE + - BIG_QUERY_TABLE_TYPE_SNAPSHOT type: string - dataProfileActions: - description: Actions to execute at the completion of the job. type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2DataProfileAction' - GooglePrivacyDlpV2DataProfileLocation: - id: GooglePrivacyDlpV2DataProfileLocation - description: The data that will be profiled. type: object + id: GooglePrivacyDlpV2BigQueryTableTypes + GooglePrivacyDlpV2DatastoreOptions: + id: GooglePrivacyDlpV2DatastoreOptions properties: - organizationId: - description: The ID of an organization to scan. - type: string - format: int64 - folderId: - description: The ID of the folder within an organization to scan. - type: string - format: int64 - GooglePrivacyDlpV2Tag: - id: GooglePrivacyDlpV2Tag - description: A tag associated with a resource. + partitionId: + $ref: '#/components/schemas/GooglePrivacyDlpV2PartitionId' + description: >- + A partition ID identifies a grouping of entities. The grouping is + always by project and namespace, however the namespace ID may be + empty. + kind: + description: The kind to process. + $ref: '#/components/schemas/GooglePrivacyDlpV2KindExpression' + type: object + description: Options defining a data set within Google Cloud Datastore. + GooglePrivacyDlpV2GlobalProcessing: + type: object + description: Processing occurs in the global region. + properties: {} + id: GooglePrivacyDlpV2GlobalProcessing + GooglePrivacyDlpV2BoundingBox: + type: object + id: GooglePrivacyDlpV2BoundingBox + description: Bounding box encompassing detected text within an image. + properties: + height: + description: Height of the bounding box in pixels. + type: integer + format: int32 + top: + description: Top coordinate of the bounding box. (0,0) is upper left. + format: int32 + type: integer + width: + type: integer + description: Width of the bounding box in pixels. + format: int32 + left: + description: Left coordinate of the bounding box. (0,0) is upper left. + format: int32 + type: integer + GooglePrivacyDlpV2FindingLimits: type: object + description: >- + Configuration to control the number of findings returned for inspection. + This is not used for de-identification or data profiling. When redacting + sensitive data from images, finding limits don't apply. They can cause + unexpected or inconsistent results, where only some data is redacted. + Don't include finding limits in RedactImage requests. Otherwise, Cloud + DLP returns an error. properties: - namespacedTagValue: + maxFindingsPerInfoType: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeLimit' + type: array + description: Configuration of findings limit given for specified infoTypes. + maxFindingsPerItem: + type: integer description: >- - The namespaced name for the tag value to attach to Google Cloud - resources. Must be in the format - `{parent_id}/{tag_key_short_name}/{short_name}`, for example, - "123456/environment/prod" for an organization parent, or - "my-project/environment/prod" for a project parent. This is only set - for Google Cloud resources. - type: string - key: + Max number of findings that are returned for each item scanned. When + set within an InspectContentRequest, this field is ignored. This + value isn't a hard limit. If the number of findings for an item + reaches this limit, the inspection of that item ends gradually, not + abruptly. Therefore, the actual number of findings that Cloud DLP + returns for the item can be multiple times higher than this value. + format: int32 + maxFindingsPerRequest: + type: integer description: >- - The key of a tag key-value pair. For Google Cloud resources, this is - the resource name of the key, for example, "tagKeys/123456". - type: string - value: + Max number of findings that are returned per request or job. If you + set this field in an InspectContentRequest, the resulting maximum + value is the value that you set or 3,000, whichever is lower. This + value isn't a hard limit. If an inspection reaches this limit, the + inspection ends gradually, not abruptly. Therefore, the actual + number of findings that Cloud DLP returns can be multiple times + higher than this value. + format: int32 + id: GooglePrivacyDlpV2FindingLimits + GooglePrivacyDlpV2DateTime: + properties: + date: + $ref: '#/components/schemas/GoogleTypeDate' description: >- - The value of a tag key-value pair. For Google Cloud resources, this - is the resource name of the value, for example, "tagValues/123456". + One or more of the following must be set. Must be a valid date or + time value. + dayOfWeek: + enumDescriptions: + - The day of the week is unspecified. + - Monday + - Tuesday + - Wednesday + - Thursday + - Friday + - Saturday + - Sunday type: string - GooglePrivacyDlpV2RelatedResource: - id: GooglePrivacyDlpV2RelatedResource - description: >- - A related resource. Examples: * The source BigQuery table for a Vertex - AI dataset. * The source Cloud Storage bucket for a Vertex AI dataset. + description: Day of week + enum: + - DAY_OF_WEEK_UNSPECIFIED + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + - SUNDAY + time: + description: Time of day + $ref: '#/components/schemas/GoogleTypeTimeOfDay' + timeZone: + description: Time zone + $ref: '#/components/schemas/GooglePrivacyDlpV2TimeZone' type: object - properties: - fullResource: - description: The full resource name of the related resource. - type: string - GooglePrivacyDlpV2Domain: - id: GooglePrivacyDlpV2Domain - description: >- - A domain represents a thematic category that a data profile can fall - under. + id: GooglePrivacyDlpV2DateTime + description: Message for a date time object. e.g. 2018-01-01, 5th August. + GooglePrivacyDlpV2InfoTypeSummary: type: object properties: - category: - description: A domain category that this profile is related to. - type: string - enumDescriptions: - - Category unspecified. - - >- - Indicates that the data profile is related to artificial - intelligence. When set, all findings stored to Security Command - Center will set the corresponding AI domain field of `Finding` - objects. - - Indicates that the data profile is related to code. - enum: - - CATEGORY_UNSPECIFIED - - AI - - CODE - signals: - description: The collection of signals that influenced selection of the category. - type: array - items: - type: string - enumDescriptions: - - Unused. - - One or more machine learning models are present. - - A table appears to be a text embedding. - - >- - The [Cloud SQL Vertex - AI](https://cloud.google.com/sql/docs/postgres/integrate-cloud-sql-with-vertex-ai) - plugin is installed on the database. - - >- - Support for [Cloud SQL vector - embeddings](https://cloud.google.com/sql/docs/mysql/enable-vector-search) - is enabled on the database. - - Source code is present. - - >- - If the service determines the category type. For example, Vertex - AI assets would always have a `Category` of `AI`. - enum: - - SIGNAL_UNSPECIFIED - - MODEL - - TEXT_EMBEDDING - - VERTEX_PLUGIN - - VECTOR_PLUGIN - - SOURCE_CODE - - SERVICE - GooglePrivacyDlpV2ListColumnDataProfilesResponse: - id: GooglePrivacyDlpV2ListColumnDataProfilesResponse - description: List of profiles generated for a given organization or project. + infoType: + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' + description: The infoType. + estimatedPrevalence: + format: int32 + description: Not populated for predicted infotypes. + deprecated: true + type: integer + id: GooglePrivacyDlpV2InfoTypeSummary + description: The infoType details for this column. + GooglePrivacyDlpV2CloudStoragePath: + id: GooglePrivacyDlpV2CloudStoragePath + description: Message representing a single file or path in Cloud Storage. type: object properties: - columnDataProfiles: - description: List of data profiles. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2ColumnDataProfile' - nextPageToken: - description: The next page token. + path: + description: >- + A URL representing a file or path (no wildcards) in Cloud Storage. + Example: `gs://[BUCKET_NAME]/dictionary.txt` type: string - GooglePrivacyDlpV2ColumnDataProfile: - id: GooglePrivacyDlpV2ColumnDataProfile - description: The profile for a scanned column within a table. + GooglePrivacyDlpV2QuasiId: + description: A column with a semantic tag attached. + id: GooglePrivacyDlpV2QuasiId type: object properties: - name: - description: The name of the profile. - type: string - profileStatus: + customTag: description: >- - Success or error status from the most recent profile generation - attempt. May be empty if the profile is still being generated. - $ref: '#/components/schemas/GooglePrivacyDlpV2ProfileStatus' - state: - description: State of a profile. - type: string - enumDescriptions: - - Unused. - - >- - The profile is currently running. Once a profile has finished it - will transition to DONE. - - >- - The profile is no longer generating. If profile_status.status.code - is 0, the profile succeeded, otherwise, it failed. - enum: - - STATE_UNSPECIFIED - - RUNNING - - DONE - profileLastGenerated: - description: The last time the profile was generated. - type: string - format: google-datetime - tableDataProfile: - description: The resource name of the table data profile. - type: string - tableFullResource: - description: The resource name of the resource this column is within. - type: string - datasetProjectId: - description: The Google Cloud project ID that owns the profiled resource. + A column can be tagged with a custom tag. In this case, the user + must indicate an auxiliary table that contains statistical + information on the possible values of this column. type: string - datasetLocation: + infoType: description: >- - If supported, the location where the dataset's data is stored. See - https://cloud.google.com/bigquery/docs/locations for supported - BigQuery locations. - type: string - datasetId: + A column can be tagged with a InfoType to use the relevant public + dataset as a statistical model of population, if available. We + currently support US ZIP codes, region codes, ages and genders. To + programmatically obtain the list of supported InfoTypes, use + ListInfoTypes with the supported_by=RISK_ANALYSIS filter. + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' + field: + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + description: Required. Identifies the column. + inferred: + description: >- + If no semantic tag is indicated, we infer the statistical model from + the distribution of values in the input data + $ref: '#/components/schemas/GoogleProtobufEmpty' + GooglePrivacyDlpV2VertexDatasetCollection: + type: object + description: Match dataset resources using regex filters. + id: GooglePrivacyDlpV2VertexDatasetCollection + properties: + vertexDatasetRegexes: + $ref: '#/components/schemas/GooglePrivacyDlpV2VertexDatasetRegexes' + description: The regex used to filter dataset resources. + GooglePrivacyDlpV2LDiversityHistogramBucket: + type: object + id: GooglePrivacyDlpV2LDiversityHistogramBucket + description: Histogram of l-diversity equivalence class sensitive value frequencies. + properties: + sensitiveValueFrequencyUpperBound: description: >- - The BigQuery dataset ID, if the resource profiled is a BigQuery - table. + Upper bound on the sensitive value frequencies of the equivalence + classes in this bucket. type: string - tableId: - description: The table ID. + format: int64 + bucketSize: + description: Total number of equivalence classes in this bucket. + format: int64 type: string - column: - description: The name of the column. + sensitiveValueFrequencyLowerBound: + format: int64 type: string - sensitivityScore: - description: The sensitivity of this column. - $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' - dataRiskLevel: - description: The data risk level for this column. - $ref: '#/components/schemas/GooglePrivacyDlpV2DataRiskLevel' - columnInfoType: description: >- - If it's been determined this column can be identified as a single - type, this will be set. Otherwise the column either has - unidentifiable content or mixed types. - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeSummary' - otherMatches: - description: Other types found within this column. List will be unordered. + Lower bound on the sensitive value frequencies of the equivalence + classes in this bucket. + bucketValues: + description: >- + Sample of equivalence classes in this bucket. The total number of + classes returned per bucket is capped at 20. type: array items: - $ref: '#/components/schemas/GooglePrivacyDlpV2OtherInfoTypeSummary' - estimatedNullPercentage: - description: Approximate percentage of entries being null in the column. - type: string - enumDescriptions: - - Unused. - - Very few null entries. - - Some null entries. - - A few null entries. - - A lot of null entries. - enum: - - NULL_PERCENTAGE_LEVEL_UNSPECIFIED - - NULL_PERCENTAGE_VERY_LOW - - NULL_PERCENTAGE_LOW - - NULL_PERCENTAGE_MEDIUM - - NULL_PERCENTAGE_HIGH - estimatedUniquenessScore: - description: Approximate uniqueness of the column. + $ref: '#/components/schemas/GooglePrivacyDlpV2LDiversityEquivalenceClass' + bucketValueCount: + format: int64 + description: Total number of distinct equivalence classes in this bucket. type: string - enumDescriptions: - - >- - Some columns do not have estimated uniqueness. Possible reasons - include having too few values. - - >- - Low uniqueness, possibly a boolean, enum or similiarly typed - column. - - Medium uniqueness. - - >- - High uniqueness, possibly a column of free text or unique - identifiers. - enum: - - UNIQUENESS_SCORE_LEVEL_UNSPECIFIED - - UNIQUENESS_SCORE_LOW - - UNIQUENESS_SCORE_MEDIUM - - UNIQUENESS_SCORE_HIGH - freeTextScore: + GooglePrivacyDlpV2TransformationDescription: + type: object + id: GooglePrivacyDlpV2TransformationDescription + properties: + condition: description: >- - The likelihood that this column contains free-form text. A value - close to 1 may indicate the column is likely to contain free-form or - natural language text. Range in 0-1. - type: number - format: double - columnType: - description: The data type of a given column. + A human-readable string representation of the `RecordCondition` + corresponding to this transformation. Set if a `RecordCondition` was + used to determine whether or not to apply this transformation. + Examples: * (age_field > 85) * (age_field <= 18) * (zip_field + exists) * (zip_field == 01234) && (city_field != "Springville") * + (zip_field == 01234) && (age_field <= 18) && (city_field exists) type: string - enumDescriptions: - - Invalid type. - - Encoded as a string in decimal format. - - Encoded as a boolean "false" or "true". - - Encoded as a number, or string "NaN", "Infinity" or "-Infinity". - - Encoded as a string value. - - Encoded as a base64 string per RFC 4648, section 4. - - >- - Encoded as an RFC 3339 timestamp with mandatory "Z" time zone - string: 1985-04-12T23:20:50.52Z - - 'Encoded as RFC 3339 full-date format string: 1985-04-12' - - 'Encoded as RFC 3339 partial-time format string: 23:20:50.52' - - >- - Encoded as RFC 3339 full-date "T" partial-time: - 1985-04-12T23:20:50.52 - - Encoded as WKT - - Encoded as a decimal string. - - Container of ordered fields, each with a type and field name. - - Decimal type. - - Json type. - - Interval type. - - '`Range` type.' - - '`Range` type.' - - '`Range` type.' + type: enum: - - COLUMN_DATA_TYPE_UNSPECIFIED - - TYPE_INT64 - - TYPE_BOOL - - TYPE_FLOAT64 - - TYPE_STRING - - TYPE_BYTES - - TYPE_TIMESTAMP - - TYPE_DATE - - TYPE_TIME - - TYPE_DATETIME - - TYPE_GEOGRAPHY - - TYPE_NUMERIC - - TYPE_RECORD - - TYPE_BIGNUMERIC - - TYPE_JSON - - TYPE_INTERVAL - - TYPE_RANGE_DATE - - TYPE_RANGE_DATETIME - - TYPE_RANGE_TIMESTAMP - policyState: - description: Indicates if a policy tag has been applied to the column. + - TRANSFORMATION_TYPE_UNSPECIFIED + - RECORD_SUPPRESSION + - REPLACE_VALUE + - REPLACE_DICTIONARY + - REDACT + - CHARACTER_MASK + - CRYPTO_REPLACE_FFX_FPE + - FIXED_SIZE_BUCKETING + - BUCKETING + - REPLACE_WITH_INFO_TYPE + - TIME_PART + - CRYPTO_HASH + - DATE_SHIFT + - CRYPTO_DETERMINISTIC_CONFIG + - REDACT_IMAGE type: string enumDescriptions: - - No policy tags. - - Column has policy tag applied. - enum: - - COLUMN_POLICY_STATE_UNSPECIFIED - - COLUMN_POLICY_TAGGED - GooglePrivacyDlpV2ListFileStoreDataProfilesResponse: - id: GooglePrivacyDlpV2ListFileStoreDataProfilesResponse + - Unused + - Record suppression + - Replace value + - Replace value using a dictionary. + - Redact + - Character mask + - FFX-FPE + - Fixed size bucketing + - Bucketing + - Replace with info type + - Time part + - Crypto hash + - Date shift + - Deterministic crypto + - Redact image + description: The transformation type. + description: + type: string + description: >- + A description of the transformation. This is empty for a + RECORD_SUPPRESSION, or is the output of calling toString() on the + `PrimitiveTransformation` protocol buffer message for any other type + of transformation. + infoType: + description: Set if the transformation was limited to a specific `InfoType`. + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' description: >- - List of file store data profiles generated for a given organization or - project. + A flattened description of a `PrimitiveTransformation` or + `RecordSuppression`. + GooglePrivacyDlpV2PublishToDataplexCatalog: type: object properties: - fileStoreDataProfiles: - description: List of data profiles. - type: array + lowerDataRiskToLow: + type: boolean + description: >- + Whether creating a Dataplex Universal Catalog aspect for a profiled + resource should lower the risk of the profile for that resource. + This also lowers the data risk of resources at the lower levels of + the resource hierarchy. For example, reducing the data risk of a + table data profile also reduces the data risk of the constituent + column data profiles. + id: GooglePrivacyDlpV2PublishToDataplexCatalog + description: >- + Create Dataplex Universal Catalog aspects for profiled resources with + the aspect type Sensitive Data Protection Profile. To learn more about + aspects, see + https://cloud.google.com/sensitive-data-protection/docs/add-aspects. + GooglePrivacyDlpV2ExcludeInfoTypes: + description: List of excluded infoTypes. + type: object + properties: + infoTypes: items: - $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreDataProfile' - nextPageToken: - description: The next page token. + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' + description: >- + InfoType list in ExclusionRule rule drops a finding when it overlaps + or contained within with a finding of an infoType from this list. + For example, for `InspectionRuleSet.info_types` containing + "PHONE_NUMBER"` and `exclusion_rule` containing + `exclude_info_types.info_types` with "EMAIL_ADDRESS" the phone + number findings are dropped if they overlap with EMAIL_ADDRESS + finding. That leads to "555-222-2222@example.org" to generate only a + single finding, namely email address. + type: array + id: GooglePrivacyDlpV2ExcludeInfoTypes + GooglePrivacyDlpV2SummaryResult: + type: object + properties: + code: + type: string + description: Outcome of the transformation. + enumDescriptions: + - Unused + - Transformation completed without an error. + - Transformation had an error. + enum: + - TRANSFORMATION_RESULT_CODE_UNSPECIFIED + - SUCCESS + - ERROR + details: + type: string + description: >- + A place for warnings or errors to show up if a transformation didn't + work as expected. + count: + description: Number of transformations counted by this result. + format: int64 type: string - GooglePrivacyDlpV2FileStoreDataProfile: - id: GooglePrivacyDlpV2FileStoreDataProfile description: >- - The profile for a file store. * Cloud Storage: maps 1:1 with a bucket. * - Amazon S3: maps 1:1 with a bucket. + A collection that informs the user the number of times a particular + `TransformationResultCode` and error details occurred. + id: GooglePrivacyDlpV2SummaryResult + GooglePrivacyDlpV2TableDataProfile: type: object + id: GooglePrivacyDlpV2TableDataProfile + description: The profile for a scanned table. properties: + predictedInfoTypes: + type: array + description: The infoTypes predicted from this table's data. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoTypeSummary' + createTime: + type: string + description: The time at which the table was created. + format: google-datetime + datasetLocation: + description: >- + If supported, the location where the dataset's data is stored. See + https://cloud.google.com/bigquery/docs/locations for supported + locations. + type: string + tableId: + type: string + description: The table ID. + datasetProjectId: + description: The Google Cloud project ID that owns the resource. + type: string + relatedResources: + description: Resources related to this profile. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2RelatedResource' + type: array name: description: The name of the profile. type: string - dataSourceType: - description: The resource type that was profiled. - $ref: '#/components/schemas/GooglePrivacyDlpV2DataSourceType' - projectDataProfile: - description: The resource name of the project data profile for this file store. + encryptionStatus: + enumDescriptions: + - Unused. + - Google manages server-side encryption keys on your behalf. + - Customer provides the key. + description: How the table is encrypted. + enum: + - ENCRYPTION_STATUS_UNSPECIFIED + - ENCRYPTION_GOOGLE_MANAGED + - ENCRYPTION_CUSTOMER_MANAGED type: string - projectId: - description: >- - The Google Cloud project ID that owns the resource. For Amazon S3 - buckets, this is the AWS Account Id. + failedColumnCount: + format: int64 type: string - fileStoreLocation: + description: The number of columns skipped in the table because of an error. + dataRiskLevel: + description: The data risk level of this table. + $ref: '#/components/schemas/GooglePrivacyDlpV2DataRiskLevel' + resourceLabels: + type: object + additionalProperties: + type: string description: >- - The location of the file store. * Cloud Storage: - https://cloud.google.com/storage/docs/locations#available-locations - * Amazon S3: - https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints + The labels applied to the resource at the time the profile was + generated. + lastModifiedTime: + format: google-datetime + description: The time when this table was last modified type: string - dataStorageLocations: - description: >- - For resources that have multiple storage locations, these are those - regions. For Cloud Storage this is the list of regions chosen for - dual-region storage. `file_store_location` will normally be the - corresponding multi-region for the list of individual locations. The - first region is always picked as the processing and storage location - for the data profile. + tags: type: array - items: - type: string - locationType: description: >- - The location type of the file store (region, dual-region, - multi-region, etc). If dual-region, expect data_storage_locations to - be populated. + The tags attached to the table, including any tags attached during + profiling. Because tags are attached to Cloud SQL instances rather + than Cloud SQL tables, this field is empty for Cloud SQL table + profiles. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2Tag' + rowCount: type: string - fileStorePath: + format: int64 description: >- - The file store path. * Cloud Storage: `gs://{bucket}` * Amazon S3: - `s3://{bucket}` * Vertex AI dataset: - `projects/{project_number}/locations/{location}/datasets/{dataset_id}` - type: string + Number of rows in the table when the profile was generated. This + will not be populated for BigLake tables. + domains: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2Domain' + description: Domains associated with the profile. + type: array fullResource: + type: string description: >- - The resource name of the resource profiled. + The Cloud Asset Inventory resource that was profiled in order to + generate this TableDataProfile. https://cloud.google.com/apis/design/resource_names#full_resource_name - Example format of an S3 bucket full resource name: - `//cloudasset.googleapis.com/organizations/{org_id}/otherCloudConnections/aws/arn:aws:s3:::{bucket_name}` + profileLastGenerated: type: string - configSnapshot: - description: The snapshot of the configurations used to generate the profile. - $ref: '#/components/schemas/GooglePrivacyDlpV2DataProfileConfigSnapshot' + format: google-datetime + description: The last time the profile was generated. + expirationTime: + type: string + description: Optional. The time when this table expires. + format: google-datetime profileStatus: + $ref: '#/components/schemas/GooglePrivacyDlpV2ProfileStatus' description: >- Success or error status from the most recent profile generation attempt. May be empty if the profile is still being generated. - $ref: '#/components/schemas/GooglePrivacyDlpV2ProfileStatus' state: - description: State of a profile. + enum: + - STATE_UNSPECIFIED + - RUNNING + - DONE + description: >- + State of a profile. This will always be set to DONE when the table + data profile is written to another service like BigQuery or Pub/Sub. type: string enumDescriptions: - Unused. @@ -7882,17 +7831,37 @@ components: - >- The profile is no longer generating. If profile_status.status.code is 0, the profile succeeded, otherwise, it failed. - enum: - - STATE_UNSPECIFIED - - RUNNING - - DONE - profileLastGenerated: - description: The last time the profile was generated. + dataSourceType: + description: The resource type that was profiled. + $ref: '#/components/schemas/GooglePrivacyDlpV2DataSourceType' + sensitivityScore: + $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' + description: The sensitivity score of this table. + sampleFindingsTable: + description: The BigQuery table to which the sample findings are written. + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' + datasetId: + description: If the resource is BigQuery, the dataset ID. + type: string + configSnapshot: + $ref: '#/components/schemas/GooglePrivacyDlpV2DataProfileConfigSnapshot' + description: The snapshot of the configurations used to generate the profile. + otherInfoTypes: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2OtherInfoTypeSummary' + description: Other infoTypes found in this table's data. + type: array + projectDataProfile: + description: The resource name of the project data profile for this table. type: string - format: google-datetime resourceVisibility: - description: How broadly a resource has been shared. type: string + description: How broadly a resource has been shared. + enum: + - RESOURCE_VISIBILITY_UNSPECIFIED + - RESOURCE_VISIBILITY_PUBLIC + - RESOURCE_VISIBILITY_INCONCLUSIVE + - RESOURCE_VISIBILITY_RESTRICTED enumDescriptions: - Unused. - Visible to any user. @@ -7901,764 +7870,902 @@ components: has uniform bucket level access disabled, some objects inside it may be public, but none are known yet. - Visible only to specific users. - enum: - - RESOURCE_VISIBILITY_UNSPECIFIED - - RESOURCE_VISIBILITY_PUBLIC - - RESOURCE_VISIBILITY_INCONCLUSIVE - - RESOURCE_VISIBILITY_RESTRICTED - sensitivityScore: - description: The sensitivity score of this resource. - $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' - dataRiskLevel: - description: The data risk level of this resource. - $ref: '#/components/schemas/GooglePrivacyDlpV2DataRiskLevel' - createTime: - description: The time the file store was first created. + tableSizeBytes: type: string - format: google-datetime - lastModifiedTime: - description: The time the file store was last modified. + description: The size of the table when the profile was generated. + format: int64 + scannedColumnCount: + description: The number of columns profiled in the table. + format: int64 type: string - format: google-datetime - fileClusterSummaries: - description: FileClusterSummary per each cluster. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2FileClusterSummary' - resourceAttributes: - description: >- - Attributes of the resource being profiled. Currently used - attributes: * customer_managed_encryption: boolean - true: the - resource is encrypted with a customer-managed key. - false: the - resource is encrypted with a provider-managed key. - type: object - additionalProperties: - $ref: '#/components/schemas/GooglePrivacyDlpV2Value' - resourceLabels: + GooglePrivacyDlpV2WordList: + properties: + words: description: >- - The labels applied to the resource at the time the profile was - generated. - type: object - additionalProperties: - type: string - fileStoreInfoTypeSummaries: - description: InfoTypes detected in this file store. + Words or phrases defining the dictionary. The dictionary must + contain at least one phrase and every phrase must contain at least 2 + characters that are letters or digits. [required] type: array items: - $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreInfoTypeSummary' - sampleFindingsTable: - description: The BigQuery table to which the sample findings are written. - $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryTable' - fileStoreIsEmpty: - description: >- - The file store does not have any files. If the profiling operation - failed, this is false. - type: boolean - tags: + type: string + description: Message defining a list of words or phrases to search for in the data. + id: GooglePrivacyDlpV2WordList + type: object + GooglePrivacyDlpV2CharsToIgnore: + id: GooglePrivacyDlpV2CharsToIgnore + properties: + charactersToSkip: + type: string + description: Characters to not transform when masking. + commonCharactersToIgnore: + enumDescriptions: + - Unused. + - 0-9 + - A-Z + - a-z + - US Punctuation, one of !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~ + - Whitespace character, one of [ \t\n\x0B\f\r] description: >- - The tags attached to the resource, including any tags attached - during profiling. - type: array + Common characters to not transform when masking. Useful to avoid + removing punctuation. + type: string + enum: + - COMMON_CHARS_TO_IGNORE_UNSPECIFIED + - NUMERIC + - ALPHA_UPPER_CASE + - ALPHA_LOWER_CASE + - PUNCTUATION + - WHITESPACE + description: >- + Characters to skip when doing deidentification of a value. These will be + left alone and skipped. + type: object + GooglePrivacyDlpV2CloudStorageRegexFileSet: + properties: + bucketName: + description: The name of a Cloud Storage bucket. Required. + type: string + includeRegex: items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Tag' - relatedResources: - description: Resources related to this profile. + type: string type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2RelatedResource' - domains: - description: Domains associated with the profile. + description: >- + A list of regular expressions matching file paths to include. All + files in the bucket that match at least one of these regular + expressions will be included in the set of files, except for those + that also match an item in `exclude_regex`. Leaving this field empty + will match all files by default (this is equivalent to including + `.*` in the list). Regular expressions use RE2 + [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be + found under the google/re2 repository on GitHub. + excludeRegex: type: array + description: >- + A list of regular expressions matching file paths to exclude. All + files in the bucket that match at least one of these regular + expressions will be excluded from the scan. Regular expressions use + RE2 [syntax](https://github.com/google/re2/wiki/Syntax); a guide can + be found under the google/re2 repository on GitHub. items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Domain' - GooglePrivacyDlpV2FileClusterSummary: - id: GooglePrivacyDlpV2FileClusterSummary - description: The file cluster summary. + type: string + description: >- + Message representing a set of files in a Cloud Storage bucket. Regular + expressions are used to allow fine-grained control over which files in + the bucket to include. Included files are those that match at least one + item in `include_regex` and do not match any items in `exclude_regex`. + Note that a file that matches items from both lists will _not_ be + included. For a match to occur, the entire file path (i.e., everything + in the url after the bucket name) must match the regular expression. For + example, given the input `{bucket_name: "mybucket", include_regex: + ["directory1/.*"], exclude_regex: ["directory1/excluded.*"]}`: * + `gs://mybucket/directory1/myfile` will be included * + `gs://mybucket/directory1/directory2/myfile` will be included (`.*` + matches across `/`) * `gs://mybucket/directory0/directory1/myfile` will + _not_ be included (the full path doesn't match any items in + `include_regex`) * `gs://mybucket/directory1/excludedfile` will _not_ be + included (the path matches an item in `exclude_regex`) If + `include_regex` is left empty, it will match all files by default (this + is equivalent to setting `include_regex: [".*"]`). Some other common use + cases: * `{bucket_name: "mybucket", exclude_regex: [".*\.pdf"]}` will + include all files in `mybucket` except for .pdf files * `{bucket_name: + "mybucket", include_regex: ["directory/[^/]+"]}` will include all files + directly under `gs://mybucket/directory/`, without matching across `/` + id: GooglePrivacyDlpV2CloudStorageRegexFileSet + type: object + GooglePrivacyDlpV2CreateDeidentifyTemplateRequest: type: object properties: - fileClusterType: - description: The file cluster type. - $ref: '#/components/schemas/GooglePrivacyDlpV2FileClusterType' - fileStoreInfoTypeSummaries: - description: InfoTypes detected in this cluster. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreInfoTypeSummary' - sensitivityScore: - description: >- - The sensitivity score of this cluster. The score will be - SENSITIVITY_LOW if nothing has been scanned. - $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' - dataRiskLevel: + locationId: + description: Deprecated. This field has no effect. + type: string + templateId: + type: string description: >- - The data risk level of this cluster. RISK_LOW if nothing has been - scanned. - $ref: '#/components/schemas/GooglePrivacyDlpV2DataRiskLevel' - errors: + The template id can contain uppercase and lowercase letters, + numbers, and hyphens; that is, it must match the regular expression: + `[a-zA-Z\d-_]+`. The maximum length is 100 characters. Can be empty + to allow the system to generate one. + deidentifyTemplate: + description: Required. The DeidentifyTemplate to create. + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' + id: GooglePrivacyDlpV2CreateDeidentifyTemplateRequest + description: Request message for CreateDeidentifyTemplate. + GooglePrivacyDlpV2InspectionRuleSet: + properties: + rules: description: >- - A list of errors detected while scanning this cluster. The list is - truncated to 10 per cluster. - type: array + Set of rules to be applied to infoTypes. The rules are applied in + order. items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Error' - fileExtensionsScanned: - description: >- - A sample of file types scanned in this cluster. Empty if no files - were scanned. File extensions can be derived from the file name or - the file content. + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectionRule' type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2FileExtensionInfo' - fileExtensionsSeen: - description: >- - A sample of file types seen in this cluster. Empty if no files were - seen. File extensions can be derived from the file name or the file - content. + infoTypes: type: array + description: List of infoTypes this rule set is applied to. items: - $ref: '#/components/schemas/GooglePrivacyDlpV2FileExtensionInfo' - noFilesExist: - description: >- - True if no files exist in this cluster. If the file store had more - files than could be listed, this will be false even if no files for - this cluster were seen and file_extensions_seen is empty. - type: boolean - GooglePrivacyDlpV2FileClusterType: - id: GooglePrivacyDlpV2FileClusterType - description: Message used to identify file cluster type being profiled. + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' + type: object + id: GooglePrivacyDlpV2InspectionRuleSet + description: >- + Rule set for modifying a set of infoTypes to alter behavior under + certain circumstances, depending on the specific details of the rules + within the set. + GooglePrivacyDlpV2TransformationResultStatus: type: object + description: The outcome of a transformation. + id: GooglePrivacyDlpV2TransformationResultStatus properties: - cluster: - description: Cluster type. + details: + $ref: '#/components/schemas/GoogleRpcStatus' + description: Detailed error codes and messages + resultStatusType: + enum: + - STATE_TYPE_UNSPECIFIED + - INVALID_TRANSFORM + - BIGQUERY_MAX_ROW_SIZE_EXCEEDED + - METADATA_UNRETRIEVABLE + - SUCCESS type: string enumDescriptions: - Unused. - - Unsupported files. - - Plain text. - - Structured data like CSV, TSV etc. - - Source code. - - Rich document like docx, xlsx etc. - - Images like jpeg, bmp. - - Archives and containers like .zip, .tar etc. - - Multimedia like .mp4, .avi etc. - - Executable files like .exe, .class, .apk etc. - - AI models like .tflite etc. - enum: - - CLUSTER_UNSPECIFIED - - CLUSTER_UNKNOWN - - CLUSTER_TEXT - - CLUSTER_STRUCTURED_DATA - - CLUSTER_SOURCE_CODE - - CLUSTER_RICH_DOCUMENT - - CLUSTER_IMAGE - - CLUSTER_ARCHIVE - - CLUSTER_MULTIMEDIA - - CLUSTER_EXECUTABLE - - CLUSTER_AI_MODEL - GooglePrivacyDlpV2FileStoreInfoTypeSummary: - id: GooglePrivacyDlpV2FileStoreInfoTypeSummary - description: Information regarding the discovered InfoType. - type: object - properties: - infoType: - description: The InfoType seen. - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - GooglePrivacyDlpV2FileExtensionInfo: - id: GooglePrivacyDlpV2FileExtensionInfo - description: Information regarding the discovered file extension. - type: object - properties: - fileExtension: - description: The file extension if set. (aka .pdf, .jpg, .txt) - type: string - GooglePrivacyDlpV2HybridInspectDlpJobRequest: - id: GooglePrivacyDlpV2HybridInspectDlpJobRequest - description: Request to search for potentially sensitive info in a custom location. - type: object + - >- + This will be set when a finding could not be transformed (i.e. + outside user set bucket range). + - >- + This will be set when a BigQuery transformation was successful but + could not be stored back in BigQuery because the transformed row + exceeds BigQuery's max row size. + - >- + This will be set when there is a finding in the custom metadata of + a file, but at the write time of the transformed file, this key / + value pair is unretrievable. + - >- + This will be set when the transformation and storing of it is + successful. + description: >- + Transformation result status type, this will be either SUCCESS, or + it will be the reason for why the transformation was not completely + successful. + GooglePrivacyDlpV2LDiversityConfig: properties: - hybridItem: - description: The item to inspect. - $ref: '#/components/schemas/GooglePrivacyDlpV2HybridContentItem' - GooglePrivacyDlpV2FinishDlpJobRequest: - id: GooglePrivacyDlpV2FinishDlpJobRequest - description: The request message for finishing a DLP hybrid job. - type: object - properties: {} - GooglePrivacyDlpV2CreateConnectionRequest: - id: GooglePrivacyDlpV2CreateConnectionRequest - description: Request message for CreateConnection. + quasiIds: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + description: >- + Set of quasi-identifiers indicating how equivalence classes are + defined for the l-diversity computation. When multiple fields are + specified, they are considered a single composite key. + type: array + sensitiveAttribute: + description: Sensitive field for computing the l-value. + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + id: GooglePrivacyDlpV2LDiversityConfig + description: l-diversity metric, used for analysis of reidentification risk. type: object - properties: - connection: - description: Required. The connection resource. - $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' - GooglePrivacyDlpV2Connection: - id: GooglePrivacyDlpV2Connection + GooglePrivacyDlpV2TimespanConfig: + id: GooglePrivacyDlpV2TimespanConfig description: >- - A data connection to allow the DLP API to profile data in locations that - require additional configuration. + Configuration of the timespan of the items to include in scanning. + Currently only supported when inspecting Cloud Storage and BigQuery. type: object properties: - name: + timestampField: + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' + description: >- + Specification of the field containing the timestamp of scanned + items. Used for data sources like Datastore and BigQuery. **For + BigQuery** If this value is not specified and the table was modified + between the given start and end times, the entire table will be + scanned. If this value is specified, then rows are filtered based on + the given start and end times. Rows with a `NULL` value in the + provided BigQuery column are skipped. Valid data types of the + provided BigQuery column are: `INTEGER`, `DATE`, `TIMESTAMP`, and + `DATETIME`. If your BigQuery table is [partitioned at ingestion + time](https://cloud.google.com/bigquery/docs/partitioned-tables#ingestion_time), + you can use any of the following pseudo-columns as your timestamp + field. When used with Cloud DLP, these pseudo-column names are case + sensitive. - `_PARTITIONTIME` - `_PARTITIONDATE` - + `_PARTITION_LOAD_TIME` **For Datastore** If this value is specified, + then entities are filtered based on the given start and end times. + If an entity does not contain the provided timestamp property or + contains empty or invalid values, then it is included. Valid data + types of the provided timestamp property are: `TIMESTAMP`. See the + [known + issue](https://cloud.google.com/sensitive-data-protection/docs/known-issues#bq-timespan) + related to this operation. + enableAutoPopulationOfTimespanConfig: description: >- - Output only. Name of the connection: - `projects/{project}/locations/{location}/connections/{name}`. - readOnly: true + When the job is started by a JobTrigger we will automatically figure + out a valid start_time to avoid scanning files that have not been + modified since the last time the JobTrigger executed. This will be + based on the time of the execution of the last run of the JobTrigger + or the timespan end_time used in the last run of the JobTrigger. + **For BigQuery** Inspect jobs triggered by automatic population will + scan data that is at least three hours old when the job starts. This + is because streaming buffer rows are not read during inspection and + reading up to the current timestamp will result in skipped rows. See + the [known + issue](https://cloud.google.com/sensitive-data-protection/docs/known-issues#recently-streamed-data) + related to this operation. + type: boolean + endTime: + format: google-datetime + description: >- + Exclude files, tables, or rows newer than this value. If not set, no + upper time limit is applied. type: string - state: - description: Required. The connection's state in its lifecycle. + startTime: + format: google-datetime + description: >- + Exclude files, tables, or rows older than this value. If not set, no + lower time limit is applied. type: string - enumDescriptions: - - Unused - - >- - The DLP API automatically created this connection during an - initial scan, and it is awaiting full configuration by a user. - - A configured connection that has not encountered any errors. - - >- - A configured connection that encountered errors during its last - use. It will not be used again until it is set to AVAILABLE. If - the resolution requires external action, then the client must send - a request to set the status to AVAILABLE when the connection is - ready for use. If the resolution doesn't require external action, - then any changes to the connection properties will automatically - mark it as AVAILABLE. - enum: - - CONNECTION_STATE_UNSPECIFIED - - MISSING_CREDENTIALS - - AVAILABLE - - ERROR - errors: + GooglePrivacyDlpV2BigQueryRegexes: + type: object + properties: + patterns: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2BigQueryRegex' description: >- - Output only. Set if status == ERROR, to provide additional details. - Will store the last 10 errors sorted with the most recent first. - readOnly: true + A single BigQuery regular expression pattern to match against one or + more tables, datasets, or projects that contain BigQuery tables. type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Error' - cloudSql: - description: Connect to a Cloud SQL instance. - $ref: '#/components/schemas/GooglePrivacyDlpV2CloudSqlProperties' - GooglePrivacyDlpV2CloudSqlProperties: - id: GooglePrivacyDlpV2CloudSqlProperties - description: Cloud SQL connection properties. - type: object + description: >- + A collection of regular expressions to determine what tables to match + against. + id: GooglePrivacyDlpV2BigQueryRegexes + GoogleTypeTimeOfDay: properties: - connectionName: + minutes: + format: int32 + type: integer description: >- - Optional. Immutable. The Cloud SQL instance for which the connection - is defined. Only one connection per instance is allowed. This can - only be set at creation time, and cannot be updated. It is an error - to use a connection_name from different project or region than the - one that holds the connection. For example, a Connection resource - for Cloud SQL connection_name `project-id:us-central1:sql-instance` - must be created under the parent - `projects/project-id/locations/us-central1` - type: string - usernamePassword: - description: A username and password stored in Secret Manager. - $ref: '#/components/schemas/GooglePrivacyDlpV2SecretManagerCredential' - cloudSqlIam: - description: Built-in IAM authentication (must be configured in Cloud SQL). - $ref: '#/components/schemas/GooglePrivacyDlpV2CloudSqlIamCredential' - maxConnections: + Minutes of an hour. Must be greater than or equal to 0 and less than + or equal to 59. + seconds: + type: integer description: >- - Required. The DLP API will limit its connections to max_connections. - Must be 2 or greater. + Seconds of a minute. Must be greater than or equal to 0 and + typically must be less than or equal to 59. An API may allow the + value 60 if it allows leap-seconds. + format: int32 + hours: type: integer + description: >- + Hours of a day in 24 hour format. Must be greater than or equal to 0 + and typically must be less than or equal to 23. An API may choose to + allow the value "24:00:00" for scenarios like business closing time. format: int32 - databaseEngine: + nanos: description: >- - Required. The database engine used by the Cloud SQL instance that - this connection configures. - type: string - enumDescriptions: - - >- - An engine that is not currently supported by Sensitive Data - Protection. - - Cloud SQL for MySQL instance. - - Cloud SQL for PostgreSQL instance. - enum: - - DATABASE_ENGINE_UNKNOWN - - DATABASE_ENGINE_MYSQL - - DATABASE_ENGINE_POSTGRES - GooglePrivacyDlpV2SecretManagerCredential: - id: GooglePrivacyDlpV2SecretManagerCredential + Fractions of seconds, in nanoseconds. Must be greater than or equal + to 0 and less than or equal to 999,999,999. + format: int32 + type: integer description: >- - A credential consisting of a username and password, where the password - is stored in a Secret Manager resource. Note: Secret Manager [charges - apply](https://cloud.google.com/secret-manager/pricing). + Represents a time of day. The date and time zone are either not + significant or are specified elsewhere. An API may choose to allow leap + seconds. Related types are google.type.Date and + `google.protobuf.Timestamp`. type: object + id: GoogleTypeTimeOfDay + GooglePrivacyDlpV2DocumentFallbackLocation: + description: >- + Configure document processing to fall back to any of the following + processing options if document processing is unavailable in the original + request location. properties: - username: - description: Required. The username. - type: string - passwordSecretVersionName: + globalProcessing: + description: Processing occurs in the global region. + $ref: '#/components/schemas/GooglePrivacyDlpV2GlobalProcessing' + multiRegionProcessing: + $ref: '#/components/schemas/GooglePrivacyDlpV2MultiRegionProcessing' description: >- - Required. The name of the Secret Manager resource that stores the - password, in the form - `projects/project-id/secrets/secret-name/versions/version`. - type: string - GooglePrivacyDlpV2CloudSqlIamCredential: - id: GooglePrivacyDlpV2CloudSqlIamCredential - description: >- - Use IAM authentication to connect. This requires the Cloud SQL IAM - feature to be enabled on the instance, which is not the default for - Cloud SQL. See https://cloud.google.com/sql/docs/postgres/authentication - and https://cloud.google.com/sql/docs/mysql/authentication. + Processing occurs in a multi-region that contains the current region + if available. type: object - properties: {} - GooglePrivacyDlpV2ListConnectionsResponse: - id: GooglePrivacyDlpV2ListConnectionsResponse - description: Response message for ListConnections. + id: GooglePrivacyDlpV2DocumentFallbackLocation + GooglePrivacyDlpV2RelatedResource: + id: GooglePrivacyDlpV2RelatedResource type: object + description: >- + A related resource. Examples: * The source BigQuery table for a Vertex + AI dataset. * The source Cloud Storage bucket for a Vertex AI dataset. properties: - connections: - description: List of connections. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' - nextPageToken: - description: >- - Token to retrieve the next page of results. An empty value means - there are no more results. + fullResource: type: string - GooglePrivacyDlpV2SearchConnectionsResponse: - id: GooglePrivacyDlpV2SearchConnectionsResponse - description: Response message for SearchConnections. + description: The full resource name of the related resource. + GooglePrivacyDlpV2InfoTypeLikelihood: type: object + id: GooglePrivacyDlpV2InfoTypeLikelihood properties: - connections: - description: >- - List of connections that match the search query. Note that only a - subset of the fields will be populated, and only "name" is - guaranteed to be set. For full details of a Connection, call - GetConnection with the name. - type: array - items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' - nextPageToken: + infoType: description: >- - Token to retrieve the next page of results. An empty value means - there are no more results. + Type of information the likelihood threshold applies to. Only one + likelihood per info_type should be provided. If InfoTypeLikelihood + does not have an info_type, the configuration fails. + $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' + minLikelihood: + enum: + - LIKELIHOOD_UNSPECIFIED + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + enumDescriptions: + - Default value; same as POSSIBLE. + - Highest chance of a false positive. + - High chance of a false positive. + - Some matching signals. The default value. + - Low chance of a false positive. + - Confidence level is high. Lowest chance of a false positive. type: string - GooglePrivacyDlpV2UpdateConnectionRequest: - id: GooglePrivacyDlpV2UpdateConnectionRequest - description: Request message for UpdateConnection. - type: object + description: >- + Only returns findings equal to or above this threshold. This field + is required or else the configuration fails. + description: >- + Configuration for setting a minimum likelihood per infotype. Used to + customize the minimum likelihood level for specific infotypes in the + request. For example, use this if you want to lower the precision for + PERSON_NAME without lowering the precision for the other infotypes in + the request. + GooglePrivacyDlpV2UnwrappedCryptoKey: + description: >- + Using raw keys is prone to security risks due to accidentally leaking + the key. Choose another type of key if possible. properties: - connection: - description: Required. The connection with new values for the relevant fields. - $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' - updateMask: - description: Optional. Mask to control which fields get updated. + key: + description: Required. A 128/192/256 bit key. + format: byte type: string - format: google-fieldmask - GooglePrivacyDlpV2DataProfileFinding: - id: GooglePrivacyDlpV2DataProfileFinding - description: >- - Details about a piece of potentially sensitive information that was - detected when the data resource was profiled. + type: object + id: GooglePrivacyDlpV2UnwrappedCryptoKey + GooglePrivacyDlpV2ProjectDataProfile: + id: GooglePrivacyDlpV2ProjectDataProfile type: object properties: - quote: - description: >- - The content that was found. Even if the content is not textual, it - may be converted to a textual representation here. If the finding - exceeds 4096 bytes in length, the quote may be omitted. - type: string - infotype: - description: >- - The [type of - content](https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference) - that might have been found. - $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - quoteInfo: - description: >- - Contains data parsed from quotes. Currently supported infoTypes: - DATE, DATE_OF_BIRTH, and TIME. - $ref: '#/components/schemas/GooglePrivacyDlpV2QuoteInfo' - dataProfileResourceName: - description: Resource name of the data profile associated with the finding. - type: string - findingId: - description: A unique identifier for the finding. + profileStatus: + description: Success or error status of the last attempt to profile the project. + $ref: '#/components/schemas/GooglePrivacyDlpV2ProfileStatus' + fileStoreDataProfileCount: + format: int64 + description: The number of file store data profiles generated for this project. type: string - timestamp: - description: Timestamp when the finding was detected. + profileLastGenerated: type: string format: google-datetime - location: - description: Where the content was found. - $ref: '#/components/schemas/GooglePrivacyDlpV2DataProfileFindingLocation' - resourceVisibility: - description: How broadly a resource has been shared. + description: The last time the profile was generated. + dataRiskLevel: + description: The data risk level of this project. + $ref: '#/components/schemas/GooglePrivacyDlpV2DataRiskLevel' + tableDataProfileCount: + format: int64 type: string - enumDescriptions: - - Unused. - - Visible to any user. - - >- - May contain public items. For example, if a Cloud Storage bucket - has uniform bucket level access disabled, some objects inside it - may be public, but none are known yet. - - Visible only to specific users. - enum: - - RESOURCE_VISIBILITY_UNSPECIFIED - - RESOURCE_VISIBILITY_PUBLIC - - RESOURCE_VISIBILITY_INCONCLUSIVE - - RESOURCE_VISIBILITY_RESTRICTED - fullResourceName: - description: >- - The [full resource - name](https://cloud.google.com/apis/design/resource_names#full_resource_name) - of the resource profiled for this finding. + description: The number of table data profiles generated for this project. + sensitivityScore: + description: The sensitivity score of this project. + $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' + projectId: + description: Project ID or account that was profiled. type: string - dataSourceType: - description: The type of the resource that was profiled. - $ref: '#/components/schemas/GooglePrivacyDlpV2DataSourceType' - GooglePrivacyDlpV2DataProfileFindingLocation: - id: GooglePrivacyDlpV2DataProfileFindingLocation - description: Location of a data profile finding within a resource. + name: + description: The resource name of the profile. + type: string + description: >- + An aggregated profile for this project, based on the resources profiled + within it. + GooglePrivacyDlpV2CloudStorageDiscoveryTarget: type: object properties: - containerName: + disabled: + description: Optional. Disable profiling for buckets that match this filter. + $ref: '#/components/schemas/GooglePrivacyDlpV2Disabled' + generationCadence: description: >- - Name of the container where the finding is located. The top-level - name is the source file name or table name. Names of some common - storage containers are formatted as follows: * BigQuery tables: - `{project_id}:{dataset_id}.{table_id}` * Cloud Storage files: - `gs://{bucket}/{path}` + Optional. How often and when to update profiles. New buckets that + match both the filter and conditions are scanned as quickly as + possible depending on system capacity. + $ref: >- + #/components/schemas/GooglePrivacyDlpV2DiscoveryCloudStorageGenerationCadence + filter: + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryCloudStorageFilter' + description: >- + Required. The buckets the generation_cadence applies to. The first + target with a matching filter will be the one to apply to a bucket. + conditions: + description: >- + Optional. In addition to matching the filter, these conditions must + be true before a profile is generated. + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryFileStoreConditions' + id: GooglePrivacyDlpV2CloudStorageDiscoveryTarget + description: Target used to match against for discovery with Cloud Storage buckets. + GooglePrivacyDlpV2DiscoveryGenerationCadence: + id: GooglePrivacyDlpV2DiscoveryGenerationCadence + properties: + tableModifiedCadence: + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryTableModifiedCadence' + description: Governs when to update data profiles when a table is modified. + refreshFrequency: + description: >- + Frequency at which profiles should be updated, regardless of whether + the underlying resource has changed. Defaults to never. + enum: + - UPDATE_FREQUENCY_UNSPECIFIED + - UPDATE_FREQUENCY_NEVER + - UPDATE_FREQUENCY_DAILY + - UPDATE_FREQUENCY_MONTHLY type: string - dataProfileFindingRecordLocation: + enumDescriptions: + - Unspecified. + - After the data profile is created, it will never be updated. + - The data profile can be updated up to once every 24 hours. + - The data profile can be updated up to once every 30 days. Default. + inspectTemplateModifiedCadence: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2DiscoveryInspectTemplateModifiedCadence description: >- - Location of a finding within a resource that produces a table data - profile. + Governs when to update data profiles when the inspection rules + defined by the `InspectTemplate` change. If not set, changing the + template will not cause a data profile to update. + schemaModifiedCadence: + description: Governs when to update data profiles when a schema is modified. $ref: >- - #/components/schemas/GooglePrivacyDlpV2DataProfileFindingRecordLocation - GooglePrivacyDlpV2DataProfileFindingRecordLocation: - id: GooglePrivacyDlpV2DataProfileFindingRecordLocation + #/components/schemas/GooglePrivacyDlpV2DiscoverySchemaModifiedCadence + type: object description: >- - Location of a finding within a resource that produces a table data - profile. + What must take place for a profile to be updated and how frequently it + should occur. New tables are scanned as quickly as possible depending on + system capacity. + GooglePrivacyDlpV2HybridInspectDlpJobRequest: + id: GooglePrivacyDlpV2HybridInspectDlpJobRequest + description: Request to search for potentially sensitive info in a custom location. type: object properties: - field: - description: Field ID of the column containing the finding. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - GooglePrivacyDlpV2DataProfilePubSubMessage: - id: GooglePrivacyDlpV2DataProfilePubSubMessage - description: >- - Pub/Sub topic message for a DataProfileAction.PubSubNotification event. - To receive a message of protocol buffer schema type, convert the message - data to an object of this proto class. + hybridItem: + description: The item to inspect. + $ref: '#/components/schemas/GooglePrivacyDlpV2HybridContentItem' + GooglePrivacyDlpV2Value: type: object properties: - profile: - description: >- - If `DetailLevel` is `TABLE_PROFILE` this will be fully populated. - Otherwise, if `DetailLevel` is `RESOURCE_NAME`, then only `name` and - `full_resource` will be populated. - $ref: '#/components/schemas/GooglePrivacyDlpV2TableDataProfile' - fileStoreProfile: - description: >- - If `DetailLevel` is `FILE_STORE_PROFILE` this will be fully - populated. Otherwise, if `DetailLevel` is `RESOURCE_NAME`, then only - `name` and `file_store_path` will be populated. - $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreDataProfile' - event: - description: The event that caused the Pub/Sub message to be sent. + booleanValue: + type: boolean + description: boolean + stringValue: type: string - enumDescriptions: - - Unused. - - New profile (not a re-profile). - - >- - One of the following profile metrics changed: Data risk score, - Sensitivity score, Resource visibility, Encryption type, Predicted - infoTypes, Other infoTypes - - Table data risk score or sensitivity score increased. - - A user (non-internal) error occurred. + description: string + floatValue: + description: float + format: double + type: number + dayOfWeekValue: enum: - - EVENT_TYPE_UNSPECIFIED - - NEW_PROFILE - - CHANGED_PROFILE - - SCORE_INCREASED - - ERROR_CHANGED - GooglePrivacyDlpV2DataProfileBigQueryRowSchema: - id: GooglePrivacyDlpV2DataProfileBigQueryRowSchema + - DAY_OF_WEEK_UNSPECIFIED + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + - SUNDAY + enumDescriptions: + - The day of the week is unspecified. + - Monday + - Tuesday + - Wednesday + - Thursday + - Friday + - Saturday + - Sunday + type: string + description: day of week + integerValue: + description: integer + format: int64 + type: string + timeValue: + $ref: '#/components/schemas/GoogleTypeTimeOfDay' + description: time of day + dateValue: + description: date + $ref: '#/components/schemas/GoogleTypeDate' + timestampValue: + description: timestamp + type: string + format: google-datetime + id: GooglePrivacyDlpV2Value description: >- - The schema of data to be saved to the BigQuery table when the - `DataProfileAction` is enabled. + Set of primitive values supported by the system. Note that for the + purposes of inspection or transformation, the number of bytes considered + to comprise a 'Value' is based on its representation as a UTF-8 encoded + string. For example, if 'integer_value' is set to 123456789, the number + of bytes would be counted as 9, even though an int64 only holds up to 8 + bytes of data. + GooglePrivacyDlpV2DeidentifyDataSourceStats: type: object properties: - tableProfile: - description: Table data profile column - $ref: '#/components/schemas/GooglePrivacyDlpV2TableDataProfile' - columnProfile: - description: Column data profile column - $ref: '#/components/schemas/GooglePrivacyDlpV2ColumnDataProfile' - fileStoreProfile: - description: File store data profile column. - $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreDataProfile' - GooglePrivacyDlpV2TransformationDetails: - id: GooglePrivacyDlpV2TransformationDetails - description: >- - Details about a single transformation. This object contains a - description of the transformation, information about whether the - transformation was successfully applied, and the precise location where - the transformation occurred. These details are stored in a - user-specified BigQuery table. + transformedBytes: + format: int64 + type: string + description: Total size in bytes that were transformed in some way. + transformationErrorCount: + format: int64 + type: string + description: Number of errors encountered while trying to apply transformations. + transformationCount: + format: int64 + type: string + description: Number of successfully applied transformations. + id: GooglePrivacyDlpV2DeidentifyDataSourceStats + description: Summary of what was modified during a transformation. + GooglePrivacyDlpV2CategoricalStatsConfig: + id: GooglePrivacyDlpV2CategoricalStatsConfig type: object + description: >- + Compute numerical stats over an individual column, including number of + distinct values and value count distribution. properties: - resourceName: - description: The name of the job that completed the transformation. - type: string - containerName: + field: + $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' description: >- - The top level name of the container where the transformation is - located (this will be the source file name or table name). - type: string - transformation: + Field to compute categorical stats on. All column types are + supported except for arrays and structs. However, it may be more + informative to use NumericalStats when the field type is supported, + depending on the data. + GooglePrivacyDlpV2Location: + description: Specifies the location of the finding. + id: GooglePrivacyDlpV2Location + properties: + codepointRange: description: >- - Description of transformation. This would only contain more than one - element if there were multiple matching transformations and which - one to apply was ambiguous. Not set for states that contain no - transformation, currently only state that contains no transformation - is TransformationResultStateType.METADATA_UNRETRIEVABLE. + Unicode character offsets delimiting the finding. These are relative + to the finding's containing element. Provided when the content is + text. + $ref: '#/components/schemas/GooglePrivacyDlpV2Range' + contentLocations: type: array items: - $ref: '#/components/schemas/GooglePrivacyDlpV2TransformationDescription' - statusDetails: + $ref: '#/components/schemas/GooglePrivacyDlpV2ContentLocation' description: >- - Status of the transformation, if transformation was not successful, - this will specify what caused it to fail, otherwise it will show - that the transformation was successful. - $ref: '#/components/schemas/GooglePrivacyDlpV2TransformationResultStatus' - transformedBytes: + List of nested objects pointing to the precise location of the + finding within the file or record. + container: description: >- - The number of bytes that were transformed. If transformation was - unsuccessful or did not take place because there was no content to - transform, this will be zero. - type: string - format: int64 - transformationLocation: + Information about the container where this finding occurred, if + available. + $ref: '#/components/schemas/GooglePrivacyDlpV2Container' + byteRange: description: >- - The precise location of the transformed content in the original - container. - $ref: '#/components/schemas/GooglePrivacyDlpV2TransformationLocation' - GooglePrivacyDlpV2TransformationDescription: - id: GooglePrivacyDlpV2TransformationDescription - description: >- - A flattened description of a `PrimitiveTransformation` or - `RecordSuppression`. + Zero-based byte offsets delimiting the finding. These are relative + to the finding's containing element. Note that when the content is + not textual, this references the UTF-8 encoded textual + representation of the content. Omitted if content is an image. + $ref: '#/components/schemas/GooglePrivacyDlpV2Range' + type: object + GooglePrivacyDlpV2FileClusterSummary: type: object properties: - type: - description: The transformation type. - type: string - enumDescriptions: - - Unused - - Record suppression - - Replace value - - Replace value using a dictionary. - - Redact - - Character mask - - FFX-FPE - - Fixed size bucketing - - Bucketing - - Replace with info type - - Time part - - Crypto hash - - Date shift - - Deterministic crypto - - Redact image - enum: - - TRANSFORMATION_TYPE_UNSPECIFIED - - RECORD_SUPPRESSION - - REPLACE_VALUE - - REPLACE_DICTIONARY - - REDACT - - CHARACTER_MASK - - CRYPTO_REPLACE_FFX_FPE - - FIXED_SIZE_BUCKETING - - BUCKETING - - REPLACE_WITH_INFO_TYPE - - TIME_PART - - CRYPTO_HASH - - DATE_SHIFT - - CRYPTO_DETERMINISTIC_CONFIG - - REDACT_IMAGE - description: + fileExtensionsScanned: description: >- - A description of the transformation. This is empty for a - RECORD_SUPPRESSION, or is the output of calling toString() on the - `PrimitiveTransformation` protocol buffer message for any other type - of transformation. - type: string - condition: + A sample of file types scanned in this cluster. Empty if no files + were scanned. File extensions can be derived from the file name or + the file content. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2FileExtensionInfo' + type: array + dataRiskLevel: description: >- - A human-readable string representation of the `RecordCondition` - corresponding to this transformation. Set if a `RecordCondition` was - used to determine whether or not to apply this transformation. - Examples: * (age_field > 85) * (age_field <= 18) * (zip_field - exists) * (zip_field == 01234) && (city_field != "Springville") * - (zip_field == 01234) && (age_field <= 18) && (city_field exists) - type: string + The data risk level of this cluster. RISK_LOW if nothing has been + scanned. + $ref: '#/components/schemas/GooglePrivacyDlpV2DataRiskLevel' + fileExtensionsSeen: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2FileExtensionInfo' + description: >- + A sample of file types seen in this cluster. Empty if no files were + seen. File extensions can be derived from the file name or the file + content. + type: array + sensitivityScore: + $ref: '#/components/schemas/GooglePrivacyDlpV2SensitivityScore' + description: >- + The sensitivity score of this cluster. The score will be + SENSITIVITY_LOW if nothing has been scanned. + errors: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2Error' + description: >- + A list of errors detected while scanning this cluster. The list is + truncated to 10 per cluster. + type: array + fileStoreInfoTypeSummaries: + description: InfoTypes detected in this cluster. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreInfoTypeSummary' + type: array + noFilesExist: + description: >- + True if no files exist in this cluster. If the file store had more + files than could be listed, this will be false even if no files for + this cluster were seen and file_extensions_seen is empty. + type: boolean + fileClusterType: + description: The file cluster type. + $ref: '#/components/schemas/GooglePrivacyDlpV2FileClusterType' + id: GooglePrivacyDlpV2FileClusterSummary + description: The file cluster summary. + GooglePrivacyDlpV2OtherInfoTypeSummary: + id: GooglePrivacyDlpV2OtherInfoTypeSummary + properties: infoType: - description: Set if the transformation was limited to a specific `InfoType`. $ref: '#/components/schemas/GooglePrivacyDlpV2InfoType' - GooglePrivacyDlpV2TransformationResultStatus: - id: GooglePrivacyDlpV2TransformationResultStatus - description: The outcome of a transformation. - type: object - properties: - resultStatusType: + description: The other infoType. + estimatedPrevalence: + format: int32 description: >- - Transformation result status type, this will be either SUCCESS, or - it will be the reason for why the transformation was not completely - successful. - type: string - enumDescriptions: - - Unused. - - >- - This will be set when a finding could not be transformed (i.e. - outside user set bucket range). - - >- - This will be set when a BigQuery transformation was successful but - could not be stored back in BigQuery because the transformed row - exceeds BigQuery's max row size. - - >- - This will be set when there is a finding in the custom metadata of - a file, but at the write time of the transformed file, this key / - value pair is unretrievable. - - >- - This will be set when the transformation and storing of it is - successful. - enum: - - STATE_TYPE_UNSPECIFIED - - INVALID_TRANSFORM - - BIGQUERY_MAX_ROW_SIZE_EXCEEDED - - METADATA_UNRETRIEVABLE - - SUCCESS - details: - description: Detailed error codes and messages - $ref: '#/components/schemas/GoogleRpcStatus' - GooglePrivacyDlpV2TransformationLocation: - id: GooglePrivacyDlpV2TransformationLocation - description: Specifies the location of a transformation. + Approximate percentage of non-null rows that contained data detected + by this infotype. + type: integer + excludedFromAnalysis: + description: >- + Whether this infoType was excluded from sensitivity and risk + analysis due to factors such as low prevalence (subject to change). + type: boolean + description: Infotype details for other infoTypes found within a column. + type: object + GooglePrivacyDlpV2DatabaseResourceCollection: type: object properties: - findingId: + includeRegexes: description: >- - For infotype transformations, link to the corresponding findings ID - so that location information does not need to be duplicated. Each - findings ID correlates to an entry in the findings output table, - this table only gets created when users specify to save findings - (add the save findings action to the request). + A collection of regular expressions to match a database resource + against. + $ref: '#/components/schemas/GooglePrivacyDlpV2DatabaseResourceRegexes' + description: >- + Match database resources using regex filters. Examples of database + resources are tables, views, and stored procedures. + id: GooglePrivacyDlpV2DatabaseResourceCollection + GooglePrivacyDlpV2DataSourceType: + id: GooglePrivacyDlpV2DataSourceType + properties: + dataSource: type: string - recordTransformation: description: >- - For record transformations, provide a field and container - information. - $ref: '#/components/schemas/GooglePrivacyDlpV2RecordTransformation' - containerType: + A string that identifies the type of resource being profiled. + Current values: * google/bigquery/table * google/project * + google/sql/table * google/gcs/bucket + type: object + description: Message used to identify the type of resource being profiled. + GooglePrivacyDlpV2DiscoveryConfig: + id: GooglePrivacyDlpV2DiscoveryConfig + properties: + updateTime: + format: google-datetime + description: Output only. The last update timestamp of a DiscoveryConfig. + readOnly: true + type: string + displayName: + type: string + description: Display name (max 100 chars) + errors: + type: array + readOnly: true description: >- - Information about the functionality of the container where this - finding occurred, if available. + Output only. A stream of errors encountered when the config was + activated. Repeated errors may result in the config automatically + being paused. Output only field. Will return the last 100 errors. + Whenever the config is modified this list will be cleared. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2Error' + createTime: + description: Output only. The creation timestamp of a DiscoveryConfig. type: string + readOnly: true + format: google-datetime + inspectTemplates: + items: + type: string + type: array + description: >- + Detection logic for profile generation. Not all template features + are used by Discovery. FindingLimits, include_quote and + exclude_info_types have no impact on Discovery. Multiple templates + may be provided if there is data in multiple regions. At most one + template must be specified per-region (including "global"). Each + region is scanned using the applicable template. If no + region-specific template is specified, but a "global" template is + specified, it will be copied to that region and used instead. If no + global or region-specific template is provided for a region with + data, that region's data will not be scanned. For more information, + see + https://cloud.google.com/sensitive-data-protection/docs/data-profiles#data-residency. + orgConfig: + $ref: '#/components/schemas/GooglePrivacyDlpV2OrgConfig' + description: Only set when the parent is an org. + otherCloudStartingLocation: + description: Must be set only when scanning other clouds. + $ref: >- + #/components/schemas/GooglePrivacyDlpV2OtherCloudDiscoveryStartingLocation + targets: + description: >- + Target to match against for determining what to scan and how + frequently. + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryTarget' + type: array + actions: + items: + $ref: '#/components/schemas/GooglePrivacyDlpV2DataProfileAction' + description: Actions to execute at the completion of scanning. + type: array + status: + description: Required. A status for this configuration. enumDescriptions: - - Unused. - - Body of a file. - - Metadata for a file. - - A table. + - Unused + - The discovery config is currently active. + - The discovery config is paused temporarily. + type: string enum: - - TRANSFORM_UNKNOWN_CONTAINER - - TRANSFORM_BODY - - TRANSFORM_METADATA - - TRANSFORM_TABLE - GooglePrivacyDlpV2RecordTransformation: - id: GooglePrivacyDlpV2RecordTransformation - description: The field in a record to transform. - type: object - properties: - fieldId: - description: For record transformations, provide a field. - $ref: '#/components/schemas/GooglePrivacyDlpV2FieldId' - containerTimestamp: - description: Findings container modification timestamp, if applicable. + - STATUS_UNSPECIFIED + - RUNNING + - PAUSED + lastRunTime: + description: >- + Output only. The timestamp of the last time this config was + executed. type: string format: google-datetime - containerVersion: - description: Container version, if available ("generation" for Cloud Storage). + readOnly: true + processingLocation: + $ref: '#/components/schemas/GooglePrivacyDlpV2ProcessingLocation' + description: >- + Optional. Processing location configuration. Vertex AI dataset + scanning will set processing_location.image_fallback_type to + MultiRegionProcessing by default. + name: type: string - GooglePrivacyDlpV2SaveToGcsFindingsOutput: - id: GooglePrivacyDlpV2SaveToGcsFindingsOutput + description: >- + Unique resource name for the DiscoveryConfig, assigned by the + service when the DiscoveryConfig is created, for example + `projects/dlp-test-project/locations/global/discoveryConfigs/53234423`. description: >- - Collection of findings saved to a Cloud Storage bucket. This is used as - the proto schema for textproto files created when specifying a cloud - storage path to save Inspect findings. + Configuration for discovery to scan resources for profile generation. + Only one discovery configuration may exist per organization, folder, or + project. The generated data profiles are retained according to the [data + retention policy] + (https://cloud.google.com/sensitive-data-protection/docs/data-profiles#retention). type: object + GooglePrivacyDlpV2BucketingConfig: + description: >- + Generalization function that buckets values based on ranges. The ranges + and replacement values are dynamically provided by the user for custom + behavior, such as 1-30 -> LOW, 31-65 -> MEDIUM, 66-100 -> HIGH. This can + be used on data of type: number, long, string, timestamp. If the bound + `Value` type differs from the type of data being transformed, we will + first attempt converting the type of the data to be transformed to match + the type of the bound before comparing. See + https://cloud.google.com/sensitive-data-protection/docs/concepts-bucketing + to learn more. properties: - findings: - description: List of findings. + buckets: type: array items: - $ref: '#/components/schemas/GooglePrivacyDlpV2Finding' - UtilStatusProto: - id: UtilStatusProto - description: Wire-format for a Status object + $ref: '#/components/schemas/GooglePrivacyDlpV2Bucket' + description: Set of buckets. Ranges must be non-overlapping. + id: GooglePrivacyDlpV2BucketingConfig + type: object + GooglePrivacyDlpV2LargeCustomDictionaryStats: + description: Summary statistics of a custom dictionary. type: object properties: - code: - description: >- - Numeric code drawn from the space specified below. Often, this is - the canonical error space, and code is drawn from - google3/util/task/codes.proto copybara:strip_begin(b/383363683) - copybara:strip_end_and_replace optional int32 code = 1; - type: integer - format: int32 - space: - description: >- - copybara:strip_begin(b/383363683) Space to which this status belongs - copybara:strip_end_and_replace optional string space = 2; // Space - to which this status belongs + approxNumPhrases: type: string - message: - description: >- - Detail message copybara:strip_begin(b/383363683) - copybara:strip_end_and_replace optional string message = 3; + description: Approximate number of distinct phrases in the dictionary. + format: int64 + id: GooglePrivacyDlpV2LargeCustomDictionaryStats + GooglePrivacyDlpV2DeidentifyTemplate: + type: object + description: >- + DeidentifyTemplates contains instructions on how to de-identify content. + See + https://cloud.google.com/sensitive-data-protection/docs/concepts-templates + to learn more. + id: GooglePrivacyDlpV2DeidentifyTemplate + properties: + updateTime: + format: google-datetime + readOnly: true + description: Output only. The last update timestamp of an inspectTemplate. + type: string + name: + readOnly: true type: string - canonicalCode: - description: >- - copybara:strip_begin(b/383363683) copybara:strip_end_and_replace - optional int32 canonical_code = 6; - type: integer - format: int32 - messageSet: description: >- - message_set associates an arbitrary proto message with the status. - copybara:strip_begin(b/383363683) copybara:strip_end_and_replace - optional proto2.bridge.MessageSet message_set = 5; - $ref: '#/components/schemas/Proto2BridgeMessageSet' - Proto2BridgeMessageSet: - id: Proto2BridgeMessageSet - deprecated: true + Output only. The template name. The template will have one of the + following formats: + `projects/PROJECT_ID/deidentifyTemplates/TEMPLATE_ID` OR + `organizations/ORGANIZATION_ID/deidentifyTemplates/TEMPLATE_ID` + description: + description: Short description (max 256 chars). + type: string + createTime: + readOnly: true + description: Output only. The creation timestamp of an inspectTemplate. + format: google-datetime + type: string + displayName: + description: Display name (max 256 chars). + type: string + deidentifyConfig: + description: The core content of the template. + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyConfig' + GooglePrivacyDlpV2KMapEstimationResult: + type: object + id: GooglePrivacyDlpV2KMapEstimationResult + description: >- + Result of the reidentifiability analysis. Note that these results are an + estimation, not exact values. + properties: + kMapEstimationHistogram: + items: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2KMapEstimationHistogramBucket + type: array + description: >- + The intervals [min_anonymity, max_anonymity] do not overlap. If a + value doesn't correspond to any such interval, the associated + frequency is zero. For example, the following records: + {min_anonymity: 1, max_anonymity: 1, frequency: 17} {min_anonymity: + 2, max_anonymity: 3, frequency: 42} {min_anonymity: 5, + max_anonymity: 10, frequency: 99} mean that there are no record with + an estimated anonymity of 4, 5, or larger than 10. + GooglePrivacyDlpV2StorageMetadataLabel: + id: GooglePrivacyDlpV2StorageMetadataLabel + properties: + key: + type: string + description: Label name. description: >- - This is proto2's version of MessageSet. DEPRECATED: DO NOT USE FOR NEW - FIELDS. If you are using editions or proto2, please make your own - extendable messages for your use case. If you are using proto3, please - use `Any` instead. MessageSet was the implementation of extensions for - proto1. When proto2 was introduced, extensions were implemented as a - first-class feature. This schema for MessageSet was meant to be a - "bridge" solution to migrate MessageSet-bearing messages from proto1 to - proto2. This schema has been open-sourced only to facilitate the - migration of Google products with MessageSet-bearing messages to - open-source environments. + Storage metadata label to indicate which metadata entry contains + findings. type: object - properties: {} parameters: - access_token: - description: OAuth access token. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: access_token + name: key + schema: + type: string + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser schema: type: string alt: @@ -8671,1220 +8778,1220 @@ components: - json - media - proto - callback: - description: JSONP + _.xgafv: + description: V1 error format. in: query - name: callback + name: $.xgafv schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + enum: + - '1' + - '2' + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: fields + name: uploadType schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: key + name: prettyPrint schema: - type: string + type: boolean oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + access_token: + description: OAuth access token. in: query - name: quotaUser + name: access_token schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + callback: + description: JSONP in: query - name: upload_protocol + name: callback schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: uploadType + name: fields schema: type: string - _.xgafv: - description: V1 error format. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: $.xgafv + name: upload_protocol schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: - content: - id: google.dlp.content - name: content - title: Content + info_types: + id: google.dlp.info_types + name: info_types + title: Info_types methods: - projects_content_inspect: + locations_info_types_list: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1content:inspect/post' + $ref: '#/paths/~1v2~1locations~1{locationsId}~1infoTypes/get' response: mediaType: application/json openAPIDocKey: '200' - projects_content_deidentify: + info_types_list: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1content:deidentify/post' + $ref: '#/paths/~1v2~1infoTypes/get' response: mediaType: application/json openAPIDocKey: '200' - projects_content_reidentify: + projects_locations_info_types_list: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1content:reidentify/post' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1infoTypes/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_content_inspect: + organizations_locations_info_types_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1content:inspect/post + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1infoTypes/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_content_deidentify: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/info_types/methods/projects_locations_info_types_list + - $ref: >- + #/components/x-stackQL-resources/info_types/methods/organizations_locations_info_types_list + - $ref: >- + #/components/x-stackQL-resources/info_types/methods/locations_info_types_list + - $ref: >- + #/components/x-stackQL-resources/info_types/methods/info_types_list + insert: [] + update: [] + replace: [] + delete: [] + stored_info_types: + id: google.dlp.stored_info_types + name: stored_info_types + title: Stored_info_types + methods: + projects_stored_info_types_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1content:deidentify/post + #/paths/~1v2~1projects~1{projectsId}~1storedInfoTypes~1{storedInfoTypesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_content_reidentify: + projects_stored_info_types_patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1content:reidentify/post + #/paths/~1v2~1projects~1{projectsId}~1storedInfoTypes~1{storedInfoTypesId}/patch response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - image: - id: google.dlp.image - name: image - title: Image - methods: - projects_locations_image_redact: + projects_stored_info_types_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1image:redact/post + #/paths/~1v2~1projects~1{projectsId}~1storedInfoTypes~1{storedInfoTypesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_image_redact: + projects_stored_info_types_list: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1image:redact/post' + $ref: '#/paths/~1v2~1projects~1{projectsId}~1storedInfoTypes/get' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - info_types: - id: google.dlp.info_types - name: info_types - title: Info_types - methods: - projects_locations_info_types_list: + objectKey: $.storedInfoTypes + projects_stored_info_types_create: + operation: + $ref: '#/paths/~1v2~1projects~1{projectsId}~1storedInfoTypes/post' + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_stored_info_types_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1infoTypes/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1storedInfoTypes~1{storedInfoTypesId}/get response: mediaType: application/json openAPIDocKey: '200' - info_types_list: + projects_locations_stored_info_types_patch: operation: - $ref: '#/paths/~1v2~1infoTypes/get' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1storedInfoTypes~1{storedInfoTypesId}/patch response: mediaType: application/json openAPIDocKey: '200' - locations_info_types_list: + projects_locations_stored_info_types_delete: operation: - $ref: '#/paths/~1v2~1locations~1{locationsId}~1infoTypes/get' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1storedInfoTypes~1{storedInfoTypesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_info_types_list: + projects_locations_stored_info_types_create: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1infoTypes/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1storedInfoTypes/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/info_types/methods/projects_locations_info_types_list - - $ref: >- - #/components/x-stackQL-resources/info_types/methods/organizations_locations_info_types_list - - $ref: >- - #/components/x-stackQL-resources/info_types/methods/locations_info_types_list - - $ref: >- - #/components/x-stackQL-resources/info_types/methods/info_types_list - insert: [] - update: [] - replace: [] - delete: [] - inspect_templates: - id: google.dlp.inspect_templates - name: inspect_templates - title: Inspect_templates - methods: - projects_locations_inspect_templates_create: + projects_locations_stored_info_types_list: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1storedInfoTypes/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.storedInfoTypes + organizations_locations_stored_info_types_list: + operation: + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1storedInfoTypes/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.storedInfoTypes + organizations_locations_stored_info_types_create: + operation: + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1storedInfoTypes/post + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_locations_stored_info_types_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1inspectTemplates/post + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1storedInfoTypes~1{storedInfoTypesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_inspect_templates_list: + organizations_locations_stored_info_types_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1inspectTemplates/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1storedInfoTypes~1{storedInfoTypesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.inspectTemplates - projects_locations_inspect_templates_patch: + organizations_locations_stored_info_types_patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1inspectTemplates~1{inspectTemplatesId}/patch + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1storedInfoTypes~1{storedInfoTypesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_inspect_templates_get: + organizations_stored_info_types_create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1inspectTemplates~1{inspectTemplatesId}/get + #/paths/~1v2~1organizations~1{organizationsId}~1storedInfoTypes/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_inspect_templates_delete: + organizations_stored_info_types_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1inspectTemplates~1{inspectTemplatesId}/delete + #/paths/~1v2~1organizations~1{organizationsId}~1storedInfoTypes/get response: mediaType: application/json openAPIDocKey: '200' - projects_inspect_templates_create: + objectKey: $.storedInfoTypes + organizations_stored_info_types_get: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1inspectTemplates/post' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1storedInfoTypes~1{storedInfoTypesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_inspect_templates_list: + organizations_stored_info_types_delete: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1inspectTemplates/get' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1storedInfoTypes~1{storedInfoTypesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.inspectTemplates - projects_inspect_templates_patch: + organizations_stored_info_types_patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1inspectTemplates~1{inspectTemplatesId}/patch + #/paths/~1v2~1organizations~1{organizationsId}~1storedInfoTypes~1{storedInfoTypesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_inspect_templates_get: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/projects_locations_stored_info_types_get + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/organizations_locations_stored_info_types_get + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/projects_stored_info_types_get + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/projects_locations_stored_info_types_list + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/organizations_locations_stored_info_types_list + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/organizations_stored_info_types_get + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/projects_stored_info_types_list + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/organizations_stored_info_types_list + insert: + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/projects_locations_stored_info_types_create + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/organizations_locations_stored_info_types_create + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/projects_stored_info_types_create + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/organizations_stored_info_types_create + update: + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/projects_locations_stored_info_types_patch + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/organizations_locations_stored_info_types_patch + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/projects_stored_info_types_patch + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/organizations_stored_info_types_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/projects_locations_stored_info_types_delete + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/organizations_locations_stored_info_types_delete + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/projects_stored_info_types_delete + - $ref: >- + #/components/x-stackQL-resources/stored_info_types/methods/organizations_stored_info_types_delete + content: + id: google.dlp.content + name: content + title: Content + methods: + projects_locations_content_deidentify: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1inspectTemplates~1{inspectTemplatesId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1content:deidentify/post response: mediaType: application/json openAPIDocKey: '200' - projects_inspect_templates_delete: + projects_locations_content_reidentify: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1inspectTemplates~1{inspectTemplatesId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1content:reidentify/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_inspect_templates_create: + projects_locations_content_inspect: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1inspectTemplates/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1content:inspect/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_inspect_templates_list: + projects_content_inspect: operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1inspectTemplates/get + $ref: '#/paths/~1v2~1projects~1{projectsId}~1content:inspect/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.inspectTemplates - organizations_locations_inspect_templates_patch: + projects_content_reidentify: operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1inspectTemplates~1{inspectTemplatesId}/patch + $ref: '#/paths/~1v2~1projects~1{projectsId}~1content:reidentify/post' response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_inspect_templates_get: + projects_content_deidentify: operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1inspectTemplates~1{inspectTemplatesId}/get + $ref: '#/paths/~1v2~1projects~1{projectsId}~1content:deidentify/post' response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_inspect_templates_delete: + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + file_store_data_profiles: + id: google.dlp.file_store_data_profiles + name: file_store_data_profiles + title: File_store_data_profiles + methods: + projects_locations_file_store_data_profiles_delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1inspectTemplates~1{inspectTemplatesId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1fileStoreDataProfiles~1{fileStoreDataProfilesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_inspect_templates_create: + projects_locations_file_store_data_profiles_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1inspectTemplates/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1fileStoreDataProfiles~1{fileStoreDataProfilesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_inspect_templates_list: + projects_locations_file_store_data_profiles_list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1inspectTemplates/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1fileStoreDataProfiles/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.inspectTemplates - organizations_inspect_templates_patch: + objectKey: $.fileStoreDataProfiles + organizations_locations_file_store_data_profiles_delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1inspectTemplates~1{inspectTemplatesId}/patch + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1fileStoreDataProfiles~1{fileStoreDataProfilesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_inspect_templates_get: + organizations_locations_file_store_data_profiles_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1inspectTemplates~1{inspectTemplatesId}/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1fileStoreDataProfiles~1{fileStoreDataProfilesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_inspect_templates_delete: + organizations_locations_file_store_data_profiles_list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1inspectTemplates~1{inspectTemplatesId}/delete + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1fileStoreDataProfiles/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.fileStoreDataProfiles sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/projects_locations_inspect_templates_get - - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/organizations_locations_inspect_templates_get - - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/projects_locations_inspect_templates_list - - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/projects_inspect_templates_get - - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/organizations_locations_inspect_templates_list - - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/organizations_inspect_templates_get - - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/projects_inspect_templates_list - - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/organizations_inspect_templates_list - insert: - - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/projects_locations_inspect_templates_create - - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/organizations_locations_inspect_templates_create - - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/projects_inspect_templates_create - - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/organizations_inspect_templates_create - update: - - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/projects_locations_inspect_templates_patch + #/components/x-stackQL-resources/file_store_data_profiles/methods/projects_locations_file_store_data_profiles_get - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/organizations_locations_inspect_templates_patch + #/components/x-stackQL-resources/file_store_data_profiles/methods/organizations_locations_file_store_data_profiles_get - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/projects_inspect_templates_patch + #/components/x-stackQL-resources/file_store_data_profiles/methods/projects_locations_file_store_data_profiles_list - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/organizations_inspect_templates_patch + #/components/x-stackQL-resources/file_store_data_profiles/methods/organizations_locations_file_store_data_profiles_list + insert: [] + update: [] replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/projects_locations_inspect_templates_delete - - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/organizations_locations_inspect_templates_delete - - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/projects_inspect_templates_delete + #/components/x-stackQL-resources/file_store_data_profiles/methods/projects_locations_file_store_data_profiles_delete - $ref: >- - #/components/x-stackQL-resources/inspect_templates/methods/organizations_inspect_templates_delete - deidentify_templates: - id: google.dlp.deidentify_templates - name: deidentify_templates - title: Deidentify_templates + #/components/x-stackQL-resources/file_store_data_profiles/methods/organizations_locations_file_store_data_profiles_delete + dlp_jobs: + id: google.dlp.dlp_jobs + name: dlp_jobs + title: Dlp_jobs methods: - projects_locations_deidentify_templates_create: + projects_locations_dlp_jobs_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1deidentifyTemplates/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dlpJobs~1{dlpJobsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_deidentify_templates_list: + projects_locations_dlp_jobs_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1deidentifyTemplates/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dlpJobs~1{dlpJobsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.deidentifyTemplates - projects_locations_deidentify_templates_patch: + projects_locations_dlp_jobs_hybrid_inspect: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dlpJobs~1{dlpJobsId}:hybridInspect/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_deidentify_templates_get: + projects_locations_dlp_jobs_cancel: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dlpJobs~1{dlpJobsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_deidentify_templates_delete: + projects_locations_dlp_jobs_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dlpJobs/get response: mediaType: application/json openAPIDocKey: '200' - projects_deidentify_templates_create: + objectKey: $.jobs + projects_locations_dlp_jobs_create: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1deidentifyTemplates/post' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dlpJobs/post response: mediaType: application/json openAPIDocKey: '200' - projects_deidentify_templates_list: + projects_locations_dlp_jobs_finish: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1deidentifyTemplates/get' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dlpJobs~1{dlpJobsId}:finish/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.deidentifyTemplates - projects_deidentify_templates_patch: + projects_dlp_jobs_create: operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/patch + $ref: '#/paths/~1v2~1projects~1{projectsId}~1dlpJobs/post' response: mediaType: application/json openAPIDocKey: '200' - projects_deidentify_templates_get: + projects_dlp_jobs_list: operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/get + $ref: '#/paths/~1v2~1projects~1{projectsId}~1dlpJobs/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.jobs + projects_dlp_jobs_delete: + operation: + $ref: '#/paths/~1v2~1projects~1{projectsId}~1dlpJobs~1{dlpJobsId}/delete' response: mediaType: application/json openAPIDocKey: '200' - projects_deidentify_templates_delete: + projects_dlp_jobs_get: operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/delete + $ref: '#/paths/~1v2~1projects~1{projectsId}~1dlpJobs~1{dlpJobsId}/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_deidentify_templates_create: + projects_dlp_jobs_cancel: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1deidentifyTemplates/post + #/paths/~1v2~1projects~1{projectsId}~1dlpJobs~1{dlpJobsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_deidentify_templates_list: + organizations_locations_dlp_jobs_list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1deidentifyTemplates/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1dlpJobs/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.deidentifyTemplates - organizations_locations_deidentify_templates_patch: + objectKey: $.jobs + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/dlp_jobs/methods/projects_locations_dlp_jobs_get + - $ref: >- + #/components/x-stackQL-resources/dlp_jobs/methods/projects_locations_dlp_jobs_list + - $ref: >- + #/components/x-stackQL-resources/dlp_jobs/methods/projects_dlp_jobs_get + - $ref: >- + #/components/x-stackQL-resources/dlp_jobs/methods/organizations_locations_dlp_jobs_list + - $ref: >- + #/components/x-stackQL-resources/dlp_jobs/methods/projects_dlp_jobs_list + insert: + - $ref: >- + #/components/x-stackQL-resources/dlp_jobs/methods/projects_locations_dlp_jobs_create + - $ref: >- + #/components/x-stackQL-resources/dlp_jobs/methods/projects_dlp_jobs_create + update: [] + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/dlp_jobs/methods/projects_locations_dlp_jobs_delete + - $ref: >- + #/components/x-stackQL-resources/dlp_jobs/methods/projects_dlp_jobs_delete + column_data_profiles: + id: google.dlp.column_data_profiles + name: column_data_profiles + title: Column_data_profiles + methods: + projects_locations_column_data_profiles_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1columnDataProfiles~1{columnDataProfilesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_deidentify_templates_get: + projects_locations_column_data_profiles_list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1columnDataProfiles/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_deidentify_templates_delete: + objectKey: $.columnDataProfiles + organizations_locations_column_data_profiles_list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/delete + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1columnDataProfiles/get response: mediaType: application/json openAPIDocKey: '200' - organizations_deidentify_templates_create: + objectKey: $.columnDataProfiles + organizations_locations_column_data_profiles_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1deidentifyTemplates/post + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1columnDataProfiles~1{columnDataProfilesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_deidentify_templates_list: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/column_data_profiles/methods/projects_locations_column_data_profiles_get + - $ref: >- + #/components/x-stackQL-resources/column_data_profiles/methods/organizations_locations_column_data_profiles_get + - $ref: >- + #/components/x-stackQL-resources/column_data_profiles/methods/projects_locations_column_data_profiles_list + - $ref: >- + #/components/x-stackQL-resources/column_data_profiles/methods/organizations_locations_column_data_profiles_list + insert: [] + update: [] + replace: [] + delete: [] + project_data_profiles: + id: google.dlp.project_data_profiles + name: project_data_profiles + title: Project_data_profiles + methods: + projects_locations_project_data_profiles_list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1deidentifyTemplates/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1projectDataProfiles/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.deidentifyTemplates - organizations_deidentify_templates_patch: + objectKey: $.projectDataProfiles + projects_locations_project_data_profiles_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1projectDataProfiles~1{projectDataProfilesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_deidentify_templates_get: + organizations_locations_project_data_profiles_list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1projectDataProfiles/get response: mediaType: application/json openAPIDocKey: '200' - organizations_deidentify_templates_delete: + objectKey: $.projectDataProfiles + organizations_locations_project_data_profiles_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/delete + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1projectDataProfiles~1{projectDataProfilesId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/projects_locations_deidentify_templates_get - - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/organizations_locations_deidentify_templates_get - - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/projects_locations_deidentify_templates_list - - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/projects_deidentify_templates_get - - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/organizations_locations_deidentify_templates_list - - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/organizations_deidentify_templates_get - - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/projects_deidentify_templates_list - - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/organizations_deidentify_templates_list - insert: - - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/projects_locations_deidentify_templates_create - - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/organizations_locations_deidentify_templates_create - - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/projects_deidentify_templates_create - - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/organizations_deidentify_templates_create - update: - - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/projects_locations_deidentify_templates_patch + #/components/x-stackQL-resources/project_data_profiles/methods/projects_locations_project_data_profiles_get - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/organizations_locations_deidentify_templates_patch + #/components/x-stackQL-resources/project_data_profiles/methods/organizations_locations_project_data_profiles_get - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/projects_deidentify_templates_patch + #/components/x-stackQL-resources/project_data_profiles/methods/projects_locations_project_data_profiles_list - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/organizations_deidentify_templates_patch + #/components/x-stackQL-resources/project_data_profiles/methods/organizations_locations_project_data_profiles_list + insert: [] + update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/projects_locations_deidentify_templates_delete - - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/organizations_locations_deidentify_templates_delete - - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/projects_deidentify_templates_delete - - $ref: >- - #/components/x-stackQL-resources/deidentify_templates/methods/organizations_deidentify_templates_delete - job_triggers: - id: google.dlp.job_triggers - name: job_triggers - title: Job_triggers + delete: [] + inspect_templates: + id: google.dlp.inspect_templates + name: inspect_templates + title: Inspect_templates methods: - projects_locations_job_triggers_create: + projects_locations_inspect_templates_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobTriggers/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1inspectTemplates/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_job_triggers_list: + objectKey: $.inspectTemplates + projects_locations_inspect_templates_create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobTriggers/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1inspectTemplates/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.jobTriggers - projects_locations_job_triggers_patch: + projects_locations_inspect_templates_patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobTriggers~1{jobTriggersId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1inspectTemplates~1{inspectTemplatesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_job_triggers_get: + projects_locations_inspect_templates_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobTriggers~1{jobTriggersId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1inspectTemplates~1{inspectTemplatesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_job_triggers_delete: + projects_locations_inspect_templates_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobTriggers~1{jobTriggersId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1inspectTemplates~1{inspectTemplatesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_job_triggers_hybrid_inspect: + projects_inspect_templates_create: + operation: + $ref: '#/paths/~1v2~1projects~1{projectsId}~1inspectTemplates/post' + response: + mediaType: application/json + openAPIDocKey: '200' + projects_inspect_templates_list: + operation: + $ref: '#/paths/~1v2~1projects~1{projectsId}~1inspectTemplates/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.inspectTemplates + projects_inspect_templates_patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobTriggers~1{jobTriggersId}:hybridInspect/post + #/paths/~1v2~1projects~1{projectsId}~1inspectTemplates~1{inspectTemplatesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_job_triggers_activate: + projects_inspect_templates_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobTriggers~1{jobTriggersId}:activate/post + #/paths/~1v2~1projects~1{projectsId}~1inspectTemplates~1{inspectTemplatesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_job_triggers_create: + projects_inspect_templates_delete: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1jobTriggers/post' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1inspectTemplates~1{inspectTemplatesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_job_triggers_list: + organizations_locations_inspect_templates_patch: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1jobTriggers/get' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1inspectTemplates~1{inspectTemplatesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.jobTriggers - projects_job_triggers_patch: + organizations_locations_inspect_templates_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1jobTriggers~1{jobTriggersId}/patch + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1inspectTemplates~1{inspectTemplatesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_job_triggers_get: + organizations_locations_inspect_templates_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1jobTriggers~1{jobTriggersId}/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1inspectTemplates~1{inspectTemplatesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_job_triggers_delete: + organizations_locations_inspect_templates_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1jobTriggers~1{jobTriggersId}/delete + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1inspectTemplates/get response: mediaType: application/json openAPIDocKey: '200' - projects_job_triggers_activate: + objectKey: $.inspectTemplates + organizations_locations_inspect_templates_create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1jobTriggers~1{jobTriggersId}:activate/post + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1inspectTemplates/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_job_triggers_create: + organizations_inspect_templates_list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1jobTriggers/post + #/paths/~1v2~1organizations~1{organizationsId}~1inspectTemplates/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_job_triggers_list: + objectKey: $.inspectTemplates + organizations_inspect_templates_create: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1jobTriggers/get + #/paths/~1v2~1organizations~1{organizationsId}~1inspectTemplates/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.jobTriggers - organizations_locations_job_triggers_patch: + organizations_inspect_templates_delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1jobTriggers~1{jobTriggersId}/patch + #/paths/~1v2~1organizations~1{organizationsId}~1inspectTemplates~1{inspectTemplatesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_job_triggers_get: + organizations_inspect_templates_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1jobTriggers~1{jobTriggersId}/get + #/paths/~1v2~1organizations~1{organizationsId}~1inspectTemplates~1{inspectTemplatesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_job_triggers_delete: + organizations_inspect_templates_patch: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1jobTriggers~1{jobTriggersId}/delete + #/paths/~1v2~1organizations~1{organizationsId}~1inspectTemplates~1{inspectTemplatesId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/job_triggers/methods/projects_locations_job_triggers_get + #/components/x-stackQL-resources/inspect_templates/methods/projects_locations_inspect_templates_get - $ref: >- - #/components/x-stackQL-resources/job_triggers/methods/organizations_locations_job_triggers_get + #/components/x-stackQL-resources/inspect_templates/methods/organizations_locations_inspect_templates_get + - $ref: >- + #/components/x-stackQL-resources/inspect_templates/methods/projects_locations_inspect_templates_list + - $ref: >- + #/components/x-stackQL-resources/inspect_templates/methods/projects_inspect_templates_get - $ref: >- - #/components/x-stackQL-resources/job_triggers/methods/projects_locations_job_triggers_list + #/components/x-stackQL-resources/inspect_templates/methods/organizations_locations_inspect_templates_list - $ref: >- - #/components/x-stackQL-resources/job_triggers/methods/projects_job_triggers_get + #/components/x-stackQL-resources/inspect_templates/methods/organizations_inspect_templates_get - $ref: >- - #/components/x-stackQL-resources/job_triggers/methods/organizations_locations_job_triggers_list + #/components/x-stackQL-resources/inspect_templates/methods/projects_inspect_templates_list - $ref: >- - #/components/x-stackQL-resources/job_triggers/methods/projects_job_triggers_list + #/components/x-stackQL-resources/inspect_templates/methods/organizations_inspect_templates_list insert: - $ref: >- - #/components/x-stackQL-resources/job_triggers/methods/projects_locations_job_triggers_create + #/components/x-stackQL-resources/inspect_templates/methods/projects_locations_inspect_templates_create - $ref: >- - #/components/x-stackQL-resources/job_triggers/methods/organizations_locations_job_triggers_create + #/components/x-stackQL-resources/inspect_templates/methods/organizations_locations_inspect_templates_create - $ref: >- - #/components/x-stackQL-resources/job_triggers/methods/projects_job_triggers_create + #/components/x-stackQL-resources/inspect_templates/methods/projects_inspect_templates_create + - $ref: >- + #/components/x-stackQL-resources/inspect_templates/methods/organizations_inspect_templates_create update: - $ref: >- - #/components/x-stackQL-resources/job_triggers/methods/projects_locations_job_triggers_patch + #/components/x-stackQL-resources/inspect_templates/methods/projects_locations_inspect_templates_patch - $ref: >- - #/components/x-stackQL-resources/job_triggers/methods/organizations_locations_job_triggers_patch + #/components/x-stackQL-resources/inspect_templates/methods/organizations_locations_inspect_templates_patch - $ref: >- - #/components/x-stackQL-resources/job_triggers/methods/projects_job_triggers_patch + #/components/x-stackQL-resources/inspect_templates/methods/projects_inspect_templates_patch + - $ref: >- + #/components/x-stackQL-resources/inspect_templates/methods/organizations_inspect_templates_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/job_triggers/methods/projects_locations_job_triggers_delete + #/components/x-stackQL-resources/inspect_templates/methods/projects_locations_inspect_templates_delete - $ref: >- - #/components/x-stackQL-resources/job_triggers/methods/organizations_locations_job_triggers_delete + #/components/x-stackQL-resources/inspect_templates/methods/organizations_locations_inspect_templates_delete - $ref: >- - #/components/x-stackQL-resources/job_triggers/methods/projects_job_triggers_delete - discovery_configs: - id: google.dlp.discovery_configs - name: discovery_configs - title: Discovery_configs + #/components/x-stackQL-resources/inspect_templates/methods/projects_inspect_templates_delete + - $ref: >- + #/components/x-stackQL-resources/inspect_templates/methods/organizations_inspect_templates_delete + image: + id: google.dlp.image + name: image + title: Image methods: - projects_locations_discovery_configs_create: + projects_locations_image_redact: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryConfigs/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1image:redact/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_discovery_configs_list: + projects_image_redact: operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryConfigs/get + $ref: '#/paths/~1v2~1projects~1{projectsId}~1image:redact/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.discoveryConfigs - projects_locations_discovery_configs_patch: + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + deidentify_templates: + id: google.dlp.deidentify_templates + name: deidentify_templates + title: Deidentify_templates + methods: + projects_locations_deidentify_templates_patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryConfigs~1{discoveryConfigsId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_discovery_configs_get: + projects_locations_deidentify_templates_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryConfigs~1{discoveryConfigsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_discovery_configs_delete: + projects_locations_deidentify_templates_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryConfigs~1{discoveryConfigsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_discovery_configs_create: + projects_locations_deidentify_templates_list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1discoveryConfigs/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1deidentifyTemplates/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_discovery_configs_list: + objectKey: $.deidentifyTemplates + projects_locations_deidentify_templates_create: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1discoveryConfigs/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1deidentifyTemplates/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.discoveryConfigs - organizations_locations_discovery_configs_patch: + projects_deidentify_templates_delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1discoveryConfigs~1{discoveryConfigsId}/patch + #/paths/~1v2~1projects~1{projectsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_discovery_configs_get: + projects_deidentify_templates_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1discoveryConfigs~1{discoveryConfigsId}/get + #/paths/~1v2~1projects~1{projectsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_discovery_configs_delete: + projects_deidentify_templates_patch: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1discoveryConfigs~1{discoveryConfigsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/patch response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/discovery_configs/methods/projects_locations_discovery_configs_get - - $ref: >- - #/components/x-stackQL-resources/discovery_configs/methods/organizations_locations_discovery_configs_get - - $ref: >- - #/components/x-stackQL-resources/discovery_configs/methods/projects_locations_discovery_configs_list - - $ref: >- - #/components/x-stackQL-resources/discovery_configs/methods/organizations_locations_discovery_configs_list - insert: - - $ref: >- - #/components/x-stackQL-resources/discovery_configs/methods/projects_locations_discovery_configs_create - - $ref: >- - #/components/x-stackQL-resources/discovery_configs/methods/organizations_locations_discovery_configs_create - update: - - $ref: >- - #/components/x-stackQL-resources/discovery_configs/methods/projects_locations_discovery_configs_patch - - $ref: >- - #/components/x-stackQL-resources/discovery_configs/methods/organizations_locations_discovery_configs_patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/discovery_configs/methods/projects_locations_discovery_configs_delete - - $ref: >- - #/components/x-stackQL-resources/discovery_configs/methods/organizations_locations_discovery_configs_delete - dlp_jobs: - id: google.dlp.dlp_jobs - name: dlp_jobs - title: Dlp_jobs - methods: - projects_locations_dlp_jobs_create: + projects_deidentify_templates_create: operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dlpJobs/post + $ref: '#/paths/~1v2~1projects~1{projectsId}~1deidentifyTemplates/post' response: mediaType: application/json openAPIDocKey: '200' - projects_locations_dlp_jobs_list: + projects_deidentify_templates_list: operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dlpJobs/get + $ref: '#/paths/~1v2~1projects~1{projectsId}~1deidentifyTemplates/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.jobs - projects_locations_dlp_jobs_get: + objectKey: $.deidentifyTemplates + organizations_locations_deidentify_templates_create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dlpJobs~1{dlpJobsId}/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1deidentifyTemplates/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_dlp_jobs_delete: + organizations_locations_deidentify_templates_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dlpJobs~1{dlpJobsId}/delete + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1deidentifyTemplates/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_dlp_jobs_cancel: + objectKey: $.deidentifyTemplates + organizations_locations_deidentify_templates_patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dlpJobs~1{dlpJobsId}:cancel/post + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_dlp_jobs_hybrid_inspect: + organizations_locations_deidentify_templates_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dlpJobs~1{dlpJobsId}:hybridInspect/post + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_dlp_jobs_finish: + organizations_locations_deidentify_templates_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1dlpJobs~1{dlpJobsId}:finish/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_dlp_jobs_create: - operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1dlpJobs/post' + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_dlp_jobs_list: + organizations_deidentify_templates_create: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1dlpJobs/get' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1deidentifyTemplates/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.jobs - projects_dlp_jobs_get: + organizations_deidentify_templates_list: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1dlpJobs~1{dlpJobsId}/get' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1deidentifyTemplates/get response: mediaType: application/json openAPIDocKey: '200' - projects_dlp_jobs_delete: + objectKey: $.deidentifyTemplates + organizations_deidentify_templates_patch: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1dlpJobs~1{dlpJobsId}/delete' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_dlp_jobs_cancel: + organizations_deidentify_templates_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1dlpJobs~1{dlpJobsId}:cancel/post + #/paths/~1v2~1organizations~1{organizationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_dlp_jobs_list: + organizations_deidentify_templates_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1dlpJobs/get + #/paths/~1v2~1organizations~1{organizationsId}~1deidentifyTemplates~1{deidentifyTemplatesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.jobs sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/dlp_jobs/methods/projects_locations_dlp_jobs_get + #/components/x-stackQL-resources/deidentify_templates/methods/projects_locations_deidentify_templates_get - $ref: >- - #/components/x-stackQL-resources/dlp_jobs/methods/projects_locations_dlp_jobs_list + #/components/x-stackQL-resources/deidentify_templates/methods/organizations_locations_deidentify_templates_get - $ref: >- - #/components/x-stackQL-resources/dlp_jobs/methods/projects_dlp_jobs_get + #/components/x-stackQL-resources/deidentify_templates/methods/projects_locations_deidentify_templates_list - $ref: >- - #/components/x-stackQL-resources/dlp_jobs/methods/organizations_locations_dlp_jobs_list + #/components/x-stackQL-resources/deidentify_templates/methods/projects_deidentify_templates_get - $ref: >- - #/components/x-stackQL-resources/dlp_jobs/methods/projects_dlp_jobs_list + #/components/x-stackQL-resources/deidentify_templates/methods/organizations_locations_deidentify_templates_list + - $ref: >- + #/components/x-stackQL-resources/deidentify_templates/methods/organizations_deidentify_templates_get + - $ref: >- + #/components/x-stackQL-resources/deidentify_templates/methods/projects_deidentify_templates_list + - $ref: >- + #/components/x-stackQL-resources/deidentify_templates/methods/organizations_deidentify_templates_list insert: - $ref: >- - #/components/x-stackQL-resources/dlp_jobs/methods/projects_locations_dlp_jobs_create + #/components/x-stackQL-resources/deidentify_templates/methods/projects_locations_deidentify_templates_create - $ref: >- - #/components/x-stackQL-resources/dlp_jobs/methods/projects_dlp_jobs_create - update: [] + #/components/x-stackQL-resources/deidentify_templates/methods/organizations_locations_deidentify_templates_create + - $ref: >- + #/components/x-stackQL-resources/deidentify_templates/methods/projects_deidentify_templates_create + - $ref: >- + #/components/x-stackQL-resources/deidentify_templates/methods/organizations_deidentify_templates_create + update: + - $ref: >- + #/components/x-stackQL-resources/deidentify_templates/methods/projects_locations_deidentify_templates_patch + - $ref: >- + #/components/x-stackQL-resources/deidentify_templates/methods/organizations_locations_deidentify_templates_patch + - $ref: >- + #/components/x-stackQL-resources/deidentify_templates/methods/projects_deidentify_templates_patch + - $ref: >- + #/components/x-stackQL-resources/deidentify_templates/methods/organizations_deidentify_templates_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/dlp_jobs/methods/projects_locations_dlp_jobs_delete + #/components/x-stackQL-resources/deidentify_templates/methods/projects_locations_deidentify_templates_delete - $ref: >- - #/components/x-stackQL-resources/dlp_jobs/methods/projects_dlp_jobs_delete - stored_info_types: - id: google.dlp.stored_info_types - name: stored_info_types - title: Stored_info_types - methods: - projects_locations_stored_info_types_create: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1storedInfoTypes/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_stored_info_types_list: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1storedInfoTypes/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.storedInfoTypes - projects_locations_stored_info_types_patch: + #/components/x-stackQL-resources/deidentify_templates/methods/organizations_locations_deidentify_templates_delete + - $ref: >- + #/components/x-stackQL-resources/deidentify_templates/methods/projects_deidentify_templates_delete + - $ref: >- + #/components/x-stackQL-resources/deidentify_templates/methods/organizations_deidentify_templates_delete + job_triggers: + id: google.dlp.job_triggers + name: job_triggers + title: Job_triggers + methods: + projects_locations_job_triggers_patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1storedInfoTypes~1{storedInfoTypesId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobTriggers~1{jobTriggersId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_stored_info_types_get: + projects_locations_job_triggers_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1storedInfoTypes~1{storedInfoTypesId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobTriggers~1{jobTriggersId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_stored_info_types_delete: + projects_locations_job_triggers_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1storedInfoTypes~1{storedInfoTypesId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobTriggers~1{jobTriggersId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_stored_info_types_create: + projects_locations_job_triggers_create: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1storedInfoTypes/post' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobTriggers/post response: mediaType: application/json openAPIDocKey: '200' - projects_stored_info_types_list: + projects_locations_job_triggers_list: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1storedInfoTypes/get' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobTriggers/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.storedInfoTypes - projects_stored_info_types_patch: + objectKey: $.jobTriggers + projects_locations_job_triggers_activate: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1storedInfoTypes~1{storedInfoTypesId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobTriggers~1{jobTriggersId}:activate/post response: mediaType: application/json openAPIDocKey: '200' - projects_stored_info_types_get: + projects_locations_job_triggers_hybrid_inspect: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1storedInfoTypes~1{storedInfoTypesId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobTriggers~1{jobTriggersId}:hybridInspect/post response: mediaType: application/json openAPIDocKey: '200' - projects_stored_info_types_delete: + projects_job_triggers_activate: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1storedInfoTypes~1{storedInfoTypesId}/delete + #/paths/~1v2~1projects~1{projectsId}~1jobTriggers~1{jobTriggersId}:activate/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_stored_info_types_create: + projects_job_triggers_list: operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1storedInfoTypes/post + $ref: '#/paths/~1v2~1projects~1{projectsId}~1jobTriggers/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_stored_info_types_list: + objectKey: $.jobTriggers + projects_job_triggers_create: operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1storedInfoTypes/get + $ref: '#/paths/~1v2~1projects~1{projectsId}~1jobTriggers/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.storedInfoTypes - organizations_locations_stored_info_types_patch: + projects_job_triggers_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1storedInfoTypes~1{storedInfoTypesId}/patch + #/paths/~1v2~1projects~1{projectsId}~1jobTriggers~1{jobTriggersId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_stored_info_types_get: + projects_job_triggers_delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1storedInfoTypes~1{storedInfoTypesId}/get + #/paths/~1v2~1projects~1{projectsId}~1jobTriggers~1{jobTriggersId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_stored_info_types_delete: + projects_job_triggers_patch: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1storedInfoTypes~1{storedInfoTypesId}/delete + #/paths/~1v2~1projects~1{projectsId}~1jobTriggers~1{jobTriggersId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_stored_info_types_create: + organizations_locations_job_triggers_list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1storedInfoTypes/post + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1jobTriggers/get response: mediaType: application/json openAPIDocKey: '200' - organizations_stored_info_types_list: + objectKey: $.jobTriggers + organizations_locations_job_triggers_create: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1storedInfoTypes/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1jobTriggers/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.storedInfoTypes - organizations_stored_info_types_patch: + organizations_locations_job_triggers_patch: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1storedInfoTypes~1{storedInfoTypesId}/patch + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1jobTriggers~1{jobTriggersId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_stored_info_types_get: + organizations_locations_job_triggers_delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1storedInfoTypes~1{storedInfoTypesId}/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1jobTriggers~1{jobTriggersId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_stored_info_types_delete: + organizations_locations_job_triggers_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1storedInfoTypes~1{storedInfoTypesId}/delete + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1jobTriggers~1{jobTriggersId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/projects_locations_stored_info_types_get - - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/organizations_locations_stored_info_types_get - - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/projects_locations_stored_info_types_list + #/components/x-stackQL-resources/job_triggers/methods/projects_locations_job_triggers_get - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/projects_stored_info_types_get + #/components/x-stackQL-resources/job_triggers/methods/organizations_locations_job_triggers_get - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/organizations_locations_stored_info_types_list + #/components/x-stackQL-resources/job_triggers/methods/projects_locations_job_triggers_list - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/organizations_stored_info_types_get + #/components/x-stackQL-resources/job_triggers/methods/projects_job_triggers_get - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/projects_stored_info_types_list + #/components/x-stackQL-resources/job_triggers/methods/organizations_locations_job_triggers_list - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/organizations_stored_info_types_list + #/components/x-stackQL-resources/job_triggers/methods/projects_job_triggers_list insert: - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/projects_locations_stored_info_types_create - - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/organizations_locations_stored_info_types_create + #/components/x-stackQL-resources/job_triggers/methods/projects_locations_job_triggers_create - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/projects_stored_info_types_create + #/components/x-stackQL-resources/job_triggers/methods/organizations_locations_job_triggers_create - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/organizations_stored_info_types_create + #/components/x-stackQL-resources/job_triggers/methods/projects_job_triggers_create update: - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/projects_locations_stored_info_types_patch - - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/organizations_locations_stored_info_types_patch + #/components/x-stackQL-resources/job_triggers/methods/projects_locations_job_triggers_patch - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/projects_stored_info_types_patch + #/components/x-stackQL-resources/job_triggers/methods/organizations_locations_job_triggers_patch - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/organizations_stored_info_types_patch + #/components/x-stackQL-resources/job_triggers/methods/projects_job_triggers_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/projects_locations_stored_info_types_delete - - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/organizations_locations_stored_info_types_delete - - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/projects_stored_info_types_delete - - $ref: >- - #/components/x-stackQL-resources/stored_info_types/methods/organizations_stored_info_types_delete - project_data_profiles: - id: google.dlp.project_data_profiles - name: project_data_profiles - title: Project_data_profiles - methods: - projects_locations_project_data_profiles_list: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1projectDataProfiles/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.projectDataProfiles - projects_locations_project_data_profiles_get: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1projectDataProfiles~1{projectDataProfilesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_locations_project_data_profiles_list: - operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1projectDataProfiles/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.projectDataProfiles - organizations_locations_project_data_profiles_get: - operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1projectDataProfiles~1{projectDataProfilesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/project_data_profiles/methods/projects_locations_project_data_profiles_get - - $ref: >- - #/components/x-stackQL-resources/project_data_profiles/methods/organizations_locations_project_data_profiles_get + #/components/x-stackQL-resources/job_triggers/methods/projects_locations_job_triggers_delete - $ref: >- - #/components/x-stackQL-resources/project_data_profiles/methods/projects_locations_project_data_profiles_list + #/components/x-stackQL-resources/job_triggers/methods/organizations_locations_job_triggers_delete - $ref: >- - #/components/x-stackQL-resources/project_data_profiles/methods/organizations_locations_project_data_profiles_list - insert: [] - update: [] - replace: [] - delete: [] + #/components/x-stackQL-resources/job_triggers/methods/projects_job_triggers_delete table_data_profiles: id: google.dlp.table_data_profiles name: table_data_profiles title: Table_data_profiles methods: - projects_locations_table_data_profiles_list: + projects_locations_table_data_profiles_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1tableDataProfiles/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1tableDataProfiles~1{tableDataProfilesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tableDataProfiles projects_locations_table_data_profiles_get: operation: $ref: >- @@ -9892,13 +9999,14 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_table_data_profiles_delete: + projects_locations_table_data_profiles_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1tableDataProfiles~1{tableDataProfilesId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1tableDataProfiles/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.tableDataProfiles organizations_locations_table_data_profiles_list: operation: $ref: >- @@ -9907,17 +10015,17 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.tableDataProfiles - organizations_locations_table_data_profiles_get: + organizations_locations_table_data_profiles_delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1tableDataProfiles~1{tableDataProfilesId}/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1tableDataProfiles~1{tableDataProfilesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_table_data_profiles_delete: + organizations_locations_table_data_profiles_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1tableDataProfiles~1{tableDataProfilesId}/delete + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1tableDataProfiles~1{tableDataProfilesId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -9939,134 +10047,114 @@ components: #/components/x-stackQL-resources/table_data_profiles/methods/projects_locations_table_data_profiles_delete - $ref: >- #/components/x-stackQL-resources/table_data_profiles/methods/organizations_locations_table_data_profiles_delete - column_data_profiles: - id: google.dlp.column_data_profiles - name: column_data_profiles - title: Column_data_profiles + discovery_configs: + id: google.dlp.discovery_configs + name: discovery_configs + title: Discovery_configs methods: - projects_locations_column_data_profiles_list: + projects_locations_discovery_configs_patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1columnDataProfiles/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryConfigs~1{discoveryConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.columnDataProfiles - projects_locations_column_data_profiles_get: + projects_locations_discovery_configs_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1columnDataProfiles~1{columnDataProfilesId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryConfigs~1{discoveryConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_column_data_profiles_list: + projects_locations_discovery_configs_delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1columnDataProfiles/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryConfigs~1{discoveryConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.columnDataProfiles - organizations_locations_column_data_profiles_get: + projects_locations_discovery_configs_create: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1columnDataProfiles~1{columnDataProfilesId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryConfigs/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/column_data_profiles/methods/projects_locations_column_data_profiles_get - - $ref: >- - #/components/x-stackQL-resources/column_data_profiles/methods/organizations_locations_column_data_profiles_get - - $ref: >- - #/components/x-stackQL-resources/column_data_profiles/methods/projects_locations_column_data_profiles_list - - $ref: >- - #/components/x-stackQL-resources/column_data_profiles/methods/organizations_locations_column_data_profiles_list - insert: [] - update: [] - replace: [] - delete: [] - file_store_data_profiles: - id: google.dlp.file_store_data_profiles - name: file_store_data_profiles - title: File_store_data_profiles - methods: - projects_locations_file_store_data_profiles_list: + projects_locations_discovery_configs_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1fileStoreDataProfiles/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryConfigs/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.fileStoreDataProfiles - projects_locations_file_store_data_profiles_get: + objectKey: $.discoveryConfigs + organizations_locations_discovery_configs_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1fileStoreDataProfiles~1{fileStoreDataProfilesId}/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1discoveryConfigs~1{discoveryConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_file_store_data_profiles_delete: + organizations_locations_discovery_configs_patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1fileStoreDataProfiles~1{fileStoreDataProfilesId}/delete + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1discoveryConfigs~1{discoveryConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_file_store_data_profiles_list: + organizations_locations_discovery_configs_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1fileStoreDataProfiles/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1discoveryConfigs~1{discoveryConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.fileStoreDataProfiles - organizations_locations_file_store_data_profiles_get: + organizations_locations_discovery_configs_list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1fileStoreDataProfiles~1{fileStoreDataProfilesId}/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1discoveryConfigs/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_file_store_data_profiles_delete: + objectKey: $.discoveryConfigs + organizations_locations_discovery_configs_create: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1fileStoreDataProfiles~1{fileStoreDataProfilesId}/delete + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1discoveryConfigs/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/file_store_data_profiles/methods/projects_locations_file_store_data_profiles_get + #/components/x-stackQL-resources/discovery_configs/methods/projects_locations_discovery_configs_get - $ref: >- - #/components/x-stackQL-resources/file_store_data_profiles/methods/organizations_locations_file_store_data_profiles_get + #/components/x-stackQL-resources/discovery_configs/methods/organizations_locations_discovery_configs_get - $ref: >- - #/components/x-stackQL-resources/file_store_data_profiles/methods/projects_locations_file_store_data_profiles_list + #/components/x-stackQL-resources/discovery_configs/methods/projects_locations_discovery_configs_list - $ref: >- - #/components/x-stackQL-resources/file_store_data_profiles/methods/organizations_locations_file_store_data_profiles_list - insert: [] - update: [] + #/components/x-stackQL-resources/discovery_configs/methods/organizations_locations_discovery_configs_list + insert: + - $ref: >- + #/components/x-stackQL-resources/discovery_configs/methods/projects_locations_discovery_configs_create + - $ref: >- + #/components/x-stackQL-resources/discovery_configs/methods/organizations_locations_discovery_configs_create + update: + - $ref: >- + #/components/x-stackQL-resources/discovery_configs/methods/projects_locations_discovery_configs_patch + - $ref: >- + #/components/x-stackQL-resources/discovery_configs/methods/organizations_locations_discovery_configs_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/file_store_data_profiles/methods/projects_locations_file_store_data_profiles_delete + #/components/x-stackQL-resources/discovery_configs/methods/projects_locations_discovery_configs_delete - $ref: >- - #/components/x-stackQL-resources/file_store_data_profiles/methods/organizations_locations_file_store_data_profiles_delete + #/components/x-stackQL-resources/discovery_configs/methods/organizations_locations_discovery_configs_delete connections: id: google.dlp.connections name: connections title: Connections methods: - projects_locations_connections_create: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections/post - response: - mediaType: application/json - openAPIDocKey: '200' projects_locations_connections_list: operation: $ref: >- @@ -10075,10 +10163,10 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.connections - projects_locations_connections_get: + projects_locations_connections_create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections/post response: mediaType: application/json openAPIDocKey: '200' @@ -10089,6 +10177,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + projects_locations_connections_get: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' projects_locations_connections_patch: operation: $ref: >- @@ -10118,24 +10213,24 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.connections - organizations_locations_connections_get: + organizations_locations_connections_patch: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1connections~1{connectionsId}/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1connections~1{connectionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_connections_delete: + organizations_locations_connections_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1connections~1{connectionsId}/delete + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1connections~1{connectionsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_connections_patch: + organizations_locations_connections_delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1connections~1{connectionsId}/patch + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1connections~1{connectionsId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -10173,36 +10268,246 @@ components: - $ref: >- #/components/x-stackQL-resources/connections/methods/organizations_locations_connections_delete paths: - /v2/projects/{projectsId}/content:inspect: + /v2/locations/{locationsId}/infoTypes: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + get: + description: >- + Returns a list of the sensitive information types that the DLP API + supports. See + https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference + to learn more. + operationId: dlp.locations.infoTypes.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GooglePrivacyDlpV2ListInfoTypesResponse' + parameters: + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: languageCode + schema: + type: string + - in: query + name: locationId + schema: + type: string + /v2/infoTypes: + parameters: *ref_1 + get: + description: >- + Returns a list of the sensitive information types that the DLP API + supports. See + https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference + to learn more. + operationId: dlp.infoTypes.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GooglePrivacyDlpV2ListInfoTypesResponse' + parameters: + - in: query + name: parent + schema: + type: string + - in: query + name: languageCode + schema: + type: string + - in: query + name: locationId + schema: + type: string + - in: query + name: filter + schema: + type: string + /v2/projects/{projectsId}/storedInfoTypes/{storedInfoTypesId}: + parameters: *ref_1 + delete: + description: >- + Deletes a stored infoType. See + https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + to learn more. + operationId: dlp.projects.storedInfoTypes.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: storedInfoTypesId + required: true + schema: + type: string + patch: + description: >- + Updates the stored infoType by creating a new version. The existing + version will continue to be used until the new version is ready. See + https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + to learn more. + operationId: dlp.projects.storedInfoTypes.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2UpdateStoredInfoTypeRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: storedInfoTypesId + required: true + schema: + type: string + get: + description: >- + Gets a stored infoType. See + https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + to learn more. + operationId: dlp.projects.storedInfoTypes.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: storedInfoTypesId + required: true + schema: + type: string + /v2/projects/{projectsId}/storedInfoTypes: + parameters: *ref_1 + get: + description: >- + Lists stored infoTypes. See + https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + to learn more. + operationId: dlp.projects.storedInfoTypes.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2ListStoredInfoTypesResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: query + name: locationId + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 post: description: >- - Finds potentially sensitive info in content. This method has limits on - input size, processing time, and output size. When no InfoTypes or - CustomInfoTypes are specified in this request, the system will - automatically choose what detectors to run. By default this may be all - types, but may change over time as detectors are updated. For how to - guides, see - https://cloud.google.com/sensitive-data-protection/docs/inspecting-images - and - https://cloud.google.com/sensitive-data-protection/docs/inspecting-text, - operationId: dlp.projects.content.inspect + Creates a pre-built stored infoType to be used for inspection. See + https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + to learn more. + operationId: dlp.projects.storedInfoTypes.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectContentRequest' + $ref: >- + #/components/schemas/GooglePrivacyDlpV2CreateStoredInfoTypeRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10214,14 +10519,14 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectContentResponse' + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' parameters: - in: path name: projectsId required: true schema: type: string - /v2/projects/{projectsId}/content:deidentify: + /v2/projects/{projectsId}/locations/{locationsId}/content:deidentify: parameters: *ref_1 post: description: >- @@ -10232,7 +10537,7 @@ paths: this request, the system will automatically choose what detectors to run. By default this may be all types, but may change over time as detectors are updated. - operationId: dlp.projects.content.deidentify + operationId: dlp.projects.locations.content.deidentify requestBody: content: application/json: @@ -10257,14 +10562,19 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/content:reidentify: + - in: path + name: locationsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/content:reidentify: parameters: *ref_1 post: description: >- Re-identifies content that has been de-identified. See https://cloud.google.com/sensitive-data-protection/docs/pseudonymization#re-identification_in_free_text_code_example to learn more. - operationId: dlp.projects.content.reidentify + operationId: dlp.projects.locations.content.reidentify requestBody: content: application/json: @@ -10289,6 +10599,11 @@ paths: required: true schema: type: string + - in: path + name: locationsId + required: true + schema: + type: string /v2/projects/{projectsId}/locations/{locationsId}/content:inspect: parameters: *ref_1 post: @@ -10331,23 +10646,14 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/content:deidentify: + /v2/projects/{projectsId}/locations/{locationsId}/fileStoreDataProfiles/{fileStoreDataProfilesId}: parameters: *ref_1 - post: + delete: description: >- - De-identifies potentially sensitive info from a ContentItem. This method - has limits on input size and output size. See - https://cloud.google.com/sensitive-data-protection/docs/deidentify-sensitive-data - to learn more. When no InfoTypes or CustomInfoTypes are specified in - this request, the system will automatically choose what detectors to - run. By default this may be all types, but may change over time as - detectors are updated. - operationId: dlp.projects.locations.content.deidentify - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyContentRequest' + Delete a FileStoreDataProfile. Will not prevent the profile from being + regenerated if the resource is still included in a discovery + configuration. + operationId: dlp.projects.locations.fileStoreDataProfiles.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10359,8 +10665,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2DeidentifyContentResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -10372,19 +10677,47 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/content:reidentify: + - in: path + name: fileStoreDataProfilesId + required: true + schema: + type: string + get: + description: Gets a file store data profile. + operationId: dlp.projects.locations.fileStoreDataProfiles.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreDataProfile' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: fileStoreDataProfilesId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/fileStoreDataProfiles: parameters: *ref_1 - post: - description: >- - Re-identifies content that has been de-identified. See - https://cloud.google.com/sensitive-data-protection/docs/pseudonymization#re-identification_in_free_text_code_example - to learn more. - operationId: dlp.projects.locations.content.reidentify - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ReidentifyContentRequest' + get: + description: Lists file store data profiles for an organization. + operationId: dlp.projects.locations.fileStoreDataProfiles.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10397,7 +10730,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GooglePrivacyDlpV2ReidentifyContentResponse + #/components/schemas/GooglePrivacyDlpV2ListFileStoreDataProfilesResponse parameters: - in: path name: projectsId @@ -10409,24 +10742,33 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/image:redact: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/dlpJobs/{dlpJobsId}: parameters: *ref_1 - post: + get: description: >- - Redacts potentially sensitive info from an image. This method has limits - on input size, processing time, and output size. See - https://cloud.google.com/sensitive-data-protection/docs/redacting-sensitive-data-images - to learn more. When no InfoTypes or CustomInfoTypes are specified in - this request, the system will automatically choose what detectors to - run. By default this may be all types, but may change over time as - detectors are updated. Only the first frame of each multiframe image is - redacted. Metadata and other frames are omitted in the response. - operationId: dlp.projects.locations.image.redact - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2RedactImageRequest' + Gets the latest state of a long-running DlpJob. See + https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage + and + https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis + to learn more. + operationId: dlp.projects.locations.dlpJobs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10438,7 +10780,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2RedactImageResponse' + $ref: '#/components/schemas/GooglePrivacyDlpV2DlpJob' parameters: - in: path name: projectsId @@ -10450,15 +10792,21 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/infoTypes: - parameters: *ref_1 - get: + - in: path + name: dlpJobsId + required: true + schema: + type: string + delete: description: >- - Returns a list of the sensitive information types that the DLP API - supports. See - https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference + Deletes a long-running DlpJob. This method indicates that the client is + no longer interested in the DlpJob result. The job will be canceled if + possible. See + https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage + and + https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis to learn more. - operationId: dlp.projects.locations.infoTypes.list + operationId: dlp.projects.locations.dlpJobs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10470,7 +10818,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ListInfoTypesResponse' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -10482,33 +10830,69 @@ paths: required: true schema: type: string - - in: query - name: languageCode + - in: path + name: dlpJobsId + required: true schema: type: string - - in: query - name: filter + /v2/projects/{projectsId}/locations/{locationsId}/dlpJobs/{dlpJobsId}:hybridInspect: + parameters: *ref_1 + post: + description: >- + Inspect hybrid content and store findings to a job. To review the + findings, inspect the job. Inspection will occur asynchronously. + operationId: dlp.projects.locations.dlpJobs.hybridInspect + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2HybridInspectDlpJobRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GooglePrivacyDlpV2HybridInspectResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: locationId + - in: path + name: dlpJobsId + required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/inspectTemplates: + /v2/projects/{projectsId}/locations/{locationsId}/dlpJobs/{dlpJobsId}:cancel: parameters: *ref_1 post: description: >- - Creates an InspectTemplate for reusing frequently used configuration for - inspecting content, images, and storage. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates + Starts asynchronous cancellation on a long-running DlpJob. The server + makes a best effort to cancel the DlpJob, but success is not guaranteed. + See + https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage + and + https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis to learn more. - operationId: dlp.projects.locations.inspectTemplates.create + operationId: dlp.projects.locations.dlpJobs.cancel requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2CreateInspectTemplateRequest + $ref: '#/components/schemas/GooglePrivacyDlpV2CancelDlpJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10520,7 +10904,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -10532,12 +10916,21 @@ paths: required: true schema: type: string + - in: path + name: dlpJobsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/dlpJobs: + parameters: *ref_1 get: description: >- - Lists InspectTemplates. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates + Lists DlpJobs that match the specified filter in the request. See + https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage + and + https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis to learn more. - operationId: dlp.projects.locations.inspectTemplates.list + operationId: dlp.projects.locations.dlpJobs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10549,8 +10942,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListInspectTemplatesResponse + $ref: '#/components/schemas/GooglePrivacyDlpV2ListDlpJobsResponse' parameters: - in: path name: projectsId @@ -10563,7 +10955,7 @@ paths: schema: type: string - in: query - name: pageToken + name: orderBy schema: type: string - in: query @@ -10572,27 +10964,37 @@ paths: type: integer format: int32 - in: query - name: orderBy + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: type schema: type: string - in: query name: locationId schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/inspectTemplates/{inspectTemplatesId}: - parameters: *ref_1 - patch: + post: description: >- - Updates the InspectTemplate. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates - to learn more. - operationId: dlp.projects.locations.inspectTemplates.patch + Creates a new job to inspect storage or calculate risk metrics. See + https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage + and + https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis + to learn more. When no InfoTypes or CustomInfoTypes are specified in + inspect jobs, the system will automatically choose what detectors to + run. By default this may be all types, but may change over time as + detectors are updated. + operationId: dlp.projects.locations.dlpJobs.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2UpdateInspectTemplateRequest + $ref: '#/components/schemas/GooglePrivacyDlpV2CreateDlpJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10604,7 +11006,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' + $ref: '#/components/schemas/GooglePrivacyDlpV2DlpJob' parameters: - in: path name: projectsId @@ -10616,17 +11018,18 @@ paths: required: true schema: type: string - - in: path - name: inspectTemplatesId - required: true - schema: - type: string - get: + /v2/projects/{projectsId}/locations/{locationsId}/dlpJobs/{dlpJobsId}:finish: + parameters: *ref_1 + post: description: >- - Gets an InspectTemplate. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates - to learn more. - operationId: dlp.projects.locations.inspectTemplates.get + Finish a running hybrid DlpJob. Triggers the finalization steps and + running of any enabled actions that have not yet run. + operationId: dlp.projects.locations.dlpJobs.finish + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GooglePrivacyDlpV2FinishDlpJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10638,7 +11041,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -10651,16 +11054,15 @@ paths: schema: type: string - in: path - name: inspectTemplatesId + name: dlpJobsId required: true schema: type: string - delete: - description: >- - Deletes an InspectTemplate. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates - to learn more. - operationId: dlp.projects.locations.inspectTemplates.delete + /v2/projects/{projectsId}/locations/{locationsId}/columnDataProfiles/{columnDataProfilesId}: + parameters: *ref_1 + get: + description: Gets a column data profile. + operationId: dlp.projects.locations.columnDataProfiles.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10672,7 +11074,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2ColumnDataProfile' parameters: - in: path name: projectsId @@ -10685,25 +11087,15 @@ paths: schema: type: string - in: path - name: inspectTemplatesId + name: columnDataProfilesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/deidentifyTemplates: + /v2/projects/{projectsId}/locations/{locationsId}/columnDataProfiles: parameters: *ref_1 - post: - description: >- - Creates a DeidentifyTemplate for reusing frequently used configuration - for de-identifying content, images, and storage. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid - to learn more. - operationId: dlp.projects.locations.deidentifyTemplates.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2CreateDeidentifyTemplateRequest + get: + description: Lists column data profiles for an organization. + operationId: dlp.projects.locations.columnDataProfiles.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10715,7 +11107,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' + $ref: >- + #/components/schemas/GooglePrivacyDlpV2ListColumnDataProfilesResponse parameters: - in: path name: projectsId @@ -10727,12 +11120,28 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/projectDataProfiles: + parameters: *ref_1 get: - description: >- - Lists DeidentifyTemplates. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid - to learn more. - operationId: dlp.projects.locations.deidentifyTemplates.list + description: Lists project data profiles for an organization. + operationId: dlp.projects.locations.projectDataProfiles.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10745,7 +11154,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListDeidentifyTemplatesResponse + #/components/schemas/GooglePrivacyDlpV2ListProjectDataProfilesResponse parameters: - in: path name: projectsId @@ -10757,10 +11166,6 @@ paths: required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - in: query name: pageSize schema: @@ -10771,23 +11176,18 @@ paths: schema: type: string - in: query - name: locationId + name: filter schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/deidentifyTemplates/{deidentifyTemplatesId}: + - in: query + name: pageToken + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/projectDataProfiles/{projectDataProfilesId}: parameters: *ref_1 - patch: - description: >- - Updates the DeidentifyTemplate. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid - to learn more. - operationId: dlp.projects.locations.deidentifyTemplates.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2UpdateDeidentifyTemplateRequest + get: + description: Gets a project data profile. + operationId: dlp.projects.locations.projectDataProfiles.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10799,7 +11199,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' + $ref: '#/components/schemas/GooglePrivacyDlpV2ProjectDataProfile' parameters: - in: path name: projectsId @@ -10812,16 +11212,18 @@ paths: schema: type: string - in: path - name: deidentifyTemplatesId + name: projectDataProfilesId required: true schema: type: string + /v2/projects/{projectsId}/locations/{locationsId}/inspectTemplates: + parameters: *ref_1 get: description: >- - Gets a DeidentifyTemplate. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid + Lists InspectTemplates. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates to learn more. - operationId: dlp.projects.locations.deidentifyTemplates.get + operationId: dlp.projects.locations.inspectTemplates.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10833,7 +11235,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' + $ref: >- + #/components/schemas/GooglePrivacyDlpV2ListInspectTemplatesResponse parameters: - in: path name: projectsId @@ -10845,59 +11248,36 @@ paths: required: true schema: type: string - - in: path - name: deidentifyTemplatesId - required: true + - in: query + name: pageSize schema: - type: string - delete: - description: >- - Deletes a DeidentifyTemplate. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid - to learn more. - operationId: dlp.projects.locations.deidentifyTemplates.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' - parameters: - - in: path - name: projectsId - required: true + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: locationId schema: type: string - - in: path - name: deidentifyTemplatesId - required: true + - in: query + name: orderBy schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/jobTriggers: - parameters: *ref_1 post: description: >- - Creates a job trigger to run DLP actions such as scanning storage for - sensitive information on a set schedule. See - https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + Creates an InspectTemplate for reusing frequently used configuration for + inspecting content, images, and storage. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates to learn more. - operationId: dlp.projects.locations.jobTriggers.create + operationId: dlp.projects.locations.inspectTemplates.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2CreateJobTriggerRequest' + $ref: >- + #/components/schemas/GooglePrivacyDlpV2CreateInspectTemplateRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10909,7 +11289,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' parameters: - in: path name: projectsId @@ -10921,12 +11301,20 @@ paths: required: true schema: type: string - get: + /v2/projects/{projectsId}/locations/{locationsId}/inspectTemplates/{inspectTemplatesId}: + parameters: *ref_1 + patch: description: >- - Lists job triggers. See - https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + Updates the InspectTemplate. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates to learn more. - operationId: dlp.projects.locations.jobTriggers.list + operationId: dlp.projects.locations.inspectTemplates.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2UpdateInspectTemplateRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10938,7 +11326,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ListJobTriggersResponse' + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' parameters: - in: path name: projectsId @@ -10950,44 +11338,17 @@ paths: required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: orderBy - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: type - schema: - type: string - - in: query - name: locationId + - in: path + name: inspectTemplatesId + required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/jobTriggers/{jobTriggersId}: - parameters: *ref_1 - patch: + delete: description: >- - Updates a job trigger. See - https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + Deletes an InspectTemplate. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates to learn more. - operationId: dlp.projects.locations.jobTriggers.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2UpdateJobTriggerRequest' + operationId: dlp.projects.locations.inspectTemplates.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10999,7 +11360,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -11012,16 +11373,16 @@ paths: schema: type: string - in: path - name: jobTriggersId + name: inspectTemplatesId required: true schema: type: string get: description: >- - Gets a job trigger. See - https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + Gets an InspectTemplate. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates to learn more. - operationId: dlp.projects.locations.jobTriggers.get + operationId: dlp.projects.locations.inspectTemplates.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11033,7 +11394,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' parameters: - in: path name: projectsId @@ -11046,16 +11407,18 @@ paths: schema: type: string - in: path - name: jobTriggersId + name: inspectTemplatesId required: true schema: type: string - delete: + /v2/projects/{projectsId}/locations/{locationsId}/storedInfoTypes/{storedInfoTypesId}: + parameters: *ref_1 + get: description: >- - Deletes a job trigger. See - https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + Gets a stored infoType. See + https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes to learn more. - operationId: dlp.projects.locations.jobTriggers.delete + operationId: dlp.projects.locations.storedInfoTypes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11067,7 +11430,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' parameters: - in: path name: projectsId @@ -11080,24 +11443,23 @@ paths: schema: type: string - in: path - name: jobTriggersId + name: storedInfoTypesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/jobTriggers/{jobTriggersId}:hybridInspect: - parameters: *ref_1 - post: + patch: description: >- - Inspect hybrid content and store findings to a trigger. The inspection - will be processed asynchronously. To review the findings monitor the - jobs within the trigger. - operationId: dlp.projects.locations.jobTriggers.hybridInspect + Updates the stored infoType by creating a new version. The existing + version will continue to be used until the new version is ready. See + https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + to learn more. + operationId: dlp.projects.locations.storedInfoTypes.patch requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GooglePrivacyDlpV2HybridInspectJobTriggerRequest + #/components/schemas/GooglePrivacyDlpV2UpdateStoredInfoTypeRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11109,7 +11471,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2HybridInspectResponse' + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' parameters: - in: path name: projectsId @@ -11122,22 +11484,16 @@ paths: schema: type: string - in: path - name: jobTriggersId + name: storedInfoTypesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/jobTriggers/{jobTriggersId}:activate: - parameters: *ref_1 - post: + delete: description: >- - Activate a job trigger. Causes the immediate execute of a trigger - instead of waiting on the trigger event to occur. - operationId: dlp.projects.locations.jobTriggers.activate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ActivateJobTriggerRequest' + Deletes a stored infoType. See + https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + to learn more. + operationId: dlp.projects.locations.storedInfoTypes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11149,7 +11505,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DlpJob' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -11162,21 +11518,24 @@ paths: schema: type: string - in: path - name: jobTriggersId + name: storedInfoTypesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/discoveryConfigs: + /v2/projects/{projectsId}/locations/{locationsId}/storedInfoTypes: parameters: *ref_1 post: - description: Creates a config for discovery to scan and profile storage. - operationId: dlp.projects.locations.discoveryConfigs.create + description: >- + Creates a pre-built stored infoType to be used for inspection. See + https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + to learn more. + operationId: dlp.projects.locations.storedInfoTypes.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GooglePrivacyDlpV2CreateDiscoveryConfigRequest + #/components/schemas/GooglePrivacyDlpV2CreateStoredInfoTypeRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11188,7 +11547,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' parameters: - in: path name: projectsId @@ -11201,8 +11560,11 @@ paths: schema: type: string get: - description: Lists discovery configurations. - operationId: dlp.projects.locations.discoveryConfigs.list + description: >- + Lists stored infoTypes. See + https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + to learn more. + operationId: dlp.projects.locations.storedInfoTypes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11215,7 +11577,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListDiscoveryConfigsResponse + #/components/schemas/GooglePrivacyDlpV2ListStoredInfoTypesResponse parameters: - in: path name: projectsId @@ -11228,7 +11590,7 @@ paths: schema: type: string - in: query - name: pageToken + name: orderBy schema: type: string - in: query @@ -11237,20 +11599,31 @@ paths: type: integer format: int32 - in: query - name: orderBy + name: pageToken schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/discoveryConfigs/{discoveryConfigsId}: + - in: query + name: locationId + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/image:redact: parameters: *ref_1 - patch: - description: Updates a discovery configuration. - operationId: dlp.projects.locations.discoveryConfigs.patch + post: + description: >- + Redacts potentially sensitive info from an image. This method has limits + on input size, processing time, and output size. See + https://cloud.google.com/sensitive-data-protection/docs/redacting-sensitive-data-images + to learn more. When no InfoTypes or CustomInfoTypes are specified in + this request, the system will automatically choose what detectors to + run. By default this may be all types, but may change over time as + detectors are updated. Only the first frame of each multiframe image is + redacted. Metadata and other frames are omitted in the response. + operationId: dlp.projects.locations.image.redact requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2UpdateDiscoveryConfigRequest + $ref: '#/components/schemas/GooglePrivacyDlpV2RedactImageRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11262,7 +11635,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' + $ref: '#/components/schemas/GooglePrivacyDlpV2RedactImageResponse' parameters: - in: path name: projectsId @@ -11274,14 +11647,15 @@ paths: required: true schema: type: string - - in: path - name: discoveryConfigsId - required: true - schema: - type: string + /v2/projects/{projectsId}/locations/{locationsId}/infoTypes: + parameters: *ref_1 get: - description: Gets a discovery configuration. - operationId: dlp.projects.locations.discoveryConfigs.get + description: >- + Returns a list of the sensitive information types that the DLP API + supports. See + https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference + to learn more. + operationId: dlp.projects.locations.infoTypes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11293,7 +11667,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' + $ref: '#/components/schemas/GooglePrivacyDlpV2ListInfoTypesResponse' parameters: - in: path name: projectsId @@ -11305,14 +11679,32 @@ paths: required: true schema: type: string - - in: path - name: discoveryConfigsId - required: true + - in: query + name: locationId schema: type: string - delete: - description: Deletes a discovery configuration. - operationId: dlp.projects.locations.discoveryConfigs.delete + - in: query + name: filter + schema: + type: string + - in: query + name: languageCode + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/deidentifyTemplates/{deidentifyTemplatesId}: + parameters: *ref_1 + patch: + description: >- + Updates the DeidentifyTemplate. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid + to learn more. + operationId: dlp.projects.locations.deidentifyTemplates.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2UpdateDeidentifyTemplateRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11324,7 +11716,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' parameters: - in: path name: projectsId @@ -11337,28 +11729,16 @@ paths: schema: type: string - in: path - name: discoveryConfigsId + name: deidentifyTemplatesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/dlpJobs: - parameters: *ref_1 - post: - description: >- - Creates a new job to inspect storage or calculate risk metrics. See - https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage - and - https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis - to learn more. When no InfoTypes or CustomInfoTypes are specified in - inspect jobs, the system will automatically choose what detectors to - run. By default this may be all types, but may change over time as - detectors are updated. - operationId: dlp.projects.locations.dlpJobs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2CreateDlpJobRequest' + delete: + description: >- + Deletes a DeidentifyTemplate. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid + to learn more. + operationId: dlp.projects.locations.deidentifyTemplates.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11370,7 +11750,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DlpJob' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -11382,14 +11762,17 @@ paths: required: true schema: type: string + - in: path + name: deidentifyTemplatesId + required: true + schema: + type: string get: description: >- - Lists DlpJobs that match the specified filter in the request. See - https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage - and - https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis + Gets a DeidentifyTemplate. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid to learn more. - operationId: dlp.projects.locations.dlpJobs.list + operationId: dlp.projects.locations.deidentifyTemplates.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11401,7 +11784,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ListDlpJobsResponse' + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' parameters: - in: path name: projectsId @@ -11413,41 +11796,19 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: type - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: locationId + - in: path + name: deidentifyTemplatesId + required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/dlpJobs/{dlpJobsId}: + /v2/projects/{projectsId}/locations/{locationsId}/deidentifyTemplates: parameters: *ref_1 get: description: >- - Gets the latest state of a long-running DlpJob. See - https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage - and - https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis + Lists DeidentifyTemplates. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid to learn more. - operationId: dlp.projects.locations.dlpJobs.get + operationId: dlp.projects.locations.deidentifyTemplates.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11459,7 +11820,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DlpJob' + $ref: >- + #/components/schemas/GooglePrivacyDlpV2ListDeidentifyTemplatesResponse parameters: - in: path name: projectsId @@ -11471,21 +11833,36 @@ paths: required: true schema: type: string - - in: path - name: dlpJobsId - required: true + - in: query + name: orderBy schema: type: string - delete: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: locationId + schema: + type: string + - in: query + name: pageToken + schema: + type: string + post: description: >- - Deletes a long-running DlpJob. This method indicates that the client is - no longer interested in the DlpJob result. The job will be canceled if - possible. See - https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage - and - https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis + Creates a DeidentifyTemplate for reusing frequently used configuration + for de-identifying content, images, and storage. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid to learn more. - operationId: dlp.projects.locations.dlpJobs.delete + operationId: dlp.projects.locations.deidentifyTemplates.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2CreateDeidentifyTemplateRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11497,7 +11874,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' parameters: - in: path name: projectsId @@ -11509,28 +11886,19 @@ paths: required: true schema: type: string - - in: path - name: dlpJobsId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/dlpJobs/{dlpJobsId}:cancel: + /v2/projects/{projectsId}/locations/{locationsId}/jobTriggers/{jobTriggersId}: parameters: *ref_1 - post: + patch: description: >- - Starts asynchronous cancellation on a long-running DlpJob. The server - makes a best effort to cancel the DlpJob, but success is not guaranteed. - See - https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage - and - https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis + Updates a job trigger. See + https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers to learn more. - operationId: dlp.projects.locations.dlpJobs.cancel + operationId: dlp.projects.locations.jobTriggers.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2CancelDlpJobRequest' + $ref: '#/components/schemas/GooglePrivacyDlpV2UpdateJobTriggerRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11542,7 +11910,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' parameters: - in: path name: projectsId @@ -11555,23 +11923,16 @@ paths: schema: type: string - in: path - name: dlpJobsId + name: jobTriggersId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/dlpJobs/{dlpJobsId}:hybridInspect: - parameters: *ref_1 - post: + delete: description: >- - Inspect hybrid content and store findings to a job. To review the - findings, inspect the job. Inspection will occur asynchronously. - operationId: dlp.projects.locations.dlpJobs.hybridInspect - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2HybridInspectDlpJobRequest + Deletes a job trigger. See + https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + to learn more. + operationId: dlp.projects.locations.jobTriggers.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11583,7 +11944,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2HybridInspectResponse' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -11596,22 +11957,16 @@ paths: schema: type: string - in: path - name: dlpJobsId + name: jobTriggersId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/dlpJobs/{dlpJobsId}:finish: - parameters: *ref_1 - post: + get: description: >- - Finish a running hybrid DlpJob. Triggers the finalization steps and - running of any enabled actions that have not yet run. - operationId: dlp.projects.locations.dlpJobs.finish - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2FinishDlpJobRequest' + Gets a job trigger. See + https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + to learn more. + operationId: dlp.projects.locations.jobTriggers.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11623,7 +11978,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' parameters: - in: path name: projectsId @@ -11636,24 +11991,24 @@ paths: schema: type: string - in: path - name: dlpJobsId + name: jobTriggersId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/storedInfoTypes: + /v2/projects/{projectsId}/locations/{locationsId}/jobTriggers: parameters: *ref_1 post: description: >- - Creates a pre-built stored infoType to be used for inspection. See - https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + Creates a job trigger to run DLP actions such as scanning storage for + sensitive information on a set schedule. See + https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers to learn more. - operationId: dlp.projects.locations.storedInfoTypes.create + operationId: dlp.projects.locations.jobTriggers.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2CreateStoredInfoTypeRequest + $ref: '#/components/schemas/GooglePrivacyDlpV2CreateJobTriggerRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11665,7 +12020,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' + $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' parameters: - in: path name: projectsId @@ -11679,10 +12034,10 @@ paths: type: string get: description: >- - Lists stored infoTypes. See - https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + Lists job triggers. See + https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers to learn more. - operationId: dlp.projects.locations.storedInfoTypes.list + operationId: dlp.projects.locations.jobTriggers.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11694,8 +12049,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListStoredInfoTypesResponse + $ref: '#/components/schemas/GooglePrivacyDlpV2ListJobTriggersResponse' parameters: - in: path name: projectsId @@ -11708,7 +12062,15 @@ paths: schema: type: string - in: query - name: pageToken + name: type + schema: + type: string + - in: query + name: locationId + schema: + type: string + - in: query + name: orderBy schema: type: string - in: query @@ -11717,28 +12079,67 @@ paths: type: integer format: int32 - in: query - name: orderBy + name: filter schema: type: string - in: query - name: locationId + name: pageToken schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/storedInfoTypes/{storedInfoTypesId}: + /v2/projects/{projectsId}/locations/{locationsId}/jobTriggers/{jobTriggersId}:activate: parameters: *ref_1 - patch: + post: description: >- - Updates the stored infoType by creating a new version. The existing - version will continue to be used until the new version is ready. See - https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes - to learn more. - operationId: dlp.projects.locations.storedInfoTypes.patch + Activate a job trigger. Causes the immediate execute of a trigger + instead of waiting on the trigger event to occur. + operationId: dlp.projects.locations.jobTriggers.activate + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GooglePrivacyDlpV2ActivateJobTriggerRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GooglePrivacyDlpV2DlpJob' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: jobTriggersId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/jobTriggers/{jobTriggersId}:hybridInspect: + parameters: *ref_1 + post: + description: >- + Inspect hybrid content and store findings to a trigger. The inspection + will be processed asynchronously. To review the findings monitor the + jobs within the trigger. + operationId: dlp.projects.locations.jobTriggers.hybridInspect requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GooglePrivacyDlpV2UpdateStoredInfoTypeRequest + #/components/schemas/GooglePrivacyDlpV2HybridInspectJobTriggerRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11750,7 +12151,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' + $ref: '#/components/schemas/GooglePrivacyDlpV2HybridInspectResponse' parameters: - in: path name: projectsId @@ -11763,16 +12164,17 @@ paths: schema: type: string - in: path - name: storedInfoTypesId + name: jobTriggersId required: true schema: type: string - get: + /v2/projects/{projectsId}/locations/{locationsId}/tableDataProfiles/{tableDataProfilesId}: + parameters: *ref_1 + delete: description: >- - Gets a stored infoType. See - https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes - to learn more. - operationId: dlp.projects.locations.storedInfoTypes.get + Delete a TableDataProfile. Will not prevent the profile from being + regenerated if the table is still included in a discovery configuration. + operationId: dlp.projects.locations.tableDataProfiles.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11784,7 +12186,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -11797,16 +12199,13 @@ paths: schema: type: string - in: path - name: storedInfoTypesId + name: tableDataProfilesId required: true schema: type: string - delete: - description: >- - Deletes a stored infoType. See - https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes - to learn more. - operationId: dlp.projects.locations.storedInfoTypes.delete + get: + description: Gets a table data profile. + operationId: dlp.projects.locations.tableDataProfiles.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11818,7 +12217,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2TableDataProfile' parameters: - in: path name: projectsId @@ -11831,15 +12230,15 @@ paths: schema: type: string - in: path - name: storedInfoTypesId + name: tableDataProfilesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/projectDataProfiles: + /v2/projects/{projectsId}/locations/{locationsId}/tableDataProfiles: parameters: *ref_1 get: - description: Lists project data profiles for an organization. - operationId: dlp.projects.locations.projectDataProfiles.list + description: Lists table data profiles for an organization. + operationId: dlp.projects.locations.tableDataProfiles.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11852,7 +12251,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListProjectDataProfilesResponse + #/components/schemas/GooglePrivacyDlpV2ListTableDataProfilesResponse parameters: - in: path name: projectsId @@ -11864,10 +12263,6 @@ paths: required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - in: query name: pageSize schema: @@ -11877,15 +12272,25 @@ paths: name: orderBy schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: filter schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/projectDataProfiles/{projectDataProfilesId}: + /v2/projects/{projectsId}/locations/{locationsId}/discoveryConfigs/{discoveryConfigsId}: parameters: *ref_1 - get: - description: Gets a project data profile. - operationId: dlp.projects.locations.projectDataProfiles.get + patch: + description: Updates a discovery configuration. + operationId: dlp.projects.locations.discoveryConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2UpdateDiscoveryConfigRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11897,7 +12302,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ProjectDataProfile' + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' parameters: - in: path name: projectsId @@ -11910,15 +12315,13 @@ paths: schema: type: string - in: path - name: projectDataProfilesId + name: discoveryConfigsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/tableDataProfiles: - parameters: *ref_1 get: - description: Lists table data profiles for an organization. - operationId: dlp.projects.locations.tableDataProfiles.list + description: Gets a discovery configuration. + operationId: dlp.projects.locations.discoveryConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11930,8 +12333,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListTableDataProfilesResponse + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' parameters: - in: path name: projectsId @@ -11943,28 +12345,14 @@ paths: required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: orderBy - schema: - type: string - - in: query - name: filter + - in: path + name: discoveryConfigsId + required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/tableDataProfiles/{tableDataProfilesId}: - parameters: *ref_1 - get: - description: Gets a table data profile. - operationId: dlp.projects.locations.tableDataProfiles.get + delete: + description: Deletes a discovery configuration. + operationId: dlp.projects.locations.discoveryConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11976,7 +12364,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2TableDataProfile' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -11989,15 +12377,21 @@ paths: schema: type: string - in: path - name: tableDataProfilesId + name: discoveryConfigsId required: true schema: type: string - delete: - description: >- - Delete a TableDataProfile. Will not prevent the profile from being - regenerated if the table is still included in a discovery configuration. - operationId: dlp.projects.locations.tableDataProfiles.delete + /v2/projects/{projectsId}/locations/{locationsId}/discoveryConfigs: + parameters: *ref_1 + post: + description: Creates a config for discovery to scan and profile storage. + operationId: dlp.projects.locations.discoveryConfigs.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2CreateDiscoveryConfigRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12009,7 +12403,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' parameters: - in: path name: projectsId @@ -12021,16 +12415,9 @@ paths: required: true schema: type: string - - in: path - name: tableDataProfilesId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/columnDataProfiles: - parameters: *ref_1 get: - description: Lists column data profiles for an organization. - operationId: dlp.projects.locations.columnDataProfiles.list + description: Lists discovery configurations. + operationId: dlp.projects.locations.discoveryConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12043,7 +12430,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListColumnDataProfilesResponse + #/components/schemas/GooglePrivacyDlpV2ListDiscoveryConfigsResponse parameters: - in: path name: projectsId @@ -12068,15 +12455,13 @@ paths: name: orderBy schema: type: string - - in: query - name: filter - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/columnDataProfiles/{columnDataProfilesId}: + /v2/projects/{projectsId}/locations/{locationsId}/connections: parameters: *ref_1 get: - description: Gets a column data profile. - operationId: dlp.projects.locations.columnDataProfiles.get + description: >- + Lists Connections in a parent. Use SearchConnections to see all + connections within an organization. + operationId: dlp.projects.locations.connections.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12088,7 +12473,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ColumnDataProfile' + $ref: '#/components/schemas/GooglePrivacyDlpV2ListConnectionsResponse' parameters: - in: path name: projectsId @@ -12100,16 +12485,27 @@ paths: required: true schema: type: string - - in: path - name: columnDataProfilesId - required: true + - in: query + name: filter schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/fileStoreDataProfiles: - parameters: *ref_1 - get: - description: Lists file store data profiles for an organization. - operationId: dlp.projects.locations.fileStoreDataProfiles.list + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + post: + description: Create a Connection to an external data source. + operationId: dlp.projects.locations.connections.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GooglePrivacyDlpV2CreateConnectionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12121,8 +12517,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListFileStoreDataProfilesResponse + $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' parameters: - in: path name: projectsId @@ -12134,28 +12529,11 @@ paths: required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: orderBy - schema: - type: string - - in: query - name: filter - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/fileStoreDataProfiles/{fileStoreDataProfilesId}: + /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}: parameters: *ref_1 - get: - description: Gets a file store data profile. - operationId: dlp.projects.locations.fileStoreDataProfiles.get + delete: + description: Delete a Connection. + operationId: dlp.projects.locations.connections.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12167,7 +12545,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreDataProfile' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -12180,16 +12558,13 @@ paths: schema: type: string - in: path - name: fileStoreDataProfilesId + name: connectionsId required: true schema: type: string - delete: - description: >- - Delete a FileStoreDataProfile. Will not prevent the profile from being - regenerated if the resource is still included in a discovery - configuration. - operationId: dlp.projects.locations.fileStoreDataProfiles.delete + get: + description: Get a Connection by name. + operationId: dlp.projects.locations.connections.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12201,7 +12576,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' parameters: - in: path name: projectsId @@ -12214,20 +12589,18 @@ paths: schema: type: string - in: path - name: fileStoreDataProfilesId + name: connectionsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections: - parameters: *ref_1 - post: - description: Create a Connection to an external data source. - operationId: dlp.projects.locations.connections.create + patch: + description: Update a Connection. + operationId: dlp.projects.locations.connections.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2CreateConnectionRequest' + $ref: '#/components/schemas/GooglePrivacyDlpV2UpdateConnectionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12251,11 +12624,16 @@ paths: required: true schema: type: string + - in: path + name: connectionsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/connections:search: + parameters: *ref_1 get: - description: >- - Lists Connections in a parent. Use SearchConnections to see all - connections within an organization. - operationId: dlp.projects.locations.connections.list + description: Searches for Connections in a parent. + operationId: dlp.projects.locations.connections.search security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12267,7 +12645,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ListConnectionsResponse' + $ref: >- + #/components/schemas/GooglePrivacyDlpV2SearchConnectionsResponse parameters: - in: path name: projectsId @@ -12278,12 +12657,7 @@ paths: name: locationsId required: true schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: @@ -12292,11 +12666,29 @@ paths: name: filter schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/projects/{projectsId}/dlpJobs: parameters: *ref_1 - get: - description: Get a Connection by name. - operationId: dlp.projects.locations.connections.get + post: + description: >- + Creates a new job to inspect storage or calculate risk metrics. See + https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage + and + https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis + to learn more. When no InfoTypes or CustomInfoTypes are specified in + inspect jobs, the system will automatically choose what detectors to + run. By default this may be all types, but may change over time as + detectors are updated. + operationId: dlp.projects.dlpJobs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GooglePrivacyDlpV2CreateDlpJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12308,26 +12700,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' + $ref: '#/components/schemas/GooglePrivacyDlpV2DlpJob' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: connectionsId - required: true - schema: - type: string - delete: - description: Delete a Connection. - operationId: dlp.projects.locations.connections.delete + get: + description: >- + Lists DlpJobs that match the specified filter in the request. See + https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage + and + https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis + to learn more. + operationId: dlp.projects.dlpJobs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12339,31 +12726,50 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2ListDlpJobsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - - in: path - name: connectionsId - required: true + - in: query + name: pageToken schema: type: string - patch: - description: Update a Connection. - operationId: dlp.projects.locations.connections.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2UpdateConnectionRequest' + - in: query + name: type + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: locationId + schema: + type: string + /v2/projects/{projectsId}/dlpJobs/{dlpJobsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running DlpJob. This method indicates that the client is + no longer interested in the DlpJob result. The job will be canceled if + possible. See + https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage + and + https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis + to learn more. + operationId: dlp.projects.dlpJobs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12375,7 +12781,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -12383,20 +12789,18 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: connectionsId + name: dlpJobsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/connections:search: - parameters: *ref_1 get: - description: Searches for Connections in a parent. - operationId: dlp.projects.locations.connections.search + description: >- + Gets the latest state of a long-running DlpJob. See + https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage + and + https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis + to learn more. + operationId: dlp.projects.dlpJobs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12408,8 +12812,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2SearchConnectionsResponse + $ref: '#/components/schemas/GooglePrivacyDlpV2DlpJob' parameters: - in: path name: projectsId @@ -12417,41 +12820,27 @@ paths: schema: type: string - in: path - name: locationsId + name: dlpJobsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - /v2/projects/{projectsId}/image:redact: + /v2/projects/{projectsId}/dlpJobs/{dlpJobsId}:cancel: parameters: *ref_1 post: description: >- - Redacts potentially sensitive info from an image. This method has limits - on input size, processing time, and output size. See - https://cloud.google.com/sensitive-data-protection/docs/redacting-sensitive-data-images - to learn more. When no InfoTypes or CustomInfoTypes are specified in - this request, the system will automatically choose what detectors to - run. By default this may be all types, but may change over time as - detectors are updated. Only the first frame of each multiframe image is - redacted. Metadata and other frames are omitted in the response. - operationId: dlp.projects.image.redact + Starts asynchronous cancellation on a long-running DlpJob. The server + makes a best effort to cancel the DlpJob, but success is not guaranteed. + See + https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage + and + https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis + to learn more. + operationId: dlp.projects.dlpJobs.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2RedactImageRequest' + $ref: '#/components/schemas/GooglePrivacyDlpV2CancelDlpJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12463,13 +12852,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2RedactImageResponse' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId required: true schema: type: string + - in: path + name: dlpJobsId + required: true + schema: + type: string /v2/projects/{projectsId}/inspectTemplates: parameters: *ref_1 post: @@ -12529,22 +12923,22 @@ paths: schema: type: string - in: query - name: pageToken + name: locationId schema: type: string - in: query - name: pageSize + name: pageToken schema: - type: integer - format: int32 + type: string - in: query name: orderBy schema: type: string - in: query - name: locationId + name: pageSize schema: - type: string + type: integer + format: int32 /v2/projects/{projectsId}/inspectTemplates/{inspectTemplatesId}: parameters: *ref_1 patch: @@ -12630,105 +13024,24 @@ paths: schema: $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: inspectTemplatesId - required: true - schema: - type: string - /v2/projects/{projectsId}/deidentifyTemplates: - parameters: *ref_1 - post: - description: >- - Creates a DeidentifyTemplate for reusing frequently used configuration - for de-identifying content, images, and storage. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid - to learn more. - operationId: dlp.projects.deidentifyTemplates.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2CreateDeidentifyTemplateRequest - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - get: - description: >- - Lists DeidentifyTemplates. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid - to learn more. - operationId: dlp.projects.deidentifyTemplates.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListDeidentifyTemplatesResponse - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: orderBy + - in: path + name: projectsId + required: true schema: type: string - - in: query - name: locationId + - in: path + name: inspectTemplatesId + required: true schema: type: string /v2/projects/{projectsId}/deidentifyTemplates/{deidentifyTemplatesId}: parameters: *ref_1 - patch: + delete: description: >- - Updates the DeidentifyTemplate. See + Deletes a DeidentifyTemplate. See https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid to learn more. - operationId: dlp.projects.deidentifyTemplates.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2UpdateDeidentifyTemplateRequest + operationId: dlp.projects.deidentifyTemplates.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12740,7 +13053,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -12781,12 +13094,18 @@ paths: required: true schema: type: string - delete: + patch: description: >- - Deletes a DeidentifyTemplate. See + Updates the DeidentifyTemplate. See https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid to learn more. - operationId: dlp.projects.deidentifyTemplates.delete + operationId: dlp.projects.deidentifyTemplates.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2UpdateDeidentifyTemplateRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12798,7 +13117,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' parameters: - in: path name: projectsId @@ -12810,20 +13129,21 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/jobTriggers: + /v2/projects/{projectsId}/deidentifyTemplates: parameters: *ref_1 post: description: >- - Creates a job trigger to run DLP actions such as scanning storage for - sensitive information on a set schedule. See - https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + Creates a DeidentifyTemplate for reusing frequently used configuration + for de-identifying content, images, and storage. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid to learn more. - operationId: dlp.projects.jobTriggers.create + operationId: dlp.projects.deidentifyTemplates.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2CreateJobTriggerRequest' + $ref: >- + #/components/schemas/GooglePrivacyDlpV2CreateDeidentifyTemplateRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12835,7 +13155,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' parameters: - in: path name: projectsId @@ -12844,10 +13164,10 @@ paths: type: string get: description: >- - Lists job triggers. See - https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + Lists DeidentifyTemplates. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid to learn more. - operationId: dlp.projects.jobTriggers.list + operationId: dlp.projects.deidentifyTemplates.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12859,51 +13179,43 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ListJobTriggersResponse' + $ref: >- + #/components/schemas/GooglePrivacyDlpV2ListDeidentifyTemplatesResponse parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: orderBy - schema: - type: string - - in: query - name: filter + name: pageToken schema: type: string - in: query - name: type + name: locationId schema: type: string - in: query - name: locationId + name: orderBy schema: type: string - /v2/projects/{projectsId}/jobTriggers/{jobTriggersId}: + /v2/projects/{projectsId}/jobTriggers/{jobTriggersId}:activate: parameters: *ref_1 - patch: + post: description: >- - Updates a job trigger. See - https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers - to learn more. - operationId: dlp.projects.jobTriggers.patch + Activate a job trigger. Causes the immediate execute of a trigger + instead of waiting on the trigger event to occur. + operationId: dlp.projects.jobTriggers.activate requestBody: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2UpdateJobTriggerRequest' + $ref: '#/components/schemas/GooglePrivacyDlpV2ActivateJobTriggerRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12915,7 +13227,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' + $ref: '#/components/schemas/GooglePrivacyDlpV2DlpJob' parameters: - in: path name: projectsId @@ -12927,12 +13239,14 @@ paths: required: true schema: type: string + /v2/projects/{projectsId}/jobTriggers: + parameters: *ref_1 get: description: >- - Gets a job trigger. See + Lists job triggers. See https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers to learn more. - operationId: dlp.projects.jobTriggers.get + operationId: dlp.projects.jobTriggers.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12944,100 +13258,50 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' + $ref: '#/components/schemas/GooglePrivacyDlpV2ListJobTriggersResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: jobTriggersId - required: true + - in: query + name: type schema: type: string - delete: - description: >- - Deletes a job trigger. See - https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers - to learn more. - operationId: dlp.projects.jobTriggers.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' - parameters: - - in: path - name: projectsId - required: true + - in: query + name: locationId schema: type: string - - in: path - name: jobTriggersId - required: true + - in: query + name: pageToken schema: type: string - /v2/projects/{projectsId}/jobTriggers/{jobTriggersId}:activate: - parameters: *ref_1 - post: - description: >- - Activate a job trigger. Causes the immediate execute of a trigger - instead of waiting on the trigger event to occur. - operationId: dlp.projects.jobTriggers.activate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ActivateJobTriggerRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DlpJob' - parameters: - - in: path - name: projectsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - - in: path - name: jobTriggersId - required: true + - in: query + name: orderBy schema: type: string - /v2/projects/{projectsId}/dlpJobs: - parameters: *ref_1 post: description: >- - Creates a new job to inspect storage or calculate risk metrics. See - https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage - and - https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis - to learn more. When no InfoTypes or CustomInfoTypes are specified in - inspect jobs, the system will automatically choose what detectors to - run. By default this may be all types, but may change over time as - detectors are updated. - operationId: dlp.projects.dlpJobs.create + Creates a job trigger to run DLP actions such as scanning storage for + sensitive information on a set schedule. See + https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + to learn more. + operationId: dlp.projects.jobTriggers.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2CreateDlpJobRequest' + $ref: '#/components/schemas/GooglePrivacyDlpV2CreateJobTriggerRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13049,21 +13313,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DlpJob' + $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' parameters: - in: path name: projectsId required: true schema: type: string + /v2/projects/{projectsId}/jobTriggers/{jobTriggersId}: + parameters: *ref_1 get: description: >- - Lists DlpJobs that match the specified filter in the request. See - https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage - and - https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis + Gets a job trigger. See + https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers to learn more. - operationId: dlp.projects.dlpJobs.list + operationId: dlp.projects.jobTriggers.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13075,48 +13339,24 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ListDlpJobsResponse' + $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: type - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: locationId + - in: path + name: jobTriggersId + required: true schema: type: string - /v2/projects/{projectsId}/dlpJobs/{dlpJobsId}: - parameters: *ref_1 - get: + delete: description: >- - Gets the latest state of a long-running DlpJob. See - https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage - and - https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis + Deletes a job trigger. See + https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers to learn more. - operationId: dlp.projects.dlpJobs.get + operationId: dlp.projects.jobTriggers.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13128,7 +13368,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DlpJob' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -13136,20 +13376,21 @@ paths: schema: type: string - in: path - name: dlpJobsId + name: jobTriggersId required: true schema: type: string - delete: + patch: description: >- - Deletes a long-running DlpJob. This method indicates that the client is - no longer interested in the DlpJob result. The job will be canceled if - possible. See - https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage - and - https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis + Updates a job trigger. See + https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers to learn more. - operationId: dlp.projects.dlpJobs.delete + operationId: dlp.projects.jobTriggers.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GooglePrivacyDlpV2UpdateJobTriggerRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13161,7 +13402,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' parameters: - in: path name: projectsId @@ -13169,27 +13410,29 @@ paths: schema: type: string - in: path - name: dlpJobsId + name: jobTriggersId required: true schema: type: string - /v2/projects/{projectsId}/dlpJobs/{dlpJobsId}:cancel: + /v2/projects/{projectsId}/content:inspect: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running DlpJob. The server - makes a best effort to cancel the DlpJob, but success is not guaranteed. - See - https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage + Finds potentially sensitive info in content. This method has limits on + input size, processing time, and output size. When no InfoTypes or + CustomInfoTypes are specified in this request, the system will + automatically choose what detectors to run. By default this may be all + types, but may change over time as detectors are updated. For how to + guides, see + https://cloud.google.com/sensitive-data-protection/docs/inspecting-images and - https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis - to learn more. - operationId: dlp.projects.dlpJobs.cancel + https://cloud.google.com/sensitive-data-protection/docs/inspecting-text, + operationId: dlp.projects.content.inspect requestBody: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2CancelDlpJobRequest' + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectContentRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13201,32 +13444,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectContentResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: dlpJobsId - required: true - schema: - type: string - /v2/projects/{projectsId}/storedInfoTypes: + /v2/projects/{projectsId}/content:reidentify: parameters: *ref_1 post: description: >- - Creates a pre-built stored infoType to be used for inspection. See - https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + Re-identifies content that has been de-identified. See + https://cloud.google.com/sensitive-data-protection/docs/pseudonymization#re-identification_in_free_text_code_example to learn more. - operationId: dlp.projects.storedInfoTypes.create + operationId: dlp.projects.content.reidentify requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2CreateStoredInfoTypeRequest + $ref: '#/components/schemas/GooglePrivacyDlpV2ReidentifyContentRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13238,19 +13475,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' + $ref: >- + #/components/schemas/GooglePrivacyDlpV2ReidentifyContentResponse parameters: - in: path name: projectsId required: true schema: type: string - get: + /v2/projects/{projectsId}/content:deidentify: + parameters: *ref_1 + post: description: >- - Lists stored infoTypes. See - https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes - to learn more. - operationId: dlp.projects.storedInfoTypes.list + De-identifies potentially sensitive info from a ContentItem. This method + has limits on input size and output size. See + https://cloud.google.com/sensitive-data-protection/docs/deidentify-sensitive-data + to learn more. When no InfoTypes or CustomInfoTypes are specified in + this request, the system will automatically choose what detectors to + run. By default this may be all types, but may change over time as + detectors are updated. + operationId: dlp.projects.content.deidentify + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyContentRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13263,45 +13512,31 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListStoredInfoTypesResponse + #/components/schemas/GooglePrivacyDlpV2DeidentifyContentResponse parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: orderBy - schema: - type: string - - in: query - name: locationId - schema: - type: string - /v2/projects/{projectsId}/storedInfoTypes/{storedInfoTypesId}: + /v2/projects/{projectsId}/image:redact: parameters: *ref_1 - patch: + post: description: >- - Updates the stored infoType by creating a new version. The existing - version will continue to be used until the new version is ready. See - https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes - to learn more. - operationId: dlp.projects.storedInfoTypes.patch + Redacts potentially sensitive info from an image. This method has limits + on input size, processing time, and output size. See + https://cloud.google.com/sensitive-data-protection/docs/redacting-sensitive-data-images + to learn more. When no InfoTypes or CustomInfoTypes are specified in + this request, the system will automatically choose what detectors to + run. By default this may be all types, but may change over time as + detectors are updated. Only the first frame of each multiframe image is + redacted. Metadata and other frames are omitted in the response. + operationId: dlp.projects.image.redact requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2UpdateStoredInfoTypeRequest + $ref: '#/components/schemas/GooglePrivacyDlpV2RedactImageRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13313,24 +13548,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' + $ref: '#/components/schemas/GooglePrivacyDlpV2RedactImageResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: storedInfoTypesId - required: true - schema: - type: string - get: + /v2/organizations/{organizationsId}/locations/{locationsId}/fileStoreDataProfiles/{fileStoreDataProfilesId}: + parameters: *ref_1 + delete: description: >- - Gets a stored infoType. See - https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes - to learn more. - operationId: dlp.projects.storedInfoTypes.get + Delete a FileStoreDataProfile. Will not prevent the profile from being + regenerated if the resource is still included in a discovery + configuration. + operationId: dlp.organizations.locations.fileStoreDataProfiles.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13342,24 +13574,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: storedInfoTypesId + name: locationsId required: true schema: type: string - delete: - description: >- - Deletes a stored infoType. See - https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes - to learn more. - operationId: dlp.projects.storedInfoTypes.delete + - in: path + name: fileStoreDataProfilesId + required: true + schema: + type: string + get: + description: Gets a file store data profile. + operationId: dlp.organizations.locations.fileStoreDataProfiles.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13371,27 +13605,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreDataProfile' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: storedInfoTypesId + name: locationsId required: true schema: type: string - /v2/infoTypes: + - in: path + name: fileStoreDataProfilesId + required: true + schema: + type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/fileStoreDataProfiles: parameters: *ref_1 get: - description: >- - Returns a list of the sensitive information types that the DLP API - supports. See - https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference - to learn more. - operationId: dlp.infoTypes.list + description: Lists file store data profiles for an organization. + operationId: dlp.organizations.locations.fileStoreDataProfiles.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13403,33 +13638,41 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ListInfoTypesResponse' + $ref: >- + #/components/schemas/GooglePrivacyDlpV2ListFileStoreDataProfilesResponse parameters: - - in: query - name: parent + - in: path + name: organizationsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true schema: type: string - in: query - name: languageCode + name: pageToken schema: type: string - in: query - name: filter + name: orderBy schema: type: string - in: query - name: locationId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - /v2/locations/{locationsId}/infoTypes: + /v2/organizations/{organizationsId}/locations/{locationsId}/discoveryConfigs/{discoveryConfigsId}: parameters: *ref_1 - get: - description: >- - Returns a list of the sensitive information types that the DLP API - supports. See - https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference - to learn more. - operationId: dlp.locations.infoTypes.list + delete: + description: Deletes a discovery configuration. + operationId: dlp.organizations.locations.discoveryConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13441,34 +13684,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ListInfoTypesResponse' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path - name: locationsId + name: organizationsId required: true schema: type: string - - in: query - name: languageCode - schema: - type: string - - in: query - name: filter + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: locationId + - in: path + name: discoveryConfigsId + required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/infoTypes: - parameters: *ref_1 - get: - description: >- - Returns a list of the sensitive information types that the DLP API - supports. See - https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference - to learn more. - operationId: dlp.organizations.locations.infoTypes.list + patch: + description: Updates a discovery configuration. + operationId: dlp.organizations.locations.discoveryConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2UpdateDiscoveryConfigRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13480,45 +13721,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ListInfoTypesResponse' + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' parameters: - in: path name: organizationsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: languageCode + required: true schema: type: string - - in: query - name: filter + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: locationId + - in: path + name: discoveryConfigsId + required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/inspectTemplates: - parameters: *ref_1 - post: - description: >- - Creates an InspectTemplate for reusing frequently used configuration for - inspecting content, images, and storage. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates - to learn more. - operationId: dlp.organizations.locations.inspectTemplates.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2CreateInspectTemplateRequest + get: + description: Gets a discovery configuration. + operationId: dlp.organizations.locations.discoveryConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13530,7 +13752,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' parameters: - in: path name: organizationsId @@ -13542,12 +13764,16 @@ paths: required: true schema: type: string + - in: path + name: discoveryConfigsId + required: true + schema: + type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/discoveryConfigs: + parameters: *ref_1 get: - description: >- - Lists InspectTemplates. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates - to learn more. - operationId: dlp.organizations.locations.inspectTemplates.list + description: Lists discovery configurations. + operationId: dlp.organizations.locations.discoveryConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13560,7 +13786,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListInspectTemplatesResponse + #/components/schemas/GooglePrivacyDlpV2ListDiscoveryConfigsResponse parameters: - in: path name: organizationsId @@ -13573,7 +13799,7 @@ paths: schema: type: string - in: query - name: pageToken + name: orderBy schema: type: string - in: query @@ -13582,11 +13808,39 @@ paths: type: integer format: int32 - in: query - name: orderBy + name: pageToken schema: type: string - - in: query - name: locationId + post: + description: Creates a config for discovery to scan and profile storage. + operationId: dlp.organizations.locations.discoveryConfigs.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2CreateDiscoveryConfigRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true schema: type: string /v2/organizations/{organizationsId}/locations/{locationsId}/inspectTemplates/{inspectTemplatesId}: @@ -13699,50 +13953,14 @@ paths: required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/deidentifyTemplates: + /v2/organizations/{organizationsId}/locations/{locationsId}/inspectTemplates: parameters: *ref_1 - post: - description: >- - Creates a DeidentifyTemplate for reusing frequently used configuration - for de-identifying content, images, and storage. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid - to learn more. - operationId: dlp.organizations.locations.deidentifyTemplates.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2CreateDeidentifyTemplateRequest - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' - parameters: - - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string get: description: >- - Lists DeidentifyTemplates. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid + Lists InspectTemplates. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates to learn more. - operationId: dlp.organizations.locations.deidentifyTemplates.list + operationId: dlp.organizations.locations.inspectTemplates.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13755,7 +13973,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListDeidentifyTemplatesResponse + #/components/schemas/GooglePrivacyDlpV2ListInspectTemplatesResponse parameters: - in: path name: organizationsId @@ -13767,37 +13985,36 @@ paths: required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: locationId + schema: + type: string - in: query name: orderBy schema: type: string - in: query - name: locationId + name: pageToken schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/deidentifyTemplates/{deidentifyTemplatesId}: - parameters: *ref_1 - patch: + post: description: >- - Updates the DeidentifyTemplate. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid + Creates an InspectTemplate for reusing frequently used configuration for + inspecting content, images, and storage. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates to learn more. - operationId: dlp.organizations.locations.deidentifyTemplates.patch + operationId: dlp.organizations.locations.inspectTemplates.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GooglePrivacyDlpV2UpdateDeidentifyTemplateRequest + #/components/schemas/GooglePrivacyDlpV2CreateInspectTemplateRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13809,7 +14026,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' parameters: - in: path name: organizationsId @@ -13821,17 +14038,11 @@ paths: required: true schema: type: string - - in: path - name: deidentifyTemplatesId - required: true - schema: - type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/columnDataProfiles: + parameters: *ref_1 get: - description: >- - Gets a DeidentifyTemplate. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid - to learn more. - operationId: dlp.organizations.locations.deidentifyTemplates.get + description: Lists column data profiles for an organization. + operationId: dlp.organizations.locations.columnDataProfiles.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13843,7 +14054,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' + $ref: >- + #/components/schemas/GooglePrivacyDlpV2ListColumnDataProfilesResponse parameters: - in: path name: organizationsId @@ -13855,17 +14067,28 @@ paths: required: true schema: type: string - - in: path - name: deidentifyTemplatesId - required: true + - in: query + name: pageToken schema: type: string - delete: - description: >- - Deletes a DeidentifyTemplate. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid - to learn more. - operationId: dlp.organizations.locations.deidentifyTemplates.delete + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/columnDataProfiles/{columnDataProfilesId}: + parameters: *ref_1 + get: + description: Gets a column data profile. + operationId: dlp.organizations.locations.columnDataProfiles.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13877,7 +14100,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2ColumnDataProfile' parameters: - in: path name: organizationsId @@ -13890,24 +14113,25 @@ paths: schema: type: string - in: path - name: deidentifyTemplatesId + name: columnDataProfilesId required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/jobTriggers: + /v2/organizations/{organizationsId}/locations/{locationsId}/deidentifyTemplates: parameters: *ref_1 post: description: >- - Creates a job trigger to run DLP actions such as scanning storage for - sensitive information on a set schedule. See - https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + Creates a DeidentifyTemplate for reusing frequently used configuration + for de-identifying content, images, and storage. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid to learn more. - operationId: dlp.organizations.locations.jobTriggers.create + operationId: dlp.organizations.locations.deidentifyTemplates.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2CreateJobTriggerRequest' + $ref: >- + #/components/schemas/GooglePrivacyDlpV2CreateDeidentifyTemplateRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13919,7 +14143,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' parameters: - in: path name: organizationsId @@ -13933,10 +14157,10 @@ paths: type: string get: description: >- - Lists job triggers. See - https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + Lists DeidentifyTemplates. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid to learn more. - operationId: dlp.organizations.locations.jobTriggers.list + operationId: dlp.organizations.locations.deidentifyTemplates.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13948,7 +14172,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ListJobTriggersResponse' + $ref: >- + #/components/schemas/GooglePrivacyDlpV2ListDeidentifyTemplatesResponse parameters: - in: path name: organizationsId @@ -13961,43 +14186,36 @@ paths: schema: type: string - in: query - name: pageToken + name: locationId schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: orderBy schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: type + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: locationId + name: pageToken schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/jobTriggers/{jobTriggersId}: + /v2/organizations/{organizationsId}/locations/{locationsId}/deidentifyTemplates/{deidentifyTemplatesId}: parameters: *ref_1 patch: description: >- - Updates a job trigger. See - https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + Updates the DeidentifyTemplate. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid to learn more. - operationId: dlp.organizations.locations.jobTriggers.patch + operationId: dlp.organizations.locations.deidentifyTemplates.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2UpdateJobTriggerRequest' + $ref: >- + #/components/schemas/GooglePrivacyDlpV2UpdateDeidentifyTemplateRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14009,7 +14227,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' parameters: - in: path name: organizationsId @@ -14022,16 +14240,16 @@ paths: schema: type: string - in: path - name: jobTriggersId + name: deidentifyTemplatesId required: true schema: type: string - get: + delete: description: >- - Gets a job trigger. See - https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + Deletes a DeidentifyTemplate. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid to learn more. - operationId: dlp.organizations.locations.jobTriggers.get + operationId: dlp.organizations.locations.deidentifyTemplates.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14043,7 +14261,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -14056,16 +14274,16 @@ paths: schema: type: string - in: path - name: jobTriggersId + name: deidentifyTemplatesId required: true schema: type: string - delete: + get: description: >- - Deletes a job trigger. See - https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + Gets a DeidentifyTemplate. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid to learn more. - operationId: dlp.organizations.locations.jobTriggers.delete + operationId: dlp.organizations.locations.deidentifyTemplates.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14077,7 +14295,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' parameters: - in: path name: organizationsId @@ -14090,21 +14308,20 @@ paths: schema: type: string - in: path - name: jobTriggersId + name: deidentifyTemplatesId required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/discoveryConfigs: + /v2/organizations/{organizationsId}/locations/{locationsId}/connections: parameters: *ref_1 post: - description: Creates a config for discovery to scan and profile storage. - operationId: dlp.organizations.locations.discoveryConfigs.create + description: Create a Connection to an external data source. + operationId: dlp.organizations.locations.connections.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2CreateDiscoveryConfigRequest + $ref: '#/components/schemas/GooglePrivacyDlpV2CreateConnectionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14116,7 +14333,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' + $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' parameters: - in: path name: organizationsId @@ -14129,8 +14346,10 @@ paths: schema: type: string get: - description: Lists discovery configurations. - operationId: dlp.organizations.locations.discoveryConfigs.list + description: >- + Lists Connections in a parent. Use SearchConnections to see all + connections within an organization. + operationId: dlp.organizations.locations.connections.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14142,8 +14361,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListDiscoveryConfigsResponse + $ref: '#/components/schemas/GooglePrivacyDlpV2ListConnectionsResponse' parameters: - in: path name: organizationsId @@ -14155,30 +14373,29 @@ paths: required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: orderBy + name: filter schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/discoveryConfigs/{discoveryConfigsId}: + - in: query + name: pageToken + schema: + type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/connections/{connectionsId}: parameters: *ref_1 patch: - description: Updates a discovery configuration. - operationId: dlp.organizations.locations.discoveryConfigs.patch + description: Update a Connection. + operationId: dlp.organizations.locations.connections.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2UpdateDiscoveryConfigRequest + $ref: '#/components/schemas/GooglePrivacyDlpV2UpdateConnectionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14190,7 +14407,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' + $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' parameters: - in: path name: organizationsId @@ -14203,13 +14420,13 @@ paths: schema: type: string - in: path - name: discoveryConfigsId + name: connectionsId required: true schema: type: string get: - description: Gets a discovery configuration. - operationId: dlp.organizations.locations.discoveryConfigs.get + description: Get a Connection by name. + operationId: dlp.organizations.locations.connections.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14221,7 +14438,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DiscoveryConfig' + $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' parameters: - in: path name: organizationsId @@ -14234,13 +14451,13 @@ paths: schema: type: string - in: path - name: discoveryConfigsId + name: connectionsId required: true schema: type: string delete: - description: Deletes a discovery configuration. - operationId: dlp.organizations.locations.discoveryConfigs.delete + description: Delete a Connection. + operationId: dlp.organizations.locations.connections.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14265,20 +14482,15 @@ paths: schema: type: string - in: path - name: discoveryConfigsId + name: connectionsId required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/dlpJobs: + /v2/organizations/{organizationsId}/locations/{locationsId}/connections:search: parameters: *ref_1 get: - description: >- - Lists DlpJobs that match the specified filter in the request. See - https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage - and - https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis - to learn more. - operationId: dlp.organizations.locations.dlpJobs.list + description: Searches for Connections in a parent. + operationId: dlp.organizations.locations.connections.search security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14290,7 +14502,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ListDlpJobsResponse' + $ref: >- + #/components/schemas/GooglePrivacyDlpV2SearchConnectionsResponse parameters: - in: path name: organizationsId @@ -14302,68 +14515,21 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: type: string - in: query - name: type - schema: - type: string - - in: query - name: orderBy + name: filter schema: type: string - in: query - name: locationId + name: pageSize schema: - type: string + type: integer + format: int32 /v2/organizations/{organizationsId}/locations/{locationsId}/storedInfoTypes: parameters: *ref_1 - post: - description: >- - Creates a pre-built stored infoType to be used for inspection. See - https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes - to learn more. - operationId: dlp.organizations.locations.storedInfoTypes.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2CreateStoredInfoTypeRequest - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' - parameters: - - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string get: description: >- Lists stored infoTypes. See @@ -14394,6 +14560,10 @@ paths: required: true schema: type: string + - in: query + name: locationId + schema: + type: string - in: query name: pageToken schema: @@ -14407,25 +14577,18 @@ paths: name: orderBy schema: type: string - - in: query - name: locationId - schema: - type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/storedInfoTypes/{storedInfoTypesId}: - parameters: *ref_1 - patch: + post: description: >- - Updates the stored infoType by creating a new version. The existing - version will continue to be used until the new version is ready. See + Creates a pre-built stored infoType to be used for inspection. See https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes to learn more. - operationId: dlp.organizations.locations.storedInfoTypes.patch + operationId: dlp.organizations.locations.storedInfoTypes.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GooglePrivacyDlpV2UpdateStoredInfoTypeRequest + #/components/schemas/GooglePrivacyDlpV2CreateStoredInfoTypeRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14449,11 +14612,8 @@ paths: required: true schema: type: string - - in: path - name: storedInfoTypesId - required: true - schema: - type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/storedInfoTypes/{storedInfoTypesId}: + parameters: *ref_1 get: description: >- Gets a stored infoType. See @@ -14522,57 +14682,19 @@ paths: required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/projectDataProfiles: - parameters: *ref_1 - get: - description: Lists project data profiles for an organization. - operationId: dlp.organizations.locations.projectDataProfiles.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListProjectDataProfilesResponse - parameters: - - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: orderBy - schema: - type: string - - in: query - name: filter - schema: - type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/projectDataProfiles/{projectDataProfilesId}: - parameters: *ref_1 - get: - description: Gets a project data profile. - operationId: dlp.organizations.locations.projectDataProfiles.get + patch: + description: >- + Updates the stored infoType by creating a new version. The existing + version will continue to be used until the new version is ready. See + https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + to learn more. + operationId: dlp.organizations.locations.storedInfoTypes.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2UpdateStoredInfoTypeRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14584,7 +14706,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ProjectDataProfile' + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' parameters: - in: path name: organizationsId @@ -14597,15 +14719,18 @@ paths: schema: type: string - in: path - name: projectDataProfilesId + name: storedInfoTypesId required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/tableDataProfiles: + /v2/organizations/{organizationsId}/locations/{locationsId}/jobTriggers: parameters: *ref_1 get: - description: Lists table data profiles for an organization. - operationId: dlp.organizations.locations.tableDataProfiles.list + description: >- + Lists job triggers. See + https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + to learn more. + operationId: dlp.organizations.locations.jobTriggers.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14617,8 +14742,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListTableDataProfilesResponse + $ref: '#/components/schemas/GooglePrivacyDlpV2ListJobTriggersResponse' parameters: - in: path name: organizationsId @@ -14630,15 +14754,19 @@ paths: required: true schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 - in: query name: pageToken schema: type: string - in: query - name: pageSize + name: locationId schema: - type: integer - format: int32 + type: string - in: query name: orderBy schema: @@ -14647,11 +14775,22 @@ paths: name: filter schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/tableDataProfiles/{tableDataProfilesId}: - parameters: *ref_1 - get: - description: Gets a table data profile. - operationId: dlp.organizations.locations.tableDataProfiles.get + - in: query + name: type + schema: + type: string + post: + description: >- + Creates a job trigger to run DLP actions such as scanning storage for + sensitive information on a set schedule. See + https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + to learn more. + operationId: dlp.organizations.locations.jobTriggers.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GooglePrivacyDlpV2CreateJobTriggerRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14663,7 +14802,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2TableDataProfile' + $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' parameters: - in: path name: organizationsId @@ -14675,16 +14814,19 @@ paths: required: true schema: type: string - - in: path - name: tableDataProfilesId - required: true - schema: - type: string - delete: + /v2/organizations/{organizationsId}/locations/{locationsId}/jobTriggers/{jobTriggersId}: + parameters: *ref_1 + patch: description: >- - Delete a TableDataProfile. Will not prevent the profile from being - regenerated if the table is still included in a discovery configuration. - operationId: dlp.organizations.locations.tableDataProfiles.delete + Updates a job trigger. See + https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + to learn more. + operationId: dlp.organizations.locations.jobTriggers.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GooglePrivacyDlpV2UpdateJobTriggerRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14696,7 +14838,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' parameters: - in: path name: organizationsId @@ -14709,15 +14851,16 @@ paths: schema: type: string - in: path - name: tableDataProfilesId + name: jobTriggersId required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/columnDataProfiles: - parameters: *ref_1 - get: - description: Lists column data profiles for an organization. - operationId: dlp.organizations.locations.columnDataProfiles.list + delete: + description: >- + Deletes a job trigger. See + https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + to learn more. + operationId: dlp.organizations.locations.jobTriggers.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14729,8 +14872,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListColumnDataProfilesResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -14742,28 +14884,17 @@ paths: required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: orderBy - schema: - type: string - - in: query - name: filter + - in: path + name: jobTriggersId + required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/columnDataProfiles/{columnDataProfilesId}: - parameters: *ref_1 get: - description: Gets a column data profile. - operationId: dlp.organizations.locations.columnDataProfiles.get + description: >- + Gets a job trigger. See + https://cloud.google.com/sensitive-data-protection/docs/creating-job-triggers + to learn more. + operationId: dlp.organizations.locations.jobTriggers.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14775,7 +14906,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ColumnDataProfile' + $ref: '#/components/schemas/GooglePrivacyDlpV2JobTrigger' parameters: - in: path name: organizationsId @@ -14788,15 +14919,15 @@ paths: schema: type: string - in: path - name: columnDataProfilesId + name: jobTriggersId required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/fileStoreDataProfiles: + /v2/organizations/{organizationsId}/locations/{locationsId}/tableDataProfiles: parameters: *ref_1 get: - description: Lists file store data profiles for an organization. - operationId: dlp.organizations.locations.fileStoreDataProfiles.list + description: Lists table data profiles for an organization. + operationId: dlp.organizations.locations.tableDataProfiles.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14809,7 +14940,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListFileStoreDataProfilesResponse + #/components/schemas/GooglePrivacyDlpV2ListTableDataProfilesResponse parameters: - in: path name: organizationsId @@ -14838,11 +14969,13 @@ paths: name: filter schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/fileStoreDataProfiles/{fileStoreDataProfilesId}: + /v2/organizations/{organizationsId}/locations/{locationsId}/tableDataProfiles/{tableDataProfilesId}: parameters: *ref_1 - get: - description: Gets a file store data profile. - operationId: dlp.organizations.locations.fileStoreDataProfiles.get + delete: + description: >- + Delete a TableDataProfile. Will not prevent the profile from being + regenerated if the table is still included in a discovery configuration. + operationId: dlp.organizations.locations.tableDataProfiles.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14854,7 +14987,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2FileStoreDataProfile' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -14867,16 +15000,13 @@ paths: schema: type: string - in: path - name: fileStoreDataProfilesId + name: tableDataProfilesId required: true schema: type: string - delete: - description: >- - Delete a FileStoreDataProfile. Will not prevent the profile from being - regenerated if the resource is still included in a discovery - configuration. - operationId: dlp.organizations.locations.fileStoreDataProfiles.delete + get: + description: Gets a table data profile. + operationId: dlp.organizations.locations.tableDataProfiles.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14888,7 +15018,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2TableDataProfile' parameters: - in: path name: organizationsId @@ -14901,48 +15031,20 @@ paths: schema: type: string - in: path - name: fileStoreDataProfilesId + name: tableDataProfilesId required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/connections: + /v2/organizations/{organizationsId}/locations/{locationsId}/dlpJobs: parameters: *ref_1 - post: - description: Create a Connection to an external data source. - operationId: dlp.organizations.locations.connections.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2CreateConnectionRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' - parameters: - - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string get: description: >- - Lists Connections in a parent. Use SearchConnections to see all - connections within an organization. - operationId: dlp.organizations.locations.connections.list + Lists DlpJobs that match the specified filter in the request. See + https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage + and + https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis + to learn more. + operationId: dlp.organizations.locations.dlpJobs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14954,7 +15056,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2ListConnectionsResponse' + $ref: '#/components/schemas/GooglePrivacyDlpV2ListDlpJobsResponse' parameters: - in: path name: organizationsId @@ -14966,24 +15068,36 @@ paths: required: true schema: type: string + - in: query + name: locationId + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: type + schema: + type: string - in: query name: pageToken schema: type: string + - in: query + name: orderBy + schema: + type: string - in: query name: filter schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/connections/{connectionsId}: + /v2/organizations/{organizationsId}/locations/{locationsId}/projectDataProfiles: parameters: *ref_1 get: - description: Get a Connection by name. - operationId: dlp.organizations.locations.connections.get + description: Lists project data profiles for an organization. + operationId: dlp.organizations.locations.projectDataProfiles.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14995,7 +15109,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' + $ref: >- + #/components/schemas/GooglePrivacyDlpV2ListProjectDataProfilesResponse parameters: - in: path name: organizationsId @@ -15007,50 +15122,28 @@ paths: required: true schema: type: string - - in: path - name: connectionsId - required: true - schema: - type: string - delete: - description: Delete a Connection. - operationId: dlp.organizations.locations.connections.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' - parameters: - - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: connectionsId - required: true + type: integer + format: int32 + - in: query + name: filter schema: type: string - patch: - description: Update a Connection. - operationId: dlp.organizations.locations.connections.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2UpdateConnectionRequest' + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/projectDataProfiles/{projectDataProfilesId}: + parameters: *ref_1 + get: + description: Gets a project data profile. + operationId: dlp.organizations.locations.projectDataProfiles.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15062,7 +15155,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2Connection' + $ref: '#/components/schemas/GooglePrivacyDlpV2ProjectDataProfile' parameters: - in: path name: organizationsId @@ -15075,15 +15168,19 @@ paths: schema: type: string - in: path - name: connectionsId + name: projectDataProfilesId required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/connections:search: + /v2/organizations/{organizationsId}/locations/{locationsId}/infoTypes: parameters: *ref_1 get: - description: Searches for Connections in a parent. - operationId: dlp.organizations.locations.connections.search + description: >- + Returns a list of the sensitive information types that the DLP API + supports. See + https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference + to learn more. + operationId: dlp.organizations.locations.infoTypes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15095,8 +15192,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2SearchConnectionsResponse + $ref: '#/components/schemas/GooglePrivacyDlpV2ListInfoTypesResponse' parameters: - in: path name: organizationsId @@ -15109,33 +15205,31 @@ paths: schema: type: string - in: query - name: pageSize + name: locationId schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: languageCode schema: type: string - in: query name: filter schema: type: string - /v2/organizations/{organizationsId}/inspectTemplates: + /v2/organizations/{organizationsId}/storedInfoTypes: parameters: *ref_1 post: description: >- - Creates an InspectTemplate for reusing frequently used configuration for - inspecting content, images, and storage. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates + Creates a pre-built stored infoType to be used for inspection. See + https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes to learn more. - operationId: dlp.organizations.inspectTemplates.create + operationId: dlp.organizations.storedInfoTypes.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GooglePrivacyDlpV2CreateInspectTemplateRequest + #/components/schemas/GooglePrivacyDlpV2CreateStoredInfoTypeRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15147,7 +15241,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' parameters: - in: path name: organizationsId @@ -15156,10 +15250,10 @@ paths: type: string get: description: >- - Lists InspectTemplates. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates + Lists stored infoTypes. See + https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes to learn more. - operationId: dlp.organizations.inspectTemplates.list + operationId: dlp.organizations.storedInfoTypes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15172,7 +15266,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListInspectTemplatesResponse + #/components/schemas/GooglePrivacyDlpV2ListStoredInfoTypesResponse parameters: - in: path name: organizationsId @@ -15180,7 +15274,7 @@ paths: schema: type: string - in: query - name: pageToken + name: orderBy schema: type: string - in: query @@ -15189,27 +15283,21 @@ paths: type: integer format: int32 - in: query - name: orderBy + name: pageToken schema: type: string - in: query name: locationId schema: type: string - /v2/organizations/{organizationsId}/inspectTemplates/{inspectTemplatesId}: + /v2/organizations/{organizationsId}/storedInfoTypes/{storedInfoTypesId}: parameters: *ref_1 - patch: + get: description: >- - Updates the InspectTemplate. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates + Gets a stored infoType. See + https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes to learn more. - operationId: dlp.organizations.inspectTemplates.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2UpdateInspectTemplateRequest + operationId: dlp.organizations.storedInfoTypes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15221,7 +15309,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' parameters: - in: path name: organizationsId @@ -15229,16 +15317,16 @@ paths: schema: type: string - in: path - name: inspectTemplatesId + name: storedInfoTypesId required: true schema: type: string - get: + delete: description: >- - Gets an InspectTemplate. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates + Deletes a stored infoType. See + https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes to learn more. - operationId: dlp.organizations.inspectTemplates.get + operationId: dlp.organizations.storedInfoTypes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15250,7 +15338,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -15258,16 +15346,23 @@ paths: schema: type: string - in: path - name: inspectTemplatesId + name: storedInfoTypesId required: true schema: type: string - delete: + patch: description: >- - Deletes an InspectTemplate. See - https://cloud.google.com/sensitive-data-protection/docs/creating-templates + Updates the stored infoType by creating a new version. The existing + version will continue to be used until the new version is ready. See + https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes to learn more. - operationId: dlp.organizations.inspectTemplates.delete + operationId: dlp.organizations.storedInfoTypes.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2UpdateStoredInfoTypeRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15279,7 +15374,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' parameters: - in: path name: organizationsId @@ -15287,7 +15382,7 @@ paths: schema: type: string - in: path - name: inspectTemplatesId + name: storedInfoTypesId required: true schema: type: string @@ -15349,15 +15444,15 @@ paths: required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: pageToken + schema: + type: string - in: query name: orderBy schema: @@ -15403,12 +15498,12 @@ paths: required: true schema: type: string - get: + delete: description: >- - Gets a DeidentifyTemplate. See + Deletes a DeidentifyTemplate. See https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid to learn more. - operationId: dlp.organizations.deidentifyTemplates.get + operationId: dlp.organizations.deidentifyTemplates.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15420,7 +15515,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -15432,12 +15527,12 @@ paths: required: true schema: type: string - delete: + get: description: >- - Deletes a DeidentifyTemplate. See + Gets a DeidentifyTemplate. See https://cloud.google.com/sensitive-data-protection/docs/creating-templates-deid to learn more. - operationId: dlp.organizations.deidentifyTemplates.delete + operationId: dlp.organizations.deidentifyTemplates.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15449,7 +15544,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2DeidentifyTemplate' parameters: - in: path name: organizationsId @@ -15461,20 +15556,14 @@ paths: required: true schema: type: string - /v2/organizations/{organizationsId}/storedInfoTypes: + /v2/organizations/{organizationsId}/inspectTemplates: parameters: *ref_1 - post: + get: description: >- - Creates a pre-built stored infoType to be used for inspection. See - https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + Lists InspectTemplates. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates to learn more. - operationId: dlp.organizations.storedInfoTypes.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2CreateStoredInfoTypeRequest + operationId: dlp.organizations.inspectTemplates.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15486,19 +15575,44 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' + $ref: >- + #/components/schemas/GooglePrivacyDlpV2ListInspectTemplatesResponse parameters: - in: path name: organizationsId required: true schema: type: string - get: + - in: query + name: orderBy + schema: + type: string + - in: query + name: locationId + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + post: description: >- - Lists stored infoTypes. See - https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + Creates an InspectTemplate for reusing frequently used configuration for + inspecting content, images, and storage. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates to learn more. - operationId: dlp.organizations.storedInfoTypes.list + operationId: dlp.organizations.inspectTemplates.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2CreateInspectTemplateRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15510,46 +15624,21 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2ListStoredInfoTypesResponse + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: orderBy - schema: - type: string - - in: query - name: locationId - schema: - type: string - /v2/organizations/{organizationsId}/storedInfoTypes/{storedInfoTypesId}: + /v2/organizations/{organizationsId}/inspectTemplates/{inspectTemplatesId}: parameters: *ref_1 - patch: + delete: description: >- - Updates the stored infoType by creating a new version. The existing - version will continue to be used until the new version is ready. See - https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + Deletes an InspectTemplate. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates to learn more. - operationId: dlp.organizations.storedInfoTypes.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GooglePrivacyDlpV2UpdateStoredInfoTypeRequest + operationId: dlp.organizations.inspectTemplates.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15561,7 +15650,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -15569,16 +15658,16 @@ paths: schema: type: string - in: path - name: storedInfoTypesId + name: inspectTemplatesId required: true schema: type: string get: description: >- - Gets a stored infoType. See - https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + Gets an InspectTemplate. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates to learn more. - operationId: dlp.organizations.storedInfoTypes.get + operationId: dlp.organizations.inspectTemplates.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15590,7 +15679,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GooglePrivacyDlpV2StoredInfoType' + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' parameters: - in: path name: organizationsId @@ -15598,16 +15687,22 @@ paths: schema: type: string - in: path - name: storedInfoTypesId + name: inspectTemplatesId required: true schema: type: string - delete: + patch: description: >- - Deletes a stored infoType. See - https://cloud.google.com/sensitive-data-protection/docs/creating-stored-infotypes + Updates the InspectTemplate. See + https://cloud.google.com/sensitive-data-protection/docs/creating-templates to learn more. - operationId: dlp.organizations.storedInfoTypes.delete + operationId: dlp.organizations.inspectTemplates.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GooglePrivacyDlpV2UpdateInspectTemplateRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15619,7 +15714,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GooglePrivacyDlpV2InspectTemplate' parameters: - in: path name: organizationsId @@ -15627,7 +15722,7 @@ paths: schema: type: string - in: path - name: storedInfoTypesId + name: inspectTemplatesId required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/dns.yaml b/providers/src/googleapis.com/v00.00.00000/services/dns.yaml index 34b6f8a0..2afb7f4d 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/dns.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/dns.yaml @@ -7,8 +7,8 @@ info: title: Cloud DNS API description: '' version: v1 - x-discovery-doc-revision: '20250729' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251106' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/dns/docs servers: @@ -1636,7 +1636,7 @@ components: policy. Defaults to no logging if not set. type: boolean dns64Config: - description: Configurations related to DNS64 for this Policy. + description: Configurations related to DNS64 for this policy. $ref: '#/components/schemas/PolicyDns64Config' kind: default: dns#policy @@ -1720,7 +1720,9 @@ components: type: object properties: allQueries: - description: Controls whether DNS64 is enabled globally at the network level. + description: >- + Controls whether DNS64 is enabled globally for all networks bound to + the policy. type: boolean kind: default: dns#policyDns64ConfigScope @@ -3500,7 +3502,7 @@ paths: /dns/v1/projects/{project}/policies: parameters: *ref_1 post: - description: Creates a new Policy. + description: Creates a new policy. operationId: dns.policies.create requestBody: content: @@ -3534,7 +3536,7 @@ paths: schema: type: string get: - description: Enumerates all Policies associated with a project. + description: Enumerates all policies associated with a project. operationId: dns.policies.list security: - Oauth2: @@ -3578,7 +3580,7 @@ paths: /dns/v1/projects/{project}/policies/{policy}: parameters: *ref_1 get: - description: Fetches the representation of an existing Policy. + description: Fetches the representation of an existing policy. operationId: dns.policies.get security: - Oauth2: @@ -3621,7 +3623,7 @@ paths: type: string delete: description: >- - Deletes a previously created Policy. Fails if the policy is still being + Deletes a previously created policy. Fails if the policy is still being referenced by a network. operationId: dns.policies.delete security: @@ -3652,7 +3654,7 @@ paths: schema: type: string patch: - description: Applies a partial update to an existing Policy. + description: Applies a partial update to an existing policy. operationId: dns.policies.patch requestBody: content: @@ -3691,7 +3693,7 @@ paths: schema: type: string put: - description: Updates an existing Policy. + description: Updates an existing policy. operationId: dns.policies.update requestBody: content: diff --git a/providers/src/googleapis.com/v00.00.00000/services/documentai.yaml b/providers/src/googleapis.com/v00.00.00000/services/documentai.yaml index 10ebe985..09e61cf8 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/documentai.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/documentai.yaml @@ -10,8 +10,8 @@ info: documents using state-of-the-art Google AI such as natural language, computer vision, translation, and AutoML. version: v1 - x-discovery-doc-revision: '20250820' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251111' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/document-ai/docs/ servers: @@ -52,6 +52,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string GoogleLongrunningOperation: id: GoogleLongrunningOperation description: >- @@ -274,6 +283,30 @@ components: chunkedDocument: description: Document chunked based on chunking config. $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentChunkedDocument' + entityValidationOutput: + description: >- + The entity validation output for the document. This is the + validation output for `document.entities` field. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentEntityValidationOutput + entitiesRevisions: + description: >- + A list of entity revisions. The entity revisions are appended to the + document in the processing order. This field can be used for + comparing the entity extraction results at different stages of the + processing. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentEntitiesRevision + entitiesRevisionId: + description: >- + The entity revision id that `document.entities` field is based on. + If this field is set and `entities_revisions` is not empty, the + entities in `document.entities` field are the entities in the entity + revision with this id and `document.entity_validation_output` field + is the `entity_validation_output` field in this entity revision. + type: string GoogleCloudDocumentaiV1DocumentStyle: id: GoogleCloudDocumentaiV1DocumentStyle description: >- @@ -1364,6 +1397,9 @@ components: type: number format: float signatureValue: + description: >- + A signature - a graphical representation of a person's name, often + used to sign a document. type: boolean text: description: >- @@ -2004,6 +2040,77 @@ components: description: Page span of the footer. $ref: >- #/components/schemas/GoogleCloudDocumentaiV1DocumentChunkedDocumentChunkChunkPageSpan + GoogleCloudDocumentaiV1DocumentEntityValidationOutput: + id: GoogleCloudDocumentaiV1DocumentEntityValidationOutput + description: >- + The output of the validation given the document and the validation + rules. + type: object + properties: + validationResults: + description: The result of each validation rule. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentEntityValidationOutputValidationResult + passAllRules: + description: >- + The overall result of the validation, true if all applicable rules + are valid. + type: boolean + GoogleCloudDocumentaiV1DocumentEntityValidationOutputValidationResult: + id: GoogleCloudDocumentaiV1DocumentEntityValidationOutputValidationResult + description: Validation result for a single validation rule. + type: object + properties: + rule: + description: >- + Optional. The name of the rule resource that is used for validation. + Format: `projects/{project}/locations/{location}/rules/{rule}` + type: string + ruleName: + description: The display name of the validation rule. + type: string + ruleDescription: + description: The description of the validation rule. + type: string + validationResultType: + description: The result of the validation rule. + type: string + enumDescriptions: + - The validation result type is unspecified. + - The validation is valid. + - The validation is invalid. + - The validation is skipped. + - The validation is not applicable. + enum: + - VALIDATION_RESULT_TYPE_UNSPECIFIED + - VALIDATION_RESULT_TYPE_VALID + - VALIDATION_RESULT_TYPE_INVALID + - VALIDATION_RESULT_TYPE_SKIPPED + - VALIDATION_RESULT_TYPE_NOT_APPLICABLE + validationDetails: + description: >- + The detailed information of the running the validation process using + the entity from the document based on the validation rule. + type: string + GoogleCloudDocumentaiV1DocumentEntitiesRevision: + id: GoogleCloudDocumentaiV1DocumentEntitiesRevision + description: Entity revision. + type: object + properties: + revisionId: + description: The revision id. + type: string + entities: + description: The entities in this revision. + type: array + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentEntity' + entityValidationOutput: + description: The entity validation output for this revision. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DocumentEntityValidationOutput GoogleCloudDocumentaiV1RawDocument: id: GoogleCloudDocumentaiV1RawDocument description: Payload message of raw document content (bytes). @@ -2182,6 +2289,16 @@ components: Optional. Whether to include bounding boxes in layout parser processor response. type: boolean + enableImageAnnotation: + description: >- + Optional. Whether to include image annotations in layout parser + response. + type: boolean + enableTableAnnotation: + description: >- + Optional. Whether to include table annotations in layout parser + response. + type: boolean GoogleCloudDocumentaiV1ProcessOptionsLayoutConfigChunkingConfig: id: GoogleCloudDocumentaiV1ProcessOptionsLayoutConfigChunkingConfig description: Serving config for chunking. @@ -2734,6 +2851,12 @@ components: description: Output only. Reserved for future use. readOnly: true type: boolean + activeSchemaVersion: + description: >- + Optional. SchemaVersion used by the Processor. It is the same as + Processor's DatasetSchema.schema_version Format is + `projects/{project}/locations/{location}/schemas/{schema}/schemaVersions/{schema_version} + type: string GoogleCloudDocumentaiV1ProcessorVersionAlias: id: GoogleCloudDocumentaiV1ProcessorVersionAlias description: Contains the alias and the aliased resource name of processor version. @@ -2783,7 +2906,7 @@ components: type: object properties: trainingMethod: - description: Training method to use for CDE training. + description: Optional. Training method to use for CDE training. type: string enumDescriptions: - '' @@ -3296,6 +3419,180 @@ components: A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. type: string + GoogleCloudDocumentaiV1NextSchema: + id: GoogleCloudDocumentaiV1NextSchema + description: NextSchema is a collection of SchemaVersions. + type: object + properties: + name: + description: >- + Identifier. The resource name of the Schema. Format: + `projects/{project}/locations/{location}/schemas/{schema}` + type: string + displayName: + description: Optional. The user-defined name of the Schema. + type: string + labels: + description: Optional. The GCP labels for the Schema. + type: object + additionalProperties: + type: string + createTime: + description: Output only. The time when the Schema was created. + readOnly: true + type: string + format: google-datetime + updateTime: + description: Output only. The time when the Schema was last updated. + readOnly: true + type: string + format: google-datetime + GoogleCloudDocumentaiV1ListSchemasResponse: + id: GoogleCloudDocumentaiV1ListSchemasResponse + description: Response message for ListSchemas. + type: object + properties: + schemas: + description: The list of Schemas. + type: array + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1NextSchema' + nextPageToken: + description: Points to the next Schema, otherwise empty. + type: string + GoogleCloudDocumentaiV1SchemaVersion: + id: GoogleCloudDocumentaiV1SchemaVersion + description: >- + SchemaVersion is a version of the Schema which is created in + SchemaGroup. + type: object + properties: + name: + description: >- + Identifier. The resource name of the SchemaVersion. Format: + `projects/{project}/locations/{location}/schemas/{schema}/schemaVersions/{schema_version}` + type: string + displayName: + description: Optional. The user-defined name of the SchemaVersion. + type: string + labels: + description: Optional. The GCP labels for the SchemaVersion. + type: object + additionalProperties: + type: string + createTime: + description: Output only. The time when the SchemaVersion was created. + readOnly: true + type: string + format: google-datetime + schema: + description: Required. The schema of the SchemaVersion. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1DocumentSchema' + GoogleCloudDocumentaiV1GenerateSchemaVersionRequest: + id: GoogleCloudDocumentaiV1GenerateSchemaVersionRequest + description: Request message for GenerateSchemaVersion. + type: object + properties: + inlineDocuments: + description: The set of documents specified inline. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1Documents' + rawDocuments: + description: The set of raw documents. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1RawDocuments' + gcsDocuments: + description: The set of documents placed on Cloud Storage. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1GcsDocuments' + gcsPrefix: + description: The common prefix of documents placed on Cloud Storage. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1GcsPrefix' + baseSchemaVersion: + description: >- + The base schema version name to use for the schema generation. + Format: + `projects/{project}/locations/{location}/schemas/{schema}/schemaVersions/{schema_version}` + type: string + generateSchemaVersionParams: + description: Optional. User specified parameters for the schema generation. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1GenerateSchemaVersionRequestGenerateSchemaVersionParams + GoogleCloudDocumentaiV1Documents: + id: GoogleCloudDocumentaiV1Documents + description: A set of inline documents. + type: object + properties: + documents: + description: The list of documents. + type: array + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1Document' + GoogleCloudDocumentaiV1RawDocuments: + id: GoogleCloudDocumentaiV1RawDocuments + description: Specifies a set of raw documents. + type: object + properties: + documents: + description: Specifies raw document content and mime type. + type: array + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1RawDocument' + GoogleCloudDocumentaiV1GenerateSchemaVersionRequestGenerateSchemaVersionParams: + id: >- + GoogleCloudDocumentaiV1GenerateSchemaVersionRequestGenerateSchemaVersionParams + description: The parameters for the schema generation. + type: object + properties: + prompt: + description: Optional. The prompt used for the schema generation. + type: string + history: + description: Optional. Previous prompt-answers in a chronological order. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1SchemaGenerationHistory' + GoogleCloudDocumentaiV1SchemaGenerationHistory: + id: GoogleCloudDocumentaiV1SchemaGenerationHistory + description: The history of schema generation iterations. + type: object + properties: + iterations: + description: Required. Previous prompt-answers in a chronological order. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1SchemaGenerationIteration + GoogleCloudDocumentaiV1SchemaGenerationIteration: + id: GoogleCloudDocumentaiV1SchemaGenerationIteration + description: A single iteration of the schema generation. + type: object + properties: + prompt: + description: Optional. The prompt used for the iteration. + type: string + generatedSchema: + description: Required. The schema version generated by the model. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1SchemaVersion' + adjustedSchema: + description: Optional. The previous schema version adjusted by the model. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1SchemaVersion' + GoogleCloudDocumentaiV1GenerateSchemaVersionResponse: + id: GoogleCloudDocumentaiV1GenerateSchemaVersionResponse + description: Response message for GenerateSchemaVersion. + type: object + properties: + schemaVersion: + description: The schema version generated by the model. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1SchemaVersion' + GoogleCloudDocumentaiV1ListSchemaVersionsResponse: + id: GoogleCloudDocumentaiV1ListSchemaVersionsResponse + description: Response message for ListSchemaVersions. + type: object + properties: + schemaVersions: + description: The list of SchemaVersions. + type: array + items: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1SchemaVersion' + nextPageToken: + description: Points to the next SchemaVersion, otherwise empty. + type: string GoogleCloudLocationListLocationsResponse: id: GoogleCloudLocationListLocationsResponse description: The response message for Locations.ListLocations. @@ -3349,7 +3646,7 @@ components: id: CloudAiDocumentaiLabHifiaToolsValidationValidatorInput description: >- Definition of the validation rules. Those are the input to the validator - logic and they are used to validate a document. + logic and they are used to validate a document. Next ID: 3 type: object properties: validationRules: @@ -3359,8 +3656,12 @@ components: #/components/schemas/CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRule CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRule: id: CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRule + description: 'Next ID: 9' type: object properties: + ruleId: + description: Unique identifier of the rule. Optional. + type: string name: description: Name of the validation rule. type: string @@ -3378,6 +3679,12 @@ components: formValidation: $ref: >- #/components/schemas/CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRuleFormValidation + childAlignmentRule: + $ref: >- + #/components/schemas/CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRuleChildAlignmentRule + entityAlignmentRule: + $ref: >- + #/components/schemas/CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRuleEntityAlignmentRule CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRuleFieldOccurrences: id: >- CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRuleFieldOccurrences @@ -3512,6 +3819,66 @@ components: - OPERATION_TYPE_ABS - OPERATION_TYPE_UNIQUE - OPERATION_TYPE_COUNT + CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRuleChildAlignmentRule: + id: >- + CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRuleChildAlignmentRule + description: A rule that aligns specified child fields with a parent field. + type: object + properties: + parentField: + description: The full path of the parent field. + $ref: >- + #/components/schemas/CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRuleField + childFields: + description: The child fields to be aligned within the parent field. + type: array + items: + $ref: >- + #/components/schemas/CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRuleField + alignmentRule: + description: The alignment rule to apply to the child fields. + $ref: >- + #/components/schemas/CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRuleAlignmentRule + CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRuleAlignmentRule: + id: >- + CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRuleAlignmentRule + description: >- + A rule for checking field alignment. Horizontal alignment checks if + fields are on the same row by comparing y-coordinates of bounding box + centers, while vertical alignment checks if fields are on the same + column by comparing x-coordinates of bounding box centers. + type: object + properties: + alignmentType: + type: string + enumDescriptions: + - '' + - '' + - '' + enum: + - ALIGNMENT_TYPE_UNSPECIFIED + - ALIGNMENT_TYPE_HORIZONTAL + - ALIGNMENT_TYPE_VERTICAL + tolerance: + description: The tolerance to use when comparing coordinates. + type: number + format: float + CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRuleEntityAlignmentRule: + id: >- + CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRuleEntityAlignmentRule + description: A rule that aligns specified fields with each other. + type: object + properties: + fields: + description: The fields to be aligned. + type: array + items: + $ref: >- + #/components/schemas/CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRuleField + alignmentRule: + description: The alignment rule to apply to the fields. + $ref: >- + #/components/schemas/CloudAiDocumentaiLabHifiaToolsValidationValidatorInputValidationRuleAlignmentRule GoogleCloudDocumentaiV1BatchProcessResponse: id: GoogleCloudDocumentaiV1BatchProcessResponse description: Response message for BatchProcessDocuments. @@ -4019,588 +4386,2014 @@ components: description: The basic metadata of the long-running operation. $ref: >- #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata - GoogleCloudDocumentaiV1beta3ReviewDocumentResponse: - id: GoogleCloudDocumentaiV1beta3ReviewDocumentResponse - description: Response message for the ReviewDocument method. + GoogleCloudDocumentaiV1beta3Processor: + id: GoogleCloudDocumentaiV1beta3Processor + description: >- + The first-class citizen for Document AI. Each processor defines how to + extract structural information from a document. type: object properties: - gcsDestination: + name: description: >- - The Cloud Storage uri for the human reviewed document if the review - is succeeded. + Output only. Immutable. The resource name of the processor. Format: + `projects/{project}/locations/{location}/processors/{processor}` + readOnly: true type: string - state: - description: The state of the review operation. + type: + description: >- + The processor type, such as: `OCR_PROCESSOR`, `INVOICE_PROCESSOR`. + To get a list of processor types, see FetchProcessorTypes. type: string - enumDescriptions: - - The default value. This value is used if the state is omitted. - - The review operation is rejected by the reviewer. - - The review operation is succeeded. - enum: - - STATE_UNSPECIFIED - - REJECTED - - SUCCEEDED - rejectionReason: - description: The reason why the review is rejected by reviewer. + displayName: + description: The display name of the processor. type: string - GoogleCloudDocumentaiV1beta3ReviewDocumentOperationMetadata: - id: GoogleCloudDocumentaiV1beta3ReviewDocumentOperationMetadata - description: The long-running operation metadata for the ReviewDocument method. - type: object - properties: state: - description: Used only when Operation.done is false. + description: Output only. The state of the processor. + readOnly: true type: string enumDescriptions: - - Unspecified state. - - Operation is still running. - - Operation is being cancelled. - - Operation succeeded. - - Operation failed. - - Operation is cancelled. + - The processor is in an unspecified state. + - >- + The processor is enabled, i.e., has an enabled version which can + currently serve processing requests and all the feature + dependencies have been successfully initialized. + - The processor is disabled. + - >- + The processor is being enabled, will become `ENABLED` if + successful. + - >- + The processor is being disabled, will become `DISABLED` if + successful. + - >- + The processor is being created, will become either `ENABLED` (for + successful creation) or `FAILED` (for failed ones). Once a + processor is in this state, it can then be used for document + processing, but the feature dependencies of the processor might + not be fully created yet. + - >- + The processor failed during creation or initialization of feature + dependencies. The user should delete the processor and recreate + one as all the functionalities of the processor are disabled. + - The processor is being deleted, will be removed if successful. enum: - STATE_UNSPECIFIED - - RUNNING - - CANCELLING - - SUCCEEDED + - ENABLED + - DISABLED + - ENABLING + - DISABLING + - CREATING - FAILED - - CANCELLED - stateMessage: - description: >- - A message providing more details about the current state of - processing. For example, the error message if the operation is - failed. - type: string - createTime: - description: The creation time of the operation. + - DELETING + defaultProcessorVersion: + description: The default processor version. type: string - format: google-datetime + processorVersionAliases: + description: Output only. The processor version aliases. + readOnly: true + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3ProcessorVersionAlias + processEndpoint: + description: >- + Output only. Immutable. The http endpoint that can be called to + invoke processing. + readOnly: true + type: string + createTime: + description: Output only. The time the processor was created. + readOnly: true + type: string + format: google-datetime + kmsKeyName: + description: >- + The [KMS key](https://cloud.google.com/security-key-management) used + for encryption and decryption in CMEK scenarios. + type: string + satisfiesPzs: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + satisfiesPzi: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + activeSchemaVersion: + description: >- + Optional. SchemaVersion used by the Processor. It is the same as + Processor's DatasetSchema.schema_version Format is + `projects/{project}/locations/{location}/schemas/{schema}/schemaVersions/{schema_version} + type: string + GoogleCloudDocumentaiV1beta3ProcessorVersionAlias: + id: GoogleCloudDocumentaiV1beta3ProcessorVersionAlias + description: Contains the alias and the aliased resource name of processor version. + type: object + properties: + alias: + description: The alias in the form of `processor_version` resource name. + type: string + processorVersion: + description: The resource name of aliased processor version. + type: string + GoogleCloudDocumentaiV1beta3UpdateProcessorVersionMetadata: + id: GoogleCloudDocumentaiV1beta3UpdateProcessorVersionMetadata + description: >- + The long-running operation metadata for the UpdateProcessorVersion + method. + type: object + properties: + commonMetadata: + description: The basic metadata for the long-running operation. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata + GoogleCloudDocumentaiV1beta3ProcessorVersion: + id: GoogleCloudDocumentaiV1beta3ProcessorVersion + description: >- + A processor version is an implementation of a processor. Each processor + can have multiple versions, pretrained by Google internally or uptrained + by the customer. A processor can only have one default version at a + time. Its document-processing behavior is defined by that version. + type: object + properties: + name: + description: >- + Identifier. The resource name of the processor version. Format: + `projects/{project}/locations/{location}/processors/{processor}/processorVersions/{processor_version}` + type: string + displayName: + description: The display name of the processor version. + type: string + documentSchema: + description: >- + Output only. The schema of the processor version. Describes the + output. + readOnly: true + $ref: '#/components/schemas/GoogleCloudDocumentaiV1beta3DocumentSchema' + state: + description: Output only. The state of the processor version. + readOnly: true + type: string + enumDescriptions: + - The processor version is in an unspecified state. + - The processor version is deployed and can be used for processing. + - The processor version is being deployed. + - >- + The processor version is not deployed and cannot be used for + processing. + - The processor version is being undeployed. + - The processor version is being created. + - The processor version is being deleted. + - The processor version failed and is in an indeterminate state. + - The processor version is being imported. + enum: + - STATE_UNSPECIFIED + - DEPLOYED + - DEPLOYING + - UNDEPLOYED + - UNDEPLOYING + - CREATING + - DELETING + - FAILED + - IMPORTING + createTime: + description: Output only. The time the processor version was created. + readOnly: true + type: string + format: google-datetime + latestEvaluation: + description: >- + Output only. The most recently invoked evaluation for the processor + version. + readOnly: true + $ref: '#/components/schemas/GoogleCloudDocumentaiV1beta3EvaluationReference' + kmsKeyName: + description: Output only. The KMS key name used for encryption. + readOnly: true + type: string + kmsKeyVersionName: + description: Output only. The KMS key version with which data is encrypted. + readOnly: true + type: string + googleManaged: + description: >- + Output only. Denotes that this `ProcessorVersion` is managed by + Google. + readOnly: true + type: boolean + deprecationInfo: + description: >- + Output only. If set, information about the eventual deprecation of + this version. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3ProcessorVersionDeprecationInfo + modelType: + description: Output only. The model type of this processor version. + readOnly: true + type: string + enumDescriptions: + - The processor version has unspecified model type. + - The processor version has generative model type. + - The processor version has custom model type. + enum: + - MODEL_TYPE_UNSPECIFIED + - MODEL_TYPE_GENERATIVE + - MODEL_TYPE_CUSTOM + satisfiesPzs: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + satisfiesPzi: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + genAiModelInfo: + description: >- + Output only. Information about Generative AI model-based processor + versions. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3ProcessorVersionGenAiModelInfo + GoogleCloudDocumentaiV1beta3DocumentSchema: + id: GoogleCloudDocumentaiV1beta3DocumentSchema + description: The schema defines the output of the processed document by a processor. + type: object + properties: + displayName: + description: Display name to show to users. + type: string + description: + description: Description of the schema. + type: string + entityTypes: + description: Entity types of the schema. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3DocumentSchemaEntityType + metadata: + description: Metadata of the schema. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3DocumentSchemaMetadata + GoogleCloudDocumentaiV1beta3DocumentSchemaEntityType: + id: GoogleCloudDocumentaiV1beta3DocumentSchemaEntityType + description: >- + EntityType is the wrapper of a label of the corresponding model with + detailed attributes and limitations for entity-based processors. + Multiple types can also compose a dependency tree to represent nested + types. + type: object + properties: + enumValues: + description: >- + If specified, lists all the possible values for this entity. This + should not be more than a handful of values. If the number of values + is >10 or could change frequently use the + `EntityType.value_ontology` field and specify a list of all possible + values in a value ontology file. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3DocumentSchemaEntityTypeEnumValues + displayName: + description: User defined name for the type. + type: string + name: + description: >- + Name of the type. It must be unique within the schema file and + cannot be a "Common Type". The following naming conventions are + used: - Use `snake_casing`. - Name matching is case-sensitive. - + Maximum 64 characters. - Must start with a letter. - Allowed + characters: ASCII letters `[a-z0-9_-]`. (For backward compatibility + internal infrastructure and tooling can handle any ascii character.) + - The `/` is sometimes used to denote a property of a type. For + example `line_item/amount`. This convention is deprecated, but will + still be honored for backward compatibility. + type: string + description: + description: >- + The description of the entity type. Could be used to provide more + information about the entity type for model calls. + type: string + baseTypes: + description: >- + The entity type that this type is derived from. For now, one and + only one should be set. + type: array + items: + type: string + properties: + description: Description the nested structure, or composition of an entity. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3DocumentSchemaEntityTypeProperty + entityTypeMetadata: + description: Metadata for the entity type. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1beta3EntityTypeMetadata' + GoogleCloudDocumentaiV1beta3DocumentSchemaEntityTypeEnumValues: + id: GoogleCloudDocumentaiV1beta3DocumentSchemaEntityTypeEnumValues + description: Defines the a list of enum values. + type: object + properties: + values: + description: The individual values that this enum values type can include. + type: array + items: + type: string + GoogleCloudDocumentaiV1beta3DocumentSchemaEntityTypeProperty: + id: GoogleCloudDocumentaiV1beta3DocumentSchemaEntityTypeProperty + description: Defines properties that can be part of the entity type. + type: object + properties: + name: + description: >- + The name of the property. Follows the same guidelines as the + EntityType name. + type: string + description: + description: >- + The description of the property. Could be used to provide more + information about the property for model calls. + type: string + displayName: + description: User defined name for the property. + type: string + valueType: + description: >- + A reference to the value type of the property. This type is subject + to the same conventions as the `Entity.base_types` field. + type: string + occurrenceType: + description: >- + Occurrence type limits the number of instances an entity type + appears in the document. + type: string + enumDescriptions: + - Unspecified occurrence type. + - >- + There will be zero or one instance of this entity type. The same + entity instance may be mentioned multiple times. + - The entity type will appear zero or multiple times. + - >- + The entity type will only appear exactly once. The same entity + instance may be mentioned multiple times. + - The entity type will appear once or more times. + enum: + - OCCURRENCE_TYPE_UNSPECIFIED + - OPTIONAL_ONCE + - OPTIONAL_MULTIPLE + - REQUIRED_ONCE + - REQUIRED_MULTIPLE + method: + description: Specifies how the entity's value is obtained. + type: string + enumDescriptions: + - Unspecified method. It defaults to `EXTRACT`. + - >- + The entity's value is directly extracted as-is from the document + text. + - >- + The entity's value is derived through inference and is not + necessarily an exact text extraction from the document. + enum: + - METHOD_UNSPECIFIED + - EXTRACT + - DERIVE + propertyMetadata: + description: Any additional metadata about the property can be added here. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1beta3PropertyMetadata' + GoogleCloudDocumentaiV1beta3PropertyMetadata: + id: GoogleCloudDocumentaiV1beta3PropertyMetadata + description: Metadata about a property. + type: object + properties: + inactive: + description: Whether the property should be considered as "inactive". + type: boolean + fieldExtractionMetadata: + description: Field extraction metadata on the property. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3FieldExtractionMetadata + GoogleCloudDocumentaiV1beta3FieldExtractionMetadata: + id: GoogleCloudDocumentaiV1beta3FieldExtractionMetadata + description: Metadata for how this field value is extracted. + type: object + properties: + summaryOptions: + description: Summary options config. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1beta3SummaryOptions' + GoogleCloudDocumentaiV1beta3SummaryOptions: + id: GoogleCloudDocumentaiV1beta3SummaryOptions + description: Metadata for document summarization. + type: object + properties: + length: + description: How long the summary should be. + type: string + enumDescriptions: + - Default. + - A brief summary of one or two sentences. + - A paragraph-length summary. + - The longest option available. + enum: + - LENGTH_UNSPECIFIED + - BRIEF + - MODERATE + - COMPREHENSIVE + format: + description: The format the summary should be in. + type: string + enumDescriptions: + - Default. + - Format the output in paragraphs. + - Format the output in bullets. + enum: + - FORMAT_UNSPECIFIED + - PARAGRAPH + - BULLETS + GoogleCloudDocumentaiV1beta3EntityTypeMetadata: + id: GoogleCloudDocumentaiV1beta3EntityTypeMetadata + description: Metadata about an entity type. + type: object + properties: + inactive: + description: Whether the entity type should be considered inactive. + type: boolean + GoogleCloudDocumentaiV1beta3DocumentSchemaMetadata: + id: GoogleCloudDocumentaiV1beta3DocumentSchemaMetadata + description: Metadata for global schema behavior. + type: object + properties: + documentSplitter: + description: >- + If true, a `document` entity type can be applied to subdocument + (splitting). Otherwise, it can only be applied to the entire + document (classification). + type: boolean + documentAllowMultipleLabels: + description: >- + If true, on a given page, there can be multiple `document` + annotations covering it. + type: boolean + prefixedNamingOnProperties: + description: If set, all the nested entities must be prefixed with the parents. + type: boolean + skipNamingValidation: + description: >- + If set, we will skip the naming format validation in the schema. So + the string values in `DocumentSchema.EntityType.name` and + `DocumentSchema.EntityType.Property.name` will not be checked. + type: boolean + GoogleCloudDocumentaiV1beta3EvaluationReference: + id: GoogleCloudDocumentaiV1beta3EvaluationReference + description: >- + Gives a short summary of an evaluation, and links to the evaluation + itself. + type: object + properties: + operation: + description: The resource name of the Long Running Operation for the evaluation. + type: string + evaluation: + description: The resource name of the evaluation. + type: string + aggregateMetrics: + description: >- + An aggregate of the statistics for the evaluation with fuzzy + matching on. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1beta3EvaluationMetrics' + aggregateMetricsExact: + description: >- + An aggregate of the statistics for the evaluation with fuzzy + matching off. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1beta3EvaluationMetrics' + GoogleCloudDocumentaiV1beta3EvaluationMetrics: + id: GoogleCloudDocumentaiV1beta3EvaluationMetrics + description: Evaluation metrics, either in aggregate or about a specific entity. + type: object + properties: + precision: + description: The calculated precision. + type: number + format: float + recall: + description: The calculated recall. + type: number + format: float + f1Score: + description: The calculated f1 score. + type: number + format: float + predictedOccurrencesCount: + description: The amount of occurrences in predicted documents. + type: integer + format: int32 + groundTruthOccurrencesCount: + description: The amount of occurrences in ground truth documents. + type: integer + format: int32 + predictedDocumentCount: + description: The amount of documents with a predicted occurrence. + type: integer + format: int32 + groundTruthDocumentCount: + description: The amount of documents with a ground truth occurrence. + type: integer + format: int32 + truePositivesCount: + description: The amount of true positives. + type: integer + format: int32 + falsePositivesCount: + description: The amount of false positives. + type: integer + format: int32 + falseNegativesCount: + description: The amount of false negatives. + type: integer + format: int32 + totalDocumentsCount: + description: The amount of documents that had an occurrence of this label. + type: integer + format: int32 + GoogleCloudDocumentaiV1beta3ProcessorVersionDeprecationInfo: + id: GoogleCloudDocumentaiV1beta3ProcessorVersionDeprecationInfo + description: Information about the upcoming deprecation of this processor version. + type: object + properties: + deprecationTime: + description: The time at which this processor version will be deprecated. + type: string + format: google-datetime + replacementProcessorVersion: + description: If set, the processor version that will be used as a replacement. + type: string + GoogleCloudDocumentaiV1beta3ProcessorVersionGenAiModelInfo: + id: GoogleCloudDocumentaiV1beta3ProcessorVersionGenAiModelInfo + description: Information about Generative AI model-based processor versions. + type: object + properties: + foundationGenAiModelInfo: + description: Information for a pretrained Google-managed foundation model. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3ProcessorVersionGenAiModelInfoFoundationGenAiModelInfo + customGenAiModelInfo: + description: Information for a custom Generative AI model created by the user. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3ProcessorVersionGenAiModelInfoCustomGenAiModelInfo + GoogleCloudDocumentaiV1beta3ProcessorVersionGenAiModelInfoFoundationGenAiModelInfo: + id: >- + GoogleCloudDocumentaiV1beta3ProcessorVersionGenAiModelInfoFoundationGenAiModelInfo + description: Information for a pretrained Google-managed foundation model. + type: object + properties: + finetuningAllowed: + description: Whether finetuning is allowed for this base processor version. + type: boolean + minTrainLabeledDocuments: + description: >- + The minimum number of labeled documents in the training dataset + required for finetuning. + type: integer + format: int32 + GoogleCloudDocumentaiV1beta3ProcessorVersionGenAiModelInfoCustomGenAiModelInfo: + id: >- + GoogleCloudDocumentaiV1beta3ProcessorVersionGenAiModelInfoCustomGenAiModelInfo + description: >- + Information for a custom Generative AI model created by the user. These + are created with `Create New Version` in either the `Call foundation + model` or `Fine tuning` tabs. + type: object + properties: + customModelType: + description: The type of custom model created by the user. + type: string + enumDescriptions: + - The model type is unspecified. + - The model is a versioned foundation model. + - The model is a finetuned foundation model. + enum: + - CUSTOM_MODEL_TYPE_UNSPECIFIED + - VERSIONED_FOUNDATION + - FINE_TUNED + baseProcessorVersionId: + description: The base processor version ID for the custom model. + type: string + GoogleCloudDocumentaiV1beta3ReviewDocumentResponse: + id: GoogleCloudDocumentaiV1beta3ReviewDocumentResponse + description: Response message for the ReviewDocument method. + type: object + properties: + gcsDestination: + description: >- + The Cloud Storage uri for the human reviewed document if the review + is succeeded. + type: string + state: + description: The state of the review operation. + type: string + enumDescriptions: + - The default value. This value is used if the state is omitted. + - The review operation is rejected by the reviewer. + - The review operation is succeeded. + enum: + - STATE_UNSPECIFIED + - REJECTED + - SUCCEEDED + rejectionReason: + description: The reason why the review is rejected by reviewer. + type: string + GoogleCloudDocumentaiV1beta3ReviewDocumentOperationMetadata: + id: GoogleCloudDocumentaiV1beta3ReviewDocumentOperationMetadata + description: The long-running operation metadata for the ReviewDocument method. + type: object + properties: + state: + description: Used only when Operation.done is false. + type: string + enumDescriptions: + - Unspecified state. + - Operation is still running. + - Operation is being cancelled. + - Operation succeeded. + - Operation failed. + - Operation is cancelled. + enum: + - STATE_UNSPECIFIED + - RUNNING + - CANCELLING + - SUCCEEDED + - FAILED + - CANCELLED + stateMessage: + description: >- + A message providing more details about the current state of + processing. For example, the error message if the operation is + failed. + type: string + createTime: + description: The creation time of the operation. + type: string + format: google-datetime updateTime: description: The last update time of the operation. type: string - format: google-datetime + format: google-datetime + commonMetadata: + description: The basic metadata of the long-running operation. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata + questionId: + description: The Crowd Compute question ID. + type: string + GoogleCloudDocumentaiV1beta3DeleteProcessorVersionMetadata: + id: GoogleCloudDocumentaiV1beta3DeleteProcessorVersionMetadata + description: >- + The long-running operation metadata for the DeleteProcessorVersion + method. + type: object + properties: + commonMetadata: + description: The basic metadata of the long-running operation. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata + GoogleCloudDocumentaiV1beta3DeployProcessorVersionMetadata: + id: GoogleCloudDocumentaiV1beta3DeployProcessorVersionMetadata + description: >- + The long-running operation metadata for the DeployProcessorVersion + method. + type: object + properties: + commonMetadata: + description: The basic metadata of the long-running operation. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata + GoogleCloudDocumentaiV1beta3DeployProcessorVersionResponse: + id: GoogleCloudDocumentaiV1beta3DeployProcessorVersionResponse + description: Response message for the DeployProcessorVersion method. + type: object + properties: {} + GoogleCloudDocumentaiV1beta3UndeployProcessorVersionMetadata: + id: GoogleCloudDocumentaiV1beta3UndeployProcessorVersionMetadata + description: >- + The long-running operation metadata for the UndeployProcessorVersion + method. + type: object + properties: + commonMetadata: + description: The basic metadata of the long-running operation. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata + GoogleCloudDocumentaiV1beta3UndeployProcessorVersionResponse: + id: GoogleCloudDocumentaiV1beta3UndeployProcessorVersionResponse + description: Response message for the UndeployProcessorVersion method. + type: object + properties: {} + GoogleCloudDocumentaiV1beta3SetDefaultProcessorVersionMetadata: + id: GoogleCloudDocumentaiV1beta3SetDefaultProcessorVersionMetadata + description: >- + The long-running operation metadata for the SetDefaultProcessorVersion + method. + type: object + properties: + commonMetadata: + description: The basic metadata of the long-running operation. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata + GoogleCloudDocumentaiV1beta3SetDefaultProcessorVersionResponse: + id: GoogleCloudDocumentaiV1beta3SetDefaultProcessorVersionResponse + description: Response message for the SetDefaultProcessorVersion method. + type: object + properties: {} + GoogleCloudDocumentaiV1beta3TrainProcessorVersionMetadata: + id: GoogleCloudDocumentaiV1beta3TrainProcessorVersionMetadata + description: The metadata that represents a processor version being created. + type: object + properties: + commonMetadata: + description: The basic metadata of the long-running operation. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata + trainingDatasetValidation: + description: The training dataset validation information. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3TrainProcessorVersionMetadataDatasetValidation + testDatasetValidation: + description: The test dataset validation information. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3TrainProcessorVersionMetadataDatasetValidation + GoogleCloudDocumentaiV1beta3TrainProcessorVersionMetadataDatasetValidation: + id: >- + GoogleCloudDocumentaiV1beta3TrainProcessorVersionMetadataDatasetValidation + description: >- + The dataset validation information. This includes any and all errors + with documents and the dataset. + type: object + properties: + documentErrorCount: + description: The total number of document errors. + type: integer + format: int32 + datasetErrorCount: + description: The total number of dataset errors. + type: integer + format: int32 + documentErrors: + description: >- + Error information pertaining to specific documents. A maximum of 10 + document errors will be returned. Any document with errors will not + be used throughout training. + type: array + items: + $ref: '#/components/schemas/GoogleRpcStatus' + datasetErrors: + description: >- + Error information for the dataset as a whole. A maximum of 10 + dataset errors will be returned. A single dataset error is terminal + for training. + type: array + items: + $ref: '#/components/schemas/GoogleRpcStatus' + GoogleCloudDocumentaiV1beta3TrainProcessorVersionResponse: + id: GoogleCloudDocumentaiV1beta3TrainProcessorVersionResponse + description: The response for TrainProcessorVersion. + type: object + properties: + processorVersion: + description: The resource name of the processor version produced by training. + type: string + GoogleCloudDocumentaiV1beta3EvaluateProcessorVersionMetadata: + id: GoogleCloudDocumentaiV1beta3EvaluateProcessorVersionMetadata + description: Metadata of the EvaluateProcessorVersion method. + type: object + properties: commonMetadata: description: The basic metadata of the long-running operation. $ref: >- #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata - questionId: - description: The Crowd Compute question ID. + GoogleCloudDocumentaiV1beta3EvaluateProcessorVersionResponse: + id: GoogleCloudDocumentaiV1beta3EvaluateProcessorVersionResponse + description: Response of the EvaluateProcessorVersion method. + type: object + properties: + evaluation: + description: The resource name of the created evaluation. + type: string + GoogleCloudDocumentaiV1beta3ImportProcessorVersionMetadata: + id: GoogleCloudDocumentaiV1beta3ImportProcessorVersionMetadata + description: >- + The long-running operation metadata for the ImportProcessorVersion + method. + type: object + properties: + commonMetadata: + description: The basic metadata for the long-running operation. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata + GoogleCloudDocumentaiV1beta3ImportProcessorVersionResponse: + id: GoogleCloudDocumentaiV1beta3ImportProcessorVersionResponse + description: The response message for the ImportProcessorVersion method. + type: object + properties: + processorVersion: + description: The destination processor version name. + type: string + GoogleCloudDocumentaiV1beta3UpdateDatasetOperationMetadata: + id: GoogleCloudDocumentaiV1beta3UpdateDatasetOperationMetadata + type: object + properties: + commonMetadata: + description: The basic metadata of the long-running operation. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata + GoogleCloudDocumentaiV1beta3Dataset: + id: GoogleCloudDocumentaiV1beta3Dataset + description: >- + A singleton resource under a Processor which configures a collection of + documents. + type: object + properties: + gcsManagedConfig: + description: >- + Optional. User-managed Cloud Storage dataset configuration. Use this + configuration if the dataset documents are stored under a + user-managed Cloud Storage location. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3DatasetGCSManagedConfig + documentWarehouseConfig: + description: >- + Optional. Deprecated. Warehouse-based dataset configuration is not + supported. + deprecated: true + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3DatasetDocumentWarehouseConfig + unmanagedDatasetConfig: + description: >- + Optional. Unmanaged dataset configuration. Use this configuration if + the dataset documents are managed by the document service internally + (not user-managed). + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3DatasetUnmanagedDatasetConfig + spannerIndexingConfig: + description: >- + Optional. A lightweight indexing source with low latency and high + reliability, but lacking advanced features like CMEK and + content-based search. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3DatasetSpannerIndexingConfig + name: + description: >- + Dataset resource name. Format: + `projects/{project}/locations/{location}/processors/{processor}/dataset` + type: string + state: + description: Required. State of the dataset. Ignored when updating dataset. + type: string + enumDescriptions: + - Default unspecified enum, should not be used. + - Dataset has not been initialized. + - Dataset is being initialized. + - Dataset has been initialized. + enum: + - STATE_UNSPECIFIED + - UNINITIALIZED + - INITIALIZING + - INITIALIZED + satisfiesPzs: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + satisfiesPzi: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + GoogleCloudDocumentaiV1beta3DatasetGCSManagedConfig: + id: GoogleCloudDocumentaiV1beta3DatasetGCSManagedConfig + description: Configuration specific to the Cloud Storage-based implementation. + type: object + properties: + gcsPrefix: + description: >- + Required. The Cloud Storage URI (a directory) where the documents + belonging to the dataset must be stored. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1beta3GcsPrefix' + GoogleCloudDocumentaiV1beta3GcsPrefix: + id: GoogleCloudDocumentaiV1beta3GcsPrefix + description: Specifies all documents on Cloud Storage with a common prefix. + type: object + properties: + gcsUriPrefix: + description: The URI prefix. + type: string + GoogleCloudDocumentaiV1beta3DatasetDocumentWarehouseConfig: + id: GoogleCloudDocumentaiV1beta3DatasetDocumentWarehouseConfig + description: >- + Configuration specific to the Document AI Warehouse-based + implementation. + type: object + properties: + collection: + description: >- + Output only. The collection in Document AI Warehouse associated with + the dataset. + readOnly: true + type: string + schema: + description: >- + Output only. The schema in Document AI Warehouse associated with the + dataset. + readOnly: true + type: string + GoogleCloudDocumentaiV1beta3DatasetUnmanagedDatasetConfig: + id: GoogleCloudDocumentaiV1beta3DatasetUnmanagedDatasetConfig + description: Configuration specific to an unmanaged dataset. + type: object + properties: {} + GoogleCloudDocumentaiV1beta3DatasetSpannerIndexingConfig: + id: GoogleCloudDocumentaiV1beta3DatasetSpannerIndexingConfig + description: Configuration specific to spanner-based indexing. + type: object + properties: {} + GoogleCloudDocumentaiV1beta3ImportDocumentsMetadata: + id: GoogleCloudDocumentaiV1beta3ImportDocumentsMetadata + description: Metadata of the import document operation. + type: object + properties: + commonMetadata: + description: The basic metadata of the long-running operation. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata + individualImportStatuses: + description: The list of response details of each document. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3ImportDocumentsMetadataIndividualImportStatus + importConfigValidationResults: + description: Validation statuses of the batch documents import config. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3ImportDocumentsMetadataImportConfigValidationResult + totalDocumentCount: + description: Total number of the documents that are qualified for importing. + type: integer + format: int32 + GoogleCloudDocumentaiV1beta3ImportDocumentsMetadataIndividualImportStatus: + id: >- + GoogleCloudDocumentaiV1beta3ImportDocumentsMetadataIndividualImportStatus + description: The status of each individual document in the import process. + type: object + properties: + inputGcsSource: + description: The source Cloud Storage URI of the document. + type: string + status: + description: The status of the importing of the document. + $ref: '#/components/schemas/GoogleRpcStatus' + outputDocumentId: + description: >- + The document id of imported document if it was successful, otherwise + empty. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1beta3DocumentId' + GoogleCloudDocumentaiV1beta3DocumentId: + id: GoogleCloudDocumentaiV1beta3DocumentId + description: Document Identifier. + type: object + properties: + gcsManagedDocId: + description: A document id within user-managed Cloud Storage. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3DocumentIdGCSManagedDocumentId + unmanagedDocId: + description: A document id within unmanaged dataset. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3DocumentIdUnmanagedDocumentId + revisionRef: + description: Points to a specific revision of the document if set. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1beta3RevisionRef' + GoogleCloudDocumentaiV1beta3DocumentIdGCSManagedDocumentId: + id: GoogleCloudDocumentaiV1beta3DocumentIdGCSManagedDocumentId + description: >- + Identifies a document uniquely within the scope of a dataset in the + user-managed Cloud Storage option. + type: object + properties: + gcsUri: + description: Required. The Cloud Storage URI where the actual document is stored. type: string - GoogleCloudDocumentaiV1beta3DeleteProcessorVersionMetadata: - id: GoogleCloudDocumentaiV1beta3DeleteProcessorVersionMetadata + cwDocId: + description: Id of the document (indexed) managed by Content Warehouse. + deprecated: true + type: string + GoogleCloudDocumentaiV1beta3DocumentIdUnmanagedDocumentId: + id: GoogleCloudDocumentaiV1beta3DocumentIdUnmanagedDocumentId description: >- - The long-running operation metadata for the DeleteProcessorVersion - method. + Identifies a document uniquely within the scope of a dataset in + unmanaged option. type: object properties: - commonMetadata: - description: The basic metadata of the long-running operation. - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata - GoogleCloudDocumentaiV1beta3DeployProcessorVersionMetadata: - id: GoogleCloudDocumentaiV1beta3DeployProcessorVersionMetadata + docId: + description: Required. The id of the document. + type: string + GoogleCloudDocumentaiV1beta3RevisionRef: + id: GoogleCloudDocumentaiV1beta3RevisionRef + description: The revision reference specifies which revision on the document to read. + type: object + properties: + revisionCase: + description: Reads the revision by the predefined case. + type: string + enumDescriptions: + - Unspecified case, fall back to read the `LATEST_HUMAN_REVIEW`. + - The latest revision made by a human. + - The latest revision based on timestamp. + - The first (OCR) revision. + enum: + - REVISION_CASE_UNSPECIFIED + - LATEST_HUMAN_REVIEW + - LATEST_TIMESTAMP + - BASE_OCR_REVISION + revisionId: + description: Reads the revision given by the id. + type: string + latestProcessorVersion: + description: >- + Reads the revision generated by the processor version. The format + takes the full resource name of processor version. + `projects/{project}/locations/{location}/processors/{processor}/processorVersions/{processorVersion}` + type: string + GoogleCloudDocumentaiV1beta3ImportDocumentsMetadataImportConfigValidationResult: + id: >- + GoogleCloudDocumentaiV1beta3ImportDocumentsMetadataImportConfigValidationResult description: >- - The long-running operation metadata for the DeployProcessorVersion - method. + The validation status of each import config. Status is set to an error + if there are no documents to import in the `import_config`, or `OK` if + the operation will try to proceed with at least one document. + type: object + properties: + inputGcsSource: + description: The source Cloud Storage URI specified in the import config. + type: string + status: + description: The validation status of import config. + $ref: '#/components/schemas/GoogleRpcStatus' + GoogleCloudDocumentaiV1beta3ImportDocumentsResponse: + id: GoogleCloudDocumentaiV1beta3ImportDocumentsResponse + description: Response of the import document operation. + type: object + properties: {} + GoogleCloudDocumentaiV1beta3BatchDeleteDocumentsMetadata: + id: GoogleCloudDocumentaiV1beta3BatchDeleteDocumentsMetadata type: object properties: commonMetadata: description: The basic metadata of the long-running operation. $ref: >- #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata - GoogleCloudDocumentaiV1beta3DeployProcessorVersionResponse: - id: GoogleCloudDocumentaiV1beta3DeployProcessorVersionResponse - description: Response message for the DeployProcessorVersion method. + individualBatchDeleteStatuses: + description: The list of response details of each document. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1beta3BatchDeleteDocumentsMetadataIndividualBatchDeleteStatus + totalDocumentCount: + description: Total number of documents deleting from dataset. + type: integer + format: int32 + errorDocumentCount: + description: Total number of documents that failed to be deleted in storage. + type: integer + format: int32 + GoogleCloudDocumentaiV1beta3BatchDeleteDocumentsMetadataIndividualBatchDeleteStatus: + id: >- + GoogleCloudDocumentaiV1beta3BatchDeleteDocumentsMetadataIndividualBatchDeleteStatus + description: The status of each individual document in the batch delete process. + type: object + properties: + documentId: + description: The document id of the document. + $ref: '#/components/schemas/GoogleCloudDocumentaiV1beta3DocumentId' + status: + description: The status of deleting the document in storage. + $ref: '#/components/schemas/GoogleRpcStatus' + GoogleCloudDocumentaiV1beta3BatchDeleteDocumentsResponse: + id: GoogleCloudDocumentaiV1beta3BatchDeleteDocumentsResponse + description: Response of the delete documents operation. type: object properties: {} - GoogleCloudDocumentaiV1beta3UndeployProcessorVersionMetadata: - id: GoogleCloudDocumentaiV1beta3UndeployProcessorVersionMetadata - description: >- - The long-running operation metadata for the UndeployProcessorVersion - method. + GoogleCloudDocumentaiUiv1beta3DeleteProcessorMetadata: + id: GoogleCloudDocumentaiUiv1beta3DeleteProcessorMetadata + description: The long-running operation metadata for the DeleteProcessor method. type: object properties: commonMetadata: description: The basic metadata of the long-running operation. $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata - GoogleCloudDocumentaiV1beta3UndeployProcessorVersionResponse: - id: GoogleCloudDocumentaiV1beta3UndeployProcessorVersionResponse - description: Response message for the UndeployProcessorVersion method. + #/components/schemas/GoogleCloudDocumentaiUiv1beta3CommonOperationMetadata + GoogleCloudDocumentaiUiv1beta3CommonOperationMetadata: + id: GoogleCloudDocumentaiUiv1beta3CommonOperationMetadata + description: The common metadata for long running operations. type: object - properties: {} - GoogleCloudDocumentaiV1beta3SetDefaultProcessorVersionMetadata: - id: GoogleCloudDocumentaiV1beta3SetDefaultProcessorVersionMetadata + properties: + state: + description: The state of the operation. + type: string + enumDescriptions: + - Unspecified state. + - Operation is still running. + - Operation is being cancelled. + - Operation succeeded. + - Operation failed. + - Operation is cancelled. + enum: + - STATE_UNSPECIFIED + - RUNNING + - CANCELLING + - SUCCEEDED + - FAILED + - CANCELLED + stateMessage: + description: >- + A message providing more details about the current state of + processing. + type: string + resource: + description: A related resource to this operation. + type: string + createTime: + description: The creation time of the operation. + type: string + format: google-datetime + updateTime: + description: The last update time of the operation. + type: string + format: google-datetime + GoogleCloudDocumentaiUiv1beta3EnableProcessorResponse: + id: GoogleCloudDocumentaiUiv1beta3EnableProcessorResponse description: >- - The long-running operation metadata for the SetDefaultProcessorVersion - method. + Response message for the EnableProcessor method. Intentionally empty + proto for adding fields in future. + type: object + properties: {} + GoogleCloudDocumentaiUiv1beta3EnableProcessorMetadata: + id: GoogleCloudDocumentaiUiv1beta3EnableProcessorMetadata + description: The long-running operation metadata for the EnableProcessor method. type: object properties: commonMetadata: description: The basic metadata of the long-running operation. $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata - GoogleCloudDocumentaiV1beta3SetDefaultProcessorVersionResponse: - id: GoogleCloudDocumentaiV1beta3SetDefaultProcessorVersionResponse - description: Response message for the SetDefaultProcessorVersion method. + #/components/schemas/GoogleCloudDocumentaiUiv1beta3CommonOperationMetadata + GoogleCloudDocumentaiUiv1beta3DisableProcessorResponse: + id: GoogleCloudDocumentaiUiv1beta3DisableProcessorResponse + description: >- + Response message for the DisableProcessor method. Intentionally empty + proto for adding fields in future. type: object properties: {} - GoogleCloudDocumentaiV1beta3TrainProcessorVersionMetadata: - id: GoogleCloudDocumentaiV1beta3TrainProcessorVersionMetadata - description: The metadata that represents a processor version being created. + GoogleCloudDocumentaiUiv1beta3DisableProcessorMetadata: + id: GoogleCloudDocumentaiUiv1beta3DisableProcessorMetadata + description: The long-running operation metadata for the DisableProcessor method. type: object properties: commonMetadata: description: The basic metadata of the long-running operation. $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata - trainingDatasetValidation: - description: The training dataset validation information. - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3TrainProcessorVersionMetadataDatasetValidation - testDatasetValidation: - description: The test dataset validation information. - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3TrainProcessorVersionMetadataDatasetValidation - GoogleCloudDocumentaiV1beta3TrainProcessorVersionMetadataDatasetValidation: - id: >- - GoogleCloudDocumentaiV1beta3TrainProcessorVersionMetadataDatasetValidation + #/components/schemas/GoogleCloudDocumentaiUiv1beta3CommonOperationMetadata + GoogleCloudDocumentaiUiv1beta3Processor: + id: GoogleCloudDocumentaiUiv1beta3Processor description: >- - The dataset validation information. This includes any and all errors - with documents and the dataset. + The first-class citizen for Document AI. Each processor defines how to + extract structural information from a document. type: object properties: - documentErrorCount: - description: The total number of document errors. - type: integer - format: int32 - datasetErrorCount: - description: The total number of dataset errors. - type: integer - format: int32 - documentErrors: + name: description: >- - Error information pertaining to specific documents. A maximum of 10 - document errors will be returned. Any document with errors will not - be used throughout training. + Output only. Immutable. The resource name of the processor. Format: + `projects/{project}/locations/{location}/processors/{processor}` + readOnly: true + type: string + type: + description: >- + The processor type, such as: `OCR_PROCESSOR`, `INVOICE_PROCESSOR`. + To get a list of processor types, see FetchProcessorTypes. + type: string + displayName: + description: The display name of the processor. + type: string + state: + description: Output only. The state of the processor. + readOnly: true + type: string + enumDescriptions: + - The processor is in an unspecified state. + - >- + The processor is enabled, i.e., has an enabled version which can + currently serve processing requests and all the feature + dependencies have been successfully initialized. + - The processor is disabled. + - >- + The processor is being enabled, will become `ENABLED` if + successful. + - >- + The processor is being disabled, will become `DISABLED` if + successful. + - >- + The processor is being created, will become either `ENABLED` (for + successful creation) or `FAILED` (for failed ones). Once a + processor is in this state, it can then be used for document + processing, but the feature dependencies of the processor might + not be fully created yet. + - >- + The processor failed during creation or initialization of feature + dependencies. The user should delete the processor and recreate + one as all the functionalities of the processor are disabled. + - The processor is being deleted, will be removed if successful. + enum: + - STATE_UNSPECIFIED + - ENABLED + - DISABLED + - ENABLING + - DISABLING + - CREATING + - FAILED + - DELETING + defaultProcessorVersion: + description: The default processor version. + type: string + processorVersionAliases: + description: Output only. The processor version aliases. + readOnly: true type: array items: - $ref: '#/components/schemas/GoogleRpcStatus' - datasetErrors: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiUiv1beta3ProcessorVersionAlias + processEndpoint: description: >- - Error information for the dataset as a whole. A maximum of 10 - dataset errors will be returned. A single dataset error is terminal - for training. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDocumentaiV1beta3TrainProcessorVersionResponse: - id: GoogleCloudDocumentaiV1beta3TrainProcessorVersionResponse - description: The response for TrainProcessorVersion. - type: object - properties: - processorVersion: - description: The resource name of the processor version produced by training. + Output only. Immutable. The http endpoint that can be called to + invoke processing. + readOnly: true type: string - GoogleCloudDocumentaiV1beta3EvaluateProcessorVersionMetadata: - id: GoogleCloudDocumentaiV1beta3EvaluateProcessorVersionMetadata - description: Metadata of the EvaluateProcessorVersion method. - type: object - properties: - commonMetadata: - description: The basic metadata of the long-running operation. - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata - GoogleCloudDocumentaiV1beta3EvaluateProcessorVersionResponse: - id: GoogleCloudDocumentaiV1beta3EvaluateProcessorVersionResponse - description: Response of the EvaluateProcessorVersion method. + createTime: + description: Output only. The time the processor was created. + readOnly: true + type: string + format: google-datetime + kmsKeyName: + description: >- + The [KMS key](https://cloud.google.com/security-key-management) used + for encryption and decryption in CMEK scenarios. + type: string + satisfiesPzs: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + satisfiesPzi: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + activeSchemaVersion: + description: >- + Optional. SchemaVersion used by the Processor. It is the same as + Processor's DatasetSchema.schema_version Format is + `projects/{project}/locations/{location}/schemas/{schema}/schemaVersions/{schema_version} + type: string + GoogleCloudDocumentaiUiv1beta3ProcessorVersionAlias: + id: GoogleCloudDocumentaiUiv1beta3ProcessorVersionAlias + description: Contains the alias and the aliased resource name of processor version. type: object properties: - evaluation: - description: The resource name of the created evaluation. + alias: + description: The alias in the form of `processor_version` resource name. type: string - GoogleCloudDocumentaiV1beta3ImportProcessorVersionMetadata: - id: GoogleCloudDocumentaiV1beta3ImportProcessorVersionMetadata + processorVersion: + description: The resource name of aliased processor version. + type: string + GoogleCloudDocumentaiUiv1beta3UpdateProcessorVersionMetadata: + id: GoogleCloudDocumentaiUiv1beta3UpdateProcessorVersionMetadata description: >- - The long-running operation metadata for the ImportProcessorVersion + The long-running operation metadata for the UpdateProcessorVersion method. type: object properties: commonMetadata: description: The basic metadata for the long-running operation. $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata - GoogleCloudDocumentaiV1beta3ImportProcessorVersionResponse: - id: GoogleCloudDocumentaiV1beta3ImportProcessorVersionResponse - description: The response message for the ImportProcessorVersion method. - type: object - properties: - processorVersion: - description: The destination processor version name. - type: string - GoogleCloudDocumentaiV1beta3UpdateDatasetOperationMetadata: - id: GoogleCloudDocumentaiV1beta3UpdateDatasetOperationMetadata - type: object - properties: - commonMetadata: - description: The basic metadata of the long-running operation. - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata - GoogleCloudDocumentaiV1beta3Dataset: - id: GoogleCloudDocumentaiV1beta3Dataset + #/components/schemas/GoogleCloudDocumentaiUiv1beta3CommonOperationMetadata + GoogleCloudDocumentaiUiv1beta3ProcessorVersion: + id: GoogleCloudDocumentaiUiv1beta3ProcessorVersion description: >- - A singleton resource under a Processor which configures a collection of - documents. + A processor version is an implementation of a processor. Each processor + can have multiple versions, pretrained by Google internally or uptrained + by the customer. A processor can only have one default version at a + time. Its document-processing behavior is defined by that version. type: object properties: - gcsManagedConfig: + name: description: >- - Optional. User-managed Cloud Storage dataset configuration. Use this - configuration if the dataset documents are stored under a - user-managed Cloud Storage location. - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3DatasetGCSManagedConfig - documentWarehouseConfig: + Identifier. The resource name of the processor version. Format: + `projects/{project}/locations/{location}/processors/{processor}/processorVersions/{processor_version}` + type: string + displayName: + description: The display name of the processor version. + type: string + schema: + description: The schema of the processor version. Describes the output. + $ref: '#/components/schemas/GoogleCloudDocumentaiUiv1beta3Schema' + documentSchema: description: >- - Optional. Deprecated. Warehouse-based dataset configuration is not - supported. - deprecated: true + Output only. The schema of the processor version. Describes the + output. + readOnly: true + $ref: '#/components/schemas/GoogleCloudDocumentaiUiv1beta3DocumentSchema' + state: + description: Output only. The state of the processor version. + readOnly: true + type: string + enumDescriptions: + - The processor version is in an unspecified state. + - The processor version is deployed and can be used for processing. + - The processor version is being deployed. + - >- + The processor version is not deployed and cannot be used for + processing. + - The processor version is being undeployed. + - The processor version is being created. + - The processor version is being deleted. + - The processor version failed and is in an indeterminate state. + - The processor version is being imported. + enum: + - STATE_UNSPECIFIED + - DEPLOYED + - DEPLOYING + - UNDEPLOYED + - UNDEPLOYING + - CREATING + - DELETING + - FAILED + - IMPORTING + createTime: + description: Output only. The time the processor version was created. + readOnly: true + type: string + format: google-datetime + latestEvaluation: + description: >- + Output only. The most recently invoked evaluation for the processor + version. + readOnly: true $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3DatasetDocumentWarehouseConfig - unmanagedDatasetConfig: + #/components/schemas/GoogleCloudDocumentaiUiv1beta3EvaluationReference + kmsKeyName: + description: Output only. The KMS key name used for encryption. + readOnly: true + type: string + kmsKeyVersionName: + description: Output only. The KMS key version with which data is encrypted. + readOnly: true + type: string + googleManaged: description: >- - Optional. Unmanaged dataset configuration. Use this configuration if - the dataset documents are managed by the document service internally - (not user-managed). + Output only. Denotes that this `ProcessorVersion` is managed by + Google. + readOnly: true + type: boolean + deploymentAllowed: + description: >- + Output only. Denotes that this `ProcessorVersion` can be deployed + and undeployed. + readOnly: true + type: boolean + deprecationInfo: + description: >- + Output only. If set, information about the eventual deprecation of + this version. + readOnly: true $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3DatasetUnmanagedDatasetConfig - spannerIndexingConfig: + #/components/schemas/GoogleCloudDocumentaiUiv1beta3ProcessorVersionDeprecationInfo + modelType: + description: Output only. The model type of this processor version. + readOnly: true + type: string + enumDescriptions: + - The processor version has unspecified model type. + - The processor version has generative model type. + - The processor version has custom model type. + enum: + - MODEL_TYPE_UNSPECIFIED + - MODEL_TYPE_GENERATIVE + - MODEL_TYPE_CUSTOM + satisfiesPzs: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + satisfiesPzi: + description: Output only. Reserved for future use. + readOnly: true + type: boolean + genAiModelInfo: description: >- - Optional. A lightweight indexing source with low latency and high - reliability, but lacking advanced features like CMEK and - content-based search. + Output only. Information about Generative AI model-based processor + versions. + readOnly: true $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3DatasetSpannerIndexingConfig - name: + #/components/schemas/GoogleCloudDocumentaiUiv1beta3ProcessorVersionGenAiModelInfo + GoogleCloudDocumentaiUiv1beta3Schema: + id: GoogleCloudDocumentaiUiv1beta3Schema + description: The schema defines the output of the processed document by a processor. + type: object + properties: + displayName: + description: Display name to show to users. + type: string + description: + description: Description of the schema. + type: string + entityTypes: + description: Entity types of the schema. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiUiv1beta3SchemaEntityType + GoogleCloudDocumentaiUiv1beta3SchemaEntityType: + id: GoogleCloudDocumentaiUiv1beta3SchemaEntityType + description: >- + EntityType is the wrapper of a label of the corresponding model with + detailed attributes and limitations for entity-based processors. + Multiple types can also compose a dependency tree to represent nested + types. + type: object + properties: + type: description: >- - Dataset resource name. Format: - `projects/{project}/locations/{location}/processors/{processor}/dataset` + Name of the type. It must satisfy the following constraints: 1. Must + be unique within the set of same level types (with case-insensitive + match). 2. Maximum 64 characters. 3. Must start with a letter. 4. + Allowed characters: ASCII letters [a-zA-Z], ASCII digits [0-9], or + one of the following punctuation characters: * underscore '_' + (recommended) * hyphen '-' (allowed, not recommended) * colon ':' + (allowed, not recommended) NOTE: Whitespace characters are not + allowed. 5. Cannot end with a punctuation character. 6. Cannot + contain the following restricted strings: "google", "DocumentAI" + (case-insensitive match). 7. A slash character '/' is reserved as a + separator in flattened representations of nested entity types (e.g., + "line_item/amount") in which case each part (e.g., "line_item", + "amount") must comply with the rules defined above. We recommend + using the snake case ("snake_case") in entity type names. + type: string + baseType: + type: string + occurrenceType: + description: >- + Occurrence type limits the number of times an entity type appears in + the document. + type: string + enumDescriptions: + - Unspecified occurrence type. + - The entity type will appear zero times or once. + - The entity type will appear zero or multiple times. + - The entity type will only appear exactly once. + - The entity type will appear once or more times. + enum: + - OCCURRENCE_TYPE_UNSPECIFIED + - OPTIONAL_ONCE + - OPTIONAL_MULTIPLE + - REQUIRED_ONCE + - REQUIRED_MULTIPLE + description: + description: Description of the entity type. type: string - state: - description: Required. State of the dataset. Ignored when updating dataset. + properties: + description: >- + Describing the nested structure of an entity. An EntityType may + consist of several other EntityTypes. For example, in a document + there can be an EntityType `ID`, which consists of EntityType `name` + and `address`, with corresponding attributes, such as TEXT for both + types and ONCE for occurrence types. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiUiv1beta3SchemaEntityType + source: + description: Source of this entity type. type: string enumDescriptions: - - Default unspecified enum, should not be used. - - Dataset has not been initialized. - - Dataset is being initialized. - - Dataset has been initialized. + - Unspecified source. + - >- + The entity type is in the predefined schema of a pretrained + version of a processor. + - >- + The entity type is added by the users either: - during an + uptraining of an existing processor, or - during the process of + creating a customized processor. enum: - - STATE_UNSPECIFIED - - UNINITIALIZED - - INITIALIZING - - INITIALIZED - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - GoogleCloudDocumentaiV1beta3DatasetGCSManagedConfig: - id: GoogleCloudDocumentaiV1beta3DatasetGCSManagedConfig - description: Configuration specific to the Cloud Storage-based implementation. - type: object - properties: - gcsPrefix: + - SOURCE_UNSPECIFIED + - PREDEFINED + - USER_INPUT + enumValues: + description: If specified, lists all the possible values for this entity. + type: array + items: + type: string + hide: description: >- - Required. The Cloud Storage URI (a directory) where the documents - belonging to the dataset must be stored. - $ref: '#/components/schemas/GoogleCloudDocumentaiV1beta3GcsPrefix' - GoogleCloudDocumentaiV1beta3GcsPrefix: - id: GoogleCloudDocumentaiV1beta3GcsPrefix - description: Specifies all documents on Cloud Storage with a common prefix. + If the entity type is hidden in the schema. This provides the + functionality to temporally "disable" an entity without deleting it. + type: boolean + method: + description: Specifies how the entity's value is obtained. + type: string + enumDescriptions: + - Unspecified method. It defaults to `EXTRACT`. + - >- + The entity's value is directly extracted as-is from the document + text. + - >- + The entity's value is derived through inference and is not + necessarily an exact text extraction from the document. + enum: + - METHOD_UNSPECIFIED + - EXTRACT + - DERIVE + GoogleCloudDocumentaiUiv1beta3DocumentSchema: + id: GoogleCloudDocumentaiUiv1beta3DocumentSchema + description: The schema defines the output of the processed document by a processor. type: object properties: - gcsUriPrefix: - description: The URI prefix. + displayName: + description: Display name to show to users. type: string - GoogleCloudDocumentaiV1beta3DatasetDocumentWarehouseConfig: - id: GoogleCloudDocumentaiV1beta3DatasetDocumentWarehouseConfig + description: + description: Description of the schema. + type: string + entityTypes: + description: Entity types of the schema. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiUiv1beta3DocumentSchemaEntityType + metadata: + description: Metadata of the schema. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiUiv1beta3DocumentSchemaMetadata + GoogleCloudDocumentaiUiv1beta3DocumentSchemaEntityType: + id: GoogleCloudDocumentaiUiv1beta3DocumentSchemaEntityType description: >- - Configuration specific to the Document AI Warehouse-based - implementation. + EntityType is the wrapper of a label of the corresponding model with + detailed attributes and limitations for entity-based processors. + Multiple types can also compose a dependency tree to represent nested + types. type: object properties: - collection: + enumValues: description: >- - Output only. The collection in Document AI Warehouse associated with - the dataset. - readOnly: true + If specified, lists all the possible values for this entity. This + should not be more than a handful of values. If the number of values + is >10 or could change frequently use the + `EntityType.value_ontology` field and specify a list of all possible + values in a value ontology file. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiUiv1beta3DocumentSchemaEntityTypeEnumValues + displayName: + description: User defined name for the type. type: string - schema: + name: description: >- - Output only. The schema in Document AI Warehouse associated with the - dataset. - readOnly: true + Name of the type. It must be unique within the schema file and + cannot be a "Common Type". The following naming conventions are + used: - Use `snake_casing`. - Name matching is case-sensitive. - + Maximum 64 characters. - Must start with a letter. - Allowed + characters: ASCII letters `[a-z0-9_-]`. (For backward compatibility + internal infrastructure and tooling can handle any ascii character.) + - The `/` is sometimes used to denote a property of a type. For + example `line_item/amount`. This convention is deprecated, but will + still be honored for backward compatibility. type: string - GoogleCloudDocumentaiV1beta3DatasetUnmanagedDatasetConfig: - id: GoogleCloudDocumentaiV1beta3DatasetUnmanagedDatasetConfig - description: Configuration specific to an unmanaged dataset. - type: object - properties: {} - GoogleCloudDocumentaiV1beta3DatasetSpannerIndexingConfig: - id: GoogleCloudDocumentaiV1beta3DatasetSpannerIndexingConfig - description: Configuration specific to spanner-based indexing. - type: object - properties: {} - GoogleCloudDocumentaiV1beta3ImportDocumentsMetadata: - id: GoogleCloudDocumentaiV1beta3ImportDocumentsMetadata - description: Metadata of the import document operation. - type: object - properties: - commonMetadata: - description: The basic metadata of the long-running operation. - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata - individualImportStatuses: - description: The list of response details of each document. + description: + description: >- + The description of the entity type. Could be used to provide more + information about the entity type for model calls. + type: string + baseTypes: + description: >- + The entity type that this type is derived from. For now, one and + only one should be set. type: array items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3ImportDocumentsMetadataIndividualImportStatus - importConfigValidationResults: - description: Validation statuses of the batch documents import config. + type: string + properties: + description: Description the nested structure, or composition of an entity. type: array items: $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3ImportDocumentsMetadataImportConfigValidationResult - totalDocumentCount: - description: Total number of the documents that are qualified for importing. - type: integer - format: int32 - GoogleCloudDocumentaiV1beta3ImportDocumentsMetadataIndividualImportStatus: - id: >- - GoogleCloudDocumentaiV1beta3ImportDocumentsMetadataIndividualImportStatus - description: The status of each individual document in the import process. + #/components/schemas/GoogleCloudDocumentaiUiv1beta3DocumentSchemaEntityTypeProperty + entityTypeMetadata: + description: Metadata for the entity type. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiUiv1beta3EntityTypeMetadata + GoogleCloudDocumentaiUiv1beta3DocumentSchemaEntityTypeEnumValues: + id: GoogleCloudDocumentaiUiv1beta3DocumentSchemaEntityTypeEnumValues + description: Defines the a list of enum values. type: object properties: - inputGcsSource: - description: The source Cloud Storage URI of the document. + values: + description: The individual values that this enum values type can include. + type: array + items: + type: string + GoogleCloudDocumentaiUiv1beta3DocumentSchemaEntityTypeProperty: + id: GoogleCloudDocumentaiUiv1beta3DocumentSchemaEntityTypeProperty + description: Defines properties that can be part of the entity type. + type: object + properties: + name: + description: >- + The name of the property. Follows the same guidelines as the + EntityType name. type: string - status: - description: The status of the importing of the document. - $ref: '#/components/schemas/GoogleRpcStatus' - outputDocumentId: + description: description: >- - The document id of imported document if it was successful, otherwise - empty. - $ref: '#/components/schemas/GoogleCloudDocumentaiV1beta3DocumentId' - GoogleCloudDocumentaiV1beta3DocumentId: - id: GoogleCloudDocumentaiV1beta3DocumentId - description: Document Identifier. + The description of the property. Could be used to provide more + information about the property for model calls. + type: string + displayName: + description: User defined name for the property. + type: string + valueType: + description: >- + A reference to the value type of the property. This type is subject + to the same conventions as the `Entity.base_types` field. + type: string + occurrenceType: + description: >- + Occurrence type limits the number of instances an entity type + appears in the document. + type: string + enumDescriptions: + - Unspecified occurrence type. + - >- + There will be zero or one instance of this entity type. The same + entity instance may be mentioned multiple times. + - The entity type will appear zero or multiple times. + - >- + The entity type will only appear exactly once. The same entity + instance may be mentioned multiple times. + - The entity type will appear once or more times. + enum: + - OCCURRENCE_TYPE_UNSPECIFIED + - OPTIONAL_ONCE + - OPTIONAL_MULTIPLE + - REQUIRED_ONCE + - REQUIRED_MULTIPLE + method: + description: Specifies how the entity's value is obtained. + type: string + enumDescriptions: + - Unspecified method. It defaults to `EXTRACT`. + - >- + The entity's value is directly extracted as-is from the document + text. + - >- + The entity's value is derived through inference and is not + necessarily an exact text extraction from the document. + enum: + - METHOD_UNSPECIFIED + - EXTRACT + - DERIVE + propertyMetadata: + description: Any additional metadata about the property can be added here. + $ref: '#/components/schemas/GoogleCloudDocumentaiUiv1beta3PropertyMetadata' + GoogleCloudDocumentaiUiv1beta3PropertyMetadata: + id: GoogleCloudDocumentaiUiv1beta3PropertyMetadata + description: Metadata about a property. type: object properties: - gcsManagedDocId: - description: A document id within user-managed Cloud Storage. + inactive: + description: Whether the property should be considered as "inactive". + type: boolean + humanReviewMetadata: + description: Human review validation config on the property. $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3DocumentIdGCSManagedDocumentId - unmanagedDocId: - description: A document id within unmanaged dataset. + #/components/schemas/GoogleCloudDocumentaiUiv1beta3HumanReviewValidationMetadata + humanReviewLabelingMetadata: + description: Human review labeling config on the property. $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3DocumentIdUnmanagedDocumentId - revisionRef: - description: Points to a specific revision of the document if set. - $ref: '#/components/schemas/GoogleCloudDocumentaiV1beta3RevisionRef' - GoogleCloudDocumentaiV1beta3DocumentIdGCSManagedDocumentId: - id: GoogleCloudDocumentaiV1beta3DocumentIdGCSManagedDocumentId + #/components/schemas/GoogleCloudDocumentaiUiv1beta3HumanReviewLabelingMetadata + schemaEditabilityMetadata: + description: Schema editability metadata on the property. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiUiv1beta3SchemaEditabilityMetadata + schemaInferenceMetadata: + description: Schema inference metadata on the property. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiUiv1beta3SchemaInferenceMetadata + fieldExtractionMetadata: + description: Field extraction metadata on the property. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiUiv1beta3FieldExtractionMetadata + fieldTierMetadata: + description: Field tier metadata on the property + $ref: '#/components/schemas/GoogleCloudDocumentaiUiv1beta3FieldTierMetadata' + GoogleCloudDocumentaiUiv1beta3HumanReviewValidationMetadata: + id: GoogleCloudDocumentaiUiv1beta3HumanReviewValidationMetadata + description: Metadata for Human Review config. + type: object + properties: + enableValidation: + description: Whether to enable human review validation. + type: boolean + confidenceThreshold: + description: The confidence threshold if human review validation is enabled. + type: number + format: float + GoogleCloudDocumentaiUiv1beta3HumanReviewLabelingMetadata: + id: GoogleCloudDocumentaiUiv1beta3HumanReviewLabelingMetadata + description: Metadata for human review labeling config. + type: object + properties: + enableNormalizationEditing: + description: Whether to enable normalization editing. + type: boolean + GoogleCloudDocumentaiUiv1beta3SchemaEditabilityMetadata: + id: GoogleCloudDocumentaiUiv1beta3SchemaEditabilityMetadata + description: >- + Metadata that specifies whether a label is editable and reasons why. + These fields are read-only. Changing these fields has no impact on the + backend. + type: object + properties: + editable: + description: Explicit flag that controls whether the label is editable. + type: boolean + processorVersions: + description: >- + Full resource name of processor versions that contain this label. + e.g. + `projects/{project}/locations/{location}/processors/{processor}/processorVersions/{processorVersion}` + type: array + items: + type: string + GoogleCloudDocumentaiUiv1beta3SchemaInferenceMetadata: + id: GoogleCloudDocumentaiUiv1beta3SchemaInferenceMetadata description: >- - Identifies a document uniquely within the scope of a dataset in the - user-managed Cloud Storage option. + Metadata for schema inference. Only used on dataset.schema for schema + inference, can be safely ignored elsewhere. type: object properties: - gcsUri: - description: Required. The Cloud Storage URI where the actual document is stored. - type: string - cwDocId: - description: Id of the document (indexed) managed by Content Warehouse. - deprecated: true - type: string - GoogleCloudDocumentaiV1beta3DocumentIdUnmanagedDocumentId: - id: GoogleCloudDocumentaiV1beta3DocumentIdUnmanagedDocumentId - description: >- - Identifies a document uniquely within the scope of a dataset in - unmanaged option. + inferred: + description: True if is inferred by schema inference. + type: boolean + GoogleCloudDocumentaiUiv1beta3FieldExtractionMetadata: + id: GoogleCloudDocumentaiUiv1beta3FieldExtractionMetadata + description: Metadata for how this field value is extracted. type: object properties: - docId: - description: Required. The id of the document. + entityQuery: + description: Entity query config. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiUiv1beta3FieldExtractionMetadataEntityQuery + summaryOptions: + description: Summary options config. + $ref: '#/components/schemas/GoogleCloudDocumentaiUiv1beta3SummaryOptions' + GoogleCloudDocumentaiUiv1beta3FieldExtractionMetadataEntityQuery: + id: GoogleCloudDocumentaiUiv1beta3FieldExtractionMetadataEntityQuery + description: Message for entity query. + type: object + properties: + userEntityQuery: + description: The original entity query inputed by the user. type: string - GoogleCloudDocumentaiV1beta3RevisionRef: - id: GoogleCloudDocumentaiV1beta3RevisionRef - description: The revision reference specifies which revision on the document to read. + GoogleCloudDocumentaiUiv1beta3SummaryOptions: + id: GoogleCloudDocumentaiUiv1beta3SummaryOptions + description: Metadata for document summarization. type: object properties: - revisionCase: - description: Reads the revision by the predefined case. + length: + description: How long the summary should be. type: string enumDescriptions: - - Unspecified case, fall back to read the `LATEST_HUMAN_REVIEW`. - - The latest revision made by a human. - - The latest revision based on timestamp. - - The first (OCR) revision. + - Default. + - A brief summary of one or two sentences. + - A paragraph-length summary. + - The longest option available. enum: - - REVISION_CASE_UNSPECIFIED - - LATEST_HUMAN_REVIEW - - LATEST_TIMESTAMP - - BASE_OCR_REVISION - revisionId: - description: Reads the revision given by the id. + - LENGTH_UNSPECIFIED + - BRIEF + - MODERATE + - COMPREHENSIVE + format: + description: The format the summary should be in. type: string - latestProcessorVersion: + enumDescriptions: + - Default. + - Format the output in paragraphs. + - Format the output in bullets. + enum: + - FORMAT_UNSPECIFIED + - PARAGRAPH + - BULLETS + GoogleCloudDocumentaiUiv1beta3FieldTierMetadata: + id: GoogleCloudDocumentaiUiv1beta3FieldTierMetadata + description: Metadata for the field tier of a property. + type: object + properties: + tierLevel: description: >- - Reads the revision generated by the processor version. The format - takes the full resource name of processor version. - `projects/{project}/locations/{location}/processors/{processor}/processorVersions/{processorVersion}` - type: string - GoogleCloudDocumentaiV1beta3ImportDocumentsMetadataImportConfigValidationResult: - id: >- - GoogleCloudDocumentaiV1beta3ImportDocumentsMetadataImportConfigValidationResult + Integer that indicates the tier of a property. e.g. Invoice has + entities that are classified as tier 1 which is the most important, + while tier 2 and tier 3 less so. This attribute can be used to + filter schema attributes before running eval. e.g. compute F1 score + for only tier 1 entities. If not present this attribute should be + inferred as 1. + type: integer + format: int32 + GoogleCloudDocumentaiUiv1beta3EntityTypeMetadata: + id: GoogleCloudDocumentaiUiv1beta3EntityTypeMetadata + description: Metadata about an entity type. + type: object + properties: + inactive: + description: Whether the entity type should be considered inactive. + type: boolean + humanReviewMetadata: + description: Human review config on the entity. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiUiv1beta3HumanReviewValidationMetadata + humanReviewLabelingMetadata: + description: Human review labeling config on the entity. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiUiv1beta3HumanReviewLabelingMetadata + schemaEditabilityMetadata: + description: Schema editability metadata on the entity. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiUiv1beta3SchemaEditabilityMetadata + schemaInferenceMetadata: + description: Schema inference metadata on the entity. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiUiv1beta3SchemaInferenceMetadata + fieldTierMetadata: + description: Field tier metadata on the property + $ref: '#/components/schemas/GoogleCloudDocumentaiUiv1beta3FieldTierMetadata' + GoogleCloudDocumentaiUiv1beta3DocumentSchemaMetadata: + id: GoogleCloudDocumentaiUiv1beta3DocumentSchemaMetadata + description: Metadata for global schema behavior. + type: object + properties: + documentSplitter: + description: >- + If true, a `document` entity type can be applied to subdocument + (splitting). Otherwise, it can only be applied to the entire + document (classification). + type: boolean + documentAllowMultipleLabels: + description: >- + If true, on a given page, there can be multiple `document` + annotations covering it. + type: boolean + prefixedNamingOnProperties: + description: If set, all the nested entities must be prefixed with the parents. + type: boolean + skipNamingValidation: + description: >- + If set, we will skip the naming format validation in the schema. So + the string values in `DocumentSchema.EntityType.name` and + `DocumentSchema.EntityType.Property.name` will not be checked. + type: boolean + GoogleCloudDocumentaiUiv1beta3EvaluationReference: + id: GoogleCloudDocumentaiUiv1beta3EvaluationReference description: >- - The validation status of each import config. Status is set to an error - if there are no documents to import in the `import_config`, or `OK` if - the operation will try to proceed with at least one document. + Gives a short summary of an evaluation, and links to the evaluation + itself. type: object properties: - inputGcsSource: - description: The source Cloud Storage URI specified in the import config. + operation: + description: The resource name of the Long Running Operation for the evaluation. type: string - status: - description: The validation status of import config. - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDocumentaiV1beta3ImportDocumentsResponse: - id: GoogleCloudDocumentaiV1beta3ImportDocumentsResponse - description: Response of the import document operation. - type: object - properties: {} - GoogleCloudDocumentaiV1beta3BatchDeleteDocumentsMetadata: - id: GoogleCloudDocumentaiV1beta3BatchDeleteDocumentsMetadata + evaluation: + description: The resource name of the evaluation. + type: string + aggregateMetrics: + description: >- + An aggregate of the statistics for the evaluation with fuzzy + matching on. + $ref: '#/components/schemas/GoogleCloudDocumentaiUiv1beta3EvaluationMetrics' + aggregateMetricsExact: + description: >- + An aggregate of the statistics for the evaluation with fuzzy + matching off. + $ref: '#/components/schemas/GoogleCloudDocumentaiUiv1beta3EvaluationMetrics' + GoogleCloudDocumentaiUiv1beta3EvaluationMetrics: + id: GoogleCloudDocumentaiUiv1beta3EvaluationMetrics + description: Evaluation metrics, either in aggregate or about a specific entity. type: object properties: - commonMetadata: - description: The basic metadata of the long-running operation. - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3CommonOperationMetadata - individualBatchDeleteStatuses: - description: The list of response details of each document. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1beta3BatchDeleteDocumentsMetadataIndividualBatchDeleteStatus - totalDocumentCount: - description: Total number of documents deleting from dataset. + precision: + description: The calculated precision. + type: number + format: float + recall: + description: The calculated recall. + type: number + format: float + f1Score: + description: The calculated f1 score. + type: number + format: float + predictedOccurrencesCount: + description: The amount of occurrences in predicted documents. type: integer format: int32 - errorDocumentCount: - description: Total number of documents that failed to be deleted in storage. + groundTruthOccurrencesCount: + description: The amount of occurrences in ground truth documents. type: integer format: int32 - GoogleCloudDocumentaiV1beta3BatchDeleteDocumentsMetadataIndividualBatchDeleteStatus: - id: >- - GoogleCloudDocumentaiV1beta3BatchDeleteDocumentsMetadataIndividualBatchDeleteStatus - description: The status of each individual document in the batch delete process. - type: object - properties: - documentId: - description: The document id of the document. - $ref: '#/components/schemas/GoogleCloudDocumentaiV1beta3DocumentId' - status: - description: The status of deleting the document in storage. - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudDocumentaiV1beta3BatchDeleteDocumentsResponse: - id: GoogleCloudDocumentaiV1beta3BatchDeleteDocumentsResponse - description: Response of the delete documents operation. - type: object - properties: {} - GoogleCloudDocumentaiUiv1beta3DeleteProcessorMetadata: - id: GoogleCloudDocumentaiUiv1beta3DeleteProcessorMetadata - description: The long-running operation metadata for the DeleteProcessor method. - type: object - properties: - commonMetadata: - description: The basic metadata of the long-running operation. - $ref: >- - #/components/schemas/GoogleCloudDocumentaiUiv1beta3CommonOperationMetadata - GoogleCloudDocumentaiUiv1beta3CommonOperationMetadata: - id: GoogleCloudDocumentaiUiv1beta3CommonOperationMetadata - description: The common metadata for long running operations. + predictedDocumentCount: + description: The amount of documents with a predicted occurrence. + type: integer + format: int32 + groundTruthDocumentCount: + description: The amount of documents with a ground truth occurrence. + type: integer + format: int32 + truePositivesCount: + description: The amount of true positives. + type: integer + format: int32 + falsePositivesCount: + description: The amount of false positives. + type: integer + format: int32 + falseNegativesCount: + description: The amount of false negatives. + type: integer + format: int32 + totalDocumentsCount: + description: The amount of documents that had an occurrence of this label. + type: integer + format: int32 + GoogleCloudDocumentaiUiv1beta3ProcessorVersionDeprecationInfo: + id: GoogleCloudDocumentaiUiv1beta3ProcessorVersionDeprecationInfo + description: Information about the upcoming deprecation of this processor version. type: object properties: - state: - description: The state of the operation. - type: string - enumDescriptions: - - Unspecified state. - - Operation is still running. - - Operation is being cancelled. - - Operation succeeded. - - Operation failed. - - Operation is cancelled. - enum: - - STATE_UNSPECIFIED - - RUNNING - - CANCELLING - - SUCCEEDED - - FAILED - - CANCELLED - stateMessage: - description: >- - A message providing more details about the current state of - processing. - type: string - resource: - description: A related resource to this operation. - type: string - createTime: - description: The creation time of the operation. + deprecationTime: + description: The time at which this processor version will be deprecated. type: string format: google-datetime - updateTime: - description: The last update time of the operation. + replacementProcessorVersion: + description: If set, the processor version that will be used as a replacement. type: string - format: google-datetime - GoogleCloudDocumentaiUiv1beta3EnableProcessorResponse: - id: GoogleCloudDocumentaiUiv1beta3EnableProcessorResponse - description: >- - Response message for the EnableProcessor method. Intentionally empty - proto for adding fields in future. - type: object - properties: {} - GoogleCloudDocumentaiUiv1beta3EnableProcessorMetadata: - id: GoogleCloudDocumentaiUiv1beta3EnableProcessorMetadata - description: The long-running operation metadata for the EnableProcessor method. + GoogleCloudDocumentaiUiv1beta3ProcessorVersionGenAiModelInfo: + id: GoogleCloudDocumentaiUiv1beta3ProcessorVersionGenAiModelInfo + description: Information about Generative AI model-based processor versions. type: object properties: - commonMetadata: - description: The basic metadata of the long-running operation. + foundationGenAiModelInfo: + description: Information for a pretrained Google-managed foundation model. $ref: >- - #/components/schemas/GoogleCloudDocumentaiUiv1beta3CommonOperationMetadata - GoogleCloudDocumentaiUiv1beta3DisableProcessorResponse: - id: GoogleCloudDocumentaiUiv1beta3DisableProcessorResponse - description: >- - Response message for the DisableProcessor method. Intentionally empty - proto for adding fields in future. + #/components/schemas/GoogleCloudDocumentaiUiv1beta3ProcessorVersionGenAiModelInfoFoundationGenAiModelInfo + customGenAiModelInfo: + description: Information for a custom Generative AI model created by the user. + $ref: >- + #/components/schemas/GoogleCloudDocumentaiUiv1beta3ProcessorVersionGenAiModelInfoCustomGenAiModelInfo + GoogleCloudDocumentaiUiv1beta3ProcessorVersionGenAiModelInfoFoundationGenAiModelInfo: + id: >- + GoogleCloudDocumentaiUiv1beta3ProcessorVersionGenAiModelInfoFoundationGenAiModelInfo + description: Information for a pretrained Google-managed foundation model. type: object - properties: {} - GoogleCloudDocumentaiUiv1beta3DisableProcessorMetadata: - id: GoogleCloudDocumentaiUiv1beta3DisableProcessorMetadata - description: The long-running operation metadata for the DisableProcessor method. + properties: + finetuningAllowed: + description: Whether finetuning is allowed for this base processor version. + type: boolean + minTrainLabeledDocuments: + description: >- + The minimum number of labeled documents in the training dataset + required for finetuning. + type: integer + format: int32 + GoogleCloudDocumentaiUiv1beta3ProcessorVersionGenAiModelInfoCustomGenAiModelInfo: + id: >- + GoogleCloudDocumentaiUiv1beta3ProcessorVersionGenAiModelInfoCustomGenAiModelInfo + description: >- + Information for a custom Generative AI model created by the user. These + are created with `Create New Version` in either the `Call foundation + model` or `Fine tuning` tabs. type: object properties: - commonMetadata: - description: The basic metadata of the long-running operation. - $ref: >- - #/components/schemas/GoogleCloudDocumentaiUiv1beta3CommonOperationMetadata + customModelType: + description: The type of custom model created by the user. + type: string + enumDescriptions: + - The model type is unspecified. + - The model is a versioned foundation model. + - The model is a finetuned foundation model. + enum: + - CUSTOM_MODEL_TYPE_UNSPECIFIED + - VERSIONED_FOUNDATION + - FINE_TUNED + baseProcessorVersionId: + description: The base processor version ID for the custom model. + type: string GoogleCloudDocumentaiUiv1beta3TrainProcessorVersionMetadata: id: GoogleCloudDocumentaiUiv1beta3TrainProcessorVersionMetadata description: The metadata that represents a processor version being created. @@ -5711,6 +7504,127 @@ components: update: [] replace: [] delete: [] + schemas: + id: google.documentai.schemas + name: schemas + title: Schemas + methods: + projects_locations_schemas_create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemas/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_schemas_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemas/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.schemas + projects_locations_schemas_patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemas~1{schemasId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_schemas_delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemas~1{schemasId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_schemas_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemas~1{schemasId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/schemas/methods/projects_locations_schemas_get + - $ref: >- + #/components/x-stackQL-resources/schemas/methods/projects_locations_schemas_list + insert: + - $ref: >- + #/components/x-stackQL-resources/schemas/methods/projects_locations_schemas_create + update: + - $ref: >- + #/components/x-stackQL-resources/schemas/methods/projects_locations_schemas_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/schemas/methods/projects_locations_schemas_delete + schema_versions: + id: google.documentai.schema_versions + name: schema_versions + title: Schema_versions + methods: + projects_locations_schemas_schema_versions_create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemas~1{schemasId}~1schemaVersions/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_schemas_schema_versions_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemas~1{schemasId}~1schemaVersions/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.schemaVersions + projects_locations_schemas_schema_versions_patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemas~1{schemasId}~1schemaVersions~1{schemaVersionsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_schemas_schema_versions_delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemas~1{schemasId}~1schemaVersions~1{schemaVersionsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_schemas_schema_versions_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemas~1{schemasId}~1schemaVersions~1{schemaVersionsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_schemas_schema_versions_generate: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemas~1{schemasId}~1schemaVersions:generate/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/schema_versions/methods/projects_locations_schemas_schema_versions_get + - $ref: >- + #/components/x-stackQL-resources/schema_versions/methods/projects_locations_schemas_schema_versions_list + insert: + - $ref: >- + #/components/x-stackQL-resources/schema_versions/methods/projects_locations_schemas_schema_versions_create + update: + - $ref: >- + #/components/x-stackQL-resources/schema_versions/methods/projects_locations_schemas_schema_versions_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/schema_versions/methods/projects_locations_schemas_schema_versions_delete paths: /v1/projects/{projectsId}/operations/{operationsId}: parameters: &ref_1 @@ -5730,7 +7644,184 @@ paths: Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: documentai.projects.operations.get + operationId: documentai.projects.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}:fetchProcessorTypes: + parameters: *ref_1 + get: + description: >- + Fetches processor types. Note that we don't use ListProcessorTypes here, + because it isn't paginated. + operationId: documentai.projects.locations.fetchProcessorTypes + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1FetchProcessorTypesResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations: + parameters: *ref_1 + get: + description: Lists information about the supported locations for this service. + operationId: documentai.projects.locations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudLocationListLocationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: extraLocationTypes + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}: + parameters: *ref_1 + get: + description: Gets information about a location. + operationId: documentai.projects.locations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudLocationLocation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: documentai.projects.locations.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: documentai.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5749,18 +7840,30 @@ paths: required: true schema: type: string + - in: path + name: locationsId + required: true + schema: + type: string - in: path name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}:fetchProcessorTypes: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Fetches processor types. Note that we don't use ListProcessorTypes here, - because it isn't paginated. - operationId: documentai.projects.locations.fetchProcessorTypes + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: documentai.projects.locations.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5772,8 +7875,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1FetchProcessorTypesResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -5785,11 +7887,94 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}:process: + parameters: *ref_1 + post: + description: Processes a single document. + operationId: documentai.projects.locations.processors.process + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1ProcessRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1ProcessResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: processorsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}:batchProcess: + parameters: *ref_1 + post: + description: >- + LRO endpoint to batch process many documents. The output is written to + Cloud Storage as JSON in the [Document] format. + operationId: documentai.projects.locations.processors.batchProcess + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1BatchProcessRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: processorsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/processors: parameters: *ref_1 get: - description: Lists information about the supported locations for this service. - operationId: documentai.projects.locations.list + description: Lists all processors which belong to this project. + operationId: documentai.projects.locations.processors.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5801,15 +7986,17 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudLocationListLocationsResponse' + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1ListProcessorsResponse parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter + - in: path + name: locationsId + required: true schema: type: string - in: query @@ -5821,15 +8008,48 @@ paths: name: pageToken schema: type: string - - in: query - name: extraLocationTypes + post: + description: >- + Creates a processor from the ProcessorType provided. The processor will + be at `ENABLED` state by default after its creation. Note that this + method requires the `documentai.processors.create` permission on the + project, which is highly privileged. A user or service account with this + permission can create new processors that can interact with any gcs + bucket in your project. + operationId: documentai.projects.locations.processors.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1Processor' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1Processor' + parameters: + - in: path + name: projectsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}: + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}: parameters: *ref_1 get: - description: Gets information about a location. - operationId: documentai.projects.locations.get + description: Gets a processor detail. + operationId: documentai.projects.locations.processors.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5841,7 +8061,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudLocationLocation' + $ref: '#/components/schemas/GoogleCloudDocumentaiV1Processor' parameters: - in: path name: projectsId @@ -5853,13 +8073,55 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: - parameters: *ref_1 - get: + - in: path + name: processorsId + required: true + schema: + type: string + delete: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: documentai.projects.locations.operations.list + Deletes the processor, unloads all deployed model artifacts if it was + enabled and then deletes all artifacts associated with this processor. + operationId: documentai.projects.locations.processors.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: processorsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}:enable: + parameters: *ref_1 + post: + description: Enables a processor + operationId: documentai.projects.locations.processors.enable + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1EnableProcessorRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5871,7 +8133,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -5883,27 +8145,22 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: processorsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}:disable: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: documentai.projects.locations.operations.get + post: + description: Disables a processor + operationId: documentai.projects.locations.processors.disable + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1DisableProcessorRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5928,24 +8185,23 @@ paths: schema: type: string - in: path - name: operationsId + name: processorsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}:setDefaultProcessorVersion: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: documentai.projects.locations.operations.cancel + Set the default (active) version of a Processor that will be used in + ProcessDocument and BatchProcessDocuments. + operationId: documentai.projects.locations.processors.setDefaultProcessorVersion + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1SetDefaultProcessorVersionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5957,7 +8213,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -5970,15 +8226,15 @@ paths: schema: type: string - in: path - name: operationsId + name: processorsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}:process: + /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions/{processorVersionsId}:process: parameters: *ref_1 post: description: Processes a single document. - operationId: documentai.projects.locations.processors.process + operationId: documentai.projects.locations.processors.processorVersions.process requestBody: content: application/json: @@ -6012,13 +8268,18 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}:batchProcess: + - in: path + name: processorVersionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions/{processorVersionsId}:batchProcess: parameters: *ref_1 post: description: >- LRO endpoint to batch process many documents. The output is written to Cloud Storage as JSON in the [Document] format. - operationId: documentai.projects.locations.processors.batchProcess + operationId: documentai.projects.locations.processors.processorVersions.batchProcess requestBody: content: application/json: @@ -6052,11 +8313,24 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors: + - in: path + name: processorVersionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions:train: parameters: *ref_1 - get: - description: Lists all processors which belong to this project. - operationId: documentai.projects.locations.processors.list + post: + description: >- + Trains a new processor version. Operation metadata is returned as + TrainProcessorVersionMetadata. + operationId: documentai.projects.locations.processors.processorVersions.train + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1TrainProcessorVersionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6068,8 +8342,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1ListProcessorsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -6081,29 +8354,16 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: processorsId + required: true schema: type: string - post: - description: >- - Creates a processor from the ProcessorType provided. The processor will - be at `ENABLED` state by default after its creation. Note that this - method requires the `documentai.processors.create` permission on the - project, which is highly privileged. A user or service account with this - permission can create new processors that can interact with any gcs - bucket in your project. - operationId: documentai.projects.locations.processors.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1Processor' + /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions/{processorVersionsId}: + parameters: *ref_1 + get: + description: Gets a processor version detail. + operationId: documentai.projects.locations.processors.processorVersions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6115,7 +8375,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1Processor' + $ref: '#/components/schemas/GoogleCloudDocumentaiV1ProcessorVersion' parameters: - in: path name: projectsId @@ -6127,11 +8387,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}: - parameters: *ref_1 - get: - description: Gets a processor detail. - operationId: documentai.projects.locations.processors.get + - in: path + name: processorsId + required: true + schema: + type: string + - in: path + name: processorVersionsId + required: true + schema: + type: string + delete: + description: >- + Deletes the processor version, all artifacts under the processor version + will be deleted. + operationId: documentai.projects.locations.processors.processorVersions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6143,7 +8413,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1Processor' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -6160,11 +8430,16 @@ paths: required: true schema: type: string - delete: - description: >- - Deletes the processor, unloads all deployed model artifacts if it was - enabled and then deletes all artifacts associated with this processor. - operationId: documentai.projects.locations.processors.delete + - in: path + name: processorVersionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions: + parameters: *ref_1 + get: + description: Lists all versions of a processor. + operationId: documentai.projects.locations.processors.processorVersions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6176,7 +8451,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1ListProcessorVersionsResponse parameters: - in: path name: projectsId @@ -6193,17 +8469,26 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}:enable: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions/{processorVersionsId}:deploy: parameters: *ref_1 post: - description: Enables a processor - operationId: documentai.projects.locations.processors.enable + description: Deploys the processor version. + operationId: documentai.projects.locations.processors.processorVersions.deploy requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1EnableProcessorRequest + #/components/schemas/GoogleCloudDocumentaiV1DeployProcessorVersionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6232,17 +8517,22 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}:disable: + - in: path + name: processorVersionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions/{processorVersionsId}:undeploy: parameters: *ref_1 post: - description: Disables a processor - operationId: documentai.projects.locations.processors.disable + description: Undeploys the processor version. + operationId: documentai.projects.locations.processors.processorVersions.undeploy requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DisableProcessorRequest + #/components/schemas/GoogleCloudDocumentaiV1UndeployProcessorVersionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6271,19 +8561,25 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}:setDefaultProcessorVersion: + - in: path + name: processorVersionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions/{processorVersionsId}:evaluateProcessorVersion: parameters: *ref_1 post: description: >- - Set the default (active) version of a Processor that will be used in - ProcessDocument and BatchProcessDocuments. - operationId: documentai.projects.locations.processors.setDefaultProcessorVersion + Evaluates a ProcessorVersion against annotated documents, producing an + Evaluation. + operationId: >- + documentai.projects.locations.processors.processorVersions.evaluateProcessorVersion requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1SetDefaultProcessorVersionRequest + #/components/schemas/GoogleCloudDocumentaiV1EvaluateProcessorVersionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6312,16 +8608,17 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions/{processorVersionsId}:process: + - in: path + name: processorVersionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions/{processorVersionsId}/evaluations/{evaluationsId}: parameters: *ref_1 - post: - description: Processes a single document. - operationId: documentai.projects.locations.processors.processorVersions.process - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1ProcessRequest' + get: + description: Retrieves a specific evaluation. + operationId: >- + documentai.projects.locations.processors.processorVersions.evaluations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6333,7 +8630,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1ProcessResponse' + $ref: '#/components/schemas/GoogleCloudDocumentaiV1Evaluation' parameters: - in: path name: projectsId @@ -6355,18 +8652,17 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions/{processorVersionsId}:batchProcess: - parameters: *ref_1 - post: - description: >- - LRO endpoint to batch process many documents. The output is written to - Cloud Storage as JSON in the [Document] format. - operationId: documentai.projects.locations.processors.processorVersions.batchProcess - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1BatchProcessRequest' + - in: path + name: evaluationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions/{processorVersionsId}/evaluations: + parameters: *ref_1 + get: + description: Retrieves a set of evaluations for a given processor version. + operationId: >- + documentai.projects.locations.processors.processorVersions.evaluations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6378,7 +8674,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1ListEvaluationsResponse parameters: - in: path name: projectsId @@ -6400,19 +8697,29 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions:train: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/humanReviewConfig:reviewDocument: parameters: *ref_1 post: description: >- - Trains a new processor version. Operation metadata is returned as - TrainProcessorVersionMetadata. - operationId: documentai.projects.locations.processors.processorVersions.train + Send a document for Human Review. The input document should be processed + by the specified processor. + operationId: >- + documentai.projects.locations.processors.humanReviewConfig.reviewDocument requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1TrainProcessorVersionRequest + #/components/schemas/GoogleCloudDocumentaiV1ReviewDocumentRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6441,11 +8748,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions/{processorVersionsId}: + /v1/projects/{projectsId}/locations/{locationsId}/processorTypes: parameters: *ref_1 get: - description: Gets a processor version detail. - operationId: documentai.projects.locations.processors.processorVersions.get + description: Lists the processor types that exist. + operationId: documentai.projects.locations.processorTypes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6457,7 +8764,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1ProcessorVersion' + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1ListProcessorTypesResponse parameters: - in: path name: projectsId @@ -6469,21 +8777,20 @@ paths: required: true schema: type: string - - in: path - name: processorsId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: processorVersionsId - required: true + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - delete: - description: >- - Deletes the processor version, all artifacts under the processor version - will be deleted. - operationId: documentai.projects.locations.processors.processorVersions.delete + /v1/projects/{projectsId}/locations/{locationsId}/processorTypes/{processorTypesId}: + parameters: *ref_1 + get: + description: Gets a processor type detail. + operationId: documentai.projects.locations.processorTypes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6495,7 +8802,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDocumentaiV1ProcessorType' parameters: - in: path name: projectsId @@ -6508,20 +8815,46 @@ paths: schema: type: string - in: path - name: processorsId + name: processorTypesId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/schemas: + parameters: *ref_1 + post: + description: Creates a schema. + operationId: documentai.projects.locations.schemas.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1NextSchema' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1NextSchema' + parameters: - in: path - name: processorVersionsId + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions: - parameters: *ref_1 get: - description: Lists all versions of a processor. - operationId: documentai.projects.locations.processors.processorVersions.list + description: Lists Schemas. + operationId: documentai.projects.locations.schemas.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6534,7 +8867,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1ListProcessorVersionsResponse + #/components/schemas/GoogleCloudDocumentaiV1ListSchemasResponse parameters: - in: path name: projectsId @@ -6546,11 +8879,6 @@ paths: required: true schema: type: string - - in: path - name: processorsId - required: true - schema: - type: string - in: query name: pageSize schema: @@ -6560,17 +8888,16 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions/{processorVersionsId}:deploy: + /v1/projects/{projectsId}/locations/{locationsId}/schemas/{schemasId}: parameters: *ref_1 - post: - description: Deploys the processor version. - operationId: documentai.projects.locations.processors.processorVersions.deploy + patch: + description: 'Updates a schema. Editable fields are: - `display_name` - `labels`' + operationId: documentai.projects.locations.schemas.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1DeployProcessorVersionRequest + $ref: '#/components/schemas/GoogleCloudDocumentaiV1NextSchema' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6582,7 +8909,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDocumentaiV1NextSchema' parameters: - in: path name: projectsId @@ -6595,26 +8922,18 @@ paths: schema: type: string - in: path - name: processorsId + name: schemasId required: true schema: type: string - - in: path - name: processorVersionsId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions/{processorVersionsId}:undeploy: - parameters: *ref_1 - post: - description: Undeploys the processor version. - operationId: documentai.projects.locations.processors.processorVersions.undeploy - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1UndeployProcessorVersionRequest + format: google-fieldmask + delete: + description: Deletes a schema. + operationId: documentai.projects.locations.schemas.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6639,29 +8958,55 @@ paths: schema: type: string - in: path - name: processorsId + name: schemasId + required: true + schema: + type: string + - in: query + name: force + schema: + type: boolean + get: + description: Gets a schema. + operationId: documentai.projects.locations.schemas.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1NextSchema' + parameters: + - in: path + name: projectsId required: true schema: type: string - in: path - name: processorVersionsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions/{processorVersionsId}:evaluateProcessorVersion: + - in: path + name: schemasId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/schemas/{schemasId}/schemaVersions: parameters: *ref_1 post: - description: >- - Evaluates a ProcessorVersion against annotated documents, producing an - Evaluation. - operationId: >- - documentai.projects.locations.processors.processorVersions.evaluateProcessorVersion + description: Creates a schema version. + operationId: documentai.projects.locations.schemas.schemaVersions.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1EvaluateProcessorVersionRequest + $ref: '#/components/schemas/GoogleCloudDocumentaiV1SchemaVersion' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6673,7 +9018,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudDocumentaiV1SchemaVersion' parameters: - in: path name: projectsId @@ -6686,21 +9031,13 @@ paths: schema: type: string - in: path - name: processorsId - required: true - schema: - type: string - - in: path - name: processorVersionsId + name: schemasId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions/{processorVersionsId}/evaluations/{evaluationsId}: - parameters: *ref_1 get: - description: Retrieves a specific evaluation. - operationId: >- - documentai.projects.locations.processors.processorVersions.evaluations.get + description: Lists SchemaVersions. + operationId: documentai.projects.locations.schemas.schemaVersions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6712,7 +9049,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1Evaluation' + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1ListSchemaVersionsResponse parameters: - in: path name: projectsId @@ -6725,26 +9063,31 @@ paths: schema: type: string - in: path - name: processorsId + name: schemasId required: true schema: type: string - - in: path - name: processorVersionsId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: evaluationsId - required: true + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/processorVersions/{processorVersionsId}/evaluations: + /v1/projects/{projectsId}/locations/{locationsId}/schemas/{schemasId}/schemaVersions/{schemaVersionsId}: parameters: *ref_1 - get: - description: Retrieves a set of evaluations for a given processor version. - operationId: >- - documentai.projects.locations.processors.processorVersions.evaluations.list + patch: + description: >- + Updates a schema version. Editable fields are: - `display_name` - + `labels` + operationId: documentai.projects.locations.schemas.schemaVersions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudDocumentaiV1SchemaVersion' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6756,8 +9099,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1ListEvaluationsResponse + $ref: '#/components/schemas/GoogleCloudDocumentaiV1SchemaVersion' parameters: - in: path name: projectsId @@ -6770,38 +9112,23 @@ paths: schema: type: string - in: path - name: processorsId + name: schemasId required: true schema: type: string - in: path - name: processorVersionsId + name: schemaVersionsId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processors/{processorsId}/humanReviewConfig:reviewDocument: - parameters: *ref_1 - post: - description: >- - Send a document for Human Review. The input document should be processed - by the specified processor. - operationId: >- - documentai.projects.locations.processors.humanReviewConfig.reviewDocument - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1ReviewDocumentRequest + format: google-fieldmask + delete: + description: Deletes a schema version. + operationId: documentai.projects.locations.schemas.schemaVersions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6826,15 +9153,18 @@ paths: schema: type: string - in: path - name: processorsId + name: schemasId + required: true + schema: + type: string + - in: path + name: schemaVersionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processorTypes: - parameters: *ref_1 get: - description: Lists the processor types that exist. - operationId: documentai.projects.locations.processorTypes.list + description: Gets a schema version. + operationId: documentai.projects.locations.schemas.schemaVersions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6846,8 +9176,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudDocumentaiV1ListProcessorTypesResponse + $ref: '#/components/schemas/GoogleCloudDocumentaiV1SchemaVersion' parameters: - in: path name: projectsId @@ -6859,20 +9188,27 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: schemasId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: schemaVersionsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/processorTypes/{processorTypesId}: + /v1/projects/{projectsId}/locations/{locationsId}/schemas/{schemasId}/schemaVersions:generate: parameters: *ref_1 - get: - description: Gets a processor type detail. - operationId: documentai.projects.locations.processorTypes.get + post: + description: Generates a schema version. + operationId: documentai.projects.locations.schemas.schemaVersions.generate + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1GenerateSchemaVersionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6884,7 +9220,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudDocumentaiV1ProcessorType' + $ref: >- + #/components/schemas/GoogleCloudDocumentaiV1GenerateSchemaVersionResponse parameters: - in: path name: projectsId @@ -6897,7 +9234,7 @@ paths: schema: type: string - in: path - name: processorTypesId + name: schemasId required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/domains.yaml b/providers/src/googleapis.com/v00.00.00000/services/domains.yaml index f6e19366..f07b2f23 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/domains.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/domains.yaml @@ -7,8 +7,8 @@ info: title: Cloud Domains API description: Enables management and configuration of domain names. version: v1 - x-discovery-doc-revision: '20250225' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20250918' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/domains/ servers: @@ -34,482 +34,360 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object + WrrPolicyItem: + description: A routing block which contains the routing information for one WRR item. properties: - operations: + healthCheckedTargets: description: >- - A list of operations that matches the specified filter in the - request. + Endpoints that are health checked before making the routing + decision. The unhealthy endpoints are omitted from the result. If + all endpoints within a bucket are unhealthy, we choose a different + bucket (sampled with respect to its weight) for responding. If + DNSSEC is enabled for this zone, only one of `rrdata` or + `health_checked_targets` can be set. + $ref: '#/components/schemas/HealthCheckTargets' + weight: + type: number + format: double + description: >- + The weight corresponding to this `WrrPolicyItem` object. When + multiple `WrrPolicyItem` objects are configured, the probability of + returning an `WrrPolicyItem` object's data is proportional to its + weight relative to the sum of weights configured for all items. This + weight must be non-negative. + signatureRrdata: + description: >- + DNSSEC generated signatures for all the `rrdata` within this item. + When using health-checked targets for DNSSEC-enabled zones, you can + only use at most one health-checked IP address per item. type: array items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + type: string + rrdata: + items: + type: string + type: array + id: WrrPolicyItem + type: object + TestIamPermissionsResponse: type: object properties: - name: + permissions: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + type: array + items: + type: string + description: Response message for `TestIamPermissions` method. + id: TestIamPermissionsResponse + ResourceRecordSet: + properties: + name: + type: string + description: For example, www.example.com. + signatureRrdata: + items: + type: string + type: array + description: As defined in RFC 4034 (section 3.2). + type: type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + The identifier of a supported record type. See the list of Supported + DNS record types. + routingPolicy: + $ref: '#/components/schemas/RRSetRoutingPolicy' description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + Configures dynamic query responses based on either the geo location + of the querying user or a weighted round robin based routing policy. + A valid `ResourceRecordSet` contains only `rrdata` (for static + resolution) or a `routing_policy` (for dynamic resolution). + ttl: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer + Number of seconds that this `ResourceRecordSet` can be cached by + resolvers. format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: + type: integer + rrdata: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + As defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1) -- + see examples. type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - SearchDomainsResponse: - id: SearchDomainsResponse - description: Response for the `SearchDomains` method. + type: string + id: ResourceRecordSet + description: A unit of data that is returned by the DNS servers. type: object - properties: - registerParameters: - description: Results of the domain name search. - type: array - items: - $ref: '#/components/schemas/RegisterParameters' - RegisterParameters: - id: RegisterParameters - description: Parameters required to register a new domain. + GlueRecord: type: object + description: >- + Defines a host on your domain that is a DNS name server for your domain + and/or other domains. Glue records are a way of making the IP address of + a name server known, even when it serves DNS queries for its parent + domain. For example, when `ns.example.com` is a name server for + `example.com`, the host `ns.example.com` must have a glue record to + break the circular DNS reference. properties: - domainName: - description: >- - The domain name. Unicode domain names are expressed in Punycode - format. - type: string - availability: - description: >- - Indicates whether the domain is available for registration. This - value is accurate when obtained by calling - `RetrieveRegisterParameters`, but is approximate when obtained by - calling `SearchDomains`. - type: string - enumDescriptions: - - The availability is unspecified. - - The domain is available for registration. - - >- - The domain is not available for registration. Generally this means - it is already registered to another party. - - >- - The domain is not currently supported by Cloud Domains, but may be - available elsewhere. - - >- - Cloud Domains is unable to determine domain availability, - generally due to system maintenance at the domain name registry. - enum: - - AVAILABILITY_UNSPECIFIED - - AVAILABLE - - UNAVAILABLE - - UNSUPPORTED - - UNKNOWN - supportedPrivacy: - description: Contact privacy options that the domain supports. + ipv4Addresses: type: array + description: >- + List of IPv4 addresses corresponding to this host in the standard + decimal format (e.g. `198.51.100.1`). At least one of `ipv4_address` + and `ipv6_address` must be set. items: type: string - enumDescriptions: - - The contact privacy settings are undefined. - - >- - All the data from `ContactSettings` is publicly available. When - setting this option, you must also provide a - `PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT` in the `contact_notices` - field of the request. - - >- - Deprecated: For more information, see [Cloud Domains feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). - None of the data from `ContactSettings` is publicly available. - Instead, proxy contact data is published for your domain. Email - sent to the proxy email address is forwarded to the registrant's - email address. Cloud Domains provides this privacy proxy service - at no additional cost. - - >- - The organization name (if provided) and limited non-identifying - data from `ContactSettings` is available to the public (e.g. - country and state). The remaining data is marked as `REDACTED - FOR PRIVACY` in the WHOIS database. The actual information - redacted depends on the domain. For details, see [the - registration privacy - article](https://support.google.com/domains/answer/3251242). - enumDeprecated: - - false - - false - - true - - false - enum: - - CONTACT_PRIVACY_UNSPECIFIED - - PUBLIC_CONTACT_DATA - - PRIVATE_CONTACT_DATA - - REDACTED_CONTACT_DATA - domainNotices: - description: Notices about special properties of the domain. + ipv6Addresses: + description: >- + List of IPv6 addresses corresponding to this host in the standard + hexadecimal format (e.g. `2001:db8::`). At least one of + `ipv4_address` and `ipv6_address` must be set. type: array items: type: string - enumDescriptions: - - The notice is undefined. - - >- - Indicates that the domain is preloaded on the HTTP Strict - Transport Security list in browsers. Serving a website on such - domain requires an SSL certificate. For details, see [how to get - an SSL - certificate](https://support.google.com/domains/answer/7638036). - enum: - - DOMAIN_NOTICE_UNSPECIFIED - - HSTS_PRELOADED - yearlyPrice: - description: Price to register or renew the domain for one year. - $ref: '#/components/schemas/Money' - Money: - id: Money - description: Represents an amount of money with its currency type. + hostName: + type: string + description: Required. Domain name of the host in Punycode format. + id: GlueRecord + ExportRegistrationRequest: + deprecated: true + id: ExportRegistrationRequest + description: >- + Deprecated: For more information, see [Cloud Domains feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). + Request for the `ExportRegistration` method. + type: object + properties: {} + RetrieveTransferParametersResponse: type: object properties: - currencyCode: - description: The three-letter currency code defined in ISO 4217. - type: string - units: + transferParameters: + description: Parameters to use when calling the `TransferDomain` method. + $ref: '#/components/schemas/TransferParameters' + id: RetrieveTransferParametersResponse + deprecated: true + description: >- + Deprecated: For more information, see [Cloud Domains feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). + Response for the `RetrieveTransferParameters` method. + Policy: + properties: + bindings: + items: + $ref: '#/components/schemas/Binding' + type: array description: >- - The whole units of the amount. For example if `currencyCode` is - `"USD"`, then 1 unit is one US dollar. + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + version: + format: int32 + type: integer + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + etag: + format: byte type: string - format: int64 - nanos: description: >- - Number of nano (10^-9) units of the amount. The value must be - between -999,999,999 and +999,999,999 inclusive. If `units` is - positive, `nanos` must be positive or zero. If `units` is zero, - `nanos` can be positive, zero, or negative. If `units` is negative, - `nanos` must be negative or zero. For example $-1.75 is represented - as `units`=-1 and `nanos`=-750,000,000. - type: integer - format: int32 - RetrieveRegisterParametersResponse: - id: RetrieveRegisterParametersResponse - description: Response for the `RetrieveRegisterParameters` method. + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + auditConfigs: + type: array + items: + $ref: '#/components/schemas/AuditConfig' + description: Specifies cloud audit logging configuration for this policy. + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + id: Policy type: object + SearchDomainsResponse: properties: registerParameters: - description: Parameters to use when calling the `RegisterDomain` method. - $ref: '#/components/schemas/RegisterParameters' - RegisterDomainRequest: - id: RegisterDomainRequest - description: Request for the `RegisterDomain` method. + items: + $ref: '#/components/schemas/RegisterParameters' + type: array + description: Results of the domain name search. + description: Response for the `SearchDomains` method. + id: SearchDomainsResponse type: object + RetrieveGoogleDomainsDnsRecordsResponse: + type: object + description: Response for the `RetrieveGoogleDomainsDnsRecords` method. + id: RetrieveGoogleDomainsDnsRecordsResponse properties: - registration: - description: Required. The complete `Registration` resource to be created. - $ref: '#/components/schemas/Registration' - domainNotices: - description: >- - The list of domain notices that you acknowledge. Call - `RetrieveRegisterParameters` to see the notices that need - acknowledgement. - type: array + rrset: + description: The resource record set resources (DNS Zone records). items: - type: string - enumDescriptions: - - The notice is undefined. - - >- - Indicates that the domain is preloaded on the HTTP Strict - Transport Security list in browsers. Serving a website on such - domain requires an SSL certificate. For details, see [how to get - an SSL - certificate](https://support.google.com/domains/answer/7638036). - enum: - - DOMAIN_NOTICE_UNSPECIFIED - - HSTS_PRELOADED - contactNotices: - description: >- - The list of contact notices that the caller acknowledges. The - notices needed here depend on the values specified in - `registration.contact_settings`. + $ref: '#/components/schemas/ResourceRecordSet' type: array - items: - type: string - enumDescriptions: - - The notice is undefined. - - >- - Required when setting the `privacy` field of `ContactSettings` - to `PUBLIC_CONTACT_DATA`, which exposes contact data publicly. - enum: - - CONTACT_NOTICE_UNSPECIFIED - - PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT + nextPageToken: + type: string + description: >- + When present, there are more results to retrieve. Set `page_token` + to this value on a subsequent call to get the next page of results. + Domain: + properties: + resourceState: + enum: + - RESOURCE_STATE_UNSPECIFIED + - IMPORTABLE + - UNSUPPORTED + - SUSPENDED + - EXPIRED + - DELETED + description: The state of this domain as a `Registration` resource. + type: string + enumDescriptions: + - The assessment is undefined. + - >- + A `Registration` resource can be created for this domain by + calling `ImportDomain`. + - >- + A `Registration` resource cannot be created for this domain + because it is not supported by Cloud Domains; for example, the + top-level domain is not supported or the registry charges + non-standard pricing for yearly renewals. + - >- + A `Registration` resource cannot be created for this domain + because it is suspended and needs to be resolved with Google + Domains. + - >- + A `Registration` resource cannot be created for this domain + because it is expired and needs to be renewed with Google Domains. + - >- + A `Registration` resource cannot be created for this domain + because it is deleted, but it may be possible to restore it with + Google Domains. yearlyPrice: description: >- - Required. Yearly price to register or renew the domain. The value - that should be put here can be obtained from - RetrieveRegisterParameters or SearchDomains calls. + Price to renew the domain for one year. Only set when + `resource_state` is `IMPORTABLE`. $ref: '#/components/schemas/Money' - validateOnly: + domainName: description: >- - When true, only validation is performed, without actually - registering the domain. Follows: - https://cloud.google.com/apis/design/design_patterns#request_validation - type: boolean - Registration: - id: Registration - description: >- - The `Registration` resource facilitates managing and configuring domain - name registrations. There are several ways to create a new - `Registration` resource: To create a new `Registration` resource, find a - suitable domain name by calling the `SearchDomains` method with a query - to see available domain name options. After choosing a name, call - `RetrieveRegisterParameters` to ensure availability and obtain - information like pricing, which is needed to build a call to - `RegisterDomain`. Another way to create a new `Registration` is to - transfer an existing domain from another registrar (Deprecated: For more - information, see [Cloud Domains feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations)). - First, go to the current registrar to unlock the domain for transfer and - retrieve the domain's transfer authorization code. Then call - `RetrieveTransferParameters` to confirm that the domain is unlocked and - to get values needed to build a call to `TransferDomain`. Finally, you - can create a new `Registration` by importing an existing domain managed - with [Google Domains](https://domains.google/) (Deprecated: For more - information, see [Cloud Domains feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations)). - First, call `RetrieveImportableDomains` to list domains to which the - calling user has sufficient access. Then call `ImportDomain` on any - domain names you want to use with Cloud Domains. + The domain name. Unicode domain names are expressed in Punycode + format. + type: string type: object + description: A domain that the calling user manages in Google Domains. + id: Domain + TestIamPermissionsRequest: + description: Request message for `TestIamPermissions` method. + type: object + id: TestIamPermissionsRequest properties: - name: - description: >- - Output only. Name of the `Registration` resource, in the format - `projects/*/locations/*/registrations/`. - readOnly: true - type: string - domainName: - description: >- - Required. Immutable. The domain name. Unicode domain names must be - expressed in Punycode format. - type: string - createTime: - description: Output only. The creation timestamp of the `Registration` resource. - readOnly: true - type: string - format: google-datetime - expireTime: - description: Output only. The expiration timestamp of the `Registration`. - readOnly: true - type: string - format: google-datetime - state: - description: Output only. The state of the `Registration` - readOnly: true - type: string - enumDescriptions: - - The state is undefined. - - The domain is being registered. - - >- - The domain registration failed. You can delete resources in this - state to allow registration to be retried. - - >- - The domain is being transferred from another registrar to Cloud - Domains. - - >- - The attempt to transfer the domain from another registrar to Cloud - Domains failed. You can delete resources in this state and retry - the transfer. - - The domain is being imported from Google Domains to Cloud Domains. - - >- - The domain is registered and operational. The domain renews - automatically as long as it remains in this state and the - `RenewalMethod` is set to `AUTOMATIC_RENEWAL`. - - >- - The domain is suspended and inoperative. For more details, see the - `issues` field. - - >- - The domain is no longer managed with Cloud Domains. It may have - been transferred to another registrar or exported for management - in [Google Domains](https://domains.google/). You can no longer - update it with this API, and information shown about it may be - stale. Domains in this state are not automatically renewed by - Cloud Domains. - - The domain is expired. - enumDeprecated: - - false - - false - - false - - true - - true - - true - - false - - false - - false - - false - enum: - - STATE_UNSPECIFIED - - REGISTRATION_PENDING - - REGISTRATION_FAILED - - TRANSFER_PENDING - - TRANSFER_FAILED - - IMPORT_PENDING - - ACTIVE - - SUSPENDED - - EXPORTED - - EXPIRED - issues: - description: >- - Output only. The set of issues with the `Registration` that require - attention. - readOnly: true - type: array + permissions: items: type: string - enumDescriptions: - - The issue is undefined. - - >- - Contact the Cloud Support team to resolve a problem with this - domain. - - >- - [ICANN](https://icann.org/) requires verification of the email - address in the `Registration`'s - `contact_settings.registrant_contact` field. To verify the email - address, follow the instructions in the email the - `registrant_contact` receives following registration. If you do - not complete email verification within 15 days of registration, - the domain is suspended. To resend the verification email, call - ConfigureContactSettings and provide the current - `registrant_contact.email`. - - >- - The billing account is not in good standing. The domain is not - automatically renewed at its expiration time unless you resolve - problems with your billing account. - - >- - The registry failed to validate your DNS configuration and - activate your domain. The failure might happen for the following - reasons: * You recently registered the domain (wait up to 72 - hours). * You provided invalid name servers or name servers that - correspond to a newly created DNS zone. Verify your DNS - configuration. If the configuration is incorrect, you must fix - it. If the configuration is correct, either wait or call the - ConfigureDnsSettings method to retry the registry validation. - enum: - - ISSUE_UNSPECIFIED - - CONTACT_SUPPORT - - UNVERIFIED_EMAIL - - PROBLEM_WITH_BILLING - - DNS_NOT_ACTIVATED - labels: - description: Set of labels associated with the `Registration`. - type: object - additionalProperties: - type: string - managementSettings: - description: >- - Settings for management of the `Registration`, including renewal, - billing, and transfer. You cannot update these with the - `UpdateRegistration` method. To update these settings, use the - `ConfigureManagementSettings` method. - $ref: '#/components/schemas/ManagementSettings' - dnsSettings: description: >- - Settings controlling the DNS configuration of the `Registration`. - You cannot update these with the `UpdateRegistration` method. To - update these settings, use the `ConfigureDnsSettings` method. - $ref: '#/components/schemas/DnsSettings' - contactSettings: + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + type: array + Contact: + properties: + postalAddress: + description: Required. Postal address of the contact. + $ref: '#/components/schemas/PostalAddress' + email: + description: Required. Email address of the contact. + type: string + faxNumber: description: >- - Required. Settings for contact information linked to the - `Registration`. You cannot update these with the - `UpdateRegistration` method. To update these settings, use the - `ConfigureContactSettings` method. - $ref: '#/components/schemas/ContactSettings' - pendingContactSettings: + Fax number of the contact in international format. For example, + `"+1-800-555-0123"`. + type: string + phoneNumber: description: >- - Output only. Pending contact settings for the `Registration`. - Updates to the `contact_settings` field that change its - `registrant_contact` or `privacy` fields require email confirmation - by the `registrant_contact` before taking effect. This field is set - only if there are pending updates to the `contact_settings` that - have not been confirmed. To confirm the changes, the - `registrant_contact` must follow the instructions in the email they - receive. - readOnly: true - $ref: '#/components/schemas/ContactSettings' + Required. Phone number of the contact in international format. For + example, `"+1-800-555-0123"`. + type: string + id: Contact + description: Details required for a contact associated with a `Registration`. + type: object + TransferParameters: + deprecated: true + properties: + yearlyPrice: + $ref: '#/components/schemas/Money' + description: Price to transfer or renew the domain for one year. supportedPrivacy: - description: >- - Output only. Set of options for the `contact_settings.privacy` field - that this `Registration` supports. - readOnly: true - type: array + description: Contact privacy options that the domain supports. items: - type: string + enumDeprecated: + - false + - false + - true + - false + enum: + - CONTACT_PRIVACY_UNSPECIFIED + - PUBLIC_CONTACT_DATA + - PRIVATE_CONTACT_DATA + - REDACTED_CONTACT_DATA enumDescriptions: - The contact privacy settings are undefined. - >- @@ -533,84 +411,137 @@ components: redacted depends on the domain. For details, see [the registration privacy article](https://support.google.com/domains/answer/3251242). - enumDeprecated: - - false - - false - - true - - false - enum: - - CONTACT_PRIVACY_UNSPECIFIED - - PUBLIC_CONTACT_DATA - - PRIVATE_CONTACT_DATA - - REDACTED_CONTACT_DATA - registerFailureReason: + type: string + type: array + transferLockState: description: >- - Output only. The reason the domain registration failed. Only set for - domains in REGISTRATION_FAILED state. - readOnly: true - type: string + Indicates whether the domain is protected by a transfer lock. For a + transfer to succeed, this must show `UNLOCKED`. To unlock a domain, + go to its current registrar. enumDescriptions: - - Register failure unspecified. - - Registration failed for an unknown reason. - - The domain is not available for registration. - - The provided contact information was rejected. + - The state is unspecified. + - >- + The domain is unlocked and can be transferred to another + registrar. + - >- + The domain is locked and cannot be transferred to another + registrar. + type: string enum: - - REGISTER_FAILURE_REASON_UNSPECIFIED - - REGISTER_FAILURE_REASON_UNKNOWN - - DOMAIN_NOT_AVAILABLE - - INVALID_CONTACTS - transferFailureReason: + - TRANSFER_LOCK_STATE_UNSPECIFIED + - UNLOCKED + - LOCKED + domainName: description: >- - Output only. Deprecated: For more information, see [Cloud Domains - feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). - The reason the domain transfer failed. Only set for domains in - TRANSFER_FAILED state. - readOnly: true - deprecated: true + The domain name. Unicode domain names are expressed in Punycode + format. type: string - enumDescriptions: - - Transfer failure unspecified. - - Transfer failed for an unknown reason. - - An email confirmation sent to the user was rejected or expired. - - The domain is available for registration. - - >- - The domain has a transfer lock with its current registrar which - must be removed prior to transfer. - - The authorization code entered is not valid. - - >- - The transfer was cancelled by the domain owner, current registrar, - or TLD registry. - - >- - The transfer was rejected by the current registrar. Contact the - current registrar for more information. - - >- - The registrant email address cannot be parsed from the domain's - current public contact data. - - >- - The domain is not eligible for transfer due requirements imposed - by the current registrar or TLD registry. - - >- - Another transfer is already pending for this domain. The existing - transfer attempt must expire or be cancelled in order to proceed. - enum: - - TRANSFER_FAILURE_REASON_UNSPECIFIED - - TRANSFER_FAILURE_REASON_UNKNOWN - - EMAIL_CONFIRMATION_FAILURE - - DOMAIN_NOT_REGISTERED - - DOMAIN_HAS_TRANSFER_LOCK - - INVALID_AUTHORIZATION_CODE - - TRANSFER_CANCELLED - - TRANSFER_REJECTED - - INVALID_REGISTRANT_EMAIL_ADDRESS - - DOMAIN_NOT_ELIGIBLE_FOR_TRANSFER - - TRANSFER_ALREADY_PENDING + currentRegistrarUri: + description: The URL of the registrar that currently manages the domain. + type: string + currentRegistrar: + description: The registrar that currently manages the domain. + type: string + nameServers: + items: + type: string + type: array + description: >- + The name servers that currently store the configuration of the + domain. + id: TransferParameters + type: object + description: >- + Deprecated: For more information, see [Cloud Domains feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). + Parameters required to transfer a domain from another registrar. + RetrieveRegisterParametersResponse: + description: Response for the `RetrieveRegisterParameters` method. + id: RetrieveRegisterParametersResponse + type: object + properties: + registerParameters: + description: Parameters to use when calling the `RegisterDomain` method. + $ref: '#/components/schemas/RegisterParameters' + InitiatePushTransferRequest: + type: object + properties: + tag: + type: string + description: >- + Required. The Tag of the new registrar. Can be found at [List of + registrars](https://nominet.uk/registrar-list/). + description: Request for the `InitiatePushTransfer` method. + id: InitiatePushTransferRequest + ListRegistrationsResponse: + properties: + nextPageToken: + description: >- + When present, there are more results to retrieve. Set `page_token` + to this value on a subsequent call to get the next page of results. + type: string + registrations: + description: A list of `Registration`s. + type: array + items: + $ref: '#/components/schemas/Registration' + description: Response for the `ListRegistrations` method. + type: object + id: ListRegistrationsResponse + Registration: + id: Registration + description: >- + The `Registration` resource facilitates managing and configuring domain + name registrations. There are several ways to create a new + `Registration` resource: To create a new `Registration` resource, find a + suitable domain name by calling the `SearchDomains` method with a query + to see available domain name options. After choosing a name, call + `RetrieveRegisterParameters` to ensure availability and obtain + information like pricing, which is needed to build a call to + `RegisterDomain`. Another way to create a new `Registration` is to + transfer an existing domain from another registrar (Deprecated: For more + information, see [Cloud Domains feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations)). + First, go to the current registrar to unlock the domain for transfer and + retrieve the domain's transfer authorization code. Then call + `RetrieveTransferParameters` to confirm that the domain is unlocked and + to get values needed to build a call to `TransferDomain`. Finally, you + can create a new `Registration` by importing an existing domain managed + with [Google Domains](https://domains.google/) (Deprecated: For more + information, see [Cloud Domains feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations)). + First, call `RetrieveImportableDomains` to list domains to which the + calling user has sufficient access. Then call `ImportDomain` on any + domain names you want to use with Cloud Domains. + type: object + properties: + pendingContactSettings: + $ref: '#/components/schemas/ContactSettings' + description: >- + Output only. Pending contact settings for the `Registration`. + Updates to the `contact_settings` field that change its + `registrant_contact` or `privacy` fields require email confirmation + by the `registrant_contact` before taking effect. This field is set + only if there are pending updates to the `contact_settings` that + have not been confirmed. To confirm the changes, the + `registrant_contact` must follow the instructions in the email they + receive. + readOnly: true + labels: + description: Set of labels associated with the `Registration`. + additionalProperties: + type: string + type: object + dnsSettings: + $ref: '#/components/schemas/DnsSettings' + description: >- + Settings controlling the DNS configuration of the `Registration`. + You cannot update these with the `UpdateRegistration` method. To + update these settings, use the `ConfigureDnsSettings` method. domainProperties: description: Output only. Special properties of the domain. - readOnly: true type: array items: - type: string enumDescriptions: - The property is undefined. - >- @@ -628,593 +559,532 @@ components: `InitiatePushTransfer` method. For more information, see [Transfer a registered domain to another registrar](https://cloud.google.com/domains/docs/transfer-domain-to-another-registrar). + type: string enum: - DOMAIN_PROPERTY_UNSPECIFIED - TRANSFER_LOCK_UNSUPPORTED_BY_REGISTRY - REQUIRE_PUSH_TRANSFER - ManagementSettings: - id: ManagementSettings - description: Defines renewal, billing, and transfer settings for a `Registration`. - type: object - properties: - renewalMethod: - description: >- - Output only. The actual renewal method for this `Registration`. When - `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL`, the actual - `renewal_method` can be equal to `RENEWAL_DISABLED`—for example, - when there are problems with the billing account or reported domain - abuse. In such cases, check the `issues` field on the - `Registration`. After the problem is resolved, the `renewal_method` - is automatically updated to `preferred_renewal_method` in a few - hours. readOnly: true + createTime: type: string - enumDescriptions: - - The renewal method is undefined. - - The domain is automatically renewed each year. - - >- - Deprecated: For more information, see [Cloud Domains feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). - This option was never used. Use `RENEWAL_DISABLED` instead. - - >- - The domain won't be renewed and will expire at its expiration - time. - enumDeprecated: - - false - - false - - true - - false - enum: - - RENEWAL_METHOD_UNSPECIFIED - - AUTOMATIC_RENEWAL - - MANUAL_RENEWAL - - RENEWAL_DISABLED - preferredRenewalMethod: + format: google-datetime + readOnly: true + description: Output only. The creation timestamp of the `Registration` resource. + contactSettings: description: >- - Optional. The desired renewal method for this `Registration`. The - actual `renewal_method` is automatically updated to reflect this - choice. If unset or equal to `RENEWAL_METHOD_UNSPECIFIED`, the - actual `renewalMethod` is treated as if it were set to - `AUTOMATIC_RENEWAL`. You cannot use `RENEWAL_DISABLED` during - resource creation, and you can update the renewal status only when - the `Registration` resource has state `ACTIVE` or `SUSPENDED`. When - `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL`, the actual - `renewal_method` can be set to `RENEWAL_DISABLED` in case of - problems with the billing account or reported domain abuse. In such - cases, check the `issues` field on the `Registration`. After the - problem is resolved, the `renewal_method` is automatically updated - to `preferred_renewal_method` in a few hours. - type: string - enumDescriptions: - - The renewal method is undefined. - - The domain is automatically renewed each year. - - >- - Deprecated: For more information, see [Cloud Domains feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). - This option was never used. Use `RENEWAL_DISABLED` instead. - - >- - The domain won't be renewed and will expire at its expiration - time. - enumDeprecated: - - false - - false - - true - - false - enum: - - RENEWAL_METHOD_UNSPECIFIED - - AUTOMATIC_RENEWAL - - MANUAL_RENEWAL - - RENEWAL_DISABLED - transferLockState: + Required. Settings for contact information linked to the + `Registration`. You cannot update these with the + `UpdateRegistration` method. To update these settings, use the + `ConfigureContactSettings` method. + $ref: '#/components/schemas/ContactSettings' + supportedPrivacy: + type: array description: >- - This is the desired transfer lock state for this `Registration`. A - transfer lock controls whether the domain can be transferred to - another registrar. The transfer lock state of the domain is returned - in the `effective_transfer_lock_state` property. The transfer lock - state values might be different for the following reasons: * - `transfer_lock_state` was updated only a short time ago. * Domains - with the `TRANSFER_LOCK_UNSUPPORTED_BY_REGISTRY` state are in the - list of `domain_properties`. These domains are always in the - `UNLOCKED` state. - type: string - enumDescriptions: - - The state is unspecified. - - >- - The domain is unlocked and can be transferred to another - registrar. - - >- - The domain is locked and cannot be transferred to another - registrar. - enum: - - TRANSFER_LOCK_STATE_UNSPECIFIED - - UNLOCKED - - LOCKED - effectiveTransferLockState: - description: Output only. The actual transfer lock state for this `Registration`. + Output only. Set of options for the `contact_settings.privacy` field + that this `Registration` supports. readOnly: true + items: + enumDeprecated: + - false + - false + - true + - false + enum: + - CONTACT_PRIVACY_UNSPECIFIED + - PUBLIC_CONTACT_DATA + - PRIVATE_CONTACT_DATA + - REDACTED_CONTACT_DATA + enumDescriptions: + - The contact privacy settings are undefined. + - >- + All the data from `ContactSettings` is publicly available. When + setting this option, you must also provide a + `PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT` in the `contact_notices` + field of the request. + - >- + Deprecated: For more information, see [Cloud Domains feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). + None of the data from `ContactSettings` is publicly available. + Instead, proxy contact data is published for your domain. Email + sent to the proxy email address is forwarded to the registrant's + email address. Cloud Domains provides this privacy proxy service + at no additional cost. + - >- + The organization name (if provided) and limited non-identifying + data from `ContactSettings` is available to the public (e.g. + country and state). The remaining data is marked as `REDACTED + FOR PRIVACY` in the WHOIS database. The actual information + redacted depends on the domain. For details, see [the + registration privacy + article](https://support.google.com/domains/answer/3251242). + type: string + managementSettings: + description: >- + Settings for management of the `Registration`, including renewal, + billing, and transfer. You cannot update these with the + `UpdateRegistration` method. To update these settings, use the + `ConfigureManagementSettings` method. + $ref: '#/components/schemas/ManagementSettings' + domainName: type: string - enumDescriptions: - - The state is unspecified. - - >- - The domain is unlocked and can be transferred to another - registrar. - - >- - The domain is locked and cannot be transferred to another - registrar. - enum: - - TRANSFER_LOCK_STATE_UNSPECIFIED - - UNLOCKED - - LOCKED - DnsSettings: - id: DnsSettings - description: >- - Defines the DNS configuration of a `Registration`, including name - servers, DNSSEC, and glue records. - type: object - properties: - customDns: - description: An arbitrary DNS provider identified by its name servers. - $ref: '#/components/schemas/CustomDns' - googleDomainsDns: description: >- - Deprecated: For more information, see [Cloud Domains feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). - The free DNS zone provided by [Google - Domains](https://domains.google/). - deprecated: true - $ref: '#/components/schemas/GoogleDomainsDns' - glueRecords: - description: The list of glue records for this `Registration`. Commonly empty. - type: array - items: - $ref: '#/components/schemas/GlueRecord' - googleDomainsRedirectsDataAvailable: + Required. Immutable. The domain name. Unicode domain names must be + expressed in Punycode format. + registerFailureReason: description: >- - Output only. Indicates if this `Registration` has configured one of - the following deprecated Google Domains DNS features: * Domain - forwarding (HTTP `301` and `302` response status codes), * Email - forwarding. See - https://cloud.google.com/domains/docs/deprecations/feature-deprecations - for more details. If any of these features is enabled call the - `RetrieveGoogleDomainsForwardingConfig` method to get details about - the feature's configuration. A forwarding configuration might not - work correctly if required DNS records are not present in the - domain's authoritative DNS Zone. + Output only. The reason the domain registration failed. Only set for + domains in REGISTRATION_FAILED state. + enum: + - REGISTER_FAILURE_REASON_UNSPECIFIED + - REGISTER_FAILURE_REASON_UNKNOWN + - DOMAIN_NOT_AVAILABLE + - INVALID_CONTACTS + enumDescriptions: + - Register failure unspecified. + - Registration failed for an unknown reason. + - The domain is not available for registration. + - The provided contact information was rejected. + readOnly: true + type: string + issues: readOnly: true - type: boolean - CustomDns: - id: CustomDns - description: Configuration for an arbitrary DNS provider. - type: object - properties: - nameServers: description: >- - Required. A list of name servers that store the DNS zone for this - domain. Each name server is a domain name, with Unicode domain names - expressed in Punycode format. - type: array + Output only. The set of issues with the `Registration` that require + attention. items: + enumDescriptions: + - The issue is undefined. + - >- + Contact the Cloud Support team to resolve a problem with this + domain. + - >- + [ICANN](https://icann.org/) requires verification of the email + address in the `Registration`'s + `contact_settings.registrant_contact` field. To verify the email + address, follow the instructions in the email the + `registrant_contact` receives following registration. If you do + not complete email verification within 15 days of registration, + the domain is suspended. To resend the verification email, call + ConfigureContactSettings and provide the current + `registrant_contact.email`. + - >- + The billing account is not in good standing. The domain is not + automatically renewed at its expiration time unless you resolve + problems with your billing account. + - >- + The registry failed to validate your DNS configuration and + activate your domain. The failure might happen for the following + reasons: * You recently registered the domain (wait up to 72 + hours). * You provided invalid name servers or name servers that + correspond to a newly created DNS zone. Verify your DNS + configuration. If the configuration is incorrect, you must fix + it. If the configuration is correct, either wait or call the + ConfigureDnsSettings method to retry the registry validation. + - >- + Due to SquareSpace's constraints, the auto-renewal update you + made may not be effective during a certain period of time. + Generally, the time period is 15 days before expiration for + generic TLD domains, and 15 days before expiration + 3 days + after expiration for country-code TLD domains. + enum: + - ISSUE_UNSPECIFIED + - CONTACT_SUPPORT + - UNVERIFIED_EMAIL + - PROBLEM_WITH_BILLING + - DNS_NOT_ACTIVATED + - AUTO_RENEWAL_UPDATE_NOT_EFFECTIVE type: string - dsRecords: - description: >- - The list of DS records for this domain, which are used to enable - DNSSEC. The domain's DNS provider can provide the values to set - here. If this field is empty, DNSSEC is disabled. type: array - items: - $ref: '#/components/schemas/DsRecord' - DsRecord: - id: DsRecord - description: >- - Defines a Delegation Signer (DS) record, which is needed to enable - DNSSEC for a domain. It contains a digest (hash) of a DNSKEY record that - must be present in the domain's DNS zone. - type: object - properties: - keyTag: - description: The key tag of the record. Must be set in range 0 -- 65535. - type: integer - format: int32 - algorithm: - description: The algorithm used to generate the referenced DNSKEY. - type: string - enumDescriptions: - - The algorithm is unspecified. - - RSA/MD5. Cannot be used for new deployments. - - Diffie-Hellman. Cannot be used for new deployments. - - DSA/SHA1. Not recommended for new deployments. - - ECC. Not recommended for new deployments. - - RSA/SHA-1. Not recommended for new deployments. - - DSA-NSEC3-SHA1. Not recommended for new deployments. - - RSA/SHA1-NSEC3-SHA1. Not recommended for new deployments. - - RSA/SHA-256. - - RSA/SHA-512. - - GOST R 34.10-2001. - - ECDSA Curve P-256 with SHA-256. - - ECDSA Curve P-384 with SHA-384. - - Ed25519. - - Ed448. - - Reserved for Indirect Keys. Cannot be used for new deployments. - - Private algorithm. Cannot be used for new deployments. - - Private algorithm OID. Cannot be used for new deployments. + state: enum: - - ALGORITHM_UNSPECIFIED - - RSAMD5 - - DH - - DSA - - ECC - - RSASHA1 - - DSANSEC3SHA1 - - RSASHA1NSEC3SHA1 - - RSASHA256 - - RSASHA512 - - ECCGOST - - ECDSAP256SHA256 - - ECDSAP384SHA384 - - ED25519 - - ED448 - - INDIRECT - - PRIVATEDNS - - PRIVATEOID - digestType: - description: >- - The hash function used to generate the digest of the referenced - DNSKEY. + - STATE_UNSPECIFIED + - REGISTRATION_PENDING + - REGISTRATION_FAILED + - TRANSFER_PENDING + - TRANSFER_FAILED + - IMPORT_PENDING + - ACTIVE + - SUSPENDED + - EXPORTED + - EXPIRED type: string + enumDeprecated: + - false + - false + - false + - true + - true + - true + - false + - false + - false + - false + description: Output only. The state of the `Registration` enumDescriptions: - - The DigestType is unspecified. - - SHA-1. Not recommended for new deployments. - - SHA-256. - - GOST R 34.11-94. - - SHA-384. - enum: - - DIGEST_TYPE_UNSPECIFIED - - SHA1 - - SHA256 - - GOST3411 - - SHA384 - digest: - description: The digest generated from the referenced DNSKEY. - type: string - GoogleDomainsDns: - id: GoogleDomainsDns - deprecated: true - description: >- - Deprecated: For more information, see [Cloud Domains feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). - Configuration for using the free DNS zone provided by Google Domains as - a `Registration`'s `dns_provider`. You cannot configure the DNS zone - itself using the API. To configure the DNS zone, go to [Google - Domains](https://domains.google/). - type: object - properties: - nameServers: - description: >- - Output only. A list of name servers that store the DNS zone for this - domain. Each name server is a domain name, with Unicode domain names - expressed in Punycode format. This field is automatically populated - with the name servers assigned to the Google Domains DNS zone. + - The state is undefined. + - The domain is being registered. + - >- + The domain registration failed. You can delete resources in this + state to allow registration to be retried. + - >- + The domain is being transferred from another registrar to Cloud + Domains. + - >- + The attempt to transfer the domain from another registrar to Cloud + Domains failed. You can delete resources in this state and retry + the transfer. + - The domain is being imported from Google Domains to Cloud Domains. + - >- + The domain is registered and operational. The domain renews + automatically as long as it remains in this state and the + `RenewalMethod` is set to `AUTOMATIC_RENEWAL`. + - >- + The domain is suspended and inoperative. For more details, see the + `issues` field. + - >- + The domain is no longer managed with Cloud Domains. It may have + been transferred to another registrar or exported for management + in [Google Domains](https://domains.google/). You can no longer + update it with this API, and information shown about it may be + stale. Domains in this state are not automatically renewed by + Cloud Domains. + - The domain is expired. readOnly: true - type: array - items: - type: string - dsState: + transferFailureReason: description: >- - Required. The state of DS records for this domain. Used to enable or - disable automatic DNSSEC. + Output only. Deprecated: For more information, see [Cloud Domains + feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). + The reason the domain transfer failed. Only set for domains in + TRANSFER_FAILED state. type: string enumDescriptions: - - DS state is unspecified. + - Transfer failure unspecified. + - Transfer failed for an unknown reason. + - An email confirmation sent to the user was rejected or expired. + - The domain is available for registration. - >- - DNSSEC is disabled for this domain. No DS records for this domain - are published in the parent DNS zone. + The domain has a transfer lock with its current registrar which + must be removed prior to transfer. + - The authorization code entered is not valid. - >- - DNSSEC is enabled for this domain. Appropriate DS records for this - domain are published in the parent DNS zone. This option is valid - only if the DNS zone referenced in the `Registration`'s - `dns_provider` field is already DNSSEC-signed. - enum: - - DS_STATE_UNSPECIFIED - - DS_RECORDS_UNPUBLISHED - - DS_RECORDS_PUBLISHED - dsRecords: - description: >- - Output only. The list of DS records published for this domain. The - list is automatically populated when `ds_state` is - `DS_RECORDS_PUBLISHED`, otherwise it remains empty. + The transfer was cancelled by the domain owner, current registrar, + or TLD registry. + - >- + The transfer was rejected by the current registrar. Contact the + current registrar for more information. + - >- + The registrant email address cannot be parsed from the domain's + current public contact data. + - >- + The domain is not eligible for transfer due requirements imposed + by the current registrar or TLD registry. + - >- + Another transfer is already pending for this domain. The existing + transfer attempt must expire or be cancelled in order to proceed. readOnly: true - type: array - items: - $ref: '#/components/schemas/DsRecord' - GlueRecord: - id: GlueRecord - description: >- - Defines a host on your domain that is a DNS name server for your domain - and/or other domains. Glue records are a way of making the IP address of - a name server known, even when it serves DNS queries for its parent - domain. For example, when `ns.example.com` is a name server for - `example.com`, the host `ns.example.com` must have a glue record to - break the circular DNS reference. - type: object - properties: - hostName: - description: Required. Domain name of the host in Punycode format. + deprecated: true + enum: + - TRANSFER_FAILURE_REASON_UNSPECIFIED + - TRANSFER_FAILURE_REASON_UNKNOWN + - EMAIL_CONFIRMATION_FAILURE + - DOMAIN_NOT_REGISTERED + - DOMAIN_HAS_TRANSFER_LOCK + - INVALID_AUTHORIZATION_CODE + - TRANSFER_CANCELLED + - TRANSFER_REJECTED + - INVALID_REGISTRANT_EMAIL_ADDRESS + - DOMAIN_NOT_ELIGIBLE_FOR_TRANSFER + - TRANSFER_ALREADY_PENDING + expireTime: + description: Output only. The expiration timestamp of the `Registration`. type: string - ipv4Addresses: - description: >- - List of IPv4 addresses corresponding to this host in the standard - decimal format (e.g. `198.51.100.1`). At least one of `ipv4_address` - and `ipv6_address` must be set. - type: array - items: - type: string - ipv6Addresses: + readOnly: true + format: google-datetime + name: + readOnly: true description: >- - List of IPv6 addresses corresponding to this host in the standard - hexadecimal format (e.g. `2001:db8::`). At least one of - `ipv4_address` and `ipv6_address` must be set. - type: array - items: - type: string - ContactSettings: - id: ContactSettings + Output only. Name of the `Registration` resource, in the format + `projects/*/locations/*/registrations/`. + type: string + PrimaryBackupPolicy: description: >- - Defines the contact information associated with a `Registration`. - [ICANN](https://icann.org/) requires all domain names to have associated - contact information. The `registrant_contact` is considered the domain's - legal owner, and often the other contacts are identical. + Configures a RRSetRoutingPolicy such that all queries are responded with + the primary_targets if they are healthy. And if all of them are + unhealthy, then we fallback to a geo localized policy. + id: PrimaryBackupPolicy type: object properties: - privacy: + primaryTargets: + $ref: '#/components/schemas/HealthCheckTargets' description: >- - Required. Privacy setting for the contacts associated with the - `Registration`. - type: string - enumDescriptions: - - The contact privacy settings are undefined. - - >- - All the data from `ContactSettings` is publicly available. When - setting this option, you must also provide a - `PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT` in the `contact_notices` - field of the request. - - >- - Deprecated: For more information, see [Cloud Domains feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). - None of the data from `ContactSettings` is publicly available. - Instead, proxy contact data is published for your domain. Email - sent to the proxy email address is forwarded to the registrant's - email address. Cloud Domains provides this privacy proxy service - at no additional cost. - - >- - The organization name (if provided) and limited non-identifying - data from `ContactSettings` is available to the public (e.g. - country and state). The remaining data is marked as `REDACTED FOR - PRIVACY` in the WHOIS database. The actual information redacted - depends on the domain. For details, see [the registration privacy - article](https://support.google.com/domains/answer/3251242). - enumDeprecated: - - false - - false - - true - - false - enum: - - CONTACT_PRIVACY_UNSPECIFIED - - PUBLIC_CONTACT_DATA - - PRIVATE_CONTACT_DATA - - REDACTED_CONTACT_DATA - registrantContact: + Endpoints that are health checked before making the routing + decision. Unhealthy endpoints are omitted from the results. If all + endpoints are unhealthy, we serve a response based on the + `backup_geo_targets`. + trickleTraffic: + format: double + type: number description: >- - Required. The registrant contact for the `Registration`. *Caution: - Anyone with access to this email address, phone number, and/or - postal address can take control of the domain.* *Warning: For new - `Registration`s, the registrant receives an email confirmation that - they must complete within 15 days to avoid domain suspension.* - $ref: '#/components/schemas/Contact' - adminContact: - description: Required. The administrative contact for the `Registration`. - $ref: '#/components/schemas/Contact' - technicalContact: - description: Required. The technical contact for the `Registration`. - $ref: '#/components/schemas/Contact' - Contact: - id: Contact - description: Details required for a contact associated with a `Registration`. + When serving state is `PRIMARY`, this field provides the option of + sending a small percentage of the traffic to the backup targets. + backupGeoTargets: + description: >- + Backup targets provide a regional failover policy for the otherwise + global primary targets. If serving state is set to `BACKUP`, this + policy essentially becomes a geo routing policy. + $ref: '#/components/schemas/GeoPolicy' + RetrieveImportableDomainsResponse: + deprecated: true + id: RetrieveImportableDomainsResponse + description: >- + Deprecated: For more information, see [Cloud Domains feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). + Response for the `RetrieveImportableDomains` method. type: object properties: - postalAddress: - description: Required. Postal address of the contact. - $ref: '#/components/schemas/PostalAddress' - email: - description: Required. Email address of the contact. - type: string - phoneNumber: - description: >- - Required. Phone number of the contact in international format. For - example, `"+1-800-555-0123"`. + domains: + items: + $ref: '#/components/schemas/Domain' + description: A list of domains that the calling user manages in Google Domains. + type: array + nextPageToken: type: string - faxNumber: description: >- - Fax number of the contact in international format. For example, - `"+1-800-555-0123"`. - type: string - PostalAddress: - id: PostalAddress - description: >- - Represents a postal address. For example for postal delivery or payments - addresses. Given a postal address, a postal service can deliver items to - a premise, P.O. Box or similar. It is not intended to model geographical - locations (roads, towns, mountains). In typical usage an address would - be created by user input or from importing existing data, depending on - the type of process. Advice on address input / editing: - Use an - internationalization-ready address widget such as - https://github.com/google/libaddressinput) - Users should not be - presented with UI elements for input or editing of fields outside - countries where that field is used. For more guidance on how to use this - schema, see: https://support.google.com/business/answer/6397478 + When present, there are more results to retrieve. Set `page_token` + to this value on a subsequent call to get the next page of results. + EmailForwarding: type: object + id: EmailForwarding + description: Email forwarding configuration. properties: - revision: - description: >- - The schema revision of the `PostalAddress`. This must be set to 0, - which is the latest revision. All new revisions **must** be backward - compatible with old revisions. - type: integer - format: int32 - regionCode: - description: >- - Required. CLDR region code of the country/region of the address. - This is never inferred and it is up to the user to ensure the value - is correct. See https://cldr.unicode.org/ and - https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html - for details. Example: "CH" for Switzerland. + targetEmailAddress: + description: Target email that receives emails sent to the `alias`. type: string - languageCode: + alias: description: >- - Optional. BCP-47 language code of the contents of this address (if - known). This is often the UI language of the input form or is - expected to match one of the languages used in the address' - country/region, or their transliterated equivalents. This can affect - formatting in certain countries, but is not critical to the - correctness of the data and will never affect any validation or - other non-formatting related operations. If this value is not known, - it should be omitted (rather than specifying a possibly incorrect - default). Examples: "zh-Hant", "ja", "ja-Latn", "en". + An alias recipient email that forwards emails to the + `target_email_address`. For example, `admin@example.com` or + `*@example.com` (wildcard alias forwards all the emails under the + registered domain). type: string - postalCode: + SetIamPolicyRequest: + id: SetIamPolicyRequest + description: Request message for `SetIamPolicy` method. + properties: + policy: description: >- - Optional. Postal code of the address. Not all countries use or - require postal codes to be present, but where they are used, they - may trigger additional validation with other parts of the address - (For example state/zip validation in the U.S.A.). + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' + updateMask: type: string - sortingCode: + format: google-fieldmask description: >- - Optional. Additional, country-specific, sorting code. This is not - used in most regions. Where it is used, the value is either a string - like "CEDEX", optionally followed by a number (For example "CEDEX - 7"), or just a number alone, representing the "sector code" - (Jamaica), "delivery area indicator" (Malawi) or "post office - indicator" (For example Côte d'Ivoire). - type: string - administrativeArea: + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + type: object + Location: + description: A resource that represents a Google Cloud location. + id: Location + type: object + properties: + name: description: >- - Optional. Highest administrative subdivision which is used for - postal addresses of a country or region. For example, this can be a - state, a province, an oblast, or a prefecture. Specifically, for - Spain this is the province and not the autonomous community (For - example "Barcelona" and not "Catalonia"). Many countries don't use - an administrative area in postal addresses. For example in - Switzerland this should be left unpopulated. + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` type: string - locality: + metadata: description: >- - Optional. Generally refers to the city/town portion of the address. - Examples: US city, IT comune, UK post town. In regions of the world - where localities are not well defined or do not fit into this - structure well, leave locality empty and use address_lines. - type: string - sublocality: + Service-specific metadata. For example the available capacity at the + given location. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + labels: + type: object description: >- - Optional. Sublocality of the address. For example, this can be - neighborhoods, boroughs, districts. + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + additionalProperties: + type: string + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' type: string - addressLines: + displayName: description: >- - Unstructured address lines describing the lower levels of an - address. Because values in address_lines do not have type - information and may sometimes contain multiple values in a single - field (For example "Austin, TX"), it is important that the line - order is clear. The order of address lines should be "envelope - order" for the country/region of the address. In places where this - can vary (For example Japan), address_language is used to make it - explicit (For example "ja" for large-to-small ordering and "ja-Latn" - or "en" for small-to-large). This way, the most specific line of an - address can be selected based on the language. The minimum permitted - structural representation of an address consists of a region_code - with all remaining information placed in the address_lines. It would - be possible to format such an address very approximately without - geocoding, but no semantic reasoning could be made about any of the - address components until it was at least partially resolved. - Creating an address only containing a region_code and address_lines, - and then geocoding is the recommended way to handle completely - unstructured addresses (as opposed to guessing which parts of the - address should be localities or administrative areas). + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + HealthCheckTargets: + description: >- + HealthCheckTargets describes endpoints to health-check when responding + to Routing Policy queries. Only the healthy endpoints will be included + in the response. Set either `internal_load_balancer` or + `external_endpoints`. Do not set both. + properties: + internalLoadBalancer: + description: Configuration for internal load balancers to be health checked. + items: + $ref: '#/components/schemas/LoadBalancerTarget' + type: array + externalEndpoints: type: array items: type: string - recipients: description: >- - Optional. The recipient at the address. This field may, under - certain circumstances, contain multiline information. For example, - it might contain "care of" information. - type: array + The Internet IP addresses to be health checked. The format matches + the format of ResourceRecordSet.rrdata as defined in RFC 1035 + (section 5) and RFC 1034 (section 3.6.1) + type: object + id: HealthCheckTargets + ListOperationsResponse: + description: The response message for Operations.ListOperations. + type: object + properties: + nextPageToken: + description: The standard List next-page token. + type: string + operations: + description: >- + A list of operations that matches the specified filter in the + request. items: - type: string - organization: - description: Optional. The name of the organization at the address. + $ref: '#/components/schemas/Operation' + type: array + id: ListOperationsResponse + ConfigureDnsSettingsRequest: + properties: + updateMask: type: string - RetrieveTransferParametersResponse: - id: RetrieveTransferParametersResponse - deprecated: true - description: >- - Deprecated: For more information, see [Cloud Domains feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). - Response for the `RetrieveTransferParameters` method. + format: google-fieldmask + description: >- + Required. The field mask describing which fields to update as a + comma-separated list. For example, if only the name servers are + being updated for an existing Custom DNS configuration, the + `update_mask` is `"custom_dns.name_servers"`. When changing the DNS + provider from one type to another, pass the new provider's field + name as part of the field mask. For example, when changing from a + Google Domains DNS configuration to a Custom DNS configuration, the + `update_mask` is `"custom_dns"`. // + dnsSettings: + $ref: '#/components/schemas/DnsSettings' + description: Fields of the `DnsSettings` to update. + validateOnly: + type: boolean + description: Validate the request without actually updating the DNS settings. + description: Request for the `ConfigureDnsSettings` method. + id: ConfigureDnsSettingsRequest type: object - properties: - transferParameters: - description: Parameters to use when calling the `TransferDomain` method. - $ref: '#/components/schemas/TransferParameters' - TransferParameters: - id: TransferParameters - deprecated: true + GeoPolicy: description: >- - Deprecated: For more information, see [Cloud Domains feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). - Parameters required to transfer a domain from another registrar. - type: object + Configures a `RRSetRoutingPolicy` that routes based on the geo location + of the querying user. + id: GeoPolicy properties: - domainName: + enableFencing: description: >- - The domain name. Unicode domain names are expressed in Punycode - format. - type: string - currentRegistrar: - description: The registrar that currently manages the domain. - type: string - currentRegistrarUri: - description: The URL of the registrar that currently manages the domain. + Without fencing, if health check fails for all configured items in + the current geo bucket, we failover to the next nearest geo bucket. + With fencing, if health checking is enabled, as long as some targets + in the current geo bucket are healthy, we return only the healthy + targets. However, if all targets are unhealthy, we don't failover to + the next nearest bucket; instead, we return all the items in the + current bucket even when all targets are unhealthy. + type: boolean + item: + description: >- + The primary geo routing configuration. If there are multiple items + with the same location, an error is returned instead. + items: + $ref: '#/components/schemas/GeoPolicyItem' + type: array + type: object + DsRecord: + id: DsRecord + type: object + description: >- + Defines a Delegation Signer (DS) record, which is needed to enable + DNSSEC for a domain. It contains a digest (hash) of a DNSKEY record that + must be present in the domain's DNS zone. + properties: + algorithm: + enumDescriptions: + - The algorithm is unspecified. + - RSA/MD5. Cannot be used for new deployments. + - Diffie-Hellman. Cannot be used for new deployments. + - DSA/SHA1. Not recommended for new deployments. + - ECC. Not recommended for new deployments. + - RSA/SHA-1. Not recommended for new deployments. + - DSA-NSEC3-SHA1. Not recommended for new deployments. + - RSA/SHA1-NSEC3-SHA1. Not recommended for new deployments. + - RSA/SHA-256. + - RSA/SHA-512. + - GOST R 34.10-2001. + - ECDSA Curve P-256 with SHA-256. + - ECDSA Curve P-384 with SHA-384. + - Ed25519. + - Ed448. + - Reserved for Indirect Keys. Cannot be used for new deployments. + - Private algorithm. Cannot be used for new deployments. + - Private algorithm OID. Cannot be used for new deployments. type: string - nameServers: - description: >- - The name servers that currently store the configuration of the - domain. - type: array - items: - type: string - transferLockState: + enum: + - ALGORITHM_UNSPECIFIED + - RSAMD5 + - DH + - DSA + - ECC + - RSASHA1 + - DSANSEC3SHA1 + - RSASHA1NSEC3SHA1 + - RSASHA256 + - RSASHA512 + - ECCGOST + - ECDSAP256SHA256 + - ECDSAP384SHA384 + - ED25519 + - ED448 + - INDIRECT + - PRIVATEDNS + - PRIVATEOID + description: The algorithm used to generate the referenced DNSKEY. + keyTag: + description: The key tag of the record. Must be set in range 0 -- 65535. + type: integer + format: int32 + digestType: description: >- - Indicates whether the domain is protected by a transfer lock. For a - transfer to succeed, this must show `UNLOCKED`. To unlock a domain, - go to its current registrar. + The hash function used to generate the digest of the referenced + DNSKEY. type: string - enumDescriptions: - - The state is unspecified. - - >- - The domain is unlocked and can be transferred to another - registrar. - - >- - The domain is locked and cannot be transferred to another - registrar. enum: - - TRANSFER_LOCK_STATE_UNSPECIFIED - - UNLOCKED - - LOCKED + - DIGEST_TYPE_UNSPECIFIED + - SHA1 + - SHA256 + - GOST3411 + - SHA384 + enumDescriptions: + - The DigestType is unspecified. + - SHA-1. Not recommended for new deployments. + - SHA-256. + - GOST R 34.11-94. + - SHA-384. + digest: + type: string + description: The digest generated from the referenced DNSKEY. + RegisterParameters: + id: RegisterParameters + description: Parameters required to register a new domain. + properties: supportedPrivacy: - description: Contact privacy options that the domain supports. - type: array items: - type: string enumDescriptions: - The contact privacy settings are undefined. - >- @@ -1238,287 +1108,133 @@ components: redacted depends on the domain. For details, see [the registration privacy article](https://support.google.com/domains/answer/3251242). - enumDeprecated: - - false - - false - - true - - false enum: - CONTACT_PRIVACY_UNSPECIFIED - PUBLIC_CONTACT_DATA - PRIVATE_CONTACT_DATA - REDACTED_CONTACT_DATA - yearlyPrice: - description: Price to transfer or renew the domain for one year. - $ref: '#/components/schemas/Money' - TransferDomainRequest: - id: TransferDomainRequest - deprecated: true - description: >- - Deprecated: For more information, see [Cloud Domains feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). - Request for the `TransferDomain` method. - type: object - properties: - registration: - description: >- - Required. The complete `Registration` resource to be created. You - can leave `registration.dns_settings` unset to import the domain's - current DNS configuration from its current registrar. Use this - option only if you are sure that the domain's current DNS service - does not cease upon transfer, as is often the case for DNS services - provided for free by the registrar. - $ref: '#/components/schemas/Registration' - contactNotices: - description: >- - The list of contact notices that you acknowledge. The notices needed - here depend on the values specified in - `registration.contact_settings`. + enumDeprecated: + - false + - false + - true + - false + type: string + description: Contact privacy options that the domain supports. + type: array + domainNotices: type: array + description: Notices about special properties of the domain. items: + enum: + - DOMAIN_NOTICE_UNSPECIFIED + - HSTS_PRELOADED type: string enumDescriptions: - The notice is undefined. - >- - Required when setting the `privacy` field of `ContactSettings` - to `PUBLIC_CONTACT_DATA`, which exposes contact data publicly. - enum: - - CONTACT_NOTICE_UNSPECIFIED - - PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT - yearlyPrice: - description: >- - Required. Acknowledgement of the price to transfer or renew the - domain for one year. Call `RetrieveTransferParameters` to obtain the - price, which you must acknowledge. - $ref: '#/components/schemas/Money' - authorizationCode: - description: >- - The domain's transfer authorization code. You can obtain this from - the domain's current registrar. - $ref: '#/components/schemas/AuthorizationCode' - validateOnly: - description: Validate the request without actually transferring the domain. - type: boolean - AuthorizationCode: - id: AuthorizationCode - description: Defines an authorization code. - type: object - properties: - code: - description: >- - The Authorization Code in ASCII. It can be used to transfer the - domain to or from another registrar. - type: string - RetrieveImportableDomainsResponse: - id: RetrieveImportableDomainsResponse - deprecated: true - description: >- - Deprecated: For more information, see [Cloud Domains feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). - Response for the `RetrieveImportableDomains` method. - type: object - properties: - domains: - description: A list of domains that the calling user manages in Google Domains. - type: array - items: - $ref: '#/components/schemas/Domain' - nextPageToken: - description: >- - When present, there are more results to retrieve. Set `page_token` - to this value on a subsequent call to get the next page of results. - type: string - Domain: - id: Domain - description: A domain that the calling user manages in Google Domains. - type: object - properties: - domainName: - description: >- - The domain name. Unicode domain names are expressed in Punycode - format. - type: string - resourceState: - description: The state of this domain as a `Registration` resource. - type: string - enumDescriptions: - - The assessment is undefined. - - >- - A `Registration` resource can be created for this domain by - calling `ImportDomain`. - - >- - A `Registration` resource cannot be created for this domain - because it is not supported by Cloud Domains; for example, the - top-level domain is not supported or the registry charges - non-standard pricing for yearly renewals. - - >- - A `Registration` resource cannot be created for this domain - because it is suspended and needs to be resolved with Google - Domains. - - >- - A `Registration` resource cannot be created for this domain - because it is expired and needs to be renewed with Google Domains. - - >- - A `Registration` resource cannot be created for this domain - because it is deleted, but it may be possible to restore it with - Google Domains. - enum: - - RESOURCE_STATE_UNSPECIFIED - - IMPORTABLE - - UNSUPPORTED - - SUSPENDED - - EXPIRED - - DELETED - yearlyPrice: - description: >- - Price to renew the domain for one year. Only set when - `resource_state` is `IMPORTABLE`. - $ref: '#/components/schemas/Money' - ImportDomainRequest: - id: ImportDomainRequest - deprecated: true - description: >- - Deprecated: For more information, see [Cloud Domains feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). - Request for the `ImportDomain` method. - type: object - properties: - domainName: - description: >- - Required. The domain name. Unicode domain names must be expressed in - Punycode format. - type: string - labels: - description: Set of labels associated with the `Registration`. - type: object - additionalProperties: - type: string - ListRegistrationsResponse: - id: ListRegistrationsResponse - description: Response for the `ListRegistrations` method. - type: object - properties: - registrations: - description: A list of `Registration`s. - type: array - items: - $ref: '#/components/schemas/Registration' - nextPageToken: - description: >- - When present, there are more results to retrieve. Set `page_token` - to this value on a subsequent call to get the next page of results. + Indicates that the domain is preloaded on the HTTP Strict + Transport Security list in browsers. Serving a website on such + domain requires an SSL certificate. For details, see [how to get + an SSL + certificate](https://support.google.com/domains/answer/7638036). + availability: + enum: + - AVAILABILITY_UNSPECIFIED + - AVAILABLE + - UNAVAILABLE + - UNSUPPORTED + - UNKNOWN type: string - ConfigureManagementSettingsRequest: - id: ConfigureManagementSettingsRequest - description: Request for the `ConfigureManagementSettings` method. - type: object - properties: - managementSettings: - description: Fields of the `ManagementSettings` to update. - $ref: '#/components/schemas/ManagementSettings' - updateMask: description: >- - Required. The field mask describing which fields to update as a - comma-separated list. For example, if only the transfer lock is - being updated, the `update_mask` is `"transfer_lock_state"`. - type: string - format: google-fieldmask - ConfigureDnsSettingsRequest: - id: ConfigureDnsSettingsRequest - description: Request for the `ConfigureDnsSettings` method. - type: object - properties: - dnsSettings: - description: Fields of the `DnsSettings` to update. - $ref: '#/components/schemas/DnsSettings' - updateMask: + Indicates whether the domain is available for registration. This + value is accurate when obtained by calling + `RetrieveRegisterParameters`, but is approximate when obtained by + calling `SearchDomains`. + enumDescriptions: + - The availability is unspecified. + - The domain is available for registration. + - >- + The domain is not available for registration. Generally this means + it is already registered to another party. + - >- + The domain is not currently supported by Cloud Domains, but may be + available elsewhere. + - >- + Cloud Domains is unable to determine domain availability, + generally due to system maintenance at the domain name registry. + yearlyPrice: + $ref: '#/components/schemas/Money' + description: Price to register or renew the domain for one year. + domainName: description: >- - Required. The field mask describing which fields to update as a - comma-separated list. For example, if only the name servers are - being updated for an existing Custom DNS configuration, the - `update_mask` is `"custom_dns.name_servers"`. When changing the DNS - provider from one type to another, pass the new provider's field - name as part of the field mask. For example, when changing from a - Google Domains DNS configuration to a Custom DNS configuration, the - `update_mask` is `"custom_dns"`. // + The domain name. Unicode domain names are expressed in Punycode + format. type: string - format: google-fieldmask - validateOnly: - description: Validate the request without actually updating the DNS settings. - type: boolean - RetrieveGoogleDomainsDnsRecordsResponse: - id: RetrieveGoogleDomainsDnsRecordsResponse - description: Response for the `RetrieveGoogleDomainsDnsRecords` method. type: object + ContactSettings: properties: - rrset: - description: The resource record set resources (DNS Zone records). - type: array - items: - $ref: '#/components/schemas/ResourceRecordSet' - nextPageToken: + registrantContact: + $ref: '#/components/schemas/Contact' description: >- - When present, there are more results to retrieve. Set `page_token` - to this value on a subsequent call to get the next page of results. - type: string - ResourceRecordSet: - id: ResourceRecordSet - description: A unit of data that is returned by the DNS servers. - type: object - properties: - name: - description: For example, www.example.com. - type: string - type: + Required. The registrant contact for the `Registration`. *Caution: + Anyone with access to this email address, phone number, and/or + postal address can take control of the domain.* *Warning: For new + `Registration`s, the registrant receives an email confirmation that + they must complete within 15 days to avoid domain suspension.* + adminContact: + $ref: '#/components/schemas/Contact' + description: Required. The administrative contact for the `Registration`. + technicalContact: + description: Required. The technical contact for the `Registration`. + $ref: '#/components/schemas/Contact' + privacy: + enumDeprecated: + - false + - false + - true + - false + enumDescriptions: + - The contact privacy settings are undefined. + - >- + All the data from `ContactSettings` is publicly available. When + setting this option, you must also provide a + `PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT` in the `contact_notices` + field of the request. + - >- + Deprecated: For more information, see [Cloud Domains feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). + None of the data from `ContactSettings` is publicly available. + Instead, proxy contact data is published for your domain. Email + sent to the proxy email address is forwarded to the registrant's + email address. Cloud Domains provides this privacy proxy service + at no additional cost. + - >- + The organization name (if provided) and limited non-identifying + data from `ContactSettings` is available to the public (e.g. + country and state). The remaining data is marked as `REDACTED FOR + PRIVACY` in the WHOIS database. The actual information redacted + depends on the domain. For details, see [the registration privacy + article](https://support.google.com/domains/answer/3251242). description: >- - The identifier of a supported record type. See the list of Supported - DNS record types. + Required. Privacy setting for the contacts associated with the + `Registration`. type: string - ttl: - description: >- - Number of seconds that this `ResourceRecordSet` can be cached by - resolvers. - type: integer - format: int32 - rrdata: - description: >- - As defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1) -- - see examples. - type: array - items: - type: string - signatureRrdata: - description: As defined in RFC 4034 (section 3.2). - type: array - items: - type: string - routingPolicy: - description: >- - Configures dynamic query responses based on either the geo location - of the querying user or a weighted round robin based routing policy. - A valid `ResourceRecordSet` contains only `rrdata` (for static - resolution) or a `routing_policy` (for dynamic resolution). - $ref: '#/components/schemas/RRSetRoutingPolicy' + enum: + - CONTACT_PRIVACY_UNSPECIFIED + - PUBLIC_CONTACT_DATA + - PRIVATE_CONTACT_DATA + - REDACTED_CONTACT_DATA + id: ContactSettings + description: >- + Defines the contact information associated with a `Registration`. + [ICANN](https://icann.org/) requires all domain names to have associated + contact information. The `registrant_contact` is considered the domain's + legal owner, and often the other contacts are identical. + type: object RRSetRoutingPolicy: id: RRSetRoutingPolicy - description: >- - A RRSetRoutingPolicy represents ResourceRecordSet data that is returned - dynamically with the response varying based on configured properties - such as geolocation or by weighted random selection. type: object properties: - geoPolicy: - deprecated: true - $ref: '#/components/schemas/GeoPolicy' - wrrPolicy: - deprecated: true - $ref: '#/components/schemas/WrrPolicy' - geo: - $ref: '#/components/schemas/GeoPolicy' - wrr: - $ref: '#/components/schemas/WrrPolicy' - primaryBackup: - $ref: '#/components/schemas/PrimaryBackupPolicy' healthCheck: description: >- The fully qualified URL of the HealthCheck to use for this @@ -1526,254 +1242,216 @@ components: `https://www.googleapis.com/compute/v1/projects/{project}/global/healthChecks/{healthCheck}`. https://cloud.google.com/compute/docs/reference/rest/v1/healthChecks type: string - GeoPolicy: - id: GeoPolicy + wrr: + $ref: '#/components/schemas/WrrPolicy' + wrrPolicy: + deprecated: true + $ref: '#/components/schemas/WrrPolicy' + geo: + $ref: '#/components/schemas/GeoPolicy' + primaryBackup: + $ref: '#/components/schemas/PrimaryBackupPolicy' + geoPolicy: + $ref: '#/components/schemas/GeoPolicy' + deprecated: true description: >- - Configures a `RRSetRoutingPolicy` that routes based on the geo location - of the querying user. - type: object + A RRSetRoutingPolicy represents ResourceRecordSet data that is returned + dynamically with the response varying based on configured properties + such as geolocation or by weighted random selection. + DnsSettings: properties: - item: - description: >- - The primary geo routing configuration. If there are multiple items - with the same location, an error is returned instead. - type: array - items: - $ref: '#/components/schemas/GeoPolicyItem' - enableFencing: + googleDomainsDns: description: >- - Without fencing, if health check fails for all configured items in - the current geo bucket, we failover to the next nearest geo bucket. - With fencing, if health checking is enabled, as long as some targets - in the current geo bucket are healthy, we return only the healthy - targets. However, if all targets are unhealthy, we don't failover to - the next nearest bucket; instead, we return all the items in the - current bucket even when all targets are unhealthy. - type: boolean - GeoPolicyItem: - id: GeoPolicyItem - description: ResourceRecordSet data for one geo location. - type: object - properties: - location: + Deprecated: For more information, see [Cloud Domains feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). + The free DNS zone provided by [Google + Domains](https://domains.google/). + $ref: '#/components/schemas/GoogleDomainsDns' + deprecated: true + customDns: + $ref: '#/components/schemas/CustomDns' + description: An arbitrary DNS provider identified by its name servers. + googleDomainsRedirectsDataAvailable: description: >- - The geo-location granularity is a GCP region. This location string - should correspond to a GCP region. e.g. "us-east1", - "southamerica-east1", "asia-east1", etc. - type: string - rrdata: - type: array + Output only. Indicates if this `Registration` has configured one of + the following deprecated Google Domains DNS features: * Domain + forwarding (HTTP `301` and `302` response status codes), * Email + forwarding. See + https://cloud.google.com/domains/docs/deprecations/feature-deprecations + for more details. If any of these features is enabled call the + `RetrieveGoogleDomainsForwardingConfig` method to get details about + the feature's configuration. A forwarding configuration might not + work correctly if required DNS records are not present in the + domain's authoritative DNS Zone. + readOnly: true + type: boolean + glueRecords: items: - type: string - signatureRrdata: - description: >- - DNSSEC generated signatures for all the `rrdata` within this item. - When using health-checked targets for DNSSEC-enabled zones, you can - only use at most one health-checked IP address per item. + $ref: '#/components/schemas/GlueRecord' type: array - items: - type: string - healthCheckedTargets: - description: >- - For A and AAAA types only. Endpoints to return in the query result - only if they are healthy. These can be specified along with `rrdata` - within this item. - $ref: '#/components/schemas/HealthCheckTargets' - HealthCheckTargets: - id: HealthCheckTargets - description: >- - HealthCheckTargets describes endpoints to health-check when responding - to Routing Policy queries. Only the healthy endpoints will be included - in the response. Set either `internal_load_balancer` or - `external_endpoints`. Do not set both. + description: The list of glue records for this `Registration`. Commonly empty. type: object - properties: - internalLoadBalancer: - description: Configuration for internal load balancers to be health checked. - type: array - items: - $ref: '#/components/schemas/LoadBalancerTarget' - externalEndpoints: - description: >- - The Internet IP addresses to be health checked. The format matches - the format of ResourceRecordSet.rrdata as defined in RFC 1035 - (section 5) and RFC 1034 (section 3.6.1) - type: array - items: - type: string - LoadBalancerTarget: - id: LoadBalancerTarget - description: The configuration for an individual load balancer to health check. + description: >- + Defines the DNS configuration of a `Registration`, including name + servers, DNSSEC, and glue records. + id: DnsSettings + OperationMetadata: type: object + description: Represents the metadata of the long-running operation. Output only. + id: OperationMetadata properties: - loadBalancerType: - description: >- - The type of load balancer specified by this target. This value must - match the configuration of the load balancer located at the - LoadBalancerTarget's IP address, port, and region. Use the - following: - *regionalL4ilb*: for a regional internal passthrough - Network Load Balancer. - *regionalL7ilb*: for a regional internal - Application Load Balancer. - *globalL7ilb*: for a global internal - Application Load Balancer. - type: string - enumDescriptions: - - '' - - >- - Indicates the load balancer is a Cross-Region Application Load - Balancer. - - >- - Indicates the load balancer is a Regional Network Passthrough Load - Balancer. - - >- - Indicates the load balancer is a Regional Application Load - Balancer. - enum: - - NONE - - GLOBAL_L7ILB - - REGIONAL_L4ILB - - REGIONAL_L7ILB - ipAddress: - description: The frontend IP address of the load balancer to health check. + verb: type: string - port: - description: The configured port of the load balancer. + description: Name of the verb executed by the operation. + createTime: type: string - ipProtocol: - description: The protocol of the load balancer to health check. + format: google-datetime + description: The time the operation was created. + apiVersion: + description: API version used to start the operation. type: string - enumDescriptions: - - '' - - Indicates the load balancer is accessible via TCP. - - Indicates the load balancer is accessible via UDP. - enum: - - UNDEFINED - - TCP - - UDP - networkUrl: - description: >- - The fully qualified URL of the network that the load balancer is - attached to. This should be formatted like - `https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}`. + statusDetail: + description: Human-readable status of the operation, if any. type: string - project: - description: The project ID in which the load balancer is located. + endTime: + format: google-datetime + description: The time the operation finished running. type: string - region: - description: The region in which the load balancer is located. + target: + description: Server-defined resource path for the target of the operation. type: string - WrrPolicy: - id: WrrPolicy - description: >- - Configures a RRSetRoutingPolicy that routes in a weighted round robin - fashion. - type: object - properties: - item: - type: array - items: - $ref: '#/components/schemas/WrrPolicyItem' - WrrPolicyItem: - id: WrrPolicyItem - description: A routing block which contains the routing information for one WRR item. + TransferDomainRequest: + id: TransferDomainRequest type: object + description: >- + Deprecated: For more information, see [Cloud Domains feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). + Request for the `TransferDomain` method. + deprecated: true properties: - weight: + authorizationCode: + $ref: '#/components/schemas/AuthorizationCode' description: >- - The weight corresponding to this `WrrPolicyItem` object. When - multiple `WrrPolicyItem` objects are configured, the probability of - returning an `WrrPolicyItem` object's data is proportional to its - weight relative to the sum of weights configured for all items. This - weight must be non-negative. - type: number - format: double - rrdata: - type: array - items: - type: string - signatureRrdata: + The domain's transfer authorization code. You can obtain this from + the domain's current registrar. + yearlyPrice: description: >- - DNSSEC generated signatures for all the `rrdata` within this item. - When using health-checked targets for DNSSEC-enabled zones, you can - only use at most one health-checked IP address per item. - type: array + Required. Acknowledgement of the price to transfer or renew the + domain for one year. Call `RetrieveTransferParameters` to obtain the + price, which you must acknowledge. + $ref: '#/components/schemas/Money' + validateOnly: + description: Validate the request without actually transferring the domain. + type: boolean + registration: + description: >- + Required. The complete `Registration` resource to be created. You + can leave `registration.dns_settings` unset to import the domain's + current DNS configuration from its current registrar. Use this + option only if you are sure that the domain's current DNS service + does not cease upon transfer, as is often the case for DNS services + provided for free by the registrar. + $ref: '#/components/schemas/Registration' + contactNotices: + description: >- + The list of contact notices that you acknowledge. The notices needed + here depend on the values specified in + `registration.contact_settings`. items: + enum: + - CONTACT_NOTICE_UNSPECIFIED + - PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT type: string - healthCheckedTargets: - description: >- - Endpoints that are health checked before making the routing - decision. The unhealthy endpoints are omitted from the result. If - all endpoints within a bucket are unhealthy, we choose a different - bucket (sampled with respect to its weight) for responding. If - DNSSEC is enabled for this zone, only one of `rrdata` or - `health_checked_targets` can be set. - $ref: '#/components/schemas/HealthCheckTargets' - PrimaryBackupPolicy: - id: PrimaryBackupPolicy - description: >- - Configures a RRSetRoutingPolicy such that all queries are responded with - the primary_targets if they are healthy. And if all of them are - unhealthy, then we fallback to a geo localized policy. + enumDescriptions: + - The notice is undefined. + - >- + Required when setting the `privacy` field of `ContactSettings` + to `PUBLIC_CONTACT_DATA`, which exposes contact data publicly. + type: array + ConfigureManagementSettingsRequest: + description: Request for the `ConfigureManagementSettings` method. + id: ConfigureManagementSettingsRequest type: object properties: - primaryTargets: - description: >- - Endpoints that are health checked before making the routing - decision. Unhealthy endpoints are omitted from the results. If all - endpoints are unhealthy, we serve a response based on the - `backup_geo_targets`. - $ref: '#/components/schemas/HealthCheckTargets' - backupGeoTargets: - description: >- - Backup targets provide a regional failover policy for the otherwise - global primary targets. If serving state is set to `BACKUP`, this - policy essentially becomes a geo routing policy. - $ref: '#/components/schemas/GeoPolicy' - trickleTraffic: + updateMask: description: >- - When serving state is `PRIMARY`, this field provides the option of - sending a small percentage of the traffic to the backup targets. - type: number - format: double - RetrieveGoogleDomainsForwardingConfigResponse: - id: RetrieveGoogleDomainsForwardingConfigResponse - description: Response for the `RetrieveGoogleDomainsForwardingConfig` method. - type: object + Required. The field mask describing which fields to update as a + comma-separated list. For example, if only the transfer lock is + being updated, the `update_mask` is `"transfer_lock_state"`. + type: string + format: google-fieldmask + managementSettings: + description: Fields of the `ManagementSettings` to update. + $ref: '#/components/schemas/ManagementSettings' + RenewDomainRequest: properties: - domainForwardings: + yearlyPrice: + $ref: '#/components/schemas/Money' description: >- - The list of domain forwarding configurations. A forwarding - configuration might not work correctly if the required DNS records - are not present in the domain's authoritative DNS zone. - type: array - items: - $ref: '#/components/schemas/DomainForwarding' - emailForwardings: + Required. Acknowledgement of the price to renew the domain for one + year. To get the price, see [Cloud Domains + pricing](https://cloud.google.com/domains/pricing). If not provided, + the expected price is returned in the error message. + validateOnly: + description: >- + Optional. When true, only validation is performed, without actually + renewing the domain. For more information, see [Request + validation](https://cloud.google.com/apis/design/design_patterns#request_validation) + type: boolean + description: Request for the `RenewDomain` method. + id: RenewDomainRequest + type: object + ImportDomainRequest: + properties: + domainName: + type: string description: >- - The list of email forwarding configurations. A forwarding - configuration might not work correctly if the required DNS records - are not present in the domain's authoritative DNS zone. - type: array - items: - $ref: '#/components/schemas/EmailForwarding' + Required. The domain name. Unicode domain names must be expressed in + Punycode format. + labels: + additionalProperties: + type: string + type: object + description: Set of labels associated with the `Registration`. + deprecated: true + description: >- + Deprecated: For more information, see [Cloud Domains feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). + Request for the `ImportDomain` method. + id: ImportDomainRequest + type: object DomainForwarding: id: DomainForwarding description: Domain forwarding configuration. type: object properties: - subdomain: + sslEnabled: + description: If true, the forwarding works also over HTTPS. + type: boolean + pathForwarding: description: >- - The subdomain of the registered domain that is being forwarded. E.g. - `www.example.com`, `example.com` (i.e. the registered domain itself) - or `*.example.com` (i.e. all subdomains). - type: string + If true, forwards the path after the domain name to the same path at + the new address. + type: boolean targetUri: + type: string description: >- The target of the domain forwarding, i.e. the path to redirect the `subdomain` to. + subdomain: type: string - redirectType: - description: The redirect type. + description: >- + The subdomain of the registered domain that is being forwarded. E.g. + `www.example.com`, `example.com` (i.e. the registered domain itself) + or `*.example.com` (i.e. all subdomains). + pemCertificate: type: string + description: The PEM-encoded certificate chain. + redirectType: + enum: + - REDIRECT_TYPE_UNSPECIFIED + - TEMPORARY + - PERMANENT enumDescriptions: - Redirect Type is unspecified. - >- @@ -1783,228 +1461,263 @@ components: 302 redirect. Allows browsers to cache the forwarding address. This may help the address resolve more quickly. Changes may take longer to propagate + type: string + description: The redirect type. + GoogleDomainsDns: + deprecated: true + description: >- + Deprecated: For more information, see [Cloud Domains feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). + Configuration for using the free DNS zone provided by Google Domains as + a `Registration`'s `dns_provider`. You cannot configure the DNS zone + itself using the API. To configure the DNS zone, go to [Google + Domains](https://domains.google/). + id: GoogleDomainsDns + properties: + dsRecords: + type: array + items: + $ref: '#/components/schemas/DsRecord' + readOnly: true + description: >- + Output only. The list of DS records published for this domain. The + list is automatically populated when `ds_state` is + `DS_RECORDS_PUBLISHED`, otherwise it remains empty. + nameServers: + readOnly: true + description: >- + Output only. A list of name servers that store the DNS zone for this + domain. Each name server is a domain name, with Unicode domain names + expressed in Punycode format. This field is automatically populated + with the name servers assigned to the Google Domains DNS zone. + type: array + items: + type: string + dsState: + enumDescriptions: + - DS state is unspecified. + - >- + DNSSEC is disabled for this domain. No DS records for this domain + are published in the parent DNS zone. + - >- + DNSSEC is enabled for this domain. Appropriate DS records for this + domain are published in the parent DNS zone. This option is valid + only if the DNS zone referenced in the `Registration`'s + `dns_provider` field is already DNSSEC-signed. + type: string enum: - - REDIRECT_TYPE_UNSPECIFIED - - TEMPORARY - - PERMANENT - pathForwarding: + - DS_STATE_UNSPECIFIED + - DS_RECORDS_UNPUBLISHED + - DS_RECORDS_PUBLISHED description: >- - If true, forwards the path after the domain name to the same path at - the new address. - type: boolean - sslEnabled: - description: If true, the forwarding works also over HTTPS. - type: boolean - pemCertificate: - description: The PEM-encoded certificate chain. + Required. The state of DS records for this domain. Used to enable or + disable automatic DNSSEC. + type: object + ManagementSettings: + type: object + properties: + effectiveTransferLockState: + description: Output only. The actual transfer lock state for this `Registration`. + enumDescriptions: + - The state is unspecified. + - >- + The domain is unlocked and can be transferred to another + registrar. + - >- + The domain is locked and cannot be transferred to another + registrar. type: string - EmailForwarding: - id: EmailForwarding - description: Email forwarding configuration. + readOnly: true + enum: + - TRANSFER_LOCK_STATE_UNSPECIFIED + - UNLOCKED + - LOCKED + transferLockState: + enumDescriptions: + - The state is unspecified. + - >- + The domain is unlocked and can be transferred to another + registrar. + - >- + The domain is locked and cannot be transferred to another + registrar. + description: >- + This is the desired transfer lock state for this `Registration`. A + transfer lock controls whether the domain can be transferred to + another registrar. The transfer lock state of the domain is returned + in the `effective_transfer_lock_state` property. The transfer lock + state values might be different for the following reasons: * + `transfer_lock_state` was updated only a short time ago. * Domains + with the `TRANSFER_LOCK_UNSUPPORTED_BY_REGISTRY` state are in the + list of `domain_properties`. These domains are always in the + `UNLOCKED` state. + type: string + enum: + - TRANSFER_LOCK_STATE_UNSPECIFIED + - UNLOCKED + - LOCKED + renewalMethod: + enumDeprecated: + - false + - false + - true + - false + type: string + description: >- + Output only. The actual renewal method for this `Registration`. When + `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL`, the actual + `renewal_method` can be equal to `RENEWAL_DISABLED`—for example, + when there are problems with the billing account or reported domain + abuse. In such cases, check the `issues` field on the + `Registration`. After the problem is resolved, the `renewal_method` + is automatically updated to `preferred_renewal_method` in a few + hours. + readOnly: true + enumDescriptions: + - The renewal method is undefined. + - The domain is automatically renewed each year. + - >- + Deprecated: For more information, see [Cloud Domains feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). + This option was never used. Use `RENEWAL_DISABLED` instead. + - >- + The domain won't be renewed and will expire at its expiration + time. + enum: + - RENEWAL_METHOD_UNSPECIFIED + - AUTOMATIC_RENEWAL + - MANUAL_RENEWAL + - RENEWAL_DISABLED + preferredRenewalMethod: + enumDescriptions: + - The renewal method is undefined. + - The domain is automatically renewed each year. + - >- + Deprecated: For more information, see [Cloud Domains feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). + This option was never used. Use `RENEWAL_DISABLED` instead. + - >- + The domain won't be renewed and will expire at its expiration + time. + enum: + - RENEWAL_METHOD_UNSPECIFIED + - AUTOMATIC_RENEWAL + - MANUAL_RENEWAL + - RENEWAL_DISABLED + enumDeprecated: + - false + - false + - true + - false + description: >- + Optional. The desired renewal method for this `Registration`. The + actual `renewal_method` is automatically updated to reflect this + choice. If unset or equal to `RENEWAL_METHOD_UNSPECIFIED`, the + actual `renewalMethod` is treated as if it were set to + `AUTOMATIC_RENEWAL`. You cannot use `RENEWAL_DISABLED` during + resource creation, and you can update the renewal status only when + the `Registration` resource has state `ACTIVE` or `SUSPENDED`. When + `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL`, the actual + `renewal_method` can be set to `RENEWAL_DISABLED` in case of + problems with the billing account or reported domain abuse. In such + cases, check the `issues` field on the `Registration`. After the + problem is resolved, the `renewal_method` is automatically updated + to `preferred_renewal_method` in a few hours. + type: string + id: ManagementSettings + description: Defines renewal, billing, and transfer settings for a `Registration`. + Money: + type: object + id: Money + description: Represents an amount of money with its currency type. + properties: + currencyCode: + description: The three-letter currency code defined in ISO 4217. + type: string + nanos: + description: >- + Number of nano (10^-9) units of the amount. The value must be + between -999,999,999 and +999,999,999 inclusive. If `units` is + positive, `nanos` must be positive or zero. If `units` is zero, + `nanos` can be positive, zero, or negative. If `units` is negative, + `nanos` must be negative or zero. For example $-1.75 is represented + as `units`=-1 and `nanos`=-750,000,000. + type: integer + format: int32 + units: + description: >- + The whole units of the amount. For example if `currencyCode` is + `"USD"`, then 1 unit is one US dollar. + type: string + format: int64 + AuthorizationCode: type: object + description: Defines an authorization code. properties: - alias: + code: description: >- - An alias recipient email that forwards emails to the - `target_email_address`. For example, `admin@example.com` or - `*@example.com` (wildcard alias forwards all the emails under the - registered domain). - type: string - targetEmailAddress: - description: Target email that receives emails sent to the `alias`. + The Authorization Code in ASCII. It can be used to transfer the + domain to or from another registrar. type: string - ConfigureContactSettingsRequest: - id: ConfigureContactSettingsRequest - description: Request for the `ConfigureContactSettings` method. - type: object + id: AuthorizationCode + GeoPolicyItem: properties: - contactSettings: - description: Fields of the `ContactSettings` to update. - $ref: '#/components/schemas/ContactSettings' - updateMask: + healthCheckedTargets: description: >- - Required. The field mask describing which fields to update as a - comma-separated list. For example, if only the registrant contact is - being updated, the `update_mask` is `"registrant_contact"`. + For A and AAAA types only. Endpoints to return in the query result + only if they are healthy. These can be specified along with `rrdata` + within this item. + $ref: '#/components/schemas/HealthCheckTargets' + location: + description: >- + The geo-location granularity is a GCP region. This location string + should correspond to a GCP region. e.g. "us-east1", + "southamerica-east1", "asia-east1", etc. type: string - format: google-fieldmask - contactNotices: + signatureRrdata: + type: array description: >- - The list of contact notices that the caller acknowledges. The - notices needed here depend on the values specified in - `contact_settings`. + DNSSEC generated signatures for all the `rrdata` within this item. + When using health-checked targets for DNSSEC-enabled zones, you can + only use at most one health-checked IP address per item. + items: + type: string + rrdata: type: array items: type: string - enumDescriptions: - - The notice is undefined. - - >- - Required when setting the `privacy` field of `ContactSettings` - to `PUBLIC_CONTACT_DATA`, which exposes contact data publicly. - enum: - - CONTACT_NOTICE_UNSPECIFIED - - PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT - validateOnly: - description: Validate the request without actually updating the contact settings. - type: boolean - ExportRegistrationRequest: - id: ExportRegistrationRequest - deprecated: true - description: >- - Deprecated: For more information, see [Cloud Domains feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations). - Request for the `ExportRegistration` method. type: object - properties: {} + id: GeoPolicyItem + description: ResourceRecordSet data for one geo location. ResetAuthorizationCodeRequest: + properties: {} id: ResetAuthorizationCodeRequest description: Request for the `ResetAuthorizationCode` method. type: object - properties: {} - InitiatePushTransferRequest: - id: InitiatePushTransferRequest - description: Request for the `InitiatePushTransfer` method. - type: object - properties: - tag: - description: >- - Required. The Tag of the new registrar. Can be found at [List of - registrars](https://nominet.uk/registrar-list/). - type: string - RenewDomainRequest: - id: RenewDomainRequest - description: Request for the `RenewDomain` method. - type: object - properties: - yearlyPrice: - description: >- - Required. Acknowledgement of the price to renew the domain for one - year. To get the price, see [Cloud Domains - pricing](https://cloud.google.com/domains/pricing). If not provided, - the expected price is returned in the error message. - $ref: '#/components/schemas/Money' - validateOnly: - description: >- - Optional. When true, only validation is performed, without actually - renewing the domain. For more information, see [Request - validation](https://cloud.google.com/apis/design/design_patterns#request_validation) - type: boolean - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: - description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` - type: string - format: google-fieldmask - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + CustomDns: + id: CustomDns type: object properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: - description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array + dsRecords: items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. + $ref: '#/components/schemas/DsRecord' + description: >- + The list of DS records for this domain, which are used to enable + DNSSEC. The domain's DNS provider can provide the values to set + here. If this field is empty, DNSSEC is disabled. type: array + nameServers: items: - $ref: '#/components/schemas/AuditConfig' - etag: + type: string description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte + Required. A list of name servers that store the DNS zone for this + domain. Each name server is a domain name, with Unicode domain names + expressed in Punycode format. + type: array + description: Configuration for an arbitrary DNS provider. Binding: - id: Binding description: Associates `members`, or principals, with a `role`. + id: Binding type: object properties: role: @@ -2016,7 +1729,21 @@ components: For a list of the available pre-defined roles, see [here](https://cloud.google.com/iam/docs/understanding-roles). type: string + condition: + $ref: '#/components/schemas/Expr' + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). members: + type: array + items: + type: string description: >- Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A @@ -2076,22 +1803,7 @@ components: `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' Expr: - id: Expr description: >- Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of @@ -2109,31 +1821,106 @@ components: string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. - type: object properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. + description: type: string + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. title: description: >- Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string location: description: >- Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. type: string + expression: + type: string + description: >- + Textual representation of an expression in Common Expression + Language syntax. + id: Expr + type: object + Status: + type: object + id: Status + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + properties: + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer + details: + type: array + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + AuditLogConfig: + id: AuditLogConfig + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + properties: + exemptedMembers: + type: array + items: + type: string + description: >- + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + logType: + description: The log type that this config enables. + type: string + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + type: object AuditConfig: id: AuditConfig + properties: + auditLogConfigs: + description: The configuration for logging of each type of permission. + items: + $ref: '#/components/schemas/AuditLogConfig' + type: array + service: + description: >- + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + type: string description: >- Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if @@ -2153,165 +1940,382 @@ components: `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging. type: object + Operation: + properties: + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + error: + $ref: '#/components/schemas/Status' + description: >- + The error result of the operation in case of failure or + cancellation. + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string + response: + type: object + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + description: >- + This resource represents a long-running operation that is the result of + a network API call. + id: Operation + ConfigureContactSettingsRequest: + type: object + id: ConfigureContactSettingsRequest + properties: + contactNotices: + description: >- + The list of contact notices that the caller acknowledges. The + notices needed here depend on the values specified in + `contact_settings`. + items: + enumDescriptions: + - The notice is undefined. + - >- + Required when setting the `privacy` field of `ContactSettings` + to `PUBLIC_CONTACT_DATA`, which exposes contact data publicly. + enum: + - CONTACT_NOTICE_UNSPECIFIED + - PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT + type: string + type: array + contactSettings: + $ref: '#/components/schemas/ContactSettings' + description: Fields of the `ContactSettings` to update. + validateOnly: + type: boolean + description: Validate the request without actually updating the contact settings. + updateMask: + format: google-fieldmask + type: string + description: >- + Required. The field mask describing which fields to update as a + comma-separated list. For example, if only the registrant contact is + being updated, the `update_mask` is `"registrant_contact"`. + description: Request for the `ConfigureContactSettings` method. + RetrieveGoogleDomainsForwardingConfigResponse: + id: RetrieveGoogleDomainsForwardingConfigResponse + type: object + description: Response for the `RetrieveGoogleDomainsForwardingConfig` method. + properties: + emailForwardings: + items: + $ref: '#/components/schemas/EmailForwarding' + description: >- + The list of email forwarding configurations. A forwarding + configuration might not work correctly if the required DNS records + are not present in the domain's authoritative DNS zone. + type: array + domainForwardings: + description: >- + The list of domain forwarding configurations. A forwarding + configuration might not work correctly if the required DNS records + are not present in the domain's authoritative DNS zone. + type: array + items: + $ref: '#/components/schemas/DomainForwarding' + LoadBalancerTarget: + description: The configuration for an individual load balancer to health check. + type: object + properties: + region: + description: The region in which the load balancer is located. + type: string + port: + description: The configured port of the load balancer. + type: string + project: + description: The project ID in which the load balancer is located. + type: string + networkUrl: + description: >- + The fully qualified URL of the network that the load balancer is + attached to. This should be formatted like + `https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}`. + type: string + ipProtocol: + enum: + - UNDEFINED + - TCP + - UDP + type: string + description: The protocol of the load balancer to health check. + enumDescriptions: + - '' + - Indicates the load balancer is accessible via TCP. + - Indicates the load balancer is accessible via UDP. + ipAddress: + description: The frontend IP address of the load balancer to health check. + type: string + loadBalancerType: + enumDescriptions: + - '' + - >- + Indicates the load balancer is a Cross-Region Application Load + Balancer. + - >- + Indicates the load balancer is a Regional Network Passthrough Load + Balancer. + - >- + Indicates the load balancer is a Regional Application Load + Balancer. + description: >- + The type of load balancer specified by this target. This value must + match the configuration of the load balancer located at the + LoadBalancerTarget's IP address, port, and region. Use the + following: - *regionalL4ilb*: for a regional internal passthrough + Network Load Balancer. - *regionalL7ilb*: for a regional internal + Application Load Balancer. - *globalL7ilb*: for a global internal + Application Load Balancer. + type: string + enum: + - NONE + - GLOBAL_L7ILB + - REGIONAL_L4ILB + - REGIONAL_L7ILB + id: LoadBalancerTarget + ListLocationsResponse: properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. + locations: type: array items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. + $ref: '#/components/schemas/Location' + description: >- + A list of locations that matches the specified filter in the + request. + nextPageToken: + description: The standard List next-page token. + type: string + id: ListLocationsResponse + description: The response message for Locations.ListLocations. type: object + PostalAddress: + description: >- + Represents a postal address, such as for postal delivery or payments + addresses. With a postal address, a postal service can deliver items to + a premise, P.O. box, or similar. A postal address is not intended to + model geographical locations like roads, towns, or mountains. In typical + usage, an address would be created by user input or from importing + existing data, depending on the type of process. Advice on address input + or editing: - Use an internationalization-ready address widget such as + https://github.com/google/libaddressinput. - Users should not be + presented with UI elements for input or editing of fields outside + countries where that field is used. For more guidance on how to use this + schema, see: https://support.google.com/business/answer/6397478. + id: PostalAddress properties: - logType: - description: The log type that this config enables. + administrativeArea: type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: - type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: + Optional. Highest administrative subdivision which is used for + postal addresses of a country or region. For example, this can be a + state, a province, an oblast, or a prefecture. For Spain, this is + the province and not the autonomous community (for example, + "Barcelona" and not "Catalonia"). Many countries don't use an + administrative area in postal addresses. For example, in + Switzerland, this should be left unpopulated. + revision: + type: integer description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array + The schema revision of the `PostalAddress`. This must be set to 0, + which is the latest revision. All new revisions **must** be backward + compatible with old revisions. + format: int32 + addressLines: items: type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object - properties: - permissions: description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. + Unstructured address lines describing the lower levels of an + address. Because values in `address_lines` do not have type + information and may sometimes contain multiple values in a single + field (for example, "Austin, TX"), it is important that the line + order is clear. The order of address lines should be "envelope + order" for the country or region of the address. In places where + this can vary (for example, Japan), `address_language` is used to + make it explicit (for example, "ja" for large-to-small ordering and + "ja-Latn" or "en" for small-to-large). In this way, the most + specific line of an address can be selected based on the language. + The minimum permitted structural representation of an address + consists of a `region_code` with all remaining information placed in + the `address_lines`. It would be possible to format such an address + very approximately without geocoding, but no semantic reasoning + could be made about any of the address components until it was at + least partially resolved. Creating an address only containing a + `region_code` and `address_lines` and then geocoding is the + recommended way to handle completely unstructured addresses (as + opposed to guessing which parts of the address should be localities + or administrative areas). + type: array + recipients: type: array items: type: string - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object - properties: - locations: description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. + Optional. The recipient at the address. This field may, under + certain circumstances, contain multiline information. For example, + it might contain "care of" information. + organization: + description: Optional. The name of the organization at the address. + type: string + locality: type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: - name: description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + Optional. Generally refers to the city or town portion of the + address. Examples: US city, IT comune, UK post town. In regions of + the world where localities are not well defined or do not fit into + this structure well, leave `locality` empty and use `address_lines`. + regionCode: + description: >- + Required. CLDR region code of the country/region of the address. + This is never inferred and it is up to the user to ensure the value + is correct. See https://cldr.unicode.org/ and + https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html + for details. Example: "CH" for Switzerland. type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + languageCode: + description: >- + Optional. BCP-47 language code of the contents of this address (if + known). This is often the UI language of the input form or is + expected to match one of the languages used in the address' + country/region, or their transliterated equivalents. This can affect + formatting in certain countries, but is not critical to the + correctness of the data and will never affect any validation or + other non-formatting related operations. If this value is not known, + it should be omitted (rather than specifying a possibly incorrect + default). Examples: "zh-Hant", "ja", "ja-Latn", "en". type: string - displayName: + sublocality: description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + Optional. Sublocality of the address. For example, this can be a + neighborhood, borough, or district. + type: string + postalCode: type: string - labels: description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: + Optional. Postal code of the address. Not all countries use or + require postal codes to be present, but where they are used, they + may trigger additional validation with other parts of the address + (for example, state or zip code validation in the United States). + sortingCode: + description: >- + Optional. Additional, country-specific, sorting code. This is not + used in most regions. Where it is used, the value is either a string + like "CEDEX", optionally followed by a number (for example, "CEDEX + 7"), or just a number alone, representing the "sector code" + (Jamaica), "delivery area indicator" (Malawi) or "post office + indicator" (Côte d'Ivoire). + type: string + type: object + RegisterDomainRequest: + id: RegisterDomainRequest + description: Request for the `RegisterDomain` method. + properties: + contactNotices: + items: + enumDescriptions: + - The notice is undefined. + - >- + Required when setting the `privacy` field of `ContactSettings` + to `PUBLIC_CONTACT_DATA`, which exposes contact data publicly. type: string - metadata: + enum: + - CONTACT_NOTICE_UNSPECIFIED + - PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT + type: array description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. Output only. + The list of contact notices that the caller acknowledges. The + notices needed here depend on the values specified in + `registration.contact_settings`. + domainNotices: + items: + type: string + enum: + - DOMAIN_NOTICE_UNSPECIFIED + - HSTS_PRELOADED + enumDescriptions: + - The notice is undefined. + - >- + Indicates that the domain is preloaded on the HTTP Strict + Transport Security list in browsers. Serving a website on such + domain requires an SSL certificate. For details, see [how to get + an SSL + certificate](https://support.google.com/domains/answer/7638036). + description: >- + The list of domain notices that you acknowledge. Call + `RetrieveRegisterParameters` to see the notices that need + acknowledgement. + type: array + validateOnly: + type: boolean + description: >- + When true, only validation is performed, without actually + registering the domain. Follows: + https://cloud.google.com/apis/design/design_patterns#request_validation + registration: + $ref: '#/components/schemas/Registration' + description: Required. The complete `Registration` resource to be created. + yearlyPrice: + description: >- + Required. Yearly price to register or renew the domain. The value + that should be put here can be obtained from + RetrieveRegisterParameters or SearchDomains calls. + $ref: '#/components/schemas/Money' type: object + WrrPolicy: properties: - createTime: - description: The time the operation was created. - type: string - format: google-datetime - endTime: - description: The time the operation finished running. - type: string - format: google-datetime - target: - description: Server-defined resource path for the target of the operation. - type: string - verb: - description: Name of the verb executed by the operation. - type: string - statusDetail: - description: Human-readable status of the operation, if any. - type: string - apiVersion: - description: API version used to start the operation. - type: string + item: + items: + $ref: '#/components/schemas/WrrPolicyItem' + type: array + description: >- + Configures a RRSetRoutingPolicy that routes in a weighted round robin + fashion. + type: object + id: WrrPolicy parameters: - access_token: - description: OAuth access token. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: access_token + name: uploadType schema: type: string - alt: - description: Data format for response. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: alt + name: oauth_token schema: type: string - enum: - - json - - media - - proto callback: description: JSONP in: query @@ -2324,19 +2328,10 @@ components: name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string - oauth_token: - description: OAuth 2.0 token for the current user. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: oauth_token + name: upload_protocol schema: type: string prettyPrint: @@ -2345,6 +2340,15 @@ components: name: prettyPrint schema: type: boolean + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -2354,46 +2358,50 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + alt: + description: Data format for response. in: query - name: upload_protocol + name: alt schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + enum: + - json + - media + - proto + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: uploadType + name: key schema: type: string - _.xgafv: - description: V1 error format. + access_token: + description: OAuth access token. in: query - name: $.xgafv + name: access_token schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: locations: id: google.domains.locations name: locations title: Locations methods: - list: + get: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.locations - get: + list: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.locations sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/locations/methods/get' @@ -2402,30 +2410,22 @@ components: update: [] replace: [] delete: [] - operations: - id: google.domains.operations - name: operations - title: Operations + registrations_google_domains_forwarding_config: + id: google.domains.registrations_google_domains_forwarding_config + name: registrations_google_domains_forwarding_config + title: Registrations_google_domains_forwarding_config methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - get: + retrieve_google_domains_forwarding_config: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:retrieveGoogleDomainsForwardingConfig/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' + - $ref: >- + #/components/x-stackQL-resources/registrations_google_domains_forwarding_config/methods/retrieve_google_domains_forwarding_config insert: [] update: [] replace: [] @@ -2435,102 +2435,102 @@ components: name: registrations title: Registrations methods: - search_domains: + reset_authorization_code: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations:searchDomains/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:resetAuthorizationCode/post response: mediaType: application/json openAPIDocKey: '200' - register: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations:register/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}/get response: mediaType: application/json openAPIDocKey: '200' - transfer: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations:transfer/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}/patch response: mediaType: application/json openAPIDocKey: '200' - import: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations:import/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.registrations - get: + register: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations:register/post response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.registrations + configure_dns_settings: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:configureDnsSettings/post response: mediaType: application/json openAPIDocKey: '200' - configure_management_settings: + export: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:configureManagementSettings/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:export/post response: mediaType: application/json openAPIDocKey: '200' - configure_dns_settings: + initiate_push_transfer: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:configureDnsSettings/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:initiatePushTransfer/post response: mediaType: application/json openAPIDocKey: '200' - configure_contact_settings: + search_domains: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:configureContactSettings/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations:searchDomains/get response: mediaType: application/json openAPIDocKey: '200' - export: + configure_management_settings: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:export/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:configureManagementSettings/post response: mediaType: application/json openAPIDocKey: '200' - reset_authorization_code: + transfer: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:resetAuthorizationCode/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations:transfer/post response: mediaType: application/json openAPIDocKey: '200' - initiate_push_transfer: + configure_contact_settings: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:initiatePushTransfer/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:configureContactSettings/post response: mediaType: application/json openAPIDocKey: '200' @@ -2551,45 +2551,62 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/registrations/methods/delete' - registrations_register_parameters: - id: google.domains.registrations_register_parameters - name: registrations_register_parameters - title: Registrations_register_parameters + registrations_authorization_code: + id: google.domains.registrations_authorization_code + name: registrations_authorization_code + title: Registrations_authorization_code methods: - retrieve_register_parameters: + retrieve_authorization_code: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations:retrieveRegisterParameters/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:retrieveAuthorizationCode/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/registrations_register_parameters/methods/retrieve_register_parameters + #/components/x-stackQL-resources/registrations_authorization_code/methods/retrieve_authorization_code insert: [] update: [] replace: [] delete: [] - registrations_transfer_parameters: - id: google.domains.registrations_transfer_parameters - name: registrations_transfer_parameters - title: Registrations_transfer_parameters + registrations_iam_policies: + id: google.domains.registrations_iam_policies + name: registrations_iam_policies + title: Registrations_iam_policies methods: - retrieve_transfer_parameters: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations:retrieveTransferParameters/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + test_iam_permissions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' + get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/registrations_transfer_parameters/methods/retrieve_transfer_parameters + #/components/x-stackQL-resources/registrations_iam_policies/methods/get_iam_policy insert: [] update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/registrations_iam_policies/methods/set_iam_policy delete: [] registrations_importable_domains: id: google.domains.registrations_importable_domains @@ -2611,153 +2628,108 @@ components: update: [] replace: [] delete: [] - registrations_google_domains_dns_records: - id: google.domains.registrations_google_domains_dns_records - name: registrations_google_domains_dns_records - title: Registrations_google_domains_dns_records + registrations_register_parameters: + id: google.domains.registrations_register_parameters + name: registrations_register_parameters + title: Registrations_register_parameters methods: - retrieve_google_domains_dns_records: + retrieve_register_parameters: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:retrieveGoogleDomainsDnsRecords/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations:retrieveRegisterParameters/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/registrations_google_domains_dns_records/methods/retrieve_google_domains_dns_records + #/components/x-stackQL-resources/registrations_register_parameters/methods/retrieve_register_parameters insert: [] update: [] replace: [] delete: [] - registrations_google_domains_forwarding_config: - id: google.domains.registrations_google_domains_forwarding_config - name: registrations_google_domains_forwarding_config - title: Registrations_google_domains_forwarding_config + registrations_google_domains_dns_records: + id: google.domains.registrations_google_domains_dns_records + name: registrations_google_domains_dns_records + title: Registrations_google_domains_dns_records methods: - retrieve_google_domains_forwarding_config: + retrieve_google_domains_dns_records: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:retrieveGoogleDomainsForwardingConfig/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:retrieveGoogleDomainsDnsRecords/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/registrations_google_domains_forwarding_config/methods/retrieve_google_domains_forwarding_config + #/components/x-stackQL-resources/registrations_google_domains_dns_records/methods/retrieve_google_domains_dns_records insert: [] update: [] replace: [] delete: [] - registrations_authorization_code: - id: google.domains.registrations_authorization_code - name: registrations_authorization_code - title: Registrations_authorization_code + registrations_transfer_parameters: + id: google.domains.registrations_transfer_parameters + name: registrations_transfer_parameters + title: Registrations_transfer_parameters methods: - retrieve_authorization_code: + retrieve_transfer_parameters: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:retrieveAuthorizationCode/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations:retrieveTransferParameters/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/registrations_authorization_code/methods/retrieve_authorization_code + #/components/x-stackQL-resources/registrations_transfer_parameters/methods/retrieve_transfer_parameters insert: [] update: [] replace: [] delete: [] - registrations_iam_policies: - id: google.domains.registrations_iam_policies - name: registrations_iam_policies - title: Registrations_iam_policies - methods: - set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - get_iam_policy: + operations: + id: google.domains.operations + name: operations + title: Operations + methods: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1registrations~1{registrationsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.operations sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/registrations_iam_policies/methods/get_iam_policy + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/registrations_iam_policies/methods/set_iam_policy + replace: [] delete: [] paths: - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/_.xgafv' - get: - description: Lists information about the supported locations for this service. - operationId: domains.projects.locations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListLocationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/access_token' get: description: Gets information about a location. operationId: domains.projects.locations.get @@ -2784,13 +2756,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + /v1/projects/{projectsId}/locations: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: domains.projects.locations.operations.list + description: Lists information about the supported locations for this service. + operationId: domains.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2802,39 +2772,42 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: extraLocationTypes schema: type: string - in: query name: filter schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:retrieveGoogleDomainsForwardingConfig: parameters: *ref_1 get: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: domains.projects.locations.operations.get + Lists the deprecated domain and email forwarding configurations you set + up in the deprecated Google Domains UI. The configuration is present + only for domains with the `google_domains_redirects_data_available` set + to `true` in the `Registration`'s `dns_settings`. A forwarding + configuration might not work correctly if required DNS records are not + present in the domain's authoritative DNS Zone. + operationId: >- + domains.projects.locations.registrations.retrieveGoogleDomainsForwardingConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2846,7 +2819,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: >- + #/components/schemas/RetrieveGoogleDomainsForwardingConfigResponse parameters: - in: path name: projectsId @@ -2859,19 +2833,27 @@ paths: schema: type: string - in: path - name: operationsId + name: registrationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations:searchDomains: + /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:resetAuthorizationCode: parameters: *ref_1 - get: + post: description: >- - Searches for available domain names similar to the provided query. - Availability results from this method are approximate; call - `RetrieveRegisterParameters` on a domain before registering to confirm - availability. - operationId: domains.projects.locations.registrations.searchDomains + Resets the authorization code of the `Registration` to a new random + string. You can call this method only after 60 days have elapsed since + the initial domain registration. Domains that have the + `REQUIRE_PUSH_TRANSFER` property in the list of `domain_properties` + don't support authorization codes and must use the + `InitiatePushTransfer` method to initiate the process to transfer the + domain to a different registrar. + operationId: domains.projects.locations.registrations.resetAuthorizationCode + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ResetAuthorizationCodeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2883,7 +2865,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SearchDomainsResponse' + $ref: '#/components/schemas/AuthorizationCode' parameters: - in: path name: projectsId @@ -2895,18 +2877,16 @@ paths: required: true schema: type: string - - in: query - name: query + - in: path + name: registrationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations:retrieveRegisterParameters: + /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}: parameters: *ref_1 get: - description: >- - Gets parameters needed to register a new domain name, including price - and up-to-date availability. Use the returned values to call - `RegisterDomain`. - operationId: domains.projects.locations.registrations.retrieveRegisterParameters + description: Gets the details of a `Registration` resource. + operationId: domains.projects.locations.registrations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2918,7 +2898,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RetrieveRegisterParametersResponse' + $ref: '#/components/schemas/Registration' parameters: - in: path name: projectsId @@ -2930,30 +2910,24 @@ paths: required: true schema: type: string - - in: query - name: domainName + - in: path + name: registrationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations:register: - parameters: *ref_1 - post: + patch: description: >- - Registers a new domain name and creates a corresponding `Registration` - resource. Call `RetrieveRegisterParameters` first to check availability - of the domain name and determine parameters like price that are needed - to build a call to this method. A successful call creates a - `Registration` resource in state `REGISTRATION_PENDING`, which resolves - to `ACTIVE` within 1-2 minutes, indicating that the domain was - successfully registered. If the resource ends up in state - `REGISTRATION_FAILED`, it indicates that the domain was not registered - successfully, and you can safely delete the resource and retry - registration. - operationId: domains.projects.locations.registrations.register + Updates select fields of a `Registration` resource, notably `labels`. To + update other fields, use the appropriate custom update method: * To + update management settings, see `ConfigureManagementSettings` * To + update DNS configuration, see `ConfigureDnsSettings` * To update contact + information, see `ConfigureContactSettings` + operationId: domains.projects.locations.registrations.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/RegisterDomainRequest' + $ref: '#/components/schemas/Registration' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2977,73 +2951,34 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations:retrieveTransferParameters: - parameters: *ref_1 - get: - description: >- - Deprecated: For more information, see [Cloud Domains feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) - Gets parameters needed to transfer a domain name from another registrar - to Cloud Domains. For domains already managed by [Google - Domains](https://domains.google/), use `ImportDomain` instead. Use the - returned values to call `TransferDomain`. - operationId: domains.projects.locations.registrations.retrieveTransferParameters - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/RetrieveTransferParametersResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - in: path - name: locationsId + name: registrationsId required: true schema: type: string - in: query - name: domainName + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations:transfer: - parameters: *ref_1 - post: + format: google-fieldmask + delete: description: >- - Deprecated: For more information, see [Cloud Domains feature + Deletes a `Registration` resource. This method works on any + `Registration` resource using [Subscription or Commitment + billing](/domains/pricing#billing-models), provided that the resource + was created at least 1 day in the past. When an active registration is + successfully deleted, you can continue to use the domain in [Google + Domains](https://domains.google/) until it expires. The calling user + becomes the domain's sole owner in Google Domains, and permissions for + the domain are subsequently managed there. The domain does not renew + automatically unless the new owner sets up billing in Google Domains. + After January 2024 you will only be able to delete `Registration` + resources when `state` is one of: `EXPORTED`, + `EXPIRED`,`REGISTRATION_FAILED` or `TRANSFER_FAILED`. See [Cloud Domains + feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) - Transfers a domain name from another registrar to Cloud Domains. For - domains already managed by [Google Domains](https://domains.google/), - use `ImportDomain` instead. Before calling this method, go to the - domain's current registrar to unlock the domain for transfer and - retrieve the domain's transfer authorization code. Then call - `RetrieveTransferParameters` to confirm that the domain is unlocked and - to get values needed to build a call to this method. A successful call - creates a `Registration` resource in state `TRANSFER_PENDING`. It can - take several days to complete the transfer process. The registrant can - often speed up this process by approving the transfer through the - current registrar, either by clicking a link in an email from the - registrar or by visiting the registrar's website. A few minutes after - transfer approval, the resource transitions to state `ACTIVE`, - indicating that the transfer was successful. If the transfer is rejected - or the request expires without being approved, the resource can end up - in state `TRANSFER_FAILED`. If transfer fails, you can safely delete the - resource and retry the transfer. - operationId: domains.projects.locations.registrations.transfer - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TransferDomainRequest' + for more details. + operationId: domains.projects.locations.registrations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3067,18 +3002,28 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations:retrieveImportableDomains: + - in: path + name: registrationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/registrations:import: parameters: *ref_1 - get: + post: description: >- Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) - Lists domain names from [Google Domains](https://domains.google/) that - can be imported to Cloud Domains using the `ImportDomain` method. Since - individual users can own domains in Google Domains, the list of domains - returned depends on the individual user making the call. Domains already - managed by Cloud Domains are not returned. - operationId: domains.projects.locations.registrations.retrieveImportableDomains + Imports a domain name from [Google Domains](https://domains.google/) for + use in Cloud Domains. To transfer a domain from another registrar, use + the `TransferDomain` method instead. Since individual users can own + domains in Google Domains, the calling user must have ownership + permission on the domain. + operationId: domains.projects.locations.registrations.import + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ImportDomainRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3090,7 +3035,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RetrieveImportableDomainsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3102,32 +3047,26 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations:import: + /v1/projects/{projectsId}/locations/{locationsId}/registrations:register: parameters: *ref_1 post: description: >- - Deprecated: For more information, see [Cloud Domains feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) - Imports a domain name from [Google Domains](https://domains.google/) for - use in Cloud Domains. To transfer a domain from another registrar, use - the `TransferDomain` method instead. Since individual users can own - domains in Google Domains, the calling user must have ownership - permission on the domain. - operationId: domains.projects.locations.registrations.import + Registers a new domain name and creates a corresponding `Registration` + resource. Call `RetrieveRegisterParameters` first to check availability + of the domain name and determine parameters like price that are needed + to build a call to this method. A successful call creates a + `Registration` resource in state `REGISTRATION_PENDING`, which resolves + to `ACTIVE` within 1-2 minutes, indicating that the domain was + successfully registered. If the resource ends up in state + `REGISTRATION_FAILED`, it indicates that the domain was not registered + successfully, and you can safely delete the resource and retry + registration. + operationId: domains.projects.locations.registrations.register requestBody: content: application/json: schema: - $ref: '#/components/schemas/ImportDomainRequest' + $ref: '#/components/schemas/RegisterDomainRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3179,24 +3118,31 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - in: query name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:retrieveAuthorizationCode: parameters: *ref_1 get: - description: Gets the details of a `Registration` resource. - operationId: domains.projects.locations.registrations.get + description: >- + Gets the authorization code of the `Registration` for the purpose of + transferring the domain to another registrar. You can call this method + only after 60 days have elapsed since the initial domain registration. + Domains that have the `REQUIRE_PUSH_TRANSFER` property in the list of + `domain_properties` don't support authorization codes and must use the + `InitiatePushTransfer` method to initiate the process to transfer the + domain to a different registrar. + operationId: domains.projects.locations.registrations.retrieveAuthorizationCode security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3208,7 +3154,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Registration' + $ref: '#/components/schemas/AuthorizationCode' parameters: - in: path name: projectsId @@ -3225,19 +3171,16 @@ paths: required: true schema: type: string - patch: - description: >- - Updates select fields of a `Registration` resource, notably `labels`. To - update other fields, use the appropriate custom update method: * To - update management settings, see `ConfigureManagementSettings` * To - update DNS configuration, see `ConfigureDnsSettings` * To update contact - information, see `ConfigureContactSettings` - operationId: domains.projects.locations.registrations.patch + /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:configureDnsSettings: + parameters: *ref_1 + post: + description: Updates a `Registration`'s DNS settings. + operationId: domains.projects.locations.registrations.configureDnsSettings requestBody: content: application/json: schema: - $ref: '#/components/schemas/Registration' + $ref: '#/components/schemas/ConfigureDnsSettingsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3266,29 +3209,19 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: + /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:setIamPolicy: + parameters: *ref_1 + post: description: >- - Deletes a `Registration` resource. This method works on any - `Registration` resource using [Subscription or Commitment - billing](/domains/pricing#billing-models), provided that the resource - was created at least 1 day in the past. When an active registration is - successfully deleted, you can continue to use the domain in [Google - Domains](https://domains.google/) until it expires. The calling user - becomes the domain's sole owner in Google Domains, and permissions for - the domain are subsequently managed there. The domain does not renew - automatically unless the new owner sets up billing in Google Domains. - After January 2024 you will only be able to delete `Registration` - resources when `state` is one of: `EXPORTED`, - `EXPIRED`,`REGISTRATION_FAILED` or `TRANSFER_FAILED`. See [Cloud Domains - feature - deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) - for more details. - operationId: domains.projects.locations.registrations.delete + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: domains.projects.locations.registrations.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3300,7 +3233,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -3317,16 +3250,69 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:configureManagementSettings: + /v1/projects/{projectsId}/locations/{locationsId}/registrations:retrieveImportableDomains: + parameters: *ref_1 + get: + description: >- + Deprecated: For more information, see [Cloud Domains feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) + Lists domain names from [Google Domains](https://domains.google/) that + can be imported to Cloud Domains using the `ImportDomain` method. Since + individual users can own domains in Google Domains, the list of domains + returned depends on the individual user making the call. Domains already + managed by Cloud Domains are not returned. + operationId: domains.projects.locations.registrations.retrieveImportableDomains + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/RetrieveImportableDomainsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:export: parameters: *ref_1 post: - description: Updates a `Registration`'s management settings. - operationId: domains.projects.locations.registrations.configureManagementSettings + description: >- + Deprecated: For more information, see [Cloud Domains feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) + Exports a `Registration` resource, such that it is no longer managed by + Cloud Domains. When an active domain is successfully exported, you can + continue to use the domain in [Google Domains](https://domains.google/) + until it expires. The calling user becomes the domain's sole owner in + Google Domains, and permissions for the domain are subsequently managed + there. The domain does not renew automatically unless the new owner sets + up billing in Google Domains. + operationId: domains.projects.locations.registrations.export requestBody: content: application/json: schema: - $ref: '#/components/schemas/ConfigureManagementSettingsRequest' + $ref: '#/components/schemas/ExportRegistrationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3355,16 +3341,26 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:configureDnsSettings: + /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:initiatePushTransfer: parameters: *ref_1 post: - description: Updates a `Registration`'s DNS settings. - operationId: domains.projects.locations.registrations.configureDnsSettings + description: >- + Initiates the `Push Transfer` process to transfer the domain to another + registrar. The process might complete instantly or might require + confirmation or additional work. Check the emails sent to the email + address of the registrant. The process is aborted after a timeout if + it's not completed. This method is only supported for domains that have + the `REQUIRE_PUSH_TRANSFER` property in the list of `domain_properties`. + The domain must also be unlocked before it can be transferred to a + different registrar. For more information, see [Transfer a registered + domain to another + registrar](https://cloud.google.com/domains/docs/transfer-domain-to-another-registrar). + operationId: domains.projects.locations.registrations.initiatePushTransfer requestBody: content: application/json: schema: - $ref: '#/components/schemas/ConfigureDnsSettingsRequest' + $ref: '#/components/schemas/InitiatePushTransferRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3393,14 +3389,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:retrieveGoogleDomainsDnsRecords: + /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:testIamPermissions: parameters: *ref_1 - get: + post: description: >- - Lists the DNS records from the Google Domains DNS zone for domains that - use the deprecated `google_domains_dns` in the `Registration`'s - `dns_settings`. - operationId: domains.projects.locations.registrations.retrieveGoogleDomainsDnsRecords + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: domains.projects.locations.registrations.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3412,7 +3415,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RetrieveGoogleDomainsDnsRecordsResponse' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -3429,27 +3432,15 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:retrieveGoogleDomainsForwardingConfig: - parameters: *ref_1 - get: - description: >- - Lists the deprecated domain and email forwarding configurations you set - up in the deprecated Google Domains UI. The configuration is present - only for domains with the `google_domains_redirects_data_available` set - to `true` in the `Registration`'s `dns_settings`. A forwarding - configuration might not work correctly if required DNS records are not - present in the domain's authoritative DNS Zone. - operationId: >- - domains.projects.locations.registrations.retrieveGoogleDomainsForwardingConfig + /v1/projects/{projectsId}/locations/{locationsId}/registrations:searchDomains: + parameters: *ref_1 + get: + description: >- + Searches for available domain names similar to the provided query. + Availability results from this method are approximate; call + `RetrieveRegisterParameters` on a domain before registering to confirm + availability. + operationId: domains.projects.locations.registrations.searchDomains security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3461,8 +3452,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/RetrieveGoogleDomainsForwardingConfigResponse + $ref: '#/components/schemas/SearchDomainsResponse' parameters: - in: path name: projectsId @@ -3474,33 +3464,20 @@ paths: required: true schema: type: string - - in: path - name: registrationsId - required: true + - in: query + name: query schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:configureContactSettings: + /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:configureManagementSettings: parameters: *ref_1 post: - description: >- - Updates a `Registration`'s contact settings. Some changes require - confirmation by the domain's registrant contact . Caution: Please - consider carefully any changes to contact privacy settings when changing - from `REDACTED_CONTACT_DATA` to `PUBLIC_CONTACT_DATA.` There may be a - delay in reflecting updates you make to registrant contact information - such that any changes you make to contact privacy (including from - `REDACTED_CONTACT_DATA` to `PUBLIC_CONTACT_DATA`) will be applied - without delay but changes to registrant contact information may take a - limited time to be publicized. This means that changes to contact - privacy from `REDACTED_CONTACT_DATA` to `PUBLIC_CONTACT_DATA` may make - the previous registrant contact data public until the modified - registrant contact details are published. - operationId: domains.projects.locations.registrations.configureContactSettings + description: Updates a `Registration`'s management settings. + operationId: domains.projects.locations.registrations.configureManagementSettings requestBody: content: application/json: schema: - $ref: '#/components/schemas/ConfigureContactSettingsRequest' + $ref: '#/components/schemas/ConfigureManagementSettingsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3529,25 +3506,35 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:export: + /v1/projects/{projectsId}/locations/{locationsId}/registrations:transfer: parameters: *ref_1 post: description: >- Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) - Exports a `Registration` resource, such that it is no longer managed by - Cloud Domains. When an active domain is successfully exported, you can - continue to use the domain in [Google Domains](https://domains.google/) - until it expires. The calling user becomes the domain's sole owner in - Google Domains, and permissions for the domain are subsequently managed - there. The domain does not renew automatically unless the new owner sets - up billing in Google Domains. - operationId: domains.projects.locations.registrations.export + Transfers a domain name from another registrar to Cloud Domains. For + domains already managed by [Google Domains](https://domains.google/), + use `ImportDomain` instead. Before calling this method, go to the + domain's current registrar to unlock the domain for transfer and + retrieve the domain's transfer authorization code. Then call + `RetrieveTransferParameters` to confirm that the domain is unlocked and + to get values needed to build a call to this method. A successful call + creates a `Registration` resource in state `TRANSFER_PENDING`. It can + take several days to complete the transfer process. The registrant can + often speed up this process by approving the transfer through the + current registrar, either by clicking a link in an email from the + registrar or by visiting the registrar's website. A few minutes after + transfer approval, the resource transitions to state `ACTIVE`, + indicating that the transfer was successful. If the transfer is rejected + or the request expires without being approved, the resource can end up + in state `TRANSFER_FAILED`. If transfer fails, you can safely delete the + resource and retry the transfer. + operationId: domains.projects.locations.registrations.transfer requestBody: content: application/json: schema: - $ref: '#/components/schemas/ExportRegistrationRequest' + $ref: '#/components/schemas/TransferDomainRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3571,23 +3558,49 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/registrations:retrieveRegisterParameters: + parameters: *ref_1 + get: + description: >- + Gets parameters needed to register a new domain name, including price + and up-to-date availability. Use the returned values to call + `RegisterDomain`. + operationId: domains.projects.locations.registrations.retrieveRegisterParameters + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/RetrieveRegisterParametersResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: registrationsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:retrieveAuthorizationCode: + - in: query + name: domainName + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:retrieveGoogleDomainsDnsRecords: parameters: *ref_1 get: description: >- - Gets the authorization code of the `Registration` for the purpose of - transferring the domain to another registrar. You can call this method - only after 60 days have elapsed since the initial domain registration. - Domains that have the `REQUIRE_PUSH_TRANSFER` property in the list of - `domain_properties` don't support authorization codes and must use the - `InitiatePushTransfer` method to initiate the process to transfer the - domain to a different registrar. - operationId: domains.projects.locations.registrations.retrieveAuthorizationCode + Lists the DNS records from the Google Domains DNS zone for domains that + use the deprecated `google_domains_dns` in the `Registration`'s + `dns_settings`. + operationId: domains.projects.locations.registrations.retrieveGoogleDomainsDnsRecords security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3599,7 +3612,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AuthorizationCode' + $ref: '#/components/schemas/RetrieveGoogleDomainsDnsRecordsResponse' parameters: - in: path name: projectsId @@ -3616,23 +3629,26 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:resetAuthorizationCode: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/registrations:retrieveTransferParameters: parameters: *ref_1 - post: + get: description: >- - Resets the authorization code of the `Registration` to a new random - string. You can call this method only after 60 days have elapsed since - the initial domain registration. Domains that have the - `REQUIRE_PUSH_TRANSFER` property in the list of `domain_properties` - don't support authorization codes and must use the - `InitiatePushTransfer` method to initiate the process to transfer the - domain to a different registrar. - operationId: domains.projects.locations.registrations.resetAuthorizationCode - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ResetAuthorizationCodeRequest' + Deprecated: For more information, see [Cloud Domains feature + deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) + Gets parameters needed to transfer a domain name from another registrar + to Cloud Domains. For domains already managed by [Google + Domains](https://domains.google/), use `ImportDomain` instead. Use the + returned values to call `TransferDomain`. + operationId: domains.projects.locations.registrations.retrieveTransferParameters security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3644,7 +3660,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AuthorizationCode' + $ref: '#/components/schemas/RetrieveTransferParametersResponse' parameters: - in: path name: projectsId @@ -3656,31 +3672,32 @@ paths: required: true schema: type: string - - in: path - name: registrationsId - required: true + - in: query + name: domainName schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:initiatePushTransfer: + /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:configureContactSettings: parameters: *ref_1 post: description: >- - Initiates the `Push Transfer` process to transfer the domain to another - registrar. The process might complete instantly or might require - confirmation or additional work. Check the emails sent to the email - address of the registrant. The process is aborted after a timeout if - it's not completed. This method is only supported for domains that have - the `REQUIRE_PUSH_TRANSFER` property in the list of `domain_properties`. - The domain must also be unlocked before it can be transferred to a - different registrar. For more information, see [Transfer a registered - domain to another - registrar](https://cloud.google.com/domains/docs/transfer-domain-to-another-registrar). - operationId: domains.projects.locations.registrations.initiatePushTransfer + Updates a `Registration`'s contact settings. Some changes require + confirmation by the domain's registrant contact . Caution: Please + consider carefully any changes to contact privacy settings when changing + from `REDACTED_CONTACT_DATA` to `PUBLIC_CONTACT_DATA.` There may be a + delay in reflecting updates you make to registrant contact information + such that any changes you make to contact privacy (including from + `REDACTED_CONTACT_DATA` to `PUBLIC_CONTACT_DATA`) will be applied + without delay but changes to registrant contact information may take a + limited time to be publicized. This means that changes to contact + privacy from `REDACTED_CONTACT_DATA` to `PUBLIC_CONTACT_DATA` may make + the previous registrant contact data public until the modified + registrant contact details are published. + operationId: domains.projects.locations.registrations.configureContactSettings requestBody: content: application/json: schema: - $ref: '#/components/schemas/InitiatePushTransferRequest' + $ref: '#/components/schemas/ConfigureContactSettingsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3751,19 +3768,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:getIamPolicy: parameters: *ref_1 - post: + get: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: domains.projects.locations.registrations.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: domains.projects.locations.registrations.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3792,13 +3803,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:getIamPolicy: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: domains.projects.locations.registrations.getIamPolicy + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: domains.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3810,7 +3827,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3823,30 +3840,17 @@ paths: schema: type: string - in: path - name: registrationsId + name: operationsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/registrations/{registrationsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 - post: + get: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: domains.projects.locations.registrations.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: domains.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3858,7 +3862,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -3870,8 +3874,16 @@ paths: required: true schema: type: string - - in: path - name: registrationsId - required: true + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/essentialcontacts.yaml b/providers/src/googleapis.com/v00.00.00000/services/essentialcontacts.yaml index d08f139e..ec4daec8 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/essentialcontacts.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/essentialcontacts.yaml @@ -7,8 +7,8 @@ info: title: Essential Contacts API description: '' version: v1 - x-discovery-doc-revision: '20250814' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251127' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/essentialcontacts/docs/ servers: @@ -34,28 +34,131 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleCloudEssentialcontactsV1Contact: - id: GoogleCloudEssentialcontactsV1Contact - description: A contact that will receive notifications from Google Cloud. + GoogleCloudEssentialcontactsV1ListContactsResponse: + properties: + nextPageToken: + description: >- + If there are more results than those appearing in this response, + then `next_page_token` is included. To get the next set of results, + call this method again using the value of `next_page_token` as + `page_token` and the rest of the parameters the same as the original + request. + type: string + contacts: + description: The contacts for the specified resource. + items: + $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' + type: array + id: GoogleCloudEssentialcontactsV1ListContactsResponse + type: object + description: Response message for the ListContacts method. + GoogleCloudEssentialcontactsV1SendTestMessageRequest: type: object properties: - name: + contacts: + items: + type: string description: >- - Output only. The identifier for the contact. Format: - {resource_type}/{resource_id}/contacts/{contact_id} - readOnly: true + Required. The list of names of the contacts to send a test message + to. Format: organizations/{organization_id}/contacts/{contact_id}, + folders/{folder_id}/contacts/{contact_id} or + projects/{project_id}/contacts/{contact_id} + type: array + notificationCategory: + enum: + - NOTIFICATION_CATEGORY_UNSPECIFIED + - ALL + - SUSPENSION + - SECURITY + - TECHNICAL + - BILLING + - LEGAL + - PRODUCT_UPDATES + - TECHNICAL_INCIDENTS + enumDescriptions: + - Notification category is unrecognized or unspecified. + - >- + All notifications related to the resource, including notifications + pertaining to categories added in the future. + - Notifications related to imminent account suspension. + - >- + Notifications related to security/privacy incidents, + notifications, and vulnerabilities. + - >- + Notifications related to technical events and issues such as + outages, errors, or bugs. + - >- + Notifications related to billing and payments notifications, price + updates, errors, or credits. + - >- + Notifications related to enforcement actions, regulatory + compliance, or government notices. + - >- + Notifications related to new versions, product terms updates, or + deprecations. + - >- + Child category of TECHNICAL. If assigned, technical incident + notifications will go to these contacts instead of TECHNICAL. + description: >- + Required. The notification category to send the test message for. + All contacts must be subscribed to this category. type: string - email: + id: GoogleCloudEssentialcontactsV1SendTestMessageRequest + description: Request message for the SendTestMessage method. + GoogleCloudEssentialcontactsV1ComputeContactsResponse: + id: GoogleCloudEssentialcontactsV1ComputeContactsResponse + properties: + nextPageToken: description: >- - Required. The email address to send notifications to. The email - address does not need to be a Google Account. + If there are more results than those appearing in this response, + then `next_page_token` is included. To get the next set of results, + call this method again using the value of `next_page_token` as + `page_token` and the rest of the parameters the same as the original + request. type: string - notificationCategorySubscriptions: + contacts: description: >- - Required. The categories of notifications that the contact will - receive communications for. + All contacts for the resource that are subscribed to the specified + notification categories, including contacts inherited from any + parent resources. + items: + $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' type: array + type: object + description: Response message for the ComputeContacts method. + GoogleProtobufEmpty: + properties: {} + id: GoogleProtobufEmpty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + GoogleCloudEssentialcontactsV1Contact: + id: GoogleCloudEssentialcontactsV1Contact + type: object + properties: + validateTime: + description: >- + Output only. The last time the validation_state was updated, either + manually or automatically. A contact is considered stale if its + validation state was updated more than 1 year ago. + type: string + format: google-datetime + readOnly: true + notificationCategorySubscriptions: items: + enum: + - NOTIFICATION_CATEGORY_UNSPECIFIED + - ALL + - SUSPENSION + - SECURITY + - TECHNICAL + - BILLING + - LEGAL + - PRODUCT_UPDATES + - TECHNICAL_INCIDENTS type: string enumDescriptions: - Notification category is unrecognized or unspecified. @@ -81,30 +184,21 @@ components: - >- Child category of TECHNICAL. If assigned, technical incident notifications will go to these contacts instead of TECHNICAL. - enum: - - NOTIFICATION_CATEGORY_UNSPECIFIED - - ALL - - SUSPENSION - - SECURITY - - TECHNICAL - - BILLING - - LEGAL - - PRODUCT_UPDATES - - TECHNICAL_INCIDENTS - languageTag: description: >- - Required. The preferred language for notifications, as a ISO 639-1 - language code. See [Supported - languages](https://cloud.google.com/resource-manager/docs/managing-notification-contacts#supported-languages) - for a list of supported languages. - type: string + Required. The categories of notifications that the contact will + receive communications for. + type: array validationState: description: >- Output only. The validity of the contact. A contact is considered valid if it is the correct recipient for notifications for a particular resource. - readOnly: true type: string + enum: + - VALIDATION_STATE_UNSPECIFIED + - VALID + - INVALID + readOnly: true enumDescriptions: - The validation state is unknown or unspecified. - >- @@ -113,146 +207,36 @@ components: - >- The contact is considered invalid. This may become the state if the contact's email is found to be unreachable. - enum: - - VALIDATION_STATE_UNSPECIFIED - - VALID - - INVALID - validateTime: - description: >- - Output only. The last time the validation_state was updated, either - manually or automatically. A contact is considered stale if its - validation state was updated more than 1 year ago. - readOnly: true + languageTag: type: string - format: google-datetime - GoogleCloudEssentialcontactsV1ListContactsResponse: - id: GoogleCloudEssentialcontactsV1ListContactsResponse - description: Response message for the ListContacts method. - type: object - properties: - contacts: - description: The contacts for the specified resource. - type: array - items: - $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' - nextPageToken: description: >- - If there are more results than those appearing in this response, - then `next_page_token` is included. To get the next set of results, - call this method again using the value of `next_page_token` as - `page_token` and the rest of the parameters the same as the original - request. + Required. The preferred language for notifications, as a ISO 639-1 + language code. See [Supported + languages](https://cloud.google.com/resource-manager/docs/managing-notification-contacts#supported-languages) + for a list of supported languages. + email: type: string - GoogleProtobufEmpty: - id: GoogleProtobufEmpty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - GoogleCloudEssentialcontactsV1ComputeContactsResponse: - id: GoogleCloudEssentialcontactsV1ComputeContactsResponse - description: Response message for the ComputeContacts method. - type: object - properties: - contacts: description: >- - All contacts for the resource that are subscribed to the specified - notification categories, including contacts inherited from any - parent resources. - type: array - items: - $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' - nextPageToken: - description: >- - If there are more results than those appearing in this response, - then `next_page_token` is included. To get the next set of results, - call this method again using the value of `next_page_token` as - `page_token` and the rest of the parameters the same as the original - request. + Required. The email address to send notifications to. The email + address does not need to be a Google Account. + name: + readOnly: true type: string - GoogleCloudEssentialcontactsV1SendTestMessageRequest: - id: GoogleCloudEssentialcontactsV1SendTestMessageRequest - description: Request message for the SendTestMessage method. - type: object - properties: - contacts: - description: >- - Required. The list of names of the contacts to send a test message - to. Format: organizations/{organization_id}/contacts/{contact_id}, - folders/{folder_id}/contacts/{contact_id} or - projects/{project_id}/contacts/{contact_id} - type: array - items: - type: string - notificationCategory: description: >- - Required. The notification category to send the test message for. - All contacts must be subscribed to this category. - type: string - enumDescriptions: - - Notification category is unrecognized or unspecified. - - >- - All notifications related to the resource, including notifications - pertaining to categories added in the future. - - Notifications related to imminent account suspension. - - >- - Notifications related to security/privacy incidents, - notifications, and vulnerabilities. - - >- - Notifications related to technical events and issues such as - outages, errors, or bugs. - - >- - Notifications related to billing and payments notifications, price - updates, errors, or credits. - - >- - Notifications related to enforcement actions, regulatory - compliance, or government notices. - - >- - Notifications related to new versions, product terms updates, or - deprecations. - - >- - Child category of TECHNICAL. If assigned, technical incident - notifications will go to these contacts instead of TECHNICAL. - enum: - - NOTIFICATION_CATEGORY_UNSPECIFIED - - ALL - - SUSPENSION - - SECURITY - - TECHNICAL - - BILLING - - LEGAL - - PRODUCT_UPDATES - - TECHNICAL_INCIDENTS + Output only. The identifier for the contact. Format: + {resource_type}/{resource_id}/contacts/{contact_id} + description: A contact that will receive notifications from Google Cloud. parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: callback + name: uploadType schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: fields + name: upload_protocol schema: type: string key: @@ -270,12 +254,18 @@ components: name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + access_token: + description: OAuth access token. in: query - name: prettyPrint + name: access_token schema: - type: boolean + type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -285,118 +275,128 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + _.xgafv: + description: V1 error format. in: query - name: upload_protocol + name: $.xgafv schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + enum: + - '1' + - '2' + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: uploadType + name: prettyPrint + schema: + type: boolean + callback: + description: JSONP + in: query + name: callback schema: type: string - _.xgafv: - description: V1 error format. + alt: + description: Data format for response. in: query - name: $.xgafv + name: alt schema: type: string enum: - - '1' - - '2' + - json + - media + - proto x-stackQL-resources: contacts: id: google.essentialcontacts.contacts name: contacts title: Contacts methods: - projects_contacts_create: + folders_contacts_list: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1contacts/post' + $ref: '#/paths/~1v1~1folders~1{foldersId}~1contacts/get' response: mediaType: application/json openAPIDocKey: '200' - projects_contacts_list: + objectKey: $.contacts + folders_contacts_create: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1contacts/get' + $ref: '#/paths/~1v1~1folders~1{foldersId}~1contacts/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.contacts - projects_contacts_patch: + folders_contacts_delete: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1contacts~1{contactsId}/patch' + $ref: '#/paths/~1v1~1folders~1{foldersId}~1contacts~1{contactsId}/delete' response: mediaType: application/json openAPIDocKey: '200' - projects_contacts_get: + folders_contacts_patch: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1contacts~1{contactsId}/get' + $ref: '#/paths/~1v1~1folders~1{foldersId}~1contacts~1{contactsId}/patch' response: mediaType: application/json openAPIDocKey: '200' - projects_contacts_delete: + folders_contacts_get: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1contacts~1{contactsId}/delete + $ref: '#/paths/~1v1~1folders~1{foldersId}~1contacts~1{contactsId}/get' response: mediaType: application/json openAPIDocKey: '200' - projects_contacts_compute: + folders_contacts_compute: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1contacts:compute/get' + $ref: '#/paths/~1v1~1folders~1{foldersId}~1contacts:compute/get' response: mediaType: application/json openAPIDocKey: '200' - projects_contacts_send_test_message: + folders_contacts_send_test_message: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1contacts:sendTestMessage/post + $ref: '#/paths/~1v1~1folders~1{foldersId}~1contacts:sendTestMessage/post' response: mediaType: application/json openAPIDocKey: '200' - folders_contacts_create: + projects_contacts_send_test_message: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1contacts/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1contacts:sendTestMessage/post response: mediaType: application/json openAPIDocKey: '200' - folders_contacts_list: + projects_contacts_get: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1contacts/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1contacts~1{contactsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.contacts - folders_contacts_patch: + projects_contacts_patch: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1contacts~1{contactsId}/patch' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1contacts~1{contactsId}/patch' response: mediaType: application/json openAPIDocKey: '200' - folders_contacts_get: + projects_contacts_delete: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1contacts~1{contactsId}/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1contacts~1{contactsId}/delete response: mediaType: application/json openAPIDocKey: '200' - folders_contacts_delete: + projects_contacts_create: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1contacts~1{contactsId}/delete' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1contacts/post' response: mediaType: application/json openAPIDocKey: '200' - folders_contacts_compute: + projects_contacts_list: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1contacts:compute/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1contacts/get' response: mediaType: application/json openAPIDocKey: '200' - folders_contacts_send_test_message: + objectKey: $.contacts + projects_contacts_compute: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1contacts:sendTestMessage/post' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1contacts:compute/get' response: mediaType: application/json openAPIDocKey: '200' @@ -413,24 +413,24 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.contacts - organizations_contacts_patch: + organizations_contacts_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1contacts~1{contactsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1contacts~1{contactsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_contacts_get: + organizations_contacts_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1contacts~1{contactsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1contacts~1{contactsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_contacts_delete: + organizations_contacts_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1contacts~1{contactsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1contacts~1{contactsId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -450,57 +450,88 @@ components: openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/contacts/methods/projects_contacts_get - $ref: >- #/components/x-stackQL-resources/contacts/methods/folders_contacts_get - $ref: >- - #/components/x-stackQL-resources/contacts/methods/organizations_contacts_get + #/components/x-stackQL-resources/contacts/methods/projects_contacts_get - $ref: >- - #/components/x-stackQL-resources/contacts/methods/projects_contacts_list + #/components/x-stackQL-resources/contacts/methods/organizations_contacts_get - $ref: >- #/components/x-stackQL-resources/contacts/methods/folders_contacts_list + - $ref: >- + #/components/x-stackQL-resources/contacts/methods/projects_contacts_list - $ref: >- #/components/x-stackQL-resources/contacts/methods/organizations_contacts_list insert: - - $ref: >- - #/components/x-stackQL-resources/contacts/methods/projects_contacts_create - $ref: >- #/components/x-stackQL-resources/contacts/methods/folders_contacts_create + - $ref: >- + #/components/x-stackQL-resources/contacts/methods/projects_contacts_create - $ref: >- #/components/x-stackQL-resources/contacts/methods/organizations_contacts_create update: - - $ref: >- - #/components/x-stackQL-resources/contacts/methods/projects_contacts_patch - $ref: >- #/components/x-stackQL-resources/contacts/methods/folders_contacts_patch + - $ref: >- + #/components/x-stackQL-resources/contacts/methods/projects_contacts_patch - $ref: >- #/components/x-stackQL-resources/contacts/methods/organizations_contacts_patch replace: [] delete: - - $ref: >- - #/components/x-stackQL-resources/contacts/methods/projects_contacts_delete - $ref: >- #/components/x-stackQL-resources/contacts/methods/folders_contacts_delete + - $ref: >- + #/components/x-stackQL-resources/contacts/methods/projects_contacts_delete - $ref: >- #/components/x-stackQL-resources/contacts/methods/organizations_contacts_delete paths: - /v1/projects/{projectsId}/contacts: + /v1/folders/{foldersId}/contacts: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/alt' + get: + description: Lists the contacts that have been set on a resource. + operationId: essentialcontacts.folders.contacts.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudEssentialcontactsV1ListContactsResponse + parameters: + - in: path + name: foldersId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 post: description: Adds a new contact for a resource. - operationId: essentialcontacts.projects.contacts.create + operationId: essentialcontacts.folders.contacts.create requestBody: content: application/json: @@ -520,13 +551,15 @@ paths: $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' parameters: - in: path - name: projectsId + name: foldersId required: true schema: type: string - get: - description: Lists the contacts that have been set on a resource. - operationId: essentialcontacts.projects.contacts.list + /v1/folders/{foldersId}/contacts/{contactsId}: + parameters: *ref_1 + delete: + description: Deletes a contact. + operationId: essentialcontacts.folders.contacts.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -538,28 +571,21 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudEssentialcontactsV1ListContactsResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path - name: projectsId + name: foldersId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: contactsId + required: true schema: type: string - /v1/projects/{projectsId}/contacts/{contactsId}: - parameters: *ref_1 patch: description: 'Updates a contact. Note: A contact''s email address cannot be changed.' - operationId: essentialcontacts.projects.contacts.patch + operationId: essentialcontacts.folders.contacts.patch requestBody: content: application/json: @@ -579,7 +605,7 @@ paths: $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' parameters: - in: path - name: projectsId + name: foldersId required: true schema: type: string @@ -595,7 +621,7 @@ paths: format: google-fieldmask get: description: Gets a single contact. - operationId: essentialcontacts.projects.contacts.get + operationId: essentialcontacts.folders.contacts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -610,33 +636,7 @@ paths: $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: contactsId - required: true - schema: - type: string - delete: - description: Deletes a contact. - operationId: essentialcontacts.projects.contacts.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' - parameters: - - in: path - name: projectsId + name: foldersId required: true schema: type: string @@ -645,14 +645,14 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/contacts:compute: + /v1/folders/{foldersId}/contacts:compute: parameters: *ref_1 get: description: >- Lists all contacts for the resource that are subscribed to the specified notification categories, including contacts inherited from any parent resources. - operationId: essentialcontacts.projects.contacts.compute + operationId: essentialcontacts.folders.contacts.compute security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -668,7 +668,7 @@ paths: #/components/schemas/GoogleCloudEssentialcontactsV1ComputeContactsResponse parameters: - in: path - name: projectsId + name: foldersId required: true schema: type: string @@ -685,13 +685,13 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/contacts:sendTestMessage: + /v1/folders/{foldersId}/contacts:sendTestMessage: parameters: *ref_1 post: description: >- Allows a contact admin to send a test message to contact to verify that it has been configured correctly. - operationId: essentialcontacts.projects.contacts.sendTestMessage + operationId: essentialcontacts.folders.contacts.sendTestMessage requestBody: content: application/json: @@ -712,20 +712,23 @@ paths: $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path - name: projectsId + name: foldersId required: true schema: type: string - /v1/folders/{foldersId}/contacts: + /v1/projects/{projectsId}/contacts:sendTestMessage: parameters: *ref_1 post: - description: Adds a new contact for a resource. - operationId: essentialcontacts.folders.contacts.create + description: >- + Allows a contact admin to send a test message to contact to verify that + it has been configured correctly. + operationId: essentialcontacts.projects.contacts.sendTestMessage requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' + $ref: >- + #/components/schemas/GoogleCloudEssentialcontactsV1SendTestMessageRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -737,16 +740,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string + /v1/projects/{projectsId}/contacts/{contactsId}: + parameters: *ref_1 get: - description: Lists the contacts that have been set on a resource. - operationId: essentialcontacts.folders.contacts.list + description: Gets a single contact. + operationId: essentialcontacts.projects.contacts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -758,28 +763,21 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudEssentialcontactsV1ListContactsResponse + $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: contactsId + required: true schema: type: string - /v1/folders/{foldersId}/contacts/{contactsId}: - parameters: *ref_1 patch: description: 'Updates a contact. Note: A contact''s email address cannot be changed.' - operationId: essentialcontacts.folders.contacts.patch + operationId: essentialcontacts.projects.contacts.patch requestBody: content: application/json: @@ -799,7 +797,7 @@ paths: $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -813,9 +811,9 @@ paths: schema: type: string format: google-fieldmask - get: - description: Gets a single contact. - operationId: essentialcontacts.folders.contacts.get + delete: + description: Deletes a contact. + operationId: essentialcontacts.projects.contacts.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -827,10 +825,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -839,9 +837,16 @@ paths: required: true schema: type: string - delete: - description: Deletes a contact. - operationId: essentialcontacts.folders.contacts.delete + /v1/projects/{projectsId}/contacts: + parameters: *ref_1 + post: + description: Adds a new contact for a resource. + operationId: essentialcontacts.projects.contacts.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -853,26 +858,16 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' parameters: - in: path - name: foldersId - required: true - schema: - type: string - - in: path - name: contactsId + name: projectsId required: true schema: type: string - /v1/folders/{foldersId}/contacts:compute: - parameters: *ref_1 get: - description: >- - Lists all contacts for the resource that are subscribed to the specified - notification categories, including contacts inherited from any parent - resources. - operationId: essentialcontacts.folders.contacts.compute + description: Lists the contacts that have been set on a resource. + operationId: essentialcontacts.projects.contacts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -885,17 +880,13 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudEssentialcontactsV1ComputeContactsResponse + #/components/schemas/GoogleCloudEssentialcontactsV1ListContactsResponse parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string - - in: query - name: notificationCategories - schema: - type: string - in: query name: pageSize schema: @@ -905,19 +896,14 @@ paths: name: pageToken schema: type: string - /v1/folders/{foldersId}/contacts:sendTestMessage: + /v1/projects/{projectsId}/contacts:compute: parameters: *ref_1 - post: + get: description: >- - Allows a contact admin to send a test message to contact to verify that - it has been configured correctly. - operationId: essentialcontacts.folders.contacts.sendTestMessage - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudEssentialcontactsV1SendTestMessageRequest + Lists all contacts for the resource that are subscribed to the specified + notification categories, including contacts inherited from any parent + resources. + operationId: essentialcontacts.projects.contacts.compute security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -929,13 +915,27 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudEssentialcontactsV1ComputeContactsResponse parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: notificationCategories + schema: + type: string /v1/organizations/{organizationsId}/contacts: parameters: *ref_1 post: @@ -997,14 +997,9 @@ paths: type: string /v1/organizations/{organizationsId}/contacts/{contactsId}: parameters: *ref_1 - patch: - description: 'Updates a contact. Note: A contact''s email address cannot be changed.' - operationId: essentialcontacts.organizations.contacts.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' + get: + description: Gets a single contact. + operationId: essentialcontacts.organizations.contacts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1028,14 +1023,9 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - get: - description: Gets a single contact. - operationId: essentialcontacts.organizations.contacts.get + delete: + description: Deletes a contact. + operationId: essentialcontacts.organizations.contacts.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1047,7 +1037,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: organizationsId @@ -1059,9 +1049,14 @@ paths: required: true schema: type: string - delete: - description: Deletes a contact. - operationId: essentialcontacts.organizations.contacts.delete + patch: + description: 'Updates a contact. Note: A contact''s email address cannot be changed.' + operationId: essentialcontacts.organizations.contacts.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1073,7 +1068,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudEssentialcontactsV1Contact' parameters: - in: path name: organizationsId @@ -1085,6 +1080,11 @@ paths: required: true schema: type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask /v1/organizations/{organizationsId}/contacts:compute: parameters: *ref_1 get: @@ -1112,10 +1112,6 @@ paths: required: true schema: type: string - - in: query - name: notificationCategories - schema: - type: string - in: query name: pageSize schema: @@ -1125,6 +1121,10 @@ paths: name: pageToken schema: type: string + - in: query + name: notificationCategories + schema: + type: string /v1/organizations/{organizationsId}/contacts:sendTestMessage: parameters: *ref_1 post: diff --git a/providers/src/googleapis.com/v00.00.00000/services/eventarc.yaml b/providers/src/googleapis.com/v00.00.00000/services/eventarc.yaml index 197c31ee..12023562 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/eventarc.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/eventarc.yaml @@ -7,8 +7,8 @@ info: title: Eventarc API description: Build event-driven applications on Google Cloud Platform. version: v1 - x-discovery-doc-revision: '20250815' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251202' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/eventarc servers: @@ -49,6 +49,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + items: + type: string GoogleLongrunningOperation: id: GoogleLongrunningOperation description: >- @@ -233,6 +242,12 @@ components: of physical zone separation readOnly: true type: boolean + retryPolicy: + description: >- + Optional. The retry policy to use in the Trigger. If unset, event + delivery will be retried for up to 24 hours by default: + https://cloud.google.com/eventarc/docs/retry-events + $ref: '#/components/schemas/RetryPolicy' etag: description: >- Output only. This checksum is computed by the server based on the @@ -545,6 +560,19 @@ components: message: description: Human-readable message. type: string + RetryPolicy: + id: RetryPolicy + description: >- + The retry policy configuration for the Trigger. Can only be set with + Cloud Run destinations. + type: object + properties: + maxAttempts: + description: >- + Optional. The maximum number of delivery attempts for any message. + The only valid value is 1. + type: integer + format: int32 ListTriggersResponse: id: ListTriggersResponse description: The response message for the `ListTriggers` method. @@ -1285,9 +1313,10 @@ components: description: >- Optional. An authentication config used to authenticate message requests, such that destinations can verify the source. For example, - this can be used with private GCP destinations that require GCP - credentials to access like Cloud Run. This field is optional and - should be set only by users interested in authenticated push + this can be used with private Google Cloud destinations that require + Google Cloud credentials for access like Cloud Run. This field is + optional and should be set only by users interested in authenticated + push. $ref: >- #/components/schemas/GoogleCloudEventarcV1PipelineDestinationAuthenticationConfig outputPayloadFormat: @@ -1447,7 +1476,7 @@ components: googleOidc: description: >- Optional. This authenticate method will apply Google OIDC tokens - signed by a GCP service account to the requests. + signed by a Google Cloud service account to the requests. $ref: >- #/components/schemas/GoogleCloudEventarcV1PipelineDestinationAuthenticationConfigOidcToken oauthToken: @@ -1463,8 +1492,8 @@ components: id: GoogleCloudEventarcV1PipelineDestinationAuthenticationConfigOidcToken description: >- Represents a config used to authenticate with a Google OIDC token using - a GCP service account. Use this authentication method to invoke your - Cloud Run and Cloud Functions destinations or HTTP endpoints that + a Google Cloud service account. Use this authentication method to invoke + your Cloud Run and Cloud Functions destinations or HTTP endpoints that support Google OIDC. type: object properties: @@ -1730,6 +1759,40 @@ components: Optional. Config to control Platform logging for the GoogleApiSource. $ref: '#/components/schemas/LoggingConfig' + organizationSubscription: + description: >- + Optional. Config to enable subscribing to events from all projects + in the GoogleApiSource's org. + $ref: '#/components/schemas/OrganizationSubscription' + projectSubscriptions: + description: >- + Optional. Config to enable subscribing to all events from a list of + projects. All the projects must be in the same org as the + GoogleApiSource. + $ref: '#/components/schemas/ProjectSubscriptions' + OrganizationSubscription: + id: OrganizationSubscription + description: Config to enabled subscribing to events from other projects in the org. + type: object + properties: + enabled: + description: Required. Enable org level subscription. + type: boolean + ProjectSubscriptions: + id: ProjectSubscriptions + description: Config to enable subscribing to all events from a list of projects. + type: object + properties: + list: + description: >- + Required. A list of projects to receive events from. All the + projects must be in the same org. The listed projects should have + the format project/{identifier} where identifier can be either the + project id for project number. A single list may contain both + formats. At most 100 projects can be listed. + type: array + items: + type: string ListGoogleApiSourcesResponse: id: ListGoogleApiSourcesResponse description: The response message for the `ListGoogleApiSources` method. @@ -3246,6 +3309,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/file.yaml b/providers/src/googleapis.com/v00.00.00000/services/file.yaml index d2631328..09ca9125 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/file.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/file.yaml @@ -9,8 +9,8 @@ info: The Cloud Filestore API is used for creating and managing cloud file servers. version: v1 - x-discovery-doc-revision: '20250810' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251015' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/filestore/ servers: @@ -51,6 +51,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -357,6 +366,11 @@ components: - FILE_PROTOCOL_UNSPECIFIED - NFS_V3 - NFS_V4_1 + directoryServices: + description: >- + Optional. Directory Services configuration for Kerberos-based + authentication. Should only be set if protocol is "NFS_V4_1". + $ref: '#/components/schemas/DirectoryServicesConfig' customPerformanceSupported: description: >- Output only. Indicates whether this instance supports configuring @@ -418,6 +432,13 @@ components: `projects/{project_number}/locations/{location_id}/backups/{backup_id}`, that this file share has been restored from. type: string + sourceBackupdrBackup: + description: >- + The resource name of the BackupDR backup, in the format + `projects/{project_id}/locations/{location_id}/backupVaults/{backupvault_id}/dataSources/{datasource_id}/backups/{backup_id}`, + TODO (b/443690479) - Remove visibility restrictions once the feature + is ready + type: string nfsExportOptions: description: >- Nfs Export Options. There is a limit of 10 export options per file @@ -442,6 +463,13 @@ components: type: array items: type: string + network: + description: >- + Optional. The source VPC network for ip_ranges. Required for + instances using Private Service Connect, optional otherwise. If + provided, must be the same network specified in the + `NetworkConfig.network` field. + type: string accessMode: description: >- Either READ_ONLY, for allowing only read requests on the exported @@ -551,10 +579,32 @@ components: Connect to your Filestore instance using Private Service Access. Private services access provides an IP address range for multiple Google Cloud services, including Filestore. + - >- + Connect to your Filestore instance using Private Service Connect. + A connection policy must exist in the region for the VPC network + and the google-cloud-filestore service class. enum: - CONNECT_MODE_UNSPECIFIED - DIRECT_PEERING - PRIVATE_SERVICE_ACCESS + - PRIVATE_SERVICE_CONNECT + pscConfig: + description: >- + Optional. Private Service Connect configuration. Should only be set + when connect_mode is PRIVATE_SERVICE_CONNECT. + $ref: '#/components/schemas/PscConfig' + PscConfig: + id: PscConfig + description: Private Service Connect configuration. + type: object + properties: + endpointProject: + description: >- + Optional. Consumer service project in which the Private Service + Connect endpoint would be set up. This is optional, and only + relevant in case the network is a shared VPC. If this is not + specified, the endpoint would be setup in the VPC host project. + type: string Replication: id: Replication description: Replication specifications. @@ -649,6 +699,47 @@ components: readOnly: true type: string format: google-datetime + DirectoryServicesConfig: + id: DirectoryServicesConfig + description: Directory Services configuration for Kerberos-based authentication. + type: object + properties: + ldap: + description: Configuration for LDAP servers. + $ref: '#/components/schemas/LdapConfig' + LdapConfig: + id: LdapConfig + description: LdapConfig contains all the parameters for connecting to LDAP servers. + type: object + properties: + domain: + description: Required. The LDAP domain name in the format of `my-domain.com`. + type: string + servers: + description: >- + Required. The servers names are used for specifying the LDAP servers + names. The LDAP servers names can come with two formats: 1. DNS + name, for example: `ldap.example1.com`, `ldap.example2.com`. 2. IP + address, for example: `10.0.0.1`, `10.0.0.2`, `10.0.0.3`. All + servers names must be in the same format: either all DNS names or + all IP addresses. + type: array + items: + type: string + usersOu: + description: >- + Optional. The users Organizational Unit (OU) is optional. This + parameter is a hint to allow faster lookup in the LDAP namespace. In + case that this parameter is not provided, Filestore instance will + query the whole LDAP namespace. + type: string + groupsOu: + description: >- + Optional. The groups Organizational Unit (OU) is optional. This + parameter is a hint to allow faster lookup in the LDAP namespace. In + case that this parameter is not provided, Filestore instance will + query the whole LDAP namespace. + type: string PerformanceConfig: id: PerformanceConfig description: >- @@ -2226,6 +2317,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/firestore.yaml b/providers/src/googleapis.com/v00.00.00000/services/firestore.yaml index e1a4101b..ef7ca454 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/firestore.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/firestore.yaml @@ -9,8 +9,8 @@ info: Accesses the NoSQL document database built for automatic scaling, high performance, and ease of application development. version: v1 - x-discovery-doc-revision: '20250824' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251203' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/firestore servers: @@ -37,85 +37,57 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object + PlanSummary: properties: - locations: + indexesUsed: description: >- - A list of locations that matches the specified filter in the - request. + The indexes selected for the query. For example: [ {"query_scope": + "Collection", "properties": "(foo ASC, __name__ ASC)"}, + {"query_scope": "Collection", "properties": "(bar ASC, __name__ + ASC)"} ] type: array items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + additionalProperties: + description: Properties of the object. + type: any + type: object type: object + id: PlanSummary + description: Planning phase information for the query. + GoogleFirestoreAdminV1ListDatabasesResponse: + id: GoogleFirestoreAdminV1ListDatabasesResponse properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: + databases: + items: + $ref: '#/components/schemas/GoogleFirestoreAdminV1Database' + description: The databases in the project. + type: array + unreachable: + items: type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleLongrunningListOperationsResponse: - id: GoogleLongrunningListOperationsResponse - description: The response message for Operations.ListOperations. - type: object - properties: - operations: description: >- - A list of operations that matches the specified filter in the - request. + In the event that data about individual databases cannot be listed + they will be recorded here. An example entry might be: + projects/some_project/locations/some_location This can happen if the + Cloud Region that the Database resides in is currently unavailable. + In this case we can't fetch all the details about the database. You + may be able to get a more detailed error message (or possibly fetch + the resource) by sending a 'Get' request for the resource or a + 'List' request for the specific location. type: array - items: - $ref: '#/components/schemas/GoogleLongrunningOperation' - nextPageToken: - description: The standard List next-page token. - type: string + description: The list of databases for a project. + type: object GoogleLongrunningOperation: - id: GoogleLongrunningOperation + type: object description: >- This resource represents a long-running operation that is the result of a network API call. - type: object + id: GoogleLongrunningOperation properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as @@ -123,21 +95,23 @@ components: method that returns a long-running operation should document the metadata type, if any. type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. done: + type: boolean description: >- If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available. - type: boolean - error: + name: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string response: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any description: >- The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is @@ -148,2055 +122,2072 @@ components: original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + DocumentTransform: type: object + description: A transformation of a document. + id: DocumentTransform properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + document: + description: The name of the document to transform. type: string - details: + fieldTransforms: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array + The list of transformations to apply to the fields of the document, + in order. This must not be empty. items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - GoogleLongrunningCancelOperationRequest: - id: GoogleLongrunningCancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - GoogleFirestoreAdminV1Index: - id: GoogleFirestoreAdminV1Index - description: >- - Cloud Firestore indexes enable simple and complex queries against - documents in a database. - type: object + $ref: '#/components/schemas/FieldTransform' + type: array + GoogleFirestoreAdminV1RestoreDatabaseMetadata: properties: - name: - description: >- - Output only. A server defined name for this index. The form of this - name for composite indexes will be: - `projects/{project_id}/databases/{database_id}/collectionGroups/{collection_id}/indexes/{composite_index_id}` - For single field indexes, this field will be empty. - type: string - queryScope: - description: >- - Indexes with a collection query scope specified allow queries - against a collection that is the child of a specific document, - specified at query time, and that has the same collection ID. - Indexes with a collection group query scope specified allow queries - against all collections descended from a specific document, - specified at query time, and that have the same collection ID as - this index. - type: string + operationState: enumDescriptions: - - The query scope is unspecified. Not a valid option. - - >- - Indexes with a collection query scope specified allow queries - against a collection that is the child of a specific document, - specified at query time, and that has the collection ID specified - by the index. + - Unspecified. + - Request is being prepared for processing. + - Request is actively being processed. - >- - Indexes with a collection group query scope specified allow - queries against all collections that has the collection ID - specified by the index. + Request is in the process of being cancelled after user called + google.longrunning.Operations.CancelOperation on the operation. + - Request has been processed and is in its finalization stage. + - Request has completed successfully. + - Request has finished being processed, but encountered an error. - >- - Include all the collections's ancestor in the index. Only - available for Datastore Mode databases. - enum: - - QUERY_SCOPE_UNSPECIFIED - - COLLECTION - - COLLECTION_GROUP - - COLLECTION_RECURSIVE - apiScope: - description: The API scope supported by this index. + Request has finished being cancelled after user called + google.longrunning.Operations.CancelOperation. + description: The operation state of the restore. type: string - enumDescriptions: - - >- - The index can only be used by the Firestore Native query API. This - is the default. - - >- - The index can only be used by the Firestore in Datastore Mode - query API. - - The index can only be used by the MONGODB_COMPATIBLE_API. enum: - - ANY_API - - DATASTORE_MODE_API - - MONGODB_COMPATIBLE_API - fields: - description: >- - The fields supported by this index. For composite indexes, this - requires a minimum of 2 and a maximum of 100 fields. The last field - entry is always for the field path `__name__`. If, on creation, - `__name__` was not specified as the last field, it will be added - automatically with the same direction as that of the last field - defined. If the final field in a composite index is not directional, - the `__name__` will be ordered ASCENDING (unless explicitly - specified). For single field indexes, this will always be exactly - one entry with a field path equal to the field path of the - associated field. - type: array - items: - $ref: '#/components/schemas/GoogleFirestoreAdminV1IndexField' - state: - description: Output only. The serving state of the index. + - OPERATION_STATE_UNSPECIFIED + - INITIALIZING + - PROCESSING + - CANCELLING + - FINALIZING + - SUCCESSFUL + - FAILED + - CANCELLED + startTime: type: string - enumDescriptions: - - The state is unspecified. - - >- - The index is being created. There is an active long-running - operation for the index. The index is updated when writing a - document. Some index data may exist. - - >- - The index is ready to be used. The index is updated when writing a - document. The index is fully populated from all stored documents - it applies to. - - >- - The index was being created, but something went wrong. There is no - active long-running operation for the index, and the most recently - finished long-running operation failed. The index is not updated - when writing a document. Some index data may exist. Use the - google.longrunning.Operations API to determine why the operation - that last attempted to create this index failed, then re-create - the index. - enum: - - STATE_UNSPECIFIED - - CREATING - - READY - - NEEDS_REPAIR - density: - description: Immutable. The density configuration of the index. + format: google-datetime + description: The time the restore was started. + backup: + description: The name of the backup restoring from. type: string - enumDescriptions: - - >- - Unspecified. It will use database default setting. This value is - input only. - - >- - In order for an index entry to be added, the document must contain - all fields specified in the index. This is the only allowed value - for indexes having ApiScope `ANY_API` and `DATASTORE_MODE_API`. - - >- - In order for an index entry to be added, the document must contain - at least one of the fields specified in the index. Non-existent - fields are treated as having a NULL value when generating index - entries. - - >- - An index entry will be added regardless of whether the document - contains any of the fields specified in the index. Non-existent - fields are treated as having a NULL value when generating index - entries. - enum: - - DENSITY_UNSPECIFIED - - SPARSE_ALL - - SPARSE_ANY - - DENSE - multikey: - description: >- - Optional. Whether the index is multikey. By default, the index is - not multikey. For non-multikey indexes, none of the paths in the - index definition reach or traverse an array, except via an explicit - array index. For multikey indexes, at most one of the paths in the - index definition reach or traverse an array, except via an explicit - array index. Violations will result in errors. Note this field only - applies to index with MONGODB_COMPATIBLE_API ApiScope. - type: boolean - shardCount: - description: Optional. The number of shards for the index. - type: integer - format: int32 - unique: + endTime: + description: The time the restore finished, unset for ongoing restores. + type: string + format: google-datetime + progressPercentage: + $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' description: >- - Optional. Whether it is an unique index. Unique index ensures all - values for the indexed field(s) are unique across documents. - type: boolean - GoogleFirestoreAdminV1IndexField: - id: GoogleFirestoreAdminV1IndexField + How far along the restore is as an estimated percentage of remaining + time. + database: + description: The name of the database being restored to. + type: string description: >- - A field in an index. The field_path describes which field is indexed, - the value_mode describes how the field value is indexed. + Metadata for the long-running operation from the RestoreDatabase + request. type: object + id: GoogleFirestoreAdminV1RestoreDatabaseMetadata + CommitResponse: + id: CommitResponse + description: The response for Firestore.Commit. properties: - fieldPath: + writeResults: description: >- - Can be __name__. For single field indexes, this must match the name - of the field or may be omitted. - type: string - order: + The result of applying the writes. This i-th write result + corresponds to the i-th write in the request. + items: + $ref: '#/components/schemas/WriteResult' + type: array + commitTime: description: >- - Indicates that this field supports ordering by the specified order - or comparing using =, !=, <, <=, >, >=. - type: string - enumDescriptions: - - The ordering is unspecified. Not a valid option. - - The field is ordered by ascending field value. - - The field is ordered by descending field value. - enum: - - ORDER_UNSPECIFIED - - ASCENDING - - DESCENDING - arrayConfig: - description: Indicates that this field supports operations on `array_value`s. + The time at which the commit occurred. Any read with an equal or + greater `read_time` is guaranteed to see the effects of the commit. + format: google-datetime type: string - enumDescriptions: - - The index does not support additional array queries. - - The index supports array containment queries. - enum: - - ARRAY_CONFIG_UNSPECIFIED - - CONTAINS - vectorConfig: - description: >- - Indicates that this field supports nearest neighbor and distance - operations on vector. - $ref: '#/components/schemas/GoogleFirestoreAdminV1VectorConfig' - GoogleFirestoreAdminV1VectorConfig: - id: GoogleFirestoreAdminV1VectorConfig - description: The index configuration to support vector search operations - type: object - properties: - dimension: - description: >- - Required. The vector dimension this configuration applies to. The - resulting index will only include vectors of this dimension, and can - be used for vector search with the same dimension. - type: integer - format: int32 - flat: - description: Indicates the vector index is a flat index. - $ref: '#/components/schemas/GoogleFirestoreAdminV1FlatIndex' - GoogleFirestoreAdminV1FlatIndex: - id: GoogleFirestoreAdminV1FlatIndex - description: >- - An index that stores vectors in a flat data structure, and supports - exhaustive search. type: object - properties: {} - GoogleFirestoreAdminV1ListIndexesResponse: - id: GoogleFirestoreAdminV1ListIndexesResponse - description: The response for FirestoreAdmin.ListIndexes. + WriteResult: + description: The result of applying a write. type: object + id: WriteResult properties: - indexes: - description: The requested indexes. + updateTime: + format: google-datetime + description: >- + The last update time of the document after applying the write. Not + set after a `delete`. If the write did not actually change the + document, this will be the previous update_time. + type: string + transformResults: type: array + description: >- + The results of applying each DocumentTransform.FieldTransform, in + the same order. items: - $ref: '#/components/schemas/GoogleFirestoreAdminV1Index' - nextPageToken: + $ref: '#/components/schemas/Value' + GoogleFirestoreAdminV1ExportDocumentsResponse: + description: Returned in the google.longrunning.Operation response field. + properties: + outputUriPrefix: description: >- - A page token that may be used to request another page of results. If - blank, this is the last page. + Location of the output files. This can be used to begin an import + into Cloud Firestore (this project or another project) after the + operation completes successfully. type: string - GoogleFirestoreAdminV1Field: - id: GoogleFirestoreAdminV1Field - description: >- - Represents a single field in the database. Fields are grouped by their - "Collection Group", which represent all collections in the database with - the same ID. + id: GoogleFirestoreAdminV1ExportDocumentsResponse + type: object + FieldTransform: type: object properties: - name: + removeAllFromArray: description: >- - Required. A field name of the form: - `projects/{project_id}/databases/{database_id}/collectionGroups/{collection_id}/fields/{field_path}` - A field path can be a simple field name, e.g. `address` or a path to - fields within `map_value` , e.g. `address.city`, or a special field - path. The only valid special field is `*`, which represents any - field. Field paths can be quoted using `` ` `` (backtick). The only - character that must be escaped within a quoted field path is the - backtick character itself, escaped using a backslash. Special - characters in field paths that must be quoted include: `*`, `.`, `` - ` `` (backtick), `[`, `]`, as well as any ascii symbolic characters. - Examples: `` `address.city` `` represents a field named - `address.city`, not the map key `city` in the field `address`. `` - `*` `` represents a field named `*`, not any field. A special - `Field` contains the default indexing settings for all fields. This - field's resource name is: - `projects/{project_id}/databases/{database_id}/collectionGroups/__default__/fields/*` - Indexes defined on this `Field` will be applied to all fields which - do not have their own `Field` index configuration. + Remove all of the given elements from the array in the field. If the + field is not an array, or if the field does not yet exist, it is set + to the empty array. Equivalent numbers of the different types (e.g. + 3L and 3.0) are considered equal when deciding whether an element + should be removed. NaN is equal to NaN, and Null is equal to Null. + This will remove all equivalent values if there are duplicates. The + corresponding transform_result will be the null value. + $ref: '#/components/schemas/ArrayValue' + setToServerValue: + description: Sets the field to the given server value. + enumDescriptions: + - Unspecified. This value must not be used. + - >- + The time at which the server processed the request, with + millisecond precision. If used on multiple fields (same or + different documents) in a transaction, all the fields will get the + same server timestamp. + enum: + - SERVER_VALUE_UNSPECIFIED + - REQUEST_TIME type: string - indexConfig: + appendMissingElements: description: >- - The index configuration for this field. If unset, field indexing - will revert to the configuration defined by the `ancestor_field`. To - explicitly remove all indexes for this field, specify an index - config with an empty list of indexes. - $ref: '#/components/schemas/GoogleFirestoreAdminV1IndexConfig' - ttlConfig: + Append the given elements in order if they are not already present + in the current field value. If the field is not an array, or if the + field does not yet exist, it is first set to the empty array. + Equivalent numbers of different types (e.g. 3L and 3.0) are + considered equal when checking if a value is missing. NaN is equal + to NaN, and Null is equal to Null. If the input contains multiple + equivalent values, only the first will be considered. The + corresponding transform_result will be the null value. + $ref: '#/components/schemas/ArrayValue' + minimum: + $ref: '#/components/schemas/Value' description: >- - The TTL configuration for this `Field`. Setting or unsetting this - will enable or disable the TTL for documents that have this `Field`. - $ref: '#/components/schemas/GoogleFirestoreAdminV1TtlConfig' - GoogleFirestoreAdminV1IndexConfig: - id: GoogleFirestoreAdminV1IndexConfig - description: The index configuration for this field. - type: object - properties: - indexes: - description: The indexes supported for this field. - type: array - items: - $ref: '#/components/schemas/GoogleFirestoreAdminV1Index' - usesAncestorConfig: + Sets the field to the minimum of its current value and the given + value. This must be an integer or a double value. If the field is + not an integer or double, or if the field does not yet exist, the + transformation will set the field to the input value. If a minimum + operation is applied where the field and the input value are of + mixed types (that is - one is an integer and one is a double) the + field takes on the type of the smaller operand. If the operands are + equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and + -0.0 are all zero. The minimum of a zero stored value and zero input + value is always the stored value. The minimum of any numeric value x + and NaN is NaN. + maximum: description: >- - Output only. When true, the `Field`'s index configuration is set - from the configuration specified by the `ancestor_field`. When - false, the `Field`'s index configuration is defined explicitly. - type: boolean - ancestorField: + Sets the field to the maximum of its current value and the given + value. This must be an integer or a double value. If the field is + not an integer or double, or if the field does not yet exist, the + transformation will set the field to the given value. If a maximum + operation is applied where the field and the input value are of + mixed types (that is - one is an integer and one is a double) the + field takes on the type of the larger operand. If the operands are + equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and + -0.0 are all zero. The maximum of a zero stored value and zero input + value is always the stored value. The maximum of any numeric value x + and NaN is NaN. + $ref: '#/components/schemas/Value' + fieldPath: description: >- - Output only. Specifies the resource name of the `Field` from which - this field's index configuration is set (when `uses_ancestor_config` - is true), or from which it *would* be set if this field had no index - configuration (when `uses_ancestor_config` is false). + The path of the field. See Document.fields for the field path syntax + reference. type: string - reverting: + increment: + $ref: '#/components/schemas/Value' description: >- - Output only When true, the `Field`'s index configuration is in the - process of being reverted. Once complete, the index config will - transition to the same state as the field specified by - `ancestor_field`, at which point `uses_ancestor_config` will be - `true` and `reverting` will be `false`. - type: boolean - GoogleFirestoreAdminV1TtlConfig: - id: GoogleFirestoreAdminV1TtlConfig - description: >- - The TTL (time-to-live) configuration for documents that have this - `Field` set. Storing a timestamp value into a TTL-enabled field will be - treated as the document's absolute expiration time. Timestamp values in - the past indicate that the document is eligible for immediate - expiration. Using any other data type or leaving the field absent will - disable expiration for the individual document. - type: object - properties: - state: - description: Output only. The state of the TTL configuration. - readOnly: true - type: string - enumDescriptions: - - The state is unspecified or unknown. - - >- - The TTL is being applied. There is an active long-running - operation to track the change. Newly written documents will have - TTLs applied as requested. Requested TTLs on existing documents - are still being processed. When TTLs on all existing documents - have been processed, the state will move to 'ACTIVE'. - - The TTL is active for all documents. - - >- - The TTL configuration could not be enabled for all existing - documents. Newly written documents will continue to have their TTL - applied. The LRO returned when last attempting to enable TTL for - this `Field` has failed, and may have more details. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - NEEDS_REPAIR - GoogleFirestoreAdminV1ListFieldsResponse: - id: GoogleFirestoreAdminV1ListFieldsResponse - description: The response for FirestoreAdmin.ListFields. + Adds the given value to the field's current value. This must be an + integer or a double value. If the field is not an integer or double, + or if the field does not yet exist, the transformation will set the + field to the given value. If either of the given value or the + current field value are doubles, both values will be interpreted as + doubles. Double arithmetic and representation of double values + follow IEEE 754 semantics. If there is positive/negative integer + overflow, the field is resolved to the largest magnitude + positive/negative integer. + description: A transformation of a field of the document. + id: FieldTransform + BatchWriteRequest: type: object properties: - fields: - description: The requested fields. + labels: + additionalProperties: + type: string + description: Labels associated with this batch write. + type: object + writes: type: array items: - $ref: '#/components/schemas/GoogleFirestoreAdminV1Field' - nextPageToken: + $ref: '#/components/schemas/Write' description: >- - A page token that may be used to request another page of results. If - blank, this is the last page. - type: string - GoogleFirestoreAdminV1ExportDocumentsRequest: - id: GoogleFirestoreAdminV1ExportDocumentsRequest - description: The request for FirestoreAdmin.ExportDocuments. + The writes to apply. Method does not apply writes atomically and + does not guarantee ordering. Each write succeeds or fails + independently. You cannot write to the same document more than once + per request. + description: The request for Firestore.BatchWrite. + id: BatchWriteRequest + GoogleFirestoreAdminV1CreateDatabaseMetadata: + properties: {} + id: GoogleFirestoreAdminV1CreateDatabaseMetadata type: object + description: Metadata related to the create database operation. + GoogleFirestoreAdminV1BulkDeleteDocumentsMetadata: properties: collectionIds: - description: >- - Which collection IDs to export. Unspecified means all collections. - Each collection ID in this list must be unique. - type: array items: type: string - outputUriPrefix: - description: >- - The output URI. Currently only supports Google Cloud Storage URIs of - the form: `gs://BUCKET_NAME[/NAMESPACE_PATH]`, where `BUCKET_NAME` - is the name of the Google Cloud Storage bucket and `NAMESPACE_PATH` - is an optional Google Cloud Storage namespace path. When choosing a - name, be sure to consider Google Cloud Storage naming guidelines: - https://cloud.google.com/storage/docs/naming. If the URI is a bucket - (without a namespace path), a prefix will be generated based on the - start time. - type: string - namespaceIds: - description: >- - An empty list represents all namespaces. This is the preferred usage - for databases that don't use namespaces. An empty string element - represents the default namespace. This should be used if the - database has data in non-default namespaces, but doesn't want to - include them. Each namespace in this list must be unique. + description: The IDs of the collection groups that are being deleted. type: array - items: - type: string + progressDocuments: + description: The progress, in documents, of this operation. + $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' + progressBytes: + description: The progress, in bytes, of this operation. + $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' snapshotTime: - description: >- - The timestamp that corresponds to the version of the database to be - exported. The timestamp must be in the past, rounded to the minute - and not older than earliestVersionTime. If specified, then the - exported documents will represent a consistent view of the database - at the provided time. Otherwise, there are no guarantees about the - consistency of the exported documents. type: string format: google-datetime - GoogleFirestoreAdminV1ImportDocumentsRequest: - id: GoogleFirestoreAdminV1ImportDocumentsRequest - description: The request for FirestoreAdmin.ImportDocuments. - type: object - properties: - collectionIds: - description: >- - Which collection IDs to import. Unspecified means all collections - included in the import. Each collection ID in this list must be - unique. - type: array - items: - type: string - inputUriPrefix: description: >- - Location of the exported files. This must match the - output_uri_prefix of an ExportDocumentsResponse from an export that - has completed successfully. See: - google.firestore.admin.v1.ExportDocumentsResponse.output_uri_prefix. + The timestamp that corresponds to the version of the database that + is being read to get the list of documents to delete. This time can + also be used as the timestamp of PITR in case of disaster recovery + (subject to PITR window limit). + startTime: + description: The time this operation started. + type: string + format: google-datetime + operationState: type: string + enumDescriptions: + - Unspecified. + - Request is being prepared for processing. + - Request is actively being processed. + - >- + Request is in the process of being cancelled after user called + google.longrunning.Operations.CancelOperation on the operation. + - Request has been processed and is in its finalization stage. + - Request has completed successfully. + - Request has finished being processed, but encountered an error. + - >- + Request has finished being cancelled after user called + google.longrunning.Operations.CancelOperation. + description: The state of the operation. + enum: + - OPERATION_STATE_UNSPECIFIED + - INITIALIZING + - PROCESSING + - CANCELLING + - FINALIZING + - SUCCESSFUL + - FAILED + - CANCELLED namespaceIds: - description: >- - An empty list represents all namespaces. This is the preferred usage - for databases that don't use namespaces. An empty string element - represents the default namespace. This should be used if the - database has data in non-default namespaces, but doesn't want to - include them. Each namespace in this list must be unique. + description: Which namespace IDs are being deleted. type: array items: type: string - GoogleFirestoreAdminV1BulkDeleteDocumentsRequest: - id: GoogleFirestoreAdminV1BulkDeleteDocumentsRequest + endTime: + type: string + format: google-datetime + description: >- + The time this operation completed. Will be unset if operation still + in progress. + type: object + id: GoogleFirestoreAdminV1BulkDeleteDocumentsMetadata description: >- - The request for FirestoreAdmin.BulkDeleteDocuments. When both - collection_ids and namespace_ids are set, only documents satisfying both - conditions will be deleted. Requests with namespace_ids and - collection_ids both empty will be rejected. Please use - FirestoreAdmin.DeleteDatabase instead. + Metadata for google.longrunning.Operation results from + FirestoreAdmin.BulkDeleteDocuments. + GoogleFirestoreAdminV1IndexOperationMetadata: type: object + description: >- + Metadata for google.longrunning.Operation results from + FirestoreAdmin.CreateIndex. + id: GoogleFirestoreAdminV1IndexOperationMetadata properties: - collectionIds: - description: >- - Optional. IDs of the collection groups to delete. Unspecified means - all collection groups. Each collection group in this list must be - unique. - type: array - items: - type: string - namespaceIds: + index: description: >- - Optional. Namespaces to delete. An empty list means all namespaces. - This is the recommended usage for databases that don't use - namespaces. An empty string element represents the default - namespace. This should be used if the database has data in - non-default namespaces, but doesn't want to delete from them. Each - namespace in this list must be unique. - type: array - items: - type: string - GoogleFirestoreAdminV1Database: - id: GoogleFirestoreAdminV1Database - description: A Cloud Firestore Database. - type: object - properties: - name: + The index resource that this operation is acting on. For example: + `projects/{project_id}/databases/{database_id}/collectionGroups/{collection_id}/indexes/{index_id}` + type: string + endTime: description: >- - The resource name of the Database. Format: - `projects/{project}/databases/{database}` + The time this operation completed. Will be unset if operation still + in progress. + format: google-datetime type: string - uid: - description: Output only. The system-generated UUID4 for this Database. - readOnly: true + state: type: string - createTime: - description: >- - Output only. The timestamp at which this database was created. - Databases created before 2016 do not populate create_time. - readOnly: true + enum: + - OPERATION_STATE_UNSPECIFIED + - INITIALIZING + - PROCESSING + - CANCELLING + - FINALIZING + - SUCCESSFUL + - FAILED + - CANCELLED + enumDescriptions: + - Unspecified. + - Request is being prepared for processing. + - Request is actively being processed. + - >- + Request is in the process of being cancelled after user called + google.longrunning.Operations.CancelOperation on the operation. + - Request has been processed and is in its finalization stage. + - Request has completed successfully. + - Request has finished being processed, but encountered an error. + - >- + Request has finished being cancelled after user called + google.longrunning.Operations.CancelOperation. + description: The state of the operation. + progressBytes: + description: The progress, in bytes, of this operation. + $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' + startTime: type: string + description: The time this operation started. format: google-datetime - updateTime: + progressDocuments: + description: The progress, in documents, of this operation. + $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' + BatchGetDocumentsResponse: + type: object + properties: + found: + description: A document that was requested. + $ref: '#/components/schemas/Document' + transaction: description: >- - Output only. The timestamp at which this database was most recently - updated. Note this only includes updates to the database resource - and not data contained by the database. - readOnly: true + The transaction that was started as part of this request. Will only + be set in the first response, and only if + BatchGetDocumentsRequest.new_transaction was set in the request. + format: byte type: string - format: google-datetime - deleteTime: + missing: description: >- - Output only. The timestamp at which this database was deleted. Only - set if the database has been deleted. - readOnly: true + A document name that was requested but does not exist. In the + format: + `projects/{project_id}/databases/{database_id}/documents/{document_path}`. + type: string + readTime: type: string + description: >- + The time at which the document was read. This may be monotically + increasing, in this case the previous documents in the result stream + are guaranteed not to have changed between their read_time and this + one. format: google-datetime - locationId: + description: The streamed response for Firestore.BatchGetDocuments. + id: BatchGetDocumentsResponse + GoogleFirestoreAdminV1VectorConfig: + properties: + dimension: + type: integer description: >- - The location of the database. Available locations are listed at - https://cloud.google.com/firestore/docs/locations. - type: string - type: + Required. The vector dimension this configuration applies to. The + resulting index will only include vectors of this dimension, and can + be used for vector search with the same dimension. + format: int32 + flat: + $ref: '#/components/schemas/GoogleFirestoreAdminV1FlatIndex' + description: Indicates the vector index is a flat index. + type: object + description: The index configuration to support vector search operations + id: GoogleFirestoreAdminV1VectorConfig + GoogleFirestoreAdminV1EncryptionConfig: + properties: + useSourceEncryption: description: >- - The type of the database. See - https://cloud.google.com/datastore/docs/firestore-or-datastore for - information about how to choose. - type: string - enumDescriptions: - - Not used. - - Firestore Native Mode - - Firestore in Datastore Mode. - enum: - - DATABASE_TYPE_UNSPECIFIED - - FIRESTORE_NATIVE - - DATASTORE_MODE - concurrencyMode: - description: The concurrency control mode to use for this database. - type: string + The database will use the same encryption configuration as the + source. + $ref: '#/components/schemas/GoogleFirestoreAdminV1SourceEncryptionOptions' + googleDefaultEncryption: + $ref: >- + #/components/schemas/GoogleFirestoreAdminV1GoogleDefaultEncryptionOptions + description: Use Google default encryption. + customerManagedEncryption: + description: Use Customer Managed Encryption Keys (CMEK) for encryption. + $ref: >- + #/components/schemas/GoogleFirestoreAdminV1CustomerManagedEncryptionOptions + id: GoogleFirestoreAdminV1EncryptionConfig + description: >- + Encryption configuration for a new database being created from another + source. The source could be a Backup or a PitrSnapshot. + type: object + TargetChange: + description: Targets being watched have changed. + properties: + targetIds: + type: array + description: >- + The target IDs of targets that have changed. If empty, the change + applies to all targets. The order of the target IDs is not defined. + items: + type: integer + format: int32 + targetChangeType: enumDescriptions: - - Not used. - >- - Use optimistic concurrency control by default. This mode is - available for Cloud Firestore databases. + No change has occurred. Used only to send an updated + `resume_token`. + - The targets have been added. + - The targets have been removed. - >- - Use pessimistic concurrency control by default. This mode is - available for Cloud Firestore databases. This is the default - setting for Cloud Firestore. + The targets reflect all changes committed before the targets were + added to the stream. This will be sent after or with a `read_time` + that is greater than or equal to the time at which the targets + were added. Listeners can wait for this change if read-after-write + semantics are desired. - >- - Use optimistic concurrency control with entity groups by default. - This is the only available mode for Cloud Datastore. This mode is - also available for Cloud Firestore with Datastore Mode but is not - recommended. + The targets have been reset, and a new initial state for the + targets will be returned in subsequent changes. After the initial + state is complete, `CURRENT` will be returned even if the target + was previously indicated to be `CURRENT`. enum: - - CONCURRENCY_MODE_UNSPECIFIED - - OPTIMISTIC - - PESSIMISTIC - - OPTIMISTIC_WITH_ENTITY_GROUPS - versionRetentionPeriod: + - NO_CHANGE + - ADD + - REMOVE + - CURRENT + - RESET + type: string + description: The type of change that occurred. + cause: + $ref: '#/components/schemas/Status' + description: The error that resulted in this change, if applicable. + readTime: + format: google-datetime description: >- - Output only. The period during which past versions of data are - retained in the database. Any read or query can specify a - `read_time` within this window, and will read the state of the - database at that time. If the PITR feature is enabled, the retention - period is 7 days. Otherwise, the retention period is 1 hour. - readOnly: true + The consistent `read_time` for the given `target_ids` (omitted when + the target_ids are not at a consistent snapshot). The stream is + guaranteed to send a `read_time` with `target_ids` empty whenever + the entire stream reaches a new consistent snapshot. ADD, CURRENT, + and RESET messages are guaranteed to (eventually) result in a new + consistent snapshot (while NO_CHANGE and REMOVE messages are not). + For a given stream, `read_time` is guaranteed to be monotonically + increasing. type: string - format: google-duration - earliestVersionTime: + resumeToken: description: >- - Output only. The earliest timestamp at which older versions of the - data can be read from the database. See [version_retention_period] - above; this field is populated with `now - - version_retention_period`. This value is continuously updated, and - becomes stale the moment it is queried. If you are using this value - to recover data, make sure to account for the time from the moment - when the value is queried to the moment when you initiate the - recovery. - readOnly: true + A token that can be used to resume the stream for the given + `target_ids`, or all targets if `target_ids` is empty. Not set on + every target change. type: string - format: google-datetime - pointInTimeRecoveryEnablement: - description: Whether to enable the PITR feature on this database. + format: byte + type: object + id: TargetChange + ExecutionStats: + description: Execution statistics for the query. + id: ExecutionStats + type: object + properties: + debugStats: + additionalProperties: + description: Properties of the object. + type: any + type: object + description: >- + Debugging statistics from the execution of the query. Note that the + debugging stats are subject to change as Firestore evolves. It could + include: { "indexes_entries_scanned": "1000", "documents_scanned": + "20", "billing_details" : { "documents_billable": "20", + "index_entries_billable": "1000", "min_query_cost": "0" } } + resultsReturned: + description: >- + Total number of results returned, including documents, projections, + aggregation results, keys. + format: int64 type: string - enumDescriptions: - - Not used. - - >- - Reads are supported on selected versions of the data from within - the past 7 days: * Reads against any timestamp within the past - hour * Reads against 1-minute snapshots beyond 1 hour and within 7 - days `version_retention_period` and `earliest_version_time` can be - used to determine the supported versions. - - >- - Reads are supported on any version of the data from within the - past 1 hour. - enum: - - POINT_IN_TIME_RECOVERY_ENABLEMENT_UNSPECIFIED - - POINT_IN_TIME_RECOVERY_ENABLED - - POINT_IN_TIME_RECOVERY_DISABLED - appEngineIntegrationMode: - description: The App Engine integration mode to use for this database. + executionDuration: type: string - enumDescriptions: - - Not used. - - >- - If an App Engine application exists in the same region as this - database, App Engine configuration will impact this database. This - includes disabling of the application & database, as well as - disabling writes to the database. - - >- - App Engine has no effect on the ability of this database to serve - requests. This is the default setting for databases created with - the Firestore API. - enum: - - APP_ENGINE_INTEGRATION_MODE_UNSPECIFIED - - ENABLED - - DISABLED - keyPrefix: - description: >- - Output only. The key_prefix for this database. This key_prefix is - used, in combination with the project ID ("~") to construct the - application ID that is returned from the Cloud Datastore APIs in - Google App Engine first generation runtimes. This value may be empty - in which case the appid to use for URL-encoded keys is the - project_id (eg: foo instead of v~foo). - readOnly: true + description: Total time to execute the query in the backend. + format: google-duration + readOperations: + format: int64 type: string - deleteProtectionState: - description: State of delete protection for the database. + description: Total billable read operations. + GoogleFirestoreAdminV1BackupSchedule: + properties: + updateTime: + format: google-datetime type: string - enumDescriptions: - - The default value. Delete protection type is not specified - - Delete protection is disabled - - Delete protection is enabled - enum: - - DELETE_PROTECTION_STATE_UNSPECIFIED - - DELETE_PROTECTION_DISABLED - - DELETE_PROTECTION_ENABLED - cmekConfig: - description: Optional. Presence indicates CMEK is enabled for this database. - $ref: '#/components/schemas/GoogleFirestoreAdminV1CmekConfig' - previousId: + readOnly: true description: >- - Output only. The database resource's prior database ID. This field - is only populated for deleted databases. + Output only. The timestamp at which this backup schedule was most + recently updated. When a backup schedule is first created, this is + the same as create_time. + createTime: + format: google-datetime readOnly: true type: string - sourceInfo: - description: Output only. Information about the provenance of this database. - readOnly: true - $ref: '#/components/schemas/GoogleFirestoreAdminV1SourceInfo' - tags: - description: >- - Optional. Input only. Immutable. Tag keys/values directly bound to - this resource. For example: "123/environment": "production", - "123/costCenter": "marketing" - type: object - additionalProperties: - type: string - freeTier: description: >- - Output only. Background: Free tier is the ability of a Firestore - database to use a small amount of resources every day without being - charged. Once usage exceeds the free tier limit further usage is - charged. Whether this database can make use of the free tier. Only - one database per project can be eligible for the free tier. The - first (or next) database that is created in a project without a free - tier database will be marked as eligible for the free tier. - Databases that are created while there is a free tier database will - not be eligible for the free tier. + Output only. The timestamp at which this backup schedule was created + and effective since. No backups will be created for this schedule + before this time. + weeklyRecurrence: + $ref: '#/components/schemas/GoogleFirestoreAdminV1WeeklyRecurrence' + description: For a schedule that runs weekly on a specific day. + dailyRecurrence: + description: For a schedule that runs daily. + $ref: '#/components/schemas/GoogleFirestoreAdminV1DailyRecurrence' + name: + type: string readOnly: true - type: boolean - etag: description: >- - This checksum is computed by the server based on the value of other - fields, and may be sent on update and delete requests to ensure the - client has an up-to-date value before proceeding. - type: string - databaseEdition: - description: Immutable. The edition of the database. + Output only. The unique backup schedule identifier across all + locations and databases for the given project. This will be + auto-assigned. Format is + `projects/{project}/databases/{database}/backupSchedules/{backup_schedule}` + retention: + format: google-duration type: string - enumDescriptions: - - Not used. - - Standard edition. This is the default setting if not specified. - - Enterprise edition. - enum: - - DATABASE_EDITION_UNSPECIFIED - - STANDARD - - ENTERPRISE - GoogleFirestoreAdminV1CmekConfig: - id: GoogleFirestoreAdminV1CmekConfig + description: >- + At what relative time in the future, compared to its creation time, + the backup should be deleted, e.g. keep backups for 7 days. The + maximum supported retention period is 14 weeks. description: >- - The CMEK (Customer Managed Encryption Key) configuration for a Firestore - database. If not present, the database is secured by the default Google - encryption key. + A backup schedule for a Cloud Firestore Database. This resource is owned + by the database it is backing up, and is deleted along with the + database. The actual backups are not though. + type: object + id: GoogleFirestoreAdminV1BackupSchedule + GoogleFirestoreAdminV1FlatIndex: + properties: {} + id: GoogleFirestoreAdminV1FlatIndex type: object + description: >- + An index that stores vectors in a flat data structure, and supports + exhaustive search. + GoogleFirestoreAdminV1ExportDocumentsMetadata: + id: GoogleFirestoreAdminV1ExportDocumentsMetadata properties: - kmsKeyName: + operationState: + enumDescriptions: + - Unspecified. + - Request is being prepared for processing. + - Request is actively being processed. + - >- + Request is in the process of being cancelled after user called + google.longrunning.Operations.CancelOperation on the operation. + - Request has been processed and is in its finalization stage. + - Request has completed successfully. + - Request has finished being processed, but encountered an error. + - >- + Request has finished being cancelled after user called + google.longrunning.Operations.CancelOperation. + description: The state of the export operation. + type: string + enum: + - OPERATION_STATE_UNSPECIFIED + - INITIALIZING + - PROCESSING + - CANCELLING + - FINALIZING + - SUCCESSFUL + - FAILED + - CANCELLED + endTime: + format: google-datetime + type: string description: >- - Required. Only keys in the same location as this database are - allowed to be used for encryption. For Firestore's nam5 - multi-region, this corresponds to Cloud KMS multi-region us. For - Firestore's eur3 multi-region, this corresponds to Cloud KMS - multi-region europe. See - https://cloud.google.com/kms/docs/locations. The expected format is - `projects/{project_id}/locations/{kms_location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. + The time this operation completed. Will be unset if operation still + in progress. + progressDocuments: + description: The progress, in documents, of this operation. + $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' + snapshotTime: type: string - activeKeyVersion: description: >- - Output only. Currently in-use [KMS key - versions](https://cloud.google.com/kms/docs/resource-hierarchy#key_versions). - During [key - rotation](https://cloud.google.com/kms/docs/key-rotation), there can - be multiple in-use key versions. The expected format is - `projects/{project_id}/locations/{kms_location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{key_version}`. - readOnly: true + The timestamp that corresponds to the version of the database that + is being exported. If unspecified, there are no guarantees about the + consistency of the documents being exported. + format: google-datetime + namespaceIds: type: array + description: Which namespace IDs are being exported. items: type: string - GoogleFirestoreAdminV1SourceInfo: - id: GoogleFirestoreAdminV1SourceInfo - description: Information about the provenance of this database. - type: object - properties: - backup: - description: >- - If set, this database was restored from the specified backup (or a - snapshot thereof). - $ref: '#/components/schemas/GoogleFirestoreAdminV1BackupSource' - operation: - description: >- - The associated long-running operation. This field may not be set - after the operation has completed. Format: - `projects/{project}/databases/{database}/operations/{operation}`. + progressBytes: + description: The progress, in bytes, of this operation. + $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' + startTime: type: string - GoogleFirestoreAdminV1BackupSource: - id: GoogleFirestoreAdminV1BackupSource - description: Information about a backup that was used to restore a database. - type: object - properties: - backup: - description: >- - The resource name of the backup that was used to restore this - database. Format: - `projects/{project}/locations/{location}/backups/{backup}`. + format: google-datetime + description: The time this operation started. + collectionIds: + description: Which collection IDs are being exported. + items: + type: string + type: array + outputUriPrefix: + description: Where the documents are being exported to. type: string - GoogleFirestoreAdminV1ListDatabasesResponse: - id: GoogleFirestoreAdminV1ListDatabasesResponse - description: The list of databases for a project. + description: >- + Metadata for google.longrunning.Operation results from + FirestoreAdmin.ExportDocuments. + type: object + GoogleFirestoreAdminV1TtlConfigDelta: + id: GoogleFirestoreAdminV1TtlConfigDelta type: object properties: - databases: - description: The databases in the project. - type: array + changeType: + description: Specifies how the TTL configuration is changing. + enum: + - CHANGE_TYPE_UNSPECIFIED + - ADD + - REMOVE + type: string + enumDescriptions: + - The type of change is not specified or known. + - The TTL config is being added. + - The TTL config is being removed. + description: Information about a TTL configuration change. + GoogleFirestoreAdminV1ImportDocumentsMetadata: + id: GoogleFirestoreAdminV1ImportDocumentsMetadata + description: >- + Metadata for google.longrunning.Operation results from + FirestoreAdmin.ImportDocuments. + properties: + progressDocuments: + description: The progress, in documents, of this operation. + $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' + progressBytes: + $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' + description: The progress, in bytes, of this operation. + startTime: + description: The time this operation started. + format: google-datetime + type: string + namespaceIds: items: - $ref: '#/components/schemas/GoogleFirestoreAdminV1Database' - unreachable: - description: >- - In the event that data about individual databases cannot be listed - they will be recorded here. An example entry might be: - projects/some_project/locations/some_location This can happen if the - Cloud Region that the Database resides in is currently unavailable. - In this case we can't fetch all the details about the database. You - may be able to get a more detailed error message (or possibly fetch - the resource) by sending a 'Get' request for the resource or a - 'List' request for the specific location. + type: string + description: Which namespace IDs are being imported. + type: array + operationState: + enumDescriptions: + - Unspecified. + - Request is being prepared for processing. + - Request is actively being processed. + - >- + Request is in the process of being cancelled after user called + google.longrunning.Operations.CancelOperation on the operation. + - Request has been processed and is in its finalization stage. + - Request has completed successfully. + - Request has finished being processed, but encountered an error. + - >- + Request has finished being cancelled after user called + google.longrunning.Operations.CancelOperation. + type: string + enum: + - OPERATION_STATE_UNSPECIFIED + - INITIALIZING + - PROCESSING + - CANCELLING + - FINALIZING + - SUCCESSFUL + - FAILED + - CANCELLED + description: The state of the import operation. + collectionIds: type: array + description: Which collection IDs are being imported. items: type: string - GoogleFirestoreAdminV1UserCreds: - id: GoogleFirestoreAdminV1UserCreds - description: A Cloud Firestore User Creds. - type: object - properties: - name: + endTime: + format: google-datetime description: >- - Identifier. The resource name of the UserCreds. Format: - `projects/{project}/databases/{database}/userCreds/{user_creds}` + The time this operation completed. Will be unset if operation still + in progress. type: string - createTime: - description: Output only. The time the user creds were created. - readOnly: true + inputUriPrefix: type: string - format: google-datetime - updateTime: - description: Output only. The time the user creds were last updated. - readOnly: true + description: The location of the documents being imported. + type: object + WriteResponse: + id: WriteResponse + description: The response for Firestore.Write. + properties: + streamId: type: string - format: google-datetime - state: description: >- - Output only. Whether the user creds are enabled or disabled. - Defaults to ENABLED on creation. - readOnly: true + The ID of the stream. Only set on the first message, when a new + stream was created. + streamToken: type: string - enumDescriptions: - - The default value. Should not be used. - - The user creds are enabled. - - The user creds are disabled. - enum: - - STATE_UNSPECIFIED - - ENABLED - - DISABLED - securePassword: + format: byte description: >- - Output only. The plaintext server-generated password for the user - creds. Only populated in responses for CreateUserCreds and - ResetUserPassword. - readOnly: true + A token that represents the position of this response in the stream. + This can be used by a client to resume the stream at this point. + This field is always set. + commitTime: + description: >- + The time at which the commit occurred. Any read with an equal or + greater `read_time` is guaranteed to see the effects of the write. type: string - resourceIdentity: - description: Resource Identity descriptor. - $ref: '#/components/schemas/GoogleFirestoreAdminV1ResourceIdentity' - GoogleFirestoreAdminV1ResourceIdentity: - id: GoogleFirestoreAdminV1ResourceIdentity - description: Describes a Resource Identity principal. + format: google-datetime + writeResults: + items: + $ref: '#/components/schemas/WriteResult' + description: >- + The result of applying the writes. This i-th write result + corresponds to the i-th write in the request. + type: array type: object + CompositeFilter: + type: object + id: CompositeFilter + description: A filter that merges multiple other filters using the given operator. properties: - principal: + filters: description: >- - Output only. Principal identifier string. See: - https://cloud.google.com/iam/docs/principal-identifiers - readOnly: true + The list of filters to combine. Requires: * At least one filter is + present. + type: array + items: + $ref: '#/components/schemas/Filter' + op: + description: The operator for combining multiple filters. + enumDescriptions: + - Unspecified. This value must not be used. + - Documents are required to satisfy all of the combined filters. + - >- + Documents are required to satisfy at least one of the combined + filters. + enum: + - OPERATOR_UNSPECIFIED + - AND + - OR type: string - GoogleFirestoreAdminV1ListUserCredsResponse: - id: GoogleFirestoreAdminV1ListUserCredsResponse - description: The response for FirestoreAdmin.ListUserCreds. - type: object + GoogleFirestoreAdminV1ImportDocumentsRequest: + id: GoogleFirestoreAdminV1ImportDocumentsRequest properties: - userCreds: - description: The user creds for the database. + namespaceIds: + description: >- + An empty list represents all namespaces. This is the preferred usage + for databases that don't use namespaces. An empty string element + represents the default namespace. This should be used if the + database has data in non-default namespaces, but doesn't want to + include them. Each namespace in this list must be unique. + items: + type: string type: array + inputUriPrefix: + description: >- + Location of the exported files. This must match the + output_uri_prefix of an ExportDocumentsResponse from an export that + has completed successfully. See: + google.firestore.admin.v1.ExportDocumentsResponse.output_uri_prefix. + type: string + collectionIds: + description: >- + IDs of the collection groups to import. Unspecified means all + collection groups that were included in the export. Each collection + group in this list must be unique. items: - $ref: '#/components/schemas/GoogleFirestoreAdminV1UserCreds' - GoogleFirestoreAdminV1EnableUserCredsRequest: - id: GoogleFirestoreAdminV1EnableUserCredsRequest - description: The request for FirestoreAdmin.EnableUserCreds. + type: string + type: array type: object - properties: {} - GoogleFirestoreAdminV1DisableUserCredsRequest: - id: GoogleFirestoreAdminV1DisableUserCredsRequest - description: The request for FirestoreAdmin.DisableUserCreds. + description: The request for FirestoreAdmin.ImportDocuments. + ReadWrite: + id: ReadWrite type: object - properties: {} - GoogleFirestoreAdminV1ResetUserPasswordRequest: - id: GoogleFirestoreAdminV1ResetUserPasswordRequest - description: The request for FirestoreAdmin.ResetUserPassword. + description: >- + Options for a transaction that can be used to read and write documents. + Firestore does not allow 3rd party auth requests to create read-write. + transactions. + properties: + retryTransaction: + type: string + format: byte + description: An optional transaction to retry. + AggregationResult: + id: AggregationResult + properties: + aggregateFields: + description: >- + The result of the aggregation functions, ex: `COUNT(*) AS + total_docs`. The key is the alias assigned to the aggregation + function on input and the size of this map equals the number of + aggregation functions in the query. + type: object + additionalProperties: + $ref: '#/components/schemas/Value' + description: >- + The result of a single bucket from a Firestore aggregation query. The + keys of `aggregate_fields` are the same for all results in an + aggregation query, unlike document queries which can have different + fields present for each result. type: object + GoogleFirestoreAdminV1SourceEncryptionOptions: properties: {} - GoogleFirestoreAdminV1Backup: - id: GoogleFirestoreAdminV1Backup description: >- - A Backup of a Cloud Firestore Database. The backup contains all - documents and index configurations for the given database at a specific - point in time. + The configuration options for using the same encryption method as the + source. + id: GoogleFirestoreAdminV1SourceEncryptionOptions type: object + GoogleFirestoreAdminV1CustomerManagedEncryptionOptions: properties: - name: - description: >- - Output only. The unique resource name of the Backup. Format is - `projects/{project}/locations/{location}/backups/{backup}`. - readOnly: true + kmsKeyName: type: string - database: description: >- - Output only. Name of the Firestore database that the backup is from. - Format is `projects/{project}/databases/{database}`. - readOnly: true - type: string - databaseUid: - description: >- - Output only. The system-generated UUID4 for the Firestore database - that the backup is from. - readOnly: true - type: string - snapshotTime: - description: >- - Output only. The backup contains an externally consistent copy of - the database at this time. - readOnly: true - type: string - format: google-datetime - expireTime: - description: Output only. The timestamp at which this backup expires. - readOnly: true - type: string - format: google-datetime - stats: - description: >- - Output only. Statistics about the backup. This data only becomes - available after the backup is fully materialized to secondary - storage. This field will be empty till then. - readOnly: true - $ref: '#/components/schemas/GoogleFirestoreAdminV1Stats' + Required. Only keys in the same location as the database are allowed + to be used for encryption. For Firestore's nam5 multi-region, this + corresponds to Cloud KMS multi-region us. For Firestore's eur3 + multi-region, this corresponds to Cloud KMS multi-region europe. See + https://cloud.google.com/kms/docs/locations. The expected format is + `projects/{project_id}/locations/{kms_location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. + type: object + description: >- + The configuration options for using CMEK (Customer Managed Encryption + Key) encryption. + id: GoogleFirestoreAdminV1CustomerManagedEncryptionOptions + GoogleFirestoreAdminV1GoogleDefaultEncryptionOptions: + type: object + id: GoogleFirestoreAdminV1GoogleDefaultEncryptionOptions + description: The configuration options for using Google default encryption. + properties: {} + GoogleFirestoreAdminV1FieldOperationMetadata: + type: object + properties: + progressBytes: + description: The progress, in bytes, of this operation. + $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' state: - description: Output only. The current state of the backup. - readOnly: true - type: string + description: The state of the operation. enumDescriptions: - - The state is unspecified. + - Unspecified. + - Request is being prepared for processing. + - Request is actively being processed. - >- - The pending backup is still being created. Operations on the - backup will be rejected in this state. - - The backup is complete and ready to use. - - The backup is not available at this moment. + Request is in the process of being cancelled after user called + google.longrunning.Operations.CancelOperation on the operation. + - Request has been processed and is in its finalization stage. + - Request has completed successfully. + - Request has finished being processed, but encountered an error. + - >- + Request has finished being cancelled after user called + google.longrunning.Operations.CancelOperation. enum: - - STATE_UNSPECIFIED - - CREATING - - READY - - NOT_AVAILABLE - GoogleFirestoreAdminV1Stats: - id: GoogleFirestoreAdminV1Stats - description: Backup specific statistics. - type: object - properties: - sizeBytes: - description: >- - Output only. Summation of the size of all documents and index - entries in the backup, measured in bytes. - readOnly: true + - OPERATION_STATE_UNSPECIFIED + - INITIALIZING + - PROCESSING + - CANCELLING + - FINALIZING + - SUCCESSFUL + - FAILED + - CANCELLED type: string - format: int64 - documentCount: - description: Output only. The total number of documents contained in the backup. - readOnly: true + field: type: string - format: int64 - indexCount: description: >- - Output only. The total number of index entries contained in the - backup. - readOnly: true + The field resource that this operation is acting on. For example: + `projects/{project_id}/databases/{database_id}/collectionGroups/{collection_id}/fields/{field_path}` + endTime: + format: google-datetime type: string - format: int64 - GoogleFirestoreAdminV1ListBackupsResponse: - id: GoogleFirestoreAdminV1ListBackupsResponse - description: The response for FirestoreAdmin.ListBackups. - type: object - properties: - backups: - description: List of all backups for the project. - type: array - items: - $ref: '#/components/schemas/GoogleFirestoreAdminV1Backup' - unreachable: description: >- - List of locations that existing backups were not able to be fetched - from. Instead of failing the entire requests when a single location - is unreachable, this response returns a partial result set and list - of locations unable to be reached here. The request can be retried - against a single location to get a concrete error. + The time this operation completed. Will be unset if operation still + in progress. + startTime: + format: google-datetime + type: string + description: The time this operation started. + ttlConfigDelta: + description: Describes the deltas of TTL configuration. + $ref: '#/components/schemas/GoogleFirestoreAdminV1TtlConfigDelta' + progressDocuments: + description: The progress, in documents, of this operation. + $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' + indexConfigDeltas: + description: >- + A list of IndexConfigDelta, which describe the intent of this + operation. type: array items: - type: string - GoogleFirestoreAdminV1RestoreDatabaseRequest: - id: GoogleFirestoreAdminV1RestoreDatabaseRequest - description: The request message for FirestoreAdmin.RestoreDatabase. + $ref: '#/components/schemas/GoogleFirestoreAdminV1IndexConfigDelta' + id: GoogleFirestoreAdminV1FieldOperationMetadata + description: >- + Metadata for google.longrunning.Operation results from + FirestoreAdmin.UpdateField. + ListenResponse: + description: The response for Firestore.Listen. type: object properties: - databaseId: + documentRemove: description: >- - Required. The ID to use for the database, which will become the - final component of the database's resource name. This database ID - must not be associated with an existing database. This value should - be 4-63 characters. Valid characters are /a-z-/ with first character - a letter and the last a letter or a number. Must not be UUID-like - /[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}/. "(default)" database ID - is also valid if the database is Standard edition. + A Document has been removed from a target (because it is no longer + relevant to that target). + $ref: '#/components/schemas/DocumentRemove' + documentChange: + description: A Document has changed. + $ref: '#/components/schemas/DocumentChange' + filter: + $ref: '#/components/schemas/ExistenceFilter' + description: >- + A filter to apply to the set of documents previously returned for + the given target. Returned when documents may have been removed from + the given target, but the exact documents are unknown. + targetChange: + description: Targets have changed. + $ref: '#/components/schemas/TargetChange' + documentDelete: + $ref: '#/components/schemas/DocumentDelete' + description: A Document has been deleted. + id: ListenResponse + GoogleFirestoreAdminV1DeleteDatabaseMetadata: + type: object + description: Metadata related to the delete database operation. + id: GoogleFirestoreAdminV1DeleteDatabaseMetadata + properties: {} + GoogleFirestoreAdminV1SourceInfo: + type: object + id: GoogleFirestoreAdminV1SourceInfo + properties: + operation: type: string + description: >- + The associated long-running operation. This field may not be set + after the operation has completed. Format: + `projects/{project}/databases/{database}/operations/{operation}`. backup: description: >- - Required. Backup to restore from. Must be from the same project as - the parent. The restored database will be created in the same - location as the source backup. Format is: - `projects/{project_id}/locations/{location}/backups/{backup}` + If set, this database was restored from the specified backup (or a + snapshot thereof). + $ref: '#/components/schemas/GoogleFirestoreAdminV1BackupSource' + description: Information about the provenance of this database. + Write: + description: A write on a document. + properties: + transform: + description: Applies a transformation to a document. + $ref: '#/components/schemas/DocumentTransform' + currentDocument: + description: >- + An optional precondition on the document. The write will fail if + this is set and not met by the target document. + $ref: '#/components/schemas/Precondition' + updateMask: + description: >- + The fields to update in this write. This field can be set only when + the operation is `update`. If the mask is not set for an `update` + and the document exists, any existing data will be overwritten. If + the mask is set and the document on the server has fields not + covered by the mask, they are left unchanged. Fields referenced in + the mask, but not present in the input document, are deleted from + the document on the server. The field paths in this mask must not + contain a reserved field name. + $ref: '#/components/schemas/DocumentMask' + update: + $ref: '#/components/schemas/Document' + description: A document to write. + delete: type: string - encryptionConfig: description: >- - Optional. Encryption configuration for the restored database. If - this field is not specified, the restored database will use the same - encryption configuration as the backup, namely - use_source_encryption. - $ref: '#/components/schemas/GoogleFirestoreAdminV1EncryptionConfig' - tags: + A document name to delete. In the format: + `projects/{project_id}/databases/{database_id}/documents/{document_path}`. + updateTransforms: description: >- - Optional. Immutable. Tags to be bound to the restored database. The - tags should be provided in the format of `tagKeys/{tag_key_id} -> - tagValues/{tag_value_id}`. - type: object - additionalProperties: - type: string - GoogleFirestoreAdminV1EncryptionConfig: - id: GoogleFirestoreAdminV1EncryptionConfig - description: >- - Encryption configuration for a new database being created from another - source. The source could be a Backup . + The transforms to perform after update. This field can be set only + when the operation is `update`. If present, this write is equivalent + to performing `update` and `transform` to the same document + atomically and in order. + items: + $ref: '#/components/schemas/FieldTransform' + type: array + type: object + id: Write + GoogleFirestoreAdminV1ResourceIdentity: type: object + description: Describes a Resource Identity principal. properties: - googleDefaultEncryption: - description: Use Google default encryption. - $ref: >- - #/components/schemas/GoogleFirestoreAdminV1GoogleDefaultEncryptionOptions - useSourceEncryption: + principal: + type: string description: >- - The database will use the same encryption configuration as the - source. - $ref: '#/components/schemas/GoogleFirestoreAdminV1SourceEncryptionOptions' - customerManagedEncryption: - description: Use Customer Managed Encryption Keys (CMEK) for encryption. - $ref: >- - #/components/schemas/GoogleFirestoreAdminV1CustomerManagedEncryptionOptions - GoogleFirestoreAdminV1GoogleDefaultEncryptionOptions: - id: GoogleFirestoreAdminV1GoogleDefaultEncryptionOptions - description: The configuration options for using Google default encryption. - type: object - properties: {} - GoogleFirestoreAdminV1SourceEncryptionOptions: - id: GoogleFirestoreAdminV1SourceEncryptionOptions - description: >- - The configuration options for using the same encryption method as the - source. + Output only. Principal identifier string. See: + https://cloud.google.com/iam/docs/principal-identifiers + readOnly: true + id: GoogleFirestoreAdminV1ResourceIdentity + Status: type: object - properties: {} - GoogleFirestoreAdminV1CustomerManagedEncryptionOptions: - id: GoogleFirestoreAdminV1CustomerManagedEncryptionOptions + id: Status description: >- - The configuration options for using CMEK (Customer Managed Encryption - Key) encryption. - type: object + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). properties: - kmsKeyName: - description: >- - Required. Only keys in the same location as the database are allowed - to be used for encryption. For Firestore's nam5 multi-region, this - corresponds to Cloud KMS multi-region us. For Firestore's eur3 - multi-region, this corresponds to Cloud KMS multi-region europe. See - https://cloud.google.com/kms/docs/locations. The expected format is - `projects/{project_id}/locations/{kms_location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. + message: type: string - GoogleFirestoreAdminV1BackupSchedule: - id: GoogleFirestoreAdminV1BackupSchedule + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + format: int32 + details: + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + GoogleFirestoreAdminV1IndexField: description: >- - A backup schedule for a Cloud Firestore Database. This resource is owned - by the database it is backing up, and is deleted along with the - database. The actual backups are not though. + A field in an index. The field_path describes which field is indexed, + the value_mode describes how the field value is indexed. type: object properties: - name: - description: >- - Output only. The unique backup schedule identifier across all - locations and databases for the given project. This will be - auto-assigned. Format is - `projects/{project}/databases/{database}/backupSchedules/{backup_schedule}` - readOnly: true + order: type: string - createTime: + enum: + - ORDER_UNSPECIFIED + - ASCENDING + - DESCENDING + enumDescriptions: + - The ordering is unspecified. Not a valid option. + - The field is ordered by ascending field value. + - The field is ordered by descending field value. description: >- - Output only. The timestamp at which this backup schedule was created - and effective since. No backups will be created for this schedule - before this time. - readOnly: true - type: string - format: google-datetime - updateTime: + Indicates that this field supports ordering by the specified order + or comparing using =, !=, <, <=, >, >=. + vectorConfig: description: >- - Output only. The timestamp at which this backup schedule was most - recently updated. When a backup schedule is first created, this is - the same as create_time. - readOnly: true + Indicates that this field supports nearest neighbor and distance + operations on vector. + $ref: '#/components/schemas/GoogleFirestoreAdminV1VectorConfig' + arrayConfig: + enum: + - ARRAY_CONFIG_UNSPECIFIED + - CONTAINS + description: Indicates that this field supports operations on `array_value`s. + enumDescriptions: + - The index does not support additional array queries. + - The index supports array containment queries. type: string - format: google-datetime - retention: + fieldPath: description: >- - At what relative time in the future, compared to its creation time, - the backup should be deleted, e.g. keep backups for 7 days. The - maximum supported retention period is 14 weeks. + Can be __name__. For single field indexes, this must match the name + of the field or may be omitted. type: string - format: google-duration - dailyRecurrence: - description: For a schedule that runs daily. - $ref: '#/components/schemas/GoogleFirestoreAdminV1DailyRecurrence' - weeklyRecurrence: - description: For a schedule that runs weekly on a specific day. - $ref: '#/components/schemas/GoogleFirestoreAdminV1WeeklyRecurrence' - GoogleFirestoreAdminV1DailyRecurrence: - id: GoogleFirestoreAdminV1DailyRecurrence - description: >- - Represents a recurring schedule that runs every day. The time zone is - UTC. - type: object - properties: {} - GoogleFirestoreAdminV1WeeklyRecurrence: - id: GoogleFirestoreAdminV1WeeklyRecurrence + id: GoogleFirestoreAdminV1IndexField + StructuredQuery: description: >- - Represents a recurring schedule that runs on a specified day of the - week. The time zone is UTC. - type: object - properties: - day: - description: The day of week to run. DAY_OF_WEEK_UNSPECIFIED is not allowed. - type: string - enumDescriptions: - - The day of the week is unspecified. - - Monday - - Tuesday - - Wednesday - - Thursday - - Friday - - Saturday - - Sunday - enum: - - DAY_OF_WEEK_UNSPECIFIED - - MONDAY - - TUESDAY - - WEDNESDAY - - THURSDAY - - FRIDAY - - SATURDAY - - SUNDAY - GoogleFirestoreAdminV1ListBackupSchedulesResponse: - id: GoogleFirestoreAdminV1ListBackupSchedulesResponse - description: The response for FirestoreAdmin.ListBackupSchedules. - type: object + A Firestore query. The query stages are executed in the following order: + 1. from 2. where 3. select 4. order_by + start_at + end_at 5. offset 6. + limit 7. find_nearest properties: - backupSchedules: - description: List of all backup schedules. - type: array + where: + description: The filter to apply. + $ref: '#/components/schemas/Filter' + endAt: + description: >- + A potential prefix of a position in the result set to end the query + at. This is similar to `START_AT` but with it controlling the end + position rather than the start position. Requires: * The number of + values cannot be greater than the number of fields specified in the + `ORDER BY` clause. + $ref: '#/components/schemas/Cursor' + from: + description: The collections to query. items: - $ref: '#/components/schemas/GoogleFirestoreAdminV1BackupSchedule' - GoogleFirestoreAdminV1CloneDatabaseRequest: - id: GoogleFirestoreAdminV1CloneDatabaseRequest - description: The request message for FirestoreAdmin.CloneDatabase. - type: object - properties: - databaseId: + $ref: '#/components/schemas/CollectionSelector' + type: array + findNearest: + $ref: '#/components/schemas/FindNearest' description: >- - Required. The ID to use for the database, which will become the - final component of the database's resource name. This database ID - must not be associated with an existing database. This value should - be 4-63 characters. Valid characters are /a-z-/ with first character - a letter and the last a letter or a number. Must not be UUID-like - /[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}/. "(default)" database ID - is also valid if the database is Standard edition. - type: string - pitrSnapshot: + Optional. A potential nearest neighbors search. Applies after all + other filters and ordering. Finds the closest vector embeddings to + the given query vector. + limit: + type: integer description: >- - Required. Specification of the PITR data to clone from. The source - database must exist. The cloned database will be created in the same - location as the source database. - $ref: '#/components/schemas/GoogleFirestoreAdminV1PitrSnapshot' - encryptionConfig: + The maximum number of results to return. Applies after all other + constraints. Requires: * The value must be greater than or equal to + zero if specified. + format: int32 + select: + $ref: '#/components/schemas/Projection' description: >- - Optional. Encryption configuration for the cloned database. If this - field is not specified, the cloned database will use the same - encryption configuration as the source database, namely - use_source_encryption. - $ref: '#/components/schemas/GoogleFirestoreAdminV1EncryptionConfig' - tags: + Optional sub-set of the fields to return. This acts as a + DocumentMask over the documents returned from a query. When not set, + assumes that the caller wants all fields returned. + orderBy: + items: + $ref: '#/components/schemas/Order' + type: array description: >- - Optional. Immutable. Tags to be bound to the cloned database. The - tags should be provided in the format of `tagKeys/{tag_key_id} -> - tagValues/{tag_value_id}`. - type: object - additionalProperties: - type: string - GoogleFirestoreAdminV1PitrSnapshot: - id: GoogleFirestoreAdminV1PitrSnapshot - description: >- - A consistent snapshot of a database at a specific point in time. A PITR - (Point-in-time recovery) snapshot with previous versions of a database's - data is available for every minute up to the associated database's data - retention period. If the PITR feature is enabled, the retention period - is 7 days; otherwise, it is one hour. - type: object - properties: - database: + The order to apply to the query results. Firestore allows callers to + provide a full ordering, a partial ordering, or no ordering at all. + In all cases, Firestore guarantees a stable ordering through the + following rules: * The `order_by` is required to reference all + fields used with an inequality filter. * All fields that are + required to be in the `order_by` but are not already present are + appended in lexicographical ordering of the field name. * If an + order on `__name__` is not specified, it is appended by default. + Fields are appended with the same sort direction as the last order + specified, or 'ASCENDING' if no order was specified. For example: * + `ORDER BY a` becomes `ORDER BY a ASC, __name__ ASC` * `ORDER BY a + DESC` becomes `ORDER BY a DESC, __name__ DESC` * `WHERE a > 1` + becomes `WHERE a > 1 ORDER BY a ASC, __name__ ASC` * `WHERE __name__ + > ... AND a > 1` becomes `WHERE __name__ > ... AND a > 1 ORDER BY a + ASC, __name__ ASC` + startAt: description: >- - Required. The name of the database that this was a snapshot of. - Format: `projects/{project}/databases/{database}`. - type: string - databaseUid: + A potential prefix of a position in the result set to start the + query at. The ordering of the result set is based on the `ORDER BY` + clause of the original query. ``` SELECT * FROM k WHERE a = 1 AND b + > 2 ORDER BY b ASC, __name__ ASC; ``` This query's results are + ordered by `(b ASC, __name__ ASC)`. Cursors can reference either the + full ordering or a prefix of the location, though it cannot + reference more fields than what are in the provided `ORDER BY`. + Continuing off the example above, attaching the following start + cursors will have varying impact: - `START BEFORE (2, /k/123)`: + start the query right before `a = 1 AND b > 2 AND __name__ > + /k/123`. - `START AFTER (10)`: start the query right after `a = 1 + AND b > 10`. Unlike `OFFSET` which requires scanning over the first + N results to skip, a start cursor allows the query to begin at a + logical position. This position is not required to match an actual + result, it will scan forward from this position to find the next + document. Requires: * The number of values cannot be greater than + the number of fields specified in the `ORDER BY` clause. + $ref: '#/components/schemas/Cursor' + offset: description: >- - Output only. Public UUID of the database the snapshot was associated - with. - readOnly: true - type: string - format: byte - snapshotTime: - description: Required. Snapshot time of the database. - type: string - format: google-datetime - Document: - id: Document - description: A Firestore document. Must not exceed 1 MiB - 4 bytes. + The number of documents to skip before returning the first result. + This applies after the constraints specified by the `WHERE`, `START + AT`, & `END AT` but before the `LIMIT` clause. Requires: * The value + must be greater than or equal to zero if specified. + type: integer + format: int32 + type: object + id: StructuredQuery + GoogleFirestoreAdminV1RestoreDatabaseRequest: + description: The request message for FirestoreAdmin.RestoreDatabase. type: object properties: - name: - description: >- - The resource name of the document, for example - `projects/{project_id}/databases/{database_id}/documents/{document_path}`. + backup: type: string - fields: description: >- - The document's fields. The map keys represent field names. Field - names matching the regular expression `__.*__` are reserved. - Reserved field names are forbidden except in certain documented - contexts. The field names, represented as UTF-8, must not exceed - 1,500 bytes and cannot be empty. Field paths may be used in other - contexts to refer to structured fields defined here. For - `map_value`, the field path is represented by a dot-delimited (`.`) - string of segments. Each segment is either a simple field name - (defined below) or a quoted field name. For example, the structured - field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` - would be represented by the field path `` foo.`x&y` ``. A simple - field name contains only characters `a` to `z`, `A` to `Z`, `0` to - `9`, or `_`, and must not start with `0` to `9`. For example, - `foo_bar_17`. A quoted field name starts and ends with `` ` `` and - may contain any character. Some characters, including `` ` ``, must - be escaped using a `\`. For example, `` `x&y` `` represents `x&y` - and `` `bak\`tik` `` represents `` bak`tik ``. - type: object + Required. Backup to restore from. Must be from the same project as + the parent. The restored database will be created in the same + location as the source backup. Format is: + `projects/{project_id}/locations/{location}/backups/{backup}` + tags: additionalProperties: - $ref: '#/components/schemas/Value' - createTime: + type: string + type: object description: >- - Output only. The time at which the document was created. This value - increases monotonically when a document is deleted then recreated. - It can also be compared to values from other documents and the - `read_time` of a query. + Optional. Immutable. Tags to be bound to the restored database. The + tags should be provided in the format of `tagKeys/{tag_key_id} -> + tagValues/{tag_value_id}`. + databaseId: type: string - format: google-datetime - updateTime: description: >- - Output only. The time at which the document was last changed. This - value is initially set to the `create_time` then increases - monotonically with each change to the document. It can also be - compared to values from other documents and the `read_time` of a - query. - type: string - format: google-datetime - Value: - id: Value - description: A message that can hold any of the supported value types. + Required. The ID to use for the database, which will become the + final component of the database's resource name. This database ID + must not be associated with an existing database. This value should + be 4-63 characters. Valid characters are /a-z-/ with first character + a letter and the last a letter or a number. Must not be UUID-like + /[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}/. "(default)" database ID + is also valid if the database is Standard edition. + encryptionConfig: + description: >- + Optional. Encryption configuration for the restored database. If + this field is not specified, the restored database will use the same + encryption configuration as the backup, namely + use_source_encryption. + $ref: '#/components/schemas/GoogleFirestoreAdminV1EncryptionConfig' + id: GoogleFirestoreAdminV1RestoreDatabaseRequest + BatchGetDocumentsRequest: type: object + id: BatchGetDocumentsRequest properties: - nullValue: - description: A null value. - type: string - enumDescriptions: - - Null value. - enum: - - NULL_VALUE - booleanValue: - description: A boolean value. - type: boolean - integerValue: - description: An integer value. + readTime: type: string - format: int64 - doubleValue: - description: A double value. - type: number - format: double - timestampValue: description: >- - A timestamp value. Precise only to microseconds. When stored, any - additional precision is rounded down. - type: string + Reads documents as they were at the given time. This must be a + microsecond precision timestamp within the past one hour, or if + Point-in-Time Recovery is enabled, can additionally be a whole + minute timestamp within the past 7 days. format: google-datetime - stringValue: + newTransaction: + $ref: '#/components/schemas/TransactionOptions' description: >- - A string value. The string, represented as UTF-8, must not exceed 1 - MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 - representation are considered by queries. - type: string - bytesValue: + Starts a new transaction and reads the documents. Defaults to a + read-only transaction. The new transaction ID will be returned as + the first response in the stream. + mask: description: >- - A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first - 1,500 bytes are considered by queries. - type: string - format: byte - referenceValue: + The fields to return. If not set, returns all fields. If a document + has a field that is not present in this mask, that field will not be + returned in the response. + $ref: '#/components/schemas/DocumentMask' + documents: + items: + type: string + type: array description: >- - A reference to a document. For example: + The names of the documents to retrieve. In the format: `projects/{project_id}/databases/{database_id}/documents/{document_path}`. + The request will fail if any of the document is not a child resource + of the given `database`. Duplicate names will be elided. + transaction: + format: byte + description: Reads documents in a transaction. type: string - geoPointValue: - description: A geo point value representing a point on the surface of Earth. - $ref: '#/components/schemas/LatLng' - arrayValue: - description: >- - An array value. Cannot directly contain another array value, though - can contain a map which contains another array. - $ref: '#/components/schemas/ArrayValue' - mapValue: - description: A map value. - $ref: '#/components/schemas/MapValue' - LatLng: - id: LatLng + description: The request for Firestore.BatchGetDocuments. + Count: + id: Count description: >- - An object that represents a latitude/longitude pair. This is expressed - as a pair of doubles to represent degrees latitude and degrees - longitude. Unless specified otherwise, this object must conform to the - WGS84 standard. Values must be within normalized ranges. - type: object + Count of documents that match the query. The `COUNT(*)` aggregation + function operates on the entire document so it does not require a field + reference. properties: - latitude: - description: The latitude in degrees. It must be in the range [-90.0, +90.0]. - type: number - format: double - longitude: - description: The longitude in degrees. It must be in the range [-180.0, +180.0]. - type: number - format: double - ArrayValue: - id: ArrayValue - description: An array value. + upTo: + type: string + description: >- + Optional. Optional constraint on the maximum number of documents to + count. This provides a way to set an upper bound on the number of + documents to scan, limiting latency, and cost. Unspecified is + interpreted as no bound. High-Level Example: ``` AGGREGATE + COUNT_UP_TO(1000) OVER ( SELECT * FROM k ); ``` Requires: * Must be + greater than zero when present. + format: int64 type: object + DocumentDelete: properties: - values: - description: Values in the array. + readTime: + description: >- + The read timestamp at which the delete was observed. Greater or + equal to the `commit_time` of the delete. + type: string + format: google-datetime + document: + description: The resource name of the Document that was deleted. + type: string + removedTargetIds: type: array + description: A set of target IDs for targets that previously matched this entity. items: - $ref: '#/components/schemas/Value' - MapValue: - id: MapValue - description: A map value. - type: object - properties: - fields: - description: >- - The map's fields. The map keys represent field names. Field names - matching the regular expression `__.*__` are reserved. Reserved - field names are forbidden except in certain documented contexts. The - map keys, represented as UTF-8, must not exceed 1,500 bytes and - cannot be empty. - type: object - additionalProperties: - $ref: '#/components/schemas/Value' - ListDocumentsResponse: - id: ListDocumentsResponse - description: The response for Firestore.ListDocuments. + format: int32 + type: integer + id: DocumentDelete + description: >- + A Document has been deleted. May be the result of multiple writes, + including updates, the last of which deleted the Document. Multiple + DocumentDelete messages may be returned for the same logical delete, if + multiple targets are affected. + type: object + Aggregation: + description: Defines an aggregation that produces a single result. type: object + id: Aggregation properties: - documents: - description: The Documents found. - type: array - items: - $ref: '#/components/schemas/Document' - nextPageToken: + alias: description: >- - A token to retrieve the next page of documents. If this field is - omitted, there are no subsequent pages. + Optional. Optional name of the field to store the result of the + aggregation into. If not provided, Firestore will pick a default + name following the format `field_`. For example: ``` AGGREGATE + COUNT_UP_TO(1) AS count_up_to_1, COUNT_UP_TO(2), COUNT_UP_TO(3) AS + count_up_to_3, COUNT(*) OVER ( ... ); ``` becomes: ``` AGGREGATE + COUNT_UP_TO(1) AS count_up_to_1, COUNT_UP_TO(2) AS field_1, + COUNT_UP_TO(3) AS count_up_to_3, COUNT(*) AS field_2 OVER ( ... ); + ``` Requires: * Must be unique across all aggregation aliases. * + Conform to document field name limitations. type: string - BatchGetDocumentsRequest: - id: BatchGetDocumentsRequest - description: The request for Firestore.BatchGetDocuments. + avg: + $ref: '#/components/schemas/Avg' + description: Average aggregator. + count: + description: Count aggregator. + $ref: '#/components/schemas/Count' + sum: + $ref: '#/components/schemas/Sum' + description: Sum aggregator. + GoogleFirestoreAdminV1CmekConfig: type: object + id: GoogleFirestoreAdminV1CmekConfig + description: >- + The CMEK (Customer Managed Encryption Key) configuration for a Firestore + database. If not present, the database is secured by the default Google + encryption key. properties: - documents: + kmsKeyName: description: >- - The names of the documents to retrieve. In the format: - `projects/{project_id}/databases/{database_id}/documents/{document_path}`. - The request will fail if any of the document is not a child resource - of the given `database`. Duplicate names will be elided. + Required. Only keys in the same location as this database are + allowed to be used for encryption. For Firestore's nam5 + multi-region, this corresponds to Cloud KMS multi-region us. For + Firestore's eur3 multi-region, this corresponds to Cloud KMS + multi-region europe. See + https://cloud.google.com/kms/docs/locations. The expected format is + `projects/{project_id}/locations/{kms_location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. + type: string + activeKeyVersion: + description: >- + Output only. Currently in-use [KMS key + versions](https://cloud.google.com/kms/docs/resource-hierarchy#key_versions). + During [key + rotation](https://cloud.google.com/kms/docs/key-rotation), there can + be multiple in-use key versions. The expected format is + `projects/{project_id}/locations/{kms_location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{key_version}`. + readOnly: true type: array items: type: string - mask: - description: >- - The fields to return. If not set, returns all fields. If a document - has a field that is not present in this mask, that field will not be - returned in the response. - $ref: '#/components/schemas/DocumentMask' - transaction: - description: Reads documents in a transaction. - type: string - format: byte - newTransaction: - description: >- - Starts a new transaction and reads the documents. Defaults to a - read-only transaction. The new transaction ID will be returned as - the first response in the stream. - $ref: '#/components/schemas/TransactionOptions' - readTime: - description: >- - Reads documents as they were at the given time. This must be a - microsecond precision timestamp within the past one hour, or if - Point-in-Time Recovery is enabled, can additionally be a whole - minute timestamp within the past 7 days. - type: string - format: google-datetime - DocumentMask: - id: DocumentMask - description: >- - A set of field paths on a document. Used to restrict a get or update - operation on a document to a subset of its fields. This is different - from standard field masks, as this is always scoped to a Document, and - takes in account the dynamic nature of Value. - type: object + ListCollectionIdsResponse: + id: ListCollectionIdsResponse properties: - fieldPaths: - description: >- - The list of field paths in the mask. See Document.fields for a field - path syntax reference. - type: array + collectionIds: items: type: string - TransactionOptions: - id: TransactionOptions - description: Options for creating a new transaction. + type: array + description: The collection ids. + nextPageToken: + type: string + description: A page token that may be used to continue the list. type: object + description: The response from Firestore.ListCollectionIds. + QueryTarget: + type: object + id: QueryTarget properties: - readOnly: - description: The transaction can only be used for read operations. - $ref: '#/components/schemas/ReadOnly' - readWrite: - description: The transaction can be used for both read and write operations. - $ref: '#/components/schemas/ReadWrite' - ReadOnly: - id: ReadOnly - description: Options for a transaction that can only be used to read documents. + parent: + type: string + description: >- + The parent resource name. In the format: + `projects/{project_id}/databases/{database_id}/documents` or + `projects/{project_id}/databases/{database_id}/documents/{document_path}`. + For example: `projects/my-project/databases/my-database/documents` + or + `projects/my-project/databases/my-database/documents/chatrooms/my-chatroom` + structuredQuery: + $ref: '#/components/schemas/StructuredQuery' + description: A structured query. + description: A target specified by a query. + GoogleFirestoreAdminV1UserCreds: type: object + description: A Cloud Firestore User Creds. properties: - readTime: + securePassword: description: >- - Reads documents at the given time. This must be a microsecond - precision timestamp within the past one hour, or if Point-in-Time - Recovery is enabled, can additionally be a whole minute timestamp - within the past 7 days. + Output only. The plaintext server-generated password for the user + creds. Only populated in responses for CreateUserCreds and + ResetUserPassword. type: string + readOnly: true + updateTime: + description: Output only. The time the user creds were last updated. format: google-datetime - ReadWrite: - id: ReadWrite - description: >- - Options for a transaction that can be used to read and write documents. - Firestore does not allow 3rd party auth requests to create read-write. - transactions. - type: object - properties: - retryTransaction: - description: An optional transaction to retry. + readOnly: true type: string - format: byte - BatchGetDocumentsResponse: - id: BatchGetDocumentsResponse - description: The streamed response for Firestore.BatchGetDocuments. - type: object - properties: - found: - description: A document that was requested. - $ref: '#/components/schemas/Document' - missing: + resourceIdentity: + $ref: '#/components/schemas/GoogleFirestoreAdminV1ResourceIdentity' + description: Resource Identity descriptor. + name: description: >- - A document name that was requested but does not exist. In the - format: - `projects/{project_id}/databases/{database_id}/documents/{document_path}`. + Identifier. The resource name of the UserCreds. Format: + `projects/{project}/databases/{database}/userCreds/{user_creds}` type: string - transaction: - description: >- - The transaction that was started as part of this request. Will only - be set in the first response, and only if - BatchGetDocumentsRequest.new_transaction was set in the request. + state: + enumDescriptions: + - The default value. Should not be used. + - The user creds are enabled. + - The user creds are disabled. + readOnly: true + enum: + - STATE_UNSPECIFIED + - ENABLED + - DISABLED type: string - format: byte - readTime: description: >- - The time at which the document was read. This may be monotically - increasing, in this case the previous documents in the result stream - are guaranteed not to have changed between their read_time and this - one. - type: string + Output only. Whether the user creds are enabled or disabled. + Defaults to ENABLED on creation. + createTime: + readOnly: true format: google-datetime - BeginTransactionRequest: - id: BeginTransactionRequest - description: The request for Firestore.BeginTransaction. - type: object - properties: - options: - description: >- - The options for the transaction. Defaults to a read-write - transaction. - $ref: '#/components/schemas/TransactionOptions' - BeginTransactionResponse: - id: BeginTransactionResponse - description: The response for Firestore.BeginTransaction. - type: object + description: Output only. The time the user creds were created. + type: string + id: GoogleFirestoreAdminV1UserCreds + RunAggregationQueryResponse: properties: transaction: - description: The transaction that was started. type: string format: byte - CommitRequest: - id: CommitRequest - description: The request for Firestore.Commit. - type: object - properties: - writes: - description: The writes to apply. Always executed atomically and in order. - type: array - items: - $ref: '#/components/schemas/Write' - transaction: - description: If set, applies all writes in this transaction, and commits it. - type: string - format: byte - Write: - id: Write - description: A write on a document. - type: object - properties: - update: - description: A document to write. - $ref: '#/components/schemas/Document' - delete: description: >- - A document name to delete. In the format: - `projects/{project_id}/databases/{database_id}/documents/{document_path}`. + The transaction that was started as part of this request. Only + present on the first response when the request requested to start a + new transaction. + readTime: + format: google-datetime type: string - transform: - description: Applies a transformation to a document. - $ref: '#/components/schemas/DocumentTransform' - updateMask: description: >- - The fields to update in this write. This field can be set only when - the operation is `update`. If the mask is not set for an `update` - and the document exists, any existing data will be overwritten. If - the mask is set and the document on the server has fields not - covered by the mask, they are left unchanged. Fields referenced in - the mask, but not present in the input document, are deleted from - the document on the server. The field paths in this mask must not - contain a reserved field name. - $ref: '#/components/schemas/DocumentMask' - updateTransforms: + The time at which the aggregate result was computed. This is always + monotonically increasing; in this case, the previous + AggregationResult in the result stream are guaranteed not to have + changed between their `read_time` and this one. If the query returns + no results, a response with `read_time` and no `result` will be + sent, and this represents the time at which the query was run. + result: description: >- - The transforms to perform after update. This field can be set only - when the operation is `update`. If present, this write is equivalent - to performing `update` and `transform` to the same document - atomically and in order. - type: array - items: - $ref: '#/components/schemas/FieldTransform' - currentDocument: + A single aggregation result. Not present when reporting partial + progress. + $ref: '#/components/schemas/AggregationResult' + explainMetrics: description: >- - An optional precondition on the document. The write will fail if - this is set and not met by the target document. - $ref: '#/components/schemas/Precondition' - DocumentTransform: - id: DocumentTransform - description: A transformation of a document. + Query explain metrics. This is only present when the + RunAggregationQueryRequest.explain_options is provided, and it is + sent only once with the last response in the stream. + $ref: '#/components/schemas/ExplainMetrics' type: object + description: The response for Firestore.RunAggregationQuery. + id: RunAggregationQueryResponse + GoogleFirestoreAdminV1IndexConfig: + type: object + id: GoogleFirestoreAdminV1IndexConfig + description: The index configuration for this field. properties: - document: - description: The name of the document to transform. - type: string - fieldTransforms: + reverting: description: >- - The list of transformations to apply to the fields of the document, - in order. This must not be empty. + Output only When true, the `Field`'s index configuration is in the + process of being reverted. Once complete, the index config will + transition to the same state as the field specified by + `ancestor_field`, at which point `uses_ancestor_config` will be + `true` and `reverting` will be `false`. + type: boolean + indexes: + description: The indexes supported for this field. type: array items: - $ref: '#/components/schemas/FieldTransform' - FieldTransform: - id: FieldTransform - description: A transformation of a field of the document. - type: object - properties: - fieldPath: + $ref: '#/components/schemas/GoogleFirestoreAdminV1Index' + ancestorField: description: >- - The path of the field. See Document.fields for the field path syntax - reference. - type: string - setToServerValue: - description: Sets the field to the given server value. + Output only. Specifies the resource name of the `Field` from which + this field's index configuration is set (when `uses_ancestor_config` + is true), or from which it *would* be set if this field had no index + configuration (when `uses_ancestor_config` is false). type: string - enumDescriptions: - - Unspecified. This value must not be used. - - >- - The time at which the server processed the request, with - millisecond precision. If used on multiple fields (same or - different documents) in a transaction, all the fields will get the - same server timestamp. - enum: - - SERVER_VALUE_UNSPECIFIED - - REQUEST_TIME - increment: - description: >- - Adds the given value to the field's current value. This must be an - integer or a double value. If the field is not an integer or double, - or if the field does not yet exist, the transformation will set the - field to the given value. If either of the given value or the - current field value are doubles, both values will be interpreted as - doubles. Double arithmetic and representation of double values - follow IEEE 754 semantics. If there is positive/negative integer - overflow, the field is resolved to the largest magnitude - positive/negative integer. - $ref: '#/components/schemas/Value' - maximum: - description: >- - Sets the field to the maximum of its current value and the given - value. This must be an integer or a double value. If the field is - not an integer or double, or if the field does not yet exist, the - transformation will set the field to the given value. If a maximum - operation is applied where the field and the input value are of - mixed types (that is - one is an integer and one is a double) the - field takes on the type of the larger operand. If the operands are - equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and - -0.0 are all zero. The maximum of a zero stored value and zero input - value is always the stored value. The maximum of any numeric value x - and NaN is NaN. - $ref: '#/components/schemas/Value' - minimum: - description: >- - Sets the field to the minimum of its current value and the given - value. This must be an integer or a double value. If the field is - not an integer or double, or if the field does not yet exist, the - transformation will set the field to the input value. If a minimum - operation is applied where the field and the input value are of - mixed types (that is - one is an integer and one is a double) the - field takes on the type of the smaller operand. If the operands are - equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and - -0.0 are all zero. The minimum of a zero stored value and zero input - value is always the stored value. The minimum of any numeric value x - and NaN is NaN. - $ref: '#/components/schemas/Value' - appendMissingElements: - description: >- - Append the given elements in order if they are not already present - in the current field value. If the field is not an array, or if the - field does not yet exist, it is first set to the empty array. - Equivalent numbers of different types (e.g. 3L and 3.0) are - considered equal when checking if a value is missing. NaN is equal - to NaN, and Null is equal to Null. If the input contains multiple - equivalent values, only the first will be considered. The - corresponding transform_result will be the null value. - $ref: '#/components/schemas/ArrayValue' - removeAllFromArray: - description: >- - Remove all of the given elements from the array in the field. If the - field is not an array, or if the field does not yet exist, it is set - to the empty array. Equivalent numbers of the different types (e.g. - 3L and 3.0) are considered equal when deciding whether an element - should be removed. NaN is equal to NaN, and Null is equal to Null. - This will remove all equivalent values if there are duplicates. The - corresponding transform_result will be the null value. - $ref: '#/components/schemas/ArrayValue' - Precondition: - id: Precondition - description: A precondition on a document, used for conditional operations. - type: object - properties: - exists: - description: >- - When set to `true`, the target document must exist. When set to - `false`, the target document must not exist. + usesAncestorConfig: type: boolean - updateTime: description: >- - When set, the target document must exist and have been last updated - at that time. Timestamp must be microsecond aligned. - type: string - format: google-datetime - CommitResponse: - id: CommitResponse - description: The response for Firestore.Commit. + Output only. When true, the `Field`'s index configuration is set + from the configuration specified by the `ancestor_field`. When + false, the `Field`'s index configuration is defined explicitly. + Filter: + description: A filter. + properties: + compositeFilter: + $ref: '#/components/schemas/CompositeFilter' + description: A composite filter. + unaryFilter: + description: A filter that takes exactly one argument. + $ref: '#/components/schemas/UnaryFilter' + fieldFilter: + description: A filter on a document field. + $ref: '#/components/schemas/FieldFilter' + id: Filter + type: object + GoogleLongrunningCancelOperationRequest: + id: GoogleLongrunningCancelOperationRequest + properties: {} + type: object + description: The request message for Operations.CancelOperation. + GoogleFirestoreAdminV1DisableUserCredsRequest: + id: GoogleFirestoreAdminV1DisableUserCredsRequest + properties: {} + description: The request for FirestoreAdmin.DisableUserCreds. + type: object + GoogleFirestoreAdminV1ListBackupSchedulesResponse: type: object properties: - writeResults: - description: >- - The result of applying the writes. This i-th write result - corresponds to the i-th write in the request. + backupSchedules: type: array + description: List of all backup schedules. items: - $ref: '#/components/schemas/WriteResult' - commitTime: - description: >- - The time at which the commit occurred. Any read with an equal or - greater `read_time` is guaranteed to see the effects of the commit. + $ref: '#/components/schemas/GoogleFirestoreAdminV1BackupSchedule' + description: The response for FirestoreAdmin.ListBackupSchedules. + id: GoogleFirestoreAdminV1ListBackupSchedulesResponse + ListCollectionIdsRequest: + id: ListCollectionIdsRequest + properties: + pageToken: + description: A page token. Must be a value from ListCollectionIdsResponse. + type: string + pageSize: + type: integer + description: The maximum number of results to return. + format: int32 + readTime: type: string + description: >- + Reads documents as they were at the given time. This must be a + microsecond precision timestamp within the past one hour, or if + Point-in-Time Recovery is enabled, can additionally be a whole + minute timestamp within the past 7 days. format: google-datetime - WriteResult: - id: WriteResult - description: The result of applying a write. + description: The request for Firestore.ListCollectionIds. type: object - properties: - updateTime: + TransactionOptions: + id: TransactionOptions + type: object + description: Options for creating a new transaction. + properties: + readOnly: + description: The transaction can only be used for read operations. + $ref: '#/components/schemas/ReadOnly' + readWrite: + description: The transaction can be used for both read and write operations. + $ref: '#/components/schemas/ReadWrite' + BitSequence: + description: >- + A sequence of bits, encoded in a byte array. Each byte in the `bitmap` + byte array stores 8 bits of the sequence. The only exception is the last + byte, which may store 8 _or fewer_ bits. The `padding` defines the + number of bits of the last byte to be ignored as "padding". The values + of these "padding" bits are unspecified and must be ignored. To retrieve + the first bit, bit 0, calculate: `(bitmap[0] & 0x01) != 0`. To retrieve + the second bit, bit 1, calculate: `(bitmap[0] & 0x02) != 0`. To retrieve + the third bit, bit 2, calculate: `(bitmap[0] & 0x04) != 0`. To retrieve + the fourth bit, bit 3, calculate: `(bitmap[0] & 0x08) != 0`. To retrieve + bit n, calculate: `(bitmap[n / 8] & (0x01 << (n % 8))) != 0`. The "size" + of a `BitSequence` (the number of bits it contains) is calculated by + this formula: `(bitmap.length * 8) - padding`. + type: object + properties: + padding: description: >- - The last update time of the document after applying the write. Not - set after a `delete`. If the write did not actually change the - document, this will be the previous update_time. + The number of bits of the last byte in `bitmap` to ignore as + "padding". If the length of `bitmap` is zero, then this value must + be `0`. Otherwise, this value must be between 0 and 7, inclusive. + type: integer + format: int32 + bitmap: + description: The bytes that encode the bit sequence. May have a length of zero. + format: byte + type: string + id: BitSequence + GoogleFirestoreAdminV1BackupSource: + description: Information about a backup that was used to restore a database. + properties: + backup: type: string - format: google-datetime - transformResults: description: >- - The results of applying each DocumentTransform.FieldTransform, in - the same order. + The resource name of the backup that was used to restore this + database. Format: + `projects/{project}/locations/{location}/backups/{backup}`. + id: GoogleFirestoreAdminV1BackupSource + type: object + ListLocationsResponse: + type: object + properties: + locations: + description: >- + A list of locations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Location' + type: array + nextPageToken: + description: The standard List next-page token. + type: string + id: ListLocationsResponse + description: The response message for Locations.ListLocations. + ArrayValue: + id: ArrayValue + type: object + description: An array value. + properties: + values: + items: + $ref: '#/components/schemas/Value' + description: Values in the array. + type: array + GoogleFirestoreAdminV1ListBackupsResponse: + description: The response for FirestoreAdmin.ListBackups. + properties: + backups: type: array items: + $ref: '#/components/schemas/GoogleFirestoreAdminV1Backup' + description: List of all backups for the project. + unreachable: + items: + type: string + type: array + description: >- + List of locations that existing backups were not able to be fetched + from. Instead of failing the entire requests when a single location + is unreachable, this response returns a partial result set and list + of locations unable to be reached here. The request can be retried + against a single location to get a concrete error. + id: GoogleFirestoreAdminV1ListBackupsResponse + type: object + MapValue: + properties: + fields: + description: >- + The map's fields. The map keys represent field names. Field names + matching the regular expression `__.*__` are reserved. Reserved + field names are forbidden except in certain documented contexts. The + map keys, represented as UTF-8, must not exceed 1,500 bytes and + cannot be empty. + type: object + additionalProperties: $ref: '#/components/schemas/Value' - RollbackRequest: - id: RollbackRequest - description: The request for Firestore.Rollback. + description: A map value. type: object + id: MapValue + Order: + type: object + description: An order on a field. properties: - transaction: - description: Required. The transaction to roll back. + direction: + enumDescriptions: + - Unspecified. + - Ascending. + - Descending. type: string - format: byte + enum: + - DIRECTION_UNSPECIFIED + - ASCENDING + - DESCENDING + description: The direction to order by. Defaults to `ASCENDING`. + field: + description: The field to order by. + $ref: '#/components/schemas/FieldReference' + id: Order + Cursor: + properties: + values: + description: >- + The values that represent a position, in the order they appear in + the order by clause of a query. Can contain fewer values than + specified in the order by clause. + type: array + items: + $ref: '#/components/schemas/Value' + before: + type: boolean + description: >- + If the position is just before or just after the given values, + relative to the sort order defined by the query. + description: A position in a query result set. + id: Cursor + type: object RunQueryRequest: - id: RunQueryRequest description: The request for Firestore.RunQuery. type: object + id: RunQueryRequest properties: + explainOptions: + description: >- + Optional. Explain options for the query. If set, additional query + statistics will be returned. If not, only query results will be + returned. + $ref: '#/components/schemas/ExplainOptions' structuredQuery: description: A structured query. $ref: '#/components/schemas/StructuredQuery' + readTime: + type: string + description: >- + Reads documents as they were at the given time. This must be a + microsecond precision timestamp within the past one hour, or if + Point-in-Time Recovery is enabled, can additionally be a whole + minute timestamp within the past 7 days. + format: google-datetime transaction: + type: string + format: byte description: >- Run the query within an already active transaction. The value here is the opaque transaction ID to execute the query in. - type: string - format: byte newTransaction: + $ref: '#/components/schemas/TransactionOptions' description: >- Starts a new transaction and reads the documents. Defaults to a read-only transaction. The new transaction ID will be returned as the first response in the stream. - $ref: '#/components/schemas/TransactionOptions' + GoogleFirestoreAdminV1Stats: + id: GoogleFirestoreAdminV1Stats + description: Backup specific statistics. + type: object + properties: + documentCount: + format: int64 + type: string + description: Output only. The total number of documents contained in the backup. + readOnly: true + indexCount: + type: string + description: >- + Output only. The total number of index entries contained in the + backup. + readOnly: true + format: int64 + sizeBytes: + description: >- + Output only. Summation of the size of all documents and index + entries in the backup, measured in bytes. + type: string + readOnly: true + format: int64 + ExplainMetrics: + description: Explain metrics for the query. + type: object + properties: + executionStats: + $ref: '#/components/schemas/ExecutionStats' + description: >- + Aggregated stats from the execution of the query. Only present when + ExplainOptions.analyze is set to true. + planSummary: + description: Planning phase information for the query. + $ref: '#/components/schemas/PlanSummary' + id: ExplainMetrics + GoogleFirestoreAdminV1DailyRecurrence: + id: GoogleFirestoreAdminV1DailyRecurrence + description: >- + Represents a recurring schedule that runs every day. The time zone is + UTC. + type: object + properties: {} + UnaryFilter: + properties: + op: + description: The unary operator to apply. + type: string + enum: + - OPERATOR_UNSPECIFIED + - IS_NAN + - IS_NULL + - IS_NOT_NAN + - IS_NOT_NULL + enumDescriptions: + - Unspecified. This value must not be used. + - The given `field` is equal to `NaN`. + - The given `field` is equal to `NULL`. + - >- + The given `field` is not equal to `NaN`. Requires: * No other + `NOT_EQUAL`, `NOT_IN`, `IS_NOT_NULL`, or `IS_NOT_NAN`. * That + `field` comes first in the `order_by`. + - >- + The given `field` is not equal to `NULL`. Requires: * A single + `NOT_EQUAL`, `NOT_IN`, `IS_NOT_NULL`, or `IS_NOT_NAN`. * That + `field` comes first in the `order_by`. + field: + description: The field to which to apply the operator. + $ref: '#/components/schemas/FieldReference' + type: object + id: UnaryFilter + description: A filter with a single operand. + PartitionQueryRequest: + id: PartitionQueryRequest + description: The request for Firestore.PartitionQuery. + properties: readTime: + format: google-datetime description: >- Reads documents as they were at the given time. This must be a microsecond precision timestamp within the past one hour, or if Point-in-Time Recovery is enabled, can additionally be a whole minute timestamp within the past 7 days. type: string - format: google-datetime - explainOptions: + pageSize: + type: integer + format: int32 description: >- - Optional. Explain options for the query. If set, additional query - statistics will be returned. If not, only query results will be - returned. - $ref: '#/components/schemas/ExplainOptions' - StructuredQuery: - id: StructuredQuery - description: >- - A Firestore query. The query stages are executed in the following order: - 1. from 2. where 3. select 4. order_by + start_at + end_at 5. offset 6. - limit 7. find_nearest - type: object - properties: - select: + The maximum number of partitions to return in this call, subject to + `partition_count`. For example, if `partition_count` = 10 and + `page_size` = 8, the first call to PartitionQuery will return up to + 8 partitions and a `next_page_token` if more results exist. A second + call to PartitionQuery will return up to 2 partitions, to complete + the total of 10 specified in `partition_count`. + pageToken: description: >- - Optional sub-set of the fields to return. This acts as a - DocumentMask over the documents returned from a query. When not set, - assumes that the caller wants all fields returned. - $ref: '#/components/schemas/Projection' - from: - description: The collections to query. - type: array - items: - $ref: '#/components/schemas/CollectionSelector' - where: - description: The filter to apply. - $ref: '#/components/schemas/Filter' - orderBy: + The `next_page_token` value returned from a previous call to + PartitionQuery that may be used to get an additional set of results. + There are no ordering guarantees between sets of results. Thus, + using multiple sets of results will require merging the different + result sets. For example, two subsequent calls using a page_token + may return: * cursor B, cursor M, cursor Q * cursor A, cursor U, + cursor W To obtain a complete result set ordered with respect to the + results of the query supplied to PartitionQuery, the results sets + should be merged: cursor A, cursor B, cursor M, cursor Q, cursor U, + cursor W + type: string + structuredQuery: description: >- - The order to apply to the query results. Firestore allows callers to - provide a full ordering, a partial ordering, or no ordering at all. - In all cases, Firestore guarantees a stable ordering through the - following rules: * The `order_by` is required to reference all - fields used with an inequality filter. * All fields that are - required to be in the `order_by` but are not already present are - appended in lexicographical ordering of the field name. * If an - order on `__name__` is not specified, it is appended by default. - Fields are appended with the same sort direction as the last order - specified, or 'ASCENDING' if no order was specified. For example: * - `ORDER BY a` becomes `ORDER BY a ASC, __name__ ASC` * `ORDER BY a - DESC` becomes `ORDER BY a DESC, __name__ DESC` * `WHERE a > 1` - becomes `WHERE a > 1 ORDER BY a ASC, __name__ ASC` * `WHERE __name__ - > ... AND a > 1` becomes `WHERE __name__ > ... AND a > 1 ORDER BY a - ASC, __name__ ASC` + A structured query. Query must specify collection with all + descendants and be ordered by name ascending. Other filters, order + bys, limits, offsets, and start/end cursors are not supported. + $ref: '#/components/schemas/StructuredQuery' + partitionCount: + type: string + format: int64 + description: >- + The desired maximum number of partition points. The partitions may + be returned across multiple pages of results. The number must be + positive. The actual number of partitions returned may be fewer. For + example, this may be set to one fewer than the number of parallel + queries to be run, or in running a data pipeline job, one fewer than + the number of workers or compute instances available. + type: object + GoogleLongrunningListOperationsResponse: + id: GoogleLongrunningListOperationsResponse + description: The response message for Operations.ListOperations. + type: object + properties: + operations: type: array items: - $ref: '#/components/schemas/Order' - startAt: - description: >- - A potential prefix of a position in the result set to start the - query at. The ordering of the result set is based on the `ORDER BY` - clause of the original query. ``` SELECT * FROM k WHERE a = 1 AND b - > 2 ORDER BY b ASC, __name__ ASC; ``` This query's results are - ordered by `(b ASC, __name__ ASC)`. Cursors can reference either the - full ordering or a prefix of the location, though it cannot - reference more fields than what are in the provided `ORDER BY`. - Continuing off the example above, attaching the following start - cursors will have varying impact: - `START BEFORE (2, /k/123)`: - start the query right before `a = 1 AND b > 2 AND __name__ > - /k/123`. - `START AFTER (10)`: start the query right after `a = 1 - AND b > 10`. Unlike `OFFSET` which requires scanning over the first - N results to skip, a start cursor allows the query to begin at a - logical position. This position is not required to match an actual - result, it will scan forward from this position to find the next - document. Requires: * The number of values cannot be greater than - the number of fields specified in the `ORDER BY` clause. - $ref: '#/components/schemas/Cursor' - endAt: - description: >- - A potential prefix of a position in the result set to end the query - at. This is similar to `START_AT` but with it controlling the end - position rather than the start position. Requires: * The number of - values cannot be greater than the number of fields specified in the - `ORDER BY` clause. - $ref: '#/components/schemas/Cursor' - offset: - description: >- - The number of documents to skip before returning the first result. - This applies after the constraints specified by the `WHERE`, `START - AT`, & `END AT` but before the `LIMIT` clause. Requires: * The value - must be greater than or equal to zero if specified. - type: integer - format: int32 - limit: + $ref: '#/components/schemas/GoogleLongrunningOperation' description: >- - The maximum number of results to return. Applies after all other - constraints. Requires: * The value must be greater than or equal to - zero if specified. - type: integer - format: int32 - findNearest: + A list of operations that matches the specified filter in the + request. + unreachable: description: >- - Optional. A potential nearest neighbors search. Applies after all - other filters and ordering. Finds the closest vector embeddings to - the given query vector. - $ref: '#/components/schemas/FindNearest' - Projection: - id: Projection - description: The projection of document's fields to return. + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + items: + type: string + type: array + nextPageToken: + type: string + description: The standard List next-page token. + GoogleFirestoreAdminV1EnableUserCredsRequest: + id: GoogleFirestoreAdminV1EnableUserCredsRequest + description: The request for FirestoreAdmin.EnableUserCreds. + properties: {} + type: object + GoogleFirestoreAdminV1ResetUserPasswordRequest: + id: GoogleFirestoreAdminV1ResetUserPasswordRequest + properties: {} type: object + description: The request for FirestoreAdmin.ResetUserPassword. + Precondition: + id: Precondition properties: - fields: + exists: description: >- - The fields to return. If empty, all fields are returned. To only - return the name of the document, use `['__name__']`. - type: array - items: - $ref: '#/components/schemas/FieldReference' - FieldReference: - id: FieldReference - description: 'A reference to a field in a document, ex: `stats.operations`.' + When set to `true`, the target document must exist. When set to + `false`, the target document must not exist. + type: boolean + updateTime: + type: string + description: >- + When set, the target document must exist and have been last updated + at that time. Timestamp must be microsecond aligned. + format: google-datetime + description: A precondition on a document, used for conditional operations. + type: object + GoogleFirestoreAdminV1TtlConfig: type: object + description: >- + The TTL (time-to-live) configuration for documents that have this + `Field` set. Storing a timestamp value into a TTL-enabled field will be + treated as the document's absolute expiration time. Timestamp values in + the past indicate that the document is eligible for immediate + expiration. Using any other data type or leaving the field absent will + disable expiration for the individual document. + id: GoogleFirestoreAdminV1TtlConfig properties: - fieldPath: - description: >- - A reference to a field in a document. Requires: * MUST be a - dot-delimited (`.`) string of segments, where each segment conforms - to document field name limitations. + state: + readOnly: true type: string + description: Output only. The state of the TTL configuration. + enumDescriptions: + - The state is unspecified or unknown. + - >- + The TTL is being applied. There is an active long-running + operation to track the change. Newly written documents will have + TTLs applied as requested. Requested TTLs on existing documents + are still being processed. When TTLs on all existing documents + have been processed, the state will move to 'ACTIVE'. + - The TTL is active for all documents. + - >- + The TTL configuration could not be enabled for all existing + documents. Newly written documents will continue to have their TTL + applied. The LRO returned when last attempting to enable TTL for + this `Field` has failed, and may have more details. + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - NEEDS_REPAIR CollectionSelector: id: CollectionSelector - description: A selection of a collection, such as `messages as m1`. - type: object properties: collectionId: description: The collection ID. When set, selects only collections with this ID. type: string allDescendants: + type: boolean description: >- When false, selects only collections that are immediate children of the `parent` specified in the containing `RunQueryRequest`. When true, selects all descendant collections. - type: boolean - Filter: - id: Filter - description: A filter. type: object - properties: - compositeFilter: - description: A composite filter. - $ref: '#/components/schemas/CompositeFilter' - fieldFilter: - description: A filter on a document field. - $ref: '#/components/schemas/FieldFilter' - unaryFilter: - description: A filter that takes exactly one argument. - $ref: '#/components/schemas/UnaryFilter' - CompositeFilter: - id: CompositeFilter - description: A filter that merges multiple other filters using the given operator. + description: A selection of a collection, such as `messages as m1`. + RollbackRequest: type: object properties: - op: - description: The operator for combining multiple filters. + transaction: + description: Required. The transaction to roll back. type: string - enumDescriptions: - - Unspecified. This value must not be used. - - Documents are required to satisfy all of the combined filters. - - >- - Documents are required to satisfy at least one of the combined - filters. - enum: - - OPERATOR_UNSPECIFIED - - AND - - OR - filters: + format: byte + description: The request for Firestore.Rollback. + id: RollbackRequest + FieldReference: + id: FieldReference + properties: + fieldPath: description: >- - The list of filters to combine. Requires: * At least one filter is - present. - type: array - items: - $ref: '#/components/schemas/Filter' - FieldFilter: - id: FieldFilter - description: A filter on a specific field. - type: object - properties: - field: - description: The field to filter by. - $ref: '#/components/schemas/FieldReference' - op: - description: The operator to filter by. + A reference to a field in a document. Requires: * MUST be a + dot-delimited (`.`) string of segments, where each segment conforms + to document field name limitations. type: string - enumDescriptions: - - Unspecified. This value must not be used. - - >- - The given `field` is less than the given `value`. Requires: * That - `field` come first in `order_by`. - - >- - The given `field` is less than or equal to the given `value`. - Requires: * That `field` come first in `order_by`. - - >- - The given `field` is greater than the given `value`. Requires: * - That `field` come first in `order_by`. - - >- - The given `field` is greater than or equal to the given `value`. - Requires: * That `field` come first in `order_by`. - - The given `field` is equal to the given `value`. - - >- - The given `field` is not equal to the given `value`. Requires: * - No other `NOT_EQUAL`, `NOT_IN`, `IS_NOT_NULL`, or `IS_NOT_NAN`. * - That `field` comes first in the `order_by`. - - The given `field` is an array that contains the given `value`. - - >- - The given `field` is equal to at least one value in the given - array. Requires: * That `value` is a non-empty `ArrayValue`, - subject to disjunction limits. * No `NOT_IN` filters in the same - query. - - >- - The given `field` is an array that contains any of the values in - the given array. Requires: * That `value` is a non-empty - `ArrayValue`, subject to disjunction limits. * No other - `ARRAY_CONTAINS_ANY` filters within the same disjunction. * No - `NOT_IN` filters in the same query. - - >- - The value of the `field` is not in the given array. Requires: * - That `value` is a non-empty `ArrayValue` with at most 10 values. * - No other `OR`, `IN`, `ARRAY_CONTAINS_ANY`, `NOT_IN`, `NOT_EQUAL`, - `IS_NOT_NULL`, or `IS_NOT_NAN`. * That `field` comes first in the - `order_by`. - enum: - - OPERATOR_UNSPECIFIED - - LESS_THAN - - LESS_THAN_OR_EQUAL - - GREATER_THAN - - GREATER_THAN_OR_EQUAL - - EQUAL - - NOT_EQUAL - - ARRAY_CONTAINS - - IN - - ARRAY_CONTAINS_ANY - - NOT_IN - value: - description: The value to compare to. - $ref: '#/components/schemas/Value' - UnaryFilter: - id: UnaryFilter - description: A filter with a single operand. type: object + description: 'A reference to a field in a document, ex: `stats.operations`.' + GoogleFirestoreAdminV1CloneDatabaseMetadata: + description: Metadata for the long-running operation from the CloneDatabase request. properties: - op: - description: The unary operator to apply. + pitrSnapshot: + description: The snapshot from which this database was cloned. + $ref: '#/components/schemas/GoogleFirestoreAdminV1PitrSnapshot' + operationState: + description: The operation state of the clone. type: string + enum: + - OPERATION_STATE_UNSPECIFIED + - INITIALIZING + - PROCESSING + - CANCELLING + - FINALIZING + - SUCCESSFUL + - FAILED + - CANCELLED enumDescriptions: - - Unspecified. This value must not be used. - - The given `field` is equal to `NaN`. - - The given `field` is equal to `NULL`. + - Unspecified. + - Request is being prepared for processing. + - Request is actively being processed. - >- - The given `field` is not equal to `NaN`. Requires: * No other - `NOT_EQUAL`, `NOT_IN`, `IS_NOT_NULL`, or `IS_NOT_NAN`. * That - `field` comes first in the `order_by`. + Request is in the process of being cancelled after user called + google.longrunning.Operations.CancelOperation on the operation. + - Request has been processed and is in its finalization stage. + - Request has completed successfully. + - Request has finished being processed, but encountered an error. - >- - The given `field` is not equal to `NULL`. Requires: * A single - `NOT_EQUAL`, `NOT_IN`, `IS_NOT_NULL`, or `IS_NOT_NAN`. * That - `field` comes first in the `order_by`. - enum: - - OPERATOR_UNSPECIFIED - - IS_NAN - - IS_NULL - - IS_NOT_NAN - - IS_NOT_NULL - field: - description: The field to which to apply the operator. - $ref: '#/components/schemas/FieldReference' - Order: - id: Order - description: An order on a field. + Request has finished being cancelled after user called + google.longrunning.Operations.CancelOperation. + endTime: + type: string + description: The time the clone finished, unset for ongoing clones. + format: google-datetime + database: + type: string + description: The name of the database being cloned to. + progressPercentage: + $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' + description: >- + How far along the clone is as an estimated percentage of remaining + time. + startTime: + description: The time the clone was started. + format: google-datetime + type: string + type: object + id: GoogleFirestoreAdminV1CloneDatabaseMetadata + BeginTransactionRequest: + description: The request for Firestore.BeginTransaction. type: object + id: BeginTransactionRequest properties: - field: - description: The field to order by. - $ref: '#/components/schemas/FieldReference' - direction: - description: The direction to order by. Defaults to `ASCENDING`. - type: string - enumDescriptions: - - Unspecified. - - Ascending. - - Descending. - enum: - - DIRECTION_UNSPECIFIED - - ASCENDING - - DESCENDING - Cursor: - id: Cursor - description: A position in a query result set. + options: + $ref: '#/components/schemas/TransactionOptions' + description: >- + The options for the transaction. Defaults to a read-write + transaction. + Target: type: object + id: Target properties: - values: + readTime: + type: string description: >- - The values that represent a position, in the order they appear in - the order by clause of a query. Can contain fewer values than - specified in the order by clause. - type: array - items: - $ref: '#/components/schemas/Value' - before: + Start listening after a specific `read_time`. The client must know + the state of matching documents at this time. + format: google-datetime + targetId: + format: int32 + type: integer description: >- - If the position is just before or just after the given values, - relative to the sort order defined by the query. + The target ID that identifies the target on the stream. Must be a + positive number and non-zero. If `target_id` is 0 (or unspecified), + the server will assign an ID for this target and return that in a + `TargetChange::ADD` event. Once a target with `target_id=0` is + added, all subsequent targets must also have `target_id=0`. If an + `AddTarget` request with `target_id != 0` is sent to the server + after a target with `target_id=0` is added, the server will + immediately send a response with a `TargetChange::Remove` event. + Note that if the client sends multiple `AddTarget` requests without + an ID, the order of IDs returned in `TargetChange.target_ids` are + undefined. Therefore, clients should provide a target ID instead of + relying on the server to assign one. If `target_id` is non-zero, + there must not be an existing active target on this stream with the + same ID. + resumeToken: + type: string + format: byte + description: >- + A resume token from a prior TargetChange for an identical target. + Using a resume token with a different target is unsupported and may + fail. + query: + $ref: '#/components/schemas/QueryTarget' + description: A target specified by a query. + expectedCount: + description: >- + The number of documents that last matched the query at the resume + token or read time. This value is only relevant when a `resume_type` + is provided. This value being present and greater than zero signals + that the client wants `ExistenceFilter.unchanged_names` to be + included in the response. + type: integer + format: int32 + once: + description: If the target should be removed once it is current and consistent. type: boolean + documents: + description: A target specified by a set of document names. + $ref: '#/components/schemas/DocumentsTarget' + description: A specification of a set of documents to listen to. FindNearest: id: FindNearest description: >- @@ -2204,22 +2195,21 @@ components: supersedes the order_by stage. If multiple documents have the same vector distance, the returned document order is not guaranteed to be stable between queries. - type: object properties: - vectorField: - description: >- - Required. An indexed vector field to search upon. Only documents - which contain vectors whose dimensionality match the query_vector - can be returned. - $ref: '#/components/schemas/FieldReference' - queryVector: + limit: description: >- - Required. The query vector that we are searching on. Must be a - vector of no more than 2048 dimensions. - $ref: '#/components/schemas/Value' + Required. The number of nearest neighbors to return. Must be a + positive integer of no more than 1000. + format: int32 + type: integer distanceMeasure: - description: Required. The distance measure to use, required. type: string + description: Required. The distance measure to use, required. + enum: + - DISTANCE_MEASURE_UNSPECIFIED + - EUCLIDEAN + - COSINE + - DOT_PRODUCT enumDescriptions: - Should not be set. - >- @@ -2242,24 +2232,25 @@ components: See [Dot Product](https://en.wikipedia.org/wiki/Dot_product) to learn more. The resulting distance increases the more similar two vectors are. - enum: - - DISTANCE_MEASURE_UNSPECIFIED - - EUCLIDEAN - - COSINE - - DOT_PRODUCT - limit: - description: >- - Required. The number of nearest neighbors to return. Must be a - positive integer of no more than 1000. - type: integer - format: int32 - distanceResultField: + distanceResultField: + type: string description: >- Optional. Optional name of the field to output the result of the vector distance calculation. Must conform to document field name limitations. - type: string + vectorField: + description: >- + Required. An indexed vector field to search upon. Only documents + which contain vectors whose dimensionality match the query_vector + can be returned. + $ref: '#/components/schemas/FieldReference' + queryVector: + description: >- + Required. The query vector that we are searching on. Must be a + vector of no more than 2048 dimensions. + $ref: '#/components/schemas/Value' distanceThreshold: + format: double description: >- Optional. Option to specify a threshold for which no less similar documents will be returned. The behavior of the specified @@ -2269,1401 +2260,1470 @@ components: `WHERE distance <= distance_threshold` * For DOT_PRODUCT: `WHERE distance >= distance_threshold` type: number - format: double - ExplainOptions: - id: ExplainOptions - description: Explain options for the query. - type: object - properties: - analyze: - description: >- - Optional. Whether to execute this query. When false (the default), - the query will be planned, returning only metrics from the planning - stages. When true, the query will be planned and executed, returning - the full query results along with both planning and execution stage - metrics. - type: boolean - RunQueryResponse: - id: RunQueryResponse - description: The response for Firestore.RunQuery. type: object + BeginTransactionResponse: properties: transaction: - description: >- - The transaction that was started as part of this request. Can only - be set in the first response, and only if - RunQueryRequest.new_transaction was set in the request. If set, no - other fields will be set in this response. type: string + description: The transaction that was started. format: byte - document: - description: A query result, not set when reporting partial progress. - $ref: '#/components/schemas/Document' - readTime: - description: >- - The time at which the document was read. This may be monotonically - increasing; in this case, the previous documents in the result - stream are guaranteed not to have changed between their `read_time` - and this one. If the query returns no results, a response with - `read_time` and no `document` will be sent, and this represents the - time at which the query was run. - type: string - format: google-datetime - skippedResults: - description: >- - The number of results that have been skipped due to an offset - between the last response and the current response. - type: integer - format: int32 - done: - description: >- - If present, Firestore has completely finished the request and no - more documents will be returned. - type: boolean - explainMetrics: - description: >- - Query explain metrics. This is only present when the - RunQueryRequest.explain_options is provided, and it is sent only - once with the last response in the stream. - $ref: '#/components/schemas/ExplainMetrics' - ExplainMetrics: - id: ExplainMetrics - description: Explain metrics for the query. + description: The response for Firestore.BeginTransaction. type: object - properties: - planSummary: - description: Planning phase information for the query. - $ref: '#/components/schemas/PlanSummary' - executionStats: - description: >- - Aggregated stats from the execution of the query. Only present when - ExplainOptions.analyze is set to true. - $ref: '#/components/schemas/ExecutionStats' - PlanSummary: - id: PlanSummary - description: Planning phase information for the query. + id: BeginTransactionResponse + DocumentMask: type: object + id: DocumentMask properties: - indexesUsed: + fieldPaths: description: >- - The indexes selected for the query. For example: [ {"query_scope": - "Collection", "properties": "(foo ASC, __name__ ASC)"}, - {"query_scope": "Collection", "properties": "(bar ASC, __name__ - ASC)"} ] - type: array + The list of field paths in the mask. See Document.fields for a field + path syntax reference. items: - type: object - additionalProperties: - type: any - description: Properties of the object. - ExecutionStats: - id: ExecutionStats - description: Execution statistics for the query. - type: object + type: string + type: array + description: >- + A set of field paths on a document. Used to restrict a get or update + operation on a document to a subset of its fields. This is different + from standard field masks, as this is always scoped to a Document, and + takes in account the dynamic nature of Value. + DocumentRemove: properties: - resultsReturned: + removedTargetIds: + type: array + items: + format: int32 + type: integer description: >- - Total number of results returned, including documents, projections, - aggregation results, keys. - type: string - format: int64 - executionDuration: - description: Total time to execute the query in the backend. - type: string - format: google-duration - readOperations: - description: Total billable read operations. + A set of target IDs for targets that previously matched this + document. + document: + description: The resource name of the Document that has gone out of view. type: string - format: int64 - debugStats: + readTime: description: >- - Debugging statistics from the execution of the query. Note that the - debugging stats are subject to change as Firestore evolves. It could - include: { "indexes_entries_scanned": "1000", "documents_scanned": - "20", "billing_details" : { "documents_billable": "20", - "index_entries_billable": "1000", "min_query_cost": "0" } } - type: object - additionalProperties: - type: any - description: Properties of the object. - RunAggregationQueryRequest: - id: RunAggregationQueryRequest - description: The request for Firestore.RunAggregationQuery. + The read timestamp at which the remove was observed. Greater or + equal to the `commit_time` of the change/delete/remove. + format: google-datetime + type: string + description: >- + A Document has been removed from the view of the targets. Sent if the + document is no longer relevant to a target and is out of view. Can be + sent instead of a DocumentDelete or a DocumentChange if the server can + not send the new value of the document. Multiple DocumentRemove messages + may be returned for the same logical write or delete, if multiple + targets are affected. + id: DocumentRemove + type: object + Document: + description: A Firestore document. Must not exceed 1 MiB - 4 bytes. type: object properties: - structuredAggregationQuery: - description: An aggregation query. - $ref: '#/components/schemas/StructuredAggregationQuery' - transaction: + updateTime: + format: google-datetime description: >- - Run the aggregation within an already active transaction. The value - here is the opaque transaction ID to execute the query in. + Output only. The time at which the document was last changed. This + value is initially set to the `create_time` then increases + monotonically with each change to the document. It can also be + compared to values from other documents and the `read_time` of a + query. type: string - format: byte - newTransaction: + name: description: >- - Starts a new transaction as part of the query, defaulting to - read-only. The new transaction ID will be returned as the first - response in the stream. - $ref: '#/components/schemas/TransactionOptions' - readTime: + The resource name of the document, for example + `projects/{project_id}/databases/{database_id}/documents/{document_path}`. + type: string + createTime: description: >- - Executes the query at the given timestamp. This must be a - microsecond precision timestamp within the past one hour, or if - Point-in-Time Recovery is enabled, can additionally be a whole - minute timestamp within the past 7 days. + Output only. The time at which the document was created. This value + increases monotonically when a document is deleted then recreated. + It can also be compared to values from other documents and the + `read_time` of a query. type: string format: google-datetime - explainOptions: + fields: + type: object description: >- - Optional. Explain options for the query. If set, additional query - statistics will be returned. If not, only query results will be - returned. - $ref: '#/components/schemas/ExplainOptions' - StructuredAggregationQuery: - id: StructuredAggregationQuery - description: Firestore query for running an aggregation over a StructuredQuery. + The document's fields. The map keys represent field names. Field + names matching the regular expression `__.*__` are reserved. + Reserved field names are forbidden except in certain documented + contexts. The field names, represented as UTF-8, must not exceed + 1,500 bytes and cannot be empty. Field paths may be used in other + contexts to refer to structured fields defined here. For + `map_value`, the field path is represented by a dot-delimited (`.`) + string of segments. Each segment is either a simple field name + (defined below) or a quoted field name. For example, the structured + field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` + would be represented by the field path `` foo.`x&y` ``. A simple + field name contains only characters `a` to `z`, `A` to `Z`, `0` to + `9`, or `_`, and must not start with `0` to `9`. For example, + `foo_bar_17`. A quoted field name starts and ends with `` ` `` and + may contain any character. Some characters, including `` ` ``, must + be escaped using a `\`. For example, `` `x&y` `` represents `x&y` + and `` `bak\`tik` `` represents `` bak`tik ``. + additionalProperties: + $ref: '#/components/schemas/Value' + id: Document + ListenRequest: + description: A request for Firestore.Listen + id: ListenRequest + properties: + labels: + additionalProperties: + type: string + type: object + description: Labels associated with this target change. + removeTarget: + description: The ID of a target to remove from this stream. + type: integer + format: int32 + addTarget: + description: A target to add to this stream. + $ref: '#/components/schemas/Target' type: object + GoogleFirestoreAdminV1IndexConfigDelta: + description: Information about an index configuration change. properties: - structuredQuery: - description: Nested structured query. - $ref: '#/components/schemas/StructuredQuery' - aggregations: - description: >- - Optional. Series of aggregations to apply over the results of the - `structured_query`. Requires: * A minimum of one and maximum of five - aggregations per query. - type: array - items: - $ref: '#/components/schemas/Aggregation' - Aggregation: - id: Aggregation - description: Defines an aggregation that produces a single result. - type: object - properties: - count: - description: Count aggregator. - $ref: '#/components/schemas/Count' - sum: - description: Sum aggregator. - $ref: '#/components/schemas/Sum' - avg: - description: Average aggregator. - $ref: '#/components/schemas/Avg' - alias: - description: >- - Optional. Optional name of the field to store the result of the - aggregation into. If not provided, Firestore will pick a default - name following the format `field_`. For example: ``` AGGREGATE - COUNT_UP_TO(1) AS count_up_to_1, COUNT_UP_TO(2), COUNT_UP_TO(3) AS - count_up_to_3, COUNT(*) OVER ( ... ); ``` becomes: ``` AGGREGATE - COUNT_UP_TO(1) AS count_up_to_1, COUNT_UP_TO(2) AS field_1, - COUNT_UP_TO(3) AS count_up_to_3, COUNT(*) AS field_2 OVER ( ... ); - ``` Requires: * Must be unique across all aggregation aliases. * - Conform to document field name limitations. - type: string - Count: - id: Count - description: >- - Count of documents that match the query. The `COUNT(*)` aggregation - function operates on the entire document so it does not require a field - reference. - type: object - properties: - upTo: - description: >- - Optional. Optional constraint on the maximum number of documents to - count. This provides a way to set an upper bound on the number of - documents to scan, limiting latency, and cost. Unspecified is - interpreted as no bound. High-Level Example: ``` AGGREGATE - COUNT_UP_TO(1000) OVER ( SELECT * FROM k ); ``` Requires: * Must be - greater than zero when present. + changeType: type: string - format: int64 - Sum: - id: Sum - description: >- - Sum of the values of the requested field. * Only numeric values will be - aggregated. All non-numeric values including `NULL` are skipped. * If - the aggregated values contain `NaN`, returns `NaN`. Infinity math - follows IEEE-754 standards. * If the aggregated value set is empty, - returns 0. * Returns a 64-bit integer if all aggregated numbers are - integers and the sum result does not overflow. Otherwise, the result is - returned as a double. Note that even if all the aggregated values are - integers, the result is returned as a double if it cannot fit within a - 64-bit signed integer. When this occurs, the returned value will lose - precision. * When underflow occurs, floating-point aggregation is - non-deterministic. This means that running the same query repeatedly - without any changes to the underlying values could produce slightly - different results each time. In those cases, values should be stored as - integers over floating-point numbers. - type: object - properties: - field: - description: The field to aggregate on. - $ref: '#/components/schemas/FieldReference' - Avg: - id: Avg - description: >- - Average of the values of the requested field. * Only numeric values will - be aggregated. All non-numeric values including `NULL` are skipped. * If - the aggregated values contain `NaN`, returns `NaN`. Infinity math - follows IEEE-754 standards. * If the aggregated value set is empty, - returns `NULL`. * Always returns the result as a double. + enum: + - CHANGE_TYPE_UNSPECIFIED + - ADD + - REMOVE + enumDescriptions: + - The type of change is not specified or known. + - The single field index is being added. + - The single field index is being removed. + description: Specifies how the index is changing. + index: + $ref: '#/components/schemas/GoogleFirestoreAdminV1Index' + description: The index being changed. + id: GoogleFirestoreAdminV1IndexConfigDelta type: object - properties: - field: - description: The field to aggregate on. - $ref: '#/components/schemas/FieldReference' - RunAggregationQueryResponse: - id: RunAggregationQueryResponse - description: The response for Firestore.RunAggregationQuery. + Value: type: object + description: A message that can hold any of the supported value types. properties: - result: - description: >- - A single aggregation result. Not present when reporting partial - progress. - $ref: '#/components/schemas/AggregationResult' - transaction: - description: >- - The transaction that was started as part of this request. Only - present on the first response when the request requested to start a - new transaction. + nullValue: + description: A null value. + enum: + - NULL_VALUE type: string + enumDescriptions: + - Null value. + doubleValue: + type: number + format: double + description: A double value. + bytesValue: format: byte - readTime: description: >- - The time at which the aggregate result was computed. This is always - monotonically increasing; in this case, the previous - AggregationResult in the result stream are guaranteed not to have - changed between their `read_time` and this one. If the query returns - no results, a response with `read_time` and no `result` will be - sent, and this represents the time at which the query was run. + A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first + 1,500 bytes are considered by queries. type: string - format: google-datetime - explainMetrics: - description: >- - Query explain metrics. This is only present when the - RunAggregationQueryRequest.explain_options is provided, and it is - sent only once with the last response in the stream. - $ref: '#/components/schemas/ExplainMetrics' - AggregationResult: - id: AggregationResult - description: >- - The result of a single bucket from a Firestore aggregation query. The - keys of `aggregate_fields` are the same for all results in an - aggregation query, unlike document queries which can have different - fields present for each result. - type: object - properties: - aggregateFields: - description: >- - The result of the aggregation functions, ex: `COUNT(*) AS - total_docs`. The key is the alias assigned to the aggregation - function on input and the size of this map equals the number of - aggregation functions in the query. - type: object - additionalProperties: - $ref: '#/components/schemas/Value' - PartitionQueryRequest: - id: PartitionQueryRequest - description: The request for Firestore.PartitionQuery. - type: object - properties: - structuredQuery: - description: >- - A structured query. Query must specify collection with all - descendants and be ordered by name ascending. Other filters, order - bys, limits, offsets, and start/end cursors are not supported. - $ref: '#/components/schemas/StructuredQuery' - partitionCount: + stringValue: description: >- - The desired maximum number of partition points. The partitions may - be returned across multiple pages of results. The number must be - positive. The actual number of partitions returned may be fewer. For - example, this may be set to one fewer than the number of parallel - queries to be run, or in running a data pipeline job, one fewer than - the number of workers or compute instances available. + A string value. The string, represented as UTF-8, must not exceed 1 + MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 + representation are considered by queries. type: string - format: int64 - pageToken: + referenceValue: description: >- - The `next_page_token` value returned from a previous call to - PartitionQuery that may be used to get an additional set of results. - There are no ordering guarantees between sets of results. Thus, - using multiple sets of results will require merging the different - result sets. For example, two subsequent calls using a page_token - may return: * cursor B, cursor M, cursor Q * cursor A, cursor U, - cursor W To obtain a complete result set ordered with respect to the - results of the query supplied to PartitionQuery, the results sets - should be merged: cursor A, cursor B, cursor M, cursor Q, cursor U, - cursor W + A reference to a document. For example: + `projects/{project_id}/databases/{database_id}/documents/{document_path}`. type: string - pageSize: - description: >- - The maximum number of partitions to return in this call, subject to - `partition_count`. For example, if `partition_count` = 10 and - `page_size` = 8, the first call to PartitionQuery will return up to - 8 partitions and a `next_page_token` if more results exist. A second - call to PartitionQuery will return up to 2 partitions, to complete - the total of 10 specified in `partition_count`. - type: integer - format: int32 - readTime: + geoPointValue: + $ref: '#/components/schemas/LatLng' + description: A geo point value representing a point on the surface of Earth. + mapValue: + description: A map value. + $ref: '#/components/schemas/MapValue' + arrayValue: description: >- - Reads documents as they were at the given time. This must be a - microsecond precision timestamp within the past one hour, or if - Point-in-Time Recovery is enabled, can additionally be a whole - minute timestamp within the past 7 days. + An array value. Cannot directly contain another array value, though + can contain a map which contains another array. + $ref: '#/components/schemas/ArrayValue' + booleanValue: + type: boolean + description: A boolean value. + timestampValue: type: string format: google-datetime - PartitionQueryResponse: - id: PartitionQueryResponse - description: The response for Firestore.PartitionQuery. - type: object - properties: - partitions: description: >- - Partition results. Each partition is a split point that can be used - by RunQuery as a starting or end point for the query results. The - RunQuery requests must be made with the same query supplied to this - PartitionQuery request. The partition cursors will be ordered - according to same ordering as the results of the query supplied to - PartitionQuery. For example, if a PartitionQuery request returns - partition cursors A and B, running the following three queries will - return the entire result set of the original query: * query, end_at - A * query, start_at A, end_at B * query, start_at B An empty result - may indicate that the query has too few results to be partitioned, - or that the query is not yet supported for partitioning. + A timestamp value. Precise only to microseconds. When stored, any + additional precision is rounded down. + integerValue: + type: string + format: int64 + description: An integer value. + id: Value + GoogleFirestoreAdminV1ListIndexesResponse: + properties: + indexes: type: array items: - $ref: '#/components/schemas/Cursor' + $ref: '#/components/schemas/GoogleFirestoreAdminV1Index' + description: The requested indexes. nextPageToken: description: >- - A page token that may be used to request an additional set of - results, up to the number specified by `partition_count` in the - PartitionQuery request. If blank, there are no more results. + A page token that may be used to request another page of results. If + blank, this is the last page. type: string - WriteRequest: - id: WriteRequest - description: >- - The request for Firestore.Write. The first request creates a stream, or - resumes an existing one from a token. When creating a new stream, the - server replies with a response containing only an ID and a token, to use - in the next request. When resuming a stream, the server first streams - any responses later than the given token, then a response containing - only an up-to-date token, to use in the next request. + type: object + id: GoogleFirestoreAdminV1ListIndexesResponse + description: The response for FirestoreAdmin.ListIndexes. + GoogleFirestoreAdminV1LocationMetadata: + properties: {} + description: The metadata message for google.cloud.location.Location.metadata. + id: GoogleFirestoreAdminV1LocationMetadata + type: object + GoogleFirestoreAdminV1Backup: + description: >- + A Backup of a Cloud Firestore Database. The backup contains all + documents and index configurations for the given database at a specific + point in time. + id: GoogleFirestoreAdminV1Backup type: object properties: - streamId: + state: + readOnly: true + enum: + - STATE_UNSPECIFIED + - CREATING + - READY + - NOT_AVAILABLE + enumDescriptions: + - The state is unspecified. + - >- + The pending backup is still being created. Operations on the + backup will be rejected in this state. + - The backup is complete and ready to use. + - The backup is not available at this moment. + description: Output only. The current state of the backup. + type: string + database: + readOnly: true description: >- - The ID of the write stream to resume. This may only be set in the - first message. When left empty, a new write stream will be created. + Output only. Name of the Firestore database that the backup is from. + Format is `projects/{project}/databases/{database}`. type: string - writes: + stats: description: >- - The writes to apply. Always executed atomically and in order. This - must be empty on the first request. This may be empty on the last - request. This must not be empty on all other requests. - type: array - items: - $ref: '#/components/schemas/Write' - streamToken: + Output only. Statistics about the backup. This data only becomes + available after the backup is fully materialized to secondary + storage. This field will be empty till then. + readOnly: true + $ref: '#/components/schemas/GoogleFirestoreAdminV1Stats' + expireTime: + format: google-datetime + type: string + description: Output only. The timestamp at which this backup expires. + readOnly: true + snapshotTime: + readOnly: true + format: google-datetime + type: string description: >- - A stream token that was previously sent by the server. The client - should set this field to the token from the most recent - WriteResponse it has received. This acknowledges that the client has - received responses up to this token. After sending this token, - earlier tokens may not be used anymore. The server may close the - stream if there are too many unacknowledged responses. Leave this - field unset when creating a new stream. To resume a stream at a - specific point, set this field and the `stream_id` field. Leave this - field unset when creating a new stream. + Output only. The backup contains an externally consistent copy of + the database at this time. + name: + description: >- + Output only. The unique resource name of the Backup. Format is + `projects/{project}/locations/{location}/backups/{backup}`. type: string - format: byte - labels: - description: Labels associated with this write request. - type: object - additionalProperties: - type: string - WriteResponse: - id: WriteResponse - description: The response for Firestore.Write. - type: object + readOnly: true + databaseUid: + readOnly: true + description: >- + Output only. The system-generated UUID4 for the Firestore database + that the backup is from. + type: string + ReadOnly: properties: - streamId: + readTime: description: >- - The ID of the stream. Only set on the first message, when a new - stream was created. + Reads documents at the given time. This must be a microsecond + precision timestamp within the past one hour, or if Point-in-Time + Recovery is enabled, can additionally be a whole minute timestamp + within the past 7 days. + format: google-datetime type: string - streamToken: + type: object + id: ReadOnly + description: Options for a transaction that can only be used to read documents. + GoogleFirestoreAdminV1ExportDocumentsRequest: + description: The request for FirestoreAdmin.ExportDocuments. + type: object + properties: + outputUriPrefix: description: >- - A token that represents the position of this response in the stream. - This can be used by a client to resume the stream at this point. - This field is always set. + The output URI. Currently only supports Google Cloud Storage URIs of + the form: `gs://BUCKET_NAME[/NAMESPACE_PATH]`, where `BUCKET_NAME` + is the name of the Google Cloud Storage bucket and `NAMESPACE_PATH` + is an optional Google Cloud Storage namespace path. When choosing a + name, be sure to consider Google Cloud Storage naming guidelines: + https://cloud.google.com/storage/docs/naming. If the URI is a bucket + (without a namespace path), a prefix will be generated based on the + start time. type: string - format: byte - writeResults: + collectionIds: + items: + type: string description: >- - The result of applying the writes. This i-th write result - corresponds to the i-th write in the request. + IDs of the collection groups to export. Unspecified means all + collection groups. Each collection group in this list must be + unique. type: array + namespaceIds: items: - $ref: '#/components/schemas/WriteResult' - commitTime: + type: string + type: array description: >- - The time at which the commit occurred. Any read with an equal or - greater `read_time` is guaranteed to see the effects of the write. - type: string + An empty list represents all namespaces. This is the preferred usage + for databases that don't use namespaces. An empty string element + represents the default namespace. This should be used if the + database has data in non-default namespaces, but doesn't want to + include them. Each namespace in this list must be unique. + snapshotTime: format: google-datetime - ListenRequest: - id: ListenRequest - description: A request for Firestore.Listen + type: string + description: >- + The timestamp that corresponds to the version of the database to be + exported. The timestamp must be in the past, rounded to the minute + and not older than earliestVersionTime. If specified, then the + exported documents will represent a consistent view of the database + at the provided time. Otherwise, there are no guarantees about the + consistency of the exported documents. + id: GoogleFirestoreAdminV1ExportDocumentsRequest + GoogleFirestoreAdminV1ListUserCredsResponse: + id: GoogleFirestoreAdminV1ListUserCredsResponse + description: The response for FirestoreAdmin.ListUserCreds. type: object properties: - addTarget: - description: A target to add to this stream. - $ref: '#/components/schemas/Target' - removeTarget: - description: The ID of a target to remove from this stream. - type: integer - format: int32 - labels: - description: Labels associated with this target change. - type: object - additionalProperties: - type: string - Target: - id: Target - description: A specification of a set of documents to listen to. + userCreds: + description: The user creds for the database. + type: array + items: + $ref: '#/components/schemas/GoogleFirestoreAdminV1UserCreds' + ExistenceFilter: type: object + description: A digest of all the documents that match a given target. properties: - query: - description: A target specified by a query. - $ref: '#/components/schemas/QueryTarget' - documents: - description: A target specified by a set of document names. - $ref: '#/components/schemas/DocumentsTarget' - resumeToken: - description: >- - A resume token from a prior TargetChange for an identical target. - Using a resume token with a different target is unsupported and may - fail. - type: string - format: byte - readTime: - description: >- - Start listening after a specific `read_time`. The client must know - the state of matching documents at this time. - type: string - format: google-datetime - targetId: - description: >- - The target ID that identifies the target on the stream. Must be a - positive number and non-zero. If `target_id` is 0 (or unspecified), - the server will assign an ID for this target and return that in a - `TargetChange::ADD` event. Once a target with `target_id=0` is - added, all subsequent targets must also have `target_id=0`. If an - `AddTarget` request with `target_id != 0` is sent to the server - after a target with `target_id=0` is added, the server will - immediately send a response with a `TargetChange::Remove` event. - Note that if the client sends multiple `AddTarget` requests without - an ID, the order of IDs returned in `TargetChange.target_ids` are - undefined. Therefore, clients should provide a target ID instead of - relying on the server to assign one. If `target_id` is non-zero, - there must not be an existing active target on this stream with the - same ID. - type: integer + count: format: int32 - once: - description: If the target should be removed once it is current and consistent. - type: boolean - expectedCount: + type: integer description: >- - The number of documents that last matched the query at the resume - token or read time. This value is only relevant when a `resume_type` - is provided. This value being present and greater than zero signals - that the client wants `ExistenceFilter.unchanged_names` to be - included in the response. + The total count of documents that match target_id. If different from + the count of documents in the client that match, the client must + manually determine which documents no longer match the target. The + client can use the `unchanged_names` bloom filter to assist with + this determination by testing ALL the document names against the + filter; if the document name is NOT in the filter, it means the + document no longer matches the target. + targetId: + description: The target ID to which this filter applies. type: integer format: int32 - QueryTarget: - id: QueryTarget - description: A target specified by a query. - type: object - properties: - parent: + unchangedNames: description: >- - The parent resource name. In the format: - `projects/{project_id}/databases/{database_id}/documents` or + A bloom filter that, despite its name, contains the UTF-8 byte + encodings of the resource names of ALL the documents that match + target_id, in the form `projects/{project_id}/databases/{database_id}/documents/{document_path}`. - For example: `projects/my-project/databases/my-database/documents` - or - `projects/my-project/databases/my-database/documents/chatrooms/my-chatroom` + This bloom filter may be omitted at the server's discretion, such as + if it is deemed that the client will not make use of it or if it is + too computationally expensive to calculate or transmit. Clients must + gracefully handle this field being absent by falling back to the + logic used before this field existed; that is, re-add the target + without a resume token to figure out which documents in the client's + cache are out of sync. + $ref: '#/components/schemas/BloomFilter' + id: ExistenceFilter + GoogleFirestoreAdminV1UpdateDatabaseMetadata: + description: Metadata related to the update database operation. + type: object + id: GoogleFirestoreAdminV1UpdateDatabaseMetadata + properties: {} + FieldFilter: + id: FieldFilter + type: object + properties: + field: + description: The field to filter by. + $ref: '#/components/schemas/FieldReference' + value: + description: The value to compare to. + $ref: '#/components/schemas/Value' + op: type: string - structuredQuery: - description: A structured query. - $ref: '#/components/schemas/StructuredQuery' - DocumentsTarget: - id: DocumentsTarget - description: A target specified by a set of documents names. + description: The operator to filter by. + enum: + - OPERATOR_UNSPECIFIED + - LESS_THAN + - LESS_THAN_OR_EQUAL + - GREATER_THAN + - GREATER_THAN_OR_EQUAL + - EQUAL + - NOT_EQUAL + - ARRAY_CONTAINS + - IN + - ARRAY_CONTAINS_ANY + - NOT_IN + enumDescriptions: + - Unspecified. This value must not be used. + - >- + The given `field` is less than the given `value`. Requires: * That + `field` come first in `order_by`. + - >- + The given `field` is less than or equal to the given `value`. + Requires: * That `field` come first in `order_by`. + - >- + The given `field` is greater than the given `value`. Requires: * + That `field` come first in `order_by`. + - >- + The given `field` is greater than or equal to the given `value`. + Requires: * That `field` come first in `order_by`. + - The given `field` is equal to the given `value`. + - >- + The given `field` is not equal to the given `value`. Requires: * + No other `NOT_EQUAL`, `NOT_IN`, `IS_NOT_NULL`, or `IS_NOT_NAN`. * + That `field` comes first in the `order_by`. + - The given `field` is an array that contains the given `value`. + - >- + The given `field` is equal to at least one value in the given + array. Requires: * That `value` is a non-empty `ArrayValue`, + subject to disjunction limits. * No `NOT_IN` filters in the same + query. + - >- + The given `field` is an array that contains any of the values in + the given array. Requires: * That `value` is a non-empty + `ArrayValue`, subject to disjunction limits. * No other + `ARRAY_CONTAINS_ANY` filters within the same disjunction. * No + `NOT_IN` filters in the same query. + - >- + The value of the `field` is not in the given array. Requires: * + That `value` is a non-empty `ArrayValue` with at most 10 values. * + No other `OR`, `IN`, `ARRAY_CONTAINS_ANY`, `NOT_IN`, `NOT_EQUAL`, + `IS_NOT_NULL`, or `IS_NOT_NAN`. * That `field` comes first in the + `order_by`. + description: A filter on a specific field. + ExplainOptions: type: object + description: Explain options for the query. properties: - documents: + analyze: description: >- - The names of the documents to retrieve. In the format: - `projects/{project_id}/databases/{database_id}/documents/{document_path}`. - The request will fail if any of the document is not a child resource - of the given `database`. Duplicate names will be elided. - type: array - items: - type: string - ListenResponse: - id: ListenResponse - description: The response for Firestore.Listen. + Optional. Whether to execute this query. When false (the default), + the query will be planned, returning only metrics from the planning + stages. When true, the query will be planned and executed, returning + the full query results along with both planning and execution stage + metrics. + type: boolean + id: ExplainOptions + RunAggregationQueryRequest: type: object + description: The request for Firestore.RunAggregationQuery. + id: RunAggregationQueryRequest properties: - targetChange: - description: Targets have changed. - $ref: '#/components/schemas/TargetChange' - documentChange: - description: A Document has changed. - $ref: '#/components/schemas/DocumentChange' - documentDelete: - description: A Document has been deleted. - $ref: '#/components/schemas/DocumentDelete' - documentRemove: + transaction: + type: string description: >- - A Document has been removed from a target (because it is no longer - relevant to that target). - $ref: '#/components/schemas/DocumentRemove' - filter: + Run the aggregation within an already active transaction. The value + here is the opaque transaction ID to execute the query in. + format: byte + readTime: + format: google-datetime + type: string description: >- - A filter to apply to the set of documents previously returned for - the given target. Returned when documents may have been removed from - the given target, but the exact documents are unknown. - $ref: '#/components/schemas/ExistenceFilter' - TargetChange: - id: TargetChange - description: Targets being watched have changed. + Executes the query at the given timestamp. This must be a + microsecond precision timestamp within the past one hour, or if + Point-in-Time Recovery is enabled, can additionally be a whole + minute timestamp within the past 7 days. + explainOptions: + $ref: '#/components/schemas/ExplainOptions' + description: >- + Optional. Explain options for the query. If set, additional query + statistics will be returned. If not, only query results will be + returned. + structuredAggregationQuery: + $ref: '#/components/schemas/StructuredAggregationQuery' + description: An aggregation query. + newTransaction: + description: >- + Starts a new transaction as part of the query, defaulting to + read-only. The new transaction ID will be returned as the first + response in the stream. + $ref: '#/components/schemas/TransactionOptions' + StructuredAggregationQuery: + description: Firestore query for running an aggregation over a StructuredQuery. + id: StructuredAggregationQuery + properties: + structuredQuery: + $ref: '#/components/schemas/StructuredQuery' + description: Nested structured query. + aggregations: + items: + $ref: '#/components/schemas/Aggregation' + type: array + description: >- + Optional. Series of aggregations to apply over the results of the + `structured_query`. Requires: * A minimum of one and maximum of five + aggregations per query. type: object + GoogleFirestoreAdminV1Field: + description: >- + Represents a single field in the database. Fields are grouped by their + "Collection Group", which represent all collections in the database with + the same ID. properties: - targetChangeType: - description: The type of change that occurred. + indexConfig: + description: >- + The index configuration for this field. If unset, field indexing + will revert to the configuration defined by the `ancestor_field`. To + explicitly remove all indexes for this field, specify an index + config with an empty list of indexes. + $ref: '#/components/schemas/GoogleFirestoreAdminV1IndexConfig' + ttlConfig: + $ref: '#/components/schemas/GoogleFirestoreAdminV1TtlConfig' + description: >- + The TTL configuration for this `Field`. Setting or unsetting this + will enable or disable the TTL for documents that have this `Field`. + name: + description: >- + Required. A field name of the form: + `projects/{project_id}/databases/{database_id}/collectionGroups/{collection_id}/fields/{field_path}` + A field path can be a simple field name, e.g. `address` or a path to + fields within `map_value` , e.g. `address.city`, or a special field + path. The only valid special field is `*`, which represents any + field. Field paths can be quoted using `` ` `` (backtick). The only + character that must be escaped within a quoted field path is the + backtick character itself, escaped using a backslash. Special + characters in field paths that must be quoted include: `*`, `.`, `` + ` `` (backtick), `[`, `]`, as well as any ascii symbolic characters. + Examples: `` `address.city` `` represents a field named + `address.city`, not the map key `city` in the field `address`. `` + `*` `` represents a field named `*`, not any field. A special + `Field` contains the default indexing settings for all fields. This + field's resource name is: + `projects/{project_id}/databases/{database_id}/collectionGroups/__default__/fields/*` + Indexes defined on this `Field` will be applied to all fields which + do not have their own `Field` index configuration. type: string - enumDescriptions: - - >- - No change has occurred. Used only to send an updated - `resume_token`. - - The targets have been added. - - The targets have been removed. - - >- - The targets reflect all changes committed before the targets were - added to the stream. This will be sent after or with a `read_time` - that is greater than or equal to the time at which the targets - were added. Listeners can wait for this change if read-after-write - semantics are desired. - - >- - The targets have been reset, and a new initial state for the - targets will be returned in subsequent changes. After the initial - state is complete, `CURRENT` will be returned even if the target - was previously indicated to be `CURRENT`. - enum: - - NO_CHANGE - - ADD - - REMOVE - - CURRENT - - RESET - targetIds: + type: object + id: GoogleFirestoreAdminV1Field + BatchWriteResponse: + id: BatchWriteResponse + type: object + properties: + writeResults: description: >- - The target IDs of targets that have changed. If empty, the change - applies to all targets. The order of the target IDs is not defined. + The result of applying the writes. This i-th write result + corresponds to the i-th write in the request. + items: + $ref: '#/components/schemas/WriteResult' type: array + status: + description: >- + The status of applying the writes. This i-th write status + corresponds to the i-th write in the request. items: - type: integer - format: int32 - cause: - description: The error that resulted in this change, if applicable. - $ref: '#/components/schemas/Status' - resumeToken: + $ref: '#/components/schemas/Status' + type: array + description: The response from Firestore.BatchWrite. + WriteRequest: + description: >- + The request for Firestore.Write. The first request creates a stream, or + resumes an existing one from a token. When creating a new stream, the + server replies with a response containing only an ID and a token, to use + in the next request. When resuming a stream, the server first streams + any responses later than the given token, then a response containing + only an up-to-date token, to use in the next request. + properties: + labels: + additionalProperties: + type: string + description: Labels associated with this write request. + type: object + streamId: description: >- - A token that can be used to resume the stream for the given - `target_ids`, or all targets if `target_ids` is empty. Not set on - every target change. + The ID of the write stream to resume. This may only be set in the + first message. When left empty, a new write stream will be created. + type: string + writes: + description: >- + The writes to apply. Always executed atomically and in order. This + must be empty on the first request. This may be empty on the last + request. This must not be empty on all other requests. + items: + $ref: '#/components/schemas/Write' + type: array + streamToken: type: string format: byte - readTime: description: >- - The consistent `read_time` for the given `target_ids` (omitted when - the target_ids are not at a consistent snapshot). The stream is - guaranteed to send a `read_time` with `target_ids` empty whenever - the entire stream reaches a new consistent snapshot. ADD, CURRENT, - and RESET messages are guaranteed to (eventually) result in a new - consistent snapshot (while NO_CHANGE and REMOVE messages are not). - For a given stream, `read_time` is guaranteed to be monotonically - increasing. + A stream token that was previously sent by the server. The client + should set this field to the token from the most recent + WriteResponse it has received. This acknowledges that the client has + received responses up to this token. After sending this token, + earlier tokens may not be used anymore. The server may close the + stream if there are too many unacknowledged responses. Leave this + field unset when creating a new stream. To resume a stream at a + specific point, set this field and the `stream_id` field. Leave this + field unset when creating a new stream. + id: WriteRequest + type: object + ListDocumentsResponse: + description: The response for Firestore.ListDocuments. + type: object + properties: + documents: + type: array + description: The Documents found. + items: + $ref: '#/components/schemas/Document' + nextPageToken: + description: >- + A token to retrieve the next page of documents. If this field is + omitted, there are no subsequent pages. type: string - format: google-datetime + id: ListDocumentsResponse DocumentChange: - id: DocumentChange description: >- A Document has changed. May be the result of multiple writes, including deletes, that ultimately resulted in a new value for the Document. Multiple DocumentChange messages may be returned for the same logical change, if multiple targets are affected. - type: object properties: + targetIds: + type: array + description: A set of target IDs of targets that match this document. + items: + format: int32 + type: integer + removedTargetIds: + description: A set of target IDs for targets that no longer match this document. + type: array + items: + type: integer + format: int32 document: description: >- The new state of the Document. If `mask` is set, contains only fields that were updated or added. $ref: '#/components/schemas/Document' - targetIds: - description: A set of target IDs of targets that match this document. - type: array + type: object + id: DocumentChange + Location: + type: object + id: Location + properties: + displayName: + type: string + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + name: + type: string + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + labels: + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + additionalProperties: + type: string + type: object + description: A resource that represents a Google Cloud location. + GoogleFirestoreAdminV1Progress: + type: object + description: >- + Describes the progress of the operation. Unit of work is generic and + must be interpreted based on where Progress is used. + properties: + completedWork: + description: The amount of work completed. + format: int64 + type: string + estimatedWork: + format: int64 + type: string + description: The amount of work estimated. + id: GoogleFirestoreAdminV1Progress + GoogleFirestoreAdminV1BulkDeleteDocumentsRequest: + properties: + collectionIds: + description: >- + Optional. IDs of the collection groups to delete. Unspecified means + all collection groups. Each collection group in this list must be + unique. items: - type: integer - format: int32 - removedTargetIds: - description: A set of target IDs for targets that no longer match this document. + type: string type: array + namespaceIds: items: - type: integer - format: int32 - DocumentDelete: - id: DocumentDelete + type: string + type: array + description: >- + Optional. Namespaces to delete. An empty list means all namespaces. + This is the recommended usage for databases that don't use + namespaces. An empty string element represents the default + namespace. This should be used if the database has data in + non-default namespaces, but doesn't want to delete from them. Each + namespace in this list must be unique. description: >- - A Document has been deleted. May be the result of multiple writes, - including updates, the last of which deleted the Document. Multiple - DocumentDelete messages may be returned for the same logical delete, if - multiple targets are affected. + The request for FirestoreAdmin.BulkDeleteDocuments. When both + collection_ids and namespace_ids are set, only documents satisfying both + conditions will be deleted. Requests with namespace_ids and + collection_ids both empty will be rejected. Please use + FirestoreAdmin.DeleteDatabase instead. type: object + id: GoogleFirestoreAdminV1BulkDeleteDocumentsRequest + PartitionQueryResponse: + id: PartitionQueryResponse + description: The response for Firestore.PartitionQuery. properties: - document: - description: The resource name of the Document that was deleted. + nextPageToken: type: string - removedTargetIds: - description: A set of target IDs for targets that previously matched this entity. + description: >- + A page token that may be used to request an additional set of + results, up to the number specified by `partition_count` in the + PartitionQuery request. If blank, there are no more results. + partitions: + description: >- + Partition results. Each partition is a split point that can be used + by RunQuery as a starting or end point for the query results. The + RunQuery requests must be made with the same query supplied to this + PartitionQuery request. The partition cursors will be ordered + according to same ordering as the results of the query supplied to + PartitionQuery. For example, if a PartitionQuery request returns + partition cursors A and B, running the following three queries will + return the entire result set of the original query: * query, end_at + A * query, start_at A, end_at B * query, start_at B An empty result + may indicate that the query has too few results to be partitioned, + or that the query is not yet supported for partitioning. type: array items: - type: integer - format: int32 - readTime: - description: >- - The read timestamp at which the delete was observed. Greater or - equal to the `commit_time` of the delete. - type: string - format: google-datetime - DocumentRemove: - id: DocumentRemove - description: >- - A Document has been removed from the view of the targets. Sent if the - document is no longer relevant to a target and is out of view. Can be - sent instead of a DocumentDelete or a DocumentChange if the server can - not send the new value of the document. Multiple DocumentRemove messages - may be returned for the same logical write or delete, if multiple - targets are affected. + $ref: '#/components/schemas/Cursor' + type: object + RunQueryResponse: + id: RunQueryResponse type: object properties: - document: - description: The resource name of the Document that has gone out of view. + transaction: type: string - removedTargetIds: + format: byte description: >- - A set of target IDs for targets that previously matched this - document. - type: array - items: - type: integer - format: int32 + The transaction that was started as part of this request. Can only + be set in the first response, and only if + RunQueryRequest.new_transaction was set in the request. If set, no + other fields will be set in this response. readTime: - description: >- - The read timestamp at which the remove was observed. Greater or - equal to the `commit_time` of the change/delete/remove. type: string format: google-datetime - ExistenceFilter: - id: ExistenceFilter - description: A digest of all the documents that match a given target. - type: object - properties: - targetId: - description: The target ID to which this filter applies. - type: integer - format: int32 - count: description: >- - The total count of documents that match target_id. If different from - the count of documents in the client that match, the client must - manually determine which documents no longer match the target. The - client can use the `unchanged_names` bloom filter to assist with - this determination by testing ALL the document names against the - filter; if the document name is NOT in the filter, it means the - document no longer matches the target. - type: integer + The time at which the document was read. This may be monotonically + increasing; in this case, the previous documents in the result + stream are guaranteed not to have changed between their `read_time` + and this one. If the query returns no results, a response with + `read_time` and no `document` will be sent, and this represents the + time at which the query was run. + skippedResults: format: int32 - unchangedNames: description: >- - A bloom filter that, despite its name, contains the UTF-8 byte - encodings of the resource names of ALL the documents that match - target_id, in the form - `projects/{project_id}/databases/{database_id}/documents/{document_path}`. - This bloom filter may be omitted at the server's discretion, such as - if it is deemed that the client will not make use of it or if it is - too computationally expensive to calculate or transmit. Clients must - gracefully handle this field being absent by falling back to the - logic used before this field existed; that is, re-add the target - without a resume token to figure out which documents in the client's - cache are out of sync. - $ref: '#/components/schemas/BloomFilter' - BloomFilter: - id: BloomFilter - description: >- - A bloom filter (https://en.wikipedia.org/wiki/Bloom_filter). The bloom - filter hashes the entries with MD5 and treats the resulting 128-bit hash - as 2 distinct 64-bit hash values, interpreted as unsigned integers using - 2's complement encoding. These two hash values, named `h1` and `h2`, are - then used to compute the `hash_count` hash values using the formula, - starting at `i=0`: h(i) = h1 + (i * h2) These resulting values are then - taken modulo the number of bits in the bloom filter to get the bits of - the bloom filter to test for the given entry. - type: object - properties: - bits: - description: The bloom filter data. - $ref: '#/components/schemas/BitSequence' - hashCount: - description: The number of hashes used by the algorithm. + The number of results that have been skipped due to an offset + between the last response and the current response. type: integer - format: int32 - BitSequence: - id: BitSequence - description: >- - A sequence of bits, encoded in a byte array. Each byte in the `bitmap` - byte array stores 8 bits of the sequence. The only exception is the last - byte, which may store 8 _or fewer_ bits. The `padding` defines the - number of bits of the last byte to be ignored as "padding". The values - of these "padding" bits are unspecified and must be ignored. To retrieve - the first bit, bit 0, calculate: `(bitmap[0] & 0x01) != 0`. To retrieve - the second bit, bit 1, calculate: `(bitmap[0] & 0x02) != 0`. To retrieve - the third bit, bit 2, calculate: `(bitmap[0] & 0x04) != 0`. To retrieve - the fourth bit, bit 3, calculate: `(bitmap[0] & 0x08) != 0`. To retrieve - bit n, calculate: `(bitmap[n / 8] & (0x01 << (n % 8))) != 0`. The "size" - of a `BitSequence` (the number of bits it contains) is calculated by - this formula: `(bitmap.length * 8) - padding`. - type: object - properties: - bitmap: - description: The bytes that encode the bit sequence. May have a length of zero. - type: string - format: byte - padding: + explainMetrics: description: >- - The number of bits of the last byte in `bitmap` to ignore as - "padding". If the length of `bitmap` is zero, then this value must - be `0`. Otherwise, this value must be between 0 and 7, inclusive. - type: integer - format: int32 - ListCollectionIdsRequest: - id: ListCollectionIdsRequest - description: The request for Firestore.ListCollectionIds. + Query explain metrics. This is only present when the + RunQueryRequest.explain_options is provided, and it is sent only + once with the last response in the stream. + $ref: '#/components/schemas/ExplainMetrics' + document: + description: A query result, not set when reporting partial progress. + $ref: '#/components/schemas/Document' + done: + description: >- + If present, Firestore has completely finished the request and no + more documents will be returned. + type: boolean + description: The response for Firestore.RunQuery. + Sum: + description: >- + Sum of the values of the requested field. * Only numeric values will be + aggregated. All non-numeric values including `NULL` are skipped. * If + the aggregated values contain `NaN`, returns `NaN`. Infinity math + follows IEEE-754 standards. * If the aggregated value set is empty, + returns 0. * Returns a 64-bit integer if all aggregated numbers are + integers and the sum result does not overflow. Otherwise, the result is + returned as a double. Note that even if all the aggregated values are + integers, the result is returned as a double if it cannot fit within a + 64-bit signed integer. When this occurs, the returned value will lose + precision. * When underflow occurs, floating-point aggregation is + non-deterministic. This means that running the same query repeatedly + without any changes to the underlying values could produce slightly + different results each time. In those cases, values should be stored as + integers over floating-point numbers. + id: Sum type: object properties: - pageSize: - description: The maximum number of results to return. - type: integer - format: int32 - pageToken: - description: A page token. Must be a value from ListCollectionIdsResponse. - type: string - readTime: - description: >- - Reads documents as they were at the given time. This must be a - microsecond precision timestamp within the past one hour, or if - Point-in-Time Recovery is enabled, can additionally be a whole - minute timestamp within the past 7 days. - type: string - format: google-datetime - ListCollectionIdsResponse: - id: ListCollectionIdsResponse - description: The response from Firestore.ListCollectionIds. + field: + $ref: '#/components/schemas/FieldReference' + description: The field to aggregate on. + Projection: + id: Projection type: object + description: The projection of document's fields to return. properties: - collectionIds: - description: The collection ids. + fields: type: array + description: >- + The fields to return. If empty, all fields are returned. To only + return the name of the document, use `['__name__']`. items: - type: string + $ref: '#/components/schemas/FieldReference' + GoogleFirestoreAdminV1ListFieldsResponse: + properties: nextPageToken: - description: A page token that may be used to continue the list. type: string - BatchWriteRequest: - id: BatchWriteRequest - description: The request for Firestore.BatchWrite. + description: >- + A page token that may be used to request another page of results. If + blank, this is the last page. + fields: + description: The requested fields. + type: array + items: + $ref: '#/components/schemas/GoogleFirestoreAdminV1Field' + description: The response for FirestoreAdmin.ListFields. + id: GoogleFirestoreAdminV1ListFieldsResponse type: object + CommitRequest: properties: + transaction: + type: string + format: byte + description: If set, applies all writes in this transaction, and commits it. writes: - description: >- - The writes to apply. Method does not apply writes atomically and - does not guarantee ordering. Each write succeeds or fails - independently. You cannot write to the same document more than once - per request. type: array + description: The writes to apply. Always executed atomically and in order. items: $ref: '#/components/schemas/Write' - labels: - description: Labels associated with this batch write. - type: object - additionalProperties: - type: string - BatchWriteResponse: - id: BatchWriteResponse - description: The response from Firestore.BatchWrite. + id: CommitRequest + description: The request for Firestore.Commit. + type: object + Empty: + properties: {} + type: object + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + LatLng: type: object properties: - writeResults: - description: >- - The result of applying the writes. This i-th write result - corresponds to the i-th write in the request. - type: array - items: - $ref: '#/components/schemas/WriteResult' - status: - description: >- - The status of applying the writes. This i-th write status - corresponds to the i-th write in the request. - type: array - items: - $ref: '#/components/schemas/Status' - GoogleFirestoreAdminV1FieldOperationMetadata: - id: GoogleFirestoreAdminV1FieldOperationMetadata + latitude: + type: number + description: The latitude in degrees. It must be in the range [-90.0, +90.0]. + format: double + longitude: + description: The longitude in degrees. It must be in the range [-180.0, +180.0]. + type: number + format: double + id: LatLng description: >- - Metadata for google.longrunning.Operation results from - FirestoreAdmin.UpdateField. + An object that represents a latitude/longitude pair. This is expressed + as a pair of doubles to represent degrees latitude and degrees + longitude. Unless specified otherwise, this object must conform to the + WGS84 standard. Values must be within normalized ranges. + BloomFilter: + id: BloomFilter + description: >- + A bloom filter (https://en.wikipedia.org/wiki/Bloom_filter). The bloom + filter hashes the entries with MD5 and treats the resulting 128-bit hash + as 2 distinct 64-bit hash values, interpreted as unsigned integers using + 2's complement encoding. These two hash values, named `h1` and `h2`, are + then used to compute the `hash_count` hash values using the formula, + starting at `i=0`: h(i) = h1 + (i * h2) These resulting values are then + taken modulo the number of bits in the bloom filter to get the bits of + the bloom filter to test for the given entry. type: object properties: - startTime: - description: The time this operation started. + hashCount: + description: The number of hashes used by the algorithm. + format: int32 + type: integer + bits: + $ref: '#/components/schemas/BitSequence' + description: The bloom filter data. + GoogleFirestoreAdminV1CloneDatabaseRequest: + properties: + tags: + additionalProperties: + type: string + type: object + description: >- + Optional. Immutable. Tags to be bound to the cloned database. The + tags should be provided in the format of `tagKeys/{tag_key_id} -> + tagValues/{tag_value_id}`. + pitrSnapshot: + $ref: '#/components/schemas/GoogleFirestoreAdminV1PitrSnapshot' + description: >- + Required. Specification of the PITR data to clone from. The source + database must exist. The cloned database will be created in the same + location as the source database. + encryptionConfig: + description: >- + Optional. Encryption configuration for the cloned database. If this + field is not specified, the cloned database will use the same + encryption configuration as the source database, namely + use_source_encryption. + $ref: '#/components/schemas/GoogleFirestoreAdminV1EncryptionConfig' + databaseId: + description: >- + Required. The ID to use for the database, which will become the + final component of the database's resource name. This database ID + must not be associated with an existing database. This value should + be 4-63 characters. Valid characters are /a-z-/ with first character + a letter and the last a letter or a number. Must not be UUID-like + /[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}/. "(default)" database ID + is also valid if the database is Standard edition. type: string - format: google-datetime - endTime: + description: The request message for FirestoreAdmin.CloneDatabase. + type: object + id: GoogleFirestoreAdminV1CloneDatabaseRequest + GoogleFirestoreAdminV1PitrSnapshot: + type: object + properties: + databaseUid: description: >- - The time this operation completed. Will be unset if operation still - in progress. + Output only. Public UUID of the database the snapshot was associated + with. + readOnly: true + format: byte type: string - format: google-datetime - field: + database: description: >- - The field resource that this operation is acting on. For example: - `projects/{project_id}/databases/{database_id}/collectionGroups/{collection_id}/fields/{field_path}` + Required. The name of the database that this was a snapshot of. + Format: `projects/{project}/databases/{database}`. type: string - indexConfigDeltas: + snapshotTime: + type: string + format: google-datetime + description: Required. Snapshot time of the database. + id: GoogleFirestoreAdminV1PitrSnapshot + description: >- + A consistent snapshot of a database at a specific point in time. A PITR + (Point-in-time recovery) snapshot with previous versions of a database's + data is available for every minute up to the associated database's data + retention period. If the PITR feature is enabled, the retention period + is 7 days; otherwise, it is one hour. + DocumentsTarget: + description: A target specified by a set of documents names. + id: DocumentsTarget + properties: + documents: description: >- - A list of IndexConfigDelta, which describe the intent of this - operation. - type: array + The names of the documents to retrieve. In the format: + `projects/{project_id}/databases/{database_id}/documents/{document_path}`. + The request will fail if any of the document is not a child resource + of the given `database`. Duplicate names will be elided. items: - $ref: '#/components/schemas/GoogleFirestoreAdminV1IndexConfigDelta' - state: - description: The state of the operation. - type: string - enumDescriptions: - - Unspecified. - - Request is being prepared for processing. - - Request is actively being processed. - - >- - Request is in the process of being cancelled after user called - google.longrunning.Operations.CancelOperation on the operation. - - Request has been processed and is in its finalization stage. - - Request has completed successfully. - - Request has finished being processed, but encountered an error. - - >- - Request has finished being cancelled after user called - google.longrunning.Operations.CancelOperation. - enum: - - OPERATION_STATE_UNSPECIFIED - - INITIALIZING - - PROCESSING - - CANCELLING - - FINALIZING - - SUCCESSFUL - - FAILED - - CANCELLED - progressDocuments: - description: The progress, in documents, of this operation. - $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' - progressBytes: - description: The progress, in bytes, of this operation. - $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' - ttlConfigDelta: - description: Describes the deltas of TTL configuration. - $ref: '#/components/schemas/GoogleFirestoreAdminV1TtlConfigDelta' - GoogleFirestoreAdminV1IndexConfigDelta: - id: GoogleFirestoreAdminV1IndexConfigDelta - description: Information about an index configuration change. + type: string + type: array type: object + Avg: properties: - changeType: - description: Specifies how the index is changing. - type: string - enumDescriptions: - - The type of change is not specified or known. - - The single field index is being added. - - The single field index is being removed. - enum: - - CHANGE_TYPE_UNSPECIFIED - - ADD - - REMOVE - index: - description: The index being changed. - $ref: '#/components/schemas/GoogleFirestoreAdminV1Index' - GoogleFirestoreAdminV1Progress: - id: GoogleFirestoreAdminV1Progress + field: + $ref: '#/components/schemas/FieldReference' + description: The field to aggregate on. description: >- - Describes the progress of the operation. Unit of work is generic and - must be interpreted based on where Progress is used. + Average of the values of the requested field. * Only numeric values will + be aggregated. All non-numeric values including `NULL` are skipped. * If + the aggregated values contain `NaN`, returns `NaN`. Infinity math + follows IEEE-754 standards. * If the aggregated value set is empty, + returns `NULL`. * Always returns the result as a double. + type: object + id: Avg + GoogleFirestoreAdminV1Database: + id: GoogleFirestoreAdminV1Database type: object + description: A Cloud Firestore Database. properties: - estimatedWork: - description: The amount of work estimated. + sourceInfo: + description: Output only. Information about the provenance of this database. + readOnly: true + $ref: '#/components/schemas/GoogleFirestoreAdminV1SourceInfo' + cmekConfig: + description: Optional. Presence indicates CMEK is enabled for this database. + $ref: '#/components/schemas/GoogleFirestoreAdminV1CmekConfig' + updateTime: + readOnly: true + format: google-datetime type: string - format: int64 - completedWork: - description: The amount of work completed. + description: >- + Output only. The timestamp at which this database was most recently + updated. Note this only includes updates to the database resource + and not data contained by the database. + firestoreDataAccessMode: + enumDescriptions: + - Not Used. + - Accessing the database through the API is allowed. + - Accessing the database through the API is disallowed. + description: >- + Optional. The Firestore API data access mode to use for this + database. If not set on write: - the default value is + DATA_ACCESS_MODE_DISABLED for Enterprise Edition. - the default + value is DATA_ACCESS_MODE_ENABLED for Standard Edition. + enum: + - DATA_ACCESS_MODE_UNSPECIFIED + - DATA_ACCESS_MODE_ENABLED + - DATA_ACCESS_MODE_DISABLED type: string - format: int64 - GoogleFirestoreAdminV1TtlConfigDelta: - id: GoogleFirestoreAdminV1TtlConfigDelta - description: Information about a TTL configuration change. - type: object - properties: - changeType: - description: Specifies how the TTL configuration is changing. + pointInTimeRecoveryEnablement: + enumDescriptions: + - Not used. + - >- + Reads are supported on selected versions of the data from within + the past 7 days: * Reads against any timestamp within the past + hour * Reads against 1-minute snapshots beyond 1 hour and within 7 + days `version_retention_period` and `earliest_version_time` can be + used to determine the supported versions. + - >- + Reads are supported on any version of the data from within the + past 1 hour. type: string + description: Whether to enable the PITR feature on this database. + enum: + - POINT_IN_TIME_RECOVERY_ENABLEMENT_UNSPECIFIED + - POINT_IN_TIME_RECOVERY_ENABLED + - POINT_IN_TIME_RECOVERY_DISABLED + mongodbCompatibleDataAccessMode: enumDescriptions: - - The type of change is not specified or known. - - The TTL config is being added. - - The TTL config is being removed. + - Not Used. + - Accessing the database through the API is allowed. + - Accessing the database through the API is disallowed. + type: string enum: - - CHANGE_TYPE_UNSPECIFIED - - ADD - - REMOVE - GoogleFirestoreAdminV1IndexOperationMetadata: - id: GoogleFirestoreAdminV1IndexOperationMetadata - description: >- - Metadata for google.longrunning.Operation results from - FirestoreAdmin.CreateIndex. - type: object - properties: - startTime: - description: The time this operation started. + - DATA_ACCESS_MODE_UNSPECIFIED + - DATA_ACCESS_MODE_ENABLED + - DATA_ACCESS_MODE_DISABLED + description: >- + Optional. The MongoDB compatible API data access mode to use for + this database. If not set on write, the default value is + DATA_ACCESS_MODE_ENABLED for Enterprise Edition. The value is always + DATA_ACCESS_MODE_DISABLED for Standard Edition. + appEngineIntegrationMode: + description: The App Engine integration mode to use for this database. + enum: + - APP_ENGINE_INTEGRATION_MODE_UNSPECIFIED + - ENABLED + - DISABLED + enumDescriptions: + - Not used. + - >- + If an App Engine application exists in the same region as this + database, App Engine configuration will impact this database. This + includes disabling of the application & database, as well as + disabling writes to the database. + - >- + App Engine has no effect on the ability of this database to serve + requests. This is the default setting for databases created with + the Firestore API. type: string - format: google-datetime - endTime: - description: >- - The time this operation completed. Will be unset if operation still - in progress. + previousId: type: string - format: google-datetime - index: description: >- - The index resource that this operation is acting on. For example: - `projects/{project_id}/databases/{database_id}/collectionGroups/{collection_id}/indexes/{index_id}` - type: string - state: - description: The state of the operation. + Output only. The database resource's prior database ID. This field + is only populated for deleted databases. + readOnly: true + concurrencyMode: type: string + description: The concurrency control mode to use for this database. + enum: + - CONCURRENCY_MODE_UNSPECIFIED + - OPTIMISTIC + - PESSIMISTIC + - OPTIMISTIC_WITH_ENTITY_GROUPS enumDescriptions: - - Unspecified. - - Request is being prepared for processing. - - Request is actively being processed. + - Not used. - >- - Request is in the process of being cancelled after user called - google.longrunning.Operations.CancelOperation on the operation. - - Request has been processed and is in its finalization stage. - - Request has completed successfully. - - Request has finished being processed, but encountered an error. + Use optimistic concurrency control by default. This mode is + available for Cloud Firestore databases. - >- - Request has finished being cancelled after user called - google.longrunning.Operations.CancelOperation. + Use pessimistic concurrency control by default. This mode is + available for Cloud Firestore databases. This is the default + setting for Cloud Firestore. + - >- + Use optimistic concurrency control with entity groups by default. + This is the only available mode for Cloud Datastore. This mode is + also available for Cloud Firestore with Datastore Mode but is not + recommended. + databaseEdition: + type: string + enumDescriptions: + - Not used. + - Standard edition. This is the default setting if not specified. + - Enterprise edition. enum: - - OPERATION_STATE_UNSPECIFIED - - INITIALIZING - - PROCESSING - - CANCELLING - - FINALIZING - - SUCCESSFUL - - FAILED - - CANCELLED - progressDocuments: - description: The progress, in documents, of this operation. - $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' - progressBytes: - description: The progress, in bytes, of this operation. - $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' - GoogleFirestoreAdminV1LocationMetadata: - id: GoogleFirestoreAdminV1LocationMetadata - description: The metadata message for google.cloud.location.Location.metadata. - type: object - properties: {} - GoogleFirestoreAdminV1ExportDocumentsMetadata: - id: GoogleFirestoreAdminV1ExportDocumentsMetadata - description: >- - Metadata for google.longrunning.Operation results from - FirestoreAdmin.ExportDocuments. - type: object - properties: - startTime: - description: The time this operation started. + - DATABASE_EDITION_UNSPECIFIED + - STANDARD + - ENTERPRISE + description: Immutable. The edition of the database. + createTime: + description: >- + Output only. The timestamp at which this database was created. + Databases created before 2016 do not populate create_time. type: string format: google-datetime - endTime: + readOnly: true + etag: description: >- - The time this operation completed. Will be unset if operation still - in progress. + This checksum is computed by the server based on the value of other + fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. type: string - format: google-datetime - operationState: - description: The state of the export operation. + deleteProtectionState: + description: State of delete protection for the database. type: string + enum: + - DELETE_PROTECTION_STATE_UNSPECIFIED + - DELETE_PROTECTION_DISABLED + - DELETE_PROTECTION_ENABLED enumDescriptions: - - Unspecified. - - Request is being prepared for processing. - - Request is actively being processed. - - >- - Request is in the process of being cancelled after user called - google.longrunning.Operations.CancelOperation on the operation. - - Request has been processed and is in its finalization stage. - - Request has completed successfully. - - Request has finished being processed, but encountered an error. + - The default value. Delete protection type is not specified + - Delete protection is disabled + - Delete protection is enabled + type: + type: string + enumDescriptions: + - Not used. + - Firestore Native Mode + - Firestore in Datastore Mode. + description: >- + The type of the database. See + https://cloud.google.com/datastore/docs/firestore-or-datastore for + information about how to choose. + enum: + - DATABASE_TYPE_UNSPECIFIED + - FIRESTORE_NATIVE + - DATASTORE_MODE + realtimeUpdatesMode: + enumDescriptions: + - The Realtime Updates feature is not specified. - >- - Request has finished being cancelled after user called - google.longrunning.Operations.CancelOperation. + The Realtime Updates feature is enabled by default. This could + potentially degrade write performance for the database. + - The Realtime Updates feature is disabled by default. + description: >- + Immutable. The default Realtime Updates mode to use for this + database. + type: string enum: - - OPERATION_STATE_UNSPECIFIED - - INITIALIZING - - PROCESSING - - CANCELLING - - FINALIZING - - SUCCESSFUL - - FAILED - - CANCELLED - progressDocuments: - description: The progress, in documents, of this operation. - $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' - progressBytes: - description: The progress, in bytes, of this operation. - $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' - collectionIds: - description: Which collection IDs are being exported. - type: array - items: - type: string - outputUriPrefix: - description: Where the documents are being exported to. + - REALTIME_UPDATES_MODE_UNSPECIFIED + - REALTIME_UPDATES_MODE_ENABLED + - REALTIME_UPDATES_MODE_DISABLED + uid: + readOnly: true + description: Output only. The system-generated UUID4 for this Database. + type: string + name: + description: >- + The resource name of the Database. Format: + `projects/{project}/databases/{database}` + type: string + freeTier: + type: boolean + description: >- + Output only. Background: Free tier is the ability of a Firestore + database to use a small amount of resources every day without being + charged. Once usage exceeds the free tier limit further usage is + charged. Whether this database can make use of the free tier. Only + one database per project can be eligible for the free tier. The + first (or next) database that is created in a project without a free + tier database will be marked as eligible for the free tier. + Databases that are created while there is a free tier database will + not be eligible for the free tier. + readOnly: true + versionRetentionPeriod: + format: google-duration + readOnly: true + description: >- + Output only. The period during which past versions of data are + retained in the database. Any read or query can specify a + `read_time` within this window, and will read the state of the + database at that time. If the PITR feature is enabled, the retention + period is 7 days. Otherwise, the retention period is 1 hour. + type: string + keyPrefix: + readOnly: true type: string - namespaceIds: - description: Which namespace IDs are being exported. - type: array - items: - type: string - snapshotTime: description: >- - The timestamp that corresponds to the version of the database that - is being exported. If unspecified, there are no guarantees about the - consistency of the documents being exported. + Output only. The key_prefix for this database. This key_prefix is + used, in combination with the project ID ("~") to construct the + application ID that is returned from the Cloud Datastore APIs in + Google App Engine first generation runtimes. This value may be empty + in which case the appid to use for URL-encoded keys is the + project_id (eg: foo instead of v~foo). + deleteTime: type: string format: google-datetime - GoogleFirestoreAdminV1BulkDeleteDocumentsMetadata: - id: GoogleFirestoreAdminV1BulkDeleteDocumentsMetadata - description: >- - Metadata for google.longrunning.Operation results from - FirestoreAdmin.BulkDeleteDocuments. - type: object - properties: - startTime: - description: The time this operation started. + description: >- + Output only. The timestamp at which this database was deleted. Only + set if the database has been deleted. + readOnly: true + earliestVersionTime: type: string format: google-datetime - endTime: + readOnly: true description: >- - The time this operation completed. Will be unset if operation still - in progress. + Output only. The earliest timestamp at which older versions of the + data can be read from the database. See [version_retention_period] + above; this field is populated with `now - + version_retention_period`. This value is continuously updated, and + becomes stale the moment it is queried. If you are using this value + to recover data, make sure to account for the time from the moment + when the value is queried to the moment when you initiate the + recovery. + locationId: + description: >- + The location of the database. Available locations are listed at + https://cloud.google.com/firestore/docs/locations. type: string - format: google-datetime - operationState: - description: The state of the operation. + tags: + description: >- + Optional. Input only. Immutable. Tag keys/values directly bound to + this resource. For example: "123/environment": "production", + "123/costCenter": "marketing" + type: object + additionalProperties: + type: string + GoogleFirestoreAdminV1Index: + id: GoogleFirestoreAdminV1Index + properties: + state: + description: Output only. The serving state of the index. type: string + enum: + - STATE_UNSPECIFIED + - CREATING + - READY + - NEEDS_REPAIR enumDescriptions: - - Unspecified. - - Request is being prepared for processing. - - Request is actively being processed. + - The state is unspecified. - >- - Request is in the process of being cancelled after user called - google.longrunning.Operations.CancelOperation on the operation. - - Request has been processed and is in its finalization stage. - - Request has completed successfully. - - Request has finished being processed, but encountered an error. + The index is being created. There is an active long-running + operation for the index. The index is updated when writing a + document. Some index data may exist. - >- - Request has finished being cancelled after user called - google.longrunning.Operations.CancelOperation. - enum: - - OPERATION_STATE_UNSPECIFIED - - INITIALIZING - - PROCESSING - - CANCELLING - - FINALIZING - - SUCCESSFUL - - FAILED - - CANCELLED - progressDocuments: - description: The progress, in documents, of this operation. - $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' - progressBytes: - description: The progress, in bytes, of this operation. - $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' - collectionIds: - description: The IDs of the collection groups that are being deleted. - type: array - items: - type: string - namespaceIds: - description: Which namespace IDs are being deleted. + The index is ready to be used. The index is updated when writing a + document. The index is fully populated from all stored documents + it applies to. + - >- + The index was being created, but something went wrong. There is no + active long-running operation for the index, and the most recently + finished long-running operation failed. The index is not updated + when writing a document. Some index data may exist. Use the + google.longrunning.Operations API to determine why the operation + that last attempted to create this index failed, then re-create + the index. + fields: type: array - items: - type: string - snapshotTime: description: >- - The timestamp that corresponds to the version of the database that - is being read to get the list of documents to delete. This time can - also be used as the timestamp of PITR in case of disaster recovery - (subject to PITR window limit). - type: string - format: google-datetime - GoogleFirestoreAdminV1ImportDocumentsMetadata: - id: GoogleFirestoreAdminV1ImportDocumentsMetadata - description: >- - Metadata for google.longrunning.Operation results from - FirestoreAdmin.ImportDocuments. - type: object - properties: - startTime: - description: The time this operation started. - type: string - format: google-datetime - endTime: + The fields supported by this index. For composite indexes, this + requires a minimum of 2 and a maximum of 100 fields. The last field + entry is always for the field path `__name__`. If, on creation, + `__name__` was not specified as the last field, it will be added + automatically with the same direction as that of the last field + defined. If the final field in a composite index is not directional, + the `__name__` will be ordered ASCENDING (unless explicitly + specified). For single field indexes, this will always be exactly + one entry with a field path equal to the field path of the + associated field. + items: + $ref: '#/components/schemas/GoogleFirestoreAdminV1IndexField' + multikey: description: >- - The time this operation completed. Will be unset if operation still - in progress. - type: string - format: google-datetime - operationState: - description: The state of the import operation. - type: string + Optional. Whether the index is multikey. By default, the index is + not multikey. For non-multikey indexes, none of the paths in the + index definition reach or traverse an array, except via an explicit + array index. For multikey indexes, at most one of the paths in the + index definition reach or traverse an array, except via an explicit + array index. Violations will result in errors. Note this field only + applies to index with MONGODB_COMPATIBLE_API ApiScope. + type: boolean + apiScope: enumDescriptions: - - Unspecified. - - Request is being prepared for processing. - - Request is actively being processed. - >- - Request is in the process of being cancelled after user called - google.longrunning.Operations.CancelOperation on the operation. - - Request has been processed and is in its finalization stage. - - Request has completed successfully. - - Request has finished being processed, but encountered an error. + The index can only be used by the Firestore Native query API. This + is the default. - >- - Request has finished being cancelled after user called - google.longrunning.Operations.CancelOperation. - enum: - - OPERATION_STATE_UNSPECIFIED - - INITIALIZING - - PROCESSING - - CANCELLING - - FINALIZING - - SUCCESSFUL - - FAILED - - CANCELLED - progressDocuments: - description: The progress, in documents, of this operation. - $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' - progressBytes: - description: The progress, in bytes, of this operation. - $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' - collectionIds: - description: Which collection IDs are being imported. - type: array - items: - type: string - inputUriPrefix: - description: The location of the documents being imported. + The index can only be used by the Firestore in Datastore Mode + query API. + - The index can only be used by the MONGODB_COMPATIBLE_API. type: string - namespaceIds: - description: Which namespace IDs are being imported. - type: array - items: - type: string - GoogleFirestoreAdminV1ExportDocumentsResponse: - id: GoogleFirestoreAdminV1ExportDocumentsResponse - description: Returned in the google.longrunning.Operation response field. - type: object - properties: - outputUriPrefix: + enum: + - ANY_API + - DATASTORE_MODE_API + - MONGODB_COMPATIBLE_API + description: The API scope supported by this index. + queryScope: description: >- - Location of the output files. This can be used to begin an import - into Cloud Firestore (this project or another project) after the - operation completes successfully. - type: string - GoogleFirestoreAdminV1CreateDatabaseMetadata: - id: GoogleFirestoreAdminV1CreateDatabaseMetadata - description: Metadata related to the create database operation. - type: object - properties: {} - GoogleFirestoreAdminV1DeleteDatabaseMetadata: - id: GoogleFirestoreAdminV1DeleteDatabaseMetadata - description: Metadata related to the delete database operation. - type: object - properties: {} - GoogleFirestoreAdminV1UpdateDatabaseMetadata: - id: GoogleFirestoreAdminV1UpdateDatabaseMetadata - description: Metadata related to the update database operation. - type: object - properties: {} - GoogleFirestoreAdminV1RestoreDatabaseMetadata: - id: GoogleFirestoreAdminV1RestoreDatabaseMetadata - description: >- - Metadata for the long-running operation from the RestoreDatabase - request. - type: object - properties: - startTime: - description: The time the restore was started. - type: string - format: google-datetime - endTime: - description: The time the restore finished, unset for ongoing restores. - type: string - format: google-datetime - operationState: - description: The operation state of the restore. - type: string + Indexes with a collection query scope specified allow queries + against a collection that is the child of a specific document, + specified at query time, and that has the same collection ID. + Indexes with a collection group query scope specified allow queries + against all collections descended from a specific document, + specified at query time, and that have the same collection ID as + this index. + enum: + - QUERY_SCOPE_UNSPECIFIED + - COLLECTION + - COLLECTION_GROUP + - COLLECTION_RECURSIVE enumDescriptions: - - Unspecified. - - Request is being prepared for processing. - - Request is actively being processed. + - The query scope is unspecified. Not a valid option. - >- - Request is in the process of being cancelled after user called - google.longrunning.Operations.CancelOperation on the operation. - - Request has been processed and is in its finalization stage. - - Request has completed successfully. - - Request has finished being processed, but encountered an error. + Indexes with a collection query scope specified allow queries + against a collection that is the child of a specific document, + specified at query time, and that has the collection ID specified + by the index. - >- - Request has finished being cancelled after user called - google.longrunning.Operations.CancelOperation. - enum: - - OPERATION_STATE_UNSPECIFIED - - INITIALIZING - - PROCESSING - - CANCELLING - - FINALIZING - - SUCCESSFUL - - FAILED - - CANCELLED - database: - description: The name of the database being restored to. - type: string - backup: - description: The name of the backup restoring from. + Indexes with a collection group query scope specified allow + queries against all collections that has the collection ID + specified by the index. + - >- + Include all the collections's ancestor in the index. Only + available for Datastore Mode databases. type: string - progressPercentage: + unique: + type: boolean description: >- - How far along the restore is as an estimated percentage of remaining - time. - $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' - GoogleFirestoreAdminV1CloneDatabaseMetadata: - id: GoogleFirestoreAdminV1CloneDatabaseMetadata - description: Metadata for the long-running operation from the CloneDatabase request. - type: object - properties: - startTime: - description: The time the clone was started. - type: string - format: google-datetime - endTime: - description: The time the clone finished, unset for ongoing clones. - type: string - format: google-datetime - operationState: - description: The operation state of the clone. + Optional. Whether it is an unique index. Unique index ensures all + values for the indexed field(s) are unique across documents. + name: + description: >- + Output only. A server defined name for this index. The form of this + name for composite indexes will be: + `projects/{project_id}/databases/{database_id}/collectionGroups/{collection_id}/indexes/{composite_index_id}` + For single field indexes, this field will be empty. type: string + shardCount: + description: Optional. The number of shards for the index. + format: int32 + type: integer + density: enumDescriptions: - - Unspecified. - - Request is being prepared for processing. - - Request is actively being processed. - >- - Request is in the process of being cancelled after user called - google.longrunning.Operations.CancelOperation on the operation. - - Request has been processed and is in its finalization stage. - - Request has completed successfully. - - Request has finished being processed, but encountered an error. + Unspecified. It will use database default setting. This value is + input only. - >- - Request has finished being cancelled after user called - google.longrunning.Operations.CancelOperation. + An index entry will only exist if ALL fields are present in the + document. This is both the default and only allowed value for + Standard Edition databases (for both Cloud Firestore `ANY_API` and + Cloud Datastore `DATASTORE_MODE_API`). Take for example the + following document: ``` { "__name__": "...", "a": 1, "b": 2, "c": + 3 } ``` an index on `(a ASC, b ASC, c ASC, __name__ ASC)` will + generate an index entry for this document since `a`, 'b', `c`, and + `__name__` are all present but an index of `(a ASC, d ASC, + __name__ ASC)` will not generate an index entry for this document + since `d` is missing. This means that such indexes can only be + used to serve a query when the query has either implicit or + explicit requirements that all fields from the index are present. + - >- + An index entry will exist if ANY field are present in the + document. This is used as the definition of a sparse index for + Enterprise Edition databases. Take for example the following + document: ``` { "__name__": "...", "a": 1, "b": 2, "c": 3 } ``` an + index on `(a ASC, d ASC)` will generate an index entry for this + document since `a` is present, and will fill in an `unset` value + for `d`. An index on `(d ASC, e ASC)` will not generate any index + entry as neither `d` nor `e` are present. An index that contains + `__name__` will generate an index entry for all documents since + Firestore guarantees that all documents have a `__name__` field. + - >- + An index entry will exist regardless of if the fields are present + or not. This is the default density for an Enterprise Edition + database. The index will store `unset` values for fields that are + not present in the document. + type: string + description: Immutable. The density configuration of the index. enum: - - OPERATION_STATE_UNSPECIFIED - - INITIALIZING - - PROCESSING - - CANCELLING - - FINALIZING - - SUCCESSFUL - - FAILED - - CANCELLED - database: - description: The name of the database being cloned to. + - DENSITY_UNSPECIFIED + - SPARSE_ALL + - SPARSE_ANY + - DENSE + type: object + description: >- + Cloud Firestore indexes enable simple and complex queries against + documents in a database. + GoogleFirestoreAdminV1WeeklyRecurrence: + type: object + properties: + day: + description: The day of week to run. DAY_OF_WEEK_UNSPECIFIED is not allowed. type: string - pitrSnapshot: - description: The snapshot from which this database was cloned. - $ref: '#/components/schemas/GoogleFirestoreAdminV1PitrSnapshot' - progressPercentage: - description: >- - How far along the clone is as an estimated percentage of remaining - time. - $ref: '#/components/schemas/GoogleFirestoreAdminV1Progress' + enum: + - DAY_OF_WEEK_UNSPECIFIED + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + - SUNDAY + enumDescriptions: + - The day of the week is unspecified. + - Monday + - Tuesday + - Wednesday + - Thursday + - Friday + - Saturday + - Sunday + description: >- + Represents a recurring schedule that runs on a specified day of the + week. The time zone is UTC. + id: GoogleFirestoreAdminV1WeeklyRecurrence parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto callback: description: JSONP in: query name: callback schema: type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string - key: + quotaUser: description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: key + name: quotaUser schema: type: string oauth_token: @@ -3672,33 +3732,28 @@ components: name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + alt: + description: Data format for response. in: query - name: quotaUser + name: alt schema: type: string + enum: + - json + - media + - proto upload_protocol: description: Upload protocol for media (e.g. "raw", "multipart"). in: query name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: uploadType + name: prettyPrint schema: - type: string + type: boolean _.xgafv: description: V1 error format. in: query @@ -3708,25 +3763,40 @@ components: enum: - '1' - '2' + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string x-stackQL-resources: locations: id: google.firestore.locations name: locations title: Locations methods: - list: + get: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.locations - get: + list: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.locations sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/locations/methods/get' @@ -3775,10 +3845,23 @@ components: name: databases title: Databases methods: - export_documents: + get: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}:exportDocuments/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -3789,10 +3872,16 @@ components: response: mediaType: application/json openAPIDocKey: '200' - bulk_delete_documents: + clone: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1databases:clone/post' + response: + mediaType: application/json + openAPIDocKey: '200' + export_documents: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}:bulkDeleteDocuments/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}:exportDocuments/post response: mediaType: application/json openAPIDocKey: '200' @@ -3808,23 +3897,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: + bulk_delete_documents: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}:bulkDeleteDocuments/post response: mediaType: application/json openAPIDocKey: '200' @@ -3834,12 +3910,6 @@ components: response: mediaType: application/json openAPIDocKey: '200' - clone: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1databases:clone/post' - response: - mediaType: application/json - openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/databases/methods/get' @@ -3850,201 +3920,173 @@ components: - $ref: '#/components/x-stackQL-resources/databases/methods/patch' replace: [] delete: + - $ref: '#/components/x-stackQL-resources/databases/methods/delete' - $ref: >- #/components/x-stackQL-resources/databases/methods/bulk_delete_documents - - $ref: '#/components/x-stackQL-resources/databases/methods/delete' - operations: - id: google.firestore.operations - name: operations - title: Operations + documents: + id: google.firestore.documents + name: documents + title: Documents methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{documentsId1}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{documentsId1}/patch response: mediaType: application/json openAPIDocKey: '200' - cancel: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{documentsId1}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' - insert: [] - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - indexes: - id: google.firestore.indexes - name: indexes - title: Indexes - methods: - create: + begin_transaction: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1collectionGroups~1{collectionGroupsId}~1indexes/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents:beginTransaction/post response: mediaType: application/json openAPIDocKey: '200' - list: + run_aggregation_query: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1collectionGroups~1{collectionGroupsId}~1indexes/get + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{documentsId1}:runAggregationQuery/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.indexes - get: + create_document: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1collectionGroups~1{collectionGroupsId}~1indexes~1{indexesId}/get + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{collectionId}/post response: mediaType: application/json openAPIDocKey: '200' - delete: + commit: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1collectionGroups~1{collectionGroupsId}~1indexes~1{indexesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents:commit/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/indexes/methods/get' - - $ref: '#/components/x-stackQL-resources/indexes/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/indexes/methods/create' - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/indexes/methods/delete' - fields: - id: google.firestore.fields - name: fields - title: Fields - methods: - get: + list_documents: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1collectionGroups~1{collectionGroupsId}~1fields~1{fieldsId}/get + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{collectionId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + objectKey: $.documents + run_query: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1collectionGroups~1{collectionGroupsId}~1fields~1{fieldsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{documentsId1}:runQuery/post response: mediaType: application/json openAPIDocKey: '200' - list: + batch_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1collectionGroups~1{collectionGroupsId}~1fields/get + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents:batchGet/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.fields - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/fields/methods/get' - - $ref: '#/components/x-stackQL-resources/fields/methods/list' - insert: [] - update: - - $ref: '#/components/x-stackQL-resources/fields/methods/patch' - replace: [] - delete: [] - user_creds: - id: google.firestore.user_creds - name: user_creds - title: User_creds - methods: - create: + write: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1userCreds/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents:write/post response: mediaType: application/json openAPIDocKey: '200' - list: + batch_write: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1userCreds/get + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents:batchWrite/post response: mediaType: application/json openAPIDocKey: '200' - get: + partition_query: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1userCreds~1{userCredsId}/get + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{documentsId1}:partitionQuery/post response: mediaType: application/json openAPIDocKey: '200' - delete: + listen: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1userCreds~1{userCredsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents:listen/post response: mediaType: application/json openAPIDocKey: '200' - enable: + rollback: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1userCreds~1{userCredsId}:enable/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents:rollback/post response: mediaType: application/json openAPIDocKey: '200' - disable: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1userCreds~1{userCredsId}:disable/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{documentsId1}~1{collectionId}/get response: mediaType: application/json openAPIDocKey: '200' - reset_password: + objectKey: $.documents + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/documents/methods/list' + - $ref: '#/components/x-stackQL-resources/documents/methods/get' + - $ref: '#/components/x-stackQL-resources/documents/methods/list_documents' + - $ref: '#/components/x-stackQL-resources/documents/methods/listen' + insert: + - $ref: '#/components/x-stackQL-resources/documents/methods/create_document' + update: + - $ref: '#/components/x-stackQL-resources/documents/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/documents/methods/delete' + documents_collection_ids: + id: google.firestore.documents_collection_ids + name: documents_collection_ids + title: Documents_collection_ids + methods: + list_collection_ids: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1userCreds~1{userCredsId}:resetPassword/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{documentsId1}:listCollectionIds/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/user_creds/methods/get' - - $ref: '#/components/x-stackQL-resources/user_creds/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/user_creds/methods/create' + - $ref: >- + #/components/x-stackQL-resources/documents_collection_ids/methods/list_collection_ids + insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/user_creds/methods/delete' + delete: [] backup_schedules: id: google.firestore.backup_schedules name: backup_schedules title: Backup_schedules methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1backupSchedules/get + response: + mediaType: application/json + openAPIDocKey: '200' create: operation: $ref: >- @@ -4052,10 +4094,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1backupSchedules/get + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1backupSchedules~1{backupSchedulesId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -4073,13 +4115,6 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1backupSchedules~1{backupSchedulesId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/backup_schedules/methods/get' @@ -4091,172 +4126,239 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/backup_schedules/methods/delete' - documents: - id: google.firestore.documents - name: documents - title: Documents + fields: + id: google.firestore.fields + name: fields + title: Fields methods: + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1collectionGroups~1{collectionGroupsId}~1fields~1{fieldsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{documentsId1}/get + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1collectionGroups~1{collectionGroupsId}~1fields~1{fieldsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{documentsId1}/patch + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1collectionGroups~1{collectionGroupsId}~1fields/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.fields + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/fields/methods/get' + - $ref: '#/components/x-stackQL-resources/fields/methods/list' + insert: [] + update: + - $ref: '#/components/x-stackQL-resources/fields/methods/patch' + replace: [] + delete: [] + indexes: + id: google.firestore.indexes + name: indexes + title: Indexes + methods: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{documentsId1}/delete + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1collectionGroups~1{collectionGroupsId}~1indexes~1{indexesId}/get response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{documentsId1}~1{collectionId}/get + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1collectionGroups~1{collectionGroupsId}~1indexes~1{indexesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.documents - list_documents: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{collectionId}/get + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1collectionGroups~1{collectionGroupsId}~1indexes/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.documents - batch_get: + objectKey: $.indexes + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents:batchGet/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1collectionGroups~1{collectionGroupsId}~1indexes/post response: mediaType: application/json openAPIDocKey: '200' - begin_transaction: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/indexes/methods/get' + - $ref: '#/components/x-stackQL-resources/indexes/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/indexes/methods/create' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/indexes/methods/delete' + operations: + id: google.firestore.operations + name: operations + title: Operations + methods: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents:beginTransaction/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - commit: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents:commit/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - rollback: + objectKey: $.operations + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents:rollback/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - run_query: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{documentsId1}:runQuery/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - run_aggregation_query: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' + insert: [] + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + user_creds: + id: google.firestore.user_creds + name: user_creds + title: User_creds + methods: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{documentsId1}:runAggregationQuery/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1userCreds~1{userCredsId}/get response: mediaType: application/json openAPIDocKey: '200' - partition_query: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{documentsId1}:partitionQuery/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1userCreds~1{userCredsId}/delete response: mediaType: application/json openAPIDocKey: '200' - write: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents:write/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1userCreds/post response: mediaType: application/json openAPIDocKey: '200' - listen: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents:listen/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1userCreds/get response: mediaType: application/json openAPIDocKey: '200' - batch_write: + reset_password: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents:batchWrite/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1userCreds~1{userCredsId}:resetPassword/post response: mediaType: application/json openAPIDocKey: '200' - create_document: + disable: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{collectionId}/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1userCreds~1{userCredsId}:disable/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/documents/methods/list' - - $ref: '#/components/x-stackQL-resources/documents/methods/get' - - $ref: '#/components/x-stackQL-resources/documents/methods/list_documents' - - $ref: '#/components/x-stackQL-resources/documents/methods/listen' - insert: - - $ref: '#/components/x-stackQL-resources/documents/methods/create_document' - update: - - $ref: '#/components/x-stackQL-resources/documents/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/documents/methods/delete' - documents_collection_ids: - id: google.firestore.documents_collection_ids - name: documents_collection_ids - title: Documents_collection_ids - methods: - list_collection_ids: + enable: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1documents~1{documentsId}~1{documentsId1}:listCollectionIds/post + #/paths/~1v1~1projects~1{projectsId}~1databases~1{databasesId}~1userCreds~1{userCredsId}:enable/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/documents_collection_ids/methods/list_collection_ids - insert: [] + - $ref: '#/components/x-stackQL-resources/user_creds/methods/get' + - $ref: '#/components/x-stackQL-resources/user_creds/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/user_creds/methods/create' update: [] replace: [] - delete: [] + delete: + - $ref: '#/components/x-stackQL-resources/user_creds/methods/delete' paths: - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/access_token' + get: + description: Gets information about a location. + operationId: firestore.projects.locations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/datastore + Oauth2c: + - https://www.googleapis.com/auth/datastore + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Location' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations: + parameters: *ref_1 get: description: Lists information about the supported locations for this service. operationId: firestore.projects.locations.list @@ -4282,6 +4384,14 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: extraLocationTypes + schema: + type: string - in: query name: filter schema: @@ -4291,19 +4401,46 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken + /v1/projects/{projectsId}/locations/{locationsId}/backups/{backupsId}: + parameters: *ref_1 + get: + description: Gets information about a backup. + operationId: firestore.projects.locations.backups.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/datastore + Oauth2c: + - https://www.googleapis.com/auth/datastore + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleFirestoreAdminV1Backup' + parameters: + - in: path + name: projectsId + required: true schema: type: string - - in: query - name: extraLocationTypes + - in: path + name: locationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 - get: - description: Gets information about a location. - operationId: firestore.projects.locations.get + - in: path + name: backupsId + required: true + schema: + type: string + delete: + description: Deletes a backup. + operationId: firestore.projects.locations.backups.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4319,7 +4456,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -4331,11 +4468,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/backups/{backupsId}: + - in: path + name: backupsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/backups: parameters: *ref_1 get: - description: Gets information about a backup. - operationId: firestore.projects.locations.backups.get + description: Lists all the backups. + operationId: firestore.projects.locations.backups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4351,7 +4493,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleFirestoreAdminV1Backup' + $ref: '#/components/schemas/GoogleFirestoreAdminV1ListBackupsResponse' parameters: - in: path name: projectsId @@ -4363,14 +4505,50 @@ paths: required: true schema: type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/databases/{databasesId}: + parameters: *ref_1 + get: + description: Gets information about a database. + operationId: firestore.projects.databases.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/datastore + Oauth2c: + - https://www.googleapis.com/auth/datastore + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleFirestoreAdminV1Database' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: backupsId + name: databasesId required: true schema: type: string - delete: - description: Deletes a backup. - operationId: firestore.projects.locations.backups.delete + patch: + description: Updates a database. + operationId: firestore.projects.databases.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleFirestoreAdminV1Database' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4386,7 +4564,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -4394,20 +4572,18 @@ paths: schema: type: string - in: path - name: locationsId + name: databasesId required: true schema: type: string - - in: path - name: backupsId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/backups: - parameters: *ref_1 - get: - description: Lists all the backups. - operationId: firestore.projects.locations.backups.list + format: google-fieldmask + delete: + description: Deletes a database. + operationId: firestore.projects.databases.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4423,7 +4599,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleFirestoreAdminV1ListBackupsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -4431,35 +4607,31 @@ paths: schema: type: string - in: path - name: locationsId + name: databasesId required: true schema: type: string - in: query - name: filter + name: etag schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}:exportDocuments: + /v1/projects/{projectsId}/databases/{databasesId}:importDocuments: parameters: *ref_1 post: description: >- - Exports a copy of all or a subset of documents from Google Cloud - Firestore to another storage system, such as Google Cloud Storage. - Recent updates to documents may not be reflected in the export. The - export occurs in the background and its progress can be monitored and - managed via the Operation resource that is created. The output of an - export may only be used once the associated operation is done. If an - export operation is cancelled before completion it may leave partial - data behind in Google Cloud Storage. For more details on export behavior - and output format, refer to: - https://cloud.google.com/firestore/docs/manage-data/export-import - operationId: firestore.projects.databases.exportDocuments + Imports documents into Google Cloud Firestore. Existing documents with + the same name are overwritten. The import occurs in the background and + its progress can be monitored and managed via the Operation resource + that is created. If an ImportDocuments operation is cancelled, it is + possible that a subset of the data has already been imported to Cloud + Firestore. + operationId: firestore.projects.databases.importDocuments requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleFirestoreAdminV1ExportDocumentsRequest + #/components/schemas/GoogleFirestoreAdminV1ImportDocumentsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4487,23 +4659,26 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}:importDocuments: + /v1/projects/{projectsId}/databases:clone: parameters: *ref_1 post: description: >- - Imports documents into Google Cloud Firestore. Existing documents with - the same name are overwritten. The import occurs in the background and - its progress can be monitored and managed via the Operation resource - that is created. If an ImportDocuments operation is cancelled, it is - possible that a subset of the data has already been imported to Cloud - Firestore. - operationId: firestore.projects.databases.importDocuments + Creates a new database by cloning an existing one. The new database must + be in the same cloud region or multi-region location as the existing + database. This behaves similar to FirestoreAdmin.CreateDatabase except + instead of creating a new empty database, a new database is created with + the database type, index configuration, and documents from an existing + database. The long-running operation can be used to track the progress + of the clone, with the Operation's metadata field type being the + CloneDatabaseMetadata. The response type is the Database if the clone + was successful. The new database is not readable or writeable until the + LRO has completed. + operationId: firestore.projects.databases.clone requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleFirestoreAdminV1ImportDocumentsRequest + $ref: '#/components/schemas/GoogleFirestoreAdminV1CloneDatabaseRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4526,29 +4701,27 @@ paths: required: true schema: type: string - - in: path - name: databasesId - required: true - schema: - type: string - /v1/projects/{projectsId}/databases/{databasesId}:bulkDeleteDocuments: + /v1/projects/{projectsId}/databases/{databasesId}:exportDocuments: parameters: *ref_1 post: description: >- - Bulk deletes a subset of documents from Google Cloud Firestore. - Documents created or updated after the underlying system starts to - process the request will not be deleted. The bulk delete occurs in the - background and its progress can be monitored and managed via the - Operation resource that is created. For more details on bulk delete - behavior, refer to: - https://cloud.google.com/firestore/docs/manage-data/bulk-delete - operationId: firestore.projects.databases.bulkDeleteDocuments + Exports a copy of all or a subset of documents from Google Cloud + Firestore to another storage system, such as Google Cloud Storage. + Recent updates to documents may not be reflected in the export. The + export occurs in the background and its progress can be monitored and + managed via the Operation resource that is created. The output of an + export may only be used once the associated operation is done. If an + export operation is cancelled before completion it may leave partial + data behind in Google Cloud Storage. For more details on export behavior + and output format, refer to: + https://cloud.google.com/firestore/docs/manage-data/export-import + operationId: firestore.projects.databases.exportDocuments requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleFirestoreAdminV1BulkDeleteDocumentsRequest + #/components/schemas/GoogleFirestoreAdminV1ExportDocumentsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4642,81 +4815,24 @@ paths: name: showDeleted schema: type: boolean - /v1/projects/{projectsId}/databases/{databasesId}: + /v1/projects/{projectsId}/databases/{databasesId}:bulkDeleteDocuments: parameters: *ref_1 - get: - description: Gets information about a database. - operationId: firestore.projects.databases.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/datastore - Oauth2c: - - https://www.googleapis.com/auth/datastore - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleFirestoreAdminV1Database' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: databasesId - required: true - schema: - type: string - patch: - description: Updates a database. - operationId: firestore.projects.databases.patch + post: + description: >- + Bulk deletes a subset of documents from Google Cloud Firestore. + Documents created or updated after the underlying system starts to + process the request will not be deleted. The bulk delete occurs in the + background and its progress can be monitored and managed via the + Operation resource that is created. For more details on bulk delete + behavior, refer to: + https://cloud.google.com/firestore/docs/manage-data/bulk-delete + operationId: firestore.projects.databases.bulkDeleteDocuments requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleFirestoreAdminV1Database' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/datastore - Oauth2c: - - https://www.googleapis.com/auth/datastore - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: databasesId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a database. - operationId: firestore.projects.databases.delete + $ref: >- + #/components/schemas/GoogleFirestoreAdminV1BulkDeleteDocumentsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4744,10 +4860,6 @@ paths: required: true schema: type: string - - in: query - name: etag - schema: - type: string /v1/projects/{projectsId}/databases:restore: parameters: *ref_1 post: @@ -4791,26 +4903,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/databases:clone: + /v1/projects/{projectsId}/databases/{databasesId}/documents/{documentsId}/{documentsId1}: parameters: *ref_1 - post: - description: >- - Creates a new database by cloning an existing one. The new database must - be in the same cloud region or multi-region location as the existing - database. This behaves similar to FirestoreAdmin.CreateDatabase except - instead of creating a new empty database, a new database is created with - the database type, index configuration, and documents from an existing - database. The long-running operation can be used to track the progress - of the clone, with the Operation's metadata field type being the - CloneDatabaseMetadata. The response type is the Database if the clone - was successful. The new database is not readable or writeable until the - LRO has completed. - operationId: firestore.projects.databases.clone - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleFirestoreAdminV1CloneDatabaseRequest' + delete: + description: Deletes a document. + operationId: firestore.projects.databases.documents.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4826,68 +4923,45 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: firestore.projects.databases.operations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/datastore - Oauth2c: - - https://www.googleapis.com/auth/datastore - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' - parameters: - in: path - name: projectsId + name: databasesId required: true schema: type: string - in: path - name: databasesId + name: documentsId required: true schema: type: string - - in: query - name: filter + - in: path + name: documentsId1 + required: true schema: type: string - in: query - name: pageSize + name: currentDocument.exists schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: currentDocument.updateTime schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/operations/{operationsId}: - parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: firestore.projects.databases.operations.get + format: google-datetime + patch: + description: Updates or inserts a document. + operationId: firestore.projects.databases.documents.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Document' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4903,7 +4977,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/Document' parameters: - in: path name: projectsId @@ -4916,17 +4990,35 @@ paths: schema: type: string - in: path - name: operationsId + name: documentsId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: firestore.projects.databases.operations.delete + - in: path + name: documentsId1 + required: true + schema: + type: string + - in: query + name: currentDocument.exists + schema: + type: boolean + - in: query + name: updateMask.fieldPaths + schema: + type: string + - in: query + name: currentDocument.updateTime + schema: + type: string + format: google-datetime + - in: query + name: mask.fieldPaths + schema: + type: string + get: + description: Gets a single document. + operationId: firestore.projects.databases.documents.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4942,7 +5034,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Document' parameters: - in: path name: projectsId @@ -4955,29 +5047,39 @@ paths: schema: type: string - in: path - name: operationsId + name: documentsId required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/operations/{operationsId}:cancel: + - in: path + name: documentsId1 + required: true + schema: + type: string + - in: query + name: mask.fieldPaths + schema: + type: string + - in: query + name: readTime + schema: + type: string + format: google-datetime + - in: query + name: transaction + schema: + type: string + format: byte + /v1/projects/{projectsId}/databases/{databasesId}/documents:beginTransaction: parameters: *ref_1 post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: firestore.projects.databases.operations.cancel + description: Starts a new transaction. + operationId: firestore.projects.databases.documents.beginTransaction requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' + $ref: '#/components/schemas/BeginTransactionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4993,7 +5095,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/BeginTransactionResponse' parameters: - in: path name: projectsId @@ -5005,24 +5107,21 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/databases/{databasesId}/collectionGroups/{collectionGroupsId}/indexes: + /v1/projects/{projectsId}/databases/{databasesId}/documents/{documentsId}/{documentsId1}:runAggregationQuery: parameters: *ref_1 post: description: >- - Creates a composite index. This returns a google.longrunning.Operation - which may be used to track the status of the creation. The metadata for - the operation will be the type IndexOperationMetadata. - operationId: firestore.projects.databases.collectionGroups.indexes.create + Runs an aggregation query. Rather than producing Document results like + Firestore.RunQuery, this API allows running an aggregation to produce a + series of AggregationResult server-side. High-Level Example: ``` -- + Return the number of documents in table given a filter. SELECT COUNT(*) + FROM ( SELECT * FROM k where a = true ); ``` + operationId: firestore.projects.databases.documents.runAggregationQuery requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleFirestoreAdminV1Index' + $ref: '#/components/schemas/RunAggregationQueryRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5038,7 +5137,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/RunAggregationQueryResponse' parameters: - in: path name: projectsId @@ -5051,13 +5150,25 @@ paths: schema: type: string - in: path - name: collectionGroupsId + name: documentsId required: true schema: type: string - get: - description: Lists composite indexes. - operationId: firestore.projects.databases.collectionGroups.indexes.list + - in: path + name: documentsId1 + required: true + schema: + type: string + /v1/projects/{projectsId}/databases/{databasesId}/documents/{documentsId}/{collectionId}: + parameters: *ref_1 + post: + description: Creates a new document. + operationId: firestore.projects.databases.documents.createDocument + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Document' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5073,7 +5184,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleFirestoreAdminV1ListIndexesResponse' + $ref: '#/components/schemas/Document' parameters: - in: path name: projectsId @@ -5086,28 +5197,33 @@ paths: schema: type: string - in: path - name: collectionGroupsId + name: documentsId required: true schema: type: string - - in: query - name: filter + - in: path + name: collectionId + required: true schema: type: string - in: query - name: pageSize + name: documentId schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: mask.fieldPaths schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/collectionGroups/{collectionGroupsId}/indexes/{indexesId}: + /v1/projects/{projectsId}/databases/{databasesId}/documents:commit: parameters: *ref_1 - get: - description: Gets a composite index. - operationId: firestore.projects.databases.collectionGroups.indexes.get + post: + description: Commits a transaction, while optionally updating documents. + operationId: firestore.projects.databases.documents.commit + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CommitRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5123,7 +5239,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleFirestoreAdminV1Index' + $ref: '#/components/schemas/CommitResponse' parameters: - in: path name: projectsId @@ -5135,19 +5251,11 @@ paths: required: true schema: type: string - - in: path - name: collectionGroupsId - required: true - schema: - type: string - - in: path - name: indexesId - required: true - schema: - type: string - delete: - description: Deletes a composite index. - operationId: firestore.projects.databases.collectionGroups.indexes.delete + /v1/projects/{projectsId}/databases/{databasesId}/documents/{collectionId}: + parameters: *ref_1 + get: + description: Lists documents. + operationId: firestore.projects.databases.documents.listDocuments security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5163,7 +5271,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListDocumentsResponse' parameters: - in: path name: projectsId @@ -5176,20 +5284,51 @@ paths: schema: type: string - in: path - name: collectionGroupsId + name: collectionId required: true schema: type: string - - in: path - name: indexesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/collectionGroups/{collectionGroupsId}/fields/{fieldsId}: + - in: query + name: showMissing + schema: + type: boolean + - in: query + name: mask.fieldPaths + schema: + type: string + - in: query + name: readTime + schema: + type: string + format: google-datetime + - in: query + name: orderBy + schema: + type: string + - in: query + name: transaction + schema: + type: string + format: byte + /v1/projects/{projectsId}/databases/{databasesId}/documents/{documentsId}/{documentsId1}:runQuery: parameters: *ref_1 - get: - description: Gets the metadata and configuration for a Field. - operationId: firestore.projects.databases.collectionGroups.fields.get + post: + description: Runs a query. + operationId: firestore.projects.databases.documents.runQuery + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RunQueryRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5205,7 +5344,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleFirestoreAdminV1Field' + $ref: '#/components/schemas/RunQueryResponse' parameters: - in: path name: projectsId @@ -5218,33 +5357,27 @@ paths: schema: type: string - in: path - name: collectionGroupsId + name: documentsId required: true schema: type: string - in: path - name: fieldsId - required: true - schema: - type: string - patch: - description: >- - Updates a field configuration. Currently, field updates apply only to - single field index configuration. However, calls to - FirestoreAdmin.UpdateField should provide a field mask to avoid changing - any configuration that the caller isn't aware of. The field mask should - be specified as: `{ paths: "index_config" }`. This call returns a - google.longrunning.Operation which may be used to track the status of - the field update. The metadata for the operation will be the type - FieldOperationMetadata. To configure the default field settings for the - database, use the special `Field` with resource name: - `projects/{project_id}/databases/{database_id}/collectionGroups/__default__/fields/*`. - operationId: firestore.projects.databases.collectionGroups.fields.patch + name: documentsId1 + required: true + schema: + type: string + /v1/projects/{projectsId}/databases/{databasesId}/documents:batchGet: + parameters: *ref_1 + post: + description: >- + Gets multiple documents. Documents returned by this method are not + guaranteed to be returned in the same order that they were requested. + operationId: firestore.projects.databases.documents.batchGet requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleFirestoreAdminV1Field' + $ref: '#/components/schemas/BatchGetDocumentsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5260,7 +5393,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/BatchGetDocumentsResponse' parameters: - in: path name: projectsId @@ -5272,31 +5405,18 @@ paths: required: true schema: type: string - - in: path - name: collectionGroupsId - required: true - schema: - type: string - - in: path - name: fieldsId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/databases/{databasesId}/collectionGroups/{collectionGroupsId}/fields: + /v1/projects/{projectsId}/databases/{databasesId}/documents:write: parameters: *ref_1 - get: + post: description: >- - Lists the field configuration and metadata for this database. Currently, - FirestoreAdmin.ListFields only supports listing fields that have been - explicitly overridden. To issue this query, call - FirestoreAdmin.ListFields with the filter set to - `indexConfig.usesAncestorConfig:false` or `ttlConfig:*`. - operationId: firestore.projects.databases.collectionGroups.fields.list + Streams batches of document updates and deletes, in order. This method + is only available via gRPC or WebChannel (not REST). + operationId: firestore.projects.databases.documents.write + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/WriteRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5312,7 +5432,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleFirestoreAdminV1ListFieldsResponse' + $ref: '#/components/schemas/WriteResponse' parameters: - in: path name: projectsId @@ -5324,34 +5444,22 @@ paths: required: true schema: type: string - - in: path - name: collectionGroupsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/databases/{databasesId}/userCreds: + /v1/projects/{projectsId}/databases/{databasesId}/documents:batchWrite: parameters: *ref_1 post: - description: Create a user creds. - operationId: firestore.projects.databases.userCreds.create + description: >- + Applies a batch of write operations. The BatchWrite method does not + apply the write operations atomically and can apply them out of order. + Method does not allow more than one write per document. Each write + succeeds or fails independently. See the BatchWriteResponse for the + success status of each write. If you require an atomically applied set + of writes, use Commit instead. + operationId: firestore.projects.databases.documents.batchWrite requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleFirestoreAdminV1UserCreds' + $ref: '#/components/schemas/BatchWriteRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5367,7 +5475,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleFirestoreAdminV1UserCreds' + $ref: '#/components/schemas/BatchWriteResponse' parameters: - in: path name: projectsId @@ -5379,15 +5487,20 @@ paths: required: true schema: type: string - - in: query - name: userCredsId - schema: - type: string - get: + /v1/projects/{projectsId}/databases/{databasesId}/documents/{documentsId}/{documentsId1}:partitionQuery: + parameters: *ref_1 + post: description: >- - List all user creds in the database. Note that the returned resource - does not contain the secret value itself. - operationId: firestore.projects.databases.userCreds.list + Partitions a query by returning partition cursors that can be used to + run the query in parallel. The returned partition cursors are split + points that can be used by RunQuery as starting/end points for the query + results. + operationId: firestore.projects.databases.documents.partitionQuery + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PartitionQueryRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5403,8 +5516,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleFirestoreAdminV1ListUserCredsResponse + $ref: '#/components/schemas/PartitionQueryResponse' parameters: - in: path name: projectsId @@ -5416,13 +5528,28 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/userCreds/{userCredsId}: + - in: path + name: documentsId + required: true + schema: + type: string + - in: path + name: documentsId1 + required: true + schema: + type: string + /v1/projects/{projectsId}/databases/{databasesId}/documents:listen: parameters: *ref_1 - get: + post: description: >- - Gets a user creds resource. Note that the returned resource does not - contain the secret value itself. - operationId: firestore.projects.databases.userCreds.get + Listens to changes. This method is only available via gRPC or WebChannel + (not REST). + operationId: firestore.projects.databases.documents.listen + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ListenRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5438,7 +5565,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleFirestoreAdminV1UserCreds' + $ref: '#/components/schemas/ListenResponse' parameters: - in: path name: projectsId @@ -5450,14 +5577,16 @@ paths: required: true schema: type: string - - in: path - name: userCredsId - required: true - schema: - type: string - delete: - description: Deletes a user creds. - operationId: firestore.projects.databases.userCreds.delete + /v1/projects/{projectsId}/databases/{databasesId}/documents:rollback: + parameters: *ref_1 + post: + description: Rolls back a transaction. + operationId: firestore.projects.databases.documents.rollback + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RollbackRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5485,22 +5614,16 @@ paths: required: true schema: type: string - - in: path - name: userCredsId - required: true - schema: - type: string - /v1/projects/{projectsId}/databases/{databasesId}/userCreds/{userCredsId}:enable: + /v1/projects/{projectsId}/databases/{databasesId}/documents/{documentsId}/{documentsId1}:listCollectionIds: parameters: *ref_1 post: - description: Enables a user creds. No-op if the user creds are already enabled. - operationId: firestore.projects.databases.userCreds.enable + description: Lists all the collection IDs underneath a document. + operationId: firestore.projects.databases.documents.listCollectionIds requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleFirestoreAdminV1EnableUserCredsRequest + $ref: '#/components/schemas/ListCollectionIdsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5516,7 +5639,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleFirestoreAdminV1UserCreds' + $ref: '#/components/schemas/ListCollectionIdsResponse' parameters: - in: path name: projectsId @@ -5529,21 +5652,20 @@ paths: schema: type: string - in: path - name: userCredsId + name: documentsId required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/userCreds/{userCredsId}:disable: + - in: path + name: documentsId1 + required: true + schema: + type: string + /v1/projects/{projectsId}/databases/{databasesId}/documents/{documentsId}/{documentsId1}/{collectionId}: parameters: *ref_1 - post: - description: Disables a user creds. No-op if the user creds are already disabled. - operationId: firestore.projects.databases.userCreds.disable - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleFirestoreAdminV1DisableUserCredsRequest + get: + description: Lists documents. + operationId: firestore.projects.databases.documents.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5559,7 +5681,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleFirestoreAdminV1UserCreds' + $ref: '#/components/schemas/ListDocumentsResponse' parameters: - in: path name: projectsId @@ -5572,21 +5694,56 @@ paths: schema: type: string - in: path - name: userCredsId + name: documentsId required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/userCreds/{userCredsId}:resetPassword: + - in: path + name: documentsId1 + required: true + schema: + type: string + - in: path + name: collectionId + required: true + schema: + type: string + - in: query + name: transaction + schema: + type: string + format: byte + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: showMissing + schema: + type: boolean + - in: query + name: mask.fieldPaths + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: readTime + schema: + type: string + format: google-datetime + /v1/projects/{projectsId}/databases/{databasesId}/backupSchedules: parameters: *ref_1 - post: - description: Resets the password of a user creds. - operationId: firestore.projects.databases.userCreds.resetPassword - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleFirestoreAdminV1ResetUserPasswordRequest + get: + description: List backup schedules. + operationId: firestore.projects.databases.backupSchedules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5602,25 +5759,19 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleFirestoreAdminV1UserCreds' + $ref: >- + #/components/schemas/GoogleFirestoreAdminV1ListBackupSchedulesResponse parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: databasesId + name: projectsId required: true schema: type: string - in: path - name: userCredsId + name: databasesId required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/backupSchedules: - parameters: *ref_1 post: description: >- Creates a backup schedule on a database. At most two backup schedules @@ -5659,9 +5810,11 @@ paths: required: true schema: type: string - get: - description: List backup schedules. - operationId: firestore.projects.databases.backupSchedules.list + /v1/projects/{projectsId}/databases/{databasesId}/backupSchedules/{backupSchedulesId}: + parameters: *ref_1 + delete: + description: Deletes a backup schedule. + operationId: firestore.projects.databases.backupSchedules.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5677,8 +5830,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleFirestoreAdminV1ListBackupSchedulesResponse + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -5690,8 +5842,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/backupSchedules/{backupSchedulesId}: - parameters: *ref_1 + - in: path + name: backupSchedulesId + required: true + schema: + type: string get: description: Gets information about a backup schedule. operationId: firestore.projects.databases.backupSchedules.get @@ -5772,9 +5927,26 @@ paths: schema: type: string format: google-fieldmask - delete: - description: Deletes a backup schedule. - operationId: firestore.projects.databases.backupSchedules.delete + /v1/projects/{projectsId}/databases/{databasesId}/collectionGroups/{collectionGroupsId}/fields/{fieldsId}: + parameters: *ref_1 + patch: + description: >- + Updates a field configuration. Currently, field updates apply only to + single field index configuration. However, calls to + FirestoreAdmin.UpdateField should provide a field mask to avoid changing + any configuration that the caller isn't aware of. The field mask should + be specified as: `{ paths: "index_config" }`. This call returns a + google.longrunning.Operation which may be used to track the status of + the field update. The metadata for the operation will be the type + FieldOperationMetadata. To configure the default field settings for the + database, use the special `Field` with resource name: + `projects/{project_id}/databases/{database_id}/collectionGroups/__default__/fields/*`. + operationId: firestore.projects.databases.collectionGroups.fields.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleFirestoreAdminV1Field' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5790,7 +5962,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -5803,15 +5975,23 @@ paths: schema: type: string - in: path - name: backupSchedulesId + name: collectionGroupsId required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/documents/{documentsId}/{documentsId1}: - parameters: *ref_1 + - in: path + name: fieldsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: Gets a single document. - operationId: firestore.projects.databases.documents.get + description: Gets the metadata and configuration for a Field. + operationId: firestore.projects.databases.collectionGroups.fields.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5827,7 +6007,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Document' + $ref: '#/components/schemas/GoogleFirestoreAdminV1Field' parameters: - in: path name: projectsId @@ -5840,37 +6020,25 @@ paths: schema: type: string - in: path - name: documentsId + name: collectionGroupsId required: true schema: type: string - in: path - name: documentsId1 + name: fieldsId required: true schema: type: string - - in: query - name: mask.fieldPaths - schema: - type: string - - in: query - name: transaction - schema: - type: string - format: byte - - in: query - name: readTime - schema: - type: string - format: google-datetime - patch: - description: Updates or inserts a document. - operationId: firestore.projects.databases.documents.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Document' + /v1/projects/{projectsId}/databases/{databasesId}/collectionGroups/{collectionGroupsId}/fields: + parameters: *ref_1 + get: + description: >- + Lists the field configuration and metadata for this database. Currently, + FirestoreAdmin.ListFields only supports listing fields that have been + explicitly overridden. To issue this query, call + FirestoreAdmin.ListFields with the filter set to + `indexConfig.usesAncestorConfig:false` or `ttlConfig:*`. + operationId: firestore.projects.databases.collectionGroups.fields.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5886,7 +6054,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Document' + $ref: '#/components/schemas/GoogleFirestoreAdminV1ListFieldsResponse' parameters: - in: path name: projectsId @@ -5899,35 +6067,28 @@ paths: schema: type: string - in: path - name: documentsId - required: true - schema: - type: string - - in: path - name: documentsId1 + name: collectionGroupsId required: true schema: type: string - in: query - name: updateMask.fieldPaths - schema: - type: string - - in: query - name: mask.fieldPaths + name: filter schema: type: string - in: query - name: currentDocument.exists + name: pageSize schema: - type: boolean + type: integer + format: int32 - in: query - name: currentDocument.updateTime + name: pageToken schema: type: string - format: google-datetime - delete: - description: Deletes a document. - operationId: firestore.projects.databases.documents.delete + /v1/projects/{projectsId}/databases/{databasesId}/collectionGroups/{collectionGroupsId}/indexes/{indexesId}: + parameters: *ref_1 + get: + description: Gets a composite index. + operationId: firestore.projects.databases.collectionGroups.indexes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5943,7 +6104,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/GoogleFirestoreAdminV1Index' parameters: - in: path name: projectsId @@ -5956,29 +6117,18 @@ paths: schema: type: string - in: path - name: documentsId + name: collectionGroupsId required: true schema: type: string - in: path - name: documentsId1 + name: indexesId required: true schema: type: string - - in: query - name: currentDocument.exists - schema: - type: boolean - - in: query - name: currentDocument.updateTime - schema: - type: string - format: google-datetime - /v1/projects/{projectsId}/databases/{databasesId}/documents/{documentsId}/{documentsId1}/{collectionId}: - parameters: *ref_1 - get: - description: Lists documents. - operationId: firestore.projects.databases.documents.list + delete: + description: Deletes a composite index. + operationId: firestore.projects.databases.collectionGroups.indexes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5994,7 +6144,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDocumentsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -6007,56 +6157,20 @@ paths: schema: type: string - in: path - name: documentsId - required: true - schema: - type: string - - in: path - name: documentsId1 + name: collectionGroupsId required: true schema: type: string - in: path - name: collectionId + name: indexesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: mask.fieldPaths - schema: - type: string - - in: query - name: transaction - schema: - type: string - format: byte - - in: query - name: readTime - schema: - type: string - format: google-datetime - - in: query - name: showMissing - schema: - type: boolean - /v1/projects/{projectsId}/databases/{databasesId}/documents/{collectionId}: + /v1/projects/{projectsId}/databases/{databasesId}/collectionGroups/{collectionGroupsId}/indexes: parameters: *ref_1 get: - description: Lists documents. - operationId: firestore.projects.databases.documents.listDocuments + description: Lists composite indexes. + operationId: firestore.projects.databases.collectionGroups.indexes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6072,7 +6186,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDocumentsResponse' + $ref: '#/components/schemas/GoogleFirestoreAdminV1ListIndexesResponse' parameters: - in: path name: projectsId @@ -6085,7 +6199,7 @@ paths: schema: type: string - in: path - name: collectionId + name: collectionGroupsId required: true schema: type: string @@ -6095,43 +6209,24 @@ paths: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: mask.fieldPaths - schema: - type: string - - in: query - name: transaction + name: filter schema: type: string - format: byte - in: query - name: readTime + name: pageToken schema: type: string - format: google-datetime - - in: query - name: showMissing - schema: - type: boolean - /v1/projects/{projectsId}/databases/{databasesId}/documents:batchGet: - parameters: *ref_1 post: description: >- - Gets multiple documents. Documents returned by this method are not - guaranteed to be returned in the same order that they were requested. - operationId: firestore.projects.databases.documents.batchGet + Creates a composite index. This returns a google.longrunning.Operation + which may be used to track the status of the creation. The metadata for + the operation will be the type IndexOperationMetadata. + operationId: firestore.projects.databases.collectionGroups.indexes.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/BatchGetDocumentsRequest' + $ref: '#/components/schemas/GoogleFirestoreAdminV1Index' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6147,7 +6242,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BatchGetDocumentsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -6159,16 +6254,30 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/documents:beginTransaction: + - in: path + name: collectionGroupsId + required: true + schema: + type: string + /v1/projects/{projectsId}/databases/{databasesId}/operations/{operationsId}:cancel: parameters: *ref_1 - post: - description: Starts a new transaction. - operationId: firestore.projects.databases.documents.beginTransaction + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: firestore.projects.databases.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/BeginTransactionRequest' + $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6184,7 +6293,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BeginTransactionResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -6196,16 +6305,18 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/documents:commit: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/databases/{databasesId}/operations: parameters: *ref_1 - post: - description: Commits a transaction, while optionally updating documents. - operationId: firestore.projects.databases.documents.commit - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CommitRequest' + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: firestore.projects.databases.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6221,7 +6332,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CommitResponse' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -6233,16 +6344,31 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/documents:rollback: + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/databases/{databasesId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Rolls back a transaction. - operationId: firestore.projects.databases.documents.rollback - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RollbackRequest' + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: firestore.projects.databases.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6258,7 +6384,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -6270,16 +6396,18 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/documents/{documentsId}/{documentsId1}:runQuery: - parameters: *ref_1 - post: - description: Runs a query. - operationId: firestore.projects.databases.documents.runQuery - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RunQueryRequest' + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: firestore.projects.databases.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6295,7 +6423,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RunQueryResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -6308,30 +6436,17 @@ paths: schema: type: string - in: path - name: documentsId - required: true - schema: - type: string - - in: path - name: documentsId1 + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/documents/{documentsId}/{documentsId1}:runAggregationQuery: + /v1/projects/{projectsId}/databases/{databasesId}/userCreds/{userCredsId}: parameters: *ref_1 - post: + get: description: >- - Runs an aggregation query. Rather than producing Document results like - Firestore.RunQuery, this API allows running an aggregation to produce a - series of AggregationResult server-side. High-Level Example: ``` -- - Return the number of documents in table given a filter. SELECT COUNT(*) - FROM ( SELECT * FROM k where a = true ); ``` - operationId: firestore.projects.databases.documents.runAggregationQuery - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RunAggregationQueryRequest' + Gets a user creds resource. Note that the returned resource does not + contain the secret value itself. + operationId: firestore.projects.databases.userCreds.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6347,7 +6462,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RunAggregationQueryResponse' + $ref: '#/components/schemas/GoogleFirestoreAdminV1UserCreds' parameters: - in: path name: projectsId @@ -6360,29 +6475,13 @@ paths: schema: type: string - in: path - name: documentsId - required: true - schema: - type: string - - in: path - name: documentsId1 + name: userCredsId required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/documents/{documentsId}/{documentsId1}:partitionQuery: - parameters: *ref_1 - post: - description: >- - Partitions a query by returning partition cursors that can be used to - run the query in parallel. The returned partition cursors are split - points that can be used by RunQuery as starting/end points for the query - results. - operationId: firestore.projects.databases.documents.partitionQuery - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PartitionQueryRequest' + delete: + description: Deletes a user creds. + operationId: firestore.projects.databases.userCreds.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6398,7 +6497,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PartitionQueryResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -6411,27 +6510,20 @@ paths: schema: type: string - in: path - name: documentsId - required: true - schema: - type: string - - in: path - name: documentsId1 + name: userCredsId required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/documents:write: + /v1/projects/{projectsId}/databases/{databasesId}/userCreds: parameters: *ref_1 post: - description: >- - Streams batches of document updates and deletes, in order. This method - is only available via gRPC or WebChannel (not REST). - operationId: firestore.projects.databases.documents.write + description: Create a user creds. + operationId: firestore.projects.databases.userCreds.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/WriteRequest' + $ref: '#/components/schemas/GoogleFirestoreAdminV1UserCreds' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6447,7 +6539,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WriteResponse' + $ref: '#/components/schemas/GoogleFirestoreAdminV1UserCreds' parameters: - in: path name: projectsId @@ -6459,18 +6551,15 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/documents:listen: - parameters: *ref_1 - post: + - in: query + name: userCredsId + schema: + type: string + get: description: >- - Listens to changes. This method is only available via gRPC or WebChannel - (not REST). - operationId: firestore.projects.databases.documents.listen - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ListenRequest' + List all user creds in the database. Note that the returned resource + does not contain the secret value itself. + operationId: firestore.projects.databases.userCreds.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6486,7 +6575,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListenResponse' + $ref: >- + #/components/schemas/GoogleFirestoreAdminV1ListUserCredsResponse parameters: - in: path name: projectsId @@ -6498,16 +6588,17 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/documents/{documentsId}/{documentsId1}:listCollectionIds: + /v1/projects/{projectsId}/databases/{databasesId}/userCreds/{userCredsId}:resetPassword: parameters: *ref_1 post: - description: Lists all the collection IDs underneath a document. - operationId: firestore.projects.databases.documents.listCollectionIds + description: Resets the password of a user creds. + operationId: firestore.projects.databases.userCreds.resetPassword requestBody: content: application/json: schema: - $ref: '#/components/schemas/ListCollectionIdsRequest' + $ref: >- + #/components/schemas/GoogleFirestoreAdminV1ResetUserPasswordRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6523,7 +6614,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListCollectionIdsResponse' + $ref: '#/components/schemas/GoogleFirestoreAdminV1UserCreds' parameters: - in: path name: projectsId @@ -6536,31 +6627,21 @@ paths: schema: type: string - in: path - name: documentsId - required: true - schema: - type: string - - in: path - name: documentsId1 + name: userCredsId required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/documents:batchWrite: + /v1/projects/{projectsId}/databases/{databasesId}/userCreds/{userCredsId}:disable: parameters: *ref_1 post: - description: >- - Applies a batch of write operations. The BatchWrite method does not - apply the write operations atomically and can apply them out of order. - Method does not allow more than one write per document. Each write - succeeds or fails independently. See the BatchWriteResponse for the - success status of each write. If you require an atomically applied set - of writes, use Commit instead. - operationId: firestore.projects.databases.documents.batchWrite + description: Disables a user creds. No-op if the user creds are already disabled. + operationId: firestore.projects.databases.userCreds.disable requestBody: content: application/json: schema: - $ref: '#/components/schemas/BatchWriteRequest' + $ref: >- + #/components/schemas/GoogleFirestoreAdminV1DisableUserCredsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6576,7 +6657,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BatchWriteResponse' + $ref: '#/components/schemas/GoogleFirestoreAdminV1UserCreds' parameters: - in: path name: projectsId @@ -6588,16 +6669,22 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/databases/{databasesId}/documents/{documentsId}/{collectionId}: + - in: path + name: userCredsId + required: true + schema: + type: string + /v1/projects/{projectsId}/databases/{databasesId}/userCreds/{userCredsId}:enable: parameters: *ref_1 post: - description: Creates a new document. - operationId: firestore.projects.databases.documents.createDocument + description: Enables a user creds. No-op if the user creds are already enabled. + operationId: firestore.projects.databases.userCreds.enable requestBody: content: application/json: schema: - $ref: '#/components/schemas/Document' + $ref: >- + #/components/schemas/GoogleFirestoreAdminV1EnableUserCredsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6613,7 +6700,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Document' + $ref: '#/components/schemas/GoogleFirestoreAdminV1UserCreds' parameters: - in: path name: projectsId @@ -6626,20 +6713,7 @@ paths: schema: type: string - in: path - name: documentsId - required: true - schema: - type: string - - in: path - name: collectionId + name: userCredsId required: true schema: type: string - - in: query - name: documentId - schema: - type: string - - in: query - name: mask.fieldPaths - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/geminicloudassist.yaml b/providers/src/googleapis.com/v00.00.00000/services/geminicloudassist.yaml index d25f0e6b..12152e63 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/geminicloudassist.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/geminicloudassist.yaml @@ -7,8 +7,8 @@ info: title: Gemini Cloud Assist API description: 'The AI-powered assistant for Google Cloud. ' version: v1alpha - x-discovery-doc-revision: '20250821' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251204' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/gemini servers: @@ -34,458 +34,158 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - InvokeExplainRequest: - id: InvokeExplainRequest - description: Request for InvokeExplain. - type: object - properties: - contents: - description: >- - Optional. Content of the input. It is repeated because it can - contain the history of the conversation. Most recent content is the - last element of the list. - type: array - items: - $ref: '#/components/schemas/Content' - Content: - id: Content - description: >- - A `Content` includes a `role` field designating the producer of the - `Content` and a `parts` field containing multi-part data that contains - the content of the message turn. + Interval: type: object properties: - role: - description: >- - Optional. The producer of the content. Must be either 'user' or - 'model'. Useful to set for multi-turn conversations, otherwise can - be left blank or unset. - type: string - parts: + endTime: description: >- - Required. Ordered `Parts` that constitute a single message. In the - future, parts may have different IANA MIME types. - type: array - items: - $ref: '#/components/schemas/Part' - Part: - id: Part - description: >- - A datatype containing media that is part of a multi-part `Content` - message. A `Part` consists of data which has an associated datatype. A - `Part` can only contain one of the accepted types in `Part.data`. - type: object - properties: - text: - description: Optional. Text part (can be code). + Optional. Exclusive end of the interval. If specified, a Timestamp + matching this interval will have to be before the end. type: string - InvokeExplainResponse: - id: InvokeExplainResponse - description: Response for InvokeExplain. - type: object - properties: - content: - description: The output content. - $ref: '#/components/schemas/Content' - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object - properties: - operations: + format: google-datetime + startTime: description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + Optional. Inclusive start of the interval. If specified, a Timestamp + matching this interval will have to be the same or after the start. + format: google-datetime type: string - Operation: - id: Operation description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object + Represents a time interval, encoded as a Timestamp start (inclusive) and + a Timestamp end (exclusive). The start must be less than or equal to the + end. When the start equals the end, the interval is empty (matches no + time). When both start and end are unspecified, the interval matches any + time. + id: Interval + InvestigationRunParameters: + description: Represents user parameters for running an investigation. properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object + accessTokens: additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. + type: string type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. + Optional. If populated, map of project to IAM token granting access + to that project. + id: InvestigationRunParameters type: object - properties: {} ListInvestigationsResponse: id: ListInvestigationsResponse - description: Message for response to listing Investigations - type: object properties: + nextPageToken: + description: >- + A token to use in subsequent requests in order to return the next + set of results. + type: string investigations: - description: The list of Investigation + description: The list of Investigations type: array items: $ref: '#/components/schemas/Investigation' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string unreachable: - description: Unordered list. Locations that could not be reached. type: array + description: Unordered list. Locations that could not be reached. items: type: string - Investigation: - id: Investigation - description: 'Message describing Investigation object Next Id: 24' + description: Message for response to listing Investigations type: object + Observation: properties: - name: - description: Identifier. name of resource - type: string - createTime: - description: Output only. [Output only] Create time stamp - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. [Output only] Update time stamp - readOnly: true - type: string - format: google-datetime - labels: - description: Optional. Labels as key value pairs - type: object - additionalProperties: + baseObservations: + type: array + items: type: string - revision: - description: Output only. [Output only] Current revision of the investigation - readOnly: true - type: string - revisionIndex: - description: >- - Output only. [Output only] Index of the current revision of the - investigation. 1-based. - readOnly: true - type: integer - format: int32 - revisionPredecessor: - description: >- - Optional. The name of the revision that was this revision's - predecessor. The UI, for example, will set this to the existing - revision when when a new revision is created due to an edit. - type: string - annotations: - description: >- - Optional. Annotations on the investigation. Unlike labels, these may - carry semantic meaning in running the investigation, and will not be - read by other systems such as billing. - $ref: '#/components/schemas/InvestigationAnnotations' - executionState: - description: >- - Output only. [Output only] The execution state of this - investigation. - readOnly: true - type: string - enumDescriptions: - - Default value. This value is unused. - - The investigation is being executed. - - >- - The investigation has not yet been executed since the symptom was - last updated. - - >- - The investigation execution has completed, but the execution has - failed. - - >- - All execution tasks have completed and the investigation is at - rest. - enum: - - INVESTIGATION_EXECUTION_STATE_UNSPECIFIED - - INVESTIGATION_EXECUTION_STATE_RUNNING - - INVESTIGATION_EXECUTION_STATE_MODIFIED - - INVESTIGATION_EXECUTION_STATE_FAILED - - INVESTIGATION_EXECUTION_STATE_COMPLETED - error: - description: >- - Output only. [Output only] If the investigation execution state is - FAILED, this field will contain the error message. - readOnly: true - $ref: '#/components/schemas/Status' - operation: description: >- - Output only. The Run operation most recently performed on the - investigation. - readOnly: true - type: string + Optional. The IDs of other observations that this observation is + based on. For example, a hypothesis observation will record the + observations that support that hypothesis. title: - description: Required. Human-readable display title for the investigation. type: string - observations: + description: Optional. Human-readable display title for the observation. + dataUrls: description: >- - Optional. A map from observation ID to the observation. This is a - map so that we can cleanly overwrite old observations with the - version from the latest revision. See Observation for guidance on - choosing IDs. + Optional. URLs pointing to evidence in support of this observation. + Maps from a human-readable description to a URL. type: object additionalProperties: - $ref: '#/components/schemas/Observation' - observerStatuses: - description: >- - Optional. Plural version of above. Code will transition to this over - time. - type: object + type: string + data: additionalProperties: - $ref: '#/components/schemas/ObserverStatus' - dataVersion: - description: >- - Optional. The data model version of this Investigation. Should be - either 1 or 2. Treat 0 as 1. If 1, use V1 Investigation data model. - If 2, use the Investigation Observation data model. - type: integer - format: int32 - clarificationsNeeded: - description: >- - Optional. Questions that the system needs to ask the user. The - results will be passed back by the UI as new Observations. The ID - for those observations will be the key of the entry in the - clarifications_needed map. + description: Properties of the object. + type: any type: object - additionalProperties: - $ref: '#/components/schemas/ClarificationNeeded' - InvestigationAnnotations: - id: InvestigationAnnotations - description: >- - Additional user-defined annotations on an Investigation. There are some - pre-defined ones, and a map for new applications to add their own. - type: object - properties: - followUp: - description: >- - Output only. Follow-up is required to continue the investigation. - Generally set to true by the troubleshooter and false when the - questions have been answered. - readOnly: true - type: boolean - newlyCreated: - description: >- - Optional. This investigation is been newly created and hasn't been - saved by the user yet. Set to true when an Investigation is created - by an application (like Chat) and false when the user requests - action via the UI. - type: boolean - supportCase: - description: Optional. The support case ID associated with the investigation. - type: string - uiReadOnly: - description: >- - Optional. Whether the UI should disable editing of this - investigation. - type: boolean - uiHidden: - description: >- - Optional. Whether the UI should hide this investigation from its - list. - type: boolean - extrasMap: description: >- - Optional. Additional annotations required by applications. These - will not be redacted and should NOT contain any CCC/PII. + Optional. A structured representation of the observation. This is + not required or guaranteed to conform to any particular schema. + knowledgeUrls: type: object additionalProperties: type: string - componentVersions: description: >- - Output only. Map of component key to version. Filled in by the run - process. The key is unique to a "component", broadly defined. A - component might be the TAF framework, Titan, a GCA tool, etc. The - version is a string that is unique to a particular release of the - component, e.g., a build label. + Optional. URLs pointing to reference knowledge related to this + observation. Maps from a human-readable description to a URL. + createTime: + type: string + format: google-datetime readOnly: true - type: object - additionalProperties: - type: string - revisionLastRunInterval: - description: Output only. Start/end time when the revision was last run. - readOnly: true - $ref: '#/components/schemas/Interval' - featureFlags: - description: >- - Output only. Map of feature flag names to their (string-serialized) - values. Filled in by, and at the very start of, the run process. - Treat as immutable for the subsequent life of an investigation run. - readOnly: true - type: object - additionalProperties: - type: string - pagePath: - description: Optional. Page path field set by the UI. - type: string - Interval: - id: Interval - description: >- - Represents a time interval, encoded as a Timestamp start (inclusive) and - a Timestamp end (exclusive). The start must be less than or equal to the - end. When the start equals the end, the interval is empty (matches no - time). When both start and end are unspecified, the interval matches any - time. - type: object - properties: - startTime: - description: >- - Optional. Inclusive start of the interval. If specified, a Timestamp - matching this interval will have to be the same or after the start. - type: string - format: google-datetime - endTime: - description: >- - Optional. Exclusive end of the interval. If specified, a Timestamp - matching this interval will have to be before the end. - type: string - format: google-datetime - Observation: - id: Observation - description: >- - An observation is the basic unit of interchange between user and system, - or between different components of the system. It is the element that - has a relevance. They should therefore be relatively small; if you - expect users to react to "part" of an observation, it should be broken - up into smaller observations. A particular runbook run, a particular - user parameter input, a particular interesting log entry might all be - separate observations. This means there might be dozens or hundreds in - an investigation. Next Id: 26 - type: object - properties: - id: - description: >- - Optional. Uniquely identifies this observation. Should depend on the - 'core content' of the observation, but not e.g. on the relevance. - Should not depend on anything that can vary unpredictably from - revision to revision to run. This is also the map key in the parent - Investigation. They should be hierarchical with '.' as the separator - starting with the name of the observer. So for instance, - diagnostics.runbook.ABC, or signals.logs, or user.input.2 It should - be usable as a URL component. (Case-insensitive [a-z0-9-._]+) These - will not be rendered for users, but will be visible in the data - model. They will be used by Google engineers to localize bugs so - should be semi-readable. + description: Output only. The time when the observation was created. + observerType: + enumDescriptions: + - Default value. Unused. + - >- + Diagnostics have an explicit notion of root causes, e.g. via + runbooks. + - Signals is for processing that doesn't have explicit root causes. + - >- + This is for code that depends only on premises. In particular, + error catalog lookups. + - >- + This is for AI inferences that depend only on observations listed + as premises. + - >- + User-input observation, including answers to clarifications. All + user-specified observations will be coerced to this type. + - An observation from an alert. type: string - timeRanges: - description: >- - Optional. When this observation occurred. Observations should have - at least one time range so that the observations can be shown on a - timeline and so we can find related events. For a repeated but not - continuous event, it is appropriate to have more than one range. The - UI may combine these. DEPRECATED: Use time_intervals instead. - deprecated: true - type: array - items: - $ref: '#/components/schemas/TimeRange' - timeIntervals: - description: >- - Optional. When this observation occurred. Observations should have - at least one time range so that the observations can be shown on a - timeline and so we can find related events. For a repeated but not - continuous event, it is appropriate to have more than one range. The - UI may combine these. - type: array - items: - $ref: '#/components/schemas/Interval' - title: + enum: + - OBSERVER_TYPE_UNSPECIFIED + - OBSERVER_TYPE_DIAGNOSTICS + - OBSERVER_TYPE_SIGNALS + - OBSERVER_TYPE_DETERMINISTIC_CODE + - OBSERVER_TYPE_AI + - OBSERVER_TYPE_USER + - OBSERVER_TYPE_ALERT + description: Required. The type of observer that produced this observation. + systemRelevanceScore: description: >- - Optional. The label shown in the UI. This need not be unique within - an investigation. However, it should be specific and less than 80 - characters so that the user can easily scan across many - observations. "Nettools pod configured with ALL capabilities - dropped" is much better than "Interesting pod configuration". - type: string + Optional. How relevant the observer perceives this observation to + be. This is used to rank observations in generating hypotheses. The + system outputs observations in the range [-1, 1], where -1 means + completely irrelevant, 0 means neutral, and 1 means complete + confidence in its relevance. + type: number + format: float observationType: - description: Required. The type of the observation (e.g. log, metric, etc.) type: string + enum: + - OBSERVATION_TYPE_UNSPECIFIED + - OBSERVATION_TYPE_CLOUD_LOG + - OBSERVATION_TYPE_CLOUD_METRIC + - OBSERVATION_TYPE_CAIS_CONFIG + - OBSERVATION_TYPE_CAIS_CONFIG_DIFF + - OBSERVATION_TYPE_CLOUD_ALERT + - OBSERVATION_TYPE_CICD_EVENT + - OBSERVATION_TYPE_TEXT_DESCRIPTION + - OBSERVATION_TYPE_HYPOTHESIS + - OBSERVATION_TYPE_STRUCTURED_INPUT + - OBSERVATION_TYPE_COMPOSITE + - OBSERVATION_TYPE_OTHER + - OBSERVATION_TYPE_RELATED_RESOURCES + - OBSERVATION_TYPE_LOG_THEME + - OBSERVATION_TYPE_CONFIG_ANALYSIS + - OBSERVATION_TYPE_OUTAGE + - OBSERVATION_TYPE_KNOWLEDGE enumDescriptions: - - >- - Do not use. Specify the type of the observation. Add a new enum if - you need it. + - Default value. - The text of this observation is a log entry. - The content of this observation is a metric or group of metrics. - A config @@ -511,489 +211,395 @@ components: - >- Text that provides knowledge about a particular user's problem. For example, error catalog instructions/external links, RAG etc. - enum: - - OBSERVATION_TYPE_UNSPECIFIED - - OBSERVATION_TYPE_CLOUD_LOG - - OBSERVATION_TYPE_CLOUD_METRIC - - OBSERVATION_TYPE_CAIS_CONFIG - - OBSERVATION_TYPE_CAIS_CONFIG_DIFF - - OBSERVATION_TYPE_CLOUD_ALERT - - OBSERVATION_TYPE_CICD_EVENT - - OBSERVATION_TYPE_TEXT_DESCRIPTION - - OBSERVATION_TYPE_HYPOTHESIS - - OBSERVATION_TYPE_STRUCTURED_INPUT - - OBSERVATION_TYPE_COMPOSITE - - OBSERVATION_TYPE_OTHER - - OBSERVATION_TYPE_RELATED_RESOURCES - - OBSERVATION_TYPE_LOG_THEME - - OBSERVATION_TYPE_CONFIG_ANALYSIS - - OBSERVATION_TYPE_OUTAGE - - OBSERVATION_TYPE_KNOWLEDGE - observerType: - description: Required. The origin of the data, e.g. user, system code, LLM etc. - type: string + description: Required. The type of the observation. + observationCompletionState: enumDescriptions: + - Default value. Will be treated as COMPLETE. + - This observation is fully formed. - >- - Do not use. Specify where the observation came from. Add a new - enum if you need it. - - >- - We separate these for internal attribution reasons. Diagnostics - have an explicit notion of root causes, e.g. via runbooks. - - Signals is for processing that doesn't have explicit root causes. - - >- - This is for code that depends only on premises. In particular, - error catalog lookups. - - >- - This is for AI inferences made along the way that depend only on - observations listed as premises. - - User-input observation, including answers to clarifications. - - An observation from an external-to-GCA alert. - enum: - - OBSERVER_TYPE_UNSPECIFIED - - OBSERVER_TYPE_DIAGNOSTICS - - OBSERVER_TYPE_SIGNALS - - OBSERVER_TYPE_DETERMINISTIC_CODE - - OBSERVER_TYPE_AI - - OBSERVER_TYPE_USER - - OBSERVER_TYPE_ALERT - text: + This observation is missing some information, or needs further + processing by a different observer. This type of observation may + be discarded in future investigation runs. description: >- - Optional. Natural-language [markdown] text associated with the - observation. This is the core content, not a metadata description. + Optional. Represents whether the observation is fully formed and + able to be used to draw conclusions. type: string - data: - description: >- - Optional. A structured representation of the observation, as chosen - by the observer. Optional. If present, an observer SHOULD also - supply a text description of the observation to facilitate - processing by an LLM and rendering in the UI. - type: object - additionalProperties: - type: any - description: Properties of the object. - dataUrls: - description: >- - Optional. A map from human-readable names to URLs for supportive - evidence. The map key will be rendered as URL anchor text. Fill this - in whenever an observation depends on a thing outside the system. - For example, logging/metrics/etc query that can regenerate the - observation. - type: object - additionalProperties: - type: string - knowledgeUrls: - description: Optional. A map from human-readable names to URLs for documentation. - type: object - additionalProperties: - type: string - baseObservations: - description: >- - Optional. The ids of other observations that this observation is - based on. For example, a conclusion observation will record the - observations that were used to generate it. An extracted param will - record what it was extracted from. The graph of premises and - conclusions will be acyclic within a revision. + enum: + - OBSERVATION_COMPLETION_STATE_UNSPECIFIED + - OBSERVATION_COMPLETION_STATE_COMPLETE + - OBSERVATION_COMPLETION_STATE_INCOMPLETE + relevantResources: type: array items: type: string - relevantResources: description: >- Optional. The Google Cloud resources relevant to the observation. - These should be fully qualified resource URIs, e.g., + These should be fully qualified resource URIs, e.g.: "//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance" - type: array - items: - type: string - recommendation: + id: + readOnly: true + type: string description: >- - Optional. Natural language [markdown] text which describes a - recommended action to remediate / fix the root cause. This is free - form and not machine- processed at this time. A recommendation can - be: - High-level remediation descriptions - Specific and tactical - remediation steps with executable commands - Specific and tactical - troubleshooting steps for where to investigate next with executable - commands + Output only. Uniquely identifies this observation. This is always + equal to the map key of this observation in the parent + investigation. + text: type: string - systemRelevanceScore: description: >- - Optional. How relevant this observation is to the investigation, as - inferred by the system. Optional. Should be in the range [-1, 1]. - For OBSERVATION_TYPE_HYPOTHESIS, represents confidence in the - explanation. Only root-cause hypotheses are ranked against each - other. For other ObservationTypes, this represents a relevance - score, and they are ranked against each other. A value of 0 is - neutral. - type: number - format: float - relevanceOverride: - description: Optional. The user's relevance judgement. + Optional. Natural-language or markdown text explaining the + observation. + recommendation: + description: >- + Optional. Natural language or markdown text which describes a + recommended action to remediate the root cause or further + investigate the issue. type: string + timeIntervals: + description: Optional. When this observation occurred. + items: + $ref: '#/components/schemas/Interval' + type: array + relevanceOverride: enumDescriptions: - >- The user has not marked this observation as relevant or irrelevant. - The user marked this observation as relevant. - The user marked this observation as irrelevant. + type: string enum: - USER_RELEVANCE_UNSPECIFIED - USER_RELEVANCE_PROMOTED - USER_RELEVANCE_REJECTED - observerErrors: - description: >- - Output only. An error within the Investigation system that blocked - an observer from making a particular observation. The error string - here will be shown to users. Repeated because an observer might lack - multiple permissions. Deprecated: Use ObserverStatus.observer_errors - instead. - readOnly: true - deprecated: true - type: array - items: - $ref: '#/components/schemas/Status' - observationCompletionState: - description: >- - Optional. An ObservationCompletionState represents whether the - emitted observation is fully formed and should be shown the to the - user. This is intended to allow hiding observations that are in an - intermediate state. - type: string - enumDescriptions: - - Do not use. - - >- - This observation is fully formed and should be shown the to the - user. - - >- - This observation is missing some information, or needs further - processing by a different observer. This type of Observation - should not be persisted into future investigation revisions. - enum: - - OBSERVATION_COMPLETION_STATE_UNSPECIFIED - - OBSERVATION_COMPLETION_STATE_COMPLETE - - OBSERVATION_COMPLETION_STATE_INCOMPLETE + description: Optional. The user's relevance judgement. observedNormalOperation: description: >- - Optional. Whether this observation gives us information about an - issue / root cause (false) or indicates normal operation (true). - This is conceptually different from the relevance and used - differently. An irrelevant observation should be hidden from the LLM - and also the user. A relevant observation of a problem should be - shown as an observation and should motivate a hypothesis. A relevant - finding of normalcy may / may not be shown in the UI, but should be - used by the LLM to filter out hypotheses that are refuted by the - finding. + Optional. If false or unspecified, this observation gives + information about an issue or root cause. If true, this observation + indicates that a system was observed to be operating normally. Such + negative results can be useful diagnostic findings, and this field + has no correlation with the relevance score. type: boolean - TimeRange: - id: TimeRange + type: object + id: Observation description: >- - Represents a time range at which an observation applies DEPRECATED: Use - google.type.Interval instead. + An observation represents a single fact about the state of the system + under investigation, along with a ranking of its relevance. + SetIamPolicyRequest: type: object + description: Request message for `SetIamPolicy` method. properties: - startTime: - description: >- - When this observation began applying. Use 'now' if the observer is - just looking at the current state of Google Cloud. - deprecated: true + updateMask: + format: google-fieldmask type: string - format: google-datetime - endTime: description: >- - If end is unspecified, that implies that it continues to the - present. Use end==start for a single moment. - deprecated: true + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + policy: + $ref: '#/components/schemas/Policy' + description: >- + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + id: SetIamPolicyRequest + ListOperationsResponse: + properties: + unreachable: + items: + type: string + type: array + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + operations: + type: array + description: >- + A list of operations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Operation' + nextPageToken: type: string - format: google-datetime - ObserverStatus: - id: ObserverStatus - description: >- - An ObserverStatus represents the status of an observer at a particular - point during execution of an investigation. NOTE: By default, nothing in - this message is redacted. Components should NOT put PII / CCC here - except where redacted. Next Id: 13 + description: The standard List next-page token. + description: The response message for Operations.ListOperations. + id: ListOperationsResponse + type: object + InvestigationAnnotations: + description: Additional annotations on an Investigation. type: object properties: - observer: + extrasMap: + description: Optional. Additional client-specified annotations. + additionalProperties: + type: string + type: object + supportCase: + description: Optional. A support case ID associated with the investigation. + type: string + pagePath: description: >- - Optional. The ID of the observer that this status is for. Observer - IDs should be human-readable and hierarchical, e.g. - "signals.logs.firewall_rules" or "diagnostics.error_catalog". + Optional. The path of a web page from which this investigation was + created. type: string - observerExecutionState: - description: Optional. The current execution state of the observer. + revisionLastRunInterval: + readOnly: true + $ref: '#/components/schemas/Interval' + description: >- + Output only. The interval during which the investigation was last + executed. + id: InvestigationAnnotations + AuditConfig: + properties: + service: type: string - enumDescriptions: - - The observer state is unspecified. - - The investigation has not yet started. - - >- - The investigation is running and this observer is runnable or - running. - - The observer has finished without an internal error. - - >- - The observer tried to run but failed due to an error. This is - specific to a component and may be rendered in the UI if the - observation is shown, as very low priority. - - The observer is blocked pending an input. - - >- - The observer reports an error that blocks or severely impacts the - investigation, for example CAIS or logging disabled. Should be - rendered in the UI prominently. - - >- - The observer reports an error that degrades the investigation, may - require user to escalate or re-run the investigation after - mitigating the cause. - enum: - - OBSERVER_EXECUTION_UNSPECIFIED - - OBSERVER_EXECUTION_NOT_STARTED - - OBSERVER_EXECUTION_RUNNING - - OBSERVER_EXECUTION_COMPLETE - - OBSERVER_EXECUTION_FAILED - - OBSERVER_EXECUTION_BLOCKED - - OBSERVER_EXECUTION_INVESTIGATION_BLOCKED - - OBSERVER_EXECUTION_INVESTIGATION_DEGRADED - observerDisplayName: - description: >- - Required. The name to show the user when describing this observer. - Note that the UI might replace this with an internationalized - counterpart, so it should not be generated dynamically. Required so - that the user can see which observer (e.g. runbook) the system is - talking about. - type: string - updateTime: - description: >- - Optional. The time when the status was updated. Optional because the - observer is responsible for setting it. Becomes end_time when the - observer is complete. - type: string - format: google-datetime - startTime: - description: >- - Optional. The time when the observer started. Optional because the - observer is responsible for setting it. When the observer is - finished, the difference between this and update_time is the - observer run time. - type: string - format: google-datetime - updateComment: - description: >- - Optional. A status update from the observer. May be logged for - debugging purposes. These may be shown to users. A good update would - be "parameters matched, queued for execution" or "checked log file - 2/5". - type: string - absentObservations: description: >- - Optional. The IDs of any predicate observations that would be needed - to run this observer, but are missing. Runbook parameters are the - motivating example. An observer must not emit an ID corresponding to - an existing observation. - type: array + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + auditLogConfigs: items: - $ref: '#/components/schemas/AbsentObservation' - observerErrors: - description: >- - Optional. An error within the Investigation system that blocked an - observer from making a particular observation. The error string here - will be shown to users. Repeated because an observer might lack - multiple permissions. + $ref: '#/components/schemas/AuditLogConfig' + description: The configuration for logging of each type of permission. type: array - items: - $ref: '#/components/schemas/Status' - AbsentObservation: - id: AbsentObservation - description: >- - An identifier of an observation that is needed. Typically a parameter - but extensible to other cases. type: object + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + id: AuditConfig + Policy: properties: - param: - description: Optional. A runbook parameter. - type: string - generalMissingObservation: - description: >- - Optional. A missing observation that the user could supply that is - not a runbook parameter. - $ref: '#/components/schemas/GeneralAbsentObservation' - pendingObservation: + bindings: + items: + $ref: '#/components/schemas/Binding' description: >- - Optional. An observation that is not yet created that an observer - should create by running. This might prompt the system to execute a - runbook. - type: string - GeneralAbsentObservation: - id: GeneralAbsentObservation - description: An absent observation that is not a runbook parameter. - type: object - properties: - id: - description: Optional. The ID of the missing observation. - type: string - title: - description: Optional. The title to display in the UI - type: string - validationRegex: + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + type: array + etag: description: >- - Optional. The regex that the answer must match. Must conform to - JavaScript's regular expression string pattern syntax. See - https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/RegExp/RegExp#syntax + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. type: string - ClarificationNeeded: - id: ClarificationNeeded - description: A clarification needed by the system. - type: object - properties: - runbookParameter: - description: >- - Optional. The result of a clarification is an observation. A runbook - parameter that the user needs to provide. - $ref: '#/components/schemas/RunbookParameter' - generalMissingObservation: - description: Optional. A missing observation that is not a runbook parameter. - $ref: '#/components/schemas/GeneralAbsentObservation' - parentObserverNames: + format: byte + version: + format: int32 + type: integer description: >- - Optional. The display names of the observers that asked for this - clarification. The UI will group by these names. - type: array - items: - type: string - RunbookParameter: - id: RunbookParameter - description: Parameter metadata for runbooks updated by the Diagnostic task. - type: object - properties: - id: - description: Optional. The name of the parameter. - type: string - displayName: - description: Optional. The name of the parameter to be displayed to the user. - type: string - description: - description: Optional. The description of the parameter. - type: string - exampleValues: - description: Optional. Examples of the parameter value. - type: array + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + auditConfigs: + description: Specifies cloud audit logging configuration for this policy. items: - type: string - value: - description: Optional. The value of the parameter if available. - type: string - associatedAssetTypes: - description: >- - Optional. If present, a list of resource types that this parameter - might be. For example, "compute.googleapis.com/Instance". + $ref: '#/components/schemas/AuditConfig' type: array - items: - type: string - ListInvestigationRevisionsResponse: - id: ListInvestigationRevisionsResponse - description: Message for response to listing revisions of a given Investigation type: object + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + id: Policy + ListLocationsResponse: + type: object + id: ListLocationsResponse + description: The response message for Locations.ListLocations. properties: - revisions: - description: The list of Investigation revisions - type: array - items: - $ref: '#/components/schemas/InvestigationRevision' nextPageToken: - description: A token identifying a page of results the server should return. + description: The standard List next-page token. type: string - unreachable: - description: Unordered list. Locations that could not be reached. + locations: + description: >- + A list of locations that matches the specified filter in the + request. type: array items: - type: string + $ref: '#/components/schemas/Location' + RunInvestigationRevisionRequest: + properties: + runParameters: + description: Optional. Parameters to pass through. + $ref: '#/components/schemas/InvestigationRunParameters' + id: RunInvestigationRevisionRequest + type: object + description: Request for running an investigation at a particular revision. InvestigationRevision: id: InvestigationRevision - description: Message describing a revision of an Investigation - type: object properties: name: - description: Identifier. name of resource type: string - snapshot: description: >- - Optional. [Output only] Snapshot of the investigation contents at - this revision - $ref: '#/components/schemas/Investigation' + Identifier. The name of the revision resource, of the form: + projects/{project_number}/locations/{location_id}/investigations/{investigation_id}/revisions/{revision_id} createTime: - description: Output only. [Output only] Create time stamp - readOnly: true type: string + readOnly: true + description: Output only. The time when the revision was created. format: google-datetime + snapshot: + description: Optional. Snapshot of the investigation contents at this revision. + $ref: '#/components/schemas/Investigation' labels: - description: Optional. Labels as key value pairs type: object additionalProperties: type: string + description: Optional. User-defined labels for the revision. index: description: Output only. Revision index number, in order of creation. readOnly: true - type: integer format: int32 - RunInvestigationRevisionRequest: - id: RunInvestigationRevisionRequest - description: Request for running an investigation at a particular revision. + type: integer type: object + description: >- + A revision holds a snapshot of the investigation at a past point in + time. The most recent revision holds the investigation's current state, + while previous revisions are immutable. + Expr: properties: - runParameters: - description: Optional. Parameters to pass through to Titan. - $ref: '#/components/schemas/InvestigationRunParameters' - updatedRevision: - description: Optional. Revision to update before running. - $ref: '#/components/schemas/InvestigationRevision' - updateMask: + location: + type: string description: >- - Optional. The fields of the revision to update. Note that only - user-writeable fields can be updated. + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + title: type: string - format: google-fieldmask - InvestigationRunParameters: - id: InvestigationRunParameters - description: Represents user parameters for running an investigation. - type: object - properties: - accessTokens: description: >- - Optional. If populated, map of project to access token for - TSE-triggered investigations. - type: object - additionalProperties: - type: string - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object - properties: - locations: + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + expression: description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. + Textual representation of an expression in Common Expression + Language syntax. type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + description: + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + id: Expr + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + type: object + Empty: + id: Empty type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + properties: {} + Location: properties: + displayName: + type: string + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". name: + type: string description: >- Resource name for the location, which may vary between implementations. For example: `"projects/example-project/locations/us-east1"` - type: string locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". type: string + description: 'The canonical id for this location. For example: `"us-east1"`.' labels: description: >- Cross-service attributes for the location. For example @@ -1002,141 +608,69 @@ components: additionalProperties: type: string metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: + type: object description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` - type: string - format: google-fieldmask - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + Service-specific metadata. For example the available capacity at the + given location. + id: Location + description: A resource that represents a Google Cloud location. + type: object + TestIamPermissionsResponse: type: object + id: TestIamPermissionsResponse + description: Response message for `TestIamPermissions` method. properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: - description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. + permissions: type: array + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. + type: string + AuditLogConfig: + properties: + exemptedMembers: + description: >- + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. type: array items: - $ref: '#/components/schemas/AuditConfig' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + type: string + logType: + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + description: The log type that this config enables. type: string - format: byte + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + type: object + id: AuditLogConfig + CancelOperationRequest: + properties: {} + type: object + id: CancelOperationRequest + description: The request message for Operations.CancelOperation. Binding: id: Binding - description: Associates `members`, or principals, with a `role`. - type: object properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string members: + items: + type: string description: >- Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A @@ -1197,8 +731,6 @@ components: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. type: array - items: - type: string condition: description: >- The condition that is associated with this binding. If the condition @@ -1210,185 +742,350 @@ components: their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - type: object - properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. + role: type: string - title: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. - type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: - description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - AuditConfig: - id: AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + description: Associates `members`, or principals, with a `role`. type: object + ListInvestigationRevisionsResponse: properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. + unreachable: type: array items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. + type: string + description: Unordered list. Locations that could not be reached. + revisions: + description: The list of Investigation revisions + type: array + items: + $ref: '#/components/schemas/InvestigationRevision' + nextPageToken: + description: >- + A token to use in subsequent requests in order to return the next + set of results. + type: string + description: Message for response to listing revisions of a given Investigation + id: ListInvestigationRevisionsResponse + type: object + Status: + id: Status type: object + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). properties: - logType: - description: The log type that this config enables. - type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: + details: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. type: array items: - type: string + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer TestIamPermissionsRequest: - id: TestIamPermissionsRequest description: Request message for `TestIamPermissions` method. - type: object properties: permissions: + type: array + items: + type: string description: >- The set of permissions to check for the `resource`. Permissions with wildcards (such as `*` or `storage.*`) are not allowed. For more information see [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. type: object - properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. + id: TestIamPermissionsRequest + Investigation: + description: >- + Holds the contents of a Gemini Cloud Assist Troubleshooting + investigation. type: object properties: createTime: - description: Output only. The time the operation was created. + format: google-datetime + type: string readOnly: true + description: Output only. The time when the investigation was created. + name: + description: >- + Identifier. Name of the investigation, of the form: + projects/{project_number}/locations/{location_id}/investigations/{investigation_id} type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. + updateTime: readOnly: true type: string format: google-datetime + description: Output only. The time when the investigation was last updated. + executionState: + enum: + - INVESTIGATION_EXECUTION_STATE_UNSPECIFIED + - INVESTIGATION_EXECUTION_STATE_RUNNING + - INVESTIGATION_EXECUTION_STATE_MODIFIED + - INVESTIGATION_EXECUTION_STATE_FAILED + - INVESTIGATION_EXECUTION_STATE_COMPLETED + readOnly: true + enumDescriptions: + - Default value. This value is unused. + - The investigation is being executed. + - >- + The investigation has not yet been executed since it was last + updated. + - >- + The investigation execution has completed, but the execution has + failed. + - >- + All execution tasks have completed and the investigation is at + rest. + description: Output only. The execution state of the investigation. + type: string + operation: + readOnly: true + type: string + description: >- + Output only. The resource name of the Run operation most recently + performed on the investigation, of the form: + projects/{project_number}/locations/{location_id}/operations/{operation_id} + observerStatuses: + additionalProperties: + $ref: '#/components/schemas/ObserverStatus' + type: object + description: >- + Optional. Statuses of observers which have been invoked in order to + run the investigation. + revision: + readOnly: true + description: >- + Output only. Resource name of the investigation's current revision, + of the form: + projects/{project_number}/locations/{location_id}/investigations/{investigation_id}/revisions/{revision_id} + type: string + revisionPredecessor: + description: >- + Optional. The name of the revision that was this revision's + predecessor. + type: string + revisionIndex: + readOnly: true + format: int32 + description: Output only. Index of the current revision of the investigation. + type: integer + annotations: + description: Optional. Additional annotations on the investigation. + $ref: '#/components/schemas/InvestigationAnnotations' + error: + $ref: '#/components/schemas/Status' + readOnly: true + description: >- + Output only. The error if the investigation run failed. This field + will only be set if `execution_state` is + `INVESTIGATION_EXECUTION_STATE_FAILED`. + title: + type: string + description: Optional. Human-readable display title for the investigation. + observations: + additionalProperties: + $ref: '#/components/schemas/Observation' + type: object + description: >- + Optional. Observations about the project state that comprise the + contents of the investigation. + labels: + additionalProperties: + type: string + type: object + description: Optional. User-defined labels for the investigation. + id: Investigation + Operation: + properties: + response: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + error: + $ref: '#/components/schemas/Status' + description: >- + The error result of the operation in case of failure or + cancellation. + metadata: + type: object + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + id: Operation + description: >- + This resource represents a long-running operation that is the result of + a network API call. + type: object + OperationMetadata: + type: object + properties: target: description: >- Output only. Server-defined resource path for the target of the operation. readOnly: true type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true + apiVersion: type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. + description: Output only. API version used to start the operation. readOnly: true - type: string requestedCancellation: description: >- Output only. Identifies whether the user has requested cancellation of the operation. Operations that have been cancelled successfully have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - readOnly: true type: boolean - apiVersion: - description: Output only. API version used to start the operation. readOnly: true + createTime: + type: string + readOnly: true + description: Output only. The time the operation was created. + format: google-datetime + statusMessage: + readOnly: true + type: string + description: Output only. Human-readable status of the operation, if any. + verb: + description: Output only. Name of the verb executed by the operation. + readOnly: true + type: string + endTime: + description: Output only. The time the operation finished running. + format: google-datetime + readOnly: true + type: string + description: Represents the metadata of the long-running operation. + id: OperationMetadata + ObserverStatus: + description: >- + An ObserverStatus represents the status of an observer at a particular + point during execution of an investigation. + properties: + observerDisplayName: + type: string + description: Required. Human-readable display name for the observer. + observerErrors: + items: + $ref: '#/components/schemas/Status' + description: >- + Optional. An error that blocked an observer from making a particular + observation. + type: array + observer: + readOnly: true + type: string + description: >- + Output only. Uniquely identifies this observer. This is always equal + to the map key of this observer in the parent investigation. + updateComment: + description: Optional. A status update from the observer. + type: string + updateTime: + description: >- + Optional. The time when the observer last updated the investigation. + If the `observer_execution_state` is COMPLETE or FAILED, this is the + time when the observer finished its observation. + format: google-datetime + type: string + observerExecutionState: + type: string + enumDescriptions: + - The observer state is unspecified. + - The investigation has not yet started. + - >- + The investigation is running and this observer is runnable or + running. + - The observer has finished without an internal error. + - >- + The observer tried to run but failed due to an error. This is + specific to a component and may be rendered in the UI if the + observation is shown, as very low priority. + - The observer is blocked pending an input. + - >- + The observer reports an error that blocks or severely impacts the + investigation, for example CAIS or logging disabled. Should be + rendered in the UI prominently. + - >- + The observer reports an error that degrades the investigation, may + require user to escalate or re-run the investigation after + mitigating the cause. + description: Optional. The current execution state of the observer. + enum: + - OBSERVER_EXECUTION_UNSPECIFIED + - OBSERVER_EXECUTION_NOT_STARTED + - OBSERVER_EXECUTION_RUNNING + - OBSERVER_EXECUTION_COMPLETE + - OBSERVER_EXECUTION_FAILED + - OBSERVER_EXECUTION_BLOCKED + - OBSERVER_EXECUTION_INVESTIGATION_BLOCKED + - OBSERVER_EXECUTION_INVESTIGATION_DEGRADED + startTime: + format: google-datetime type: string + description: Optional. The time when the observer started its observation. + id: ObserverStatus + type: object parameters: - access_token: - description: OAuth access token. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: access_token + name: prettyPrint schema: - type: string + type: boolean alt: description: Data format for response. in: query @@ -1405,10 +1102,19 @@ components: name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: fields + name: upload_protocol + schema: + type: string + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser schema: type: string key: @@ -1426,25 +1132,10 @@ components: name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: upload_protocol + name: fields schema: type: string uploadType: @@ -1462,19 +1153,18 @@ components: enum: - '1' - '2' + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string x-stackQL-resources: locations: id: google.geminicloudassist.locations name: locations title: Locations methods: - list: - operation: - $ref: '#/paths/~1v1alpha~1projects~1{projectsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations get: operation: $ref: >- @@ -1482,28 +1172,17 @@ components: response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - instances: - id: google.geminicloudassist.instances - name: instances - title: Instances - methods: - invoke_explain: + list: operation: - $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:invokeExplain/post + $ref: '#/paths/~1v1alpha~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.locations sqlVerbs: - select: [] + select: + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' insert: [] update: [] replace: [] @@ -1513,21 +1192,21 @@ components: name: operations title: Operations methods: - list: + cancel: operation: $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - get: + list: operation: $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable delete: operation: $ref: >- @@ -1535,10 +1214,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - cancel: + get: operation: $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -1571,10 +1250,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get: + delete: operation: $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}/get + #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -1585,10 +1264,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}/delete + #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -1608,21 +1287,21 @@ components: name: investigations_iam_policies title: Investigations_iam_policies methods: - set_iam_policy: + get_iam_policy: operation: $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}:setIamPolicy/post + #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}:getIamPolicy/get + #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings test_iam_permissions: operation: $ref: >- @@ -1645,77 +1324,69 @@ components: name: revisions title: Revisions methods: - list: - operation: - $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}~1revisions/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.revisions - create: + get: operation: $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}~1revisions/post + #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}~1revisions~1{revisionsId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + delete: operation: $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}~1revisions~1{revisionsId}/get + #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}~1revisions~1{revisionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + run: operation: $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}~1revisions~1{revisionsId}/delete + #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}~1revisions~1{revisionsId}:run/post response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}~1revisions~1{revisionsId}/patch + #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}~1revisions/post response: mediaType: application/json openAPIDocKey: '200' - run: + list: operation: $ref: >- - #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}~1revisions~1{revisionsId}:run/post + #/paths/~1v1alpha~1projects~1{projectsId}~1locations~1{locationsId}~1investigations~1{investigationsId}~1revisions/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/revisions/methods/get' - $ref: '#/components/x-stackQL-resources/revisions/methods/list' insert: - $ref: '#/components/x-stackQL-resources/revisions/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/revisions/methods/patch' + update: [] replace: [] delete: - $ref: '#/components/x-stackQL-resources/revisions/methods/delete' paths: - /v1alpha/projects/{projectsId}/locations: + /v1alpha/projects/{projectsId}/locations/{locationsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/access_token' get: - description: Lists information about the supported locations for this service. - operationId: geminicloudassist.projects.locations.list + description: Gets information about a location. + operationId: geminicloudassist.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1727,35 +1398,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes + - in: path + name: locationsId + required: true schema: type: string - /v1alpha/projects/{projectsId}/locations/{locationsId}: + /v1alpha/projects/{projectsId}/locations: parameters: *ref_1 get: - description: Gets information about a location. - operationId: geminicloudassist.projects.locations.get + description: Lists information about the supported locations for this service. + operationId: geminicloudassist.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1767,28 +1426,49 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: filter + schema: + type: string + - in: query + name: extraLocationTypes + schema: + type: string + - in: query + name: pageToken schema: type: string - /v1alpha/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:invokeExplain: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1alpha/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: - description: Invokes Explain with Gemini Cloud Assist. - operationId: geminicloudassist.projects.locations.instances.invokeExplain + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: geminicloudassist.projects.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/InvokeExplainRequest' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1800,7 +1480,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/InvokeExplainResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -1813,7 +1493,7 @@ paths: schema: type: string - in: path - name: instancesId + name: operationsId required: true schema: type: string @@ -1857,45 +1537,15 @@ paths: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - /v1alpha/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: geminicloudassist.projects.locations.operations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true + name: returnPartialSuccess schema: - type: string - - in: path - name: operationsId - required: true + type: boolean + - in: query + name: pageToken schema: type: string + /v1alpha/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 delete: description: >- Deletes a long-running operation. This method indicates that the client @@ -1931,25 +1581,12 @@ paths: required: true schema: type: string - /v1alpha/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: geminicloudassist.projects.locations.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: geminicloudassist.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1961,7 +1598,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2007,24 +1644,24 @@ paths: schema: type: string - in: query - name: pageSize + name: filter schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - in: query - name: filter + name: pageSize schema: - type: string + type: integer + format: int32 - in: query name: orderBy schema: type: string post: - description: Creates a new Investigation in a given project and location. + description: Creates a new Investigation in a given project. operationId: geminicloudassist.projects.locations.investigations.create requestBody: content: @@ -2055,18 +1692,20 @@ paths: schema: type: string - in: query - name: investigationId + name: requestId schema: type: string - in: query - name: requestId + name: investigationId schema: type: string - /v1alpha/projects/{projectsId}/locations/{locationsId}/investigations/{investigationsId}: + /v1alpha/projects/{projectsId}/locations/{locationsId}/investigations/{investigationsId}:getIamPolicy: parameters: *ref_1 get: - description: Gets details of a single Investigation. - operationId: geminicloudassist.projects.locations.investigations.get + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: geminicloudassist.projects.locations.investigations.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2078,7 +1717,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Investigation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2095,14 +1734,24 @@ paths: required: true schema: type: string - patch: - description: Updates the parameters of a single Investigation. - operationId: geminicloudassist.projects.locations.investigations.patch + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1alpha/projects/{projectsId}/locations/{locationsId}/investigations/{investigationsId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: geminicloudassist.projects.locations.investigations.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/Investigation' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2114,7 +1763,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Investigation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2131,15 +1780,8 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId - schema: - type: string + /v1alpha/projects/{projectsId}/locations/{locationsId}/investigations/{investigationsId}: + parameters: *ref_1 delete: description: Deletes a single Investigation. operationId: geminicloudassist.projects.locations.investigations.delete @@ -2175,19 +1817,14 @@ paths: name: requestId schema: type: string - /v1alpha/projects/{projectsId}/locations/{locationsId}/investigations/{investigationsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: geminicloudassist.projects.locations.investigations.setIamPolicy + patch: + description: Updates the parameters of a single Investigation. + operationId: geminicloudassist.projects.locations.investigations.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/Investigation' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2199,7 +1836,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Investigation' parameters: - in: path name: projectsId @@ -2216,13 +1853,18 @@ paths: required: true schema: type: string - /v1alpha/projects/{projectsId}/locations/{locationsId}/investigations/{investigationsId}:getIamPolicy: - parameters: *ref_1 + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: requestId + schema: + type: string get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: geminicloudassist.projects.locations.investigations.getIamPolicy + description: Gets details of a single Investigation. + operationId: geminicloudassist.projects.locations.investigations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2234,7 +1876,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Investigation' parameters: - in: path name: projectsId @@ -2251,11 +1893,6 @@ paths: required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 /v1alpha/projects/{projectsId}/locations/{locationsId}/investigations/{investigationsId}:testIamPermissions: parameters: *ref_1 post: @@ -2299,11 +1936,11 @@ paths: required: true schema: type: string - /v1alpha/projects/{projectsId}/locations/{locationsId}/investigations/{investigationsId}/revisions: + /v1alpha/projects/{projectsId}/locations/{locationsId}/investigations/{investigationsId}/revisions/{revisionsId}: parameters: *ref_1 get: - description: Lists Investigations in a given project and location. - operationId: geminicloudassist.projects.locations.investigations.revisions.list + description: Gets details of a single revision of an Investigation. + operationId: geminicloudassist.projects.locations.investigations.revisions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2315,7 +1952,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInvestigationRevisionsResponse' + $ref: '#/components/schemas/InvestigationRevision' parameters: - in: path name: projectsId @@ -2332,64 +1969,16 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - post: - description: Creates a new revision of a given Investigation. - operationId: geminicloudassist.projects.locations.investigations.revisions.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InvestigationRevision' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/InvestigationRevision' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - in: path - name: investigationsId + name: revisionsId required: true schema: type: string - - in: query - name: investigationRevisionId - schema: - type: string - - in: query - name: requestId - schema: - type: string - /v1alpha/projects/{projectsId}/locations/{locationsId}/investigations/{investigationsId}/revisions/{revisionsId}: - parameters: *ref_1 - get: - description: Gets details of a single revision of an Investigation. - operationId: geminicloudassist.projects.locations.investigations.revisions.get + delete: + description: >- + Deletes a single revision of an Investigation. Fails if the revision is + the investigation's most recent revision. + operationId: geminicloudassist.projects.locations.investigations.revisions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2401,7 +1990,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/InvestigationRevision' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2423,11 +2012,20 @@ paths: required: true schema: type: string - delete: - description: >- - Deletes a single revision of an Investigation. Fails if the revision is - the investigation's active revision. - operationId: geminicloudassist.projects.locations.investigations.revisions.delete + - in: query + name: requestId + schema: + type: string + /v1alpha/projects/{projectsId}/locations/{locationsId}/investigations/{investigationsId}/revisions/{revisionsId}:run: + parameters: *ref_1 + post: + description: Run an existing revision of an investigation. + operationId: geminicloudassist.projects.locations.investigations.revisions.run + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RunInvestigationRevisionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2439,7 +2037,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2461,13 +2059,11 @@ paths: required: true schema: type: string - - in: query - name: requestId - schema: - type: string - patch: - description: Updates the parameters of a single Investigation. - operationId: geminicloudassist.projects.locations.investigations.revisions.patch + /v1alpha/projects/{projectsId}/locations/{locationsId}/investigations/{investigationsId}/revisions: + parameters: *ref_1 + post: + description: Creates a new revision of a given Investigation. + operationId: geminicloudassist.projects.locations.investigations.revisions.create requestBody: content: application/json: @@ -2501,30 +2097,17 @@ paths: required: true schema: type: string - - in: path - name: revisionsId - required: true - schema: - type: string - in: query - name: updateMask + name: requestId schema: type: string - format: google-fieldmask - in: query - name: requestId + name: investigationRevisionId schema: type: string - /v1alpha/projects/{projectsId}/locations/{locationsId}/investigations/{investigationsId}/revisions/{revisionsId}:run: - parameters: *ref_1 - post: - description: Run an existing revision of an investigation. - operationId: geminicloudassist.projects.locations.investigations.revisions.run - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RunInvestigationRevisionRequest' + get: + description: Lists Investigations in a given project. + operationId: geminicloudassist.projects.locations.investigations.revisions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2536,7 +2119,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListInvestigationRevisionsResponse' parameters: - in: path name: projectsId @@ -2553,8 +2136,12 @@ paths: required: true schema: type: string - - in: path - name: revisionsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/gkebackup.yaml b/providers/src/googleapis.com/v00.00.00000/services/gkebackup.yaml index 74b38546..45d43432 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/gkebackup.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/gkebackup.yaml @@ -9,8 +9,8 @@ info: Backup for GKE is a managed Kubernetes workload backup and restore service for GKE clusters. version: v1 - x-discovery-doc-revision: '20250813' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251027' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/kubernetes-engine/docs/add-on/backup-for-gke servers: @@ -51,6 +51,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string GoogleLongrunningOperation: id: GoogleLongrunningOperation description: >- @@ -154,8 +163,8 @@ components: properties: name: description: >- - Output only. The full name of the BackupPlan resource. Format: - `projects/*/locations/*/backupPlans/*` + Output only. Identifier. The full name of the BackupPlan resource. + Format: `projects/*/locations/*/backupPlans/*` readOnly: true type: string uid: @@ -416,7 +425,7 @@ components: properties: startTime: description: >- - Required. Specifies the start time of the window using time of the + Optional. Specifies the start time of the window using time of the day in UTC. $ref: '#/components/schemas/TimeOfDay' duration: @@ -1009,7 +1018,7 @@ components: properties: name: description: >- - Output only. The fully qualified name of the Backup. + Output only. Identifier. The fully qualified name of the Backup. `projects/*/locations/*/backupPlans/*/backups/*` readOnly: true type: string @@ -1474,8 +1483,8 @@ components: properties: name: description: >- - Output only. The full name of the RestorePlan resource. Format: - `projects/*/locations/*/restorePlans/*`. + Output only. Identifier. The full name of the RestorePlan resource. + Format: `projects/*/locations/*/restorePlans/*`. readOnly: true type: string uid: @@ -2275,8 +2284,8 @@ components: properties: name: description: >- - Output only. The full name of the Restore resource. Format: - `projects/*/locations/*/restorePlans/*/restores/*` + Output only. Identifier. The full name of the Restore resource. + Format: `projects/*/locations/*/restorePlans/*/restores/*` readOnly: true type: string uid: @@ -4051,6 +4060,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/gkehub.yaml b/providers/src/googleapis.com/v00.00.00000/services/gkehub.yaml index 3a3edb95..aeb7e543 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/gkehub.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/gkehub.yaml @@ -7,8 +7,8 @@ info: title: GKE Hub API description: '' version: v2 - x-discovery-doc-revision: '20250815' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251201' + x-generated-date: '2025-12-10' externalDocs: url: >- https://cloud.google.com/anthos/multicluster-management/connect/registering-a-cluster @@ -50,6 +50,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -1408,10 +1417,6 @@ components: - >- The upgrade has passed all post conditions (soaking). At the scope level, this means all eligible clusters are in COMPLETE status. - - >- - The upgrade was forced into soaking and the soaking time has - passed. This is the equivalent of COMPLETE status for upgrades - that were forced into soaking. enum: - CODE_UNSPECIFIED - INELIGIBLE @@ -1420,7 +1425,6 @@ components: - SOAKING - FORCED_SOAKING - COMPLETE - - FORCED_COMPLETE reason: description: Reason for this status. type: string @@ -1895,6 +1899,10 @@ components: description: Output only. Hierarchy Controller status. readOnly: true $ref: '#/components/schemas/ConfigManagementHierarchyControllerState' + kubernetesApiServerVersion: + description: Output only. The Kubernetes API server version of the cluster. + readOnly: true + type: string ConfigManagementOperatorState: id: ConfigManagementOperatorState description: State information for an ACM's Operator. @@ -3274,6 +3282,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/gkeonprem.yaml b/providers/src/googleapis.com/v00.00.00000/services/gkeonprem.yaml index 7618d23f..71479165 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/gkeonprem.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/gkeonprem.yaml @@ -7,8 +7,8 @@ info: title: GKE On-Prem API description: '' version: v1 - x-discovery-doc-revision: '20250813' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251105' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/anthos/clusters/docs/on-prem/ servers: @@ -34,1749 +34,1364 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object + SetIamPolicyRequest: properties: - operations: + policy: description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' + id: SetIamPolicyRequest + type: object + description: Request message for `SetIamPolicy` method. + BareMetalAdminNetworkConfig: type: object + id: BareMetalAdminNetworkConfig properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: + multipleNetworkInterfacesConfig: + description: Configuration for multiple network interfaces. + $ref: '#/components/schemas/BareMetalAdminMultipleNetworkInterfacesConfig' + advancedNetworking: + type: boolean description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + Enables the use of advanced Anthos networking features, such as + Bundled Load Balancing with BGP or the egress NAT gateway. Setting + configuration for advanced networking features will automatically + set this flag. + islandModeCidr: + $ref: '#/components/schemas/BareMetalAdminIslandModeCidrConfig' + description: Configuration for Island mode CIDR. + description: BareMetalAdminNetworkConfig specifies the cluster network configuration. + VmwareAddressPool: + description: Represents an IP pool used by the load balancer. + type: object + properties: + avoidBuggyIps: + type: boolean description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. + If true, avoid using IPs ending in .0 or .255. This avoids buggy + consumer devices mistakenly dropping IPv4 traffic for those special + IP addresses. + manualAssign: type: boolean - error: + description: If true, prevent IP addresses from being automatically assigned. + pool: + description: Required. The name of the address pool. + type: string + addresses: + type: array description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + Required. The addresses that are part of this pool. Each address + must be either in the CIDR form (1.2.3.0/24) or range form + (1.2.3.1-1.2.3.5). + items: + type: string + id: VmwareAddressPool + BareMetalAdminVipConfig: + id: BareMetalAdminVipConfig + description: BareMetalAdminVipConfig for bare metal load balancer configurations. + properties: + controlPlaneVip: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + The VIP which you previously set aside for the Kubernetes API of + this bare metal admin cluster. + type: string type: object + ListVmwareAdminClustersResponse: + type: object + id: ListVmwareAdminClustersResponse properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + nextPageToken: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + A token identifying a page of results the server should return. If + the token is not empty this means that more results are available + and should be retrieved by repeating the request with the provided + page token. type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + vmwareAdminClusters: + description: The list of VMware admin cluster. type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty + $ref: '#/components/schemas/VmwareAdminCluster' + unreachable: + description: Locations that could not be reached. + type: array + items: + type: string + description: Response message for listing VMware admin clusters. + VmwareAdminVCenterConfig: description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - BareMetalCluster: - id: BareMetalCluster - description: Resource that represents a bare metal user cluster. - type: object + VmwareAdminVCenterConfig contains VCenter configuration for VMware admin + cluster. + id: VmwareAdminVCenterConfig properties: - name: - description: Immutable. The bare metal user cluster resource name. + datastore: type: string - adminClusterMembership: - description: >- - Required. The admin cluster this bare metal user cluster belongs to. - This is the full resource name of the admin cluster's fleet - membership. + description: The name of the vCenter datastore for the admin cluster. + caCertData: + description: Contains the vCenter CA certificate public key for SSL verification. type: string - description: - description: A human readable description of this bare metal user cluster. + folder: + description: The name of the vCenter folder for the admin cluster. type: string - bareMetalVersion: - description: >- - Required. The Anthos clusters on bare metal version for your user - cluster. + resourcePool: type: string - uid: - description: Output only. The unique identifier of the bare metal user cluster. - readOnly: true + description: The name of the vCenter resource pool for the admin cluster. + address: + description: The vCenter IP address. type: string - state: - description: Output only. The current state of the bare metal user cluster. - readOnly: true + dataDisk: type: string - enumDescriptions: - - Not set. - - The PROVISIONING state indicates the cluster is being created. - - >- - The RUNNING state indicates the cluster has been created and is - fully usable. - - >- - The RECONCILING state indicates that the cluster is being updated. - It remains available, but potentially with degraded performance. - - The STOPPING state indicates the cluster is being deleted. - - >- - The ERROR state indicates the cluster is in a broken unrecoverable - state. - - >- - The DEGRADED state indicates the cluster requires user action to - restore full functionality. - enum: - - STATE_UNSPECIFIED - - PROVISIONING - - RUNNING - - RECONCILING - - STOPPING - - ERROR - - DEGRADED - endpoint: - description: >- - Output only. The IP address of the bare metal user cluster's API - server. - readOnly: true + description: The name of the virtual machine disk (VMDK) for the admin cluster. + cluster: type: string - reconciling: - description: >- - Output only. If set, there are currently changes in flight to the - bare metal user cluster. - readOnly: true - type: boolean - createTime: - description: Output only. The time when the bare metal user cluster was created. - readOnly: true + description: The name of the vCenter cluster for the admin cluster. + datacenter: + description: The name of the vCenter datacenter for the admin cluster. type: string - format: google-datetime - updateTime: - description: >- - Output only. The time when the bare metal user cluster was last - updated. - readOnly: true + storagePolicyName: + description: The name of the vCenter storage policy for the user cluster. type: string - format: google-datetime - deleteTime: - description: >- - Output only. The time when the bare metal user cluster was deleted. - If the resource is not deleted, this must be empty - readOnly: true - type: string - format: google-datetime - localName: - description: >- - Output only. The object name of the bare metal user cluster custom - resource on the associated admin cluster. This field is used to - support conflicting names when enrolling existing clusters to the - API. When used as a part of cluster enrollment, this field will - differ from the name in the resource name. For new clusters, this - field will match the user provided cluster name and be visible in - the last component of the resource name. It is not modifiable. When - the local name and cluster name differ, the local name is used in - the admin cluster controller logs. You use the cluster name when - accessing the cluster using bmctl and kubectl. - readOnly: true - type: string - etag: - description: >- - Output only. This checksum is computed by the server based on the - value of other fields, and may be sent on update and delete requests - to ensure the client has an up-to-date value before proceeding. - Allows clients to perform consistent read-modify-writes through - optimistic concurrency control. - readOnly: true - type: string - annotations: - description: >- - Annotations on the bare metal user cluster. This field has the same - restrictions as Kubernetes annotations. The total size of all keys - and values combined is limited to 256k. Key can have 2 segments: - prefix (optional) and name (required), separated by a slash (/). - Prefix must be a DNS subdomain. Name must be 63 characters or less, - begin and end with alphanumerics, with dashes (-), underscores (_), - dots (.), and alphanumerics between. - type: object - additionalProperties: - type: string - networkConfig: - description: Required. Network configuration. - $ref: '#/components/schemas/BareMetalNetworkConfig' - controlPlane: - description: Required. Control plane configuration. - $ref: '#/components/schemas/BareMetalControlPlaneConfig' - loadBalancer: - description: Required. Load balancer configuration. - $ref: '#/components/schemas/BareMetalLoadBalancerConfig' - storage: - description: Required. Storage configuration. - $ref: '#/components/schemas/BareMetalStorageConfig' - proxy: - description: Proxy configuration. - $ref: '#/components/schemas/BareMetalProxyConfig' - clusterOperations: - description: Cluster operations configuration. - $ref: '#/components/schemas/BareMetalClusterOperationsConfig' - maintenanceConfig: - description: Maintenance configuration. - $ref: '#/components/schemas/BareMetalMaintenanceConfig' - nodeConfig: - description: Workload node configuration. - $ref: '#/components/schemas/BareMetalWorkloadNodeConfig' - fleet: - description: Output only. Fleet configuration for the cluster. - readOnly: true - $ref: '#/components/schemas/Fleet' - status: - description: Output only. Detailed cluster status. - readOnly: true - $ref: '#/components/schemas/ResourceStatus' - validationCheck: - description: Output only. The result of the preflight check. - readOnly: true - $ref: '#/components/schemas/ValidationCheck' - securityConfig: - description: Security related setting configuration. - $ref: '#/components/schemas/BareMetalSecurityConfig' - maintenanceStatus: - description: Output only. Status of on-going maintenance tasks. - readOnly: true - $ref: '#/components/schemas/BareMetalMaintenanceStatus' - adminClusterName: - description: >- - Output only. The resource name of the bare metal admin cluster - managing this user cluster. - readOnly: true - type: string - nodeAccessConfig: - description: Node access related configurations. - $ref: '#/components/schemas/BareMetalNodeAccessConfig' - osEnvironmentConfig: - description: OS environment related configurations. - $ref: '#/components/schemas/BareMetalOsEnvironmentConfig' - binaryAuthorization: - description: Binary Authorization related configurations. - $ref: '#/components/schemas/BinaryAuthorization' - upgradePolicy: - description: The cluster upgrade policy. - $ref: '#/components/schemas/BareMetalClusterUpgradePolicy' - localNamespace: - description: Output only. The namespace of the cluster. - readOnly: true - type: string - BareMetalNetworkConfig: - id: BareMetalNetworkConfig - description: Specifies the cluster network configuration. type: object + BareMetalAdminLoadBalancerNodePoolConfig: + type: object + id: BareMetalAdminLoadBalancerNodePoolConfig + description: Specifies the load balancer's node pool configuration. properties: - islandModeCidr: - description: >- - Configuration for island mode CIDR. In an island-mode network, nodes - have unique IP addresses, but pods don't have unique addresses - across clusters. This doesn't cause problems because pods in one - cluster never directly communicate with pods in another cluster. - Instead, there are gateways that mediate between a pod in one - cluster and a pod in another cluster. - $ref: '#/components/schemas/BareMetalIslandModeCidrConfig' - advancedNetworking: - description: >- - Enables the use of advanced Anthos networking features, such as - Bundled Load Balancing with BGP or the egress NAT gateway. Setting - configuration for advanced networking features will automatically - set this flag. - type: boolean - multipleNetworkInterfacesConfig: - description: Configuration for multiple network interfaces. - $ref: '#/components/schemas/BareMetalMultipleNetworkInterfacesConfig' - srIovConfig: - description: Configuration for SR-IOV. - $ref: '#/components/schemas/BareMetalSrIovConfig' - BareMetalIslandModeCidrConfig: - id: BareMetalIslandModeCidrConfig - description: Specifies the cluster CIDR configuration while running in island mode. + nodePoolConfig: + $ref: '#/components/schemas/BareMetalNodePoolConfig' + description: The generic configuration for a node pool running a load balancer. + BareMetalStorageConfig: type: object + description: BareMetalStorageConfig specifies the cluster storage configuration. properties: - serviceAddressCidrBlocks: + lvpShareConfig: + $ref: '#/components/schemas/BareMetalLvpShareConfig' description: >- - Required. All services in the cluster are assigned an RFC1918 IPv4 - address from these ranges. This field is mutable after creation - starting with version 1.15. - type: array - items: - type: string - podAddressCidrBlocks: + Required. Specifies the config for local PersistentVolumes backed by + subdirectories in a shared filesystem. These subdirectores are + automatically created during cluster creation. + lvpNodeMountsConfig: + $ref: '#/components/schemas/BareMetalLvpConfig' description: >- - Required. All pods in the cluster are assigned an RFC1918 IPv4 - address from these ranges. This field cannot be changed after - creation. - type: array - items: - type: string - BareMetalMultipleNetworkInterfacesConfig: - id: BareMetalMultipleNetworkInterfacesConfig - description: Specifies the multiple networking interfaces cluster configuration. + Required. Specifies the config for local PersistentVolumes backed by + mounted node disks. These disks need to be formatted and mounted by + the user, which can be done before or after cluster creation. + id: BareMetalStorageConfig + VmwareAdminPrivateRegistryConfig: type: object + id: VmwareAdminPrivateRegistryConfig + description: >- + VmwareAdminPrivateRegistryConfig represents configuration for admin + cluster registry. properties: - enabled: + caCert: description: >- - Whether to enable multiple network interfaces for your pods. When - set network_config.advanced_networking is automatically set to true. - type: boolean - BareMetalSrIovConfig: - id: BareMetalSrIovConfig - description: Specifies the SR-IOV networking operator config. + When the container runtime pulls an image from private registry, the + registry must prove its identity by presenting a certificate. The + registry's certificate is signed by a certificate authority (CA). + The container runtime uses the CA's certificate to validate the + registry's certificate. + type: string + address: + description: The registry address. + type: string + BareMetalAdminClusterOperationsConfig: type: object + description: >- + BareMetalAdminClusterOperationsConfig specifies the admin cluster's + observability infrastructure. + id: BareMetalAdminClusterOperationsConfig properties: - enabled: - description: Whether to install the SR-IOV operator. + enableApplicationLogs: type: boolean - BareMetalControlPlaneConfig: - id: BareMetalControlPlaneConfig - description: Specifies the control plane configuration. + description: >- + Whether collection of application logs/metrics should be enabled (in + addition to system logs/metrics). + VmwareNodePoolAutoscalingConfig: + properties: + maxReplicas: + description: Maximum number of replicas in the NodePool. + type: integer + format: int32 + minReplicas: + format: int32 + type: integer + description: Minimum number of replicas in the NodePool. + id: VmwareNodePoolAutoscalingConfig + description: >- + NodePoolAutoscaling config for the NodePool to allow for the kubernetes + to scale NodePool. + type: object + VmwareAdminVipConfig: + id: VmwareAdminVipConfig type: object properties: - controlPlaneNodePoolConfig: - description: Required. Configures the node pool running the control plane. - $ref: '#/components/schemas/BareMetalControlPlaneNodePoolConfig' - apiServerArgs: + addonsVip: + description: The VIP to configure the load balancer for add-ons. + type: string + controlPlaneVip: description: >- - Customizes the default API server args. Only a subset of customized - flags are supported. For the exact format, refer to the [API server - documentation](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/). - type: array - items: - $ref: '#/components/schemas/BareMetalApiServerArgument' - BareMetalControlPlaneNodePoolConfig: - id: BareMetalControlPlaneNodePoolConfig - description: Specifies the control plane node pool configuration. + The VIP which you previously set aside for the Kubernetes API of the + admin cluster. + type: string + description: VmwareAdminVipConfig for VMware load balancer configurations. + BareMetalAdminControlPlaneNodePoolConfig: + description: >- + BareMetalAdminControlPlaneNodePoolConfig specifies the control plane + node pool configuration. We have a control plane specific node pool + config so that we can flexible about supporting control plane specific + fields in the future. + id: BareMetalAdminControlPlaneNodePoolConfig type: object properties: nodePoolConfig: + $ref: '#/components/schemas/BareMetalNodePoolConfig' description: >- Required. The generic configuration for a node pool running the control plane. - $ref: '#/components/schemas/BareMetalNodePoolConfig' - BareMetalNodePoolConfig: - id: BareMetalNodePoolConfig - description: >- - BareMetalNodePoolConfig describes the configuration of all nodes within - a given bare metal node pool. + VmwareMetalLbConfig: type: object + description: Represents configuration parameters for the MetalLB load balancer. properties: - nodeConfigs: - description: Required. The list of machine addresses in the bare metal node pool. - type: array - items: - $ref: '#/components/schemas/BareMetalNodeConfig' - operatingSystem: - description: 'Specifies the nodes operating system (default: LINUX).' - type: string - enumDescriptions: - - No operating system runtime selected. - - Linux operating system. - enum: - - OPERATING_SYSTEM_UNSPECIFIED - - LINUX - taints: - description: The initial taints assigned to nodes of this node pool. + addressPools: type: array items: - $ref: '#/components/schemas/NodeTaint' - labels: + $ref: '#/components/schemas/VmwareAddressPool' description: >- - The labels assigned to nodes of this node pool. An object containing - a list of key/value pairs. Example: { "name": "wrench", "mass": - "1.3kg", "count": "3" }. - type: object - additionalProperties: - type: string - kubeletConfig: - description: The modifiable kubelet configurations for the bare metal machines. - $ref: '#/components/schemas/BareMetalKubeletConfig' - BareMetalNodeConfig: - id: BareMetalNodeConfig - description: BareMetalNodeConfig lists machine addresses to access Nodes. + Required. AddressPools is a list of non-overlapping IP pools used by + load balancer typed services. All addresses must be routable to load + balancer nodes. IngressVIP must be included in the pools. + id: VmwareMetalLbConfig + BareMetalAdminStorageConfig: + properties: + lvpShareConfig: + $ref: '#/components/schemas/BareMetalLvpShareConfig' + description: >- + Required. Specifies the config for local PersistentVolumes backed by + subdirectories in a shared filesystem. These subdirectores are + automatically created during cluster creation. + lvpNodeMountsConfig: + $ref: '#/components/schemas/BareMetalLvpConfig' + description: >- + Required. Specifies the config for local PersistentVolumes backed by + mounted node disks. These disks need to be formatted and mounted by + the user, which can be done before or after cluster creation. + type: object + description: BareMetalAdminStorageConfig specifies the cluster storage configuration. + id: BareMetalAdminStorageConfig + BareMetalAdminWorkloadNodeConfig: type: object + id: BareMetalAdminWorkloadNodeConfig properties: - nodeIp: + maxPodsPerNode: description: >- - The default IPv4 address for SSH access and Kubernetes node. - Example: 192.168.0.1 + The maximum number of pods a node can run. The size of the CIDR + range assigned to the node will be derived from this parameter. By + default 110 Pods are created per Node. Upper bound is 250 for both + HA and non-HA admin cluster. Lower bound is 64 for non-HA admin + cluster and 32 for HA admin cluster. + format: int64 type: string - labels: - description: >- - The labels assigned to this node. An object containing a list of - key/value pairs. The labels here, unioned with the labels set on - BareMetalNodePoolConfig are the set of labels that will be applied - to the node. If there are any conflicts, the BareMetalNodeConfig - labels take precedence. Example: { "name": "wrench", "mass": - "1.3kg", "count": "3" }. - type: object - additionalProperties: - type: string - NodeTaint: - id: NodeTaint description: >- - NodeTaint applied to every Kubernetes node in a node pool. Kubernetes - taints can be used together with tolerations to control how workloads - are scheduled to your nodes. Node taints are permanent. + BareMetalAdminWorkloadNodeConfig specifies the workload node + configurations. + BareMetalAdminMachineDrainStatus: + id: BareMetalAdminMachineDrainStatus + properties: + drainedMachines: + items: + $ref: '#/components/schemas/BareMetalAdminDrainedMachine' + description: The list of drained machines. + type: array + drainingMachines: + items: + $ref: '#/components/schemas/BareMetalAdminDrainingMachine' + description: The list of draning machines. + type: array type: object + description: >- + BareMetalAdminMachineDrainStatus represents the status of bare metal + node machines that are undergoing drain operations. + BareMetalWorkloadNodeConfig: properties: - key: - description: Key associated with the effect. - type: string - value: - description: Value associated with the effect. - type: string - effect: - description: The taint effect. - type: string + containerRuntime: + description: Specifies which container runtime will be used. enumDescriptions: - - Not set. - - >- - Do not allow new pods to schedule onto the node unless they - tolerate the taint, but allow all pods submitted to Kubelet - without going through the scheduler to start, and allow all - already-running pods to continue running. Enforced by the - scheduler. - - >- - Like TaintEffectNoSchedule, but the scheduler tries not to - schedule new pods onto the node, rather than prohibiting new pods - from scheduling onto the node entirely. Enforced by the scheduler. - - >- - Evict any already-running pods that do not tolerate the taint. - Currently enforced by NodeController. + - No container runtime selected. + - Containerd runtime. + type: string enum: - - EFFECT_UNSPECIFIED - - NO_SCHEDULE - - PREFER_NO_SCHEDULE - - NO_EXECUTE - BareMetalKubeletConfig: - id: BareMetalKubeletConfig - description: >- - KubeletConfig defines the modifiable kubelet configurations for bare - metal machines. Note: this list includes fields supported in GKE (see - https://cloud.google.com/kubernetes-engine/docs/how-to/node-system-config#kubelet-options). + - CONTAINER_RUNTIME_UNSPECIFIED + - CONTAINERD + maxPodsPerNode: + description: >- + The maximum number of pods a node can run. The size of the CIDR + range assigned to the node will be derived from this parameter. + format: int64 + type: string + type: object + id: BareMetalWorkloadNodeConfig + description: Specifies the workload node configurations. + BareMetalOsEnvironmentConfig: + id: BareMetalOsEnvironmentConfig + description: Specifies operating system settings for cluster provisioning. type: object properties: - registryPullQps: - description: >- - The limit of registry pulls per second. Setting this value to 0 - means no limit. Updating this field may impact scalability by - changing the amount of traffic produced by image pulls. Defaults to - 5. - type: integer - format: int32 - registryBurst: + packageRepoExcluded: + type: boolean description: >- - The maximum size of bursty pulls, temporarily allows pulls to burst - to this number, while still not exceeding registry_pull_qps. The - value must not be a negative number. Updating this field may impact - scalability by changing the amount of traffic produced by image - pulls. Defaults to 10. - type: integer - format: int32 - serializeImagePullsDisabled: + Whether the package repo should not be included when initializing + bare metal machines. + BareMetalVersionInfo: + properties: + dependencies: + items: + $ref: '#/components/schemas/UpgradeDependency' + type: array + description: The list of upgrade dependencies for this version. + version: + description: Version number e.g. 1.13.1. + type: string + hasDependencies: description: >- - Prevents the Kubelet from pulling multiple images at a time. We - recommend *not* changing the default value on nodes that run docker - daemon with version < 1.9 or an Another Union File System (Aufs) - storage backend. Issue - https://github.com/kubernetes/kubernetes/issues/10959 has more - details. + If set, the cluster dependencies (e.g. the admin cluster, other user + clusters managed by the same admin cluster, version skew policy, + etc) must be upgraded before this version can be installed or + upgraded to. type: boolean - BareMetalApiServerArgument: - id: BareMetalApiServerArgument - description: >- - Represents an arg name->value pair. Only a subset of customized flags - are supported. For the exact format, refer to the [API server - documentation](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/). + description: Contains information about a specific Anthos on bare metal version. type: object + id: BareMetalVersionInfo + VmwareIpBlock: + id: VmwareIpBlock properties: - argument: - description: >- - Required. The argument name as it appears on the API Server command - line, make sure to remove the leading dashes. + gateway: type: string - value: - description: >- - Required. The value of the arg as it will be passed to the API - Server command line. + description: The network gateway used by the VMware user cluster. + netmask: type: string - BareMetalLoadBalancerConfig: - id: BareMetalLoadBalancerConfig - description: Specifies the load balancer configuration. + description: The netmask used by the VMware user cluster. + ips: + items: + $ref: '#/components/schemas/VmwareHostIp' + description: The node's network configurations used by the VMware user cluster. + type: array + description: Represents a collection of IP addresses to assign to nodes. type: object - properties: - vipConfig: - description: The VIPs used by the load balancer. - $ref: '#/components/schemas/BareMetalVipConfig' - portConfig: - description: Configures the ports that the load balancer will listen on. - $ref: '#/components/schemas/BareMetalPortConfig' - metalLbConfig: - description: Configuration for MetalLB load balancers. - $ref: '#/components/schemas/BareMetalMetalLbConfig' - manualLbConfig: - description: Manually configured load balancers. - $ref: '#/components/schemas/BareMetalManualLbConfig' - bgpLbConfig: - description: >- - Configuration for BGP typed load balancers. When set - network_config.advanced_networking is automatically set to true. - $ref: '#/components/schemas/BareMetalBgpLbConfig' - BareMetalVipConfig: - id: BareMetalVipConfig - description: Specifies the VIP config for the bare metal load balancer. + BareMetalNodeAccessConfig: + description: >- + Specifies the node access related settings for the bare metal user + cluster. type: object properties: - controlPlaneVip: + loginUser: description: >- - The VIP which you previously set aside for the Kubernetes API of - this bare metal user cluster. - type: string - ingressVip: - description: >- - The VIP which you previously set aside for ingress traffic into this - bare metal user cluster. + LoginUser is the user name used to access node machines. It defaults + to "root" if not set. type: string - BareMetalPortConfig: - id: BareMetalPortConfig - description: Specifies load balancer ports for the bare metal user cluster. + id: BareMetalNodeAccessConfig + OperationProgress: type: object properties: - controlPlaneLoadBalancerPort: - description: The port that control plane hosted load balancers will listen on. - type: integer - format: int32 - BareMetalMetalLbConfig: - id: BareMetalMetalLbConfig - description: Represents configuration parameters for a MetalLB load balancer. - type: object + stages: + items: + $ref: '#/components/schemas/OperationStage' + type: array + description: The stages of the operation. + id: OperationProgress + description: Information about operation progress. + ListLocationsResponse: properties: - addressPools: + locations: description: >- - Required. AddressPools is a list of non-overlapping IP pools used by - load balancer typed services. All addresses must be routable to load - balancer nodes. IngressVIP must be included in the pools. + A list of locations that matches the specified filter in the + request. type: array items: - $ref: '#/components/schemas/BareMetalLoadBalancerAddressPool' - loadBalancerNodePoolConfig: - description: >- - Specifies the node pool running the load balancer. L2 connectivity - is required among nodes in this pool. If missing, the control plane - node pool is used as the load balancer pool. - $ref: '#/components/schemas/BareMetalLoadBalancerNodePoolConfig' - BareMetalLoadBalancerAddressPool: - id: BareMetalLoadBalancerAddressPool - description: Represents an IP pool used by the load balancer. + $ref: '#/components/schemas/Location' + nextPageToken: + type: string + description: The standard List next-page token. + id: ListLocationsResponse + description: The response message for Locations.ListLocations. type: object + VmwareCluster: + description: 'Resource that represents a VMware user cluster. ##' + id: VmwareCluster properties: - pool: - description: Required. The name of the address pool. - type: string - addresses: + controlPlaneNode: + $ref: '#/components/schemas/VmwareControlPlaneNodeConfig' description: >- - Required. The addresses that are part of this pool. Each address - must be either in the CIDR form (1.2.3.0/24) or range form - (1.2.3.1-1.2.3.5). - type: array - items: + VMware user cluster control plane nodes must have either 1 or 3 + replicas. + annotations: + type: object + additionalProperties: type: string - avoidBuggyIps: description: >- - If true, avoid using IPs ending in .0 or .255. This avoids buggy - consumer devices mistakenly dropping IPv4 traffic for those special - IP addresses. - type: boolean - manualAssign: - description: If true, prevent IP addresses from being automatically assigned. - type: boolean - BareMetalLoadBalancerNodePoolConfig: - id: BareMetalLoadBalancerNodePoolConfig - description: Specifies the load balancer's node pool configuration. - type: object - properties: - nodePoolConfig: - description: The generic configuration for a node pool running a load balancer. - $ref: '#/components/schemas/BareMetalNodePoolConfig' - BareMetalManualLbConfig: - id: BareMetalManualLbConfig - description: Represents configuration parameters for a manual load balancer. - type: object - properties: - enabled: - description: Whether manual load balancing is enabled. + Annotations on the VMware user cluster. This field has the same + restrictions as Kubernetes annotations. The total size of all keys + and values combined is limited to 256k. Key can have 2 segments: + prefix (optional) and name (required), separated by a slash (/). + Prefix must be a DNS subdomain. Name must be 63 characters or less, + begin and end with alphanumerics, with dashes (-), underscores (_), + dots (.), and alphanumerics between. + createTime: + format: google-datetime + readOnly: true + type: string + description: Output only. The time at which VMware user cluster was created. + name: + description: Immutable. The VMware user cluster resource name. + type: string + description: + type: string + description: A human readable description of this VMware user cluster. + reconciling: type: boolean - BareMetalBgpLbConfig: - id: BareMetalBgpLbConfig - description: >- - BareMetalBgpLbConfig represents configuration parameters for a Border - Gateway Protocol (BGP) load balancer. - type: object - properties: - asn: + readOnly: true description: >- - Required. BGP autonomous system number (ASN) of the cluster. This - field can be updated after cluster creation. - type: string - format: int64 - bgpPeerConfigs: + Output only. If set, there are currently changes in flight to the + VMware user cluster. + fleet: + description: Output only. Fleet configuration for the cluster. + readOnly: true + $ref: '#/components/schemas/Fleet' + adminClusterName: description: >- - Required. The list of BGP peers that the cluster will connect to. At - least one peer must be configured for each control plane node. - Control plane nodes will connect to these peers to advertise the - control plane VIP. The Services load balancer also uses these peers - by default. This field can be updated after cluster creation. - type: array - items: - $ref: '#/components/schemas/BareMetalBgpPeerConfig' - addressPools: + Output only. The resource name of the VMware admin cluster hosting + this user cluster. + type: string + readOnly: true + disableBundledIngress: + description: Disable bundled ingress. + type: boolean + antiAffinityGroups: description: >- - Required. AddressPools is a list of non-overlapping IP pools used by - load balancer typed services. All addresses must be routable to load - balancer nodes. IngressVIP must be included in the pools. - type: array - items: - $ref: '#/components/schemas/BareMetalLoadBalancerAddressPool' - loadBalancerNodePoolConfig: + AAGConfig specifies whether to spread VMware user cluster nodes + across at least three physical hosts in the datacenter. + $ref: '#/components/schemas/VmwareAAGConfig' + vmTrackingEnabled: + description: Enable VM tracking. + type: boolean + dataplaneV2: + description: VmwareDataplaneV2Config specifies configuration for Dataplane V2. + $ref: '#/components/schemas/VmwareDataplaneV2Config' + enableControlPlaneV2: + type: boolean + description: Enable control plane V2. Default to false. + adminClusterMembership: description: >- - Specifies the node pool running data plane load balancing. L2 - connectivity is required among nodes in this pool. If missing, the - control plane node pool is used for data plane load balancing. - $ref: '#/components/schemas/BareMetalLoadBalancerNodePoolConfig' - BareMetalBgpPeerConfig: - id: BareMetalBgpPeerConfig - description: >- - BareMetalBgpPeerConfig represents configuration parameters for a Border - Gateway Protocol (BGP) peer. - type: object - properties: - asn: + Required. The admin cluster this VMware user cluster belongs to. + This is the full resource name of the admin cluster's fleet + membership. In the future, references to other resource types might + be allowed if admin clusters are modeled as their own resources. + type: string + autoRepairConfig: + description: Configuration for auto repairing. + $ref: '#/components/schemas/VmwareAutoRepairConfig' + vcenter: + $ref: '#/components/schemas/VmwareVCenterConfig' description: >- - Required. BGP autonomous system number (ASN) for the network that - contains the external peer device. + VmwareVCenterConfig specifies vCenter config for the user cluster. + If unspecified, it is inherited from the admin cluster. + deleteTime: type: string - format: int64 - ipAddress: - description: Required. The IP address of the external peer device. + readOnly: true + format: google-datetime + description: Output only. The time at which VMware user cluster was deleted. + binaryAuthorization: + $ref: '#/components/schemas/BinaryAuthorization' + description: Binary Authorization related configurations. + endpoint: type: string - controlPlaneNodes: + readOnly: true + description: Output only. The DNS name of VMware user cluster's API server. + authorization: + $ref: '#/components/schemas/Authorization' description: >- - The IP address of the control plane node that connects to the - external peer. If you don't specify any control plane nodes, all - control plane nodes can connect to the external peer. If you specify - one or more IP addresses, only the nodes specified participate in - peering sessions. - type: array - items: - type: string - BareMetalStorageConfig: - id: BareMetalStorageConfig - description: BareMetalStorageConfig specifies the cluster storage configuration. - type: object - properties: - lvpShareConfig: + RBAC policy that will be applied and managed by the Anthos On-Prem + API. + upgradePolicy: + description: Specifies upgrade policy for the cluster. + $ref: '#/components/schemas/VmwareClusterUpgradePolicy' + enableAdvancedCluster: + description: Enable advanced cluster. + type: boolean + loadBalancer: + $ref: '#/components/schemas/VmwareLoadBalancerConfig' + description: Load balancer configuration. + validationCheck: + $ref: '#/components/schemas/ValidationCheck' description: >- - Required. Specifies the config for local PersistentVolumes backed by - subdirectories in a shared filesystem. These subdirectores are - automatically created during cluster creation. - $ref: '#/components/schemas/BareMetalLvpShareConfig' - lvpNodeMountsConfig: + Output only. ValidationCheck represents the result of the preflight + check job. + readOnly: true + onPremVersion: description: >- - Required. Specifies the config for local PersistentVolumes backed by - mounted node disks. These disks need to be formatted and mounted by - the user, which can be done before or after cluster creation. - $ref: '#/components/schemas/BareMetalLvpConfig' - BareMetalLvpShareConfig: - id: BareMetalLvpShareConfig - description: >- - Specifies the configs for local persistent volumes under a shared file - system. - type: object - properties: - lvpConfig: - description: >- - Required. Defines the machine path and storage class for the LVP - Share. - $ref: '#/components/schemas/BareMetalLvpConfig' - sharedPathPvCount: - description: The number of subdirectories to create under path. - type: integer - format: int32 - BareMetalLvpConfig: - id: BareMetalLvpConfig - description: Specifies the configs for local persistent volumes (PVs). - type: object - properties: - path: - description: Required. The host machine path. + Required. The Anthos clusters on the VMware version for your user + cluster. type: string - storageClass: - description: Required. The StorageClass name that PVs will be created with. + updateTime: + format: google-datetime + readOnly: true type: string - BareMetalProxyConfig: - id: BareMetalProxyConfig - description: Specifies the cluster proxy configuration. - type: object - properties: - uri: + description: Output only. The time at which VMware user cluster was last updated. + status: + $ref: '#/components/schemas/ResourceStatus' + description: Output only. ResourceStatus representing detailed cluster state. + readOnly: true + state: + description: Output only. The current state of VMware user cluster. + enumDescriptions: + - Not set. + - The PROVISIONING state indicates the cluster is being created. + - >- + The RUNNING state indicates the cluster has been created and is + fully usable. + - >- + The RECONCILING state indicates that the cluster is being updated. + It remains available, but potentially with degraded performance. + - The STOPPING state indicates the cluster is being deleted. + - >- + The ERROR state indicates the cluster is in a broken unrecoverable + state. + - >- + The DEGRADED state indicates the cluster requires user action to + restore full functionality. + readOnly: true + enum: + - STATE_UNSPECIFIED + - PROVISIONING + - RUNNING + - RECONCILING + - STOPPING + - ERROR + - DEGRADED + type: string + networkConfig: + $ref: '#/components/schemas/VmwareNetworkConfig' + description: The VMware user cluster network configuration. + localName: description: >- - Required. Specifies the address of your proxy server. Examples: - `http://domain` Do not provide credentials in the format - `http://(username:password@)domain` these will be rejected by the - server. + Output only. The object name of the VMware OnPremUserCluster custom + resource on the associated admin cluster. This field is used to + support conflicting names when enrolling existing clusters to the + API. When used as a part of cluster enrollment, this field will + differ from the ID in the resource name. For new clusters, this + field will match the user provided cluster name and be visible in + the last component of the resource name. It is not modifiable. All + users should use this name to access their cluster using gkectl or + kubectl and should expect to see the local name when viewing admin + cluster controller logs. + readOnly: true + type: string + storage: + description: Storage configuration. + $ref: '#/components/schemas/VmwareStorageConfig' + etag: type: string - noProxy: description: >- - A list of IPs, hostnames, and domains that should skip the proxy. - Examples: ["127.0.0.1", "example.com", ".corp", "localhost"]. - type: array - items: - type: string - BareMetalClusterOperationsConfig: - id: BareMetalClusterOperationsConfig - description: Specifies the bare metal user cluster's observability infrastructure. + This checksum is computed by the server based on the value of other + fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. Allows clients to + perform consistent read-modify-writes through optimistic concurrency + control. + uid: + description: Output only. The unique identifier of the VMware user cluster. + type: string + readOnly: true type: object + BareMetalAdminMultipleNetworkInterfacesConfig: properties: - enableApplicationLogs: + enabled: description: >- - Whether collection of application logs/metrics should be enabled (in - addition to system logs/metrics). + Whether to enable multiple network interfaces for your pods. When + set network_config.advanced_networking is automatically set to true. type: boolean - BareMetalMaintenanceConfig: - id: BareMetalMaintenanceConfig - description: >- - Specifies configurations to put bare metal nodes in and out of - maintenance. type: object + id: BareMetalAdminMultipleNetworkInterfacesConfig + description: Specifies the multiple networking interfaces cluster configuration. + BareMetalBgpLbConfig: properties: - maintenanceAddressCidrBlocks: - description: >- - Required. All IPv4 address from these ranges will be placed into - maintenance mode. Nodes in maintenance mode will be cordoned and - drained. When both of these are true, the - "baremetal.cluster.gke.io/maintenance" annotation will be set on the - node resource. - type: array + addressPools: items: - type: string - BareMetalWorkloadNodeConfig: - id: BareMetalWorkloadNodeConfig - description: Specifies the workload node configurations. - type: object - properties: - maxPodsPerNode: + $ref: '#/components/schemas/BareMetalLoadBalancerAddressPool' + type: array description: >- - The maximum number of pods a node can run. The size of the CIDR - range assigned to the node will be derived from this parameter. - type: string + Required. AddressPools is a list of non-overlapping IP pools used by + load balancer typed services. All addresses must be routable to load + balancer nodes. IngressVIP must be included in the pools. + asn: format: int64 - containerRuntime: - description: Specifies which container runtime will be used. type: string - enumDescriptions: - - No container runtime selected. - - Containerd runtime. - enum: - - CONTAINER_RUNTIME_UNSPECIFIED - - CONTAINERD - Fleet: - id: Fleet - description: >- - Fleet related configuration. Fleets are a Google Cloud concept for - logically organizing clusters, letting you use and manage multi-cluster - capabilities and apply consistent policies across your systems. See - [Anthos - Fleets](`https://cloud.google.com/anthos/multicluster-management/fleets`) - for more details on Anthos multi-cluster capabilities using Fleets. ## - type: object - properties: - membership: description: >- - Output only. The name of the managed fleet Membership resource - associated to this cluster. Membership names are formatted as - `projects//locations//memberships/`. - readOnly: true - type: string - ResourceStatus: - id: ResourceStatus + Required. BGP autonomous system number (ASN) of the cluster. This + field can be updated after cluster creation. + loadBalancerNodePoolConfig: + description: >- + Specifies the node pool running data plane load balancing. L2 + connectivity is required among nodes in this pool. If missing, the + control plane node pool is used for data plane load balancing. + $ref: '#/components/schemas/BareMetalLoadBalancerNodePoolConfig' + bgpPeerConfigs: + items: + $ref: '#/components/schemas/BareMetalBgpPeerConfig' + type: array + description: >- + Required. The list of BGP peers that the cluster will connect to. At + least one peer must be configured for each control plane node. + Control plane nodes will connect to these peers to advertise the + control plane VIP. The Services load balancer also uses these peers + by default. This field can be updated after cluster creation. description: >- - ResourceStatus describes why a cluster or node pool has a certain - status. (e.g., ERROR or DEGRADED). + BareMetalBgpLbConfig represents configuration parameters for a Border + Gateway Protocol (BGP) load balancer. type: object + id: BareMetalBgpLbConfig + QueryVmwareVersionConfigResponse: + type: object + description: Response message for querying VMware user cluster version config. + id: QueryVmwareVersionConfigResponse properties: - errorMessage: - description: >- - Human-friendly representation of the error message from controller. - The error message can be temporary as the controller controller - creates a cluster or node pool. If the error message persists for a - longer period of time, it can be used to surface error message to - indicate real problems requiring user intervention. - type: string - conditions: - description: >- - ResourceCondition provide a standard mechanism for higher-level - status reporting from controller. + versions: type: array items: - $ref: '#/components/schemas/ResourceCondition' - version: - description: Reflect current version of the resource. - type: string - versions: - description: >- - Shows the mapping of a given version to the number of machines under - this version. - $ref: '#/components/schemas/Versions' - ResourceCondition: - id: ResourceCondition - description: >- - ResourceCondition provides a standard mechanism for higher-level status - reporting from controller. + $ref: '#/components/schemas/VmwareVersionInfo' + description: List of available versions to install or to upgrade to. + VmwareAdminLoadBalancerConfig: type: object properties: - type: + vipConfig: + $ref: '#/components/schemas/VmwareAdminVipConfig' + description: The VIPs used by the load balancer. + f5Config: + description: Configuration for F5 Big IP typed load balancers. + $ref: '#/components/schemas/VmwareAdminF5BigIpConfig' + metalLbConfig: + description: MetalLB load balancers. + $ref: '#/components/schemas/VmwareAdminMetalLbConfig' + seesawConfig: + readOnly: true + $ref: '#/components/schemas/VmwareAdminSeesawConfig' + description: Output only. Configuration for Seesaw typed load balancers. + manualLbConfig: + description: Manually configured load balancers. + $ref: '#/components/schemas/VmwareAdminManualLbConfig' + description: >- + VmwareAdminLoadBalancerConfig contains load balancer configuration for + VMware admin cluster. + id: VmwareAdminLoadBalancerConfig + BareMetalKubeletConfig: + id: BareMetalKubeletConfig + properties: + serializeImagePullsDisabled: description: >- - Type of the condition. (e.g., ClusterRunning, NodePoolRunning or - ServerSidePreflightReady) - type: string - reason: - description: Machine-readable message indicating details about last transition. - type: string - message: - description: Human-readable message indicating details about last transition. - type: string - lastTransitionTime: - description: Last time the condition transit from one status to another. - type: string - format: google-datetime - state: - description: state of the condition. - type: string - enumDescriptions: - - Not set. - - Resource is in the condition. - - Resource is not in the condition. - - >- - Kubernetes controller can't decide if the resource is in the - condition or not. - enum: - - STATE_UNSPECIFIED - - STATE_TRUE - - STATE_FALSE - - STATE_UNKNOWN - Versions: - id: Versions + Prevents the Kubelet from pulling multiple images at a time. We + recommend *not* changing the default value on nodes that run docker + daemon with version < 1.9 or an Another Union File System (Aufs) + storage backend. Issue + https://github.com/kubernetes/kubernetes/issues/10959 has more + details. + type: boolean + registryPullQps: + format: int32 + type: integer + description: >- + The limit of registry pulls per second. Setting this value to 0 + means no limit. Updating this field may impact scalability by + changing the amount of traffic produced by image pulls. Defaults to + 5. + registryBurst: + format: int32 + type: integer + description: >- + The maximum size of bursty pulls, temporarily allows pulls to burst + to this number, while still not exceeding registry_pull_qps. The + value must not be a negative number. Updating this field may impact + scalability by changing the amount of traffic produced by image + pulls. Defaults to 10. + type: object description: >- - Versions describes the mapping of a given version to the number of - machines under this version. + KubeletConfig defines the modifiable kubelet configurations for bare + metal machines. Note: this list includes fields supported in GKE (see + https://cloud.google.com/kubernetes-engine/docs/how-to/node-system-config#kubelet-options). + Operation: type: object + id: Operation properties: - versions: + done: + type: boolean description: >- - Shows the mapping of a given version to the number of machines under - this version. - type: array - items: - $ref: '#/components/schemas/Version' + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + name: + type: string + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + response: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + error: + $ref: '#/components/schemas/Status' + description: >- + The error result of the operation in case of failure or + cancellation. + metadata: + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + This resource represents a long-running operation that is the result of + a network API call. Version: - id: Version description: >- Version describes the number of nodes at a given version under a resource. - type: object properties: - version: - description: Resource version. - type: string count: description: Number of machines under the above version. - type: string format: int64 - ValidationCheck: - id: ValidationCheck - description: ValidationCheck represents the result of preflight check. - type: object - properties: - option: - description: Options used for the validation check type: string - enumDescriptions: - - Default value. Standard preflight validation check will be used. - - Prevent failed preflight checks from failing. - - Skip all preflight check validations. - enum: - - OPTIONS_UNSPECIFIED - - SKIP_VALIDATION_CHECK_BLOCKING - - SKIP_VALIDATION_ALL - status: - description: Output only. The detailed validation check status. - readOnly: true - $ref: '#/components/schemas/ValidationCheckStatus' - scenario: - description: Output only. The scenario when the preflight checks were run. - readOnly: true + version: type: string - enumDescriptions: - - Default value. This value is unused. - - The validation check occurred during a create flow. - - The validation check occurred during an update flow. - enum: - - SCENARIO_UNSPECIFIED - - CREATE - - UPDATE - ValidationCheckStatus: - id: ValidationCheckStatus - description: ValidationCheckStatus defines the detailed validation check status. + description: Resource version. + id: Version type: object + VmwareAdminMetalLbConfig: + description: >- + VmwareAdminMetalLbConfig represents configuration parameters for a + MetalLB load balancer. For admin clusters, currently no configurations + is needed. properties: - result: - description: >- - Individual checks which failed as part of the Preflight check - execution. - type: array - items: - $ref: '#/components/schemas/ValidationCheckResult' - ValidationCheckResult: - id: ValidationCheckResult - description: ValidationCheckResult defines the details about the validation check. + enabled: + type: boolean + description: Whether MetalLB is enabled. + id: VmwareAdminMetalLbConfig type: object + BareMetalPortConfig: properties: - state: - description: The validation check state. - type: string - enumDescriptions: - - The default value. The check result is unknown. - - The check failed. - - The check was skipped. - - The check itself failed to complete. - - The check encountered a warning. - enum: - - STATE_UNKNOWN - - STATE_FAILURE - - STATE_SKIPPED - - STATE_FATAL - - STATE_WARNING - description: - description: The description of the validation check. - type: string - category: - description: The category of the validation. - type: string - reason: - description: A human-readable message of the check failure. - type: string - details: - description: Detailed failure information, which might be unformatted. - type: string - BareMetalSecurityConfig: - id: BareMetalSecurityConfig - description: Specifies the security related settings for the bare metal user cluster. + controlPlaneLoadBalancerPort: + format: int32 + description: The port that control plane hosted load balancers will listen on. + type: integer + id: BareMetalPortConfig + description: Specifies load balancer ports for the bare metal user cluster. + type: object + BareMetalLoadBalancerNodePoolConfig: + description: Specifies the load balancer's node pool configuration. + properties: + nodePoolConfig: + description: The generic configuration for a node pool running a load balancer. + $ref: '#/components/schemas/BareMetalNodePoolConfig' type: object + id: BareMetalLoadBalancerNodePoolConfig + BareMetalSecurityConfig: properties: authorization: description: Configures user access to the user cluster. $ref: '#/components/schemas/Authorization' - Authorization: - id: Authorization - description: >- - Authorization defines the On-Prem cluster authorization configuration to - bootstrap onto the admin cluster. + type: object + description: Specifies the security related settings for the bare metal user cluster. + id: BareMetalSecurityConfig + BareMetalAdminApiServerArgument: type: object properties: - adminUsers: + argument: description: >- - For VMware and bare metal user clusters, users will be granted the - cluster-admin role on the cluster, which provides full - administrative access to the cluster. For bare metal admin clusters, - users will be granted the cluster-view role, which limits users to - read-only access. + Required. The argument name as it appears on the API Server command + line please make sure to remove the leading dashes. + type: string + value: + description: >- + Required. The value of the arg as it will be passed to the API + Server command line. + type: string + id: BareMetalAdminApiServerArgument + description: >- + BareMetalAdminApiServerArgument represents an arg name->value pair. Only + a subset of customized flags are supported. Please refer to the API + server documentation below to know the exact format: + https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/ + Versions: + id: Versions + type: object + properties: + versions: type: array items: - $ref: '#/components/schemas/ClusterUser' - ClusterUser: - id: ClusterUser - description: ClusterUser configures user principals for an RBAC policy. - type: object - properties: - username: - description: Required. The name of the user, e.g. `my-gcp-id@gmail.com`. - type: string - BareMetalMaintenanceStatus: - id: BareMetalMaintenanceStatus - description: Represents the maintenance status of the bare metal user cluster. - type: object - properties: - machineDrainStatus: - description: The maintenance status of node machines. - $ref: '#/components/schemas/BareMetalMachineDrainStatus' - BareMetalMachineDrainStatus: - id: BareMetalMachineDrainStatus + $ref: '#/components/schemas/Version' + description: >- + Shows the mapping of a given version to the number of machines under + this version. description: >- - Represents the status of node machines that are undergoing drain - operations. + Versions describes the mapping of a given version to the number of + machines under this version. + BareMetalClusterOperationsConfig: + id: BareMetalClusterOperationsConfig + description: Specifies the bare metal user cluster's observability infrastructure. + properties: + enableApplicationLogs: + description: >- + Whether collection of application logs/metrics should be enabled (in + addition to system logs/metrics). + type: boolean type: object + VmwareAdminNetworkConfig: + id: VmwareAdminNetworkConfig properties: - drainingMachines: - description: The list of draning machines. - type: array + podAddressCidrBlocks: items: - $ref: '#/components/schemas/BareMetalDrainingMachine' - drainedMachines: - description: The list of drained machines. + type: string type: array - items: - $ref: '#/components/schemas/BareMetalDrainedMachine' - BareMetalDrainingMachine: - id: BareMetalDrainingMachine - description: Represents a machine that is currently draining. - type: object - properties: - nodeIp: - description: Draining machine IP address. - type: string - podCount: - description: The count of pods yet to drain. - type: integer - format: int32 - BareMetalDrainedMachine: - id: BareMetalDrainedMachine - description: Represents a machine that is currently drained. - type: object - properties: - nodeIp: - description: Drained machine IP address. + description: >- + Required. All pods in the cluster are assigned an RFC1918 IPv4 + address from these ranges. Only a single range is supported. This + field cannot be changed after creation. + haControlPlaneConfig: + description: Configuration for HA admin cluster control plane. + $ref: '#/components/schemas/VmwareAdminHAControlPlaneConfig' + staticIpConfig: + description: Configuration settings for a static IP configuration. + $ref: '#/components/schemas/VmwareStaticIpConfig' + hostConfig: + description: >- + Represents common network settings irrespective of the host's IP + address. + $ref: '#/components/schemas/VmwareHostConfig' + vcenterNetwork: + description: vcenter_network specifies vCenter network name. type: string - BareMetalNodeAccessConfig: - id: BareMetalNodeAccessConfig + dhcpIpConfig: + $ref: '#/components/schemas/VmwareDhcpIpConfig' + description: Configuration settings for a DHCP IP configuration. + serviceAddressCidrBlocks: + type: array + items: + type: string + description: >- + Required. All services in the cluster are assigned an RFC1918 IPv4 + address from these ranges. Only a single range is supported. This + field cannot be changed after creation. description: >- - Specifies the node access related settings for the bare metal user + VmwareAdminNetworkConfig contains network configuration for VMware admin cluster. type: object + BareMetalProxyConfig: + id: BareMetalProxyConfig properties: - loginUser: + uri: description: >- - LoginUser is the user name used to access node machines. It defaults - to "root" if not set. + Required. Specifies the address of your proxy server. Examples: + `http://domain` Do not provide credentials in the format + `http://(username:password@)domain` these will be rejected by the + server. type: string - BareMetalOsEnvironmentConfig: - id: BareMetalOsEnvironmentConfig - description: Specifies operating system settings for cluster provisioning. - type: object - properties: - packageRepoExcluded: + noProxy: + type: array description: >- - Whether the package repo should not be included when initializing - bare metal machines. - type: boolean - BinaryAuthorization: - id: BinaryAuthorization - description: Configuration for Binary Authorization. + A list of IPs, hostnames, and domains that should skip the proxy. + Examples: ["127.0.0.1", "example.com", ".corp", "localhost"]. + items: + type: string + description: Specifies the cluster proxy configuration. type: object + OperationStage: properties: - evaluationMode: - description: >- - Mode of operation for binauthz policy evaluation. If unspecified, - defaults to DISABLED. + stage: type: string enumDescriptions: - - Default value - - Disable BinaryAuthorization - - >- - Enforce Kubernetes admission requests with BinaryAuthorization - using the project's singleton policy. + - Not set. + - Preflight checks are running. + - Resource is being configured. + - Resource is being deployed. + - Waiting for the resource to become healthy. + - Resource is being updated. enum: - - EVALUATION_MODE_UNSPECIFIED - - DISABLED - - PROJECT_SINGLETON_POLICY_ENFORCE - BareMetalClusterUpgradePolicy: - id: BareMetalClusterUpgradePolicy - description: BareMetalClusterUpgradePolicy defines the cluster upgrade policy. - type: object - properties: - policy: - description: Specifies which upgrade policy to use. - type: string + - STAGE_UNSPECIFIED + - PREFLIGHT_CHECK + - CONFIGURE + - DEPLOY + - HEALTH_CHECK + - UPDATE + description: The high-level stage of the operation. + metrics: + items: + $ref: '#/components/schemas/Metric' + description: Progress metric bundle. + type: array + state: enumDescriptions: - - No upgrade policy selected. - - Upgrade worker node pools sequentially. - - Upgrade all worker node pools in parallel. - enum: - - NODE_POOL_POLICY_UNSPECIFIED - - SERIAL - - CONCURRENT - pause: - description: >- - Output only. Pause is used to show the upgrade pause status. It's - view only for now. + - Not set. + - The stage is pending. + - The stage is running + - The stage has completed successfully. + - The stage has failed. + description: Output only. State of the stage. readOnly: true - type: boolean - EnrollBareMetalClusterRequest: - id: EnrollBareMetalClusterRequest - description: >- - Message for enrolling an existing bare metal cluster to the Anthos - On-Prem API. - type: object - properties: - bareMetalClusterId: - description: >- - User provided OnePlatform identifier that is used as part of the - resource name. This must be unique among all bare metal clusters - within a project and location and will return a 409 if the cluster - already exists. (https://tools.ietf.org/html/rfc1123) format. - type: string - localName: - description: >- - Optional. The object name of the bare metal cluster custom resource - on the associated admin cluster. This field is used to support - conflicting resource names when enrolling existing clusters to the - API. When not provided, this field will resolve to the - bare_metal_cluster_id. Otherwise, it must match the object name of - the bare metal cluster custom resource. It is not modifiable outside - / beyond the enrollment operation. type: string - adminClusterMembership: - description: >- - Required. The admin cluster this bare metal user cluster belongs to. - This is the full resource name of the admin cluster's fleet - membership. In the future, references to other resource types might - be allowed if admin clusters are modeled as their own resources. + enum: + - STATE_UNSPECIFIED + - PENDING + - RUNNING + - SUCCEEDED + - FAILED + endTime: + format: google-datetime type: string - localNamespace: - description: Optional. The namespace of the cluster. + description: Time the stage ended. + startTime: + format: google-datetime type: string - ListBareMetalClustersResponse: - id: ListBareMetalClustersResponse - description: Response message for listing bare metal Clusters. + description: Time the stage started. type: object + id: OperationStage + description: Information about a particular stage of an operation. + BareMetalLoadBalancerConfig: + type: object + id: BareMetalLoadBalancerConfig properties: - bareMetalClusters: - description: The list of bare metal Clusters. - type: array - items: - $ref: '#/components/schemas/BareMetalCluster' - nextPageToken: + portConfig: + description: Configures the ports that the load balancer will listen on. + $ref: '#/components/schemas/BareMetalPortConfig' + vipConfig: + $ref: '#/components/schemas/BareMetalVipConfig' + description: The VIPs used by the load balancer. + bgpLbConfig: description: >- - A token identifying a page of results the server should return. If - the token is not empty this means that more results are available - and should be retrieved by repeating the request with the provided - page token. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - QueryBareMetalVersionConfigResponse: - id: QueryBareMetalVersionConfigResponse - description: Response message for querying bare metal admin cluster version config. + Configuration for BGP typed load balancers. When set + network_config.advanced_networking is automatically set to true. + $ref: '#/components/schemas/BareMetalBgpLbConfig' + manualLbConfig: + description: Manually configured load balancers. + $ref: '#/components/schemas/BareMetalManualLbConfig' + metalLbConfig: + $ref: '#/components/schemas/BareMetalMetalLbConfig' + description: Configuration for MetalLB load balancers. + description: Specifies the load balancer configuration. + ListVmwareClustersResponse: type: object properties: - versions: - description: List of available versions to install or to upgrade to. + vmwareClusters: + items: + $ref: '#/components/schemas/VmwareCluster' type: array + description: The list of VMware Cluster. + unreachable: items: - $ref: '#/components/schemas/BareMetalVersionInfo' - BareMetalVersionInfo: - id: BareMetalVersionInfo - description: Contains information about a specific Anthos on bare metal version. + type: string + description: Locations that could not be reached. + type: array + nextPageToken: + type: string + description: >- + A token identifying a page of results the server should return. If + the token is not empty this means that more results are available + and should be retrieved by repeating the request with the provided + page token. + id: ListVmwareClustersResponse + description: Response message for listing VMware Clusters. + BareMetalAdminProxyConfig: + id: BareMetalAdminProxyConfig type: object properties: - version: - description: Version number e.g. 1.13.1. - type: string - hasDependencies: + noProxy: description: >- - If set, the cluster dependencies (e.g. the admin cluster, other user - clusters managed by the same admin cluster, version skew policy, - etc) must be upgraded before this version can be installed or - upgraded to. - type: boolean - dependencies: - description: The list of upgrade dependencies for this version. + A list of IPs, hostnames, and domains that should skip the proxy. + Examples: ["127.0.0.1", "example.com", ".corp", "localhost"]. type: array items: - $ref: '#/components/schemas/UpgradeDependency' - UpgradeDependency: - id: UpgradeDependency - description: UpgradeDependency represents a dependency when upgrading a resource. + type: string + uri: + description: >- + Required. Specifies the address of your proxy server. Examples: + `http://domain` WARNING: Do not provide credentials in the format + `http://(username:password@)domain` these will be rejected by the + server. + type: string + description: BareMetalAdminProxyConfig specifies the cluster proxy configuration. + BareMetalLvpConfig: type: object properties: - resourceName: - description: Resource name of the dependency. - type: string - currentVersion: - description: Current version of the dependency e.g. 1.15.0. - type: string - targetVersion: - description: >- - Target version of the dependency e.g. 1.16.1. This is the version - the dependency needs to be upgraded to before a resource can be - upgraded. + storageClass: + description: Required. The StorageClass name that PVs will be created with. type: string - membership: - description: >- - Membership names are formatted as - `projects//locations//memberships/`. + path: + description: Required. The host machine path. type: string - EnrollVmwareClusterRequest: - id: EnrollVmwareClusterRequest - description: >- - Message for enrolling an existing VMware cluster to the Anthos On-Prem - API. + description: Specifies the configs for local persistent volumes (PVs). + id: BareMetalLvpConfig + VmwareControlPlaneV2Config: + properties: + controlPlaneIpBlock: + $ref: '#/components/schemas/VmwareIpBlock' + description: Static IP addresses for the control plane nodes. + description: Specifies control plane V2 config. + id: VmwareControlPlaneV2Config type: object + VmwareControlPlaneVsphereConfig: + type: object + description: Specifies control plane node config. + id: VmwareControlPlaneVsphereConfig properties: - vmwareClusterId: - description: >- - User provided OnePlatform identifier that is used as part of the - resource name. This must be unique among all GKE on-prem clusters - within a project and location and will return a 409 if the cluster - already exists. (https://tools.ietf.org/html/rfc1123) format. + datastore: + description: The Vsphere datastore used by the control plane Node. type: string - localName: - description: >- - Optional. The object name of the VMware OnPremUserCluster custom - resource on the associated admin cluster. This field is used to - support conflicting resource names when enrolling existing clusters - to the API. When not provided, this field will resolve to the - vmware_cluster_id. Otherwise, it must match the object name of the - VMware OnPremUserCluster custom resource. It is not modifiable - outside / beyond the enrollment operation. + storagePolicyName: type: string - adminClusterMembership: + description: The Vsphere storage policy used by the control plane Node. + BareMetalAdminOsEnvironmentConfig: + properties: + packageRepoExcluded: description: >- - Required. The admin cluster this VMware user cluster belongs to. - This is the full resource name of the admin cluster's fleet - membership. In the future, references to other resource types might - be allowed if admin clusters are modeled as their own resources. - type: string - validateOnly: - description: Validate the request without actually doing any updates. + Whether the package repo should be added when initializing bare + metal machines. type: boolean - VmwareCluster: - id: VmwareCluster - description: 'Resource that represents a VMware user cluster. ##' + id: BareMetalAdminOsEnvironmentConfig + description: Specifies operating system operation settings for cluster provisioning. type: object + VmwareHostIp: properties: - name: - description: Immutable. The VMware user cluster resource name. - type: string - adminClusterMembership: - description: >- - Required. The admin cluster this VMware user cluster belongs to. - This is the full resource name of the admin cluster's fleet - membership. In the future, references to other resource types might - be allowed if admin clusters are modeled as their own resources. - type: string - description: - description: A human readable description of this VMware user cluster. - type: string - onPremVersion: + hostname: description: >- - Required. The Anthos clusters on the VMware version for your user - cluster. - type: string - uid: - description: Output only. The unique identifier of the VMware user cluster. - readOnly: true - type: string - state: - description: Output only. The current state of VMware user cluster. - readOnly: true + Hostname of the machine. VM's name will be used if this field is + empty. type: string - enumDescriptions: - - Not set. - - The PROVISIONING state indicates the cluster is being created. - - >- - The RUNNING state indicates the cluster has been created and is - fully usable. - - >- - The RECONCILING state indicates that the cluster is being updated. - It remains available, but potentially with degraded performance. - - The STOPPING state indicates the cluster is being deleted. - - >- - The ERROR state indicates the cluster is in a broken unrecoverable - state. - - >- - The DEGRADED state indicates the cluster requires user action to - restore full functionality. - enum: - - STATE_UNSPECIFIED - - PROVISIONING - - RUNNING - - RECONCILING - - STOPPING - - ERROR - - DEGRADED - endpoint: - description: Output only. The DNS name of VMware user cluster's API server. - readOnly: true + ip: type: string - reconciling: description: >- - Output only. If set, there are currently changes in flight to the - VMware user cluster. - readOnly: true - type: boolean - createTime: - description: Output only. The time at which VMware user cluster was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time at which VMware user cluster was last updated. - readOnly: true - type: string - format: google-datetime - localName: + IP could be an IP address (like 1.2.3.4) or a CIDR (like + 1.2.3.0/24). + id: VmwareHostIp + type: object + description: Represents VMware user cluster node's network configuration. + VmwareAdminManualLbConfig: + properties: + konnectivityServerNodePort: description: >- - Output only. The object name of the VMware OnPremUserCluster custom - resource on the associated admin cluster. This field is used to - support conflicting names when enrolling existing clusters to the - API. When used as a part of cluster enrollment, this field will - differ from the ID in the resource name. For new clusters, this - field will match the user provided cluster name and be visible in - the last component of the resource name. It is not modifiable. All - users should use this name to access their cluster using gkectl or - kubectl and should expect to see the local name when viewing admin - cluster controller logs. - readOnly: true - type: string - etag: + NodePort for konnectivity server service running as a sidecar in + each kube-apiserver pod (ex. 30564). + format: int32 + type: integer + ingressHttpsNodePort: + type: integer + format: int32 description: >- - This checksum is computed by the server based on the value of other - fields, and may be sent on update and delete requests to ensure the - client has an up-to-date value before proceeding. Allows clients to - perform consistent read-modify-writes through optimistic concurrency - control. - type: string - annotations: + NodePort for ingress service's https. The ingress service in the + admin cluster is implemented as a Service of type NodePort (ex. + 30139). + controlPlaneNodePort: description: >- - Annotations on the VMware user cluster. This field has the same - restrictions as Kubernetes annotations. The total size of all keys - and values combined is limited to 256k. Key can have 2 segments: - prefix (optional) and name (required), separated by a slash (/). - Prefix must be a DNS subdomain. Name must be 63 characters or less, - begin and end with alphanumerics, with dashes (-), underscores (_), - dots (.), and alphanumerics between. - type: object - additionalProperties: - type: string - controlPlaneNode: - description: >- - VMware user cluster control plane nodes must have either 1 or 3 - replicas. - $ref: '#/components/schemas/VmwareControlPlaneNodeConfig' - antiAffinityGroups: - description: >- - AAGConfig specifies whether to spread VMware user cluster nodes - across at least three physical hosts in the datacenter. - $ref: '#/components/schemas/VmwareAAGConfig' - storage: - description: Storage configuration. - $ref: '#/components/schemas/VmwareStorageConfig' - networkConfig: - description: The VMware user cluster network configuration. - $ref: '#/components/schemas/VmwareNetworkConfig' - loadBalancer: - description: Load balancer configuration. - $ref: '#/components/schemas/VmwareLoadBalancerConfig' - vcenter: - description: >- - VmwareVCenterConfig specifies vCenter config for the user cluster. - If unspecified, it is inherited from the admin cluster. - $ref: '#/components/schemas/VmwareVCenterConfig' - status: - description: Output only. ResourceStatus representing detailed cluster state. - readOnly: true - $ref: '#/components/schemas/ResourceStatus' - dataplaneV2: - description: VmwareDataplaneV2Config specifies configuration for Dataplane V2. - $ref: '#/components/schemas/VmwareDataplaneV2Config' - vmTrackingEnabled: - description: Enable VM tracking. - type: boolean - autoRepairConfig: - description: Configuration for auto repairing. - $ref: '#/components/schemas/VmwareAutoRepairConfig' - fleet: - description: Output only. Fleet configuration for the cluster. - readOnly: true - $ref: '#/components/schemas/Fleet' - authorization: - description: >- - RBAC policy that will be applied and managed by the Anthos On-Prem - API. - $ref: '#/components/schemas/Authorization' - deleteTime: - description: Output only. The time at which VMware user cluster was deleted. - readOnly: true - type: string - format: google-datetime - validationCheck: - description: >- - Output only. ValidationCheck represents the result of the preflight - check job. - readOnly: true - $ref: '#/components/schemas/ValidationCheck' - adminClusterName: - description: >- - Output only. The resource name of the VMware admin cluster hosting - this user cluster. - readOnly: true - type: string - enableControlPlaneV2: - description: Enable control plane V2. Default to false. - type: boolean - binaryAuthorization: - description: Binary Authorization related configurations. - $ref: '#/components/schemas/BinaryAuthorization' - upgradePolicy: - description: Specifies upgrade policy for the cluster. - $ref: '#/components/schemas/VmwareClusterUpgradePolicy' - disableBundledIngress: - description: Disable bundled ingress. - type: boolean - enableAdvancedCluster: - description: Enable advanced cluster. - type: boolean - VmwareControlPlaneNodeConfig: - id: VmwareControlPlaneNodeConfig - description: Specifies control plane node config for the VMware user cluster. - type: object - properties: - cpus: - description: >- - The number of CPUs for each admin cluster node that serve as control - planes for this VMware user cluster. (default: 4 CPUs) - type: string - format: int64 - memory: - description: >- - The megabytes of memory for each admin cluster node that serves as a - control plane for this VMware user cluster (default: 8192 MB - memory). - type: string - format: int64 - replicas: + NodePort for control plane service. The Kubernetes API server in the + admin cluster is implemented as a Service of type NodePort (ex. + 30968). + format: int32 + type: integer + ingressHttpNodePort: description: >- - The number of control plane nodes for this VMware user cluster. - (default: 1 replica). - type: string - format: int64 - autoResizeConfig: - description: AutoResizeConfig provides auto resizing configurations. - $ref: '#/components/schemas/VmwareAutoResizeConfig' - vsphereConfig: - description: Vsphere-specific config. - $ref: '#/components/schemas/VmwareControlPlaneVsphereConfig' - VmwareAutoResizeConfig: - id: VmwareAutoResizeConfig - description: Represents auto resizing configurations for the VMware user cluster. + NodePort for ingress service's http. The ingress service in the + admin cluster is implemented as a Service of type NodePort (ex. + 32527). + type: integer + format: int32 + addonsNodePort: + description: NodePort for add-ons server in the admin cluster. + type: integer + format: int32 + id: VmwareAdminManualLbConfig type: object + BareMetalAdminManualLbConfig: properties: enabled: - description: Whether to enable controle plane node auto resizing. + description: Whether manual load balancing is enabled. type: boolean - VmwareControlPlaneVsphereConfig: - id: VmwareControlPlaneVsphereConfig - description: Specifies control plane node config. - type: object - properties: - datastore: - description: The Vsphere datastore used by the control plane Node. - type: string - storagePolicyName: - description: The Vsphere storage policy used by the control plane Node. - type: string - VmwareAAGConfig: - id: VmwareAAGConfig - description: Specifies anti affinity group config for the VMware user cluster. + id: BareMetalAdminManualLbConfig type: object - properties: - aagConfigDisabled: - description: >- - Spread nodes across at least three physical hosts (requires at least - three hosts). Enabled by default. - type: boolean - VmwareStorageConfig: - id: VmwareStorageConfig description: >- - Specifies vSphere CSI components deployment config in the VMware user - cluster. - type: object + BareMetalAdminManualLbConfig represents configuration parameters for a + manual load balancer. + BareMetalControlPlaneConfig: properties: - vsphereCsiDisabled: + apiServerArgs: + items: + $ref: '#/components/schemas/BareMetalApiServerArgument' description: >- - Whether or not to deploy vSphere CSI components in the VMware user - cluster. Enabled by default. - type: boolean - VmwareNetworkConfig: - id: VmwareNetworkConfig - description: Specifies network config for the VMware user cluster. + Customizes the default API server args. Only a subset of customized + flags are supported. For the exact format, refer to the [API server + documentation](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/). + type: array + controlPlaneNodePoolConfig: + $ref: '#/components/schemas/BareMetalControlPlaneNodePoolConfig' + description: Required. Configures the node pool running the control plane. + id: BareMetalControlPlaneConfig + description: Specifies the control plane configuration. type: object + VmwareStaticIpConfig: properties: - serviceAddressCidrBlocks: - description: >- - Required. All services in the cluster are assigned an RFC1918 IPv4 - address from these ranges. Only a single range is supported. This - field cannot be changed after creation. - type: array + ipBlocks: items: - type: string - podAddressCidrBlocks: + $ref: '#/components/schemas/VmwareIpBlock' description: >- - Required. All pods in the cluster are assigned an RFC1918 IPv4 - address from these ranges. Only a single range is supported. This - field cannot be changed after creation. + Represents the configuration values for static IP allocation to + nodes. type: array - items: - type: string - staticIpConfig: - description: Configuration settings for a static IP configuration. - $ref: '#/components/schemas/VmwareStaticIpConfig' - dhcpIpConfig: - description: Configuration settings for a DHCP IP configuration. - $ref: '#/components/schemas/VmwareDhcpIpConfig' - vcenterNetwork: - description: >- - vcenter_network specifies vCenter network name. Inherited from the - admin cluster. - type: string - hostConfig: - description: >- - Represents common network settings irrespective of the host's IP - address. - $ref: '#/components/schemas/VmwareHostConfig' - controlPlaneV2Config: - description: Configuration for control plane V2 mode. - $ref: '#/components/schemas/VmwareControlPlaneV2Config' - VmwareStaticIpConfig: id: VmwareStaticIpConfig description: >- Represents the network configuration required for the VMware user clusters with Static IP configurations. type: object + Status: properties: - ipBlocks: + message: description: >- - Represents the configuration values for static IP allocation to - nodes. - type: array - items: - $ref: '#/components/schemas/VmwareIpBlock' - VmwareIpBlock: - id: VmwareIpBlock - description: Represents a collection of IP addresses to assign to nodes. - type: object - properties: - netmask: - description: The netmask used by the VMware user cluster. - type: string - gateway: - description: The network gateway used by the VMware user cluster. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - ips: - description: The node's network configurations used by the VMware user cluster. + details: + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. type: array items: - $ref: '#/components/schemas/VmwareHostIp' - VmwareHostIp: - id: VmwareHostIp - description: Represents VMware user cluster node's network configuration. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + id: Status type: object + Fleet: properties: - ip: - description: >- - IP could be an IP address (like 1.2.3.4) or a CIDR (like - 1.2.3.0/24). - type: string - hostname: + membership: + readOnly: true description: >- - Hostname of the machine. VM's name will be used if this field is - empty. + Output only. The name of the managed fleet Membership resource + associated to this cluster. Membership names are formatted as + `projects//locations//memberships/`. type: string - VmwareDhcpIpConfig: - id: VmwareDhcpIpConfig - description: >- - Represents the network configuration required for the VMware user - clusters with DHCP IP configurations. type: object - properties: - enabled: - description: >- - enabled is a flag to mark if DHCP IP allocation is used for VMware - user clusters. - type: boolean - VmwareHostConfig: - id: VmwareHostConfig + id: Fleet description: >- - Represents the common parameters for all the hosts irrespective of their - IP address. + Fleet related configuration. Fleets are a Google Cloud concept for + logically organizing clusters, letting you use and manage multi-cluster + capabilities and apply consistent policies across your systems. See + [Anthos + Fleets](`https://cloud.google.com/anthos/multicluster-management/fleets`) + for more details on Anthos multi-cluster capabilities using Fleets. ## + BareMetalNodePoolConfig: type: object properties: - dnsServers: - description: DNS servers. - type: array + kubeletConfig: + $ref: '#/components/schemas/BareMetalKubeletConfig' + description: The modifiable kubelet configurations for the bare metal machines. + nodeConfigs: items: - type: string - ntpServers: - description: NTP servers. + $ref: '#/components/schemas/BareMetalNodeConfig' + description: Required. The list of machine addresses in the bare metal node pool. type: array - items: - type: string - dnsSearchDomains: - description: DNS search domains. + taints: type: array items: + $ref: '#/components/schemas/NodeTaint' + description: The initial taints assigned to nodes of this node pool. + labels: + description: >- + The labels assigned to nodes of this node pool. An object containing + a list of key/value pairs. Example: { "name": "wrench", "mass": + "1.3kg", "count": "3" }. + type: object + additionalProperties: type: string - VmwareControlPlaneV2Config: - id: VmwareControlPlaneV2Config - description: Specifies control plane V2 config. + operatingSystem: + type: string + enum: + - OPERATING_SYSTEM_UNSPECIFIED + - LINUX + description: 'Specifies the nodes operating system (default: LINUX).' + enumDescriptions: + - No operating system runtime selected. + - Linux operating system. + id: BareMetalNodePoolConfig + description: >- + BareMetalNodePoolConfig describes the configuration of all nodes within + a given bare metal node pool. + NodeTaint: + id: NodeTaint type: object properties: - controlPlaneIpBlock: - description: Static IP addresses for the control plane nodes. - $ref: '#/components/schemas/VmwareIpBlock' - VmwareLoadBalancerConfig: - id: VmwareLoadBalancerConfig - description: Specifies the locad balancer config for the VMware user cluster. + effect: + enumDescriptions: + - Not set. + - >- + Do not allow new pods to schedule onto the node unless they + tolerate the taint, but allow all pods submitted to Kubelet + without going through the scheduler to start, and allow all + already-running pods to continue running. Enforced by the + scheduler. + - >- + Like TaintEffectNoSchedule, but the scheduler tries not to + schedule new pods onto the node, rather than prohibiting new pods + from scheduling onto the node entirely. Enforced by the scheduler. + - >- + Evict any already-running pods that do not tolerate the taint. + Currently enforced by NodeController. + type: string + description: The taint effect. + enum: + - EFFECT_UNSPECIFIED + - NO_SCHEDULE + - PREFER_NO_SCHEDULE + - NO_EXECUTE + value: + type: string + description: Value associated with the effect. + key: + type: string + description: Key associated with the effect. + description: >- + NodeTaint applied to every Kubernetes node in a node pool. Kubernetes + taints can be used together with tolerations to control how workloads + are scheduled to your nodes. Node taints are permanent. + VmwareAdminHAControlPlaneConfig: type: object properties: - vipConfig: - description: The VIPs used by the load balancer. - $ref: '#/components/schemas/VmwareVipConfig' - f5Config: - description: Configuration for F5 Big IP typed load balancers. - $ref: '#/components/schemas/VmwareF5BigIpConfig' - manualLbConfig: - description: Manually configured load balancers. - $ref: '#/components/schemas/VmwareManualLbConfig' - seesawConfig: - description: Output only. Configuration for Seesaw typed load balancers. - readOnly: true - $ref: '#/components/schemas/VmwareSeesawConfig' - metalLbConfig: - description: Configuration for MetalLB typed load balancers. - $ref: '#/components/schemas/VmwareMetalLbConfig' - VmwareVipConfig: - id: VmwareVipConfig - description: Specifies the VIP config for the VMware user cluster load balancer. + controlPlaneIpBlock: + $ref: '#/components/schemas/VmwareIpBlock' + description: Static IP addresses for the admin control plane nodes. + description: Specifies HA admin control plane config. + id: VmwareAdminHAControlPlaneConfig + Location: + id: Location type: object properties: - controlPlaneVip: + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + displayName: + type: string description: >- - The VIP which you previously set aside for the Kubernetes API of - this cluster. + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + metadata: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + Service-specific metadata. For example the available capacity at the + given location. + labels: + type: object + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + additionalProperties: + type: string + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` type: string + description: A resource that represents a Google Cloud location. + BareMetalNetworkConfig: + properties: + multipleNetworkInterfacesConfig: + description: Configuration for multiple network interfaces. + $ref: '#/components/schemas/BareMetalMultipleNetworkInterfacesConfig' + islandModeCidr: + description: >- + Configuration for island mode CIDR. In an island-mode network, nodes + have unique IP addresses, but pods don't have unique addresses + across clusters. This doesn't cause problems because pods in one + cluster never directly communicate with pods in another cluster. + Instead, there are gateways that mediate between a pod in one + cluster and a pod in another cluster. + $ref: '#/components/schemas/BareMetalIslandModeCidrConfig' + advancedNetworking: + description: >- + Enables the use of advanced Anthos networking features, such as + Bundled Load Balancing with BGP or the egress NAT gateway. Setting + configuration for advanced networking features will automatically + set this flag. + type: boolean + srIovConfig: + $ref: '#/components/schemas/BareMetalSrIovConfig' + description: Configuration for SR-IOV. + description: Specifies the cluster network configuration. + id: BareMetalNetworkConfig + type: object + VmwareVipConfig: + properties: ingressVip: description: >- The VIP which you previously set aside for ingress traffic into this cluster. type: string - VmwareF5BigIpConfig: - id: VmwareF5BigIpConfig - description: Represents configuration parameters for an F5 BIG-IP load balancer. - type: object - properties: - address: - description: The load balancer's IP address. - type: string - partition: + controlPlaneVip: description: >- - The preexisting partition to be used by the load balancer. This - partition is usually created for the admin cluster for example: - 'my-f5-admin-partition'. - type: string - snatPool: - description: The pool name. Only necessary, if using SNAT. + The VIP which you previously set aside for the Kubernetes API of + this cluster. type: string + id: VmwareVipConfig + description: Specifies the VIP config for the VMware user cluster load balancer. + type: object + Empty: + type: object + properties: {} + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } VmwareManualLbConfig: id: VmwareManualLbConfig - description: >- - Represents configuration parameters for an already existing manual load - balancer. Given the nature of manual load balancers it is expected that - said load balancer will be fully managed by users. IMPORTANT: Please - note that the Anthos On-Prem API will not generate or update ManualLB - configurations it can only bind a pre-existing configuration to a new - VMware user cluster. - type: object properties: ingressHttpNodePort: + format: int32 description: >- NodePort for ingress service's http. The ingress service in the admin cluster is implemented as a Service of type NodePort (ex. 32527). type: integer - format: int32 ingressHttpsNodePort: description: >- NodePort for ingress service's https. The ingress service in the @@ -1784,21 +1399,247 @@ components: 30139). type: integer format: int32 + konnectivityServerNodePort: + description: >- + NodePort for konnectivity server service running as a sidecar in + each kube-apiserver pod (ex. 30564). + type: integer + format: int32 controlPlaneNodePort: + format: int32 description: >- NodePort for control plane service. The Kubernetes API server in the admin cluster is implemented as a Service of type NodePort (ex. 30968). type: integer + type: object + description: >- + Represents configuration parameters for an already existing manual load + balancer. Given the nature of manual load balancers it is expected that + said load balancer will be fully managed by users. IMPORTANT: Please + note that the Anthos On-Prem API will not generate or update ManualLB + configurations it can only bind a pre-existing configuration to a new + VMware user cluster. + BareMetalAdminPortConfig: + type: object + description: BareMetalAdminPortConfig is the specification of load balancer ports. + properties: + controlPlaneLoadBalancerPort: + type: integer format: int32 - konnectivityServerNodePort: + description: The port that control plane hosted load balancers will listen on. + id: BareMetalAdminPortConfig + VmwareVsphereTag: + type: object + properties: + tag: + description: The Vsphere tag name. + type: string + category: + description: The Vsphere tag category. + type: string + id: VmwareVsphereTag + description: >- + VmwareVsphereTag describes a vSphere tag to be placed on VMs in the node + pool. For more information, see + https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vcenterhost.doc/GUID-E8E854DD-AA97-4E0C-8419-CE84F93C4058.html + VmwareLoadBalancerConfig: + type: object + description: Specifies the locad balancer config for the VMware user cluster. + id: VmwareLoadBalancerConfig + properties: + f5Config: + description: Configuration for F5 Big IP typed load balancers. + $ref: '#/components/schemas/VmwareF5BigIpConfig' + seesawConfig: + description: Output only. Configuration for Seesaw typed load balancers. + readOnly: true + $ref: '#/components/schemas/VmwareSeesawConfig' + vipConfig: + description: The VIPs used by the load balancer. + $ref: '#/components/schemas/VmwareVipConfig' + metalLbConfig: + description: Configuration for MetalLB typed load balancers. + $ref: '#/components/schemas/VmwareMetalLbConfig' + manualLbConfig: + description: Manually configured load balancers. + $ref: '#/components/schemas/VmwareManualLbConfig' + BareMetalAdminLoadBalancerConfig: + type: object + description: >- + BareMetalAdminLoadBalancerConfig specifies the load balancer + configuration. + id: BareMetalAdminLoadBalancerConfig + properties: + bgpLbConfig: + $ref: '#/components/schemas/BareMetalAdminBgpLbConfig' + description: Configuration for BGP typed load balancers. + portConfig: + description: Configures the ports that the load balancer will listen on. + $ref: '#/components/schemas/BareMetalAdminPortConfig' + manualLbConfig: + description: Manually configured load balancers. + $ref: '#/components/schemas/BareMetalAdminManualLbConfig' + vipConfig: + $ref: '#/components/schemas/BareMetalAdminVipConfig' + description: The VIPs used by the load balancer. + BareMetalClusterUpgradePolicy: + id: BareMetalClusterUpgradePolicy + type: object + properties: + policy: + enum: + - NODE_POOL_POLICY_UNSPECIFIED + - SERIAL + - CONCURRENT + type: string + enumDescriptions: + - No upgrade policy selected. + - Upgrade worker node pools sequentially. + - Upgrade all worker node pools in parallel. + description: Specifies which upgrade policy to use. + pause: + type: boolean + readOnly: true description: >- - NodePort for konnectivity server service running as a sidecar in - each kube-apiserver pod (ex. 30564). - type: integer + Output only. Pause is used to show the upgrade pause status. It's + view only for now. + description: BareMetalClusterUpgradePolicy defines the cluster upgrade policy. + EnrollVmwareNodePoolRequest: + type: object + description: Message for enrolling a VMware node pool. + id: EnrollVmwareNodePoolRequest + properties: + vmwareNodePoolId: + type: string + description: The target node pool id to be enrolled. + OperationMetadata: + id: OperationMetadata + type: object + properties: + requestedCancellation: + readOnly: true + description: >- + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have [Operation.error] value with a [google.rpc.Status.code] of 1, + corresponding to `Code.CANCELLED`. + type: boolean + statusMessage: + readOnly: true + description: Output only. Human-readable status of the operation, if any. + type: string + endTime: + readOnly: true + description: Output only. The time the operation finished running. + type: string + format: google-datetime + target: + readOnly: true + type: string + description: >- + Output only. Server-defined resource path for the target of the + operation. + createTime: + description: Output only. The time the operation was created. + readOnly: true + type: string + format: google-datetime + verb: + description: Output only. Name of the verb executed by the operation. + readOnly: true + type: string + controlPlaneDisconnected: + readOnly: true + description: >- + Output only. Denotes if the local managing cluster's control plane + is currently disconnected. This is expected to occur temporarily + during self-managed cluster upgrades. + type: boolean + type: + enumDescriptions: + - Not set. + - The resource is being created. + - The resource is being deleted. + - The resource is being updated. + - The resource is being upgraded. + - The platform is being upgraded. + readOnly: true + type: string + enum: + - OPERATION_TYPE_UNSPECIFIED + - CREATE + - DELETE + - UPDATE + - UPGRADE + - PLATFORM_UPGRADE + description: Output only. Type of operation being executed. + apiVersion: + readOnly: true + type: string + description: Output only. API version used to start the operation. + progress: + $ref: '#/components/schemas/OperationProgress' + description: Output only. Detailed progress information for the operation. + readOnly: true + description: Represents the metadata of the long-running operation. + BareMetalAdminDrainingMachine: + type: object + description: >- + BareMetalAdminDrainingMachine represents the machines that are currently + draining. + properties: + nodeIp: + type: string + description: Draining machine IP address. + podCount: + description: The count of pods yet to drain. format: int32 + type: integer + id: BareMetalAdminDrainingMachine + VmwareNetworkConfig: + description: Specifies network config for the VMware user cluster. + properties: + podAddressCidrBlocks: + items: + type: string + description: >- + Required. All pods in the cluster are assigned an RFC1918 IPv4 + address from these ranges. Only a single range is supported. This + field cannot be changed after creation. + type: array + controlPlaneV2Config: + $ref: '#/components/schemas/VmwareControlPlaneV2Config' + description: Configuration for control plane V2 mode. + hostConfig: + description: >- + Represents common network settings irrespective of the host's IP + address. + $ref: '#/components/schemas/VmwareHostConfig' + serviceAddressCidrBlocks: + type: array + items: + type: string + description: >- + Required. All services in the cluster are assigned an RFC1918 IPv4 + address from these ranges. Only a single range is supported. This + field cannot be changed after creation. + vcenterNetwork: + type: string + description: >- + vcenter_network specifies vCenter network name. Inherited from the + admin cluster. + dhcpIpConfig: + $ref: '#/components/schemas/VmwareDhcpIpConfig' + description: Configuration settings for a DHCP IP configuration. + staticIpConfig: + $ref: '#/components/schemas/VmwareStaticIpConfig' + description: Configuration settings for a static IP configuration. + id: VmwareNetworkConfig + type: object VmwareSeesawConfig: id: VmwareSeesawConfig + type: object description: >- VmwareSeesawConfig represents configuration parameters for an already existing Seesaw load balancer. IMPORTANT: Please note that the Anthos @@ -1818,590 +1659,595 @@ components: credentials must be keyed with the following names: 'seesaw-ssh-private-key', 'seesaw-ssh-public-key', 'seesaw-ssh-ca-key', 'seesaw-ssh-ca-cert'. - type: object properties: + vms: + type: array + description: Names of the VMs created for this Seesaw group. + items: + type: string + stackdriverName: + description: Name to be used by Stackdriver. + type: string group: + type: string description: >- Required. In general the following format should be used for the Seesaw group name: seesaw-for-[cluster_name]. - type: string masterIp: + type: string description: >- Required. MasterIP is the IP announced by the master of Seesaw group. - type: string - ipBlocks: - description: Required. The IP Blocks to be used by the Seesaw load balancer - type: array - items: - $ref: '#/components/schemas/VmwareIpBlock' enableHa: + type: boolean description: >- Enable two load balancer VMs to achieve a highly-available Seesaw load balancer. - type: boolean - vms: - description: Names of the VMs created for this Seesaw group. + ipBlocks: type: array items: - type: string - stackdriverName: - description: Name to be used by Stackdriver. - type: string - VmwareMetalLbConfig: - id: VmwareMetalLbConfig - description: Represents configuration parameters for the MetalLB load balancer. + $ref: '#/components/schemas/VmwareIpBlock' + description: Required. The IP Blocks to be used by the Seesaw load balancer + TestIamPermissionsRequest: + id: TestIamPermissionsRequest type: object properties: - addressPools: - description: >- - Required. AddressPools is a list of non-overlapping IP pools used by - load balancer typed services. All addresses must be routable to load - balancer nodes. IngressVIP must be included in the pools. + permissions: type: array items: - $ref: '#/components/schemas/VmwareAddressPool' - VmwareAddressPool: - id: VmwareAddressPool - description: Represents an IP pool used by the load balancer. - type: object + type: string + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + description: Request message for `TestIamPermissions` method. + BareMetalMaintenanceConfig: + id: BareMetalMaintenanceConfig + description: >- + Specifies configurations to put bare metal nodes in and out of + maintenance. properties: - pool: - description: Required. The name of the address pool. - type: string - addresses: + maintenanceAddressCidrBlocks: description: >- - Required. The addresses that are part of this pool. Each address - must be either in the CIDR form (1.2.3.0/24) or range form - (1.2.3.1-1.2.3.5). - type: array + Required. All IPv4 address from these ranges will be placed into + maintenance mode. Nodes in maintenance mode will be cordoned and + drained. When both of these are true, the + "baremetal.cluster.gke.io/maintenance" annotation will be set on the + node resource. items: type: string - avoidBuggyIps: - description: >- - If true, avoid using IPs ending in .0 or .255. This avoids buggy - consumer devices mistakenly dropping IPv4 traffic for those special - IP addresses. - type: boolean - manualAssign: - description: If true, prevent IP addresses from being automatically assigned. - type: boolean - VmwareVCenterConfig: - id: VmwareVCenterConfig - description: Represents configuration for the VMware VCenter for the user cluster. + type: array type: object - properties: - resourcePool: - description: The name of the vCenter resource pool for the user cluster. - type: string - datastore: - description: The name of the vCenter datastore for the user cluster. - type: string - datacenter: - description: The name of the vCenter datacenter for the user cluster. - type: string - cluster: - description: The name of the vCenter cluster for the user cluster. - type: string - folder: - description: The name of the vCenter folder for the user cluster. - type: string - caCertData: - description: Contains the vCenter CA certificate public key for SSL verification. - type: string - address: - description: Output only. The vCenter IP address. - readOnly: true - type: string - storagePolicyName: - description: The name of the vCenter storage policy for the user cluster. - type: string - VmwareDataplaneV2Config: - id: VmwareDataplaneV2Config + CancelOperationRequest: + type: object + properties: {} + id: CancelOperationRequest + description: The request message for Operations.CancelOperation. + VmwareStorageConfig: description: >- - Contains configurations for Dataplane V2, which is optimized dataplane - for Kubernetes networking. For more information, see: - https://cloud.google.com/kubernetes-engine/docs/concepts/dataplane-v2 + Specifies vSphere CSI components deployment config in the VMware user + cluster. type: object properties: - dataplaneV2Enabled: - description: Enables Dataplane V2. - type: boolean - windowsDataplaneV2Enabled: - description: Enable Dataplane V2 for clusters with Windows nodes. - type: boolean - advancedNetworking: + vsphereCsiDisabled: description: >- - Enable advanced networking which requires dataplane_v2_enabled to be - set true. + Whether or not to deploy vSphere CSI components in the VMware user + cluster. Enabled by default. type: boolean - forwardMode: - description: Configure ForwardMode for Dataplane v2. - type: string - VmwareAutoRepairConfig: - id: VmwareAutoRepairConfig + id: VmwareStorageConfig + Authorization: + id: Authorization description: >- - Specifies config to enable/disable auto repair. The - cluster-health-controller is deployed only if Enabled is true. + Authorization defines the On-Prem cluster authorization configuration to + bootstrap onto the admin cluster. + properties: + adminUsers: + items: + $ref: '#/components/schemas/ClusterUser' + type: array + description: >- + For VMware and bare metal user clusters, users will be granted the + cluster-admin role on the cluster, which provides full + administrative access to the cluster. For bare metal admin clusters, + users will be granted the cluster-view role, which limits users to + read-only access. type: object + VmwareAdminPreparedSecretsConfig: properties: enabled: - description: Whether auto repair is enabled. + description: Whether prepared secrets is enabled. type: boolean - VmwareClusterUpgradePolicy: - id: VmwareClusterUpgradePolicy - description: VmwareClusterUpgradePolicy defines the cluster upgrade policy. + id: VmwareAdminPreparedSecretsConfig type: object + description: >- + VmwareAdminPreparedSecretsConfig represents configuration for admin + cluster prepared secrets. + EnrollBareMetalNodePoolRequest: + description: >- + Message for enrolling an existing bare metal node pool to the GKE + on-prem API. properties: - controlPlaneOnly: - description: Controls whether the upgrade applies to the control plane only. + bareMetalNodePoolId: + type: string + description: >- + User provided OnePlatform identifier that is used as part of the + resource name. (https://tools.ietf.org/html/rfc1123) format. + validateOnly: + description: >- + If set, only validate the request, but do not actually enroll the + node pool. type: boolean - ListVmwareClustersResponse: - id: ListVmwareClustersResponse - description: Response message for listing VMware Clusters. + id: EnrollBareMetalNodePoolRequest + type: object + BareMetalLvpShareConfig: type: object + id: BareMetalLvpShareConfig + description: >- + Specifies the configs for local persistent volumes under a shared file + system. properties: - vmwareClusters: - description: The list of VMware Cluster. + sharedPathPvCount: + format: int32 + type: integer + description: The number of subdirectories to create under path. + lvpConfig: + $ref: '#/components/schemas/BareMetalLvpConfig' + description: >- + Required. Defines the machine path and storage class for the LVP + Share. + ResourceStatus: + properties: + versions: + $ref: '#/components/schemas/Versions' + description: >- + Shows the mapping of a given version to the number of machines under + this version. + conditions: type: array + description: >- + ResourceCondition provide a standard mechanism for higher-level + status reporting from controller. items: - $ref: '#/components/schemas/VmwareCluster' - nextPageToken: + $ref: '#/components/schemas/ResourceCondition' + errorMessage: description: >- - A token identifying a page of results the server should return. If - the token is not empty this means that more results are available - and should be retrieved by repeating the request with the provided - page token. + Human-friendly representation of the error message from controller. + The error message can be temporary as the controller controller + creates a cluster or node pool. If the error message persists for a + longer period of time, it can be used to surface error message to + indicate real problems requiring user intervention. type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - BareMetalNodePool: - id: BareMetalNodePool - description: Resource that represents a bare metal node pool. + version: + type: string + description: Reflect current version of the resource. + id: ResourceStatus + description: >- + ResourceStatus describes why a cluster or node pool has a certain + status. (e.g., ERROR or DEGRADED). type: object + VmwareAdminProxy: properties: - name: - description: Immutable. The bare metal node pool resource name. + url: + description: The HTTP address of proxy server. type: string - displayName: - description: The display name for the bare metal node pool. + noProxy: + description: >- + A comma-separated list of IP addresses, IP address ranges, host + names, and domain names that should not go through the proxy server. + When Google Distributed Cloud sends a request to one of these + addresses, hosts, or domains, the request is sent directly. type: string - uid: - description: Output only. The unique identifier of the bare metal node pool. - readOnly: true + description: VmwareAdminProxy represents configuration for admin cluster proxy. + id: VmwareAdminProxy + type: object + EnrollVmwareAdminClusterRequest: + id: EnrollVmwareAdminClusterRequest + type: object + description: >- + Message for enrolling an existing VMware admin cluster to the GKE + on-prem API. + properties: + membership: + description: >- + Required. This is the full resource name of this admin cluster's + fleet membership. type: string - state: - description: Output only. The current state of the bare metal node pool. - readOnly: true + vmwareAdminClusterId: type: string - enumDescriptions: - - Not set. - - >- - The PROVISIONING state indicates the bare metal node pool is being - created. - - >- - The RUNNING state indicates the bare metal node pool has been - created and is fully usable. - - >- - The RECONCILING state indicates that the bare metal node pool is - being updated. It remains available, but potentially with degraded - performance. - - >- - The STOPPING state indicates the bare metal node pool is being - deleted. - - >- - The ERROR state indicates the bare metal node pool is in a broken - unrecoverable state. - - >- - The DEGRADED state indicates the bare metal node pool requires - user action to restore full functionality. - enum: - - STATE_UNSPECIFIED - - PROVISIONING - - RUNNING - - RECONCILING - - STOPPING - - ERROR - - DEGRADED - reconciling: - description: >- - Output only. If set, there are currently changes in flight to the - bare metal node pool. - readOnly: true - type: boolean - createTime: description: >- - Output only. The time at which this bare metal node pool was - created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. The time at which this bare metal node pool was last - updated. - readOnly: true + User provided OnePlatform identifier that is used as part of the + resource name. This must be unique among all GKE on-prem clusters + within a project and location and will return a 409 if the cluster + already exists. (https://tools.ietf.org/html/rfc1123) format. + VmwareAdminSeesawConfig: + type: object + properties: + masterIp: type: string - format: google-datetime - deleteTime: + description: MasterIP is the IP announced by the master of Seesaw group. + ipBlocks: + description: The IP Blocks to be used by the Seesaw load balancer + type: array + items: + $ref: '#/components/schemas/VmwareIpBlock' + vms: + items: + type: string + type: array + description: Names of the VMs created for this Seesaw group. + group: description: >- - Output only. The time at which this bare metal node pool was - deleted. If the resource is not deleted, this must be empty - readOnly: true + In general the following format should be used for the Seesaw group + name: seesaw-for-[cluster_name]. type: string - format: google-datetime - etag: - description: >- - This checksum is computed by the server based on the value of other - fields, and may be sent on update and delete requests to ensure the - client has an up-to-date value before proceeding. Allows clients to - perform consistent read-modify-writes through optimistic concurrency - control. + stackdriverName: type: string - annotations: - description: >- - Annotations on the bare metal node pool. This field has the same - restrictions as Kubernetes annotations. The total size of all keys - and values combined is limited to 256k. Key can have 2 segments: - prefix (optional) and name (required), separated by a slash (/). - Prefix must be a DNS subdomain. Name must be 63 characters or less, - begin and end with alphanumerics, with dashes (-), underscores (_), - dots (.), and alphanumerics between. - type: object - additionalProperties: - type: string - nodePoolConfig: - description: Required. Node pool configuration. - $ref: '#/components/schemas/BareMetalNodePoolConfig' - status: + description: Name to be used by Stackdriver. + enableHa: + type: boolean description: >- - Output only. ResourceStatus representing the detailed node pool - status. - readOnly: true - $ref: '#/components/schemas/ResourceStatus' - upgradePolicy: - description: The worker node pool upgrade policy. - $ref: '#/components/schemas/BareMetalNodePoolUpgradePolicy' - BareMetalNodePoolUpgradePolicy: - id: BareMetalNodePoolUpgradePolicy - description: BareMetalNodePoolUpgradePolicy defines the node pool upgrade policy. - type: object - properties: - parallelUpgradeConfig: - description: The parallel upgrade settings for worker node pools. - $ref: '#/components/schemas/BareMetalParallelUpgradeConfig' - BareMetalParallelUpgradeConfig: - id: BareMetalParallelUpgradeConfig + Enable two load balancer VMs to achieve a highly-available Seesaw + load balancer. + id: VmwareAdminSeesawConfig description: >- - BareMetalParallelUpgradeConfig defines the parallel upgrade settings for - worker node pools. + VmwareSeesawConfig represents configuration parameters for an already + existing Seesaw load balancer. IMPORTANT: Please note that the Anthos + On-Prem API will not generate or update Seesaw configurations it can + only bind a pre-existing configuration to a new user cluster. IMPORTANT: + When attempting to create a user cluster with a pre-existing Seesaw load + balancer you will need to follow some preparation steps before calling + the 'CreateVmwareCluster' API method. First you will need to create the + user cluster's namespace via kubectl. The namespace will need to use the + following naming convention : -gke-onprem-mgmt or -gke-onprem-mgmt + depending on whether you used the 'VmwareCluster.local_name' to + disambiguate collisions; for more context see the documentation of + 'VmwareCluster.local_name'. Once the namespace is created you will need + to create a secret resource via kubectl. This secret will contain copies + of your Seesaw credentials. The Secret must be called + 'user-cluster-creds' and contain Seesaw's SSH and Cert credentials. The + credentials must be keyed with the following names: + 'seesaw-ssh-private-key', 'seesaw-ssh-public-key', 'seesaw-ssh-ca-key', + 'seesaw-ssh-ca-cert'. + VmwareAutoRepairConfig: type: object + id: VmwareAutoRepairConfig properties: - concurrentNodes: - description: The maximum number of nodes that can be upgraded at once. - type: integer - format: int32 - minimumAvailableNodes: - description: >- - The minimum number of nodes that should be healthy and available - during an upgrade. If set to the default value of 0, it is possible - that none of the nodes will be available during an upgrade. - type: integer - format: int32 - EnrollBareMetalNodePoolRequest: - id: EnrollBareMetalNodePoolRequest + enabled: + type: boolean + description: Whether auto repair is enabled. description: >- - Message for enrolling an existing bare metal node pool to the GKE - on-prem API. - type: object + Specifies config to enable/disable auto repair. The + cluster-health-controller is deployed only if Enabled is true. + BareMetalLoadBalancerAddressPool: properties: - bareMetalNodePoolId: + addresses: description: >- - User provided OnePlatform identifier that is used as part of the - resource name. (https://tools.ietf.org/html/rfc1123) format. + Required. The addresses that are part of this pool. Each address + must be either in the CIDR form (1.2.3.0/24) or range form + (1.2.3.1-1.2.3.5). + items: + type: string + type: array + pool: type: string - validateOnly: + description: Required. The name of the address pool. + manualAssign: + description: If true, prevent IP addresses from being automatically assigned. + type: boolean + avoidBuggyIps: description: >- - If set, only validate the request, but do not actually enroll the - node pool. + If true, avoid using IPs ending in .0 or .255. This avoids buggy + consumer devices mistakenly dropping IPv4 traffic for those special + IP addresses. type: boolean - ListBareMetalNodePoolsResponse: - id: ListBareMetalNodePoolsResponse - description: Response message for listing bare metal node pools. + description: Represents an IP pool used by the load balancer. type: object + id: BareMetalLoadBalancerAddressPool + BareMetalAdminBgpLbConfig: properties: - bareMetalNodePools: - description: The node pools from the specified parent resource. - type: array - items: - $ref: '#/components/schemas/BareMetalNodePool' - nextPageToken: + addressPools: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Required. AddressPools is a list of non-overlapping IP pools used by + load balancer typed services. All addresses must be routable to load + balancer nodes. IngressVIP must be included in the pools. + items: + $ref: '#/components/schemas/BareMetalAdminLoadBalancerAddressPool' + type: array + asn: + format: int64 type: string - unreachable: - description: Locations that could not be reached. + description: >- + Required. BGP autonomous system number (ASN) of the cluster. This + field can be updated after cluster creation. + loadBalancerNodePoolConfig: + $ref: '#/components/schemas/BareMetalAdminLoadBalancerNodePoolConfig' + description: >- + Specifies the node pool running data plane load balancing. L2 + connectivity is required among nodes in this pool. If missing, the + control plane node pool is used for data plane load balancing. + bgpPeerConfigs: + description: >- + Required. The list of BGP peers that the cluster will connect to. At + least one peer must be configured for each control plane node. + Control plane nodes will connect to these peers to advertise the + control plane VIP. The Services load balancer also uses these peers + by default. This field can be updated after cluster creation. type: array items: - type: string - VmwareNodePool: - id: VmwareNodePool - description: 'Resource VmwareNodePool represents a VMware node pool. ##' + $ref: '#/components/schemas/BareMetalAdminBgpPeerConfig' type: object + description: >- + BareMetalAdminBgpLbConfig represents configuration parameters for a + Border Gateway Protocol (BGP) load balancer. + id: BareMetalAdminBgpLbConfig + BareMetalDrainingMachine: properties: - name: - description: Immutable. The resource name of this node pool. - type: string - displayName: - description: The display name for the node pool. - type: string - uid: - description: Output only. The unique identifier of the node pool. - readOnly: true - type: string - state: - description: Output only. The current state of the node pool. - readOnly: true + nodeIp: type: string - enumDescriptions: - - Not set. - - The PROVISIONING state indicates the node pool is being created. - - >- - The RUNNING state indicates the node pool has been created and is - fully usable. - - >- - The RECONCILING state indicates that the node pool is being - updated. It remains available, but potentially with degraded - performance. - - The STOPPING state indicates the cluster is being deleted - - >- - The ERROR state indicates the node pool is in a broken - unrecoverable state. - - >- - The DEGRADED state indicates the node pool requires user action to - restore full functionality. - enum: - - STATE_UNSPECIFIED - - PROVISIONING - - RUNNING - - RECONCILING - - STOPPING - - ERROR - - DEGRADED - reconciling: - description: >- - Output only. If set, there are currently changes in flight to the - node pool. - readOnly: true - type: boolean - createTime: - description: Output only. The time at which this node pool was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time at which this node pool was last updated. - readOnly: true - type: string - format: google-datetime - deleteTime: - description: >- - Output only. The time at which this node pool was deleted. If the - resource is not deleted, this must be empty - readOnly: true - type: string - format: google-datetime - etag: - description: >- - This checksum is computed by the server based on the value of other - fields, and may be sent on update and delete requests to ensure the - client has an up-to-date value before proceeding. Allows clients to - perform consistent read-modify-writes through optimistic concurrency - control. - type: string - annotations: - description: >- - Annotations on the node pool. This field has the same restrictions - as Kubernetes annotations. The total size of all keys and values - combined is limited to 256k. Key can have 2 segments: prefix - (optional) and name (required), separated by a slash (/). Prefix - must be a DNS subdomain. Name must be 63 characters or less, begin - and end with alphanumerics, with dashes (-), underscores (_), dots - (.), and alphanumerics between. - type: object - additionalProperties: - type: string - nodePoolAutoscaling: - description: Node pool autoscaling config for the node pool. - $ref: '#/components/schemas/VmwareNodePoolAutoscalingConfig' - config: - description: Required. The node configuration of the node pool. - $ref: '#/components/schemas/VmwareNodeConfig' - status: - description: >- - Output only. ResourceStatus representing the detailed VMware node - pool state. - readOnly: true - $ref: '#/components/schemas/ResourceStatus' - onPremVersion: - description: >- - Anthos version for the node pool. Defaults to the user cluster - version. - type: string - VmwareNodePoolAutoscalingConfig: - id: VmwareNodePoolAutoscalingConfig - description: >- - NodePoolAutoscaling config for the NodePool to allow for the kubernetes - to scale NodePool. - type: object - properties: - minReplicas: - description: Minimum number of replicas in the NodePool. - type: integer - format: int32 - maxReplicas: - description: Maximum number of replicas in the NodePool. + description: Draining machine IP address. + podCount: + description: The count of pods yet to drain. type: integer format: int32 - VmwareNodeConfig: - id: VmwareNodeConfig - description: >- - Parameters that describe the configuration of all nodes within a given - node pool. + description: Represents a machine that is currently draining. type: object + id: BareMetalDrainingMachine + QueryBareMetalAdminVersionConfigResponse: + type: object + id: QueryBareMetalAdminVersionConfigResponse + description: Response message for querying bare metal admin cluster version config. properties: - cpus: - description: The number of CPUs for each node in the node pool. - type: string - format: int64 - memoryMb: - description: The megabytes of memory for each node in the node pool. - type: string - format: int64 - replicas: - description: The number of nodes in the node pool. - type: string - format: int64 - imageType: - description: >- - Required. The OS image to be used for each node in a node pool. - Currently `cos`, `cos_cgv2`, `ubuntu`, `ubuntu_cgv2`, - `ubuntu_containerd` and `windows` are supported. - type: string - image: - description: The OS image name in vCenter, only valid when using Windows. - type: string - bootDiskSizeGb: - description: VMware disk size to be used during creation. - type: string - format: int64 - taints: - description: The initial taints assigned to nodes of this node pool. + versions: + description: List of available versions to install or to upgrade to. type: array items: - $ref: '#/components/schemas/NodeTaint' - labels: - description: >- - The map of Kubernetes labels (key/value pairs) to be applied to each - node. These will added in addition to any default label(s) that - Kubernetes may apply to the node. In case of conflict in label keys, - the applied set may differ depending on the Kubernetes version -- - it's best to assume the behavior is undefined and conflicts should - be avoided. For more information, including usage and the valid - values, see: - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - type: object - additionalProperties: - type: string - vsphereConfig: - description: Specifies the vSphere config for node pool. - $ref: '#/components/schemas/VmwareVsphereConfig' - enableLoadBalancer: - description: >- - Allow node pool traffic to be load balanced. Only works for clusters - with MetalLB load balancers. - type: boolean - VmwareVsphereConfig: - id: VmwareVsphereConfig + $ref: '#/components/schemas/BareMetalVersionInfo' + BareMetalAdminMaintenanceStatus: description: >- - VmwareVsphereConfig represents configuration for the VMware VCenter for - node pool. + BareMetalAdminMaintenanceStatus represents the maintenance status for + bare metal Admin cluster CR's nodes. + id: BareMetalAdminMaintenanceStatus type: object properties: - datastore: - description: The name of the vCenter datastore. Inherited from the user cluster. - type: string - tags: - description: Tags to apply to VMs. - type: array + machineDrainStatus: + $ref: '#/components/schemas/BareMetalAdminMachineDrainStatus' + description: >- + Represents the status of draining and drained machine nodes. This is + used to show the progress of cluster upgrade. + BareMetalAdminIslandModeCidrConfig: + properties: + podAddressCidrBlocks: items: - $ref: '#/components/schemas/VmwareVsphereTag' - hostGroups: - description: Vsphere host groups to apply to all VMs in the node pool + type: string type: array + description: >- + Required. All pods in the cluster are assigned an RFC1918 IPv4 + address from these ranges. This field cannot be changed after + creation. + serviceAddressCidrBlocks: items: type: string - VmwareVsphereTag: - id: VmwareVsphereTag + description: >- + Required. All services in the cluster are assigned an RFC1918 IPv4 + address from these ranges. This field cannot be changed after + creation. + type: array + id: BareMetalAdminIslandModeCidrConfig description: >- - VmwareVsphereTag describes a vSphere tag to be placed on VMs in the node - pool. For more information, see - https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vcenterhost.doc/GUID-E8E854DD-AA97-4E0C-8419-CE84F93C4058.html + BareMetalAdminIslandModeCidrConfig specifies the cluster CIDR + configuration while running in island mode. type: object + ResourceCondition: properties: - category: - description: The Vsphere tag category. + type: type: string - tag: - description: The Vsphere tag name. + description: >- + Type of the condition. (e.g., ClusterRunning, NodePoolRunning or + ServerSidePreflightReady) + lastTransitionTime: + description: Last time the condition transit from one status to another. type: string - ListVmwareNodePoolsResponse: - id: ListVmwareNodePoolsResponse - description: Response message for listing VMware node pools. + format: google-datetime + state: + description: state of the condition. + enum: + - STATE_UNSPECIFIED + - STATE_TRUE + - STATE_FALSE + - STATE_UNKNOWN + enumDescriptions: + - Not set. + - Resource is in the condition. + - Resource is not in the condition. + - >- + Kubernetes controller can't decide if the resource is in the + condition or not. + type: string + reason: + description: Machine-readable message indicating details about last transition. + type: string + message: + type: string + description: Human-readable message indicating details about last transition. type: object + id: ResourceCondition + description: >- + ResourceCondition provides a standard mechanism for higher-level status + reporting from controller. + BareMetalAdminBgpPeerConfig: properties: - vmwareNodePools: - description: The node pools from the specified parent resource. - type: array - items: - $ref: '#/components/schemas/VmwareNodePool' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + ipAddress: + description: Required. The IP address of the external peer device. type: string - unreachable: - description: Locations that could not be reached. - type: array + controlPlaneNodes: + description: >- + The IP address of the control plane node that connects to the + external peer. If you don't specify any control plane nodes, all + control plane nodes can connect to the external peer. If you specify + one or more IP addresses, only the nodes specified participate in + peering sessions. items: type: string - EnrollVmwareNodePoolRequest: - id: EnrollVmwareNodePoolRequest - description: Message for enrolling a VMware node pool. + type: array + asn: + type: string + format: int64 + description: >- + Required. BGP autonomous system number (ASN) for the network that + contains the external peer device. + type: object + id: BareMetalAdminBgpPeerConfig + description: >- + BareMetalAdminBgpPeerConfig represents configuration parameters for a + Border Gateway Protocol (BGP) peer. + EnrollBareMetalClusterRequest: type: object properties: - vmwareNodePoolId: - description: The target node pool id to be enrolled. + bareMetalClusterId: + description: >- + User provided OnePlatform identifier that is used as part of the + resource name. This must be unique among all bare metal clusters + within a project and location and will return a 409 if the cluster + already exists. (https://tools.ietf.org/html/rfc1123) format. type: string - VmwareAdminCluster: - id: VmwareAdminCluster - description: Resource that represents a VMware admin cluster. + localName: + description: >- + Optional. The object name of the bare metal cluster custom resource + on the associated admin cluster. This field is used to support + conflicting resource names when enrolling existing clusters to the + API. When not provided, this field will resolve to the + bare_metal_cluster_id. Otherwise, it must match the object name of + the bare metal cluster custom resource. It is not modifiable outside + / beyond the enrollment operation. + type: string + adminClusterMembership: + description: >- + Required. The admin cluster this bare metal user cluster belongs to. + This is the full resource name of the admin cluster's fleet + membership. In the future, references to other resource types might + be allowed if admin clusters are modeled as their own resources. + type: string + localNamespace: + description: Optional. The namespace of the cluster. + type: string + description: >- + Message for enrolling an existing bare metal cluster to the Anthos + On-Prem API. + id: EnrollBareMetalClusterRequest + BareMetalParallelUpgradeConfig: + properties: + minimumAvailableNodes: + format: int32 + description: >- + The minimum number of nodes that should be healthy and available + during an upgrade. If set to the default value of 0, it is possible + that none of the nodes will be available during an upgrade. + type: integer + concurrentNodes: + format: int32 + description: The maximum number of nodes that can be upgraded at once. + type: integer + id: BareMetalParallelUpgradeConfig + description: >- + BareMetalParallelUpgradeConfig defines the parallel upgrade settings for + worker node pools. + type: object + VmwareClusterUpgradePolicy: + id: VmwareClusterUpgradePolicy + properties: + controlPlaneOnly: + description: Controls whether the upgrade applies to the control plane only. + type: boolean + type: object + description: VmwareClusterUpgradePolicy defines the cluster upgrade policy. + BareMetalMaintenanceStatus: type: object + description: Represents the maintenance status of the bare metal user cluster. properties: - name: - description: Immutable. The VMware admin cluster resource name. + machineDrainStatus: + description: The maintenance status of node machines. + $ref: '#/components/schemas/BareMetalMachineDrainStatus' + id: BareMetalMaintenanceStatus + VmwareVCenterConfig: + properties: + datastore: + description: The name of the vCenter datastore for the user cluster. type: string - description: - description: A human readable description of this VMware admin cluster. + address: type: string - uid: - description: Output only. The unique identifier of the VMware admin cluster. readOnly: true + description: Output only. The vCenter IP address. + resourcePool: + description: The name of the vCenter resource pool for the user cluster. + type: string + folder: + description: The name of the vCenter folder for the user cluster. + type: string + cluster: + description: The name of the vCenter cluster for the user cluster. + type: string + caCertData: + description: Contains the vCenter CA certificate public key for SSL verification. + type: string + storagePolicyName: + description: The name of the vCenter storage policy for the user cluster. + type: string + datacenter: + description: The name of the vCenter datacenter for the user cluster. + type: string + type: object + description: Represents configuration for the VMware VCenter for the user cluster. + id: VmwareVCenterConfig + VmwareAAGConfig: + description: Specifies anti affinity group config for the VMware user cluster. + type: object + id: VmwareAAGConfig + properties: + aagConfigDisabled: + description: >- + Spread nodes across at least three physical hosts (requires at least + three hosts). Enabled by default. + type: boolean + ListBareMetalAdminClustersResponse: + description: Response message for listing bare metal admin clusters. + id: ListBareMetalAdminClustersResponse + properties: + nextPageToken: + type: string + description: >- + A token identifying a page of results the server should return. If + the token is not empty this means that more results are available + and should be retrieved by repeating the request with the provided + page token. + bareMetalAdminClusters: + items: + $ref: '#/components/schemas/BareMetalAdminCluster' + description: The list of bare metal admin cluster. + type: array + unreachable: + items: + type: string + description: Locations that could not be reached. + type: array + type: object + VmwareNodePool: + type: object + description: 'Resource VmwareNodePool represents a VMware node pool. ##' + id: VmwareNodePool + properties: + displayName: + description: The display name for the node pool. type: string + nodePoolAutoscaling: + $ref: '#/components/schemas/VmwareNodePoolAutoscalingConfig' + description: Node pool autoscaling config for the node pool. + reconciling: + description: >- + Output only. If set, there are currently changes in flight to the + node pool. + readOnly: true + type: boolean etag: description: >- This checksum is computed by the server based on the value of other @@ -2410,50 +2256,76 @@ components: perform consistent read-modify-writes through optimistic concurrency control. type: string - createTime: - description: Output only. The time at which VMware admin cluster was created. - readOnly: true + deleteTime: + description: >- + Output only. The time at which this node pool was deleted. If the + resource is not deleted, this must be empty type: string format: google-datetime + readOnly: true updateTime: - description: >- - Output only. The time at which VMware admin cluster was last - updated. + description: Output only. The time at which this node pool was last updated. readOnly: true type: string format: google-datetime + config: + description: Required. The node configuration of the node pool. + $ref: '#/components/schemas/VmwareNodeConfig' + uid: + type: string + description: Output only. The unique identifier of the node pool. + readOnly: true annotations: - description: >- - Annotations on the VMware admin cluster. This field has the same - restrictions as Kubernetes annotations. The total size of all keys - and values combined is limited to 256k. Key can have 2 segments: - prefix (optional) and name (required), separated by a slash (/). - Prefix must be a DNS subdomain. Name must be 63 characters or less, - begin and end with alphanumerics, with dashes (-), underscores (_), - dots (.), and alphanumerics between. - type: object additionalProperties: type: string - state: - description: Output only. The current state of VMware admin cluster. + description: >- + Annotations on the node pool. This field has the same restrictions + as Kubernetes annotations. The total size of all keys and values + combined is limited to 256k. Key can have 2 segments: prefix + (optional) and name (required), separated by a slash (/). Prefix + must be a DNS subdomain. Name must be 63 characters or less, begin + and end with alphanumerics, with dashes (-), underscores (_), dots + (.), and alphanumerics between. + type: object + status: + description: >- + Output only. ResourceStatus representing the detailed VMware node + pool state. + $ref: '#/components/schemas/ResourceStatus' + readOnly: true + onPremVersion: + type: string + description: >- + Anthos version for the node pool. Defaults to the user cluster + version. + createTime: readOnly: true type: string + description: Output only. The time at which this node pool was created. + format: google-datetime + name: + description: Immutable. The resource name of this node pool. + type: string + state: + readOnly: true enumDescriptions: - Not set. - - The PROVISIONING state indicates the cluster is being created. + - The PROVISIONING state indicates the node pool is being created. - >- - The RUNNING state indicates the cluster has been created and is + The RUNNING state indicates the node pool has been created and is fully usable. - >- - The RECONCILING state indicates that the cluster is being updated. - It remains available, but potentially with degraded performance. - - The STOPPING state indicates the cluster is being deleted. + The RECONCILING state indicates that the node pool is being + updated. It remains available, but potentially with degraded + performance. + - The STOPPING state indicates the cluster is being deleted - >- - The ERROR state indicates the cluster is in a broken unrecoverable - state. + The ERROR state indicates the node pool is in a broken + unrecoverable state. - >- - The DEGRADED state indicates the cluster requires user action to + The DEGRADED state indicates the node pool requires user action to restore full functionality. + type: string enum: - STATE_UNSPECIFIED - PROVISIONING @@ -2462,538 +2334,737 @@ components: - STOPPING - ERROR - DEGRADED - endpoint: - description: Output only. The DNS name of VMware admin cluster's API server. - readOnly: true - type: string - reconciling: - description: >- - Output only. If set, there are currently changes in flight to the - VMware admin cluster. - readOnly: true - type: boolean - localName: + description: Output only. The current state of the node pool. + ValidationCheckStatus: + type: object + properties: + result: description: >- - Output only. The object name of the VMware OnPremAdminCluster custom - resource. This field is used to support conflicting names when - enrolling existing clusters to the API. When used as a part of - cluster enrollment, this field will differ from the ID in the - resource name. For new clusters, this field will match the user - provided cluster name and be visible in the last component of the - resource name. It is not modifiable. All users should use this name - to access their cluster using gkectl or kubectl and should expect to - see the local name when viewing admin cluster controller logs. - readOnly: true - type: string - bootstrapClusterMembership: - description: The bootstrap cluster this VMware admin cluster belongs to. + Individual checks which failed as part of the Preflight check + execution. + type: array + items: + $ref: '#/components/schemas/ValidationCheckResult' + id: ValidationCheckStatus + description: ValidationCheckStatus defines the detailed validation check status. + ClusterUser: + properties: + username: type: string - onPremVersion: - description: The Anthos clusters on the VMware version for the admin cluster. + description: Required. The name of the user, e.g. `my-gcp-id@gmail.com`. + description: ClusterUser configures user principals for an RBAC policy. + id: ClusterUser + type: object + BareMetalVipConfig: + properties: + ingressVip: + description: >- + The VIP which you previously set aside for ingress traffic into this + bare metal user cluster. type: string - fleet: - description: Output only. Fleet configuration for the cluster. - readOnly: true - $ref: '#/components/schemas/Fleet' - imageType: - description: The OS image type for the VMware admin cluster. + controlPlaneVip: type: string - vcenter: - description: The VMware admin cluster VCenter configuration. - $ref: '#/components/schemas/VmwareAdminVCenterConfig' - networkConfig: - description: The VMware admin cluster network configuration. - $ref: '#/components/schemas/VmwareAdminNetworkConfig' - loadBalancer: - description: The VMware admin cluster load balancer configuration. - $ref: '#/components/schemas/VmwareAdminLoadBalancerConfig' - controlPlaneNode: - description: The VMware admin cluster control plane node configuration. - $ref: '#/components/schemas/VmwareAdminControlPlaneNodeConfig' - addonNode: - description: The VMware admin cluster addon node configuration. - $ref: '#/components/schemas/VmwareAdminAddonNodeConfig' - antiAffinityGroups: - description: The VMware admin cluster anti affinity group configuration. - $ref: '#/components/schemas/VmwareAAGConfig' - autoRepairConfig: - description: The VMware admin cluster auto repair configuration. - $ref: '#/components/schemas/VmwareAutoRepairConfig' - status: - description: Output only. ResourceStatus representing detailed cluster state. - readOnly: true - $ref: '#/components/schemas/ResourceStatus' - platformConfig: - description: The VMware platform configuration. - $ref: '#/components/schemas/VmwarePlatformConfig' - preparedSecrets: - description: >- - Output only. The VMware admin cluster prepared secrets - configuration. It should always be enabled by the Central API, - instead of letting users set it. - readOnly: true - $ref: '#/components/schemas/VmwareAdminPreparedSecretsConfig' - authorization: - description: The VMware admin cluster authorization configuration. - $ref: '#/components/schemas/VmwareAdminAuthorizationConfig' - validationCheck: description: >- - Output only. ValidationCheck represents the result of the preflight - check job. - readOnly: true - $ref: '#/components/schemas/ValidationCheck' - enableAdvancedCluster: - description: Enable advanced cluster. + The VIP which you previously set aside for the Kubernetes API of + this bare metal user cluster. + description: Specifies the VIP config for the bare metal load balancer. + id: BareMetalVipConfig + type: object + BareMetalManualLbConfig: + id: BareMetalManualLbConfig + properties: + enabled: type: boolean - privateRegistryConfig: - description: Configuration for registry. - $ref: '#/components/schemas/VmwareAdminPrivateRegistryConfig' - VmwareAdminVCenterConfig: - id: VmwareAdminVCenterConfig - description: >- - VmwareAdminVCenterConfig contains VCenter configuration for VMware admin - cluster. + description: Whether manual load balancing is enabled. type: object + description: Represents configuration parameters for a manual load balancer. + VmwareNodeConfig: + type: object + description: >- + Parameters that describe the configuration of all nodes within a given + node pool. + id: VmwareNodeConfig properties: - resourcePool: - description: The name of the vCenter resource pool for the admin cluster. - type: string - datastore: - description: The name of the vCenter datastore for the admin cluster. - type: string - datacenter: - description: The name of the vCenter datacenter for the admin cluster. - type: string - cluster: - description: The name of the vCenter cluster for the admin cluster. + replicas: + description: The number of nodes in the node pool. + format: int64 type: string - folder: - description: The name of the vCenter folder for the admin cluster. + cpus: type: string - caCertData: - description: Contains the vCenter CA certificate public key for SSL verification. + description: The number of CPUs for each node in the node pool. + format: int64 + taints: + items: + $ref: '#/components/schemas/NodeTaint' + description: The initial taints assigned to nodes of this node pool. + type: array + labels: + description: >- + The map of Kubernetes labels (key/value pairs) to be applied to each + node. These will added in addition to any default label(s) that + Kubernetes may apply to the node. In case of conflict in label keys, + the applied set may differ depending on the Kubernetes version -- + it's best to assume the behavior is undefined and conflicts should + be avoided. For more information, including usage and the valid + values, see: + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + additionalProperties: + type: string + type: object + image: type: string - address: - description: The vCenter IP address. + description: The OS image name in vCenter, only valid when using Windows. + enableLoadBalancer: + type: boolean + description: >- + Allow node pool traffic to be load balanced. Only works for clusters + with MetalLB load balancers. + memoryMb: + format: int64 type: string - dataDisk: - description: The name of the virtual machine disk (VMDK) for the admin cluster. + description: The megabytes of memory for each node in the node pool. + imageType: + description: >- + Required. The OS image to be used for each node in a node pool. + Currently `cos`, `cos_cgv2`, `ubuntu`, `ubuntu_cgv2`, + `ubuntu_containerd` and `windows` are supported. type: string - storagePolicyName: - description: The name of the vCenter storage policy for the user cluster. + vsphereConfig: + $ref: '#/components/schemas/VmwareVsphereConfig' + description: Specifies the vSphere config for node pool. + bootDiskSizeGb: + format: int64 + description: VMware disk size to be used during creation. type: string - VmwareAdminNetworkConfig: - id: VmwareAdminNetworkConfig - description: >- - VmwareAdminNetworkConfig contains network configuration for VMware admin - cluster. - type: object + BareMetalMultipleNetworkInterfacesConfig: + id: BareMetalMultipleNetworkInterfacesConfig + description: Specifies the multiple networking interfaces cluster configuration. properties: - serviceAddressCidrBlocks: + enabled: description: >- - Required. All services in the cluster are assigned an RFC1918 IPv4 - address from these ranges. Only a single range is supported. This - field cannot be changed after creation. - type: array + Whether to enable multiple network interfaces for your pods. When + set network_config.advanced_networking is automatically set to true. + type: boolean + type: object + ListOperationsResponse: + type: object + description: The response message for Operations.ListOperations. + properties: + nextPageToken: + description: The standard List next-page token. + type: string + unreachable: items: type: string - podAddressCidrBlocks: description: >- - Required. All pods in the cluster are assigned an RFC1918 IPv4 - address from these ranges. Only a single range is supported. This - field cannot be changed after creation. + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + operations: + description: >- + A list of operations that matches the specified filter in the + request. type: array items: - type: string - staticIpConfig: - description: Configuration settings for a static IP configuration. - $ref: '#/components/schemas/VmwareStaticIpConfig' - dhcpIpConfig: - description: Configuration settings for a DHCP IP configuration. - $ref: '#/components/schemas/VmwareDhcpIpConfig' - vcenterNetwork: - description: vcenter_network specifies vCenter network name. + $ref: '#/components/schemas/Operation' + id: ListOperationsResponse + BareMetalCluster: + properties: + deleteTime: + description: >- + Output only. The time when the bare metal user cluster was deleted. + If the resource is not deleted, this must be empty + format: google-datetime type: string - hostConfig: + readOnly: true + reconciling: + type: boolean description: >- - Represents common network settings irrespective of the host's IP - address. - $ref: '#/components/schemas/VmwareHostConfig' - haControlPlaneConfig: - description: Configuration for HA admin cluster control plane. - $ref: '#/components/schemas/VmwareAdminHAControlPlaneConfig' - VmwareAdminHAControlPlaneConfig: - id: VmwareAdminHAControlPlaneConfig - description: Specifies HA admin control plane config. - type: object - properties: - controlPlaneIpBlock: - description: Static IP addresses for the admin control plane nodes. - $ref: '#/components/schemas/VmwareIpBlock' - VmwareAdminLoadBalancerConfig: - id: VmwareAdminLoadBalancerConfig - description: >- - VmwareAdminLoadBalancerConfig contains load balancer configuration for - VMware admin cluster. - type: object - properties: - vipConfig: - description: The VIPs used by the load balancer. - $ref: '#/components/schemas/VmwareAdminVipConfig' - f5Config: - description: Configuration for F5 Big IP typed load balancers. - $ref: '#/components/schemas/VmwareAdminF5BigIpConfig' - manualLbConfig: - description: Manually configured load balancers. - $ref: '#/components/schemas/VmwareAdminManualLbConfig' - metalLbConfig: - description: MetalLB load balancers. - $ref: '#/components/schemas/VmwareAdminMetalLbConfig' - seesawConfig: - description: Output only. Configuration for Seesaw typed load balancers. + Output only. If set, there are currently changes in flight to the + bare metal user cluster. readOnly: true - $ref: '#/components/schemas/VmwareAdminSeesawConfig' - VmwareAdminVipConfig: - id: VmwareAdminVipConfig - description: VmwareAdminVipConfig for VMware load balancer configurations. - type: object - properties: - controlPlaneVip: + adminClusterName: description: >- - The VIP which you previously set aside for the Kubernetes API of the - admin cluster. + Output only. The resource name of the bare metal admin cluster + managing this user cluster. type: string - addonsVip: - description: The VIP to configure the load balancer for add-ons. + readOnly: true + osEnvironmentConfig: + description: OS environment related configurations. + $ref: '#/components/schemas/BareMetalOsEnvironmentConfig' + loadBalancer: + description: Required. Load balancer configuration. + $ref: '#/components/schemas/BareMetalLoadBalancerConfig' + validationCheck: + readOnly: true + description: Output only. The result of the preflight check. + $ref: '#/components/schemas/ValidationCheck' + description: type: string - VmwareAdminF5BigIpConfig: - id: VmwareAdminF5BigIpConfig - description: >- - VmwareAdminF5BigIpConfig represents configuration parameters for an F5 - BIG-IP load balancer. - type: object - properties: - address: - description: The load balancer's IP address. + description: A human readable description of this bare metal user cluster. + bareMetalVersion: + description: >- + Required. The Anthos clusters on bare metal version for your user + cluster. + type: string + nodeAccessConfig: + $ref: '#/components/schemas/BareMetalNodeAccessConfig' + description: Node access related configurations. + localName: type: string - partition: description: >- - The preexisting partition to be used by the load balancer. This - partition is usually created for the admin cluster for example: - 'my-f5-admin-partition'. + Output only. The object name of the bare metal user cluster custom + resource on the associated admin cluster. This field is used to + support conflicting names when enrolling existing clusters to the + API. When used as a part of cluster enrollment, this field will + differ from the name in the resource name. For new clusters, this + field will match the user provided cluster name and be visible in + the last component of the resource name. It is not modifiable. When + the local name and cluster name differ, the local name is used in + the admin cluster controller logs. You use the cluster name when + accessing the cluster using bmctl and kubectl. + readOnly: true + fleet: + description: Output only. Fleet configuration for the cluster. + readOnly: true + $ref: '#/components/schemas/Fleet' + adminClusterMembership: + description: >- + Required. The admin cluster this bare metal user cluster belongs to. + This is the full resource name of the admin cluster's fleet + membership. type: string - snatPool: - description: The pool name. Only necessary, if using SNAT. + storage: + description: Required. Storage configuration. + $ref: '#/components/schemas/BareMetalStorageConfig' + maintenanceConfig: + $ref: '#/components/schemas/BareMetalMaintenanceConfig' + description: Maintenance configuration. + updateTime: + description: >- + Output only. The time when the bare metal user cluster was last + updated. + format: google-datetime + readOnly: true type: string - VmwareAdminManualLbConfig: - id: VmwareAdminManualLbConfig + localNamespace: + description: Output only. The namespace of the cluster. + type: string + readOnly: true + maintenanceStatus: + $ref: '#/components/schemas/BareMetalMaintenanceStatus' + description: Output only. Status of on-going maintenance tasks. + readOnly: true + nodeConfig: + description: Workload node configuration. + $ref: '#/components/schemas/BareMetalWorkloadNodeConfig' + proxy: + description: Proxy configuration. + $ref: '#/components/schemas/BareMetalProxyConfig' + clusterOperations: + description: Cluster operations configuration. + $ref: '#/components/schemas/BareMetalClusterOperationsConfig' + binaryAuthorization: + description: Binary Authorization related configurations. + $ref: '#/components/schemas/BinaryAuthorization' + securityConfig: + description: Security related setting configuration. + $ref: '#/components/schemas/BareMetalSecurityConfig' + controlPlane: + description: Required. Control plane configuration. + $ref: '#/components/schemas/BareMetalControlPlaneConfig' + createTime: + description: Output only. The time when the bare metal user cluster was created. + readOnly: true + type: string + format: google-datetime + state: + readOnly: true + type: string + description: Output only. The current state of the bare metal user cluster. + enum: + - STATE_UNSPECIFIED + - PROVISIONING + - RUNNING + - RECONCILING + - STOPPING + - ERROR + - DEGRADED + enumDescriptions: + - Not set. + - The PROVISIONING state indicates the cluster is being created. + - >- + The RUNNING state indicates the cluster has been created and is + fully usable. + - >- + The RECONCILING state indicates that the cluster is being updated. + It remains available, but potentially with degraded performance. + - The STOPPING state indicates the cluster is being deleted. + - >- + The ERROR state indicates the cluster is in a broken unrecoverable + state. + - >- + The DEGRADED state indicates the cluster requires user action to + restore full functionality. + etag: + type: string + readOnly: true + description: >- + Output only. This checksum is computed by the server based on the + value of other fields, and may be sent on update and delete requests + to ensure the client has an up-to-date value before proceeding. + Allows clients to perform consistent read-modify-writes through + optimistic concurrency control. + networkConfig: + description: Required. Network configuration. + $ref: '#/components/schemas/BareMetalNetworkConfig' + upgradePolicy: + $ref: '#/components/schemas/BareMetalClusterUpgradePolicy' + description: The cluster upgrade policy. + endpoint: + type: string + readOnly: true + description: >- + Output only. The IP address of the bare metal user cluster's API + server. + status: + description: Output only. Detailed cluster status. + $ref: '#/components/schemas/ResourceStatus' + readOnly: true + annotations: + type: object + additionalProperties: + type: string + description: >- + Annotations on the bare metal user cluster. This field has the same + restrictions as Kubernetes annotations. The total size of all keys + and values combined is limited to 256k. Key can have 2 segments: + prefix (optional) and name (required), separated by a slash (/). + Prefix must be a DNS subdomain. Name must be 63 characters or less, + begin and end with alphanumerics, with dashes (-), underscores (_), + dots (.), and alphanumerics between. + name: + type: string + description: Immutable. The bare metal user cluster resource name. + uid: + readOnly: true + type: string + description: Output only. The unique identifier of the bare metal user cluster. + id: BareMetalCluster type: object + description: Resource that represents a bare metal user cluster. + Expr: properties: - ingressHttpNodePort: + description: + type: string description: >- - NodePort for ingress service's http. The ingress service in the - admin cluster is implemented as a Service of type NodePort (ex. - 32527). - type: integer - format: int32 - ingressHttpsNodePort: + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + expression: + type: string description: >- - NodePort for ingress service's https. The ingress service in the - admin cluster is implemented as a Service of type NodePort (ex. - 30139). - type: integer - format: int32 - controlPlaneNodePort: + Textual representation of an expression in Common Expression + Language syntax. + title: description: >- - NodePort for control plane service. The Kubernetes API server in the - admin cluster is implemented as a Service of type NodePort (ex. - 30968). - type: integer - format: int32 - konnectivityServerNodePort: + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + type: string + location: + type: string description: >- - NodePort for konnectivity server service running as a sidecar in - each kube-apiserver pod (ex. 30564). - type: integer - format: int32 - addonsNodePort: - description: NodePort for add-ons server in the admin cluster. - type: integer - format: int32 - VmwareAdminMetalLbConfig: - id: VmwareAdminMetalLbConfig + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + id: Expr description: >- - VmwareAdminMetalLbConfig represents configuration parameters for a - MetalLB load balancer. For admin clusters, currently no configurations - is needed. + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. type: object - properties: - enabled: - description: Whether MetalLB is enabled. - type: boolean - VmwareAdminSeesawConfig: - id: VmwareAdminSeesawConfig - description: >- - VmwareSeesawConfig represents configuration parameters for an already - existing Seesaw load balancer. IMPORTANT: Please note that the Anthos - On-Prem API will not generate or update Seesaw configurations it can - only bind a pre-existing configuration to a new user cluster. IMPORTANT: - When attempting to create a user cluster with a pre-existing Seesaw load - balancer you will need to follow some preparation steps before calling - the 'CreateVmwareCluster' API method. First you will need to create the - user cluster's namespace via kubectl. The namespace will need to use the - following naming convention : -gke-onprem-mgmt or -gke-onprem-mgmt - depending on whether you used the 'VmwareCluster.local_name' to - disambiguate collisions; for more context see the documentation of - 'VmwareCluster.local_name'. Once the namespace is created you will need - to create a secret resource via kubectl. This secret will contain copies - of your Seesaw credentials. The Secret must be called - 'user-cluster-creds' and contain Seesaw's SSH and Cert credentials. The - credentials must be keyed with the following names: - 'seesaw-ssh-private-key', 'seesaw-ssh-public-key', 'seesaw-ssh-ca-key', - 'seesaw-ssh-ca-cert'. + ListVmwareNodePoolsResponse: type: object + id: ListVmwareNodePoolsResponse + description: Response message for listing VMware node pools. properties: - group: + nextPageToken: description: >- - In general the following format should be used for the Seesaw group - name: seesaw-for-[cluster_name]. - type: string - masterIp: - description: MasterIP is the IP announced by the master of Seesaw group. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - ipBlocks: - description: The IP Blocks to be used by the Seesaw load balancer + unreachable: type: array items: - $ref: '#/components/schemas/VmwareIpBlock' - enableHa: + type: string + description: Locations that could not be reached. + vmwareNodePools: + items: + $ref: '#/components/schemas/VmwareNodePool' + type: array + description: The node pools from the specified parent resource. + BareMetalMetalLbConfig: + type: object + description: Represents configuration parameters for a MetalLB load balancer. + id: BareMetalMetalLbConfig + properties: + loadBalancerNodePoolConfig: + $ref: '#/components/schemas/BareMetalLoadBalancerNodePoolConfig' description: >- - Enable two load balancer VMs to achieve a highly-available Seesaw - load balancer. - type: boolean - vms: - description: Names of the VMs created for this Seesaw group. + Specifies the node pool running the load balancer. L2 connectivity + is required among nodes in this pool. If missing, the control plane + node pool is used as the load balancer pool. + addressPools: + description: >- + Required. AddressPools is a list of non-overlapping IP pools used by + load balancer typed services. All addresses must be routable to load + balancer nodes. IngressVIP must be included in the pools. type: array + items: + $ref: '#/components/schemas/BareMetalLoadBalancerAddressPool' + BareMetalIslandModeCidrConfig: + id: BareMetalIslandModeCidrConfig + description: Specifies the cluster CIDR configuration while running in island mode. + properties: + serviceAddressCidrBlocks: + type: array + description: >- + Required. All services in the cluster are assigned an RFC1918 IPv4 + address from these ranges. This field is mutable after creation + starting with version 1.15. items: type: string - stackdriverName: - description: Name to be used by Stackdriver. - type: string - VmwareAdminControlPlaneNodeConfig: - id: VmwareAdminControlPlaneNodeConfig - description: >- - VmwareAdminControlPlaneNodeConfig contains control plane node - configuration for VMware admin cluster. + podAddressCidrBlocks: + items: + type: string + description: >- + Required. All pods in the cluster are assigned an RFC1918 IPv4 + address from these ranges. This field cannot be changed after + creation. + type: array type: object + BareMetalDrainedMachine: + description: Represents a machine that is currently drained. properties: - cpus: - description: The number of vCPUs for the control-plane node of the admin cluster. + nodeIp: type: string - format: int64 - memory: + description: Drained machine IP address. + type: object + id: BareMetalDrainedMachine + VmwareVersionInfo: + properties: + dependencies: + description: The list of upgrade dependencies for this version. + items: + $ref: '#/components/schemas/UpgradeDependency' + type: array + isInstalled: description: >- - The number of mebibytes of memory for the control-plane node of the - admin cluster. - type: string - format: int64 - replicas: + If set, the version is installed in the admin cluster. Otherwise, + the version bundle must be downloaded and installed before a user + cluster can be created at or upgraded to this version. + type: boolean + hasDependencies: + type: boolean description: >- - The number of control plane nodes for this VMware admin cluster. - (default: 1 replica). + If set, the cluster dependencies (e.g. the admin cluster, other user + clusters managed by the same admin cluster) must be upgraded before + this version can be installed or upgraded to. + version: type: string - format: int64 - VmwareAdminAddonNodeConfig: - id: VmwareAdminAddonNodeConfig - description: >- - VmwareAdminAddonNodeConfig contains add-on node configurations for - VMware admin cluster. + description: Version number e.g. 1.13.1-gke.1000. + id: VmwareVersionInfo + description: Contains information about a specific Anthos on VMware version. type: object + VmwareF5BigIpConfig: properties: - autoResizeConfig: - description: VmwareAutoResizeConfig config specifies auto resize config. - $ref: '#/components/schemas/VmwareAutoResizeConfig' - VmwarePlatformConfig: - id: VmwarePlatformConfig - description: VmwarePlatformConfig represents configuration for the VMware platform. + snatPool: + description: The pool name. Only necessary, if using SNAT. + type: string + partition: + type: string + description: >- + The preexisting partition to be used by the load balancer. This + partition is usually created for the admin cluster for example: + 'my-f5-admin-partition'. + address: + type: string + description: The load balancer's IP address. + description: Represents configuration parameters for an F5 BIG-IP load balancer. + id: VmwareF5BigIpConfig type: object + VmwareBundleConfig: + id: VmwareBundleConfig properties: - requiredPlatformVersion: - description: >- - Input only. The required platform version e.g. 1.13.1. If the - current platform version is lower than the target version, the - platform version will be updated to the target version. If the - target version is not installed in the platform (bundle versions), - download the target version bundle. + version: + description: The version of the bundle. type: string - platformVersion: - description: Output only. The platform version e.g. 1.13.2. + status: + description: Output only. Resource status for the bundle. readOnly: true + $ref: '#/components/schemas/ResourceStatus' + description: VmwareBundleConfig represents configuration for the bundle. + type: object + ValidationCheckResult: + description: ValidationCheckResult defines the details about the validation check. + type: object + id: ValidationCheckResult + properties: + reason: + type: string + description: A human-readable message of the check failure. + description: + description: The description of the validation check. + type: string + details: + type: string + description: Detailed failure information, which might be unformatted. + state: + type: string + enum: + - STATE_UNKNOWN + - STATE_FAILURE + - STATE_SKIPPED + - STATE_FATAL + - STATE_WARNING + enumDescriptions: + - The default value. The check result is unknown. + - The check failed. + - The check was skipped. + - The check itself failed to complete. + - The check encountered a warning. + description: The validation check state. + category: type: string - bundles: - description: Output only. The list of bundles installed in the admin cluster. - readOnly: true + description: The category of the validation. + VmwareHostConfig: + properties: + dnsServers: + items: + type: string + description: DNS servers. type: array + ntpServers: + description: NTP servers. items: - $ref: '#/components/schemas/VmwareBundleConfig' - status: - description: Output only. Resource status for the platform. - readOnly: true - $ref: '#/components/schemas/ResourceStatus' - VmwareBundleConfig: - id: VmwareBundleConfig - description: VmwareBundleConfig represents configuration for the bundle. + type: string + type: array + dnsSearchDomains: + description: DNS search domains. + type: array + items: + type: string + description: >- + Represents the common parameters for all the hosts irrespective of their + IP address. type: object + id: VmwareHostConfig + Metric: + id: Metric + description: Progress metric is (string, int|float|string) pair. properties: - version: - description: The version of the bundle. + intValue: + description: For metrics with integer value. type: string - status: - description: Output only. Resource status for the bundle. - readOnly: true - $ref: '#/components/schemas/ResourceStatus' - VmwareAdminPreparedSecretsConfig: - id: VmwareAdminPreparedSecretsConfig - description: >- - VmwareAdminPreparedSecretsConfig represents configuration for admin - cluster prepared secrets. + format: int64 + doubleValue: + format: double + type: number + description: For metrics with floating point value. + stringValue: + type: string + description: For metrics with custom values (ratios, visual progress, etc.). + metric: + type: string + enumDescriptions: + - Not set. + - The total number of nodes being actuated. + - The number of nodes draining. + - The number of nodes actively upgrading. + - The number of nodes to be upgraded. + - The number of nodes upgraded. + - The number of nodes to fail actuation. + - The number of nodes healthy. + - The number of nodes reconciling. + - The number of nodes in maintenance mode. + - The number of completed preflight checks. + - The number of preflight checks running. + - The number of preflight checks failed. + - The total number of preflight checks. + description: Required. The metric name. + enum: + - METRIC_ID_UNSPECIFIED + - NODES_TOTAL + - NODES_DRAINING + - NODES_UPGRADING + - NODES_PENDING_UPGRADE + - NODES_UPGRADED + - NODES_FAILED + - NODES_HEALTHY + - NODES_RECONCILING + - NODES_IN_MAINTENANCE + - PREFLIGHTS_COMPLETED + - PREFLIGHTS_RUNNING + - PREFLIGHTS_FAILED + - PREFLIGHTS_TOTAL + type: object + BareMetalSrIovConfig: type: object + description: Specifies the SR-IOV networking operator config. + id: BareMetalSrIovConfig properties: enabled: - description: Whether prepared secrets is enabled. type: boolean - VmwareAdminAuthorizationConfig: - id: VmwareAdminAuthorizationConfig - description: >- - VmwareAdminAuthorizationConfig represents configuration for admin - cluster authorization. - type: object + description: Whether to install the SR-IOV operator. + BareMetalNodeConfig: + id: BareMetalNodeConfig properties: - viewerUsers: + labels: + type: object description: >- - For VMware admin clusters, users will be granted the cluster-viewer - role on the cluster. - type: array - items: - $ref: '#/components/schemas/ClusterUser' - VmwareAdminPrivateRegistryConfig: - id: VmwareAdminPrivateRegistryConfig - description: >- - VmwareAdminPrivateRegistryConfig represents configuration for admin - cluster registry. - type: object - properties: - address: - description: The registry address. + The labels assigned to this node. An object containing a list of + key/value pairs. The labels here, unioned with the labels set on + BareMetalNodePoolConfig are the set of labels that will be applied + to the node. If there are any conflicts, the BareMetalNodeConfig + labels take precedence. Example: { "name": "wrench", "mass": + "1.3kg", "count": "3" }. + additionalProperties: + type: string + nodeIp: type: string - caCert: description: >- - When the container runtime pulls an image from private registry, the - registry must prove its identity by presenting a certificate. The - registry's certificate is signed by a certificate authority (CA). - The container runtime uses the CA's certificate to validate the - registry's certificate. - type: string - ListVmwareAdminClustersResponse: - id: ListVmwareAdminClustersResponse - description: Response message for listing VMware admin clusters. + The default IPv4 address for SSH access and Kubernetes node. + Example: 192.168.0.1 + type: object + description: BareMetalNodeConfig lists machine addresses to access Nodes. + BareMetalBgpPeerConfig: + id: BareMetalBgpPeerConfig type: object properties: - vmwareAdminClusters: - description: The list of VMware admin cluster. - type: array - items: - $ref: '#/components/schemas/VmwareAdminCluster' - nextPageToken: - description: >- - A token identifying a page of results the server should return. If - the token is not empty this means that more results are available - and should be retrieved by repeating the request with the provided - page token. + ipAddress: type: string - unreachable: - description: Locations that could not be reached. - type: array + description: Required. The IP address of the external peer device. + controlPlaneNodes: items: type: string - EnrollVmwareAdminClusterRequest: - id: EnrollVmwareAdminClusterRequest + type: array + description: >- + The IP address of the control plane node that connects to the + external peer. If you don't specify any control plane nodes, all + control plane nodes can connect to the external peer. If you specify + one or more IP addresses, only the nodes specified participate in + peering sessions. + asn: + type: string + format: int64 + description: >- + Required. BGP autonomous system number (ASN) for the network that + contains the external peer device. description: >- - Message for enrolling an existing VMware admin cluster to the GKE - on-prem API. - type: object + BareMetalBgpPeerConfig represents configuration parameters for a Border + Gateway Protocol (BGP) peer. + EnrollVmwareClusterRequest: properties: - vmwareAdminClusterId: + validateOnly: + description: Validate the request without actually doing any updates. + type: boolean + adminClusterMembership: + description: >- + Required. The admin cluster this VMware user cluster belongs to. + This is the full resource name of the admin cluster's fleet + membership. In the future, references to other resource types might + be allowed if admin clusters are modeled as their own resources. + type: string + localName: + description: >- + Optional. The object name of the VMware OnPremUserCluster custom + resource on the associated admin cluster. This field is used to + support conflicting resource names when enrolling existing clusters + to the API. When not provided, this field will resolve to the + vmware_cluster_id. Otherwise, it must match the object name of the + VMware OnPremUserCluster custom resource. It is not modifiable + outside / beyond the enrollment operation. + type: string + vmwareClusterId: description: >- User provided OnePlatform identifier that is used as part of the resource name. This must be unique among all GKE on-prem clusters within a project and location and will return a 409 if the cluster already exists. (https://tools.ietf.org/html/rfc1123) format. type: string - membership: - description: >- - Required. This is the full resource name of this admin cluster's - fleet membership. - type: string - QueryVmwareVersionConfigResponse: - id: QueryVmwareVersionConfigResponse - description: Response message for querying VMware user cluster version config. + id: EnrollVmwareClusterRequest + description: >- + Message for enrolling an existing VMware cluster to the Anthos On-Prem + API. type: object - properties: - versions: - description: List of available versions to install or to upgrade to. - type: array - items: - $ref: '#/components/schemas/VmwareVersionInfo' - VmwareVersionInfo: - id: VmwareVersionInfo - description: Contains information about a specific Anthos on VMware version. + TestIamPermissionsResponse: type: object properties: - version: - description: Version number e.g. 1.13.1-gke.1000. - type: string - hasDependencies: - description: >- - If set, the cluster dependencies (e.g. the admin cluster, other user - clusters managed by the same admin cluster) must be upgraded before - this version can be installed or upgraded to. - type: boolean - isInstalled: - description: >- - If set, the version is installed in the admin cluster. Otherwise, - the version bundle must be downloaded and installed before a user - cluster can be created at or upgraded to this version. - type: boolean - dependencies: - description: The list of upgrade dependencies for this version. + permissions: type: array items: - $ref: '#/components/schemas/UpgradeDependency' - BareMetalAdminCluster: - id: BareMetalAdminCluster - description: Resource that represents a bare metal admin cluster. - type: object + type: string + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + description: Response message for `TestIamPermissions` method. + id: TestIamPermissionsResponse + UpgradeDependency: + id: UpgradeDependency properties: - name: - description: Immutable. The bare metal admin cluster resource name. - type: string - description: - description: A human readable description of this bare metal admin cluster. + targetVersion: + description: >- + Target version of the dependency e.g. 1.16.1. This is the version + the dependency needs to be upgraded to before a resource can be + upgraded. type: string - uid: - description: Output only. The unique identifier of the bare metal admin cluster. - readOnly: true + currentVersion: + description: Current version of the dependency e.g. 1.15.0. type: string - bareMetalVersion: + membership: description: >- - The Anthos clusters on bare metal version for the bare metal admin - cluster. + Membership names are formatted as + `projects//locations//memberships/`. + type: string + resourceName: + description: Resource name of the dependency. + type: string + type: object + description: UpgradeDependency represents a dependency when upgrading a resource. + VmwareAdminCluster: + type: object + id: VmwareAdminCluster + properties: + uid: + description: Output only. The unique identifier of the VMware admin cluster. type: string - state: - description: Output only. The current state of the bare metal admin cluster. readOnly: true + state: + description: Output only. The current state of VMware admin cluster. + enum: + - STATE_UNSPECIFIED + - PROVISIONING + - RUNNING + - RECONCILING + - STOPPING + - ERROR + - DEGRADED type: string + readOnly: true enumDescriptions: - Not set. - The PROVISIONING state indicates the cluster is being created. @@ -3010,50 +3081,34 @@ components: - >- The DEGRADED state indicates the cluster requires user action to restore full functionality. - enum: - - STATE_UNSPECIFIED - - PROVISIONING - - RUNNING - - RECONCILING - - STOPPING - - ERROR - - DEGRADED - endpoint: - description: >- - Output only. The IP address name of bare metal admin cluster's API - server. - readOnly: true - type: string - reconciling: - description: >- - Output only. If set, there are currently changes in flight to the - bare metal Admin Cluster. - readOnly: true - type: boolean - createTime: + authorization: + description: The VMware admin cluster authorization configuration. + $ref: '#/components/schemas/VmwareAdminAuthorizationConfig' + etag: description: >- - Output only. The time at which this bare metal admin cluster was - created. - readOnly: true + This checksum is computed by the server based on the value of other + fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. Allows clients to + perform consistent read-modify-writes through optimistic concurrency + control. type: string - format: google-datetime updateTime: description: >- - Output only. The time at which this bare metal admin cluster was - last updated. + Output only. The time at which VMware admin cluster was last + updated. readOnly: true - type: string format: google-datetime - deleteTime: - description: >- - Output only. The time at which this bare metal admin cluster was - deleted. If the resource is not deleted, this must be empty - readOnly: true type: string - format: google-datetime + proxy: + $ref: '#/components/schemas/VmwareAdminProxy' + description: Configuration for proxy. + imageType: + description: The OS image type for the VMware admin cluster. + type: string localName: + readOnly: true description: >- - Output only. The object name of the bare metal cluster custom + Output only. The object name of the VMware OnPremAdminCluster custom resource. This field is used to support conflicting names when enrolling existing clusters to the API. When used as a part of cluster enrollment, this field will differ from the ID in the @@ -3062,593 +3117,716 @@ components: resource name. It is not modifiable. All users should use this name to access their cluster using gkectl or kubectl and should expect to see the local name when viewing admin cluster controller logs. - readOnly: true type: string - etag: - description: >- - This checksum is computed by the server based on the value of other - fields, and may be sent on update and delete requests to ensure the - client has an up-to-date value before proceeding. Allows clients to - perform consistent read-modify-writes through optimistic concurrency - control. + loadBalancer: + $ref: '#/components/schemas/VmwareAdminLoadBalancerConfig' + description: The VMware admin cluster load balancer configuration. + endpoint: + type: string + description: Output only. The DNS name of VMware admin cluster's API server. + readOnly: true + bootstrapClusterMembership: + description: The bootstrap cluster this VMware admin cluster belongs to. type: string annotations: + type: object description: >- - Annotations on the bare metal admin cluster. This field has the same + Annotations on the VMware admin cluster. This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between. - type: object additionalProperties: type: string + onPremVersion: + description: The Anthos clusters on the VMware version for the admin cluster. + type: string + autoRepairConfig: + $ref: '#/components/schemas/VmwareAutoRepairConfig' + description: The VMware admin cluster auto repair configuration. + vcenter: + description: The VMware admin cluster VCenter configuration. + $ref: '#/components/schemas/VmwareAdminVCenterConfig' + status: + $ref: '#/components/schemas/ResourceStatus' + readOnly: true + description: Output only. ResourceStatus representing detailed cluster state. + name: + type: string + description: Immutable. The VMware admin cluster resource name. networkConfig: - description: Network configuration. - $ref: '#/components/schemas/BareMetalAdminNetworkConfig' - controlPlane: - description: Control plane configuration. - $ref: '#/components/schemas/BareMetalAdminControlPlaneConfig' - loadBalancer: - description: Load balancer configuration. - $ref: '#/components/schemas/BareMetalAdminLoadBalancerConfig' - storage: - description: Storage configuration. - $ref: '#/components/schemas/BareMetalAdminStorageConfig' + description: The VMware admin cluster network configuration. + $ref: '#/components/schemas/VmwareAdminNetworkConfig' + controlPlaneNode: + description: The VMware admin cluster control plane node configuration. + $ref: '#/components/schemas/VmwareAdminControlPlaneNodeConfig' + createTime: + readOnly: true + description: Output only. The time at which VMware admin cluster was created. + format: google-datetime + type: string + addonNode: + $ref: '#/components/schemas/VmwareAdminAddonNodeConfig' + description: The VMware admin cluster addon node configuration. + platformConfig: + description: The VMware platform configuration. + $ref: '#/components/schemas/VmwarePlatformConfig' + privateRegistryConfig: + $ref: '#/components/schemas/VmwareAdminPrivateRegistryConfig' + description: Configuration for registry. + description: + type: string + description: A human readable description of this VMware admin cluster. + reconciling: + description: >- + Output only. If set, there are currently changes in flight to the + VMware admin cluster. + readOnly: true + type: boolean + antiAffinityGroups: + description: The VMware admin cluster anti affinity group configuration. + $ref: '#/components/schemas/VmwareAAGConfig' fleet: - description: Output only. Fleet configuration for the cluster. readOnly: true $ref: '#/components/schemas/Fleet' - clusterOperations: - description: Cluster operations configuration. - $ref: '#/components/schemas/BareMetalAdminClusterOperationsConfig' - status: - description: Output only. ResourceStatus representing detailed cluster status. - readOnly: true - $ref: '#/components/schemas/ResourceStatus' - maintenanceConfig: - description: Maintenance configuration. - $ref: '#/components/schemas/BareMetalAdminMaintenanceConfig' - maintenanceStatus: - description: Output only. MaintenanceStatus representing state of maintenance. + description: Output only. Fleet configuration for the cluster. + preparedSecrets: readOnly: true - $ref: '#/components/schemas/BareMetalAdminMaintenanceStatus' - validationCheck: description: >- - Output only. ValidationCheck representing the result of the - preflight check. - readOnly: true + Output only. The VMware admin cluster prepared secrets + configuration. It should always be enabled by the Central API, + instead of letting users set it. + $ref: '#/components/schemas/VmwareAdminPreparedSecretsConfig' + enableAdvancedCluster: + type: boolean + description: Enable advanced cluster. + validationCheck: $ref: '#/components/schemas/ValidationCheck' - nodeConfig: - description: Workload node configuration. - $ref: '#/components/schemas/BareMetalAdminWorkloadNodeConfig' - proxy: - description: Proxy configuration. - $ref: '#/components/schemas/BareMetalAdminProxyConfig' - securityConfig: - description: Security related configuration. - $ref: '#/components/schemas/BareMetalAdminSecurityConfig' - nodeAccessConfig: - description: Node access related configurations. - $ref: '#/components/schemas/BareMetalAdminNodeAccessConfig' - osEnvironmentConfig: - description: OS environment related configurations. - $ref: '#/components/schemas/BareMetalAdminOsEnvironmentConfig' - binaryAuthorization: - description: Binary Authorization related configurations. - $ref: '#/components/schemas/BinaryAuthorization' - BareMetalAdminNetworkConfig: - id: BareMetalAdminNetworkConfig - description: BareMetalAdminNetworkConfig specifies the cluster network configuration. - type: object - properties: - islandModeCidr: - description: Configuration for Island mode CIDR. - $ref: '#/components/schemas/BareMetalAdminIslandModeCidrConfig' - BareMetalAdminIslandModeCidrConfig: - id: BareMetalAdminIslandModeCidrConfig - description: >- - BareMetalAdminIslandModeCidrConfig specifies the cluster CIDR - configuration while running in island mode. - type: object - properties: - serviceAddressCidrBlocks: + readOnly: true description: >- - Required. All services in the cluster are assigned an RFC1918 IPv4 - address from these ranges. This field cannot be changed after - creation. - type: array - items: - type: string - podAddressCidrBlocks: + Output only. ValidationCheck represents the result of the preflight + check job. + description: Resource that represents a VMware admin cluster. + BareMetalAdminNodeAccessConfig: + properties: + loginUser: description: >- - Required. All pods in the cluster are assigned an RFC1918 IPv4 - address from these ranges. This field cannot be changed after - creation. - type: array - items: - type: string - BareMetalAdminControlPlaneConfig: - id: BareMetalAdminControlPlaneConfig + Required. LoginUser is the user name used to access node machines. + It defaults to "root" if not set. + type: string + type: object description: >- - BareMetalAdminControlPlaneConfig specifies the control plane - configuration. + Specifies the node access related settings for the bare metal admin + cluster. + id: BareMetalAdminNodeAccessConfig + VmwareAdminControlPlaneNodeConfig: + id: VmwareAdminControlPlaneNodeConfig type: object + description: >- + VmwareAdminControlPlaneNodeConfig contains control plane node + configuration for VMware admin cluster. properties: - controlPlaneNodePoolConfig: + replicas: + type: string description: >- - Required. Configures the node pool running the control plane. If - specified the corresponding NodePool will be created for the - cluster's control plane. The NodePool will have the same name and - namespace as the cluster. - $ref: '#/components/schemas/BareMetalAdminControlPlaneNodePoolConfig' - apiServerArgs: + The number of control plane nodes for this VMware admin cluster. + (default: 1 replica). + format: int64 + cpus: + format: int64 + type: string + description: The number of vCPUs for the control-plane node of the admin cluster. + memory: + format: int64 + type: string description: >- - Customizes the default API server args. Only a subset of customized - flags are supported. Please refer to the API server documentation - below to know the exact format: - https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/ - type: array - items: - $ref: '#/components/schemas/BareMetalAdminApiServerArgument' - BareMetalAdminControlPlaneNodePoolConfig: - id: BareMetalAdminControlPlaneNodePoolConfig - description: >- - BareMetalAdminControlPlaneNodePoolConfig specifies the control plane - node pool configuration. We have a control plane specific node pool - config so that we can flexible about supporting control plane specific - fields in the future. - type: object + The number of mebibytes of memory for the control-plane node of the + admin cluster. + BareMetalNodePool: + description: Resource that represents a bare metal node pool. properties: - nodePoolConfig: + annotations: + type: object description: >- - Required. The generic configuration for a node pool running the - control plane. - $ref: '#/components/schemas/BareMetalNodePoolConfig' - BareMetalAdminApiServerArgument: - id: BareMetalAdminApiServerArgument - description: >- - BareMetalAdminApiServerArgument represents an arg name->value pair. Only - a subset of customized flags are supported. Please refer to the API - server documentation below to know the exact format: - https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/ - type: object - properties: - argument: + Annotations on the bare metal node pool. This field has the same + restrictions as Kubernetes annotations. The total size of all keys + and values combined is limited to 256k. Key can have 2 segments: + prefix (optional) and name (required), separated by a slash (/). + Prefix must be a DNS subdomain. Name must be 63 characters or less, + begin and end with alphanumerics, with dashes (-), underscores (_), + dots (.), and alphanumerics between. + additionalProperties: + type: string + reconciling: description: >- - Required. The argument name as it appears on the API Server command - line please make sure to remove the leading dashes. + Output only. If set, there are currently changes in flight to the + bare metal node pool. + readOnly: true + type: boolean + uid: + readOnly: true type: string - value: - description: >- - Required. The value of the arg as it will be passed to the API - Server command line. + description: Output only. The unique identifier of the bare metal node pool. + upgradePolicy: + description: The worker node pool upgrade policy. + $ref: '#/components/schemas/BareMetalNodePoolUpgradePolicy' + name: type: string - BareMetalAdminLoadBalancerConfig: - id: BareMetalAdminLoadBalancerConfig - description: >- - BareMetalAdminLoadBalancerConfig specifies the load balancer - configuration. - type: object - properties: - vipConfig: - description: The VIPs used by the load balancer. - $ref: '#/components/schemas/BareMetalAdminVipConfig' - portConfig: - description: Configures the ports that the load balancer will listen on. - $ref: '#/components/schemas/BareMetalAdminPortConfig' - manualLbConfig: - description: Manually configured load balancers. - $ref: '#/components/schemas/BareMetalAdminManualLbConfig' - BareMetalAdminVipConfig: - id: BareMetalAdminVipConfig - description: BareMetalAdminVipConfig for bare metal load balancer configurations. - type: object - properties: - controlPlaneVip: + description: Immutable. The bare metal node pool resource name. + createTime: + type: string + readOnly: true description: >- - The VIP which you previously set aside for the Kubernetes API of - this bare metal admin cluster. + Output only. The time at which this bare metal node pool was + created. + format: google-datetime + updateTime: type: string - BareMetalAdminPortConfig: - id: BareMetalAdminPortConfig - description: BareMetalAdminPortConfig is the specification of load balancer ports. - type: object - properties: - controlPlaneLoadBalancerPort: - description: The port that control plane hosted load balancers will listen on. - type: integer - format: int32 - BareMetalAdminManualLbConfig: - id: BareMetalAdminManualLbConfig - description: >- - BareMetalAdminManualLbConfig represents configuration parameters for a - manual load balancer. - type: object - properties: - enabled: - description: Whether manual load balancing is enabled. - type: boolean - BareMetalAdminStorageConfig: - id: BareMetalAdminStorageConfig - description: BareMetalAdminStorageConfig specifies the cluster storage configuration. - type: object - properties: - lvpShareConfig: + format: google-datetime description: >- - Required. Specifies the config for local PersistentVolumes backed by - subdirectories in a shared filesystem. These subdirectores are - automatically created during cluster creation. - $ref: '#/components/schemas/BareMetalLvpShareConfig' - lvpNodeMountsConfig: + Output only. The time at which this bare metal node pool was last + updated. + readOnly: true + deleteTime: + type: string + format: google-datetime + readOnly: true description: >- - Required. Specifies the config for local PersistentVolumes backed by - mounted node disks. These disks need to be formatted and mounted by - the user, which can be done before or after cluster creation. - $ref: '#/components/schemas/BareMetalLvpConfig' - BareMetalAdminClusterOperationsConfig: - id: BareMetalAdminClusterOperationsConfig - description: >- - BareMetalAdminClusterOperationsConfig specifies the admin cluster's - observability infrastructure. - type: object - properties: - enableApplicationLogs: + Output only. The time at which this bare metal node pool was + deleted. If the resource is not deleted, this must be empty + state: + readOnly: true + description: Output only. The current state of the bare metal node pool. + enumDescriptions: + - Not set. + - >- + The PROVISIONING state indicates the bare metal node pool is being + created. + - >- + The RUNNING state indicates the bare metal node pool has been + created and is fully usable. + - >- + The RECONCILING state indicates that the bare metal node pool is + being updated. It remains available, but potentially with degraded + performance. + - >- + The STOPPING state indicates the bare metal node pool is being + deleted. + - >- + The ERROR state indicates the bare metal node pool is in a broken + unrecoverable state. + - >- + The DEGRADED state indicates the bare metal node pool requires + user action to restore full functionality. + type: string + enum: + - STATE_UNSPECIFIED + - PROVISIONING + - RUNNING + - RECONCILING + - STOPPING + - ERROR + - DEGRADED + status: + $ref: '#/components/schemas/ResourceStatus' description: >- - Whether collection of application logs/metrics should be enabled (in - addition to system logs/metrics). - type: boolean - BareMetalAdminMaintenanceConfig: - id: BareMetalAdminMaintenanceConfig - description: >- - BareMetalAdminMaintenanceConfig specifies configurations to put bare - metal Admin cluster CRs nodes in and out of maintenance. - type: object - properties: - maintenanceAddressCidrBlocks: + Output only. ResourceStatus representing the detailed node pool + status. + readOnly: true + etag: + type: string description: >- - Required. All IPv4 address from these ranges will be placed into - maintenance mode. Nodes in maintenance mode will be cordoned and - drained. When both of these are true, the - "baremetal.cluster.gke.io/maintenance" annotation will be set on the - node resource. - type: array - items: - type: string - BareMetalAdminMaintenanceStatus: - id: BareMetalAdminMaintenanceStatus - description: >- - BareMetalAdminMaintenanceStatus represents the maintenance status for - bare metal Admin cluster CR's nodes. + This checksum is computed by the server based on the value of other + fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. Allows clients to + perform consistent read-modify-writes through optimistic concurrency + control. + displayName: + description: The display name for the bare metal node pool. + type: string + nodePoolConfig: + description: Required. Node pool configuration. + $ref: '#/components/schemas/BareMetalNodePoolConfig' + id: BareMetalNodePool type: object + VmwareDhcpIpConfig: properties: - machineDrainStatus: + enabled: description: >- - Represents the status of draining and drained machine nodes. This is - used to show the progress of cluster upgrade. - $ref: '#/components/schemas/BareMetalAdminMachineDrainStatus' - BareMetalAdminMachineDrainStatus: - id: BareMetalAdminMachineDrainStatus - description: >- - BareMetalAdminMachineDrainStatus represents the status of bare metal - node machines that are undergoing drain operations. + enabled is a flag to mark if DHCP IP allocation is used for VMware + user clusters. + type: boolean type: object - properties: - drainingMachines: - description: The list of draning machines. - type: array - items: - $ref: '#/components/schemas/BareMetalAdminDrainingMachine' - drainedMachines: - description: The list of drained machines. - type: array - items: - $ref: '#/components/schemas/BareMetalAdminDrainedMachine' - BareMetalAdminDrainingMachine: - id: BareMetalAdminDrainingMachine description: >- - BareMetalAdminDrainingMachine represents the machines that are currently - draining. + Represents the network configuration required for the VMware user + clusters with DHCP IP configurations. + id: VmwareDhcpIpConfig + BareMetalControlPlaneNodePoolConfig: + description: Specifies the control plane node pool configuration. type: object + id: BareMetalControlPlaneNodePoolConfig properties: - nodeIp: - description: Draining machine IP address. - type: string - podCount: - description: The count of pods yet to drain. - type: integer - format: int32 - BareMetalAdminDrainedMachine: - id: BareMetalAdminDrainedMachine - description: BareMetalAdminDrainedMachine represents the machines that are drained. + nodePoolConfig: + $ref: '#/components/schemas/BareMetalNodePoolConfig' + description: >- + Required. The generic configuration for a node pool running the + control plane. + VmwareControlPlaneNodeConfig: type: object + description: Specifies control plane node config for the VMware user cluster. + id: VmwareControlPlaneNodeConfig properties: - nodeIp: - description: Drained machine IP address. + cpus: type: string - BareMetalAdminWorkloadNodeConfig: - id: BareMetalAdminWorkloadNodeConfig - description: >- - BareMetalAdminWorkloadNodeConfig specifies the workload node - configurations. - type: object - properties: - maxPodsPerNode: description: >- - The maximum number of pods a node can run. The size of the CIDR - range assigned to the node will be derived from this parameter. By - default 110 Pods are created per Node. Upper bound is 250 for both - HA and non-HA admin cluster. Lower bound is 64 for non-HA admin - cluster and 32 for HA admin cluster. - type: string + The number of CPUs for each admin cluster node that serve as control + planes for this VMware user cluster. (default: 4 CPUs) format: int64 - BareMetalAdminProxyConfig: - id: BareMetalAdminProxyConfig - description: BareMetalAdminProxyConfig specifies the cluster proxy configuration. - type: object - properties: - uri: + autoResizeConfig: + description: AutoResizeConfig provides auto resizing configurations. + $ref: '#/components/schemas/VmwareAutoResizeConfig' + replicas: + format: int64 + type: string description: >- - Required. Specifies the address of your proxy server. Examples: - `http://domain` WARNING: Do not provide credentials in the format - `http://(username:password@)domain` these will be rejected by the - server. + The number of control plane nodes for this VMware user cluster. + (default: 1 replica). + memory: + format: int64 type: string - noProxy: description: >- - A list of IPs, hostnames, and domains that should skip the proxy. - Examples: ["127.0.0.1", "example.com", ".corp", "localhost"]. + The megabytes of memory for each admin cluster node that serves as a + control plane for this VMware user cluster (default: 8192 MB + memory). + vsphereConfig: + $ref: '#/components/schemas/VmwareControlPlaneVsphereConfig' + description: Vsphere-specific config. + BareMetalNodePoolUpgradePolicy: + id: BareMetalNodePoolUpgradePolicy + type: object + description: BareMetalNodePoolUpgradePolicy defines the node pool upgrade policy. + properties: + parallelUpgradeConfig: + description: The parallel upgrade settings for worker node pools. + $ref: '#/components/schemas/BareMetalParallelUpgradeConfig' + QueryBareMetalVersionConfigResponse: + id: QueryBareMetalVersionConfigResponse + description: Response message for querying bare metal admin cluster version config. + type: object + properties: + versions: type: array items: - type: string - BareMetalAdminSecurityConfig: - id: BareMetalAdminSecurityConfig + $ref: '#/components/schemas/BareMetalVersionInfo' + description: List of available versions to install or to upgrade to. + VmwareAdminAddonNodeConfig: description: >- - Specifies the security related settings for the bare metal admin - cluster. - type: object + VmwareAdminAddonNodeConfig contains add-on node configurations for + VMware admin cluster. properties: - authorization: - description: Configures user access to the admin cluster. - $ref: '#/components/schemas/Authorization' - BareMetalAdminNodeAccessConfig: - id: BareMetalAdminNodeAccessConfig - description: >- - Specifies the node access related settings for the bare metal admin - cluster. + autoResizeConfig: + description: VmwareAutoResizeConfig config specifies auto resize config. + $ref: '#/components/schemas/VmwareAutoResizeConfig' type: object - properties: - loginUser: - description: >- - Required. LoginUser is the user name used to access node machines. - It defaults to "root" if not set. - type: string - BareMetalAdminOsEnvironmentConfig: - id: BareMetalAdminOsEnvironmentConfig - description: Specifies operating system operation settings for cluster provisioning. + id: VmwareAdminAddonNodeConfig + Policy: type: object + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + id: Policy properties: - packageRepoExcluded: + version: + type: integer + format: int32 description: >- - Whether the package repo should be added when initializing bare - metal machines. - type: boolean - ListBareMetalAdminClustersResponse: - id: ListBareMetalAdminClustersResponse - description: Response message for listing bare metal admin clusters. - type: object - properties: - bareMetalAdminClusters: - description: The list of bare metal admin cluster. - type: array - items: - $ref: '#/components/schemas/BareMetalAdminCluster' - nextPageToken: + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + etag: description: >- - A token identifying a page of results the server should return. If - the token is not empty this means that more results are available - and should be retrieved by repeating the request with the provided - page token. + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. type: string - unreachable: - description: Locations that could not be reached. - type: array + format: byte + bindings: + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. items: - type: string - EnrollBareMetalAdminClusterRequest: - id: EnrollBareMetalAdminClusterRequest - description: >- - Message for enrolling an existing bare metal admin cluster to the GKE - on-prem API. - type: object + $ref: '#/components/schemas/Binding' + type: array + VmwareAdminF5BigIpConfig: properties: - bareMetalAdminClusterId: - description: >- - User provided OnePlatform identifier that is used as part of the - resource name. This must be unique among all GKE on-prem clusters - within a project and location and will return a 409 if the cluster - already exists. (https://tools.ietf.org/html/rfc1123) format. + snatPool: + description: The pool name. Only necessary, if using SNAT. + type: string + partition: type: string - membership: description: >- - Required. This is the full resource name of this admin cluster's - fleet membership. + The preexisting partition to be used by the load balancer. This + partition is usually created for the admin cluster for example: + 'my-f5-admin-partition'. + address: + description: The load balancer's IP address. type: string - QueryBareMetalAdminVersionConfigResponse: - id: QueryBareMetalAdminVersionConfigResponse - description: Response message for querying bare metal admin cluster version config. + id: VmwareAdminF5BigIpConfig type: object - properties: - versions: - description: List of available versions to install or to upgrade to. - type: array - items: - $ref: '#/components/schemas/BareMetalVersionInfo' - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. + description: >- + VmwareAdminF5BigIpConfig represents configuration parameters for an F5 + BIG-IP load balancer. + ListBareMetalNodePoolsResponse: + description: Response message for listing bare metal node pools. type: object + id: ListBareMetalNodePoolsResponse properties: - locations: + nextPageToken: + type: string description: >- - A list of locations that matches the specified filter in the - request. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + unreachable: + items: + type: string + description: Locations that could not be reached. + type: array + bareMetalNodePools: type: array + description: The node pools from the specified parent resource. items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object + $ref: '#/components/schemas/BareMetalNodePool' + BareMetalAdminCluster: properties: - name: + createTime: description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + Output only. The time at which this bare metal admin cluster was + created. + format: google-datetime type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + readOnly: true + loadBalancer: + $ref: '#/components/schemas/BareMetalAdminLoadBalancerConfig' + description: Load balancer configuration. + name: + description: Immutable. The bare metal admin cluster resource name. type: string - displayName: + status: + readOnly: true + description: Output only. ResourceStatus representing detailed cluster status. + $ref: '#/components/schemas/ResourceStatus' + validationCheck: + readOnly: true + $ref: '#/components/schemas/ValidationCheck' description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + Output only. ValidationCheck representing the result of the + preflight check. + etag: type: string - labels: description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object + This checksum is computed by the server based on the value of other + fields, and may be sent on update and delete requests to ensure the + client has an up-to-date value before proceeding. Allows clients to + perform consistent read-modify-writes through optimistic concurrency + control. + nodeAccessConfig: + description: Node access related configurations. + $ref: '#/components/schemas/BareMetalAdminNodeAccessConfig' + fleet: + description: Output only. Fleet configuration for the cluster. + readOnly: true + $ref: '#/components/schemas/Fleet' + state: + readOnly: true + description: Output only. The current state of the bare metal admin cluster. + enumDescriptions: + - Not set. + - The PROVISIONING state indicates the cluster is being created. + - >- + The RUNNING state indicates the cluster has been created and is + fully usable. + - >- + The RECONCILING state indicates that the cluster is being updated. + It remains available, but potentially with degraded performance. + - The STOPPING state indicates the cluster is being deleted. + - >- + The ERROR state indicates the cluster is in a broken unrecoverable + state. + - >- + The DEGRADED state indicates the cluster requires user action to + restore full functionality. + type: string + enum: + - STATE_UNSPECIFIED + - PROVISIONING + - RUNNING + - RECONCILING + - STOPPING + - ERROR + - DEGRADED + controlPlane: + $ref: '#/components/schemas/BareMetalAdminControlPlaneConfig' + description: Control plane configuration. + annotations: additionalProperties: type: string - metadata: description: >- - Service-specific metadata. For example the available capacity at the - given location. + Annotations on the bare metal admin cluster. This field has the same + restrictions as Kubernetes annotations. The total size of all keys + and values combined is limited to 256k. Key can have 2 segments: + prefix (optional) and name (required), separated by a slash (/). + Prefix must be a DNS subdomain. Name must be 63 characters or less, + begin and end with alphanumerics, with dashes (-), underscores (_), + dots (.), and alphanumerics between. type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. + deleteTime: + format: google-datetime + type: string + description: >- + Output only. The time at which this bare metal admin cluster was + deleted. If the resource is not deleted, this must be empty + readOnly: true + nodeConfig: + description: Workload node configuration. + $ref: '#/components/schemas/BareMetalAdminWorkloadNodeConfig' + endpoint: + description: >- + Output only. The IP address name of bare metal admin cluster's API + server. + type: string + readOnly: true + localName: + description: >- + Output only. The object name of the bare metal cluster custom + resource. This field is used to support conflicting names when + enrolling existing clusters to the API. When used as a part of + cluster enrollment, this field will differ from the ID in the + resource name. For new clusters, this field will match the user + provided cluster name and be visible in the last component of the + resource name. It is not modifiable. All users should use this name + to access their cluster using gkectl or kubectl and should expect to + see the local name when viewing admin cluster controller logs. + readOnly: true + type: string + binaryAuthorization: + $ref: '#/components/schemas/BinaryAuthorization' + description: Binary Authorization related configurations. + storage: + description: Storage configuration. + $ref: '#/components/schemas/BareMetalAdminStorageConfig' + proxy: + description: Proxy configuration. + $ref: '#/components/schemas/BareMetalAdminProxyConfig' + description: + type: string + description: A human readable description of this bare metal admin cluster. + uid: + type: string + readOnly: true + description: Output only. The unique identifier of the bare metal admin cluster. + maintenanceConfig: + description: Maintenance configuration. + $ref: '#/components/schemas/BareMetalAdminMaintenanceConfig' + updateTime: + description: >- + Output only. The time at which this bare metal admin cluster was + last updated. + format: google-datetime + type: string + readOnly: true + clusterOperations: + description: Cluster operations configuration. + $ref: '#/components/schemas/BareMetalAdminClusterOperationsConfig' + bareMetalVersion: + type: string + description: >- + The Anthos clusters on bare metal version for the bare metal admin + cluster. + securityConfig: + description: Security related configuration. + $ref: '#/components/schemas/BareMetalAdminSecurityConfig' + reconciling: + readOnly: true + description: >- + Output only. If set, there are currently changes in flight to the + bare metal Admin Cluster. + type: boolean + maintenanceStatus: + description: Output only. MaintenanceStatus representing state of maintenance. + readOnly: true + $ref: '#/components/schemas/BareMetalAdminMaintenanceStatus' + networkConfig: + description: Network configuration. + $ref: '#/components/schemas/BareMetalAdminNetworkConfig' + osEnvironmentConfig: + description: OS environment related configurations. + $ref: '#/components/schemas/BareMetalAdminOsEnvironmentConfig' + id: BareMetalAdminCluster + description: Resource that represents a bare metal admin cluster. type: object + ListBareMetalClustersResponse: + description: Response message for listing bare metal Clusters. + id: ListBareMetalClustersResponse properties: - policy: + bareMetalClusters: + type: array + items: + $ref: '#/components/schemas/BareMetalCluster' + description: The list of bare metal Clusters. + nextPageToken: description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - Policy: - id: Policy + A token identifying a page of results the server should return. If + the token is not empty this means that more results are available + and should be retrieved by repeating the request with the provided + page token. + type: string + unreachable: + type: array + items: + type: string + description: Locations that could not be reached. + type: object + BareMetalAdminSecurityConfig: + id: BareMetalAdminSecurityConfig description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + Specifies the security related settings for the bare metal admin + cluster. type: object properties: - version: + authorization: + description: Configures user access to the admin cluster. + $ref: '#/components/schemas/Authorization' + EnrollBareMetalAdminClusterRequest: + type: object + properties: + bareMetalAdminClusterId: + type: string description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + User provided OnePlatform identifier that is used as part of the + resource name. This must be unique among all GKE on-prem clusters + within a project and location and will return a 409 if the cluster + already exists. (https://tools.ietf.org/html/rfc1123) format. + membership: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array + Required. This is the full resource name of this admin cluster's + fleet membership. + type: string + id: EnrollBareMetalAdminClusterRequest + description: >- + Message for enrolling an existing bare metal admin cluster to the GKE + on-prem API. + BareMetalAdminControlPlaneConfig: + description: >- + BareMetalAdminControlPlaneConfig specifies the control plane + configuration. + properties: + controlPlaneNodePoolConfig: + $ref: '#/components/schemas/BareMetalAdminControlPlaneNodePoolConfig' + description: >- + Required. Configures the node pool running the control plane. If + specified the corresponding NodePool will be created for the + cluster's control plane. The NodePool will have the same name and + namespace as the cluster. + apiServerArgs: items: - $ref: '#/components/schemas/Binding' - etag: + $ref: '#/components/schemas/BareMetalAdminApiServerArgument' description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte + Customizes the default API server args. Only a subset of customized + flags are supported. Please refer to the API server documentation + below to know the exact format: + https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/ + type: array + type: object + id: BareMetalAdminControlPlaneConfig + VmwareAutoResizeConfig: + id: VmwareAutoResizeConfig + type: object + description: Represents auto resizing configurations for the VMware user cluster. + properties: + enabled: + description: Whether to enable controle plane node auto resizing. + type: boolean Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. type: object + id: Binding properties: - role: + condition: description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' members: + items: + type: string + type: array description: >- Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A @@ -3708,275 +3886,237 @@ components: `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - type: object - properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string - title: - description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. - type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: + role: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object + description: Associates `members`, or principals, with a `role`. + BareMetalAdminLoadBalancerAddressPool: + id: BareMetalAdminLoadBalancerAddressPool + description: Represents an IP pool used by the load balancer. properties: - permissions: + avoidBuggyIps: description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array + If true, avoid using IPs ending in .0 or .255. This avoids buggy + consumer devices mistakenly dropping IPv4 traffic for those special + IP addresses. + type: boolean + pool: + description: Required. The name of the address pool. + type: string + addresses: + description: >- + Required. The addresses that are part of this pool. Each address + must be either in the CIDR form (1.2.3.0/24) or range form + (1.2.3.1-1.2.3.5). items: type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. + type: array + manualAssign: + type: boolean + description: If true, prevent IP addresses from being automatically assigned. type: object + BareMetalMachineDrainStatus: + description: >- + Represents the status of node machines that are undergoing drain + operations. properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. + drainingMachines: + items: + $ref: '#/components/schemas/BareMetalDrainingMachine' + description: The list of draning machines. + type: array + drainedMachines: type: array + description: The list of drained machines. items: - type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. + $ref: '#/components/schemas/BareMetalDrainedMachine' type: object + id: BareMetalMachineDrainStatus + VmwarePlatformConfig: + id: VmwarePlatformConfig + description: VmwarePlatformConfig represents configuration for the VMware platform. properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + requiredPlatformVersion: + description: >- + Input only. The required platform version e.g. 1.13.1. If the + current platform version is lower than the target version, the + platform version will be updated to the target version. If the + target version is not installed in the platform (bundle versions), + download the target version bundle. type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. + bundles: + type: array + items: + $ref: '#/components/schemas/VmwareBundleConfig' + description: Output only. The list of bundles installed in the admin cluster. readOnly: true - type: string - format: google-datetime - target: - description: >- - Output only. Server-defined resource path for the target of the - operation. + platformVersion: + description: Output only. The platform version e.g. 1.13.2. readOnly: true type: string - verb: - description: Output only. Name of the verb executed by the operation. + status: + description: Output only. Resource status for the platform. + $ref: '#/components/schemas/ResourceStatus' readOnly: true + type: object + BinaryAuthorization: + id: BinaryAuthorization + description: Configuration for Binary Authorization. + properties: + evaluationMode: + enumDescriptions: + - Default value + - Disable BinaryAuthorization + - >- + Enforce Kubernetes admission requests with BinaryAuthorization + using the project's singleton policy. + description: >- + Mode of operation for binauthz policy evaluation. If unspecified, + defaults to DISABLED. + enum: + - EVALUATION_MODE_UNSPECIFIED + - DISABLED + - PROJECT_SINGLETON_POLICY_ENFORCE type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true + type: object + BareMetalApiServerArgument: + type: object + id: BareMetalApiServerArgument + properties: + argument: type: string - requestedCancellation: description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have [Operation.error] value with a [google.rpc.Status.code] of 1, - corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string - type: - description: Output only. Type of operation being executed. - readOnly: true + Required. The argument name as it appears on the API Server command + line, make sure to remove the leading dashes. + value: type: string - enumDescriptions: - - Not set. - - The resource is being created. - - The resource is being deleted. - - The resource is being updated. - - The resource is being upgraded. - - The platform is being upgraded. - enum: - - OPERATION_TYPE_UNSPECIFIED - - CREATE - - DELETE - - UPDATE - - UPGRADE - - PLATFORM_UPGRADE - progress: - description: Output only. Detailed progress information for the operation. - readOnly: true - $ref: '#/components/schemas/OperationProgress' - controlPlaneDisconnected: description: >- - Output only. Denotes if the local managing cluster's control plane - is currently disconnected. This is expected to occur temporarily - during self-managed cluster upgrades. - readOnly: true - type: boolean - OperationProgress: - id: OperationProgress - description: Information about operation progress. + Required. The value of the arg as it will be passed to the API + Server command line. + description: >- + Represents an arg name->value pair. Only a subset of customized flags + are supported. For the exact format, refer to the [API server + documentation](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/). + VmwareAdminAuthorizationConfig: type: object + id: VmwareAdminAuthorizationConfig properties: - stages: - description: The stages of the operation. - type: array + viewerUsers: items: - $ref: '#/components/schemas/OperationStage' - OperationStage: - id: OperationStage - description: Information about a particular stage of an operation. - type: object + $ref: '#/components/schemas/ClusterUser' + type: array + description: >- + For VMware admin clusters, users will be granted the cluster-viewer + role on the cluster. + description: >- + VmwareAdminAuthorizationConfig represents configuration for admin + cluster authorization. + BareMetalAdminDrainedMachine: properties: - stage: - description: The high-level stage of the operation. + nodeIp: type: string + description: Drained machine IP address. + type: object + description: BareMetalAdminDrainedMachine represents the machines that are drained. + id: BareMetalAdminDrainedMachine + ValidationCheck: + type: object + properties: + status: + readOnly: true + description: Output only. The detailed validation check status. + $ref: '#/components/schemas/ValidationCheckStatus' + option: enumDescriptions: - - Not set. - - Preflight checks are running. - - Resource is being configured. - - Resource is being deployed. - - Waiting for the resource to become healthy. - - Resource is being updated. - enum: - - STAGE_UNSPECIFIED - - PREFLIGHT_CHECK - - CONFIGURE - - DEPLOY - - HEALTH_CHECK - - UPDATE - metrics: - description: Progress metric bundle. - type: array - items: - $ref: '#/components/schemas/Metric' - startTime: - description: Time the stage started. - type: string - format: google-datetime - endTime: - description: Time the stage ended. + - Default value. Standard preflight validation check will be used. + - Prevent failed preflight checks from failing. + - Skip all preflight check validations. type: string - format: google-datetime - state: - description: Output only. State of the stage. + description: Options used for the validation check + enum: + - OPTIONS_UNSPECIFIED + - SKIP_VALIDATION_CHECK_BLOCKING + - SKIP_VALIDATION_ALL + scenario: readOnly: true - type: string enumDescriptions: - - Not set. - - The stage is pending. - - The stage is running - - The stage has completed successfully. - - The stage has failed. - enum: - - STATE_UNSPECIFIED - - PENDING - - RUNNING - - SUCCEEDED - - FAILED - Metric: - id: Metric - description: Progress metric is (string, int|float|string) pair. - type: object - properties: - metric: - description: Required. The metric name. + - Default value. This value is unused. + - The validation check occurred during a create flow. + - The validation check occurred during an update flow. + description: Output only. The scenario when the preflight checks were run. type: string - enumDescriptions: - - Not set. - - The total number of nodes being actuated. - - The number of nodes draining. - - The number of nodes actively upgrading. - - The number of nodes to be upgraded. - - The number of nodes upgraded. - - The number of nodes to fail actuation. - - The number of nodes healthy. - - The number of nodes reconciling. - - The number of nodes in maintenance mode. - - The number of completed preflight checks. - - The number of preflight checks running. - - The number of preflight checks failed. - - The total number of preflight checks. enum: - - METRIC_ID_UNSPECIFIED - - NODES_TOTAL - - NODES_DRAINING - - NODES_UPGRADING - - NODES_PENDING_UPGRADE - - NODES_UPGRADED - - NODES_FAILED - - NODES_HEALTHY - - NODES_RECONCILING - - NODES_IN_MAINTENANCE - - PREFLIGHTS_COMPLETED - - PREFLIGHTS_RUNNING - - PREFLIGHTS_FAILED - - PREFLIGHTS_TOTAL - intValue: - description: For metrics with integer value. + - SCENARIO_UNSPECIFIED + - CREATE + - UPDATE + id: ValidationCheck + description: ValidationCheck represents the result of preflight check. + VmwareDataplaneV2Config: + properties: + windowsDataplaneV2Enabled: + description: Enable Dataplane V2 for clusters with Windows nodes. + type: boolean + advancedNetworking: + description: >- + Enable advanced networking which requires dataplane_v2_enabled to be + set true. + type: boolean + forwardMode: + description: Configure ForwardMode for Dataplane v2. type: string - format: int64 - doubleValue: - description: For metrics with floating point value. - type: number - format: double - stringValue: - description: For metrics with custom values (ratios, visual progress, etc.). + dataplaneV2Enabled: + description: Enables Dataplane V2. + type: boolean + id: VmwareDataplaneV2Config + description: >- + Contains configurations for Dataplane V2, which is optimized dataplane + for Kubernetes networking. For more information, see: + https://cloud.google.com/kubernetes-engine/docs/concepts/dataplane-v2 + type: object + VmwareVsphereConfig: + id: VmwareVsphereConfig + description: >- + VmwareVsphereConfig represents configuration for the VMware VCenter for + node pool. + properties: + hostGroups: + type: array + items: + type: string + description: Vsphere host groups to apply to all VMs in the node pool + tags: + items: + $ref: '#/components/schemas/VmwareVsphereTag' + description: Tags to apply to VMs. + type: array + datastore: type: string + description: The name of the vCenter datastore. Inherited from the user cluster. + type: object + BareMetalAdminMaintenanceConfig: + properties: + maintenanceAddressCidrBlocks: + items: + type: string + description: >- + Required. All IPv4 address from these ranges will be placed into + maintenance mode. Nodes in maintenance mode will be cordoned and + drained. When both of these are true, the + "baremetal.cluster.gke.io/maintenance" annotation will be set on the + node resource. + type: array + id: BareMetalAdminMaintenanceConfig + type: object + description: >- + BareMetalAdminMaintenanceConfig specifies configurations to put bare + metal Admin cluster CRs nodes in and out of maintenance. parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string alt: description: Data format for response. in: query @@ -3987,25 +4127,16 @@ components: - json - media - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: fields + name: upload_protocol schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: key + name: uploadType schema: type: string oauth_token: @@ -4014,31 +4145,46 @@ components: name: oauth_token schema: type: string + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: + callback: + description: JSONP + in: query + name: callback + schema: + type: string + key: description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: quotaUser + name: key schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + access_token: + description: OAuth access token. in: query - name: upload_protocol + name: access_token schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: uploadType + name: fields schema: type: string _.xgafv: @@ -4056,19 +4202,19 @@ components: name: locations title: Locations methods: - projects_locations_list: + projects_locations_get: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.locations - projects_locations_get: + projects_locations_list: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.locations sqlVerbs: select: - $ref: >- @@ -4084,21 +4230,21 @@ components: name: operations title: Operations methods: - projects_locations_operations_list: + projects_locations_operations_cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_locations_operations_get: + projects_locations_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable projects_locations_operations_delete: operation: $ref: >- @@ -4106,131 +4252,131 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_operations_cancel: + projects_locations_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_clusters_operations_list: + projects_locations_vmware_clusters_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_locations_bare_metal_clusters_operations_get: + projects_locations_vmware_clusters_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_clusters_bare_metal_node_pools_operations_list: + objectKey: $.unreachable + projects_locations_vmware_clusters_vmware_node_pools_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_locations_bare_metal_clusters_bare_metal_node_pools_operations_get: + projects_locations_vmware_clusters_vmware_node_pools_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_clusters_operations_list: + objectKey: $.unreachable + projects_locations_bare_metal_admin_clusters_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters~1{bareMetalAdminClustersId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_locations_vmware_clusters_operations_get: + objectKey: $.unreachable + projects_locations_bare_metal_admin_clusters_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters~1{bareMetalAdminClustersId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_clusters_vmware_node_pools_operations_list: + projects_locations_vmware_admin_clusters_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters~1{vmwareAdminClustersId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_locations_vmware_clusters_vmware_node_pools_operations_get: + objectKey: $.unreachable + projects_locations_vmware_admin_clusters_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters~1{vmwareAdminClustersId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_admin_clusters_operations_list: + projects_locations_bare_metal_clusters_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters~1{vmwareAdminClustersId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_locations_vmware_admin_clusters_operations_get: + projects_locations_bare_metal_clusters_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters~1{vmwareAdminClustersId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_admin_clusters_operations_list: + objectKey: $.unreachable + projects_locations_bare_metal_clusters_bare_metal_node_pools_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters~1{bareMetalAdminClustersId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_locations_bare_metal_admin_clusters_operations_get: + objectKey: $.unreachable + projects_locations_bare_metal_clusters_bare_metal_node_pools_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters~1{bareMetalAdminClustersId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_vmware_clusters_vmware_node_pools_operations_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_bare_metal_clusters_operations_get - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_operations_list + #/components/x-stackQL-resources/operations/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_vmware_clusters_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_vmware_clusters_vmware_node_pools_operations_list + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_locations_bare_metal_admin_clusters_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_vmware_admin_clusters_operations_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_bare_metal_admin_clusters_operations_get + #/components/x-stackQL-resources/operations/methods/projects_locations_bare_metal_clusters_operations_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get + #/components/x-stackQL-resources/operations/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_operations_list - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_bare_metal_clusters_operations_list + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_vmware_clusters_operations_list + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_locations_bare_metal_admin_clusters_operations_list - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_vmware_admin_clusters_operations_list - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_bare_metal_admin_clusters_operations_list + #/components/x-stackQL-resources/operations/methods/projects_locations_bare_metal_clusters_operations_list - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_operations_list insert: [] @@ -4239,671 +4385,699 @@ components: delete: - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_operations_delete - bare_metal_clusters: - id: google.gkeonprem.bare_metal_clusters - name: bare_metal_clusters - title: Bare_metal_clusters + vmware_clusters: + id: google.gkeonprem.vmware_clusters + name: vmware_clusters + title: Vmware_clusters methods: - projects_locations_bare_metal_clusters_create: + projects_locations_vmware_clusters_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_clusters_list: + projects_locations_vmware_clusters_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bareMetalClusters - projects_locations_bare_metal_clusters_delete: + projects_locations_vmware_clusters_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_clusters_get: + projects_locations_vmware_clusters_unenroll: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}:unenroll/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_clusters_patch: + projects_locations_vmware_clusters_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_clusters_enroll: + projects_locations_vmware_clusters_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters:enroll/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_clusters_unenroll: + objectKey: $.vmwareClusters + projects_locations_vmware_clusters_enroll: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}:unenroll/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters:enroll/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_clusters_query_version_config: + projects_locations_vmware_clusters_query_version_config: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters:queryVersionConfig/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters:queryVersionConfig/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/bare_metal_clusters/methods/projects_locations_bare_metal_clusters_get + #/components/x-stackQL-resources/vmware_clusters/methods/projects_locations_vmware_clusters_get - $ref: >- - #/components/x-stackQL-resources/bare_metal_clusters/methods/projects_locations_bare_metal_clusters_list + #/components/x-stackQL-resources/vmware_clusters/methods/projects_locations_vmware_clusters_list insert: - $ref: >- - #/components/x-stackQL-resources/bare_metal_clusters/methods/projects_locations_bare_metal_clusters_create + #/components/x-stackQL-resources/vmware_clusters/methods/projects_locations_vmware_clusters_create update: - $ref: >- - #/components/x-stackQL-resources/bare_metal_clusters/methods/projects_locations_bare_metal_clusters_patch + #/components/x-stackQL-resources/vmware_clusters/methods/projects_locations_vmware_clusters_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/bare_metal_clusters/methods/projects_locations_bare_metal_clusters_delete - bare_metal_clusters_iam_policies: - id: google.gkeonprem.bare_metal_clusters_iam_policies - name: bare_metal_clusters_iam_policies - title: Bare_metal_clusters_iam_policies + #/components/x-stackQL-resources/vmware_clusters/methods/projects_locations_vmware_clusters_delete + vmware_clusters_iam_policies: + id: google.gkeonprem.vmware_clusters_iam_policies + name: vmware_clusters_iam_policies + title: Vmware_clusters_iam_policies methods: - projects_locations_bare_metal_clusters_set_iam_policy: + projects_locations_vmware_clusters_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_clusters_get_iam_policy: + objectKey: $.bindings + projects_locations_vmware_clusters_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_bare_metal_clusters_test_iam_permissions: + projects_locations_vmware_clusters_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/bare_metal_clusters_iam_policies/methods/projects_locations_bare_metal_clusters_get_iam_policy + #/components/x-stackQL-resources/vmware_clusters_iam_policies/methods/projects_locations_vmware_clusters_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/bare_metal_clusters_iam_policies/methods/projects_locations_bare_metal_clusters_set_iam_policy + #/components/x-stackQL-resources/vmware_clusters_iam_policies/methods/projects_locations_vmware_clusters_set_iam_policy delete: [] - bare_metal_node_pools: - id: google.gkeonprem.bare_metal_node_pools - name: bare_metal_node_pools - title: Bare_metal_node_pools + vmware_node_pools: + id: google.gkeonprem.vmware_node_pools + name: vmware_node_pools + title: Vmware_node_pools methods: - projects_locations_bare_metal_clusters_bare_metal_node_pools_create: + projects_locations_vmware_clusters_vmware_node_pools_enroll: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools:enroll/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_clusters_bare_metal_node_pools_list: + projects_locations_vmware_clusters_vmware_node_pools_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bareMetalNodePools - projects_locations_bare_metal_clusters_bare_metal_node_pools_delete: + projects_locations_vmware_clusters_vmware_node_pools_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_clusters_bare_metal_node_pools_get: + projects_locations_vmware_clusters_vmware_node_pools_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_clusters_bare_metal_node_pools_patch: + projects_locations_vmware_clusters_vmware_node_pools_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_clusters_bare_metal_node_pools_enroll: + projects_locations_vmware_clusters_vmware_node_pools_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools:enroll/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_clusters_bare_metal_node_pools_unenroll: + objectKey: $.vmwareNodePools + projects_locations_vmware_clusters_vmware_node_pools_unenroll: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}:unenroll/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}:unenroll/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/bare_metal_node_pools/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_get + #/components/x-stackQL-resources/vmware_node_pools/methods/projects_locations_vmware_clusters_vmware_node_pools_get - $ref: >- - #/components/x-stackQL-resources/bare_metal_node_pools/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_list + #/components/x-stackQL-resources/vmware_node_pools/methods/projects_locations_vmware_clusters_vmware_node_pools_list insert: - $ref: >- - #/components/x-stackQL-resources/bare_metal_node_pools/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_create + #/components/x-stackQL-resources/vmware_node_pools/methods/projects_locations_vmware_clusters_vmware_node_pools_create update: - $ref: >- - #/components/x-stackQL-resources/bare_metal_node_pools/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_patch + #/components/x-stackQL-resources/vmware_node_pools/methods/projects_locations_vmware_clusters_vmware_node_pools_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/bare_metal_node_pools/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_delete - bare_metal_node_pools_iam_policies: - id: google.gkeonprem.bare_metal_node_pools_iam_policies - name: bare_metal_node_pools_iam_policies - title: Bare_metal_node_pools_iam_policies + #/components/x-stackQL-resources/vmware_node_pools/methods/projects_locations_vmware_clusters_vmware_node_pools_delete + vmware_node_pools_iam_policies: + id: google.gkeonprem.vmware_node_pools_iam_policies + name: vmware_node_pools_iam_policies + title: Vmware_node_pools_iam_policies methods: - projects_locations_bare_metal_clusters_bare_metal_node_pools_set_iam_policy: + projects_locations_vmware_clusters_vmware_node_pools_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_clusters_bare_metal_node_pools_get_iam_policy: + objectKey: $.bindings + projects_locations_vmware_clusters_vmware_node_pools_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_bare_metal_clusters_bare_metal_node_pools_test_iam_permissions: + projects_locations_vmware_clusters_vmware_node_pools_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/bare_metal_node_pools_iam_policies/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_get_iam_policy + #/components/x-stackQL-resources/vmware_node_pools_iam_policies/methods/projects_locations_vmware_clusters_vmware_node_pools_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/bare_metal_node_pools_iam_policies/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_set_iam_policy + #/components/x-stackQL-resources/vmware_node_pools_iam_policies/methods/projects_locations_vmware_clusters_vmware_node_pools_set_iam_policy delete: [] - vmware_clusters: - id: google.gkeonprem.vmware_clusters - name: vmware_clusters - title: Vmware_clusters + bare_metal_admin_clusters: + id: google.gkeonprem.bare_metal_admin_clusters + name: bare_metal_admin_clusters + title: Bare_metal_admin_clusters methods: - projects_locations_vmware_clusters_enroll: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters:enroll/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_vmware_clusters_unenroll: + projects_locations_bare_metal_admin_clusters_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}:unenroll/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters~1{bareMetalAdminClustersId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_clusters_create: + projects_locations_bare_metal_admin_clusters_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters~1{bareMetalAdminClustersId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_clusters_list: + projects_locations_bare_metal_admin_clusters_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.vmwareClusters - projects_locations_vmware_clusters_delete: + projects_locations_bare_metal_admin_clusters_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_clusters_get: + objectKey: $.bareMetalAdminClusters + projects_locations_bare_metal_admin_clusters_enroll: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters:enroll/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_clusters_patch: + projects_locations_bare_metal_admin_clusters_query_version_config: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters:queryVersionConfig/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_clusters_query_version_config: + projects_locations_bare_metal_admin_clusters_unenroll: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters:queryVersionConfig/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters~1{bareMetalAdminClustersId}:unenroll/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/vmware_clusters/methods/projects_locations_vmware_clusters_get + #/components/x-stackQL-resources/bare_metal_admin_clusters/methods/projects_locations_bare_metal_admin_clusters_get - $ref: >- - #/components/x-stackQL-resources/vmware_clusters/methods/projects_locations_vmware_clusters_list + #/components/x-stackQL-resources/bare_metal_admin_clusters/methods/projects_locations_bare_metal_admin_clusters_list insert: - $ref: >- - #/components/x-stackQL-resources/vmware_clusters/methods/projects_locations_vmware_clusters_create + #/components/x-stackQL-resources/bare_metal_admin_clusters/methods/projects_locations_bare_metal_admin_clusters_create update: - $ref: >- - #/components/x-stackQL-resources/vmware_clusters/methods/projects_locations_vmware_clusters_patch + #/components/x-stackQL-resources/bare_metal_admin_clusters/methods/projects_locations_bare_metal_admin_clusters_patch replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/vmware_clusters/methods/projects_locations_vmware_clusters_delete - vmware_clusters_iam_policies: - id: google.gkeonprem.vmware_clusters_iam_policies - name: vmware_clusters_iam_policies - title: Vmware_clusters_iam_policies + delete: [] + bare_metal_admin_clusters_iam_policies: + id: google.gkeonprem.bare_metal_admin_clusters_iam_policies + name: bare_metal_admin_clusters_iam_policies + title: Bare_metal_admin_clusters_iam_policies methods: - projects_locations_vmware_clusters_set_iam_policy: + projects_locations_bare_metal_admin_clusters_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters~1{bareMetalAdminClustersId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_clusters_get_iam_policy: + projects_locations_bare_metal_admin_clusters_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters~1{bareMetalAdminClustersId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - projects_locations_vmware_clusters_test_iam_permissions: + projects_locations_bare_metal_admin_clusters_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters~1{bareMetalAdminClustersId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/vmware_clusters_iam_policies/methods/projects_locations_vmware_clusters_get_iam_policy + #/components/x-stackQL-resources/bare_metal_admin_clusters_iam_policies/methods/projects_locations_bare_metal_admin_clusters_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/vmware_clusters_iam_policies/methods/projects_locations_vmware_clusters_set_iam_policy + #/components/x-stackQL-resources/bare_metal_admin_clusters_iam_policies/methods/projects_locations_bare_metal_admin_clusters_set_iam_policy delete: [] - vmware_node_pools: - id: google.gkeonprem.vmware_node_pools - name: vmware_node_pools - title: Vmware_node_pools + vmware_admin_clusters_iam_policies: + id: google.gkeonprem.vmware_admin_clusters_iam_policies + name: vmware_admin_clusters_iam_policies + title: Vmware_admin_clusters_iam_policies + methods: + projects_locations_vmware_admin_clusters_get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters~1{vmwareAdminClustersId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + projects_locations_vmware_admin_clusters_set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters~1{vmwareAdminClustersId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_vmware_admin_clusters_test_iam_permissions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters~1{vmwareAdminClustersId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/vmware_admin_clusters_iam_policies/methods/projects_locations_vmware_admin_clusters_get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/vmware_admin_clusters_iam_policies/methods/projects_locations_vmware_admin_clusters_set_iam_policy + delete: [] + vmware_admin_clusters: + id: google.gkeonprem.vmware_admin_clusters + name: vmware_admin_clusters + title: Vmware_admin_clusters methods: - projects_locations_vmware_clusters_vmware_node_pools_create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_vmware_clusters_vmware_node_pools_list: + projects_locations_vmware_admin_clusters_unenroll: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters~1{vmwareAdminClustersId}:unenroll/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.vmwareNodePools - projects_locations_vmware_clusters_vmware_node_pools_delete: + projects_locations_vmware_admin_clusters_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_clusters_vmware_node_pools_get: + objectKey: $.vmwareAdminClusters + projects_locations_vmware_admin_clusters_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_clusters_vmware_node_pools_patch: + projects_locations_vmware_admin_clusters_enroll: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters:enroll/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_clusters_vmware_node_pools_enroll: + projects_locations_vmware_admin_clusters_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools:enroll/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters~1{vmwareAdminClustersId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_clusters_vmware_node_pools_unenroll: + projects_locations_vmware_admin_clusters_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}:unenroll/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters~1{vmwareAdminClustersId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/vmware_node_pools/methods/projects_locations_vmware_clusters_vmware_node_pools_get + #/components/x-stackQL-resources/vmware_admin_clusters/methods/projects_locations_vmware_admin_clusters_get - $ref: >- - #/components/x-stackQL-resources/vmware_node_pools/methods/projects_locations_vmware_clusters_vmware_node_pools_list + #/components/x-stackQL-resources/vmware_admin_clusters/methods/projects_locations_vmware_admin_clusters_list insert: - $ref: >- - #/components/x-stackQL-resources/vmware_node_pools/methods/projects_locations_vmware_clusters_vmware_node_pools_create + #/components/x-stackQL-resources/vmware_admin_clusters/methods/projects_locations_vmware_admin_clusters_create update: - $ref: >- - #/components/x-stackQL-resources/vmware_node_pools/methods/projects_locations_vmware_clusters_vmware_node_pools_patch + #/components/x-stackQL-resources/vmware_admin_clusters/methods/projects_locations_vmware_admin_clusters_patch replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/vmware_node_pools/methods/projects_locations_vmware_clusters_vmware_node_pools_delete - vmware_node_pools_iam_policies: - id: google.gkeonprem.vmware_node_pools_iam_policies - name: vmware_node_pools_iam_policies - title: Vmware_node_pools_iam_policies + delete: [] + bare_metal_clusters: + id: google.gkeonprem.bare_metal_clusters + name: bare_metal_clusters + title: Bare_metal_clusters methods: - projects_locations_vmware_clusters_vmware_node_pools_set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_vmware_clusters_vmware_node_pools_get_iam_policy: + projects_locations_bare_metal_clusters_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_vmware_clusters_vmware_node_pools_test_iam_permissions: + objectKey: $.bareMetalClusters + projects_locations_bare_metal_clusters_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareClusters~1{vmwareClustersId}~1vmwareNodePools~1{vmwareNodePoolsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/vmware_node_pools_iam_policies/methods/projects_locations_vmware_clusters_vmware_node_pools_get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/vmware_node_pools_iam_policies/methods/projects_locations_vmware_clusters_vmware_node_pools_set_iam_policy - delete: [] - vmware_admin_clusters: - id: google.gkeonprem.vmware_admin_clusters - name: vmware_admin_clusters - title: Vmware_admin_clusters - methods: - projects_locations_vmware_admin_clusters_create: + projects_locations_bare_metal_clusters_enroll: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters:enroll/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_admin_clusters_list: + projects_locations_bare_metal_clusters_query_version_config: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters:queryVersionConfig/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.vmwareAdminClusters - projects_locations_vmware_admin_clusters_get: + projects_locations_bare_metal_clusters_unenroll: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters~1{vmwareAdminClustersId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}:unenroll/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_admin_clusters_patch: + projects_locations_bare_metal_clusters_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters~1{vmwareAdminClustersId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_admin_clusters_enroll: + projects_locations_bare_metal_clusters_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters:enroll/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_admin_clusters_unenroll: + projects_locations_bare_metal_clusters_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters~1{vmwareAdminClustersId}:unenroll/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/vmware_admin_clusters/methods/projects_locations_vmware_admin_clusters_get + #/components/x-stackQL-resources/bare_metal_clusters/methods/projects_locations_bare_metal_clusters_get - $ref: >- - #/components/x-stackQL-resources/vmware_admin_clusters/methods/projects_locations_vmware_admin_clusters_list + #/components/x-stackQL-resources/bare_metal_clusters/methods/projects_locations_bare_metal_clusters_list insert: - $ref: >- - #/components/x-stackQL-resources/vmware_admin_clusters/methods/projects_locations_vmware_admin_clusters_create + #/components/x-stackQL-resources/bare_metal_clusters/methods/projects_locations_bare_metal_clusters_create update: - $ref: >- - #/components/x-stackQL-resources/vmware_admin_clusters/methods/projects_locations_vmware_admin_clusters_patch + #/components/x-stackQL-resources/bare_metal_clusters/methods/projects_locations_bare_metal_clusters_patch replace: [] - delete: [] - vmware_admin_clusters_iam_policies: - id: google.gkeonprem.vmware_admin_clusters_iam_policies - name: vmware_admin_clusters_iam_policies - title: Vmware_admin_clusters_iam_policies + delete: + - $ref: >- + #/components/x-stackQL-resources/bare_metal_clusters/methods/projects_locations_bare_metal_clusters_delete + bare_metal_clusters_iam_policies: + id: google.gkeonprem.bare_metal_clusters_iam_policies + name: bare_metal_clusters_iam_policies + title: Bare_metal_clusters_iam_policies methods: - projects_locations_vmware_admin_clusters_set_iam_policy: + projects_locations_bare_metal_clusters_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters~1{vmwareAdminClustersId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_vmware_admin_clusters_get_iam_policy: + projects_locations_bare_metal_clusters_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters~1{vmwareAdminClustersId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - projects_locations_vmware_admin_clusters_test_iam_permissions: + projects_locations_bare_metal_clusters_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareAdminClusters~1{vmwareAdminClustersId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/vmware_admin_clusters_iam_policies/methods/projects_locations_vmware_admin_clusters_get_iam_policy + #/components/x-stackQL-resources/bare_metal_clusters_iam_policies/methods/projects_locations_bare_metal_clusters_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/vmware_admin_clusters_iam_policies/methods/projects_locations_vmware_admin_clusters_set_iam_policy + #/components/x-stackQL-resources/bare_metal_clusters_iam_policies/methods/projects_locations_bare_metal_clusters_set_iam_policy delete: [] - bare_metal_admin_clusters: - id: google.gkeonprem.bare_metal_admin_clusters - name: bare_metal_admin_clusters - title: Bare_metal_admin_clusters + bare_metal_node_pools: + id: google.gkeonprem.bare_metal_node_pools + name: bare_metal_node_pools + title: Bare_metal_node_pools methods: - projects_locations_bare_metal_admin_clusters_create: + projects_locations_bare_metal_clusters_bare_metal_node_pools_unenroll: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}:unenroll/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_admin_clusters_list: + projects_locations_bare_metal_clusters_bare_metal_node_pools_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bareMetalAdminClusters - projects_locations_bare_metal_admin_clusters_get: + projects_locations_bare_metal_clusters_bare_metal_node_pools_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters~1{bareMetalAdminClustersId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_admin_clusters_patch: + objectKey: $.bareMetalNodePools + projects_locations_bare_metal_clusters_bare_metal_node_pools_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters~1{bareMetalAdminClustersId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_admin_clusters_enroll: + projects_locations_bare_metal_clusters_bare_metal_node_pools_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters:enroll/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_admin_clusters_unenroll: + projects_locations_bare_metal_clusters_bare_metal_node_pools_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters~1{bareMetalAdminClustersId}:unenroll/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_admin_clusters_query_version_config: + projects_locations_bare_metal_clusters_bare_metal_node_pools_enroll: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters:queryVersionConfig/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools:enroll/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/bare_metal_admin_clusters/methods/projects_locations_bare_metal_admin_clusters_get + #/components/x-stackQL-resources/bare_metal_node_pools/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_get - $ref: >- - #/components/x-stackQL-resources/bare_metal_admin_clusters/methods/projects_locations_bare_metal_admin_clusters_list + #/components/x-stackQL-resources/bare_metal_node_pools/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_list insert: - $ref: >- - #/components/x-stackQL-resources/bare_metal_admin_clusters/methods/projects_locations_bare_metal_admin_clusters_create + #/components/x-stackQL-resources/bare_metal_node_pools/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_create update: - $ref: >- - #/components/x-stackQL-resources/bare_metal_admin_clusters/methods/projects_locations_bare_metal_admin_clusters_patch + #/components/x-stackQL-resources/bare_metal_node_pools/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_patch replace: [] - delete: [] - bare_metal_admin_clusters_iam_policies: - id: google.gkeonprem.bare_metal_admin_clusters_iam_policies - name: bare_metal_admin_clusters_iam_policies - title: Bare_metal_admin_clusters_iam_policies + delete: + - $ref: >- + #/components/x-stackQL-resources/bare_metal_node_pools/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_delete + bare_metal_node_pools_iam_policies: + id: google.gkeonprem.bare_metal_node_pools_iam_policies + name: bare_metal_node_pools_iam_policies + title: Bare_metal_node_pools_iam_policies methods: - projects_locations_bare_metal_admin_clusters_set_iam_policy: + projects_locations_bare_metal_clusters_bare_metal_node_pools_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters~1{bareMetalAdminClustersId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_bare_metal_admin_clusters_get_iam_policy: + objectKey: $.bindings + projects_locations_bare_metal_clusters_bare_metal_node_pools_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters~1{bareMetalAdminClustersId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_bare_metal_admin_clusters_test_iam_permissions: + projects_locations_bare_metal_clusters_bare_metal_node_pools_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalAdminClusters~1{bareMetalAdminClustersId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1bareMetalClusters~1{bareMetalClustersId}~1bareMetalNodePools~1{bareMetalNodePoolsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/bare_metal_admin_clusters_iam_policies/methods/projects_locations_bare_metal_admin_clusters_get_iam_policy + #/components/x-stackQL-resources/bare_metal_node_pools_iam_policies/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/bare_metal_admin_clusters_iam_policies/methods/projects_locations_bare_metal_admin_clusters_set_iam_policy + #/components/x-stackQL-resources/bare_metal_node_pools_iam_policies/methods/projects_locations_bare_metal_clusters_bare_metal_node_pools_set_iam_policy delete: [] paths: + /v1/projects/{projectsId}/locations/{locationsId}: + parameters: &ref_1 + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/_.xgafv' + get: + description: Gets information about a location. + operationId: gkeonprem.projects.locations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Location' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string /v1/projects/{projectsId}/locations: - parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + parameters: *ref_1 get: description: Lists information about the supported locations for this service. operationId: gkeonprem.projects.locations.list @@ -4925,15 +5099,15 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: filter + schema: + type: string - in: query name: pageToken schema: @@ -4942,11 +5116,25 @@ paths: name: extraLocationTypes schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: - description: Gets information about a location. - operationId: gkeonprem.projects.locations.get + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: gkeonprem.projects.locations.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4958,7 +5146,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -4970,6 +5158,11 @@ paths: required: true schema: type: string + - in: path + name: operationsId + required: true + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 get: @@ -5000,27 +5193,32 @@ paths: required: true schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 - in: query name: filter schema: type: string - in: query - name: pageSize + name: returnPartialSuccess schema: - type: integer - format: int32 + type: boolean - in: query name: pageToken schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - get: + delete: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: gkeonprem.projects.locations.operations.get + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: gkeonprem.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5032,7 +5230,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -5049,13 +5247,12 @@ paths: required: true schema: type: string - delete: + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: gkeonprem.projects.locations.operations.delete + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: gkeonprem.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5067,7 +5264,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5084,25 +5281,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}: parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: gkeonprem.projects.locations.operations.cancel + patch: + description: Updates the parameters of a single VMware cluster. + operationId: gkeonprem.projects.locations.vmwareClusters.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/VmwareCluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5114,7 +5302,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5127,20 +5315,26 @@ paths: schema: type: string - in: path - name: operationsId + name: vmwareClustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters: - parameters: *ref_1 - post: - description: Creates a new bare metal cluster in a given project and location. - operationId: gkeonprem.projects.locations.bareMetalClusters.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BareMetalCluster' + - in: query + name: skipValidations + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a single VMware Cluster. + operationId: gkeonprem.projects.locations.vmwareClusters.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5164,21 +5358,34 @@ paths: required: true schema: type: string + - in: path + name: vmwareClustersId + required: true + schema: + type: string - in: query - name: bareMetalClusterId + name: allowMissing + schema: + type: boolean + - in: query + name: etag schema: type: string + - in: query + name: ignoreErrors + schema: + type: boolean - in: query name: validateOnly schema: type: boolean - in: query - name: allowPreflightFailure + name: force schema: type: boolean get: - description: Lists bare metal clusters in a given project and location. - operationId: gkeonprem.projects.locations.bareMetalClusters.list + description: Gets details of a single VMware Cluster. + operationId: gkeonprem.projects.locations.vmwareClusters.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5190,7 +5397,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBareMetalClustersResponse' + $ref: '#/components/schemas/VmwareCluster' parameters: - in: path name: projectsId @@ -5202,17 +5409,9 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: vmwareClustersId + required: true schema: type: string - in: query @@ -5223,11 +5422,13 @@ paths: name: allowMissing schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}: + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}:getIamPolicy: parameters: *ref_1 - delete: - description: Deletes a single bare metal Cluster. - operationId: gkeonprem.projects.locations.bareMetalClusters.delete + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: gkeonprem.projects.locations.vmwareClusters.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5239,7 +5440,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -5252,33 +5453,26 @@ paths: schema: type: string - in: path - name: bareMetalClustersId + name: vmwareClustersId required: true schema: type: string - in: query - name: etag - schema: - type: string - - in: query - name: allowMissing - schema: - type: boolean - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: force - schema: - type: boolean - - in: query - name: ignoreErrors + name: options.requestedPolicyVersion schema: - type: boolean - get: - description: Gets details of a single bare metal Cluster. - operationId: gkeonprem.projects.locations.bareMetalClusters.get + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}:unenroll: + parameters: *ref_1 + delete: + description: >- + Unenrolls an existing VMware user cluster and its node pools from the + Anthos On-Prem API within a given project and location. Unenrollment + removes the Cloud reference to the cluster without modifying the + underlying OnPrem Resources. Clusters and node pools will continue to + run; however, they will no longer be accessible through the Anthos + On-Prem API or UI. + operationId: gkeonprem.projects.locations.vmwareClusters.unenroll security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5290,7 +5484,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BareMetalCluster' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5303,26 +5497,41 @@ paths: schema: type: string - in: path - name: bareMetalClustersId + name: vmwareClustersId required: true schema: type: string - in: query - name: view + name: force schema: - type: string + type: boolean + - in: query + name: validateOnly + schema: + type: boolean - in: query name: allowMissing schema: type: boolean - patch: - description: Updates the parameters of a single bare metal Cluster. - operationId: gkeonprem.projects.locations.bareMetalClusters.patch + - in: query + name: etag + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: gkeonprem.projects.locations.vmwareClusters.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/BareMetalCluster' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5334,7 +5543,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -5347,39 +5556,20 @@ paths: schema: type: string - in: path - name: bareMetalClustersId + name: vmwareClustersId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: allowMissing - schema: - type: boolean - - in: query - name: validateOnly - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters:enroll: + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters: parameters: *ref_1 post: - description: >- - Enrolls an existing bare metal user cluster and its node pools to the - Anthos On-Prem API within a given project and location. Through - enrollment, an existing cluster will become Anthos On-Prem API managed. - The corresponding GCP resources will be created and all future - modifications to the cluster and/or its node pools will be expected to - be performed through the API. - operationId: gkeonprem.projects.locations.bareMetalClusters.enroll + description: Creates a new VMware user cluster in a given project and location. + operationId: gkeonprem.projects.locations.vmwareClusters.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/EnrollBareMetalClusterRequest' + $ref: '#/components/schemas/VmwareCluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5403,17 +5593,25 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}:unenroll: - parameters: *ref_1 - delete: - description: >- - Unenrolls an existing bare metal user cluster and its node pools from - the Anthos On-Prem API within a given project and location. Unenrollment - removes the Cloud reference to the cluster without modifying the - underlying OnPrem Resources. Clusters and node pools will continue to - run; however, they will no longer be accessible through the Anthos - On-Prem API or its clients. - operationId: gkeonprem.projects.locations.bareMetalClusters.unenroll + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: skipValidations + schema: + type: string + - in: query + name: vmwareClusterId + schema: + type: string + - in: query + name: allowPreflightFailure + schema: + type: boolean + get: + description: Lists VMware Clusters in a given project and location. + operationId: gkeonprem.projects.locations.vmwareClusters.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5425,7 +5623,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListVmwareClustersResponse' parameters: - in: path name: projectsId @@ -5437,32 +5635,43 @@ paths: required: true schema: type: string - - in: path - name: bareMetalClustersId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: etag + name: filter schema: type: string - in: query - name: allowMissing + name: view schema: - type: boolean + type: string - in: query - name: validateOnly + name: pageToken schema: - type: boolean + type: string - in: query - name: force + name: allowMissing schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters:queryVersionConfig: + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters:enroll: parameters: *ref_1 post: - description: Queries the bare metal user cluster version config. - operationId: gkeonprem.projects.locations.bareMetalClusters.queryVersionConfig + description: >- + Enrolls an existing VMware user cluster and its node pools to the Anthos + On-Prem API within a given project and location. Through enrollment, an + existing cluster will become Anthos On-Prem API managed. The + corresponding GCP resources will be created and all future modifications + to the cluster and/or its node pools will be expected to be performed + through the API. + operationId: gkeonprem.projects.locations.vmwareClusters.enroll + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EnrollVmwareClusterRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5474,7 +5683,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/QueryBareMetalVersionConfigResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5486,26 +5695,14 @@ paths: required: true schema: type: string - - in: query - name: createConfig.adminClusterMembership - schema: - type: string - - in: query - name: createConfig.adminClusterName - schema: - type: string - - in: query - name: upgradeConfig.clusterName - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}:setIamPolicy: parameters: *ref_1 post: description: >- Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. - operationId: gkeonprem.projects.locations.bareMetalClusters.setIamPolicy + operationId: gkeonprem.projects.locations.vmwareClusters.setIamPolicy requestBody: content: application/json: @@ -5535,17 +5732,15 @@ paths: schema: type: string - in: path - name: bareMetalClustersId + name: vmwareClustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters:queryVersionConfig: parameters: *ref_1 - get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: gkeonprem.projects.locations.bareMetalClusters.getIamPolicy + post: + description: Queries the VMware user cluster version config. + operationId: gkeonprem.projects.locations.vmwareClusters.queryVersionConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5557,7 +5752,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/QueryVmwareVersionConfigResponse' parameters: - in: path name: projectsId @@ -5569,31 +5764,26 @@ paths: required: true schema: type: string - - in: path - name: bareMetalClustersId - required: true + - in: query + name: upgradeConfig.clusterName schema: type: string - in: query - name: options.requestedPolicyVersion + name: createConfig.adminClusterName schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}:testIamPermissions: + type: string + - in: query + name: createConfig.adminClusterMembership + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/operations/{operationsId}: parameters: *ref_1 - post: + get: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: gkeonprem.projects.locations.bareMetalClusters.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: gkeonprem.projects.locations.vmwareClusters.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5605,7 +5795,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5618,17 +5808,22 @@ paths: schema: type: string - in: path - name: bareMetalClustersId + name: vmwareClustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/operations: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/operations: parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: gkeonprem.projects.locations.bareMetalClusters.operations.list + operationId: gkeonprem.projects.locations.vmwareClusters.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5653,31 +5848,36 @@ paths: schema: type: string - in: path - name: bareMetalClustersId + name: vmwareClustersId required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string - in: query name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools/{vmwareNodePoolsId}/operations/{operationsId}: parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: gkeonprem.projects.locations.bareMetalClusters.operations.get + operationId: >- + gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5702,68 +5902,28 @@ paths: schema: type: string - in: path - name: bareMetalClustersId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools: - parameters: *ref_1 - post: - description: >- - Creates a new bare metal node pool in a given project, location and Bare - Metal cluster. - operationId: gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BareMetalNodePool' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId + name: vmwareClustersId required: true schema: type: string - in: path - name: locationsId + name: vmwareNodePoolsId required: true schema: type: string - in: path - name: bareMetalClustersId + name: operationsId required: true schema: type: string - - in: query - name: bareMetalNodePoolId - schema: - type: string - - in: query - name: validateOnly - schema: - type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools/{vmwareNodePoolsId}/operations: + parameters: *ref_1 get: description: >- - Lists bare metal node pools in a given project, location and bare metal - cluster. - operationId: gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.list + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: >- + gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5775,7 +5935,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBareMetalNodePoolsResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -5788,28 +5948,42 @@ paths: schema: type: string - in: path - name: bareMetalClustersId + name: vmwareClustersId + required: true + schema: + type: string + - in: path + name: vmwareNodePoolsId required: true schema: type: string - in: query - name: pageSize + name: filter schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - in: query - name: view + name: returnPartialSuccess schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools/{bareMetalNodePoolsId}: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools:enroll: parameters: *ref_1 - delete: - description: Deletes a single bare metal node pool. - operationId: gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.delete + post: + description: Enrolls a VMware node pool to Anthos On-Prem API + operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.enroll + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EnrollVmwareNodePoolRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5834,34 +6008,15 @@ paths: schema: type: string - in: path - name: bareMetalClustersId - required: true - schema: - type: string - - in: path - name: bareMetalNodePoolsId + name: vmwareClustersId required: true schema: type: string - - in: query - name: etag - schema: - type: string - - in: query - name: allowMissing - schema: - type: boolean - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: ignoreErrors - schema: - type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools/{vmwareNodePoolsId}: + parameters: *ref_1 get: - description: Gets details of a single bare metal node pool. - operationId: gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.get + description: Gets details of a single VMware node pool. + operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5873,7 +6028,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BareMetalNodePool' + $ref: '#/components/schemas/VmwareNodePool' parameters: - in: path name: projectsId @@ -5886,12 +6041,12 @@ paths: schema: type: string - in: path - name: bareMetalClustersId + name: vmwareClustersId required: true schema: type: string - in: path - name: bareMetalNodePoolsId + name: vmwareNodePoolsId required: true schema: type: string @@ -5899,14 +6054,9 @@ paths: name: view schema: type: string - patch: - description: Updates the parameters of a single bare metal node pool. - operationId: gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BareMetalNodePool' + delete: + description: Deletes a single VMware node pool. + operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5931,42 +6081,39 @@ paths: schema: type: string - in: path - name: bareMetalClustersId + name: vmwareClustersId required: true schema: type: string - in: path - name: bareMetalNodePoolsId + name: vmwareNodePoolsId required: true schema: type: string - in: query - name: updateMask + name: allowMissing + schema: + type: boolean + - in: query + name: etag schema: type: string - format: google-fieldmask - in: query - name: allowMissing + name: ignoreErrors schema: type: boolean - in: query name: validateOnly schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools:enroll: - parameters: *ref_1 - post: - description: >- - Enrolls an existing bare metal node pool to the Anthos On-Prem API - within a given project and location. Through enrollment, an existing - node pool will become Anthos On-Prem API managed. The corresponding GCP - resources will be created. - operationId: gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.enroll + patch: + description: Updates the parameters of a single VMware node pool. + operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/EnrollBareMetalNodePoolRequest' + $ref: '#/components/schemas/VmwareNodePool' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5991,16 +6138,36 @@ paths: schema: type: string - in: path - name: bareMetalClustersId + name: vmwareClustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools/{bareMetalNodePoolsId}:unenroll: + - in: path + name: vmwareNodePoolsId + required: true + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools: parameters: *ref_1 - delete: - description: Unenrolls a bare metal node pool from Anthos On-Prem API. - operationId: >- - gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.unenroll + post: + description: >- + Creates a new VMware node pool in a given project, location and VMWare + cluster. + operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/VmwareNodePool' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6025,41 +6192,21 @@ paths: schema: type: string - in: path - name: bareMetalClustersId - required: true - schema: - type: string - - in: path - name: bareMetalNodePoolsId + name: vmwareClustersId required: true schema: type: string - in: query - name: etag - schema: - type: string - - in: query - name: allowMissing + name: validateOnly schema: type: boolean - in: query - name: validateOnly + name: vmwareNodePoolId schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools/{bareMetalNodePoolsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: >- - gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + type: string + get: + description: Lists VMware node pools in a given project, location and VMWare cluster. + operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6071,7 +6218,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListVmwareNodePoolsResponse' parameters: - in: path name: projectsId @@ -6084,23 +6231,30 @@ paths: schema: type: string - in: path - name: bareMetalClustersId + name: vmwareClustersId required: true schema: type: string - - in: path - name: bareMetalNodePoolsId - required: true + - in: query + name: view schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools/{bareMetalNodePoolsId}:getIamPolicy: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools/{vmwareNodePoolsId}:getIamPolicy: parameters: *ref_1 get: description: >- Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. - operationId: >- - gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.getIamPolicy + operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6125,12 +6279,12 @@ paths: schema: type: string - in: path - name: bareMetalClustersId + name: vmwareClustersId required: true schema: type: string - in: path - name: bareMetalNodePoolsId + name: vmwareNodePoolsId required: true schema: type: string @@ -6139,7 +6293,7 @@ paths: schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools/{bareMetalNodePoolsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools/{vmwareNodePoolsId}:testIamPermissions: parameters: *ref_1 post: description: >- @@ -6149,7 +6303,7 @@ paths: building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. operationId: >- - gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.testIamPermissions + gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.testIamPermissions requestBody: content: application/json: @@ -6179,78 +6333,20 @@ paths: schema: type: string - in: path - name: bareMetalClustersId - required: true - schema: - type: string - - in: path - name: bareMetalNodePoolsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools/{bareMetalNodePoolsId}/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: >- - gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.operations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListOperationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: bareMetalClustersId - required: true - schema: - type: string - - in: path - name: bareMetalNodePoolsId - required: true - schema: - type: string - - in: query - name: filter + name: vmwareClustersId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: vmwareNodePoolsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools/{bareMetalNodePoolsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools/{vmwareNodePoolsId}:unenroll: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: >- - gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.operations.get + delete: + description: Unenrolls a VMware node pool to Anthos On-Prem API + operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.unenroll security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6275,36 +6371,40 @@ paths: schema: type: string - in: path - name: bareMetalClustersId + name: vmwareClustersId required: true schema: type: string - in: path - name: bareMetalNodePoolsId + name: vmwareNodePoolsId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: allowMissing + schema: + type: boolean + - in: query + name: etag schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters:enroll: + /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools/{vmwareNodePoolsId}:setIamPolicy: parameters: *ref_1 post: description: >- - Enrolls an existing VMware user cluster and its node pools to the Anthos - On-Prem API within a given project and location. Through enrollment, an - existing cluster will become Anthos On-Prem API managed. The - corresponding GCP resources will be created and all future modifications - to the cluster and/or its node pools will be expected to be performed - through the API. - operationId: gkeonprem.projects.locations.vmwareClusters.enroll + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/EnrollVmwareClusterRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6316,7 +6416,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6328,17 +6428,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}:unenroll: + - in: path + name: vmwareClustersId + required: true + schema: + type: string + - in: path + name: vmwareNodePoolsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters/{bareMetalAdminClustersId}: parameters: *ref_1 - delete: - description: >- - Unenrolls an existing VMware user cluster and its node pools from the - Anthos On-Prem API within a given project and location. Unenrollment - removes the Cloud reference to the cluster without modifying the - underlying OnPrem Resources. Clusters and node pools will continue to - run; however, they will no longer be accessible through the Anthos - On-Prem API or UI. - operationId: gkeonprem.projects.locations.vmwareClusters.unenroll + get: + description: Gets details of a single bare metal admin cluster. + operationId: gkeonprem.projects.locations.bareMetalAdminClusters.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6350,7 +6454,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/BareMetalAdminCluster' parameters: - in: path name: projectsId @@ -6363,36 +6467,26 @@ paths: schema: type: string - in: path - name: vmwareClustersId + name: bareMetalAdminClustersId required: true schema: type: string - in: query - name: etag + name: view schema: type: string - in: query name: allowMissing schema: type: boolean - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: force - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters: - parameters: *ref_1 - post: - description: Creates a new VMware user cluster in a given project and location. - operationId: gkeonprem.projects.locations.vmwareClusters.create + patch: + description: Updates the parameters of a single bare metal admin cluster. + operationId: gkeonprem.projects.locations.bareMetalAdminClusters.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/VmwareCluster' + $ref: '#/components/schemas/BareMetalAdminCluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6416,21 +6510,33 @@ paths: required: true schema: type: string - - in: query - name: vmwareClusterId + - in: path + name: bareMetalAdminClustersId + required: true schema: type: string - in: query - name: validateOnly + name: updateMask schema: - type: boolean + type: string + format: google-fieldmask - in: query - name: allowPreflightFailure + name: validateOnly schema: type: boolean - get: - description: Lists VMware Clusters in a given project and location. - operationId: gkeonprem.projects.locations.vmwareClusters.list + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters/{bareMetalAdminClustersId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: gkeonprem.projects.locations.bareMetalAdminClusters.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6442,7 +6548,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListVmwareClustersResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6454,32 +6560,25 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: view + - in: path + name: bareMetalAdminClustersId + required: true schema: type: string - - in: query - name: allowMissing - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}: + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters: parameters: *ref_1 - delete: - description: Deletes a single VMware Cluster. - operationId: gkeonprem.projects.locations.vmwareClusters.delete + post: + description: >- + Creates a new bare metal admin cluster in a given project and location. + The API needs to be combined with creating a bootstrap cluster to work. + See: + https://cloud.google.com/anthos/clusters/docs/bare-metal/latest/installing/creating-clusters/create-admin-cluster-api#prepare_bootstrap_environment + operationId: gkeonprem.projects.locations.bareMetalAdminClusters.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BareMetalAdminCluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6503,34 +6602,21 @@ paths: required: true schema: type: string - - in: path - name: vmwareClustersId - required: true - schema: - type: string - - in: query - name: etag - schema: - type: string - - in: query - name: allowMissing - schema: - type: boolean - in: query name: validateOnly schema: type: boolean - in: query - name: force + name: bareMetalAdminClusterId schema: - type: boolean + type: string - in: query - name: ignoreErrors + name: allowPreflightFailure schema: type: boolean get: - description: Gets details of a single VMware Cluster. - operationId: gkeonprem.projects.locations.vmwareClusters.get + description: Lists bare metal admin clusters in a given project and location. + operationId: gkeonprem.projects.locations.bareMetalAdminClusters.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6542,7 +6628,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VmwareCluster' + $ref: '#/components/schemas/ListBareMetalAdminClustersResponse' parameters: - in: path name: projectsId @@ -6554,27 +6640,30 @@ paths: required: true schema: type: string - - in: path - name: vmwareClustersId - required: true + - in: query + name: view schema: type: string - in: query - name: view + name: pageToken schema: type: string - in: query name: allowMissing schema: type: boolean - patch: - description: Updates the parameters of a single VMware cluster. - operationId: gkeonprem.projects.locations.vmwareClusters.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/VmwareCluster' + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters/{bareMetalAdminClustersId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: gkeonprem.projects.locations.bareMetalAdminClusters.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6586,7 +6675,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6599,24 +6688,30 @@ paths: schema: type: string - in: path - name: vmwareClustersId + name: bareMetalAdminClustersId required: true schema: type: string - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: validateOnly + name: options.requestedPolicyVersion schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters:queryVersionConfig: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters:enroll: parameters: *ref_1 post: - description: Queries the VMware user cluster version config. - operationId: gkeonprem.projects.locations.vmwareClusters.queryVersionConfig + description: >- + Enrolls an existing bare metal admin cluster to the Anthos On-Prem API + within a given project and location. Through enrollment, an existing + admin cluster will become Anthos On-Prem API managed. The corresponding + GCP resources will be created and all future modifications to the + cluster will be expected to be performed through the API. + operationId: gkeonprem.projects.locations.bareMetalAdminClusters.enroll + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EnrollBareMetalAdminClusterRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6628,7 +6723,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/QueryVmwareVersionConfigResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6640,31 +6735,11 @@ paths: required: true schema: type: string - - in: query - name: createConfig.adminClusterMembership - schema: - type: string - - in: query - name: createConfig.adminClusterName - schema: - type: string - - in: query - name: upgradeConfig.clusterName - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters:queryVersionConfig: parameters: *ref_1 post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: gkeonprem.projects.locations.vmwareClusters.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + description: Queries the bare metal admin cluster version config. + operationId: gkeonprem.projects.locations.bareMetalAdminClusters.queryVersionConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6676,7 +6751,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/QueryBareMetalAdminVersionConfigResponse' parameters: - in: path name: projectsId @@ -6688,18 +6763,20 @@ paths: required: true schema: type: string - - in: path - name: vmwareClustersId - required: true + - in: query + name: upgradeConfig.clusterName schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters/{bareMetalAdminClustersId}:unenroll: parameters: *ref_1 - get: + delete: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: gkeonprem.projects.locations.vmwareClusters.getIamPolicy + Unenrolls an existing bare metal admin cluster from the Anthos On-Prem + API within a given project and location. Unenrollment removes the Cloud + reference to the cluster without modifying the underlying OnPrem + Resources. Clusters will continue to run; however, they will no longer + be accessible through the Anthos On-Prem API or its clients. + operationId: gkeonprem.projects.locations.bareMetalAdminClusters.unenroll security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6711,7 +6788,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6724,16 +6801,27 @@ paths: schema: type: string - in: path - name: vmwareClustersId + name: bareMetalAdminClustersId required: true schema: type: string - in: query - name: options.requestedPolicyVersion + name: ignoreErrors schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}:testIamPermissions: + type: boolean + - in: query + name: etag + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: allowMissing + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters/{bareMetalAdminClustersId}:testIamPermissions: parameters: *ref_1 post: description: >- @@ -6742,7 +6830,7 @@ paths: not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. - operationId: gkeonprem.projects.locations.vmwareClusters.testIamPermissions + operationId: gkeonprem.projects.locations.bareMetalAdminClusters.testIamPermissions requestBody: content: application/json: @@ -6772,17 +6860,17 @@ paths: schema: type: string - in: path - name: vmwareClustersId + name: bareMetalAdminClustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters/{bareMetalAdminClustersId}/operations: parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: gkeonprem.projects.locations.vmwareClusters.operations.list + operationId: gkeonprem.projects.locations.bareMetalAdminClusters.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6807,7 +6895,7 @@ paths: schema: type: string - in: path - name: vmwareClustersId + name: bareMetalAdminClustersId required: true schema: type: string @@ -6815,6 +6903,10 @@ paths: name: filter schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: pageSize schema: @@ -6824,14 +6916,14 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters/{bareMetalAdminClustersId}/operations/{operationsId}: parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: gkeonprem.projects.locations.vmwareClusters.operations.get + operationId: gkeonprem.projects.locations.bareMetalAdminClusters.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6856,7 +6948,7 @@ paths: schema: type: string - in: path - name: vmwareClustersId + name: bareMetalAdminClustersId required: true schema: type: string @@ -6865,18 +6957,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools: + /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters/{vmwareAdminClustersId}/operations: parameters: *ref_1 - post: + get: description: >- - Creates a new VMware node pool in a given project, location and VMWare - cluster. - operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/VmwareNodePool' + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: gkeonprem.projects.locations.vmwareAdminClusters.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6888,7 +6975,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -6901,21 +6988,35 @@ paths: schema: type: string - in: path - name: vmwareClustersId + name: vmwareAdminClustersId required: true schema: type: string - in: query - name: vmwareNodePoolId + name: filter schema: type: string - in: query - name: validateOnly + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess schema: type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters/{vmwareAdminClustersId}/operations/{operationsId}: + parameters: *ref_1 get: - description: Lists VMware node pools in a given project, location and VMWare cluster. - operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.list + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: gkeonprem.projects.locations.vmwareAdminClusters.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6927,7 +7028,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListVmwareNodePoolsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6940,28 +7041,65 @@ paths: schema: type: string - in: path - name: vmwareClustersId + name: vmwareAdminClustersId required: true schema: type: string - - in: query - name: pageSize + - in: path + name: operationsId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters/{vmwareAdminClustersId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: gkeonprem.projects.locations.vmwareAdminClusters.getIamPolicy + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Policy' + parameters: + - in: path + name: projectsId + required: true schema: type: string - - in: query - name: view + - in: path + name: locationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools/{vmwareNodePoolsId}: + - in: path + name: vmwareAdminClustersId + required: true + schema: + type: string + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters/{vmwareAdminClustersId}:unenroll: parameters: *ref_1 delete: - description: Deletes a single VMware node pool. - operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.delete + description: >- + Unenrolls an existing VMware admin cluster from the Anthos On-Prem API + within a given project and location. Unenrollment removes the Cloud + reference to the cluster without modifying the underlying OnPrem + Resources. Clusters will continue to run; however, they will no longer + be accessible through the Anthos On-Prem API or its clients. + operationId: gkeonprem.projects.locations.vmwareAdminClusters.unenroll security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6986,15 +7124,14 @@ paths: schema: type: string - in: path - name: vmwareClustersId + name: vmwareAdminClustersId required: true schema: type: string - - in: path - name: vmwareNodePoolsId - required: true + - in: query + name: validateOnly schema: - type: string + type: boolean - in: query name: etag schema: @@ -7003,17 +7140,15 @@ paths: name: allowMissing schema: type: boolean - - in: query - name: validateOnly - schema: - type: boolean - in: query name: ignoreErrors schema: type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters: + parameters: *ref_1 get: - description: Gets details of a single VMware node pool. - operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.get + description: Lists VMware admin clusters in a given project and location. + operationId: gkeonprem.projects.locations.vmwareAdminClusters.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7025,7 +7160,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VmwareNodePool' + $ref: '#/components/schemas/ListVmwareAdminClustersResponse' parameters: - in: path name: projectsId @@ -7037,28 +7172,33 @@ paths: required: true schema: type: string - - in: path - name: vmwareClustersId - required: true + - in: query + name: view schema: type: string - - in: path - name: vmwareNodePoolsId - required: true + - in: query + name: allowMissing schema: - type: string + type: boolean - in: query - name: view + name: pageToken schema: type: string - patch: - description: Updates the parameters of a single VMware node pool. - operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.patch + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: >- + Creates a new VMware admin cluster in a given project and location. The + API needs to be combined with creating a bootstrap cluster to work. + operationId: gkeonprem.projects.locations.vmwareAdminClusters.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/VmwareNodePool' + $ref: '#/components/schemas/VmwareAdminCluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7082,35 +7222,35 @@ paths: required: true schema: type: string - - in: path - name: vmwareClustersId - required: true - schema: - type: string - - in: path - name: vmwareNodePoolsId - required: true + - in: query + name: vmwareAdminClusterId schema: type: string - in: query - name: updateMask + name: skipValidations schema: type: string - format: google-fieldmask - in: query name: validateOnly schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools:enroll: + - in: query + name: allowPreflightFailure + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters/{vmwareAdminClustersId}:setIamPolicy: parameters: *ref_1 post: - description: Enrolls a VMware node pool to Anthos On-Prem API - operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.enroll + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: gkeonprem.projects.locations.vmwareAdminClusters.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/EnrollVmwareNodePoolRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7122,7 +7262,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7135,15 +7275,25 @@ paths: schema: type: string - in: path - name: vmwareClustersId + name: vmwareAdminClustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools/{vmwareNodePoolsId}:unenroll: + /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters:enroll: parameters: *ref_1 - delete: - description: Unenrolls a VMware node pool to Anthos On-Prem API - operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.unenroll + post: + description: >- + Enrolls an existing VMware admin cluster to the Anthos On-Prem API + within a given project and location. Through enrollment, an existing + admin cluster will become Anthos On-Prem API managed. The corresponding + GCP resources will be created and all future modifications to the + cluster will be expected to be performed through the API. + operationId: gkeonprem.projects.locations.vmwareAdminClusters.enroll + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EnrollVmwareAdminClusterRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7167,41 +7317,11 @@ paths: required: true schema: type: string - - in: path - name: vmwareClustersId - required: true - schema: - type: string - - in: path - name: vmwareNodePoolsId - required: true - schema: - type: string - - in: query - name: etag - schema: - type: string - - in: query - name: allowMissing - schema: - type: boolean - - in: query - name: validateOnly - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools/{vmwareNodePoolsId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters/{vmwareAdminClustersId}: parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + get: + description: Gets details of a single VMware admin cluster. + operationId: gkeonprem.projects.locations.vmwareAdminClusters.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7213,7 +7333,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/VmwareAdminCluster' parameters: - in: path name: projectsId @@ -7226,22 +7346,26 @@ paths: schema: type: string - in: path - name: vmwareClustersId + name: vmwareAdminClustersId required: true schema: type: string - - in: path - name: vmwareNodePoolsId - required: true + - in: query + name: view schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools/{vmwareNodePoolsId}:getIamPolicy: - parameters: *ref_1 - get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.getIamPolicy + - in: query + name: allowMissing + schema: + type: boolean + patch: + description: Updates the parameters of a single VMware admin cluster. + operationId: gkeonprem.projects.locations.vmwareAdminClusters.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/VmwareAdminCluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7253,7 +7377,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7266,21 +7390,24 @@ paths: schema: type: string - in: path - name: vmwareClustersId + name: vmwareAdminClustersId required: true schema: type: string - - in: path - name: vmwareNodePoolsId - required: true + - in: query + name: skipValidations schema: type: string - in: query - name: options.requestedPolicyVersion + name: validateOnly schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools/{vmwareNodePoolsId}:testIamPermissions: + type: boolean + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters/{vmwareAdminClustersId}:testIamPermissions: parameters: *ref_1 post: description: >- @@ -7289,8 +7416,7 @@ paths: not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. - operationId: >- - gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.testIamPermissions + operationId: gkeonprem.projects.locations.vmwareAdminClusters.testIamPermissions requestBody: content: application/json: @@ -7320,23 +7446,15 @@ paths: schema: type: string - in: path - name: vmwareClustersId - required: true - schema: - type: string - - in: path - name: vmwareNodePoolsId + name: vmwareAdminClustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools/{vmwareNodePoolsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: >- - gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.operations.list + description: Lists bare metal clusters in a given project and location. + operationId: gkeonprem.projects.locations.bareMetalClusters.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7348,7 +7466,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/ListBareMetalClustersResponse' parameters: - in: path name: projectsId @@ -7360,18 +7478,16 @@ paths: required: true schema: type: string - - in: path - name: vmwareClustersId - required: true + - in: query + name: filter schema: type: string - - in: path - name: vmwareNodePoolsId - required: true + - in: query + name: view schema: type: string - in: query - name: filter + name: pageToken schema: type: string - in: query @@ -7380,18 +7496,17 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: allowMissing schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareClusters/{vmwareClustersId}/vmwareNodePools/{vmwareNodePoolsId}/operations/{operationsId}: - parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: >- - gkeonprem.projects.locations.vmwareClusters.vmwareNodePools.operations.get + type: boolean + post: + description: Creates a new bare metal cluster in a given project and location. + operationId: gkeonprem.projects.locations.bareMetalClusters.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BareMetalCluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7415,33 +7530,34 @@ paths: required: true schema: type: string - - in: path - name: vmwareClustersId - required: true + - in: query + name: allowPreflightFailure schema: - type: string - - in: path - name: vmwareNodePoolsId - required: true + type: boolean + - in: query + name: bareMetalClusterId schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: validateOnly schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters:enroll: parameters: *ref_1 post: description: >- - Creates a new VMware admin cluster in a given project and location. The - API needs to be combined with creating a bootstrap cluster to work. - operationId: gkeonprem.projects.locations.vmwareAdminClusters.create + Enrolls an existing bare metal user cluster and its node pools to the + Anthos On-Prem API within a given project and location. Through + enrollment, an existing cluster will become Anthos On-Prem API managed. + The corresponding GCP resources will be created and all future + modifications to the cluster and/or its node pools will be expected to + be performed through the API. + operationId: gkeonprem.projects.locations.bareMetalClusters.enroll requestBody: content: application/json: schema: - $ref: '#/components/schemas/VmwareAdminCluster' + $ref: '#/components/schemas/EnrollBareMetalClusterRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7465,21 +7581,61 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters:queryVersionConfig: + parameters: *ref_1 + post: + description: Queries the bare metal user cluster version config. + operationId: gkeonprem.projects.locations.bareMetalClusters.queryVersionConfig + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/QueryBareMetalVersionConfigResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string - in: query - name: vmwareAdminClusterId + name: upgradeConfig.clusterName schema: type: string - in: query - name: validateOnly + name: createConfig.adminClusterMembership schema: - type: boolean + type: string - in: query - name: allowPreflightFailure + name: createConfig.adminClusterName schema: - type: boolean - get: - description: Lists VMware admin clusters in a given project and location. - operationId: gkeonprem.projects.locations.vmwareAdminClusters.list + type: string + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: gkeonprem.projects.locations.bareMetalClusters.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7491,7 +7647,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListVmwareAdminClustersResponse' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -7503,28 +7659,18 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: view + - in: path + name: bareMetalClustersId + required: true schema: type: string - - in: query - name: allowMissing - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters/{vmwareAdminClustersId}: + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}:getIamPolicy: parameters: *ref_1 get: - description: Gets details of a single VMware admin cluster. - operationId: gkeonprem.projects.locations.vmwareAdminClusters.get + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: gkeonprem.projects.locations.bareMetalClusters.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7536,7 +7682,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VmwareAdminCluster' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7549,26 +7695,26 @@ paths: schema: type: string - in: path - name: vmwareAdminClustersId + name: bareMetalClustersId required: true schema: type: string - in: query - name: view - schema: - type: string - - in: query - name: allowMissing + name: options.requestedPolicyVersion schema: - type: boolean - patch: - description: Updates the parameters of a single VMware admin cluster. - operationId: gkeonprem.projects.locations.vmwareAdminClusters.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/VmwareAdminCluster' + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}:unenroll: + parameters: *ref_1 + delete: + description: >- + Unenrolls an existing bare metal user cluster and its node pools from + the Anthos On-Prem API within a given project and location. Unenrollment + removes the Cloud reference to the cluster without modifying the + underlying OnPrem Resources. Clusters and node pools will continue to + run; however, they will no longer be accessible through the Anthos + On-Prem API or its clients. + operationId: gkeonprem.projects.locations.bareMetalClusters.unenroll security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7593,34 +7739,36 @@ paths: schema: type: string - in: path - name: vmwareAdminClustersId + name: bareMetalClustersId required: true schema: type: string - in: query - name: updateMask + name: allowMissing + schema: + type: boolean + - in: query + name: etag schema: type: string - format: google-fieldmask - in: query name: validateOnly schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters:enroll: + - in: query + name: force + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}: parameters: *ref_1 - post: - description: >- - Enrolls an existing VMware admin cluster to the Anthos On-Prem API - within a given project and location. Through enrollment, an existing - admin cluster will become Anthos On-Prem API managed. The corresponding - GCP resources will be created and all future modifications to the - cluster will be expected to be performed through the API. - operationId: gkeonprem.projects.locations.vmwareAdminClusters.enroll + patch: + description: Updates the parameters of a single bare metal Cluster. + operationId: gkeonprem.projects.locations.bareMetalClusters.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/EnrollVmwareAdminClusterRequest' + $ref: '#/components/schemas/BareMetalCluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7644,16 +7792,27 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters/{vmwareAdminClustersId}:unenroll: - parameters: *ref_1 + - in: path + name: bareMetalClustersId + required: true + schema: + type: string + - in: query + name: allowMissing + schema: + type: boolean + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: validateOnly + schema: + type: boolean delete: - description: >- - Unenrolls an existing VMware admin cluster from the Anthos On-Prem API - within a given project and location. Unenrollment removes the Cloud - reference to the cluster without modifying the underlying OnPrem - Resources. Clusters will continue to run; however, they will no longer - be accessible through the Anthos On-Prem API or its clients. - operationId: gkeonprem.projects.locations.vmwareAdminClusters.unenroll + description: Deletes a single bare metal Cluster. + operationId: gkeonprem.projects.locations.bareMetalClusters.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7678,39 +7837,33 @@ paths: schema: type: string - in: path - name: vmwareAdminClustersId + name: bareMetalClustersId required: true schema: type: string - in: query - name: etag + name: validateOnly schema: - type: string + type: boolean - in: query - name: allowMissing + name: force schema: type: boolean - in: query - name: validateOnly + name: allowMissing schema: type: boolean + - in: query + name: etag + schema: + type: string - in: query name: ignoreErrors schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters/{vmwareAdminClustersId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: gkeonprem.projects.locations.vmwareAdminClusters.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + get: + description: Gets details of a single bare metal Cluster. + operationId: gkeonprem.projects.locations.bareMetalClusters.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7722,7 +7875,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/BareMetalCluster' parameters: - in: path name: projectsId @@ -7735,17 +7888,31 @@ paths: schema: type: string - in: path - name: vmwareAdminClustersId + name: bareMetalClustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters/{vmwareAdminClustersId}:getIamPolicy: + - in: query + name: allowMissing + schema: + type: boolean + - in: query + name: view + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}:setIamPolicy: parameters: *ref_1 - get: + post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: gkeonprem.projects.locations.vmwareAdminClusters.getIamPolicy + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: gkeonprem.projects.locations.bareMetalClusters.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7770,30 +7937,18 @@ paths: schema: type: string - in: path - name: vmwareAdminClustersId + name: bareMetalClustersId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters/{vmwareAdminClustersId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/operations/{operationsId}: parameters: *ref_1 - post: + get: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: gkeonprem.projects.locations.vmwareAdminClusters.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: gkeonprem.projects.locations.bareMetalClusters.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7805,7 +7960,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7818,17 +7973,22 @@ paths: schema: type: string - in: path - name: vmwareAdminClustersId + name: bareMetalClustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters/{vmwareAdminClustersId}/operations: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/operations: parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: gkeonprem.projects.locations.vmwareAdminClusters.operations.list + operationId: gkeonprem.projects.locations.bareMetalClusters.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7853,14 +8013,10 @@ paths: schema: type: string - in: path - name: vmwareAdminClustersId + name: bareMetalClustersId required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: @@ -7870,14 +8026,20 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareAdminClusters/{vmwareAdminClustersId}/operations/{operationsId}: + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools/{bareMetalNodePoolsId}:unenroll: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: gkeonprem.projects.locations.vmwareAdminClusters.operations.get + delete: + description: Unenrolls a bare metal node pool from Anthos On-Prem API. + operationId: >- + gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.unenroll security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7902,29 +8064,39 @@ paths: schema: type: string - in: path - name: vmwareAdminClustersId + name: bareMetalClustersId + required: true + schema: + type: string + - in: path + name: bareMetalNodePoolsId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: etag schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters: + - in: query + name: allowMissing + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools: parameters: *ref_1 post: description: >- - Creates a new bare metal admin cluster in a given project and location. - The API needs to be combined with creating a bootstrap cluster to work. - See: - https://cloud.google.com/anthos/clusters/docs/bare-metal/latest/installing/creating-clusters/create-admin-cluster-api#prepare_bootstrap_environment - operationId: gkeonprem.projects.locations.bareMetalAdminClusters.create + Creates a new bare metal node pool in a given project, location and Bare + Metal cluster. + operationId: gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/BareMetalAdminCluster' + $ref: '#/components/schemas/BareMetalNodePool' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7948,8 +8120,9 @@ paths: required: true schema: type: string - - in: query - name: bareMetalAdminClusterId + - in: path + name: bareMetalClustersId + required: true schema: type: string - in: query @@ -7957,12 +8130,14 @@ paths: schema: type: boolean - in: query - name: allowPreflightFailure + name: bareMetalNodePoolId schema: - type: boolean + type: string get: - description: Lists bare metal admin clusters in a given project and location. - operationId: gkeonprem.projects.locations.bareMetalAdminClusters.list + description: >- + Lists bare metal node pools in a given project, location and bare metal + cluster. + operationId: gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7974,7 +8149,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBareMetalAdminClustersResponse' + $ref: '#/components/schemas/ListBareMetalNodePoolsResponse' parameters: - in: path name: projectsId @@ -7986,11 +8161,11 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: bareMetalClustersId + required: true schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: @@ -8000,14 +8175,18 @@ paths: schema: type: string - in: query - name: allowMissing + name: pageSize schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters/{bareMetalAdminClustersId}: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools/{bareMetalNodePoolsId}:getIamPolicy: parameters: *ref_1 get: - description: Gets details of a single bare metal admin cluster. - operationId: gkeonprem.projects.locations.bareMetalAdminClusters.get + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: >- + gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8019,7 +8198,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BareMetalAdminCluster' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -8032,26 +8211,30 @@ paths: schema: type: string - in: path - name: bareMetalAdminClustersId + name: bareMetalClustersId required: true schema: type: string - - in: query - name: view + - in: path + name: bareMetalNodePoolsId + required: true schema: type: string - in: query - name: allowMissing + name: options.requestedPolicyVersion schema: - type: boolean + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools/{bareMetalNodePoolsId}: + parameters: *ref_1 patch: - description: Updates the parameters of a single bare metal admin cluster. - operationId: gkeonprem.projects.locations.bareMetalAdminClusters.patch + description: Updates the parameters of a single bare metal node pool. + operationId: gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/BareMetalAdminCluster' + $ref: '#/components/schemas/BareMetalNodePool' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8076,7 +8259,12 @@ paths: schema: type: string - in: path - name: bareMetalAdminClustersId + name: bareMetalClustersId + required: true + schema: + type: string + - in: path + name: bareMetalNodePoolsId required: true schema: type: string @@ -8085,25 +8273,17 @@ paths: schema: type: string format: google-fieldmask + - in: query + name: allowMissing + schema: + type: boolean - in: query name: validateOnly schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters:enroll: - parameters: *ref_1 - post: - description: >- - Enrolls an existing bare metal admin cluster to the Anthos On-Prem API - within a given project and location. Through enrollment, an existing - admin cluster will become Anthos On-Prem API managed. The corresponding - GCP resources will be created and all future modifications to the - cluster will be expected to be performed through the API. - operationId: gkeonprem.projects.locations.bareMetalAdminClusters.enroll - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/EnrollBareMetalAdminClusterRequest' + delete: + description: Deletes a single bare metal node pool. + operationId: gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8127,44 +8307,20 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters/{bareMetalAdminClustersId}:unenroll: - parameters: *ref_1 - delete: - description: >- - Unenrolls an existing bare metal admin cluster from the Anthos On-Prem - API within a given project and location. Unenrollment removes the Cloud - reference to the cluster without modifying the underlying OnPrem - Resources. Clusters will continue to run; however, they will no longer - be accessible through the Anthos On-Prem API or its clients. - operationId: gkeonprem.projects.locations.bareMetalAdminClusters.unenroll - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - in: path - name: projectsId + name: bareMetalClustersId required: true schema: type: string - in: path - name: locationsId + name: bareMetalNodePoolsId required: true schema: type: string - - in: path - name: bareMetalAdminClustersId - required: true + - in: query + name: validateOnly schema: - type: string + type: boolean - in: query name: etag schema: @@ -8173,19 +8329,13 @@ paths: name: allowMissing schema: type: boolean - - in: query - name: validateOnly - schema: - type: boolean - in: query name: ignoreErrors schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters:queryVersionConfig: - parameters: *ref_1 - post: - description: Queries the bare metal admin cluster version config. - operationId: gkeonprem.projects.locations.bareMetalAdminClusters.queryVersionConfig + get: + description: Gets details of a single bare metal node pool. + operationId: gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8197,7 +8347,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/QueryBareMetalAdminVersionConfigResponse' + $ref: '#/components/schemas/BareMetalNodePool' parameters: - in: path name: projectsId @@ -8209,18 +8359,29 @@ paths: required: true schema: type: string + - in: path + name: bareMetalClustersId + required: true + schema: + type: string + - in: path + name: bareMetalNodePoolsId + required: true + schema: + type: string - in: query - name: upgradeConfig.clusterName + name: view schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters/{bareMetalAdminClustersId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools/{bareMetalNodePoolsId}:setIamPolicy: parameters: *ref_1 post: description: >- Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. - operationId: gkeonprem.projects.locations.bareMetalAdminClusters.setIamPolicy + operationId: >- + gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.setIamPolicy requestBody: content: application/json: @@ -8250,17 +8411,29 @@ paths: schema: type: string - in: path - name: bareMetalAdminClustersId + name: bareMetalClustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters/{bareMetalAdminClustersId}:getIamPolicy: + - in: path + name: bareMetalNodePoolsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools:enroll: parameters: *ref_1 - get: + post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: gkeonprem.projects.locations.bareMetalAdminClusters.getIamPolicy + Enrolls an existing bare metal node pool to the Anthos On-Prem API + within a given project and location. Through enrollment, an existing + node pool will become Anthos On-Prem API managed. The corresponding GCP + resources will be created. + operationId: gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.enroll + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EnrollBareMetalNodePoolRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8272,7 +8445,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -8285,16 +8458,11 @@ paths: schema: type: string - in: path - name: bareMetalAdminClustersId + name: bareMetalClustersId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters/{bareMetalAdminClustersId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools/{bareMetalNodePoolsId}:testIamPermissions: parameters: *ref_1 post: description: >- @@ -8303,7 +8471,8 @@ paths: not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. - operationId: gkeonprem.projects.locations.bareMetalAdminClusters.testIamPermissions + operationId: >- + gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.testIamPermissions requestBody: content: application/json: @@ -8333,17 +8502,23 @@ paths: schema: type: string - in: path - name: bareMetalAdminClustersId + name: bareMetalClustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters/{bareMetalAdminClustersId}/operations: + - in: path + name: bareMetalNodePoolsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools/{bareMetalNodePoolsId}/operations: parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: gkeonprem.projects.locations.bareMetalAdminClusters.operations.list + operationId: >- + gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8368,12 +8543,17 @@ paths: schema: type: string - in: path - name: bareMetalAdminClustersId + name: bareMetalClustersId + required: true + schema: + type: string + - in: path + name: bareMetalNodePoolsId required: true schema: type: string - in: query - name: filter + name: pageToken schema: type: string - in: query @@ -8382,17 +8562,22 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/bareMetalAdminClusters/{bareMetalAdminClustersId}/operations/{operationsId}: + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/bareMetalClusters/{bareMetalClustersId}/bareMetalNodePools/{bareMetalNodePoolsId}/operations/{operationsId}: parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: gkeonprem.projects.locations.bareMetalAdminClusters.operations.get + operationId: >- + gkeonprem.projects.locations.bareMetalClusters.bareMetalNodePools.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8417,7 +8602,12 @@ paths: schema: type: string - in: path - name: bareMetalAdminClustersId + name: bareMetalClustersId + required: true + schema: + type: string + - in: path + name: bareMetalNodePoolsId required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/healthcare.yaml b/providers/src/googleapis.com/v00.00.00000/services/healthcare.yaml index 87869573..96500d31 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/healthcare.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/healthcare.yaml @@ -7,8 +7,8 @@ info: title: Cloud Healthcare API description: Manage, store, and access healthcare data in Google Cloud Platform. version: v1 - x-discovery-doc-revision: '20250724' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251117' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/healthcare servers: @@ -35,1840 +35,1233 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. + ParsedData: + description: The content of a HL7v2 message in a structured format. type: object properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array + segments: items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + $ref: '#/components/schemas/Segment' + type: array + id: ParsedData + DicomStoreMetrics: type: object + description: DicomStoreMetrics contains metrics describing a DICOM store. properties: + studyCount: + type: string + format: int64 + description: Number of studies in the store. + seriesCount: + type: string + format: int64 + description: Number of series in the store. name: + type: string description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + Resource name of the DICOM store, of the form + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/dicomStores/{dicom_store_id}`. + blobStorageSizeBytes: + format: int64 type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + description: Total blob storage bytes for all instances in the store. + structuredStorageSizeBytes: type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + description: Total structured storage bytes for all instances in the store. + format: int64 + instanceCount: type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object + format: int64 + description: Number of instances in the store. + id: DicomStoreMetrics + Hl7SchemaConfig: + description: >- + Root config message for HL7v2 schema. This contains a schema structure + of groups and segments, and filters that determine which messages to + apply the schema structure to. + id: Hl7SchemaConfig + properties: + messageSchemaConfigs: additionalProperties: - type: string - metadata: + $ref: '#/components/schemas/SchemaGroup' description: >- - Service-specific metadata. For example the available capacity at the - given location. + Map from each HL7v2 message type and trigger event pair, such as + ADT_A04, to its schema configuration root group. type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: + version: + items: + $ref: '#/components/schemas/VersionSource' description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` - type: string - format: google-fieldmask - Policy: - id: Policy + Each VersionSource is tested and only if they all match is the + schema used for the message. + type: array + type: object + Message: description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + A complete HL7v2 message. See [Introduction to HL7 Standards] + (https://www.hl7.org/implement/standards/index.cfm?ref=common) for + details on the standard. type: object properties: - version: + messageType: + description: Output only. The message type for this message. MSH-9.1. + type: string + readOnly: true + sendTime: + readOnly: true description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + Output only. The datetime the sending application sent this message. + MSH-7. + type: string + format: google-datetime + name: + type: string description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. - type: array - items: - $ref: '#/components/schemas/AuditConfig' - etag: + Output only. Resource name of the Message, of the form + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/hl7V2Stores/{hl7_v2_store_id}/messages/{message_id}`. + readOnly: true + labels: description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + User-supplied key-value pairs used to organize HL7v2 stores. Label + keys must be between 1 and 63 characters long, have a UTF-8 encoding + of maximum 128 bytes, and must conform to the following PCRE regular + expression: \p{Ll}\p{Lo}{0,62} Label values are optional, must be + between 1 and 63 characters long, have a UTF-8 encoding of maximum + 128 bytes, and must conform to the following PCRE regular + expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can + be associated with a given store. + additionalProperties: + type: string + type: object + sendFacility: + readOnly: true + type: string + description: Output only. The hospital that this message came from. MSH-4. + schematizedData: + readOnly: true + $ref: '#/components/schemas/SchematizedData' + description: >- + Output only. The parsed version of the raw message data schematized + according to this store's schemas and type definitions. + data: type: string format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. - type: object - properties: - role: + description: Required. Raw message bytes. + patientIds: + items: + $ref: '#/components/schemas/PatientId' description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + Output only. All patient IDs listed in the PID-2, PID-3, and PID-4 + segments of this message. + readOnly: true + type: array + parsedData: + $ref: '#/components/schemas/ParsedData' + description: Output only. The parsed version of the raw message data. + readOnly: true + createTime: + format: google-datetime type: string - members: description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - type: object + Output only. The datetime when the message was created. Set by the + server. + readOnly: true + id: Message + ApplyAdminConsentsResponse: properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. + affectedResources: + format: int64 type: string - title: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + The number of resources (including the Consent resources) that may + have consent access change. + failedResources: + format: int64 type: string - description: description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: + The number of resources (including the Consent resources) that + ApplyAdminConsents failed to re-index. + consentApplySuccess: + format: int64 description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + If `validate_only=false` in ApplyAdminConsentsRequest, this counter + contains the number of Consent resources that were successfully + applied. Otherwise, it is the number of Consent resources that are + supported. type: string - AuditConfig: - id: AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + id: ApplyAdminConsentsResponse type: object - properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. + Response when all admin Consent resources in scope were processed and + all affected resources were reindexed successfully. This structure will + be included in the response when the operation finishes successfully. + ExportMessagesResponse: + description: >- + Final response for the export operation. This structure is included in + the response to describe the detailed outcome. + id: ExportMessagesResponse type: object + properties: {} + DicomStore: + description: Represents a DICOM store. + id: DicomStore properties: - logType: - description: The log type that this config enables. - type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: + streamConfigs: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. + Optional. A list of streaming configs used to configure the + destination of streaming exports for every DICOM instance insertion + in this DICOM store. After a new config is added to + `stream_configs`, DICOM instance insertions are streamed to the new + destination. When a config is removed from `stream_configs`, the + server stops streaming to that destination. Each config must contain + a unique destination. type: array items: + $ref: '#/components/schemas/GoogleCloudHealthcareV1DicomStreamConfig' + labels: + type: object + additionalProperties: type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array + User-supplied key-value pairs used to organize DICOM stores. Label + keys must be between 1 and 63 characters long, have a UTF-8 encoding + of maximum 128 bytes, and must conform to the following PCRE regular + expression: \p{Ll}\p{Lo}{0,62} Label values are optional, must be + between 1 and 63 characters long, have a UTF-8 encoding of maximum + 128 bytes, and must conform to the following PCRE regular + expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can + be associated with a given store. + notificationConfigs: + description: >- + Optional. Specifies where and whether to send notifications upon + changes to a DICOM store. items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. + $ref: '#/components/schemas/DicomNotificationConfig' + type: array + name: + description: >- + Identifier. Resource name of the DICOM store, of the form + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/dicomStores/{dicom_store_id}`. + type: string + notificationConfig: + description: >- + Optional. Notification destination for new DICOM instances. Supplied + by the client. + $ref: '#/components/schemas/NotificationConfig' + type: object + ListMessagesResponse: + id: ListMessagesResponse type: object properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array + hl7V2Messages: items: - type: string - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object - properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. + $ref: '#/components/schemas/Message' type: array - items: - $ref: '#/components/schemas/Operation' + description: >- + The returned Messages. Won't be more Messages than the value of + page_size in the request. See view for populated fields. nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + Token to retrieve the next page of results or empty if there are no + more results in the list. type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object + description: Lists the messages in the specified HL7v2 store. + DeidentifyDatasetRequest: properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + config: + $ref: '#/components/schemas/DeidentifyConfig' description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + Deidentify configuration. Only one of `config` and `gcs_config_uri` + can be specified. + destinationDataset: + description: >- + Required. The name of the dataset resource to create and write the + redacted data to. * The destination dataset must not exist. * The + destination dataset must be in the same location as the source + dataset. De-identifying data across multiple locations is not + supported. type: string - details: + gcsConfigUri: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. + Cloud Storage location to read the JSON + cloud.healthcare.deidentify.DeidentifyConfig from, overriding the + default config. Must be of the form + `gs://{bucket_id}/path/to/object`. The Cloud Storage location must + grant the Cloud IAM role `roles/storage.objectViewer` to the + project's Cloud Healthcare Service Agent service account. Only one + of `config` and `gcs_config_uri` can be specified. + type: string + description: Redacts identifying information from the specified dataset. type: object - properties: {} - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: DeidentifyDatasetRequest + ImportMessagesResponse: type: object + id: ImportMessagesResponse + description: >- + Final response of importing messages. This structure is included in the + response to describe the detailed outcome. It is only included when the + operation finishes successfully. properties: {} - ConsentStore: - id: ConsentStore - description: Represents a consent store. + SetBlobStorageSettingsRequest: type: object + id: SetBlobStorageSettingsRequest properties: - name: + blobStorageSettings: description: >- - Identifier. Resource name of the consent store, of the form - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}`. - Cannot be changed after creation. - type: string - defaultConsentTtl: + The blob storage settings to update for the specified resources. + Only fields listed in `update_mask` are applied. + $ref: '#/components/schemas/BlobStorageSettings' + filterConfig: + $ref: '#/components/schemas/DicomFilterConfig' description: >- - Optional. Default time to live for Consents created in this store. - Must be at least 24 hours. Updating this field will not affect the - expiration time of existing consents. - type: string - format: google-duration - labels: + Optional. A filter configuration. If `filter_config` is specified, + set the value of `resource` to the resource name of a DICOM store in + the format + `projects/{projectID}/locations/{locationID}/datasets/{datasetID}/dicomStores/{dicomStoreID}`. + description: Request message for `SetBlobStorageSettings` method. + Segment: + id: Segment + properties: + fields: description: >- - Optional. User-supplied key-value pairs used to organize consent - stores. Label keys must be between 1 and 63 characters long, have a - UTF-8 encoding of maximum 128 bytes, and must conform to the - following PCRE regular expression: \p{Ll}\p{Lo}{0,62}. Label values - must be between 1 and 63 characters long, have a UTF-8 encoding of - maximum 128 bytes, and must conform to the following PCRE regular - expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63}. No more than 64 labels can - be associated with a given store. For more information: - https://cloud.google.com/healthcare/docs/how-tos/labeling-resources + A mapping from the positional location to the value. The key string + uses zero-based indexes separated by dots to identify Fields, + components and sub-components. A bracket notation is also used to + identify different instances of a repeated field. Regex for key: + (\d+)(\[\d+\])?(.\d+)?(.\d+)? Examples of (key, value) pairs: * + (0.1, "hemoglobin") denotes that the first component of Field 0 has + the value "hemoglobin". * (1.1.2, "CBC") denotes that the second + sub-component of the first component of Field 1 has the value "CBC". + * (1[0].1, "HbA1c") denotes that the first component of the first + Instance of Field 1, which is repeated, has the value "HbA1c". type: object additionalProperties: type: string - enableConsentCreateOnUpdate: + segmentId: + type: string description: >- - Optional. If `true`, UpdateConsent creates the Consent if it does - not already exist. If unspecified, defaults to `false`. - type: boolean - ListConsentStoresResponse: - id: ListConsentStoresResponse + A string that indicates the type of segment. For example, EVN or + PID. + setId: + type: string + description: >- + Set ID for segments that can be in a set. This can be empty if it's + missing or isn't applicable. type: object + description: A segment in a structured format. + ImportMessagesRequest: properties: - consentStores: - description: >- - The returned consent stores. The maximum number of stores returned - is determined by the value of page_size in the - ListConsentStoresRequest. - type: array - items: - $ref: '#/components/schemas/ConsentStore' - nextPageToken: + gcsSource: description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string - AttributeDefinition: - id: AttributeDefinition - description: A client-defined consent attribute. + Cloud Storage source data location and import configuration. The + Cloud Healthcare Service Agent requires the + `roles/storage.objectViewer` Cloud IAM roles on the Cloud Storage + location. + $ref: '#/components/schemas/GcsSource' type: object + id: ImportMessagesRequest + description: Request to import messages. + SetIamPolicyRequest: + description: Request message for `SetIamPolicy` method. + id: SetIamPolicyRequest properties: - name: - description: >- - Identifier. Resource name of the Attribute definition, of the form - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/attributeDefinitions/{attribute_definition_id}`. - Cannot be changed after creation. - type: string - description: - description: Optional. A description of the attribute. + updateMask: type: string - category: description: >- - Required. The category of the attribute. The value of this field - cannot be changed after creation. - type: string - enumDescriptions: - - No category specified. This option is invalid. - - >- - Specify this category when this attribute describes the properties - of resources. For example, data anonymity or data type. - - >- - Specify this category when this attribute describes the properties - of requests. For example, requester's role or requester's - organization. - enum: - - CATEGORY_UNSPECIFIED - - RESOURCE - - REQUEST - allowedValues: - description: >- - Required. Possible values for the attribute. The number of allowed - values must not exceed 500. An empty list is invalid. The list can - only be expanded after creation. - type: array - items: - type: string - consentDefaultValues: - description: >- - Optional. Default values of the attribute in Consents. If no default - values are specified, it defaults to an empty value. - type: array - items: - type: string - dataMappingDefaultValue: + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + format: google-fieldmask + policy: description: >- - Optional. Default value of the attribute in User data mappings. If - no default value is specified, it defaults to an empty value. This - field is only applicable to attributes of the category `RESOURCE`. - type: string - ListAttributeDefinitionsResponse: - id: ListAttributeDefinitionsResponse + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' type: object - properties: - attributeDefinitions: - description: >- - The returned Attribute definitions. The maximum number of attributes - returned is determined by the value of page_size in the - ListAttributeDefinitionsRequest. - type: array - items: - $ref: '#/components/schemas/AttributeDefinition' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string - ConsentArtifact: - id: ConsentArtifact - description: Documentation of a user's consent. + DicomConfig: type: object properties: - name: + removeList: + description: List of tags to remove. Keep all other tags. + $ref: '#/components/schemas/TagFilterList' + skipIdRedaction: + type: boolean description: >- - Identifier. Resource name of the Consent artifact, of the form - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consentArtifacts/{consent_artifact_id}`. - Cannot be changed after creation. - type: string - userId: - description: Required. User's UUID provided by the client. + Optional. If true, skip replacing StudyInstanceUID, + SeriesInstanceUID, SOPInstanceUID, and MediaStorageSOPInstanceUID + and leave them untouched. The Cloud Healthcare API regenerates these + UIDs by default based on the DICOM Standard's reasoning: "Whilst + these UIDs cannot be mapped directly to an individual out of + context, given access to the original images, or to a database of + the original images containing the UIDs, it would be possible to + recover the individual's identity." + https://dicom.nema.org/medical/dicom/current/output/chtml/part15/sect_E.3.9.html + filterProfile: type: string - userSignature: - description: Optional. User's signature. - $ref: '#/components/schemas/Signature' - guardianSignature: - description: Optional. A signature from a guardian. - $ref: '#/components/schemas/Signature' - witnessSignature: - description: Optional. A signature from a witness. - $ref: '#/components/schemas/Signature' - consentContentScreenshots: - description: >- - Optional. Screenshots, PDFs, or other binary information documenting - the user's consent. - type: array - items: - $ref: '#/components/schemas/Image' - consentContentVersion: - description: >- - Optional. An string indicating the version of the consent - information shown to the user. + enumDescriptions: + - No tag filtration profile provided. Same as KEEP_ALL_PROFILE. + - Keep only tags required to produce valid DICOM. + - >- + Remove tags based on DICOM Standard's Attribute Confidentiality + Basic Profile (DICOM Standard Edition 2018e) + https://dicom.nema.org/medical/dicom/2018e/output/chtml/part15/chapter_E.html. + - Keep all tags. + - >- + Inspects within tag contents and replaces sensitive text. The + process can be configured using the TextConfig. Applies to all + tags with the following Value Representation names: AE, LO, LT, + PN, SH, ST, UC, UT, DA, DT, AS + description: Tag filtering profile that determines which tags to keep/remove. + enum: + - TAG_FILTER_PROFILE_UNSPECIFIED + - MINIMAL_KEEP_LIST_PROFILE + - ATTRIBUTE_CONFIDENTIALITY_BASIC_PROFILE + - KEEP_ALL_PROFILE + - DEIDENTIFY_TAG_CONTENTS + keepList: + $ref: '#/components/schemas/TagFilterList' + description: List of tags to keep. Remove all other tags. + id: DicomConfig + description: Specifies the parameters needed for de-identification of DICOM stores. + DicomNotificationConfig: + id: DicomNotificationConfig + properties: + pubsubTopic: type: string - metadata: description: >- - Optional. Metadata associated with the Consent artifact. For - example, the consent locale or user agent version. - type: object - additionalProperties: - type: string - Signature: - id: Signature - description: User signature. + Required. The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic + that notifications of changes are published on. Supplied by the + client. The notification is a `PubsubMessage` with the following + fields: * `PubsubMessage.Data` contains the resource name. * + `PubsubMessage.MessageId` is the ID of this notification. It is + guaranteed to be unique within the topic. * + `PubsubMessage.PublishTime` is the time when the message was + published. * `PubsubMessage.Attributes` contains the following + attributes: * `action`: The name of the endpoint that generated the + notification. Possible values are `StoreInstances`, + `SetBlobSettings`, `ImportDicomData`, etc. * `lastUpdatedTime`: The + latest timestamp when the DICOM instance was updated. * `storeName`: + The resource name of the DICOM store, of the form + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/dicomStores/{dicom_store_id}`. + * `studyInstanceUID`: The study UID of the DICOM instance that was + changed. * `seriesInstanceUID`: The series UID of the DICOM instance + that was changed. * `sopInstanceUID`: The instance UID of the DICOM + instance that was changed. * `versionId`: The version ID of the + DICOM instance that was changed. * `modality`: The modality tag of + the DICOM instance that was changed. * `previousStorageClass`: The + storage class where the DICOM instance was previously stored if the + storage class was changed. * `storageClass`: The storage class where + the DICOM instance is currently stored. Note that notifications are + only sent if the topic is non-empty. [Topic + names](https://cloud.google.com/pubsub/docs/overview#names) must be + scoped to a project. The Cloud Healthcare API service account, + service-@gcp-sa-healthcare.iam.gserviceaccount.com, must have the + `pubsub.topics.publish` permission (which is typically included in + `roles/pubsub.publisher` role) on the given Pub/Sub topic. Not + having adequate permissions causes the calls that send notifications + to fail + (https://cloud.google.com/healthcare-api/docs/permissions-healthcare-api-gcp-products#dicom_fhir_and_hl7v2_store_cloud_pubsub_permissions). + If a notification can't be published to Pub/Sub, errors are logged + to Cloud Logging. For more information, see [Viewing error logs in + Cloud + Logging](https://cloud.google.com/healthcare-api/docs/how-tos/logging). + type: object + description: Contains the configuration for DICOM notifications. + CreateMessageRequest: type: object properties: - userId: - description: Required. User's UUID provided by the client. + message: + $ref: '#/components/schemas/Message' + description: Required. HL7v2 message. + id: CreateMessageRequest + description: Creates a new message. + ListFhirStoresResponse: + type: object + properties: + nextPageToken: type: string - image: - description: Optional. An image of the user's signature. - $ref: '#/components/schemas/Image' - metadata: description: >- - Optional. Metadata associated with the user's signature. For - example, the user's name or the user's title. - type: object - additionalProperties: - type: string - signatureTime: - description: Optional. Timestamp of the signature. - type: string - format: google-datetime - Image: - id: Image - description: Raw bytes representing consent artifact content. + Token to retrieve the next page of results or empty if there are no + more results in the list. + fhirStores: + items: + $ref: '#/components/schemas/FhirStore' + description: >- + The returned FHIR stores. Won't be more FHIR stores than the value + of page_size in the request. + type: array + description: Lists the FHIR stores in the given dataset. + id: ListFhirStoresResponse + ExportDicomDataResponse: + id: ExportDicomDataResponse type: object + properties: {} + description: >- + Returns additional information in regards to a completed DICOM store + export. + FhirStoreMetric: + description: >- + Count of resources and total storage size by type for a given FHIR + store. properties: - rawBytes: + structuredStorageSizeBytes: description: >- - Consent artifact content represented as a stream of bytes. This - field is populated when returned in GetConsentArtifact response, but - not included in CreateConsentArtifact and ListConsentArtifact - response. + The total amount of structured storage used by FHIR resources of + this resource type in the store. + format: int64 + type: string + resourceType: + description: The FHIR resource type this metric applies to. + type: string + count: type: string - format: byte - gcsUri: description: >- - Input only. Points to a Cloud Storage URI containing the consent - artifact content. The URI must be in the following format: - `gs://{bucket_id}/{object_id}`. The Cloud Healthcare API service - account must have the `roles/storage.objectViewer` Cloud IAM role - for this Cloud Storage location. The consent artifact content at - this URI is copied to a Cloud Storage location managed by the Cloud - Healthcare API. Responses to fetching requests return the consent - artifact content in raw_bytes. + The total count of FHIR resources in the store of this resource + type. + format: int64 + versionedStorageSizeBytes: + description: >- + The total amount of versioned storage used by versioned FHIR + resources of this resource type in the store. + format: int64 type: string - ListConsentArtifactsResponse: - id: ListConsentArtifactsResponse + type: object + id: FhirStoreMetric + SchemaPackage: + description: A schema package contains a set of schemas and type definitions. + id: SchemaPackage type: object properties: - consentArtifacts: + ignoreMinOccurs: description: >- - The returned Consent artifacts. The maximum number of artifacts - returned is determined by the value of page_size in the - ListConsentArtifactsRequest. + Optional. Flag to ignore all min_occurs restrictions in the schema. + This means that incoming messages can omit any group, segment, + field, component, or subcomponent. + type: boolean + schemas: type: array - items: - $ref: '#/components/schemas/ConsentArtifact' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string - Consent: - id: Consent - description: Represents a user's consent. - type: object - properties: - name: - description: >- - Identifier. Resource name of the Consent, of the form - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consents/{consent_id}`. - Cannot be changed after creation. - type: string - revisionId: description: >- - Output only. The revision ID of the Consent. The format is an - 8-character hexadecimal string. Refer to a specific revision of a - Consent by appending `@{revision_id}` to the Consent's resource - name. - readOnly: true - type: string - revisionCreateTime: - description: Output only. The timestamp that the revision was created. - readOnly: true - type: string - format: google-datetime - userId: - description: Required. User's UUID provided by the client. - type: string - policies: + Optional. Schema configs that are layered based on their + VersionSources that match the incoming message. Schema configs + present in higher indices override those in lower indices with the + same message type and trigger event if their VersionSources all + match an incoming message. + items: + $ref: '#/components/schemas/Hl7SchemaConfig' + types: description: >- - Optional. Represents a user's consent in terms of the resources that - can be accessed and under what conditions. + Optional. Schema type definitions that are layered based on their + VersionSources that match the incoming message. Type definitions + present in higher indices override those in lower indices with the + same type name if their VersionSources all match an incoming + message. type: array items: - $ref: '#/components/schemas/GoogleCloudHealthcareV1ConsentPolicy' - consentArtifact: - description: >- - Required. The resource name of the Consent artifact that contains - proof of the end user's consent, of the form - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consentArtifacts/{consent_artifact_id}`. - type: string - state: - description: Required. Indicates the current state of this Consent. + $ref: '#/components/schemas/Hl7TypesConfig' + schematizedParsingType: type: string + description: Optional. Determines how messages that fail to parse are handled. + enum: + - SCHEMATIZED_PARSING_TYPE_UNSPECIFIED + - SOFT_FAIL + - HARD_FAIL enumDescriptions: + - Unspecified schematized parsing type, equivalent to `SOFT_FAIL`. - >- - No state specified. Treated as ACTIVE only at the time of resource - creation. - - >- - The Consent is active and is considered when evaluating a user's - consent on resources. - - The archived state is currently not being used. - - >- - A revoked Consent is not considered when evaluating a user's - consent on resources. - - >- - A draft Consent is not considered when evaluating a user's consent - on resources unless explicitly specified. + Messages that fail to parse are still stored and ACKed but a + parser error is stored in place of the schematized data. - >- - When a draft Consent is rejected by a user, it is set to a - rejected state. A rejected Consent is not considered when - evaluating a user's consent on resources. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - ARCHIVED - - REVOKED - - DRAFT - - REJECTED - expireTime: - description: Timestamp in UTC of when this Consent is considered expired. - type: string - format: google-datetime - ttl: - description: >- - Input only. The time to live for this Consent from when it is - created. + Messages that fail to parse are rejected from ingestion/insertion + and return an error code. + unexpectedSegmentHandling: type: string - format: google-duration - metadata: description: >- - Optional. User-supplied key-value pairs used to organize Consent - resources. Metadata keys must: - be between 1 and 63 characters long - - have a UTF-8 encoding of maximum 128 bytes - begin with a letter - - consist of up to 63 characters including lowercase letters, numeric - characters, underscores, and dashes Metadata values must be: - be - between 1 and 63 characters long - have a UTF-8 encoding of maximum - 128 bytes - consist of up to 63 characters including lowercase - letters, numeric characters, underscores, and dashes No more than 64 - metadata entries can be associated with a given consent. - type: object - additionalProperties: - type: string - GoogleCloudHealthcareV1ConsentPolicy: - id: GoogleCloudHealthcareV1ConsentPolicy - description: >- - Represents a user's consent in terms of the resources that can be - accessed and under what conditions. + Optional. Determines how unexpected segments (segments not matched + to the schema) are handled. + enum: + - UNEXPECTED_SEGMENT_HANDLING_MODE_UNSPECIFIED + - FAIL + - SKIP + - PARSE + enumDescriptions: + - Unspecified handling mode, equivalent to FAIL. + - Unexpected segments fail to parse and return an error. + - Unexpected segments do not fail, but are omitted from the output. + - >- + Unexpected segments do not fail, but are parsed in place and added + to the current group. If a segment has a type definition, it is + used, otherwise it is parsed as VARIES. + AnalyzeEntitiesResponse: + id: AnalyzeEntitiesResponse type: object + description: Includes recognized entity mentions and relationships between them. properties: - resourceAttributes: + entityMentions: + type: array description: >- - The resources that this policy applies to. A resource is a match if - it matches all the attributes listed here. If empty, this policy - applies to all User data mappings for the given user. + The `entity_mentions` field contains all the annotated medical + entities that were mentioned in the provided document. + items: + $ref: '#/components/schemas/EntityMention' + relationships: type: array items: - $ref: '#/components/schemas/Attribute' - authorizationRule: + $ref: '#/components/schemas/EntityMentionRelationship' description: >- - Required. The request conditions to meet to grant access. In - addition to any supported comparison operators, authorization rules - may have `IN` operator as well as at most 10 logical operators that - are limited to `AND` (`&&`), `OR` (`||`). - $ref: '#/components/schemas/Expr' - Attribute: - id: Attribute - description: >- - An attribute value for a Consent or User data mapping. Each Attribute - must have a corresponding AttributeDefinition in the consent store that - defines the default and allowed values. - type: object - properties: - attributeDefinitionId: - description: Indicates the name of an attribute defined in the consent store. + relationships contains all the binary relationships that were + identified between entity mentions within the provided document. + fhirBundle: + description: >- + The FHIR bundle ([`R4`](http://hl7.org/fhir/R4/bundle.html)) that + includes all the entities, the entity mentions, and the + relationships in JSON format. type: string - values: + entities: + items: + $ref: '#/components/schemas/Entity' description: >- - Required. The value of the attribute. Must be an acceptable value as - defined in the consent store. For example, if the consent store - defines "data type" with acceptable values "questionnaire" and - "step-count", when the attribute name is data type, this field must - contain one of those values. + The union of all the candidate entities that the entity_mentions in + this response could link to. These are UMLS concepts or normalized + mention content. type: array - items: - type: string - ActivateConsentRequest: - id: ActivateConsentRequest + Policy: description: >- - Activates the latest revision of the specified Consent by committing a - new revision with `state` updated to `ACTIVE`. If the latest revision of - the given Consent is in the `ACTIVE` state, no new revision is - committed. A FAILED_PRECONDITION error occurs if the latest revision of - the given consent is in the `REJECTED` or `REVOKED` state. - type: object + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). properties: - consentArtifact: + bindings: description: >- - Required. The resource name of the Consent artifact that contains - documentation of the user's consent, of the form - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consentArtifacts/{consent_artifact_id}`. - If the draft Consent had a Consent artifact, this Consent artifact - overwrites it. - type: string - expireTime: - description: Timestamp in UTC of when this Consent is considered expired. - type: string - format: google-datetime - ttl: - description: The time to live for this Consent from when it is marked as active. - type: string - format: google-duration - RejectConsentRequest: - id: RejectConsentRequest - description: >- - Rejects the latest revision of the specified Consent by committing a new - revision with `state` updated to `REJECTED`. If the latest revision of - the given Consent is in the `REJECTED` state, no new revision is - committed. - type: object - properties: - consentArtifact: - description: >- - Optional. The resource name of the Consent artifact that contains - documentation of the user's rejection of the draft Consent, of the - form - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consentArtifacts/{consent_artifact_id}`. - If the draft Consent had a Consent artifact, this Consent artifact - overwrites it. - type: string - ListConsentsResponse: - id: ListConsentsResponse - type: object - properties: - consents: - description: >- - The returned Consents. The maximum number of Consents returned is - determined by the value of page_size in the ListConsentsRequest. - type: array - items: - $ref: '#/components/schemas/Consent' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string - ListConsentRevisionsResponse: - id: ListConsentRevisionsResponse - type: object - properties: - consents: - description: >- - The returned Consent revisions. The maximum number of revisions - returned is determined by the value of `page_size` in the - ListConsentRevisionsRequest. - type: array + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. items: - $ref: '#/components/schemas/Consent' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string - RevokeConsentRequest: - id: RevokeConsentRequest - description: >- - Revokes the latest revision of the specified Consent by committing a new - revision with `state` updated to `REVOKED`. If the latest revision of - the given Consent is in the `REVOKED` state, no new revision is - committed. - type: object - properties: - consentArtifact: - description: >- - Optional. The resource name of the Consent artifact that contains - proof of the user's revocation of the Consent, of the form - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consentArtifacts/{consent_artifact_id}`. - type: string - UserDataMapping: - id: UserDataMapping - description: Maps a resource to the associated user and Attributes. - type: object - properties: - name: - description: >- - Resource name of the User data mapping, of the form - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/userDataMappings/{user_data_mapping_id}`. - type: string - dataId: - description: Required. A unique identifier for the mapped resource. - type: string - userId: - description: Required. User's UUID provided by the client. - type: string - resourceAttributes: - description: >- - Attributes of the resource. Only explicitly set attributes are - displayed here. Attribute definitions with defaults set implicitly - apply to these User data mappings. Attributes listed here must be - single valued, that is, exactly one value is specified for the field - "values" in each Attribute. + $ref: '#/components/schemas/Binding' type: array - items: - $ref: '#/components/schemas/Attribute' - archived: - description: Output only. Indicates whether this mapping is archived. - readOnly: true - type: boolean - archiveTime: - description: Output only. Indicates the time when this mapping was archived. - readOnly: true - type: string - format: google-datetime - ListUserDataMappingsResponse: - id: ListUserDataMappingsResponse - type: object - properties: - userDataMappings: - description: >- - The returned User data mappings. The maximum number of User data - mappings returned is determined by the value of page_size in the - ListUserDataMappingsRequest. + auditConfigs: type: array items: - $ref: '#/components/schemas/UserDataMapping' - nextPageToken: + $ref: '#/components/schemas/AuditConfig' + description: Specifies cloud audit logging configuration for this policy. + etag: description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. type: string - ArchiveUserDataMappingRequest: - id: ArchiveUserDataMappingRequest - description: Archives the specified User data mapping. - type: object - properties: {} - ArchiveUserDataMappingResponse: - id: ArchiveUserDataMappingResponse - description: Archives the specified User data mapping. + format: byte + version: + type: integer + format: int32 + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). type: object - properties: {} - CheckDataAccessRequest: - id: CheckDataAccessRequest + id: Policy + EvaluateUserConsentsRequest: description: >- - Checks if a particular data_id of a User data mapping in the given - consent store is consented for a given use. - type: object + Evaluate a user's Consents for all matching User data mappings. Note: + User data mappings are indexed asynchronously, causing slight delays + between the time mappings are created or updated and when they are + included in EvaluateUserConsents results. properties: - dataId: - description: >- - Required. The unique identifier of the resource to check access for. - This identifier must correspond to a User data mapping in the given - consent store. - type: string - requestAttributes: - description: >- - The values of request attributes associated with this access - request. - type: object - additionalProperties: - type: string - consentList: - description: >- - Optional. Specific Consents to evaluate the access request against. - These Consents must have the same `user_id` as the evaluated User - data mapping, must exist in the current `consent_store`, and have a - `state` of either `ACTIVE` or `DRAFT`. A maximum of 100 Consents can - be provided here. If no selection is specified, the access request - is evaluated against all `ACTIVE` unexpired Consents with the same - `user_id` as the evaluated User data mapping. - $ref: '#/components/schemas/ConsentList' responseView: + type: string description: >- - Optional. The view for CheckDataAccessResponse. If unspecified, + Optional. The view for EvaluateUserConsentsResponse. If unspecified, defaults to `BASIC` and returns `consented` as `TRUE` or `FALSE`. - type: string enumDescriptions: - >- No response view specified. The API will default to the BASIC view. - >- - Only the `consented` field is populated in - CheckDataAccessResponse. + Only the `data_id` and `consented` fields are populated in the + response. - >- - All fields within CheckDataAccessResponse are populated. When set - to `FULL`, all `ACTIVE` Consents are evaluated even if a matching - policy is found during evaluation. + All fields within the response are populated. When set to `FULL`, + all `ACTIVE` Consents are evaluated even if a matching policy is + found during evaluation. enum: - RESPONSE_VIEW_UNSPECIFIED - BASIC - FULL - ConsentList: - id: ConsentList - description: List of resource names of Consent resources. - type: object - properties: - consents: - description: >- - The resource names of the Consents to evaluate against, of the form - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consents/{consent_id}`. - type: array - items: - type: string - CheckDataAccessResponse: - id: CheckDataAccessResponse - description: >- - Checks if a particular data_id of a User data mapping in the given - consent store is consented for a given use. - type: object - properties: - consented: - description: Whether the requested resource is consented for the given use. - type: boolean - consentDetails: + pageSize: description: >- - The resource names of all evaluated Consents mapped to their - evaluation. - type: object - additionalProperties: - $ref: '#/components/schemas/ConsentEvaluation' - ConsentEvaluation: - id: ConsentEvaluation - description: The detailed evaluation of a particular Consent. - type: object - properties: - evaluationResult: - description: The evaluation result. + Optional. Limit on the number of User data mappings to return in a + single response. If not specified, 100 is used. May not be larger + than 1000. + format: int32 + type: integer + userId: + description: Required. User ID to evaluate consents for. type: string - enumDescriptions: - - No evaluation result specified. This option is invalid. - - >- - The Consent is not applicable to the requested access - determination. For example, the Consent does not apply to the user - for which the access determination is requested, or it has a - `state` of `REVOKED`, or it has expired. - - >- - The Consent does not have a policy that matches the - `resource_attributes` of the evaluated resource. - - >- - The Consent has at least one policy that matches the - `resource_attributes` of the evaluated resource, but no - `authorization_rule` was satisfied. - - >- - The Consent has at least one policy that matches the - `resource_attributes` of the evaluated resource, and at least one - `authorization_rule` was satisfied. - enum: - - EVALUATION_RESULT_UNSPECIFIED - - NOT_APPLICABLE - - NO_MATCHING_POLICY - - NO_SATISFIED_POLICY - - HAS_SATISFIED_POLICY - QueryAccessibleDataRequest: - id: QueryAccessibleDataRequest - description: >- - Queries all data_ids that are consented for a given use in the given - consent store and writes them to a specified destination. The returned - Operation includes a progress counter for the number of User data - mappings processed. Errors are logged to Cloud Logging (see [Viewing - error logs in Cloud Logging] - (https://cloud.google.com/healthcare/docs/how-tos/logging) and - [QueryAccessibleData] for a sample log entry). - type: object - properties: - gcsDestination: - description: >- - The Cloud Storage destination. The Cloud Healthcare API service - account must have the `roles/storage.objectAdmin` Cloud IAM role for - this Cloud Storage location. - $ref: '#/components/schemas/GoogleCloudHealthcareV1ConsentGcsDestination' - resourceAttributes: - description: >- - Optional. The values of resource attributes associated with the type - of resources being requested. If no values are specified, then all - resource types are included in the output. - type: object - additionalProperties: - type: string - requestAttributes: - description: >- - The values of request attributes associated with this access - request. - type: object - additionalProperties: - type: string - GoogleCloudHealthcareV1ConsentGcsDestination: - id: GoogleCloudHealthcareV1ConsentGcsDestination - description: The Cloud Storage location for export. - type: object - properties: - uriPrefix: + consentList: description: >- - URI for a Cloud Storage directory where the server writes result - files, in the format `gs://{bucket-id}/{path/to/destination/dir}`. - If there is no trailing slash, the service appends one when - composing the object path. The user is responsible for creating the - Cloud Storage bucket and directory referenced in `uri_prefix`. - type: string - EvaluateUserConsentsRequest: - id: EvaluateUserConsentsRequest - description: >- - Evaluate a user's Consents for all matching User data mappings. Note: - User data mappings are indexed asynchronously, causing slight delays - between the time mappings are created or updated and when they are - included in EvaluateUserConsents results. - type: object - properties: - userId: - description: Required. User ID to evaluate consents for. - type: string + Optional. Specific Consents to evaluate the access request against. + These Consents must have the same `user_id` as the User data + mappings being evalauted, must exist in the current `consent_store`, + and must have a `state` of either `ACTIVE` or `DRAFT`. A maximum of + 100 Consents can be provided here. If unspecified, all `ACTIVE` + unexpired Consents in the current `consent_store` will be evaluated. + $ref: '#/components/schemas/ConsentList' resourceAttributes: description: >- Optional. The values of resource attributes associated with the resources being requested. If no values are specified, then all resources are queried. - type: object additionalProperties: type: string + type: object requestAttributes: + type: object description: >- Required. The values of request attributes associated with this access request. - type: object additionalProperties: type: string - consentList: - description: >- - Optional. Specific Consents to evaluate the access request against. - These Consents must have the same `user_id` as the User data - mappings being evalauted, must exist in the current `consent_store`, - and must have a `state` of either `ACTIVE` or `DRAFT`. A maximum of - 100 Consents can be provided here. If unspecified, all `ACTIVE` - unexpired Consents in the current `consent_store` will be evaluated. - $ref: '#/components/schemas/ConsentList' - responseView: - description: >- - Optional. The view for EvaluateUserConsentsResponse. If unspecified, - defaults to `BASIC` and returns `consented` as `TRUE` or `FALSE`. - type: string - enumDescriptions: - - >- - No response view specified. The API will default to the BASIC - view. - - >- - Only the `data_id` and `consented` fields are populated in the - response. - - >- - All fields within the response are populated. When set to `FULL`, - all `ACTIVE` Consents are evaluated even if a matching policy is - found during evaluation. - enum: - - RESPONSE_VIEW_UNSPECIFIED - - BASIC - - FULL - pageSize: - description: >- - Optional. Limit on the number of User data mappings to return in a - single response. If not specified, 100 is used. May not be larger - than 1000. - type: integer - format: int32 pageToken: description: >- Optional. Token to retrieve the next page of results, or empty to get the first page. type: string - EvaluateUserConsentsResponse: - id: EvaluateUserConsentsResponse type: object - properties: - results: - description: The consent evaluation result for each `data_id`. - type: array - items: - $ref: '#/components/schemas/Result' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. This token is valid for 72 hours after it - is created. - type: string - Result: - id: Result - description: The consent evaluation result for a single `data_id`. + id: EvaluateUserConsentsRequest + Hl7V2Store: + id: Hl7V2Store type: object properties: - dataId: - description: The unique identifier of the evaluated resource. - type: string - consented: - description: Whether the resource is consented for the given use. - type: boolean - consentDetails: + parserConfig: description: >- - The resource names of all evaluated Consents mapped to their - evaluation. + Optional. The configuration for the parser. It determines how the + server parses the messages. + $ref: '#/components/schemas/ParserConfig' + labels: type: object - additionalProperties: - $ref: '#/components/schemas/ConsentEvaluation' - DeidentifyFhirStoreRequest: - id: DeidentifyFhirStoreRequest - description: Creates a new FHIR store with sensitive information de-identified. - type: object - properties: - destinationStore: description: >- - Required. The name of the FHIR store to create and write the - redacted data to. For example, - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`. - * The destination dataset must exist. * The source dataset and - destination dataset must both reside in the same location. - De-identifying data across multiple locations is not supported. * - The destination FHIR store must exist. * The caller must have the - healthcare.fhirResources.update permission to write to the - destination FHIR store. + User-supplied key-value pairs used to organize HL7v2 stores. Label + keys must be between 1 and 63 characters long, have a UTF-8 encoding + of maximum 128 bytes, and must conform to the following PCRE regular + expression: \p{Ll}\p{Lo}{0,62} Label values are optional, must be + between 1 and 63 characters long, have a UTF-8 encoding of maximum + 128 bytes, and must conform to the following PCRE regular + expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can + be associated with a given store. + additionalProperties: + type: string + name: type: string - config: - description: >- - Deidentify configuration. Only one of `config` and `gcs_config_uri` - can be specified. - $ref: '#/components/schemas/DeidentifyConfig' - gcsConfigUri: description: >- - Cloud Storage location to read the JSON - cloud.healthcare.deidentify.DeidentifyConfig from, overriding the - default config. Must be of the form - `gs://{bucket_id}/path/to/object`. The Cloud Storage location must - grant the Cloud IAM role `roles/storage.objectViewer` to the - project's Cloud Healthcare Service Agent service account. Only one - of `config` and `gcs_config_uri` can be specified. - type: string - resourceFilter: + Identifier. Resource name of the HL7v2 store, of the form + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/hl7V2Stores/{hl7v2_store_id}`. + notificationConfigs: + type: array + items: + $ref: '#/components/schemas/Hl7V2NotificationConfig' description: >- - A filter specifying the resources to include in the output. If not - specified, all resources are included in the output. - $ref: '#/components/schemas/FhirFilter' - skipModifiedResources: + Optional. A list of notification configs. Each configuration uses a + filter to determine whether to publish a message (both Ingest & + Create) on the corresponding notification destination. Only the + message name is sent as part of the notification. Supplied by the + client. + rejectDuplicateMessage: description: >- - If true, skips resources that are created or modified after the - de-identify operation is created. + Optional. Determines whether to reject duplicate messages. A + duplicate message is a message with the same raw bytes as a message + that has already been ingested/created in this HL7v2 store. The + default value is false, meaning that the store accepts the duplicate + messages and it also returns the same ACK message in the + IngestMessageResponse as has been returned previously. Note that + only one resource is created in the store. When this field is set to + true, CreateMessage/IngestMessage requests with a duplicate message + will be rejected by the store, and IngestMessageErrorDetail returns + a NACK message upon rejection. type: boolean - DeidentifyConfig: - id: DeidentifyConfig - description: >- - Configures de-id options specific to different types of content. Each - submessage customizes the handling of an - https://tools.ietf.org/html/rfc6838 media type or subtype. Configs are - applied in a nested manner at runtime. + description: Represents an HL7v2 store. + ExportResourcesRequest: + description: Request to export resources. type: object + id: ExportResourcesRequest properties: - dicom: - description: Optional. Configures de-id of application/DICOM content. - $ref: '#/components/schemas/DicomConfig' - fhir: - description: Optional. Configures de-id of application/FHIR content. - $ref: '#/components/schemas/FhirConfig' - image: - description: >- - Optional. Configures de-identification of image pixels wherever they - are found in the source_dataset. - $ref: '#/components/schemas/ImageConfig' - text: + _since: description: >- - Optional. Configures de-identification of text wherever it is found - in the source_dataset. - $ref: '#/components/schemas/TextConfig' - useRegionalDataProcessing: + If provided, only resources updated after this time are exported. + The time uses the format YYYY-MM-DDThh:mm:ss.sss+zz:zz. For example, + `2015-02-07T13:28:17.239+02:00` or `2017-01-01T00:00:00Z`. The time + must be specified to the second and include a time zone. + type: string + gcsDestination: description: >- - Optional. Ensures in-flight data remains in the region of origin - during de-identification. The default value is false. Using this - option results in a significant reduction of throughput, and is not - compatible with `LOCATION` or `ORGANIZATION_NAME` infoTypes. - `LOCATION` must be excluded within TextConfig, and must also be - excluded within ImageConfig if image redaction is required. - type: boolean - DicomConfig: - id: DicomConfig - description: Specifies the parameters needed for de-identification of DICOM stores. - type: object - properties: - skipIdRedaction: + The Cloud Storage output destination. The Healthcare Service Agent + account requires the `roles/storage.objectAdmin` role on the Cloud + Storage location. The exported outputs are organized by FHIR + resource types. The server creates one object per resource type. + Each object contains newline delimited JSON, and each line is a FHIR + resource. + $ref: '#/components/schemas/GoogleCloudHealthcareV1FhirGcsDestination' + bigqueryDestination: + $ref: '#/components/schemas/GoogleCloudHealthcareV1FhirBigQueryDestination' description: >- - Optional. If true, skip replacing StudyInstanceUID, - SeriesInstanceUID, SOPInstanceUID, and MediaStorageSOPInstanceUID - and leave them untouched. The Cloud Healthcare API regenerates these - UIDs by default based on the DICOM Standard's reasoning: "Whilst - these UIDs cannot be mapped directly to an individual out of - context, given access to the original images, or to a database of - the original images containing the UIDs, it would be possible to - recover the individual's identity." - http://dicom.nema.org/medical/dicom/current/output/chtml/part15/sect_E.3.9.html - type: boolean - keepList: - description: List of tags to keep. Remove all other tags. - $ref: '#/components/schemas/TagFilterList' - removeList: - description: List of tags to remove. Keep all other tags. - $ref: '#/components/schemas/TagFilterList' - filterProfile: - description: Tag filtering profile that determines which tags to keep/remove. + The BigQuery output destination. The Cloud Healthcare Service Agent + requires two IAM roles on the BigQuery location: + `roles/bigquery.dataEditor` and `roles/bigquery.jobUser`. The output + is one BigQuery table per resource type. Unlike when setting + `BigQueryDestination` for `StreamConfig`, `ExportResources` does not + create BigQuery views. + _type: type: string - enumDescriptions: - - No tag filtration profile provided. Same as KEEP_ALL_PROFILE. - - Keep only tags required to produce valid DICOM. - - >- - Remove tags based on DICOM Standard's Attribute Confidentiality - Basic Profile (DICOM Standard Edition 2018e) - http://dicom.nema.org/medical/dicom/2018e/output/chtml/part15/chapter_E.html. - - Keep all tags. - - >- - Inspects within tag contents and replaces sensitive text. The - process can be configured using the TextConfig. Applies to all - tags with the following Value Representation names: AE, LO, LT, - PN, SH, ST, UC, UT, DA, DT, AS - enum: - - TAG_FILTER_PROFILE_UNSPECIFIED - - MINIMAL_KEEP_LIST_PROFILE - - ATTRIBUTE_CONFIDENTIALITY_BASIC_PROFILE - - KEEP_ALL_PROFILE - - DEIDENTIFY_TAG_CONTENTS - TagFilterList: - id: TagFilterList - description: List of tags to be filtered. + description: >- + String of comma-delimited FHIR resource types. If provided, only + resources of the specified resource type(s) are exported. + StreamConfig: type: object + id: StreamConfig + description: Contains configuration for streaming FHIR export. properties: - tags: - description: >- - Optional. Tags to be filtered. Tags must be DICOM Data Elements, - File Meta Elements, or Directory Structuring Elements, as defined - at: - http://dicom.nema.org/medical/dicom/current/output/html/part06.html#table_6-1,. - They may be provided by "Keyword" or "Tag". For example "PatientID", - "00100010". + resourceTypes: type: array + description: >- + Optional. Supply a FHIR resource type (such as "Patient" or + "Observation"). See + https://www.hl7.org/fhir/valueset-resource-types.html for a list of + all FHIR resource types. The server treats an empty list as an + intent to stream all the supported resource types in this FHIR + store. items: type: string - FhirConfig: - id: FhirConfig - description: Specifies how to handle de-identification of a FHIR store. - type: object - properties: - fieldMetadataList: + bigqueryDestination: + $ref: '#/components/schemas/GoogleCloudHealthcareV1FhirBigQueryDestination' description: >- - Optional. Specifies FHIR paths to match and how to transform them. - Any field that is not matched by a FieldMetadata is passed through - to the output dataset unmodified. All extensions will be processed - according to `default_keep_extensions`. - type: array - items: - $ref: '#/components/schemas/FieldMetadata' - defaultKeepExtensions: + Optional. The destination BigQuery structure that contains both the + dataset location and corresponding schema config. The output is + organized in one table per resource type. The server reuses the + existing tables (if any) that are named after the resource types. + For example, "Patient", "Observation". When there is no existing + table for a given resource type, the server attempts to create one. + When a table schema doesn't align with the schema config, either + because of existing incompatible schema or out of band incompatible + modification, the server does not stream in new data. BigQuery + imposes a 1 MB limit on streaming insert row size, therefore any + resource mutation that generates more than 1 MB of BigQuery data is + not streamed. One resolution in this case is to delete the + incompatible table and let the server recreate one, though the newly + created table only contains data after the table recreation. Results + are written to BigQuery tables according to the parameters in + BigQueryDestination.WriteDisposition. Different versions of the same + resource are distinguishable by the meta.versionId and + meta.lastUpdated columns. The operation (CREATE/UPDATE/DELETE) that + results in the new version is recorded in the meta.tag. The tables + contain all historical resource versions since streaming was + enabled. For query convenience, the server also creates one view per + table of the same name containing only the current resource version. + The streamed data in the BigQuery dataset is not guaranteed to be + completely unique. The combination of the id and meta.versionId + columns should ideally identify a single unique row. But in rare + cases, duplicates may exist. At query time, users may use the SQL + select statement to keep only one of the duplicate rows given an id + and meta.versionId pair. Alternatively, the server created view + mentioned above also filters out duplicates. If a resource mutation + cannot be streamed to BigQuery, errors are logged to Cloud Logging. + For more information, see [Viewing error logs in Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). + deidentifiedStoreDestination: + $ref: '#/components/schemas/DeidentifiedStoreDestination' description: >- - Optional. The behaviour for handling FHIR extensions that aren't - otherwise specified for de-identification. If true, all extensions - are preserved during de-identification by default. If false or - unspecified, all extensions are removed during de-identification by - default. - type: boolean - FieldMetadata: - id: FieldMetadata - description: >- - Specifies FHIR paths to match, and how to handle de-identification of - matching fields. + The destination FHIR store for de-identified resources. After this + field is added, all subsequent creates/updates/patches to the source + store will be de-identified using the provided configuration and + applied to the destination store. Resources deleted from the source + store will be deleted from the destination store. Importing + resources to the source store will not trigger the streaming. If the + source store already contains resources when this option is enabled, + those resources will not be copied to the destination store unless + they are subsequently updated. This may result in invalid references + in the destination store. Before adding this config, you must grant + the healthcare.fhirResources.update permission on the destination + store to your project's **Cloud Healthcare Service Agent** [service + account](https://cloud.google.com/healthcare/docs/how-tos/permissions-healthcare-api-gcp-products#the_cloud_healthcare_service_agent). + The destination store must set enable_update_create to true. The + destination store must have disable_referential_integrity set to + true. If a resource cannot be de-identified, errors will be logged + to Cloud Logging (see [Viewing error logs in Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). + Not supported for R5 stores. + ListConsentRevisionsResponse: + id: ListConsentRevisionsResponse type: object properties: - paths: + nextPageToken: + type: string description: >- - Optional. List of paths to FHIR fields to be redacted. Each path is - a period-separated list where each component is either a field name - or FHIR type name, for example: Patient, HumanName. For "choice" - types (those defined in the FHIR spec with the form: field[x]) we - use two separate components. For example, "deceasedAge.unit" is - matched by "Deceased.Age.unit". Supported types are: - AdministrativeGenderCode, Base64Binary, Boolean, Code, Date, - DateTime, Decimal, HumanName, Id, Instant, Integer, LanguageCode, - Markdown, Oid, PositiveInt, String, UnsignedInt, Uri, Uuid, Xhtml. + Token to retrieve the next page of results, or empty if there are no + more results in the list. + consents: + description: >- + The returned Consent revisions. The maximum number of revisions + returned is determined by the value of `page_size` in the + ListConsentRevisionsRequest. type: array items: + $ref: '#/components/schemas/Consent' + Location: + properties: + labels: + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + additionalProperties: type: string - action: - description: Optional. Deidentify action for one field. + type: object + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` type: string - enumDescriptions: - - No action specified. Defaults to DO_NOT_TRANSFORM. - - Transform the entire field. - - Inspect and transform any found PHI. - - Do not transform. - enum: - - ACTION_UNSPECIFIED - - TRANSFORM - - INSPECT_AND_TRANSFORM - - DO_NOT_TRANSFORM - ImageConfig: - id: ImageConfig - description: Specifies how to handle de-identification of image pixels. + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + metadata: + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + locationId: + type: string + description: 'The canonical id for this location. For example: `"us-east1"`.' + description: A resource that represents a Google Cloud location. + id: Location type: object + ConsentEvaluation: + id: ConsentEvaluation properties: - textRedactionMode: - description: Optional. Determines how to redact text from image. - type: string + evaluationResult: + description: The evaluation result. enumDescriptions: - - No text redaction specified. Same as REDACT_NO_TEXT. - - Redact all text. + - No evaluation result specified. This option is invalid. - >- - Redact sensitive text. Uses the set of [Default DICOM - InfoTypes](https://cloud.google.com/healthcare-api/docs/how-tos/dicom-deidentify#default_dicom_infotypes). - - Do not redact text. + The Consent is not applicable to the requested access + determination. For example, the Consent does not apply to the user + for which the access determination is requested, or it has a + `state` of `REVOKED`, or it has expired. + - >- + The Consent does not have a policy that matches the + `resource_attributes` of the evaluated resource. + - >- + The Consent has at least one policy that matches the + `resource_attributes` of the evaluated resource, but no + `authorization_rule` was satisfied. + - >- + The Consent has at least one policy that matches the + `resource_attributes` of the evaluated resource, and at least one + `authorization_rule` was satisfied. enum: - - TEXT_REDACTION_MODE_UNSPECIFIED - - REDACT_ALL_TEXT - - REDACT_SENSITIVE_TEXT - - REDACT_NO_TEXT - TextConfig: - id: TextConfig + - EVALUATION_RESULT_UNSPECIFIED + - NOT_APPLICABLE + - NO_MATCHING_POLICY + - NO_SATISFIED_POLICY + - HAS_SATISFIED_POLICY + type: string type: object - properties: - transformations: - description: >- - Optional. The transformations to apply to the detected data. - Deprecated. Use `additional_transformations` instead. - type: array - items: - $ref: '#/components/schemas/InfoTypeTransformation' - additionalTransformations: - description: >- - Optional. Transformations to apply to the detected data, overridden - by `exclude_info_types`. - type: array - items: - $ref: '#/components/schemas/InfoTypeTransformation' - excludeInfoTypes: - description: >- - Optional. InfoTypes to skip transforming, overriding - `additional_transformations`. - type: array - items: - type: string - InfoTypeTransformation: - id: InfoTypeTransformation + description: The detailed evaluation of a particular Consent. + Expr: + id: Expr description: >- - A transformation to apply to text that is identified as a specific - info_type. - type: object + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. properties: - infoTypes: + title: + type: string description: >- - Optional. InfoTypes to apply this transformation to. If this is not - specified, the transformation applies to any info_type. - type: array - items: - type: string - redactConfig: - description: Config for text redaction. - $ref: '#/components/schemas/RedactConfig' - characterMaskConfig: - description: Config for character mask. - $ref: '#/components/schemas/CharacterMaskConfig' - dateShiftConfig: - description: Config for date shift. - $ref: '#/components/schemas/DateShiftConfig' - cryptoHashConfig: - description: Config for crypto hash. - $ref: '#/components/schemas/CryptoHashConfig' - replaceWithInfoTypeConfig: - description: Config for replace with InfoType. - $ref: '#/components/schemas/ReplaceWithInfoTypeConfig' - RedactConfig: - id: RedactConfig - description: >- - Define how to redact sensitive values. Default behaviour is erase. For - example, "My name is Jane." becomes "My name is ." - type: object - properties: {} - CharacterMaskConfig: - id: CharacterMaskConfig - description: Mask a string by replacing its characters with a fixed character. - type: object - properties: - maskingCharacter: + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + expression: description: >- - Optional. Character to mask the sensitive values. If not supplied, - defaults to "*". + Textual representation of an expression in Common Expression + Language syntax. type: string - DateShiftConfig: - id: DateShiftConfig - description: >- - Shift a date forward or backward in time by a random amount which is - consistent for a given patient and crypto key combination. - type: object - properties: - cryptoKey: + location: description: >- - An AES 128/192/256 bit key. The date shift is computed based on this - key and the patient ID. If the patient ID is empty for a DICOM - resource, the date shift is computed based on this key and the study - instance UID. If `crypto_key` is not set, then `kms_wrapped` is used - to calculate the date shift. If neither is set, a default key is - generated for each de-identify operation. Must not be set if - `kms_wrapped` is set. + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. type: string - format: byte - kmsWrapped: - description: >- - KMS wrapped key. If `kms_wrapped` is not set, then `crypto_key` is - used to calculate the date shift. If neither is set, a default key - is generated for each de-identify operation. Must not be set if - `crypto_key` is set. - $ref: '#/components/schemas/KmsWrappedCryptoKey' - KmsWrappedCryptoKey: - id: KmsWrappedCryptoKey - description: >- - Include to use an existing data crypto key wrapped by KMS. The wrapped - key must be a 128-, 192-, or 256-bit key. The key must grant the Cloud - IAM permission `cloudkms.cryptoKeyVersions.useToDecrypt` to the - project's Cloud Healthcare Service Agent service account. For more - information, see [Creating a wrapped key] - (https://cloud.google.com/dlp/docs/create-wrapped-key). - type: object - properties: - wrappedKey: - description: Required. The wrapped data crypto key. + description: type: string - format: byte - cryptoKey: description: >- - Required. The resource name of the KMS CryptoKey to use for - unwrapping. For example, - `projects/{project_id}/locations/{location_id}/keyRings/{keyring}/cryptoKeys/{key}`. - type: string - CryptoHashConfig: - id: CryptoHashConfig - description: >- - Pseudonymization method that generates surrogates via cryptographic - hashing. Uses SHA-256. Outputs a base64-encoded representation of the - hashed output (for example, - `L7k0BHmF1ha5U3NfGykjro4xWi1MPVQPjhMAZbSV9mM=`). + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. type: object - properties: - cryptoKey: - description: >- - An AES 128/192/256 bit key. Causes the hash to be computed based on - this key. A default key is generated for each Deidentify operation - and is used when neither `crypto_key` nor `kms_wrapped` is - specified. Must not be set if `kms_wrapped` is set. - type: string - format: byte - kmsWrapped: - description: KMS wrapped key. Must not be set if `crypto_key` is set. - $ref: '#/components/schemas/KmsWrappedCryptoKey' ReplaceWithInfoTypeConfig: id: ReplaceWithInfoTypeConfig + properties: {} description: >- When using the INSPECT_AND_TRANSFORM action, each match is replaced with the name of the info_type. For example, "My name is Jane" becomes "My name is [PERSON_NAME]." The TRANSFORM action is equivalent to redacting. type: object - properties: {} - FhirFilter: - id: FhirFilter - description: Filter configuration. - type: object - properties: - resources: - description: >- - List of resources to include in the output. If this list is empty or - not specified, all resources are included in the output. - $ref: '#/components/schemas/Resources' - Resources: - id: Resources - description: A list of FHIR resources. - type: object - properties: - resources: - description: List of resources IDs. For example, "Patient/1234". - type: array - items: - type: string - DeidentifyDicomStoreRequest: - id: DeidentifyDicomStoreRequest - description: Creates a new DICOM store with sensitive information de-identified. + Hl7V2NotificationConfig: + id: Hl7V2NotificationConfig + description: >- + Specifies where and whether to send notifications upon changes to a data + store. type: object properties: - destinationStore: - description: >- - Required. The name of the DICOM store to create and write the - redacted data to. For example, - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/dicomStores/{dicom_store_id}`. - * The destination dataset must exist. * The source dataset and - destination dataset must both reside in the same location. - De-identifying data across multiple locations is not supported. * - The destination DICOM store must not exist. * The caller must have - the necessary permissions to create the destination DICOM store. + pubsubTopic: type: string - config: description: >- - Deidentify configuration. Only one of `config` and `gcs_config_uri` - can be specified. - $ref: '#/components/schemas/DeidentifyConfig' - gcsConfigUri: + The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that + notifications of changes are published on. Supplied by the client. + The notification is a `PubsubMessage` with the following fields: * + `PubsubMessage.Data` contains the resource name. * + `PubsubMessage.MessageId` is the ID of this notification. It's + guaranteed to be unique within the topic. * + `PubsubMessage.PublishTime` is the time when the message was + published. Note that notifications are only sent if the topic is + non-empty. [Topic + names](https://cloud.google.com/pubsub/docs/overview#names) must be + scoped to a project. The Cloud Healthcare API service account, + service-PROJECT_NUMBER@gcp-sa-healthcare.iam.gserviceaccount.com, + must have publisher permissions on the given Pub/Sub topic. Not + having adequate permissions causes the calls that send notifications + to fail. If a notification cannot be published to Pub/Sub, errors + are logged to Cloud Logging. For more information, see [Viewing + error logs in Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). + filter: description: >- - Cloud Storage location to read the JSON - cloud.healthcare.deidentify.DeidentifyConfig from, overriding the - default config. Must be of the form - `gs://{bucket_id}/path/to/object`. The Cloud Storage location must - grant the Cloud IAM role `roles/storage.objectViewer` to the - project's Cloud Healthcare Service Agent service account. Only one - of `config` and `gcs_config_uri` can be specified. + Optional. Restricts notifications sent for messages matching a + filter. If this is empty, all messages are matched. The following + syntax is available: * A string field value can be written as text + inside quotation marks, for example `"query text"`. The only valid + relational operation for text fields is equality (`=`), where text + is searched within the field, rather than having the field be equal + to the text. For example, `"Comment = great"` returns messages with + `great` in the comment field. * A number field value can be written + as an integer, a decimal, or an exponential. The valid relational + operators for number fields are the equality operator (`=`), along + with the less than/greater than operators (`<`, `<=`, `>`, `>=`). + Note that there is no inequality (`!=`) operator. You can prepend + the `NOT` operator to an expression to negate it. * A date field + value must be written in `yyyy-mm-dd` form. Fields with date and + time use the RFC3339 time format. Leading zeros are required for + one-digit months and days. The valid relational operators for date + fields are the equality operator (`=`) , along with the less + than/greater than operators (`<`, `<=`, `>`, `>=`). Note that there + is no inequality (`!=`) operator. You can prepend the `NOT` operator + to an expression to negate it. * Multiple field query expressions + can be combined in one query by adding `AND` or `OR` operators + between the expressions. If a boolean operator appears within a + quoted string, it is not treated as special, it's just another part + of the character string to be matched. You can prepend the `NOT` + operator to an expression to negate it. The following fields and + functions are available for filtering: * `message_type`, from the + MSH-9.1 field. For example, `NOT message_type = "ADT"`. * + `send_date` or `sendDate`, the YYYY-MM-DD date the message was sent + in the dataset's time_zone, from the MSH-7 segment. For example, + `send_date < "2017-01-02"`. * `send_time`, the timestamp when the + message was sent, using the RFC3339 time format for comparisons, + from the MSH-7 segment. For example, `send_time < + "2017-01-02T00:00:00-05:00"`. * `create_time`, the timestamp when + the message was created in the HL7v2 store. Use the RFC3339 time + format for comparisons. For example, `create_time < + "2017-01-02T00:00:00-05:00"`. * `send_facility`, the care center + that the message came from, from the MSH-4 segment. For example, + `send_facility = "ABC"`. * `PatientId(value, type)`, which matches + if the message lists a patient having an ID of the given value and + type in the PID-2, PID-3, or PID-4 segments. For example, + `PatientId("123456", "MRN")`. * `labels.x`, a string value of the + label with key `x` as set using the Message.labels map. For example, + `labels."priority"="high"`. The operator `:*` can be used to assert + the existence of a label. For example, `labels."priority":*`. type: string - filterConfig: - description: Filter configuration. - $ref: '#/components/schemas/DicomFilterConfig' - DicomFilterConfig: - id: DicomFilterConfig - description: Specifies the filter configuration for DICOM resources. - type: object + TimeRange: properties: - resourcePathsGcsUri: - description: >- - The Cloud Storage location of the filter configuration file. The - `gcs_uri` must be in the format `gs://bucket/path/to/object`. The - filter configuration file must contain a list of resource paths - separated by newline characters (\n or \r\n). Each resource path - must be in the format - "/studies/{studyUID}[/series/{seriesUID}[/instances/{instanceUID}]]" - The Cloud Healthcare API service account must have the - `roles/storage.objectViewer` Cloud IAM role for this Cloud Storage - location. + end: type: string - Dataset: - id: Dataset - description: >- - A message representing a health dataset. A health dataset represents a - collection of healthcare data pertaining to one or more patients. This - may include multiple modalities of healthcare data, such as electronic - medical records or medical imaging data. - type: object - properties: - name: description: >- - Identifier. Resource name of the dataset, of the form - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}`. - type: string - timeZone: + Optional. The latest consent change time, in format + YYYY-MM-DDThh:mm:ss.sss+zz:zz If not specified, the system uses the + time when ApplyConsents was called. + start: description: >- - Optional. The default timezone used by this dataset. Must be a - either a valid IANA time zone name such as "America/New_York" or - empty, which defaults to UTC. This is used for parsing times in - resources, such as HL7 messages, where no explicit timezone is - specified. + Optional. The earliest consent change time, in format + YYYY-MM-DDThh:mm:ss.sss+zz:zz If not specified, the system uses the + FHIR store creation time. type: string - encryptionSpec: - description: >- - Optional. Customer-managed encryption key spec for a Dataset. If - set, this Dataset and all of its sub-resources will be secured by - this key. If empty, the Dataset is secured by the default Google - encryption key. - $ref: '#/components/schemas/EncryptionSpec' - satisfiesPzs: - description: Output only. Whether the dataset satisfies zone separation. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Whether the dataset satisfies zone isolation. - readOnly: true - type: boolean - EncryptionSpec: - id: EncryptionSpec + type: object + id: TimeRange description: >- - Represents a customer-managed encryption key spec that can be applied to - a resource. + Apply consents given by patients whose most recent consent changes are + in the time range. Note that after identifying these patients, the + server applies all Consent resources given by those patients, not just + the Consent resources within the timestamp in the range. + RollbackFhirResourceFilteringFields: type: object + id: RollbackFhirResourceFilteringFields properties: - kmsKeyName: + metadataFilter: description: >- - Required. The resource name of customer-managed encryption key that - is used to secure a resource and its sub-resources. Only the key in - the same location as this Dataset is allowed to be used for - encryption. Format is: - `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{key}` + Optional. A filter expression that matches data in the + `Resource.meta` element. Supports all filters in + [AIP-160](https://google.aip.dev/160) except the "has" (`:`) + operator. Supports the following custom functions: * `tag("") = ""` + for tag filtering. * `extension_value_ts("") = ` for filtering + extensions with a timestamp, where `` is a Unix timestamp. Supports + the `>`, `<`, `<=`, `>=`, and `!=` comparison operators. type: string - ListDatasetsResponse: - id: ListDatasetsResponse - description: Lists the available datasets. - type: object - properties: - datasets: - description: The first page of datasets. + operationIds: type: array items: - $ref: '#/components/schemas/Dataset' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string - DeidentifyDatasetRequest: - id: DeidentifyDatasetRequest - description: Redacts identifying information from the specified dataset. + type: string + format: uint64 + description: Optional. A list of operation IDs to roll back. + GroupOrSegment: + id: GroupOrSegment type: object properties: - destinationDataset: - description: >- - Required. The name of the dataset resource to create and write the - redacted data to. * The destination dataset must not exist. * The - destination dataset must be in the same location as the source - dataset. De-identifying data across multiple locations is not - supported. - type: string - config: - description: >- - Deidentify configuration. Only one of `config` and `gcs_config_uri` - can be specified. - $ref: '#/components/schemas/DeidentifyConfig' - gcsConfigUri: - description: >- - Cloud Storage location to read the JSON - cloud.healthcare.deidentify.DeidentifyConfig from, overriding the - default config. Must be of the form - `gs://{bucket_id}/path/to/object`. The Cloud Storage location must - grant the Cloud IAM role `roles/storage.objectViewer` to the - project's Cloud Healthcare Service Agent service account. Only one - of `config` and `gcs_config_uri` can be specified. - type: string + segment: + $ref: '#/components/schemas/SchemaSegment' + group: + $ref: '#/components/schemas/SchemaGroup' + description: Construct representing a logical group or a segment. StorageInfo: id: StorageInfo description: StorageInfo encapsulates all the storage info of a resource. - type: object properties: + blobStorageInfo: + $ref: '#/components/schemas/BlobStorageInfo' + description: Info about the data stored in blob storage for the resource. + structuredStorageInfo: + description: Info about the data stored in structured storage for the resource. + $ref: '#/components/schemas/StructuredStorageInfo' referencedResource: description: >- The resource whose storage info is returned. For example: `projects/{projectID}/locations/{locationID}/datasets/{datasetID}/dicomStores/{dicomStoreID}/dicomWeb/studies/{studyUID}/series/{seriesUID}/instances/{instanceUID}` type: string - structuredStorageInfo: - description: Info about the data stored in structured storage for the resource. - $ref: '#/components/schemas/StructuredStorageInfo' - blobStorageInfo: - description: Info about the data stored in blob storage for the resource. - $ref: '#/components/schemas/BlobStorageInfo' - StructuredStorageInfo: - id: StructuredStorageInfo - description: >- - StructuredStorageInfo contains details about the data stored in - Structured Storage for the referenced resource. type: object + ConsentErrors: + description: The Consent resource name and error. properties: - sizeBytes: - description: Size in bytes of data stored in structured storage. + error: + $ref: '#/components/schemas/Status' + description: The error code and message. + name: type: string - format: int64 - BlobStorageInfo: - id: BlobStorageInfo - description: >- - BlobStorageInfo contains details about the data stored in Blob Storage - for the referenced resource. Note: Storage class is only valid for DICOM - and hence will only be populated for DICOM resources. + description: >- + The versioned name of the admin Consent resource, in the format + `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}/_history/{version_id}`. + For FHIR stores with `disable_resource_versioning=true`, the format + is + `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}`. + type: object + id: ConsentErrors + ArchiveUserDataMappingResponse: + properties: {} + type: object + id: ArchiveUserDataMappingResponse + description: Archives the specified User data mapping. + LinkedEntity: type: object + description: >- + EntityMentions can be linked to multiple entities using a LinkedEntity + message lets us add other fields, e.g. confidence. properties: - sizeBytes: - description: Size in bytes of data stored in Blob Storage. - type: string - format: int64 - storageClass: - description: The storage class in which the Blob data is stored. + entityId: + description: >- + entity_id is a concept unique identifier. These are prefixed by a + string that identifies the entity coding system, followed by the + unique identifier within that system. For example, "UMLS/C0000970". + This also supports ad hoc entities, which are formed by normalizing + entity mention content. type: string + id: LinkedEntity + BlobStorageSettings: + description: Settings for data stored in Blob storage. + id: BlobStorageSettings + properties: + blobStorageClass: enumDescriptions: - >- If unspecified in CreateDataset, the StorageClass defaults to @@ -1886,356 +1279,326 @@ components: - >- This stores the Object in Blob Archive Storage: https://cloud.google.com/storage/docs/storage-classes#archive + type: string enum: - BLOB_STORAGE_CLASS_UNSPECIFIED - STANDARD - NEARLINE - COLDLINE - ARCHIVE - storageClassUpdateTime: - description: >- - The time at which the storage class was updated. This is used to - compute early deletion fees of the resource. - type: string - format: google-datetime - SetBlobStorageSettingsRequest: - id: SetBlobStorageSettingsRequest - description: Request message for `SetBlobStorageSettings` method. + description: The Storage class in which the Blob data is stored. type: object + ListConsentsResponse: + type: object + id: ListConsentsResponse properties: - filterConfig: + consents: description: >- - Optional. A filter configuration. If `filter_config` is specified, - set the value of `resource` to the resource name of a DICOM store in - the format - `projects/{projectID}/locations/{locationID}/datasets/{datasetID}/dicomStores/{dicomStoreID}`. - $ref: '#/components/schemas/DicomFilterConfig' - blobStorageSettings: + The returned Consents. The maximum number of Consents returned is + determined by the value of page_size in the ListConsentsRequest. + items: + $ref: '#/components/schemas/Consent' + type: array + nextPageToken: + type: string description: >- - The blob storage settings to update for the specified resources. - Only fields listed in `update_mask` are applied. - $ref: '#/components/schemas/BlobStorageSettings' - BlobStorageSettings: - id: BlobStorageSettings - description: Settings for data stored in Blob storage. + Token to retrieve the next page of results, or empty if there are no + more results in the list. + Binding: + id: Binding type: object + description: Associates `members`, or principals, with a `role`. properties: - blobStorageClass: - description: The Storage class in which the Blob data is stored. + members: + type: array + items: + type: string + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + condition: + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + role: type: string - enumDescriptions: - - >- - If unspecified in CreateDataset, the StorageClass defaults to - STANDARD. If unspecified in UpdateDataset and the StorageClass is - set in the field mask, an InvalidRequest error is thrown. - - >- - This stores the Object in Blob Standard Storage: - https://cloud.google.com/storage/docs/storage-classes#standard - - >- - This stores the Object in Blob Nearline Storage: - https://cloud.google.com/storage/docs/storage-classes#nearline - - >- - This stores the Object in Blob Coldline Storage: - https://cloud.google.com/storage/docs/storage-classes#coldline - - >- - This stores the Object in Blob Archive Storage: - https://cloud.google.com/storage/docs/storage-classes#archive - enum: - - BLOB_STORAGE_CLASS_UNSPECIFIED - - STANDARD - - NEARLINE - - COLDLINE - - ARCHIVE - DicomStore: - id: DicomStore - description: Represents a DICOM store. - type: object + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + ConsentStore: + id: ConsentStore properties: - name: + enableConsentCreateOnUpdate: description: >- - Identifier. Resource name of the DICOM store, of the form - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/dicomStores/{dicom_store_id}`. - type: string - notificationConfig: + Optional. If `true`, UpdateConsent creates the Consent if it does + not already exist. If unspecified, defaults to `false`. + type: boolean + defaultConsentTtl: description: >- - Optional. Notification destination for new DICOM instances. Supplied - by the client. - $ref: '#/components/schemas/NotificationConfig' + Optional. Default time to live for Consents created in this store. + Must be at least 24 hours. Updating this field will not affect the + expiration time of existing consents. + type: string + format: google-duration labels: description: >- - User-supplied key-value pairs used to organize DICOM stores. Label - keys must be between 1 and 63 characters long, have a UTF-8 encoding - of maximum 128 bytes, and must conform to the following PCRE regular - expression: \p{Ll}\p{Lo}{0,62} Label values are optional, must be - between 1 and 63 characters long, have a UTF-8 encoding of maximum - 128 bytes, and must conform to the following PCRE regular - expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can - be associated with a given store. - type: object + Optional. User-supplied key-value pairs used to organize consent + stores. Label keys must be between 1 and 63 characters long, have a + UTF-8 encoding of maximum 128 bytes, and must conform to the + following PCRE regular expression: \p{Ll}\p{Lo}{0,62}. Label values + must be between 1 and 63 characters long, have a UTF-8 encoding of + maximum 128 bytes, and must conform to the following PCRE regular + expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63}. No more than 64 labels can + be associated with a given store. For more information: + https://cloud.google.com/healthcare/docs/how-tos/labeling-resources additionalProperties: type: string - streamConfigs: - description: >- - Optional. A list of streaming configs used to configure the - destination of streaming exports for every DICOM instance insertion - in this DICOM store. After a new config is added to - `stream_configs`, DICOM instance insertions are streamed to the new - destination. When a config is removed from `stream_configs`, the - server stops streaming to that destination. Each config must contain - a unique destination. - type: array - items: - $ref: '#/components/schemas/GoogleCloudHealthcareV1DicomStreamConfig' - notificationConfigs: - description: >- - Optional. Specifies where and whether to send notifications upon - changes to a DICOM store. - type: array - items: - $ref: '#/components/schemas/DicomNotificationConfig' - NotificationConfig: - id: NotificationConfig - description: Specifies where to send notifications upon changes to a data store. - type: object - properties: - pubsubTopic: + type: object + name: description: >- - The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that - notifications of changes are published on. Supplied by the client. - PubsubMessage.Data contains the resource name. - PubsubMessage.MessageId is the ID of this message. It is guaranteed - to be unique within the topic. PubsubMessage.PublishTime is the time - at which the message was published. Notifications are only sent if - the topic is non-empty. [Topic - names](https://cloud.google.com/pubsub/docs/overview#names) must be - scoped to a project. Cloud Healthcare API service account must have - publisher permissions on the given Pub/Sub topic. Not having - adequate permissions causes the calls that send notifications to - fail. If a notification can't be published to Pub/Sub, errors are - logged to Cloud Logging (see [Viewing error logs in Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). - If the number of errors exceeds a certain rate, some aren't - submitted. Note that not all operations trigger notifications, see - [Configuring Pub/Sub - notifications](https://cloud.google.com/healthcare/docs/how-tos/pubsub) - for specific details. + Identifier. Resource name of the consent store, of the form + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}`. + Cannot be changed after creation. type: string - sendForBulkImport: - description: >- - Indicates whether or not to send Pub/Sub notifications on bulk - import. Only supported for DICOM imports. - type: boolean - GoogleCloudHealthcareV1DicomStreamConfig: - id: GoogleCloudHealthcareV1DicomStreamConfig - description: StreamConfig specifies configuration for a streaming DICOM export. + description: Represents a consent store. + type: object + DateShiftConfig: + id: DateShiftConfig type: object properties: - bigqueryDestination: + kmsWrapped: description: >- - Results are appended to this table. The server creates a new table - in the given BigQuery dataset if the specified table does not exist. - To enable the Cloud Healthcare API to write to your BigQuery table, - you must give the Cloud Healthcare API service account the - bigquery.dataEditor role. The service account is: - `service-{PROJECT_NUMBER}@gcp-sa-healthcare.iam.gserviceaccount.com`. - The PROJECT_NUMBER identifies the project that the DICOM store - resides in. To get the project number, go to the Cloud Console - Dashboard. It is recommended to not have a custom schema in the - destination table which could conflict with the schema created by - the Cloud Healthcare API. Instance deletions are not applied to the - destination table. The destination's table schema will be - automatically updated in case a new instance's data is incompatible - with the current schema. The schema should not be updated manually - as this can cause incompatibilies that cannot be resolved - automatically. One resolution in this case is to delete the - incompatible table and let the server recreate one, though the newly - created table only contains data after the table recreation. - BigQuery imposes a 1 MB limit on streaming insert row size, - therefore any instance that generates more than 1 MB of BigQuery - data will not be streamed. If an instance cannot be streamed to - BigQuery, errors will be logged to Cloud Logging (see [Viewing error - logs in Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). - $ref: '#/components/schemas/GoogleCloudHealthcareV1DicomBigQueryDestination' - GoogleCloudHealthcareV1DicomBigQueryDestination: - id: GoogleCloudHealthcareV1DicomBigQueryDestination - description: The BigQuery table where the server writes the output. - type: object + KMS wrapped key. If `kms_wrapped` is not set, then `crypto_key` is + used to calculate the date shift. If neither is set, a default key + is generated for each de-identify operation. Must not be set if + `crypto_key` is set. + $ref: '#/components/schemas/KmsWrappedCryptoKey' + cryptoKey: + format: byte + description: >- + An AES 128/192/256 bit key. The date shift is computed based on this + key and the patient ID. If the patient ID is empty for a DICOM + resource, the date shift is computed based on this key and the study + instance UID. If `crypto_key` is not set, then `kms_wrapped` is used + to calculate the date shift. If neither is set, a default key is + generated for each de-identify operation. Must not be set if + `kms_wrapped` is set. + type: string + description: >- + Shift a date forward or backward in time by a random amount which is + consistent for a given patient and crypto key combination. + ApplyConsentsResponse: properties: - tableUri: + failedResources: + type: string + format: int64 description: >- - Optional. BigQuery URI to a table, up to 2000 characters long, in - the format `bq://projectId.bqDatasetId.tableId` + The number of resources (including the Consent resources) that + ApplyConsents failed to re-index. + consentApplyFailure: type: string - force: + format: int64 description: >- - Optional. Use `write_disposition` instead. If `write_disposition` is - specified, this parameter is ignored. force=false is equivalent to - write_disposition=WRITE_EMPTY and force=true is equivalent to - write_disposition=WRITE_TRUNCATE. - type: boolean - writeDisposition: + If `validate_only = false` in ApplyConsentsRequest, this counter is + the number of Consent resources that were failed to apply. + Otherwise, it is the number of Consent resources that are not + supported or invalid. + affectedResources: + type: string description: >- - Optional. Determines whether the existing table in the destination - is to be overwritten or appended to. If a write_disposition is - specified, the `force` parameter is ignored. + The number of resources (including the Consent resources) that may + have consensual access change. + format: int64 + consentApplySuccess: + description: >- + If `validate_only = false` in ApplyConsentsRequest, this counter is + the number of Consent resources that were successfully applied. + Otherwise, it is the number of Consent resources that are supported. type: string - enumDescriptions: - - Default behavior is the same as WRITE_EMPTY. - - Only export data if the destination table is empty. - - >- - Erase all existing data in the destination table before writing - the instances. - - Append data to the destination table. - enum: - - WRITE_DISPOSITION_UNSPECIFIED - - WRITE_EMPTY - - WRITE_TRUNCATE - - WRITE_APPEND - DicomNotificationConfig: - id: DicomNotificationConfig - description: Contains the configuration for DICOM notifications. + format: int64 + description: >- + Response when all Consent resources in scope were processed and all + affected resources were reindexed successfully. This structure is + included in the response when the operation finishes successfully. + id: ApplyConsentsResponse + type: object + AnalyzeEntitiesRequest: + id: AnalyzeEntitiesRequest type: object + description: The request to analyze healthcare entities in a document. properties: - pubsubTopic: + licensedVocabularies: + items: + enumDescriptions: + - No licensed vocabulary specified. + - ICD-10-CM vocabulary + - SNOMED CT (US version) vocabulary + type: string + enum: + - LICENSED_VOCABULARY_UNSPECIFIED + - ICD10CM + - SNOMEDCT_US + type: array description: >- - Required. The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic - that notifications of changes are published on. Supplied by the - client. The notification is a `PubsubMessage` with the following - fields: * `PubsubMessage.Data` contains the resource name. * - `PubsubMessage.MessageId` is the ID of this notification. It is - guaranteed to be unique within the topic. * - `PubsubMessage.PublishTime` is the time when the message was - published. * `PubsubMessage.Attributes` contains the following - attributes: * `action`: The name of the endpoint that generated the - notification. Possible values are `StoreInstances`, - `SetBlobSettings`, `ImportDicomData`, etc. * `lastUpdatedTime`: The - latest timestamp when the DICOM instance was updated. * `storeName`: - The resource name of the DICOM store, of the form - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/dicomStores/{dicom_store_id}`. - * `studyInstanceUID`: The study UID of the DICOM instance that was - changed. * `seriesInstanceUID`: The series UID of the DICOM instance - that was changed. * `sopInstanceUID`: The instance UID of the DICOM - instance that was changed. * `versionId`: The version ID of the - DICOM instance that was changed. * `modality`: The modality tag of - the DICOM instance that was changed. * `previousStorageClass`: The - storage class where the DICOM instance was previously stored if the - storage class was changed. * `storageClass`: The storage class where - the DICOM instance is currently stored. Note that notifications are - only sent if the topic is non-empty. [Topic - names](https://cloud.google.com/pubsub/docs/overview#names) must be - scoped to a project. The Cloud Healthcare API service account, - service-@gcp-sa-healthcare.iam.gserviceaccount.com, must have the - `pubsub.topics.publish` permission (which is typically included in - `roles/pubsub.publisher` role) on the given Pub/Sub topic. Not - having adequate permissions causes the calls that send notifications - to fail - (https://cloud.google.com/healthcare-api/docs/permissions-healthcare-api-gcp-products#dicom_fhir_and_hl7v2_store_cloud_pubsub_permissions). - If a notification can't be published to Pub/Sub, errors are logged - to Cloud Logging. For more information, see [Viewing error logs in - Cloud - Logging](https://cloud.google.com/healthcare-api/docs/how-tos/logging). + A list of licensed vocabularies to use in the request, in addition + to the default unlicensed vocabularies. + alternativeOutputFormat: + enum: + - ALTERNATIVE_OUTPUT_FORMAT_UNSPECIFIED + - FHIR_BUNDLE type: string - ListDicomStoresResponse: - id: ListDicomStoresResponse - description: Lists the DICOM stores in the given dataset. + enumDescriptions: + - No alternative output format is specified. + - FHIR bundle output. + description: >- + Optional. Alternative output format to be generated based on the + results of analysis. + documentContent: + description: document_content is a document to be annotated. + type: string + ListHl7V2StoresResponse: type: object + id: ListHl7V2StoresResponse + description: Lists the HL7v2 stores in the given dataset. properties: - dicomStores: + hl7V2Stores: + type: array description: >- - The returned DICOM stores. Won't be more DICOM stores than the value + The returned HL7v2 stores. Won't be more HL7v2 stores than the value of page_size in the request. - type: array items: - $ref: '#/components/schemas/DicomStore' + $ref: '#/components/schemas/Hl7V2Store' nextPageToken: + type: string description: >- Token to retrieve the next page of results or empty if there are no more results in the list. - type: string - ImportDicomDataRequest: - id: ImportDicomDataRequest - description: >- - Imports data into the specified DICOM store. Returns an error if any of - the files to import are not DICOM files. This API accepts duplicate - DICOM instances by ignoring the newly-pushed instance. It does not - overwrite. + RollbackHL7MessagesFilteringFields: + properties: + operationIds: + items: + format: uint64 + type: string + type: array + description: Optional. A list of operation IDs to roll back. + id: RollbackHL7MessagesFilteringFields type: object + description: >- + Filtering fields for an HL7v2 rollback. Currently only supports a list + of operation ids to roll back. + CheckDataAccessResponse: properties: - gcsSource: + consented: + type: boolean + description: Whether the requested resource is consented for the given use. + consentDetails: + type: object description: >- - Cloud Storage source data location and import configuration. The - Cloud Healthcare Service Agent requires the - `roles/storage.objectViewer` Cloud IAM roles on the Cloud Storage - location. - $ref: '#/components/schemas/GoogleCloudHealthcareV1DicomGcsSource' - blobStorageSettings: + The resource names of all evaluated Consents mapped to their + evaluation. + additionalProperties: + $ref: '#/components/schemas/ConsentEvaluation' + type: object + id: CheckDataAccessResponse + description: >- + Checks if a particular data_id of a User data mapping in the given + consent store is consented for a given use. + ActivateConsentRequest: + properties: + expireTime: + type: string + description: Timestamp in UTC of when this Consent is considered expired. + format: google-datetime + ttl: + type: string + format: google-duration + description: The time to live for this Consent from when it is marked as active. + consentArtifact: description: >- - Optional. The blob storage settings for the data imported by this - operation. - $ref: '#/components/schemas/BlobStorageSettings' - GoogleCloudHealthcareV1DicomGcsSource: - id: GoogleCloudHealthcareV1DicomGcsSource - description: Specifies the configuration for importing data from Cloud Storage. + Required. The resource name of the Consent artifact that contains + documentation of the user's consent, of the form + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consentArtifacts/{consent_artifact_id}`. + If the draft Consent had a Consent artifact, this Consent artifact + overwrites it. + type: string + id: ActivateConsentRequest type: object + description: >- + Activates the latest revision of the specified Consent by committing a + new revision with `state` updated to `ACTIVE`. If the latest revision of + the given Consent is in the `ACTIVE` state, no new revision is + committed. A FAILED_PRECONDITION error occurs if the latest revision of + the given consent is in the `REJECTED` or `REVOKED` state. + GoogleCloudHealthcareV1DicomGcsDestination: properties: - uri: - description: >- - Points to a Cloud Storage URI containing file(s) with content only. - The URI must be in the following format: - `gs://{bucket_id}/{object_id}`. The URI can include wildcards in - `object_id` and thus identify multiple files. Supported wildcards: * - '*' to match 0 or more non-separator characters * '**' to match 0 or - more characters (including separators). Must be used at the end of a - path and with no other wildcards in the path. Can also be used with - a file extension (such as .dcm), which imports all files with the - extension in the specified directory and its sub-directories. For - example, `gs://my-bucket/my-directory/**.dcm` imports all files with - .dcm extensions in `my-directory/` and its sub-directories. * '?' to - match 1 character. All other URI formats are invalid. Files matching - the wildcard are expected to contain content only, no metadata. - type: string - ExportDicomDataRequest: - id: ExportDicomDataRequest - description: >- - Exports data from the specified DICOM store. If a given resource, such - as a DICOM object with the same SOPInstance UID, already exists in the - output, it is overwritten with the version in the source dataset. - Exported DICOM data persists when the DICOM store from which it was - exported is deleted. - type: object - properties: - gcsDestination: - description: >- - The Cloud Storage output destination. The Cloud Healthcare Service - Agent requires the `roles/storage.objectAdmin` Cloud IAM roles on - the Cloud Storage location. - $ref: '#/components/schemas/GoogleCloudHealthcareV1DicomGcsDestination' - bigqueryDestination: - description: >- - The BigQuery output destination. You can only export to a BigQuery - dataset that's in the same project as the DICOM store you're - exporting from. The Cloud Healthcare Service Agent requires two IAM - roles on the BigQuery location: `roles/bigquery.dataEditor` and - `roles/bigquery.jobUser`. - $ref: '#/components/schemas/GoogleCloudHealthcareV1DicomBigQueryDestination' - GoogleCloudHealthcareV1DicomGcsDestination: - id: GoogleCloudHealthcareV1DicomGcsDestination - description: >- - The Cloud Storage location where the server writes the output and the - export configuration. - type: object - properties: - uriPrefix: - description: >- - The Cloud Storage destination to export to. URI for a Cloud Storage - directory where the server writes the result files, in the format - `gs://{bucket-id}/{path/to/destination/dir}`). If there is no - trailing slash, the service appends one when composing the object - path. The user is responsible for creating the Cloud Storage bucket - referenced in `uri_prefix`. - type: string - mimeType: + mimeType: description: >- MIME types supported by DICOM spec. Each file is written in the following format: @@ -2263,205 +1626,328 @@ components: instances are exported in the original DICOM format they were uploaded in. type: string - DicomStoreMetrics: - id: DicomStoreMetrics - description: DicomStoreMetrics contains metrics describing a DICOM store. - type: object - properties: - name: + uriPrefix: description: >- - Resource name of the DICOM store, of the form - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/dicomStores/{dicom_store_id}`. - type: string - studyCount: - description: Number of studies in the store. - type: string - format: int64 - seriesCount: - description: Number of series in the store. - type: string - format: int64 - instanceCount: - description: Number of instances in the store. - type: string - format: int64 - structuredStorageSizeBytes: - description: Total structured storage bytes for all instances in the store. - type: string - format: int64 - blobStorageSizeBytes: - description: Total blob storage bytes for all instances in the store. + The Cloud Storage destination to export to. URI for a Cloud Storage + directory where the server writes the result files, in the format + `gs://{bucket-id}/{path/to/destination/dir}`). If there is no + trailing slash, the service appends one when composing the object + path. The user is responsible for creating the Cloud Storage bucket + referenced in `uri_prefix`. type: string - format: int64 - HttpBody: - id: HttpBody + id: GoogleCloudHealthcareV1DicomGcsDestination + type: object description: >- - Message that represents an arbitrary HTTP body. It should only be used - for payload formats that can't be represented as JSON, such as raw - binary or an HTML page. This message can be used both in streaming and - non-streaming API methods in the request as well as the response. It can - be used as a top-level request field, which is convenient if one wants - to extract parameters from either the URL or HTTP template into the - request fields and also want access to the raw HTTP body. Example: - message GetResourceRequest { // A unique request id. string request_id = - 1; // The raw HTTP body is bound to this field. google.api.HttpBody - http_body = 2; } service ResourceService { rpc - GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc - UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } - Example with streaming methods: service CaldavService { rpc - GetCalendar(stream google.api.HttpBody) returns (stream - google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) - returns (stream google.api.HttpBody); } Use of this type only changes - how the request and response bodies are handled, all other features will - continue to work unchanged. + The Cloud Storage location where the server writes the output and the + export configuration. + ApplyAdminConsentsErrorDetail: type: object + description: >- + Contains the error details of the unsupported admin Consent resources + for when the ApplyAdminConsents method fails to apply one or more + Consent resources. + id: ApplyAdminConsentsErrorDetail properties: - contentType: - description: >- - The HTTP Content-Type header value specifying the content type of - the body. - type: string - data: - description: The HTTP request/response body as raw binary. - type: string - format: byte - extensions: + consentErrors: description: >- - Application specific response metadata. Must be set in the first - response for streaming APIs. + The list of Consent resources that are unsupported or cannot be + applied and the error associated with each of them. type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - StudyMetrics: - id: StudyMetrics - description: StudyMetrics contains metrics describing a DICOM study. - type: object - properties: - study: + $ref: '#/components/schemas/ConsentErrors' + existingOperationId: description: >- - The study resource path. For example, - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/dicomStores/{dicom_store_id}/dicomWeb/studies/{study_uid}`. - type: string - structuredStorageSizeBytes: - description: Total structured storage bytes for all instances in the study. - type: string - format: int64 - blobStorageSizeBytes: - description: Total blob storage bytes for all instances in the study. - type: string - format: int64 - instanceCount: - description: Number of instances in the study. - type: string - format: int64 - seriesCount: - description: Number of series in the study. + The currently in progress non-validate-only ApplyAdminConsents + operation ID if exist. + format: uint64 type: string - format: int64 - SeriesMetrics: - id: SeriesMetrics - description: SeriesMetrics contains metrics describing a DICOM series. + FhirFilter: type: object properties: - series: + resources: description: >- - The series resource path. For example, - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/dicomStores/{dicom_store_id}/dicomWeb/studies/{study_uid}/series/{series_uid}`. - type: string - structuredStorageSizeBytes: - description: Total structured storage bytes for all instances in the series. - type: string - format: int64 - blobStorageSizeBytes: - description: Total blob storage bytes for all instances in the series. - type: string - format: int64 - instanceCount: - description: Number of instances in the series. - type: string - format: int64 - Hl7V2Store: - id: Hl7V2Store - description: Represents an HL7v2 store. - type: object + List of resources to include in the output. If this list is empty or + not specified, all resources are included in the output. + $ref: '#/components/schemas/Resources' + id: FhirFilter + description: Filter configuration. + EntityMention: properties: - name: + text: + $ref: '#/components/schemas/TextSpan' + description: text is the location of the entity mention in the document. + confidence: + type: number description: >- - Identifier. Resource name of the HL7v2 store, of the form - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/hl7V2Stores/{hl7v2_store_id}`. + The model's confidence in this entity mention annotation. A number + between 0 and 1. + format: double + mentionId: type: string - parserConfig: - description: >- - Optional. The configuration for the parser. It determines how the - server parses the messages. - $ref: '#/components/schemas/ParserConfig' - labels: description: >- - User-supplied key-value pairs used to organize HL7v2 stores. Label - keys must be between 1 and 63 characters long, have a UTF-8 encoding - of maximum 128 bytes, and must conform to the following PCRE regular - expression: \p{Ll}\p{Lo}{0,62} Label values are optional, must be - between 1 and 63 characters long, have a UTF-8 encoding of maximum - 128 bytes, and must conform to the following PCRE regular - expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can - be associated with a given store. - type: object - additionalProperties: - type: string - notificationConfigs: + mention_id uniquely identifies each entity mention in a single + response. + type: + type: string description: >- - Optional. A list of notification configs. Each configuration uses a - filter to determine whether to publish a message (both Ingest & - Create) on the corresponding notification destination. Only the - message name is sent as part of the notification. Supplied by the - client. + The semantic type of the entity: UNKNOWN_ENTITY_TYPE, ALONE, + ANATOMICAL_STRUCTURE, ASSISTED_LIVING, BF_RESULT, BM_RESULT, + BM_UNIT, BM_VALUE, BODY_FUNCTION, BODY_MEASUREMENT, COMPLIANT, + DOESNOT_FOLLOWUP, FAMILY, FOLLOWSUP, LABORATORY_DATA, LAB_RESULT, + LAB_UNIT, LAB_VALUE, MEDICAL_DEVICE, MEDICINE, MED_DOSE, + MED_DURATION, MED_FORM, MED_FREQUENCY, MED_ROUTE, MED_STATUS, + MED_STRENGTH, MED_TOTALDOSE, MED_UNIT, NON_COMPLIANT, + OTHER_LIVINGSTATUS, PROBLEM, PROCEDURE, PROCEDURE_RESULT, + PROC_METHOD, REASON_FOR_NONCOMPLIANCE, SEVERITY, SUBSTANCE_ABUSE, + UNCLEAR_FOLLOWUP. + linkedEntities: type: array - items: - $ref: '#/components/schemas/Hl7V2NotificationConfig' - rejectDuplicateMessage: description: >- - Optional. Determines whether to reject duplicate messages. A - duplicate message is a message with the same raw bytes as a message - that has already been ingested/created in this HL7v2 store. The - default value is false, meaning that the store accepts the duplicate - messages and it also returns the same ACK message in the - IngestMessageResponse as has been returned previously. Note that - only one resource is created in the store. When this field is set to - true, CreateMessage/IngestMessage requests with a duplicate message - will be rejected by the store, and IngestMessageErrorDetail returns - a NACK message upon rejection. - type: boolean - ParserConfig: - id: ParserConfig + linked_entities are candidate ontological concepts that this entity + mention may refer to. They are sorted by decreasing confidence. + items: + $ref: '#/components/schemas/LinkedEntity' + subject: + $ref: '#/components/schemas/Feature' + description: >- + The subject this entity mention relates to. Its value is one of: + PATIENT, FAMILY_MEMBER, OTHER + certaintyAssessment: + $ref: '#/components/schemas/Feature' + description: >- + The certainty assessment of the entity mention. Its value is one of: + LIKELY, SOMEWHAT_LIKELY, UNCERTAIN, SOMEWHAT_UNLIKELY, UNLIKELY, + CONDITIONAL + temporalAssessment: + $ref: '#/components/schemas/Feature' + description: >- + How this entity mention relates to the subject temporally. Its value + is one of: CURRENT, CLINICAL_HISTORY, FAMILY_HISTORY, UPCOMING, + ALLERGY + id: EntityMention + type: object + description: An entity mention in the document. + QueryAccessibleDataRequest: + type: object description: >- - The configuration for the parser. It determines how the server parses - the messages. + Queries all data_ids that are consented for a given use in the given + consent store and writes them to a specified destination. The returned + Operation includes a progress counter for the number of User data + mappings processed. Errors are logged to Cloud Logging (see [Viewing + error logs in Cloud Logging] + (https://cloud.google.com/healthcare/docs/how-tos/logging) and + [QueryAccessibleData] for a sample log entry). + id: QueryAccessibleDataRequest + properties: + gcsDestination: + description: >- + The Cloud Storage destination. The Cloud Healthcare API service + account must have the `roles/storage.objectAdmin` Cloud IAM role for + this Cloud Storage location. + $ref: '#/components/schemas/GoogleCloudHealthcareV1ConsentGcsDestination' + resourceAttributes: + description: >- + Optional. The values of resource attributes associated with the type + of resources being requested. If no values are specified, then all + resource types are included in the output. + additionalProperties: + type: string + type: object + requestAttributes: + additionalProperties: + type: string + description: >- + The values of request attributes associated with this access + request. + type: object + DeidentifyConfig: + id: DeidentifyConfig type: object + description: >- + Configures de-id options specific to different types of content. Each + submessage customizes the handling of an + https://tools.ietf.org/html/rfc6838 media type or subtype. Configs are + applied in a nested manner at runtime. properties: - allowNullHeader: - description: Optional. Determines whether messages with no header are allowed. + image: + description: >- + Optional. Configures de-identification of image pixels wherever they + are found in the source_dataset. + $ref: '#/components/schemas/ImageConfig' + fhir: + $ref: '#/components/schemas/FhirConfig' + description: Optional. Configures de-id of application/FHIR content. + text: + $ref: '#/components/schemas/TextConfig' + description: >- + Optional. Configures de-identification of text wherever it is found + in the source_dataset. + dicom: + description: Optional. Configures de-id of application/DICOM content. + $ref: '#/components/schemas/DicomConfig' + useRegionalDataProcessing: type: boolean - segmentTerminator: description: >- - Optional. Byte(s) to use as the segment terminator. If this is - unset, '\r' is used as segment terminator, matching the HL7 version - 2 specification. + Optional. Ensures in-flight data remains in the region of origin + during de-identification. The default value is false. Using this + option results in a significant reduction of throughput, and is not + compatible with `LOCATION` or `ORGANIZATION_NAME` infoTypes. + `LOCATION` must be excluded within TextConfig, and must also be + excluded within ImageConfig if image redaction is required. + FhirStoreMetrics: + id: FhirStoreMetrics + properties: + name: type: string - format: byte - schema: description: >- - Optional. Schemas used to parse messages in this store, if - schematized parsing is desired. - $ref: '#/components/schemas/SchemaPackage' - version: + The resource name of the FHIR store to get metrics for, in the + format + `projects/{project_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`. + metrics: + type: array + description: List of FhirStoreMetric by resource type. + items: + $ref: '#/components/schemas/FhirStoreMetric' + type: object + description: List of metrics for a given FHIR store. + GoogleCloudHealthcareV1DicomBigQueryDestination: + type: object + properties: + schemaJson: description: >- - Immutable. Determines the version of both the default parser to be - used when `schema` is not given, as well as the schematized parser - used when `schema` is specified. This field is immutable after HL7v2 - store creation. + Optional. Setting this field will store all the DICOM tags as a JSON + type in a single column. + $ref: '#/components/schemas/SchemaJSON' + force: + type: boolean + description: >- + Optional. Use `write_disposition` instead. If `write_disposition` is + specified, this parameter is ignored. force=false is equivalent to + write_disposition=WRITE_EMPTY and force=true is equivalent to + write_disposition=WRITE_TRUNCATE. + schemaFlattened: + description: >- + Optional. Setting this field will use flattened DICOM instances + schema for the BigQuery table. The flattened schema will have one + column for each DICOM tag. + $ref: '#/components/schemas/SchemaFlattened' + writeDisposition: + enumDescriptions: + - Default behavior is the same as WRITE_EMPTY. + - Only export data if the destination table is empty. + - >- + Erase all existing data in the destination table before writing + the instances. + - Append data to the destination table. + type: string + enum: + - WRITE_DISPOSITION_UNSPECIFIED + - WRITE_EMPTY + - WRITE_TRUNCATE + - WRITE_APPEND + description: >- + Optional. Determines whether the existing table in the destination + is to be overwritten or appended to. If a write_disposition is + specified, the `force` parameter is ignored. + tableUri: + description: >- + Optional. BigQuery URI to a table, up to 2000 characters long, in + the format `bq://projectId.bqDatasetId.tableId` + type: string + includeSourceStore: + type: boolean + description: >- + Optional. If true, the source store name will be included as a + column in the BigQuery schema. + description: The BigQuery table where the server writes the output. + id: GoogleCloudHealthcareV1DicomBigQueryDestination + GoogleCloudHealthcareV1DeidentifyDeidentifyFhirStoreSummary: + type: object + id: GoogleCloudHealthcareV1DeidentifyDeidentifyFhirStoreSummary + description: Contains a summary of the DeidentifyFhirStore operation. + properties: {} + ListOperationsResponse: + type: object + id: ListOperationsResponse + properties: + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + items: + type: string + type: array + nextPageToken: + description: The standard List next-page token. + type: string + operations: + type: array + items: + $ref: '#/components/schemas/Operation' + description: >- + A list of operations that matches the specified filter in the + request. + description: The response message for Operations.ListOperations. + GoogleCloudHealthcareV1DicomStreamConfig: + id: GoogleCloudHealthcareV1DicomStreamConfig + description: StreamConfig specifies configuration for a streaming DICOM export. + properties: + bigqueryDestination: + $ref: '#/components/schemas/GoogleCloudHealthcareV1DicomBigQueryDestination' + description: >- + Results are appended to this table. The server creates a new table + in the given BigQuery dataset if the specified table does not exist. + To enable the Cloud Healthcare API to write to your BigQuery table, + you must give the Cloud Healthcare API service account the + bigquery.dataEditor role. The service account is: + `service-{PROJECT_NUMBER}@gcp-sa-healthcare.iam.gserviceaccount.com`. + The PROJECT_NUMBER identifies the project that the DICOM store + resides in. To get the project number, go to the Cloud Console + Dashboard. It is recommended to not have a custom schema in the + destination table which could conflict with the schema created by + the Cloud Healthcare API. Instance deletions are not applied to the + destination table. The destination's table schema will be + automatically updated in case a new instance's data is incompatible + with the current schema. The schema should not be updated manually + as this can cause incompatibilies that cannot be resolved + automatically. One resolution in this case is to delete the + incompatible table and let the server recreate one, though the newly + created table only contains data after the table recreation. + BigQuery imposes a 1 MB limit on streaming insert row size, + therefore any instance that generates more than 1 MB of BigQuery + data will not be streamed. If an instance cannot be streamed to + BigQuery, errors will be logged to Cloud Logging (see [Viewing error + logs in Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). + type: object + VersionSource: + description: >- + Describes a selector for extracting and matching an MSH field to a + value. + properties: + mshField: + type: string + description: >- + The field to extract from the MSH segment. For example, "3.1" or + "18[1].1". + value: + description: >- + The value to match with the field. For example, "My Application + Name" or "2.3". + type: string + type: object + id: VersionSource + ParserConfig: + type: object + properties: + version: + enum: + - PARSER_VERSION_UNSPECIFIED + - V1 + - V2 + - V3 type: string enumDescriptions: - Unspecified parser version, equivalent to V1. @@ -2478,279 +1964,175 @@ components: separators, escape characters, and truncation characters. If `schema` is specified, the schematized parser uses improved parsing heuristics compared to previous versions. - enum: - - PARSER_VERSION_UNSPECIFIED - - V1 - - V2 - - V3 - SchemaPackage: - id: SchemaPackage - description: A schema package contains a set of schemas and type definitions. - type: object - properties: - schematizedParsingType: - description: Optional. Determines how messages that fail to parse are handled. - type: string - enumDescriptions: - - Unspecified schematized parsing type, equivalent to `SOFT_FAIL`. - - >- - Messages that fail to parse are still stored and ACKed but a - parser error is stored in place of the schematized data. - - >- - Messages that fail to parse are rejected from ingestion/insertion - and return an error code. - enum: - - SCHEMATIZED_PARSING_TYPE_UNSPECIFIED - - SOFT_FAIL - - HARD_FAIL - schemas: - description: >- - Optional. Schema configs that are layered based on their - VersionSources that match the incoming message. Schema configs - present in higher indices override those in lower indices with the - same message type and trigger event if their VersionSources all - match an incoming message. - type: array - items: - $ref: '#/components/schemas/Hl7SchemaConfig' - types: - description: >- - Optional. Schema type definitions that are layered based on their - VersionSources that match the incoming message. Type definitions - present in higher indices override those in lower indices with the - same type name if their VersionSources all match an incoming - message. - type: array - items: - $ref: '#/components/schemas/Hl7TypesConfig' - ignoreMinOccurs: description: >- - Optional. Flag to ignore all min_occurs restrictions in the schema. - This means that incoming messages can omit any group, segment, - field, component, or subcomponent. - type: boolean - unexpectedSegmentHandling: + Immutable. Determines the version of both the default parser to be + used when `schema` is not given, as well as the schematized parser + used when `schema` is specified. This field is immutable after HL7v2 + store creation. + schema: + $ref: '#/components/schemas/SchemaPackage' description: >- - Optional. Determines how unexpected segments (segments not matched - to the schema) are handled. + Optional. Schemas used to parse messages in this store, if + schematized parsing is desired. + segmentTerminator: type: string - enumDescriptions: - - Unspecified handling mode, equivalent to FAIL. - - Unexpected segments fail to parse and return an error. - - Unexpected segments do not fail, but are omitted from the output. - - >- - Unexpected segments do not fail, but are parsed in place and added - to the current group. If a segment has a type definition, it is - used, otherwise it is parsed as VARIES. - enum: - - UNEXPECTED_SEGMENT_HANDLING_MODE_UNSPECIFIED - - FAIL - - SKIP - - PARSE - Hl7SchemaConfig: - id: Hl7SchemaConfig - description: >- - Root config message for HL7v2 schema. This contains a schema structure - of groups and segments, and filters that determine which messages to - apply the schema structure to. - type: object - properties: - version: - description: >- - Each VersionSource is tested and only if they all match is the - schema used for the message. - type: array - items: - $ref: '#/components/schemas/VersionSource' - messageSchemaConfigs: + format: byte description: >- - Map from each HL7v2 message type and trigger event pair, such as - ADT_A04, to its schema configuration root group. - type: object - additionalProperties: - $ref: '#/components/schemas/SchemaGroup' - VersionSource: - id: VersionSource + Optional. Byte(s) to use as the segment terminator. If this is + unset, '\r' is used as segment terminator, matching the HL7 version + 2 specification. + allowNullHeader: + type: boolean + description: Optional. Determines whether messages with no header are allowed. description: >- - Describes a selector for extracting and matching an MSH field to a - value. + The configuration for the parser. It determines how the server parses + the messages. + id: ParserConfig + ValidationConfig: + id: ValidationConfig + description: Contains the configuration for FHIR profiles and validation. type: object properties: - mshField: + disableFhirpathValidation: + type: boolean description: >- - The field to extract from the MSH segment. For example, "3.1" or - "18[1].1". - type: string - value: + Optional. Whether to disable FHIRPath validation for incoming + resources. The default value is false. Set this to true to disable + checking incoming resources for conformance against FHIRPath + requirement defined in the FHIR specification. This property only + affects resource types that do not have profiles configured for + them, any rules in enabled implementation guides will still be + enforced. + disableReferenceTypeValidation: + type: boolean description: >- - The value to match with the field. For example, "My Application - Name" or "2.3". - type: string - SchemaGroup: - id: SchemaGroup - description: An HL7v2 logical group construct. - type: object - properties: - name: - description: The name of this group. For example, "ORDER_DETAIL". - type: string - choice: + Optional. Whether to disable reference type validation for incoming + resources. The default value is false. Set this to true to disable + checking incoming resources for conformance against reference type + requirement defined in the FHIR specification. This property only + affects resource types that do not have profiles configured for + them, any rules in enabled implementation guides will still be + enforced. + disableRequiredFieldValidation: description: >- - True indicates that this is a choice group, meaning that only one of - its segments can exist in a given message. + Optional. Whether to disable required fields validation for incoming + resources. The default value is false. Set this to true to disable + checking incoming resources for conformance against required fields + requirement defined in the FHIR specification. This property only + affects resource types that do not have profiles configured for + them, any rules in enabled implementation guides will still be + enforced. type: boolean - minOccurs: - description: The minimum number of times this group must be present/repeated. - type: integer - format: int32 - maxOccurs: + disableProfileValidation: description: >- - The maximum number of times this group can be repeated. 0 or -1 - means unbounded. - type: integer - format: int32 - members: - description: Nested groups and/or segments. - type: array + Optional. Whether to disable profile validation for this FHIR store. + The default value is false. Set this to true to disable checking + incoming resources for conformance against structure definitions in + this FHIR store. + type: boolean + enabledImplementationGuides: items: - $ref: '#/components/schemas/GroupOrSegment' - GroupOrSegment: - id: GroupOrSegment - description: Construct representing a logical group or a segment. - type: object - properties: - segment: - $ref: '#/components/schemas/SchemaSegment' - group: - $ref: '#/components/schemas/SchemaGroup' - SchemaSegment: - id: SchemaSegment - description: An HL7v2 Segment. - type: object - properties: - type: - description: The Segment type. For example, "PID". - type: string - minOccurs: - description: >- - The minimum number of times this segment can be present in this - group. - type: integer - format: int32 - maxOccurs: + type: string description: >- - The maximum number of times this segment can be present in this - group. 0 or -1 means unbounded. - type: integer - format: int32 - Hl7TypesConfig: - id: Hl7TypesConfig - description: Root config for HL7v2 datatype definitions for a specific HL7v2 version. + Optional. A list of implementation guide URLs in this FHIR store + that are used to configure the profiles to use for validation. For + example, to use the US Core profiles for validation, set + `enabled_implementation_guides` to + `["http://hl7.org/fhir/us/core/ImplementationGuide/ig"]`. If + `enabled_implementation_guides` is empty or omitted, then incoming + resources are only required to conform to the base FHIR profiles. + Otherwise, a resource must conform to at least one profile listed in + the `global` property of one of the enabled ImplementationGuides. + The Cloud Healthcare API does not currently enforce all of the rules + in a StructureDefinition. The following rules are supported: - + min/max - minValue/maxValue - maxLength - type - fixed[x] - + pattern[x] on simple types - slicing, when using "value" as the + discriminator type - FHIRPath constraints (only when + `enable_fhirpath_profile_validation` is true) When a URL cannot be + resolved (for example, in a type assertion), the server does not + return an error. + type: array + ListDatasetsResponse: type: object properties: - version: + nextPageToken: description: >- - The version selectors that this config applies to. A message must - match ALL version sources to apply. - type: array + Token to retrieve the next page of results, or empty if there are no + more results in the list. + type: string + datasets: items: - $ref: '#/components/schemas/VersionSource' - type: - description: The HL7v2 type definitions. + $ref: '#/components/schemas/Dataset' type: array - items: - $ref: '#/components/schemas/Type' - Type: - id: Type - description: A type definition for some HL7v2 type (incl. Segments and Datatypes). + description: The first page of datasets. + id: ListDatasetsResponse + description: Lists the available datasets. + ConsentHeaderHandling: + description: How the server handles the consent header. type: object properties: - name: - description: >- - The name of this type. This would be the segment or datatype name. - For example, "PID" or "XPN". - type: string - primitive: - description: >- - If this is a primitive type then this field is the type of the - primitive For example, STRING. Leave unspecified for composite - types. - type: string + profile: enumDescriptions: - - Not a primitive. - - String primitive. - - Element that can have unschematized children. - - Like STRING, but all delimiters below this element are ignored. - enum: - - PRIMITIVE_UNSPECIFIED - - STRING - - VARIES - - UNESCAPED_STRING - fields: - description: The (sub) fields this type has (if not primitive). - type: array - items: - $ref: '#/components/schemas/Field' - Field: - id: Field - description: A (sub) field of a type. - type: object - properties: - name: - description: The name of the field. For example, "PID-1" or just "1". - type: string - type: - description: >- - The type of this field. A Type with this name must be defined in an - Hl7TypesConfig. - type: string - table: + - If not specified, the default value `PERMIT_EMPTY_SCOPE` is used. + - >- + When no consent scopes are provided (for example, if there's an + empty or missing header), then consent check is disabled, similar + to when `access_enforced` is `false`. You can use audit logs to + differentiate these two cases by looking at the value of + `protopayload.metadata.consentMode`. If consents scopes are + present, they must be valid and within the allowed limits, + otherwise the request will be rejected with a `4xx` code. + - >- + The consent header must be non-empty when performing read and + search operations, otherwise the request is rejected with a `4xx` + code. Additionally, invalid consent scopes or scopes exceeding the + allowed limits are rejected. description: >- - The HL7v2 table this field refers to. For example, PID-15 (Patient's - Primary Language) usually refers to table "0296". + Optional. Specifies the default server behavior when the header is + empty. If not specified, the `ScopeProfile.PERMIT_EMPTY_SCOPE` + option is used. + enum: + - SCOPE_PROFILE_UNSPECIFIED + - PERMIT_EMPTY_SCOPE + - REQUIRED_ON_READ type: string - minOccurs: - description: The minimum number of times this field must be present/repeated. - type: integer - format: int32 - maxOccurs: - description: >- - The maximum number of times this field can be repeated. 0 or -1 - means unbounded. - type: integer - format: int32 - Hl7V2NotificationConfig: - id: Hl7V2NotificationConfig - description: >- - Specifies where and whether to send notifications upon changes to a data - store. + id: ConsentHeaderHandling + DeidentifySummary: + description: Contains a summary of the Deidentify operation. + type: object + properties: {} + id: DeidentifySummary + ExportMessagesRequest: type: object properties: - pubsubTopic: + gcsDestination: + $ref: '#/components/schemas/GcsDestination' + description: Export to a Cloud Storage destination. + endTime: description: >- - The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that - notifications of changes are published on. Supplied by the client. - The notification is a `PubsubMessage` with the following fields: * - `PubsubMessage.Data` contains the resource name. * - `PubsubMessage.MessageId` is the ID of this notification. It's - guaranteed to be unique within the topic. * - `PubsubMessage.PublishTime` is the time when the message was - published. Note that notifications are only sent if the topic is - non-empty. [Topic - names](https://cloud.google.com/pubsub/docs/overview#names) must be - scoped to a project. The Cloud Healthcare API service account, - service-PROJECT_NUMBER@gcp-sa-healthcare.iam.gserviceaccount.com, - must have publisher permissions on the given Pub/Sub topic. Not - having adequate permissions causes the calls that send notifications - to fail. If a notification cannot be published to Pub/Sub, errors - are logged to Cloud Logging. For more information, see [Viewing - error logs in Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). + The end of the range in `send_time` (MSH.7, + https://www.hl7.org/documentcenter/public_temp_2E58C1F9-1C23-BA17-0C6126475344DA9D/wg/conf/HL7MSH.htm) + to process. If not specified, the time when the export is scheduled + is used. This value has to come after the `start_time` defined + below. Only messages whose `send_time` lies in the range + `start_time` (inclusive) to `end_time` (exclusive) are exported. + format: google-datetime + type: string + startTime: + format: google-datetime + description: >- + The start of the range in `send_time` (MSH.7, + https://www.hl7.org/documentcenter/public_temp_2E58C1F9-1C23-BA17-0C6126475344DA9D/wg/conf/HL7MSH.htm) + to process. If not specified, the UNIX epoch (1970-01-01T00:00:00Z) + is used. This value has to come before the `end_time` defined below. + Only messages whose `send_time` lies in the range `start_time` + (inclusive) to `end_time` (exclusive) are exported. type: string filter: + type: string description: >- - Optional. Restricts notifications sent for messages matching a - filter. If this is empty, all messages are matched. The following + Restricts messages exported to those matching a filter, only + applicable to PubsubDestination and GcsDestination. The following syntax is available: * A string field value can be written as text inside quotation marks, for example `"query text"`. The only valid relational operation for text fields is equality (`=`), where text @@ -2762,8 +2144,8 @@ components: with the less than/greater than operators (`<`, `<=`, `>`, `>=`). Note that there is no inequality (`!=`) operator. You can prepend the `NOT` operator to an expression to negate it. * A date field - value must be written in `yyyy-mm-dd` form. Fields with date and - time use the RFC3339 time format. Leading zeros are required for + value must be written in the `yyyy-mm-dd` format. Fields with date + and time use the RFC3339 time format. Leading zeros are required for one-digit months and days. The valid relational operators for date fields are the equality operator (`=`) , along with the less than/greater than operators (`<`, `<=`, `>`, `>=`). Note that there @@ -2771,454 +2153,1311 @@ components: to an expression to negate it. * Multiple field query expressions can be combined in one query by adding `AND` or `OR` operators between the expressions. If a boolean operator appears within a - quoted string, it is not treated as special, it's just another part - of the character string to be matched. You can prepend the `NOT` - operator to an expression to negate it. The following fields and - functions are available for filtering: * `message_type`, from the - MSH-9.1 field. For example, `NOT message_type = "ADT"`. * - `send_date` or `sendDate`, the YYYY-MM-DD date the message was sent - in the dataset's time_zone, from the MSH-7 segment. For example, - `send_date < "2017-01-02"`. * `send_time`, the timestamp when the - message was sent, using the RFC3339 time format for comparisons, - from the MSH-7 segment. For example, `send_time < + quoted string, it is not treated as special, and is just another + part of the character string to be matched. You can prepend the + `NOT` operator to an expression to negate it. The following fields + and functions are available for filtering: * `message_type`, from + the MSH-9.1 field. For example, `NOT message_type = "ADT"`. * + `send_date` or `sendDate`, the `yyyy-mm-dd` date the message was + sent in the dataset's time_zone, from the MSH-7 segment. For + example, `send_date < "2017-01-02"`. * `send_time`, the timestamp + when the message was sent, using the RFC3339 time format for + comparisons, from the MSH-7 segment. For example, `send_time < "2017-01-02T00:00:00-05:00"`. * `create_time`, the timestamp when the message was created in the HL7v2 store. Use the RFC3339 time format for comparisons. For example, `create_time < "2017-01-02T00:00:00-05:00"`. * `send_facility`, the care center that the message came from, from the MSH-4 segment. For example, - `send_facility = "ABC"`. * `PatientId(value, type)`, which matches - if the message lists a patient having an ID of the given value and - type in the PID-2, PID-3, or PID-4 segments. For example, - `PatientId("123456", "MRN")`. * `labels.x`, a string value of the - label with key `x` as set using the Message.labels map. For example, - `labels."priority"="high"`. The operator `:*` can be used to assert - the existence of a label. For example, `labels."priority":*`. - type: string - ListHl7V2StoresResponse: - id: ListHl7V2StoresResponse - description: Lists the HL7v2 stores in the given dataset. + `send_facility = "ABC"`. Note: The filter will be applied to every + message in the HL7v2 store whose `send_time` lies in the range + defined by the `start_time` and the `end_time`. Even if the filter + only matches a small set of messages, the export operation can still + take a long time to finish when a lot of messages are between the + specified `start_time` and `end_time` range. + pubsubDestination: + description: Export messages to a Pub/Sub topic. + $ref: '#/components/schemas/PubsubDestination' + description: Request to schedule an export. + id: ExportMessagesRequest + SchemaConfig: type: object + id: SchemaConfig + description: >- + Configuration for the FHIR BigQuery schema. Determines how the server + generates the schema. properties: - hl7V2Stores: + recursiveStructureDepth: + type: string + format: int64 description: >- - The returned HL7v2 stores. Won't be more HL7v2 stores than the value - of page_size in the request. - type: array - items: - $ref: '#/components/schemas/Hl7V2Store' - nextPageToken: + The depth for all recursive structures in the output analytics + schema. For example, `concept` in the CodeSystem resource is a + recursive structure; when the depth is 2, the CodeSystem table will + have a column called `concept.concept` but not + `concept.concept.concept`. If not specified or set to 0, the server + will use the default value 2. The maximum depth allowed is 5. + lastUpdatedPartitionConfig: description: >- - Token to retrieve the next page of results or empty if there are no - more results in the list. + The configuration for exported BigQuery tables to be partitioned by + FHIR resource's last updated time column. + $ref: '#/components/schemas/TimePartitioning' + schemaType: type: string - IngestMessageRequest: - id: IngestMessageRequest - description: Ingests a message into the specified HL7v2 store. - type: object + enum: + - SCHEMA_TYPE_UNSPECIFIED + - ANALYTICS + - ANALYTICS_V2 + description: Specifies the output schema type. Schema type is required. + enumDescriptions: + - No schema type specified. This type is unsupported. + - >- + Analytics schema defined by the FHIR community. See + https://github.com/FHIR/sql-on-fhir/blob/master/sql-on-fhir.md. + BigQuery only allows a maximum of 10,000 columns per table. Due to + this limitation, the server will not generate schemas for fields + of type `Resource`, which can hold any resource type. The affected + fields are `Parameters.parameter.resource`, + `Bundle.entry.resource`, and `Bundle.entry.response.outcome`. + Analytics schema does not gracefully handle extensions with one or + more occurrences, anaytics schema also does not handle contained + resource. Additionally, extensions with a URL ending in + "/{existing_resource_field_name}" may cause undefined behavior. + - >- + Analytics V2, similar to schema defined by the FHIR community, + with added support for extensions with one or more occurrences and + contained resources in stringified JSON. Extensions with a URL + ending in "/{existing_resource_field_name}" will cause conflict + and prevent the resource from being sent to BigQuery. Analytics V2 + uses more space in the destination table than Analytics V1. It is + generally recommended to use Analytics V2 over Analytics. + Resources: + description: A list of FHIR resources. properties: - message: - description: Required. HL7v2 message to ingest. - $ref: '#/components/schemas/Message' - Message: - id: Message - description: >- - A complete HL7v2 message. See [Introduction to HL7 Standards] - (https://www.hl7.org/implement/standards/index.cfm?ref=common) for - details on the standard. + resources: + items: + type: string + type: array + description: List of resources IDs. For example, "Patient/1234". type: object + id: Resources + RollbackFhirResourcesResponse: + description: Final response of rollback FIHR resources request. properties: - name: - description: >- - Output only. Resource name of the Message, of the form - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/hl7V2Stores/{hl7_v2_store_id}/messages/{message_id}`. - readOnly: true - type: string - data: - description: Required. Raw message bytes. - type: string - format: byte - createTime: + fhirStore: description: >- - Output only. The datetime when the message was created. Set by the - server. - readOnly: true + The name of the FHIR store to rollback, in the format of + "projects/{project_id}/locations/{location_id}/datasets/{dataset_id} + /fhirStores/{fhir_store_id}". type: string - format: google-datetime - sendFacility: - description: Output only. The hospital that this message came from. MSH-4. - readOnly: true - type: string - sendTime: - description: >- - Output only. The datetime the sending application sent this message. - MSH-7. - readOnly: true - type: string - format: google-datetime - messageType: - description: Output only. The message type for this message. MSH-9.1. - readOnly: true - type: string - patientIds: - description: >- - Output only. All patient IDs listed in the PID-2, PID-3, and PID-4 - segments of this message. - readOnly: true - type: array + type: object + id: RollbackFhirResourcesResponse + InfoTypeTransformation: + properties: + redactConfig: + description: Config for text redaction. + $ref: '#/components/schemas/RedactConfig' + characterMaskConfig: + $ref: '#/components/schemas/CharacterMaskConfig' + description: Config for character mask. + dateShiftConfig: + description: Config for date shift. + $ref: '#/components/schemas/DateShiftConfig' + infoTypes: items: - $ref: '#/components/schemas/PatientId' - labels: - description: >- - User-supplied key-value pairs used to organize HL7v2 stores. Label - keys must be between 1 and 63 characters long, have a UTF-8 encoding - of maximum 128 bytes, and must conform to the following PCRE regular - expression: \p{Ll}\p{Lo}{0,62} Label values are optional, must be - between 1 and 63 characters long, have a UTF-8 encoding of maximum - 128 bytes, and must conform to the following PCRE regular - expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can - be associated with a given store. - type: object - additionalProperties: type: string - parsedData: - description: Output only. The parsed version of the raw message data. - readOnly: true - $ref: '#/components/schemas/ParsedData' - schematizedData: description: >- - Output only. The parsed version of the raw message data schematized - according to this store's schemas and type definitions. - readOnly: true - $ref: '#/components/schemas/SchematizedData' - PatientId: - id: PatientId - description: A patient identifier and associated type. + Optional. InfoTypes to apply this transformation to. If this is not + specified, the transformation applies to any info_type. + type: array + cryptoHashConfig: + $ref: '#/components/schemas/CryptoHashConfig' + description: Config for crypto hash. + replaceWithInfoTypeConfig: + description: Config for replace with InfoType. + $ref: '#/components/schemas/ReplaceWithInfoTypeConfig' + description: >- + A transformation to apply to text that is identified as a specific + info_type. + id: InfoTypeTransformation type: object - properties: - value: - description: The patient's unique identifier. - type: string - type: - description: ID type. For example, MRN or NHS. - type: string - ParsedData: - id: ParsedData - description: The content of a HL7v2 message in a structured format. + ListConsentStoresResponse: + id: ListConsentStoresResponse type: object properties: - segments: - type: array + consentStores: + description: >- + The returned consent stores. The maximum number of stores returned + is determined by the value of page_size in the + ListConsentStoresRequest. items: - $ref: '#/components/schemas/Segment' - Segment: - id: Segment - description: A segment in a structured format. + $ref: '#/components/schemas/ConsentStore' + type: array + nextPageToken: + description: >- + Token to retrieve the next page of results, or empty if there are no + more results in the list. + type: string + Type: type: object properties: - segmentId: - description: >- - A string that indicates the type of segment. For example, EVN or - PID. + name: type: string - setId: description: >- - Set ID for segments that can be in a set. This can be empty if it's - missing or isn't applicable. + The name of this type. This would be the segment or datatype name. + For example, "PID" or "XPN". + primitive: + enumDescriptions: + - Not a primitive. + - String primitive. + - Element that can have unschematized children. + - Like STRING, but all delimiters below this element are ignored. + description: >- + If this is a primitive type then this field is the type of the + primitive For example, STRING. Leave unspecified for composite + types. type: string + enum: + - PRIMITIVE_UNSPECIFIED + - STRING + - VARIES + - UNESCAPED_STRING fields: - description: >- - A mapping from the positional location to the value. The key string - uses zero-based indexes separated by dots to identify Fields, - components and sub-components. A bracket notation is also used to - identify different instances of a repeated field. Regex for key: - (\d+)(\[\d+\])?(.\d+)?(.\d+)? Examples of (key, value) pairs: * - (0.1, "hemoglobin") denotes that the first component of Field 0 has - the value "hemoglobin". * (1.1.2, "CBC") denotes that the second - sub-component of the first component of Field 1 has the value "CBC". - * (1[0].1, "HbA1c") denotes that the first component of the first - Instance of Field 1, which is repeated, has the value "HbA1c". - type: object - additionalProperties: - type: string - SchematizedData: - id: SchematizedData + type: array + description: The (sub) fields this type has (if not primitive). + items: + $ref: '#/components/schemas/Field' + description: A type definition for some HL7v2 type (incl. Segments and Datatypes). + id: Type + ImportResourcesResponse: description: >- - The content of an HL7v2 message in a structured format as specified by a - schema. + Final response of importing resources. This structure is included in the + response to describe the detailed outcome after the operation finishes + successfully. type: object - properties: - data: - description: JSON output of the parser. - type: string - error: - description: The error output of the parser. - type: string - IngestMessageResponse: - id: IngestMessageResponse - description: >- - Acknowledges that a message has been ingested into the specified HL7v2 - store. + properties: {} + id: ImportResourcesResponse + Empty: + id: Empty type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + properties: {} + ExportDicomDataRequest: + id: ExportDicomDataRequest properties: - hl7Ack: - description: HL7v2 ACK message. - type: string - format: byte - message: - description: Created message resource. - $ref: '#/components/schemas/Message' - CreateMessageRequest: - id: CreateMessageRequest - description: Creates a new message. + bigqueryDestination: + $ref: '#/components/schemas/GoogleCloudHealthcareV1DicomBigQueryDestination' + description: >- + The BigQuery output destination. You can only export to a BigQuery + dataset that's in the same project as the DICOM store you're + exporting from. The Cloud Healthcare Service Agent requires two IAM + roles on the BigQuery location: `roles/bigquery.dataEditor` and + `roles/bigquery.jobUser`. + gcsDestination: + description: >- + The Cloud Storage output destination. The Cloud Healthcare Service + Agent requires the `roles/storage.objectAdmin` Cloud IAM roles on + the Cloud Storage location. + $ref: '#/components/schemas/GoogleCloudHealthcareV1DicomGcsDestination' type: object - properties: - message: - description: Required. HL7v2 message. - $ref: '#/components/schemas/Message' - ListMessagesResponse: - id: ListMessagesResponse - description: Lists the messages in the specified HL7v2 store. + description: >- + Exports data from the specified DICOM store. If a given resource, such + as a DICOM object with the same SOPInstance UID, already exists in the + output, it is overwritten with the version in the source dataset. + Exported DICOM data persists when the DICOM store from which it was + exported is deleted. + TextSpan: type: object + id: TextSpan + description: A span of text in the provided document. properties: - hl7V2Messages: - description: >- - The returned Messages. Won't be more Messages than the value of - page_size in the request. See view for populated fields. - type: array - items: - $ref: '#/components/schemas/Message' - nextPageToken: - description: >- - Token to retrieve the next page of results or empty if there are no - more results in the list. + content: + description: The original text contained in this span. type: string - ExportMessagesRequest: - id: ExportMessagesRequest - description: Request to schedule an export. + beginOffset: + description: The unicode codepoint index of the beginning of this span. + type: integer + format: int32 + GoogleCloudHealthcareV1FhirBigQueryDestination: + description: The configuration for exporting to BigQuery. type: object properties: - startTime: - description: >- - The start of the range in `send_time` (MSH.7, - https://www.hl7.org/documentcenter/public_temp_2E58C1F9-1C23-BA17-0C6126475344DA9D/wg/conf/HL7MSH.htm) - to process. If not specified, the UNIX epoch (1970-01-01T00:00:00Z) - is used. This value has to come before the `end_time` defined below. - Only messages whose `send_time` lies in the range `start_time` - (inclusive) to `end_time` (exclusive) are exported. + datasetUri: type: string - format: google-datetime - endTime: description: >- - The end of the range in `send_time` (MSH.7, - https://www.hl7.org/documentcenter/public_temp_2E58C1F9-1C23-BA17-0C6126475344DA9D/wg/conf/HL7MSH.htm) - to process. If not specified, the time when the export is scheduled - is used. This value has to come after the `start_time` defined - below. Only messages whose `send_time` lies in the range - `start_time` (inclusive) to `end_time` (exclusive) are exported. + Optional. BigQuery URI to an existing dataset, up to 2000 characters + long, in the format `bq://projectId.bqDatasetId`. + schemaConfig: + $ref: '#/components/schemas/SchemaConfig' + description: Optional. The configuration for the exported BigQuery schema. + writeDisposition: + description: >- + Optional. Determines if existing data in the destination dataset is + overwritten, appended to, or not written if the tables contain data. + If a write_disposition is specified, the `force` parameter is + ignored. + type: string + enumDescriptions: + - Default behavior is the same as WRITE_EMPTY. + - Only export data if the destination tables are empty. + - >- + Erase all existing data in the destination tables before writing + the FHIR resources. + - Append data to the destination tables. + enum: + - WRITE_DISPOSITION_UNSPECIFIED + - WRITE_EMPTY + - WRITE_TRUNCATE + - WRITE_APPEND + force: + type: boolean + description: >- + Optional. The default value is false. If this flag is `TRUE`, all + tables are deleted from the dataset before the new exported tables + are written. If the flag is not set and the destination dataset + contains tables, the export call returns an error. If + `write_disposition` is specified, this parameter is ignored. + force=false is equivalent to write_disposition=WRITE_EMPTY and + force=true is equivalent to write_disposition=WRITE_TRUNCATE. + id: GoogleCloudHealthcareV1FhirBigQueryDestination + SchemaFlattened: + type: object + id: SchemaFlattened + properties: {} + description: >- + Using this field will flatten the DICOM instances into a BigQuery table. + The table will have one column for each DICOM tag. The column name will + be the DICOM tag's textual representation. + ExplainDataAccessConsentInfo: + type: object + properties: + enforcementTime: + description: Last enforcement timestamp of this consent resource. + format: google-datetime + type: string + consentResource: + type: string + description: >- + The resource name of this consent resource, in the format: + `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}`. + patientConsentOwner: + type: string + description: >- + The patient owning the consent (only applicable for patient + consents), in the format: + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Patient/{patient_id}` + cascadeOrigins: + description: >- + The compartment base resources that matched a cascading policy. Each + resource has the following format: + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/{resource_type}/{resource_id}` + items: + type: string + type: array + variants: + description: >- + The consent's variant combinations. A single consent may have + multiple variants. + items: + enum: + - CONSENT_VARIANT_UNSPECIFIED + - CONSENT_VARIANT_STANDARD + - CONSENT_VARIANT_CASCADE + enumDescriptions: + - Consent variant unspecified. + - Consent is a standard patient or admin consent. + - Consent is a cascading consent. + type: string + type: array + type: + type: string + enumDescriptions: + - Unspecified policy type. + - Consent represent a patient consent. + - Consent represent an admin consent. + description: The policy type of consent resource (e.g. PATIENT, ADMIN). + enum: + - CONSENT_POLICY_TYPE_UNSPECIFIED + - CONSENT_POLICY_TYPE_PATIENT + - CONSENT_POLICY_TYPE_ADMIN + matchingAccessorScopes: + items: + $ref: '#/components/schemas/ConsentAccessorScope' + type: array + description: >- + A list of all the matching accessor scopes of this consent policy + that enforced ExplainDataAccessConsentScope.accessor_scope. + description: The enforcing consent's metadata. + id: ExplainDataAccessConsentInfo + GoogleCloudHealthcareV1ConsentGcsDestination: + description: The Cloud Storage location for export. + properties: + uriPrefix: + description: >- + URI for a Cloud Storage directory where the server writes result + files, in the format `gs://{bucket-id}/{path/to/destination/dir}`. + If there is no trailing slash, the service appends one when + composing the object path. The user is responsible for creating the + Cloud Storage bucket and directory referenced in `uri_prefix`. + type: string + type: object + id: GoogleCloudHealthcareV1ConsentGcsDestination + HttpBody: + properties: + contentType: + description: >- + The HTTP Content-Type header value specifying the content type of + the body. + type: string + data: + description: The HTTP request/response body as raw binary. + format: byte + type: string + extensions: + description: >- + Application specific response metadata. Must be set in the first + response for streaming APIs. + type: array + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + Message that represents an arbitrary HTTP body. It should only be used + for payload formats that can't be represented as JSON, such as raw + binary or an HTML page. This message can be used both in streaming and + non-streaming API methods in the request as well as the response. It can + be used as a top-level request field, which is convenient if one wants + to extract parameters from either the URL or HTTP template into the + request fields and also want access to the raw HTTP body. Example: + message GetResourceRequest { // A unique request id. string request_id = + 1; // The raw HTTP body is bound to this field. google.api.HttpBody + http_body = 2; } service ResourceService { rpc + GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc + UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } + Example with streaming methods: service CaldavService { rpc + GetCalendar(stream google.api.HttpBody) returns (stream + google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) + returns (stream google.api.HttpBody); } Use of this type only changes + how the request and response bodies are handled, all other features will + continue to work unchanged. + type: object + id: HttpBody + StudyMetrics: + type: object + description: StudyMetrics contains metrics describing a DICOM study. + id: StudyMetrics + properties: + study: + description: >- + The study resource path. For example, + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/dicomStores/{dicom_store_id}/dicomWeb/studies/{study_uid}`. + type: string + seriesCount: + description: Number of series in the study. + type: string + format: int64 + instanceCount: + description: Number of instances in the study. + format: int64 + type: string + structuredStorageSizeBytes: + description: Total structured storage bytes for all instances in the study. + type: string + format: int64 + blobStorageSizeBytes: + type: string + format: int64 + description: Total blob storage bytes for all instances in the study. + FhirNotificationConfig: + type: object + id: FhirNotificationConfig + description: Contains the configuration for FHIR notifications. + properties: + pubsubTopic: + type: string + description: >- + Optional. The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic + that notifications of changes are published on. Supplied by the + client. The notification is a `PubsubMessage` with the following + fields: * `PubsubMessage.Data` contains the resource name. * + `PubsubMessage.MessageId` is the ID of this notification. It is + guaranteed to be unique within the topic. * + `PubsubMessage.PublishTime` is the time when the message was + published. Note that notifications are only sent if the topic is + non-empty. [Topic + names](https://cloud.google.com/pubsub/docs/overview#names) must be + scoped to a project. The Cloud Healthcare API service account, + service-@gcp-sa-healthcare.iam.gserviceaccount.com, must have + publisher permissions on the given Pub/Sub topic. Not having + adequate permissions causes the calls that send notifications to + fail + (https://cloud.google.com/healthcare-api/docs/permissions-healthcare-api-gcp-products#dicom_fhir_and_hl7v2_store_cloud_pubsub_permissions). + If a notification can't be published to Pub/Sub, errors are logged + to Cloud Logging. For more information, see [Viewing error logs in + Cloud + Logging](https://cloud.google.com/healthcare-api/docs/how-tos/logging). + sendFullResource: + description: >- + Optional. Whether to send full FHIR resource to this Pub/Sub topic. + The default value is false. + type: boolean + sendPreviousResourceOnDelete: + description: >- + Optional. Whether to send full FHIR resource to this Pub/Sub topic + for deleting FHIR resource. The default value is false. Note that + setting this to true does not guarantee that all previous resources + will be sent in the format of full FHIR resource. When a resource + change is too large or during heavy traffic, only the resource name + will be sent. Clients should always check the "payloadType" label + from a Pub/Sub message to determine whether it needs to fetch the + full previous resource as a separate operation. + type: boolean + RedactConfig: + properties: {} + type: object + id: RedactConfig + description: >- + Define how to redact sensitive values. Default behaviour is erase. For + example, "My name is Jane." becomes "My name is ." + Hl7TypesConfig: + properties: + type: + items: + $ref: '#/components/schemas/Type' + description: The HL7v2 type definitions. + type: array + version: + type: array + items: + $ref: '#/components/schemas/VersionSource' + description: >- + The version selectors that this config applies to. A message must + match ALL version sources to apply. + description: Root config for HL7v2 datatype definitions for a specific HL7v2 version. + id: Hl7TypesConfig + type: object + ExplainDataAccessResponse: + type: object + id: ExplainDataAccessResponse + properties: + consentScopes: + description: >- + List of applicable consent scopes. Sorted in order of actor such + that scopes belonging to the same actor will be adjacent to each + other in the list. + items: + $ref: '#/components/schemas/ExplainDataAccessConsentScope' + type: array + warning: + description: >- + Warnings associated with this response. It inform user with exceeded + scope limit errors. + type: string + description: >- + List of consent scopes that are applicable to the explained access on a + given resource. + EntityMentionRelationship: + properties: + objectId: + type: string + description: object_id is the id of the object entity mention. + subjectId: + type: string + description: subject_id is the id of the subject entity mention. + confidence: + type: number + description: The model's confidence in this annotation. A number between 0 and 1. + format: double + type: object + id: EntityMentionRelationship + description: Defines directed relationship from one entity mention to another. + CheckDataAccessRequest: + description: >- + Checks if a particular data_id of a User data mapping in the given + consent store is consented for a given use. + id: CheckDataAccessRequest + type: object + properties: + responseView: + description: >- + Optional. The view for CheckDataAccessResponse. If unspecified, + defaults to `BASIC` and returns `consented` as `TRUE` or `FALSE`. + type: string + enum: + - RESPONSE_VIEW_UNSPECIFIED + - BASIC + - FULL + enumDescriptions: + - >- + No response view specified. The API will default to the BASIC + view. + - >- + Only the `consented` field is populated in + CheckDataAccessResponse. + - >- + All fields within CheckDataAccessResponse are populated. When set + to `FULL`, all `ACTIVE` Consents are evaluated even if a matching + policy is found during evaluation. + requestAttributes: + additionalProperties: + type: string + description: >- + The values of request attributes associated with this access + request. + type: object + dataId: + description: >- + Required. The unique identifier of the resource to check access for. + This identifier must correspond to a User data mapping in the given + consent store. + type: string + consentList: + $ref: '#/components/schemas/ConsentList' + description: >- + Optional. Specific Consents to evaluate the access request against. + These Consents must have the same `user_id` as the evaluated User + data mapping, must exist in the current `consent_store`, and have a + `state` of either `ACTIVE` or `DRAFT`. A maximum of 100 Consents can + be provided here. If no selection is specified, the access request + is evaluated against all `ACTIVE` unexpired Consents with the same + `user_id` as the evaluated User data mapping. + TextConfig: + id: TextConfig + type: object + properties: + transformations: + items: + $ref: '#/components/schemas/InfoTypeTransformation' + description: >- + Optional. The transformations to apply to the detected data. + Deprecated. Use `additional_transformations` instead. + type: array + additionalTransformations: + description: >- + Optional. Transformations to apply to the detected data, overridden + by `exclude_info_types`. + type: array + items: + $ref: '#/components/schemas/InfoTypeTransformation' + excludeInfoTypes: + type: array + items: + type: string + description: >- + Optional. InfoTypes to skip transforming, overriding + `additional_transformations`. + NotificationConfig: + id: NotificationConfig + description: Specifies where to send notifications upon changes to a data store. + properties: + sendForBulkImport: + type: boolean + description: >- + Indicates whether or not to send Pub/Sub notifications on bulk + import. Only supported for DICOM imports. + pubsubTopic: + type: string + description: >- + The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that + notifications of changes are published on. Supplied by the client. + PubsubMessage.Data contains the resource name. + PubsubMessage.MessageId is the ID of this message. It is guaranteed + to be unique within the topic. PubsubMessage.PublishTime is the time + at which the message was published. Notifications are only sent if + the topic is non-empty. [Topic + names](https://cloud.google.com/pubsub/docs/overview#names) must be + scoped to a project. Cloud Healthcare API service account must have + publisher permissions on the given Pub/Sub topic. Not having + adequate permissions causes the calls that send notifications to + fail. If a notification can't be published to Pub/Sub, errors are + logged to Cloud Logging (see [Viewing error logs in Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). + If the number of errors exceeds a certain rate, some aren't + submitted. Note that not all operations trigger notifications, see + [Configuring Pub/Sub + notifications](https://cloud.google.com/healthcare/docs/how-tos/pubsub) + for specific details. + type: object + GoogleCloudHealthcareV1DicomGcsSource: + properties: + uri: + type: string + description: >- + Points to a Cloud Storage URI containing file(s) with content only. + The URI must be in the following format: + `gs://{bucket_id}/{object_id}`. The URI can include wildcards in + `object_id` and thus identify multiple files. Supported wildcards: * + '*' to match 0 or more non-separator characters * '**' to match 0 or + more characters (including separators). Must be used at the end of a + path and with no other wildcards in the path. Can also be used with + a file extension (such as .dcm), which imports all files with the + extension in the specified directory and its sub-directories. For + example, `gs://my-bucket/my-directory/**.dcm` imports all files with + .dcm extensions in `my-directory/` and its sub-directories. * '?' to + match 1 character. All other URI formats are invalid. Files matching + the wildcard are expected to contain content only, no metadata. + description: Specifies the configuration for importing data from Cloud Storage. + id: GoogleCloudHealthcareV1DicomGcsSource + type: object + CharacterMaskConfig: + id: CharacterMaskConfig + properties: + maskingCharacter: + description: >- + Optional. Character to mask the sensitive values. If not supplied, + defaults to "*". + type: string + type: object + description: Mask a string by replacing its characters with a fixed character. + DicomFilterConfig: + properties: + resourcePathsGcsUri: + description: >- + The Cloud Storage location of the filter configuration file. The + `gcs_uri` must be in the format `gs://bucket/path/to/object`. The + filter configuration file must contain a list of resource paths + separated by newline characters (\n or \r\n). Each resource path + must be in the format + "/studies/{studyUID}[/series/{seriesUID}[/instances/{instanceUID}]]" + The Cloud Healthcare API service account must have the + `roles/storage.objectViewer` Cloud IAM role for this Cloud Storage + location. + type: string + type: object + id: DicomFilterConfig + description: Specifies the filter configuration for DICOM resources. + ApplyConsentsRequest: + description: Request to apply the Consent resources for the specified FHIR store. + type: object + properties: + patientScope: + $ref: '#/components/schemas/PatientScope' + description: Optional. Scope down to a list of patients. + validateOnly: + description: >- + Optional. If true, the method only validates Consent resources to + make sure they are supported. When the operation completes, + ApplyConsentsResponse is returned where `consent_apply_success` and + `consent_apply_failure` indicate supported and unsupported (or + invalid) Consent resources, respectively. Otherwise, the method + propagates the aggregate consensual information to the patient's + resources. Upon success, `affected_resources` in the + ApplyConsentsResponse indicates the number of resources that may + have consensual access changed. + type: boolean + timeRange: + description: >- + Optional. Scope down to patients whose most recent consent changes + are in the time range. Can only be used with a versioning store + (i.e. when disable_resource_versioning is set to false). + $ref: '#/components/schemas/TimeRange' + id: ApplyConsentsRequest + OperationMetadata: + description: >- + OperationMetadata provides information about the operation execution. + Returned in the long-running operation's metadata field. + type: object + properties: + cancelRequested: + description: Specifies if cancellation was requested for the operation. + type: boolean + logsUrl: + description: >- + A link to audit and error logs in the log viewer. Error logs are + generated only by some operations, listed at [Viewing error logs in + Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging). + type: string + apiMethodName: + description: The name of the API method that initiated the operation. + type: string + endTime: + format: google-datetime + description: The time at which execution was completed. + type: string + counter: + $ref: '#/components/schemas/ProgressCounter' + createTime: + type: string + format: google-datetime + description: The time at which the operation was created by the API. + id: OperationMetadata + ApplyAdminConsentsRequest: + type: object + description: >- + Request to apply the admin Consent resources for the specified FHIR + store. + properties: + newConsentsList: + description: >- + A new list of admin Consent resources to be applied. Any existing + enforced Consents, which are specified in + `consent_config.enforced_admin_consents` of the FhirStore, that are + not part of this list will be disabled. An empty list is equivalent + to clearing or disabling all Consents enforced on the FHIR store. + When a FHIR store has `disable_resource_versioning=true` and this + list contains a Consent resource that exists in + `consent_config.enforced_admin_consents`, the method enforces any + updates to the existing resource since the last enforcement. If the + existing resource hasn't been updated since the last enforcement, + the resource is unaffected. After the method finishes, the resulting + consent enforcement model is determined by the contents of the + Consent resource(s) when the method was called: * When + `disable_resource_versioning=true`, the result is identical to the + current resource(s) in the FHIR store. * When + `disable_resource_versioning=false`, the result is based on the + historical version(s) of the Consent resource(s) at the point in + time when the method was called. At most 200 Consents can be + specified. + $ref: '#/components/schemas/AdminConsents' + validateOnly: + description: >- + Optional. If true, the method only validates Consent resources to + make sure they are supported. Otherwise, the method applies the + aggregate consent information to update the enforcement model and + reindex the FHIR resources. If all Consent resources can be applied + successfully, the ApplyAdminConsentsResponse is returned containing + the following fields: * `consent_apply_success` to indicate the + number of Consent resources applied. * `affected_resources` to + indicate the number of resources that might have had their consent + access changed. If, however, one or more Consent resources are + unsupported or cannot be applied, the method fails and + ApplyAdminConsentsErrorDetail is is returned with details about the + unsupported Consent resources. + type: boolean + id: ApplyAdminConsentsRequest + ImportDicomDataRequest: + properties: + blobStorageSettings: + description: >- + Optional. The blob storage settings for the data imported by this + operation. + $ref: '#/components/schemas/BlobStorageSettings' + gcsSource: + description: >- + Cloud Storage source data location and import configuration. The + Cloud Healthcare Service Agent requires the + `roles/storage.objectViewer` Cloud IAM roles on the Cloud Storage + location. + $ref: '#/components/schemas/GoogleCloudHealthcareV1DicomGcsSource' + description: >- + Imports data into the specified DICOM store. Returns an error if any of + the files to import are not DICOM files. This API accepts duplicate + DICOM instances by ignoring the newly-pushed instance. It does not + overwrite. + id: ImportDicomDataRequest + type: object + EncryptionSpec: + properties: + kmsKeyName: + description: >- + Required. The resource name of customer-managed encryption key that + is used to secure a resource and its sub-resources. Only the key in + the same location as this Dataset is allowed to be used for + encryption. Format is: + `projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{key}` + type: string + type: object + description: >- + Represents a customer-managed encryption key spec that can be applied to + a resource. + id: EncryptionSpec + Hl7V2StoreMetric: + id: Hl7V2StoreMetric + properties: + structuredStorageSizeBytes: + type: string + description: >- + The total amount of structured storage used by HL7v2 messages of + this message type in the store. + format: int64 + count: + format: int64 + type: string + description: >- + The total count of HL7v2 messages in the store for the given message + type. + messageType: + description: >- + The Hl7v2 message type this metric applies to, such as `ADT` or + `ORU`. + type: string + description: Count of messages and total storage size by type for a given HL7 store. + type: object + ExportResourcesResponse: + type: object + properties: {} + id: ExportResourcesResponse + description: >- + Response when all resources export successfully. This structure is + included in the response to describe the detailed outcome after the + operation finishes successfully. + AuditLogConfig: + properties: + logType: + type: string + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + description: The log type that this config enables. + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + exemptedMembers: + description: >- + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + items: + type: string + type: array + type: object + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + id: AuditLogConfig + ListDicomStoresResponse: + type: object + properties: + dicomStores: + type: array + items: + $ref: '#/components/schemas/DicomStore' + description: >- + The returned DICOM stores. Won't be more DICOM stores than the value + of page_size in the request. + nextPageToken: + description: >- + Token to retrieve the next page of results or empty if there are no + more results in the list. type: string - format: google-datetime - filter: + id: ListDicomStoresResponse + description: Lists the DICOM stores in the given dataset. + SeriesMetrics: + description: SeriesMetrics contains metrics describing a DICOM series. + id: SeriesMetrics + type: object + properties: + structuredStorageSizeBytes: + type: string + description: Total structured storage bytes for all instances in the series. + format: int64 + series: description: >- - Restricts messages exported to those matching a filter, only - applicable to PubsubDestination and GcsDestination. The following - syntax is available: * A string field value can be written as text - inside quotation marks, for example `"query text"`. The only valid - relational operation for text fields is equality (`=`), where text - is searched within the field, rather than having the field be equal - to the text. For example, `"Comment = great"` returns messages with - `great` in the comment field. * A number field value can be written - as an integer, a decimal, or an exponential. The valid relational - operators for number fields are the equality operator (`=`), along - with the less than/greater than operators (`<`, `<=`, `>`, `>=`). - Note that there is no inequality (`!=`) operator. You can prepend - the `NOT` operator to an expression to negate it. * A date field - value must be written in the `yyyy-mm-dd` format. Fields with date - and time use the RFC3339 time format. Leading zeros are required for - one-digit months and days. The valid relational operators for date - fields are the equality operator (`=`) , along with the less - than/greater than operators (`<`, `<=`, `>`, `>=`). Note that there - is no inequality (`!=`) operator. You can prepend the `NOT` operator - to an expression to negate it. * Multiple field query expressions - can be combined in one query by adding `AND` or `OR` operators - between the expressions. If a boolean operator appears within a - quoted string, it is not treated as special, and is just another - part of the character string to be matched. You can prepend the - `NOT` operator to an expression to negate it. The following fields - and functions are available for filtering: * `message_type`, from - the MSH-9.1 field. For example, `NOT message_type = "ADT"`. * - `send_date` or `sendDate`, the `yyyy-mm-dd` date the message was - sent in the dataset's time_zone, from the MSH-7 segment. For - example, `send_date < "2017-01-02"`. * `send_time`, the timestamp - when the message was sent, using the RFC3339 time format for - comparisons, from the MSH-7 segment. For example, `send_time < - "2017-01-02T00:00:00-05:00"`. * `create_time`, the timestamp when - the message was created in the HL7v2 store. Use the RFC3339 time - format for comparisons. For example, `create_time < - "2017-01-02T00:00:00-05:00"`. * `send_facility`, the care center - that the message came from, from the MSH-4 segment. For example, - `send_facility = "ABC"`. Note: The filter will be applied to every - message in the HL7v2 store whose `send_time` lies in the range - defined by the `start_time` and the `end_time`. Even if the filter - only matches a small set of messages, the export operation can still - take a long time to finish when a lot of messages are between the - specified `start_time` and `end_time` range. + The series resource path. For example, + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/dicomStores/{dicom_store_id}/dicomWeb/studies/{study_uid}/series/{series_uid}`. type: string - gcsDestination: - description: Export to a Cloud Storage destination. - $ref: '#/components/schemas/GcsDestination' - pubsubDestination: - description: Export messages to a Pub/Sub topic. - $ref: '#/components/schemas/PubsubDestination' + instanceCount: + description: Number of instances in the series. + format: int64 + type: string + blobStorageSizeBytes: + format: int64 + type: string + description: Total blob storage bytes for all instances in the series. + TimePartitioning: + description: Configuration for FHIR BigQuery time-partitioned tables. + id: TimePartitioning + type: object + properties: + expirationMs: + format: int64 + description: >- + Number of milliseconds for which to keep the storage for a + partition. + type: string + type: + description: Type of partitioning. + enumDescriptions: + - Default unknown time. + - Data partitioned by hour. + - Data partitioned by day. + - Data partitioned by month. + - Data partitioned by year. + enum: + - PARTITION_TYPE_UNSPECIFIED + - HOUR + - DAY + - MONTH + - YEAR + type: string + RevokeConsentRequest: + properties: + consentArtifact: + description: >- + Optional. The resource name of the Consent artifact that contains + proof of the user's revocation of the Consent, of the form + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consentArtifacts/{consent_artifact_id}`. + type: string + id: RevokeConsentRequest + description: >- + Revokes the latest revision of the specified Consent by committing a new + revision with `state` updated to `REVOKED`. If the latest revision of + the given Consent is in the `REVOKED` state, no new revision is + committed. + type: object + SchemaSegment: + properties: + type: + type: string + description: The Segment type. For example, "PID". + minOccurs: + format: int32 + type: integer + description: >- + The minimum number of times this segment can be present in this + group. + maxOccurs: + description: >- + The maximum number of times this segment can be present in this + group. 0 or -1 means unbounded. + format: int32 + type: integer + type: object + description: An HL7v2 Segment. + id: SchemaSegment + ImportResourcesRequest: + id: ImportResourcesRequest + properties: + gcsSource: + $ref: '#/components/schemas/GoogleCloudHealthcareV1FhirGcsSource' + description: >- + Cloud Storage source data location and import configuration. The + Healthcare Service Agent account requires the + `roles/storage.objectAdmin` role on the Cloud Storage location. Each + Cloud Storage object should be a text file that contains the format + specified in ContentStructure. + contentStructure: + description: >- + The content structure in the source location. If not specified, the + server treats the input source files as BUNDLE. + enumDescriptions: + - >- + If the content structure is not specified, the default value + `BUNDLE` is used. + - >- + The source file contains one or more lines of newline-delimited + JSON (ndjson). Each line is a bundle that contains one or more + resources. + - >- + The source file contains one or more lines of newline-delimited + JSON (ndjson). Each line is a single resource. + - >- + The entire file is one JSON bundle. The JSON can span multiple + lines. + - >- + The entire file is one JSON resource. The JSON can span multiple + lines. + enum: + - CONTENT_STRUCTURE_UNSPECIFIED + - BUNDLE + - RESOURCE + - BUNDLE_PRETTY + - RESOURCE_PRETTY + type: string + description: Request to import resources. + type: object GcsDestination: - id: GcsDestination description: >- The Cloud Storage output destination. The Cloud Healthcare Service Agent requires the `roles/storage.objectAdmin` Cloud IAM roles on the Cloud Storage location. + id: GcsDestination + properties: + contentStructure: + description: The format of the exported HL7v2 message files. + enum: + - CONTENT_STRUCTURE_UNSPECIFIED + - MESSAGE_JSON + enumDescriptions: + - >- + If the content structure is not specified, the default value + `MESSAGE_JSON` will be used. + - >- + Messages are printed using the JSON format returned from the + `GetMessage` API. Messages are delimited with newlines. + type: string + messageView: + description: >- + Specifies the parts of the Message resource to include in the + export. If not specified, FULL is used. + enum: + - MESSAGE_VIEW_UNSPECIFIED + - RAW_ONLY + - PARSED_ONLY + - FULL + - SCHEMATIZED_ONLY + - BASIC + enumDescriptions: + - Not specified, equivalent to FULL. + - >- + Server responses include all the message fields except parsed_data + field, and schematized_data fields. + - >- + Server responses include all the message fields except data field, + and schematized_data fields. + - Server responses include all the message fields. + - >- + Server responses include all the message fields except data and + parsed_data fields. + - Server responses include only the name field. + type: string + uriPrefix: + description: >- + URI of an existing Cloud Storage directory where the server writes + result files, in the format + `gs://{bucket-id}/{path/to/destination/dir}`. If there is no + trailing slash, the service appends one when composing the object + path. + type: string + type: object + FieldMetadata: + description: >- + Specifies FHIR paths to match, and how to handle de-identification of + matching fields. + properties: + action: + enum: + - ACTION_UNSPECIFIED + - TRANSFORM + - INSPECT_AND_TRANSFORM + - DO_NOT_TRANSFORM + description: Optional. Deidentify action for one field. + type: string + enumDescriptions: + - No action specified. Defaults to DO_NOT_TRANSFORM. + - Transform the entire field. + - Inspect and transform any found PHI. + - Do not transform. + paths: + type: array + items: + type: string + description: >- + Optional. List of paths to FHIR fields to be redacted. Each path is + a period-separated list where each component is either a field name + or FHIR type name, for example: Patient, HumanName. For "choice" + types (those defined in the FHIR spec with the form: field[x]) we + use two separate components. For example, "deceasedAge.unit" is + matched by "Deceased.Age.unit". Supported types are: + AdministrativeGenderCode, Base64Binary, Boolean, Code, Date, + DateTime, Decimal, HumanName, Id, Instant, Integer, LanguageCode, + Markdown, Oid, PositiveInt, String, UnsignedInt, Uri, Uuid, Xhtml. + id: FieldMetadata + type: object + GoogleCloudHealthcareV1FhirGcsDestination: + id: GoogleCloudHealthcareV1FhirGcsDestination type: object + description: The configuration for exporting to Cloud Storage. properties: uriPrefix: description: >- - URI of an existing Cloud Storage directory where the server writes - result files, in the format + URI for a Cloud Storage directory where result files should be + written, in the format of `gs://{bucket-id}/{path/to/destination/dir}`. If there is no trailing slash, the service appends one when composing the object - path. + path. The user is responsible for creating the Cloud Storage bucket + referenced in `uri_prefix`. type: string - messageView: - description: >- - Specifies the parts of the Message resource to include in the - export. If not specified, FULL is used. + DeidentifyDicomStoreRequest: + properties: + gcsConfigUri: type: string - enumDescriptions: - - Not specified, equivalent to FULL. - - >- - Server responses include all the message fields except parsed_data - field, and schematized_data fields. - - >- - Server responses include all the message fields except data field, - and schematized_data fields. - - Server responses include all the message fields. - - >- - Server responses include all the message fields except data and - parsed_data fields. - - Server responses include only the name field. - enum: - - MESSAGE_VIEW_UNSPECIFIED - - RAW_ONLY - - PARSED_ONLY - - FULL - - SCHEMATIZED_ONLY - - BASIC - contentStructure: - description: The format of the exported HL7v2 message files. + description: >- + Cloud Storage location to read the JSON + cloud.healthcare.deidentify.DeidentifyConfig from, overriding the + default config. Must be of the form + `gs://{bucket_id}/path/to/object`. The Cloud Storage location must + grant the Cloud IAM role `roles/storage.objectViewer` to the + project's Cloud Healthcare Service Agent service account. Only one + of `config` and `gcs_config_uri` can be specified. + destinationStore: type: string - enumDescriptions: - - >- - If the content structure is not specified, the default value - `MESSAGE_JSON` will be used. - - >- - Messages are printed using the JSON format returned from the - `GetMessage` API. Messages are delimited with newlines. - enum: - - CONTENT_STRUCTURE_UNSPECIFIED - - MESSAGE_JSON - PubsubDestination: - id: PubsubDestination - description: >- - The Pub/Sub output destination. The Cloud Healthcare Service Agent - requires the `roles/pubsub.publisher` Cloud IAM role on the Pub/Sub - topic. + description: >- + Required. The name of the DICOM store to create and write the + redacted data to. For example, + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/dicomStores/{dicom_store_id}`. + * The destination dataset must exist. * The source dataset and + destination dataset must both reside in the same location. + De-identifying data across multiple locations is not supported. * + The destination DICOM store must not exist. * The caller must have + the necessary permissions to create the destination DICOM store. + filterConfig: + description: Filter configuration. + $ref: '#/components/schemas/DicomFilterConfig' + config: + $ref: '#/components/schemas/DeidentifyConfig' + description: >- + Deidentify configuration. Only one of `config` and `gcs_config_uri` + can be specified. + description: Creates a new DICOM store with sensitive information de-identified. + id: DeidentifyDicomStoreRequest + type: object + AuditConfig: type: object + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + id: AuditConfig properties: - pubsubTopic: + service: description: >- - The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that - Pub/Sub messages are published on. Supplied by the client. The - `PubsubMessage` contains the following fields: * - `PubsubMessage.Data` contains the resource name. * - `PubsubMessage.MessageId` is the ID of this notification. It is - guaranteed to be unique within the topic. * - `PubsubMessage.PublishTime` is the time when the message was - published. [Topic - names](https://cloud.google.com/pubsub/docs/overview#names) must be - scoped to a project. The Cloud Healthcare API service account, - service-PROJECT_NUMBER@gcp-sa-healthcare.iam.gserviceaccount.com, - must have publisher permissions on the given Pub/Sub topic. Not - having adequate permissions causes the calls that send notifications - to fail. + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. type: string - ImportMessagesRequest: - id: ImportMessagesRequest - description: Request to import messages. + auditLogConfigs: + items: + $ref: '#/components/schemas/AuditLogConfig' + type: array + description: The configuration for logging of each type of permission. + GoogleCloudHealthcareV1DeidentifyDeidentifyDicomStoreSummary: type: object - properties: - gcsSource: - description: >- - Cloud Storage source data location and import configuration. The - Cloud Healthcare Service Agent requires the - `roles/storage.objectViewer` Cloud IAM roles on the Cloud Storage - location. - $ref: '#/components/schemas/GcsSource' - GcsSource: - id: GcsSource - description: Specifies the configuration for importing data from Cloud Storage. + id: GoogleCloudHealthcareV1DeidentifyDeidentifyDicomStoreSummary + properties: {} + description: Contains a summary of the DeidentifyDicomStore operation. + SetBlobStorageSettingsResponse: + description: >- + Returns additional info in regards to a completed set blob storage + settings API. + id: SetBlobStorageSettingsResponse + type: object + properties: {} + ImportDicomDataResponse: + description: >- + Returns additional information in regards to a completed DICOM store + import. + properties: {} + type: object + id: ImportDicomDataResponse + UserDataMapping: type: object + id: UserDataMapping + description: Maps a resource to the associated user and Attributes. properties: - uri: + resourceAttributes: description: >- - Points to a Cloud Storage URI containing file(s) to import. The URI - must be in the following format: `gs://{bucket_id}/{object_id}`. The - URI can include wildcards in `object_id` and thus identify multiple - files. Supported wildcards: * `*` to match 0 or more non-separator - characters * `**` to match 0 or more characters (including - separators). Must be used at the end of a path and with no other - wildcards in the path. Can also be used with a file extension (such - as .ndjson), which imports all files with the extension in the - specified directory and its sub-directories. For example, - `gs://my-bucket/my-directory/**.ndjson` imports all files with - `.ndjson` extensions in `my-directory/` and its sub-directories. * - `?` to match 1 character Files matching the wildcard are expected to - contain content only, no metadata. + Attributes of the resource. Only explicitly set attributes are + displayed here. Attribute definitions with defaults set implicitly + apply to these User data mappings. Attributes listed here must be + single valued, that is, exactly one value is specified for the field + "values" in each Attribute. + items: + $ref: '#/components/schemas/Attribute' + type: array + name: + description: >- + Resource name of the User data mapping, of the form + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/userDataMappings/{user_data_mapping_id}`. type: string - Hl7V2StoreMetrics: - id: Hl7V2StoreMetrics - description: List of metrics for a given HL7v2 store. + dataId: + type: string + description: Required. A unique identifier for the mapped resource. + userId: + type: string + description: Required. User's UUID provided by the client. + archiveTime: + format: google-datetime + readOnly: true + type: string + description: Output only. Indicates the time when this mapping was archived. + archived: + description: Output only. Indicates whether this mapping is archived. + type: boolean + readOnly: true + ListLocationsResponse: type: object + id: ListLocationsResponse properties: - name: + locations: description: >- - The resource name of the HL7v2 store to get metrics for, in the - format - `projects/{project_id}/datasets/{dataset_id}/hl7V2Stores/{hl7v2_store_id}`. - type: string - metrics: - description: List of HL7v2 store metrics by message type. + A list of locations that matches the specified filter in the + request. type: array items: - $ref: '#/components/schemas/Hl7V2StoreMetric' - Hl7V2StoreMetric: - id: Hl7V2StoreMetric - description: Count of messages and total storage size by type for a given HL7 store. + $ref: '#/components/schemas/Location' + nextPageToken: + description: The standard List next-page token. + type: string + description: The response message for Locations.ListLocations. + ArchiveUserDataMappingRequest: + description: Archives the specified User data mapping. + type: object + properties: {} + id: ArchiveUserDataMappingRequest + FhirConfig: type: object + description: Specifies how to handle de-identification of a FHIR store. + properties: + defaultKeepExtensions: + type: boolean + description: >- + Optional. The behaviour for handling FHIR extensions that aren't + otherwise specified for de-identification. If true, all extensions + are preserved during de-identification by default. If false or + unspecified, all extensions are removed during de-identification by + default. + fieldMetadataList: + items: + $ref: '#/components/schemas/FieldMetadata' + type: array + description: >- + Optional. Specifies FHIR paths to match and how to transform them. + Any field that is not matched by a FieldMetadata is passed through + to the output dataset unmodified. All extensions will be processed + according to `default_keep_extensions`. + id: FhirConfig + ConsentAccessorScope: properties: - messageType: + purpose: description: >- - The Hl7v2 message type this metric applies to, such as `ADT` or - `ORU`. + The intent of data use. If it's not specified, it applies to all + purposes. type: string - count: - description: >- - The total count of HL7v2 messages in the store for the given message - type. + environment: type: string - format: int64 - structuredStorageSizeBytes: description: >- - The total amount of structured storage used by HL7v2 messages of - this message type in the store. + An abstract identifier that describes the environment or conditions + under which the accessor is acting. If it's not specified, it + applies to all environments. + actor: type: string - format: int64 + description: >- + An individual, group, or access role that identifies the accessor or + a characteristic of the accessor. This can be a resource ID (such as + `{resourceType}/{id}`) or an external URI. This value must be + present. + id: ConsentAccessorScope + description: >- + The accessor scope that describes who can access, for what purpose, in + which environment. + type: object RollbackHl7V2MessagesRequest: id: RollbackHl7V2MessagesRequest description: Point in time recovery rollback request. @@ -3228,15 +3467,16 @@ components: description: Required. Times point to rollback to. type: string format: google-datetime - force: - description: >- - Optional. When enabled, changes will be reverted without explicit - confirmation. - type: boolean changeType: description: >- Optional. CREATE/UPDATE/DELETE/ALL for reverting all txns of a certain type. + enum: + - CHANGE_TYPE_UNSPECIFIED + - ALL + - CREATE + - UPDATE + - DELETE type: string enumDescriptions: - When unspecified, revert all transactions @@ -3244,576 +3484,364 @@ components: - Revert only CREATE transactions - Revert only Update transactions - Revert only Delete transactions - enum: - - CHANGE_TYPE_UNSPECIFIED - - ALL - - CREATE - - UPDATE - - DELETE + excludeRollbacks: + type: boolean + description: Optional. Specifies whether to exclude earlier rollbacks. resultGcsBucket: - description: Required. Bucket to deposit result type: string + description: Required. Bucket to deposit result inputGcsObject: + type: string description: >- Optional. Cloud storage object containing list of {resourceId} lines, identifying resources to be reverted - type: string - excludeRollbacks: - description: Optional. Specifies whether to exclude earlier rollbacks. + force: + description: >- + Optional. When enabled, changes will be reverted without explicit + confirmation. type: boolean filteringFields: - description: Optional. Parameters for filtering. $ref: '#/components/schemas/RollbackHL7MessagesFilteringFields' - RollbackHL7MessagesFilteringFields: - id: RollbackHL7MessagesFilteringFields - description: >- - Filtering fields for an HL7v2 rollback. Currently only supports a list - of operation ids to roll back. - type: object - properties: - operationIds: - description: Optional. A list of operation IDs to roll back. - type: array - items: - type: string - format: uint64 - SearchResourcesRequest: - id: SearchResourcesRequest - description: Request to search the resources in the specified FHIR store. - type: object + description: Optional. Parameters for filtering. + PatientId: + id: PatientId properties: - resourceType: - description: >- - Optional. The FHIR resource type to search, such as Patient or - Observation. For a complete list, see the FHIR Resource Index - ([DSTU2](https://hl7.org/fhir/DSTU2/resourcelist.html), - [STU3](https://hl7.org/fhir/STU3/resourcelist.html), - [R4](https://hl7.org/fhir/R4/resourcelist.html)), - [R5](https://hl7.org/fhir/R5/resourcelist.html)). + value: type: string - FhirStore: - id: FhirStore - description: Represents a FHIR store. + description: The patient's unique identifier. + type: + type: string + description: ID type. For example, MRN or NHS. + type: object + description: A patient identifier and associated type. + TestIamPermissionsRequest: + id: TestIamPermissionsRequest type: object properties: - name: - description: >- - Output only. Identifier. Resource name of the FHIR store, of the - form - `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`. - type: string - enableUpdateCreate: - description: >- - Optional. Whether this FHIR store has the [updateCreate - capability](https://www.hl7.org/fhir/capabilitystatement-definitions.html#CapabilityStatement.rest.resource.updateCreate). - This determines if the client can use an Update operation to create - a new resource with a client-specified ID. If false, all IDs are - server-assigned through the Create operation and attempts to update - a non-existent resource return errors. It is strongly advised not to - include or encode any sensitive data such as patient identifiers in - client-specified resource IDs. Those IDs are part of the FHIR - resource path recorded in Cloud audit logs and Pub/Sub - notifications. Those IDs can also be contained in reference fields - within other resources. Defaults to false. - type: boolean - notificationConfig: - description: >- - Deprecated. Use `notification_configs` instead. If non-empty, - publish all resource modifications of this FHIR store to this - destination. The Pub/Sub message attributes contain a map with a - string describing the action that has triggered the notification. - For example, "action":"CreateResource". Not supported in R5. Use - `notification_configs` instead. - deprecated: true - $ref: '#/components/schemas/NotificationConfig' - disableReferentialIntegrity: - description: >- - Immutable. Whether to disable referential integrity in this FHIR - store. This field is immutable after FHIR store creation. The - default value is false, meaning that the API enforces referential - integrity and fails the requests that result in inconsistent state - in the FHIR store. When this field is set to true, the API skips - referential integrity checks. Consequently, operations that rely on - references, such as GetPatientEverything, do not return all the - results if broken references exist. - type: boolean - disableResourceVersioning: - description: >- - Immutable. Whether to disable resource versioning for this FHIR - store. This field can not be changed after the creation of FHIR - store. If set to false, all write operations cause historical - versions to be recorded automatically. The historical versions can - be fetched through the history APIs, but cannot be updated. If set - to true, no historical versions are kept. The server sends errors - for attempts to read the historical versions. Defaults to false. - type: boolean - labels: - description: >- - User-supplied key-value pairs used to organize FHIR stores. Label - keys must be between 1 and 63 characters long, have a UTF-8 encoding - of maximum 128 bytes, and must conform to the following PCRE regular - expression: \p{Ll}\p{Lo}{0,62} Label values are optional, must be - between 1 and 63 characters long, have a UTF-8 encoding of maximum - 128 bytes, and must conform to the following PCRE regular - expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can - be associated with a given store. - type: object - additionalProperties: - type: string - version: - description: >- - Required. Immutable. The FHIR specification version that this FHIR - store supports natively. This field is immutable after store - creation. Requests are rejected if they contain FHIR resources of a - different version. Version is required for every FHIR store. - type: string - enumDescriptions: - - >- - Users must specify a version on store creation or an error is - returned. - - >- - Draft Standard for Trial Use, [Release - 2](https://www.hl7.org/fhir/DSTU2) - - Standard for Trial Use, [Release 3](https://www.hl7.org/fhir/STU3) - - '[Release 4](https://www.hl7.org/fhir/R4)' - - '[Release 5](https://www.hl7.org/fhir/R5)' - enum: - - VERSION_UNSPECIFIED - - DSTU2 - - STU3 - - R4 - - R5 - streamConfigs: - description: >- - Optional. A list of streaming configs that configure the - destinations of streaming export for every resource mutation in this - FHIR store. Each store is allowed to have up to 10 streaming - configs. After a new config is added, the next resource mutation is - streamed to the new location in addition to the existing ones. When - a location is removed from the list, the server stops streaming to - that location. Before adding a new config, you must add the required - [`bigquery.dataEditor`](https://cloud.google.com/bigquery/docs/access-control#bigquery.dataEditor) - role to your project's **Cloud Healthcare Service Agent** [service - account](https://cloud.google.com/iam/docs/service-accounts). Some - lag (typically on the order of dozens of seconds) is expected before - the results show up in the streaming destination. - type: array - items: - $ref: '#/components/schemas/StreamConfig' - validationConfig: - description: >- - Optional. Configuration for how to validate incoming FHIR resources - against configured profiles. - $ref: '#/components/schemas/ValidationConfig' - defaultSearchHandlingStrict: - description: >- - Optional. If true, overrides the default search behavior for this - FHIR store to `handling=strict` which returns an error for - unrecognized search parameters. If false, uses the FHIR - specification default `handling=lenient` which ignores unrecognized - search parameters. The handling can always be changed from the - default on an individual API call by setting the HTTP header - `Prefer: handling=strict` or `Prefer: handling=lenient`. Defaults to - false. - type: boolean - complexDataTypeReferenceParsing: - description: >- - Optional. Enable parsing of references within complex FHIR data - types such as Extensions. If this value is set to ENABLED, then - features like referential integrity and Bundle reference rewriting - apply to all references. If this flag has not been specified the - behavior of the FHIR store will not change, references in complex - data types will not be parsed. New stores will have this value set - to ENABLED after a notification period. Warning: turning on this - flag causes processing existing resources to fail if they contain - references to non-existent resources. Cannot be disabled in R5. - type: string - enumDescriptions: - - >- - No parsing behavior specified. This is the same as DISABLED for - backwards compatibility. - - References in complex data types are ignored. - - References in complex data types are parsed. - enum: - - COMPLEX_DATA_TYPE_REFERENCE_PARSING_UNSPECIFIED - - DISABLED - - ENABLED - notificationConfigs: - description: >- - Optional. Specifies where and whether to send notifications upon - changes to a FHIR store. - type: array + permissions: items: - $ref: '#/components/schemas/FhirNotificationConfig' - bulkExportGcsDestination: - description: >- - Optional. FHIR bulk export exports resources to the specified Cloud - Storage destination. A Cloud Storage destination is a URI for a - Cloud Storage directory where result files will be written. Only - used in the spec-defined bulk $export methods. The Cloud Healthcare - Service Agent requires the `roles/storage.objectAdmin` Cloud IAM - role on the destination. - $ref: '#/components/schemas/BulkExportGcsDestination' - consentConfig: + type: string description: >- - Optional. Specifies whether this store has consent enforcement. Not - available for DSTU2 FHIR version due to absence of Consent - resources. Not supported for R5 FHIR version. - $ref: '#/components/schemas/ConsentConfig' - StreamConfig: - id: StreamConfig - description: Contains configuration for streaming FHIR export. + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + type: array + description: Request message for `TestIamPermissions` method. + AttributeDefinition: + description: A client-defined consent attribute. + id: AttributeDefinition type: object properties: - resourceTypes: + name: description: >- - Optional. Supply a FHIR resource type (such as "Patient" or - "Observation"). See - https://www.hl7.org/fhir/valueset-resource-types.html for a list of - all FHIR resource types. The server treats an empty list as an - intent to stream all the supported resource types in this FHIR - store. + Identifier. Resource name of the Attribute definition, of the form + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/attributeDefinitions/{attribute_definition_id}`. + Cannot be changed after creation. + type: string + dataMappingDefaultValue: + type: string + description: >- + Optional. Default value of the attribute in User data mappings. If + no default value is specified, it defaults to an empty value. This + field is only applicable to attributes of the category `RESOURCE`. + allowedValues: type: array + description: >- + Required. Possible values for the attribute. The number of allowed + values must not exceed 500. An empty list is invalid. The list can + only be expanded after creation. items: type: string - bigqueryDestination: + consentDefaultValues: + type: array description: >- - Optional. The destination BigQuery structure that contains both the - dataset location and corresponding schema config. The output is - organized in one table per resource type. The server reuses the - existing tables (if any) that are named after the resource types. - For example, "Patient", "Observation". When there is no existing - table for a given resource type, the server attempts to create one. - When a table schema doesn't align with the schema config, either - because of existing incompatible schema or out of band incompatible - modification, the server does not stream in new data. BigQuery - imposes a 1 MB limit on streaming insert row size, therefore any - resource mutation that generates more than 1 MB of BigQuery data is - not streamed. One resolution in this case is to delete the - incompatible table and let the server recreate one, though the newly - created table only contains data after the table recreation. Results - are written to BigQuery tables according to the parameters in - BigQueryDestination.WriteDisposition. Different versions of the same - resource are distinguishable by the meta.versionId and - meta.lastUpdated columns. The operation (CREATE/UPDATE/DELETE) that - results in the new version is recorded in the meta.tag. The tables - contain all historical resource versions since streaming was - enabled. For query convenience, the server also creates one view per - table of the same name containing only the current resource version. - The streamed data in the BigQuery dataset is not guaranteed to be - completely unique. The combination of the id and meta.versionId - columns should ideally identify a single unique row. But in rare - cases, duplicates may exist. At query time, users may use the SQL - select statement to keep only one of the duplicate rows given an id - and meta.versionId pair. Alternatively, the server created view - mentioned above also filters out duplicates. If a resource mutation - cannot be streamed to BigQuery, errors are logged to Cloud Logging. - For more information, see [Viewing error logs in Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). - $ref: '#/components/schemas/GoogleCloudHealthcareV1FhirBigQueryDestination' - deidentifiedStoreDestination: + Optional. Default values of the attribute in Consents. If no default + values are specified, it defaults to an empty value. + items: + type: string + description: + type: string + description: Optional. A description of the attribute. + category: + enum: + - CATEGORY_UNSPECIFIED + - RESOURCE + - REQUEST + enumDescriptions: + - No category specified. This option is invalid. + - >- + Specify this category when this attribute describes the properties + of resources. For example, data anonymity or data type. + - >- + Specify this category when this attribute describes the properties + of requests. For example, requester's role or requester's + organization. description: >- - The destination FHIR store for de-identified resources. After this - field is added, all subsequent creates/updates/patches to the source - store will be de-identified using the provided configuration and - applied to the destination store. Resources deleted from the source - store will be deleted from the destination store. Importing - resources to the source store will not trigger the streaming. If the - source store already contains resources when this option is enabled, - those resources will not be copied to the destination store unless - they are subsequently updated. This may result in invalid references - in the destination store. Before adding this config, you must grant - the healthcare.fhirResources.update permission on the destination - store to your project's **Cloud Healthcare Service Agent** [service - account](https://cloud.google.com/healthcare/docs/how-tos/permissions-healthcare-api-gcp-products#the_cloud_healthcare_service_agent). - The destination store must set enable_update_create to true. The - destination store must have disable_referential_integrity set to - true. If a resource cannot be de-identified, errors will be logged - to Cloud Logging (see [Viewing error logs in Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). - Not supported for R5 stores. - $ref: '#/components/schemas/DeidentifiedStoreDestination' - GoogleCloudHealthcareV1FhirBigQueryDestination: - id: GoogleCloudHealthcareV1FhirBigQueryDestination - description: The configuration for exporting to BigQuery. + Required. The category of the attribute. The value of this field + cannot be changed after creation. + type: string + CryptoHashConfig: + id: CryptoHashConfig type: object + description: >- + Pseudonymization method that generates surrogates via cryptographic + hashing. Uses SHA-256. Outputs a base64-encoded representation of the + hashed output (for example, + `L7k0BHmF1ha5U3NfGykjro4xWi1MPVQPjhMAZbSV9mM=`). properties: - datasetUri: + kmsWrapped: + $ref: '#/components/schemas/KmsWrappedCryptoKey' + description: KMS wrapped key. Must not be set if `crypto_key` is set. + cryptoKey: description: >- - Optional. BigQuery URI to an existing dataset, up to 2000 characters - long, in the format `bq://projectId.bqDatasetId`. + An AES 128/192/256 bit key. Causes the hash to be computed based on + this key. A default key is generated for each Deidentify operation + and is used when neither `crypto_key` nor `kms_wrapped` is + specified. Must not be set if `kms_wrapped` is set. type: string - schemaConfig: - description: Optional. The configuration for the exported BigQuery schema. - $ref: '#/components/schemas/SchemaConfig' - force: + format: byte + ConsentList: + type: object + properties: + consents: description: >- - Optional. The default value is false. If this flag is `TRUE`, all - tables are deleted from the dataset before the new exported tables - are written. If the flag is not set and the destination dataset - contains tables, the export call returns an error. If - `write_disposition` is specified, this parameter is ignored. - force=false is equivalent to write_disposition=WRITE_EMPTY and - force=true is equivalent to write_disposition=WRITE_TRUNCATE. - type: boolean - writeDisposition: + The resource names of the Consents to evaluate against, of the form + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consents/{consent_id}`. + type: array + items: + type: string + id: ConsentList + description: List of resource names of Consent resources. + GoogleCloudHealthcareV1FhirGcsSource: + description: Specifies the configuration for importing data from Cloud Storage. + type: object + properties: + uri: description: >- - Optional. Determines if existing data in the destination dataset is - overwritten, appended to, or not written if the tables contain data. - If a write_disposition is specified, the `force` parameter is - ignored. + Points to a Cloud Storage URI containing file(s) to import. The URI + must be in the following format: `gs://{bucket_id}/{object_id}`. The + URI can include wildcards in `object_id` and thus identify multiple + files. Supported wildcards: * `*` to match 0 or more non-separator + characters * `**` to match 0 or more characters (including + separators). Must be used at the end of a path and with no other + wildcards in the path. Can also be used with a file extension (such + as .ndjson), which imports all files with the extension in the + specified directory and its sub-directories. For example, + `gs://my-bucket/my-directory/**.ndjson` imports all files with + `.ndjson` extensions in `my-directory/` and its sub-directories. * + `?` to match 1 character Files matching the wildcard are expected to + contain content only, no metadata. type: string - enumDescriptions: - - Default behavior is the same as WRITE_EMPTY. - - Only export data if the destination tables are empty. - - >- - Erase all existing data in the destination tables before writing - the FHIR resources. - - Append data to the destination tables. - enum: - - WRITE_DISPOSITION_UNSPECIFIED - - WRITE_EMPTY - - WRITE_TRUNCATE - - WRITE_APPEND - SchemaConfig: - id: SchemaConfig - description: >- - Configuration for the FHIR BigQuery schema. Determines how the server - generates the schema. + id: GoogleCloudHealthcareV1FhirGcsSource + GcsSource: + id: GcsSource + description: Specifies the configuration for importing data from Cloud Storage. type: object properties: - schemaType: - description: Specifies the output schema type. Schema type is required. + uri: type: string - enumDescriptions: - - No schema type specified. This type is unsupported. - - >- - Analytics schema defined by the FHIR community. See - https://github.com/FHIR/sql-on-fhir/blob/master/sql-on-fhir.md. - BigQuery only allows a maximum of 10,000 columns per table. Due to - this limitation, the server will not generate schemas for fields - of type `Resource`, which can hold any resource type. The affected - fields are `Parameters.parameter.resource`, - `Bundle.entry.resource`, and `Bundle.entry.response.outcome`. - Analytics schema does not gracefully handle extensions with one or - more occurrences, anaytics schema also does not handle contained - resource. Additionally, extensions with a URL ending in - "/{existing_resource_field_name}" may cause undefined behavior. - - >- - Analytics V2, similar to schema defined by the FHIR community, - with added support for extensions with one or more occurrences and - contained resources in stringified JSON. Extensions with a URL - ending in "/{existing_resource_field_name}" will cause conflict - and prevent the resource from being sent to BigQuery. Analytics V2 - uses more space in the destination table than Analytics V1. It is - generally recommended to use Analytics V2 over Analytics. - enum: - - SCHEMA_TYPE_UNSPECIFIED - - ANALYTICS - - ANALYTICS_V2 - recursiveStructureDepth: description: >- - The depth for all recursive structures in the output analytics - schema. For example, `concept` in the CodeSystem resource is a - recursive structure; when the depth is 2, the CodeSystem table will - have a column called `concept.concept` but not - `concept.concept.concept`. If not specified or set to 0, the server - will use the default value 2. The maximum depth allowed is 5. + Points to a Cloud Storage URI containing file(s) to import. The URI + must be in the following format: `gs://{bucket_id}/{object_id}`. The + URI can include wildcards in `object_id` and thus identify multiple + files. Supported wildcards: * `*` to match 0 or more non-separator + characters * `**` to match 0 or more characters (including + separators). Must be used at the end of a path and with no other + wildcards in the path. Can also be used with a file extension (such + as .ndjson), which imports all files with the extension in the + specified directory and its sub-directories. For example, + `gs://my-bucket/my-directory/**.ndjson` imports all files with + `.ndjson` extensions in `my-directory/` and its sub-directories. * + `?` to match 1 character Files matching the wildcard are expected to + contain content only, no metadata. + Attribute: + id: Attribute + properties: + values: + type: array + items: + type: string + description: >- + Required. The value of the attribute. Must be an acceptable value as + defined in the consent store. For example, if the consent store + defines "data type" with acceptable values "questionnaire" and + "step-count", when the attribute name is data type, this field must + contain one of those values. + attributeDefinitionId: type: string - format: int64 - lastUpdatedPartitionConfig: - description: >- - The configuration for exported BigQuery tables to be partitioned by - FHIR resource's last updated time column. - $ref: '#/components/schemas/TimePartitioning' - TimePartitioning: - id: TimePartitioning - description: Configuration for FHIR BigQuery time-partitioned tables. + description: Indicates the name of an attribute defined in the consent store. + description: >- + An attribute value for a Consent or User data mapping. Each Attribute + must have a corresponding AttributeDefinition in the consent store that + defines the default and allowed values. + type: object + ListConsentArtifactsResponse: type: object properties: - type: - description: Type of partitioning. + nextPageToken: type: string - enumDescriptions: - - Default unknown time. - - Data partitioned by hour. - - Data partitioned by day. - - Data partitioned by month. - - Data partitioned by year. - enum: - - PARTITION_TYPE_UNSPECIFIED - - HOUR - - DAY - - MONTH - - YEAR - expirationMs: description: >- - Number of milliseconds for which to keep the storage for a - partition. - type: string - format: int64 - DeidentifiedStoreDestination: - id: DeidentifiedStoreDestination - description: Contains configuration for streaming de-identified FHIR export. + Token to retrieve the next page of results, or empty if there are no + more results in the list. + consentArtifacts: + items: + $ref: '#/components/schemas/ConsentArtifact' + type: array + description: >- + The returned Consent artifacts. The maximum number of artifacts + returned is determined by the value of page_size in the + ListConsentArtifactsRequest. + id: ListConsentArtifactsResponse + TagFilterList: type: object + id: TagFilterList + description: List of tags to be filtered. properties: - store: - description: >- - Optional. The full resource name of a Cloud Healthcare FHIR store, - for example, - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`. - type: string - config: + tags: + items: + type: string + type: array description: >- - Optional. The configuration to use when de-identifying resources - that are added to this store. - $ref: '#/components/schemas/DeidentifyConfig' - ValidationConfig: - id: ValidationConfig - description: Contains the configuration for FHIR profiles and validation. + Optional. Tags to be filtered. Tags must be DICOM Data Elements, + File Meta Elements, or Directory Structuring Elements, as defined + at: + https://dicom.nema.org/medical/dicom/current/output/html/part06.html#table_6-1,. + They may be provided by "Keyword" or "Tag". For example "PatientID", + "00100010". + CancelOperationRequest: + id: CancelOperationRequest + description: The request message for Operations.CancelOperation. + properties: {} + type: object + SchemaJSON: + id: SchemaJSON + type: object + description: >- + Using this field will set the schema such that all DICOM tags will be + included in the BigQuery table as a single JSON type column. The + BigQuery table schema will include the following columns: * + `StudyInstanceUID` (Type: STRING): DICOM Tag 0020000D. * + `SeriesInstanceUID` (Type: STRING): DICOM Tag 0020000E. * + `SOPInstanceUID` (Type: STRING): DICOM Tag 00080018. * + `SourceDicomStore` (Type: STRING): The name of the source DICOM store. + This field is only included if the `include_source_store` option is set + to true. * `Metadata` (Type: JSON): All DICOM tags for the instance, + stored in a single JSON object. * `StructuredStorageSize` (Type: + INTEGER): Size of the structured storage in bytes. * `DroppedTags` + (Type: STRING, Repeated: Yes): List of tags that were dropped during the + conversion. * `StorageClass` (Type: STRING): The storage class of the + instance. * `LastUpdated` (Type: TIMESTAMP): Timestamp of the last + update to the instance. * `BlobStorageSize` (Type: INTEGER): Size of the + blob storage in bytes. * `Type` (Type: STRING): Indicates the type of + operation (e.g., INSERT, DELETE). + properties: {} + BulkExportGcsDestination: type: object properties: - disableProfileValidation: + uriPrefix: description: >- - Optional. Whether to disable profile validation for this FHIR store. - The default value is false. Set this to true to disable checking - incoming resources for conformance against structure definitions in - this FHIR store. - type: boolean - enabledImplementationGuides: + Optional. URI for a Cloud Storage directory where the server writes + result files, in the format + `gs://{bucket-id}/{path/to/destination/dir}`. If there is no + trailing slash, the service appends one when composing the object + path. The user is responsible for creating the Cloud Storage bucket + referenced in `uri_prefix`. + type: string + description: >- + The configuration for exporting to Cloud Storage using the bulk export + API. + id: BulkExportGcsDestination + Hl7V2StoreMetrics: + description: List of metrics for a given HL7v2 store. + properties: + name: + type: string description: >- - Optional. A list of implementation guide URLs in this FHIR store - that are used to configure the profiles to use for validation. For - example, to use the US Core profiles for validation, set - `enabled_implementation_guides` to - `["http://hl7.org/fhir/us/core/ImplementationGuide/ig"]`. If - `enabled_implementation_guides` is empty or omitted, then incoming - resources are only required to conform to the base FHIR profiles. - Otherwise, a resource must conform to at least one profile listed in - the `global` property of one of the enabled ImplementationGuides. - The Cloud Healthcare API does not currently enforce all of the rules - in a StructureDefinition. The following rules are supported: - - min/max - minValue/maxValue - maxLength - type - fixed[x] - - pattern[x] on simple types - slicing, when using "value" as the - discriminator type When a URL cannot be resolved (for example, in a - type assertion), the server does not return an error. + The resource name of the HL7v2 store to get metrics for, in the + format + `projects/{project_id}/datasets/{dataset_id}/hl7V2Stores/{hl7v2_store_id}`. + metrics: + items: + $ref: '#/components/schemas/Hl7V2StoreMetric' type: array + description: List of HL7v2 store metrics by message type. + id: Hl7V2StoreMetrics + type: object + Status: + type: object + properties: + details: items: - type: string - disableRequiredFieldValidation: - description: >- - Optional. Whether to disable required fields validation for incoming - resources. The default value is false. Set this to true to disable - checking incoming resources for conformance against required fields - requirement defined in the FHIR specification. This property only - affects resource types that do not have profiles configured for - them, any rules in enabled implementation guides will still be - enforced. - type: boolean - disableReferenceTypeValidation: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + type: array description: >- - Optional. Whether to disable reference type validation for incoming - resources. The default value is false. Set this to true to disable - checking incoming resources for conformance against reference type - requirement defined in the FHIR specification. This property only - affects resource types that do not have profiles configured for - them, any rules in enabled implementation guides will still be - enforced. - type: boolean - disableFhirpathValidation: + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + message: description: >- - Optional. Whether to disable FHIRPath validation for incoming - resources. The default value is false. Set this to true to disable - checking incoming resources for conformance against FHIRPath - requirement defined in the FHIR specification. This property only - affects resource types that do not have profiles configured for - them, any rules in enabled implementation guides will still be - enforced. - type: boolean - FhirNotificationConfig: - id: FhirNotificationConfig - description: Contains the configuration for FHIR notifications. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + code: + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + format: int32 + id: Status + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + Signature: type: object properties: - pubsubTopic: - description: >- - Optional. The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic - that notifications of changes are published on. Supplied by the - client. The notification is a `PubsubMessage` with the following - fields: * `PubsubMessage.Data` contains the resource name. * - `PubsubMessage.MessageId` is the ID of this notification. It is - guaranteed to be unique within the topic. * - `PubsubMessage.PublishTime` is the time when the message was - published. Note that notifications are only sent if the topic is - non-empty. [Topic - names](https://cloud.google.com/pubsub/docs/overview#names) must be - scoped to a project. The Cloud Healthcare API service account, - service-@gcp-sa-healthcare.iam.gserviceaccount.com, must have - publisher permissions on the given Pub/Sub topic. Not having - adequate permissions causes the calls that send notifications to - fail - (https://cloud.google.com/healthcare-api/docs/permissions-healthcare-api-gcp-products#dicom_fhir_and_hl7v2_store_cloud_pubsub_permissions). - If a notification can't be published to Pub/Sub, errors are logged - to Cloud Logging. For more information, see [Viewing error logs in - Cloud - Logging](https://cloud.google.com/healthcare-api/docs/how-tos/logging). + userId: + description: Required. User's UUID provided by the client. type: string - sendFullResource: - description: >- - Optional. Whether to send full FHIR resource to this Pub/Sub topic. - The default value is false. - type: boolean - sendPreviousResourceOnDelete: + signatureTime: + format: google-datetime + description: Optional. Timestamp of the signature. + type: string + metadata: description: >- - Optional. Whether to send full FHIR resource to this Pub/Sub topic - for deleting FHIR resource. The default value is false. Note that - setting this to true does not guarantee that all previous resources - will be sent in the format of full FHIR resource. When a resource - change is too large or during heavy traffic, only the resource name - will be sent. Clients should always check the "payloadType" label - from a Pub/Sub message to determine whether it needs to fetch the - full previous resource as a separate operation. - type: boolean - BulkExportGcsDestination: - id: BulkExportGcsDestination + Optional. Metadata associated with the user's signature. For + example, the user's name or the user's title. + additionalProperties: + type: string + type: object + image: + description: Optional. An image of the user's signature. + $ref: '#/components/schemas/Image' + description: User signature. + id: Signature + SchematizedData: description: >- - The configuration for exporting to Cloud Storage using the bulk export - API. + The content of an HL7v2 message in a structured format as specified by a + schema. + id: SchematizedData type: object properties: - uriPrefix: - description: >- - Optional. URI for a Cloud Storage directory where the server writes - result files, in the format - `gs://{bucket-id}/{path/to/destination/dir}`. If there is no - trailing slash, the service appends one when composing the object - path. The user is responsible for creating the Cloud Storage bucket - referenced in `uri_prefix`. + data: + type: string + description: JSON output of the parser. + error: type: string + description: The error output of the parser. ConsentConfig: - id: ConsentConfig description: >- Configures whether to enforce consent for the FHIR store and which consent enforcement version is being used. type: object + id: ConsentConfig properties: - version: - description: >- - Required. Specifies which consent enforcement version is being used - for this FHIR store. This field can only be set once by either - CreateFhirStore or UpdateFhirStore. After that, you must call - ApplyConsents to change the version. - type: string - enumDescriptions: - - Users must specify an enforcement version or an error is returned. - - >- - Enforcement version 1. See the [FHIR Consent resources in the - Cloud Healthcare - API](https://cloud.google.com/healthcare-api/docs/fhir-consent) - guide for more details. - enum: - - CONSENT_ENFORCEMENT_VERSION_UNSPECIFIED - - V1 accessEnforced: description: >- Optional. The default value is false. If set to true, when accessing @@ -3826,13 +3854,10 @@ components: Optional. Different options to configure the behaviour of the server when handling the `X-Consent-Scope` header. $ref: '#/components/schemas/ConsentHeaderHandling' - accessDeterminationLogConfig: - description: >- - Optional. Specifies how the server logs the consent-aware requests. - If not specified, the - `AccessDeterminationLogConfig.LogLevel.MINIMUM` option is used. - $ref: '#/components/schemas/AccessDeterminationLogConfig' enforcedAdminConsents: + type: array + items: + type: string description: >- Output only. The versioned names of the enforced admin Consent resource(s), in the format @@ -3842,1089 +3867,1121 @@ components: `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}`. This field can only be updated using ApplyAdminConsents. readOnly: true - type: array - items: - type: string - ConsentHeaderHandling: - id: ConsentHeaderHandling - description: How the server handles the consent header. - type: object - properties: - profile: - description: >- - Optional. Specifies the default server behavior when the header is - empty. If not specified, the `ScopeProfile.PERMIT_EMPTY_SCOPE` - option is used. - type: string + version: enumDescriptions: - - If not specified, the default value `PERMIT_EMPTY_SCOPE` is used. - - >- - When no consent scopes are provided (for example, if there's an - empty or missing header), then consent check is disabled, similar - to when `access_enforced` is `false`. You can use audit logs to - differentiate these two cases by looking at the value of - `protopayload.metadata.consentMode`. If consents scopes are - present, they must be valid and within the allowed limits, - otherwise the request will be rejected with a `4xx` code. + - Users must specify an enforcement version or an error is returned. - >- - The consent header must be non-empty when performing read and - search operations, otherwise the request is rejected with a `4xx` - code. Additionally, invalid consent scopes or scopes exceeding the - allowed limits are rejected. - enum: - - SCOPE_PROFILE_UNSPECIFIED - - PERMIT_EMPTY_SCOPE - - REQUIRED_ON_READ - AccessDeterminationLogConfig: - id: AccessDeterminationLogConfig - description: >- - Configures consent audit log config for FHIR create, read, update, and - delete (CRUD) operations. Cloud audit log for healthcare API must be - [enabled](https://cloud.google.com/logging/docs/audit/configure-data-access#config-console-enable). - The consent-related logs are included as part of - `protoPayload.metadata`. - type: object - properties: - logLevel: - description: >- - Optional. Controls the amount of detail to include as part of the - audit logs. + Enforcement version 1. See the [FHIR Consent resources in the + Cloud Healthcare + API](https://cloud.google.com/healthcare-api/docs/fhir-consent) + guide for more details. type: string - enumDescriptions: - - No log level specified. This value is unused. - - No additional consent-related logging is added to audit logs. - - >- - The following information is included: * One of the following - [`consentMode`](https://cloud.google.com/healthcare-api/docs/fhir-consent#audit_logs) - fields: (`off`|`emptyScope`|`enforced`|`btg`|`bypass`). * The - accessor's request headers * The `log_level` of the - AccessDeterminationLogConfig * The final consent evaluation - (`PERMIT`, `DENY`, or `NO_CONSENT`) * A human-readable summary of - the evaluation - - >- - Includes `MINIMUM` and, for each resource owner, returns: * The - resource owner's name * Most specific part of the - `X-Consent-Scope` resulting in consensual determination * - Timestamp of the applied enforcement leading to the decision * - Enforcement version at the time the applicable consents were - applied * The Consent resource name * The timestamp of the Consent - resource used for enforcement * Policy type (`PATIENT` or `ADMIN`) - Due to the limited space for logging, this mode is the same as - `MINIMUM` for methods that return multiple resources (such as FHIR - Search). + description: >- + Required. Specifies which consent enforcement version is being used + for this FHIR store. This field can only be set once by either + CreateFhirStore or UpdateFhirStore. After that, you must call + ApplyConsents to change the version. enum: - - LOG_LEVEL_UNSPECIFIED - - DISABLED - - MINIMUM - - VERBOSE - ListFhirStoresResponse: - id: ListFhirStoresResponse - description: Lists the FHIR stores in the given dataset. - type: object - properties: - fhirStores: + - CONSENT_ENFORCEMENT_VERSION_UNSPECIFIED + - V1 + accessDeterminationLogConfig: + $ref: '#/components/schemas/AccessDeterminationLogConfig' description: >- - The returned FHIR stores. Won't be more FHIR stores than the value - of page_size in the request. + Optional. Specifies how the server logs the consent-aware requests. + If not specified, the + `AccessDeterminationLogConfig.LogLevel.MINIMUM` option is used. + RollbackFhirResourcesRequest: + id: RollbackFhirResourcesRequest + properties: + type: + description: Optional. If specified, revert only resources of these types type: array items: - $ref: '#/components/schemas/FhirStore' - nextPageToken: - description: >- - Token to retrieve the next page of results or empty if there are no - more results in the list. - type: string - ImportResourcesRequest: - id: ImportResourcesRequest - description: Request to import resources. - type: object - properties: - contentStructure: - description: >- - The content structure in the source location. If not specified, the - server treats the input source files as BUNDLE. + type: string + rollbackTime: type: string - enumDescriptions: - - >- - If the content structure is not specified, the default value - `BUNDLE` is used. - - >- - The source file contains one or more lines of newline-delimited - JSON (ndjson). Each line is a bundle that contains one or more - resources. - - >- - The source file contains one or more lines of newline-delimited - JSON (ndjson). Each line is a single resource. - - >- - The entire file is one JSON bundle. The JSON can span multiple - lines. - - >- - The entire file is one JSON resource. The JSON can span multiple - lines. - enum: - - CONTENT_STRUCTURE_UNSPECIFIED - - BUNDLE - - RESOURCE - - BUNDLE_PRETTY - - RESOURCE_PRETTY - gcsSource: - description: >- - Cloud Storage source data location and import configuration. The - Healthcare Service Agent account requires the - `roles/storage.objectAdmin` role on the Cloud Storage location. Each - Cloud Storage object should be a text file that contains the format - specified in ContentStructure. - $ref: '#/components/schemas/GoogleCloudHealthcareV1FhirGcsSource' - GoogleCloudHealthcareV1FhirGcsSource: - id: GoogleCloudHealthcareV1FhirGcsSource - description: Specifies the configuration for importing data from Cloud Storage. - type: object - properties: - uri: - description: >- - Points to a Cloud Storage URI containing file(s) to import. The URI - must be in the following format: `gs://{bucket_id}/{object_id}`. The - URI can include wildcards in `object_id` and thus identify multiple - files. Supported wildcards: * `*` to match 0 or more non-separator - characters * `**` to match 0 or more characters (including - separators). Must be used at the end of a path and with no other - wildcards in the path. Can also be used with a file extension (such - as .ndjson), which imports all files with the extension in the - specified directory and its sub-directories. For example, - `gs://my-bucket/my-directory/**.ndjson` imports all files with - `.ndjson` extensions in `my-directory/` and its sub-directories. * - `?` to match 1 character Files matching the wildcard are expected to - contain content only, no metadata. + format: google-datetime + description: Required. Time point to rollback to. + resultGcsBucket: + description: Required. Bucket to deposit result type: string - ApplyConsentsRequest: - id: ApplyConsentsRequest - description: Request to apply the Consent resources for the specified FHIR store. - type: object - properties: - patientScope: - description: Optional. Scope down to a list of patients. - $ref: '#/components/schemas/PatientScope' - timeRange: - description: >- - Optional. Scope down to patients whose most recent consent changes - are in the time range. Can only be used with a versioning store - (i.e. when disable_resource_versioning is set to false). - $ref: '#/components/schemas/TimeRange' - validateOnly: + filteringFields: + description: Optional. Parameters for filtering resources + $ref: '#/components/schemas/RollbackFhirResourceFilteringFields' + force: description: >- - Optional. If true, the method only validates Consent resources to - make sure they are supported. When the operation completes, - ApplyConsentsResponse is returned where `consent_apply_success` and - `consent_apply_failure` indicate supported and unsupported (or - invalid) Consent resources, respectively. Otherwise, the method - propagates the aggregate consensual information to the patient's - resources. Upon success, `affected_resources` in the - ApplyConsentsResponse indicates the number of resources that may - have consensual access changed. + Optional. When enabled, changes will be reverted without explicit + confirmation type: boolean - PatientScope: - id: PatientScope - description: Apply consents given by a list of patients. - type: object - properties: - patientIds: + inputGcsObject: + type: string description: >- - Optional. The list of patient IDs whose Consent resources will be - enforced. At most 10,000 patients can be specified. An empty list is - equivalent to all patients (meaning the entire FHIR store). - type: array - items: - type: string - TimeRange: - id: TimeRange - description: >- - Apply consents given by patients whose most recent consent changes are - in the time range. Note that after identifying these patients, the - server applies all Consent resources given by those patients, not just - the Consent resources within the timestamp in the range. + Optional. Cloud Storage object containing list of + {resourceType}/{resourceId} lines, identifying resources to be + reverted + excludeRollbacks: + description: Optional. Specifies whether to exclude earlier rollbacks. + type: boolean + changeType: + enum: + - CHANGE_TYPE_UNSPECIFIED + - ALL + - CREATE + - UPDATE + - DELETE + enumDescriptions: + - When unspecified, revert all transactions + - All transactions + - Revert only CREATE transactions + - Revert only Update transactions + - Revert only Delete transactions + description: >- + Optional. CREATE/UPDATE/DELETE/ALL for reverting all txns of a + certain type. + type: string type: object + DeidentifiedStoreDestination: + description: Contains configuration for streaming de-identified FHIR export. + id: DeidentifiedStoreDestination properties: - start: + store: description: >- - Optional. The earliest consent change time, in format - YYYY-MM-DDThh:mm:ss.sss+zz:zz If not specified, the system uses the - FHIR store creation time. + Optional. The full resource name of a Cloud Healthcare FHIR store, + for example, + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`. type: string - end: + config: description: >- - Optional. The latest consent change time, in format - YYYY-MM-DDThh:mm:ss.sss+zz:zz If not specified, the system uses the - time when ApplyConsents was called. - type: string - ApplyAdminConsentsRequest: - id: ApplyAdminConsentsRequest - description: >- - Request to apply the admin Consent resources for the specified FHIR - store. + Optional. The configuration to use when de-identifying resources + that are added to this store. + $ref: '#/components/schemas/DeidentifyConfig' type: object + SchemaGroup: properties: - newConsentsList: + members: + items: + $ref: '#/components/schemas/GroupOrSegment' + type: array + description: Nested groups and/or segments. + minOccurs: + type: integer + description: The minimum number of times this group must be present/repeated. + format: int32 + name: + description: The name of this group. For example, "ORDER_DETAIL". + type: string + maxOccurs: + format: int32 description: >- - A new list of admin Consent resources to be applied. Any existing - enforced Consents, which are specified in - `consent_config.enforced_admin_consents` of the FhirStore, that are - not part of this list will be disabled. An empty list is equivalent - to clearing or disabling all Consents enforced on the FHIR store. - When a FHIR store has `disable_resource_versioning=true` and this - list contains a Consent resource that exists in - `consent_config.enforced_admin_consents`, the method enforces any - updates to the existing resource since the last enforcement. If the - existing resource hasn't been updated since the last enforcement, - the resource is unaffected. After the method finishes, the resulting - consent enforcement model is determined by the contents of the - Consent resource(s) when the method was called: * When - `disable_resource_versioning=true`, the result is identical to the - current resource(s) in the FHIR store. * When - `disable_resource_versioning=false`, the result is based on the - historical version(s) of the Consent resource(s) at the point in - time when the method was called. At most 200 Consents can be - specified. - $ref: '#/components/schemas/AdminConsents' - validateOnly: + The maximum number of times this group can be repeated. 0 or -1 + means unbounded. + type: integer + choice: description: >- - Optional. If true, the method only validates Consent resources to - make sure they are supported. Otherwise, the method applies the - aggregate consent information to update the enforcement model and - reindex the FHIR resources. If all Consent resources can be applied - successfully, the ApplyAdminConsentsResponse is returned containing - the following fields: * `consent_apply_success` to indicate the - number of Consent resources applied. * `affected_resources` to - indicate the number of resources that might have had their consent - access changed. If, however, one or more Consent resources are - unsupported or cannot be applied, the method fails and - ApplyAdminConsentsErrorDetail is is returned with details about the - unsupported Consent resources. + True indicates that this is a choice group, meaning that only one of + its segments can exist in a given message. type: boolean - AdminConsents: - id: AdminConsents - description: List of admin Consent resources to be applied. type: object + description: An HL7v2 logical group construct. + id: SchemaGroup + ConsentArtifact: + type: object + description: Documentation of a user's consent. properties: - names: + userId: + description: Required. User's UUID provided by the client. + type: string + consentContentScreenshots: description: >- - Optional. The versioned names of the admin Consent resource(s), in - the format - `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}/_history/{version_id}`. - For FHIR stores with `disable_resource_versioning=true`, the format - is - `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}`. + Optional. Screenshots, PDFs, or other binary information documenting + the user's consent. type: array items: + $ref: '#/components/schemas/Image' + metadata: + additionalProperties: type: string - ExplainDataAccessResponse: - id: ExplainDataAccessResponse - description: >- - List of consent scopes that are applicable to the explained access on a - given resource. - type: object - properties: - consentScopes: description: >- - List of applicable consent scopes. Sorted in order of actor such - that scopes belonging to the same actor will be adjacent to each - other in the list. - type: array - items: - $ref: '#/components/schemas/ExplainDataAccessConsentScope' - warning: + Optional. Metadata associated with the Consent artifact. For + example, the consent locale or user agent version. + type: object + userSignature: + description: Optional. User's signature. + $ref: '#/components/schemas/Signature' + witnessSignature: + $ref: '#/components/schemas/Signature' + description: Optional. A signature from a witness. + consentContentVersion: description: >- - Warnings associated with this response. It inform user with exceeded - scope limit errors. + Optional. An string indicating the version of the consent + information shown to the user. type: string - ExplainDataAccessConsentScope: - id: ExplainDataAccessConsentScope - description: >- - A single consent scope that provides info on who has access to the - requested resource scope for a particular purpose and environment, - enforced by which consent. + guardianSignature: + description: Optional. A signature from a guardian. + $ref: '#/components/schemas/Signature' + name: + description: >- + Identifier. Resource name of the Consent artifact, of the form + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consentArtifacts/{consent_artifact_id}`. + Cannot be changed after creation. + type: string + id: ConsentArtifact + KmsWrappedCryptoKey: type: object properties: - decision: + cryptoKey: description: >- - Whether the current consent scope is permitted or denied access on - the requested resource. + Required. The resource name of the KMS CryptoKey to use for + unwrapping. For example, + `projects/{project_id}/locations/{location_id}/keyRings/{keyring}/cryptoKeys/{key}`. + type: string + wrappedKey: + type: string + format: byte + description: Required. The wrapped data crypto key. + description: >- + Include to use an existing data crypto key wrapped by KMS. The wrapped + key must be a 128-, 192-, or 256-bit key. The key must grant the Cloud + IAM permission `cloudkms.cryptoKeyVersions.useToDecrypt` to the + project's Cloud Healthcare Service Agent service account. For more + information, see [Creating a wrapped key] + (https://cloud.google.com/dlp/docs/create-wrapped-key). + id: KmsWrappedCryptoKey + Image: + properties: + rawBytes: + format: byte type: string - enumDescriptions: - - Unspecified consent decision type. - - Consent permitted access. - - Consent denied access. - enum: - - CONSENT_DECISION_TYPE_UNSPECIFIED - - CONSENT_DECISION_TYPE_PERMIT - - CONSENT_DECISION_TYPE_DENY - enforcingConsents: description: >- - Metadata of the consent resources that enforce the consent scope's - access. - type: array - items: - $ref: '#/components/schemas/ExplainDataAccessConsentInfo' - exceptions: - description: Other consent scopes that created exceptions within this scope. - type: array - items: - $ref: '#/components/schemas/ExplainDataAccessConsentScope' - accessorScope: + Consent artifact content represented as a stream of bytes. This + field is populated when returned in GetConsentArtifact response, but + not included in CreateConsentArtifact and ListConsentArtifact + response. + gcsUri: + type: string description: >- - The accessor scope that describes who can access, for what purpose, - and in which environment. - $ref: '#/components/schemas/ConsentAccessorScope' - ExplainDataAccessConsentInfo: - id: ExplainDataAccessConsentInfo - description: The enforcing consent's metadata. + Input only. Points to a Cloud Storage URI containing the consent + artifact content. The URI must be in the following format: + `gs://{bucket_id}/{object_id}`. The Cloud Healthcare API service + account must have the `roles/storage.objectViewer` Cloud IAM role + for this Cloud Storage location. The consent artifact content at + this URI is copied to a Cloud Storage location managed by the Cloud + Healthcare API. Responses to fetching requests return the consent + artifact content in raw_bytes. + id: Image + description: Raw bytes representing consent artifact content. type: object + AdminConsents: + description: List of admin Consent resources to be applied. + id: AdminConsents properties: - consentResource: + names: description: >- - The resource name of this consent resource, in the format: + Optional. The versioned names of the admin Consent resource(s), in + the format + `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}/_history/{version_id}`. + For FHIR stores with `disable_resource_versioning=true`, the format + is `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}`. - type: string - type: - description: The policy type of consent resource (e.g. PATIENT, ADMIN). - type: string - enumDescriptions: - - Unspecified policy type. - - Consent represent a patient consent. - - Consent represent an admin consent. - enum: - - CONSENT_POLICY_TYPE_UNSPECIFIED - - CONSENT_POLICY_TYPE_PATIENT - - CONSENT_POLICY_TYPE_ADMIN - variants: - description: >- - The consent's variant combinations. A single consent may have - multiple variants. - type: array items: type: string - enumDescriptions: - - Consent variant unspecified. - - Consent is a standard patient or admin consent. - - Consent is a cascading consent. - enum: - - CONSENT_VARIANT_UNSPECIFIED - - CONSENT_VARIANT_STANDARD - - CONSENT_VARIANT_CASCADE - enforcementTime: - description: Last enforcement timestamp of this consent resource. - type: string - format: google-datetime - patientConsentOwner: + type: array + type: object + Result: + id: Result + type: object + properties: + consentDetails: + additionalProperties: + $ref: '#/components/schemas/ConsentEvaluation' description: >- - The patient owning the consent (only applicable for patient - consents), in the format: - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Patient/{patient_id}` + The resource names of all evaluated Consents mapped to their + evaluation. + type: object + consented: + description: Whether the resource is consented for the given use. + type: boolean + dataId: type: string - cascadeOrigins: + description: The unique identifier of the evaluated resource. + description: The consent evaluation result for a single `data_id`. + ListUserDataMappingsResponse: + properties: + userDataMappings: description: >- - The compartment base resources that matched a cascading policy. Each - resource has the following format: - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/{resource_type}/{resource_id}` - type: array + The returned User data mappings. The maximum number of User data + mappings returned is determined by the value of page_size in the + ListUserDataMappingsRequest. items: - type: string - matchingAccessorScopes: - description: >- - A list of all the matching accessor scopes of this consent policy - that enforced ExplainDataAccessConsentScope.accessor_scope. + $ref: '#/components/schemas/UserDataMapping' type: array - items: - $ref: '#/components/schemas/ConsentAccessorScope' - ConsentAccessorScope: - id: ConsentAccessorScope - description: >- - The accessor scope that describes who can access, for what purpose, in - which environment. + nextPageToken: + description: >- + Token to retrieve the next page of results, or empty if there are no + more results in the list. + type: string type: object + id: ListUserDataMappingsResponse + DeidentifyFhirStoreRequest: + type: object + description: Creates a new FHIR store with sensitive information de-identified. + id: DeidentifyFhirStoreRequest properties: - actor: + gcsConfigUri: description: >- - An individual, group, or access role that identifies the accessor or - a characteristic of the accessor. This can be a resource ID (such as - `{resourceType}/{id}`) or an external URI. This value must be - present. + Cloud Storage location to read the JSON + cloud.healthcare.deidentify.DeidentifyConfig from, overriding the + default config. Must be of the form + `gs://{bucket_id}/path/to/object`. The Cloud Storage location must + grant the Cloud IAM role `roles/storage.objectViewer` to the + project's Cloud Healthcare Service Agent service account. Only one + of `config` and `gcs_config_uri` can be specified. type: string - purpose: + skipModifiedResources: description: >- - The intent of data use. If it's not specified, it applies to all - purposes. + If true, skips resources that are created or modified after the + de-identify operation is created. + type: boolean + destinationStore: type: string - environment: description: >- - An abstract identifier that describes the environment or conditions - under which the accessor is acting. If it's not specified, it - applies to all environments. - type: string - ExportResourcesRequest: - id: ExportResourcesRequest - description: Request to export resources. + Required. The name of the FHIR store to create and write the + redacted data to. For example, + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`. + * The destination dataset must exist. * The source dataset and + destination dataset must both reside in the same location. + De-identifying data across multiple locations is not supported. * + The destination FHIR store must exist. * The caller must have the + healthcare.fhirResources.update permission to write to the + destination FHIR store. + config: + $ref: '#/components/schemas/DeidentifyConfig' + description: >- + Deidentify configuration. Only one of `config` and `gcs_config_uri` + can be specified. + resourceFilter: + description: >- + A filter specifying the resources to include in the output. If not + specified, all resources are included in the output. + $ref: '#/components/schemas/FhirFilter' + IngestMessageRequest: + properties: + message: + $ref: '#/components/schemas/Message' + description: Required. HL7v2 message to ingest. + description: Ingests a message into the specified HL7v2 store. + type: object + id: IngestMessageRequest + ListAttributeDefinitionsResponse: type: object properties: - gcsDestination: + attributeDefinitions: + items: + $ref: '#/components/schemas/AttributeDefinition' description: >- - The Cloud Storage output destination. The Healthcare Service Agent - account requires the `roles/storage.objectAdmin` role on the Cloud - Storage location. The exported outputs are organized by FHIR - resource types. The server creates one object per resource type. - Each object contains newline delimited JSON, and each line is a FHIR - resource. - $ref: '#/components/schemas/GoogleCloudHealthcareV1FhirGcsDestination' - bigqueryDestination: + The returned Attribute definitions. The maximum number of attributes + returned is determined by the value of page_size in the + ListAttributeDefinitionsRequest. + type: array + nextPageToken: + type: string description: >- - The BigQuery output destination. The Cloud Healthcare Service Agent - requires two IAM roles on the BigQuery location: - `roles/bigquery.dataEditor` and `roles/bigquery.jobUser`. The output - is one BigQuery table per resource type. Unlike when setting - `BigQueryDestination` for `StreamConfig`, `ExportResources` does not - create BigQuery views. - $ref: '#/components/schemas/GoogleCloudHealthcareV1FhirBigQueryDestination' - _since: + Token to retrieve the next page of results, or empty if there are no + more results in the list. + id: ListAttributeDefinitionsResponse + Dataset: + properties: + name: description: >- - If provided, only resources updated after this time are exported. - The time uses the format YYYY-MM-DDThh:mm:ss.sss+zz:zz. For example, - `2015-02-07T13:28:17.239+02:00` or `2017-01-01T00:00:00Z`. The time - must be specified to the second and include a time zone. + Identifier. Resource name of the dataset, of the form + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}`. type: string - _type: + encryptionSpec: + $ref: '#/components/schemas/EncryptionSpec' description: >- - String of comma-delimited FHIR resource types. If provided, only - resources of the specified resource type(s) are exported. + Optional. Customer-managed encryption key spec for a Dataset. If + set, this Dataset and all of its sub-resources will be secured by + this key. If empty, the Dataset is secured by the default Google + encryption key. + timeZone: type: string - GoogleCloudHealthcareV1FhirGcsDestination: - id: GoogleCloudHealthcareV1FhirGcsDestination - description: The configuration for exporting to Cloud Storage. + description: >- + Optional. The default timezone used by this dataset. Must be a + either a valid IANA time zone name such as "America/New_York" or + empty, which defaults to UTC. This is used for parsing times in + resources, such as HL7 messages, where no explicit timezone is + specified. + satisfiesPzi: + description: Output only. Whether the dataset satisfies zone isolation. + readOnly: true + type: boolean + satisfiesPzs: + type: boolean + description: Output only. Whether the dataset satisfies zone separation. + readOnly: true + description: >- + A message representing a health dataset. A health dataset represents a + collection of healthcare data pertaining to one or more patients. This + may include multiple modalities of healthcare data, such as electronic + medical records or medical imaging data. + type: object + id: Dataset + AccessDeterminationLogConfig: type: object properties: - uriPrefix: + logLevel: + enum: + - LOG_LEVEL_UNSPECIFIED + - DISABLED + - MINIMUM + - VERBOSE + enumDescriptions: + - No log level specified. This value is unused. + - No additional consent-related logging is added to audit logs. + - >- + The following information is included: * One of the following + [`consentMode`](https://cloud.google.com/healthcare-api/docs/fhir-consent#audit_logs) + fields: (`off`|`emptyScope`|`enforced`|`btg`|`bypass`). * The + accessor's request headers * The `log_level` of the + AccessDeterminationLogConfig * The final consent evaluation + (`PERMIT`, `DENY`, or `NO_CONSENT`) * A human-readable summary of + the evaluation + - >- + Includes `MINIMUM` and, for each resource owner, returns: * The + resource owner's name * Most specific part of the + `X-Consent-Scope` resulting in consensual determination * + Timestamp of the applied enforcement leading to the decision * + Enforcement version at the time the applicable consents were + applied * The Consent resource name * The timestamp of the Consent + resource used for enforcement * Policy type (`PATIENT` or `ADMIN`) + Due to the limited space for logging, this mode is the same as + `MINIMUM` for methods that return multiple resources (such as FHIR + Search). description: >- - URI for a Cloud Storage directory where result files should be - written, in the format of - `gs://{bucket-id}/{path/to/destination/dir}`. If there is no - trailing slash, the service appends one when composing the object - path. The user is responsible for creating the Cloud Storage bucket - referenced in `uri_prefix`. + Optional. Controls the amount of detail to include as part of the + audit logs. type: string - FhirStoreMetrics: - id: FhirStoreMetrics - description: List of metrics for a given FHIR store. - type: object + id: AccessDeterminationLogConfig + description: >- + Configures consent audit log config for FHIR create, read, update, and + delete (CRUD) operations. Cloud audit log for healthcare API must be + [enabled](https://cloud.google.com/logging/docs/audit/configure-data-access#config-console-enable). + The consent-related logs are included as part of + `protoPayload.metadata`. + ImageConfig: + description: Specifies how to handle de-identification of image pixels. properties: - name: - description: >- - The resource name of the FHIR store to get metrics for, in the - format - `projects/{project_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`. + textRedactionMode: + enumDescriptions: + - No text redaction specified. Same as REDACT_NO_TEXT. + - Redact all text. + - >- + Redact sensitive text. Uses the set of [Default DICOM + InfoTypes](https://cloud.google.com/healthcare-api/docs/how-tos/dicom-deidentify#default_dicom_infotypes). + - Do not redact text. + enum: + - TEXT_REDACTION_MODE_UNSPECIFIED + - REDACT_ALL_TEXT + - REDACT_SENSITIVE_TEXT + - REDACT_NO_TEXT type: string - metrics: - description: List of FhirStoreMetric by resource type. - type: array - items: - $ref: '#/components/schemas/FhirStoreMetric' - FhirStoreMetric: - id: FhirStoreMetric - description: >- - Count of resources and total storage size by type for a given FHIR - store. + description: Optional. Determines how to redact text from image. type: object + id: ImageConfig + Feature: + description: A feature of an entity mention. + id: Feature properties: - resourceType: - description: The FHIR resource type this metric applies to. - type: string - count: + confidence: + format: double + type: number description: >- - The total count of FHIR resources in the store of this resource - type. - type: string - format: int64 - structuredStorageSizeBytes: + The model's confidence in this feature annotation. A number between + 0 and 1. + value: description: >- - The total amount of structured storage used by FHIR resources of - this resource type in the store. + The value of this feature annotation. Its range depends on the type + of the feature. type: string - format: int64 - RollbackFhirResourcesRequest: - id: RollbackFhirResourcesRequest type: object + PatientScope: + id: PatientScope properties: - type: - description: Optional. If specified, revert only resources of these types - type: array + patientIds: items: type: string - rollbackTime: - description: Required. Time point to rollback to. - type: string - format: google-datetime - filteringFields: - description: Optional. Parameters for filtering resources - $ref: '#/components/schemas/RollbackFhirResourceFilteringFields' - force: - description: >- - Optional. When enabled, changes will be reverted without explicit - confirmation - type: boolean - changeType: + type: array description: >- - Optional. CREATE/UPDATE/DELETE/ALL for reverting all txns of a - certain type. + Optional. The list of patient IDs whose Consent resources will be + enforced. At most 10,000 patients can be specified. An empty list is + equivalent to all patients (meaning the entire FHIR store). + description: Apply consents given by a list of patients. + type: object + Consent: + properties: + consentArtifact: type: string + description: >- + Required. The resource name of the Consent artifact that contains + proof of the end user's consent, of the form + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consentArtifacts/{consent_artifact_id}`. + state: enumDescriptions: - - When unspecified, revert all transactions - - All transactions - - Revert only CREATE transactions - - Revert only Update transactions - - Revert only Delete transactions + - >- + No state specified. Treated as ACTIVE only at the time of resource + creation. + - >- + The Consent is active and is considered when evaluating a user's + consent on resources. + - The archived state is currently not being used. + - >- + A revoked Consent is not considered when evaluating a user's + consent on resources. + - >- + A draft Consent is not considered when evaluating a user's consent + on resources unless explicitly specified. + - >- + When a draft Consent is rejected by a user, it is set to a + rejected state. A rejected Consent is not considered when + evaluating a user's consent on resources. enum: - - CHANGE_TYPE_UNSPECIFIED - - ALL - - CREATE - - UPDATE - - DELETE - resultGcsBucket: - description: Required. Bucket to deposit result + - STATE_UNSPECIFIED + - ACTIVE + - ARCHIVED + - REVOKED + - DRAFT + - REJECTED + description: Required. Indicates the current state of this Consent. + type: string + revisionId: type: string - inputGcsObject: description: >- - Optional. Cloud Storage object containing list of - {resourceType}/{resourceId} lines, identifying resources to be - reverted + Output only. The revision ID of the Consent. The format is an + 8-character hexadecimal string. Refer to a specific revision of a + Consent by appending `@{revision_id}` to the Consent's resource + name. + readOnly: true + revisionCreateTime: type: string - excludeRollbacks: - description: Optional. Specifies whether to exclude earlier rollbacks. - type: boolean - RollbackFhirResourceFilteringFields: - id: RollbackFhirResourceFilteringFields - type: object - properties: - operationIds: - description: Optional. A list of operation IDs to roll back. + description: Output only. The timestamp that the revision was created. + format: google-datetime + readOnly: true + expireTime: + type: string + description: Timestamp in UTC of when this Consent is considered expired. + format: google-datetime + ttl: + description: >- + Input only. The time to live for this Consent from when it is + created. + type: string + format: google-duration + policies: + description: >- + Optional. Represents a user's consent in terms of the resources that + can be accessed and under what conditions. type: array items: + $ref: '#/components/schemas/GoogleCloudHealthcareV1ConsentPolicy' + name: + description: >- + Identifier. Resource name of the Consent, of the form + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consents/{consent_id}`. + Cannot be changed after creation. + type: string + metadata: + type: object + additionalProperties: type: string - format: uint64 - metadataFilter: description: >- - Optional. A filter expression that matches data in the - `Resource.meta` element. Supports all filters in - [AIP-160](https://google.aip.dev/160) except the "has" (`:`) - operator. Supports the following custom functions: * `tag("") = ""` - for tag filtering. * `extension_value_ts("") = ` for filtering - extensions with a timestamp, where `` is a Unix timestamp. Supports - the `>`, `<`, `<=`, `>=`, and `!=` comparison operators. + Optional. User-supplied key-value pairs used to organize Consent + resources. Metadata keys must: - be between 1 and 63 characters long + - have a UTF-8 encoding of maximum 128 bytes - begin with a letter - + consist of up to 63 characters including lowercase letters, numeric + characters, underscores, and dashes Metadata values must be: - be + between 1 and 63 characters long - have a UTF-8 encoding of maximum + 128 bytes - consist of up to 63 characters including lowercase + letters, numeric characters, underscores, and dashes No more than 64 + metadata entries can be associated with a given consent. + userId: type: string - AnalyzeEntitiesRequest: - id: AnalyzeEntitiesRequest - description: The request to analyze healthcare entities in a document. + description: Required. User's UUID provided by the client. type: object + id: Consent + description: Represents a user's consent. + GoogleCloudHealthcareV1ConsentPolicy: properties: - documentContent: - description: document_content is a document to be annotated. - type: string - licensedVocabularies: + resourceAttributes: description: >- - A list of licensed vocabularies to use in the request, in addition - to the default unlicensed vocabularies. + The resources that this policy applies to. A resource is a match if + it matches all the attributes listed here. If empty, this policy + applies to all User data mappings for the given user. + items: + $ref: '#/components/schemas/Attribute' + type: array + authorizationRule: + $ref: '#/components/schemas/Expr' + description: >- + Required. The request conditions to meet to grant access. In + addition to any supported comparison operators, authorization rules + may have `IN` operator as well as at most 10 logical operators that + are limited to `AND` (`&&`), `OR` (`||`). + description: >- + Represents a user's consent in terms of the resources that can be + accessed and under what conditions. + id: GoogleCloudHealthcareV1ConsentPolicy + type: object + TestIamPermissionsResponse: + id: TestIamPermissionsResponse + type: object + description: Response message for `TestIamPermissions` method. + properties: + permissions: type: array + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. items: type: string - enumDescriptions: - - No licensed vocabulary specified. - - ICD-10-CM vocabulary - - SNOMED CT (US version) vocabulary - enum: - - LICENSED_VOCABULARY_UNSPECIFIED - - ICD10CM - - SNOMEDCT_US - alternativeOutputFormat: - description: >- - Optional. Alternative output format to be generated based on the - results of analysis. - type: string - enumDescriptions: - - No alternative output format is specified. - - FHIR bundle output. - enum: - - ALTERNATIVE_OUTPUT_FORMAT_UNSPECIFIED - - FHIR_BUNDLE - AnalyzeEntitiesResponse: - id: AnalyzeEntitiesResponse - description: Includes recognized entity mentions and relationships between them. - type: object + EvaluateUserConsentsResponse: + id: EvaluateUserConsentsResponse properties: - entityMentions: + nextPageToken: description: >- - The `entity_mentions` field contains all the annotated medical - entities that were mentioned in the provided document. + Token to retrieve the next page of results, or empty if there are no + more results in the list. This token is valid for 72 hours after it + is created. + type: string + results: + description: The consent evaluation result for each `data_id`. type: array items: - $ref: '#/components/schemas/EntityMention' - entities: + $ref: '#/components/schemas/Result' + type: object + Field: + id: Field + description: A (sub) field of a type. + properties: + type: + type: string description: >- - The union of all the candidate entities that the entity_mentions in - this response could link to. These are UMLS concepts or normalized - mention content. - type: array - items: - $ref: '#/components/schemas/Entity' - relationships: + The type of this field. A Type with this name must be defined in an + Hl7TypesConfig. + maxOccurs: + format: int32 + type: integer description: >- - relationships contains all the binary relationships that were - identified between entity mentions within the provided document. - type: array - items: - $ref: '#/components/schemas/EntityMentionRelationship' - fhirBundle: + The maximum number of times this field can be repeated. 0 or -1 + means unbounded. + minOccurs: + description: The minimum number of times this field must be present/repeated. + format: int32 + type: integer + table: description: >- - The FHIR bundle ([`R4`](http://hl7.org/fhir/R4/bundle.html)) that - includes all the entities, the entity mentions, and the - relationships in JSON format. + The HL7v2 table this field refers to. For example, PID-15 (Patient's + Primary Language) usually refers to table "0296". + type: string + name: + description: The name of the field. For example, "PID-1" or just "1". type: string - EntityMention: - id: EntityMention - description: An entity mention in the document. type: object + FhirStore: + type: object + id: FhirStore + description: Represents a FHIR store. properties: - mentionId: + version: + enumDescriptions: + - >- + Users must specify a version on store creation or an error is + returned. + - >- + Draft Standard for Trial Use, [Release + 2](https://www.hl7.org/fhir/DSTU2) + - Standard for Trial Use, [Release 3](https://www.hl7.org/fhir/STU3) + - '[Release 4](https://www.hl7.org/fhir/R4)' + - '[Release 5](https://www.hl7.org/fhir/R5)' + enum: + - VERSION_UNSPECIFIED + - DSTU2 + - STU3 + - R4 + - R5 + type: string description: >- - mention_id uniquely identifies each entity mention in a single - response. + Required. Immutable. The FHIR specification version that this FHIR + store supports natively. This field is immutable after store + creation. Requests are rejected if they contain FHIR resources of a + different version. Version is required for every FHIR store. + labels: + type: object + description: >- + User-supplied key-value pairs used to organize FHIR stores. Label + keys must be between 1 and 63 characters long, have a UTF-8 encoding + of maximum 128 bytes, and must conform to the following PCRE regular + expression: \p{Ll}\p{Lo}{0,62} Label values are optional, must be + between 1 and 63 characters long, have a UTF-8 encoding of maximum + 128 bytes, and must conform to the following PCRE regular + expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can + be associated with a given store. + additionalProperties: + type: string + validationConfig: + description: >- + Optional. Configuration for how to validate incoming FHIR resources + against configured profiles. + $ref: '#/components/schemas/ValidationConfig' + disableReferentialIntegrity: + type: boolean + description: >- + Immutable. Whether to disable referential integrity in this FHIR + store. This field is immutable after FHIR store creation. The + default value is false, meaning that the API enforces referential + integrity and fails the requests that result in inconsistent state + in the FHIR store. When this field is set to true, the API skips + referential integrity checks. Consequently, operations that rely on + references, such as GetPatientEverything, do not return all the + results if broken references exist. + complexDataTypeReferenceParsing: + enumDescriptions: + - >- + No parsing behavior specified. This is the same as DISABLED for + backwards compatibility. + - References in complex data types are ignored. + - References in complex data types are parsed. + description: >- + Optional. Enable parsing of references within complex FHIR data + types such as Extensions. If this value is set to ENABLED, then + features like referential integrity and Bundle reference rewriting + apply to all references. If this flag has not been specified the + behavior of the FHIR store will not change, references in complex + data types will not be parsed. New stores will have this value set + to ENABLED after a notification period. Warning: turning on this + flag causes processing existing resources to fail if they contain + references to non-existent resources. Cannot be disabled in R5. type: string - type: + enum: + - COMPLEX_DATA_TYPE_REFERENCE_PARSING_UNSPECIFIED + - DISABLED + - ENABLED + defaultSearchHandlingStrict: description: >- - The semantic type of the entity: UNKNOWN_ENTITY_TYPE, ALONE, - ANATOMICAL_STRUCTURE, ASSISTED_LIVING, BF_RESULT, BM_RESULT, - BM_UNIT, BM_VALUE, BODY_FUNCTION, BODY_MEASUREMENT, COMPLIANT, - DOESNOT_FOLLOWUP, FAMILY, FOLLOWSUP, LABORATORY_DATA, LAB_RESULT, - LAB_UNIT, LAB_VALUE, MEDICAL_DEVICE, MEDICINE, MED_DOSE, - MED_DURATION, MED_FORM, MED_FREQUENCY, MED_ROUTE, MED_STATUS, - MED_STRENGTH, MED_TOTALDOSE, MED_UNIT, NON_COMPLIANT, - OTHER_LIVINGSTATUS, PROBLEM, PROCEDURE, PROCEDURE_RESULT, - PROC_METHOD, REASON_FOR_NONCOMPLIANCE, SEVERITY, SUBSTANCE_ABUSE, - UNCLEAR_FOLLOWUP. + Optional. If true, overrides the default search behavior for this + FHIR store to `handling=strict` which returns an error for + unrecognized search parameters. If false, uses the FHIR + specification default `handling=lenient` which ignores unrecognized + search parameters. The handling can always be changed from the + default on an individual API call by setting the HTTP header + `Prefer: handling=strict` or `Prefer: handling=lenient`. Defaults to + false. + type: boolean + consentConfig: + description: >- + Optional. Specifies whether this store has consent enforcement. Not + available for DSTU2 FHIR version due to absence of Consent + resources. Not supported for R5 FHIR version. + $ref: '#/components/schemas/ConsentConfig' + name: type: string - text: - description: text is the location of the entity mention in the document. - $ref: '#/components/schemas/TextSpan' - linkedEntities: description: >- - linked_entities are candidate ontological concepts that this entity - mention may refer to. They are sorted by decreasing confidence. + Output only. Identifier. Resource name of the FHIR store, of the + form + `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`. + streamConfigs: + description: >- + Optional. A list of streaming configs that configure the + destinations of streaming export for every resource mutation in this + FHIR store. Each store is allowed to have up to 10 streaming + configs. After a new config is added, the next resource mutation is + streamed to the new location in addition to the existing ones. When + a location is removed from the list, the server stops streaming to + that location. Before adding a new config, you must add the required + [`bigquery.dataEditor`](https://cloud.google.com/bigquery/docs/access-control#bigquery.dataEditor) + role to your project's **Cloud Healthcare Service Agent** [service + account](https://cloud.google.com/iam/docs/service-accounts). Some + lag (typically on the order of dozens of seconds) is expected before + the results show up in the streaming destination. type: array items: - $ref: '#/components/schemas/LinkedEntity' - temporalAssessment: + $ref: '#/components/schemas/StreamConfig' + disableResourceVersioning: description: >- - How this entity mention relates to the subject temporally. Its value - is one of: CURRENT, CLINICAL_HISTORY, FAMILY_HISTORY, UPCOMING, - ALLERGY - $ref: '#/components/schemas/Feature' - certaintyAssessment: + Immutable. Whether to disable resource versioning for this FHIR + store. This field can not be changed after the creation of FHIR + store. If set to false, all write operations cause historical + versions to be recorded automatically. The historical versions can + be fetched through the history APIs, but cannot be updated. If set + to true, no historical versions are kept. The server sends errors + for attempts to read the historical versions. Defaults to false. + type: boolean + notificationConfig: + deprecated: true + $ref: '#/components/schemas/NotificationConfig' description: >- - The certainty assessment of the entity mention. Its value is one of: - LIKELY, SOMEWHAT_LIKELY, UNCERTAIN, SOMEWHAT_UNLIKELY, UNLIKELY, - CONDITIONAL - $ref: '#/components/schemas/Feature' - subject: + Deprecated. Use `notification_configs` instead. If non-empty, + publish all resource modifications of this FHIR store to this + destination. The Pub/Sub message attributes contain a map with a + string describing the action that has triggered the notification. + For example, "action":"CreateResource". Not supported in R5. Use + `notification_configs` instead. + bulkExportGcsDestination: description: >- - The subject this entity mention relates to. Its value is one of: - PATIENT, FAMILY_MEMBER, OTHER - $ref: '#/components/schemas/Feature' - confidence: + Optional. FHIR bulk export exports resources to the specified Cloud + Storage destination. A Cloud Storage destination is a URI for a + Cloud Storage directory where result files will be written. Only + used in the spec-defined bulk $export methods. The Cloud Healthcare + Service Agent requires the `roles/storage.objectAdmin` Cloud IAM + role on the destination. + $ref: '#/components/schemas/BulkExportGcsDestination' + enableUpdateCreate: + type: boolean description: >- - The model's confidence in this entity mention annotation. A number - between 0 and 1. - type: number - format: double - TextSpan: - id: TextSpan - description: A span of text in the provided document. - type: object - properties: - content: - description: The original text contained in this span. - type: string - beginOffset: - description: The unicode codepoint index of the beginning of this span. - type: integer - format: int32 - LinkedEntity: - id: LinkedEntity - description: >- - EntityMentions can be linked to multiple entities using a LinkedEntity - message lets us add other fields, e.g. confidence. - type: object - properties: - entityId: + Optional. Whether this FHIR store has the [updateCreate + capability](https://www.hl7.org/fhir/capabilitystatement-definitions.html#CapabilityStatement.rest.resource.updateCreate). + This determines if the client can use an Update operation to create + a new resource with a client-specified ID. If false, all IDs are + server-assigned through the Create operation and attempts to update + a non-existent resource return errors. It is strongly advised not to + include or encode any sensitive data such as patient identifiers in + client-specified resource IDs. Those IDs are part of the FHIR + resource path recorded in Cloud audit logs and Pub/Sub + notifications. Those IDs can also be contained in reference fields + within other resources. Defaults to false. + notificationConfigs: + items: + $ref: '#/components/schemas/FhirNotificationConfig' description: >- - entity_id is a concept unique identifier. These are prefixed by a - string that identifies the entity coding system, followed by the - unique identifier within that system. For example, "UMLS/C0000970". - This also supports ad hoc entities, which are formed by normalizing - entity mention content. - type: string - Feature: - id: Feature - description: A feature of an entity mention. + Optional. Specifies where and whether to send notifications upon + changes to a FHIR store. + type: array + Operation: type: object properties: - value: + metadata: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any description: >- - The value of this feature annotation. Its range depends on the type - of the feature. - type: string - confidence: + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + done: description: >- - The model's confidence in this feature annotation. A number between - 0 and 1. - type: number - format: double - Entity: - id: Entity - description: The candidate entities that an entity mention could link to. - type: object - properties: - entityId: + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + error: + $ref: '#/components/schemas/Status' description: >- - entity_id is a first class field entity_id uniquely identifies this - concept and its meta-vocabulary. For example, "UMLS/C0000970". - type: string - preferredTerm: + The error result of the operation in case of failure or + cancellation. + response: + type: object description: >- - preferred_term is the preferred term for this concept. For example, - "Acetaminophen". For ad hoc entities formed by normalization, this - is the most popular unnormalized string. - type: string - vocabularyCodes: + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + name: description: >- - Vocabulary codes are first-class fields and differentiated from the - concept unique identifier (entity_id). vocabulary_codes contains the - representation of this concept in particular vocabularies, such as - ICD-10, SNOMED-CT and RxNORM. These are prefixed by the name of the - vocabulary, followed by the unique code within that vocabulary. For - example, "RXNORM/A10334543". - type: array - items: - type: string - EntityMentionRelationship: - id: EntityMentionRelationship - description: Defines directed relationship from one entity mention to another. - type: object - properties: - subjectId: - description: subject_id is the id of the subject entity mention. - type: string - objectId: - description: object_id is the id of the object entity mention. + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string - confidence: - description: The model's confidence in this annotation. A number between 0 and 1. - type: number - format: double - OperationMetadata: - id: OperationMetadata + id: Operation description: >- - OperationMetadata provides information about the operation execution. - Returned in the long-running operation's metadata field. + This resource represents a long-running operation that is the result of + a network API call. + BlobStorageInfo: type: object + description: >- + BlobStorageInfo contains details about the data stored in Blob Storage + for the referenced resource. Note: Storage class is only valid for DICOM + and hence will only be populated for DICOM resources. + id: BlobStorageInfo properties: - apiMethodName: - description: The name of the API method that initiated the operation. - type: string - createTime: - description: The time at which the operation was created by the API. + sizeBytes: + description: Size in bytes of data stored in Blob Storage. type: string + format: int64 + storageClassUpdateTime: format: google-datetime - endTime: - description: The time at which execution was completed. type: string - format: google-datetime - counter: - $ref: '#/components/schemas/ProgressCounter' - cancelRequested: - description: Specifies if cancellation was requested for the operation. - type: boolean - logsUrl: description: >- - A link to audit and error logs in the log viewer. Error logs are - generated only by some operations, listed at [Viewing error logs in - Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging). - type: string - ProgressCounter: - id: ProgressCounter - description: ProgressCounter provides counters to describe an operation's progress. - type: object - properties: - pending: - description: The number of units that are pending in the operation. - type: string - format: int64 - success: - description: The number of units that succeeded in the operation. - type: string - format: int64 - failure: - description: The number of units that failed in the operation. + The time at which the storage class was updated. This is used to + compute early deletion fees of the resource. + storageClass: type: string - format: int64 - QueryAccessibleDataResponse: - id: QueryAccessibleDataResponse - description: >- - Response for successful QueryAccessibleData operations. This structure - is included in the response upon operation completion. - type: object - properties: - gcsUris: - description: >- - List of files, each of which contains a list of data_id(s) that are - consented for a specified use in the request. - type: array - items: - type: string - DeidentifySummary: - id: DeidentifySummary - description: Contains a summary of the Deidentify operation. - type: object - properties: {} - GoogleCloudHealthcareV1DeidentifyDeidentifyDicomStoreSummary: - id: GoogleCloudHealthcareV1DeidentifyDeidentifyDicomStoreSummary - description: Contains a summary of the DeidentifyDicomStore operation. - type: object - properties: {} - GoogleCloudHealthcareV1DeidentifyDeidentifyFhirStoreSummary: - id: GoogleCloudHealthcareV1DeidentifyDeidentifyFhirStoreSummary - description: Contains a summary of the DeidentifyFhirStore operation. - type: object - properties: {} - ImportDicomDataResponse: - id: ImportDicomDataResponse - description: >- - Returns additional information in regards to a completed DICOM store - import. - type: object - properties: {} - ExportDicomDataResponse: - id: ExportDicomDataResponse - description: >- - Returns additional information in regards to a completed DICOM store - export. - type: object - properties: {} - ImportResourcesResponse: - id: ImportResourcesResponse - description: >- - Final response of importing resources. This structure is included in the - response to describe the detailed outcome after the operation finishes - successfully. - type: object - properties: {} - ExportResourcesResponse: - id: ExportResourcesResponse + enum: + - BLOB_STORAGE_CLASS_UNSPECIFIED + - STANDARD + - NEARLINE + - COLDLINE + - ARCHIVE + description: The storage class in which the Blob data is stored. + enumDescriptions: + - >- + If unspecified in CreateDataset, the StorageClass defaults to + STANDARD. If unspecified in UpdateDataset and the StorageClass is + set in the field mask, an InvalidRequest error is thrown. + - >- + This stores the Object in Blob Standard Storage: + https://cloud.google.com/storage/docs/storage-classes#standard + - >- + This stores the Object in Blob Nearline Storage: + https://cloud.google.com/storage/docs/storage-classes#nearline + - >- + This stores the Object in Blob Coldline Storage: + https://cloud.google.com/storage/docs/storage-classes#coldline + - >- + This stores the Object in Blob Archive Storage: + https://cloud.google.com/storage/docs/storage-classes#archive + ExplainDataAccessConsentScope: description: >- - Response when all resources export successfully. This structure is - included in the response to describe the detailed outcome after the - operation finishes successfully. - type: object - properties: {} - RollbackFhirResourcesResponse: - id: RollbackFhirResourcesResponse - description: Final response of rollback FIHR resources request. - type: object + A single consent scope that provides info on who has access to the + requested resource scope for a particular purpose and environment, + enforced by which consent. properties: - fhirStore: + exceptions: + items: + $ref: '#/components/schemas/ExplainDataAccessConsentScope' + description: Other consent scopes that created exceptions within this scope. + type: array + decision: + enumDescriptions: + - Unspecified consent decision type. + - Consent permitted access. + - Consent denied access. + enum: + - CONSENT_DECISION_TYPE_UNSPECIFIED + - CONSENT_DECISION_TYPE_PERMIT + - CONSENT_DECISION_TYPE_DENY description: >- - The name of the FHIR store to rollback, in the format of - "projects/{project_id}/locations/{location_id}/datasets/{dataset_id} - /fhirStores/{fhir_store_id}". + Whether the current consent scope is permitted or denied access on + the requested resource. type: string - ApplyConsentsResponse: - id: ApplyConsentsResponse - description: >- - Response when all Consent resources in scope were processed and all - affected resources were reindexed successfully. This structure is - included in the response when the operation finishes successfully. + accessorScope: + $ref: '#/components/schemas/ConsentAccessorScope' + description: >- + The accessor scope that describes who can access, for what purpose, + and in which environment. + enforcingConsents: + type: array + items: + $ref: '#/components/schemas/ExplainDataAccessConsentInfo' + description: >- + Metadata of the consent resources that enforce the consent scope's + access. type: object + id: ExplainDataAccessConsentScope + Entity: properties: - consentApplySuccess: + entityId: description: >- - If `validate_only = false` in ApplyConsentsRequest, this counter is - the number of Consent resources that were successfully applied. - Otherwise, it is the number of Consent resources that are supported. + entity_id is a first class field entity_id uniquely identifies this + concept and its meta-vocabulary. For example, "UMLS/C0000970". type: string - format: int64 - consentApplyFailure: + preferredTerm: description: >- - If `validate_only = false` in ApplyConsentsRequest, this counter is - the number of Consent resources that were failed to apply. - Otherwise, it is the number of Consent resources that are not - supported or invalid. + preferred_term is the preferred term for this concept. For example, + "Acetaminophen". For ad hoc entities formed by normalization, this + is the most popular unnormalized string. type: string - format: int64 - affectedResources: + vocabularyCodes: description: >- - The number of resources (including the Consent resources) that may - have consensual access change. - type: string - format: int64 - failedResources: + Vocabulary codes are first-class fields and differentiated from the + concept unique identifier (entity_id). vocabulary_codes contains the + representation of this concept in particular vocabularies, such as + ICD-10, SNOMED-CT and RxNORM. These are prefixed by the name of the + vocabulary, followed by the unique code within that vocabulary. For + example, "RXNORM/A10334543". + type: array + items: + type: string + description: The candidate entities that an entity mention could link to. + id: Entity + type: object + RollbackHl7V2MessagesResponse: + description: Final response of rollback HL7v2 messages request. + properties: + hl7v2Store: description: >- - The number of resources (including the Consent resources) that - ApplyConsents failed to re-index. + The name of the HL7v2 store to rollback, in the format of + "projects/{project_id}/locations/{location_id}/datasets/{dataset_id} + /hl7v2Stores/{hl7v2_store_id}". type: string - format: int64 - ApplyAdminConsentsResponse: - id: ApplyAdminConsentsResponse + type: object + id: RollbackHl7V2MessagesResponse + IngestMessageResponse: description: >- - Response when all admin Consent resources in scope were processed and - all affected resources were reindexed successfully. This structure will - be included in the response when the operation finishes successfully. + Acknowledges that a message has been ingested into the specified HL7v2 + store. type: object properties: - consentApplySuccess: - description: >- - If `validate_only=false` in ApplyAdminConsentsRequest, this counter - contains the number of Consent resources that were successfully - applied. Otherwise, it is the number of Consent resources that are - supported. + hl7Ack: + format: byte type: string - format: int64 - affectedResources: - description: >- - The number of resources (including the Consent resources) that may - have consent access change. + description: HL7v2 ACK message. + message: + $ref: '#/components/schemas/Message' + description: Created message resource. + id: IngestMessageResponse + PubsubDestination: + properties: + pubsubTopic: type: string - format: int64 - failedResources: description: >- - The number of resources (including the Consent resources) that - ApplyAdminConsents failed to re-index. - type: string - format: int64 - ApplyAdminConsentsErrorDetail: - id: ApplyAdminConsentsErrorDetail + The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that + Pub/Sub messages are published on. Supplied by the client. The + `PubsubMessage` contains the following fields: * + `PubsubMessage.Data` contains the resource name. * + `PubsubMessage.MessageId` is the ID of this notification. It is + guaranteed to be unique within the topic. * + `PubsubMessage.PublishTime` is the time when the message was + published. [Topic + names](https://cloud.google.com/pubsub/docs/overview#names) must be + scoped to a project. The Cloud Healthcare API service account, + service-PROJECT_NUMBER@gcp-sa-healthcare.iam.gserviceaccount.com, + must have publisher permissions on the given Pub/Sub topic. Not + having adequate permissions causes the calls that send notifications + to fail. + id: PubsubDestination description: >- - Contains the error details of the unsupported admin Consent resources - for when the ApplyAdminConsents method fails to apply one or more - Consent resources. + The Pub/Sub output destination. The Cloud Healthcare Service Agent + requires the `roles/pubsub.publisher` Cloud IAM role on the Pub/Sub + topic. type: object - properties: - consentErrors: - description: >- - The list of Consent resources that are unsupported or cannot be - applied and the error associated with each of them. - type: array - items: - $ref: '#/components/schemas/ConsentErrors' - existingOperationId: - description: >- - The currently in progress non-validate-only ApplyAdminConsents - operation ID if exist. - type: string - format: uint64 - ConsentErrors: - id: ConsentErrors - description: The Consent resource name and error. + StructuredStorageInfo: type: object properties: - name: - description: >- - The versioned name of the admin Consent resource, in the format - `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}/_history/{version_id}`. - For FHIR stores with `disable_resource_versioning=true`, the format - is - `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}`. + sizeBytes: type: string - error: - description: The error code and message. - $ref: '#/components/schemas/Status' - ExportMessagesResponse: - id: ExportMessagesResponse + description: Size in bytes of data stored in structured storage. + format: int64 + id: StructuredStorageInfo description: >- - Final response for the export operation. This structure is included in - the response to describe the detailed outcome. + StructuredStorageInfo contains details about the data stored in + Structured Storage for the referenced resource. + QueryAccessibleDataResponse: type: object - properties: {} - ImportMessagesResponse: - id: ImportMessagesResponse description: >- - Final response of importing messages. This structure is included in the - response to describe the detailed outcome. It is only included when the - operation finishes successfully. - type: object - properties: {} - RollbackHl7V2MessagesResponse: - id: RollbackHl7V2MessagesResponse - description: Final response of rollback HL7v2 messages request. + Response for successful QueryAccessibleData operations. This structure + is included in the response upon operation completion. + properties: + gcsUris: + items: + type: string + description: >- + List of files, each of which contains a list of data_id(s) that are + consented for a specified use in the request. + type: array + id: QueryAccessibleDataResponse + RejectConsentRequest: type: object properties: - hl7v2Store: + consentArtifact: description: >- - The name of the HL7v2 store to rollback, in the format of - "projects/{project_id}/locations/{location_id}/datasets/{dataset_id} - /hl7v2Stores/{hl7v2_store_id}". + Optional. The resource name of the Consent artifact that contains + documentation of the user's rejection of the draft Consent, of the + form + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consentArtifacts/{consent_artifact_id}`. + If the draft Consent had a Consent artifact, this Consent artifact + overwrites it. type: string - SetBlobStorageSettingsResponse: - id: SetBlobStorageSettingsResponse + id: RejectConsentRequest description: >- - Returns additional info in regards to a completed set blob storage - settings API. + Rejects the latest revision of the specified Consent by committing a new + revision with `state` updated to `REJECTED`. If the latest revision of + the given Consent is in the `REJECTED` state, no new revision is + committed. + ProgressCounter: + id: ProgressCounter type: object - properties: {} + description: ProgressCounter provides counters to describe an operation's progress. + properties: + success: + description: The number of units that succeeded in the operation. + format: int64 + type: string + failure: + type: string + description: The number of units that failed in the operation. + format: int64 + pending: + description: The number of units that are pending in the operation. + format: int64 + type: string + secondaryFailure: + type: string + description: The number of secondary units that failed in the operation. + format: int64 + secondarySuccess: + format: int64 + description: The number of secondary units that succeeded in the operation. + type: string parameters: - access_token: - description: OAuth access token. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: access_token + name: upload_protocol schema: type: string - alt: - description: Data format for response. + _.xgafv: + description: V1 error format. in: query - name: alt + name: $.xgafv schema: type: string enum: - - json - - media - - proto + - '1' + - '2' callback: description: JSONP in: query name: callback schema: type: string + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + alt: + description: Data format for response. in: query - name: key + name: alt schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + enum: + - json + - media + - proto + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: oauth_token + name: uploadType schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -4934,538 +4991,309 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - _.xgafv: - description: V1 error format. - in: query - name: $.xgafv - schema: - type: string - enum: - - '1' - - '2' - x-stackQL-resources: - locations: - id: google.healthcare.locations - name: locations - title: Locations - methods: - list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations - get: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - datasets_iam_policies: - id: google.healthcare.datasets_iam_policies - name: datasets_iam_policies - title: Datasets_iam_policies - methods: - set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - get_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:getIamPolicy/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/datasets_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/datasets_iam_policies/methods/set_iam_policy - delete: [] - datasets: - id: google.healthcare.datasets - name: datasets - title: Datasets - methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.datasets - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - deidentify: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:deidentify/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/datasets/methods/get' - - $ref: '#/components/x-stackQL-resources/datasets/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/datasets/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/datasets/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/datasets/methods/delete' - consent_stores_iam_policies: - id: google.healthcare.consent_stores_iam_policies - name: consent_stores_iam_policies - title: Consent_stores_iam_policies - methods: - set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - get_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}:getIamPolicy/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/consent_stores_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/consent_stores_iam_policies/methods/set_iam_policy - delete: [] - consent_stores: - id: google.healthcare.consent_stores - name: consent_stores - title: Consent_stores + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + x-stackQL-resources: + datasets: + id: google.healthcare.datasets + name: datasets + title: Datasets methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.consentStores get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/get response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/delete response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}/patch response: mediaType: application/json openAPIDocKey: '200' - check_data_access: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}:checkDataAccess/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets/get response: mediaType: application/json openAPIDocKey: '200' - query_accessible_data: + objectKey: $.datasets + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}:queryAccessibleData/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets/post response: mediaType: application/json openAPIDocKey: '200' - evaluate_user_consents: + deidentify: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}:evaluateUserConsents/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:deidentify/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/consent_stores/methods/get' - - $ref: '#/components/x-stackQL-resources/consent_stores/methods/list' + - $ref: '#/components/x-stackQL-resources/datasets/methods/get' + - $ref: '#/components/x-stackQL-resources/datasets/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/consent_stores/methods/create' + - $ref: '#/components/x-stackQL-resources/datasets/methods/create' update: - - $ref: '#/components/x-stackQL-resources/consent_stores/methods/patch' + - $ref: '#/components/x-stackQL-resources/datasets/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/consent_stores/methods/delete' - attribute_definitions: - id: google.healthcare.attribute_definitions - name: attribute_definitions - title: Attribute_definitions + - $ref: '#/components/x-stackQL-resources/datasets/methods/delete' + datasets_iam_policies: + id: google.healthcare.datasets_iam_policies + name: datasets_iam_policies + title: Datasets_iam_policies methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1attributeDefinitions/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1attributeDefinitions/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.attributeDefinitions - get: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1attributeDefinitions~1{attributeDefinitionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1attributeDefinitions~1{attributeDefinitionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - patch: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1attributeDefinitions~1{attributeDefinitionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/attribute_definitions/methods/get' - - $ref: >- - #/components/x-stackQL-resources/attribute_definitions/methods/list - insert: - $ref: >- - #/components/x-stackQL-resources/attribute_definitions/methods/create - update: - - $ref: >- - #/components/x-stackQL-resources/attribute_definitions/methods/patch - replace: [] - delete: + #/components/x-stackQL-resources/datasets_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: - $ref: >- - #/components/x-stackQL-resources/attribute_definitions/methods/delete - consent_artifacts: - id: google.healthcare.consent_artifacts - name: consent_artifacts - title: Consent_artifacts + #/components/x-stackQL-resources/datasets_iam_policies/methods/set_iam_policy + delete: [] + data_mapper_workspaces_iam_policies: + id: google.healthcare.data_mapper_workspaces_iam_policies + name: data_mapper_workspaces_iam_policies + title: Data_mapper_workspaces_iam_policies methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consentArtifacts/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consentArtifacts/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dataMapperWorkspaces~1{dataMapperWorkspacesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.consentArtifacts - get: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consentArtifacts~1{consentArtifactsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dataMapperWorkspaces~1{dataMapperWorkspacesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consentArtifacts~1{consentArtifactsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dataMapperWorkspaces~1{dataMapperWorkspacesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/consent_artifacts/methods/get' - - $ref: '#/components/x-stackQL-resources/consent_artifacts/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/consent_artifacts/methods/create' + - $ref: >- + #/components/x-stackQL-resources/data_mapper_workspaces_iam_policies/methods/get_iam_policy + insert: [] update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/consent_artifacts/methods/delete' - consents: - id: google.healthcare.consents - name: consents - title: Consents + replace: + - $ref: >- + #/components/x-stackQL-resources/data_mapper_workspaces_iam_policies/methods/set_iam_policy + delete: [] + messages: + id: google.healthcare.messages + name: messages + title: Messages methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.consents get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents~1{consentsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}~1messages~1{messagesId}/get response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents~1{consentsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}~1messages~1{messagesId}/delete response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents~1{consentsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}~1messages~1{messagesId}/patch response: mediaType: application/json openAPIDocKey: '200' - activate: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents~1{consentsId}:activate/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}~1messages/post response: mediaType: application/json openAPIDocKey: '200' - reject: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents~1{consentsId}:reject/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}~1messages/get response: mediaType: application/json openAPIDocKey: '200' - revoke: + objectKey: $.hl7V2Messages + ingest: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents~1{consentsId}:revoke/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}~1messages:ingest/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/consents/methods/get' - - $ref: '#/components/x-stackQL-resources/consents/methods/list' + - $ref: '#/components/x-stackQL-resources/messages/methods/get' + - $ref: '#/components/x-stackQL-resources/messages/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/consents/methods/create' + - $ref: '#/components/x-stackQL-resources/messages/methods/create' update: - - $ref: '#/components/x-stackQL-resources/consents/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/consents/methods/delete' - consents_revisions: - id: google.healthcare.consents_revisions - name: consents_revisions - title: Consents_revisions - methods: - delete_revision: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents~1{consentsId}:deleteRevision/delete - response: - mediaType: application/json - openAPIDocKey: '200' - list_revisions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents~1{consentsId}:listRevisions/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.consents - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/consents_revisions/methods/list_revisions - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/messages/methods/patch' replace: [] delete: - - $ref: >- - #/components/x-stackQL-resources/consents_revisions/methods/delete_revision - user_data_mappings: - id: google.healthcare.user_data_mappings - name: user_data_mappings - title: User_data_mappings + - $ref: '#/components/x-stackQL-resources/messages/methods/delete' + hl7_v2_stores: + id: google.healthcare.hl7_v2_stores + name: hl7_v2_stores + title: Hl7_v2_stores methods: - create: + import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1userDataMappings/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}:import/post response: mediaType: application/json openAPIDocKey: '200' - list: + rollback: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1userDataMappings/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}:rollback/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.userDataMappings get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1userDataMappings~1{userDataMappingsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}/patch response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1userDataMappings~1{userDataMappingsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + export: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1userDataMappings~1{userDataMappingsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}:export/post response: mediaType: application/json openAPIDocKey: '200' - archive: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1userDataMappings~1{userDataMappingsId}:archive/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.hl7V2Stores sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/user_data_mappings/methods/get' - - $ref: '#/components/x-stackQL-resources/user_data_mappings/methods/list' + - $ref: '#/components/x-stackQL-resources/hl7_v2_stores/methods/get' + - $ref: '#/components/x-stackQL-resources/hl7_v2_stores/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/user_data_mappings/methods/create' + - $ref: '#/components/x-stackQL-resources/hl7_v2_stores/methods/create' update: - - $ref: '#/components/x-stackQL-resources/user_data_mappings/methods/patch' + - $ref: '#/components/x-stackQL-resources/hl7_v2_stores/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/user_data_mappings/methods/delete' - data_mapper_workspaces_iam_policies: - id: google.healthcare.data_mapper_workspaces_iam_policies - name: data_mapper_workspaces_iam_policies - title: Data_mapper_workspaces_iam_policies + - $ref: '#/components/x-stackQL-resources/hl7_v2_stores/methods/delete' + hl7_v2_stores_iam_policies: + id: google.healthcare.hl7_v2_stores_iam_policies + name: hl7_v2_stores_iam_policies + title: Hl7_v2_stores_iam_policies methods: set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dataMapperWorkspaces~1{dataMapperWorkspacesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dataMapperWorkspaces~1{dataMapperWorkspacesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' @@ -5473,80 +5301,98 @@ components: test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dataMapperWorkspaces~1{dataMapperWorkspacesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/data_mapper_workspaces_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/hl7_v2_stores_iam_policies/methods/get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/data_mapper_workspaces_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/hl7_v2_stores_iam_policies/methods/set_iam_policy delete: [] - dicom_stores_iam_policies: - id: google.healthcare.dicom_stores_iam_policies - name: dicom_stores_iam_policies - title: Dicom_stores_iam_policies + hl7_v2_store_metrics: + id: google.healthcare.hl7_v2_store_metrics + name: hl7_v2_store_metrics + title: Hl7_v2_store_metrics methods: - set_iam_policy: + get_hl7v2_store_metrics: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}:getHL7v2StoreMetrics/get response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/hl7_v2_store_metrics/methods/get_hl7v2_store_metrics + insert: [] + update: [] + replace: [] + delete: [] + operations: + id: google.healthcare.operations + name: operations + title: Operations + methods: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1operations~1{operationsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' + delete-fhir-operation: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/dicom_stores_iam_policies/methods/get_iam_policy + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/dicom_stores_iam_policies/methods/set_iam_policy + replace: [] delete: [] dicom_stores: id: google.healthcare.dicom_stores name: dicom_stores title: Dicom_stores methods: - deidentify: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}:deidentify/post - response: - mediaType: application/json - openAPIDocKey: '200' - set_blob_storage_settings: + search_for_instances: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}:setBlobStorageSettings/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1instances/get response: mediaType: application/json openAPIDocKey: '200' - create: + deidentify: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}:deidentify/post response: mediaType: application/json openAPIDocKey: '200' @@ -5558,17 +5404,17 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.dicomStores - get: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores/post response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -5579,17 +5425,17 @@ components: response: mediaType: application/json openAPIDocKey: '200' - import: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}/delete response: mediaType: application/json openAPIDocKey: '200' - export: + store_instances: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}:export/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies/post response: mediaType: application/json openAPIDocKey: '200' @@ -5600,10 +5446,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - store_instances: + import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}:import/post response: mediaType: application/json openAPIDocKey: '200' @@ -5614,10 +5460,17 @@ components: response: mediaType: application/json openAPIDocKey: '200' - search_for_instances: + export: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1instances/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}:export/post + response: + mediaType: application/json + openAPIDocKey: '200' + set_blob_storage_settings: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}:setBlobStorageSettings/post response: mediaType: application/json openAPIDocKey: '200' @@ -5653,133 +5506,110 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/dicom_stores/methods/delete' - dicom_store_metrics: - id: google.healthcare.dicom_store_metrics - name: dicom_store_metrics - title: Dicom_store_metrics - methods: - get_dicomstore_metrics: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}:getDICOMStoreMetrics/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/dicom_store_metrics/methods/get_dicomstore_metrics - insert: [] - update: [] - replace: [] - delete: [] - studies: - id: google.healthcare.studies - name: studies - title: Studies + dicom_stores_iam_policies: + id: google.healthcare.dicom_stores_iam_policies + name: dicom_stores_iam_policies + title: Dicom_stores_iam_policies methods: - set_blob_storage_settings: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies~1{studiesId}:setBlobStorageSettings/post - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies~1{studiesId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - store_instances: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies~1{studiesId}/post - response: - mediaType: application/json - openAPIDocKey: '200' - search_for_series: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies~1{studiesId}~1series/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - search_for_instances: + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies~1{studiesId}~1instances/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/studies/methods/delete' - study_metrics: - id: google.healthcare.study_metrics - name: study_metrics - title: Study_metrics - methods: - get_study_metrics: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies~1{studiesId}:getStudyMetrics/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/study_metrics/methods/get_study_metrics + #/components/x-stackQL-resources/dicom_stores_iam_policies/methods/get_iam_policy insert: [] update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/dicom_stores_iam_policies/methods/set_iam_policy delete: [] - series_metrics: - id: google.healthcare.series_metrics - name: series_metrics - title: Series_metrics + dicom_store_metrics: + id: google.healthcare.dicom_store_metrics + name: dicom_store_metrics + title: Dicom_store_metrics methods: - get_series_metrics: + get_dicomstore_metrics: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies~1{studiesId}~1series~1{seriesId}:getSeriesMetrics/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}:getDICOMStoreMetrics/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/series_metrics/methods/get_series_metrics + #/components/x-stackQL-resources/dicom_store_metrics/methods/get_dicomstore_metrics insert: [] update: [] replace: [] delete: [] - instances_storage_info: - id: google.healthcare.instances_storage_info - name: instances_storage_info - title: Instances_storage_info + studies: + id: google.healthcare.studies + name: studies + title: Studies methods: - get_storage_info: + store_instances: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies~1{studiesId}~1series~1{seriesId}~1instances~1{instancesId}:getStorageInfo/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies~1{studiesId}/post + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies~1{studiesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + search_for_instances: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies~1{studiesId}~1instances/get + response: + mediaType: application/json + openAPIDocKey: '200' + search_for_series: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies~1{studiesId}~1series/get + response: + mediaType: application/json + openAPIDocKey: '200' + set_blob_storage_settings: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies~1{studiesId}:setBlobStorageSettings/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/instances_storage_info/methods/get_storage_info + select: [] insert: [] update: [] replace: [] - delete: [] + delete: + - $ref: '#/components/x-stackQL-resources/studies/methods/delete' studies_study: id: google.healthcare.studies_study name: studies_study @@ -5942,22 +5772,155 @@ components: update: [] replace: [] delete: [] - hl7_v2_stores_iam_policies: - id: google.healthcare.hl7_v2_stores_iam_policies - name: hl7_v2_stores_iam_policies - title: Hl7_v2_stores_iam_policies + series_metrics: + id: google.healthcare.series_metrics + name: series_metrics + title: Series_metrics + methods: + get_series_metrics: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies~1{studiesId}~1series~1{seriesId}:getSeriesMetrics/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/series_metrics/methods/get_series_metrics + insert: [] + update: [] + replace: [] + delete: [] + instances_storage_info: + id: google.healthcare.instances_storage_info + name: instances_storage_info + title: Instances_storage_info + methods: + get_storage_info: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies~1{studiesId}~1series~1{seriesId}~1instances~1{instancesId}:getStorageInfo/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/instances_storage_info/methods/get_storage_info + insert: [] + update: [] + replace: [] + delete: [] + study_metrics: + id: google.healthcare.study_metrics + name: study_metrics + title: Study_metrics + methods: + get_study_metrics: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1dicomStores~1{dicomStoresId}~1dicomWeb~1studies~1{studiesId}:getStudyMetrics/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/study_metrics/methods/get_study_metrics + insert: [] + update: [] + replace: [] + delete: [] + consent_stores: + id: google.healthcare.consent_stores + name: consent_stores + title: Consent_stores + methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.consentStores + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores/post + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + query_accessible_data: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}:queryAccessibleData/post + response: + mediaType: application/json + openAPIDocKey: '200' + check_data_access: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}:checkDataAccess/post + response: + mediaType: application/json + openAPIDocKey: '200' + evaluate_user_consents: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}:evaluateUserConsents/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/consent_stores/methods/get' + - $ref: '#/components/x-stackQL-resources/consent_stores/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/consent_stores/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/consent_stores/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/consent_stores/methods/delete' + consent_stores_iam_policies: + id: google.healthcare.consent_stores_iam_policies + name: consent_stores_iam_policies + title: Consent_stores_iam_policies methods: set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' @@ -5965,578 +5928,646 @@ components: test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/hl7_v2_stores_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/consent_stores_iam_policies/methods/get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/hl7_v2_stores_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/consent_stores_iam_policies/methods/set_iam_policy delete: [] - hl7_v2_stores: - id: google.healthcare.hl7_v2_stores - name: hl7_v2_stores - title: Hl7_v2_stores + attribute_definitions: + id: google.healthcare.attribute_definitions + name: attribute_definitions + title: Attribute_definitions + methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1attributeDefinitions/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.attributeDefinitions + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1attributeDefinitions/post + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1attributeDefinitions~1{attributeDefinitionsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1attributeDefinitions~1{attributeDefinitionsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1attributeDefinitions~1{attributeDefinitionsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/attribute_definitions/methods/get' + - $ref: >- + #/components/x-stackQL-resources/attribute_definitions/methods/list + insert: + - $ref: >- + #/components/x-stackQL-resources/attribute_definitions/methods/create + update: + - $ref: >- + #/components/x-stackQL-resources/attribute_definitions/methods/patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/attribute_definitions/methods/delete + user_data_mappings: + id: google.healthcare.user_data_mappings + name: user_data_mappings + title: User_data_mappings methods: create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1userDataMappings/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1userDataMappings/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.hl7V2Stores + objectKey: $.userDataMappings get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1userDataMappings~1{userDataMappingsId}/get response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - export: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}:export/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1userDataMappings~1{userDataMappingsId}/patch response: mediaType: application/json openAPIDocKey: '200' - import: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1userDataMappings~1{userDataMappingsId}/delete response: mediaType: application/json openAPIDocKey: '200' - rollback: + archive: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}:rollback/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1userDataMappings~1{userDataMappingsId}:archive/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/hl7_v2_stores/methods/get' - - $ref: '#/components/x-stackQL-resources/hl7_v2_stores/methods/list' + - $ref: '#/components/x-stackQL-resources/user_data_mappings/methods/get' + - $ref: '#/components/x-stackQL-resources/user_data_mappings/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/hl7_v2_stores/methods/create' + - $ref: '#/components/x-stackQL-resources/user_data_mappings/methods/create' update: - - $ref: '#/components/x-stackQL-resources/hl7_v2_stores/methods/patch' + - $ref: '#/components/x-stackQL-resources/user_data_mappings/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/hl7_v2_stores/methods/delete' - hl7_v2_store_metrics: - id: google.healthcare.hl7_v2_store_metrics - name: hl7_v2_store_metrics - title: Hl7_v2_store_metrics + - $ref: '#/components/x-stackQL-resources/user_data_mappings/methods/delete' + consents: + id: google.healthcare.consents + name: consents + title: Consents methods: - get_hl7v2_store_metrics: + revoke: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}:getHL7v2StoreMetrics/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents~1{consentsId}:revoke/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/hl7_v2_store_metrics/methods/get_hl7v2_store_metrics - insert: [] - update: [] - replace: [] - delete: [] - messages: - id: google.healthcare.messages - name: messages - title: Messages - methods: - ingest: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}~1messages:ingest/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents~1{consentsId}/patch response: mediaType: application/json openAPIDocKey: '200' - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}~1messages/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents~1{consentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}~1messages/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents~1{consentsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.hl7V2Messages - get: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}~1messages~1{messagesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}~1messages~1{messagesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents/get response: mediaType: application/json openAPIDocKey: '200' - patch: + objectKey: $.consents + activate: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1hl7V2Stores~1{hl7V2StoresId}~1messages~1{messagesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents~1{consentsId}:activate/post + response: + mediaType: application/json + openAPIDocKey: '200' + reject: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents~1{consentsId}:reject/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/messages/methods/get' - - $ref: '#/components/x-stackQL-resources/messages/methods/list' + - $ref: '#/components/x-stackQL-resources/consents/methods/get' + - $ref: '#/components/x-stackQL-resources/consents/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/messages/methods/create' + - $ref: '#/components/x-stackQL-resources/consents/methods/create' update: - - $ref: '#/components/x-stackQL-resources/messages/methods/patch' + - $ref: '#/components/x-stackQL-resources/consents/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/messages/methods/delete' - fhir_stores_iam_policies: - id: google.healthcare.fhir_stores_iam_policies - name: fhir_stores_iam_policies - title: Fhir_stores_iam_policies + - $ref: '#/components/x-stackQL-resources/consents/methods/delete' + consents_revisions: + id: google.healthcare.consents_revisions + name: consents_revisions + title: Consents_revisions methods: - set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - get_iam_policy: + list_revisions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents~1{consentsId}:listRevisions/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + objectKey: $.consents + delete_revision: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consents~1{consentsId}:deleteRevision/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/fhir_stores_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/consents_revisions/methods/list_revisions insert: [] update: [] - replace: + replace: [] + delete: - $ref: >- - #/components/x-stackQL-resources/fhir_stores_iam_policies/methods/set_iam_policy - delete: [] - fhir_stores: - id: google.healthcare.fhir_stores - name: fhir_stores - title: Fhir_stores + #/components/x-stackQL-resources/consents_revisions/methods/delete_revision + consent_artifacts: + id: google.healthcare.consent_artifacts + name: consent_artifacts + title: Consent_artifacts methods: - deidentify: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:deidentify/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consentArtifacts~1{consentArtifactsId}/get response: mediaType: application/json openAPIDocKey: '200' - bulk-export-group: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1Group~1{GroupId}~1$export/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consentArtifacts~1{consentArtifactsId}/delete response: mediaType: application/json openAPIDocKey: '200' create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consentArtifacts/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1consentStores~1{consentStoresId}~1consentArtifacts/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.fhirStores - get: + objectKey: $.consentArtifacts + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/consent_artifacts/methods/get' + - $ref: '#/components/x-stackQL-resources/consent_artifacts/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/consent_artifacts/methods/create' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/consent_artifacts/methods/delete' + fhir: + id: google.healthcare.fhir + name: fhir + title: Fhir + methods: + binary-read: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1Binary~1{BinaryId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + binary-update: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1Binary~1{BinaryId}/put response: mediaType: application/json openAPIDocKey: '200' - delete: + vread: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}~1{fhirId1}~1_history~1{_historyId}/get response: mediaType: application/json openAPIDocKey: '200' - import: + conditional_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}/delete response: mediaType: application/json openAPIDocKey: '200' - apply_consents: + conditional_update: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:applyConsents/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}/put response: mediaType: application/json openAPIDocKey: '200' - apply_admin_consents: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:applyAdminConsents/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}/post response: mediaType: application/json openAPIDocKey: '200' - explain_data_access: + conditional_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:explainDataAccess/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}/patch response: mediaType: application/json openAPIDocKey: '200' - export: + history: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:export/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}~1{fhirId1}~1_history/get response: mediaType: application/json openAPIDocKey: '200' - rollback: + patient-consent-enforcement-status: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:rollback/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1Patient~1{PatientId}~1$consent-enforcement-status/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/fhir_stores/methods/get' - - $ref: '#/components/x-stackQL-resources/fhir_stores/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/fhir_stores/methods/create' update: - - $ref: '#/components/x-stackQL-resources/fhir_stores/methods/patch' - replace: [] + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}~1{fhirId1}/put + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}~1{fhirId1}/patch + response: + mediaType: application/json + openAPIDocKey: '200' delete: - - $ref: '#/components/x-stackQL-resources/fhir_stores/methods/delete' - fhir_store_metrics: - id: google.healthcare.fhir_store_metrics - name: fhir_store_metrics - title: Fhir_store_metrics - methods: - get_fhirstore_metrics: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:getFHIRStoreMetrics/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}~1{fhirId1}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + read: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}~1{fhirId1}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/fhir_store_metrics/methods/get_fhirstore_metrics - insert: [] - update: [] - replace: [] - delete: [] - fhir: - id: google.healthcare.fhir - name: fhir - title: Fhir - methods: - create: + execute_bundle: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir/post response: mediaType: application/json openAPIDocKey: '200' - conditional_delete: + binary-create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1Binary/post response: mediaType: application/json openAPIDocKey: '200' - conditional_update: + capabilities: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}/put + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1metadata/get response: mediaType: application/json openAPIDocKey: '200' - conditional_patch: + resource-purge: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}~1{fhirId1}~1$purge/delete response: mediaType: application/json openAPIDocKey: '200' - binary-create: + consent-enforcement-status: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1Binary/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1Consent~1{ConsentId}~1$consent-enforcement-status/get response: mediaType: application/json openAPIDocKey: '200' - read: + patient-everything: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}~1{fhirId1}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1Patient~1{PatientId}~1$everything/get response: mediaType: application/json openAPIDocKey: '200' - delete: + resource-validate: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}~1{fhirId1}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}~1$validate/post response: mediaType: application/json openAPIDocKey: '200' - update: + search-type: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}~1{fhirId1}/put + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{resourceType}~1_search/post response: mediaType: application/json openAPIDocKey: '200' - patch: + search: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}~1{fhirId1}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1_search/post response: mediaType: application/json openAPIDocKey: '200' - binary-read: + bulk-export: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1Binary~1{BinaryId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1$export/get response: mediaType: application/json openAPIDocKey: '200' - binary-update: + binary-vread: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1Binary~1{BinaryId}/put + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1Binary~1{BinaryId}~1_history~1{_historyId}/get response: mediaType: application/json openAPIDocKey: '200' - vread: + sqlVerbs: + select: [] + insert: + - $ref: '#/components/x-stackQL-resources/fhir/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/fhir/methods/patch' + replace: + - $ref: '#/components/x-stackQL-resources/fhir/methods/update' + delete: + - $ref: '#/components/x-stackQL-resources/fhir/methods/delete' + fhir_operation_status: + id: google.healthcare.fhir_operation_status + name: fhir_operation_status + title: Fhir_operation_status + methods: + get-fhir-operation-status: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}~1{fhirId1}~1_history~1{_historyId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - binary-vread: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/fhir_operation_status/methods/get-fhir-operation-status + insert: [] + update: [] + replace: [] + delete: [] + fhir_stores: + id: google.healthcare.fhir_stores + name: fhir_stores + title: Fhir_stores + methods: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1Binary~1{BinaryId}~1_history~1{_historyId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores/post response: mediaType: application/json openAPIDocKey: '200' - search: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1_search/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores/get response: mediaType: application/json openAPIDocKey: '200' - search-type: + objectKey: $.fhirStores + bulk-export-group: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{resourceType}~1_search/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1Group~1{GroupId}~1$export/get response: mediaType: application/json openAPIDocKey: '200' - patient-everything: + apply_admin_consents: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1Patient~1{PatientId}~1$everything/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:applyAdminConsents/post response: mediaType: application/json openAPIDocKey: '200' - capabilities: + export: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1metadata/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:export/post response: mediaType: application/json openAPIDocKey: '200' - execute_bundle: + apply_consents: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:applyConsents/post response: mediaType: application/json openAPIDocKey: '200' - history: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}~1{fhirId1}~1_history/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}/get response: mediaType: application/json openAPIDocKey: '200' - resource-purge: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}~1{fhirId1}~1$purge/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}/patch response: mediaType: application/json openAPIDocKey: '200' - bulk-export: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1$export/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}/delete response: mediaType: application/json openAPIDocKey: '200' - resource-validate: + deidentify: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1{fhirId}~1$validate/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:deidentify/post response: mediaType: application/json openAPIDocKey: '200' - consent-enforcement-status: + rollback: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1Consent~1{ConsentId}~1$consent-enforcement-status/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:rollback/post response: mediaType: application/json openAPIDocKey: '200' - patient-consent-enforcement-status: + explain_data_access: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1fhir~1Patient~1{PatientId}~1$consent-enforcement-status/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:explainDataAccess/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: - - $ref: '#/components/x-stackQL-resources/fhir/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/fhir/methods/patch' - replace: - - $ref: '#/components/x-stackQL-resources/fhir/methods/update' - delete: - - $ref: '#/components/x-stackQL-resources/fhir/methods/delete' - fhir_operation_status: - id: google.healthcare.fhir_operation_status - name: fhir_operation_status - title: Fhir_operation_status - methods: - get-fhir-operation-status: + import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:import/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/fhir_operation_status/methods/get-fhir-operation-status - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/fhir_stores/methods/get' + - $ref: '#/components/x-stackQL-resources/fhir_stores/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/fhir_stores/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/fhir_stores/methods/patch' replace: [] - delete: [] - operations: - id: google.healthcare.operations - name: operations - title: Operations + delete: + - $ref: '#/components/x-stackQL-resources/fhir_stores/methods/delete' + fhir_stores_iam_policies: + id: google.healthcare.fhir_stores_iam_policies + name: fhir_stores_iam_policies + title: Fhir_stores_iam_policies methods: - delete-fhir-operation: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - list: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - get: + objectKey: $.bindings + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - cancel: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/fhir_stores_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/fhir_stores_iam_policies/methods/set_iam_policy + delete: [] + fhir_store_metrics: + id: google.healthcare.fhir_store_metrics + name: fhir_store_metrics + title: Fhir_store_metrics + methods: + get_fhirstore_metrics: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1datasets~1{datasetsId}~1fhirStores~1{fhirStoresId}:getFHIRStoreMetrics/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' + - $ref: >- + #/components/x-stackQL-resources/fhir_store_metrics/methods/get_fhirstore_metrics insert: [] update: [] replace: [] @@ -6559,23 +6590,49 @@ components: update: [] replace: [] delete: [] + locations: + id: google.healthcare.locations + name: locations + title: Locations + methods: + get: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.locations + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' + insert: [] + update: [] + replace: [] + delete: [] paths: - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' get: - description: Lists information about the supported locations for this service. - operationId: healthcare.projects.locations.list + description: Gets any metadata associated with a dataset. + operationId: healthcare.projects.locations.datasets.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -6591,35 +6648,29 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/Dataset' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: extraLocationTypes + - in: path + name: datasetsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 - get: - description: Gets information about a location. - operationId: healthcare.projects.locations.get + delete: + description: >- + Deletes the specified health dataset and all data contained in the + dataset. Deleting a dataset does not affect the sources from which the + dataset was imported (if any). + operationId: healthcare.projects.locations.datasets.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -6635,7 +6686,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -6647,19 +6698,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: healthcare.projects.locations.datasets.setIamPolicy + - in: path + name: datasetsId + required: true + schema: + type: string + patch: + description: Updates dataset metadata. + operationId: healthcare.projects.locations.datasets.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/Dataset' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -6675,7 +6726,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Dataset' parameters: - in: path name: projectsId @@ -6692,13 +6743,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:getIamPolicy: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/datasets: parameters: *ref_1 get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: healthcare.projects.locations.datasets.getIamPolicy + description: Lists the health datasets in the current project. + operationId: healthcare.projects.locations.datasets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -6714,7 +6768,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListDatasetsResponse' parameters: - in: path name: projectsId @@ -6726,31 +6780,27 @@ paths: required: true schema: type: string - - in: path - name: datasetsId - required: true - schema: - type: string - in: query - name: options.requestedPolicyVersion + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:testIamPermissions: - parameters: *ref_1 + - in: query + name: pageToken + schema: + type: string post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: healthcare.projects.locations.datasets.testIamPermissions + Creates a new health dataset. Results are returned through the Operation + interface which returns either an `Operation.response` which contains a + Dataset or `Operation.error`. The metadata field type is + OperationMetadata. + operationId: healthcare.projects.locations.datasets.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/Dataset' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -6766,7 +6816,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6778,25 +6828,17 @@ paths: required: true schema: type: string - - in: path - name: datasetsId - required: true + - in: query + name: datasetId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:getIamPolicy: parameters: *ref_1 - post: + get: description: >- - Creates a new health dataset. Results are returned through the Operation - interface which returns either an `Operation.response` which contains a - Dataset or `Operation.error`. The metadata field type is - OperationMetadata. - operationId: healthcare.projects.locations.datasets.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Dataset' + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: healthcare.projects.locations.datasets.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -6812,7 +6854,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6824,13 +6866,35 @@ paths: required: true schema: type: string - - in: query - name: datasetId + - in: path + name: datasetsId + required: true schema: type: string - get: - description: Lists the health datasets in the current project. - operationId: healthcare.projects.locations.datasets.list + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:deidentify: + parameters: *ref_1 + post: + description: >- + Creates a new dataset containing de-identified data from the source + dataset. The metadata field type is OperationMetadata. If the request is + successful, the response field type is DeidentifySummary. If errors + occur, error is set. The LRO result may still be successful if + de-identification fails for some DICOM instances. The new de-identified + dataset will not contain these failed resources. Failed resource totals + are tracked in Operation.metadata. Error details are also logged to + Cloud Logging. For more information, see [Viewing error logs in Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging). + operationId: healthcare.projects.locations.datasets.deidentify + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DeidentifyDatasetRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -6846,7 +6910,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDatasetsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6858,23 +6922,24 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: datasetsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:setIamPolicy: parameters: *ref_1 - delete: + post: description: >- - Deletes the specified health dataset and all data contained in the - dataset. Deleting a dataset does not affect the sources from which the - dataset was imported (if any). - operationId: healthcare.projects.locations.datasets.delete + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: healthcare.projects.locations.datasets.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -6890,7 +6955,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6907,9 +6972,21 @@ paths: required: true schema: type: string - get: - description: Gets any metadata associated with a dataset. - operationId: healthcare.projects.locations.datasets.get + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: healthcare.projects.locations.datasets.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -6925,7 +7002,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Dataset' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -6942,14 +7019,22 @@ paths: required: true schema: type: string - patch: - description: Updates dataset metadata. - operationId: healthcare.projects.locations.datasets.patch + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataMapperWorkspaces/{dataMapperWorkspacesId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: >- + healthcare.projects.locations.datasets.dataMapperWorkspaces.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/Dataset' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -6965,7 +7050,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Dataset' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -6982,30 +7067,18 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: dataMapperWorkspacesId + required: true schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}:deidentify: - parameters: *ref_1 - post: - description: >- - Creates a new dataset containing de-identified data from the source - dataset. The metadata field type is OperationMetadata. If the request is - successful, the response field type is DeidentifySummary. If errors - occur, error is set. The LRO result may still be successful if - de-identification fails for some DICOM instances. The new de-identified - dataset will not contain these failed resources. Failed resource totals - are tracked in Operation.metadata. Error details are also logged to - Cloud Logging. For more information, see [Viewing error logs in Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging). - operationId: healthcare.projects.locations.datasets.deidentify - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DeidentifyDatasetRequest' + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataMapperWorkspaces/{dataMapperWorkspacesId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: healthcare.projects.locations.datasets.dataMapperWorkspaces.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7021,7 +7094,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7038,14 +7111,24 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}:setIamPolicy: + - in: path + name: dataMapperWorkspacesId + required: true + schema: + type: string + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataMapperWorkspaces/{dataMapperWorkspacesId}:setIamPolicy: parameters: *ref_1 post: description: >- Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. - operationId: healthcare.projects.locations.datasets.consentStores.setIamPolicy + operationId: healthcare.projects.locations.datasets.dataMapperWorkspaces.setIamPolicy requestBody: content: application/json: @@ -7084,17 +7167,15 @@ paths: schema: type: string - in: path - name: consentStoresId + name: dataMapperWorkspacesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}/messages/{messagesId}: parameters: *ref_1 get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: healthcare.projects.locations.datasets.consentStores.getIamPolicy + description: Gets an HL7v2 message. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.messages.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7110,7 +7191,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Message' parameters: - in: path name: projectsId @@ -7128,30 +7209,22 @@ paths: schema: type: string - in: path - name: consentStoresId + name: hl7V2StoresId + required: true + schema: + type: string + - in: path + name: messagesId required: true schema: type: string - in: query - name: options.requestedPolicyVersion + name: view schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: healthcare.projects.locations.datasets.consentStores.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + type: string + delete: + description: Deletes an HL7v2 message. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.messages.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7167,7 +7240,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -7185,23 +7258,28 @@ paths: schema: type: string - in: path - name: consentStoresId + name: hl7V2StoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores: - parameters: *ref_1 - post: + - in: path + name: messagesId + required: true + schema: + type: string + patch: description: >- - Creates a new consent store in the parent dataset. Attempting to create - a consent store with the same ID as an existing store fails with an - ALREADY_EXISTS error. - operationId: healthcare.projects.locations.datasets.consentStores.create + Update the message. The contents of the message in Message.data and data + extracted from the contents such as Message.create_time cannot be + altered. Only the Message.labels field is allowed to be updated. The + labels in the request are merged with the existing set of labels. + Existing labels with the same keys are updated. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.messages.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/ConsentStore' + $ref: '#/components/schemas/Message' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7217,7 +7295,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ConsentStore' + $ref: '#/components/schemas/Message' parameters: - in: path name: projectsId @@ -7234,63 +7312,36 @@ paths: required: true schema: type: string - - in: query - name: consentStoreId - schema: - type: string - get: - description: Lists the consent stores in the specified dataset. - operationId: healthcare.projects.locations.datasets.consentStores.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-healthcare - Oauth2c: - - https://www.googleapis.com/auth/cloud-healthcare - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListConsentStoresResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - in: path - name: locationsId + name: hl7V2StoresId required: true schema: type: string - in: path - name: datasetsId + name: messagesId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}/messages: parameters: *ref_1 - get: - description: Gets the specified consent store. - operationId: healthcare.projects.locations.datasets.consentStores.get + post: + description: >- + Parses and stores an HL7v2 message. This method triggers an asynchronous + notification to any Pub/Sub topic configured in + Hl7V2Store.Hl7V2NotificationConfig, if the filtering matches the + message. If an MLLP adapter is configured to listen to a Pub/Sub topic, + the adapter transmits the message when a notification is received. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.messages.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CreateMessageRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7306,7 +7357,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ConsentStore' + $ref: '#/components/schemas/Message' parameters: - in: path name: projectsId @@ -7324,15 +7375,17 @@ paths: schema: type: string - in: path - name: consentStoresId + name: hl7V2StoresId required: true schema: type: string - delete: + get: description: >- - Deletes the specified consent store and removes all the consent store's - data. - operationId: healthcare.projects.locations.datasets.consentStores.delete + Lists all the messages in the given HL7v2 store with support for + filtering. Note: HL7v2 messages are indexed asynchronously, so there + might be a slight delay between the time a message is created and when + it can be found through a filter. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.messages.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7348,7 +7401,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListMessagesResponse' parameters: - in: path name: projectsId @@ -7366,18 +7419,51 @@ paths: schema: type: string - in: path - name: consentStoresId + name: hl7V2StoresId required: true schema: type: string - patch: - description: Updates the specified consent store. - operationId: healthcare.projects.locations.datasets.consentStores.patch + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: view + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}/messages:ingest: + parameters: *ref_1 + post: + description: >- + Parses and stores an HL7v2 message. This method triggers an asynchronous + notification to any Pub/Sub topic configured in + Hl7V2Store.Hl7V2NotificationConfig, if the filtering matches the + message. If an MLLP adapter is configured to listen to a Pub/Sub topic, + the adapter transmits the message when a notification is received. If + the method is successful, it generates a response containing an HL7v2 + acknowledgment (`ACK`) message. If the method encounters an error, it + returns a negative acknowledgment (`NACK`) message. This behavior is + suitable for replying to HL7v2 interface systems that expect these + acknowledgments. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.messages.ingest requestBody: content: application/json: schema: - $ref: '#/components/schemas/ConsentStore' + $ref: '#/components/schemas/IngestMessageRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7393,7 +7479,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ConsentStore' + $ref: '#/components/schemas/IngestMessageResponse' parameters: - in: path name: projectsId @@ -7411,27 +7497,46 @@ paths: schema: type: string - in: path - name: consentStoresId + name: hl7V2StoresId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}:checkDataAccess: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}:import: parameters: *ref_1 post: description: >- - Checks if a particular data_id of a User data mapping in the specified - consent store is consented for the specified use. - operationId: healthcare.projects.locations.datasets.consentStores.checkDataAccess + Import messages to the HL7v2 store by loading data from the specified + sources. This method is optimized to load large quantities of data using + import semantics that ignore some HL7v2 store configuration options and + are not suitable for all use cases. It is primarily intended to load + data into an empty HL7v2 store that is not being used by other clients. + An existing message will be overwritten if a duplicate message is + imported. A duplicate message is a message with the same raw bytes as a + message that already exists in this HL7v2 store. When a message is + overwritten, its labels will also be overwritten. The import operation + is idempotent unless the input data contains multiple valid messages + with the same raw bytes but different labels. In that case, after the + import completes, the store contains exactly one message with those raw + bytes but there is no ordering guarantee on which version of the labels + it has. The operation result counters do not count duplicated raw bytes + as an error and count one success for each message in the input, which + might result in a success count larger than the number of messages in + the HL7v2 store. If some messages fail to import, for example due to + parsing errors, successfully imported messages are not rolled back. This + method returns an Operation that can be used to track the status of the + import by calling GetOperation. Immediate fatal errors appear in the + error field, errors are also logged to Cloud Logging (see [Viewing error + logs in Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). + Otherwise, when the operation finishes, a response of type + ImportMessagesResponse is returned in the response field. The metadata + field type for this operation is OperationMetadata. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.import requestBody: content: application/json: schema: - $ref: '#/components/schemas/CheckDataAccessRequest' + $ref: '#/components/schemas/ImportMessagesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7447,7 +7552,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CheckDataAccessResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7465,48 +7570,23 @@ paths: schema: type: string - in: path - name: consentStoresId + name: hl7V2StoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}:queryAccessibleData: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}:setIamPolicy: parameters: *ref_1 post: description: >- - Queries all data_ids that are consented for a specified use in the given - consent store and writes them to a specified destination. The returned - Operation includes a progress counter for the number of User data - mappings processed. If the request is successful, a detailed response is - returned of type QueryAccessibleDataResponse, contained in the response - field when the operation finishes. The metadata field type is - OperationMetadata. Errors are logged to Cloud Logging (see [Viewing - error logs in Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). For - example, the following sample log entry shows a `failed to evaluate - consent policy` error that occurred during a QueryAccessibleData call to - consent store - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}`. - ```json jsonPayload: { @type: - "type.googleapis.com/google.cloud.healthcare.logging.QueryAccessibleDataLogEntry" - error: { code: 9 message: "failed to evaluate consent policy" } - resourceName: - "projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consents/{consent_id}" - } logName: - "projects/{project_id}/logs/healthcare.googleapis.com%2Fquery_accessible_data" - operation: { id: - "projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/operations/{operation_id}" - producer: "healthcare.googleapis.com/QueryAccessibleData" } - receiveTimestamp: "TIMESTAMP" resource: { labels: { consent_store_id: - "{consent_store_id}" dataset_id: "{dataset_id}" location: - "{location_id}" project_id: "{project_id}" } type: - "healthcare_consent_store" } severity: "ERROR" timestamp: "TIMESTAMP" - ``` - operationId: healthcare.projects.locations.datasets.consentStores.queryAccessibleData + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/QueryAccessibleDataRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7522,7 +7602,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7540,25 +7620,29 @@ paths: schema: type: string - in: path - name: consentStoresId + name: hl7V2StoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}:evaluateUserConsents: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}:rollback: parameters: *ref_1 post: description: >- - Evaluates the user's Consents for all matching User data mappings. Note: - User data mappings are indexed asynchronously, which can cause a slight - delay between the time mappings are created or updated and when they are - included in EvaluateUserConsents results. - operationId: >- - healthcare.projects.locations.datasets.consentStores.evaluateUserConsents + Rolls back messages from the HL7v2 store to the specified time. This + method returns an Operation that can be used to track the status of the + rollback by calling GetOperation. Immediate fatal errors appear in the + error field, errors are also logged to Cloud Logging (see [Viewing error + logs in Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). + Otherwise, when the operation finishes, a detailed response of type + RollbackHl7V2MessagesResponse is returned in the response field. The + metadata field type for this operation is OperationMetadata. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.rollback requestBody: content: application/json: schema: - $ref: '#/components/schemas/EvaluateUserConsentsRequest' + $ref: '#/components/schemas/RollbackHl7V2MessagesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7574,7 +7658,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EvaluateUserConsentsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7592,21 +7676,15 @@ paths: schema: type: string - in: path - name: consentStoresId + name: hl7V2StoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/attributeDefinitions: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}: parameters: *ref_1 - post: - description: Creates a new Attribute definition in the parent consent store. - operationId: >- - healthcare.projects.locations.datasets.consentStores.attributeDefinitions.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AttributeDefinition' + get: + description: Gets the specified HL7v2 store. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7622,7 +7700,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AttributeDefinition' + $ref: '#/components/schemas/Hl7V2Store' parameters: - in: path name: projectsId @@ -7640,18 +7718,18 @@ paths: schema: type: string - in: path - name: consentStoresId + name: hl7V2StoresId required: true schema: type: string - - in: query - name: attributeDefinitionId - schema: - type: string - get: - description: Lists the Attribute definitions in the specified consent store. - operationId: >- - healthcare.projects.locations.datasets.consentStores.attributeDefinitions.list + patch: + description: Updates the HL7v2 store. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Hl7V2Store' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7667,7 +7745,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAttributeDefinitionsResponse' + $ref: '#/components/schemas/Hl7V2Store' parameters: - in: path name: projectsId @@ -7685,29 +7763,20 @@ paths: schema: type: string - in: path - name: consentStoresId + name: hl7V2StoresId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/attributeDefinitions/{attributeDefinitionsId}: - parameters: *ref_1 - get: - description: Gets the specified Attribute definition. - operationId: >- - healthcare.projects.locations.datasets.consentStores.attributeDefinitions.get + format: google-fieldmask + delete: + description: >- + Deletes the specified HL7v2 store and removes all messages that it + contains. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7723,7 +7792,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AttributeDefinition' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -7741,22 +7810,15 @@ paths: schema: type: string - in: path - name: consentStoresId - required: true - schema: - type: string - - in: path - name: attributeDefinitionsId + name: hl7V2StoresId required: true schema: type: string - delete: - description: >- - Deletes the specified Attribute definition. Fails if the Attribute - definition is referenced by any User data mapping, or the latest - revision of any Consent. - operationId: >- - healthcare.projects.locations.datasets.consentStores.attributeDefinitions.delete + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}:getHL7v2StoreMetrics: + parameters: *ref_1 + get: + description: Gets metrics associated with the HL7v2 store. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.getHL7v2StoreMetrics security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7772,7 +7834,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Hl7V2StoreMetrics' parameters: - in: path name: projectsId @@ -7790,24 +7852,28 @@ paths: schema: type: string - in: path - name: consentStoresId - required: true - schema: - type: string - - in: path - name: attributeDefinitionsId + name: hl7V2StoresId required: true schema: type: string - patch: - description: Updates the specified Attribute definition. - operationId: >- - healthcare.projects.locations.datasets.consentStores.attributeDefinitions.patch + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}:export: + parameters: *ref_1 + post: + description: >- + Exports the messages to a destination. To filter messages to be + exported, define a filter using the start and end time, relative to the + message generation time (MSH.7). This API returns an Operation that can + be used to track the status of the job by calling GetOperation. + Immediate fatal errors appear in the error field. Otherwise, when the + operation finishes, a detailed response of type ExportMessagesResponse + is returned in the response field. The metadata field type for this + operation is OperationMetadata. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.export requestBody: content: application/json: schema: - $ref: '#/components/schemas/AttributeDefinition' + $ref: '#/components/schemas/ExportMessagesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7823,7 +7889,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AttributeDefinition' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7841,31 +7907,17 @@ paths: schema: type: string - in: path - name: consentStoresId - required: true - schema: - type: string - - in: path - name: attributeDefinitionsId + name: hl7V2StoresId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consentArtifacts: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}:getIamPolicy: parameters: *ref_1 - post: - description: Creates a new Consent artifact in the parent consent store. - operationId: >- - healthcare.projects.locations.datasets.consentStores.consentArtifacts.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ConsentArtifact' + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7881,7 +7933,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ConsentArtifact' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7899,14 +7951,25 @@ paths: schema: type: string - in: path - name: consentStoresId + name: hl7V2StoresId required: true schema: type: string - get: - description: Lists the Consent artifacts in the specified consent store. - operationId: >- - healthcare.projects.locations.datasets.consentStores.consentArtifacts.list + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores: + parameters: *ref_1 + post: + description: Creates a new HL7v2 store within the parent dataset. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Hl7V2Store' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7922,7 +7985,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListConsentArtifactsResponse' + $ref: '#/components/schemas/Hl7V2Store' parameters: - in: path name: projectsId @@ -7939,30 +8002,13 @@ paths: required: true schema: type: string - - in: path - name: consentStoresId - required: true - schema: - type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: hl7V2StoreId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consentArtifacts/{consentArtifactsId}: - parameters: *ref_1 get: - description: Gets the specified Consent artifact. - operationId: >- - healthcare.projects.locations.datasets.consentStores.consentArtifacts.get + description: Lists the HL7v2 stores in the given dataset. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -7978,7 +8024,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ConsentArtifact' + $ref: '#/components/schemas/ListHl7V2StoresResponse' parameters: - in: path name: projectsId @@ -7995,22 +8041,34 @@ paths: required: true schema: type: string - - in: path - name: consentStoresId - required: true + - in: query + name: filter schema: type: string - - in: path - name: consentArtifactsId - required: true + - in: query + name: pageToken schema: type: string - delete: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}:testIamPermissions: + parameters: *ref_1 + post: description: >- - Deletes the specified Consent artifact. Fails if the artifact is - referenced by the latest revision of any Consent. - operationId: >- - healthcare.projects.locations.datasets.consentStores.consentArtifacts.delete + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: healthcare.projects.locations.datasets.hl7V2Stores.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8026,7 +8084,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -8044,25 +8102,18 @@ paths: schema: type: string - in: path - name: consentStoresId - required: true - schema: - type: string - - in: path - name: consentArtifactsId + name: hl7V2StoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consents: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Creates a new Consent in the parent consent store. - operationId: healthcare.projects.locations.datasets.consentStores.consents.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Consent' + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: healthcare.projects.locations.datasets.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8078,7 +8129,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Consent' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -8096,15 +8147,17 @@ paths: schema: type: string - in: path - name: consentStoresId + name: operationsId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/operations: + parameters: *ref_1 get: description: >- - Lists the Consent in the given consent store, returning each Consent's - latest revision. - operationId: healthcare.projects.locations.datasets.consentStores.consents.list + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: healthcare.projects.locations.datasets.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8120,7 +8173,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListConsentsResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -8137,31 +8190,42 @@ paths: required: true schema: type: string - - in: path - name: consentStoresId - required: true + - in: query + name: filter schema: type: string - in: query - name: pageSize + name: returnPartialSuccess schema: - type: integer - format: int32 + type: boolean - in: query name: pageToken schema: type: string - in: query - name: filter + name: pageSize schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consents/{consentsId}: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Gets the specified revision of a Consent, or the latest revision if - `revision_id` is not specified in the resource name. - operationId: healthcare.projects.locations.datasets.consentStores.consents.get + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: healthcare.projects.locations.datasets.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8177,7 +8241,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Consent' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -8195,22 +8259,23 @@ paths: schema: type: string - in: path - name: consentStoresId - required: true - schema: - type: string - - in: path - name: consentsId + name: operationsId required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/instances: + parameters: *ref_1 + get: description: >- - Deletes the Consent and its revisions. To keep a record of the Consent - but mark it inactive, see [RevokeConsent]. To delete a revision of a - Consent, see [DeleteConsentRevision]. This operation does not delete the - related Consent artifact. - operationId: healthcare.projects.locations.datasets.consentStores.consents.delete + SearchForInstances returns a list of matching instances. See [Search + Transaction] + (https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.6). + For details on the implementation of SearchForInstances, see [Search + transaction](https://cloud.google.com/healthcare/docs/dicom#search_transaction) + in the Cloud Healthcare API conformance statement. For samples that show + how to call SearchForInstances, see [Search for DICOM + data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#search-dicom). + operationId: healthcare.projects.locations.datasets.dicomStores.searchForInstances security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8226,7 +8291,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -8244,27 +8309,30 @@ paths: schema: type: string - in: path - name: consentStoresId - required: true - schema: - type: string - - in: path - name: consentsId + name: dicomStoresId required: true schema: type: string - patch: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}:deidentify: + parameters: *ref_1 + post: description: >- - Updates the latest revision of the specified Consent by committing a new - revision with the changes. A FAILED_PRECONDITION error occurs if the - latest revision of the specified Consent is in the `REJECTED` or - `REVOKED` state. - operationId: healthcare.projects.locations.datasets.consentStores.consents.patch + De-identifies data from the source store and writes it to the + destination store. The metadata field type is OperationMetadata. If the + request is successful, the response field type is + DeidentifyDicomStoreSummary. If errors occur, error is set. The LRO + result may still be successful if de-identification fails for some DICOM + instances. The output DICOM store will not contain these failed + resources. Failed resource totals are tracked in Operation.metadata. + Error details are also logged to Cloud Logging (see [Viewing error logs + in Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). + operationId: healthcare.projects.locations.datasets.dicomStores.deidentify requestBody: content: application/json: schema: - $ref: '#/components/schemas/Consent' + $ref: '#/components/schemas/DeidentifyDicomStoreRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8280,7 +8348,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Consent' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -8298,28 +8366,15 @@ paths: schema: type: string - in: path - name: consentStoresId - required: true - schema: - type: string - - in: path - name: consentsId + name: dicomStoresId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consents/{consentsId}:deleteRevision: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores: parameters: *ref_1 - delete: - description: >- - Deletes the specified revision of a Consent. An INVALID_ARGUMENT error - occurs if the specified revision is the latest revision. - operationId: >- - healthcare.projects.locations.datasets.consentStores.consents.deleteRevision + get: + description: Lists the DICOM stores in the given dataset. + operationId: healthcare.projects.locations.datasets.dicomStores.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8335,7 +8390,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListDicomStoresResponse' parameters: - in: path name: projectsId @@ -8352,31 +8407,27 @@ paths: required: true schema: type: string - - in: path - name: consentStoresId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: consentsId - required: true + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consents/{consentsId}:activate: - parameters: *ref_1 + - in: query + name: pageSize + schema: + type: integer + format: int32 post: - description: >- - Activates the latest revision of the specified Consent by committing a - new revision with `state` updated to `ACTIVE`. If the latest revision of - the specified Consent is in the `ACTIVE` state, no new revision is - committed. A FAILED_PRECONDITION error occurs if the latest revision of - the specified Consent is in the `REJECTED` or `REVOKED` state. - operationId: healthcare.projects.locations.datasets.consentStores.consents.activate + description: Creates a new DICOM store within the parent dataset. + operationId: healthcare.projects.locations.datasets.dicomStores.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/ActivateConsentRequest' + $ref: '#/components/schemas/DicomStore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8392,7 +8443,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Consent' + $ref: '#/components/schemas/DicomStore' parameters: - in: path name: projectsId @@ -8409,31 +8460,15 @@ paths: required: true schema: type: string - - in: path - name: consentStoresId - required: true - schema: - type: string - - in: path - name: consentsId - required: true + - in: query + name: dicomStoreId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consents/{consentsId}:reject: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}: parameters: *ref_1 - post: - description: >- - Rejects the latest revision of the specified Consent by committing a new - revision with `state` updated to `REJECTED`. If the latest revision of - the specified Consent is in the `REJECTED` state, no new revision is - committed. A FAILED_PRECONDITION error occurs if the latest revision of - the specified Consent is in the `ACTIVE` or `REVOKED` state. - operationId: healthcare.projects.locations.datasets.consentStores.consents.reject - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RejectConsentRequest' + get: + description: Gets the specified DICOM store. + operationId: healthcare.projects.locations.datasets.dicomStores.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8449,7 +8484,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Consent' + $ref: '#/components/schemas/DicomStore' parameters: - in: path name: projectsId @@ -8467,23 +8502,18 @@ paths: schema: type: string - in: path - name: consentStoresId - required: true - schema: - type: string - - in: path - name: consentsId + name: dicomStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consents/{consentsId}:listRevisions: - parameters: *ref_1 - get: - description: >- - Lists the revisions of the specified Consent in reverse chronological - order. - operationId: >- - healthcare.projects.locations.datasets.consentStores.consents.listRevisions + patch: + description: Updates the specified DICOM store. + operationId: healthcare.projects.locations.datasets.dicomStores.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DicomStore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8499,7 +8529,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListConsentRevisionsResponse' + $ref: '#/components/schemas/DicomStore' parameters: - in: path name: projectsId @@ -8517,43 +8547,20 @@ paths: schema: type: string - in: path - name: consentStoresId - required: true - schema: - type: string - - in: path - name: consentsId + name: dicomStoresId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consents/{consentsId}:revoke: - parameters: *ref_1 - post: + format: google-fieldmask + delete: description: >- - Revokes the latest revision of the specified Consent by committing a new - revision with `state` updated to `REVOKED`. If the latest revision of - the specified Consent is in the `REVOKED` state, no new revision is - committed. A FAILED_PRECONDITION error occurs if the latest revision of - the given consent is in `DRAFT` or `REJECTED` state. - operationId: healthcare.projects.locations.datasets.consentStores.consents.revoke - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RevokeConsentRequest' + Deletes the specified DICOM store and removes all images that are + contained within it. + operationId: healthcare.projects.locations.datasets.dicomStores.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8569,7 +8576,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Consent' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -8587,26 +8594,17 @@ paths: schema: type: string - in: path - name: consentStoresId - required: true - schema: - type: string - - in: path - name: consentsId + name: dicomStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/userDataMappings: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}:getIamPolicy: parameters: *ref_1 - post: - description: Creates a new User data mapping in the parent consent store. - operationId: >- - healthcare.projects.locations.datasets.consentStores.userDataMappings.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserDataMapping' + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: healthcare.projects.locations.datasets.dicomStores.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8622,7 +8620,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UserDataMapping' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -8640,14 +8638,28 @@ paths: schema: type: string - in: path - name: consentStoresId + name: dicomStoresId required: true schema: type: string - get: - description: Lists the User data mappings in the specified consent store. - operationId: >- - healthcare.projects.locations.datasets.consentStores.userDataMappings.list + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: healthcare.projects.locations.datasets.dicomStores.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8663,7 +8675,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListUserDataMappingsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -8681,29 +8693,28 @@ paths: schema: type: string - in: path - name: consentStoresId + name: dicomStoresId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/userDataMappings/{userDataMappingsId}: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies: parameters: *ref_1 - get: - description: Gets the specified User data mapping. - operationId: >- - healthcare.projects.locations.datasets.consentStores.userDataMappings.get + post: + description: >- + StoreInstances stores DICOM instances associated with study instance + unique identifiers (SUID). See [Store Transaction] + (https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.5). + For details on the implementation of StoreInstances, see [Store + transaction](https://cloud.google.com/healthcare/docs/dicom#store_transaction) + in the Cloud Healthcare API conformance statement. For samples that show + how to call StoreInstances, see [Store DICOM + data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#store-dicom). + operationId: healthcare.projects.locations.datasets.dicomStores.storeInstances + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/HttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8719,7 +8730,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UserDataMapping' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -8737,19 +8748,21 @@ paths: schema: type: string - in: path - name: consentStoresId - required: true - schema: - type: string - - in: path - name: userDataMappingsId + name: dicomStoresId required: true schema: type: string - delete: - description: Deletes the specified User data mapping. - operationId: >- - healthcare.projects.locations.datasets.consentStores.userDataMappings.delete + get: + description: >- + SearchForStudies returns a list of matching studies. See [Search + Transaction] + (https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.6). + For details on the implementation of SearchForStudies, see [Search + transaction](https://cloud.google.com/healthcare/docs/dicom#search_transaction) + in the Cloud Healthcare API conformance statement. For samples that show + how to call SearchForStudies, see [Search for DICOM + data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#search-dicom). + operationId: healthcare.projects.locations.datasets.dicomStores.searchForStudies security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8765,7 +8778,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -8783,24 +8796,25 @@ paths: schema: type: string - in: path - name: consentStoresId - required: true - schema: - type: string - - in: path - name: userDataMappingsId + name: dicomStoresId required: true schema: type: string - patch: - description: Updates the specified User data mapping. - operationId: >- - healthcare.projects.locations.datasets.consentStores.userDataMappings.patch + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}:import: + parameters: *ref_1 + post: + description: >- + Imports data into the DICOM store by copying it from the specified + source. Errors are logged to Cloud Logging. For more information, see + [Viewing error logs in Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging). The + metadata field type is OperationMetadata. + operationId: healthcare.projects.locations.datasets.dicomStores.import requestBody: content: application/json: schema: - $ref: '#/components/schemas/UserDataMapping' + $ref: '#/components/schemas/ImportDicomDataRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8816,7 +8830,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UserDataMapping' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -8834,31 +8848,25 @@ paths: schema: type: string - in: path - name: consentStoresId - required: true - schema: - type: string - - in: path - name: userDataMappingsId + name: dicomStoresId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/userDataMappings/{userDataMappingsId}:archive: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}:testIamPermissions: parameters: *ref_1 post: - description: Archives the specified User data mapping. - operationId: >- - healthcare.projects.locations.datasets.consentStores.userDataMappings.archive + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: healthcare.projects.locations.datasets.dicomStores.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/ArchiveUserDataMappingRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8874,7 +8882,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ArchiveUserDataMappingResponse' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -8892,28 +8900,15 @@ paths: schema: type: string - in: path - name: consentStoresId - required: true - schema: - type: string - - in: path - name: userDataMappingsId + name: dicomStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataMapperWorkspaces/{dataMapperWorkspacesId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}:getDICOMStoreMetrics: parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: healthcare.projects.locations.datasets.dataMapperWorkspaces.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + get: + description: Gets metrics associated with the DICOM store. + operationId: healthcare.projects.locations.datasets.dicomStores.getDICOMStoreMetrics security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8929,7 +8924,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/DicomStoreMetrics' parameters: - in: path name: projectsId @@ -8947,17 +8942,23 @@ paths: schema: type: string - in: path - name: dataMapperWorkspacesId + name: dicomStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataMapperWorkspaces/{dataMapperWorkspacesId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/series: parameters: *ref_1 get: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: healthcare.projects.locations.datasets.dataMapperWorkspaces.getIamPolicy + SearchForSeries returns a list of matching series. See [Search + Transaction] + (https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.6). + For details on the implementation of SearchForSeries, see [Search + transaction](https://cloud.google.com/healthcare/docs/dicom#search_transaction) + in the Cloud Healthcare API conformance statement. For samples that show + how to call SearchForSeries, see [Search for DICOM + data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#search-dicom). + operationId: healthcare.projects.locations.datasets.dicomStores.searchForSeries security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -8973,7 +8974,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -8991,31 +8992,25 @@ paths: schema: type: string - in: path - name: dataMapperWorkspacesId + name: dicomStoresId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dataMapperWorkspaces/{dataMapperWorkspacesId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}:export: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: >- - healthcare.projects.locations.datasets.dataMapperWorkspaces.testIamPermissions + Exports data to the specified destination by copying it from the DICOM + store. Errors are also logged to Cloud Logging. For more information, + see [Viewing error logs in Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging). The + metadata field type is OperationMetadata. + operationId: healthcare.projects.locations.datasets.dicomStores.export requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/ExportDicomDataRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9031,7 +9026,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9049,23 +9044,23 @@ paths: schema: type: string - in: path - name: dataMapperWorkspacesId + name: dicomStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}:setBlobStorageSettings: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: healthcare.projects.locations.datasets.dicomStores.setIamPolicy + SetBlobStorageSettings sets the blob storage settings of the specified + resources. + operationId: >- + healthcare.projects.locations.datasets.dicomStores.setBlobStorageSettings requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/SetBlobStorageSettingsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9081,7 +9076,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9103,13 +9098,25 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}: parameters: *ref_1 - get: + post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: healthcare.projects.locations.datasets.dicomStores.getIamPolicy + StoreInstances stores DICOM instances associated with study instance + unique identifiers (SUID). See [Store Transaction] + (https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.5). + For details on the implementation of StoreInstances, see [Store + transaction](https://cloud.google.com/healthcare/docs/dicom#store_transaction) + in the Cloud Healthcare API conformance statement. For samples that show + how to call StoreInstances, see [Store DICOM + data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#store-dicom). + operationId: >- + healthcare.projects.locations.datasets.dicomStores.studies.storeInstances + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/HttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9125,7 +9132,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -9147,26 +9154,22 @@ paths: required: true schema: type: string - - in: query - name: options.requestedPolicyVersion + - in: path + name: studiesId + required: true schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}:testIamPermissions: - parameters: *ref_1 - post: + type: string + get: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: healthcare.projects.locations.datasets.dicomStores.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + RetrieveStudy returns all instances within the given study. See + [RetrieveTransaction] + (https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). + For details on the implementation of RetrieveStudy, see [DICOM + study/series/instances](https://cloud.google.com/healthcare/docs/dicom#dicom_studyseriesinstances) + in the Cloud Healthcare API conformance statement. For samples that show + how to call RetrieveStudy, see [Retrieve DICOM + data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-dicom). + operationId: healthcare.projects.locations.datasets.dicomStores.studies.retrieveStudy security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9182,7 +9185,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -9204,26 +9207,22 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}:deidentify: - parameters: *ref_1 - post: + - in: path + name: studiesId + required: true + schema: + type: string + delete: description: >- - De-identifies data from the source store and writes it to the - destination store. The metadata field type is OperationMetadata. If the - request is successful, the response field type is - DeidentifyDicomStoreSummary. If errors occur, error is set. The LRO - result may still be successful if de-identification fails for some DICOM - instances. The output DICOM store will not contain these failed - resources. Failed resource totals are tracked in Operation.metadata. - Error details are also logged to Cloud Logging (see [Viewing error logs - in Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). - operationId: healthcare.projects.locations.datasets.dicomStores.deidentify - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DeidentifyDicomStoreRequest' + DeleteStudy deletes all instances within the given study. Delete + requests are equivalent to the GET requests specified in the Retrieve + transaction. The method returns an Operation which will be marked + successful when the deletion is complete. Warning: Instances cannot be + inserted into a study that is being deleted by an operation until the + operation completes. For samples that show how to call DeleteStudy, see + [Delete a study, series, or + instance](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#delete-dicom). + operationId: healthcare.projects.locations.datasets.dicomStores.studies.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9261,19 +9260,25 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}:setBlobStorageSettings: + - in: path + name: studiesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/instances: parameters: *ref_1 - post: + get: description: >- - SetBlobStorageSettings sets the blob storage settings of the specified - resources. + SearchForInstances returns a list of matching instances. See [Search + Transaction] + (https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.6). + For details on the implementation of SearchForInstances, see [Search + transaction](https://cloud.google.com/healthcare/docs/dicom#search_transaction) + in the Cloud Healthcare API conformance statement. For samples that show + how to call SearchForInstances, see [Search for DICOM + data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#search-dicom). operationId: >- - healthcare.projects.locations.datasets.dicomStores.setBlobStorageSettings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetBlobStorageSettingsRequest' + healthcare.projects.locations.datasets.dicomStores.studies.searchForInstances security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9289,7 +9294,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -9311,16 +9316,25 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores: + - in: path + name: studiesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series: parameters: *ref_1 - post: - description: Creates a new DICOM store within the parent dataset. - operationId: healthcare.projects.locations.datasets.dicomStores.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DicomStore' + get: + description: >- + SearchForSeries returns a list of matching series. See [Search + Transaction] + (https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.6). + For details on the implementation of SearchForSeries, see [Search + transaction](https://cloud.google.com/healthcare/docs/dicom#search_transaction) + in the Cloud Healthcare API conformance statement. For samples that show + how to call SearchForSeries, see [Search for DICOM + data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#search-dicom). + operationId: >- + healthcare.projects.locations.datasets.dicomStores.studies.searchForSeries security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9336,7 +9350,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DicomStore' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -9353,13 +9367,31 @@ paths: required: true schema: type: string - - in: query - name: dicomStoreId + - in: path + name: dicomStoresId + required: true + schema: + type: string + - in: path + name: studiesId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/metadata: + parameters: *ref_1 get: - description: Lists the DICOM stores in the given dataset. - operationId: healthcare.projects.locations.datasets.dicomStores.list + description: >- + RetrieveStudyMetadata returns instance associated with the given study + presented as metadata. See [RetrieveTransaction] + (https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). + For details on the implementation of RetrieveStudyMetadata, see + [Metadata + resources](https://cloud.google.com/healthcare/docs/dicom#metadata_resources) + in the Cloud Healthcare API conformance statement. For samples that show + how to call RetrieveStudyMetadata, see [Retrieve + metadata](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-metadata). + operationId: >- + healthcare.projects.locations.datasets.dicomStores.studies.retrieveMetadata security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9375,7 +9407,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDicomStoresResponse' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -9392,24 +9424,30 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: dicomStoresId + required: true schema: type: string - - in: query - name: filter + - in: path + name: studiesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}: parameters: *ref_1 get: - description: Gets the specified DICOM store. - operationId: healthcare.projects.locations.datasets.dicomStores.get + description: >- + RetrieveSeries returns all instances within the given study and series. + See [RetrieveTransaction] + (https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). + For details on the implementation of RetrieveSeries, see [DICOM + study/series/instances](https://cloud.google.com/healthcare/docs/dicom#dicom_studyseriesinstances) + in the Cloud Healthcare API conformance statement. For samples that show + how to call RetrieveSeries, see [Retrieve DICOM + data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-dicom). + operationId: >- + healthcare.projects.locations.datasets.dicomStores.studies.series.retrieveSeries security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9425,7 +9463,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DicomStore' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -9447,11 +9485,27 @@ paths: required: true schema: type: string + - in: path + name: studiesId + required: true + schema: + type: string + - in: path + name: seriesId + required: true + schema: + type: string delete: description: >- - Deletes the specified DICOM store and removes all images that are - contained within it. - operationId: healthcare.projects.locations.datasets.dicomStores.delete + DeleteSeries deletes all instances within the given study and series. + Delete requests are equivalent to the GET requests specified in the + Retrieve transaction. The method returns an Operation which will be + marked successful when the deletion is complete. Warning: Instances + cannot be inserted into a series that is being deleted by an operation + until the operation completes. For samples that show how to call + DeleteSeries, see [Delete a study, series, or + instance](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#delete-dicom). + operationId: healthcare.projects.locations.datasets.dicomStores.studies.series.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9467,7 +9521,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9489,14 +9543,30 @@ paths: required: true schema: type: string - patch: - description: Updates the specified DICOM store. - operationId: healthcare.projects.locations.datasets.dicomStores.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DicomStore' + - in: path + name: studiesId + required: true + schema: + type: string + - in: path + name: seriesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}/instances: + parameters: *ref_1 + get: + description: >- + SearchForInstances returns a list of matching instances. See [Search + Transaction] + (https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.6). + For details on the implementation of SearchForInstances, see [Search + transaction](https://cloud.google.com/healthcare/docs/dicom#search_transaction) + in the Cloud Healthcare API conformance statement. For samples that show + how to call SearchForInstances, see [Search for DICOM + data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#search-dicom). + operationId: >- + healthcare.projects.locations.datasets.dicomStores.studies.series.searchForInstances security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9512,7 +9582,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DicomStore' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -9534,26 +9604,31 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: studiesId + required: true schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}:import: + - in: path + name: seriesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}/metadata: parameters: *ref_1 - post: + get: description: >- - Imports data into the DICOM store by copying it from the specified - source. Errors are logged to Cloud Logging. For more information, see - [Viewing error logs in Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging). The - metadata field type is OperationMetadata. - operationId: healthcare.projects.locations.datasets.dicomStores.import - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ImportDicomDataRequest' + RetrieveSeriesMetadata returns instance associated with the given study + and series, presented as metadata. See [RetrieveTransaction] + (https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). + For details on the implementation of RetrieveSeriesMetadata, see + [Metadata + resources](https://cloud.google.com/healthcare/docs/dicom#metadata_resources) + in the Cloud Healthcare API conformance statement. For samples that show + how to call RetrieveSeriesMetadata, see [Retrieve + metadata](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-metadata). + operationId: >- + healthcare.projects.locations.datasets.dicomStores.studies.series.retrieveMetadata security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9569,7 +9644,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -9591,21 +9666,32 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}:export: + - in: path + name: studiesId + required: true + schema: + type: string + - in: path + name: seriesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}/instances/{instancesId}: parameters: *ref_1 - post: + get: description: >- - Exports data to the specified destination by copying it from the DICOM - store. Errors are also logged to Cloud Logging. For more information, - see [Viewing error logs in Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging). The - metadata field type is OperationMetadata. - operationId: healthcare.projects.locations.datasets.dicomStores.export - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ExportDicomDataRequest' + RetrieveInstance returns instance associated with the given study, + series, and SOP Instance UID. See [RetrieveTransaction] + (https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). + For details on the implementation of RetrieveInstance, see [DICOM + study/series/instances](https://cloud.google.com/healthcare/docs/dicom#dicom_studyseriesinstances) + and [DICOM + instances](https://cloud.google.com/healthcare/docs/dicom#dicom_instances) + in the Cloud Healthcare API conformance statement. For samples that show + how to call RetrieveInstance, see [Retrieve an + instance](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-instance). + operationId: >- + healthcare.projects.locations.datasets.dicomStores.studies.series.instances.retrieveInstance security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9621,7 +9707,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -9643,11 +9729,32 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}:getDICOMStoreMetrics: - parameters: *ref_1 - get: - description: Gets metrics associated with the DICOM store. - operationId: healthcare.projects.locations.datasets.dicomStores.getDICOMStoreMetrics + - in: path + name: studiesId + required: true + schema: + type: string + - in: path + name: seriesId + required: true + schema: + type: string + - in: path + name: instancesId + required: true + schema: + type: string + delete: + description: >- + DeleteInstance deletes an instance associated with the given study, + series, and SOP Instance UID. Delete requests are equivalent to the GET + requests specified in the Retrieve transaction. Study and series search + results can take a few seconds to be updated after an instance is + deleted using DeleteInstance. For samples that show how to call + DeleteInstance, see [Delete a study, series, or + instance](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#delete-dicom). + operationId: >- + healthcare.projects.locations.datasets.dicomStores.studies.series.instances.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9663,7 +9770,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DicomStoreMetrics' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -9685,19 +9792,37 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies: + - in: path + name: studiesId + required: true + schema: + type: string + - in: path + name: seriesId + required: true + schema: + type: string + - in: path + name: instancesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}/instances/{instancesId}/rendered: parameters: *ref_1 get: description: >- - SearchForStudies returns a list of matching studies. See [Search - Transaction] - (http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.6). - For details on the implementation of SearchForStudies, see [Search - transaction](https://cloud.google.com/healthcare/docs/dicom#search_transaction) + RetrieveRenderedInstance returns instance associated with the given + study, series, and SOP Instance UID in an acceptable Rendered Media + Type. See [RetrieveTransaction] + (https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). + For details on the implementation of RetrieveRenderedInstance, see + [Rendered + resources](https://cloud.google.com/healthcare/docs/dicom#rendered_resources) in the Cloud Healthcare API conformance statement. For samples that show - how to call SearchForStudies, see [Search for DICOM - data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#search-dicom). - operationId: healthcare.projects.locations.datasets.dicomStores.searchForStudies + how to call RetrieveRenderedInstance, see [Retrieve consumer image + formats](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-consumer). + operationId: >- + healthcare.projects.locations.datasets.dicomStores.studies.series.instances.retrieveRendered security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9735,72 +9860,41 @@ paths: required: true schema: type: string - post: - description: >- - StoreInstances stores DICOM instances associated with study instance - unique identifiers (SUID). See [Store Transaction] - (http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.5). - For details on the implementation of StoreInstances, see [Store - transaction](https://cloud.google.com/healthcare/docs/dicom#store_transaction) - in the Cloud Healthcare API conformance statement. For samples that show - how to call StoreInstances, see [Store DICOM - data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#store-dicom). - operationId: healthcare.projects.locations.datasets.dicomStores.storeInstances - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/HttpBody' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-healthcare - Oauth2c: - - https://www.googleapis.com/auth/cloud-healthcare - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/HttpBody' - parameters: - in: path - name: projectsId + name: studiesId required: true schema: type: string - in: path - name: locationsId + name: seriesId required: true schema: type: string - in: path - name: datasetsId + name: instancesId required: true schema: type: string - - in: path - name: dicomStoresId - required: true + - in: query + name: viewport schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/series: - parameters: *ref_1 - get: - description: >- - SearchForSeries returns a list of matching series. See [Search - Transaction] - (http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.6). - For details on the implementation of SearchForSeries, see [Search - transaction](https://cloud.google.com/healthcare/docs/dicom#search_transaction) + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}/instances/{instancesId}/metadata: + parameters: *ref_1 + get: + description: >- + RetrieveInstanceMetadata returns instance associated with the given + study, series, and SOP Instance UID presented as metadata. See + [RetrieveTransaction] + (https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). + For details on the implementation of RetrieveInstanceMetadata, see + [Metadata + resources](https://cloud.google.com/healthcare/docs/dicom#metadata_resources) in the Cloud Healthcare API conformance statement. For samples that show - how to call SearchForSeries, see [Search for DICOM - data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#search-dicom). - operationId: healthcare.projects.locations.datasets.dicomStores.searchForSeries + how to call RetrieveInstanceMetadata, see [Retrieve + metadata](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-metadata). + operationId: >- + healthcare.projects.locations.datasets.dicomStores.studies.series.instances.retrieveMetadata security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9838,19 +9932,35 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/instances: + - in: path + name: studiesId + required: true + schema: + type: string + - in: path + name: seriesId + required: true + schema: + type: string + - in: path + name: instancesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}/instances/{instancesId}/frames/{framesId}: parameters: *ref_1 get: description: >- - SearchForInstances returns a list of matching instances. See [Search - Transaction] - (http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.6). - For details on the implementation of SearchForInstances, see [Search - transaction](https://cloud.google.com/healthcare/docs/dicom#search_transaction) - in the Cloud Healthcare API conformance statement. For samples that show - how to call SearchForInstances, see [Search for DICOM - data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#search-dicom). - operationId: healthcare.projects.locations.datasets.dicomStores.searchForInstances + RetrieveFrames returns instances associated with the given study, + series, SOP Instance UID and frame numbers. See [RetrieveTransaction] + (https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4}. + For details on the implementation of RetrieveFrames, see [DICOM + frames](https://cloud.google.com/healthcare/docs/dicom#dicom_frames) in + the Cloud Healthcare API conformance statement. For samples that show + how to call RetrieveFrames, see [Retrieve DICOM + data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-dicom). + operationId: >- + healthcare.projects.locations.datasets.dicomStores.studies.series.instances.frames.retrieveFrames security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9888,19 +9998,42 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}:setBlobStorageSettings: + - in: path + name: studiesId + required: true + schema: + type: string + - in: path + name: seriesId + required: true + schema: + type: string + - in: path + name: instancesId + required: true + schema: + type: string + - in: path + name: framesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}/instances/{instancesId}/frames/{framesId}/rendered: parameters: *ref_1 - post: + get: description: >- - SetBlobStorageSettings sets the blob storage settings of the specified - resources. + RetrieveRenderedFrames returns instances associated with the given + study, series, SOP Instance UID and frame numbers in an acceptable + Rendered Media Type. See [RetrieveTransaction] + (https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). + For details on the implementation of RetrieveRenderedFrames, see + [Rendered + resources](https://cloud.google.com/healthcare/docs/dicom#rendered_resources) + in the Cloud Healthcare API conformance statement. For samples that show + how to call RetrieveRenderedFrames, see [Retrieve consumer image + formats](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-consumer). operationId: >- - healthcare.projects.locations.datasets.dicomStores.dicomWeb.studies.setBlobStorageSettings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetBlobStorageSettingsRequest' + healthcare.projects.locations.datasets.dicomStores.studies.series.instances.frames.retrieveRendered security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9916,7 +10049,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -9943,12 +10076,39 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}:getStudyMetrics: + - in: path + name: seriesId + required: true + schema: + type: string + - in: path + name: instancesId + required: true + schema: + type: string + - in: path + name: framesId + required: true + schema: + type: string + - in: query + name: viewport + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}/instances/{instancesId}/bulkdata/{bulkdataId}/{bulkdataId1}: parameters: *ref_1 get: - description: GetStudyMetrics returns metrics for a study. + description: >- + Returns uncompressed, unencoded bytes representing the referenced + bulkdata tag from an instance. See [Retrieve + Transaction](https://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). + For details on the implementation of RetrieveBulkdata, see [Bulkdata + resources](https://cloud.google.com/healthcare/docs/dicom#bulkdata-resources) + in the Cloud Healthcare API conformance statement. For samples that show + how to call RetrieveBulkdata, see [Retrieve + bulkdata](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-bulkdata). operationId: >- - healthcare.projects.locations.datasets.dicomStores.dicomWeb.studies.getStudyMetrics + healthcare.projects.locations.datasets.dicomStores.studies.series.instances.bulkdata.retrieveBulkdata security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -9964,7 +10124,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/StudyMetrics' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -9991,6 +10151,26 @@ paths: required: true schema: type: string + - in: path + name: seriesId + required: true + schema: + type: string + - in: path + name: instancesId + required: true + schema: + type: string + - in: path + name: bulkdataId + required: true + schema: + type: string + - in: path + name: bulkdataId1 + required: true + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}:getSeriesMetrics: parameters: *ref_1 get: @@ -10102,19 +10282,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}:setBlobStorageSettings: parameters: *ref_1 - get: + post: description: >- - RetrieveStudy returns all instances within the given study. See - [RetrieveTransaction] - (http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). - For details on the implementation of RetrieveStudy, see [DICOM - study/series/instances](https://cloud.google.com/healthcare/docs/dicom#dicom_studyseriesinstances) - in the Cloud Healthcare API conformance statement. For samples that show - how to call RetrieveStudy, see [Retrieve DICOM - data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-dicom). - operationId: healthcare.projects.locations.datasets.dicomStores.studies.retrieveStudy + SetBlobStorageSettings sets the blob storage settings of the specified + resources. + operationId: >- + healthcare.projects.locations.datasets.dicomStores.dicomWeb.studies.setBlobStorageSettings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetBlobStorageSettingsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -10130,7 +10310,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -10157,17 +10337,12 @@ paths: required: true schema: type: string - delete: - description: >- - DeleteStudy deletes all instances within the given study. Delete - requests are equivalent to the GET requests specified in the Retrieve - transaction. The method returns an Operation which will be marked - successful when the deletion is complete. Warning: Instances cannot be - inserted into a study that is being deleted by an operation until the - operation completes. For samples that show how to call DeleteStudy, see - [Delete a study, series, or - instance](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#delete-dicom). - operationId: healthcare.projects.locations.datasets.dicomStores.studies.delete + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}:getStudyMetrics: + parameters: *ref_1 + get: + description: GetStudyMetrics returns metrics for a study. + operationId: >- + healthcare.projects.locations.datasets.dicomStores.dicomWeb.studies.getStudyMetrics security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -10183,7 +10358,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/StudyMetrics' parameters: - in: path name: projectsId @@ -10210,23 +10385,67 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores: + parameters: *ref_1 + get: + description: Lists the consent stores in the specified dataset. + operationId: healthcare.projects.locations.datasets.consentStores.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-healthcare + Oauth2c: + - https://www.googleapis.com/auth/cloud-healthcare + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListConsentStoresResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: datasetsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string post: description: >- - StoreInstances stores DICOM instances associated with study instance - unique identifiers (SUID). See [Store Transaction] - (http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.5). - For details on the implementation of StoreInstances, see [Store - transaction](https://cloud.google.com/healthcare/docs/dicom#store_transaction) - in the Cloud Healthcare API conformance statement. For samples that show - how to call StoreInstances, see [Store DICOM - data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#store-dicom). - operationId: >- - healthcare.projects.locations.datasets.dicomStores.studies.storeInstances + Creates a new consent store in the parent dataset. Attempting to create + a consent store with the same ID as an existing store fails with an + ALREADY_EXISTS error. + operationId: healthcare.projects.locations.datasets.consentStores.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/ConsentStore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -10242,7 +10461,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/ConsentStore' parameters: - in: path name: projectsId @@ -10259,31 +10478,20 @@ paths: required: true schema: type: string - - in: path - name: dicomStoresId - required: true - schema: - type: string - - in: path - name: studiesId - required: true + - in: query + name: consentStoreId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/metadata: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}: parameters: *ref_1 - get: - description: >- - RetrieveStudyMetadata returns instance associated with the given study - presented as metadata. See [RetrieveTransaction] - (http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). - For details on the implementation of RetrieveStudyMetadata, see - [Metadata - resources](https://cloud.google.com/healthcare/docs/dicom#metadata_resources) - in the Cloud Healthcare API conformance statement. For samples that show - how to call RetrieveStudyMetadata, see [Retrieve - metadata](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-metadata). - operationId: >- - healthcare.projects.locations.datasets.dicomStores.studies.retrieveMetadata + patch: + description: Updates the specified consent store. + operationId: healthcare.projects.locations.datasets.consentStores.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -10299,7 +10507,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/ConsentStore' parameters: - in: path name: projectsId @@ -10317,29 +10525,20 @@ paths: schema: type: string - in: path - name: dicomStoresId + name: consentStoresId required: true schema: type: string - - in: path - name: studiesId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series: - parameters: *ref_1 - get: + format: google-fieldmask + delete: description: >- - SearchForSeries returns a list of matching series. See [Search - Transaction] - (http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.6). - For details on the implementation of SearchForSeries, see [Search - transaction](https://cloud.google.com/healthcare/docs/dicom#search_transaction) - in the Cloud Healthcare API conformance statement. For samples that show - how to call SearchForSeries, see [Search for DICOM - data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#search-dicom). - operationId: >- - healthcare.projects.locations.datasets.dicomStores.studies.searchForSeries + Deletes the specified consent store and removes all the consent store's + data. + operationId: healthcare.projects.locations.datasets.consentStores.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -10355,7 +10554,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -10373,29 +10572,13 @@ paths: schema: type: string - in: path - name: dicomStoresId - required: true - schema: - type: string - - in: path - name: studiesId + name: consentStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/instances: - parameters: *ref_1 get: - description: >- - SearchForInstances returns a list of matching instances. See [Search - Transaction] - (http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.6). - For details on the implementation of SearchForInstances, see [Search - transaction](https://cloud.google.com/healthcare/docs/dicom#search_transaction) - in the Cloud Healthcare API conformance statement. For samples that show - how to call SearchForInstances, see [Search for DICOM - data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#search-dicom). - operationId: >- - healthcare.projects.locations.datasets.dicomStores.studies.searchForInstances + description: Gets the specified consent store. + operationId: healthcare.projects.locations.datasets.consentStores.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -10411,7 +10594,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/ConsentStore' parameters: - in: path name: projectsId @@ -10429,29 +10612,23 @@ paths: schema: type: string - in: path - name: dicomStoresId - required: true - schema: - type: string - - in: path - name: studiesId + name: consentStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}:setIamPolicy: parameters: *ref_1 - get: + post: description: >- - RetrieveSeries returns all instances within the given study and series. - See [RetrieveTransaction] - (http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). - For details on the implementation of RetrieveSeries, see [DICOM - study/series/instances](https://cloud.google.com/healthcare/docs/dicom#dicom_studyseriesinstances) - in the Cloud Healthcare API conformance statement. For samples that show - how to call RetrieveSeries, see [Retrieve DICOM - data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-dicom). - operationId: >- - healthcare.projects.locations.datasets.dicomStores.studies.series.retrieveSeries + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: healthcare.projects.locations.datasets.consentStores.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -10467,7 +10644,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -10485,31 +10662,48 @@ paths: schema: type: string - in: path - name: dicomStoresId - required: true - schema: - type: string - - in: path - name: studiesId - required: true - schema: - type: string - - in: path - name: seriesId + name: consentStoresId required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}:queryAccessibleData: + parameters: *ref_1 + post: description: >- - DeleteSeries deletes all instances within the given study and series. - Delete requests are equivalent to the GET requests specified in the - Retrieve transaction. The method returns an Operation which will be - marked successful when the deletion is complete. Warning: Instances - cannot be inserted into a series that is being deleted by an operation - until the operation completes. For samples that show how to call - DeleteSeries, see [Delete a study, series, or - instance](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#delete-dicom). - operationId: healthcare.projects.locations.datasets.dicomStores.studies.series.delete + Queries all data_ids that are consented for a specified use in the given + consent store and writes them to a specified destination. The returned + Operation includes a progress counter for the number of User data + mappings processed. If the request is successful, a detailed response is + returned of type QueryAccessibleDataResponse, contained in the response + field when the operation finishes. The metadata field type is + OperationMetadata. Errors are logged to Cloud Logging (see [Viewing + error logs in Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). For + example, the following sample log entry shows a `failed to evaluate + consent policy` error that occurred during a QueryAccessibleData call to + consent store + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}`. + ```json jsonPayload: { @type: + "type.googleapis.com/google.cloud.healthcare.logging.QueryAccessibleDataLogEntry" + error: { code: 9 message: "failed to evaluate consent policy" } + resourceName: + "projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consents/{consent_id}" + } logName: + "projects/{project_id}/logs/healthcare.googleapis.com%2Fquery_accessible_data" + operation: { id: + "projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/operations/{operation_id}" + producer: "healthcare.googleapis.com/QueryAccessibleData" } + receiveTimestamp: "TIMESTAMP" resource: { labels: { consent_store_id: + "{consent_store_id}" dataset_id: "{dataset_id}" location: + "{location_id}" project_id: "{project_id}" } type: + "healthcare_consent_store" } severity: "ERROR" timestamp: "TIMESTAMP" + ``` + operationId: healthcare.projects.locations.datasets.consentStores.queryAccessibleData + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/QueryAccessibleDataRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -10543,35 +10737,17 @@ paths: schema: type: string - in: path - name: dicomStoresId - required: true - schema: - type: string - - in: path - name: studiesId - required: true - schema: - type: string - - in: path - name: seriesId + name: consentStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}/metadata: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}:getIamPolicy: parameters: *ref_1 get: description: >- - RetrieveSeriesMetadata returns instance associated with the given study - and series, presented as metadata. See [RetrieveTransaction] - (http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). - For details on the implementation of RetrieveSeriesMetadata, see - [Metadata - resources](https://cloud.google.com/healthcare/docs/dicom#metadata_resources) - in the Cloud Healthcare API conformance statement. For samples that show - how to call RetrieveSeriesMetadata, see [Retrieve - metadata](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-metadata). - operationId: >- - healthcare.projects.locations.datasets.dicomStores.studies.series.retrieveMetadata + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: healthcare.projects.locations.datasets.consentStores.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -10587,7 +10763,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -10605,34 +10781,27 @@ paths: schema: type: string - in: path - name: dicomStoresId - required: true - schema: - type: string - - in: path - name: studiesId + name: consentStoresId required: true schema: type: string - - in: path - name: seriesId - required: true + - in: query + name: options.requestedPolicyVersion schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}/instances: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}:checkDataAccess: parameters: *ref_1 - get: + post: description: >- - SearchForInstances returns a list of matching instances. See [Search - Transaction] - (http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.6). - For details on the implementation of SearchForInstances, see [Search - transaction](https://cloud.google.com/healthcare/docs/dicom#search_transaction) - in the Cloud Healthcare API conformance statement. For samples that show - how to call SearchForInstances, see [Search for DICOM - data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#search-dicom). - operationId: >- - healthcare.projects.locations.datasets.dicomStores.studies.series.searchForInstances + Checks if a particular data_id of a User data mapping in the specified + consent store is consented for the specified use. + operationId: healthcare.projects.locations.datasets.consentStores.checkDataAccess + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CheckDataAccessRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -10648,7 +10817,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/CheckDataAccessResponse' parameters: - in: path name: projectsId @@ -10666,36 +10835,25 @@ paths: schema: type: string - in: path - name: dicomStoresId - required: true - schema: - type: string - - in: path - name: studiesId - required: true - schema: - type: string - - in: path - name: seriesId + name: consentStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}/instances/{instancesId}: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}:testIamPermissions: parameters: *ref_1 - get: + post: description: >- - RetrieveInstance returns instance associated with the given study, - series, and SOP Instance UID. See [RetrieveTransaction] - (http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). - For details on the implementation of RetrieveInstance, see [DICOM - study/series/instances](https://cloud.google.com/healthcare/docs/dicom#dicom_studyseriesinstances) - and [DICOM - instances](https://cloud.google.com/healthcare/docs/dicom#dicom_instances) - in the Cloud Healthcare API conformance statement. For samples that show - how to call RetrieveInstance, see [Retrieve an - instance](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-instance). - operationId: >- - healthcare.projects.locations.datasets.dicomStores.studies.series.instances.retrieveInstance + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: healthcare.projects.locations.datasets.consentStores.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -10711,7 +10869,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -10729,36 +10887,25 @@ paths: schema: type: string - in: path - name: dicomStoresId - required: true - schema: - type: string - - in: path - name: studiesId - required: true - schema: - type: string - - in: path - name: seriesId - required: true - schema: - type: string - - in: path - name: instancesId + name: consentStoresId required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}:evaluateUserConsents: + parameters: *ref_1 + post: description: >- - DeleteInstance deletes an instance associated with the given study, - series, and SOP Instance UID. Delete requests are equivalent to the GET - requests specified in the Retrieve transaction. Study and series search - results can take a few seconds to be updated after an instance is - deleted using DeleteInstance. For samples that show how to call - DeleteInstance, see [Delete a study, series, or - instance](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#delete-dicom). + Evaluates the user's Consents for all matching User data mappings. Note: + User data mappings are indexed asynchronously, which can cause a slight + delay between the time mappings are created or updated and when they are + included in EvaluateUserConsents results. operationId: >- - healthcare.projects.locations.datasets.dicomStores.studies.series.instances.delete + healthcare.projects.locations.datasets.consentStores.evaluateUserConsents + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EvaluateUserConsentsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -10774,7 +10921,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/EvaluateUserConsentsResponse' parameters: - in: path name: projectsId @@ -10792,41 +10939,16 @@ paths: schema: type: string - in: path - name: dicomStoresId - required: true - schema: - type: string - - in: path - name: studiesId - required: true - schema: - type: string - - in: path - name: seriesId - required: true - schema: - type: string - - in: path - name: instancesId + name: consentStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}/instances/{instancesId}/rendered: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/attributeDefinitions: parameters: *ref_1 get: - description: >- - RetrieveRenderedInstance returns instance associated with the given - study, series, and SOP Instance UID in an acceptable Rendered Media - Type. See [RetrieveTransaction] - (http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). - For details on the implementation of RetrieveRenderedInstance, see - [Rendered - resources](https://cloud.google.com/healthcare/docs/dicom#rendered_resources) - in the Cloud Healthcare API conformance statement. For samples that show - how to call RetrieveRenderedInstance, see [Retrieve consumer image - formats](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-consumer). + description: Lists the Attribute definitions in the specified consent store. operationId: >- - healthcare.projects.locations.datasets.dicomStores.studies.series.instances.retrieveRendered + healthcare.projects.locations.datasets.consentStores.attributeDefinitions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -10842,7 +10964,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/ListAttributeDefinitionsResponse' parameters: - in: path name: projectsId @@ -10860,45 +10982,32 @@ paths: schema: type: string - in: path - name: dicomStoresId - required: true - schema: - type: string - - in: path - name: studiesId + name: consentStoresId required: true schema: type: string - - in: path - name: seriesId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: instancesId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: viewport + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}/instances/{instancesId}/metadata: - parameters: *ref_1 - get: - description: >- - RetrieveInstanceMetadata returns instance associated with the given - study, series, and SOP Instance UID presented as metadata. See - [RetrieveTransaction] - (http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). - For details on the implementation of RetrieveInstanceMetadata, see - [Metadata - resources](https://cloud.google.com/healthcare/docs/dicom#metadata_resources) - in the Cloud Healthcare API conformance statement. For samples that show - how to call RetrieveInstanceMetadata, see [Retrieve - metadata](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-metadata). + post: + description: Creates a new Attribute definition in the parent consent store. operationId: >- - healthcare.projects.locations.datasets.dicomStores.studies.series.instances.retrieveMetadata + healthcare.projects.locations.datasets.consentStores.attributeDefinitions.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AttributeDefinition' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -10914,7 +11023,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/AttributeDefinition' parameters: - in: path name: projectsId @@ -10932,39 +11041,20 @@ paths: schema: type: string - in: path - name: dicomStoresId - required: true - schema: - type: string - - in: path - name: studiesId - required: true - schema: - type: string - - in: path - name: seriesId + name: consentStoresId required: true schema: type: string - - in: path - name: instancesId - required: true + - in: query + name: attributeDefinitionId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}/instances/{instancesId}/frames/{framesId}: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/attributeDefinitions/{attributeDefinitionsId}: parameters: *ref_1 get: - description: >- - RetrieveFrames returns instances associated with the given study, - series, SOP Instance UID and frame numbers. See [RetrieveTransaction] - (http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4}. - For details on the implementation of RetrieveFrames, see [DICOM - frames](https://cloud.google.com/healthcare/docs/dicom#dicom_frames) in - the Cloud Healthcare API conformance statement. For samples that show - how to call RetrieveFrames, see [Retrieve DICOM - data](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-dicom). + description: Gets the specified Attribute definition. operationId: >- - healthcare.projects.locations.datasets.dicomStores.studies.series.instances.frames.retrieveFrames + healthcare.projects.locations.datasets.consentStores.attributeDefinitions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -10980,7 +11070,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/AttributeDefinition' parameters: - in: path name: projectsId @@ -10998,46 +11088,24 @@ paths: schema: type: string - in: path - name: dicomStoresId - required: true - schema: - type: string - - in: path - name: studiesId - required: true - schema: - type: string - - in: path - name: seriesId - required: true - schema: - type: string - - in: path - name: instancesId + name: consentStoresId required: true schema: type: string - in: path - name: framesId + name: attributeDefinitionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}/instances/{instancesId}/frames/{framesId}/rendered: - parameters: *ref_1 - get: - description: >- - RetrieveRenderedFrames returns instances associated with the given - study, series, SOP Instance UID and frame numbers in an acceptable - Rendered Media Type. See [RetrieveTransaction] - (http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). - For details on the implementation of RetrieveRenderedFrames, see - [Rendered - resources](https://cloud.google.com/healthcare/docs/dicom#rendered_resources) - in the Cloud Healthcare API conformance statement. For samples that show - how to call RetrieveRenderedFrames, see [Retrieve consumer image - formats](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-consumer). + patch: + description: Updates the specified Attribute definition. operationId: >- - healthcare.projects.locations.datasets.dicomStores.studies.series.instances.frames.retrieveRendered + healthcare.projects.locations.datasets.consentStores.attributeDefinitions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AttributeDefinition' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -11053,7 +11121,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/AttributeDefinition' parameters: - in: path name: projectsId @@ -11071,48 +11139,27 @@ paths: schema: type: string - in: path - name: dicomStoresId - required: true - schema: - type: string - - in: path - name: studiesId - required: true - schema: - type: string - - in: path - name: seriesId - required: true - schema: - type: string - - in: path - name: instancesId + name: consentStoresId required: true schema: type: string - in: path - name: framesId + name: attributeDefinitionsId required: true schema: type: string - in: query - name: viewport + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/dicomStores/{dicomStoresId}/dicomWeb/studies/{studiesId}/series/{seriesId}/instances/{instancesId}/bulkdata/{bulkdataId}/{bulkdataId1}: - parameters: *ref_1 - get: + format: google-fieldmask + delete: description: >- - Returns uncompressed, unencoded bytes representing the referenced - bulkdata tag from an instance. See [Retrieve - Transaction](http://dicom.nema.org/medical/dicom/current/output/html/part18.html#sect_10.4). - For details on the implementation of RetrieveBulkdata, see [Bulkdata - resources](https://cloud.google.com/healthcare/docs/dicom#bulkdata-resources) - in the Cloud Healthcare API conformance statement. For samples that show - how to call RetrieveBulkdata, see [Retrieve - bulkdata](https://cloud.google.com/healthcare/docs/how-tos/dicomweb#retrieve-bulkdata). + Deletes the specified Attribute definition. Fails if the Attribute + definition is referenced by any User data mapping, or the latest + revision of any Consent. operationId: >- - healthcare.projects.locations.datasets.dicomStores.studies.series.instances.bulkdata.retrieveBulkdata + healthcare.projects.locations.datasets.consentStores.attributeDefinitions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -11128,7 +11175,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -11146,48 +11193,26 @@ paths: schema: type: string - in: path - name: dicomStoresId - required: true - schema: - type: string - - in: path - name: studiesId - required: true - schema: - type: string - - in: path - name: seriesId - required: true - schema: - type: string - - in: path - name: instancesId - required: true - schema: - type: string - - in: path - name: bulkdataId + name: consentStoresId required: true schema: type: string - in: path - name: bulkdataId1 + name: attributeDefinitionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/userDataMappings: parameters: *ref_1 post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.setIamPolicy + description: Creates a new User data mapping in the parent consent store. + operationId: >- + healthcare.projects.locations.datasets.consentStores.userDataMappings.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/UserDataMapping' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -11203,7 +11228,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/UserDataMapping' parameters: - in: path name: projectsId @@ -11221,17 +11246,14 @@ paths: schema: type: string - in: path - name: hl7V2StoresId + name: consentStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}:getIamPolicy: - parameters: *ref_1 get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.getIamPolicy + description: Lists the User data mappings in the specified consent store. + operationId: >- + healthcare.projects.locations.datasets.consentStores.userDataMappings.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -11247,7 +11269,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListUserDataMappingsResponse' parameters: - in: path name: projectsId @@ -11265,30 +11287,29 @@ paths: schema: type: string - in: path - name: hl7V2StoresId + name: consentStoresId required: true schema: type: string - in: query - name: options.requestedPolicyVersion + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}:testIamPermissions: + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/userDataMappings/{userDataMappingsId}: parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + get: + description: Gets the specified User data mapping. + operationId: >- + healthcare.projects.locations.datasets.consentStores.userDataMappings.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -11304,7 +11325,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/UserDataMapping' parameters: - in: path name: projectsId @@ -11322,20 +11343,24 @@ paths: schema: type: string - in: path - name: hl7V2StoresId + name: consentStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores: - parameters: *ref_1 - post: - description: Creates a new HL7v2 store within the parent dataset. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.create + - in: path + name: userDataMappingsId + required: true + schema: + type: string + patch: + description: Updates the specified User data mapping. + operationId: >- + healthcare.projects.locations.datasets.consentStores.userDataMappings.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Hl7V2Store' + $ref: '#/components/schemas/UserDataMapping' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -11351,7 +11376,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Hl7V2Store' + $ref: '#/components/schemas/UserDataMapping' parameters: - in: path name: projectsId @@ -11368,63 +11393,25 @@ paths: required: true schema: type: string - - in: query - name: hl7V2StoreId - schema: - type: string - get: - description: Lists the HL7v2 stores in the given dataset. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-healthcare - Oauth2c: - - https://www.googleapis.com/auth/cloud-healthcare - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListHl7V2StoresResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - in: path - name: locationsId + name: consentStoresId required: true schema: type: string - in: path - name: datasetsId + name: userDataMappingsId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}: - parameters: *ref_1 - get: - description: Gets the specified HL7v2 store. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.get + format: google-fieldmask + delete: + description: Deletes the specified User data mapping. + operationId: >- + healthcare.projects.locations.datasets.consentStores.userDataMappings.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -11440,7 +11427,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Hl7V2Store' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -11458,15 +11445,26 @@ paths: schema: type: string - in: path - name: hl7V2StoresId + name: consentStoresId required: true schema: type: string - delete: - description: >- - Deletes the specified HL7v2 store and removes all messages that it - contains. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.delete + - in: path + name: userDataMappingsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/userDataMappings/{userDataMappingsId}:archive: + parameters: *ref_1 + post: + description: Archives the specified User data mapping. + operationId: >- + healthcare.projects.locations.datasets.consentStores.userDataMappings.archive + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ArchiveUserDataMappingRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -11482,7 +11480,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ArchiveUserDataMappingResponse' parameters: - in: path name: projectsId @@ -11500,18 +11498,30 @@ paths: schema: type: string - in: path - name: hl7V2StoresId + name: consentStoresId required: true schema: type: string - patch: - description: Updates the HL7v2 store. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.patch + - in: path + name: userDataMappingsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consents/{consentsId}:revoke: + parameters: *ref_1 + post: + description: >- + Revokes the latest revision of the specified Consent by committing a new + revision with `state` updated to `REVOKED`. If the latest revision of + the specified Consent is in the `REVOKED` state, no new revision is + committed. A FAILED_PRECONDITION error occurs if the latest revision of + the given consent is in `DRAFT` or `REJECTED` state. + operationId: healthcare.projects.locations.datasets.consentStores.consents.revoke requestBody: content: application/json: schema: - $ref: '#/components/schemas/Hl7V2Store' + $ref: '#/components/schemas/RevokeConsentRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -11527,7 +11537,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Hl7V2Store' + $ref: '#/components/schemas/Consent' parameters: - in: path name: projectsId @@ -11545,33 +11555,29 @@ paths: schema: type: string - in: path - name: hl7V2StoresId + name: consentStoresId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: consentsId + required: true schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}:export: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consents/{consentsId}: parameters: *ref_1 - post: + patch: description: >- - Exports the messages to a destination. To filter messages to be - exported, define a filter using the start and end time, relative to the - message generation time (MSH.7). This API returns an Operation that can - be used to track the status of the job by calling GetOperation. - Immediate fatal errors appear in the error field. Otherwise, when the - operation finishes, a detailed response of type ExportMessagesResponse - is returned in the response field. The metadata field type for this - operation is OperationMetadata. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.export + Updates the latest revision of the specified Consent by committing a new + revision with the changes. A FAILED_PRECONDITION error occurs if the + latest revision of the specified Consent is in the `REJECTED` or + `REVOKED` state. + operationId: healthcare.projects.locations.datasets.consentStores.consents.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/ExportMessagesRequest' + $ref: '#/components/schemas/Consent' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -11587,7 +11593,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Consent' parameters: - in: path name: projectsId @@ -11605,46 +11611,27 @@ paths: schema: type: string - in: path - name: hl7V2StoresId + name: consentStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}:import: - parameters: *ref_1 - post: + - in: path + name: consentsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: description: >- - Import messages to the HL7v2 store by loading data from the specified - sources. This method is optimized to load large quantities of data using - import semantics that ignore some HL7v2 store configuration options and - are not suitable for all use cases. It is primarily intended to load - data into an empty HL7v2 store that is not being used by other clients. - An existing message will be overwritten if a duplicate message is - imported. A duplicate message is a message with the same raw bytes as a - message that already exists in this HL7v2 store. When a message is - overwritten, its labels will also be overwritten. The import operation - is idempotent unless the input data contains multiple valid messages - with the same raw bytes but different labels. In that case, after the - import completes, the store contains exactly one message with those raw - bytes but there is no ordering guarantee on which version of the labels - it has. The operation result counters do not count duplicated raw bytes - as an error and count one success for each message in the input, which - might result in a success count larger than the number of messages in - the HL7v2 store. If some messages fail to import, for example due to - parsing errors, successfully imported messages are not rolled back. This - method returns an Operation that can be used to track the status of the - import by calling GetOperation. Immediate fatal errors appear in the - error field, errors are also logged to Cloud Logging (see [Viewing error - logs in Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). - Otherwise, when the operation finishes, a response of type - ImportMessagesResponse is returned in the response field. The metadata - field type for this operation is OperationMetadata. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.import - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ImportMessagesRequest' + Deletes the Consent and its revisions. To keep a record of the Consent + but mark it inactive, see [RevokeConsent]. To delete a revision of a + Consent, see [DeleteConsentRevision]. This operation does not delete the + related Consent artifact. + operationId: healthcare.projects.locations.datasets.consentStores.consents.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -11660,7 +11647,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -11678,15 +11665,20 @@ paths: schema: type: string - in: path - name: hl7V2StoresId + name: consentStoresId + required: true + schema: + type: string + - in: path + name: consentsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}:getHL7v2StoreMetrics: - parameters: *ref_1 get: - description: Gets metrics associated with the HL7v2 store. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.getHL7v2StoreMetrics + description: >- + Gets the specified revision of a Consent, or the latest revision if + `revision_id` is not specified in the resource name. + operationId: healthcare.projects.locations.datasets.consentStores.consents.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -11702,7 +11694,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Hl7V2StoreMetrics' + $ref: '#/components/schemas/Consent' parameters: - in: path name: projectsId @@ -11720,29 +11712,23 @@ paths: schema: type: string - in: path - name: hl7V2StoresId + name: consentStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}:rollback: + - in: path + name: consentsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consents/{consentsId}:listRevisions: parameters: *ref_1 - post: + get: description: >- - Rolls back messages from the HL7v2 store to the specified time. This - method returns an Operation that can be used to track the status of the - rollback by calling GetOperation. Immediate fatal errors appear in the - error field, errors are also logged to Cloud Logging (see [Viewing error - logs in Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). - Otherwise, when the operation finishes, a detailed response of type - RollbackHl7V2MessagesResponse is returned in the response field. The - metadata field type for this operation is OperationMetadata. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.rollback - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RollbackHl7V2MessagesRequest' + Lists the revisions of the specified Consent in reverse chronological + order. + operationId: >- + healthcare.projects.locations.datasets.consentStores.consents.listRevisions security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -11758,7 +11744,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListConsentRevisionsResponse' parameters: - in: path name: projectsId @@ -11776,30 +11762,36 @@ paths: schema: type: string - in: path - name: hl7V2StoresId + name: consentStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}/messages:ingest: + - in: path + name: consentsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consents/{consentsId}:deleteRevision: parameters: *ref_1 - post: + delete: description: >- - Parses and stores an HL7v2 message. This method triggers an asynchronous - notification to any Pub/Sub topic configured in - Hl7V2Store.Hl7V2NotificationConfig, if the filtering matches the - message. If an MLLP adapter is configured to listen to a Pub/Sub topic, - the adapter transmits the message when a notification is received. If - the method is successful, it generates a response containing an HL7v2 - acknowledgment (`ACK`) message. If the method encounters an error, it - returns a negative acknowledgment (`NACK`) message. This behavior is - suitable for replying to HL7v2 interface systems that expect these - acknowledgments. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.messages.ingest - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/IngestMessageRequest' + Deletes the specified revision of a Consent. An INVALID_ARGUMENT error + occurs if the specified revision is the latest revision. + operationId: >- + healthcare.projects.locations.datasets.consentStores.consents.deleteRevision security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -11815,7 +11807,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/IngestMessageResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -11833,25 +11825,25 @@ paths: schema: type: string - in: path - name: hl7V2StoresId + name: consentStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}/messages: + - in: path + name: consentsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consents: parameters: *ref_1 post: - description: >- - Parses and stores an HL7v2 message. This method triggers an asynchronous - notification to any Pub/Sub topic configured in - Hl7V2Store.Hl7V2NotificationConfig, if the filtering matches the - message. If an MLLP adapter is configured to listen to a Pub/Sub topic, - the adapter transmits the message when a notification is received. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.messages.create + description: Creates a new Consent in the parent consent store. + operationId: healthcare.projects.locations.datasets.consentStores.consents.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/CreateMessageRequest' + $ref: '#/components/schemas/Consent' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -11867,7 +11859,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Message' + $ref: '#/components/schemas/Consent' parameters: - in: path name: projectsId @@ -11885,17 +11877,15 @@ paths: schema: type: string - in: path - name: hl7V2StoresId + name: consentStoresId required: true schema: type: string get: description: >- - Lists all the messages in the given HL7v2 store with support for - filtering. Note: HL7v2 messages are indexed asynchronously, so there - might be a slight delay between the time a message is created and when - it can be found through a filter. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.messages.list + Lists the Consent in the given consent store, returning each Consent's + latest revision. + operationId: healthcare.projects.locations.datasets.consentStores.consents.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -11911,7 +11901,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListMessagesResponse' + $ref: '#/components/schemas/ListConsentsResponse' parameters: - in: path name: projectsId @@ -11929,36 +11919,38 @@ paths: schema: type: string - in: path - name: hl7V2StoresId + name: consentStoresId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: view + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/hl7V2Stores/{hl7V2StoresId}/messages/{messagesId}: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consents/{consentsId}:activate: parameters: *ref_1 - get: - description: Gets an HL7v2 message. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.messages.get + post: + description: >- + Activates the latest revision of the specified Consent by committing a + new revision with `state` updated to `ACTIVE`. If the latest revision of + the specified Consent is in the `ACTIVE` state, no new revision is + committed. A FAILED_PRECONDITION error occurs if the latest revision of + the specified Consent is in the `REJECTED` or `REVOKED` state. + operationId: healthcare.projects.locations.datasets.consentStores.consents.activate + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ActivateConsentRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -11974,7 +11966,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Message' + $ref: '#/components/schemas/Consent' parameters: - in: path name: projectsId @@ -11992,22 +11984,30 @@ paths: schema: type: string - in: path - name: hl7V2StoresId + name: consentStoresId required: true schema: type: string - in: path - name: messagesId + name: consentsId required: true schema: type: string - - in: query - name: view - schema: - type: string - delete: - description: Deletes an HL7v2 message. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.messages.delete + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consents/{consentsId}:reject: + parameters: *ref_1 + post: + description: >- + Rejects the latest revision of the specified Consent by committing a new + revision with `state` updated to `REJECTED`. If the latest revision of + the specified Consent is in the `REJECTED` state, no new revision is + committed. A FAILED_PRECONDITION error occurs if the latest revision of + the specified Consent is in the `ACTIVE` or `REVOKED` state. + operationId: healthcare.projects.locations.datasets.consentStores.consents.reject + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RejectConsentRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12023,7 +12023,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Consent' parameters: - in: path name: projectsId @@ -12041,28 +12041,21 @@ paths: schema: type: string - in: path - name: hl7V2StoresId + name: consentStoresId required: true schema: type: string - in: path - name: messagesId + name: consentsId required: true schema: type: string - patch: - description: >- - Update the message. The contents of the message in Message.data and data - extracted from the contents such as Message.create_time cannot be - altered. Only the Message.labels field is allowed to be updated. The - labels in the request are merged with the existing set of labels. - Existing labels with the same keys are updated. - operationId: healthcare.projects.locations.datasets.hl7V2Stores.messages.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Message' + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consentArtifacts/{consentArtifactsId}: + parameters: *ref_1 + get: + description: Gets the specified Consent artifact. + operationId: >- + healthcare.projects.locations.datasets.consentStores.consentArtifacts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12078,7 +12071,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Message' + $ref: '#/components/schemas/ConsentArtifact' parameters: - in: path name: projectsId @@ -12096,33 +12089,21 @@ paths: schema: type: string - in: path - name: hl7V2StoresId + name: consentStoresId required: true schema: type: string - in: path - name: messagesId + name: consentArtifactsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:setIamPolicy: - parameters: *ref_1 - post: + delete: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: healthcare.projects.locations.datasets.fhirStores.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + Deletes the specified Consent artifact. Fails if the artifact is + referenced by the latest revision of any Consent. + operationId: >- + healthcare.projects.locations.datasets.consentStores.consentArtifacts.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12138,7 +12119,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -12156,17 +12137,26 @@ paths: schema: type: string - in: path - name: fhirStoresId + name: consentStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:getIamPolicy: + - in: path + name: consentArtifactsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/consentStores/{consentStoresId}/consentArtifacts: parameters: *ref_1 - get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: healthcare.projects.locations.datasets.fhirStores.getIamPolicy + post: + description: Creates a new Consent artifact in the parent consent store. + operationId: >- + healthcare.projects.locations.datasets.consentStores.consentArtifacts.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentArtifact' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12182,7 +12172,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ConsentArtifact' parameters: - in: path name: projectsId @@ -12200,30 +12190,14 @@ paths: schema: type: string - in: path - name: fhirStoresId + name: consentStoresId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: healthcare.projects.locations.datasets.fhirStores.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + get: + description: Lists the Consent artifacts in the specified consent store. + operationId: >- + healthcare.projects.locations.datasets.consentStores.consentArtifacts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12239,7 +12213,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ListConsentArtifactsResponse' parameters: - in: path name: projectsId @@ -12257,26 +12231,37 @@ paths: schema: type: string - in: path - name: fhirStoresId + name: consentStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:deidentify: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/Binary/{BinaryId}: parameters: *ref_1 - post: + get: description: >- - De-identifies data from the source store and writes it to the - destination store. The metadata field type is OperationMetadata. If the - request is successful, the response field type is - DeidentifyFhirStoreSummary. If errors occur, error is set. Error details - are also logged to Cloud Logging (see [Viewing error logs in Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). - operationId: healthcare.projects.locations.datasets.fhirStores.deidentify - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DeidentifyFhirStoreRequest' + Gets the contents of a FHIR Binary resource. This method can be used to + retrieve a Binary resource either by using the FHIR JSON mimetype as the + value for the Accept header, or as a raw data stream. If the FHIR Accept + type is used this method will return a Binary resource with the data + base64-encoded, regardless of how the resource was created. The resource + data can be retrieved in base64-decoded form if the Accept type of the + request matches the value of the resource's `contentType` field. The + definition of the Binary REST API can be found at + https://hl7.org/fhir/binary.html#rest. + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.Binary-read security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12292,7 +12277,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -12314,44 +12299,56 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/Group/{GroupId}/$export: - parameters: *ref_1 - get: + - in: path + name: BinaryId + required: true + schema: + type: string + put: description: >- - Bulk exports a Group resource and resources in the member field, - including related resources for each Patient member. The export for each - Patient is identical to a GetPatientEverything request. Implements the - FHIR implementation guide [$export group of - patients](https://build.fhir.org/ig/HL7/bulk-data/export.html#endpoint---group-of-patients). - The following headers must be set in the request: * `Accept`: specifies - the format of the `OperationOutcome` response. Only - `application/fhir+json` is supported. * `Prefer`: specifies whether the - response is immediate or asynchronous. Must be to `respond-async` - because only asynchronous responses are supported. Specify the - destination for the server to write result files by setting the Cloud - Storage location bulk_export_gcs_destination on the FHIR store. URI of - an existing Cloud Storage directory where the server writes result - files, in the format gs://{bucket-id}/{path/to/destination/dir}. If - there is no trailing slash, the service appends one when composing the - object path. The user is responsible for creating the Cloud Storage - bucket referenced. Supports the following query parameters: * `_type`: - string of comma-delimited FHIR resource types. If provided, only - resources of the specified type(s) are exported. * `_since`: if - provided, only resources updated after the specified time are exported. - * `_outputFormat`: optional, specify ndjson to export data in NDJSON - format. Exported file names use the format: - {export_id}_{resource_type}.ndjson. * `organizeOutputBy`: resource type - to organize the output by. Required and must be set to `Patient`. When - specified, output files are organized by instances of the specified - resource type, including the resource, referenced resources, and - resources that contain references to that resource. On success, the - `Content-Location` header of response is set to a URL that you can use - to query the status of the export. The URL is in the format - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/operations/{export_id}`. - See get-fhir-operation-status for more information. Errors generated by - the FHIR store contain a JSON-encoded `OperationOutcome` resource - describing the reason for the error. - operationId: healthcare.projects.locations.datasets.fhirStores.bulk-export-group + Updates the entire contents of a Binary resource. If the specified + resource does not exist and the FHIR store has enable_update_create set, + creates the resource with the client-specified ID. It is strongly + advised not to include or encode any sensitive data such as patient + identifiers in client-specified resource IDs. Those IDs are part of the + FHIR resource path recorded in Cloud Audit Logs and Pub/Sub + notifications. Those IDs can also be contained in reference fields + within other resources. This method can be used to update a Binary + resource either by using one of the accepted FHIR JSON content types, or + as a raw data stream. If a resource is updated with this method using + the FHIR content type this method's behavior is the same as `update`. If + a resource type other than Binary is used in the request it will be + treated in the same way as non-FHIR data. When a non-FHIR content type + is used in the request, a Binary resource will be generated using the ID + from the resource path, and the uploaded data will be stored in the + `content` field (`DSTU2` and `STU3`), or the `data` field (`R4` and + `R5`). The Binary resource's `contentType` will be filled in using the + value of the `Content-Type` header, and the `securityContext` field (not + present in `DSTU2`) will be populated from the `X-Security-Context` + header if it exists. At this time `securityContext` has no special + behavior in the Cloud Healthcare API. Note: the limit on data ingested + through this method is 2 GB. For best performance, use a non-FHIR data + type instead of wrapping the data in a Binary resource. Some of the + Healthcare API features, such as [exporting to + BigQuery](https://cloud.google.com/healthcare-api/docs/how-tos/fhir-export-bigquery) + or [Pub/Sub + notifications](https://cloud.google.com/healthcare-api/docs/fhir-pubsub#behavior_when_a_fhir_resource_is_too_large_or_traffic_is_high) + with full resource content, do not support Binary resources that are + larger than 10 MB. In these cases the resource's `data` field will be + omitted. Instead, the + "http://hl7.org/fhir/StructureDefinition/data-absent-reason" extension + will be present to indicate that including the data is `unsupported`. On + success, an empty 200 OK response will be returned, or a 201 Created if + the resource did not exit. The resource's ID and version are returned in + the Location header. Using `Prefer: representation=resource` is not + allowed for this method. The definition of the Binary REST API can be + found at https://hl7.org/fhir/binary.html#rest. + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.Binary-update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/HttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12390,36 +12387,28 @@ paths: schema: type: string - in: path - name: GroupId + name: BinaryId required: true schema: type: string - - in: query - name: _since - schema: - type: string - - in: query - name: _type - schema: - type: string - - in: query - name: outputFormat - schema: - type: string - - in: query - name: organizeOutputBy - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/{fhirId}/{fhirId1}/_history/{_historyId}: parameters: *ref_1 - post: - description: Creates a new FHIR store within the parent dataset. - operationId: healthcare.projects.locations.datasets.fhirStores.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/FhirStore' + get: + description: >- + Gets the contents of a version (current or historical) of a FHIR + resource by version ID. Implements the FHIR standard vread interaction + ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#vread), + [STU3](https://hl7.org/fhir/STU3/http.html#vread), + [R4](https://hl7.org/fhir/R4/http.html#vread), + [R5](https://hl7.org/fhir/R5/http.html#vread)). On success, the response + body contains a JSON-encoded representation of the resource. Errors + generated by the FHIR store contain a JSON-encoded `OperationOutcome` + resource describing the reason for the error. If the request cannot be + mapped to a valid API method on a FHIR store, a generic GCP error might + be returned instead. For samples that show how to call `vread`, see + [Retrieving a FHIR resource + version](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#retrieving_a_fhir_resource_version). + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.vread security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12435,7 +12424,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FhirStore' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -12452,13 +12441,44 @@ paths: required: true schema: type: string - - in: query - name: fhirStoreId + - in: path + name: fhirStoresId + required: true schema: type: string - get: - description: Lists the FHIR stores in the given dataset. - operationId: healthcare.projects.locations.datasets.fhirStores.list + - in: path + name: fhirId + required: true + schema: + type: string + - in: path + name: fhirId1 + required: true + schema: + type: string + - in: path + name: _historyId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/{fhirId}: + parameters: *ref_1 + delete: + description: >- + Deletes a FHIR resource that match an identifier search query. + Implements the FHIR standard conditional delete interaction, limited to + searching by resource identifier. If multiple resources match, 412 + Precondition Failed error will be returned. Search term for identifier + should be in the pattern `identifier=system|value` or `identifier=value` + - similar to the `search` method on resources with a specific + identifier. Note: Unless resource versioning is disabled by setting the + disable_resource_versioning flag on the FHIR store, the deleted resource + is moved to a history repository that can still be retrieved through + vread and related methods, unless they are removed by the purge method. + For samples that show how to call `conditionalDelete`, see + [Conditionally deleting a FHIR + resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#conditionally_deleting_a_fhir_resource). + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.conditionalDelete security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12474,7 +12494,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListFhirStoresResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -12491,24 +12511,51 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: fhirStoresId + required: true schema: type: string - - in: query - name: filter + - in: path + name: fhirId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}: - parameters: *ref_1 - get: - description: Gets the configuration of the specified FHIR store. - operationId: healthcare.projects.locations.datasets.fhirStores.get + put: + description: >- + If a resource is found with the identifier specified in the query + parameters, updates the entire contents of that resource. Implements the + FHIR standard conditional update interaction, limited to searching by + resource identifier. Search term for identifier should be in the pattern + `identifier=system|value` or `identifier=value` - similar to the + `search` method on resources with a specific identifier. If the search + criteria identify more than one match, the request returns a `412 + Precondition Failed` error. If the search criteria identify zero + matches, and the supplied resource body contains an `id`, and the FHIR + store has enable_update_create set, creates the resource with the + client-specified ID. It is strongly advised not to include or encode any + sensitive data such as patient identifiers in client-specified resource + IDs. Those IDs are part of the FHIR resource path recorded in Cloud + Audit Logs and Pub/Sub notifications. Those IDs can also be contained in + reference fields within other resources. If the search criteria identify + zero matches, and the supplied resource body does not contain an `id`, + the resource is created with a server-assigned ID as per the create + method. The request body must contain a JSON-encoded FHIR resource, and + the request headers must contain `Content-Type: application/fhir+json`. + On success, the response body contains a JSON-encoded representation of + the updated resource, including the server-assigned version ID. Errors + generated by the FHIR store contain a JSON-encoded `OperationOutcome` + resource describing the reason for the error. If the request cannot be + mapped to a valid API method on a FHIR store, a generic GCP error might + be returned instead. For samples that show how to call + `conditionalUpdate`, see [Conditionally updating a FHIR + resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#conditionally_updating_a_fhir_resource). + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.conditionalUpdate + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/HttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12524,7 +12571,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FhirStore' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -12546,14 +12593,46 @@ paths: required: true schema: type: string - patch: - description: Updates the configuration of the specified FHIR store. - operationId: healthcare.projects.locations.datasets.fhirStores.patch + - in: path + name: fhirId + required: true + schema: + type: string + post: + description: >- + Creates a FHIR resource. Implements the FHIR standard create interaction + ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#create), + [STU3](https://hl7.org/fhir/STU3/http.html#create), + [R4](https://hl7.org/fhir/R4/http.html#create), + [R5](https://hl7.org/fhir/R5/http.html#create)), which creates a new + resource with a server-assigned resource ID. Also supports the FHIR + standard conditional create interaction + ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#ccreate), + [STU3](https://hl7.org/fhir/STU3/http.html#ccreate), + [R4](https://hl7.org/fhir/R4/http.html#ccreate), + [R5](https://hl7.org/fhir/R5/http.html#ccreate)), specified by supplying + an `If-None-Exist` header containing a FHIR search query, limited to + searching by resource identifier. If no resources match this search + query, the server processes the create operation as normal. When using + conditional create, the search term for identifier should be in the + pattern `identifier=system|value` or `identifier=value` - similar to the + `search` method on resources with a specific identifier. The request + body must contain a JSON-encoded FHIR resource, and the request headers + must contain `Content-Type: application/fhir+json`. On success, the + response body contains a JSON-encoded representation of the resource as + it was created on the server, including the server-assigned resource ID + and version ID. Errors generated by the FHIR store contain a + JSON-encoded `OperationOutcome` resource describing the reason for the + error. If the request cannot be mapped to a valid API method on a FHIR + store, a generic GCP error might be returned instead. For samples that + show how to call `create`, see [Creating a FHIR + resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#creating_a_fhir_resource). + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/FhirStore' + $ref: '#/components/schemas/HttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12569,7 +12648,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FhirStore' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -12591,14 +12670,40 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: fhirId + required: true schema: type: string - format: google-fieldmask - delete: - description: Deletes the specified FHIR store and removes all resources within it. - operationId: healthcare.projects.locations.datasets.fhirStores.delete + patch: + description: >- + If a resource is found with the identifier specified in the query + parameters, updates part of that resource by applying the operations + specified in a [JSON Patch](http://jsonpatch.com/) document. Implements + the FHIR standard conditional patch interaction, limited to searching by + resource identifier. DSTU2 doesn't define a conditional patch method, + but the server supports it in the same way it supports STU3. Search term + for identifier should be in the pattern `identifier=system|value` or + `identifier=value` - similar to the `search` method on resources with a + specific identifier. If the search criteria identify more than one + match, the request returns a `412 Precondition Failed` error. If the + search criteria doesn't identify any matches, the request returns a `404 + Not Found` error. The request body must contain a JSON Patch document, + and the request headers must contain `Content-Type: + application/json-patch+json`. On success, the response body contains a + JSON-encoded representation of the updated resource, including the + server-assigned version ID. Errors generated by the FHIR store contain a + JSON-encoded `OperationOutcome` resource describing the reason for the + error. If the request cannot be mapped to a valid API method on a FHIR + store, a generic GCP error might be returned instead. For samples that + show how to call `conditionalPatch`, see [Conditionally patching a FHIR + resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#conditionally_patching_a_fhir_resource). + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.conditionalPatch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/HttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12614,7 +12719,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -12636,74 +12741,31 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:import: - parameters: *ref_1 - post: - description: >- - Imports resources to the FHIR store by loading data from the specified - sources. This method is optimized to load large quantities of data using - import semantics that ignore some FHIR store configuration options and - are not suitable for all use cases. It is primarily intended to load - data into an empty FHIR store that is not being used by other clients. - In cases where this method is not appropriate, consider using - ExecuteBundle to load data. Every resource in the input must contain a - client-supplied ID. Each resource is stored using the supplied ID - regardless of the enable_update_create setting on the FHIR store. It is - strongly advised not to include or encode any sensitive data such as - patient identifiers in client-specified resource IDs. Those IDs are part - of the FHIR resource path recorded in Cloud Audit Logs and Cloud Pub/Sub - notifications. Those IDs can also be contained in reference fields - within other resources. The import process does not enforce referential - integrity, regardless of the disable_referential_integrity setting on - the FHIR store. This allows the import of resources with arbitrary - interdependencies without considering grouping or ordering, but if the - input data contains invalid references or if some resources fail to be - imported, the FHIR store might be left in a state that violates - referential integrity. The import process does not trigger Pub/Sub - notification or BigQuery streaming update, regardless of how those are - configured on the FHIR store. If a resource with the specified ID - already exists, the most recent version of the resource is overwritten - without creating a new historical version, regardless of the - disable_resource_versioning setting on the FHIR store. If transient - failures occur during the import, it's possible that successfully - imported resources will be overwritten more than once. The import - operation is idempotent unless the input data contains multiple valid - resources with the same ID but different contents. In that case, after - the import completes, the store contains exactly one resource with that - ID but there is no ordering guarantee on which version of the contents - it will have. The operation result counters do not count duplicate IDs - as an error and count one success for each resource in the input, which - might result in a success count larger than the number of resources in - the FHIR store. This often occurs when importing data organized in - bundles produced by Patient-everything where each bundle contains its - own copy of a resource such as Practitioner that might be referred to by - many patients. If some resources fail to import, for example due to - parsing errors, successfully imported resources are not rolled back. The - location and format of the input data is specified by the parameters in - ImportResourcesRequest. Note that if no format is specified, this method - assumes the `BUNDLE` format. When using the `BUNDLE` format this method - ignores the `Bundle.type` field, except that `history` bundles are - rejected, and does not apply any of the bundle processing semantics for - batch or transaction bundles. Unlike in ExecuteBundle, transaction - bundles are not executed as a single transaction and bundle-internal - references are not rewritten. The bundle is treated as a collection of - resources to be written as provided in `Bundle.entry.resource`, ignoring - `Bundle.entry.request`. As an example, this allows the import of - `searchset` bundles produced by a FHIR search or Patient-everything - operation. This method returns an Operation that can be used to track - the status of the import by calling GetOperation. Immediate fatal errors - appear in the error field, errors are also logged to Cloud Logging (see - [Viewing error logs in Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). - Otherwise, when the operation finishes, a detailed response of type - ImportResourcesResponse is returned in the response field. The metadata - field type for this operation is OperationMetadata. - operationId: healthcare.projects.locations.datasets.fhirStores.import - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ImportResourcesRequest' + - in: path + name: fhirId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/{fhirId}/{fhirId1}/_history: + parameters: *ref_1 + get: + description: >- + Lists all the versions of a resource (including the current version and + deleted versions) from the FHIR store. Implements the per-resource form + of the FHIR standard history interaction + ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#history), + [STU3](https://hl7.org/fhir/STU3/http.html#history), + [R4](https://hl7.org/fhir/R4/http.html#history), + [R5](https://hl7.org/fhir/R5/http.html#history)). On success, the + response body contains a JSON-encoded representation of a `Bundle` + resource of type `history`, containing the version history sorted from + most recent to oldest versions. Errors generated by the FHIR store + contain a JSON-encoded `OperationOutcome` resource describing the reason + for the error. If the request cannot be mapped to a valid API method on + a FHIR store, a generic GCP error might be returned instead. For samples + that show how to call `history`, see [Listing FHIR resource + versions](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#listing_fhir_resource_versions). + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.history security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12719,7 +12781,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -12741,31 +12803,45 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:applyConsents: + - in: path + name: fhirId + required: true + schema: + type: string + - in: path + name: fhirId1 + required: true + schema: + type: string + - in: query + name: _page_token + schema: + type: string + - in: query + name: _at + schema: + type: string + - in: query + name: _count + schema: + type: integer + format: int32 + - in: query + name: _since + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/Patient/{PatientId}/$consent-enforcement-status: parameters: *ref_1 - post: + get: description: >- - Apply the Consent resources for the FHIR store and reindex the - underlying resources in the FHIR store according to the aggregate - consent. The aggregate consent of the patient in scope in this request - replaces any previous call of this method. Any Consent resource change - after this operation execution (including deletion) requires you to call - ApplyConsents again to have effect. This method returns an Operation - that can be used to track the progress of the consent resources that - were processed by calling GetOperation. Upon completion, the - ApplyConsentsResponse additionally contains the number of resources that - was reindexed. Errors are logged to Cloud Logging (see [Viewing error - logs in Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). To - enforce consent check for data access, `consent_config.access_enforced` - must be set to true for the FhirStore. FHIR Consent is not supported in - DSTU2 or R5. - operationId: healthcare.projects.locations.datasets.fhirStores.applyConsents - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ApplyConsentsRequest' + Returns the consent enforcement status of all consent resources for a + patient. On success, the response body contains a JSON-encoded + representation of a bundle of `Parameters` + (http://hl7.org/fhir/parameters.html) FHIR resources, containing the + current enforcement status for each consent resource of the patient. + Does not support DSTU2. + operationId: >- + healthcare.projects.locations.datasets.fhirStores.fhir.Patient-consent-enforcement-status security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12781,7 +12857,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -12803,33 +12879,56 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:applyAdminConsents: + - in: path + name: PatientId + required: true + schema: + type: string + - in: query + name: _page_token + schema: + type: string + - in: query + name: _count + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/{fhirId}/{fhirId1}: parameters: *ref_1 - post: + put: description: >- - Applies the admin Consent resources for the FHIR store and reindexes the - underlying resources in the FHIR store according to the aggregate - consents. This method also updates the - `consent_config.enforced_admin_consents` field of the FhirStore unless - `validate_only=true` in ApplyAdminConsentsRequest. Any admin Consent - resource change after this operation execution (including deletion) - requires you to call ApplyAdminConsents again for the change to take - effect. This method returns an Operation that can be used to track the - progress of the resources that were reindexed, by calling GetOperation. - Upon completion, the ApplyAdminConsentsResponse additionally contains - the number of resources that were reindexed. If at least one Consent - resource contains an error or fails be be enforced for any reason, the - method returns an error instead of an Operation. No resources will be - reindexed and the `consent_config.enforced_admin_consents` field will be - unchanged. To enforce a consent check for data access, - `consent_config.access_enforced` must be set to true for the FhirStore. - FHIR Consent is not supported in DSTU2 or R5. - operationId: healthcare.projects.locations.datasets.fhirStores.applyAdminConsents + Updates the entire contents of a resource. Implements the FHIR standard + update interaction + ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#update), + [STU3](https://hl7.org/fhir/STU3/http.html#update), + [R4](https://hl7.org/fhir/R4/http.html#update), + [R5](https://hl7.org/fhir/R5/http.html#update)). If the specified + resource does not exist and the FHIR store has enable_update_create set, + creates the resource with the client-specified ID. It is strongly + advised not to include or encode any sensitive data such as patient + identifiers in client-specified resource IDs. Those IDs are part of the + FHIR resource path recorded in Cloud Audit Logs and Pub/Sub + notifications. Those IDs can also be contained in reference fields + within other resources. The request body must contain a JSON-encoded + FHIR resource, and the request headers must contain `Content-Type: + application/fhir+json`. The resource must contain an `id` element having + an identical value to the ID in the REST path of the request. On + success, the response body contains a JSON-encoded representation of the + updated resource, including the server-assigned version ID. Errors + generated by the FHIR store contain a JSON-encoded `OperationOutcome` + resource describing the reason for the error. If the request cannot be + mapped to a valid API method on a FHIR store, a generic GCP error might + be returned instead. The conditional update interaction If-None-Match is + supported, including the wildcard behaviour, as defined by the R5 spec. + This functionality is supported in R4 and R5. For samples that show how + to call `update`, see [Updating a FHIR + resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#updating_a_fhir_resource). + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/ApplyAdminConsentsRequest' + $ref: '#/components/schemas/HttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12845,7 +12944,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -12867,13 +12966,41 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:explainDataAccess: - parameters: *ref_1 - get: + - in: path + name: fhirId + required: true + schema: + type: string + - in: path + name: fhirId1 + required: true + schema: + type: string + patch: description: >- - Explains all the permitted/denied actor, purpose and environment for a - given resource. FHIR Consent is not supported in DSTU2 or R5. - operationId: healthcare.projects.locations.datasets.fhirStores.explainDataAccess + Updates part of an existing resource by applying the operations + specified in a [JSON Patch](http://jsonpatch.com/) document. Implements + the FHIR standard patch interaction + ([STU3](https://hl7.org/fhir/STU3/http.html#patch), + [R4](https://hl7.org/fhir/R4/http.html#patch), + [R5](https://hl7.org/fhir/R5/http.html#patch)). DSTU2 doesn't define a + patch method, but the server supports it in the same way it supports + STU3. The request body must contain a JSON Patch document, and the + request headers must contain `Content-Type: + application/json-patch+json`. On success, the response body contains a + JSON-encoded representation of the updated resource, including the + server-assigned version ID. Errors generated by the FHIR store contain a + JSON-encoded `OperationOutcome` resource describing the reason for the + error. If the request cannot be mapped to a valid API method on a FHIR + store, a generic GCP error might be returned instead. For samples that + show how to call `patch`, see [Patching a FHIR + resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#patching_a_fhir_resource). + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/HttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12889,7 +13016,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ExplainDataAccessResponse' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -12911,29 +13038,30 @@ paths: required: true schema: type: string - - in: query - name: resourceId + - in: path + name: fhirId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:export: - parameters: *ref_1 - post: + - in: path + name: fhirId1 + required: true + schema: + type: string + delete: description: >- - Export resources from the FHIR store to the specified destination. This - method returns an Operation that can be used to track the status of the - export by calling GetOperation. Immediate fatal errors appear in the - error field, errors are also logged to Cloud Logging (see [Viewing error - logs in Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). - Otherwise, when the operation finishes, a detailed response of type - ExportResourcesResponse is returned in the response field. The metadata - field type for this operation is OperationMetadata. - operationId: healthcare.projects.locations.datasets.fhirStores.export - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ExportResourcesRequest' + Deletes a FHIR resource. Implements the FHIR standard delete interaction + ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#delete), + [STU3](https://hl7.org/fhir/STU3/http.html#delete), + [R4](https://hl7.org/fhir/R4/http.html#delete), + [R5](https://hl7.org/fhir/R5/http.html#delete)). Note: Unless resource + versioning is disabled by setting the disable_resource_versioning flag + on the FHIR store, the deleted resources will be moved to a history + repository that can still be retrieved through vread and related + methods, unless they are removed by the purge method. For samples that + show how to call `delete`, see [Deleting a FHIR + resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#deleting_a_fhir_resource). + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12949,7 +13077,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -12971,11 +13099,37 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:getFHIRStoreMetrics: - parameters: *ref_1 + - in: path + name: fhirId + required: true + schema: + type: string + - in: path + name: fhirId1 + required: true + schema: + type: string get: - description: Gets metrics associated with the FHIR store. - operationId: healthcare.projects.locations.datasets.fhirStores.getFHIRStoreMetrics + description: >- + Gets the contents of a FHIR resource. Implements the FHIR standard read + interaction ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#read), + [STU3](https://hl7.org/fhir/STU3/http.html#read), + [R4](https://hl7.org/fhir/R4/http.html#read), + [R5](https://hl7.org/fhir/R5/http.html#read)). Also supports the FHIR + standard conditional read interaction + ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#cread), + [STU3](https://hl7.org/fhir/STU3/http.html#cread), + [R4](https://hl7.org/fhir/R4/http.html#cread), + [R5](https://hl7.org/fhir/R5/http.html#cread)) specified by supplying an + `If-Modified-Since` header with a date/time value or an `If-None-Match` + header with an ETag value. On success, the response body contains a + JSON-encoded representation of the resource. Errors generated by the + FHIR store contain a JSON-encoded `OperationOutcome` resource describing + the reason for the error. If the request cannot be mapped to a valid API + method on a FHIR store, a generic GCP error might be returned instead. + For samples that show how to call `read`, see [Getting a FHIR + resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#getting_a_fhir_resource). + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.read security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -12991,7 +13145,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FhirStoreMetrics' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -13013,25 +13167,66 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:rollback: + - in: path + name: fhirId + required: true + schema: + type: string + - in: path + name: fhirId1 + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir: parameters: *ref_1 post: description: >- - Rolls back resources from the FHIR store to the specified time. This - method returns an Operation that can be used to track the status of the - rollback by calling GetOperation. Immediate fatal errors appear in the - error field, errors are also logged to Cloud Logging (see [Viewing error - logs in Cloud - Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). - Otherwise, when the operation finishes, a detailed response of type - RollbackFhirResourcesResponse is returned in the response field. The - metadata field type for this operation is OperationMetadata. - operationId: healthcare.projects.locations.datasets.fhirStores.rollback + Executes all the requests in the given Bundle. Implements the FHIR + standard batch/transaction interaction + ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#transaction), + [STU3](https://hl7.org/fhir/STU3/http.html#transaction), + [R4](https://hl7.org/fhir/R4/http.html#transaction), + [R5](https://hl7.org/fhir/R5/http.html#transaction)). Supports all + interactions within a bundle, except search. This method accepts Bundles + of type `batch` and `transaction`, processing them according to the + batch processing rules + ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#2.1.0.16.1), + [STU3](https://hl7.org/fhir/STU3/http.html#2.21.0.17.1), + [R4](https://hl7.org/fhir/R4/http.html#brules), + [R5](https://hl7.org/fhir/R5/http.html#brules)) and transaction + processing rules + ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#2.1.0.16.2), + [STU3](https://hl7.org/fhir/STU3/http.html#2.21.0.17.2), + [R4](https://hl7.org/fhir/R4/http.html#trules), + [R5](https://hl7.org/fhir/R5/http.html#trules)). The request body must + contain a JSON-encoded FHIR `Bundle` resource, and the request headers + must contain `Content-Type: application/fhir+json`. For a batch bundle + or a successful transaction, the response body contains a JSON-encoded + representation of a `Bundle` resource of type `batch-response` or + `transaction-response` containing one entry for each entry in the + request, with the outcome of processing the entry. In the case of an + error for a transaction bundle, the response body contains a + JSON-encoded `OperationOutcome` resource describing the reason for the + error. If the request cannot be mapped to a valid API method on a FHIR + store, a generic GCP error might be returned instead. This method checks + permissions for each request in the bundle. The `executeBundle` + permission is required to call this method, but you must also grant + sufficient permissions to execute the individual requests in the bundle. + For example, if the bundle contains a request to create a FHIR resource, + the caller must also have been granted the + `healthcare.fhirResources.create` permission. You can use audit logs to + view the permissions for `executeBundle` and each request in the bundle. + For more information, see [Viewing Cloud Audit + logs](https://cloud.google.com/healthcare-api/docs/how-tos/audit-logging). + For samples that show how to call `executeBundle`, see [Managing FHIR + resources using FHIR + bundles](https://cloud.google.com/healthcare/docs/how-tos/fhir-bundles). + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.executeBundle requestBody: content: application/json: schema: - $ref: '#/components/schemas/RollbackFhirResourcesRequest' + $ref: '#/components/schemas/HttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -13047,7 +13242,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -13069,38 +13264,42 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/{fhirId}: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/Binary: parameters: *ref_1 post: description: >- - Creates a FHIR resource. Implements the FHIR standard create interaction - ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#create), - [STU3](https://hl7.org/fhir/STU3/http.html#create), - [R4](https://hl7.org/fhir/R4/http.html#create), - [R5](https://hl7.org/fhir/R5/http.html#create)), which creates a new - resource with a server-assigned resource ID. Also supports the FHIR - standard conditional create interaction - ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#ccreate), - [STU3](https://hl7.org/fhir/STU3/http.html#ccreate), - [R4](https://hl7.org/fhir/R4/http.html#ccreate), - [R5](https://hl7.org/fhir/R5/http.html#ccreate)), specified by supplying - an `If-None-Exist` header containing a FHIR search query, limited to - searching by resource identifier. If no resources match this search - query, the server processes the create operation as normal. When using - conditional create, the search term for identifier should be in the - pattern `identifier=system|value` or `identifier=value` - similar to the - `search` method on resources with a specific identifier. The request - body must contain a JSON-encoded FHIR resource, and the request headers - must contain `Content-Type: application/fhir+json`. On success, the - response body contains a JSON-encoded representation of the resource as - it was created on the server, including the server-assigned resource ID - and version ID. Errors generated by the FHIR store contain a - JSON-encoded `OperationOutcome` resource describing the reason for the - error. If the request cannot be mapped to a valid API method on a FHIR - store, a generic GCP error might be returned instead. For samples that - show how to call `create`, see [Creating a FHIR - resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#creating_a_fhir_resource). - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.create + Creates a FHIR Binary resource. This method can be used to create a + Binary resource either by using one of the accepted FHIR JSON content + types, or as a raw data stream. If a resource is created with this + method using the FHIR content type this method's behavior is the same as + [`fhir.create`](https://cloud.google.com/healthcare-api/docs/reference/rest/v1/projects.locations.datasets.fhirStores.fhir/create). + If a resource type other than Binary is used in the request it's treated + in the same way as non-FHIR data (e.g., images, zip archives, pdf files, + documents). When a non-FHIR content type is used in the request, a + Binary resource will be generated, and the uploaded data will be stored + in the `content` field (`DSTU2` and `STU3`), or the `data` field (`R4` + and `R5`). The Binary resource's `contentType` will be filled in using + the value of the `Content-Type` header, and the `securityContext` field + (not present in `DSTU2`) will be populated from the `X-Security-Context` + header if it exists. At this time `securityContext` has no special + behavior in the Cloud Healthcare API. Note: the limit on data ingested + through this method is 1 GB. For best performance, use a non-FHIR data + type instead of wrapping the data in a Binary resource. Some of the + Healthcare API features, such as [exporting to + BigQuery](https://cloud.google.com/healthcare-api/docs/how-tos/fhir-export-bigquery) + or [Pub/Sub + notifications](https://cloud.google.com/healthcare-api/docs/fhir-pubsub#behavior_when_a_fhir_resource_is_too_large_or_traffic_is_high) + with full resource content, do not support Binary resources that are + larger than 10 MB. In these cases the resource's `data` field will be + omitted. Instead, the + "http://hl7.org/fhir/StructureDefinition/data-absent-reason" extension + will be present to indicate that including the data is `unsupported`. On + success, an empty `201 Created` response is returned. The newly created + resource's ID and version are returned in the Location header. Using + `Prefer: representation=resource` is not allowed for this method. The + definition of the Binary REST API can be found at + https://hl7.org/fhir/binary.html#rest. + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.Binary-create requestBody: content: application/json: @@ -13143,27 +13342,26 @@ paths: required: true schema: type: string - - in: path - name: fhirId - required: true - schema: - type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/metadata: + parameters: *ref_1 + get: description: >- - Deletes a FHIR resource that match an identifier search query. - Implements the FHIR standard conditional delete interaction, limited to - searching by resource identifier. If multiple resources match, 412 - Precondition Failed error will be returned. Search term for identifier - should be in the pattern `identifier=system|value` or `identifier=value` - - similar to the `search` method on resources with a specific - identifier. Note: Unless resource versioning is disabled by setting the - disable_resource_versioning flag on the FHIR store, the deleted resource - is moved to a history repository that can still be retrieved through - vread and related methods, unless they are removed by the purge method. - For samples that show how to call `conditionalDelete`, see - [Conditionally deleting a FHIR - resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#conditionally_deleting_a_fhir_resource). - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.conditionalDelete + Gets the FHIR capability statement + ([STU3](https://hl7.org/fhir/STU3/capabilitystatement.html), + [R4](https://hl7.org/fhir/R4/capabilitystatement.html), + [R5](https://hl7.org/fhir/R5/capabilitystatement.html)), or the + [conformance statement](https://hl7.org/fhir/DSTU2/conformance.html) in + the DSTU2 case for the store, which contains a description of + functionality supported by the server. Implements the FHIR standard + capabilities interaction + ([STU3](https://hl7.org/fhir/STU3/http.html#capabilities), + [R4](https://hl7.org/fhir/R4/http.html#capabilities), + [R5](https://hl7.org/fhir/R5/http.html#capabilities)), or the + [conformance + interaction](https://hl7.org/fhir/DSTU2/http.html#conformance) in the + DSTU2 case. On success, the response body contains a JSON-encoded + representation of a `CapabilityStatement` resource. + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.capabilities security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -13179,7 +13377,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -13201,46 +13399,17 @@ paths: required: true schema: type: string - - in: path - name: fhirId - required: true - schema: - type: string - put: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/{fhirId}/{fhirId1}/$purge: + parameters: *ref_1 + delete: description: >- - If a resource is found with the identifier specified in the query - parameters, updates the entire contents of that resource. Implements the - FHIR standard conditional update interaction, limited to searching by - resource identifier. Search term for identifier should be in the pattern - `identifier=system|value` or `identifier=value` - similar to the - `search` method on resources with a specific identifier. If the search - criteria identify more than one match, the request returns a `412 - Precondition Failed` error. If the search criteria identify zero - matches, and the supplied resource body contains an `id`, and the FHIR - store has enable_update_create set, creates the resource with the - client-specified ID. It is strongly advised not to include or encode any - sensitive data such as patient identifiers in client-specified resource - IDs. Those IDs are part of the FHIR resource path recorded in Cloud - Audit Logs and Pub/Sub notifications. Those IDs can also be contained in - reference fields within other resources. If the search criteria identify - zero matches, and the supplied resource body does not contain an `id`, - the resource is created with a server-assigned ID as per the create - method. The request body must contain a JSON-encoded FHIR resource, and - the request headers must contain `Content-Type: application/fhir+json`. - On success, the response body contains a JSON-encoded representation of - the updated resource, including the server-assigned version ID. Errors - generated by the FHIR store contain a JSON-encoded `OperationOutcome` - resource describing the reason for the error. If the request cannot be - mapped to a valid API method on a FHIR store, a generic GCP error might - be returned instead. For samples that show how to call - `conditionalUpdate`, see [Conditionally updating a FHIR - resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#conditionally_updating_a_fhir_resource). - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.conditionalUpdate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/HttpBody' + Deletes all the historical versions of a resource (excluding the current + version) from the FHIR store. To remove all versions of a resource, + first delete the current version and then call this method. This is not + a FHIR standard operation. For samples that show how to call + `Resource-purge`, see [Deleting historical versions of a FHIR + resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#deleting_historical_versions_of_a_fhir_resource). + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.Resource-purge security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -13256,7 +13425,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -13283,34 +13452,21 @@ paths: required: true schema: type: string - patch: - description: >- - If a resource is found with the identifier specified in the query - parameters, updates part of that resource by applying the operations - specified in a [JSON Patch](http://jsonpatch.com/) document. Implements - the FHIR standard conditional patch interaction, limited to searching by - resource identifier. DSTU2 doesn't define a conditional patch method, - but the server supports it in the same way it supports STU3. Search term - for identifier should be in the pattern `identifier=system|value` or - `identifier=value` - similar to the `search` method on resources with a - specific identifier. If the search criteria identify more than one - match, the request returns a `412 Precondition Failed` error. The - request body must contain a JSON Patch document, and the request headers - must contain `Content-Type: application/json-patch+json`. On success, - the response body contains a JSON-encoded representation of the updated - resource, including the server-assigned version ID. Errors generated by - the FHIR store contain a JSON-encoded `OperationOutcome` resource - describing the reason for the error. If the request cannot be mapped to - a valid API method on a FHIR store, a generic GCP error might be - returned instead. For samples that show how to call `conditionalPatch`, - see [Conditionally patching a FHIR - resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#conditionally_patching_a_fhir_resource). - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.conditionalPatch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/HttpBody' + - in: path + name: fhirId1 + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/Consent/{ConsentId}/$consent-enforcement-status: + parameters: *ref_1 + get: + description: >- + Returns the consent enforcement status of a single consent resource. On + success, the response body contains a JSON-encoded representation of a + `Parameters` (http://hl7.org/fhir/parameters.html) FHIR resource, + containing the current enforcement status. Does not support DSTU2. + operationId: >- + healthcare.projects.locations.datasets.fhirStores.fhir.Consent-enforcement-status security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -13349,51 +13505,41 @@ paths: schema: type: string - in: path - name: fhirId + name: ConsentId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/Binary: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/Patient/{PatientId}/$everything: parameters: *ref_1 - post: + get: description: >- - Creates a FHIR Binary resource. This method can be used to create a - Binary resource either by using one of the accepted FHIR JSON content - types, or as a raw data stream. If a resource is created with this - method using the FHIR content type this method's behavior is the same as - [`fhir.create`](https://cloud.google.com/healthcare-api/docs/reference/rest/v1/projects.locations.datasets.fhirStores.fhir/create). - If a resource type other than Binary is used in the request it's treated - in the same way as non-FHIR data (e.g., images, zip archives, pdf files, - documents). When a non-FHIR content type is used in the request, a - Binary resource will be generated, and the uploaded data will be stored - in the `content` field (`DSTU2` and `STU3`), or the `data` field (`R4` - and `R5`). The Binary resource's `contentType` will be filled in using - the value of the `Content-Type` header, and the `securityContext` field - (not present in `DSTU2`) will be populated from the `X-Security-Context` - header if it exists. At this time `securityContext` has no special - behavior in the Cloud Healthcare API. Note: the limit on data ingested - through this method is 1 GB. For best performance, use a non-FHIR data - type instead of wrapping the data in a Binary resource. Some of the - Healthcare API features, such as [exporting to - BigQuery](https://cloud.google.com/healthcare-api/docs/how-tos/fhir-export-bigquery) - or [Pub/Sub - notifications](https://cloud.google.com/healthcare-api/docs/fhir-pubsub#behavior_when_a_fhir_resource_is_too_large_or_traffic_is_high) - with full resource content, do not support Binary resources that are - larger than 10 MB. In these cases the resource's `data` field will be - omitted. Instead, the - "http://hl7.org/fhir/StructureDefinition/data-absent-reason" extension - will be present to indicate that including the data is `unsupported`. On - success, an empty `201 Created` response is returned. The newly created - resource's ID and version are returned in the Location header. Using - `Prefer: representation=resource` is not allowed for this method. The - definition of the Binary REST API can be found at - https://hl7.org/fhir/binary.html#rest. - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.Binary-create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/HttpBody' + Retrieves a Patient resource and resources related to that patient. + Implements the FHIR extended operation Patient-everything + ([DSTU2](https://hl7.org/fhir/DSTU2/patient-operations.html#everything), + [STU3](https://hl7.org/fhir/STU3/patient-operations.html#everything), + [R4](https://hl7.org/fhir/R4/patient-operation-everything.html), + [R5](https://hl7.org/fhir/R5/patient-operation-everything.html)). On + success, the response body contains a JSON-encoded representation of a + `Bundle` resource of type `searchset`, containing the results of the + operation. Errors generated by the FHIR store contain a JSON-encoded + `OperationOutcome` resource describing the reason for the error. If the + request cannot be mapped to a valid API method on a FHIR store, a + generic GCP error might be returned instead. The resources in scope for + the response are: * The patient resource itself. * All the resources + directly referenced by the patient resource. * Resources directly + referencing the patient resource that meet the inclusion criteria. The + inclusion criteria are based on the membership rules in the patient + compartment definition + ([DSTU2](http://hl7.org/fhir/DSTU2/compartment-patient.html), + [STU3](http://www.hl7.org/fhir/stu3/compartmentdefinition-patient.html), + [R4](http://hl7.org/fhir/R4/compartmentdefinition-patient.html), + [R5](http://hl7.org/fhir/R5/compartmentdefinition-patient.html)), which + details the eligible resource types and referencing search parameters. + For samples that show how to call `Patient-everything`, see [Getting all + patient compartment + resources](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#getting_all_patient_compartment_resources). + operationId: >- + healthcare.projects.locations.datasets.fhirStores.fhir.Patient-everything security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -13431,29 +13577,62 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/{fhirId}/{fhirId1}: + - in: path + name: PatientId + required: true + schema: + type: string + - in: query + name: start + schema: + type: string + - in: query + name: _page_token + schema: + type: string + - in: query + name: _since + schema: + type: string + - in: query + name: _count + schema: + type: integer + format: int32 + - in: query + name: end + schema: + type: string + - in: query + name: _type + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/{fhirId}/$validate: parameters: *ref_1 - get: + post: description: >- - Gets the contents of a FHIR resource. Implements the FHIR standard read - interaction ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#read), - [STU3](https://hl7.org/fhir/STU3/http.html#read), - [R4](https://hl7.org/fhir/R4/http.html#read), - [R5](https://hl7.org/fhir/R5/http.html#read)). Also supports the FHIR - standard conditional read interaction - ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#cread), - [STU3](https://hl7.org/fhir/STU3/http.html#cread), - [R4](https://hl7.org/fhir/R4/http.html#cread), - [R5](https://hl7.org/fhir/R5/http.html#cread)) specified by supplying an - `If-Modified-Since` header with a date/time value or an `If-None-Match` - header with an ETag value. On success, the response body contains a - JSON-encoded representation of the resource. Errors generated by the - FHIR store contain a JSON-encoded `OperationOutcome` resource describing + Validates an input FHIR resource's conformance to its profiles and the + profiles configured on the FHIR store. Implements the FHIR extended + operation $validate + ([DSTU2](https://hl7.org/fhir/DSTU2/resource-operations.html#validate), + [STU3](https://hl7.org/fhir/STU3/resource-operations.html#validate), + [R4](https://hl7.org/fhir/R4/resource-operation-validate.html). or + [R5](https://hl7.org/fhir/R5/resource-operation-validate.html)). The + request body must contain a JSON-encoded FHIR resource, and the request + headers must contain `Content-Type: application/fhir+json`. The + `Parameters` input syntax is not supported. The `profile` query + parameter can be used to request that the resource only be validated + against a specific profile. If a profile with the given URL cannot be + found in the FHIR store then an error is returned. Errors generated by + validation contain a JSON-encoded `OperationOutcome` resource describing the reason for the error. If the request cannot be mapped to a valid API method on a FHIR store, a generic GCP error might be returned instead. - For samples that show how to call `read`, see [Getting a FHIR - resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#getting_a_fhir_resource). - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.read + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.Resource-validate + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/HttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -13496,25 +13675,90 @@ paths: required: true schema: type: string - - in: path - name: fhirId1 - required: true + - in: query + name: profile schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/{resourceType}/_search: + parameters: *ref_1 + post: description: >- - Deletes a FHIR resource. Implements the FHIR standard delete interaction - ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#delete), - [STU3](https://hl7.org/fhir/STU3/http.html#delete), - [R4](https://hl7.org/fhir/R4/http.html#delete), - [R5](https://hl7.org/fhir/R5/http.html#delete)). Note: Unless resource - versioning is disabled by setting the disable_resource_versioning flag - on the FHIR store, the deleted resources will be moved to a history - repository that can still be retrieved through vread and related - methods, unless they are removed by the purge method. For samples that - show how to call `delete`, see [Deleting a FHIR - resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#deleting_a_fhir_resource). - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.delete + Searches for resources in the given FHIR store according to criteria + specified as query parameters. Implements the FHIR standard search + interaction ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#search), + [STU3](https://hl7.org/fhir/STU3/http.html#search), + [R4](https://hl7.org/fhir/R4/http.html#search), + [R5](https://hl7.org/fhir/R5/http.html#search)) using the search + semantics described in the FHIR Search specification + ([DSTU2](https://hl7.org/fhir/DSTU2/search.html), + [STU3](https://hl7.org/fhir/STU3/search.html), + [R4](https://hl7.org/fhir/R4/search.html), + [R5](https://hl7.org/fhir/R5/search.html)). Supports four methods of + search defined by the specification: * `GET [base]?[parameters]` to + search across all resources. * `GET [base]/[type]?[parameters]` to + search resources of a specified type. * `POST + [base]/_search?[parameters]` as an alternate form having the same + semantics as the `GET` method across all resources. * `POST + [base]/[type]/_search?[parameters]` as an alternate form having the same + semantics as the `GET` method for the specified type. The `GET` and + `POST` methods do not support compartment searches. The `POST` method + does not support `application/x-www-form-urlencoded` search parameters. + On success, the response body contains a JSON-encoded representation of + a `Bundle` resource of type `searchset`, containing the results of the + search. Errors generated by the FHIR store contain a JSON-encoded + `OperationOutcome` resource describing the reason for the error. If the + request cannot be mapped to a valid API method on a FHIR store, a + generic GCP error might be returned instead. The server's capability + statement, retrieved through capabilities, indicates what search + parameters are supported on each FHIR resource. A list of all search + parameters defined by the specification can be found in the FHIR Search + Parameter Registry + ([STU3](https://hl7.org/fhir/STU3/searchparameter-registry.html), + [R4](https://hl7.org/fhir/R4/searchparameter-registry.html), + [R5](https://hl7.org/fhir/R5/searchparameter-registry.html)). FHIR + search parameters for DSTU2 can be found on each resource's definition + page. Supported search modifiers: `:missing`, `:exact`, `:contains`, + `:text`, `:in`, `:not-in`, `:above`, `:below`, `:[type]`, `:not`, and + `recurse` (DSTU2 and STU3) or `:iterate` (R4 and R5). Supported search + result parameters: `_sort`, `_count`, `_include`, `_revinclude`, + `_summary=text`, `_summary=data`, and `_elements`. The maximum number of + search results returned defaults to 100, which can be overridden by the + `_count` parameter up to a maximum limit of 1000. The server might + return fewer resources than requested to prevent excessively large + responses. If there are additional results, the returned `Bundle` + contains a link of `relation` "next", which has a `_page_token` + parameter for an opaque pagination token that can be used to retrieve + the next page. Resources with a total size larger than 5MB or a field + count larger than 50,000 might not be fully searchable as the server + might trim its generated search index in those cases. Note: FHIR + resources are indexed asynchronously, so there might be a slight delay + between the time a resource is created or changed, and the time when the + change reflects in search results. The only exception is resource + identifier data, which is indexed synchronously as a special index. As a + result, searching using resource identifier is not subject to indexing + delay. To use the special synchronous index, the search term for + identifier should be in the pattern `identifier=[system]|[value]` or + `identifier=[value]`, and any of the following search result parameters + can be used: * `_count` * `_include` * `_revinclude` * `_summary` * + `_elements` If your query contains any other search parameters, the + standard asynchronous index will be used instead. Note that searching + against the special index is optimized for resolving a small number of + matches. The search isn't optimized if your identifier search criteria + matches a large number (i.e. more than 2,000) of resources. For a search + query that will match a large number of resources, you can avoiding + using the special synchronous index by including an additional `_sort` + parameter in your query. Use `_sort=-_lastUpdated` if you want to keep + the default sorting order. For samples and detailed information, see + [Searching for FHIR + resources](https://cloud.google.com/healthcare/docs/how-tos/fhir-search) + and [Advanced FHIR search + features](https://cloud.google.com/healthcare/docs/how-tos/fhir-advanced-search). + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.search-type + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/HttpBody' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -13548,49 +13792,90 @@ paths: schema: type: string - in: path - name: fhirStoresId - required: true - schema: - type: string - - in: path - name: fhirId + name: fhirStoresId required: true schema: type: string - in: path - name: fhirId1 + name: resourceType required: true schema: type: string - put: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/_search: + parameters: *ref_1 + post: description: >- - Updates the entire contents of a resource. Implements the FHIR standard - update interaction - ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#update), - [STU3](https://hl7.org/fhir/STU3/http.html#update), - [R4](https://hl7.org/fhir/R4/http.html#update), - [R5](https://hl7.org/fhir/R5/http.html#update)). If the specified - resource does not exist and the FHIR store has enable_update_create set, - creates the resource with the client-specified ID. It is strongly - advised not to include or encode any sensitive data such as patient - identifiers in client-specified resource IDs. Those IDs are part of the - FHIR resource path recorded in Cloud Audit Logs and Pub/Sub - notifications. Those IDs can also be contained in reference fields - within other resources. The request body must contain a JSON-encoded - FHIR resource, and the request headers must contain `Content-Type: - application/fhir+json`. The resource must contain an `id` element having - an identical value to the ID in the REST path of the request. On - success, the response body contains a JSON-encoded representation of the - updated resource, including the server-assigned version ID. Errors - generated by the FHIR store contain a JSON-encoded `OperationOutcome` - resource describing the reason for the error. If the request cannot be - mapped to a valid API method on a FHIR store, a generic GCP error might - be returned instead. The conditional update interaction If-None-Match is - supported, including the wildcard behaviour, as defined by the R5 spec. - This functionality is supported in R4 and R5. For samples that show how - to call `update`, see [Updating a FHIR - resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#updating_a_fhir_resource). - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.update + Searches for resources in the given FHIR store according to criteria + specified as query parameters. Implements the FHIR standard search + interaction ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#search), + [STU3](https://hl7.org/fhir/STU3/http.html#search), + [R4](https://hl7.org/fhir/R4/http.html#search), + [R5](https://hl7.org/fhir/R5/http.html#search)) using the search + semantics described in the FHIR Search specification + ([DSTU2](https://hl7.org/fhir/DSTU2/search.html), + [STU3](https://hl7.org/fhir/STU3/search.html), + [R4](https://hl7.org/fhir/R4/search.html), + [R5](https://hl7.org/fhir/R5/search.html)). Supports four methods of + search defined by the specification: * `GET [base]?[parameters]` to + search across all resources. * `GET [base]/[type]?[parameters]` to + search resources of a specified type. * `POST + [base]/_search?[parameters]` as an alternate form having the same + semantics as the `GET` method across all resources. * `POST + [base]/[type]/_search?[parameters]` as an alternate form having the same + semantics as the `GET` method for the specified type. The `GET` and + `POST` methods do not support compartment searches. The `POST` method + does not support `application/x-www-form-urlencoded` search parameters. + On success, the response body contains a JSON-encoded representation of + a `Bundle` resource of type `searchset`, containing the results of the + search. Errors generated by the FHIR store contain a JSON-encoded + `OperationOutcome` resource describing the reason for the error. If the + request cannot be mapped to a valid API method on a FHIR store, a + generic GCP error might be returned instead. The server's capability + statement, retrieved through capabilities, indicates what search + parameters are supported on each FHIR resource. A list of all search + parameters defined by the specification can be found in the FHIR Search + Parameter Registry + ([STU3](https://hl7.org/fhir/STU3/searchparameter-registry.html), + [R4](https://hl7.org/fhir/R4/searchparameter-registry.html), + [R5](https://hl7.org/fhir/R5/searchparameter-registry.html)). FHIR + search parameters for DSTU2 can be found on each resource's definition + page. Supported search modifiers: `:missing`, `:exact`, `:contains`, + `:text`, `:in`, `:not-in`, `:above`, `:below`, `:[type]`, `:not`, and + `recurse` (DSTU2 and STU3) or `:iterate` (R4 and R5). Supported search + result parameters: `_sort`, `_count`, `_include`, `_revinclude`, + `_summary=text`, `_summary=data`, and `_elements`. The maximum number of + search results returned defaults to 100, which can be overridden by the + `_count` parameter up to a maximum limit of 1000. The server might + return fewer resources than requested to prevent excessively large + responses. If there are additional results, the returned `Bundle` + contains a link of `relation` "next", which has a `_page_token` + parameter for an opaque pagination token that can be used to retrieve + the next page. Resources with a total size larger than 5MB or a field + count larger than 50,000 might not be fully searchable as the server + might trim its generated search index in those cases. Note: FHIR + resources are indexed asynchronously, so there might be a slight delay + between the time a resource is created or changed, and the time when the + change reflects in search results. The only exception is resource + identifier data, which is indexed synchronously as a special index. As a + result, searching using resource identifier is not subject to indexing + delay. To use the special synchronous index, the search term for + identifier should be in the pattern `identifier=[system]|[value]` or + `identifier=[value]`, and any of the following search result parameters + can be used: * `_count` * `_include` * `_revinclude` * `_summary` * + `_elements` If your query contains any other search parameters, the + standard asynchronous index will be used instead. Note that searching + against the special index is optimized for resolving a small number of + matches. The search isn't optimized if your identifier search criteria + matches a large number (i.e. more than 2,000) of resources. For a search + query that will match a large number of resources, you can avoiding + using the special synchronous index by including an additional `_sort` + parameter in your query. Use `_sort=-_lastUpdated` if you want to keep + the default sorting order. For samples and detailed information, see + [Searching for FHIR + resources](https://cloud.google.com/healthcare/docs/how-tos/fhir-search) + and [Advanced FHIR search + features](https://cloud.google.com/healthcare/docs/how-tos/fhir-advanced-search). + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.search requestBody: content: application/json: @@ -13633,41 +13918,42 @@ paths: required: true schema: type: string - - in: path - name: fhirId - required: true - schema: - type: string - - in: path - name: fhirId1 - required: true + - in: query + name: resourceType schema: type: string - patch: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/$export: + parameters: *ref_1 + get: description: >- - Updates part of an existing resource by applying the operations - specified in a [JSON Patch](http://jsonpatch.com/) document. Implements - the FHIR standard patch interaction - ([STU3](https://hl7.org/fhir/STU3/http.html#patch), - [R4](https://hl7.org/fhir/R4/http.html#patch), - [R5](https://hl7.org/fhir/R5/http.html#patch)). DSTU2 doesn't define a - patch method, but the server supports it in the same way it supports - STU3. The request body must contain a JSON Patch document, and the - request headers must contain `Content-Type: - application/json-patch+json`. On success, the response body contains a - JSON-encoded representation of the updated resource, including the - server-assigned version ID. Errors generated by the FHIR store contain a - JSON-encoded `OperationOutcome` resource describing the reason for the - error. If the request cannot be mapped to a valid API method on a FHIR - store, a generic GCP error might be returned instead. For samples that - show how to call `patch`, see [Patching a FHIR - resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#patching_a_fhir_resource). - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/HttpBody' + Bulk exports all resources from the FHIR store to the specified + destination. Implements the FHIR implementation guide [system level + $export](https://build.fhir.org/ig/HL7/bulk-data/export.html#endpoint---system-level-export). + The following headers must be set in the request: * `Accept`: specifies + the format of the `OperationOutcome` response. Only + `application/fhir+json` is supported. * `Prefer`: specifies whether the + response is immediate or asynchronous. Must be to `respond-async` + because only asynchronous responses are supported. Specify the + destination for the server to write result files by setting the Cloud + Storage location bulk_export_gcs_destination on the FHIR store. URI of + an existing Cloud Storage directory where the server writes result + files, in the format gs://{bucket-id}/{path/to/destination/dir}. If + there is no trailing slash, the service appends one when composing the + object path. The user is responsible for creating the Cloud Storage + bucket referenced. Supports the following query parameters: * `_type`: + string of comma-delimited FHIR resource types. If provided, only the + resources of the specified type(s) are exported. * `_since`: if + provided, only the resources that are updated after the specified time + are exported. * `_outputFormat`: optional, specify ndjson to export data + in NDJSON format. Exported file names use the format: + {export_id}_{resource_type}.ndjson. On success, the `Content-Location` + header of the response is set to a URL that the user can use to query + the status of the export. The URL is in the format: + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/operations/{export_id}`. + See get-fhir-operation-status for more information. Errors generated by + the FHIR store contain a JSON-encoded `OperationOutcome` resource + describing the reason for the error. + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.bulk-export security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -13705,30 +13991,33 @@ paths: required: true schema: type: string - - in: path - name: fhirId - required: true + - in: query + name: _type schema: type: string - - in: path - name: fhirId1 - required: true + - in: query + name: outputFormat schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/Binary/{BinaryId}: + - in: query + name: _since + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/Binary/{BinaryId}/_history/{_historyId}: parameters: *ref_1 get: description: >- - Gets the contents of a FHIR Binary resource. This method can be used to - retrieve a Binary resource either by using the FHIR JSON mimetype as the - value for the Accept header, or as a raw data stream. If the FHIR Accept - type is used this method will return a Binary resource with the data - base64-encoded, regardless of how the resource was created. The resource - data can be retrieved in base64-decoded form if the Accept type of the - request matches the value of the resource's `contentType` field. The - definition of the Binary REST API can be found at + Gets the contents of a version (current or historical) of a FHIR Binary + resource by version ID. This method can be used to retrieve a Binary + resource version either by using the FHIR JSON mimetype as the value for + the Accept header, or as a raw data stream. If the FHIR Accept type is + used this method will return a Binary resource with the data + base64-encoded, regardless of how the resource version was created. The + resource data can be retrieved in base64-decoded form if the Accept type + of the request matches the value of the resource version's `contentType` + field. The definition of the Binary REST API can be found at https://hl7.org/fhir/binary.html#rest. - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.Binary-read + operationId: healthcare.projects.locations.datasets.fhirStores.fhir.Binary-vread security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -13771,51 +14060,28 @@ paths: required: true schema: type: string - put: + - in: path + name: _historyId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/operations/{operationsId}: + parameters: *ref_1 + get: description: >- - Updates the entire contents of a Binary resource. If the specified - resource does not exist and the FHIR store has enable_update_create set, - creates the resource with the client-specified ID. It is strongly - advised not to include or encode any sensitive data such as patient - identifiers in client-specified resource IDs. Those IDs are part of the - FHIR resource path recorded in Cloud Audit Logs and Pub/Sub - notifications. Those IDs can also be contained in reference fields - within other resources. This method can be used to update a Binary - resource either by using one of the accepted FHIR JSON content types, or - as a raw data stream. If a resource is updated with this method using - the FHIR content type this method's behavior is the same as `update`. If - a resource type other than Binary is used in the request it will be - treated in the same way as non-FHIR data. When a non-FHIR content type - is used in the request, a Binary resource will be generated using the ID - from the resource path, and the uploaded data will be stored in the - `content` field (`DSTU2` and `STU3`), or the `data` field (`R4` and - `R5`). The Binary resource's `contentType` will be filled in using the - value of the `Content-Type` header, and the `securityContext` field (not - present in `DSTU2`) will be populated from the `X-Security-Context` - header if it exists. At this time `securityContext` has no special - behavior in the Cloud Healthcare API. Note: the limit on data ingested - through this method is 2 GB. For best performance, use a non-FHIR data - type instead of wrapping the data in a Binary resource. Some of the - Healthcare API features, such as [exporting to - BigQuery](https://cloud.google.com/healthcare-api/docs/how-tos/fhir-export-bigquery) - or [Pub/Sub - notifications](https://cloud.google.com/healthcare-api/docs/fhir-pubsub#behavior_when_a_fhir_resource_is_too_large_or_traffic_is_high) - with full resource content, do not support Binary resources that are - larger than 10 MB. In these cases the resource's `data` field will be - omitted. Instead, the - "http://hl7.org/fhir/StructureDefinition/data-absent-reason" extension - will be present to indicate that including the data is `unsupported`. On - success, an empty 200 OK response will be returned, or a 201 Created if - the resource did not exit. The resource's ID and version are returned in - the Location header. Using `Prefer: representation=resource` is not - allowed for this method. The definition of the Binary REST API can be - found at https://hl7.org/fhir/binary.html#rest. - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.Binary-update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/HttpBody' + Gets the status of operations as defined in the FHIR specification. + Implements the FHIR implementation guide [bulk data status + request](https://build.fhir.org/ig/HL7/bulk-data/export.html#bulk-data-status-request). + Operations can have one of these states: * in-progress: response status + code is `202` and `X-Progress` header is set to `in progress`. * + complete: response status code is `200` and the body is a JSON-encoded + operation response as defined by the spec. For a bulk export, this + response is defined in + https://build.fhir.org/ig/HL7/bulk-data/export.html#response---complete-status. + * error: response status code is `5XX`, and the body is a JSON-encoded + `OperationOutcome` resource describing the reason for the error. + operationId: >- + healthcare.projects.locations.datasets.fhirStores.operations.get-fhir-operation-status security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -13854,28 +14120,20 @@ paths: schema: type: string - in: path - name: BinaryId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/{fhirId}/{fhirId1}/_history/{_historyId}: - parameters: *ref_1 - get: + delete: description: >- - Gets the contents of a version (current or historical) of a FHIR - resource by version ID. Implements the FHIR standard vread interaction - ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#vread), - [STU3](https://hl7.org/fhir/STU3/http.html#vread), - [R4](https://hl7.org/fhir/R4/http.html#vread), - [R5](https://hl7.org/fhir/R5/http.html#vread)). On success, the response - body contains a JSON-encoded representation of the resource. Errors - generated by the FHIR store contain a JSON-encoded `OperationOutcome` - resource describing the reason for the error. If the request cannot be - mapped to a valid API method on a FHIR store, a generic GCP error might - be returned instead. For samples that show how to call `vread`, see - [Retrieving a FHIR resource - version](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#retrieving_a_fhir_resource_version). - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.vread + Deletes operations as defined in the FHIR specification. Implements the + FHIR implementation guide [bulk data delete + request](https://build.fhir.org/ig/HL7/bulk-data/export.html#bulk-data-delete-request). + Returns success if the operation was successfully cancelled. If the + operation is complete, or has already been cancelled, returns an error + response. + operationId: >- + healthcare.projects.locations.datasets.fhirStores.operations.delete-fhir-operation security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -13914,35 +14172,20 @@ paths: schema: type: string - in: path - name: fhirId - required: true - schema: - type: string - - in: path - name: fhirId1 - required: true - schema: - type: string - - in: path - name: _historyId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/Binary/{BinaryId}/_history/{_historyId}: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores: parameters: *ref_1 - get: - description: >- - Gets the contents of a version (current or historical) of a FHIR Binary - resource by version ID. This method can be used to retrieve a Binary - resource version either by using the FHIR JSON mimetype as the value for - the Accept header, or as a raw data stream. If the FHIR Accept type is - used this method will return a Binary resource with the data - base64-encoded, regardless of how the resource version was created. The - resource data can be retrieved in base64-decoded form if the Accept type - of the request matches the value of the resource version's `contentType` - field. The definition of the Binary REST API can be found at - https://hl7.org/fhir/binary.html#rest. - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.Binary-vread + post: + description: Creates a new FHIR store within the parent dataset. + operationId: healthcare.projects.locations.datasets.fhirStores.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FhirStore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -13958,7 +14201,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/FhirStore' parameters: - in: path name: projectsId @@ -13975,102 +14218,13 @@ paths: required: true schema: type: string - - in: path - name: fhirStoresId - required: true - schema: - type: string - - in: path - name: BinaryId - required: true - schema: - type: string - - in: path - name: _historyId - required: true + - in: query + name: fhirStoreId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/_search: - parameters: *ref_1 - post: - description: >- - Searches for resources in the given FHIR store according to criteria - specified as query parameters. Implements the FHIR standard search - interaction ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#search), - [STU3](https://hl7.org/fhir/STU3/http.html#search), - [R4](https://hl7.org/fhir/R4/http.html#search), - [R5](https://hl7.org/fhir/R5/http.html#search)) using the search - semantics described in the FHIR Search specification - ([DSTU2](https://hl7.org/fhir/DSTU2/search.html), - [STU3](https://hl7.org/fhir/STU3/search.html), - [R4](https://hl7.org/fhir/R4/search.html), - [R5](https://hl7.org/fhir/R5/search.html)). Supports four methods of - search defined by the specification: * `GET [base]?[parameters]` to - search across all resources. * `GET [base]/[type]?[parameters]` to - search resources of a specified type. * `POST - [base]/_search?[parameters]` as an alternate form having the same - semantics as the `GET` method across all resources. * `POST - [base]/[type]/_search?[parameters]` as an alternate form having the same - semantics as the `GET` method for the specified type. The `GET` and - `POST` methods do not support compartment searches. The `POST` method - does not support `application/x-www-form-urlencoded` search parameters. - On success, the response body contains a JSON-encoded representation of - a `Bundle` resource of type `searchset`, containing the results of the - search. Errors generated by the FHIR store contain a JSON-encoded - `OperationOutcome` resource describing the reason for the error. If the - request cannot be mapped to a valid API method on a FHIR store, a - generic GCP error might be returned instead. The server's capability - statement, retrieved through capabilities, indicates what search - parameters are supported on each FHIR resource. A list of all search - parameters defined by the specification can be found in the FHIR Search - Parameter Registry - ([STU3](https://hl7.org/fhir/STU3/searchparameter-registry.html), - [R4](https://hl7.org/fhir/R4/searchparameter-registry.html), - [R5](https://hl7.org/fhir/R5/searchparameter-registry.html)). FHIR - search parameters for DSTU2 can be found on each resource's definition - page. Supported search modifiers: `:missing`, `:exact`, `:contains`, - `:text`, `:in`, `:not-in`, `:above`, `:below`, `:[type]`, `:not`, and - `recurse` (DSTU2 and STU3) or `:iterate` (R4 and R5). Supported search - result parameters: `_sort`, `_count`, `_include`, `_revinclude`, - `_summary=text`, `_summary=data`, and `_elements`. The maximum number of - search results returned defaults to 100, which can be overridden by the - `_count` parameter up to a maximum limit of 1000. The server might - return fewer resources than requested to prevent excessively large - responses. If there are additional results, the returned `Bundle` - contains a link of `relation` "next", which has a `_page_token` - parameter for an opaque pagination token that can be used to retrieve - the next page. Resources with a total size larger than 5MB or a field - count larger than 50,000 might not be fully searchable as the server - might trim its generated search index in those cases. Note: FHIR - resources are indexed asynchronously, so there might be a slight delay - between the time a resource is created or changed, and the time when the - change reflects in search results. The only exception is resource - identifier data, which is indexed synchronously as a special index. As a - result, searching using resource identifier is not subject to indexing - delay. To use the special synchronous index, the search term for - identifier should be in the pattern `identifier=[system]|[value]` or - `identifier=[value]`, and any of the following search result parameters - can be used: * `_count` * `_include` * `_revinclude` * `_summary` * - `_elements` If your query contains any other search parameters, the - standard asynchronous index will be used instead. Note that searching - against the special index is optimized for resolving a small number of - matches. The search isn't optimized if your identifier search criteria - matches a large number (i.e. more than 2,000) of resources. For a search - query that will match a large number of resources, you can avoiding - using the special synchronous index by including an additional `_sort` - parameter in your query. Use `_sort=-_lastUpdated` if you want to keep - the default sorting order. Note: The special synchronous identifier - index are currently disabled for DocumentReference and DocumentManifest - searches. For samples and detailed information, see [Searching for FHIR - resources](https://cloud.google.com/healthcare/docs/how-tos/fhir-search) - and [Advanced FHIR search - features](https://cloud.google.com/healthcare/docs/how-tos/fhir-advanced-search). - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.search - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SearchResourcesRequest' + get: + description: Lists the FHIR stores in the given dataset. + operationId: healthcare.projects.locations.datasets.fhirStores.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -14086,7 +14240,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/ListFhirStoresResponse' parameters: - in: path name: projectsId @@ -14103,92 +14257,57 @@ paths: required: true schema: type: string - - in: path - name: fhirStoresId - required: true + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/{resourceType}/_search: - parameters: *ref_1 - post: - description: >- - Searches for resources in the given FHIR store according to criteria - specified as query parameters. Implements the FHIR standard search - interaction ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#search), - [STU3](https://hl7.org/fhir/STU3/http.html#search), - [R4](https://hl7.org/fhir/R4/http.html#search), - [R5](https://hl7.org/fhir/R5/http.html#search)) using the search - semantics described in the FHIR Search specification - ([DSTU2](https://hl7.org/fhir/DSTU2/search.html), - [STU3](https://hl7.org/fhir/STU3/search.html), - [R4](https://hl7.org/fhir/R4/search.html), - [R5](https://hl7.org/fhir/R5/search.html)). Supports four methods of - search defined by the specification: * `GET [base]?[parameters]` to - search across all resources. * `GET [base]/[type]?[parameters]` to - search resources of a specified type. * `POST - [base]/_search?[parameters]` as an alternate form having the same - semantics as the `GET` method across all resources. * `POST - [base]/[type]/_search?[parameters]` as an alternate form having the same - semantics as the `GET` method for the specified type. The `GET` and - `POST` methods do not support compartment searches. The `POST` method - does not support `application/x-www-form-urlencoded` search parameters. - On success, the response body contains a JSON-encoded representation of - a `Bundle` resource of type `searchset`, containing the results of the - search. Errors generated by the FHIR store contain a JSON-encoded - `OperationOutcome` resource describing the reason for the error. If the - request cannot be mapped to a valid API method on a FHIR store, a - generic GCP error might be returned instead. The server's capability - statement, retrieved through capabilities, indicates what search - parameters are supported on each FHIR resource. A list of all search - parameters defined by the specification can be found in the FHIR Search - Parameter Registry - ([STU3](https://hl7.org/fhir/STU3/searchparameter-registry.html), - [R4](https://hl7.org/fhir/R4/searchparameter-registry.html), - [R5](https://hl7.org/fhir/R5/searchparameter-registry.html)). FHIR - search parameters for DSTU2 can be found on each resource's definition - page. Supported search modifiers: `:missing`, `:exact`, `:contains`, - `:text`, `:in`, `:not-in`, `:above`, `:below`, `:[type]`, `:not`, and - `recurse` (DSTU2 and STU3) or `:iterate` (R4 and R5). Supported search - result parameters: `_sort`, `_count`, `_include`, `_revinclude`, - `_summary=text`, `_summary=data`, and `_elements`. The maximum number of - search results returned defaults to 100, which can be overridden by the - `_count` parameter up to a maximum limit of 1000. The server might - return fewer resources than requested to prevent excessively large - responses. If there are additional results, the returned `Bundle` - contains a link of `relation` "next", which has a `_page_token` - parameter for an opaque pagination token that can be used to retrieve - the next page. Resources with a total size larger than 5MB or a field - count larger than 50,000 might not be fully searchable as the server - might trim its generated search index in those cases. Note: FHIR - resources are indexed asynchronously, so there might be a slight delay - between the time a resource is created or changed, and the time when the - change reflects in search results. The only exception is resource - identifier data, which is indexed synchronously as a special index. As a - result, searching using resource identifier is not subject to indexing - delay. To use the special synchronous index, the search term for - identifier should be in the pattern `identifier=[system]|[value]` or - `identifier=[value]`, and any of the following search result parameters - can be used: * `_count` * `_include` * `_revinclude` * `_summary` * - `_elements` If your query contains any other search parameters, the - standard asynchronous index will be used instead. Note that searching - against the special index is optimized for resolving a small number of - matches. The search isn't optimized if your identifier search criteria - matches a large number (i.e. more than 2,000) of resources. For a search - query that will match a large number of resources, you can avoiding - using the special synchronous index by including an additional `_sort` - parameter in your query. Use `_sort=-_lastUpdated` if you want to keep - the default sorting order. Note: The special synchronous identifier - index are currently disabled for DocumentReference and DocumentManifest - searches. For samples and detailed information, see [Searching for FHIR - resources](https://cloud.google.com/healthcare/docs/how-tos/fhir-search) - and [Advanced FHIR search - features](https://cloud.google.com/healthcare/docs/how-tos/fhir-advanced-search). - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.search-type - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SearchResourcesRequest' + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/Group/{GroupId}/$export: + parameters: *ref_1 + get: + description: >- + Bulk exports a Group resource and resources in the member field, + including related resources for each Patient member. The export for each + Patient is identical to a GetPatientEverything request. Implements the + FHIR implementation guide [$export group of + patients](https://build.fhir.org/ig/HL7/bulk-data/export.html#endpoint---group-of-patients). + The following headers must be set in the request: * `Accept`: specifies + the format of the `OperationOutcome` response. Only + `application/fhir+json` is supported. * `Prefer`: specifies whether the + response is immediate or asynchronous. Must be to `respond-async` + because only asynchronous responses are supported. Specify the + destination for the server to write result files by setting the Cloud + Storage location bulk_export_gcs_destination on the FHIR store. URI of + an existing Cloud Storage directory where the server writes result + files, in the format gs://{bucket-id}/{path/to/destination/dir}. If + there is no trailing slash, the service appends one when composing the + object path. The user is responsible for creating the Cloud Storage + bucket referenced. Supports the following query parameters: * `_type`: + string of comma-delimited FHIR resource types. If provided, only + resources of the specified type(s) are exported. * `_since`: if + provided, only resources updated after the specified time are exported. + * `_outputFormat`: optional, specify ndjson to export data in NDJSON + format. Exported file names use the format: + {export_id}_{resource_type}.ndjson. * `organizeOutputBy`: resource type + to organize the output by. Required and must be set to `Patient`. When + specified, output files are organized by instances of the specified + resource type, including the resource, referenced resources, and + resources that contain references to that resource. On success, the + `Content-Location` header of response is set to a URL that you can use + to query the status of the export. The URL is in the format + `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/operations/{export_id}`. + See get-fhir-operation-status for more information. Errors generated by + the FHIR store contain a JSON-encoded `OperationOutcome` resource + describing the reason for the error. + operationId: healthcare.projects.locations.datasets.fhirStores.bulk-export-group security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -14227,41 +14346,39 @@ paths: schema: type: string - in: path - name: resourceType + name: GroupId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/Patient/{PatientId}/$everything: + - in: query + name: _type + schema: + type: string + - in: query + name: _since + schema: + type: string + - in: query + name: organizeOutputBy + schema: + type: string + - in: query + name: outputFormat + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:setIamPolicy: parameters: *ref_1 - get: + post: description: >- - Retrieves a Patient resource and resources related to that patient. - Implements the FHIR extended operation Patient-everything - ([DSTU2](https://hl7.org/fhir/DSTU2/patient-operations.html#everything), - [STU3](https://hl7.org/fhir/STU3/patient-operations.html#everything), - [R4](https://hl7.org/fhir/R4/patient-operation-everything.html), - [R5](https://hl7.org/fhir/R5/patient-operation-everything.html)). On - success, the response body contains a JSON-encoded representation of a - `Bundle` resource of type `searchset`, containing the results of the - operation. Errors generated by the FHIR store contain a JSON-encoded - `OperationOutcome` resource describing the reason for the error. If the - request cannot be mapped to a valid API method on a FHIR store, a - generic GCP error might be returned instead. The resources in scope for - the response are: * The patient resource itself. * All the resources - directly referenced by the patient resource. * Resources directly - referencing the patient resource that meet the inclusion criteria. The - inclusion criteria are based on the membership rules in the patient - compartment definition - ([DSTU2](http://hl7.org/fhir/DSTU2/compartment-patient.html), - [STU3](http://www.hl7.org/fhir/stu3/compartmentdefinition-patient.html), - [R4](http://hl7.org/fhir/R4/compartmentdefinition-patient.html), - [R5](http://hl7.org/fhir/R5/compartmentdefinition-patient.html)), which - details the eligible resource types and referencing search parameters. - For samples that show how to call `Patient-everything`, see [Getting all - patient compartment - resources](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#getting_all_patient_compartment_resources). - operationId: >- - healthcare.projects.locations.datasets.fhirStores.fhir.Patient-everything + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: healthcare.projects.locations.datasets.fhirStores.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -14277,7 +14394,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -14299,56 +14416,13 @@ paths: required: true schema: type: string - - in: path - name: PatientId - required: true - schema: - type: string - - in: query - name: start - schema: - type: string - - in: query - name: end - schema: - type: string - - in: query - name: _page_token - schema: - type: string - - in: query - name: _count - schema: - type: integer - format: int32 - - in: query - name: _since - schema: - type: string - - in: query - name: _type - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/metadata: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:getIamPolicy: parameters: *ref_1 get: description: >- - Gets the FHIR capability statement - ([STU3](https://hl7.org/fhir/STU3/capabilitystatement.html), - [R4](https://hl7.org/fhir/R4/capabilitystatement.html), - [R5](https://hl7.org/fhir/R5/capabilitystatement.html)), or the - [conformance statement](https://hl7.org/fhir/DSTU2/conformance.html) in - the DSTU2 case for the store, which contains a description of - functionality supported by the server. Implements the FHIR standard - capabilities interaction - ([STU3](https://hl7.org/fhir/STU3/http.html#capabilities), - [R4](https://hl7.org/fhir/R4/http.html#capabilities), - [R5](https://hl7.org/fhir/R5/http.html#capabilities)), or the - [conformance - interaction](https://hl7.org/fhir/DSTU2/http.html#conformance) in the - DSTU2 case. On success, the response body contains a JSON-encoded - representation of a `CapabilityStatement` resource. - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.capabilities + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: healthcare.projects.locations.datasets.fhirStores.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -14364,7 +14438,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -14386,56 +14460,38 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:applyAdminConsents: parameters: *ref_1 post: description: >- - Executes all the requests in the given Bundle. Implements the FHIR - standard batch/transaction interaction - ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#transaction), - [STU3](https://hl7.org/fhir/STU3/http.html#transaction), - [R4](https://hl7.org/fhir/R4/http.html#transaction), - [R5](https://hl7.org/fhir/R5/http.html#transaction)). Supports all - interactions within a bundle, except search. This method accepts Bundles - of type `batch` and `transaction`, processing them according to the - batch processing rules - ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#2.1.0.16.1), - [STU3](https://hl7.org/fhir/STU3/http.html#2.21.0.17.1), - [R4](https://hl7.org/fhir/R4/http.html#brules), - [R5](https://hl7.org/fhir/R5/http.html#brules)) and transaction - processing rules - ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#2.1.0.16.2), - [STU3](https://hl7.org/fhir/STU3/http.html#2.21.0.17.2), - [R4](https://hl7.org/fhir/R4/http.html#trules), - [R5](https://hl7.org/fhir/R5/http.html#trules)). The request body must - contain a JSON-encoded FHIR `Bundle` resource, and the request headers - must contain `Content-Type: application/fhir+json`. For a batch bundle - or a successful transaction, the response body contains a JSON-encoded - representation of a `Bundle` resource of type `batch-response` or - `transaction-response` containing one entry for each entry in the - request, with the outcome of processing the entry. In the case of an - error for a transaction bundle, the response body contains a - JSON-encoded `OperationOutcome` resource describing the reason for the - error. If the request cannot be mapped to a valid API method on a FHIR - store, a generic GCP error might be returned instead. This method checks - permissions for each request in the bundle. The `executeBundle` - permission is required to call this method, but you must also grant - sufficient permissions to execute the individual requests in the bundle. - For example, if the bundle contains a request to create a FHIR resource, - the caller must also have been granted the - `healthcare.fhirResources.create` permission. You can use audit logs to - view the permissions for `executeBundle` and each request in the bundle. - For more information, see [Viewing Cloud Audit - logs](https://cloud.google.com/healthcare-api/docs/how-tos/audit-logging). - For samples that show how to call `executeBundle`, see [Managing FHIR - resources using FHIR - bundles](https://cloud.google.com/healthcare/docs/how-tos/fhir-bundles). - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.executeBundle + Applies the admin Consent resources for the FHIR store and reindexes the + underlying resources in the FHIR store according to the aggregate + consents. This method also updates the + `consent_config.enforced_admin_consents` field of the FhirStore unless + `validate_only=true` in ApplyAdminConsentsRequest. Any admin Consent + resource change after this operation execution (including deletion) + requires you to call ApplyAdminConsents again for the change to take + effect. This method returns an Operation that can be used to track the + progress of the resources that were reindexed, by calling GetOperation. + Upon completion, the ApplyAdminConsentsResponse additionally contains + the number of resources that were reindexed. If at least one Consent + resource contains an error or fails be be enforced for any reason, the + method returns an error instead of an Operation. No resources will be + reindexed and the `consent_config.enforced_admin_consents` field will be + unchanged. To enforce a consent check for data access, + `consent_config.access_enforced` must be set to true for the FhirStore. + FHIR Consent is not supported in DSTU2 or R5. + operationId: healthcare.projects.locations.datasets.fhirStores.applyAdminConsents requestBody: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/ApplyAdminConsentsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -14451,7 +14507,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -14467,32 +14523,17 @@ paths: name: datasetsId required: true schema: - type: string - - in: path - name: fhirStoresId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/{fhirId}/{fhirId1}/_history: - parameters: *ref_1 - get: - description: >- - Lists all the versions of a resource (including the current version and - deleted versions) from the FHIR store. Implements the per-resource form - of the FHIR standard history interaction - ([DSTU2](https://hl7.org/fhir/DSTU2/http.html#history), - [STU3](https://hl7.org/fhir/STU3/http.html#history), - [R4](https://hl7.org/fhir/R4/http.html#history), - [R5](https://hl7.org/fhir/R5/http.html#history)). On success, the - response body contains a JSON-encoded representation of a `Bundle` - resource of type `history`, containing the version history sorted from - most recent to oldest versions. Errors generated by the FHIR store - contain a JSON-encoded `OperationOutcome` resource describing the reason - for the error. If the request cannot be mapped to a valid API method on - a FHIR store, a generic GCP error might be returned instead. For samples - that show how to call `history`, see [Listing FHIR resource - versions](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#listing_fhir_resource_versions). - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.history + type: string + - in: path + name: fhirStoresId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:getFHIRStoreMetrics: + parameters: *ref_1 + get: + description: Gets metrics associated with the FHIR store. + operationId: healthcare.projects.locations.datasets.fhirStores.getFHIRStoreMetrics security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -14508,7 +14549,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/FhirStoreMetrics' parameters: - in: path name: projectsId @@ -14530,44 +14571,31 @@ paths: required: true schema: type: string - - in: path - name: fhirId - required: true - schema: - type: string - - in: path - name: fhirId1 - required: true - schema: - type: string - - in: query - name: _count - schema: - type: integer - format: int32 - - in: query - name: _since - schema: - type: string - - in: query - name: _at - schema: - type: string - - in: query - name: _page_token - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/{fhirId}/{fhirId1}/$purge: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:export: parameters: *ref_1 - delete: + post: description: >- - Deletes all the historical versions of a resource (excluding the current - version) from the FHIR store. To remove all versions of a resource, - first delete the current version and then call this method. This is not - a FHIR standard operation. For samples that show how to call - `Resource-purge`, see [Deleting historical versions of a FHIR - resource](https://cloud.google.com/healthcare/docs/how-tos/fhir-resources#deleting_historical_versions_of_a_fhir_resource). - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.Resource-purge + Export resources from the FHIR store to the specified destination. This + method returns an Operation that can be used to track the status of the + export by calling GetOperation. To improve performance, it is + recommended to make the `type` filter as specific as possible, including + only the resource types that are absolutely needed. This minimizes the + size of the initial dataset to be processed and is the most effective + way to improve performance. While post-filters like `_since` are useful + for refining results, they do not speed up the initial data retrieval + phase, which is primarily governed by the `type` filter. Immediate fatal + errors appear in the error field, errors are also logged to Cloud + Logging (see [Viewing error logs in Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). + Otherwise, when the operation finishes, a detailed response of type + ExportResourcesResponse is returned in the response field. The metadata + field type for this operation is OperationMetadata. + operationId: healthcare.projects.locations.datasets.fhirStores.export + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ExportResourcesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -14583,7 +14611,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -14605,48 +14633,31 @@ paths: required: true schema: type: string - - in: path - name: fhirId - required: true - schema: - type: string - - in: path - name: fhirId1 - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/$export: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:applyConsents: parameters: *ref_1 - get: + post: description: >- - Bulk exports all resources from the FHIR store to the specified - destination. Implements the FHIR implementation guide [system level - $export](https://build.fhir.org/ig/HL7/bulk-data/export.html#endpoint---system-level-export. - The following headers must be set in the request: * `Accept`: specifies - the format of the `OperationOutcome` response. Only - `application/fhir+json` is supported. * `Prefer`: specifies whether the - response is immediate or asynchronous. Must be to `respond-async` - because only asynchronous responses are supported. Specify the - destination for the server to write result files by setting the Cloud - Storage location bulk_export_gcs_destination on the FHIR store. URI of - an existing Cloud Storage directory where the server writes result - files, in the format gs://{bucket-id}/{path/to/destination/dir}. If - there is no trailing slash, the service appends one when composing the - object path. The user is responsible for creating the Cloud Storage - bucket referenced. Supports the following query parameters: * `_type`: - string of comma-delimited FHIR resource types. If provided, only the - resources of the specified type(s) are exported. * `_since`: if - provided, only the resources that are updated after the specified time - are exported. * `_outputFormat`: optional, specify ndjson to export data - in NDJSON format. Exported file names use the format: - {export_id}_{resource_type}.ndjson. On success, the `Content-Location` - header of the response is set to a URL that the user can use to query - the status of the export. The URL is in the format: - `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/operations/{export_id}`. - See get-fhir-operation-status for more information. Errors generated by - the FHIR store contain a JSON-encoded `OperationOutcome` resource - describing the reason for the error. - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.bulk-export + Apply the Consent resources for the FHIR store and reindex the + underlying resources in the FHIR store according to the aggregate + consent. The aggregate consent of the patient in scope in this request + replaces any previous call of this method. Any Consent resource change + after this operation execution (including deletion) requires you to call + ApplyConsents again to have effect. This method returns an Operation + that can be used to track the progress of the consent resources that + were processed by calling GetOperation. Upon completion, the + ApplyConsentsResponse additionally contains the number of resources that + was reindexed. Errors are logged to Cloud Logging (see [Viewing error + logs in Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). To + enforce consent check for data access, `consent_config.access_enforced` + must be set to true for the FhirStore. FHIR Consent is not supported in + DSTU2 or R5. + operationId: healthcare.projects.locations.datasets.fhirStores.applyConsents + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ApplyConsentsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -14662,7 +14673,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -14684,44 +14695,11 @@ paths: required: true schema: type: string - - in: query - name: _since - schema: - type: string - - in: query - name: _type - schema: - type: string - - in: query - name: outputFormat - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/{fhirId}/$validate: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}: parameters: *ref_1 - post: - description: >- - Validates an input FHIR resource's conformance to its profiles and the - profiles configured on the FHIR store. Implements the FHIR extended - operation $validate - ([DSTU2](https://hl7.org/fhir/DSTU2/resource-operations.html#validate), - [STU3](https://hl7.org/fhir/STU3/resource-operations.html#validate), - [R4](https://hl7.org/fhir/R4/resource-operation-validate.html). or - [R5](https://hl7.org/fhir/R5/resource-operation-validate.html)). The - request body must contain a JSON-encoded FHIR resource, and the request - headers must contain `Content-Type: application/fhir+json`. The - `Parameters` input syntax is not supported. The `profile` query - parameter can be used to request that the resource only be validated - against a specific profile. If a profile with the given URL cannot be - found in the FHIR store then an error is returned. Errors generated by - validation contain a JSON-encoded `OperationOutcome` resource describing - the reason for the error. If the request cannot be mapped to a valid API - method on a FHIR store, a generic GCP error might be returned instead. - operationId: healthcare.projects.locations.datasets.fhirStores.fhir.Resource-validate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/HttpBody' + get: + description: Gets the configuration of the specified FHIR store. + operationId: healthcare.projects.locations.datasets.fhirStores.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -14737,7 +14715,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/FhirStore' parameters: - in: path name: projectsId @@ -14759,25 +14737,14 @@ paths: required: true schema: type: string - - in: path - name: fhirId - required: true - schema: - type: string - - in: query - name: profile - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/Consent/{ConsentId}/$consent-enforcement-status: - parameters: *ref_1 - get: - description: >- - Returns the consent enforcement status of a single consent resource. On - success, the response body contains a JSON-encoded representation of a - `Parameters` (http://hl7.org/fhir/parameters.html) FHIR resource, - containing the current enforcement status. Does not support DSTU2. - operationId: >- - healthcare.projects.locations.datasets.fhirStores.fhir.Consent-enforcement-status + patch: + description: Updates the configuration of the specified FHIR store. + operationId: healthcare.projects.locations.datasets.fhirStores.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FhirStore' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -14793,7 +14760,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/FhirStore' parameters: - in: path name: projectsId @@ -14815,23 +14782,14 @@ paths: required: true schema: type: string - - in: path - name: ConsentId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/fhir/Patient/{PatientId}/$consent-enforcement-status: - parameters: *ref_1 - get: - description: >- - Returns the consent enforcement status of all consent resources for a - patient. On success, the response body contains a JSON-encoded - representation of a bundle of `Parameters` - (http://hl7.org/fhir/parameters.html) FHIR resources, containing the - current enforcement status for each consent resource of the patient. - Does not support DSTU2. - operationId: >- - healthcare.projects.locations.datasets.fhirStores.fhir.Patient-consent-enforcement-status + format: google-fieldmask + delete: + description: Deletes the specified FHIR store and removes all resources within it. + operationId: healthcare.projects.locations.datasets.fhirStores.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -14847,7 +14805,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -14869,37 +14827,22 @@ paths: required: true schema: type: string - - in: path - name: PatientId - required: true - schema: - type: string - - in: query - name: _count - schema: - type: integer - format: int32 - - in: query - name: _page_token - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:deidentify: parameters: *ref_1 - get: + post: description: >- - Gets the status of operations as defined in the FHIR specification. - Implements the FHIR implementation guide [bulk data status - request](https://build.fhir.org/ig/HL7/bulk-data/export.html#bulk-data-status-request). - Operations can have one of these states: * in-progress: response status - code is `202` and `X-Progress` header is set to `in progress`. * - complete: response status code is `200` and the body is a JSON-encoded - operation response as defined by the spec. For a bulk export, this - response is defined in - https://build.fhir.org/ig/HL7/bulk-data/export.html#response---complete-status. - * error: response status code is `5XX`, and the body is a JSON-encoded - `OperationOutcome` resource describing the reason for the error. - operationId: >- - healthcare.projects.locations.datasets.fhirStores.operations.get-fhir-operation-status + De-identifies data from the source store and writes it to the + destination store. The metadata field type is OperationMetadata. If the + request is successful, the response field type is + DeidentifyFhirStoreSummary. If errors occur, error is set. Error details + are also logged to Cloud Logging (see [Viewing error logs in Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). + operationId: healthcare.projects.locations.datasets.fhirStores.deidentify + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DeidentifyFhirStoreRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -14915,7 +14858,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -14937,21 +14880,21 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true - schema: - type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:testIamPermissions: + parameters: *ref_1 + post: description: >- - Deletes operations as defined in the FHIR specification. Implements the - FHIR implementation guide [bulk data delete - request](https://build.fhir.org/ig/HL7/bulk-data/export.html#bulk-data-delete-request). - Returns success if the operation was successfully cancelled. If the - operation is complete, or has already been cancelled, returns an error - response. - operationId: >- - healthcare.projects.locations.datasets.fhirStores.operations.delete-fhir-operation + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: healthcare.projects.locations.datasets.fhirStores.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -14967,7 +14910,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -14989,18 +14932,25 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:rollback: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: healthcare.projects.locations.datasets.operations.list + Rolls back resources from the FHIR store to the specified time. This + method returns an Operation that can be used to track the status of the + rollback by calling GetOperation. Immediate fatal errors appear in the + error field, errors are also logged to Cloud Logging (see [Viewing error + logs in Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). + Otherwise, when the operation finishes, a detailed response of type + RollbackFhirResourcesResponse is returned in the response field. The + metadata field type for this operation is OperationMetadata. + operationId: healthcare.projects.locations.datasets.fhirStores.rollback + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RollbackFhirResourcesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -15016,7 +14966,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -15033,27 +14983,18 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: fhirStoresId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:explainDataAccess: parameters: *ref_1 get: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: healthcare.projects.locations.datasets.operations.get + Explains all the permitted/denied actor, purpose and environment for a + given resource. FHIR Consent is not supported in DSTU2 or R5. + operationId: healthcare.projects.locations.datasets.fhirStores.explainDataAccess security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -15069,7 +15010,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ExplainDataAccessResponse' parameters: - in: path name: projectsId @@ -15087,29 +15028,82 @@ paths: schema: type: string - in: path - name: operationsId + name: fhirStoresId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/operations/{operationsId}:cancel: + - in: query + name: resourceId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/datasets/{datasetsId}/fhirStores/{fhirStoresId}:import: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: healthcare.projects.locations.datasets.operations.cancel + Imports resources to the FHIR store by loading data from the specified + sources. This method is optimized to load large quantities of data using + import semantics that ignore some FHIR store configuration options and + are not suitable for all use cases. It is primarily intended to load + data into an empty FHIR store that is not being used by other clients. + In cases where this method is not appropriate, consider using + ExecuteBundle to load data. Every resource in the input must contain a + client-supplied ID. Each resource is stored using the supplied ID + regardless of the enable_update_create setting on the FHIR store. It is + strongly advised not to include or encode any sensitive data such as + patient identifiers in client-specified resource IDs. Those IDs are part + of the FHIR resource path recorded in Cloud Audit Logs and Cloud Pub/Sub + notifications. Those IDs can also be contained in reference fields + within other resources. The import process does not enforce referential + integrity, regardless of the disable_referential_integrity setting on + the FHIR store. This allows the import of resources with arbitrary + interdependencies without considering grouping or ordering, but if the + input data contains invalid references or if some resources fail to be + imported, the FHIR store might be left in a state that violates + referential integrity. The import process does not trigger Pub/Sub + notification or BigQuery streaming update, regardless of how those are + configured on the FHIR store. If a resource with the specified ID + already exists, the most recent version of the resource is overwritten + without creating a new historical version, regardless of the + disable_resource_versioning setting on the FHIR store. If transient + failures occur during the import, it's possible that successfully + imported resources will be overwritten more than once. The import + operation is idempotent unless the input data contains multiple valid + resources with the same ID but different contents. In that case, after + the import completes, the store contains exactly one resource with that + ID but there is no ordering guarantee on which version of the contents + it will have. The operation result counters do not count duplicate IDs + as an error and count one success for each resource in the input, which + might result in a success count larger than the number of resources in + the FHIR store. This often occurs when importing data organized in + bundles produced by Patient-everything where each bundle contains its + own copy of a resource such as Practitioner that might be referred to by + many patients. If some resources fail to import, for example due to + parsing errors, successfully imported resources are not rolled back. The + location and format of the input data is specified by the parameters in + ImportResourcesRequest. Note that if no format is specified, this method + assumes the `BUNDLE` format. When using the `BUNDLE` format this method + ignores the `Bundle.type` field, except that `history` bundles are + rejected, and does not apply any of the bundle processing semantics for + batch or transaction bundles. Unlike in ExecuteBundle, transaction + bundles are not executed as a single transaction and bundle-internal + references are not rewritten. The bundle is treated as a collection of + resources to be written as provided in `Bundle.entry.resource`, ignoring + `Bundle.entry.request`. As an example, this allows the import of + `searchset` bundles produced by a FHIR search or Patient-everything + operation. This method returns an Operation that can be used to track + the status of the import by calling GetOperation. Immediate fatal errors + appear in the error field, errors are also logged to Cloud Logging (see + [Viewing error logs in Cloud + Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). + Otherwise, when the operation finishes, a detailed response of type + ImportResourcesResponse is returned in the response field. The metadata + field type for this operation is OperationMetadata. + operationId: healthcare.projects.locations.datasets.fhirStores.import requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/ImportResourcesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-healthcare @@ -15125,7 +15119,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -15143,7 +15137,7 @@ paths: schema: type: string - in: path - name: operationsId + name: fhirStoresId required: true schema: type: string @@ -15187,3 +15181,79 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}: + parameters: *ref_1 + get: + description: Gets information about a location. + operationId: healthcare.projects.locations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-healthcare + Oauth2c: + - https://www.googleapis.com/auth/cloud-healthcare + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Location' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations: + parameters: *ref_1 + get: + description: Lists information about the supported locations for this service. + operationId: healthcare.projects.locations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-healthcare + Oauth2c: + - https://www.googleapis.com/auth/cloud-healthcare + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListLocationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: extraLocationTypes + schema: + type: string + - in: query + name: pageToken + schema: + type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/iam.yaml b/providers/src/googleapis.com/v00.00.00000/services/iam.yaml index d8cb6244..cf831d01 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/iam.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/iam.yaml @@ -12,8 +12,8 @@ info: Account Credentials API (iamcredentials.googleapis.com). However, disabling this API doesn't disable the IAM Service Account Credentials API. version: v1 - x-discovery-doc-revision: '20250825' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251107' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/iam/ servers: @@ -1520,14 +1520,10 @@ components: `organizations/{org-id}`. type: string displayName: - description: >- - Optional. A user-specified display name of the pool in Google Cloud - Console. Cannot exceed 32 characters. + description: Optional. A display name for the pool. Cannot exceed 32 characters. type: string description: - description: >- - Optional. A user-specified description of the pool. Cannot exceed - 256 characters. + description: Optional. A description of the pool. Cannot exceed 256 characters. type: string state: description: Output only. The state of the pool. @@ -1668,13 +1664,13 @@ components: type: string displayName: description: >- - Optional. A user-specified display name for the provider. Cannot - exceed 32 characters. + Optional. A display name for the provider. Cannot exceed 32 + characters. type: string description: description: >- - Optional. A user-specified description of the provider. Cannot - exceed 256 characters. + Optional. A description of the provider. Cannot exceed 256 + characters. type: string state: description: Output only. The state of the provider. @@ -1744,7 +1740,7 @@ components: the expression to access a JSON representation of the authentication credential issued by the provider. The maximum length of an attribute mapping expression is 2048 characters. When evaluated, the - total size of all mapped attributes must not exceed 4KB. For OIDC + total size of all mapped attributes must not exceed 16 KB. For OIDC providers, you must supply a custom mapping that includes the `google.subject` attribute. For example, the following maps the `sub` claim of the incoming credential to the `subject` attribute on @@ -1780,8 +1776,8 @@ components: $ref: '#/components/schemas/GoogleIamAdminV1WorkforcePoolProviderOidc' expireTime: description: >- - Output only. Time after which the workload pool provider will be - permanently purged and cannot be recovered. + Output only. Time after which the workforce identity pool provider + will be permanently purged and cannot be recovered. readOnly: true type: string format: google-datetime @@ -1815,6 +1811,23 @@ components: must map to a unique Microsoft Entra ID user. $ref: >- #/components/schemas/GoogleIamAdminV1WorkforcePoolProviderExtraAttributesOAuth2Client + scimUsage: + description: >- + Optional. Agentspace only. Specifies whether the workforce identity + pool provider uses SCIM-managed groups instead of the + `google.groups` attribute mapping for authorization checks. The + `scim_usage` and `extended_attributes_oauth2_client` fields are + mutually exclusive. A request that enables both fields on the same + workforce identity pool provider will produce an error. + type: string + enumDescriptions: + - Agentspace only. Do not use SCIM data. + - >- + Agentspace only. SCIM sync is enabled and SCIM-managed groups are + used for authorization checks. + enum: + - SCIM_USAGE_UNSPECIFIED + - ENABLED_FOR_GROUPS GoogleIamAdminV1WorkforcePoolProviderSaml: id: GoogleIamAdminV1WorkforcePoolProviderSaml description: Represents a SAML identity provider. @@ -2104,7 +2117,9 @@ components: description: Required. The purpose of the key. type: string enumDescriptions: - - KeyUse unspecified. + - >- + KeyUse unspecified. Do not use. The purpose of the key must be + specified. - The key is used for encryption. enum: - KEY_USE_UNSPECIFIED @@ -2186,37 +2201,42 @@ components: properties: {} ListWorkforcePoolProviderScimTenantsResponse: id: ListWorkforcePoolProviderScimTenantsResponse - description: Response message for ListWorkforcePoolProviderScimTenants. + description: >- + Agentspace only. Response message for + ListWorkforcePoolProviderScimTenants. type: object properties: workforcePoolProviderScimTenants: - description: Output only. A list of scim tenants. + description: Output only. Agentspace only. A list of SCIM tenants. readOnly: true type: array items: $ref: '#/components/schemas/WorkforcePoolProviderScimTenant' nextPageToken: description: >- - Optional. A token, which can be sent as `page_token` to retrieve the - next page. If this field is omitted, there are no subsequent pages. + Optional. Agentspace only. A token, which can be sent as + `page_token` to retrieve the next page. If this field is omitted, + there are no subsequent pages. type: string WorkforcePoolProviderScimTenant: id: WorkforcePoolProviderScimTenant description: >- - Represents a scim tenant. Used for provisioning and managing identity - data (such as Users and Groups) in cross-domain environments. + Agentspace only. Represents a SCIM tenant. Used for provisioning and + managing identity data (such as Users and Groups) in cross-domain + environments. type: object properties: name: description: >- - Identifier. The resource name of the SCIM Tenant. Format: + Identifier. Agentspace only. The resource name of the SCIM Tenant. + Format: `locations/{location}/workforcePools/{workforce_pool}/providers/ {workforce_pool_provider}/scimTenants/{scim_tenant}` type: string baseUri: description: >- - Output only. Represents the base URI as defined in [RFC 7644, - Section + Output only. Agentspace only. Represents the base URI as defined in + [RFC 7644, Section 1.3](https://datatracker.ietf.org/doc/html/rfc7644#section-1.3). Clients must use this as the root address for managing resources under the tenant. Format: @@ -2224,107 +2244,122 @@ components: readOnly: true type: string state: - description: Output only. The state of the tenant. + description: Output only. Agentspace only. The state of the tenant. readOnly: true type: string enumDescriptions: - - State unspecified. + - Agentspace only. State unspecified. - >- - The tenant is active and may be used to provision users and - groups. + Agentspace only. The tenant is active and may be used to provision + users and groups. - >- - The tenant is soft-deleted. Soft-deleted tenants are permanently - deleted after approximately 30 days. + Agentspace only. The tenant is soft-deleted. Soft-deleted tenants + are permanently deleted after approximately 30 days. enum: - STATE_UNSPECIFIED - ACTIVE - DELETED description: description: >- - Optional. The user-specified description of the scim tenant. Cannot - exceed 256 characters. + Optional. Agentspace only. The description of the SCIM tenant. + Cannot exceed 256 characters. type: string displayName: description: >- - Optional. The user-specified display name of the scim tenant. Cannot - exceed 32 characters. + Optional. Agentspace only. The display name of the SCIM tenant. + Cannot exceed 32 characters. type: string claimMapping: - description: Optional. Maps BYOID claims to SCIM claims. + description: Optional. Agentspace only. Maps BYOID claims to SCIM claims. type: object additionalProperties: type: string purgeTime: description: >- - Output only. The timestamp when the scim tenant is going to be - purged. + Output only. Agentspace only. The timestamp that represents the time + when the SCIM tenant is purged. readOnly: true type: string format: google-datetime + serviceAgent: + description: >- + Output only. Service Agent created by SCIM Tenant API. SCIM tokens + created under this tenant will be attached to this service agent. + readOnly: true + type: string UndeleteWorkforcePoolProviderScimTenantRequest: id: UndeleteWorkforcePoolProviderScimTenantRequest - description: Request message for UndeleteWorkforcePoolProviderScimTenant. + description: >- + Agentspace only. Request message for + UndeleteWorkforcePoolProviderScimTenant. type: object properties: {} ListWorkforcePoolProviderScimTokensResponse: id: ListWorkforcePoolProviderScimTokensResponse - description: Response message for ListWorkforcePoolProviderScimTokens. + description: >- + Agentspace only. Response message for + ListWorkforcePoolProviderScimTokens. type: object properties: workforcePoolProviderScimTokens: - description: Output only. A list of scim tokens. + description: Output only. Agentspace only. A list of SCIM tokens. readOnly: true type: array items: $ref: '#/components/schemas/WorkforcePoolProviderScimToken' nextPageToken: description: >- - Optional. A token, which can be sent as `page_token` to retrieve the - next page. If this field is omitted, there are no subsequent pages. + Optional. Agentspace only. A token, which can be sent as + `page_token` to retrieve the next page. If this field is omitted, + there are no subsequent pages. type: string WorkforcePoolProviderScimToken: id: WorkforcePoolProviderScimToken description: >- - Represents a token for the WorkforcePoolProviderScimTenant. Used for - authenticating SCIM Provisioning requests. + Agentspace only. Represents a token for the + WorkforcePoolProviderScimTenant. Used for authenticating SCIM + provisioning requests. type: object properties: name: description: >- - Identifier. The resource name of the SCIM Token. Format: + Identifier. Agentspace only. The resource name of the SCIM Token. + Format: `locations/{location}/workforcePools/{workforce_pool}/providers/ {workforce_pool_provider}/scimTenants/{scim_tenant}/tokens/{token}` type: string securityToken: description: >- - Output only. The token string. Provide this to the IdP for - authentication. Will be set only during creation. + Output only. Agentspace only. The token string. Provide this to the + IdP for authentication. Will be set only during creation. readOnly: true type: string state: - description: Output only. The state of the token. + description: Output only. Agentspace only. The state of the token. readOnly: true type: string enumDescriptions: - - State unspecified. + - Agentspace only. State unspecified. - >- - The tenant is active and may be used to provision users and - groups. + Agentspace only. The token is active and may be used to provision + users and groups. - >- - The tenant is soft-deleted. Soft-deleted tenants are permanently - deleted after approximately 30 days. + Agentspace only. The token is soft-deleted. Soft-deleted tokens + are permanently deleted after approximately 30 days. enum: - STATE_UNSPECIFIED - ACTIVE - DELETED displayName: description: >- - Optional. The user-specified display name of the scim token. Cannot - exceed 32 characters. + Optional. Agentspace only. The display name of the SCIM token. + Cannot exceed 32 characters. type: string UndeleteWorkforcePoolProviderScimTokenRequest: id: UndeleteWorkforcePoolProviderScimTokenRequest - description: Request message for UndeleteWorkforcePoolProviderScimToken. + description: >- + Agentspace only. Request message for + UndeleteWorkforcePoolProviderScimToken. type: object properties: {} ListWorkloadIdentityPoolsResponse: @@ -2661,7 +2696,8 @@ components: type: object properties: name: - description: Identifier. The resource name of the managed identity. + description: Output only. The resource name of the managed identity. + readOnly: true type: string description: description: >- @@ -2725,7 +2761,8 @@ components: type: object properties: name: - description: Identifier. The resource name of the provider. + description: Output only. The resource name of the provider. + readOnly: true type: string displayName: description: >- @@ -8797,9 +8834,9 @@ paths: parameters: *ref_1 get: description: >- - Lists all non-deleted WorkforcePoolProviderScimTenants in a - WorkforcePoolProvider. If `show_deleted` is set to `true`, then deleted - scim tenants are also listed. + Agentspace only. Lists all non-deleted WorkforcePoolProviderScimTenants + in a WorkforcePoolProvider. If `show_deleted` is set to `true`, then + deleted SCIM tenants are also listed. operationId: iam.locations.workforcePools.providers.scimTenants.list security: - Oauth2: @@ -8845,8 +8882,8 @@ paths: type: boolean post: description: >- - Creates a new WorkforcePoolProviderScimTenant in a - WorkforcePoolProvider. You cannot reuse the name of a deleted scim + Agentspace only. Creates a new WorkforcePoolProviderScimTenant in a + WorkforcePoolProvider. You cannot reuse the name of a deleted SCIM tenant until 30 days after deletion. operationId: iam.locations.workforcePools.providers.scimTenants.create requestBody: @@ -8889,7 +8926,7 @@ paths: /v1/locations/{locationsId}/workforcePools/{workforcePoolsId}/providers/{providersId}/scimTenants/{scimTenantsId}: parameters: *ref_1 get: - description: Gets an individual WorkforcePoolProviderScimTenant. + description: Agentspace only. Gets an individual WorkforcePoolProviderScimTenant. operationId: iam.locations.workforcePools.providers.scimTenants.get security: - Oauth2: @@ -8925,7 +8962,7 @@ paths: schema: type: string patch: - description: Updates an existing WorkforcePoolProviderScimTenant. + description: Agentspace only. Updates an existing WorkforcePoolProviderScimTenant. operationId: iam.locations.workforcePools.providers.scimTenants.patch requestBody: content: @@ -8972,9 +9009,10 @@ paths: format: google-fieldmask delete: description: >- - Deletes a WorkforcePoolProviderScimTenant. You can undelete a scim - tenant for 30 days. After 30 days, deletion is permanent. You cannot - update deleted scim tenants. However, you can view and list them. + Agentspace only. Deletes a WorkforcePoolProviderScimTenant. You can + undelete a SCIM tenant for 30 days. After 30 days, deletion is + permanent. You cannot update deleted SCIM tenants. However, you can view + and list them. operationId: iam.locations.workforcePools.providers.scimTenants.delete security: - Oauth2: @@ -9009,12 +9047,16 @@ paths: required: true schema: type: string + - in: query + name: hardDelete + schema: + type: boolean /v1/locations/{locationsId}/workforcePools/{workforcePoolsId}/providers/{providersId}/scimTenants/{scimTenantsId}:undelete: parameters: *ref_1 post: description: >- - Undeletes a WorkforcePoolProviderScimTenant, as long as it was deleted - fewer than 30 days ago. + Agentspace only. Undeletes a WorkforcePoolProviderScimTenant, that was + deleted fewer than 30 days ago. operationId: iam.locations.workforcePools.providers.scimTenants.undelete requestBody: content: @@ -9059,9 +9101,9 @@ paths: parameters: *ref_1 get: description: >- - Lists all non-deleted WorkforcePoolProviderScimTokenss in a - WorkforcePoolProviderScimTenant. If `show_deleted` is set to `true`, - then deleted SCIM tokens are also listed. + Agentspace only. Lists all non-deleted WorkforcePoolProviderScimTokenss + in a WorkforcePoolProviderScimTenant. If `show_deleted` is set to + `true`, then deleted SCIM tokens are also listed. operationId: iam.locations.workforcePools.providers.scimTenants.tokens.list security: - Oauth2: @@ -9112,7 +9154,7 @@ paths: type: boolean post: description: >- - Creates a new WorkforcePoolProviderScimToken in a + Agentspace only. Creates a new WorkforcePoolProviderScimToken in a WorkforcePoolProviderScimTenant. You cannot reuse the name of a deleted SCIM token until 30 days after deletion. operationId: iam.locations.workforcePools.providers.scimTenants.tokens.create @@ -9161,7 +9203,7 @@ paths: /v1/locations/{locationsId}/workforcePools/{workforcePoolsId}/providers/{providersId}/scimTenants/{scimTenantsId}/tokens/{tokensId}: parameters: *ref_1 get: - description: Gets an individual WorkforcePoolProviderScimToken. + description: Agentspace only. Gets an individual WorkforcePoolProviderScimToken. operationId: iam.locations.workforcePools.providers.scimTenants.tokens.get security: - Oauth2: @@ -9202,7 +9244,7 @@ paths: schema: type: string patch: - description: Updates an existing WorkforcePoolProviderScimToken. + description: Agentspace only. Updates an existing WorkforcePoolProviderScimToken. operationId: iam.locations.workforcePools.providers.scimTenants.tokens.patch requestBody: content: @@ -9254,9 +9296,10 @@ paths: format: google-fieldmask delete: description: >- - Deletes a WorkforcePoolProviderScimToken. You can undelete a scim token - for 30 days. After 30 days, deletion is permanent. You cannot update - deleted scim tokens. However, you can view and list them. + Agentspace only. Deletes a WorkforcePoolProviderScimToken. You can + undelete a SCIM token for 30 days. After 30 days, the SCIM token is + permanently deleted. You cannot update deleted SCIM tokens, however, you + can view and list them. operationId: iam.locations.workforcePools.providers.scimTenants.tokens.delete security: - Oauth2: @@ -9300,8 +9343,8 @@ paths: parameters: *ref_1 post: description: >- - Undeletes a WorkforcePoolProviderScimToken, as long as it was deleted - fewer than 30 days ago. + Agentspace only. Undeletes a WorkforcePoolProviderScimToken,that was + deleted fewer than 30 days ago. operationId: iam.locations.workforcePools.providers.scimTenants.tokens.undelete requestBody: content: diff --git a/providers/src/googleapis.com/v00.00.00000/services/iamcredentials.yaml b/providers/src/googleapis.com/v00.00.00000/services/iamcredentials.yaml index cbb4b88a..4cf44ac2 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/iamcredentials.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/iamcredentials.yaml @@ -10,8 +10,8 @@ info: Disabling this API also disables the IAM API (iam.googleapis.com). However, enabling this API doesn't enable the IAM API. version: v1 - x-discovery-doc-revision: '20250717' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251108' + x-generated-date: '2025-12-10' externalDocs: url: >- https://cloud.google.com/iam/docs/creating-short-lived-service-account-credentials @@ -38,68 +38,108 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GenerateAccessTokenRequest: - id: GenerateAccessTokenRequest + GenerateIdTokenResponse: type: object properties: - delegates: + token: + type: string description: >- - The sequence of service accounts in a delegation chain. This field - is required for [delegated - requests](https://cloud.google.com/iam/help/credentials/delegated-request). - For [direct - requests](https://cloud.google.com/iam/help/credentials/direct-request), - which are more common, do not specify this field. Each service - account must be granted the `roles/iam.serviceAccountTokenCreator` - role on its next service account in the chain. The last service - account in the chain must be granted the - `roles/iam.serviceAccountTokenCreator` role on the service account - that is specified in the `name` field of the request. The delegates - must have the following format: - `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` - wildcard character is required; replacing it with a project ID is - invalid. - type: array + The OpenId Connect ID token. The token is a JSON Web Token (JWT) + that contains a payload with claims. See the [JSON Web Token + spec](https://tools.ietf.org/html/rfc7519) for more information. + Here is an example of a decoded JWT payload: ``` { "iss": + "https://accounts.google.com", "iat": 1496953245, "exp": 1496953245, + "aud": "https://www.example.com", "sub": "107517467455664443765", + "azp": "107517467455664443765", "email": + "my-iam-account@my-project.iam.gserviceaccount.com", + "email_verified": true, "google": { "organization_number": 123456 } + } ``` + id: GenerateIdTokenResponse + WorkforcePoolAllowedLocations: + properties: + locations: items: type: string - scope: + type: array + readOnly: true description: >- - Required. Code to identify the scopes to be included in the OAuth - 2.0 access token. See - https://developers.google.com/identity/protocols/googlescopes for - more information. At least one value required. + Output only. The human readable trust boundary locations. For + example, ["us-central1", "europe-west1"] + encodedLocations: + readOnly: true + description: Output only. The hex encoded bitmap of the trust boundary locations + type: string + id: WorkforcePoolAllowedLocations + type: object + description: Represents a list of allowed locations for given workforce pool. + WorkloadIdentityPoolAllowedLocations: + id: WorkloadIdentityPoolAllowedLocations + type: object + description: Represents a list of allowed locations for given workload identity pool. + properties: + locations: type: array + description: >- + Output only. The human readable trust boundary locations. For + example, ["us-central1", "europe-west1"] items: type: string - lifetime: - description: >- - The desired lifetime duration of the access token in seconds. By - default, the maximum allowed value is 1 hour. To set a lifetime of - up to 12 hours, you can add the service account as an allowed value - in an Organization Policy that enforces the - `constraints/iam.allowServiceAccountCredentialLifetimeExtension` - constraint. See detailed instructions at - https://cloud.google.com/iam/help/credentials/lifetime If a value is - not specified, the token's lifetime will be set to a default value - of 1 hour. + readOnly: true + encodedLocations: + readOnly: true + description: Output only. The hex encoded bitmap of the trust boundary locations type: string - format: google-duration - GenerateAccessTokenResponse: - id: GenerateAccessTokenResponse + ServiceAccountAllowedLocations: + properties: + encodedLocations: + readOnly: true + type: string + description: Output only. The hex encoded bitmap of the trust boundary locations + locations: + items: + type: string + description: >- + Output only. The human readable trust boundary locations. For + example, ["us-central1", "europe-west1"] + type: array + readOnly: true + type: object + description: Represents a list of allowed locations for given service account. + id: ServiceAccountAllowedLocations + SignBlobResponse: type: object + id: SignBlobResponse properties: - accessToken: - description: The OAuth 2.0 access token. + signedBlob: + format: byte type: string - expireTime: - description: Token expiration time. The expiration time is always set. + description: >- + The signature for the blob. Does not include the original blob. + After the key pair referenced by the `key_id` response field + expires, Google no longer exposes the public key that can be used to + verify the blob. As a result, the receiver can no longer verify the + signature. + keyId: + description: >- + The ID of the key used to sign the blob. The key used for signing + will remain valid for at least 12 hours after the blob is signed. To + verify the signature, you can retrieve the public key in several + formats from the following endpoints: - RSA public key wrapped in an + X.509 v3 certificate: + `https://www.googleapis.com/service_accounts/v1/metadata/x509/{ACCOUNT_EMAIL}` + - Raw key in JSON format: + `https://www.googleapis.com/service_accounts/v1/metadata/raw/{ACCOUNT_EMAIL}` + - JSON Web Key (JWK): + `https://www.googleapis.com/service_accounts/v1/metadata/jwk/{ACCOUNT_EMAIL}` type: string - format: google-datetime - GenerateIdTokenRequest: - id: GenerateIdTokenRequest + SignJwtRequest: + id: SignJwtRequest type: object properties: delegates: + type: array + items: + type: string description: >- The sequence of service accounts in a delegation chain. Each service account must be granted the `roles/iam.serviceAccountTokenCreator` @@ -111,48 +151,22 @@ components: `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard character is required; replacing it with a project ID is invalid. - type: array - items: - type: string - audience: - description: >- - Required. The audience for the token, such as the API or account - that this token grants access to. - type: string - includeEmail: - description: >- - Include the service account email in the token. If set to `true`, - the token will contain `email` and `email_verified` claims. - type: boolean - organizationNumberIncluded: - description: >- - Include the organization number of the service account in the token. - If set to `true`, the token will contain a - `google.organization_number` claim. The value of the claim will be - `null` if the service account isn't associated with an organization. - type: boolean - GenerateIdTokenResponse: - id: GenerateIdTokenResponse - type: object - properties: - token: + payload: description: >- - The OpenId Connect ID token. The token is a JSON Web Token (JWT) - that contains a payload with claims. See the [JSON Web Token - spec](https://tools.ietf.org/html/rfc7519) for more information. - Here is an example of a decoded JWT payload: ``` { "iss": - "https://accounts.google.com", "iat": 1496953245, "exp": 1496953245, - "aud": "https://www.example.com", "sub": "107517467455664443765", - "azp": "107517467455664443765", "email": - "my-iam-account@my-project.iam.gserviceaccount.com", - "email_verified": true, "google": { "organization_number": 123456 } - } ``` + Required. The JWT payload to sign. Must be a serialized JSON object + that contains a JWT Claims Set. For example: `{"sub": + "user@example.com", "iat": 313435}` If the JWT Claims Set contains + an expiration time (`exp`) claim, it must be an integer timestamp + that is not in the past and no more than 12 hours in the future. type: string SignBlobRequest: - id: SignBlobRequest type: object + id: SignBlobRequest properties: delegates: + items: + type: string + type: array description: >- The sequence of service accounts in a delegation chain. Each service account must be granted the `roles/iam.serviceAccountTokenCreator` @@ -164,46 +178,31 @@ components: `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard character is required; replacing it with a project ID is invalid. - type: array - items: - type: string payload: description: Required. The bytes to sign. type: string format: byte - SignBlobResponse: - id: SignBlobResponse - type: object + GenerateAccessTokenResponse: properties: - keyId: - description: >- - The ID of the key used to sign the blob. The key used for signing - will remain valid for at least 12 hours after the blob is signed. To - verify the signature, you can retrieve the public key in several - formats from the following endpoints: - RSA public key wrapped in an - X.509 v3 certificate: - `https://www.googleapis.com/service_accounts/v1/metadata/x509/{ACCOUNT_EMAIL}` - - Raw key in JSON format: - `https://www.googleapis.com/service_accounts/v1/metadata/raw/{ACCOUNT_EMAIL}` - - JSON Web Key (JWK): - `https://www.googleapis.com/service_accounts/v1/metadata/jwk/{ACCOUNT_EMAIL}` + accessToken: + description: The OAuth 2.0 access token. type: string - signedBlob: - description: >- - The signature for the blob. Does not include the original blob. - After the key pair referenced by the `key_id` response field - expires, Google no longer exposes the public key that can be used to - verify the blob. As a result, the receiver can no longer verify the - signature. + expireTime: + format: google-datetime type: string - format: byte - SignJwtRequest: - id: SignJwtRequest + description: Token expiration time. The expiration time is always set. + id: GenerateAccessTokenResponse type: object + GenerateAccessTokenRequest: properties: delegates: description: >- - The sequence of service accounts in a delegation chain. Each service + The sequence of service accounts in a delegation chain. This field + is required for [delegated + requests](https://cloud.google.com/iam/help/credentials/delegated-request). + For [direct + requests](https://cloud.google.com/iam/help/credentials/direct-request), + which are more common, do not specify this field. Each service account must be granted the `roles/iam.serviceAccountTokenCreator` role on its next service account in the chain. The last service account in the chain must be granted the @@ -216,17 +215,69 @@ components: type: array items: type: string - payload: + scope: description: >- - Required. The JWT payload to sign. Must be a serialized JSON object - that contains a JWT Claims Set. For example: `{"sub": - "user@example.com", "iat": 313435}` If the JWT Claims Set contains - an expiration time (`exp`) claim, it must be an integer timestamp - that is not in the past and no more than 12 hours in the future. + Required. Code to identify the scopes to be included in the OAuth + 2.0 access token. See + https://developers.google.com/identity/protocols/googlescopes for + more information. At least one value required. + items: + type: string + type: array + lifetime: + format: google-duration + description: >- + The desired lifetime duration of the access token in seconds. By + default, the maximum allowed value is 1 hour. To set a lifetime of + up to 12 hours, you can add the service account as an allowed value + in an Organization Policy that enforces the + `constraints/iam.allowServiceAccountCredentialLifetimeExtension` + constraint. See detailed instructions at + https://cloud.google.com/iam/help/credentials/lifetime If a value is + not specified, the token's lifetime will be set to a default value + of 1 hour. type: string + id: GenerateAccessTokenRequest + type: object + GenerateIdTokenRequest: + properties: + audience: + type: string + description: >- + Required. The audience for the token, such as the API or account + that this token grants access to. + delegates: + items: + type: string + type: array + description: >- + The sequence of service accounts in a delegation chain. Each service + account must be granted the `roles/iam.serviceAccountTokenCreator` + role on its next service account in the chain. The last service + account in the chain must be granted the + `roles/iam.serviceAccountTokenCreator` role on the service account + that is specified in the `name` field of the request. The delegates + must have the following format: + `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` + wildcard character is required; replacing it with a project ID is + invalid. + organizationNumberIncluded: + type: boolean + description: >- + Include the organization number of the service account in the token. + If set to `true`, the token will contain a + `google.organization_number` claim. The value of the claim will be + `null` if the service account isn't associated with an organization. + includeEmail: + type: boolean + description: >- + Include the service account email in the token. If set to `true`, + the token will contain `email` and `email_verified` claims. + type: object + id: GenerateIdTokenRequest SignJwtResponse: - id: SignJwtResponse type: object + id: SignJwtResponse properties: keyId: description: >- @@ -242,72 +293,15 @@ components: `https://www.googleapis.com/service_accounts/v1/metadata/jwk/{ACCOUNT_EMAIL}` type: string signedJwt: + type: string description: >- The signed JWT. Contains the automatically generated header; the client-supplied payload; and the signature, which is generated using the key referenced by the `kid` field in the header. After the key pair referenced by the `key_id` response field expires, Google no - longer exposes the public key that can be used to verify the JWT. As - a result, the receiver can no longer verify the signature. - type: string - ServiceAccountAllowedLocations: - id: ServiceAccountAllowedLocations - description: Represents a list of allowed locations for given service account. - type: object - properties: - locations: - description: >- - Output only. The human readable trust boundary locations. For - example, ["us-central1", "europe-west1"] - readOnly: true - type: array - items: - type: string - encodedLocations: - description: Output only. The hex encoded bitmap of the trust boundary locations - readOnly: true - type: string - WorkloadIdentityPoolAllowedLocations: - id: WorkloadIdentityPoolAllowedLocations - description: Represents a list of allowed locations for given workload identity pool. - type: object - properties: - locations: - description: >- - Output only. The human readable trust boundary locations. For - example, ["us-central1", "europe-west1"] - readOnly: true - type: array - items: - type: string - encodedLocations: - description: Output only. The hex encoded bitmap of the trust boundary locations - readOnly: true - type: string - WorkforcePoolAllowedLocations: - id: WorkforcePoolAllowedLocations - description: Represents a list of allowed locations for given workforce pool. - type: object - properties: - locations: - description: >- - Output only. The human readable trust boundary locations. For - example, ["us-central1", "europe-west1"] - readOnly: true - type: array - items: - type: string - encodedLocations: - description: Output only. The hex encoded bitmap of the trust boundary locations - readOnly: true - type: string + longer exposes the public key that can be used to verify the JWT. As + a result, the receiver can no longer verify the signature. parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string alt: description: Data format for response. in: query @@ -318,25 +312,25 @@ components: - json - media - proto - callback: - description: JSONP + access_token: + description: OAuth access token. in: query - name: callback + name: access_token schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: fields + name: quotaUser schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: key + name: upload_protocol schema: type: string oauth_token: @@ -345,31 +339,37 @@ components: name: oauth_token schema: type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + callback: + description: JSONP in: query - name: upload_protocol + name: callback schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: uploadType + name: key schema: type: string _.xgafv: @@ -382,29 +382,49 @@ components: - '1' - '2' x-stackQL-resources: + allowed_locations: + id: google.iamcredentials.allowed_locations + name: allowed_locations + title: Allowed_locations + methods: + get_allowed_locations: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1serviceAccounts~1{serviceAccountsId}~1allowedLocations/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/allowed_locations/methods/get_allowed_locations + insert: [] + update: [] + replace: [] + delete: [] service_accounts: id: google.iamcredentials.service_accounts name: service_accounts title: Service_accounts methods: - generate_access_token: + sign_blob: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1serviceAccounts~1{serviceAccountsId}:generateAccessToken/post + #/paths/~1v1~1projects~1{projectsId}~1serviceAccounts~1{serviceAccountsId}:signBlob/post response: mediaType: application/json openAPIDocKey: '200' - generate_id_token: + generate_access_token: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1serviceAccounts~1{serviceAccountsId}:generateIdToken/post + #/paths/~1v1~1projects~1{projectsId}~1serviceAccounts~1{serviceAccountsId}:generateAccessToken/post response: mediaType: application/json openAPIDocKey: '200' - sign_blob: + generate_id_token: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1serviceAccounts~1{serviceAccountsId}:signBlob/post + #/paths/~1v1~1projects~1{projectsId}~1serviceAccounts~1{serviceAccountsId}:generateIdToken/post response: mediaType: application/json openAPIDocKey: '200' @@ -421,93 +441,56 @@ components: update: [] replace: [] delete: [] - allowed_locations: - id: google.iamcredentials.allowed_locations - name: allowed_locations - title: Allowed_locations - methods: - get_allowed_locations: - operation: - $ref: >- - #/paths/~1v1~1locations~1{locationsId}~1workforcePools~1{workforcePoolsId}~1allowedLocations/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/allowed_locations/methods/get_allowed_locations - insert: [] - update: [] - replace: [] - delete: [] paths: - /v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:generateAccessToken: + /v1/locations/{locationsId}/workforcePools/{workforcePoolsId}/allowedLocations: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/_.xgafv' - post: - description: Generates an OAuth 2.0 access token for a service account. - operationId: iamcredentials.projects.serviceAccounts.generateAccessToken - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GenerateAccessTokenRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + get: + description: Returns the trust boundary info for a given workforce pool. + operationId: iamcredentials.locations.workforcePools.getAllowedLocations + security: [] responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GenerateAccessTokenResponse' + $ref: '#/components/schemas/WorkforcePoolAllowedLocations' parameters: - in: path - name: projectsId + name: locationsId required: true schema: type: string - in: path - name: serviceAccountsId + name: workforcePoolsId required: true schema: type: string - /v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:generateIdToken: + /v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/allowedLocations: parameters: *ref_1 - post: - description: Generates an OpenID Connect ID token for a service account. - operationId: iamcredentials.projects.serviceAccounts.generateIdToken - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GenerateIdTokenRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + get: + description: Returns the trust boundary info for a given workload identity pool. + operationId: >- + iamcredentials.projects.locations.workloadIdentityPools.getAllowedLocations + security: [] responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GenerateIdTokenResponse' + $ref: '#/components/schemas/WorkloadIdentityPoolAllowedLocations' parameters: - in: path name: projectsId @@ -515,7 +498,12 @@ paths: schema: type: string - in: path - name: serviceAccountsId + name: locationsId + required: true + schema: + type: string + - in: path + name: workloadIdentityPoolsId required: true schema: type: string @@ -552,16 +540,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:signJwt: + /v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:generateAccessToken: parameters: *ref_1 post: - description: Signs a JWT using a service account's system-managed private key. - operationId: iamcredentials.projects.serviceAccounts.signJwt + description: Generates an OAuth 2.0 access token for a service account. + operationId: iamcredentials.projects.serviceAccounts.generateAccessToken requestBody: content: application/json: schema: - $ref: '#/components/schemas/SignJwtRequest' + $ref: '#/components/schemas/GenerateAccessTokenRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -573,7 +561,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SignJwtResponse' + $ref: '#/components/schemas/GenerateAccessTokenResponse' parameters: - in: path name: projectsId @@ -585,19 +573,28 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/allowedLocations: + /v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:generateIdToken: parameters: *ref_1 - get: - description: Returns the trust boundary info for a given service account. - operationId: iamcredentials.projects.serviceAccounts.getAllowedLocations - security: [] + post: + description: Generates an OpenID Connect ID token for a service account. + operationId: iamcredentials.projects.serviceAccounts.generateIdToken + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GenerateIdTokenRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ServiceAccountAllowedLocations' + $ref: '#/components/schemas/GenerateIdTokenResponse' parameters: - in: path name: projectsId @@ -609,12 +606,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/allowedLocations: + /v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/allowedLocations: parameters: *ref_1 get: - description: Returns the trust boundary info for a given workload identity pool. - operationId: >- - iamcredentials.projects.locations.workloadIdentityPools.getAllowedLocations + description: Returns the trust boundary info for a given service account. + operationId: iamcredentials.projects.serviceAccounts.getAllowedLocations security: [] responses: '200': @@ -622,7 +618,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WorkloadIdentityPoolAllowedLocations' + $ref: '#/components/schemas/ServiceAccountAllowedLocations' parameters: - in: path name: projectsId @@ -630,36 +626,40 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: workloadIdentityPoolsId + name: serviceAccountsId required: true schema: type: string - /v1/locations/{locationsId}/workforcePools/{workforcePoolsId}/allowedLocations: + /v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:signJwt: parameters: *ref_1 - get: - description: Returns the trust boundary info for a given workforce pool. - operationId: iamcredentials.locations.workforcePools.getAllowedLocations - security: [] + post: + description: Signs a JWT using a service account's system-managed private key. + operationId: iamcredentials.projects.serviceAccounts.signJwt + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SignJwtRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/WorkforcePoolAllowedLocations' + $ref: '#/components/schemas/SignJwtResponse' parameters: - in: path - name: locationsId + name: projectsId required: true schema: type: string - in: path - name: workforcePoolsId + name: serviceAccountsId required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/iamv2.yaml b/providers/src/googleapis.com/v00.00.00000/services/iamv2.yaml index 85bfefb4..889d6eff 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/iamv2.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/iamv2.yaml @@ -12,8 +12,8 @@ info: Account Credentials API (iamcredentials.googleapis.com). However, disabling this API doesn't disable the IAM Service Account Credentials API. version: v2 - x-discovery-doc-revision: '20250825' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251107' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/iam/ servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/iamv2beta.yaml b/providers/src/googleapis.com/v00.00.00000/services/iamv2beta.yaml index 0a6a76c0..5c3f1619 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/iamv2beta.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/iamv2beta.yaml @@ -12,8 +12,8 @@ info: Account Credentials API (iamcredentials.googleapis.com). However, disabling this API doesn't disable the IAM Service Account Credentials API. version: v2beta - x-discovery-doc-revision: '20250815' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251107' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/iam/ servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/iap.yaml b/providers/src/googleapis.com/v00.00.00000/services/iap.yaml index f460603f..e88808c8 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/iap.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/iap.yaml @@ -7,8 +7,8 @@ info: title: Cloud Identity-Aware Proxy API description: Controls access to cloud applications running on Google Cloud Platform. version: v1 - x-discovery-doc-revision: '20250802' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251129' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/iap servers: @@ -34,19 +34,129 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. + GetPolicyOptions: + id: GetPolicyOptions + description: Encapsulates settings provided to GetIamPolicy. + properties: + requestedPolicyVersion: + type: integer + format: int32 + description: >- + Optional. The maximum policy version that will be used to format the + policy. Valid values are 0, 1, and 3. Requests specifying an invalid + value will be rejected. Requests for policies with any conditional + role bindings must specify version 3. Policies with no conditional + role bindings may specify any valid value or leave the field unset. + The policy in the response might use the policy version that you + specified, or it might use a lower policy version. For example, if + you specify version 3, but the policy has no conditional role + bindings, the response uses version 1. To learn which resources + support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). type: object + AccessDeniedPageSettings: + id: AccessDeniedPageSettings + description: >- + Custom content configuration for access denied page. IAP allows + customers to define a custom URI to use as the error page when access is + denied to users. If IAP prevents access to this page, the default IAP + error page will be displayed instead. properties: - policy: + accessDeniedPageUri: + type: string + description: The URI to be redirected to when access is denied. + remediationTokenGenerationEnabled: description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' + Whether to generate remediation token on access denied events to + this application. + type: boolean + generateTroubleshootingUri: + description: >- + Whether to generate a troubleshooting URL on access denied events to + this application. + type: boolean + type: object + TestIamPermissionsRequest: + properties: + permissions: + type: array + items: + type: string + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + id: TestIamPermissionsRequest + type: object + description: Request message for `TestIamPermissions` method. + TagsFullState: + type: object + properties: + tags: + additionalProperties: + type: string + type: object + description: >- + If TagsFullState is initialized, the values in this field fully + represent all the tags in the next state (the current tag values are + not used). If tags.size() == 0, the next state of tags would be no + tags for evaluation purposes. Only one type of tags reference + (numeric or namespace) is required to be passed. + id: TagsFullState Policy: + type: object + properties: + bindings: + items: + $ref: '#/components/schemas/Binding' + type: array + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + version: + format: int32 + type: integer + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + etag: + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + type: string + format: byte id: Policy description: >- An Identity and Access Management (IAM) policy, which specifies access @@ -82,442 +192,178 @@ components: timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). - type: object + CorsSettings: + description: >- + Allows customers to configure HTTP request paths that'll allow HTTP + `OPTIONS` call to bypass authentication and authorization. + id: CorsSettings properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + allowHttpOptions: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array + Configuration to allow HTTP `OPTIONS` calls to skip authentication + and authorization. If undefined, IAP will not apply any special + logic to `OPTIONS` requests. + type: boolean + type: object + ResetIdentityAwareProxyClientSecretRequest: + id: ResetIdentityAwareProxyClientSecretRequest + description: The request sent to ResetIdentityAwareProxyClientSecret. + properties: {} + type: object + ListBrandsResponse: + description: Response message for ListBrands. + type: object + id: ListBrandsResponse + properties: + brands: items: - $ref: '#/components/schemas/Binding' - etag: + $ref: '#/components/schemas/Brand' + description: Brands existing in the project. + type: array + SetIamPolicyRequest: + id: SetIamPolicyRequest + type: object + description: Request message for `SetIamPolicy` method. + properties: + policy: + $ref: '#/components/schemas/Policy' description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + TagsFullStateForChildResource: + id: TagsFullStateForChildResource type: object properties: - role: + tags: description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string - members: + If TagsFullStateForChildResource is initialized, the values in this + field represent all the tags in the next state for the child + resource. Only one type of tags reference (numeric or namespace) is + required to be passed. IMPORTANT: This field should only be used + when the target resource IAM policy name is UNKNOWN and the + resource's parent IAM policy name is being passed in the request. + type: object + additionalProperties: + type: string + WorkforceIdentitySettings: + type: object + id: WorkforceIdentitySettings + description: >- + WorkforceIdentitySettings allows customers to configure workforce pools + and OAuth 2.0 settings to gate their applications using a third-party + IdP with access control. + properties: + workforcePools: + items: + type: string + description: The workforce pool resources. Only one workforce pool is accepted. + type: array + oauth2: + $ref: '#/components/schemas/OAuth2' description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - type: object + OAuth 2.0 settings for IAP to perform OIDC flow with workforce + identity federation services. + ApplicationSettings: + id: ApplicationSettings properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string - title: - description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. - type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: + accessDeniedPageSettings: + description: Optional. Customization for Access Denied page. + $ref: '#/components/schemas/AccessDeniedPageSettings' + attributePropagationSettings: + description: Optional. Settings to configure attribute propagation. + $ref: '#/components/schemas/AttributePropagationSettings' + cookieDomain: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + The Domain value to set for cookies generated by IAP. This value is + not validated by the API, but will be ignored at runtime if invalid. type: string - GetIamPolicyRequest: - id: GetIamPolicyRequest - description: Request message for `GetIamPolicy` method. - type: object - properties: - options: - description: >- - OPTIONAL: A `GetPolicyOptions` object for specifying options to - `GetIamPolicy`. - $ref: '#/components/schemas/GetPolicyOptions' - GetPolicyOptions: - id: GetPolicyOptions - description: Encapsulates settings provided to GetIamPolicy. - type: object - properties: - requestedPolicyVersion: - description: >- - Optional. The maximum policy version that will be used to format the - policy. Valid values are 0, 1, and 3. Requests specifying an invalid - value will be rejected. Requests for policies with any conditional - role bindings must specify version 3. Policies with no conditional - role bindings may specify any valid value or leave the field unset. - The policy in the response might use the policy version that you - specified, or it might use a lower policy version. For example, if - you specify version 3, but the policy has no conditional role - bindings, the response uses version 1. To learn which resources - support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. + csmSettings: + $ref: '#/components/schemas/CsmSettings' + description: Optional. Settings to configure IAP's behavior for a service mesh. + description: Wrapper over application specific settings for IAP. type: object - properties: - permissions: - description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string TestIamPermissionsResponse: id: TestIamPermissionsResponse description: Response message for `TestIamPermissions` method. - type: object properties: permissions: + type: array description: >- A subset of `TestPermissionsRequest.permissions` that the caller is allowed. - type: array items: type: string - IapSettings: - id: IapSettings - description: The IAP configurable settings. type: object + Brand: + type: object + id: Brand properties: + applicationTitle: + type: string + description: Application name displayed on OAuth consent screen. + supportEmail: + type: string + description: Support email displayed on the OAuth consent screen. name: - description: Required. The resource name of the IAP protected resource. + description: >- + Output only. Identifier of the brand. NOTE: GCP project number + achieves the same brand identification purpose as only one brand per + project can be created. + readOnly: true type: string - accessSettings: - description: Optional. Top level wrapper for all access related setting in IAP - $ref: '#/components/schemas/AccessSettings' - applicationSettings: + orgInternalOnly: + type: boolean + readOnly: true description: >- - Optional. Top level wrapper for all application related settings in - IAP - $ref: '#/components/schemas/ApplicationSettings' - AccessSettings: - id: AccessSettings - description: Access related settings for IAP protected apps. + Output only. Whether the brand is only intended for usage inside the + G Suite organization only. + description: >- + OAuth brand data. NOTE: Only contains a portion of the data that + describes a brand. + TagsPartialState: + id: TagsPartialState type: object properties: - gcipSettings: - description: >- - Optional. GCIP claims and endpoint configurations for 3p identity - providers. - $ref: '#/components/schemas/GcipSettings' - corsSettings: - description: Optional. Configuration to allow cross-origin requests via IAP. - $ref: '#/components/schemas/CorsSettings' - oauthSettings: - description: Optional. Settings to configure IAP's OAuth behavior. - $ref: '#/components/schemas/OAuthSettings' - policyDelegationSettings: - description: >- - Optional. Settings to allow google-internal teams to use IAP for - apps hosted in a tenant project. - $ref: '#/components/schemas/PolicyDelegationSettings' - reauthSettings: - description: Optional. Settings to configure reauthentication policies in IAP. - $ref: '#/components/schemas/ReauthSettings' - allowedDomainsSettings: - description: Optional. Settings to configure and enable allowed domains. - $ref: '#/components/schemas/AllowedDomainsSettings' - workforceIdentitySettings: - description: >- - Optional. Settings to configure the workforce identity federation, - including workforce pools and OAuth 2.0 settings. - $ref: '#/components/schemas/WorkforceIdentitySettings' - identitySources: - description: >- - Optional. Identity sources that IAP can use to authenticate the end - user. Only one identity source can be configured. + tagKeysToRemove: type: array items: type: string - enumDescriptions: - - >- - IdentitySource Unspecified. When selected, IAP relies on which - identity settings are fully configured to redirect the traffic - to. The precedence order is WorkforceIdentitySettings > - GcipSettings. If none is set, default to use Google identity. - - >- - Use external identities set up on Google Cloud Workforce - Identity Federation. - enum: - - IDENTITY_SOURCE_UNSPECIFIED - - WORKFORCE_IDENTITY_FEDERATION - GcipSettings: - id: GcipSettings - description: >- - Allows customers to configure tenant IDs for a Cloud Identity Platform - (GCIP) instance for each application. - type: object - properties: - tenantIds: - description: >- - Optional. GCIP tenant IDs that are linked to the IAP resource. - `tenant_ids` could be a string beginning with a number character to - indicate authenticating with GCIP tenant flow, or in the format of - `_` to indicate authenticating with GCIP agent flow. If agent flow - is used, `tenant_ids` should only contain one single element, while - for tenant flow, `tenant_ids` can contain multiple elements. - type: array - items: - type: string - loginPageUri: description: >- - Login page URI associated with the GCIP tenants. Typically, all - resources within the same project share the same login page, though - it could be overridden at the sub resource level. - type: string - CorsSettings: - id: CorsSettings - description: >- - Allows customers to configure HTTP request paths that'll allow HTTP - `OPTIONS` call to bypass authentication and authorization. - type: object - properties: - allowHttpOptions: + Keys of the tags that should be removed for evaluation purposes. + IMPORTANT: Currently only numeric references are supported. Once + support for namespace references is added, both the tag references + (numeric and namespace) will be removed. + tagsToUpsert: description: >- - Configuration to allow HTTP `OPTIONS` calls to skip authentication - and authorization. If undefined, IAP will not apply any special - logic to `OPTIONS` requests. - type: boolean - OAuthSettings: - id: OAuthSettings - description: >- - Configuration for OAuth login&consent flow behavior as well as for OAuth - Credentials. - type: object + Tags that’ll be updated or added to the current state of tags for + evaluation purposes. If a key exists in both "tags_to_upsert" and + "tag_keys_to_remove", the one in "tag_keys_to_remove" is ignored. + Only one type of tags reference (numeric or namespace) is required + to be passed. + additionalProperties: + type: string + type: object + ListTunnelDestGroupsResponse: + description: The response from ListTunnelDestGroups. properties: - loginHint: - description: >- - Domain hint to send as hd=? parameter in OAuth request flow. Enables - redirect to primary IDP by skipping Google's login screen. - https://developers.google.com/identity/protocols/OpenIDConnect#hd-param - Note: IAP does not verify that the id token's hd claim matches this - value since access behavior is managed by IAM policies. - type: string - programmaticClients: - description: Optional. List of client ids allowed to use IAP programmatically. + tunnelDestGroups: type: array + description: TunnelDestGroup existing in the project. items: - type: string - PolicyDelegationSettings: - id: PolicyDelegationSettings - description: >- - PolicyDelegationConfig allows google-internal teams to use IAP for apps - hosted in a tenant project. Using these settings, the app can delegate - permission check to happen against the linked customer project. This is - only ever supposed to be used by google internal teams, hence the - restriction on the proto. - type: object - properties: - iamServiceName: - description: >- - The DNS name of the service (e.g. "resourcemanager.googleapis.com"). - This should be the domain name part of the full resource names (see - https://aip.dev/122#full-resource-names), which is usually the same - as IamServiceSpec.service of the service where the resource type is - defined. - type: string - iamPermission: - description: Permission to check in IAM. + $ref: '#/components/schemas/TunnelDestGroup' + nextPageToken: type: string - resource: - description: IAM resource to check permission on - $ref: '#/components/schemas/Resource' - policyName: - description: Policy name to be checked - $ref: '#/components/schemas/PolicyName' + description: >- + A token that you can send as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. + id: ListTunnelDestGroupsResponse + type: object Resource: - id: Resource type: object + id: Resource properties: - name: - description: >- - The **relative** name of the resource, which is the URI path of the - resource without the leading "/". See - https://cloud.google.com/iam/docs/conditions-resource-attributes#resource-name - for examples used by other GCP Services. This field is **required** - for services integrated with resource-attribute-based IAM conditions - and/or CustomOrgPolicy. This field requires special handling for - parents-only permissions such as `create` and `list`. See the - document linked below for further details. See - go/iam-conditions-sig-g3#populate-resource-attributes for specific - details on populating this field. - type: string - type: - description: >- - The public resource type name of the resource. It is configured - using the official_name of the ResourceType as defined in service - configurations under //configs/cloud/resourcetypes. For example, the - official_name for GCP projects is set as - 'cloudresourcemanager.googleapis.com/Project' according to - //configs/cloud/resourcetypes/google/cloud/resourcemanager/prod.yaml - This field is **required** for services integrated with - resource-attribute-based IAM conditions and/or CustomOrgPolicy. This - field requires special handling for parents-only permissions such as - `create` and `list`. See the document linked below for further - details. See go/iam-conditions-sig-g3#populate-resource-attributes - for specific details on populating this field. - type: string - service: - description: >- - The name of the service this resource belongs to. It is configured - using the official_service_name of the Service as defined in service - configurations under //configs/cloud/resourcetypes. For example, the - official_service_name of cloud resource manager service is set as - 'cloudresourcemanager.googleapis.com' according to - //configs/cloud/resourcetypes/google/cloud/resourcemanager/prod.yaml - This field is **required** for services integrated with - resource-attribute-based IAM conditions and/or CustomOrgPolicy. This - field requires special handling for parents-only permissions such as - `create` and `list`. See the document linked below for further - details. See go/iam-conditions-sig-g3#populate-resource-attributes - for specific details on populating this field. - type: string labels: description: >- The service defined labels of the resource on which the conditions @@ -552,8 +398,8 @@ components: details. type: object additionalProperties: - type: any description: Properties of the object. Contains field @type with type URL. + type: any nextStateOfTags: description: >- Used for calculating the next state of tags on the resource being @@ -565,124 +411,383 @@ components: formats to be passed in. IMPORTANT: If tags are unchanged, this field should not be set. $ref: '#/components/schemas/NextStateOfTags' + service: + type: string + description: >- + The name of the service this resource belongs to. It is configured + using the official_service_name of the Service as defined in service + configurations under //configs/cloud/resourcetypes. For example, the + official_service_name of cloud resource manager service is set as + 'cloudresourcemanager.googleapis.com' according to + //configs/cloud/resourcetypes/google/cloud/resourcemanager/prod.yaml + This field is **required** for services integrated with + resource-attribute-based IAM conditions and/or CustomOrgPolicy. This + field requires special handling for parents-only permissions such as + `create` and `list`. See the document linked below for further + details. See go/iam-conditions-sig-g3#populate-resource-attributes + for specific details on populating this field. + type: + description: >- + The public resource type name of the resource. It is configured + using the official_name of the ResourceType as defined in service + configurations under //configs/cloud/resourcetypes. For example, the + official_name for GCP projects is set as + 'cloudresourcemanager.googleapis.com/Project' according to + //configs/cloud/resourcetypes/google/cloud/resourcemanager/prod.yaml + This field is **required** for services integrated with + resource-attribute-based IAM conditions and/or CustomOrgPolicy. This + field requires special handling for parents-only permissions such as + `create` and `list`. See the document linked below for further + details. See go/iam-conditions-sig-g3#populate-resource-attributes + for specific details on populating this field. + type: string + name: + type: string + description: >- + The **relative** name of the resource, which is the URI path of the + resource without the leading "/". See + https://cloud.google.com/iam/docs/conditions-resource-attributes#resource-name + for examples used by other GCP Services. This field is **required** + for services integrated with resource-attribute-based IAM conditions + and/or CustomOrgPolicy. This field requires special handling for + parents-only permissions such as `create` and `list`. See the + document linked below for further details. See + go/iam-conditions-sig-g3#populate-resource-attributes for specific + details on populating this field. locations: + type: array + items: + type: string description: >- The locations of the resource. This field is used to determine - whether the request is compliant with Trust Boundaries. Usage: - If - unset or empty, the location of authorization is used as the target - location. - For global resources: use a single value of "global". - - For regional/multi-regional resources: use name of the GCP region(s) + whether the request is compliant with Trust Boundaries. Usage: - + Must not be empty for services in-scope for Trust Boundaries. Once + Trust Boundaries is GA, empty values will cause the request to be + rejected if customers enforce Trust Boundaries on the parent CRM + nodes. - For global resources: use a single value of "global". - For + regional/multi-regional resources: use name of the GCP region(s) where the resource exists (e.g., ["us-east1", "us-west1"]). For multi-regional resources specify the name of each GCP region in the resource's multi-region. NOTE: Only GCP cloud region names are supported - go/cloud-region-names. + Empty: + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + properties: {} + PolicyName: + id: PolicyName + type: object + description: >- + An internal name for an IAM policy, based on the resource to which the + policy applies. Not to be confused with a resource's external full + resource name. For more information on this distinction, see + go/iam-full-resource-names. + properties: + type: + description: >- + Resource type. Types are defined in IAM's .service files. Valid + values for type might be 'storage_buckets', 'compute_instances', + 'resourcemanager_customers', 'billing_accounts', etc. + type: string + region: + type: string + description: >- + For Cloud IAM: The location of the Policy. Must be empty or "global" + for Policies owned by global IAM. Must name a region from + prodspec/cloud-iam-cloudspec for Regional IAM Policies, see + go/iam-faq#where-is-iam-currently-deployed. For Local IAM: This + field should be set to "local". + id: + description: >- + Identifies an instance of the type. ID format varies by type. The ID + format is defined in the IAM .service file that defines the type, + either in path_mapping or in a comment. + type: string + Expr: + id: Expr + type: object + properties: + title: + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + type: string + expression: + description: >- + Textual representation of an expression in Common Expression + Language syntax. + type: string + location: + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: string + description: + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + AttributePropagationSettings: + type: object + id: AttributePropagationSettings + description: >- + Configuration for propagating attributes to applications protected by + IAP. + properties: + expression: + description: >- + Optional. Raw string CEL expression. Must return a list of + attributes. A maximum of 45 attributes can be selected. Expressions + can select different attribute types from `attributes`: + `attributes.saml_attributes`, `attributes.iap_attributes`. The + following functions are supported: - filter `.filter(, )`: Returns a + subset of `` where `` is true for every item. - in ` in `: Returns + true if `` contains ``. - selectByName `.selectByName()`: Returns + the attribute in `` with the given `` name, otherwise returns empty. + - emitAs `.emitAs()`: Sets the `` name field to the given `` for + propagation in selected output credentials. - strict `.strict()`: + Ignores the `x-goog-iap-attr-` prefix for the provided `` when + propagating with the `HEADER` output credential, such as request + headers. - append `.append()` OR `.append()`: Appends the provided + `` or `` to the end of ``. Example expression: + `attributes.saml_attributes.filter(x, x.name in + ['test']).append(attributes.iap_attributes.selectByName('exact').emitAs('custom').strict())` + type: string + enable: + description: >- + Optional. Whether the provided attribute propagation settings should + be evaluated on user requests. If set to true, attributes returned + from the expression will be propagated in the set output + credentials. + type: boolean + outputCredentials: + description: >- + Optional. Which output credentials attributes selected by the CEL + expression should be propagated in. All attributes will be fully + duplicated in each selected output credential. type: array items: + enum: + - OUTPUT_CREDENTIALS_UNSPECIFIED + - HEADER + - JWT + - RCTOKEN type: string - NextStateOfTags: - id: NextStateOfTags - description: >- - Used for calculating the next state of tags on the resource being passed - for the CheckCustomConstraints RPC call. The detail evaluation of each - field is described in go/op-create-update-time-tags and - go/tags-in-orgpolicy-requests. + enumDescriptions: + - An output credential is required. + - >- + Propagate attributes in the headers with "x-goog-iap-attr-" + prefix. + - >- + Propagate attributes in the JWT of the form: + `"additional_claims": { "my_attribute": ["value1", "value2"] }` + - >- + Propagate attributes in the RCToken of the form: + `"additional_claims": { "my_attribute": ["value1", "value2"] }` + OAuth2: + description: The OAuth 2.0 Settings type: object properties: - tagsFullState: - $ref: '#/components/schemas/TagsFullState' - tagsPartialState: - $ref: '#/components/schemas/TagsPartialState' - tagsFullStateForChildResource: - $ref: '#/components/schemas/TagsFullStateForChildResource' - TagsFullState: - id: TagsFullState + clientSecret: + type: string + description: >- + Input only. The OAuth 2.0 client secret created while registering + the client ID. + clientId: + type: string + description: >- + The OAuth 2.0 client ID registered in the workforce identity + federation OAuth 2.0 Server. + clientSecretSha256: + readOnly: true + type: string + description: >- + Output only. SHA256 hash value for the client secret. This field is + returned by IAP when the settings are retrieved. + id: OAuth2 + ListIdentityAwareProxyClientsResponse: + description: Response message for ListIdentityAwareProxyClients. type: object + id: ListIdentityAwareProxyClientsResponse properties: - tags: + nextPageToken: description: >- - If TagsFullState is initialized, the values in this field fully - represent all the tags in the next state (the current tag values are - not used). If tags.size() == 0, the next state of tags would be no - tags for evaluation purposes. Only one type of tags reference - (numeric or namespace) is required to be passed. - type: object - additionalProperties: + A token, which can be send as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + identityAwareProxyClients: + description: Clients existing in the brand. + items: + $ref: '#/components/schemas/IdentityAwareProxyClient' + type: array + AllowedDomainsSettings: + description: >- + Configuration for IAP allowed domains. Lets you to restrict access to an + app and allow access to only the domains that you list. + type: object + properties: + enable: + type: boolean + description: Optional. Configuration for customers to opt in for the feature. + domains: + items: type: string - TagsPartialState: - id: TagsPartialState + type: array + description: Optional. List of trusted domains. + id: AllowedDomainsSettings + Binding: type: object + description: Associates `members`, or principals, with a `role`. properties: - tagsToUpsert: + role: + type: string description: >- - Tags that’ll be updated or added to the current state of tags for - evaluation purposes. If a key exists in both "tags_to_upsert" and - "tag_keys_to_remove", the one in "tag_keys_to_remove" is ignored. - Only one type of tags reference (numeric or namespace) is required - to be passed. - type: object - additionalProperties: - type: string - tagKeysToRemove: + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + condition: + $ref: '#/components/schemas/Expr' description: >- - Keys of the tags that should be removed for evaluation purposes. - IMPORTANT: Currently only numeric references are supported. Once - support for namespace references is added, both the tag references - (numeric and namespace) will be removed. + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + members: type: array + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. items: type: string - TagsFullStateForChildResource: - id: TagsFullStateForChildResource + id: Binding + ValidateIapAttributeExpressionResponse: + description: IAP Expression Linter endpoint returns empty response body. + id: ValidateIapAttributeExpressionResponse + properties: {} type: object + GetIamPolicyRequest: properties: - tags: + options: + $ref: '#/components/schemas/GetPolicyOptions' description: >- - If TagsFullStateForChildResource is initialized, the values in this - field represent all the tags in the next state for the child - resource. Only one type of tags reference (numeric or namespace) is - required to be passed. IMPORTANT: This field should only be used - when the target resource IAM policy name is UNKNOWN and the - resource's parent IAM policy name is being passed in the request. - type: object - additionalProperties: - type: string - PolicyName: - id: PolicyName - description: >- - An internal name for an IAM policy, based on the resource to which the - policy applies. Not to be confused with a resource's external full - resource name. For more information on this distinction, see - go/iam-full-resource-names. + OPTIONAL: A `GetPolicyOptions` object for specifying options to + `GetIamPolicy`. + description: Request message for `GetIamPolicy` method. + id: GetIamPolicyRequest type: object + ReauthSettings: + description: Configuration for IAP reauthentication policies. + id: ReauthSettings properties: - type: - description: >- - Resource type. Types are defined in IAM's .service files. Valid - values for type might be 'storage_buckets', 'compute_instances', - 'resourcemanager_customers', 'billing_accounts', etc. + policyType: type: string - id: + enumDescriptions: + - Default value. This value is unused. + - >- + This policy acts as a minimum to other policies, lower in the + hierarchy. Effective policy may only be the same or stricter. + - This policy acts as a default if no other reauth policy is set. description: >- - Identifies an instance of the type. ID format varies by type. The ID - format is defined in the IAM .service file that defines the type, - either in path_mapping or in a comment. + Optional. How IAP determines the effective policy in cases of + hierarchical policies. Policies are merged from higher in the + hierarchy to lower in the hierarchy. + enum: + - POLICY_TYPE_UNSPECIFIED + - MINIMUM + - DEFAULT + maxAge: + format: google-duration type: string - region: description: >- - For Cloud IAM: The location of the Policy. Must be empty or "global" - for Policies owned by global IAM. Must name a region from - prodspec/cloud-iam-cloudspec for Regional IAM Policies, see - go/iam-faq#where-is-iam-currently-deployed. For Local IAM: This - field should be set to "local". - type: string - ReauthSettings: - id: ReauthSettings - description: Configuration for IAP reauthentication policies. - type: object - properties: + Optional. Reauth session lifetime, how long before a user has to + reauthenticate again. method: - description: Optional. Reauth method requested. - type: string enumDescriptions: - Reauthentication disabled. - Prompts the user to log in again. @@ -695,324 +800,233 @@ components: - true - false - false + type: string enum: - METHOD_UNSPECIFIED - LOGIN - PASSWORD - SECURE_KEY - ENROLLED_SECOND_FACTORS - maxAge: - description: >- - Optional. Reauth session lifetime, how long before a user has to - reauthenticate again. - type: string - format: google-duration - policyType: - description: >- - Optional. How IAP determines the effective policy in cases of - hierarchical policies. Policies are merged from higher in the - hierarchy to lower in the hierarchy. - type: string - enumDescriptions: - - Default value. This value is unused. - - >- - This policy acts as a minimum to other policies, lower in the - hierarchy. Effective policy may only be the same or stricter. - - This policy acts as a default if no other reauth policy is set. - enum: - - POLICY_TYPE_UNSPECIFIED - - MINIMUM - - DEFAULT - AllowedDomainsSettings: - id: AllowedDomainsSettings - description: >- - Configuration for IAP allowed domains. Lets you to restrict access to an - app and allow access to only the domains that you list. - type: object - properties: - enable: - description: Optional. Configuration for customers to opt in for the feature. - type: boolean - domains: - description: Optional. List of trusted domains. - type: array - items: - type: string - WorkforceIdentitySettings: - id: WorkforceIdentitySettings - description: >- - WorkforceIdentitySettings allows customers to configure workforce pools - and OAuth 2.0 settings to gate their applications using a third-party - IdP with access control. - type: object - properties: - workforcePools: - description: The workforce pool resources. Only one workforce pool is accepted. - type: array - items: - type: string - oauth2: - description: >- - OAuth 2.0 settings for IAP to perform OIDC flow with workforce - identity federation services. - $ref: '#/components/schemas/OAuth2' - OAuth2: - id: OAuth2 - description: The OAuth 2.0 Settings - type: object - properties: - clientId: - description: >- - The OAuth 2.0 client ID registered in the workforce identity - federation OAuth 2.0 Server. - type: string - clientSecret: - description: >- - Input only. The OAuth 2.0 client secret created while registering - the client ID. - type: string - clientSecretSha256: - description: >- - Output only. SHA256 hash value for the client secret. This field is - returned by IAP when the settings are retrieved. - readOnly: true - type: string - ApplicationSettings: - id: ApplicationSettings - description: Wrapper over application specific settings for IAP. - type: object - properties: - csmSettings: - description: Optional. Settings to configure IAP's behavior for a service mesh. - $ref: '#/components/schemas/CsmSettings' - accessDeniedPageSettings: - description: Optional. Customization for Access Denied page. - $ref: '#/components/schemas/AccessDeniedPageSettings' - cookieDomain: - description: >- - The Domain value to set for cookies generated by IAP. This value is - not validated by the API, but will be ignored at runtime if invalid. - type: string - attributePropagationSettings: - description: Optional. Settings to configure attribute propagation. - $ref: '#/components/schemas/AttributePropagationSettings' - CsmSettings: - id: CsmSettings - description: >- - Configuration for RCToken generated for service mesh workloads protected - by IAP. RCToken are IAP generated JWTs that can be verified at the - application. The RCToken is primarily used for service mesh deployments, - and can be scoped to a single mesh by configuring the audience field - accordingly. - type: object - properties: - rctokenAud: - description: >- - Audience claim set in the generated RCToken. This value is not - validated by IAP. - type: string - AccessDeniedPageSettings: - id: AccessDeniedPageSettings - description: >- - Custom content configuration for access denied page. IAP allows - customers to define a custom URI to use as the error page when access is - denied to users. If IAP prevents access to this page, the default IAP - error page will be displayed instead. + description: Optional. Reauth method requested. type: object - properties: - accessDeniedPageUri: - description: The URI to be redirected to when access is denied. - type: string - generateTroubleshootingUri: - description: >- - Whether to generate a troubleshooting URL on access denied events to - this application. - type: boolean - remediationTokenGenerationEnabled: - description: >- - Whether to generate remediation token on access denied events to - this application. - type: boolean - AttributePropagationSettings: - id: AttributePropagationSettings + OAuthSettings: + id: OAuthSettings description: >- - Configuration for propagating attributes to applications protected by - IAP. + Configuration for OAuth login&consent flow behavior as well as for OAuth + Credentials. type: object properties: - expression: - description: >- - Optional. Raw string CEL expression. Must return a list of - attributes. A maximum of 45 attributes can be selected. Expressions - can select different attribute types from `attributes`: - `attributes.saml_attributes`, `attributes.iap_attributes`. The - following functions are supported: - filter `.filter(, )`: Returns a - subset of `` where `` is true for every item. - in ` in `: Returns - true if `` contains ``. - selectByName `.selectByName()`: Returns - the attribute in `` with the given `` name, otherwise returns empty. - - emitAs `.emitAs()`: Sets the `` name field to the given `` for - propagation in selected output credentials. - strict `.strict()`: - Ignores the `x-goog-iap-attr-` prefix for the provided `` when - propagating with the `HEADER` output credential, such as request - headers. - append `.append()` OR `.append()`: Appends the provided - `` or `` to the end of ``. Example expression: - `attributes.saml_attributes.filter(x, x.name in - ['test']).append(attributes.iap_attributes.selectByName('exact').emitAs('custom').strict())` + loginHint: type: string - outputCredentials: description: >- - Optional. Which output credentials attributes selected by the CEL - expression should be propagated in. All attributes will be fully - duplicated in each selected output credential. + Domain hint to send as hd=? parameter in OAuth request flow. Enables + redirect to primary IDP by skipping Google's login screen. + https://developers.google.com/identity/protocols/OpenIDConnect#hd-param + Note: IAP does not verify that the id token's hd claim matches this + value since access behavior is managed by IAM policies. + programmaticClients: type: array items: type: string - enumDescriptions: - - An output credential is required. - - >- - Propagate attributes in the headers with "x-goog-iap-attr-" - prefix. - - >- - Propagate attributes in the JWT of the form: - `"additional_claims": { "my_attribute": ["value1", "value2"] }` - - >- - Propagate attributes in the RCToken of the form: - `"additional_claims": { "my_attribute": ["value1", "value2"] }` - enum: - - OUTPUT_CREDENTIALS_UNSPECIFIED - - HEADER - - JWT - - RCTOKEN - enable: - description: >- - Optional. Whether the provided attribute propagation settings should - be evaluated on user requests. If set to true, attributes returned - from the expression will be propagated in the set output - credentials. - type: boolean - ValidateIapAttributeExpressionResponse: - id: ValidateIapAttributeExpressionResponse - description: IAP Expression Linter endpoint returns empty response body. - type: object - properties: {} - ListTunnelDestGroupsResponse: - id: ListTunnelDestGroupsResponse - description: The response from ListTunnelDestGroups. + description: Optional. List of client ids allowed to use IAP programmatically. + CsmSettings: type: object properties: - tunnelDestGroups: - description: TunnelDestGroup existing in the project. - type: array - items: - $ref: '#/components/schemas/TunnelDestGroup' - nextPageToken: + rctokenAud: description: >- - A token that you can send as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. + Audience claim set in the generated RCToken. This value is not + validated by IAP. type: string + description: >- + Configuration for RCToken generated for service mesh workloads protected + by IAP. RCToken are IAP generated JWTs that can be verified at the + application. The RCToken is primarily used for service mesh deployments, + and can be scoped to a single mesh by configuring the audience field + accordingly. + id: CsmSettings TunnelDestGroup: - id: TunnelDestGroup - description: A TunnelDestGroup. - type: object properties: name: + type: string description: >- Identifier. Identifier for the TunnelDestGroup. Must be unique within the project and contain only lower case letters (a-z) and dashes (-). - type: string cidrs: - description: Optional. Unordered list. List of CIDRs that this group applies to. type: array items: type: string + description: Optional. Unordered list. List of CIDRs that this group applies to. fqdns: - description: Optional. Unordered list. List of FQDNs that this group applies to. type: array + description: Optional. Unordered list. List of FQDNs that this group applies to. items: type: string - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - ListBrandsResponse: - id: ListBrandsResponse - description: Response message for ListBrands. + description: A TunnelDestGroup. + id: TunnelDestGroup type: object + IapSettings: + id: IapSettings properties: - brands: - description: Brands existing in the project. - type: array - items: - $ref: '#/components/schemas/Brand' - Brand: - id: Brand - description: >- - OAuth brand data. NOTE: Only contains a portion of the data that - describes a brand. + name: + description: Required. The resource name of the IAP protected resource. + type: string + accessSettings: + description: Optional. Top level wrapper for all access related setting in IAP + $ref: '#/components/schemas/AccessSettings' + applicationSettings: + $ref: '#/components/schemas/ApplicationSettings' + description: >- + Optional. Top level wrapper for all application related settings in + IAP + type: object + description: The IAP configurable settings. + AccessSettings: + id: AccessSettings + description: Access related settings for IAP protected apps. type: object properties: - name: + gcipSettings: description: >- - Output only. Identifier of the brand. NOTE: GCP project number - achieves the same brand identification purpose as only one brand per - project can be created. - readOnly: true - type: string - supportEmail: - description: Support email displayed on the OAuth consent screen. - type: string - applicationTitle: - description: Application name displayed on OAuth consent screen. - type: string - orgInternalOnly: + Optional. GCIP claims and endpoint configurations for 3p identity + providers. + $ref: '#/components/schemas/GcipSettings' + reauthSettings: + $ref: '#/components/schemas/ReauthSettings' + description: Optional. Settings to configure reauthentication policies in IAP. + identitySources: description: >- - Output only. Whether the brand is only intended for usage inside the - G Suite organization only. - readOnly: true - type: boolean + Optional. Identity sources that IAP can use to authenticate the end + user. Only one identity source can be configured. + items: + enumDescriptions: + - >- + IdentitySource Unspecified. When selected, IAP relies on which + identity settings are fully configured to redirect the traffic + to. The precedence order is WorkforceIdentitySettings > + GcipSettings. If none is set, default to use Google identity. + - >- + Use external identities set up on Google Cloud Workforce + Identity Federation. + type: string + enum: + - IDENTITY_SOURCE_UNSPECIFIED + - WORKFORCE_IDENTITY_FEDERATION + type: array + workforceIdentitySettings: + description: >- + Optional. Settings to configure the workforce identity federation, + including workforce pools and OAuth 2.0 settings. + $ref: '#/components/schemas/WorkforceIdentitySettings' + policyDelegationSettings: + $ref: '#/components/schemas/PolicyDelegationSettings' + description: >- + Optional. Settings to allow google-internal teams to use IAP for + apps hosted in a tenant project. + oauthSettings: + $ref: '#/components/schemas/OAuthSettings' + description: Optional. Settings to configure IAP's OAuth behavior. + corsSettings: + description: Optional. Configuration to allow cross-origin requests via IAP. + $ref: '#/components/schemas/CorsSettings' + allowedDomainsSettings: + $ref: '#/components/schemas/AllowedDomainsSettings' + description: Optional. Settings to configure and enable allowed domains. IdentityAwareProxyClient: - id: IdentityAwareProxyClient - description: Contains the data that describes an Identity Aware Proxy owned client. - type: object properties: + displayName: + description: Human-friendly name given to the OAuth client. + type: string name: description: Output only. Unique identifier of the OAuth client. - readOnly: true type: string + readOnly: true secret: - description: Output only. Client secret of the OAuth client. readOnly: true + description: Output only. Client secret of the OAuth client. type: string - displayName: - description: Human-friendly name given to the OAuth client. - type: string - ListIdentityAwareProxyClientsResponse: - id: ListIdentityAwareProxyClientsResponse - description: Response message for ListIdentityAwareProxyClients. + id: IdentityAwareProxyClient + description: Contains the data that describes an Identity Aware Proxy owned client. + type: object + PolicyDelegationSettings: + description: >- + PolicyDelegationConfig allows google-internal teams to use IAP for apps + hosted in a tenant project. Using these settings, the app can delegate + permission check to happen against the linked customer project. This is + only ever supposed to be used by google internal teams, hence the + restriction on the proto. + id: PolicyDelegationSettings type: object properties: - identityAwareProxyClients: - description: Clients existing in the brand. - type: array + iamServiceName: + description: >- + The DNS name of the service (e.g. "resourcemanager.googleapis.com"). + This should be the domain name part of the full resource names (see + https://aip.dev/122#full-resource-names), which is usually the same + as IamServiceSpec.service of the service where the resource type is + defined. + type: string + resource: + $ref: '#/components/schemas/Resource' + description: IAM resource to check permission on + policyName: + $ref: '#/components/schemas/PolicyName' + description: Policy name to be checked + iamPermission: + type: string + description: Permission to check in IAM. + GcipSettings: + properties: + tenantIds: items: - $ref: '#/components/schemas/IdentityAwareProxyClient' - nextPageToken: + type: string + type: array description: >- - A token, which can be send as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Optional. GCIP tenant IDs that are linked to the IAP resource. + `tenant_ids` could be a string beginning with a number character to + indicate authenticating with GCIP tenant flow, or in the format of + `_` to indicate authenticating with GCIP agent flow. If agent flow + is used, `tenant_ids` should only contain one single element, while + for tenant flow, `tenant_ids` can contain multiple elements. + loginPageUri: + description: >- + Login page URI associated with the GCIP tenants. Typically, all + resources within the same project share the same login page, though + it could be overridden at the sub resource level. type: string - ResetIdentityAwareProxyClientSecretRequest: - id: ResetIdentityAwareProxyClientSecretRequest - description: The request sent to ResetIdentityAwareProxyClientSecret. + id: GcipSettings type: object - properties: {} + description: >- + Allows customers to configure tenant IDs for a Cloud Identity Platform + (GCIP) instance for each application. + NextStateOfTags: + id: NextStateOfTags + description: >- + Used for calculating the next state of tags on the resource being passed + for the CheckCustomConstraints RPC call. The detail evaluation of each + field is described in go/op-create-update-time-tags and + go/tags-in-orgpolicy-requests. + type: object + properties: + tagsFullStateForChildResource: + $ref: '#/components/schemas/TagsFullStateForChildResource' + tagsPartialState: + $ref: '#/components/schemas/TagsPartialState' + tagsFullState: + $ref: '#/components/schemas/TagsFullState' parameters: + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string + callback: + description: JSONP + in: query + name: callback + schema: + type: string access_token: description: OAuth access token. in: query @@ -1029,39 +1043,39 @@ components: - json - media - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + _.xgafv: + description: V1 error format. in: query - name: key + name: $.xgafv schema: type: string + enum: + - '1' + - '2' oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -1071,178 +1085,143 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - _.xgafv: - description: V1 error format. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: $.xgafv + name: key schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: - iap_iam_policies: - id: google.iap.iap_iam_policies - name: iap_iam_policies - title: Iap_iam_policies + dest_groups: + id: google.iap.dest_groups + name: dest_groups + title: Dest_groups methods: - set_iam_policy: + create: operation: - $ref: '#/paths/~1v1~1{v1Id}:setIamPolicy/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1iap_tunnel~1locations~1{locationsId}~1destGroups/post response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + list: operation: - $ref: '#/paths/~1v1~1{v1Id}:getIamPolicy/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1iap_tunnel~1locations~1{locationsId}~1destGroups/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + objectKey: $.tunnelDestGroups + get: operation: - $ref: '#/paths/~1v1~1{v1Id}:testIamPermissions/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1iap_tunnel~1locations~1{locationsId}~1destGroups~1{destGroupsId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/iap_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/iap_iam_policies/methods/set_iam_policy - delete: [] - iap_settings: - id: google.iap.iap_settings - name: iap_settings - title: Iap_settings - methods: - get_iap_settings: + patch: operation: - $ref: '#/paths/~1v1~1{v1Id}:iapSettings/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1iap_tunnel~1locations~1{locationsId}~1destGroups~1{destGroupsId}/patch response: mediaType: application/json openAPIDocKey: '200' - update_iap_settings: + delete: operation: - $ref: '#/paths/~1v1~1{v1Id}:iapSettings/patch' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1iap_tunnel~1locations~1{locationsId}~1destGroups~1{destGroupsId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/iap_settings/methods/get_iap_settings - insert: [] + - $ref: '#/components/x-stackQL-resources/dest_groups/methods/get' + - $ref: '#/components/x-stackQL-resources/dest_groups/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/dest_groups/methods/create' update: - - $ref: >- - #/components/x-stackQL-resources/iap_settings/methods/update_iap_settings - replace: [] - delete: [] - iap: - id: google.iap.iap - name: iap - title: Iap - methods: - validate_attribute_expression: - operation: - $ref: '#/paths/~1v1~1{v1Id}:validateAttributeExpression/post' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/dest_groups/methods/patch' replace: [] - delete: [] - dest_groups: - id: google.iap.dest_groups - name: dest_groups - title: Dest_groups + delete: + - $ref: '#/components/x-stackQL-resources/dest_groups/methods/delete' + identity_aware_proxy_clients: + id: google.iap.identity_aware_proxy_clients + name: identity_aware_proxy_clients + title: Identity_aware_proxy_clients methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1iap_tunnel~1locations~1{locationsId}~1destGroups/get + #/paths/~1v1~1projects~1{projectsId}~1brands~1{brandsId}~1identityAwareProxyClients/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tunnelDestGroups + objectKey: $.identityAwareProxyClients create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1iap_tunnel~1locations~1{locationsId}~1destGroups/post + #/paths/~1v1~1projects~1{projectsId}~1brands~1{brandsId}~1identityAwareProxyClients/post response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1iap_tunnel~1locations~1{locationsId}~1destGroups~1{destGroupsId}/get + #/paths/~1v1~1projects~1{projectsId}~1brands~1{brandsId}~1identityAwareProxyClients~1{identityAwareProxyClientsId}/get response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1iap_tunnel~1locations~1{locationsId}~1destGroups~1{destGroupsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1brands~1{brandsId}~1identityAwareProxyClients~1{identityAwareProxyClientsId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + reset_secret: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1iap_tunnel~1locations~1{locationsId}~1destGroups~1{destGroupsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1brands~1{brandsId}~1identityAwareProxyClients~1{identityAwareProxyClientsId}:resetSecret/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/dest_groups/methods/get' - - $ref: '#/components/x-stackQL-resources/dest_groups/methods/list' + - $ref: >- + #/components/x-stackQL-resources/identity_aware_proxy_clients/methods/get + - $ref: >- + #/components/x-stackQL-resources/identity_aware_proxy_clients/methods/list insert: - - $ref: '#/components/x-stackQL-resources/dest_groups/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/dest_groups/methods/patch' + - $ref: >- + #/components/x-stackQL-resources/identity_aware_proxy_clients/methods/create + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/dest_groups/methods/delete' + - $ref: >- + #/components/x-stackQL-resources/identity_aware_proxy_clients/methods/delete brands: id: google.iap.brands name: brands title: Brands methods: - list: + get: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1brands/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1brands~1{brandsId}/get' response: mediaType: application/json openAPIDocKey: '200' - create: + list: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1brands/post' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1brands/get' response: mediaType: application/json openAPIDocKey: '200' - get: + create: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1brands~1{brandsId}/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1brands/post' response: mediaType: application/json openAPIDocKey: '200' @@ -1252,90 +1231,109 @@ components: - $ref: '#/components/x-stackQL-resources/brands/methods/list' insert: - $ref: '#/components/x-stackQL-resources/brands/methods/create' - update: [] - replace: [] - delete: [] - identity_aware_proxy_clients: - id: google.iap.identity_aware_proxy_clients - name: identity_aware_proxy_clients - title: Identity_aware_proxy_clients + update: [] + replace: [] + delete: [] + iap_settings: + id: google.iap.iap_settings + name: iap_settings + title: Iap_settings methods: - create: + get_iap_settings: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1brands~1{brandsId}~1identityAwareProxyClients/post + $ref: '#/paths/~1v1~1{v1Id}:iapSettings/get' response: mediaType: application/json openAPIDocKey: '200' - list: + update_iap_settings: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1brands~1{brandsId}~1identityAwareProxyClients/get + $ref: '#/paths/~1v1~1{v1Id}:iapSettings/patch' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.identityAwareProxyClients - get: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/iap_settings/methods/get_iap_settings + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/iap_settings/methods/update_iap_settings + replace: [] + delete: [] + iap_iam_policies: + id: google.iap.iap_iam_policies + name: iap_iam_policies + title: Iap_iam_policies + methods: + set_iam_policy: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1brands~1{brandsId}~1identityAwareProxyClients~1{identityAwareProxyClientsId}/get + $ref: '#/paths/~1v1~1{v1Id}:setIamPolicy/post' response: mediaType: application/json openAPIDocKey: '200' - delete: + test_iam_permissions: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1brands~1{brandsId}~1identityAwareProxyClients~1{identityAwareProxyClientsId}/delete + $ref: '#/paths/~1v1~1{v1Id}:testIamPermissions/post' response: mediaType: application/json openAPIDocKey: '200' - reset_secret: + get_iam_policy: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1brands~1{brandsId}~1identityAwareProxyClients~1{identityAwareProxyClientsId}:resetSecret/post + $ref: '#/paths/~1v1~1{v1Id}:getIamPolicy/post' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/identity_aware_proxy_clients/methods/get - - $ref: >- - #/components/x-stackQL-resources/identity_aware_proxy_clients/methods/list - insert: + #/components/x-stackQL-resources/iap_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: - $ref: >- - #/components/x-stackQL-resources/identity_aware_proxy_clients/methods/create + #/components/x-stackQL-resources/iap_iam_policies/methods/set_iam_policy + delete: [] + iap: + id: google.iap.iap + name: iap + title: Iap + methods: + validate_attribute_expression: + operation: + $ref: '#/paths/~1v1~1{v1Id}:validateAttributeExpression/post' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: [] update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/identity_aware_proxy_clients/methods/delete + delete: [] paths: - /v1/{v1Id}:setIamPolicy: + /v1/projects/{projectsId}/iap_tunnel/locations/{locationsId}/destGroups: parameters: &ref_1 + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/key' post: - description: >- - Sets the access control policy for an Identity-Aware Proxy protected - resource. Replaces any existing policy. More information about managing - access via IAP can be found at: - https://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api - operationId: iap.setIamPolicy + description: Creates a new TunnelDestGroup. + operationId: iap.projects.iap_tunnel.locations.destGroups.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/TunnelDestGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1347,59 +1345,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/TunnelDestGroup' parameters: - in: path - name: v1Id + name: projectsId required: true schema: type: string - /v1/{v1Id}:getIamPolicy: - parameters: *ref_1 - post: - description: >- - Gets the access control policy for an Identity-Aware Proxy protected - resource. More information about managing access via IAP can be found - at: - https://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api - operationId: iap.getIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GetIamPolicyRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Policy' - parameters: - in: path - name: v1Id + name: locationsId required: true schema: type: string - /v1/{v1Id}:testIamPermissions: - parameters: *ref_1 - post: + - in: query + name: tunnelDestGroupId + schema: + type: string + get: description: >- - Returns permissions that a caller has on the Identity-Aware Proxy - protected resource. More information about managing access via IAP can - be found at: - https://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api - operationId: iap.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + Lists the existing TunnelDestGroups. To group across all locations, use + a `-` as the location ID. For example: + `/v1/projects/123/iap_tunnel/locations/-/destGroups` + operationId: iap.projects.iap_tunnel.locations.destGroups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1411,18 +1378,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ListTunnelDestGroupsResponse' parameters: - in: path - name: v1Id + name: projectsId required: true schema: type: string - /v1/{v1Id}:iapSettings: + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/iap_tunnel/locations/{locationsId}/destGroups/{destGroupsId}: parameters: *ref_1 get: - description: Gets the IAP settings on a particular IAP protected resource. - operationId: iap.getIapSettings + description: Retrieves an existing TunnelDestGroup. + operationId: iap.projects.iap_tunnel.locations.destGroups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1434,23 +1415,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/IapSettings' + $ref: '#/components/schemas/TunnelDestGroup' parameters: - in: path - name: v1Id + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: destGroupsId required: true schema: type: string patch: - description: >- - Updates the IAP settings on a particular IAP protected resource. It - replaces all fields unless the `update_mask` is set. - operationId: iap.updateIapSettings + description: Updates a TunnelDestGroup. + operationId: iap.projects.iap_tunnel.locations.destGroups.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/IapSettings' + $ref: '#/components/schemas/TunnelDestGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1462,10 +1451,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/IapSettings' + $ref: '#/components/schemas/TunnelDestGroup' parameters: - in: path - name: v1Id + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: destGroupsId required: true schema: type: string @@ -1474,11 +1473,9 @@ paths: schema: type: string format: google-fieldmask - /v1/{v1Id}:validateAttributeExpression: - parameters: *ref_1 - post: - description: Validates that a given CEL expression conforms to IAP restrictions. - operationId: iap.validateAttributeExpression + delete: + description: Deletes a TunnelDestGroup. + operationId: iap.projects.iap_tunnel.locations.destGroups.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1490,25 +1487,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ValidateIapAttributeExpressionResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: v1Id + name: projectsId required: true schema: type: string - - in: query - name: expression + - in: path + name: locationsId + required: true schema: type: string - /v1/projects/{projectsId}/iap_tunnel/locations/{locationsId}/destGroups: + - in: path + name: destGroupsId + required: true + schema: + type: string + /v1/projects/{projectsId}/brands/{brandsId}/identityAwareProxyClients: parameters: *ref_1 get: - description: >- - Lists the existing TunnelDestGroups. To group across all locations, use - a `-` as the location ID. For example: - `/v1/projects/123/iap_tunnel/locations/-/destGroups` - operationId: iap.projects.iap_tunnel.locations.destGroups.list + description: Lists the existing clients for the brand. + operationId: iap.projects.brands.identityAwareProxyClients.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1520,7 +1520,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTunnelDestGroupsResponse' + $ref: '#/components/schemas/ListIdentityAwareProxyClientsResponse' parameters: - in: path name: projectsId @@ -1528,27 +1528,30 @@ paths: schema: type: string - in: path - name: locationsId + name: brandsId required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string post: - description: Creates a new TunnelDestGroup. - operationId: iap.projects.iap_tunnel.locations.destGroups.create + description: >- + Creates an Identity Aware Proxy (IAP) OAuth client. The client is owned + by IAP. Requires that the brand for the project exists and that it is + set for internal-only use. + operationId: iap.projects.brands.identityAwareProxyClients.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TunnelDestGroup' + $ref: '#/components/schemas/IdentityAwareProxyClient' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1560,7 +1563,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TunnelDestGroup' + $ref: '#/components/schemas/IdentityAwareProxyClient' parameters: - in: path name: projectsId @@ -1568,19 +1571,17 @@ paths: schema: type: string - in: path - name: locationsId + name: brandsId required: true schema: type: string - - in: query - name: tunnelDestGroupId - schema: - type: string - /v1/projects/{projectsId}/iap_tunnel/locations/{locationsId}/destGroups/{destGroupsId}: + /v1/projects/{projectsId}/brands/{brandsId}/identityAwareProxyClients/{identityAwareProxyClientsId}: parameters: *ref_1 get: - description: Retrieves an existing TunnelDestGroup. - operationId: iap.projects.iap_tunnel.locations.destGroups.get + description: >- + Retrieves an Identity Aware Proxy (IAP) OAuth client. Requires that the + client is owned by IAP. + operationId: iap.projects.brands.identityAwareProxyClients.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1592,7 +1593,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TunnelDestGroup' + $ref: '#/components/schemas/IdentityAwareProxyClient' parameters: - in: path name: projectsId @@ -1600,18 +1601,21 @@ paths: schema: type: string - in: path - name: locationsId + name: brandsId required: true schema: type: string - in: path - name: destGroupsId + name: identityAwareProxyClientsId required: true schema: type: string delete: - description: Deletes a TunnelDestGroup. - operationId: iap.projects.iap_tunnel.locations.destGroups.delete + description: >- + Deletes an Identity Aware Proxy (IAP) OAuth client. Useful for removing + obsolete clients, managing the number of clients in a given project, and + cleaning up after tests. Requires that the client is owned by IAP. + operationId: iap.projects.brands.identityAwareProxyClients.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1631,23 +1635,27 @@ paths: schema: type: string - in: path - name: locationsId + name: brandsId required: true schema: type: string - in: path - name: destGroupsId + name: identityAwareProxyClientsId required: true schema: type: string - patch: - description: Updates a TunnelDestGroup. - operationId: iap.projects.iap_tunnel.locations.destGroups.patch + /v1/projects/{projectsId}/brands/{brandsId}/identityAwareProxyClients/{identityAwareProxyClientsId}:resetSecret: + parameters: *ref_1 + post: + description: >- + Resets an Identity Aware Proxy (IAP) OAuth client secret. Useful if the + secret was compromised. Requires that the client is owned by IAP. + operationId: iap.projects.brands.identityAwareProxyClients.resetSecret requestBody: content: application/json: schema: - $ref: '#/components/schemas/TunnelDestGroup' + $ref: '#/components/schemas/ResetIdentityAwareProxyClientSecretRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1659,7 +1667,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TunnelDestGroup' + $ref: '#/components/schemas/IdentityAwareProxyClient' parameters: - in: path name: projectsId @@ -1667,20 +1675,43 @@ paths: schema: type: string - in: path - name: locationsId + name: brandsId required: true schema: type: string - in: path - name: destGroupsId + name: identityAwareProxyClientsId required: true schema: type: string - - in: query - name: updateMask + /v1/projects/{projectsId}/brands/{brandsId}: + parameters: *ref_1 + get: + description: Retrieves the OAuth brand of the project. + operationId: iap.projects.brands.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Brand' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: brandsId + required: true schema: type: string - format: google-fieldmask /v1/projects/{projectsId}/brands: parameters: *ref_1 get: @@ -1738,11 +1769,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/brands/{brandsId}: + /v1/{v1Id}:iapSettings: parameters: *ref_1 get: - description: Retrieves the OAuth brand of the project. - operationId: iap.projects.brands.get + description: Gets the IAP settings on a particular IAP protected resource. + operationId: iap.getIapSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1754,31 +1785,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Brand' + $ref: '#/components/schemas/IapSettings' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: brandsId + name: v1Id required: true schema: type: string - /v1/projects/{projectsId}/brands/{brandsId}/identityAwareProxyClients: - parameters: *ref_1 - post: + patch: description: >- - Creates an Identity Aware Proxy (IAP) OAuth client. The client is owned - by IAP. Requires that the brand for the project exists and that it is - set for internal-only use. - operationId: iap.projects.brands.identityAwareProxyClients.create + Updates the IAP settings on a particular IAP protected resource. It + replaces all fields unless the `update_mask` is set. + operationId: iap.updateIapSettings requestBody: content: application/json: schema: - $ref: '#/components/schemas/IdentityAwareProxyClient' + $ref: '#/components/schemas/IapSettings' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1790,21 +1813,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/IdentityAwareProxyClient' + $ref: '#/components/schemas/IapSettings' parameters: - in: path - name: projectsId + name: v1Id required: true schema: type: string - - in: path - name: brandsId - required: true + - in: query + name: updateMask schema: type: string - get: - description: Lists the existing clients for the brand. - operationId: iap.projects.brands.identityAwareProxyClients.list + format: google-fieldmask + /v1/{v1Id}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy for an Identity-Aware Proxy protected + resource. Replaces any existing policy. More information about managing + access via IAP can be found at: + https://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api + operationId: iap.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1816,34 +1850,27 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListIdentityAwareProxyClientsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: brandsId + name: v1Id required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/brands/{brandsId}/identityAwareProxyClients/{identityAwareProxyClientsId}: + /v1/{v1Id}:testIamPermissions: parameters: *ref_1 - get: + post: description: >- - Retrieves an Identity Aware Proxy (IAP) OAuth client. Requires that the - client is owned by IAP. - operationId: iap.projects.brands.identityAwareProxyClients.get + Returns permissions that a caller has on the Identity-Aware Proxy + protected resource. More information about managing access via IAP can + be found at: + https://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api + operationId: iap.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1855,29 +1882,27 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/IdentityAwareProxyClient' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: brandsId - required: true - schema: - type: string - - in: path - name: identityAwareProxyClientsId + name: v1Id required: true schema: type: string - delete: + /v1/{v1Id}:getIamPolicy: + parameters: *ref_1 + post: description: >- - Deletes an Identity Aware Proxy (IAP) OAuth client. Useful for removing - obsolete clients, managing the number of clients in a given project, and - cleaning up after tests. Requires that the client is owned by IAP. - operationId: iap.projects.brands.identityAwareProxyClients.delete + Gets the access control policy for an Identity-Aware Proxy protected + resource. More information about managing access via IAP can be found + at: + https://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api + operationId: iap.getIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1889,35 +1914,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: brandsId - required: true - schema: - type: string - - in: path - name: identityAwareProxyClientsId + name: v1Id required: true schema: type: string - /v1/projects/{projectsId}/brands/{brandsId}/identityAwareProxyClients/{identityAwareProxyClientsId}:resetSecret: + /v1/{v1Id}:validateAttributeExpression: parameters: *ref_1 post: - description: >- - Resets an Identity Aware Proxy (IAP) OAuth client secret. Useful if the - secret was compromised. Requires that the client is owned by IAP. - operationId: iap.projects.brands.identityAwareProxyClients.resetSecret - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ResetIdentityAwareProxyClientSecretRequest' + description: Validates that a given CEL expression conforms to IAP restrictions. + operationId: iap.validateAttributeExpression security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1929,20 +1937,14 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/IdentityAwareProxyClient' + $ref: '#/components/schemas/ValidateIapAttributeExpressionResponse' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: brandsId + name: v1Id required: true schema: type: string - - in: path - name: identityAwareProxyClientsId - required: true + - in: query + name: expression schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/identitytoolkit.yaml b/providers/src/googleapis.com/v00.00.00000/services/identitytoolkit.yaml index 476fe283..f74fbbc5 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/identitytoolkit.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/identitytoolkit.yaml @@ -8,7 +8,7 @@ info: description: Help the third party sites to implement federated login. version: v3 x-discovery-doc-revision: '20180723' - x-generated-date: '2025-08-28' + x-generated-date: '2025-12-10' externalDocs: url: https://developers.google.com/identity-toolkit/v3/ servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/ids.yaml b/providers/src/googleapis.com/v00.00.00000/services/ids.yaml index 6e5e6944..8a8fc8e5 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/ids.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/ids.yaml @@ -12,8 +12,8 @@ info: When you use this product, your organization name and consumption levels will be shared with Palo Alto Networks. version: v1 - x-discovery-doc-revision: '20250729' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251201' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/ servers: @@ -39,73 +39,136 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object + Endpoint: properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array + threatExceptions: + description: List of threat IDs to be excepted from generating alerts. items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + type: string + type: array + network: + description: >- + Required. The fully qualified URL of the network to which the IDS + Endpoint is attached. type: string - Operation: - id: Operation + trafficLogs: + type: boolean + description: >- + Whether the endpoint should report traffic logs in addition to + threat logs. + severity: + enum: + - SEVERITY_UNSPECIFIED + - INFORMATIONAL + - LOW + - MEDIUM + - HIGH + - CRITICAL + type: string + description: Required. Lowest threat severity that this endpoint will alert on. + enumDescriptions: + - Not set. + - Informational alerts. + - Low severity alerts. + - Medium severity alerts. + - High severity alerts. + - Critical severity alerts. + labels: + description: The labels of the endpoint. + additionalProperties: + type: string + type: object + satisfiesPzs: + type: boolean + description: Output only. [Output Only] Reserved for future use. + readOnly: true + updateTime: + readOnly: true + description: Output only. The update time timestamp. + type: string + format: google-datetime + description: + description: User-provided description of the endpoint + type: string + satisfiesPzi: + description: Output only. [Output Only] Reserved for future use. + type: boolean + readOnly: true + state: + enumDescriptions: + - Not set. + - Being created. + - Active and ready for traffic. + - Being deleted. + - Being updated. + enum: + - STATE_UNSPECIFIED + - CREATING + - READY + - DELETING + - UPDATING + description: Output only. Current state of the endpoint. + type: string + readOnly: true + endpointIp: + readOnly: true + description: Output only. The IP address of the IDS Endpoint's ILB. + type: string + endpointForwardingRule: + type: string + description: >- + Output only. The fully qualified URL of the endpoint's ILB + Forwarding Rule. + readOnly: true + createTime: + type: string + format: google-datetime + description: Output only. The create time timestamp. + readOnly: true + name: + type: string + description: Output only. The name of the endpoint. + readOnly: true + id: Endpoint description: >- - This resource represents a long-running operation that is the result of - a network API call. + Endpoint describes a single IDS endpoint. It defines a forwarding rule + to which packets can be sent for IDS inspection. + type: object + Location: + description: A resource that represents a Google Cloud location. type: object properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + locationId: type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. + description: 'The canonical id for this location. For example: `"us-east1"`.' + labels: type: object additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + type: string description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + displayName: + type: string description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + metadata: additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + type: string + id: Location Status: - id: Status description: >- The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It @@ -114,12 +177,12 @@ components: details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). - type: object + id: Status properties: code: + format: int32 description: The status code, which should be an enum value of google.rpc.Code. type: integer - format: int32 message: description: >- A developer-facing error message, which should be in English. Any @@ -127,38 +190,20 @@ components: google.rpc.Status.details field, or localized by the client. type: string details: + type: array description: >- A list of messages that carry the error details. There is a common set of message types for APIs to use. - type: array items: type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} ListEndpointsResponse: - id: ListEndpointsResponse type: object + id: ListEndpointsResponse properties: - endpoints: - description: The list of endpoints response. - type: array - items: - $ref: '#/components/schemas/Endpoint' nextPageToken: description: >- A token, which can be sent as `page_token` to retrieve the next @@ -166,108 +211,62 @@ components: type: string unreachable: description: Locations that could not be reached. - type: array items: type: string - Endpoint: - id: Endpoint - description: >- - Endpoint describes a single IDS endpoint. It defines a forwarding rule - to which packets can be sent for IDS inspection. + type: array + endpoints: + type: array + items: + $ref: '#/components/schemas/Endpoint' + description: The list of endpoints response. + CancelOperationRequest: + description: The request message for Operations.CancelOperation. + type: object + properties: {} + id: CancelOperationRequest + OperationMetadata: + id: OperationMetadata type: object properties: - name: - description: Output only. The name of the endpoint. - readOnly: true - type: string - createTime: - description: Output only. The create time timestamp. + endTime: readOnly: true - type: string format: google-datetime - updateTime: - description: Output only. The update time timestamp. - readOnly: true + description: Output only. The time the operation finished running. type: string - format: google-datetime - labels: - description: The labels of the endpoint. - type: object - additionalProperties: - type: string - network: - description: >- - Required. The fully qualified URL of the network to which the IDS - Endpoint is attached. + apiVersion: + description: Output only. API version used to start the operation. type: string - endpointForwardingRule: - description: >- - Output only. The fully qualified URL of the endpoint's ILB - Forwarding Rule. readOnly: true + statusMessage: type: string - endpointIp: - description: Output only. The IP address of the IDS Endpoint's ILB. readOnly: true + description: Output only. Human-readable status of the operation, if any. + createTime: + format: google-datetime type: string - description: - description: User-provided description of the endpoint - type: string - severity: - description: Required. Lowest threat severity that this endpoint will alert on. - type: string - enumDescriptions: - - Not set. - - Informational alerts. - - Low severity alerts. - - Medium severity alerts. - - High severity alerts. - - Critical severity alerts. - enum: - - SEVERITY_UNSPECIFIED - - INFORMATIONAL - - LOW - - MEDIUM - - HIGH - - CRITICAL - threatExceptions: - description: List of threat IDs to be excepted from generating alerts. - type: array - items: - type: string - state: - description: Output only. Current state of the endpoint. + readOnly: true + description: Output only. The time the operation was created. + target: readOnly: true type: string - enumDescriptions: - - Not set. - - Being created. - - Active and ready for traffic. - - Being deleted. - - Being updated. - enum: - - STATE_UNSPECIFIED - - CREATING - - READY - - DELETING - - UPDATING - trafficLogs: description: >- - Whether the endpoint should report traffic logs in addition to - threat logs. - type: boolean - satisfiesPzs: - description: Output only. [Output Only] Reserved for future use. + Output only. Server-defined resource path for the target of the + operation. + verb: readOnly: true + description: Output only. Name of the verb executed by the operation. + type: string + requestedCancellation: type: boolean - satisfiesPzi: - description: Output only. [Output Only] Reserved for future use. readOnly: true - type: boolean + description: >- + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have google.longrunning.Operation.error value with a + google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. + description: Represents the metadata of the long-running operation. ListLocationsResponse: - id: ListLocationsResponse description: The response message for Locations.ListLocations. - type: object properties: locations: description: >- @@ -277,83 +276,93 @@ components: items: $ref: '#/components/schemas/Location' nextPageToken: - description: The standard List next-page token. type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + description: The standard List next-page token. + id: ListLocationsResponse + type: object + Empty: + properties: {} + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + id: Empty + ListOperationsResponse: + description: The response message for Operations.ListOperations. + id: ListOperationsResponse type: object properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: + operations: description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: + A list of operations that matches the specified filter in the + request. + type: array + items: + $ref: '#/components/schemas/Operation' + unreachable: + type: array description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + items: type: string - metadata: + nextPageToken: + description: The standard List next-page token. + type: string + Operation: + properties: + response: description: >- - Service-specific metadata. For example the available capacity at the - given location. + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. - type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - target: + done: + type: boolean description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true - type: string - requestedCancellation: + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + error: + $ref: '#/components/schemas/Status' description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have google.longrunning.Operation.error value with a - google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + The error result of the operation in case of failure or + cancellation. + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string + metadata: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + description: >- + This resource represents a long-running operation that is the result of + a network API call. + type: object + id: Operation parameters: access_token: description: OAuth access token. @@ -361,6 +370,21 @@ components: name: access_token schema: type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string alt: description: Data format for response. in: query @@ -371,52 +395,46 @@ components: - json - media - proto - callback: - description: JSONP + _.xgafv: + description: V1 error format. in: query - name: callback + name: $.xgafv schema: type: string + enum: + - '1' + - '2' fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: key + name: prettyPrint schema: - type: string + type: boolean oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + callback: + description: JSONP in: query - name: quotaUser + name: callback schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: upload_protocol + name: key schema: type: string uploadType: @@ -425,34 +443,25 @@ components: name: uploadType schema: type: string - _.xgafv: - description: V1 error format. - in: query - name: $.xgafv - schema: - type: string - enum: - - '1' - - '2' x-stackQL-resources: locations: id: google.ids.locations name: locations title: Locations methods: - list: + get: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.locations - get: + list: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.locations sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/locations/methods/get' @@ -509,18 +518,17 @@ components: name: endpoints title: Endpoints methods: - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.endpoints - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -531,20 +539,21 @@ components: response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints~1{endpointsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpoints/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.endpoints sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/endpoints/methods/get' @@ -557,22 +566,22 @@ components: delete: - $ref: '#/components/x-stackQL-resources/endpoints/methods/delete' paths: - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}: parameters: &ref_1 - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' get: - description: Lists information about the supported locations for this service. - operationId: ids.projects.locations.list + description: Gets information about a location. + operationId: ids.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -584,35 +593,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes + - in: path + name: locationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}: + /v1/projects/{projectsId}/locations: parameters: *ref_1 get: - description: Gets information about a location. - operationId: ids.projects.locations.get + description: Lists information about the supported locations for this service. + operationId: ids.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -624,16 +621,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: extraLocationTypes schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/operations: @@ -666,15 +675,19 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string - in: query name: pageToken schema: @@ -797,11 +810,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints: + /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}: parameters: *ref_1 - get: - description: Lists Endpoints in a given project and location. - operationId: ids.projects.locations.endpoints.list + delete: + description: Deletes a single Endpoint. + operationId: ids.projects.locations.endpoints.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -813,7 +826,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListEndpointsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -825,26 +838,18 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: endpointsId + required: true schema: type: string - in: query - name: orderBy + name: requestId schema: type: string - post: - description: Creates a new Endpoint in a given project and location. - operationId: ids.projects.locations.endpoints.create + patch: + description: Updates the parameters of a single Endpoint. + operationId: ids.projects.locations.endpoints.patch requestBody: content: application/json: @@ -873,16 +878,20 @@ paths: required: true schema: type: string - - in: query - name: endpointId + - in: path + name: endpointsId + required: true schema: type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpoints/{endpointsId}: - parameters: *ref_1 + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: description: Gets details of a single Endpoint. operationId: ids.projects.locations.endpoints.get @@ -914,9 +923,11 @@ paths: required: true schema: type: string - patch: - description: Updates the parameters of a single Endpoint. - operationId: ids.projects.locations.endpoints.patch + /v1/projects/{projectsId}/locations/{locationsId}/endpoints: + parameters: *ref_1 + post: + description: Creates a new Endpoint in a given project and location. + operationId: ids.projects.locations.endpoints.create requestBody: content: application/json: @@ -945,23 +956,17 @@ paths: required: true schema: type: string - - in: path - name: endpointsId - required: true - schema: - type: string - in: query - name: updateMask + name: endpointId schema: type: string - format: google-fieldmask - in: query name: requestId schema: type: string - delete: - description: Deletes a single Endpoint. - operationId: ids.projects.locations.endpoints.delete + get: + description: Lists Endpoints in a given project and location. + operationId: ids.projects.locations.endpoints.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -973,7 +978,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListEndpointsResponse' parameters: - in: path name: projectsId @@ -985,12 +990,20 @@ paths: required: true schema: type: string - - in: path - name: endpointsId - required: true + - in: query + name: filter schema: type: string - in: query - name: requestId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: orderBy schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/integrations.yaml b/providers/src/googleapis.com/v00.00.00000/services/integrations.yaml index f458ed30..92dbe769 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/integrations.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/integrations.yaml @@ -7,8 +7,8 @@ info: title: Application Integration API description: '' version: v1 - x-discovery-doc-revision: '20250825' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251203' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/application-integration servers: @@ -34,240 +34,343 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleCloudIntegrationsV1alphaLinkAppsScriptProjectRequest: - id: GoogleCloudIntegrationsV1alphaLinkAppsScriptProjectRequest - description: Request for LinkAppsScriptProject rpc call. - type: object - properties: - scriptId: - description: The id of the Apps Script project to be linked. - type: string - GoogleCloudIntegrationsV1alphaLinkAppsScriptProjectResponse: - id: GoogleCloudIntegrationsV1alphaLinkAppsScriptProjectResponse - description: Response for LinkAppsScriptProject rpc call. - type: object - properties: - scriptId: - description: The id of the linked Apps Script project. - type: string - GoogleCloudIntegrationsV1alphaCreateAppsScriptProjectRequest: - id: GoogleCloudIntegrationsV1alphaCreateAppsScriptProjectRequest - description: Request for CreateAppsScriptProject rpc call. - type: object - properties: - appsScriptProject: - description: The name of the Apps Script project to be created. - type: string - authConfigId: - description: >- - The auth config id necessary to fetch the necessary credentials to - create the project for external clients - type: string - GoogleCloudIntegrationsV1alphaCreateAppsScriptProjectResponse: - id: GoogleCloudIntegrationsV1alphaCreateAppsScriptProjectResponse - description: Response for CreateAppsScriptProject rpc call. - type: object + GoogleCloudIntegrationsV1alphaErrorCatcherConfig: + id: GoogleCloudIntegrationsV1alphaErrorCatcherConfig properties: - projectId: - description: The created AppsScriptProject ID. + errorCatcherId: type: string - GoogleCloudIntegrationsV1alphaProvisionClientRequest: - id: GoogleCloudIntegrationsV1alphaProvisionClientRequest - description: Request for the Provision rpc - type: object - properties: - cloudKmsConfig: - description: >- - Optional. OPTIONAL: Cloud KMS config for AuthModule to - encrypt/decrypt credentials. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCloudKmsConfig' - createSampleWorkflows: - description: >- - Optional. Indicates if sample workflow should be created along with - provisioning - type: boolean - provisionGmek: description: >- - Optional. Deprecated. Indicates provision with GMEK or CMEK. This - field is deprecated and the provision would always be GMEK if - cloud_kms_config is not present in the request. - deprecated: true - type: boolean - runAsServiceAccount: + Required. An error catcher id is string representation for the error + catcher config. Within a workflow, error_catcher_id uniquely + identifies an error catcher config among all error catcher configs + for the workflow + errorCatcherNumber: description: >- - Optional. User input run-as service account, if empty, will bring up - a new default service account + Required. A number to uniquely identify each error catcher config + within the workflow on UI. type: string - skipCpProvision: - description: Optional. Indicates if skip CP provision or not - type: boolean - enableHttpCall: - description: >- - Optional. Indicates if the client should be allowed to make HTTP - calls. - type: boolean - enableManagedAiFeatures: - description: >- - Optional. Indicates if the client should be allowed to use managed - AI features, i.e. using Cloud Companion APIs of the tenant project. - This will allow the customers to use features like Troubleshooting, - OpenAPI spec enrichment, etc. for free. - type: boolean - GoogleCloudIntegrationsV1alphaCloudKmsConfig: - id: GoogleCloudIntegrationsV1alphaCloudKmsConfig - description: Configuration information for Client's Cloud KMS information - type: object - properties: - kmsLocation: - description: Required. Location name of the key ring, e.g. "us-west1". + description: type: string - kmsRing: description: >- - Required. A key ring organizes keys in a specific Google Cloud - location and allows you to manage access control on groups of keys. - A key ring's name does not need to be unique across a Google Cloud - project, but must be unique within a given location. - type: string - key: + Optional. User-provided description intended to give more business + context about the error catcher config. + startErrorTasks: description: >- - Required. A Cloud KMS key is a named object containing one or more - key versions, along with metadata for the key. A key exists on - exactly one key ring tied to a specific location. + Required. The set of start tasks that are to be executed for the + error catch flow + type: array + items: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaNextTask' + label: type: string - keyVersion: description: >- - Optional. Each version of a key contains key material used for - encryption or signing. A key's version is represented by an integer, - starting at 1. To decrypt data or verify a signature, you must use - the same key version that was used to encrypt or sign the data. - type: string - kmsProjectId: + Optional. The user created label for a particular error catcher. + Optional. + position: description: >- - Optional. The gcp project id of the project where the kms key - stored. If empty, the kms key is stored at the same project as - customer's project and ecrypted with CMEK, otherwise, the kms key is - stored in the tenant project and encrypted with GMEK - type: string - GoogleProtobufEmpty: - id: GoogleProtobufEmpty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - GoogleCloudIntegrationsV1alphaProvisionClientPostProcessorRequest: - id: GoogleCloudIntegrationsV1alphaProvisionClientPostProcessorRequest - description: Request for PostProvisioning rpc call. - type: object - properties: - workflows: - description: Optional. Indicate which workflows to create - type: array - items: - type: string - enumDescriptions: - - Default value, should not be used. - - Ecom processing workflow - - Connector tool workflow - enum: - - SAMPLE_INTEGRATIONS_UNSPECIFIED - - SAMPLE_WORKFLOW_ECOM_PROCESSING - - EXECUTE_CONNECTOR_TOOL_WORKFLOW - GoogleCloudIntegrationsV1alphaProvisionClientPostProcessorResponse: - id: GoogleCloudIntegrationsV1alphaProvisionClientPostProcessorResponse - description: Response for PostProvisioning rpc call. - type: object - properties: {} - GoogleCloudIntegrationsV1alphaDeprovisionClientRequest: - id: GoogleCloudIntegrationsV1alphaDeprovisionClientRequest - description: Request for the Deprovision rpc - type: object - properties: {} - GoogleCloudIntegrationsV1alphaGetClientResponse: - id: GoogleCloudIntegrationsV1alphaGetClientResponse - description: Response for the GetClient rpc + Optional. Informs the front-end application where to draw this error + catcher config on the UI. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCoordinate' + description: Configuration detail of a error catch task type: object - properties: - client: - description: 'Required. Required: The client configuration that was requested' - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaClientConfig' GoogleCloudIntegrationsV1alphaClientConfig: - id: GoogleCloudIntegrationsV1alphaClientConfig - description: The configuration information for the Client - type: object properties: - id: - description: Globally unique ID (project_id + region) - type: string - projectId: - description: The GCP project id of the client associated with - type: string - description: - description: Description of what the client is used for - type: string - region: - description: The region the client is linked to. + p4ServiceAccount: type: string + description: The service agent associated with this client cloudKmsConfig: $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCloudKmsConfig' + runAsServiceAccount: + type: string createTime: + format: google-datetime description: The timestamp when the client was first created. type: string - format: google-datetime - p4ServiceAccount: - description: The service agent associated with this client + region: + type: string + description: The region the client is linked to. + projectId: + type: string + description: The GCP project id of the client associated with + enableInternalIp: + type: boolean + description: >- + Optional. Indicates the client enables internal IP feature, this is + applicable for internal clients only. + description: type: string + description: Description of what the client is used for + isGmek: + description: Optional. Indicates the client is provisioned with CMEK or GMEK. + type: boolean + enableVariableMasking: + description: 'Optional. ' + type: boolean + customerConfig: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCustomerConfig' + description: Optional. Customer configuration information for the given client. billingType: - description: Indicates the billing type of the client type: string - enumDescriptions: - - Unspecified billing type - - A trial org provisioned through Apigee Provisioning Wizard - - Subscription based users of Apigee - - Consumption based users of IP enum: - BILLING_TYPE_UNSPECIFIED - BILLING_TYPE_APIGEE_TRIALS - BILLING_TYPE_APIGEE_SUBSCRIPTION - BILLING_TYPE_PAYG + enumDescriptions: + - Unspecified billing type + - A trial org provisioned through Apigee Provisioning Wizard + - Subscription based users of Apigee + - Consumption based users of IP + description: Indicates the billing type of the client clientState: - description: Indicates the activity state the client - type: string enumDescriptions: - The client state is unspecified - The client is active and able to make calls to the IP APIs - The client is disabled and will soon be deleted + type: string + description: Indicates the activity state the client enum: - CLIENT_STATE_UNSPECIFIED - CLIENT_STATE_ACTIVE - CLIENT_STATE_DISABLED - runAsServiceAccount: - type: string - enableVariableMasking: + enableManagedAiFeatures: description: 'Optional. ' type: boolean - isGmek: - description: Optional. Indicates the client is provisioned with CMEK or GMEK. - type: boolean - enableInternalIp: - description: >- - Optional. Indicates the client enables internal IP feature, this is - applicable for internal clients only. - type: boolean + id: + type: string + description: Globally unique ID (project_id + region) enableHttpCall: - description: 'Optional. ' type: boolean - enableManagedAiFeatures: description: 'Optional. ' - type: boolean - customerConfig: - description: Optional. Customer configuration information for the given client. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCustomerConfig' - GoogleCloudIntegrationsV1alphaCustomerConfig: + type: object + id: GoogleCloudIntegrationsV1alphaClientConfig + description: The configuration information for the Client + GoogleCloudIntegrationsV1alphaExecution: + properties: + updateTime: + description: Output only. Last modified time of the execution. + format: google-datetime + readOnly: true + type: string + integrationVersionState: + enum: + - INTEGRATION_STATE_UNSPECIFIED + - DRAFT + - ACTIVE + - ARCHIVED + - SNAPSHOT + enumDescriptions: + - Default. + - Draft. + - Active. + - Archived. + - Snapshot. + description: Output only. State of the integration version + readOnly: true + type: string + requestParams: + type: array + deprecated: true + items: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterEntry + description: Event parameters come in as part of the request. + directSubExecutions: + description: Direct sub executions of the following Execution. + type: array + items: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaExecution' + snapshotNumber: + readOnly: true + type: string + description: >- + Output only. An increasing sequence that is set when a new snapshot + is created + format: int64 + executionDetails: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaExecutionDetails' + description: Detailed info of this execution. + triggerId: + type: string + description: >- + The trigger id of the integration trigger config. If both trigger_id + and client_id is present, the integration is executed from the start + tasks provided by the matching trigger config otherwise it is + executed from the default start tasks. + replayInfo: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaExecutionReplayInfo + description: Output only. Replay info for the execution + readOnly: true + cloudLoggingDetails: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaCloudLoggingDetails + description: Cloud Logging details for the integration version + executionMethod: + type: string + enumDescriptions: + - Default value. + - Sync post. + - Async post. + - Async post with schedule time. + enum: + - EXECUTION_METHOD_UNSPECIFIED + - POST + - POST_TO_QUEUE + - SCHEDULE + description: The ways user posts this event. + createTime: + readOnly: true + description: Output only. Created time of the execution. + format: google-datetime + type: string + requestParameters: + description: Event parameters come in as part of the request. + type: object + additionalProperties: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' + cloudKmsKey: + description: Optional. Cloud KMS resource name for the CMEK encryption key. + type: string + responseParams: + deprecated: true + type: array + items: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterEntry + name: + description: Auto-generated primary key. + type: string + responseParameters: + description: >- + Event parameters returned as part of the response. In the case of + error, the `ErrorInfo` field is returned in the following format: { + "ErrorInfo": { "message": String, "code": Number } } + type: object + additionalProperties: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' + eventExecutionDetails: + deprecated: true + description: The execution info about this event. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoEventExecutionDetails' + id: GoogleCloudIntegrationsV1alphaExecution + description: >- + The Execution resource contains detailed information of an individual + integration execution. + type: object + GoogleCloudIntegrationsV1alphaSuccessPolicy: + properties: + finalState: + enum: + - FINAL_STATE_UNSPECIFIED + - SUCCEEDED + - SUSPENDED + enumDescriptions: + - UNSPECIFIED. + - >- + The default behavior, where successful tasks will be marked as + SUCCEEDED. + - >- + Sets the state to SUSPENDED after executing. This is required for + SuspensionTask; event execution will continue once the user calls + ResolveSuspensions with the event_execution_info_id and the task + number. + description: >- + State to which the execution snapshot status will be set if the task + succeeds. + type: string + description: >- + Policy that dictates the behavior for the task after it completes + successfully. + type: object + id: GoogleCloudIntegrationsV1alphaSuccessPolicy + GoogleCloudConnectorsV1ResourceLimits: + properties: + cpu: + description: Output only. CPU limit. + readOnly: true + type: string + memory: + readOnly: true + description: Output only. Memory limit. + type: string + id: GoogleCloudConnectorsV1ResourceLimits + type: object + description: Resource limits defined for connection pods of a given connector type. + GoogleCloudIntegrationsV1alphaListConnectionsResponse: + description: Response containing Connections listed by region. + type: object + properties: + nextPageToken: + description: Next page token. + type: string + connections: + items: + $ref: '#/components/schemas/GoogleCloudConnectorsV1Connection' + type: array + description: Connections. + id: GoogleCloudIntegrationsV1alphaListConnectionsResponse + GoogleCloudIntegrationsV1alphaResolveSuspensionResponse: + properties: {} + type: object + description: Response for Suspensions.ResolveSuspensions. + id: GoogleCloudIntegrationsV1alphaResolveSuspensionResponse + GoogleCloudConnectorsV1EnrichmentConfig: + description: Data enrichment configuration. + type: object + properties: + appendAcl: + description: Optional. Append ACL to the event. + type: boolean + id: GoogleCloudConnectorsV1EnrichmentConfig + GoogleCloudIntegrationsV1alphaUnpublishIntegrationVersionRequest: + properties: {} + description: Request for UnpublishIntegrationVersion. + type: object + id: GoogleCloudIntegrationsV1alphaUnpublishIntegrationVersionRequest + GoogleCloudIntegrationsV1alphaShareTemplateRequest: + properties: + resourceNames: + type: array + description: >- + Optional. Project name resources to share the template. The project + names is expected in resource format Ex: projects/{project-number} + or organization/{org-id} + items: + type: string + id: GoogleCloudIntegrationsV1alphaShareTemplateRequest + type: object + description: Request to Share template + GoogleCloudIntegrationsV1alphaConnectionSchemaMetadata: + type: object + id: GoogleCloudIntegrationsV1alphaConnectionSchemaMetadata + properties: + actions: + type: array + items: + type: string + description: List of actions. + entities: + description: List of entity names. + type: array + items: + type: string + description: Metadata of runtime connection schema. + GoogleCloudIntegrationsV1alphaAuthToken: + type: object + properties: + type: + description: Authentication type, e.g. "Basic", "Bearer", etc. + type: string + token: + type: string + description: The token for the auth type. + description: >- + The credentials to authenticate a user agent with a server that is put + in HTTP Authorization request header. + id: GoogleCloudIntegrationsV1alphaAuthToken + GoogleCloudIntegrationsV1alphaCustomerConfig: id: GoogleCloudIntegrationsV1alphaCustomerConfig - description: Customer configuration information for the given client type: object properties: enableManagedAiFeatures: @@ -283,1506 +386,1311 @@ components: client. type: string enableVariableMasking: + type: boolean description: >- Optional. True if variable masking feature should be turned on for this region. - type: boolean enableHttpCall: + type: boolean description: >- Optional. Indicates if the client should be allowed to make HTTP calls. True if http call feature should be turned on for this region. - type: boolean cloudKmsConfig: description: >- Optional. Cloud KMS config for Auth Module to encrypt/decrypt credentials. $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCloudKmsConfig' - GoogleCloudIntegrationsV1alphaChangeCustomerConfigRequest: - id: GoogleCloudIntegrationsV1alphaChangeCustomerConfigRequest - description: Request for the ChangeCustomerConfig rpc + description: Customer configuration information for the given client + GoogleCloudIntegrationsV1alphaExecuteEventResponse: type: object + description: The response for executing an integration. properties: - updateMask: - description: >- - Required. Field mask specifying the fields in the customer config - that have been modified and must be updated. If absent or empty, no - fields are updated. + executionId: + description: The id of the execution corresponding to this run of integration. type: string - format: google-fieldmask - customerConfig: - description: Optional. The customer configuration to be updated. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCustomerConfig' - GoogleCloudIntegrationsV1alphaChangeCustomerConfigResponse: - id: GoogleCloudIntegrationsV1alphaChangeCustomerConfigResponse - description: Response for the ChangeCustomerConfig rpc - type: object + id: GoogleCloudIntegrationsV1alphaExecuteEventResponse + EnterpriseCrmEventbusProtoProtoFunction: properties: - customerConfig: - description: Required. The updated customer configuration. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCustomerConfig' - GoogleCloudIntegrationsV1alphaGetClientMetadataResponse: - id: GoogleCloudIntegrationsV1alphaGetClientMetadataResponse - description: Response for the GetClientMetadata rpc - type: object - properties: - properties: - description: 'Required. Required: The client configuration that was requested' - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaProjectProperties' - GoogleCloudIntegrationsV1alphaProjectProperties: - id: GoogleCloudIntegrationsV1alphaProjectProperties - description: Metadata information for the given project - type: object - properties: - ipEnablementState: - description: An enum value of what the enablement state is for the given project - type: string - enumDescriptions: - - The client enablement status is unspecified - - The client is enabled on Standalone IP - - The client is enabled on Apigee - - The client is entitled for Apigee but not enabled + functionName: enum: - - IP_ENABLEMENT_STATE_UNSPECIFIED - - IP_ENABLEMENT_STATE_STANDALONE - - IP_ENABLEMENT_STATE_APIGEE - - IP_ENABLEMENT_STATE_APIGEE_ENTITLED - provisionedRegions: - description: A list of provisioned regions on the current project - type: array - items: - type: string - billingType: - description: 'Required. Required: The client billing type that was requested' + - UNSPECIFIED + - GET_STRING_SUBFIELD + - GET_INT_SUBFIELD + - GET_DOUBLE_SUBFIELD + - GET_BOOLEAN_SUBFIELD + - GET_STRING_ARRAY_SUBFIELD + - GET_INT_ARRAY_SUBFIELD + - GET_DOUBLE_ARRAY_SUBFIELD + - GET_BOOLEAN_ARRAY_SUBFIELD + - GET_PROTO_ARRAY_SUBFIELD + - GET_PROTO_SUBFIELD + - TO_JSON + - GET_BYTES_SUBFIELD_AS_UTF_8_STRING + - GET_BYTES_SUBFIELD_AS_PROTO + - EQUALS type: string enumDescriptions: - '' - - A trial org provisioned through Apigee Provisioning Wizard - - >- - Subscription based on concurrency model for Apigee and Application - Integration users. - - Consumption based users of IP - - >- - Argentum subscription for Application Integration users. To be - used in the future. - - >- - Special billing type to avoid any billing to clients (eg: trusted - tester program). This should not be used without consulting with - the leads. - enum: - - BILLING_TYPE_UNSPECIFIED - - APIGEE_TRIALS - - APIGEE_SUBSCRIPTION - - PAYG - - SUBSCRIPTION - - NO_BILLING - GoogleCloudIntegrationsV1alphaSwitchEncryptionRequest: - id: GoogleCloudIntegrationsV1alphaSwitchEncryptionRequest - description: Request for the SwitchEncryption rpc - type: object - properties: - cloudKmsConfig: - description: >- - Required. REQUIRED: Cloud KMS config for AuthModule to - encrypt/decrypt credentials. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCloudKmsConfig' - GoogleCloudIntegrationsV1alphaReplaceServiceAccountRequest: - id: GoogleCloudIntegrationsV1alphaReplaceServiceAccountRequest - description: Request for the ReplaceServiceAccount rpc + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' type: object + id: EnterpriseCrmEventbusProtoProtoFunction + GoogleCloudIntegrationsV1alphaLiftSuspensionRequest: + description: Request for lift Suspension + id: GoogleCloudIntegrationsV1alphaLiftSuspensionRequest properties: - runAsServiceAccount: - description: 'Required. REQUIRED: Run-as service account to be updated' + suspensionResult: type: string - GoogleCloudIntegrationsV1alphaSwitchVariableMaskingRequest: - id: GoogleCloudIntegrationsV1alphaSwitchVariableMaskingRequest - description: Request to enable/disable variable masking for a provisioned client - type: object - properties: - enableVariableMasking: description: >- - Required. REQUIRED: True if variable masking feature should be - turned on for this region - type: boolean - GoogleCloudIntegrationsV1alphaToggleHttpRequest: - id: GoogleCloudIntegrationsV1alphaToggleHttpRequest - description: Request to enable/disable http call for a provisioned client + User passed in suspension result and will be used to control + workflow execution branching behavior by setting up corresponnding + edge condition with suspension result. For example, if you want to + lift the suspension, you can pass "Approved", or if you want to + reject the suspension and terminate workfloe execution, you can pass + "Rejected" and terminate the workflow execution with configuring the + edge condition. type: object - properties: - enableHttpCall: - description: >- - Required. REQUIRED: True if http call feature should be turned on - for this region - type: boolean - GoogleCloudIntegrationsV1alphaCreateCloudFunctionRequest: - id: GoogleCloudIntegrationsV1alphaCreateCloudFunctionRequest - description: Request for Creating Cloud Function rpc call. + GoogleCloudConnectorsV1AuthConfigOauth2ClientCredentials: type: object properties: - projectId: - description: >- - Indicates the id of the GCP project that the function will be - created in. - type: string - functionName: - description: The function name of CF to be created - type: string - functionRegion: - description: The function region of CF to be created - type: string - gcfApiVersion: - description: Optional. The api version of CF to be created + clientSecret: + description: Optional. Secret version reference containing the client secret. + $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' + clientId: + description: Optional. The client identifier. type: string - enumDescriptions: - - Unspecified. - - V1 API version. - - V2 API version. - enum: - - GCF_API_VERSION_UNSPECIFIED - - API_VERSION_V1 - - API_VERSION_V2 - GoogleCloudIntegrationsV1alphaCreateCloudFunctionResponse: - id: GoogleCloudIntegrationsV1alphaCreateCloudFunctionResponse - description: Response for Creating Cloud Function rpc call. + description: >- + Parameters to support Oauth 2.0 Client Credentials Grant Authentication. + See https://tools.ietf.org/html/rfc6749#section-1.3.4 for more details. + id: GoogleCloudConnectorsV1AuthConfigOauth2ClientCredentials + GoogleCloudIntegrationsV1alphaExecuteTestCaseRequest: type: object properties: - triggerUrl: - description: The trigger url that will be returned - type: string - GoogleCloudIntegrationsV1alphaListCertificatesResponse: - id: GoogleCloudIntegrationsV1alphaListCertificatesResponse - description: Response to list Certificates. + inputParameters: + description: Optional. Input parameters used by test case execution. + additionalProperties: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' + type: object + id: GoogleCloudIntegrationsV1alphaExecuteTestCaseRequest + description: The request for executing a functional test. + EnterpriseCrmFrontendsEventbusProtoEventParameters: + description: >- + LINT.IfChange This message is used for processing and persisting (when + applicable) key value pair parameters for each event in the event bus. + Please see type: object + id: EnterpriseCrmFrontendsEventbusProtoEventParameters properties: - certificates: - description: The list of Certificates retrieved. + parameters: type: array items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' - nextPageToken: - description: The token used to retrieve the next page of results. - type: string - GoogleCloudIntegrationsV1alphaCertificate: - id: GoogleCloudIntegrationsV1alphaCertificate - description: The certificate definition + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterEntry + description: >- + Parameters are a part of Event and can be used to communicate + between different tasks that are part of the same workflow + execution. + EnterpriseCrmFrontendsEventbusProtoWorkflowParameters: + description: >- + LINT.IfChange This is the frontend version of WorkflowParameters. It's + exactly like the backend version except that instead of flattening + protobuf parameters and treating every field and subfield of a protobuf + parameter as a separate parameter, the fields/subfields of a protobuf + parameter will be nested as "children" (see 'children' field below) + parameters of the parent parameter. Please refer to + enterprise/crm/eventbus/proto/workflow_parameters.proto for more + information about WorkflowParameters. + id: EnterpriseCrmFrontendsEventbusProtoWorkflowParameters + properties: + parameters: + items: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntry + type: array + description: >- + Parameters are a part of Event and can be used to communiticate + between different tasks that are part of the same workflow + execution. + type: object + EnterpriseCrmEventbusStatsDimensions: type: object properties: - name: - description: Output only. Auto generated primary key - readOnly: true - type: string - displayName: - description: Required. Name of the certificate + warningEnumString: type: string - description: - description: Description of the certificate + taskName: type: string - requestorId: + triggerId: description: >- - Immutable. Requestor ID to be used to register certificate with - trawler + Stats have been or will be aggregated on set fields for any + semantically-meaningful combination. type: string - credentialId: - description: Immutable. Credential id that will be used to register with trawler + taskNumber: type: string - certificateStatus: - description: Status of the certificate + workflowName: type: string + enumFilterType: enumDescriptions: - - Unspecified certificate status - - Certificate in active state will be able to use - - Certificate in expired state needs to be updated + - '' + - '' + description: Whether to include or exclude the enums matching the regex. + type: string enum: - - STATE_UNSPECIFIED - - ACTIVE - - EXPIRED - validStartTime: - description: Output only. The timestamp after which certificate will be valid - readOnly: true + - DEFAULT_INCLUSIVE + - EXCLUSIVE + retryAttempt: + enum: + - UNSPECIFIED + - FINAL + - RETRYABLE + - CANCELED + enumDescriptions: + - '' + - >- + Task has completed successfully or has depleted all retry + attempts. + - Task has failed but may be retried. + - Task has been deliberately canceled. type: string - format: google-datetime - validEndTime: - description: Output only. The timestamp after which certificate will expire - readOnly: true + clientId: type: string - format: google-datetime - rawCertificate: - description: >- - Input only. Raw client certificate which would be registered with - trawler - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaClientCertificate' - GoogleCloudIntegrationsV1alphaClientCertificate: - id: GoogleCloudIntegrationsV1alphaClientCertificate - description: Contains client certificate information + workflowId: + type: string + errorEnumString: + type: string + id: EnterpriseCrmEventbusStatsDimensions + GoogleCloudConnectorsV1Connection: + id: GoogleCloudConnectorsV1Connection type: object + description: Connection represents an instance of connector. properties: - sslCertificate: - description: >- - The ssl certificate encoded in PEM format. This string must include - the begin header and end footer lines. For example, -----BEGIN - CERTIFICATE----- - MIICTTCCAbagAwIBAgIJAPT0tSKNxan/MA0GCSqGSIb3DQEBCwUAMCoxFzAVBgNV - BAoTDkdvb2dsZSBURVNUSU5HMQ8wDQYDVQQDEwZ0ZXN0Q0EwHhcNMTUwMTAxMDAw - MDAwWhcNMjUwMTAxMDAwMDAwWjAuMRcwFQYDVQQKEw5Hb29nbGUgVEVTVElORzET - MBEGA1UEAwwKam9lQGJhbmFuYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA - vDYFgMgxi5W488d9J7UpCInl0NXmZQpJDEHE4hvkaRlH7pnC71H0DLt0/3zATRP1 - JzY2+eqBmbGl4/sgZKYv8UrLnNyQNUTsNx1iZAfPUflf5FwgVsai8BM0pUciq1NB - xD429VFcrGZNucvFLh72RuRFIKH8WUpiK/iZNFkWhZ0CAwEAAaN3MHUwDgYDVR0P - AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB - Af8EAjAAMBkGA1UdDgQSBBCVgnFBCWgL/iwCqnGrhTPQMBsGA1UdIwQUMBKAEKey - Um2o4k2WiEVA0ldQvNYwDQYJKoZIhvcNAQELBQADgYEAYK986R4E3L1v+Q6esBtW - JrUwA9UmJRSQr0N5w3o9XzarU37/bkjOP0Fw0k/A6Vv1n3vlciYfBFaBIam1qRHr - 5dMsYf4CZS6w50r7hyzqyrwDoyNxkLnd2PdcHT/sym1QmflsjEs7pejtnohO6N2H - wQW6M0H7Zt8claGRla4fKkg= -----END CERTIFICATE----- + connectionRevision: type: string - encryptedPrivateKey: description: >- - The ssl certificate encoded in PEM format. This string must include - the begin header and end footer lines. For example, -----BEGIN - CERTIFICATE----- - MIICTTCCAbagAwIBAgIJAPT0tSKNxan/MA0GCSqGSIb3DQEBCwUAMCoxFzAVBgNV - BAoTDkdvb2dsZSBURVNUSU5HMQ8wDQYDVQQDEwZ0ZXN0Q0EwHhcNMTUwMTAxMDAw - MDAwWhcNMjUwMTAxMDAwMDAwWjAuMRcwFQYDVQQKEw5Hb29nbGUgVEVTVElORzET - MBEGA1UEAwwKam9lQGJhbmFuYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA - vDYFgMgxi5W488d9J7UpCInl0NXmZQpJDEHE4hvkaRlH7pnC71H0DLt0/3zATRP1 - JzY2+eqBmbGl4/sgZKYv8UrLnNyQNUTsNx1iZAfPUflf5FwgVsai8BM0pUciq1NB - xD429VFcrGZNucvFLh72RuRFIKH8WUpiK/iZNFkWhZ0CAwEAAaN3MHUwDgYDVR0P - AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB - Af8EAjAAMBkGA1UdDgQSBBCVgnFBCWgL/iwCqnGrhTPQMBsGA1UdIwQUMBKAEKey - Um2o4k2WiEVA0ldQvNYwDQYJKoZIhvcNAQELBQADgYEAYK986R4E3L1v+Q6esBtW - JrUwA9UmJRSQr0N5w3o9XzarU37/bkjOP0Fw0k/A6Vv1n3vlciYfBFaBIam1qRHr - 5dMsYf4CZS6w50r7hyzqyrwDoyNxkLnd2PdcHT/sym1QmflsjEs7pejtnohO6N2H - wQW6M0H7Zt8claGRla4fKkg= -----END CERTIFICATE----- - type: string - passphrase: + Output only. Connection revision. This field is only updated when + the connection is created or updated by User. + readOnly: true + format: int64 + status: + $ref: '#/components/schemas/GoogleCloudConnectorsV1ConnectionStatus' + readOnly: true + description: Output only. Current status of the connection. + eventingRuntimeData: + description: Output only. Eventing Runtime Data. + $ref: '#/components/schemas/GoogleCloudConnectorsV1EventingRuntimeData' + readOnly: true + labels: description: >- - 'passphrase' should be left unset if private key is not encrypted. - Note that 'passphrase' is not the password for web server, but an - extra layer of security to protected private key. - type: string - GoogleCloudIntegrationsV1alphaAuthConfig: - id: GoogleCloudIntegrationsV1alphaAuthConfig - description: The AuthConfig resource use to hold channels and connection config data. - type: object - properties: + Optional. Resource labels to represent user-provided metadata. Refer + to cloud documentation on labels for more details. + https://cloud.google.com/compute/docs/labeling-resources + type: object + additionalProperties: + type: string name: - description: >- - Resource name of the auth config. For more information, see Manage - authentication profiles. - projects/{project}/locations/{location}/authConfigs/{authConfig}. - type: string - displayName: - description: Required. The name of the auth config. - type: string - description: - description: Optional. A description of the auth config. + readOnly: true type: string - encryptedCredential: description: >- - Auth credential encrypted by Cloud KMS. Can be decrypted as - Credential with proper KMS key. - type: string - format: byte - decryptedCredential: - description: Raw auth credentials. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCredential' - certificateId: - description: Certificate id for client certificate - type: string - credentialType: - description: Required. Credential type of the encrypted credential. + Output only. Resource name of the Connection. Format: + projects/{project}/locations/{location}/connections/{connection} + lockConfig: + $ref: '#/components/schemas/GoogleCloudConnectorsV1LockConfig' + description: >- + Optional. Configuration that indicates whether or not the Connection + can be edited. + eventingEnablementType: + description: >- + Optional. Eventing enablement type. Will be nil if eventing is not + enabled. type: string enumDescriptions: - - Unspecified credential type - - Regular username/password pair. - - API key. - - OAuth 2.0 Authorization Code Grant Type. - - OAuth 2.0 Implicit Grant Type. - - OAuth 2.0 Client Credentials Grant Type. - - OAuth 2.0 Resource Owner Credentials Grant Type. - - JWT Token. - - Auth Token, e.g. bearer token. - - >- - Service Account which can be used to generate token for - authentication. - - Client Certificate only. - - Google OIDC ID Token + - Eventing Enablement Type Unspecifeied. + - Both connection and eventing. + - Only Eventing. enum: - - CREDENTIAL_TYPE_UNSPECIFIED - - USERNAME_AND_PASSWORD - - API_KEY - - OAUTH2_AUTHORIZATION_CODE - - OAUTH2_IMPLICIT - - OAUTH2_CLIENT_CREDENTIALS - - OAUTH2_RESOURCE_OWNER_CREDENTIALS - - JWT - - AUTH_TOKEN - - SERVICE_ACCOUNT - - CLIENT_CERTIFICATE_ONLY - - OIDC_TOKEN - creatorEmail: + - EVENTING_ENABLEMENT_TYPE_UNSPECIFIED + - EVENTING_AND_CONNECTION + - ONLY_EVENTING + fallbackOnAdminCredentials: description: >- - The creator's email address. Generated based on the End User - Credentials/LOAS role of the user making the call. - type: string - createTime: - description: Output only. The timestamp when the auth config is created. - readOnly: true + Optional. Fallback on admin credentials for the connection. If this + both auth_override_enabled and fallback_on_admin_credentials are set + to true, the connection will use the admin credentials if the + dynamic auth header is not present during auth override. + type: boolean + imageLocation: type: string - format: google-datetime - lastModifierEmail: description: >- - The last modifier's email address. Generated based on the End User - Credentials/LOAS role of the user making the call. - type: string - updateTime: - description: Output only. The timestamp when the auth config is modified. + Output only. GCR location where the runtime image is stored. + formatted like: gcr.io/{bucketName}/{imageName} + readOnly: true + serviceDirectory: readOnly: true type: string - format: google-datetime - visibility: - description: Optional. The visibility of the auth config. - type: string - enumDescriptions: - - Visibility not specified. - - Profile visible to the creator only. - - Profile visible within the client. - enum: - - AUTH_CONFIG_VISIBILITY_UNSPECIFIED - - PRIVATE - - CLIENT_VISIBLE - state: - description: Output only. The status of the auth config. + description: >- + Output only. The name of the Service Directory service name. Used + for Private Harpoon to resolve the ILB address. e.g. + "projects/cloud-connectors-e2e-testing/locations/us-central1/namespaces/istio-system/services/istio-ingressgateway-connectors" + euaOauthAuthConfig: + description: >- + Optional. Additional Oauth2.0 Auth config for EUA. If the connection + is configured using non-OAuth authentication but OAuth needs to be + used for EUA, this field can be populated with the OAuth config. + This should be a OAuth2AuthCodeFlow Auth type only. + $ref: '#/components/schemas/GoogleCloudConnectorsV1AuthConfig' + configVariables: + items: + $ref: '#/components/schemas/GoogleCloudConnectorsV1ConfigVariable' + type: array + description: >- + Optional. Configuration for configuring the connection with an + external system. + tlsServiceDirectory: + description: Output only. The name of the Service Directory service with TLS. readOnly: true type: string - enumDescriptions: - - Status not specified. - - Valid Auth config. - - >- - General invalidity, if it doesn't fits in the detailed issue - below. - - Auth config soft deleted. - - Auth config expired. - - Auth config unauthorized. - - Auth config not supported. - enum: - - STATE_UNSPECIFIED - - VALID - - INVALID - - SOFT_DELETED - - EXPIRED - - UNAUTHORIZED - - UNSUPPORTED - reason: - description: Output only. The reason / details of the current status. + host: readOnly: true type: string - expiryNotificationDuration: description: >- - Optional. User can define the time to receive notification after - which the auth config becomes invalid. Support up to 30 days. - Support granularity in hours. - type: array + Output only. The name of the Hostname of the Service Directory + service with TLS. + trafficShapingConfigs: items: - type: string - format: google-duration - validTime: + $ref: '#/components/schemas/GoogleCloudConnectorsV1TrafficShapingConfig' + type: array + description: Optional. Traffic shaping configuration for the connection. + billingConfig: + $ref: '#/components/schemas/GoogleCloudConnectorsV1BillingConfig' + readOnly: true + description: Output only. Billing config for the connection. + envoyImageLocation: description: >- - Optional. The time until the auth config is valid. Empty or max - value is considered the auth config won't expire. + Output only. GCR location where the envoy image is stored. formatted + like: gcr.io/{bucketName}/{imageName} + readOnly: true + type: string + sslConfig: + description: Optional. Ssl config of a connection + $ref: '#/components/schemas/GoogleCloudConnectorsV1SslConfig' + createTime: type: string + description: Output only. Created time. + readOnly: true format: google-datetime - overrideValidTime: + asyncOperationsEnabled: + type: boolean description: >- - Optional. User provided expiry time to override. For the example of - Salesforce, username/password credentials can be valid for 6 months - depending on the instance settings. + Optional. Async operations enabled for the connection. If Async + Operations is enabled, Connection allows the customers to initiate + async long running operations using the actions API. + description: type: string - format: google-datetime - GoogleCloudIntegrationsV1alphaCredential: - id: GoogleCloudIntegrationsV1alphaCredential - description: Defines parameters for a single, canonical credential. - type: object - properties: - credentialType: - description: Credential type associated with auth config. + description: Optional. Description of the resource. + authOverrideEnabled: + description: >- + Optional. Auth override enabled for the connection. If Auth Override + is enabled, Connection allows the backend service auth to be + overridden in the entities/actions API. + type: boolean + logConfig: + description: Optional. Log configuration for the connection. + $ref: '#/components/schemas/GoogleCloudConnectorsV1LogConfig' + eventingConfig: + $ref: '#/components/schemas/GoogleCloudConnectorsV1EventingConfig' + description: Optional. Eventing config of a connection + nodeConfig: + description: Optional. Node configuration for the connection. + $ref: '#/components/schemas/GoogleCloudConnectorsV1NodeConfig' + isTrustedTester: + type: boolean + readOnly: true + description: Output only. Is trusted tester program enabled for the project. + subscriptionType: + readOnly: true + enum: + - SUBSCRIPTION_TYPE_UNSPECIFIED + - PAY_G + - PAID + description: >- + Output only. This subscription type enum states the subscription + type of the project. type: string enumDescriptions: - - Unspecified credential type - - Regular username/password pair. - - API key. - - OAuth 2.0 Authorization Code Grant Type. - - OAuth 2.0 Implicit Grant Type. - - OAuth 2.0 Client Credentials Grant Type. - - OAuth 2.0 Resource Owner Credentials Grant Type. - - JWT Token. - - Auth Token, e.g. bearer token. - - >- - Service Account which can be used to generate token for - authentication. - - Client Certificate only. - - Google OIDC ID Token - enum: - - CREDENTIAL_TYPE_UNSPECIFIED - - USERNAME_AND_PASSWORD - - API_KEY - - OAUTH2_AUTHORIZATION_CODE - - OAUTH2_IMPLICIT - - OAUTH2_CLIENT_CREDENTIALS - - OAUTH2_RESOURCE_OWNER_CREDENTIALS - - JWT - - AUTH_TOKEN - - SERVICE_ACCOUNT - - CLIENT_CERTIFICATE_ONLY - - OIDC_TOKEN - usernameAndPassword: - description: Username and password credential - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaUsernameAndPassword - oauth2AuthorizationCode: + - Unspecified subscription type. + - PayG subscription. + - Paid Subscription. + destinationConfigs: description: >- - The api_key and oauth2_implicit are not covered in v1 and will be - picked up once v1 is implemented. ApiKey api_key = 3; OAuth2 - authorization code credential - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaOAuth2AuthorizationCode - oauth2ClientCredentials: - description: OAuth2Implicit oauth2_implicit = 5; OAuth2 client credentials - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaOAuth2ClientCredentials - oauth2ResourceOwnerCredentials: - description: OAuth2 resource owner credentials - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaOAuth2ResourceOwnerCredentials - jwt: - description: JWT credential - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaJwt' - authToken: - description: Auth token credential - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthToken' - serviceAccountCredentials: - description: Service account credential + Optional. Configuration of the Connector's destination. Only + accepted for Connectors that accepts user defined destination(s). + items: + $ref: '#/components/schemas/GoogleCloudConnectorsV1DestinationConfig' + type: array + connectorVersionInfraConfig: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaServiceAccountCredentials - oidcToken: - description: Google OIDC ID Token - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaOidcToken' - GoogleCloudIntegrationsV1alphaUsernameAndPassword: - id: GoogleCloudIntegrationsV1alphaUsernameAndPassword - description: Username and password pair. - type: object - properties: - username: - description: Username to be used + #/components/schemas/GoogleCloudConnectorsV1ConnectorVersionInfraConfig + readOnly: true + description: Output only. Infra configs supported by Connector Version. + serviceAccount: type: string - password: - description: Password to be used + description: >- + Optional. Service account needed for runtime plane to access Google + Cloud resources. + connectorVersionLaunchStage: + readOnly: true type: string - GoogleCloudIntegrationsV1alphaOAuth2AuthorizationCode: - id: GoogleCloudIntegrationsV1alphaOAuth2AuthorizationCode - description: >- - The OAuth Type where the client sends request with the client id and - requested scopes to auth endpoint. User sees a consent screen and auth - code is received at specified redirect url afterwards. The auth code is - then combined with the client id and secret and sent to the token - endpoint in exchange for the access and refresh token. The refresh token - can be used to fetch new access tokens. + enumDescriptions: + - LAUNCH_STAGE_UNSPECIFIED. + - PREVIEW. + - GA. + - DEPRECATED. + - TEST. + - PRIVATE_PREVIEW. + enum: + - LAUNCH_STAGE_UNSPECIFIED + - PREVIEW + - GA + - DEPRECATED + - TEST + - PRIVATE_PREVIEW + description: Output only. Flag to mark the version indicating the launch stage. + authConfig: + description: >- + Optional. Configuration for establishing the connection's + authentication with an external system. + $ref: '#/components/schemas/GoogleCloudConnectorsV1AuthConfig' + connectorVersion: + description: >- + Required. Connector version on which the connection is created. The + format is: + projects/*/locations/*/providers/*/connectors/*/versions/* Only + global location is supported for ConnectorVersion resource. + type: string + suspended: + description: >- + Optional. Suspended indicates if a user has suspended a connection + or not. + type: boolean + updateTime: + format: google-datetime + description: Output only. Updated time. + type: string + readOnly: true + GoogleCloudIntegrationsV1alphaTakeoverEditLockResponse: + description: Response for TakeoverEditLock. type: object properties: - clientId: - description: The client's id. + integrationVersion: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + description: Version after the lock is acquired by the new user. + id: GoogleCloudIntegrationsV1alphaTakeoverEditLockResponse + EnterpriseCrmFrontendsEventbusProtoTaskConfig: + description: >- + The task configuration details. This is not the implementation of Task. + There might be multiple TaskConfigs for the same Task. + properties: + nextTasksExecutionPolicy: + enum: + - UNSPECIFIED + - RUN_ALL_MATCH + - RUN_FIRST_MATCH + enumDescriptions: + - Default + - Execute all the tasks that satisfy their associated condition. + - Execute the first task that satisfies the associated condition. + description: >- + The policy dictating the execution of the next set of tasks for the + current task. type: string - clientSecret: - description: The client's secret. + nextTasks: + items: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoNextTask' + description: >- + The set of tasks that are next in line to be executed as per the + execution graph defined for the parent event, specified by + `event_config_id`. Each of these next tasks are executed only if the + condition associated with them evaluates to true. + type: array + creatorEmail: + description: The creator's email address. Auto-generated from the user's email. type: string - scope: - description: A space-delimited list of requested scope permissions. + taskName: + description: The name for the task. type: string - authEndpoint: - description: The auth url endpoint to send the auth code request to. + createTime: type: string - authParams: - description: The auth parameters sent along with the auth code request. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaParameterMap' - tokenEndpoint: - description: The token url endpoint to send the token request to. - type: string - tokenParams: - description: The token parameters sent along with the token request. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaParameterMap' - accessToken: - description: The access token received from the token endpoint. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAccessToken' - authCode: - description: The Auth Code that is used to initially retrieve the access token. - type: string - requestType: - description: Represent how to pass parameters to fetch access token + description: Auto-generated. + format: google-datetime + taskExecutionStrategy: type: string enumDescriptions: - - Unspecified request type - - To pass all the parameters in post body. - - To pass all the parameters as a part of query parameter. - >- - To pass client id and client secret as base 64 encoding of - client_id:client_password and rest parameters in post body. + Wait until all of its previous tasks finished execution, then + verify at least one of the edge conditions is met, and execute if + possible. This should be considered as WHEN_ALL_TASKS_SUCCEED. + - >- + Start execution as long as any of its previous tasks finished + execution and the corresponding edge condition is met (since we + will execute if only that succeeding edge condition is met). + - >- + Wait until all of its previous tasks finished execution, then + verify the all edge conditions are met and execute if possible. + description: The policy dictating the execution strategy of this task. enum: - - REQUEST_TYPE_UNSPECIFIED - - REQUEST_BODY - - QUERY_PARAMETERS - - ENCODED_HEADER - applyReauthPolicy: + - WHEN_ALL_SUCCEED + - WHEN_ANY_SUCCEED + - WHEN_ALL_TASKS_AND_CONDITIONS_SUCCEED + incomingEdgeCount: + description: The number of edges leading into this TaskConfig. + type: integer + format: int32 + taskTemplateName: + description: Used to define task-template name if task is of type task-template + type: string + failurePolicy: description: >- - Indicates if the user has opted in Google Reauth Policy. If opted - in, the refresh token will be valid for 20 hours, after which time - users must re-authenticate in order to obtain a new one. - type: boolean - GoogleCloudIntegrationsV1alphaParameterMap: - id: GoogleCloudIntegrationsV1alphaParameterMap - description: >- - A generic multi-map that holds key value pairs. They keys and values can - be of any type, unless specified. - type: object - properties: - entries: - description: A list of parameter map entries. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaParameterMapEntry - keyType: + Optional. Determines the number of times the task will be retried on + failure and with what retry strategy. This is applicable for + asynchronous calls to Eventbus alone (Post To Queue, Schedule etc.). + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoFailurePolicy' + precondition: description: >- - Option to specify key type for all entries of the map. If provided - then field types for all entries must conform to this. + Optional. Standard filter expression evaluated before execution. + Independent of other conditions and tasks. Can be used to enable + rollout. e.g. "rollout(5)" will only allow 5% of incoming traffic to + task. type: string - enumDescriptions: - - Unspecified. - - String. - - Integer. - - Double Number. - - Boolean. - - String Array. - - Integer Array. - - Double Number Array. - - Boolean Array. - - Json. - - Proto Value (Internal use only). - - Proto Array (Internal use only). - - // Non-serializable object (Internal use only). - - Proto Enum (Internal use only). - - Serialized object (Internal use only). - - Proto Enum Array (Internal use only). - - >- - BYTES data types are not allowed for top-level params. They're - only meant to support protobufs with BYTES (sub)fields. - - >- - BYTES_ARRAY data types are not allowed for top-level params. - They're only meant to support protobufs with BYTES (sub)fields. - enum: - - INTEGRATION_PARAMETER_DATA_TYPE_UNSPECIFIED - - STRING_VALUE - - INT_VALUE - - DOUBLE_VALUE - - BOOLEAN_VALUE - - STRING_ARRAY - - INT_ARRAY - - DOUBLE_ARRAY - - BOOLEAN_ARRAY - - JSON_VALUE - - PROTO_VALUE - - PROTO_ARRAY - - NON_SERIALIZABLE_OBJECT - - PROTO_ENUM - - SERIALIZED_OBJECT_VALUE - - PROTO_ENUM_ARRAY - - BYTES - - BYTES_ARRAY - valueType: + lastModifiedTime: + type: string + format: google-datetime + description: Auto-generated. + preconditionLabel: description: >- - Option to specify value type for all entries of the map. If provided - then field types for all entries must conform to this. + Optional. User-provided label that is attached to precondition in + the UI. + type: string + synchronousCallFailurePolicy: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoFailurePolicy' + description: >- + Optional. Determines the number of times the task will be retried on + failure and with what retry strategy. This is applicable for + synchronous calls to Eventbus alone (Post). + jsonValidationOption: + description: >- + If set, overrides the option configured in the Task implementation + class. type: string + enum: + - UNSPECIFIED_JSON_VALIDATION_OPTION + - SKIP + - PRE_EXECUTION + - POST_EXECUTION + - PRE_POST_EXECUTION enumDescriptions: - - Unspecified. - - String. - - Integer. - - Double Number. - - Boolean. - - String Array. - - Integer Array. - - Double Number Array. - - Boolean Array. - - Json. - - Proto Value (Internal use only). - - Proto Array (Internal use only). - - // Non-serializable object (Internal use only). - - Proto Enum (Internal use only). - - Serialized object (Internal use only). - - Proto Enum Array (Internal use only). - >- - BYTES data types are not allowed for top-level params. They're - only meant to support protobufs with BYTES (sub)fields. + As per the default behavior, no validation will be run. Will not + override any option set in a Task. + - Do not run any validation against JSON schemas. - >- - BYTES_ARRAY data types are not allowed for top-level params. - They're only meant to support protobufs with BYTES (sub)fields. - enum: - - INTEGRATION_PARAMETER_DATA_TYPE_UNSPECIFIED - - STRING_VALUE - - INT_VALUE - - DOUBLE_VALUE - - BOOLEAN_VALUE - - STRING_ARRAY - - INT_ARRAY - - DOUBLE_ARRAY - - BOOLEAN_ARRAY - - JSON_VALUE - - PROTO_VALUE - - PROTO_ARRAY - - NON_SERIALIZABLE_OBJECT - - PROTO_ENUM - - SERIALIZED_OBJECT_VALUE - - PROTO_ENUM_ARRAY - - BYTES - - BYTES_ARRAY - GoogleCloudIntegrationsV1alphaParameterMapEntry: - id: GoogleCloudIntegrationsV1alphaParameterMapEntry - description: Entry is a pair of key and value. - type: object - properties: - key: - description: Key of the map entry. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaParameterMapField' - value: - description: Value of the map entry. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaParameterMapField' - GoogleCloudIntegrationsV1alphaParameterMapField: - id: GoogleCloudIntegrationsV1alphaParameterMapField - description: Field represents either the key or value in an entry. - type: object - properties: - referenceKey: - description: Referencing one of the Integration variables. - type: string - literalValue: - description: Passing a literal value. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' - GoogleCloudIntegrationsV1alphaValueType: - id: GoogleCloudIntegrationsV1alphaValueType - description: The type of the parameter. - type: object - properties: - stringValue: - description: String. + Validate all potential input JSON parameters against schemas + specified in WorkflowParameters. + - >- + Validate all potential output JSON parameters against schemas + specified in WorkflowParameters. + - Perform both PRE_EXECUTION and POST_EXECUTION validations. + taskNumber: + description: >- + REQUIRED: the identifier of this task within its parent event + config, specified by the client. This should be unique among all the + tasks belong to the same event config. We use this field as the + identifier to find next tasks (via field `next_tasks.task_number`). type: string - intValue: - description: Integer. + errorCatcherId: + description: >- + Optional Error catcher id of the error catch flow which will be + executed when execution error happens in the task type: string - format: int64 - doubleValue: - description: Double Number. - type: number - format: double - booleanValue: - description: Boolean. - type: boolean - stringArray: - description: String Array. - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaStringParameterArray - intArray: - description: Integer Array. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaIntParameterArray' - doubleArray: - description: Double Number Array. - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaDoubleParameterArray - booleanArray: - description: Boolean Array. - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaBooleanParameterArray - jsonValue: - description: Json. - type: string - GoogleCloudIntegrationsV1alphaStringParameterArray: - id: GoogleCloudIntegrationsV1alphaStringParameterArray - description: This message only contains a field of string array. - type: object - properties: - stringValues: - description: String array. - type: array - items: - type: string - GoogleCloudIntegrationsV1alphaIntParameterArray: - id: GoogleCloudIntegrationsV1alphaIntParameterArray - description: This message only contains a field of integer array. - type: object - properties: - intValues: - description: Integer array. - type: array - items: - type: string - format: int64 - GoogleCloudIntegrationsV1alphaDoubleParameterArray: - id: GoogleCloudIntegrationsV1alphaDoubleParameterArray - description: This message only contains a field of double number array. - type: object - properties: - doubleValues: - description: Double number array. - type: array + alertConfigs: + description: >- + Alert configurations on error rate, warning rate, number of runs, + durations, etc. items: - type: number - format: double - GoogleCloudIntegrationsV1alphaBooleanParameterArray: - id: GoogleCloudIntegrationsV1alphaBooleanParameterArray - description: This message only contains a field of boolean array. - type: object - properties: - booleanValues: - description: Boolean array. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTaskAlertConfig' type: array - items: - type: boolean - GoogleCloudIntegrationsV1alphaAccessToken: - id: GoogleCloudIntegrationsV1alphaAccessToken - description: >- - The access token represents the authorization of a specific application - to access specific parts of a user’s data. - type: object - properties: - accessToken: + parameters: + additionalProperties: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterEntry + type: object + description: The customized parameters the user can pass to this task. + position: description: >- - The access token encapsulating the security identity of a process or - thread. - type: string - accessTokenExpireTime: + Optional. Informs the front-end application where to draw this task + config on the UI. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoCoordinate' + description: description: >- - Required. The approximate time until the access token retrieved is - valid. + User-provided description intended to give more business context + about the task. type: string - format: google-datetime - tokenType: + taskSpec: description: >- - Only support "bearer" token in v1 as bearer token is the predominant - type used with OAuth 2.0. + A string template that allows user to configure task parameters + (with either literal default values or tokens which will be resolved + at execution time) for the task. It will eventually replace the old + "parameters" field. type: string - refreshToken: + label: + description: User-provided label that is attached to this TaskConfig in the UI. + type: string + conditionalFailurePolicies: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoConditionalFailurePolicies description: >- - If the access token will expire, use the refresh token to obtain - another access token. + Optional. Determines the number of times the task will be retried on + failure and with what retry strategy. This is applicable for + synchronous calls to Eventbus alone (Post). + rollbackStrategy: + description: >- + Optional. Contains information about what needs to be done upon + failure (either a permanent error or after it has been retried too + many times). + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoRollbackStrategy + taskEntity: + description: Copy of the task entity that this task config is an instance of. + $ref: '#/components/schemas/EnterpriseCrmFrontendsEventbusProtoTaskEntity' + disableStrictTypeValidation: + type: boolean + description: >- + If this config contains a TypedTask, allow validation to succeed if + an input is read from the output of another TypedTask whose output + type is declared as a superclass of the requested input type. For + instance, if the previous task declares an output of type Message, + any task with this flag enabled will pass validation when attempting + to read any proto Message type from the resultant Event parameter. + taskType: + enumDescriptions: + - Normal IP task + - Task is of As-Is Template type + - Task is of I/O template type with a different underlying task type: string - refreshTokenExpireTime: - description: The approximate time until the refresh token retrieved is valid. + description: Defines the type of the task + enum: + - TASK + - ASIS_TEMPLATE + - IO_TEMPLATE + externalTaskType: + enum: + - EXTERNAL_TASK_TYPE_UNSPECIFIED + - NORMAL_TASK + - ERROR_TASK type: string - format: google-datetime - GoogleCloudIntegrationsV1alphaOAuth2ClientCredentials: - id: GoogleCloudIntegrationsV1alphaOAuth2ClientCredentials - description: >- - For client credentials grant, the client sends a POST request with - grant_type as 'client_credentials' to the authorization server. The - authorization server will respond with a JSON object containing the - access token. + enumDescriptions: + - Default value. External task type is not specified + - Tasks belongs to the normal task flows + - Task belongs to the error catch task flows + successPolicy: + description: Determines what action to take upon successful task completion. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoSuccessPolicy' type: object + id: EnterpriseCrmFrontendsEventbusProtoTaskConfig + EnterpriseCrmEventbusProtoTaskExecutionDetailsTaskAttemptStats: + id: EnterpriseCrmEventbusProtoTaskExecutionDetailsTaskAttemptStats properties: - clientId: - description: The client's ID. - type: string - clientSecret: - description: The client's secret. + startTime: + format: int64 type: string - tokenEndpoint: description: >- - The token endpoint is used by the client to obtain an access token - by presenting its authorization grant or refresh token. - type: string - scope: - description: A space-delimited list of requested scope permissions. - type: string - tokenParams: - description: Token parameters for the auth request. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaParameterMap' - accessToken: - description: Access token fetched from the authorization server. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAccessToken' - requestType: - description: Represent how to pass parameters to fetch access token + The start time of the task execution for current attempt. This could + be in the future if it's been scheduled. + endTime: type: string - enumDescriptions: - - Unspecified request type - - To pass all the parameters in post body. - - To pass all the parameters as a part of query parameter. - - >- - To pass client id and client secret as base 64 encoding of - client_id:client_password and rest parameters in post body. - enum: - - REQUEST_TYPE_UNSPECIFIED - - REQUEST_BODY - - QUERY_PARAMETERS - - ENCODED_HEADER - GoogleCloudIntegrationsV1alphaOAuth2ResourceOwnerCredentials: - id: GoogleCloudIntegrationsV1alphaOAuth2ResourceOwnerCredentials - description: >- - For resource owner credentials grant, the client will ask the user for - their authorization credentials (ususally a username and password) and - send a POST request to the authorization server. The authorization - server will respond with a JSON object containing the access token. + format: int64 + description: The end time of the task execution for current attempt. type: object + EnterpriseCrmEventbusProtoEventExecutionDetails: properties: - clientId: - description: The client's ID. - type: string - clientSecret: - description: The client's secret. - type: string - username: - description: The user's username. - type: string - password: - description: The user's password. + eventExecutionSnapshotsSize: + description: Total size of all event_execution_snapshots for an execution type: string - tokenEndpoint: + format: int64 + ryeLockUnheldCount: + type: integer + format: int32 description: >- - The token endpoint is used by the client to obtain an access token - by presenting its authorization grant or refresh token. - type: string - scope: - description: A space-delimited list of requested scope permissions. - type: string - tokenParams: - description: Token parameters for the auth request. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaParameterMap' - accessToken: - description: Access token fetched from the authorization server. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAccessToken' - requestType: - description: Represent how to pass parameters to fetch access token + Used internally and shouldn't be exposed to users. A counter for the + cron job to record how many times this event is in in_process state + but don't have a lock consecutively/ + eventRetriesFromBeginningCount: + description: >- + Indicates the number of times the execution has restarted from the + beginning. + type: integer + format: int32 + eventExecutionState: type: string + enum: + - UNSPECIFIED + - ON_HOLD + - IN_PROCESS + - SUCCEEDED + - FAILED + - CANCELED + - RETRY_ON_HOLD + - SUSPENDED enumDescriptions: - - Unspecified request type - - To pass all the parameters in post body. - - To pass all the parameters as a part of query parameter. + - '' - >- - To pass client id and client secret as base 64 encoding of - client_id:client_password and rest parameters in post body. - enum: - - REQUEST_TYPE_UNSPECIFIED - - REQUEST_BODY - - QUERY_PARAMETERS - - ENCODED_HEADER - GoogleCloudIntegrationsV1alphaJwt: - id: GoogleCloudIntegrationsV1alphaJwt - description: >- - Represents JSON web token(JWT), which is a compact, URL-safe means of - representing claims to be transferred between two parties, enabling the - claims to be digitally signed or integrity protected. - type: object - properties: - jwtHeader: - description: Identifies which algorithm is used to generate the signature. + Event is received and waiting for the execution. This happens when + firing the event via "postToQueue" or "schedule". + - Event is under processing. + - >- + Event execution successfully finished. There's no more change + after this state. + - Event execution failed. There's no more change after this state. + - >- + Event execution canceled by user. There's no more change after + this state. + - Event execution failed and waiting for retry. + - Event execution suspended and waiting for manual intervention. + eventAttemptStats: + type: array + items: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoEventExecutionDetailsEventAttemptStats + cancelReason: type: string - jwtPayload: description: >- - Contains a set of claims. The JWT specification defines seven - Registered Claim Names which are the standard fields commonly - included in tokens. Custom claims are usually also included, - depending on the purpose of the token. + If the execution is manually canceled, this field will contain the + reason for cancellation. + eventExecutionSnapshot: + items: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoEventExecutionSnapshot + type: array + logFilePath: type: string - secret: - description: User's pre-shared secret to sign the token. + description: The log file path (aka. cns address) for this event. + nextExecutionTime: + description: >- + Next scheduled execution time in case the execution status was + RETRY_ON_HOLD. + format: int64 type: string - jwt: - description: The token calculated by the header, payload and signature. + networkAddress: + description: >- + The network address (aka. bns address) that indicates where the + event executor is running. type: string - GoogleCloudIntegrationsV1alphaAuthToken: - id: GoogleCloudIntegrationsV1alphaAuthToken + id: EnterpriseCrmEventbusProtoEventExecutionDetails + type: object description: >- - The credentials to authenticate a user agent with a server that is put - in HTTP Authorization request header. + Contains the details of the execution info of this event: this includes + the tasks execution details plus the event execution statistics. Next + available id: 12 + EnterpriseCrmEventbusProtoConnectorsGenericConnectorTaskConfig: type: object properties: - type: - description: Authentication type, e.g. "Basic", "Bearer", etc. - type: string - token: - description: The token for the auth type. + connection: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoConnectorsConnection' + description: User-selected connection. + operation: type: string - GoogleCloudIntegrationsV1alphaServiceAccountCredentials: - id: GoogleCloudIntegrationsV1alphaServiceAccountCredentials + description: Operation to perform using the configured connection. + enum: + - OPERATION_UNSPECIFIED + - EXECUTE_ACTION + - LIST_ENTITIES + - GET_ENTITY + - CREATE_ENTITY + - UPDATE_ENTITY + - DELETE_ENTITY + - EXECUTE_QUERY + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + id: EnterpriseCrmEventbusProtoConnectorsGenericConnectorTaskConfig + GoogleCloudIntegrationsV1alphaIntegrationAlertConfig: description: >- - Represents the service account which can be used to generate access - token for authenticating the service call. + Message to be used to configure custom alerting in the {@code + EventConfig} protos for an event. type: object + id: GoogleCloudIntegrationsV1alphaIntegrationAlertConfig properties: - serviceAccount: + alertThreshold: + type: integer + format: int32 description: >- - Name of the service account that has the permission to make the - request. - type: string - scope: - description: A space-delimited list of requested scope permissions. + For how many contiguous aggregation periods should the expected min + or max be violated for the alert to be fired. + displayName: + description: >- + Name of the alert. This will be displayed in the alert subject. If + set, this name should be unique within the scope of the integration. type: string - GoogleCloudIntegrationsV1alphaOidcToken: - id: GoogleCloudIntegrationsV1alphaOidcToken - description: OIDC Token - type: object - properties: - serviceAccountEmail: - description: The service account email to be used as the identity for the token. + thresholdType: type: string - audience: description: >- - Audience to be used when generating OIDC token. The audience claim - identifies the recipients that the JWT is intended for. + The threshold type, whether lower(expected_min) or + upper(expected_max), for which this alert is being configured. If + value falls below expected_min or exceeds expected_max, an alert + will be fired. + enum: + - THRESHOLD_TYPE_UNSPECIFIED + - EXPECTED_MIN + - EXPECTED_MAX + enumDescriptions: + - Default. + - >- + Note that this field will only trigger alerts if the integration + specifying it runs at least once in 24 hours (which is our + in-memory retention period for monarch streams). Also note that + `aggregation_period` for this alert configuration must be less + than 24 hours. Min value threshold. + - Max value threshold. + metricType: + enumDescriptions: + - >- + The default value. Metric type should always be set to one of the + other non-default values, otherwise it will result in an + INVALID_ARGUMENT error. + - >- + Specifies alerting on the rate of errors for the enclosing + integration. + - >- + Specifies alerting on the rate of warnings for the enclosing + integration. Warnings use the same enum values as errors. + - >- + Specifies alerting on the rate of errors for any task in the + enclosing integration. + - >- + Specifies alerting on the rate of warnings for any task in the + enclosing integration. + - >- + Specifies alerting on the rate of executions over all tasks in the + enclosing integration. + - >- + Specifies alerting on the number of events executed in the given + aggregation_period. + - >- + Specifies alerting on the average duration of executions for this + integration. + - >- + Specifies alerting on the duration value of a particular + percentile of integration executions. E.g. If 10% or more of the + integration executions have durations above 5 seconds, alert. + - >- + Specifies alerting on the average duration of any task in the + enclosing integration, + - >- + Specifies alerting on the duration value of a particular + percentile of any task executions within the enclosing + integration. E.g. If 10% or more of the task executions in the + integration have durations above 5 seconds, alert. type: string - token: - description: ID token obtained for the service account + description: The type of metric. + enum: + - METRIC_TYPE_UNSPECIFIED + - EVENT_ERROR_RATE + - EVENT_WARNING_RATE + - TASK_ERROR_RATE + - TASK_WARNING_RATE + - TASK_RATE + - EVENT_RATE + - EVENT_AVERAGE_DURATION + - EVENT_PERCENTILE_DURATION + - TASK_AVERAGE_DURATION + - TASK_PERCENTILE_DURATION + thresholdValue: + description: >- + The metric value, above or below which the alert should be + triggered. + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationAlertConfigThresholdValue + durationThreshold: + description: >- + Should be specified only for *AVERAGE_DURATION and + *PERCENTILE_DURATION metrics. This member should be used to specify + what duration value the metrics should exceed for the alert to + trigger. + format: google-duration type: string - tokenExpireTime: - description: The approximate time until the token retrieved is valid. + disableAlert: + type: boolean + description: >- + Set to false by default. When set to true, the metrics are not + aggregated or pushed to Monarch for this integration alert. + aggregationPeriod: + description: >- + The period over which the metric value should be aggregated and + evaluated. Format is , where integer should be a positive integer + and unit should be one of (s,m,h,d,w) meaning (second, minute, hour, + day, week). For an EXPECTED_MIN threshold, this aggregation_period + must be lesser than 24 hours. type: string - format: google-datetime - GoogleCloudIntegrationsV1alphaListAuthConfigsResponse: - id: GoogleCloudIntegrationsV1alphaListAuthConfigsResponse - description: Response to list AuthConfigs. + onlyFinalAttempt: + type: boolean + description: >- + For either events or tasks, depending on the type of alert, count + only final attempts, not retries. + GoogleCloudIntegrationsV1alphaOAuth2ClientCredentials: + id: GoogleCloudIntegrationsV1alphaOAuth2ClientCredentials type: object properties: - authConfigs: - description: The list of AuthConfigs retrieved. - type: array - items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' - nextPageToken: - description: The token used to retrieve the next page of results. + clientSecret: type: string - GoogleCloudIntegrationsV1alphaEnumerateConnectorPlatformRegionsResponse: - id: GoogleCloudIntegrationsV1alphaEnumerateConnectorPlatformRegionsResponse - description: Response containing all provisioned regions for Connector Platform. - type: object - properties: - regions: - description: All regions where Connector Platform is provisioned. - type: array - items: - type: string - GoogleCloudIntegrationsV1alphaListConnectionsResponse: - id: GoogleCloudIntegrationsV1alphaListConnectionsResponse - description: Response containing Connections listed by region. + description: The client's secret. + clientId: + type: string + description: The client's ID. + scope: + type: string + description: A space-delimited list of requested scope permissions. + accessToken: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAccessToken' + description: Access token fetched from the authorization server. + tokenEndpoint: + description: >- + The token endpoint is used by the client to obtain an access token + by presenting its authorization grant or refresh token. + type: string + requestType: + enumDescriptions: + - Unspecified request type + - To pass all the parameters in post body. + - To pass all the parameters as a part of query parameter. + - >- + To pass client id and client secret as base 64 encoding of + client_id:client_password and rest parameters in post body. + enum: + - REQUEST_TYPE_UNSPECIFIED + - REQUEST_BODY + - QUERY_PARAMETERS + - ENCODED_HEADER + description: Represent how to pass parameters to fetch access token + type: string + tokenParams: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaParameterMap' + description: Token parameters for the auth request. + description: >- + For client credentials grant, the client sends a POST request with + grant_type as 'client_credentials' to the authorization server. The + authorization server will respond with a JSON object containing the + access token. + EnterpriseCrmEventbusProtoFieldMappingConfig: type: object + id: EnterpriseCrmEventbusProtoFieldMappingConfig + description: >- + Field Mapping Config to map multiple output fields values from input + fields values. properties: - connections: - description: Connections. - type: array + mappedFields: items: - $ref: '#/components/schemas/GoogleCloudConnectorsV1Connection' - nextPageToken: - description: Next page token. - type: string - GoogleCloudConnectorsV1Connection: - id: GoogleCloudConnectorsV1Connection - description: Connection represents an instance of connector. - type: object + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoMappedField' + type: array + GoogleCloudIntegrationsV1alphaTemplateComponent: + description: Define the components that are present in a template. properties: name: - description: >- - Output only. Resource name of the Connection. Format: - projects/{project}/locations/{location}/connections/{connection} - readOnly: true + description: Optional. Name of the component. type: string - createTime: - description: Output only. Created time. - readOnly: true + type: + enum: + - TYPE_UNSPECIFIED + - TRIGGER + - TASK + - CONNECTOR + description: Optional. Type of the component. type: string - format: google-datetime - updateTime: - description: Output only. Updated time. - readOnly: true + enumDescriptions: + - Component type is unspecified + - Trigger component + - Task component + - Connector component + type: object + id: GoogleCloudIntegrationsV1alphaTemplateComponent + GoogleCloudConnectorsV1LogConfig: + description: Log configuration for the connection. + id: GoogleCloudConnectorsV1LogConfig + type: object + properties: + level: + description: Optional. Log configuration level. + enum: + - LOG_LEVEL_UNSPECIFIED + - ERROR + - INFO + - DEBUG type: string - format: google-datetime - labels: + enumDescriptions: + - Log level unspecified. + - Only error logs are enabled. + - Info and error logs are enabled. + - Debug and high verbosity logs are enabled. + enabled: + type: boolean description: >- - Optional. Resource labels to represent user-provided metadata. Refer - to cloud documentation on labels for more details. - https://cloud.google.com/compute/docs/labeling-resources - type: object - additionalProperties: - type: string - description: - description: Optional. Description of the resource. + Optional. Enabled represents whether logging is enabled or not for a + connection. + EnterpriseCrmEventbusProtoTaskMetadataAdmin: + id: EnterpriseCrmEventbusProtoTaskMetadataAdmin + description: >- + Admins are owners of a Task, and have all permissions on a particular + task identified by the task name. By default, Eventbus periodically + scans all task metadata and syncs (adds) any new admins defined here to + Zanzibar. + properties: + userEmail: type: string - connectorVersion: - description: >- - Required. Connector version on which the connection is created. The - format is: - projects/*/locations/*/providers/*/connectors/*/versions/* Only - global location is supported for ConnectorVersion resource. + googleGroupEmail: type: string - status: - description: Output only. Current status of the connection. - readOnly: true - $ref: '#/components/schemas/GoogleCloudConnectorsV1ConnectionStatus' - configVariables: - description: >- - Optional. Configuration for configuring the connection with an - external system. - type: array + type: object + EnterpriseCrmEventbusProtoEventBusProperties: + properties: + properties: + description: An unordered list of property entries. items: - $ref: '#/components/schemas/GoogleCloudConnectorsV1ConfigVariable' - authConfig: - description: >- - Optional. Configuration for establishing the connection's - authentication with an external system. - $ref: '#/components/schemas/GoogleCloudConnectorsV1AuthConfig' - lockConfig: - description: >- - Optional. Configuration that indicates whether or not the Connection - can be edited. - $ref: '#/components/schemas/GoogleCloudConnectorsV1LockConfig' - destinationConfigs: - description: >- - Optional. Configuration of the Connector's destination. Only - accepted for Connectors that accepts user defined destination(s). + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoPropertyEntry' type: array - items: - $ref: '#/components/schemas/GoogleCloudConnectorsV1DestinationConfig' - imageLocation: - description: >- - Output only. GCR location where the runtime image is stored. - formatted like: gcr.io/{bucketName}/{imageName} - readOnly: true - type: string - serviceAccount: - description: >- - Optional. Service account needed for runtime plane to access Google - Cloud resources. - type: string - serviceDirectory: - description: >- - Output only. The name of the Service Directory service name. Used - for Private Harpoon to resolve the ILB address. e.g. - "projects/cloud-connectors-e2e-testing/locations/us-central1/namespaces/istio-system/services/istio-ingressgateway-connectors" - readOnly: true - type: string - envoyImageLocation: - description: >- - Output only. GCR location where the envoy image is stored. formatted - like: gcr.io/{bucketName}/{imageName} - readOnly: true + type: object + id: EnterpriseCrmEventbusProtoEventBusProperties + description: >- + LINT.IfChange This message is used for storing key value pair properties + for each Event / Task in the EventBus. + EnterpriseCrmEventbusProtoExternalTraffic: + type: object + description: Represents external traffic type and id. + id: EnterpriseCrmEventbusProtoExternalTraffic + properties: + location: type: string - suspended: - description: >- - Optional. Suspended indicates if a user has suspended a connection - or not. + description: Location for the user's request. + retryRequestForQuota: + description: Enqueue the execution request due to quota issue type: boolean - nodeConfig: - description: Optional. Node configuration for the connection. - $ref: '#/components/schemas/GoogleCloudConnectorsV1NodeConfig' - logConfig: - description: Optional. Log configuration for the connection. - $ref: '#/components/schemas/GoogleCloudConnectorsV1LogConfig' - sslConfig: - description: Optional. Ssl config of a connection - $ref: '#/components/schemas/GoogleCloudConnectorsV1SslConfig' - subscriptionType: + enableInternalIp: description: >- - Output only. This subscription type enum states the subscription - type of the project. - readOnly: true + Indicates the client enables internal IP feature, this is applicable + for internal clients only. + type: boolean + gcpProjectNumber: + description: User’s GCP project number the traffic is referring to. type: string - enumDescriptions: - - Unspecified subscription type. - - PayG subscription. - - Paid Subscription. + gcpProjectId: + type: string + description: User’s GCP project id the traffic is referring to. + source: enum: - - SUBSCRIPTION_TYPE_UNSPECIFIED - - PAY_G - - PAID - connectionRevision: - description: >- - Output only. Connection revision. This field is only updated when - the connection is created or updated by User. - readOnly: true - type: string - format: int64 - eventingEnablementType: - description: >- - Optional. Eventing enablement type. Will be nil if eventing is not - enabled. + - SOURCE_UNSPECIFIED + - APIGEE + - SECURITY type: string enumDescriptions: - - Eventing Enablement Type Unspecifeied. - - Both connection and eventing. - - Only Eventing. - enum: - - EVENTING_ENABLEMENT_TYPE_UNSPECIFIED - - EVENTING_AND_CONNECTION - - ONLY_EVENTING - eventingConfig: - description: Optional. Eventing config of a connection - $ref: '#/components/schemas/GoogleCloudConnectorsV1EventingConfig' - connectorVersionLaunchStage: - description: Output only. Flag to mark the version indicating the launch stage. - readOnly: true + - '' + - '' + - '' + EnterpriseCrmFrontendsEventbusProtoTriggerConfigVariables: + properties: + names: + items: + type: string + type: array + description: Optional. List of variable names. + id: EnterpriseCrmFrontendsEventbusProtoTriggerConfigVariables + type: object + description: Variables names mapped to api trigger. + EnterpriseCrmEventbusProtoLoopMetadata: + type: object + properties: + currentIterationCount: + description: Starting from 1, not 0. type: string - enumDescriptions: - - LAUNCH_STAGE_UNSPECIFIED. - - PREVIEW. - - GA. - - DEPRECATED. - - TEST. - - PRIVATE_PREVIEW. - enum: - - LAUNCH_STAGE_UNSPECIFIED - - PREVIEW - - GA - - DEPRECATED - - TEST - - PRIVATE_PREVIEW - eventingRuntimeData: - description: Output only. Eventing Runtime Data. - readOnly: true - $ref: '#/components/schemas/GoogleCloudConnectorsV1EventingRuntimeData' - connectorVersionInfraConfig: - description: Output only. Infra configs supported by Connector Version. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudConnectorsV1ConnectorVersionInfraConfig - isTrustedTester: - description: Output only. Is trusted tester program enabled for the project. - readOnly: true - type: boolean - authOverrideEnabled: - description: >- - Optional. Auth override enabled for the connection. If Auth Override - is enabled, Connection allows the backend service auth to be - overridden in the entities/actions API. - type: boolean - billingConfig: - description: Output only. Billing config for the connection. - readOnly: true - $ref: '#/components/schemas/GoogleCloudConnectorsV1BillingConfig' - asyncOperationsEnabled: - description: >- - Optional. Async operations enabled for the connection. If Async - Operations is enabled, Connection allows the customers to initiate - async long running operations using the actions API. - type: boolean - host: + format: int64 + currentIterationDetail: description: >- - Output only. The name of the Hostname of the Service Directory - service with TLS. - readOnly: true + Needs to be set by the loop impl class before each iteration. The + abstract loop class will append the request and response to it. Eg. + The foreach Loop will clean up and set it as the current iteration + element at the start of each loop. The post request and response + will be appended to the value once they are available. type: string - tlsServiceDirectory: - description: Output only. The name of the Service Directory service with TLS. - readOnly: true + errorMsg: type: string - euaOauthAuthConfig: - description: >- - Optional. Additional Oauth2.0 Auth config for EUA. If the connection - is configured using non-OAuth authentication but OAuth needs to be - used for EUA, this field can be populated with the OAuth config. - This should be a OAuth2AuthCodeFlow Auth type only. - $ref: '#/components/schemas/GoogleCloudConnectorsV1AuthConfig' - trafficShapingConfigs: - description: Optional. Traffic shaping configuration for the connection. + description: Add the error message when loops fail. + failureLocation: + enum: + - UNKNOWN + - SUBWORKFLOW + - PARAM_OVERRIDING + - PARAM_AGGREGATING + - SETTING_ITERATION_ELEMENT + - GETTING_LIST_TO_ITERATE + - CONDITION_EVALUATION + - BUILDING_REQUEST + description: Indicates where in the loop logic did it error out. + enumDescriptions: + - No error or Unknown. + - Subworkflow failed while firing/running. + - Param overrides failed. + - Param aggregation failed. + - Setting for loop current element failed. + - Getting the list to iterate. + - Evaluating the while loop condition. + - Building the iteration request + type: string + id: EnterpriseCrmEventbusProtoLoopMetadata + EnterpriseCrmFrontendsEventbusProtoIntParameterArray: + type: object + properties: + intValues: + items: + type: string + format: int64 + type: array + id: EnterpriseCrmFrontendsEventbusProtoIntParameterArray + EnterpriseCrmEventbusProtoIntArray: + id: EnterpriseCrmEventbusProtoIntArray + properties: + values: type: array items: - $ref: '#/components/schemas/GoogleCloudConnectorsV1TrafficShapingConfig' - fallbackOnAdminCredentials: - description: >- - Optional. Fallback on admin credentials for the connection. If this - both auth_override_enabled and fallback_on_admin_credentials are set - to true, the connection will use the admin credentials if the - dynamic auth header is not present during auth override. - type: boolean - GoogleCloudConnectorsV1ConnectionStatus: - id: GoogleCloudConnectorsV1ConnectionStatus - description: ConnectionStatus indicates the state of the connection. + format: int64 + type: string + type: object + GoogleCloudIntegrationsV1alphaImportTemplateRequest: + description: Request to Import template + id: GoogleCloudIntegrationsV1alphaImportTemplateRequest type: object properties: - state: - description: State. - type: string - enumDescriptions: - - Connection does not have a state yet. - - Connection is being created. - - Connection is running and ready for requests. - - Connection is stopped. - - Connection is being deleted. - - Connection is being updated. - - Connection is not running due to an error. - - >- - Connection is not running because the authorization configuration - is not complete. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - INACTIVE - - DELETING - - UPDATING - - ERROR - - AUTHORIZATION_REQUIRED - description: - description: Description. - type: string - status: - description: Status provides detailed information for the state. + integration: type: string - GoogleCloudConnectorsV1ConfigVariable: - id: GoogleCloudConnectorsV1ConfigVariable - description: >- - ConfigVariable represents a configuration variable present in a - Connection. or AuthConfig. + description: >- + Required. Resource Name of the integration where template needs to + be imported/inserted. + subIntegrations: + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaUseTemplateRequestIntegrationDetails + type: object + description: Optional. Sub Integration which would be created via templates. + GoogleCloudIntegrationsV1alphaCloudKmsConfig: + id: GoogleCloudIntegrationsV1alphaCloudKmsConfig type: object properties: + kmsProjectId: + description: >- + Optional. The gcp project id of the project where the kms key + stored. If empty, the kms key is stored at the same project as + customer's project and ecrypted with CMEK, otherwise, the kms key is + stored in the tenant project and encrypted with GMEK + type: string + kmsRing: + description: >- + Required. A key ring organizes keys in a specific Google Cloud + location and allows you to manage access control on groups of keys. + A key ring's name does not need to be unique across a Google Cloud + project, but must be unique within a given location. + type: string key: - description: Optional. Key of the config variable. type: string - intValue: - description: Value is an integer + description: >- + Required. A Cloud KMS key is a named object containing one or more + key versions, along with metadata for the key. A key exists on + exactly one key ring tied to a specific location. + kmsLocation: + description: Required. Location name of the key ring, e.g. "us-west1". type: string - format: int64 - boolValue: - description: Value is a bool. - type: boolean - stringValue: - description: Value is a string. + keyVersion: + description: >- + Optional. Each version of a key contains key material used for + encryption or signing. A key's version is represented by an integer, + starting at 1. To decrypt data or verify a signature, you must use + the same key version that was used to encrypt or sign the data. type: string - secretValue: - description: Value is a secret. - $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' - encryptionKeyValue: - description: Value is a Encryption Key. - $ref: '#/components/schemas/GoogleCloudConnectorsV1EncryptionKey' - GoogleCloudConnectorsV1Secret: - id: GoogleCloudConnectorsV1Secret - description: Secret provides a reference to entries in Secret Manager. + description: Configuration information for Client's Cloud KMS information + GoogleCloudConnectorsV1AuthConfigOauth2AuthCodeFlow: + description: >- + Parameters to support Oauth 2.0 Auth Code Grant Authentication. See + https://www.rfc-editor.org/rfc/rfc6749#section-1.3.1 for more details. type: object + id: GoogleCloudConnectorsV1AuthConfigOauth2AuthCodeFlow properties: - secretVersion: + enablePkce: description: >- - Optional. The resource name of the secret version in the format, - format as: `projects/*/secrets/*/versions/*`. + Optional. Whether to enable PKCE when the user performs the auth + code flow. + type: boolean + authUri: type: string - GoogleCloudConnectorsV1EncryptionKey: - id: GoogleCloudConnectorsV1EncryptionKey - description: Encryption Key value. - type: object - properties: - type: - description: Type. + description: Optional. Auth URL for Authorization Code Flow + pkceVerifier: + description: Optional. PKCE verifier to be used during the auth code exchange. type: string - enumDescriptions: - - Value type is not specified. - - Google Managed. - - Customer Managed. - enum: - - TYPE_UNSPECIFIED - - GOOGLE_MANAGED - - CUSTOMER_MANAGED - kmsKeyName: + authCode: description: >- - Optional. The [KMS key name] with which the content of the Operation - is encrypted. The expected format: - `projects/*/locations/*/keyRings/*/cryptoKeys/*`. Will be empty - string if google managed. - type: string - GoogleCloudConnectorsV1AuthConfig: - id: GoogleCloudConnectorsV1AuthConfig - description: AuthConfig defines details of a authentication type. - type: object - properties: - authType: - description: Optional. The type of authentication configured. + Optional. Authorization code to be exchanged for access and refresh + tokens. type: string - enumDescriptions: - - Authentication type not specified. - - Username and Password Authentication. - - >- - JSON Web Token (JWT) Profile for Oauth 2.0 Authorization Grant - based authentication - - Oauth 2.0 Client Credentials Grant Authentication - - SSH Public Key Authentication - - Oauth 2.0 Authorization Code Flow - - Google authentication - - >- - Oauth 2.0 Authorization Code Flow with Google Provided OAuth - Client - enum: - - AUTH_TYPE_UNSPECIFIED - - USER_PASSWORD - - OAUTH2_JWT_BEARER - - OAUTH2_CLIENT_CREDENTIALS - - SSH_PUBLIC_KEY - - OAUTH2_AUTH_CODE_FLOW - - GOOGLE_AUTHENTICATION - - OAUTH2_AUTH_CODE_FLOW_GOOGLE_MANAGED - userPassword: - description: UserPassword. - $ref: '#/components/schemas/GoogleCloudConnectorsV1AuthConfigUserPassword' - oauth2JwtBearer: - description: Oauth2JwtBearer. - $ref: >- - #/components/schemas/GoogleCloudConnectorsV1AuthConfigOauth2JwtBearer - oauth2ClientCredentials: - description: Oauth2ClientCredentials. - $ref: >- - #/components/schemas/GoogleCloudConnectorsV1AuthConfigOauth2ClientCredentials - sshPublicKey: - description: SSH Public Key. - $ref: '#/components/schemas/GoogleCloudConnectorsV1AuthConfigSshPublicKey' - oauth2AuthCodeFlow: - description: Oauth2AuthCodeFlow. - $ref: >- - #/components/schemas/GoogleCloudConnectorsV1AuthConfigOauth2AuthCodeFlow - oauth2AuthCodeFlowGoogleManaged: - description: Oauth2AuthCodeFlowGoogleManaged. - $ref: >- - #/components/schemas/GoogleCloudConnectorsV1AuthConfigOauth2AuthCodeFlowGoogleManaged - additionalVariables: - description: Optional. List containing additional auth configs. - type: array + scopes: items: - $ref: '#/components/schemas/GoogleCloudConnectorsV1ConfigVariable' - authKey: - description: Optional. Identifier key for auth config - type: string - GoogleCloudConnectorsV1AuthConfigUserPassword: - id: GoogleCloudConnectorsV1AuthConfigUserPassword - description: Parameters to support Username and Password Authentication. - type: object - properties: - username: - description: Optional. Username. + type: string + description: >- + Optional. Scopes the connection will request when the user performs + the auth code flow. + type: array + redirectUri: + description: Optional. Redirect URI to be provided during the auth code exchange. type: string - password: - description: Optional. Secret version reference containing the password. + clientSecret: + description: Optional. Client secret for user-provided OAuth app. $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' - GoogleCloudConnectorsV1AuthConfigOauth2JwtBearer: - id: GoogleCloudConnectorsV1AuthConfigOauth2JwtBearer - description: >- - Parameters to support JSON Web Token (JWT) Profile for Oauth 2.0 - Authorization Grant based authentication. See - https://tools.ietf.org/html/rfc7523 for more details. - type: object + clientId: + type: string + description: Optional. Client ID for user-provided OAuth app. + EnterpriseCrmEventbusProtoParamSpecEntryProtoDefinition: properties: - clientKey: + path: + description: Path to the proto file that contains the message type's definition. + type: string + fullName: description: >- - Optional. Secret version reference containing a PKCS#8 PEM-encoded - private key associated with the Client Certificate. This private key - will be used to sign JWTs used for the jwt-bearer authorization - grant. Specified in the form as: `projects/*/secrets/*/versions/*`. - $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' - jwtClaims: - description: Optional. JwtClaims providers fields to generate the token. - $ref: >- - #/components/schemas/GoogleCloudConnectorsV1AuthConfigOauth2JwtBearerJwtClaims - GoogleCloudConnectorsV1AuthConfigOauth2JwtBearerJwtClaims: - id: GoogleCloudConnectorsV1AuthConfigOauth2JwtBearerJwtClaims - description: JWT claims used for the jwt-bearer authorization grant. + The fully-qualified proto name. This message, for example, would be + "enterprise.crm.eventbus.proto.ParamSpecEntry.ProtoDefinition". + type: string type: object + id: EnterpriseCrmEventbusProtoParamSpecEntryProtoDefinition + GoogleCloudIntegrationsV1alphaSuspensionAudit: properties: - issuer: - description: Optional. Value for the "iss" claim. - type: string - subject: - description: Optional. Value for the "sub" claim. + resolveTime: + format: google-datetime + description: Time at which this suspension was resolved. type: string - audience: - description: Optional. Value for the "aud" claim. + resolver: + description: Email address of the person who resolved this suspension. type: string - GoogleCloudConnectorsV1AuthConfigOauth2ClientCredentials: - id: GoogleCloudConnectorsV1AuthConfigOauth2ClientCredentials - description: >- - Parameters to support Oauth 2.0 Client Credentials Grant Authentication. - See https://tools.ietf.org/html/rfc6749#section-1.3.4 for more details. + description: Contains when and by whom the suspension was resolved. type: object - properties: - clientId: - description: Optional. The client identifier. - type: string - clientSecret: - description: Optional. Secret version reference containing the client secret. - $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' - GoogleCloudConnectorsV1AuthConfigSshPublicKey: - id: GoogleCloudConnectorsV1AuthConfigSshPublicKey - description: Parameters to support Ssh public key Authentication. + id: GoogleCloudIntegrationsV1alphaSuspensionAudit + EnterpriseCrmEventbusProtoMappedField: + description: Mapped field is a pair of input field and output field. type: object + id: EnterpriseCrmEventbusProtoMappedField properties: - username: - description: Optional. The user account used to authenticate. - type: string - sshClientCert: - description: >- - Optional. SSH Client Cert. It should contain both public and private - key. - $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' - certType: - description: Optional. Format of SSH Client cert. - type: string - sshClientCertPass: - description: >- - Optional. Password (passphrase) for ssh client certificate if it has - one. - $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' - GoogleCloudConnectorsV1AuthConfigOauth2AuthCodeFlow: - id: GoogleCloudConnectorsV1AuthConfigOauth2AuthCodeFlow - description: >- - Parameters to support Oauth 2.0 Auth Code Grant Authentication. See - https://www.rfc-editor.org/rfc/rfc6749#section-1.3.1 for more details. + inputField: + description: The input field being mapped from. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoField' + outputField: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoField' + description: The output field being mapped to. + GoogleCloudIntegrationsV1alphaCreateCloudFunctionResponse: type: object properties: - authCode: - description: >- - Optional. Authorization code to be exchanged for access and refresh - tokens. - type: string - pkceVerifier: - description: Optional. PKCE verifier to be used during the auth code exchange. - type: string - redirectUri: - description: Optional. Redirect URI to be provided during the auth code exchange. - type: string - clientId: - description: Optional. Client ID for user-provided OAuth app. + triggerUrl: + description: The trigger url that will be returned type: string - clientSecret: - description: Optional. Client secret for user-provided OAuth app. - $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' - scopes: + description: Response for Creating Cloud Function rpc call. + id: GoogleCloudIntegrationsV1alphaCreateCloudFunctionResponse + GoogleCloudIntegrationsV1alphaConditionalFailurePolicies: + properties: + failurePolicies: description: >- - Optional. Scopes the connection will request when the user performs - the auth code flow. + The list of failure policies that will be applied to the task in + order. type: array items: - type: string - enablePkce: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaFailurePolicy' + defaultFailurePolicy: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaFailurePolicy' description: >- - Optional. Whether to enable PKCE when the user performs the auth - code flow. - type: boolean - authUri: - description: Optional. Auth URL for Authorization Code Flow - type: string - GoogleCloudConnectorsV1AuthConfigOauth2AuthCodeFlowGoogleManaged: - id: GoogleCloudConnectorsV1AuthConfigOauth2AuthCodeFlowGoogleManaged - description: >- - Parameters to support Oauth 2.0 Auth Code Grant Authentication using - Google Provided OAuth Client. See - https://tools.ietf.org/html/rfc6749#section-1.3.1 for more details. + The default failure policy to be applied if no conditional failure + policy matches. + id: GoogleCloudIntegrationsV1alphaConditionalFailurePolicies + description: Conditional task failur retry strategies + type: object + EnterpriseCrmEventbusProtoStringArrayFunction: type: object properties: - authCode: - description: >- - Optional. Authorization code to be exchanged for access and refresh - tokens. - type: string - redirectUri: - description: Optional. Redirect URI to be provided during the auth code exchange. - type: string + functionName: + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + enum: + - UNSPECIFIED + - GET + - APPEND + - SIZE + - TO_SET + - APPEND_ALL + - TO_JSON + - SET + - REMOVE + - REMOVE_AT + - CONTAINS + - FOR_EACH + - FILTER + type: string + id: EnterpriseCrmEventbusProtoStringArrayFunction + GoogleCloudIntegrationsV1alphaListIntegrationsResponse: + id: GoogleCloudIntegrationsV1alphaListIntegrationsResponse + description: Response for ListIntegrations. + type: object + properties: + integrations: + type: array + items: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaIntegration' + description: The integrations which match the request. + nextPageToken: + description: The next page token for the response. + type: string + GoogleCloudConnectorsV1AuthConfigOauth2AuthCodeFlowGoogleManaged: + description: >- + Parameters to support Oauth 2.0 Auth Code Grant Authentication using + Google Provided OAuth Client. See + https://tools.ietf.org/html/rfc6749#section-1.3.1 for more details. + id: GoogleCloudConnectorsV1AuthConfigOauth2AuthCodeFlowGoogleManaged + type: object + properties: + authCode: + description: >- + Optional. Authorization code to be exchanged for access and refresh + tokens. + type: string + redirectUri: + description: Optional. Redirect URI to be provided during the auth code exchange. + type: string scopes: description: >- Required. Scopes the connection will request when the user performs @@ -1790,709 +1698,556 @@ components: type: array items: type: string - GoogleCloudConnectorsV1LockConfig: - id: GoogleCloudConnectorsV1LockConfig - description: >- - Determines whether or no a connection is locked. If locked, a reason - must be specified. + EnterpriseCrmEventbusProtoNextTeardownTask: type: object properties: - locked: - description: Optional. Indicates whether or not the connection is locked. - type: boolean - reason: - description: Optional. Describes why a connection is locked. + name: + description: Required. Name of the next teardown task. type: string - GoogleCloudConnectorsV1DestinationConfig: - id: GoogleCloudConnectorsV1DestinationConfig - description: Define the Connectors target endpoint. + id: EnterpriseCrmEventbusProtoNextTeardownTask + description: >- + The teardown task that is next in line to be executed. We support only + sequential execution of teardown tasks (i.e. no branching). + GoogleCloudIntegrationsV1alphaExecuteIntegrationsResponse: type: object + description: The response for executing an integration. + id: GoogleCloudIntegrationsV1alphaExecuteIntegrationsResponse properties: - key: - description: >- - The key is the destination identifier that is supported by the - Connector. - type: string - destinations: - description: The destinations for the key. + executionFailed: + deprecated: true + type: boolean + description: Is true if any execution in the integration failed. False otherwise. + eventParameters: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters + deprecated: true + description: Details for the integration that were executed. + parameterEntries: type: array - items: - $ref: '#/components/schemas/GoogleCloudConnectorsV1Destination' - GoogleCloudConnectorsV1Destination: - id: GoogleCloudConnectorsV1Destination - type: object - properties: - serviceAttachment: description: >- - PSC service attachments. Format: - projects/*/regions/*/serviceAttachments/* + Parameters are a part of Event and can be used to communicate + between different tasks that are part of the same integration + execution. + items: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterEntry deprecated: true + executionId: + description: The id of the execution corresponding to this run of integration. type: string - host: - description: For publicly routable host. + outputParameters: + description: >- + OUTPUT parameters in format of Map. Where Key is the name of the + parameter. Note: Name of the system generated parameters are wrapped + by backtick(`) to distinguish them from the user defined parameters. + additionalProperties: + type: any + description: Properties of the object. + type: object + parameters: + type: object + description: Optional. OUTPUT parameters from integration execution. + additionalProperties: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' + EnterpriseCrmEventbusProtoEventExecutionDetailsEventAttemptStats: + properties: + startTime: type: string - port: + format: int64 description: >- - The port is the target port number that is accepted by the - destination. - type: integer - format: int32 - GoogleCloudConnectorsV1NodeConfig: - id: GoogleCloudConnectorsV1NodeConfig - description: Node configuration for the connection. + The start time of the event execution for current attempt. This + could be in the future if it's been scheduled. + endTime: + description: The end time of the event execution for current attempt. + type: string + format: int64 + id: EnterpriseCrmEventbusProtoEventExecutionDetailsEventAttemptStats type: object - properties: - minNodeCount: - description: Optional. Minimum number of nodes in the runtime nodes. - type: integer - format: int32 - maxNodeCount: - description: Optional. Maximum number of nodes in the runtime nodes. - type: integer - format: int32 - GoogleCloudConnectorsV1LogConfig: - id: GoogleCloudConnectorsV1LogConfig - description: Log configuration for the connection. + EnterpriseCrmEventbusProtoSerializedObjectParameter: type: object + id: EnterpriseCrmEventbusProtoSerializedObjectParameter properties: - enabled: - description: >- - Optional. Enabled represents whether logging is enabled or not for a - connection. - type: boolean - level: - description: Optional. Log configuration level. + objectValue: + format: byte type: string + EnterpriseCrmFrontendsEventbusProtoTaskEntity: + properties: + disabledForVpcSc: + description: True if the task has conflict with vpcsc + type: boolean + paramSpecs: + description: >- + Declarations for inputs/outputs for a TypedTask. This is also + associated with the METADATA mask. + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParamSpecsMessage + metadata: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTaskMetadata' + description: Metadata inclueds the task name, author and so on. + stats: + description: Deprecated - statistics from the Monarch query. + $ref: '#/components/schemas/EnterpriseCrmEventbusStats' + deprecated: true + taskType: enumDescriptions: - - Log level unspecified. - - Only error logs are enabled. - - Info and error logs are enabled. - - Debug and high verbosity logs are enabled. + - Normal IP task + - Task is of As-Is Template type + - Task is of I/O template type with a different underlying task + type: string + description: Defines the type of the task enum: - - LOG_LEVEL_UNSPECIFIED - - ERROR - - INFO - - DEBUG - GoogleCloudConnectorsV1SslConfig: - id: GoogleCloudConnectorsV1SslConfig - description: SSL Configuration of a connection + - TASK + - ASIS_TEMPLATE + - IO_TEMPLATE + uiConfig: + description: >- + UI configuration for this task Also associated with the METADATA + mask. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTaskUiConfig' + description: >- + Contains a task's metadata and associated information. Next available + id: 7 + id: EnterpriseCrmFrontendsEventbusProtoTaskEntity + type: object + EnterpriseCrmEventbusProtoBaseValue: + id: EnterpriseCrmEventbusProtoBaseValue type: object properties: - type: - description: Optional. Controls the ssl type for the given connector version. - type: string - enumDescriptions: - - No SSL configuration required. - - TLS Handshake - - mutual TLS (MTLS) Handshake - enum: - - SSL_TYPE_UNSPECIFIED - - TLS - - MTLS - trustModel: - description: Optional. Trust Model of the SSL connection + referenceValue: + description: Start with a reference value to dereference. type: string - enumDescriptions: - - Public Trust Model. Takes the Default Java trust store. - - Private Trust Model. Takes custom/private trust store. - - Insecure Trust Model. Accept all certificates. - enum: - - PUBLIC - - PRIVATE - - INSECURE - privateServerCertificate: + baseFunction: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoFunction' description: >- - Optional. Private Server Certificate. Needs to be specified if trust - model is `PRIVATE`. - $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' - clientCertificate: - description: Optional. Client Certificate - $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' - clientPrivateKey: - description: Optional. Client Private Key - $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' - clientPrivateKeyPass: - description: >- - Optional. Secret containing the passphrase protecting the Client - Private Key - $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' - serverCertType: - description: Optional. Type of Server Cert (PEM/JKS/.. etc.) - type: string - enumDescriptions: - - Cert type unspecified. - - Privacy Enhanced Mail (PEM) Type - enum: - - CERT_TYPE_UNSPECIFIED - - PEM - clientCertType: - description: Optional. Type of Client Cert (PEM/JKS/.. etc.) - type: string - enumDescriptions: - - Cert type unspecified. - - Privacy Enhanced Mail (PEM) Type - enum: - - CERT_TYPE_UNSPECIFIED - - PEM - useSsl: - description: Optional. Bool for enabling SSL - type: boolean - additionalVariables: - description: Optional. Additional SSL related field values + Start with a function that does not build on existing values. Eg. + CurrentTime, Min, Max, Exists, etc. + literalValue: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterValueType' + description: Start with a literal value. + EnterpriseCrmEventbusProtoCombinedCondition: + deprecated: true + id: EnterpriseCrmEventbusProtoCombinedCondition + properties: + conditions: + description: A set of individual constituent conditions. type: array items: - $ref: '#/components/schemas/GoogleCloudConnectorsV1ConfigVariable' - GoogleCloudConnectorsV1EventingConfig: - id: GoogleCloudConnectorsV1EventingConfig - description: 'Eventing Configuration of a connection next: 19' + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoCondition' type: object + description: >- + This message recursively combines constituent conditions using logical + AND. + GoogleCloudIntegrationsV1alphaOAuth2AuthorizationCode: + type: object + id: GoogleCloudIntegrationsV1alphaOAuth2AuthorizationCode properties: - registrationDestinationConfig: - description: Optional. Registration endpoint for auto registration. - $ref: '#/components/schemas/GoogleCloudConnectorsV1DestinationConfig' - authConfig: - description: Optional. Auth details for the webhook adapter. - $ref: '#/components/schemas/GoogleCloudConnectorsV1AuthConfig' - listenerAuthConfig: - description: Optional. Auth details for the event listener. - $ref: '#/components/schemas/GoogleCloudConnectorsV1AuthConfig' - additionalVariables: - description: Optional. Additional eventing related field values - type: array - items: - $ref: '#/components/schemas/GoogleCloudConnectorsV1ConfigVariable' - enrichmentEnabled: - description: Optional. Enrichment Enabled. - type: boolean - privateConnectivityEnabled: - description: Optional. Private Connectivity Enabled. + tokenEndpoint: + type: string + description: The token url endpoint to send the token request to. + clientSecret: + description: The client's secret. + type: string + requestType: + enum: + - REQUEST_TYPE_UNSPECIFIED + - REQUEST_BODY + - QUERY_PARAMETERS + - ENCODED_HEADER + enumDescriptions: + - Unspecified request type + - To pass all the parameters in post body. + - To pass all the parameters as a part of query parameter. + - >- + To pass client id and client secret as base 64 encoding of + client_id:client_password and rest parameters in post body. + description: Represent how to pass parameters to fetch access token + type: string + tokenParams: + description: The token parameters sent along with the token request. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaParameterMap' + applyReauthPolicy: type: boolean - eventsListenerIngressEndpoint: description: >- - Optional. Ingress endpoint of the event listener. This is used only - when private connectivity is enabled. + Indicates if the user has opted in Google Reauth Policy. If opted + in, the refresh token will be valid for 20 hours, after which time + users must re-authenticate in order to obtain a new one. + authParams: + description: The auth parameters sent along with the auth code request. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaParameterMap' + authCode: + description: The Auth Code that is used to initially retrieve the access token. type: string - deadLetterConfig: - description: Optional. Dead letter configuration for eventing of a connection. - $ref: >- - #/components/schemas/GoogleCloudConnectorsV1EventingConfigDeadLetterConfig - proxyDestinationConfig: - description: Optional. Proxy for Eventing auto-registration. - $ref: '#/components/schemas/GoogleCloudConnectorsV1DestinationConfig' - enrichmentConfig: - description: Optional. Data enrichment configuration. - $ref: '#/components/schemas/GoogleCloudConnectorsV1EnrichmentConfig' - sslConfig: - description: Optional. Ssl config of a connection - $ref: '#/components/schemas/GoogleCloudConnectorsV1SslConfig' - privateConnectivityAllowlistedProjects: - description: >- - Optional. List of projects to be allowlisted for the service - attachment created in the tenant project for eventing ingress. - type: array - items: - type: string - GoogleCloudConnectorsV1EventingConfigDeadLetterConfig: - id: GoogleCloudConnectorsV1EventingConfigDeadLetterConfig - description: Dead Letter configuration details provided by the user. - type: object - properties: - topic: - description: Optional. Topic to push events which couldn't be processed. + scope: type: string - projectId: - description: Optional. Project which has the topic given. + description: A space-delimited list of requested scope permissions. + clientId: + description: The client's id. type: string - GoogleCloudConnectorsV1EnrichmentConfig: - id: GoogleCloudConnectorsV1EnrichmentConfig - description: Data enrichment configuration. - type: object - properties: - appendAcl: - description: Optional. Append ACL to the event. - type: boolean - GoogleCloudConnectorsV1EventingRuntimeData: - id: GoogleCloudConnectorsV1EventingRuntimeData + authEndpoint: + type: string + description: The auth url endpoint to send the auth code request to. + accessToken: + description: The access token received from the token endpoint. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAccessToken' description: >- - Eventing runtime data has the details related to eventing managed by the - system. - type: object + The OAuth Type where the client sends request with the client id and + requested scopes to auth endpoint. User sees a consent screen and auth + code is received at specified redirect url afterwards. The auth code is + then combined with the client id and secret and sent to the token + endpoint in exchange for the access and refresh token. The refresh token + can be used to fetch new access tokens. + GoogleCloudIntegrationsV1alphaTestCase: + description: >- + Defines the functional test case for Application Integration. Next + available id: 15 + id: GoogleCloudIntegrationsV1alphaTestCase properties: - status: - description: Output only. Current status of eventing. - readOnly: true - $ref: '#/components/schemas/GoogleCloudConnectorsV1EventingStatus' - eventsListenerEndpoint: - description: >- - Output only. Events listener endpoint. The value will populated - after provisioning the events listener. - readOnly: true + databasePersistencePolicy: type: string - eventsListenerPscSa: + enum: + - DATABASE_PERSISTENCE_POLICY_UNSPECIFIED + - DATABASE_PERSISTENCE_DISABLED + - DATABASE_PERSISTENCE_ASYNC description: >- - Output only. Events listener PSC Service attachment. The value will - be populated after provisioning the events listener with private - connectivity enabled. - readOnly: true + Optional. Various policies for how to persist the test execution + info including execution info, execution export info, execution + metadata index and execution param index.. + enumDescriptions: + - Enables persistence for all execution data. + - Disables persistence for all execution data. + - Asynchronously persist all execution data. + createTime: type: string - webhookData: - description: Output only. Webhook data. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudConnectorsV1EventingRuntimeDataWebhookData - webhookSubscriptions: - description: Output only. Webhook subscriptions. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudConnectorsV1EventingRuntimeDataWebhookSubscriptions - GoogleCloudConnectorsV1EventingStatus: - id: GoogleCloudConnectorsV1EventingStatus - description: EventingStatus indicates the state of eventing. - type: object - properties: - state: - description: Output only. State. - readOnly: true + description: Auto-generated. + format: google-datetime + triggerId: + description: >- + Required. This defines the trigger ID in workflow which is + considered to be executed as starting point of the test case type: string - enumDescriptions: - - Default state. - - Eventing is enabled and ready to receive events. - - Eventing is not active due to an error. - - Ingress endpoint required. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - ERROR - - INGRESS_ENDPOINT_REQUIRED description: - description: Output only. Description of error if State is set to "ERROR". - readOnly: true + description: Optional. Description of the test case. type: string - GoogleCloudConnectorsV1EventingRuntimeDataWebhookData: - id: GoogleCloudConnectorsV1EventingRuntimeDataWebhookData - description: WebhookData has details of webhook configuration. - type: object - properties: name: - description: Output only. Name of the Webhook - readOnly: true + description: Output only. Auto-generated primary key. type: string - id: - description: Output only. ID to uniquely identify webhook. readOnly: true + displayName: + description: Required. The display name of test case. type: string - additionalVariables: - description: Output only. Additional webhook related field values. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudConnectorsV1ConfigVariable' - createTime: - description: Output only. Timestamp when the webhook was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when the webhook was last updated. - readOnly: true + triggerConfig: + description: Optional. Auto-generated. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTriggerConfig' + lockHolderEmail: + description: >- + Optional. The edit lock holder's email address. Generated based on + the End User Credentials/LOAS role of the user making the call. type: string - format: google-datetime - nextRefreshTime: + creatorEmail: description: >- - Output only. Next webhook refresh time. Will be null if refresh is - not supported. - readOnly: true + Optional. The creator's email address. Generated based on the End + User Credentials/LOAS role of the user making the call. type: string - format: google-datetime - GoogleCloudConnectorsV1EventingRuntimeDataWebhookSubscriptions: - id: GoogleCloudConnectorsV1EventingRuntimeDataWebhookSubscriptions - description: WebhookSubscriptions has details of webhook subscriptions. - type: object - properties: - webhookData: - description: Output only. Webhook data. - readOnly: true + lastModifierEmail: + type: string + description: >- + The last modifier's email address. Generated based on the End User + Credentials/LOAS role of the user making the call. + testTaskConfigs: type: array items: - $ref: >- - #/components/schemas/GoogleCloudConnectorsV1EventingRuntimeDataWebhookData - GoogleCloudConnectorsV1ConnectorVersionInfraConfig: - id: GoogleCloudConnectorsV1ConnectorVersionInfraConfig - description: >- - This configuration provides infra configs like rate limit threshold - which need to be configurable for every connector version - type: object - properties: - ratelimitThreshold: - description: >- - Output only. Max QPS supported by the connector version before - throttling of requests. - readOnly: true - type: string - format: int64 - internalclientRatelimitThreshold: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestTaskConfig' description: >- - Output only. Max QPS supported for internal requests originating - from Connd. - readOnly: true - type: string - format: int64 - hpaConfig: - description: Output only. HPA autoscaling config. - readOnly: true - $ref: '#/components/schemas/GoogleCloudConnectorsV1HPAConfig' - resourceRequests: - description: Output only. System resource requests. - readOnly: true - $ref: '#/components/schemas/GoogleCloudConnectorsV1ResourceRequests' - resourceLimits: - description: Output only. System resource limits. - readOnly: true - $ref: '#/components/schemas/GoogleCloudConnectorsV1ResourceLimits' - sharedDeployment: - description: Output only. The name of shared connector deployment. - readOnly: true + Optional. However, the test case doesn't mock or assert anything + without test_task_configs. + updateTime: + format: google-datetime type: string - connectionRatelimitWindowSeconds: + description: Auto-generated. + testInputParameters: + items: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationParameter + type: array description: >- - Output only. The window used for ratelimiting runtime requests to - connections. - readOnly: true - type: string - format: int64 - deploymentModel: - description: Output only. Indicates whether connector is deployed on GKE/CloudRun - readOnly: true - type: string - enumDescriptions: - - Deployment model is not specified. - - Default model gke mst. - - Cloud run mst. - enum: - - DEPLOYMENT_MODEL_UNSPECIFIED - - GKE_MST - - CLOUD_RUN_MST - deploymentModelMigrationState: - description: Output only. Status of the deployment model migration. - readOnly: true - type: string - enumDescriptions: - - Deployment model migration state is not specified. - - Deployment model migration is in progress. - - Deployment model migration is completed. - - Deployment model migration rolledback. - - Deployment model migration rollback in progress. - enum: - - DEPLOYMENT_MODEL_MIGRATION_STATE_UNSPECIFIED - - IN_PROGRESS - - COMPLETED - - ROLLEDBACK - - ROLLBACK_IN_PROGRESS - maxInstanceRequestConcurrency: - description: Output only. Max instance request concurrency. - readOnly: true - type: integer - format: int32 - tlsMigrationState: - description: Output only. Status of the TLS migration. - readOnly: true - type: string - enumDescriptions: - - TLS migration state is not specified. - - TLS migration is in progress. - - TLS migration is completed. - enum: - - TLS_MIGRATION_STATE_UNSPECIFIED - - TLS_MIGRATION_NOT_STARTED - - TLS_MIGRATION_COMPLETED - GoogleCloudConnectorsV1HPAConfig: - id: GoogleCloudConnectorsV1HPAConfig - description: Autoscaling config for connector deployment system metrics. + Optional. Parameters that are expected to be passed to the test case + when the test case is triggered. This gives the user the ability to + provide default values. This should include all the output variables + of the trigger as input variables. type: object - properties: - cpuUtilizationThreshold: - description: Output only. Percent CPU utilization where HPA triggers autoscaling. - readOnly: true - type: string - format: int64 - memoryUtilizationThreshold: - description: >- - Output only. Percent Memory utilization where HPA triggers - autoscaling. - readOnly: true - type: string - format: int64 GoogleCloudConnectorsV1ResourceRequests: id: GoogleCloudConnectorsV1ResourceRequests description: Resource requests defined for connection pods of a given connector type. type: object properties: cpu: + type: string description: Output only. CPU request. readOnly: true - type: string memory: description: Output only. Memory request. - readOnly: true - type: string - GoogleCloudConnectorsV1ResourceLimits: - id: GoogleCloudConnectorsV1ResourceLimits - description: Resource limits defined for connection pods of a given connector type. - type: object - properties: - cpu: - description: Output only. CPU limit. - readOnly: true type: string - memory: - description: Output only. Memory limit. readOnly: true - type: string - GoogleCloudConnectorsV1BillingConfig: - id: GoogleCloudConnectorsV1BillingConfig - description: Billing config for the connection. - type: object + GoogleCloudConnectorsV1EncryptionKey: + description: Encryption Key value. + id: GoogleCloudConnectorsV1EncryptionKey properties: - billingCategory: - description: Output only. Billing category for the connector. - readOnly: true + type: + description: Type. type: string - enumDescriptions: - - Billing category is not specified. - - GCP/Technical connector. - - Non-GCP connector. enum: - - BILLING_CATEGORY_UNSPECIFIED - - GCP_AND_TECHNICAL_CONNECTOR - - NON_GCP_CONNECTOR - GoogleCloudConnectorsV1TrafficShapingConfig: - id: GoogleCloudConnectorsV1TrafficShapingConfig - description: >- - * TrafficShapingConfig defines the configuration for shaping API traffic - by specifying a quota limit and the duration over which this limit is - enforced. This configuration helps to control and manage the rate at - which API calls are made on the client side, preventing service overload - on the backend. For example: - if the quota limit is 100 calls per 10 - seconds, then the message would be: { quota_limit: 100 duration: { - seconds: 10 } } - if the quota limit is 100 calls per 5 minutes, then - the message would be: { quota_limit: 100 duration: { seconds: 300 } } - - if the quota limit is 10000 calls per day, then the message would be: { - quota_limit: 10000 duration: { seconds: 86400 } and so on. - type: object - properties: - quotaLimit: - description: Required. Maximum number of api calls allowed. - type: string - format: int64 - duration: + - TYPE_UNSPECIFIED + - GOOGLE_MANAGED + - CUSTOMER_MANAGED + enumDescriptions: + - Value type is not specified. + - Google Managed. + - Customer Managed. + kmsKeyName: description: >- - Required. * The duration over which the API call quota limits are - calculated. This duration is used to define the time window for - evaluating if the number of API calls made by a user is within the - allowed quota limits. For example: - To define a quota sampled over - 16 seconds, set `seconds` to 16 - To define a quota sampled over 5 - minutes, set `seconds` to 300 (5 * 60) - To define a quota sampled - over 1 day, set `seconds` to 86400 (24 * 60 * 60) and so on. It is - important to note that this duration is not the time the quota is - valid for, but rather the time window over which the quota is - evaluated. For example, if the quota is 100 calls per 10 seconds, - then this duration field would be set to 10 seconds. + Optional. The [KMS key name] with which the content of the Operation + is encrypted. The expected format: + `projects/*/locations/*/keyRings/*/cryptoKeys/*`. Will be empty + string if google managed. type: string - format: google-duration - GoogleCloudIntegrationsV1alphaConnectionSchemaMetadata: - id: GoogleCloudIntegrationsV1alphaConnectionSchemaMetadata - description: Metadata of runtime connection schema. type: object - properties: - entities: - description: List of entity names. - type: array - items: - type: string - actions: - description: List of actions. - type: array - items: - type: string - GoogleCloudIntegrationsV1alphaListRuntimeEntitySchemasResponse: - id: GoogleCloudIntegrationsV1alphaListRuntimeEntitySchemasResponse - description: Response for listing RuntimeEntitySchemas for a specific Connection. + GoogleCloudIntegrationsV1alphaGenerateOpenApiSpecRequest: + description: Request for GenerateOpenApiSpec. + id: GoogleCloudIntegrationsV1alphaGenerateOpenApiSpecRequest type: object properties: - runtimeEntitySchemas: - description: Runtime entity schemas. - type: array + fileFormat: + description: Required. File format for generated spec. + enumDescriptions: + - Unspecified file format + - JSON File Format + - YAML File Format + enum: + - FILE_FORMAT_UNSPECIFIED + - JSON + - YAML + type: string + apiTriggerResources: items: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaRuntimeEntitySchema - nextPageToken: - description: Next page token. - type: string - GoogleCloudIntegrationsV1alphaRuntimeEntitySchema: - id: GoogleCloudIntegrationsV1alphaRuntimeEntitySchema - description: Metadata of an entity, including a schema for its properties. - type: object + #/components/schemas/GoogleCloudIntegrationsV1alphaApiTriggerResource + type: array + description: Required. List of api triggers + EnterpriseCrmEventbusProtoJsonFunction: + id: EnterpriseCrmEventbusProtoJsonFunction properties: - entity: - description: Name of the entity. - type: string - fieldSchema: - description: List of fields in the entity. - type: string - arrayFieldSchema: - description: The above schema, but for an array of the associated entity. + functionName: type: string - GoogleCloudIntegrationsV1alphaListRuntimeActionSchemasResponse: - id: GoogleCloudIntegrationsV1alphaListRuntimeActionSchemasResponse - description: Response for listing RuntimeActionSchemas for a specific Connection. + enum: + - UNSPECIFIED + - GET_PROPERTY + - GET_ELEMENT + - APPEND_ELEMENT + - SIZE + - SET_PROPERTY + - FLATTEN + - FLATTEN_ONCE + - MERGE + - TO_STRING + - TO_INT + - TO_DOUBLE + - TO_BOOLEAN + - TO_PROTO + - TO_STRING_ARRAY + - TO_INT_ARRAY + - TO_DOUBLE_ARRAY + - TO_PROTO_ARRAY + - TO_BOOLEAN_ARRAY + - REMOVE_PROPERTY + - RESOLVE_TEMPLATE + - EQUALS + - FOR_EACH + - FILTER_ELEMENTS + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + type: object + GoogleCloudIntegrationsV1alphaTemplateBundle: + id: GoogleCloudIntegrationsV1alphaTemplateBundle type: object + description: Define the bundle of the template. properties: - runtimeActionSchemas: - description: Runtime action schemas. + integrationVersionTemplate: + description: Required. Main integration templates of the template bundle. + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersionTemplate + subIntegrationVersionTemplates: + description: >- + Optional. Sub integration templates which would be added along with + main integration. type: array items: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaRuntimeActionSchema - nextPageToken: - description: Next page token. - type: string - GoogleCloudIntegrationsV1alphaRuntimeActionSchema: - id: GoogleCloudIntegrationsV1alphaRuntimeActionSchema - description: Metadata of an action, including schemas for its inputs and outputs. - type: object + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersionTemplate + EnterpriseCrmEventbusProtoFunctionType: properties: - action: - description: Name of the action. - type: string - inputSchema: - description: Input parameter schema for the action. - type: string - outputSchema: - description: Output parameter schema for the action. - type: string - GoogleCloudIntegrationsV1alphaListIntegrationVersionsResponse: - id: GoogleCloudIntegrationsV1alphaListIntegrationVersionsResponse - description: Response for ListIntegrationVersions. + protoArrayFunction: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoProtoArrayFunction' + baseFunction: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoBaseFunction' + description: LINT.IfChange + jsonFunction: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoJsonFunction' + booleanArrayFunction: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoBooleanArrayFunction' + doubleFunction: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoDoubleFunction' + doubleArrayFunction: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoDoubleArrayFunction' + booleanFunction: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoBooleanFunction' + stringFunction: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoStringFunction' + intFunction: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoIntFunction' + protoFunction: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoProtoFunction' + stringArrayFunction: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoStringArrayFunction' + intArrayFunction: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoIntArrayFunction' type: object + id: EnterpriseCrmEventbusProtoFunctionType + EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumList: + description: List of error enums for alerts. properties: - integrationVersions: - description: The integrations which match the request. + enumStrings: type: array items: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + type: string + filterType: + enumDescriptions: + - '' + - '' type: string - noPermission: - description: Whether the user has no permission on the version or not. - type: boolean - GoogleCloudIntegrationsV1alphaIntegrationVersion: - id: GoogleCloudIntegrationsV1alphaIntegrationVersion - description: The integration version definition. + enum: + - DEFAULT_INCLUSIVE + - EXCLUSIVE + id: EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumList + type: object + GoogleCloudIntegrationsV1alphaSuspension: type: object properties: - name: - description: Output only. Auto-generated primary key. - readOnly: true - type: string - description: - description: Optional. The integration description. + approvalConfig: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaSuspensionApprovalConfig + description: >- + Controls the notifications and approval permissions for this + suspension. + integration: type: string - taskConfigsInternal: + description: Required. The name of the originating integration. + suspensionConfig: description: >- - Optional. Task configuration for the integration. It's optional, but - the integration doesn't do anything without task_configs. + Controls the notifications and resolver permissions for this + suspension. deprecated: true + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoSuspensionConfig' + state: + description: >- + Required. State of this suspension, indicating what action a + resolver has taken. + enum: + - RESOLUTION_STATE_UNSPECIFIED + - PENDING + - REJECTED + - LIFTED + enumDescriptions: + - Unset state. + - The suspension has not yet been resolved. + - The resolver has rejected the suspension. + - The resolver has lifted the suspension. + type: string + lastModifyTime: + readOnly: true + description: Output only. Auto-generated. + type: string + format: google-datetime + eventExecutionInfoId: + description: Required. ID of the associated execution. + type: string + createTime: + readOnly: true + description: Output only. Auto-generated. + type: string + format: google-datetime + taskId: + description: Required. Task id of the associated SuspensionTask. + type: string + name: + type: string + description: Resource name for suspensions suspension/{suspension_id} + audit: + description: Metadata pertaining to the resolution of this suspension. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSuspensionAudit' + description: A record representing a suspension. + id: GoogleCloudIntegrationsV1alphaSuspension + GoogleCloudIntegrationsV1alphaBooleanParameterArray: + type: object + properties: + booleanValues: type: array items: - $ref: '#/components/schemas/EnterpriseCrmFrontendsEventbusProtoTaskConfig' - taskConfigs: - description: >- - Optional. Task configuration for the integration. It's optional, but - the integration doesn't do anything without task_configs. + type: boolean + description: Boolean array. + id: GoogleCloudIntegrationsV1alphaBooleanParameterArray + description: This message only contains a field of boolean array. + EnterpriseCrmEventbusProtoDoubleArray: + type: object + properties: + values: type: array items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTaskConfig' - triggerConfigsInternal: - description: Optional. Trigger configurations. - deprecated: true - type: array - items: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoTriggerConfig - triggerConfigs: - description: Optional. Trigger configurations. - type: array - items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTriggerConfig' - integrationParametersInternal: - description: >- - Optional. Parameters that are expected to be passed to the - integration when an event is triggered. This consists of all the - parameters that are expected in the integration execution. This - gives the user the ability to provide default values, add - information like PII and also provide data types of each parameter. - deprecated: true - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoWorkflowParameters - integrationParameters: - description: >- - Optional. Parameters that are expected to be passed to the - integration when an event is triggered. This consists of all the - parameters that are expected in the integration execution. This - gives the user the ability to provide default values, add - information like PII and also provide data types of each parameter. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationParameter - teardown: - description: >- - Optional. Contains a graph of tasks that will be executed before - putting the event in a terminal state (SUCCEEDED/FAILED/FATAL), - regardless of success or failure, similar to "finally" in code. - deprecated: true - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTeardown' - origin: - description: >- - Optional. The origin that indicates where this integration is coming - from. - deprecated: true - type: string - enumDescriptions: - - '' - - Workflow is being created via event bus UI. - - >- - User checked in this workflow in Piper as v2 textproto format and - we synced it into spanner. - - >- - User checked in this workflow in piper as v3 textproto format and - we synced it into spanner. - - Workflow is being created via Standalone IP Provisioning - - Workflow is being created via Test Case. - enumDeprecated: - - false - - false - - true - - false - - false - - false + type: number + format: double + id: EnterpriseCrmEventbusProtoDoubleArray + EnterpriseCrmEventbusProtoIntFunction: + properties: + functionName: enum: - UNSPECIFIED - - UI - - PIPER_V2 - - PIPER_V3 - - APPLICATION_IP_PROVISIONING - - TEST_CASE - status: - description: >- - Output only. Generated by eventbus. User should not set it as an - input. - readOnly: true - deprecated: true + - ADD + - SUBTRACT + - MULTIPLY + - DIVIDE + - EXPONENT + - GREATER_THAN_EQUAL_TO + - GREATER_THAN + - LESS_THAN_EQUAL_TO + - LESS_THAN + - TO_DOUBLE + - TO_STRING + - EQUALS + - TO_JSON + - MOD + - EPOCH_TO_HUMAN_READABLE_TIME type: string enumDescriptions: - '' @@ -2500,1097 +2255,1192 @@ components: - '' - '' - '' - enum: - - UNKNOWN - - DRAFT - - ACTIVE - - ARCHIVED - - SNAPSHOT - state: - description: Output only. User should not set it as an input. - readOnly: true + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + id: EnterpriseCrmEventbusProtoIntFunction + type: object + GoogleCloudIntegrationsV1alphaUploadTemplateRequest: + type: object + properties: + content: + description: Required. The textproto of the template. type: string + fileFormat: + description: Required. File format for upload request. enumDescriptions: - - Default. - - Draft. - - Active. - - Archived. - - Snapshot. + - Unspecified file format + - JSON File Format + - YAML File Format enum: - - INTEGRATION_STATE_UNSPECIFIED - - DRAFT - - ACTIVE - - ARCHIVED - - SNAPSHOT - snapshotNumber: - description: >- - Output only. An increasing sequence that is set when a new snapshot - is created. The last created snapshot can be identified by - [workflow_name, org_id latest(snapshot_number)]. However, last - created snapshot need not be same as the HEAD. So users should - always use "HEAD" tag to identify the head. - readOnly: true + - FILE_FORMAT_UNSPECIFIED + - JSON + - YAML type: string - format: int64 - updateTime: - description: Output only. Auto-generated. - readOnly: true + id: GoogleCloudIntegrationsV1alphaUploadTemplateRequest + description: Request for UploadTemplate. + GoogleCloudIntegrationsV1alphaTriggerConfigVariables: + description: Variables names mapped to api trigger. + type: object + id: GoogleCloudIntegrationsV1alphaTriggerConfigVariables + properties: + names: + type: array + items: + type: string + description: Optional. List of variable names. + EnterpriseCrmEventbusProtoCondition: + id: EnterpriseCrmEventbusProtoCondition + description: Condition that uses `operator` to evaluate the key against the value. + properties: + operator: + enum: + - UNSET + - EQUALS + - CONTAINS + - LESS_THAN + - GREATER_THAN + - EXISTS + - DOES_NOT_EXIST + - IS_EMPTY + - IS_NOT_EMPTY type: string - format: google-datetime - lockHolder: description: >- - Optional. The edit lock holder's email address. Generated based on - the End User Credentials/LOAS role of the user making the call. - type: string - createTime: - description: Output only. Auto-generated. - readOnly: true + Operator used to evaluate the condition. Please note that an + operator with an inappropriate key/value operand will result in + IllegalArgumentException, e.g. CONTAINS with boolean key/value pair. + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + eventPropertyKey: type: string - format: google-datetime - lastModifierEmail: description: >- - Optional. The last modifier's email address. Generated based on the - End User Credentials/LOAS role of the user making the call. + Key that's evaluated against the `value`. Please note the data type + of the runtime value associated with the key should match the data + type of `value`, else an IllegalArgumentException is thrown. + value: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoValueType' + description: Value that's checked for the key. + type: object + deprecated: true + EnterpriseCrmEventbusProtoSuspensionResolutionInfo: + id: EnterpriseCrmEventbusProtoSuspensionResolutionInfo + properties: + wrappedDek: type: string - parentTemplateId: - description: >- - Optional. The id of the template which was used to create this - integration_version. + format: byte + description: Wrapped dek + taskNumber: type: string - userLabel: - description: >- - Optional. A user-defined label that annotates an integration - version. Typically, this is only set when the integration version is - created. + description: Required. Task number of the associated SuspensionTask. + lastModifiedTimestamp: + format: google-datetime type: string - databasePersistencePolicy: - description: >- - Optional. Flag to disable database persistence for execution data, - including event execution info, execution export info, execution - metadata index and execution param index. + description: Auto-generated. + suspensionConfig: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoSuspensionConfig' + createdTimestamp: + format: google-datetime + type: string + description: Auto-generated. + product: type: string enumDescriptions: - - Enables persistence for all execution data. - - Disables persistence for all execution data. - - Asynchronously persist all execution data. + - '' + - '' + - '' + - '' + description: >- + Which Google product the suspension belongs to. If not set, the + suspension belongs to Integration Platform by default. enum: - - DATABASE_PERSISTENCE_POLICY_UNSPECIFIED - - DATABASE_PERSISTENCE_DISABLED - - DATABASE_PERSISTENCE_ASYNC - errorCatcherConfigs: - description: >- - Optional. Error Catch Task configuration for the integration. It's - optional. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaErrorCatcherConfig - runAsServiceAccount: - description: >- - Optional. The run-as service account email, if set and auth config - is not configured, that will be used to generate auth token to be - used in Connector task, Rest caller task and Cloud function task. + - UNSPECIFIED_PRODUCT + - IP + - APIGEE + - SECURITY + clientId: + description: The event data user sends as request. type: string - cloudLoggingDetails: - description: Optional. Cloud Logging details for the integration version + cloudKmsConfig: + description: KMS info, used by cmek/gmek integration + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoCloudKmsConfig' + externalTraffic: + description: The origin of the suspension for periodic notifications. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoExternalTraffic' + suspensionId: + type: string + description: Primary key for the SuspensionResolutionInfoTable. + encryptedSuspensionResolutionInfo: + type: string + format: byte + description: Encrypted SuspensionResolutionInfo + eventExecutionInfoId: + type: string + description: Required. ID of the associated execution. + workflowName: + description: Required. The name of the originating workflow. + type: string + audit: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaCloudLoggingDetails - integrationConfigParameters: + #/components/schemas/EnterpriseCrmEventbusProtoSuspensionResolutionInfoAudit + status: + enum: + - PENDING_UNSPECIFIED + - REJECTED + - LIFTED + - CANCELED + type: string + enumDescriptions: + - '' + - '' + - '' + - '' + type: object + GoogleCloudIntegrationsV1alphaParameterMap: + properties: + keyType: description: >- - Optional. Config Parameters that are expected to be passed to the - integration when an integration is published. This consists of all - the parameters that are expected to provide configuration in the - integration execution. This gives the user the ability to provide - default values, value, add information like connection url, project - based configuration value and also provide data types of each - parameter. + Option to specify key type for all entries of the map. If provided + then field types for all entries must conform to this. + enumDescriptions: + - Unspecified. + - String. + - Integer. + - Double Number. + - Boolean. + - String Array. + - Integer Array. + - Double Number Array. + - Boolean Array. + - Json. + - Proto Value (Internal use only). + - Proto Array (Internal use only). + - // Non-serializable object (Internal use only). + - Proto Enum (Internal use only). + - Serialized object (Internal use only). + - Proto Enum Array (Internal use only). + - >- + BYTES data types are not allowed for top-level params. They're + only meant to support protobufs with BYTES (sub)fields. + - >- + BYTES_ARRAY data types are not allowed for top-level params. + They're only meant to support protobufs with BYTES (sub)fields. + type: string + enum: + - INTEGRATION_PARAMETER_DATA_TYPE_UNSPECIFIED + - STRING_VALUE + - INT_VALUE + - DOUBLE_VALUE + - BOOLEAN_VALUE + - STRING_ARRAY + - INT_ARRAY + - DOUBLE_ARRAY + - BOOLEAN_ARRAY + - JSON_VALUE + - PROTO_VALUE + - PROTO_ARRAY + - NON_SERIALIZABLE_OBJECT + - PROTO_ENUM + - SERIALIZED_OBJECT_VALUE + - PROTO_ENUM_ARRAY + - BYTES + - BYTES_ARRAY + valueType: + enum: + - INTEGRATION_PARAMETER_DATA_TYPE_UNSPECIFIED + - STRING_VALUE + - INT_VALUE + - DOUBLE_VALUE + - BOOLEAN_VALUE + - STRING_ARRAY + - INT_ARRAY + - DOUBLE_ARRAY + - BOOLEAN_ARRAY + - JSON_VALUE + - PROTO_VALUE + - PROTO_ARRAY + - NON_SERIALIZABLE_OBJECT + - PROTO_ENUM + - SERIALIZED_OBJECT_VALUE + - PROTO_ENUM_ARRAY + - BYTES + - BYTES_ARRAY + type: string + enumDescriptions: + - Unspecified. + - String. + - Integer. + - Double Number. + - Boolean. + - String Array. + - Integer Array. + - Double Number Array. + - Boolean Array. + - Json. + - Proto Value (Internal use only). + - Proto Array (Internal use only). + - // Non-serializable object (Internal use only). + - Proto Enum (Internal use only). + - Serialized object (Internal use only). + - Proto Enum Array (Internal use only). + - >- + BYTES data types are not allowed for top-level params. They're + only meant to support protobufs with BYTES (sub)fields. + - >- + BYTES_ARRAY data types are not allowed for top-level params. + They're only meant to support protobufs with BYTES (sub)fields. + description: >- + Option to specify value type for all entries of the map. If provided + then field types for all entries must conform to this. + entries: type: array items: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationConfigParameter - enableVariableMasking: - description: >- - Optional. True if variable masking feature should be turned on for - this version - type: boolean - createdFromTemplate: - description: >- - Optional. Optional. The resource name of the template from which the - integration is created. - type: string - cloudKmsKey: - description: Optional. Cloud KMS resource name for the CMEK encryption key. - type: string - EnterpriseCrmFrontendsEventbusProtoTaskConfig: - id: EnterpriseCrmFrontendsEventbusProtoTaskConfig + #/components/schemas/GoogleCloudIntegrationsV1alphaParameterMapEntry + description: A list of parameter map entries. + type: object + id: GoogleCloudIntegrationsV1alphaParameterMap description: >- - The task configuration details. This is not the implementation of Task. - There might be multiple TaskConfigs for the same Task. + A generic multi-map that holds key value pairs. They keys and values can + be of any type, unless specified. + EnterpriseCrmEventbusProtoStringParameterArray: + properties: + stringValues: + type: array + items: + type: string + type: object + id: EnterpriseCrmEventbusProtoStringParameterArray + GoogleCloudIntegrationsV1alphaNextTask: + id: GoogleCloudIntegrationsV1alphaNextTask type: object properties: - taskName: - description: The name for the task. + taskId: type: string - taskNumber: - description: >- - REQUIRED: the identifier of this task within its parent event - config, specified by the client. This should be unique among all the - tasks belong to the same event config. We use this field as the - identifier to find next tasks (via field `next_tasks.task_number`). + description: Task number of the next task. + taskConfigId: + type: string + description: ID of the next task. + description: type: string - parameters: - description: The customized parameters the user can pass to this task. - type: object - additionalProperties: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterEntry - taskSpec: description: >- - A string template that allows user to configure task parameters - (with either literal default values or tokens which will be resolved - at execution time) for the task. It will eventually replace the old - "parameters" field. + User-provided description intended to give additional business + context about the task. + condition: + description: >- + Standard filter expression for this task to become an eligible next + task. type: string - creatorEmail: - description: The creator's email address. Auto-generated from the user's email. + displayName: + description: User-provided label that is attached to this edge in the UI. type: string - createTime: - description: Auto-generated. + description: >- + The task that is next in line to be executed, if the condition specified + evaluated to true. + GoogleCloudIntegrationsV1alphaUploadIntegrationVersionRequest: + properties: + fileFormat: + enumDescriptions: + - Unspecified file format + - JSON File Format + - YAML File Format + enum: + - FILE_FORMAT_UNSPECIFIED + - JSON + - YAML + description: File format for upload request. type: string - format: google-datetime - lastModifiedTime: - description: Auto-generated. + content: + description: The textproto of the IntegrationVersion. type: string - format: google-datetime - failurePolicy: - description: >- - Optional. Determines the number of times the task will be retried on - failure and with what retry strategy. This is applicable for - asynchronous calls to Eventbus alone (Post To Queue, Schedule etc.). - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoFailurePolicy' - synchronousCallFailurePolicy: - description: >- - Optional. Determines the number of times the task will be retried on - failure and with what retry strategy. This is applicable for - synchronous calls to Eventbus alone (Post). - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoFailurePolicy' - conditionalFailurePolicies: - description: >- - Optional. Determines the number of times the task will be retried on - failure and with what retry strategy. This is applicable for - synchronous calls to Eventbus alone (Post). - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoConditionalFailurePolicies - nextTasks: - description: >- - The set of tasks that are next in line to be executed as per the - execution graph defined for the parent event, specified by - `event_config_id`. Each of these next tasks are executed only if the - condition associated with them evaluates to true. - type: array + id: GoogleCloudIntegrationsV1alphaUploadIntegrationVersionRequest + type: object + description: Request for UploadIntegrationVersion. + GoogleCloudIntegrationsV1alphaListTestCasesResponse: + description: Response for ListTestCases + properties: + testCases: items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoNextTask' - nextTasksExecutionPolicy: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestCase' + description: The test cases corresponding to the specified filter + type: array + nextPageToken: description: >- - The policy dictating the execution of the next set of tasks for the - current task. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - enumDescriptions: - - Default - - Execute all the tasks that satisfy their associated condition. - - Execute the first task that satisfies the associated condition. - enum: - - UNSPECIFIED - - RUN_ALL_MATCH - - RUN_FIRST_MATCH - alertConfigs: - description: >- - Alert configurations on error rate, warning rate, number of runs, - durations, etc. + type: object + id: GoogleCloudIntegrationsV1alphaListTestCasesResponse + GoogleCloudIntegrationsV1alphaListAuthConfigsResponse: + type: object + properties: + nextPageToken: + description: The token used to retrieve the next page of results. + type: string + authConfigs: type: array + description: The list of AuthConfigs retrieved. items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTaskAlertConfig' - rollbackStrategy: - description: >- - Optional. Contains information about what needs to be done upon - failure (either a permanent error or after it has been retried too - many times). - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoRollbackStrategy - position: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' + description: Response to list AuthConfigs. + id: GoogleCloudIntegrationsV1alphaListAuthConfigsResponse + EnterpriseCrmEventbusProtoExecutionTraceInfo: + description: >- + Message that helps aggregate all sub-executions triggered by one + execution and keeps track of child-parent relationships. + id: EnterpriseCrmEventbusProtoExecutionTraceInfo + properties: + parentEventExecutionInfoId: description: >- - Optional. Informs the front-end application where to draw this task - config on the UI. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoCoordinate' - taskExecutionStrategy: - description: The policy dictating the execution strategy of this task. + Parent event execution info id that triggers the current execution + through SubWorkflowExecutorTask. type: string - enumDescriptions: - - >- - Wait until all of its previous tasks finished execution, then - verify at least one of the edge conditions is met, and execute if - possible. This should be considered as WHEN_ALL_TASKS_SUCCEED. - - >- - Start execution as long as any of its previous tasks finished - execution and the corresponding edge condition is met (since we - will execute if only that succeeding edge condition is met). - - >- - Wait until all of its previous tasks finished execution, then - verify the all edge conditions are met and execute if possible. - enum: - - WHEN_ALL_SUCCEED - - WHEN_ANY_SUCCEED - - WHEN_ALL_TASKS_AND_CONDITIONS_SUCCEED - label: - description: User-provided label that is attached to this TaskConfig in the UI. + traceId: type: string - incomingEdgeCount: - description: The number of edges leading into this TaskConfig. + description: Used to aggregate ExecutionTraceInfo. + type: object + GoogleCloudIntegrationsV1alphaCoordinate: + id: GoogleCloudIntegrationsV1alphaCoordinate + type: object + properties: + 'y': + format: int32 type: integer + description: Required. Y axis of the coordinate + x: format: int32 - precondition: - description: >- - Optional. Standard filter expression evaluated before execution. - Independent of other conditions and tasks. Can be used to enable - rollout. e.g. "rollout(5)" will only allow 5% of incoming traffic to - task. - type: string - preconditionLabel: - description: >- - Optional. User-provided label that is attached to precondition in - the UI. - type: string - disableStrictTypeValidation: - description: >- - If this config contains a TypedTask, allow validation to succeed if - an input is read from the output of another TypedTask whose output - type is declared as a superclass of the requested input type. For - instance, if the previous task declares an output of type Message, - any task with this flag enabled will pass validation when attempting - to read any proto Message type from the resultant Event parameter. + type: integer + description: Required. X axis of the coordinate + description: Configuration detail of coordinate, it used for UI + GoogleCloudIntegrationsV1alphaSwitchVariableMaskingRequest: + properties: + enableVariableMasking: type: boolean - successPolicy: - description: Determines what action to take upon successful task completion. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoSuccessPolicy' - taskEntity: - description: Copy of the task entity that this task config is an instance of. - $ref: '#/components/schemas/EnterpriseCrmFrontendsEventbusProtoTaskEntity' - jsonValidationOption: description: >- - If set, overrides the option configured in the Task implementation - class. - type: string + Required. REQUIRED: True if variable masking feature should be + turned on for this region + type: object + id: GoogleCloudIntegrationsV1alphaSwitchVariableMaskingRequest + description: Request to enable/disable variable masking for a provisioned client + EnterpriseCrmEventbusProtoSuccessPolicy: + id: EnterpriseCrmEventbusProtoSuccessPolicy + description: >- + Policy that dictates the behavior for the task after it completes + successfully. + type: object + properties: + finalState: enumDescriptions: + - '' - >- - As per the default behavior, no validation will be run. Will not - override any option set in a Task. - - Do not run any validation against JSON schemas. - - >- - Validate all potential input JSON parameters against schemas - specified in WorkflowParameters. + The default behavior, where successful tasks will be marked as + SUCCEEDED. - >- - Validate all potential output JSON parameters against schemas - specified in WorkflowParameters. - - Perform both PRE_EXECUTION and POST_EXECUTION validations. - enum: - - UNSPECIFIED_JSON_VALIDATION_OPTION - - SKIP - - PRE_EXECUTION - - POST_EXECUTION - - PRE_POST_EXECUTION - taskType: - description: Defines the type of the task - type: string - enumDescriptions: - - Normal IP task - - Task is of As-Is Template type - - Task is of I/O template type with a different underlying task + Sets the state to SUSPENDED after executing. This is required for + SuspensionTask; event execution will continue once the user calls + ResolveSuspensions with the event_execution_info_id and the task + number. enum: - - TASK - - ASIS_TEMPLATE - - IO_TEMPLATE - description: - description: >- - User-provided description intended to give more business context - about the task. - type: string - taskTemplateName: - description: Used to define task-template name if task is of type task-template - type: string - errorCatcherId: + - UNSPECIFIED + - SUCCEEDED + - SUSPENDED description: >- - Optional Error catcher id of the error catch flow which will be - executed when execution error happens in the task - type: string - externalTaskType: + State to which the execution snapshot status will be set if the task + succeeds. type: string - enumDescriptions: - - Default value. External task type is not specified - - Tasks belongs to the normal task flows - - Task belongs to the error catch task flows - enum: - - EXTERNAL_TASK_TYPE_UNSPECIFIED - - NORMAL_TASK - - ERROR_TASK - EnterpriseCrmFrontendsEventbusProtoParameterEntry: - id: EnterpriseCrmFrontendsEventbusProtoParameterEntry - description: Key-value pair of EventBus parameters. + GoogleCloudIntegrationsV1alphaExecutionSnapshot: + id: GoogleCloudIntegrationsV1alphaExecutionSnapshot type: object properties: - key: + params: + additionalProperties: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' + description: Parameters used during the execution. + type: object + taskExecutionDetails: + description: All of the task execution details at the given point of time. + items: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaTaskExecutionDetails + type: array + checkpointTaskNumber: description: >- - Key is used to retrieve the corresponding parameter value. This - should be unique for a given fired event. These parameters must be - predefined in the workflow definition. + Indicates "after which checkpoint task's execution" this snapshot is + taken. type: string - value: - description: >- - Values for the defined keys. Each value can either be string, int, - double or any proto message. + executionSnapshotMetadata: + description: Metadata of the execution snapshot. $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterValueType - dataType: - description: Explicitly getting the type of the parameter. - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - >- - BYTES and BYTES_ARRAY data types are not allowed for top-level - params. They're only meant to support protobufs with BYTES - (sub)fields. - - '' - - '' - - '' - enum: - - DATA_TYPE_UNSPECIFIED - - STRING_VALUE - - INT_VALUE - - DOUBLE_VALUE - - BOOLEAN_VALUE - - PROTO_VALUE - - SERIALIZED_OBJECT_VALUE - - STRING_ARRAY - - INT_ARRAY - - DOUBLE_ARRAY - - PROTO_ARRAY - - PROTO_ENUM - - BOOLEAN_ARRAY - - PROTO_ENUM_ARRAY - - BYTES - - BYTES_ARRAY - - NON_SERIALIZABLE_OBJECT - - JSON_VALUE - masked: - description: True if this parameter should be masked in the logs - type: boolean - EnterpriseCrmFrontendsEventbusProtoParameterValueType: - id: EnterpriseCrmFrontendsEventbusProtoParameterValueType - description: 'To support various types of parameter values. Next available id: 14' + #/components/schemas/GoogleCloudIntegrationsV1alphaExecutionSnapshotExecutionSnapshotMetadata + description: Contains the snapshot of the execution for a given checkpoint. + GoogleCloudIntegrationsV1alphaTestIntegrationsResponse: + id: GoogleCloudIntegrationsV1alphaTestIntegrationsResponse type: object + description: The response for testing an integration. properties: - stringValue: - type: string - intValue: + executionId: + description: The id of the execution corresponding to this run of integration. type: string - format: int64 - doubleValue: - type: number - format: double - booleanValue: + parameterEntries: + items: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterEntry + deprecated: true + description: >- + Parameters are a part of Event and can be used to communicate + between different tasks that are part of the same integration + execution. + type: array + executionFailed: + description: Is true if any execution in the integration failed. False otherwise. type: boolean - protoValue: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - serializedObjectValue: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoSerializedObjectParameter - stringArray: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoStringParameterArray - intArray: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoIntParameterArray - doubleArray: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoDoubleParameterArray - protoArray: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoProtoParameterArray - booleanArray: + eventParameters: $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoBooleanParameterArray - jsonValue: - type: string - EnterpriseCrmFrontendsEventbusProtoSerializedObjectParameter: - id: EnterpriseCrmFrontendsEventbusProtoSerializedObjectParameter - type: object + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters + deprecated: true + description: Details for the integration that were executed. + parameters: + additionalProperties: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' + description: >- + Optional. Parameters are a part of Event and can be used to + communicate between different tasks that are part of the same + integration execution. + type: object + GoogleCloudIntegrationsV1alphaListSfdcInstancesResponse: properties: - objectValue: + nextPageToken: + description: The token used to retrieve the next page of results. type: string - format: byte - EnterpriseCrmFrontendsEventbusProtoStringParameterArray: - id: EnterpriseCrmFrontendsEventbusProtoStringParameterArray - type: object - properties: - stringValues: + sfdcInstances: type: array items: - type: string - EnterpriseCrmFrontendsEventbusProtoIntParameterArray: - id: EnterpriseCrmFrontendsEventbusProtoIntParameterArray + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcInstance' + description: The list of SfdcInstances retrieved. type: object + id: GoogleCloudIntegrationsV1alphaListSfdcInstancesResponse + description: Response to list SfdcInstances. + GoogleCloudIntegrationsV1alphaTriggerConfig: + id: GoogleCloudIntegrationsV1alphaTriggerConfig properties: - intValues: - type: array - items: + position: + description: >- + Optional. Informs the front-end application where to draw this error + catcher config on the UI. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCoordinate' + outputVariables: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaTriggerConfigVariables + description: Optional. List of output variables for the api trigger. + properties: + additionalProperties: type: string - format: int64 - EnterpriseCrmFrontendsEventbusProtoDoubleParameterArray: - id: EnterpriseCrmFrontendsEventbusProtoDoubleParameterArray - type: object - properties: - doubleValues: - type: array - items: - type: number - format: double - EnterpriseCrmFrontendsEventbusProtoProtoParameterArray: - id: EnterpriseCrmFrontendsEventbusProtoProtoParameterArray - type: object - properties: - protoValues: - type: array + type: object + description: >- + Optional. Configurable properties of the trigger, not to be confused + with integration parameters. E.g. "name" is a property for API + triggers and "subscription" is a property for Pub/sub triggers. + label: + type: string + description: Optional. The user created label for a particular trigger. + startTasks: items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - EnterpriseCrmFrontendsEventbusProtoBooleanParameterArray: - id: EnterpriseCrmFrontendsEventbusProtoBooleanParameterArray - type: object - properties: - booleanValues: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaNextTask' + description: >- + Optional. Set of tasks numbers from where the integration execution + is started by this trigger. If this is empty, then integration is + executed with default start tasks. In the list of start tasks, none + of two tasks can have direct ancestor-descendant relationships (i.e. + in a same integration execution graph). type: array - items: - type: boolean - EnterpriseCrmEventbusProtoFailurePolicy: - id: EnterpriseCrmEventbusProtoFailurePolicy - description: >- - Policy that defines the task retry logic and failure type. If no - FailurePolicy is defined for a task, all its dependent tasks will not be - executed (i.e, a `retry_strategy` of NONE will be applied). - type: object - properties: - retryStrategy: - description: Defines what happens to the task upon failure. + trigger: type: string - enumDescriptions: - - '' - - >- - Ignores the failure of this task. The rest of the workflow will be - executed Assuming this task succeeded. - - >- - Causes a permanent failure of the task. However, if the last - task(s) of event was successfully completed despite the failure of - this task, it has no impact on the workflow. - - >- - Causes a permanent failure of the event. It is different from NONE - because this will mark the event as FAILED by shutting down the - event execution. - - >- - The task will be retried from the failed task onwards after a - fixed delay. A max-retry count is required to be specified with - this strategy. A jitter is added to each exponential interval so - that concurrently failing tasks of the same type do not end up - retrying after the exact same exponential interval. - Max_num_retries and interval_in_seconds must be specified. - - >- - The task will be retried from the failed task onwards after a - fixed delay that linearly increases with each retry attempt. A - jitter is added to each exponential interval so that concurrently - failing tasks of the same type do not end up retrying after the - exact same exponential interval. A max-retry count is required to - be specified with this strategy. Max_num_retries and - interval_in_seconds must be specified. - - >- - The task will be retried after an exponentially increasing period - of time with each failure. A jitter is added to each exponential - interval so that concurrently failing tasks of the same type do - not end up retrying after the exact same exponential interval. A - max-retry count is required to be specified with this strategy. - `max_num_retries` and `interval_in_seconds` must be specified. - - >- - The entire workflow will be restarted with the initial parameters - that were set when the event was fired. A max-retry count is - required to be specified with this strategy. `max_num_retries` and - `interval_in_seconds` must be specified. - enum: - - UNSPECIFIED - - IGNORE - - NONE - - FATAL - - FIXED_INTERVAL - - LINEAR_BACKOFF - - EXPONENTIAL_BACKOFF - - RESTART_WORKFLOW_WITH_BACKOFF - maxNumRetries: description: >- - Required if retry_strategy is FIXED_INTERVAL or - LINEAR/EXPONENTIAL_BACKOFF/RESTART_WORKFLOW_WITH_BACKOFF. Defines - the number of times the task will be retried if failed. - type: integer - format: int32 - intervalInSeconds: - description: >- - Required if retry_strategy is FIXED_INTERVAL or - LINEAR/EXPONENTIAL_BACKOFF/RESTART_WORKFLOW_WITH_BACKOFF. Defines - the initial interval for backoff. + Optional. Name of the trigger. Example: "API Trigger", "Cloud Pub + Sub Trigger" When set will be sent out to monitoring dashabord for + tracking purpose. + triggerType: + type: string + enum: + - TRIGGER_TYPE_UNSPECIFIED + - CRON + - API + - SFDC_CHANNEL + - CLOUD_PUBSUB_EXTERNAL + - SFDC_CDC_CHANNEL + - CLOUD_SCHEDULER + - INTEGRATION_CONNECTOR_TRIGGER + - PRIVATE_TRIGGER + - CLOUD_PUBSUB + - EVENTARC_TRIGGER + enumDescriptions: + - Unknown. + - Trigger by scheduled time. + - Trigger by API call. + - Trigger by Salesforce Channel. + - Trigger by Pub/Sub external. + - SFDC Channel Trigger for CDC. + - Trigger by Cloud Scheduler job. + - Trigger by Connector Event + - Trigger for private workflow + - Trigger by cloud pub/sub for internal ip + - Trigger by Eventarc + description: Optional. Type of trigger + description: type: string - format: int64 - retryCondition: description: >- - Optional. The retry condition that will be evaluated for this - failure policy with the corresponding retry strategy. + Optional. User-provided description intended to give additional + business context about the task. + triggerId: + description: >- + Optional. Auto-generated trigger ID. The ID is based on the + properties that you define in the trigger config. For example, for + an API trigger, the trigger ID follows the format: + api_trigger/TRIGGER_NAME Where trigger config has properties with + value {"Trigger name": TRIGGER_NAME} type: string - EnterpriseCrmEventbusProtoConditionalFailurePolicies: - id: EnterpriseCrmEventbusProtoConditionalFailurePolicies - type: object - properties: - failurePolicies: + alertConfig: description: >- - The list of failure policies that will be applied to the task in - order. - type: array + Optional. An alert threshold configuration for the [trigger + client + + integration] tuple. If these values are not specified in the + trigger config, default values will be populated by the system. Note + that there must be exactly one alert threshold configured per + [client + trigger + integration] when published. items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoFailurePolicy' - defaultFailurePolicy: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationAlertConfig + type: array + nextTasksExecutionPolicy: + description: Optional. Dictates how next tasks will be executed. + enum: + - NEXT_TASKS_EXECUTION_POLICY_UNSPECIFIED + - RUN_ALL_MATCH + - RUN_FIRST_MATCH + type: string + enumDescriptions: + - Default. + - Execute all the tasks that satisfy their associated condition. + - Execute the first task that satisfies the associated condition. + triggerNumber: description: >- - The default failure policy to be applied if no conditional failure - policy matches - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoFailurePolicy' - EnterpriseCrmEventbusProtoNextTask: - id: EnterpriseCrmEventbusProtoNextTask + Required. A number to uniquely identify each trigger config within + the integration on UI. + type: string + errorCatcherId: + description: >- + Optional. Optional Error catcher id of the error catch flow which + will be executed when execution error happens in the task + type: string + cloudSchedulerConfig: + description: Optional. Cloud Scheduler Trigger related metadata + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaCloudSchedulerConfig + inputVariables: + description: Optional. List of input variables for the api trigger. + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaTriggerConfigVariables + type: object + description: Configuration detail of a trigger. + GoogleCloudIntegrationsV1alphaFailurePolicy: description: >- - The task that is next in line to be executed, if the condition specified - evaluated to true. + Policy that defines the task retry logic and failure type. If no + FailurePolicy is defined for a task, all its dependent tasks will not be + executed (i.e, a `retry_strategy` of NONE will be applied). type: object properties: - taskConfigId: - description: ID of the next task. - type: string - taskNumber: - description: Task number of the next task. + intervalTime: type: string - combinedConditions: + format: google-datetime description: >- - Combined condition for this task to become an eligible next task. - Each of these combined_conditions are joined with logical OR. - DEPRECATED: use `condition` - deprecated: true - type: array - items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoCombinedCondition' + Required if retry_strategy is FIXED_INTERVAL or + LINEAR/EXPONENTIAL_BACKOFF/RESTART_INTEGRATION_WITH_BACKOFF. Defines + the initial interval in seconds for backoff. + retryStrategy: + description: Defines what happens to the task upon failure. + enumDescriptions: + - UNSPECIFIED. + - >- + Ignores the failure of this task. The rest of the integration will + be executed Assuming this task succeeded. + - >- + Causes a permanent failure of the task. However, if the last + task(s) of event was successfully completed despite the failure of + this task, it has no impact on the integration. + - >- + Causes a permanent failure of the event. It is different from NONE + because this will mark the event as FAILED by shutting down the + event execution. + - >- + The task will be retried from the failed task onwards after a + fixed delay. A max-retry count is required to be specified with + this strategy. A jitter is added to each exponential interval so + that concurrently failing tasks of the same type do not end up + retrying after the exact same exponential interval. max_retries + and interval_in_seconds must be specified. + - >- + The task will be retried from the failed task onwards after a + fixed delay that linearly increases with each retry attempt. A + jitter is added to each exponential interval so that concurrently + failing tasks of the same type do not end up retrying after the + exact same exponential interval. A max-retry count is required to + be specified with this strategy. max_retries and + interval_in_seconds must be specified. + - >- + The task will be retried after an exponentially increasing period + of time with each failure. A jitter is added to each exponential + interval so that concurrently failing tasks of the same type do + not end up retrying after the exact same exponential interval. A + max-retry count is required to be specified with this strategy. + `max_retries` and `interval_in_seconds` must be specified. + - >- + The entire integration will be restarted with the initial + parameters that were set when the event was fired. A max-retry + count is required to be specified with this strategy. + `max_retries` and `interval_in_seconds` must be specified. + enum: + - RETRY_STRATEGY_UNSPECIFIED + - IGNORE + - NONE + - FATAL + - FIXED_INTERVAL + - LINEAR_BACKOFF + - EXPONENTIAL_BACKOFF + - RESTART_INTEGRATION_WITH_BACKOFF + type: string condition: description: >- - Standard filter expression for this task to become an eligible next - task. - type: string - label: - description: User-provided label that is attached to this edge in the UI. + Optional. The string condition that will be evaluated to determine + if the task should be retried with this failure policy. type: string - description: + maxRetries: description: >- - User-provided description intended to give more business context - about the next task edge or condition. - type: string - EnterpriseCrmEventbusProtoCombinedCondition: - id: EnterpriseCrmEventbusProtoCombinedCondition - deprecated: true - description: >- - This message recursively combines constituent conditions using logical - AND. + Required if retry_strategy is FIXED_INTERVAL or + LINEAR/EXPONENTIAL_BACKOFF/RESTART_INTEGRATION_WITH_BACKOFF. Defines + the number of times the task will be retried if failed. + type: integer + format: int32 + id: GoogleCloudIntegrationsV1alphaFailurePolicy + GoogleCloudIntegrationsV1alphaScheduleIntegrationsRequest: + description: The request for scheduling an integration. + id: GoogleCloudIntegrationsV1alphaScheduleIntegrationsRequest type: object properties: - conditions: - description: A set of individual constituent conditions. - type: array + parameterEntries: + description: >- + Parameters are a part of Event and can be used to communicate + between different tasks that are part of the same integration + execution. items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoCondition' - EnterpriseCrmEventbusProtoCondition: - id: EnterpriseCrmEventbusProtoCondition - deprecated: true - description: Condition that uses `operator` to evaluate the key against the value. - type: object - properties: - eventPropertyKey: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterEntry + type: array + deprecated: true + triggerId: description: >- - Key that's evaluated against the `value`. Please note the data type - of the runtime value associated with the key should match the data - type of `value`, else an IllegalArgumentException is thrown. + Required. Matched against all {@link TriggerConfig}s across all + integrations. i.e. TriggerConfig.trigger_id.equals(trigger_id) type: string - operator: + scheduleTime: + type: string + format: google-datetime description: >- - Operator used to evaluate the condition. Please note that an - operator with an inappropriate key/value operand will result in - IllegalArgumentException, e.g. CONTAINS with boolean key/value pair. + The time that the integration should be executed. If the time is + less or equal to the current time, the integration is executed + immediately. + requestId: type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - UNSET - - EQUALS - - CONTAINS - - LESS_THAN - - GREATER_THAN - - EXISTS - - DOES_NOT_EXIST - - IS_EMPTY - - IS_NOT_EMPTY - value: - description: Value that's checked for the key. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoValueType' - EnterpriseCrmEventbusProtoValueType: - id: EnterpriseCrmEventbusProtoValueType - description: >- - Used for define type for values. Currently supported value types include - int, string, double, array, and any proto message. - type: object - properties: - stringValue: - type: string - intValue: + description: >- + This is used to de-dup incoming request: if the duplicate request + was detected, the response from the previous execution is returned. + parameters: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoEventParameters' + deprecated: true + description: Passed in as parameters to each integration execution. + userGeneratedExecutionId: + description: >- + Optional. This is a unique id provided by the method caller. If + provided this will be used as the execution_id when a new execution + info is created. This is a string representation of a UUID. Must + have no more than 36 characters and contain only alphanumeric + characters and hyphens. type: string - format: int64 - doubleValue: - type: number - format: double - protoValue: + inputParameters: type: object + description: Optional. Input parameters used by integration execution. additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - stringArray: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoStringArray' - intArray: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoIntArray' - doubleArray: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoDoubleArray' - booleanValue: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' + GoogleCloudIntegrationsV1alphaCloudLoggingDetails: + properties: + enableCloudLogging: type: boolean - EnterpriseCrmEventbusProtoStringArray: - id: EnterpriseCrmEventbusProtoStringArray + description: >- + Optional. Status of whether Cloud Logging is enabled or not for the + integration version getting executed. + cloudLoggingSeverity: + enumDescriptions: + - Unspecified + - >- + If Severity selected is `INFO`, then all the Integration Execution + States (`IN_PROCESS`, `ON_HOLD`, `SUCCEEDED`, `SUSPENDED`, + `ERROR`, `CANCELLED`) will be sent to Cloud Logging. + - >- + If Severity selected is `ERROR`, then only the following + Integration Execution States (`ERROR`, `CANCELLED`) will be sent + to Cloud Logging. + - >- + If Severity selected is `WARNING`, then only the following + Integration Execution States (`ERROR`, `CANCELLED`) will be sent + to Cloud Logging. + type: string + enum: + - CLOUD_LOGGING_SEVERITY_UNSPECIFIED + - INFO + - ERROR + - WARNING + description: >- + Optional. Severity selected by the customer for the logs to be sent + to Cloud Logging, for the integration version getting executed. + id: GoogleCloudIntegrationsV1alphaCloudLoggingDetails + description: Cloud Logging details for execution info + type: object + GoogleCloudIntegrationsV1alphaReplaceServiceAccountRequest: type: object properties: - values: - type: array - items: - type: string - EnterpriseCrmEventbusProtoIntArray: - id: EnterpriseCrmEventbusProtoIntArray + runAsServiceAccount: + type: string + description: 'Required. REQUIRED: Run-as service account to be updated' + id: GoogleCloudIntegrationsV1alphaReplaceServiceAccountRequest + description: Request for the ReplaceServiceAccount rpc + GoogleCloudConnectorsV1AuthConfigUserPassword: type: object + id: GoogleCloudConnectorsV1AuthConfigUserPassword + description: Parameters to support Username and Password Authentication. properties: - values: - type: array - items: - type: string - format: int64 - EnterpriseCrmEventbusProtoDoubleArray: - id: EnterpriseCrmEventbusProtoDoubleArray + username: + description: Optional. Username. + type: string + password: + $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' + description: Optional. Secret version reference containing the password. + GoogleCloudIntegrationsV1alphaSearchTemplatesResponse: + description: Response for a request to search templates type: object properties: - values: - type: array + nextPageToken: + type: string + description: The token used to retrieve the next page results. + templates: items: - type: number - format: double - EnterpriseCrmEventbusProtoTaskAlertConfig: - id: EnterpriseCrmEventbusProtoTaskAlertConfig - description: >- - Message to be used to configure alerting in the {@code TaskConfig} - protos for tasks in an event. - type: object + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTemplate' + type: array + description: List of templates retrieved. + id: GoogleCloudIntegrationsV1alphaSearchTemplatesResponse + GoogleCloudIntegrationsV1alphaExecuteIntegrationsRequest: properties: - alertName: - description: >- - A name to identify this alert. This will be displayed in the alert - subject. If set, this name should be unique in within the scope of - the containing workflow. + executionId: + description: Optional. The id of the ON_HOLD execution to be resumed. type: string - metricType: + parameterEntries: + items: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterEntry + type: array + deprecated: true + description: >- + Optional. Parameters are a part of Event and can be used to + communicate between different tasks that are part of the same + integration execution. + triggerId: + description: >- + Required. Matched against all {@link TriggerConfig}s across all + integrations. i.e. TriggerConfig.trigger_id.equals(trigger_id). The + trigger_id is in the format of `api_trigger/TRIGGER_NAME`. type: string - enumDescriptions: - - >- - The default value. Metric type should always be set to one of the - other non-default values, otherwise it will result in an - INVALID_ARGUMENT error. - - >- - Specifies alerting on the rate of errors (potentially for a - specific set of enum values) for the enclosing TaskConfig. - - >- - Specifies alerting on the rate of warnings (potentially for a - specific set of enum values) for the enclosing TaskConfig. - Warnings use the same enum values as errors. - - >- - Specifies alerting on the number of instances for the enclosing - TaskConfig executed in the given aggregation_period. - - >- - Specifies alerting on the average duration of execution for the - enclosing task. - - >- - Specifies alerting on the duration of a particular percentile of - task executions. E.g. If 10% or more of the task executions have - durations above 5 seconds, alert. - enum: - - METRIC_TYPE_UNSPECIFIED - - TASK_ERROR_RATE - - TASK_WARNING_RATE - - TASK_RATE - - TASK_AVERAGE_DURATION - - TASK_PERCENTILE_DURATION - thresholdType: + inputParameters: + additionalProperties: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' + type: object + description: Optional. Input parameters used by integration execution. + doNotPropagateError: description: >- - The threshold type for which this alert is being configured. If - value falls below expected_min or exceeds expected_max, an alert - will be fired. + Optional. Flag to determine how to should propagate errors. If this + flag is set to be true, it will not throw an exception. Instead, it + will return a {@link ExecuteIntegrationsResponse} with an execution + id and error messages as PostWithTriggerIdExecutionException in + {@link EventParameters}. The flag is set to be false by default. + type: boolean + requestId: type: string - enumDescriptions: - - '' - - >- - Note that this field will only trigger alerts if the workflow - specifying it runs at least once in 24 hours (which is our - in-memory retention period for monarch streams). Also note that - `aggregation_period` for this alert configuration must be less - than 24 hours. - - '' - enum: - - UNSPECIFIED_THRESHOLD_TYPE - - EXPECTED_MIN - - EXPECTED_MAX - thresholdValue: description: >- - The metric value, above or below which the alert should be - triggered. + Optional. This is used to de-dup incoming request: if the duplicate + request was detected, the response from the previous execution is + returned. + parameters: $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoBaseAlertConfigThresholdValue - durationThresholdMs: + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters + deprecated: true description: >- - Should be specified only for TASK_AVERAGE_DURATION and - TASK_PERCENTILE_DURATION metrics. This member should be used to - specify what duration value the metrics should exceed for the alert - to trigger. + Optional. Passed in as parameters to each integration execution. + Redacted + type: object + description: The request for executing an integration. + id: GoogleCloudIntegrationsV1alphaExecuteIntegrationsRequest + EnterpriseCrmEventbusProtoCustomSuspensionRequest: + properties: + suspensionInfoEventParameterKey: + description: >- + In the fired event, set the SuspensionInfo message as the value for + this key. type: string - format: int64 - errorEnumList: - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumList - warningEnumList: + postToQueueWithTriggerIdRequest: + description: Request to fire an event containing the SuspensionInfo message. $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumList - aggregationPeriod: + #/components/schemas/GoogleInternalCloudCrmEventbusV3PostToQueueWithTriggerIdRequest + type: object + id: EnterpriseCrmEventbusProtoCustomSuspensionRequest + GoogleCloudIntegrationsV1alphaUnshareTemplateRequest: + id: GoogleCloudIntegrationsV1alphaUnshareTemplateRequest + type: object + description: Request to Unshare template + properties: + resourceNames: + type: array description: >- - The period over which the metric value should be aggregated and - evaluated. Format is , where integer should be a positive integer - and unit should be one of (s,m,h,d,w) meaning (second, minute, hour, - day, week). + Optional. Project name resources to unshare the template. The + project names is expected in resource format Ex: + projects/{project-number} + items: + type: string + EnterpriseCrmFrontendsEventbusProtoParameterValueType: + id: EnterpriseCrmFrontendsEventbusProtoParameterValueType + description: 'To support various types of parameter values. Next available id: 14' + type: object + properties: + stringArray: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoStringParameterArray + booleanArray: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoBooleanParameterArray + stringValue: type: string - numAggregationPeriods: - description: >- - For how many contiguous aggregation periods should the expected min - or max be violated for the alert to be fired. - type: integer - format: int32 - alertDisabled: - description: >- - Set to false by default. When set to true, the metrics are not - aggregated or pushed to Monarch for this workflow alert. - type: boolean - onlyFinalAttempt: - description: Only count final task attempts, not retries. + protoArray: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoProtoParameterArray + serializedObjectValue: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoSerializedObjectParameter + doubleArray: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoDoubleParameterArray + intArray: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoIntParameterArray + booleanValue: type: boolean - playbookUrl: - description: >- - Link to a playbook for resolving the issue that triggered this - alert. - type: string - clientId: - description: >- - Client associated with this alert configuration. Must be a client - enabled in one of the containing workflow's triggers. + doubleValue: + type: number + format: double + jsonValue: type: string - EnterpriseCrmEventbusProtoBaseAlertConfigThresholdValue: - id: EnterpriseCrmEventbusProtoBaseAlertConfigThresholdValue - description: >- - The threshold value of the metric, above or below which the alert should - be triggered. See EventAlertConfig or TaskAlertConfig for the different - alert metric types in each case. For the *RATE metrics, one or both of - these fields may be set. Zero is the default value and can be left at - that. For *PERCENTILE_DURATION metrics, one or both of these fields may - be set, and also, the duration threshold value should be specified in - the threshold_duration_ms member below. For *AVERAGE_DURATION metrics, - these fields should not be set at all. A different member, - threshold_duration_ms, must be set in the EventAlertConfig or the - TaskAlertConfig. - type: object - properties: - absolute: + intValue: type: string format: int64 - percentage: - type: integer - format: int32 - EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumList: - id: EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumList - description: List of error enums for alerts. + protoValue: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + GoogleCloudIntegrationsV1alphaExecuteTestCasesRequest: type: object + properties: {} + id: GoogleCloudIntegrationsV1alphaExecuteTestCasesRequest + description: Request for ExecuteTestCases. + GoogleCloudIntegrationsV1alphaExecutionReplayInfo: properties: - enumStrings: - type: array - items: - type: string - filterType: + originalExecutionInfoId: + type: string + description: >- + If this execution is a replay of another execution, then this field + contains the original execution id. + replayReason: + description: reason for replay type: string + replayMode: + description: Replay mode for the execution enumDescriptions: - - '' - - '' + - Default value. + - Replay the original execution from the beginning. + - Replay the execution from the first failed task. enum: - - DEFAULT_INCLUSIVE - - EXCLUSIVE - EnterpriseCrmFrontendsEventbusProtoRollbackStrategy: - id: EnterpriseCrmFrontendsEventbusProtoRollbackStrategy - description: 'Next available id: 4' - type: object - properties: - rollbackTaskImplementationClassName: - description: >- - Required. This is the name of the task that needs to be executed - upon rollback of this task. + - REPLAY_MODE_UNSPECIFIED + - REPLAY_MODE_FROM_BEGINNING + - REPLAY_MODE_POINT_OF_FAILURE type: string - parameters: - description: Optional. The customized parameters the user can pass to this task. - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters - taskNumbersToRollback: - description: >- - Required. These are the tasks numbers of the tasks whose - `rollback_strategy.rollback_task_implementation_class_name` needs to - be executed upon failure of this task. - type: array + replayedExecutionInfoIds: items: type: string - EnterpriseCrmFrontendsEventbusProtoEventParameters: - id: EnterpriseCrmFrontendsEventbusProtoEventParameters + description: >- + If this execution has been replayed, then this field contains the + execution ids of the replayed executions. + type: array description: >- - LINT.IfChange This message is used for processing and persisting (when - applicable) key value pair parameters for each event in the event bus. - Please see + Contains the details of the execution info: this includes the replay + reason and replay tree connecting executions in a parent-child + relationship + id: GoogleCloudIntegrationsV1alphaExecutionReplayInfo + type: object + GoogleCloudIntegrationsV1alphaScheduleIntegrationsResponse: + description: The response for executing an integration. + id: GoogleCloudIntegrationsV1alphaScheduleIntegrationsResponse type: object properties: - parameters: - description: >- - Parameters are a part of Event and can be used to communicate - between different tasks that are part of the same workflow - execution. + executionInfoIds: + description: The execution info id for the executed integrations. + items: + type: string type: array + EnterpriseCrmEventbusStats: + id: EnterpriseCrmEventbusStats + type: object + description: >- + Stats for the requested dimensions: QPS, duration, and error/warning + rate + properties: + dimensions: + $ref: '#/components/schemas/EnterpriseCrmEventbusStatsDimensions' + description: Dimensions that these stats have been aggregated on. + errorRate: + description: Average error rate. + type: number + format: double + qps: + type: number + format: double + description: Queries per second. + durationInSeconds: + format: double + description: Average duration in seconds. + type: number + warningRate: + description: Average warning rate. + format: double + type: number + EnterpriseCrmEventbusProtoTeardown: + properties: + teardownTaskConfigs: items: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterEntry - EnterpriseCrmEventbusProtoCoordinate: - id: EnterpriseCrmEventbusProtoCoordinate - description: Represents two-dimensional positions. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTeardownTaskConfig' + description: Required. + type: array type: object + id: EnterpriseCrmEventbusProtoTeardown + GoogleCloudIntegrationsV1alphaIntegrationVersionTemplate: + description: Define the template of IntegrationVersion. + id: GoogleCloudIntegrationsV1alphaIntegrationVersionTemplate properties: - x: - type: integer - format: int32 - 'y': - type: integer - format: int32 - EnterpriseCrmEventbusProtoSuccessPolicy: - id: EnterpriseCrmEventbusProtoSuccessPolicy + key: + description: Required. Unique Key of the IntegrationVersion. + type: string + integrationVersion: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + description: Required. Templatized version of integration. + type: object + GoogleCloudIntegrationsV1alphaEventParameter: + id: GoogleCloudIntegrationsV1alphaEventParameter description: >- - Policy that dictates the behavior for the task after it completes - successfully. + This message is used for processing and persisting (when applicable) key + value pair parameters for each event in the event bus. Next available + id: 4 type: object properties: - finalState: - description: >- - State to which the execution snapshot status will be set if the task - succeeds. + masked: + description: True if this parameter should be masked in the logs + type: boolean + key: type: string - enumDescriptions: - - '' - - >- - The default behavior, where successful tasks will be marked as - SUCCEEDED. - - >- - Sets the state to SUSPENDED after executing. This is required for - SuspensionTask; event execution will continue once the user calls - ResolveSuspensions with the event_execution_info_id and the task - number. - enum: - - UNSPECIFIED - - SUCCEEDED - - SUSPENDED - EnterpriseCrmFrontendsEventbusProtoTaskEntity: - id: EnterpriseCrmFrontendsEventbusProtoTaskEntity - description: >- - Contains a task's metadata and associated information. Next available - id: 7 - type: object - properties: - metadata: - description: Metadata inclueds the task name, author and so on. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTaskMetadata' - stats: - description: Deprecated - statistics from the Monarch query. - deprecated: true - $ref: '#/components/schemas/EnterpriseCrmEventbusStats' - paramSpecs: description: >- - Declarations for inputs/outputs for a TypedTask. This is also - associated with the METADATA mask. - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParamSpecsMessage - uiConfig: + Key is used to retrieve the corresponding parameter value. This + should be unique for a given fired event. These parameters must be + predefined in the integration definition. + value: description: >- - UI configuration for this task Also associated with the METADATA - mask. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTaskUiConfig' - taskType: - description: Defines the type of the task - type: string - enumDescriptions: - - Normal IP task - - Task is of As-Is Template type - - Task is of I/O template type with a different underlying task - enum: - - TASK - - ASIS_TEMPLATE - - IO_TEMPLATE - disabledForVpcSc: - description: True if the task has conflict with vpcsc - type: boolean - EnterpriseCrmEventbusProtoTaskMetadata: - id: EnterpriseCrmEventbusProtoTaskMetadata - description: >- - TaskMetadata are attributes that are associated to every common Task we - have. - type: object + Values for the defined keys. Each value can either be string, int, + double or any proto message. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' + GoogleCloudIntegrationsV1alphaIntegrationParameter: properties: - admins: - type: array - items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTaskMetadataAdmin' - name: - description: >- - The actual class name or the annotated name of the task. Task Author - should initialize this field with value from the getName() method of - the Task class. + searchable: + type: boolean + description: Searchable in the execution log or not. + description: type: string - descriptiveName: - description: >- - The string name to show on the task list on the Workflow editor - screen. This should be a very short, one to two words name for the - task. (e.g. "Send Mail") + description: Optional. Description of the parameter. + key: type: string - description: - description: In a few sentences, describe the purpose and usage of the task. + description: >- + Key is used to retrieve the corresponding parameter value. This + should be unique for a given fired event. These parameters must be + predefined in the integration definition. + isTransient: + description: Whether this parameter is a transient parameter. + type: boolean + producer: type: string - defaultSpec: description: >- - Contains the initial configuration of the task with default values - set. For now, The string should be compatible to an ASCII-proto - format. + The identifier of the node (TaskConfig/TriggerConfig) this parameter + was produced by, if it is a transient param or a copy of an input + param. + containsLargeData: + type: boolean + description: >- + Indicates whether this variable contains large data and need to be + uploaded to Cloud Storage. + defaultValue: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' + description: >- + Default values for the defined keys. Each value can either be + string, int, double or any proto message or a serialized object. + inputOutputType: + enumDescriptions: + - Default. + - >- + Input parameters for the integration. EventBus validates that + these parameters exist in the integrations before execution. + - >- + Output Parameters for the integration. EventBus will only return + the integration parameters tagged with OUT in the response back. + - >- + Input and Output Parameters. These can be used as both input and + output. EventBus will validate for the existence of these + parameters before execution and will also return this parameter + back in the response. + enum: + - IN_OUT_TYPE_UNSPECIFIED + - IN + - OUT + - IN_OUT + description: Specifies the input/output type for the parameter. type: string - g3DocLink: - description: URL to the associated G3 Doc for the task if available + displayName: type: string - iconLink: description: >- - URL to gstatic image icon for this task. This icon shows up on the - task list panel along with the task name in the Workflow Editor - screen. Use the 24p, 2x, gray color icon image format. - type: string - status: + The name (without prefix) to be displayed in the UI for this + parameter. E.g. if the key is "foo.bar.myName", then the name would + be "myName". + jsonSchema: description: >- - Allows author to indicate if the task is ready to use or not. If not - set, then it will default to INACTIVE. + This schema will be used to validate runtime JSON-typed values of + this parameter. + type: string + dataType: type: string + description: Type of the parameter. enumDescriptions: + - Unspecified. + - String. + - Integer. + - Double Number. + - Boolean. + - String Array. + - Integer Array. + - Double Number Array. + - Boolean Array. + - Json. + - Proto Value (Internal use only). + - Proto Array (Internal use only). + - // Non-serializable object (Internal use only). + - Proto Enum (Internal use only). + - Serialized object (Internal use only). + - Proto Enum Array (Internal use only). - >- - Default value. Actual Task Status should always be set to either - INACTIVE or ACTIVE. If none is specified at runtime, it will be - set to INACTIVE. - - Still in-progress or incomplete, and not intended for use. - - Available for use. + BYTES data types are not allowed for top-level params. They're + only meant to support protobufs with BYTES (sub)fields. + - >- + BYTES_ARRAY data types are not allowed for top-level params. + They're only meant to support protobufs with BYTES (sub)fields. enum: - - UNSPECIFIED_STATUS - - DEFAULT_INACTIVE - - ACTIVE - codeSearchLink: - description: The Code Search link to the Task Java file. - type: string - isDeprecated: - description: The deprecation status of the current task. Default value is false; + - INTEGRATION_PARAMETER_DATA_TYPE_UNSPECIFIED + - STRING_VALUE + - INT_VALUE + - DOUBLE_VALUE + - BOOLEAN_VALUE + - STRING_ARRAY + - INT_ARRAY + - DOUBLE_ARRAY + - BOOLEAN_ARRAY + - JSON_VALUE + - PROTO_VALUE + - PROTO_ARRAY + - NON_SERIALIZABLE_OBJECT + - PROTO_ENUM + - SERIALIZED_OBJECT_VALUE + - PROTO_ENUM_ARRAY + - BYTES + - BYTES_ARRAY + masked: + description: True if this parameter should be masked in the logs type: boolean - activeTaskName: + description: >- + Integration Parameter is defined in the integration config and are used + to provide information about data types of the expected parameters and + provide any default values if needed. They can also be used to add + custom attributes. These are static in nature and should not be used for + dynamic event definition. + type: object + id: GoogleCloudIntegrationsV1alphaIntegrationParameter + EnterpriseCrmFrontendsEventbusProtoParameterEntry: + properties: + key: description: >- - The new task name to replace the current task if it is deprecated. - Otherwise, it is the same as the current task name. - type: string - docMarkdown: - description: Snippet of markdown documentation to embed in the RHP for this task. + Key is used to retrieve the corresponding parameter value. This + should be unique for a given fired event. These parameters must be + predefined in the workflow definition. type: string - category: + dataType: + description: Explicitly getting the type of the parameter. type: string + enum: + - DATA_TYPE_UNSPECIFIED + - STRING_VALUE + - INT_VALUE + - DOUBLE_VALUE + - BOOLEAN_VALUE + - PROTO_VALUE + - SERIALIZED_OBJECT_VALUE + - STRING_ARRAY + - INT_ARRAY + - DOUBLE_ARRAY + - PROTO_ARRAY + - PROTO_ENUM + - BOOLEAN_ARRAY + - PROTO_ENUM_ARRAY + - BYTES + - BYTES_ARRAY + - NON_SERIALIZABLE_OBJECT + - JSON_VALUE enumDescriptions: - '' - '' - '' - '' - '' - - '' - - Internal IP tasks that should not be available in the UI. - - Tasks that are relevant to cloud systems teams and typically - - Task entities that derive from a custom task template. - - Category to show task recommendations - enum: - - UNSPECIFIED_CATEGORY - - CUSTOM - - FLOW_CONTROL - - DATA_MANIPULATION - - SCRIPTING - - CONNECTOR - - HIDDEN - - CLOUD_SYSTEMS - - CUSTOM_TASK_TEMPLATE - - TASK_RECOMMENDATIONS - system: - type: string - enumDescriptions: - '' - '' - '' @@ -3600,214 +3450,32 @@ components: - '' - '' - '' - - '' - - '' - enum: - - UNSPECIFIED_SYSTEM - - GENERIC - - BUGANIZER - - SALESFORCE - - CLOUD_SQL - - PLX - - SHEETS - - GOOGLE_GROUPS - - EMAIL - - SPANNER - - DATA_BRIDGE - defaultJsonValidationOption: - description: >- - Controls whether JSON workflow parameters are validated against - provided schemas before and/or after this task's execution. - type: string - enumDescriptions: - - >- - As per the default behavior, no validation will be run. Will not - override any option set in a Task. - - Do not run any validation against JSON schemas. - >- - Validate all potential input JSON parameters against schemas - specified in WorkflowParameters. - - >- - Validate all potential output JSON parameters against schemas - specified in WorkflowParameters. - - Perform both PRE_EXECUTION and POST_EXECUTION validations. - enum: - - UNSPECIFIED_JSON_VALIDATION_OPTION - - SKIP - - PRE_EXECUTION - - POST_EXECUTION - - PRE_POST_EXECUTION - tags: - description: >- - A set of tags that pertain to a particular task. This can be used to - improve the searchability of tasks with several names ("REST Caller" - vs. "Call REST Endpoint") or to help users find tasks based on - related words. - type: array - items: - type: string - externalCategory: - type: string - enumDescriptions: + BYTES and BYTES_ARRAY data types are not allowed for top-level + params. They're only meant to support protobufs with BYTES + (sub)fields. - '' - '' - '' - - HTTP tasks, e.g. rest api call task - - Integration services, e.g. connector task - - Customer ations, e.g. email task - - Flow control, e.g. while loop task - - Workspace tasks, e.g. list drive task - - Security, e.g. kms related tasks - - Database operation tasks, e.g. read firestore info tasks - - Analytics tasks, e.g. dataflow creattion tasks - - BYOC tasks - - BYOT tasks - - AI related tasks. - - Data manipulation related tasks, e.g. data mapping task - enum: - - UNSPECIFIED_EXTERNAL_CATEGORY - - CORE - - CONNECTORS - - EXTERNAL_HTTP - - EXTERNAL_INTEGRATION_SERVICES - - EXTERNAL_CUSTOMER_ACTIONS - - EXTERNAL_FLOW_CONTROL - - EXTERNAL_WORKSPACE - - EXTERNAL_SECURITY - - EXTERNAL_DATABASES - - EXTERNAL_ANALYTICS - - EXTERNAL_BYOC - - EXTERNAL_BYOT - - EXTERNAL_ARTIFICIAL_INTELIGENCE - - EXTERNAL_DATA_MANIPULATION - externalCategorySequence: - description: >- - Sequence with which the task in specific category to be displayed in - task discovery panel for external users. - type: integer - format: int32 - externalDocMarkdown: - description: 'DEPRECATED: Use external_doc_html.' - type: string - externalDocHtml: - description: External-facing documention embedded in the RHP for this task. - type: string - standaloneExternalDocHtml: + value: description: >- - External-facing documention for standalone IP in pantheon embedded - in the RHP for this task. Non null only if different from - external_doc_html - type: string - externalDocLink: - description: Doc link for external-facing documentation (separate from g3doc). - type: string - EnterpriseCrmEventbusProtoTaskMetadataAdmin: - id: EnterpriseCrmEventbusProtoTaskMetadataAdmin - description: >- - Admins are owners of a Task, and have all permissions on a particular - task identified by the task name. By default, Eventbus periodically - scans all task metadata and syncs (adds) any new admins defined here to - Zanzibar. + Values for the defined keys. Each value can either be string, int, + double or any proto message. + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterValueType + masked: + description: True if this parameter should be masked in the logs + type: boolean + id: EnterpriseCrmFrontendsEventbusProtoParameterEntry + description: Key-value pair of EventBus parameters. type: object - properties: - userEmail: - type: string - googleGroupEmail: - type: string - EnterpriseCrmEventbusStats: - id: EnterpriseCrmEventbusStats + EnterpriseCrmEventbusProtoParameterMap: description: >- - Stats for the requested dimensions: QPS, duration, and error/warning - rate - type: object - properties: - dimensions: - description: Dimensions that these stats have been aggregated on. - $ref: '#/components/schemas/EnterpriseCrmEventbusStatsDimensions' - qps: - description: Queries per second. - type: number - format: double - durationInSeconds: - description: Average duration in seconds. - type: number - format: double - errorRate: - description: Average error rate. - type: number - format: double - warningRate: - description: Average warning rate. - type: number - format: double - EnterpriseCrmEventbusStatsDimensions: - id: EnterpriseCrmEventbusStatsDimensions - type: object - properties: - triggerId: - description: >- - Stats have been or will be aggregated on set fields for any - semantically-meaningful combination. - type: string - clientId: - type: string - workflowName: - type: string - workflowId: - type: string - taskName: - type: string - taskNumber: - type: string - errorEnumString: - type: string - warningEnumString: - type: string - retryAttempt: - type: string - enumDescriptions: - - '' - - >- - Task has completed successfully or has depleted all retry - attempts. - - Task has failed but may be retried. - - Task has been deliberately canceled. - enum: - - UNSPECIFIED - - FINAL - - RETRYABLE - - CANCELED - enumFilterType: - description: Whether to include or exclude the enums matching the regex. - type: string - enumDescriptions: - - '' - - '' - enum: - - DEFAULT_INCLUSIVE - - EXCLUSIVE - EnterpriseCrmFrontendsEventbusProtoParamSpecsMessage: - id: EnterpriseCrmFrontendsEventbusProtoParamSpecsMessage - type: object - properties: - parameters: - type: array - items: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParamSpecEntry - EnterpriseCrmFrontendsEventbusProtoParamSpecEntry: - id: EnterpriseCrmFrontendsEventbusProtoParamSpecEntry - description: 'Key-value pair of EventBus task parameters. Next id: 13' - type: object + A generic multi-map that holds key value pairs. They keys and values can + be of any type, unless specified. + id: EnterpriseCrmEventbusProtoParameterMap properties: - key: - description: >- - Key is used to retrieve the corresponding parameter value. This - should be unique for a given task. These parameters must be - predefined in the workflow definition. - type: string - dataType: - description: The data type of the parameter. + valueType: type: string enumDescriptions: - '' @@ -3850,890 +3518,856 @@ components: - BYTES_ARRAY - NON_SERIALIZABLE_OBJECT - JSON_VALUE - protoDef: - description: Populated if this represents a proto or proto array. - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoParamSpecEntryProtoDefinition - className: - description: >- - The FQCN of the Java object this represents. A string, for example, - would be "java.lang.String". If this is "java.lang.Object", the - parameter can be of any type. - type: string - collectionElementClassName: + entries: + type: array + items: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterMapEntry' + keyType: + enum: + - DATA_TYPE_UNSPECIFIED + - STRING_VALUE + - INT_VALUE + - DOUBLE_VALUE + - BOOLEAN_VALUE + - PROTO_VALUE + - SERIALIZED_OBJECT_VALUE + - STRING_ARRAY + - INT_ARRAY + - DOUBLE_ARRAY + - PROTO_ARRAY + - PROTO_ENUM + - BOOLEAN_ARRAY + - PROTO_ENUM_ARRAY + - BYTES + - BYTES_ARRAY + - NON_SERIALIZABLE_OBJECT + - JSON_VALUE description: >- - If it is a collection of objects, this would be the FCQN of every - individual element in the collection. If this is "java.lang.Object", - the parameter is a collection of any type. - type: string - jsonSchema: - description: If the data_type is JSON_VALUE, then this will define its schema. + Option to specify key value type for all entries of the map. If + provided then field types for all entries must conform to this. + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - >- + BYTES and BYTES_ARRAY data types are not allowed for top-level + params. They're only meant to support protobufs with BYTES + (sub)fields. + - '' + - '' + - '' type: string - defaultValue: - description: >- - Default values for the defined keys. Each value can either be - string, int, double or any proto message or a serialized object. - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterValueType - isOutput: - type: boolean - config: - description: Optional fields, such as help text and other useful info. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParamSpecEntryConfig' - required: - description: If set, the user must provide an input value for this parameter. - type: boolean - isDeprecated: - description: >- - If set, this entry is deprecated, so further use of this parameter - should be prohibited. - type: boolean - validationRule: - description: >- - Rule used to validate inputs (individual values and collection - elements) for this parameter. - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoParamSpecEntryValidationRule - EnterpriseCrmEventbusProtoParamSpecEntryProtoDefinition: - id: EnterpriseCrmEventbusProtoParamSpecEntryProtoDefinition + type: object + EnterpriseCrmEventbusProtoDoubleParameterArray: + id: EnterpriseCrmEventbusProtoDoubleParameterArray type: object properties: - path: - description: Path to the proto file that contains the message type's definition. - type: string - fullName: - description: >- - The fully-qualified proto name. This message, for example, would be - "enterprise.crm.eventbus.proto.ParamSpecEntry.ProtoDefinition". - type: string - EnterpriseCrmEventbusProtoParamSpecEntryConfig: - id: EnterpriseCrmEventbusProtoParamSpecEntryConfig + doubleValues: + items: + type: number + format: double + type: array + GoogleCloudIntegrationsV1alphaPublishIntegrationVersionResponse: + id: GoogleCloudIntegrationsV1alphaPublishIntegrationVersionResponse type: object + properties: {} + description: Response for PublishIntegrationVersion. + GoogleCloudIntegrationsV1alphaDoubleParameterArray: + description: This message only contains a field of double number array. properties: - descriptivePhrase: - description: A short phrase to describe what this parameter contains. + doubleValues: + items: + format: double + type: number + type: array + description: Double number array. + id: GoogleCloudIntegrationsV1alphaDoubleParameterArray + type: object + EnterpriseCrmEventbusProtoParameterMapField: + description: Field represents either the key or value in an entry. + id: EnterpriseCrmEventbusProtoParameterMapField + type: object + properties: + referenceKey: + description: Referencing one of the WF variables. type: string - label: - description: A user-friendly label for the parameter. + literalValue: + description: Passing a literal value. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterValueType' + GoogleCloudIntegrationsV1alphaOAuth2ResourceOwnerCredentials: + id: GoogleCloudIntegrationsV1alphaOAuth2ResourceOwnerCredentials + description: >- + For resource owner credentials grant, the client will ask the user for + their authorization credentials (ususally a username and password) and + send a POST request to the authorization server. The authorization + server will respond with a JSON object containing the access token. + properties: + username: type: string - helpText: - description: >- - Detailed help text for this parameter containing information not - provided elsewhere. For example, instructions on how to migrate from - a deprecated parameter. + description: The user's username. + clientSecret: + type: string + description: The client's secret. + scope: + type: string + description: A space-delimited list of requested scope permissions. + requestType: + enum: + - REQUEST_TYPE_UNSPECIFIED + - REQUEST_BODY + - QUERY_PARAMETERS + - ENCODED_HEADER + enumDescriptions: + - Unspecified request type + - To pass all the parameters in post body. + - To pass all the parameters as a part of query parameter. + - >- + To pass client id and client secret as base 64 encoding of + client_id:client_password and rest parameters in post body. + type: string + description: Represent how to pass parameters to fetch access token + tokenEndpoint: type: string - uiPlaceholderText: description: >- - Placeholder text which will appear in the UI input form for this - parameter. + The token endpoint is used by the client to obtain an access token + by presenting its authorization grant or refresh token. + clientId: + description: The client's ID. type: string - inputDisplayOption: + accessToken: + description: Access token fetched from the authorization server. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAccessToken' + password: + description: The user's password. type: string + tokenParams: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaParameterMap' + description: Token parameters for the auth request. + type: object + EnterpriseCrmEventbusProtoField: + description: Information about the value and type of the field. + properties: + fieldType: + description: Specifies the data type of the field. enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' - >- - A single-line input for strings, a numeric input box for numbers, - or a checkbox for booleans. - - A multi-line input box for longer strings/string templates. - - >- - A slider to select a numerical value. The default range is [0, - 100]. - - A toggle button for boolean parameters. + BYTES and BYTES_ARRAY data types are not allowed for top-level + params. They're only meant to support protobufs with BYTES + (sub)fields. + - '' + - '' + - '' + type: string enum: - - DEFAULT - - STRING_MULTI_LINE - - NUMBER_SLIDER - - BOOLEAN_TOGGLE - subSectionLabel: + - DATA_TYPE_UNSPECIFIED + - STRING_VALUE + - INT_VALUE + - DOUBLE_VALUE + - BOOLEAN_VALUE + - PROTO_VALUE + - SERIALIZED_OBJECT_VALUE + - STRING_ARRAY + - INT_ARRAY + - DOUBLE_ARRAY + - PROTO_ARRAY + - PROTO_ENUM + - BOOLEAN_ARRAY + - PROTO_ENUM_ARRAY + - BYTES + - BYTES_ARRAY + - NON_SERIALIZABLE_OBJECT + - JSON_VALUE + protoDefPath: description: >- - A user-friendly label for subSection under which the parameter will - be displayed. + Optional. The fully qualified proto name (e.g. + enterprise.crm.storage.Account). Required for output field of type + PROTO_VALUE or PROTO_ARRAY. For e.g., if input field_type is BYTES + and output field_type is PROTO_VALUE, then fully qualified proto + type url should be provided to parse the input bytes. If field_type + is *_ARRAY, then all the converted protos are of the same type. type: string - parameterNameOption: + defaultValue: + description: >- + This holds the default values for the fields. This value is supplied + by user so may or may not contain PII or SPII data. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterValueType' + referenceKey: + type: string + description: >- + This holds the reference key of the workflow or task parameter. 1. + Any workflow parameter, for e.g. $workflowParam1$. 2. Any task input + or output parameter, for e.g. $task1_param1$. 3. Any workflow or + task parameters with subfield references, for e.g., + $task1_param1.employee.id$ + transformExpression: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTransformExpression' + description: >- + This is the transform expression to fetch the input field value. for + e.g. $param1$.CONCAT('test'). Keep points - 1. Only input field can + have a transform expression. 2. If a transform expression is + provided, reference_key will be ignored. 3. If no value is returned + after evaluation of transform expression, default_value can be + mapped if provided. 4. The field_type should be the type of the + final object returned after the transform expression is evaluated. + Scrubs the transform expression before logging as value provided by + user so may or may not contain PII or SPII data. + cardinality: + enum: + - UNSPECIFIED + - OPTIONAL + description: >- + By default, if the cardinality is unspecified the field is + considered required while mapping. type: string enumDescriptions: - - This field is not a parameter name. + - For fields with unspecified cardinality. - >- - If this field is a string and this option is selected, the field - will be interpreted as a parameter name. Users will be able to - choose a variable using the autocomplete, but the name will be - stored as a literal string. - - >- - If this field is a ParameterMap and this option is selected, the - map's keys will be interpreted as parameter names. Ignored if this - field is not a ParameterMap. - - >- - If this field is a ParameterMap and this option is selected, the - map's values will be interpreted as parameter names. Ignored if - this field is not a ParameterMap. - enum: - - DEFAULT_NOT_PARAMETER_NAME - - IS_PARAMETER_NAME - - KEY_IS_PARAMETER_NAME - - VALUE_IS_PARAMETER_NAME - isHidden: - description: Whether this field is hidden in the UI. - type: boolean - hideDefaultValue: - description: Whether the default value is hidden in the UI. - type: boolean - EnterpriseCrmEventbusProtoParamSpecEntryValidationRule: - id: EnterpriseCrmEventbusProtoParamSpecEntryValidationRule + If field cardinality is set to optional, ignore errors if input + field value is null or the reference_key is not found. type: object - properties: - intRange: - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleIntRange - doubleRange: - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleDoubleRange - stringRegex: - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleStringRegex - EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleIntRange: - id: EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleIntRange - description: Range used to validate longs and ints. + id: EnterpriseCrmEventbusProtoField + GoogleCloudIntegrationsV1alphaTakeoverTestCaseEditLockRequest: + description: Request for TakeoverTestCaseEditLock. + id: GoogleCloudIntegrationsV1alphaTakeoverTestCaseEditLockRequest + type: object + properties: {} + GoogleCloudIntegrationsV1alphaPublishIntegrationVersionRequest: + description: Request for PublishIntegrationVersion. type: object + id: GoogleCloudIntegrationsV1alphaPublishIntegrationVersionRequest properties: - min: - description: The inclusive minimum of the acceptable range. + configParameters: + description: Optional. Config parameters used during integration execution. + additionalProperties: + description: Properties of the object. + type: any + type: object + EnterpriseCrmEventbusProtoParameterValueType: + description: >- + LINT.IfChange To support various types of parameter values. Next + available id: 14 + properties: + doubleArray: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoDoubleParameterArray' + intArray: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoIntParameterArray' + serializedObjectValue: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoSerializedObjectParameter + booleanValue: + type: boolean + booleanArray: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoBooleanParameterArray' + protoArray: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoProtoParameterArray' + stringValue: type: string + stringArray: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoStringParameterArray' + protoValue: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + doubleValue: + type: number + format: double + intValue: format: int64 - max: - description: The inclusive maximum of the acceptable range. type: string - format: int64 - EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleDoubleRange: - id: EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleDoubleRange - description: Range used to validate doubles and floats. + id: EnterpriseCrmEventbusProtoParameterValueType type: object + GoogleCloudIntegrationsV1alphaDownloadTestCaseResponse: properties: - min: - description: The inclusive minimum of the acceptable range. - type: number - format: double - max: - description: The inclusive maximum of the acceptable range. - type: number - format: double - EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleStringRegex: - id: EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleStringRegex - description: Rule used to validate strings. + content: + description: String representation of the test case. + type: string + id: GoogleCloudIntegrationsV1alphaDownloadTestCaseResponse + description: Response for DownloadTestCase. type: object + EnterpriseCrmFrontendsEventbusProtoEventExecutionInfoReplayInfo: properties: - regex: - description: The regex applied to the input value(s). + replayReason: + description: reason for replay + type: string + replayMode: + enum: + - REPLAY_MODE_UNSPECIFIED + - REPLAY_MODE_FROM_BEGINNING + - REPLAY_MODE_POINT_OF_FAILURE + type: string + description: Replay mode for the execution + enumDescriptions: + - '' + - Replay the original execution from the beginning. + - Replay the execution from the first failed task. + originalExecutionInfoId: type: string - exclusive: description: >- - Whether the regex matcher is applied exclusively (if true, matching - values will be rejected). - type: boolean - EnterpriseCrmEventbusProtoTaskUiConfig: - id: EnterpriseCrmEventbusProtoTaskUiConfig + If this execution is a replay of another execution, then this field + contains the original execution id. + replayedExecutionInfoIds: + type: array + description: >- + If this execution has been replayed, then this field contains the + execution ids of the replayed executions. + items: + type: string description: >- - Task authors would use this type to configure the UI for a particular - task by specifying what UI config modules should be included to compose - the UI. Learn more about config module framework: + Contains the details of the execution info: this includes the replay + reason and replay tree connecting executions in a parent-child + relationship + type: object + id: EnterpriseCrmFrontendsEventbusProtoEventExecutionInfoReplayInfo + EnterpriseCrmFrontendsEventbusProtoProtoParameterArray: type: object properties: - taskUiModuleConfigs: - description: Configurations of included config modules. - type: array + protoValues: items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTaskUiModuleConfig' - EnterpriseCrmEventbusProtoTaskUiModuleConfig: - id: EnterpriseCrmEventbusProtoTaskUiModuleConfig - description: Task author would use this type to configure a config module. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: array + id: EnterpriseCrmFrontendsEventbusProtoProtoParameterArray + GoogleCloudIntegrationsV1alphaCancelExecutionRequest: + id: GoogleCloudIntegrationsV1alphaCancelExecutionRequest + description: Request for cancelling an execution. type: object properties: - moduleId: - description: ID of the config module. + cancelReason: type: string - enumDescriptions: - - Default - - Supports editing label of a task config. - - Supports editing error handling settings such as retry strategy. - - >- - Supports adding, removing and editing task parameter values in a - table with little assistance or restriction. - - >- - Supports editing values of declared input parameters of a task. - Think of it as a "strongly typed" upgrade to the TASK_PARAM_TABLE. - - Supports editing preconditions of a task config. - - >- - Supports adding, editing, and deleting the scripts associated with - a script task, as well as modifying the input/output parameters. - - >- - Supports editing task parameters associated with an RPC/stubby - task. - - >- - Contains readonly task information, including input/output type - info. - - Configures a SuspensionTask. - - Configures a GenericStubbyTypedTask. - - Configures a SubWorkflowExecutorTask. - - Supports navigating to Apps Script editor - - Configures a SubWorkflowForEachLoopTask. - - Configures a FieldMappingTask. - - Contains embedded in-product documentation for a task. - - UI widget for the rest caller task. - - Configures a SubWorkflowScatterGatherTask. - - Configures a CloudSql Task. - - Configure a GenericConnectorTask. - enum: - - UNSPECIFIED_TASK_MODULE - - LABEL - - ERROR_HANDLING - - TASK_PARAM_TABLE - - TASK_PARAM_FORM - - PRECONDITION - - SCRIPT_EDITOR - - RPC - - TASK_SUMMARY - - SUSPENSION - - RPC_TYPED - - SUB_WORKFLOW - - APPS_SCRIPT_NAVIGATOR - - SUB_WORKFLOW_FOR_EACH_LOOP - - FIELD_MAPPING - - README - - REST_CALLER - - SUB_WORKFLOW_SCATTER_GATHER - - CLOUD_SQL - - GENERIC_CONNECTOR_TASK - GoogleCloudIntegrationsV1alphaTaskConfig: - id: GoogleCloudIntegrationsV1alphaTaskConfig - description: >- - The task configuration details. This is not the implementation of Task. - There might be multiple TaskConfigs for the same Task. + description: >- + Required. Reason for cancelling the execution. This is provided by + the client requesting the cancellation, and is not used by the + Platform. + GoogleCloudIntegrationsV1alphaExecutionSnapshotExecutionSnapshotMetadata: type: object + description: Metadata of the execution snapshot. + id: GoogleCloudIntegrationsV1alphaExecutionSnapshotExecutionSnapshotMetadata properties: - task: - description: Optional. The name for the task. + taskLabel: + description: the task label associated with this snapshot. Could be empty. type: string - taskId: + taskAttempt: + type: integer + format: int32 + description: the task attempt number this snapshot belongs to. + integrationName: description: >- - Required. The identifier of this task within its parent event - config, specified by the client. This should be unique among all the - tasks belong to the same event config. We use this field as the - identifier to find next tasks (via field `next_tasks.task_id`). + The direct integration which the event execution snapshots belongs + to type: string - parameters: - description: Optional. The customized parameters the user can pass to this task. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaEventParameter' - failurePolicy: - description: >- - Optional. Determines the number of times the task will be retried on - failure and with what retry strategy. This is applicable for - asynchronous calls to Eventbus alone (Post To Queue, Schedule etc.). - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaFailurePolicy' - synchronousCallFailurePolicy: - description: >- - Optional. Determines the number of times the task will be retried on - failure and with what retry strategy. This is applicable for - synchronous calls to Eventbus alone (Post). - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaFailurePolicy' - conditionalFailurePolicies: + executionAttempt: + type: integer + description: the execution attempt number this snapshot belongs to. + format: int32 + ancestorTaskNumbers: + items: + type: string description: >- - Optional. The list of conditional failure policies that will be - applied to the task in order. - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaConditionalFailurePolicies - nextTasks: + Ancestor task number for the task(it will only be non-empty if the + task is under 'private workflow') + type: array + task: + description: the task name associated with this snapshot. + type: string + taskNumber: + description: The task number associated with this snapshot. + type: string + ancestorIterationNumbers: description: >- - Optional. The set of tasks that are next in line to be executed as - per the execution graph defined for the parent event, specified by - `event_config_id`. Each of these next tasks are executed only if the - condition associated with them evaluates to true. + Ancestor iteration number for the task(it will only be non-empty if + the task is under 'private workflow') + items: + type: string + type: array + GoogleCloudIntegrationsV1alphaIntegrationVersion: + properties: + integrationParameters: type: array items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaNextTask' - nextTasksExecutionPolicy: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationParameter description: >- - Optional. The policy dictating the execution of the next set of - tasks for the current task. + Optional. Parameters that are expected to be passed to the + integration when an event is triggered. This consists of all the + parameters that are expected in the integration execution. This + gives the user the ability to provide default values, add + information like PII and also provide data types of each parameter. + name: + readOnly: true type: string - enumDescriptions: - - Default. - - Execute all the tasks that satisfy their associated condition. - - Execute the first task that satisfies the associated condition. - enum: - - NEXT_TASKS_EXECUTION_POLICY_UNSPECIFIED - - RUN_ALL_MATCH - - RUN_FIRST_MATCH - taskExecutionStrategy: - description: Optional. The policy dictating the execution strategy of this task. + description: Output only. Auto-generated primary key. + databasePersistencePolicy: + description: >- + Optional. Flag to disable database persistence for execution data, + including event execution info, execution export info, execution + metadata index and execution param index. type: string - enumDescriptions: - - >- - Default. If the strategy is not set explicitly, it will default to - `WHEN_ALL_SUCCEED`. - - >- - Wait until all of its previous tasks finished execution, then - verify at least one of the edge conditions is met, and execute if - possible. This should be considered as WHEN_ALL_TASKS_SUCCEED. - - >- - Start execution as long as any of its previous tasks finished - execution and the corresponding edge condition is met (since we - will execute if only that succeeding edge condition is met). - - >- - Wait until all of its previous tasks finished execution, then - verify the all edge conditions are met and execute if possible. enum: - - TASK_EXECUTION_STRATEGY_UNSPECIFIED - - WHEN_ALL_SUCCEED - - WHEN_ANY_SUCCEED - - WHEN_ALL_TASKS_AND_CONDITIONS_SUCCEED - displayName: + - DATABASE_PERSISTENCE_POLICY_UNSPECIFIED + - DATABASE_PERSISTENCE_DISABLED + - DATABASE_PERSISTENCE_ASYNC + enumDescriptions: + - Enables persistence for all execution data. + - Disables persistence for all execution data. + - Asynchronously persist all execution data. + triggerConfigsInternal: + type: array + deprecated: true + items: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoTriggerConfig + description: Optional. Trigger configurations. + cloudLoggingDetails: + description: Optional. Cloud Logging details for the integration version + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaCloudLoggingDetails + userLabel: description: >- - Optional. User-provided label that is attached to this TaskConfig in - the UI. + Optional. A user-defined label that annotates an integration + version. Typically, this is only set when the integration version is + created. type: string - successPolicy: - description: >- - Optional. Determines what action to take upon successful task - completion. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSuccessPolicy' - jsonValidationOption: + parentTemplateId: description: >- - Optional. If set, overrides the option configured in the Task - implementation class. + Optional. The id of the template which was used to create this + integration_version. type: string - enumDescriptions: - - >- - As per the default behavior, no validation will be run. Will not - override any option set in a Task. - - Do not run any validation against JSON schemas. - - >- - Validate all potential input JSON parameters against schemas - specified in IntegrationParameter. - - >- - Validate all potential output JSON parameters against schemas - specified in IntegrationParameter. - - Perform both PRE_EXECUTION and POST_EXECUTION validations. - enum: - - JSON_VALIDATION_OPTION_UNSPECIFIED - - SKIP - - PRE_EXECUTION - - POST_EXECUTION - - PRE_POST_EXECUTION - description: + taskConfigs: description: >- - Optional. User-provided description intended to give additional - business context about the task. - type: string - taskTemplate: + Optional. Task configuration for the integration. It's optional, but + the integration doesn't do anything without task_configs. + items: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTaskConfig' + type: array + lastModifierEmail: description: >- - Optional. Used to define task-template name if task is of type - task-template + Optional. The last modifier's email address. Generated based on the + End User Credentials/LOAS role of the user making the call. + type: string + cloudKmsKey: + type: string + description: Optional. Cloud KMS resource name for the CMEK encryption key. + runAsServiceAccount: type: string - errorCatcherId: description: >- - Optional. Optional Error catcher id of the error catch flow which - will be executed when execution error happens in the task + Optional. The run-as service account email, if set and auth config + is not configured, that will be used to generate auth token to be + used in Connector task, Rest caller task and Cloud function task. + snapshotNumber: + readOnly: true + format: int64 + description: >- + Output only. An increasing sequence that is set when a new snapshot + is created. The last created snapshot can be identified by + [workflow_name, org_id latest(snapshot_number)]. However, last + created snapshot need not be same as the HEAD. So users should + always use "HEAD" tag to identify the head. type: string - externalTaskType: - description: Optional. External task type of the task + lockHolder: type: string - enumDescriptions: - - Default value. External task type is not specified - - Tasks belongs to the normal task flows - - Task belongs to the error catch task flows - enum: - - EXTERNAL_TASK_TYPE_UNSPECIFIED - - NORMAL_TASK - - ERROR_TASK - position: description: >- - Optional. Informs the front-end application where to draw this error - catcher config on the UI. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCoordinate' - GoogleCloudIntegrationsV1alphaEventParameter: - id: GoogleCloudIntegrationsV1alphaEventParameter - description: >- - This message is used for processing and persisting (when applicable) key - value pair parameters for each event in the event bus. Next available - id: 4 - type: object - properties: - key: + Optional. The edit lock holder's email address. Generated based on + the End User Credentials/LOAS role of the user making the call. + createdFromTemplate: description: >- - Key is used to retrieve the corresponding parameter value. This - should be unique for a given fired event. These parameters must be - predefined in the integration definition. + Optional. Optional. The resource name of the template from which the + integration is created. type: string - value: + teardown: description: >- - Values for the defined keys. Each value can either be string, int, - double or any proto message. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' - masked: - description: True if this parameter should be masked in the logs - type: boolean - GoogleCloudIntegrationsV1alphaFailurePolicy: - id: GoogleCloudIntegrationsV1alphaFailurePolicy - description: >- - Policy that defines the task retry logic and failure type. If no - FailurePolicy is defined for a task, all its dependent tasks will not be - executed (i.e, a `retry_strategy` of NONE will be applied). - type: object - properties: - retryStrategy: - description: Defines what happens to the task upon failure. + Optional. Contains a graph of tasks that will be executed before + putting the event in a terminal state (SUCCEEDED/FAILED/FATAL), + regardless of success or failure, similar to "finally" in code. + deprecated: true + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTeardown' + integrationConfigParameters: + type: array + description: >- + Optional. Config Parameters that are expected to be passed to the + integration when an integration is published. This consists of all + the parameters that are expected to provide configuration in the + integration execution. This gives the user the ability to provide + default values, value, add information like connection url, project + based configuration value and also provide data types of each + parameter. + items: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationConfigParameter + createTime: + description: Output only. Auto-generated. + format: google-datetime type: string + readOnly: true + description: + description: Optional. The integration description. + type: string + integrationParametersInternal: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoWorkflowParameters + deprecated: true + description: >- + Optional. Parameters that are expected to be passed to the + integration when an event is triggered. This consists of all the + parameters that are expected in the integration execution. This + gives the user the ability to provide default values, add + information like PII and also provide data types of each parameter. + triggerConfigs: + type: array + items: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTriggerConfig' + description: Optional. Trigger configurations. + enableVariableMasking: + description: >- + Optional. True if variable masking feature should be turned on for + this version + type: boolean + status: + enum: + - UNKNOWN + - DRAFT + - ACTIVE + - ARCHIVED + - SNAPSHOT + type: string + readOnly: true + description: >- + Output only. Generated by eventbus. User should not set it as an + input. + deprecated: true enumDescriptions: - - UNSPECIFIED. - - >- - Ignores the failure of this task. The rest of the integration will - be executed Assuming this task succeeded. - - >- - Causes a permanent failure of the task. However, if the last - task(s) of event was successfully completed despite the failure of - this task, it has no impact on the integration. - - >- - Causes a permanent failure of the event. It is different from NONE - because this will mark the event as FAILED by shutting down the - event execution. - - >- - The task will be retried from the failed task onwards after a - fixed delay. A max-retry count is required to be specified with - this strategy. A jitter is added to each exponential interval so - that concurrently failing tasks of the same type do not end up - retrying after the exact same exponential interval. max_retries - and interval_in_seconds must be specified. - - >- - The task will be retried from the failed task onwards after a - fixed delay that linearly increases with each retry attempt. A - jitter is added to each exponential interval so that concurrently - failing tasks of the same type do not end up retrying after the - exact same exponential interval. A max-retry count is required to - be specified with this strategy. max_retries and - interval_in_seconds must be specified. + - '' + - '' + - '' + - '' + - '' + origin: + enumDescriptions: + - '' + - Workflow is being created via event bus UI. - >- - The task will be retried after an exponentially increasing period - of time with each failure. A jitter is added to each exponential - interval so that concurrently failing tasks of the same type do - not end up retrying after the exact same exponential interval. A - max-retry count is required to be specified with this strategy. - `max_retries` and `interval_in_seconds` must be specified. + User checked in this workflow in Piper as v2 textproto format and + we synced it into spanner. - >- - The entire integration will be restarted with the initial - parameters that were set when the event was fired. A max-retry - count is required to be specified with this strategy. - `max_retries` and `interval_in_seconds` must be specified. - enum: - - RETRY_STRATEGY_UNSPECIFIED - - IGNORE - - NONE - - FATAL - - FIXED_INTERVAL - - LINEAR_BACKOFF - - EXPONENTIAL_BACKOFF - - RESTART_INTEGRATION_WITH_BACKOFF - maxRetries: - description: >- - Required if retry_strategy is FIXED_INTERVAL or - LINEAR/EXPONENTIAL_BACKOFF/RESTART_INTEGRATION_WITH_BACKOFF. Defines - the number of times the task will be retried if failed. - type: integer - format: int32 - intervalTime: - description: >- - Required if retry_strategy is FIXED_INTERVAL or - LINEAR/EXPONENTIAL_BACKOFF/RESTART_INTEGRATION_WITH_BACKOFF. Defines - the initial interval in seconds for backoff. + User checked in this workflow in piper as v3 textproto format and + we synced it into spanner. + - Workflow is being created via Standalone IP Provisioning + - Workflow is being created via Test Case. type: string - format: google-datetime - condition: description: >- - Optional. The string condition that will be evaluated to determine - if the task should be retried with this failure policy. + Optional. The origin that indicates where this integration is coming + from. + enumDeprecated: + - false + - false + - true + - false + - false + - false + deprecated: true + enum: + - UNSPECIFIED + - UI + - PIPER_V2 + - PIPER_V3 + - APPLICATION_IP_PROVISIONING + - TEST_CASE + state: + description: Output only. User should not set it as an input. type: string - GoogleCloudIntegrationsV1alphaConditionalFailurePolicies: - id: GoogleCloudIntegrationsV1alphaConditionalFailurePolicies - description: Conditional task failur retry strategies - type: object - properties: - failurePolicies: + readOnly: true + enumDescriptions: + - Default. + - Draft. + - Active. + - Archived. + - Snapshot. + enum: + - INTEGRATION_STATE_UNSPECIFIED + - DRAFT + - ACTIVE + - ARCHIVED + - SNAPSHOT + updateTime: + description: Output only. Auto-generated. + type: string + format: google-datetime + readOnly: true + errorCatcherConfigs: + items: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaErrorCatcherConfig description: >- - The list of failure policies that will be applied to the task in - order. + Optional. Error Catch Task configuration for the integration. It's + optional. type: array - items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaFailurePolicy' - defaultFailurePolicy: + taskConfigsInternal: description: >- - The default failure policy to be applied if no conditional failure - policy matches. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaFailurePolicy' - GoogleCloudIntegrationsV1alphaNextTask: - id: GoogleCloudIntegrationsV1alphaNextTask - description: >- - The task that is next in line to be executed, if the condition specified - evaluated to true. + Optional. Task configuration for the integration. It's optional, but + the integration doesn't do anything without task_configs. + items: + $ref: '#/components/schemas/EnterpriseCrmFrontendsEventbusProtoTaskConfig' + type: array + deprecated: true + description: The integration version definition. type: object + id: GoogleCloudIntegrationsV1alphaIntegrationVersion + GoogleCloudIntegrationsV1alphaCreateCloudFunctionRequest: + type: object + description: Request for Creating Cloud Function rpc call. properties: - taskConfigId: - description: ID of the next task. + functionRegion: + description: The function region of CF to be created type: string - taskId: - description: Task number of the next task. + gcfApiVersion: + description: Optional. The api version of CF to be created + enumDescriptions: + - Unspecified. + - V1 API version. + - V2 API version. + enum: + - GCF_API_VERSION_UNSPECIFIED + - API_VERSION_V1 + - API_VERSION_V2 type: string - condition: - description: >- - Standard filter expression for this task to become an eligible next - task. + functionName: type: string - displayName: - description: User-provided label that is attached to this edge in the UI. + description: The function name of CF to be created + projectId: type: string - description: description: >- - User-provided description intended to give additional business - context about the task. - type: string - GoogleCloudIntegrationsV1alphaSuccessPolicy: - id: GoogleCloudIntegrationsV1alphaSuccessPolicy - description: >- - Policy that dictates the behavior for the task after it completes - successfully. + Indicates the id of the GCP project that the function will be + created in. + id: GoogleCloudIntegrationsV1alphaCreateCloudFunctionRequest + GoogleCloudIntegrationsV1alphaLinkAppsScriptProjectRequest: type: object + description: Request for LinkAppsScriptProject rpc call. properties: - finalState: - description: >- - State to which the execution snapshot status will be set if the task - succeeds. + scriptId: type: string + description: The id of the Apps Script project to be linked. + id: GoogleCloudIntegrationsV1alphaLinkAppsScriptProjectRequest + EnterpriseCrmEventbusProtoParamSpecEntryConfig: + type: object + id: EnterpriseCrmEventbusProtoParamSpecEntryConfig + properties: + isHidden: + type: boolean + description: Whether this field is hidden in the UI. + parameterNameOption: + enum: + - DEFAULT_NOT_PARAMETER_NAME + - IS_PARAMETER_NAME + - KEY_IS_PARAMETER_NAME + - VALUE_IS_PARAMETER_NAME enumDescriptions: - - UNSPECIFIED. + - This field is not a parameter name. - >- - The default behavior, where successful tasks will be marked as - SUCCEEDED. + If this field is a string and this option is selected, the field + will be interpreted as a parameter name. Users will be able to + choose a variable using the autocomplete, but the name will be + stored as a literal string. - >- - Sets the state to SUSPENDED after executing. This is required for - SuspensionTask; event execution will continue once the user calls - ResolveSuspensions with the event_execution_info_id and the task - number. - enum: - - FINAL_STATE_UNSPECIFIED - - SUCCEEDED - - SUSPENDED - GoogleCloudIntegrationsV1alphaCoordinate: - id: GoogleCloudIntegrationsV1alphaCoordinate - description: Configuration detail of coordinate, it used for UI - type: object - properties: - x: - description: Required. X axis of the coordinate - type: integer - format: int32 - 'y': - description: Required. Y axis of the coordinate - type: integer - format: int32 - EnterpriseCrmFrontendsEventbusProtoTriggerConfig: - id: EnterpriseCrmFrontendsEventbusProtoTriggerConfig - description: 'Configuration detail of a trigger. Next available id: 22' - type: object - properties: - label: - description: The user created label for a particular trigger. + If this field is a ParameterMap and this option is selected, the + map's keys will be interpreted as parameter names. Ignored if this + field is not a ParameterMap. + - >- + If this field is a ParameterMap and this option is selected, the + map's values will be interpreted as parameter names. Ignored if + this field is not a ParameterMap. type: string - startTasks: - description: >- - Set of tasks numbers from where the workflow execution is started by - this trigger. If this is empty, then workflow is executed with - default start tasks. In the list of start tasks, none of two tasks - can have direct ancestor-descendant relationships (i.e. in a same - workflow execution graph). - type: array - items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoNextTask' - properties: - description: >- - Configurable properties of the trigger, not to be confused with - workflow parameters. E.g. "name" is a property for API triggers and - "subscription" is a property for Cloud Pubsub triggers. - type: object - additionalProperties: - type: string - triggerType: + inputDisplayOption: type: string enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' + - >- + A single-line input for strings, a numeric input box for numbers, + or a checkbox for booleans. + - A multi-line input box for longer strings/string templates. + - >- + A slider to select a numerical value. The default range is [0, + 100]. + - A toggle button for boolean parameters. enum: - - UNKNOWN - - CLOUD_PUBSUB - - GOOPS - - SFDC_SYNC - - CRON - - API - - MANIFOLD_TRIGGER - - DATALAYER_DATA_CHANGE - - SFDC_CHANNEL - - CLOUD_PUBSUB_EXTERNAL - - SFDC_CDC_CHANNEL - - SFDC_PLATFORM_EVENTS_CHANNEL - - CLOUD_SCHEDULER - - INTEGRATION_CONNECTOR_TRIGGER - - PRIVATE_TRIGGER - - EVENTARC_TRIGGER - position: - description: >- - Optional. Informs the front-end application where to draw this - trigger config on the UI. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoCoordinate' - triggerNumber: - description: >- - Required. A number to uniquely identify each trigger config within - the workflow on UI. + - DEFAULT + - STRING_MULTI_LINE + - NUMBER_SLIDER + - BOOLEAN_TOGGLE + label: + description: A user-friendly label for the parameter. type: string - alertConfig: + subSectionLabel: description: >- - An alert threshold configuration for the [trigger + client + - workflow] tuple. If these values are not specified in the trigger - config, default values will be populated by the system. Note that - there must be exactly one alert threshold configured per [client + - trigger + workflow] when published. - type: array - items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoWorkflowAlertConfig' - nextTasksExecutionPolicy: - description: Dictates how next tasks will be executed. + A user-friendly label for subSection under which the parameter will + be displayed. type: string - enumDescriptions: - - Default - - Execute all the tasks that satisfy their associated condition. - - Execute the first task that satisfies the associated condition. - enum: - - UNSPECIFIED - - RUN_ALL_MATCH - - RUN_FIRST_MATCH - enabledClients: - description: >- - Required. The list of client ids which are enabled to execute the - workflow using this trigger. In other words, these clients have the - workflow execution privledges for this trigger. For API trigger, the - client id in the incoming request is validated against the list of - enabled clients. For non-API triggers, one workflow execution is - triggered on behalf of each enabled client. - type: array - items: - type: string - pauseWorkflowExecutions: - description: >- - Optional. If set to true, any upcoming requests for this trigger - config will be paused and the executions will be resumed later when - the flag is reset. The workflow to which this trigger config belongs - has to be in ACTIVE status for the executions to be paused or - resumed. - type: boolean - triggerCriteria: + helpText: description: >- - Optional. When set, Eventbus will run the task specified in the - trigger_criteria and validate the result using the - trigger_criteria.condition, and only execute the workflow when - result is true. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTriggerCriteria' - triggerId: - description: The backend trigger ID. + Detailed help text for this parameter containing information not + provided elsewhere. For example, instructions on how to migrate from + a deprecated parameter. type: string - description: - description: >- - User-provided description intended to give more business context - about the task. + descriptivePhrase: type: string - cloudSchedulerConfig: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoCloudSchedulerConfig' - errorCatcherId: + description: A short phrase to describe what this parameter contains. + uiPlaceholderText: description: >- - Optional Error catcher id of the error catch flow which will be - executed when execution error happens in the task + Placeholder text which will appear in the UI input form for this + parameter. type: string - triggerName: + hideDefaultValue: + description: Whether the default value is hidden in the UI. + type: boolean + GoogleCloudIntegrationsV1alphaAttemptStats: + properties: + startTime: description: >- - Optional. Name of the trigger This is added to identify the type of - trigger. This is avoid the logic on triggerId to identify the - trigger_type and push the same to monitoring. + The start time of the integration execution for current attempt. + This could be in the future if it's been scheduled. + format: google-datetime type: string - inputVariables: - description: Optional. List of input variables for the api trigger. - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoTriggerConfigVariables - outputVariables: - description: Optional. List of output variables for the api trigger. - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoTriggerConfigVariables - EnterpriseCrmEventbusProtoWorkflowAlertConfig: - id: EnterpriseCrmEventbusProtoWorkflowAlertConfig - description: >- - Message to be used to configure custom alerting in the {@code - EventConfig} protos for an event. + endTime: + type: string + description: The end time of the integration execution for current attempt. + format: google-datetime + id: GoogleCloudIntegrationsV1alphaAttemptStats + description: Status for the execution attempt. type: object + EnterpriseCrmEventbusProtoSuspensionConfig: properties: - alertName: - description: >- - A name to identify this alert. This will be displayed in the alert - subject. If set, this name should be unique within the scope of the - workflow. - type: string - metricType: + customMessage: type: string - enumDescriptions: - - >- - The default value. Metric type should always be set to one of the - other non-default values, otherwise it will result in an - INVALID_ARGUMENT error. - - >- - Specifies alerting on the rate of errors for the enclosing - workflow. - - >- - Specifies alerting on the rate of warnings for the enclosing - workflow. Warnings use the same enum values as errors. - - >- - Specifies alerting on the rate of errors for any task in the - enclosing workflow. - - >- - Specifies alerting on the rate of warnings for any task in the - enclosing workflow. - - >- - Specifies alerting on the rate of executions over all tasks in the - enclosing workflow. - - >- - Specifies alerting on the number of events executed in the given - aggregation_period. - - >- - Specifies alerting on the average duration of executions for this - workflow. - - >- - Specifies alerting on the duration value of a particular - percentile of workflow executions. E.g. If 10% or more of the - workflow executions have durations above 5 seconds, alert. - - >- - Specifies alerting on the average duration of any task in the - enclosing workflow, - - >- - Specifies alerting on the duration value of a particular - percentile of any task executions within the enclosing workflow. - E.g. If 10% or more of the task executions in the workflow have - durations above 5 seconds, alert. - enum: - - METRIC_TYPE_UNSPECIFIED - - EVENT_ERROR_RATE - - EVENT_WARNING_RATE - - TASK_ERROR_RATE - - TASK_WARNING_RATE - - TASK_RATE - - EVENT_RATE - - EVENT_AVERAGE_DURATION - - EVENT_PERCENTILE_DURATION - - TASK_AVERAGE_DURATION - - TASK_PERCENTILE_DURATION - thresholdType: - description: >- - The threshold type, whether lower(expected_min) or - upper(expected_max), for which this alert is being configured. If - value falls below expected_min or exceeds expected_max, an alert - will be fired. - type: string - enumDescriptions: - - '' - - >- - Note that this field will only trigger alerts if the workflow - specifying it runs at least once in 24 hours (which is our - in-memory retention period for monarch streams). Also note that - `aggregation_period` for this alert configuration must be less - than 24 hours. - - '' - enum: - - UNSPECIFIED_THRESHOLD_TYPE - - EXPECTED_MIN - - EXPECTED_MAX - thresholdValue: description: >- - The metric value, above or below which the alert should be - triggered. - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoBaseAlertConfigThresholdValue - durationThresholdMs: + Optional information to provide recipients of the suspension in + addition to the resolution URL, typically containing relevant + parameter values from the originating workflow. + notifications: + items: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoNotification' + type: array + suspensionExpiration: description: >- - Should be specified only for *AVERAGE_DURATION and - *PERCENTILE_DURATION metrics. This member should be used to specify - what duration value the metrics should exceed for the alert to - trigger. - type: string - format: int64 - errorEnumList: + Indicates the next steps when no external actions happen on the + suspension. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoSuspensionExpiration' + whoMayResolve: + items: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoSuspensionAuthPermissions + description: Identities able to resolve this suspension. + type: array + type: object + id: EnterpriseCrmEventbusProtoSuspensionConfig + GoogleCloudIntegrationsV1alphaValueType: + id: GoogleCloudIntegrationsV1alphaValueType + description: The type of the parameter. + properties: + stringArray: + description: String Array. $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumList - warningEnumList: + #/components/schemas/GoogleCloudIntegrationsV1alphaStringParameterArray + intArray: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaIntParameterArray' + description: Integer Array. + doubleValue: + type: number + description: Double Number. + format: double + booleanValue: + description: Boolean. + type: boolean + doubleArray: + description: Double Number Array. $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumList - aggregationPeriod: - description: >- - For an EXPECTED_MIN threshold, this aggregation_period must be - lesser than 24 hours. + #/components/schemas/GoogleCloudIntegrationsV1alphaDoubleParameterArray + jsonValue: + description: Json. type: string - numAggregationPeriods: - description: >- - For how many contiguous aggregation periods should the expected min - or max be violated for the alert to be fired. - type: integer - format: int32 - alertDisabled: - description: >- - Set to false by default. When set to true, the metrics are not - aggregated or pushed to Monarch for this workflow alert. - type: boolean - clientId: - description: Client associated with this alert configuration. + booleanArray: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaBooleanParameterArray + description: Boolean Array. + intValue: + format: int64 type: string - onlyFinalAttempt: - description: >- - For either events or tasks, depending on the type of alert, count - only final attempts, not retries. - type: boolean - playbookUrl: - description: >- - Link to a playbook for resolving the issue that triggered this - alert. + description: Integer. + stringValue: + description: String. type: string - EnterpriseCrmEventbusProtoTriggerCriteria: - id: EnterpriseCrmEventbusProtoTriggerCriteria type: object + EnterpriseCrmEventbusProtoSuspensionAuthPermissions: properties: - triggerCriteriaTaskImplementationClassName: - description: >- - Optional. Implementation class name. The class should implement the - “TypedTask” interface. + googleGroup: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoSuspensionAuthPermissionsGaiaIdentity + loasRole: type: string - parameters: - description: Optional. To be used in TaskConfig for the implementation class. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoEventParameters' - condition: - description: >- - Required. Standard filter expression, when true the workflow will be - executed. If there's no - trigger_criteria_task_implementation_class_name specified, the - condition will be validated directly. + gaiaIdentity: + description: Represents a Gaia identity for a person or service account. + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoSuspensionAuthPermissionsGaiaIdentity + mdbGroup: + type: string + type: object + description: LINT.IfChange + id: EnterpriseCrmEventbusProtoSuspensionAuthPermissions + GoogleProtobufEmpty: + properties: {} + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: GoogleProtobufEmpty + type: object + GoogleCloudIntegrationsV1alphaListSfdcChannelsResponse: + id: GoogleCloudIntegrationsV1alphaListSfdcChannelsResponse + description: Response to list SfdcChannels. + properties: + sfdcChannels: + description: The list of SfdcChannels retrieved. + type: array + items: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' + nextPageToken: + description: The token used to retrieve the next page of results. type: string + type: object + EnterpriseCrmEventbusProtoIntParameterArray: + type: object + id: EnterpriseCrmEventbusProtoIntParameterArray + properties: + intValues: + items: + format: int64 + type: string + type: array EnterpriseCrmEventbusProtoEventParameters: id: EnterpriseCrmEventbusProtoEventParameters description: >- @@ -4743,487 +4377,466 @@ components: type: object properties: parameters: + items: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterEntry' + type: array description: >- Parameters are a part of Event and can be used to communicate between different tasks that are part of the same integration execution. - type: array - items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterEntry' - EnterpriseCrmEventbusProtoParameterEntry: - id: EnterpriseCrmEventbusProtoParameterEntry - description: Key-value pair of EventBus parameters. + GoogleCloudConnectorsV1AuthConfigOauth2JwtBearer: + id: GoogleCloudConnectorsV1AuthConfigOauth2JwtBearer + description: >- + Parameters to support JSON Web Token (JWT) Profile for Oauth 2.0 + Authorization Grant based authentication. See + https://tools.ietf.org/html/rfc7523 for more details. type: object properties: - key: + jwtClaims: + $ref: >- + #/components/schemas/GoogleCloudConnectorsV1AuthConfigOauth2JwtBearerJwtClaims + description: Optional. JwtClaims providers fields to generate the token. + clientKey: + $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' description: >- - Key is used to retrieve the corresponding parameter value. This - should be unique for a given fired event. These parameters must be - predefined in the integration definition. + Optional. Secret version reference containing a PKCS#8 PEM-encoded + private key associated with the Client Certificate. This private key + will be used to sign JWTs used for the jwt-bearer authorization + grant. Specified in the form as: `projects/*/secrets/*/versions/*`. + EnterpriseCrmFrontendsEventbusProtoSerializedObjectParameter: + properties: + objectValue: type: string - value: - description: >- - Values for the defined keys. Each value can either be string, int, - double or any proto message. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterValueType' - masked: - description: True if this parameter should be masked in the logs - type: boolean - EnterpriseCrmEventbusProtoParameterValueType: - id: EnterpriseCrmEventbusProtoParameterValueType - description: >- - LINT.IfChange To support various types of parameter values. Next - available id: 14 + format: byte type: object + id: EnterpriseCrmFrontendsEventbusProtoSerializedObjectParameter + EnterpriseCrmEventbusAuthconfigAuthConfigTaskParam: properties: - stringValue: - type: string - intValue: - type: string - format: int64 - doubleValue: - type: number - format: double - booleanValue: + useServiceAccountInContext: type: boolean - protoValue: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - serializedObjectValue: - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoSerializedObjectParameter - stringArray: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoStringParameterArray' - intArray: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoIntParameterArray' - doubleArray: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoDoubleParameterArray' - protoArray: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoProtoParameterArray' - booleanArray: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoBooleanParameterArray' - EnterpriseCrmEventbusProtoSerializedObjectParameter: - id: EnterpriseCrmEventbusProtoSerializedObjectParameter - type: object - properties: - objectValue: + allowedServiceAccountInContext: + type: boolean + authConfigId: + description: UUID of the AuthConfig. type: string - format: byte - EnterpriseCrmEventbusProtoStringParameterArray: - id: EnterpriseCrmEventbusProtoStringParameterArray - type: object - properties: - stringValues: + allowedCredentialTypes: + description: >- + Defines the credential types to be supported as Task may restrict + specific types to use, e.g. Cloud SQL Task will use + username/password type only. type: array items: type: string - EnterpriseCrmEventbusProtoIntParameterArray: - id: EnterpriseCrmEventbusProtoIntParameterArray + enumDescriptions: + - '' + - Regular username/password pair. + - API key. + - OAuth 2.0 Authorization Code Grant Type. + - OAuth 2.0 Implicit Grant Type. + - OAuth 2.0 Client Credentials Grant Type. + - OAuth 2.0 Resource Owner Credentials Grant Type. + - JWT Token. + - Auth Token, e.g. bearer token. + - >- + Service Account which can be used to generate token for + authentication. + - Client Certificate only. + - Google OIDC ID Token + enum: + - CREDENTIAL_TYPE_UNSPECIFIED + - USERNAME_AND_PASSWORD + - API_KEY + - OAUTH2_AUTHORIZATION_CODE + - OAUTH2_IMPLICIT + - OAUTH2_CLIENT_CREDENTIALS + - OAUTH2_RESOURCE_OWNER_CREDENTIALS + - JWT + - AUTH_TOKEN + - SERVICE_ACCOUNT + - CLIENT_CERTIFICATE_ONLY + - OIDC_TOKEN + scope: + description: A space-delimited list of requested scope permissions. + type: string + id: EnterpriseCrmEventbusAuthconfigAuthConfigTaskParam type: object + GoogleCloudIntegrationsV1alphaDownloadJsonPackageResponse: + id: GoogleCloudIntegrationsV1alphaDownloadJsonPackageResponse + description: Response for DownloadJsonPackage. properties: - intValues: + files: type: array items: - type: string - format: int64 - EnterpriseCrmEventbusProtoDoubleParameterArray: - id: EnterpriseCrmEventbusProtoDoubleParameterArray + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaFile' + description: List containing JSON for multiple file with type information. + type: object + GoogleCloudIntegrationsV1alphaReplayExecutionRequest: + id: GoogleCloudIntegrationsV1alphaReplayExecutionRequest type: object + description: Request for replaying an execution. properties: - doubleValues: - type: array - items: - type: number - format: double - EnterpriseCrmEventbusProtoProtoParameterArray: - id: EnterpriseCrmEventbusProtoProtoParameterArray + updateMask: + description: >- + Optional. The list of parameters to be updated. - If the + `update_mask` is not specified, all the parameters from original + execution will be ignored and only the `modified_parameters` will be + used. - It is an error to include a parameter in `update_mask` but + not in `modified_parameters`. - Updating nested fields in a JSON + parameter is not supported, please provide the complete JSON in the + `modified_parameters`. + type: string + format: google-fieldmask + replayMode: + description: Optional. The mode of the replay. + enumDescriptions: + - Default value. + - Replay the original execution. + - Replay the execution with the modified parameters. + enum: + - REPLAY_MODE_UNSPECIFIED + - REPLAY_MODE_FROM_BEGINNING + - REPLAY_MODE_POINT_OF_FAILURE + type: string + modifiedParameters: + additionalProperties: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' + description: >- + Optional. The modified input parameters for replay. - Provide values + for all the fields in the 'update_mask'. Any field not present in + the 'update_mask' will be ignored and its value will be taken from + the original execution. - If the 'update_mask' is not specified, all + the parameters from original execution will be ignored and only the + `modified_parameters` will be used. + type: object + replayReason: + type: string + description: Required. The user provided reason for replaying the execution. + GoogleCloudIntegrationsV1alphaChangeCustomerConfigRequest: type: object properties: - protoValues: - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + updateMask: + format: google-fieldmask + type: string + description: >- + Required. Field mask specifying the fields in the customer config + that have been modified and must be updated. If absent or empty, no + fields are updated. + customerConfig: + description: Optional. The customer configuration to be updated. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCustomerConfig' + description: Request for the ChangeCustomerConfig rpc + id: GoogleCloudIntegrationsV1alphaChangeCustomerConfigRequest EnterpriseCrmEventbusProtoBooleanParameterArray: - id: EnterpriseCrmEventbusProtoBooleanParameterArray type: object properties: booleanValues: type: array items: type: boolean - EnterpriseCrmEventbusProtoCloudSchedulerConfig: - id: EnterpriseCrmEventbusProtoCloudSchedulerConfig - description: Cloud Scheduler Trigger configuration - type: object + id: EnterpriseCrmEventbusProtoBooleanParameterArray + GoogleCloudIntegrationsV1alphaExecutionDetails: properties: - serviceAccountEmail: - description: >- - Required. Service account used by Cloud Scheduler to trigger the - integration at scheduled time - type: string - cronTab: - description: Required. The cron tab of cloud scheduler trigger. - type: string - location: - description: >- - Required. The location where associated cloud scheduler job will be - created + eventExecutionSnapshotsSize: + format: int64 + description: Total size of all event_execution_snapshots for an execution type: string - errorMessage: - description: >- - Optional. When the job was deleted from Pantheon UI, error_message - will be populated when Get/List integrations + state: type: string - EnterpriseCrmFrontendsEventbusProtoTriggerConfigVariables: - id: EnterpriseCrmFrontendsEventbusProtoTriggerConfigVariables - description: Variables names mapped to api trigger. - type: object - properties: - names: - description: Optional. List of variable names. + description: Status of the execution. + enum: + - STATE_UNSPECIFIED + - PENDING + - PROCESSING + - SUCCEEDED + - FAILED + - CANCELLED + - RETRY_ON_HOLD + - SUSPENDED + enumDescriptions: + - Default. + - Execution is scheduled and awaiting to be triggered. + - Execution is processing. + - >- + Execution successfully finished. There's no more change after this + state. + - Execution failed. There's no more change after this state. + - >- + Execution canceled by user. There's no more change after this + state. + - Execution failed and waiting for retry. + - Execution suspended and waiting for manual intervention. + attemptStats: + description: List of Start and end time of the execution attempts. + items: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAttemptStats' type: array + executionSnapshots: items: - type: string - GoogleCloudIntegrationsV1alphaTriggerConfig: - id: GoogleCloudIntegrationsV1alphaTriggerConfig - description: Configuration detail of a trigger. + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaExecutionSnapshot + type: array + description: List of snapshots taken during the execution. type: object + description: >- + Contains the details of the execution info: this includes the tasks + execution details plus the event execution statistics. + id: GoogleCloudIntegrationsV1alphaExecutionDetails + EnterpriseCrmFrontendsEventbusProtoEventExecutionDetails: properties: - label: - description: Optional. The user created label for a particular trigger. - type: string - startTasks: + ryeLockUnheldCount: description: >- - Optional. Set of tasks numbers from where the integration execution - is started by this trigger. If this is empty, then integration is - executed with default start tasks. In the list of start tasks, none - of two tasks can have direct ancestor-descendant relationships (i.e. - in a same integration execution graph). + Used internally and shouldn't be exposed to users. A counter for the + cron job to record how many times this event is in in_process state + but don't have a lock consecutively/ + type: integer + format: int32 + eventAttemptStats: type: array items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaNextTask' - properties: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoEventExecutionDetailsEventAttemptStats + eventExecutionSnapshot: + type: array description: >- - Optional. Configurable properties of the trigger, not to be confused - with integration parameters. E.g. "name" is a property for API - triggers and "subscription" is a property for Pub/sub triggers. - type: object - additionalProperties: - type: string - triggerType: - description: Optional. Type of trigger + After snapshot migration, this field will no longer be populated, + but old execution snapshots will still be accessible. + items: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventExecutionSnapshot + logFilePath: + description: The log file path (aka. cns address) for this event. + type: string + eventExecutionSnapshotsSize: + format: int64 + description: Total size of all event_execution_snapshots for an execution + type: string + cancelReason: type: string - enumDescriptions: - - Unknown. - - Trigger by scheduled time. - - Trigger by API call. - - Trigger by Salesforce Channel. - - Trigger by Pub/Sub external. - - SFDC Channel Trigger for CDC. - - Trigger by Cloud Scheduler job. - - Trigger by Connector Event - - Trigger for private workflow - - Trigger by cloud pub/sub for internal ip - - Trigger by Eventarc - enum: - - TRIGGER_TYPE_UNSPECIFIED - - CRON - - API - - SFDC_CHANNEL - - CLOUD_PUBSUB_EXTERNAL - - SFDC_CDC_CHANNEL - - CLOUD_SCHEDULER - - INTEGRATION_CONNECTOR_TRIGGER - - PRIVATE_TRIGGER - - CLOUD_PUBSUB - - EVENTARC_TRIGGER - triggerNumber: description: >- - Required. A number to uniquely identify each trigger config within - the integration on UI. + If the execution is manually canceled, this field will contain the + reason for cancellation. + eventRetriesFromBeginningCount: + type: integer + format: int32 + description: >- + Indicates the number of times the execution has restarted from the + beginning. + nextExecutionTime: type: string - alertConfig: description: >- - Optional. An alert threshold configuration for the [trigger + client - + integration] tuple. If these values are not specified in the - trigger config, default values will be populated by the system. Note - that there must be exactly one alert threshold configured per - [client + trigger + integration] when published. + Next scheduled execution time in case the execution status was + RETRY_ON_HOLD. + format: int64 + eventExecutionState: + description: The execution state of this event. + enum: + - UNSPECIFIED + - ON_HOLD + - IN_PROCESS + - SUCCEEDED + - FAILED + - CANCELED + - RETRY_ON_HOLD + - SUSPENDED + type: string + enumDescriptions: + - '' + - >- + Event is received and waiting for the execution. This happens when + firing the event via "postToQueue" or "schedule". + - Event is under processing. + - >- + Event execution successfully finished. There's no more change + after this state. + - Event execution failed. There's no more change after this state. + - >- + Event execution canceled by user. There's no more change after + this state. + - Event execution failed and waiting for retry. + - Event execution suspended and waiting for manual intervention. + networkAddress: + type: string + description: >- + The network address (aka. bns address) that indicates where the + event executor is running. + id: EnterpriseCrmFrontendsEventbusProtoEventExecutionDetails + type: object + description: >- + Contains the details of the execution info of this event: this includes + the tasks execution details plus the event execution statistics. Next + available id: 12 + EnterpriseCrmEventbusProtoTransformExpression: + properties: + initialValue: + description: Initial value upon which to perform transformations. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoBaseValue' + transformationFunctions: + type: array + description: Transformations to be applied sequentially. + items: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoFunction' + type: object + id: EnterpriseCrmEventbusProtoTransformExpression + GoogleCloudIntegrationsV1alphaUseTemplateResponse: + description: Response for use template + properties: + subIntegrationVersions: type: array items: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationAlertConfig - nextTasksExecutionPolicy: - description: Optional. Dictates how next tasks will be executed. + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + description: Sub integration versions which are created. + integrationVersion: + description: IntegrationVersion which is created. + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + id: GoogleCloudIntegrationsV1alphaUseTemplateResponse + type: object + GoogleCloudConnectorsV1ConnectionStatus: + properties: + description: type: string - enumDescriptions: - - Default. - - Execute all the tasks that satisfy their associated condition. - - Execute the first task that satisfies the associated condition. + description: Description. + status: + description: Status provides detailed information for the state. + type: string + state: enum: - - NEXT_TASKS_EXECUTION_POLICY_UNSPECIFIED - - RUN_ALL_MATCH - - RUN_FIRST_MATCH + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - INACTIVE + - DELETING + - UPDATING + - ERROR + - AUTHORIZATION_REQUIRED + enumDescriptions: + - Connection does not have a state yet. + - Connection is being created. + - Connection is running and ready for requests. + - Connection is stopped. + - Connection is being deleted. + - Connection is being updated. + - Connection is not running due to an error. + - >- + Connection is not running because the authorization configuration + is not complete. + description: State. + type: string + description: ConnectionStatus indicates the state of the connection. + type: object + id: GoogleCloudConnectorsV1ConnectionStatus + GoogleCloudIntegrationsV1alphaApiTriggerResource: + description: List of API triggerID and their workflow resource name. + properties: triggerId: - description: >- - Optional. Auto-generated trigger ID. The ID is based on the - properties that you define in the trigger config. For example, for - an API trigger, the trigger ID follows the format: - api_trigger/TRIGGER_NAME Where trigger config has properties with - value {"Trigger name": TRIGGER_NAME} + items: + type: string + type: array + description: Required. Trigger Id of the API trigger(s) in the integration + integrationResource: + description: Required. Integration where the API is published type: string - description: + id: GoogleCloudIntegrationsV1alphaApiTriggerResource + type: object + GoogleCloudIntegrationsV1alphaEnumerateConnectorPlatformRegionsResponse: + properties: + regions: + items: + type: string + type: array + description: All regions where Connector Platform is provisioned. + type: object + description: Response containing all provisioned regions for Connector Platform. + id: GoogleCloudIntegrationsV1alphaEnumerateConnectorPlatformRegionsResponse + GoogleCloudIntegrationsV1alphaClientCertificate: + description: Contains client certificate information + id: GoogleCloudIntegrationsV1alphaClientCertificate + type: object + properties: + passphrase: description: >- - Optional. User-provided description intended to give additional - business context about the task. + 'passphrase' should be left unset if private key is not encrypted. + Note that 'passphrase' is not the password for web server, but an + extra layer of security to protected private key. type: string - cloudSchedulerConfig: - description: Optional. Cloud Scheduler Trigger related metadata - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaCloudSchedulerConfig - errorCatcherId: + sslCertificate: description: >- - Optional. Optional Error catcher id of the error catch flow which - will be executed when execution error happens in the task + The ssl certificate encoded in PEM format. This string must include + the begin header and end footer lines. For example, -----BEGIN + CERTIFICATE----- + MIICTTCCAbagAwIBAgIJAPT0tSKNxan/MA0GCSqGSIb3DQEBCwUAMCoxFzAVBgNV + BAoTDkdvb2dsZSBURVNUSU5HMQ8wDQYDVQQDEwZ0ZXN0Q0EwHhcNMTUwMTAxMDAw + MDAwWhcNMjUwMTAxMDAwMDAwWjAuMRcwFQYDVQQKEw5Hb29nbGUgVEVTVElORzET + MBEGA1UEAwwKam9lQGJhbmFuYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA + vDYFgMgxi5W488d9J7UpCInl0NXmZQpJDEHE4hvkaRlH7pnC71H0DLt0/3zATRP1 + JzY2+eqBmbGl4/sgZKYv8UrLnNyQNUTsNx1iZAfPUflf5FwgVsai8BM0pUciq1NB + xD429VFcrGZNucvFLh72RuRFIKH8WUpiK/iZNFkWhZ0CAwEAAaN3MHUwDgYDVR0P + AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB + Af8EAjAAMBkGA1UdDgQSBBCVgnFBCWgL/iwCqnGrhTPQMBsGA1UdIwQUMBKAEKey + Um2o4k2WiEVA0ldQvNYwDQYJKoZIhvcNAQELBQADgYEAYK986R4E3L1v+Q6esBtW + JrUwA9UmJRSQr0N5w3o9XzarU37/bkjOP0Fw0k/A6Vv1n3vlciYfBFaBIam1qRHr + 5dMsYf4CZS6w50r7hyzqyrwDoyNxkLnd2PdcHT/sym1QmflsjEs7pejtnohO6N2H + wQW6M0H7Zt8claGRla4fKkg= -----END CERTIFICATE----- type: string - position: - description: >- - Optional. Informs the front-end application where to draw this error - catcher config on the UI. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCoordinate' - trigger: + encryptedPrivateKey: description: >- - Optional. Name of the trigger. Example: "API Trigger", "Cloud Pub - Sub Trigger" When set will be sent out to monitoring dashabord for - tracking purpose. + The ssl certificate encoded in PEM format. This string must include + the begin header and end footer lines. For example, -----BEGIN + CERTIFICATE----- + MIICTTCCAbagAwIBAgIJAPT0tSKNxan/MA0GCSqGSIb3DQEBCwUAMCoxFzAVBgNV + BAoTDkdvb2dsZSBURVNUSU5HMQ8wDQYDVQQDEwZ0ZXN0Q0EwHhcNMTUwMTAxMDAw + MDAwWhcNMjUwMTAxMDAwMDAwWjAuMRcwFQYDVQQKEw5Hb29nbGUgVEVTVElORzET + MBEGA1UEAwwKam9lQGJhbmFuYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA + vDYFgMgxi5W488d9J7UpCInl0NXmZQpJDEHE4hvkaRlH7pnC71H0DLt0/3zATRP1 + JzY2+eqBmbGl4/sgZKYv8UrLnNyQNUTsNx1iZAfPUflf5FwgVsai8BM0pUciq1NB + xD429VFcrGZNucvFLh72RuRFIKH8WUpiK/iZNFkWhZ0CAwEAAaN3MHUwDgYDVR0P + AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB + Af8EAjAAMBkGA1UdDgQSBBCVgnFBCWgL/iwCqnGrhTPQMBsGA1UdIwQUMBKAEKey + Um2o4k2WiEVA0ldQvNYwDQYJKoZIhvcNAQELBQADgYEAYK986R4E3L1v+Q6esBtW + JrUwA9UmJRSQr0N5w3o9XzarU37/bkjOP0Fw0k/A6Vv1n3vlciYfBFaBIam1qRHr + 5dMsYf4CZS6w50r7hyzqyrwDoyNxkLnd2PdcHT/sym1QmflsjEs7pejtnohO6N2H + wQW6M0H7Zt8claGRla4fKkg= -----END CERTIFICATE----- type: string - inputVariables: - description: Optional. List of input variables for the api trigger. - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaTriggerConfigVariables - outputVariables: - description: Optional. List of output variables for the api trigger. - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaTriggerConfigVariables - GoogleCloudIntegrationsV1alphaIntegrationAlertConfig: - id: GoogleCloudIntegrationsV1alphaIntegrationAlertConfig - description: >- - Message to be used to configure custom alerting in the {@code - EventConfig} protos for an event. + EnterpriseCrmFrontendsEventbusProtoParamSpecEntry: + id: EnterpriseCrmFrontendsEventbusProtoParamSpecEntry + description: 'Key-value pair of EventBus task parameters. Next id: 13' type: object properties: - displayName: + collectionElementClassName: description: >- - Name of the alert. This will be displayed in the alert subject. If - set, this name should be unique within the scope of the integration. - type: string - metricType: - description: The type of metric. - type: string - enumDescriptions: - - >- - The default value. Metric type should always be set to one of the - other non-default values, otherwise it will result in an - INVALID_ARGUMENT error. - - >- - Specifies alerting on the rate of errors for the enclosing - integration. - - >- - Specifies alerting on the rate of warnings for the enclosing - integration. Warnings use the same enum values as errors. - - >- - Specifies alerting on the rate of errors for any task in the - enclosing integration. - - >- - Specifies alerting on the rate of warnings for any task in the - enclosing integration. - - >- - Specifies alerting on the rate of executions over all tasks in the - enclosing integration. - - >- - Specifies alerting on the number of events executed in the given - aggregation_period. - - >- - Specifies alerting on the average duration of executions for this - integration. - - >- - Specifies alerting on the duration value of a particular - percentile of integration executions. E.g. If 10% or more of the - integration executions have durations above 5 seconds, alert. - - >- - Specifies alerting on the average duration of any task in the - enclosing integration, - - >- - Specifies alerting on the duration value of a particular - percentile of any task executions within the enclosing - integration. E.g. If 10% or more of the task executions in the - integration have durations above 5 seconds, alert. - enum: - - METRIC_TYPE_UNSPECIFIED - - EVENT_ERROR_RATE - - EVENT_WARNING_RATE - - TASK_ERROR_RATE - - TASK_WARNING_RATE - - TASK_RATE - - EVENT_RATE - - EVENT_AVERAGE_DURATION - - EVENT_PERCENTILE_DURATION - - TASK_AVERAGE_DURATION - - TASK_PERCENTILE_DURATION - thresholdType: - description: >- - The threshold type, whether lower(expected_min) or - upper(expected_max), for which this alert is being configured. If - value falls below expected_min or exceeds expected_max, an alert - will be fired. - type: string - enumDescriptions: - - Default. - - >- - Note that this field will only trigger alerts if the integration - specifying it runs at least once in 24 hours (which is our - in-memory retention period for monarch streams). Also note that - `aggregation_period` for this alert configuration must be less - than 24 hours. Min value threshold. - - Max value threshold. - enum: - - THRESHOLD_TYPE_UNSPECIFIED - - EXPECTED_MIN - - EXPECTED_MAX - thresholdValue: - description: >- - The metric value, above or below which the alert should be - triggered. - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationAlertConfigThresholdValue - durationThreshold: - description: >- - Should be specified only for *AVERAGE_DURATION and - *PERCENTILE_DURATION metrics. This member should be used to specify - what duration value the metrics should exceed for the alert to - trigger. - type: string - format: google-duration - aggregationPeriod: - description: >- - The period over which the metric value should be aggregated and - evaluated. Format is , where integer should be a positive integer - and unit should be one of (s,m,h,d,w) meaning (second, minute, hour, - day, week). For an EXPECTED_MIN threshold, this aggregation_period - must be lesser than 24 hours. + If it is a collection of objects, this would be the FCQN of every + individual element in the collection. If this is "java.lang.Object", + the parameter is a collection of any type. type: string - alertThreshold: - description: >- - For how many contiguous aggregation periods should the expected min - or max be violated for the alert to be fired. - type: integer - format: int32 - disableAlert: - description: >- - Set to false by default. When set to true, the metrics are not - aggregated or pushed to Monarch for this integration alert. + required: + description: If set, the user must provide an input value for this parameter. type: boolean - onlyFinalAttempt: + defaultValue: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterValueType description: >- - For either events or tasks, depending on the type of alert, count - only final attempts, not retries. + Default values for the defined keys. Each value can either be + string, int, double or any proto message or a serialized object. + isOutput: type: boolean - GoogleCloudIntegrationsV1alphaIntegrationAlertConfigThresholdValue: - id: GoogleCloudIntegrationsV1alphaIntegrationAlertConfigThresholdValue - description: >- - The threshold value of the metric, above or below which the alert should - be triggered. See EventAlertConfig or TaskAlertConfig for the different - alert metric types in each case. For the *RATE metrics, one or both of - these fields may be set. Zero is the default value and can be left at - that. For *PERCENTILE_DURATION metrics, one or both of these fields may - be set, and also, the duration threshold value should be specified in - the threshold_duration_ms member below. For *AVERAGE_DURATION metrics, - these fields should not be set at all. A different member, - threshold_duration_ms, must be set in the EventAlertConfig or the - TaskAlertConfig. - type: object - properties: - absolute: - description: Absolute value threshold. - type: string - format: int64 - percentage: - description: Percentage threshold. - type: integer - format: int32 - GoogleCloudIntegrationsV1alphaCloudSchedulerConfig: - id: GoogleCloudIntegrationsV1alphaCloudSchedulerConfig - description: Cloud Scheduler Trigger configuration - type: object - properties: - serviceAccountEmail: - description: >- - Required. Service account used by Cloud Scheduler to trigger the - integration at scheduled time - type: string - cronTab: - description: Required. The cron tab of cloud scheduler trigger. - type: string - location: - description: >- - Required. The location where associated cloud scheduler job will be - created - type: string - errorMessage: - description: >- - Optional. When the job was deleted from Pantheon UI, error_message - will be populated when Get/List integrations - type: string - GoogleCloudIntegrationsV1alphaTriggerConfigVariables: - id: GoogleCloudIntegrationsV1alphaTriggerConfigVariables - description: Variables names mapped to api trigger. - type: object - properties: - names: - description: Optional. List of variable names. - type: array - items: - type: string - EnterpriseCrmFrontendsEventbusProtoWorkflowParameters: - id: EnterpriseCrmFrontendsEventbusProtoWorkflowParameters - description: >- - LINT.IfChange This is the frontend version of WorkflowParameters. It's - exactly like the backend version except that instead of flattening - protobuf parameters and treating every field and subfield of a protobuf - parameter as a separate parameter, the fields/subfields of a protobuf - parameter will be nested as "children" (see 'children' field below) - parameters of the parent parameter. Please refer to - enterprise/crm/eventbus/proto/workflow_parameters.proto for more - information about WorkflowParameters. - type: object - properties: - parameters: - description: >- - Parameters are a part of Event and can be used to communiticate - between different tasks that are part of the same workflow - execution. - type: array - items: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntry - EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntry: - id: EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntry - type: object - properties: - key: + validationRule: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoParamSpecEntryValidationRule description: >- - Key is used to retrieve the corresponding parameter value. This - should be unique for a given fired event. These parameters must be - predefined in the workflow definition. + Rule used to validate inputs (individual values and collection + elements) for this parameter. + config: + description: Optional fields, such as help text and other useful info. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParamSpecEntryConfig' + jsonSchema: + description: If the data_type is JSON_VALUE, then this will define its schema. type: string + protoDef: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoParamSpecEntryProtoDefinition + description: Populated if this represents a proto or proto array. dataType: - description: The data type of the parameter. - type: string enumDescriptions: - '' - '' @@ -5246,6 +4859,8 @@ components: - '' - '' - '' + description: The data type of the parameter. + type: string enum: - DATA_TYPE_UNSPECIFIED - STRING_VALUE @@ -5265,1263 +4880,1119 @@ components: - BYTES_ARRAY - NON_SERIALIZABLE_OBJECT - JSON_VALUE - protoDefPath: + key: description: >- - If the data type is of type proto or proto array, this field needs - to be populated with the fully qualified proto name. This message, - for example, would be - "enterprise.crm.frontends.eventbus.proto.WorkflowParameterEntry". + Key is used to retrieve the corresponding parameter value. This + should be unique for a given task. These parameters must be + predefined in the workflow definition. type: string - defaultValue: - description: >- - Default values for the defined keys. Each value can either be - string, int, double or any proto message or a serialized object. - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterValueType - attributes: - description: Metadata information about the parameters. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoAttributes' - children: + isDeprecated: description: >- - Child parameters nested within this parameter. This field only - applies to protobuf parameters - type: array - items: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntry - name: + If set, this entry is deprecated, so further use of this parameter + should be prohibited. + type: boolean + className: description: >- - The name (without prefix) to be displayed in the UI for this - parameter. E.g. if the key is "foo.bar.myName", then the name would - be "myName". - type: string - inOutType: - description: Specifies the input/output type for the parameter. - type: string - enumDescriptions: - - '' - - >- - Input parameters for the workflow. EventBus validates that these - parameters exist in the workflows before execution. - - >- - Output Parameters for the workflow. EventBus will only return the - workflow parameters tagged with OUT in the response back. - - >- - Input or Output Parameters. These can be used as both input and - output. EventBus will validate for the existence of these - parameters before execution and will also return this parameter - back in the response. - enum: - - IN_OUT_TYPE_UNSPECIFIED - - IN - - OUT - - IN_OUT - protoDefName: - description: >- - The name of the protobuf type if the parameter has a protobuf data - type. + The FQCN of the Java object this represents. A string, for example, + would be "java.lang.String". If this is "java.lang.Object", the + parameter can be of any type. type: string - isTransient: - description: Whether this parameter is a transient parameter. - type: boolean - producedBy: - description: >- - The identifier of the node (TaskConfig/TriggerConfig) this parameter - was produced by, if it is a transient param or a copy of an input - param. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoNodeIdentifier' - jsonSchema: - description: >- - This schema will be used to validate runtime JSON-typed values of - this parameter. + GoogleCloudIntegrationsV1alphaOidcToken: + properties: + tokenExpireTime: + format: google-datetime + description: The approximate time until the token retrieved is valid. type: string - producer: + serviceAccountEmail: + description: The service account email to be used as the identity for the token. type: string - description: - description: Optional. The description about the parameter + audience: type: string - containsLargeData: description: >- - Indicates whether this variable contains large data and need to be - uploaded to Cloud Storage. - type: boolean - required: - type: boolean - EnterpriseCrmEventbusProtoAttributes: - id: EnterpriseCrmEventbusProtoAttributes - description: >- - Attributes are additional options that can be associated with each event - property. For more information, see + Audience to be used when generating OIDC token. The audience claim + identifies the recipients that the JWT is intended for. + token: + description: ID token obtained for the service account + type: string type: object + description: OIDC Token + id: GoogleCloudIntegrationsV1alphaOidcToken + CrmlogErrorCode: + id: CrmlogErrorCode + description: >- + Registered ids for errors, as "oneof" enums. Each task or logical + grouping of tasks may share the same enum. properties: - dataType: - description: >- - Things like URL, Email, Currency, Timestamp (rather than string, - int64...) + commonErrorCode: type: string + enum: + - COMMON_ERROR_CODE_UNSPECIFIED + - INVALID_CREDENTIALS + - REQUIRED_FIELDS_MISSING + - INVALID_FIELDS + - BACKEND + - GENERAL + - INTERNAL + - IO_ERROR + - NOT_FOUND + - EVENT_BUS + - ALREADY_EXISTS + - CONCORD + - CONVERSION + - FLUME + - PERMISSION + - SALES_FORCE + - SPANNER + - UNIMPLEMENTED + - RELTIO + - WORKFLOW_NOT_FOUND + - QUOTA_THROTTLED + - QUOTA_ENQUEUED + - INVALID_QUOTA_CONFIGURATION + - TASK_NOT_FOUND + - EXECUTION_TIMEOUT + - INVALID_EVENT_EXECUTION_STATE + - INVALID_ATTRIBUTE + - MISSING_ATTRIBUTE + - CLIENT_UNAUTHORIZED_FOR_WORKFLOW + - INVALID_PARAMETER + - MISSING_PARAMETER + - UNAUTHROIZED_WORKFLOW_EDITOR_ACTION + - FAILED_PRECONDITION + - INVALID_CLIENT + - MISSING_CLIENT + - INVALID_WORKFLOW + - MISSING_QUOTA_CONFIGURATION + - UNHANDLED_TASK_ERROR + - SCRIPT_TASK_RUNTIME_ERROR + - RPC + - INVALID_PROTO + - UNHANDLED_EVENTBUS_ERROR + - INVALID_TASK_STATE + - TYPED_TASK_INVALID_INPUT_OPERATION + - TYPED_TASK_INVALID_OUTPUT_OPERATION + - VALIDATION_ERROR + - RESUME_ERROR + - APPS_SCRIPT_EXECUTION_ERROR + - INVALID_VECTOR_USER + - INFORMATICA + - RETRYABLE_TASK_ERROR + - INVALID_TENANT + - WRONG_TENANT + - INFORMATICA_BACKEND_UNAVAILABLE + - RPC_PERMISSION_DENIED + - SYNC_EVENTBUS_EXECUTION_TIMEOUT + - ASYNC_EVENTBUS_EXECUTION_TIMEOUT + - NOT_SUPPORTED_DATA_TYPE + - UNSANITIZED_USER_INPUT + - TRANSFORM_EXPRESSION_EVALUATION_ERROR + - HTTP_EXCEPTION + - EXECUTION_CANCELLED + enumDeprecated: + - false + - true + - false + - false + - true + - true + - true + - false + - false + - true + - false + - false + - false + - false + - true + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false enumDescriptions: - '' - '' - '' - '' - '' - - >- - Domain is a web url string with one top-level private domain and a - suffix (for example: google.com, walmart.com) - enum: - - DATA_TYPE_UNSPECIFIED - - EMAIL - - URL - - CURRENCY - - TIMESTAMP - - DOMAIN_NAME - isRequired: - description: >- - Required for event execution. The validation will be done by the - event bus when the event is triggered. - type: boolean - defaultValue: - description: Used to define defaults. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoValueType' - taskVisibility: - description: List of tasks that can view this property, if empty then all. - type: array - items: - type: string - logSettings: - description: See - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoLogSettings' - isSearchable: - description: >- - Used to indicate if a ParameterEntry should be converted to - ParamIndexes for ST-Spanner full-text search. DEPRECATED: use - searchable. - deprecated: true - type: boolean - searchable: - type: string - enumDescriptions: - '' - - >- - If yes, the parameter key and value will be full-text indexed. In - a proto, this value will propagate to all children whose - searchable is unspecified. - - >- - If no, the parameter key and value will not be full-text indexed. - In a proto, this value will propagate to all children whose - searchable is unspecified. - enum: - - UNSPECIFIED - - 'YES' - - 'NO' - readOnly: - description: Used to indicate if the ParameterEntry is a read only field or not. - type: boolean - masked: - description: True if this workflow parameter should be masked in the logs - type: boolean - EnterpriseCrmEventbusProtoLogSettings: - id: EnterpriseCrmEventbusProtoLogSettings - description: >- - The LogSettings define the logging attributes for an event property. - These attributes are used to map the property to the parameter in the - log proto. Also used to define scrubbing/truncation behavior and PII - information. - type: object - properties: - logFieldName: - description: >- - The name of corresponding logging field of the event property. If - omitted, assumes the same name as the event property key. - type: string - seedScope: - type: string - enumDescriptions: - '' - - Hash computations include the event name. - - Hash computations include a time period. - - Hash computations include the param name. - enum: - - SEED_SCOPE_UNSPECIFIED - - EVENT_NAME - - TIME_PERIOD - - PARAM_NAME - seedPeriod: - type: string - enumDescriptions: - '' - - Sanitized values remain constant for the day of the event. + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - SYNC_EVENTBUS_EXECUTION_TIMEOUT is for eventbus internal use only. - >- - Sanitized values remain constant for the week of the event; may - cross month boundaries. - - Sanitized values remain constant for the month of the event. - enum: - - SEED_PERIOD_UNSPECIFIED - - DAY - - WEEK - - MONTH - EnterpriseCrmEventbusProtoNodeIdentifier: - id: EnterpriseCrmEventbusProtoNodeIdentifier - description: 'Represents a node identifier (type + id). Next highest id: 3' - type: object - properties: - elementType: - description: Destination node where the edge ends. It can only be a task config. - type: string - enumDescriptions: + ASYNC_EVENTBUS_EXECUTION_TIMEOUT is for eventbus internal use + only. This error will be counted as server availability error. - '' - '' - '' + - '' + - '' + type: object + GoogleCloudConnectorsV1BillingConfig: + description: Billing config for the connection. + properties: + billingCategory: enum: - - UNKNOWN_TYPE - - TASK_CONFIG - - TRIGGER_CONFIG - elementIdentifier: - description: Configuration of the edge. + - BILLING_CATEGORY_UNSPECIFIED + - GCP_AND_TECHNICAL_CONNECTOR + - NON_GCP_CONNECTOR type: string - GoogleCloudIntegrationsV1alphaIntegrationParameter: - id: GoogleCloudIntegrationsV1alphaIntegrationParameter - description: >- - Integration Parameter is defined in the integration config and are used - to provide information about data types of the expected parameters and - provide any default values if needed. They can also be used to add - custom attributes. These are static in nature and should not be used for - dynamic event definition. + description: Output only. Billing category for the connector. + readOnly: true + enumDescriptions: + - Billing category is not specified. + - GCP/Technical connector. + - Non-GCP connector. + type: object + id: GoogleCloudConnectorsV1BillingConfig + GoogleCloudConnectorsV1Destination: type: object properties: - key: + port: + format: int32 description: >- - Key is used to retrieve the corresponding parameter value. This - should be unique for a given fired event. These parameters must be - predefined in the integration definition. + The port is the target port number that is accepted by the + destination. + type: integer + host: + description: For publicly routable host. type: string - dataType: - description: Type of the parameter. + serviceAttachment: type: string - enumDescriptions: - - Unspecified. - - String. - - Integer. - - Double Number. - - Boolean. - - String Array. - - Integer Array. - - Double Number Array. - - Boolean Array. - - Json. - - Proto Value (Internal use only). - - Proto Array (Internal use only). - - // Non-serializable object (Internal use only). - - Proto Enum (Internal use only). - - Serialized object (Internal use only). - - Proto Enum Array (Internal use only). - - >- - BYTES data types are not allowed for top-level params. They're - only meant to support protobufs with BYTES (sub)fields. - - >- - BYTES_ARRAY data types are not allowed for top-level params. - They're only meant to support protobufs with BYTES (sub)fields. - enum: - - INTEGRATION_PARAMETER_DATA_TYPE_UNSPECIFIED - - STRING_VALUE - - INT_VALUE - - DOUBLE_VALUE - - BOOLEAN_VALUE - - STRING_ARRAY - - INT_ARRAY - - DOUBLE_ARRAY - - BOOLEAN_ARRAY - - JSON_VALUE - - PROTO_VALUE - - PROTO_ARRAY - - NON_SERIALIZABLE_OBJECT - - PROTO_ENUM - - SERIALIZED_OBJECT_VALUE - - PROTO_ENUM_ARRAY - - BYTES - - BYTES_ARRAY - defaultValue: - description: >- - Default values for the defined keys. Each value can either be - string, int, double or any proto message or a serialized object. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' - searchable: - description: Searchable in the execution log or not. - type: boolean - displayName: + deprecated: true description: >- - The name (without prefix) to be displayed in the UI for this - parameter. E.g. if the key is "foo.bar.myName", then the name would - be "myName". - type: string - inputOutputType: - description: Specifies the input/output type for the parameter. + PSC service attachments. Format: + projects/*/regions/*/serviceAttachments/* + id: GoogleCloudConnectorsV1Destination + EnterpriseCrmEventbusProtoCloudSchedulerConfig: + description: Cloud Scheduler Trigger configuration + id: EnterpriseCrmEventbusProtoCloudSchedulerConfig + type: object + properties: + serviceAccountEmail: type: string - enumDescriptions: - - Default. - - >- - Input parameters for the integration. EventBus validates that - these parameters exist in the integrations before execution. - - >- - Output Parameters for the integration. EventBus will only return - the integration parameters tagged with OUT in the response back. - - >- - Input and Output Parameters. These can be used as both input and - output. EventBus will validate for the existence of these - parameters before execution and will also return this parameter - back in the response. - enum: - - IN_OUT_TYPE_UNSPECIFIED - - IN - - OUT - - IN_OUT - isTransient: - description: Whether this parameter is a transient parameter. - type: boolean - producer: description: >- - The identifier of the node (TaskConfig/TriggerConfig) this parameter - was produced by, if it is a transient param or a copy of an input - param. + Required. Service account used by Cloud Scheduler to trigger the + integration at scheduled time + cronTab: + description: Required. The cron tab of cloud scheduler trigger. type: string - jsonSchema: + errorMessage: description: >- - This schema will be used to validate runtime JSON-typed values of - this parameter. + Optional. When the job was deleted from Pantheon UI, error_message + will be populated when Get/List integrations type: string - containsLargeData: + location: description: >- - Indicates whether this variable contains large data and need to be - uploaded to Cloud Storage. - type: boolean - masked: - description: True if this parameter should be masked in the logs - type: boolean + Required. The location where associated cloud scheduler job will be + created + type: string + GoogleCloudConnectorsV1EventingStatus: + properties: + state: + type: string + enumDescriptions: + - Default state. + - Eventing is enabled and ready to receive events. + - Eventing is not active due to an error. + - Ingress endpoint required. + description: Output only. State. + readOnly: true + enum: + - STATE_UNSPECIFIED + - ACTIVE + - ERROR + - INGRESS_ENDPOINT_REQUIRED description: - description: Optional. Description of the parameter. + description: Output only. Description of error if State is set to "ERROR". type: string - EnterpriseCrmEventbusProtoTeardown: - id: EnterpriseCrmEventbusProtoTeardown + readOnly: true + description: EventingStatus indicates the state of eventing. + id: GoogleCloudConnectorsV1EventingStatus type: object - properties: - teardownTaskConfigs: - description: Required. - type: array - items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTeardownTaskConfig' - EnterpriseCrmEventbusProtoTeardownTaskConfig: - id: EnterpriseCrmEventbusProtoTeardownTaskConfig + EnterpriseCrmFrontendsEventbusProtoEventExecutionSnapshot: + id: EnterpriseCrmFrontendsEventbusProtoEventExecutionSnapshot type: object properties: - teardownTaskImplementationClassName: - description: Required. Implementation class name. + eventExecutionSnapshotMetadata: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoEventExecutionSnapshotEventExecutionSnapshotMetadata + eventExecutionSnapshotId: + description: >- + Auto-generated. Used as primary key for EventExecutionSnapshots + table. type: string - name: + eventExecutionInfoId: + type: string + description: Points to the event execution info this snapshot belongs to. + taskExecutionDetails: + description: All of the task execution details at the given point of time. + items: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoTaskExecutionDetails + type: array + taskName: + type: string + description: The task name associated with this snapshot. Could be empty. + deprecated: true + diffParams: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters + description: The parameters in Event object that differs from last snapshot. + checkpointTaskNumber: description: >- - Required. Unique identifier of the teardown task within this Config. - We use this field as the identifier to find next teardown tasks. + Indicates "right after which checkpoint task's execution" this + snapshot is taken. type: string - parameters: - description: The parameters the user can pass to this task. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoEventParameters' - properties: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoEventBusProperties' - creatorEmail: - description: The creator's email address. + conditionResults: + items: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoConditionResult' + description: All of the computed conditions that been calculated. + type: array + eventParams: + description: The parameters in Event object. + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters + snapshotTime: + format: int64 + description: Indicates when this snapshot is taken. type: string - nextTeardownTask: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoNextTeardownTask' - EnterpriseCrmEventbusProtoEventBusProperties: - id: EnterpriseCrmEventbusProtoEventBusProperties - description: >- - LINT.IfChange This message is used for storing key value pair properties - for each Event / Task in the EventBus. + EnterpriseCrmEventbusProtoEventExecutionSnapshot: type: object + description: >- + Contains the snapshot of the event execution for a given checkpoint. + Next available id: 15 + id: EnterpriseCrmEventbusProtoEventExecutionSnapshot properties: - properties: - description: An unordered list of property entries. + taskExecutionDetails: type: array items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoPropertyEntry' - EnterpriseCrmEventbusProtoPropertyEntry: - id: EnterpriseCrmEventbusProtoPropertyEntry - description: Key-value pair of EventBus property. - type: object - properties: - key: - description: >- - Key is used to retrieve the corresponding property value. This - should be unique for a given fired event. The Tasks should be aware - of the keys used while firing the events for them to be able to - retrieve the values. + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoTaskExecutionDetails + description: All of the task execution details at the given point of time. + diffParams: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoEventParameters' + description: The parameters in Event object that differs from last snapshot. + eventExecutionInfoId: + description: Points to the event execution info this snapshot belongs to. + type: string + eventParams: + description: The parameters in Event object. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoEventParameters' + taskName: + deprecated: true + type: string + description: The task name associated with this snapshot. Could be empty. + eventExecutionSnapshotMetadata: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoEventExecutionSnapshotEventExecutionSnapshotMetadata + snapshotTime: + type: string + format: int64 + description: Indicates when this snapshot is taken. + conditionResults: + items: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoConditionResult' + type: array + description: All of the computed conditions that been calculated. + checkpointTaskNumber: type: string - value: description: >- - Values for the defined keys. Each value can either be string, int, - double or any proto message. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoValueType' - EnterpriseCrmEventbusProtoNextTeardownTask: - id: EnterpriseCrmEventbusProtoNextTeardownTask - description: >- - The teardown task that is next in line to be executed. We support only - sequential execution of teardown tasks (i.e. no branching). - type: object - properties: - name: - description: Required. Name of the next teardown task. + Indicates "right after which checkpoint task's execution" this + snapshot is taken. + exceedMaxSize: + type: boolean + description: indicate whether snapshot exceeded maximum size before clean up + eventExecutionSnapshotId: + description: >- + Auto-generated. Used as primary key for EventExecutionSnapshots + table. type: string - GoogleCloudIntegrationsV1alphaErrorCatcherConfig: - id: GoogleCloudIntegrationsV1alphaErrorCatcherConfig - description: Configuration detail of a error catch task - type: object + workflowName: + type: string + description: Name of the workflow this event execution snapshot belongs to. + clientId: + description: Client that the execution snapshot is associated to. + type: string + EnterpriseCrmEventbusProtoSuspensionAuthPermissionsGaiaIdentity: properties: - errorCatcherId: - description: >- - Required. An error catcher id is string representation for the error - catcher config. Within a workflow, error_catcher_id uniquely - identifies an error catcher config among all error catcher configs - for the workflow + gaiaId: + format: int64 type: string - label: - description: >- - Optional. The user created label for a particular error catcher. - Optional. + emailAddress: type: string - errorCatcherNumber: - description: >- - Required. A number to uniquely identify each error catcher config - within the workflow on UI. + id: EnterpriseCrmEventbusProtoSuspensionAuthPermissionsGaiaIdentity + type: object + GoogleCloudIntegrationsV1alphaTaskConfig: + type: object + properties: + task: type: string - startErrorTasks: - description: >- - Required. The set of start tasks that are to be executed for the - error catch flow - type: array - items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaNextTask' - description: + description: Optional. The name for the task. + failurePolicy: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaFailurePolicy' description: >- - Optional. User-provided description intended to give more business - context about the error catcher config. + Optional. Determines the number of times the task will be retried on + failure and with what retry strategy. This is applicable for + asynchronous calls to Eventbus alone (Post To Queue, Schedule etc.). + externalTaskType: type: string + enumDescriptions: + - Default value. External task type is not specified + - Tasks belongs to the normal task flows + - Task belongs to the error catch task flows + enum: + - EXTERNAL_TASK_TYPE_UNSPECIFIED + - NORMAL_TASK + - ERROR_TASK + description: Optional. External task type of the task position: description: >- Optional. Informs the front-end application where to draw this error catcher config on the UI. $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCoordinate' - GoogleCloudIntegrationsV1alphaCloudLoggingDetails: - id: GoogleCloudIntegrationsV1alphaCloudLoggingDetails - description: Cloud Logging details for execution info - type: object - properties: - cloudLoggingSeverity: - description: >- - Optional. Severity selected by the customer for the logs to be sent - to Cloud Logging, for the integration version getting executed. + description: type: string + description: >- + Optional. User-provided description intended to give additional + business context about the task. + taskExecutionStrategy: enumDescriptions: - - Unspecified - >- - If Severity selected is `INFO`, then all the Integration Execution - States (`IN_PROCESS`, `ON_HOLD`, `SUCCEEDED`, `SUSPENDED`, - `ERROR`, `CANCELLED`) will be sent to Cloud Logging. + Default. If the strategy is not set explicitly, it will default to + `WHEN_ALL_SUCCEED`. - >- - If Severity selected is `ERROR`, then only the following - Integration Execution States (`ERROR`, `CANCELLED`) will be sent - to Cloud Logging. + Wait until all of its previous tasks finished execution, then + verify at least one of the edge conditions is met, and execute if + possible. This should be considered as WHEN_ALL_TASKS_SUCCEED. - >- - If Severity selected is `WARNING`, then only the following - Integration Execution States (`ERROR`, `CANCELLED`) will be sent - to Cloud Logging. - enum: - - CLOUD_LOGGING_SEVERITY_UNSPECIFIED - - INFO - - ERROR - - WARNING - enableCloudLogging: + Start execution as long as any of its previous tasks finished + execution and the corresponding edge condition is met (since we + will execute if only that succeeding edge condition is met). + - >- + Wait until all of its previous tasks finished execution, then + verify the all edge conditions are met and execute if possible. + enum: + - TASK_EXECUTION_STRATEGY_UNSPECIFIED + - WHEN_ALL_SUCCEED + - WHEN_ANY_SUCCEED + - WHEN_ALL_TASKS_AND_CONDITIONS_SUCCEED + type: string + description: Optional. The policy dictating the execution strategy of this task. + successPolicy: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSuccessPolicy' description: >- - Optional. Status of whether Cloud Logging is enabled or not for the - integration version getting executed. - type: boolean - GoogleCloudIntegrationsV1alphaIntegrationConfigParameter: - id: GoogleCloudIntegrationsV1alphaIntegrationConfigParameter - description: >- - Integration Config Parameter is defined in the integration config and - are used to provide external configuration for integration. It provide - information about data types of the expected parameters and provide any - default values or value. They can also be used to add custom attributes. - type: object - properties: - parameter: + Optional. Determines what action to take upon successful task + completion. + nextTasks: description: >- - Optional. Integration Parameter to provide the default value, data - type and attributes required for the Integration config variables. - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationParameter - value: + Optional. The set of tasks that are next in line to be executed as + per the execution graph defined for the parent event, specified by + `event_config_id`. Each of these next tasks are executed only if the + condition associated with them evaluates to true. + items: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaNextTask' + type: array + synchronousCallFailurePolicy: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaFailurePolicy' description: >- - Values for the defined keys. Each value can either be string, int, - double or any proto message or a serialized object. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' - GoogleCloudIntegrationsV1alphaPublishIntegrationVersionRequest: - id: GoogleCloudIntegrationsV1alphaPublishIntegrationVersionRequest - description: Request for PublishIntegrationVersion. - type: object - properties: - configParameters: - description: Optional. Config parameters used during integration execution. - type: object - additionalProperties: - type: any - description: Properties of the object. - GoogleCloudIntegrationsV1alphaPublishIntegrationVersionResponse: - id: GoogleCloudIntegrationsV1alphaPublishIntegrationVersionResponse - description: Response for PublishIntegrationVersion. - type: object - properties: {} - GoogleCloudIntegrationsV1alphaUploadIntegrationVersionRequest: - id: GoogleCloudIntegrationsV1alphaUploadIntegrationVersionRequest - description: Request for UploadIntegrationVersion. - type: object - properties: - content: - description: The textproto of the IntegrationVersion. + Optional. Determines the number of times the task will be retried on + failure and with what retry strategy. This is applicable for + synchronous calls to Eventbus alone (Post). + displayName: type: string - fileFormat: - description: File format for upload request. + description: >- + Optional. User-provided label that is attached to this TaskConfig in + the UI. + nextTasksExecutionPolicy: type: string - enumDescriptions: - - Unspecified file format - - JSON File Format - - YAML File Format enum: - - FILE_FORMAT_UNSPECIFIED - - JSON - - YAML - GoogleCloudIntegrationsV1alphaUploadIntegrationVersionResponse: - id: GoogleCloudIntegrationsV1alphaUploadIntegrationVersionResponse - description: Response for UploadIntegrationVersion. - type: object - properties: - integrationVersion: - description: The uploaded integration. - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion - GoogleCloudIntegrationsV1alphaDownloadIntegrationVersionResponse: - id: GoogleCloudIntegrationsV1alphaDownloadIntegrationVersionResponse - description: Response for DownloadIntegrationVersion. - type: object - properties: - content: - description: String representation of the requested file. + - NEXT_TASKS_EXECUTION_POLICY_UNSPECIFIED + - RUN_ALL_MATCH + - RUN_FIRST_MATCH + description: >- + Optional. The policy dictating the execution of the next set of + tasks for the current task. + enumDescriptions: + - Default. + - Execute all the tasks that satisfy their associated condition. + - Execute the first task that satisfies the associated condition. + errorCatcherId: + description: >- + Optional. Optional Error catcher id of the error catch flow which + will be executed when execution error happens in the task type: string - files: - description: List containing String represendation for multiple file with type. - type: array - items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSerializedFile' - GoogleCloudIntegrationsV1alphaSerializedFile: - id: GoogleCloudIntegrationsV1alphaSerializedFile - description: To store string representation of Integration file. - type: object - properties: - content: - description: String representation of the file content. + parameters: + additionalProperties: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaEventParameter' + type: object + description: Optional. The customized parameters the user can pass to this task. + taskTemplate: type: string - file: description: >- - File information like Integration version, Integration Config - variables etc. + Optional. Used to define task-template name if task is of type + task-template + taskId: + type: string + description: >- + Required. The identifier of this task within its parent event + config, specified by the client. This should be unique among all the + tasks belong to the same event config. We use this field as the + identifier to find next tasks (via field `next_tasks.task_id`). + conditionalFailurePolicies: + description: >- + Optional. The list of conditional failure policies that will be + applied to the task in order. + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaConditionalFailurePolicies + jsonValidationOption: type: string + description: >- + Optional. If set, overrides the option configured in the Task + implementation class. enumDescriptions: - - Default value. - - Integration file. - - Integration Config variables. + - >- + As per the default behavior, no validation will be run. Will not + override any option set in a Task. + - Do not run any validation against JSON schemas. + - >- + Validate all potential input JSON parameters against schemas + specified in IntegrationParameter. + - >- + Validate all potential output JSON parameters against schemas + specified in IntegrationParameter. + - Perform both PRE_EXECUTION and POST_EXECUTION validations. enum: - - INTEGRATION_FILE_UNSPECIFIED - - INTEGRATION - - INTEGRATION_CONFIG_VARIABLES - GoogleCloudIntegrationsV1alphaDownloadJsonPackageResponse: - id: GoogleCloudIntegrationsV1alphaDownloadJsonPackageResponse - description: Response for DownloadJsonPackage. - type: object + - JSON_VALIDATION_OPTION_UNSPECIFIED + - SKIP + - PRE_EXECUTION + - POST_EXECUTION + - PRE_POST_EXECUTION + id: GoogleCloudIntegrationsV1alphaTaskConfig + description: >- + The task configuration details. This is not the implementation of Task. + There might be multiple TaskConfigs for the same Task. + GoogleCloudIntegrationsV1alphaTestTaskConfig: properties: - files: - description: List containing JSON for multiple file with type information. + assertions: type: array + description: >- + Optional. List of conditions or expressions which should be + evaluated to true unless there is a bug/problem in the integration. + These are evaluated one the task execution is completed as per the + mock strategy in test case items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaFile' - GoogleCloudIntegrationsV1alphaFile: - id: GoogleCloudIntegrationsV1alphaFile + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAssertion' + taskNumber: + description: >- + Required. This defines in the test case, the task in integration + which will be mocked by this test task config + type: string + taskConfig: + description: Optional. Auto-generated. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTaskConfig' + task: + description: >- + Required. This defines in the test case, the task name in + integration which will be mocked by this test task config + type: string + mockConfig: + description: Optional. Defines how to mock the given task during test execution + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaMockConfig' description: >- - To store Integration version related file i.e. Integration Version, - Config variable etc. + The task mock configuration details and assertions for functional tests. + Next available id: 6 + type: object + id: GoogleCloudIntegrationsV1alphaTestTaskConfig + GoogleCloudIntegrationsV1alphaServiceAccountCredentials: + description: >- + Represents the service account which can be used to generate access + token for authenticating the service call. + id: GoogleCloudIntegrationsV1alphaServiceAccountCredentials type: object properties: - integrationVersion: - description: Integration version - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion - integrationConfig: - description: Integration version config file - type: object - additionalProperties: - type: any - description: Properties of the object. - type: + serviceAccount: description: >- - File information like Integration version, Integration Config - variables etc. + Name of the service account that has the permission to make the + request. type: string - enumDescriptions: - - Default value. - - Integration file. - - Integration Config variables. - enum: - - INTEGRATION_FILE_UNSPECIFIED - - INTEGRATION - - INTEGRATION_CONFIG_VARIABLES - GoogleCloudIntegrationsV1alphaTakeoverEditLockRequest: - id: GoogleCloudIntegrationsV1alphaTakeoverEditLockRequest - description: Request for TakeoverEditLock. - type: object - properties: {} - GoogleCloudIntegrationsV1alphaTakeoverEditLockResponse: - id: GoogleCloudIntegrationsV1alphaTakeoverEditLockResponse - description: Response for TakeoverEditLock. + scope: + description: A space-delimited list of requested scope permissions. + type: string + GoogleCloudIntegrationsV1alphaStringParameterArray: type: object + description: This message only contains a field of string array. properties: - integrationVersion: - description: Version after the lock is acquired by the new user. - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion - GoogleCloudIntegrationsV1alphaUnpublishIntegrationVersionRequest: - id: GoogleCloudIntegrationsV1alphaUnpublishIntegrationVersionRequest - description: Request for UnpublishIntegrationVersion. - type: object - properties: {} - GoogleCloudIntegrationsV1alphaExecuteIntegrationsRequest: - id: GoogleCloudIntegrationsV1alphaExecuteIntegrationsRequest - description: The request for executing an integration. + stringValues: + items: + type: string + type: array + description: String array. + id: GoogleCloudIntegrationsV1alphaStringParameterArray + GoogleCloudConnectorsV1LockConfig: type: object + description: >- + Determines whether or no a connection is locked. If locked, a reason + must be specified. + id: GoogleCloudConnectorsV1LockConfig properties: - triggerId: - description: >- - Required. Matched against all {@link TriggerConfig}s across all - integrations. i.e. TriggerConfig.trigger_id.equals(trigger_id). The - trigger_id is in the format of `api_trigger/TRIGGER_NAME`. + reason: type: string - parameters: - description: >- - Optional. Passed in as parameters to each integration execution. - Redacted - deprecated: true - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters - doNotPropagateError: - description: >- - Optional. Flag to determine how to should propagate errors. If this - flag is set to be true, it will not throw an exception. Instead, it - will return a {@link ExecuteIntegrationsResponse} with an execution - id and error messages as PostWithTriggerIdExecutionException in - {@link EventParameters}. The flag is set to be false by default. + description: Optional. Describes why a connection is locked. + locked: + description: Optional. Indicates whether or not the connection is locked. type: boolean - parameterEntries: - description: >- - Optional. Parameters are a part of Event and can be used to - communicate between different tasks that are part of the same - integration execution. - deprecated: true - type: array - items: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterEntry - requestId: - description: >- - Optional. This is used to de-dup incoming request: if the duplicate - request was detected, the response from the previous execution is - returned. - type: string - executionId: - description: Optional. The id of the ON_HOLD execution to be resumed. - type: string - inputParameters: - description: Optional. Input parameters used by integration execution. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' - GoogleCloudIntegrationsV1alphaExecuteIntegrationsResponse: - id: GoogleCloudIntegrationsV1alphaExecuteIntegrationsResponse - description: The response for executing an integration. + EnterpriseCrmEventbusProtoWorkflowAlertConfig: type: object + description: >- + Message to be used to configure custom alerting in the {@code + EventConfig} protos for an event. properties: - executionId: - description: The id of the execution corresponding to this run of integration. - type: string - eventParameters: - description: Details for the integration that were executed. - deprecated: true + warningEnumList: $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters - executionFailed: - description: Is true if any execution in the integration failed. False otherwise. - deprecated: true - type: boolean - parameterEntries: + #/components/schemas/EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumList + clientId: + type: string + description: Client associated with this alert configuration. + alertDisabled: description: >- - Parameters are a part of Event and can be used to communicate - between different tasks that are part of the same integration - execution. - deprecated: true - type: array - items: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterEntry - outputParameters: + Set to false by default. When set to true, the metrics are not + aggregated or pushed to Monarch for this workflow alert. + type: boolean + thresholdValue: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoBaseAlertConfigThresholdValue description: >- - OUTPUT parameters in format of Map. Where Key is the name of the - parameter. Note: Name of the system generated parameters are wrapped - by backtick(`) to distinguish them from the user defined parameters. - type: object - additionalProperties: - type: any - description: Properties of the object. - parameters: - description: Optional. OUTPUT parameters from integration execution. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' - GoogleCloudIntegrationsV1alphaScheduleIntegrationsRequest: - id: GoogleCloudIntegrationsV1alphaScheduleIntegrationsRequest - description: The request for scheduling an integration. - type: object - properties: - triggerId: + The metric value, above or below which the alert should be + triggered. + playbookUrl: description: >- - Required. Matched against all {@link TriggerConfig}s across all - integrations. i.e. TriggerConfig.trigger_id.equals(trigger_id) + Link to a playbook for resolving the issue that triggered this + alert. type: string - parameters: - description: Passed in as parameters to each integration execution. - deprecated: true - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoEventParameters' - scheduleTime: - description: >- - The time that the integration should be executed. If the time is - less or equal to the current time, the integration is executed - immediately. + thresholdType: type: string - format: google-datetime - requestId: description: >- - This is used to de-dup incoming request: if the duplicate request - was detected, the response from the previous execution is returned. + The threshold type, whether lower(expected_min) or + upper(expected_max), for which this alert is being configured. If + value falls below expected_min or exceeds expected_max, an alert + will be fired. + enumDescriptions: + - '' + - >- + Note that this field will only trigger alerts if the workflow + specifying it runs at least once in 24 hours (which is our + in-memory retention period for monarch streams). Also note that + `aggregation_period` for this alert configuration must be less + than 24 hours. + - '' + enum: + - UNSPECIFIED_THRESHOLD_TYPE + - EXPECTED_MIN + - EXPECTED_MAX + onlyFinalAttempt: + description: >- + For either events or tasks, depending on the type of alert, count + only final attempts, not retries. + type: boolean + durationThresholdMs: type: string - parameterEntries: description: >- - Parameters are a part of Event and can be used to communicate - between different tasks that are part of the same integration - execution. - deprecated: true - type: array - items: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterEntry - inputParameters: - description: Optional. Input parameters used by integration execution. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' - userGeneratedExecutionId: + Should be specified only for *AVERAGE_DURATION and + *PERCENTILE_DURATION metrics. This member should be used to specify + what duration value the metrics should exceed for the alert to + trigger. + format: int64 + numAggregationPeriods: + type: integer + format: int32 description: >- - Optional. This is a unique id provided by the method caller. If - provided this will be used as the execution_id when a new execution - info is created. This is a string representation of a UUID. Must - have no more than 36 characters and contain only alphanumeric - characters and hyphens. + For how many contiguous aggregation periods should the expected min + or max be violated for the alert to be fired. + errorEnumList: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumList + aggregationPeriod: + description: >- + For an EXPECTED_MIN threshold, this aggregation_period must be + lesser than 24 hours. type: string - GoogleCloudIntegrationsV1alphaScheduleIntegrationsResponse: - id: GoogleCloudIntegrationsV1alphaScheduleIntegrationsResponse - description: The response for executing an integration. - type: object - properties: - executionInfoIds: - description: The execution info id for the executed integrations. - type: array - items: - type: string - GoogleCloudIntegrationsV1alphaExecuteEventResponse: - id: GoogleCloudIntegrationsV1alphaExecuteEventResponse - description: The response for executing an integration. - type: object - properties: - executionId: - description: The id of the execution corresponding to this run of integration. + alertName: + description: >- + A name to identify this alert. This will be displayed in the alert + subject. If set, this name should be unique within the scope of the + workflow. type: string - GoogleCloudIntegrationsV1alphaListExecutionsResponse: - id: GoogleCloudIntegrationsV1alphaListExecutionsResponse - description: Response for listing the integration execution data. - type: object - properties: - executionInfos: - description: Required. The detailed information of requested executions. - deprecated: true - type: array - items: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventExecutionInfo - nextPageToken: - description: The token used to retrieve the next page results. + metricType: + enumDescriptions: + - >- + The default value. Metric type should always be set to one of the + other non-default values, otherwise it will result in an + INVALID_ARGUMENT error. + - >- + Specifies alerting on the rate of errors for the enclosing + workflow. + - >- + Specifies alerting on the rate of warnings for the enclosing + workflow. Warnings use the same enum values as errors. + - >- + Specifies alerting on the rate of errors for any task in the + enclosing workflow. + - >- + Specifies alerting on the rate of warnings for any task in the + enclosing workflow. + - >- + Specifies alerting on the rate of executions over all tasks in the + enclosing workflow. + - >- + Specifies alerting on the number of events executed in the given + aggregation_period. + - >- + Specifies alerting on the average duration of executions for this + workflow. + - >- + Specifies alerting on the duration value of a particular + percentile of workflow executions. E.g. If 10% or more of the + workflow executions have durations above 5 seconds, alert. + - >- + Specifies alerting on the average duration of any task in the + enclosing workflow, + - >- + Specifies alerting on the duration value of a particular + percentile of any task executions within the enclosing workflow. + E.g. If 10% or more of the task executions in the workflow have + durations above 5 seconds, alert. + enum: + - METRIC_TYPE_UNSPECIFIED + - EVENT_ERROR_RATE + - EVENT_WARNING_RATE + - TASK_ERROR_RATE + - TASK_WARNING_RATE + - TASK_RATE + - EVENT_RATE + - EVENT_AVERAGE_DURATION + - EVENT_PERCENTILE_DURATION + - TASK_AVERAGE_DURATION + - TASK_PERCENTILE_DURATION type: string - executions: - description: The detailed information of requested executions - type: array - items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaExecution' - EnterpriseCrmFrontendsEventbusProtoEventExecutionInfo: - id: EnterpriseCrmFrontendsEventbusProtoEventExecutionInfo - description: >- - Contains all the execution details for a workflow instance. Next - available id: 27 + id: EnterpriseCrmEventbusProtoWorkflowAlertConfig + EnterpriseCrmEventbusProtoToken: type: object properties: - eventExecutionInfoId: - description: Auto-generated primary key. + value: type: string - workflowName: - description: Name of the workflow. + name: type: string - workflowId: - description: Required. Pointer to the workflow it is executing. + id: EnterpriseCrmEventbusProtoToken + GoogleCloudIntegrationsV1alphaUsernameAndPassword: + id: GoogleCloudIntegrationsV1alphaUsernameAndPassword + properties: + username: + description: Username to be used type: string - clientId: - description: The event data user sends as request. + password: + description: Password to be used type: string - triggerId: - description: >- - The trigger id of the workflow trigger config. If both trigger_id - and client_id is present, the workflow is executed from the start - tasks provided by the matching trigger config otherwise it is - executed from the default start tasks. + type: object + description: Username and password pair. + GoogleCloudIntegrationsV1alphaDeprovisionClientRequest: + type: object + id: GoogleCloudIntegrationsV1alphaDeprovisionClientRequest + description: Request for the Deprovision rpc + properties: {} + GoogleCloudIntegrationsV1alphaRuntimeActionSchema: + type: object + properties: + action: + description: Name of the action. type: string - requestParams: - description: Event parameters come in as part of the request. - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters - responseParams: - description: Event parameters come out as part of the response. - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters - postMethod: - description: The ways user posts this event. + inputSchema: type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - UNSPECIFIED - - POST - - POST_TO_QUEUE - - SCHEDULE - - POST_BY_EVENT_CONFIG_ID - - POST_WITH_EVENT_DETAILS - eventExecutionDetails: - description: The execution info about this event. - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventExecutionDetails - createTime: - description: Auto-generated. + description: Input parameter schema for the action. + outputSchema: + description: Output parameter schema for the action. type: string - format: int64 - lastModifiedTime: - description: Auto-generated. + id: GoogleCloudIntegrationsV1alphaRuntimeActionSchema + description: Metadata of an action, including schemas for its inputs and outputs. + GoogleCloudConnectorsV1ConnectorVersionInfraConfig: + id: GoogleCloudConnectorsV1ConnectorVersionInfraConfig + properties: + maxInstanceRequestConcurrency: + readOnly: true + description: Output only. Max instance request concurrency. + format: int32 + type: integer + tlsMigrationState: + enum: + - TLS_MIGRATION_STATE_UNSPECIFIED + - TLS_MIGRATION_NOT_STARTED + - TLS_MIGRATION_COMPLETED + description: Output only. Status of the TLS migration. type: string + readOnly: true + enumDescriptions: + - TLS migration state is not specified. + - TLS migration is in progress. + - TLS migration is completed. + resourceLimits: + $ref: '#/components/schemas/GoogleCloudConnectorsV1ResourceLimits' + description: Output only. System resource limits. + readOnly: true + internalclientRatelimitThreshold: format: int64 - errors: - description: >- - Errors, warnings, and informationals associated with the - workflow/task. The order in which the errors were added by the - workflow/task is maintained. - type: array - items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoErrorDetail' - errorCode: - description: Final error-code if event failed. - $ref: '#/components/schemas/CrmlogErrorCode' - tenant: description: >- - Tenant this event is created. Used to reschedule the event to - correct tenant. - type: string - product: - description: >- - Which Google product the execution_info belongs to. If not set, the - execution_info belongs to Integration Platform by default. - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - enum: - - UNSPECIFIED_PRODUCT - - IP - - APIGEE - - SECURITY - snapshotNumber: - description: Workflow snapshot number. + Output only. Max QPS supported for internal requests originating + from Connd. type: string + readOnly: true + resourceRequests: + description: Output only. System resource requests. + $ref: '#/components/schemas/GoogleCloudConnectorsV1ResourceRequests' + readOnly: true + connectionRatelimitWindowSeconds: format: int64 - requestId: - description: Optional. This is used to de-dup incoming request. type: string - executionTraceInfo: - description: Execution trace info to aggregate parent-child executions. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoExecutionTraceInfo' - workflowRetryBackoffIntervalSeconds: + readOnly: true description: >- - Time interval in seconds to schedule retry of workflow in manifold - when workflow is already running - type: string + Output only. The window used for ratelimiting runtime requests to + connections. + hpaConfig: + $ref: '#/components/schemas/GoogleCloudConnectorsV1HPAConfig' + readOnly: true + description: Output only. HPA autoscaling config. + ratelimitThreshold: + description: >- + Output only. Max QPS supported by the connector version before + throttling of requests. + readOnly: true format: int64 - replayInfo: - description: Replay info for the execution - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventExecutionInfoReplayInfo - cloudLoggingDetails: - description: Cloud Logging details for execution info - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoCloudLoggingDetails' - integrationVersionUserLabel: - description: User-defined label that annotates the executed integration version. type: string - EnterpriseCrmFrontendsEventbusProtoEventExecutionDetails: - id: EnterpriseCrmFrontendsEventbusProtoEventExecutionDetails - description: >- - Contains the details of the execution info of this event: this includes - the tasks execution details plus the event execution statistics. Next - available id: 12 - type: object - properties: - eventExecutionState: - description: The execution state of this event. + deploymentModelMigrationState: + enum: + - DEPLOYMENT_MODEL_MIGRATION_STATE_UNSPECIFIED + - IN_PROGRESS + - COMPLETED + - ROLLEDBACK + - ROLLBACK_IN_PROGRESS type: string + description: Output only. Status of the deployment model migration. + readOnly: true enumDescriptions: - - '' - - >- - Event is received and waiting for the execution. This happens when - firing the event via "postToQueue" or "schedule". - - Event is under processing. - - >- - Event execution successfully finished. There's no more change - after this state. - - Event execution failed. There's no more change after this state. - - >- - Event execution canceled by user. There's no more change after - this state. - - Event execution failed and waiting for retry. - - Event execution suspended and waiting for manual intervention. - enum: - - UNSPECIFIED - - ON_HOLD - - IN_PROCESS - - SUCCEEDED - - FAILED - - CANCELED - - RETRY_ON_HOLD - - SUSPENDED - eventExecutionSnapshot: - description: >- - After snapshot migration, this field will no longer be populated, - but old execution snapshots will still be accessible. - type: array - items: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventExecutionSnapshot - networkAddress: - description: >- - The network address (aka. bns address) that indicates where the - event executor is running. - type: string - logFilePath: - description: The log file path (aka. cns address) for this event. + - Deployment model migration state is not specified. + - Deployment model migration is in progress. + - Deployment model migration is completed. + - Deployment model migration rolledback. + - Deployment model migration rollback in progress. + sharedDeployment: + description: Output only. The name of shared connector deployment. + readOnly: true type: string - eventAttemptStats: - type: array - items: - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoEventExecutionDetailsEventAttemptStats - ryeLockUnheldCount: - description: >- - Used internally and shouldn't be exposed to users. A counter for the - cron job to record how many times this event is in in_process state - but don't have a lock consecutively/ - type: integer - format: int32 - nextExecutionTime: - description: >- - Next scheduled execution time in case the execution status was - RETRY_ON_HOLD. + deploymentModel: + readOnly: true + description: Output only. Indicates whether connector is deployed on GKE/CloudRun type: string - format: int64 - eventRetriesFromBeginningCount: - description: >- - Indicates the number of times the execution has restarted from the - beginning. - type: integer - format: int32 - eventExecutionSnapshotsSize: - description: Total size of all event_execution_snapshots for an execution + enum: + - DEPLOYMENT_MODEL_UNSPECIFIED + - GKE_MST + - CLOUD_RUN_MST + enumDescriptions: + - Deployment model is not specified. + - Default model gke mst. + - Cloud run mst. + type: object + description: >- + This configuration provides infra configs like rate limit threshold + which need to be configurable for every connector version + EnterpriseCrmEventbusProtoValueType: + description: >- + Used for define type for values. Currently supported value types include + int, string, double, array, and any proto message. + properties: + booleanValue: + type: boolean + stringArray: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoStringArray' + protoValue: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + doubleArray: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoDoubleArray' + doubleValue: + type: number + format: double + stringValue: type: string + intValue: format: int64 - cancelReason: - description: >- - If the execution is manually canceled, this field will contain the - reason for cancellation. type: string - EnterpriseCrmFrontendsEventbusProtoEventExecutionSnapshot: - id: EnterpriseCrmFrontendsEventbusProtoEventExecutionSnapshot + intArray: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoIntArray' + id: EnterpriseCrmEventbusProtoValueType type: object + GoogleCloudIntegrationsV1alphaGetClientResponse: + description: Response for the GetClient rpc properties: - eventExecutionSnapshotId: - description: >- - Auto-generated. Used as primary key for EventExecutionSnapshots - table. - type: string - eventExecutionInfoId: - description: Points to the event execution info this snapshot belongs to. - type: string - checkpointTaskNumber: - description: >- - Indicates "right after which checkpoint task's execution" this - snapshot is taken. - type: string - eventExecutionSnapshotMetadata: - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoEventExecutionSnapshotEventExecutionSnapshotMetadata - taskName: - description: The task name associated with this snapshot. Could be empty. - deprecated: true - type: string - snapshotTime: - description: Indicates when this snapshot is taken. - type: string - format: int64 - eventParams: - description: The parameters in Event object. - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters - diffParams: - description: The parameters in Event object that differs from last snapshot. - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters - taskExecutionDetails: - description: All of the task execution details at the given point of time. - type: array - items: - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoTaskExecutionDetails - conditionResults: - description: All of the computed conditions that been calculated. - type: array - items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoConditionResult' - EnterpriseCrmEventbusProtoEventExecutionSnapshotEventExecutionSnapshotMetadata: - id: >- - EnterpriseCrmEventbusProtoEventExecutionSnapshotEventExecutionSnapshotMetadata + client: + description: 'Required. Required: The client configuration that was requested' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaClientConfig' + id: GoogleCloudIntegrationsV1alphaGetClientResponse + type: object + GoogleCloudIntegrationsV1alphaIntegrationAlertConfigThresholdValue: type: object + id: GoogleCloudIntegrationsV1alphaIntegrationAlertConfigThresholdValue properties: - taskNumber: - description: The task number associated with this snapshot. Could be empty. - type: string - taskName: - description: the task name associated with this snapshot. Could be empty. + absolute: type: string - eventAttemptNum: - description: the event attempt number this snapshot belongs to. - type: integer + format: int64 + description: Absolute value threshold. + percentage: format: int32 - taskAttemptNum: - description: the task attempt number this snapshot belongs to. Could be empty. + description: Percentage threshold. type: integer - format: int32 - taskLabel: - description: the task label associated with this snapshot. Could be empty. - type: string - ancestorTaskNumbers: - description: >- - Ancestor task number for the task(it will only be non-empty if the - task is under 'private workflow') - type: array - items: - type: string - ancestorIterationNumbers: - description: >- - Ancestor iteration number for the task(it will only be non-empty if - the task is under 'private workflow') - type: array - items: - type: string - integrationName: - description: >- - The direct integration which the event execution snapshots belongs - to - type: string - EnterpriseCrmEventbusProtoTaskExecutionDetails: - id: EnterpriseCrmEventbusProtoTaskExecutionDetails description: >- - Contains the details of the execution of this task. Next available id: - 11 + The threshold value of the metric, above or below which the alert should + be triggered. See EventAlertConfig or TaskAlertConfig for the different + alert metric types in each case. For the *RATE metrics, one or both of + these fields may be set. Zero is the default value and can be left at + that. For *PERCENTILE_DURATION metrics, one or both of these fields may + be set, and also, the duration threshold value should be specified in + the threshold_duration_ms member below. For *AVERAGE_DURATION metrics, + these fields should not be set at all. A different member, + threshold_duration_ms, must be set in the EventAlertConfig or the + TaskAlertConfig. + EnterpriseCrmFrontendsEventbusProtoDoubleParameterArray: type: object + id: EnterpriseCrmFrontendsEventbusProtoDoubleParameterArray properties: - taskNumber: - description: Pointer to the task config it used for execution. - type: string - taskExecutionState: + doubleValues: + items: + type: number + format: double + type: array + EnterpriseCrmEventbusProtoDoubleArrayFunction: + properties: + functionName: type: string + enum: + - UNSPECIFIED + - GET + - APPEND + - SIZE + - SUM + - AVG + - MAX + - MIN + - TO_SET + - APPEND_ALL + - TO_JSON + - SET + - REMOVE + - REMOVE_AT + - CONTAINS + - FOR_EACH + - FILTER enumDescriptions: - '' - - >- - Task is waiting for its precondition tasks to finish to start the - execution. - - Task is under processing. - - >- - Task execution successfully finished. There's no more change after - this state. - - Task execution failed. There's no more change after this state. - - >- - Task execution failed and cause the whole event execution to fail - immediately. There's no more change after this state. - - Task execution failed and waiting for retry. - - >- - Task execution skipped. This happens when its precondition wasn't - met, or the event execution been canceled before reach to the - task. There's no more changes after this state. - - >- - Task execution canceled when in progress. This happens when event - execution been canceled or any other task fall in fatal state. - - >- - Task is waiting for its dependency tasks' rollback to finish to - start its rollback. - - Task is rolling back. - - >- - Task is rolled back. This is the state we will set regardless of - rollback succeeding or failing. - - >- - Task is a SuspensionTask which has executed once, creating a - pending suspension. - enum: - - UNSPECIFIED - - PENDING_EXECUTION - - IN_PROCESS - - SUCCEED - - FAILED - - FATAL - - RETRY_ON_HOLD - - SKIPPED - - CANCELED - - PENDING_ROLLBACK - - ROLLBACK_IN_PROCESS - - ROLLEDBACK - - SUSPENDED - taskAttemptStats: - type: array - items: - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoTaskExecutionDetailsTaskAttemptStats - skippedOnFailure: - description: >- - Indicates whether the task was skipped on failure. Only relevant if - the task is in SKIPPED state. - type: boolean - EnterpriseCrmEventbusProtoTaskExecutionDetailsTaskAttemptStats: - id: EnterpriseCrmEventbusProtoTaskExecutionDetailsTaskAttemptStats + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + type: object + id: EnterpriseCrmEventbusProtoDoubleArrayFunction + GoogleCloudIntegrationsV1alphaDownloadIntegrationVersionResponse: + description: Response for DownloadIntegrationVersion. type: object + id: GoogleCloudIntegrationsV1alphaDownloadIntegrationVersionResponse properties: - startTime: - description: >- - The start time of the task execution for current attempt. This could - be in the future if it's been scheduled. - type: string - format: int64 - endTime: - description: The end time of the task execution for current attempt. + files: + type: array + items: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSerializedFile' + description: List containing String represendation for multiple file with type. + content: type: string - format: int64 - EnterpriseCrmEventbusProtoConditionResult: - id: EnterpriseCrmEventbusProtoConditionResult - description: Contains the combined condition calculation results. + description: String representation of the requested file. + EnterpriseCrmEventbusProtoStringArray: type: object properties: - currentTaskNumber: - description: the current task number. - type: string - nextTaskNumber: - description: the next task number. + values: + items: + type: string + type: array + id: EnterpriseCrmEventbusProtoStringArray + GoogleCloudIntegrationsV1alphaListTemplatesResponse: + description: Response for a request to list templates + id: GoogleCloudIntegrationsV1alphaListTemplatesResponse + properties: + nextPageToken: + description: The token used to retrieve the next page results. type: string - result: - description: >- - the result comes out after evaluate the combined condition. True if - there's no combined condition specified. - type: boolean - EnterpriseCrmEventbusProtoEventExecutionDetailsEventAttemptStats: - id: EnterpriseCrmEventbusProtoEventExecutionDetailsEventAttemptStats + templates: + items: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTemplate' + description: List of templates retrieved. + type: array type: object + GoogleCloudIntegrationsV1alphaCloudSchedulerConfig: + description: Cloud Scheduler Trigger configuration properties: - startTime: + serviceAccountEmail: description: >- - The start time of the event execution for current attempt. This - could be in the future if it's been scheduled. + Required. Service account used by Cloud Scheduler to trigger the + integration at scheduled time type: string - format: int64 - endTime: - description: The end time of the event execution for current attempt. + cronTab: type: string - format: int64 - EnterpriseCrmEventbusProtoErrorDetail: - id: EnterpriseCrmEventbusProtoErrorDetail - description: An error, warning, or information message associated with a workflow. - type: object - properties: - errorCode: - description: The associated error-code, which can be a common or internal code. - $ref: '#/components/schemas/CrmlogErrorCode' - errorMessage: + description: Required. The cron tab of cloud scheduler trigger. + location: description: >- - The full text of the error message, including any parameters that - were thrown along with the exception. - type: string - severity: - description: 'The severity of the error: ERROR|WARN|INFO.' + Required. The location where associated cloud scheduler job will be + created type: string - enumDescriptions: - - '' - - '' - - '' - - '' - enum: - - SEVERITY_UNSPECIFIED - - ERROR - - WARN - - INFO - taskNumber: + errorMessage: description: >- - The task try-number, in which, the error occurred. If zero, the - error happened at the event level. - type: integer - format: int32 - CrmlogErrorCode: - id: CrmlogErrorCode - description: >- - Registered ids for errors, as "oneof" enums. Each task or logical - grouping of tasks may share the same enum. + Optional. When the job was deleted from Pantheon UI, error_message + will be populated when Get/List integrations + type: string + type: object + id: GoogleCloudIntegrationsV1alphaCloudSchedulerConfig + GoogleCloudConnectorsV1EventingRuntimeDataWebhookSubscriptions: type: object + description: WebhookSubscriptions has details of webhook subscriptions. properties: - commonErrorCode: + webhookData: + type: array + description: Output only. Webhook data. + items: + $ref: >- + #/components/schemas/GoogleCloudConnectorsV1EventingRuntimeDataWebhookData + readOnly: true + id: GoogleCloudConnectorsV1EventingRuntimeDataWebhookSubscriptions + GoogleCloudIntegrationsV1alphaUseTemplateRequest: + properties: + integrationDetails: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaUseTemplateRequestIntegrationDetails + description: Required. Integration details which would be created via templates. + integrationRegion: + description: Required. The region of the Integration to be created. type: string + subIntegrations: + type: object + description: Optional. Sub Integration which would be created via templates. + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaUseTemplateRequestIntegrationDetails + type: object + id: GoogleCloudIntegrationsV1alphaUseTemplateRequest + description: Request to Use template + EnterpriseCrmEventbusProtoProtoArrayFunction: + type: object + properties: + functionName: enumDescriptions: - '' - '' @@ -6536,252 +6007,137 @@ components: - '' - '' - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - SYNC_EVENTBUS_EXECUTION_TIMEOUT is for eventbus internal use only. - - >- - ASYNC_EVENTBUS_EXECUTION_TIMEOUT is for eventbus internal use - only. This error will be counted as server availability error. - - '' - - '' - - '' - - '' - - '' - enumDeprecated: - - false - - true - - false - - false - - true - - true - - true - - false - - false - - true - - false - - false - - false - - false - - true - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false enum: - - COMMON_ERROR_CODE_UNSPECIFIED - - INVALID_CREDENTIALS - - REQUIRED_FIELDS_MISSING - - INVALID_FIELDS - - BACKEND - - GENERAL - - INTERNAL - - IO_ERROR - - NOT_FOUND - - EVENT_BUS - - ALREADY_EXISTS - - CONCORD - - CONVERSION - - FLUME - - PERMISSION - - SALES_FORCE - - SPANNER - - UNIMPLEMENTED - - RELTIO - - WORKFLOW_NOT_FOUND - - QUOTA_THROTTLED - - QUOTA_ENQUEUED - - INVALID_QUOTA_CONFIGURATION - - TASK_NOT_FOUND - - EXECUTION_TIMEOUT - - INVALID_EVENT_EXECUTION_STATE - - INVALID_ATTRIBUTE - - MISSING_ATTRIBUTE - - CLIENT_UNAUTHORIZED_FOR_WORKFLOW - - INVALID_PARAMETER - - MISSING_PARAMETER - - UNAUTHROIZED_WORKFLOW_EDITOR_ACTION - - FAILED_PRECONDITION - - INVALID_CLIENT - - MISSING_CLIENT - - INVALID_WORKFLOW - - MISSING_QUOTA_CONFIGURATION - - UNHANDLED_TASK_ERROR - - SCRIPT_TASK_RUNTIME_ERROR - - RPC - - INVALID_PROTO - - UNHANDLED_EVENTBUS_ERROR - - INVALID_TASK_STATE - - TYPED_TASK_INVALID_INPUT_OPERATION - - TYPED_TASK_INVALID_OUTPUT_OPERATION - - VALIDATION_ERROR - - RESUME_ERROR - - APPS_SCRIPT_EXECUTION_ERROR - - INVALID_VECTOR_USER - - INFORMATICA - - RETRYABLE_TASK_ERROR - - INVALID_TENANT - - WRONG_TENANT - - INFORMATICA_BACKEND_UNAVAILABLE - - RPC_PERMISSION_DENIED - - SYNC_EVENTBUS_EXECUTION_TIMEOUT - - ASYNC_EVENTBUS_EXECUTION_TIMEOUT - - NOT_SUPPORTED_DATA_TYPE - - UNSANITIZED_USER_INPUT - - TRANSFORM_EXPRESSION_EVALUATION_ERROR - - HTTP_EXCEPTION - - EXECUTION_CANCELLED - EnterpriseCrmEventbusProtoExecutionTraceInfo: - id: EnterpriseCrmEventbusProtoExecutionTraceInfo - description: >- - Message that helps aggregate all sub-executions triggered by one - execution and keeps track of child-parent relationships. - type: object - properties: - traceId: - description: Used to aggregate ExecutionTraceInfo. - type: string - parentEventExecutionInfoId: - description: >- - Parent event execution info id that triggers the current execution - through SubWorkflowExecutorTask. + - UNSPECIFIED + - GET + - APPEND + - SIZE + - TO_SET + - APPEND_ALL + - TO_JSON + - SET + - REMOVE + - REMOVE_AT + - CONTAINS + - FOR_EACH + - FILTER type: string - EnterpriseCrmFrontendsEventbusProtoEventExecutionInfoReplayInfo: - id: EnterpriseCrmFrontendsEventbusProtoEventExecutionInfoReplayInfo - description: >- - Contains the details of the execution info: this includes the replay - reason and replay tree connecting executions in a parent-child - relationship + id: EnterpriseCrmEventbusProtoProtoArrayFunction + GoogleCloudConnectorsV1AuthConfig: + description: AuthConfig defines details of a authentication type. + id: GoogleCloudConnectorsV1AuthConfig type: object properties: - originalExecutionInfoId: - description: >- - If this execution is a replay of another execution, then this field - contains the original execution id. + authType: + description: Optional. The type of authentication configured. + enumDescriptions: + - Authentication type not specified. + - Username and Password Authentication. + - >- + JSON Web Token (JWT) Profile for Oauth 2.0 Authorization Grant + based authentication + - Oauth 2.0 Client Credentials Grant Authentication + - SSH Public Key Authentication + - Oauth 2.0 Authorization Code Flow + - Google authentication + - >- + Oauth 2.0 Authorization Code Flow with Google Provided OAuth + Client + enum: + - AUTH_TYPE_UNSPECIFIED + - USER_PASSWORD + - OAUTH2_JWT_BEARER + - OAUTH2_CLIENT_CREDENTIALS + - SSH_PUBLIC_KEY + - OAUTH2_AUTH_CODE_FLOW + - GOOGLE_AUTHENTICATION + - OAUTH2_AUTH_CODE_FLOW_GOOGLE_MANAGED type: string - replayedExecutionInfoIds: - description: >- - If this execution has been replayed, then this field contains the - execution ids of the replayed executions. + oauth2AuthCodeFlowGoogleManaged: + description: Oauth2AuthCodeFlowGoogleManaged. + $ref: >- + #/components/schemas/GoogleCloudConnectorsV1AuthConfigOauth2AuthCodeFlowGoogleManaged + additionalVariables: + items: + $ref: '#/components/schemas/GoogleCloudConnectorsV1ConfigVariable' + description: Optional. List containing additional auth configs. type: array + oauth2AuthCodeFlow: + description: Oauth2AuthCodeFlow. + $ref: >- + #/components/schemas/GoogleCloudConnectorsV1AuthConfigOauth2AuthCodeFlow + sshPublicKey: + $ref: '#/components/schemas/GoogleCloudConnectorsV1AuthConfigSshPublicKey' + description: SSH Public Key. + authKey: + type: string + description: Optional. Identifier key for auth config + oauth2JwtBearer: + description: Oauth2JwtBearer. + $ref: >- + #/components/schemas/GoogleCloudConnectorsV1AuthConfigOauth2JwtBearer + userPassword: + description: UserPassword. + $ref: '#/components/schemas/GoogleCloudConnectorsV1AuthConfigUserPassword' + oauth2ClientCredentials: + description: Oauth2ClientCredentials. + $ref: >- + #/components/schemas/GoogleCloudConnectorsV1AuthConfigOauth2ClientCredentials + GoogleCloudIntegrationsV1alphaMockConfig: + properties: + parameters: items: - type: string - replayReason: - description: reason for replay + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaEventParameter' + type: array + description: Optional. List of key-value pairs for specific mock strategy + failedExecutions: type: string - replayMode: - description: Replay mode for the execution + description: >- + Optional. Number of times the given task should fail for failure + mock strategy + format: int64 + mockStrategy: type: string - enumDescriptions: - - '' - - Replay the original execution from the beginning. - - Replay the execution from the first failed task. + description: >- + Mockstrategy defines how the particular task should be mocked during + test execution enum: - - REPLAY_MODE_UNSPECIFIED - - REPLAY_MODE_FROM_BEGINNING - - REPLAY_MODE_POINT_OF_FAILURE - EnterpriseCrmEventbusProtoCloudLoggingDetails: - id: EnterpriseCrmEventbusProtoCloudLoggingDetails - description: >- - Cloud Logging details, selected by the user for the integration version - (workflow). This message field will be also used in ExecutionInfo, to - indicate the CloudLoggingDetails config at the time of workflow - (integration version) execution, since this field value can be changed - for an unpublished workflow. + - MOCK_STRATEGY_UNSPECIFIED + - NO_MOCK_STRATEGY + - SPECIFIC_MOCK_STRATEGY + - FAILURE_MOCK_STRATEGY + - SKIP_MOCK_STRATEGY + enumDescriptions: + - This should never be used to annotate a field + - Execute actual task + - >- + Don't execute actual task, instead use the values specified by + user for output of the task + - Don't execute actual task, instead return task failure + - Don't execute actual task, instead mark it as successful type: object + description: >- + The configuration for mocking of a task during test execution Next + available id: 4 + id: GoogleCloudIntegrationsV1alphaMockConfig + EnterpriseCrmEventbusProtoCloudLoggingDetails: + id: EnterpriseCrmEventbusProtoCloudLoggingDetails properties: enableCloudLogging: + type: boolean description: >- Status of whether Cloud Logging is enabled or not for the integration version getting executed. - type: boolean cloudLoggingSeverity: + type: string + enum: + - CLOUD_LOGGING_SEVERITY_UNSPECIFIED + - INFO + - ERROR + - WARNING description: >- Severity selected by the customer for the logs to be sent to Cloud Logging, for the integration version getting executed. - type: string enumDescriptions: - Unspecified - >- @@ -6796,1240 +6152,1231 @@ components: If Severity selected is `WARNING`, then only the following Integration Execution States (`ERROR`, `CANCELLED`) will be sent to Cloud Logging. - enum: - - CLOUD_LOGGING_SEVERITY_UNSPECIFIED - - INFO - - ERROR - - WARNING - GoogleCloudIntegrationsV1alphaExecution: - id: GoogleCloudIntegrationsV1alphaExecution description: >- - The Execution resource contains detailed information of an individual - integration execution. + Cloud Logging details, selected by the user for the integration version + (workflow). This message field will be also used in ExecutionInfo, to + indicate the CloudLoggingDetails config at the time of workflow + (integration version) execution, since this field value can be changed + for an unpublished workflow. type: object + GoogleCloudIntegrationsV1alphaFile: + id: GoogleCloudIntegrationsV1alphaFile + description: >- + To store Integration version related file i.e. Integration Version, + Config variable etc. properties: - name: - description: Auto-generated primary key. + type: + enum: + - INTEGRATION_FILE_UNSPECIFIED + - INTEGRATION + - INTEGRATION_CONFIG_VARIABLES type: string - triggerId: description: >- - The trigger id of the integration trigger config. If both trigger_id - and client_id is present, the integration is executed from the start - tasks provided by the matching trigger config otherwise it is - executed from the default start tasks. - type: string - requestParams: - description: Event parameters come in as part of the request. - deprecated: true - type: array - items: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterEntry - responseParams: - deprecated: true - type: array - items: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterEntry - executionMethod: - description: The ways user posts this event. - type: string + File information like Integration version, Integration Config + variables etc. enumDescriptions: - Default value. - - Sync post. - - Async post. - - Async post with schedule time. - enum: - - EXECUTION_METHOD_UNSPECIFIED - - POST - - POST_TO_QUEUE - - SCHEDULE - eventExecutionDetails: - description: The execution info about this event. - deprecated: true - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoEventExecutionDetails' - createTime: - description: Output only. Created time of the execution. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Last modified time of the execution. - readOnly: true - type: string - format: google-datetime - directSubExecutions: - description: Direct sub executions of the following Execution. - type: array - items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaExecution' - executionDetails: - description: Detailed info of this execution. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaExecutionDetails' - requestParameters: - description: Event parameters come in as part of the request. - type: object + - Integration file. + - Integration Config variables. + integrationConfig: additionalProperties: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' - responseParameters: - description: >- - Event parameters returned as part of the response. In the case of - error, the `ErrorInfo` field is returned in the following format: { - "ErrorInfo": { "message": String, "code": Number } } + type: any + description: Properties of the object. type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' - cloudLoggingDetails: - description: Cloud Logging details for the integration version + description: Integration version config file + integrationVersion: + description: Integration version $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaCloudLoggingDetails - integrationVersionState: - description: Output only. State of the integration version - readOnly: true + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + type: object + GoogleCloudConnectorsV1EventingConfigDeadLetterConfig: + id: GoogleCloudConnectorsV1EventingConfigDeadLetterConfig + description: Dead Letter configuration details provided by the user. + properties: + projectId: type: string - enumDescriptions: - - Default. - - Draft. - - Active. - - Archived. - - Snapshot. - enum: - - INTEGRATION_STATE_UNSPECIFIED - - DRAFT - - ACTIVE - - ARCHIVED - - SNAPSHOT - snapshotNumber: + description: Optional. Project which has the topic given. + topic: + type: string + description: Optional. Topic to push events which couldn't be processed. + type: object + GoogleCloudIntegrationsV1alphaLiftSuspensionResponse: + description: Response of lift Suspense + properties: + eventExecutionInfoId: + description: Execution Id that will be returned + type: string + id: GoogleCloudIntegrationsV1alphaLiftSuspensionResponse + type: object + EnterpriseCrmEventbusProtoParameterMapEntry: + type: object + id: EnterpriseCrmEventbusProtoParameterMapEntry + description: Entry is a pair of key and value. + properties: + key: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterMapField' + value: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterMapField' + GoogleCloudConnectorsV1EventingRuntimeData: + properties: + eventsListenerEndpoint: + type: string + readOnly: true description: >- - Output only. An increasing sequence that is set when a new snapshot - is created + Output only. Events listener endpoint. The value will populated + after provisioning the events listener. + status: readOnly: true - type: string - format: int64 - replayInfo: - description: Output only. Replay info for the execution + $ref: '#/components/schemas/GoogleCloudConnectorsV1EventingStatus' + description: Output only. Current status of eventing. + webhookSubscriptions: readOnly: true $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaExecutionReplayInfo - cloudKmsKey: - description: Optional. Cloud KMS resource name for the CMEK encryption key. + #/components/schemas/GoogleCloudConnectorsV1EventingRuntimeDataWebhookSubscriptions + description: Output only. Webhook subscriptions. + eventsListenerPscSa: type: string - EnterpriseCrmEventbusProtoEventExecutionDetails: - id: EnterpriseCrmEventbusProtoEventExecutionDetails + description: >- + Output only. Events listener PSC Service attachment. The value will + be populated after provisioning the events listener with private + connectivity enabled. + readOnly: true + webhookData: + description: Output only. Webhook data. + $ref: >- + #/components/schemas/GoogleCloudConnectorsV1EventingRuntimeDataWebhookData + readOnly: true + type: object description: >- - Contains the details of the execution info of this event: this includes - the tasks execution details plus the event execution statistics. Next - available id: 12 + Eventing runtime data has the details related to eventing managed by the + system. + id: GoogleCloudConnectorsV1EventingRuntimeData + GoogleCloudIntegrationsV1alphaListSuspensionsResponse: type: object + id: GoogleCloudIntegrationsV1alphaListSuspensionsResponse properties: - eventExecutionState: + nextPageToken: + description: Token to retrieve the next page of results. type: string - enumDescriptions: - - '' - - >- - Event is received and waiting for the execution. This happens when - firing the event via "postToQueue" or "schedule". - - Event is under processing. - - >- - Event execution successfully finished. There's no more change - after this state. - - Event execution failed. There's no more change after this state. - - >- - Event execution canceled by user. There's no more change after - this state. - - Event execution failed and waiting for retry. - - Event execution suspended and waiting for manual intervention. - enum: - - UNSPECIFIED - - ON_HOLD - - IN_PROCESS - - SUCCEEDED - - FAILED - - CANCELED - - RETRY_ON_HOLD - - SUSPENDED - eventExecutionSnapshot: + suspensions: type: array - items: - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoEventExecutionSnapshot - networkAddress: description: >- - The network address (aka. bns address) that indicates where the - event executor is running. - type: string - logFilePath: - description: The log file path (aka. cns address) for this event. - type: string - eventAttemptStats: - type: array + The suspensions for the relevant execution which the caller has + permissions to view and resolve. items: - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoEventExecutionDetailsEventAttemptStats - ryeLockUnheldCount: - description: >- - Used internally and shouldn't be exposed to users. A counter for the - cron job to record how many times this event is in in_process state - but don't have a lock consecutively/ - type: integer - format: int32 - nextExecutionTime: - description: >- - Next scheduled execution time in case the execution status was - RETRY_ON_HOLD. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSuspension' + description: Response for Suspensions.ListSuspensions. + GoogleCloudIntegrationsV1alphaSuspensionApprovalExpiration: + description: Expiration configs for the approval request. + id: GoogleCloudIntegrationsV1alphaSuspensionApprovalExpiration + type: object + properties: + remindTime: type: string - format: int64 - eventRetriesFromBeginningCount: + format: google-datetime description: >- - Indicates the number of times the execution has restarted from the - beginning. - type: integer - format: int32 - eventExecutionSnapshotsSize: - description: Total size of all event_execution_snapshots for an execution + Time after the previous suspension action reminder, if any, is sent + using the selected notification option, for a suspension which is + still PENDING_UNSPECIFIED. + expireTime: type: string - format: int64 - cancelReason: + format: google-datetime description: >- - If the execution is manually canceled, this field will contain the - reason for cancellation. - type: string - EnterpriseCrmEventbusProtoEventExecutionSnapshot: - id: EnterpriseCrmEventbusProtoEventExecutionSnapshot - description: >- - Contains the snapshot of the event execution for a given checkpoint. - Next available id: 15 + Output only. Time after which the suspension expires, if no action + taken. + readOnly: true + liftWhenExpired: + description: >- + Whether the suspension will be REJECTED or LIFTED upon expiration. + REJECTED is the default behavior. + type: boolean + GoogleCloudConnectorsV1SslConfig: + description: SSL Configuration of a connection + id: GoogleCloudConnectorsV1SslConfig type: object properties: - eventExecutionSnapshotId: - description: >- - Auto-generated. Used as primary key for EventExecutionSnapshots - table. - type: string - eventExecutionInfoId: - description: Points to the event execution info this snapshot belongs to. - type: string - checkpointTaskNumber: - description: >- - Indicates "right after which checkpoint task's execution" this - snapshot is taken. + clientPrivateKey: + $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' + description: Optional. Client Private Key + clientCertType: type: string - eventExecutionSnapshotMetadata: - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoEventExecutionSnapshotEventExecutionSnapshotMetadata - taskName: - description: The task name associated with this snapshot. Could be empty. - deprecated: true + description: Optional. Type of Client Cert (PEM/JKS/.. etc.) + enum: + - CERT_TYPE_UNSPECIFIED + - PEM + enumDescriptions: + - Cert type unspecified. + - Privacy Enhanced Mail (PEM) Type + type: + enum: + - SSL_TYPE_UNSPECIFIED + - TLS + - MTLS + enumDescriptions: + - No SSL configuration required. + - TLS Handshake + - mutual TLS (MTLS) Handshake type: string - snapshotTime: - description: Indicates when this snapshot is taken. + description: Optional. Controls the ssl type for the given connector version. + serverCertType: type: string - format: int64 - eventParams: - description: The parameters in Event object. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoEventParameters' - diffParams: - description: The parameters in Event object that differs from last snapshot. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoEventParameters' - taskExecutionDetails: - description: All of the task execution details at the given point of time. - type: array - items: - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoTaskExecutionDetails - conditionResults: - description: All of the computed conditions that been calculated. + enum: + - CERT_TYPE_UNSPECIFIED + - PEM + description: Optional. Type of Server Cert (PEM/JKS/.. etc.) + enumDescriptions: + - Cert type unspecified. + - Privacy Enhanced Mail (PEM) Type + additionalVariables: type: array items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoConditionResult' - exceedMaxSize: - description: indicate whether snapshot exceeded maximum size before clean up + $ref: '#/components/schemas/GoogleCloudConnectorsV1ConfigVariable' + description: Optional. Additional SSL related field values + privateServerCertificate: + description: >- + Optional. Private Server Certificate. Needs to be specified if trust + model is `PRIVATE`. + $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' + useSsl: type: boolean - clientId: - description: Client that the execution snapshot is associated to. - type: string - workflowName: - description: Name of the workflow this event execution snapshot belongs to. - type: string - GoogleCloudIntegrationsV1alphaExecutionDetails: - id: GoogleCloudIntegrationsV1alphaExecutionDetails - description: >- - Contains the details of the execution info: this includes the tasks - execution details plus the event execution statistics. - type: object - properties: - state: - description: Status of the execution. - type: string + description: Optional. Bool for enabling SSL + clientPrivateKeyPass: + description: >- + Optional. Secret containing the passphrase protecting the Client + Private Key + $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' + trustModel: enumDescriptions: - - Default. - - Execution is scheduled and awaiting to be triggered. - - Execution is processing. - - >- - Execution successfully finished. There's no more change after this - state. - - Execution failed. There's no more change after this state. - - >- - Execution canceled by user. There's no more change after this - state. - - Execution failed and waiting for retry. - - Execution suspended and waiting for manual intervention. + - Public Trust Model. Takes the Default Java trust store. + - Private Trust Model. Takes custom/private trust store. + - Insecure Trust Model. Accept all certificates. enum: - - STATE_UNSPECIFIED - - PENDING - - PROCESSING - - SUCCEEDED - - FAILED - - CANCELLED - - RETRY_ON_HOLD - - SUSPENDED - executionSnapshots: - description: List of snapshots taken during the execution. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaExecutionSnapshot - attemptStats: - description: List of Start and end time of the execution attempts. - type: array - items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAttemptStats' - eventExecutionSnapshotsSize: - description: Total size of all event_execution_snapshots for an execution + - PUBLIC + - PRIVATE + - INSECURE type: string - format: int64 - GoogleCloudIntegrationsV1alphaExecutionSnapshot: - id: GoogleCloudIntegrationsV1alphaExecutionSnapshot - description: Contains the snapshot of the execution for a given checkpoint. + description: Optional. Trust Model of the SSL connection + clientCertificate: + description: Optional. Client Certificate + $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' + GoogleCloudIntegrationsV1alphaGetClientMetadataResponse: type: object + description: Response for the GetClientMetadata rpc properties: - checkpointTaskNumber: + properties: + description: 'Required. Required: The client configuration that was requested' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaProjectProperties' + id: GoogleCloudIntegrationsV1alphaGetClientMetadataResponse + GoogleCloudConnectorsV1HPAConfig: + description: Autoscaling config for connector deployment system metrics. + id: GoogleCloudConnectorsV1HPAConfig + properties: + cpuUtilizationThreshold: + readOnly: true + type: string + description: Output only. Percent CPU utilization where HPA triggers autoscaling. + format: int64 + memoryUtilizationThreshold: + format: int64 description: >- - Indicates "after which checkpoint task's execution" this snapshot is - taken. + Output only. Percent Memory utilization where HPA triggers + autoscaling. type: string - executionSnapshotMetadata: - description: Metadata of the execution snapshot. - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaExecutionSnapshotExecutionSnapshotMetadata - params: - description: Parameters used during the execution. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' - taskExecutionDetails: - description: All of the task execution details at the given point of time. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaTaskExecutionDetails - GoogleCloudIntegrationsV1alphaExecutionSnapshotExecutionSnapshotMetadata: - id: GoogleCloudIntegrationsV1alphaExecutionSnapshotExecutionSnapshotMetadata - description: Metadata of the execution snapshot. + readOnly: true type: object - properties: - taskNumber: - description: The task number associated with this snapshot. - type: string - task: - description: the task name associated with this snapshot. + EnterpriseCrmEventbusProtoConditionalFailurePolicies: + id: EnterpriseCrmEventbusProtoConditionalFailurePolicies + type: object + properties: + defaultFailurePolicy: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoFailurePolicy' + description: >- + The default failure policy to be applied if no conditional failure + policy matches + failurePolicies: + type: array + description: >- + The list of failure policies that will be applied to the task in + order. + items: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoFailurePolicy' + EnterpriseCrmEventbusProtoIntArrayFunction: + properties: + functionName: + enum: + - UNSPECIFIED + - GET + - APPEND + - SIZE + - SUM + - AVG + - MAX + - MIN + - TO_SET + - APPEND_ALL + - TO_JSON + - SET + - REMOVE + - REMOVE_AT + - CONTAINS + - FOR_EACH + - FILTER type: string - executionAttempt: - description: the execution attempt number this snapshot belongs to. - type: integer - format: int32 - taskAttempt: - description: the task attempt number this snapshot belongs to. - type: integer - format: int32 - taskLabel: - description: the task label associated with this snapshot. Could be empty. + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + id: EnterpriseCrmEventbusProtoIntArrayFunction + type: object + EnterpriseCrmFrontendsEventbusProtoTriggerConfig: + description: 'Configuration detail of a trigger. Next available id: 22' + id: EnterpriseCrmFrontendsEventbusProtoTriggerConfig + properties: + cloudSchedulerConfig: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoCloudSchedulerConfig' + triggerCriteria: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTriggerCriteria' + description: >- + Optional. When set, Eventbus will run the task specified in the + trigger_criteria and validate the result using the + trigger_criteria.condition, and only execute the workflow when + result is true. + nextTasksExecutionPolicy: + enumDescriptions: + - Default + - Execute all the tasks that satisfy their associated condition. + - Execute the first task that satisfies the associated condition. type: string - ancestorTaskNumbers: + description: Dictates how next tasks will be executed. + enum: + - UNSPECIFIED + - RUN_ALL_MATCH + - RUN_FIRST_MATCH + properties: + additionalProperties: + type: string description: >- - Ancestor task number for the task(it will only be non-empty if the - task is under 'private workflow') + Configurable properties of the trigger, not to be confused with + workflow parameters. E.g. "name" is a property for API triggers and + "subscription" is a property for Cloud Pubsub triggers. + type: object + startTasks: type: array items: - type: string - ancestorIterationNumbers: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoNextTask' description: >- - Ancestor iteration number for the task(it will only be non-empty if - the task is under 'private workflow') + Set of tasks numbers from where the workflow execution is started by + this trigger. If this is empty, then workflow is executed with + default start tasks. In the list of start tasks, none of two tasks + can have direct ancestor-descendant relationships (i.e. in a same + workflow execution graph). + outputVariables: + description: Optional. List of output variables for the api trigger. + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoTriggerConfigVariables + triggerType: + type: string + enum: + - UNKNOWN + - CLOUD_PUBSUB + - GOOPS + - SFDC_SYNC + - CRON + - API + - MANIFOLD_TRIGGER + - DATALAYER_DATA_CHANGE + - SFDC_CHANNEL + - CLOUD_PUBSUB_EXTERNAL + - SFDC_CDC_CHANNEL + - SFDC_PLATFORM_EVENTS_CHANNEL + - CLOUD_SCHEDULER + - INTEGRATION_CONNECTOR_TRIGGER + - PRIVATE_TRIGGER + - EVENTARC_TRIGGER + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + enabledClients: type: array items: type: string - integrationName: description: >- - The direct integration which the event execution snapshots belongs - to + Required. The list of client ids which are enabled to execute the + workflow using this trigger. In other words, these clients have the + workflow execution privledges for this trigger. For API trigger, the + client id in the incoming request is validated against the list of + enabled clients. For non-API triggers, one workflow execution is + triggered on behalf of each enabled client. + triggerName: + description: >- + Optional. Name of the trigger This is added to identify the type of + trigger. This is avoid the logic on triggerId to identify the + trigger_type and push the same to monitoring. + type: string + triggerNumber: + description: >- + Required. A number to uniquely identify each trigger config within + the workflow on UI. + type: string + triggerId: + description: The backend trigger ID. + type: string + errorCatcherId: + type: string + description: >- + Optional Error catcher id of the error catch flow which will be + executed when execution error happens in the task + alertConfig: + description: >- + An alert threshold configuration for the [trigger + client + + workflow] tuple. If these values are not specified in the trigger + config, default values will be populated by the system. Note that + there must be exactly one alert threshold configured per [client + + trigger + workflow] when published. + items: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoWorkflowAlertConfig' + type: array + inputVariables: + description: Optional. List of input variables for the api trigger. + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoTriggerConfigVariables + position: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoCoordinate' + description: >- + Optional. Informs the front-end application where to draw this + trigger config on the UI. + pauseWorkflowExecutions: + description: >- + Optional. If set to true, any upcoming requests for this trigger + config will be paused and the executions will be resumed later when + the flag is reset. The workflow to which this trigger config belongs + has to be in ACTIVE status for the executions to be paused or + resumed. + type: boolean + label: + type: string + description: The user created label for a particular trigger. + description: + description: >- + User-provided description intended to give more business context + about the task. type: string - GoogleCloudIntegrationsV1alphaTaskExecutionDetails: - id: GoogleCloudIntegrationsV1alphaTaskExecutionDetails - description: Contains the details of the execution of this task. type: object + EnterpriseCrmEventbusProtoSuspensionResolutionInfoAudit: properties: - taskNumber: - description: Pointer to the task config it used for execution. + resolvedBy: type: string - taskExecutionState: - description: The execution state of this task. + timestamp: + type: string + format: google-datetime + resolvedByCpi: + type: string + type: object + id: EnterpriseCrmEventbusProtoSuspensionResolutionInfoAudit + EnterpriseCrmEventbusProtoFunction: + properties: + parameters: + type: array + description: List of parameters required for the transformation. + items: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTransformExpression' + functionType: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoFunctionType' + description: The name of the function to perform. + type: object + id: EnterpriseCrmEventbusProtoFunction + EnterpriseCrmEventbusProtoTaskUiModuleConfig: + type: object + properties: + moduleId: type: string + description: ID of the config module. enumDescriptions: - - Default value. + - Default + - Supports editing label of a task config. + - Supports editing error handling settings such as retry strategy. - >- - Task is waiting for its precondition tasks to finish to start the - execution. - - Task is under processing. - - >- - Task execution successfully finished. There's no more change after - this state. - - Task execution failed. There's no more change after this state. - - >- - Task execution failed and cause the whole integration execution to - fail immediately. There's no more change after this state. - - Task execution failed and waiting for retry. - - >- - Task execution skipped. This happens when its precondition wasn't - met, or the integration execution been canceled before reach to - the task. There's no more changes after this state. + Supports adding, removing and editing task parameter values in a + table with little assistance or restriction. - >- - Task execution canceled when in progress. This happens when - integration execution been canceled or any other task fall in - fatal state. + Supports editing values of declared input parameters of a task. + Think of it as a "strongly typed" upgrade to the TASK_PARAM_TABLE. + - Supports editing preconditions of a task config. - >- - Task is waiting for its dependency tasks' rollback to finish to - start its rollback. - - Task is rolling back. + Supports adding, editing, and deleting the scripts associated with + a script task, as well as modifying the input/output parameters. - >- - Task is rolled back. This is the state we will set regardless of - rollback succeeding or failing. + Supports editing task parameters associated with an RPC/stubby + task. - >- - Task is a SuspensionTask which has executed once, creating a - pending suspension. + Contains readonly task information, including input/output type + info. + - Configures a SuspensionTask. + - Configures a GenericStubbyTypedTask. + - Configures a SubWorkflowExecutorTask. + - Supports navigating to Apps Script editor + - Configures a SubWorkflowForEachLoopTask. + - Configures a FieldMappingTask. + - Contains embedded in-product documentation for a task. + - UI widget for the rest caller task. + - Configures a SubWorkflowScatterGatherTask. + - Configures a CloudSql Task. + - Configure a GenericConnectorTask. enum: - - TASK_EXECUTION_STATE_UNSPECIFIED - - PENDING_EXECUTION - - IN_PROCESS - - SUCCEED - - FAILED - - FATAL - - RETRY_ON_HOLD - - SKIPPED - - CANCELLED - - PENDING_ROLLBACK - - ROLLBACK_IN_PROCESS - - ROLLEDBACK - - SUSPENDED - taskAttemptStats: - description: Status for the current task execution attempt. - type: array - items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAttemptStats' - GoogleCloudIntegrationsV1alphaAttemptStats: - id: GoogleCloudIntegrationsV1alphaAttemptStats - description: Status for the execution attempt. - type: object - properties: - startTime: - description: >- - The start time of the integration execution for current attempt. - This could be in the future if it's been scheduled. - type: string - format: google-datetime - endTime: - description: The end time of the integration execution for current attempt. - type: string - format: google-datetime - GoogleCloudIntegrationsV1alphaExecutionReplayInfo: - id: GoogleCloudIntegrationsV1alphaExecutionReplayInfo - description: >- - Contains the details of the execution info: this includes the replay - reason and replay tree connecting executions in a parent-child - relationship + - UNSPECIFIED_TASK_MODULE + - LABEL + - ERROR_HANDLING + - TASK_PARAM_TABLE + - TASK_PARAM_FORM + - PRECONDITION + - SCRIPT_EDITOR + - RPC + - TASK_SUMMARY + - SUSPENSION + - RPC_TYPED + - SUB_WORKFLOW + - APPS_SCRIPT_NAVIGATOR + - SUB_WORKFLOW_FOR_EACH_LOOP + - FIELD_MAPPING + - README + - REST_CALLER + - SUB_WORKFLOW_SCATTER_GATHER + - CLOUD_SQL + - GENERIC_CONNECTOR_TASK + description: Task author would use this type to configure a config module. + id: EnterpriseCrmEventbusProtoTaskUiModuleConfig + GoogleCloudIntegrationsV1alphaReplayExecutionResponse: + id: GoogleCloudIntegrationsV1alphaReplayExecutionResponse type: object + description: Response for replaying an execution. properties: - originalExecutionInfoId: - description: >- - If this execution is a replay of another execution, then this field - contains the original execution id. - type: string - replayedExecutionInfoIds: + outputParameters: + additionalProperties: + type: any + description: Properties of the object. + type: object description: >- - If this execution has been replayed, then this field contains the - execution ids of the replayed executions. - type: array - items: - type: string - replayReason: - description: reason for replay - type: string - replayMode: - description: Replay mode for the execution + OUTPUT parameters in format of Map. Where Key is the name of the + parameter. The parameters would only be present in case of + synchrounous execution. Note: Name of the system generated + parameters are wrapped by backtick(`) to distinguish them from the + user defined parameters. + executionId: type: string - enumDescriptions: - - Default value. - - Replay the original execution from the beginning. - - Replay the execution from the first failed task. - enum: - - REPLAY_MODE_UNSPECIFIED - - REPLAY_MODE_FROM_BEGINNING - - REPLAY_MODE_POINT_OF_FAILURE - GoogleCloudIntegrationsV1alphaCancelExecutionRequest: - id: GoogleCloudIntegrationsV1alphaCancelExecutionRequest - description: Request for cancelling an execution. - type: object - properties: - cancelReason: description: >- - Required. Reason for cancelling the execution. This is provided by - the client requesting the cancellation, and is not used by the - Platform. + Next ID: 4 The id of the execution corresponding to this run of the + integration. + replayedExecutionId: + description: The execution id which is replayed. type: string - GoogleCloudIntegrationsV1alphaCancelExecutionResponse: - id: GoogleCloudIntegrationsV1alphaCancelExecutionResponse - description: Response for cancelling an execution. - type: object + EnterpriseCrmFrontendsEventbusProtoParameterMapEntry: + description: Entry is a pair of key and value. + id: EnterpriseCrmFrontendsEventbusProtoParameterMapEntry properties: - isCanceled: - description: True if cancellation performed successfully. - type: boolean - GoogleCloudIntegrationsV1alphaTestIntegrationsRequest: - id: GoogleCloudIntegrationsV1alphaTestIntegrationsRequest - description: The request for testing an integration. + value: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterMapField + key: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterMapField type: object + EnterpriseCrmEventbusProtoParamSpecEntryValidationRule: properties: - integrationVersion: - description: Required. integration config to execute the workflow + stringRegex: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion - parameters: - description: Optional. Passed in as parameters to each integration execution. - deprecated: true + #/components/schemas/EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleStringRegex + doubleRange: $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters - triggerId: - description: >- - Required. The trigger id of the integration trigger config. If both - trigger_id and client_id is present, the integration is executed - from the start tasks provided by the matching trigger config - otherwise it is executed from the default start tasks. + #/components/schemas/EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleDoubleRange + intRange: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleIntRange + id: EnterpriseCrmEventbusProtoParamSpecEntryValidationRule + type: object + EnterpriseCrmEventbusProtoNodeIdentifier: + properties: + elementType: type: string - clientId: - description: >- - Required. This is used to identify the client on whose behalf the - event will be executed. + description: Destination node where the edge ends. It can only be a task config. + enum: + - UNKNOWN_TYPE + - TASK_CONFIG + - TRIGGER_CONFIG + enumDescriptions: + - '' + - '' + - '' + elementIdentifier: type: string - testMode: + description: Configuration of the edge. + id: EnterpriseCrmEventbusProtoNodeIdentifier + description: 'Represents a node identifier (type + id). Next highest id: 3' + type: object + EnterpriseCrmEventbusProtoAttributes: + properties: + isRequired: description: >- - Optional. Can be specified in the event request, otherwise false - (default). If true, enables tasks with condition "test_mode = true". - If false, disables tasks with condition "test_mode = true" if global - test mode (set by platform) is also false {@link EventBusConfig}. + Required for event execution. The validation will be done by the + event bus when the event is triggered. type: boolean - deadlineSecondsTime: - description: Optional. custom deadline of the rpc + searchable: + enum: + - UNSPECIFIED + - 'YES' + - 'NO' + enumDescriptions: + - '' + - >- + If yes, the parameter key and value will be full-text indexed. In + a proto, this value will propagate to all children whose + searchable is unspecified. + - >- + If no, the parameter key and value will not be full-text indexed. + In a proto, this value will propagate to all children whose + searchable is unspecified. type: string - format: google-datetime - inputParameters: - description: Optional. Input parameters used during integration execution. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' - configParameters: - description: Optional. Config parameters used during integration execution. - type: object - additionalProperties: - type: any - description: Properties of the object. - GoogleCloudIntegrationsV1alphaTestIntegrationsResponse: - id: GoogleCloudIntegrationsV1alphaTestIntegrationsResponse - description: The response for testing an integration. - type: object - properties: - executionId: - description: The id of the execution corresponding to this run of integration. - type: string - eventParameters: - description: Details for the integration that were executed. - deprecated: true - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters - executionFailed: - description: Is true if any execution in the integration failed. False otherwise. + defaultValue: + description: Used to define defaults. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoValueType' + readOnly: type: boolean - parameterEntries: - description: >- - Parameters are a part of Event and can be used to communicate - between different tasks that are part of the same integration - execution. - deprecated: true - type: array + description: Used to indicate if the ParameterEntry is a read only field or not. + taskVisibility: items: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterEntry - parameters: - description: >- - Optional. Parameters are a part of Event and can be used to - communicate between different tasks that are part of the same - integration execution. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' - GoogleCloudIntegrationsV1alphaDownloadExecutionResponse: - id: GoogleCloudIntegrationsV1alphaDownloadExecutionResponse - description: Response for downloading an execution. - type: object - properties: - content: - description: The content of downloaded execution. - type: string - GoogleCloudIntegrationsV1alphaReplayExecutionRequest: - id: GoogleCloudIntegrationsV1alphaReplayExecutionRequest - description: Request for replaying an execution. - type: object - properties: - replayReason: - description: Required. The user provided reason for replaying the execution. - type: string - updateMask: - description: >- - Optional. The list of parameters to be updated. - If the - `update_mask` is not specified, all the parameters from original - execution will be ignored and only the `modified_parameters` will be - used. - It is an error to include a parameter in `update_mask` but - not in `modified_parameters`. - Updating nested fields in a JSON - parameter is not supported, please provide the complete JSON in the - `modified_parameters`. - type: string - format: google-fieldmask - modifiedParameters: - description: >- - Optional. The modified input parameters for replay. - Provide values - for all the fields in the 'update_mask'. Any field not present in - the 'update_mask' will be ignored and its value will be taken from - the original execution. - If the 'update_mask' is not specified, all - the parameters from original execution will be ignored and only the - `modified_parameters` will be used. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' - replayMode: - description: Optional. The mode of the replay. - type: string - enumDescriptions: - - Default value. - - Replay the original execution. - - Replay the execution with the modified parameters. + type: string + description: List of tasks that can view this property, if empty then all. + type: array + logSettings: + description: See + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoLogSettings' + masked: + description: True if this workflow parameter should be masked in the logs + type: boolean + dataType: enum: - - REPLAY_MODE_UNSPECIFIED - - REPLAY_MODE_FROM_BEGINNING - - REPLAY_MODE_POINT_OF_FAILURE - GoogleCloudIntegrationsV1alphaReplayExecutionResponse: - id: GoogleCloudIntegrationsV1alphaReplayExecutionResponse - description: Response for replaying an execution. - type: object - properties: - executionId: + - DATA_TYPE_UNSPECIFIED + - EMAIL + - URL + - CURRENCY + - TIMESTAMP + - DOMAIN_NAME description: >- - Next ID: 4 The id of the execution corresponding to this run of the - integration. - type: string - replayedExecutionId: - description: The execution id which is replayed. + Things like URL, Email, Currency, Timestamp (rather than string, + int64...) + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - >- + Domain is a web url string with one top-level private domain and a + suffix (for example: google.com, walmart.com) type: string - outputParameters: + isSearchable: description: >- - OUTPUT parameters in format of Map. Where Key is the name of the - parameter. The parameters would only be present in case of - synchrounous execution. Note: Name of the system generated - parameters are wrapped by backtick(`) to distinguish them from the - user defined parameters. - type: object - additionalProperties: - type: any - description: Properties of the object. - GoogleCloudIntegrationsV1alphaListIntegrationsResponse: - id: GoogleCloudIntegrationsV1alphaListIntegrationsResponse - description: Response for ListIntegrations. + Used to indicate if a ParameterEntry should be converted to + ParamIndexes for ST-Spanner full-text search. DEPRECATED: use + searchable. + deprecated: true + type: boolean + id: EnterpriseCrmEventbusProtoAttributes + description: >- + Attributes are additional options that can be associated with each event + property. For more information, see type: object - properties: - integrations: - description: The integrations which match the request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaIntegration' - nextPageToken: - description: The next page token for the response. - type: string - GoogleCloudIntegrationsV1alphaIntegration: - id: GoogleCloudIntegrationsV1alphaIntegration - description: The integration definition. + EnterpriseCrmEventbusProtoBooleanFunction: + id: EnterpriseCrmEventbusProtoBooleanFunction type: object properties: - name: - description: Required. The resource name of the integration. - type: string - description: - description: Optional. - type: string - updateTime: - description: Output only. Auto-generated. - readOnly: true - type: string - format: google-datetime - active: - description: Required. If any integration version is published. - type: boolean - creatorEmail: - description: >- - Output only. The creator's email address. Generated based on the End - User Credentials/LOAS role of the user making the call. - readOnly: true - type: string - lastModifierEmail: - description: Required. The last modifier of this integration + functionName: + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' type: string - createTime: - description: Required. Output only. Auto-generated. - readOnly: true + enum: + - UNSPECIFIED + - TO_JSON + - NOT + - AND + - NAND + - OR + - XOR + - NOR + - XNOR + - TO_STRING + - EQUALS + EnterpriseCrmEventbusProtoBaseAlertConfigThresholdValue: + properties: + absolute: + format: int64 type: string - format: google-datetime - GoogleCloudIntegrationsV1alphaSearchIntegrationsResponse: - id: GoogleCloudIntegrationsV1alphaSearchIntegrationsResponse - description: Response for SearchIntegrations. + percentage: + format: int32 + type: integer type: object + id: EnterpriseCrmEventbusProtoBaseAlertConfigThresholdValue + description: >- + The threshold value of the metric, above or below which the alert should + be triggered. See EventAlertConfig or TaskAlertConfig for the different + alert metric types in each case. For the *RATE metrics, one or both of + these fields may be set. Zero is the default value and can be left at + that. For *PERCENTILE_DURATION metrics, one or both of these fields may + be set, and also, the duration threshold value should be specified in + the threshold_duration_ms member below. For *AVERAGE_DURATION metrics, + these fields should not be set at all. A different member, + threshold_duration_ms, must be set in the EventAlertConfig or the + TaskAlertConfig. + EnterpriseCrmEventbusProtoTaskExecutionDetails: properties: - integrations: - description: The list of integrations that match the search criteria. - type: array + taskNumber: + type: string + description: Pointer to the task config it used for execution. + taskAttemptStats: items: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaSearchIntegrationsResponseIntegrationSearchResult - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudIntegrationsV1alphaSearchIntegrationsResponseIntegrationSearchResult: - id: >- - GoogleCloudIntegrationsV1alphaSearchIntegrationsResponseIntegrationSearchResult - description: The integration search result with integration level information. - type: object - properties: - name: - description: The integration document metadata. - type: string - id: - description: The integration id. - type: string - creator: - description: The creator of the integration version. - type: string - description: - description: The description of the integration version. - type: string - status: - description: Output only. The status of the integration version. - readOnly: true - type: string - enumDescriptions: - - Default. - - Draft. - - Active. - - Archived. - - Snapshot. + #/components/schemas/EnterpriseCrmEventbusProtoTaskExecutionDetailsTaskAttemptStats + type: array + taskExecutionState: enum: - - INTEGRATION_STATE_UNSPECIFIED - - DRAFT - - ACTIVE - - ARCHIVED - - SNAPSHOT - region: - description: The region of the integration version. - type: string - createTime: - description: Output only. The create time of the integration version. - readOnly: true - type: string - format: google-datetime - version: - description: The version of the integration version. - type: string - GoogleCloudIntegrationsV1alphaSfdcChannel: - id: GoogleCloudIntegrationsV1alphaSfdcChannel - description: The SfdcChannel that points to a CDC or Platform Event Channel. - type: object - properties: - name: - description: >- - Resource name of the SFDC channel - projects/{project}/locations/{location}/sfdcInstances/{sfdc_instance}/sfdcChannels/{sfdc_channel}. - type: string - displayName: - description: >- - Optional. Client level unique name/alias to easily reference a - channel. - type: string - description: - description: Optional. The description for this channel - type: string - channelTopic: - description: >- - Required. The Channel topic defined by salesforce once an channel is - opened + - UNSPECIFIED + - PENDING_EXECUTION + - IN_PROCESS + - SUCCEED + - FAILED + - FATAL + - RETRY_ON_HOLD + - SKIPPED + - CANCELED + - PENDING_ROLLBACK + - ROLLBACK_IN_PROCESS + - ROLLEDBACK + - SUSPENDED type: string - isActive: + enumDescriptions: + - '' + - >- + Task is waiting for its precondition tasks to finish to start the + execution. + - Task is under processing. + - >- + Task execution successfully finished. There's no more change after + this state. + - Task execution failed. There's no more change after this state. + - >- + Task execution failed and cause the whole event execution to fail + immediately. There's no more change after this state. + - Task execution failed and waiting for retry. + - >- + Task execution skipped. This happens when its precondition wasn't + met, or the event execution been canceled before reach to the + task. There's no more changes after this state. + - >- + Task execution canceled when in progress. This happens when event + execution been canceled or any other task fall in fatal state. + - >- + Task is waiting for its dependency tasks' rollback to finish to + start its rollback. + - Task is rolling back. + - >- + Task is rolled back. This is the state we will set regardless of + rollback succeeding or failing. + - >- + Task is a SuspensionTask which has executed once, creating a + pending suspension. + skippedOnFailure: description: >- - Output only. Indicated if a channel has any active integrations - referencing it. Set to false when the channel is created, and set to - true if there is any integration published with the channel - configured in it. - readOnly: true + Indicates whether the task was skipped on failure. Only relevant if + the task is in SKIPPED state. type: boolean - createTime: - description: Output only. Time when the channel is created - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Time when the channel was last updated - readOnly: true - type: string - format: google-datetime - deleteTime: - description: >- - Output only. Time when the channel was deleted. Empty if not - deleted. - readOnly: true - type: string - format: google-datetime - lastReplayId: - description: Output only. Last sfdc messsage replay id for channel - readOnly: true - type: string - GoogleCloudIntegrationsV1alphaListSfdcChannelsResponse: - id: GoogleCloudIntegrationsV1alphaListSfdcChannelsResponse - description: Response to list SfdcChannels. + id: EnterpriseCrmEventbusProtoTaskExecutionDetails type: object + description: >- + Contains the details of the execution of this task. Next available id: + 11 + GoogleCloudIntegrationsV1alphaListExecutionsResponse: + description: Response for listing the integration execution data. properties: - sfdcChannels: - description: The list of SfdcChannels retrieved. + executionInfos: + description: Required. The detailed information of requested executions. type: array items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventExecutionInfo + deprecated: true + executions: + type: array + items: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaExecution' + description: The detailed information of requested executions nextPageToken: - description: The token used to retrieve the next page of results. type: string - GoogleCloudIntegrationsV1alphaSfdcInstance: - id: GoogleCloudIntegrationsV1alphaSfdcInstance - description: >- - The SfdcInstance resource use to hold channels and connection config - data. + description: The token used to retrieve the next page results. + id: GoogleCloudIntegrationsV1alphaListExecutionsResponse + type: object + EnterpriseCrmEventbusProtoConnectorsConnection: type: object + id: EnterpriseCrmEventbusProtoConnectorsConnection properties: - name: + host: description: >- - Resource name of the SFDC instance - projects/{project}/locations/{location}/sfdcInstances/{sfdcInstance}. + The name of the Hostname of the Service Directory service with TLS + if used. type: string - displayName: + serviceName: description: >- - Optional. User selected unique name/alias to easily reference an - instance. - type: string - description: - description: Optional. A description of the sfdc instance. - type: string - sfdcOrgId: - description: The SFDC Org Id. This is defined in salesforce. - type: string - authConfigId: - description: A list of AuthConfigs that can be tried to open the channel to SFDC - type: array - items: - type: string - createTime: - description: Output only. Time when the instance is created - readOnly: true + Service name Format: + projects/{project}/locations/{location}/namespaces/{namespace}/services/{service} type: string - format: google-datetime - updateTime: - description: Output only. Time when the instance was last updated - readOnly: true + connectorVersion: type: string - format: google-datetime - deleteTime: description: >- - Output only. Time when the instance was deleted. Empty if not - deleted. - readOnly: true - type: string - format: google-datetime - serviceAuthority: + Connector version Format: + projects/{project}/locations/{location}/providers/{provider}/connectors/{connector}/versions/{version} + connectionName: description: >- - Optional. URL used for API calls after authentication (the login - authority is configured within the referenced AuthConfig). - type: string - GoogleCloudIntegrationsV1alphaListSfdcInstancesResponse: - id: GoogleCloudIntegrationsV1alphaListSfdcInstancesResponse - description: Response to list SfdcInstances. - type: object - properties: - sfdcInstances: - description: The list of SfdcInstances retrieved. - type: array - items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcInstance' - nextPageToken: - description: The token used to retrieve the next page of results. + Connection name Format: + projects/{project}/locations/{location}/connections/{connection} type: string - GoogleCloudIntegrationsV1alphaResolveSuspensionRequest: - id: GoogleCloudIntegrationsV1alphaResolveSuspensionRequest - description: Request for [Suspensions.ResolveSuspensions]. - type: object - properties: - suspension: - description: >- - Suspension, containing the event_execution_info_id, task_id, and - state to set on the corresponding suspension record. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSuspension' - GoogleCloudIntegrationsV1alphaSuspension: - id: GoogleCloudIntegrationsV1alphaSuspension - description: A record representing a suspension. - type: object + GoogleCloudIntegrationsV1alphaTaskExecutionDetails: properties: - name: - description: Resource name for suspensions suspension/{suspension_id} - type: string - eventExecutionInfoId: - description: Required. ID of the associated execution. - type: string - taskId: - description: Required. Task id of the associated SuspensionTask. - type: string - state: - description: >- - Required. State of this suspension, indicating what action a - resolver has taken. - type: string + taskExecutionState: enumDescriptions: - - Unset state. - - The suspension has not yet been resolved. - - The resolver has rejected the suspension. - - The resolver has lifted the suspension. + - Default value. + - >- + Task is waiting for its precondition tasks to finish to start the + execution. + - Task is under processing. + - >- + Task execution successfully finished. There's no more change after + this state. + - Task execution failed. There's no more change after this state. + - >- + Task execution failed and cause the whole integration execution to + fail immediately. There's no more change after this state. + - Task execution failed and waiting for retry. + - >- + Task execution skipped. This happens when its precondition wasn't + met, or the integration execution been canceled before reach to + the task. There's no more changes after this state. + - >- + Task execution canceled when in progress. This happens when + integration execution been canceled or any other task fall in + fatal state. + - >- + Task is waiting for its dependency tasks' rollback to finish to + start its rollback. + - Task is rolling back. + - >- + Task is rolled back. This is the state we will set regardless of + rollback succeeding or failing. + - >- + Task is a SuspensionTask which has executed once, creating a + pending suspension. + description: The execution state of this task. enum: - - RESOLUTION_STATE_UNSPECIFIED - - PENDING - - REJECTED - - LIFTED - audit: - description: Metadata pertaining to the resolution of this suspension. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSuspensionAudit' - createTime: - description: Output only. Auto-generated. - readOnly: true - type: string - format: google-datetime - lastModifyTime: - description: Output only. Auto-generated. - readOnly: true + - TASK_EXECUTION_STATE_UNSPECIFIED + - PENDING_EXECUTION + - IN_PROCESS + - SUCCEED + - FAILED + - FATAL + - RETRY_ON_HOLD + - SKIPPED + - CANCELLED + - PENDING_ROLLBACK + - ROLLBACK_IN_PROCESS + - ROLLEDBACK + - SUSPENDED type: string - format: google-datetime - suspensionConfig: - description: >- - Controls the notifications and resolver permissions for this - suspension. - deprecated: true - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoSuspensionConfig' - integration: - description: Required. The name of the originating integration. + taskNumber: + description: Pointer to the task config it used for execution. type: string - approvalConfig: - description: >- - Controls the notifications and approval permissions for this - suspension. - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaSuspensionApprovalConfig - GoogleCloudIntegrationsV1alphaSuspensionAudit: - id: GoogleCloudIntegrationsV1alphaSuspensionAudit - description: Contains when and by whom the suspension was resolved. + taskAttemptStats: + type: array + items: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAttemptStats' + description: Status for the current task execution attempt. + type: object + id: GoogleCloudIntegrationsV1alphaTaskExecutionDetails + description: Contains the details of the execution of this task. + EnterpriseCrmEventbusProtoBooleanArrayFunction: type: object properties: - resolveTime: - description: Time at which this suspension was resolved. - type: string - format: google-datetime - resolver: - description: Email address of the person who resolved this suspension. + functionName: type: string - EnterpriseCrmEventbusProtoSuspensionConfig: - id: EnterpriseCrmEventbusProtoSuspensionConfig + enum: + - UNSPECIFIED + - GET + - APPEND + - SIZE + - TO_SET + - APPEND_ALL + - TO_JSON + - SET + - REMOVE + - REMOVE_AT + - CONTAINS + - FOR_EACH + - FILTER + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + id: EnterpriseCrmEventbusProtoBooleanArrayFunction + GoogleCloudIntegrationsV1alphaExecuteTestCasesResponse: + description: Response for ExecuteTestCases. type: object properties: - whoMayResolve: - description: Identities able to resolve this suspension. + executeTestCaseResponses: + description: Results of each execution of test cases in an integration version. type: array items: $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoSuspensionAuthPermissions - customMessage: - description: >- - Optional information to provide recipients of the suspension in - addition to the resolution URL, typically containing relevant - parameter values from the originating workflow. - type: string - notifications: + #/components/schemas/GoogleCloudIntegrationsV1alphaExecuteTestCaseResponse + id: GoogleCloudIntegrationsV1alphaExecuteTestCasesResponse + GoogleCloudIntegrationsV1alphaIntParameterArray: + properties: + intValues: + description: Integer array. type: array items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoNotification' - suspensionExpiration: - description: >- - Indicates the next steps when no external actions happen on the - suspension. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoSuspensionExpiration' - EnterpriseCrmEventbusProtoSuspensionAuthPermissions: - id: EnterpriseCrmEventbusProtoSuspensionAuthPermissions - description: LINT.IfChange + format: int64 + type: string + id: GoogleCloudIntegrationsV1alphaIntParameterArray + description: This message only contains a field of integer array. type: object - properties: - mdbGroup: - type: string - loasRole: - type: string - gaiaIdentity: - description: Represents a Gaia identity for a person or service account. - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoSuspensionAuthPermissionsGaiaIdentity - googleGroup: - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoSuspensionAuthPermissionsGaiaIdentity - EnterpriseCrmEventbusProtoSuspensionAuthPermissionsGaiaIdentity: - id: EnterpriseCrmEventbusProtoSuspensionAuthPermissionsGaiaIdentity + GoogleCloudConnectorsV1AuthConfigOauth2JwtBearerJwtClaims: + id: GoogleCloudConnectorsV1AuthConfigOauth2JwtBearerJwtClaims type: object properties: - emailAddress: - type: string - gaiaId: + subject: + description: Optional. Value for the "sub" claim. type: string - format: int64 - EnterpriseCrmEventbusProtoNotification: - id: EnterpriseCrmEventbusProtoNotification - type: object - properties: - emailAddress: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoAddress' - pubsubTopic: + audience: + description: Optional. Value for the "aud" claim. type: string - buganizerNotification: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoBuganizerNotification' - escalatorQueue: + issuer: type: string - request: - description: >- - If the out-of-the-box email/pubsub notifications are not suitable - and custom logic is required, fire a workflow containing all info - needed to notify users to resume execution. - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoCustomSuspensionRequest + description: Optional. Value for the "iss" claim. + description: JWT claims used for the jwt-bearer authorization grant. EnterpriseCrmEventbusProtoAddress: - id: EnterpriseCrmEventbusProtoAddress + type: object description: >- Email address along with optional name and tokens. These tokens will be substituted for the variables in the form of [{var_name}], where var_name could be any string of no more than 32 bytes. - type: object properties: + tokens: + items: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoToken' + type: array email: description: Required. type: string name: type: string - tokens: - type: array - items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoToken' - EnterpriseCrmEventbusProtoToken: - id: EnterpriseCrmEventbusProtoToken - type: object + id: EnterpriseCrmEventbusProtoAddress + GoogleCloudIntegrationsV1alphaUseTemplateRequestIntegrationDetails: properties: - name: + integration: type: string - value: + description: >- + Required. Name of the sub integration which would be created via + templates. + integrationDescription: + description: >- + Optional. Description of the sub integration which would be created + via templates. type: string - EnterpriseCrmEventbusProtoBuganizerNotification: - id: EnterpriseCrmEventbusProtoBuganizerNotification + id: GoogleCloudIntegrationsV1alphaUseTemplateRequestIntegrationDetails type: object + description: Sub Integration which would be created via templates. + GoogleCloudIntegrationsV1alphaUploadIntegrationVersionResponse: + type: object + description: Response for UploadIntegrationVersion. properties: - componentId: - description: >- - ID of the buganizer component within which to create a new issue. - Required. - type: string - format: int64 - title: - description: Title of the issue to be created. Required. - type: string - assigneeEmailAddress: - description: Whom to assign the new bug. Optional. - type: string - templateId: - description: ID of the buganizer template to use. Optional. - type: string - format: int64 - EnterpriseCrmEventbusProtoCustomSuspensionRequest: - id: EnterpriseCrmEventbusProtoCustomSuspensionRequest + integrationVersion: + description: The uploaded integration. + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + id: GoogleCloudIntegrationsV1alphaUploadIntegrationVersionResponse + GoogleCloudIntegrationsV1alphaImportTemplateResponse: + description: Response for import template type: object properties: - suspensionInfoEventParameterKey: - description: >- - In the fired event, set the SuspensionInfo message as the value for - this key. - type: string - postToQueueWithTriggerIdRequest: - description: Request to fire an event containing the SuspensionInfo message. + integrationVersion: + description: IntegrationVersion after the import. $ref: >- - #/components/schemas/GoogleInternalCloudCrmEventbusV3PostToQueueWithTriggerIdRequest - GoogleInternalCloudCrmEventbusV3PostToQueueWithTriggerIdRequest: - id: GoogleInternalCloudCrmEventbusV3PostToQueueWithTriggerIdRequest - description: >- - LINT.IfChange Use this request to post all workflows associated with a - given trigger id. Next available id: 13 + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + subIntegrationVersions: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + description: Sub integration versions which are imported. + id: GoogleCloudIntegrationsV1alphaImportTemplateResponse + GoogleCloudIntegrationsV1alphaCredential: type: object + id: GoogleCloudIntegrationsV1alphaCredential + description: Defines parameters for a single, canonical credential. properties: - triggerId: - description: >- - Matched against all {@link TriggerConfig}s across all workflows. - i.e. TriggerConfig.trigger_id.equals(trigger_id) Required. - type: string - clientId: - description: >- - Optional. If the client id is provided, then the combination of - trigger id and client id is matched across all the workflows. If the - client id is not provided, then workflows with matching trigger id - are executed for each client id in the {@link TriggerConfig}. For - Api Trigger, the client id is required and will be validated against - the allowed clients. - type: string - parameters: - description: Passed in as parameters to each workflow execution. Optional. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoEventParameters' - priority: - description: >- - The request priority this request should be processed at. For - internal users: - type: string + credentialType: + description: Credential type associated with auth config. enumDescriptions: - - Unspecified - - >- - Frequent partial and occasional full unavailability is expected - and not pageable. * Requests to this band will be shed before all - other requests. * This is the default for async calls sent from - batch jobs. - - >- - Partial unavailability is expected and is not necessarily - pageable. * Requests to this band will be shed before any critical - traffic. * This is the default for async calls sent from - production jobs. - - >- - Any outage is a pageable event. * During a production outage - requests in this band will only be shed before CRITICAL_PLUS. * - This is the default for sync calls sent from production jobs. + - Unspecified credential type + - Regular username/password pair. + - API key. + - OAuth 2.0 Authorization Code Grant Type. + - OAuth 2.0 Implicit Grant Type. + - OAuth 2.0 Client Credentials Grant Type. + - OAuth 2.0 Resource Owner Credentials Grant Type. + - JWT Token. + - Auth Token, e.g. bearer token. - >- - Any outage is a pageable event. * The guideline is for < 10% of - requests to a service to be in this band. * During a production - outage requests in this band will be prioritized above all others. - * Opt-in to CRITICAL_PLUS when your workflow triggers by human. + Service Account which can be used to generate token for + authentication. + - Client Certificate only. + - Google OIDC ID Token enum: - - UNSPCIFIED - - SHEDDABLE - - SHEDDABLE_PLUS - - CRITICAL - - CRITICAL_PLUS - testMode: - description: >- - Optional. Sets test mode in {@link - enterprise/crm/eventbus/event_message.proto}. - type: boolean - scheduledTime: - description: >- - Optional. Time in milliseconds since epoch when the given event - would be scheduled. + - CREDENTIAL_TYPE_UNSPECIFIED + - USERNAME_AND_PASSWORD + - API_KEY + - OAUTH2_AUTHORIZATION_CODE + - OAUTH2_IMPLICIT + - OAUTH2_CLIENT_CREDENTIALS + - OAUTH2_RESOURCE_OWNER_CREDENTIALS + - JWT + - AUTH_TOKEN + - SERVICE_ACCOUNT + - CLIENT_CERTIFICATE_ONLY + - OIDC_TOKEN type: string - format: int64 - ignoreErrorIfNoActiveWorkflow: + oauth2AuthorizationCode: description: >- - Optional. Flag to determine whether clients would suppress a warning - when no ACTIVE workflows are not found. If this flag is set to be - true, an error will not be thrown if the requested trigger_id or - client_id is not found in any ACTIVE workflow. Otherwise, the error - is always thrown. The flag is set to be false by default. + The api_key and oauth2_implicit are not covered in v1 and will be + picked up once v1 is implemented. ApiKey api_key = 3; OAuth2 + authorization code credential + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaOAuth2AuthorizationCode + usernameAndPassword: + description: Username and password credential + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaUsernameAndPassword + authToken: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthToken' + description: Auth token credential + jwt: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaJwt' + description: JWT credential + oidcToken: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaOidcToken' + description: Google OIDC ID Token + oauth2ResourceOwnerCredentials: + description: OAuth2 resource owner credentials + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaOAuth2ResourceOwnerCredentials + oauth2ClientCredentials: + description: OAuth2Implicit oauth2_implicit = 5; OAuth2 client credentials + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaOAuth2ClientCredentials + serviceAccountCredentials: + description: Service account credential + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaServiceAccountCredentials + GoogleCloudIntegrationsV1alphaListIntegrationVersionsResponse: + id: GoogleCloudIntegrationsV1alphaListIntegrationVersionsResponse + type: object + description: Response for ListIntegrationVersions. + properties: + noPermission: + description: Whether the user has no permission on the version or not. type: boolean - workflowName: - description: >- - Optional. If provided, the workflow_name is used to filter all the - matched workflows having same trigger_id+client_id. A combination of - trigger_id, client_id and workflow_name identifies a unique - workflow. - type: string - requestId: + integrationVersions: + type: array + description: The integrations which match the request. + items: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + nextPageToken: description: >- - Optional. This is used to de-dup incoming request: if the duplicate - request was detected, the response from the previous execution is - returned. Must have no more than 36 characters and contain only - alphanumeric characters and hyphens. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - resourceName: - description: >- - This field is only required when using Admin Access. The resource - name of target, or the parent resource name. For example: - "projects/*/locations/*/integrations/*" + GoogleCloudIntegrationsV1alphaSerializedFile: + description: To store string representation of Integration file. + id: GoogleCloudIntegrationsV1alphaSerializedFile + type: object + properties: + content: + description: String representation of the file content. type: string - userGeneratedExecutionId: + file: description: >- - This is a unique id provided by the method caller. If provided this - will be used as the execution_id when a new execution info is - created. This is a string representation of a UUID. Must have no - more than 36 characters and contain only alphanumeric characters and - hyphens. + File information like Integration version, Integration Config + variables etc. + enum: + - INTEGRATION_FILE_UNSPECIFIED + - INTEGRATION + - INTEGRATION_CONFIG_VARIABLES type: string - quotaRetryCount: - description: >- - Optional. This is a field to see the quota retry count for - integration execution - type: integer - format: int32 - EnterpriseCrmEventbusProtoSuspensionExpiration: - id: EnterpriseCrmEventbusProtoSuspensionExpiration + enumDescriptions: + - Default value. + - Integration file. + - Integration Config variables. + GoogleCloudIntegrationsV1alphaLinkAppsScriptProjectResponse: + id: GoogleCloudIntegrationsV1alphaLinkAppsScriptProjectResponse + description: Response for LinkAppsScriptProject rpc call. type: object properties: - remindAfterMs: - description: >- - Milliseconds after which the previous suspension action reminder, if - any, is sent using the selected notification option, for a - suspension which is still PENDING_UNSPECIFIED. - type: integer - format: int32 - expireAfterMs: - description: Milliseconds after which the suspension expires, if no action taken. - type: integer - format: int32 - liftWhenExpired: - description: >- - Whether the suspension will be REJECTED or LIFTED upon expiration. - REJECTED is the default behavior. - type: boolean - GoogleCloudIntegrationsV1alphaSuspensionApprovalConfig: - id: GoogleCloudIntegrationsV1alphaSuspensionApprovalConfig - description: Configurations for approving the Suspension. + scriptId: + type: string + description: The id of the linked Apps Script project. + GoogleCloudIntegrationsV1alphaGenerateTokenResponse: type: object + description: Returns success or error message properties: - customMessage: + message: + description: The message that notifies the user if the request succeeded or not. + type: string + id: GoogleCloudIntegrationsV1alphaGenerateTokenResponse + GoogleCloudIntegrationsV1alphaDownloadTemplateResponse: + type: object + description: Response for DownloadTemplate. + properties: + content: + type: string + description: String representation of the template. + id: GoogleCloudIntegrationsV1alphaDownloadTemplateResponse + EnterpriseCrmEventbusProtoLogSettings: + properties: + seedScope: + enum: + - SEED_SCOPE_UNSPECIFIED + - EVENT_NAME + - TIME_PERIOD + - PARAM_NAME + type: string + enumDescriptions: + - '' + - Hash computations include the event name. + - Hash computations include a time period. + - Hash computations include the param name. + logFieldName: + description: >- + The name of corresponding logging field of the event property. If + omitted, assumes the same name as the event property key. + type: string + seedPeriod: + type: string + enum: + - SEED_PERIOD_UNSPECIFIED + - DAY + - WEEK + - MONTH + enumDescriptions: + - '' + - Sanitized values remain constant for the day of the event. + - >- + Sanitized values remain constant for the week of the event; may + cross month boundaries. + - Sanitized values remain constant for the month of the event. + type: object + description: >- + The LogSettings define the logging attributes for an event property. + These attributes are used to map the property to the parameter in the + log proto. Also used to define scrubbing/truncation behavior and PII + information. + id: EnterpriseCrmEventbusProtoLogSettings + EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleStringRegex: + description: Rule used to validate strings. + id: EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleStringRegex + properties: + exclusive: + description: >- + Whether the regex matcher is applied exclusively (if true, matching + values will be rejected). + type: boolean + regex: + type: string + description: The regex applied to the input value(s). + type: object + GoogleCloudIntegrationsV1alphaIntegrationConfigParameter: + type: object + description: >- + Integration Config Parameter is defined in the integration config and + are used to provide external configuration for integration. It provide + information about data types of the expected parameters and provide any + default values or value. They can also be used to add custom attributes. + properties: + value: + description: >- + Values for the defined keys. Each value can either be string, int, + double or any proto message or a serialized object. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' + parameter: + description: >- + Optional. Integration Parameter to provide the default value, data + type and attributes required for the Integration config variables. + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationParameter + id: GoogleCloudIntegrationsV1alphaIntegrationConfigParameter + GoogleCloudIntegrationsV1alphaSuspensionApprovalConfig: + id: GoogleCloudIntegrationsV1alphaSuspensionApprovalConfig + properties: + customMessage: description: Information to provide for recipients. type: string emailAddresses: - description: Email addresses to send approval request to. type: array + description: Email addresses to send approval request to. items: type: string expiration: @@ -8038,725 +7385,1014 @@ components: suspension. $ref: >- #/components/schemas/GoogleCloudIntegrationsV1alphaSuspensionApprovalExpiration - GoogleCloudIntegrationsV1alphaSuspensionApprovalExpiration: - id: GoogleCloudIntegrationsV1alphaSuspensionApprovalExpiration - description: Expiration configs for the approval request. + description: Configurations for approving the Suspension. type: object + GoogleCloudConnectorsV1EventingConfig: + id: GoogleCloudConnectorsV1EventingConfig + description: 'Eventing Configuration of a connection next: 19' properties: - remindTime: - description: >- - Time after the previous suspension action reminder, if any, is sent - using the selected notification option, for a suspension which is - still PENDING_UNSPECIFIED. - type: string - format: google-datetime - expireTime: - description: >- - Output only. Time after which the suspension expires, if no action - taken. - readOnly: true + registrationDestinationConfig: + description: Optional. Registration endpoint for auto registration. + $ref: '#/components/schemas/GoogleCloudConnectorsV1DestinationConfig' + sslConfig: + description: Optional. Ssl config of a connection + $ref: '#/components/schemas/GoogleCloudConnectorsV1SslConfig' + enrichmentEnabled: + type: boolean + description: Optional. Enrichment Enabled. + deadLetterConfig: + description: Optional. Dead letter configuration for eventing of a connection. + $ref: >- + #/components/schemas/GoogleCloudConnectorsV1EventingConfigDeadLetterConfig + additionalVariables: + description: Optional. Additional eventing related field values + type: array + items: + $ref: '#/components/schemas/GoogleCloudConnectorsV1ConfigVariable' + eventsListenerIngressEndpoint: type: string - format: google-datetime - liftWhenExpired: description: >- - Whether the suspension will be REJECTED or LIFTED upon expiration. - REJECTED is the default behavior. - type: boolean - GoogleCloudIntegrationsV1alphaResolveSuspensionResponse: - id: GoogleCloudIntegrationsV1alphaResolveSuspensionResponse - description: Response for Suspensions.ResolveSuspensions. - type: object - properties: {} - GoogleCloudIntegrationsV1alphaListSuspensionsResponse: - id: GoogleCloudIntegrationsV1alphaListSuspensionsResponse - description: Response for Suspensions.ListSuspensions. - type: object - properties: - suspensions: + Optional. Ingress endpoint of the event listener. This is used only + when private connectivity is enabled. + privateConnectivityAllowlistedProjects: description: >- - The suspensions for the relevant execution which the caller has - permissions to view and resolve. + Optional. List of projects to be allowlisted for the service + attachment created in the tenant project for eventing ingress. type: array items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSuspension' - nextPageToken: - description: Token to retrieve the next page of results. - type: string - GoogleCloudIntegrationsV1alphaLiftSuspensionRequest: - id: GoogleCloudIntegrationsV1alphaLiftSuspensionRequest - description: Request for lift Suspension + type: string + enrichmentConfig: + description: Optional. Data enrichment configuration. + $ref: '#/components/schemas/GoogleCloudConnectorsV1EnrichmentConfig' + authConfig: + $ref: '#/components/schemas/GoogleCloudConnectorsV1AuthConfig' + description: Optional. Auth details for the webhook adapter. + proxyDestinationConfig: + description: Optional. Proxy for Eventing auto-registration. + $ref: '#/components/schemas/GoogleCloudConnectorsV1DestinationConfig' + privateConnectivityEnabled: + description: Optional. Private Connectivity Enabled. + type: boolean + listenerAuthConfig: + $ref: '#/components/schemas/GoogleCloudConnectorsV1AuthConfig' + description: Optional. Auth details for the event listener. type: object - properties: - suspensionResult: - description: >- - User passed in suspension result and will be used to control - workflow execution branching behavior by setting up corresponnding - edge condition with suspension result. For example, if you want to - lift the suspension, you can pass "Approved", or if you want to - reject the suspension and terminate workfloe execution, you can pass - "Rejected" and terminate the workflow execution with configuring the - edge condition. - type: string - GoogleCloudIntegrationsV1alphaLiftSuspensionResponse: - id: GoogleCloudIntegrationsV1alphaLiftSuspensionResponse - description: Response of lift Suspense + GoogleCloudIntegrationsV1alphaIntegration: type: object + description: The integration definition. + id: GoogleCloudIntegrationsV1alphaIntegration properties: - eventExecutionInfoId: - description: Execution Id that will be returned + createTime: + format: google-datetime type: string - GoogleCloudIntegrationsV1alphaTestCase: - id: GoogleCloudIntegrationsV1alphaTestCase - description: >- - Defines the functional test case for Application Integration. Next - available id: 15 - type: object - properties: - name: - description: Output only. Auto-generated primary key. + readOnly: true + description: Required. Output only. Auto-generated. + creatorEmail: readOnly: true type: string - displayName: - description: Required. The display name of test case. + description: >- + Output only. The creator's email address. Generated based on the End + User Credentials/LOAS role of the user making the call. + updateTime: + format: google-datetime + description: Output only. Auto-generated. type: string + readOnly: true + name: + description: Required. The resource name of the integration. + type: string + active: + description: Required. If any integration version is published. + type: boolean description: - description: Optional. Description of the test case. type: string - triggerId: - description: >- - Required. This defines the trigger ID in workflow which is - considered to be executed as starting point of the test case + description: Optional. + lastModifierEmail: + description: Required. The last modifier of this integration type: string - testInputParameters: - description: >- - Optional. Parameters that are expected to be passed to the test case - when the test case is triggered. This gives the user the ability to - provide default values. This should include all the output variables - of the trigger as input variables. + GoogleCloudIntegrationsV1alphaChangeCustomerConfigResponse: + description: Response for the ChangeCustomerConfig rpc + type: object + properties: + customerConfig: + description: Required. The updated customer configuration. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCustomerConfig' + id: GoogleCloudIntegrationsV1alphaChangeCustomerConfigResponse + GoogleCloudIntegrationsV1alphaListRuntimeEntitySchemasResponse: + properties: + nextPageToken: + description: Next page token. + type: string + runtimeEntitySchemas: + description: Runtime entity schemas. type: array items: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationParameter - testTaskConfigs: - description: >- - Optional. However, the test case doesn't mock or assert anything - without test_task_configs. - type: array - items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestTaskConfig' - databasePersistencePolicy: - description: >- - Optional. Various policies for how to persist the test execution - info including execution info, execution export info, execution - metadata index and execution param index.. + #/components/schemas/GoogleCloudIntegrationsV1alphaRuntimeEntitySchema + description: Response for listing RuntimeEntitySchemas for a specific Connection. + type: object + id: GoogleCloudIntegrationsV1alphaListRuntimeEntitySchemasResponse + GoogleCloudConnectorsV1ConfigVariable: + description: >- + ConfigVariable represents a configuration variable present in a + Connection. or AuthConfig. + properties: + key: + description: Optional. Key of the config variable. type: string - enumDescriptions: - - Enables persistence for all execution data. - - Disables persistence for all execution data. - - Asynchronously persist all execution data. - enum: - - DATABASE_PERSISTENCE_POLICY_UNSPECIFIED - - DATABASE_PERSISTENCE_DISABLED - - DATABASE_PERSISTENCE_ASYNC - creatorEmail: - description: >- - Optional. The creator's email address. Generated based on the End - User Credentials/LOAS role of the user making the call. + boolValue: + description: Value is a bool. + type: boolean + intValue: type: string - createTime: - description: Auto-generated. + description: Value is an integer + format: int64 + encryptionKeyValue: + description: Value is a Encryption Key. + $ref: '#/components/schemas/GoogleCloudConnectorsV1EncryptionKey' + secretValue: + $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' + description: Value is a secret. + stringValue: + description: Value is a string. + type: string + id: GoogleCloudConnectorsV1ConfigVariable + type: object + GoogleCloudIntegrationsV1alphaTestIntegrationsRequest: + type: object + properties: + parameters: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters + deprecated: true + description: Optional. Passed in as parameters to each integration execution. + deadlineSecondsTime: type: string format: google-datetime - lastModifierEmail: + description: Optional. custom deadline of the rpc + integrationVersion: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + description: Required. integration config to execute the workflow + clientId: description: >- - The last modifier's email address. Generated based on the End User - Credentials/LOAS role of the user making the call. - type: string - updateTime: - description: Auto-generated. + Required. This is used to identify the client on whose behalf the + event will be executed. type: string - format: google-datetime - lockHolderEmail: + triggerId: description: >- - Optional. The edit lock holder's email address. Generated based on - the End User Credentials/LOAS role of the user making the call. + Required. The trigger id of the integration trigger config. If both + trigger_id and client_id is present, the integration is executed + from the start tasks provided by the matching trigger config + otherwise it is executed from the default start tasks. type: string - triggerConfig: - description: Optional. Auto-generated. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTriggerConfig' - GoogleCloudIntegrationsV1alphaTestTaskConfig: - id: GoogleCloudIntegrationsV1alphaTestTaskConfig - description: >- - The task mock configuration details and assertions for functional tests. - Next available id: 6 - type: object + configParameters: + additionalProperties: + description: Properties of the object. + type: any + type: object + description: Optional. Config parameters used during integration execution. + inputParameters: + description: Optional. Input parameters used during integration execution. + additionalProperties: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' + type: object + testMode: + description: >- + Optional. Can be specified in the event request, otherwise false + (default). If true, enables tasks with condition "test_mode = true". + If false, disables tasks with condition "test_mode = true" if global + test mode (set by platform) is also false {@link EventBusConfig}. + type: boolean + description: The request for testing an integration. + id: GoogleCloudIntegrationsV1alphaTestIntegrationsRequest + EnterpriseCrmEventbusProtoTaskMetadata: properties: - taskNumber: + descriptiveName: description: >- - Required. This defines in the test case, the task in integration - which will be mocked by this test task config + The string name to show on the task list on the Workflow editor + screen. This should be a very short, one to two words name for the + task. (e.g. "Send Mail") type: string - mockConfig: - description: Optional. Defines how to mock the given task during test execution - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaMockConfig' - assertions: + docMarkdown: + type: string + description: Snippet of markdown documentation to embed in the RHP for this task. + tags: description: >- - Optional. List of conditions or expressions which should be - evaluated to true unless there is a bug/problem in the integration. - These are evaluated one the task execution is completed as per the - mock strategy in test case - type: array + A set of tags that pertain to a particular task. This can be used to + improve the searchability of tasks with several names ("REST Caller" + vs. "Call REST Endpoint") or to help users find tasks based on + related words. items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAssertion' - task: - description: >- - Required. This defines in the test case, the task name in - integration which will be mocked by this test task config + type: string + type: array + g3DocLink: + description: URL to the associated G3 Doc for the task if available type: string - taskConfig: - description: Optional. Auto-generated. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTaskConfig' - GoogleCloudIntegrationsV1alphaMockConfig: - id: GoogleCloudIntegrationsV1alphaMockConfig - description: >- - The configuration for mocking of a task during test execution Next - available id: 4 - type: object - properties: - mockStrategy: - description: >- - Mockstrategy defines how the particular task should be mocked during - test execution + description: + description: In a few sentences, describe the purpose and usage of the task. type: string + status: + description: >- + Allows author to indicate if the task is ready to use or not. If not + set, then it will default to INACTIVE. enumDescriptions: - - This should never be used to annotate a field - - Execute actual task - >- - Don't execute actual task, instead use the values specified by - user for output of the task - - Don't execute actual task, instead return task failure - - Don't execute actual task, instead mark it as successful + Default value. Actual Task Status should always be set to either + INACTIVE or ACTIVE. If none is specified at runtime, it will be + set to INACTIVE. + - Still in-progress or incomplete, and not intended for use. + - Available for use. + type: string enum: - - MOCK_STRATEGY_UNSPECIFIED - - NO_MOCK_STRATEGY - - SPECIFIC_MOCK_STRATEGY - - FAILURE_MOCK_STRATEGY - - SKIP_MOCK_STRATEGY - parameters: - description: Optional. List of key-value pairs for specific mock strategy - type: array - items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaEventParameter' - failedExecutions: - description: >- - Optional. Number of times the given task should fail for failure - mock strategy + - UNSPECIFIED_STATUS + - DEFAULT_INACTIVE + - ACTIVE + externalDocHtml: + description: External-facing documention embedded in the RHP for this task. type: string - format: int64 - GoogleCloudIntegrationsV1alphaAssertion: - id: GoogleCloudIntegrationsV1alphaAssertion - description: >- - An assertion which will check for a condition over task execution status - or an expression for task output variables - type: object - properties: - assertionStrategy: - description: Optional. The type of assertion to perform. + isDeprecated: + type: boolean + description: The deprecation status of the current task. Default value is false; + system: type: string enumDescriptions: - - Unspecified Assertion strategy - - Test a successful execution - - Test a failed execution - - Test that the task was never executed - - Test the parameter selected is equal to the expected value - - Test the parameter selected is not equal to the expected value - - Test the parameter selected contains the configured value - - Test a specific condition + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' enum: - - ASSERTION_STRATEGY_UNSPECIFIED - - ASSERT_SUCCESSFUL_EXECUTION - - ASSERT_FAILED_EXECUTION - - ASSERT_NO_EXECUTION - - ASSERT_EQUALS - - ASSERT_NOT_EQUALS - - ASSERT_CONTAINS - - ASSERT_CONDITION - parameter: + - UNSPECIFIED_SYSTEM + - GENERIC + - BUGANIZER + - SALESFORCE + - CLOUD_SQL + - PLX + - SHEETS + - GOOGLE_GROUPS + - EMAIL + - SPANNER + - DATA_BRIDGE + name: description: >- - Optional. Key-value pair for ASSERT_EQUALS, ASSERT_NOT_EQUALS, - ASSERT_CONTAINS to succeed - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaEventParameter' - condition: - description: Optional. Standard filter expression for ASSERT_CONDITION to succeed + The actual class name or the annotated name of the task. Task Author + should initialize this field with value from the getName() method of + the Task class. type: string - retryCount: + standaloneExternalDocHtml: description: >- - Number of times given task should be retried in case of - ASSERT_FAILED_EXECUTION + External-facing documention for standalone IP in pantheon embedded + in the RHP for this task. Non null only if different from + external_doc_html + type: string + iconLink: + description: >- + URL to gstatic image icon for this task. This icon shows up on the + task list panel along with the task name in the Workflow Editor + screen. Use the 24p, 2x, gray color icon image format. + type: string + externalCategorySequence: type: integer + description: >- + Sequence with which the task in specific category to be displayed in + task discovery panel for external users. format: int32 - GoogleCloudIntegrationsV1alphaListTestCasesResponse: - id: GoogleCloudIntegrationsV1alphaListTestCasesResponse - description: Response for ListTestCases - type: object - properties: - testCases: - description: The test cases corresponding to the specified filter + externalDocMarkdown: + description: 'DEPRECATED: Use external_doc_html.' + type: string + externalDocLink: + description: Doc link for external-facing documentation (separate from g3doc). + type: string + externalCategory: + type: string + enumDescriptions: + - '' + - '' + - '' + - HTTP tasks, e.g. rest api call task + - Integration services, e.g. connector task + - Customer ations, e.g. email task + - Flow control, e.g. while loop task + - Workspace tasks, e.g. list drive task + - Security, e.g. kms related tasks + - Database operation tasks, e.g. read firestore info tasks + - Analytics tasks, e.g. dataflow creattion tasks + - BYOC tasks + - BYOT tasks + - AI related tasks. + - Data manipulation related tasks, e.g. data mapping task + enum: + - UNSPECIFIED_EXTERNAL_CATEGORY + - CORE + - CONNECTORS + - EXTERNAL_HTTP + - EXTERNAL_INTEGRATION_SERVICES + - EXTERNAL_CUSTOMER_ACTIONS + - EXTERNAL_FLOW_CONTROL + - EXTERNAL_WORKSPACE + - EXTERNAL_SECURITY + - EXTERNAL_DATABASES + - EXTERNAL_ANALYTICS + - EXTERNAL_BYOC + - EXTERNAL_BYOT + - EXTERNAL_ARTIFICIAL_INTELIGENCE + - EXTERNAL_DATA_MANIPULATION + defaultJsonValidationOption: + type: string + enum: + - UNSPECIFIED_JSON_VALIDATION_OPTION + - SKIP + - PRE_EXECUTION + - POST_EXECUTION + - PRE_POST_EXECUTION + enumDescriptions: + - >- + As per the default behavior, no validation will be run. Will not + override any option set in a Task. + - Do not run any validation against JSON schemas. + - >- + Validate all potential input JSON parameters against schemas + specified in WorkflowParameters. + - >- + Validate all potential output JSON parameters against schemas + specified in WorkflowParameters. + - Perform both PRE_EXECUTION and POST_EXECUTION validations. + description: >- + Controls whether JSON workflow parameters are validated against + provided schemas before and/or after this task's execution. + defaultSpec: + description: >- + Contains the initial configuration of the task with default values + set. For now, The string should be compatible to an ASCII-proto + format. + type: string + admins: type: array items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestCase' - nextPageToken: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTaskMetadataAdmin' + activeTaskName: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + The new task name to replace the current task if it is deprecated. + Otherwise, it is the same as the current task name. type: string - GoogleCloudIntegrationsV1alphaExecuteTestCaseRequest: - id: GoogleCloudIntegrationsV1alphaExecuteTestCaseRequest - description: The request for executing a functional test. + category: + type: string + enum: + - UNSPECIFIED_CATEGORY + - CUSTOM + - FLOW_CONTROL + - DATA_MANIPULATION + - SCRIPTING + - CONNECTOR + - HIDDEN + - CLOUD_SYSTEMS + - CUSTOM_TASK_TEMPLATE + - TASK_RECOMMENDATIONS + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + - Internal IP tasks that should not be available in the UI. + - Tasks that are relevant to cloud systems teams and typically + - Task entities that derive from a custom task template. + - Category to show task recommendations + codeSearchLink: + type: string + description: The Code Search link to the Task Java file. + type: object + id: EnterpriseCrmEventbusProtoTaskMetadata + description: >- + TaskMetadata are attributes that are associated to every common Task we + have. + EnterpriseCrmEventbusProtoBuganizerNotification: type: object properties: - inputParameters: - description: Optional. Input parameters used by test case execution. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' - GoogleCloudIntegrationsV1alphaExecuteTestCaseResponse: - id: GoogleCloudIntegrationsV1alphaExecuteTestCaseResponse - description: The response for executing a functional test. + templateId: + format: int64 + type: string + description: ID of the buganizer template to use. Optional. + componentId: + format: int64 + type: string + description: >- + ID of the buganizer component within which to create a new issue. + Required. + assigneeEmailAddress: + description: Whom to assign the new bug. Optional. + type: string + title: + description: Title of the issue to be created. Required. + type: string + id: EnterpriseCrmEventbusProtoBuganizerNotification + EnterpriseCrmFrontendsEventbusProtoParamSpecsMessage: + properties: + parameters: + type: array + items: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParamSpecEntry type: object + id: EnterpriseCrmFrontendsEventbusProtoParamSpecsMessage + GoogleCloudIntegrationsV1alphaParameterMapField: + description: Field represents either the key or value in an entry. + id: GoogleCloudIntegrationsV1alphaParameterMapField properties: - executionId: - description: The id of the execution corresponding to this run of integration. + referenceKey: + description: Referencing one of the Integration variables. type: string + literalValue: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaValueType' + description: Passing a literal value. + type: object + GoogleCloudIntegrationsV1alphaExecuteTestCaseResponse: + id: GoogleCloudIntegrationsV1alphaExecuteTestCaseResponse + properties: outputParameters: - description: >- - OUTPUT parameters in format of Map. Where Key is the name of the - parameter. Note: Name of the system generated parameters are wrapped - by backtick(`) to distinguish them from the user defined parameters. type: object additionalProperties: type: any description: Properties of the object. + description: >- + OUTPUT parameters in format of Map. Where Key is the name of the + parameter. Note: Name of the system generated parameters are wrapped + by backtick(`) to distinguish them from the user defined parameters. assertionResults: - description: Results of each assertions ran during execution of test case. type: array items: $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAssertionResult' + description: Results of each assertions ran during execution of test case. + executionId: + description: The id of the execution corresponding to this run of integration. + type: string testExecutionState: description: State of the test case execution - type: string - enumDescriptions: - - Unspecified state - - Test case execution passed - - Test case execution failed enum: - STATE_UNSPECIFIED - PASSED - FAILED + enumDescriptions: + - Unspecified state + - Test case execution passed + - Test case execution failed + type: string + description: The response for executing a functional test. + type: object GoogleCloudIntegrationsV1alphaAssertionResult: - id: GoogleCloudIntegrationsV1alphaAssertionResult - description: The result of an assertion. type: object + description: The result of an assertion. + id: GoogleCloudIntegrationsV1alphaAssertionResult properties: - assertion: - description: Assertion that was run. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAssertion' taskNumber: description: Task number of task where the assertion was run. type: string - taskName: - description: Task name of task where the assertion was run. - type: string status: - description: Status of assertion to signify if the assertion succeeded or failed type: string - enumDescriptions: - - Unspecified assertion status - - Assertion succeeded - - Assertion failed enum: - ASSERTION_STATUS_UNSPECIFIED - SUCCEEDED - FAILED + description: Status of assertion to signify if the assertion succeeded or failed + enumDescriptions: + - Unspecified assertion status + - Assertion succeeded + - Assertion failed failureMessage: + type: string description: Details of the assertion failure + taskName: type: string - GoogleCloudIntegrationsV1alphaUploadTestCaseRequest: - id: GoogleCloudIntegrationsV1alphaUploadTestCaseRequest - description: Request for UploadTestCase. + description: Task name of task where the assertion was run. + assertion: + description: Assertion that was run. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAssertion' + GoogleCloudIntegrationsV1alphaProjectProperties: type: object + description: Metadata information for the given project + id: GoogleCloudIntegrationsV1alphaProjectProperties properties: - content: - description: The textproto of the test case. - type: string - fileFormat: - description: File format for upload request. - type: string + billingType: enumDescriptions: - - Unspecified file format - - JSON File Format - - YAML File Format + - '' + - A trial org provisioned through Apigee Provisioning Wizard + - >- + Subscription based on concurrency model for Apigee and Application + Integration users. + - Consumption based users of IP + - >- + Argentum subscription for Application Integration users. To be + used in the future. + - >- + Special billing type to avoid any billing to clients (eg: trusted + tester program). This should not be used without consulting with + the leads. + type: string + description: 'Required. Required: The client billing type that was requested' enum: - - FILE_FORMAT_UNSPECIFIED - - JSON - - YAML - GoogleCloudIntegrationsV1alphaUploadTestCaseResponse: - id: GoogleCloudIntegrationsV1alphaUploadTestCaseResponse - description: Response for UploadTestCase. + - BILLING_TYPE_UNSPECIFIED + - APIGEE_TRIALS + - APIGEE_SUBSCRIPTION + - PAYG + - SUBSCRIPTION + - NO_BILLING + ipEnablementState: + type: string + enum: + - IP_ENABLEMENT_STATE_UNSPECIFIED + - IP_ENABLEMENT_STATE_STANDALONE + - IP_ENABLEMENT_STATE_APIGEE + - IP_ENABLEMENT_STATE_APIGEE_ENTITLED + description: An enum value of what the enablement state is for the given project + enumDescriptions: + - The client enablement status is unspecified + - The client is enabled on Standalone IP + - The client is enabled on Apigee + - The client is entitled for Apigee but not enabled + provisionedRegions: + description: A list of provisioned regions on the current project + type: array + items: + type: string + EnterpriseCrmEventbusProtoStringFunction: type: object properties: - testCase: - description: The uploaded TestCase - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestCase' - GoogleCloudIntegrationsV1alphaDownloadTestCaseResponse: - id: GoogleCloudIntegrationsV1alphaDownloadTestCaseResponse - description: Response for DownloadTestCase. - type: object + functionName: + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + type: string + enum: + - UNSPECIFIED + - CONCAT + - TO_UPPERCASE + - TO_LOWERCASE + - CONTAINS + - SPLIT + - LENGTH + - EQUALS + - TO_INT + - TO_DOUBLE + - TO_BOOLEAN + - TO_BASE_64 + - TO_JSON + - EQUALS_IGNORE_CASE + - REPLACE_ALL + - SUBSTRING + - RESOLVE_TEMPLATE + - DECODE_BASE64_STRING + id: EnterpriseCrmEventbusProtoStringFunction + GoogleCloudIntegrationsV1alphaAccessToken: properties: - content: - description: String representation of the test case. + accessTokenExpireTime: + description: >- + Required. The approximate time until the access token retrieved is + valid. + format: google-datetime type: string - GoogleCloudIntegrationsV1alphaTakeoverTestCaseEditLockRequest: - id: GoogleCloudIntegrationsV1alphaTakeoverTestCaseEditLockRequest - description: Request for TakeoverTestCaseEditLock. + tokenType: + description: >- + Only support "bearer" token in v1 as bearer token is the predominant + type used with OAuth 2.0. + type: string + refreshToken: + description: >- + If the access token will expire, use the refresh token to obtain + another access token. + type: string + accessToken: + type: string + description: >- + The access token encapsulating the security identity of a process or + thread. + refreshTokenExpireTime: + format: google-datetime + description: The approximate time until the refresh token retrieved is valid. + type: string + id: GoogleCloudIntegrationsV1alphaAccessToken + description: >- + The access token represents the authorization of a specific application + to access specific parts of a user’s data. type: object - properties: {} - GoogleCloudIntegrationsV1alphaExecuteTestCasesRequest: - id: GoogleCloudIntegrationsV1alphaExecuteTestCasesRequest - description: Request for ExecuteTestCases. + GoogleCloudIntegrationsV1alphaDownloadExecutionResponse: + description: Response for downloading an execution. type: object - properties: {} - GoogleCloudIntegrationsV1alphaExecuteTestCasesResponse: - id: GoogleCloudIntegrationsV1alphaExecuteTestCasesResponse - description: Response for ExecuteTestCases. + properties: + content: + type: string + description: The content of downloaded execution. + id: GoogleCloudIntegrationsV1alphaDownloadExecutionResponse + GoogleCloudIntegrationsV1alphaSwitchEncryptionRequest: type: object + description: Request for the SwitchEncryption rpc properties: - executeTestCaseResponses: - description: Results of each execution of test cases in an integration version. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaExecuteTestCaseResponse - GoogleCloudIntegrationsV1alphaListTemplatesResponse: - id: GoogleCloudIntegrationsV1alphaListTemplatesResponse - description: Response for a request to list templates + cloudKmsConfig: + description: >- + Required. REQUIRED: Cloud KMS config for AuthModule to + encrypt/decrypt credentials. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCloudKmsConfig' + id: GoogleCloudIntegrationsV1alphaSwitchEncryptionRequest + GoogleCloudIntegrationsV1alphaListCertificatesResponse: type: object + description: Response to list Certificates. + id: GoogleCloudIntegrationsV1alphaListCertificatesResponse properties: - templates: - description: List of templates retrieved. + certificates: + description: The list of Certificates retrieved. type: array items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTemplate' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' nextPageToken: - description: The token used to retrieve the next page results. + description: The token used to retrieve the next page of results. type: string - GoogleCloudIntegrationsV1alphaTemplate: - id: GoogleCloudIntegrationsV1alphaTemplate - description: Defines the template for Application Integration + GoogleCloudConnectorsV1Secret: + description: Secret provides a reference to entries in Secret Manager. type: object + id: GoogleCloudConnectorsV1Secret properties: - name: - description: Identifier. Resource name of the template. - type: string - displayName: - description: Required. The name of the template - type: string - description: + secretVersion: description: >- - Optional. Description of the template. The length should not be more - than 255 characters + Optional. The resource name of the secret version in the format, + format as: `projects/*/secrets/*/versions/*`. type: string - usageInfo: + EnterpriseCrmEventbusProtoTaskUiConfig: + id: EnterpriseCrmEventbusProtoTaskUiConfig + description: >- + Task authors would use this type to configure the UI for a particular + task by specifying what UI config modules should be included to compose + the UI. Learn more about config module framework: + type: object + properties: + taskUiModuleConfigs: + description: Configurations of included config modules. + type: array + items: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTaskUiModuleConfig' + EnterpriseCrmEventbusProtoSuspensionExpiration: + type: object + id: EnterpriseCrmEventbusProtoSuspensionExpiration + properties: + expireAfterMs: + format: int32 + description: Milliseconds after which the suspension expires, if no action taken. + type: integer + liftWhenExpired: description: >- - Optional. Information on how to use the template. This should - contain detailed information about usage of the template. - type: string - docLink: - description: Optional. Link to template documentation. - type: string - templateBundle: + Whether the suspension will be REJECTED or LIFTED upon expiration. + REJECTED is the default behavior. + type: boolean + remindAfterMs: description: >- - Required. Bundle which is part of the templates. The template - entities in the bundle would be converted to an actual entity. - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTemplateBundle' - components: + Milliseconds after which the previous suspension action reminder, if + any, is sent using the selected notification option, for a + suspension which is still PENDING_UNSPECIFIED. + format: int32 + type: integer + EnterpriseCrmEventbusProtoScatterResponse: + type: object + id: EnterpriseCrmEventbusProtoScatterResponse + properties: + isSuccessful: + type: boolean description: >- - Optional. Components being used in the template. This could be used - to categorize and filter. - type: array + If execution is sync, this is true if the execution passed and false + if it failed. If the execution is async, this is true if the WF was + fired off successfully, and false if it failed to execute. The + success or failure of the subworkflows executed are not captured. + executionIds: items: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaTemplateComponent - tags: - description: >- - Required. Tags which are used to identify templates. These tags - could be for business use case, connectors etc. + type: string + description: The execution ids of each Subworkflow fired by this scatter. type: array + responseParams: items: - type: string - categories: - description: >- - Required. Categories associated with the Template. The categories - listed below will be utilized for the Template listing. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterEntry' type: array - items: - type: string - enumDescriptions: - - Category is unspecified - - AI_MACHINE_LEARNING - - BUSINESS_INTELLIGENCE - - COLLABORATION - - CUSTOMER_SERVICE - - DATAABASES - - DEVOPS_IT - - CONTENT_AND_FILES - - FINANCE_AND_ACCOUNTING - - HUMAN_RESOURCES - - OPERATIONS - - PRODUCT_PROJECT_MANAGEMENT - - PRODUCTIVITY - - SALES_AND_MARKETING - - UNIVERSAL_CONNECTORS - - UTILITY - - OTHERS - enum: - - CATEGORY_UNSPECIFIED - - AI_MACHINE_LEARNING - - BUSINESS_INTELLIGENCE - - COLLABORATION - - CUSTOMER_SERVICE - - DATABASES - - DEVOPS_IT - - CONTENT_AND_FILES - - FINANCE_AND_ACCOUNTING - - HUMAN_RESOURCES - - OPERATIONS - - PRODUCT_PROJECT_MANAGEMENT - - PRODUCTIVITY - - SALES_AND_MARKETING - - UNIVERSAL_CONNECTORS - - UTILITY - - OTHERS - createTime: - description: Output only. Auto-generated. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Auto-generated - readOnly: true - type: string - format: google-datetime - author: - description: Optional. Creator of the template. - type: string - usageCount: - description: Optional. Number of template usages. - type: string - format: int64 - lastUsedTime: - description: Optional. Time the template was last used. - type: string - format: google-datetime - visibility: - description: Required. Visibility of the template. - type: string - enumDescriptions: - - Visibility is unspecified - - Visibility is private - - Visibility is shared - - Visibility is public - enum: - - VISIBILITY_UNSPECIFIED - - PRIVATE - - SHARED - - PUBLIC - sharedWith: description: >- - Required. Resource names with which the template is shared for - example ProjectNumber/Ord id - type: array - items: - type: string - GoogleCloudIntegrationsV1alphaTemplateBundle: - id: GoogleCloudIntegrationsV1alphaTemplateBundle - description: Define the bundle of the template. - type: object + A list of all the response parameters in the aggregtorMap stored + with the remapped key. + scatterElement: + description: The element that was scattered for this execution. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterValueType' + errorMsg: + description: The error message of the failure if applicable. + type: string + GoogleCloudIntegrationsV1alphaUploadTemplateResponse: properties: - integrationVersionTemplate: - description: Required. Main integration templates of the template bundle. - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersionTemplate - subIntegrationVersionTemplates: - description: >- - Optional. Sub integration templates which would be added along with - main integration. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersionTemplate - GoogleCloudIntegrationsV1alphaIntegrationVersionTemplate: - id: GoogleCloudIntegrationsV1alphaIntegrationVersionTemplate - description: Define the template of IntegrationVersion. + template: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTemplate' + description: The uploaded Template + id: GoogleCloudIntegrationsV1alphaUploadTemplateResponse + description: Response for UploadTemplate. type: object - properties: - key: - description: Required. Unique Key of the IntegrationVersion. - type: string - integrationVersion: - description: Required. Templatized version of integration. - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion - GoogleCloudIntegrationsV1alphaTemplateComponent: - id: GoogleCloudIntegrationsV1alphaTemplateComponent - description: Define the components that are present in a template. + GoogleCloudIntegrationsV1alphaProvisionClientRequest: + id: GoogleCloudIntegrationsV1alphaProvisionClientRequest + description: Request for the Provision rpc type: object properties: - type: - description: Optional. Type of the component. - type: string - enumDescriptions: - - Component type is unspecified - - Trigger component - - Task component - - Connector component - enum: - - TYPE_UNSPECIFIED - - TRIGGER - - TASK - - CONNECTOR - name: - description: Optional. Name of the component. + runAsServiceAccount: + description: >- + Optional. User input run-as service account, if empty, will bring up + a new default service account type: string - GoogleCloudIntegrationsV1alphaSearchTemplatesResponse: - id: GoogleCloudIntegrationsV1alphaSearchTemplatesResponse - description: Response for a request to search templates + createSampleWorkflows: + type: boolean + description: >- + Optional. Indicates if sample workflow should be created along with + provisioning + enableManagedAiFeatures: + type: boolean + description: >- + Optional. Indicates if the client should be allowed to use managed + AI features, i.e. using Cloud Companion APIs of the tenant project. + This will allow the customers to use features like Troubleshooting, + OpenAPI spec enrichment, etc. for free. + skipCpProvision: + description: Optional. Indicates if skip CP provision or not + type: boolean + enableHttpCall: + description: >- + Optional. Indicates if the client should be allowed to make HTTP + calls. + type: boolean + cloudKmsConfig: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCloudKmsConfig' + description: >- + Optional. OPTIONAL: Cloud KMS config for AuthModule to + encrypt/decrypt credentials. + provisionGmek: + deprecated: true + type: boolean + description: >- + Optional. Deprecated. Indicates provision with GMEK or CMEK. This + field is deprecated and the provision would always be GMEK if + cloud_kms_config is not present in the request. + EnterpriseCrmFrontendsEventbusProtoEventExecutionInfo: type: object + description: >- + Contains all the execution details for a workflow instance. Next + available id: 27 properties: - templates: - description: List of templates retrieved. - type: array - items: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTemplate' - nextPageToken: - description: The token used to retrieve the next page results. + errorCode: + $ref: '#/components/schemas/CrmlogErrorCode' + description: Final error-code if event failed. + requestId: type: string - GoogleCloudIntegrationsV1alphaUseTemplateRequest: - id: GoogleCloudIntegrationsV1alphaUseTemplateRequest - description: Request to Use template - type: object - properties: - integrationDetails: - description: Required. Integration details which would be created via templates. - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaUseTemplateRequestIntegrationDetails - subIntegrations: - description: Optional. Sub Integration which would be created via templates. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaUseTemplateRequestIntegrationDetails - integrationRegion: - description: Required. The region of the Integration to be created. + description: Optional. This is used to de-dup incoming request. + executionTraceInfo: + description: Execution trace info to aggregate parent-child executions. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoExecutionTraceInfo' + triggerId: type: string - GoogleCloudIntegrationsV1alphaUseTemplateRequestIntegrationDetails: - id: GoogleCloudIntegrationsV1alphaUseTemplateRequestIntegrationDetails - description: Sub Integration which would be created via templates. - type: object - properties: - integration: description: >- - Required. Name of the sub integration which would be created via - templates. + The trigger id of the workflow trigger config. If both trigger_id + and client_id is present, the workflow is executed from the start + tasks provided by the matching trigger config otherwise it is + executed from the default start tasks. + requestParams: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters + description: Event parameters come in as part of the request. + integrationVersionUserLabel: type: string - integrationDescription: + description: User-defined label that annotates the executed integration version. + snapshotNumber: + type: string + format: int64 + description: Workflow snapshot number. + workflowName: + description: Name of the workflow. + type: string + workflowRetryBackoffIntervalSeconds: description: >- - Optional. Description of the sub integration which would be created - via templates. + Time interval in seconds to schedule retry of workflow in manifold + when workflow is already running + format: int64 type: string - GoogleCloudIntegrationsV1alphaUseTemplateResponse: - id: GoogleCloudIntegrationsV1alphaUseTemplateResponse - description: Response for use template - type: object - properties: - integrationVersion: - description: IntegrationVersion which is created. + lastModifiedTime: + type: string + format: int64 + description: Auto-generated. + replayInfo: + description: Replay info for the execution $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion - subIntegrationVersions: - description: Sub integration versions which are created. + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventExecutionInfoReplayInfo + eventExecutionDetails: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventExecutionDetails + description: The execution info about this event. + clientId: + description: The event data user sends as request. + type: string + responseParams: + description: Event parameters come out as part of the response. + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters + createTime: + description: Auto-generated. + type: string + format: int64 + errors: type: array + description: >- + Errors, warnings, and informationals associated with the + workflow/task. The order in which the errors were added by the + workflow/task is maintained. items: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion - GoogleCloudIntegrationsV1alphaImportTemplateRequest: - id: GoogleCloudIntegrationsV1alphaImportTemplateRequest - description: Request to Import template - type: object + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoErrorDetail' + product: + enum: + - UNSPECIFIED_PRODUCT + - IP + - APIGEE + - SECURITY + enumDescriptions: + - '' + - '' + - '' + - '' + type: string + description: >- + Which Google product the execution_info belongs to. If not set, the + execution_info belongs to Integration Platform by default. + tenant: + description: >- + Tenant this event is created. Used to reschedule the event to + correct tenant. + type: string + workflowId: + type: string + description: Required. Pointer to the workflow it is executing. + postMethod: + description: The ways user posts this event. + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + type: string + enum: + - UNSPECIFIED + - POST + - POST_TO_QUEUE + - SCHEDULE + - POST_BY_EVENT_CONFIG_ID + - POST_WITH_EVENT_DETAILS + cloudLoggingDetails: + description: Cloud Logging details for execution info + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoCloudLoggingDetails' + eventExecutionInfoId: + description: Auto-generated primary key. + type: string + id: EnterpriseCrmFrontendsEventbusProtoEventExecutionInfo + GoogleCloudIntegrationsV1alphaCertificate: properties: - integration: + requestorId: description: >- - Required. Resource Name of the integration where template needs to - be imported/inserted. + Immutable. Requestor ID to be used to register certificate with + trawler type: string - subIntegrations: - description: Optional. Sub Integration which would be created via templates. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaUseTemplateRequestIntegrationDetails - GoogleCloudIntegrationsV1alphaImportTemplateResponse: - id: GoogleCloudIntegrationsV1alphaImportTemplateResponse - description: Response for import template + validStartTime: + format: google-datetime + description: Output only. The timestamp after which certificate will be valid + type: string + readOnly: true + displayName: + type: string + description: Required. Name of the certificate + certificateStatus: + enum: + - STATE_UNSPECIFIED + - ACTIVE + - EXPIRED + type: string + enumDescriptions: + - Unspecified certificate status + - Certificate in active state will be able to use + - Certificate in expired state needs to be updated + description: Status of the certificate + description: + description: Description of the certificate + type: string + name: + description: Output only. Auto generated primary key + type: string + readOnly: true + validEndTime: + type: string + description: Output only. The timestamp after which certificate will expire + readOnly: true + format: google-datetime + credentialId: + type: string + description: Immutable. Credential id that will be used to register with trawler + rawCertificate: + description: >- + Input only. Raw client certificate which would be registered with + trawler + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaClientCertificate' + id: GoogleCloudIntegrationsV1alphaCertificate + description: The certificate definition + type: object + EnterpriseCrmEventbusProtoParameterEntry: + description: Key-value pair of EventBus parameters. + id: EnterpriseCrmEventbusProtoParameterEntry type: object properties: - integrationVersion: - description: IntegrationVersion after the import. - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion - subIntegrationVersions: - description: Sub integration versions which are imported. + value: + description: >- + Values for the defined keys. Each value can either be string, int, + double or any proto message. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterValueType' + key: + type: string + description: >- + Key is used to retrieve the corresponding parameter value. This + should be unique for a given fired event. These parameters must be + predefined in the integration definition. + masked: + type: boolean + description: True if this parameter should be masked in the logs + EnterpriseCrmFrontendsEventbusProtoStringParameterArray: + properties: + stringValues: type: array + items: + type: string + type: object + id: EnterpriseCrmFrontendsEventbusProtoStringParameterArray + GoogleCloudIntegrationsV1alphaListRuntimeActionSchemasResponse: + id: GoogleCloudIntegrationsV1alphaListRuntimeActionSchemasResponse + description: Response for listing RuntimeActionSchemas for a specific Connection. + properties: + runtimeActionSchemas: items: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion - GoogleCloudIntegrationsV1alphaShareTemplateRequest: - id: GoogleCloudIntegrationsV1alphaShareTemplateRequest - description: Request to Share template + #/components/schemas/GoogleCloudIntegrationsV1alphaRuntimeActionSchema + type: array + description: Runtime action schemas. + nextPageToken: + description: Next page token. + type: string type: object + EnterpriseCrmFrontendsEventbusProtoBooleanParameterArray: properties: - resourceNames: - description: >- - Optional. Project name resources to share the template. The project - names is expected in resource format Ex: projects/{project-number} - or organization/{org-id} + booleanValues: type: array items: - type: string - GoogleCloudIntegrationsV1alphaUnshareTemplateRequest: - id: GoogleCloudIntegrationsV1alphaUnshareTemplateRequest - description: Request to Unshare template + type: boolean + id: EnterpriseCrmFrontendsEventbusProtoBooleanParameterArray type: object + EnterpriseCrmEventbusProtoPropertyEntry: properties: - resourceNames: + value: description: >- - Optional. Project name resources to unshare the template. The - project names is expected in resource format Ex: - projects/{project-number} - type: array - items: - type: string - GoogleCloudIntegrationsV1alphaUploadTemplateRequest: - id: GoogleCloudIntegrationsV1alphaUploadTemplateRequest - description: Request for UploadTemplate. + Values for the defined keys. Each value can either be string, int, + double or any proto message. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoValueType' + key: + type: string + description: >- + Key is used to retrieve the corresponding property value. This + should be unique for a given fired event. The Tasks should be aware + of the keys used while firing the events for them to be able to + retrieve the values. + id: EnterpriseCrmEventbusProtoPropertyEntry + type: object + description: Key-value pair of EventBus property. + GoogleCloudIntegrationsV1alphaUploadTestCaseRequest: type: object properties: content: - description: Required. The textproto of the template. + description: The textproto of the test case. type: string fileFormat: - description: Required. File format for upload request. - type: string enumDescriptions: - Unspecified file format - JSON File Format @@ -8765,569 +8401,727 @@ components: - FILE_FORMAT_UNSPECIFIED - JSON - YAML - GoogleCloudIntegrationsV1alphaUploadTemplateResponse: - id: GoogleCloudIntegrationsV1alphaUploadTemplateResponse - description: Response for UploadTemplate. - type: object - properties: - template: - description: The uploaded Template - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTemplate' - GoogleCloudIntegrationsV1alphaDownloadTemplateResponse: - id: GoogleCloudIntegrationsV1alphaDownloadTemplateResponse - description: Response for DownloadTemplate. + description: File format for upload request. + type: string + description: Request for UploadTestCase. + id: GoogleCloudIntegrationsV1alphaUploadTestCaseRequest + EnterpriseCrmFrontendsEventbusProtoRollbackStrategy: + description: 'Next available id: 4' + id: EnterpriseCrmFrontendsEventbusProtoRollbackStrategy type: object properties: - content: - description: String representation of the template. - type: string - GoogleCloudIntegrationsV1alphaGenerateOpenApiSpecRequest: - id: GoogleCloudIntegrationsV1alphaGenerateOpenApiSpecRequest - description: Request for GenerateOpenApiSpec. - type: object - properties: - apiTriggerResources: - description: Required. List of api triggers - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaApiTriggerResource - fileFormat: - description: Required. File format for generated spec. - type: string - enumDescriptions: - - Unspecified file format - - JSON File Format - - YAML File Format - enum: - - FILE_FORMAT_UNSPECIFIED - - JSON - - YAML - GoogleCloudIntegrationsV1alphaApiTriggerResource: - id: GoogleCloudIntegrationsV1alphaApiTriggerResource - description: List of API triggerID and their workflow resource name. - type: object - properties: - integrationResource: - description: Required. Integration where the API is published + parameters: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoEventParameters + description: Optional. The customized parameters the user can pass to this task. + rollbackTaskImplementationClassName: + description: >- + Required. This is the name of the task that needs to be executed + upon rollback of this task. type: string - triggerId: - description: Required. Trigger Id of the API trigger(s) in the integration - type: array + taskNumbersToRollback: items: type: string - GoogleCloudIntegrationsV1alphaGenerateOpenApiSpecResponse: - id: GoogleCloudIntegrationsV1alphaGenerateOpenApiSpecResponse - description: Response of the GenerateOpenApiSpec API. - type: object - properties: - openApiSpec: - description: Open API spec as per the required format - type: string - GoogleCloudIntegrationsV1alphaGenerateTokenResponse: - id: GoogleCloudIntegrationsV1alphaGenerateTokenResponse - description: Returns success or error message - type: object - properties: - message: - description: The message that notifies the user if the request succeeded or not. - type: string - EnterpriseCrmEventbusAuthconfigAuthConfigTaskParam: - id: EnterpriseCrmEventbusAuthconfigAuthConfigTaskParam + type: array + description: >- + Required. These are the tasks numbers of the tasks whose + `rollback_strategy.rollback_task_implementation_class_name` needs to + be executed upon failure of this task. + GoogleCloudConnectorsV1TrafficShapingConfig: type: object properties: - authConfigId: - description: UUID of the AuthConfig. - type: string - allowedCredentialTypes: + duration: description: >- - Defines the credential types to be supported as Task may restrict - specific types to use, e.g. Cloud SQL Task will use - username/password type only. - type: array - items: - type: string - enumDescriptions: - - '' - - Regular username/password pair. - - API key. - - OAuth 2.0 Authorization Code Grant Type. - - OAuth 2.0 Implicit Grant Type. - - OAuth 2.0 Client Credentials Grant Type. - - OAuth 2.0 Resource Owner Credentials Grant Type. - - JWT Token. - - Auth Token, e.g. bearer token. - - >- - Service Account which can be used to generate token for - authentication. - - Client Certificate only. - - Google OIDC ID Token - enum: - - CREDENTIAL_TYPE_UNSPECIFIED - - USERNAME_AND_PASSWORD - - API_KEY - - OAUTH2_AUTHORIZATION_CODE - - OAUTH2_IMPLICIT - - OAUTH2_CLIENT_CREDENTIALS - - OAUTH2_RESOURCE_OWNER_CREDENTIALS - - JWT - - AUTH_TOKEN - - SERVICE_ACCOUNT - - CLIENT_CERTIFICATE_ONLY - - OIDC_TOKEN - allowedServiceAccountInContext: - type: boolean - useServiceAccountInContext: - type: boolean - scope: - description: A space-delimited list of requested scope permissions. + Required. * The duration over which the API call quota limits are + calculated. This duration is used to define the time window for + evaluating if the number of API calls made by a user is within the + allowed quota limits. For example: - To define a quota sampled over + 16 seconds, set `seconds` to 16 - To define a quota sampled over 5 + minutes, set `seconds` to 300 (5 * 60) - To define a quota sampled + over 1 day, set `seconds` to 86400 (24 * 60 * 60) and so on. It is + important to note that this duration is not the time the quota is + valid for, but rather the time window over which the quota is + evaluated. For example, if the quota is 100 calls per 10 seconds, + then this duration field would be set to 10 seconds. type: string - EnterpriseCrmEventbusProtoFieldMappingConfig: - id: EnterpriseCrmEventbusProtoFieldMappingConfig + format: google-duration + quotaLimit: + type: string + description: Required. Maximum number of api calls allowed. + format: int64 + id: GoogleCloudConnectorsV1TrafficShapingConfig description: >- - Field Mapping Config to map multiple output fields values from input - fields values. + * TrafficShapingConfig defines the configuration for shaping API traffic + by specifying a quota limit and the duration over which this limit is + enforced. This configuration helps to control and manage the rate at + which API calls are made on the client side, preventing service overload + on the backend. For example: - if the quota limit is 100 calls per 10 + seconds, then the message would be: { quota_limit: 100 duration: { + seconds: 10 } } - if the quota limit is 100 calls per 5 minutes, then + the message would be: { quota_limit: 100 duration: { seconds: 300 } } - + if the quota limit is 10000 calls per day, then the message would be: { + quota_limit: 10000 duration: { seconds: 86400 } and so on. + EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleDoubleRange: + properties: + min: + type: number + format: double + description: The inclusive minimum of the acceptable range. + max: + format: double + type: number + description: The inclusive maximum of the acceptable range. + description: Range used to validate doubles and floats. + type: object + id: EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleDoubleRange + EnterpriseCrmEventbusProtoProtoParameterArray: type: object + id: EnterpriseCrmEventbusProtoProtoParameterArray properties: - mappedFields: + protoValues: type: array items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoMappedField' - EnterpriseCrmEventbusProtoMappedField: - id: EnterpriseCrmEventbusProtoMappedField - description: Mapped field is a pair of input field and output field. - type: object - properties: - inputField: - description: The input field being mapped from. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoField' - outputField: - description: The output field being mapped to. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoField' - EnterpriseCrmEventbusProtoField: - id: EnterpriseCrmEventbusProtoField - description: Information about the value and type of the field. + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + EnterpriseCrmEventbusProtoTaskAlertConfig: + id: EnterpriseCrmEventbusProtoTaskAlertConfig type: object properties: - referenceKey: - description: >- - This holds the reference key of the workflow or task parameter. 1. - Any workflow parameter, for e.g. $workflowParam1$. 2. Any task input - or output parameter, for e.g. $task1_param1$. 3. Any workflow or - task parameters with subfield references, for e.g., - $task1_param1.employee.id$ - type: string - transformExpression: - description: >- - This is the transform expression to fetch the input field value. for - e.g. $param1$.CONCAT('test'). Keep points - 1. Only input field can - have a transform expression. 2. If a transform expression is - provided, reference_key will be ignored. 3. If no value is returned - after evaluation of transform expression, default_value can be - mapped if provided. 4. The field_type should be the type of the - final object returned after the transform expression is evaluated. - Scrubs the transform expression before logging as value provided by - user so may or may not contain PII or SPII data. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTransformExpression' - defaultValue: + thresholdType: description: >- - This holds the default values for the fields. This value is supplied - by user so may or may not contain PII or SPII data. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterValueType' - fieldType: - description: Specifies the data type of the field. - type: string + The threshold type for which this alert is being configured. If + value falls below expected_min or exceeds expected_max, an alert + will be fired. enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - '' - >- - BYTES and BYTES_ARRAY data types are not allowed for top-level - params. They're only meant to support protobufs with BYTES - (sub)fields. - - '' - - '' + Note that this field will only trigger alerts if the workflow + specifying it runs at least once in 24 hours (which is our + in-memory retention period for monarch streams). Also note that + `aggregation_period` for this alert configuration must be less + than 24 hours. - '' enum: - - DATA_TYPE_UNSPECIFIED - - STRING_VALUE - - INT_VALUE - - DOUBLE_VALUE - - BOOLEAN_VALUE - - PROTO_VALUE - - SERIALIZED_OBJECT_VALUE - - STRING_ARRAY - - INT_ARRAY - - DOUBLE_ARRAY - - PROTO_ARRAY - - PROTO_ENUM - - BOOLEAN_ARRAY - - PROTO_ENUM_ARRAY - - BYTES - - BYTES_ARRAY - - NON_SERIALIZABLE_OBJECT - - JSON_VALUE - protoDefPath: + - UNSPECIFIED_THRESHOLD_TYPE + - EXPECTED_MIN + - EXPECTED_MAX + type: string + numAggregationPeriods: description: >- - Optional. The fully qualified proto name (e.g. - enterprise.crm.storage.Account). Required for output field of type - PROTO_VALUE or PROTO_ARRAY. For e.g., if input field_type is BYTES - and output field_type is PROTO_VALUE, then fully qualified proto - type url should be provided to parse the input bytes. If field_type - is *_ARRAY, then all the converted protos are of the same type. + For how many contiguous aggregation periods should the expected min + or max be violated for the alert to be fired. + format: int32 + type: integer + errorEnumList: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumList + onlyFinalAttempt: + type: boolean + description: Only count final task attempts, not retries. + warningEnumList: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumList + alertDisabled: + description: >- + Set to false by default. When set to true, the metrics are not + aggregated or pushed to Monarch for this workflow alert. + type: boolean + aggregationPeriod: + description: >- + The period over which the metric value should be aggregated and + evaluated. Format is , where integer should be a positive integer + and unit should be one of (s,m,h,d,w) meaning (second, minute, hour, + day, week). + type: string + durationThresholdMs: + format: int64 type: string - cardinality: description: >- - By default, if the cardinality is unspecified the field is - considered required while mapping. + Should be specified only for TASK_AVERAGE_DURATION and + TASK_PERCENTILE_DURATION metrics. This member should be used to + specify what duration value the metrics should exceed for the alert + to trigger. + clientId: + description: >- + Client associated with this alert configuration. Must be a client + enabled in one of the containing workflow's triggers. + type: string + thresholdValue: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoBaseAlertConfigThresholdValue + description: >- + The metric value, above or below which the alert should be + triggered. + playbookUrl: + description: >- + Link to a playbook for resolving the issue that triggered this + alert. + type: string + alertName: + description: >- + A name to identify this alert. This will be displayed in the alert + subject. If set, this name should be unique in within the scope of + the containing workflow. + type: string + metricType: + enum: + - METRIC_TYPE_UNSPECIFIED + - TASK_ERROR_RATE + - TASK_WARNING_RATE + - TASK_RATE + - TASK_AVERAGE_DURATION + - TASK_PERCENTILE_DURATION type: string enumDescriptions: - - For fields with unspecified cardinality. - >- - If field cardinality is set to optional, ignore errors if input - field value is null or the reference_key is not found. - enum: - - UNSPECIFIED - - OPTIONAL - EnterpriseCrmEventbusProtoTransformExpression: - id: EnterpriseCrmEventbusProtoTransformExpression + The default value. Metric type should always be set to one of the + other non-default values, otherwise it will result in an + INVALID_ARGUMENT error. + - >- + Specifies alerting on the rate of errors (potentially for a + specific set of enum values) for the enclosing TaskConfig. + - >- + Specifies alerting on the rate of warnings (potentially for a + specific set of enum values) for the enclosing TaskConfig. + Warnings use the same enum values as errors. + - >- + Specifies alerting on the number of instances for the enclosing + TaskConfig executed in the given aggregation_period. + - >- + Specifies alerting on the average duration of execution for the + enclosing task. + - >- + Specifies alerting on the duration of a particular percentile of + task executions. E.g. If 10% or more of the task executions have + durations above 5 seconds, alert. + description: >- + Message to be used to configure alerting in the {@code TaskConfig} + protos for tasks in an event. + GoogleCloudIntegrationsV1alphaRuntimeEntitySchema: + id: GoogleCloudIntegrationsV1alphaRuntimeEntitySchema + properties: + arrayFieldSchema: + description: The above schema, but for an array of the associated entity. + type: string + fieldSchema: + description: List of fields in the entity. + type: string + entity: + description: Name of the entity. + type: string type: object + description: Metadata of an entity, including a schema for its properties. + GoogleCloudIntegrationsV1alphaCancelExecutionResponse: + description: Response for cancelling an execution. properties: - initialValue: - description: Initial value upon which to perform transformations. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoBaseValue' - transformationFunctions: - description: Transformations to be applied sequentially. - type: array - items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoFunction' - EnterpriseCrmEventbusProtoBaseValue: - id: EnterpriseCrmEventbusProtoBaseValue + isCanceled: + type: boolean + description: True if cancellation performed successfully. + id: GoogleCloudIntegrationsV1alphaCancelExecutionResponse type: object + EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleIntRange: properties: - literalValue: - description: Start with a literal value. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterValueType' - referenceValue: - description: Start with a reference value to dereference. + max: + format: int64 + description: The inclusive maximum of the acceptable range. type: string - baseFunction: - description: >- - Start with a function that does not build on existing values. Eg. - CurrentTime, Min, Max, Exists, etc. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoFunction' - EnterpriseCrmEventbusProtoFunction: - id: EnterpriseCrmEventbusProtoFunction + min: + description: The inclusive minimum of the acceptable range. + format: int64 + type: string + id: EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleIntRange + description: Range used to validate longs and ints. type: object + GoogleCloudIntegrationsV1alphaAuthConfig: + type: object + description: The AuthConfig resource use to hold channels and connection config data. + id: GoogleCloudIntegrationsV1alphaAuthConfig properties: - functionType: - description: The name of the function to perform. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoFunctionType' - parameters: - description: List of parameters required for the transformation. + encryptedCredential: + type: string + format: byte + description: >- + Auth credential encrypted by Cloud KMS. Can be decrypted as + Credential with proper KMS key. + lastModifierEmail: + type: string + description: >- + The last modifier's email address. Generated based on the End User + Credentials/LOAS role of the user making the call. + expiryNotificationDuration: type: array + description: >- + Optional. User can define the time to receive notification after + which the auth config becomes invalid. Support up to 30 days. + Support granularity in hours. items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoTransformExpression' - EnterpriseCrmEventbusProtoFunctionType: - id: EnterpriseCrmEventbusProtoFunctionType - type: object - properties: - baseFunction: - description: LINT.IfChange - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoBaseFunction' - stringFunction: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoStringFunction' - intFunction: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoIntFunction' - doubleFunction: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoDoubleFunction' - booleanFunction: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoBooleanFunction' - protoFunction: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoProtoFunction' - stringArrayFunction: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoStringArrayFunction' - intArrayFunction: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoIntArrayFunction' - doubleArrayFunction: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoDoubleArrayFunction' - booleanArrayFunction: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoBooleanArrayFunction' - protoArrayFunction: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoProtoArrayFunction' - jsonFunction: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoJsonFunction' - EnterpriseCrmEventbusProtoBaseFunction: - id: EnterpriseCrmEventbusProtoBaseFunction - type: object - properties: - functionName: + type: string + format: google-duration + creatorEmail: type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - UNSPECIFIED - - NOW_IN_MILLIS - - INT_LIST - - ENVIRONMENT - - GET_EXECUTION_ID - - GET_INTEGRATION_NAME - - GET_REGION - - GET_UUID - - GET_PROJECT_ID - EnterpriseCrmEventbusProtoStringFunction: - id: EnterpriseCrmEventbusProtoStringFunction - type: object - properties: - functionName: + description: >- + The creator's email address. Generated based on the End User + Credentials/LOAS role of the user making the call. + description: + description: Optional. A description of the auth config. type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' + certificateId: + description: Certificate id for client certificate + type: string + createTime: + format: google-datetime + readOnly: true + description: Output only. The timestamp when the auth config is created. + type: string + name: + description: >- + Resource name of the auth config. For more information, see Manage + authentication profiles. + projects/{project}/locations/{location}/authConfigs/{authConfig}. + type: string + overrideValidTime: + description: >- + Optional. User provided expiry time to override. For the example of + Salesforce, username/password credentials can be valid for 6 months + depending on the instance settings. + format: google-datetime + type: string + credentialType: + enumDescriptions: + - Unspecified credential type + - Regular username/password pair. + - API key. + - OAuth 2.0 Authorization Code Grant Type. + - OAuth 2.0 Implicit Grant Type. + - OAuth 2.0 Client Credentials Grant Type. + - OAuth 2.0 Resource Owner Credentials Grant Type. + - JWT Token. + - Auth Token, e.g. bearer token. + - >- + Service Account which can be used to generate token for + authentication. + - Client Certificate only. + - Google OIDC ID Token + description: Required. Credential type of the encrypted credential. enum: - - UNSPECIFIED - - CONCAT - - TO_UPPERCASE - - TO_LOWERCASE - - CONTAINS - - SPLIT - - LENGTH - - EQUALS - - TO_INT - - TO_DOUBLE - - TO_BOOLEAN - - TO_BASE_64 - - TO_JSON - - EQUALS_IGNORE_CASE - - REPLACE_ALL - - SUBSTRING - - RESOLVE_TEMPLATE - - DECODE_BASE64_STRING - EnterpriseCrmEventbusProtoIntFunction: - id: EnterpriseCrmEventbusProtoIntFunction - type: object - properties: - functionName: + - CREDENTIAL_TYPE_UNSPECIFIED + - USERNAME_AND_PASSWORD + - API_KEY + - OAUTH2_AUTHORIZATION_CODE + - OAUTH2_IMPLICIT + - OAUTH2_CLIENT_CREDENTIALS + - OAUTH2_RESOURCE_OWNER_CREDENTIALS + - JWT + - AUTH_TOKEN + - SERVICE_ACCOUNT + - CLIENT_CERTIFICATE_ONLY + - OIDC_TOKEN + type: string + validTime: + format: google-datetime + description: >- + Optional. The time until the auth config is valid. Empty or max + value is considered the auth config won't expire. + type: string + reason: + description: Output only. The reason / details of the current status. + readOnly: true + type: string + updateTime: + description: Output only. The timestamp when the auth config is modified. + format: google-datetime + type: string + readOnly: true + visibility: type: string + enum: + - AUTH_CONFIG_VISIBILITY_UNSPECIFIED + - PRIVATE + - CLIENT_VISIBLE + description: Optional. The visibility of the auth config. enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' + - Visibility not specified. + - Profile visible to the creator only. + - Profile visible within the client. + decryptedCredential: + description: Raw auth credentials. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCredential' + state: + enumDescriptions: + - Status not specified. + - Valid Auth config. + - >- + General invalidity, if it doesn't fits in the detailed issue + below. + - Auth config soft deleted. + - Auth config expired. + - Auth config unauthorized. + - Auth config not supported. + description: Output only. The status of the auth config. + type: string + readOnly: true enum: - - UNSPECIFIED - - ADD - - SUBTRACT - - MULTIPLY - - DIVIDE - - EXPONENT - - GREATER_THAN_EQUAL_TO - - GREATER_THAN - - LESS_THAN_EQUAL_TO - - LESS_THAN - - TO_DOUBLE - - TO_STRING - - EQUALS - - TO_JSON - - MOD - - EPOCH_TO_HUMAN_READABLE_TIME - EnterpriseCrmEventbusProtoDoubleFunction: - id: EnterpriseCrmEventbusProtoDoubleFunction + - STATE_UNSPECIFIED + - VALID + - INVALID + - SOFT_DELETED + - EXPIRED + - UNAUTHORIZED + - UNSUPPORTED + displayName: + type: string + description: Required. The name of the auth config. + GoogleCloudConnectorsV1AuthConfigSshPublicKey: + properties: + sshClientCertPass: + description: >- + Optional. Password (passphrase) for ssh client certificate if it has + one. + $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' + certType: + type: string + description: Optional. Format of SSH Client cert. + sshClientCert: + description: >- + Optional. SSH Client Cert. It should contain both public and private + key. + $ref: '#/components/schemas/GoogleCloudConnectorsV1Secret' + username: + type: string + description: Optional. The user account used to authenticate. + description: Parameters to support Ssh public key Authentication. + type: object + id: GoogleCloudConnectorsV1AuthConfigSshPublicKey + GoogleCloudIntegrationsV1alphaJwt: + id: GoogleCloudIntegrationsV1alphaJwt + description: >- + Represents JSON web token(JWT), which is a compact, URL-safe means of + representing claims to be transferred between two parties, enabling the + claims to be digitally signed or integrity protected. type: object properties: - functionName: + jwtHeader: + description: Identifies which algorithm is used to generate the signature. type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - UNSPECIFIED - - TO_JSON - - TO_STRING - - ADD - - SUBTRACT - - MULTIPLY - - DIVIDE - - EXPONENT - - ROUND - - FLOOR - - CEIL - - GREATER_THAN - - LESS_THAN - - EQUALS - - GREATER_THAN_EQUALS - - LESS_THAN_EQUALS - - MOD - EnterpriseCrmEventbusProtoBooleanFunction: - id: EnterpriseCrmEventbusProtoBooleanFunction + jwt: + description: The token calculated by the header, payload and signature. + type: string + jwtPayload: + type: string + description: >- + Contains a set of claims. The JWT specification defines seven + Registered Claim Names which are the standard fields commonly + included in tokens. Custom claims are usually also included, + depending on the purpose of the token. + secret: + type: string + description: User's pre-shared secret to sign the token. + EnterpriseCrmEventbusProtoEventExecutionSnapshotEventExecutionSnapshotMetadata: type: object properties: - functionName: + taskNumber: type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - UNSPECIFIED - - TO_JSON - - NOT - - AND - - NAND - - OR - - XOR - - NOR - - XNOR - - TO_STRING - - EQUALS - EnterpriseCrmEventbusProtoProtoFunction: - id: EnterpriseCrmEventbusProtoProtoFunction - type: object + description: The task number associated with this snapshot. Could be empty. + integrationName: + type: string + description: >- + The direct integration which the event execution snapshots belongs + to + ancestorIterationNumbers: + type: array + description: >- + Ancestor iteration number for the task(it will only be non-empty if + the task is under 'private workflow') + items: + type: string + eventAttemptNum: + type: integer + description: the event attempt number this snapshot belongs to. + format: int32 + taskLabel: + description: the task label associated with this snapshot. Could be empty. + type: string + taskAttemptNum: + format: int32 + description: the task attempt number this snapshot belongs to. Could be empty. + type: integer + taskName: + description: the task name associated with this snapshot. Could be empty. + type: string + ancestorTaskNumbers: + items: + type: string + description: >- + Ancestor task number for the task(it will only be non-empty if the + task is under 'private workflow') + type: array + id: >- + EnterpriseCrmEventbusProtoEventExecutionSnapshotEventExecutionSnapshotMetadata + GoogleCloudIntegrationsV1alphaSearchIntegrationsResponseIntegrationSearchResult: + description: The integration search result with integration level information. properties: - functionName: + createTime: + type: string + format: google-datetime + readOnly: true + description: Output only. The create time of the integration version. + description: type: string + description: The description of the integration version. + version: + description: The version of the integration version. + type: string + creator: + description: The creator of the integration version. + type: string + id: + description: The integration id. + type: string + status: + readOnly: true enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' + - Default. + - Draft. + - Active. + - Archived. + - Snapshot. + type: string + description: Output only. The status of the integration version. enum: - - UNSPECIFIED - - GET_STRING_SUBFIELD - - GET_INT_SUBFIELD - - GET_DOUBLE_SUBFIELD - - GET_BOOLEAN_SUBFIELD - - GET_STRING_ARRAY_SUBFIELD - - GET_INT_ARRAY_SUBFIELD - - GET_DOUBLE_ARRAY_SUBFIELD - - GET_BOOLEAN_ARRAY_SUBFIELD - - GET_PROTO_ARRAY_SUBFIELD - - GET_PROTO_SUBFIELD - - TO_JSON - - GET_BYTES_SUBFIELD_AS_UTF_8_STRING - - GET_BYTES_SUBFIELD_AS_PROTO - - EQUALS - EnterpriseCrmEventbusProtoStringArrayFunction: - id: EnterpriseCrmEventbusProtoStringArrayFunction + - INTEGRATION_STATE_UNSPECIFIED + - DRAFT + - ACTIVE + - ARCHIVED + - SNAPSHOT + name: + description: The integration document metadata. + type: string + region: + description: The region of the integration version. + type: string type: object + id: >- + GoogleCloudIntegrationsV1alphaSearchIntegrationsResponseIntegrationSearchResult + GoogleCloudConnectorsV1NodeConfig: properties: - functionName: + maxNodeCount: + type: integer + format: int32 + description: Optional. Maximum number of nodes in the runtime nodes. + minNodeCount: + type: integer + description: Optional. Minimum number of nodes in the runtime nodes. + format: int32 + description: Node configuration for the connection. + type: object + id: GoogleCloudConnectorsV1NodeConfig + GoogleInternalCloudCrmEventbusV3PostToQueueWithTriggerIdRequest: + description: >- + LINT.IfChange Use this request to post all workflows associated with a + given trigger id. Next available id: 13 + properties: + ignoreErrorIfNoActiveWorkflow: + description: >- + Optional. Flag to determine whether clients would suppress a warning + when no ACTIVE workflows are not found. If this flag is set to be + true, an error will not be thrown if the requested trigger_id or + client_id is not found in any ACTIVE workflow. Otherwise, the error + is always thrown. The flag is set to be false by default. + type: boolean + triggerId: type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' + description: >- + Matched against all {@link TriggerConfig}s across all workflows. + i.e. TriggerConfig.trigger_id.equals(trigger_id) Required. + parameters: + description: Passed in as parameters to each workflow execution. Optional. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoEventParameters' + userGeneratedExecutionId: + type: string + description: >- + This is a unique id provided by the method caller. If provided this + will be used as the execution_id when a new execution info is + created. This is a string representation of a UUID. Must have no + more than 36 characters and contain only alphanumeric characters and + hyphens. + scheduledTime: + type: string + format: int64 + description: >- + Optional. Time in milliseconds since epoch when the given event + would be scheduled. + workflowName: + description: >- + Optional. If provided, the workflow_name is used to filter all the + matched workflows having same trigger_id+client_id. A combination of + trigger_id, client_id and workflow_name identifies a unique + workflow. + type: string + requestId: + type: string + description: >- + Optional. This is used to de-dup incoming request: if the duplicate + request was detected, the response from the previous execution is + returned. Must have no more than 36 characters and contain only + alphanumeric characters and hyphens. + quotaRetryCount: + type: integer + description: >- + Optional. This is a field to see the quota retry count for + integration execution + format: int32 + resourceName: + description: >- + This field is only required when using Admin Access. The resource + name of target, or the parent resource name. For example: + "projects/*/locations/*/integrations/*" + type: string + clientId: + description: >- + Optional. If the client id is provided, then the combination of + trigger id and client id is matched across all the workflows. If the + client id is not provided, then workflows with matching trigger id + are executed for each client id in the {@link TriggerConfig}. For + Api Trigger, the client id is required and will be validated against + the allowed clients. + type: string + testMode: + type: boolean + description: >- + Optional. Sets test mode in {@link + enterprise/crm/eventbus/event_message.proto}. + priority: enum: - - UNSPECIFIED - - GET - - APPEND - - SIZE - - TO_SET - - APPEND_ALL - - TO_JSON - - SET - - REMOVE - - REMOVE_AT - - CONTAINS - - FOR_EACH - - FILTER - EnterpriseCrmEventbusProtoIntArrayFunction: - id: EnterpriseCrmEventbusProtoIntArrayFunction + - UNSPCIFIED + - SHEDDABLE + - SHEDDABLE_PLUS + - CRITICAL + - CRITICAL_PLUS + description: >- + The request priority this request should be processed at. For + internal users: + enumDescriptions: + - Unspecified + - >- + Frequent partial and occasional full unavailability is expected + and not pageable. * Requests to this band will be shed before all + other requests. * This is the default for async calls sent from + batch jobs. + - >- + Partial unavailability is expected and is not necessarily + pageable. * Requests to this band will be shed before any critical + traffic. * This is the default for async calls sent from + production jobs. + - >- + Any outage is a pageable event. * During a production outage + requests in this band will only be shed before CRITICAL_PLUS. * + This is the default for sync calls sent from production jobs. + - >- + Any outage is a pageable event. * The guideline is for < 10% of + requests to a service to be in this band. * During a production + outage requests in this band will be prioritized above all others. + * Opt-in to CRITICAL_PLUS when your workflow triggers by human. + type: string + id: GoogleInternalCloudCrmEventbusV3PostToQueueWithTriggerIdRequest + type: object + GoogleCloudIntegrationsV1alphaParameterMapEntry: + description: Entry is a pair of key and value. + properties: + key: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaParameterMapField' + description: Key of the map entry. + value: + description: Value of the map entry. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaParameterMapField' + type: object + id: GoogleCloudIntegrationsV1alphaParameterMapEntry + GoogleCloudIntegrationsV1alphaTakeoverEditLockRequest: + properties: {} + description: Request for TakeoverEditLock. + id: GoogleCloudIntegrationsV1alphaTakeoverEditLockRequest + type: object + GoogleCloudIntegrationsV1alphaProvisionClientPostProcessorRequest: + description: Request for PostProvisioning rpc call. + id: GoogleCloudIntegrationsV1alphaProvisionClientPostProcessorRequest + type: object + properties: + workflows: + items: + type: string + enum: + - SAMPLE_INTEGRATIONS_UNSPECIFIED + - SAMPLE_WORKFLOW_ECOM_PROCESSING + - EXECUTE_CONNECTOR_TOOL_WORKFLOW + enumDescriptions: + - Default value, should not be used. + - Ecom processing workflow + - Connector tool workflow + description: Optional. Indicate which workflows to create + type: array + GoogleCloudIntegrationsV1alphaProvisionClientPostProcessorResponse: + properties: {} + type: object + description: Response for PostProvisioning rpc call. + id: GoogleCloudIntegrationsV1alphaProvisionClientPostProcessorResponse + EnterpriseCrmEventbusProtoTriggerCriteria: type: object + id: EnterpriseCrmEventbusProtoTriggerCriteria properties: - functionName: + parameters: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoEventParameters' + description: Optional. To be used in TaskConfig for the implementation class. + condition: + type: string + description: >- + Required. Standard filter expression, when true the workflow will be + executed. If there's no + trigger_criteria_task_implementation_class_name specified, the + condition will be validated directly. + triggerCriteriaTaskImplementationClassName: + description: >- + Optional. Implementation class name. The class should implement the + “TypedTask” interface. + type: string + EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntry: + properties: + key: + type: string + description: >- + Key is used to retrieve the corresponding parameter value. This + should be unique for a given fired event. These parameters must be + predefined in the workflow definition. + required: + type: boolean + description: + type: string + description: Optional. The description about the parameter + attributes: + description: Metadata information about the parameters. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoAttributes' + dataType: + description: The data type of the parameter. type: string + enum: + - DATA_TYPE_UNSPECIFIED + - STRING_VALUE + - INT_VALUE + - DOUBLE_VALUE + - BOOLEAN_VALUE + - PROTO_VALUE + - SERIALIZED_OBJECT_VALUE + - STRING_ARRAY + - INT_ARRAY + - DOUBLE_ARRAY + - PROTO_ARRAY + - PROTO_ENUM + - BOOLEAN_ARRAY + - PROTO_ENUM_ARRAY + - BYTES + - BYTES_ARRAY + - NON_SERIALIZABLE_OBJECT + - JSON_VALUE enumDescriptions: - '' - '' @@ -9343,248 +9137,297 @@ components: - '' - '' - '' + - >- + BYTES and BYTES_ARRAY data types are not allowed for top-level + params. They're only meant to support protobufs with BYTES + (sub)fields. - '' - '' - '' + producedBy: + description: >- + The identifier of the node (TaskConfig/TriggerConfig) this parameter + was produced by, if it is a transient param or a copy of an input + param. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoNodeIdentifier' + protoDefName: + description: >- + The name of the protobuf type if the parameter has a protobuf data + type. + type: string + name: + description: >- + The name (without prefix) to be displayed in the UI for this + parameter. E.g. if the key is "foo.bar.myName", then the name would + be "myName". + type: string + defaultValue: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterValueType + description: >- + Default values for the defined keys. Each value can either be + string, int, double or any proto message or a serialized object. + inOutType: + enumDescriptions: + - '' + - >- + Input parameters for the workflow. EventBus validates that these + parameters exist in the workflows before execution. + - >- + Output Parameters for the workflow. EventBus will only return the + workflow parameters tagged with OUT in the response back. + - >- + Input or Output Parameters. These can be used as both input and + output. EventBus will validate for the existence of these + parameters before execution and will also return this parameter + back in the response. + type: string enum: - - UNSPECIFIED - - GET - - APPEND - - SIZE - - SUM - - AVG - - MAX - - MIN - - TO_SET - - APPEND_ALL - - TO_JSON - - SET - - REMOVE - - REMOVE_AT - - CONTAINS - - FOR_EACH - - FILTER - EnterpriseCrmEventbusProtoDoubleArrayFunction: - id: EnterpriseCrmEventbusProtoDoubleArrayFunction + - IN_OUT_TYPE_UNSPECIFIED + - IN + - OUT + - IN_OUT + description: Specifies the input/output type for the parameter. + producer: + type: string + jsonSchema: + description: >- + This schema will be used to validate runtime JSON-typed values of + this parameter. + type: string + isTransient: + description: Whether this parameter is a transient parameter. + type: boolean + children: + description: >- + Child parameters nested within this parameter. This field only + applies to protobuf parameters + items: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntry + type: array + protoDefPath: + type: string + description: >- + If the data type is of type proto or proto array, this field needs + to be populated with the fully qualified proto name. This message, + for example, would be + "enterprise.crm.frontends.eventbus.proto.WorkflowParameterEntry". + containsLargeData: + description: >- + Indicates whether this variable contains large data and need to be + uploaded to Cloud Storage. + type: boolean + id: EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntry type: object + GoogleCloudIntegrationsV1alphaTemplate: + description: Defines the template for Application Integration properties: - functionName: + docLink: + description: Optional. Link to template documentation. + type: string + lastUsedTime: + description: Optional. Time the template was last used. + type: string + format: google-datetime + usageInfo: + type: string + description: >- + Optional. Information on how to use the template. This should + contain detailed information about usage of the template. + templateBundle: + description: >- + Required. Bundle which is part of the templates. The template + entities in the bundle would be converted to an actual entity. + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTemplateBundle' + components: + items: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaTemplateComponent + description: >- + Optional. Components being used in the template. This could be used + to categorize and filter. + type: array + categories: + type: array + description: >- + Required. Categories associated with the Template. The categories + listed below will be utilized for the Template listing. + items: + enumDescriptions: + - Category is unspecified + - AI_MACHINE_LEARNING + - BUSINESS_INTELLIGENCE + - COLLABORATION + - CUSTOMER_SERVICE + - DATAABASES + - DEVOPS_IT + - CONTENT_AND_FILES + - FINANCE_AND_ACCOUNTING + - HUMAN_RESOURCES + - OPERATIONS + - PRODUCT_PROJECT_MANAGEMENT + - PRODUCTIVITY + - SALES_AND_MARKETING + - UNIVERSAL_CONNECTORS + - UTILITY + - OTHERS + type: string + enum: + - CATEGORY_UNSPECIFIED + - AI_MACHINE_LEARNING + - BUSINESS_INTELLIGENCE + - COLLABORATION + - CUSTOMER_SERVICE + - DATABASES + - DEVOPS_IT + - CONTENT_AND_FILES + - FINANCE_AND_ACCOUNTING + - HUMAN_RESOURCES + - OPERATIONS + - PRODUCT_PROJECT_MANAGEMENT + - PRODUCTIVITY + - SALES_AND_MARKETING + - UNIVERSAL_CONNECTORS + - UTILITY + - OTHERS + updateTime: + format: google-datetime + description: Output only. Auto-generated + type: string + readOnly: true + tags: + description: >- + Required. Tags which are used to identify templates. These tags + could be for business use case, connectors etc. + items: + type: string + type: array + description: + description: >- + Optional. Description of the template. The length should not be more + than 255 characters type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - UNSPECIFIED - - GET - - APPEND - - SIZE - - SUM - - AVG - - MAX - - MIN - - TO_SET - - APPEND_ALL - - TO_JSON - - SET - - REMOVE - - REMOVE_AT - - CONTAINS - - FOR_EACH - - FILTER - EnterpriseCrmEventbusProtoBooleanArrayFunction: - id: EnterpriseCrmEventbusProtoBooleanArrayFunction - type: object - properties: - functionName: + sharedWith: + type: array + items: + type: string + description: >- + Required. Resource names with which the template is shared for + example ProjectNumber/Ord id + name: type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' + description: Identifier. Resource name of the template. + visibility: + description: Required. Visibility of the template. enum: - - UNSPECIFIED - - GET - - APPEND - - SIZE - - TO_SET - - APPEND_ALL - - TO_JSON - - SET - - REMOVE - - REMOVE_AT - - CONTAINS - - FOR_EACH - - FILTER - EnterpriseCrmEventbusProtoProtoArrayFunction: - id: EnterpriseCrmEventbusProtoProtoArrayFunction - type: object - properties: - functionName: - type: string + - VISIBILITY_UNSPECIFIED + - PRIVATE + - SHARED + - PUBLIC enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - UNSPECIFIED - - GET - - APPEND - - SIZE - - TO_SET - - APPEND_ALL - - TO_JSON - - SET - - REMOVE - - REMOVE_AT - - CONTAINS - - FOR_EACH - - FILTER - EnterpriseCrmEventbusProtoJsonFunction: - id: EnterpriseCrmEventbusProtoJsonFunction - type: object - properties: - functionName: + - Visibility is unspecified + - Visibility is private + - Visibility is shared + - Visibility is public type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - UNSPECIFIED - - GET_PROPERTY - - GET_ELEMENT - - APPEND_ELEMENT - - SIZE - - SET_PROPERTY - - FLATTEN - - FLATTEN_ONCE - - MERGE - - TO_STRING - - TO_INT - - TO_DOUBLE - - TO_BOOLEAN - - TO_PROTO - - TO_STRING_ARRAY - - TO_INT_ARRAY - - TO_DOUBLE_ARRAY - - TO_PROTO_ARRAY - - TO_BOOLEAN_ARRAY - - REMOVE_PROPERTY - - RESOLVE_TEMPLATE - - EQUALS - - FOR_EACH - - FILTER_ELEMENTS - EnterpriseCrmEventbusProtoLoopMetadata: - id: EnterpriseCrmEventbusProtoLoopMetadata + author: + description: Optional. Creator of the template. + type: string + displayName: + type: string + description: Required. The name of the template + usageCount: + description: Optional. Number of template usages. + format: int64 + type: string + createTime: + format: google-datetime + type: string + description: Output only. Auto-generated. + readOnly: true type: object + id: GoogleCloudIntegrationsV1alphaTemplate + GoogleCloudIntegrationsV1alphaSfdcChannel: + description: The SfdcChannel that points to a CDC or Platform Event Channel. properties: - currentIterationCount: - description: Starting from 1, not 0. + isActive: + description: >- + Output only. Indicated if a channel has any active integrations + referencing it. Set to false when the channel is created, and set to + true if there is any integration published with the channel + configured in it. + type: boolean + readOnly: true + deleteTime: + description: >- + Output only. Time when the channel was deleted. Empty if not + deleted. type: string - format: int64 - currentIterationDetail: + readOnly: true + format: google-datetime + description: + description: Optional. The description for this channel + type: string + updateTime: + description: Output only. Time when the channel was last updated + format: google-datetime + type: string + readOnly: true + channelTopic: description: >- - Needs to be set by the loop impl class before each iteration. The - abstract loop class will append the request and response to it. Eg. - The foreach Loop will clean up and set it as the current iteration - element at the start of each loop. The post request and response - will be appended to the value once they are available. + Required. The Channel topic defined by salesforce once an channel is + opened type: string - errorMsg: - description: Add the error message when loops fail. + lastReplayId: + readOnly: true + type: string + description: Output only. Last sfdc messsage replay id for channel + displayName: + type: string + description: >- + Optional. Client level unique name/alias to easily reference a + channel. + name: + type: string + description: >- + Resource name of the SFDC channel + projects/{project}/locations/{location}/sfdcInstances/{sfdc_instance}/sfdcChannels/{sfdc_channel}. + createTime: + type: string + description: Output only. Time when the channel is created + readOnly: true + format: google-datetime + type: object + id: GoogleCloudIntegrationsV1alphaSfdcChannel + GoogleCloudIntegrationsV1alphaCreateAppsScriptProjectResponse: + description: Response for CreateAppsScriptProject rpc call. + id: GoogleCloudIntegrationsV1alphaCreateAppsScriptProjectResponse + properties: + projectId: type: string - failureLocation: - description: Indicates where in the loop logic did it error out. + description: The created AppsScriptProject ID. + type: object + GoogleCloudIntegrationsV1alphaGenerateOpenApiSpecResponse: + properties: + openApiSpec: + description: Open API spec as per the required format type: string - enumDescriptions: - - No error or Unknown. - - Subworkflow failed while firing/running. - - Param overrides failed. - - Param aggregation failed. - - Setting for loop current element failed. - - Getting the list to iterate. - - Evaluating the while loop condition. - - Building the iteration request - enum: - - UNKNOWN - - SUBWORKFLOW - - PARAM_OVERRIDING - - PARAM_AGGREGATING - - SETTING_ITERATION_ELEMENT - - GETTING_LIST_TO_ITERATE - - CONDITION_EVALUATION - - BUILDING_REQUEST - EnterpriseCrmEventbusProtoParameterMap: - id: EnterpriseCrmEventbusProtoParameterMap - description: >- - A generic multi-map that holds key value pairs. They keys and values can - be of any type, unless specified. + type: object + description: Response of the GenerateOpenApiSpec API. + id: GoogleCloudIntegrationsV1alphaGenerateOpenApiSpecResponse + GoogleCloudIntegrationsV1alphaUploadTestCaseResponse: + id: GoogleCloudIntegrationsV1alphaUploadTestCaseResponse + description: Response for UploadTestCase. + type: object + properties: + testCase: + description: The uploaded TestCase + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestCase' + EnterpriseCrmFrontendsEventbusProtoParameterMap: type: object properties: - entries: - type: array - items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterMapEntry' keyType: - description: >- - Option to specify key value type for all entries of the map. If - provided then field types for all entries must conform to this. type: string enumDescriptions: - '' @@ -9627,8 +9470,253 @@ components: - BYTES_ARRAY - NON_SERIALIZABLE_OBJECT - JSON_VALUE + description: >- + Option to specify key value type for all entries of the map. If + provided then field types for all entries must conform to this. + entries: + type: array + items: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterMapEntry valueType: + enum: + - DATA_TYPE_UNSPECIFIED + - STRING_VALUE + - INT_VALUE + - DOUBLE_VALUE + - BOOLEAN_VALUE + - PROTO_VALUE + - SERIALIZED_OBJECT_VALUE + - STRING_ARRAY + - INT_ARRAY + - DOUBLE_ARRAY + - PROTO_ARRAY + - PROTO_ENUM + - BOOLEAN_ARRAY + - PROTO_ENUM_ARRAY + - BYTES + - BYTES_ARRAY + - NON_SERIALIZABLE_OBJECT + - JSON_VALUE + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - >- + BYTES and BYTES_ARRAY data types are not allowed for top-level + params. They're only meant to support protobufs with BYTES + (sub)fields. + - '' + - '' + - '' + type: string + id: EnterpriseCrmFrontendsEventbusProtoParameterMap + description: >- + A generic multi-map that holds key value pairs. They keys and values can + be of any type, unless specified. + GoogleCloudIntegrationsV1alphaResolveSuspensionRequest: + id: GoogleCloudIntegrationsV1alphaResolveSuspensionRequest + description: Request for [Suspensions.ResolveSuspensions]. + properties: + suspension: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSuspension' + description: >- + Suspension, containing the event_execution_info_id, task_id, and + state to set on the corresponding suspension record. + type: object + GoogleCloudIntegrationsV1alphaCreateAppsScriptProjectRequest: + id: GoogleCloudIntegrationsV1alphaCreateAppsScriptProjectRequest + description: Request for CreateAppsScriptProject rpc call. + type: object + properties: + authConfigId: + type: string + description: >- + The auth config id necessary to fetch the necessary credentials to + create the project for external clients + appsScriptProject: + description: The name of the Apps Script project to be created. + type: string + EnterpriseCrmEventbusProtoCoordinate: + description: Represents two-dimensional positions. + id: EnterpriseCrmEventbusProtoCoordinate + type: object + properties: + x: + type: integer + format: int32 + 'y': + type: integer + format: int32 + EnterpriseCrmEventbusProtoConditionResult: + type: object + properties: + currentTaskNumber: + type: string + description: the current task number. + result: + type: boolean + description: >- + the result comes out after evaluate the combined condition. True if + there's no combined condition specified. + nextTaskNumber: + type: string + description: the next task number. + description: Contains the combined condition calculation results. + id: EnterpriseCrmEventbusProtoConditionResult + EnterpriseCrmEventbusProtoNotification: + properties: + emailAddress: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoAddress' + buganizerNotification: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoBuganizerNotification' + pubsubTopic: + type: string + request: + $ref: >- + #/components/schemas/EnterpriseCrmEventbusProtoCustomSuspensionRequest + description: >- + If the out-of-the-box email/pubsub notifications are not suitable + and custom logic is required, fire a workflow containing all info + needed to notify users to resume execution. + escalatorQueue: + type: string + type: object + id: EnterpriseCrmEventbusProtoNotification + GoogleCloudIntegrationsV1alphaSearchIntegrationsResponse: + id: GoogleCloudIntegrationsV1alphaSearchIntegrationsResponse + type: object + properties: + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + integrations: + items: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaSearchIntegrationsResponseIntegrationSearchResult + description: The list of integrations that match the search criteria. + type: array + description: Response for SearchIntegrations. + GoogleCloudConnectorsV1DestinationConfig: + id: GoogleCloudConnectorsV1DestinationConfig + description: Define the Connectors target endpoint. + type: object + properties: + destinations: + type: array + description: The destinations for the key. + items: + $ref: '#/components/schemas/GoogleCloudConnectorsV1Destination' + key: + description: >- + The key is the destination identifier that is supported by the + Connector. + type: string + EnterpriseCrmEventbusProtoNextTask: + type: object + id: EnterpriseCrmEventbusProtoNextTask + properties: + combinedConditions: + type: array + items: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoCombinedCondition' + deprecated: true + description: >- + Combined condition for this task to become an eligible next task. + Each of these combined_conditions are joined with logical OR. + DEPRECATED: use `condition` + condition: + type: string + description: >- + Standard filter expression for this task to become an eligible next + task. + label: + type: string + description: User-provided label that is attached to this edge in the UI. + taskNumber: + description: Task number of the next task. + type: string + description: + description: >- + User-provided description intended to give more business context + about the next task edge or condition. + type: string + taskConfigId: + description: ID of the next task. + type: string + description: >- + The task that is next in line to be executed, if the condition specified + evaluated to true. + EnterpriseCrmFrontendsEventbusProtoParameterMapField: + properties: + literalValue: + $ref: >- + #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterValueType + description: Passing a literal value. + referenceKey: + description: Referencing one of the WF variables. + type: string + description: Field represents either the key or value in an entry. + type: object + id: EnterpriseCrmFrontendsEventbusProtoParameterMapField + EnterpriseCrmEventbusProtoTeardownTaskConfig: + type: object + id: EnterpriseCrmEventbusProtoTeardownTaskConfig + properties: + parameters: + description: The parameters the user can pass to this task. + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoEventParameters' + teardownTaskImplementationClassName: + type: string + description: Required. Implementation class name. + name: + type: string + description: >- + Required. Unique identifier of the teardown task within this Config. + We use this field as the identifier to find next teardown tasks. + properties: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoEventBusProperties' + nextTeardownTask: + $ref: '#/components/schemas/EnterpriseCrmEventbusProtoNextTeardownTask' + creatorEmail: type: string + description: The creator's email address. + EnterpriseCrmEventbusProtoDoubleFunction: + type: object + properties: + functionName: + type: string + enum: + - UNSPECIFIED + - TO_JSON + - TO_STRING + - ADD + - SUBTRACT + - MULTIPLY + - DIVIDE + - EXPONENT + - ROUND + - FLOOR + - CEIL + - GREATER_THAN + - LESS_THAN + - EQUALS + - GREATER_THAN_EQUALS + - LESS_THAN_EQUALS + - MOD enumDescriptions: - '' - '' @@ -9644,253 +9732,188 @@ components: - '' - '' - '' - - >- - BYTES and BYTES_ARRAY data types are not allowed for top-level - params. They're only meant to support protobufs with BYTES - (sub)fields. - '' - '' - '' - enum: - - DATA_TYPE_UNSPECIFIED - - STRING_VALUE - - INT_VALUE - - DOUBLE_VALUE - - BOOLEAN_VALUE - - PROTO_VALUE - - SERIALIZED_OBJECT_VALUE - - STRING_ARRAY - - INT_ARRAY - - DOUBLE_ARRAY - - PROTO_ARRAY - - PROTO_ENUM - - BOOLEAN_ARRAY - - PROTO_ENUM_ARRAY - - BYTES - - BYTES_ARRAY - - NON_SERIALIZABLE_OBJECT - - JSON_VALUE - EnterpriseCrmEventbusProtoParameterMapEntry: - id: EnterpriseCrmEventbusProtoParameterMapEntry - description: Entry is a pair of key and value. - type: object - properties: - key: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterMapField' - value: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterMapField' - EnterpriseCrmEventbusProtoParameterMapField: - id: EnterpriseCrmEventbusProtoParameterMapField - description: Field represents either the key or value in an entry. - type: object + id: EnterpriseCrmEventbusProtoDoubleFunction + GoogleCloudIntegrationsV1alphaSfdcInstance: + id: GoogleCloudIntegrationsV1alphaSfdcInstance properties: - referenceKey: - description: Referencing one of the WF variables. + serviceAuthority: + description: >- + Optional. URL used for API calls after authentication (the login + authority is configured within the referenced AuthConfig). type: string - literalValue: - description: Passing a literal value. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterValueType' - EnterpriseCrmEventbusProtoScatterResponse: - id: EnterpriseCrmEventbusProtoScatterResponse - type: object - properties: - scatterElement: - description: The element that was scattered for this execution. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterValueType' - executionIds: - description: The execution ids of each Subworkflow fired by this scatter. + sfdcOrgId: + description: The SFDC Org Id. This is defined in salesforce. + type: string + authConfigId: + description: A list of AuthConfigs that can be tried to open the channel to SFDC type: array items: type: string - isSuccessful: - description: >- - If execution is sync, this is true if the execution passed and false - if it failed. If the execution is async, this is true if the WF was - fired off successfully, and false if it failed to execute. The - success or failure of the subworkflows executed are not captured. - type: boolean - responseParams: - description: >- - A list of all the response parameters in the aggregtorMap stored - with the remapped key. - type: array - items: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoParameterEntry' - errorMsg: - description: The error message of the failure if applicable. - type: string - EnterpriseCrmEventbusProtoSuspensionResolutionInfo: - id: EnterpriseCrmEventbusProtoSuspensionResolutionInfo - type: object - properties: - suspensionId: - description: Primary key for the SuspensionResolutionInfoTable. - type: string - eventExecutionInfoId: - description: Required. ID of the associated execution. - type: string - taskNumber: - description: Required. Task number of the associated SuspensionTask. - type: string - status: - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - enum: - - PENDING_UNSPECIFIED - - REJECTED - - LIFTED - - CANCELED - audit: - $ref: >- - #/components/schemas/EnterpriseCrmEventbusProtoSuspensionResolutionInfoAudit - createdTimestamp: - description: Auto-generated. - type: string + createTime: format: google-datetime - lastModifiedTimestamp: - description: Auto-generated. type: string - format: google-datetime - suspensionConfig: - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoSuspensionConfig' - workflowName: - description: Required. The name of the originating workflow. + readOnly: true + description: Output only. Time when the instance is created + deleteTime: type: string - externalTraffic: - description: The origin of the suspension for periodic notifications. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoExternalTraffic' - product: description: >- - Which Google product the suspension belongs to. If not set, the - suspension belongs to Integration Platform by default. + Output only. Time when the instance was deleted. Empty if not + deleted. + format: google-datetime + readOnly: true + displayName: + description: >- + Optional. User selected unique name/alias to easily reference an + instance. type: string - enumDescriptions: - - '' - - '' - - '' - - '' - enum: - - UNSPECIFIED_PRODUCT - - IP - - APIGEE - - SECURITY - cloudKmsConfig: - description: KMS info, used by cmek/gmek integration - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoCloudKmsConfig' - encryptedSuspensionResolutionInfo: - description: Encrypted SuspensionResolutionInfo + updateTime: + description: Output only. Time when the instance was last updated type: string - format: byte - wrappedDek: - description: Wrapped dek + readOnly: true + format: google-datetime + description: type: string - format: byte - clientId: - description: The event data user sends as request. + description: Optional. A description of the sfdc instance. + name: type: string - EnterpriseCrmEventbusProtoSuspensionResolutionInfoAudit: - id: EnterpriseCrmEventbusProtoSuspensionResolutionInfoAudit + description: >- + Resource name of the SFDC instance + projects/{project}/locations/{location}/sfdcInstances/{sfdcInstance}. + description: >- + The SfdcInstance resource use to hold channels and connection config + data. + type: object + EnterpriseCrmEventbusProtoFailurePolicy: + description: >- + Policy that defines the task retry logic and failure type. If no + FailurePolicy is defined for a task, all its dependent tasks will not be + executed (i.e, a `retry_strategy` of NONE will be applied). + id: EnterpriseCrmEventbusProtoFailurePolicy type: object properties: - timestamp: - type: string - format: google-datetime - resolvedBy: + maxNumRetries: + description: >- + Required if retry_strategy is FIXED_INTERVAL or + LINEAR/EXPONENTIAL_BACKOFF/RESTART_WORKFLOW_WITH_BACKOFF. Defines + the number of times the task will be retried if failed. + format: int32 + type: integer + retryCondition: + description: >- + Optional. The retry condition that will be evaluated for this + failure policy with the corresponding retry strategy. type: string - resolvedByCpi: + intervalInSeconds: + description: >- + Required if retry_strategy is FIXED_INTERVAL or + LINEAR/EXPONENTIAL_BACKOFF/RESTART_WORKFLOW_WITH_BACKOFF. Defines + the initial interval for backoff. type: string - EnterpriseCrmEventbusProtoExternalTraffic: - id: EnterpriseCrmEventbusProtoExternalTraffic - description: Represents external traffic type and id. - type: object - properties: - source: + format: int64 + retryStrategy: + enum: + - UNSPECIFIED + - IGNORE + - NONE + - FATAL + - FIXED_INTERVAL + - LINEAR_BACKOFF + - EXPONENTIAL_BACKOFF + - RESTART_WORKFLOW_WITH_BACKOFF type: string enumDescriptions: - '' - - '' - - '' - enum: - - SOURCE_UNSPECIFIED - - APIGEE - - SECURITY - gcpProjectId: - description: User’s GCP project id the traffic is referring to. - type: string - gcpProjectNumber: - description: User’s GCP project number the traffic is referring to. - type: string - location: - description: Location for the user's request. - type: string - retryRequestForQuota: - description: Enqueue the execution request due to quota issue - type: boolean - enableInternalIp: - description: >- - Indicates the client enables internal IP feature, this is applicable - for internal clients only. - type: boolean - EnterpriseCrmEventbusProtoCloudKmsConfig: - id: EnterpriseCrmEventbusProtoCloudKmsConfig + - >- + Ignores the failure of this task. The rest of the workflow will be + executed Assuming this task succeeded. + - >- + Causes a permanent failure of the task. However, if the last + task(s) of event was successfully completed despite the failure of + this task, it has no impact on the workflow. + - >- + Causes a permanent failure of the event. It is different from NONE + because this will mark the event as FAILED by shutting down the + event execution. + - >- + The task will be retried from the failed task onwards after a + fixed delay. A max-retry count is required to be specified with + this strategy. A jitter is added to each exponential interval so + that concurrently failing tasks of the same type do not end up + retrying after the exact same exponential interval. + Max_num_retries and interval_in_seconds must be specified. + - >- + The task will be retried from the failed task onwards after a + fixed delay that linearly increases with each retry attempt. A + jitter is added to each exponential interval so that concurrently + failing tasks of the same type do not end up retrying after the + exact same exponential interval. A max-retry count is required to + be specified with this strategy. Max_num_retries and + interval_in_seconds must be specified. + - >- + The task will be retried after an exponentially increasing period + of time with each failure. A jitter is added to each exponential + interval so that concurrently failing tasks of the same type do + not end up retrying after the exact same exponential interval. A + max-retry count is required to be specified with this strategy. + `max_num_retries` and `interval_in_seconds` must be specified. + - >- + The entire workflow will be restarted with the initial parameters + that were set when the event was fired. A max-retry count is + required to be specified with this strategy. `max_num_retries` and + `interval_in_seconds` must be specified. + description: Defines what happens to the task upon failure. + GoogleCloudConnectorsV1EventingRuntimeDataWebhookData: type: object properties: - locationName: - description: Location name of the key ring, e.g. "us-west1". - type: string - keyRingName: - description: >- - A key ring organizes keys in a specific Google Cloud location and - allows you to manage access control on groups of keys. A key ring's - name does not need to be unique across a Google Cloud project, but - must be unique within a given location. + additionalVariables: + readOnly: true + description: Output only. Additional webhook related field values. + type: array + items: + $ref: '#/components/schemas/GoogleCloudConnectorsV1ConfigVariable' + updateTime: + description: Output only. Timestamp when the webhook was last updated. + readOnly: true type: string - keyName: - description: >- - A Cloud KMS key is a named object containing one or more key - versions, along with metadata for the key. A key exists on exactly - one key ring tied to a specific location. + format: google-datetime + nextRefreshTime: type: string - keyVersionName: description: >- - Optional. Each version of a key contains key material used for - encryption or signing. A key's version is represented by an integer, - starting at 1. To decrypt data or verify a signature, you must use - the same key version that was used to encrypt or sign the data. + Output only. Next webhook refresh time. Will be null if refresh is + not supported. + format: google-datetime + readOnly: true + id: + description: Output only. ID to uniquely identify webhook. type: string - gcpProjectId: - description: >- - Optional. The id of GCP project where the KMS key is stored. If not - provided, assume the key is stored in the same GCP project defined - in Client (tag 14). + readOnly: true + name: + readOnly: true type: string - serviceAccount: - description: >- - Optional. The service account used for authentication of this KMS - key. If this is not provided, the service account in - Client.clientSource will be used. + description: Output only. Name of the Webhook + createTime: type: string - EnterpriseCrmFrontendsEventbusProtoParameterMap: - id: EnterpriseCrmFrontendsEventbusProtoParameterMap - description: >- - A generic multi-map that holds key value pairs. They keys and values can - be of any type, unless specified. + format: google-datetime + readOnly: true + description: Output only. Timestamp when the webhook was created. + description: WebhookData has details of webhook configuration. + id: GoogleCloudConnectorsV1EventingRuntimeDataWebhookData + GoogleCloudIntegrationsV1alphaToggleHttpRequest: + description: Request to enable/disable http call for a provisioned client type: object + id: GoogleCloudIntegrationsV1alphaToggleHttpRequest properties: - entries: - type: array - items: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterMapEntry - keyType: + enableHttpCall: description: >- - Option to specify key value type for all entries of the map. If - provided then field types for all entries must conform to this. - type: string + Required. REQUIRED: True if http call feature should be turned on + for this region + type: boolean + EnterpriseCrmEventbusProtoBaseFunction: + properties: + functionName: enumDescriptions: - '' - '' @@ -9901,162 +9924,148 @@ components: - '' - '' - '' - - '' - - '' - - '' - - '' - - '' - - >- - BYTES and BYTES_ARRAY data types are not allowed for top-level - params. They're only meant to support protobufs with BYTES - (sub)fields. - - '' - - '' - - '' + type: string enum: - - DATA_TYPE_UNSPECIFIED - - STRING_VALUE - - INT_VALUE - - DOUBLE_VALUE - - BOOLEAN_VALUE - - PROTO_VALUE - - SERIALIZED_OBJECT_VALUE - - STRING_ARRAY - - INT_ARRAY - - DOUBLE_ARRAY - - PROTO_ARRAY - - PROTO_ENUM - - BOOLEAN_ARRAY - - PROTO_ENUM_ARRAY - - BYTES - - BYTES_ARRAY - - NON_SERIALIZABLE_OBJECT - - JSON_VALUE - valueType: + - UNSPECIFIED + - NOW_IN_MILLIS + - INT_LIST + - ENVIRONMENT + - GET_EXECUTION_ID + - GET_INTEGRATION_NAME + - GET_REGION + - GET_UUID + - GET_PROJECT_ID + type: object + id: EnterpriseCrmEventbusProtoBaseFunction + GoogleCloudIntegrationsV1alphaAssertion: + id: GoogleCloudIntegrationsV1alphaAssertion + properties: + condition: + description: Optional. Standard filter expression for ASSERT_CONDITION to succeed + type: string + parameter: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaEventParameter' + description: >- + Optional. Key-value pair for ASSERT_EQUALS, ASSERT_NOT_EQUALS, + ASSERT_CONTAINS to succeed + assertionStrategy: type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - >- - BYTES and BYTES_ARRAY data types are not allowed for top-level - params. They're only meant to support protobufs with BYTES - (sub)fields. - - '' - - '' - - '' enum: - - DATA_TYPE_UNSPECIFIED - - STRING_VALUE - - INT_VALUE - - DOUBLE_VALUE - - BOOLEAN_VALUE - - PROTO_VALUE - - SERIALIZED_OBJECT_VALUE - - STRING_ARRAY - - INT_ARRAY - - DOUBLE_ARRAY - - PROTO_ARRAY - - PROTO_ENUM - - BOOLEAN_ARRAY - - PROTO_ENUM_ARRAY - - BYTES - - BYTES_ARRAY - - NON_SERIALIZABLE_OBJECT - - JSON_VALUE - EnterpriseCrmFrontendsEventbusProtoParameterMapEntry: - id: EnterpriseCrmFrontendsEventbusProtoParameterMapEntry - description: Entry is a pair of key and value. + - ASSERTION_STRATEGY_UNSPECIFIED + - ASSERT_SUCCESSFUL_EXECUTION + - ASSERT_FAILED_EXECUTION + - ASSERT_NO_EXECUTION + - ASSERT_EQUALS + - ASSERT_NOT_EQUALS + - ASSERT_CONTAINS + - ASSERT_CONDITION + description: Optional. The type of assertion to perform. + enumDescriptions: + - Unspecified Assertion strategy + - Test a successful execution + - Test a failed execution + - Test that the task was never executed + - Test the parameter selected is equal to the expected value + - Test the parameter selected is not equal to the expected value + - Test the parameter selected contains the configured value + - Test a specific condition + retryCount: + description: >- + Number of times given task should be retried in case of + ASSERT_FAILED_EXECUTION + type: integer + format: int32 type: object - properties: - key: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterMapField - value: - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterMapField - EnterpriseCrmFrontendsEventbusProtoParameterMapField: - id: EnterpriseCrmFrontendsEventbusProtoParameterMapField - description: Field represents either the key or value in an entry. + description: >- + An assertion which will check for a condition over task execution status + or an expression for task output variables + EnterpriseCrmEventbusProtoCloudKmsConfig: type: object properties: - referenceKey: - description: Referencing one of the WF variables. + keyName: + description: >- + A Cloud KMS key is a named object containing one or more key + versions, along with metadata for the key. A key exists on exactly + one key ring tied to a specific location. type: string - literalValue: - description: Passing a literal value. - $ref: >- - #/components/schemas/EnterpriseCrmFrontendsEventbusProtoParameterValueType - EnterpriseCrmEventbusProtoConnectorsGenericConnectorTaskConfig: - id: EnterpriseCrmEventbusProtoConnectorsGenericConnectorTaskConfig + serviceAccount: + description: >- + Optional. The service account used for authentication of this KMS + key. If this is not provided, the service account in + Client.clientSource will be used. + type: string + locationName: + type: string + description: Location name of the key ring, e.g. "us-west1". + gcpProjectId: + description: >- + Optional. The id of GCP project where the KMS key is stored. If not + provided, assume the key is stored in the same GCP project defined + in Client (tag 14). + type: string + keyVersionName: + type: string + description: >- + Optional. Each version of a key contains key material used for + encryption or signing. A key's version is represented by an integer, + starting at 1. To decrypt data or verify a signature, you must use + the same key version that was used to encrypt or sign the data. + keyRingName: + description: >- + A key ring organizes keys in a specific Google Cloud location and + allows you to manage access control on groups of keys. A key ring's + name does not need to be unique across a Google Cloud project, but + must be unique within a given location. + type: string + id: EnterpriseCrmEventbusProtoCloudKmsConfig + EnterpriseCrmEventbusProtoErrorDetail: + description: An error, warning, or information message associated with a workflow. type: object properties: - connection: - description: User-selected connection. - $ref: '#/components/schemas/EnterpriseCrmEventbusProtoConnectorsConnection' - operation: - description: Operation to perform using the configured connection. - type: string + taskNumber: + format: int32 + description: >- + The task try-number, in which, the error occurred. If zero, the + error happened at the event level. + type: integer + errorCode: + description: The associated error-code, which can be a common or internal code. + $ref: '#/components/schemas/CrmlogErrorCode' + severity: + description: 'The severity of the error: ERROR|WARN|INFO.' enumDescriptions: - '' - '' - '' - '' - - '' - - '' - - '' - - '' enum: - - OPERATION_UNSPECIFIED - - EXECUTE_ACTION - - LIST_ENTITIES - - GET_ENTITY - - CREATE_ENTITY - - UPDATE_ENTITY - - DELETE_ENTITY - - EXECUTE_QUERY - EnterpriseCrmEventbusProtoConnectorsConnection: - id: EnterpriseCrmEventbusProtoConnectorsConnection - type: object - properties: - connectionName: - description: >- - Connection name Format: - projects/{project}/locations/{location}/connections/{connection} - type: string - serviceName: - description: >- - Service name Format: - projects/{project}/locations/{location}/namespaces/{namespace}/services/{service} + - SEVERITY_UNSPECIFIED + - ERROR + - WARN + - INFO type: string - connectorVersion: - description: >- - Connector version Format: - projects/{project}/locations/{location}/providers/{provider}/connectors/{connector}/versions/{version} + errorMessage: type: string - host: description: >- - The name of the Hostname of the Service Directory service with TLS - if used. - type: string + The full text of the error message, including any parameters that + were thrown along with the exception. + id: EnterpriseCrmEventbusProtoErrorDetail parameters: - access_token: - description: OAuth access token. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: access_token + name: quotaUser schema: type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean alt: description: Data format for response. in: query @@ -10067,10 +10076,16 @@ components: - json - media - proto - callback: - description: JSONP + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: callback + name: uploadType + schema: + type: string + access_token: + description: OAuth access token. + in: query + name: access_token schema: type: string fields: @@ -10079,58 +10094,60 @@ components: name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: key + name: upload_protocol schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + _.xgafv: + description: V1 error format. in: query - name: oauth_token + name: $.xgafv schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: + enum: + - '1' + - '2' + key: description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: upload_protocol + name: key schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + callback: + description: JSONP in: query - name: uploadType + name: callback schema: type: string - _.xgafv: - description: V1 error format. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: $.xgafv + name: oauth_token schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: + callback: + id: google.integrations.callback + name: callback + title: Callback + methods: + callback_generate_token: + operation: + $ref: '#/paths/~1v1~1callback:generateToken/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] clientmetadata: id: google.integrations.clientmetadata name: clientmetadata @@ -10162,13 +10179,6 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clients_provision: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clients:provision/post - response: - mediaType: application/json - openAPIDocKey: '200' projects_locations_clients_provision_client_post_processor: operation: $ref: >- @@ -10183,31 +10193,31 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clients_change_config: + projects_locations_clients_replace: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clients:changeConfig/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clients:replace/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clients_switch: + projects_locations_clients_switch_variable_masking: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clients:switch/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clients:switchVariableMasking/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clients_replace: + projects_locations_clients_provision: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clients:replace/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clients:provision/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_clients_switch_variable_masking: + projects_locations_clients_change_config: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clients:switchVariableMasking/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clients:changeConfig/post response: mediaType: application/json openAPIDocKey: '200' @@ -10218,6 +10228,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + projects_locations_clients_switch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clients:switch/post + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: >- @@ -10246,374 +10263,282 @@ components: update: [] replace: [] delete: [] - apps_script_projects: - id: google.integrations.apps_script_projects - name: apps_script_projects - title: Apps_script_projects + connection_schema_metadata: + id: google.integrations.connection_schema_metadata + name: connection_schema_metadata + title: Connection_schema_metadata methods: - projects_locations_apps_script_projects_link: + projects_locations_connections_get_connection_schema_metadata: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appsScriptProjects:link/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1connectionSchemaMetadata/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_apps_script_projects_create: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/connection_schema_metadata/methods/projects_locations_connections_get_connection_schema_metadata + insert: [] + update: [] + replace: [] + delete: [] + connections: + id: google.integrations.connections + name: connections + title: Connections + methods: + projects_locations_connections_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appsScriptProjects/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.connections sqlVerbs: - select: [] - insert: + select: - $ref: >- - #/components/x-stackQL-resources/apps_script_projects/methods/projects_locations_apps_script_projects_create + #/components/x-stackQL-resources/connections/methods/projects_locations_connections_list + insert: [] update: [] replace: [] delete: [] - cloud_functions: - id: google.integrations.cloud_functions - name: cloud_functions - title: Cloud_functions + runtime_entity_schemas: + id: google.integrations.runtime_entity_schemas + name: runtime_entity_schemas + title: Runtime_entity_schemas methods: - projects_locations_products_cloud_functions_create: + projects_locations_connections_runtime_entity_schemas_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1cloudFunctions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1runtimeEntitySchemas/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_cloud_functions_create: + objectKey: $.runtimeEntitySchemas + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/runtime_entity_schemas/methods/projects_locations_connections_runtime_entity_schemas_list + insert: [] + update: [] + replace: [] + delete: [] + runtime_action_schemas: + id: google.integrations.runtime_action_schemas + name: runtime_action_schemas + title: Runtime_action_schemas + methods: + projects_locations_connections_runtime_action_schemas_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudFunctions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1runtimeActionSchemas/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.runtimeActionSchemas sqlVerbs: - select: [] - insert: - - $ref: >- - #/components/x-stackQL-resources/cloud_functions/methods/projects_locations_products_cloud_functions_create + select: - $ref: >- - #/components/x-stackQL-resources/cloud_functions/methods/projects_locations_cloud_functions_create + #/components/x-stackQL-resources/runtime_action_schemas/methods/projects_locations_connections_runtime_action_schemas_list + insert: [] update: [] replace: [] delete: [] - certificates: - id: google.integrations.certificates - name: certificates - title: Certificates + test_cases: + id: google.integrations.test_cases + name: test_cases + title: Test_cases methods: - projects_locations_products_certificates_list: + projects_locations_integrations_versions_test_cases_execute_test: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1certificates/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases~1{testCasesId}:executeTest/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.certificates - projects_locations_products_certificates_create: + projects_locations_integrations_versions_test_cases_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1certificates/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases~1{testCasesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_certificates_get: + projects_locations_integrations_versions_test_cases_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1certificates~1{certificatesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases~1{testCasesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_certificates_patch: + projects_locations_integrations_versions_test_cases_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1certificates~1{certificatesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases~1{testCasesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_certificates_delete: + projects_locations_integrations_versions_test_cases_download: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1certificates~1{certificatesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases~1{testCasesId}:download/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_certificates_list: + projects_locations_integrations_versions_test_cases_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificates/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.certificates - projects_locations_certificates_create: + projects_locations_integrations_versions_test_cases_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificates/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_certificates_get: + objectKey: $.testCases + projects_locations_integrations_versions_test_cases_takeover_edit_lock: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificates~1{certificatesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases~1{testCasesId}:takeoverEditLock/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_certificates_patch: + projects_locations_integrations_versions_test_cases_execute: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificates~1{certificatesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases:execute/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_certificates_delete: + projects_locations_integrations_versions_test_cases_upload: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificates~1{certificatesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases:upload/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/certificates/methods/projects_locations_products_certificates_get - - $ref: >- - #/components/x-stackQL-resources/certificates/methods/projects_locations_products_certificates_list - - $ref: >- - #/components/x-stackQL-resources/certificates/methods/projects_locations_certificates_get + #/components/x-stackQL-resources/test_cases/methods/projects_locations_integrations_versions_test_cases_get - $ref: >- - #/components/x-stackQL-resources/certificates/methods/projects_locations_certificates_list + #/components/x-stackQL-resources/test_cases/methods/projects_locations_integrations_versions_test_cases_list insert: - $ref: >- - #/components/x-stackQL-resources/certificates/methods/projects_locations_products_certificates_create - - $ref: >- - #/components/x-stackQL-resources/certificates/methods/projects_locations_certificates_create + #/components/x-stackQL-resources/test_cases/methods/projects_locations_integrations_versions_test_cases_create update: - $ref: >- - #/components/x-stackQL-resources/certificates/methods/projects_locations_products_certificates_patch - - $ref: >- - #/components/x-stackQL-resources/certificates/methods/projects_locations_certificates_patch + #/components/x-stackQL-resources/test_cases/methods/projects_locations_integrations_versions_test_cases_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/certificates/methods/projects_locations_products_certificates_delete - - $ref: >- - #/components/x-stackQL-resources/certificates/methods/projects_locations_certificates_delete - auth_configs: - id: google.integrations.auth_configs - name: auth_configs - title: Auth_configs + #/components/x-stackQL-resources/test_cases/methods/projects_locations_integrations_versions_test_cases_delete + versions: + id: google.integrations.versions + name: versions + title: Versions methods: - projects_locations_products_auth_configs_create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1authConfigs/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_products_auth_configs_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1authConfigs/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.authConfigs - projects_locations_products_auth_configs_patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1authConfigs~1{authConfigsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_products_auth_configs_delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1authConfigs~1{authConfigsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_products_auth_configs_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1authConfigs~1{authConfigsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_auth_configs_create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authConfigs/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_auth_configs_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authConfigs/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.authConfigs - projects_locations_auth_configs_patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authConfigs~1{authConfigsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_auth_configs_delete: + projects_locations_integrations_versions_upload: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authConfigs~1{authConfigsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions:upload/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_auth_configs_get: + projects_locations_integrations_versions_download_json_package: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authConfigs~1{authConfigsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}:downloadJsonPackage/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/auth_configs/methods/projects_locations_products_auth_configs_get - - $ref: >- - #/components/x-stackQL-resources/auth_configs/methods/projects_locations_products_auth_configs_list - - $ref: >- - #/components/x-stackQL-resources/auth_configs/methods/projects_locations_auth_configs_get - - $ref: >- - #/components/x-stackQL-resources/auth_configs/methods/projects_locations_auth_configs_list - insert: - - $ref: >- - #/components/x-stackQL-resources/auth_configs/methods/projects_locations_products_auth_configs_create - - $ref: >- - #/components/x-stackQL-resources/auth_configs/methods/projects_locations_auth_configs_create - update: - - $ref: >- - #/components/x-stackQL-resources/auth_configs/methods/projects_locations_products_auth_configs_patch - - $ref: >- - #/components/x-stackQL-resources/auth_configs/methods/projects_locations_auth_configs_patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/auth_configs/methods/projects_locations_products_auth_configs_delete - - $ref: >- - #/components/x-stackQL-resources/auth_configs/methods/projects_locations_auth_configs_delete - integrations: - id: google.integrations.integrations - name: integrations - title: Integrations - methods: - projects_locations_products_integrations_execute: + projects_locations_integrations_versions_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}:execute/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_integrations_schedule: + objectKey: $.integrationVersions + projects_locations_integrations_versions_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}:schedule/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_integrations_test: + projects_locations_integrations_versions_test: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}:test/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}:test/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_integrations_list: + projects_locations_integrations_versions_unpublish: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}:unpublish/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.integrations - projects_locations_integrations_execute: + projects_locations_integrations_versions_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}:execute/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_schedule: + projects_locations_integrations_versions_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}:schedule/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_test: + projects_locations_integrations_versions_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}:test/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_list: + projects_locations_integrations_versions_publish: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}:publish/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.integrations - projects_locations_integrations_search: + projects_locations_integrations_versions_download: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations:search/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}:download/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_delete: + projects_locations_products_integrations_versions_upload: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1versions:upload/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/integrations/methods/projects_locations_products_integrations_list - - $ref: >- - #/components/x-stackQL-resources/integrations/methods/projects_locations_integrations_list - insert: [] - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/integrations/methods/projects_locations_integrations_delete - versions: - id: google.integrations.versions - name: versions - title: Versions - methods: - projects_locations_products_integrations_versions_list: + projects_locations_products_integrations_versions_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1versions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1versions~1{versionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.integrationVersions - projects_locations_products_integrations_versions_create: + projects_locations_products_integrations_versions_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1versions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1versions~1{versionsId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -10624,31 +10549,39 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_integrations_versions_get: + projects_locations_products_integrations_versions_publish: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1versions~1{versionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1versions~1{versionsId}:publish/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_integrations_versions_delete: + projects_locations_products_integrations_versions_unpublish: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1versions~1{versionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1versions~1{versionsId}:unpublish/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_integrations_versions_publish: + projects_locations_products_integrations_versions_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1versions~1{versionsId}:publish/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1versions/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_integrations_versions_upload: + objectKey: $.integrationVersions + projects_locations_products_integrations_versions_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1versions:upload/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1versions/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_products_integrations_versions_takeover_edit_lock: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1versions~1{versionsId}:takeoverEditLock/post response: mediaType: application/json openAPIDocKey: '200' @@ -10659,412 +10592,547 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_integrations_versions_takeover_edit_lock: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/versions/methods/projects_locations_products_integrations_versions_get + - $ref: >- + #/components/x-stackQL-resources/versions/methods/projects_locations_integrations_versions_get + - $ref: >- + #/components/x-stackQL-resources/versions/methods/projects_locations_products_integrations_versions_list + - $ref: >- + #/components/x-stackQL-resources/versions/methods/projects_locations_integrations_versions_list + insert: + - $ref: >- + #/components/x-stackQL-resources/versions/methods/projects_locations_products_integrations_versions_create + - $ref: >- + #/components/x-stackQL-resources/versions/methods/projects_locations_integrations_versions_create + update: + - $ref: >- + #/components/x-stackQL-resources/versions/methods/projects_locations_products_integrations_versions_patch + - $ref: >- + #/components/x-stackQL-resources/versions/methods/projects_locations_integrations_versions_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/versions/methods/projects_locations_products_integrations_versions_delete + - $ref: >- + #/components/x-stackQL-resources/versions/methods/projects_locations_integrations_versions_delete + executions: + id: google.integrations.executions + name: executions + title: Executions + methods: + projects_locations_integrations_executions_cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1versions~1{versionsId}:takeoverEditLock/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1executions~1{executionsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_integrations_versions_unpublish: + projects_locations_integrations_executions_download: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1versions~1{versionsId}:unpublish/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1executions~1{executionsId}:download/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_versions_list: + projects_locations_integrations_executions_replay: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1executions~1{executionsId}:replay/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.integrationVersions - projects_locations_integrations_versions_create: + projects_locations_integrations_executions_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1executions/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_versions_patch: + objectKey: $.executions + projects_locations_integrations_executions_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1executions~1{executionsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_versions_get: + projects_locations_products_integrations_executions_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1executions~1{executionsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_versions_delete: + projects_locations_products_integrations_executions_download: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1executions~1{executionsId}:download/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_versions_publish: + projects_locations_products_integrations_executions_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}:publish/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1executions/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_versions_upload: + objectKey: $.executions + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/executions/methods/projects_locations_products_integrations_executions_get + - $ref: >- + #/components/x-stackQL-resources/executions/methods/projects_locations_integrations_executions_get + - $ref: >- + #/components/x-stackQL-resources/executions/methods/projects_locations_products_integrations_executions_list + - $ref: >- + #/components/x-stackQL-resources/executions/methods/projects_locations_integrations_executions_list + insert: [] + update: [] + replace: [] + delete: [] + suspensions: + id: google.integrations.suspensions + name: suspensions + title: Suspensions + methods: + projects_locations_integrations_executions_suspensions_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions:upload/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1executions~1{executionsId}~1suspensions/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_versions_download: + objectKey: $.suspensions + projects_locations_integrations_executions_suspensions_lift: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}:download/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1executions~1{executionsId}~1suspensions~1{suspensionsId}:lift/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_versions_download_json_package: + projects_locations_integrations_executions_suspensions_resolve: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}:downloadJsonPackage/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1executions~1{executionsId}~1suspensions~1{suspensionsId}:resolve/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_versions_unpublish: + projects_locations_products_integrations_executions_suspensions_lift: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}:unpublish/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1executions~1{executionsId}~1suspensions~1{suspensionsId}:lift/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_products_integrations_executions_suspensions_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1executions~1{executionsId}~1suspensions/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.suspensions + projects_locations_products_integrations_executions_suspensions_resolve: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1executions~1{executionsId}~1suspensions~1{suspensionsId}:resolve/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/versions/methods/projects_locations_products_integrations_versions_get - - $ref: >- - #/components/x-stackQL-resources/versions/methods/projects_locations_products_integrations_versions_list - - $ref: >- - #/components/x-stackQL-resources/versions/methods/projects_locations_integrations_versions_get - - $ref: >- - #/components/x-stackQL-resources/versions/methods/projects_locations_integrations_versions_list - insert: - - $ref: >- - #/components/x-stackQL-resources/versions/methods/projects_locations_products_integrations_versions_create - - $ref: >- - #/components/x-stackQL-resources/versions/methods/projects_locations_integrations_versions_create - update: - - $ref: >- - #/components/x-stackQL-resources/versions/methods/projects_locations_products_integrations_versions_patch + #/components/x-stackQL-resources/suspensions/methods/projects_locations_products_integrations_executions_suspensions_list - $ref: >- - #/components/x-stackQL-resources/versions/methods/projects_locations_integrations_versions_patch + #/components/x-stackQL-resources/suspensions/methods/projects_locations_integrations_executions_suspensions_list + insert: [] + update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/versions/methods/projects_locations_products_integrations_versions_delete - - $ref: >- - #/components/x-stackQL-resources/versions/methods/projects_locations_integrations_versions_delete - executions: - id: google.integrations.executions - name: executions - title: Executions + delete: [] + integrations: + id: google.integrations.integrations + name: integrations + title: Integrations methods: - projects_locations_products_integrations_executions_list: + projects_locations_integrations_execute: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1executions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}:execute/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_integrations_test: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}:test/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_integrations_search: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations:search/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.executions - projects_locations_products_integrations_executions_get: + projects_locations_integrations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1executions~1{executionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_integrations_executions_download: + objectKey: $.integrations + projects_locations_integrations_schedule: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1executions~1{executionsId}:download/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}:schedule/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_executions_list: + projects_locations_integrations_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1executions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.executions - projects_locations_integrations_executions_get: + projects_locations_products_integrations_test: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1executions~1{executionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}:test/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_executions_cancel: + projects_locations_products_integrations_schedule: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1executions~1{executionsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}:schedule/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_executions_download: + projects_locations_products_integrations_execute: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1executions~1{executionsId}:download/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}:execute/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_executions_replay: + projects_locations_products_integrations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1executions~1{executionsId}:replay/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.integrations sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/executions/methods/projects_locations_products_integrations_executions_get - - $ref: >- - #/components/x-stackQL-resources/executions/methods/projects_locations_products_integrations_executions_list - - $ref: >- - #/components/x-stackQL-resources/executions/methods/projects_locations_integrations_executions_get + #/components/x-stackQL-resources/integrations/methods/projects_locations_products_integrations_list - $ref: >- - #/components/x-stackQL-resources/executions/methods/projects_locations_integrations_executions_list + #/components/x-stackQL-resources/integrations/methods/projects_locations_integrations_list insert: [] update: [] replace: [] - delete: [] - suspensions: - id: google.integrations.suspensions - name: suspensions - title: Suspensions + delete: + - $ref: >- + #/components/x-stackQL-resources/integrations/methods/projects_locations_integrations_delete + certificates: + id: google.integrations.certificates + name: certificates + title: Certificates methods: - projects_locations_products_integrations_executions_suspensions_resolve: + projects_locations_certificates_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1executions~1{executionsId}~1suspensions~1{suspensionsId}:resolve/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificates/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_integrations_executions_suspensions_list: + objectKey: $.certificates + projects_locations_certificates_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1executions~1{executionsId}~1suspensions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificates/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.suspensions - projects_locations_products_integrations_executions_suspensions_lift: + projects_locations_certificates_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1integrations~1{integrationsId}~1executions~1{executionsId}~1suspensions~1{suspensionsId}:lift/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificates~1{certificatesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_executions_suspensions_resolve: + projects_locations_certificates_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1executions~1{executionsId}~1suspensions~1{suspensionsId}:resolve/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificates~1{certificatesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_executions_suspensions_list: + projects_locations_certificates_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1executions~1{executionsId}~1suspensions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificates~1{certificatesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.suspensions - projects_locations_integrations_executions_suspensions_lift: + projects_locations_products_certificates_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1executions~1{executionsId}~1suspensions~1{suspensionsId}:lift/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1certificates/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.certificates + projects_locations_products_certificates_create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1certificates/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_products_certificates_delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1certificates~1{certificatesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_products_certificates_patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1certificates~1{certificatesId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_products_certificates_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1certificates~1{certificatesId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/suspensions/methods/projects_locations_products_integrations_executions_suspensions_list + #/components/x-stackQL-resources/certificates/methods/projects_locations_products_certificates_get - $ref: >- - #/components/x-stackQL-resources/suspensions/methods/projects_locations_integrations_executions_suspensions_list - insert: [] + #/components/x-stackQL-resources/certificates/methods/projects_locations_certificates_get + - $ref: >- + #/components/x-stackQL-resources/certificates/methods/projects_locations_products_certificates_list + - $ref: >- + #/components/x-stackQL-resources/certificates/methods/projects_locations_certificates_list + insert: + - $ref: >- + #/components/x-stackQL-resources/certificates/methods/projects_locations_products_certificates_create + - $ref: >- + #/components/x-stackQL-resources/certificates/methods/projects_locations_certificates_create + update: + - $ref: >- + #/components/x-stackQL-resources/certificates/methods/projects_locations_products_certificates_patch + - $ref: >- + #/components/x-stackQL-resources/certificates/methods/projects_locations_certificates_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/certificates/methods/projects_locations_products_certificates_delete + - $ref: >- + #/components/x-stackQL-resources/certificates/methods/projects_locations_certificates_delete + cloud_functions: + id: google.integrations.cloud_functions + name: cloud_functions + title: Cloud_functions + methods: + projects_locations_products_cloud_functions_create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1cloudFunctions/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_cloud_functions_create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudFunctions/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: + - $ref: >- + #/components/x-stackQL-resources/cloud_functions/methods/projects_locations_products_cloud_functions_create + - $ref: >- + #/components/x-stackQL-resources/cloud_functions/methods/projects_locations_cloud_functions_create update: [] replace: [] delete: [] - sfdc_instances: - id: google.integrations.sfdc_instances - name: sfdc_instances - title: Sfdc_instances + auth_configs: + id: google.integrations.auth_configs + name: auth_configs + title: Auth_configs methods: - projects_locations_products_sfdc_instances_create: + projects_locations_products_auth_configs_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1authConfigs~1{authConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_sfdc_instances_list: + projects_locations_products_auth_configs_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1authConfigs~1{authConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sfdcInstances - projects_locations_products_sfdc_instances_patch: + projects_locations_products_auth_configs_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances~1{sfdcInstancesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1authConfigs~1{authConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_sfdc_instances_delete: + projects_locations_products_auth_configs_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances~1{sfdcInstancesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1authConfigs/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_sfdc_instances_get: + objectKey: $.authConfigs + projects_locations_products_auth_configs_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances~1{sfdcInstancesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1authConfigs/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sfdc_instances_create: + projects_locations_auth_configs_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authConfigs~1{authConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sfdc_instances_list: + projects_locations_auth_configs_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authConfigs~1{authConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sfdcInstances - projects_locations_sfdc_instances_patch: + projects_locations_auth_configs_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances~1{sfdcInstancesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authConfigs~1{authConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sfdc_instances_delete: + projects_locations_auth_configs_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances~1{sfdcInstancesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authConfigs/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sfdc_instances_get: + projects_locations_auth_configs_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances~1{sfdcInstancesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authConfigs/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.authConfigs sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_products_sfdc_instances_get + #/components/x-stackQL-resources/auth_configs/methods/projects_locations_products_auth_configs_get - $ref: >- - #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_products_sfdc_instances_list + #/components/x-stackQL-resources/auth_configs/methods/projects_locations_products_auth_configs_list - $ref: >- - #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_sfdc_instances_get + #/components/x-stackQL-resources/auth_configs/methods/projects_locations_auth_configs_get - $ref: >- - #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_sfdc_instances_list + #/components/x-stackQL-resources/auth_configs/methods/projects_locations_auth_configs_list insert: - $ref: >- - #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_products_sfdc_instances_create + #/components/x-stackQL-resources/auth_configs/methods/projects_locations_products_auth_configs_create - $ref: >- - #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_sfdc_instances_create + #/components/x-stackQL-resources/auth_configs/methods/projects_locations_auth_configs_create update: - $ref: >- - #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_products_sfdc_instances_patch + #/components/x-stackQL-resources/auth_configs/methods/projects_locations_products_auth_configs_patch - $ref: >- - #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_sfdc_instances_patch + #/components/x-stackQL-resources/auth_configs/methods/projects_locations_auth_configs_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_products_sfdc_instances_delete + #/components/x-stackQL-resources/auth_configs/methods/projects_locations_products_auth_configs_delete - $ref: >- - #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_sfdc_instances_delete + #/components/x-stackQL-resources/auth_configs/methods/projects_locations_auth_configs_delete sfdc_channels: id: google.integrations.sfdc_channels name: sfdc_channels title: Sfdc_channels methods: - projects_locations_products_sfdc_instances_sfdc_channels_create: + projects_locations_products_sfdc_instances_sfdc_channels_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels~1{sfdcChannelsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_sfdc_instances_sfdc_channels_list: + projects_locations_products_sfdc_instances_sfdc_channels_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels~1{sfdcChannelsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sfdcChannels - projects_locations_products_sfdc_instances_sfdc_channels_patch: + projects_locations_products_sfdc_instances_sfdc_channels_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels~1{sfdcChannelsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels~1{sfdcChannelsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_sfdc_instances_sfdc_channels_delete: + projects_locations_products_sfdc_instances_sfdc_channels_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels~1{sfdcChannelsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_sfdc_instances_sfdc_channels_get: + objectKey: $.sfdcChannels + projects_locations_products_sfdc_instances_sfdc_channels_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels~1{sfdcChannelsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sfdc_instances_sfdc_channels_create: + projects_locations_sfdc_instances_sfdc_channels_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels~1{sfdcChannelsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sfdc_instances_sfdc_channels_list: + projects_locations_sfdc_instances_sfdc_channels_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels~1{sfdcChannelsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sfdcChannels projects_locations_sfdc_instances_sfdc_channels_patch: operation: $ref: >- @@ -11072,20 +11140,21 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sfdc_instances_sfdc_channels_delete: + projects_locations_sfdc_instances_sfdc_channels_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels~1{sfdcChannelsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_sfdc_instances_sfdc_channels_get: + projects_locations_sfdc_instances_sfdc_channels_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels~1{sfdcChannelsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances~1{sfdcInstancesId}~1sfdcChannels/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.sfdcChannels sqlVerbs: select: - $ref: >- @@ -11112,205 +11181,159 @@ components: #/components/x-stackQL-resources/sfdc_channels/methods/projects_locations_products_sfdc_instances_sfdc_channels_delete - $ref: >- #/components/x-stackQL-resources/sfdc_channels/methods/projects_locations_sfdc_instances_sfdc_channels_delete - connections: - id: google.integrations.connections - name: connections - title: Connections - methods: - projects_locations_connections_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.connections - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/connections/methods/projects_locations_connections_list - insert: [] - update: [] - replace: [] - delete: [] - connection_schema_metadata: - id: google.integrations.connection_schema_metadata - name: connection_schema_metadata - title: Connection_schema_metadata - methods: - projects_locations_connections_get_connection_schema_metadata: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1connectionSchemaMetadata/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/connection_schema_metadata/methods/projects_locations_connections_get_connection_schema_metadata - insert: [] - update: [] - replace: [] - delete: [] - runtime_entity_schemas: - id: google.integrations.runtime_entity_schemas - name: runtime_entity_schemas - title: Runtime_entity_schemas + sfdc_instances: + id: google.integrations.sfdc_instances + name: sfdc_instances + title: Sfdc_instances methods: - projects_locations_connections_runtime_entity_schemas_list: + projects_locations_products_sfdc_instances_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1runtimeEntitySchemas/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances~1{sfdcInstancesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.runtimeEntitySchemas - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/runtime_entity_schemas/methods/projects_locations_connections_runtime_entity_schemas_list - insert: [] - update: [] - replace: [] - delete: [] - runtime_action_schemas: - id: google.integrations.runtime_action_schemas - name: runtime_action_schemas - title: Runtime_action_schemas - methods: - projects_locations_connections_runtime_action_schemas_list: + projects_locations_products_sfdc_instances_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connections~1{connectionsId}~1runtimeActionSchemas/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances~1{sfdcInstancesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.runtimeActionSchemas - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/runtime_action_schemas/methods/projects_locations_connections_runtime_action_schemas_list - insert: [] - update: [] - replace: [] - delete: [] - test_cases: - id: google.integrations.test_cases - name: test_cases - title: Test_cases - methods: - projects_locations_integrations_versions_test_cases_create: + projects_locations_products_sfdc_instances_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances~1{sfdcInstancesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_versions_test_cases_list: + projects_locations_products_sfdc_instances_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.testCases - projects_locations_integrations_versions_test_cases_get: + objectKey: $.sfdcInstances + projects_locations_products_sfdc_instances_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases~1{testCasesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1sfdcInstances/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_versions_test_cases_patch: + projects_locations_sfdc_instances_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases~1{testCasesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_versions_test_cases_delete: + objectKey: $.sfdcInstances + projects_locations_sfdc_instances_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases~1{testCasesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_versions_test_cases_execute_test: + projects_locations_sfdc_instances_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases~1{testCasesId}:executeTest/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances~1{sfdcInstancesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_versions_test_cases_upload: + projects_locations_sfdc_instances_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases:upload/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances~1{sfdcInstancesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_versions_test_cases_download: + projects_locations_sfdc_instances_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases~1{testCasesId}:download/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sfdcInstances~1{sfdcInstancesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_versions_test_cases_takeover_edit_lock: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_products_sfdc_instances_get + - $ref: >- + #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_products_sfdc_instances_list + - $ref: >- + #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_sfdc_instances_get + - $ref: >- + #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_sfdc_instances_list + insert: + - $ref: >- + #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_products_sfdc_instances_create + - $ref: >- + #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_sfdc_instances_create + update: + - $ref: >- + #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_products_sfdc_instances_patch + - $ref: >- + #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_sfdc_instances_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_products_sfdc_instances_delete + - $ref: >- + #/components/x-stackQL-resources/sfdc_instances/methods/projects_locations_sfdc_instances_delete + apps_script_projects: + id: google.integrations.apps_script_projects + name: apps_script_projects + title: Apps_script_projects + methods: + projects_locations_apps_script_projects_link: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases~1{testCasesId}:takeoverEditLock/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appsScriptProjects:link/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_integrations_versions_test_cases_execute: + projects_locations_apps_script_projects_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1integrations~1{integrationsId}~1versions~1{versionsId}~1testCases:execute/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1appsScriptProjects/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/test_cases/methods/projects_locations_integrations_versions_test_cases_get - - $ref: >- - #/components/x-stackQL-resources/test_cases/methods/projects_locations_integrations_versions_test_cases_list + select: [] insert: - $ref: >- - #/components/x-stackQL-resources/test_cases/methods/projects_locations_integrations_versions_test_cases_create - update: - - $ref: >- - #/components/x-stackQL-resources/test_cases/methods/projects_locations_integrations_versions_test_cases_patch + #/components/x-stackQL-resources/apps_script_projects/methods/projects_locations_apps_script_projects_create + update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/test_cases/methods/projects_locations_integrations_versions_test_cases_delete + delete: [] templates: id: google.integrations.templates name: templates title: Templates methods: - projects_locations_templates_list: + projects_locations_templates_use: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates~1{templatesId}:use/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.templates - projects_locations_templates_create: + projects_locations_templates_import: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates~1{templatesId}:import/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_templates_get: + projects_locations_templates_search: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates~1{templatesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates:search/get response: mediaType: application/json openAPIDocKey: '200' @@ -11328,31 +11351,32 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_templates_search: + projects_locations_templates_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates:search/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates~1{templatesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_templates_use: + projects_locations_templates_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates~1{templatesId}:use/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_templates_import: + objectKey: $.templates + projects_locations_templates_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates~1{templatesId}:import/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_templates_share: + projects_locations_templates_download: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates~1{templatesId}:share/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates~1{templatesId}:download/get response: mediaType: application/json openAPIDocKey: '200' @@ -11363,17 +11387,17 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_templates_upload: + projects_locations_templates_share: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates:upload/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates~1{templatesId}:share/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_templates_download: + projects_locations_templates_upload: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates~1{templatesId}:download/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1templates:upload/post response: mediaType: application/json openAPIDocKey: '200' @@ -11410,37 +11434,62 @@ components: update: [] replace: [] delete: [] - callback: - id: google.integrations.callback - name: callback - title: Callback - methods: - callback_generate_token: - operation: - $ref: '#/paths/~1v1~1callback:generateToken/get' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] paths: - /v1/projects/{projectsId}/clientmetadata: + /v1/callback:generateToken: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/oauth_token' + get: + description: >- + Receives the auth code and auth config id to combine that with the + client id and secret to retrieve access tokens from the token endpoint. + Returns either a success or error message when it's done. + operationId: integrations.callback.generateToken + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaGenerateTokenResponse + parameters: + - in: query + name: code + schema: + type: string + - in: query + name: product + schema: + type: string + - in: query + name: gcpProjectId + schema: + type: string + - in: query + name: state + schema: + type: string + - in: query + name: redirectUri + schema: + type: string + /v1/projects/{projectsId}/clientmetadata: + parameters: *ref_1 get: description: Gets the metadata info for the requested client operationId: integrations.projects.getClientmetadata @@ -11529,17 +11578,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/appsScriptProjects:link: + /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/connectionSchemaMetadata: parameters: *ref_1 - post: - description: Links a existing Apps Script project. - operationId: integrations.projects.locations.appsScriptProjects.link - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaLinkAppsScriptProjectRequest + get: + description: Lists the available entities and actions associated with a Connection. + operationId: integrations.projects.locations.connections.getConnectionSchemaMetadata security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11552,7 +11595,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaLinkAppsScriptProjectResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaConnectionSchemaMetadata parameters: - in: path name: projectsId @@ -11564,17 +11607,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/appsScriptProjects: + - in: path + name: connectionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/connections: parameters: *ref_1 - post: - description: Creates an Apps Script project. - operationId: integrations.projects.locations.appsScriptProjects.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaCreateAppsScriptProjectRequest + get: + description: Lists Connections in a given project and location. + operationId: integrations.projects.locations.connections.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11587,7 +11629,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaCreateAppsScriptProjectResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaListConnectionsResponse parameters: - in: path name: projectsId @@ -11599,20 +11641,30 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clients:provision: + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/runtimeEntitySchemas: parameters: *ref_1 - post: + get: description: >- - Perform the provisioning steps to enable a user GCP project to use IP. - If GCP project already registered on IP end via Apigee Integration, - provisioning will fail. - operationId: integrations.projects.locations.clients.provision - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaProvisionClientRequest + Lists the JSON schemas for the properties of runtime entities, filtered + by entity name. + operationId: integrations.projects.locations.connections.runtimeEntitySchemas.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11624,7 +11676,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaListRuntimeEntitySchemasResponse parameters: - in: path name: projectsId @@ -11636,17 +11689,31 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clients:provisionClientPostProcessor: + - in: path + name: connectionsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/runtimeActionSchemas: parameters: *ref_1 - post: - description: Perform post provisioning steps after client is provisioned. - operationId: integrations.projects.locations.clients.provisionClientPostProcessor - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaProvisionClientPostProcessorRequest + get: + description: >- + Lists the JSON schemas for the inputs and outputs of actions, filtered + by action name. + operationId: integrations.projects.locations.connections.runtimeActionSchemas.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11659,7 +11726,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaProvisionClientPostProcessorResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaListRuntimeActionSchemasResponse parameters: - in: path name: projectsId @@ -11671,19 +11738,36 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clients:deprovision: + - in: path + name: connectionsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}/testCases/{testCasesId}:executeTest: parameters: *ref_1 post: - description: >- - Perform the deprovisioning steps to disable a user GCP project to use IP - and purge all related data in a wipeout-compliant way. - operationId: integrations.projects.locations.clients.deprovision + description: Executes functional test + operationId: >- + integrations.projects.locations.integrations.versions.testCases.executeTest requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaDeprovisionClientRequest + #/components/schemas/GoogleCloudIntegrationsV1alphaExecuteTestCaseRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11695,7 +11779,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaExecuteTestCaseResponse parameters: - in: path name: projectsId @@ -11707,54 +11792,26 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clients:changeConfig: - parameters: *ref_1 - post: - description: >- - Updates the client customer configuration for the given project and - location resource name - operationId: integrations.projects.locations.clients.changeConfig - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaChangeCustomerConfigRequest - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaChangeCustomerConfigResponse - parameters: - in: path - name: projectsId + name: integrationsId required: true schema: type: string - in: path - name: locationsId + name: versionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clients:switch: + - in: path + name: testCasesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}/testCases/{testCasesId}: parameters: *ref_1 - post: - description: Update client from GMEK to CMEK - operationId: integrations.projects.locations.clients.switch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaSwitchEncryptionRequest + delete: + description: Deletes a test case + operationId: integrations.projects.locations.integrations.versions.testCases.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11774,21 +11831,28 @@ paths: schema: type: string - in: path - name: locationsId + name: locationsId + required: true + schema: + type: string + - in: path + name: integrationsId + required: true + schema: + type: string + - in: path + name: versionsId + required: true + schema: + type: string + - in: path + name: testCasesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clients:replace: - parameters: *ref_1 - post: - description: Update run-as service account for provisioned client - operationId: integrations.projects.locations.clients.replace - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaReplaceServiceAccountRequest + get: + description: Get a test case + operationId: integrations.projects.locations.integrations.versions.testCases.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11800,7 +11864,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestCase' parameters: - in: path name: projectsId @@ -11812,17 +11876,29 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clients:switchVariableMasking: - parameters: *ref_1 - post: - description: Update variable masking for provisioned client - operationId: integrations.projects.locations.clients.switchVariableMasking + - in: path + name: integrationsId + required: true + schema: + type: string + - in: path + name: versionsId + required: true + schema: + type: string + - in: path + name: testCasesId + required: true + schema: + type: string + patch: + description: Updates a test case + operationId: integrations.projects.locations.integrations.versions.testCases.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaSwitchVariableMaskingRequest + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestCase' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11834,7 +11910,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestCase' parameters: - in: path name: projectsId @@ -11846,17 +11922,33 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clients:toggleHttp: + - in: path + name: integrationsId + required: true + schema: + type: string + - in: path + name: versionsId + required: true + schema: + type: string + - in: path + name: testCasesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}/testCases/{testCasesId}:download: parameters: *ref_1 - post: - description: Enable/Disable http call for provisioned client - operationId: integrations.projects.locations.clients.toggleHttp - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaToggleHttpRequest + get: + description: >- + Downloads a test case. Retrieves the `TestCase` for a given + `test_case_id` and returns the response as a string. + operationId: integrations.projects.locations.integrations.versions.testCases.download security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11868,7 +11960,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaDownloadTestCaseResponse parameters: - in: path name: projectsId @@ -11880,17 +11973,35 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/cloudFunctions: + - in: path + name: integrationsId + required: true + schema: + type: string + - in: path + name: versionsId + required: true + schema: + type: string + - in: path + name: testCasesId + required: true + schema: + type: string + - in: query + name: fileFormat + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}/testCases: parameters: *ref_1 post: - description: Creates a cloud function project. - operationId: integrations.projects.locations.products.cloudFunctions.create + description: Creates a new test case + operationId: integrations.projects.locations.integrations.versions.testCases.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaCreateCloudFunctionRequest + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestCase' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11902,8 +12013,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaCreateCloudFunctionResponse + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestCase' parameters: - in: path name: projectsId @@ -11916,17 +12026,22 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/certificates: - parameters: *ref_1 + - in: path + name: versionsId + required: true + schema: + type: string + - in: query + name: testCaseId + schema: + type: string get: - description: >- - List all the certificates that match the filter. Restrict to certificate - of current client only. - operationId: integrations.projects.locations.products.certificates.list + description: Lists all the test cases that satisfy the filters. + operationId: integrations.projects.locations.integrations.versions.testCases.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11939,7 +12054,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListCertificatesResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaListTestCasesResponse parameters: - in: path name: projectsId @@ -11952,39 +12067,49 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId + required: true + schema: + type: string + - in: path + name: versionsId required: true schema: type: string - in: query - name: pageSize + name: readMask schema: - type: integer - format: int32 + type: string + format: google-fieldmask - in: query name: pageToken schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 - in: query name: filter schema: type: string - in: query - name: readMask + name: orderBy schema: type: string - format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}/testCases/{testCasesId}:takeoverEditLock: + parameters: *ref_1 post: - description: >- - Creates a new certificate. The certificate will be registered to the - trawler service and will be encrypted using cloud KMS and stored in - Spanner Returns the certificate. - operationId: integrations.projects.locations.products.certificates.create + description: Clear the lock fields and assign them to current user + operationId: >- + integrations.projects.locations.integrations.versions.testCases.takeoverEditLock requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaTakeoverTestCaseEditLockRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11996,7 +12121,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestCase' parameters: - in: path name: projectsId @@ -12009,60 +12134,31 @@ paths: schema: type: string - in: path - name: productsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/certificates/{certificatesId}: - parameters: *ref_1 - get: - description: Get a certificates in the specified project. - operationId: integrations.projects.locations.products.certificates.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId + name: integrationsId required: true schema: type: string - in: path - name: productsId + name: versionsId required: true schema: type: string - in: path - name: certificatesId + name: testCasesId required: true schema: type: string - patch: - description: >- - Updates the certificate by id. If new certificate file is updated, it - will register with the trawler service, re-encrypt with cloud KMS and - update the Spanner record. Other fields will directly update the Spanner - record. Returns the Certificate. - operationId: integrations.projects.locations.products.certificates.patch + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}/testCases:execute: + parameters: *ref_1 + post: + description: Executes all test cases in an integration version. + operationId: integrations.projects.locations.integrations.versions.testCases.execute requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaExecuteTestCasesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12074,7 +12170,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaExecuteTestCasesResponse parameters: - in: path name: projectsId @@ -12087,23 +12184,30 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string - in: path - name: certificatesId + name: versionsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Delete a certificate - operationId: integrations.projects.locations.products.certificates.delete + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}/testCases:upload: + parameters: *ref_1 + post: + description: >- + Uploads a test case. The content can be a previously downloaded test + case. Performs the same function as CreateTestCase, but accepts input in + a string format, which holds the complete representation of the TestCase + content. + operationId: integrations.projects.locations.integrations.versions.testCases.upload + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaUploadTestCaseRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12115,7 +12219,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaUploadTestCaseResponse parameters: - in: path name: projectsId @@ -12128,29 +12233,31 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string - in: path - name: certificatesId + name: versionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/authConfigs: + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions:upload: parameters: *ref_1 post: description: >- - Creates an auth config record. Fetch corresponding credentials for - specific auth types, e.g. access token for OAuth 2.0, JWT token for JWT. - Encrypt the auth config with Cloud KMS and store the encrypted - credentials in Spanner. Returns the encrypted auth config. - operationId: integrations.projects.locations.products.authConfigs.create + Uploads an integration. The content can be a previously downloaded + integration. Performs the same function as + CreateDraftIntegrationVersion, but accepts input in a string format, + which holds the complete representation of the IntegrationVersion + content. + operationId: integrations.projects.locations.integrations.versions.upload requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaUploadIntegrationVersionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12162,7 +12269,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaUploadIntegrationVersionResponse parameters: - in: path name: projectsId @@ -12175,27 +12283,20 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string - - in: query - name: clientCertificate.sslCertificate - schema: - type: string - - in: query - name: clientCertificate.encryptedPrivateKey - schema: - type: string - - in: query - name: clientCertificate.passphrase - schema: - type: string + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}:downloadJsonPackage: + parameters: *ref_1 get: description: >- - Lists all auth configs that match the filter. Restrict to auth configs - belong to the current client only. - operationId: integrations.projects.locations.products.authConfigs.list + Downloads an Integration version package like + IntegrationVersion,Integration Config etc. Retrieves the + IntegrationVersion package for a given `integration_id` and returns the + response as a JSON. + operationId: >- + integrations.projects.locations.integrations.versions.downloadJsonPackage security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12208,7 +12309,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListAuthConfigsResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaDownloadJsonPackageResponse parameters: - in: path name: projectsId @@ -12221,43 +12322,24 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: versionsId + required: true schema: type: string - in: query - name: readMask + name: files schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/authConfigs/{authConfigsId}: + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions: parameters: *ref_1 - patch: - description: >- - Updates an auth config. If credential is updated, fetch the encrypted - auth config from Spanner, decrypt with Cloud KMS key, update the - credential fields, re-encrypt with Cloud KMS key and update the Spanner - record. For other fields, directly update the Spanner record. Returns - the encrypted auth config. - operationId: integrations.projects.locations.products.authConfigs.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' + get: + description: Returns the list of all integration versions in the specified project. + operationId: integrations.projects.locations.integrations.versions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12269,7 +12351,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaListIntegrationVersionsResponse parameters: - in: path name: projectsId @@ -12282,35 +12365,41 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string - - in: path - name: authConfigsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: updateMask + name: fieldMask schema: type: string format: google-fieldmask - in: query - name: clientCertificate.sslCertificate + name: orderBy schema: type: string - in: query - name: clientCertificate.encryptedPrivateKey + name: filter schema: type: string - in: query - name: clientCertificate.passphrase + name: pageToken schema: type: string - delete: - description: Deletes an auth config. - operationId: integrations.projects.locations.products.authConfigs.delete + post: + description: Create a integration with a draft version in the specified project. + operationId: integrations.projects.locations.integrations.versions.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12322,7 +12411,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion parameters: - in: path name: projectsId @@ -12335,21 +12425,29 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string - - in: path - name: authConfigsId - required: true + - in: query + name: createSampleIntegrations schema: - type: string - get: - description: >- - Gets a complete auth config. If the auth config doesn't exist, - Code.NOT_FOUND exception will be thrown. Returns the decrypted auth - config. - operationId: integrations.projects.locations.products.authConfigs.get + type: boolean + - in: query + name: newIntegration + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}:test: + parameters: *ref_1 + post: + description: Execute the integration in draft state + operationId: integrations.projects.locations.integrations.versions.test + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaTestIntegrationsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12361,7 +12459,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaTestIntegrationsResponse parameters: - in: path name: projectsId @@ -12374,33 +12473,31 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string - in: path - name: authConfigsId + name: versionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}:execute: + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}:unpublish: parameters: *ref_1 post: description: >- - Executes integrations synchronously by passing the trigger id in the - request body. The request is not returned until the requested executions - are either fulfilled or experienced an error. If the integration name is - not specified (passing `-`), all of the associated integration under the - given trigger_id will be executed. Otherwise only the specified - integration for the given `trigger_id` is executed. This is helpful for - execution the integration from UI. - operationId: integrations.projects.locations.products.integrations.execute + Sets the status of the ACTIVE integration to SNAPSHOT with a new tag + "PREVIOUSLY_PUBLISHED" after validating it. The "HEAD" and + "PUBLISH_REQUESTED" tags do not change. This RPC throws an exception if + the version being snapshot is not ACTIVE. Audit fields added include + action, action_by, action_timestamp. + operationId: integrations.projects.locations.integrations.versions.unpublish requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaExecuteIntegrationsRequest + #/components/schemas/GoogleCloudIntegrationsV1alphaUnpublishIntegrationVersionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12412,8 +12509,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaExecuteIntegrationsResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -12426,28 +12522,29 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string - in: path - name: integrationsId + name: versionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}:schedule: + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}: parameters: *ref_1 - post: + delete: description: >- - Schedules an integration for execution by passing the trigger id and the - scheduled time in the request body. - operationId: integrations.projects.locations.products.integrations.schedule - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaScheduleIntegrationsRequest + Soft-deletes the integration. Changes the status of the integration to + ARCHIVED. If the integration being ARCHIVED is tagged as "HEAD", the tag + is removed from this snapshot and set to the previous non-ARCHIVED + snapshot. The PUBLISH_REQUESTED, DUE_FOR_DELETION tags are removed too. + This RPC throws an exception if the version being deleted is DRAFT, and + if the `locked_by` user is not the same as the user performing the + Delete. Audit fields updated include last_modified_timestamp, + last_modified_by. Any existing lock is released when Deleting a + integration. Currently, there is no undelete mechanism. + operationId: integrations.projects.locations.integrations.versions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12459,8 +12556,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaScheduleIntegrationsResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -12473,26 +12569,24 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string - in: path - name: integrationsId + name: versionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}:test: - parameters: *ref_1 - post: - description: Execute the integration in draft state - operationId: integrations.projects.locations.products.integrations.test + patch: + description: Update a integration with a draft version in the specified project. + operationId: integrations.projects.locations.integrations.versions.patch requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaTestIntegrationsRequest + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12505,7 +12599,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaTestIntegrationsResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion parameters: - in: path name: projectsId @@ -12518,20 +12612,23 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string - in: path - name: integrationsId + name: versionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations: - parameters: *ref_1 + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: Returns the list of all integrations in the specified project. - operationId: integrations.projects.locations.products.integrations.list + description: Get a integration in the specified project. + operationId: integrations.projects.locations.integrations.versions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12544,7 +12641,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListIntegrationsResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion parameters: - in: path name: projectsId @@ -12557,32 +12654,32 @@ paths: schema: type: string - in: path - name: productsId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy + name: integrationsId + required: true schema: type: string - - in: query - name: filter + - in: path + name: versionsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/versions: + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}:publish: parameters: *ref_1 - get: - description: Returns the list of all integration versions in the specified project. - operationId: integrations.projects.locations.products.integrations.versions.list + post: + description: >- + This RPC throws an exception if the integration is in ARCHIVED or ACTIVE + state. This RPC throws an exception if the version being published is + DRAFT, and if the `locked_by` user is not the same as the user + performing the Publish. Audit fields updated include + last_published_timestamp, last_published_by, last_modified_timestamp, + last_modified_by. Any existing lock is on this integration is released. + operationId: integrations.projects.locations.integrations.versions.publish + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaPublishIntegrationVersionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12595,7 +12692,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListIntegrationVersionsResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaPublishIntegrationVersionResponse parameters: - in: path name: projectsId @@ -12608,46 +12705,22 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string - in: path - name: integrationsId + name: versionsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: fieldMask - schema: - type: string - format: google-fieldmask - post: - description: Create a integration with a draft version in the specified project. - operationId: integrations.projects.locations.products.integrations.versions.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}:download: + parameters: *ref_1 + get: + description: >- + Downloads an integration. Retrieves the `IntegrationVersion` for a given + `integration_id` and returns the response as a string. + operationId: integrations.projects.locations.integrations.versions.download security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12660,7 +12733,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + #/components/schemas/GoogleCloudIntegrationsV1alphaDownloadIntegrationVersionResponse parameters: - in: path name: projectsId @@ -12673,34 +12746,37 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string - in: path - name: integrationsId + name: versionsId required: true schema: type: string - in: query - name: newIntegration + name: files schema: - type: boolean + type: string - in: query - name: createSampleIntegrations + name: fileFormat schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/versions/{versionsId}: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/executions/{executionsId}:cancel: parameters: *ref_1 - patch: - description: Update a integration with a draft version in the specified project. - operationId: integrations.projects.locations.products.integrations.versions.patch + post: + description: >- + Cancellation of an execution and associated sub-executions. This will + not cancel an IN_PROCESS or completed(SUCCESSFUL, FAILED or CANCELLED) + executions. + operationId: integrations.projects.locations.integrations.executions.cancel requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + #/components/schemas/GoogleCloudIntegrationsV1alphaCancelExecutionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12713,7 +12789,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + #/components/schemas/GoogleCloudIntegrationsV1alphaCancelExecutionResponse parameters: - in: path name: projectsId @@ -12725,29 +12801,21 @@ paths: required: true schema: type: string - - in: path - name: productsId - required: true - schema: - type: string - in: path name: integrationsId required: true schema: type: string - in: path - name: versionsId + name: executionsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/executions/{executionsId}:download: + parameters: *ref_1 get: - description: Get a integration in the specified project. - operationId: integrations.projects.locations.products.integrations.versions.get + description: Download the execution. + operationId: integrations.projects.locations.integrations.executions.download security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12760,7 +12828,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + #/components/schemas/GoogleCloudIntegrationsV1alphaDownloadExecutionResponse parameters: - in: path name: projectsId @@ -12772,33 +12840,29 @@ paths: required: true schema: type: string - - in: path - name: productsId - required: true - schema: - type: string - in: path name: integrationsId required: true schema: type: string - in: path - name: versionsId + name: executionsId required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/executions/{executionsId}:replay: + parameters: *ref_1 + post: description: >- - Soft-deletes the integration. Changes the status of the integration to - ARCHIVED. If the integration being ARCHIVED is tagged as "HEAD", the tag - is removed from this snapshot and set to the previous non-ARCHIVED - snapshot. The PUBLISH_REQUESTED, DUE_FOR_DELETION tags are removed too. - This RPC throws an exception if the version being deleted is DRAFT, and - if the `locked_by` user is not the same as the user performing the - Delete. Audit fields updated include last_modified_timestamp, - last_modified_by. Any existing lock is released when Deleting a - integration. Currently, there is no undelete mechanism. - operationId: integrations.projects.locations.products.integrations.versions.delete + Re-execute an existing execution, with same request parameters and + execution strategy. + operationId: integrations.projects.locations.integrations.executions.replay + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaReplayExecutionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12810,7 +12874,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaReplayExecutionResponse parameters: - in: path name: projectsId @@ -12822,38 +12887,25 @@ paths: required: true schema: type: string - - in: path - name: productsId - required: true - schema: - type: string - in: path name: integrationsId required: true schema: type: string - in: path - name: versionsId + name: executionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/versions/{versionsId}:publish: + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/executions: parameters: *ref_1 - post: + get: description: >- - This RPC throws an exception if the integration is in ARCHIVED or ACTIVE - state. This RPC throws an exception if the version being published is - DRAFT, and if the `locked_by` user is not the same as the user - performing the Publish. Audit fields updated include - last_published_timestamp, last_published_by, last_modified_timestamp, - last_modified_by. Any existing lock is on this integration is released. - operationId: integrations.projects.locations.products.integrations.versions.publish - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaPublishIntegrationVersionRequest + Lists the results of all the integration executions. The response + includes the same information as the [execution + log](https://cloud.google.com/application-integration/docs/viewing-logs) + in the Integration UI. + operationId: integrations.projects.locations.integrations.executions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12866,7 +12918,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaPublishIntegrationVersionResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaListExecutionsResponse parameters: - in: path name: projectsId @@ -12878,37 +12930,100 @@ paths: required: true schema: type: string - - in: path - name: productsId - required: true + - in: path + name: integrationsId + required: true + schema: + type: string + - in: query + name: filterParams.eventStatuses + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filterParams.taskStatuses + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filterParams.parameterValue + schema: + type: string + - in: query + name: refreshAcl + schema: + type: boolean + - in: query + name: filterParams.customFilter + schema: + type: string + - in: query + name: filterParams.parameterType + schema: + type: string + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + - in: query + name: filterParams.endTime + schema: + type: string + format: int64 + - in: query + name: filterParams.parameterPairKey + schema: + type: string + - in: query + name: filterParams.executionId + schema: + type: string + - in: query + name: truncateParams + schema: + type: boolean + - in: query + name: filterParams.parameterKey + schema: + type: string + - in: query + name: filterParams.parameterPairValue schema: type: string - - in: path - name: integrationsId - required: true + - in: query + name: filterParams.workflowName schema: type: string - - in: path - name: versionsId - required: true + - in: query + name: snapshotMetadataWithoutParams + schema: + type: boolean + - in: query + name: filterParams.startTime schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/versions:upload: + format: int64 + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/executions/{executionsId}: parameters: *ref_1 - post: - description: >- - Uploads an integration. The content can be a previously downloaded - integration. Performs the same function as - CreateDraftIntegrationVersion, but accepts input in a string format, - which holds the complete representation of the IntegrationVersion - content. - operationId: integrations.projects.locations.products.integrations.versions.upload - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaUploadIntegrationVersionRequest + get: + description: Get an execution in the specified project. + operationId: integrations.projects.locations.integrations.executions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12920,8 +13035,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaUploadIntegrationVersionResponse + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaExecution' parameters: - in: path name: projectsId @@ -12934,22 +13048,23 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string - in: path - name: integrationsId + name: executionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/versions/{versionsId}:download: + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/executions/{executionsId}/suspensions: parameters: *ref_1 get: description: >- - Downloads an integration. Retrieves the `IntegrationVersion` for a given - `integration_id` and returns the response as a string. - operationId: integrations.projects.locations.products.integrations.versions.download + * Lists suspensions associated with a specific execution. Only those + with permissions to resolve the relevant suspensions will be able to + view them. + operationId: integrations.projects.locations.integrations.executions.suspensions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12962,7 +13077,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaDownloadIntegrationVersionResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaListSuspensionsResponse parameters: - in: path name: projectsId @@ -12975,52 +13090,46 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string - in: path - name: integrationsId + name: executionsId required: true schema: type: string - - in: path - name: versionsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: fileFormat + name: filter schema: type: string - in: query - name: files + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/versions/{versionsId}:takeoverEditLock: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/executions/{executionsId}/suspensions/{suspensionsId}:lift: parameters: *ref_1 post: description: >- - Clears the `locked_by` and `locked_at_timestamp`in the DRAFT version of - this integration. It then performs the same action as the - CreateDraftIntegrationVersion (i.e., copies the DRAFT version of the - integration as a SNAPSHOT and then creates a new DRAFT version with the - `locked_by` set to the `user_taking_over` and the `locked_at_timestamp` - set to the current timestamp). Both the `locked_by` and - `user_taking_over` are notified via email about the takeover. This RPC - throws an exception if the integration is not in DRAFT status or if the - `locked_by` and `locked_at_timestamp` fields are not set.The - TakeoverEdit lock is treated the same as an edit of the integration, and - hence shares ACLs with edit. Audit fields updated include - last_modified_timestamp, last_modified_by. - operationId: >- - integrations.projects.locations.products.integrations.versions.takeoverEditLock + * Lifts suspension for the Suspension task. Fetch corresponding + suspension with provided suspension Id, resolve suspension, and set up + suspension result for the Suspension Task. + operationId: integrations.projects.locations.integrations.executions.suspensions.lift requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaTakeoverEditLockRequest + #/components/schemas/GoogleCloudIntegrationsV1alphaLiftSuspensionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13033,7 +13142,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaTakeoverEditLockResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaLiftSuspensionResponse parameters: - in: path name: projectsId @@ -13046,36 +13155,35 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string - in: path - name: integrationsId + name: executionsId required: true schema: type: string - in: path - name: versionsId + name: suspensionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/versions/{versionsId}:unpublish: + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/executions/{executionsId}/suspensions/{suspensionsId}:resolve: parameters: *ref_1 post: description: >- - Sets the status of the ACTIVE integration to SNAPSHOT with a new tag - "PREVIOUSLY_PUBLISHED" after validating it. The "HEAD" and - "PUBLISH_REQUESTED" tags do not change. This RPC throws an exception if - the version being snapshot is not ACTIVE. Audit fields added include - action, action_by, action_timestamp. - operationId: integrations.projects.locations.products.integrations.versions.unpublish + * Resolves (lifts/rejects) any number of suspensions. If the integration + is already running, only the status of the suspension is updated. + Otherwise, the suspended integration will begin execution again. + operationId: >- + integrations.projects.locations.integrations.executions.suspensions.resolve requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaUnpublishIntegrationVersionRequest + #/components/schemas/GoogleCloudIntegrationsV1alphaResolveSuspensionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13087,7 +13195,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaResolveSuspensionResponse parameters: - in: path name: projectsId @@ -13100,29 +13209,38 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string - in: path - name: integrationsId + name: executionsId required: true schema: type: string - in: path - name: versionsId + name: suspensionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/executions: + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}:execute: parameters: *ref_1 - get: + post: description: >- - Lists the results of all the integration executions. The response - includes the same information as the [execution - log](https://cloud.google.com/application-integration/docs/viewing-logs) - in the Integration UI. - operationId: integrations.projects.locations.products.integrations.executions.list + Executes integrations synchronously by passing the trigger id in the + request body. The request is not returned until the requested executions + are either fulfilled or experienced an error. If the integration name is + not specified (passing `-`), all of the associated integration under the + given trigger_id will be executed. Otherwise only the specified + integration for the given `trigger_id` is executed. This is helpful for + execution the integration from UI. + operationId: integrations.projects.locations.integrations.execute + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaExecuteIntegrationsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13135,7 +13253,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListExecutionsResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaExecuteIntegrationsResponse parameters: - in: path name: projectsId @@ -13147,105 +13265,22 @@ paths: required: true schema: type: string - - in: path - name: productsId - required: true - schema: - type: string - in: path name: integrationsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: readMask - schema: - type: string - format: google-fieldmask - - in: query - name: filterParams.workflowName - schema: - type: string - - in: query - name: filterParams.startTime - schema: - type: string - format: int64 - - in: query - name: filterParams.endTime - schema: - type: string - format: int64 - - in: query - name: filterParams.eventStatuses - schema: - type: string - - in: query - name: filterParams.taskStatuses - schema: - type: string - - in: query - name: filterParams.customFilter - schema: - type: string - - in: query - name: filterParams.executionId - schema: - type: string - - in: query - name: filterParams.parameterValue - schema: - type: string - - in: query - name: filterParams.parameterType - schema: - type: string - - in: query - name: filterParams.parameterKey - schema: - type: string - - in: query - name: filterParams.parameterPairKey - schema: - type: string - - in: query - name: filterParams.parameterPairValue - schema: - type: string - - in: query - name: refreshAcl - schema: - type: boolean - - in: query - name: truncateParams - schema: - type: boolean - - in: query - name: snapshotMetadataWithoutParams - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/executions/{executionsId}: + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}:test: parameters: *ref_1 - get: - description: Get an execution in the specified project. - operationId: integrations.projects.locations.products.integrations.executions.get + post: + description: Execute the integration in draft state + operationId: integrations.projects.locations.integrations.test + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaTestIntegrationsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13257,7 +13292,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaExecution' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaTestIntegrationsResponse parameters: - in: path name: projectsId @@ -13269,27 +13305,16 @@ paths: required: true schema: type: string - - in: path - name: productsId - required: true - schema: - type: string - in: path name: integrationsId required: true schema: type: string - - in: path - name: executionsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/executions/{executionsId}:download: + /v1/projects/{projectsId}/locations/{locationsId}/integrations:search: parameters: *ref_1 get: - description: Download the execution. - operationId: >- - integrations.projects.locations.products.integrations.executions.download + description: Searches and returns the list of integrations in the specified project. + operationId: integrations.projects.locations.integrations.search security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13302,7 +13327,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaDownloadExecutionResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaSearchIntegrationsResponse parameters: - in: path name: projectsId @@ -13314,36 +13339,32 @@ paths: required: true schema: type: string - - in: path - name: productsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: query schema: type: string - - in: path - name: integrationsId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: executionsId - required: true + - in: query + name: enableNaturalLanguageQueryUnderstanding + schema: + type: boolean + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/executions/{executionsId}/suspensions/{suspensionsId}:resolve: + /v1/projects/{projectsId}/locations/{locationsId}/integrations: parameters: *ref_1 - post: - description: >- - * Resolves (lifts/rejects) any number of suspensions. If the integration - is already running, only the status of the suspension is updated. - Otherwise, the suspended integration will begin execution again. - operationId: >- - integrations.projects.locations.products.integrations.executions.suspensions.resolve - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaResolveSuspensionRequest + get: + description: Returns the list of all integrations in the specified project. + operationId: integrations.projects.locations.integrations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13356,7 +13377,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaResolveSuspensionResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaListIntegrationsResponse parameters: - in: path name: projectsId @@ -13368,35 +13389,31 @@ paths: required: true schema: type: string - - in: path - name: productsId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: integrationsId - required: true + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - - in: path - name: executionsId - required: true + - in: query + name: orderBy schema: type: string - - in: path - name: suspensionsId - required: true + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/executions/{executionsId}/suspensions: + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}:executeEvent: parameters: *ref_1 - get: + post: description: >- - * Lists suspensions associated with a specific execution. Only those - with permissions to resolve the relevant suspensions will be able to - view them. - operationId: >- - integrations.projects.locations.products.integrations.executions.suspensions.list + Executes an integration on receiving events from Integration Connector + triggers, Eventarc or CPS Trigger. Input data to integration is received + in body in json format + operationId: integrations.projects.locations.integrations.executeEvent security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13409,7 +13426,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListSuspensionsResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaExecuteEventResponse parameters: - in: path name: projectsId @@ -13421,53 +13438,28 @@ paths: required: true schema: type: string - - in: path - name: productsId - required: true - schema: - type: string - in: path name: integrationsId required: true schema: type: string - - in: path - name: executionsId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - in: query - name: orderBy + name: triggerId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/executions/{executionsId}/suspensions/{suspensionsId}:lift: + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}:schedule: parameters: *ref_1 post: description: >- - * Lifts suspension for the Suspension task. Fetch corresponding - suspension with provided suspension Id, resolve suspension, and set up - suspension result for the Suspension Task. - operationId: >- - integrations.projects.locations.products.integrations.executions.suspensions.lift + Schedules an integration for execution by passing the trigger id and the + scheduled time in the request body. + operationId: integrations.projects.locations.integrations.schedule requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaLiftSuspensionRequest + #/components/schemas/GoogleCloudIntegrationsV1alphaScheduleIntegrationsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13480,7 +13472,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaLiftSuspensionResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaScheduleIntegrationsResponse parameters: - in: path name: projectsId @@ -13492,38 +13484,16 @@ paths: required: true schema: type: string - - in: path - name: productsId - required: true - schema: - type: string - in: path name: integrationsId required: true schema: type: string - - in: path - name: executionsId - required: true - schema: - type: string - - in: path - name: suspensionsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/sfdcInstances: + /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}: parameters: *ref_1 - post: - description: >- - Creates an sfdc instance record. Store the sfdc instance in Spanner. - Returns the sfdc instance. - operationId: integrations.projects.locations.products.sfdcInstances.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcInstance' + delete: + description: Delete the selected integration and all versions inside + operationId: integrations.projects.locations.integrations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13535,8 +13505,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaSfdcInstance + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -13549,15 +13518,17 @@ paths: schema: type: string - in: path - name: productsId + name: integrationsId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/certificates: + parameters: *ref_1 get: description: >- - Lists all sfdc instances that match the filter. Restrict to sfdc - instances belonging to the current client only. - operationId: integrations.projects.locations.products.sfdcInstances.list + List all the certificates that match the filter. Restrict to certificate + of current client only. + operationId: integrations.projects.locations.certificates.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13570,7 +13541,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListSfdcInstancesResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaListCertificatesResponse parameters: - in: path name: projectsId @@ -13582,20 +13553,11 @@ paths: required: true schema: type: string - - in: path - name: productsId - required: true - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - in: query name: filter schema: @@ -13605,18 +13567,21 @@ paths: schema: type: string format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/sfdcInstances/{sfdcInstancesId}: - parameters: *ref_1 - patch: + - in: query + name: pageToken + schema: + type: string + post: description: >- - Updates an sfdc instance. Updates the sfdc instance in spanner. Returns - the sfdc instance. - operationId: integrations.projects.locations.products.sfdcInstances.patch + Creates a new certificate. The certificate will be registered to the + trawler service and will be encrypted using cloud KMS and stored in + Spanner Returns the certificate. + operationId: integrations.projects.locations.certificates.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcInstance' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13628,8 +13593,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaSfdcInstance + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' parameters: - in: path name: projectsId @@ -13641,24 +13605,51 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/certificates/{certificatesId}: + parameters: *ref_1 + get: + description: Get a certificates in the specified project. + operationId: integrations.projects.locations.certificates.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' + parameters: - in: path - name: productsId + name: projectsId required: true schema: type: string - in: path - name: sfdcInstancesId + name: locationsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: certificatesId + required: true schema: type: string - format: google-fieldmask - delete: - description: Deletes an sfdc instance. - operationId: integrations.projects.locations.products.sfdcInstances.delete + patch: + description: >- + Updates the certificate by id. If new certificate file is updated, it + will register with the trawler service, re-encrypt with cloud KMS and + update the Spanner record. Other fields will directly update the Spanner + record. Returns the Certificate. + operationId: integrations.projects.locations.certificates.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13670,7 +13661,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' parameters: - in: path name: projectsId @@ -13683,20 +13674,18 @@ paths: schema: type: string - in: path - name: productsId + name: certificatesId required: true schema: type: string - - in: path - name: sfdcInstancesId - required: true + - in: query + name: updateMask schema: type: string - get: - description: >- - Gets an sfdc instance. If the instance doesn't exist, Code.NOT_FOUND - exception will be thrown. - operationId: integrations.projects.locations.products.sfdcInstances.get + format: google-fieldmask + delete: + description: Delete a certificate + operationId: integrations.projects.locations.certificates.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13708,8 +13697,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaSfdcInstance + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -13722,28 +13710,21 @@ paths: schema: type: string - in: path - name: productsId - required: true - schema: - type: string - - in: path - name: sfdcInstancesId + name: certificatesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/sfdcInstances/{sfdcInstancesId}/sfdcChannels: + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/cloudFunctions: parameters: *ref_1 post: - description: >- - Creates an sfdc channel record. Store the sfdc channel in Spanner. - Returns the sfdc channel. - operationId: >- - integrations.projects.locations.products.sfdcInstances.sfdcChannels.create + description: Creates a cloud function project. + operationId: integrations.projects.locations.products.cloudFunctions.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaCreateCloudFunctionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13755,7 +13736,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaCreateCloudFunctionResponse parameters: - in: path name: projectsId @@ -13772,16 +13754,11 @@ paths: required: true schema: type: string - - in: path - name: sfdcInstancesId - required: true - schema: - type: string - get: - description: >- - Lists all sfdc channels that match the filter. Restrict to sfdc channels - belonging to the current client only. - operationId: integrations.projects.locations.products.sfdcInstances.sfdcChannels.list + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/authConfigs/{authConfigsId}: + parameters: *ref_1 + delete: + description: Deletes an auth config. + operationId: integrations.projects.locations.products.authConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13793,8 +13770,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListSfdcChannelsResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -13812,41 +13788,16 @@ paths: schema: type: string - in: path - name: sfdcInstancesId + name: authConfigsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: readMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/sfdcInstances/{sfdcInstancesId}/sfdcChannels/{sfdcChannelsId}: - parameters: *ref_1 - patch: + get: description: >- - Updates an sfdc channel. Updates the sfdc channel in spanner. Returns - the sfdc channel. - operationId: >- - integrations.projects.locations.products.sfdcInstances.sfdcChannels.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' + Gets a complete auth config. If the auth config doesn't exist, + Code.NOT_FOUND exception will be thrown. Returns the decrypted auth + config. + operationId: integrations.projects.locations.products.authConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13858,7 +13809,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' parameters: - in: path name: projectsId @@ -13876,24 +13827,23 @@ paths: schema: type: string - in: path - name: sfdcInstancesId - required: true - schema: - type: string - - in: path - name: sfdcChannelsId + name: authConfigsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes an sfdc channel. - operationId: >- - integrations.projects.locations.products.sfdcInstances.sfdcChannels.delete + patch: + description: >- + Updates an auth config. If credential is updated, fetch the encrypted + auth config from Spanner, decrypt with Cloud KMS key, update the + credential fields, re-encrypt with Cloud KMS key and update the Spanner + record. For other fields, directly update the Spanner record. Returns + the encrypted auth config. + operationId: integrations.projects.locations.products.authConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13905,7 +13855,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' parameters: - in: path name: projectsId @@ -13923,20 +13873,34 @@ paths: schema: type: string - in: path - name: sfdcInstancesId + name: authConfigsId required: true schema: type: string - - in: path - name: sfdcChannelsId - required: true + - in: query + name: clientCertificate.encryptedPrivateKey + schema: + type: string + - in: query + name: clientCertificate.passphrase + schema: + type: string + - in: query + name: clientCertificate.sslCertificate + schema: + type: string + - in: query + name: updateMask schema: type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/authConfigs: + parameters: *ref_1 get: description: >- - Gets an sfdc channel. If the channel doesn't exist, Code.NOT_FOUND - exception will be thrown. - operationId: integrations.projects.locations.products.sfdcInstances.sfdcChannels.get + Lists all auth configs that match the filter. Restrict to auth configs + belong to the current client only. + operationId: integrations.projects.locations.products.authConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13948,7 +13912,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaListAuthConfigsResponse parameters: - in: path name: projectsId @@ -13965,27 +13930,36 @@ paths: required: true schema: type: string - - in: path - name: sfdcInstancesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: readMask schema: type: string - - in: path - name: sfdcChannelsId - required: true + format: google-fieldmask + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/cloudFunctions: - parameters: *ref_1 post: - description: Creates a cloud function project. - operationId: integrations.projects.locations.cloudFunctions.create + description: >- + Creates an auth config record. Fetch corresponding credentials for + specific auth types, e.g. access token for OAuth 2.0, JWT token for JWT. + Encrypt the auth config with Cloud KMS and store the encrypted + credentials in Spanner. Returns the encrypted auth config. + operationId: integrations.projects.locations.products.authConfigs.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaCreateCloudFunctionRequest + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13997,8 +13971,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaCreateCloudFunctionResponse + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' parameters: - in: path name: projectsId @@ -14010,66 +13983,36 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/certificates: - parameters: *ref_1 - get: - description: >- - List all the certificates that match the filter. Restrict to certificate - of current client only. - operationId: integrations.projects.locations.certificates.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListCertificatesResponse - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - in: path - name: locationsId + name: productsId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: clientCertificate.sslCertificate schema: type: string - in: query - name: filter + name: clientCertificate.encryptedPrivateKey schema: type: string - in: query - name: readMask + name: clientCertificate.passphrase schema: type: string - format: google-fieldmask - post: + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/sfdcInstances/{sfdcInstancesId}/sfdcChannels/{sfdcChannelsId}: + parameters: *ref_1 + patch: description: >- - Creates a new certificate. The certificate will be registered to the - trawler service and will be encrypted using cloud KMS and stored in - Spanner Returns the certificate. - operationId: integrations.projects.locations.certificates.create + Updates an sfdc channel. Updates the sfdc channel in spanner. Returns + the sfdc channel. + operationId: >- + integrations.projects.locations.products.sfdcInstances.sfdcChannels.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14081,7 +14024,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' parameters: - in: path name: projectsId @@ -14093,51 +14036,31 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/certificates/{certificatesId}: - parameters: *ref_1 - get: - description: Get a certificates in the specified project. - operationId: integrations.projects.locations.certificates.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' - parameters: - in: path - name: projectsId + name: productsId required: true schema: type: string - in: path - name: locationsId + name: sfdcInstancesId required: true schema: type: string - in: path - name: certificatesId + name: sfdcChannelsId required: true schema: type: string - patch: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: description: >- - Updates the certificate by id. If new certificate file is updated, it - will register with the trawler service, re-encrypt with cloud KMS and - update the Spanner record. Other fields will directly update the Spanner - record. Returns the Certificate. - operationId: integrations.projects.locations.certificates.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' + Gets an sfdc channel. If the channel doesn't exist, Code.NOT_FOUND + exception will be thrown. + operationId: integrations.projects.locations.products.sfdcInstances.sfdcChannels.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14149,7 +14072,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' parameters: - in: path name: projectsId @@ -14162,18 +14085,24 @@ paths: schema: type: string - in: path - name: certificatesId + name: productsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: sfdcInstancesId + required: true + schema: + type: string + - in: path + name: sfdcChannelsId + required: true schema: type: string - format: google-fieldmask delete: - description: Delete a certificate - operationId: integrations.projects.locations.certificates.delete + description: Deletes an sfdc channel. + operationId: >- + integrations.projects.locations.products.sfdcInstances.sfdcChannels.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14198,24 +14127,27 @@ paths: schema: type: string - in: path - name: certificatesId + name: productsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authConfigs: + - in: path + name: sfdcInstancesId + required: true + schema: + type: string + - in: path + name: sfdcChannelsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/sfdcInstances/{sfdcInstancesId}/sfdcChannels: parameters: *ref_1 - post: + get: description: >- - Creates an auth config record. Fetch corresponding credentials for - specific auth types, e.g. access token for OAuth 2.0, JWT token for JWT. - Encrypt the auth config with Cloud KMS and store the encrypted - credentials in Spanner. Returns the encrypted auth config. - operationId: integrations.projects.locations.authConfigs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' + Lists all sfdc channels that match the filter. Restrict to sfdc channels + belonging to the current client only. + operationId: integrations.projects.locations.products.sfdcInstances.sfdcChannels.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14227,7 +14159,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaListSfdcChannelsResponse parameters: - in: path name: projectsId @@ -14239,23 +14172,45 @@ paths: required: true schema: type: string + - in: path + name: productsId + required: true + schema: + type: string + - in: path + name: sfdcInstancesId + required: true + schema: + type: string - in: query - name: clientCertificate.sslCertificate + name: filter schema: type: string - in: query - name: clientCertificate.encryptedPrivateKey + name: pageToken schema: type: string - in: query - name: clientCertificate.passphrase + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: readMask schema: type: string - get: + format: google-fieldmask + post: description: >- - Lists all auth configs that match the filter. Restrict to auth configs - belong to the current client only. - operationId: integrations.projects.locations.authConfigs.list + Creates an sfdc channel record. Store the sfdc channel in Spanner. + Returns the sfdc channel. + operationId: >- + integrations.projects.locations.products.sfdcInstances.sfdcChannels.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14267,8 +14222,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListAuthConfigsResponse + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' parameters: - in: path name: projectsId @@ -14280,39 +14234,28 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: productsId + required: true schema: type: string - - in: query - name: readMask + - in: path + name: sfdcInstancesId + required: true schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/authConfigs/{authConfigsId}: + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/sfdcInstances/{sfdcInstancesId}: parameters: *ref_1 patch: description: >- - Updates an auth config. If credential is updated, fetch the encrypted - auth config from Spanner, decrypt with Cloud KMS key, update the - credential fields, re-encrypt with Cloud KMS key and update the Spanner - record. For other fields, directly update the Spanner record. Returns - the encrypted auth config. - operationId: integrations.projects.locations.authConfigs.patch + Updates an sfdc instance. Updates the sfdc instance in spanner. Returns + the sfdc instance. + operationId: integrations.projects.locations.products.sfdcInstances.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcInstance' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14324,7 +14267,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaSfdcInstance parameters: - in: path name: projectsId @@ -14337,30 +14281,23 @@ paths: schema: type: string - in: path - name: authConfigsId + name: productsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: clientCertificate.sslCertificate - schema: - type: string - - in: query - name: clientCertificate.encryptedPrivateKey + - in: path + name: sfdcInstancesId + required: true schema: type: string - in: query - name: clientCertificate.passphrase + name: updateMask schema: type: string + format: google-fieldmask delete: - description: Deletes an auth config. - operationId: integrations.projects.locations.authConfigs.delete + description: Deletes an sfdc instance. + operationId: integrations.projects.locations.products.sfdcInstances.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14385,16 +14322,20 @@ paths: schema: type: string - in: path - name: authConfigsId + name: productsId + required: true + schema: + type: string + - in: path + name: sfdcInstancesId required: true schema: type: string get: description: >- - Gets a complete auth config. If the auth config doesn't exist, - Code.NOT_FOUND exception will be thrown. Returns the decrypted auth - config. - operationId: integrations.projects.locations.authConfigs.get + Gets an sfdc instance. If the instance doesn't exist, Code.NOT_FOUND + exception will be thrown. + operationId: integrations.projects.locations.products.sfdcInstances.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14406,7 +14347,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaSfdcInstance parameters: - in: path name: projectsId @@ -14419,15 +14361,22 @@ paths: schema: type: string - in: path - name: authConfigsId + name: productsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections: + - in: path + name: sfdcInstancesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/sfdcInstances: parameters: *ref_1 get: - description: Lists Connections in a given project and location. - operationId: integrations.projects.locations.connections.list + description: >- + Lists all sfdc instances that match the filter. Restrict to sfdc + instances belonging to the current client only. + operationId: integrations.projects.locations.products.sfdcInstances.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14440,7 +14389,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListConnectionsResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaListSfdcInstancesResponse parameters: - in: path name: projectsId @@ -14452,28 +14401,39 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: productsId + required: true schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: readMask schema: type: string + format: google-fieldmask - in: query name: filter schema: type: string - in: query - name: orderBy + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/connectionSchemaMetadata: - parameters: *ref_1 - get: - description: Lists the available entities and actions associated with a Connection. - operationId: integrations.projects.locations.connections.getConnectionSchemaMetadata + post: + description: >- + Creates an sfdc instance record. Store the sfdc instance in Spanner. + Returns the sfdc instance. + operationId: integrations.projects.locations.products.sfdcInstances.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcInstance' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14486,7 +14446,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaConnectionSchemaMetadata + #/components/schemas/GoogleCloudIntegrationsV1alphaSfdcInstance parameters: - in: path name: projectsId @@ -14499,17 +14459,21 @@ paths: schema: type: string - in: path - name: connectionsId + name: productsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/runtimeEntitySchemas: + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}:test: parameters: *ref_1 - get: - description: >- - Lists the JSON schemas for the properties of runtime entities, filtered - by entity name. - operationId: integrations.projects.locations.connections.runtimeEntitySchemas.list + post: + description: Execute the integration in draft state + operationId: integrations.projects.locations.products.integrations.test + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaTestIntegrationsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14522,7 +14486,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListRuntimeEntitySchemasResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaTestIntegrationsResponse parameters: - in: path name: projectsId @@ -14535,30 +14499,28 @@ paths: schema: type: string - in: path - name: connectionsId + name: productsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: integrationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connections/{connectionsId}/runtimeActionSchemas: + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}:schedule: parameters: *ref_1 - get: + post: description: >- - Lists the JSON schemas for the inputs and outputs of actions, filtered - by action name. - operationId: integrations.projects.locations.connections.runtimeActionSchemas.list + Schedules an integration for execution by passing the trigger id and the + scheduled time in the request body. + operationId: integrations.projects.locations.products.integrations.schedule + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaScheduleIntegrationsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14571,7 +14533,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListRuntimeActionSchemasResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaScheduleIntegrationsResponse parameters: - in: path name: projectsId @@ -14584,24 +14546,16 @@ paths: schema: type: string - in: path - name: connectionsId + name: productsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: integrationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}:execute: + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}:execute: parameters: *ref_1 post: description: >- @@ -14612,7 +14566,7 @@ paths: given trigger_id will be executed. Otherwise only the specified integration for the given `trigger_id` is executed. This is helpful for execution the integration from UI. - operationId: integrations.projects.locations.integrations.execute + operationId: integrations.projects.locations.products.integrations.execute requestBody: content: application/json: @@ -14643,24 +14597,21 @@ paths: required: true schema: type: string + - in: path + name: productsId + required: true + schema: + type: string - in: path name: integrationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}:schedule: + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations: parameters: *ref_1 - post: - description: >- - Schedules an integration for execution by passing the trigger id and the - scheduled time in the request body. - operationId: integrations.projects.locations.integrations.schedule - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaScheduleIntegrationsRequest + get: + description: Returns the list of all integrations in the specified project. + operationId: integrations.projects.locations.products.integrations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14673,7 +14624,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaScheduleIntegrationsResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaListIntegrationsResponse parameters: - in: path name: projectsId @@ -14686,18 +14637,42 @@ paths: schema: type: string - in: path - name: integrationsId + name: productsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}:executeEvent: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/executions/{executionsId}/suspensions/{suspensionsId}:lift: parameters: *ref_1 post: description: >- - Executes an integration on receiving events from Integration Connector - triggers, Eventarc or CPS Trigger. Input data to integration is received - in body in json format - operationId: integrations.projects.locations.integrations.executeEvent + * Lifts suspension for the Suspension task. Fetch corresponding + suspension with provided suspension Id, resolve suspension, and set up + suspension result for the Suspension Task. + operationId: >- + integrations.projects.locations.products.integrations.executions.suspensions.lift + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaLiftSuspensionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14710,7 +14685,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaExecuteEventResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaLiftSuspensionResponse parameters: - in: path name: projectsId @@ -14722,26 +14697,35 @@ paths: required: true schema: type: string + - in: path + name: productsId + required: true + schema: + type: string - in: path name: integrationsId required: true schema: type: string - - in: query - name: triggerId + - in: path + name: executionsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}:test: + - in: path + name: suspensionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/executions/{executionsId}/suspensions: parameters: *ref_1 - post: - description: Execute the integration in draft state - operationId: integrations.projects.locations.integrations.test - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaTestIntegrationsRequest + get: + description: >- + * Lists suspensions associated with a specific execution. Only those + with permissions to resolve the relevant suspensions will be able to + view them. + operationId: >- + integrations.projects.locations.products.integrations.executions.suspensions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14754,7 +14738,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaTestIntegrationsResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaListSuspensionsResponse parameters: - in: path name: projectsId @@ -14766,16 +14750,53 @@ paths: required: true schema: type: string + - in: path + name: productsId + required: true + schema: + type: string - in: path name: integrationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations: + - in: path + name: executionsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/executions/{executionsId}/suspensions/{suspensionsId}:resolve: parameters: *ref_1 - get: - description: Returns the list of all integrations in the specified project. - operationId: integrations.projects.locations.integrations.list + post: + description: >- + * Resolves (lifts/rejects) any number of suspensions. If the integration + is already running, only the status of the suspension is updated. + Otherwise, the suspended integration will begin execution again. + operationId: >- + integrations.projects.locations.products.integrations.executions.suspensions.resolve + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaResolveSuspensionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14788,7 +14809,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListIntegrationsResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaResolveSuspensionResponse parameters: - in: path name: projectsId @@ -14800,28 +14821,31 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: productsId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: integrationsId + required: true schema: type: string - - in: query - name: orderBy + - in: path + name: executionsId + required: true schema: type: string - - in: query - name: filter + - in: path + name: suspensionsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations:search: + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/executions/{executionsId}: parameters: *ref_1 get: - description: Searches and returns the list of integrations in the specified project. - operationId: integrations.projects.locations.integrations.search + description: Get an execution in the specified project. + operationId: integrations.projects.locations.products.integrations.executions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14833,8 +14857,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaSearchIntegrationsResponse + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaExecution' parameters: - in: path name: projectsId @@ -14846,32 +14869,27 @@ paths: required: true schema: type: string - - in: query - name: query + - in: path + name: productsId + required: true schema: type: string - - in: query - name: filter + - in: path + name: integrationsId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: executionsId + required: true schema: type: string - - in: query - name: enableNaturalLanguageQueryUnderstanding - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/executions/{executionsId}:download: parameters: *ref_1 - delete: - description: Delete the selected integration and all versions inside - operationId: integrations.projects.locations.integrations.delete + get: + description: Download the execution. + operationId: >- + integrations.projects.locations.products.integrations.executions.download security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14883,7 +14901,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaDownloadExecutionResponse parameters: - in: path name: projectsId @@ -14895,16 +14914,30 @@ paths: required: true schema: type: string + - in: path + name: productsId + required: true + schema: + type: string - in: path name: integrationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions: + - in: path + name: executionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/executions: parameters: *ref_1 get: - description: Returns the list of all integration versions in the specified project. - operationId: integrations.projects.locations.integrations.versions.list + description: >- + Lists the results of all the integration executions. The response + includes the same information as the [execution + log](https://cloud.google.com/application-integration/docs/viewing-logs) + in the Integration UI. + operationId: integrations.projects.locations.products.integrations.executions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14917,7 +14950,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListIntegrationVersionsResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaListExecutionsResponse parameters: - in: path name: projectsId @@ -14929,6 +14962,11 @@ paths: required: true schema: type: string + - in: path + name: productsId + required: true + schema: + type: string - in: path name: integrationsId required: true @@ -14940,31 +14978,100 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filterParams.parameterPairValue + schema: + type: string + - in: query + name: filterParams.startTime + schema: + type: string + format: int64 + - in: query + name: filterParams.eventStatuses + schema: + type: string + - in: query + name: refreshAcl + schema: + type: boolean + - in: query + name: filterParams.workflowName + schema: + type: string + - in: query + name: filterParams.parameterValue + schema: + type: string + - in: query + name: filterParams.endTime schema: type: string + format: int64 - in: query name: filter schema: type: string + - in: query + name: filterParams.customFilter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filterParams.parameterPairKey + schema: + type: string + - in: query + name: filterParams.executionId + schema: + type: string + - in: query + name: filterParams.taskStatuses + schema: + type: string + - in: query + name: snapshotMetadataWithoutParams + schema: + type: boolean + - in: query + name: filterParams.parameterType + schema: + type: string + - in: query + name: truncateParams + schema: + type: boolean + - in: query + name: filterParams.parameterKey + schema: + type: string - in: query name: orderBy schema: type: string - in: query - name: fieldMask + name: readMask schema: type: string format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/versions:upload: + parameters: *ref_1 post: - description: Create a integration with a draft version in the specified project. - operationId: integrations.projects.locations.integrations.versions.create + description: >- + Uploads an integration. The content can be a previously downloaded + integration. Performs the same function as + CreateDraftIntegrationVersion, but accepts input in a string format, + which holds the complete representation of the IntegrationVersion + content. + operationId: integrations.projects.locations.products.integrations.versions.upload requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + #/components/schemas/GoogleCloudIntegrationsV1alphaUploadIntegrationVersionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14977,7 +15084,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + #/components/schemas/GoogleCloudIntegrationsV1alphaUploadIntegrationVersionResponse parameters: - in: path name: projectsId @@ -14990,29 +15097,29 @@ paths: schema: type: string - in: path - name: integrationsId + name: productsId required: true schema: type: string - - in: query - name: newIntegration - schema: - type: boolean - - in: query - name: createSampleIntegrations + - in: path + name: integrationsId + required: true schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/versions/{versionsId}: parameters: *ref_1 - patch: - description: Update a integration with a draft version in the specified project. - operationId: integrations.projects.locations.integrations.versions.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + delete: + description: >- + Soft-deletes the integration. Changes the status of the integration to + ARCHIVED. If the integration being ARCHIVED is tagged as "HEAD", the tag + is removed from this snapshot and set to the previous non-ARCHIVED + snapshot. The PUBLISH_REQUESTED, DUE_FOR_DELETION tags are removed too. + This RPC throws an exception if the version being deleted is DRAFT, and + if the `locked_by` user is not the same as the user performing the + Delete. Audit fields updated include last_modified_timestamp, + last_modified_by. Any existing lock is released when Deleting a + integration. Currently, there is no undelete mechanism. + operationId: integrations.projects.locations.products.integrations.versions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15024,8 +15131,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -15038,23 +15144,23 @@ paths: schema: type: string - in: path - name: integrationsId + name: productsId required: true schema: type: string - in: path - name: versionsId + name: integrationsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: versionsId + required: true schema: type: string - format: google-fieldmask get: description: Get a integration in the specified project. - operationId: integrations.projects.locations.integrations.versions.get + operationId: integrations.projects.locations.products.integrations.versions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15079,6 +15185,11 @@ paths: required: true schema: type: string + - in: path + name: productsId + required: true + schema: + type: string - in: path name: integrationsId required: true @@ -15089,18 +15200,15 @@ paths: required: true schema: type: string - delete: - description: >- - Soft-deletes the integration. Changes the status of the integration to - ARCHIVED. If the integration being ARCHIVED is tagged as "HEAD", the tag - is removed from this snapshot and set to the previous non-ARCHIVED - snapshot. The PUBLISH_REQUESTED, DUE_FOR_DELETION tags are removed too. - This RPC throws an exception if the version being deleted is DRAFT, and - if the `locked_by` user is not the same as the user performing the - Delete. Audit fields updated include last_modified_timestamp, - last_modified_by. Any existing lock is released when Deleting a - integration. Currently, there is no undelete mechanism. - operationId: integrations.projects.locations.integrations.versions.delete + patch: + description: Update a integration with a draft version in the specified project. + operationId: integrations.projects.locations.products.integrations.versions.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15112,7 +15220,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion parameters: - in: path name: projectsId @@ -15124,6 +15233,11 @@ paths: required: true schema: type: string + - in: path + name: productsId + required: true + schema: + type: string - in: path name: integrationsId required: true @@ -15134,7 +15248,12 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}:publish: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/versions/{versionsId}:publish: parameters: *ref_1 post: description: >- @@ -15144,7 +15263,7 @@ paths: performing the Publish. Audit fields updated include last_published_timestamp, last_published_by, last_modified_timestamp, last_modified_by. Any existing lock is on this integration is released. - operationId: integrations.projects.locations.integrations.versions.publish + operationId: integrations.projects.locations.products.integrations.versions.publish requestBody: content: application/json: @@ -15175,6 +15294,11 @@ paths: required: true schema: type: string + - in: path + name: productsId + required: true + schema: + type: string - in: path name: integrationsId required: true @@ -15185,22 +15309,22 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions:upload: + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/versions/{versionsId}:unpublish: parameters: *ref_1 - post: - description: >- - Uploads an integration. The content can be a previously downloaded - integration. Performs the same function as - CreateDraftIntegrationVersion, but accepts input in a string format, - which holds the complete representation of the IntegrationVersion - content. - operationId: integrations.projects.locations.integrations.versions.upload + post: + description: >- + Sets the status of the ACTIVE integration to SNAPSHOT with a new tag + "PREVIOUSLY_PUBLISHED" after validating it. The "HEAD" and + "PUBLISH_REQUESTED" tags do not change. This RPC throws an exception if + the version being snapshot is not ACTIVE. Audit fields added include + action, action_by, action_timestamp. + operationId: integrations.projects.locations.products.integrations.versions.unpublish requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaUploadIntegrationVersionRequest + #/components/schemas/GoogleCloudIntegrationsV1alphaUnpublishIntegrationVersionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15212,8 +15336,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaUploadIntegrationVersionResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -15225,18 +15348,26 @@ paths: required: true schema: type: string + - in: path + name: productsId + required: true + schema: + type: string - in: path name: integrationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}:download: + - in: path + name: versionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/versions: parameters: *ref_1 get: - description: >- - Downloads an integration. Retrieves the `IntegrationVersion` for a given - `integration_id` and returns the response as a string. - operationId: integrations.projects.locations.integrations.versions.download + description: Returns the list of all integration versions in the specified project. + operationId: integrations.projects.locations.products.integrations.versions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15249,7 +15380,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaDownloadIntegrationVersionResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaListIntegrationVersionsResponse parameters: - in: path name: projectsId @@ -15262,33 +15393,46 @@ paths: schema: type: string - in: path - name: integrationsId + name: productsId required: true schema: type: string - in: path - name: versionsId + name: integrationsId required: true schema: type: string - in: query - name: fileFormat + name: orderBy schema: type: string - in: query - name: files + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}:downloadJsonPackage: - parameters: *ref_1 - get: - description: >- - Downloads an Integration version package like - IntegrationVersion,Integration Config etc. Retrieves the - IntegrationVersion package for a given `integration_id` and returns the - response as a JSON. - operationId: >- - integrations.projects.locations.integrations.versions.downloadJsonPackage + - in: query + name: fieldMask + schema: + type: string + format: google-fieldmask + - in: query + name: pageToken + schema: + type: string + post: + description: Create a integration with a draft version in the specified project. + operationId: integrations.projects.locations.products.integrations.versions.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15301,7 +15445,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaDownloadJsonPackageResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaIntegrationVersion parameters: - in: path name: projectsId @@ -15314,35 +15458,47 @@ paths: schema: type: string - in: path - name: integrationsId + name: productsId required: true schema: type: string - in: path - name: versionsId + name: integrationsId required: true schema: type: string - in: query - name: files + name: createSampleIntegrations schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}:unpublish: + type: boolean + - in: query + name: newIntegration + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/versions/{versionsId}:takeoverEditLock: parameters: *ref_1 post: description: >- - Sets the status of the ACTIVE integration to SNAPSHOT with a new tag - "PREVIOUSLY_PUBLISHED" after validating it. The "HEAD" and - "PUBLISH_REQUESTED" tags do not change. This RPC throws an exception if - the version being snapshot is not ACTIVE. Audit fields added include - action, action_by, action_timestamp. - operationId: integrations.projects.locations.integrations.versions.unpublish + Clears the `locked_by` and `locked_at_timestamp`in the DRAFT version of + this integration. It then performs the same action as the + CreateDraftIntegrationVersion (i.e., copies the DRAFT version of the + integration as a SNAPSHOT and then creates a new DRAFT version with the + `locked_by` set to the `user_taking_over` and the `locked_at_timestamp` + set to the current timestamp). Both the `locked_by` and + `user_taking_over` are notified via email about the takeover. This RPC + throws an exception if the integration is not in DRAFT status or if the + `locked_by` and `locked_at_timestamp` fields are not set.The + TakeoverEdit lock is treated the same as an edit of the integration, and + hence shares ACLs with edit. Audit fields updated include + last_modified_timestamp, last_modified_by. + operationId: >- + integrations.projects.locations.products.integrations.versions.takeoverEditLock requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaUnpublishIntegrationVersionRequest + #/components/schemas/GoogleCloudIntegrationsV1alphaTakeoverEditLockRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15354,7 +15510,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaTakeoverEditLockResponse parameters: - in: path name: projectsId @@ -15366,6 +15523,11 @@ paths: required: true schema: type: string + - in: path + name: productsId + required: true + schema: + type: string - in: path name: integrationsId required: true @@ -15376,16 +15538,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}/testCases: + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/integrations/{integrationsId}/versions/{versionsId}:download: parameters: *ref_1 - post: - description: Creates a new test case - operationId: integrations.projects.locations.integrations.versions.testCases.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestCase' + get: + description: >- + Downloads an integration. Retrieves the `IntegrationVersion` for a given + `integration_id` and returns the response as a string. + operationId: integrations.projects.locations.products.integrations.versions.download security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15397,7 +15556,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestCase' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaDownloadIntegrationVersionResponse parameters: - in: path name: projectsId @@ -15409,6 +15569,11 @@ paths: required: true schema: type: string + - in: path + name: productsId + required: true + schema: + type: string - in: path name: integrationsId required: true @@ -15420,12 +15585,20 @@ paths: schema: type: string - in: query - name: testCaseId + name: files + schema: + type: string + - in: query + name: fileFormat schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/certificates: + parameters: *ref_1 get: - description: Lists all the test cases that satisfy the filters. - operationId: integrations.projects.locations.integrations.versions.testCases.list + description: >- + List all the certificates that match the filter. Restrict to certificate + of current client only. + operationId: integrations.projects.locations.products.certificates.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15438,7 +15611,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListTestCasesResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaListCertificatesResponse parameters: - in: path name: projectsId @@ -15451,42 +15624,39 @@ paths: schema: type: string - in: path - name: integrationsId - required: true - schema: - type: string - - in: path - name: versionsId + name: productsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query - name: orderBy + name: readMask schema: type: string + format: google-fieldmask - in: query - name: readMask + name: pageToken schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}/testCases/{testCasesId}: - parameters: *ref_1 - get: - description: Get a test case - operationId: integrations.projects.locations.integrations.versions.testCases.get + post: + description: >- + Creates a new certificate. The certificate will be registered to the + trawler service and will be encrypted using cloud KMS and stored in + Spanner Returns the certificate. + operationId: integrations.projects.locations.products.certificates.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15498,7 +15668,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestCase' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' parameters: - in: path name: projectsId @@ -15511,28 +15681,60 @@ paths: schema: type: string - in: path - name: integrationsId + name: productsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/certificates/{certificatesId}: + parameters: *ref_1 + delete: + description: Delete a certificate + operationId: integrations.projects.locations.products.certificates.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId required: true schema: type: string - in: path - name: versionsId + name: locationsId required: true schema: type: string - in: path - name: testCasesId + name: productsId + required: true + schema: + type: string + - in: path + name: certificatesId required: true schema: type: string patch: - description: Updates a test case - operationId: integrations.projects.locations.integrations.versions.testCases.patch + description: >- + Updates the certificate by id. If new certificate file is updated, it + will register with the trawler service, re-encrypt with cloud KMS and + update the Spanner record. Other fields will directly update the Spanner + record. Returns the Certificate. + operationId: integrations.projects.locations.products.certificates.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestCase' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15544,7 +15746,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestCase' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' parameters: - in: path name: projectsId @@ -15557,17 +15759,12 @@ paths: schema: type: string - in: path - name: integrationsId - required: true - schema: - type: string - - in: path - name: versionsId + name: productsId required: true schema: type: string - in: path - name: testCasesId + name: certificatesId required: true schema: type: string @@ -15576,9 +15773,9 @@ paths: schema: type: string format: google-fieldmask - delete: - description: Deletes a test case - operationId: integrations.projects.locations.integrations.versions.testCases.delete + get: + description: Get a certificates in the specified project. + operationId: integrations.projects.locations.products.certificates.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15590,7 +15787,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaCertificate' parameters: - in: path name: projectsId @@ -15603,32 +15800,26 @@ paths: schema: type: string - in: path - name: integrationsId - required: true - schema: - type: string - - in: path - name: versionsId + name: productsId required: true schema: type: string - in: path - name: testCasesId + name: certificatesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}/testCases/{testCasesId}:executeTest: + /v1/projects/{projectsId}/locations/{locationsId}/cloudFunctions: parameters: *ref_1 post: - description: Executes functional test - operationId: >- - integrations.projects.locations.integrations.versions.testCases.executeTest + description: Creates a cloud function project. + operationId: integrations.projects.locations.cloudFunctions.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaExecuteTestCaseRequest + #/components/schemas/GoogleCloudIntegrationsV1alphaCreateCloudFunctionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15641,7 +15832,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaExecuteTestCaseResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaCreateCloudFunctionResponse parameters: - in: path name: projectsId @@ -15653,36 +15844,14 @@ paths: required: true schema: type: string - - in: path - name: integrationsId - required: true - schema: - type: string - - in: path - name: versionsId - required: true - schema: - type: string - - in: path - name: testCasesId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}/testCases:upload: + /v1/projects/{projectsId}/locations/{locationsId}/authConfigs/{authConfigsId}: parameters: *ref_1 - post: + get: description: >- - Uploads a test case. The content can be a previously downloaded test - case. Performs the same function as CreateTestCase, but accepts input in - a string format, which holds the complete representation of the TestCase - content. - operationId: integrations.projects.locations.integrations.versions.testCases.upload - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaUploadTestCaseRequest + Gets a complete auth config. If the auth config doesn't exist, + Code.NOT_FOUND exception will be thrown. Returns the decrypted auth + config. + operationId: integrations.projects.locations.authConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15694,8 +15863,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaUploadTestCaseResponse + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' parameters: - in: path name: projectsId @@ -15708,22 +15876,23 @@ paths: schema: type: string - in: path - name: integrationsId - required: true - schema: - type: string - - in: path - name: versionsId + name: authConfigsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}/testCases/{testCasesId}:download: - parameters: *ref_1 - get: + patch: description: >- - Downloads a test case. Retrieves the `TestCase` for a given - `test_case_id` and returns the response as a string. - operationId: integrations.projects.locations.integrations.versions.testCases.download + Updates an auth config. If credential is updated, fetch the encrypted + auth config from Spanner, decrypt with Cloud KMS key, update the + credential fields, re-encrypt with Cloud KMS key and update the Spanner + record. For other fields, directly update the Spanner record. Returns + the encrypted auth config. + operationId: integrations.projects.locations.authConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15735,8 +15904,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaDownloadTestCaseResponse + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' parameters: - in: path name: projectsId @@ -15749,36 +15917,30 @@ paths: schema: type: string - in: path - name: integrationsId + name: authConfigsId required: true schema: type: string - - in: path - name: versionsId - required: true + - in: query + name: updateMask schema: type: string - - in: path - name: testCasesId - required: true + format: google-fieldmask + - in: query + name: clientCertificate.passphrase schema: type: string - in: query - name: fileFormat + name: clientCertificate.sslCertificate schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}/testCases/{testCasesId}:takeoverEditLock: - parameters: *ref_1 - post: - description: Clear the lock fields and assign them to current user - operationId: >- - integrations.projects.locations.integrations.versions.testCases.takeoverEditLock - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaTakeoverTestCaseEditLockRequest + - in: query + name: clientCertificate.encryptedPrivateKey + schema: + type: string + delete: + description: Deletes an auth config. + operationId: integrations.projects.locations.authConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15790,7 +15952,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTestCase' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -15803,31 +15965,24 @@ paths: schema: type: string - in: path - name: integrationsId - required: true - schema: - type: string - - in: path - name: versionsId - required: true - schema: - type: string - - in: path - name: testCasesId + name: authConfigsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/versions/{versionsId}/testCases:execute: + /v1/projects/{projectsId}/locations/{locationsId}/authConfigs: parameters: *ref_1 post: - description: Executes all test cases in an integration version. - operationId: integrations.projects.locations.integrations.versions.testCases.execute + description: >- + Creates an auth config record. Fetch corresponding credentials for + specific auth types, e.g. access token for OAuth 2.0, JWT token for JWT. + Encrypt the auth config with Cloud KMS and store the encrypted + credentials in Spanner. Returns the encrypted auth config. + operationId: integrations.projects.locations.authConfigs.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaExecuteTestCasesRequest + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15839,8 +15994,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaExecuteTestCasesResponse + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaAuthConfig' parameters: - in: path name: projectsId @@ -15852,25 +16006,23 @@ paths: required: true schema: type: string - - in: path - name: integrationsId - required: true + - in: query + name: clientCertificate.passphrase schema: type: string - - in: path - name: versionsId - required: true + - in: query + name: clientCertificate.encryptedPrivateKey + schema: + type: string + - in: query + name: clientCertificate.sslCertificate schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/executions: - parameters: *ref_1 get: description: >- - Lists the results of all the integration executions. The response - includes the same information as the [execution - log](https://cloud.google.com/application-integration/docs/viewing-logs) - in the Integration UI. - operationId: integrations.projects.locations.integrations.executions.list + Lists all auth configs that match the filter. Restrict to auth configs + belong to the current client only. + operationId: integrations.projects.locations.authConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15883,7 +16035,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListExecutionsResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaListAuthConfigsResponse parameters: - in: path name: projectsId @@ -15895,100 +16047,35 @@ paths: required: true schema: type: string - - in: path - name: integrationsId - required: true - schema: - type: string - in: query - name: filter + name: readMask schema: type: string + format: google-fieldmask - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: readMask - schema: - type: string - format: google-fieldmask - - in: query - name: filterParams.workflowName - schema: - type: string - - in: query - name: filterParams.startTime - schema: - type: string - format: int64 - - in: query - name: filterParams.endTime - schema: - type: string - format: int64 - - in: query - name: filterParams.eventStatuses - schema: - type: string - - in: query - name: filterParams.taskStatuses - schema: - type: string - - in: query - name: filterParams.customFilter - schema: - type: string - - in: query - name: filterParams.executionId - schema: - type: string - - in: query - name: filterParams.parameterValue - schema: - type: string - - in: query - name: filterParams.parameterType - schema: - type: string - - in: query - name: filterParams.parameterKey - schema: - type: string - - in: query - name: filterParams.parameterPairKey - schema: - type: string - - in: query - name: filterParams.parameterPairValue - schema: - type: string - - in: query - name: refreshAcl - schema: - type: boolean - - in: query - name: truncateParams + name: filter schema: - type: boolean + type: string - in: query - name: snapshotMetadataWithoutParams + name: pageToken schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/executions/{executionsId}: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/appsScriptProjects:link: parameters: *ref_1 - get: - description: Get an execution in the specified project. - operationId: integrations.projects.locations.integrations.executions.get + post: + description: Links a existing Apps Script project. + operationId: integrations.projects.locations.appsScriptProjects.link + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaLinkAppsScriptProjectRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16000,7 +16087,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaExecution' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaLinkAppsScriptProjectResponse parameters: - in: path name: projectsId @@ -16012,30 +16100,17 @@ paths: required: true schema: type: string - - in: path - name: integrationsId - required: true - schema: - type: string - - in: path - name: executionsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/executions/{executionsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/appsScriptProjects: parameters: *ref_1 post: - description: >- - Cancellation of an execution and associated sub-executions. This will - not cancel an IN_PROCESS or completed(SUCCESSFUL, FAILED or CANCELLED) - executions. - operationId: integrations.projects.locations.integrations.executions.cancel + description: Creates an Apps Script project. + operationId: integrations.projects.locations.appsScriptProjects.create requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaCancelExecutionRequest + #/components/schemas/GoogleCloudIntegrationsV1alphaCreateAppsScriptProjectRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16048,7 +16123,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaCancelExecutionResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaCreateAppsScriptProjectResponse parameters: - in: path name: projectsId @@ -16060,21 +16135,17 @@ paths: required: true schema: type: string - - in: path - name: integrationsId - required: true - schema: - type: string - - in: path - name: executionsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/executions/{executionsId}:download: + /v1/projects/{projectsId}/locations/{locationsId}/clients:provisionClientPostProcessor: parameters: *ref_1 - get: - description: Download the execution. - operationId: integrations.projects.locations.integrations.executions.download + post: + description: Perform post provisioning steps after client is provisioned. + operationId: integrations.projects.locations.clients.provisionClientPostProcessor + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaProvisionClientPostProcessorRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16087,7 +16158,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaDownloadExecutionResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaProvisionClientPostProcessorResponse parameters: - in: path name: projectsId @@ -16099,29 +16170,19 @@ paths: required: true schema: type: string - - in: path - name: integrationsId - required: true - schema: - type: string - - in: path - name: executionsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/executions/{executionsId}:replay: + /v1/projects/{projectsId}/locations/{locationsId}/clients:deprovision: parameters: *ref_1 post: description: >- - Re-execute an existing execution, with same request parameters and - execution strategy. - operationId: integrations.projects.locations.integrations.executions.replay + Perform the deprovisioning steps to disable a user GCP project to use IP + and purge all related data in a wipeout-compliant way. + operationId: integrations.projects.locations.clients.deprovision requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaReplayExecutionRequest + #/components/schemas/GoogleCloudIntegrationsV1alphaDeprovisionClientRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16133,8 +16194,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaReplayExecutionResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -16146,31 +16206,17 @@ paths: required: true schema: type: string - - in: path - name: integrationsId - required: true - schema: - type: string - - in: path - name: executionsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/executions/{executionsId}/suspensions/{suspensionsId}:resolve: + /v1/projects/{projectsId}/locations/{locationsId}/clients:replace: parameters: *ref_1 post: - description: >- - * Resolves (lifts/rejects) any number of suspensions. If the integration - is already running, only the status of the suspension is updated. - Otherwise, the suspended integration will begin execution again. - operationId: >- - integrations.projects.locations.integrations.executions.suspensions.resolve + description: Update run-as service account for provisioned client + operationId: integrations.projects.locations.clients.replace requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaResolveSuspensionRequest + #/components/schemas/GoogleCloudIntegrationsV1alphaReplaceServiceAccountRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16182,8 +16228,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaResolveSuspensionResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -16195,29 +16240,54 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/clients:switchVariableMasking: + parameters: *ref_1 + post: + description: Update variable masking for provisioned client + operationId: integrations.projects.locations.clients.switchVariableMasking + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaSwitchVariableMaskingRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: - in: path - name: integrationsId - required: true - schema: - type: string - - in: path - name: executionsId + name: projectsId required: true schema: type: string - in: path - name: suspensionsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/executions/{executionsId}/suspensions: + /v1/projects/{projectsId}/locations/{locationsId}/clients:provision: parameters: *ref_1 - get: + post: description: >- - * Lists suspensions associated with a specific execution. Only those - with permissions to resolve the relevant suspensions will be able to - view them. - operationId: integrations.projects.locations.integrations.executions.suspensions.list + Perform the provisioning steps to enable a user GCP project to use IP. + If GCP project already registered on IP end via Apigee Integration, + provisioning will fail. + operationId: integrations.projects.locations.clients.provision + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaProvisionClientRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16229,8 +16299,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListSuspensionsResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -16242,47 +16311,19 @@ paths: required: true schema: type: string - - in: path - name: integrationsId - required: true - schema: - type: string - - in: path - name: executionsId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/integrations/{integrationsId}/executions/{executionsId}/suspensions/{suspensionsId}:lift: + /v1/projects/{projectsId}/locations/{locationsId}/clients:changeConfig: parameters: *ref_1 post: description: >- - * Lifts suspension for the Suspension task. Fetch corresponding - suspension with provided suspension Id, resolve suspension, and set up - suspension result for the Suspension Task. - operationId: integrations.projects.locations.integrations.executions.suspensions.lift + Updates the client customer configuration for the given project and + location resource name + operationId: integrations.projects.locations.clients.changeConfig requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaLiftSuspensionRequest + #/components/schemas/GoogleCloudIntegrationsV1alphaChangeCustomerConfigRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16295,7 +16336,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaLiftSuspensionResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaChangeCustomerConfigResponse parameters: - in: path name: projectsId @@ -16307,33 +16348,51 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/clients:toggleHttp: + parameters: *ref_1 + post: + description: Enable/Disable http call for provisioned client + operationId: integrations.projects.locations.clients.toggleHttp + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaToggleHttpRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: - in: path - name: integrationsId - required: true - schema: - type: string - - in: path - name: executionsId + name: projectsId required: true schema: type: string - in: path - name: suspensionsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/sfdcInstances: + /v1/projects/{projectsId}/locations/{locationsId}/clients:switch: parameters: *ref_1 post: - description: >- - Creates an sfdc instance record. Store the sfdc instance in Spanner. - Returns the sfdc instance. - operationId: integrations.projects.locations.sfdcInstances.create + description: Update client from GMEK to CMEK + operationId: integrations.projects.locations.clients.switch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcInstance' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaSwitchEncryptionRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16345,8 +16404,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaSfdcInstance + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -16358,6 +16416,8 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/sfdcInstances: + parameters: *ref_1 get: description: >- Lists all sfdc instances that match the filter. Restrict to sfdc @@ -16392,10 +16452,6 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - in: query name: filter schema: @@ -16405,13 +16461,15 @@ paths: schema: type: string format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/sfdcInstances/{sfdcInstancesId}: - parameters: *ref_1 - patch: + - in: query + name: pageToken + schema: + type: string + post: description: >- - Updates an sfdc instance. Updates the sfdc instance in spanner. Returns - the sfdc instance. - operationId: integrations.projects.locations.sfdcInstances.patch + Creates an sfdc instance record. Store the sfdc instance in Spanner. + Returns the sfdc instance. + operationId: integrations.projects.locations.sfdcInstances.create requestBody: content: application/json: @@ -16441,16 +16499,8 @@ paths: required: true schema: type: string - - in: path - name: sfdcInstancesId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/sfdcInstances/{sfdcInstancesId}: + parameters: *ref_1 delete: description: Deletes an sfdc instance. operationId: integrations.projects.locations.sfdcInstances.delete @@ -16516,18 +16566,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/sfdcInstances/{sfdcInstancesId}/sfdcChannels: - parameters: *ref_1 - post: + patch: description: >- - Creates an sfdc channel record. Store the sfdc channel in Spanner. - Returns the sfdc channel. - operationId: integrations.projects.locations.sfdcInstances.sfdcChannels.create + Updates an sfdc instance. Updates the sfdc instance in spanner. Returns + the sfdc instance. + operationId: integrations.projects.locations.sfdcInstances.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcInstance' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16539,7 +16587,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaSfdcInstance parameters: - in: path name: projectsId @@ -16556,11 +16605,18 @@ paths: required: true schema: type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/sfdcInstances/{sfdcInstancesId}/sfdcChannels/{sfdcChannelsId}: + parameters: *ref_1 get: description: >- - Lists all sfdc channels that match the filter. Restrict to sfdc channels - belonging to the current client only. - operationId: integrations.projects.locations.sfdcInstances.sfdcChannels.list + Gets an sfdc channel. If the channel doesn't exist, Code.NOT_FOUND + exception will be thrown. + operationId: integrations.projects.locations.sfdcInstances.sfdcChannels.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16572,8 +16628,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListSfdcChannelsResponse + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' parameters: - in: path name: projectsId @@ -16590,26 +16645,47 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: sfdcChannelsId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + delete: + description: Deletes an sfdc channel. + operationId: integrations.projects.locations.sfdcInstances.sfdcChannels.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true schema: type: string - - in: query - name: filter + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: readMask + - in: path + name: sfdcInstancesId + required: true + schema: + type: string + - in: path + name: sfdcChannelsId + required: true schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/sfdcInstances/{sfdcInstancesId}/sfdcChannels/{sfdcChannelsId}: - parameters: *ref_1 patch: description: >- Updates an sfdc channel. Updates the sfdc channel in spanner. Returns @@ -16658,9 +16734,18 @@ paths: schema: type: string format: google-fieldmask - delete: - description: Deletes an sfdc channel. - operationId: integrations.projects.locations.sfdcInstances.sfdcChannels.delete + /v1/projects/{projectsId}/locations/{locationsId}/sfdcInstances/{sfdcInstancesId}/sfdcChannels: + parameters: *ref_1 + post: + description: >- + Creates an sfdc channel record. Store the sfdc channel in Spanner. + Returns the sfdc channel. + operationId: integrations.projects.locations.sfdcInstances.sfdcChannels.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16672,7 +16757,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' parameters: - in: path name: projectsId @@ -16689,16 +16774,72 @@ paths: required: true schema: type: string + get: + description: >- + Lists all sfdc channels that match the filter. Restrict to sfdc channels + belonging to the current client only. + operationId: integrations.projects.locations.sfdcInstances.sfdcChannels.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaListSfdcChannelsResponse + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: sfdcChannelsId + name: locationsId required: true schema: type: string - get: + - in: path + name: sfdcInstancesId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/templates/{templatesId}:use: + parameters: *ref_1 + post: description: >- - Gets an sfdc channel. If the channel doesn't exist, Code.NOT_FOUND - exception will be thrown. - operationId: integrations.projects.locations.sfdcInstances.sfdcChannels.get + Use the template to create integration. This api would keep track of + usage_count and last_used_time. PERMISSION_DENIED would be thrown if + template is not accessible by client. + operationId: integrations.projects.locations.templates.use + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaUseTemplateRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16710,7 +16851,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaSfdcChannel' + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaUseTemplateResponse parameters: - in: path name: projectsId @@ -16723,20 +16865,60 @@ paths: schema: type: string - in: path - name: sfdcInstancesId + name: templatesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/templates/{templatesId}:import: + parameters: *ref_1 + post: + description: >- + Import the template to an existing integration. This api would keep + track of usage_count and last_used_time. PERMISSION_DENIED would be + thrown if template is not accessible by client. + operationId: integrations.projects.locations.templates.import + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaImportTemplateRequest + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudIntegrationsV1alphaImportTemplateResponse + parameters: + - in: path + name: projectsId required: true schema: type: string - in: path - name: sfdcChannelsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/templates: + - in: path + name: templatesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/templates:search: parameters: *ref_1 get: - description: Lists all templates matching the filter. - operationId: integrations.projects.locations.templates.list + description: >- + Search templates based on user query and filters. This api would query + the templates and return a list of templates based on the user filter. + operationId: integrations.projects.locations.templates.search security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16749,7 +16931,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaListTemplatesResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaSearchTemplatesResponse parameters: - in: path name: projectsId @@ -16761,21 +16943,25 @@ paths: required: true schema: type: string + - in: query + name: query + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: enableNaturalLanguageQueryUnderstanding schema: - type: string + type: boolean - in: query - name: filter + name: orderBy schema: type: string - in: query - name: orderBy + name: filter schema: type: string - in: query @@ -16783,9 +16969,15 @@ paths: schema: type: string format: google-fieldmask - post: - description: Creates a new template - operationId: integrations.projects.locations.templates.create + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/templates/{templatesId}: + parameters: *ref_1 + patch: + description: Updates the template by given id. + operationId: integrations.projects.locations.templates.patch requestBody: content: application/json: @@ -16814,47 +17006,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/templates/{templatesId}: - parameters: *ref_1 - get: - description: Get a template in the specified project. - operationId: integrations.projects.locations.templates.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTemplate' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - in: path - name: locationsId + name: templatesId required: true schema: type: string - - in: path - name: templatesId - required: true + - in: query + name: updateMask schema: type: string - patch: - description: Updates the template by given id. - operationId: integrations.projects.locations.templates.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTemplate' + format: google-fieldmask + delete: + description: Deletes a template + operationId: integrations.projects.locations.templates.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16866,7 +17030,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTemplate' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -16883,14 +17047,9 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a template - operationId: integrations.projects.locations.templates.delete + get: + description: Get a template in the specified project. + operationId: integrations.projects.locations.templates.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16902,7 +17061,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTemplate' parameters: - in: path name: projectsId @@ -16919,13 +17078,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/templates:search: + /v1/projects/{projectsId}/locations/{locationsId}/templates: parameters: *ref_1 get: - description: >- - Search templates based on user query and filters. This api would query - the templates and return a list of templates based on the user filter. - operationId: integrations.projects.locations.templates.search + description: Lists all templates matching the filter. + operationId: integrations.projects.locations.templates.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16938,7 +17095,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaSearchTemplatesResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaListTemplatesResponse parameters: - in: path name: projectsId @@ -16951,12 +17108,7 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: orderBy schema: type: string - in: query @@ -16964,7 +17116,7 @@ paths: schema: type: string - in: query - name: orderBy + name: pageToken schema: type: string - in: query @@ -16973,27 +17125,18 @@ paths: type: string format: google-fieldmask - in: query - name: query - schema: - type: string - - in: query - name: enableNaturalLanguageQueryUnderstanding + name: pageSize schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/templates/{templatesId}:use: - parameters: *ref_1 + type: integer + format: int32 post: - description: >- - Use the template to create integration. This api would keep track of - usage_count and last_used_time. PERMISSION_DENIED would be thrown if - template is not accessible by client. - operationId: integrations.projects.locations.templates.use + description: Creates a new template + operationId: integrations.projects.locations.templates.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaUseTemplateRequest + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTemplate' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17005,8 +17148,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaUseTemplateResponse + $ref: '#/components/schemas/GoogleCloudIntegrationsV1alphaTemplate' parameters: - in: path name: projectsId @@ -17018,25 +17160,13 @@ paths: required: true schema: type: string - - in: path - name: templatesId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/templates/{templatesId}:import: + /v1/projects/{projectsId}/locations/{locationsId}/templates/{templatesId}:download: parameters: *ref_1 - post: + get: description: >- - Import the template to an existing integration. This api would keep - track of usage_count and last_used_time. PERMISSION_DENIED would be - thrown if template is not accessible by client. - operationId: integrations.projects.locations.templates.import - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaImportTemplateRequest + Downloads a template. Retrieves the `Template` and returns the response + as a string. + operationId: integrations.projects.locations.templates.download security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17049,7 +17179,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaImportTemplateResponse + #/components/schemas/GoogleCloudIntegrationsV1alphaDownloadTemplateResponse parameters: - in: path name: projectsId @@ -17066,20 +17196,25 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/templates/{templatesId}:share: + - in: query + name: fileFormat + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/templates/{templatesId}:unshare: parameters: *ref_1 post: description: >- - Share a template with other clients. Only the template owner can share - the templates with other projects. PERMISSION_DENIED would be thrown if - the request is not from the owner. - operationId: integrations.projects.locations.templates.share + Unshare a template from given clients. Owner of the template can unshare + template with clients. Shared client can only unshare the template from + itself. PERMISSION_DENIED would be thrown if request is not from owner + or for unsharing itself. + operationId: integrations.projects.locations.templates.unshare requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaShareTemplateRequest + #/components/schemas/GoogleCloudIntegrationsV1alphaUnshareTemplateRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17108,21 +17243,20 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/templates/{templatesId}:unshare: + /v1/projects/{projectsId}/locations/{locationsId}/templates/{templatesId}:share: parameters: *ref_1 post: description: >- - Unshare a template from given clients. Owner of the template can unshare - template with clients. Shared client can only unshare the template from - itself. PERMISSION_DENIED would be thrown if request is not from owner - or for unsharing itself. - operationId: integrations.projects.locations.templates.unshare + Share a template with other clients. Only the template owner can share + the templates with other projects. PERMISSION_DENIED would be thrown if + the request is not from the owner. + operationId: integrations.projects.locations.templates.share requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaUnshareTemplateRequest + #/components/schemas/GoogleCloudIntegrationsV1alphaShareTemplateRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17190,46 +17324,6 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/templates/{templatesId}:download: - parameters: *ref_1 - get: - description: >- - Downloads a template. Retrieves the `Template` and returns the response - as a string. - operationId: integrations.projects.locations.templates.download - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaDownloadTemplateResponse - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: templatesId - required: true - schema: - type: string - - in: query - name: fileFormat - schema: - type: string /v1/connectorPlatformRegions:enumerate: parameters: *ref_1 get: @@ -17249,45 +17343,3 @@ paths: $ref: >- #/components/schemas/GoogleCloudIntegrationsV1alphaEnumerateConnectorPlatformRegionsResponse parameters: [] - /v1/callback:generateToken: - parameters: *ref_1 - get: - description: >- - Receives the auth code and auth config id to combine that with the - client id and secret to retrieve access tokens from the token endpoint. - Returns either a success or error message when it's done. - operationId: integrations.callback.generateToken - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudIntegrationsV1alphaGenerateTokenResponse - parameters: - - in: query - name: state - schema: - type: string - - in: query - name: code - schema: - type: string - - in: query - name: gcpProjectId - schema: - type: string - - in: query - name: redirectUri - schema: - type: string - - in: query - name: product - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/jobs.yaml b/providers/src/googleapis.com/v00.00.00000/services/jobs.yaml index 962c212e..9a94c7f7 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/jobs.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/jobs.yaml @@ -9,8 +9,8 @@ info: Cloud Talent Solution provides the capability to create, read, update, and delete job postings, as well as search jobs based on keywords and filters. version: v4 - x-discovery-doc-revision: '20250326' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251014' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/talent-solution/job-search/docs/ servers: @@ -296,10 +296,10 @@ components: PostalAddress: id: PostalAddress description: >- - Represents a postal address (for example, for postal delivery or - payments addresses). Given a postal address, a postal service can - deliver items to a premise, P.O. box or similar. It is not intended to - model geographical locations (roads, towns, mountains). In typical + Represents a postal address, such as for postal delivery or payments + addresses. With a postal address, a postal service can deliver items to + a premise, P.O. box, or similar. A postal address is not intended to + model geographical locations like roads, towns, or mountains. In typical usage, an address would be created by user input or from importing existing data, depending on the type of process. Advice on address input or editing: - Use an internationalization-ready address widget such as diff --git a/providers/src/googleapis.com/v00.00.00000/services/kmsinventory.yaml b/providers/src/googleapis.com/v00.00.00000/services/kmsinventory.yaml index b1ea6224..da47200b 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/kmsinventory.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/kmsinventory.yaml @@ -7,8 +7,8 @@ info: title: KMS Inventory API description: '' version: v1 - x-discovery-doc-revision: '20250824' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251207' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/kms/ servers: @@ -36,45 +36,43 @@ components: schemas: GoogleCloudKmsInventoryV1ListCryptoKeysResponse: id: GoogleCloudKmsInventoryV1ListCryptoKeysResponse - description: Response message for KeyDashboardService.ListCryptoKeys. - type: object properties: cryptoKeys: - description: The list of CryptoKeys. type: array + description: The list of CryptoKeys. items: $ref: '#/components/schemas/GoogleCloudKmsV1CryptoKey' nextPageToken: + type: string description: >- The page token returned from the previous response if the next page is desired. - type: string + description: Response message for KeyDashboardService.ListCryptoKeys. + type: object GoogleCloudKmsV1CryptoKey: - id: GoogleCloudKmsV1CryptoKey description: >- A CryptoKey represents a logical key that can be used for cryptographic operations. A CryptoKey is made up of zero or more versions, which represent the actual key material used in cryptographic operations. - type: object + id: GoogleCloudKmsV1CryptoKey properties: name: + type: string description: >- Output only. The resource name for this CryptoKey in the format `projects/*/locations/*/keyRings/*/cryptoKeys/*`. readOnly: true - type: string - primary: - description: >- - Output only. A copy of the "primary" CryptoKeyVersion that will be - used by Encrypt when this CryptoKey is given in EncryptRequest.name. - The CryptoKey's primary version can be updated via - UpdateCryptoKeyPrimaryVersion. Keys with purpose ENCRYPT_DECRYPT may - have a primary. For other keys, this field will be omitted. - readOnly: true - $ref: '#/components/schemas/GoogleCloudKmsV1CryptoKeyVersion' purpose: - description: Immutable. The immutable purpose of this CryptoKey. type: string + enum: + - CRYPTO_KEY_PURPOSE_UNSPECIFIED + - ENCRYPT_DECRYPT + - ASYMMETRIC_SIGN + - ASYMMETRIC_DECRYPT + - RAW_ENCRYPT_DECRYPT + - MAC + - KEY_ENCAPSULATION + description: Immutable. The immutable purpose of this CryptoKey. enumDescriptions: - Not specified. - CryptoKeys with this purpose may be used with Encrypt and Decrypt. @@ -93,72 +91,42 @@ components: - >- CryptoKeys with this purpose may be used with GetPublicKey and Decapsulate. - enum: - - CRYPTO_KEY_PURPOSE_UNSPECIFIED - - ENCRYPT_DECRYPT - - ASYMMETRIC_SIGN - - ASYMMETRIC_DECRYPT - - RAW_ENCRYPT_DECRYPT - - MAC - - KEY_ENCAPSULATION - createTime: - description: Output only. The time at which this CryptoKey was created. - readOnly: true - type: string - format: google-datetime - nextRotationTime: - description: >- - At next_rotation_time, the Key Management Service will - automatically: 1. Create a new version of this CryptoKey. 2. Mark - the new version as primary. Key rotations performed manually via - CreateCryptoKeyVersion and UpdateCryptoKeyPrimaryVersion do not - affect next_rotation_time. Keys with purpose ENCRYPT_DECRYPT support - automatic rotation. For other keys, this field must be omitted. - type: string - format: google-datetime rotationPeriod: + type: string description: >- next_rotation_time will be advanced by this period when the service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours. If rotation_period is set, next_rotation_time must also be set. Keys with purpose ENCRYPT_DECRYPT support automatic rotation. For other keys, this field must be omitted. - type: string format: google-duration - versionTemplate: - description: >- - A template describing settings for new CryptoKeyVersion instances. - The properties of new CryptoKeyVersion instances created by either - CreateCryptoKeyVersion or auto-rotation are controlled by this - template. - $ref: '#/components/schemas/GoogleCloudKmsV1CryptoKeyVersionTemplate' - labels: + primary: + $ref: '#/components/schemas/GoogleCloudKmsV1CryptoKeyVersion' description: >- - Labels with user-defined metadata. For more information, see - [Labeling Keys](https://cloud.google.com/kms/docs/labeling-keys). - type: object - additionalProperties: - type: string - importOnly: - description: Immutable. Whether this key may contain imported versions only. - type: boolean + Output only. A copy of the "primary" CryptoKeyVersion that will be + used by Encrypt when this CryptoKey is given in EncryptRequest.name. + The CryptoKey's primary version can be updated via + UpdateCryptoKeyPrimaryVersion. Keys with purpose ENCRYPT_DECRYPT may + have a primary. For other keys, this field will be omitted. + readOnly: true destroyScheduledDuration: + type: string + format: google-duration description: >- Immutable. The period of time that versions of this key spend in the DESTROY_SCHEDULED state before transitioning to DESTROYED. If not specified at creation time, the default duration is 30 days. - type: string - format: google-duration - cryptoKeyBackend: + versionTemplate: + $ref: '#/components/schemas/GoogleCloudKmsV1CryptoKeyVersionTemplate' description: >- - Immutable. The resource name of the backend environment where the - key material for all CryptoKeyVersions associated with this - CryptoKey reside and where all related cryptographic operations are - performed. Only applicable if CryptoKeyVersions have a - ProtectionLevel of EXTERNAL_VPC, with the resource name in the - format `projects/*/locations/*/ekmConnections/*`. Note, this list is - non-exhaustive and may apply to additional ProtectionLevels in the - future. + A template describing settings for new CryptoKeyVersion instances. + The properties of new CryptoKeyVersion instances created by either + CreateCryptoKeyVersion or auto-rotation are controlled by this + template. + createTime: + format: google-datetime + description: Output only. The time at which this CryptoKey was created. + readOnly: true type: string keyAccessJustificationsPolicy: description: >- @@ -172,105 +140,108 @@ components: By default, this field is absent, and all justification codes are allowed. $ref: '#/components/schemas/GoogleCloudKmsV1KeyAccessJustificationsPolicy' - GoogleCloudKmsV1CryptoKeyVersion: - id: GoogleCloudKmsV1CryptoKeyVersion - description: >- - A CryptoKeyVersion represents an individual cryptographic key, and the - associated key material. An ENABLED version can be used for - cryptographic operations. For security reasons, the raw cryptographic - key material represented by a CryptoKeyVersion can never be viewed or - exported. It can only be used to encrypt, decrypt, or sign data when an - authorized user or application invokes Cloud KMS. - type: object - properties: - name: + importOnly: + description: Immutable. Whether this key may contain imported versions only. + type: boolean + labels: + type: object + additionalProperties: + type: string description: >- - Output only. The resource name for this CryptoKeyVersion in the - format - `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. - readOnly: true + Labels with user-defined metadata. For more information, see + [Labeling Keys](https://cloud.google.com/kms/docs/labeling-keys). + nextRotationTime: + description: >- + At next_rotation_time, the Key Management Service will + automatically: 1. Create a new version of this CryptoKey. 2. Mark + the new version as primary. Key rotations performed manually via + CreateCryptoKeyVersion and UpdateCryptoKeyPrimaryVersion do not + affect next_rotation_time. Keys with purpose ENCRYPT_DECRYPT support + automatic rotation. For other keys, this field must be omitted. type: string - state: - description: The current state of the CryptoKeyVersion. + format: google-datetime + cryptoKeyBackend: + description: >- + Immutable. The resource name of the backend environment where the + key material for all CryptoKeyVersions associated with this + CryptoKey reside and where all related cryptographic operations are + performed. Only applicable if CryptoKeyVersions have a + ProtectionLevel of EXTERNAL_VPC, with the resource name in the + format `projects/*/locations/*/ekmConnections/*`. Only applicable if + CryptoKeyVersions have a ProtectionLevel of HSM_SINGLE_TENANT, with + the resource name in the format + `projects/*/locations/*/singleTenantHsmInstances/*`. Note, this list + is non-exhaustive and may apply to additional ProtectionLevels in + the future. type: string + type: object + GoogleCloudKmsV1KeyOperationAttestation: + type: object + properties: + format: + enum: + - ATTESTATION_FORMAT_UNSPECIFIED + - CAVIUM_V1_COMPRESSED + - CAVIUM_V2_COMPRESSED enumDescriptions: - Not specified. - >- - This version is still being generated. It may not be used, - enabled, disabled, or destroyed yet. Cloud KMS will automatically - mark this version ENABLED as soon as the version is ready. - - This version may be used for cryptographic operations. - - >- - This version may not be used, but the key material is still - available, and the version can be placed back into the ENABLED - state. - - >- - The key material of this version is destroyed and no longer - stored. This version may only become ENABLED again if this version - is reimport_eligible and the original key material is reimported - with a call to KeyManagementService.ImportCryptoKeyVersion. - - >- - This version is scheduled for destruction, and will be destroyed - soon. Call RestoreCryptoKeyVersion to put it back into the - DISABLED state. - - >- - This version is still being imported. It may not be used, enabled, - disabled, or destroyed yet. Cloud KMS will automatically mark this - version ENABLED as soon as the version is ready. - - >- - This version was not imported successfully. It may not be used, - enabled, disabled, or destroyed. The submitted key material has - been discarded. Additional details can be found in - CryptoKeyVersion.import_failure_reason. - - >- - This version was not generated successfully. It may not be used, - enabled, disabled, or destroyed. Additional details can be found - in CryptoKeyVersion.generation_failure_reason. - - >- - This version was destroyed, and it may not be used or enabled - again. Cloud KMS is waiting for the corresponding key material - residing in an external key manager to be destroyed. + Cavium HSM attestation compressed with gzip. Note that this format + is defined by Cavium and subject to change at any time. See + https://www.marvell.com/products/security-solutions/nitrox-hs-adapters/software-key-attestation.html. - >- - This version was destroyed, and it may not be used or enabled - again. However, Cloud KMS could not confirm that the corresponding - key material residing in an external key manager was destroyed. - Additional details can be found in - CryptoKeyVersion.external_destruction_failure_reason. - enum: - - CRYPTO_KEY_VERSION_STATE_UNSPECIFIED - - PENDING_GENERATION - - ENABLED - - DISABLED - - DESTROYED - - DESTROY_SCHEDULED - - PENDING_IMPORT - - IMPORT_FAILED - - GENERATION_FAILED - - PENDING_EXTERNAL_DESTRUCTION - - EXTERNAL_DESTRUCTION_FAILED - protectionLevel: - description: >- - Output only. The ProtectionLevel describing how crypto operations - are performed with this CryptoKeyVersion. + Cavium HSM attestation V2 compressed with gzip. This is a new + format introduced in Cavium's version 3.2-08. + type: string + readOnly: true + description: Output only. The format of the attestation data. + certChains: readOnly: true + $ref: >- + #/components/schemas/GoogleCloudKmsV1KeyOperationAttestationCertificateChains + description: >- + Output only. The certificate chains needed to validate the + attestation + content: type: string + format: byte + readOnly: true + description: >- + Output only. The attestation data provided by the HSM when the key + operation was performed. + description: >- + Contains an HSM-generated attestation about a key operation. For more + information, see [Verifying attestations] + (https://cloud.google.com/kms/docs/attest-key). + id: GoogleCloudKmsV1KeyOperationAttestation + GoogleCloudKmsV1CryptoKeyVersionTemplate: + type: object + description: >- + A CryptoKeyVersionTemplate specifies the properties to use when creating + a new CryptoKeyVersion, either manually with CreateCryptoKeyVersion or + automatically as a result of auto-rotation. + id: GoogleCloudKmsV1CryptoKeyVersionTemplate + properties: + protectionLevel: enumDescriptions: - Not specified. - Crypto operations are performed in software. - Crypto operations are performed in a Hardware Security Module. - Crypto operations are performed by an external key manager. - Crypto operations are performed in an EKM-over-VPC backend. + - Crypto operations are performed in a single-tenant HSM. enum: - PROTECTION_LEVEL_UNSPECIFIED - SOFTWARE - HSM - EXTERNAL - EXTERNAL_VPC - algorithm: + - HSM_SINGLE_TENANT + type: string description: >- - Output only. The CryptoKeyVersionAlgorithm that this - CryptoKeyVersion supports. - readOnly: true + ProtectionLevel to use when creating a CryptoKeyVersion based on + this template. Immutable. Defaults to SOFTWARE. + algorithm: type: string enumDescriptions: - Not specified. @@ -326,9 +297,15 @@ components: - >- X-Wing hybrid KEM combining ML-KEM-768 with X25519 following datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 1. Randomized version. - >- The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 3. Randomized version. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 5. Randomized version. - >- The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized version. @@ -336,7 +313,19 @@ components: The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized pre-hash version supporting SHA256 digests. - enum: + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 1. Randomized version supporting + externally-computed message representatives. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 3. Randomized version supporting + externally-computed message representatives. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 5. Randomized version supporting + externally-computed message representatives. + enum: - CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED - GOOGLE_SYMMETRIC_ENCRYPTION - AES_128_GCM @@ -376,202 +365,107 @@ components: - ML_KEM_768 - ML_KEM_1024 - KEM_XWING + - PQ_SIGN_ML_DSA_44 - PQ_SIGN_ML_DSA_65 + - PQ_SIGN_ML_DSA_87 - PQ_SIGN_SLH_DSA_SHA2_128S - PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256 - attestation: - description: >- - Output only. Statement that was generated and signed by the HSM at - key creation time. Use this statement to verify attributes of the - key as stored on the HSM, independently of Google. Only provided for - key versions with protection_level HSM. - readOnly: true - $ref: '#/components/schemas/GoogleCloudKmsV1KeyOperationAttestation' - createTime: - description: Output only. The time at which this CryptoKeyVersion was created. - readOnly: true - type: string - format: google-datetime - generateTime: - description: >- - Output only. The time this CryptoKeyVersion's key material was - generated. - readOnly: true - type: string - format: google-datetime - destroyTime: - description: >- - Output only. The time this CryptoKeyVersion's key material is - scheduled for destruction. Only present if state is - DESTROY_SCHEDULED. - readOnly: true - type: string - format: google-datetime - destroyEventTime: - description: >- - Output only. The time this CryptoKeyVersion's key material was - destroyed. Only present if state is DESTROYED. - readOnly: true - type: string - format: google-datetime - importJob: - description: >- - Output only. The name of the ImportJob used in the most recent - import of this CryptoKeyVersion. Only present if the underlying key - material was imported. - readOnly: true - type: string - importTime: + - PQ_SIGN_ML_DSA_44_EXTERNAL_MU + - PQ_SIGN_ML_DSA_65_EXTERNAL_MU + - PQ_SIGN_ML_DSA_87_EXTERNAL_MU description: >- - Output only. The time at which this CryptoKeyVersion's key material - was most recently imported. - readOnly: true - type: string - format: google-datetime - importFailureReason: + Required. Algorithm to use when creating a CryptoKeyVersion based on + this template. For backwards compatibility, + GOOGLE_SYMMETRIC_ENCRYPTION is implied if both this field is omitted + and CryptoKey.purpose is ENCRYPT_DECRYPT. + GoogleCloudKmsInventoryV1ProtectedResourcesSummary: + properties: + resourceTypes: + additionalProperties: + type: string + format: int64 + type: object description: >- - Output only. The root cause of the most recent import failure. Only - present if state is IMPORT_FAILED. - readOnly: true + The number of resources protected by the key grouped by resource + type. + locations: + description: The number of resources protected by the key grouped by region. + type: object + additionalProperties: + type: string + format: int64 + name: type: string - generationFailureReason: description: >- - Output only. The root cause of the most recent generation failure. - Only present if state is GENERATION_FAILED. - readOnly: true - type: string - externalDestructionFailureReason: + The full name of the ProtectedResourcesSummary resource. Example: + projects/test-project/locations/us/keyRings/test-keyring/cryptoKeys/test-key/protectedResourcesSummary + cloudProducts: + additionalProperties: + type: string + format: int64 description: >- - Output only. The root cause of the most recent external destruction - failure. Only present if state is EXTERNAL_DESTRUCTION_FAILED. - readOnly: true + The number of resources protected by the key grouped by Cloud + product. + type: object + resourceCount: + format: int64 type: string - externalProtectionLevelOptions: description: >- - ExternalProtectionLevelOptions stores a group of additional fields - for configuring a CryptoKeyVersion that are specific to the EXTERNAL - protection level and EXTERNAL_VPC protection levels. - $ref: '#/components/schemas/GoogleCloudKmsV1ExternalProtectionLevelOptions' - reimportEligible: + The total number of protected resources in the same Cloud + organization as the key. + projectCount: description: >- - Output only. Whether or not this key version is eligible for - reimport, by being specified as a target in - ImportCryptoKeyVersionRequest.crypto_key_version. - readOnly: true - type: boolean - GoogleCloudKmsV1KeyOperationAttestation: - id: GoogleCloudKmsV1KeyOperationAttestation + The number of distinct Cloud projects in the same Cloud organization + as the key that have resources protected by the key. + type: integer + format: int32 + id: GoogleCloudKmsInventoryV1ProtectedResourcesSummary description: >- - Contains an HSM-generated attestation about a key operation. For more - information, see [Verifying attestations] - (https://cloud.google.com/kms/docs/attest-key). + Aggregate information about the resources protected by a Cloud KMS key + in the same Cloud organization as the key. type: object + GoogleCloudKmsV1CryptoKeyVersion: properties: - format: - description: Output only. The format of the attestation data. - readOnly: true - type: string - enumDescriptions: - - Not specified. - - >- - Cavium HSM attestation compressed with gzip. Note that this format - is defined by Cavium and subject to change at any time. See - https://www.marvell.com/products/security-solutions/nitrox-hs-adapters/software-key-attestation.html. - - >- - Cavium HSM attestation V2 compressed with gzip. This is a new - format introduced in Cavium's version 3.2-08. - enum: - - ATTESTATION_FORMAT_UNSPECIFIED - - CAVIUM_V1_COMPRESSED - - CAVIUM_V2_COMPRESSED - content: + importJob: description: >- - Output only. The attestation data provided by the HSM when the key - operation was performed. - readOnly: true + Output only. The name of the ImportJob used in the most recent + import of this CryptoKeyVersion. Only present if the underlying key + material was imported. type: string - format: byte - certChains: - description: >- - Output only. The certificate chains needed to validate the - attestation readOnly: true - $ref: >- - #/components/schemas/GoogleCloudKmsV1KeyOperationAttestationCertificateChains - GoogleCloudKmsV1KeyOperationAttestationCertificateChains: - id: GoogleCloudKmsV1KeyOperationAttestationCertificateChains - description: >- - Certificate chains needed to verify the attestation. Certificates in - chains are PEM-encoded and are ordered based on - https://tools.ietf.org/html/rfc5246#section-7.4.2. - type: object - properties: - caviumCerts: - description: Cavium certificate chain corresponding to the attestation. - type: array - items: - type: string - googleCardCerts: - description: Google card certificate chain corresponding to the attestation. - type: array - items: - type: string - googlePartitionCerts: - description: Google partition certificate chain corresponding to the attestation. - type: array - items: - type: string - GoogleCloudKmsV1ExternalProtectionLevelOptions: - id: GoogleCloudKmsV1ExternalProtectionLevelOptions - description: >- - ExternalProtectionLevelOptions stores a group of additional fields for - configuring a CryptoKeyVersion that are specific to the EXTERNAL - protection level and EXTERNAL_VPC protection levels. - type: object - properties: - externalKeyUri: - description: >- - The URI for an external resource that this CryptoKeyVersion - represents. - type: string - ekmConnectionKeyPath: - description: >- - The path to the external key material on the EKM when using - EkmConnection e.g., "v0/my/key". Set this field instead of - external_key_uri when using an EkmConnection. + createTime: + readOnly: true + description: Output only. The time at which this CryptoKeyVersion was created. + format: google-datetime type: string - GoogleCloudKmsV1CryptoKeyVersionTemplate: - id: GoogleCloudKmsV1CryptoKeyVersionTemplate - description: >- - A CryptoKeyVersionTemplate specifies the properties to use when creating - a new CryptoKeyVersion, either manually with CreateCryptoKeyVersion or - automatically as a result of auto-rotation. - type: object - properties: protectionLevel: - description: >- - ProtectionLevel to use when creating a CryptoKeyVersion based on - this template. Immutable. Defaults to SOFTWARE. - type: string - enumDescriptions: - - Not specified. - - Crypto operations are performed in software. - - Crypto operations are performed in a Hardware Security Module. - - Crypto operations are performed by an external key manager. - - Crypto operations are performed in an EKM-over-VPC backend. enum: - PROTECTION_LEVEL_UNSPECIFIED - SOFTWARE - HSM - EXTERNAL - EXTERNAL_VPC - algorithm: + - HSM_SINGLE_TENANT + enumDescriptions: + - Not specified. + - Crypto operations are performed in software. + - Crypto operations are performed in a Hardware Security Module. + - Crypto operations are performed by an external key manager. + - Crypto operations are performed in an EKM-over-VPC backend. + - Crypto operations are performed in a single-tenant HSM. + readOnly: true description: >- - Required. Algorithm to use when creating a CryptoKeyVersion based on - this template. For backwards compatibility, - GOOGLE_SYMMETRIC_ENCRYPTION is implied if both this field is omitted - and CryptoKey.purpose is ENCRYPT_DECRYPT. + Output only. The ProtectionLevel describing how crypto operations + are performed with this CryptoKeyVersion. + type: string + destroyEventTime: + readOnly: true + description: >- + Output only. The time this CryptoKeyVersion's key material was + destroyed. Only present if state is DESTROYED. + format: google-datetime type: string + algorithm: enumDescriptions: - Not specified. - Creates symmetric encryption keys. @@ -626,9 +520,15 @@ components: - >- X-Wing hybrid KEM combining ML-KEM-768 with X25519 following datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 1. Randomized version. - >- The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 3. Randomized version. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 5. Randomized version. - >- The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized version. @@ -636,6 +536,20 @@ components: The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized pre-hash version supporting SHA256 digests. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 1. Randomized version supporting + externally-computed message representatives. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 3. Randomized version supporting + externally-computed message representatives. + - >- + The post-quantum Module-Lattice-Based Digital Signature Algorithm, + at security level 5. Randomized version supporting + externally-computed message representatives. + readOnly: true + type: string enum: - CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED - GOOGLE_SYMMETRIC_ENCRYPTION @@ -676,25 +590,197 @@ components: - ML_KEM_768 - ML_KEM_1024 - KEM_XWING + - PQ_SIGN_ML_DSA_44 - PQ_SIGN_ML_DSA_65 + - PQ_SIGN_ML_DSA_87 - PQ_SIGN_SLH_DSA_SHA2_128S - PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256 + - PQ_SIGN_ML_DSA_44_EXTERNAL_MU + - PQ_SIGN_ML_DSA_65_EXTERNAL_MU + - PQ_SIGN_ML_DSA_87_EXTERNAL_MU + description: >- + Output only. The CryptoKeyVersionAlgorithm that this + CryptoKeyVersion supports. + state: + enumDescriptions: + - Not specified. + - >- + This version is still being generated. It may not be used, + enabled, disabled, or destroyed yet. Cloud KMS will automatically + mark this version ENABLED as soon as the version is ready. + - This version may be used for cryptographic operations. + - >- + This version may not be used, but the key material is still + available, and the version can be placed back into the ENABLED + state. + - >- + The key material of this version is destroyed and no longer + stored. This version may only become ENABLED again if this version + is reimport_eligible and the original key material is reimported + with a call to KeyManagementService.ImportCryptoKeyVersion. + - >- + This version is scheduled for destruction, and will be destroyed + soon. Call RestoreCryptoKeyVersion to put it back into the + DISABLED state. + - >- + This version is still being imported. It may not be used, enabled, + disabled, or destroyed yet. Cloud KMS will automatically mark this + version ENABLED as soon as the version is ready. + - >- + This version was not imported successfully. It may not be used, + enabled, disabled, or destroyed. The submitted key material has + been discarded. Additional details can be found in + CryptoKeyVersion.import_failure_reason. + - >- + This version was not generated successfully. It may not be used, + enabled, disabled, or destroyed. Additional details can be found + in CryptoKeyVersion.generation_failure_reason. + - >- + This version was destroyed, and it may not be used or enabled + again. Cloud KMS is waiting for the corresponding key material + residing in an external key manager to be destroyed. + - >- + This version was destroyed, and it may not be used or enabled + again. However, Cloud KMS could not confirm that the corresponding + key material residing in an external key manager was destroyed. + Additional details can be found in + CryptoKeyVersion.external_destruction_failure_reason. + enum: + - CRYPTO_KEY_VERSION_STATE_UNSPECIFIED + - PENDING_GENERATION + - ENABLED + - DISABLED + - DESTROYED + - DESTROY_SCHEDULED + - PENDING_IMPORT + - IMPORT_FAILED + - GENERATION_FAILED + - PENDING_EXTERNAL_DESTRUCTION + - EXTERNAL_DESTRUCTION_FAILED + description: The current state of the CryptoKeyVersion. + type: string + externalDestructionFailureReason: + description: >- + Output only. The root cause of the most recent external destruction + failure. Only present if state is EXTERNAL_DESTRUCTION_FAILED. + type: string + readOnly: true + importFailureReason: + type: string + description: >- + Output only. The root cause of the most recent import failure. Only + present if state is IMPORT_FAILED. + readOnly: true + attestation: + description: >- + Output only. Statement that was generated and signed by the HSM at + key creation time. Use this statement to verify attributes of the + key as stored on the HSM, independently of Google. Only provided for + key versions with protection_level HSM. + readOnly: true + $ref: '#/components/schemas/GoogleCloudKmsV1KeyOperationAttestation' + generateTime: + format: google-datetime + type: string + readOnly: true + description: >- + Output only. The time this CryptoKeyVersion's key material was + generated. + generationFailureReason: + description: >- + Output only. The root cause of the most recent generation failure. + Only present if state is GENERATION_FAILED. + type: string + readOnly: true + reimportEligible: + description: >- + Output only. Whether or not this key version is eligible for + reimport, by being specified as a target in + ImportCryptoKeyVersionRequest.crypto_key_version. + readOnly: true + type: boolean + importTime: + readOnly: true + type: string + description: >- + Output only. The time at which this CryptoKeyVersion's key material + was most recently imported. + format: google-datetime + name: + type: string + description: >- + Output only. The resource name for this CryptoKeyVersion in the + format + `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. + readOnly: true + destroyTime: + readOnly: true + type: string + format: google-datetime + description: >- + Output only. The time this CryptoKeyVersion's key material is + scheduled for destruction. Only present if state is + DESTROY_SCHEDULED. + externalProtectionLevelOptions: + description: >- + ExternalProtectionLevelOptions stores a group of additional fields + for configuring a CryptoKeyVersion that are specific to the EXTERNAL + protection level and EXTERNAL_VPC protection levels. + $ref: '#/components/schemas/GoogleCloudKmsV1ExternalProtectionLevelOptions' + type: object + description: >- + A CryptoKeyVersion represents an individual cryptographic key, and the + associated key material. An ENABLED version can be used for + cryptographic operations. For security reasons, the raw cryptographic + key material represented by a CryptoKeyVersion can never be viewed or + exported. It can only be used to encrypt, decrypt, or sign data when an + authorized user or application invokes Cloud KMS. + id: GoogleCloudKmsV1CryptoKeyVersion + GoogleCloudKmsV1KeyOperationAttestationCertificateChains: + description: >- + Certificate chains needed to verify the attestation. Certificates in + chains are PEM-encoded and are ordered based on + https://tools.ietf.org/html/rfc5246#section-7.4.2. + id: GoogleCloudKmsV1KeyOperationAttestationCertificateChains + type: object + properties: + googleCardCerts: + type: array + items: + type: string + description: Google card certificate chain corresponding to the attestation. + googlePartitionCerts: + type: array + items: + type: string + description: Google partition certificate chain corresponding to the attestation. + caviumCerts: + items: + type: string + type: array + description: Cavium certificate chain corresponding to the attestation. GoogleCloudKmsV1KeyAccessJustificationsPolicy: - id: GoogleCloudKmsV1KeyAccessJustificationsPolicy description: >- A KeyAccessJustificationsPolicy specifies zero or more allowed AccessReason values for encrypt, decrypt, and sign operations on a CryptoKey. - type: object properties: allowedAccessReasons: - description: >- - The list of allowed reasons for access to a CryptoKey. Zero allowed - access reasons means all encrypt, decrypt, and sign operations for - the CryptoKey associated with this policy will fail. - type: array items: type: string + enum: + - REASON_UNSPECIFIED + - CUSTOMER_INITIATED_SUPPORT + - GOOGLE_INITIATED_SERVICE + - THIRD_PARTY_DATA_REQUEST + - GOOGLE_INITIATED_REVIEW + - CUSTOMER_INITIATED_ACCESS + - GOOGLE_INITIATED_SYSTEM_OPERATION + - REASON_NOT_EXPECTED + - MODIFIED_CUSTOMER_INITIATED_ACCESS + - MODIFIED_GOOGLE_INITIATED_SYSTEM_OPERATION + - GOOGLE_RESPONSE_TO_PRODUCTION_ALERT + - CUSTOMER_AUTHORIZED_WORKFLOW_SERVICING enumDescriptions: - Unspecified access reason. - Customer-initiated support. @@ -742,69 +828,14 @@ components: Google system operates on encrypted customer data which your IAM policy authorizes. * Customer-initiated Google support access. * Google-initiated support access to protect system reliability. - enum: - - REASON_UNSPECIFIED - - CUSTOMER_INITIATED_SUPPORT - - GOOGLE_INITIATED_SERVICE - - THIRD_PARTY_DATA_REQUEST - - GOOGLE_INITIATED_REVIEW - - CUSTOMER_INITIATED_ACCESS - - GOOGLE_INITIATED_SYSTEM_OPERATION - - REASON_NOT_EXPECTED - - MODIFIED_CUSTOMER_INITIATED_ACCESS - - MODIFIED_GOOGLE_INITIATED_SYSTEM_OPERATION - - GOOGLE_RESPONSE_TO_PRODUCTION_ALERT - - CUSTOMER_AUTHORIZED_WORKFLOW_SERVICING - GoogleCloudKmsInventoryV1ProtectedResourcesSummary: - id: GoogleCloudKmsInventoryV1ProtectedResourcesSummary - description: >- - Aggregate information about the resources protected by a Cloud KMS key - in the same Cloud organization as the key. - type: object - properties: - name: - description: >- - The full name of the ProtectedResourcesSummary resource. Example: - projects/test-project/locations/us/keyRings/test-keyring/cryptoKeys/test-key/protectedResourcesSummary - type: string - resourceCount: - description: >- - The total number of protected resources in the same Cloud - organization as the key. - type: string - format: int64 - projectCount: - description: >- - The number of distinct Cloud projects in the same Cloud organization - as the key that have resources protected by the key. - type: integer - format: int32 - resourceTypes: - description: >- - The number of resources protected by the key grouped by resource - type. - type: object - additionalProperties: - type: string - format: int64 - cloudProducts: description: >- - The number of resources protected by the key grouped by Cloud - product. - type: object - additionalProperties: - type: string - format: int64 - locations: - description: The number of resources protected by the key grouped by region. - type: object - additionalProperties: - type: string - format: int64 - GoogleCloudKmsInventoryV1SearchProtectedResourcesResponse: - id: GoogleCloudKmsInventoryV1SearchProtectedResourcesResponse - description: Response message for KeyTrackingService.SearchProtectedResources. + The list of allowed reasons for access to a CryptoKey. Zero allowed + access reasons means all encrypt, decrypt, and sign operations for + the CryptoKey associated with this policy will fail. + type: array + id: GoogleCloudKmsV1KeyAccessJustificationsPolicy type: object + GoogleCloudKmsInventoryV1SearchProtectedResourcesResponse: properties: protectedResources: description: Protected resources for this page. @@ -816,39 +847,46 @@ components: A token that can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. type: string - GoogleCloudKmsInventoryV1ProtectedResource: - id: GoogleCloudKmsInventoryV1ProtectedResource - description: Metadata about a resource protected by a Cloud KMS key. + description: Response message for KeyTrackingService.SearchProtectedResources. type: object + id: GoogleCloudKmsInventoryV1SearchProtectedResourcesResponse + GoogleCloudKmsV1ExternalProtectionLevelOptions: + id: GoogleCloudKmsV1ExternalProtectionLevelOptions + description: >- + ExternalProtectionLevelOptions stores a group of additional fields for + configuring a CryptoKeyVersion that are specific to the EXTERNAL + protection level and EXTERNAL_VPC protection levels. properties: - name: - description: >- - The full resource name of the resource. Example: - `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. - type: string - project: - description: 'Format: `projects/{PROJECT_NUMBER}`.' - type: string - projectId: - description: The ID of the project that owns the resource. - type: string - cloudProduct: - description: 'The Cloud product that owns the resource. Example: `compute`' + externalKeyUri: type: string - resourceType: - description: 'Example: `compute.googleapis.com/Disk`' + description: >- + The URI for an external resource that this CryptoKeyVersion + represents. + ekmConnectionKeyPath: type: string - location: description: >- - Location can be `global`, regional like `us-east1`, or zonal like - `us-west1-b`. + The path to the external key material on the EKM when using + EkmConnection e.g., "v0/my/key". Set this field instead of + external_key_uri when using an EkmConnection. + type: object + GoogleCloudKmsInventoryV1ProtectedResource: + properties: + project: type: string - labels: - description: A key-value pair of the resource's labels (v1) to their values. - type: object - additionalProperties: + description: 'Format: `projects/{PROJECT_NUMBER}`.' + cryptoKeyVersions: + items: type: string + type: array + description: >- + The names of the Cloud KMS + [CryptoKeyVersion](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions?hl=en) + used to protect this resource via CMEK. This field is empty if the + Google Cloud product owning the resource does not provide key + versions data to Asset Inventory. The first element of this field is + stored in crypto_key_version. cryptoKeyVersion: + type: string description: >- The name of the Cloud KMS [CryptoKeyVersion](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions?hl=en) @@ -857,46 +895,60 @@ components: version data to Asset Inventory. If there are multiple key versions protecting the resource, then this is same value as the first element of crypto_key_versions. + resourceType: type: string - cryptoKeyVersions: + description: 'Example: `compute.googleapis.com/Disk`' + name: description: >- - The names of the Cloud KMS - [CryptoKeyVersion](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions?hl=en) - used to protect this resource via CMEK. This field is empty if the - Google Cloud product owning the resource does not provide key - versions data to Asset Inventory. The first element of this field is - stored in crypto_key_version. - type: array - items: + The full resource name of the resource. Example: + `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. + type: string + labels: + additionalProperties: type: string + type: object + description: A key-value pair of the resource's labels (v1) to their values. + location: + description: >- + Location can be `global`, regional like `us-east1`, or zonal like + `us-west1-b`. + type: string + cloudProduct: + description: 'The Cloud product that owns the resource. Example: `compute`' + type: string + projectId: + description: The ID of the project that owns the resource. + type: string createTime: + readOnly: true + type: string description: >- Output only. The time at which this resource was created. The granularity is in seconds. Timestamp.nanos will always be 0. - readOnly: true - type: string format: google-datetime + id: GoogleCloudKmsInventoryV1ProtectedResource + type: object + description: Metadata about a resource protected by a Cloud KMS key. parameters: - access_token: - description: OAuth access token. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: access_token + name: prettyPrint schema: - type: string - alt: - description: Data format for response. + type: boolean + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: alt + name: quotaUser schema: type: string - enum: - - json - - media - - proto - callback: - description: JSONP + access_token: + description: OAuth access token. in: query - name: callback + name: access_token schema: type: string fields: @@ -905,73 +957,73 @@ components: name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: key + name: upload_protocol schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + _.xgafv: + description: V1 error format. in: query - name: oauth_token + name: $.xgafv schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + enum: + - '1' + - '2' + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: prettyPrint + name: uploadType schema: - type: boolean - quotaUser: + type: string + key: description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: quotaUser + name: key schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + callback: + description: JSONP in: query - name: upload_protocol + name: callback schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: uploadType + name: oauth_token schema: type: string - _.xgafv: - description: V1 error format. + alt: + description: Data format for response. in: query - name: $.xgafv + name: alt schema: type: string enum: - - '1' - - '2' + - json + - media + - proto x-stackQL-resources: - crypto_keys: - id: google.kmsinventory.crypto_keys - name: crypto_keys - title: Crypto_keys + protected_resources: + id: google.kmsinventory.protected_resources + name: protected_resources + title: Protected_resources methods: - list: + search: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1cryptoKeys/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1protectedResources:search/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.cryptoKeys sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/crypto_keys/methods/list' + select: [] insert: [] update: [] replace: [] @@ -996,44 +1048,44 @@ components: update: [] replace: [] delete: [] - protected_resources: - id: google.kmsinventory.protected_resources - name: protected_resources - title: Protected_resources + crypto_keys: + id: google.kmsinventory.crypto_keys + name: crypto_keys + title: Crypto_keys methods: - search: + list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1protectedResources:search/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1cryptoKeys/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.cryptoKeys sqlVerbs: - select: [] + select: + - $ref: '#/components/x-stackQL-resources/crypto_keys/methods/list' insert: [] update: [] replace: [] delete: [] paths: - /v1/projects/{projectsId}/cryptoKeys: + /v1/organizations/{organizationsId}/protectedResources:search: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/alt' get: description: >- - Returns cryptographic keys managed by Cloud KMS in a given Cloud - project. Note that this data is sourced from snapshots, meaning it may - not completely reflect the actual state of key metadata at call time. - operationId: kmsinventory.projects.cryptoKeys.list + Returns metadata about the resources protected by the given Cloud KMS + CryptoKey in the given Cloud organization. + operationId: kmsinventory.organizations.protectedResources.search security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1046,22 +1098,30 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudKmsInventoryV1ListCryptoKeysResponse + #/components/schemas/GoogleCloudKmsInventoryV1SearchProtectedResourcesResponse parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: query - name: pageSize + name: pageToken schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: cryptoKey schema: type: string + - in: query + name: resourceTypes + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 /v1/projects/{projectsId}/locations/{locationsId}/keyRings/{keyRingsId}/cryptoKeys/{cryptoKeysId}/protectedResourcesSummary: parameters: *ref_1 get: @@ -1106,13 +1166,14 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/protectedResources:search: + /v1/projects/{projectsId}/cryptoKeys: parameters: *ref_1 get: description: >- - Returns metadata about the resources protected by the given Cloud KMS - CryptoKey in the given Cloud organization. - operationId: kmsinventory.organizations.protectedResources.search + Returns cryptographic keys managed by Cloud KMS in a given Cloud + project. Note that this data is sourced from snapshots, meaning it may + not completely reflect the actual state of key metadata at call time. + operationId: kmsinventory.projects.cryptoKeys.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1125,15 +1186,15 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudKmsInventoryV1SearchProtectedResourcesResponse + #/components/schemas/GoogleCloudKmsInventoryV1ListCryptoKeysResponse parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: query - name: cryptoKey + name: pageToken schema: type: string - in: query @@ -1141,11 +1202,3 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: resourceTypes - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/language.yaml b/providers/src/googleapis.com/v00.00.00000/services/language.yaml index beee574b..18fd704a 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/language.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/language.yaml @@ -10,8 +10,8 @@ info: analysis, entity recognition, entity sentiment analysis, and other text annotations, to developers. version: v2 - x-discovery-doc-revision: '20250824' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251207' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/natural-language/ servers: @@ -25,12 +25,12 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 - https://www.googleapis.com/auth/cloud-language: >- - Apply machine learning models to reveal the structure and meaning - of text https://www.googleapis.com/auth/cloud-platform: >- See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account. + https://www.googleapis.com/auth/cloud-language: >- + Apply machine learning models to reveal the structure and meaning + of text Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -40,113 +40,107 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - AnalyzeSentimentRequest: - id: AnalyzeSentimentRequest - description: The sentiment analysis request message. - type: object - properties: - document: - description: Required. Input document. - $ref: '#/components/schemas/Document' - encodingType: - description: The encoding type used by the API to calculate sentence offsets. - type: string - enumDescriptions: - - >- - If `EncodingType` is not specified, encoding-dependent information - (such as `begin_offset`) will be set at `-1`. - - >- - Encoding-dependent information (such as `begin_offset`) is - calculated based on the UTF-8 encoding of the input. C++ and Go - are examples of languages that use this encoding natively. - - >- - Encoding-dependent information (such as `begin_offset`) is - calculated based on the UTF-16 encoding of the input. Java and - JavaScript are examples of languages that use this encoding - natively. - - >- - Encoding-dependent information (such as `begin_offset`) is - calculated based on the UTF-32 encoding of the input. Python is an - example of a language that uses this encoding natively. - enum: - - NONE - - UTF8 - - UTF16 - - UTF32 - Document: - id: Document - description: Represents the input to API methods. + XPSFloat64StatsHistogramBucket: + description: A bucket of a histogram. type: object + id: XPSFloat64StatsHistogramBucket properties: - type: - description: >- - Required. If the type is not set or is `TYPE_UNSPECIFIED`, returns - an `INVALID_ARGUMENT` error. - type: string - enumDescriptions: - - The content type is not specified. - - Plain text - - HTML - enum: - - TYPE_UNSPECIFIED - - PLAIN_TEXT - - HTML - content: - description: >- - The content of the input in string format. Cloud audit logging - exempt since it is based on user data. - type: string - gcsContentUri: + min: + description: The minimum value of the bucket, inclusive. + format: double + type: number + count: + format: int64 description: >- - The Google Cloud Storage URI where the file content is located. This - URI must be of the form: gs://bucket_name/object_name. For more - details, see https://cloud.google.com/storage/docs/reference-uris. - NOTE: Cloud Storage object versioning is not supported. + The number of data values that are in the bucket, i.e. are between + min and max values. type: string - languageCode: + max: + format: double description: >- - Optional. The language of the document (if not specified, the - language is automatically detected). Both ISO and BCP-47 language - codes are accepted. [Language - Support](https://cloud.google.com/natural-language/docs/languages) - lists currently supported languages for each API method. If the - language (either specified by the caller or automatically detected) - is not supported by the called API method, an `INVALID_ARGUMENT` - error is returned. + The maximum value of the bucket, exclusive unless max = + `"Infinity"`, in which case it's inclusive. + type: number + XPSResponseExplanationMetadataOutputMetadata: + properties: + outputTensorName: + description: Name of the output tensor. Only needed in train response. type: string - AnalyzeSentimentResponse: - id: AnalyzeSentimentResponse - description: The sentiment analysis response message. + description: Metadata of the prediction output to be explained. + id: XPSResponseExplanationMetadataOutputMetadata type: object + XPSPreprocessResponse: properties: - documentSentiment: - description: The overall sentiment of the input document. - $ref: '#/components/schemas/Sentiment' - languageCode: + tablesPreprocessResponse: + $ref: '#/components/schemas/XPSTablesPreprocessResponse' + translationPreprocessResp: + $ref: '#/components/schemas/XPSTranslationPreprocessResponse' + speechPreprocessResp: + $ref: '#/components/schemas/XPSSpeechPreprocessResponse' + outputExampleSet: description: >- - The language of the text, which will be the same as the language - specified in the request or, if not specified, the - automatically-detected language. See Document.language_code field - for more details. + Preprocessed examples, that are to be imported into AutoML storage. + This should point to RecordIO file(s) of PreprocessedExample + messages. The PreprocessedExample.mvp_training_data-s returned here + are later verbatim passed to Train() call in + TrainExample.mvp_training_data. + $ref: '#/components/schemas/XPSExampleSet' + id: XPSPreprocessResponse + type: object + XPSTablesClassificationMetricsCurveMetrics: + properties: + value: type: string - sentences: - description: The sentiment for all the sentences in the document. + description: >- + The CATEGORY row value (for ARRAY unnested) the curve metrics are + for. + aucRoc: + description: The area under receiver operating characteristic curve. + type: number + format: double + confidenceMetricsEntries: + description: >- + Metrics that have confidence thresholds. Precision-recall curve and + ROC curve can be derived from them. type: array items: - $ref: '#/components/schemas/Sentence' - languageSupported: + $ref: '#/components/schemas/XPSTablesConfidenceMetricsEntry' + logLoss: + format: double + type: number + description: The Log loss metric. + aucPr: + description: The area under the precision-recall curve. + format: double + type: number + positionThreshold: + format: int32 + description: The position threshold value used to compute the metrics. + type: integer + id: XPSTablesClassificationMetricsCurveMetrics + description: Metrics curve data point for a single value. + type: object + XPSVideoActionRecognitionTrainResponse: + properties: + modelArtifactSpec: + $ref: '#/components/schemas/XPSVideoModelArtifactSpec' + description: '## The fields below are only populated under uCAIP request scope.' + trainCostNodeSeconds: + type: string + format: int64 description: >- - Whether the language is officially supported. The API may still - return a response when the language is not supported, but it is on a - best effort basis. - type: boolean - Sentiment: - id: Sentiment - description: >- - Represents the feeling associated with the entire text or entities in - the text. + The actual train cost of creating this model, expressed in node + seconds, i.e. 3,600 value in this field means 1 node hour. type: object + id: XPSVideoActionRecognitionTrainResponse + Sentiment: properties: + score: + type: number + description: >- + Sentiment score between -1.0 (negative sentiment) and 1.0 (positive + sentiment). + format: float magnitude: description: >- A non-negative number in the [0, +inf] range, which represents the @@ -154,52 +148,18 @@ components: negative). type: number format: float - score: - description: >- - Sentiment score between -1.0 (negative sentiment) and 1.0 (positive - sentiment). - type: number - format: float - Sentence: - id: Sentence - description: Represents a sentence in the input document. - type: object - properties: - text: - description: The sentence text. - $ref: '#/components/schemas/TextSpan' - sentiment: - description: >- - For calls to AnalyzeSentiment or if - AnnotateTextRequest.Features.extract_document_sentiment is set to - true, this field will contain the sentiment for the sentence. - $ref: '#/components/schemas/Sentiment' - TextSpan: - id: TextSpan - description: Represents a text span in the input document. type: object - properties: - content: - description: The content of the text span, which is a substring of the document. - type: string - beginOffset: - description: >- - The API calculates the beginning offset of the content in the - original document according to the EncodingType specified in the API - request. - type: integer - format: int32 - AnalyzeEntitiesRequest: - id: AnalyzeEntitiesRequest - description: The entity analysis request message. + id: Sentiment + description: >- + Represents the feeling associated with the entire text or entities in + the text. + AnalyzeSentimentRequest: + description: The sentiment analysis request message. type: object + id: AnalyzeSentimentRequest properties: - document: - description: Required. Input document. - $ref: '#/components/schemas/Document' encodingType: - description: The encoding type used by the API to calculate offsets. - type: string + description: The encoding type used by the API to calculate sentence offsets. enumDescriptions: - >- If `EncodingType` is not specified, encoding-dependent information @@ -222,1968 +182,694 @@ components: - UTF8 - UTF16 - UTF32 - AnalyzeEntitiesResponse: - id: AnalyzeEntitiesResponse - description: The entity analysis response message. - type: object + type: string + document: + $ref: '#/components/schemas/Document' + description: Required. Input document. + XPSSpeechPreprocessStats: + id: XPSSpeechPreprocessStats properties: - entities: - description: The recognized entities in the input document. - type: array + testSentencesCount: + format: int32 + description: The number of sentences in the test data set. + type: integer + dataErrors: + description: Different types of data errors and the counts associated with them. items: - $ref: '#/components/schemas/Entity' - languageCode: - description: >- - The language of the text, which will be the same as the language - specified in the request or, if not specified, the - automatically-detected language. See Document.language_code field - for more details. - type: string - languageSupported: + $ref: '#/components/schemas/XPSDataErrors' + type: array + trainWordsCount: + type: integer + description: The number of words in the training data set. + format: int32 + trainSentencesCount: + type: integer + description: The number of sentences in the training data set. + format: int32 + testExamplesCount: + type: integer + description: The number of examples labelled as TEST by Speech xps server. + format: int32 + numMachineTranscribedExamples: + type: integer + format: int32 + description: The number of rows marked as MACHINE_TRANSCRIBED + numLogsExamples: + type: integer + format: int32 + description: The number of samples found in the previously recorded logs data. + testWordsCount: + type: integer + description: The number of words in the test data set. + format: int32 + numHumanLabeledExamples: + description: The number of rows marked HUMAN_LABELLED + format: int32 + type: integer + trainExamplesCount: + description: The number of examples labeled as TRAIN by Speech xps server. + format: int32 + type: integer + type: object + XPSVideoObjectTrackingTrainResponse: + type: object + properties: + modelArtifactSpec: + $ref: '#/components/schemas/XPSVideoModelArtifactSpec' + description: '## The fields below are only populated under uCAIP request scope.' + trainCostNodeSeconds: + format: int64 description: >- - Whether the language is officially supported. The API may still - return a response when the language is not supported, but it is on a - best effort basis. - type: boolean - Entity: - id: Entity + The actual train cost of creating this model, expressed in node + seconds, i.e. 3,600 value in this field means 1 node hour. + type: string + exportModelSpec: + description: Populated for AutoML request only. + $ref: '#/components/schemas/XPSVideoExportModelSpec' + id: XPSVideoObjectTrackingTrainResponse + XPSTfLiteFormat: + type: object description: >- - Represents a phrase in the text that is a known entity, such as a - person, an organization, or location. The API associates information, - such as probability and mentions, with entities. + LINT.IfChange A model format used for mobile and IoT devices. See + https://www.tensorflow.org/lite. + id: XPSTfLiteFormat + properties: {} + XPSConfusionMatrixRow: type: object + id: XPSConfusionMatrixRow properties: - name: - description: The representative name for the entity. - type: string - type: - description: The entity type. - type: string - enumDescriptions: - - Unknown - - Person - - Location - - Organization - - Event - - Artwork - - Consumer product - - Other types of entities - - >- - Phone number The metadata lists the phone number, formatted - according to local convention, plus whichever additional elements - appear in the text: * `number` - the actual number, broken down - into sections as per local convention * `national_prefix` - - country code, if detected * `area_code` - region or area code, if - detected * `extension` - phone extension (to be dialed after - connection), if detected - - >- - Address The metadata identifies the street number and locality - plus whichever additional elements appear in the text: * - `street_number` - street number * `locality` - city or town * - `street_name` - street/route name, if detected * `postal_code` - - postal code, if detected * `country` - country, if detected * - `broad_region` - administrative area, such as the state, if - detected * `narrow_region` - smaller administrative area, such as - county, if detected * `sublocality` - used in Asian addresses to - demark a district within a city, if detected - - >- - Date The metadata identifies the components of the date: * `year` - - four digit year, if detected * `month` - two digit month number, - if detected * `day` - two digit day number, if detected - - Number The metadata is the number itself. - - Price The metadata identifies the `value` and `currency`. - enum: - - UNKNOWN - - PERSON - - LOCATION - - ORGANIZATION - - EVENT - - WORK_OF_ART - - CONSUMER_GOOD - - OTHER - - PHONE_NUMBER - - ADDRESS - - DATE - - NUMBER - - PRICE - metadata: - description: >- - Metadata associated with the entity. For the metadata associated - with other entity types, see the Type table below. - type: object - additionalProperties: - type: string - mentions: + exampleCount: + items: + type: integer + format: int32 description: >- - The mentions of this entity in the input document. The API currently - supports proper noun mentions. + Value of the specific cell in the confusion matrix. The number of + values each row has (i.e. the length of the row) is equal to the + length of the annotation_spec_id_token field. type: array + count: items: - $ref: '#/components/schemas/EntityMention' - sentiment: + type: string + format: int64 + type: array description: >- - For calls to AnalyzeEntitySentiment this field will contain the - aggregate sentiment expressed for this entity in the provided - document. - $ref: '#/components/schemas/Sentiment' - EntityMention: - id: EntityMention - description: >- - Represents a mention for an entity in the text. Currently, proper noun - mentions are supported. - type: object + Same as above except intended to represent other counts (for e.g. + for segmentation this is pixel count). NOTE(params): Only + example_count or count is set (oneoff does not support repeated + fields unless they are embedded inside another message). + description: A row in the confusion matrix. + Sentence: + id: Sentence properties: text: - description: The mention text. + description: The sentence text. $ref: '#/components/schemas/TextSpan' - type: - description: The type of the entity mention. - type: string - enumDescriptions: - - Unknown - - Proper name - - Common noun (or noun compound) - enum: - - TYPE_UNKNOWN - - PROPER - - COMMON sentiment: - description: >- - For calls to AnalyzeEntitySentiment this field will contain the - sentiment expressed for this mention of the entity in the provided - document. $ref: '#/components/schemas/Sentiment' - probability: description: >- - Probability score associated with the entity. The score shows the - probability of the entity mention being the entity type. The score - is in (0, 1] range. - type: number - format: float - ClassifyTextRequest: - id: ClassifyTextRequest - description: The document classification request message. + For calls to AnalyzeSentiment or if + AnnotateTextRequest.Features.extract_document_sentiment is set to + true, this field will contain the sentiment for the sentence. + description: Represents a sentence in the input document. type: object - properties: - document: - description: Required. Input document. - $ref: '#/components/schemas/Document' - ClassifyTextResponse: - id: ClassifyTextResponse - description: The document classification response message. + XPSSpeechEvaluationMetrics: type: object + id: XPSSpeechEvaluationMetrics properties: - categories: - description: Categories representing the input document. + subModelEvaluationMetrics: type: array + description: Evaluation metrics for all submodels contained in this model. items: - $ref: '#/components/schemas/ClassificationCategory' - languageCode: + $ref: >- + #/components/schemas/XPSSpeechEvaluationMetricsSubModelEvaluationMetric + XPSReportingMetrics: + properties: + metricEntries: + items: + $ref: '#/components/schemas/XPSMetricEntry' description: >- - The language of the text, which will be the same as the language - specified in the request or, if not specified, the - automatically-detected language. See Document.language_code field - for more details. - type: string - languageSupported: + One entry per metric name. The values must be aggregated per metric + name. + type: array + effectiveTrainingDuration: + format: google-duration description: >- - Whether the language is officially supported. The API may still - return a response when the language is not supported, but it is on a - best effort basis. - type: boolean - ClassificationCategory: - id: ClassificationCategory - description: Represents a category returned from the text classifier. + The effective time training used. If set, this is used for quota + management and billing. Deprecated. AutoML BE doesn't use this. + Don't set. + deprecated: true + type: string type: object + id: XPSReportingMetrics + XPSXpsOperationMetadata: properties: - name: - description: The name of the category representing the document. + videoBatchPredictOperationMetadata: + $ref: '#/components/schemas/XPSVideoBatchPredictOperationMetadata' + videoTrainingOperationMetadata: + $ref: '#/components/schemas/XPSVideoTrainingOperationMetadata' + tablesTrainingOperationMetadata: + $ref: '#/components/schemas/XPSTablesTrainingOperationMetadata' + exampleCount: + format: int64 type: string - confidence: description: >- - The classifier's confidence of the category. Number represents how - certain the classifier is that this category represents the given - text. + Optional. XPS server can opt to provide example count of the long + running operation (e.g. training, data importing, batch prediction). + visionTrainingOperationMetadata: + $ref: '#/components/schemas/XPSVisionTrainingOperationMetadata' + reportingMetrics: + description: >- + Metrics for the operation. By the time the operation is terminated + (whether succeeded or failed) as returned from XPS, AutoML BE + assumes the metrics are finalized. AutoML BE transparently posts the + metrics to Chemist if it's not empty, regardless of the response + content or error type. If user is supposed to be charged in case of + cancellation/error, this field should be set. In the case where the + type of LRO doesn't require any billing, this field should be left + unset. + $ref: '#/components/schemas/XPSReportingMetrics' + id: XPSXpsOperationMetadata + type: object + XPSVideoActionMetricsEntryConfidenceMetricsEntry: + properties: + precision: + format: float + type: number + description: Output only. Precision for the given confidence threshold. + f1Score: + format: float + description: Output only. The harmonic mean of recall and precision. + type: number + confidenceThreshold: type: number format: float - severity: description: >- - Optional. The classifier's severity of the category. This is only - present when the ModerateTextRequest.ModelVersion is set to - MODEL_VERSION_2, and the corresponding category has a severity - score. + Output only. The confidence threshold value used to compute the + metrics. + recall: type: number + description: Output only. Recall for the given confidence threshold. format: float - ModerateTextRequest: - id: ModerateTextRequest - description: The document moderation request message. + id: XPSVideoActionMetricsEntryConfidenceMetricsEntry + description: Metrics for a single confidence threshold. + type: object + XPSMetricEntryLabel: type: object + id: XPSMetricEntryLabel properties: - document: - description: Required. Input document. - $ref: '#/components/schemas/Document' - modelVersion: - description: Optional. The model version to use for ModerateText. + labelName: type: string - enumDescriptions: - - The default model version. - - >- - Use the v1 model, this model is used by default when not provided. - The v1 model only returns probability (confidence) score for each - category. - - >- - Use the v2 model. The v2 model only returns probability - (confidence) score for each category, and returns severity score - for a subset of the categories. - enum: - - MODEL_VERSION_UNSPECIFIED - - MODEL_VERSION_1 - - MODEL_VERSION_2 - ModerateTextResponse: - id: ModerateTextResponse - description: The document moderation response message. + description: The name of the label. + labelValue: + description: The value of the label. + type: string + XPSImageSegmentationEvaluationMetrics: type: object properties: - moderationCategories: - description: Harmful and sensitive categories representing the input document. - type: array + confidenceMetricsEntries: items: - $ref: '#/components/schemas/ClassificationCategory' - languageCode: - description: >- - The language of the text, which will be the same as the language - specified in the request or, if not specified, the - automatically-detected language. See Document.language_code field - for more details. - type: string - languageSupported: + $ref: >- + #/components/schemas/XPSImageSegmentationEvaluationMetricsConfidenceMetricsEntry description: >- - Whether the language is officially supported. The API may still - return a response when the language is not supported, but it is on a - best effort basis. - type: boolean - AnnotateTextRequest: - id: AnnotateTextRequest - description: >- - The request message for the text annotation API, which can perform - multiple analysis types in one call. + Metrics that have confidence thresholds. Precision-recall curve can + be derived from it. + type: array + description: 'Model evaluation metrics for image segmentation problems. Next tag: 4.' + id: XPSImageSegmentationEvaluationMetrics + XPSTableSpec: type: object properties: - document: - description: Required. Input document. - $ref: '#/components/schemas/Document' - features: - description: Required. The enabled features. - $ref: '#/components/schemas/AnnotateTextRequestFeatures' - encodingType: - description: The encoding type used by the API to calculate offsets. + validRowCount: + format: int64 + description: The number of valid rows. type: string - enumDescriptions: - - >- - If `EncodingType` is not specified, encoding-dependent information - (such as `begin_offset`) will be set at `-1`. - - >- - Encoding-dependent information (such as `begin_offset`) is - calculated based on the UTF-8 encoding of the input. C++ and Go - are examples of languages that use this encoding natively. - - >- - Encoding-dependent information (such as `begin_offset`) is - calculated based on the UTF-16 encoding of the input. Java and - JavaScript are examples of languages that use this encoding - natively. - - >- - Encoding-dependent information (such as `begin_offset`) is - calculated based on the UTF-32 encoding of the input. Python is an - example of a language that uses this encoding natively. - enum: - - NONE - - UTF8 - - UTF16 - - UTF32 - AnnotateTextRequestFeatures: - id: AnnotateTextRequestFeatures - description: >- - All available features. Setting each one to true will enable that - specific analysis for the input. - type: object - properties: - extractEntities: - description: Optional. Extract entities. - type: boolean - extractDocumentSentiment: - description: Optional. Extract document-level sentiment. - type: boolean - classifyText: - description: Optional. Classify the full document into categories. - type: boolean - moderateText: - description: >- - Optional. Moderate the document for harmful and sensitive - categories. - type: boolean - AnnotateTextResponse: - id: AnnotateTextResponse - description: The text annotations response message. + columnSpecs: + type: object + additionalProperties: + $ref: '#/components/schemas/XPSColumnSpec' + description: Mapping from column id to column spec. + timeColumnId: + description: The id of the time column. + format: int32 + type: integer + rowCount: + format: int64 + type: string + description: The number of rows in the table. + importedDataSizeInBytes: + format: int64 + type: string + description: The total size of imported data of the table. + id: XPSTableSpec + XPSVideoModelArtifactSpec: + id: XPSVideoModelArtifactSpec type: object properties: - sentences: + servingArtifact: + $ref: '#/components/schemas/XPSModelArtifactItem' description: >- - Sentences in the input document. Populated if the user enables - AnnotateTextRequest.Features.extract_document_sentiment. + The default model binary file used for serving (e.g. batch predict) + via public Cloud AI Platform API. + exportArtifact: type: array + description: The model binary files in different formats for model export. items: - $ref: '#/components/schemas/Sentence' - entities: + $ref: '#/components/schemas/XPSModelArtifactItem' + XPSTfSavedModelFormat: + description: A tensorflow model format in SavedModel format. + id: XPSTfSavedModelFormat + type: object + properties: {} + XPSVideoActionRecognitionEvaluationMetrics: + type: object + id: XPSVideoActionRecognitionEvaluationMetrics + properties: + videoActionMetricsEntries: description: >- - Entities, along with their semantic information, in the input - document. Populated if the user enables - AnnotateTextRequest.Features.extract_entities . + Output only. The metric entries for precision window lengths: + 1s,2s,3s,4s, 5s. type: array items: - $ref: '#/components/schemas/Entity' - documentSentiment: + $ref: '#/components/schemas/XPSVideoActionMetricsEntry' + evaluatedActionCount: + format: int32 + type: integer description: >- - The overall sentiment for the document. Populated if the user - enables AnnotateTextRequest.Features.extract_document_sentiment. - $ref: '#/components/schemas/Sentiment' - languageCode: + Output only. The number of ground truth actions used to create this + evaluation. + description: Model evaluation metrics for video action recognition. + XPSDockerFormat: + description: >- + A model format used for Docker containers. Use the params field to + customize the container. The container is verified to work correctly on + ubuntu 16.04 operating system. + id: XPSDockerFormat + type: object + properties: + gpuArchitecture: description: >- - The language of the text, which will be the same as the language - specified in the request or, if not specified, the - automatically-detected language. See Document.language_code field - for more details. + Optional. Additional gpu information describing the requirements for + the to be exported model files. + enum: + - GPU_ARCHITECTURE_UNSPECIFIED + - GPU_ARCHITECTURE_NVIDIA + enumDescriptions: + - '' + - '' type: string - categories: - description: Categories identified in the input document. - type: array - items: - $ref: '#/components/schemas/ClassificationCategory' - moderationCategories: - description: Harmful and sensitive categories identified in the input document. - type: array - items: - $ref: '#/components/schemas/ClassificationCategory' - languageSupported: - description: >- - Whether the language is officially supported by all requested - features. The API may still return a response when the language is - not supported, but it is on a best effort basis. - type: boolean - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + cpuArchitecture: + enumDescriptions: + - '' + - '' + enum: + - CPU_ARCHITECTURE_UNSPECIFIED + - CPU_ARCHITECTURE_X86_64 type: string - details: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - XPSBatchPredictResponse: - id: XPSBatchPredictResponse - type: object + Optional. Additional cpu information describing the requirements for + the to be exported model files. + XPSXraiAttribution: properties: - exampleSet: + stepCount: + type: integer description: >- - Examples for batch prediction result. Under full API implementation, - results are stored in shared RecordIO of AnnotatedExample protobufs, - the annotations field of which is populated by XPS backend. - $ref: '#/components/schemas/XPSExampleSet' - XPSExampleSet: - id: XPSExampleSet - description: Set of examples or input sources. + The number of steps for approximating the path integral. A good + value to start is 50 and gradually increase until the sum to diff + property is met within the desired error range. Valid range of its + value is [1, 100], inclusively. + format: int32 type: object + deprecated: true + description: >- + An explanation method that redistributes Integrated Gradients + attributions to segmented regions, taking advantage of the model's fully + differentiable structure. Refer to this paper for more details: + https://arxiv.org/abs/1906.02825 Only supports image Models (modality is + IMAGE). + id: XPSXraiAttribution + XPSTablesConfidenceMetricsEntry: + id: XPSTablesConfidenceMetricsEntry properties: - fileSpec: - description: File spec of the examples or input sources. - $ref: '#/components/schemas/XPSFileSpec' - numExamples: - description: Number of examples. - type: string - format: int64 - numInputSources: - description: Number of input sources. + falsePositiveCount: type: string format: int64 - fingerprint: - description: Fingerprint of the example set. - type: string + description: False positive count. + trueNegativeCount: format: int64 - XPSFileSpec: - id: XPSFileSpec - description: >- - Spec of input and output files, on external file systems (for example, - Colossus Namespace System or Google Cloud Storage). - type: object - properties: - fileFormat: + description: True negative count. type: string - enumDescriptions: - - '' - - '' - - Internal format for parallel text data used by Google Translate. - - '' - - >- - Only the lexicographically first file described by the file_spec - contains the header line. - - '' - enumDeprecated: - - false - - true - - false - - false - - false - - false - enum: - - FILE_FORMAT_UNKNOWN - - FILE_FORMAT_SSTABLE - - FILE_FORMAT_TRANSLATION_RKV - - FILE_FORMAT_RECORDIO - - FILE_FORMAT_RAW_CSV - - FILE_FORMAT_RAW_CAPACITOR - directoryPath: - description: Deprecated. Use file_spec. - deprecated: true + falseNegativeCount: + description: False negative count. type: string - singleFilePath: - description: Deprecated. Use file_spec. - deprecated: true + format: int64 + falsePositiveRate: + type: number + description: 'FPR = #false positives / (#false positives + #true negatives)' + format: double + confidenceThreshold: + format: double + description: The confidence threshold value used to compute the metrics. + type: number + truePositiveCount: + format: int64 type: string - fileSpec: + description: True positive count. + recall: + format: double + description: 'Recall = #true positives / (#true positives + #false negatives).' + type: number + truePositiveRate: + type: number + format: double + description: 'TPR = #true positives / (#true positives + #false negatvies)' + f1Score: description: >- - Single file path, or file pattern of format - "/path/to/file@shard_count". E.g. /cns/cell-d/somewhere/file@2 is - expanded to two files: /cns/cell-d/somewhere/file-00000-of-00002 and - /cns/cell-d/somewhere/file-00001-of-00002. - type: string - XPSPreprocessResponse: - id: XPSPreprocessResponse + The harmonic mean of recall and precision. (2 * precision * recall) + / (precision + recall) + type: number + format: double + precision: + format: double + type: number + description: 'Precision = #true positives / (#true positives + #false positives).' + description: Metrics for a single confidence threshold. type: object + XPSVisionTrainingOperationMetadata: properties: - outputExampleSet: + explanationUsage: + $ref: '#/components/schemas/InfraUsage' description: >- - Preprocessed examples, that are to be imported into AutoML storage. - This should point to RecordIO file(s) of PreprocessedExample - messages. The PreprocessedExample.mvp_training_data-s returned here - are later verbatim passed to Train() call in - TrainExample.mvp_training_data. - $ref: '#/components/schemas/XPSExampleSet' - speechPreprocessResp: - $ref: '#/components/schemas/XPSSpeechPreprocessResponse' - translationPreprocessResp: - $ref: '#/components/schemas/XPSTranslationPreprocessResponse' - tablesPreprocessResponse: - $ref: '#/components/schemas/XPSTablesPreprocessResponse' - XPSSpeechPreprocessResponse: - id: XPSSpeechPreprocessResponse + Aggregated infra usage within certain time period, for billing + report purpose if XAI is enable in training request. + id: XPSVisionTrainingOperationMetadata type: object + deprecated: true + XPSTrackMetricsEntry: + id: XPSTrackMetricsEntry properties: - speechPreprocessStats: - description: Stats associated with the data. - $ref: '#/components/schemas/XPSSpeechPreprocessStats' - cnsTrainDataPath: + meanMismatchRate: + format: float + type: number + description: Output only. The mean mismatch rate over all confidence thresholds. + iouThreshold: + format: float description: >- - Location of shards of sstables (training data) of DataUtterance - protos. - type: string - cnsTestDataPath: - description: Location od shards of sstables (test data) of DataUtterance protos. - type: string - prebuiltModelEvaluationMetrics: + Output only. The intersection-over-union threshold value between + bounding boxes across frames used to compute this metric entry. + type: number + confidenceMetricsEntries: + type: array description: >- - The metrics for prebuilt speech models. They are included here - because there is no prebuilt speech models stored in the AutoML. - $ref: '#/components/schemas/XPSSpeechEvaluationMetrics' - XPSSpeechPreprocessStats: - id: XPSSpeechPreprocessStats + Output only. Metrics for each label-match confidence_threshold from + 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99. Precision-recall curve is + derived from them. + items: + $ref: '#/components/schemas/XPSTrackMetricsEntryConfidenceMetricsEntry' + meanBoundingBoxIou: + description: >- + Output only. The mean bounding box iou over all confidence + thresholds. + format: float + type: number + meanTrackingAveragePrecision: + type: number + description: >- + Output only. The mean average precision over all confidence + thresholds. + format: float + description: >- + Track matching model metrics for a single track match threshold and + multiple label match confidence thresholds. Next tag: 6. + type: object + XPSTfJsFormat: + type: object + description: >- + A [TensorFlow.js](https://www.tensorflow.org/js) model that can be used + in the browser and in Node.js using JavaScript. + id: XPSTfJsFormat + properties: {} + XPSIntegratedGradientsAttribution: type: object + deprecated: true + id: XPSIntegratedGradientsAttribution + description: >- + An attribution method that computes the Aumann-Shapley value taking + advantage of the model's fully differentiable structure. Refer to this + paper for more details: https://arxiv.org/abs/1703.01365 properties: - trainExamplesCount: - description: The number of examples labeled as TRAIN by Speech xps server. - type: integer + stepCount: format: int32 - testExamplesCount: - description: The number of examples labelled as TEST by Speech xps server. type: integer - format: int32 - numMachineTranscribedExamples: - description: The number of rows marked as MACHINE_TRANSCRIBED - type: integer - format: int32 - numHumanLabeledExamples: - description: The number of rows marked HUMAN_LABELLED - type: integer - format: int32 - numLogsExamples: - description: The number of samples found in the previously recorded logs data. - type: integer - format: int32 - dataErrors: - description: Different types of data errors and the counts associated with them. - type: array - items: - $ref: '#/components/schemas/XPSDataErrors' - trainSentencesCount: - description: The number of sentences in the training data set. - type: integer - format: int32 - testSentencesCount: - description: The number of sentences in the test data set. - type: integer - format: int32 - trainWordsCount: - description: The number of words in the training data set. - type: integer - format: int32 - testWordsCount: - description: The number of words in the test data set. - type: integer - format: int32 - XPSDataErrors: - id: XPSDataErrors - description: Different types of errors and the stats associatesd with each error. - type: object - properties: - errorType: - description: Type of the error. - type: string - enumDescriptions: - - Not specified. - - >- - Audio format not in the formats by cloud-speech AutoML. Currently - only wav and flac file formats are supported. - - >- - File format differnt from what is specified in the file name - extension. - - File too large. Maximum allowed size is 50 MB. - - Transcript is missing. - enum: - - ERROR_TYPE_UNSPECIFIED - - UNSUPPORTED_AUDIO_FORMAT - - FILE_EXTENSION_MISMATCH_WITH_AUDIO_FORMAT - - FILE_TOO_LARGE - - MISSING_TRANSCRIPTION - count: - description: Number of records having errors associated with the enum. - type: integer - format: int32 - XPSSpeechEvaluationMetrics: - id: XPSSpeechEvaluationMetrics - type: object - properties: - subModelEvaluationMetrics: - description: Evaluation metrics for all submodels contained in this model. - type: array - items: - $ref: >- - #/components/schemas/XPSSpeechEvaluationMetricsSubModelEvaluationMetric - XPSSpeechEvaluationMetricsSubModelEvaluationMetric: - id: XPSSpeechEvaluationMetricsSubModelEvaluationMetric + description: >- + The number of steps for approximating the path integral. A good + value to start is 50 and gradually increase until the sum to diff + property is within the desired error range. Valid range of its value + is [1, 100], inclusively. + XPSCorrelationStats: type: object + id: XPSCorrelationStats properties: - wer: - description: Word error rate (standard error metric used for speech recognition). - type: number + cramersV: format: double - numWords: - description: Number of words over which the word error rate was computed. - type: integer - format: int32 - numUtterances: - description: Number of utterances used in the wer computation. - type: integer - format: int32 - sentenceAccuracy: - description: Below fields are used for debugging purposes type: number - format: double - numInsertions: - type: integer - format: int32 - numSubstitutions: - type: integer - format: int32 - numDeletions: - type: integer - format: int32 - biasingModelType: - description: Type of the biasing model. - type: string - enumDescriptions: - - '' - - Build biasing model on top of COMMAND_AND_SEARCH model - - Build biasing model on top of PHONE_CALL model - - Build biasing model on top of VIDEO model - - Build biasing model on top of DEFAULT model - enum: - - BIASING_MODEL_TYPE_UNSPECIFIED - - COMMAND_AND_SEARCH - - PHONE_CALL - - VIDEO - - DEFAULT - isEnhancedModel: - description: >- - If true then it means we have an enhanced version of the biasing - models. - type: boolean - XPSTranslationPreprocessResponse: - id: XPSTranslationPreprocessResponse - description: Translation preprocess response. + description: The correlation value using the Cramer's V measure. + description: >- + A correlation statistics between two series of DataType values. The + series may have differing DataType-s, but within a single series the + DataType must be the same. + CpuMetric: type: object + description: Metric for billing reports. + id: CpuMetric properties: - parsedExampleCount: - description: Total example count parsed. - type: string - format: int64 - validExampleCount: - description: Total valid example count. - type: string + coreNumber: + description: Required. Number of CPU cores. format: int64 - XPSTablesPreprocessResponse: - id: XPSTablesPreprocessResponse - type: object - properties: - tablesDatasetMetadata: - description: >- - The table/column id, column_name and the DataTypes of the columns - will be populated. - $ref: '#/components/schemas/XPSTablesDatasetMetadata' - XPSTablesDatasetMetadata: - id: XPSTablesDatasetMetadata - description: Metadata for a dataset used for AutoML Tables. - type: object - properties: - primaryTableSpec: - description: Primary table. - $ref: '#/components/schemas/XPSTableSpec' - targetColumnId: - description: >- - Id of the primary table column that should be used as the training - label. - type: integer - format: int32 - weightColumnId: - description: >- - Id of the primary table column that should be used as the weight - column. - type: integer - format: int32 - mlUseColumnId: - description: Id the column to split the table. - type: integer - format: int32 - targetColumnCorrelations: - description: '(the column id : its CorrelationStats with target column).' - type: object - additionalProperties: - $ref: '#/components/schemas/XPSCorrelationStats' - XPSTableSpec: - id: XPSTableSpec - type: object - properties: - timeColumnId: - description: The id of the time column. - type: integer - format: int32 - rowCount: - description: The number of rows in the table. type: string - format: int64 - validRowCount: - description: The number of valid rows. + coreSec: type: string + description: Required. Total seconds of core usage, e.g. 4. format: int64 - columnSpecs: - description: Mapping from column id to column spec. + trackingLabels: type: object - additionalProperties: - $ref: '#/components/schemas/XPSColumnSpec' - importedDataSizeInBytes: - description: The total size of imported data of the table. - type: string - format: int64 - XPSColumnSpec: - id: XPSColumnSpec - type: object - properties: - columnId: - description: >- - The unique id of the column. When Preprocess, the Tables BE will - popuate the order id of the column, which reflects the order of the - column inside the table, i.e. 0 means the first column in the table, - N-1 means the last column. AutoML BE will persist this order id in - Spanner and set the order id here when calling RefreshTablesStats - and Train. Note: it's different than the column_spec_id that is - generated in AutoML BE. - type: integer - format: int32 - displayName: description: >- - The display name of the column. It's outputed in Preprocess and a - required input for RefreshTablesStats and Train. + Billing tracking labels. They do not contain any user data but only + the labels set by Vertex Core Infra itself. Tracking labels' keys + are defined with special format: goog-[\p{Ll}\p{N}]+ E.g. "key": + "goog-k8s-cluster-name","value": "us-east1-b4rk" + additionalProperties: + type: string + machineSpec: type: string - dataType: - description: >- - The data type of the column. It's outputed in Preprocess rpc and a - required input for RefreshTablesStats and Train. - $ref: '#/components/schemas/XPSDataType' - dataStats: - description: >- - The data stats of the column. It's outputed in RefreshTablesStats - and a required input for Train. - $ref: '#/components/schemas/XPSDataStats' - topCorrelatedColumns: - description: It's outputed in RefreshTablesStats, and a required input in Train. - type: array - items: - $ref: '#/components/schemas/XPSColumnSpecCorrelatedColumn' - forecastingMetadata: - $ref: '#/components/schemas/XPSColumnSpecForecastingMetadata' - XPSDataType: - id: XPSDataType - description: >- - Indicated the type of data that can be stored in a structured data - entity (e.g. a table). - type: object - properties: - typeCode: - description: Required. The TypeCode for this type. - type: string - enumDescriptions: - - Not specified. Should not be used. - - >- - Encoded as `number`, or the strings `"NaN"`, `"Infinity"`, or - `"-Infinity"`. - - >- - Must be between 0AD and 9999AD. Encoded as `string` according to - time_format, or, if that format is not set, then in RFC 3339 - `date-time` format, where `time-offset` = `"Z"` (e.g. - 1985-04-12T23:20:50.52Z). - - Encoded as `string`. - - >- - Encoded as `list`, where the list elements are represented - according to list_element_type. - - >- - Encoded as `struct`, where field values are represented according - to struct_type. - - >- - Values of this type are not further understood by AutoML, e.g. - AutoML is unable to tell the order of values (as it could with - FLOAT64), or is unable to say if one value contains another (as it - could with STRING). Encoded as `string` (bytes should be - base64-encoded, as described in RFC 4648, section 4). enum: - - TYPE_CODE_UNSPECIFIED - - FLOAT64 - - TIMESTAMP - - STRING - - ARRAY - - STRUCT - - CATEGORY - nullable: - description: If true, this DataType can also be `null`. - type: boolean - listElementType: - description: >- - If type_code == ARRAY, then `list_element_type` is the type of the - elements. - $ref: '#/components/schemas/XPSDataType' - structType: - description: >- - If type_code == STRUCT, then `struct_type` provides type information - for the struct's fields. - $ref: '#/components/schemas/XPSStructType' - timeFormat: - description: >- - If type_code == TIMESTAMP then `time_format` provides the format in - which that time field is expressed. The time_format must be written - in `strftime` syntax. If time_format is not set, then the default - format as described on the field is used. - type: string - compatibleDataTypes: - description: The highly compatible data types to this data type. - type: array - items: - $ref: '#/components/schemas/XPSDataType' - XPSStructType: - id: XPSStructType - description: '`StructType` defines the DataType-s of a STRUCT type.' - type: object - properties: - fields: - description: Unordered map of struct field names to their data types. - type: object - additionalProperties: - $ref: '#/components/schemas/XPSDataType' - XPSDataStats: - id: XPSDataStats - description: The data statistics of a series of values that share the same DataType. - type: object - properties: - distinctValueCount: - description: The number of distinct values. - type: string - format: int64 - nullValueCount: - description: The number of values that are null. - type: string - format: int64 - validValueCount: - description: The number of values that are valid. - type: string - format: int64 - float64Stats: - description: The statistics for FLOAT64 DataType. - $ref: '#/components/schemas/XPSFloat64Stats' - stringStats: - description: The statistics for STRING DataType. - $ref: '#/components/schemas/XPSStringStats' - timestampStats: - description: The statistics for TIMESTAMP DataType. - $ref: '#/components/schemas/XPSTimestampStats' - arrayStats: - description: The statistics for ARRAY DataType. - $ref: '#/components/schemas/XPSArrayStats' - structStats: - description: The statistics for STRUCT DataType. - $ref: '#/components/schemas/XPSStructStats' - categoryStats: - description: The statistics for CATEGORY DataType. - $ref: '#/components/schemas/XPSCategoryStats' - XPSFloat64Stats: - id: XPSFloat64Stats - description: The data statistics of a series of FLOAT64 values. - type: object - properties: - mean: - description: The mean of the series. - type: number - format: double - standardDeviation: - description: The standard deviation of the series. - type: number - format: double - quantiles: - description: >- - Ordered from 0 to k k-quantile values of the data series of n - values. The value at index i is, approximately, the i*n/k-th - smallest value in the series; for i = 0 and i = k these are, - respectively, the min and max values. - type: array - items: - type: number - format: double - histogramBuckets: - description: >- - Histogram buckets of the data series. Sorted by the min value of the - bucket, ascendingly, and the number of the buckets is dynamically - generated. The buckets are non-overlapping and completely cover - whole FLOAT64 range with min of first bucket being `"-Infinity"`, - and max of the last one being `"Infinity"`. - type: array - items: - $ref: '#/components/schemas/XPSFloat64StatsHistogramBucket' - commonStats: - $ref: '#/components/schemas/XPSCommonStats' - XPSFloat64StatsHistogramBucket: - id: XPSFloat64StatsHistogramBucket - description: A bucket of a histogram. - type: object - properties: - min: - description: The minimum value of the bucket, inclusive. - type: number - format: double - max: - description: >- - The maximum value of the bucket, exclusive unless max = - `"Infinity"`, in which case it's inclusive. - type: number - format: double - count: - description: >- - The number of data values that are in the bucket, i.e. are between - min and max values. - type: string - format: int64 - XPSCommonStats: - id: XPSCommonStats - description: Common statistics for a column with a specified data type. - type: object - properties: - distinctValueCount: - type: string - format: int64 - validValueCount: - type: string - format: int64 - nullValueCount: - type: string - format: int64 - XPSStringStats: - id: XPSStringStats - description: The data statistics of a series of STRING values. - type: object - properties: - topUnigramStats: - description: >- - The statistics of the top 20 unigrams, ordered by - StringStats.UnigramStats.count. - type: array - items: - $ref: '#/components/schemas/XPSStringStatsUnigramStats' - commonStats: - $ref: '#/components/schemas/XPSCommonStats' - XPSStringStatsUnigramStats: - id: XPSStringStatsUnigramStats - description: The statistics of a unigram. - type: object - properties: - value: - description: The unigram. - type: string - count: - description: The number of occurrences of this unigram in the series. - type: string - format: int64 - XPSTimestampStats: - id: XPSTimestampStats - description: The data statistics of a series of TIMESTAMP values. - type: object - properties: - granularStats: - description: >- - The string key is the pre-defined granularity. Currently supported: - hour_of_day, day_of_week, month_of_year. Granularities finer that - the granularity of timestamp data are not populated (e.g. if - timestamps are at day granularity, then hour_of_day is not - populated). - type: object - additionalProperties: - $ref: '#/components/schemas/XPSTimestampStatsGranularStats' - commonStats: - $ref: '#/components/schemas/XPSCommonStats' - medianTimestampNanos: - type: string - format: int64 - XPSTimestampStatsGranularStats: - id: XPSTimestampStatsGranularStats - description: Stats split by a defined in context granularity. - type: object - properties: - buckets: - description: >- - A map from granularity key to example count for that key. E.g. for - hour_of_day `13` means 1pm, or for month_of_year `5` means May). - type: object - additionalProperties: - type: string - format: int64 - XPSArrayStats: - id: XPSArrayStats - description: The data statistics of a series of ARRAY values. - type: object - properties: - memberStats: - description: >- - Stats of all the values of all arrays, as if they were a single long - series of data. The type depends on the element type of the array. - $ref: '#/components/schemas/XPSDataStats' - commonStats: - $ref: '#/components/schemas/XPSCommonStats' - XPSStructStats: - id: XPSStructStats - description: The data statistics of a series of STRUCT values. - type: object - properties: - fieldStats: - description: >- - Map from a field name of the struct to data stats aggregated over - series of all data in that field across all the structs. - type: object - additionalProperties: - $ref: '#/components/schemas/XPSDataStats' - commonStats: - $ref: '#/components/schemas/XPSCommonStats' - XPSCategoryStats: - id: XPSCategoryStats - description: The data statistics of a series of CATEGORY values. - type: object - properties: - topCategoryStats: - description: >- - The statistics of the top 20 CATEGORY values, ordered by - CategoryStats.SingleCategoryStats.count. - type: array - items: - $ref: '#/components/schemas/XPSCategoryStatsSingleCategoryStats' - commonStats: - $ref: '#/components/schemas/XPSCommonStats' - XPSCategoryStatsSingleCategoryStats: - id: XPSCategoryStatsSingleCategoryStats - description: The statistics of a single CATEGORY value. - type: object - properties: - value: - description: The CATEGORY value. - type: string - count: - description: The number of occurrences of this value in the series. - type: string - format: int64 - XPSColumnSpecCorrelatedColumn: - id: XPSColumnSpecCorrelatedColumn - description: >- - Identifies a table's column, and its correlation with the column this - ColumnSpec describes. - type: object - properties: - columnId: - type: integer - format: int32 - correlationStats: - $ref: '#/components/schemas/XPSCorrelationStats' - XPSCorrelationStats: - id: XPSCorrelationStats - description: >- - A correlation statistics between two series of DataType values. The - series may have differing DataType-s, but within a single series the - DataType must be the same. - type: object - properties: - cramersV: - description: The correlation value using the Cramer's V measure. - type: number - format: double - XPSColumnSpecForecastingMetadata: - id: XPSColumnSpecForecastingMetadata - type: object - properties: - columnType: - description: The type of the column for FORECASTING model training purposes. - type: string - enumDescriptions: - - An un-set value of this enum. - - Key columns are used to identify timeseries. - - >- - This column contains information describing static properties of - the entities identified by the key column(s) (e.g. city's ZIP - code). - - >- - This column contains information for the given entity, at any time - poinrt, they are only available in the time series before. - - >- - This column contains information for the given entity is known - both for the past and the sufficiently far future. - enum: - - COLUMN_TYPE_UNSPECIFIED - - KEY - - KEY_METADATA - - TIME_SERIES_AVAILABLE_PAST_ONLY - - TIME_SERIES_AVAILABLE_PAST_AND_FUTURE - XPSTrainResponse: - id: XPSTrainResponse - type: object - properties: - modelToken: - description: >- - Token that represents the trained model. This is considered - immutable and is persisted in AutoML. xPS can put their own proto in - the byte string, to e.g. point to the model checkpoints. The token - is passed to other xPS APIs to refer to the model. - type: string - format: byte - speechTrainResp: - $ref: '#/components/schemas/XPSSpeechModelSpec' - tablesTrainResp: - $ref: '#/components/schemas/XPSTablesTrainResponse' - imageObjectDetectionTrainResp: - $ref: '#/components/schemas/XPSImageObjectDetectionModelSpec' - textToSpeechTrainResp: - $ref: '#/components/schemas/XPSTextToSpeechTrainResponse' - videoObjectTrackingTrainResp: - $ref: '#/components/schemas/XPSVideoObjectTrackingTrainResponse' - videoClassificationTrainResp: - $ref: '#/components/schemas/XPSVideoClassificationTrainResponse' - videoActionRecognitionTrainResp: - $ref: '#/components/schemas/XPSVideoActionRecognitionTrainResponse' - imageClassificationTrainResp: - $ref: '#/components/schemas/XPSImageClassificationTrainResponse' - translationTrainResp: - $ref: '#/components/schemas/XPSTranslationTrainResponse' - imageSegmentationTrainResp: - $ref: '#/components/schemas/XPSImageSegmentationTrainResponse' - textTrainResp: - description: Will only be needed for uCAIP from Beta. - $ref: '#/components/schemas/XPSTextTrainResponse' - evaluationMetricsSet: - description: >- - The trained model evaluation metrics. This can be optionally - returned. - $ref: '#/components/schemas/XPSEvaluationMetricsSet' - evaluatedExampleSet: - description: >- - Examples used to evaluate the model (usually the test set), with the - predicted annotations. The file_spec should point to recordio - file(s) of AnnotatedExample. For each returned example, the - example_id_token and annotations predicted by the model must be set. - The example payload can and is recommended to be omitted. - $ref: '#/components/schemas/XPSExampleSet' - deployedModelSizeBytes: - description: Estimated model size in bytes once deployed. - type: string - format: int64 - explanationConfigs: - description: >- - VisionExplanationConfig for XAI on test set. Optional for when XAI - is enable in training request. - deprecated: true - type: array - items: - $ref: '#/components/schemas/XPSResponseExplanationSpec' - errorAnalysisConfigs: - description: >- - Optional vision model error analysis configuration. The field is set - when model error analysis is enabled in the training request. The - results of error analysis will be binded together with evaluation - results (in the format of AnnotatedExample). - type: array - items: - $ref: '#/components/schemas/XPSVisionErrorAnalysisConfig' - XPSSpeechModelSpec: - id: XPSSpeechModelSpec - type: object - properties: - subModelSpecs: - description: Model specs for all submodels contained in this model. - type: array - items: - $ref: '#/components/schemas/XPSSpeechModelSpecSubModelSpec' - datasetId: - description: >- - Required for speech xps backend. Speech xps has to use dataset_id - and model_id as the primary key in db so that speech API can query - the db directly. - type: string - format: int64 - language: - type: string - XPSSpeechModelSpecSubModelSpec: - id: XPSSpeechModelSpecSubModelSpec - type: object - properties: - clientId: - description: In S3, Recognition ClientContextId.client_id - type: string - contextId: - description: In S3, Recognition ClientContextId.context_id - type: string - biasingModelType: - description: Type of the biasing model. - type: string + - UNKNOWN_MACHINE_SPEC + - N1_STANDARD_2 + - N1_STANDARD_4 + - N1_STANDARD_8 + - N1_STANDARD_16 + - N1_STANDARD_32 + - N1_STANDARD_64 + - N1_STANDARD_96 + - N1_HIGHMEM_2 + - N1_HIGHMEM_4 + - N1_HIGHMEM_8 + - N1_HIGHMEM_16 + - N1_HIGHMEM_32 + - N1_HIGHMEM_64 + - N1_HIGHMEM_96 + - N1_HIGHCPU_2 + - N1_HIGHCPU_4 + - N1_HIGHCPU_8 + - N1_HIGHCPU_16 + - N1_HIGHCPU_32 + - N1_HIGHCPU_64 + - N1_HIGHCPU_96 + - A2_HIGHGPU_1G + - A2_HIGHGPU_2G + - A2_HIGHGPU_4G + - A2_HIGHGPU_8G + - A2_MEGAGPU_16G + - A2_ULTRAGPU_1G + - A2_ULTRAGPU_2G + - A2_ULTRAGPU_4G + - A2_ULTRAGPU_8G + - A3_HIGHGPU_1G + - A3_HIGHGPU_2G + - A3_HIGHGPU_4G + - A3_HIGHGPU_8G + - A3_MEGAGPU_8G + - A3_ULTRAGPU_8G + - A3_EDGEGPU_8G + - A4_HIGHGPU_8G + - A4X_HIGHGPU_4G + - E2_STANDARD_2 + - E2_STANDARD_4 + - E2_STANDARD_8 + - E2_STANDARD_16 + - E2_STANDARD_32 + - E2_HIGHMEM_2 + - E2_HIGHMEM_4 + - E2_HIGHMEM_8 + - E2_HIGHMEM_16 + - E2_HIGHCPU_2 + - E2_HIGHCPU_4 + - E2_HIGHCPU_8 + - E2_HIGHCPU_16 + - E2_HIGHCPU_32 + - N2_STANDARD_2 + - N2_STANDARD_4 + - N2_STANDARD_8 + - N2_STANDARD_16 + - N2_STANDARD_32 + - N2_STANDARD_48 + - N2_STANDARD_64 + - N2_STANDARD_80 + - N2_STANDARD_96 + - N2_STANDARD_128 + - N2_HIGHMEM_2 + - N2_HIGHMEM_4 + - N2_HIGHMEM_8 + - N2_HIGHMEM_16 + - N2_HIGHMEM_32 + - N2_HIGHMEM_48 + - N2_HIGHMEM_64 + - N2_HIGHMEM_80 + - N2_HIGHMEM_96 + - N2_HIGHMEM_128 + - N2_HIGHCPU_2 + - N2_HIGHCPU_4 + - N2_HIGHCPU_8 + - N2_HIGHCPU_16 + - N2_HIGHCPU_32 + - N2_HIGHCPU_48 + - N2_HIGHCPU_64 + - N2_HIGHCPU_80 + - N2_HIGHCPU_96 + - N2D_STANDARD_2 + - N2D_STANDARD_4 + - N2D_STANDARD_8 + - N2D_STANDARD_16 + - N2D_STANDARD_32 + - N2D_STANDARD_48 + - N2D_STANDARD_64 + - N2D_STANDARD_80 + - N2D_STANDARD_96 + - N2D_STANDARD_128 + - N2D_STANDARD_224 + - N2D_HIGHMEM_2 + - N2D_HIGHMEM_4 + - N2D_HIGHMEM_8 + - N2D_HIGHMEM_16 + - N2D_HIGHMEM_32 + - N2D_HIGHMEM_48 + - N2D_HIGHMEM_64 + - N2D_HIGHMEM_80 + - N2D_HIGHMEM_96 + - N2D_HIGHCPU_2 + - N2D_HIGHCPU_4 + - N2D_HIGHCPU_8 + - N2D_HIGHCPU_16 + - N2D_HIGHCPU_32 + - N2D_HIGHCPU_48 + - N2D_HIGHCPU_64 + - N2D_HIGHCPU_80 + - N2D_HIGHCPU_96 + - N2D_HIGHCPU_128 + - N2D_HIGHCPU_224 + - C2_STANDARD_4 + - C2_STANDARD_8 + - C2_STANDARD_16 + - C2_STANDARD_30 + - C2_STANDARD_60 + - C2D_STANDARD_2 + - C2D_STANDARD_4 + - C2D_STANDARD_8 + - C2D_STANDARD_16 + - C2D_STANDARD_32 + - C2D_STANDARD_56 + - C2D_STANDARD_112 + - C2D_HIGHCPU_2 + - C2D_HIGHCPU_4 + - C2D_HIGHCPU_8 + - C2D_HIGHCPU_16 + - C2D_HIGHCPU_32 + - C2D_HIGHCPU_56 + - C2D_HIGHCPU_112 + - C2D_HIGHMEM_2 + - C2D_HIGHMEM_4 + - C2D_HIGHMEM_8 + - C2D_HIGHMEM_16 + - C2D_HIGHMEM_32 + - C2D_HIGHMEM_56 + - C2D_HIGHMEM_112 + - G2_STANDARD_4 + - G2_STANDARD_8 + - G2_STANDARD_12 + - G2_STANDARD_16 + - G2_STANDARD_24 + - G2_STANDARD_32 + - G2_STANDARD_48 + - G2_STANDARD_96 + - G4_STANDARD_48 + - C3_STANDARD_4 + - C3_STANDARD_8 + - C3_STANDARD_22 + - C3_STANDARD_44 + - C3_STANDARD_88 + - C3_STANDARD_176 + - C3_HIGHCPU_4 + - C3_HIGHCPU_8 + - C3_HIGHCPU_22 + - C3_HIGHCPU_44 + - C3_HIGHCPU_88 + - C3_HIGHCPU_176 + - C3_HIGHMEM_4 + - C3_HIGHMEM_8 + - C3_HIGHMEM_22 + - C3_HIGHMEM_44 + - C3_HIGHMEM_88 + - C3_HIGHMEM_176 + - C4_STANDARD_8 + - C4_STANDARD_16 + - C4_STANDARD_24 + - C4_STANDARD_32 + - C4_STANDARD_48 + - C4_STANDARD_96 + - C4_STANDARD_144 + - C4_STANDARD_192 + - C4_STANDARD_288 + - C4_HIGHCPU_8 + - C4_HIGHCPU_16 + - C4_HIGHCPU_24 + - C4_HIGHCPU_32 + - C4_HIGHCPU_48 + - C4_HIGHCPU_96 + - C4_HIGHCPU_144 + - C4_HIGHCPU_192 + - C4_HIGHCPU_288 + - C4_HIGHMEM_8 + - C4_HIGHMEM_16 + - C4_HIGHMEM_24 + - C4_HIGHMEM_32 + - C4_HIGHMEM_48 + - C4_HIGHMEM_96 + - C4_HIGHMEM_144 + - C4_HIGHMEM_192 + - C4_HIGHMEM_288 enumDescriptions: - '' - - Build biasing model on top of COMMAND_AND_SEARCH model - - Build biasing model on top of PHONE_CALL model - - Build biasing model on top of VIDEO model - - Build biasing model on top of DEFAULT model - enum: - - BIASING_MODEL_TYPE_UNSPECIFIED - - COMMAND_AND_SEARCH - - PHONE_CALL - - VIDEO - - DEFAULT - isEnhancedModel: - description: >- - If true then it means we have an enhanced version of the biasing - models. - type: boolean - XPSTablesTrainResponse: - id: XPSTablesTrainResponse - type: object - properties: - tablesModelColumnInfo: - description: >- - Output only. Auxiliary information for each of the - input_feature_column_specs, with respect to this particular model. - type: array - items: - $ref: '#/components/schemas/XPSTablesModelColumnInfo' - predictionSampleRows: - description: Sample rows from the dataset this model was trained. - type: array - items: - $ref: '#/components/schemas/XPSRow' - trainCostMilliNodeHours: - description: >- - The actual training cost of the model, expressed in milli node - hours, i.e. 1,000 value in this field means 1 node hour. Guaranteed - to not exceed the train budget. - type: string - format: int64 - modelStructure: - $ref: '#/components/schemas/XPSTablesModelStructure' - XPSTablesModelColumnInfo: - id: XPSTablesModelColumnInfo - description: >- - An information specific to given column and Tables Model, in context of - the Model and the predictions created by it. - type: object - properties: - columnId: - description: The ID of the column. - type: integer - format: int32 - featureImportance: - description: >- - When given as part of a Model: Measurement of how much model - predictions correctness on the TEST data depend on values in this - column. A value between 0 and 1, higher means higher influence. - These values are normalized - for all input feature columns of a - given model they add to 1. When given back by Predict or Batch - Predict: Measurement of how impactful for the prediction returned - for the given row the value in this column was. Specifically, the - feature importance specifies the marginal contribution that the - feature made to the prediction score compared to the baseline score. - These values are computed using the Sampled Shapley method. - type: number - format: float - XPSRow: - id: XPSRow - type: object - properties: - columnIds: - description: >- - The ids of the columns. Note: The below `values` field must match - order of this field, if this field is set. - type: array - items: - type: integer - format: int32 - values: - description: >- - The values of the row cells, given in the same order as the - column_ids. If column_ids is not set, then in the same order as the - input_feature_column_ids in TablesModelMetadata. - type: array - items: - type: any - XPSTablesModelStructure: - id: XPSTablesModelStructure - description: A description of Tables model structure. - type: object - properties: - modelParameters: - description: A list of models. - type: array - items: - $ref: '#/components/schemas/XPSTablesModelStructureModelParameters' - XPSTablesModelStructureModelParameters: - id: XPSTablesModelStructureModelParameters - description: Model hyper-parameters for a model. - type: object - properties: - hyperparameters: - type: array - items: - $ref: >- - #/components/schemas/XPSTablesModelStructureModelParametersParameter - XPSTablesModelStructureModelParametersParameter: - id: XPSTablesModelStructureModelParametersParameter - type: object - properties: - name: - description: Parameter name. - type: string - floatValue: - description: Float type parameter value. - type: number - format: double - intValue: - description: Integer type parameter value. - type: string - format: int64 - stringValue: - description: String type parameter value. - type: string - XPSImageObjectDetectionModelSpec: - id: XPSImageObjectDetectionModelSpec - type: object - properties: - modelServingSpec: - $ref: '#/components/schemas/XPSImageModelServingSpec' - exportModelSpec: - $ref: '#/components/schemas/XPSImageExportModelSpec' - trainCostNodeSeconds: - description: >- - The actual train cost of creating this model, expressed in node - seconds, i.e. 3,600 value in this field means 1 node hour. - type: string - format: int64 - stopReason: - description: >- - Stop reason for training job, e.g. 'TRAIN_BUDGET_REACHED', - 'MODEL_CONVERGED'. - type: string - enumDescriptions: - '' - '' - - Model fully converged, can not be resumbed training. - - >- - Model early converged, can be further trained till full - convergency. - enum: - - TRAIN_STOP_REASON_UNSPECIFIED - - TRAIN_STOP_REASON_BUDGET_REACHED - - TRAIN_STOP_REASON_MODEL_CONVERGED - - TRAIN_STOP_REASON_MODEL_EARLY_STOPPED - modelArtifactSpec: - description: '## The fields below are only populated under uCAIP request scope.' - $ref: '#/components/schemas/XPSImageModelArtifactSpec' - maxBoundingBoxCount: - description: Max number of bounding box. - type: string - format: int64 - classCount: - description: Total number of classes. - type: string - format: int64 - XPSImageModelServingSpec: - id: XPSImageModelServingSpec - description: Serving specification for image models. - type: object - properties: - nodeQps: - description: >- - An estimated value of how much traffic a node can serve. Populated - for AutoMl request only. - type: number - format: double - tfRuntimeVersion: - description: >- - ## The fields below are only populated under uCAIP request scope. - https://cloud.google.com/ml-engine/docs/runtime-version-list - type: string - modelThroughputEstimation: - description: Populate under uCAIP request scope. - type: array - items: - $ref: >- - #/components/schemas/XPSImageModelServingSpecModelThroughputEstimation - XPSImageModelServingSpecModelThroughputEstimation: - id: XPSImageModelServingSpecModelThroughputEstimation - type: object - properties: - nodeQps: - description: The approximate qps a deployed node can serve. - type: number - format: double - latencyInMilliseconds: - description: Estimated latency. - type: number - format: double - computeEngineAcceleratorType: - type: string - enumDescriptions: - '' - - Nvidia Tesla K80 GPU. - - Nvidia Tesla P100 GPU. - - Nvidia Tesla V100 GPU. - - Nvidia Tesla P4 GPU. - - Nvidia Tesla T4 GPU. - - Nvidia Tesla A100 GPU. - - Nvidia A100 80GB GPU. - - Nvidia L4 GPU. - - Nvidia H100 80Gb GPU. - - Nvidia H100 80Gb GPU. - - Nvidia H200 141Gb GPU. - - Nvidia B200 GPU. - - Nvidia GB200 GPU. - - TPU v2 (JellyFish). - - TPU v3 (DragonFish). - - TPU_v4 (PufferFish). - - TPU v5 Lite Pods. - enum: - - UNSPECIFIED - - NVIDIA_TESLA_K80 - - NVIDIA_TESLA_P100 - - NVIDIA_TESLA_V100 - - NVIDIA_TESLA_P4 - - NVIDIA_TESLA_T4 - - NVIDIA_TESLA_A100 - - NVIDIA_A100_80GB - - NVIDIA_L4 - - NVIDIA_H100_80GB - - NVIDIA_H100_MEGA_80GB - - NVIDIA_H200_141GB - - NVIDIA_B200 - - NVIDIA_GB200 - - TPU_V2 - - TPU_V3 - - TPU_V4_POD - - TPU_V5_LITEPOD - servomaticPartitionType: - type: string - enumDescriptions: - '' - - The default partition. - - >- - It has significantly lower replication than partition-0 and is - located in the US only. It also has a larger model size limit and - higher default RAM quota than partition-0. Customers with batch - traffic, US-based traffic, or very large models should use this - partition. Capacity in this partition is significantly cheaper - than partition-0. - - To be used by customers with Jellyfish-accelerated ops. - - The partition used by regionalized servomatic cloud regions. - - The partition used for loading models from custom storage. - enum: - - PARTITION_TYPE_UNSPECIFIED - - PARTITION_ZERO - - PARTITION_REDUCED_HOMING - - PARTITION_JELLYFISH - - PARTITION_CPU - - PARTITION_CUSTOM_STORAGE_CPU - XPSImageExportModelSpec: - id: XPSImageExportModelSpec - description: >- - Information of downloadable models that are pre-generated as part of - training flow and will be persisted in AutoMl backend. Upon receiving - ExportModel request from user, AutoMl backend can serve the - pre-generated models to user if exists (by copying the files from - internal path to user provided location), otherwise, AutoMl backend will - call xPS ExportModel API to generate the model on the fly with the - requesting format. - type: object - properties: - exportModelOutputConfig: - description: >- - Contains the model format and internal location of the model files - to be exported/downloaded. Use the Google Cloud Storage bucket name - which is provided via TrainRequest.gcs_bucket_name to store the - model files. - type: array - items: - $ref: '#/components/schemas/XPSExportModelOutputConfig' - XPSExportModelOutputConfig: - id: XPSExportModelOutputConfig - type: object - properties: - outputGcsUri: - description: >- - The Google Cloud Storage directory where XPS will output the - exported models and related files. Format: gs://bucket/directory - type: string - outputGcrUri: - description: >- - The Google Contained Registry path the exported files to be pushed - to. This location is set if the exported format is DOCKDER. - type: string - tfLiteFormat: - $ref: '#/components/schemas/XPSTfLiteFormat' - edgeTpuTfLiteFormat: - $ref: '#/components/schemas/XPSEdgeTpuTfLiteFormat' - tfSavedModelFormat: - $ref: '#/components/schemas/XPSTfSavedModelFormat' - dockerFormat: - $ref: '#/components/schemas/XPSDockerFormat' - coreMlFormat: - $ref: '#/components/schemas/XPSCoreMlFormat' - tfJsFormat: - $ref: '#/components/schemas/XPSTfJsFormat' - exportFirebaseAuxiliaryInfo: - description: >- - For any model and format: If true, will additionally export - FirebaseExportedModelInfo in a firebase.txt file. - type: boolean - XPSTfLiteFormat: - id: XPSTfLiteFormat - description: >- - LINT.IfChange A model format used for mobile and IoT devices. See - https://www.tensorflow.org/lite. - type: object - properties: {} - XPSEdgeTpuTfLiteFormat: - id: XPSEdgeTpuTfLiteFormat - description: >- - A model format used for [Edge TPU](https://cloud.google.com/edge-tpu/) - devices. - type: object - properties: {} - XPSTfSavedModelFormat: - id: XPSTfSavedModelFormat - description: A tensorflow model format in SavedModel format. - type: object - properties: {} - XPSDockerFormat: - id: XPSDockerFormat - description: >- - A model format used for Docker containers. Use the params field to - customize the container. The container is verified to work correctly on - ubuntu 16.04 operating system. - type: object - properties: - cpuArchitecture: - description: >- - Optional. Additional cpu information describing the requirements for - the to be exported model files. - type: string - enumDescriptions: - '' - '' - enum: - - CPU_ARCHITECTURE_UNSPECIFIED - - CPU_ARCHITECTURE_X86_64 - gpuArchitecture: - description: >- - Optional. Additional gpu information describing the requirements for - the to be exported model files. - type: string - enumDescriptions: - '' - '' - enum: - - GPU_ARCHITECTURE_UNSPECIFIED - - GPU_ARCHITECTURE_NVIDIA - XPSCoreMlFormat: - id: XPSCoreMlFormat - description: A model format used for iOS mobile devices. - type: object - properties: {} - XPSTfJsFormat: - id: XPSTfJsFormat - description: >- - A [TensorFlow.js](https://www.tensorflow.org/js) model that can be used - in the browser and in Node.js using JavaScript. - type: object - properties: {} - XPSImageModelArtifactSpec: - id: XPSImageModelArtifactSpec - description: >- - Stores the locations and related metadata of the model artifacts. - Populated for uCAIP requests only. - type: object - properties: - checkpointArtifact: - description: The Tensorflow checkpoint files. e.g. Used for resumable training. - $ref: '#/components/schemas/XPSModelArtifactItem' - servingArtifact: - description: >- - The default model binary file used for serving (e.g. online predict, - batch predict) via public Cloud AI Platform API. - $ref: '#/components/schemas/XPSModelArtifactItem' - exportArtifact: - description: The model binary files in different formats for model export. - type: array - items: - $ref: '#/components/schemas/XPSModelArtifactItem' - tfLiteMetadataGcsUri: - description: >- - Google Cloud Storage URI of Tensorflow Lite metadata - 'tflite_metadata.json'. - type: string - labelGcsUri: - description: >- - Google Cloud Storage URI of decoded labels file for model export - 'dict.txt'. - type: string - tfJsBinaryGcsPrefix: - description: >- - Google Cloud Storage URI prefix of Tensorflow JavaScript binary - files 'groupX-shardXofX.bin'. Deprecated. - type: string - XPSModelArtifactItem: - id: XPSModelArtifactItem - description: A single model artifact item. - type: object - properties: - artifactFormat: - description: The model artifact format. - type: string - enumDescriptions: - - Should not be used. - - >- - The Tensorflow checkpoints. See - https://www.tensorflow.org/guide/checkpoint. - - The Tensorflow SavedModel binary. - - >- - Model artifact in generic TensorFlow Lite (.tflite) format. See - https://www.tensorflow.org/lite. - - Used for [Edge TPU](https://cloud.google.com/edge-tpu/) devices. - - >- - A [TensorFlow.js](https://www.tensorflow.org/js) model that can be - used in the browser and in Node.js using JavaScript. - - >- - Used for iOS mobile devices in (.mlmodel) format. See - https://developer.apple.com/documentation/coreml - enum: - - ARTIFACT_FORMAT_UNSPECIFIED - - TF_CHECKPOINT - - TF_SAVED_MODEL - - TF_LITE - - EDGE_TPU_TF_LITE - - TF_JS - - CORE_ML - gcsUri: - description: The Google Cloud Storage URI that stores the model binary files. - type: string - XPSTextToSpeechTrainResponse: - id: XPSTextToSpeechTrainResponse - description: TextToSpeech train response - type: object - properties: {} - XPSVideoObjectTrackingTrainResponse: - id: XPSVideoObjectTrackingTrainResponse - type: object - properties: - exportModelSpec: - description: Populated for AutoML request only. - $ref: '#/components/schemas/XPSVideoExportModelSpec' - modelArtifactSpec: - description: '## The fields below are only populated under uCAIP request scope.' - $ref: '#/components/schemas/XPSVideoModelArtifactSpec' - trainCostNodeSeconds: - description: >- - The actual train cost of creating this model, expressed in node - seconds, i.e. 3,600 value in this field means 1 node hour. - type: string - format: int64 - XPSVideoExportModelSpec: - id: XPSVideoExportModelSpec - description: >- - Information of downloadable models that are pre-generated as part of - training flow and will be persisted in AutoMl backend. Upon receiving - ExportModel request from user, AutoMl backend can serve the - pre-generated models to user if exists (by copying the files from - internal path to user provided location), otherwise, AutoMl backend will - call xPS ExportModel API to generate the model on the fly with the - requesting format. - type: object - properties: - exportModelOutputConfig: - description: >- - Contains the model format and internal location of the model files - to be exported/downloaded. Use the Google Cloud Storage bucket name - which is provided via TrainRequest.gcs_bucket_name to store the - model files. - type: array - items: - $ref: '#/components/schemas/XPSExportModelOutputConfig' - XPSVideoModelArtifactSpec: - id: XPSVideoModelArtifactSpec - type: object - properties: - servingArtifact: - description: >- - The default model binary file used for serving (e.g. batch predict) - via public Cloud AI Platform API. - $ref: '#/components/schemas/XPSModelArtifactItem' - exportArtifact: - description: The model binary files in different formats for model export. - type: array - items: - $ref: '#/components/schemas/XPSModelArtifactItem' - XPSVideoClassificationTrainResponse: - id: XPSVideoClassificationTrainResponse - type: object - properties: - modelArtifactSpec: - description: '## The fields below are only populated under uCAIP request scope.' - $ref: '#/components/schemas/XPSVideoModelArtifactSpec' - trainCostNodeSeconds: - description: >- - The actual train cost of creating this model, expressed in node - seconds, i.e. 3,600 value in this field means 1 node hour. - type: string - format: int64 - XPSVideoActionRecognitionTrainResponse: - id: XPSVideoActionRecognitionTrainResponse - type: object - properties: - modelArtifactSpec: - description: '## The fields below are only populated under uCAIP request scope.' - $ref: '#/components/schemas/XPSVideoModelArtifactSpec' - trainCostNodeSeconds: - description: >- - The actual train cost of creating this model, expressed in node - seconds, i.e. 3,600 value in this field means 1 node hour. - type: string - format: int64 - XPSImageClassificationTrainResponse: - id: XPSImageClassificationTrainResponse - type: object - properties: - trainCostInNodeTime: - description: >- - The actual cost to create this model. - For edge type model, the - cost is expressed in node hour. - For cloud type model,the cost is - expressed in compute hour. - Populated for models created before GA. - To be deprecated after GA. - type: string - format: google-duration - trainCostNodeSeconds: - description: >- - The actual training cost, expressed in node seconds. Populated for - models trained in node time. - type: string - format: int64 - stopReason: - description: >- - Stop reason for training job, e.g. 'TRAIN_BUDGET_REACHED', - 'MODEL_CONVERGED', 'MODEL_EARLY_STOPPED'. - type: string - enumDescriptions: - '' - '' - - Model fully converged, can not be resumbed training. - - >- - Model early converged, can be further trained till full - convergency. - enum: - - TRAIN_STOP_REASON_UNSPECIFIED - - TRAIN_STOP_REASON_BUDGET_REACHED - - TRAIN_STOP_REASON_MODEL_CONVERGED - - TRAIN_STOP_REASON_MODEL_EARLY_STOPPED - exportModelSpec: - description: >- - Information of downloadable models that are pre-generated as part of - training flow and will be persisted in AutoMl backend. Populated for - AutoMl requests. - $ref: '#/components/schemas/XPSImageExportModelSpec' - modelServingSpec: - $ref: '#/components/schemas/XPSImageModelServingSpec' - modelArtifactSpec: - description: '## The fields below are only populated under uCAIP request scope.' - $ref: '#/components/schemas/XPSImageModelArtifactSpec' - classCount: - description: Total number of classes. - type: string - format: int64 - XPSTranslationTrainResponse: - id: XPSTranslationTrainResponse - description: Train response for translation. - type: object - properties: - modelType: - description: Type of the model. - type: string - enumDescriptions: - - Default - - Legacy model. Will be deprecated. - - Current model. - enum: - - MODEL_TYPE_UNSPECIFIED - - LEGACY - - CURRENT - XPSImageSegmentationTrainResponse: - id: XPSImageSegmentationTrainResponse - type: object - properties: - modelServingSpec: - $ref: '#/components/schemas/XPSImageModelServingSpec' - exportModelSpec: - description: 'NOTE: These fields are not used/needed in EAP but will be set later.' - $ref: '#/components/schemas/XPSImageExportModelSpec' - trainCostNodeSeconds: - description: >- - The actual train cost of creating this model, expressed in node - seconds, i.e. 3,600 value in this field means 1 node hour. - type: string - format: int64 - stopReason: - description: >- - Stop reason for training job, e.g. 'TRAIN_BUDGET_REACHED', - 'MODEL_CONVERGED'. - type: string - enumDescriptions: - '' - '' - - Model fully converged, can not be resumbed training. - - >- - Model early converged, can be further trained till full - convergency. - enum: - - TRAIN_STOP_REASON_UNSPECIFIED - - TRAIN_STOP_REASON_BUDGET_REACHED - - TRAIN_STOP_REASON_MODEL_CONVERGED - - TRAIN_STOP_REASON_MODEL_EARLY_STOPPED - modelArtifactSpec: - description: >- - ## The fields below are only populated under uCAIP request scope. - Model artifact spec stores and model gcs pathes and related metadata - $ref: '#/components/schemas/XPSImageModelArtifactSpec' - colorMaps: - description: Color map of the model. - type: array - items: - $ref: '#/components/schemas/XPSColorMap' - XPSColorMap: - id: XPSColorMap - description: >- - Map from color to display name. Will only be used by Image Segmentation - for uCAIP. - type: object - properties: - color: - description: >- - This type is deprecated in favor of the IntColor below. This is - because google.type.Color represent color has a float which - semantically does not reflect discrete classes/categories concept. - Moreover, to handle it well we need to have some tolerance when - converting to a discretized color. As such, the recommendation is to - have API surface still use google.type.Color while internally - IntColor is used. - deprecated: true - $ref: '#/components/schemas/Color' - intColor: - $ref: '#/components/schemas/XPSColorMapIntColor' - displayName: - description: Should be used during preprocessing. - type: string - annotationSpecIdToken: - description: Should be used during training. - type: string - Color: - id: Color - description: >- - Represents a color in the RGBA color space. This representation is - designed for simplicity of conversion to and from color representations - in various languages over compactness. For example, the fields of this - representation can be trivially provided to the constructor of - `java.awt.Color` in Java; it can also be trivially provided to UIColor's - `+colorWithRed:green:blue:alpha` method in iOS; and, with just a little - work, it can be easily formatted into a CSS `rgba()` string in - JavaScript. This reference page doesn't have information about the - absolute color space that should be used to interpret the RGB value—for - example, sRGB, Adobe RGB, DCI-P3, and BT.2020. By default, applications - should assume the sRGB color space. When color equality needs to be - decided, implementations, unless documented otherwise, treat two colors - as equal if all their red, green, blue, and alpha values each differ by - at most `1e-5`. Example (Java): import com.google.type.Color; // ... - public static java.awt.Color fromProto(Color protocolor) { float alpha = - protocolor.hasAlpha() ? protocolor.getAlpha().getValue() : 1.0; return - new java.awt.Color( protocolor.getRed(), protocolor.getGreen(), - protocolor.getBlue(), alpha); } public static Color - toProto(java.awt.Color color) { float red = (float) color.getRed(); - float green = (float) color.getGreen(); float blue = (float) - color.getBlue(); float denominator = 255.0; Color.Builder resultBuilder - = Color .newBuilder() .setRed(red / denominator) .setGreen(green / - denominator) .setBlue(blue / denominator); int alpha = color.getAlpha(); - if (alpha != 255) { result.setAlpha( FloatValue .newBuilder() - .setValue(((float) alpha) / denominator) .build()); } return - resultBuilder.build(); } // ... Example (iOS / Obj-C): // ... static - UIColor* fromProto(Color* protocolor) { float red = [protocolor red]; - float green = [protocolor green]; float blue = [protocolor blue]; - FloatValue* alpha_wrapper = [protocolor alpha]; float alpha = 1.0; if - (alpha_wrapper != nil) { alpha = [alpha_wrapper value]; } return - [UIColor colorWithRed:red green:green blue:blue alpha:alpha]; } static - Color* toProto(UIColor* color) { CGFloat red, green, blue, alpha; if - (![color getRed:&red green:&green blue:&blue alpha:&alpha]) { return - nil; } Color* result = [[Color alloc] init]; [result setRed:red]; - [result setGreen:green]; [result setBlue:blue]; if (alpha <= 0.9999) { - [result setAlpha:floatWrapperWithValue(alpha)]; } [result autorelease]; - return result; } // ... Example (JavaScript): // ... var protoToCssColor - = function(rgb_color) { var redFrac = rgb_color.red || 0.0; var - greenFrac = rgb_color.green || 0.0; var blueFrac = rgb_color.blue || - 0.0; var red = Math.floor(redFrac * 255); var green = - Math.floor(greenFrac * 255); var blue = Math.floor(blueFrac * 255); if - (!('alpha' in rgb_color)) { return rgbToCssColor(red, green, blue); } - var alphaFrac = rgb_color.alpha.value || 0.0; var rgbParams = [red, - green, blue].join(','); return ['rgba(', rgbParams, ',', alphaFrac, - ')'].join(''); }; var rgbToCssColor = function(red, green, blue) { var - rgbNumber = new Number((red << 16) | (green << 8) | blue); var hexString - = rgbNumber.toString(16); var missingZeros = 6 - hexString.length; var - resultBuilder = ['#']; for (var i = 0; i < missingZeros; i++) { - resultBuilder.push('0'); } resultBuilder.push(hexString); return - resultBuilder.join(''); }; // ... - type: object - properties: - red: - description: The amount of red in the color as a value in the interval [0, 1]. - type: number - format: float - green: - description: The amount of green in the color as a value in the interval [0, 1]. - type: number - format: float - blue: - description: The amount of blue in the color as a value in the interval [0, 1]. - type: number - format: float - alpha: - description: >- - The fraction of this color that should be applied to the pixel. That - is, the final pixel color is defined by the equation: `pixel color = - alpha * (this color) + (1.0 - alpha) * (background color)` This - means that a value of 1.0 corresponds to a solid color, whereas a - value of 0.0 corresponds to a completely transparent color. This - uses a wrapper message rather than a simple float scalar so that it - is possible to distinguish between a default value and the value - being unset. If omitted, this color object is rendered as a solid - color (as if the alpha value had been explicitly given a value of - 1.0). - type: number - format: float - XPSColorMapIntColor: - id: XPSColorMapIntColor - description: RGB color and each channel is represented by an integer. - type: object - properties: - red: - description: The value should be in range of [0, 255]. - type: integer - format: int32 - green: - description: The value should be in range of [0, 255]. - type: integer - format: int32 - blue: - description: The value should be in range of [0, 255]. - type: integer - format: int32 - XPSTextTrainResponse: - id: XPSTextTrainResponse - type: object - properties: - componentModel: - description: Component submodels. - type: array - items: - $ref: '#/components/schemas/XPSTextComponentModel' - XPSTextComponentModel: - id: XPSTextComponentModel - description: Component model. - type: object - properties: - submodelName: - description: The name of the trained NL submodel. - type: string - submodelType: - description: The type of trained NL submodel - type: string - enumDescriptions: - '' - '' - '' @@ -2191,903 +877,951 @@ components: - '' - '' - '' - - Model type for entity extraction. - - Model type for relationship extraction. - - >- - A composite model represents a set of component models that have - to be used together for prediction. A composite model appears to - be a single model to the model user. It may contain only one - component model. - - >- - Model type used to train default, MA, and ATC models in a single - batch worker pipeline. - - >- - BERT pipeline needs a specific model type, since it uses a - different TFX configuration compared with DEFAULT (despite sharing - most of the code). - - Model type for EncPaLM. - enum: - - TEXT_MODEL_TYPE_UNSPECIFIED - - TEXT_MODEL_TYPE_DEFAULT - - TEXT_MODEL_TYPE_META_ARCHITECT - - TEXT_MODEL_TYPE_ATC - - TEXT_MODEL_TYPE_CLARA2 - - TEXT_MODEL_TYPE_CHATBASE - - TEXT_MODEL_TYPE_SAFT_SPAN_LABELING - - TEXT_MODEL_TYPE_TEXT_EXTRACTION - - TEXT_MODEL_TYPE_RELATIONSHIP_EXTRACTION - - TEXT_MODEL_TYPE_COMPOSITE - - TEXT_MODEL_TYPE_ALL_MODELS - - TEXT_MODEL_TYPE_BERT - - TEXT_MODEL_TYPE_ENC_PALM - servoModelName: - description: >- - The name of servo model. Populated by uCAIP BE as part of online - PredictRequest. - type: string - versionNumber: - description: >- - The servomatic model version number. Populated by uCAIP BE as part - of online PredictRequest. - type: string - format: int64 - partition: - description: >- - The partition where the model is deployed. Populated by uCAIP BE as - part of online PredictRequest. - type: string - enumDescriptions: - '' - - The default partition. - - >- - It has significantly lower replication than partition-0 and is - located in the US only. It also has a larger model size limit and - higher default RAM quota than partition-0. Customers with batch - traffic, US-based traffic, or very large models should use this - partition. Capacity in this partition is significantly cheaper - than partition-0. - - To be used by customers with Jellyfish-accelerated ops. - - The partition used by regionalized servomatic cloud regions. - - The partition used for loading models from custom storage. - enum: - - PARTITION_TYPE_UNSPECIFIED - - PARTITION_ZERO - - PARTITION_REDUCED_HOMING - - PARTITION_JELLYFISH - - PARTITION_CPU - - PARTITION_CUSTOM_STORAGE_CPU - onlinePredictionModelGcsUri: - description: The Cloud Storage resource path to hold online prediction model. - type: string - batchPredictionModelGcsUri: - description: The Cloud Storage resource path to hold batch prediction model. - type: string - servingArtifact: - description: >- - The default model binary file used for serving (e.g. online predict, - batch predict) via public Cloud Ai Platform API. - $ref: '#/components/schemas/XPSModelArtifactItem' - tfRuntimeVersion: - description: >- - ## The fields below are only populated under uCAIP request scope. - https://cloud.google.com/ml-engine/docs/runtime-version-list - type: string - XPSEvaluationMetricsSet: - id: XPSEvaluationMetricsSet - description: Specifies location of model evaluation metrics. - type: object - properties: - evaluationMetrics: - description: >- - Inline EvaluationMetrics - should be relatively small. For passing - large quantities of exhaustive metrics, use file_spec. - type: array - items: - $ref: '#/components/schemas/XPSEvaluationMetrics' - fileSpec: - description: >- - File spec containing evaluation metrics of a model, must point to - RecordIO file(s) of intelligence.cloud.automl.xps.EvaluationMetrics - messages. - $ref: '#/components/schemas/XPSFileSpec' - numEvaluationMetrics: - description: >- - Number of the evaluation metrics (usually one per label plus - overall). - type: string - format: int64 - XPSEvaluationMetrics: - id: XPSEvaluationMetrics - description: >- - Contains xPS-specific model evaluation metrics either for a single - annotation spec (label), or for the model overall. Next tag: 18. - type: object - properties: - annotationSpecIdToken: - description: >- - The annotation_spec for which this evaluation metrics instance had - been created. Empty iff this is an overall model evaluation (like - Tables evaluation metrics), i.e. aggregated across all labels. The - value comes from the input annotations in AnnotatedExample. For MVP - product or for text sentiment models where annotation_spec_id_token - is not available, set label instead. - type: string - label: - description: >- - The label for which this evaluation metrics instance had been - created. Empty iff this is an overall model evaluation (like Tables - evaluation metrics), i.e. aggregated across all labels. The label - maps to AnnotationSpec.display_name in Public API protos. Only used - by MVP implementation and text sentiment FULL implementation. - type: string - category: - description: >- - The integer category label for which this evaluation metric instance - had been created. Valid categories are 0 or higher. Overall model - evaluation should set this to negative values (rather than implicit - zero). Only used for Image Segmentation (prefer to set - annotation_spec_id_token instead). Note: uCAIP Image Segmentation - should use annotation_spec_id_token. - type: integer - format: int32 - evaluatedExampleCount: - description: >- - The number of examples used to create this evaluation metrics - instance. - type: integer - format: int32 - videoClassificationEvalMetrics: - $ref: '#/components/schemas/XPSClassificationEvaluationMetrics' - imageObjectDetectionEvalMetrics: - $ref: '#/components/schemas/XPSImageObjectDetectionEvaluationMetrics' - textExtractionEvalMetrics: - $ref: '#/components/schemas/XPSTextExtractionEvaluationMetrics' - videoObjectTrackingEvalMetrics: - $ref: '#/components/schemas/XPSVideoObjectTrackingEvaluationMetrics' - tablesEvalMetrics: - $ref: '#/components/schemas/XPSTablesEvaluationMetrics' - tablesClassificationEvalMetrics: - $ref: '#/components/schemas/XPSClassificationEvaluationMetrics' - regressionEvalMetrics: - $ref: '#/components/schemas/XPSRegressionEvaluationMetrics' - textClassificationEvalMetrics: - $ref: '#/components/schemas/XPSClassificationEvaluationMetrics' - videoActionRecognitionEvalMetrics: - $ref: '#/components/schemas/XPSVideoActionRecognitionEvaluationMetrics' - translationEvalMetrics: - $ref: '#/components/schemas/XPSTranslationEvaluationMetrics' - imageClassificationEvalMetrics: - $ref: '#/components/schemas/XPSClassificationEvaluationMetrics' - imageSegmentationEvalMetrics: - $ref: '#/components/schemas/XPSImageSegmentationEvaluationMetrics' - textSentimentEvalMetrics: - $ref: '#/components/schemas/XPSTextSentimentEvaluationMetrics' - XPSClassificationEvaluationMetrics: - id: XPSClassificationEvaluationMetrics - description: >- - Model evaluation metrics for classification problems. It can be used for - image and video classification. Next tag: 9. + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + description: Required. Machine spec, e.g. N1_STANDARD_4. + cpuType: + enum: + - UNKNOWN_CPU_TYPE + - A2 + - A3 + - A4 + - A4X + - C2 + - C2D + - CUSTOM + - E2 + - G2 + - G4 + - C3 + - C4 + - M2 + - M1 + - N1 + - N2_CUSTOM + - N2 + - N2D + type: string + description: Required. Type of cpu, e.g. N2. + enumDescriptions: + - '' + - GPU-based machine, skip quota reporting. + - GPU-based machine, skip quota reporting. + - GPU-based machine, skip quota reporting. + - GPU-based machine, skip quota reporting. + - COMPUTE_OPTIMIZED + - '' + - '' + - '' + - GPU-based machine, skip quota reporting. + - GPU-based machine, skip quota reporting. + - '' + - '' + - MEMORY_OPTIMIZED_UPGRADE_PREMIUM + - MEMORY_OPTIMIZED + - '' + - '' + - '' + - '' + XPSTablesModelStructureModelParameters: + properties: + hyperparameters: + items: + $ref: >- + #/components/schemas/XPSTablesModelStructureModelParametersParameter + type: array + description: Model hyper-parameters for a model. + id: XPSTablesModelStructureModelParameters type: object + XPSImageObjectDetectionModelSpec: properties: - auPrc: - description: The Area under precision recall curve metric. - type: number - format: float - baseAuPrc: - description: The Area under precision recall curve metric based on priors. - type: number - format: float - auRoc: + classCount: + description: Total number of classes. + type: string + format: int64 + trainCostNodeSeconds: + type: string description: >- - The Area Under Receiver Operating Characteristic curve metric. - Micro-averaged for the overall evaluation. - type: number - format: float - logLoss: - description: The Log Loss metric. - type: number - format: float - evaluatedExamplesCount: - description: The number of examples used for model evaluation. - type: integer - format: int32 - confidenceMetricsEntries: - description: >- - Metrics that have confidence thresholds. Precision-recall curve can - be derived from it. - type: array - items: - $ref: '#/components/schemas/XPSConfidenceMetricsEntry' - confusionMatrix: - description: >- - Confusion matrix of the evaluation. Only set for MULTICLASS - classification problems where number of annotation specs is no more - than 10. Only set for model level evaluation, not for evaluation per - label. - $ref: '#/components/schemas/XPSConfusionMatrix' - XPSConfidenceMetricsEntry: - id: XPSConfidenceMetricsEntry - description: >- - ConfidenceMetricsEntry includes generic precision, recall, f1 score etc. - Next tag: 16. - type: object - properties: - confidenceThreshold: - description: >- - Metrics are computed with an assumption that the model never return - predictions with score lower than this value. - type: number - format: float - positionThreshold: - description: >- - Metrics are computed with an assumption that the model always - returns at most this many predictions (ordered by their score, - descendingly), but they all still need to meet the - confidence_threshold. - type: integer - format: int32 - recall: - description: Recall (true positive rate) for the given confidence threshold. - type: number - format: float - precision: - description: Precision for the given confidence threshold. - type: number - format: float - falsePositiveRate: - description: False Positive Rate for the given confidence threshold. - type: number - format: float - f1Score: - description: The harmonic mean of recall and precision. - type: number - format: float - recallAt1: - description: >- - The recall (true positive rate) when only considering the label that - has the highest prediction score and not below the confidence - threshold for each example. - type: number - format: float - precisionAt1: - description: >- - The precision when only considering the label that has the highest - prediction score and not below the confidence threshold for each - example. - type: number - format: float - falsePositiveRateAt1: - description: >- - The False Positive Rate when only considering the label that has the - highest prediction score and not below the confidence threshold for - each example. - type: number - format: float - f1ScoreAt1: - description: The harmonic mean of recall_at1 and precision_at1. - type: number - format: float - truePositiveCount: - description: The number of model created labels that match a ground truth label. - type: string + The actual train cost of creating this model, expressed in node + seconds, i.e. 3,600 value in this field means 1 node hour. format: int64 - falsePositiveCount: + stopReason: description: >- - The number of model created labels that do not match a ground truth - label. + Stop reason for training job, e.g. 'TRAIN_BUDGET_REACHED', + 'MODEL_CONVERGED'. + enumDescriptions: + - '' + - '' + - Model fully converged, can not be resumbed training. + - >- + Model early converged, can be further trained till full + convergency. + enum: + - TRAIN_STOP_REASON_UNSPECIFIED + - TRAIN_STOP_REASON_BUDGET_REACHED + - TRAIN_STOP_REASON_MODEL_CONVERGED + - TRAIN_STOP_REASON_MODEL_EARLY_STOPPED type: string - format: int64 - falseNegativeCount: - description: >- - The number of ground truth labels that are not matched by a model - created label. + exportModelSpec: + $ref: '#/components/schemas/XPSImageExportModelSpec' + maxBoundingBoxCount: type: string + description: Max number of bounding box. format: int64 - trueNegativeCount: + modelArtifactSpec: + $ref: '#/components/schemas/XPSImageModelArtifactSpec' + description: '## The fields below are only populated under uCAIP request scope.' + modelServingSpec: + $ref: '#/components/schemas/XPSImageModelServingSpec' + id: XPSImageObjectDetectionModelSpec + type: object + XPSTablesPreprocessResponse: + properties: + tablesDatasetMetadata: description: >- - The number of labels that were not created by the model, but if they - would, they would not match a ground truth label. - type: string - format: int64 - XPSConfusionMatrix: - id: XPSConfusionMatrix - description: Confusion matrix of the model running the classification. + The table/column id, column_name and the DataTypes of the columns + will be populated. + $ref: '#/components/schemas/XPSTablesDatasetMetadata' + id: XPSTablesPreprocessResponse type: object + XPSEvaluationMetrics: + description: >- + Contains xPS-specific model evaluation metrics either for a single + annotation spec (label), or for the model overall. Next tag: 18. properties: + textClassificationEvalMetrics: + $ref: '#/components/schemas/XPSClassificationEvaluationMetrics' + regressionEvalMetrics: + $ref: '#/components/schemas/XPSRegressionEvaluationMetrics' + textSentimentEvalMetrics: + $ref: '#/components/schemas/XPSTextSentimentEvaluationMetrics' annotationSpecIdToken: + type: string description: >- - For the following three repeated fields, only one is intended to be - set. annotation_spec_id_token is preferable to be set. ID tokens of - the annotation specs used in the confusion matrix. - type: array - items: - type: string - sentimentLabel: + The annotation_spec for which this evaluation metrics instance had + been created. Empty iff this is an overall model evaluation (like + Tables evaluation metrics), i.e. aggregated across all labels. The + value comes from the input annotations in AnnotatedExample. For MVP + product or for text sentiment models where annotation_spec_id_token + is not available, set label instead. + evaluatedExampleCount: description: >- - Sentiment labels used in the confusion matrix. Set only for text - sentiment models. For AutoML Text Revamp, use - `annotation_spec_id_token` instead and leave this field empty. - type: array - items: - type: integer - format: int32 + The number of examples used to create this evaluation metrics + instance. + format: int32 + type: integer + videoActionRecognitionEvalMetrics: + $ref: '#/components/schemas/XPSVideoActionRecognitionEvaluationMetrics' + translationEvalMetrics: + $ref: '#/components/schemas/XPSTranslationEvaluationMetrics' + textExtractionEvalMetrics: + $ref: '#/components/schemas/XPSTextExtractionEvaluationMetrics' + videoObjectTrackingEvalMetrics: + $ref: '#/components/schemas/XPSVideoObjectTrackingEvaluationMetrics' category: + format: int32 description: >- - Category (mainly for segmentation). Set only for image segmentation - models. Note: uCAIP Image Segmentation should use - annotation_spec_id_token. - type: array - items: - type: integer - format: int32 - row: + The integer category label for which this evaluation metric instance + had been created. Valid categories are 0 or higher. Overall model + evaluation should set this to negative values (rather than implicit + zero). Only used for Image Segmentation (prefer to set + annotation_spec_id_token instead). Note: uCAIP Image Segmentation + should use annotation_spec_id_token. + type: integer + imageSegmentationEvalMetrics: + $ref: '#/components/schemas/XPSImageSegmentationEvaluationMetrics' + tablesEvalMetrics: + $ref: '#/components/schemas/XPSTablesEvaluationMetrics' + imageObjectDetectionEvalMetrics: + $ref: '#/components/schemas/XPSImageObjectDetectionEvaluationMetrics' + imageClassificationEvalMetrics: + $ref: '#/components/schemas/XPSClassificationEvaluationMetrics' + tablesClassificationEvalMetrics: + $ref: '#/components/schemas/XPSClassificationEvaluationMetrics' + label: description: >- - Rows in the confusion matrix. The number of rows is equal to the - size of `annotation_spec_id_token`. `row[i].value[j]` is the number - of examples that have ground truth of the - `annotation_spec_id_token[i]` and are predicted as - `annotation_spec_id_token[j]` by the model being evaluated. - type: array - items: - $ref: '#/components/schemas/XPSConfusionMatrixRow' - XPSConfusionMatrixRow: - id: XPSConfusionMatrixRow - description: A row in the confusion matrix. + The label for which this evaluation metrics instance had been + created. Empty iff this is an overall model evaluation (like Tables + evaluation metrics), i.e. aggregated across all labels. The label + maps to AnnotationSpec.display_name in Public API protos. Only used + by MVP implementation and text sentiment FULL implementation. + type: string + videoClassificationEvalMetrics: + $ref: '#/components/schemas/XPSClassificationEvaluationMetrics' + id: XPSEvaluationMetrics type: object - properties: - exampleCount: - description: >- - Value of the specific cell in the confusion matrix. The number of - values each row has (i.e. the length of the row) is equal to the - length of the annotation_spec_id_token field. - type: array - items: - type: integer - format: int32 - count: - description: >- - Same as above except intended to represent other counts (for e.g. - for segmentation this is pixel count). NOTE(params): Only - example_count or count is set (oneoff does not support repeated - fields unless they are embedded inside another message). - type: array - items: - type: string - format: int64 - XPSImageObjectDetectionEvaluationMetrics: - id: XPSImageObjectDetectionEvaluationMetrics - description: >- - Model evaluation metrics for image object detection problems. Evaluates - prediction quality of labeled bounding boxes. + XPSSpeechEvaluationMetricsSubModelEvaluationMetric: type: object + id: XPSSpeechEvaluationMetricsSubModelEvaluationMetric properties: - evaluatedBoundingBoxCount: - description: >- - The total number of bounding boxes (i.e. summed over all images) the - ground truth used to create this evaluation had. + numSubstitutions: type: integer format: int32 - boundingBoxMetricsEntries: - description: >- - The bounding boxes match metrics for each Intersection-over-union - threshold 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 and each label - confidence threshold 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 pair. - type: array - items: - $ref: '#/components/schemas/XPSBoundingBoxMetricsEntry' - boundingBoxMeanAveragePrecision: - description: >- - The single metric for bounding boxes evaluation: the - mean_average_precision averaged over all - bounding_box_metrics_entries. - type: number - format: float - XPSBoundingBoxMetricsEntry: - id: XPSBoundingBoxMetricsEntry - description: >- - Bounding box matching model metrics for a single intersection-over-union - threshold and multiple label match confidence thresholds. - type: object - properties: - iouThreshold: - description: >- - The intersection-over-union threshold value used to compute this - metrics entry. - type: number - format: float - meanAveragePrecision: - description: The mean average precision. - type: number - format: float - confidenceMetricsEntries: + numInsertions: + format: int32 + type: integer + isEnhancedModel: description: >- - Metrics for each label-match confidence_threshold from - 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99. - type: array - items: - $ref: >- - #/components/schemas/XPSBoundingBoxMetricsEntryConfidenceMetricsEntry - XPSBoundingBoxMetricsEntryConfidenceMetricsEntry: - id: XPSBoundingBoxMetricsEntryConfidenceMetricsEntry - description: Metrics for a single confidence threshold. - type: object - properties: - confidenceThreshold: - description: The confidence threshold value used to compute the metrics. - type: number - format: float - recall: - description: Recall for the given confidence threshold. - type: number - format: float - precision: - description: Precision for the given confidence threshold. + If true then it means we have an enhanced version of the biasing + models. + type: boolean + wer: + description: Word error rate (standard error metric used for speech recognition). type: number - format: float - f1Score: - description: The harmonic mean of recall and precision. + format: double + sentenceAccuracy: + description: Below fields are used for debugging purposes + format: double type: number - format: float - XPSTextExtractionEvaluationMetrics: - id: XPSTextExtractionEvaluationMetrics - type: object - properties: - confidenceMetricsEntries: - description: >- - If the enclosing EvaluationMetrics.label is empty, - confidence_metrics_entries is an evaluation of the entire model - across all labels. If the enclosing EvaluationMetrics.label is set, - confidence_metrics_entries applies to that label. - type: array - items: - $ref: '#/components/schemas/XPSConfidenceMetricsEntry' - bestF1ConfidenceMetrics: - description: >- - Values are at the highest F1 score on the precision-recall curve. - Only confidence_threshold, recall, precision, and f1_score will be - set. - deprecated: true - $ref: '#/components/schemas/XPSConfidenceMetricsEntry' - perLabelConfidenceMetrics: - description: Only recall, precision, and f1_score will be set. - deprecated: true - type: object - additionalProperties: - $ref: '#/components/schemas/XPSConfidenceMetricsEntry' - confusionMatrix: - description: >- - Confusion matrix of the model, at the default confidence threshold - (0.0). Only set for whole-model evaluation, not for evaluation per - label. - $ref: '#/components/schemas/XPSConfusionMatrix' - XPSVideoObjectTrackingEvaluationMetrics: - id: XPSVideoObjectTrackingEvaluationMetrics - description: 'Model evaluation metrics for ObjectTracking problems. Next tag: 10.' - type: object - properties: - evaluatedFrameCount: - description: The number of video frames used for model evaluation. - type: integer + numWords: format: int32 - evaluatedBoundingboxCount: - description: The number of bounding boxes used for model evaluation. type: integer + description: Number of words over which the word error rate was computed. + numDeletions: format: int32 - evaluatedTrackCount: - description: The number of tracks used for model evaluation. type: integer + numUtterances: format: int32 - boundingBoxMetricsEntries: - description: >- - Output only. The bounding boxes match metrics for each - Intersection-over-union threshold - 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99. - type: array + description: Number of utterances used in the wer computation. + type: integer + biasingModelType: + description: Type of the biasing model. + type: string + enum: + - BIASING_MODEL_TYPE_UNSPECIFIED + - COMMAND_AND_SEARCH + - PHONE_CALL + - VIDEO + - DEFAULT + enumDescriptions: + - '' + - Build biasing model on top of COMMAND_AND_SEARCH model + - Build biasing model on top of PHONE_CALL model + - Build biasing model on top of VIDEO model + - Build biasing model on top of DEFAULT model + XPSCoreMlFormat: + type: object + properties: {} + id: XPSCoreMlFormat + description: A model format used for iOS mobile devices. + XPSFloat64Stats: + properties: + histogramBuckets: items: - $ref: '#/components/schemas/XPSBoundingBoxMetricsEntry' - trackMetricsEntries: + $ref: '#/components/schemas/XPSFloat64StatsHistogramBucket' description: >- - Output only. The tracks match metrics for each - Intersection-over-union threshold - 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99. + Histogram buckets of the data series. Sorted by the min value of the + bucket, ascendingly, and the number of the buckets is dynamically + generated. The buckets are non-overlapping and completely cover + whole FLOAT64 range with min of first bucket being `"-Infinity"`, + and max of the last one being `"Infinity"`. type: array - items: - $ref: '#/components/schemas/XPSTrackMetricsEntry' - boundingBoxMeanAveragePrecision: - description: >- - Output only. The single metric for bounding boxes evaluation: the - mean_average_precision averaged over all - bounding_box_metrics_entries. - type: number - format: float - trackMeanAveragePrecision: - description: >- - Output only. The single metric for tracks accuracy evaluation: the - mean_average_precision averaged over all track_metrics_entries. - type: number - format: float - trackMeanBoundingBoxIou: - description: >- - Output only. The single metric for tracks bounding box iou - evaluation: the mean_bounding_box_iou averaged over all - track_metrics_entries. + commonStats: + $ref: '#/components/schemas/XPSCommonStats' + standardDeviation: + description: The standard deviation of the series. type: number - format: float - trackMeanMismatchRate: + format: double + quantiles: description: >- - Output only. The single metric for tracking consistency evaluation: - the mean_mismatch_rate averaged over all track_metrics_entries. + Ordered from 0 to k k-quantile values of the data series of n + values. The value at index i is, approximately, the i*n/k-th + smallest value in the series; for i = 0 and i = k these are, + respectively, the min and max values. + items: + type: number + format: double + type: array + mean: + format: double + description: The mean of the series. type: number - format: float - XPSTrackMetricsEntry: - id: XPSTrackMetricsEntry - description: >- - Track matching model metrics for a single track match threshold and - multiple label match confidence thresholds. Next tag: 6. type: object - properties: - iouThreshold: - description: >- - Output only. The intersection-over-union threshold value between - bounding boxes across frames used to compute this metric entry. - type: number - format: float - meanTrackingAveragePrecision: - description: >- - Output only. The mean average precision over all confidence - thresholds. - type: number - format: float - meanBoundingBoxIou: - description: >- - Output only. The mean bounding box iou over all confidence - thresholds. - type: number - format: float - meanMismatchRate: - description: Output only. The mean mismatch rate over all confidence thresholds. - type: number - format: float - confidenceMetricsEntries: - description: >- - Output only. Metrics for each label-match confidence_threshold from - 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99. Precision-recall curve is - derived from them. - type: array - items: - $ref: '#/components/schemas/XPSTrackMetricsEntryConfidenceMetricsEntry' - XPSTrackMetricsEntryConfidenceMetricsEntry: - id: XPSTrackMetricsEntryConfidenceMetricsEntry - description: 'Metrics for a single confidence threshold. Next tag: 6.' + id: XPSFloat64Stats + description: The data statistics of a series of FLOAT64 values. + AnnotateTextRequest: + id: AnnotateTextRequest + description: >- + The request message for the text annotation API, which can perform + multiple analysis types in one call. type: object properties: - confidenceThreshold: - description: >- - Output only. The confidence threshold value used to compute the - metrics. - type: number - format: float - trackingPrecision: - description: Output only. Tracking precision. - type: number - format: float - trackingRecall: - description: Output only. Tracking recall. - type: number - format: float - boundingBoxIou: - description: >- - Output only. Bounding box intersection-over-union precision. - Measures how well the bounding boxes overlap between each other - (e.g. complete overlap or just barely above iou_threshold). - type: number - format: float - mismatchRate: - description: >- - Output only. Mismatch rate, which measures the tracking consistency, - i.e. correctness of instance ID continuity. - type: number - format: float - XPSTablesEvaluationMetrics: - id: XPSTablesEvaluationMetrics - type: object + document: + description: Required. Input document. + $ref: '#/components/schemas/Document' + features: + $ref: '#/components/schemas/AnnotateTextRequestFeatures' + description: Required. The enabled features. + encodingType: + enumDescriptions: + - >- + If `EncodingType` is not specified, encoding-dependent information + (such as `begin_offset`) will be set at `-1`. + - >- + Encoding-dependent information (such as `begin_offset`) is + calculated based on the UTF-8 encoding of the input. C++ and Go + are examples of languages that use this encoding natively. + - >- + Encoding-dependent information (such as `begin_offset`) is + calculated based on the UTF-16 encoding of the input. Java and + JavaScript are examples of languages that use this encoding + natively. + - >- + Encoding-dependent information (such as `begin_offset`) is + calculated based on the UTF-32 encoding of the input. Python is an + example of a language that uses this encoding natively. + enum: + - NONE + - UTF8 + - UTF16 + - UTF32 + type: string + description: The encoding type used by the API to calculate offsets. + XPSDataStats: + id: XPSDataStats + description: The data statistics of a series of values that share the same DataType. properties: - classificationMetrics: - description: Classification metrics. - $ref: '#/components/schemas/XPSTablesClassificationMetrics' - regressionMetrics: - description: Regression metrics. - $ref: '#/components/schemas/XPSTablesRegressionMetrics' - XPSTablesClassificationMetrics: - id: XPSTablesClassificationMetrics - description: Metrics for Tables classification problems. + distinctValueCount: + format: int64 + type: string + description: The number of distinct values. + nullValueCount: + description: The number of values that are null. + type: string + format: int64 + categoryStats: + description: The statistics for CATEGORY DataType. + $ref: '#/components/schemas/XPSCategoryStats' + validValueCount: + description: The number of values that are valid. + type: string + format: int64 + arrayStats: + description: The statistics for ARRAY DataType. + $ref: '#/components/schemas/XPSArrayStats' + structStats: + $ref: '#/components/schemas/XPSStructStats' + description: The statistics for STRUCT DataType. + timestampStats: + description: The statistics for TIMESTAMP DataType. + $ref: '#/components/schemas/XPSTimestampStats' + stringStats: + $ref: '#/components/schemas/XPSStringStats' + description: The statistics for STRING DataType. + float64Stats: + description: The statistics for FLOAT64 DataType. + $ref: '#/components/schemas/XPSFloat64Stats' type: object + Entity: + description: >- + Represents a phrase in the text that is a known entity, such as a + person, an organization, or location. The API associates information, + such as probability and mentions, with entities. properties: - curveMetrics: - description: Metrics building a curve. + name: + type: string + description: The representative name for the entity. + mentions: type: array + description: >- + The mentions of this entity in the input document. The API currently + supports proper noun mentions. items: - $ref: '#/components/schemas/XPSTablesClassificationMetricsCurveMetrics' - XPSTablesClassificationMetricsCurveMetrics: - id: XPSTablesClassificationMetricsCurveMetrics - description: Metrics curve data point for a single value. + $ref: '#/components/schemas/EntityMention' + metadata: + description: >- + Metadata associated with the entity. For the metadata associated + with other entity types, see the Type table below. + additionalProperties: + type: string + type: object + sentiment: + description: >- + For calls to AnalyzeEntitySentiment this field will contain the + aggregate sentiment expressed for this entity in the provided + document. + $ref: '#/components/schemas/Sentiment' + type: + enumDescriptions: + - Unknown + - Person + - Location + - Organization + - Event + - Artwork + - Consumer product + - Other types of entities + - >- + Phone number The metadata lists the phone number, formatted + according to local convention, plus whichever additional elements + appear in the text: * `number` - the actual number, broken down + into sections as per local convention * `national_prefix` - + country code, if detected * `area_code` - region or area code, if + detected * `extension` - phone extension (to be dialed after + connection), if detected + - >- + Address The metadata identifies the street number and locality + plus whichever additional elements appear in the text: * + `street_number` - street number * `locality` - city or town * + `street_name` - street/route name, if detected * `postal_code` - + postal code, if detected * `country` - country, if detected * + `broad_region` - administrative area, such as the state, if + detected * `narrow_region` - smaller administrative area, such as + county, if detected * `sublocality` - used in Asian addresses to + demark a district within a city, if detected + - >- + Date The metadata identifies the components of the date: * `year` + - four digit year, if detected * `month` - two digit month number, + if detected * `day` - two digit day number, if detected + - Number The metadata is the number itself. + - Price The metadata identifies the `value` and `currency`. + type: string + description: The entity type. + enum: + - UNKNOWN + - PERSON + - LOCATION + - ORGANIZATION + - EVENT + - WORK_OF_ART + - CONSUMER_GOOD + - OTHER + - PHONE_NUMBER + - ADDRESS + - DATE + - NUMBER + - PRICE + type: object + id: Entity + ClassificationCategory: + description: Represents a category returned from the text classifier. type: object properties: - value: - description: >- - The CATEGORY row value (for ARRAY unnested) the curve metrics are - for. + name: type: string - positionThreshold: - description: The position threshold value used to compute the metrics. - type: integer - format: int32 - confidenceMetricsEntries: + description: The name of the category representing the document. + confidence: + format: float description: >- - Metrics that have confidence thresholds. Precision-recall curve and - ROC curve can be derived from them. - type: array - items: - $ref: '#/components/schemas/XPSTablesConfidenceMetricsEntry' - aucPr: - description: The area under the precision-recall curve. - type: number - format: double - aucRoc: - description: The area under receiver operating characteristic curve. + The classifier's confidence of the category. Number represents how + certain the classifier is that this category represents the given + text. type: number - format: double - logLoss: - description: The Log loss metric. + severity: type: number - format: double - XPSTablesConfidenceMetricsEntry: - id: XPSTablesConfidenceMetricsEntry - description: Metrics for a single confidence threshold. + format: float + description: >- + Optional. The classifier's severity of the category. This is only + present when the ModerateTextRequest.ModelVersion is set to + MODEL_VERSION_2, and the corresponding category has a severity + score. + id: ClassificationCategory + XPSBatchPredictResponse: type: object properties: - confidenceThreshold: - description: The confidence threshold value used to compute the metrics. - type: number - format: double - falsePositiveRate: - description: 'FPR = #false positives / (#false positives + #true negatives)' - type: number - format: double - truePositiveRate: - description: 'TPR = #true positives / (#true positives + #false negatvies)' - type: number + exampleSet: + description: >- + Examples for batch prediction result. Under full API implementation, + results are stored in shared RecordIO of AnnotatedExample protobufs, + the annotations field of which is populated by XPS backend. + $ref: '#/components/schemas/XPSExampleSet' + id: XPSBatchPredictResponse + XPSTranslationEvaluationMetrics: + id: XPSTranslationEvaluationMetrics + type: object + description: Evaluation metrics for the dataset. + properties: + bleuScore: format: double - recall: - description: 'Recall = #true positives / (#true positives + #false negatives).' type: number + description: BLEU score. + baseBleuScore: format: double - precision: - description: 'Precision = #true positives / (#true positives + #false positives).' type: number - format: double - f1Score: - description: >- - The harmonic mean of recall and precision. (2 * precision * recall) - / (precision + recall) - type: number - format: double - truePositiveCount: - description: True positive count. - type: string - format: int64 - falsePositiveCount: - description: False positive count. - type: string - format: int64 - trueNegativeCount: - description: True negative count. - type: string - format: int64 - falseNegativeCount: - description: False negative count. - type: string - format: int64 - XPSTablesRegressionMetrics: - id: XPSTablesRegressionMetrics - description: Metrics for Tables regression problems. + description: BLEU score for base model. + XPSArrayStats: + description: The data statistics of a series of ARRAY values. type: object + id: XPSArrayStats properties: - rootMeanSquaredError: - description: Root mean squared error. - type: number - format: double - meanAbsoluteError: - description: Mean absolute error. - type: number - format: double - meanAbsolutePercentageError: - description: >- - Mean absolute percentage error, only set if all of the target - column's values are positive. - type: number - format: double - rSquared: - description: R squared. - type: number - format: double - rootMeanSquaredLogError: - description: Root mean squared log error. - type: number - format: double - regressionMetricsEntries: + memberStats: + $ref: '#/components/schemas/XPSDataStats' description: >- - A list of actual versus predicted points for the model being - evaluated. - type: array - items: - $ref: '#/components/schemas/XPSRegressionMetricsEntry' - XPSRegressionMetricsEntry: - id: XPSRegressionMetricsEntry - description: A pair of actual & observed values for the model being evaluated. - type: object - properties: - trueValue: - description: The actual target value for a row in the dataset. - type: number - format: float - predictedValue: - description: The observed value for a row in the dataset. - type: number - format: float - XPSRegressionEvaluationMetrics: - id: XPSRegressionEvaluationMetrics - description: >- - Model evaluation metrics for regression problems. It can be used for - Tables. + Stats of all the values of all arrays, as if they were a single long + series of data. The type depends on the element type of the array. + commonStats: + $ref: '#/components/schemas/XPSCommonStats' + XPSVideoObjectTrackingEvaluationMetrics: + id: XPSVideoObjectTrackingEvaluationMetrics + description: 'Model evaluation metrics for ObjectTracking problems. Next tag: 10.' type: object properties: - rootMeanSquaredError: - description: Root Mean Squared Error (RMSE). - type: number - format: float - meanAbsoluteError: - description: Mean Absolute Error (MAE). - type: number - format: float - meanAbsolutePercentageError: - description: >- - Mean absolute percentage error. Only set if all ground truth values - are positive. - type: number - format: float - rSquared: - description: R squared. - type: number - format: float - rootMeanSquaredLogError: - description: Root mean squared log error. - type: number - format: float - regressionMetricsEntries: - description: >- - A list of actual versus predicted points for the model being - evaluated. + boundingBoxMetricsEntries: type: array items: - $ref: '#/components/schemas/XPSRegressionMetricsEntry' - XPSVideoActionRecognitionEvaluationMetrics: - id: XPSVideoActionRecognitionEvaluationMetrics - description: Model evaluation metrics for video action recognition. - type: object - properties: - evaluatedActionCount: - description: >- - Output only. The number of ground truth actions used to create this - evaluation. - type: integer - format: int32 - videoActionMetricsEntries: + $ref: '#/components/schemas/XPSBoundingBoxMetricsEntry' description: >- - Output only. The metric entries for precision window lengths: - 1s,2s,3s,4s, 5s. - type: array - items: - $ref: '#/components/schemas/XPSVideoActionMetricsEntry' - XPSVideoActionMetricsEntry: - id: XPSVideoActionMetricsEntry - description: The Evaluation metrics entry given a specific precision_window_length. - type: object - properties: - precisionWindowLength: + Output only. The bounding boxes match metrics for each + Intersection-over-union threshold + 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99. + trackMeanMismatchRate: description: >- - This VideoActionMetricsEntry is calculated based on this prediction - window length. If the predicted action's timestamp is inside the - time window whose center is the ground truth action's timestamp with - this specific length, the prediction result is treated as a true - positive. - type: string - format: google-duration - meanAveragePrecision: - description: The mean average precision. + Output only. The single metric for tracking consistency evaluation: + the mean_mismatch_rate averaged over all track_metrics_entries. type: number format: float - confidenceMetricsEntries: - description: >- - Metrics for each label-match confidence_threshold from - 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99. - type: array - items: - $ref: >- - #/components/schemas/XPSVideoActionMetricsEntryConfidenceMetricsEntry - XPSVideoActionMetricsEntryConfidenceMetricsEntry: - id: XPSVideoActionMetricsEntryConfidenceMetricsEntry - description: Metrics for a single confidence threshold. - type: object - properties: - confidenceThreshold: + trackMeanAveragePrecision: description: >- - Output only. The confidence threshold value used to compute the - metrics. - type: number + Output only. The single metric for tracks accuracy evaluation: the + mean_average_precision averaged over all track_metrics_entries. format: float - recall: - description: Output only. Recall for the given confidence threshold. type: number - format: float - precision: - description: Output only. Precision for the given confidence threshold. + trackMetricsEntries: + description: >- + Output only. The tracks match metrics for each + Intersection-over-union threshold + 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99. + items: + $ref: '#/components/schemas/XPSTrackMetricsEntry' + type: array + trackMeanBoundingBoxIou: type: number + description: >- + Output only. The single metric for tracks bounding box iou + evaluation: the mean_bounding_box_iou averaged over all + track_metrics_entries. format: float - f1Score: - description: Output only. The harmonic mean of recall and precision. - type: number + evaluatedFrameCount: + format: int32 + description: The number of video frames used for model evaluation. + type: integer + boundingBoxMeanAveragePrecision: format: float - XPSTranslationEvaluationMetrics: - id: XPSTranslationEvaluationMetrics - description: Evaluation metrics for the dataset. - type: object - properties: - bleuScore: - description: BLEU score. - type: number - format: double - baseBleuScore: - description: BLEU score for base model. + description: >- + Output only. The single metric for bounding boxes evaluation: the + mean_average_precision averaged over all + bounding_box_metrics_entries. type: number - format: double - XPSImageSegmentationEvaluationMetrics: - id: XPSImageSegmentationEvaluationMetrics - description: 'Model evaluation metrics for image segmentation problems. Next tag: 4.' + evaluatedTrackCount: + description: The number of tracks used for model evaluation. + format: int32 + type: integer + evaluatedBoundingboxCount: + description: The number of bounding boxes used for model evaluation. + type: integer + format: int32 + XPSStructType: type: object properties: - confidenceMetricsEntries: - description: >- - Metrics that have confidence thresholds. Precision-recall curve can - be derived from it. - type: array - items: - $ref: >- - #/components/schemas/XPSImageSegmentationEvaluationMetricsConfidenceMetricsEntry - XPSImageSegmentationEvaluationMetricsConfidenceMetricsEntry: - id: XPSImageSegmentationEvaluationMetricsConfidenceMetricsEntry - description: Metrics for a single confidence threshold. - type: object + fields: + description: Unordered map of struct field names to their data types. + additionalProperties: + $ref: '#/components/schemas/XPSDataType' + type: object + description: '`StructType` defines the DataType-s of a STRUCT type.' + id: XPSStructType + XPSImageModelServingSpecModelThroughputEstimation: properties: - confidenceThreshold: - description: The confidence threshold value used to compute the metrics. - type: number - format: float - recall: - description: Recall for the given confidence threshold. - type: number - format: float - precision: - description: Precision for the given confidence threshold. - type: number - format: float - diceScoreCoefficient: - description: 'DSC or the F1 score: The harmonic mean of recall and precision.' + computeEngineAcceleratorType: + enum: + - UNSPECIFIED + - NVIDIA_TESLA_K80 + - NVIDIA_TESLA_P100 + - NVIDIA_TESLA_V100 + - NVIDIA_TESLA_P4 + - NVIDIA_TESLA_T4 + - NVIDIA_TESLA_A100 + - NVIDIA_A100_80GB + - NVIDIA_L4 + - NVIDIA_H100_80GB + - NVIDIA_H100_MEGA_80GB + - NVIDIA_H200_141GB + - NVIDIA_B200 + - NVIDIA_GB200 + - TPU_V2 + - TPU_V3 + - TPU_V4_POD + - TPU_V5_LITEPOD + enumDescriptions: + - '' + - Nvidia Tesla K80 GPU. + - Nvidia Tesla P100 GPU. + - Nvidia Tesla V100 GPU. + - Nvidia Tesla P4 GPU. + - Nvidia Tesla T4 GPU. + - Nvidia Tesla A100 GPU. + - Nvidia A100 80GB GPU. + - Nvidia L4 GPU. + - Nvidia H100 80Gb GPU. + - Nvidia H100 80Gb GPU. + - Nvidia H200 141Gb GPU. + - Nvidia B200 GPU. + - Nvidia GB200 GPU. + - TPU v2 (JellyFish). + - TPU v3 (DragonFish). + - TPU_v4 (PufferFish). + - TPU v5 Lite Pods. + type: string + servomaticPartitionType: + type: string + enum: + - PARTITION_TYPE_UNSPECIFIED + - PARTITION_ZERO + - PARTITION_REDUCED_HOMING + - PARTITION_JELLYFISH + - PARTITION_CPU + - PARTITION_CUSTOM_STORAGE_CPU + enumDescriptions: + - '' + - The default partition. + - >- + It has significantly lower replication than partition-0 and is + located in the US only. It also has a larger model size limit and + higher default RAM quota than partition-0. Customers with batch + traffic, US-based traffic, or very large models should use this + partition. Capacity in this partition is significantly cheaper + than partition-0. + - To be used by customers with Jellyfish-accelerated ops. + - The partition used by regionalized servomatic cloud regions. + - The partition used for loading models from custom storage. + nodeQps: + format: double + description: The approximate qps a deployed node can serve. type: number - format: float + latencyInMilliseconds: + format: double + description: Estimated latency. + type: number + id: XPSImageModelServingSpecModelThroughputEstimation + type: object + XPSTrainResponse: + id: XPSTrainResponse + type: object + properties: + videoObjectTrackingTrainResp: + $ref: '#/components/schemas/XPSVideoObjectTrackingTrainResponse' + tablesTrainResp: + $ref: '#/components/schemas/XPSTablesTrainResponse' + deployedModelSizeBytes: + type: string + description: Estimated model size in bytes once deployed. + format: int64 + imageObjectDetectionTrainResp: + $ref: '#/components/schemas/XPSImageObjectDetectionModelSpec' + explanationConfigs: + description: >- + VisionExplanationConfig for XAI on test set. Optional for when XAI + is enable in training request. + deprecated: true + type: array + items: + $ref: '#/components/schemas/XPSResponseExplanationSpec' + speechTrainResp: + $ref: '#/components/schemas/XPSSpeechModelSpec' + errorAnalysisConfigs: + type: array + description: >- + Optional vision model error analysis configuration. The field is set + when model error analysis is enabled in the training request. The + results of error analysis will be binded together with evaluation + results (in the format of AnnotatedExample). + items: + $ref: '#/components/schemas/XPSVisionErrorAnalysisConfig' + evaluationMetricsSet: + description: >- + The trained model evaluation metrics. This can be optionally + returned. + $ref: '#/components/schemas/XPSEvaluationMetricsSet' + imageClassificationTrainResp: + $ref: '#/components/schemas/XPSImageClassificationTrainResponse' + modelToken: + description: >- + Token that represents the trained model. This is considered + immutable and is persisted in AutoML. xPS can put their own proto in + the byte string, to e.g. point to the model checkpoints. The token + is passed to other xPS APIs to refer to the model. + format: byte + type: string + videoClassificationTrainResp: + $ref: '#/components/schemas/XPSVideoClassificationTrainResponse' + translationTrainResp: + $ref: '#/components/schemas/XPSTranslationTrainResponse' + textToSpeechTrainResp: + $ref: '#/components/schemas/XPSTextToSpeechTrainResponse' + evaluatedExampleSet: + $ref: '#/components/schemas/XPSExampleSet' + description: >- + Examples used to evaluate the model (usually the test set), with the + predicted annotations. The file_spec should point to recordio + file(s) of AnnotatedExample. For each returned example, the + example_id_token and annotations predicted by the model must be set. + The example payload can and is recommended to be omitted. + videoActionRecognitionTrainResp: + $ref: '#/components/schemas/XPSVideoActionRecognitionTrainResponse' + textTrainResp: + $ref: '#/components/schemas/XPSTextTrainResponse' + description: Will only be needed for uCAIP from Beta. + imageSegmentationTrainResp: + $ref: '#/components/schemas/XPSImageSegmentationTrainResponse' + Status: + type: object + properties: + code: + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + message: + type: string + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + details: + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + id: Status + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + Document: + id: Document + description: Represents the input to API methods. + properties: + type: + description: >- + Required. If the type is not set or is `TYPE_UNSPECIFIED`, returns + an `INVALID_ARGUMENT` error. + enum: + - TYPE_UNSPECIFIED + - PLAIN_TEXT + - HTML + type: string + enumDescriptions: + - The content type is not specified. + - Plain text + - HTML + languageCode: + type: string + description: >- + Optional. The language of the document (if not specified, the + language is automatically detected). Both ISO and BCP-47 language + codes are accepted. [Language + Support](https://cloud.google.com/natural-language/docs/languages) + lists currently supported languages for each API method. If the + language (either specified by the caller or automatically detected) + is not supported by the called API method, an `INVALID_ARGUMENT` + error is returned. + content: + type: string + description: >- + The content of the input in string format. Cloud audit logging + exempt since it is based on user data. + gcsContentUri: + type: string + description: >- + The Google Cloud Storage URI where the file content is located. This + URI must be of the form: gs://bucket_name/object_name. For more + details, see https://cloud.google.com/storage/docs/reference-uris. + NOTE: Cloud Storage object versioning is not supported. + type: object + XPSImageSegmentationEvaluationMetricsConfidenceMetricsEntry: + type: object + properties: iouScore: + format: float + type: number description: IOU score. + confidenceThreshold: + type: number + format: float + description: The confidence threshold value used to compute the metrics. + diceScoreCoefficient: type: number + description: 'DSC or the F1 score: The harmonic mean of recall and precision.' format: float confusionMatrix: description: >- @@ -3095,760 +1829,1440 @@ components: counts are set here. Only set for model level evaluation, not for evaluation per label. $ref: '#/components/schemas/XPSConfusionMatrix' - XPSTextSentimentEvaluationMetrics: - id: XPSTextSentimentEvaluationMetrics - description: Model evaluation metrics for text sentiment problems. - type: object - properties: - precision: - description: Output only. Precision. - type: number - format: float recall: - description: Output only. Recall. - type: number - format: float - f1Score: - description: Output only. The harmonic mean of recall and precision. type: number + description: Recall for the given confidence threshold. format: float - meanAbsoluteError: - description: >- - Output only. Mean absolute error. Only set for the overall model - evaluation, not for evaluation of a single annotation spec. - type: number + precision: format: float - meanSquaredError: - description: >- - Output only. Mean squared error. Only set for the overall model - evaluation, not for evaluation of a single annotation spec. + description: Precision for the given confidence threshold. type: number - format: float - linearKappa: + description: Metrics for a single confidence threshold. + id: XPSImageSegmentationEvaluationMetricsConfidenceMetricsEntry + AnalyzeSentimentResponse: + properties: + documentSentiment: + description: The overall sentiment of the input document. + $ref: '#/components/schemas/Sentiment' + languageSupported: + type: boolean description: >- - Output only. Linear weighted kappa. Only set for the overall model - evaluation, not for evaluation of a single annotation spec. + Whether the language is officially supported. The API may still + return a response when the language is not supported, but it is on a + best effort basis. + languageCode: + description: >- + The language of the text, which will be the same as the language + specified in the request or, if not specified, the + automatically-detected language. See Document.language_code field + for more details. + type: string + sentences: + items: + $ref: '#/components/schemas/Sentence' + description: The sentiment for all the sentences in the document. + type: array + type: object + description: The sentiment analysis response message. + id: AnalyzeSentimentResponse + Color: + type: object + id: Color + properties: + alpha: type: number format: float - quadraticKappa: description: >- - Output only. Quadratic weighted kappa. Only set for the overall - model evaluation, not for evaluation of a single annotation spec. + The fraction of this color that should be applied to the pixel. That + is, the final pixel color is defined by the equation: `pixel color = + alpha * (this color) + (1.0 - alpha) * (background color)` This + means that a value of 1.0 corresponds to a solid color, whereas a + value of 0.0 corresponds to a completely transparent color. This + uses a wrapper message rather than a simple float scalar so that it + is possible to distinguish between a default value and the value + being unset. If omitted, this color object is rendered as a solid + color (as if the alpha value had been explicitly given a value of + 1.0). + red: + format: float + description: The amount of red in the color as a value in the interval [0, 1]. type: number + green: + format: float + description: The amount of green in the color as a value in the interval [0, 1]. + type: number + blue: + type: number + description: The amount of blue in the color as a value in the interval [0, 1]. format: float - confusionMatrix: - description: >- - Output only. Confusion matrix of the evaluation. Only set for the - overall model evaluation, not for evaluation of a single annotation - spec. - $ref: '#/components/schemas/XPSConfusionMatrix' - XPSResponseExplanationSpec: - id: XPSResponseExplanationSpec - deprecated: true description: >- - Specification of Model explanation. Feature-based XAI in AutoML Vision - ICN is deprecated. - type: object - properties: - explanationType: - description: >- - Explanation type. For AutoML Image Classification models, possible - values are: * `image-integrated-gradients` * `image-xrai` - type: string - parameters: - description: Parameters that configure explaining of the Model's predictions. - $ref: '#/components/schemas/XPSResponseExplanationParameters' - metadata: - description: Metadata describing the Model's input and output for explanation. - $ref: '#/components/schemas/XPSResponseExplanationMetadata' - XPSResponseExplanationParameters: - id: XPSResponseExplanationParameters - deprecated: true - type: object - properties: - integratedGradientsAttribution: - description: >- - An attribution method that computes Aumann-Shapley values taking - advantage of the model's fully differentiable structure. Refer to - this paper for more details: https://arxiv.org/abs/1703.01365 - $ref: '#/components/schemas/XPSIntegratedGradientsAttribution' - xraiAttribution: - description: >- - An attribution method that redistributes Integrated Gradients - attribution to segmented regions, taking advantage of the model's - fully differentiable structure. Refer to this paper for more - details: https://arxiv.org/abs/1906.02825 XRAI currently performs - better on natural images, like a picture of a house or an animal. If - the images are taken in artificial environments, like a lab or - manufacturing line, or from diagnostic equipment, like x-rays or - quality-control cameras, use Integrated Gradients instead. - $ref: '#/components/schemas/XPSXraiAttribution' - XPSIntegratedGradientsAttribution: - id: XPSIntegratedGradientsAttribution - deprecated: true + Represents a color in the RGBA color space. This representation is + designed for simplicity of conversion to and from color representations + in various languages over compactness. For example, the fields of this + representation can be trivially provided to the constructor of + `java.awt.Color` in Java; it can also be trivially provided to UIColor's + `+colorWithRed:green:blue:alpha` method in iOS; and, with just a little + work, it can be easily formatted into a CSS `rgba()` string in + JavaScript. This reference page doesn't have information about the + absolute color space that should be used to interpret the RGB value—for + example, sRGB, Adobe RGB, DCI-P3, and BT.2020. By default, applications + should assume the sRGB color space. When color equality needs to be + decided, implementations, unless documented otherwise, treat two colors + as equal if all their red, green, blue, and alpha values each differ by + at most `1e-5`. Example (Java): import com.google.type.Color; // ... + public static java.awt.Color fromProto(Color protocolor) { float alpha = + protocolor.hasAlpha() ? protocolor.getAlpha().getValue() : 1.0; return + new java.awt.Color( protocolor.getRed(), protocolor.getGreen(), + protocolor.getBlue(), alpha); } public static Color + toProto(java.awt.Color color) { float red = (float) color.getRed(); + float green = (float) color.getGreen(); float blue = (float) + color.getBlue(); float denominator = 255.0; Color.Builder resultBuilder + = Color .newBuilder() .setRed(red / denominator) .setGreen(green / + denominator) .setBlue(blue / denominator); int alpha = color.getAlpha(); + if (alpha != 255) { result.setAlpha( FloatValue .newBuilder() + .setValue(((float) alpha) / denominator) .build()); } return + resultBuilder.build(); } // ... Example (iOS / Obj-C): // ... static + UIColor* fromProto(Color* protocolor) { float red = [protocolor red]; + float green = [protocolor green]; float blue = [protocolor blue]; + FloatValue* alpha_wrapper = [protocolor alpha]; float alpha = 1.0; if + (alpha_wrapper != nil) { alpha = [alpha_wrapper value]; } return + [UIColor colorWithRed:red green:green blue:blue alpha:alpha]; } static + Color* toProto(UIColor* color) { CGFloat red, green, blue, alpha; if + (![color getRed:&red green:&green blue:&blue alpha:&alpha]) { return + nil; } Color* result = [[Color alloc] init]; [result setRed:red]; + [result setGreen:green]; [result setBlue:blue]; if (alpha <= 0.9999) { + [result setAlpha:floatWrapperWithValue(alpha)]; } [result autorelease]; + return result; } // ... Example (JavaScript): // ... var protoToCssColor + = function(rgb_color) { var redFrac = rgb_color.red || 0.0; var + greenFrac = rgb_color.green || 0.0; var blueFrac = rgb_color.blue || + 0.0; var red = Math.floor(redFrac * 255); var green = + Math.floor(greenFrac * 255); var blue = Math.floor(blueFrac * 255); if + (!('alpha' in rgb_color)) { return rgbToCssColor(red, green, blue); } + var alphaFrac = rgb_color.alpha.value || 0.0; var rgbParams = [red, + green, blue].join(','); return ['rgba(', rgbParams, ',', alphaFrac, + ')'].join(''); }; var rgbToCssColor = function(red, green, blue) { var + rgbNumber = new Number((red << 16) | (green << 8) | blue); var hexString + = rgbNumber.toString(16); var missingZeros = 6 - hexString.length; var + resultBuilder = ['#']; for (var i = 0; i < missingZeros; i++) { + resultBuilder.push('0'); } resultBuilder.push(hexString); return + resultBuilder.join(''); }; // ... + XPSEdgeTpuTfLiteFormat: + id: XPSEdgeTpuTfLiteFormat + properties: {} description: >- - An attribution method that computes the Aumann-Shapley value taking - advantage of the model's fully differentiable structure. Refer to this - paper for more details: https://arxiv.org/abs/1703.01365 + A model format used for [Edge TPU](https://cloud.google.com/edge-tpu/) + devices. type: object + XPSCategoryStats: properties: - stepCount: + topCategoryStats: description: >- - The number of steps for approximating the path integral. A good - value to start is 50 and gradually increase until the sum to diff - property is within the desired error range. Valid range of its value - is [1, 100], inclusively. - type: integer - format: int32 - XPSXraiAttribution: - id: XPSXraiAttribution - deprecated: true - description: >- - An explanation method that redistributes Integrated Gradients - attributions to segmented regions, taking advantage of the model's fully - differentiable structure. Refer to this paper for more details: - https://arxiv.org/abs/1906.02825 Only supports image Models (modality is - IMAGE). + The statistics of the top 20 CATEGORY values, ordered by + CategoryStats.SingleCategoryStats.count. + type: array + items: + $ref: '#/components/schemas/XPSCategoryStatsSingleCategoryStats' + commonStats: + $ref: '#/components/schemas/XPSCommonStats' type: object - properties: - stepCount: - description: >- - The number of steps for approximating the path integral. A good - value to start is 50 and gradually increase until the sum to diff - property is met within the desired error range. Valid range of its - value is [1, 100], inclusively. - type: integer - format: int32 - XPSResponseExplanationMetadata: - id: XPSResponseExplanationMetadata - deprecated: true + id: XPSCategoryStats + description: The data statistics of a series of CATEGORY values. + GpuMetric: type: object + id: GpuMetric properties: - inputs: - description: Metadata of the input. - type: object + trackingLabels: additionalProperties: - $ref: '#/components/schemas/XPSResponseExplanationMetadataInputMetadata' - outputs: - description: Metadata of the output. + type: string type: object - additionalProperties: - $ref: '#/components/schemas/XPSResponseExplanationMetadataOutputMetadata' - XPSResponseExplanationMetadataInputMetadata: - id: XPSResponseExplanationMetadataInputMetadata - description: Metadata of the input of a feature. - type: object - properties: - visualizationConfig: - description: Visualization configurations for image explanation. - $ref: '#/components/schemas/XPSVisualization' - inputTensorName: description: >- - Name of the input tensor for this model. Only needed in train - response. - type: string - modality: - description: >- - Modality of the feature. Valid values are: numeric, image. Defaults - to numeric. - type: string - enumDescriptions: - - '' - - '' - - '' - - '' + Billing tracking labels. They do not contain any user data but only + the labels set by Vertex Core Infra itself. Tracking labels' keys + are defined with special format: goog-[\p{Ll}\p{N}]+ E.g. "key": + "goog-k8s-cluster-name","value": "us-east1-b4rk" + machineSpec: enum: - - MODALITY_UNSPECIFIED - - NUMERIC - - IMAGE - - CATEGORICAL - XPSVisualization: - id: XPSVisualization - deprecated: true - description: Visualization configurations for image explanation. - type: object - properties: - type: - description: >- - Type of the image visualization. Only applicable to Integrated - Gradients attribution. OUTLINES shows regions of attribution, while - PIXELS shows per-pixel attribution. Defaults to OUTLINES. - type: string - enumDescriptions: - - Should not be used. - - Shows which pixel contributed to the image prediction. - - >- - Shows which region contributed to the image prediction by - outlining the region. - enum: - - TYPE_UNSPECIFIED - - PIXELS - - OUTLINES - polarity: - description: >- - Whether to only highlight pixels with positive contributions, - negative or both. Defaults to POSITIVE. - type: string - enumDescriptions: - - Default value. This is the same as POSITIVE. - - >- - Highlights the pixels/outlines that were most influential to the - model's prediction. - - >- - Setting polarity to negative highlights areas that does not lead - to the models's current prediction. - - Shows both positive and negative attributions. - enum: - - POLARITY_UNSPECIFIED - - POSITIVE - - NEGATIVE - - BOTH - colorMap: - description: >- - The color scheme used for the highlighted areas. Defaults to - PINK_GREEN for Integrated Gradients attribution, which shows - positive attributions in green and negative in pink. Defaults to - VIRIDIS for XRAI attribution, which highlights the most influential - regions in yellow and the least influential in blue. - type: string - enumDescriptions: - - Should not be used. - - 'Positive: green. Negative: pink.' - - >- - Viridis color map: A perceptually uniform color mapping which is - easier to see by those with colorblindness and progresses from - yellow to green to blue. Positive: yellow. Negative: blue. - - 'Positive: red. Negative: red.' - - 'Positive: green. Negative: green.' - - 'Positive: green. Negative: red.' - - PiYG palette. - enum: - - COLOR_MAP_UNSPECIFIED - - PINK_GREEN - - VIRIDIS - - RED - - GREEN - - RED_GREEN - - PINK_WHITE_GREEN - clipPercentUpperbound: - description: >- - Excludes attributions above the specified percentile from the - highlighted areas. Using the clip_percent_upperbound and - clip_percent_lowerbound together can be useful for filtering out - noise and making it easier to see areas of strong attribution. - Defaults to 99.9. - type: number - format: float - clipPercentLowerbound: - description: >- - Excludes attributions below the specified percentile, from the - highlighted areas. Defaults to 62. - type: number - format: float - overlayType: - description: >- - How the original image is displayed in the visualization. Adjusting - the overlay can help increase visual clarity if the original image - makes it difficult to view the visualization. Defaults to NONE. - type: string + - UNKNOWN_MACHINE_SPEC + - N1_STANDARD_2 + - N1_STANDARD_4 + - N1_STANDARD_8 + - N1_STANDARD_16 + - N1_STANDARD_32 + - N1_STANDARD_64 + - N1_STANDARD_96 + - N1_HIGHMEM_2 + - N1_HIGHMEM_4 + - N1_HIGHMEM_8 + - N1_HIGHMEM_16 + - N1_HIGHMEM_32 + - N1_HIGHMEM_64 + - N1_HIGHMEM_96 + - N1_HIGHCPU_2 + - N1_HIGHCPU_4 + - N1_HIGHCPU_8 + - N1_HIGHCPU_16 + - N1_HIGHCPU_32 + - N1_HIGHCPU_64 + - N1_HIGHCPU_96 + - A2_HIGHGPU_1G + - A2_HIGHGPU_2G + - A2_HIGHGPU_4G + - A2_HIGHGPU_8G + - A2_MEGAGPU_16G + - A2_ULTRAGPU_1G + - A2_ULTRAGPU_2G + - A2_ULTRAGPU_4G + - A2_ULTRAGPU_8G + - A3_HIGHGPU_1G + - A3_HIGHGPU_2G + - A3_HIGHGPU_4G + - A3_HIGHGPU_8G + - A3_MEGAGPU_8G + - A3_ULTRAGPU_8G + - A3_EDGEGPU_8G + - A4_HIGHGPU_8G + - A4X_HIGHGPU_4G + - E2_STANDARD_2 + - E2_STANDARD_4 + - E2_STANDARD_8 + - E2_STANDARD_16 + - E2_STANDARD_32 + - E2_HIGHMEM_2 + - E2_HIGHMEM_4 + - E2_HIGHMEM_8 + - E2_HIGHMEM_16 + - E2_HIGHCPU_2 + - E2_HIGHCPU_4 + - E2_HIGHCPU_8 + - E2_HIGHCPU_16 + - E2_HIGHCPU_32 + - N2_STANDARD_2 + - N2_STANDARD_4 + - N2_STANDARD_8 + - N2_STANDARD_16 + - N2_STANDARD_32 + - N2_STANDARD_48 + - N2_STANDARD_64 + - N2_STANDARD_80 + - N2_STANDARD_96 + - N2_STANDARD_128 + - N2_HIGHMEM_2 + - N2_HIGHMEM_4 + - N2_HIGHMEM_8 + - N2_HIGHMEM_16 + - N2_HIGHMEM_32 + - N2_HIGHMEM_48 + - N2_HIGHMEM_64 + - N2_HIGHMEM_80 + - N2_HIGHMEM_96 + - N2_HIGHMEM_128 + - N2_HIGHCPU_2 + - N2_HIGHCPU_4 + - N2_HIGHCPU_8 + - N2_HIGHCPU_16 + - N2_HIGHCPU_32 + - N2_HIGHCPU_48 + - N2_HIGHCPU_64 + - N2_HIGHCPU_80 + - N2_HIGHCPU_96 + - N2D_STANDARD_2 + - N2D_STANDARD_4 + - N2D_STANDARD_8 + - N2D_STANDARD_16 + - N2D_STANDARD_32 + - N2D_STANDARD_48 + - N2D_STANDARD_64 + - N2D_STANDARD_80 + - N2D_STANDARD_96 + - N2D_STANDARD_128 + - N2D_STANDARD_224 + - N2D_HIGHMEM_2 + - N2D_HIGHMEM_4 + - N2D_HIGHMEM_8 + - N2D_HIGHMEM_16 + - N2D_HIGHMEM_32 + - N2D_HIGHMEM_48 + - N2D_HIGHMEM_64 + - N2D_HIGHMEM_80 + - N2D_HIGHMEM_96 + - N2D_HIGHCPU_2 + - N2D_HIGHCPU_4 + - N2D_HIGHCPU_8 + - N2D_HIGHCPU_16 + - N2D_HIGHCPU_32 + - N2D_HIGHCPU_48 + - N2D_HIGHCPU_64 + - N2D_HIGHCPU_80 + - N2D_HIGHCPU_96 + - N2D_HIGHCPU_128 + - N2D_HIGHCPU_224 + - C2_STANDARD_4 + - C2_STANDARD_8 + - C2_STANDARD_16 + - C2_STANDARD_30 + - C2_STANDARD_60 + - C2D_STANDARD_2 + - C2D_STANDARD_4 + - C2D_STANDARD_8 + - C2D_STANDARD_16 + - C2D_STANDARD_32 + - C2D_STANDARD_56 + - C2D_STANDARD_112 + - C2D_HIGHCPU_2 + - C2D_HIGHCPU_4 + - C2D_HIGHCPU_8 + - C2D_HIGHCPU_16 + - C2D_HIGHCPU_32 + - C2D_HIGHCPU_56 + - C2D_HIGHCPU_112 + - C2D_HIGHMEM_2 + - C2D_HIGHMEM_4 + - C2D_HIGHMEM_8 + - C2D_HIGHMEM_16 + - C2D_HIGHMEM_32 + - C2D_HIGHMEM_56 + - C2D_HIGHMEM_112 + - G2_STANDARD_4 + - G2_STANDARD_8 + - G2_STANDARD_12 + - G2_STANDARD_16 + - G2_STANDARD_24 + - G2_STANDARD_32 + - G2_STANDARD_48 + - G2_STANDARD_96 + - G4_STANDARD_48 + - C3_STANDARD_4 + - C3_STANDARD_8 + - C3_STANDARD_22 + - C3_STANDARD_44 + - C3_STANDARD_88 + - C3_STANDARD_176 + - C3_HIGHCPU_4 + - C3_HIGHCPU_8 + - C3_HIGHCPU_22 + - C3_HIGHCPU_44 + - C3_HIGHCPU_88 + - C3_HIGHCPU_176 + - C3_HIGHMEM_4 + - C3_HIGHMEM_8 + - C3_HIGHMEM_22 + - C3_HIGHMEM_44 + - C3_HIGHMEM_88 + - C3_HIGHMEM_176 + - C4_STANDARD_8 + - C4_STANDARD_16 + - C4_STANDARD_24 + - C4_STANDARD_32 + - C4_STANDARD_48 + - C4_STANDARD_96 + - C4_STANDARD_144 + - C4_STANDARD_192 + - C4_STANDARD_288 + - C4_HIGHCPU_8 + - C4_HIGHCPU_16 + - C4_HIGHCPU_24 + - C4_HIGHCPU_32 + - C4_HIGHCPU_48 + - C4_HIGHCPU_96 + - C4_HIGHCPU_144 + - C4_HIGHCPU_192 + - C4_HIGHCPU_288 + - C4_HIGHMEM_8 + - C4_HIGHMEM_16 + - C4_HIGHMEM_24 + - C4_HIGHMEM_32 + - C4_HIGHMEM_48 + - C4_HIGHMEM_96 + - C4_HIGHMEM_144 + - C4_HIGHMEM_192 + - C4_HIGHMEM_288 + description: Required. Machine spec, e.g. N1_STANDARD_4. enumDescriptions: - - Default value. This is the same as NONE. - - No overlay. - - The attributions are shown on top of the original image. - - >- - The attributions are shown on top of grayscaled version of the - original image. - - >- - The attributions are used as a mask to reveal predictive parts of - the image and hide the un-predictive parts. - enum: - - OVERLAY_TYPE_UNSPECIFIED - - NONE - - ORIGINAL - - GRAYSCALE - - MASK_BLACK - XPSResponseExplanationMetadataOutputMetadata: - id: XPSResponseExplanationMetadataOutputMetadata - description: Metadata of the prediction output to be explained. - type: object - properties: - outputTensorName: - description: Name of the output tensor. Only needed in train response. + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' type: string - XPSVisionErrorAnalysisConfig: - id: XPSVisionErrorAnalysisConfig - description: 'The vision model error analysis configuration. Next tag: 3' - type: object - properties: - exampleCount: - description: The number of query examples in error analysis. - type: integer - format: int32 - queryType: - description: >- - The query type used in retrieval. The enum values are frozen in the - foreseeable future. + gpuSec: type: string + description: Required. Seconds of GPU usage, e.g. 3600. + format: int64 + gpuType: enumDescriptions: - - Unspecified query type for model error analysis. - - Query similar samples across all classes in the dataset. - - Query similar samples from the same class of the input sample. - - Query dissimilar samples from the same class of the input sample. + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + description: Required. Type of GPU, e.g. NVIDIA_TESLA_V100. + type: string enum: - - QUERY_TYPE_UNSPECIFIED - - QUERY_TYPE_ALL_SIMILAR - - QUERY_TYPE_SAME_CLASS_SIMILAR - - QUERY_TYPE_SAME_CLASS_DISSIMILAR - XPSXpsOperationMetadata: - id: XPSXpsOperationMetadata - type: object - properties: - reportingMetrics: - description: >- - Metrics for the operation. By the time the operation is terminated - (whether succeeded or failed) as returned from XPS, AutoML BE - assumes the metrics are finalized. AutoML BE transparently posts the - metrics to Chemist if it's not empty, regardless of the response - content or error type. If user is supposed to be charged in case of - cancellation/error, this field should be set. In the case where the - type of LRO doesn't require any billing, this field should be left - unset. - $ref: '#/components/schemas/XPSReportingMetrics' - exampleCount: + - UNKNOWN_GPU_TYPE + - NVIDIA_TESLA_A100 + - NVIDIA_A100_80GB + - NVIDIA_B200 + - NVIDIA_GB200 + - NVIDIA_TESLA_K80 + - NVIDIA_L4 + - NVIDIA_TESLA_P100 + - NVIDIA_TESLA_P4 + - NVIDIA_TESLA_T4 + - NVIDIA_TESLA_V100 + - NVIDIA_H100_80GB + - NVIDIA_H100_MEGA_80GB + - NVIDIA_H200_141GB + - NVIDIA_RTX_PRO_6000 + XPSSpeechModelSpec: + properties: + datasetId: description: >- - Optional. XPS server can opt to provide example count of the long - running operation (e.g. training, data importing, batch prediction). + Required for speech xps backend. Speech xps has to use dataset_id + and model_id as the primary key in db so that speech API can query + the db directly. type: string format: int64 - tablesTrainingOperationMetadata: - $ref: '#/components/schemas/XPSTablesTrainingOperationMetadata' - videoTrainingOperationMetadata: - $ref: '#/components/schemas/XPSVideoTrainingOperationMetadata' - videoBatchPredictOperationMetadata: - $ref: '#/components/schemas/XPSVideoBatchPredictOperationMetadata' - visionTrainingOperationMetadata: - $ref: '#/components/schemas/XPSVisionTrainingOperationMetadata' - XPSReportingMetrics: - id: XPSReportingMetrics - type: object - properties: - metricEntries: - description: >- - One entry per metric name. The values must be aggregated per metric - name. + language: + type: string + subModelSpecs: type: array + description: Model specs for all submodels contained in this model. items: - $ref: '#/components/schemas/XPSMetricEntry' - effectiveTrainingDuration: - description: >- - The effective time training used. If set, this is used for quota - management and billing. Deprecated. AutoML BE doesn't use this. - Don't set. - deprecated: true - type: string - format: google-duration - XPSMetricEntry: - id: XPSMetricEntry + $ref: '#/components/schemas/XPSSpeechModelSpecSubModelSpec' + id: XPSSpeechModelSpec + type: object + XPSImageModelArtifactSpec: type: object + id: XPSImageModelArtifactSpec + description: >- + Stores the locations and related metadata of the model artifacts. + Populated for uCAIP requests only. properties: - metricName: - description: The metric name defined in the service configuration. + exportArtifact: + description: The model binary files in different formats for model export. + items: + $ref: '#/components/schemas/XPSModelArtifactItem' + type: array + tfLiteMetadataGcsUri: + description: >- + Google Cloud Storage URI of Tensorflow Lite metadata + 'tflite_metadata.json'. type: string - argentumMetricId: + tfJsBinaryGcsPrefix: description: >- - For billing metrics that are using legacy sku's, set the legacy - billing metric id here. This will be sent to Chemist as the - "cloudbilling.googleapis.com/argentum_metric_id" label. Otherwise - leave empty. + Google Cloud Storage URI prefix of Tensorflow JavaScript binary + files 'groupX-shardXofX.bin'. Deprecated. type: string - int64Value: - description: A signed 64-bit integer value. + labelGcsUri: + description: >- + Google Cloud Storage URI of decoded labels file for model export + 'dict.txt'. type: string + servingArtifact: + description: >- + The default model binary file used for serving (e.g. online predict, + batch predict) via public Cloud AI Platform API. + $ref: '#/components/schemas/XPSModelArtifactItem' + checkpointArtifact: + $ref: '#/components/schemas/XPSModelArtifactItem' + description: The Tensorflow checkpoint files. e.g. Used for resumable training. + XPSVideoClassificationTrainResponse: + id: XPSVideoClassificationTrainResponse + type: object + properties: + modelArtifactSpec: + $ref: '#/components/schemas/XPSVideoModelArtifactSpec' + description: '## The fields below are only populated under uCAIP request scope.' + trainCostNodeSeconds: + description: >- + The actual train cost of creating this model, expressed in node + seconds, i.e. 3,600 value in this field means 1 node hour. format: int64 - doubleValue: - description: A double value. + type: string + XPSTextSentimentEvaluationMetrics: + properties: + f1Score: type: number - format: double - systemLabels: - description: Billing system labels for this (metric, value) pair. + description: Output only. The harmonic mean of recall and precision. + format: float + recall: + type: number + format: float + description: Output only. Recall. + meanSquaredError: + description: >- + Output only. Mean squared error. Only set for the overall model + evaluation, not for evaluation of a single annotation spec. + format: float + type: number + meanAbsoluteError: + type: number + description: >- + Output only. Mean absolute error. Only set for the overall model + evaluation, not for evaluation of a single annotation spec. + format: float + linearKappa: + type: number + format: float + description: >- + Output only. Linear weighted kappa. Only set for the overall model + evaluation, not for evaluation of a single annotation spec. + confusionMatrix: + description: >- + Output only. Confusion matrix of the evaluation. Only set for the + overall model evaluation, not for evaluation of a single annotation + spec. + $ref: '#/components/schemas/XPSConfusionMatrix' + quadraticKappa: + type: number + description: >- + Output only. Quadratic weighted kappa. Only set for the overall + model evaluation, not for evaluation of a single annotation spec. + format: float + precision: + type: number + format: float + description: Output only. Precision. + id: XPSTextSentimentEvaluationMetrics + description: Model evaluation metrics for text sentiment problems. + type: object + XPSVideoBatchPredictOperationMetadata: + properties: + outputExamples: type: array items: - $ref: '#/components/schemas/XPSMetricEntryLabel' - XPSMetricEntryLabel: - id: XPSMetricEntryLabel + type: string + description: >- + All the partial batch prediction results that are completed at the + moment. Output examples are sorted by completion time. The order + will not be changed. Each output example should be the path of a + single RecordIO file of AnnotatedExamples. + id: XPSVideoBatchPredictOperationMetadata type: object + XPSVideoActionMetricsEntry: + description: The Evaluation metrics entry given a specific precision_window_length. properties: - labelName: - description: The name of the label. - type: string - labelValue: - description: The value of the label. + meanAveragePrecision: + description: The mean average precision. + format: float + type: number + precisionWindowLength: + description: >- + This VideoActionMetricsEntry is calculated based on this prediction + window length. If the predicted action's timestamp is inside the + time window whose center is the ground truth action's timestamp with + this specific length, the prediction result is treated as a true + positive. type: string - XPSTablesTrainingOperationMetadata: - id: XPSTablesTrainingOperationMetadata + format: google-duration + confidenceMetricsEntries: + items: + $ref: >- + #/components/schemas/XPSVideoActionMetricsEntryConfidenceMetricsEntry + type: array + description: >- + Metrics for each label-match confidence_threshold from + 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99. type: object + id: XPSVideoActionMetricsEntry + XPSConfusionMatrix: properties: - topTrials: - description: >- - This field is for training. When the operation is terminated - successfully, AutoML Backend post this field to operation metadata - in spanner. If the metadata has no trials returned, the training - operation is supposed to be a failure. + row: type: array + description: >- + Rows in the confusion matrix. The number of rows is equal to the + size of `annotation_spec_id_token`. `row[i].value[j]` is the number + of examples that have ground truth of the + `annotation_spec_id_token[i]` and are predicted as + `annotation_spec_id_token[j]` by the model being evaluated. items: - $ref: '#/components/schemas/XPSTuningTrial' - trainingObjectivePoints: + $ref: '#/components/schemas/XPSConfusionMatrixRow' + sentimentLabel: + items: + type: integer + format: int32 description: >- - This field records the training objective value with respect to - time, giving insight into how the model architecture search is - performing as training time elapses. + Sentiment labels used in the confusion matrix. Set only for text + sentiment models. For AutoML Text Revamp, use + `annotation_spec_id_token` instead and leave this field empty. + type: array + annotationSpecIdToken: + description: >- + For the following three repeated fields, only one is intended to be + set. annotation_spec_id_token is preferable to be set. ID tokens of + the annotation specs used in the confusion matrix. type: array items: - $ref: '#/components/schemas/XPSTrainingObjectivePoint' - createModelStage: - description: Current stage of creating model. - type: string - enumDescriptions: - - Unspecified stage. - - Prepare the model training pipeline and run data processing. - - Training model. - - Run evaluation. - - Finalizing model training pipeline. - enum: - - CREATE_MODEL_STAGE_UNSPECIFIED - - DATA_PREPROCESSING - - TRAINING - - EVALUATING - - MODEL_POST_PROCESSING - optimizationObjective: - description: The optimization objective for model. + type: string + category: + type: array + items: + type: integer + format: int32 + description: >- + Category (mainly for segmentation). Set only for image segmentation + models. Note: uCAIP Image Segmentation should use + annotation_spec_id_token. + id: XPSConfusionMatrix + type: object + description: Confusion matrix of the model running the classification. + XPSTablesClassificationMetrics: + id: XPSTablesClassificationMetrics + type: object + description: Metrics for Tables classification problems. + properties: + curveMetrics: + description: Metrics building a curve. + type: array + items: + $ref: '#/components/schemas/XPSTablesClassificationMetricsCurveMetrics' + XPSImageSegmentationTrainResponse: + properties: + trainCostNodeSeconds: + description: >- + The actual train cost of creating this model, expressed in node + seconds, i.e. 3,600 value in this field means 1 node hour. + format: int64 type: string - trainBudgetMilliNodeHours: - description: Creating model budget. + exportModelSpec: + description: 'NOTE: These fields are not used/needed in EAP but will be set later.' + $ref: '#/components/schemas/XPSImageExportModelSpec' + modelServingSpec: + $ref: '#/components/schemas/XPSImageModelServingSpec' + stopReason: + enumDescriptions: + - '' + - '' + - Model fully converged, can not be resumbed training. + - >- + Model early converged, can be further trained till full + convergency. + enum: + - TRAIN_STOP_REASON_UNSPECIFIED + - TRAIN_STOP_REASON_BUDGET_REACHED + - TRAIN_STOP_REASON_MODEL_CONVERGED + - TRAIN_STOP_REASON_MODEL_EARLY_STOPPED type: string - format: int64 - trainingStartTime: - description: Timestamp when training process starts. + description: >- + Stop reason for training job, e.g. 'TRAIN_BUDGET_REACHED', + 'MODEL_CONVERGED'. + modelArtifactSpec: + description: >- + ## The fields below are only populated under uCAIP request scope. + Model artifact spec stores and model gcs pathes and related metadata + $ref: '#/components/schemas/XPSImageModelArtifactSpec' + colorMaps: + items: + $ref: '#/components/schemas/XPSColorMap' + type: array + description: Color map of the model. + type: object + id: XPSImageSegmentationTrainResponse + XPSModelArtifactItem: + id: XPSModelArtifactItem + description: A single model artifact item. + properties: + artifactFormat: + enumDescriptions: + - Should not be used. + - >- + The Tensorflow checkpoints. See + https://www.tensorflow.org/guide/checkpoint. + - The Tensorflow SavedModel binary. + - >- + Model artifact in generic TensorFlow Lite (.tflite) format. See + https://www.tensorflow.org/lite. + - Used for [Edge TPU](https://cloud.google.com/edge-tpu/) devices. + - >- + A [TensorFlow.js](https://www.tensorflow.org/js) model that can be + used in the browser and in Node.js using JavaScript. + - >- + Used for iOS mobile devices in (.mlmodel) format. See + https://developer.apple.com/documentation/coreml + type: string + enum: + - ARTIFACT_FORMAT_UNSPECIFIED + - TF_CHECKPOINT + - TF_SAVED_MODEL + - TF_LITE + - EDGE_TPU_TF_LITE + - TF_JS + - CORE_ML + description: The model artifact format. + gcsUri: + description: The Google Cloud Storage URI that stores the model binary files. type: string - format: google-datetime - XPSTuningTrial: - id: XPSTuningTrial - description: >- - Metrics for a tuning job generated, will get forwarded to Stackdriver as - model tuning logs. Setting this as a standalone message out of - CreateModelMetadata to avoid confusion as we expose this message only to - users. type: object + XPSResponseExplanationParameters: properties: - modelStructure: - description: Model parameters for the trial. - $ref: '#/components/schemas/XPSTablesModelStructure' - trainingObjectivePoint: - description: The optimization objective evaluation of the eval split data. - $ref: '#/components/schemas/XPSTrainingObjectivePoint' - XPSTrainingObjectivePoint: - id: XPSTrainingObjectivePoint + integratedGradientsAttribution: + description: >- + An attribution method that computes Aumann-Shapley values taking + advantage of the model's fully differentiable structure. Refer to + this paper for more details: https://arxiv.org/abs/1703.01365 + $ref: '#/components/schemas/XPSIntegratedGradientsAttribution' + xraiAttribution: + description: >- + An attribution method that redistributes Integrated Gradients + attribution to segmented regions, taking advantage of the model's + fully differentiable structure. Refer to this paper for more + details: https://arxiv.org/abs/1906.02825 XRAI currently performs + better on natural images, like a picture of a house or an animal. If + the images are taken in artificial environments, like a lab or + manufacturing line, or from diagnostic equipment, like x-rays or + quality-control cameras, use Integrated Gradients instead. + $ref: '#/components/schemas/XPSXraiAttribution' + deprecated: true + id: XPSResponseExplanationParameters + type: object + XPSImageModelServingSpec: + description: Serving specification for image models. + id: XPSImageModelServingSpec type: object properties: - value: - description: The objective value when this point was recorded. + modelThroughputEstimation: + description: Populate under uCAIP request scope. + items: + $ref: >- + #/components/schemas/XPSImageModelServingSpecModelThroughputEstimation + type: array + nodeQps: + description: >- + An estimated value of how much traffic a node can serve. Populated + for AutoMl request only. + format: double type: number - format: float - createTime: - description: The time at which this point was recorded. + tfRuntimeVersion: type: string - format: google-datetime - XPSVideoTrainingOperationMetadata: - id: XPSVideoTrainingOperationMetadata + description: >- + ## The fields below are only populated under uCAIP request scope. + https://cloud.google.com/ml-engine/docs/runtime-version-list + XPSTablesModelStructureModelParametersParameter: type: object + id: XPSTablesModelStructureModelParametersParameter properties: - trainCostMilliNodeHour: - description: >- - This is an estimation of the node hours necessary for training a - model, expressed in milli node hours (i.e. 1,000 value in this field - means 1 node hour). A node hour represents the time a virtual - machine spends running your training job. The cost of one node - running for one hour is a node hour. + floatValue: + type: number + description: Float type parameter value. + format: double + name: + description: Parameter name. type: string + stringValue: + type: string + description: String type parameter value. + intValue: + description: Integer type parameter value. format: int64 - XPSVideoBatchPredictOperationMetadata: - id: XPSVideoBatchPredictOperationMetadata + type: string + XPSTrainingObjectivePoint: type: object + id: XPSTrainingObjectivePoint properties: - outputExamples: - description: >- - All the partial batch prediction results that are completed at the - moment. Output examples are sorted by completion time. The order - will not be changed. Each output example should be the path of a - single RecordIO file of AnnotatedExamples. - type: array + createTime: + type: string + format: google-datetime + description: The time at which this point was recorded. + value: + format: float + description: The objective value when this point was recorded. + type: number + XPSTextTrainResponse: + properties: + componentModel: + description: Component submodels. items: - type: string - XPSVisionTrainingOperationMetadata: - id: XPSVisionTrainingOperationMetadata - deprecated: true + $ref: '#/components/schemas/XPSTextComponentModel' + type: array + id: XPSTextTrainResponse type: object + XPSTrackMetricsEntryConfidenceMetricsEntry: + id: XPSTrackMetricsEntryConfidenceMetricsEntry properties: - explanationUsage: + boundingBoxIou: + format: float + type: number description: >- - Aggregated infra usage within certain time period, for billing - report purpose if XAI is enable in training request. - $ref: '#/components/schemas/InfraUsage' - InfraUsage: - id: InfraUsage - description: 'LINT: LEGACY_NAMES Infra Usage of billing metrics.' + Output only. Bounding box intersection-over-union precision. + Measures how well the bounding boxes overlap between each other + (e.g. complete overlap or just barely above iou_threshold). + trackingPrecision: + format: float + type: number + description: Output only. Tracking precision. + trackingRecall: + description: Output only. Tracking recall. + format: float + type: number + confidenceThreshold: + format: float + type: number + description: >- + Output only. The confidence threshold value used to compute the + metrics. + mismatchRate: + description: >- + Output only. Mismatch rate, which measures the tracking consistency, + i.e. correctness of instance ID continuity. + format: float + type: number type: object - properties: - cpuMetrics: - description: Aggregated core metrics since requested start_time. + description: 'Metrics for a single confidence threshold. Next tag: 6.' + XPSMetricEntry: + properties: + doubleValue: + format: double + type: number + description: A double value. + int64Value: + type: string + format: int64 + description: A signed 64-bit integer value. + metricName: + description: The metric name defined in the service configuration. + type: string + argentumMetricId: + description: >- + For billing metrics that are using legacy sku's, set the legacy + billing metric id here. This will be sent to Chemist as the + "cloudbilling.googleapis.com/argentum_metric_id" label. Otherwise + leave empty. + type: string + systemLabels: + description: Billing system labels for this (metric, value) pair. + items: + $ref: '#/components/schemas/XPSMetricEntryLabel' + type: array + type: object + id: XPSMetricEntry + XPSTextExtractionEvaluationMetrics: + type: object + id: XPSTextExtractionEvaluationMetrics + properties: + perLabelConfidenceMetrics: + description: Only recall, precision, and f1_score will be set. + type: object + additionalProperties: + $ref: '#/components/schemas/XPSConfidenceMetricsEntry' + deprecated: true + bestF1ConfidenceMetrics: + $ref: '#/components/schemas/XPSConfidenceMetricsEntry' + description: >- + Values are at the highest F1 score on the precision-recall curve. + Only confidence_threshold, recall, precision, and f1_score will be + set. + deprecated: true + confusionMatrix: + description: >- + Confusion matrix of the model, at the default confidence threshold + (0.0). Only set for whole-model evaluation, not for evaluation per + label. + $ref: '#/components/schemas/XPSConfusionMatrix' + confidenceMetricsEntries: type: array + description: >- + If the enclosing EvaluationMetrics.label is empty, + confidence_metrics_entries is an evaluation of the entire model + across all labels. If the enclosing EvaluationMetrics.label is set, + confidence_metrics_entries applies to that label. items: - $ref: '#/components/schemas/CpuMetric' - ramMetrics: - description: Aggregated ram metrics since requested start_time. + $ref: '#/components/schemas/XPSConfidenceMetricsEntry' + XPSTablesTrainingOperationMetadata: + properties: + trainingStartTime: + type: string + format: google-datetime + description: Timestamp when training process starts. + topTrials: + items: + $ref: '#/components/schemas/XPSTuningTrial' + type: array + description: >- + This field is for training. When the operation is terminated + successfully, AutoML Backend post this field to operation metadata + in spanner. If the metadata has no trials returned, the training + operation is supposed to be a failure. + trainingObjectivePoints: type: array items: - $ref: '#/components/schemas/RamMetric' - gpuMetrics: - description: Aggregated gpu metrics since requested start_time. + $ref: '#/components/schemas/XPSTrainingObjectivePoint' + description: >- + This field records the training objective value with respect to + time, giving insight into how the model architecture search is + performing as training time elapses. + trainBudgetMilliNodeHours: + type: string + format: int64 + description: Creating model budget. + optimizationObjective: + type: string + description: The optimization objective for model. + createModelStage: + description: Current stage of creating model. + type: string + enum: + - CREATE_MODEL_STAGE_UNSPECIFIED + - DATA_PREPROCESSING + - TRAINING + - EVALUATING + - MODEL_POST_PROCESSING + enumDescriptions: + - Unspecified stage. + - Prepare the model training pipeline and run data processing. + - Training model. + - Run evaluation. + - Finalizing model training pipeline. + id: XPSTablesTrainingOperationMetadata + type: object + AnnotateTextResponse: + id: AnnotateTextResponse + properties: + entities: + items: + $ref: '#/components/schemas/Entity' + type: array + description: >- + Entities, along with their semantic information, in the input + document. Populated if the user enables + AnnotateTextRequest.Features.extract_entities . + categories: type: array + description: Categories identified in the input document. items: - $ref: '#/components/schemas/GpuMetric' - tpuMetrics: - description: Aggregated tpu metrics since requested start_time. + $ref: '#/components/schemas/ClassificationCategory' + documentSentiment: + description: >- + The overall sentiment for the document. Populated if the user + enables AnnotateTextRequest.Features.extract_document_sentiment. + $ref: '#/components/schemas/Sentiment' + languageCode: + description: >- + The language of the text, which will be the same as the language + specified in the request or, if not specified, the + automatically-detected language. See Document.language_code field + for more details. + type: string + moderationCategories: type: array + description: Harmful and sensitive categories identified in the input document. items: - $ref: '#/components/schemas/TpuMetric' - diskMetrics: - description: Aggregated persistent disk metrics since requested start_time. + $ref: '#/components/schemas/ClassificationCategory' + languageSupported: + description: >- + Whether the language is officially supported by all requested + features. The API may still return a response when the language is + not supported, but it is on a best effort basis. + type: boolean + sentences: + items: + $ref: '#/components/schemas/Sentence' type: array + description: >- + Sentences in the input document. Populated if the user enables + AnnotateTextRequest.Features.extract_document_sentiment. + type: object + description: The text annotations response message. + TextSpan: + id: TextSpan + type: object + description: Represents a text span in the input document. + properties: + beginOffset: + type: integer + description: >- + The API calculates the beginning offset of the content in the + original document according to the EncodingType specified in the API + request. + format: int32 + content: + type: string + description: The content of the text span, which is a substring of the document. + XPSRow: + properties: + columnIds: + description: >- + The ids of the columns. Note: The below `values` field must match + order of this field, if this field is set. items: - $ref: '#/components/schemas/DiskMetric' - CpuMetric: - id: CpuMetric - description: Metric for billing reports. + type: integer + format: int32 + type: array + values: + type: array + description: >- + The values of the row cells, given in the same order as the + column_ids. If column_ids is not set, then in the same order as the + input_feature_column_ids in TablesModelMetadata. + items: + type: any + id: XPSRow + type: object + XPSBoundingBoxMetricsEntry: + id: XPSBoundingBoxMetricsEntry type: object + description: >- + Bounding box matching model metrics for a single intersection-over-union + threshold and multiple label match confidence thresholds. properties: - cpuType: - description: Required. Type of cpu, e.g. N2. + confidenceMetricsEntries: + type: array + description: >- + Metrics for each label-match confidence_threshold from + 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99. + items: + $ref: >- + #/components/schemas/XPSBoundingBoxMetricsEntryConfidenceMetricsEntry + iouThreshold: + type: number + format: float + description: >- + The intersection-over-union threshold value used to compute this + metrics entry. + meanAveragePrecision: + description: The mean average precision. + type: number + format: float + XPSTablesEvaluationMetrics: + properties: + regressionMetrics: + $ref: '#/components/schemas/XPSTablesRegressionMetrics' + description: Regression metrics. + classificationMetrics: + description: Classification metrics. + $ref: '#/components/schemas/XPSTablesClassificationMetrics' + id: XPSTablesEvaluationMetrics + type: object + XPSTranslationPreprocessResponse: + type: object + id: XPSTranslationPreprocessResponse + properties: + validExampleCount: + format: int64 type: string - enumDescriptions: - - '' - - GPU-based machine, skip quota reporting. - - GPU-based machine, skip quota reporting. - - GPU-based machine, skip quota reporting. - - GPU-based machine, skip quota reporting. - - COMPUTE_OPTIMIZED - - '' - - '' - - '' - - GPU-based machine, skip quota reporting. - - GPU-based machine, skip quota reporting. - - '' - - MEMORY_OPTIMIZED_UPGRADE_PREMIUM - - MEMORY_OPTIMIZED - - '' - - '' - - '' - - '' - enum: - - UNKNOWN_CPU_TYPE - - A2 - - A3 - - A4 - - A4X - - C2 - - C2D - - CUSTOM - - E2 - - G2 - - G4 - - C3 - - M2 - - M1 - - N1 - - N2_CUSTOM - - N2 - - N2D - coreSec: - description: Required. Total seconds of core usage, e.g. 4. + description: Total valid example count. + parsedExampleCount: + format: int64 + type: string + description: Total example count parsed. + description: Translation preprocess response. + XPSBoundingBoxMetricsEntryConfidenceMetricsEntry: + properties: + precision: + format: float + type: number + description: Precision for the given confidence threshold. + recall: + description: Recall for the given confidence threshold. + format: float + type: number + confidenceThreshold: + description: The confidence threshold value used to compute the metrics. + type: number + format: float + f1Score: + description: The harmonic mean of recall and precision. + type: number + format: float + type: object + id: XPSBoundingBoxMetricsEntryConfidenceMetricsEntry + description: Metrics for a single confidence threshold. + AnalyzeEntitiesResponse: + id: AnalyzeEntitiesResponse + type: object + description: The entity analysis response message. + properties: + languageCode: + type: string + description: >- + The language of the text, which will be the same as the language + specified in the request or, if not specified, the + automatically-detected language. See Document.language_code field + for more details. + entities: + description: The recognized entities in the input document. + items: + $ref: '#/components/schemas/Entity' + type: array + languageSupported: + description: >- + Whether the language is officially supported. The API may still + return a response when the language is not supported, but it is on a + best effort basis. + type: boolean + XPSTablesDatasetMetadata: + id: XPSTablesDatasetMetadata + description: Metadata for a dataset used for AutoML Tables. + properties: + primaryTableSpec: + $ref: '#/components/schemas/XPSTableSpec' + description: Primary table. + targetColumnId: + description: >- + Id of the primary table column that should be used as the training + label. + format: int32 + type: integer + targetColumnCorrelations: + additionalProperties: + $ref: '#/components/schemas/XPSCorrelationStats' + type: object + description: '(the column id : its CorrelationStats with target column).' + weightColumnId: + type: integer + description: >- + Id of the primary table column that should be used as the weight + column. + format: int32 + mlUseColumnId: + format: int32 + description: Id the column to split the table. + type: integer + type: object + XPSTuningTrial: + description: >- + Metrics for a tuning job generated, will get forwarded to Stackdriver as + model tuning logs. Setting this as a standalone message out of + CreateModelMetadata to avoid confusion as we expose this message only to + users. + properties: + modelStructure: + description: Model parameters for the trial. + $ref: '#/components/schemas/XPSTablesModelStructure' + trainingObjectivePoint: + description: The optimization objective evaluation of the eval split data. + $ref: '#/components/schemas/XPSTrainingObjectivePoint' + id: XPSTuningTrial + type: object + XPSTablesRegressionMetrics: + id: XPSTablesRegressionMetrics + type: object + properties: + rootMeanSquaredLogError: + format: double + description: Root mean squared log error. + type: number + rSquared: + description: R squared. + type: number + format: double + meanAbsoluteError: + format: double + description: Mean absolute error. + type: number + meanAbsolutePercentageError: + type: number + description: >- + Mean absolute percentage error, only set if all of the target + column's values are positive. + format: double + regressionMetricsEntries: + description: >- + A list of actual versus predicted points for the model being + evaluated. + type: array + items: + $ref: '#/components/schemas/XPSRegressionMetricsEntry' + rootMeanSquaredError: + type: number + format: double + description: Root mean squared error. + description: Metrics for Tables regression problems. + XPSTablesModelStructure: + id: XPSTablesModelStructure + properties: + modelParameters: + description: A list of models. + items: + $ref: '#/components/schemas/XPSTablesModelStructureModelParameters' + type: array + type: object + description: A description of Tables model structure. + XPSColumnSpecCorrelatedColumn: + description: >- + Identifies a table's column, and its correlation with the column this + ColumnSpec describes. + type: object + id: XPSColumnSpecCorrelatedColumn + properties: + columnId: + type: integer + format: int32 + correlationStats: + $ref: '#/components/schemas/XPSCorrelationStats' + XPSCommonStats: + id: XPSCommonStats + description: Common statistics for a column with a specified data type. + type: object + properties: + validValueCount: + format: int64 type: string + distinctValueCount: format: int64 - coreNumber: - description: Required. Number of CPU cores. type: string + nullValueCount: + type: string + format: int64 + AnnotateTextRequestFeatures: + properties: + extractEntities: + type: boolean + description: Optional. Extract entities. + moderateText: + description: >- + Optional. Moderate the document for harmful and sensitive + categories. + type: boolean + classifyText: + type: boolean + description: Optional. Classify the full document into categories. + extractDocumentSentiment: + type: boolean + description: Optional. Extract document-level sentiment. + description: >- + All available features. Setting each one to true will enable that + specific analysis for the input. + type: object + id: AnnotateTextRequestFeatures + XPSStructStats: + description: The data statistics of a series of STRUCT values. + properties: + fieldStats: + type: object + additionalProperties: + $ref: '#/components/schemas/XPSDataStats' + description: >- + Map from a field name of the struct to data stats aggregated over + series of all data in that field across all the structs. + commonStats: + $ref: '#/components/schemas/XPSCommonStats' + type: object + id: XPSStructStats + RamMetric: + id: RamMetric + type: object + properties: + trackingLabels: + type: object + description: >- + Billing tracking labels. They do not contain any user data but only + the labels set by Vertex Core Infra itself. Tracking labels' keys + are defined with special format: goog-[\p{Ll}\p{N}]+ E.g. "key": + "goog-k8s-cluster-name","value": "us-east1-b4rk" + additionalProperties: + type: string + memories: + type: number + format: double + description: Required. VM memory in gb. + gibSec: format: int64 + description: >- + Required. VM memory in Gigabyte second, e.g. 3600. Using int64 type + to match billing metrics definition. + type: string machineSpec: description: Required. Machine spec, e.g. N1_STANDARD_4. type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' enum: - UNKNOWN_MACHINE_SPEC - N1_STANDARD_2 @@ -4017,234 +3431,594 @@ components: - C3_HIGHMEM_44 - C3_HIGHMEM_88 - C3_HIGHMEM_176 - trackingLabels: + - C4_STANDARD_8 + - C4_STANDARD_16 + - C4_STANDARD_24 + - C4_STANDARD_32 + - C4_STANDARD_48 + - C4_STANDARD_96 + - C4_STANDARD_144 + - C4_STANDARD_192 + - C4_STANDARD_288 + - C4_HIGHCPU_8 + - C4_HIGHCPU_16 + - C4_HIGHCPU_24 + - C4_HIGHCPU_32 + - C4_HIGHCPU_48 + - C4_HIGHCPU_96 + - C4_HIGHCPU_144 + - C4_HIGHCPU_192 + - C4_HIGHCPU_288 + - C4_HIGHMEM_8 + - C4_HIGHMEM_16 + - C4_HIGHMEM_24 + - C4_HIGHMEM_32 + - C4_HIGHMEM_48 + - C4_HIGHMEM_96 + - C4_HIGHMEM_144 + - C4_HIGHMEM_192 + - C4_HIGHMEM_288 + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + ramType: + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - COMPUTE_OPTIMIZED + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - MEMORY_OPTIMIZED_UPGRADE_PREMIUM + - MEMORY_OPTIMIZED + - '' + - '' + - '' + - '' + enum: + - UNKNOWN_RAM_TYPE + - A2 + - A3 + - A4 + - A4X + - C2 + - C2D + - CUSTOM + - E2 + - G2 + - G4 + - C4 + - C3 + - M2 + - M1 + - N1 + - N2_CUSTOM + - N2 + - N2D + type: string + description: Required. Type of ram. + XPSVisionErrorAnalysisConfig: + description: 'The vision model error analysis configuration. Next tag: 3' + properties: + exampleCount: + format: int32 + type: integer + description: The number of query examples in error analysis. + queryType: + type: string + enumDescriptions: + - Unspecified query type for model error analysis. + - Query similar samples across all classes in the dataset. + - Query similar samples from the same class of the input sample. + - Query dissimilar samples from the same class of the input sample. + enum: + - QUERY_TYPE_UNSPECIFIED + - QUERY_TYPE_ALL_SIMILAR + - QUERY_TYPE_SAME_CLASS_SIMILAR + - QUERY_TYPE_SAME_CLASS_DISSIMILAR + description: >- + The query type used in retrieval. The enum values are frozen in the + foreseeable future. + type: object + id: XPSVisionErrorAnalysisConfig + XPSRegressionMetricsEntry: + properties: + trueValue: + description: The actual target value for a row in the dataset. + type: number + format: float + predictedValue: + format: float + type: number + description: The observed value for a row in the dataset. + id: XPSRegressionMetricsEntry + type: object + description: A pair of actual & observed values for the model being evaluated. + XPSColumnSpecForecastingMetadata: + properties: + columnType: + enum: + - COLUMN_TYPE_UNSPECIFIED + - KEY + - KEY_METADATA + - TIME_SERIES_AVAILABLE_PAST_ONLY + - TIME_SERIES_AVAILABLE_PAST_AND_FUTURE + description: The type of the column for FORECASTING model training purposes. + type: string + enumDescriptions: + - An un-set value of this enum. + - Key columns are used to identify timeseries. + - >- + This column contains information describing static properties of + the entities identified by the key column(s) (e.g. city's ZIP + code). + - >- + This column contains information for the given entity, at any time + poinrt, they are only available in the time series before. + - >- + This column contains information for the given entity is known + both for the past and the sufficiently far future. + id: XPSColumnSpecForecastingMetadata + type: object + XPSDataErrors: + id: XPSDataErrors + description: Different types of errors and the stats associatesd with each error. + type: object + properties: + count: + type: integer + description: Number of records having errors associated with the enum. + format: int32 + errorType: + enum: + - ERROR_TYPE_UNSPECIFIED + - UNSUPPORTED_AUDIO_FORMAT + - FILE_EXTENSION_MISMATCH_WITH_AUDIO_FORMAT + - FILE_TOO_LARGE + - MISSING_TRANSCRIPTION + enumDescriptions: + - Not specified. + - >- + Audio format not in the formats by cloud-speech AutoML. Currently + only wav and flac file formats are supported. + - >- + File format differnt from what is specified in the file name + extension. + - File too large. Maximum allowed size is 50 MB. + - Transcript is missing. + description: Type of the error. + type: string + XPSFileSpec: + id: XPSFileSpec + type: object + description: >- + Spec of input and output files, on external file systems (for example, + Colossus Namespace System or Google Cloud Storage). + properties: + fileFormat: + type: string + enumDescriptions: + - '' + - '' + - Internal format for parallel text data used by Google Translate. + - '' + - >- + Only the lexicographically first file described by the file_spec + contains the header line. + - '' + enumDeprecated: + - false + - true + - false + - false + - false + - false + enum: + - FILE_FORMAT_UNKNOWN + - FILE_FORMAT_SSTABLE + - FILE_FORMAT_TRANSLATION_RKV + - FILE_FORMAT_RECORDIO + - FILE_FORMAT_RAW_CSV + - FILE_FORMAT_RAW_CAPACITOR + fileSpec: + type: string + description: >- + Single file path, or file pattern of format + "/path/to/file@shard_count". E.g. /cns/cell-d/somewhere/file@2 is + expanded to two files: /cns/cell-d/somewhere/file-00000-of-00002 and + /cns/cell-d/somewhere/file-00001-of-00002. + singleFilePath: + type: string + description: Deprecated. Use file_spec. + deprecated: true + directoryPath: + deprecated: true + description: Deprecated. Use file_spec. + type: string + XPSConfidenceMetricsEntry: + description: >- + ConfidenceMetricsEntry includes generic precision, recall, f1 score etc. + Next tag: 16. + id: XPSConfidenceMetricsEntry + properties: + precision: + type: number + description: Precision for the given confidence threshold. + format: float + confidenceThreshold: + description: >- + Metrics are computed with an assumption that the model never return + predictions with score lower than this value. + format: float + type: number + falsePositiveRateAt1: + type: number + description: >- + The False Positive Rate when only considering the label that has the + highest prediction score and not below the confidence threshold for + each example. + format: float + falsePositiveCount: + type: string + format: int64 + description: >- + The number of model created labels that do not match a ground truth + label. + precisionAt1: + format: float + description: >- + The precision when only considering the label that has the highest + prediction score and not below the confidence threshold for each + example. + type: number + falsePositiveRate: + type: number + description: False Positive Rate for the given confidence threshold. + format: float + recallAt1: + format: float + type: number + description: >- + The recall (true positive rate) when only considering the label that + has the highest prediction score and not below the confidence + threshold for each example. + positionThreshold: + format: int32 + type: integer + description: >- + Metrics are computed with an assumption that the model always + returns at most this many predictions (ordered by their score, + descendingly), but they all still need to meet the + confidence_threshold. + trueNegativeCount: + format: int64 + type: string + description: >- + The number of labels that were not created by the model, but if they + would, they would not match a ground truth label. + f1Score: + format: float + type: number + description: The harmonic mean of recall and precision. + truePositiveCount: + type: string + format: int64 + description: The number of model created labels that match a ground truth label. + f1ScoreAt1: + description: The harmonic mean of recall_at1 and precision_at1. + type: number + format: float + falseNegativeCount: + type: string + format: int64 description: >- - Billing tracking labels. They do not contain any user data but only - the labels set by Vertex Core Infra itself. Tracking labels' keys - are defined with special format: goog-[\p{Ll}\p{N}]+ E.g. "key": - "goog-k8s-cluster-name","value": "us-east1-b4rk" - type: object - additionalProperties: - type: string - RamMetric: - id: RamMetric + The number of ground truth labels that are not matched by a model + created label. + recall: + description: Recall (true positive rate) for the given confidence threshold. + type: number + format: float + type: object + XPSExampleSet: type: object + description: Set of examples or input sources. + id: XPSExampleSet properties: - ramType: - description: Required. Type of ram. + fileSpec: + description: File spec of the examples or input sources. + $ref: '#/components/schemas/XPSFileSpec' + numInputSources: type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - COMPUTE_OPTIMIZED - - '' - - '' - - '' - - '' - - '' - - '' - - MEMORY_OPTIMIZED_UPGRADE_PREMIUM - - MEMORY_OPTIMIZED - - '' - - '' - - '' - - '' - enum: - - UNKNOWN_RAM_TYPE - - A2 - - A3 - - A4 - - A4X - - C2 - - C2D - - CUSTOM - - E2 - - G2 - - G4 - - C3 - - M2 - - M1 - - N1 - - N2_CUSTOM - - N2 - - N2D - gibSec: - description: >- - Required. VM memory in Gigabyte second, e.g. 3600. Using int64 type - to match billing metrics definition. + format: int64 + description: Number of input sources. + numExamples: type: string + description: Number of examples. format: int64 - memories: - description: Required. VM memory in gb. - type: number - format: double - machineSpec: - description: Required. Machine spec, e.g. N1_STANDARD_4. + fingerprint: type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' + description: Fingerprint of the example set. + format: int64 + XPSImageExportModelSpec: + properties: + exportModelOutputConfig: + description: >- + Contains the model format and internal location of the model files + to be exported/downloaded. Use the Google Cloud Storage bucket name + which is provided via TrainRequest.gcs_bucket_name to store the + model files. + type: array + items: + $ref: '#/components/schemas/XPSExportModelOutputConfig' + description: >- + Information of downloadable models that are pre-generated as part of + training flow and will be persisted in AutoMl backend. Upon receiving + ExportModel request from user, AutoMl backend can serve the + pre-generated models to user if exists (by copying the files from + internal path to user provided location), otherwise, AutoMl backend will + call xPS ExportModel API to generate the model on the fly with the + requesting format. + id: XPSImageExportModelSpec + type: object + XPSTextComponentModel: + description: Component model. + properties: + onlinePredictionModelGcsUri: + description: The Cloud Storage resource path to hold online prediction model. + type: string + partition: + type: string + description: >- + The partition where the model is deployed. Populated by uCAIP BE as + part of online PredictRequest. + enumDescriptions: - '' + - The default partition. + - >- + It has significantly lower replication than partition-0 and is + located in the US only. It also has a larger model size limit and + higher default RAM quota than partition-0. Customers with batch + traffic, US-based traffic, or very large models should use this + partition. Capacity in this partition is significantly cheaper + than partition-0. + - To be used by customers with Jellyfish-accelerated ops. + - The partition used by regionalized servomatic cloud regions. + - The partition used for loading models from custom storage. + enum: + - PARTITION_TYPE_UNSPECIFIED + - PARTITION_ZERO + - PARTITION_REDUCED_HOMING + - PARTITION_JELLYFISH + - PARTITION_CPU + - PARTITION_CUSTOM_STORAGE_CPU + tfRuntimeVersion: + description: >- + ## The fields below are only populated under uCAIP request scope. + https://cloud.google.com/ml-engine/docs/runtime-version-list + type: string + servingArtifact: + $ref: '#/components/schemas/XPSModelArtifactItem' + description: >- + The default model binary file used for serving (e.g. online predict, + batch predict) via public Cloud Ai Platform API. + batchPredictionModelGcsUri: + description: The Cloud Storage resource path to hold batch prediction model. + type: string + submodelType: + enum: + - TEXT_MODEL_TYPE_UNSPECIFIED + - TEXT_MODEL_TYPE_DEFAULT + - TEXT_MODEL_TYPE_META_ARCHITECT + - TEXT_MODEL_TYPE_ATC + - TEXT_MODEL_TYPE_CLARA2 + - TEXT_MODEL_TYPE_CHATBASE + - TEXT_MODEL_TYPE_SAFT_SPAN_LABELING + - TEXT_MODEL_TYPE_TEXT_EXTRACTION + - TEXT_MODEL_TYPE_RELATIONSHIP_EXTRACTION + - TEXT_MODEL_TYPE_COMPOSITE + - TEXT_MODEL_TYPE_ALL_MODELS + - TEXT_MODEL_TYPE_BERT + - TEXT_MODEL_TYPE_ENC_PALM + enumDescriptions: - '' - '' - '' @@ -4252,190 +4026,300 @@ components: - '' - '' - '' - enum: - - UNKNOWN_MACHINE_SPEC - - N1_STANDARD_2 - - N1_STANDARD_4 - - N1_STANDARD_8 - - N1_STANDARD_16 - - N1_STANDARD_32 - - N1_STANDARD_64 - - N1_STANDARD_96 - - N1_HIGHMEM_2 - - N1_HIGHMEM_4 - - N1_HIGHMEM_8 - - N1_HIGHMEM_16 - - N1_HIGHMEM_32 - - N1_HIGHMEM_64 - - N1_HIGHMEM_96 - - N1_HIGHCPU_2 - - N1_HIGHCPU_4 - - N1_HIGHCPU_8 - - N1_HIGHCPU_16 - - N1_HIGHCPU_32 - - N1_HIGHCPU_64 - - N1_HIGHCPU_96 - - A2_HIGHGPU_1G - - A2_HIGHGPU_2G - - A2_HIGHGPU_4G - - A2_HIGHGPU_8G - - A2_MEGAGPU_16G - - A2_ULTRAGPU_1G - - A2_ULTRAGPU_2G - - A2_ULTRAGPU_4G - - A2_ULTRAGPU_8G - - A3_HIGHGPU_1G - - A3_HIGHGPU_2G - - A3_HIGHGPU_4G - - A3_HIGHGPU_8G - - A3_MEGAGPU_8G - - A3_ULTRAGPU_8G - - A3_EDGEGPU_8G - - A4_HIGHGPU_8G - - A4X_HIGHGPU_4G - - E2_STANDARD_2 - - E2_STANDARD_4 - - E2_STANDARD_8 - - E2_STANDARD_16 - - E2_STANDARD_32 - - E2_HIGHMEM_2 - - E2_HIGHMEM_4 - - E2_HIGHMEM_8 - - E2_HIGHMEM_16 - - E2_HIGHCPU_2 - - E2_HIGHCPU_4 - - E2_HIGHCPU_8 - - E2_HIGHCPU_16 - - E2_HIGHCPU_32 - - N2_STANDARD_2 - - N2_STANDARD_4 - - N2_STANDARD_8 - - N2_STANDARD_16 - - N2_STANDARD_32 - - N2_STANDARD_48 - - N2_STANDARD_64 - - N2_STANDARD_80 - - N2_STANDARD_96 - - N2_STANDARD_128 - - N2_HIGHMEM_2 - - N2_HIGHMEM_4 - - N2_HIGHMEM_8 - - N2_HIGHMEM_16 - - N2_HIGHMEM_32 - - N2_HIGHMEM_48 - - N2_HIGHMEM_64 - - N2_HIGHMEM_80 - - N2_HIGHMEM_96 - - N2_HIGHMEM_128 - - N2_HIGHCPU_2 - - N2_HIGHCPU_4 - - N2_HIGHCPU_8 - - N2_HIGHCPU_16 - - N2_HIGHCPU_32 - - N2_HIGHCPU_48 - - N2_HIGHCPU_64 - - N2_HIGHCPU_80 - - N2_HIGHCPU_96 - - N2D_STANDARD_2 - - N2D_STANDARD_4 - - N2D_STANDARD_8 - - N2D_STANDARD_16 - - N2D_STANDARD_32 - - N2D_STANDARD_48 - - N2D_STANDARD_64 - - N2D_STANDARD_80 - - N2D_STANDARD_96 - - N2D_STANDARD_128 - - N2D_STANDARD_224 - - N2D_HIGHMEM_2 - - N2D_HIGHMEM_4 - - N2D_HIGHMEM_8 - - N2D_HIGHMEM_16 - - N2D_HIGHMEM_32 - - N2D_HIGHMEM_48 - - N2D_HIGHMEM_64 - - N2D_HIGHMEM_80 - - N2D_HIGHMEM_96 - - N2D_HIGHCPU_2 - - N2D_HIGHCPU_4 - - N2D_HIGHCPU_8 - - N2D_HIGHCPU_16 - - N2D_HIGHCPU_32 - - N2D_HIGHCPU_48 - - N2D_HIGHCPU_64 - - N2D_HIGHCPU_80 - - N2D_HIGHCPU_96 - - N2D_HIGHCPU_128 - - N2D_HIGHCPU_224 - - C2_STANDARD_4 - - C2_STANDARD_8 - - C2_STANDARD_16 - - C2_STANDARD_30 - - C2_STANDARD_60 - - C2D_STANDARD_2 - - C2D_STANDARD_4 - - C2D_STANDARD_8 - - C2D_STANDARD_16 - - C2D_STANDARD_32 - - C2D_STANDARD_56 - - C2D_STANDARD_112 - - C2D_HIGHCPU_2 - - C2D_HIGHCPU_4 - - C2D_HIGHCPU_8 - - C2D_HIGHCPU_16 - - C2D_HIGHCPU_32 - - C2D_HIGHCPU_56 - - C2D_HIGHCPU_112 - - C2D_HIGHMEM_2 - - C2D_HIGHMEM_4 - - C2D_HIGHMEM_8 - - C2D_HIGHMEM_16 - - C2D_HIGHMEM_32 - - C2D_HIGHMEM_56 - - C2D_HIGHMEM_112 - - G2_STANDARD_4 - - G2_STANDARD_8 - - G2_STANDARD_12 - - G2_STANDARD_16 - - G2_STANDARD_24 - - G2_STANDARD_32 - - G2_STANDARD_48 - - G2_STANDARD_96 - - G4_STANDARD_48 - - C3_STANDARD_4 - - C3_STANDARD_8 - - C3_STANDARD_22 - - C3_STANDARD_44 - - C3_STANDARD_88 - - C3_STANDARD_176 - - C3_HIGHCPU_4 - - C3_HIGHCPU_8 - - C3_HIGHCPU_22 - - C3_HIGHCPU_44 - - C3_HIGHCPU_88 - - C3_HIGHCPU_176 - - C3_HIGHMEM_4 - - C3_HIGHMEM_8 - - C3_HIGHMEM_22 - - C3_HIGHMEM_44 - - C3_HIGHMEM_88 - - C3_HIGHMEM_176 - trackingLabels: + - Model type for entity extraction. + - Model type for relationship extraction. + - >- + A composite model represents a set of component models that have + to be used together for prediction. A composite model appears to + be a single model to the model user. It may contain only one + component model. + - >- + Model type used to train default, MA, and ATC models in a single + batch worker pipeline. + - >- + BERT pipeline needs a specific model type, since it uses a + different TFX configuration compared with DEFAULT (despite sharing + most of the code). + - Model type for EncPaLM. + type: string + description: The type of trained NL submodel + submodelName: + description: The name of the trained NL submodel. + type: string + servoModelName: + type: string description: >- - Billing tracking labels. They do not contain any user data but only - the labels set by Vertex Core Infra itself. Tracking labels' keys - are defined with special format: goog-[\p{Ll}\p{N}]+ E.g. "key": - "goog-k8s-cluster-name","value": "us-east1-b4rk" + The name of servo model. Populated by uCAIP BE as part of online + PredictRequest. + versionNumber: + description: >- + The servomatic model version number. Populated by uCAIP BE as part + of online PredictRequest. + type: string + format: int64 + id: XPSTextComponentModel + type: object + EntityMention: + type: object + properties: + probability: + type: number + format: float + description: >- + Probability score associated with the entity. The score shows the + probability of the entity mention being the entity type. The score + is in (0, 1] range. + text: + $ref: '#/components/schemas/TextSpan' + description: The mention text. + sentiment: + description: >- + For calls to AnalyzeEntitySentiment this field will contain the + sentiment expressed for this mention of the entity in the provided + document. + $ref: '#/components/schemas/Sentiment' + type: + type: string + enum: + - TYPE_UNKNOWN + - PROPER + - COMMON + description: The type of the entity mention. + enumDescriptions: + - Unknown + - Proper name + - Common noun (or noun compound) + id: EntityMention + description: >- + Represents a mention for an entity in the text. Currently, proper noun + mentions are supported. + XPSColorMapIntColor: + type: object + properties: + red: + format: int32 + type: integer + description: The value should be in range of [0, 255]. + blue: + format: int32 + description: The value should be in range of [0, 255]. + type: integer + green: + format: int32 + description: The value should be in range of [0, 255]. + type: integer + id: XPSColorMapIntColor + description: RGB color and each channel is represented by an integer. + XPSTimestampStats: + properties: + medianTimestampNanos: + format: int64 + type: string + granularStats: type: object + description: >- + The string key is the pre-defined granularity. Currently supported: + hour_of_day, day_of_week, month_of_year. Granularities finer that + the granularity of timestamp data are not populated (e.g. if + timestamps are at day granularity, then hour_of_day is not + populated). additionalProperties: - type: string - GpuMetric: - id: GpuMetric + $ref: '#/components/schemas/XPSTimestampStatsGranularStats' + commonStats: + $ref: '#/components/schemas/XPSCommonStats' + id: XPSTimestampStats + description: The data statistics of a series of TIMESTAMP values. + type: object + XPSVideoTrainingOperationMetadata: + id: XPSVideoTrainingOperationMetadata + type: object + properties: + trainCostMilliNodeHour: + type: string + description: >- + This is an estimation of the node hours necessary for training a + model, expressed in milli node hours (i.e. 1,000 value in this field + means 1 node hour). A node hour represents the time a virtual + machine spends running your training job. The cost of one node + running for one hour is a node hour. + format: int64 + ClassifyTextRequest: + properties: + document: + description: Required. Input document. + $ref: '#/components/schemas/Document' + id: ClassifyTextRequest + description: The document classification request message. + type: object + XPSClassificationEvaluationMetrics: + properties: + baseAuPrc: + type: number + format: float + description: The Area under precision recall curve metric based on priors. + confusionMatrix: + description: >- + Confusion matrix of the evaluation. Only set for MULTICLASS + classification problems where number of annotation specs is no more + than 10. Only set for model level evaluation, not for evaluation per + label. + $ref: '#/components/schemas/XPSConfusionMatrix' + auRoc: + format: float + type: number + description: >- + The Area Under Receiver Operating Characteristic curve metric. + Micro-averaged for the overall evaluation. + confidenceMetricsEntries: + items: + $ref: '#/components/schemas/XPSConfidenceMetricsEntry' + type: array + description: >- + Metrics that have confidence thresholds. Precision-recall curve can + be derived from it. + evaluatedExamplesCount: + type: integer + format: int32 + description: The number of examples used for model evaluation. + logLoss: + type: number + description: The Log Loss metric. + format: float + auPrc: + format: float + type: number + description: The Area under precision recall curve metric. + id: XPSClassificationEvaluationMetrics + description: >- + Model evaluation metrics for classification problems. It can be used for + image and video classification. Next tag: 9. + type: object + ModerateTextRequest: + id: ModerateTextRequest + description: The document moderation request message. + type: object + properties: + document: + $ref: '#/components/schemas/Document' + description: Required. Input document. + modelVersion: + description: Optional. The model version to use for ModerateText. + enum: + - MODEL_VERSION_UNSPECIFIED + - MODEL_VERSION_1 + - MODEL_VERSION_2 + type: string + enumDescriptions: + - The default model version. + - >- + Use the v1 model, this model is used by default when not provided. + The v1 model only returns probability (confidence) score for each + category. + - >- + Use the v2 model. The v2 model only returns probability + (confidence) score for each category, and returns severity score + for a subset of the categories. + XPSTranslationTrainResponse: + description: Train response for translation. + id: XPSTranslationTrainResponse + properties: + modelType: + enumDescriptions: + - Default + - Legacy model. Will be deprecated. + - Current model. + enum: + - MODEL_TYPE_UNSPECIFIED + - LEGACY + - CURRENT + description: Type of the model. + type: string + type: object + XPSTextToSpeechTrainResponse: + type: object + id: XPSTextToSpeechTrainResponse + description: TextToSpeech train response + properties: {} + XPSDataType: + id: XPSDataType + properties: + typeCode: + description: Required. The TypeCode for this type. + enum: + - TYPE_CODE_UNSPECIFIED + - FLOAT64 + - TIMESTAMP + - STRING + - ARRAY + - STRUCT + - CATEGORY + type: string + enumDescriptions: + - Not specified. Should not be used. + - >- + Encoded as `number`, or the strings `"NaN"`, `"Infinity"`, or + `"-Infinity"`. + - >- + Must be between 0AD and 9999AD. Encoded as `string` according to + time_format, or, if that format is not set, then in RFC 3339 + `date-time` format, where `time-offset` = `"Z"` (e.g. + 1985-04-12T23:20:50.52Z). + - Encoded as `string`. + - >- + Encoded as `list`, where the list elements are represented + according to list_element_type. + - >- + Encoded as `struct`, where field values are represented according + to struct_type. + - >- + Values of this type are not further understood by AutoML, e.g. + AutoML is unable to tell the order of values (as it could with + FLOAT64), or is unable to say if one value contains another (as it + could with STRING). Encoded as `string` (bytes should be + base64-encoded, as described in RFC 4648, section 4). + timeFormat: + description: >- + If type_code == TIMESTAMP then `time_format` provides the format in + which that time field is expressed. The time_format must be written + in `strftime` syntax. If time_format is not set, then the default + format as described on the field is used. + type: string + listElementType: + $ref: '#/components/schemas/XPSDataType' + description: >- + If type_code == ARRAY, then `list_element_type` is the type of the + elements. + structType: + description: >- + If type_code == STRUCT, then `struct_type` provides type information + for the struct's fields. + $ref: '#/components/schemas/XPSStructType' + nullable: + type: boolean + description: If true, this DataType can also be `null`. + compatibleDataTypes: + description: The highly compatible data types to this data type. + type: array + items: + $ref: '#/components/schemas/XPSDataType' + description: >- + Indicated the type of data that can be stored in a structured data + entity (e.g. a table). + type: object + TpuMetric: type: object + id: TpuMetric properties: - gpuType: - description: Required. Type of GPU, e.g. NVIDIA_TESLA_V100. + tpuType: type: string + enum: + - UNKNOWN_TPU_TYPE + - TPU_V2_POD + - TPU_V2 + - TPU_V3_POD + - TPU_V3 + - TPU_V5_LITEPOD + description: Required. Type of TPU, e.g. TPU_V2, TPU_V3_POD. enumDescriptions: - '' - '' @@ -4443,9 +4327,38 @@ components: - '' - '' - '' - - '' - - '' - - '' + tpuSec: + format: int64 + type: string + description: Required. Seconds of TPU usage, e.g. 3600. + ClassifyTextResponse: + id: ClassifyTextResponse + description: The document classification response message. + type: object + properties: + categories: + type: array + items: + $ref: '#/components/schemas/ClassificationCategory' + description: Categories representing the input document. + languageCode: + description: >- + The language of the text, which will be the same as the language + specified in the request or, if not specified, the + automatically-detected language. See Document.language_code field + for more details. + type: string + languageSupported: + description: >- + Whether the language is officially supported. The API may still + return a response when the language is not supported, but it is on a + best effort basis. + type: boolean + DiskMetric: + properties: + diskType: + type: string + enumDescriptions: - '' - '' - '' @@ -4453,423 +4366,676 @@ components: - '' - '' enum: - - UNKNOWN_GPU_TYPE - - NVIDIA_TESLA_A100 - - NVIDIA_A100_80GB - - NVIDIA_B200 - - NVIDIA_GB200 - - NVIDIA_TESLA_K80 - - NVIDIA_L4 - - NVIDIA_TESLA_P100 - - NVIDIA_TESLA_P4 - - NVIDIA_TESLA_T4 - - NVIDIA_TESLA_V100 - - NVIDIA_H100_80GB - - NVIDIA_H100_MEGA_80GB - - NVIDIA_H200_141GB - - NVIDIA_RTX_PRO_6000 - gpuSec: - description: Required. Seconds of GPU usage, e.g. 3600. + - UNKNOWN_DISK_TYPE + - REGIONAL_SSD + - REGIONAL_STORAGE + - PD_SSD + - PD_STANDARD + - STORAGE_SNAPSHOT + description: Required. Type of Disk, e.g. REGIONAL_SSD. + gibSec: + description: Required. Seconds of physical disk usage, e.g. 3600. + type: string + format: int64 + id: DiskMetric + type: object + XPSTimestampStatsGranularStats: + id: XPSTimestampStatsGranularStats + properties: + buckets: + type: object + description: >- + A map from granularity key to example count for that key. E.g. for + hour_of_day `13` means 1pm, or for month_of_year `5` means May). + additionalProperties: + format: int64 + type: string + description: Stats split by a defined in context granularity. + type: object + XPSExportModelOutputConfig: + id: XPSExportModelOutputConfig + properties: + edgeTpuTfLiteFormat: + $ref: '#/components/schemas/XPSEdgeTpuTfLiteFormat' + outputGcrUri: + description: >- + The Google Contained Registry path the exported files to be pushed + to. This location is set if the exported format is DOCKDER. + type: string + coreMlFormat: + $ref: '#/components/schemas/XPSCoreMlFormat' + tfSavedModelFormat: + $ref: '#/components/schemas/XPSTfSavedModelFormat' + outputGcsUri: + type: string + description: >- + The Google Cloud Storage directory where XPS will output the + exported models and related files. Format: gs://bucket/directory + tfLiteFormat: + $ref: '#/components/schemas/XPSTfLiteFormat' + dockerFormat: + $ref: '#/components/schemas/XPSDockerFormat' + tfJsFormat: + $ref: '#/components/schemas/XPSTfJsFormat' + exportFirebaseAuxiliaryInfo: + type: boolean + description: >- + For any model and format: If true, will additionally export + FirebaseExportedModelInfo in a firebase.txt file. + type: object + XPSVideoExportModelSpec: + description: >- + Information of downloadable models that are pre-generated as part of + training flow and will be persisted in AutoMl backend. Upon receiving + ExportModel request from user, AutoMl backend can serve the + pre-generated models to user if exists (by copying the files from + internal path to user provided location), otherwise, AutoMl backend will + call xPS ExportModel API to generate the model on the fly with the + requesting format. + type: object + properties: + exportModelOutputConfig: + description: >- + Contains the model format and internal location of the model files + to be exported/downloaded. Use the Google Cloud Storage bucket name + which is provided via TrainRequest.gcs_bucket_name to store the + model files. + type: array + items: + $ref: '#/components/schemas/XPSExportModelOutputConfig' + id: XPSVideoExportModelSpec + XPSSpeechModelSpecSubModelSpec: + type: object + id: XPSSpeechModelSpecSubModelSpec + properties: + isEnhancedModel: + type: boolean + description: >- + If true then it means we have an enhanced version of the biasing + models. + clientId: + description: In S3, Recognition ClientContextId.client_id + type: string + contextId: + type: string + description: In S3, Recognition ClientContextId.context_id + biasingModelType: + type: string + enum: + - BIASING_MODEL_TYPE_UNSPECIFIED + - COMMAND_AND_SEARCH + - PHONE_CALL + - VIDEO + - DEFAULT + description: Type of the biasing model. + enumDescriptions: + - '' + - Build biasing model on top of COMMAND_AND_SEARCH model + - Build biasing model on top of PHONE_CALL model + - Build biasing model on top of VIDEO model + - Build biasing model on top of DEFAULT model + XPSSpeechPreprocessResponse: + id: XPSSpeechPreprocessResponse + properties: + cnsTrainDataPath: + description: >- + Location of shards of sstables (training data) of DataUtterance + protos. + type: string + prebuiltModelEvaluationMetrics: + $ref: '#/components/schemas/XPSSpeechEvaluationMetrics' + description: >- + The metrics for prebuilt speech models. They are included here + because there is no prebuilt speech models stored in the AutoML. + speechPreprocessStats: + $ref: '#/components/schemas/XPSSpeechPreprocessStats' + description: Stats associated with the data. + cnsTestDataPath: + description: Location od shards of sstables (test data) of DataUtterance protos. + type: string + type: object + XPSTablesModelColumnInfo: + properties: + featureImportance: + format: float + description: >- + When given as part of a Model: Measurement of how much model + predictions correctness on the TEST data depend on values in this + column. A value between 0 and 1, higher means higher influence. + These values are normalized - for all input feature columns of a + given model they add to 1. When given back by Predict or Batch + Predict: Measurement of how impactful for the prediction returned + for the given row the value in this column was. Specifically, the + feature importance specifies the marginal contribution that the + feature made to the prediction score compared to the baseline score. + These values are computed using the Sampled Shapley method. + type: number + columnId: + description: The ID of the column. + type: integer + format: int32 + type: object + id: XPSTablesModelColumnInfo + description: >- + An information specific to given column and Tables Model, in context of + the Model and the predictions created by it. + XPSResponseExplanationMetadata: + deprecated: true + type: object + properties: + outputs: + additionalProperties: + $ref: '#/components/schemas/XPSResponseExplanationMetadataOutputMetadata' + description: Metadata of the output. + type: object + inputs: + type: object + additionalProperties: + $ref: '#/components/schemas/XPSResponseExplanationMetadataInputMetadata' + description: Metadata of the input. + id: XPSResponseExplanationMetadata + XPSImageClassificationTrainResponse: + id: XPSImageClassificationTrainResponse + properties: + exportModelSpec: + $ref: '#/components/schemas/XPSImageExportModelSpec' + description: >- + Information of downloadable models that are pre-generated as part of + training flow and will be persisted in AutoMl backend. Populated for + AutoMl requests. + trainCostNodeSeconds: + description: >- + The actual training cost, expressed in node seconds. Populated for + models trained in node time. + type: string + format: int64 + modelArtifactSpec: + description: '## The fields below are only populated under uCAIP request scope.' + $ref: '#/components/schemas/XPSImageModelArtifactSpec' + trainCostInNodeTime: + description: >- + The actual cost to create this model. - For edge type model, the + cost is expressed in node hour. - For cloud type model,the cost is + expressed in compute hour. - Populated for models created before GA. + To be deprecated after GA. + format: google-duration type: string + modelServingSpec: + $ref: '#/components/schemas/XPSImageModelServingSpec' + classCount: + description: Total number of classes. format: int64 - machineSpec: - description: Required. Machine spec, e.g. N1_STANDARD_4. type: string + stopReason: enumDescriptions: - '' - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' + - Model fully converged, can not be resumbed training. + - >- + Model early converged, can be further trained till full + convergency. + description: >- + Stop reason for training job, e.g. 'TRAIN_BUDGET_REACHED', + 'MODEL_CONVERGED', 'MODEL_EARLY_STOPPED'. + type: string + enum: + - TRAIN_STOP_REASON_UNSPECIFIED + - TRAIN_STOP_REASON_BUDGET_REACHED + - TRAIN_STOP_REASON_MODEL_CONVERGED + - TRAIN_STOP_REASON_MODEL_EARLY_STOPPED + type: object + XPSStringStats: + id: XPSStringStats + type: object + description: The data statistics of a series of STRING values. + properties: + topUnigramStats: + items: + $ref: '#/components/schemas/XPSStringStatsUnigramStats' + type: array + description: >- + The statistics of the top 20 unigrams, ordered by + StringStats.UnigramStats.count. + commonStats: + $ref: '#/components/schemas/XPSCommonStats' + XPSEvaluationMetricsSet: + description: Specifies location of model evaluation metrics. + type: object + properties: + fileSpec: + $ref: '#/components/schemas/XPSFileSpec' + description: >- + File spec containing evaluation metrics of a model, must point to + RecordIO file(s) of intelligence.cloud.automl.xps.EvaluationMetrics + messages. + numEvaluationMetrics: + type: string + description: >- + Number of the evaluation metrics (usually one per label plus + overall). + format: int64 + evaluationMetrics: + items: + $ref: '#/components/schemas/XPSEvaluationMetrics' + description: >- + Inline EvaluationMetrics - should be relatively small. For passing + large quantities of exhaustive metrics, use file_spec. + type: array + id: XPSEvaluationMetricsSet + InfraUsage: + id: InfraUsage + description: 'LINT: LEGACY_NAMES Infra Usage of billing metrics.' + type: object + properties: + gpuMetrics: + items: + $ref: '#/components/schemas/GpuMetric' + description: Aggregated gpu metrics since requested start_time. + type: array + diskMetrics: + type: array + items: + $ref: '#/components/schemas/DiskMetric' + description: Aggregated persistent disk metrics since requested start_time. + tpuMetrics: + description: Aggregated tpu metrics since requested start_time. + items: + $ref: '#/components/schemas/TpuMetric' + type: array + cpuMetrics: + items: + $ref: '#/components/schemas/CpuMetric' + description: Aggregated core metrics since requested start_time. + type: array + ramMetrics: + description: Aggregated ram metrics since requested start_time. + type: array + items: + $ref: '#/components/schemas/RamMetric' + XPSStringStatsUnigramStats: + id: XPSStringStatsUnigramStats + properties: + value: + description: The unigram. + type: string + count: + type: string + description: The number of occurrences of this unigram in the series. + format: int64 + description: The statistics of a unigram. + type: object + XPSImageObjectDetectionEvaluationMetrics: + properties: + evaluatedBoundingBoxCount: + type: integer + format: int32 + description: >- + The total number of bounding boxes (i.e. summed over all images) the + ground truth used to create this evaluation had. + boundingBoxMeanAveragePrecision: + type: number + format: float + description: >- + The single metric for bounding boxes evaluation: the + mean_average_precision averaged over all + bounding_box_metrics_entries. + boundingBoxMetricsEntries: + type: array + description: >- + The bounding boxes match metrics for each Intersection-over-union + threshold 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 and each label + confidence threshold 0.05,0.10,...,0.95,0.96,0.97,0.98,0.99 pair. + items: + $ref: '#/components/schemas/XPSBoundingBoxMetricsEntry' + id: XPSImageObjectDetectionEvaluationMetrics + description: >- + Model evaluation metrics for image object detection problems. Evaluates + prediction quality of labeled bounding boxes. + type: object + ModerateTextResponse: + properties: + moderationCategories: + type: array + items: + $ref: '#/components/schemas/ClassificationCategory' + description: Harmful and sensitive categories representing the input document. + languageSupported: + type: boolean + description: >- + Whether the language is officially supported. The API may still + return a response when the language is not supported, but it is on a + best effort basis. + languageCode: + description: >- + The language of the text, which will be the same as the language + specified in the request or, if not specified, the + automatically-detected language. See Document.language_code field + for more details. + type: string + description: The document moderation response message. + type: object + id: ModerateTextResponse + XPSVisualization: + type: object + deprecated: true + id: XPSVisualization + properties: + colorMap: + enumDescriptions: + - Should not be used. + - 'Positive: green. Negative: pink.' + - >- + Viridis color map: A perceptually uniform color mapping which is + easier to see by those with colorblindness and progresses from + yellow to green to blue. Positive: yellow. Negative: blue. + - 'Positive: red. Negative: red.' + - 'Positive: green. Negative: green.' + - 'Positive: green. Negative: red.' + - PiYG palette. enum: - - UNKNOWN_MACHINE_SPEC - - N1_STANDARD_2 - - N1_STANDARD_4 - - N1_STANDARD_8 - - N1_STANDARD_16 - - N1_STANDARD_32 - - N1_STANDARD_64 - - N1_STANDARD_96 - - N1_HIGHMEM_2 - - N1_HIGHMEM_4 - - N1_HIGHMEM_8 - - N1_HIGHMEM_16 - - N1_HIGHMEM_32 - - N1_HIGHMEM_64 - - N1_HIGHMEM_96 - - N1_HIGHCPU_2 - - N1_HIGHCPU_4 - - N1_HIGHCPU_8 - - N1_HIGHCPU_16 - - N1_HIGHCPU_32 - - N1_HIGHCPU_64 - - N1_HIGHCPU_96 - - A2_HIGHGPU_1G - - A2_HIGHGPU_2G - - A2_HIGHGPU_4G - - A2_HIGHGPU_8G - - A2_MEGAGPU_16G - - A2_ULTRAGPU_1G - - A2_ULTRAGPU_2G - - A2_ULTRAGPU_4G - - A2_ULTRAGPU_8G - - A3_HIGHGPU_1G - - A3_HIGHGPU_2G - - A3_HIGHGPU_4G - - A3_HIGHGPU_8G - - A3_MEGAGPU_8G - - A3_ULTRAGPU_8G - - A3_EDGEGPU_8G - - A4_HIGHGPU_8G - - A4X_HIGHGPU_4G - - E2_STANDARD_2 - - E2_STANDARD_4 - - E2_STANDARD_8 - - E2_STANDARD_16 - - E2_STANDARD_32 - - E2_HIGHMEM_2 - - E2_HIGHMEM_4 - - E2_HIGHMEM_8 - - E2_HIGHMEM_16 - - E2_HIGHCPU_2 - - E2_HIGHCPU_4 - - E2_HIGHCPU_8 - - E2_HIGHCPU_16 - - E2_HIGHCPU_32 - - N2_STANDARD_2 - - N2_STANDARD_4 - - N2_STANDARD_8 - - N2_STANDARD_16 - - N2_STANDARD_32 - - N2_STANDARD_48 - - N2_STANDARD_64 - - N2_STANDARD_80 - - N2_STANDARD_96 - - N2_STANDARD_128 - - N2_HIGHMEM_2 - - N2_HIGHMEM_4 - - N2_HIGHMEM_8 - - N2_HIGHMEM_16 - - N2_HIGHMEM_32 - - N2_HIGHMEM_48 - - N2_HIGHMEM_64 - - N2_HIGHMEM_80 - - N2_HIGHMEM_96 - - N2_HIGHMEM_128 - - N2_HIGHCPU_2 - - N2_HIGHCPU_4 - - N2_HIGHCPU_8 - - N2_HIGHCPU_16 - - N2_HIGHCPU_32 - - N2_HIGHCPU_48 - - N2_HIGHCPU_64 - - N2_HIGHCPU_80 - - N2_HIGHCPU_96 - - N2D_STANDARD_2 - - N2D_STANDARD_4 - - N2D_STANDARD_8 - - N2D_STANDARD_16 - - N2D_STANDARD_32 - - N2D_STANDARD_48 - - N2D_STANDARD_64 - - N2D_STANDARD_80 - - N2D_STANDARD_96 - - N2D_STANDARD_128 - - N2D_STANDARD_224 - - N2D_HIGHMEM_2 - - N2D_HIGHMEM_4 - - N2D_HIGHMEM_8 - - N2D_HIGHMEM_16 - - N2D_HIGHMEM_32 - - N2D_HIGHMEM_48 - - N2D_HIGHMEM_64 - - N2D_HIGHMEM_80 - - N2D_HIGHMEM_96 - - N2D_HIGHCPU_2 - - N2D_HIGHCPU_4 - - N2D_HIGHCPU_8 - - N2D_HIGHCPU_16 - - N2D_HIGHCPU_32 - - N2D_HIGHCPU_48 - - N2D_HIGHCPU_64 - - N2D_HIGHCPU_80 - - N2D_HIGHCPU_96 - - N2D_HIGHCPU_128 - - N2D_HIGHCPU_224 - - C2_STANDARD_4 - - C2_STANDARD_8 - - C2_STANDARD_16 - - C2_STANDARD_30 - - C2_STANDARD_60 - - C2D_STANDARD_2 - - C2D_STANDARD_4 - - C2D_STANDARD_8 - - C2D_STANDARD_16 - - C2D_STANDARD_32 - - C2D_STANDARD_56 - - C2D_STANDARD_112 - - C2D_HIGHCPU_2 - - C2D_HIGHCPU_4 - - C2D_HIGHCPU_8 - - C2D_HIGHCPU_16 - - C2D_HIGHCPU_32 - - C2D_HIGHCPU_56 - - C2D_HIGHCPU_112 - - C2D_HIGHMEM_2 - - C2D_HIGHMEM_4 - - C2D_HIGHMEM_8 - - C2D_HIGHMEM_16 - - C2D_HIGHMEM_32 - - C2D_HIGHMEM_56 - - C2D_HIGHMEM_112 - - G2_STANDARD_4 - - G2_STANDARD_8 - - G2_STANDARD_12 - - G2_STANDARD_16 - - G2_STANDARD_24 - - G2_STANDARD_32 - - G2_STANDARD_48 - - G2_STANDARD_96 - - G4_STANDARD_48 - - C3_STANDARD_4 - - C3_STANDARD_8 - - C3_STANDARD_22 - - C3_STANDARD_44 - - C3_STANDARD_88 - - C3_STANDARD_176 - - C3_HIGHCPU_4 - - C3_HIGHCPU_8 - - C3_HIGHCPU_22 - - C3_HIGHCPU_44 - - C3_HIGHCPU_88 - - C3_HIGHCPU_176 - - C3_HIGHMEM_4 - - C3_HIGHMEM_8 - - C3_HIGHMEM_22 - - C3_HIGHMEM_44 - - C3_HIGHMEM_88 - - C3_HIGHMEM_176 - trackingLabels: + - COLOR_MAP_UNSPECIFIED + - PINK_GREEN + - VIRIDIS + - RED + - GREEN + - RED_GREEN + - PINK_WHITE_GREEN description: >- - Billing tracking labels. They do not contain any user data but only - the labels set by Vertex Core Infra itself. Tracking labels' keys - are defined with special format: goog-[\p{Ll}\p{N}]+ E.g. "key": - "goog-k8s-cluster-name","value": "us-east1-b4rk" - type: object - additionalProperties: - type: string - TpuMetric: - id: TpuMetric + The color scheme used for the highlighted areas. Defaults to + PINK_GREEN for Integrated Gradients attribution, which shows + positive attributions in green and negative in pink. Defaults to + VIRIDIS for XRAI attribution, which highlights the most influential + regions in yellow and the least influential in blue. + type: string + polarity: + type: string + description: >- + Whether to only highlight pixels with positive contributions, + negative or both. Defaults to POSITIVE. + enumDescriptions: + - Default value. This is the same as POSITIVE. + - >- + Highlights the pixels/outlines that were most influential to the + model's prediction. + - >- + Setting polarity to negative highlights areas that does not lead + to the models's current prediction. + - Shows both positive and negative attributions. + enum: + - POLARITY_UNSPECIFIED + - POSITIVE + - NEGATIVE + - BOTH + clipPercentLowerbound: + description: >- + Excludes attributions below the specified percentile, from the + highlighted areas. Defaults to 62. + format: float + type: number + type: + type: string + enum: + - TYPE_UNSPECIFIED + - PIXELS + - OUTLINES + enumDescriptions: + - Should not be used. + - Shows which pixel contributed to the image prediction. + - >- + Shows which region contributed to the image prediction by + outlining the region. + description: >- + Type of the image visualization. Only applicable to Integrated + Gradients attribution. OUTLINES shows regions of attribution, while + PIXELS shows per-pixel attribution. Defaults to OUTLINES. + overlayType: + enumDescriptions: + - Default value. This is the same as NONE. + - No overlay. + - The attributions are shown on top of the original image. + - >- + The attributions are shown on top of grayscaled version of the + original image. + - >- + The attributions are used as a mask to reveal predictive parts of + the image and hide the un-predictive parts. + description: >- + How the original image is displayed in the visualization. Adjusting + the overlay can help increase visual clarity if the original image + makes it difficult to view the visualization. Defaults to NONE. + enum: + - OVERLAY_TYPE_UNSPECIFIED + - NONE + - ORIGINAL + - GRAYSCALE + - MASK_BLACK + type: string + clipPercentUpperbound: + type: number + format: float + description: >- + Excludes attributions above the specified percentile from the + highlighted areas. Using the clip_percent_upperbound and + clip_percent_lowerbound together can be useful for filtering out + noise and making it easier to see areas of strong attribution. + Defaults to 99.9. + description: Visualization configurations for image explanation. + XPSResponseExplanationMetadataInputMetadata: + properties: + modality: + type: string + enum: + - MODALITY_UNSPECIFIED + - NUMERIC + - IMAGE + - CATEGORICAL + description: >- + Modality of the feature. Valid values are: numeric, image. Defaults + to numeric. + enumDescriptions: + - '' + - '' + - '' + - '' + inputTensorName: + type: string + description: >- + Name of the input tensor for this model. Only needed in train + response. + visualizationConfig: + description: Visualization configurations for image explanation. + $ref: '#/components/schemas/XPSVisualization' + id: XPSResponseExplanationMetadataInputMetadata + description: Metadata of the input of a feature. + type: object + XPSColorMap: + id: XPSColorMap type: object + description: >- + Map from color to display name. Will only be used by Image Segmentation + for uCAIP. properties: - tpuType: - description: Required. Type of TPU, e.g. TPU_V2, TPU_V3_POD. + displayName: + description: Should be used during preprocessing. + type: string + intColor: + $ref: '#/components/schemas/XPSColorMapIntColor' + color: + description: >- + This type is deprecated in favor of the IntColor below. This is + because google.type.Color represent color has a float which + semantically does not reflect discrete classes/categories concept. + Moreover, to handle it well we need to have some tolerance when + converting to a discretized color. As such, the recommendation is to + have API surface still use google.type.Color while internally + IntColor is used. + $ref: '#/components/schemas/Color' + deprecated: true + annotationSpecIdToken: + type: string + description: Should be used during training. + XPSResponseExplanationSpec: + id: XPSResponseExplanationSpec + properties: + parameters: + description: Parameters that configure explaining of the Model's predictions. + $ref: '#/components/schemas/XPSResponseExplanationParameters' + metadata: + description: Metadata describing the Model's input and output for explanation. + $ref: '#/components/schemas/XPSResponseExplanationMetadata' + explanationType: + type: string + description: >- + Explanation type. For AutoML Image Classification models, possible + values are: * `image-integrated-gradients` * `image-xrai` + type: object + deprecated: true + description: >- + Specification of Model explanation. Feature-based XAI in AutoML Vision + ICN is deprecated. + XPSColumnSpec: + id: XPSColumnSpec + properties: + columnId: + type: integer + format: int32 + description: >- + The unique id of the column. When Preprocess, the Tables BE will + popuate the order id of the column, which reflects the order of the + column inside the table, i.e. 0 means the first column in the table, + N-1 means the last column. AutoML BE will persist this order id in + Spanner and set the order id here when calling RefreshTablesStats + and Train. Note: it's different than the column_spec_id that is + generated in AutoML BE. + dataType: + $ref: '#/components/schemas/XPSDataType' + description: >- + The data type of the column. It's outputed in Preprocess rpc and a + required input for RefreshTablesStats and Train. + dataStats: + description: >- + The data stats of the column. It's outputed in RefreshTablesStats + and a required input for Train. + $ref: '#/components/schemas/XPSDataStats' + displayName: + type: string + description: >- + The display name of the column. It's outputed in Preprocess and a + required input for RefreshTablesStats and Train. + forecastingMetadata: + $ref: '#/components/schemas/XPSColumnSpecForecastingMetadata' + topCorrelatedColumns: + items: + $ref: '#/components/schemas/XPSColumnSpecCorrelatedColumn' + type: array + description: It's outputed in RefreshTablesStats, and a required input in Train. + type: object + XPSCategoryStatsSingleCategoryStats: + properties: + count: + description: The number of occurrences of this value in the series. + format: int64 + type: string + value: + description: The CATEGORY value. + type: string + type: object + description: The statistics of a single CATEGORY value. + id: XPSCategoryStatsSingleCategoryStats + XPSRegressionEvaluationMetrics: + type: object + id: XPSRegressionEvaluationMetrics + description: >- + Model evaluation metrics for regression problems. It can be used for + Tables. + properties: + rSquared: + type: number + description: R squared. + format: float + rootMeanSquaredLogError: + format: float + description: Root mean squared log error. + type: number + meanAbsoluteError: + format: float + type: number + description: Mean Absolute Error (MAE). + regressionMetricsEntries: + description: >- + A list of actual versus predicted points for the model being + evaluated. + type: array + items: + $ref: '#/components/schemas/XPSRegressionMetricsEntry' + meanAbsolutePercentageError: + description: >- + Mean absolute percentage error. Only set if all ground truth values + are positive. + type: number + format: float + rootMeanSquaredError: + description: Root Mean Squared Error (RMSE). + type: number + format: float + AnalyzeEntitiesRequest: + properties: + document: + $ref: '#/components/schemas/Document' + description: Required. Input document. + encodingType: type: string enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' + - >- + If `EncodingType` is not specified, encoding-dependent information + (such as `begin_offset`) will be set at `-1`. + - >- + Encoding-dependent information (such as `begin_offset`) is + calculated based on the UTF-8 encoding of the input. C++ and Go + are examples of languages that use this encoding natively. + - >- + Encoding-dependent information (such as `begin_offset`) is + calculated based on the UTF-16 encoding of the input. Java and + JavaScript are examples of languages that use this encoding + natively. + - >- + Encoding-dependent information (such as `begin_offset`) is + calculated based on the UTF-32 encoding of the input. Python is an + example of a language that uses this encoding natively. enum: - - UNKNOWN_TPU_TYPE - - TPU_V2_POD - - TPU_V2 - - TPU_V3_POD - - TPU_V3 - - TPU_V5_LITEPOD - tpuSec: - description: Required. Seconds of TPU usage, e.g. 3600. - type: string - format: int64 - DiskMetric: - id: DiskMetric + - NONE + - UTF8 + - UTF16 + - UTF32 + description: The encoding type used by the API to calculate offsets. + id: AnalyzeEntitiesRequest + description: The entity analysis request message. type: object + XPSTablesTrainResponse: properties: - diskType: - description: Required. Type of Disk, e.g. REGIONAL_SSD. - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - UNKNOWN_DISK_TYPE - - REGIONAL_SSD - - REGIONAL_STORAGE - - PD_SSD - - PD_STANDARD - - STORAGE_SNAPSHOT - gibSec: - description: Required. Seconds of physical disk usage, e.g. 3600. - type: string + trainCostMilliNodeHours: format: int64 + type: string + description: >- + The actual training cost of the model, expressed in milli node + hours, i.e. 1,000 value in this field means 1 node hour. Guaranteed + to not exceed the train budget. + modelStructure: + $ref: '#/components/schemas/XPSTablesModelStructure' + tablesModelColumnInfo: + type: array + items: + $ref: '#/components/schemas/XPSTablesModelColumnInfo' + description: >- + Output only. Auxiliary information for each of the + input_feature_column_specs, with respect to this particular model. + predictionSampleRows: + type: array + description: Sample rows from the dataset this model was trained. + items: + $ref: '#/components/schemas/XPSRow' + id: XPSTablesTrainResponse + type: object parameters: access_token: description: OAuth access token. @@ -4877,26 +5043,40 @@ components: name: access_token schema: type: string - alt: - description: Data format for response. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: alt + name: fields schema: type: string - enum: - - json - - media - - proto - callback: - description: JSONP + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: callback + name: quotaUser schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + _.xgafv: + description: V1 error format. in: query - name: fields + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType schema: type: string key: @@ -4908,25 +5088,20 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + alt: + description: Data format for response. in: query - name: oauth_token + name: alt schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + enum: + - json + - media + - proto + callback: + description: JSONP in: query - name: quotaUser + name: callback schema: type: string upload_protocol: @@ -4935,42 +5110,27 @@ components: name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - _.xgafv: - description: V1 error format. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: $.xgafv + name: oauth_token schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: documents: id: google.language.documents name: documents title: Documents methods: - analyze_sentiment: - operation: - $ref: '#/paths/~1v2~1documents:analyzeSentiment/post' - response: - mediaType: application/json - openAPIDocKey: '200' analyze_entities: operation: $ref: '#/paths/~1v2~1documents:analyzeEntities/post' response: mediaType: application/json openAPIDocKey: '200' - classify_text: + annotate_text: operation: - $ref: '#/paths/~1v2~1documents:classifyText/post' + $ref: '#/paths/~1v2~1documents:annotateText/post' response: mediaType: application/json openAPIDocKey: '200' @@ -4980,9 +5140,15 @@ components: response: mediaType: application/json openAPIDocKey: '200' - annotate_text: + analyze_sentiment: operation: - $ref: '#/paths/~1v2~1documents:annotateText/post' + $ref: '#/paths/~1v2~1documents:analyzeSentiment/post' + response: + mediaType: application/json + openAPIDocKey: '200' + classify_text: + operation: + $ref: '#/paths/~1v2~1documents:classifyText/post' response: mediaType: application/json openAPIDocKey: '200' @@ -4993,27 +5159,30 @@ components: replace: [] delete: [] paths: - /v2/documents:analyzeSentiment: + /v2/documents:analyzeEntities: parameters: &ref_1 - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/oauth_token' post: - description: Analyzes the sentiment of the provided text. - operationId: language.documents.analyzeSentiment + description: >- + Finds named entities (currently proper names and common nouns) in the + text along with entity types, probability, mentions for each entity, and + other properties. + operationId: language.documents.analyzeEntities requestBody: content: application/json: schema: - $ref: '#/components/schemas/AnalyzeSentimentRequest' + $ref: '#/components/schemas/AnalyzeEntitiesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-language @@ -5029,21 +5198,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AnalyzeSentimentResponse' + $ref: '#/components/schemas/AnalyzeEntitiesResponse' parameters: [] - /v2/documents:analyzeEntities: + /v2/documents:annotateText: parameters: *ref_1 post: - description: >- - Finds named entities (currently proper names and common nouns) in the - text along with entity types, probability, mentions for each entity, and - other properties. - operationId: language.documents.analyzeEntities + description: A convenience method that provides all features in one call. + operationId: language.documents.annotateText requestBody: content: application/json: schema: - $ref: '#/components/schemas/AnalyzeEntitiesRequest' + $ref: '#/components/schemas/AnnotateTextRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-language @@ -5059,18 +5225,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AnalyzeEntitiesResponse' + $ref: '#/components/schemas/AnnotateTextResponse' parameters: [] - /v2/documents:classifyText: + /v2/documents:moderateText: parameters: *ref_1 post: - description: Classifies a document into categories. - operationId: language.documents.classifyText + description: Moderates a document for harmful and sensitive categories. + operationId: language.documents.moderateText requestBody: content: application/json: schema: - $ref: '#/components/schemas/ClassifyTextRequest' + $ref: '#/components/schemas/ModerateTextRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-language @@ -5086,18 +5252,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ClassifyTextResponse' + $ref: '#/components/schemas/ModerateTextResponse' parameters: [] - /v2/documents:moderateText: + /v2/documents:analyzeSentiment: parameters: *ref_1 post: - description: Moderates a document for harmful and sensitive categories. - operationId: language.documents.moderateText + description: Analyzes the sentiment of the provided text. + operationId: language.documents.analyzeSentiment requestBody: content: application/json: schema: - $ref: '#/components/schemas/ModerateTextRequest' + $ref: '#/components/schemas/AnalyzeSentimentRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-language @@ -5113,18 +5279,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ModerateTextResponse' + $ref: '#/components/schemas/AnalyzeSentimentResponse' parameters: [] - /v2/documents:annotateText: + /v2/documents:classifyText: parameters: *ref_1 post: - description: A convenience method that provides all features in one call. - operationId: language.documents.annotateText + description: Classifies a document into categories. + operationId: language.documents.classifyText requestBody: content: application/json: schema: - $ref: '#/components/schemas/AnnotateTextRequest' + $ref: '#/components/schemas/ClassifyTextRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-language @@ -5140,5 +5306,5 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AnnotateTextResponse' + $ref: '#/components/schemas/ClassifyTextResponse' parameters: [] diff --git a/providers/src/googleapis.com/v00.00.00000/services/libraryagent.yaml b/providers/src/googleapis.com/v00.00.00000/services/libraryagent.yaml index b6b08722..8d4f9678 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/libraryagent.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/libraryagent.yaml @@ -7,8 +7,8 @@ info: title: Library Agent API description: A simple Google Example Library API. version: v1 - x-discovery-doc-revision: '20250826' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251208' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/docs/quota servers: @@ -36,38 +36,54 @@ components: schemas: GoogleExampleLibraryagentV1Shelf: id: GoogleExampleLibraryagentV1Shelf - description: A Shelf contains a collection of books with a theme. - type: object properties: name: + type: string description: >- Output only. The resource name of the shelf. Shelf names have the form `shelves/{shelf_id}`. The name is ignored when creating a shelf. - type: string theme: description: The theme of the shelf type: string + type: object + description: A Shelf contains a collection of books with a theme. GoogleExampleLibraryagentV1ListShelvesResponse: - id: GoogleExampleLibraryagentV1ListShelvesResponse description: Response message for LibraryAgent.ListShelves. - type: object + id: GoogleExampleLibraryagentV1ListShelvesResponse properties: + nextPageToken: + type: string + description: >- + A token to retrieve next page of results. Pass this value in the + ListShelvesRequest.page_token field in the subsequent call to + `ListShelves` method to retrieve the next page of results. shelves: - description: The list of shelves. type: array + description: The list of shelves. items: $ref: '#/components/schemas/GoogleExampleLibraryagentV1Shelf' + type: object + GoogleExampleLibraryagentV1ListBooksResponse: + properties: + books: + type: array + description: The list of books. + items: + $ref: '#/components/schemas/GoogleExampleLibraryagentV1Book' nextPageToken: + type: string description: >- A token to retrieve next page of results. Pass this value in the - ListShelvesRequest.page_token field in the subsequent call to - `ListShelves` method to retrieve the next page of results. - type: string + ListBooksRequest.page_token field in the subsequent call to + `ListBooks` method to retrieve the next page of results. + id: GoogleExampleLibraryagentV1ListBooksResponse + description: Response message for LibraryAgent.ListBooks. + type: object GoogleExampleLibraryagentV1Book: + type: object id: GoogleExampleLibraryagentV1Book description: A single book in the library. - type: object properties: name: description: >- @@ -75,58 +91,41 @@ components: `shelves/{shelf_id}/books/{book_id}`. The name is ignored when creating a book. type: string - author: - description: The name of the book author. - type: string title: description: The title of the book. type: string + author: + description: The name of the book author. + type: string read: description: Value indicating whether the book has been read. type: boolean - GoogleExampleLibraryagentV1ListBooksResponse: - id: GoogleExampleLibraryagentV1ListBooksResponse - description: Response message for LibraryAgent.ListBooks. - type: object - properties: - books: - description: The list of books. - type: array - items: - $ref: '#/components/schemas/GoogleExampleLibraryagentV1Book' - nextPageToken: - description: >- - A token to retrieve next page of results. Pass this value in the - ListBooksRequest.page_token field in the subsequent call to - `ListBooks` method to retrieve the next page of results. - type: string parameters: - access_token: - description: OAuth access token. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: access_token + name: oauth_token schema: type: string - alt: - description: Data format for response. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: alt + name: quotaUser schema: type: string - enum: - - json - - media - - proto callback: description: JSONP in: query name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + access_token: + description: OAuth access token. in: query - name: fields + name: access_token schema: type: string key: @@ -138,27 +137,31 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: oauth_token + name: fields schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + alt: + description: Data format for response. in: query - name: prettyPrint + name: alt schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + type: string + enum: + - json + - media + - proto + _.xgafv: + description: V1 error format. in: query - name: quotaUser + name: $.xgafv schema: type: string + enum: + - '1' + - '2' upload_protocol: description: Upload protocol for media (e.g. "raw", "multipart"). in: query @@ -171,34 +174,31 @@ components: name: uploadType schema: type: string - _.xgafv: - description: V1 error format. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: $.xgafv + name: prettyPrint schema: - type: string - enum: - - '1' - - '2' + type: boolean x-stackQL-resources: shelves: id: google.libraryagent.shelves name: shelves title: Shelves methods: - get: + list: operation: - $ref: '#/paths/~1v1~1shelves~1{shelvesId}/get' + $ref: '#/paths/~1v1~1shelves/get' response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.shelves + get: operation: - $ref: '#/paths/~1v1~1shelves/get' + $ref: '#/paths/~1v1~1shelves~1{shelvesId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.shelves sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/shelves/methods/get' @@ -218,6 +218,12 @@ components: response: mediaType: application/json openAPIDocKey: '200' + return: + operation: + $ref: '#/paths/~1v1~1shelves~1{shelvesId}~1books~1{booksId}:return/post' + response: + mediaType: application/json + openAPIDocKey: '200' list: operation: $ref: '#/paths/~1v1~1shelves~1{shelvesId}~1books/get' @@ -231,12 +237,6 @@ components: response: mediaType: application/json openAPIDocKey: '200' - return: - operation: - $ref: '#/paths/~1v1~1shelves~1{shelvesId}~1books~1{booksId}:return/post' - response: - mediaType: application/json - openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/books/methods/get' @@ -246,22 +246,24 @@ components: replace: [] delete: [] paths: - /v1/shelves/{shelvesId}: + /v1/shelves: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/prettyPrint' get: - description: Gets a shelf. Returns NOT_FOUND if the shelf does not exist. - operationId: libraryagent.shelves.get + description: >- + Lists shelves. The order is unspecified but deterministic. Newly created + shelves will not necessarily be added to the end of this list. + operationId: libraryagent.shelves.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -273,20 +275,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleExampleLibraryagentV1Shelf' + $ref: >- + #/components/schemas/GoogleExampleLibraryagentV1ListShelvesResponse parameters: - - in: path - name: shelvesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/shelves: + /v1/shelves/{shelvesId}: parameters: *ref_1 get: - description: >- - Lists shelves. The order is unspecified but deterministic. Newly created - shelves will not necessarily be added to the end of this list. - operationId: libraryagent.shelves.list + description: Gets a shelf. Returns NOT_FOUND if the shelf does not exist. + operationId: libraryagent.shelves.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -298,16 +303,11 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleExampleLibraryagentV1ListShelvesResponse + $ref: '#/components/schemas/GoogleExampleLibraryagentV1Shelf' parameters: - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: shelvesId + required: true schema: type: string /v1/shelves/{shelvesId}/books/{booksId}: @@ -338,14 +338,14 @@ paths: required: true schema: type: string - /v1/shelves/{shelvesId}/books: + /v1/shelves/{shelvesId}/books/{booksId}:return: parameters: *ref_1 - get: + post: description: >- - Lists books in a shelf. The order is unspecified but deterministic. - Newly created books will not necessarily be added to the end of this - list. Returns NOT_FOUND if the shelf does not exist. - operationId: libraryagent.shelves.books.list + Return a book to the library. Returns the book if it is returned to the + library successfully. Returns error if the book does not belong to the + library or the users didn't borrow before. + operationId: libraryagent.shelves.books.return security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -357,32 +357,26 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleExampleLibraryagentV1ListBooksResponse + $ref: '#/components/schemas/GoogleExampleLibraryagentV1Book' parameters: - in: path name: shelvesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: booksId + required: true schema: type: string - /v1/shelves/{shelvesId}/books/{booksId}:borrow: + /v1/shelves/{shelvesId}/books: parameters: *ref_1 - post: + get: description: >- - Borrow a book from the library. Returns the book if it is borrowed - successfully. Returns NOT_FOUND if the book does not exist in the - library. Returns quota exceeded error if the amount of books borrowed - exceeds allocation quota in any dimensions. - operationId: libraryagent.shelves.books.borrow + Lists books in a shelf. The order is unspecified but deterministic. + Newly created books will not necessarily be added to the end of this + list. Returns NOT_FOUND if the shelf does not exist. + operationId: libraryagent.shelves.books.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -394,26 +388,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleExampleLibraryagentV1Book' + $ref: >- + #/components/schemas/GoogleExampleLibraryagentV1ListBooksResponse parameters: - in: path name: shelvesId required: true schema: type: string - - in: path - name: booksId - required: true + - in: query + name: pageToken schema: type: string - /v1/shelves/{shelvesId}/books/{booksId}:return: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/shelves/{shelvesId}/books/{booksId}:borrow: parameters: *ref_1 post: description: >- - Return a book to the library. Returns the book if it is returned to the - library successfully. Returns error if the book does not belong to the - library or the users didn't borrow before. - operationId: libraryagent.shelves.books.return + Borrow a book from the library. Returns the book if it is borrowed + successfully. Returns NOT_FOUND if the book does not exist in the + library. Returns quota exceeded error if the amount of books borrowed + exceeds allocation quota in any dimensions. + operationId: libraryagent.shelves.books.borrow security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform diff --git a/providers/src/googleapis.com/v00.00.00000/services/logging.yaml b/providers/src/googleapis.com/v00.00.00000/services/logging.yaml index 49510dc9..3d4c6742 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/logging.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/logging.yaml @@ -7,8 +7,8 @@ info: title: Cloud Logging API description: Writes log entries and manages your Cloud Logging configuration. version: v2 - x-discovery-doc-revision: '20250704' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251128' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/logging/docs/ servers: @@ -22,15 +22,15 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 + https://www.googleapis.com/auth/logging.write: Submit log data for your projects https://www.googleapis.com/auth/cloud-platform: >- See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account. + https://www.googleapis.com/auth/logging.read: View log data for your projects https://www.googleapis.com/auth/cloud-platform.read-only: >- View your data across Google Cloud services and see the email address of your Google Account https://www.googleapis.com/auth/logging.admin: Administrate log data for your projects - https://www.googleapis.com/auth/logging.read: View log data for your projects - https://www.googleapis.com/auth/logging.write: Submit log data for your projects Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -40,10 +40,70 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: + TestIamPermissionsResponse: + description: Response message for TestIamPermissions method. + type: object + properties: + permissions: + type: array + items: + type: string + description: >- + A subset of TestPermissionsRequest.permissions that the caller is + allowed. + id: TestIamPermissionsResponse + Operation: + properties: + done: + type: boolean + description: >- + If the value is false, it means the operation is still in progress. + If true, the operation is completed, and either error or response is + available. + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + metadata: + type: object + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + response: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as Delete, the response is + google.protobuf.Empty. If the original method is standard + Get/Create/Update, the response should be the resource. For other + methods, the response should have the type XxxResponse, where Xxx is + the original method name. For example, if the original method name + is TakeSnapshot(), the inferred response type is + TakeSnapshotResponse. + name: + type: string + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the name should be a resource name ending with + operations/{unique_id}. + id: Operation + type: object + description: >- + This resource represents a long-running operation that is the result of + a network API call. SetIamPolicyRequest: - id: SetIamPolicyRequest description: Request message for SetIamPolicy method. - type: object properties: policy: description: >- @@ -53,700 +113,476 @@ components: might reject them. $ref: '#/components/schemas/Policy' updateMask: + type: string description: >- OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used:paths: "bindings, etag" - type: string format: google-fieldmask - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources.A Policy is a collection of - bindings. A binding binds one or more members, or principals, to a - single role. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A role is a named list of - permissions; each role can be an IAM predefined role or a user-created - custom role.For some types of Google Cloud resources, a binding can also - specify a condition, which is a logical expression that allows access to - a resource only if the expression evaluates to true. A condition can add - constraints based on attributes of the request, the resource, or both. - To learn which resources support conditions in their IAM policies, see - the IAM documentation - (https://cloud.google.com/iam/help/conditions/resource-policies).JSON - example: { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } YAML example: bindings: - members: - - user:mike@example.com - group:admins@example.com - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For - a description of IAM and its features, see the IAM documentation - (https://cloud.google.com/iam/docs/). type: object + id: SetIamPolicyRequest + LogExclusion: + type: object + description: >- + Specifies a set of log entries that are filtered out by a sink. If your + Google Cloud resource receives a large volume of log entries, you can + use exclusions to reduce your chargeable logs. Note that exclusions on + organization-level and folder-level sinks don't apply to child + resources. Note also that you cannot modify the _Required sink or + exclude logs from it. properties: - version: + disabled: description: >- - Specifies the format of the policy.Valid values are 0, 1, and 3. - Requests that specify an invalid value are rejected.Any operation - that affects conditional role bindings must specify version 3. This - requirement applies to the following operations: Getting a policy - that includes a conditional role binding Adding a conditional role - binding to a policy Changing a conditional role binding in a policy - Removing any role binding, with or without a condition, from a - policy that includes conditionsImportant: If you use IAM Conditions, - you must include the etag field whenever you call setIamPolicy. If - you omit this field, then IAM allows you to overwrite a version 3 - policy with a version 1 policy, and all of the conditions in the - version 3 policy are lost.If a policy does not include any - conditions, operations on that policy may specify any valid version - or leave the field unset.To learn which resources support conditions - in their IAM policies, see the IAM documentation - (https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + Optional. If set to True, then this exclusion is disabled and it + does not exclude any log entries. You can update an exclusion to + change the value of this field. + type: boolean + name: description: >- - Associates a list of members, or principals, with a role. - Optionally, may specify a condition that determines how and when the - bindings are applied. Each of the bindings must contain at least one - principal.The bindings in a Policy can refer to up to 1,500 - principals; up to 250 of these principals can be Google groups. Each - occurrence of a principal counts towards these limits. For example, - if the bindings grant 50 different roles to user:alice@example.com, - and not to any other principal, then you can add another 1,450 - principals to the bindings in the Policy. - type: array - items: - $ref: '#/components/schemas/Binding' - etag: + Optional. A client-assigned identifier, such as + "load-balancer-exclusion". Identifiers are limited to 100 characters + and can include only letters, digits, underscores, hyphens, and + periods. First character has to be alphanumeric. + type: string + updateTime: description: >- - etag is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the etag in - the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An etag is returned in the response to - getIamPolicy, and systems are expected to put that etag in the - request to setIamPolicy to ensure that their change will be applied - to the same version of the policy.Important: If you use IAM - Conditions, you must include the etag field whenever you call - setIamPolicy. If you omit this field, then IAM allows you to - overwrite a version 3 policy with a version 1 policy, and all of the - conditions in the version 3 policy are lost. + Output only. The last update timestamp of the exclusion.This field + may not be present for older exclusions. type: string - format: byte - Binding: - id: Binding - description: Associates members, or principals, with a role. + format: google-datetime + readOnly: true + filter: + type: string + description: >- + Required. An advanced logs filter + (https://cloud.google.com/logging/docs/view/advanced-queries) that + matches the log entries to be excluded. By using the sample function + (https://cloud.google.com/logging/docs/view/advanced-queries#sample), + you can exclude less than 100% of the matching log entries.For + example, the following query matches 99% of low-severity log entries + from Google Cloud Storage buckets:resource.type=gcs_bucket + severity- + Output only. The creation timestamp of the exclusion.This field may + not be present for older exclusions. + readOnly: true + type: string + format: google-datetime + description: + type: string + description: Optional. A description of this exclusion. + id: LogExclusion + BigQueryOptions: + id: BigQueryOptions type: object properties: - role: + usesTimestampColumnPartitioning: description: >- - Role that is assigned to the list of members, or principals. For - example, roles/viewer, roles/editor, or roles/owner.For an overview - of the IAM roles and permissions, see the IAM documentation - (https://cloud.google.com/iam/docs/roles-overview). For a list of - the available pre-defined roles, see here - (https://cloud.google.com/iam/docs/understanding-roles). + Output only. True if new timestamp column based partitioning is in + use, false if legacy ingress-time partitioning is in use.All new + sinks will have this field set true and will use timestamp column + based partitioning. If use_partitioned_tables is false, this value + has no meaning and will be false. Legacy sinks using partitioned + tables will have this field set to false. + type: boolean + readOnly: true + usePartitionedTables: + type: boolean + description: >- + Optional. Whether to use BigQuery's partition tables + (https://cloud.google.com/bigquery/docs/partitioned-tables). By + default, Cloud Logging creates dated tables based on the log + entries' timestamps, e.g. syslog_20170523. With partitioned tables + the date suffix is no longer present and special query syntax + (https://cloud.google.com/bigquery/docs/querying-partitioned-tables) + has to be used instead. In both cases, tables are sharded based on + UTC timezone. + description: Options that change functionality of a sink exporting data to BigQuery. + Location: + properties: + labels: + type: object + additionalProperties: + type: string + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + name: type: string - members: description: >- - Specifies the principals requesting access for a Google Cloud - resource. members can have the following values: allUsers: A special - identifier that represents anyone who is on the internet; with or - without a Google account. allAuthenticatedUsers: A special - identifier that represents anyone who is authenticated with a Google - account or a service account. Does not include identities that come - from external identity providers (IdPs) through identity federation. - user:{emailid}: An email address that represents a specific Google - account. For example, alice@example.com . serviceAccount:{emailid}: - An email address that represents a Google service account. For - example, my-other-app@appspot.gserviceaccount.com. - serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: - An identifier for a Kubernetes service account - (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. - group:{emailid}: An email address that represents a Google group. - For example, admins@example.com. domain:{domain}: The G Suite domain - (primary) that represents all the users of that domain. For example, - google.com or example.com. - principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}: - A single identity in a workforce identity pool. - principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}: - All workforce identities in a group. - principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}: - All workforce identities with a specific attribute value. - principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*: - All identities in a workforce identity pool. - principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}: - A single identity in a workload identity pool. - principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}: - A workload identity pool group. - principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}: - All identities in a workload identity pool with a certain attribute. - principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*: - All identities in a workload identity pool. - deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique - identifier) representing a user that has been recently deleted. For - example, alice@example.com?uid=123456789012345678901. If the user is - recovered, this value reverts to user:{emailid} and the recovered - user retains the role in the binding. - deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. - If the service account is undeleted, this value reverts to - serviceAccount:{emailid} and the undeleted service account retains - the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An - email address (plus unique identifier) representing a Google group - that has been recently deleted. For example, - admins@example.com?uid=123456789012345678901. If the group is - recovered, this value reverts to group:{emailid} and the recovered - group retains the role in the binding. - deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}: - Deleted single identity in a workforce identity pool. For example, - deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value. - type: array - items: - type: string - condition: - description: >- - The condition that is associated with this binding.If the condition - evaluates to true, then this binding applies to the current - request.If the condition evaluates to false, then this binding does - not apply to the current request. However, a different role binding - might grant the same role to one or more of the principals in this - binding.To learn which resources support conditions in their IAM - policies, see the IAM documentation - (https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec.Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - type: object - properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string - title: - description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. - type: string - description: + Resource name for the location, which may vary between + implementations. For example: + "projects/example-project/locations/us-east1" + metadata: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + Service-specific metadata. For example the available capacity at the + given location. + displayName: type: string - location: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + locationId: type: string - GetIamPolicyRequest: - id: GetIamPolicyRequest - description: Request message for GetIamPolicy method. + description: 'The canonical id for this location. For example: "us-east1".' + id: Location type: object + description: A resource that represents a Google Cloud location. + RecentQuery: + description: >- + Describes a recent query executed on the Logs Explorer or Log Analytics + page within the last ~ 30 days. properties: - options: + loggingQuery: + $ref: '#/components/schemas/LoggingQuery' description: >- - OPTIONAL: A GetPolicyOptions object for specifying options to - GetIamPolicy. - $ref: '#/components/schemas/GetPolicyOptions' - GetPolicyOptions: - id: GetPolicyOptions - description: Encapsulates settings provided to GetIamPolicy. - type: object - properties: - requestedPolicyVersion: + Logging query that can be executed in Logs Explorer or via Logging + API. + lastRunTime: + readOnly: true + type: string + description: Output only. The timestamp when this query was last run. + format: google-datetime + name: + type: string description: >- - Optional. The maximum policy version that will be used to format the - policy.Valid values are 0, 1, and 3. Requests specifying an invalid - value will be rejected.Requests for policies with any conditional - role bindings must specify version 3. Policies with no conditional - role bindings may specify any valid value or leave the field - unset.The policy in the response might use the policy version that - you specified, or it might use a lower policy version. For example, - if you specify version 3, but the policy has no conditional role - bindings, the response uses version 1.To learn which resources - support conditions in their IAM policies, see the IAM documentation - (https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for TestIamPermissions method. + Output only. Resource name of the recent query.In the format: + "projects/[PROJECT_ID]/locations/[LOCATION_ID]/recentQueries/[QUERY_ID]" + For a list of supported locations, see Supported Regions + (https://cloud.google.com/logging/docs/region-support)The QUERY_ID + is a system generated alphanumeric ID. + readOnly: true + opsAnalyticsQuery: + description: Analytics query that can be executed in Log Analytics. + $ref: '#/components/schemas/OpsAnalyticsQuery' + id: RecentQuery type: object - properties: - permissions: - description: >- - The set of permissions to check for the resource. Permissions with - wildcards (such as * or storage.*) are not allowed. For more - information see IAM Overview - (https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for TestIamPermissions method. + CopyLogEntriesResponse: type: object properties: - permissions: - description: >- - A subset of TestPermissionsRequest.permissions that the caller is - allowed. - type: array - items: - type: string - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + logEntriesCopiedCount: + type: string + format: int64 + description: Number of log entries copied. + description: Response type for CopyLogEntries long running operations. + id: CopyLogEntriesResponse + LinkMetadata: type: object + id: LinkMetadata properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + startTime: type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object + format: google-datetime + description: The start time of an operation. + createLinkRequest: + $ref: '#/components/schemas/CreateLinkRequest' + description: CreateLink RPC request. + endTime: + description: The end time of an operation. + type: string + format: google-datetime + deleteLinkRequest: + description: DeleteLink RPC request. + $ref: '#/components/schemas/DeleteLinkRequest' + state: + readOnly: true + type: string + description: Output only. State of an operation. + enum: + - OPERATION_STATE_UNSPECIFIED + - OPERATION_STATE_SCHEDULED + - OPERATION_STATE_WAITING_FOR_PERMISSIONS + - OPERATION_STATE_RUNNING + - OPERATION_STATE_SUCCEEDED + - OPERATION_STATE_FAILED + - OPERATION_STATE_CANCELLED + - OPERATION_STATE_PENDING + enumDescriptions: + - Should not be used. + - The operation is scheduled. + - Waiting for necessary permissions. + - The operation is running. + - The operation was completed successfully. + - The operation failed. + - The operation was cancelled by the user. + - The operation is waiting for quota. + description: Metadata for long running Link operations. + DeleteLinkRequest: + id: DeleteLinkRequest + description: The parameters to DeleteLink. properties: name: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the name should be a resource name ending with - operations/{unique_id}. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is false, it means the operation is still in progress. - If true, the operation is completed, and either error or response is - available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as Delete, the response is - google.protobuf.Empty. If the original method is standard - Get/Create/Update, the response should be the resource. For other - methods, the response should have the type XxxResponse, where Xxx is - the original method name. For example, if the original method name - is TakeSnapshot(), the inferred response type is - TakeSnapshotResponse. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The Status type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by gRPC (https://github.com/grpc). Each Status message contains - three pieces of data: error code, error message, and error details.You - can find out more about this error model and how to work with it in the - API Design Guide (https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + Required. The full resource name of the link to delete. + "projects/[PROJECT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]" + "organizations/[ORGANIZATION_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]" + "billingAccounts/[BILLING_ACCOUNT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]" + "folders/[FOLDER_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]" type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } type: object - properties: {} - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. + MetricDescriptorMetadata: + id: MetricDescriptorMetadata + description: Additional annotations that can be used to guide the usage of a metric. type: object properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. + launchStage: + description: Deprecated. Must use the MetricDescriptor.launch_stage instead. + enum: + - LAUNCH_STAGE_UNSPECIFIED + - UNIMPLEMENTED + - PRELAUNCH + - EARLY_ACCESS + - ALPHA + - BETA + - GA + - DEPRECATED + deprecated: true type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: - name: + enumDescriptions: + - Do not use this default value. + - The feature is not yet implemented. Users can not use it. + - >- + Prelaunch features are hidden from users and are only visible + internally. + - >- + Early Access features are limited to a closed group of testers. To + use these features, you must sign up in advance and sign a Trusted + Tester agreement (which includes confidentiality provisions). + These features may be unstable, changed in backward-incompatible + ways, and are not guaranteed to be released. + - >- + Alpha is a limited availability test for releases before they are + cleared for widespread use. By Alpha, all significant design + issues are resolved and we are in the process of verifying + functionality. Alpha customers need to apply for access, agree to + applicable terms, and have their projects allowlisted. Alpha + releases don't have to be feature complete, no SLAs are provided, + and there are no technical support obligations, but they will be + far enough along that customers can actually use them in test + environments or for limited-use tests -- just like they would in + normal production cases. + - >- + Beta is the point at which we are ready to open a release for any + customer to use. There are no SLA or technical support obligations + in a Beta release. Products will be complete from a feature + perspective, but may have some open outstanding issues. Beta + releases are suitable for limited production use cases. + - >- + GA features are open to all developers and are considered stable + and fully qualified for production use. + - >- + Deprecated features are scheduled to be shut down and removed. For + more information, see the "Deprecation Policy" section of our + Terms of Service (https://cloud.google.com/terms/) and the Google + Cloud Platform Subject to the Deprecation Policy + (https://cloud.google.com/terms/deprecation) documentation. + samplePeriod: description: >- - Resource name for the location, which may vary between - implementations. For example: - "projects/example-project/locations/us-east1" - type: string - locationId: - description: 'The canonical id for this location. For example: "us-east1".' + The sampling period of metric data points. For metrics which are + written periodically, consecutive data points are stored at this + time interval, excluding data loss due to errors. Metrics with a + higher granularity have a smaller sampling period. type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + format: google-duration + ingestDelay: type: string - labels: description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: + The delay of data points caused by ingestion. Data points older than + this age are guaranteed to be ingested and available to be read, + excluding data loss due to errors. + format: google-duration + timeSeriesResourceHierarchyLevel: + items: + enum: + - TIME_SERIES_RESOURCE_HIERARCHY_LEVEL_UNSPECIFIED + - PROJECT + - ORGANIZATION + - FOLDER type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ListBucketsResponse: - id: ListBucketsResponse - description: The response from ListBuckets. - type: object - properties: - buckets: - description: A list of buckets. + enumDescriptions: + - Do not use this default value. + - Scopes a metric to a project. + - Scopes a metric to an organization. + - Scopes a metric to a folder. + description: The scope of the timeseries data of the metric. type: array - items: - $ref: '#/components/schemas/LogBucket' - nextPageToken: - description: >- - If there might be more results than appear in this response, then - nextPageToken is included. To get the next set of results, call the - same method again using the value of nextPageToken as pageToken. - type: string - LogBucket: - id: LogBucket - description: Describes a repository in which log entries are stored. + CopyLogEntriesMetadata: + id: CopyLogEntriesMetadata + description: Metadata for CopyLogEntries long running operations. type: object properties: - name: + writerIdentity: description: >- - Output only. The resource name of the bucket.For - example:projects/my-project/locations/global/buckets/my-bucketFor a - list of supported locations, see Supported Regions - (https://cloud.google.com/logging/docs/region-support)For the - location of global it is unspecified where log entries are actually - stored.After a bucket has been created, the location cannot be - changed. - readOnly: true - type: string - description: - description: Optional. Describes this bucket. + The IAM identity of a service account that must be granted access to + the destination.If the service account is not granted permission to + the destination within an hour, the operation will be cancelled.For + example: "serviceAccount:foo@bar.com" type: string - createTime: + destination: description: >- - Output only. The creation timestamp of the bucket. This is not set - for any of the default buckets. - readOnly: true + Destination to which to copy log entries.For example, a Cloud + Storage bucket:"storage.googleapis.com/my-cloud-storage-bucket" type: string + endTime: format: google-datetime - updateTime: - description: Output only. The last update timestamp of the bucket. - readOnly: true type: string - format: google-datetime - retentionDays: + description: The end time of an operation. + cancellationRequested: description: >- - Optional. Logs will be retained by default for this amount of time, - after which they will automatically be deleted. The minimum - retention period is 1 day. If this value is set to zero at bucket - creation time, the default time of 30 days will be used. - type: integer - format: int32 - locked: - description: >- - Optional. Whether the bucket is locked.The retention period on a - locked bucket cannot be changed. Locked buckets may only be deleted - if they are empty. + Identifies whether the user has requested cancellation of the + operation. type: boolean - lifecycleState: - description: Output only. The bucket lifecycle state. - readOnly: true - type: string + request: + deprecated: true + description: CopyLogEntries RPC request. This field is deprecated and not used. + $ref: '#/components/schemas/CopyLogEntriesRequest' + state: enumDescriptions: - - >- - Unspecified state. This is only used/useful for distinguishing - unset values. - - The normal and active state. - - >- - The resource has been marked for deletion by the user. For some - resources (e.g. buckets), this can be reversed by an un-delete - operation. - - >- - The resource has been marked for an update by the user. It will - remain in this state until the update is complete. - - >- - The resource has been marked for creation by the user. It will - remain in this state until the creation is complete. - - The resource is in an INTERNAL error state. + - Should not be used. + - The operation is scheduled. + - Waiting for necessary permissions. + - The operation is running. + - The operation was completed successfully. + - The operation failed. + - The operation was cancelled by the user. + - The operation is waiting for quota. + type: string enum: - - LIFECYCLE_STATE_UNSPECIFIED - - ACTIVE - - DELETE_REQUESTED - - UPDATING - - CREATING - - FAILED - analyticsEnabled: - description: >- - Optional. Whether log analytics is enabled for this bucket.Once - enabled, log analytics features cannot be disabled. - type: boolean - restrictedFields: - description: >- - Optional. Log entry field paths that are denied access in this - bucket.The following fields and their children are eligible: - textPayload, jsonPayload, protoPayload, httpRequest, labels, - sourceLocation.Restricting a repeated field will restrict all - values. Adding a parent will block all child fields. (e.g. foo.bar - will block foo.bar.baz) - type: array - items: - type: string - indexConfigs: - description: Optional. A list of indexed fields and related configuration data. - type: array - items: - $ref: '#/components/schemas/IndexConfig' - cmekSettings: + - OPERATION_STATE_UNSPECIFIED + - OPERATION_STATE_SCHEDULED + - OPERATION_STATE_WAITING_FOR_PERMISSIONS + - OPERATION_STATE_RUNNING + - OPERATION_STATE_SUCCEEDED + - OPERATION_STATE_FAILED + - OPERATION_STATE_CANCELLED + - OPERATION_STATE_PENDING + readOnly: true + description: Output only. State of an operation. + startTime: + format: google-datetime + type: string + description: The create time of an operation. + verb: + description: Name of the verb executed by the operation.For example,"copy" + type: string + progress: + description: Estimated progress of the operation (0 - 100%). + format: int32 + type: integer + source: + type: string description: >- - Optional. The CMEK settings of the log bucket. If present, new log - entries written to this log bucket are encrypted using the CMEK key - provided in this configuration. If a log bucket has CMEK settings, - the CMEK settings cannot be disabled later by updating the log - bucket. Changing the KMS key is allowed. - $ref: '#/components/schemas/CmekSettings' - IndexConfig: - id: IndexConfig - description: Configuration for an indexed field. + Source from which to copy log entries.For example, a log + bucket:"projects/my-project/locations/global/buckets/my-source-bucket" + BucketMetadata: type: object + id: BucketMetadata + description: Metadata for LongRunningUpdateBucket Operations. properties: - fieldPath: - description: >- - Required. The LogEntry field path to index.Note that some paths are - automatically indexed, and other paths are not eligible for - indexing. See indexing documentation( - https://cloud.google.com/logging/docs/analyze/custom-index) for - details.For example: jsonPayload.request.status + endTime: + format: google-datetime type: string - type: - description: Required. The type of data in this index. + description: The end time of an operation. + startTime: + format: google-datetime type: string - enumDescriptions: - - The index's type is unspecified. - - The index is a string-type index. - - The index is a integer-type index. - enum: - - INDEX_TYPE_UNSPECIFIED - - INDEX_TYPE_STRING - - INDEX_TYPE_INTEGER - createTime: - description: >- - Output only. The timestamp when the index was last modified.This is - used to return the timestamp, and will be ignored if supplied during - update. + description: The create time of an operation. + createBucketRequest: + description: LongRunningCreateBucket RPC request. + $ref: '#/components/schemas/CreateBucketRequest' + state: readOnly: true + enum: + - OPERATION_STATE_UNSPECIFIED + - OPERATION_STATE_SCHEDULED + - OPERATION_STATE_WAITING_FOR_PERMISSIONS + - OPERATION_STATE_RUNNING + - OPERATION_STATE_SUCCEEDED + - OPERATION_STATE_FAILED + - OPERATION_STATE_CANCELLED + - OPERATION_STATE_PENDING + description: Output only. State of an operation. type: string - format: google-datetime - CmekSettings: - id: CmekSettings - description: >- - Describes the customer-managed encryption key (CMEK) settings associated - with a project, folder, organization, billing account, or flexible - resource.Note: CMEK for the Log Router can currently only be configured - for Google Cloud organizations. Once configured, it applies to all - projects and folders in the Google Cloud organization.See Enabling CMEK - for Log Router - (https://cloud.google.com/logging/docs/routing/managed-encryption) for - more information. + enumDescriptions: + - Should not be used. + - The operation is scheduled. + - Waiting for necessary permissions. + - The operation is running. + - The operation was completed successfully. + - The operation failed. + - The operation was cancelled by the user. + - The operation is waiting for quota. + updateBucketRequest: + $ref: '#/components/schemas/UpdateBucketRequest' + description: LongRunningUpdateBucket RPC request. + AppHubService: type: object + id: AppHubService + description: Metadata associated with an App Hub service. properties: - name: - description: Output only. The resource name of the CMEK settings. - readOnly: true - type: string - kmsKeyName: - description: >- - Optional. The resource name for the configured Cloud KMS key.KMS key - name format: - "projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEYRING]/cryptoKeys/[KEY]" - For - example:"projects/my-project/locations/us-central1/keyRings/my-ring/cryptoKeys/my-key"To - enable CMEK for the Log Router, set this field to a valid - kms_key_name for which the associated service account has the needed - cloudkms.cryptoKeyEncrypterDecrypter roles assigned for the key.The - Cloud KMS key used by the Log Router can be updated by changing the - kms_key_name to a new valid key name or disabled by setting the key - name to an empty string. Encryption operations that are in progress - will be completed with the key that was in use when they started. - Decryption operations will be completed using the key that was used - at the time of encryption unless access to that key has been - revoked.To disable CMEK for the Log Router, set this field to an - empty string.See Enabling CMEK for Log Router - (https://cloud.google.com/logging/docs/routing/managed-encryption) - for more information. + environmentType: + description: 'Service environment type Example: "DEV"' type: string - kmsKeyVersionName: - description: >- - Output only. The CryptoKeyVersion resource name for the configured - Cloud KMS key.KMS key name format: - "projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEYRING]/cryptoKeys/[KEY]/cryptoKeyVersions/[VERSION]" - For - example:"projects/my-project/locations/us-central1/keyRings/my-ring/cryptoKeys/my-key/cryptoKeyVersions/1"This - is a read-only field used to convey the specific configured - CryptoKeyVersion of kms_key that has been configured. It will be - populated in cases where the CMEK settings are bound to a single key - version.If this field is populated, the kms_key is tied to a - specific CryptoKeyVersion. - readOnly: true + id: + description: 'Service Id. Example: "my-service"' type: string - serviceAccountId: - description: >- - Output only. The service account that will be used by the Log Router - to access your Cloud KMS key.Before enabling CMEK for Log Router, - you must first assign the cloudkms.cryptoKeyEncrypterDecrypter role - to the service account that the Log Router will use to access your - Cloud KMS key. Use GetCmekSettings to obtain the service account - ID.See Enabling CMEK for Log Router - (https://cloud.google.com/logging/docs/routing/managed-encryption) - for more information. - readOnly: true + criticalityType: + description: 'Service criticality type Example: "CRITICAL"' type: string - UndeleteBucketRequest: - id: UndeleteBucketRequest - description: The parameters to UndeleteBucket. - type: object - properties: {} - ListViewsResponse: - id: ListViewsResponse - description: The response from ListViews. - type: object + LogLine: properties: - views: - description: A list of views. - type: array - items: - $ref: '#/components/schemas/LogView' - nextPageToken: - description: >- - If there might be more results than appear in this response, then - nextPageToken is included. To get the next set of results, call the - same method again using the value of nextPageToken as pageToken. + time: + format: google-datetime + description: Approximate time when this log entry was made. type: string - LogView: - id: LogView - description: Describes a view over log entries in a bucket. + logMessage: + type: string + description: App-provided log message. + severity: + description: Severity of this log entry. + type: string + enum: + - DEFAULT + - DEBUG + - INFO + - NOTICE + - WARNING + - ERROR + - CRITICAL + - ALERT + - EMERGENCY + enumDescriptions: + - (0) The log entry has no assigned severity level. + - (100) Debug or trace information. + - (200) Routine information, such as ongoing status or performance. + - >- + (300) Normal but significant events, such as start up, shut down, + or a configuration change. + - (400) Warning events might cause problems. + - (500) Error events are likely to cause problems. + - (600) Critical events cause more severe problems or outages. + - (700) A person must take an action immediately. + - (800) One or more systems are unusable. + sourceLocation: + description: Where in the source code this log message was written. + $ref: '#/components/schemas/SourceLocation' type: object + id: LogLine + description: Application log line emitted while processing a request. + LogView: + description: Describes a view over log entries in a bucket. + id: LogView properties: - name: - description: >- - Output only. The resource name of the view.For - example:projects/my-project/locations/global/buckets/my-bucket/views/my-view - readOnly: true - type: string description: - description: Optional. Describes this view. - type: string - createTime: - description: Output only. The creation timestamp of the view. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The last update timestamp of the view. - readOnly: true type: string - format: google-datetime + description: Optional. Describes this view. filter: + type: string description: >- Optional. Filter that restricts which log entries in a bucket are visible in this view.Filters must be logical conjunctions that use @@ -757,364 +593,133 @@ components: the negations of these qualifiers with the NOT operator.For example:SOURCE("projects/myproject") AND resource.type = "gce_instance" AND NOT LOG_ID("stdout") + createTime: + description: Output only. The creation timestamp of the view. type: string - ListLogScopesResponse: - id: ListLogScopesResponse - description: >- - The response from ListLogScopes. Every project has a _Default log scope - that cannot be modified or deleted. - type: object - properties: - logScopes: - description: A list of log scopes. - type: array - items: - $ref: '#/components/schemas/LogScope' - nextPageToken: - description: >- - If there might be more results than appear in this response, then - nextPageToken is included. To get the next set of results, call the - same method again using the value of nextPageToken as pageToken. - type: string - LogScope: - id: LogScope - description: Describes a group of resources to read log entries from. - type: object - properties: - name: - description: >- - Output only. The resource name of the log scope.Log scopes are only - available in the global location. For - example:projects/my-project/locations/global/logScopes/my-log-scope readOnly: true - type: string - resourceNames: - description: >- - Required. Names of one or more parent resources: - projects/[PROJECT_ID]May alternatively be one or more views: - projects/[PROJECT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/views/[VIEW_ID]A - log scope can include a maximum of 5 projects and a maximum of 100 - resources in total. - type: array - items: - type: string - description: + format: google-datetime + name: description: >- - Optional. Describes this log scope.The maximum length of the - description is 8000 characters. + Output only. The resource name of the view.For + example:projects/my-project/locations/global/buckets/my-bucket/views/my-view type: string - createTime: - description: Output only. The creation timestamp of the log scope. readOnly: true - type: string - format: google-datetime updateTime: - description: Output only. The last update timestamp of the log scope. readOnly: true type: string format: google-datetime - ListExclusionsResponse: - id: ListExclusionsResponse - description: Result returned from ListExclusions. + description: Output only. The last update timestamp of the view. type: object - properties: - exclusions: - description: A list of exclusions. - type: array - items: - $ref: '#/components/schemas/LogExclusion' - nextPageToken: - description: >- - If there might be more results than appear in this response, then - nextPageToken is included. To get the next set of results, call the - same method again using the value of nextPageToken as pageToken. - type: string - LogExclusion: - id: LogExclusion - description: >- - Specifies a set of log entries that are filtered out by a sink. If your - Google Cloud resource receives a large volume of log entries, you can - use exclusions to reduce your chargeable logs. Note that exclusions on - organization-level and folder-level sinks don't apply to child - resources. Note also that you cannot modify the _Required sink or - exclude logs from it. + HttpRequest: type: object + description: >- + A common proto for logging HTTP requests. Only contains semantics + defined by the HTTP specification. Product-specific logging information + MUST be defined in a separate message. + id: HttpRequest properties: - name: - description: >- - Optional. A client-assigned identifier, such as - "load-balancer-exclusion". Identifiers are limited to 100 characters - and can include only letters, digits, underscores, hyphens, and - periods. First character has to be alphanumeric. + userAgent: type: string - description: - description: Optional. A description of this exclusion. + description: >- + The user agent sent by the client. Example: "Mozilla/4.0 + (compatible; MSIE 6.0; Windows 98; Q312461; .NET CLR 1.0.3705)". + remoteIp: type: string - filter: description: >- - Required. An advanced logs filter - (https://cloud.google.com/logging/docs/view/advanced-queries) that - matches the log entries to be excluded. By using the sample function - (https://cloud.google.com/logging/docs/view/advanced-queries#sample), - you can exclude less than 100% of the matching log entries.For - example, the following query matches 99% of low-severity log entries - from Google Cloud Storage buckets:resource.type=gcs_bucket - severity- + The referer URL of the request, as defined in HTTP/1.1 Header Field + Definitions + (https://datatracker.ietf.org/doc/html/rfc2616#section-14.36). type: string - disabled: + protocol: + description: 'Protocol used for the request. Examples: "HTTP/1.1", "HTTP/2"' + type: string + cacheValidatedWithOriginServer: description: >- - Optional. If set to True, then this exclusion is disabled and it - does not exclude any log entries. You can update an exclusion to - change the value of this field. + Whether or not the response was validated with the origin server + before being served from cache. This field is only meaningful if + cache_hit is True. type: boolean - createTime: + cacheFillBytes: description: >- - Output only. The creation timestamp of the exclusion.This field may - not be present for older exclusions. - readOnly: true + The number of HTTP response bytes inserted into cache. Set only when + a cache fill was attempted. type: string - format: google-datetime - updateTime: + format: int64 + serverIp: description: >- - Output only. The last update timestamp of the exclusion.This field - may not be present for older exclusions. - readOnly: true + The IP address (IPv4 or IPv6) of the origin server that the request + was sent to. This field can include port information. Examples: + "192.168.1.1", "10.0.0.1:80", "FE80::0202:B3FF:FE1E:8329". type: string - format: google-datetime - ListSinksResponse: - id: ListSinksResponse - description: Result returned from ListSinks. - type: object - properties: - sinks: - description: A list of sinks. - type: array - items: - $ref: '#/components/schemas/LogSink' - nextPageToken: + responseSize: + format: int64 description: >- - If there might be more results than appear in this response, then - nextPageToken is included. To get the next set of results, call the - same method again using the value of nextPageToken as pageToken. + The size of the HTTP response message sent back to the client, in + bytes, including the response headers and the response body. type: string - LogSink: - id: LogSink - description: >- - Describes a sink used to export log entries to one of the following - destinations: a Cloud Logging log bucket, a Cloud Storage bucket, a - BigQuery dataset, a Pub/Sub topic, a Cloud project.A logs filter - controls which log entries are exported. The sink must be created within - a project, organization, billing account, or folder. - type: object - properties: - name: + latency: description: >- - Optional. The client-assigned sink identifier, unique within the - project.For example: "my-syslog-errors-to-pubsub".Sink identifiers - are limited to 100 characters and can include only the following - characters: upper and lower-case alphanumeric characters, - underscores, hyphens, periods.First character has to be - alphanumeric. + The request processing latency on the server, from the time the + request was received until the response was sent. For WebSocket + connections, this field refers to the entire time duration of the + connection. + format: google-duration type: string - resourceName: + requestUrl: description: >- - Output only. The resource name of the sink. - "projects/[PROJECT_ID]/sinks/[SINK_NAME] - "organizations/[ORGANIZATION_ID]/sinks/[SINK_NAME] - "billingAccounts/[BILLING_ACCOUNT_ID]/sinks/[SINK_NAME] - "folders/[FOLDER_ID]/sinks/[SINK_NAME] For example: - projects/my_project/sinks/SINK_NAME - readOnly: true + The scheme (http, https), the host name, the path and the query + portion of the URL that was requested. Example: + "http://example.com/some/info?color=red". type: string - destination: + cacheHit: + type: boolean description: >- - Required. The export destination: - "storage.googleapis.com/[GCS_BUCKET]" - "bigquery.googleapis.com/projects/[PROJECT_ID]/datasets/[DATASET]" - "pubsub.googleapis.com/projects/[PROJECT_ID]/topics/[TOPIC_ID]" - "logging.googleapis.com/projects/[PROJECT_ID]" - "logging.googleapis.com/projects/[PROJECT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]" - The sink's writer_identity, set when the sink is created, must have - permission to write to the destination or else the log entries are - not exported. For more information, see Exporting Logs with Sinks - (https://cloud.google.com/logging/docs/api/tasks/exporting-logs). - type: string - filter: - description: >- - Optional. An advanced logs filter - (https://cloud.google.com/logging/docs/view/advanced-queries). The - only exported log entries are those that are in the resource owning - the sink and that match the filter.For - example:logName="projects/[PROJECT_ID]/logs/[LOG_ID]" AND - severity>=ERROR - type: string - description: - description: >- - Optional. A description of this sink.The maximum length of the - description is 8000 characters. - type: string - disabled: - description: >- - Optional. If set to true, then this sink is disabled and it does not - export any log entries. - type: boolean - exclusions: - description: >- - Optional. Log entries that match any of these exclusion filters will - not be exported.If a log entry is matched by both filter and one of - exclusions it will not be exported. - type: array - items: - $ref: '#/components/schemas/LogExclusion' - outputVersionFormat: - description: Deprecated. This field is unused. - deprecated: true - type: string - enumDescriptions: - - An unspecified format version that will default to V2. - - LogEntry version 2 format. - - LogEntry version 1 format. - enum: - - VERSION_FORMAT_UNSPECIFIED - - V2 - - V1 - writerIdentity: - description: >- - Output only. An IAM identity—a service account or group—under which - Cloud Logging writes the exported log entries to the sink's - destination. This field is either set by specifying - custom_writer_identity or set automatically by sinks.create and - sinks.update based on the value of unique_writer_identity in those - methods.Until you grant this identity write-access to the - destination, log entry exports from this sink will fail. For more - information, see Granting Access for a Resource - (https://cloud.google.com/iam/docs/granting-roles-to-service-accounts#granting_access_to_a_service_account_for_a_resource). - Consult the destination service's documentation to determine the - appropriate IAM roles to assign to the identity.Sinks that have a - destination that is a log bucket in the same project as the sink - cannot have a writer_identity and no additional permissions are - required. - readOnly: true - type: string - includeChildren: - description: >- - Optional. This field applies only to sinks owned by organizations - and folders. If the field is false, the default, only the logs owned - by the sink's parent resource are available for export. If the field - is true, then log entries from all the projects, folders, and - billing accounts contained in the sink's parent resource are also - available for export. Whether a particular log entry from the - children is exported depends on the sink's filter expression.For - example, if this field is true, then the filter - resource.type=gce_instance would export all Compute Engine VM - instance log entries from all projects in the sink's parent.To only - export entries from certain child projects, filter on the project - part of the log name:logName:("projects/test-project1/" OR - "projects/test-project2/") AND resource.type=gce_instance - type: boolean - interceptChildren: - description: >- - Optional. This field applies only to sinks owned by organizations - and folders.When the value of 'intercept_children' is true, the - following restrictions apply: The sink must have the - include_children flag set to true. The sink destination must be a - Cloud project.Also, the following behaviors apply: Any logs matched - by the sink won't be included by non-_Required sinks owned by child - resources. The sink appears in the results of a ListSinks call from - a child resource if the value of the filter field in its request is - either 'in_scope("ALL")' or 'in_scope("ANCESTOR")'. + Whether or not an entity was served from cache (with or without + validation). + cacheLookup: + description: Whether or not a cache lookup was attempted. type: boolean - bigqueryOptions: - description: Optional. Options that affect sinks exporting data to BigQuery. - $ref: '#/components/schemas/BigQueryOptions' - createTime: - description: >- - Output only. The creation timestamp of the sink.This field may not - be present for older sinks. - readOnly: true + requestMethod: type: string - format: google-datetime - updateTime: + description: 'The request method. Examples: "GET", "HEAD", "PUT", "POST".' + requestSize: description: >- - Output only. The last update timestamp of the sink.This field may - not be present for older sinks. - readOnly: true + The size of the HTTP request message in bytes, including the request + headers and the request body. type: string - format: google-datetime - BigQueryOptions: - id: BigQueryOptions - description: Options that change functionality of a sink exporting data to BigQuery. - type: object - properties: - usePartitionedTables: - description: >- - Optional. Whether to use BigQuery's partition tables - (https://cloud.google.com/bigquery/docs/partitioned-tables). By - default, Cloud Logging creates dated tables based on the log - entries' timestamps, e.g. syslog_20170523. With partitioned tables - the date suffix is no longer present and special query syntax - (https://cloud.google.com/bigquery/docs/querying-partitioned-tables) - has to be used instead. In both cases, tables are sharded based on - UTC timezone. - type: boolean - usesTimestampColumnPartitioning: + format: int64 + status: + format: int32 + type: integer description: >- - Output only. True if new timestamp column based partitioning is in - use, false if legacy ingress-time partitioning is in use.All new - sinks will have this field set true and will use timestamp column - based partitioning. If use_partitioned_tables is false, this value - has no meaning and will be false. Legacy sinks using partitioned - tables will have this field set to false. - readOnly: true - type: boolean - ListLinksResponse: - id: ListLinksResponse - description: The response from ListLinks. + The response code indicating the status of response. Examples: 200, + 404. + LogBucket: type: object properties: - links: - description: A list of links. - type: array - items: - $ref: '#/components/schemas/Link' - nextPageToken: - description: >- - If there might be more results than those appearing in this - response, then nextPageToken is included. To get the next set of - results, call the same method again using the value of nextPageToken - as pageToken. + createTime: type: string - Link: - id: Link - description: Describes a link connected to an analytics enabled bucket. - type: object - properties: - name: - description: >- - Output only. The resource name of the link. The name can have up to - 100 characters. A valid link id (at the end of the link name) must - only have alphanumeric characters and underscores within it. - "projects/[PROJECT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]" - "organizations/[ORGANIZATION_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]" - "billingAccounts/[BILLING_ACCOUNT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]" - "folders/[FOLDER_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]" - For - example:`projects/my-project/locations/global/buckets/my-bucket/links/my_link readOnly: true - type: string - description: description: >- - Optional. Describes this link.The maximum length of the description - is 8000 characters. + Output only. The creation timestamp of the bucket. This is not set + for any of the default buckets. + format: google-datetime + indexConfigs: + items: + $ref: '#/components/schemas/IndexConfig' + description: Optional. A list of indexed fields and related configuration data. + type: array + updateTime: type: string - createTime: - description: Output only. The creation timestamp of the link. + description: Output only. The last update timestamp of the bucket. readOnly: true - type: string format: google-datetime lifecycleState: - description: Output only. The resource lifecycle state. - readOnly: true type: string enumDescriptions: - >- @@ -1139,127 +744,146 @@ components: - UPDATING - CREATING - FAILED - bigqueryDataset: + readOnly: true + description: Output only. The bucket lifecycle state. + analyticsEnabled: description: >- - Optional. The information of a BigQuery Dataset. When a link is - created, a BigQuery dataset is created along with it, in the same - project as the LogBucket it's linked to. This dataset will also have - BigQuery Views corresponding to the LogViews in the bucket. - $ref: '#/components/schemas/BigQueryDataset' - BigQueryDataset: - id: BigQueryDataset - description: Describes a BigQuery dataset that was created by a link. - type: object - properties: - datasetId: + Optional. Whether log analytics is enabled for this bucket.Once + enabled, log analytics features cannot be disabled. + type: boolean + retentionDays: + format: int32 description: >- - Output only. The full resource name of the BigQuery dataset. The - DATASET_ID will match the ID of the link, so the link must match the - naming restrictions of BigQuery datasets (alphanumeric characters - and underscores only).The dataset will have a resource path of - "bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID" - readOnly: true - type: string - Settings: - id: Settings - description: >- - Describes the settings associated with a project, folder, organization, - or billing account. - type: object - properties: + Optional. Logs will be retained by default for this amount of time, + after which they will automatically be deleted. The minimum + retention period is 1 day. If this value is set to zero at bucket + creation time, the default time of 30 days will be used. + type: integer + locked: + description: >- + Optional. Whether the bucket is locked.The retention period on a + locked bucket cannot be changed. Locked buckets may only be deleted + if they are empty. + type: boolean + cmekSettings: + description: >- + Optional. The CMEK settings of the log bucket. If present, new log + entries written to this log bucket are encrypted using the CMEK key + provided in this configuration. If a log bucket has CMEK settings, + the CMEK settings cannot be disabled later by updating the log + bucket. Changing the KMS key is allowed. + $ref: '#/components/schemas/CmekSettings' name: - description: Output only. The resource name of the settings. - readOnly: true type: string - kmsKeyName: description: >- - Optional. The resource name for the configured Cloud KMS key.KMS key - name format: - "projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEYRING]/cryptoKeys/[KEY]" - For - example:"projects/my-project/locations/us-central1/keyRings/my-ring/cryptoKeys/my-key"To - enable CMEK, set this field to a valid kms_key_name for which the - associated service account has the required - roles/cloudkms.cryptoKeyEncrypterDecrypter role assigned for the - key.The Cloud KMS key used by the Log Router can be updated by - changing the kms_key_name to a new valid key name.To disable CMEK - for the Log Router, set this field to an empty string.See Enabling - CMEK for Log Router - (https://cloud.google.com/logging/docs/routing/managed-encryption) - for more information. + Output only. The resource name of the bucket.For + example:projects/my-project/locations/global/buckets/my-bucketFor a + list of supported locations, see Supported Regions + (https://cloud.google.com/logging/docs/region-support)For the + location of global it is unspecified where log entries are actually + stored.After a bucket has been created, the location cannot be + changed. + readOnly: true + restrictedFields: + type: array + description: >- + Optional. Log entry field paths that are denied access in this + bucket.The following fields and their children are eligible: + textPayload, jsonPayload, protoPayload, httpRequest, labels, + sourceLocation.Restricting a repeated field will restrict all + values. Adding a parent will block all child fields. (e.g. foo.bar + will block foo.bar.baz) + items: + type: string + description: + description: Optional. Describes this bucket. type: string - kmsServiceAccountId: + id: LogBucket + description: Describes a repository in which log entries are stored. + SourceLocation: + properties: + functionName: description: >- - Output only. The service account that will be used by the Log Router - to access your Cloud KMS key.Before enabling CMEK, you must first - assign the role roles/cloudkms.cryptoKeyEncrypterDecrypter to the - service account that will be used to access your Cloud KMS key. Use - GetSettings to obtain the service account ID.See Enabling CMEK for - Log Router - (https://cloud.google.com/logging/docs/routing/managed-encryption) - for more information. - readOnly: true + Human-readable name of the function or method being invoked, with + optional context such as the class or package name. This information + is used in contexts such as the logs viewer, where a file and line + number are less meaningful. The format can vary by language. For + example: qual.if.ied.Class.method (Java), dir/package.func (Go), + function (Python). type: string - storageLocation: + line: + type: string + description: Line within the source file. + format: int64 + file: description: >- - Optional. The storage location for the _Default and _Required log - buckets of newly created projects and folders, unless the storage - location is explicitly provided.Example value: europe-west1.Note: - this setting does not affect the location of resources where a - location is explicitly provided when created, such as custom log - buckets. + Source file name. Depending on the runtime environment, this might + be a simple name or a fully-qualified name. type: string - disableDefaultSink: + id: SourceLocation + type: object + description: Specifies a location in a source code file. + SourceReference: + properties: + revisionId: description: >- - Optional. If set to true, the _Default sink in newly created - projects and folders will created in a disabled state. This can be - used to automatically disable log storage if there is already an - aggregated sink configured in the hierarchy. The _Default sink can - be re-enabled manually if needed. - type: boolean - defaultSinkConfig: - description: Optional. Overrides the built-in configuration for _Default sink. - $ref: '#/components/schemas/DefaultSinkConfig' - loggingServiceAccountId: + The canonical and persistent identifier of the deployed revision. + Example (git): "0035781c50ec7aa23385dc841529ce8a4b70db1b" + type: string + repository: description: >- - Output only. The service account for the given resource container, - such as project or folder. Log sinks use this service account as - their writer_identity if no custom service account is provided in - the request when calling the create sink method. - readOnly: true + Optional. A URI string identifying the repository. Example: + "https://github.com/GoogleCloudPlatform/kubernetes.git" type: string + type: object + description: >- + A reference to a particular snapshot of the source tree used to build + and deploy an application. + id: SourceReference + LogSplit: + properties: + index: + type: integer + description: >- + The index of this LogEntry in the sequence of split log entries. Log + entries are given |index| values 0, 1, ..., n-1 for a sequence of n + log entries. + format: int32 + totalSplits: + format: int32 + description: >- + The total number of log entries that the original LogEntry was split + into. + type: integer + uid: + description: >- + A globally unique identifier for all log entries in a sequence of + split log entries. All log entries with the same |LogSplit.uid| are + assumed to be part of the same sequence of split log entries. + type: string + description: >- + Additional information used to correlate multiple log entries. Used when + a single LogEntry would exceed the Google Cloud Logging size limit and + is split across multiple log entries. + id: LogSplit + type: object DefaultSinkConfig: id: DefaultSinkConfig description: >- Describes the custom _Default sink configuration that is used to override the built-in _Default sink configuration in newly created resource containers, such as projects or folders. - type: object properties: - filter: - description: >- - Optional. An advanced logs filter - (https://cloud.google.com/logging/docs/view/advanced-queries). The - only exported log entries are those that are in the resource owning - the sink and that match the filter.For - example:logName="projects/[PROJECT_ID]/logs/[LOG_ID]" AND - severity>=ERRORTo match all logs, don't add exclusions and use the - following line as the value of filter:logName:*Cannot be empty or - unset when the value of mode is OVERWRITE. - type: string - exclusions: - description: >- - Optional. Specifies the set of exclusions to be added to the - _Default sink in newly created resource containers. - type: array - items: - $ref: '#/components/schemas/LogExclusion' mode: description: >- Required. Determines the behavior to apply to the built-in _Default sink inclusion filter.Exclusions are always appended, as built-in _Default sinks have no exclusions. type: string + enum: + - FILTER_WRITE_MODE_UNSPECIFIED + - APPEND + - OVERWRITE enumDescriptions: - >- The filter's write mode is unspecified. This mode must not be @@ -1271,236 +895,133 @@ components: - >- The contents of filter will overwrite the built-in _Default sink filter. - enum: - - FILTER_WRITE_MODE_UNSPECIFIED - - APPEND - - OVERWRITE - ListSavedQueriesResponse: - id: ListSavedQueriesResponse - description: The response from ListSavedQueries. + filter: + type: string + description: >- + Optional. An advanced logs filter + (https://cloud.google.com/logging/docs/view/advanced-queries). The + only exported log entries are those that are in the resource owning + the sink and that match the filter.For + example:logName="projects/[PROJECT_ID]/logs/[LOG_ID]" AND + severity>=ERRORTo match all logs, don't add exclusions and use the + following line as the value of filter:logName:*Cannot be empty or + unset when the value of mode is OVERWRITE. + exclusions: + type: array + description: >- + Optional. Specifies the set of exclusions to be added to the + _Default sink in newly created resource containers. + items: + $ref: '#/components/schemas/LogExclusion' + type: object + Status: + description: >- + The Status type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by gRPC (https://github.com/grpc). Each Status message contains + three pieces of data: error code, error message, and error details.You + can find out more about this error model and how to work with it in the + API Design Guide (https://cloud.google.com/apis/design/errors). type: object properties: - savedQueries: - description: A list of saved queries. - type: array + code: + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + details: items: - $ref: '#/components/schemas/SavedQuery' - nextPageToken: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + type: array description: >- - If there might be more results than appear in this response, then - nextPageToken is included. To get the next set of results, call the - same method again using the value of nextPageToken as pageToken. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + id: Status + ListLogEntriesResponse: + type: object + properties: + nextPageToken: type: string - unreachable: description: >- - The unreachable resources. It can be either 1) a saved query if a - specific query is unreachable or 2) a location if a specific - location is unreachabe. - "projects/[PROJECT_ID]/locations/[LOCATION_ID]/savedQueries/[QUERY_ID]" - "projects/[PROJECT_ID]/locations/[LOCATION_ID]" For example: - "projects/my-project/locations/global/savedQueries/12345678" - "projects/my-project/locations/global" If there are unreachable - resources, the response will first return pages that contain saved - queries, and then return pages that contain the unreachable - resources. + If there might be more results than those appearing in this + response, then nextPageToken is included. To get the next set of + results, call this method again using the value of nextPageToken as + pageToken.If a value for next_page_token appears and the entries + field is empty, it means that the search found no log entries so far + but it did not have time to search all the possible log entries. + Retry the method with this value for page_token to continue the + search. Alternatively, consider speeding up the search by changing + your filter to specify a single log name or resource type, or to + narrow the time range of the search. + entries: type: array items: - type: string - SavedQuery: - id: SavedQuery - description: Describes a query that has been saved by a user. + $ref: '#/components/schemas/LogEntry' + description: >- + A list of log entries. If entries is empty, nextPageToken may still + be returned, indicating that more entries may exist. See + nextPageToken for more information. + description: Result returned from ListLogEntries. + id: ListLogEntriesResponse + ListLocationsResponse: type: object + id: ListLocationsResponse properties: - name: + nextPageToken: + description: The standard List next-page token. + type: string + locations: description: >- - Output only. Resource name of the saved query.In the format: - "projects/[PROJECT_ID]/locations/[LOCATION_ID]/savedQueries/[QUERY_ID]" - For a list of supported locations, see Supported Regions - (https://cloud.google.com/logging/docs/region-support#bucket-regions)After - the saved query is created, the location cannot be changed.If the - user doesn't provide a QUERY_ID, the system will generate an - alphanumeric ID. - readOnly: true - type: string - displayName: - description: Required. The user specified title for the SavedQuery. - type: string - description: - description: Optional. A human readable description of the saved query. - type: string - loggingQuery: - description: >- - Logging query that can be executed in Logs Explorer or via Logging - API. - $ref: '#/components/schemas/LoggingQuery' - opsAnalyticsQuery: - description: Analytics query that can be executed in Log Analytics. - $ref: '#/components/schemas/OpsAnalyticsQuery' - createTime: - description: Output only. The timestamp when the saved query was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the saved query was last updated. - readOnly: true - type: string - format: google-datetime - visibility: - description: >- - Required. The visibility status of this query, which determines its - ownership. - type: string - enumDescriptions: - - >- - The saved query visibility is unspecified. A CreateSavedQuery - request with an unspecified visibility will be rejected. - - The saved query is only visible to the user that created it. - - The saved query is visible to anyone in the project. - enum: - - VISIBILITY_UNSPECIFIED - - PRIVATE - - SHARED - LoggingQuery: - id: LoggingQuery - description: >- - Describes a Cloud Logging query that can be run in Logs Explorer UI or - via the logging API.In addition to the query itself, additional - information may be stored to capture the display configuration and other - UI state used in association with analysis of query results. - type: object - properties: - filter: - description: >- - Required. An advanced query using the Logging Query Language - (https://cloud.google.com/logging/docs/view/logging-query-language). - The maximum length of the filter is 20000 characters. - type: string - summaryFields: - description: Optional. The set of summary fields to display for this saved query. + A list of locations that matches the specified filter in the + request. type: array items: - $ref: '#/components/schemas/SummaryField' - summaryFieldStart: - description: Characters will be counted from the start of the string. - type: integer - format: int32 - summaryFieldEnd: - description: Characters will be counted from the end of the string. - type: integer - format: int32 - SummaryField: - id: SummaryField - description: >- - A field from the LogEntry that is added to the summary line - (https://cloud.google.com/logging/docs/view/logs-explorer-interface#add-summary-fields) - for a query in the Logs Explorer. - type: object - properties: - field: - description: >- - Optional. The field from the LogEntry to include in the summary - line, for example resource.type or jsonPayload.name. - type: string - OpsAnalyticsQuery: - id: OpsAnalyticsQuery - description: >- - Describes an analytics query that can be run in the Log Analytics page - of Google Cloud console.Preview: This is a preview feature and may be - subject to change before final release. - type: object - properties: - sqlQueryText: - description: >- - Required. A logs analytics SQL query, which generally follows - BigQuery format.This is the SQL query that appears in the Log - Analytics UI's query editor. - type: string - ListRecentQueriesResponse: - id: ListRecentQueriesResponse - description: The response from ListRecentQueries. - type: object + $ref: '#/components/schemas/Location' + description: The response message for Locations.ListLocations. + WriteLogEntriesRequest: + id: WriteLogEntriesRequest properties: - recentQueries: - description: A list of recent queries. - type: array + entries: items: - $ref: '#/components/schemas/RecentQuery' - nextPageToken: - description: >- - If there might be more results than appear in this response, then - nextPageToken is included. To get the next set of results, call the - same method again using the value of nextPageToken as pageToken. - type: string - unreachable: - description: >- - The unreachable resources. Each resource can be either 1) a saved - query if a specific query is unreachable or 2) a location if a - specific location is unreachable. - "projects/[PROJECT_ID]/locations/[LOCATION_ID]/recentQueries/[QUERY_ID]" - "projects/[PROJECT_ID]/locations/[LOCATION_ID]" For - example:"projects/my-project/locations/global/recentQueries/12345678" - "projects/my-project/locations/global"If there are unreachable - resources, the response will first return pages that contain recent - queries, and then return pages that contain the unreachable - resources. + $ref: '#/components/schemas/LogEntry' type: array - items: - type: string - RecentQuery: - id: RecentQuery - description: >- - Describes a recent query executed on the Logs Explorer or Log Analytics - page within the last ~ 30 days. - type: object - properties: - name: - description: >- - Optional. Resource name of the recent query.In the format: - "projects/[PROJECT_ID]/locations/[LOCATION_ID]/recentQueries/[QUERY_ID]" - For a list of supported locations, see Supported Regions - (https://cloud.google.com/logging/docs/region-support)The QUERY_ID - is a system generated alphanumeric ID. - type: string - loggingQuery: - description: >- - Logging query that can be executed in Logs Explorer or via Logging - API. - $ref: '#/components/schemas/LoggingQuery' - opsAnalyticsQuery: - description: Analytics query that can be executed in Log Analytics. - $ref: '#/components/schemas/OpsAnalyticsQuery' - lastRunTime: - description: Output only. The timestamp when this query was last run. - readOnly: true - type: string - format: google-datetime - CopyLogEntriesRequest: - id: CopyLogEntriesRequest - description: The parameters to CopyLogEntries. - type: object - properties: - name: - description: >- - Required. Log bucket from which to copy log entries.For - example:"projects/my-project/locations/global/buckets/my-source-bucket" - type: string - filter: description: >- - Optional. A filter specifying which log entries to copy. The filter - must be no more than 20k characters. An empty filter matches all log - entries. - type: string - destination: + Required. The log entries to send to Logging. The order of log + entries in this list does not matter. Values supplied in this + method's log_name, resource, and labels fields are copied into those + log entries in this list that do not include values for their + corresponding fields. For more information, see the LogEntry type.If + the timestamp or insert_id fields are missing in log entries, then + this method supplies the current time or a unique identifier, + respectively. The supplied values are chosen so that, among the log + entries that did not supply their own values, the entries earlier in + the list will sort before the entries later in the list. See the + entries.list method.Log entries with timestamps that are more than + the logs retention period (https://cloud.google.com/logging/quotas) + in the past or more than 24 hours in the future will not be + available when calling entries.list. However, those log entries can + still be exported with LogSinks + (https://cloud.google.com/logging/docs/api/tasks/exporting-logs).To + improve throughput and to avoid exceeding the quota limit + (https://cloud.google.com/logging/quotas) for calls to + entries.write, you should try to include several log entries in this + list, rather than calling this method for each individual log entry. + resource: + $ref: '#/components/schemas/MonitoredResource' description: >- - Required. Destination to which to copy log entries. For example: - "storage.googleapis.com/GCS_BUCKET" - type: string - WriteLogEntriesRequest: - id: WriteLogEntriesRequest - description: The parameters to WriteLogEntries. - type: object - properties: + Optional. A default monitored resource object that is assigned to + all log entries in entries that do not specify a value for resource. + Example: { "type": "gce_instance", "labels": { "zone": + "us-central1-a", "instance_id": "00000000000000000000" }} See + LogEntry. logName: description: >- Optional. A default log resource name that is assigned to all log @@ -1516,48 +1037,15 @@ components: entries, whether the resource is specified in logName or in an individual log entry. type: string - resource: - description: >- - Optional. A default monitored resource object that is assigned to - all log entries in entries that do not specify a value for resource. - Example: { "type": "gce_instance", "labels": { "zone": - "us-central1-a", "instance_id": "00000000000000000000" }} See - LogEntry. - $ref: '#/components/schemas/MonitoredResource' labels: + type: object + additionalProperties: + type: string description: >- Optional. Default labels that are added to the labels field of all log entries in entries. If a log entry already has a label with the same key as a label in this parameter, then the log entry's label is not changed. See LogEntry. - type: object - additionalProperties: - type: string - entries: - description: >- - Required. The log entries to send to Logging. The order of log - entries in this list does not matter. Values supplied in this - method's log_name, resource, and labels fields are copied into those - log entries in this list that do not include values for their - corresponding fields. For more information, see the LogEntry type.If - the timestamp or insert_id fields are missing in log entries, then - this method supplies the current time or a unique identifier, - respectively. The supplied values are chosen so that, among the log - entries that did not supply their own values, the entries earlier in - the list will sort before the entries later in the list. See the - entries.list method.Log entries with timestamps that are more than - the logs retention period (https://cloud.google.com/logging/quotas) - in the past or more than 24 hours in the future will not be - available when calling entries.list. However, those log entries can - still be exported with LogSinks - (https://cloud.google.com/logging/docs/api/tasks/exporting-logs).To - improve throughput and to avoid exceeding the quota limit - (https://cloud.google.com/logging/quotas) for calls to - entries.write, you should try to include several log entries in this - list, rather than calling this method for each individual log entry. - type: array - items: - $ref: '#/components/schemas/LogEntry' partialSuccess: description: >- Optional. Whether a batch's valid entries should be written even if @@ -1570,191 +1058,925 @@ components: entries are written will not include per-entry errors. type: boolean dryRun: + type: boolean description: >- Optional. If true, the request should expect normal response, but the entries won't be persisted nor exported. Useful for checking whether the logging API endpoints are working properly before sending valuable data. - type: boolean - MonitoredResource: - id: MonitoredResource - description: >- - An object representing a resource that can be used for monitoring, - logging, billing, or other purposes. Examples include virtual machine - instances, databases, and storage devices such as disks. The type field - identifies a MonitoredResourceDescriptor object that describes the - resource's schema. Information in the labels field identifies the actual - resource and its attributes according to the schema. For example, a - particular Compute Engine VM instance could be represented by the - following object, because the MonitoredResourceDescriptor for - "gce_instance" has labels "project_id", "instance_id" and "zone": { - "type": "gce_instance", "labels": { "project_id": "my-project", - "instance_id": "12345678901234", "zone": "us-central1-a" }} + description: The parameters to WriteLogEntries. type: object + CmekSettings: properties: - type: - description: >- - Required. The monitored resource type. This field must match the - type field of a MonitoredResourceDescriptor object. For example, the - type of a Compute Engine VM instance is gce_instance. Some - descriptors include the service name in the type; for example, the - type of a Datastream stream is datastream.googleapis.com/Stream. + name: + description: Output only. The resource name of the CMEK settings. + readOnly: true type: string - labels: - description: >- - Required. Values for all of the labels listed in the associated - monitored resource descriptor. For example, Compute Engine VM - instances use the labels "project_id", "instance_id", and "zone". - type: object - additionalProperties: - type: string - LogEntry: - id: LogEntry - description: An individual entry in a log. - type: object - properties: - logName: - description: >- - Required. The resource name of the log to which this log entry - belongs: "projects/[PROJECT_ID]/logs/[LOG_ID]" - "organizations/[ORGANIZATION_ID]/logs/[LOG_ID]" - "billingAccounts/[BILLING_ACCOUNT_ID]/logs/[LOG_ID]" - "folders/[FOLDER_ID]/logs/[LOG_ID]" A project number may be used in - place of PROJECT_ID. The project number is translated to its - corresponding PROJECT_ID internally and the log_name field will - contain PROJECT_ID in queries and exports.[LOG_ID] must be - URL-encoded within log_name. Example: - "organizations/1234567890/logs/cloudresourcemanager.googleapis.com%2Factivity".[LOG_ID] - must be less than 512 characters long and can only include the - following characters: upper and lower case alphanumeric characters, - forward-slash, underscore, hyphen, and period.For backward - compatibility, if log_name begins with a forward-slash, such as - /projects/..., then the log entry is processed as usual, but the - forward-slash is removed. Listing the log entry will not show the - leading slash and filtering for a log name with a leading slash will - never return any results. + kmsKeyName: type: string - resource: description: >- - Required. The monitored resource that produced this log - entry.Example: a log entry that reports a database error would be - associated with the monitored resource designating the particular - database that reported the error. - $ref: '#/components/schemas/MonitoredResource' - protoPayload: + Optional. The resource name for the configured Cloud KMS key.KMS key + name format: + "projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEYRING]/cryptoKeys/[KEY]" + For + example:"projects/my-project/locations/us-central1/keyRings/my-ring/cryptoKeys/my-key"To + enable CMEK for the Log Router, set this field to a valid + kms_key_name for which the associated service account has the needed + cloudkms.cryptoKeyEncrypterDecrypter roles assigned for the key.The + Cloud KMS key used by the Log Router can be updated by changing the + kms_key_name to a new valid key name or disabled by setting the key + name to an empty string. Encryption operations that are in progress + will be completed with the key that was in use when they started. + Decryption operations will be completed using the key that was used + at the time of encryption unless access to that key has been + revoked.To disable CMEK for the Log Router, set this field to an + empty string.See Enabling CMEK for Log Router + (https://cloud.google.com/logging/docs/routing/managed-encryption) + for more information. + serviceAccountId: description: >- - The log entry payload, represented as a protocol buffer. Some Google - Cloud Platform services use this field for their log entry - payloads.The following protocol buffer types are supported; - user-defined types are not - supported:"type.googleapis.com/google.cloud.audit.AuditLog" - "type.googleapis.com/google.appengine.logging.v1.RequestLog" - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - textPayload: - description: The log entry payload, represented as a Unicode string (UTF-8). + Output only. The service account that will be used by the Log Router + to access your Cloud KMS key.Before enabling CMEK for Log Router, + you must first assign the cloudkms.cryptoKeyEncrypterDecrypter role + to the service account that the Log Router will use to access your + Cloud KMS key. Use GetCmekSettings to obtain the service account + ID.See Enabling CMEK for Log Router + (https://cloud.google.com/logging/docs/routing/managed-encryption) + for more information. type: string - jsonPayload: - description: >- - The log entry payload, represented as a structure that is expressed - as a JSON object. - type: object - additionalProperties: - type: any - description: Properties of the object. - timestamp: + readOnly: true + kmsKeyVersionName: description: >- - Optional. The time the event described by the log entry occurred. - This time is used to compute the log entry's age and to enforce the - logs retention period. If this field is omitted in a new log entry, - then Logging assigns it the current time. Timestamps have nanosecond - accuracy, but trailing zeros in the fractional seconds might be - omitted when the timestamp is displayed.Incoming log entries must - have timestamps that don't exceed the logs retention period - (https://cloud.google.com/logging/quotas#logs_retention_periods) in - the past, and that don't exceed 24 hours in the future. Log entries - outside those time boundaries are rejected by Logging. + Output only. The CryptoKeyVersion resource name for the configured + Cloud KMS key.KMS key name format: + "projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEYRING]/cryptoKeys/[KEY]/cryptoKeyVersions/[VERSION]" + For + example:"projects/my-project/locations/us-central1/keyRings/my-ring/cryptoKeys/my-key/cryptoKeyVersions/1"This + is a read-only field used to convey the specific configured + CryptoKeyVersion of kms_key that has been configured. It will be + populated in cases where the CMEK settings are bound to a single key + version.If this field is populated, the kms_key is tied to a + specific CryptoKeyVersion. type: string - format: google-datetime - receiveTimestamp: - description: Output only. The time the log entry was received by Logging. readOnly: true + id: CmekSettings + type: object + description: >- + Describes the customer-managed encryption key (CMEK) settings associated + with a project, folder, organization, billing account, or flexible + resource.Note: CMEK for the Log Router can currently only be configured + for Google Cloud organizations. Once configured, it applies to all + projects and folders in the Google Cloud organization.See Enabling CMEK + for Log Router + (https://cloud.google.com/logging/docs/routing/managed-encryption) for + more information. + WriteLogEntriesResponse: + properties: {} + description: Result returned from WriteLogEntries. + type: object + id: WriteLogEntriesResponse + CreateBucketRequest: + type: object + properties: + parent: + description: >- + Required. The resource in which to create the log bucket: + "projects/[PROJECT_ID]/locations/[LOCATION_ID]" For + example:"projects/my-project/locations/global" type: string - format: google-datetime - severity: + bucket: description: >- - Optional. The severity of the log entry. The default value is - LogSeverity.DEFAULT. + Required. The new bucket. The region specified in the new bucket + must be compliant with any Location Restriction Org Policy. The name + field in the bucket is ignored. + $ref: '#/components/schemas/LogBucket' + bucketId: + description: >- + Required. A client-assigned identifier such as "my-bucket". + Identifiers are limited to 100 characters and can include only + letters, digits, underscores, hyphens, and periods. Bucket + identifiers must start with an alphanumeric character. type: string - enumDescriptions: - - (0) The log entry has no assigned severity level. - - (100) Debug or trace information. - - (200) Routine information, such as ongoing status or performance. - - >- - (300) Normal but significant events, such as start up, shut down, - or a configuration change. - - (400) Warning events might cause problems. - - (500) Error events are likely to cause problems. - - (600) Critical events cause more severe problems or outages. - - (700) A person must take an action immediately. - - (800) One or more systems are unusable. - enum: - - DEFAULT - - DEBUG - - INFO - - NOTICE - - WARNING - - ERROR - - CRITICAL - - ALERT - - EMERGENCY - insertId: + id: CreateBucketRequest + description: The parameters to CreateBucket. + ListBucketsResponse: + properties: + nextPageToken: description: >- - Optional. A unique identifier for the log entry. If you provide a - value, then Logging considers other log entries in the same project, - with the same timestamp, and with the same insert_id to be - duplicates which are removed in a single query result. However, - there are no guarantees of de-duplication in the export of logs.If - the insert_id is omitted when writing a log entry, the Logging API - assigns its own unique identifier in this field.In queries, the - insert_id is also used to order log entries that have the same - log_name and timestamp values. + If there might be more results than appear in this response, then + nextPageToken is included. To get the next set of results, call the + same method again using the value of nextPageToken as pageToken. type: string - httpRequest: + buckets: + type: array + items: + $ref: '#/components/schemas/LogBucket' + description: A list of buckets. + id: ListBucketsResponse + description: The response from ListBuckets. + type: object + MetricDescriptor: + properties: + displayName: description: >- - Optional. Information about the HTTP request associated with this - log entry, if applicable. - $ref: '#/components/schemas/HttpRequest' + A concise name for the metric, which can be displayed in user + interfaces. Use sentence case without an ending period, for example + "Request count". This field is optional but it is recommended to be + set for any metrics associated with user-visible concepts, such as + Quota. + type: string labels: description: >- - Optional. A map of key, value pairs that provides additional - information about the log entry. The labels can be user-defined or - system-defined.User-defined labels are arbitrary key, value pairs - that you can use to classify logs.System-defined labels are defined - by GCP services for platform logs. They have two components - a - service namespace component and the attribute name. For example: - compute.googleapis.com/resource_name.Cloud Logging truncates label - keys that exceed 512 B and label values that exceed 64 KB upon their - associated log entry being written. The truncation is indicated by - an ellipsis at the end of the character string. - type: object - additionalProperties: - type: string - metadata: - description: >- - Output only. Deprecated. This field is not used by Logging. Any - value written to it is cleared. + The set of labels that can be used to describe a specific instance + of this metric type. For example, the + appengine.googleapis.com/http/server/response_latencies metric type + has a label for the HTTP response code, response_code, so you can + look at latencies for successful responses or just for responses + that failed. + items: + $ref: '#/components/schemas/LabelDescriptor' + type: array + monitoredResourceTypes: + items: + type: string + type: array + description: >- + Read-only. If present, then a time series, which is identified + partially by a metric type and a MonitoredResourceDescriptor, that + is associated with this metric type can only be associated with one + of the monitored resource types listed here. + launchStage: + description: Optional. The launch stage of the metric definition. + enumDescriptions: + - Do not use this default value. + - The feature is not yet implemented. Users can not use it. + - >- + Prelaunch features are hidden from users and are only visible + internally. + - >- + Early Access features are limited to a closed group of testers. To + use these features, you must sign up in advance and sign a Trusted + Tester agreement (which includes confidentiality provisions). + These features may be unstable, changed in backward-incompatible + ways, and are not guaranteed to be released. + - >- + Alpha is a limited availability test for releases before they are + cleared for widespread use. By Alpha, all significant design + issues are resolved and we are in the process of verifying + functionality. Alpha customers need to apply for access, agree to + applicable terms, and have their projects allowlisted. Alpha + releases don't have to be feature complete, no SLAs are provided, + and there are no technical support obligations, but they will be + far enough along that customers can actually use them in test + environments or for limited-use tests -- just like they would in + normal production cases. + - >- + Beta is the point at which we are ready to open a release for any + customer to use. There are no SLA or technical support obligations + in a Beta release. Products will be complete from a feature + perspective, but may have some open outstanding issues. Beta + releases are suitable for limited production use cases. + - >- + GA features are open to all developers and are considered stable + and fully qualified for production use. + - >- + Deprecated features are scheduled to be shut down and removed. For + more information, see the "Deprecation Policy" section of our + Terms of Service (https://cloud.google.com/terms/) and the Google + Cloud Platform Subject to the Deprecation Policy + (https://cloud.google.com/terms/deprecation) documentation. + enum: + - LAUNCH_STAGE_UNSPECIFIED + - UNIMPLEMENTED + - PRELAUNCH + - EARLY_ACCESS + - ALPHA + - BETA + - GA + - DEPRECATED + type: string + metricKind: + enum: + - METRIC_KIND_UNSPECIFIED + - GAUGE + - DELTA + - CUMULATIVE + description: >- + Whether the metric records instantaneous values, changes to a value, + etc. Some combinations of metric_kind and value_type might not be + supported. + enumDescriptions: + - Do not use this default value. + - An instantaneous measurement of a value. + - The change in a value during a time interval. + - >- + A value accumulated over a time interval. Cumulative measurements + in a time series should have the same start time and increasing + end times, until an event resets the cumulative value to zero and + sets a new start time for the following points. + type: string + description: + type: string + description: >- + A detailed description of the metric, which can be used in + documentation. + metadata: + description: Optional. Metadata which can be used to guide usage of the metric. + $ref: '#/components/schemas/MetricDescriptorMetadata' + valueType: + type: string + description: >- + Whether the measurement is an integer, a floating-point number, etc. + Some combinations of metric_kind and value_type might not be + supported. + enum: + - VALUE_TYPE_UNSPECIFIED + - BOOL + - INT64 + - DOUBLE + - STRING + - DISTRIBUTION + - MONEY + enumDescriptions: + - Do not use this default value. + - >- + The value is a boolean. This value type can be used only if the + metric kind is GAUGE. + - The value is a signed 64-bit integer. + - The value is a double precision floating point number. + - >- + The value is a text string. This value type can be used only if + the metric kind is GAUGE. + - The value is a Distribution. + - The value is money. + name: + description: The resource name of the metric descriptor. + type: string + type: + description: >- + The metric type, including its DNS name prefix. The type is not + URL-encoded. All user-defined metric types have the DNS name + custom.googleapis.com or external.googleapis.com. Metric types + should use a natural hierarchical grouping. For example: + "custom.googleapis.com/invoice/paid/amount" + "external.googleapis.com/prometheus/up" + "appengine.googleapis.com/http/server/response_latencies" + type: string + unit: + type: string + description: >- + The units in which the metric value is reported. It is only + applicable if the value_type is INT64, DOUBLE, or DISTRIBUTION. The + unit defines the representation of the stored metric + values.Different systems might scale the values to be more easily + displayed (so a value of 0.02kBy might be displayed as 20By, and a + value of 3523kBy might be displayed as 3.5MBy). However, if the unit + is kBy, then the value of the metric is always in thousands of + bytes, no matter how it might be displayed.If you want a custom + metric to record the exact number of CPU-seconds used by a job, you + can create an INT64 CUMULATIVE metric whose unit is s{CPU} (or + equivalently 1s{CPU} or just s). If the job uses 12,005 CPU-seconds, + then the value is written as 12005.Alternatively, if you want a + custom metric to record data in a more granular way, you can create + a DOUBLE CUMULATIVE metric whose unit is ks{CPU}, and then write the + value 12.005 (which is 12005/1000), or use Kis{CPU} and write 11.723 + (which is 12005/1024).The supported units are a subset of The + Unified Code for Units of Measure + (https://unitsofmeasure.org/ucum.html) standard:Basic units (UNIT) + bit bit By byte s second min minute h hour d day 1 + dimensionlessPrefixes (PREFIX) k kilo (10^3) M mega (10^6) G giga + (10^9) T tera (10^12) P peta (10^15) E exa (10^18) Z zetta (10^21) Y + yotta (10^24) m milli (10^-3) u micro (10^-6) n nano (10^-9) p pico + (10^-12) f femto (10^-15) a atto (10^-18) z zepto (10^-21) y yocto + (10^-24) Ki kibi (2^10) Mi mebi (2^20) Gi gibi (2^30) Ti tebi (2^40) + Pi pebi (2^50)GrammarThe grammar also includes these connectors: / + division or ratio (as an infix operator). For examples, kBy/{email} + or MiBy/10ms (although you should almost never have /s in a metric + unit; rates should always be computed at query time from the + underlying cumulative or delta value). . multiplication or + composition (as an infix operator). For examples, GBy.d or + k{watt}.h.The grammar for a unit is as follows: Expression = + Component { "." Component } { "/" Component } ; Component = ( [ + PREFIX ] UNIT | "%" ) [ Annotation ] | Annotation | "1" ; Annotation + = "{" NAME "}" ; Notes: Annotation is just a comment if it follows a + UNIT. If the annotation is used alone, then the unit is equivalent + to 1. For examples, {request}/s == 1/s, By{transmitted}/s == By/s. + NAME is a sequence of non-blank printable ASCII characters not + containing { or }. 1 represents a unitary dimensionless unit + (https://en.wikipedia.org/wiki/Dimensionless_quantity) of 1, such as + in 1/s. It is typically used when none of the basic units are + appropriate. For example, "new users per day" can be represented as + 1/d or {new-users}/d (and a metric value 5 would mean "5 new users). + Alternatively, "thousands of page views per day" would be + represented as 1000/d or k1/d or k{page_views}/d (and a metric value + of 5.3 would mean "5300 page views per day"). % represents + dimensionless value of 1/100, and annotates values giving a + percentage (so the metric values are typically in the range of + 0..100, and a metric value 3 means "3 percent"). 10^2.% indicates a + metric contains a ratio, typically in the range 0..1, that will be + multiplied by 100 and displayed as a percentage (so a metric value + 0.03 means "3 percent"). + description: >- + Defines a metric type and its schema. Once a metric descriptor is + created, deleting or altering it stops data collection and makes the + metric type's existing data unusable. + type: object + id: MetricDescriptor + BucketOptions: + type: object + description: >- + BucketOptions describes the bucket boundaries used to create a histogram + for the distribution. The buckets can be in a linear sequence, an + exponential sequence, or each bucket can be specified explicitly. + BucketOptions does not include the number of values in each bucket.A + bucket has an inclusive lower bound and exclusive upper bound for the + values that are counted for that bucket. The upper bound of a bucket + must be strictly greater than the lower bound. The sequence of N buckets + for a distribution consists of an underflow bucket (number 0), zero or + more finite buckets (number 1 through N - 2) and an overflow bucket + (number N - 1). The buckets are contiguous: the lower bound of bucket i + (i > 0) is the same as the upper bound of bucket i - 1. The buckets span + the whole range of finite values: lower bound of the underflow bucket is + -infinity and the upper bound of the overflow bucket is +infinity. The + finite buckets are so-called because both bounds are finite. + id: BucketOptions + properties: + exponentialBuckets: + $ref: '#/components/schemas/Exponential' + description: The exponential buckets. + explicitBuckets: + description: The explicit buckets. + $ref: '#/components/schemas/Explicit' + linearBuckets: + $ref: '#/components/schemas/Linear' + description: The linear bucket. + ListSinksResponse: + type: object + id: ListSinksResponse + properties: + sinks: + type: array + items: + $ref: '#/components/schemas/LogSink' + description: A list of sinks. + nextPageToken: + type: string + description: >- + If there might be more results than appear in this response, then + nextPageToken is included. To get the next set of results, call the + same method again using the value of nextPageToken as pageToken. + description: Result returned from ListSinks. + Linear: + properties: + offset: + description: Lower bound of the first bucket. + format: double + type: number + numFiniteBuckets: + format: int32 + type: integer + description: Must be greater than 0. + width: + type: number + description: Must be greater than 0. + format: double + type: object + description: >- + Specifies a linear sequence of buckets that all have the same width + (except overflow and underflow). Each bucket represents a constant + absolute uncertainty on the specific value in the bucket.There are + num_finite_buckets + 2 (= N) buckets. Bucket i has the following + boundaries:Upper bound (0 <= i < N-1): offset + (width * i).Lower bound + (1 <= i < N): offset + (width * (i - 1)). + id: Linear + Policy: + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources.A Policy is a collection of + bindings. A binding binds one or more members, or principals, to a + single role. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A role is a named list of + permissions; each role can be an IAM predefined role or a user-created + custom role.For some types of Google Cloud resources, a binding can also + specify a condition, which is a logical expression that allows access to + a resource only if the expression evaluates to true. A condition can add + constraints based on attributes of the request, the resource, or both. + To learn which resources support conditions in their IAM policies, see + the IAM documentation + (https://cloud.google.com/iam/help/conditions/resource-policies).JSON + example: { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } YAML example: bindings: - members: - + user:mike@example.com - group:admins@example.com - domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For + a description of IAM and its features, see the IAM documentation + (https://cloud.google.com/iam/docs/). + id: Policy + properties: + etag: + format: byte + description: >- + etag is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the etag in + the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An etag is returned in the response to + getIamPolicy, and systems are expected to put that etag in the + request to setIamPolicy to ensure that their change will be applied + to the same version of the policy.Important: If you use IAM + Conditions, you must include the etag field whenever you call + setIamPolicy. If you omit this field, then IAM allows you to + overwrite a version 3 policy with a version 1 policy, and all of the + conditions in the version 3 policy are lost. + type: string + version: + format: int32 + type: integer + description: >- + Specifies the format of the policy.Valid values are 0, 1, and 3. + Requests that specify an invalid value are rejected.Any operation + that affects conditional role bindings must specify version 3. This + requirement applies to the following operations: Getting a policy + that includes a conditional role binding Adding a conditional role + binding to a policy Changing a conditional role binding in a policy + Removing any role binding, with or without a condition, from a + policy that includes conditionsImportant: If you use IAM Conditions, + you must include the etag field whenever you call setIamPolicy. If + you omit this field, then IAM allows you to overwrite a version 3 + policy with a version 1 policy, and all of the conditions in the + version 3 policy are lost.If a policy does not include any + conditions, operations on that policy may specify any valid version + or leave the field unset.To learn which resources support conditions + in their IAM policies, see the IAM documentation + (https://cloud.google.com/iam/help/conditions/resource-policies). + bindings: + items: + $ref: '#/components/schemas/Binding' + type: array + description: >- + Associates a list of members, or principals, with a role. + Optionally, may specify a condition that determines how and when the + bindings are applied. Each of the bindings must contain at least one + principal.The bindings in a Policy can refer to up to 1,500 + principals; up to 250 of these principals can be Google groups. Each + occurrence of a principal counts towards these limits. For example, + if the bindings grant 50 different roles to user:alice@example.com, + and not to any other principal, then you can add another 1,450 + principals to the bindings in the Policy. + type: object + UpdateBucketRequest: + description: The parameters to UpdateBucket. + id: UpdateBucketRequest + properties: + bucket: + $ref: '#/components/schemas/LogBucket' + description: Required. The updated bucket. + updateMask: + format: google-fieldmask + description: >- + Required. Field mask that specifies the fields in bucket that need + an update. A bucket field will be overwritten if, and only if, it is + in the update mask. name and output only fields cannot be + updated.For a detailed FieldMask definition, see: + https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#google.protobuf.FieldMaskFor + example: updateMask=retention_days + type: string + name: + type: string + description: >- + Required. The full resource name of the bucket to update. + "projects/[PROJECT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]" + "organizations/[ORGANIZATION_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]" + "billingAccounts/[BILLING_ACCOUNT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]" + "folders/[FOLDER_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]" + For example:"projects/my-project/locations/global/buckets/my-bucket" + type: object + LabelDescriptor: + type: object + properties: + valueType: + enum: + - STRING + - BOOL + - INT64 + description: The type of data that can be assigned to the label. + enumDescriptions: + - A variable-length string. This is the default. + - Boolean; true or false. + - A 64-bit signed integer. + type: string + key: + type: string + description: The label key. + description: + type: string + description: A human-readable description for the label. + description: A description of a label. + id: LabelDescriptor + ListLogScopesResponse: + id: ListLogScopesResponse + type: object + properties: + nextPageToken: + description: >- + If there might be more results than appear in this response, then + nextPageToken is included. To get the next set of results, call the + same method again using the value of nextPageToken as pageToken. + type: string + logScopes: + description: A list of log scopes. + type: array + items: + $ref: '#/components/schemas/LogScope' + description: >- + The response from ListLogScopes. Every project has a _Default log scope + that cannot be modified or deleted. + TailLogEntriesRequest: + properties: + resourceNames: + description: >- + Required. Name of a parent resource from which to retrieve log + entries: projects/[PROJECT_ID] organizations/[ORGANIZATION_ID] + billingAccounts/[BILLING_ACCOUNT_ID] folders/[FOLDER_ID]May + alternatively be one or more views: + projects/[PROJECT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/views/[VIEW_ID] + organizations/[ORGANIZATION_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/views/[VIEW_ID] + billingAccounts/[BILLING_ACCOUNT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/views/[VIEW_ID] + folders/[FOLDER_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/views/[VIEW_ID] + items: + type: string + type: array + bufferWindow: + type: string + format: google-duration + description: >- + Optional. The amount of time to buffer log entries at the server + before being returned to prevent out of order results due to late + arriving log entries. Valid values are between 0-60000 milliseconds. + Defaults to 2000 milliseconds. + filter: + description: >- + Optional. Only log entries that match the filter are returned. An + empty filter matches all log entries in the resources listed in + resource_names. Referencing a parent resource that is not listed in + resource_names will cause the filter to return no results. The + maximum length of a filter is 20,000 characters. + type: string + id: TailLogEntriesRequest + description: The parameters to TailLogEntries. + type: object + Settings: + id: Settings + description: >- + Describes the settings associated with a project, folder, organization, + or billing account. + type: object + properties: + name: + description: Output only. The resource name of the settings. + readOnly: true + type: string + disableDefaultSink: + description: >- + Optional. If set to true, the _Default sink in newly created + projects and folders will created in a disabled state. This can be + used to automatically disable log storage if there is already an + aggregated sink configured in the hierarchy. The _Default sink can + be re-enabled manually if needed. + type: boolean + defaultSinkConfig: + description: Optional. Overrides the built-in configuration for _Default sink. + $ref: '#/components/schemas/DefaultSinkConfig' + storageLocation: + type: string + description: >- + Optional. The storage location for the _Default and _Required log + buckets of newly created projects and folders, unless the storage + location is explicitly provided.Example value: europe-west1.Note: + this setting does not affect the location of resources where a + location is explicitly provided when created, such as custom log + buckets. + kmsServiceAccountId: + type: string + description: >- + Output only. The service account that will be used by the Log Router + to access your Cloud KMS key.Before enabling CMEK, you must first + assign the role roles/cloudkms.cryptoKeyEncrypterDecrypter to the + service account that will be used to access your Cloud KMS key. Use + GetSettings to obtain the service account ID.See Enabling CMEK for + Log Router + (https://cloud.google.com/logging/docs/routing/managed-encryption) + for more information. + readOnly: true + loggingServiceAccountId: + description: >- + Output only. The service account for the given resource container, + such as project or folder. Log sinks use this service account as + their writer_identity if no custom service account is provided in + the request when calling the create sink method. + type: string + readOnly: true + kmsKeyName: + type: string + description: >- + Optional. The resource name for the configured Cloud KMS key.KMS key + name format: + "projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEYRING]/cryptoKeys/[KEY]" + For + example:"projects/my-project/locations/us-central1/keyRings/my-ring/cryptoKeys/my-key"To + enable CMEK, set this field to a valid kms_key_name for which the + associated service account has the required + roles/cloudkms.cryptoKeyEncrypterDecrypter role assigned for the + key.The Cloud KMS key used by the Log Router can be updated by + changing the kms_key_name to a new valid key name.To disable CMEK + for the Log Router, set this field to an empty string.See Enabling + CMEK for Log Router + (https://cloud.google.com/logging/docs/routing/managed-encryption) + for more information. + AppHub: + properties: + workload: + $ref: '#/components/schemas/AppHubWorkload' + description: Metadata associated with the workload. + service: + description: Metadata associated with the service. + $ref: '#/components/schemas/AppHubService' + application: + description: Metadata associated with the application. + $ref: '#/components/schemas/AppHubApplication' + description: Metadata associated with App Hub. + type: object + id: AppHub + CancelOperationRequest: + properties: {} + type: object + description: The request message for Operations.CancelOperation. + id: CancelOperationRequest + LogErrorGroup: + type: object + properties: + id: + description: >- + The id is a unique identifier for a particular error group; it is + the last part of the error group resource name: + /project/[PROJECT_ID]/errors/[ERROR_GROUP_ID]. Example: + COShysOX0r_51QE. The id is derived from key parts of the error-log + content and is treated as Service Data. For information about how + Service Data is handled, see Google Cloud Privacy Notice + (https://cloud.google.com/terms/cloud-privacy-notice). + type: string + id: LogErrorGroup + description: >- + Contains metadata that associates the LogEntry to Error Reporting error + groups. + GetPolicyOptions: + id: GetPolicyOptions + properties: + requestedPolicyVersion: + description: >- + Optional. The maximum policy version that will be used to format the + policy.Valid values are 0, 1, and 3. Requests specifying an invalid + value will be rejected.Requests for policies with any conditional + role bindings must specify version 3. Policies with no conditional + role bindings may specify any valid value or leave the field + unset.The policy in the response might use the policy version that + you specified, or it might use a lower policy version. For example, + if you specify version 3, but the policy has no conditional role + bindings, the response uses version 1.To learn which resources + support conditions in their IAM policies, see the IAM documentation + (https://cloud.google.com/iam/help/conditions/resource-policies). + type: integer + format: int32 + type: object + description: Encapsulates settings provided to GetIamPolicy. + ListMonitoredResourceDescriptorsResponse: + type: object + description: Result returned from ListMonitoredResourceDescriptors. + properties: + resourceDescriptors: + type: array + items: + $ref: '#/components/schemas/MonitoredResourceDescriptor' + description: A list of resource descriptors. + nextPageToken: + type: string + description: >- + If there might be more results than those appearing in this + response, then nextPageToken is included. To get the next set of + results, call this method again using the value of nextPageToken as + pageToken. + id: ListMonitoredResourceDescriptorsResponse + CopyLogEntriesRequest: + description: The parameters to CopyLogEntries. + properties: + name: + type: string + description: >- + Required. Log bucket from which to copy log entries.For + example:"projects/my-project/locations/global/buckets/my-source-bucket" + destination: + description: >- + Required. Destination to which to copy log entries. For example: + "storage.googleapis.com/GCS_BUCKET" + type: string + filter: + type: string + description: >- + Optional. A filter specifying which log entries to copy. The filter + must be no more than 20k characters. An empty filter matches all log + entries. + type: object + id: CopyLogEntriesRequest + LogEntry: + properties: + jsonPayload: + additionalProperties: + type: any + description: Properties of the object. + description: >- + The log entry payload, represented as a structure that is expressed + as a JSON object. + type: object + receiveTimestamp: + description: Output only. The time the log entry was received by Logging. + format: google-datetime + readOnly: true + type: string + apphubDestination: readOnly: true + $ref: '#/components/schemas/AppHub' + description: >- + Output only. AppHub application metadata associated with the + destination application. This is only populated if the log + represented "edge"-like data (such as for VPC flow logs) with a + source and destination. + logName: + description: >- + Required. The resource name of the log to which this log entry + belongs: "projects/[PROJECT_ID]/logs/[LOG_ID]" + "organizations/[ORGANIZATION_ID]/logs/[LOG_ID]" + "billingAccounts/[BILLING_ACCOUNT_ID]/logs/[LOG_ID]" + "folders/[FOLDER_ID]/logs/[LOG_ID]" A project number may be used in + place of PROJECT_ID. The project number is translated to its + corresponding PROJECT_ID internally and the log_name field will + contain PROJECT_ID in queries and exports.[LOG_ID] must be + URL-encoded within log_name. Example: + "organizations/1234567890/logs/cloudresourcemanager.googleapis.com%2Factivity".[LOG_ID] + must be less than 512 characters long and can only include the + following characters: upper and lower case alphanumeric characters, + forward-slash, underscore, hyphen, and period.For backward + compatibility, if log_name begins with a forward-slash, such as + /projects/..., then the log entry is processed as usual, but the + forward-slash is removed. Listing the log entry will not show the + leading slash and filtering for a log name with a leading slash will + never return any results. + type: string + metadata: + description: >- + Output only. Deprecated. This field is not used by Logging. Any + value written to it is cleared. deprecated: true + readOnly: true $ref: '#/components/schemas/MonitoredResourceMetadata' + spanId: + description: >- + Optional. The ID of the Cloud Trace (https://cloud.google.com/trace) + span associated with the current operation in which the log is being + written. For example, if a span has the REST resource name of + "projects/some-project/traces/some-trace/spans/some-span-id", then + the span_id field is "some-span-id".A Span + (https://cloud.google.com/trace/docs/reference/v2/rest/v2/projects.traces/batchWrite#Span) + represents a single operation within a trace. Whereas a trace may + involve multiple different microservices running on multiple + different machines, a span generally corresponds to a single logical + operation being performed in a single instance of a microservice on + one specific machine. Spans are the nodes within the tree that is a + trace.Applications that are instrumented for tracing + (https://cloud.google.com/trace/docs/setup) will generally assign a + new, unique span ID on each incoming request. It is also common to + create and record additional spans corresponding to internal + processing elements as well as issuing requests to dependencies.The + span ID is expected to be a 16-character, hexadecimal encoding of an + 8-byte array and should not be zero. It should be unique within the + trace and should, ideally, be generated in a manner that is + uniformly random.Example values: 000000000000004a 7a2190356c3fc94b + 0000f00300090021 d39223e101960076 + type: string + timestamp: + format: google-datetime + description: >- + Optional. The time the event described by the log entry occurred. + This time is used to compute the log entry's age and to enforce the + logs retention period. If this field is omitted in a new log entry, + then Logging assigns it the current time. Timestamps have nanosecond + accuracy, but trailing zeros in the fractional seconds might be + omitted when the timestamp is displayed.Incoming log entries must + have timestamps that don't exceed the logs retention period + (https://cloud.google.com/logging/quotas#logs_retention_periods) in + the past, and that don't exceed 24 hours in the future. Log entries + outside those time boundaries are rejected by Logging. + type: string + traceSampled: + description: >- + Optional. The sampling decision of the span associated with the log + entry at the time the log entry was created. This field corresponds + to the sampled flag in the W3C trace-context specification + (https://www.w3.org/TR/trace-context/#sampled-flag). A non-sampled + trace value is still useful as a request correlation identifier. The + default is False. + type: boolean + sourceLocation: + $ref: '#/components/schemas/LogEntrySourceLocation' + description: >- + Optional. Source code location information associated with the log + entry, if any. + apphub: + readOnly: true + $ref: '#/components/schemas/AppHub' + description: >- + Output only. AppHub application metadata associated with this + LogEntry. May be empty if there is no associated AppHub application + or multiple associated applications (such as for VPC flow logs) + protoPayload: + description: >- + The log entry payload, represented as a protocol buffer. Some Google + Cloud Platform services use this field for their log entry + payloads.The following protocol buffer types are supported; + user-defined types are not + supported:"type.googleapis.com/google.cloud.audit.AuditLog" + "type.googleapis.com/google.appengine.logging.v1.RequestLog" + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any operation: description: >- - Optional. Information about an operation associated with the log - entry, if applicable. - $ref: '#/components/schemas/LogEntryOperation' + Optional. Information about an operation associated with the log + entry, if applicable. + $ref: '#/components/schemas/LogEntryOperation' + split: + description: >- + Optional. Information indicating this LogEntry is part of a sequence + of multiple log entries split from a single LogEntry. + $ref: '#/components/schemas/LogSplit' + insertId: + description: >- + Optional. A unique identifier for the log entry. If you provide a + value, then Logging considers other log entries in the same project, + with the same timestamp, and with the same insert_id to be + duplicates which are removed in a single query result. However, + there are no guarantees of de-duplication in the export of logs.If + the insert_id is omitted when writing a log entry, the Logging API + assigns its own unique identifier in this field.In queries, the + insert_id is also used to order log entries that have the same + log_name and timestamp values. + type: string + severity: + type: string + enum: + - DEFAULT + - DEBUG + - INFO + - NOTICE + - WARNING + - ERROR + - CRITICAL + - ALERT + - EMERGENCY + description: >- + Optional. The severity of the log entry. The default value is + LogSeverity.DEFAULT. + enumDescriptions: + - (0) The log entry has no assigned severity level. + - (100) Debug or trace information. + - (200) Routine information, such as ongoing status or performance. + - >- + (300) Normal but significant events, such as start up, shut down, + or a configuration change. + - (400) Warning events might cause problems. + - (500) Error events are likely to cause problems. + - (600) Critical events cause more severe problems or outages. + - (700) A person must take an action immediately. + - (800) One or more systems are unusable. + httpRequest: + description: >- + Optional. Information about the HTTP request associated with this + log entry, if applicable. + $ref: '#/components/schemas/HttpRequest' trace: + type: string description: >- Optional. The REST resource name of the trace being written to Cloud Trace (https://cloud.google.com/trace) in association with this log @@ -1765,51 +1987,12 @@ components: "projects/my-trace-project/traces/12345".The trace field provides the link between logs and traces. By using this field, you can navigate from a log entry to a trace. + textPayload: + description: The log entry payload, represented as a Unicode string (UTF-8). type: string - spanId: - description: >- - Optional. The ID of the Cloud Trace (https://cloud.google.com/trace) - span associated with the current operation in which the log is being - written. For example, if a span has the REST resource name of - "projects/some-project/traces/some-trace/spans/some-span-id", then - the span_id field is "some-span-id".A Span - (https://cloud.google.com/trace/docs/reference/v2/rest/v2/projects.traces/batchWrite#Span) - represents a single operation within a trace. Whereas a trace may - involve multiple different microservices running on multiple - different machines, a span generally corresponds to a single logical - operation being performed in a single instance of a microservice on - one specific machine. Spans are the nodes within the tree that is a - trace.Applications that are instrumented for tracing - (https://cloud.google.com/trace/docs/setup) will generally assign a - new, unique span ID on each incoming request. It is also common to - create and record additional spans corresponding to internal - processing elements as well as issuing requests to dependencies.The - span ID is expected to be a 16-character, hexadecimal encoding of an - 8-byte array and should not be zero. It should be unique within the - trace and should, ideally, be generated in a manner that is - uniformly random.Example values: 000000000000004a 7a2190356c3fc94b - 0000f00300090021 d39223e101960076 - type: string - traceSampled: - description: >- - Optional. The sampling decision of the span associated with the log - entry at the time the log entry was created. This field corresponds - to the sampled flag in the W3C trace-context specification - (https://www.w3.org/TR/trace-context/#sampled-flag). A non-sampled - trace value is still useful as a request correlation identifier. The - default is False. - type: boolean - sourceLocation: - description: >- - Optional. Source code location information associated with the log - entry, if any. - $ref: '#/components/schemas/LogEntrySourceLocation' - split: - description: >- - Optional. Information indicating this LogEntry is part of a sequence - of multiple log entries split from a single LogEntry. - $ref: '#/components/schemas/LogSplit' errorGroups: + items: + $ref: '#/components/schemas/LogErrorGroup' description: >- Output only. The Error Reporting (https://cloud.google.com/error-reporting) error groups associated @@ -1821,168 +2004,71 @@ components: (https://cloud.google.com/logging/docs/routing/overview) readOnly: true type: array - items: - $ref: '#/components/schemas/LogErrorGroup' - apphub: - description: >- - Output only. AppHub application metadata associated with this - LogEntry. May be empty if there is no associated AppHub application - or multiple associated applications (such as for VPC flow logs) - readOnly: true - $ref: '#/components/schemas/AppHub' - apphubDestination: - description: >- - Output only. AppHub application metadata associated with the - destination application. This is only populated if the log - represented "edge"-like data (such as for VPC flow logs) with a - source and destination. - readOnly: true - $ref: '#/components/schemas/AppHub' - HttpRequest: - id: HttpRequest - description: >- - A common proto for logging HTTP requests. Only contains semantics - defined by the HTTP specification. Product-specific logging information - MUST be defined in a separate message. - type: object - properties: - requestMethod: - description: 'The request method. Examples: "GET", "HEAD", "PUT", "POST".' - type: string - requestUrl: - description: >- - The scheme (http, https), the host name, the path and the query - portion of the URL that was requested. Example: - "http://example.com/some/info?color=red". - type: string - requestSize: - description: >- - The size of the HTTP request message in bytes, including the request - headers and the request body. - type: string - format: int64 - status: - description: >- - The response code indicating the status of response. Examples: 200, - 404. - type: integer - format: int32 - responseSize: - description: >- - The size of the HTTP response message sent back to the client, in - bytes, including the response headers and the response body. - type: string - format: int64 - userAgent: - description: >- - The user agent sent by the client. Example: "Mozilla/4.0 - (compatible; MSIE 6.0; Windows 98; Q312461; .NET CLR 1.0.3705)". - type: string - remoteIp: - description: >- - The IP address (IPv4 or IPv6) of the client that issued the HTTP - request. This field can include port information. Examples: - "192.168.1.1", "10.0.0.1:80", "FE80::0202:B3FF:FE1E:8329". - type: string - serverIp: - description: >- - The IP address (IPv4 or IPv6) of the origin server that the request - was sent to. This field can include port information. Examples: - "192.168.1.1", "10.0.0.1:80", "FE80::0202:B3FF:FE1E:8329". - type: string - referer: - description: >- - The referer URL of the request, as defined in HTTP/1.1 Header Field - Definitions - (https://datatracker.ietf.org/doc/html/rfc2616#section-14.36). - type: string - latency: - description: >- - The request processing latency on the server, from the time the - request was received until the response was sent. For WebSocket - connections, this field refers to the entire time duration of the - connection. - type: string - format: google-duration - cacheLookup: - description: Whether or not a cache lookup was attempted. - type: boolean - cacheHit: - description: >- - Whether or not an entity was served from cache (with or without - validation). - type: boolean - cacheValidatedWithOriginServer: - description: >- - Whether or not the response was validated with the origin server - before being served from cache. This field is only meaningful if - cache_hit is True. - type: boolean - cacheFillBytes: - description: >- - The number of HTTP response bytes inserted into cache. Set only when - a cache fill was attempted. - type: string - format: int64 - protocol: - description: 'Protocol used for the request. Examples: "HTTP/1.1", "HTTP/2"' - type: string - MonitoredResourceMetadata: - id: MonitoredResourceMetadata - description: >- - Auxiliary metadata for a MonitoredResource object. MonitoredResource - objects contain the minimum set of information to uniquely identify a - monitored resource instance. There is some other useful auxiliary - metadata. Monitoring and Logging use an ingestion pipeline to extract - metadata for cloud resources of all types, and store the metadata in - this message. - type: object - properties: - systemLabels: + labels: description: >- - Output only. Values for predefined system metadata labels. System - labels are a kind of metadata extracted by Google, including - "machine_image", "vpc", "subnet_id", "security_group", "name", etc. - System label values can be only strings, Boolean values, or a list - of strings. For example: { "name": "my-test-instance", - "security_group": ["a", "b", "c"], "spot_instance": false } - type: object - additionalProperties: - type: any - description: Properties of the object. - userLabels: - description: Output only. A map of user-defined metadata labels. - type: object + Optional. A map of key, value pairs that provides additional + information about the log entry. The labels can be user-defined or + system-defined.User-defined labels are arbitrary key, value pairs + that you can use to classify logs.System-defined labels are defined + by GCP services for platform logs. They have two components - a + service namespace component and the attribute name. For example: + compute.googleapis.com/resource_name.Cloud Logging truncates label + keys that exceed 512 B and label values that exceed 64 KB upon their + associated log entry being written. The truncation is indicated by + an ellipsis at the end of the character string. additionalProperties: type: string - LogEntryOperation: - id: LogEntryOperation - description: >- - Additional information about a potentially long-running operation with - which a log entry is associated. + type: object + resource: + $ref: '#/components/schemas/MonitoredResource' + description: >- + Required. The monitored resource that produced this log + entry.Example: a log entry that reports a database error would be + associated with the monitored resource designating the particular + database that reported the error. type: object + id: LogEntry + description: An individual entry in a log. + ListRecentQueriesResponse: + description: The response from ListRecentQueries. + id: ListRecentQueriesResponse properties: - id: - description: >- - Optional. An arbitrary operation identifier. Log entries with the - same identifier are assumed to be part of the same operation. - type: string - producer: + unreachable: description: >- - Optional. An arbitrary producer identifier. The combination of id - and producer must be globally unique. Examples for producer: - "MyDivision.MyBigCompany.com", "github.com/MyProject/MyApplication". + The unreachable resources. Each resource can be either 1) a saved + query if a specific query is unreachable or 2) a location if a + specific location is unreachable. + "projects/[PROJECT_ID]/locations/[LOCATION_ID]/recentQueries/[QUERY_ID]" + "projects/[PROJECT_ID]/locations/[LOCATION_ID]" For + example:"projects/my-project/locations/global/recentQueries/12345678" + "projects/my-project/locations/global"If there are unreachable + resources, the response will first return pages that contain recent + queries, and then return pages that contain the unreachable + resources. + type: array + items: + type: string + nextPageToken: type: string - first: - description: >- - Optional. Set this to True if this is the first log entry in the - operation. - type: boolean - last: description: >- - Optional. Set this to True if this is the last log entry in the - operation. - type: boolean + If there might be more results than appear in this response, then + nextPageToken is included. To get the next set of results, call the + same method again using the value of nextPageToken as pageToken. + recentQueries: + description: A list of recent queries. + type: array + items: + $ref: '#/components/schemas/RecentQuery' + type: object + Empty: + id: Empty + properties: {} + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object LogEntrySourceLocation: id: LogEntrySourceLocation description: >- @@ -1990,17 +2076,6 @@ components: log entry. type: object properties: - file: - description: >- - Optional. Source file name. Depending on the runtime environment, - this might be a simple name or a fully-qualified name. - type: string - line: - description: >- - Optional. Line within the source file. 1-based; 0 indicates no line - number available. - type: string - format: int64 function: description: >- Optional. Human-readable name of the function or method being @@ -2010,133 +2085,267 @@ components: vary by language. For example: qual.if.ied.Class.method (Java), dir/package.func (Go), function (Python). type: string - LogSplit: - id: LogSplit - description: >- - Additional information used to correlate multiple log entries. Used when - a single LogEntry would exceed the Google Cloud Logging size limit and - is split across multiple log entries. - type: object - properties: - uid: + line: description: >- - A globally unique identifier for all log entries in a sequence of - split log entries. All log entries with the same |LogSplit.uid| are - assumed to be part of the same sequence of split log entries. + Optional. Line within the source file. 1-based; 0 indicates no line + number available. + format: int64 + type: string + file: type: string - index: description: >- - The index of this LogEntry in the sequence of split log entries. Log - entries are given |index| values 0, 1, ..., n-1 for a sequence of n - log entries. - type: integer - format: int32 - totalSplits: + Optional. Source file name. Depending on the runtime environment, + this might be a simple name or a fully-qualified name. + ListLogMetricsResponse: + id: ListLogMetricsResponse + description: Result returned from ListLogMetrics. + properties: + metrics: + type: array + description: A list of logs-based metrics. + items: + $ref: '#/components/schemas/LogMetric' + nextPageToken: description: >- - The total number of log entries that the original LogEntry was split - into. - type: integer - format: int32 - LogErrorGroup: - id: LogErrorGroup - description: >- - Contains metadata that associates the LogEntry to Error Reporting error - groups. + If there might be more results than appear in this response, then + nextPageToken is included. To get the next set of results, call this + method again using the value of nextPageToken as pageToken. + type: string type: object + MonitoredResource: + id: MonitoredResource + type: object + description: >- + An object representing a resource that can be used for monitoring, + logging, billing, or other purposes. Examples include virtual machine + instances, databases, and storage devices such as disks. The type field + identifies a MonitoredResourceDescriptor object that describes the + resource's schema. Information in the labels field identifies the actual + resource and its attributes according to the schema. For example, a + particular Compute Engine VM instance could be represented by the + following object, because the MonitoredResourceDescriptor for + "gce_instance" has labels "project_id", "instance_id" and "zone": { + "type": "gce_instance", "labels": { "project_id": "my-project", + "instance_id": "12345678901234", "zone": "us-central1-a" }} properties: - id: + labels: + type: object description: >- - The id is a unique identifier for a particular error group; it is - the last part of the error group resource name: - /project/[PROJECT_ID]/errors/[ERROR_GROUP_ID]. Example: - COShysOX0r_51QE. The id is derived from key parts of the error-log - content and is treated as Service Data. For information about how - Service Data is handled, see Google Cloud Privacy Notice - (https://cloud.google.com/terms/cloud-privacy-notice). + Required. Values for all of the labels listed in the associated + monitored resource descriptor. For example, Compute Engine VM + instances use the labels "project_id", "instance_id", and "zone". + additionalProperties: + type: string + type: type: string - AppHub: - id: AppHub - description: Metadata associated with App Hub. + description: >- + Required. The monitored resource type. This field must match the + type field of a MonitoredResourceDescriptor object. For example, the + type of a Compute Engine VM instance is gce_instance. Some + descriptors include the service name in the type; for example, the + type of a Datastream stream is datastream.googleapis.com/Stream. + UndeleteBucketRequest: + description: The parameters to UndeleteBucket. + id: UndeleteBucketRequest + properties: {} type: object - properties: - application: - description: Metadata associated with the application. - $ref: '#/components/schemas/AppHubApplication' - service: - description: Metadata associated with the service. - $ref: '#/components/schemas/AppHubService' - workload: - description: Metadata associated with the workload. - $ref: '#/components/schemas/AppHubWorkload' - AppHubApplication: - id: AppHubApplication + LogSink: + id: LogSink description: >- - Resource identifiers associated with an AppHub application AppHub - resources are of the form projects//locations//applications/ - projects//locations//applications//services/ - projects//locations//applications//workloads/ These resources can be - reconstructed from the components below. - type: object + Describes a sink used to export log entries to one of the following + destinations: a Cloud Logging log bucket, a Cloud Storage bucket, a + BigQuery dataset, a Pub/Sub topic, a Cloud project.A logs filter + controls which log entries are exported. The sink must be created within + a project, organization, billing account, or folder. properties: - container: + disabled: description: >- - Resource container that owns the application. Example: - "projects/management_project" - type: string - location: - description: 'Location associated with the Application. Example: "us-east1"' + Optional. If set to true, then this sink is disabled and it does not + export any log entries. + type: boolean + writerIdentity: + description: >- + Output only. An IAM identity—a service account or group—under which + Cloud Logging writes the exported log entries to the sink's + destination. This field is either set by specifying + custom_writer_identity or set automatically by sinks.create and + sinks.update based on the value of unique_writer_identity in those + methods.Until you grant this identity write-access to the + destination, log entry exports from this sink will fail. For more + information, see Granting Access for a Resource + (https://cloud.google.com/iam/docs/granting-roles-to-service-accounts#granting_access_to_a_service_account_for_a_resource). + Consult the destination service's documentation to determine the + appropriate IAM roles to assign to the identity.Sinks that have a + destination that is a log bucket in the same project as the sink + cannot have a writer_identity and no additional permissions are + required. type: string - id: - description: 'Application Id. Example: "my-app"' + readOnly: true + createTime: + readOnly: true + description: >- + Output only. The creation timestamp of the sink.This field may not + be present for older sinks. type: string - AppHubService: - id: AppHubService - description: Metadata associated with an App Hub service. - type: object - properties: - id: - description: 'Service Id. Example: "my-service"' + format: google-datetime + bigqueryOptions: + description: Optional. Options that affect sinks exporting data to BigQuery. + $ref: '#/components/schemas/BigQueryOptions' + interceptChildren: + description: >- + Optional. This field applies only to sinks owned by organizations + and folders.When the value of 'intercept_children' is true, the + following restrictions apply: The sink must have the + include_children flag set to true. The sink destination must be a + Cloud project.Also, the following behaviors apply: Any logs matched + by the sink won't be included by non-_Required sinks owned by child + resources. The sink appears in the results of a ListSinks call from + a child resource if the value of the filter field in its request is + either 'in_scope("ALL")' or 'in_scope("ANCESTOR")'. + type: boolean + exclusions: + description: >- + Optional. Log entries that match any of these exclusion filters will + not be exported.If a log entry is matched by both filter and one of + exclusions it will not be exported. + type: array + items: + $ref: '#/components/schemas/LogExclusion' + name: + description: >- + Optional. The client-assigned sink identifier, unique within the + project.For example: "my-syslog-errors-to-pubsub".Sink identifiers + are limited to 100 characters and can include only the following + characters: upper and lower-case alphanumeric characters, + underscores, hyphens, periods.First character has to be + alphanumeric. type: string - environmentType: - description: 'Service environment type Example: "DEV"' + destination: + description: >- + Required. The export destination: + "storage.googleapis.com/[GCS_BUCKET]" + "bigquery.googleapis.com/projects/[PROJECT_ID]/datasets/[DATASET]" + "pubsub.googleapis.com/projects/[PROJECT_ID]/topics/[TOPIC_ID]" + "logging.googleapis.com/projects/[PROJECT_ID]" + "logging.googleapis.com/projects/[PROJECT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]" + The sink's writer_identity, set when the sink is created, must have + permission to write to the destination or else the log entries are + not exported. For more information, see Exporting Logs with Sinks + (https://cloud.google.com/logging/docs/api/tasks/exporting-logs). type: string - criticalityType: - description: 'Service criticality type Example: "CRITICAL"' + description: + description: >- + Optional. A description of this sink.The maximum length of the + description is 8000 characters. type: string - AppHubWorkload: - id: AppHubWorkload - description: Metadata associated with an App Hub workload. - type: object - properties: - id: - description: 'Workload Id. Example: "my-workload"' + outputVersionFormat: + description: Deprecated. This field is unused. + enumDescriptions: + - An unspecified format version that will default to V2. + - LogEntry version 2 format. + - LogEntry version 1 format. type: string - environmentType: - description: 'Workload environment type Example: "DEV"' + enum: + - VERSION_FORMAT_UNSPECIFIED + - V2 + - V1 + deprecated: true + resourceName: + readOnly: true type: string - criticalityType: - description: 'Workload criticality type Example: "CRITICAL"' + description: >- + Output only. The resource name of the sink. + "projects/[PROJECT_ID]/sinks/[SINK_NAME] + "organizations/[ORGANIZATION_ID]/sinks/[SINK_NAME] + "billingAccounts/[BILLING_ACCOUNT_ID]/sinks/[SINK_NAME] + "folders/[FOLDER_ID]/sinks/[SINK_NAME] For example: + projects/my_project/sinks/SINK_NAME + includeChildren: + type: boolean + description: >- + Optional. This field applies only to sinks owned by organizations + and folders. If the field is false, the default, only the logs owned + by the sink's parent resource are available for export. If the field + is true, then log entries from all the projects, folders, and + billing accounts contained in the sink's parent resource are also + available for export. Whether a particular log entry from the + children is exported depends on the sink's filter expression.For + example, if this field is true, then the filter + resource.type=gce_instance would export all Compute Engine VM + instance log entries from all projects in the sink's parent.To only + export entries from certain child projects, filter on the project + part of the log name:logName:("projects/test-project1/" OR + "projects/test-project2/") AND resource.type=gce_instance + updateTime: + format: google-datetime + readOnly: true + description: >- + Output only. The last update timestamp of the sink.This field may + not be present for older sinks. + type: string + filter: + description: >- + Optional. An advanced logs filter + (https://cloud.google.com/logging/docs/view/advanced-queries). The + only exported log entries are those that are in the resource owning + the sink and that match the filter.For + example:logName="projects/[PROJECT_ID]/logs/[LOG_ID]" AND + severity>=ERROR type: string - WriteLogEntriesResponse: - id: WriteLogEntriesResponse - description: Result returned from WriteLogEntries. type: object - properties: {} ListLogEntriesRequest: id: ListLogEntriesRequest description: The parameters to ListLogEntries. - type: object properties: projectIds: description: >- Optional. Deprecated. Use resource_names instead. One or more project identifiers or project numbers from which to retrieve log entries. Example: "my-project-1A". - deprecated: true type: array items: type: string + deprecated: true + orderBy: + description: >- + Optional. How the results should be sorted. Presently, the only + permitted values are "timestamp asc" (default) and "timestamp desc". + The first option returns entries in order of increasing values of + LogEntry.timestamp (oldest first), and the second option returns + entries in order of decreasing timestamps (newest first). Entries + with equal timestamps are returned in order of their insert_id + values.We recommend setting the order_by field to "timestamp desc" + when listing recently ingested log entries. If not set, the default + value of "timestamp asc" may take a long time to fetch matching logs + that are only recently ingested. + type: string + pageSize: + format: int32 + type: integer + description: >- + Optional. The maximum number of results to return from this request. + Default is 50. If the value is negative, the request is rejected.The + presence of next_page_token in the response indicates that more + results might be available. + filter: + type: string + description: >- + Optional. A filter that chooses which log entries to return. For + more information, see Logging query language + (https://cloud.google.com/logging/docs/view/logging-query-language).Only + log entries that match the filter are returned. An empty filter + matches all log entries in the resources listed in resource_names. + Referencing a parent resource that is not listed in resource_names + will cause the filter to return no results. The maximum length of a + filter is 20,000 characters.To make queries faster, you can make the + filter more selective by using restrictions on indexed fields + (https://cloud.google.com/logging/docs/view/logging-query-language#indexed-fields) + as well as limit the time range of the query by adding range + restrictions on the timestamp field. resourceNames: + type: array + items: + type: string description: >- Required. Names of one or more parent resources from which to retrieve log entries. Resources may either be resource containers or @@ -2154,116 +2363,197 @@ components: folders/[FOLDER_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/views/[VIEW_ID]Projects listed in the project_ids field are added to this list. A maximum of 100 resources may be specified in a single request. + pageToken: + type: string + description: >- + Optional. If present, then retrieve the next batch of results from + the preceding call to this method. page_token must be the value of + next_page_token from the previous response. The values of other + method parameters should be identical to those in the previous call. + type: object + ListOperationsResponse: + properties: + nextPageToken: + type: string + description: The standard List next-page token. + operations: + items: + $ref: '#/components/schemas/Operation' + type: array + description: >- + A list of operations that matches the specified filter in the + request. + unreachable: type: array + description: >- + Unordered list. Unreachable resources. Populated when the request + sets ListOperationsRequest.return_partial_success and reads across + collections. For example, when attempting to list all resources + across all supported locations. items: type: string - filter: + description: The response message for Operations.ListOperations. + id: ListOperationsResponse + type: object + OpsAnalyticsQuery: + description: >- + Describes an analytics query that can be run in the Log Analytics page + of Google Cloud console.Preview: This is a preview feature and may be + subject to change before final release. + properties: + sqlQueryText: description: >- - Optional. A filter that chooses which log entries to return. For - more information, see Logging query language - (https://cloud.google.com/logging/docs/view/logging-query-language).Only - log entries that match the filter are returned. An empty filter - matches all log entries in the resources listed in resource_names. - Referencing a parent resource that is not listed in resource_names - will cause the filter to return no results. The maximum length of a - filter is 20,000 characters.To make queries faster, you can make the - filter more selective by using restrictions on indexed fields - (https://cloud.google.com/logging/docs/view/logging-query-language#indexed-fields) - as well as limit the time range of the query by adding range - restrictions on the timestamp field. + Required. A logs analytics SQL query, which generally follows + BigQuery format.This is the SQL query that appears in the Log + Analytics UI's query editor. type: string - orderBy: + type: object + id: OpsAnalyticsQuery + TestIamPermissionsRequest: + description: Request message for TestIamPermissions method. + type: object + properties: + permissions: description: >- - Optional. How the results should be sorted. Presently, the only - permitted values are "timestamp asc" (default) and "timestamp desc". - The first option returns entries in order of increasing values of - LogEntry.timestamp (oldest first), and the second option returns - entries in order of decreasing timestamps (newest first). Entries - with equal timestamps are returned in order of their insert_id - values.We recommend setting the order_by field to "timestamp desc" - when listing recently ingested log entries. If not set, the default - value of "timestamp asc" may take a long time to fetch matching logs - that are only recently ingested. + The set of permissions to check for the resource. Permissions with + wildcards (such as * or storage.*) are not allowed. For more + information see IAM Overview + (https://cloud.google.com/iam/docs/overview#permissions). + items: + type: string + type: array + id: TestIamPermissionsRequest + GetIamPolicyRequest: + properties: + options: + description: >- + OPTIONAL: A GetPolicyOptions object for specifying options to + GetIamPolicy. + $ref: '#/components/schemas/GetPolicyOptions' + description: Request message for GetIamPolicy method. + type: object + id: GetIamPolicyRequest + LogScope: + properties: + updateTime: + readOnly: true + type: string + format: google-datetime + description: Output only. The last update timestamp of the log scope. + description: type: string - pageSize: description: >- - Optional. The maximum number of results to return from this request. - Default is 50. If the value is negative, the request is rejected.The - presence of next_page_token in the response indicates that more - results might be available. - type: integer - format: int32 - pageToken: + Optional. Describes this log scope.The maximum length of the + description is 8000 characters. + createTime: + readOnly: true + type: string + description: Output only. The creation timestamp of the log scope. + format: google-datetime + resourceNames: + type: array description: >- - Optional. If present, then retrieve the next batch of results from - the preceding call to this method. page_token must be the value of - next_page_token from the previous response. The values of other - method parameters should be identical to those in the previous call. + Required. Names of one or more parent resources (organizations and + folders are not supported.): projects/[PROJECT_ID]May alternatively + be one or more views: + projects/[PROJECT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/views/[VIEW_ID]A + log scope can include a maximum of 5 projects and a maximum of 100 + resources in total. + items: + type: string + name: + description: >- + Output only. The resource name of the log scope.Log scopes are only + available in the global location. For + example:projects/my-project/locations/global/logScopes/my-log-scope + readOnly: true type: string - ListLogEntriesResponse: - id: ListLogEntriesResponse - description: Result returned from ListLogEntries. + description: Describes a group of resources to read log entries from. + id: LogScope + type: object + AppHubApplication: + properties: + container: + description: >- + Resource container that owns the application. Example: + "projects/management_project" + type: string + location: + description: 'Location associated with the Application. Example: "us-east1"' + type: string + id: + description: 'Application Id. Example: "my-app"' + type: string + type: object + id: AppHubApplication + description: >- + Resource identifiers associated with an AppHub application AppHub + resources are of the form projects//locations//applications/ + projects//locations//applications//services/ + projects//locations//applications//workloads/ These resources can be + reconstructed from the components below. + LoggingQuery: type: object + id: LoggingQuery properties: - entries: + filter: description: >- - A list of log entries. If entries is empty, nextPageToken may still - be returned, indicating that more entries may exist. See - nextPageToken for more information. + Required. An advanced query using the Logging Query Language + (https://cloud.google.com/logging/docs/view/logging-query-language). + The maximum length of the filter is 20000 characters. + type: string + summaryFieldEnd: + type: integer + description: Characters will be counted from the end of the string. + format: int32 + summaryFieldStart: + format: int32 + description: Characters will be counted from the start of the string. + type: integer + summaryFields: type: array items: - $ref: '#/components/schemas/LogEntry' - nextPageToken: - description: >- - If there might be more results than those appearing in this - response, then nextPageToken is included. To get the next set of - results, call this method again using the value of nextPageToken as - pageToken.If a value for next_page_token appears and the entries - field is empty, it means that the search found no log entries so far - but it did not have time to search all the possible log entries. - Retry the method with this value for page_token to continue the - search. Alternatively, consider speeding up the search by changing - your filter to specify a single log name or resource type, or to - narrow the time range of the search. - type: string - ListMonitoredResourceDescriptorsResponse: - id: ListMonitoredResourceDescriptorsResponse - description: Result returned from ListMonitoredResourceDescriptors. - type: object + $ref: '#/components/schemas/SummaryField' + description: Optional. The set of summary fields to display for this saved query. + description: >- + Describes a Cloud Logging query that can be run in Logs Explorer UI or + via the logging API.In addition to the query itself, additional + information may be stored to capture the display configuration and other + UI state used in association with analysis of query results. + TailLogEntriesResponse: properties: - resourceDescriptors: - description: A list of resource descriptors. + suppressionInfo: type: array items: - $ref: '#/components/schemas/MonitoredResourceDescriptor' - nextPageToken: + $ref: '#/components/schemas/SuppressionInfo' description: >- - If there might be more results than those appearing in this - response, then nextPageToken is included. To get the next set of - results, call this method again using the value of nextPageToken as - pageToken. - type: string + If entries that otherwise would have been included in the session + were not sent back to the client, counts of relevant entries omitted + from the session with the reason that they were not included. There + will be at most one of each reason per response. The counts + represent the number of suppressed entries since the last streamed + response. + entries: + description: >- + A list of log entries. Each response in the stream will order + entries with increasing values of LogEntry.timestamp. Ordering is + not guaranteed between separate responses. + items: + $ref: '#/components/schemas/LogEntry' + type: array + type: object + id: TailLogEntriesResponse + description: Result returned from TailLogEntries. MonitoredResourceDescriptor: id: MonitoredResourceDescriptor - description: >- - An object that describes the schema of a MonitoredResource object using - a type name and a set of labels. For example, the monitored resource - descriptor for Google Compute Engine VM instances has a type of - "gce_instance" and specifies the use of the labels "instance_id" and - "zone" to identify particular VM instances.Different APIs can support - different monitored resource types. APIs generally provide a list method - that returns the monitored resource descriptors used by the API. - type: object properties: - name: - description: >- - Optional. The resource name of the monitored resource descriptor: - "projects/{project_id}/monitoredResourceDescriptors/{type}" where - {type} is the value of the type field in this object and - {project_id} is a project ID that provides API-specific context for - accessing the type. APIs that do not use project information can use - the resource name format "monitoredResourceDescriptors/{type}". + displayName: type: string + description: >- + Optional. A concise name for the monitored resource type that might + be displayed in user interfaces. It should be a Title Cased Noun + Phrase, without any article or other determiners. For example, + "Google Cloud SQL Database". type: description: >- Required. The monitored resource type. For example, the type @@ -2273,13 +2563,6 @@ components: resource types (https://cloud.google.com/logging/docs/api/v2/resource-list). type: string - displayName: - description: >- - Optional. A concise name for the monitored resource type that might - be displayed in user interfaces. It should be a Title Cased Noun - Phrase, without any article or other determiners. For example, - "Google Cloud SQL Database". - type: string description: description: >- Optional. A detailed description of the monitored resource type that @@ -2291,12 +2574,21 @@ components: monitored resource type. For example, an individual Google Cloud SQL database is identified by values for the labels "database_id" and "zone". - type: array items: $ref: '#/components/schemas/LabelDescriptor' + type: array + name: + description: >- + Optional. The resource name of the monitored resource descriptor: + "projects/{project_id}/monitoredResourceDescriptors/{type}" where + {type} is the value of the type field in this object and + {project_id} is a project ID that provides API-specific context for + accessing the type. APIs that do not use project information can use + the resource name format "monitoredResourceDescriptors/{type}". + type: string launchStage: - description: Optional. The launch stage of the monitored resource definition. type: string + description: Optional. The launch stage of the monitored resource definition. enumDescriptions: - Do not use this default value. - The feature is not yet implemented. Users can not use it. @@ -2344,114 +2636,108 @@ components: - BETA - GA - DEPRECATED - LabelDescriptor: - id: LabelDescriptor - description: A description of a label. - type: object - properties: - key: - description: The label key. - type: string - valueType: - description: The type of data that can be assigned to the label. - type: string - enumDescriptions: - - A variable-length string. This is the default. - - Boolean; true or false. - - A 64-bit signed integer. - enum: - - STRING - - BOOL - - INT64 - description: - description: A human-readable description for the label. - type: string - ListLogsResponse: - id: ListLogsResponse - description: Result returned from ListLogs. type: object - properties: - logNames: - description: >- - A list of log names. For example, "projects/my-project/logs/syslog" - or - "organizations/123/logs/cloudresourcemanager.googleapis.com%2Factivity". - type: array - items: - type: string - nextPageToken: - description: >- - If there might be more results than those appearing in this - response, then nextPageToken is included. To get the next set of - results, call this method again using the value of nextPageToken as - pageToken. - type: string - TailLogEntriesRequest: - id: TailLogEntriesRequest - description: The parameters to TailLogEntries. + description: >- + An object that describes the schema of a MonitoredResource object using + a type name and a set of labels. For example, the monitored resource + descriptor for Google Compute Engine VM instances has a type of + "gce_instance" and specifies the use of the labels "instance_id" and + "zone" to identify particular VM instances.Different APIs can support + different monitored resource types. APIs generally provide a list method + that returns the monitored resource descriptors used by the API. + Binding: type: object + description: Associates members, or principals, with a role. + id: Binding properties: - resourceNames: - description: >- - Required. Name of a parent resource from which to retrieve log - entries: projects/[PROJECT_ID] organizations/[ORGANIZATION_ID] - billingAccounts/[BILLING_ACCOUNT_ID] folders/[FOLDER_ID]May - alternatively be one or more views: - projects/[PROJECT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/views/[VIEW_ID] - organizations/[ORGANIZATION_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/views/[VIEW_ID] - billingAccounts/[BILLING_ACCOUNT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/views/[VIEW_ID] - folders/[FOLDER_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/views/[VIEW_ID] - type: array + members: items: type: string - filter: - description: >- - Optional. Only log entries that match the filter are returned. An - empty filter matches all log entries in the resources listed in - resource_names. Referencing a parent resource that is not listed in - resource_names will cause the filter to return no results. The - maximum length of a filter is 20,000 characters. - type: string - bufferWindow: - description: >- - Optional. The amount of time to buffer log entries at the server - before being returned to prevent out of order results due to late - arriving log entries. Valid values are between 0-60000 milliseconds. - Defaults to 2000 milliseconds. - type: string - format: google-duration - TailLogEntriesResponse: - id: TailLogEntriesResponse - description: Result returned from TailLogEntries. - type: object - properties: - entries: description: >- - A list of log entries. Each response in the stream will order - entries with increasing values of LogEntry.timestamp. Ordering is - not guaranteed between separate responses. + Specifies the principals requesting access for a Google Cloud + resource. members can have the following values: allUsers: A special + identifier that represents anyone who is on the internet; with or + without a Google account. allAuthenticatedUsers: A special + identifier that represents anyone who is authenticated with a Google + account or a service account. Does not include identities that come + from external identity providers (IdPs) through identity federation. + user:{emailid}: An email address that represents a specific Google + account. For example, alice@example.com . serviceAccount:{emailid}: + An email address that represents a Google service account. For + example, my-other-app@appspot.gserviceaccount.com. + serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: + An identifier for a Kubernetes service account + (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. + group:{emailid}: An email address that represents a Google group. + For example, admins@example.com. domain:{domain}: The G Suite domain + (primary) that represents all the users of that domain. For example, + google.com or example.com. + principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}: + A single identity in a workforce identity pool. + principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}: + All workforce identities in a group. + principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}: + All workforce identities with a specific attribute value. + principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*: + All identities in a workforce identity pool. + principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}: + A single identity in a workload identity pool. + principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}: + A workload identity pool group. + principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}: + All identities in a workload identity pool with a certain attribute. + principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*: + All identities in a workload identity pool. + deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique + identifier) representing a user that has been recently deleted. For + example, alice@example.com?uid=123456789012345678901. If the user is + recovered, this value reverts to user:{emailid} and the recovered + user retains the role in the binding. + deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. + If the service account is undeleted, this value reverts to + serviceAccount:{emailid} and the undeleted service account retains + the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An + email address (plus unique identifier) representing a Google group + that has been recently deleted. For example, + admins@example.com?uid=123456789012345678901. If the group is + recovered, this value reverts to group:{emailid} and the recovered + group retains the role in the binding. + deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}: + Deleted single identity in a workforce identity pool. For example, + deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value. type: array - items: - $ref: '#/components/schemas/LogEntry' - suppressionInfo: + condition: description: >- - If entries that otherwise would have been included in the session - were not sent back to the client, counts of relevant entries omitted - from the session with the reason that they were not included. There - will be at most one of each reason per response. The counts - represent the number of suppressed entries since the last streamed - response. - type: array - items: - $ref: '#/components/schemas/SuppressionInfo' + The condition that is associated with this binding.If the condition + evaluates to true, then this binding applies to the current + request.If the condition evaluates to false, then this binding does + not apply to the current request. However, a different role binding + might grant the same role to one or more of the principals in this + binding.To learn which resources support conditions in their IAM + policies, see the IAM documentation + (https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + role: + description: >- + Role that is assigned to the list of members, or principals. For + example, roles/viewer, roles/editor, or roles/owner.For an overview + of the IAM roles and permissions, see the IAM documentation + (https://cloud.google.com/iam/docs/roles-overview). For a list of + the available pre-defined roles, see here + (https://cloud.google.com/iam/docs/understanding-roles). + type: string SuppressionInfo: - id: SuppressionInfo description: Information about entries that were omitted from the session. - type: object properties: reason: - description: The reason that entries were omitted from the session. - type: string + enum: + - REASON_UNSPECIFIED + - RATE_LIMIT + - NOT_CONSUMED enumDescriptions: - Unexpected default. - >- @@ -2462,601 +2748,349 @@ components: - >- Indicates suppression occurred due to the client not consuming responses quickly enough. - enum: - - REASON_UNSPECIFIED - - RATE_LIMIT - - NOT_CONSUMED + type: string + description: The reason that entries were omitted from the session. suppressedCount: - description: A lower bound on the count of entries omitted due to reason. - type: integer format: int32 - ListLogMetricsResponse: - id: ListLogMetricsResponse - description: Result returned from ListLogMetrics. - type: object - properties: - metrics: - description: A list of logs-based metrics. - type: array - items: - $ref: '#/components/schemas/LogMetric' - nextPageToken: - description: >- - If there might be more results than appear in this response, then - nextPageToken is included. To get the next set of results, call this - method again using the value of nextPageToken as pageToken. - type: string - LogMetric: - id: LogMetric - description: >- - Describes a logs-based metric. The value of the metric is the number of - log entries that match a logs filter in a given time interval.Logs-based - metrics can also be used to extract values from logs and create a - distribution of the values. The distribution records the statistics of - the extracted values along with an optional histogram of the values as - specified by the bucket options. + type: integer + description: A lower bound on the count of entries omitted due to reason. type: object + id: SuppressionInfo + SavedQuery: + id: SavedQuery + description: Describes a query that has been saved by a user. properties: - name: + visibility: + enumDescriptions: + - >- + The saved query visibility is unspecified. A CreateSavedQuery + request with an unspecified visibility will be rejected. + - The saved query is only visible to the user that created it. + - The saved query is visible to anyone in the project. + enum: + - VISIBILITY_UNSPECIFIED + - PRIVATE + - SHARED description: >- - Required. The client-assigned metric identifier. Examples: - "error_count", "nginx/requests".Metric identifiers are limited to - 100 characters and can include only the following characters: A-Z, - a-z, 0-9, and the special characters _-.,+!*',()%/. The - forward-slash character (/) denotes a hierarchy of name pieces, and - it cannot be the first character of the name.This field is the - [METRIC_ID] part of a metric resource name in the format - "projects/PROJECT_ID/metrics/METRIC_ID". Example: If the resource - name of a metric is "projects/my-project/metrics/nginx%2Frequests", - this field's value is "nginx/requests". + Required. The visibility status of this query, which determines its + ownership. type: string - resourceName: + loggingQuery: description: >- - Output only. The resource name of the metric: - "projects/[PROJECT_ID]/metrics/[METRIC_ID]" - readOnly: true + Logging query that can be executed in Logs Explorer or via Logging + API. + $ref: '#/components/schemas/LoggingQuery' + displayName: type: string + description: Required. The user specified title for the SavedQuery. description: - description: >- - Optional. A description of this metric, which is used in - documentation. The maximum length of the description is 8000 - characters. - type: string - filter: - description: >- - Required. An advanced logs filter - (https://cloud.google.com/logging/docs/view/advanced_filters) which - is used to match log entries. Example: "resource.type=gae_app AND - severity>=ERROR" The maximum length of the filter is 20000 - characters. - type: string - bucketName: - description: >- - Optional. The resource name of the Log Bucket that owns the Log - Metric. Only Log Buckets in projects are supported. The bucket has - to be in the same project as the metric.For - example:projects/my-project/locations/global/buckets/my-bucketIf - empty, then the Log Metric is considered a non-Bucket Log Metric. - type: string - disabled: - description: >- - Optional. If set to True, then this metric is disabled and it does - not generate any points. - type: boolean - metricDescriptor: - description: >- - Optional. The metric descriptor associated with the logs-based - metric. If unspecified, it uses a default metric descriptor with a - DELTA metric kind, INT64 value type, with no labels and a unit of - "1". Such a metric counts the number of log entries matching the - filter expression.The name, type, and description fields in the - metric_descriptor are output only, and is constructed using the name - and description field in the LogMetric.To create a logs-based metric - that records a distribution of log values, a DELTA metric kind with - a DISTRIBUTION value type must be used along with a value_extractor - expression in the LogMetric.Each label in the metric descriptor must - have a matching label name as the key and an extractor expression as - the value in the label_extractors map.The metric_kind and value_type - fields in the metric_descriptor cannot be updated once initially - configured. New labels can be added in the metric_descriptor, but - existing labels cannot be modified except for their description. - $ref: '#/components/schemas/MetricDescriptor' - valueExtractor: - description: >- - Optional. A value_extractor is required when using a distribution - logs-based metric to extract the values to record from a log entry. - Two functions are supported for value extraction: EXTRACT(field) or - REGEXP_EXTRACT(field, regex). The arguments are: field: The name of - the log entry field from which the value is to be extracted. regex: - A regular expression using the Google RE2 syntax - (https://github.com/google/re2/wiki/Syntax) with a single capture - group to extract data from the specified log entry field. The value - of the field is converted to a string before applying the regex. It - is an error to specify a regex that does not include exactly one - capture group.The result of the extraction must be convertible to a - double type, as the distribution always records double values. If - either the extraction or the conversion to double fails, then those - values are not recorded in the distribution.Example: - REGEXP_EXTRACT(jsonPayload.request, ".*quantity=(\d+).*") + description: Optional. A human readable description of the saved query. type: string - labelExtractors: - description: >- - Optional. A map from a label key string to an extractor expression - which is used to extract data from a log entry field and assign as - the label value. Each label key specified in the LabelDescriptor - must have an associated extractor expression in this map. The syntax - of the extractor expression is the same as for the value_extractor - field.The extracted value is converted to the type defined in the - label descriptor. If either the extraction or the type conversion - fails, the label will have a default value. The default value for a - string label is an empty string, for an integer label its 0, and for - a boolean label its false.Note that there are upper bounds on the - maximum number of labels and the number of active time series that - are allowed in a project. - type: object - additionalProperties: - type: string - bucketOptions: - description: >- - Optional. The bucket_options are required when the logs-based metric - is using a DISTRIBUTION value type and it describes the bucket - boundaries used to create a histogram of the extracted values. - $ref: '#/components/schemas/BucketOptions' createTime: - description: >- - Output only. The creation timestamp of the metric.This field may not - be present for older metrics. - readOnly: true + description: Output only. The timestamp when the saved query was created. type: string + readOnly: true format: google-datetime - updateTime: + name: + type: string + readOnly: true description: >- - Output only. The last update timestamp of the metric.This field may - not be present for older metrics. + Output only. Resource name of the saved query.In the format: + "projects/[PROJECT_ID]/locations/[LOCATION_ID]/savedQueries/[QUERY_ID]" + For a list of supported locations, see Supported Regions + (https://cloud.google.com/logging/docs/region-support#bucket-regions)After + the saved query is created, the location cannot be changed.If the + user doesn't provide a QUERY_ID, the system will generate an + alphanumeric ID. + opsAnalyticsQuery: + $ref: '#/components/schemas/OpsAnalyticsQuery' + description: Analytics query that can be executed in Log Analytics. + updateTime: + format: google-datetime readOnly: true + description: Output only. The timestamp when the saved query was last updated. type: string - format: google-datetime - version: + type: object + BigQueryDataset: + type: object + description: Describes a BigQuery dataset that was created by a link. + id: BigQueryDataset + properties: + datasetId: description: >- - Deprecated. The API version that created or updated this metric. The - v2 format is used by default and cannot be changed. - deprecated: true + Output only. The full resource name of the BigQuery dataset. The + DATASET_ID will match the ID of the link, so the link must match the + naming restrictions of BigQuery datasets (alphanumeric characters + and underscores only).The dataset will have a resource path of + "bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID" + readOnly: true type: string - enumDescriptions: - - Logging API v2. - - Logging API v1. - enum: - - V2 - - V1 - MetricDescriptor: - id: MetricDescriptor + Explicit: + properties: + bounds: + description: The values must be monotonically increasing. + items: + format: double + type: number + type: array description: >- - Defines a metric type and its schema. Once a metric descriptor is - created, deleting or altering it stops data collection and makes the - metric type's existing data unusable. + Specifies a set of buckets with arbitrary widths.There are size(bounds) + + 1 (= N) buckets. Bucket i has the following boundaries:Upper bound (0 + <= i < N-1): boundsi Lower bound (1 <= i < N); boundsi - 1The bounds + field must contain at least one element. If bounds has only one element, + then there are no finite buckets, and that single element is the common + boundary of the overflow and underflow buckets. + id: Explicit type: object + ListLogsResponse: properties: - name: - description: The resource name of the metric descriptor. - type: string - type: + nextPageToken: description: >- - The metric type, including its DNS name prefix. The type is not - URL-encoded. All user-defined metric types have the DNS name - custom.googleapis.com or external.googleapis.com. Metric types - should use a natural hierarchical grouping. For example: - "custom.googleapis.com/invoice/paid/amount" - "external.googleapis.com/prometheus/up" - "appengine.googleapis.com/http/server/response_latencies" + If there might be more results than those appearing in this + response, then nextPageToken is included. To get the next set of + results, call this method again using the value of nextPageToken as + pageToken. type: string - labels: - description: >- - The set of labels that can be used to describe a specific instance - of this metric type. For example, the - appengine.googleapis.com/http/server/response_latencies metric type - has a label for the HTTP response code, response_code, so you can - look at latencies for successful responses or just for responses - that failed. - type: array + logNames: items: - $ref: '#/components/schemas/LabelDescriptor' - metricKind: + type: string description: >- - Whether the metric records instantaneous values, changes to a value, - etc. Some combinations of metric_kind and value_type might not be - supported. + A list of log names. For example, "projects/my-project/logs/syslog" + or + "organizations/123/logs/cloudresourcemanager.googleapis.com%2Factivity". + type: array + type: object + id: ListLogsResponse + description: Result returned from ListLogs. + Expr: + properties: + description: type: string - enumDescriptions: - - Do not use this default value. - - An instantaneous measurement of a value. - - The change in a value during a time interval. - - >- - A value accumulated over a time interval. Cumulative measurements - in a time series should have the same start time and increasing - end times, until an event resets the cumulative value to zero and - sets a new start time for the following points. - enum: - - METRIC_KIND_UNSPECIFIED - - GAUGE - - DELTA - - CUMULATIVE - valueType: description: >- - Whether the measurement is an integer, a floating-point number, etc. - Some combinations of metric_kind and value_type might not be - supported. + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + title: type: string - enumDescriptions: - - Do not use this default value. - - >- - The value is a boolean. This value type can be used only if the - metric kind is GAUGE. - - The value is a signed 64-bit integer. - - The value is a double precision floating point number. - - >- - The value is a text string. This value type can be used only if - the metric kind is GAUGE. - - The value is a Distribution. - - The value is money. - enum: - - VALUE_TYPE_UNSPECIFIED - - BOOL - - INT64 - - DOUBLE - - STRING - - DISTRIBUTION - - MONEY - unit: description: >- - The units in which the metric value is reported. It is only - applicable if the value_type is INT64, DOUBLE, or DISTRIBUTION. The - unit defines the representation of the stored metric - values.Different systems might scale the values to be more easily - displayed (so a value of 0.02kBy might be displayed as 20By, and a - value of 3523kBy might be displayed as 3.5MBy). However, if the unit - is kBy, then the value of the metric is always in thousands of - bytes, no matter how it might be displayed.If you want a custom - metric to record the exact number of CPU-seconds used by a job, you - can create an INT64 CUMULATIVE metric whose unit is s{CPU} (or - equivalently 1s{CPU} or just s). If the job uses 12,005 CPU-seconds, - then the value is written as 12005.Alternatively, if you want a - custom metric to record data in a more granular way, you can create - a DOUBLE CUMULATIVE metric whose unit is ks{CPU}, and then write the - value 12.005 (which is 12005/1000), or use Kis{CPU} and write 11.723 - (which is 12005/1024).The supported units are a subset of The - Unified Code for Units of Measure - (https://unitsofmeasure.org/ucum.html) standard:Basic units (UNIT) - bit bit By byte s second min minute h hour d day 1 - dimensionlessPrefixes (PREFIX) k kilo (10^3) M mega (10^6) G giga - (10^9) T tera (10^12) P peta (10^15) E exa (10^18) Z zetta (10^21) Y - yotta (10^24) m milli (10^-3) u micro (10^-6) n nano (10^-9) p pico - (10^-12) f femto (10^-15) a atto (10^-18) z zepto (10^-21) y yocto - (10^-24) Ki kibi (2^10) Mi mebi (2^20) Gi gibi (2^30) Ti tebi (2^40) - Pi pebi (2^50)GrammarThe grammar also includes these connectors: / - division or ratio (as an infix operator). For examples, kBy/{email} - or MiBy/10ms (although you should almost never have /s in a metric - unit; rates should always be computed at query time from the - underlying cumulative or delta value). . multiplication or - composition (as an infix operator). For examples, GBy.d or - k{watt}.h.The grammar for a unit is as follows: Expression = - Component { "." Component } { "/" Component } ; Component = ( [ - PREFIX ] UNIT | "%" ) [ Annotation ] | Annotation | "1" ; Annotation - = "{" NAME "}" ; Notes: Annotation is just a comment if it follows a - UNIT. If the annotation is used alone, then the unit is equivalent - to 1. For examples, {request}/s == 1/s, By{transmitted}/s == By/s. - NAME is a sequence of non-blank printable ASCII characters not - containing { or }. 1 represents a unitary dimensionless unit - (https://en.wikipedia.org/wiki/Dimensionless_quantity) of 1, such as - in 1/s. It is typically used when none of the basic units are - appropriate. For example, "new users per day" can be represented as - 1/d or {new-users}/d (and a metric value 5 would mean "5 new users). - Alternatively, "thousands of page views per day" would be - represented as 1000/d or k1/d or k{page_views}/d (and a metric value - of 5.3 would mean "5300 page views per day"). % represents - dimensionless value of 1/100, and annotates values giving a - percentage (so the metric values are typically in the range of - 0..100, and a metric value 3 means "3 percent"). 10^2.% indicates a - metric contains a ratio, typically in the range 0..1, that will be - multiplied by 100 and displayed as a percentage (so a metric value - 0.03 means "3 percent"). - type: string - description: + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + location: description: >- - A detailed description of the metric, which can be used in - documentation. + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. type: string - displayName: + expression: description: >- - A concise name for the metric, which can be displayed in user - interfaces. Use sentence case without an ending period, for example - "Request count". This field is optional but it is recommended to be - set for any metrics associated with user-visible concepts, such as - Quota. - type: string - metadata: - description: Optional. Metadata which can be used to guide usage of the metric. - $ref: '#/components/schemas/MetricDescriptorMetadata' - launchStage: - description: Optional. The launch stage of the metric definition. + Textual representation of an expression in Common Expression + Language syntax. type: string - enumDescriptions: - - Do not use this default value. - - The feature is not yet implemented. Users can not use it. - - >- - Prelaunch features are hidden from users and are only visible - internally. - - >- - Early Access features are limited to a closed group of testers. To - use these features, you must sign up in advance and sign a Trusted - Tester agreement (which includes confidentiality provisions). - These features may be unstable, changed in backward-incompatible - ways, and are not guaranteed to be released. - - >- - Alpha is a limited availability test for releases before they are - cleared for widespread use. By Alpha, all significant design - issues are resolved and we are in the process of verifying - functionality. Alpha customers need to apply for access, agree to - applicable terms, and have their projects allowlisted. Alpha - releases don't have to be feature complete, no SLAs are provided, - and there are no technical support obligations, but they will be - far enough along that customers can actually use them in test - environments or for limited-use tests -- just like they would in - normal production cases. - - >- - Beta is the point at which we are ready to open a release for any - customer to use. There are no SLA or technical support obligations - in a Beta release. Products will be complete from a feature - perspective, but may have some open outstanding issues. Beta - releases are suitable for limited production use cases. - - >- - GA features are open to all developers and are considered stable - and fully qualified for production use. - - >- - Deprecated features are scheduled to be shut down and removed. For - more information, see the "Deprecation Policy" section of our - Terms of Service (https://cloud.google.com/terms/) and the Google - Cloud Platform Subject to the Deprecation Policy - (https://cloud.google.com/terms/deprecation) documentation. - enum: - - LAUNCH_STAGE_UNSPECIFIED - - UNIMPLEMENTED - - PRELAUNCH - - EARLY_ACCESS - - ALPHA - - BETA - - GA - - DEPRECATED - monitoredResourceTypes: - description: >- - Read-only. If present, then a time series, which is identified - partially by a metric type and a MonitoredResourceDescriptor, that - is associated with this metric type can only be associated with one - of the monitored resource types listed here. - type: array - items: - type: string - MetricDescriptorMetadata: - id: MetricDescriptorMetadata - description: Additional annotations that can be used to guide the usage of a metric. + id: Expr + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec.Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + type: object + IndexConfig: + id: IndexConfig + description: Configuration for an indexed field. type: object properties: - launchStage: - description: Deprecated. Must use the MetricDescriptor.launch_stage instead. - deprecated: true + fieldPath: + description: >- + Required. The LogEntry field path to index.Note that some paths are + automatically indexed, and other paths are not eligible for + indexing. See indexing documentation( + https://cloud.google.com/logging/docs/analyze/custom-index) for + details.For example: jsonPayload.request.status type: string + type: enumDescriptions: - - Do not use this default value. - - The feature is not yet implemented. Users can not use it. - - >- - Prelaunch features are hidden from users and are only visible - internally. - - >- - Early Access features are limited to a closed group of testers. To - use these features, you must sign up in advance and sign a Trusted - Tester agreement (which includes confidentiality provisions). - These features may be unstable, changed in backward-incompatible - ways, and are not guaranteed to be released. - - >- - Alpha is a limited availability test for releases before they are - cleared for widespread use. By Alpha, all significant design - issues are resolved and we are in the process of verifying - functionality. Alpha customers need to apply for access, agree to - applicable terms, and have their projects allowlisted. Alpha - releases don't have to be feature complete, no SLAs are provided, - and there are no technical support obligations, but they will be - far enough along that customers can actually use them in test - environments or for limited-use tests -- just like they would in - normal production cases. - - >- - Beta is the point at which we are ready to open a release for any - customer to use. There are no SLA or technical support obligations - in a Beta release. Products will be complete from a feature - perspective, but may have some open outstanding issues. Beta - releases are suitable for limited production use cases. - - >- - GA features are open to all developers and are considered stable - and fully qualified for production use. - - >- - Deprecated features are scheduled to be shut down and removed. For - more information, see the "Deprecation Policy" section of our - Terms of Service (https://cloud.google.com/terms/) and the Google - Cloud Platform Subject to the Deprecation Policy - (https://cloud.google.com/terms/deprecation) documentation. + - The index's type is unspecified. + - The index is a string-type index. + - The index is a integer-type index. + description: Required. The type of data in this index. + type: string enum: - - LAUNCH_STAGE_UNSPECIFIED - - UNIMPLEMENTED - - PRELAUNCH - - EARLY_ACCESS - - ALPHA - - BETA - - GA - - DEPRECATED - samplePeriod: - description: >- - The sampling period of metric data points. For metrics which are - written periodically, consecutive data points are stored at this - time interval, excluding data loss due to errors. Metrics with a - higher granularity have a smaller sampling period. + - INDEX_TYPE_UNSPECIFIED + - INDEX_TYPE_STRING + - INDEX_TYPE_INTEGER + createTime: type: string - format: google-duration - ingestDelay: + readOnly: true + format: google-datetime description: >- - The delay of data points caused by ingestion. Data points older than - this age are guaranteed to be ingested and available to be read, - excluding data loss due to errors. - type: string - format: google-duration - timeSeriesResourceHierarchyLevel: - description: The scope of the timeseries data of the metric. - type: array - items: - type: string - enumDescriptions: - - Do not use this default value. - - Scopes a metric to a project. - - Scopes a metric to an organization. - - Scopes a metric to a folder. - enum: - - TIME_SERIES_RESOURCE_HIERARCHY_LEVEL_UNSPECIFIED - - PROJECT - - ORGANIZATION - - FOLDER - BucketOptions: - id: BucketOptions + Output only. The timestamp when the index was last modified.This is + used to return the timestamp, and will be ignored if supplied during + update. + MonitoredResourceMetadata: description: >- - BucketOptions describes the bucket boundaries used to create a histogram - for the distribution. The buckets can be in a linear sequence, an - exponential sequence, or each bucket can be specified explicitly. - BucketOptions does not include the number of values in each bucket.A - bucket has an inclusive lower bound and exclusive upper bound for the - values that are counted for that bucket. The upper bound of a bucket - must be strictly greater than the lower bound. The sequence of N buckets - for a distribution consists of an underflow bucket (number 0), zero or - more finite buckets (number 1 through N - 2) and an overflow bucket - (number N - 1). The buckets are contiguous: the lower bound of bucket i - (i > 0) is the same as the upper bound of bucket i - 1. The buckets span - the whole range of finite values: lower bound of the underflow bucket is - -infinity and the upper bound of the overflow bucket is +infinity. The - finite buckets are so-called because both bounds are finite. + Auxiliary metadata for a MonitoredResource object. MonitoredResource + objects contain the minimum set of information to uniquely identify a + monitored resource instance. There is some other useful auxiliary + metadata. Monitoring and Logging use an ingestion pipeline to extract + metadata for cloud resources of all types, and store the metadata in + this message. + properties: + userLabels: + description: Output only. A map of user-defined metadata labels. + additionalProperties: + type: string + type: object + systemLabels: + additionalProperties: + description: Properties of the object. + type: any + type: object + description: >- + Output only. Values for predefined system metadata labels. System + labels are a kind of metadata extracted by Google, including + "machine_image", "vpc", "subnet_id", "security_group", "name", etc. + System label values can be only strings, Boolean values, or a list + of strings. For example: { "name": "my-test-instance", + "security_group": ["a", "b", "c"], "spot_instance": false } + type: object + id: MonitoredResourceMetadata + LocationMetadata: type: object properties: - linearBuckets: - description: The linear bucket. - $ref: '#/components/schemas/Linear' - exponentialBuckets: - description: The exponential buckets. - $ref: '#/components/schemas/Exponential' - explicitBuckets: - description: The explicit buckets. - $ref: '#/components/schemas/Explicit' - Linear: - id: Linear - description: >- - Specifies a linear sequence of buckets that all have the same width - (except overflow and underflow). Each bucket represents a constant - absolute uncertainty on the specific value in the bucket.There are - num_finite_buckets + 2 (= N) buckets. Bucket i has the following - boundaries:Upper bound (0 <= i < N-1): offset + (width * i).Lower bound - (1 <= i < N): offset + (width * (i - 1)). + logAnalyticsEnabled: + type: boolean + description: >- + Indicates whether or not Log Analytics features are supported in the + given location. + description: Cloud Logging specific location metadata. + id: LocationMetadata + ListViewsResponse: + description: The response from ListViews. type: object + id: ListViewsResponse properties: - numFiniteBuckets: - description: Must be greater than 0. - type: integer - format: int32 - width: - description: Must be greater than 0. - type: number - format: double - offset: - description: Lower bound of the first bucket. - type: number - format: double - Exponential: - id: Exponential - description: >- - Specifies an exponential sequence of buckets that have a width that is - proportional to the value of the lower bound. Each bucket represents a - constant relative uncertainty on a specific value in the bucket.There - are num_finite_buckets + 2 (= N) buckets. Bucket i has the following - boundaries:Upper bound (0 <= i < N-1): scale * (growth_factor ^ i).Lower - bound (1 <= i < N): scale * (growth_factor ^ (i - 1)). + nextPageToken: + description: >- + If there might be more results than appear in this response, then + nextPageToken is included. To get the next set of results, call the + same method again using the value of nextPageToken as pageToken. + type: string + views: + type: array + description: A list of views. + items: + $ref: '#/components/schemas/LogView' + ListLinksResponse: type: object properties: - numFiniteBuckets: - description: Must be greater than 0. - type: integer - format: int32 - growthFactor: - description: Must be greater than 1. - type: number - format: double - scale: - description: Must be greater than 0. - type: number - format: double - Explicit: - id: Explicit + links: + type: array + description: A list of links. + items: + $ref: '#/components/schemas/Link' + nextPageToken: + type: string + description: >- + If there might be more results than those appearing in this + response, then nextPageToken is included. To get the next set of + results, call the same method again using the value of nextPageToken + as pageToken. + id: ListLinksResponse + description: The response from ListLinks. + SummaryField: + id: SummaryField description: >- - Specifies a set of buckets with arbitrary widths.There are size(bounds) - + 1 (= N) buckets. Bucket i has the following boundaries:Upper bound (0 - <= i < N-1): boundsi Lower bound (1 <= i < N); boundsi - 1The bounds - field must contain at least one element. If bounds has only one element, - then there are no finite buckets, and that single element is the common - boundary of the overflow and underflow buckets. + A field from the LogEntry that is added to the summary line + (https://cloud.google.com/logging/docs/view/logs-explorer-interface#add-summary-fields) + for a query in the Logs Explorer. type: object properties: - bounds: - description: The values must be monotonically increasing. + field: + description: >- + Optional. The field from the LogEntry to include in the summary + line, for example resource.type or jsonPayload.name. + type: string + ListExclusionsResponse: + properties: + exclusions: + description: A list of exclusions. type: array items: - type: number - format: double + $ref: '#/components/schemas/LogExclusion' + nextPageToken: + type: string + description: >- + If there might be more results than appear in this response, then + nextPageToken is included. To get the next set of results, call the + same method again using the value of nextPageToken as pageToken. + type: object + description: Result returned from ListExclusions. + id: ListExclusionsResponse + CreateLinkRequest: + properties: + parent: + description: >- + Required. The full resource name of the bucket to create a link for. + "projects/[PROJECT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]" + type: string + linkId: + type: string + description: >- + Required. The ID to use for the link. The link_id can have up to 100 + characters. A valid link_id must only have alphanumeric characters + and underscores within it. + link: + $ref: '#/components/schemas/Link' + description: Required. The new link. + id: CreateLinkRequest + type: object + description: The parameters to CreateLink. RequestLog: + type: object id: RequestLog description: >- Complete log information about a single HTTP request to an App Engine application. - type: object properties: - appId: - description: Application that handled this request. - type: string - moduleId: - description: Module of the application that handled this request. + httpVersion: + description: 'HTTP version of request. Example: "HTTP/1.1".' type: string - versionId: - description: Version of the application that handled this request. + megaCycles: + description: Number of CPU megacycles used to process request. type: string + format: int64 + wasLoadingRequest: + type: boolean + description: Whether this was a loading request for the instance. requestId: + type: string description: >- Globally unique identifier for a request, which is based on the request start time. Request IDs for requests which started later will compare greater as strings than those for requests which started earlier. + nickname: type: string - ip: - description: Origin IP address. - type: string - startTime: - description: Time when the request started. - type: string - format: google-datetime - endTime: - description: Time when the request finished. - type: string - format: google-datetime - latency: - description: Latency of the request. - type: string - format: google-duration - megaCycles: - description: Number of CPU megacycles used to process request. - type: string - format: int64 - method: - description: 'Request method. Example: "GET", "HEAD", "PUT", "POST", "DELETE".' + description: >- + The logged-in user who made the request.Most likely, this is the + part of the user's email before the @ sign. The field value is the + same for different requests from the same user, but different users + can have similar names. This information is also available to the + application via the App Engine Users API.This field will be + populated starting with App Engine 1.9.21. + moduleId: type: string + description: Module of the application that handled this request. resource: description: >- Contains the path and query portion of the URL that was requested. @@ -3064,440 +3098,420 @@ components: resource would be "/app?name=val". The fragment identifier, which is identified by the # character, is not included. type: string - httpVersion: - description: 'HTTP version of request. Example: "HTTP/1.1".' - type: string - status: - description: 'HTTP response status code. Example: 200, 404.' - type: integer - format: int32 responseSize: - description: Size in bytes sent back to client by request. type: string format: int64 - referrer: - description: Referrer URL of request. - type: string - userAgent: - description: User agent that made the request. + description: Size in bytes sent back to client by request. + appId: + description: Application that handled this request. type: string - nickname: + traceSampled: description: >- - The logged-in user who made the request.Most likely, this is the - part of the user's email before the @ sign. The field value is the - same for different requests from the same user, but different users - can have similar names. This information is also available to the - application via the App Engine Users API.This field will be - populated starting with App Engine 1.9.21. - type: string + If true, the value in the 'trace_id' field was sampled for storage + in a trace backend. + type: boolean urlMapEntry: description: File or class that handled the request. type: string - host: - description: Internet host and port number of the resource being requested. - type: string - cost: - description: An indication of the relative cost of serving this request. - type: number - format: double - taskQueueName: - description: Queue name of the request, in the case of an offline request. - type: string - taskName: - description: Task name of the request, in the case of an offline request. - type: string - wasLoadingRequest: - description: Whether this was a loading request for the instance. - type: boolean - pendingTime: - description: Time this request spent in the pending request queue. + ip: + description: Origin IP address. type: string - format: google-duration instanceIndex: + type: integer description: >- If the instance processing this request belongs to a manually scaled module, then this is the 0-based index of the instance. Otherwise, this value is -1. - type: integer format: int32 - finished: - description: Whether this request is finished or active. - type: boolean - first: - description: >- - Whether this is the first RequestLog entry for this request. If an - active request has several RequestLog entries written to Stackdriver - Logging, then this field will be set for one of them. - type: boolean - instanceId: - description: An identifier for the instance that handled the request. - type: string - line: - description: >- - A list of log lines emitted by the application while serving this - request. - type: array - items: - $ref: '#/components/schemas/LogLine' - appEngineRelease: - description: App Engine release version. - type: string - traceId: - description: Stackdriver Trace identifier for this request. - type: string - spanId: - description: Stackdriver Trace span identifier for this request. + method: + description: 'Request method. Example: "GET", "HEAD", "PUT", "POST", "DELETE".' type: string - traceSampled: - description: >- - If true, the value in the 'trace_id' field was sampled for storage - in a trace backend. - type: boolean sourceReference: - description: >- - Source code for the application that handled this request. There can - be more than one source reference per deployed application if source - code is distributed among multiple repositories. - type: array items: $ref: '#/components/schemas/SourceReference' - LogLine: - id: LogLine - description: Application log line emitted while processing a request. - type: object - properties: - time: - description: Approximate time when this log entry was made. - type: string - format: google-datetime - severity: - description: Severity of this log entry. - type: string - enumDescriptions: - - (0) The log entry has no assigned severity level. - - (100) Debug or trace information. - - (200) Routine information, such as ongoing status or performance. - - >- - (300) Normal but significant events, such as start up, shut down, - or a configuration change. - - (400) Warning events might cause problems. - - (500) Error events are likely to cause problems. - - (600) Critical events cause more severe problems or outages. - - (700) A person must take an action immediately. - - (800) One or more systems are unusable. - enum: - - DEFAULT - - DEBUG - - INFO - - NOTICE - - WARNING - - ERROR - - CRITICAL - - ALERT - - EMERGENCY - logMessage: - description: App-provided log message. - type: string - sourceLocation: - description: Where in the source code this log message was written. - $ref: '#/components/schemas/SourceLocation' - SourceLocation: - id: SourceLocation - description: Specifies a location in a source code file. - type: object - properties: - file: - description: >- - Source file name. Depending on the runtime environment, this might - be a simple name or a fully-qualified name. - type: string - line: - description: Line within the source file. - type: string - format: int64 - functionName: - description: >- - Human-readable name of the function or method being invoked, with - optional context such as the class or package name. This information - is used in contexts such as the logs viewer, where a file and line - number are less meaningful. The format can vary by language. For - example: qual.if.ied.Class.method (Java), dir/package.func (Go), - function (Python). - type: string - SourceReference: - id: SourceReference - description: >- - A reference to a particular snapshot of the source tree used to build - and deploy an application. - type: object - properties: - repository: - description: >- - Optional. A URI string identifying the repository. Example: - "https://github.com/GoogleCloudPlatform/kubernetes.git" - type: string - revisionId: description: >- - The canonical and persistent identifier of the deployed revision. - Example (git): "0035781c50ec7aa23385dc841529ce8a4b70db1b" - type: string - CopyLogEntriesMetadata: - id: CopyLogEntriesMetadata - description: Metadata for CopyLogEntries long running operations. - type: object - properties: + Source code for the application that handled this request. There can + be more than one source reference per deployed application if source + code is distributed among multiple repositories. + type: array startTime: - description: The create time of an operation. type: string + description: Time when the request started. format: google-datetime - endTime: - description: The end time of an operation. + status: + description: 'HTTP response status code. Example: 200, 404.' + type: integer + format: int32 + taskQueueName: + description: Queue name of the request, in the case of an offline request. type: string - format: google-datetime - state: - description: Output only. State of an operation. - readOnly: true + instanceId: + description: An identifier for the instance that handled the request. type: string - enumDescriptions: - - Should not be used. - - The operation is scheduled. - - Waiting for necessary permissions. - - The operation is running. - - The operation was completed successfully. - - The operation failed. - - The operation was cancelled by the user. - - The operation is waiting for quota. - enum: - - OPERATION_STATE_UNSPECIFIED - - OPERATION_STATE_SCHEDULED - - OPERATION_STATE_WAITING_FOR_PERMISSIONS - - OPERATION_STATE_RUNNING - - OPERATION_STATE_SUCCEEDED - - OPERATION_STATE_FAILED - - OPERATION_STATE_CANCELLED - - OPERATION_STATE_PENDING - cancellationRequested: - description: >- - Identifies whether the user has requested cancellation of the - operation. + host: + type: string + description: Internet host and port number of the resource being requested. + referrer: + description: Referrer URL of request. + type: string + cost: + description: An indication of the relative cost of serving this request. + format: double + type: number + finished: + description: Whether this request is finished or active. type: boolean - request: - description: CopyLogEntries RPC request. This field is deprecated and not used. - deprecated: true - $ref: '#/components/schemas/CopyLogEntriesRequest' - progress: - description: Estimated progress of the operation (0 - 100%). - type: integer - format: int32 - writerIdentity: - description: >- - The IAM identity of a service account that must be granted access to - the destination.If the service account is not granted permission to - the destination within an hour, the operation will be cancelled.For - example: "serviceAccount:foo@bar.com" + userAgent: type: string - source: - description: >- - Source from which to copy log entries.For example, a log - bucket:"projects/my-project/locations/global/buckets/my-source-bucket" + description: User agent that made the request. + versionId: + description: Version of the application that handled this request. type: string - destination: + spanId: + type: string + description: Stackdriver Trace span identifier for this request. + latency: + format: google-duration + description: Latency of the request. + type: string + traceId: + type: string + description: Stackdriver Trace identifier for this request. + first: description: >- - Destination to which to copy log entries.For example, a Cloud - Storage bucket:"storage.googleapis.com/my-cloud-storage-bucket" + Whether this is the first RequestLog entry for this request. If an + active request has several RequestLog entries written to Stackdriver + Logging, then this field will be set for one of them. + type: boolean + pendingTime: + format: google-duration type: string - verb: - description: Name of the verb executed by the operation.For example,"copy" + description: Time this request spent in the pending request queue. + taskName: + description: Task name of the request, in the case of an offline request. type: string - CopyLogEntriesResponse: - id: CopyLogEntriesResponse - description: Response type for CopyLogEntries long running operations. - type: object - properties: - logEntriesCopiedCount: - description: Number of log entries copied. + appEngineRelease: + description: App Engine release version. type: string - format: int64 - BucketMetadata: - id: BucketMetadata - description: Metadata for LongRunningUpdateBucket Operations. + endTime: + format: google-datetime + description: Time when the request finished. + type: string + line: + description: >- + A list of log lines emitted by the application while serving this + request. + items: + $ref: '#/components/schemas/LogLine' + type: array + Link: type: object properties: - startTime: - description: The create time of an operation. + description: + description: >- + Optional. Describes this link.The maximum length of the description + is 8000 characters. type: string - format: google-datetime - endTime: - description: The end time of an operation. + lifecycleState: + description: Output only. The resource lifecycle state. + enumDescriptions: + - >- + Unspecified state. This is only used/useful for distinguishing + unset values. + - The normal and active state. + - >- + The resource has been marked for deletion by the user. For some + resources (e.g. buckets), this can be reversed by an un-delete + operation. + - >- + The resource has been marked for an update by the user. It will + remain in this state until the update is complete. + - >- + The resource has been marked for creation by the user. It will + remain in this state until the creation is complete. + - The resource is in an INTERNAL error state. type: string + enum: + - LIFECYCLE_STATE_UNSPECIFIED + - ACTIVE + - DELETE_REQUESTED + - UPDATING + - CREATING + - FAILED + readOnly: true + createTime: format: google-datetime - state: - description: Output only. State of an operation. readOnly: true + description: Output only. The creation timestamp of the link. type: string - enumDescriptions: - - Should not be used. - - The operation is scheduled. - - Waiting for necessary permissions. - - The operation is running. - - The operation was completed successfully. - - The operation failed. - - The operation was cancelled by the user. - - The operation is waiting for quota. - enum: - - OPERATION_STATE_UNSPECIFIED - - OPERATION_STATE_SCHEDULED - - OPERATION_STATE_WAITING_FOR_PERMISSIONS - - OPERATION_STATE_RUNNING - - OPERATION_STATE_SUCCEEDED - - OPERATION_STATE_FAILED - - OPERATION_STATE_CANCELLED - - OPERATION_STATE_PENDING - createBucketRequest: - description: LongRunningCreateBucket RPC request. - $ref: '#/components/schemas/CreateBucketRequest' - updateBucketRequest: - description: LongRunningUpdateBucket RPC request. - $ref: '#/components/schemas/UpdateBucketRequest' - CreateBucketRequest: - id: CreateBucketRequest - description: The parameters to CreateBucket. + name: + readOnly: true + type: string + description: >- + Output only. The resource name of the link. The name can have up to + 100 characters. A valid link id (at the end of the link name) must + only have alphanumeric characters and underscores within it. + "projects/[PROJECT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]" + "organizations/[ORGANIZATION_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]" + "billingAccounts/[BILLING_ACCOUNT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]" + "folders/[FOLDER_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]" + For + example:`projects/my-project/locations/global/buckets/my-bucket/links/my_link + bigqueryDataset: + $ref: '#/components/schemas/BigQueryDataset' + description: >- + Optional. The information of a BigQuery Dataset. When a link is + created, a BigQuery dataset is created along with it, in the same + project as the LogBucket it's linked to. This dataset will also have + BigQuery Views corresponding to the LogViews in the bucket. + id: Link + description: Describes a link connected to an analytics enabled bucket. + Exponential: + description: >- + Specifies an exponential sequence of buckets that have a width that is + proportional to the value of the lower bound. Each bucket represents a + constant relative uncertainty on a specific value in the bucket.There + are num_finite_buckets + 2 (= N) buckets. Bucket i has the following + boundaries:Upper bound (0 <= i < N-1): scale * (growth_factor ^ i).Lower + bound (1 <= i < N): scale * (growth_factor ^ (i - 1)). + properties: + numFiniteBuckets: + format: int32 + description: Must be greater than 0. + type: integer + growthFactor: + format: double + type: number + description: Must be greater than 1. + scale: + type: number + description: Must be greater than 0. + format: double + id: Exponential type: object + ListSavedQueriesResponse: + description: The response from ListSavedQueries. + id: ListSavedQueriesResponse properties: - parent: - description: >- - Required. The resource in which to create the log bucket: - "projects/[PROJECT_ID]/locations/[LOCATION_ID]" For - example:"projects/my-project/locations/global" - type: string - bucketId: + savedQueries: + type: array + description: A list of saved queries. + items: + $ref: '#/components/schemas/SavedQuery' + unreachable: + type: array description: >- - Required. A client-assigned identifier such as "my-bucket". - Identifiers are limited to 100 characters and can include only - letters, digits, underscores, hyphens, and periods. Bucket - identifiers must start with an alphanumeric character. + The unreachable resources. It can be either 1) a saved query if a + specific query is unreachable or 2) a location if a specific + location is unreachabe. + "projects/[PROJECT_ID]/locations/[LOCATION_ID]/savedQueries/[QUERY_ID]" + "projects/[PROJECT_ID]/locations/[LOCATION_ID]" For example: + "projects/my-project/locations/global/savedQueries/12345678" + "projects/my-project/locations/global" If there are unreachable + resources, the response will first return pages that contain saved + queries, and then return pages that contain the unreachable + resources. + items: + type: string + nextPageToken: type: string - bucket: description: >- - Required. The new bucket. The region specified in the new bucket - must be compliant with any Location Restriction Org Policy. The name - field in the bucket is ignored. - $ref: '#/components/schemas/LogBucket' - UpdateBucketRequest: - id: UpdateBucketRequest - description: The parameters to UpdateBucket. + If there might be more results than appear in this response, then + nextPageToken is included. To get the next set of results, call the + same method again using the value of nextPageToken as pageToken. type: object + LogMetric: + id: LogMetric properties: + bucketOptions: + description: >- + Optional. The bucket_options are required when the logs-based metric + is using a DISTRIBUTION value type and it describes the bucket + boundaries used to create a histogram of the extracted values. + $ref: '#/components/schemas/BucketOptions' + disabled: + type: boolean + description: >- + Optional. If set to True, then this metric is disabled and it does + not generate any points. name: + type: string description: >- - Required. The full resource name of the bucket to update. - "projects/[PROJECT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]" - "organizations/[ORGANIZATION_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]" - "billingAccounts/[BILLING_ACCOUNT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]" - "folders/[FOLDER_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]" - For example:"projects/my-project/locations/global/buckets/my-bucket" + Required. The client-assigned metric identifier. Examples: + "error_count", "nginx/requests".Metric identifiers are limited to + 100 characters and can include only the following characters: A-Z, + a-z, 0-9, and the special characters _-.,+!*',()%/. The + forward-slash character (/) denotes a hierarchy of name pieces, and + it cannot be the first character of the name.This field is the + [METRIC_ID] part of a metric resource name in the format + "projects/PROJECT_ID/metrics/METRIC_ID". Example: If the resource + name of a metric is "projects/my-project/metrics/nginx%2Frequests", + this field's value is "nginx/requests". + version: + enum: + - V2 + - V1 + deprecated: true + description: >- + Deprecated. The API version that created or updated this metric. The + v2 format is used by default and cannot be changed. + enumDescriptions: + - Logging API v2. + - Logging API v1. type: string - bucket: - description: Required. The updated bucket. - $ref: '#/components/schemas/LogBucket' - updateMask: + bucketName: description: >- - Required. Field mask that specifies the fields in bucket that need - an update. A bucket field will be overwritten if, and only if, it is - in the update mask. name and output only fields cannot be - updated.For a detailed FieldMask definition, see: - https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#google.protobuf.FieldMaskFor - example: updateMask=retention_days + Optional. The resource name of the Log Bucket that owns the Log + Metric. Only Log Buckets in projects are supported. The bucket has + to be in the same project as the metric.For + example:projects/my-project/locations/global/buckets/my-bucketIf + empty, then the Log Metric is considered a non-Bucket Log Metric. type: string - format: google-fieldmask - LinkMetadata: - id: LinkMetadata - description: Metadata for long running Link operations. - type: object - properties: - startTime: - description: The start time of an operation. + valueExtractor: type: string - format: google-datetime - endTime: - description: The end time of an operation. + description: >- + Optional. A value_extractor is required when using a distribution + logs-based metric to extract the values to record from a log entry. + Two functions are supported for value extraction: EXTRACT(field) or + REGEXP_EXTRACT(field, regex). The arguments are: field: The name of + the log entry field from which the value is to be extracted. regex: + A regular expression using the Google RE2 syntax + (https://github.com/google/re2/wiki/Syntax) with a single capture + group to extract data from the specified log entry field. The value + of the field is converted to a string before applying the regex. It + is an error to specify a regex that does not include exactly one + capture group.The result of the extraction must be convertible to a + double type, as the distribution always records double values. If + either the extraction or the conversion to double fails, then those + values are not recorded in the distribution.Example: + REGEXP_EXTRACT(jsonPayload.request, ".*quantity=(\d+).*") + labelExtractors: + description: >- + Optional. A map from a label key string to an extractor expression + which is used to extract data from a log entry field and assign as + the label value. Each label key specified in the LabelDescriptor + must have an associated extractor expression in this map. The syntax + of the extractor expression is the same as for the value_extractor + field.The extracted value is converted to the type defined in the + label descriptor. If either the extraction or the type conversion + fails, the label will have a default value. The default value for a + string label is an empty string, for an integer label its 0, and for + a boolean label its false.Note that there are upper bounds on the + maximum number of labels and the number of active time series that + are allowed in a project. + type: object + additionalProperties: + type: string + updateTime: type: string format: google-datetime - state: - description: Output only. State of an operation. readOnly: true + description: >- + Output only. The last update timestamp of the metric.This field may + not be present for older metrics. + filter: + description: >- + Required. An advanced logs filter + (https://cloud.google.com/logging/docs/view/advanced_filters) which + is used to match log entries. Example: "resource.type=gae_app AND + severity>=ERROR" The maximum length of the filter is 20000 + characters. + type: string + description: type: string - enumDescriptions: - - Should not be used. - - The operation is scheduled. - - Waiting for necessary permissions. - - The operation is running. - - The operation was completed successfully. - - The operation failed. - - The operation was cancelled by the user. - - The operation is waiting for quota. - enum: - - OPERATION_STATE_UNSPECIFIED - - OPERATION_STATE_SCHEDULED - - OPERATION_STATE_WAITING_FOR_PERMISSIONS - - OPERATION_STATE_RUNNING - - OPERATION_STATE_SUCCEEDED - - OPERATION_STATE_FAILED - - OPERATION_STATE_CANCELLED - - OPERATION_STATE_PENDING - createLinkRequest: - description: CreateLink RPC request. - $ref: '#/components/schemas/CreateLinkRequest' - deleteLinkRequest: - description: DeleteLink RPC request. - $ref: '#/components/schemas/DeleteLinkRequest' - CreateLinkRequest: - id: CreateLinkRequest - description: The parameters to CreateLink. - type: object - properties: - parent: description: >- - Required. The full resource name of the bucket to create a link for. - "projects/[PROJECT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]" + Optional. A description of this metric, which is used in + documentation. The maximum length of the description is 8000 + characters. + resourceName: type: string - link: - description: Required. The new link. - $ref: '#/components/schemas/Link' - linkId: + readOnly: true description: >- - Required. The ID to use for the link. The link_id can have up to 100 - characters. A valid link_id must only have alphanumeric characters - and underscores within it. + Output only. The resource name of the metric: + "projects/[PROJECT_ID]/metrics/[METRIC_ID]" + metricDescriptor: + description: >- + Optional. The metric descriptor associated with the logs-based + metric. If unspecified, it uses a default metric descriptor with a + DELTA metric kind, INT64 value type, with no labels and a unit of + "1". Such a metric counts the number of log entries matching the + filter expression.The name, type, and description fields in the + metric_descriptor are output only, and is constructed using the name + and description field in the LogMetric.To create a logs-based metric + that records a distribution of log values, a DELTA metric kind with + a DISTRIBUTION value type must be used along with a value_extractor + expression in the LogMetric.Each label in the metric descriptor must + have a matching label name as the key and an extractor expression as + the value in the label_extractors map.The metric_kind and value_type + fields in the metric_descriptor cannot be updated once initially + configured. New labels can be added in the metric_descriptor, but + existing labels cannot be modified except for their description. + $ref: '#/components/schemas/MetricDescriptor' + createTime: + readOnly: true + format: google-datetime type: string - DeleteLinkRequest: - id: DeleteLinkRequest - description: The parameters to DeleteLink. + description: >- + Output only. The creation timestamp of the metric.This field may not + be present for older metrics. type: object + description: >- + Describes a logs-based metric. The value of the metric is the number of + log entries that match a logs filter in a given time interval.Logs-based + metrics can also be used to extract values from logs and create a + distribution of the values. The distribution records the statistics of + the extracted values along with an optional histogram of the values as + specified by the bucket options. + AppHubWorkload: properties: - name: - description: >- - Required. The full resource name of the link to delete. - "projects/[PROJECT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]" - "organizations/[ORGANIZATION_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]" - "billingAccounts/[BILLING_ACCOUNT_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]" - "folders/[FOLDER_ID]/locations/[LOCATION_ID]/buckets/[BUCKET_ID]/links/[LINK_ID]" + criticalityType: type: string - LocationMetadata: - id: LocationMetadata - description: Cloud Logging specific location metadata. + description: 'Workload criticality type Example: "CRITICAL"' + environmentType: + description: 'Workload environment type Example: "DEV"' + type: string + id: + type: string + description: 'Workload Id. Example: "my-workload"' + id: AppHubWorkload type: object + description: Metadata associated with an App Hub workload. + LogEntryOperation: properties: - logAnalyticsEnabled: + id: + type: string + description: >- + Optional. An arbitrary operation identifier. Log entries with the + same identifier are assumed to be part of the same operation. + last: + type: boolean description: >- - Indicates whether or not Log Analytics features are supported in the - given location. + Optional. Set this to True if this is the last log entry in the + operation. + producer: + description: >- + Optional. An arbitrary producer identifier. The combination of id + and producer must be globally unique. Examples for producer: + "MyDivision.MyBigCompany.com", "github.com/MyProject/MyApplication". + type: string + first: type: boolean + description: >- + Optional. Set this to True if this is the first log entry in the + operation. + type: object + description: >- + Additional information about a potentially long-running operation with + which a log entry is associated. + id: LogEntryOperation parameters: - access_token: - description: OAuth access token. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: access_token + name: quotaUser schema: type: string alt: @@ -3510,25 +3524,16 @@ components: - json - media - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: key + name: upload_protocol schema: type: string oauth_token: @@ -3537,33 +3542,18 @@ components: name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query name: uploadType schema: type: string + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string _.xgafv: description: V1 error format. in: query @@ -3573,2269 +3563,2167 @@ components: enum: - '1' - '2' - x-stackQL-resources: - locations: - id: google.logging.locations - name: locations - title: Locations - methods: - locations_list: - operation: - $ref: '#/paths/~1v2~1{name}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations - projects_locations_list: - operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations - projects_locations_get: - operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_locations_list: - operation: - $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations - organizations_locations_get: - operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - folders_locations_list: - operation: - $ref: '#/paths/~1v2~1folders~1{foldersId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations - folders_locations_get: - operation: - $ref: '#/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - billing_accounts_locations_list: - operation: - $ref: '#/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations - billing_accounts_locations_get: - operation: - $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/locations/methods/projects_locations_get - - $ref: >- - #/components/x-stackQL-resources/locations/methods/organizations_locations_get - - $ref: >- - #/components/x-stackQL-resources/locations/methods/folders_locations_get - - $ref: >- - #/components/x-stackQL-resources/locations/methods/billing_accounts_locations_get - - $ref: '#/components/x-stackQL-resources/locations/methods/locations_list' - - $ref: >- - #/components/x-stackQL-resources/locations/methods/projects_locations_list - - $ref: >- - #/components/x-stackQL-resources/locations/methods/organizations_locations_list - - $ref: >- - #/components/x-stackQL-resources/locations/methods/folders_locations_list - - $ref: >- - #/components/x-stackQL-resources/locations/methods/billing_accounts_locations_list - insert: [] - update: [] - replace: [] - delete: [] - exclusions: - id: google.logging.exclusions - name: exclusions - title: Exclusions - methods: - exclusions_get: - operation: - $ref: '#/paths/~1v2~1{name}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - exclusions_patch: - operation: - $ref: '#/paths/~1v2~1{name}/patch' - response: - mediaType: application/json - openAPIDocKey: '200' - exclusions_delete: - operation: - $ref: '#/paths/~1v2~1{name}/delete' - response: - mediaType: application/json - openAPIDocKey: '200' - exclusions_list: - operation: - $ref: '#/paths/~1v2~1{parentType}~1{parent}~1exclusions/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.exclusions - exclusions_create: - operation: - $ref: '#/paths/~1v2~1{parentType}~1{parent}~1exclusions/post' - response: - mediaType: application/json - openAPIDocKey: '200' - projects_exclusions_list: - operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1exclusions/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.exclusions - projects_exclusions_create: - operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1exclusions/post' - response: - mediaType: application/json - openAPIDocKey: '200' - projects_exclusions_get: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1exclusions~1{exclusionsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_exclusions_patch: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1exclusions~1{exclusionsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - projects_exclusions_delete: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1exclusions~1{exclusionsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_exclusions_list: + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string + callback: + description: JSONP + in: query + name: callback + schema: + type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + x-stackQL-resources: + monitored_resource_descriptors: + id: google.logging.monitored_resource_descriptors + name: monitored_resource_descriptors + title: Monitored_resource_descriptors + methods: + monitored_resource_descriptors_list: operation: - $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1exclusions/get' + $ref: '#/paths/~1v2~1monitoredResourceDescriptors/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.exclusions - organizations_exclusions_create: + objectKey: $.resourceDescriptors + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/monitored_resource_descriptors/methods/monitored_resource_descriptors_list + insert: [] + update: [] + replace: [] + delete: [] + logs: + id: google.logging.logs + name: logs + title: Logs + methods: + organizations_logs_delete: operation: - $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1exclusions/post' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1logs~1{logsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_exclusions_get: + organizations_logs_list: operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1exclusions~1{exclusionsId}/get + $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1logs/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_exclusions_patch: + objectKey: $.logNames + organizations_locations_buckets_views_logs_list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1exclusions~1{exclusionsId}/patch + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}~1logs/get response: mediaType: application/json openAPIDocKey: '200' - organizations_exclusions_delete: + objectKey: $.logNames + logs_delete: operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1exclusions~1{exclusionsId}/delete + $ref: '#/paths/~1v2~1{logName}/delete' response: mediaType: application/json openAPIDocKey: '200' - folders_exclusions_list: + logs_list: operation: - $ref: '#/paths/~1v2~1folders~1{foldersId}~1exclusions/get' + $ref: '#/paths/~1v2~1{parentType}~1{parent}~1logs/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.exclusions - folders_exclusions_create: + objectKey: $.logNames + billing_accounts_locations_buckets_views_logs_list: operation: - $ref: '#/paths/~1v2~1folders~1{foldersId}~1exclusions/post' + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}~1logs/get response: mediaType: application/json openAPIDocKey: '200' - folders_exclusions_get: + objectKey: $.logNames + billing_accounts_logs_delete: operation: - $ref: '#/paths/~1v2~1folders~1{foldersId}~1exclusions~1{exclusionsId}/get' + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1logs~1{logsId}/delete response: mediaType: application/json openAPIDocKey: '200' - folders_exclusions_patch: + billing_accounts_logs_list: operation: - $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1exclusions~1{exclusionsId}/patch + $ref: '#/paths/~1v2~1billingAccounts~1{billingAccountsId}~1logs/get' response: mediaType: application/json openAPIDocKey: '200' - folders_exclusions_delete: + objectKey: $.logNames + projects_locations_buckets_views_logs_list: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1exclusions~1{exclusionsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}~1logs/get response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_exclusions_list: + objectKey: $.logNames + projects_logs_list: operation: - $ref: '#/paths/~1v2~1billingAccounts~1{billingAccountsId}~1exclusions/get' + $ref: '#/paths/~1v2~1projects~1{projectsId}~1logs/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.exclusions - billing_accounts_exclusions_create: + objectKey: $.logNames + projects_logs_delete: operation: - $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1exclusions/post + $ref: '#/paths/~1v2~1projects~1{projectsId}~1logs~1{logsId}/delete' response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_exclusions_get: + folders_logs_delete: operation: - $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1exclusions~1{exclusionsId}/get + $ref: '#/paths/~1v2~1folders~1{foldersId}~1logs~1{logsId}/delete' response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_exclusions_patch: + folders_logs_list: operation: - $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1exclusions~1{exclusionsId}/patch + $ref: '#/paths/~1v2~1folders~1{foldersId}~1logs/get' response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_exclusions_delete: + objectKey: $.logNames + folders_locations_buckets_views_logs_list: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1exclusions~1{exclusionsId}/delete + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}~1logs/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.logNames sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/exclusions_list - - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/projects_exclusions_get - - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/organizations_exclusions_get - - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/folders_exclusions_get - - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/billing_accounts_exclusions_get - - $ref: '#/components/x-stackQL-resources/exclusions/methods/exclusions_get' - - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/projects_exclusions_list - - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/organizations_exclusions_list - - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/folders_exclusions_list - - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/billing_accounts_exclusions_list - insert: - - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/exclusions_create - - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/projects_exclusions_create - - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/organizations_exclusions_create - - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/folders_exclusions_create - - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/billing_accounts_exclusions_create - update: + #/components/x-stackQL-resources/logs/methods/organizations_locations_buckets_views_logs_list - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/projects_exclusions_patch + #/components/x-stackQL-resources/logs/methods/billing_accounts_locations_buckets_views_logs_list - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/organizations_exclusions_patch + #/components/x-stackQL-resources/logs/methods/projects_locations_buckets_views_logs_list - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/folders_exclusions_patch + #/components/x-stackQL-resources/logs/methods/folders_locations_buckets_views_logs_list + - $ref: '#/components/x-stackQL-resources/logs/methods/logs_list' - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/billing_accounts_exclusions_patch + #/components/x-stackQL-resources/logs/methods/organizations_logs_list - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/exclusions_patch + #/components/x-stackQL-resources/logs/methods/billing_accounts_logs_list + - $ref: '#/components/x-stackQL-resources/logs/methods/projects_logs_list' + - $ref: '#/components/x-stackQL-resources/logs/methods/folders_logs_list' + insert: [] + update: [] replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/projects_exclusions_delete - - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/organizations_exclusions_delete - - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/folders_exclusions_delete - - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/billing_accounts_exclusions_delete + #/components/x-stackQL-resources/logs/methods/organizations_logs_delete - $ref: >- - #/components/x-stackQL-resources/exclusions/methods/exclusions_delete - buckets: - id: google.logging.buckets - name: buckets - title: Buckets + #/components/x-stackQL-resources/logs/methods/billing_accounts_logs_delete + - $ref: '#/components/x-stackQL-resources/logs/methods/projects_logs_delete' + - $ref: '#/components/x-stackQL-resources/logs/methods/folders_logs_delete' + - $ref: '#/components/x-stackQL-resources/logs/methods/logs_delete' + recent_queries: + id: google.logging.recent_queries + name: recent_queries + title: Recent_queries methods: - locations_buckets_undelete: - operation: - $ref: '#/paths/~1v2~1{name}/post' - response: - mediaType: application/json - openAPIDocKey: '200' - locations_buckets_list: + organizations_locations_recent_queries_list: operation: - $ref: '#/paths/~1v2~1{parentType}~1{parent}~1buckets/get' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1recentQueries/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.buckets - locations_buckets_create: + objectKey: $.unreachable + billing_accounts_locations_recent_queries_list: operation: - $ref: '#/paths/~1v2~1{parentType}~1{parent}~1buckets/post' + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1recentQueries/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_buckets_list: + objectKey: $.unreachable + projects_locations_recent_queries_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1recentQueries/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.buckets - projects_locations_buckets_create: + objectKey: $.unreachable + folders_locations_recent_queries_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets/post + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1recentQueries/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_buckets_get: + objectKey: $.unreachable + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/recent_queries/methods/organizations_locations_recent_queries_list + - $ref: >- + #/components/x-stackQL-resources/recent_queries/methods/billing_accounts_locations_recent_queries_list + - $ref: >- + #/components/x-stackQL-resources/recent_queries/methods/projects_locations_recent_queries_list + - $ref: >- + #/components/x-stackQL-resources/recent_queries/methods/folders_locations_recent_queries_list + insert: [] + update: [] + replace: [] + delete: [] + views: + id: google.logging.views + name: views + title: Views + methods: + organizations_locations_buckets_views_patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_buckets_patch: + organizations_locations_buckets_views_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/patch + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_buckets_delete: + organizations_locations_buckets_views_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/delete + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_buckets_undelete: + organizations_locations_buckets_views_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}:undelete/post + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_buckets_list: + objectKey: $.views + organizations_locations_buckets_views_create: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.buckets - organizations_locations_buckets_create: + billing_accounts_locations_buckets_views_patch: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets/post + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_buckets_get: + billing_accounts_locations_buckets_views_delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/get + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_buckets_patch: + billing_accounts_locations_buckets_views_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/patch + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_buckets_delete: + billing_accounts_locations_buckets_views_create: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/delete + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_buckets_undelete: + billing_accounts_locations_buckets_views_list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}:undelete/post + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views/get response: mediaType: application/json openAPIDocKey: '200' - folders_locations_buckets_list: + objectKey: $.views + projects_locations_buckets_views_patch: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.buckets - folders_locations_buckets_create: + projects_locations_buckets_views_delete: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/delete response: mediaType: application/json openAPIDocKey: '200' - folders_locations_buckets_get: + projects_locations_buckets_views_get: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/get response: mediaType: application/json openAPIDocKey: '200' - folders_locations_buckets_patch: + projects_locations_buckets_views_list: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views/get response: mediaType: application/json openAPIDocKey: '200' - folders_locations_buckets_delete: + objectKey: $.views + projects_locations_buckets_views_create: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views/post response: mediaType: application/json openAPIDocKey: '200' - folders_locations_buckets_undelete: + folders_locations_buckets_views_create: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}:undelete/post + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views/post response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_buckets_list: + folders_locations_buckets_views_list: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets/get + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.buckets - billing_accounts_locations_buckets_create: + objectKey: $.views + folders_locations_buckets_views_get: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets/post + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/get response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_buckets_get: + folders_locations_buckets_views_delete: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/get + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/delete response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_buckets_patch: + folders_locations_buckets_views_patch: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/patch + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/patch response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_buckets_delete: + locations_buckets_views_list: operation: - $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/delete + $ref: '#/paths/~1v2~1{parentType}~1{parent}~1views/get' response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_buckets_undelete: + objectKey: $.views + locations_buckets_views_create: operation: - $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}:undelete/post + $ref: '#/paths/~1v2~1{parentType}~1{parent}~1views/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/buckets/methods/projects_locations_buckets_get + #/components/x-stackQL-resources/views/methods/organizations_locations_buckets_views_get - $ref: >- - #/components/x-stackQL-resources/buckets/methods/organizations_locations_buckets_get + #/components/x-stackQL-resources/views/methods/billing_accounts_locations_buckets_views_get - $ref: >- - #/components/x-stackQL-resources/buckets/methods/folders_locations_buckets_get + #/components/x-stackQL-resources/views/methods/projects_locations_buckets_views_get - $ref: >- - #/components/x-stackQL-resources/buckets/methods/billing_accounts_locations_buckets_get + #/components/x-stackQL-resources/views/methods/folders_locations_buckets_views_get - $ref: >- - #/components/x-stackQL-resources/buckets/methods/locations_buckets_list + #/components/x-stackQL-resources/views/methods/organizations_locations_buckets_views_list - $ref: >- - #/components/x-stackQL-resources/buckets/methods/projects_locations_buckets_list + #/components/x-stackQL-resources/views/methods/billing_accounts_locations_buckets_views_list - $ref: >- - #/components/x-stackQL-resources/buckets/methods/organizations_locations_buckets_list + #/components/x-stackQL-resources/views/methods/projects_locations_buckets_views_list - $ref: >- - #/components/x-stackQL-resources/buckets/methods/folders_locations_buckets_list + #/components/x-stackQL-resources/views/methods/folders_locations_buckets_views_list - $ref: >- - #/components/x-stackQL-resources/buckets/methods/billing_accounts_locations_buckets_list + #/components/x-stackQL-resources/views/methods/locations_buckets_views_list insert: - $ref: >- - #/components/x-stackQL-resources/buckets/methods/locations_buckets_create + #/components/x-stackQL-resources/views/methods/organizations_locations_buckets_views_create - $ref: >- - #/components/x-stackQL-resources/buckets/methods/projects_locations_buckets_create + #/components/x-stackQL-resources/views/methods/billing_accounts_locations_buckets_views_create - $ref: >- - #/components/x-stackQL-resources/buckets/methods/organizations_locations_buckets_create + #/components/x-stackQL-resources/views/methods/projects_locations_buckets_views_create - $ref: >- - #/components/x-stackQL-resources/buckets/methods/folders_locations_buckets_create + #/components/x-stackQL-resources/views/methods/folders_locations_buckets_views_create - $ref: >- - #/components/x-stackQL-resources/buckets/methods/billing_accounts_locations_buckets_create + #/components/x-stackQL-resources/views/methods/locations_buckets_views_create update: - $ref: >- - #/components/x-stackQL-resources/buckets/methods/projects_locations_buckets_patch + #/components/x-stackQL-resources/views/methods/organizations_locations_buckets_views_patch - $ref: >- - #/components/x-stackQL-resources/buckets/methods/organizations_locations_buckets_patch + #/components/x-stackQL-resources/views/methods/billing_accounts_locations_buckets_views_patch - $ref: >- - #/components/x-stackQL-resources/buckets/methods/folders_locations_buckets_patch + #/components/x-stackQL-resources/views/methods/projects_locations_buckets_views_patch - $ref: >- - #/components/x-stackQL-resources/buckets/methods/billing_accounts_locations_buckets_patch + #/components/x-stackQL-resources/views/methods/folders_locations_buckets_views_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/buckets/methods/projects_locations_buckets_delete + #/components/x-stackQL-resources/views/methods/organizations_locations_buckets_views_delete - $ref: >- - #/components/x-stackQL-resources/buckets/methods/organizations_locations_buckets_delete + #/components/x-stackQL-resources/views/methods/billing_accounts_locations_buckets_views_delete - $ref: >- - #/components/x-stackQL-resources/buckets/methods/folders_locations_buckets_delete + #/components/x-stackQL-resources/views/methods/projects_locations_buckets_views_delete - $ref: >- - #/components/x-stackQL-resources/buckets/methods/billing_accounts_locations_buckets_delete - operations: - id: google.logging.operations - name: operations - title: Operations + #/components/x-stackQL-resources/views/methods/folders_locations_buckets_views_delete + views_iam_policies: + id: google.logging.views_iam_policies + name: views_iam_policies + title: Views_iam_policies methods: - locations_operations_list: - operation: - $ref: '#/paths/~1v2~1{name}~1operations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_operations_list: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_operations_get: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_operations_cancel: + organizations_locations_buckets_views_get_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_operations_list: + objectKey: $.bindings + organizations_locations_buckets_views_test_iam_permissions: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - organizations_locations_operations_get: + organizations_locations_buckets_views_set_iam_policy: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_operations_cancel: + projects_locations_buckets_views_get_iam_policy: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - folders_locations_operations_list: + objectKey: $.bindings + projects_locations_buckets_views_set_iam_policy: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1operations/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - folders_locations_operations_get: + projects_locations_buckets_views_test_iam_permissions: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - folders_locations_operations_cancel: + folders_locations_buckets_views_get_iam_policy: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_operations_list: + objectKey: $.bindings + folders_locations_buckets_views_set_iam_policy: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - billing_accounts_locations_operations_get: + folders_locations_buckets_views_test_iam_permissions: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_operations_cancel: + locations_buckets_views_set_iam_policy: operation: - $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + $ref: '#/paths/~1v2~1{resource}/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get - - $ref: >- - #/components/x-stackQL-resources/operations/methods/organizations_locations_operations_get - - $ref: >- - #/components/x-stackQL-resources/operations/methods/folders_locations_operations_get + #/components/x-stackQL-resources/views_iam_policies/methods/organizations_locations_buckets_views_get_iam_policy - $ref: >- - #/components/x-stackQL-resources/operations/methods/billing_accounts_locations_operations_get + #/components/x-stackQL-resources/views_iam_policies/methods/projects_locations_buckets_views_get_iam_policy - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_list + #/components/x-stackQL-resources/views_iam_policies/methods/folders_locations_buckets_views_get_iam_policy + insert: [] + update: [] + replace: - $ref: >- - #/components/x-stackQL-resources/operations/methods/organizations_locations_operations_list + #/components/x-stackQL-resources/views_iam_policies/methods/organizations_locations_buckets_views_set_iam_policy - $ref: >- - #/components/x-stackQL-resources/operations/methods/folders_locations_operations_list + #/components/x-stackQL-resources/views_iam_policies/methods/projects_locations_buckets_views_set_iam_policy - $ref: >- - #/components/x-stackQL-resources/operations/methods/billing_accounts_locations_operations_list + #/components/x-stackQL-resources/views_iam_policies/methods/folders_locations_buckets_views_set_iam_policy - $ref: >- - #/components/x-stackQL-resources/operations/methods/locations_operations_list - insert: [] - update: [] - replace: [] + #/components/x-stackQL-resources/views_iam_policies/methods/locations_buckets_views_set_iam_policy delete: [] - views_iam_policies: - id: google.logging.views_iam_policies - name: views_iam_policies - title: Views_iam_policies + links: + id: google.logging.links + name: links + title: Links methods: - locations_buckets_views_test_iam_permissions: - operation: - $ref: '#/paths/~1v2~1{resource}/post' - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_buckets_views_set_iam_policy: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_buckets_views_get_iam_policy: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:getIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_buckets_views_test_iam_permissions: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_locations_buckets_views_set_iam_policy: - operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_locations_buckets_views_get_iam_policy: - operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:getIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - organizations_locations_buckets_views_test_iam_permissions: + organizations_locations_buckets_links_delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:testIamPermissions/post + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links~1{linksId}/delete response: mediaType: application/json openAPIDocKey: '200' - folders_locations_buckets_views_set_iam_policy: + organizations_locations_buckets_links_get: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:setIamPolicy/post + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links~1{linksId}/get response: mediaType: application/json openAPIDocKey: '200' - folders_locations_buckets_views_get_iam_policy: + organizations_locations_buckets_links_list: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:getIamPolicy/post + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - folders_locations_buckets_views_test_iam_permissions: + objectKey: $.links + organizations_locations_buckets_links_create: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}:testIamPermissions/post + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/views_iam_policies/methods/projects_locations_buckets_views_get_iam_policy - - $ref: >- - #/components/x-stackQL-resources/views_iam_policies/methods/organizations_locations_buckets_views_get_iam_policy - - $ref: >- - #/components/x-stackQL-resources/views_iam_policies/methods/folders_locations_buckets_views_get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/views_iam_policies/methods/projects_locations_buckets_views_set_iam_policy - - $ref: >- - #/components/x-stackQL-resources/views_iam_policies/methods/organizations_locations_buckets_views_set_iam_policy - - $ref: >- - #/components/x-stackQL-resources/views_iam_policies/methods/folders_locations_buckets_views_set_iam_policy - delete: [] - views: - id: google.logging.views - name: views - title: Views - methods: - locations_buckets_views_list: + billing_accounts_locations_buckets_links_get: operation: - $ref: '#/paths/~1v2~1{parentType}~1{parent}~1views/get' + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links~1{linksId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.views - locations_buckets_views_create: + billing_accounts_locations_buckets_links_delete: operation: - $ref: '#/paths/~1v2~1{parentType}~1{parent}~1views/post' + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links~1{linksId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_buckets_views_list: + billing_accounts_locations_buckets_links_create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views/get + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.views - projects_locations_buckets_views_create: + billing_accounts_locations_buckets_links_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views/post + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_buckets_views_get: + objectKey: $.links + projects_locations_buckets_links_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links~1{linksId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_buckets_views_patch: + projects_locations_buckets_links_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links~1{linksId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_buckets_views_delete: + projects_locations_buckets_links_create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_buckets_views_list: + projects_locations_buckets_links_list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.views - organizations_locations_buckets_views_create: + objectKey: $.links + folders_locations_buckets_links_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views/post + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links~1{linksId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_buckets_views_get: + folders_locations_buckets_links_delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/get + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links~1{linksId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_buckets_views_patch: + folders_locations_buckets_links_create: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/patch + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_buckets_views_delete: + folders_locations_buckets_links_list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/delete + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links/get response: mediaType: application/json openAPIDocKey: '200' - folders_locations_buckets_views_list: + objectKey: $.links + locations_buckets_links_create: operation: - $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views/get + $ref: '#/paths/~1v2~1{parentType}~1{parent}~1links/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.views - folders_locations_buckets_views_create: + locations_buckets_links_list: operation: - $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views/post + $ref: '#/paths/~1v2~1{parentType}~1{parent}~1links/get' response: mediaType: application/json openAPIDocKey: '200' - folders_locations_buckets_views_get: + objectKey: $.links + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/links/methods/organizations_locations_buckets_links_get + - $ref: >- + #/components/x-stackQL-resources/links/methods/billing_accounts_locations_buckets_links_get + - $ref: >- + #/components/x-stackQL-resources/links/methods/projects_locations_buckets_links_get + - $ref: >- + #/components/x-stackQL-resources/links/methods/folders_locations_buckets_links_get + - $ref: >- + #/components/x-stackQL-resources/links/methods/organizations_locations_buckets_links_list + - $ref: >- + #/components/x-stackQL-resources/links/methods/billing_accounts_locations_buckets_links_list + - $ref: >- + #/components/x-stackQL-resources/links/methods/projects_locations_buckets_links_list + - $ref: >- + #/components/x-stackQL-resources/links/methods/folders_locations_buckets_links_list + - $ref: >- + #/components/x-stackQL-resources/links/methods/locations_buckets_links_list + insert: + - $ref: >- + #/components/x-stackQL-resources/links/methods/organizations_locations_buckets_links_create + - $ref: >- + #/components/x-stackQL-resources/links/methods/billing_accounts_locations_buckets_links_create + - $ref: >- + #/components/x-stackQL-resources/links/methods/projects_locations_buckets_links_create + - $ref: >- + #/components/x-stackQL-resources/links/methods/folders_locations_buckets_links_create + - $ref: >- + #/components/x-stackQL-resources/links/methods/locations_buckets_links_create + update: [] + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/links/methods/organizations_locations_buckets_links_delete + - $ref: >- + #/components/x-stackQL-resources/links/methods/billing_accounts_locations_buckets_links_delete + - $ref: >- + #/components/x-stackQL-resources/links/methods/projects_locations_buckets_links_delete + - $ref: >- + #/components/x-stackQL-resources/links/methods/folders_locations_buckets_links_delete + buckets_async: + id: google.logging.buckets_async + name: buckets_async + title: Buckets_async + methods: + organizations_locations_buckets_create_async: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets:createAsync/post response: mediaType: application/json openAPIDocKey: '200' - folders_locations_buckets_views_patch: + organizations_locations_buckets_update_async: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/patch + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}:updateAsync/post response: mediaType: application/json openAPIDocKey: '200' - folders_locations_buckets_views_delete: + billing_accounts_locations_buckets_update_async: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/delete + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}:updateAsync/post response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_buckets_views_list: + billing_accounts_locations_buckets_create_async: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views/get + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets:createAsync/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.views - billing_accounts_locations_buckets_views_create: + projects_locations_buckets_update_async: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}:updateAsync/post response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_buckets_views_get: + projects_locations_buckets_create_async: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets:createAsync/post response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_buckets_views_patch: + folders_locations_buckets_create_async: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/patch + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets:createAsync/post response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_buckets_views_delete: + folders_locations_buckets_update_async: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}/delete + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}:updateAsync/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/views/methods/projects_locations_buckets_views_get - - $ref: >- - #/components/x-stackQL-resources/views/methods/organizations_locations_buckets_views_get - - $ref: >- - #/components/x-stackQL-resources/views/methods/folders_locations_buckets_views_get - - $ref: >- - #/components/x-stackQL-resources/views/methods/billing_accounts_locations_buckets_views_get - - $ref: >- - #/components/x-stackQL-resources/views/methods/projects_locations_buckets_views_list - - $ref: >- - #/components/x-stackQL-resources/views/methods/organizations_locations_buckets_views_list - - $ref: >- - #/components/x-stackQL-resources/views/methods/folders_locations_buckets_views_list - - $ref: >- - #/components/x-stackQL-resources/views/methods/billing_accounts_locations_buckets_views_list - - $ref: >- - #/components/x-stackQL-resources/views/methods/locations_buckets_views_list + select: [] insert: - $ref: >- - #/components/x-stackQL-resources/views/methods/projects_locations_buckets_views_create - - $ref: >- - #/components/x-stackQL-resources/views/methods/organizations_locations_buckets_views_create + #/components/x-stackQL-resources/buckets_async/methods/organizations_locations_buckets_create_async - $ref: >- - #/components/x-stackQL-resources/views/methods/folders_locations_buckets_views_create + #/components/x-stackQL-resources/buckets_async/methods/billing_accounts_locations_buckets_create_async - $ref: >- - #/components/x-stackQL-resources/views/methods/billing_accounts_locations_buckets_views_create + #/components/x-stackQL-resources/buckets_async/methods/projects_locations_buckets_create_async - $ref: >- - #/components/x-stackQL-resources/views/methods/locations_buckets_views_create + #/components/x-stackQL-resources/buckets_async/methods/folders_locations_buckets_create_async update: - $ref: >- - #/components/x-stackQL-resources/views/methods/projects_locations_buckets_views_patch + #/components/x-stackQL-resources/buckets_async/methods/organizations_locations_buckets_update_async - $ref: >- - #/components/x-stackQL-resources/views/methods/organizations_locations_buckets_views_patch + #/components/x-stackQL-resources/buckets_async/methods/billing_accounts_locations_buckets_update_async - $ref: >- - #/components/x-stackQL-resources/views/methods/folders_locations_buckets_views_patch + #/components/x-stackQL-resources/buckets_async/methods/projects_locations_buckets_update_async - $ref: >- - #/components/x-stackQL-resources/views/methods/billing_accounts_locations_buckets_views_patch + #/components/x-stackQL-resources/buckets_async/methods/folders_locations_buckets_update_async replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/views/methods/projects_locations_buckets_views_delete - - $ref: >- - #/components/x-stackQL-resources/views/methods/organizations_locations_buckets_views_delete - - $ref: >- - #/components/x-stackQL-resources/views/methods/folders_locations_buckets_views_delete - - $ref: >- - #/components/x-stackQL-resources/views/methods/billing_accounts_locations_buckets_views_delete - links: - id: google.logging.links - name: links - title: Links + delete: [] + buckets: + id: google.logging.buckets + name: buckets + title: Buckets methods: - locations_buckets_links_list: + organizations_locations_buckets_delete: + operation: + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_locations_buckets_get: + operation: + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_locations_buckets_patch: + operation: + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_locations_buckets_create: operation: - $ref: '#/paths/~1v2~1{parentType}~1{parent}~1links/get' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.links - locations_buckets_links_create: + organizations_locations_buckets_list: operation: - $ref: '#/paths/~1v2~1{parentType}~1{parent}~1links/post' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_buckets_links_list: + objectKey: $.buckets + organizations_locations_buckets_undelete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}:undelete/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.links - projects_locations_buckets_links_create: + billing_accounts_locations_buckets_create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links/post + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_buckets_links_get: + billing_accounts_locations_buckets_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links~1{linksId}/get + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_buckets_links_delete: + objectKey: $.buckets + billing_accounts_locations_buckets_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links~1{linksId}/delete + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_buckets_links_list: + billing_accounts_locations_buckets_delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links/get + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.links - organizations_locations_buckets_links_create: + billing_accounts_locations_buckets_patch: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links/post + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_buckets_links_get: + billing_accounts_locations_buckets_undelete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links~1{linksId}/get + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}:undelete/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_buckets_links_delete: + projects_locations_buckets_delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links~1{linksId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/delete response: mediaType: application/json openAPIDocKey: '200' - folders_locations_buckets_links_list: + projects_locations_buckets_get: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.links - folders_locations_buckets_links_create: + projects_locations_buckets_patch: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}/patch response: mediaType: application/json openAPIDocKey: '200' - folders_locations_buckets_links_get: + projects_locations_buckets_undelete: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links~1{linksId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}:undelete/post response: mediaType: application/json openAPIDocKey: '200' - folders_locations_buckets_links_delete: + projects_locations_buckets_list: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links~1{linksId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets/get response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_buckets_links_list: + objectKey: $.buckets + projects_locations_buckets_create: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.links - billing_accounts_locations_buckets_links_create: + folders_locations_buckets_undelete: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links/post + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}:undelete/post response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_buckets_links_get: + folders_locations_buckets_patch: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links~1{linksId}/get + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}/patch response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_buckets_links_delete: + folders_locations_buckets_delete: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1links~1{linksId}/delete + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + folders_locations_buckets_get: + operation: + $ref: >- + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + folders_locations_buckets_create: + operation: + $ref: >- + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets/post response: mediaType: application/json openAPIDocKey: '200' + folders_locations_buckets_list: + operation: + $ref: >- + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.buckets + locations_buckets_create: + operation: + $ref: '#/paths/~1v2~1{parentType}~1{parent}~1buckets/post' + response: + mediaType: application/json + openAPIDocKey: '200' + locations_buckets_list: + operation: + $ref: '#/paths/~1v2~1{parentType}~1{parent}~1buckets/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.buckets sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/links/methods/projects_locations_buckets_links_get + #/components/x-stackQL-resources/buckets/methods/organizations_locations_buckets_get - $ref: >- - #/components/x-stackQL-resources/links/methods/organizations_locations_buckets_links_get + #/components/x-stackQL-resources/buckets/methods/billing_accounts_locations_buckets_get - $ref: >- - #/components/x-stackQL-resources/links/methods/folders_locations_buckets_links_get + #/components/x-stackQL-resources/buckets/methods/projects_locations_buckets_get - $ref: >- - #/components/x-stackQL-resources/links/methods/billing_accounts_locations_buckets_links_get + #/components/x-stackQL-resources/buckets/methods/folders_locations_buckets_get - $ref: >- - #/components/x-stackQL-resources/links/methods/projects_locations_buckets_links_list + #/components/x-stackQL-resources/buckets/methods/organizations_locations_buckets_list - $ref: >- - #/components/x-stackQL-resources/links/methods/organizations_locations_buckets_links_list + #/components/x-stackQL-resources/buckets/methods/billing_accounts_locations_buckets_list - $ref: >- - #/components/x-stackQL-resources/links/methods/folders_locations_buckets_links_list + #/components/x-stackQL-resources/buckets/methods/projects_locations_buckets_list - $ref: >- - #/components/x-stackQL-resources/links/methods/billing_accounts_locations_buckets_links_list + #/components/x-stackQL-resources/buckets/methods/folders_locations_buckets_list - $ref: >- - #/components/x-stackQL-resources/links/methods/locations_buckets_links_list + #/components/x-stackQL-resources/buckets/methods/locations_buckets_list insert: - $ref: >- - #/components/x-stackQL-resources/links/methods/projects_locations_buckets_links_create + #/components/x-stackQL-resources/buckets/methods/organizations_locations_buckets_create - $ref: >- - #/components/x-stackQL-resources/links/methods/organizations_locations_buckets_links_create + #/components/x-stackQL-resources/buckets/methods/billing_accounts_locations_buckets_create - $ref: >- - #/components/x-stackQL-resources/links/methods/folders_locations_buckets_links_create + #/components/x-stackQL-resources/buckets/methods/projects_locations_buckets_create - $ref: >- - #/components/x-stackQL-resources/links/methods/billing_accounts_locations_buckets_links_create + #/components/x-stackQL-resources/buckets/methods/folders_locations_buckets_create - $ref: >- - #/components/x-stackQL-resources/links/methods/locations_buckets_links_create - update: [] + #/components/x-stackQL-resources/buckets/methods/locations_buckets_create + update: + - $ref: >- + #/components/x-stackQL-resources/buckets/methods/organizations_locations_buckets_patch + - $ref: >- + #/components/x-stackQL-resources/buckets/methods/billing_accounts_locations_buckets_patch + - $ref: >- + #/components/x-stackQL-resources/buckets/methods/projects_locations_buckets_patch + - $ref: >- + #/components/x-stackQL-resources/buckets/methods/folders_locations_buckets_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/links/methods/projects_locations_buckets_links_delete + #/components/x-stackQL-resources/buckets/methods/organizations_locations_buckets_delete - $ref: >- - #/components/x-stackQL-resources/links/methods/organizations_locations_buckets_links_delete + #/components/x-stackQL-resources/buckets/methods/billing_accounts_locations_buckets_delete - $ref: >- - #/components/x-stackQL-resources/links/methods/folders_locations_buckets_links_delete + #/components/x-stackQL-resources/buckets/methods/projects_locations_buckets_delete - $ref: >- - #/components/x-stackQL-resources/links/methods/billing_accounts_locations_buckets_links_delete - sinks: - id: google.logging.sinks - name: sinks - title: Sinks + #/components/x-stackQL-resources/buckets/methods/folders_locations_buckets_delete + operations: + id: google.logging.operations + name: operations + title: Operations methods: - sinks_list: + organizations_locations_operations_list: operation: - $ref: '#/paths/~1v2~1{parentType}~1{parent}~1sinks/get' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sinks - sinks_create: + objectKey: $.operations + organizations_locations_operations_cancel: operation: - $ref: '#/paths/~1v2~1{parentType}~1{parent}~1sinks/post' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - sinks_get: + organizations_locations_operations_get: operation: - $ref: '#/paths/~1v2~1{sinkName}/get' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - sinks_update: + billing_accounts_locations_operations_cancel: operation: - $ref: '#/paths/~1v2~1{sinkName}/put' + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - sinks_delete: + billing_accounts_locations_operations_list: operation: - $ref: '#/paths/~1v2~1{sinkName}/delete' + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - projects_sinks_list: + objectKey: $.operations + billing_accounts_locations_operations_get: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1sinks/get' + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sinks - projects_sinks_create: + projects_locations_operations_cancel: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1sinks/post' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - projects_sinks_get: + projects_locations_operations_list: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1sinks~1{sinksId}/get' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - projects_sinks_update: + objectKey: $.operations + projects_locations_operations_get: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1sinks~1{sinksId}/put' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_sinks_patch: + folders_locations_operations_get: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1sinks~1{sinksId}/patch' + $ref: >- + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_sinks_delete: + folders_locations_operations_list: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1sinks~1{sinksId}/delete' + $ref: >- + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - organizations_sinks_list: + objectKey: $.operations + folders_locations_operations_cancel: operation: - $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1sinks/get' + $ref: >- + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sinks - organizations_sinks_create: + locations_operations_cancel: operation: - $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1sinks/post' + $ref: '#/paths/~1v2~1{name}/post' response: mediaType: application/json openAPIDocKey: '200' - organizations_sinks_get: + locations_operations_list: + operation: + $ref: '#/paths/~1v2~1{name}~1operations/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.operations + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/operations/methods/organizations_locations_operations_get + - $ref: >- + #/components/x-stackQL-resources/operations/methods/billing_accounts_locations_operations_get + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get + - $ref: >- + #/components/x-stackQL-resources/operations/methods/folders_locations_operations_get + - $ref: >- + #/components/x-stackQL-resources/operations/methods/organizations_locations_operations_list + - $ref: >- + #/components/x-stackQL-resources/operations/methods/billing_accounts_locations_operations_list + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_list + - $ref: >- + #/components/x-stackQL-resources/operations/methods/folders_locations_operations_list + - $ref: >- + #/components/x-stackQL-resources/operations/methods/locations_operations_list + insert: [] + update: [] + replace: [] + delete: [] + log_scopes: + id: google.logging.log_scopes + name: log_scopes + title: Log_scopes + methods: + organizations_locations_log_scopes_create: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1sinks~1{sinksId}/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1logScopes/post response: mediaType: application/json openAPIDocKey: '200' - organizations_sinks_update: + organizations_locations_log_scopes_list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1sinks~1{sinksId}/put + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1logScopes/get response: mediaType: application/json openAPIDocKey: '200' - organizations_sinks_patch: + objectKey: $.logScopes + organizations_locations_log_scopes_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1sinks~1{sinksId}/patch + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_sinks_delete: + organizations_locations_log_scopes_patch: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1sinks~1{sinksId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - folders_sinks_list: - operation: - $ref: '#/paths/~1v2~1folders~1{foldersId}~1sinks/get' + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sinks - folders_sinks_create: + organizations_locations_log_scopes_delete: operation: - $ref: '#/paths/~1v2~1folders~1{foldersId}~1sinks/post' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/delete response: mediaType: application/json openAPIDocKey: '200' - folders_sinks_get: + projects_locations_log_scopes_get: operation: - $ref: '#/paths/~1v2~1folders~1{foldersId}~1sinks~1{sinksId}/get' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/get response: mediaType: application/json openAPIDocKey: '200' - folders_sinks_update: + projects_locations_log_scopes_delete: operation: - $ref: '#/paths/~1v2~1folders~1{foldersId}~1sinks~1{sinksId}/put' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/delete response: mediaType: application/json openAPIDocKey: '200' - folders_sinks_patch: + projects_locations_log_scopes_patch: operation: - $ref: '#/paths/~1v2~1folders~1{foldersId}~1sinks~1{sinksId}/patch' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/patch response: mediaType: application/json openAPIDocKey: '200' - folders_sinks_delete: + projects_locations_log_scopes_list: operation: - $ref: '#/paths/~1v2~1folders~1{foldersId}~1sinks~1{sinksId}/delete' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1logScopes/get response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_sinks_list: + objectKey: $.logScopes + projects_locations_log_scopes_create: operation: - $ref: '#/paths/~1v2~1billingAccounts~1{billingAccountsId}~1sinks/get' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1logScopes/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sinks - billing_accounts_sinks_create: + folders_locations_log_scopes_get: operation: - $ref: '#/paths/~1v2~1billingAccounts~1{billingAccountsId}~1sinks/post' + $ref: >- + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/get response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_sinks_get: + folders_locations_log_scopes_delete: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1sinks~1{sinksId}/get + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/delete response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_sinks_update: + folders_locations_log_scopes_patch: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1sinks~1{sinksId}/put + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/patch response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_sinks_patch: + folders_locations_log_scopes_create: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1sinks~1{sinksId}/patch + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1logScopes/post response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_sinks_delete: + folders_locations_log_scopes_list: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1sinks~1{sinksId}/delete + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1logScopes/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.logScopes sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/sinks/methods/sinks_list' - - $ref: '#/components/x-stackQL-resources/sinks/methods/projects_sinks_get' - - $ref: >- - #/components/x-stackQL-resources/sinks/methods/organizations_sinks_get - - $ref: '#/components/x-stackQL-resources/sinks/methods/folders_sinks_get' - $ref: >- - #/components/x-stackQL-resources/sinks/methods/billing_accounts_sinks_get - - $ref: '#/components/x-stackQL-resources/sinks/methods/sinks_get' - - $ref: '#/components/x-stackQL-resources/sinks/methods/projects_sinks_list' - - $ref: >- - #/components/x-stackQL-resources/sinks/methods/organizations_sinks_list - - $ref: '#/components/x-stackQL-resources/sinks/methods/folders_sinks_list' - - $ref: >- - #/components/x-stackQL-resources/sinks/methods/billing_accounts_sinks_list - insert: - - $ref: '#/components/x-stackQL-resources/sinks/methods/sinks_create' + #/components/x-stackQL-resources/log_scopes/methods/organizations_locations_log_scopes_get - $ref: >- - #/components/x-stackQL-resources/sinks/methods/projects_sinks_create + #/components/x-stackQL-resources/log_scopes/methods/projects_locations_log_scopes_get - $ref: >- - #/components/x-stackQL-resources/sinks/methods/organizations_sinks_create + #/components/x-stackQL-resources/log_scopes/methods/folders_locations_log_scopes_get - $ref: >- - #/components/x-stackQL-resources/sinks/methods/folders_sinks_create + #/components/x-stackQL-resources/log_scopes/methods/organizations_locations_log_scopes_list - $ref: >- - #/components/x-stackQL-resources/sinks/methods/billing_accounts_sinks_create - update: + #/components/x-stackQL-resources/log_scopes/methods/projects_locations_log_scopes_list - $ref: >- - #/components/x-stackQL-resources/sinks/methods/projects_sinks_patch + #/components/x-stackQL-resources/log_scopes/methods/folders_locations_log_scopes_list + insert: - $ref: >- - #/components/x-stackQL-resources/sinks/methods/organizations_sinks_patch - - $ref: '#/components/x-stackQL-resources/sinks/methods/folders_sinks_patch' + #/components/x-stackQL-resources/log_scopes/methods/organizations_locations_log_scopes_create - $ref: >- - #/components/x-stackQL-resources/sinks/methods/billing_accounts_sinks_patch - replace: + #/components/x-stackQL-resources/log_scopes/methods/projects_locations_log_scopes_create - $ref: >- - #/components/x-stackQL-resources/sinks/methods/projects_sinks_update + #/components/x-stackQL-resources/log_scopes/methods/folders_locations_log_scopes_create + update: - $ref: >- - #/components/x-stackQL-resources/sinks/methods/organizations_sinks_update + #/components/x-stackQL-resources/log_scopes/methods/organizations_locations_log_scopes_patch - $ref: >- - #/components/x-stackQL-resources/sinks/methods/folders_sinks_update + #/components/x-stackQL-resources/log_scopes/methods/projects_locations_log_scopes_patch - $ref: >- - #/components/x-stackQL-resources/sinks/methods/billing_accounts_sinks_update - - $ref: '#/components/x-stackQL-resources/sinks/methods/sinks_update' + #/components/x-stackQL-resources/log_scopes/methods/folders_locations_log_scopes_patch + replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/sinks/methods/projects_sinks_delete - - $ref: >- - #/components/x-stackQL-resources/sinks/methods/organizations_sinks_delete + #/components/x-stackQL-resources/log_scopes/methods/organizations_locations_log_scopes_delete - $ref: >- - #/components/x-stackQL-resources/sinks/methods/folders_sinks_delete + #/components/x-stackQL-resources/log_scopes/methods/projects_locations_log_scopes_delete - $ref: >- - #/components/x-stackQL-resources/sinks/methods/billing_accounts_sinks_delete - - $ref: '#/components/x-stackQL-resources/sinks/methods/sinks_delete' - logging_cmek_settings: - id: google.logging.logging_cmek_settings - name: logging_cmek_settings - title: Logging_cmek_settings + #/components/x-stackQL-resources/log_scopes/methods/folders_locations_log_scopes_delete + saved_queries: + id: google.logging.saved_queries + name: saved_queries + title: Saved_queries methods: - get_cmek_settings: - operation: - $ref: '#/paths/~1v2~1{name}~1cmekSettings/get' - response: - mediaType: application/json - openAPIDocKey: '200' - update_cmek_settings: + organizations_locations_saved_queries_create: operation: - $ref: '#/paths/~1v2~1{name}~1cmekSettings/patch' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1savedQueries/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/logging_cmek_settings/methods/get_cmek_settings - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/logging_cmek_settings/methods/update_cmek_settings - replace: [] - delete: [] - logging_settings: - id: google.logging.logging_settings - name: logging_settings - title: Logging_settings - methods: - get_settings: + organizations_locations_saved_queries_list: operation: - $ref: '#/paths/~1v2~1{name}~1settings/get' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1savedQueries/get response: mediaType: application/json openAPIDocKey: '200' - update_settings: + objectKey: $.savedQueries + organizations_locations_saved_queries_get: operation: - $ref: '#/paths/~1v2~1{name}~1settings/patch' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/logging_settings/methods/get_settings - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/logging_settings/methods/update_settings - replace: [] - delete: [] - cmek_settings: - id: google.logging.cmek_settings - name: cmek_settings - title: Cmek_settings - methods: - projects_get_cmek_settings: + organizations_locations_saved_queries_delete: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1cmekSettings/get' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_get_cmek_settings: + organizations_locations_saved_queries_patch: operation: - $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1cmekSettings/get' + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_update_cmek_settings: + billing_accounts_locations_saved_queries_patch: operation: - $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1cmekSettings/patch' + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/patch response: mediaType: application/json openAPIDocKey: '200' - folders_get_cmek_settings: + billing_accounts_locations_saved_queries_get: operation: - $ref: '#/paths/~1v2~1folders~1{foldersId}~1cmekSettings/get' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/cmek_settings/methods/projects_get_cmek_settings - - $ref: >- - #/components/x-stackQL-resources/cmek_settings/methods/organizations_get_cmek_settings - - $ref: >- - #/components/x-stackQL-resources/cmek_settings/methods/folders_get_cmek_settings - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/cmek_settings/methods/organizations_update_cmek_settings - replace: [] - delete: [] - settings: - id: google.logging.settings - name: settings - title: Settings - methods: - projects_get_settings: + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + billing_accounts_locations_saved_queries_delete: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1settings/get' + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_get_settings: + billing_accounts_locations_saved_queries_create: operation: - $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1settings/get' + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1savedQueries/post response: mediaType: application/json openAPIDocKey: '200' - organizations_update_settings: + billing_accounts_locations_saved_queries_list: operation: - $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1settings/patch' + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1savedQueries/get response: mediaType: application/json openAPIDocKey: '200' - folders_get_settings: + objectKey: $.savedQueries + projects_locations_saved_queries_patch: operation: - $ref: '#/paths/~1v2~1folders~1{foldersId}~1settings/get' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/patch response: mediaType: application/json openAPIDocKey: '200' - folders_update_settings: + projects_locations_saved_queries_delete: operation: - $ref: '#/paths/~1v2~1folders~1{foldersId}~1settings/patch' + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/settings/methods/projects_get_settings - - $ref: >- - #/components/x-stackQL-resources/settings/methods/organizations_get_settings - - $ref: >- - #/components/x-stackQL-resources/settings/methods/folders_get_settings - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/settings/methods/organizations_update_settings - - $ref: >- - #/components/x-stackQL-resources/settings/methods/folders_update_settings - replace: [] - delete: [] - buckets_async: - id: google.logging.buckets_async - name: buckets_async - title: Buckets_async - methods: - projects_locations_buckets_create_async: + projects_locations_saved_queries_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets:createAsync/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_buckets_update_async: + projects_locations_saved_queries_create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}:updateAsync/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1savedQueries/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_buckets_create_async: + projects_locations_saved_queries_list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets:createAsync/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1savedQueries/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_buckets_update_async: + objectKey: $.savedQueries + folders_locations_saved_queries_patch: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}:updateAsync/post + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/patch response: mediaType: application/json openAPIDocKey: '200' - folders_locations_buckets_create_async: + folders_locations_saved_queries_get: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets:createAsync/post + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/get response: mediaType: application/json openAPIDocKey: '200' - folders_locations_buckets_update_async: + folders_locations_saved_queries_delete: operation: $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}:updateAsync/post + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/delete response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_buckets_create_async: + folders_locations_saved_queries_list: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets:createAsync/post + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1savedQueries/get response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_buckets_update_async: + objectKey: $.savedQueries + folders_locations_saved_queries_create: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}:updateAsync/post + #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1savedQueries/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] + select: + - $ref: >- + #/components/x-stackQL-resources/saved_queries/methods/organizations_locations_saved_queries_get + - $ref: >- + #/components/x-stackQL-resources/saved_queries/methods/billing_accounts_locations_saved_queries_get + - $ref: >- + #/components/x-stackQL-resources/saved_queries/methods/projects_locations_saved_queries_get + - $ref: >- + #/components/x-stackQL-resources/saved_queries/methods/folders_locations_saved_queries_get + - $ref: >- + #/components/x-stackQL-resources/saved_queries/methods/organizations_locations_saved_queries_list + - $ref: >- + #/components/x-stackQL-resources/saved_queries/methods/billing_accounts_locations_saved_queries_list + - $ref: >- + #/components/x-stackQL-resources/saved_queries/methods/projects_locations_saved_queries_list + - $ref: >- + #/components/x-stackQL-resources/saved_queries/methods/folders_locations_saved_queries_list insert: - $ref: >- - #/components/x-stackQL-resources/buckets_async/methods/projects_locations_buckets_create_async + #/components/x-stackQL-resources/saved_queries/methods/organizations_locations_saved_queries_create - $ref: >- - #/components/x-stackQL-resources/buckets_async/methods/organizations_locations_buckets_create_async + #/components/x-stackQL-resources/saved_queries/methods/billing_accounts_locations_saved_queries_create - $ref: >- - #/components/x-stackQL-resources/buckets_async/methods/folders_locations_buckets_create_async + #/components/x-stackQL-resources/saved_queries/methods/projects_locations_saved_queries_create - $ref: >- - #/components/x-stackQL-resources/buckets_async/methods/billing_accounts_locations_buckets_create_async + #/components/x-stackQL-resources/saved_queries/methods/folders_locations_saved_queries_create update: - $ref: >- - #/components/x-stackQL-resources/buckets_async/methods/projects_locations_buckets_update_async + #/components/x-stackQL-resources/saved_queries/methods/organizations_locations_saved_queries_patch - $ref: >- - #/components/x-stackQL-resources/buckets_async/methods/organizations_locations_buckets_update_async + #/components/x-stackQL-resources/saved_queries/methods/billing_accounts_locations_saved_queries_patch - $ref: >- - #/components/x-stackQL-resources/buckets_async/methods/folders_locations_buckets_update_async + #/components/x-stackQL-resources/saved_queries/methods/projects_locations_saved_queries_patch - $ref: >- - #/components/x-stackQL-resources/buckets_async/methods/billing_accounts_locations_buckets_update_async + #/components/x-stackQL-resources/saved_queries/methods/folders_locations_saved_queries_patch replace: [] - delete: [] - logs: - id: google.logging.logs - name: logs - title: Logs + delete: + - $ref: >- + #/components/x-stackQL-resources/saved_queries/methods/organizations_locations_saved_queries_delete + - $ref: >- + #/components/x-stackQL-resources/saved_queries/methods/billing_accounts_locations_saved_queries_delete + - $ref: >- + #/components/x-stackQL-resources/saved_queries/methods/projects_locations_saved_queries_delete + - $ref: >- + #/components/x-stackQL-resources/saved_queries/methods/folders_locations_saved_queries_delete + locations: + id: google.logging.locations + name: locations + title: Locations methods: - projects_locations_buckets_views_logs_list: + organizations_locations_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}~1logs/get + #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.logNames - projects_logs_delete: + organizations_locations_list: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1logs~1{logsId}/delete' + $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' - projects_logs_list: + objectKey: $.locations + billing_accounts_locations_list: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1logs/get' + $ref: '#/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.logNames - organizations_locations_buckets_views_logs_list: + objectKey: $.locations + billing_accounts_locations_get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}~1logs/get + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.logNames - organizations_logs_delete: + projects_locations_list: operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1logs~1{logsId}/delete + $ref: '#/paths/~1v2~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_logs_list: + objectKey: $.locations + projects_locations_get: operation: - $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1logs/get' + $ref: '#/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.logNames - folders_locations_buckets_views_logs_list: + folders_locations_list: operation: - $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}~1logs/get + $ref: '#/paths/~1v2~1folders~1{foldersId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.logNames - folders_logs_delete: + objectKey: $.locations + folders_locations_get: operation: - $ref: '#/paths/~1v2~1folders~1{foldersId}~1logs~1{logsId}/delete' + $ref: '#/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - folders_logs_list: + locations_list: operation: - $ref: '#/paths/~1v2~1folders~1{foldersId}~1logs/get' + $ref: '#/paths/~1v2~1{name}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.logNames - billing_accounts_locations_buckets_views_logs_list: + objectKey: $.locations + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/locations/methods/organizations_locations_get + - $ref: >- + #/components/x-stackQL-resources/locations/methods/billing_accounts_locations_get + - $ref: >- + #/components/x-stackQL-resources/locations/methods/projects_locations_get + - $ref: >- + #/components/x-stackQL-resources/locations/methods/folders_locations_get + - $ref: >- + #/components/x-stackQL-resources/locations/methods/organizations_locations_list + - $ref: >- + #/components/x-stackQL-resources/locations/methods/billing_accounts_locations_list + - $ref: >- + #/components/x-stackQL-resources/locations/methods/projects_locations_list + - $ref: >- + #/components/x-stackQL-resources/locations/methods/folders_locations_list + - $ref: '#/components/x-stackQL-resources/locations/methods/locations_list' + insert: [] + update: [] + replace: [] + delete: [] + exclusions: + id: google.logging.exclusions + name: exclusions + title: Exclusions + methods: + organizations_exclusions_create: + operation: + $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1exclusions/post' + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_exclusions_list: + operation: + $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1exclusions/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.exclusions + organizations_exclusions_delete: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1buckets~1{bucketsId}~1views~1{viewsId}~1logs/get + #/paths/~1v2~1organizations~1{organizationsId}~1exclusions~1{exclusionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.logNames - billing_accounts_logs_delete: + organizations_exclusions_patch: operation: $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1logs~1{logsId}/delete + #/paths/~1v2~1organizations~1{organizationsId}~1exclusions~1{exclusionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_logs_list: + organizations_exclusions_get: + operation: + $ref: >- + #/paths/~1v2~1organizations~1{organizationsId}~1exclusions~1{exclusionsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + billing_accounts_exclusions_list: + operation: + $ref: '#/paths/~1v2~1billingAccounts~1{billingAccountsId}~1exclusions/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.exclusions + billing_accounts_exclusions_create: + operation: + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1exclusions/post + response: + mediaType: application/json + openAPIDocKey: '200' + billing_accounts_exclusions_patch: operation: - $ref: '#/paths/~1v2~1billingAccounts~1{billingAccountsId}~1logs/get' + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1exclusions~1{exclusionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.logNames - logs_delete: + billing_accounts_exclusions_get: operation: - $ref: '#/paths/~1v2~1{logName}/delete' + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1exclusions~1{exclusionsId}/get response: mediaType: application/json openAPIDocKey: '200' - logs_list: + billing_accounts_exclusions_delete: operation: - $ref: '#/paths/~1v2~1{parentType}~1{parent}~1logs/get' + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1exclusions~1{exclusionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.logNames - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/logs/methods/projects_locations_buckets_views_logs_list - - $ref: >- - #/components/x-stackQL-resources/logs/methods/organizations_locations_buckets_views_logs_list - - $ref: >- - #/components/x-stackQL-resources/logs/methods/folders_locations_buckets_views_logs_list - - $ref: >- - #/components/x-stackQL-resources/logs/methods/billing_accounts_locations_buckets_views_logs_list - - $ref: '#/components/x-stackQL-resources/logs/methods/logs_list' - - $ref: '#/components/x-stackQL-resources/logs/methods/projects_logs_list' - - $ref: >- - #/components/x-stackQL-resources/logs/methods/organizations_logs_list - - $ref: '#/components/x-stackQL-resources/logs/methods/folders_logs_list' - - $ref: >- - #/components/x-stackQL-resources/logs/methods/billing_accounts_logs_list - insert: [] - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/logs/methods/projects_logs_delete' - - $ref: >- - #/components/x-stackQL-resources/logs/methods/organizations_logs_delete - - $ref: '#/components/x-stackQL-resources/logs/methods/folders_logs_delete' - - $ref: >- - #/components/x-stackQL-resources/logs/methods/billing_accounts_logs_delete - - $ref: '#/components/x-stackQL-resources/logs/methods/logs_delete' - log_scopes: - id: google.logging.log_scopes - name: log_scopes - title: Log_scopes - methods: - projects_locations_log_scopes_list: + projects_exclusions_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1logScopes/get + #/paths/~1v2~1projects~1{projectsId}~1exclusions~1{exclusionsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.logScopes - projects_locations_log_scopes_create: + projects_exclusions_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1logScopes/post + #/paths/~1v2~1projects~1{projectsId}~1exclusions~1{exclusionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_log_scopes_get: + projects_exclusions_patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/get + #/paths/~1v2~1projects~1{projectsId}~1exclusions~1{exclusionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_log_scopes_patch: + projects_exclusions_create: operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/patch + $ref: '#/paths/~1v2~1projects~1{projectsId}~1exclusions/post' response: mediaType: application/json openAPIDocKey: '200' - projects_locations_log_scopes_delete: + projects_exclusions_list: operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/delete + $ref: '#/paths/~1v2~1projects~1{projectsId}~1exclusions/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_log_scopes_list: + objectKey: $.exclusions + folders_exclusions_create: operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1logScopes/get + $ref: '#/paths/~1v2~1folders~1{foldersId}~1exclusions/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.logScopes - organizations_locations_log_scopes_create: + folders_exclusions_list: operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1logScopes/post + $ref: '#/paths/~1v2~1folders~1{foldersId}~1exclusions/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_log_scopes_get: + objectKey: $.exclusions + folders_exclusions_patch: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/get + #/paths/~1v2~1folders~1{foldersId}~1exclusions~1{exclusionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_log_scopes_patch: + folders_exclusions_get: operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/patch + $ref: '#/paths/~1v2~1folders~1{foldersId}~1exclusions~1{exclusionsId}/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_log_scopes_delete: + folders_exclusions_delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/delete + #/paths/~1v2~1folders~1{foldersId}~1exclusions~1{exclusionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - folders_locations_log_scopes_list: + exclusions_delete: operation: - $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1logScopes/get + $ref: '#/paths/~1v2~1{name}/delete' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.logScopes - folders_locations_log_scopes_create: + exclusions_get: operation: - $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1logScopes/post + $ref: '#/paths/~1v2~1{name}/get' response: mediaType: application/json openAPIDocKey: '200' - folders_locations_log_scopes_get: + exclusions_patch: operation: - $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/get + $ref: '#/paths/~1v2~1{name}/patch' response: mediaType: application/json openAPIDocKey: '200' - folders_locations_log_scopes_patch: + exclusions_create: operation: - $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/patch + $ref: '#/paths/~1v2~1{parentType}~1{parent}~1exclusions/post' response: mediaType: application/json openAPIDocKey: '200' - folders_locations_log_scopes_delete: + exclusions_list: operation: - $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1logScopes~1{logScopesId}/delete + $ref: '#/paths/~1v2~1{parentType}~1{parent}~1exclusions/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.exclusions sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/log_scopes/methods/projects_locations_log_scopes_get + #/components/x-stackQL-resources/exclusions/methods/organizations_exclusions_get - $ref: >- - #/components/x-stackQL-resources/log_scopes/methods/organizations_locations_log_scopes_get + #/components/x-stackQL-resources/exclusions/methods/billing_accounts_exclusions_get - $ref: >- - #/components/x-stackQL-resources/log_scopes/methods/folders_locations_log_scopes_get + #/components/x-stackQL-resources/exclusions/methods/projects_exclusions_get - $ref: >- - #/components/x-stackQL-resources/log_scopes/methods/projects_locations_log_scopes_list + #/components/x-stackQL-resources/exclusions/methods/folders_exclusions_get - $ref: >- - #/components/x-stackQL-resources/log_scopes/methods/organizations_locations_log_scopes_list + #/components/x-stackQL-resources/exclusions/methods/exclusions_list - $ref: >- - #/components/x-stackQL-resources/log_scopes/methods/folders_locations_log_scopes_list + #/components/x-stackQL-resources/exclusions/methods/organizations_exclusions_list + - $ref: >- + #/components/x-stackQL-resources/exclusions/methods/billing_accounts_exclusions_list + - $ref: >- + #/components/x-stackQL-resources/exclusions/methods/projects_exclusions_list + - $ref: >- + #/components/x-stackQL-resources/exclusions/methods/folders_exclusions_list + - $ref: '#/components/x-stackQL-resources/exclusions/methods/exclusions_get' insert: - $ref: >- - #/components/x-stackQL-resources/log_scopes/methods/projects_locations_log_scopes_create + #/components/x-stackQL-resources/exclusions/methods/exclusions_create - $ref: >- - #/components/x-stackQL-resources/log_scopes/methods/organizations_locations_log_scopes_create + #/components/x-stackQL-resources/exclusions/methods/organizations_exclusions_create - $ref: >- - #/components/x-stackQL-resources/log_scopes/methods/folders_locations_log_scopes_create + #/components/x-stackQL-resources/exclusions/methods/billing_accounts_exclusions_create + - $ref: >- + #/components/x-stackQL-resources/exclusions/methods/projects_exclusions_create + - $ref: >- + #/components/x-stackQL-resources/exclusions/methods/folders_exclusions_create update: - $ref: >- - #/components/x-stackQL-resources/log_scopes/methods/projects_locations_log_scopes_patch + #/components/x-stackQL-resources/exclusions/methods/organizations_exclusions_patch - $ref: >- - #/components/x-stackQL-resources/log_scopes/methods/organizations_locations_log_scopes_patch + #/components/x-stackQL-resources/exclusions/methods/billing_accounts_exclusions_patch - $ref: >- - #/components/x-stackQL-resources/log_scopes/methods/folders_locations_log_scopes_patch + #/components/x-stackQL-resources/exclusions/methods/projects_exclusions_patch + - $ref: >- + #/components/x-stackQL-resources/exclusions/methods/folders_exclusions_patch + - $ref: >- + #/components/x-stackQL-resources/exclusions/methods/exclusions_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/log_scopes/methods/projects_locations_log_scopes_delete + #/components/x-stackQL-resources/exclusions/methods/organizations_exclusions_delete - $ref: >- - #/components/x-stackQL-resources/log_scopes/methods/organizations_locations_log_scopes_delete + #/components/x-stackQL-resources/exclusions/methods/billing_accounts_exclusions_delete - $ref: >- - #/components/x-stackQL-resources/log_scopes/methods/folders_locations_log_scopes_delete - saved_queries: - id: google.logging.saved_queries - name: saved_queries - title: Saved_queries + #/components/x-stackQL-resources/exclusions/methods/projects_exclusions_delete + - $ref: >- + #/components/x-stackQL-resources/exclusions/methods/folders_exclusions_delete + - $ref: >- + #/components/x-stackQL-resources/exclusions/methods/exclusions_delete + sinks: + id: google.logging.sinks + name: sinks + title: Sinks methods: - projects_locations_saved_queries_list: + organizations_sinks_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1savedQueries/get + #/paths/~1v2~1organizations~1{organizationsId}~1sinks~1{sinksId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.savedQueries - projects_locations_saved_queries_create: + organizations_sinks_update: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1savedQueries/post + #/paths/~1v2~1organizations~1{organizationsId}~1sinks~1{sinksId}/put response: mediaType: application/json openAPIDocKey: '200' - projects_locations_saved_queries_get: + organizations_sinks_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/get + #/paths/~1v2~1organizations~1{organizationsId}~1sinks~1{sinksId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_saved_queries_patch: + organizations_sinks_patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/patch + #/paths/~1v2~1organizations~1{organizationsId}~1sinks~1{sinksId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_sinks_create: + operation: + $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1sinks/post' + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_sinks_list: + operation: + $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1sinks/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.sinks + sinks_get: + operation: + $ref: '#/paths/~1v2~1{sinkName}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sinks_delete: + operation: + $ref: '#/paths/~1v2~1{sinkName}/delete' + response: + mediaType: application/json + openAPIDocKey: '200' + sinks_update: + operation: + $ref: '#/paths/~1v2~1{sinkName}/put' + response: + mediaType: application/json + openAPIDocKey: '200' + sinks_list: + operation: + $ref: '#/paths/~1v2~1{parentType}~1{parent}~1sinks/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.sinks + sinks_create: + operation: + $ref: '#/paths/~1v2~1{parentType}~1{parent}~1sinks/post' + response: + mediaType: application/json + openAPIDocKey: '200' + billing_accounts_sinks_update: + operation: + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1sinks~1{sinksId}/put + response: + mediaType: application/json + openAPIDocKey: '200' + billing_accounts_sinks_patch: + operation: + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1sinks~1{sinksId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_saved_queries_delete: + billing_accounts_sinks_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/delete + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1sinks~1{sinksId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_saved_queries_list: + billing_accounts_sinks_delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1savedQueries/get + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1sinks~1{sinksId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.savedQueries - organizations_locations_saved_queries_create: + billing_accounts_sinks_create: operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1savedQueries/post + $ref: '#/paths/~1v2~1billingAccounts~1{billingAccountsId}~1sinks/post' response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_saved_queries_get: + billing_accounts_sinks_list: operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/get + $ref: '#/paths/~1v2~1billingAccounts~1{billingAccountsId}~1sinks/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_saved_queries_patch: + objectKey: $.sinks + projects_sinks_patch: operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/patch + $ref: '#/paths/~1v2~1projects~1{projectsId}~1sinks~1{sinksId}/patch' response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_saved_queries_delete: + projects_sinks_delete: operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/delete + $ref: '#/paths/~1v2~1projects~1{projectsId}~1sinks~1{sinksId}/delete' response: mediaType: application/json openAPIDocKey: '200' - folders_locations_saved_queries_list: + projects_sinks_get: operation: - $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1savedQueries/get + $ref: '#/paths/~1v2~1projects~1{projectsId}~1sinks~1{sinksId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.savedQueries - folders_locations_saved_queries_create: + projects_sinks_update: operation: - $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1savedQueries/post + $ref: '#/paths/~1v2~1projects~1{projectsId}~1sinks~1{sinksId}/put' response: mediaType: application/json openAPIDocKey: '200' - folders_locations_saved_queries_get: + projects_sinks_create: operation: - $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/get + $ref: '#/paths/~1v2~1projects~1{projectsId}~1sinks/post' response: mediaType: application/json openAPIDocKey: '200' - folders_locations_saved_queries_patch: + projects_sinks_list: operation: - $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/patch + $ref: '#/paths/~1v2~1projects~1{projectsId}~1sinks/get' response: mediaType: application/json openAPIDocKey: '200' - folders_locations_saved_queries_delete: + objectKey: $.sinks + folders_sinks_delete: operation: - $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/delete + $ref: '#/paths/~1v2~1folders~1{foldersId}~1sinks~1{sinksId}/delete' response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_saved_queries_list: + folders_sinks_update: operation: - $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1savedQueries/get + $ref: '#/paths/~1v2~1folders~1{foldersId}~1sinks~1{sinksId}/put' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.savedQueries - billing_accounts_locations_saved_queries_create: + folders_sinks_patch: operation: - $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1savedQueries/post + $ref: '#/paths/~1v2~1folders~1{foldersId}~1sinks~1{sinksId}/patch' response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_saved_queries_get: + folders_sinks_get: operation: - $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/get + $ref: '#/paths/~1v2~1folders~1{foldersId}~1sinks~1{sinksId}/get' response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_saved_queries_patch: + folders_sinks_create: operation: - $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/patch + $ref: '#/paths/~1v2~1folders~1{foldersId}~1sinks/post' response: mediaType: application/json openAPIDocKey: '200' - billing_accounts_locations_saved_queries_delete: + folders_sinks_list: operation: - $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1savedQueries~1{savedQueriesId}/delete + $ref: '#/paths/~1v2~1folders~1{foldersId}~1sinks/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.sinks sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/projects_locations_saved_queries_get - - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/organizations_locations_saved_queries_get + #/components/x-stackQL-resources/sinks/methods/organizations_sinks_get + - $ref: '#/components/x-stackQL-resources/sinks/methods/sinks_list' - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/folders_locations_saved_queries_get + #/components/x-stackQL-resources/sinks/methods/billing_accounts_sinks_get + - $ref: '#/components/x-stackQL-resources/sinks/methods/projects_sinks_get' + - $ref: '#/components/x-stackQL-resources/sinks/methods/folders_sinks_get' - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/billing_accounts_locations_saved_queries_get + #/components/x-stackQL-resources/sinks/methods/organizations_sinks_list + - $ref: '#/components/x-stackQL-resources/sinks/methods/sinks_get' - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/projects_locations_saved_queries_list + #/components/x-stackQL-resources/sinks/methods/billing_accounts_sinks_list + - $ref: '#/components/x-stackQL-resources/sinks/methods/projects_sinks_list' + - $ref: '#/components/x-stackQL-resources/sinks/methods/folders_sinks_list' + insert: + - $ref: '#/components/x-stackQL-resources/sinks/methods/sinks_create' - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/organizations_locations_saved_queries_list + #/components/x-stackQL-resources/sinks/methods/organizations_sinks_create - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/folders_locations_saved_queries_list + #/components/x-stackQL-resources/sinks/methods/billing_accounts_sinks_create - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/billing_accounts_locations_saved_queries_list - insert: + #/components/x-stackQL-resources/sinks/methods/projects_sinks_create - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/projects_locations_saved_queries_create + #/components/x-stackQL-resources/sinks/methods/folders_sinks_create + update: - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/organizations_locations_saved_queries_create + #/components/x-stackQL-resources/sinks/methods/organizations_sinks_patch - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/folders_locations_saved_queries_create + #/components/x-stackQL-resources/sinks/methods/billing_accounts_sinks_patch - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/billing_accounts_locations_saved_queries_create - update: + #/components/x-stackQL-resources/sinks/methods/projects_sinks_patch + - $ref: '#/components/x-stackQL-resources/sinks/methods/folders_sinks_patch' + replace: - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/projects_locations_saved_queries_patch + #/components/x-stackQL-resources/sinks/methods/organizations_sinks_update - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/organizations_locations_saved_queries_patch + #/components/x-stackQL-resources/sinks/methods/billing_accounts_sinks_update - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/folders_locations_saved_queries_patch + #/components/x-stackQL-resources/sinks/methods/projects_sinks_update - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/billing_accounts_locations_saved_queries_patch - replace: [] + #/components/x-stackQL-resources/sinks/methods/folders_sinks_update + - $ref: '#/components/x-stackQL-resources/sinks/methods/sinks_update' delete: - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/projects_locations_saved_queries_delete + #/components/x-stackQL-resources/sinks/methods/organizations_sinks_delete - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/organizations_locations_saved_queries_delete + #/components/x-stackQL-resources/sinks/methods/billing_accounts_sinks_delete - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/folders_locations_saved_queries_delete + #/components/x-stackQL-resources/sinks/methods/projects_sinks_delete - $ref: >- - #/components/x-stackQL-resources/saved_queries/methods/billing_accounts_locations_saved_queries_delete - recent_queries: - id: google.logging.recent_queries - name: recent_queries - title: Recent_queries + #/components/x-stackQL-resources/sinks/methods/folders_sinks_delete + - $ref: '#/components/x-stackQL-resources/sinks/methods/sinks_delete' + cmek_settings: + id: google.logging.cmek_settings + name: cmek_settings + title: Cmek_settings methods: - projects_locations_recent_queries_list: + organizations_get_cmek_settings: operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1recentQueries/get + $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1cmekSettings/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.recentQueries - organizations_locations_recent_queries_list: + organizations_update_cmek_settings: operation: - $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1recentQueries/get + $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1cmekSettings/patch' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.recentQueries - folders_locations_recent_queries_list: + projects_get_cmek_settings: operation: - $ref: >- - #/paths/~1v2~1folders~1{foldersId}~1locations~1{locationsId}~1recentQueries/get + $ref: '#/paths/~1v2~1projects~1{projectsId}~1cmekSettings/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.recentQueries - billing_accounts_locations_recent_queries_list: + folders_get_cmek_settings: operation: - $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1locations~1{locationsId}~1recentQueries/get + $ref: '#/paths/~1v2~1folders~1{foldersId}~1cmekSettings/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.recentQueries sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/recent_queries/methods/projects_locations_recent_queries_list - - $ref: >- - #/components/x-stackQL-resources/recent_queries/methods/organizations_locations_recent_queries_list + #/components/x-stackQL-resources/cmek_settings/methods/organizations_get_cmek_settings - $ref: >- - #/components/x-stackQL-resources/recent_queries/methods/folders_locations_recent_queries_list + #/components/x-stackQL-resources/cmek_settings/methods/projects_get_cmek_settings - $ref: >- - #/components/x-stackQL-resources/recent_queries/methods/billing_accounts_locations_recent_queries_list + #/components/x-stackQL-resources/cmek_settings/methods/folders_get_cmek_settings insert: [] - update: [] + update: + - $ref: >- + #/components/x-stackQL-resources/cmek_settings/methods/organizations_update_cmek_settings replace: [] delete: [] - metrics: - id: google.logging.metrics - name: metrics - title: Metrics + settings: + id: google.logging.settings + name: settings + title: Settings methods: - projects_metrics_list: - operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1metrics/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.metrics - projects_metrics_create: - operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1metrics/post' - response: - mediaType: application/json - openAPIDocKey: '200' - projects_metrics_get: + organizations_update_settings: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1metrics~1{metricsId}/get' + $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1settings/patch' response: mediaType: application/json openAPIDocKey: '200' - projects_metrics_update: + organizations_get_settings: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1metrics~1{metricsId}/put' + $ref: '#/paths/~1v2~1organizations~1{organizationsId}~1settings/get' response: mediaType: application/json openAPIDocKey: '200' - projects_metrics_delete: + projects_get_settings: operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1metrics~1{metricsId}/delete' + $ref: '#/paths/~1v2~1projects~1{projectsId}~1settings/get' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/metrics/methods/projects_metrics_get - - $ref: >- - #/components/x-stackQL-resources/metrics/methods/projects_metrics_list - insert: - - $ref: >- - #/components/x-stackQL-resources/metrics/methods/projects_metrics_create - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/metrics/methods/projects_metrics_update - delete: - - $ref: >- - #/components/x-stackQL-resources/metrics/methods/projects_metrics_delete - billing_accounts_cmek_settings: - id: google.logging.billing_accounts_cmek_settings - name: billing_accounts_cmek_settings - title: Billing_accounts_cmek_settings - methods: - billing_accounts_get_cmek_settings: + folders_update_settings: operation: - $ref: >- - #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1cmekSettings/get + $ref: '#/paths/~1v2~1folders~1{foldersId}~1settings/patch' response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/billing_accounts_cmek_settings/methods/billing_accounts_get_cmek_settings - insert: [] - update: [] - replace: [] - delete: [] - billing_accounts_settings: - id: google.logging.billing_accounts_settings - name: billing_accounts_settings - title: Billing_accounts_settings - methods: - billing_accounts_get_settings: + mediaType: application/json + openAPIDocKey: '200' + folders_get_settings: operation: - $ref: '#/paths/~1v2~1billingAccounts~1{billingAccountsId}~1settings/get' + $ref: '#/paths/~1v2~1folders~1{foldersId}~1settings/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/billing_accounts_settings/methods/billing_accounts_get_settings + #/components/x-stackQL-resources/settings/methods/organizations_get_settings + - $ref: >- + #/components/x-stackQL-resources/settings/methods/projects_get_settings + - $ref: >- + #/components/x-stackQL-resources/settings/methods/folders_get_settings insert: [] - update: [] + update: + - $ref: >- + #/components/x-stackQL-resources/settings/methods/organizations_update_settings + - $ref: >- + #/components/x-stackQL-resources/settings/methods/folders_update_settings replace: [] delete: [] entries: @@ -5843,9 +5731,9 @@ components: name: entries title: Entries methods: - entries_copy: + entries_list: operation: - $ref: '#/paths/~1v2~1entries:copy/post' + $ref: '#/paths/~1v2~1entries:list/post' response: mediaType: application/json openAPIDocKey: '200' @@ -5855,9 +5743,9 @@ components: response: mediaType: application/json openAPIDocKey: '200' - entries_list: + entries_copy: operation: - $ref: '#/paths/~1v2~1entries:list/post' + $ref: '#/paths/~1v2~1entries:copy/post' response: mediaType: application/json openAPIDocKey: '200' @@ -5874,226 +5762,168 @@ components: update: [] replace: [] delete: [] - monitored_resource_descriptors: - id: google.logging.monitored_resource_descriptors - name: monitored_resource_descriptors - title: Monitored_resource_descriptors + billing_accounts_cmek_settings: + id: google.logging.billing_accounts_cmek_settings + name: billing_accounts_cmek_settings + title: Billing_accounts_cmek_settings methods: - monitored_resource_descriptors_list: + billing_accounts_get_cmek_settings: operation: - $ref: '#/paths/~1v2~1monitoredResourceDescriptors/get' + $ref: >- + #/paths/~1v2~1billingAccounts~1{billingAccountsId}~1cmekSettings/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.resourceDescriptors sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/monitored_resource_descriptors/methods/monitored_resource_descriptors_list + #/components/x-stackQL-resources/billing_accounts_cmek_settings/methods/billing_accounts_get_cmek_settings insert: [] update: [] replace: [] delete: [] -paths: - /v2/{name}/locations: - parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - get: - description: Lists information about the supported locations for this service. - operationId: logging.locations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - - Oauth2: - - https://www.googleapis.com/auth/logging.admin - Oauth2c: - - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListLocationsResponse' - parameters: - - in: path - name: name - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes - schema: - type: string - /v2/{name}: - parameters: *ref_1 - get: - description: Gets the description of an exclusion in the _Default sink. - operationId: logging.exclusions.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - - Oauth2: - - https://www.googleapis.com/auth/logging.admin - Oauth2c: - - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/LogExclusion' - parameters: - - in: path - name: name - required: true - schema: - type: string - post: - description: >- - Undeletes a log bucket. A bucket that has been deleted can be undeleted - within the grace period of 7 days. - operationId: logging.locations.buckets.undelete - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UndeleteBucketRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/logging.admin - Oauth2c: - - https://www.googleapis.com/auth/logging.admin - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Empty' - parameters: - - in: path - name: name - required: true - schema: - type: string - patch: - description: >- - Changes one or more properties of an existing exclusion in the _Default - sink. - operationId: logging.exclusions.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogExclusion' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/logging.admin - Oauth2c: - - https://www.googleapis.com/auth/logging.admin - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/LogExclusion' - parameters: - - in: path - name: name - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes an exclusion in the _Default sink. - operationId: logging.exclusions.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/logging.admin - Oauth2c: - - https://www.googleapis.com/auth/logging.admin - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Empty' - parameters: - - in: path - name: name - required: true - schema: - type: string - /v2/{name}/operations: - parameters: *ref_1 + billing_accounts_settings: + id: google.logging.billing_accounts_settings + name: billing_accounts_settings + title: Billing_accounts_settings + methods: + billing_accounts_get_settings: + operation: + $ref: '#/paths/~1v2~1billingAccounts~1{billingAccountsId}~1settings/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/billing_accounts_settings/methods/billing_accounts_get_settings + insert: [] + update: [] + replace: [] + delete: [] + metrics: + id: google.logging.metrics + name: metrics + title: Metrics + methods: + projects_metrics_update: + operation: + $ref: '#/paths/~1v2~1projects~1{projectsId}~1metrics~1{metricsId}/put' + response: + mediaType: application/json + openAPIDocKey: '200' + projects_metrics_get: + operation: + $ref: '#/paths/~1v2~1projects~1{projectsId}~1metrics~1{metricsId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + projects_metrics_delete: + operation: + $ref: '#/paths/~1v2~1projects~1{projectsId}~1metrics~1{metricsId}/delete' + response: + mediaType: application/json + openAPIDocKey: '200' + projects_metrics_list: + operation: + $ref: '#/paths/~1v2~1projects~1{projectsId}~1metrics/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.metrics + projects_metrics_create: + operation: + $ref: '#/paths/~1v2~1projects~1{projectsId}~1metrics/post' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/metrics/methods/projects_metrics_get + - $ref: >- + #/components/x-stackQL-resources/metrics/methods/projects_metrics_list + insert: + - $ref: >- + #/components/x-stackQL-resources/metrics/methods/projects_metrics_create + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/metrics/methods/projects_metrics_update + delete: + - $ref: >- + #/components/x-stackQL-resources/metrics/methods/projects_metrics_delete + logging_settings: + id: google.logging.logging_settings + name: logging_settings + title: Logging_settings + methods: + update_settings: + operation: + $ref: '#/paths/~1v2~1{name}~1settings/patch' + response: + mediaType: application/json + openAPIDocKey: '200' + get_settings: + operation: + $ref: '#/paths/~1v2~1{name}~1settings/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/logging_settings/methods/get_settings + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/logging_settings/methods/update_settings + replace: [] + delete: [] + logging_cmek_settings: + id: google.logging.logging_cmek_settings + name: logging_cmek_settings + title: Logging_cmek_settings + methods: + update_cmek_settings: + operation: + $ref: '#/paths/~1v2~1{name}~1cmekSettings/patch' + response: + mediaType: application/json + openAPIDocKey: '200' + get_cmek_settings: + operation: + $ref: '#/paths/~1v2~1{name}~1cmekSettings/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/logging_cmek_settings/methods/get_cmek_settings + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/logging_cmek_settings/methods/update_cmek_settings + replace: [] + delete: [] +paths: + /v2/monitoredResourceDescriptors: + parameters: &ref_1 + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/prettyPrint' get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns UNIMPLEMENTED. - operationId: logging.locations.operations.list + description: Lists the descriptors for monitored resource types used by Logging. + operationId: logging.monitoredResourceDescriptors.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6117,17 +5947,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/ListMonitoredResourceDescriptorsResponse' parameters: - - in: path - name: name - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: @@ -6137,65 +5958,16 @@ paths: name: pageToken schema: type: string - /v2/{parentType}/{parent}/buckets: + /v2/organizations/{organizationsId}/logs/{logsId}: parameters: *ref_1 - get: - description: Lists log buckets. - operationId: logging.locations.buckets.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - - Oauth2: - - https://www.googleapis.com/auth/logging.admin - Oauth2c: - - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListBucketsResponse' - parameters: - - in: path - name: parentType - required: true - schema: - type: string - - in: path - name: parent - required: true - schema: - type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - post: + delete: description: >- - Creates a log bucket that can be used to store log entries. After a - bucket has been created, the bucket's location cannot be changed. - operationId: logging.locations.buckets.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogBucket' + Deletes all the log entries in a log for the global _Default Log Bucket. + The log reappears if it receives new entries. Log entries written + shortly before the delete operation might not be deleted. Entries + received after the delete operation with a timestamp before the + operation will be deleted. + operationId: logging.organizations.logs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6211,72 +5983,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: parentType - required: true - schema: - type: string - - in: path - name: parent + name: organizationsId required: true schema: type: string - - in: query - name: bucketId - schema: - type: string - /v2/{resource}: - parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a NOT_FOUND error.Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: logging.locations.buckets.views.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - - Oauth2: - - https://www.googleapis.com/auth/logging.admin - Oauth2c: - - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' - parameters: - in: path - name: resource + name: logsId required: true schema: type: string - /v2/{parentType}/{parent}/views: + /v2/organizations/{organizationsId}/logs: parameters: *ref_1 get: - description: Lists views on a log bucket. - operationId: logging.locations.buckets.views.list + description: >- + Lists the logs in projects, organizations, folders, or billing accounts. + Only logs that have entries are listed. + operationId: logging.organizations.logs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6300,16 +6025,15 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListViewsResponse' + $ref: '#/components/schemas/ListLogsResponse' parameters: - in: path - name: parentType + name: organizationsId required: true schema: type: string - - in: path - name: parent - required: true + - in: query + name: resourceNames schema: type: string - in: query @@ -6321,52 +6045,68 @@ paths: schema: type: integer format: int32 - post: + /v2/organizations/{organizationsId}/locations/{locationsId}/recentQueries: + parameters: *ref_1 + get: description: >- - Creates a view over log entries in a log bucket. A bucket may contain a - maximum of 30 views. - operationId: logging.locations.buckets.views.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogView' + Lists the RecentQueries that were created by the user making the + request. + operationId: logging.organizations.locations.recentQueries.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogView' + $ref: '#/components/schemas/ListRecentQueriesResponse' parameters: - in: path - name: parentType + name: organizationsId required: true schema: type: string - in: path - name: parent + name: locationsId required: true schema: type: string - in: query - name: viewId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v2/{parentType}/{parent}/links: + - in: query + name: filter + schema: + type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}/logs: parameters: *ref_1 get: - description: Lists links. - operationId: logging.locations.buckets.links.list + description: >- + Lists the logs in projects, organizations, folders, or billing accounts. + Only logs that have entries are listed. + operationId: logging.organizations.locations.buckets.views.logs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6390,20 +6130,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLinksResponse' + $ref: '#/components/schemas/ListLogsResponse' parameters: - in: path - name: parentType + name: organizationsId required: true schema: type: string - in: path - name: parent + name: locationsId + required: true + schema: + type: string + - in: path + name: bucketsId + required: true + schema: + type: string + - in: path + name: viewsId required: true schema: type: string - in: query - name: pageToken + name: resourceNames schema: type: string - in: query @@ -6411,17 +6161,25 @@ paths: schema: type: integer format: int32 - post: + - in: query + name: pageToken + schema: + type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}: + parameters: *ref_1 + patch: description: >- - Asynchronously creates a linked dataset in BigQuery which makes it - possible to use BigQuery to read the logs stored in the log bucket. A - log bucket may currently only contain one link. - operationId: logging.locations.buckets.links.create + Updates a view on a log bucket. This method replaces the value of the + filter field from the existing view with the corresponding value from + the new view. If an UNAVAILABLE error is returned, this indicates that + system is not in a state where it can update the view. If this occurs, + please try again in a few minutes. + operationId: logging.organizations.locations.buckets.views.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Link' + $ref: '#/components/schemas/LogView' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6437,27 +6195,36 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/LogView' parameters: - in: path - name: parentType + name: organizationsId required: true schema: type: string - in: path - name: parent + name: locationsId + required: true + schema: + type: string + - in: path + name: bucketsId + required: true + schema: + type: string + - in: path + name: viewsId required: true schema: type: string - in: query - name: linkId + name: updateMask schema: type: string - /v2/{parentType}/{parent}/exclusions: - parameters: *ref_1 + format: google-fieldmask get: - description: Lists all the exclusions on the _Default sink in a parent resource. - operationId: logging.exclusions.list + description: Gets a view on a log bucket. + operationId: logging.organizations.locations.buckets.views.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6481,38 +6248,34 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListExclusionsResponse' + $ref: '#/components/schemas/LogView' parameters: - in: path - name: parentType + name: organizationsId required: true schema: type: string - in: path - name: parent + name: locationsId required: true schema: type: string - - in: query - name: pageToken + - in: path + name: bucketsId + required: true schema: type: string - - in: query - name: pageSize + - in: path + name: viewsId + required: true schema: - type: integer - format: int32 - post: + type: string + delete: description: >- - Creates a new exclusion in the _Default sink in a specified parent - resource. Only log entries belonging to that resource can be excluded. - You can have up to 10 exclusions in a resource. - operationId: logging.exclusions.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogExclusion' + Deletes a view on a log bucket. If an UNAVAILABLE error is returned, + this indicates that system is not in a state where it can delete the + view. If this occurs, please try again in a few minutes. + operationId: logging.organizations.locations.buckets.views.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6528,23 +6291,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogExclusion' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: parentType + name: organizationsId required: true schema: type: string - in: path - name: parent + name: locationsId required: true schema: type: string - /v2/{parentType}/{parent}/sinks: + - in: path + name: bucketsId + required: true + schema: + type: string + - in: path + name: viewsId + required: true + schema: + type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}/views: parameters: *ref_1 get: - description: Lists sinks. - operationId: logging.sinks.list + description: Lists views on a log bucket. + operationId: logging.organizations.locations.buckets.views.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6568,15 +6341,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSinksResponse' + $ref: '#/components/schemas/ListViewsResponse' parameters: - in: path - name: parentType + name: organizationsId required: true schema: type: string - in: path - name: parent + name: locationsId + required: true + schema: + type: string + - in: path + name: bucketsId required: true schema: type: string @@ -6589,62 +6367,124 @@ paths: schema: type: integer format: int32 + post: + description: >- + Creates a view over log entries in a log bucket. A bucket may contain a + maximum of 30 views. + operationId: logging.organizations.locations.buckets.views.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogView' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/logging.admin + Oauth2c: + - https://www.googleapis.com/auth/logging.admin + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/LogView' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: bucketsId + required: true + schema: + type: string - in: query - name: filter + name: viewId schema: type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:getIamPolicy: + parameters: *ref_1 post: description: >- - Creates a sink that exports specified log entries to a destination. The - export begins upon ingress, unless the sink's writer_identity is not - permitted to write to the destination. A sink can export log entries - only from the resource owning the sink. - operationId: logging.sinks.create + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: logging.organizations.locations.buckets.views.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: parentType + name: organizationsId required: true schema: type: string - in: path - name: parent + name: locationsId required: true schema: type: string - - in: query - name: uniqueWriterIdentity + - in: path + name: bucketsId + required: true schema: - type: boolean - - in: query - name: customWriterIdentity + type: string + - in: path + name: viewsId + required: true schema: type: string - /v2/{sinkName}: + /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:testIamPermissions: parameters: *ref_1 - get: - description: Gets a sink. - operationId: logging.sinks.get + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a NOT_FOUND error.Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: logging.organizations.locations.buckets.views.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6668,25 +6508,41 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path - name: sinkName + name: organizationsId required: true schema: type: string - put: + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: bucketsId + required: true + schema: + type: string + - in: path + name: viewsId + required: true + schema: + type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:setIamPolicy: + parameters: *ref_1 + post: description: >- - Updates a sink. This method replaces the values of the destination and - filter fields of the existing sink with the corresponding values from - the new sink.The updated sink might also have a new writer_identity; see - the unique_writer_identity field. - operationId: logging.sinks.update + Sets the access control policy on the specified resource. Replaces any + existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and + PERMISSION_DENIED errors. + operationId: logging.organizations.locations.buckets.views.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6702,31 +6558,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: sinkName + name: organizationsId required: true schema: type: string - - in: query - name: uniqueWriterIdentity + - in: path + name: locationsId + required: true schema: - type: boolean - - in: query - name: customWriterIdentity + type: string + - in: path + name: bucketsId + required: true schema: type: string - - in: query - name: updateMask + - in: path + name: viewsId + required: true schema: type: string - format: google-fieldmask + /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}/links/{linksId}: + parameters: *ref_1 delete: description: >- - Deletes a sink. If the sink has a unique writer_identity, then that - service account is also deleted. - operationId: logging.sinks.delete + Deletes a link. This will also delete the corresponding BigQuery linked + dataset. + operationId: logging.organizations.locations.buckets.links.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6742,25 +6602,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: sinkName + name: organizationsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: bucketsId + required: true + schema: + type: string + - in: path + name: linksId required: true schema: type: string - /v2/{name}/cmekSettings: - parameters: *ref_1 get: - description: >- - Gets the Logging CMEK settings for the given resource.Note: CMEK for the - Log Router can be configured for Google Cloud projects, folders, - organizations, and billing accounts. Once configured for an - organization, it applies to all projects and folders in the Google Cloud - organization.See Enabling CMEK for Log Router - (https://cloud.google.com/logging/docs/routing/managed-encryption) for - more information. - operationId: logging.getCmekSettings + description: Gets a link. + operationId: logging.organizations.locations.buckets.links.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6784,68 +6650,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CmekSettings' + $ref: '#/components/schemas/Link' parameters: - in: path - name: name + name: organizationsId required: true schema: type: string - patch: - description: >- - Updates the Log Router CMEK settings for the given resource.Note: CMEK - for the Log Router can currently only be configured for Google Cloud - organizations. Once configured, it applies to all projects and folders - in the Google Cloud organization.UpdateCmekSettings fails when any of - the following are true: The value of kms_key_name is invalid. The - associated service account doesn't have the required - roles/cloudkms.cryptoKeyEncrypterDecrypter role assigned for the key. - Access to the key is disabled.See Enabling CMEK for Log Router - (https://cloud.google.com/logging/docs/routing/managed-encryption) for - more information. - operationId: logging.updateCmekSettings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CmekSettings' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/logging.admin - Oauth2c: - - https://www.googleapis.com/auth/logging.admin - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/CmekSettings' - parameters: - in: path - name: name + name: locationsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: bucketsId + required: true schema: type: string - format: google-fieldmask - /v2/{name}/settings: + - in: path + name: linksId + required: true + schema: + type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}/links: parameters: *ref_1 get: - description: >- - Gets the settings for the given resource.Note: Settings can be retrieved - for Google Cloud projects, folders, organizations, and billing - accounts.See View default resource settings for Logging - (https://cloud.google.com/logging/docs/default-settings#view-org-settings) - for more information. - operationId: logging.getSettings + description: Lists links. + operationId: logging.organizations.locations.buckets.links.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6869,226 +6700,200 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Settings' + $ref: '#/components/schemas/ListLinksResponse' parameters: - in: path - name: name + name: organizationsId required: true schema: type: string - patch: - description: >- - Updates the settings for the given resource. This method applies to all - feature configurations for organization and folders.UpdateSettings fails - when any of the following are true: The value of storage_location either - isn't supported by Logging or violates the location OrgPolicy. The - default_sink_config field is set, but it has an unspecified filter write - mode. The value of kms_key_name is invalid. The associated service - account doesn't have the required - roles/cloudkms.cryptoKeyEncrypterDecrypter role assigned for the key. - Access to the key is disabled.See Configure default settings for - organizations and folders - (https://cloud.google.com/logging/docs/default-settings) for more - information. - operationId: logging.updateSettings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Settings' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/logging.admin - Oauth2c: - - https://www.googleapis.com/auth/logging.admin - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Settings' - parameters: - in: path - name: name + name: locationsId + required: true + schema: + type: string + - in: path + name: bucketsId required: true schema: type: string - in: query - name: updateMask + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - format: google-fieldmask - /v2/projects/{projectsId}/cmekSettings: - parameters: *ref_1 - get: + post: description: >- - Gets the Logging CMEK settings for the given resource.Note: CMEK for the - Log Router can be configured for Google Cloud projects, folders, - organizations, and billing accounts. Once configured for an - organization, it applies to all projects and folders in the Google Cloud - organization.See Enabling CMEK for Log Router - (https://cloud.google.com/logging/docs/routing/managed-encryption) for - more information. - operationId: logging.projects.getCmekSettings + Asynchronously creates a linked dataset in BigQuery which makes it + possible to use BigQuery to read the logs stored in the log bucket. A + log bucket may currently only contain one link. + operationId: logging.organizations.locations.buckets.links.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Link' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/CmekSettings' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - /v2/projects/{projectsId}/settings: + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: bucketsId + required: true + schema: + type: string + - in: query + name: linkId + schema: + type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/buckets:createAsync: parameters: *ref_1 - get: + post: description: >- - Gets the settings for the given resource.Note: Settings can be retrieved - for Google Cloud projects, folders, organizations, and billing - accounts.See View default resource settings for Logging - (https://cloud.google.com/logging/docs/default-settings#view-org-settings) - for more information. - operationId: logging.projects.getSettings + Creates a log bucket asynchronously that can be used to store log + entries.After a bucket has been created, the bucket's location cannot be + changed. + operationId: logging.organizations.locations.buckets.createAsync + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogBucket' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Settings' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - /v2/projects/{projectsId}/locations: + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: bucketId + schema: + type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}:updateAsync: parameters: *ref_1 - get: - description: Lists information about the supported locations for this service. - operationId: logging.projects.locations.list + post: + description: >- + Updates a log bucket asynchronously.If the bucket has a lifecycle_state + of DELETE_REQUESTED, then FAILED_PRECONDITION will be returned.After a + bucket has been created, the bucket's location cannot be changed. + operationId: logging.organizations.locations.buckets.updateAsync + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogBucket' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - - in: query - name: filter + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: bucketsId + required: true schema: type: string - in: query - name: extraLocationTypes + name: updateMask schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}: + format: google-fieldmask + /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}: parameters: *ref_1 - get: - description: Gets information about a location. - operationId: logging.projects.locations.get + delete: + description: >- + Deletes a log bucket.Changes the bucket's lifecycle_state to the + DELETE_REQUESTED state. After 7 days, the bucket will be purged and all + log entries in the bucket will be permanently deleted. + operationId: logging.organizations.locations.buckets.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7097,13 +6902,14 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/operations: - parameters: *ref_1 + - in: path + name: bucketsId + required: true + schema: + type: string get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns UNIMPLEMENTED. - operationId: logging.projects.locations.operations.list + description: Gets a log bucket. + operationId: logging.organizations.locations.buckets.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7127,10 +6933,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/LogBucket' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7139,54 +6945,41 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: bucketsId + required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 - get: + patch: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: logging.projects.locations.operations.get + Updates a log bucket.If the bucket has a lifecycle_state of + DELETE_REQUESTED, then FAILED_PRECONDITION will be returned.After a + bucket has been created, the bucket's location cannot be changed. + operationId: logging.organizations.locations.buckets.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogBucket' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/LogBucket' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7196,29 +6989,27 @@ paths: schema: type: string - in: path - name: operationsId + name: bucketsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v2/organizations/{organizationsId}/locations/{locationsId}/buckets: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - google.rpc.Code.UNIMPLEMENTED. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - 1, corresponding to Code.CANCELLED. - operationId: logging.projects.locations.operations.cancel + Creates a log bucket that can be used to store log entries. After a + bucket has been created, the bucket's location cannot be changed. + operationId: logging.organizations.locations.buckets.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/LogBucket' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7234,10 +7025,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/LogBucket' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7246,16 +7037,13 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: bucketId schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/buckets: - parameters: *ref_1 get: description: Lists log buckets. - operationId: logging.projects.locations.buckets.list + operationId: logging.organizations.locations.buckets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7282,7 +7070,7 @@ paths: $ref: '#/components/schemas/ListBucketsResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7300,16 +7088,18 @@ paths: schema: type: integer format: int32 + /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}:undelete: + parameters: *ref_1 post: description: >- - Creates a log bucket that can be used to store log entries. After a - bucket has been created, the bucket's location cannot be changed. - operationId: logging.projects.locations.buckets.create + Undeletes a log bucket. A bucket that has been deleted can be undeleted + within the grace period of 7 days. + operationId: logging.organizations.locations.buckets.undelete requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/UndeleteBucketRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7325,10 +7115,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7337,15 +7127,18 @@ paths: required: true schema: type: string - - in: query - name: bucketId + - in: path + name: bucketsId + required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}: + /v2/organizations/{organizationsId}/locations/{locationsId}/operations: parameters: *ref_1 get: - description: Gets a log bucket. - operationId: logging.projects.locations.buckets.get + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns UNIMPLEMENTED. + operationId: logging.organizations.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7369,10 +7162,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7381,22 +7174,42 @@ paths: required: true schema: type: string - - in: path - name: bucketsId - required: true + - in: query + name: filter schema: type: string - patch: + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: description: >- - Updates a log bucket.If the bucket has a lifecycle_state of - DELETE_REQUESTED, then FAILED_PRECONDITION will be returned.After a - bucket has been created, the bucket's location cannot be changed. - operationId: logging.projects.locations.buckets.patch + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + google.rpc.Code.UNIMPLEMENTED. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + 1, corresponding to Code.CANCELLED. + operationId: logging.organizations.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7412,10 +7225,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7425,40 +7238,45 @@ paths: schema: type: string - in: path - name: bucketsId + name: operationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: + /v2/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 + get: description: >- - Deletes a log bucket.Changes the bucket's lifecycle_state to the - DELETE_REQUESTED state. After 7 days, the bucket will be purged and all - log entries in the bucket will be permanently deleted. - operationId: logging.projects.locations.buckets.delete + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: logging.organizations.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7468,23 +7286,20 @@ paths: schema: type: string - in: path - name: bucketsId + name: operationsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/buckets:createAsync: + /v2/organizations/{organizationsId}/locations/{locationsId}/logScopes: parameters: *ref_1 post: - description: >- - Creates a log bucket asynchronously that can be used to store log - entries.After a bucket has been created, the bucket's location cannot be - changed. - operationId: logging.projects.locations.buckets.createAsync + description: Creates a log scope. + operationId: logging.organizations.locations.logScopes.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/LogScope' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7500,10 +7315,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/LogScope' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7513,41 +7328,39 @@ paths: schema: type: string - in: query - name: bucketId + name: logScopeId schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}:updateAsync: - parameters: *ref_1 - post: - description: >- - Updates a log bucket asynchronously.If the bucket has a lifecycle_state - of DELETE_REQUESTED, then FAILED_PRECONDITION will be returned.After a - bucket has been created, the bucket's location cannot be changed. - operationId: logging.projects.locations.buckets.updateAsync - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogBucket' + get: + description: Lists log scopes. + operationId: logging.organizations.locations.logScopes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListLogScopesResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7556,47 +7369,47 @@ paths: required: true schema: type: string - - in: path - name: bucketsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: updateMask + name: pageSize schema: - type: string - format: google-fieldmask - /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}:undelete: + type: integer + format: int32 + /v2/organizations/{organizationsId}/locations/{locationsId}/logScopes/{logScopesId}: parameters: *ref_1 - post: - description: >- - Undeletes a log bucket. A bucket that has been deleted can be undeleted - within the grace period of 7 days. - operationId: logging.projects.locations.buckets.undelete - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UndeleteBucketRequest' + get: + description: Gets a log scope. + operationId: logging.organizations.locations.logScopes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/LogScope' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7606,23 +7419,18 @@ paths: schema: type: string - in: path - name: bucketsId + name: logScopesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and - PERMISSION_DENIED errors. - operationId: logging.projects.locations.buckets.views.setIamPolicy + patch: + description: Updates a log scope. + operationId: logging.organizations.locations.logScopes.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/LogScope' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7638,10 +7446,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/LogScope' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7651,54 +7459,37 @@ paths: schema: type: string - in: path - name: bucketsId + name: logScopesId required: true schema: type: string - - in: path - name: viewsId - required: true + - in: query + name: updateMask schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:getIamPolicy: - parameters: *ref_1 - post: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: logging.projects.locations.buckets.views.getIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + format: google-fieldmask + delete: + description: Deletes a log scope. + operationId: logging.organizations.locations.logScopes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7708,57 +7499,39 @@ paths: schema: type: string - in: path - name: bucketsId - required: true - schema: - type: string - - in: path - name: viewsId + name: logScopesId required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a NOT_FOUND error.Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: logging.projects.locations.buckets.views.testIamPermissions + schema: + type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/savedQueries: + parameters: *ref_1 + post: + description: Creates a new SavedQuery for the user making the request. + operationId: logging.organizations.locations.savedQueries.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/SavedQuery' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/SavedQuery' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7767,21 +7540,13 @@ paths: required: true schema: type: string - - in: path - name: bucketsId - required: true - schema: - type: string - - in: path - name: viewsId - required: true + - in: query + name: savedQueryId schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}/views: - parameters: *ref_1 get: - description: Lists views on a log bucket. - operationId: logging.projects.locations.buckets.views.list + description: Lists the SavedQueries that were created by the user making the request. + operationId: logging.organizations.locations.savedQueries.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7805,10 +7570,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListViewsResponse' + $ref: '#/components/schemas/ListSavedQueriesResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7817,9 +7582,8 @@ paths: required: true schema: type: string - - in: path - name: bucketsId - required: true + - in: query + name: filter schema: type: string - in: query @@ -7831,35 +7595,38 @@ paths: schema: type: integer format: int32 - post: - description: >- - Creates a view over log entries in a log bucket. A bucket may contain a - maximum of 30 views. - operationId: logging.projects.locations.buckets.views.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogView' + /v2/organizations/{organizationsId}/locations/{locationsId}/savedQueries/{savedQueriesId}: + parameters: *ref_1 + get: + description: Returns all data associated with the requested query. + operationId: logging.organizations.locations.savedQueries.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogView' + $ref: '#/components/schemas/SavedQuery' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7869,46 +7636,34 @@ paths: schema: type: string - in: path - name: bucketsId + name: savedQueriesId required: true schema: type: string - - in: query - name: viewId - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}: - parameters: *ref_1 - get: - description: Gets a view on a log bucket. - operationId: logging.projects.locations.buckets.views.get + delete: + description: >- + Deletes an existing SavedQuery that was created by the user making the + request. + operationId: logging.organizations.locations.savedQueries.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogView' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7918,28 +7673,18 @@ paths: schema: type: string - in: path - name: bucketsId - required: true - schema: - type: string - - in: path - name: viewsId + name: savedQueriesId required: true schema: type: string patch: - description: >- - Updates a view on a log bucket. This method replaces the value of the - filter field from the existing view with the corresponding value from - the new view. If an UNAVAILABLE error is returned, this indicates that - system is not in a state where it can update the view. If this occurs, - please try again in a few minutes. - operationId: logging.projects.locations.buckets.views.patch + description: Updates an existing SavedQuery. + operationId: logging.organizations.locations.savedQueries.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogView' + $ref: '#/components/schemas/SavedQuery' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7955,10 +7700,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogView' + $ref: '#/components/schemas/SavedQuery' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -7968,12 +7713,7 @@ paths: schema: type: string - in: path - name: bucketsId - required: true - schema: - type: string - - in: path - name: viewsId + name: savedQueriesId required: true schema: type: string @@ -7982,31 +7722,38 @@ paths: schema: type: string format: google-fieldmask - delete: - description: >- - Deletes a view on a log bucket. If an UNAVAILABLE error is returned, - this indicates that system is not in a state where it can delete the - view. If this occurs, please try again in a few minutes. - operationId: logging.projects.locations.buckets.views.delete + /v2/organizations/{organizationsId}/locations/{locationsId}: + parameters: *ref_1 + get: + description: Gets information about a location. + operationId: logging.organizations.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Location' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -8015,23 +7762,11 @@ paths: required: true schema: type: string - - in: path - name: bucketsId - required: true - schema: - type: string - - in: path - name: viewsId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}/logs: + /v2/organizations/{organizationsId}/locations: parameters: *ref_1 get: - description: >- - Lists the logs in projects, organizations, folders, or billing accounts. - Only logs that have entries are listed. - operationId: logging.projects.locations.buckets.views.logs.list + description: Lists information about the supported locations for this service. + operationId: logging.organizations.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8055,30 +7790,19 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLogsResponse' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: bucketsId + name: organizationsId required: true schema: type: string - - in: path - name: viewsId - required: true + - in: query + name: filter schema: type: string - in: query - name: resourceNames + name: extraLocationTypes schema: type: string - in: query @@ -8090,162 +7814,125 @@ paths: name: pageToken schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}/links: + /v2/organizations/{organizationsId}/exclusions: parameters: *ref_1 - get: - description: Lists links. - operationId: logging.projects.locations.buckets.links.list + post: + description: >- + Creates a new exclusion in the _Default sink in a specified parent + resource. Only log entries belonging to that resource can be excluded. + You can have up to 10 exclusions in a resource. + operationId: logging.organizations.exclusions.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogExclusion' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListLinksResponse' + $ref: '#/components/schemas/LogExclusion' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: bucketsId + name: organizationsId required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - post: - description: >- - Asynchronously creates a linked dataset in BigQuery which makes it - possible to use BigQuery to read the logs stored in the log bucket. A - log bucket may currently only contain one link. - operationId: logging.projects.locations.buckets.links.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Link' + get: + description: Lists all the exclusions on the _Default sink in a parent resource. + operationId: logging.organizations.exclusions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListExclusionsResponse' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId + name: organizationsId required: true schema: type: string - - in: path - name: bucketsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: linkId + name: pageToken schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}/links/{linksId}: + /v2/organizations/{organizationsId}/exclusions/{exclusionsId}: parameters: *ref_1 - get: - description: Gets a link. - operationId: logging.projects.locations.buckets.links.get + delete: + description: Deletes an exclusion in the _Default sink. + operationId: logging.organizations.exclusions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Link' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: bucketsId + name: organizationsId required: true schema: type: string - in: path - name: linksId + name: exclusionsId required: true schema: type: string - delete: + patch: description: >- - Deletes a link. This will also delete the corresponding BigQuery linked - dataset. - operationId: logging.projects.locations.buckets.links.delete + Changes one or more properties of an existing exclusion in the _Default + sink. + operationId: logging.organizations.exclusions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogExclusion' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8261,33 +7948,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/LogExclusion' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId + name: organizationsId required: true schema: type: string - in: path - name: bucketsId + name: exclusionsId required: true schema: type: string - - in: path - name: linksId - required: true + - in: query + name: updateMask schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/logScopes: - parameters: *ref_1 + format: google-fieldmask get: - description: Lists log scopes. - operationId: logging.projects.locations.logScopes.list + description: Gets the description of an exclusion in the _Default sink. + operationId: logging.organizations.exclusions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8311,35 +7991,64 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLogScopesResponse' + $ref: '#/components/schemas/LogExclusion' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: locationsId + name: exclusionsId required: true schema: type: string - - in: query - name: pageToken + /v2/organizations/{organizationsId}/sinks/{sinksId}: + parameters: *ref_1 + delete: + description: >- + Deletes a sink. If the sink has a unique writer_identity, then that + service account is also deleted. + operationId: logging.organizations.sinks.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/logging.admin + Oauth2c: + - https://www.googleapis.com/auth/logging.admin + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: organizationsId + required: true schema: type: string - - in: query - name: pageSize + - in: path + name: sinksId + required: true schema: - type: integer - format: int32 - post: - description: Creates a log scope. - operationId: logging.projects.locations.logScopes.create + type: string + put: + description: >- + Updates a sink. This method replaces the values of the destination and + filter fields of the existing sink with the corresponding values from + the new sink.The updated sink might also have a new writer_identity; see + the unique_writer_identity field. + operationId: logging.organizations.sinks.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogScope' + $ref: '#/components/schemas/LogSink' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8355,27 +8064,34 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogScope' + $ref: '#/components/schemas/LogSink' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: locationsId + name: sinksId required: true schema: type: string - in: query - name: logScopeId + name: customWriterIdentity schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/logScopes/{logScopesId}: - parameters: *ref_1 + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: uniqueWriterIdentity + schema: + type: boolean get: - description: Gets a log scope. - operationId: logging.projects.locations.logScopes.get + description: Gets a sink. + operationId: logging.organizations.sinks.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8399,31 +8115,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogScope' + $ref: '#/components/schemas/LogSink' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId + name: organizationsId required: true schema: type: string - in: path - name: logScopesId + name: sinksId required: true schema: type: string patch: - description: Updates a log scope. - operationId: logging.projects.locations.logScopes.patch + description: >- + Updates a sink. This method replaces the values of the destination and + filter fields of the existing sink with the corresponding values from + the new sink.The updated sink might also have a new writer_identity; see + the unique_writer_identity field. + operationId: logging.organizations.sinks.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogScope' + $ref: '#/components/schemas/LogSink' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8439,21 +8154,24 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogScope' + $ref: '#/components/schemas/LogSink' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: locationsId + name: sinksId required: true schema: type: string - - in: path - name: logScopesId - required: true + - in: query + name: uniqueWriterIdentity + schema: + type: boolean + - in: query + name: customWriterIdentity schema: type: string - in: query @@ -8461,138 +8179,108 @@ paths: schema: type: string format: google-fieldmask - delete: - description: Deletes a log scope. - operationId: logging.projects.locations.logScopes.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/logging.admin - Oauth2c: - - https://www.googleapis.com/auth/logging.admin - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Empty' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: logScopesId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/savedQueries: + /v2/organizations/{organizationsId}/sinks: parameters: *ref_1 - get: - description: Lists the SavedQueries that were created by the user making the request. - operationId: logging.projects.locations.savedQueries.list + post: + description: >- + Creates a sink that exports specified log entries to a destination. The + export begins upon ingress, unless the sink's writer_identity is not + permitted to write to the destination. A sink can export log entries + only from the resource owning the sink. + operationId: logging.organizations.sinks.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogSink' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListSavedQueriesResponse' + $ref: '#/components/schemas/LogSink' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId + name: organizationsId required: true schema: type: string - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize + name: uniqueWriterIdentity schema: - type: integer - format: int32 + type: boolean - in: query - name: filter + name: customWriterIdentity schema: type: string - post: - description: Creates a new SavedQuery for the user making the request. - operationId: logging.projects.locations.savedQueries.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SavedQuery' + get: + description: Lists sinks. + operationId: logging.organizations.sinks.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/ListSinksResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: savedQueryId + name: filter schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/savedQueries/{savedQueriesId}: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/organizations/{organizationsId}/cmekSettings: parameters: *ref_1 get: - description: Returns all data associated with the requested query. - operationId: logging.projects.locations.savedQueries.get + description: >- + Gets the Logging CMEK settings for the given resource.Note: CMEK for the + Log Router can be configured for Google Cloud projects, folders, + organizations, and billing accounts. Once configured for an + organization, it applies to all projects and folders in the Google Cloud + organization.See Enabling CMEK for Log Router + (https://cloud.google.com/logging/docs/routing/managed-encryption) for + more information. + operationId: logging.organizations.getCmekSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8616,31 +8304,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/CmekSettings' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: savedQueriesId + name: organizationsId required: true schema: type: string patch: - description: Updates an existing SavedQuery. - operationId: logging.projects.locations.savedQueries.patch + description: >- + Updates the Log Router CMEK settings for the given resource.Note: CMEK + for the Log Router can currently only be configured for Google Cloud + organizations. Once configured, it applies to all projects and folders + in the Google Cloud organization.UpdateCmekSettings fails when any of + the following are true: The value of kms_key_name is invalid. The + associated service account doesn't have the required + roles/cloudkms.cryptoKeyEncrypterDecrypter role assigned for the key. + Access to the key is disabled.See Enabling CMEK for Log Router + (https://cloud.google.com/logging/docs/routing/managed-encryption) for + more information. + operationId: logging.organizations.updateCmekSettings requestBody: content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/CmekSettings' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8656,20 +8344,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/CmekSettings' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: savedQueriesId + name: organizationsId required: true schema: type: string @@ -8678,11 +8356,28 @@ paths: schema: type: string format: google-fieldmask - delete: + /v2/organizations/{organizationsId}/settings: + parameters: *ref_1 + patch: description: >- - Deletes an existing SavedQuery that was created by the user making the - request. - operationId: logging.projects.locations.savedQueries.delete + Updates the settings for the given resource. This method applies to all + feature configurations for organization and folders.UpdateSettings fails + when any of the following are true: The value of storage_location either + isn't supported by Logging or violates the location OrgPolicy. The + default_sink_config field is set, but it has an unspecified filter write + mode. The value of kms_key_name is invalid. The associated service + account doesn't have the required + roles/cloudkms.cryptoKeyEncrypterDecrypter role assigned for the key. + Access to the key is disabled.See Configure default settings for + organizations and folders + (https://cloud.google.com/logging/docs/default-settings) for more + information. + operationId: logging.organizations.updateSettings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Settings' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8698,30 +8393,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Settings' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId + name: organizationsId required: true schema: type: string - - in: path - name: savedQueriesId - required: true + - in: query + name: updateMask schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/recentQueries: - parameters: *ref_1 + format: google-fieldmask get: description: >- - Lists the RecentQueries that were created by the user making the - request. - operationId: logging.projects.locations.recentQueries.list + Gets the settings for the given resource.Note: Settings can be retrieved + for Google Cloud projects, folders, organizations, and billing + accounts.See View default resource settings for Logging + (https://cloud.google.com/logging/docs/default-settings#view-org-settings) + for more information. + operationId: logging.organizations.getSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8745,113 +8436,105 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRecentQueriesResponse' + $ref: '#/components/schemas/Settings' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId + name: organizationsId required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: filter - schema: - type: string - /v2/projects/{projectsId}/exclusions: + /v2/{logName}: parameters: *ref_1 - get: - description: Lists all the exclusions on the _Default sink in a parent resource. - operationId: logging.projects.exclusions.list + delete: + description: >- + Deletes all the log entries in a log for the global _Default Log Bucket. + The log reappears if it receives new entries. Log entries written + shortly before the delete operation might not be deleted. Entries + received after the delete operation with a timestamp before the + operation will be deleted. + operationId: logging.logs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListExclusionsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId + name: logName required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - post: + /v2/{parentType}/{parent}/logs: + parameters: *ref_1 + get: description: >- - Creates a new exclusion in the _Default sink in a specified parent - resource. Only log entries belonging to that resource can be excluded. - You can have up to 10 exclusions in a resource. - operationId: logging.projects.exclusions.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogExclusion' + Lists the logs in projects, organizations, folders, or billing accounts. + Only logs that have entries are listed. + operationId: logging.logs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogExclusion' + $ref: '#/components/schemas/ListLogsResponse' parameters: - in: path - name: projectsId + name: parentType + required: true + schema: + type: string + - in: path + name: parent required: true schema: type: string - /v2/projects/{projectsId}/exclusions/{exclusionsId}: + - in: query + name: pageToken + schema: + type: string + - in: query + name: resourceNames + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/{sinkName}: parameters: *ref_1 get: - description: Gets the description of an exclusion in the _Default sink. - operationId: logging.projects.exclusions.get + description: Gets a sink. + operationId: logging.sinks.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8875,28 +8558,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogExclusion' + $ref: '#/components/schemas/LogSink' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: exclusionsId + name: sinkName required: true schema: type: string - patch: + delete: description: >- - Changes one or more properties of an existing exclusion in the _Default - sink. - operationId: logging.projects.exclusions.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogExclusion' + Deletes a sink. If the sink has a unique writer_identity, then that + service account is also deleted. + operationId: logging.sinks.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8912,26 +8585,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogExclusion' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: exclusionsId + name: sinkName required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes an exclusion in the _Default sink. - operationId: logging.projects.exclusions.delete + put: + description: >- + Updates a sink. This method replaces the values of the destination and + filter fields of the existing sink with the corresponding values from + the new sink.The updated sink might also have a new writer_identity; see + the unique_writer_identity field. + operationId: logging.sinks.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogSink' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8947,23 +8619,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/LogSink' parameters: - in: path - name: projectsId + name: sinkName required: true schema: type: string - - in: path - name: exclusionsId - required: true + - in: query + name: customWriterIdentity schema: type: string - /v2/projects/{projectsId}/sinks: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: uniqueWriterIdentity + schema: + type: boolean + /v2/{parentType}/{parent}/sinks: parameters: *ref_1 get: description: Lists sinks. - operationId: logging.projects.sinks.list + operationId: logging.sinks.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8990,12 +8670,13 @@ paths: $ref: '#/components/schemas/ListSinksResponse' parameters: - in: path - name: projectsId + name: parentType required: true schema: type: string - - in: query - name: pageToken + - in: path + name: parent + required: true schema: type: string - in: query @@ -9007,13 +8688,17 @@ paths: name: filter schema: type: string + - in: query + name: pageToken + schema: + type: string post: description: >- Creates a sink that exports specified log entries to a destination. The export begins upon ingress, unless the sink's writer_identity is not permitted to write to the destination. A sink can export log entries only from the resource owning the sink. - operationId: logging.projects.sinks.create + operationId: logging.sinks.create requestBody: content: application/json: @@ -9037,7 +8722,12 @@ paths: $ref: '#/components/schemas/LogSink' parameters: - in: path - name: projectsId + name: parentType + required: true + schema: + type: string + - in: path + name: parent required: true schema: type: string @@ -9049,11 +8739,20 @@ paths: name: customWriterIdentity schema: type: string - /v2/projects/{projectsId}/sinks/{sinksId}: + /v2/entries:list: parameters: *ref_1 - get: - description: Gets a sink. - operationId: logging.projects.sinks.get + post: + description: >- + Lists log entries. Use this method to retrieve log entries that + originated from a project/folder/organization/billing account. For ways + to export log entries, see Exporting Logs + (https://cloud.google.com/logging/docs/export). + operationId: logging.entries.list + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ListLogEntriesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9077,30 +8776,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogSink' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: sinksId - required: true - schema: - type: string - put: + $ref: '#/components/schemas/ListLogEntriesResponse' + parameters: [] + /v2/entries:write: + parameters: *ref_1 + post: description: >- - Updates a sink. This method replaces the values of the destination and - filter fields of the existing sink with the corresponding values from - the new sink.The updated sink might also have a new writer_identity; see - the unique_writer_identity field. - operationId: logging.projects.sinks.update + Writes log entries to Logging. This API method is the only way to send + log entries to Logging. This method is used, directly or indirectly, by + the Logging agent (fluentd) and all logging libraries configured to use + Logging. A single request may contain log entries for a maximum of 1000 + different resource names (projects, organizations, billing accounts or + folders), where the resource name for a log entry is determined from its + logName field. + operationId: logging.entries.write requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/WriteLogEntriesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9110,94 +8804,28 @@ paths: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/LogSink' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: sinksId - required: true - schema: - type: string - - in: query - name: uniqueWriterIdentity - schema: - type: boolean - - in: query - name: customWriterIdentity - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - patch: - description: >- - Updates a sink. This method replaces the values of the destination and - filter fields of the existing sink with the corresponding values from - the new sink.The updated sink might also have a new writer_identity; see - the unique_writer_identity field. - operationId: logging.projects.sinks.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogSink' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/logging.admin + - https://www.googleapis.com/auth/logging.write Oauth2c: - - https://www.googleapis.com/auth/logging.admin + - https://www.googleapis.com/auth/logging.write responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogSink' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: sinksId - required: true - schema: - type: string - - in: query - name: uniqueWriterIdentity - schema: - type: boolean - - in: query - name: customWriterIdentity - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: >- - Deletes a sink. If the sink has a unique writer_identity, then that - service account is also deleted. - operationId: logging.projects.sinks.delete + $ref: '#/components/schemas/WriteLogEntriesResponse' + parameters: [] + /v2/entries:copy: + parameters: *ref_1 + post: + description: Copies a set of log entries from a log bucket to a Cloud Storage bucket. + operationId: logging.entries.copy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CopyLogEntriesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9213,62 +8841,57 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: sinksId - required: true - schema: - type: string - /v2/projects/{projectsId}/logs/{logsId}: + $ref: '#/components/schemas/Operation' + parameters: [] + /v2/entries:tail: parameters: *ref_1 - delete: + post: description: >- - Deletes all the log entries in a log for the global _Default Log Bucket. - The log reappears if it receives new entries. Log entries written - shortly before the delete operation might not be deleted. Entries - received after the delete operation with a timestamp before the - operation will be deleted. - operationId: logging.projects.logs.delete + Streaming read of log entries as they are received. Until the stream is + terminated, it will continue reading logs. + operationId: logging.entries.tail + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TailLogEntriesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: logsId - required: true - schema: - type: string - /v2/projects/{projectsId}/logs: + $ref: '#/components/schemas/TailLogEntriesResponse' + parameters: [] + /v2/billingAccounts/{billingAccountsId}/cmekSettings: parameters: *ref_1 get: description: >- - Lists the logs in projects, organizations, folders, or billing accounts. - Only logs that have entries are listed. - operationId: logging.projects.logs.list + Gets the Logging CMEK settings for the given resource.Note: CMEK for the + Log Router can be configured for Google Cloud projects, folders, + organizations, and billing accounts. Once configured for an + organization, it applies to all projects and folders in the Google Cloud + organization.See Enabling CMEK for Log Router + (https://cloud.google.com/logging/docs/routing/managed-encryption) for + more information. + operationId: logging.billingAccounts.getCmekSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9292,31 +8915,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLogsResponse' + $ref: '#/components/schemas/CmekSettings' parameters: - in: path - name: projectsId + name: billingAccountsId required: true schema: type: string - - in: query - name: resourceNames - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v2/projects/{projectsId}/metrics: + /v2/billingAccounts/{billingAccountsId}/settings: parameters: *ref_1 get: - description: Lists logs-based metrics. - operationId: logging.projects.metrics.list + description: >- + Gets the settings for the given resource.Note: Settings can be retrieved + for Google Cloud projects, folders, organizations, and billing + accounts.See View default resource settings for Logging + (https://cloud.google.com/logging/docs/default-settings#view-org-settings) + for more information. + operationId: logging.billingAccounts.getSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9340,30 +8955,79 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLogMetricsResponse' + $ref: '#/components/schemas/Settings' parameters: - in: path - name: projectsId + name: billingAccountsId + required: true + schema: + type: string + /v2/billingAccounts/{billingAccountsId}/sinks/{sinksId}: + parameters: *ref_1 + put: + description: >- + Updates a sink. This method replaces the values of the destination and + filter fields of the existing sink with the corresponding values from + the new sink.The updated sink might also have a new writer_identity; see + the unique_writer_identity field. + operationId: logging.billingAccounts.sinks.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogSink' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/logging.admin + Oauth2c: + - https://www.googleapis.com/auth/logging.admin + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/LogSink' + parameters: + - in: path + name: billingAccountsId + required: true + schema: + type: string + - in: path + name: sinksId required: true schema: type: string - in: query - name: pageToken + name: updateMask schema: type: string + format: google-fieldmask - in: query - name: pageSize + name: customWriterIdentity schema: - type: integer - format: int32 - post: - description: Creates a logs-based metric. - operationId: logging.projects.metrics.create + type: string + - in: query + name: uniqueWriterIdentity + schema: + type: boolean + patch: + description: >- + Updates a sink. This method replaces the values of the destination and + filter fields of the existing sink with the corresponding values from + the new sink.The updated sink might also have a new writer_identity; see + the unique_writer_identity field. + operationId: logging.billingAccounts.sinks.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogMetric' + $ref: '#/components/schemas/LogSink' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9373,28 +9037,40 @@ paths: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.write - Oauth2c: - - https://www.googleapis.com/auth/logging.write responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogMetric' + $ref: '#/components/schemas/LogSink' parameters: - in: path - name: projectsId + name: billingAccountsId required: true schema: type: string - /v2/projects/{projectsId}/metrics/{metricsId}: - parameters: *ref_1 + - in: path + name: sinksId + required: true + schema: + type: string + - in: query + name: uniqueWriterIdentity + schema: + type: boolean + - in: query + name: customWriterIdentity + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: Gets a logs-based metric. - operationId: logging.projects.metrics.get + description: Gets a sink. + operationId: logging.billingAccounts.sinks.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9418,26 +9094,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogMetric' + $ref: '#/components/schemas/LogSink' parameters: - in: path - name: projectsId + name: billingAccountsId required: true schema: type: string - in: path - name: metricsId + name: sinksId required: true schema: type: string - put: - description: Creates or updates a logs-based metric. - operationId: logging.projects.metrics.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogMetric' + delete: + description: >- + Deletes a sink. If the sink has a unique writer_identity, then that + service account is also deleted. + operationId: logging.billingAccounts.sinks.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9447,31 +9120,38 @@ paths: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.write - Oauth2c: - - https://www.googleapis.com/auth/logging.write responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogMetric' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId + name: billingAccountsId required: true schema: type: string - in: path - name: metricsId + name: sinksId required: true schema: type: string - delete: - description: Deletes a logs-based metric. - operationId: logging.projects.metrics.delete + /v2/billingAccounts/{billingAccountsId}/sinks: + parameters: *ref_1 + post: + description: >- + Creates a sink that exports specified log entries to a destination. The + export begins upon ingress, unless the sink's writer_identity is not + permitted to write to the destination. A sink can export log entries + only from the resource owning the sink. + operationId: logging.billingAccounts.sinks.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogSink' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9481,40 +9161,30 @@ paths: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.write - Oauth2c: - - https://www.googleapis.com/auth/logging.write responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/LogSink' parameters: - in: path - name: projectsId + name: billingAccountsId required: true schema: type: string - - in: path - name: metricsId - required: true + - in: query + name: uniqueWriterIdentity + schema: + type: boolean + - in: query + name: customWriterIdentity schema: type: string - /v2/organizations/{organizationsId}/cmekSettings: - parameters: *ref_1 get: - description: >- - Gets the Logging CMEK settings for the given resource.Note: CMEK for the - Log Router can be configured for Google Cloud projects, folders, - organizations, and billing accounts. Once configured for an - organization, it applies to all projects and folders in the Google Cloud - organization.See Enabling CMEK for Log Router - (https://cloud.google.com/logging/docs/routing/managed-encryption) for - more information. - operationId: logging.organizations.getCmekSettings + description: Lists sinks. + operationId: logging.billingAccounts.sinks.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9538,31 +9208,36 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CmekSettings' + $ref: '#/components/schemas/ListSinksResponse' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/savedQueries/{savedQueriesId}: + parameters: *ref_1 patch: - description: >- - Updates the Log Router CMEK settings for the given resource.Note: CMEK - for the Log Router can currently only be configured for Google Cloud - organizations. Once configured, it applies to all projects and folders - in the Google Cloud organization.UpdateCmekSettings fails when any of - the following are true: The value of kms_key_name is invalid. The - associated service account doesn't have the required - roles/cloudkms.cryptoKeyEncrypterDecrypter role assigned for the key. - Access to the key is disabled.See Enabling CMEK for Log Router - (https://cloud.google.com/logging/docs/routing/managed-encryption) for - more information. - operationId: logging.organizations.updateCmekSettings + description: Updates an existing SavedQuery. + operationId: logging.billingAccounts.locations.savedQueries.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/CmekSettings' + $ref: '#/components/schemas/SavedQuery' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9578,10 +9253,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CmekSettings' + $ref: '#/components/schemas/SavedQuery' parameters: - in: path - name: organizationsId + name: billingAccountsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: savedQueriesId required: true schema: type: string @@ -9590,16 +9275,9 @@ paths: schema: type: string format: google-fieldmask - /v2/organizations/{organizationsId}/settings: - parameters: *ref_1 get: - description: >- - Gets the settings for the given resource.Note: Settings can be retrieved - for Google Cloud projects, folders, organizations, and billing - accounts.See View default resource settings for Logging - (https://cloud.google.com/logging/docs/default-settings#view-org-settings) - for more information. - operationId: logging.organizations.getSettings + description: Returns all data associated with the requested query. + operationId: logging.billingAccounts.locations.savedQueries.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9623,33 +9301,70 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Settings' + $ref: '#/components/schemas/SavedQuery' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string - patch: + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: savedQueriesId + required: true + schema: + type: string + delete: description: >- - Updates the settings for the given resource. This method applies to all - feature configurations for organization and folders.UpdateSettings fails - when any of the following are true: The value of storage_location either - isn't supported by Logging or violates the location OrgPolicy. The - default_sink_config field is set, but it has an unspecified filter write - mode. The value of kms_key_name is invalid. The associated service - account doesn't have the required - roles/cloudkms.cryptoKeyEncrypterDecrypter role assigned for the key. - Access to the key is disabled.See Configure default settings for - organizations and folders - (https://cloud.google.com/logging/docs/default-settings) for more - information. - operationId: logging.organizations.updateSettings + Deletes an existing SavedQuery that was created by the user making the + request. + operationId: logging.billingAccounts.locations.savedQueries.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/logging.admin + Oauth2c: + - https://www.googleapis.com/auth/logging.admin + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: billingAccountsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: savedQueriesId + required: true + schema: + type: string + /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/savedQueries: + parameters: *ref_1 + post: + description: Creates a new SavedQuery for the user making the request. + operationId: logging.billingAccounts.locations.savedQueries.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Settings' + $ref: '#/components/schemas/SavedQuery' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9665,23 +9380,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Settings' + $ref: '#/components/schemas/SavedQuery' parameters: - in: path - name: organizationsId + name: billingAccountsId + required: true + schema: + type: string + - in: path + name: locationsId required: true schema: type: string - in: query - name: updateMask + name: savedQueryId schema: type: string - format: google-fieldmask - /v2/organizations/{organizationsId}/locations: - parameters: *ref_1 get: - description: Lists information about the supported locations for this service. - operationId: logging.organizations.locations.list + description: Lists the SavedQueries that were created by the user making the request. + operationId: logging.billingAccounts.locations.savedQueries.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9705,15 +9422,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/ListSavedQueriesResponse' parameters: - in: path - name: organizationsId + name: billingAccountsId + required: true + schema: + type: string + - in: path + name: locationsId required: true schema: type: string - in: query - name: filter + name: pageToken schema: type: string - in: query @@ -9722,45 +9444,47 @@ paths: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes + name: filter schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}: + /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: - description: Gets information about a location. - operationId: logging.organizations.locations.get + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + google.rpc.Code.UNIMPLEMENTED. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + 1, corresponding to Code.CANCELLED. + operationId: logging.billingAccounts.locations.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -9769,13 +9493,18 @@ paths: required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/operations: + - in: path + name: operationsId + required: true + schema: + type: string + /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/operations: parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns UNIMPLEMENTED. - operationId: logging.organizations.locations.operations.list + operationId: logging.billingAccounts.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9802,7 +9531,7 @@ paths: $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -9815,6 +9544,10 @@ paths: name: filter schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: pageSize schema: @@ -9824,14 +9557,14 @@ paths: name: pageToken schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}: + /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: logging.organizations.locations.operations.get + operationId: logging.billingAccounts.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9858,7 +9591,7 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -9872,25 +9605,19 @@ paths: required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}:cancel: + /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets/{bucketsId}:updateAsync: parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - google.rpc.Code.UNIMPLEMENTED. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - 1, corresponding to Code.CANCELLED. - operationId: logging.organizations.locations.operations.cancel + post: + description: >- + Updates a log bucket asynchronously.If the bucket has a lifecycle_state + of DELETE_REQUESTED, then FAILED_PRECONDITION will be returned.After a + bucket has been created, the bucket's location cannot be changed. + operationId: logging.billingAccounts.locations.buckets.updateAsync requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/LogBucket' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9906,10 +9633,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -9919,42 +9646,47 @@ paths: schema: type: string - in: path - name: operationsId + name: bucketsId required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/buckets: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets:createAsync: parameters: *ref_1 - get: - description: Lists log buckets. - operationId: logging.organizations.locations.buckets.list + post: + description: >- + Creates a log bucket asynchronously that can be used to store log + entries.After a bucket has been created, the bucket's location cannot be + changed. + operationId: logging.billingAccounts.locations.buckets.createAsync + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogBucket' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListBucketsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -9964,19 +9696,16 @@ paths: schema: type: string - in: query - name: pageToken + name: bucketId schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 + /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets: + parameters: *ref_1 post: description: >- Creates a log bucket that can be used to store log entries. After a bucket has been created, the bucket's location cannot be changed. - operationId: logging.organizations.locations.buckets.create + operationId: logging.billingAccounts.locations.buckets.create requestBody: content: application/json: @@ -10000,7 +9729,7 @@ paths: $ref: '#/components/schemas/LogBucket' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -10013,11 +9742,9 @@ paths: name: bucketId schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}: - parameters: *ref_1 get: - description: Gets a log bucket. - operationId: logging.organizations.locations.buckets.get + description: Lists log buckets. + operationId: logging.billingAccounts.locations.buckets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10041,10 +9768,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/ListBucketsResponse' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -10053,31 +9780,37 @@ paths: required: true schema: type: string - - in: path - name: bucketsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - patch: - description: >- - Updates a log bucket.If the bucket has a lifecycle_state of - DELETE_REQUESTED, then FAILED_PRECONDITION will be returned.After a - bucket has been created, the bucket's location cannot be changed. - operationId: logging.organizations.locations.buckets.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogBucket' + /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets/{bucketsId}: + parameters: *ref_1 + get: + description: Gets a log bucket. + operationId: logging.billingAccounts.locations.buckets.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response @@ -10087,7 +9820,7 @@ paths: $ref: '#/components/schemas/LogBucket' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -10101,17 +9834,12 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask delete: description: >- Deletes a log bucket.Changes the bucket's lifecycle_state to the DELETE_REQUESTED state. After 7 days, the bucket will be purged and all log entries in the bucket will be permanently deleted. - operationId: logging.organizations.locations.buckets.delete + operationId: logging.billingAccounts.locations.buckets.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10130,7 +9858,7 @@ paths: $ref: '#/components/schemas/Empty' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -10144,58 +9872,12 @@ paths: required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/buckets:createAsync: - parameters: *ref_1 - post: - description: >- - Creates a log bucket asynchronously that can be used to store log - entries.After a bucket has been created, the bucket's location cannot be - changed. - operationId: logging.organizations.locations.buckets.createAsync - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogBucket' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/logging.admin - Oauth2c: - - https://www.googleapis.com/auth/logging.admin - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: bucketId - schema: - type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}:updateAsync: - parameters: *ref_1 - post: + patch: description: >- - Updates a log bucket asynchronously.If the bucket has a lifecycle_state - of DELETE_REQUESTED, then FAILED_PRECONDITION will be returned.After a + Updates a log bucket.If the bucket has a lifecycle_state of + DELETE_REQUESTED, then FAILED_PRECONDITION will be returned.After a bucket has been created, the bucket's location cannot be changed. - operationId: logging.organizations.locations.buckets.updateAsync + operationId: logging.billingAccounts.locations.buckets.patch requestBody: content: application/json: @@ -10216,10 +9898,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/LogBucket' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -10238,13 +9920,13 @@ paths: schema: type: string format: google-fieldmask - /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}:undelete: + /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets/{bucketsId}:undelete: parameters: *ref_1 post: description: >- Undeletes a log bucket. A bucket that has been deleted can be undeleted within the grace period of 7 days. - operationId: logging.organizations.locations.buckets.undelete + operationId: logging.billingAccounts.locations.buckets.undelete requestBody: content: application/json: @@ -10268,7 +9950,7 @@ paths: $ref: '#/components/schemas/Empty' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -10282,38 +9964,38 @@ paths: required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:setIamPolicy: + /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets/{bucketsId}/links/{linksId}: parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and - PERMISSION_DENIED errors. - operationId: logging.organizations.locations.buckets.views.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + get: + description: Gets a link. + operationId: logging.billingAccounts.locations.buckets.links.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Link' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -10328,49 +10010,34 @@ paths: schema: type: string - in: path - name: viewsId + name: linksId required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:getIamPolicy: - parameters: *ref_1 - post: + delete: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: logging.organizations.locations.buckets.views.getIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + Deletes a link. This will also delete the corresponding BigQuery linked + dataset. + operationId: logging.billingAccounts.locations.buckets.links.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -10385,52 +10052,42 @@ paths: schema: type: string - in: path - name: viewsId + name: linksId required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:testIamPermissions: + /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets/{bucketsId}/links: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a NOT_FOUND error.Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: logging.organizations.locations.buckets.views.testIamPermissions + Asynchronously creates a linked dataset in BigQuery which makes it + possible to use BigQuery to read the logs stored in the log bucket. A + log bucket may currently only contain one link. + operationId: logging.billingAccounts.locations.buckets.links.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/Link' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -10444,16 +10101,13 @@ paths: required: true schema: type: string - - in: path - name: viewsId - required: true + - in: query + name: linkId schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}/views: - parameters: *ref_1 get: - description: Lists views on a log bucket. - operationId: logging.organizations.locations.buckets.views.list + description: Lists links. + operationId: logging.billingAccounts.locations.buckets.links.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10477,10 +10131,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListViewsResponse' + $ref: '#/components/schemas/ListLinksResponse' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -10494,20 +10148,25 @@ paths: required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 - post: + - in: query + name: pageToken + schema: + type: string + /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}: + parameters: *ref_1 + patch: description: >- - Creates a view over log entries in a log bucket. A bucket may contain a - maximum of 30 views. - operationId: logging.organizations.locations.buckets.views.create + Updates a view on a log bucket. This method replaces the value of the + filter field from the existing view with the corresponding value from + the new view. If an UNAVAILABLE error is returned, this indicates that + system is not in a state where it can update the view. If this occurs, + please try again in a few minutes. + operationId: logging.billingAccounts.locations.buckets.views.patch requestBody: content: application/json: @@ -10531,7 +10190,7 @@ paths: $ref: '#/components/schemas/LogView' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -10545,15 +10204,62 @@ paths: required: true schema: type: string + - in: path + name: viewsId + required: true + schema: + type: string - in: query - name: viewId + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: >- + Deletes a view on a log bucket. If an UNAVAILABLE error is returned, + this indicates that system is not in a state where it can delete the + view. If this occurs, please try again in a few minutes. + operationId: logging.billingAccounts.locations.buckets.views.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/logging.admin + Oauth2c: + - https://www.googleapis.com/auth/logging.admin + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: billingAccountsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: bucketsId + required: true + schema: + type: string + - in: path + name: viewsId + required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}: - parameters: *ref_1 get: description: Gets a view on a log bucket. - operationId: logging.organizations.locations.buckets.views.get + operationId: logging.billingAccounts.locations.buckets.views.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10580,7 +10286,7 @@ paths: $ref: '#/components/schemas/LogView' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -10599,14 +10305,13 @@ paths: required: true schema: type: string - patch: + /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets/{bucketsId}/views: + parameters: *ref_1 + post: description: >- - Updates a view on a log bucket. This method replaces the value of the - filter field from the existing view with the corresponding value from - the new view. If an UNAVAILABLE error is returned, this indicates that - system is not in a state where it can update the view. If this occurs, - please try again in a few minutes. - operationId: logging.organizations.locations.buckets.views.patch + Creates a view over log entries in a log bucket. A bucket may contain a + maximum of 30 views. + operationId: logging.billingAccounts.locations.buckets.views.create requestBody: content: application/json: @@ -10630,7 +10335,7 @@ paths: $ref: '#/components/schemas/LogView' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -10644,41 +10349,40 @@ paths: required: true schema: type: string - - in: path - name: viewsId - required: true - schema: - type: string - in: query - name: updateMask + name: viewId schema: type: string - format: google-fieldmask - delete: - description: >- - Deletes a view on a log bucket. If an UNAVAILABLE error is returned, - this indicates that system is not in a state where it can delete the - view. If this occurs, please try again in a few minutes. - operationId: logging.organizations.locations.buckets.views.delete + get: + description: Lists views on a log bucket. + operationId: logging.billingAccounts.locations.buckets.views.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListViewsResponse' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -10692,18 +10396,22 @@ paths: required: true schema: type: string - - in: path - name: viewsId - required: true + - in: query + name: pageToken schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}/logs: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}/logs: parameters: *ref_1 get: description: >- Lists the logs in projects, organizations, folders, or billing accounts. Only logs that have entries are listed. - operationId: logging.organizations.locations.buckets.views.logs.list + operationId: logging.billingAccounts.locations.buckets.views.logs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10730,7 +10438,7 @@ paths: $ref: '#/components/schemas/ListLogsResponse' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -10750,7 +10458,7 @@ paths: schema: type: string - in: query - name: resourceNames + name: pageToken schema: type: string - in: query @@ -10759,14 +10467,16 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: resourceNames schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}/links: + /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/recentQueries: parameters: *ref_1 get: - description: Lists links. - operationId: logging.organizations.locations.buckets.links.list + description: >- + Lists the RecentQueries that were created by the user making the + request. + operationId: logging.billingAccounts.locations.recentQueries.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10790,10 +10500,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLinksResponse' + $ref: '#/components/schemas/ListRecentQueriesResponse' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -10802,50 +10512,103 @@ paths: required: true schema: type: string - - in: path - name: bucketsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - in: query name: pageToken schema: type: string + /v2/billingAccounts/{billingAccountsId}/locations: + parameters: *ref_1 + get: + description: Lists information about the supported locations for this service. + operationId: logging.billingAccounts.locations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + - Oauth2: + - https://www.googleapis.com/auth/logging.admin + Oauth2c: + - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListLocationsResponse' + parameters: + - in: path + name: billingAccountsId + required: true + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - post: - description: >- - Asynchronously creates a linked dataset in BigQuery which makes it - possible to use BigQuery to read the logs stored in the log bucket. A - log bucket may currently only contain one link. - operationId: logging.organizations.locations.buckets.links.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Link' + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: extraLocationTypes + schema: + type: string + /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}: + parameters: *ref_1 + get: + description: Gets information about a location. + operationId: logging.billingAccounts.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Location' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string @@ -10854,20 +10617,11 @@ paths: required: true schema: type: string - - in: path - name: bucketsId - required: true - schema: - type: string - - in: query - name: linkId - schema: - type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/buckets/{bucketsId}/links/{linksId}: + /v2/billingAccounts/{billingAccountsId}/exclusions: parameters: *ref_1 get: - description: Gets a link. - operationId: logging.organizations.locations.buckets.links.get + description: Lists all the exclusions on the _Default sink in a parent resource. + operationId: logging.billingAccounts.exclusions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10891,33 +10645,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Link' + $ref: '#/components/schemas/ListExclusionsResponse' parameters: - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: locationsId + name: billingAccountsId required: true schema: type: string - - in: path - name: bucketsId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: linksId - required: true + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - delete: + post: description: >- - Deletes a link. This will also delete the corresponding BigQuery linked - dataset. - operationId: logging.organizations.locations.buckets.links.delete + Creates a new exclusion in the _Default sink in a specified parent + resource. Only log entries belonging to that resource can be excluded. + You can have up to 10 exclusions in a resource. + operationId: logging.billingAccounts.exclusions.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogExclusion' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10933,33 +10687,60 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/LogExclusion' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string + /v2/billingAccounts/{billingAccountsId}/exclusions/{exclusionsId}: + parameters: *ref_1 + patch: + description: >- + Changes one or more properties of an existing exclusion in the _Default + sink. + operationId: logging.billingAccounts.exclusions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogExclusion' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/logging.admin + Oauth2c: + - https://www.googleapis.com/auth/logging.admin + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/LogExclusion' + parameters: - in: path - name: locationsId + name: billingAccountsId required: true schema: type: string - in: path - name: bucketsId + name: exclusionsId required: true schema: type: string - - in: path - name: linksId - required: true + - in: query + name: updateMask schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/logScopes: - parameters: *ref_1 + format: google-fieldmask get: - description: Lists log scopes. - operationId: logging.organizations.locations.logScopes.list + description: Gets the description of an exclusion in the _Default sink. + operationId: logging.billingAccounts.exclusions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10983,35 +10764,58 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLogScopesResponse' + $ref: '#/components/schemas/LogExclusion' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string - in: path - name: locationsId + name: exclusionsId required: true schema: type: string - - in: query - name: pageToken + delete: + description: Deletes an exclusion in the _Default sink. + operationId: logging.billingAccounts.exclusions.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/logging.admin + Oauth2c: + - https://www.googleapis.com/auth/logging.admin + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: billingAccountsId + required: true schema: type: string - - in: query - name: pageSize + - in: path + name: exclusionsId + required: true schema: - type: integer - format: int32 - post: - description: Creates a log scope. - operationId: logging.organizations.locations.logScopes.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogScope' + type: string + /v2/billingAccounts/{billingAccountsId}/logs/{logsId}: + parameters: *ref_1 + delete: + description: >- + Deletes all the log entries in a log for the global _Default Log Bucket. + The log reappears if it receives new entries. Log entries written + shortly before the delete operation might not be deleted. Entries + received after the delete operation with a timestamp before the + operation will be deleted. + operationId: logging.billingAccounts.logs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11027,27 +10831,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogScope' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string - in: path - name: locationsId + name: logsId required: true schema: type: string - - in: query - name: logScopeId - schema: - type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/logScopes/{logScopesId}: + /v2/billingAccounts/{billingAccountsId}/logs: parameters: *ref_1 get: - description: Gets a log scope. - operationId: logging.organizations.locations.logScopes.get + description: >- + Lists the logs in projects, organizations, folders, or billing accounts. + Only logs that have entries are listed. + operationId: logging.billingAccounts.logs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11071,90 +10873,110 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogScope' + $ref: '#/components/schemas/ListLogsResponse' parameters: - in: path - name: organizationsId + name: billingAccountsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: resourceNames schema: type: string - - in: path - name: logScopesId - required: true + - in: query + name: pageToken schema: type: string - patch: - description: Updates a log scope. - operationId: logging.organizations.locations.logScopes.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogScope' + /v2/projects/{projectsId}/locations: + parameters: *ref_1 + get: + description: Lists information about the supported locations for this service. + operationId: logging.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogScope' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: extraLocationTypes schema: type: string - - in: path - name: logScopesId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: updateMask + name: filter schema: type: string - format: google-fieldmask - delete: - description: Deletes a log scope. - operationId: logging.organizations.locations.logScopes.delete + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/projects/{projectsId}/locations/{locationsId}: + parameters: *ref_1 + get: + description: Gets information about a location. + operationId: logging.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Location' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -11163,16 +10985,13 @@ paths: required: true schema: type: string - - in: path - name: logScopesId - required: true - schema: - type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/savedQueries: + /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}/logs: parameters: *ref_1 get: - description: Lists the SavedQueries that were created by the user making the request. - operationId: logging.organizations.locations.savedQueries.list + description: >- + Lists the logs in projects, organizations, folders, or billing accounts. + Only logs that have entries are listed. + operationId: logging.projects.locations.buckets.views.logs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11196,10 +11015,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSavedQueriesResponse' + $ref: '#/components/schemas/ListLogsResponse' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -11208,6 +11027,16 @@ paths: required: true schema: type: string + - in: path + name: bucketsId + required: true + schema: + type: string + - in: path + name: viewsId + required: true + schema: + type: string - in: query name: pageToken schema: @@ -11218,36 +11047,48 @@ paths: type: integer format: int32 - in: query - name: filter + name: resourceNames schema: type: string + /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:getIamPolicy: + parameters: *ref_1 post: - description: Creates a new SavedQuery for the user making the request. - operationId: logging.organizations.locations.savedQueries.create + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: logging.projects.locations.buckets.views.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -11256,42 +11097,48 @@ paths: required: true schema: type: string - - in: query - name: savedQueryId + - in: path + name: bucketsId + required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/savedQueries/{savedQueriesId}: + - in: path + name: viewsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:setIamPolicy: parameters: *ref_1 - get: - description: Returns all data associated with the requested query. - operationId: logging.organizations.locations.savedQueries.get + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and + PERMISSION_DENIED errors. + operationId: logging.projects.locations.buckets.views.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -11301,18 +11148,30 @@ paths: schema: type: string - in: path - name: savedQueriesId + name: bucketsId + required: true + schema: + type: string + - in: path + name: viewsId required: true schema: type: string + /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}: + parameters: *ref_1 patch: - description: Updates an existing SavedQuery. - operationId: logging.organizations.locations.savedQueries.patch + description: >- + Updates a view on a log bucket. This method replaces the value of the + filter field from the existing view with the corresponding value from + the new view. If an UNAVAILABLE error is returned, this indicates that + system is not in a state where it can update the view. If this occurs, + please try again in a few minutes. + operationId: logging.projects.locations.buckets.views.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/LogView' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11328,10 +11187,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/LogView' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -11341,7 +11200,12 @@ paths: schema: type: string - in: path - name: savedQueriesId + name: bucketsId + required: true + schema: + type: string + - in: path + name: viewsId required: true schema: type: string @@ -11352,9 +11216,10 @@ paths: format: google-fieldmask delete: description: >- - Deletes an existing SavedQuery that was created by the user making the - request. - operationId: logging.organizations.locations.savedQueries.delete + Deletes a view on a log bucket. If an UNAVAILABLE error is returned, + this indicates that system is not in a state where it can delete the + view. If this occurs, please try again in a few minutes. + operationId: logging.projects.locations.buckets.views.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11373,7 +11238,7 @@ paths: $ref: '#/components/schemas/Empty' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -11383,17 +11248,18 @@ paths: schema: type: string - in: path - name: savedQueriesId + name: bucketsId + required: true + schema: + type: string + - in: path + name: viewsId required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/recentQueries: - parameters: *ref_1 get: - description: >- - Lists the RecentQueries that were created by the user making the - request. - operationId: logging.organizations.locations.recentQueries.list + description: Gets a view on a log bucket. + operationId: logging.projects.locations.buckets.views.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11417,10 +11283,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRecentQueriesResponse' + $ref: '#/components/schemas/LogView' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -11429,24 +11295,21 @@ paths: required: true schema: type: string - - in: query - name: pageToken + - in: path + name: bucketsId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: filter + - in: path + name: viewsId + required: true schema: type: string - /v2/organizations/{organizationsId}/exclusions: + /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}/views: parameters: *ref_1 get: - description: Lists all the exclusions on the _Default sink in a parent resource. - operationId: logging.organizations.exclusions.list + description: Lists views on a log bucket. + operationId: logging.projects.locations.buckets.views.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11470,15 +11333,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListExclusionsResponse' + $ref: '#/components/schemas/ListViewsResponse' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: query - name: pageToken + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: bucketsId + required: true schema: type: string - in: query @@ -11486,17 +11355,20 @@ paths: schema: type: integer format: int32 + - in: query + name: pageToken + schema: + type: string post: description: >- - Creates a new exclusion in the _Default sink in a specified parent - resource. Only log entries belonging to that resource can be excluded. - You can have up to 10 exclusions in a resource. - operationId: logging.organizations.exclusions.create + Creates a view over log entries in a log bucket. A bucket may contain a + maximum of 30 views. + operationId: logging.projects.locations.buckets.views.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogExclusion' + $ref: '#/components/schemas/LogView' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11512,98 +11384,94 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogExclusion' + $ref: '#/components/schemas/LogView' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - /v2/organizations/{organizationsId}/exclusions/{exclusionsId}: - parameters: *ref_1 - get: - description: Gets the description of an exclusion in the _Default sink. - operationId: logging.organizations.exclusions.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - - Oauth2: - - https://www.googleapis.com/auth/logging.admin - Oauth2c: - - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/LogExclusion' - parameters: - in: path - name: organizationsId + name: locationsId required: true schema: type: string - in: path - name: exclusionsId + name: bucketsId required: true schema: type: string - patch: - description: >- - Changes one or more properties of an existing exclusion in the _Default - sink. - operationId: logging.organizations.exclusions.patch + - in: query + name: viewId + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a NOT_FOUND error.Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: logging.projects.locations.buckets.views.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogExclusion' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogExclusion' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: path - name: exclusionsId + name: locationsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: bucketsId + required: true schema: type: string - format: google-fieldmask + - in: path + name: viewsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}/links/{linksId}: + parameters: *ref_1 delete: - description: Deletes an exclusion in the _Default sink. - operationId: logging.organizations.exclusions.delete + description: >- + Deletes a link. This will also delete the corresponding BigQuery linked + dataset. + operationId: logging.projects.locations.buckets.links.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11619,23 +11487,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: path - name: exclusionsId + name: locationsId + required: true + schema: + type: string + - in: path + name: bucketsId + required: true + schema: + type: string + - in: path + name: linksId required: true schema: type: string - /v2/organizations/{organizationsId}/sinks: - parameters: *ref_1 get: - description: Lists sinks. - operationId: logging.organizations.sinks.list + description: Gets a link. + operationId: logging.projects.locations.buckets.links.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11659,38 +11535,41 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSinksResponse' + $ref: '#/components/schemas/Link' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: query - name: pageToken + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: pageSize + - in: path + name: bucketsId + required: true schema: - type: integer - format: int32 - - in: query - name: filter + type: string + - in: path + name: linksId + required: true schema: type: string + /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}/links: + parameters: *ref_1 post: description: >- - Creates a sink that exports specified log entries to a destination. The - export begins upon ingress, unless the sink's writer_identity is not - permitted to write to the destination. A sink can export log entries - only from the resource owning the sink. - operationId: logging.organizations.sinks.create + Asynchronously creates a linked dataset in BigQuery which makes it + possible to use BigQuery to read the logs stored in the log bucket. A + log bucket may currently only contain one link. + operationId: logging.projects.locations.buckets.links.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/Link' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11706,26 +11585,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: query - name: uniqueWriterIdentity + - in: path + name: locationsId + required: true schema: - type: boolean + type: string + - in: path + name: bucketsId + required: true + schema: + type: string - in: query - name: customWriterIdentity + name: linkId schema: type: string - /v2/organizations/{organizationsId}/sinks/{sinksId}: - parameters: *ref_1 get: - description: Gets a sink. - operationId: logging.organizations.sinks.get + description: Lists links. + operationId: logging.projects.locations.buckets.links.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11749,30 +11632,40 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/ListLinksResponse' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: path - name: sinksId + name: locationsId required: true schema: type: string - put: + - in: path + name: bucketsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}: + parameters: *ref_1 + delete: description: >- - Updates a sink. This method replaces the values of the destination and - filter fields of the existing sink with the corresponding values from - the new sink.The updated sink might also have a new writer_identity; see - the unique_writer_identity field. - operationId: logging.organizations.sinks.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogSink' + Deletes a log bucket.Changes the bucket's lifecycle_state to the + DELETE_REQUESTED state. After 7 days, the bucket will be purged and all + log entries in the bucket will be permanently deleted. + operationId: logging.projects.locations.buckets.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11788,88 +11681,77 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: path - name: sinksId + name: locationsId required: true schema: type: string - - in: query - name: uniqueWriterIdentity - schema: - type: boolean - - in: query - name: customWriterIdentity - schema: - type: string - - in: query - name: updateMask + - in: path + name: bucketsId + required: true schema: type: string - format: google-fieldmask - patch: - description: >- - Updates a sink. This method replaces the values of the destination and - filter fields of the existing sink with the corresponding values from - the new sink.The updated sink might also have a new writer_identity; see - the unique_writer_identity field. - operationId: logging.organizations.sinks.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogSink' + get: + description: Gets a log bucket. + operationId: logging.projects.locations.buckets.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/LogBucket' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: path - name: sinksId + name: locationsId required: true schema: type: string - - in: query - name: uniqueWriterIdentity - schema: - type: boolean - - in: query - name: customWriterIdentity - schema: - type: string - - in: query - name: updateMask + - in: path + name: bucketsId + required: true schema: type: string - format: google-fieldmask - delete: + patch: description: >- - Deletes a sink. If the sink has a unique writer_identity, then that - service account is also deleted. - operationId: logging.organizations.sinks.delete + Updates a log bucket.If the bucket has a lifecycle_state of + DELETE_REQUESTED, then FAILED_PRECONDITION will be returned.After a + bucket has been created, the bucket's location cannot be changed. + operationId: logging.projects.locations.buckets.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogBucket' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11885,28 +11767,40 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/LogBucket' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: path - name: sinksId + name: locationsId required: true schema: type: string - /v2/organizations/{organizationsId}/logs/{logsId}: + - in: path + name: bucketsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}:undelete: parameters: *ref_1 - delete: + post: description: >- - Deletes all the log entries in a log for the global _Default Log Bucket. - The log reappears if it receives new entries. Log entries written - shortly before the delete operation might not be deleted. Entries - received after the delete operation with a timestamp before the - operation will be deleted. - operationId: logging.organizations.logs.delete + Undeletes a log bucket. A bucket that has been deleted can be undeleted + within the grace period of 7 days. + operationId: logging.projects.locations.buckets.undelete + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UndeleteBucketRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11925,22 +11819,25 @@ paths: $ref: '#/components/schemas/Empty' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: path - name: logsId + name: locationsId required: true schema: type: string - /v2/organizations/{organizationsId}/logs: + - in: path + name: bucketsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/buckets: parameters: *ref_1 get: - description: >- - Lists the logs in projects, organizations, folders, or billing accounts. - Only logs that have entries are listed. - operationId: logging.organizations.logs.list + description: Lists log buckets. + operationId: logging.projects.locations.buckets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11964,15 +11861,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLogsResponse' + $ref: '#/components/schemas/ListBucketsResponse' parameters: - in: path - name: organizationsId + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId required: true schema: type: string - in: query - name: resourceNames + name: pageToken schema: type: string - in: query @@ -11980,112 +11882,60 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v2/folders/{foldersId}/cmekSettings: - parameters: *ref_1 - get: + post: description: >- - Gets the Logging CMEK settings for the given resource.Note: CMEK for the - Log Router can be configured for Google Cloud projects, folders, - organizations, and billing accounts. Once configured for an - organization, it applies to all projects and folders in the Google Cloud - organization.See Enabling CMEK for Log Router - (https://cloud.google.com/logging/docs/routing/managed-encryption) for - more information. - operationId: logging.folders.getCmekSettings + Creates a log bucket that can be used to store log entries. After a + bucket has been created, the bucket's location cannot be changed. + operationId: logging.projects.locations.buckets.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogBucket' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/CmekSettings' + $ref: '#/components/schemas/LogBucket' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string - /v2/folders/{foldersId}/settings: - parameters: *ref_1 - get: - description: >- - Gets the settings for the given resource.Note: Settings can be retrieved - for Google Cloud projects, folders, organizations, and billing - accounts.See View default resource settings for Logging - (https://cloud.google.com/logging/docs/default-settings#view-org-settings) - for more information. - operationId: logging.folders.getSettings - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - - Oauth2: - - https://www.googleapis.com/auth/logging.admin - Oauth2c: - - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Settings' - parameters: - in: path - name: foldersId + name: locationsId required: true schema: type: string - patch: + - in: query + name: bucketId + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/buckets/{bucketsId}:updateAsync: + parameters: *ref_1 + post: description: >- - Updates the settings for the given resource. This method applies to all - feature configurations for organization and folders.UpdateSettings fails - when any of the following are true: The value of storage_location either - isn't supported by Logging or violates the location OrgPolicy. The - default_sink_config field is set, but it has an unspecified filter write - mode. The value of kms_key_name is invalid. The associated service - account doesn't have the required - roles/cloudkms.cryptoKeyEncrypterDecrypter role assigned for the key. - Access to the key is disabled.See Configure default settings for - organizations and folders - (https://cloud.google.com/logging/docs/default-settings) for more - information. - operationId: logging.folders.updateSettings + Updates a log bucket asynchronously.If the bucket has a lifecycle_state + of DELETE_REQUESTED, then FAILED_PRECONDITION will be returned.After a + bucket has been created, the bucket's location cannot be changed. + operationId: logging.projects.locations.buckets.updateAsync requestBody: content: application/json: schema: - $ref: '#/components/schemas/Settings' + $ref: '#/components/schemas/LogBucket' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12101,10 +11951,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Settings' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: foldersId + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: bucketsId required: true schema: type: string @@ -12113,90 +11973,79 @@ paths: schema: type: string format: google-fieldmask - /v2/folders/{foldersId}/locations: + /v2/projects/{projectsId}/locations/{locationsId}/buckets:createAsync: parameters: *ref_1 - get: - description: Lists information about the supported locations for this service. - operationId: logging.folders.locations.list + post: + description: >- + Creates a log bucket asynchronously that can be used to store log + entries.After a bucket has been created, the bucket's location cannot be + changed. + operationId: logging.projects.locations.buckets.createAsync + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogBucket' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: locationsId + required: true schema: type: string - in: query - name: extraLocationTypes + name: bucketId schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}: + /v2/projects/{projectsId}/locations/{locationsId}/savedQueries/{savedQueriesId}: parameters: *ref_1 - get: - description: Gets information about a location. - operationId: logging.folders.locations.get + patch: + description: Updates an existing SavedQuery. + operationId: logging.projects.locations.savedQueries.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SavedQuery' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/SavedQuery' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -12205,40 +12054,40 @@ paths: required: true schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/operations: - parameters: *ref_1 - get: + - in: path + name: savedQueriesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns UNIMPLEMENTED. - operationId: logging.folders.locations.operations.list + Deletes an existing SavedQuery that was created by the user making the + request. + operationId: logging.projects.locations.savedQueries.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -12247,27 +12096,14 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: savedQueriesId + required: true schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: logging.folders.locations.operations.get + description: Returns all data associated with the requested query. + operationId: logging.projects.locations.savedQueries.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12291,10 +12127,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/SavedQuery' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -12304,29 +12140,20 @@ paths: schema: type: string - in: path - name: operationsId + name: savedQueriesId required: true schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/operations/{operationsId}:cancel: + /v2/projects/{projectsId}/locations/{locationsId}/savedQueries: parameters: *ref_1 post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - google.rpc.Code.UNIMPLEMENTED. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - 1, corresponding to Code.CANCELLED. - operationId: logging.folders.locations.operations.cancel + description: Creates a new SavedQuery for the user making the request. + operationId: logging.projects.locations.savedQueries.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/SavedQuery' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12342,10 +12169,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/SavedQuery' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -12354,16 +12181,13 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: savedQueryId schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/buckets: - parameters: *ref_1 get: - description: Lists log buckets. - operationId: logging.folders.locations.buckets.list + description: Lists the SavedQueries that were created by the user making the request. + operationId: logging.projects.locations.savedQueries.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12387,10 +12211,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBucketsResponse' + $ref: '#/components/schemas/ListSavedQueriesResponse' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -12408,35 +12232,42 @@ paths: schema: type: integer format: int32 - post: - description: >- - Creates a log bucket that can be used to store log entries. After a - bucket has been created, the bucket's location cannot be changed. - operationId: logging.folders.locations.buckets.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogBucket' + - in: query + name: filter + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/logScopes/{logScopesId}: + parameters: *ref_1 + get: + description: Gets a log scope. + operationId: logging.projects.locations.logScopes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/LogScope' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -12445,42 +12276,33 @@ paths: required: true schema: type: string - - in: query - name: bucketId + - in: path + name: logScopesId + required: true schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}: - parameters: *ref_1 - get: - description: Gets a log bucket. - operationId: logging.folders.locations.buckets.get + delete: + description: Deletes a log scope. + operationId: logging.projects.locations.logScopes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -12490,21 +12312,18 @@ paths: schema: type: string - in: path - name: bucketsId + name: logScopesId required: true schema: type: string patch: - description: >- - Updates a log bucket.If the bucket has a lifecycle_state of - DELETE_REQUESTED, then FAILED_PRECONDITION will be returned.After a - bucket has been created, the bucket's location cannot be changed. - operationId: logging.folders.locations.buckets.patch + description: Updates a log scope. + operationId: logging.projects.locations.logScopes.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/LogScope' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12520,10 +12339,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/LogScope' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -12533,7 +12352,7 @@ paths: schema: type: string - in: path - name: bucketsId + name: logScopesId required: true schema: type: string @@ -12542,31 +12361,38 @@ paths: schema: type: string format: google-fieldmask - delete: - description: >- - Deletes a log bucket.Changes the bucket's lifecycle_state to the - DELETE_REQUESTED state. After 7 days, the bucket will be purged and all - log entries in the bucket will be permanently deleted. - operationId: logging.folders.locations.buckets.delete + /v2/projects/{projectsId}/locations/{locationsId}/logScopes: + parameters: *ref_1 + get: + description: Lists log scopes. + operationId: logging.projects.locations.logScopes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListLogScopesResponse' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -12575,24 +12401,23 @@ paths: required: true schema: type: string - - in: path - name: bucketsId - required: true + - in: query + name: pageToken schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/buckets:createAsync: - parameters: *ref_1 + - in: query + name: pageSize + schema: + type: integer + format: int32 post: - description: >- - Creates a log bucket asynchronously that can be used to store log - entries.After a bucket has been created, the bucket's location cannot be - changed. - operationId: logging.folders.locations.buckets.createAsync + description: Creates a log scope. + operationId: logging.projects.locations.logScopes.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/LogScope' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12608,10 +12433,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/LogScope' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -12621,22 +12446,83 @@ paths: schema: type: string - in: query - name: bucketId + name: logScopeId schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}:updateAsync: + /v2/projects/{projectsId}/locations/{locationsId}/recentQueries: + parameters: *ref_1 + get: + description: >- + Lists the RecentQueries that were created by the user making the + request. + operationId: logging.projects.locations.recentQueries.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + - Oauth2: + - https://www.googleapis.com/auth/logging.admin + Oauth2c: + - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListRecentQueriesResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Updates a log bucket asynchronously.If the bucket has a lifecycle_state - of DELETE_REQUESTED, then FAILED_PRECONDITION will be returned.After a - bucket has been created, the bucket's location cannot be changed. - operationId: logging.folders.locations.buckets.updateAsync + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + google.rpc.Code.UNIMPLEMENTED. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + 1, corresponding to Code.CANCELLED. + operationId: logging.projects.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12652,10 +12538,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -12665,46 +12551,44 @@ paths: schema: type: string - in: path - name: bucketsId + name: operationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}:undelete: + /v2/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 - post: + get: description: >- - Undeletes a log bucket. A bucket that has been deleted can be undeleted - within the grace period of 7 days. - operationId: logging.folders.locations.buckets.undelete - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UndeleteBucketRequest' + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns UNIMPLEMENTED. + operationId: logging.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -12713,43 +12597,58 @@ paths: required: true schema: type: string - - in: path - name: bucketsId - required: true + - in: query + name: pageToken schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:setIamPolicy: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - post: + get: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and - PERMISSION_DENIED errors. - operationId: logging.folders.locations.buckets.views.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: logging.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -12759,27 +12658,17 @@ paths: schema: type: string - in: path - name: bucketsId - required: true - schema: - type: string - - in: path - name: viewsId + name: operationsId required: true schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:getIamPolicy: + /v2/projects/{projectsId}/logs: parameters: *ref_1 - post: + get: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: logging.folders.locations.buckets.views.getIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + Lists the logs in projects, organizations, folders, or billing accounts. + Only logs that have entries are listed. + operationId: logging.projects.logs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12803,43 +12692,68 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListLogsResponse' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: resourceNames schema: type: string + /v2/projects/{projectsId}/logs/{logsId}: + parameters: *ref_1 + delete: + description: >- + Deletes all the log entries in a log for the global _Default Log Bucket. + The log reappears if it receives new entries. Log entries written + shortly before the delete operation might not be deleted. Entries + received after the delete operation with a timestamp before the + operation will be deleted. + operationId: logging.projects.logs.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/logging.admin + Oauth2c: + - https://www.googleapis.com/auth/logging.admin + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: - in: path - name: bucketsId + name: projectsId required: true schema: type: string - in: path - name: viewsId + name: logsId required: true schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:testIamPermissions: + /v2/projects/{projectsId}/exclusions/{exclusionsId}: parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a NOT_FOUND error.Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: logging.folders.locations.buckets.views.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + get: + description: Gets the description of an exclusion in the _Default sink. + operationId: logging.projects.exclusions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12863,92 +12777,103 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/LogExclusion' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string - in: path - name: locationsId + name: exclusionsId required: true schema: type: string + delete: + description: Deletes an exclusion in the _Default sink. + operationId: logging.projects.exclusions.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/logging.admin + Oauth2c: + - https://www.googleapis.com/auth/logging.admin + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: - in: path - name: bucketsId + name: projectsId required: true schema: type: string - in: path - name: viewsId + name: exclusionsId required: true schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}/views: - parameters: *ref_1 - get: - description: Lists views on a log bucket. - operationId: logging.folders.locations.buckets.views.list + patch: + description: >- + Changes one or more properties of an existing exclusion in the _Default + sink. + operationId: logging.projects.exclusions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogExclusion' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListViewsResponse' + $ref: '#/components/schemas/LogExclusion' parameters: - in: path - name: foldersId - required: true - schema: - type: string - - in: path - name: locationsId + name: projectsId required: true schema: type: string - in: path - name: bucketsId + name: exclusionsId required: true schema: type: string - in: query - name: pageToken + name: updateMask schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 + format: google-fieldmask + /v2/projects/{projectsId}/exclusions: + parameters: *ref_1 post: description: >- - Creates a view over log entries in a log bucket. A bucket may contain a - maximum of 30 views. - operationId: logging.folders.locations.buckets.views.create + Creates a new exclusion in the _Default sink in a specified parent + resource. Only log entries belonging to that resource can be excluded. + You can have up to 10 exclusions in a resource. + operationId: logging.projects.exclusions.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogView' + $ref: '#/components/schemas/LogExclusion' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -12964,32 +12889,16 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogView' + $ref: '#/components/schemas/LogExclusion' parameters: - in: path - name: foldersId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: bucketsId + name: projectsId required: true schema: type: string - - in: query - name: viewId - schema: - type: string - /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}: - parameters: *ref_1 get: - description: Gets a view on a log bucket. - operationId: logging.folders.locations.buckets.views.get + description: Lists all the exclusions on the _Default sink in a parent resource. + operationId: logging.projects.exclusions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13013,41 +12922,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogView' + $ref: '#/components/schemas/ListExclusionsResponse' parameters: - in: path - name: foldersId - required: true - schema: - type: string - - in: path - name: locationsId + name: projectsId required: true schema: type: string - - in: path - name: bucketsId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: viewsId - required: true + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - patch: - description: >- - Updates a view on a log bucket. This method replaces the value of the - filter field from the existing view with the corresponding value from - the new view. If an UNAVAILABLE error is returned, this indicates that - system is not in a state where it can update the view. If this occurs, - please try again in a few minutes. - operationId: logging.folders.locations.buckets.views.patch + /v2/projects/{projectsId}/metrics/{metricsId}: + parameters: *ref_1 + put: + description: Creates or updates a logs-based metric. + operationId: logging.projects.metrics.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogView' + $ref: '#/components/schemas/LogMetric' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13057,45 +12957,69 @@ paths: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.write + Oauth2c: + - https://www.googleapis.com/auth/logging.write responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogView' + $ref: '#/components/schemas/LogMetric' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string - in: path - name: locationsId + name: metricsId required: true schema: type: string + get: + description: Gets a logs-based metric. + operationId: logging.projects.metrics.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + - Oauth2: + - https://www.googleapis.com/auth/logging.admin + Oauth2c: + - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/LogMetric' + parameters: - in: path - name: bucketsId + name: projectsId required: true schema: type: string - in: path - name: viewsId + name: metricsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask delete: - description: >- - Deletes a view on a log bucket. If an UNAVAILABLE error is returned, - this indicates that system is not in a state where it can delete the - view. If this occurs, please try again in a few minutes. - operationId: logging.folders.locations.buckets.views.delete + description: Deletes a logs-based metric. + operationId: logging.projects.metrics.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13105,6 +13029,10 @@ paths: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.write + Oauth2c: + - https://www.googleapis.com/auth/logging.write responses: '200': description: Successful response @@ -13114,32 +13042,20 @@ paths: $ref: '#/components/schemas/Empty' parameters: - in: path - name: foldersId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: bucketsId + name: projectsId required: true schema: type: string - in: path - name: viewsId + name: metricsId required: true schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}/logs: + /v2/projects/{projectsId}/metrics: parameters: *ref_1 get: - description: >- - Lists the logs in projects, organizations, folders, or billing accounts. - Only logs that have entries are listed. - operationId: logging.folders.locations.buckets.views.logs.list + description: Lists logs-based metrics. + operationId: logging.projects.metrics.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13163,32 +13079,13 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLogsResponse' + $ref: '#/components/schemas/ListLogMetricsResponse' parameters: - in: path - name: foldersId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: bucketsId - required: true - schema: - type: string - - in: path - name: viewsId + name: projectsId required: true schema: type: string - - in: query - name: resourceNames - schema: - type: string - in: query name: pageSize schema: @@ -13198,71 +13095,99 @@ paths: name: pageToken schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}/links: - parameters: *ref_1 - get: - description: Lists links. - operationId: logging.folders.locations.buckets.links.list + post: + description: Creates a logs-based metric. + operationId: logging.projects.metrics.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogMetric' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - Oauth2: - - https://www.googleapis.com/auth/logging.read + - https://www.googleapis.com/auth/logging.write Oauth2c: - - https://www.googleapis.com/auth/logging.read + - https://www.googleapis.com/auth/logging.write responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListLinksResponse' + $ref: '#/components/schemas/LogMetric' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string + /v2/projects/{projectsId}/sinks/{sinksId}: + parameters: *ref_1 + patch: + description: >- + Updates a sink. This method replaces the values of the destination and + filter fields of the existing sink with the corresponding values from + the new sink.The updated sink might also have a new writer_identity; see + the unique_writer_identity field. + operationId: logging.projects.sinks.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogSink' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/logging.admin + Oauth2c: + - https://www.googleapis.com/auth/logging.admin + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/LogSink' + parameters: - in: path - name: locationsId + name: projectsId required: true schema: type: string - in: path - name: bucketsId + name: sinksId required: true schema: type: string - in: query - name: pageToken + name: uniqueWriterIdentity schema: - type: string + type: boolean - in: query - name: pageSize + name: updateMask schema: - type: integer - format: int32 - post: - description: >- - Asynchronously creates a linked dataset in BigQuery which makes it - possible to use BigQuery to read the logs stored in the log bucket. A - log bucket may currently only contain one link. - operationId: logging.folders.locations.buckets.links.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Link' + type: string + format: google-fieldmask + - in: query + name: customWriterIdentity + schema: + type: string + delete: + description: >- + Deletes a sink. If the sink has a unique writer_identity, then that + service account is also deleted. + operationId: logging.projects.sinks.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13278,32 +13203,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: foldersId - required: true - schema: - type: string - - in: path - name: locationsId + name: projectsId required: true schema: type: string - in: path - name: bucketsId + name: sinksId required: true schema: type: string - - in: query - name: linkId - schema: - type: string - /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}/links/{linksId}: - parameters: *ref_1 get: - description: Gets a link. - operationId: logging.folders.locations.buckets.links.get + description: Gets a sink. + operationId: logging.projects.sinks.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13327,33 +13241,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Link' + $ref: '#/components/schemas/LogSink' parameters: - in: path - name: foldersId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: bucketsId + name: projectsId required: true schema: type: string - in: path - name: linksId + name: sinksId required: true schema: type: string - delete: + put: description: >- - Deletes a link. This will also delete the corresponding BigQuery linked - dataset. - operationId: logging.folders.locations.buckets.links.delete + Updates a sink. This method replaces the values of the destination and + filter fields of the existing sink with the corresponding values from + the new sink.The updated sink might also have a new writer_identity; see + the unique_writer_identity field. + operationId: logging.projects.sinks.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogSink' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13369,121 +13280,133 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/LogSink' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string - in: path - name: locationsId + name: sinksId required: true schema: type: string - - in: path - name: bucketsId - required: true + - in: query + name: updateMask schema: type: string - - in: path - name: linksId - required: true + format: google-fieldmask + - in: query + name: uniqueWriterIdentity + schema: + type: boolean + - in: query + name: customWriterIdentity schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/logScopes: + /v2/projects/{projectsId}/sinks: parameters: *ref_1 - get: - description: Lists log scopes. - operationId: logging.folders.locations.logScopes.list + post: + description: >- + Creates a sink that exports specified log entries to a destination. The + export begins upon ingress, unless the sink's writer_identity is not + permitted to write to the destination. A sink can export log entries + only from the resource owning the sink. + operationId: logging.projects.sinks.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogSink' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListLogScopesResponse' + $ref: '#/components/schemas/LogSink' parameters: - in: path - name: foldersId - required: true - schema: - type: string - - in: path - name: locationsId + name: projectsId required: true schema: type: string - in: query - name: pageToken + name: uniqueWriterIdentity schema: - type: string + type: boolean - in: query - name: pageSize + name: customWriterIdentity schema: - type: integer - format: int32 - post: - description: Creates a log scope. - operationId: logging.folders.locations.logScopes.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogScope' + type: string + get: + description: Lists sinks. + operationId: logging.projects.sinks.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogScope' + $ref: '#/components/schemas/ListSinksResponse' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: logScopeId + name: filter schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/logScopes/{logScopesId}: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/projects/{projectsId}/cmekSettings: parameters: *ref_1 get: - description: Gets a log scope. - operationId: logging.folders.locations.logScopes.get + description: >- + Gets the Logging CMEK settings for the given resource.Note: CMEK for the + Log Router can be configured for Google Cloud projects, folders, + organizations, and billing accounts. Once configured for an + organization, it applies to all projects and folders in the Google Cloud + organization.See Enabling CMEK for Log Router + (https://cloud.google.com/logging/docs/routing/managed-encryption) for + more information. + operationId: logging.projects.getCmekSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13507,71 +13430,63 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogScope' + $ref: '#/components/schemas/CmekSettings' parameters: - in: path - name: foldersId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: logScopesId + name: projectsId required: true schema: type: string - patch: - description: Updates a log scope. - operationId: logging.folders.locations.logScopes.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogScope' + /v2/projects/{projectsId}/settings: + parameters: *ref_1 + get: + description: >- + Gets the settings for the given resource.Note: Settings can be retrieved + for Google Cloud projects, folders, organizations, and billing + accounts.See View default resource settings for Logging + (https://cloud.google.com/logging/docs/default-settings#view-org-settings) + for more information. + operationId: logging.projects.getSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogScope' + $ref: '#/components/schemas/Settings' parameters: - in: path - name: foldersId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: logScopesId + name: projectsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask + /v2/folders/{foldersId}/logs/{logsId}: + parameters: *ref_1 delete: - description: Deletes a log scope. - operationId: logging.folders.locations.logScopes.delete + description: >- + Deletes all the log entries in a log for the global _Default Log Bucket. + The log reappears if it receives new entries. Log entries written + shortly before the delete operation might not be deleted. Entries + received after the delete operation with a timestamp before the + operation will be deleted. + operationId: logging.folders.logs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13595,20 +13510,17 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: logScopesId + name: logsId required: true schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/savedQueries: + /v2/folders/{foldersId}/logs: parameters: *ref_1 get: - description: Lists the SavedQueries that were created by the user making the request. - operationId: logging.folders.locations.savedQueries.list + description: >- + Lists the logs in projects, organizations, folders, or billing accounts. + Only logs that have entries are listed. + operationId: logging.folders.logs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13632,20 +13544,15 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSavedQueriesResponse' + $ref: '#/components/schemas/ListLogsResponse' parameters: - in: path name: foldersId required: true schema: type: string - - in: path - name: locationsId - required: true - schema: - type: string - in: query - name: pageToken + name: resourceNames schema: type: string - in: query @@ -13654,17 +13561,16 @@ paths: type: integer format: int32 - in: query - name: filter + name: pageToken schema: type: string - post: - description: Creates a new SavedQuery for the user making the request. - operationId: logging.folders.locations.savedQueries.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SavedQuery' + /v2/folders/{foldersId}/sinks/{sinksId}: + parameters: *ref_1 + delete: + description: >- + Deletes a sink. If the sink has a unique writer_identity, then that + service account is also deleted. + operationId: logging.folders.sinks.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13680,7 +13586,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/Empty' parameters: - in: path name: foldersId @@ -13688,43 +13594,38 @@ paths: schema: type: string - in: path - name: locationsId + name: sinksId required: true schema: type: string - - in: query - name: savedQueryId - schema: - type: string - /v2/folders/{foldersId}/locations/{locationsId}/savedQueries/{savedQueriesId}: - parameters: *ref_1 - get: - description: Returns all data associated with the requested query. - operationId: logging.folders.locations.savedQueries.get + put: + description: >- + Updates a sink. This method replaces the values of the destination and + filter fields of the existing sink with the corresponding values from + the new sink.The updated sink might also have a new writer_identity; see + the unique_writer_identity field. + operationId: logging.folders.sinks.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogSink' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/LogSink' parameters: - in: path name: foldersId @@ -13732,23 +13633,35 @@ paths: schema: type: string - in: path - name: locationsId + name: sinksId required: true schema: type: string - - in: path - name: savedQueriesId - required: true + - in: query + name: uniqueWriterIdentity + schema: + type: boolean + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: customWriterIdentity schema: type: string patch: - description: Updates an existing SavedQuery. - operationId: logging.folders.locations.savedQueries.patch + description: >- + Updates a sink. This method replaces the values of the destination and + filter fields of the existing sink with the corresponding values from + the new sink.The updated sink might also have a new writer_identity; see + the unique_writer_identity field. + operationId: logging.folders.sinks.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/LogSink' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13764,7 +13677,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/LogSink' parameters: - in: path name: foldersId @@ -13772,41 +13685,50 @@ paths: schema: type: string - in: path - name: locationsId + name: sinksId required: true schema: type: string - - in: path - name: savedQueriesId - required: true + - in: query + name: customWriterIdentity schema: type: string + - in: query + name: uniqueWriterIdentity + schema: + type: boolean - in: query name: updateMask schema: type: string format: google-fieldmask - delete: - description: >- - Deletes an existing SavedQuery that was created by the user making the - request. - operationId: logging.folders.locations.savedQueries.delete + get: + description: Gets a sink. + operationId: logging.folders.sinks.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/LogSink' parameters: - in: path name: foldersId @@ -13814,75 +13736,57 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: savedQueriesId + name: sinksId required: true schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/recentQueries: + /v2/folders/{foldersId}/sinks: parameters: *ref_1 - get: + post: description: >- - Lists the RecentQueries that were created by the user making the - request. - operationId: logging.folders.locations.recentQueries.list + Creates a sink that exports specified log entries to a destination. The + export begins upon ingress, unless the sink's writer_identity is not + permitted to write to the destination. A sink can export log entries + only from the resource owning the sink. + operationId: logging.folders.sinks.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogSink' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListRecentQueriesResponse' + $ref: '#/components/schemas/LogSink' parameters: - in: path name: foldersId required: true schema: type: string - - in: path - name: locationsId - required: true - schema: - type: string - in: query - name: pageToken + name: customWriterIdentity schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: filter + name: uniqueWriterIdentity schema: - type: string - /v2/folders/{foldersId}/exclusions: - parameters: *ref_1 + type: boolean get: - description: Lists all the exclusions on the _Default sink in a parent resource. - operationId: logging.folders.exclusions.list + description: Lists sinks. + operationId: logging.folders.sinks.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13906,22 +13810,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListExclusionsResponse' + $ref: '#/components/schemas/ListSinksResponse' parameters: - in: path name: foldersId required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v2/folders/{foldersId}/exclusions: + parameters: *ref_1 post: description: >- Creates a new exclusion in the _Default sink in a specified parent @@ -13955,11 +13865,9 @@ paths: required: true schema: type: string - /v2/folders/{foldersId}/exclusions/{exclusionsId}: - parameters: *ref_1 get: - description: Gets the description of an exclusion in the _Default sink. - operationId: logging.folders.exclusions.get + description: Lists all the exclusions on the _Default sink in a parent resource. + operationId: logging.folders.exclusions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13983,18 +13891,24 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogExclusion' + $ref: '#/components/schemas/ListExclusionsResponse' parameters: - in: path name: foldersId required: true schema: type: string - - in: path - name: exclusionsId - required: true + - in: query + name: pageToken schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/folders/{foldersId}/exclusions/{exclusionsId}: + parameters: *ref_1 patch: description: >- Changes one or more properties of an existing exclusion in the _Default @@ -14037,25 +13951,33 @@ paths: schema: type: string format: google-fieldmask - delete: - description: Deletes an exclusion in the _Default sink. - operationId: logging.folders.exclusions.delete + get: + description: Gets the description of an exclusion in the _Default sink. + operationId: logging.folders.exclusions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/LogExclusion' parameters: - in: path name: foldersId @@ -14067,66 +13989,48 @@ paths: required: true schema: type: string - /v2/folders/{foldersId}/sinks: - parameters: *ref_1 - get: - description: Lists sinks. - operationId: logging.folders.sinks.list + delete: + description: Deletes an exclusion in the _Default sink. + operationId: logging.folders.exclusions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListSinksResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: foldersId required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: filter + - in: path + name: exclusionsId + required: true schema: type: string + /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}:undelete: + parameters: *ref_1 post: description: >- - Creates a sink that exports specified log entries to a destination. The - export begins upon ingress, unless the sink's writer_identity is not - permitted to write to the destination. A sink can export log entries - only from the resource owning the sink. - operationId: logging.folders.sinks.create + Undeletes a log bucket. A bucket that has been deleted can be undeleted + within the grace period of 7 days. + operationId: logging.folders.locations.buckets.undelete requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/UndeleteBucketRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14142,50 +14046,52 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/Empty' parameters: - in: path name: foldersId required: true schema: type: string - - in: query - name: uniqueWriterIdentity + - in: path + name: locationsId + required: true schema: - type: boolean - - in: query - name: customWriterIdentity + type: string + - in: path + name: bucketsId + required: true schema: type: string - /v2/folders/{foldersId}/sinks/{sinksId}: + /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}: parameters: *ref_1 - get: - description: Gets a sink. - operationId: logging.folders.sinks.get + patch: + description: >- + Updates a log bucket.If the bucket has a lifecycle_state of + DELETE_REQUESTED, then FAILED_PRECONDITION will be returned.After a + bucket has been created, the bucket's location cannot be changed. + operationId: logging.folders.locations.buckets.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogBucket' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/LogBucket' parameters: - in: path name: foldersId @@ -14193,22 +14099,26 @@ paths: schema: type: string - in: path - name: sinksId + name: locationsId required: true schema: type: string - put: + - in: path + name: bucketsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: description: >- - Updates a sink. This method replaces the values of the destination and - filter fields of the existing sink with the corresponding values from - the new sink.The updated sink might also have a new writer_identity; see - the unique_writer_identity field. - operationId: logging.folders.sinks.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogSink' + Deletes a log bucket.Changes the bucket's lifecycle_state to the + DELETE_REQUESTED state. After 7 days, the bucket will be purged and all + log entries in the bucket will be permanently deleted. + operationId: logging.folders.locations.buckets.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14224,7 +14134,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/Empty' parameters: - in: path name: foldersId @@ -14232,51 +14142,42 @@ paths: schema: type: string - in: path - name: sinksId + name: locationsId required: true schema: type: string - - in: query - name: uniqueWriterIdentity - schema: - type: boolean - - in: query - name: customWriterIdentity - schema: - type: string - - in: query - name: updateMask + - in: path + name: bucketsId + required: true schema: type: string - format: google-fieldmask - patch: - description: >- - Updates a sink. This method replaces the values of the destination and - filter fields of the existing sink with the corresponding values from - the new sink.The updated sink might also have a new writer_identity; see - the unique_writer_identity field. - operationId: logging.folders.sinks.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogSink' + get: + description: Gets a log bucket. + operationId: logging.folders.locations.buckets.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/LogBucket' parameters: - in: path name: foldersId @@ -14284,28 +14185,28 @@ paths: schema: type: string - in: path - name: sinksId + name: locationsId required: true schema: type: string - - in: query - name: uniqueWriterIdentity - schema: - type: boolean - - in: query - name: customWriterIdentity - schema: - type: string - - in: query - name: updateMask + - in: path + name: bucketsId + required: true schema: type: string - format: google-fieldmask - delete: + /v2/folders/{foldersId}/locations/{locationsId}/buckets:createAsync: + parameters: *ref_1 + post: description: >- - Deletes a sink. If the sink has a unique writer_identity, then that - service account is also deleted. - operationId: logging.folders.sinks.delete + Creates a log bucket asynchronously that can be used to store log + entries.After a bucket has been created, the bucket's location cannot be + changed. + operationId: logging.folders.locations.buckets.createAsync + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogBucket' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14321,7 +14222,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: foldersId @@ -14329,20 +14230,27 @@ paths: schema: type: string - in: path - name: sinksId + name: locationsId required: true schema: type: string - /v2/folders/{foldersId}/logs/{logsId}: + - in: query + name: bucketId + schema: + type: string + /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}:updateAsync: parameters: *ref_1 - delete: + post: description: >- - Deletes all the log entries in a log for the global _Default Log Bucket. - The log reappears if it receives new entries. Log entries written - shortly before the delete operation might not be deleted. Entries - received after the delete operation with a timestamp before the - operation will be deleted. - operationId: logging.folders.logs.delete + Updates a log bucket asynchronously.If the bucket has a lifecycle_state + of DELETE_REQUESTED, then FAILED_PRECONDITION will be returned.After a + bucket has been created, the bucket's location cannot be changed. + operationId: logging.folders.locations.buckets.updateAsync + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogBucket' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14358,7 +14266,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: foldersId @@ -14366,72 +14274,66 @@ paths: schema: type: string - in: path - name: logsId + name: locationsId required: true schema: type: string - /v2/folders/{foldersId}/logs: + - in: path + name: bucketsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v2/folders/{foldersId}/locations/{locationsId}/buckets: parameters: *ref_1 - get: + post: description: >- - Lists the logs in projects, organizations, folders, or billing accounts. - Only logs that have entries are listed. - operationId: logging.folders.logs.list + Creates a log bucket that can be used to store log entries. After a + bucket has been created, the bucket's location cannot be changed. + operationId: logging.folders.locations.buckets.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogBucket' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListLogsResponse' + $ref: '#/components/schemas/LogBucket' parameters: - in: path name: foldersId required: true schema: type: string - - in: query - name: resourceNames + - in: path + name: locationsId + required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: bucketId schema: type: string - /v2/billingAccounts/{billingAccountsId}/cmekSettings: - parameters: *ref_1 get: - description: >- - Gets the Logging CMEK settings for the given resource.Note: CMEK for the - Log Router can be configured for Google Cloud projects, folders, - organizations, and billing accounts. Once configured for an - organization, it applies to all projects and folders in the Google Cloud - organization.See Enabling CMEK for Log Router - (https://cloud.google.com/logging/docs/routing/managed-encryption) for - more information. - operationId: logging.billingAccounts.getCmekSettings + description: Lists log buckets. + operationId: logging.folders.locations.buckets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14455,23 +14357,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CmekSettings' + $ref: '#/components/schemas/ListBucketsResponse' parameters: - in: path - name: billingAccountsId + name: foldersId + required: true + schema: + type: string + - in: path + name: locationsId required: true schema: type: string - /v2/billingAccounts/{billingAccountsId}/settings: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}/links/{linksId}: parameters: *ref_1 get: - description: >- - Gets the settings for the given resource.Note: Settings can be retrieved - for Google Cloud projects, folders, organizations, and billing - accounts.See View default resource settings for Logging - (https://cloud.google.com/logging/docs/default-settings#view-org-settings) - for more information. - operationId: logging.billingAccounts.getSettings + description: Gets a link. + operationId: logging.folders.locations.buckets.links.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14495,97 +14406,102 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Settings' + $ref: '#/components/schemas/Link' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string - /v2/billingAccounts/{billingAccountsId}/locations: - parameters: *ref_1 - get: - description: Lists information about the supported locations for this service. - operationId: logging.billingAccounts.locations.list + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: bucketsId + required: true + schema: + type: string + - in: path + name: linksId + required: true + schema: + type: string + delete: + description: >- + Deletes a link. This will also delete the corresponding BigQuery linked + dataset. + operationId: logging.folders.locations.buckets.links.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string - - in: query - name: filter + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: bucketsId + required: true schema: type: string - - in: query - name: extraLocationTypes + - in: path + name: linksId + required: true schema: type: string - /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}: + /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}/links: parameters: *ref_1 - get: - description: Gets information about a location. - operationId: logging.billingAccounts.locations.get + post: + description: >- + Asynchronously creates a linked dataset in BigQuery which makes it + possible to use BigQuery to read the logs stored in the log bucket. A + log bucket may currently only contain one link. + operationId: logging.folders.locations.buckets.links.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Link' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -14594,13 +14510,18 @@ paths: required: true schema: type: string - /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/operations: - parameters: *ref_1 + - in: path + name: bucketsId + required: true + schema: + type: string + - in: query + name: linkId + schema: + type: string get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns UNIMPLEMENTED. - operationId: logging.billingAccounts.locations.operations.list + description: Lists links. + operationId: logging.folders.locations.buckets.links.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14624,10 +14545,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/ListLinksResponse' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -14636,8 +14557,9 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: bucketsId + required: true schema: type: string - in: query @@ -14649,14 +14571,13 @@ paths: name: pageToken schema: type: string - /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/operations/{operationsId}: + /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}/logs: parameters: *ref_1 get: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: logging.billingAccounts.locations.operations.get + Lists the logs in projects, organizations, folders, or billing accounts. + Only logs that have entries are listed. + operationId: logging.folders.locations.buckets.views.logs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14680,10 +14601,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListLogsResponse' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -14693,29 +14614,40 @@ paths: schema: type: string - in: path - name: operationsId + name: bucketsId required: true schema: type: string - /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/operations/{operationsId}:cancel: + - in: path + name: viewsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: resourceNames + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}/views: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - google.rpc.Code.UNIMPLEMENTED. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - 1, corresponding to Code.CANCELLED. - operationId: logging.billingAccounts.locations.operations.cancel + Creates a view over log entries in a log bucket. A bucket may contain a + maximum of 30 views. + operationId: logging.folders.locations.buckets.views.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/LogView' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14731,10 +14663,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/LogView' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -14744,15 +14676,17 @@ paths: schema: type: string - in: path - name: operationsId + name: bucketsId required: true schema: type: string - /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets: - parameters: *ref_1 + - in: query + name: viewId + schema: + type: string get: - description: Lists log buckets. - operationId: logging.billingAccounts.locations.buckets.list + description: Lists views on a log bucket. + operationId: logging.folders.locations.buckets.views.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14776,10 +14710,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBucketsResponse' + $ref: '#/components/schemas/ListViewsResponse' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -14788,6 +14722,11 @@ paths: required: true schema: type: string + - in: path + name: bucketsId + required: true + schema: + type: string - in: query name: pageToken schema: @@ -14797,35 +14736,38 @@ paths: schema: type: integer format: int32 - post: - description: >- - Creates a log bucket that can be used to store log entries. After a - bucket has been created, the bucket's location cannot be changed. - operationId: logging.billingAccounts.locations.buckets.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogBucket' + /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}: + parameters: *ref_1 + get: + description: Gets a view on a log bucket. + operationId: logging.folders.locations.buckets.views.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/LogView' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -14834,42 +14776,41 @@ paths: required: true schema: type: string - - in: query - name: bucketId + - in: path + name: bucketsId + required: true schema: type: string - /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets/{bucketsId}: - parameters: *ref_1 - get: - description: Gets a log bucket. - operationId: logging.billingAccounts.locations.buckets.get + - in: path + name: viewsId + required: true + schema: + type: string + delete: + description: >- + Deletes a view on a log bucket. If an UNAVAILABLE error is returned, + this indicates that system is not in a state where it can delete the + view. If this occurs, please try again in a few minutes. + operationId: logging.folders.locations.buckets.views.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -14883,17 +14824,24 @@ paths: required: true schema: type: string + - in: path + name: viewsId + required: true + schema: + type: string patch: description: >- - Updates a log bucket.If the bucket has a lifecycle_state of - DELETE_REQUESTED, then FAILED_PRECONDITION will be returned.After a - bucket has been created, the bucket's location cannot be changed. - operationId: logging.billingAccounts.locations.buckets.patch + Updates a view on a log bucket. This method replaces the value of the + filter field from the existing view with the corresponding value from + the new view. If an UNAVAILABLE error is returned, this indicates that + system is not in a state where it can update the view. If this occurs, + please try again in a few minutes. + operationId: logging.folders.locations.buckets.views.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/LogView' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14909,10 +14857,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/LogView' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -14926,36 +14874,55 @@ paths: required: true schema: type: string + - in: path + name: viewsId + required: true + schema: + type: string - in: query name: updateMask schema: type: string format: google-fieldmask - delete: + /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:getIamPolicy: + parameters: *ref_1 + post: description: >- - Deletes a log bucket.Changes the bucket's lifecycle_state to the - DELETE_REQUESTED state. After 7 days, the bucket will be purged and all - log entries in the bucket will be permanently deleted. - operationId: logging.billingAccounts.locations.buckets.delete + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: logging.folders.locations.buckets.views.getIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -14969,19 +14936,24 @@ paths: required: true schema: type: string - /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets:createAsync: + - in: path + name: viewsId + required: true + schema: + type: string + /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:setIamPolicy: parameters: *ref_1 post: description: >- - Creates a log bucket asynchronously that can be used to store log - entries.After a bucket has been created, the bucket's location cannot be - changed. - operationId: logging.billingAccounts.locations.buckets.createAsync + Sets the access control policy on the specified resource. Replaces any + existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and + PERMISSION_DENIED errors. + operationId: logging.folders.locations.buckets.views.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14997,10 +14969,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -15009,42 +14981,58 @@ paths: required: true schema: type: string - - in: query - name: bucketId + - in: path + name: bucketsId + required: true schema: type: string - /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets/{bucketsId}:updateAsync: + - in: path + name: viewsId + required: true + schema: + type: string + /v2/folders/{foldersId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}:testIamPermissions: parameters: *ref_1 post: description: >- - Updates a log bucket asynchronously.If the bucket has a lifecycle_state - of DELETE_REQUESTED, then FAILED_PRECONDITION will be returned.After a - bucket has been created, the bucket's location cannot be changed. - operationId: logging.billingAccounts.locations.buckets.updateAsync + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a NOT_FOUND error.Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: logging.folders.locations.buckets.views.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogBucket' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -15058,23 +15046,76 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: viewsId + required: true schema: type: string - format: google-fieldmask - /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets/{bucketsId}:undelete: + /v2/folders/{foldersId}/locations/{locationsId}/recentQueries: parameters: *ref_1 - post: + get: description: >- - Undeletes a log bucket. A bucket that has been deleted can be undeleted - within the grace period of 7 days. - operationId: logging.billingAccounts.locations.buckets.undelete + Lists the RecentQueries that were created by the user making the + request. + operationId: logging.folders.locations.recentQueries.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only + - Oauth2: + - https://www.googleapis.com/auth/logging.admin + Oauth2c: + - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListRecentQueriesResponse' + parameters: + - in: path + name: foldersId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v2/folders/{foldersId}/locations/{locationsId}/savedQueries/{savedQueriesId}: + parameters: *ref_1 + patch: + description: Updates an existing SavedQuery. + operationId: logging.folders.locations.savedQueries.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/UndeleteBucketRequest' + $ref: '#/components/schemas/SavedQuery' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15090,10 +15131,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/SavedQuery' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -15103,15 +15144,18 @@ paths: schema: type: string - in: path - name: bucketsId + name: savedQueriesId required: true schema: type: string - /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets/{bucketsId}/views: - parameters: *ref_1 + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: Lists views on a log bucket. - operationId: logging.billingAccounts.locations.buckets.views.list + description: Returns all data associated with the requested query. + operationId: logging.folders.locations.savedQueries.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15135,10 +15179,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListViewsResponse' + $ref: '#/components/schemas/SavedQuery' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -15148,29 +15192,15 @@ paths: schema: type: string - in: path - name: bucketsId + name: savedQueriesId required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - post: + delete: description: >- - Creates a view over log entries in a log bucket. A bucket may contain a - maximum of 30 views. - operationId: logging.billingAccounts.locations.buckets.views.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogView' + Deletes an existing SavedQuery that was created by the user making the + request. + operationId: logging.folders.locations.savedQueries.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15186,10 +15216,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogView' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -15199,19 +15229,15 @@ paths: schema: type: string - in: path - name: bucketsId + name: savedQueriesId required: true schema: type: string - - in: query - name: viewId - schema: - type: string - /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}: + /v2/folders/{foldersId}/locations/{locationsId}/savedQueries: parameters: *ref_1 get: - description: Gets a view on a log bucket. - operationId: logging.billingAccounts.locations.buckets.views.get + description: Lists the SavedQueries that were created by the user making the request. + operationId: logging.folders.locations.savedQueries.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15235,10 +15261,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogView' + $ref: '#/components/schemas/ListSavedQueriesResponse' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -15247,29 +15273,27 @@ paths: required: true schema: type: string - - in: path - name: bucketsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - - in: path - name: viewsId - required: true + - in: query + name: pageToken schema: type: string - patch: - description: >- - Updates a view on a log bucket. This method replaces the value of the - filter field from the existing view with the corresponding value from - the new view. If an UNAVAILABLE error is returned, this indicates that - system is not in a state where it can update the view. If this occurs, - please try again in a few minutes. - operationId: logging.billingAccounts.locations.buckets.views.patch + post: + description: Creates a new SavedQuery for the user making the request. + operationId: logging.folders.locations.savedQueries.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogView' + $ref: '#/components/schemas/SavedQuery' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15285,10 +15309,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogView' + $ref: '#/components/schemas/SavedQuery' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -15297,46 +15321,45 @@ paths: required: true schema: type: string - - in: path - name: bucketsId - required: true - schema: - type: string - - in: path - name: viewsId - required: true - schema: - type: string - in: query - name: updateMask + name: savedQueryId schema: type: string - format: google-fieldmask - delete: + /v2/folders/{foldersId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 + get: description: >- - Deletes a view on a log bucket. If an UNAVAILABLE error is returned, - this indicates that system is not in a state where it can delete the - view. If this occurs, please try again in a few minutes. - operationId: logging.billingAccounts.locations.buckets.views.delete + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: logging.folders.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -15346,22 +15369,17 @@ paths: schema: type: string - in: path - name: bucketsId - required: true - schema: - type: string - - in: path - name: viewsId + name: operationsId required: true schema: type: string - /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets/{bucketsId}/views/{viewsId}/logs: + /v2/folders/{foldersId}/locations/{locationsId}/operations: parameters: *ref_1 get: description: >- - Lists the logs in projects, organizations, folders, or billing accounts. - Only logs that have entries are listed. - operationId: logging.billingAccounts.locations.buckets.views.logs.list + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns UNIMPLEMENTED. + operationId: logging.folders.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15385,10 +15403,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLogsResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -15397,34 +15415,79 @@ paths: required: true schema: type: string - - in: path - name: bucketsId - required: true - schema: - type: string - - in: path - name: viewsId - required: true - schema: - type: string - in: query - name: resourceNames + name: returnPartialSuccess schema: - type: string + type: boolean - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: filter + schema: + type: string - in: query name: pageToken schema: type: string - /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets/{bucketsId}/links: + /v2/folders/{foldersId}/locations/{locationsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + google.rpc.Code.UNIMPLEMENTED. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + 1, corresponding to Code.CANCELLED. + operationId: logging.folders.locations.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/logging.admin + Oauth2c: + - https://www.googleapis.com/auth/logging.admin + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: foldersId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v2/folders/{foldersId}/locations/{locationsId}/logScopes/{logScopesId}: parameters: *ref_1 get: - description: Lists links. - operationId: logging.billingAccounts.locations.buckets.links.list + description: Gets a log scope. + operationId: logging.folders.locations.logScopes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15448,10 +15511,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLinksResponse' + $ref: '#/components/schemas/LogScope' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -15461,30 +15524,13 @@ paths: schema: type: string - in: path - name: bucketsId + name: logScopesId required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - post: - description: >- - Asynchronously creates a linked dataset in BigQuery which makes it - possible to use BigQuery to read the logs stored in the log bucket. A - log bucket may currently only contain one link. - operationId: logging.billingAccounts.locations.buckets.links.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Link' + delete: + description: Deletes a log scope. + operationId: logging.folders.locations.logScopes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15500,10 +15546,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -15513,46 +15559,37 @@ paths: schema: type: string - in: path - name: bucketsId + name: logScopesId required: true schema: type: string - - in: query - name: linkId - schema: - type: string - /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/buckets/{bucketsId}/links/{linksId}: - parameters: *ref_1 - get: - description: Gets a link. - operationId: logging.billingAccounts.locations.buckets.links.get + patch: + description: Updates a log scope. + operationId: logging.folders.locations.logScopes.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogScope' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Link' + $ref: '#/components/schemas/LogScope' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -15562,20 +15599,25 @@ paths: schema: type: string - in: path - name: bucketsId + name: logScopesId required: true schema: type: string - - in: path - name: linksId - required: true + - in: query + name: updateMask schema: type: string - delete: - description: >- - Deletes a link. This will also delete the corresponding BigQuery linked - dataset. - operationId: logging.billingAccounts.locations.buckets.links.delete + format: google-fieldmask + /v2/folders/{foldersId}/locations/{locationsId}/logScopes: + parameters: *ref_1 + post: + description: Creates a log scope. + operationId: logging.folders.locations.logScopes.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogScope' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15591,10 +15633,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/LogScope' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -15603,21 +15645,13 @@ paths: required: true schema: type: string - - in: path - name: bucketsId - required: true - schema: - type: string - - in: path - name: linksId - required: true + - in: query + name: logScopeId schema: type: string - /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/savedQueries: - parameters: *ref_1 get: - description: Lists the SavedQueries that were created by the user making the request. - operationId: logging.billingAccounts.locations.savedQueries.list + description: Lists log scopes. + operationId: logging.folders.locations.logScopes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15641,10 +15675,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSavedQueriesResponse' + $ref: '#/components/schemas/ListLogScopesResponse' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -15653,63 +15687,72 @@ paths: required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: filter + name: pageToken schema: type: string - post: - description: Creates a new SavedQuery for the user making the request. - operationId: logging.billingAccounts.locations.savedQueries.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SavedQuery' + /v2/folders/{foldersId}/locations: + parameters: *ref_1 + get: + description: Lists information about the supported locations for this service. + operationId: logging.folders.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: filter schema: type: string - in: query - name: savedQueryId + name: extraLocationTypes schema: type: string - /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/savedQueries/{savedQueriesId}: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/folders/{foldersId}/locations/{locationsId}: parameters: *ref_1 get: - description: Returns all data associated with the requested query. - operationId: logging.billingAccounts.locations.savedQueries.get + description: Gets information about a location. + operationId: logging.folders.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15733,10 +15776,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/Location' parameters: - in: path - name: billingAccountsId + name: foldersId required: true schema: type: string @@ -15745,19 +15788,28 @@ paths: required: true schema: type: string - - in: path - name: savedQueriesId - required: true - schema: - type: string + /v2/folders/{foldersId}/settings: + parameters: *ref_1 patch: - description: Updates an existing SavedQuery. - operationId: logging.billingAccounts.locations.savedQueries.patch + description: >- + Updates the settings for the given resource. This method applies to all + feature configurations for organization and folders.UpdateSettings fails + when any of the following are true: The value of storage_location either + isn't supported by Logging or violates the location OrgPolicy. The + default_sink_config field is set, but it has an unspecified filter write + mode. The value of kms_key_name is invalid. The associated service + account doesn't have the required + roles/cloudkms.cryptoKeyEncrypterDecrypter role assigned for the key. + Access to the key is disabled.See Configure default settings for + organizations and folders + (https://cloud.google.com/logging/docs/default-settings) for more + information. + operationId: logging.folders.updateSettings requestBody: content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/Settings' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15773,20 +15825,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SavedQuery' + $ref: '#/components/schemas/Settings' parameters: - in: path - name: billingAccountsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: savedQueriesId + name: foldersId required: true schema: type: string @@ -15795,50 +15837,56 @@ paths: schema: type: string format: google-fieldmask - delete: + get: description: >- - Deletes an existing SavedQuery that was created by the user making the - request. - operationId: logging.billingAccounts.locations.savedQueries.delete + Gets the settings for the given resource.Note: Settings can be retrieved + for Google Cloud projects, folders, organizations, and billing + accounts.See View default resource settings for Logging + (https://cloud.google.com/logging/docs/default-settings#view-org-settings) + for more information. + operationId: logging.folders.getSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Settings' parameters: - in: path - name: billingAccountsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: savedQueriesId + name: foldersId required: true schema: type: string - /v2/billingAccounts/{billingAccountsId}/locations/{locationsId}/recentQueries: + /v2/folders/{foldersId}/cmekSettings: parameters: *ref_1 get: description: >- - Lists the RecentQueries that were created by the user making the - request. - operationId: logging.billingAccounts.locations.recentQueries.list + Gets the Logging CMEK settings for the given resource.Note: CMEK for the + Log Router can be configured for Google Cloud projects, folders, + organizations, and billing accounts. Once configured for an + organization, it applies to all projects and folders in the Google Cloud + organization.See Enabling CMEK for Log Router + (https://cloud.google.com/logging/docs/routing/managed-encryption) for + more information. + operationId: logging.folders.getCmekSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15862,86 +15910,53 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRecentQueriesResponse' + $ref: '#/components/schemas/CmekSettings' parameters: - in: path - name: billingAccountsId - required: true - schema: - type: string - - in: path - name: locationsId + name: foldersId required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: filter - schema: - type: string - /v2/billingAccounts/{billingAccountsId}/exclusions: + /v2/{resource}: parameters: *ref_1 - get: - description: Lists all the exclusions on the _Default sink in a parent resource. - operationId: logging.billingAccounts.exclusions.list + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy.Can return NOT_FOUND, INVALID_ARGUMENT, and + PERMISSION_DENIED errors. + operationId: logging.locations.buckets.views.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListExclusionsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path - name: billingAccountsId + name: resource required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - post: - description: >- - Creates a new exclusion in the _Default sink in a specified parent - resource. Only log entries belonging to that resource can be excluded. - You can have up to 10 exclusions in a resource. - operationId: logging.billingAccounts.exclusions.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogExclusion' + /v2/{name}: + parameters: *ref_1 + delete: + description: Deletes an exclusion in the _Default sink. + operationId: logging.exclusions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15957,18 +15972,16 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogExclusion' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: billingAccountsId + name: name required: true schema: type: string - /v2/billingAccounts/{billingAccountsId}/exclusions/{exclusionsId}: - parameters: *ref_1 get: description: Gets the description of an exclusion in the _Default sink. - operationId: logging.billingAccounts.exclusions.get + operationId: logging.exclusions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15990,17 +16003,12 @@ paths: '200': description: Successful response content: - application/json: - schema: - $ref: '#/components/schemas/LogExclusion' - parameters: - - in: path - name: billingAccountsId - required: true - schema: - type: string + application/json: + schema: + $ref: '#/components/schemas/LogExclusion' + parameters: - in: path - name: exclusionsId + name: name required: true schema: type: string @@ -16008,7 +16016,7 @@ paths: description: >- Changes one or more properties of an existing exclusion in the _Default sink. - operationId: logging.billingAccounts.exclusions.patch + operationId: logging.exclusions.patch requestBody: content: application/json: @@ -16032,12 +16040,7 @@ paths: $ref: '#/components/schemas/LogExclusion' parameters: - in: path - name: billingAccountsId - required: true - schema: - type: string - - in: path - name: exclusionsId + name: name required: true schema: type: string @@ -16046,9 +16049,23 @@ paths: schema: type: string format: google-fieldmask - delete: - description: Deletes an exclusion in the _Default sink. - operationId: logging.billingAccounts.exclusions.delete + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + google.rpc.Code.UNIMPLEMENTED. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + 1, corresponding to Code.CANCELLED. + operationId: logging.locations.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16067,20 +16084,15 @@ paths: $ref: '#/components/schemas/Empty' parameters: - in: path - name: billingAccountsId - required: true - schema: - type: string - - in: path - name: exclusionsId + name: name required: true schema: type: string - /v2/billingAccounts/{billingAccountsId}/sinks: + /v2/{parentType}/{parent}/views: parameters: *ref_1 get: - description: Lists sinks. - operationId: logging.billingAccounts.sinks.list + description: Lists views on a log bucket. + operationId: logging.locations.buckets.views.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16104,15 +16116,16 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSinksResponse' + $ref: '#/components/schemas/ListViewsResponse' parameters: - in: path - name: billingAccountsId + name: parentType required: true schema: type: string - - in: query - name: pageToken + - in: path + name: parent + required: true schema: type: string - in: query @@ -16121,21 +16134,19 @@ paths: type: integer format: int32 - in: query - name: filter + name: pageToken schema: type: string post: description: >- - Creates a sink that exports specified log entries to a destination. The - export begins upon ingress, unless the sink's writer_identity is not - permitted to write to the destination. A sink can export log entries - only from the resource owning the sink. - operationId: logging.billingAccounts.sinks.create + Creates a view over log entries in a log bucket. A bucket may contain a + maximum of 30 views. + operationId: logging.locations.buckets.views.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/LogView' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16151,125 +16162,125 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/LogView' parameters: - in: path - name: billingAccountsId + name: parentType required: true schema: type: string - - in: query - name: uniqueWriterIdentity + - in: path + name: parent + required: true schema: - type: boolean + type: string - in: query - name: customWriterIdentity + name: viewId schema: type: string - /v2/billingAccounts/{billingAccountsId}/sinks/{sinksId}: + /v2/{parentType}/{parent}/links: parameters: *ref_1 - get: - description: Gets a sink. - operationId: logging.billingAccounts.sinks.get + post: + description: >- + Asynchronously creates a linked dataset in BigQuery which makes it + possible to use BigQuery to read the logs stored in the log bucket. A + log bucket may currently only contain one link. + operationId: logging.locations.buckets.links.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Link' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: billingAccountsId + name: parentType required: true schema: type: string - in: path - name: sinksId + name: parent required: true schema: type: string - put: - description: >- - Updates a sink. This method replaces the values of the destination and - filter fields of the existing sink with the corresponding values from - the new sink.The updated sink might also have a new writer_identity; see - the unique_writer_identity field. - operationId: logging.billingAccounts.sinks.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LogSink' + - in: query + name: linkId + schema: + type: string + get: + description: Lists links. + operationId: logging.locations.buckets.links.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/ListLinksResponse' parameters: - in: path - name: billingAccountsId + name: parentType required: true schema: type: string - in: path - name: sinksId + name: parent required: true schema: type: string - in: query - name: uniqueWriterIdentity - schema: - type: boolean - - in: query - name: customWriterIdentity + name: pageToken schema: type: string - in: query - name: updateMask + name: pageSize schema: - type: string - format: google-fieldmask - patch: + type: integer + format: int32 + /v2/{parentType}/{parent}/buckets: + parameters: *ref_1 + post: description: >- - Updates a sink. This method replaces the values of the destination and - filter fields of the existing sink with the corresponding values from - the new sink.The updated sink might also have a new writer_identity; see - the unique_writer_identity field. - operationId: logging.billingAccounts.sinks.patch + Creates a log bucket that can be used to store log entries. After a + bucket has been created, the bucket's location cannot be changed. + operationId: logging.locations.buckets.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/LogBucket' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16285,107 +16296,128 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LogSink' + $ref: '#/components/schemas/LogBucket' parameters: - in: path - name: billingAccountsId + name: parentType required: true schema: type: string - in: path - name: sinksId + name: parent required: true schema: type: string - in: query - name: uniqueWriterIdentity - schema: - type: boolean - - in: query - name: customWriterIdentity - schema: - type: string - - in: query - name: updateMask + name: bucketId schema: type: string - format: google-fieldmask - delete: - description: >- - Deletes a sink. If the sink has a unique writer_identity, then that - service account is also deleted. - operationId: logging.billingAccounts.sinks.delete + get: + description: Lists log buckets. + operationId: logging.locations.buckets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListBucketsResponse' parameters: - in: path - name: billingAccountsId + name: parentType required: true schema: type: string - in: path - name: sinksId + name: parent required: true schema: type: string - /v2/billingAccounts/{billingAccountsId}/logs/{logsId}: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v2/{name}/operations: parameters: *ref_1 - delete: + get: description: >- - Deletes all the log entries in a log for the global _Default Log Bucket. - The log reappears if it receives new entries. Log entries written - shortly before the delete operation might not be deleted. Entries - received after the delete operation with a timestamp before the - operation will be deleted. - operationId: logging.billingAccounts.logs.delete + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns UNIMPLEMENTED. + operationId: logging.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin + - Oauth2: + - https://www.googleapis.com/auth/logging.read + Oauth2c: + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path - name: billingAccountsId + name: name required: true schema: type: string - - in: path - name: logsId - required: true + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize schema: - type: string - /v2/billingAccounts/{billingAccountsId}/logs: + type: integer + format: int32 + /v2/{name}/locations: parameters: *ref_1 get: - description: >- - Lists the logs in projects, organizations, folders, or billing accounts. - Only logs that have entries are listed. - operationId: logging.billingAccounts.logs.list + description: Lists information about the supported locations for this service. + operationId: logging.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16409,15 +16441,15 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLogsResponse' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path - name: billingAccountsId + name: name required: true schema: type: string - in: query - name: resourceNames + name: pageToken schema: type: string - in: query @@ -16426,19 +16458,35 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: extraLocationTypes schema: type: string - /v2/entries:copy: + - in: query + name: filter + schema: + type: string + /v2/{name}/settings: parameters: *ref_1 - post: - description: Copies a set of log entries from a log bucket to a Cloud Storage bucket. - operationId: logging.entries.copy + patch: + description: >- + Updates the settings for the given resource. This method applies to all + feature configurations for organization and folders.UpdateSettings fails + when any of the following are true: The value of storage_location either + isn't supported by Logging or violates the location OrgPolicy. The + default_sink_config field is set, but it has an unspecified filter write + mode. The value of kms_key_name is invalid. The associated service + account doesn't have the required + roles/cloudkms.cryptoKeyEncrypterDecrypter role assigned for the key. + Access to the key is disabled.See Configure default settings for + organizations and folders + (https://cloud.google.com/logging/docs/default-settings) for more + information. + operationId: logging.updateSettings requestBody: content: application/json: schema: - $ref: '#/components/schemas/CopyLogEntriesRequest' + $ref: '#/components/schemas/Settings' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16454,97 +16502,113 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' - parameters: [] - /v2/entries:write: - parameters: *ref_1 - post: + $ref: '#/components/schemas/Settings' + parameters: + - in: path + name: name + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: description: >- - Writes log entries to Logging. This API method is the only way to send - log entries to Logging. This method is used, directly or indirectly, by - the Logging agent (fluentd) and all logging libraries configured to use - Logging. A single request may contain log entries for a maximum of 1000 - different resource names (projects, organizations, billing accounts or - folders), where the resource name for a log entry is determined from its - logName field. - operationId: logging.entries.write - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/WriteLogEntriesRequest' + Gets the settings for the given resource.Note: Settings can be retrieved + for Google Cloud projects, folders, organizations, and billing + accounts.See View default resource settings for Logging + (https://cloud.google.com/logging/docs/default-settings#view-org-settings) + for more information. + operationId: logging.getSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - Oauth2: - - https://www.googleapis.com/auth/logging.write + - https://www.googleapis.com/auth/logging.read Oauth2c: - - https://www.googleapis.com/auth/logging.write + - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/WriteLogEntriesResponse' - parameters: [] - /v2/entries:list: + $ref: '#/components/schemas/Settings' + parameters: + - in: path + name: name + required: true + schema: + type: string + /v2/{name}/cmekSettings: parameters: *ref_1 - post: + patch: description: >- - Lists log entries. Use this method to retrieve log entries that - originated from a project/folder/organization/billing account. For ways - to export log entries, see Exporting Logs - (https://cloud.google.com/logging/docs/export). - operationId: logging.entries.list + Updates the Log Router CMEK settings for the given resource.Note: CMEK + for the Log Router can currently only be configured for Google Cloud + organizations. Once configured, it applies to all projects and folders + in the Google Cloud organization.UpdateCmekSettings fails when any of + the following are true: The value of kms_key_name is invalid. The + associated service account doesn't have the required + roles/cloudkms.cryptoKeyEncrypterDecrypter role assigned for the key. + Access to the key is disabled.See Enabling CMEK for Log Router + (https://cloud.google.com/logging/docs/routing/managed-encryption) for + more information. + operationId: logging.updateCmekSettings requestBody: content: application/json: schema: - $ref: '#/components/schemas/ListLogEntriesRequest' + $ref: '#/components/schemas/CmekSettings' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/logging.admin Oauth2c: - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListLogEntriesResponse' - parameters: [] - /v2/entries:tail: - parameters: *ref_1 - post: + $ref: '#/components/schemas/CmekSettings' + parameters: + - in: path + name: name + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: description: >- - Streaming read of log entries as they are received. Until the stream is - terminated, it will continue reading logs. - operationId: logging.entries.tail - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TailLogEntriesRequest' + Gets the Logging CMEK settings for the given resource.Note: CMEK for the + Log Router can be configured for Google Cloud projects, folders, + organizations, and billing accounts. Once configured for an + organization, it applies to all projects and folders in the Google Cloud + organization.See Enabling CMEK for Log Router + (https://cloud.google.com/logging/docs/routing/managed-encryption) for + more information. + operationId: logging.getCmekSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16568,18 +16632,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TailLogEntriesResponse' - parameters: [] - /v2/{logName}: + $ref: '#/components/schemas/CmekSettings' + parameters: + - in: path + name: name + required: true + schema: + type: string + /v2/{parentType}/{parent}/exclusions: parameters: *ref_1 - delete: + post: description: >- - Deletes all the log entries in a log for the global _Default Log Bucket. - The log reappears if it receives new entries. Log entries written - shortly before the delete operation might not be deleted. Entries - received after the delete operation with a timestamp before the - operation will be deleted. - operationId: logging.logs.delete + Creates a new exclusion in the _Default sink in a specified parent + resource. Only log entries belonging to that resource can be excluded. + You can have up to 10 exclusions in a resource. + operationId: logging.exclusions.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LogExclusion' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16595,20 +16667,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/LogExclusion' parameters: - in: path - name: logName + name: parentType + required: true + schema: + type: string + - in: path + name: parent required: true schema: type: string - /v2/{parentType}/{parent}/logs: - parameters: *ref_1 get: - description: >- - Lists the logs in projects, organizations, folders, or billing accounts. - Only logs that have entries are listed. - operationId: logging.logs.list + description: Lists all the exclusions on the _Default sink in a parent resource. + operationId: logging.exclusions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16632,7 +16705,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLogsResponse' + $ref: '#/components/schemas/ListExclusionsResponse' parameters: - in: path name: parentType @@ -16644,55 +16717,12 @@ paths: required: true schema: type: string - - in: query - name: resourceNames - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: type: string - /v2/monitoredResourceDescriptors: - parameters: *ref_1 - get: - description: Lists the descriptors for monitored resource types used by Logging. - operationId: logging.monitoredResourceDescriptors.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - - Oauth2: - - https://www.googleapis.com/auth/logging.admin - Oauth2c: - - https://www.googleapis.com/auth/logging.admin - - Oauth2: - - https://www.googleapis.com/auth/logging.read - Oauth2c: - - https://www.googleapis.com/auth/logging.read - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListMonitoredResourceDescriptorsResponse' - parameters: - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/looker.yaml b/providers/src/googleapis.com/v00.00.00000/services/looker.yaml index 85b217cb..56f63deb 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/looker.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/looker.yaml @@ -7,8 +7,8 @@ info: title: Looker (Google Cloud core) API description: '' version: v1 - x-discovery-doc-revision: '20250730' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251113' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/looker/docs/reference/rest/ servers: @@ -34,166 +34,255 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + ListInstanceBackupsResponse: + id: ListInstanceBackupsResponse type: object properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. + unreachable: type: array items: - $ref: '#/components/schemas/Operation' + type: string + description: Locations that could not be reached. + instanceBackups: + type: array + description: >- + The list of instances matching the request filters, up to the + requested `page_size`. + items: + $ref: '#/components/schemas/InstanceBackup' nextPageToken: - description: The standard List next-page token. type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: + If provided, a page token that can look up the next `page_size` + results. If empty, the results list is exhausted. + description: Response from listing Looker instance backups. + TimeOfDay: + properties: + minutes: description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + Minutes of an hour. Must be greater than or equal to 0 and less than + or equal to 59. + type: integer + format: int32 + nanos: description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + Fractions of seconds, in nanoseconds. Must be greater than or equal + to 0 and less than or equal to 999,999,999. + type: integer + format: int32 + seconds: + type: integer + format: int32 description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + Seconds of a minute. Must be greater than or equal to 0 and + typically must be less than or equal to 59. An API may allow the + value 60 if it allows leap-seconds. + hours: + type: integer + format: int32 description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status + Hours of a day in 24 hour format. Must be greater than or equal to 0 + and typically must be less than or equal to 23. An API may choose to + allow the value "24:00:00" for scenarios like business closing time. + id: TimeOfDay description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + Represents a time of day. The date and time zone are either not + significant or are specified elsewhere. An API may choose to allow leap + seconds. Related types are google.type.Date and + `google.protobuf.Timestamp`. type: object + UserMetadata: + id: UserMetadata properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. + additionalViewerUserCount: + description: >- + Optional. The number of additional viewer users the instance owner + has purchased. + format: int32 + type: integer + additionalDeveloperUserCount: + description: >- + Optional. The number of additional developer users the instance + owner has purchased. type: integer format: int32 + additionalStandardUserCount: + format: int32 + type: integer + description: >- + Optional. The number of additional standard users the instance owner + has purchased. + description: Metadata about users for a Looker instance. + type: object + AdminSettings: + description: Looker instance Admin settings fields. + properties: + allowedEmailDomains: + type: array + items: + type: string + description: Email domain allowlist for the instance. + id: AdminSettings + type: object + Status: + id: Status + properties: + details: + items: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + type: array + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. message: description: >- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). type: object - properties: {} CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object properties: {} - ListInstancesResponse: - id: ListInstancesResponse - description: Response from ListInstances. type: object + id: CancelOperationRequest + description: The request message for Operations.CancelOperation. + PscConfig: properties: - instances: - description: >- - The list of instances matching the request filters, up to the - requested ListInstancesRequest.pageSize. - type: array + serviceAttachments: + description: Optional. List of egress service attachment configurations. items: - $ref: '#/components/schemas/Instance' - nextPageToken: - description: >- - If provided, a page token that can look up the next - ListInstancesRequest.pageSize results. If empty, the results list is - exhausted. - type: string - unreachable: - description: Locations that could not be reached. + $ref: '#/components/schemas/ServiceAttachment' + type: array + allowedVpcs: type: array + description: >- + Optional. List of VPCs that are allowed ingress into looker. Format: + projects/{project}/global/networks/{network} items: type: string - Instance: - id: Instance - description: A Looker instance. + lookerServiceAttachmentUri: + type: string + description: Output only. URI of the Looker service attachment. + readOnly: true + type: object + description: >- + Information for Private Service Connect (PSC) setup for a Looker + instance. + id: PscConfig + PeriodicExportConfig: + id: PeriodicExportConfig type: object + description: Configuration for periodic export. properties: - name: + kmsKey: description: >- - Output only. Format: - `projects/{project}/locations/{location}/instances/{instance}`. - readOnly: true + Required. Name of the CMEK key in KMS. Format: + projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key} + type: string + startTime: + $ref: '#/components/schemas/TimeOfDay' + description: Required. Time in UTC to start the periodic export job. + gcsUri: type: string - createTime: description: >- - Output only. The time when the Looker instance provisioning was - first requested. + Required. Cloud Storage bucket URI for periodic export. Format: + gs://{bucket_name} + Instance: + description: A Looker instance. + type: object + id: Instance + properties: + satisfiesPzi: + description: Output only. Reserved for future use. + type: boolean readOnly: true + periodicExportConfig: + description: Optional. Configuration for periodic export. + $ref: '#/components/schemas/PeriodicExportConfig' + encryptionConfig: + description: >- + Encryption configuration (CMEK). Only set if CMEK has been enabled + on the instance. + $ref: '#/components/schemas/EncryptionConfig' + pscEnabled: + type: boolean + description: >- + Optional. Whether to use Private Service Connect (PSC) for private + IP connectivity. If true, neither `public_ip_enabled` nor + `private_ip_enabled` can be true. + consumerNetwork: type: string - format: google-datetime - updateTime: - description: Output only. The time when the Looker instance was last updated. + description: >- + Network name in the consumer project. Format: + `projects/{project}/global/networks/{network}`. Note that the + consumer network may be in a different GCP project than the consumer + project that is hosting the Looker Instance. + ingressPublicIp: + description: Output only. Public Ingress IP (IPv4). readOnly: true type: string - format: google-datetime + customDomain: + description: Custom domain configuration for the instance. + $ref: '#/components/schemas/CustomDomain' + geminiEnabled: + type: boolean + description: >- + Optional. Whether Gemini feature is enabled on the Looker instance + or not. + adminSettings: + description: Looker Instance Admin settings. + $ref: '#/components/schemas/AdminSettings' + fipsEnabled: + description: Optional. Whether FIPS is enabled on the Looker instance. + type: boolean + maintenanceWindow: + description: Maintenance window for this instance. + $ref: '#/components/schemas/MaintenanceWindow' + controlledEgressEnabled: + type: boolean + description: >- + Optional. Whether controlled egress is enabled on the Looker + instance. + classType: + enumDescriptions: + - Unspecified storage class. + - Filestore. + - PD SSD. + description: Optional. Storage class of the instance. + enum: + - CLASS_TYPE_UNSPECIFIED + - R1 + - P1 + type: string + controlledEgressConfig: + description: Optional. Controlled egress configuration. + $ref: '#/components/schemas/ControlledEgressConfig' state: - description: Output only. The state of the instance. - readOnly: true + enum: + - STATE_UNSPECIFIED + - ACTIVE + - CREATING + - FAILED + - SUSPENDED + - UPDATING + - DELETING + - EXPORTING + - IMPORTING type: string enumDescriptions: - State is unspecified. @@ -205,32 +294,41 @@ components: - Instance delete is in progress. - Instance is being exported. - Instance is importing data. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - CREATING - - FAILED - - SUSPENDED - - UPDATING - - DELETING - - EXPORTING - - IMPORTING + description: Output only. The state of the instance. + readOnly: true + name: + readOnly: true + type: string + description: >- + Output only. Format: + `projects/{project}/locations/{location}/instances/{instance}`. + egressPublicIp: + type: string + readOnly: true + description: Output only. Public Egress IP (IPv4). + createTime: + readOnly: true + format: google-datetime + description: >- + Output only. The time when the Looker instance provisioning was + first requested. + type: string + linkedLspProjectNumber: + description: Optional. Linked Google Cloud Project Number for Looker Studio Pro. + type: string + format: int64 + lookerUri: + readOnly: true + description: >- + Output only. Looker instance URI which can be used to access the + Looker Instance UI. + type: string + satisfiesPzs: + description: Output only. Reserved for future use. + readOnly: true + type: boolean platformEdition: - description: Platform edition. type: string - enumDescriptions: - - Platform edition is unspecified. - - Trial. - - Standard. - - Subscription Standard. - - Subscription Enterprise. - - Subscription Embed. - - Nonprod Subscription Standard. - - Nonprod Subscription Enterprise. - - Nonprod Subscription Embed. - - Trial Standard. - - Trial Enterprise. - - Trial Embed. enum: - PLATFORM_EDITION_UNSPECIFIED - LOOKER_CORE_TRIAL @@ -244,350 +342,319 @@ components: - LOOKER_CORE_TRIAL_STANDARD - LOOKER_CORE_TRIAL_ENTERPRISE - LOOKER_CORE_TRIAL_EMBED + description: Platform edition. + enumDescriptions: + - Platform edition is unspecified. + - Trial. + - Standard. + - Subscription Standard. + - Subscription Enterprise. + - Subscription Embed. + - Nonprod Subscription Standard. + - Nonprod Subscription Enterprise. + - Nonprod Subscription Embed. + - Trial Standard. + - Trial Enterprise. + - Trial Embed. + maintenanceSchedule: + description: Maintenance schedule for this instance. + $ref: '#/components/schemas/MaintenanceSchedule' publicIpEnabled: - description: Whether public IP is enabled on the Looker instance. - type: boolean - privateIpEnabled: - description: Whether private IP is enabled on the Looker instance. type: boolean + description: Whether public IP is enabled on the Looker instance. + reservedRange: + type: string + description: >- + Name of a reserved IP address range within the + Instance.consumer_network, to be used for private services access + connection. May or may not be specified in a create request. + updateTime: + description: Output only. The time when the Looker instance was last updated. + type: string + readOnly: true + format: google-datetime lookerVersion: description: Output only. The Looker version that the instance is using. readOnly: true type: string - egressPublicIp: - description: Output only. Public Egress IP (IPv4). - readOnly: true - type: string ingressPrivateIp: - description: Output only. Private Ingress IP (IPv4). - readOnly: true - type: string - ingressPublicIp: - description: Output only. Public Ingress IP (IPv4). - readOnly: true type: string - lookerUri: - description: >- - Output only. Looker instance URI which can be used to access the - Looker Instance UI. readOnly: true - type: string - pscEnabled: - description: >- - Optional. Whether to use Private Service Connect (PSC) for private - IP connectivity. If true, neither `public_ip_enabled` nor - `private_ip_enabled` can be true. - type: boolean - pscConfig: - description: Optional. PSC configuration. Used when `psc_enabled` is true. - $ref: '#/components/schemas/PscConfig' - consumerNetwork: - description: >- - Network name in the consumer project. Format: - `projects/{project}/global/networks/{network}`. Note that the - consumer network may be in a different GCP project than the consumer - project that is hosting the Looker Instance. - type: string - reservedRange: - description: >- - Name of a reserved IP address range within the - Instance.consumer_network, to be used for private services access - connection. May or may not be specified in a create request. - type: string - maintenanceWindow: - description: Maintenance window for this instance. - $ref: '#/components/schemas/MaintenanceWindow' - denyMaintenancePeriod: - description: Maintenance denial period for this instance. - $ref: '#/components/schemas/DenyMaintenancePeriod' + description: Output only. Private Ingress IP (IPv4). + userMetadata: + description: Optional. User metadata. + $ref: '#/components/schemas/UserMetadata' lastDenyMaintenancePeriod: description: >- Output only. Last computed maintenance denial period for this instance. readOnly: true $ref: '#/components/schemas/DenyMaintenancePeriod' - maintenanceSchedule: - description: Maintenance schedule for this instance. - $ref: '#/components/schemas/MaintenanceSchedule' - userMetadata: - description: Optional. User metadata. - $ref: '#/components/schemas/UserMetadata' - customDomain: - description: Custom domain configuration for the instance. - $ref: '#/components/schemas/CustomDomain' - encryptionConfig: - description: >- - Encryption configuration (CMEK). Only set if CMEK has been enabled - on the instance. - $ref: '#/components/schemas/EncryptionConfig' - adminSettings: - description: Looker Instance Admin settings. - $ref: '#/components/schemas/AdminSettings' + denyMaintenancePeriod: + $ref: '#/components/schemas/DenyMaintenancePeriod' + description: Maintenance denial period for this instance. + privateIpEnabled: + type: boolean + description: Whether private IP is enabled on the Looker instance. + pscConfig: + description: Optional. PSC configuration. Used when `psc_enabled` is true. + $ref: '#/components/schemas/PscConfig' oauthConfig: description: Looker instance OAuth login settings. $ref: '#/components/schemas/OAuthConfig' - linkedLspProjectNumber: - description: Optional. Linked Google Cloud Project Number for Looker Studio Pro. - type: string - format: int64 - fipsEnabled: - description: Optional. Whether FIPS is enabled on the Looker instance. - type: boolean - geminiEnabled: - description: >- - Optional. Whether Gemini feature is enabled on the Looker instance - or not. - type: boolean - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - classType: - description: Optional. Storage class of the instance. + ExportEncryptionConfig: + properties: + kmsKeyName: type: string - enumDescriptions: - - Unspecified storage class. - - Filestore. - - PD SSD. - enum: - - CLASS_TYPE_UNSPECIFIED - - R1 - - P1 - PscConfig: - id: PscConfig - description: >- - Information for Private Service Connect (PSC) setup for a Looker - instance. + description: Required. Name of the CMEK key in KMS. type: object - properties: - allowedVpcs: - description: >- - Optional. List of VPCs that are allowed ingress into looker. Format: - projects/{project}/global/networks/{network} + id: ExportEncryptionConfig + description: Configuration for Encryption - e.g. CMEK. + ListInstancesResponse: + type: object + properties: + instances: type: array + items: + $ref: '#/components/schemas/Instance' + description: >- + The list of instances matching the request filters, up to the + requested ListInstancesRequest.pageSize. + unreachable: items: type: string - serviceAttachments: - description: Optional. List of egress service attachment configurations. + description: Locations that could not be reached. type: array - items: - $ref: '#/components/schemas/ServiceAttachment' - lookerServiceAttachmentUri: - description: Output only. URI of the Looker service attachment. - readOnly: true + nextPageToken: + description: >- + If provided, a page token that can look up the next + ListInstancesRequest.pageSize results. If empty, the results list is + exhausted. type: string - ServiceAttachment: - id: ServiceAttachment - description: Service attachment configuration. - type: object + description: Response from ListInstances. + id: ListInstancesResponse + Location: + description: A resource that represents a Google Cloud location. properties: - localFqdn: + labels: description: >- - Optional. Fully qualified domain name that will be used in the - private DNS record created for the service attachment. - type: string - targetServiceAttachmentUri: + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + additionalProperties: + type: string + type: object + metadata: description: >- - Required. URI of the service attachment to connect to. Format: - projects/{project}/regions/{region}/serviceAttachments/{service_attachment} + Service-specific metadata. For example the available capacity at the + given location. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + locationId: type: string - connectionStatus: - description: Output only. Connection status. - readOnly: true + description: 'The canonical id for this location. For example: `"us-east1"`.' + displayName: type: string - enumDescriptions: - - Connection status is unspecified. - - Connection is established and functioning normally. - - >- - Connection is not established (Looker tenant project hasn't been - allowlisted). - - >- - Connection is not established (Looker tenant project is explicitly - in reject list). - - >- - Issue with target service attachment, e.g. NAT subnet is - exhausted. - - >- - Target service attachment does not exist. This status is a - terminal state. - enum: - - UNKNOWN - - ACCEPTED - - PENDING - - REJECTED - - NEEDS_ATTENTION - - CLOSED - localFqdns: description: >- - Optional. List of fully qualified domain names that will be used in - the private DNS record created for the service attachment. - type: array - items: - type: string - MaintenanceWindow: - id: MaintenanceWindow - description: Specifies the recurring maintenance window. + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + name: + type: string + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` type: object + id: Location + OperationMetadata: + type: object + id: OperationMetadata properties: - dayOfWeek: - description: Required. Day of the week for this MaintenanceWindow (in UTC). + requestedCancellation: + type: boolean + description: >- + Identifies whether the user has requested cancellation of the + operation. Operations that have successfully been cancelled have + Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. + apiVersion: + type: string + description: API version used to start the operation. + createTime: + description: The time the operation was created. + type: string + format: google-datetime + endTime: + type: string + format: google-datetime + description: The time the operation finished running. + statusMessage: + type: string + description: Human-readable status of the operation, if any. + target: + description: Server-defined resource path for the target of the operation. + type: string + verb: + description: Name of the verb executed by the operation. + type: string + description: Represents the metadata of the long-running operation. + EncryptionConfig: + id: EncryptionConfig + properties: + kmsKeyName: + description: Name of the CMEK key in KMS (input parameter). + type: string + kmsKeyNameVersion: + type: string + description: >- + Output only. Full name and version of the CMEK key currently in use + to encrypt Looker data. Format: + `projects/{project}/locations/{location}/keyRings/{ring}/cryptoKeys/{key}/cryptoKeyVersions/{version}`. + Empty if CMEK is not configured in this instance. + readOnly: true + kmsKeyState: type: string + readOnly: true enumDescriptions: - - The day of the week is unspecified. - - Monday - - Tuesday - - Wednesday - - Thursday - - Friday - - Saturday - - Sunday + - CMEK status not specified. + - CMEK key is currently valid. + - >- + CMEK key is currently revoked (instance should in restricted + mode). + description: Output only. Status of the CMEK key. enum: - - DAY_OF_WEEK_UNSPECIFIED - - MONDAY - - TUESDAY - - WEDNESDAY - - THURSDAY - - FRIDAY - - SATURDAY - - SUNDAY - startTime: - description: >- - Required. Time in UTC when the period starts. Maintenance will be - scheduled within 60 minutes. - $ref: '#/components/schemas/TimeOfDay' - TimeOfDay: - id: TimeOfDay - description: >- - Represents a time of day. The date and time zone are either not - significant or are specified elsewhere. An API may choose to allow leap - seconds. Related types are google.type.Date and - `google.protobuf.Timestamp`. + - KMS_KEY_STATE_UNSPECIFIED + - VALID + - REVOKED + type: object + description: Encryption configuration (i.e. CMEK). + Operation: type: object + description: >- + This resource represents a long-running operation that is the result of + a network API call. + id: Operation properties: - hours: + metadata: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object description: >- - Hours of a day in 24 hour format. Must be greater than or equal to 0 - and typically must be less than or equal to 23. An API may choose to - allow the value "24:00:00" for scenarios like business closing time. - type: integer - format: int32 - minutes: + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + response: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - Minutes of an hour. Must be greater than or equal to 0 and less than - or equal to 59. - type: integer - format: int32 - seconds: + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + error: description: >- - Seconds of a minute. Must be greater than or equal to 0 and - typically must be less than or equal to 59. An API may allow the - value 60 if it allows leap-seconds. - type: integer - format: int32 - nanos: + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + name: description: >- - Fractions of seconds, in nanoseconds. Must be greater than or equal - to 0 and less than or equal to 999,999,999. - type: integer - format: int32 - DenyMaintenancePeriod: - id: DenyMaintenancePeriod - description: Specifies the maintenance denial period. - type: object + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + RestoreInstanceRequest: properties: - startDate: - description: Required. Start date of the deny maintenance period. - $ref: '#/components/schemas/Date' - endDate: - description: Required. End date of the deny maintenance period. - $ref: '#/components/schemas/Date' - time: - description: Required. Time in UTC when the period starts and ends. - $ref: '#/components/schemas/TimeOfDay' - Date: - id: Date - description: >- - Represents a whole or partial calendar date, such as a birthday. The - time of day and time zone are either specified elsewhere or are - insignificant. The date is relative to the Gregorian Calendar. This can - represent one of the following: * A full date, with non-zero year, - month, and day values. * A month and day, with a zero year (for example, - an anniversary). * A year on its own, with a zero month and a zero day. - * A year and month, with a zero day (for example, a credit card - expiration date). Related types: * google.type.TimeOfDay * - google.type.DateTime * google.protobuf.Timestamp + backup: + description: >- + Required. Backup being used to restore the instance Format: + projects/{project}/locations/{location}/instances/{instance}/backups/{backup} + type: string + id: RestoreInstanceRequest + description: Request options for restoring an instance + type: object + ControlledEgressConfig: type: object + description: Controlled egress configuration. properties: - year: - description: >- - Year of the date. Must be from 1 to 9999, or 0 to specify a date - without a year. - type: integer - format: int32 - month: - description: >- - Month of a year. Must be from 1 to 12, or 0 to specify a year - without a month and day. - type: integer - format: int32 - day: + marketplaceEnabled: + description: Optional. Whether marketplace is enabled. + type: boolean + egressFqdns: description: >- - Day of a month. Must be from 1 to 31 and valid for the year and - month, or 0 to specify a year by itself or a year and month where - the day isn't significant. - type: integer - format: int32 - MaintenanceSchedule: - id: MaintenanceSchedule - description: Published upcoming future maintenance schedule. + Optional. List of fully qualified domain names to be added to the + allowlist for outbound traffic. + items: + type: string + type: array + id: ControlledEgressConfig + ExportMetadata: type: object + description: >- + ExportMetadata represents the metadata of the exported artifacts. The + metadata.json file in export artifact can be parsed as this message properties: - startTime: - description: The scheduled start time for the maintenance. + filePaths: + type: array + items: + type: string + description: >- + List of files created as part of export artifact (excluding the + metadata). The paths are relative to the folder containing the + metadata. + lookerPlatformEdition: type: string - format: google-datetime - endTime: - description: The scheduled end time for the maintenance. + description: Platform edition of the exported instance. + lookerVersion: + description: Version of instance when the export was created. + type: string + source: + enum: + - SOURCE_UNSPECIFIED + - LOOKER_CORE + - LOOKER_ORIGINAL + type: string + enumDescriptions: + - Source not specified + - Source of export is Looker Core + - Source of export is Looker Original + description: The source type of the migration. + lookerInstance: type: string - format: google-datetime - UserMetadata: - id: UserMetadata - description: Metadata about users for a Looker instance. - type: object - properties: - additionalViewerUserCount: - description: >- - Optional. The number of additional viewer users the instance owner - has purchased. - type: integer - format: int32 - additionalStandardUserCount: description: >- - Optional. The number of additional standard users the instance owner - has purchased. - type: integer - format: int32 - additionalDeveloperUserCount: + Name of the exported instance. Format: + projects/{project}/locations/{location}/instances/{instance} + lookerEncryptionKey: + type: string description: >- - Optional. The number of additional developer users the instance - owner has purchased. - type: integer - format: int32 + Looker encryption key, encrypted with the provided export encryption + key. This value will only be populated if the looker instance uses + Looker managed encryption instead of CMEK. + exportEncryptionKey: + $ref: '#/components/schemas/ExportMetadataEncryptionKey' + description: Encryption key that was used to encrypt the export artifacts. + id: ExportMetadata CustomDomain: - id: CustomDomain description: Custom domain information. - type: object + id: CustomDomain properties: - domain: - description: Domain name. - type: string state: - description: Domain state. - type: string enumDescriptions: - Unspecified state. - DNS record is not created. @@ -596,6 +663,7 @@ components: - ManagedCertificate is ready. - ManagedCertificate is not ready. - Status is not known. + description: Domain state. enum: - CUSTOM_DOMAIN_STATE_UNSPECIFIED - UNVERIFIED @@ -604,317 +672,303 @@ components: - AVAILABLE - UNAVAILABLE - UNKNOWN - EncryptionConfig: - id: EncryptionConfig - description: Encryption configuration (i.e. CMEK). - type: object - properties: - kmsKeyName: - description: Name of the CMEK key in KMS (input parameter). type: string - kmsKeyState: - description: Output only. Status of the CMEK key. - readOnly: true - type: string - enumDescriptions: - - CMEK status not specified. - - CMEK key is currently valid. - - >- - CMEK key is currently revoked (instance should in restricted - mode). - enum: - - KMS_KEY_STATE_UNSPECIFIED - - VALID - - REVOKED - kmsKeyNameVersion: - description: >- - Output only. Full name and version of the CMEK key currently in use - to encrypt Looker data. Format: - `projects/{project}/locations/{location}/keyRings/{ring}/cryptoKeys/{key}/cryptoKeyVersions/{version}`. - Empty if CMEK is not configured in this instance. - readOnly: true + domain: type: string - AdminSettings: - id: AdminSettings - description: Looker instance Admin settings fields. - type: object - properties: - allowedEmailDomains: - description: Email domain allowlist for the instance. - type: array - items: - type: string - OAuthConfig: - id: OAuthConfig - description: Looker instance OAuth login settings. + description: Domain name. type: object + MaintenanceSchedule: properties: - clientId: - description: >- - Input only. Client ID from an external OAuth application. This is an - input-only field, and thus will not be set in any responses. + endTime: + format: google-datetime + description: The scheduled end time for the maintenance. type: string - clientSecret: - description: >- - Input only. Client secret from an external OAuth application. This - is an input-only field, and thus will not be set in any responses. + startTime: type: string - RestartInstanceRequest: - id: RestartInstanceRequest - description: Request options for restarting an instance. + description: The scheduled start time for the maintenance. + format: google-datetime type: object + id: MaintenanceSchedule + description: Published upcoming future maintenance schedule. + Empty: + id: Empty properties: {} - ListInstanceBackupsResponse: - id: ListInstanceBackupsResponse - description: Response from listing Looker instance backups. + type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + Date: type: object properties: - instanceBackups: + month: + type: integer description: >- - The list of instances matching the request filters, up to the - requested `page_size`. - type: array - items: - $ref: '#/components/schemas/InstanceBackup' - nextPageToken: + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. + format: int32 + year: + type: integer description: >- - If provided, a page token that can look up the next `page_size` - results. If empty, the results list is exhausted. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - InstanceBackup: - id: InstanceBackup - description: The details of a backup resource. - type: object - properties: - name: + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. + format: int32 + day: + format: int32 description: >- - Immutable. The relative resource name of the backup, in the - following form: - `projects/{project_number}/locations/{location_id}/instances/{instance_id}/backups/{backup}` - type: string - createTime: - description: Output only. The time when the backup was started. - readOnly: true - type: string - format: google-datetime - expireTime: - description: Output only. The time when the backup will be deleted. - readOnly: true + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. + type: integer + description: >- + Represents a whole or partial calendar date, such as a birthday. The + time of day and time zone are either specified elsewhere or are + insignificant. The date is relative to the Gregorian Calendar. This can + represent one of the following: * A full date, with non-zero year, + month, and day values. * A month and day, with a zero year (for example, + an anniversary). * A year on its own, with a zero month and a zero day. + * A year and month, with a zero day (for example, a credit card + expiration date). Related types: * google.type.TimeOfDay * + google.type.DateTime * google.protobuf.Timestamp + id: Date + ExportMetadataEncryptionKey: + properties: + cmek: + description: Name of the CMEK. type: string - format: google-datetime - state: - description: Output only. The current state of the backup. - readOnly: true + version: + description: Version of the CMEK. type: string - enumDescriptions: - - The state of the backup is unknown. - - The backup is being created. - - The backup is being deleted. - - The backup is active and ready to use. - - The backup failed. - enum: - - STATE_UNSPECIFIED - - CREATING - - DELETING - - ACTIVE - - FAILED - encryptionConfig: - description: Output only. Current status of the CMEK encryption - readOnly: true - $ref: '#/components/schemas/EncryptionConfig' - RestoreInstanceRequest: - id: RestoreInstanceRequest - description: Request options for restoring an instance type: object - properties: - backup: - description: >- - Required. Backup being used to restore the instance Format: - projects/{project}/locations/{location}/instances/{instance}/backups/{backup} - type: string - ImportInstanceRequest: - id: ImportInstanceRequest - description: Requestion options for importing looker data to an Instance + description: Encryption key details for the exported artifact. + id: ExportMetadataEncryptionKey + RestartInstanceRequest: type: object + id: RestartInstanceRequest + description: Request options for restarting an instance. + properties: {} + OAuthConfig: + description: Looker instance OAuth login settings. properties: - gcsUri: + clientSecret: description: >- - Path to the import folder in Google Cloud Storage, in the form - `gs://bucketName/folderName`. + Input only. Client secret from an external OAuth application. This + is an input-only field, and thus will not be set in any responses. type: string - ExportInstanceRequest: - id: ExportInstanceRequest - description: Request options for exporting data of an Instance. - type: object - properties: - gcsUri: + clientId: description: >- - The path to the folder in Google Cloud Storage where the export will - be stored. The URI is in the form `gs://bucketName/folderName`. + Input only. Client ID from an external OAuth application. This is an + input-only field, and thus will not be set in any responses. type: string - encryptionConfig: - description: >- - Required. Encryption configuration (CMEK). For CMEK enabled - instances it should be same as looker CMEK. - $ref: '#/components/schemas/ExportEncryptionConfig' - ExportEncryptionConfig: - id: ExportEncryptionConfig - description: Configuration for Encryption - e.g. CMEK. + id: OAuthConfig type: object - properties: - kmsKeyName: - description: Required. Name of the CMEK key in KMS. - type: string ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object properties: locations: + items: + $ref: '#/components/schemas/Location' description: >- A list of locations that matches the specified filter in the request. type: array - items: - $ref: '#/components/schemas/Location' nextPageToken: description: The standard List next-page token. type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + description: The response message for Locations.ListLocations. + id: ListLocationsResponse + type: object + ServiceAttachment: + description: Service attachment configuration. type: object properties: - name: + localFqdn: description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + Optional. Fully qualified domain name that will be used in the + private DNS record created for the service attachment. type: string - displayName: + localFqdns: + type: array + items: + type: string description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: + Optional. List of fully qualified domain names that will be used in + the private DNS record created for the service attachment. + failureReason: + readOnly: true description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: + Output only. Reason the service attachment creation failed. This + value will only be populated if the service attachment encounters an + issue during provisioning. + type: string + targetServiceAttachmentUri: description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. + Required. URI of the service attachment to connect to. Format: + projects/{project}/regions/{region}/serviceAttachments/{service_attachment} + type: string + connectionStatus: + enum: + - UNKNOWN + - ACCEPTED + - PENDING + - REJECTED + - NEEDS_ATTENTION + - CLOSED + enumDescriptions: + - Connection status is unspecified. + - Connection is established and functioning normally. + - >- + Connection is not established (Looker tenant project hasn't been + allowlisted). + - >- + Connection is not established (Looker tenant project is explicitly + in reject list). + - >- + Issue with target service attachment, e.g. NAT subnet is + exhausted. + - >- + Target service attachment does not exist. This status is a + terminal state. + type: string + description: Output only. Connection status. + readOnly: true + id: ServiceAttachment + InstanceBackup: type: object + id: InstanceBackup properties: + encryptionConfig: + readOnly: true + description: Output only. Current status of the CMEK encryption + $ref: '#/components/schemas/EncryptionConfig' createTime: - description: The time the operation was created. type: string + description: Output only. The time when the backup was started. + readOnly: true format: google-datetime - endTime: - description: The time the operation finished running. + state: + description: Output only. The current state of the backup. + enum: + - STATE_UNSPECIFIED + - CREATING + - DELETING + - ACTIVE + - FAILED type: string + enumDescriptions: + - The state of the backup is unknown. + - The backup is being created. + - The backup is being deleted. + - The backup is active and ready to use. + - The backup failed. + readOnly: true + expireTime: format: google-datetime - target: - description: Server-defined resource path for the target of the operation. - type: string - verb: - description: Name of the verb executed by the operation. - type: string - statusMessage: - description: Human-readable status of the operation, if any. + description: Output only. The time when the backup will be deleted. + readOnly: true type: string - requestedCancellation: + name: description: >- - Identifies whether the user has requested cancellation of the - operation. Operations that have successfully been cancelled have - Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - type: boolean - apiVersion: - description: API version used to start the operation. + Immutable. The relative resource name of the backup, in the + following form: + `projects/{project_number}/locations/{location_id}/instances/{instance_id}/backups/{backup}` type: string - ExportMetadata: - id: ExportMetadata - description: >- - ExportMetadata represents the metadata of the exported artifacts. The - metadata.json file in export artifact can be parsed as this message + description: The details of a backup resource. + ImportInstanceRequest: + id: ImportInstanceRequest type: object + description: Requestion options for importing looker data to an Instance properties: - lookerInstance: + gcsUri: description: >- - Name of the exported instance. Format: - projects/{project}/locations/{location}/instances/{instance} - type: string - lookerVersion: - description: Version of instance when the export was created. - type: string - lookerPlatformEdition: - description: Platform edition of the exported instance. + Path to the import folder in Google Cloud Storage, in the form + `gs://bucketName/folderName`. type: string - exportEncryptionKey: - description: Encryption key that was used to encrypt the export artifacts. - $ref: '#/components/schemas/ExportMetadataEncryptionKey' - lookerEncryptionKey: + ExportInstanceRequest: + type: object + description: Request options for exporting data of an Instance. + id: ExportInstanceRequest + properties: + gcsUri: description: >- - Looker encryption key, encrypted with the provided export encryption - key. This value will only be populated if the looker instance uses - Looker managed encryption instead of CMEK. + The path to the folder in Google Cloud Storage where the export will + be stored. The URI is in the form `gs://bucketName/folderName`. type: string - filePaths: + encryptionConfig: description: >- - List of files created as part of export artifact (excluding the - metadata). The paths are relative to the folder containing the - metadata. - type: array - items: - type: string - source: - description: The source type of the migration. - type: string - enumDescriptions: - - Source not specified - - Source of export is Looker Core - - Source of export is Looker Original - enum: - - SOURCE_UNSPECIFIED - - LOOKER_CORE - - LOOKER_ORIGINAL - ExportMetadataEncryptionKey: - id: ExportMetadataEncryptionKey - description: Encryption key details for the exported artifact. + Required. Encryption configuration (CMEK). For CMEK enabled + instances it should be same as looker CMEK. + $ref: '#/components/schemas/ExportEncryptionConfig' + DenyMaintenancePeriod: + properties: + time: + $ref: '#/components/schemas/TimeOfDay' + description: Required. Time in UTC when the period starts and ends. + startDate: + $ref: '#/components/schemas/Date' + description: Required. Start date of the deny maintenance period. + endDate: + description: Required. End date of the deny maintenance period. + $ref: '#/components/schemas/Date' type: object + id: DenyMaintenancePeriod + description: Specifies the maintenance denial period. + MaintenanceWindow: properties: - cmek: - description: Name of the CMEK. + dayOfWeek: + enum: + - DAY_OF_WEEK_UNSPECIFIED + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + - SUNDAY + description: Required. Day of the week for this MaintenanceWindow (in UTC). + enumDescriptions: + - The day of the week is unspecified. + - Monday + - Tuesday + - Wednesday + - Thursday + - Friday + - Saturday + - Sunday type: string - version: - description: Version of the CMEK. + startTime: + $ref: '#/components/schemas/TimeOfDay' + description: >- + Required. Time in UTC when the period starts. Maintenance will be + scheduled within 60 minutes. + description: Specifies the recurring maintenance window. + type: object + id: MaintenanceWindow + ListOperationsResponse: + type: object + description: The response message for Operations.ListOperations. + id: ListOperationsResponse + properties: + nextPageToken: + description: The standard List next-page token. type: string + unreachable: + items: + type: string + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + operations: + items: + $ref: '#/components/schemas/Operation' + description: >- + A list of operations that matches the specified filter in the + request. + type: array parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string alt: description: Data format for response. in: query @@ -925,25 +979,28 @@ components: - json - media - proto + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string callback: description: JSONP in: query name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: fields + name: uploadType schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: key + name: upload_protocol schema: type: string oauth_token: @@ -952,31 +1009,19 @@ components: name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: + key: description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: upload_protocol + name: key schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: uploadType + name: fields schema: type: string _.xgafv: @@ -988,46 +1033,34 @@ components: enum: - '1' - '2' - x-stackQL-resources: - locations: - id: google.looker.locations - name: locations - title: Locations - methods: - list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations - get: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string + x-stackQL-resources: operations: id: google.looker.operations name: operations title: Operations methods: - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations get: operation: $ref: >- @@ -1035,13 +1068,14 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable cancel: operation: $ref: >- @@ -1058,33 +1092,55 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - instances: - id: google.looker.instances - name: instances - title: Instances + backups: + id: google.looker.backups + name: backups + title: Backups methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}~1backups/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.instances + objectKey: $.unreachable create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}~1backups/post response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}~1backups~1{backupsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}~1backups~1{backupsId}/delete response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/backups/methods/get' + - $ref: '#/components/x-stackQL-resources/backups/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/backups/methods/create' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/backups/methods/delete' + instances: + id: google.looker.instances + name: instances + title: Instances + methods: delete: operation: $ref: >- @@ -1099,10 +1155,25 @@ components: response: mediaType: application/json openAPIDocKey: '200' - restart: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:restart/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.instances + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances/post response: mediaType: application/json openAPIDocKey: '200' @@ -1113,6 +1184,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + restart: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:restart/post + response: + mediaType: application/json + openAPIDocKey: '200' import: operation: $ref: >- @@ -1138,107 +1216,53 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/instances/methods/delete' - backups: - id: google.looker.backups - name: backups - title: Backups + locations: + id: google.looker.locations + name: locations + title: Locations methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}~1backups/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.instanceBackups - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}~1backups/post - response: - mediaType: application/json - openAPIDocKey: '200' get: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}~1backups~1{backupsId}/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}~1backups~1{backupsId}/delete + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.locations sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/backups/methods/get' - - $ref: '#/components/x-stackQL-resources/backups/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/backups/methods/create' + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' + insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/backups/methods/delete' + delete: [] paths: - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - get: - description: Lists information about the supported locations for this service. - operationId: looker.projects.locations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListLocationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 - get: - description: Gets information about a location. - operationId: looker.projects.locations.get + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: looker.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1250,7 +1274,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -1262,51 +1286,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: looker.projects.locations.operations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListOperationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - in: path - name: locationsId + name: operationsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this @@ -1341,13 +1325,13 @@ paths: required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/operations: + parameters: *ref_1 + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: looker.projects.locations.operations.delete + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: looker.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1359,7 +1343,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -1371,11 +1355,23 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: @@ -1423,11 +1419,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances: + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}/backups: parameters: *ref_1 get: - description: Lists Instances in a given project and location. - operationId: looker.projects.locations.instances.list + description: List backups of Looker instance. + operationId: looker.projects.locations.instances.backups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1439,7 +1435,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInstancesResponse' + $ref: '#/components/schemas/ListInstanceBackupsResponse' parameters: - in: path name: projectsId @@ -1451,23 +1447,32 @@ paths: required: true schema: type: string + - in: path + name: instancesId + required: true + schema: + type: string - in: query - name: pageSize + name: orderBy schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 post: - description: Creates a new Instance in a given project and location. - operationId: looker.projects.locations.instances.create + description: Backup Looker instance. + operationId: looker.projects.locations.instances.backups.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Instance' + $ref: '#/components/schemas/InstanceBackup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1491,15 +1496,16 @@ paths: required: true schema: type: string - - in: query - name: instanceId + - in: path + name: instancesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}: + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}/backups/{backupsId}: parameters: *ref_1 get: - description: Gets details of a single Instance. - operationId: looker.projects.locations.instances.get + description: '' + operationId: looker.projects.locations.instances.backups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1511,7 +1517,43 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Instance' + $ref: '#/components/schemas/InstanceBackup' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: instancesId + required: true + schema: + type: string + - in: path + name: backupsId + required: true + schema: + type: string + delete: + description: Delete backup. + operationId: looker.projects.locations.instances.backups.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -1528,6 +1570,13 @@ paths: required: true schema: type: string + - in: path + name: backupsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}: + parameters: *ref_1 delete: description: Delete instance. operationId: looker.projects.locations.instances.delete @@ -1604,16 +1653,9 @@ paths: schema: type: string format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:restart: - parameters: *ref_1 - post: - description: Restart instance. - operationId: looker.projects.locations.instances.restart - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RestartInstanceRequest' + get: + description: Gets details of a single Instance. + operationId: looker.projects.locations.instances.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1625,7 +1667,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Instance' parameters: - in: path name: projectsId @@ -1642,16 +1684,51 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:restore: + /v1/projects/{projectsId}/locations/{locationsId}/instances: parameters: *ref_1 + get: + description: Lists Instances in a given project and location. + operationId: looker.projects.locations.instances.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListInstancesResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string post: - description: Restore Looker instance. - operationId: looker.projects.locations.instances.restore + description: Creates a new Instance in a given project and location. + operationId: looker.projects.locations.instances.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/RestoreInstanceRequest' + $ref: '#/components/schemas/Instance' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1675,21 +1752,20 @@ paths: required: true schema: type: string - - in: path - name: instancesId - required: true + - in: query + name: instanceId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:import: + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:restore: parameters: *ref_1 post: - description: Import instance. - operationId: looker.projects.locations.instances.import + description: Restore Looker instance. + operationId: looker.projects.locations.instances.restore requestBody: content: application/json: schema: - $ref: '#/components/schemas/ImportInstanceRequest' + $ref: '#/components/schemas/RestoreInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1718,16 +1794,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:export: + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:restart: parameters: *ref_1 post: - description: Export instance. - operationId: looker.projects.locations.instances.export + description: Restart instance. + operationId: looker.projects.locations.instances.restart requestBody: content: application/json: schema: - $ref: '#/components/schemas/ExportInstanceRequest' + $ref: '#/components/schemas/RestartInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1756,11 +1832,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}/backups: + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:import: parameters: *ref_1 - get: - description: List backups of Looker instance. - operationId: looker.projects.locations.instances.backups.list + post: + description: Import instance. + operationId: looker.projects.locations.instances.import + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ImportInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1772,7 +1853,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInstanceBackupsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -1789,27 +1870,16 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy - schema: - type: string + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:export: + parameters: *ref_1 post: - description: Backup Looker instance. - operationId: looker.projects.locations.instances.backups.create + description: Export instance. + operationId: looker.projects.locations.instances.export requestBody: content: application/json: schema: - $ref: '#/components/schemas/InstanceBackup' + $ref: '#/components/schemas/ExportInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1838,11 +1908,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}/backups/{backupsId}: + /v1/projects/{projectsId}/locations/{locationsId}: parameters: *ref_1 get: - description: '' - operationId: looker.projects.locations.instances.backups.get + description: Gets information about a location. + operationId: looker.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1854,7 +1924,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/InstanceBackup' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId @@ -1866,19 +1936,11 @@ paths: required: true schema: type: string - - in: path - name: instancesId - required: true - schema: - type: string - - in: path - name: backupsId - required: true - schema: - type: string - delete: - description: Delete backup. - operationId: looker.projects.locations.instances.backups.delete + /v1/projects/{projectsId}/locations: + parameters: *ref_1 + get: + description: Lists information about the supported locations for this service. + operationId: looker.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1890,25 +1952,27 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: instancesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - - in: path - name: backupsId - required: true + - in: query + name: extraLocationTypes schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/managedidentities.yaml b/providers/src/googleapis.com/v00.00.00000/services/managedidentities.yaml index b659b65f..d76e2791 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/managedidentities.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/managedidentities.yaml @@ -11,7 +11,7 @@ info: (AD). version: v1 x-discovery-doc-revision: '20250116' - x-generated-date: '2025-08-28' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/managed-microsoft-ad/ servers: @@ -37,1523 +37,1439 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object + SqlIntegration: properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. + state: + enum: + - STATE_UNSPECIFIED + - CREATING + - DELETING + - READY + enumDescriptions: + - Not Set + - The SQL integration is being created. + - The SQL integration is being deleted. + - The SQL integration is ready. type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: + description: Output only. The current state of the SQL integration. + readOnly: true name: + type: string description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + The unique name of the SQL integration in the form of + `projects/{project_id}/locations/global/domains/{domain_name}/sqlIntegrations/{sql_integration}` + createTime: + description: Output only. The time the SQL integration was created. + readOnly: true + format: google-datetime type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + updateTime: + format: google-datetime + readOnly: true + description: Output only. The time the SQL integration was updated. type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + sqlInstance: + description: The full resource name of an integrated SQL instance type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + description: Represents the SQL instance integrated with Managed AD. + type: object + id: SqlIntegration ListOperationsResponse: id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object properties: operations: + items: + $ref: '#/components/schemas/Operation' description: >- A list of operations that matches the specified filter in the request. type: array - items: - $ref: '#/components/schemas/Operation' nextPageToken: - description: The standard List next-page token. type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + description: The standard List next-page token. + description: The response message for Operations.ListOperations. type: object + GoogleCloudSaasacceleratorManagementProvidersV1MaintenanceSettings: properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. + maintenancePolicies: type: object + description: >- + Optional. The MaintenancePolicies that have been attached to the + instance. The key must be of the type name of the oneof policy name + defined in MaintenancePolicy, and the embedded policy must define + the same policy type. For details, please refer to go/mr-user-guide. + Should not be set if maintenance_policy_names is set. If only the + name is needed, then only populate MaintenancePolicy.name. additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + $ref: '#/components/schemas/MaintenancePolicy' + exclude: description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. + Optional. Exclude instance from maintenance. When true, rollout + service will not attempt maintenance on the instance. Rollout + service will include the instance in reported rollout progress as + not attempted. type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + isRollback: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status + Optional. If the update call is triggered from rollback, set the + value as true. + type: boolean + type: object description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + Maintenance settings associated with instance. Allows service producers + and end users to assign settings that controls maintenance on this + instance. + id: GoogleCloudSaasacceleratorManagementProvidersV1MaintenanceSettings + DailyCycle: + id: DailyCycle type: object properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + duration: type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - Domain: - id: Domain - description: >- - Represents a managed Microsoft Active Directory domain. If the domain is - being changed, it will be placed into the UPDATING state, which - indicates that the resource is being reconciled. At this point, Get will - reflect an intermediate state. - type: object + description: Output only. Duration of the time window, set by service producer. + format: google-duration + startTime: + description: Time within the day to start the operations. + $ref: '#/components/schemas/TimeOfDay' + description: Time window specified for daily operations. + GoogleCloudSaasacceleratorManagementProvidersV1Instance: properties: - name: + maintenancePolicyNames: description: >- - Required. The unique name of the domain using the form: - `projects/{project_id}/locations/global/domains/{domain_name}`. - type: string - labels: - description: Optional. Resource labels that can contain user-provided metadata. - type: object + Optional. The MaintenancePolicies that have been attached to the + instance. The key must be of the type name of the oneof policy name + defined in MaintenancePolicy, and the referenced policy must define + the same policy type. For details, please refer to go/mr-user-guide. + Should not be set if maintenance_settings.maintenance_policies is + set. additionalProperties: type: string - authorizedNetworks: - description: >- - Optional. The full names of the Google Compute Engine - [networks](/compute/docs/networks-and-firewalls#networks) the domain - instance is connected to. Networks can be added using UpdateDomain. - The domain is only available on networks listed in - `authorized_networks`. If CIDR subnets overlap between networks, - domain creation will fail. + type: object + provisionedResources: + readOnly: true type: array items: - type: string - reservedIpRange: + $ref: >- + #/components/schemas/GoogleCloudSaasacceleratorManagementProvidersV1ProvisionedResource description: >- - Required. The CIDR range of internal addresses that are reserved for - this domain. Reserved networks must be /24 or larger. Ranges must be - unique and non-overlapping with existing subnets in - [Domain].[authorized_networks]. + Output only. The list of data plane resources provisioned for this + instance, e.g. compute VMs. See go/get-instance-metadata. + maintenanceSettings: + description: Optional. The MaintenanceSettings associated with instance. + $ref: >- + #/components/schemas/GoogleCloudSaasacceleratorManagementProvidersV1MaintenanceSettings + createTime: + format: google-datetime + description: Output only. Timestamp when the resource was created. + readOnly: true type: string - locations: + instanceType: description: >- - Required. Locations where domain needs to be provisioned. The - locations can be specified according to - https://cloud.google.com/compute/docs/regions-zones, such as - `us-west1` or `us-east4`. Each domain supports up to 4 locations, - separated by commas. Each location will use a /26 block. - type: array - items: - type: string - admin: - description: >- - Optional. The name of delegated administrator account used to - perform Active Directory operations. If not specified, `setupadmin` - will be used. - type: string - fqdn: - description: >- - Output only. The fully-qualified domain name of the exposed domain - used by clients to connect to the service. Similar to what would be - chosen for an Active Directory set up on an internal network. - readOnly: true - type: string - createTime: - description: Output only. The time the instance was created. - readOnly: true + Optional. The instance_type of this instance of format: + projects/{project_number}/locations/{location_id}/instanceTypes/{instance_type_id}. + Instance Type represents a high-level tier or SKU of the service + that this instance belong to. When enabled(eg: Maintenance Rollout), + Rollout uses 'instance_type' along with 'software_versions' to + determine whether instance needs an update or not. type: string - format: google-datetime - updateTime: - description: Output only. The last update time. - readOnly: true + consumerDefinedName: type: string - format: google-datetime + description: >- + consumer_defined_name is the name of the instance set by the service + consumers. Generally this is different from the `name` field which + reperesents the system-assigned id of the instance which the service + consumers do not recognize. This is a required field for tenants + onboarding to Maintenance Window notifications + (go/slm-rollout-maintenance-policies#prerequisites). + softwareVersions: + description: >- + Software versions that are used to deploy this instance. This can be + mutated by rollout services. + additionalProperties: + type: string + type: object state: - description: Output only. The current state of this domain. - readOnly: true - type: string - enumDescriptions: - - Not set. - - The domain is being created. - - The domain has been created and is fully usable. - - The domain's configuration is being updated. - - The domain is being deleted. - - >- - The domain is being repaired and may be unusable. Details can be - found in the `status_message` field. - - The domain is undergoing maintenance. - - The domain is not serving requests. enum: - STATE_UNSPECIFIED - CREATING - READY - UPDATING - - DELETING - REPAIRING - - PERFORMING_MAINTENANCE - - UNAVAILABLE - statusMessage: - description: >- - Output only. Additional information about the current status of this - domain, if available. + - DELETING + - ERROR readOnly: true + enumDescriptions: + - Unspecified state. + - Instance is being created. + - Instance has been created and is ready to use. + - Instance is being updated. + - Instance is unheathy and under repair. + - Instance is being deleted. + - Instance encountered an error and is in indeterministic state. type: string - trusts: - description: Output only. The current trusts associated with the domain. - readOnly: true - type: array - items: - $ref: '#/components/schemas/Trust' - auditLogsEnabled: - description: >- - Optional. Configuration for audit logs. True if audit logs are - enabled, else false. Default is audit logs disabled. - type: boolean - Trust: - id: Trust - description: >- - Represents a relationship between two domains. This allows a controller - in one domain to authenticate a user in another domain. If the trust is - being changed, it will be placed into the UPDATING state, which - indicates that the resource is being reconciled. At this point, Get will - reflect an intermediate state. - type: object - properties: - targetDomainName: description: >- - Required. The fully qualified target domain name which will be in - trust with the current domain. - type: string - trustType: - description: Required. The type of trust represented by the trust resource. + Output only. Current lifecycle state of the resource (e.g. if it's + being created or ready to use). + name: type: string - enumDescriptions: - - Not set. - - The forest trust. - - The external domain trust. - enum: - - TRUST_TYPE_UNSPECIFIED - - FOREST - - EXTERNAL - trustDirection: description: >- - Required. The trust direction, which decides if the current domain - is trusted, trusting, or both. + Unique name of the resource. It uses the form: + `projects/{project_number}/locations/{location_id}/instances/{instance_id}` + Note: This name is passed, stored and logged across the rollout + system. So use of consumer project_id or any other consumer PII in + the name is strongly discouraged for wipeout (go/wipeout) + compliance. See go/elysium/project_ids#storage-guidance for more + details. + tenantProjectId: type: string - enumDescriptions: - - Not set. - - The inbound direction represents the trusting side. - - The outboud direction represents the trusted side. - - >- - The bidirectional direction represents the trusted / trusting - side. - enum: - - TRUST_DIRECTION_UNSPECIFIED - - INBOUND - - OUTBOUND - - BIDIRECTIONAL - selectiveAuthentication: + readOnly: true description: >- - Optional. The trust authentication type, which decides whether the - trusted side has forest/domain wide access or selective access to an - approved set of resources. - type: boolean - targetDnsIpAddresses: + Output only. ID of the associated GCP tenant project. See + go/get-instance-metadata. + sloMetadata: + $ref: >- + #/components/schemas/GoogleCloudSaasacceleratorManagementProvidersV1SloMetadata + readOnly: true description: >- - Required. The target DNS server IP addresses which can resolve the - remote domain involved in the trust. - type: array - items: - type: string - trustHandshakeSecret: + Output only. SLO metadata for instance classification in the + Standardized dataplane SLO platform. See go/cloud-ssa-standard-slo + for feature description. + slmInstanceTemplate: description: >- - Required. The trust secret used for the handshake with the target - domain. This will not be stored. + Link to the SLM instance template. Only populated when updating SLM + instances via SSA's Actuation service adaptor. Service producers + with custom control plane (e.g. Cloud SQL) doesn't need to populate + this field. Instead they should use software_versions. type: string - createTime: - description: Output only. The time the instance was created. + labels: + description: >- + Optional. Resource labels to represent user provided metadata. Each + label is a key-value pair, where both the key and the value are + arbitrary strings provided by the user. + type: object + additionalProperties: + type: string + producerMetadata: + additionalProperties: + type: string + type: object + description: >- + Output only. Custom string attributes used primarily to expose + producer-specific information in monitoring dashboards. See + go/get-instance-metadata. readOnly: true - type: string - format: google-datetime + maintenanceSchedules: + description: >- + The MaintenanceSchedule contains the scheduling information of + published maintenance schedule with same key as software_versions. + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudSaasacceleratorManagementProvidersV1MaintenanceSchedule + type: object updateTime: - description: Output only. The last update time. - readOnly: true - type: string + description: Output only. Timestamp when the resource was last modified. format: google-datetime - state: - description: Output only. The current state of the trust. - readOnly: true type: string - enumDescriptions: - - Not set. - - The domain trust is being created. - - The domain trust is being updated. - - The domain trust is being deleted. - - The domain trust is connected. - - The domain trust is disconnected. - enum: - - STATE_UNSPECIFIED - - CREATING - - UPDATING - - DELETING - - CONNECTED - - DISCONNECTED - stateDescription: - description: >- - Output only. Additional information about the current state of the - trust, if available. readOnly: true - type: string - lastTrustHeartbeatTime: + notificationParameters: + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudSaasacceleratorManagementProvidersV1NotificationParameter + type: object description: >- - Output only. The last heartbeat time when the trust was known to be - connected. - readOnly: true - type: string - format: google-datetime - ResetAdminPasswordRequest: - id: ResetAdminPasswordRequest - description: Request message for ResetAdminPassword - type: object - properties: {} - ResetAdminPasswordResponse: - id: ResetAdminPasswordResponse - description: Response message for ResetAdminPassword - type: object - properties: - password: - description: A random password. See admin for more information. - type: string - ListDomainsResponse: - id: ListDomainsResponse - description: Response message for ListDomains + Optional. notification_parameter are information that service + producers may like to include that is not relevant to Rollout. This + parameter will only be passed to Gamma and Cloud Logging for + notification/logging purpose. type: object - properties: - domains: - description: A list of Managed Identities Service domains in the project. - type: array - items: - $ref: '#/components/schemas/Domain' - nextPageToken: - description: >- - A token to retrieve the next page of results, or empty if there are - no more results in the list. - type: string - unreachable: - description: A list of locations that could not be reached. - type: array - items: - type: string - DomainJoinMachineRequest: - id: DomainJoinMachineRequest + id: GoogleCloudSaasacceleratorManagementProvidersV1Instance description: >- - DomainJoinMachineRequest is the request message for DomainJoinMachine - method + Instance represents the interface for SLM services to actuate the state + of control plane resources. Example Instance in JSON, where + consumer-project-number=123456, producer-project-id=cloud-sql: ```json + Instance: { "name": + "projects/123456/locations/us-east1/instances/prod-instance", + "create_time": { "seconds": 1526406431, }, "labels": { "env": "prod", + "foo": "bar" }, "state": READY, "software_versions": { + "software_update": "cloud-sql-09-28-2018", }, + "maintenance_policy_names": { "UpdatePolicy": + "projects/123456/locations/us-east1/maintenancePolicies/prod-update-policy", + } "tenant_project_id": "cloud-sql-test-tenant", "producer_metadata": { + "cloud-sql-tier": "basic", "cloud-sql-instance-size": "1G", }, + "provisioned_resources": [ { "resource-type": "compute-instance", + "resource-url": + "https://www.googleapis.com/compute/v1/projects/cloud-sql/zones/us-east1-b/instances/vm-1", + } ], "maintenance_schedules": { "csa_rollout": { "start_time": { + "seconds": 1526406431, }, "end_time": { "seconds": 1535406431, }, }, + "ncsa_rollout": { "start_time": { "seconds": 1526406431, }, "end_time": + { "seconds": 1535406431, }, } }, "consumer_defined_name": + "my-sql-instance1", } ``` LINT.IfChange + Binding: type: object properties: - vmIdToken: - description: >- - Required. Full instance id token of compute engine VM to verify - instance identity. More about this: - https://cloud.google.com/compute/docs/instances/verifying-instance-identity#request_signature - type: string - ouName: - description: Optional. OU name where the VM needs to be domain joined + role: type: string - force: description: >- - Optional. force if True, forces domain join even if the computer - account already exists. - type: boolean - DomainJoinMachineResponse: - id: DomainJoinMachineResponse + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + condition: + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + members: + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + items: + type: string + type: array + description: Associates `members`, or principals, with a `role`. + id: Binding + EnableMigrationRequest: description: >- - DomainJoinMachineResponse is the response message for DomainJoinMachine - method + EnableMigrationRequest is the request message for EnableMigration + method. + id: EnableMigrationRequest type: object properties: - domainJoinBlob: - description: Offline domain join blob as the response - type: string - RestoreDomainRequest: - id: RestoreDomainRequest - description: RestoreDomainRequest is the request received by RestoreDomain rpc + migratingDomains: + type: array + description: Required. List of the on-prem domains to be migrated. + items: + $ref: '#/components/schemas/OnPremDomainDetails' + MaintenanceWindow: + properties: + dailyCycle: + $ref: '#/components/schemas/DailyCycle' + description: Daily cycle. + weeklyCycle: + description: Weekly cycle. + $ref: '#/components/schemas/WeeklyCycle' + id: MaintenanceWindow type: object + description: MaintenanceWindow definition. + DomainJoinMachineResponse: properties: - backupId: - description: Required. ID of the backup to be restored + domainJoinBlob: type: string - AttachTrustRequest: - id: AttachTrustRequest - description: Request message for AttachTrust + description: Offline domain join blob as the response + description: >- + DomainJoinMachineResponse is the response message for DomainJoinMachine + method + id: DomainJoinMachineResponse + type: object + TestIamPermissionsResponse: type: object + id: TestIamPermissionsResponse properties: - trust: - description: Required. The domain trust resource. - $ref: '#/components/schemas/Trust' + permissions: + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + items: + type: string + type: array + description: Response message for `TestIamPermissions` method. ReconfigureTrustRequest: - id: ReconfigureTrustRequest - description: Request message for ReconfigureTrust type: object + id: ReconfigureTrustRequest properties: - targetDomainName: - description: >- - Required. The fully-qualified target domain name which will be in - trust with current domain. - type: string targetDnsIpAddresses: + items: + type: string description: >- Required. The target DNS server IP addresses to resolve the remote domain involved in the trust. type: array - items: - type: string - DetachTrustRequest: - id: DetachTrustRequest - description: Request message for DetachTrust - type: object + targetDomainName: + type: string + description: >- + Required. The fully-qualified target domain name which will be in + trust with current domain. + description: Request message for ReconfigureTrust + OnPremDomainDetails: + description: >- + OnPremDomainDetails is the message which contains details of on-prem + domain which is trusted and needs to be migrated. properties: - trust: - description: Required. The domain trust resource to removed. - $ref: '#/components/schemas/Trust' - ValidateTrustRequest: - id: ValidateTrustRequest - description: Request message for ValidateTrust + disableSidFiltering: + type: boolean + description: Optional. Option to disable SID filtering. + domainName: + type: string + description: Required. FQDN of the on-prem domain being migrated. + id: OnPremDomainDetails type: object - properties: - trust: - description: Required. The domain trust to validate trust state for. - $ref: '#/components/schemas/Trust' - LDAPSSettings: - id: LDAPSSettings - description: >- - LDAPSSettings represents the ldaps settings for domain resource. LDAP is - the Lightweight Directory Access Protocol, defined in - https://tools.ietf.org/html/rfc4511. The settings object configures LDAP - over SSL/TLS, whether it is over port 636 or the StartTLS operation. If - LDAPSSettings is being changed, it will be placed into the UPDATING - state, which indicates that the resource is being reconciled. At this - point, Get will reflect an intermediate state. + OperationMetadata: + id: OperationMetadata type: object + description: Represents the metadata of the long-running operation. properties: - name: - description: >- - The resource name of the LDAPS settings. Uses the form: - `projects/{project}/locations/{location}/domains/{domain}`. + endTime: + description: Output only. The time the operation finished running. + format: google-datetime type: string - certificate: - description: >- - Output only. The certificate used to configure LDAPS. Certificates - can be chained with a maximum length of 15. readOnly: true - $ref: '#/components/schemas/Certificate' - state: - description: Output only. The current state of this LDAPS settings. - readOnly: true - type: string - enumDescriptions: - - Not Set - - The LDAPS setting is being updated. - - The LDAPS setting is ready. - - The LDAPS setting is not applied correctly. - enum: - - STATE_UNSPECIFIED - - UPDATING - - ACTIVE - - FAILED - certificatePfx: - description: >- - Input only. The uploaded PKCS12-formatted certificate to configure - LDAPS with. It will enable the domain controllers in this domain to - accept LDAPS connections (either LDAP over SSL/TLS or the StartTLS - operation). A valid certificate chain must form a valid x.509 - certificate chain (or be comprised of a single self-signed - certificate. It must be encrypted with either: 1) PBES2 + PBKDF2 + - AES256 encryption and SHA256 PRF; or 2) - pbeWithSHA1And3-KeyTripleDES-CBC Private key must be included for - the leaf / single self-signed certificate. Note: For a fqdn - your-example-domain.com, the wildcard fqdn is - *.your-example-domain.com. Specifically the leaf certificate must - have: - Either a blank subject or a subject with CN matching the - wildcard fqdn. - Exactly two SANs - the fqdn and wildcard fqdn. - - Encipherment and digital key signature key usages. - Server - authentication extended key usage (OID=1.3.6.1.5.5.7.3.1) - Private - key must be in one of the following formats: RSA, ECDSA, ED25519. - - Private key must have appropriate key length: 2048 for RSA, 256 for - ECDSA - Signature algorithm of the leaf certificate cannot be MD2, - MD5 or SHA1. - type: string - format: byte - certificatePassword: - description: >- - Input only. The password used to encrypt the uploaded PFX - certificate. + apiVersion: type: string - updateTime: - description: Output only. Last update time. + description: Output only. API version used to start the operation. + readOnly: true + verb: + description: Output only. Name of the verb executed by the operation. readOnly: true type: string + createTime: + description: Output only. The time the operation was created. format: google-datetime - Certificate: - id: Certificate - description: Certificate used to configure LDAPS. - type: object - properties: - subject: - description: The certificate subject. - type: string - thumbprint: - description: >- - The certificate thumbprint which uniquely identifies the - certificate. - type: string - subjectAlternativeName: - description: The additional hostnames for the domain. - type: array - items: - type: string - issuingCertificate: - description: The issuer of this certificate. - $ref: '#/components/schemas/Certificate' - expireTime: - description: The certificate expire time. type: string - format: google-datetime - Peering: - id: Peering - description: Represents a Managed Service for Microsoft Active Directory Peering. - type: object - properties: - name: - description: >- - Output only. Unique name of the peering in this scope including - projects and location using the form: - `projects/{project_id}/locations/global/peerings/{peering_id}`. + readOnly: true + statusDetail: readOnly: true type: string - labels: - description: Optional. Resource labels to represent user-provided metadata. - type: object - additionalProperties: - type: string - authorizedNetwork: + description: Output only. Human-readable status of the operation, if any. + cancelRequested: + readOnly: true + type: boolean description: >- - Required. The full names of the Google Compute Engine - [networks](/compute/docs/networks-and-firewalls#networks) to which - the instance is connected. Caller needs to make sure that CIDR - subnets do not overlap between networks, else peering creation will - fail. + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have been cancelled successfully + have google.longrunning.Operation.error value with a + google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. + target: + readOnly: true type: string - domainResource: description: >- - Required. Full domain resource path for the Managed AD Domain - involved in peering. The resource path should be in the form: - `projects/{project_id}/locations/global/domains/{domain_name}` - type: string + Output only. Server-defined resource path for the target of the + operation. + Backup: + properties: createTime: - description: Output only. The time the instance was created. + description: Output only. The time the backups was created. readOnly: true - type: string format: google-datetime - updateTime: - description: Output only. Last update time. - readOnly: true type: string - format: google-datetime state: - description: Output only. The current state of this Peering. readOnly: true - type: string enumDescriptions: - Not set. - - Peering is being created. - - Peering is connected. - - Peering is disconnected. - - Peering is being deleted. + - Backup is being created. + - Backup has been created and validated. + - Backup has been created but failed validation. + - Backup is being deleted. + description: Output only. The current state of the backup. enum: - STATE_UNSPECIFIED - CREATING - - CONNECTED - - DISCONNECTED + - ACTIVE + - FAILED - DELETING - statusMessage: - description: >- - Output only. Additional information about the current status of this - peering, if available. - readOnly: true type: string - ListPeeringsResponse: - id: ListPeeringsResponse - description: ListPeeringsResponse is the response message for ListPeerings method. - type: object - properties: - peerings: - description: A list of Managed Identities Service Peerings in the project. - type: array - items: - $ref: '#/components/schemas/Peering' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - Backup: - id: Backup - description: Represents a Managed Microsoft Identities backup. - type: object - properties: - name: - description: >- - Output only. The unique name of the Backup in the form of - `projects/{project_id}/locations/global/domains/{domain_name}/backups/{name}` + updateTime: + format: google-datetime readOnly: true + description: Output only. Last update time. type: string labels: - description: Optional. Resource labels to represent user provided metadata. type: object + description: Optional. Resource labels to represent user provided metadata. additionalProperties: type: string - createTime: - description: Output only. The time the backups was created. - readOnly: true + statusMessage: + description: >- + Output only. Additional information about the current status of this + backup, if available. type: string - format: google-datetime - updateTime: - description: Output only. Last update time. readOnly: true - type: string - format: google-datetime type: + type: string + enum: + - TYPE_UNSPECIFIED + - ON_DEMAND + - SCHEDULED description: >- Output only. Indicates whether it’s an on-demand backup or scheduled. readOnly: true - type: string enumDescriptions: - Backup was manually created. - Backup was manually created. - Backup was automatically created. - enum: - - TYPE_UNSPECIFIED - - ON_DEMAND - - SCHEDULED - state: - description: Output only. The current state of the backup. - readOnly: true - type: string - enumDescriptions: - - Not set. - - Backup is being created. - - Backup has been created and validated. - - Backup has been created but failed validation. - - Backup is being deleted. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - FAILED - - DELETING - statusMessage: + name: description: >- - Output only. Additional information about the current status of this - backup, if available. + Output only. The unique name of the Backup in the form of + `projects/{project_id}/locations/global/domains/{domain_name}/backups/{name}` readOnly: true type: string - ListBackupsResponse: - id: ListBackupsResponse - description: ListBackupsResponse is the response message for ListBackups method. + id: Backup + description: Represents a Managed Microsoft Identities backup. type: object + ListBackupsResponse: properties: - backups: - description: A list of Cloud AD backups in the domain. - type: array - items: - $ref: '#/components/schemas/Backup' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string unreachable: description: Locations that could not be reached. - type: array items: type: string - ListSqlIntegrationsResponse: - id: ListSqlIntegrationsResponse - description: >- - ListSqlIntegrationsResponse is the response message for - ListSqlIntegrations method. - type: object - properties: - sqlIntegrations: - description: A list of SQLIntegrations of a domain. + type: array + backups: type: array items: - $ref: '#/components/schemas/SqlIntegration' + $ref: '#/components/schemas/Backup' + description: A list of Cloud AD backups in the domain. nextPageToken: + type: string description: >- Token to retrieve the next page of results, or empty if there are no more results in the list. - type: string - unreachable: - description: A list of locations that could not be reached. - type: array - items: - type: string - SqlIntegration: - id: SqlIntegration - description: Represents the SQL instance integrated with Managed AD. + description: ListBackupsResponse is the response message for ListBackups method. + id: ListBackupsResponse type: object - properties: - name: - description: >- - The unique name of the SQL integration in the form of - `projects/{project_id}/locations/global/domains/{domain_name}/sqlIntegrations/{sql_integration}` - type: string - sqlInstance: - description: The full resource name of an integrated SQL instance - type: string - createTime: - description: Output only. The time the SQL integration was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time the SQL integration was updated. - readOnly: true - type: string - format: google-datetime - state: - description: Output only. The current state of the SQL integration. - readOnly: true - type: string - enumDescriptions: - - Not Set - - The SQL integration is being created. - - The SQL integration is being deleted. - - The SQL integration is ready. - enum: - - STATE_UNSPECIFIED - - CREATING - - DELETING - - READY - ExtendSchemaRequest: - id: ExtendSchemaRequest - description: ExtendSchemaRequest is the request message for ExtendSchema method. + GoogleCloudSaasacceleratorManagementProvidersV1SloEligibility: + id: GoogleCloudSaasacceleratorManagementProvidersV1SloEligibility type: object properties: - description: - description: Required. Description for Schema Change. + eligible: + type: boolean + description: Whether an instance is eligible or ineligible. + reason: type: string - gcsPath: description: >- - File stored in Cloud Storage bucket and represented in the form - projects/{project_id}/buckets/{bucket_name}/objects/{object_name} - File should be in the same project as the domain. - type: string - fileContents: - description: File uploaded as a byte stream input. - type: string - format: byte - EnableMigrationRequest: - id: EnableMigrationRequest + User-defined reason for the current value of instance eligibility. + Usually, this can be directly mapped to the internal state. An empty + reason is allowed. description: >- - EnableMigrationRequest is the request message for EnableMigration - method. + SloEligibility is a tuple containing eligibility value: true if an + instance is eligible for SLO calculation or false if it should be + excluded from all SLO-related calculations along with a user-defined + reason. + UpdatePolicy: type: object + id: UpdatePolicy properties: - migratingDomains: - description: Required. List of the on-prem domains to be migrated. - type: array + denyMaintenancePeriods: items: - $ref: '#/components/schemas/OnPremDomainDetails' - OnPremDomainDetails: - id: OnPremDomainDetails - description: >- - OnPremDomainDetails is the message which contains details of on-prem - domain which is trusted and needs to be migrated. - type: object + $ref: '#/components/schemas/DenyMaintenancePeriod' + type: array + description: >- + Deny Maintenance Period that is applied to resource to indicate when + maintenance is forbidden. The protocol supports zero-to-many such + periods, but the current SLM Rollout implementation only supports + zero-to-one. + window: + $ref: '#/components/schemas/MaintenanceWindow' + description: >- + Optional. Maintenance window that is applied to resources covered by + this policy. + channel: + enum: + - UPDATE_CHANNEL_UNSPECIFIED + - EARLIER + - LATER + - WEEK1 + - WEEK2 + - WEEK5 + description: Optional. Relative scheduling channel applied to resource. + type: string + enumDescriptions: + - Unspecified channel. + - Early channel within a customer project. + - Later channel within a customer project. + - >- + ! ! The follow channels can ONLY be used if you adopt the new MW + system! ! ! NOTE: all WEEK channels are assumed to be under a + weekly window. ! There is currently no dedicated channel + definitions for Daily windows. ! If you use Daily window, the + system will assume a 1d (24Hours) advanced ! notification period + b/w EARLY and LATER. ! We may consider support more flexible daily + channel specifications in ! the future. WEEK1 == EARLIER with + minimum 7d advanced notification. {7d, 14d} The system will treat + them equally and will use WEEK1 whenever it can. New customers are + encouraged to use this channel annotation. + - WEEK2 == LATER with minimum 14d advanced notification {14d, 21d}. + - >- + WEEK5 == 40d support. minimum 35d advanced notification {35d, + 42d}. + description: Maintenance policy applicable to instance updates. + Operation: properties: - domainName: - description: Required. FQDN of the on-prem domain being migrated. + response: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string - disableSidFiltering: - description: Optional. Option to disable SID filtering. + done: type: boolean - DisableMigrationRequest: - id: DisableMigrationRequest - description: >- - DisableMigrationRequest is the request message for DisableMigration - method. - type: object - properties: {} - CheckMigrationPermissionRequest: - id: CheckMigrationPermissionRequest + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + metadata: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. description: >- - CheckMigrationPermissionRequest is the request message for - CheckMigrationPermission method. + This resource represents a long-running operation that is the result of + a network API call. + id: Operation type: object - properties: {} - CheckMigrationPermissionResponse: - id: CheckMigrationPermissionResponse - description: >- - CheckMigrationPermissionResponse is the response message for - CheckMigrationPermission method. + TestIamPermissionsRequest: type: object + id: TestIamPermissionsRequest properties: - state: - description: The state of DomainMigration. - type: string - enumDescriptions: - - DomainMigration is in unspecified state. - - Domain Migration is Disabled. - - Domain Migration is Enabled. - - Domain Migration is not in valid state. - enum: - - STATE_UNSPECIFIED - - DISABLED - - ENABLED - - NEEDS_MAINTENANCE - onpremDomains: - description: >- - The state of SID filtering of all the domains which has trust - established. - type: array + permissions: items: - $ref: '#/components/schemas/OnPremDomainSIDDetails' - OnPremDomainSIDDetails: - id: OnPremDomainSIDDetails - description: >- - OnPremDomainDetails is the message which contains details of on-prem - domain which is trusted and needs to be migrated. + type: string + type: array + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + description: Request message for `TestIamPermissions` method. + AttachTrustRequest: + properties: + trust: + description: Required. The domain trust resource. + $ref: '#/components/schemas/Trust' + type: object + id: AttachTrustRequest + description: Request message for AttachTrust + Location: type: object properties: name: - description: FQDN of the on-prem domain being migrated. - type: string - sidFilteringState: - description: Current SID filtering state. type: string - enumDescriptions: - - SID Filtering is in unspecified state. - - SID Filtering is Enabled. - - SID Filtering is Disabled. - enum: - - SID_FILTERING_STATE_UNSPECIFIED - - ENABLED - - DISABLED - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). - type: object - properties: - version: + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + metadata: description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + Service-specific metadata. For example the available capacity at the + given location. + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + labels: + additionalProperties: + type: string + type: object description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + locationId: + type: string + description: 'The canonical id for this location. For example: `"us-east1"`.' + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + id: Location + description: A resource that represents a Google Cloud location. + Schedule: + type: object + description: Configure the schedule. + properties: + startTime: + description: Time within the window to start the operations. + $ref: '#/components/schemas/TimeOfDay' + duration: + description: Output only. Duration of the time window, set by service producer. + format: google-duration + type: string + day: + enumDescriptions: + - The day of the week is unspecified. + - Monday + - Tuesday + - Wednesday + - Thursday + - Friday + - Saturday + - Sunday + enum: + - DAY_OF_WEEK_UNSPECIFIED + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + - SUNDAY + type: string + description: Allows to define schedule that runs specified day of the week. + id: Schedule + ListLocationsResponse: + description: The response message for Locations.ListLocations. + type: object + properties: + locations: items: - $ref: '#/components/schemas/Binding' - etag: + $ref: '#/components/schemas/Location' + type: array description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + A list of locations that matches the specified filter in the + request. + nextPageToken: + description: The standard List next-page token. type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + id: ListLocationsResponse + Domain: type: object properties: - role: + createTime: + description: Output only. The time the instance was created. + format: google-datetime + readOnly: true + type: string + updateTime: + readOnly: true + format: google-datetime + description: Output only. The last update time. + type: string + statusMessage: + readOnly: true description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + Output only. Additional information about the current status of this + domain, if available. type: string - members: + locations: + items: + type: string description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + Required. Locations where domain needs to be provisioned. The + locations can be specified according to + https://cloud.google.com/compute/docs/regions-zones, such as + `us-west1` or `us-east4`. Each domain supports up to 4 locations, + separated by commas. Each location will use a /26 block. type: array + fqdn: + type: string + readOnly: true + description: >- + Output only. The fully-qualified domain name of the exposed domain + used by clients to connect to the service. Similar to what would be + chosen for an Active Directory set up on an internal network. + admin: + type: string + description: >- + Optional. The name of delegated administrator account used to + perform Active Directory operations. If not specified, `setupadmin` + will be used. + auditLogsEnabled: + description: >- + Optional. Configuration for audit logs. True if audit logs are + enabled, else false. Default is audit logs disabled. + type: boolean + authorizedNetworks: + description: >- + Optional. The full names of the Google Compute Engine + [networks](/compute/docs/networks-and-firewalls#networks) the domain + instance is connected to. Networks can be added using UpdateDomain. + The domain is only available on networks listed in + `authorized_networks`. If CIDR subnets overlap between networks, + domain creation will fail. items: type: string - condition: + type: array + labels: + additionalProperties: + type: string + description: Optional. Resource labels that can contain user-provided metadata. + type: object + trusts: + description: Output only. The current trusts associated with the domain. + items: + $ref: '#/components/schemas/Trust' + type: array + readOnly: true + name: description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr + Required. The unique name of the domain using the form: + `projects/{project_id}/locations/global/domains/{domain_name}`. + type: string + reservedIpRange: + description: >- + Required. The CIDR range of internal addresses that are reserved for + this domain. Reserved networks must be /24 or larger. Ranges must be + unique and non-overlapping with existing subnets in + [Domain].[authorized_networks]. + type: string + state: + type: string + enumDescriptions: + - Not set. + - The domain is being created. + - The domain has been created and is fully usable. + - The domain's configuration is being updated. + - The domain is being deleted. + - >- + The domain is being repaired and may be unusable. Details can be + found in the `status_message` field. + - The domain is undergoing maintenance. + - The domain is not serving requests. + readOnly: true + enum: + - STATE_UNSPECIFIED + - CREATING + - READY + - UPDATING + - DELETING + - REPAIRING + - PERFORMING_MAINTENANCE + - UNAVAILABLE + description: Output only. The current state of this domain. + id: Domain description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + Represents a managed Microsoft Active Directory domain. If the domain is + being changed, it will be placed into the UPDATING state, which + indicates that the resource is being reconciled. At this point, Get will + reflect an intermediate state. + ListPeeringsResponse: + properties: + peerings: + description: A list of Managed Identities Service Peerings in the project. + items: + $ref: '#/components/schemas/Peering' + type: array + unreachable: + items: + type: string + type: array + description: Locations that could not be reached. + nextPageToken: + type: string + description: >- + Token to retrieve the next page of results, or empty if there are no + more results in the list. + type: object + description: ListPeeringsResponse is the response message for ListPeerings method. + id: ListPeeringsResponse + CheckMigrationPermissionResponse: + description: >- + CheckMigrationPermissionResponse is the response message for + CheckMigrationPermission method. + type: object + properties: + state: + type: string + enumDescriptions: + - DomainMigration is in unspecified state. + - Domain Migration is Disabled. + - Domain Migration is Enabled. + - Domain Migration is not in valid state. + description: The state of DomainMigration. + enum: + - STATE_UNSPECIFIED + - DISABLED + - ENABLED + - NEEDS_MAINTENANCE + onpremDomains: + type: array + items: + $ref: '#/components/schemas/OnPremDomainSIDDetails' + description: >- + The state of SID filtering of all the domains which has trust + established. + id: CheckMigrationPermissionResponse + DisableMigrationRequest: + type: object + description: >- + DisableMigrationRequest is the request message for DisableMigration + method. + properties: {} + id: DisableMigrationRequest + RestoreDomainRequest: + properties: + backupId: + description: Required. ID of the backup to be restored + type: string + description: RestoreDomainRequest is the request received by RestoreDomain rpc + id: RestoreDomainRequest + type: object + SetIamPolicyRequest: + id: SetIamPolicyRequest + properties: + policy: + $ref: '#/components/schemas/Policy' + description: >- + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + description: Request message for `SetIamPolicy` method. + type: object + GoogleCloudManagedidentitiesV1OpMetadata: + properties: + target: + readOnly: true + description: >- + Output only. Server-defined resource path for the target of the + operation. + type: string + requestedCancellation: + description: >- + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. + type: boolean + readOnly: true + endTime: + type: string + format: google-datetime + description: Output only. The time the operation finished running. + readOnly: true + verb: + description: Output only. Name of the verb executed by the operation. + readOnly: true + type: string + apiVersion: + type: string + description: Output only. API version used to start the operation. + readOnly: true + createTime: + description: Output only. The time the operation was created. + format: google-datetime + type: string + readOnly: true + description: Represents the metadata of the long-running operation. type: object + id: GoogleCloudManagedidentitiesV1OpMetadata + GoogleCloudSaasacceleratorManagementProvidersV1NodeSloMetadata: properties: - expression: + nodeId: description: >- - Textual representation of an expression in Common Expression - Language syntax. + The id of the node. This should be equal to + SaasInstanceNode.node_id. type: string - title: + perSliEligibility: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + If present, this will override eligibility for the node coming from + instance or exclusions for specified SLIs. + $ref: >- + #/components/schemas/GoogleCloudSaasacceleratorManagementProvidersV1PerSliSloEligibility + location: + description: The location of the node, if different from instance location. type: string - description: + type: object + description: >- + Node information for custom per-node SLO implementations. SSA does not + support per-node SLO, but producers can populate per-node information in + SloMetadata for custom precomputations. SSA Eligibility Exporter will + emit per-node metric based on this information. + id: GoogleCloudSaasacceleratorManagementProvidersV1NodeSloMetadata + CancelOperationRequest: + type: object + properties: {} + description: The request message for Operations.CancelOperation. + id: CancelOperationRequest + ResetAdminPasswordRequest: + properties: {} + type: object + description: Request message for ResetAdminPassword + id: ResetAdminPasswordRequest + GoogleCloudSaasacceleratorManagementProvidersV1MaintenanceSchedule: + properties: + endTime: + type: string + format: google-datetime + description: The scheduled end time for the maintenance. + canReschedule: + type: boolean description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + This field is deprecated, and will be always set to true since + reschedule can happen multiple times now. This field should not be + removed until all service producers remove this for their customers. + deprecated: true + rolloutManagementPolicy: + description: >- + The rollout management policy this maintenance schedule is + associated with. When doing reschedule update request, the + reschedule should be against this given policy. type: string - location: + startTime: + format: google-datetime + description: The scheduled start time for the maintenance. + type: string + scheduleDeadlineTime: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + schedule_deadline_time is the time deadline any schedule start time + cannot go beyond, including reschedule. It's normally the initial + schedule start time plus maintenance window length (1 day or 1 + week). Maintenance cannot be scheduled to start beyond this + deadline. type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. + format: google-datetime + description: >- + Maintenance schedule which is exposed to customer and potentially end + user, indicating published upcoming future maintenance schedule + id: GoogleCloudSaasacceleratorManagementProvidersV1MaintenanceSchedule type: object + ListSqlIntegrationsResponse: properties: - permissions: - description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). + unreachable: type: array items: type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object - properties: - permissions: + description: A list of locations that could not be reached. + nextPageToken: description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. + Token to retrieve the next page of results, or empty if there are no + more results in the list. + type: string + sqlIntegrations: + description: A list of SQLIntegrations of a domain. type: array items: - type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. + $ref: '#/components/schemas/SqlIntegration' + type: object + id: ListSqlIntegrationsResponse + description: >- + ListSqlIntegrationsResponse is the response message for + ListSqlIntegrations method. + Peering: + id: Peering type: object properties: - createTime: - description: Output only. The time the operation was created. + statusMessage: + description: >- + Output only. Additional information about the current status of this + peering, if available. readOnly: true type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. + name: readOnly: true + description: >- + Output only. Unique name of the peering in this scope including + projects and location using the form: + `projects/{project_id}/locations/global/peerings/{peering_id}`. + type: string + authorizedNetwork: type: string - format: google-datetime - target: description: >- - Output only. Server-defined resource path for the target of the - operation. + Required. The full names of the Google Compute Engine + [networks](/compute/docs/networks-and-firewalls#networks) to which + the instance is connected. Caller needs to make sure that CIDR + subnets do not overlap between networks, else peering creation will + fail. + domainResource: + description: >- + Required. Full domain resource path for the Managed AD Domain + involved in peering. The resource path should be in the form: + `projects/{project_id}/locations/global/domains/{domain_name}` + type: string + labels: + description: Optional. Resource labels to represent user-provided metadata. + additionalProperties: + type: string + type: object + createTime: readOnly: true + description: Output only. The time the instance was created. + format: google-datetime + type: string + updateTime: + format: google-datetime type: string - verb: - description: Output only. Name of the verb executed by the operation. readOnly: true + description: Output only. Last update time. + state: type: string - statusDetail: - description: Output only. Human-readable status of the operation, if any. + enumDescriptions: + - Not set. + - Peering is being created. + - Peering is connected. + - Peering is disconnected. + - Peering is being deleted. readOnly: true + enum: + - STATE_UNSPECIFIED + - CREATING + - CONNECTED + - DISCONNECTED + - DELETING + description: Output only. The current state of this Peering. + description: Represents a Managed Service for Microsoft Active Directory Peering. + Certificate: + properties: + expireTime: type: string - cancelRequested: + format: google-datetime + description: The certificate expire time. + subject: + type: string + description: The certificate subject. + issuingCertificate: + $ref: '#/components/schemas/Certificate' + description: The issuer of this certificate. + subjectAlternativeName: + items: + type: string + type: array + description: The additional hostnames for the domain. + thumbprint: description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been cancelled successfully - have google.longrunning.Operation.error value with a - google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + The certificate thumbprint which uniquely identifies the + certificate. type: string - GoogleCloudManagedidentitiesV1OpMetadata: - id: GoogleCloudManagedidentitiesV1OpMetadata - description: Represents the metadata of the long-running operation. + description: Certificate used to configure LDAPS. + type: object + id: Certificate + ValidateTrustRequest: + id: ValidateTrustRequest + properties: + trust: + $ref: '#/components/schemas/Trust' + description: Required. The domain trust to validate trust state for. + type: object + description: Request message for ValidateTrust + GoogleCloudSaasacceleratorManagementProvidersV1PerSliSloEligibility: + id: GoogleCloudSaasacceleratorManagementProvidersV1PerSliSloEligibility + description: PerSliSloEligibility is a mapping from an SLI name to eligibility. + type: object + properties: + eligibilities: + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudSaasacceleratorManagementProvidersV1SloEligibility + description: >- + An entry in the eligibilities map specifies an eligibility for a + particular SLI for the given instance. The SLI key in the name must + be a valid SLI name specified in the Eligibility Exporter binary + flags otherwise an error will be emitted by Eligibility Exporter and + the oncaller will be alerted. If an SLI has been defined in the + binary flags but the eligibilities map does not contain it, the + corresponding SLI time series will not be emitted by the Eligibility + Exporter. This ensures a smooth rollout and compatibility between + the data produced by different versions of the Eligibility + Exporters. If eligibilities map contains a key for an SLI which has + not been declared in the binary flags, there will be an error + message emitted in the Eligibility Exporter log and the metric for + the SLI in question will not be emitted. + type: object + WeeklyCycle: + properties: + schedule: + items: + $ref: '#/components/schemas/Schedule' + description: User can specify multiple windows in a week. Minimum of 1 window. + type: array + id: WeeklyCycle type: object + description: Time window specified for weekly operations. + GoogleCloudManagedidentitiesV1beta1OpMetadata: properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime endTime: description: Output only. The time the operation finished running. - readOnly: true - type: string format: google-datetime - target: - description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - requestedCancellation: - description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. readOnly: true type: string - GoogleCloudManagedidentitiesV1alpha1OpMetadata: - id: GoogleCloudManagedidentitiesV1alpha1OpMetadata - description: Represents the metadata of the long-running operation. - type: object - properties: createTime: description: Output only. The time the operation was created. - readOnly: true type: string format: google-datetime - endTime: - description: Output only. The time the operation finished running. readOnly: true - type: string - format: google-datetime target: - description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - requestedCancellation: - description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string - GoogleCloudManagedidentitiesV1beta1OpMetadata: - id: GoogleCloudManagedidentitiesV1beta1OpMetadata - description: Represents the metadata of the long-running operation. - type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. readOnly: true - type: string - format: google-datetime - target: description: >- Output only. Server-defined resource path for the target of the operation. + verb: readOnly: true type: string - verb: description: Output only. Name of the verb executed by the operation. + apiVersion: + description: Output only. API version used to start the operation. readOnly: true type: string requestedCancellation: + readOnly: true + type: boolean description: >- Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string - GoogleCloudSaasacceleratorManagementProvidersV1Instance: - id: GoogleCloudSaasacceleratorManagementProvidersV1Instance - description: >- - Instance represents the interface for SLM services to actuate the state - of control plane resources. Example Instance in JSON, where - consumer-project-number=123456, producer-project-id=cloud-sql: ```json - Instance: { "name": - "projects/123456/locations/us-east1/instances/prod-instance", - "create_time": { "seconds": 1526406431, }, "labels": { "env": "prod", - "foo": "bar" }, "state": READY, "software_versions": { - "software_update": "cloud-sql-09-28-2018", }, - "maintenance_policy_names": { "UpdatePolicy": - "projects/123456/locations/us-east1/maintenancePolicies/prod-update-policy", - } "tenant_project_id": "cloud-sql-test-tenant", "producer_metadata": { - "cloud-sql-tier": "basic", "cloud-sql-instance-size": "1G", }, - "provisioned_resources": [ { "resource-type": "compute-instance", - "resource-url": - "https://www.googleapis.com/compute/v1/projects/cloud-sql/zones/us-east1-b/instances/vm-1", - } ], "maintenance_schedules": { "csa_rollout": { "start_time": { - "seconds": 1526406431, }, "end_time": { "seconds": 1535406431, }, }, - "ncsa_rollout": { "start_time": { "seconds": 1526406431, }, "end_time": - { "seconds": 1535406431, }, } }, "consumer_defined_name": - "my-sql-instance1", } ``` LINT.IfChange type: object + id: GoogleCloudManagedidentitiesV1beta1OpMetadata + description: Represents the metadata of the long-running operation. + Policy: properties: - name: - description: >- - Unique name of the resource. It uses the form: - `projects/{project_number}/locations/{location_id}/instances/{instance_id}` - Note: This name is passed, stored and logged across the rollout - system. So use of consumer project_id or any other consumer PII in - the name is strongly discouraged for wipeout (go/wipeout) - compliance. See go/elysium/project_ids#storage-guidance for more - details. - type: string - createTime: - description: Output only. Timestamp when the resource was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Timestamp when the resource was last modified. - readOnly: true - type: string - format: google-datetime - labels: - description: >- - Optional. Resource labels to represent user provided metadata. Each - label is a key-value pair, where both the key and the value are - arbitrary strings provided by the user. - type: object - additionalProperties: - type: string - state: + etag: + format: byte description: >- - Output only. Current lifecycle state of the resource (e.g. if it's - being created or ready to use). - readOnly: true + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. type: string - enumDescriptions: - - Unspecified state. - - Instance is being created. - - Instance has been created and is ready to use. - - Instance is being updated. - - Instance is unheathy and under repair. - - Instance is being deleted. - - Instance encountered an error and is in indeterministic state. - enum: - - STATE_UNSPECIFIED - - CREATING - - READY - - UPDATING - - REPAIRING - - DELETING - - ERROR - softwareVersions: + version: + format: int32 + type: integer description: >- - Software versions that are used to deploy this instance. This can be - mutated by rollout services. - type: object - additionalProperties: - type: string - maintenancePolicyNames: + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + bindings: + type: array description: >- - Optional. The MaintenancePolicies that have been attached to the - instance. The key must be of the type name of the oneof policy name - defined in MaintenancePolicy, and the referenced policy must define - the same policy type. For details, please refer to go/mr-user-guide. - Should not be set if maintenance_settings.maintenance_policies is - set. - type: object - additionalProperties: - type: string - tenantProjectId: + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + items: + $ref: '#/components/schemas/Binding' + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + id: Policy + type: object + MaintenancePolicy: + id: MaintenancePolicy + type: object + properties: + updatePolicy: + description: Maintenance policy applicable to instance update. + $ref: '#/components/schemas/UpdatePolicy' + state: + description: Optional. The state of the policy. + type: string + enum: + - STATE_UNSPECIFIED + - READY + - DELETING + enumDescriptions: + - Unspecified state. + - Resource is ready to be used. + - >- + Resource is being deleted. It can no longer be attached to + instances. + description: + type: string description: >- - Output only. ID of the associated GCP tenant project. See - go/get-instance-metadata. - readOnly: true + Optional. Description of what this policy is for. Create/Update + methods return INVALID_ARGUMENT if the length is greater than 512. + createTime: + format: google-datetime + description: Output only. The time when the resource was created. type: string - producerMetadata: + name: description: >- - Output only. Custom string attributes used primarily to expose - producer-specific information in monitoring dashboards. See - go/get-instance-metadata. - readOnly: true - type: object + Required. MaintenancePolicy name using the form: + `projects/{project_id}/locations/{location_id}/maintenancePolicies/{maintenance_policy_id}` + where {project_id} refers to a GCP consumer project ID, + {location_id} refers to a GCP region/zone, {maintenance_policy_id} + must be 1-63 characters long and match the regular expression + `[a-z0-9]([-a-z0-9]*[a-z0-9])?`. + type: string + labels: additionalProperties: type: string - provisionedResources: - description: >- - Output only. The list of data plane resources provisioned for this - instance, e.g. compute VMs. See go/get-instance-metadata. - readOnly: true - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudSaasacceleratorManagementProvidersV1ProvisionedResource - sloMetadata: - description: >- - Output only. SLO metadata for instance classification in the - Standardized dataplane SLO platform. See go/cloud-ssa-standard-slo - for feature description. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudSaasacceleratorManagementProvidersV1SloMetadata - maintenanceSchedules: - description: >- - The MaintenanceSchedule contains the scheduling information of - published maintenance schedule with same key as software_versions. type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudSaasacceleratorManagementProvidersV1MaintenanceSchedule - consumerDefinedName: - description: >- - consumer_defined_name is the name of the instance set by the service - consumers. Generally this is different from the `name` field which - reperesents the system-assigned id of the instance which the service - consumers do not recognize. This is a required field for tenants - onboarding to Maintenance Window notifications - (go/slm-rollout-maintenance-policies#prerequisites). - type: string - slmInstanceTemplate: - description: >- - Link to the SLM instance template. Only populated when updating SLM - instances via SSA's Actuation service adaptor. Service producers - with custom control plane (e.g. Cloud SQL) doesn't need to populate - this field. Instead they should use software_versions. - type: string - maintenanceSettings: - description: Optional. The MaintenanceSettings associated with instance. - $ref: >- - #/components/schemas/GoogleCloudSaasacceleratorManagementProvidersV1MaintenanceSettings - instanceType: description: >- - Optional. The instance_type of this instance of format: - projects/{project_number}/locations/{location_id}/instanceTypes/{instance_type_id}. - Instance Type represents a high-level tier or SKU of the service - that this instance belong to. When enabled(eg: Maintenance Rollout), - Rollout uses 'instance_type' along with 'software_versions' to - determine whether instance needs an update or not. + Optional. Resource labels to represent user provided metadata. Each + label is a key-value pair, where both the key and the value are + arbitrary strings provided by the user. + updateTime: type: string - notificationParameters: - description: >- - Optional. notification_parameter are information that service - producers may like to include that is not relevant to Rollout. This - parameter will only be passed to Gamma and Cloud Logging for - notification/logging purpose. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudSaasacceleratorManagementProvidersV1NotificationParameter - GoogleCloudSaasacceleratorManagementProvidersV1ProvisionedResource: - id: GoogleCloudSaasacceleratorManagementProvidersV1ProvisionedResource - description: Describes provisioned dataplane resources. - type: object + description: Output only. The time when the resource was updated. + format: google-datetime + description: Defines policies to service maintenance events. + Status: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). properties: - resourceType: + details: description: >- - Type of the resource. This can be either a GCP resource or a custom - one (e.g. another cloud provider's VM). For GCP compute resources - use singular form of the names listed in GCP compute API - documentation - (https://cloud.google.com/compute/docs/reference/rest/v1/), prefixed - with 'compute-', for example: 'compute-instance', 'compute-disk', - 'compute-autoscaler'. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: array + message: type: string - resourceUrl: description: >- - URL identifying the resource, e.g. - "https://www.googleapis.com/compute/v1/projects/...)". - type: string - GoogleCloudSaasacceleratorManagementProvidersV1SloMetadata: - id: GoogleCloudSaasacceleratorManagementProvidersV1SloMetadata - description: >- - SloMetadata contains resources required for proper SLO classification of - the instance. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer + id: Status type: object + GoogleCloudSaasacceleratorManagementProvidersV1SloMetadata: properties: + perSliEligibility: + description: >- + Optional. Multiple per-instance SLI eligibilities which apply for + individual SLIs. + $ref: >- + #/components/schemas/GoogleCloudSaasacceleratorManagementProvidersV1PerSliSloEligibility tier: description: >- Name of the SLO tier the Instance belongs to. This name will be @@ -1571,373 +1487,385 @@ components: items: $ref: >- #/components/schemas/GoogleCloudSaasacceleratorManagementProvidersV1NodeSloMetadata - perSliEligibility: - description: >- - Optional. Multiple per-instance SLI eligibilities which apply for - individual SLIs. - $ref: >- - #/components/schemas/GoogleCloudSaasacceleratorManagementProvidersV1PerSliSloEligibility - GoogleCloudSaasacceleratorManagementProvidersV1NodeSloMetadata: - id: GoogleCloudSaasacceleratorManagementProvidersV1NodeSloMetadata description: >- - Node information for custom per-node SLO implementations. SSA does not - support per-node SLO, but producers can populate per-node information in - SloMetadata for custom precomputations. SSA Eligibility Exporter will - emit per-node metric based on this information. - type: object - properties: - nodeId: - description: >- - The id of the node. This should be equal to - SaasInstanceNode.node_id. - type: string - location: - description: The location of the node, if different from instance location. - type: string - perSliEligibility: - description: >- - If present, this will override eligibility for the node coming from - instance or exclusions for specified SLIs. - $ref: >- - #/components/schemas/GoogleCloudSaasacceleratorManagementProvidersV1PerSliSloEligibility - GoogleCloudSaasacceleratorManagementProvidersV1PerSliSloEligibility: - id: GoogleCloudSaasacceleratorManagementProvidersV1PerSliSloEligibility - description: PerSliSloEligibility is a mapping from an SLI name to eligibility. + SloMetadata contains resources required for proper SLO classification of + the instance. + id: GoogleCloudSaasacceleratorManagementProvidersV1SloMetadata type: object - properties: - eligibilities: - description: >- - An entry in the eligibilities map specifies an eligibility for a - particular SLI for the given instance. The SLI key in the name must - be a valid SLI name specified in the Eligibility Exporter binary - flags otherwise an error will be emitted by Eligibility Exporter and - the oncaller will be alerted. If an SLI has been defined in the - binary flags but the eligibilities map does not contain it, the - corresponding SLI time series will not be emitted by the Eligibility - Exporter. This ensures a smooth rollout and compatibility between - the data produced by different versions of the Eligibility - Exporters. If eligibilities map contains a key for an SLI which has - not been declared in the binary flags, there will be an error - message emitted in the Eligibility Exporter log and the metric for - the SLI in question will not be emitted. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudSaasacceleratorManagementProvidersV1SloEligibility - GoogleCloudSaasacceleratorManagementProvidersV1SloEligibility: - id: GoogleCloudSaasacceleratorManagementProvidersV1SloEligibility - description: >- - SloEligibility is a tuple containing eligibility value: true if an - instance is eligible for SLO calculation or false if it should be - excluded from all SLO-related calculations along with a user-defined - reason. + GoogleCloudSaasacceleratorManagementProvidersV1ProvisionedResource: + id: GoogleCloudSaasacceleratorManagementProvidersV1ProvisionedResource type: object + description: Describes provisioned dataplane resources. properties: - eligible: - description: Whether an instance is eligible or ineligible. - type: boolean - reason: + resourceUrl: description: >- - User-defined reason for the current value of instance eligibility. - Usually, this can be directly mapped to the internal state. An empty - reason is allowed. - type: string - GoogleCloudSaasacceleratorManagementProvidersV1MaintenanceSchedule: - id: GoogleCloudSaasacceleratorManagementProvidersV1MaintenanceSchedule - description: >- - Maintenance schedule which is exposed to customer and potentially end - user, indicating published upcoming future maintenance schedule - type: object - properties: - startTime: - description: The scheduled start time for the maintenance. + URL identifying the resource, e.g. + "https://www.googleapis.com/compute/v1/projects/...)". type: string - format: google-datetime - endTime: - description: The scheduled end time for the maintenance. + resourceType: type: string - format: google-datetime - canReschedule: description: >- - This field is deprecated, and will be always set to true since - reschedule can happen multiple times now. This field should not be - removed until all service producers remove this for their customers. - deprecated: true - type: boolean - rolloutManagementPolicy: + Type of the resource. This can be either a GCP resource or a custom + one (e.g. another cloud provider's VM). For GCP compute resources + use singular form of the names listed in GCP compute API + documentation + (https://cloud.google.com/compute/docs/reference/rest/v1/), prefixed + with 'compute-', for example: 'compute-instance', 'compute-disk', + 'compute-autoscaler'. + TimeOfDay: + properties: + hours: + format: int32 + type: integer description: >- - The rollout management policy this maintenance schedule is - associated with. When doing reschedule update request, the - reschedule should be against this given policy. - type: string - scheduleDeadlineTime: + Hours of a day in 24 hour format. Must be greater than or equal to 0 + and typically must be less than or equal to 23. An API may choose to + allow the value "24:00:00" for scenarios like business closing time. + minutes: + format: int32 + type: integer description: >- - schedule_deadline_time is the time deadline any schedule start time - cannot go beyond, including reschedule. It's normally the initial - schedule start time plus maintenance window length (1 day or 1 - week). Maintenance cannot be scheduled to start beyond this - deadline. - type: string - format: google-datetime - GoogleCloudSaasacceleratorManagementProvidersV1MaintenanceSettings: - id: GoogleCloudSaasacceleratorManagementProvidersV1MaintenanceSettings + Minutes of an hour. Must be greater than or equal to 0 and less than + or equal to 59. + seconds: + description: >- + Seconds of a minute. Must be greater than or equal to 0 and + typically must be less than or equal to 59. An API may allow the + value 60 if it allows leap-seconds. + type: integer + format: int32 + nanos: + description: >- + Fractions of seconds, in nanoseconds. Must be greater than or equal + to 0 and less than or equal to 999,999,999. + type: integer + format: int32 description: >- - Maintenance settings associated with instance. Allows service producers - and end users to assign settings that controls maintenance on this - instance. + Represents a time of day. The date and time zone are either not + significant or are specified elsewhere. An API may choose to allow leap + seconds. Related types are google.type.Date and + `google.protobuf.Timestamp`. + type: object + id: TimeOfDay + Trust: type: object + id: Trust properties: - exclude: + state: + enumDescriptions: + - Not set. + - The domain trust is being created. + - The domain trust is being updated. + - The domain trust is being deleted. + - The domain trust is connected. + - The domain trust is disconnected. + type: string + readOnly: true + description: Output only. The current state of the trust. + enum: + - STATE_UNSPECIFIED + - CREATING + - UPDATING + - DELETING + - CONNECTED + - DISCONNECTED + targetDomainName: description: >- - Optional. Exclude instance from maintenance. When true, rollout - service will not attempt maintenance on the instance. Rollout - service will include the instance in reported rollout progress as - not attempted. - type: boolean - maintenancePolicies: + Required. The fully qualified target domain name which will be in + trust with the current domain. + type: string + trustDirection: + type: string description: >- - Optional. The MaintenancePolicies that have been attached to the - instance. The key must be of the type name of the oneof policy name - defined in MaintenancePolicy, and the embedded policy must define - the same policy type. For details, please refer to go/mr-user-guide. - Should not be set if maintenance_policy_names is set. If only the - name is needed, then only populate MaintenancePolicy.name. - type: object - additionalProperties: - $ref: '#/components/schemas/MaintenancePolicy' - isRollback: + Required. The trust direction, which decides if the current domain + is trusted, trusting, or both. + enum: + - TRUST_DIRECTION_UNSPECIFIED + - INBOUND + - OUTBOUND + - BIDIRECTIONAL + enumDescriptions: + - Not set. + - The inbound direction represents the trusting side. + - The outboud direction represents the trusted side. + - >- + The bidirectional direction represents the trusted / trusting + side. + lastTrustHeartbeatTime: + type: string + format: google-datetime + readOnly: true description: >- - Optional. If the update call is triggered from rollback, set the - value as true. - type: boolean - MaintenancePolicy: - id: MaintenancePolicy - description: Defines policies to service maintenance events. - type: object - properties: - name: + Output only. The last heartbeat time when the trust was known to be + connected. + stateDescription: description: >- - Required. MaintenancePolicy name using the form: - `projects/{project_id}/locations/{location_id}/maintenancePolicies/{maintenance_policy_id}` - where {project_id} refers to a GCP consumer project ID, - {location_id} refers to a GCP region/zone, {maintenance_policy_id} - must be 1-63 characters long and match the regular expression - `[a-z0-9]([-a-z0-9]*[a-z0-9])?`. + Output only. Additional information about the current state of the + trust, if available. type: string + readOnly: true createTime: - description: Output only. The time when the resource was created. + description: Output only. The time the instance was created. + readOnly: true type: string format: google-datetime updateTime: - description: Output only. The time when the resource was updated. + readOnly: true type: string format: google-datetime - description: + description: Output only. The last update time. + selectiveAuthentication: + type: boolean description: >- - Optional. Description of what this policy is for. Create/Update - methods return INVALID_ARGUMENT if the length is greater than 512. + Optional. The trust authentication type, which decides whether the + trusted side has forest/domain wide access or selective access to an + approved set of resources. + trustHandshakeSecret: type: string - labels: description: >- - Optional. Resource labels to represent user provided metadata. Each - label is a key-value pair, where both the key and the value are - arbitrary strings provided by the user. - type: object - additionalProperties: + Required. The trust secret used for the handshake with the target + domain. This will not be stored. + targetDnsIpAddresses: + type: array + items: type: string - state: - description: Optional. The state of the policy. - type: string - enumDescriptions: - - Unspecified state. - - Resource is ready to be used. - - >- - Resource is being deleted. It can no longer be attached to - instances. - enum: - - STATE_UNSPECIFIED - - READY - - DELETING - updatePolicy: - description: Maintenance policy applicable to instance update. - $ref: '#/components/schemas/UpdatePolicy' - UpdatePolicy: - id: UpdatePolicy - description: Maintenance policy applicable to instance updates. - type: object - properties: - window: description: >- - Optional. Maintenance window that is applied to resources covered by - this policy. - $ref: '#/components/schemas/MaintenanceWindow' - channel: - description: Optional. Relative scheduling channel applied to resource. + Required. The target DNS server IP addresses which can resolve the + remote domain involved in the trust. + trustType: + description: Required. The type of trust represented by the trust resource. type: string enumDescriptions: - - Unspecified channel. - - Early channel within a customer project. - - Later channel within a customer project. - - >- - ! ! The follow channels can ONLY be used if you adopt the new MW - system! ! ! NOTE: all WEEK channels are assumed to be under a - weekly window. ! There is currently no dedicated channel - definitions for Daily windows. ! If you use Daily window, the - system will assume a 1d (24Hours) advanced ! notification period - b/w EARLY and LATER. ! We may consider support more flexible daily - channel specifications in ! the future. WEEK1 == EARLIER with - minimum 7d advanced notification. {7d, 14d} The system will treat - them equally and will use WEEK1 whenever it can. New customers are - encouraged to use this channel annotation. - - WEEK2 == LATER with minimum 14d advanced notification {14d, 21d}. - - >- - WEEK5 == 40d support. minimum 35d advanced notification {35d, - 42d}. + - Not set. + - The forest trust. + - The external domain trust. enum: - - UPDATE_CHANNEL_UNSPECIFIED - - EARLIER - - LATER - - WEEK1 - - WEEK2 - - WEEK5 - denyMaintenancePeriods: - description: >- - Deny Maintenance Period that is applied to resource to indicate when - maintenance is forbidden. The protocol supports zero-to-many such - periods, but the current SLM Rollout implementation only supports - zero-to-one. + - TRUST_TYPE_UNSPECIFIED + - FOREST + - EXTERNAL + description: >- + Represents a relationship between two domains. This allows a controller + in one domain to authenticate a user in another domain. If the trust is + being changed, it will be placed into the UPDATING state, which + indicates that the resource is being reconciled. At this point, Get will + reflect an intermediate state. + DetachTrustRequest: + description: Request message for DetachTrust + id: DetachTrustRequest + properties: + trust: + description: Required. The domain trust resource to removed. + $ref: '#/components/schemas/Trust' + type: object + GoogleCloudSaasacceleratorManagementProvidersV1NotificationParameter: + id: GoogleCloudSaasacceleratorManagementProvidersV1NotificationParameter + properties: + values: type: array items: - $ref: '#/components/schemas/DenyMaintenancePeriod' - MaintenanceWindow: - id: MaintenanceWindow - description: MaintenanceWindow definition. + type: string + description: >- + Optional. Array of string values. e.g. instance's replica + information. + description: Contains notification related data. + type: object + Empty: + properties: {} + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } type: object + ResetAdminPasswordResponse: + id: ResetAdminPasswordResponse properties: - dailyCycle: - description: Daily cycle. - $ref: '#/components/schemas/DailyCycle' - weeklyCycle: - description: Weekly cycle. - $ref: '#/components/schemas/WeeklyCycle' - DailyCycle: - id: DailyCycle - description: Time window specified for daily operations. + password: + description: A random password. See admin for more information. + type: string + type: object + description: Response message for ResetAdminPassword + ExtendSchemaRequest: + id: ExtendSchemaRequest type: object + description: ExtendSchemaRequest is the request message for ExtendSchema method. properties: - startTime: - description: Time within the day to start the operations. - $ref: '#/components/schemas/TimeOfDay' - duration: - description: Output only. Duration of the time window, set by service producer. + description: + description: Required. Description for Schema Change. type: string - format: google-duration - TimeOfDay: - id: TimeOfDay + gcsPath: + type: string + description: >- + File stored in Cloud Storage bucket and represented in the form + projects/{project_id}/buckets/{bucket_name}/objects/{object_name} + File should be in the same project as the domain. + fileContents: + description: File uploaded as a byte stream input. + type: string + format: byte + DomainJoinMachineRequest: + properties: + force: + description: >- + Optional. force if True, forces domain join even if the computer + account already exists. + type: boolean + ouName: + type: string + description: Optional. OU name where the VM needs to be domain joined + vmIdToken: + type: string + description: >- + Required. Full instance id token of compute engine VM to verify + instance identity. More about this: + https://cloud.google.com/compute/docs/instances/verifying-instance-identity#request_signature + type: object + id: DomainJoinMachineRequest description: >- - Represents a time of day. The date and time zone are either not - significant or are specified elsewhere. An API may choose to allow leap - seconds. Related types are google.type.Date and - `google.protobuf.Timestamp`. + DomainJoinMachineRequest is the request message for DomainJoinMachine + method + CheckMigrationPermissionRequest: + type: object + id: CheckMigrationPermissionRequest + description: >- + CheckMigrationPermissionRequest is the request message for + CheckMigrationPermission method. + properties: {} + Expr: type: object + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. properties: - hours: + expression: + type: string description: >- - Hours of a day in 24 hour format. Must be greater than or equal to 0 - and typically must be less than or equal to 23. An API may choose to - allow the value "24:00:00" for scenarios like business closing time. - type: integer - format: int32 - minutes: + Textual representation of an expression in Common Expression + Language syntax. + description: description: >- - Minutes of an hour. Must be greater than or equal to 0 and less than - or equal to 59. - type: integer - format: int32 - seconds: + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + location: description: >- - Seconds of a minute. Must be greater than or equal to 0 and - typically must be less than or equal to 59. An API may allow the - value 60 if it allows leap-seconds. - type: integer - format: int32 - nanos: + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: string + title: + type: string description: >- - Fractions of seconds, in nanoseconds. Must be greater than or equal - to 0 and less than or equal to 999,999,999. - type: integer - format: int32 - WeeklyCycle: - id: WeeklyCycle - description: Time window specified for weekly operations. - type: object - properties: - schedule: - description: User can specify multiple windows in a week. Minimum of 1 window. - type: array - items: - $ref: '#/components/schemas/Schedule' - Schedule: - id: Schedule - description: Configure the schedule. + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + id: Expr + LDAPSSettings: + id: LDAPSSettings + description: >- + LDAPSSettings represents the ldaps settings for domain resource. LDAP is + the Lightweight Directory Access Protocol, defined in + https://tools.ietf.org/html/rfc4511. The settings object configures LDAP + over SSL/TLS, whether it is over port 636 or the StartTLS operation. If + LDAPSSettings is being changed, it will be placed into the UPDATING + state, which indicates that the resource is being reconciled. At this + point, Get will reflect an intermediate state. type: object properties: - day: - description: Allows to define schedule that runs specified day of the week. + state: + description: Output only. The current state of this LDAPS settings. type: string - enumDescriptions: - - The day of the week is unspecified. - - Monday - - Tuesday - - Wednesday - - Thursday - - Friday - - Saturday - - Sunday + readOnly: true enum: - - DAY_OF_WEEK_UNSPECIFIED - - MONDAY - - TUESDAY - - WEDNESDAY - - THURSDAY - - FRIDAY - - SATURDAY - - SUNDAY - startTime: - description: Time within the window to start the operations. - $ref: '#/components/schemas/TimeOfDay' - duration: - description: Output only. Duration of the time window, set by service producer. + - STATE_UNSPECIFIED + - UPDATING + - ACTIVE + - FAILED + enumDescriptions: + - Not Set + - The LDAPS setting is being updated. + - The LDAPS setting is ready. + - The LDAPS setting is not applied correctly. + certificatePfx: + type: string + format: byte + description: >- + Input only. The uploaded PKCS12-formatted certificate to configure + LDAPS with. It will enable the domain controllers in this domain to + accept LDAPS connections (either LDAP over SSL/TLS or the StartTLS + operation). A valid certificate chain must form a valid x.509 + certificate chain (or be comprised of a single self-signed + certificate. It must be encrypted with either: 1) PBES2 + PBKDF2 + + AES256 encryption and SHA256 PRF; or 2) + pbeWithSHA1And3-KeyTripleDES-CBC Private key must be included for + the leaf / single self-signed certificate. Note: For a fqdn + your-example-domain.com, the wildcard fqdn is + *.your-example-domain.com. Specifically the leaf certificate must + have: - Either a blank subject or a subject with CN matching the + wildcard fqdn. - Exactly two SANs - the fqdn and wildcard fqdn. - + Encipherment and digital key signature key usages. - Server + authentication extended key usage (OID=1.3.6.1.5.5.7.3.1) - Private + key must be in one of the following formats: RSA, ECDSA, ED25519. - + Private key must have appropriate key length: 2048 for RSA, 256 for + ECDSA - Signature algorithm of the leaf certificate cannot be MD2, + MD5 or SHA1. + certificatePassword: + description: >- + Input only. The password used to encrypt the uploaded PFX + certificate. + type: string + name: + type: string + description: >- + The resource name of the LDAPS settings. Uses the form: + `projects/{project}/locations/{location}/domains/{domain}`. + certificate: + description: >- + Output only. The certificate used to configure LDAPS. Certificates + can be chained with a maximum length of 15. + $ref: '#/components/schemas/Certificate' + readOnly: true + updateTime: + description: Output only. Last update time. + type: string + format: google-datetime + readOnly: true + OnPremDomainSIDDetails: + properties: + name: type: string - format: google-duration - DenyMaintenancePeriod: - id: DenyMaintenancePeriod + description: FQDN of the on-prem domain being migrated. + sidFilteringState: + type: string + enum: + - SID_FILTERING_STATE_UNSPECIFIED + - ENABLED + - DISABLED + enumDescriptions: + - SID Filtering is in unspecified state. + - SID Filtering is Enabled. + - SID Filtering is Disabled. + description: Current SID filtering state. description: >- - DenyMaintenancePeriod definition. Maintenance is forbidden within the - deny period. The start_date must be less than the end_date. + OnPremDomainDetails is the message which contains details of on-prem + domain which is trusted and needs to be migrated. + id: OnPremDomainSIDDetails type: object - properties: - startDate: - description: >- - Deny period start date. This can be: * A full date, with non-zero - year, month and day values. * A month and day value, with a zero - year. Allows recurring deny periods each year. Date matching this - period will have to be the same or after the start. - $ref: '#/components/schemas/Date' - endDate: - description: >- - Deny period end date. This can be: * A full date, with non-zero - year, month and day values. * A month and day value, with a zero - year. Allows recurring deny periods each year. Date matching this - period will have to be before the end. - $ref: '#/components/schemas/Date' - time: - description: >- - Time in UTC when the Blackout period starts on start_date and ends - on end_date. This can be: * Full time. * All zeros for 00:00:00 UTC - $ref: '#/components/schemas/TimeOfDay' Date: - id: Date description: >- Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are @@ -1949,59 +1877,124 @@ components: expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp type: object + id: Date properties: year: + format: int32 description: >- Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year. type: integer - format: int32 - month: - description: >- - Month of a year. Must be from 1 to 12, or 0 to specify a year - without a month and day. - type: integer - format: int32 day: + format: int32 description: >- Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant. type: integer + month: format: int32 - GoogleCloudSaasacceleratorManagementProvidersV1NotificationParameter: - id: GoogleCloudSaasacceleratorManagementProvidersV1NotificationParameter - description: Contains notification related data. + description: >- + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. + type: integer + DenyMaintenancePeriod: + description: >- + DenyMaintenancePeriod definition. Maintenance is forbidden within the + deny period. The start_date must be less than the end_date. type: object + id: DenyMaintenancePeriod properties: - values: + endDate: + $ref: '#/components/schemas/Date' description: >- - Optional. Array of string values. e.g. instance's replica - information. - type: array + Deny period end date. This can be: * A full date, with non-zero + year, month and day values. * A month and day value, with a zero + year. Allows recurring deny periods each year. Date matching this + period will have to be before the end. + time: + $ref: '#/components/schemas/TimeOfDay' + description: >- + Time in UTC when the Blackout period starts on start_date and ends + on end_date. This can be: * Full time. * All zeros for 00:00:00 UTC + startDate: + description: >- + Deny period start date. This can be: * A full date, with non-zero + year, month and day values. * A month and day value, with a zero + year. Allows recurring deny periods each year. Date matching this + period will have to be the same or after the start. + $ref: '#/components/schemas/Date' + ListDomainsResponse: + type: object + description: Response message for ListDomains + id: ListDomainsResponse + properties: + nextPageToken: + type: string + description: >- + A token to retrieve the next page of results, or empty if there are + no more results in the list. + unreachable: + description: A list of locations that could not be reached. items: type: string + type: array + domains: + type: array + items: + $ref: '#/components/schemas/Domain' + description: A list of Managed Identities Service domains in the project. + GoogleCloudManagedidentitiesV1alpha1OpMetadata: + properties: + verb: + type: string + description: Output only. Name of the verb executed by the operation. + readOnly: true + endTime: + format: google-datetime + description: Output only. The time the operation finished running. + type: string + readOnly: true + requestedCancellation: + type: boolean + description: >- + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. + readOnly: true + createTime: + description: Output only. The time the operation was created. + type: string + format: google-datetime + readOnly: true + target: + type: string + description: >- + Output only. Server-defined resource path for the target of the + operation. + readOnly: true + apiVersion: + description: Output only. API version used to start the operation. + type: string + readOnly: true + description: Represents the metadata of the long-running operation. + id: GoogleCloudManagedidentitiesV1alpha1OpMetadata + type: object parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: alt + name: key schema: type: string - enum: - - json - - media - - proto - callback: - description: JSONP + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: callback + name: uploadType schema: type: string fields: @@ -2010,27 +2003,22 @@ components: name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + alt: + description: Data format for response. in: query - name: key + name: alt schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + enum: + - json + - media + - proto + access_token: + description: OAuth access token. in: query - name: oauth_token + name: access_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -2040,16 +2028,22 @@ components: name: quotaUser schema: type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string upload_protocol: description: Upload protocol for media (e.g. "raw", "multipart"). in: query name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + callback: + description: JSONP in: query - name: uploadType + name: callback schema: type: string _.xgafv: @@ -2061,46 +2055,25 @@ components: enum: - '1' - '2' + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean x-stackQL-resources: - locations: - id: google.managedidentities.locations - name: locations - title: Locations - methods: - list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations - get: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] operations: id: google.managedidentities.operations name: operations title: Operations methods: - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations get: operation: $ref: >- @@ -2108,20 +2081,21 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - cancel: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.operations sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/operations/methods/get' @@ -2136,25 +2110,24 @@ components: name: domains title: Domains methods: - create: + check_migration_permission: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:checkMigrationPermission/post response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.domains - reset_admin_password: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:resetAdminPassword/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -2165,87 +2138,88 @@ components: response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.domains + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains/post response: mediaType: application/json openAPIDocKey: '200' - domain_join_machine: + enable_migration: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:domainJoinMachine/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:enableMigration/post response: mediaType: application/json openAPIDocKey: '200' - restore: + disable_migration: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:restore/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:disableMigration/post response: mediaType: application/json openAPIDocKey: '200' - attach_trust: + detach_trust: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:attachTrust/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:detachTrust/post response: mediaType: application/json openAPIDocKey: '200' - reconfigure_trust: + restore: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:reconfigureTrust/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:restore/post response: mediaType: application/json openAPIDocKey: '200' - detach_trust: + extend_schema: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:detachTrust/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:extendSchema/post response: mediaType: application/json openAPIDocKey: '200' - validate_trust: + reconfigure_trust: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:validateTrust/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:reconfigureTrust/post response: mediaType: application/json openAPIDocKey: '200' - extend_schema: + validate_trust: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:extendSchema/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:validateTrust/post response: mediaType: application/json openAPIDocKey: '200' - enable_migration: + reset_admin_password: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:enableMigration/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:resetAdminPassword/post response: mediaType: application/json openAPIDocKey: '200' - disable_migration: + domain_join_machine: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:disableMigration/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:domainJoinMachine/post response: mediaType: application/json openAPIDocKey: '200' - check_migration_permission: + attach_trust: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:checkMigrationPermission/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:attachTrust/post response: mediaType: application/json openAPIDocKey: '200' @@ -2294,28 +2268,28 @@ components: name: domains_iam_policies title: Domains_iam_policies methods: - set_iam_policy: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- @@ -2326,18 +2300,39 @@ components: - $ref: >- #/components/x-stackQL-resources/domains_iam_policies/methods/set_iam_policy delete: [] - backups: - id: google.managedidentities.backups - name: backups - title: Backups + sql_integrations: + id: google.managedidentities.sql_integrations + name: sql_integrations + title: Sql_integrations methods: - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}~1backups/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}~1sqlIntegrations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.sqlIntegrations + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}~1sqlIntegrations~1{sqlIntegrationsId}/get response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/sql_integrations/methods/get' + - $ref: '#/components/x-stackQL-resources/sql_integrations/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + backups: + id: google.managedidentities.backups + name: backups + title: Backups + methods: list: operation: $ref: >- @@ -2346,10 +2341,10 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.backups - get: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}~1backups~1{backupsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}~1backups/post response: mediaType: application/json openAPIDocKey: '200' @@ -2367,6 +2362,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}~1backups~1{backupsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/backups/methods/get' @@ -2383,21 +2385,21 @@ components: name: backups_iam_policies title: Backups_iam_policies methods: - set_iam_policy: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}~1backups~1{backupsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}~1backups~1{backupsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}~1backups~1{backupsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}~1backups~1{backupsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings test_iam_permissions: operation: $ref: >- @@ -2415,46 +2417,11 @@ components: - $ref: >- #/components/x-stackQL-resources/backups_iam_policies/methods/set_iam_policy delete: [] - sql_integrations: - id: google.managedidentities.sql_integrations - name: sql_integrations - title: Sql_integrations - methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}~1sqlIntegrations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.sqlIntegrations - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1domains~1{domainsId}~1sqlIntegrations~1{sqlIntegrationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/sql_integrations/methods/get' - - $ref: '#/components/x-stackQL-resources/sql_integrations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] peerings: id: google.managedidentities.peerings name: peerings title: Peerings methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1peerings/post - response: - mediaType: application/json - openAPIDocKey: '200' list: operation: $ref: >- @@ -2463,10 +2430,10 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.peerings - get: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1peerings~1{peeringsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1peerings/post response: mediaType: application/json openAPIDocKey: '200' @@ -2484,6 +2451,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1peerings~1{peeringsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/peerings/methods/get' @@ -2500,28 +2474,28 @@ components: name: peerings_iam_policies title: Peerings_iam_policies methods: - set_iam_policy: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1peerings~1{peeringsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1peerings~1{peeringsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1peerings~1{peeringsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1peerings~1{peeringsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1peerings~1{peeringsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1peerings~1{peeringsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- @@ -2532,59 +2506,53 @@ components: - $ref: >- #/components/x-stackQL-resources/peerings_iam_policies/methods/set_iam_policy delete: [] -paths: - /v1/projects/{projectsId}/locations: - parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - get: - description: Lists information about the supported locations for this service. - operationId: managedidentities.projects.locations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListLocationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 - get: - description: Gets information about a location. - operationId: managedidentities.projects.locations.get + locations: + id: google.managedidentities.locations + name: locations + title: Locations + methods: + get: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.locations + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' + insert: [] + update: [] + replace: [] + delete: [] +paths: + /v1/projects/{projectsId}/locations/global/operations/{operationsId}: + parameters: &ref_1 + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/prettyPrint' + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: managedidentities.projects.locations.global.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2596,7 +2564,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2604,17 +2572,16 @@ paths: schema: type: string - in: path - name: locationsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/global/operations: - parameters: *ref_1 get: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: managedidentities.projects.locations.global.operations.list + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: managedidentities.projects.locations.global.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2626,34 +2593,37 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/global/operations/{operationsId}: + /v1/projects/{projectsId}/locations/global/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: managedidentities.projects.locations.global.operations.get + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: managedidentities.projects.locations.global.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2665,7 +2635,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2677,13 +2647,13 @@ paths: required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/global/operations: + parameters: *ref_1 + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: managedidentities.projects.locations.global.operations.delete + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: managedidentities.projects.locations.global.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2695,37 +2665,37 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/global/operations/{operationsId}:cancel: + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/global/domains/{domainsId}:checkMigrationPermission: parameters: *ref_1 post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: managedidentities.projects.locations.global.operations.cancel + description: CheckMigrationPermission API gets the current state of DomainMigration + operationId: >- + managedidentities.projects.locations.global.domains.checkMigrationPermission requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/CheckMigrationPermissionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2737,7 +2707,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/CheckMigrationPermissionResponse' parameters: - in: path name: projectsId @@ -2745,15 +2715,15 @@ paths: schema: type: string - in: path - name: operationsId + name: domainsId required: true schema: type: string - /v1/projects/{projectsId}/locations/global/domains: + /v1/projects/{projectsId}/locations/global/domains/{domainsId}: parameters: *ref_1 - post: - description: Creates a Microsoft AD domain. - operationId: managedidentities.projects.locations.global.domains.create + patch: + description: Updates the metadata and configuration of a domain. + operationId: managedidentities.projects.locations.global.domains.patch requestBody: content: application/json: @@ -2777,13 +2747,19 @@ paths: required: true schema: type: string + - in: path + name: domainsId + required: true + schema: + type: string - in: query - name: domainName + name: updateMask schema: type: string - get: - description: Lists domains in a project. - operationId: managedidentities.projects.locations.global.domains.list + format: google-fieldmask + delete: + description: Deletes a domain. + operationId: managedidentities.projects.locations.global.domains.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2795,40 +2771,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDomainsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: domainsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}:resetAdminPassword: - parameters: *ref_1 - post: - description: Resets a domain's administrator password. - operationId: managedidentities.projects.locations.global.domains.resetAdminPassword - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ResetAdminPasswordRequest' + get: + description: Gets information about a domain. + operationId: managedidentities.projects.locations.global.domains.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2840,7 +2797,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ResetAdminPasswordResponse' + $ref: '#/components/schemas/Domain' parameters: - in: path name: projectsId @@ -2852,11 +2809,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}: + /v1/projects/{projectsId}/locations/global/domains/{domainsId}/ldapssettings: parameters: *ref_1 get: - description: Gets information about a domain. - operationId: managedidentities.projects.locations.global.domains.get + description: Gets the domain ldaps settings. + operationId: managedidentities.projects.locations.global.domains.getLdapssettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2868,7 +2825,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Domain' + $ref: '#/components/schemas/LDAPSSettings' parameters: - in: path name: projectsId @@ -2881,13 +2838,13 @@ paths: schema: type: string patch: - description: Updates the metadata and configuration of a domain. - operationId: managedidentities.projects.locations.global.domains.patch + description: Patches a single ldaps settings. + operationId: managedidentities.projects.locations.global.domains.updateLdapssettings requestBody: content: application/json: schema: - $ref: '#/components/schemas/Domain' + $ref: '#/components/schemas/LDAPSSettings' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2916,9 +2873,11 @@ paths: schema: type: string format: google-fieldmask - delete: - description: Deletes a domain. - operationId: managedidentities.projects.locations.global.domains.delete + /v1/projects/{projectsId}/locations/global/domains: + parameters: *ref_1 + get: + description: Lists domains in a project. + operationId: managedidentities.projects.locations.global.domains.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2930,28 +2889,38 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListDomainsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: domainsId - required: true + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}:domainJoinMachine: - parameters: *ref_1 post: - description: DomainJoinMachine API joins a Compute Engine VM to the domain - operationId: managedidentities.projects.locations.global.domains.domainJoinMachine + description: Creates a Microsoft AD domain. + operationId: managedidentities.projects.locations.global.domains.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/DomainJoinMachineRequest' + $ref: '#/components/schemas/Domain' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2963,30 +2932,27 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DomainJoinMachineResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: domainsId - required: true + - in: query + name: domainName schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}:restore: + /v1/projects/{projectsId}/locations/global/domains/{domainsId}:enableMigration: parameters: *ref_1 post: - description: >- - RestoreDomain restores domain backup mentioned in the - RestoreDomainRequest - operationId: managedidentities.projects.locations.global.domains.restore + description: Enable Domain Migration + operationId: managedidentities.projects.locations.global.domains.enableMigration requestBody: content: application/json: schema: - $ref: '#/components/schemas/RestoreDomainRequest' + $ref: '#/components/schemas/EnableMigrationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3010,16 +2976,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}:attachTrust: + /v1/projects/{projectsId}/locations/global/domains/{domainsId}:disableMigration: parameters: *ref_1 post: - description: Adds an AD trust to a domain. - operationId: managedidentities.projects.locations.global.domains.attachTrust + description: Disable Domain Migration + operationId: managedidentities.projects.locations.global.domains.disableMigration requestBody: content: application/json: schema: - $ref: '#/components/schemas/AttachTrustRequest' + $ref: '#/components/schemas/DisableMigrationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3043,16 +3009,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}:reconfigureTrust: + /v1/projects/{projectsId}/locations/global/domains/{domainsId}:detachTrust: parameters: *ref_1 post: - description: Updates the DNS conditional forwarder. - operationId: managedidentities.projects.locations.global.domains.reconfigureTrust + description: Removes an AD trust. + operationId: managedidentities.projects.locations.global.domains.detachTrust requestBody: content: application/json: schema: - $ref: '#/components/schemas/ReconfigureTrustRequest' + $ref: '#/components/schemas/DetachTrustRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3076,16 +3042,18 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}:detachTrust: + /v1/projects/{projectsId}/locations/global/domains/{domainsId}:restore: parameters: *ref_1 post: - description: Removes an AD trust. - operationId: managedidentities.projects.locations.global.domains.detachTrust + description: >- + RestoreDomain restores domain backup mentioned in the + RestoreDomainRequest + operationId: managedidentities.projects.locations.global.domains.restore requestBody: content: application/json: schema: - $ref: '#/components/schemas/DetachTrustRequest' + $ref: '#/components/schemas/RestoreDomainRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3109,18 +3077,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}:validateTrust: + /v1/projects/{projectsId}/locations/global/domains/{domainsId}:testIamPermissions: parameters: *ref_1 post: description: >- - Validates a trust state, that the target domain is reachable, and that - the target domain is able to accept incoming trust requests. - operationId: managedidentities.projects.locations.global.domains.validateTrust + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: managedidentities.projects.locations.global.domains.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/ValidateTrustRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3132,7 +3103,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -3144,11 +3115,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}/ldapssettings: + /v1/projects/{projectsId}/locations/global/domains/{domainsId}:setIamPolicy: parameters: *ref_1 - get: - description: Gets the domain ldaps settings. - operationId: managedidentities.projects.locations.global.domains.getLdapssettings + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: managedidentities.projects.locations.global.domains.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3160,7 +3139,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LDAPSSettings' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -3172,14 +3151,16 @@ paths: required: true schema: type: string - patch: - description: Patches a single ldaps settings. - operationId: managedidentities.projects.locations.global.domains.updateLdapssettings + /v1/projects/{projectsId}/locations/global/domains/{domainsId}:extendSchema: + parameters: *ref_1 + post: + description: Extend Schema for Domain + operationId: managedidentities.projects.locations.global.domains.extendSchema requestBody: content: application/json: schema: - $ref: '#/components/schemas/LDAPSSettings' + $ref: '#/components/schemas/ExtendSchemaRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3203,21 +3184,16 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/global/domains/{domainsId}:extendSchema: + /v1/projects/{projectsId}/locations/global/domains/{domainsId}:reconfigureTrust: parameters: *ref_1 post: - description: Extend Schema for Domain - operationId: managedidentities.projects.locations.global.domains.extendSchema + description: Updates the DNS conditional forwarder. + operationId: managedidentities.projects.locations.global.domains.reconfigureTrust requestBody: content: application/json: schema: - $ref: '#/components/schemas/ExtendSchemaRequest' + $ref: '#/components/schemas/ReconfigureTrustRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3241,16 +3217,18 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}:enableMigration: + /v1/projects/{projectsId}/locations/global/domains/{domainsId}:validateTrust: parameters: *ref_1 post: - description: Enable Domain Migration - operationId: managedidentities.projects.locations.global.domains.enableMigration + description: >- + Validates a trust state, that the target domain is reachable, and that + the target domain is able to accept incoming trust requests. + operationId: managedidentities.projects.locations.global.domains.validateTrust requestBody: content: application/json: schema: - $ref: '#/components/schemas/EnableMigrationRequest' + $ref: '#/components/schemas/ValidateTrustRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3274,16 +3252,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}:disableMigration: + /v1/projects/{projectsId}/locations/global/domains/{domainsId}:getIamPolicy: parameters: *ref_1 - post: - description: Disable Domain Migration - operationId: managedidentities.projects.locations.global.domains.disableMigration - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DisableMigrationRequest' + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: managedidentities.projects.locations.global.domains.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3295,7 +3270,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -3307,17 +3282,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}:checkMigrationPermission: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/global/domains/{domainsId}:resetAdminPassword: parameters: *ref_1 post: - description: CheckMigrationPermission API gets the current state of DomainMigration - operationId: >- - managedidentities.projects.locations.global.domains.checkMigrationPermission + description: Resets a domain's administrator password. + operationId: managedidentities.projects.locations.global.domains.resetAdminPassword requestBody: content: application/json: schema: - $ref: '#/components/schemas/CheckMigrationPermissionRequest' + $ref: '#/components/schemas/ResetAdminPasswordRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3329,7 +3308,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CheckMigrationPermissionResponse' + $ref: '#/components/schemas/ResetAdminPasswordResponse' parameters: - in: path name: projectsId @@ -3341,19 +3320,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}:setIamPolicy: + /v1/projects/{projectsId}/locations/global/domains/{domainsId}:domainJoinMachine: parameters: *ref_1 post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: managedidentities.projects.locations.global.domains.setIamPolicy + description: DomainJoinMachine API joins a Compute Engine VM to the domain + operationId: managedidentities.projects.locations.global.domains.domainJoinMachine requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/DomainJoinMachineRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3365,7 +3341,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/DomainJoinMachineResponse' parameters: - in: path name: projectsId @@ -3377,13 +3353,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}:getIamPolicy: + /v1/projects/{projectsId}/locations/global/domains/{domainsId}:attachTrust: parameters: *ref_1 - get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: managedidentities.projects.locations.global.domains.getIamPolicy + post: + description: Adds an AD trust to a domain. + operationId: managedidentities.projects.locations.global.domains.attachTrust + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AttachTrustRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3395,7 +3374,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3407,26 +3386,11 @@ paths: required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/global/domains/{domainsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/global/domains/{domainsId}/sqlIntegrations: parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: managedidentities.projects.locations.global.domains.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + get: + description: Lists SqlIntegrations in a given domain. + operationId: managedidentities.projects.locations.global.domains.sqlIntegrations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3438,7 +3402,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ListSqlIntegrationsResponse' parameters: - in: path name: projectsId @@ -3450,16 +3414,28 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}/backups: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/global/domains/{domainsId}/sqlIntegrations/{sqlIntegrationsId}: parameters: *ref_1 - post: - description: Creates a Backup for a domain. - operationId: managedidentities.projects.locations.global.domains.backups.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Backup' + get: + description: Gets details of a single sqlIntegration. + operationId: managedidentities.projects.locations.global.domains.sqlIntegrations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3471,7 +3447,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/SqlIntegration' parameters: - in: path name: projectsId @@ -3483,10 +3459,13 @@ paths: required: true schema: type: string - - in: query - name: backupId + - in: path + name: sqlIntegrationsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/global/domains/{domainsId}/backups: + parameters: *ref_1 get: description: Lists Backup in a given project. operationId: managedidentities.projects.locations.global.domains.backups.list @@ -3513,28 +3492,65 @@ paths: required: true schema: type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: orderBy schema: type: string - - in: query - name: filter + post: + description: Creates a Backup for a domain. + operationId: managedidentities.projects.locations.global.domains.backups.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Backup' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: domainsId + required: true schema: type: string - in: query - name: orderBy + name: backupId schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}/backups/{backupsId}: + /v1/projects/{projectsId}/locations/global/domains/{domainsId}/backups/{backupsId}:getIamPolicy: parameters: *ref_1 get: - description: Gets details of a single Backup. - operationId: managedidentities.projects.locations.global.domains.backups.get + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: managedidentities.projects.locations.global.domains.backups.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3546,7 +3562,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Backup' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -3563,6 +3579,13 @@ paths: required: true schema: type: string + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/global/domains/{domainsId}/backups/{backupsId}: + parameters: *ref_1 patch: description: Updates the labels for specified Backup. operationId: managedidentities.projects.locations.global.domains.backups.patch @@ -3635,19 +3658,9 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}/backups/{backupsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: managedidentities.projects.locations.global.domains.backups.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + get: + description: Gets details of a single Backup. + operationId: managedidentities.projects.locations.global.domains.backups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3659,7 +3672,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Backup' parameters: - in: path name: projectsId @@ -3676,13 +3689,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}/backups/{backupsId}:getIamPolicy: + /v1/projects/{projectsId}/locations/global/domains/{domainsId}/backups/{backupsId}:setIamPolicy: parameters: *ref_1 - get: + post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: managedidentities.projects.locations.global.domains.backups.getIamPolicy + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: managedidentities.projects.locations.global.domains.backups.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3711,11 +3730,6 @@ paths: required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 /v1/projects/{projectsId}/locations/global/domains/{domainsId}/backups/{backupsId}:testIamPermissions: parameters: *ref_1 post: @@ -3760,11 +3774,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}/sqlIntegrations: + /v1/projects/{projectsId}/locations/global/peerings: parameters: *ref_1 get: - description: Lists SqlIntegrations in a given domain. - operationId: managedidentities.projects.locations.global.domains.sqlIntegrations.list + description: Lists Peerings in a given project. + operationId: managedidentities.projects.locations.global.peerings.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3776,16 +3790,15 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSqlIntegrationsResponse' + $ref: '#/components/schemas/ListPeeringsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: domainsId - required: true + - in: query + name: filter schema: type: string - in: query @@ -3793,53 +3806,14 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - in: query name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/global/domains/{domainsId}/sqlIntegrations/{sqlIntegrationsId}: - parameters: *ref_1 - get: - description: Gets details of a single sqlIntegration. - operationId: managedidentities.projects.locations.global.domains.sqlIntegrations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/SqlIntegration' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: domainsId - required: true - schema: - type: string - - in: path - name: sqlIntegrationsId - required: true + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/global/peerings: - parameters: *ref_1 post: description: Creates a Peering for Managed AD instance. operationId: managedidentities.projects.locations.global.peerings.create @@ -3870,9 +3844,16 @@ paths: name: peeringId schema: type: string - get: - description: Lists Peerings in a given project. - operationId: managedidentities.projects.locations.global.peerings.list + /v1/projects/{projectsId}/locations/global/peerings/{peeringsId}: + parameters: *ref_1 + patch: + description: Updates the labels for specified Peering. + operationId: managedidentities.projects.locations.global.peerings.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Peering' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3884,35 +3865,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListPeeringsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: peeringsId + required: true schema: type: string - in: query - name: orderBy + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/global/peerings/{peeringsId}: - parameters: *ref_1 - get: - description: Gets details of a single Peering. - operationId: managedidentities.projects.locations.global.peerings.get + format: google-fieldmask + delete: + description: Deletes identified Peering. + operationId: managedidentities.projects.locations.global.peerings.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3924,7 +3896,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Peering' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3936,14 +3908,9 @@ paths: required: true schema: type: string - patch: - description: Updates the labels for specified Peering. - operationId: managedidentities.projects.locations.global.peerings.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Peering' + get: + description: Gets details of a single Peering. + operationId: managedidentities.projects.locations.global.peerings.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3955,7 +3922,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Peering' parameters: - in: path name: projectsId @@ -3967,14 +3934,21 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes identified Peering. - operationId: managedidentities.projects.locations.global.peerings.delete + /v1/projects/{projectsId}/locations/global/peerings/{peeringsId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: managedidentities.projects.locations.global.peerings.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3986,7 +3960,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -4069,21 +4043,11 @@ paths: schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/global/peerings/{peeringsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}: parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: managedidentities.projects.locations.global.peerings.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + get: + description: Gets information about a location. + operationId: managedidentities.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4095,7 +4059,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId @@ -4103,7 +4067,43 @@ paths: schema: type: string - in: path - name: peeringsId + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations: + parameters: *ref_1 + get: + description: Lists information about the supported locations for this service. + operationId: managedidentities.projects.locations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListLocationsResponse' + parameters: + - in: path + name: projectsId required: true schema: type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 diff --git a/providers/src/googleapis.com/v00.00.00000/services/managedkafka.yaml b/providers/src/googleapis.com/v00.00.00000/services/managedkafka.yaml index dcb38455..a4bec713 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/managedkafka.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/managedkafka.yaml @@ -7,8 +7,8 @@ info: title: Managed Service for Apache Kafka API description: 'Manage Apache Kafka clusters and resources. ' version: v1 - x-discovery-doc-revision: '20250814' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251114' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/managed-service-for-apache-kafka/docs servers: @@ -34,467 +34,537 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + Location: + id: Location type: object properties: - operations: + displayName: description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: name: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` type: string metadata: description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object + Service-specific metadata. For example the available capacity at the + given location. additionalProperties: - type: any description: Properties of the object. Contains field @type with type URL. - done: + type: any + type: object + labels: + type: object description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + additionalProperties: + type: string + description: A resource that represents a Google Cloud location. + CheckCompatibilityRequest: + id: CheckCompatibilityRequest + type: object + description: Request for CheckCompatibility. + properties: + references: + description: Optional. The schema references used by the schema. + items: + $ref: '#/components/schemas/SchemaReference' + type: array + schemaType: + enumDescriptions: + - No schema type. The default will be AVRO. + - Avro schema type. + - JSON schema type. + - Protobuf schema type. + type: string + enum: + - SCHEMA_TYPE_UNSPECIFIED + - AVRO + - JSON + - PROTOBUF + description: Optional. The schema type of the schema. + verbose: type: boolean - error: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + Optional. If true, the response will contain the compatibility check + result with reasons for failed checks. The default is false. + schema: + description: Required. The schema payload + type: string + ConsumerGroup: + description: A Kafka consumer group in a given cluster. + type: object + properties: + topics: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object + Optional. Metadata for this consumer group for all topics it has + metadata for. The key of the map is a topic name, structured like: + projects/{project}/locations/{location}/clusters/{cluster}/topics/{topic} additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + $ref: '#/components/schemas/ConsumerTopicMetadata' + type: object + name: + type: string + description: >- + Identifier. The name of the consumer group. The `consumer_group` + segment is used when connecting directly to the cluster. Structured + like: + projects/{project}/locations/{location}/clusters/{cluster}/consumerGroups/{consumer_group} + id: ConsumerGroup + CreateVersionRequest: type: object + id: CreateVersionRequest + description: Request for CreateVersion. properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. + id: + format: int32 + type: integer + description: >- + Optional. The schema ID of the schema. If not specified, the schema + ID will be generated by the server. If the schema ID is specified, + it must not be used by an existing schema that is different from the + schema to be created. + version: type: integer format: int32 - message: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + Optional. The version to create. It is optional. If not specified, + the version will be created with the max version ID of the subject + increased by 1. If the version ID is specified, it will be used as + the new version ID and must not be used by an existing version of + the subject. + schemaType: + description: >- + Optional. The type of the schema. It is optional. If not specified, + the schema type will be AVRO. type: string - details: + enumDescriptions: + - No schema type. The default will be AVRO. + - Avro schema type. + - JSON schema type. + - Protobuf schema type. + enum: + - SCHEMA_TYPE_UNSPECIFIED + - AVRO + - JSON + - PROTOBUF + normalize: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array + Optional. If true, the schema will be normalized before being + stored. The default is false. + type: boolean + schema: + type: string + description: Required. The schema payload + references: + description: Optional. The schema references used by the schema. items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - ListClustersResponse: - id: ListClustersResponse - description: Response for ListClusters. - type: object - properties: - clusters: - description: The list of Clusters in the requested parent. + $ref: '#/components/schemas/SchemaReference' type: array - items: - $ref: '#/components/schemas/Cluster' - nextPageToken: + UpdateOptions: + properties: + allowBrokerDownscaleOnClusterUpscale: description: >- - A token that can be sent as `page_token` to retrieve the next page - of results. If this field is omitted, there are no more results. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - Cluster: - id: Cluster - description: An Apache Kafka cluster deployed in a location. + Optional. If true, allows an update operation that increases the + total vCPU and/or memory allocation of the cluster to significantly + decrease the per-broker vCPU and/or memory allocation. This can + result in reduced performance and availability. By default, the + update operation will fail if an upscale request results in a vCPU + or memory allocation for the brokers that is smaller than 90% of the + current broker size. + type: boolean + type: object + id: UpdateOptions + description: >- + UpdateOptions specifies options that influence how a cluster update is + applied. These options control the behavior of the update process, + rather than defining the desired end-state of a cluster. + SchemaConfig: + description: >- + SchemaConfig represents configuration for a schema registry or a + specific subject. + id: SchemaConfig type: object properties: - gcpConfig: - description: >- - Required. Configuration properties for a Kafka cluster deployed to - Google Cloud Platform. - $ref: '#/components/schemas/GcpConfig' - name: + alias: description: >- - Identifier. The name of the cluster. Structured like: - projects/{project_number}/locations/{location}/clusters/{cluster_id} - type: string - createTime: - description: Output only. The time when the cluster was created. - readOnly: true + Optional. The subject to which this subject is an alias of. Only + applicable for subject config. type: string - format: google-datetime - updateTime: - description: Output only. The time when the cluster was last updated. - readOnly: true + compatibility: + description: >- + Required. The compatibility type of the schema. The default value is + BACKWARD. If unset in a SchemaSubject-level SchemaConfig, defaults + to the global value. If unset in a SchemaRegistry-level + SchemaConfig, reverts to the default value. type: string - format: google-datetime - labels: - description: Optional. Labels as key value pairs. - type: object - additionalProperties: - type: string - capacityConfig: - description: Required. Capacity configuration for the Kafka cluster. - $ref: '#/components/schemas/CapacityConfig' - rebalanceConfig: - description: Optional. Rebalance configuration for the Kafka cluster. - $ref: '#/components/schemas/RebalanceConfig' - state: - description: Output only. The current state of the cluster. - readOnly: true - type: string - enumDescriptions: - - A state was not specified. - - The cluster is being created. - - The cluster is active. - - The cluster is being deleted. enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - tlsConfig: - description: Optional. TLS configuration for the Kafka cluster. - $ref: '#/components/schemas/TlsConfig' - GcpConfig: - id: GcpConfig - description: >- - Configuration properties for a Kafka cluster deployed to Google Cloud - Platform. - type: object - properties: - accessConfig: - description: Required. Access configuration for the Kafka cluster. - $ref: '#/components/schemas/AccessConfig' - kmsKey: + - NONE + - BACKWARD + - BACKWARD_TRANSITIVE + - FORWARD + - FORWARD_TRANSITIVE + - FULL + - FULL_TRANSITIVE + enumDescriptions: + - No compatibility check. + - Backwards compatible with the most recent version. + - Backwards compatible with all previous versions. + - Forwards compatible with the most recent version. + - Forwards compatible with all previous versions. + - Backwards and forwards compatible with the most recent version. + - Backwards and forwards compatible with all previous versions. + normalize: description: >- - Optional. Immutable. The Cloud KMS Key name to use for encryption. - The key must be located in the same region as the cluster and cannot - be changed. Structured like: - projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. - type: string - AccessConfig: - id: AccessConfig - description: The configuration of access to the Kafka cluster. + Optional. If true, the schema will be normalized before being stored + or looked up. The default is false. If unset in a + SchemaSubject-level SchemaConfig, the global value will be used. If + unset in a SchemaRegistry-level SchemaConfig, reverts to the default + value. + type: boolean + ConnectAccessConfig: + id: ConnectAccessConfig type: object + description: The configuration of access to the Kafka Connect cluster. properties: networkConfigs: description: >- Required. Virtual Private Cloud (VPC) networks that must be granted - direct access to the Kafka cluster. Minimum of 1 network is + direct access to the Kafka Connect cluster. Minimum of 1 network is required. Maximum 10 networks can be specified. - type: array items: - $ref: '#/components/schemas/NetworkConfig' - NetworkConfig: - id: NetworkConfig + $ref: '#/components/schemas/ConnectNetworkConfig' + type: array + ConnectNetworkConfig: + id: ConnectNetworkConfig description: >- The configuration of a Virtual Private Cloud (VPC) network that can - access the Kafka cluster. - type: object - properties: - subnet: - description: >- - Required. Name of the VPC subnet in which to create Private Service - Connect (PSC) endpoints for the Kafka brokers and bootstrap address. - Structured like: - projects/{project}/regions/{region}/subnetworks/{subnet_id} The - subnet must be located in the same region as the Kafka cluster. The - project may differ. Multiple subnets from the same parent network - must not be specified. - type: string - CapacityConfig: - id: CapacityConfig - description: A capacity configuration of a Kafka cluster. + access the Kafka Connect cluster. type: object properties: - vcpuCount: + additionalSubnets: + items: + type: string description: >- - Required. The number of vCPUs to provision for the cluster. Minimum: - 3. - type: string - format: int64 - memoryBytes: + Optional. Additional subnets may be specified. They may be in + another region, but must be in the same VPC network. The Connect + workers can communicate with network endpoints in either the primary + or additional subnets. + type: array + dnsDomainNames: + items: + type: string description: >- - Required. The memory to provision for the cluster in bytes. The - CPU:memory ratio (vCPU:GiB) must be between 1:1 and 1:8. Minimum: - 3221225472 (3 GiB). - type: string - format: int64 - RebalanceConfig: - id: RebalanceConfig - description: Defines rebalancing behavior of a Kafka cluster. - type: object - properties: - mode: + Optional. Additional DNS domain names from the subnet's network to + be made visible to the Connect Cluster. When using MirrorMaker2, + it's necessary to add the bootstrap address's dns domain name of the + target cluster to make it visible to the connector. For example: + my-kafka-cluster.us-central1.managedkafka.my-project.cloud.goog + type: array + primarySubnet: description: >- - Optional. The rebalance behavior for the cluster. When not - specified, defaults to `NO_REBALANCE`. + Required. VPC subnet to make available to the Kafka Connect cluster. + Structured like: + projects/{project}/regions/{region}/subnetworks/{subnet_id} It is + used to create a Private Service Connect (PSC) interface for the + Kafka Connect workers. It must be located in the same region as the + Kafka Connect cluster. The CIDR range of the subnet must be within + the IPv4 address ranges for private networks, as specified in RFC + 1918. The primary subnet CIDR range must have a minimum size of /22 + (1024 addresses). type: string - enumDescriptions: - - A mode was not specified. Do not use. - - Do not rebalance automatically. - - >- - Automatically rebalance topic partitions among brokers when the - cluster is scaled up. - enum: - - MODE_UNSPECIFIED - - NO_REBALANCE - - AUTO_REBALANCE_ON_SCALE_UP - TlsConfig: - id: TlsConfig - description: The TLS configuration for the Kafka cluster. + RemoveAclEntryResponse: + id: RemoveAclEntryResponse type: object + description: Response for RemoveAclEntry. properties: - trustConfig: + aclDeleted: + type: boolean description: >- - Optional. The configuration of the broker truststore. If specified, - clients can use mTLS for authentication. - $ref: '#/components/schemas/TrustConfig' - sslPrincipalMappingRules: + Returned with value true if the removed acl entry was the last entry + in the acl, resulting in acl deletion. + acl: + $ref: '#/components/schemas/Acl' description: >- - Optional. A list of rules for mapping from SSL principal names to - short names. These are applied in order by Kafka. Refer to the - Apache Kafka documentation for `ssl.principal.mapping.rules` for the - precise formatting details and syntax. Example: - "RULE:^CN=(.*?),OU=ServiceUsers.*$/$1@example.com/,DEFAULT" This is - a static Kafka broker configuration. Setting or modifying this field - will trigger a rolling restart of the Kafka brokers to apply the - change. An empty string means no rules are applied (Kafka default). - type: string - TrustConfig: - id: TrustConfig - description: Sources of CA certificates to install in the broker's truststore. + The updated acl. Returned if the removed acl entry was not the last + entry in the acl. + SchemaRegistry: + id: SchemaRegistry type: object properties: - casConfigs: - description: >- - Optional. Configuration for the Google Certificate Authority - Service. Maximum 10. + contexts: type: array + description: Output only. The contexts of the schema registry instance. items: - $ref: '#/components/schemas/CertificateAuthorityServiceConfig' + type: string + readOnly: true + name: + description: >- + Identifier. The name of the schema registry instance. Structured + like: + `projects/{project}/locations/{location}/schemaRegistries/{schema_registry}` + The instance name {schema_registry} can contain the following: * Up + to 255 characters. * Letters (uppercase or lowercase), numbers, and + underscores. + type: string + description: SchemaRegistry is a schema registry instance. CertificateAuthorityServiceConfig: - id: CertificateAuthorityServiceConfig - description: A configuration for the Google Certificate Authority Service. type: object + description: A configuration for the Google Certificate Authority Service. + id: CertificateAuthorityServiceConfig properties: caPool: + type: string description: >- Required. The name of the CA pool to pull CA certificates from. Structured like: projects/{project}/locations/{location}/caPools/{ca_pool}. The CA pool does not need to be in the same project or location as the Kafka cluster. - type: string - ListTopicsResponse: - id: ListTopicsResponse - description: Response for ListTopics. - type: object + ListConnectorsResponse: + id: ListConnectorsResponse properties: - topics: - description: >- - The list of topics in the requested parent. The order of the topics - is unspecified. - type: array - items: - $ref: '#/components/schemas/Topic' nextPageToken: description: >- A token that can be sent as `page_token` to retrieve the next page of results. If this field is omitted, there are no more results. type: string - Topic: - id: Topic - description: A Kafka topic in a given cluster. + connectors: + items: + $ref: '#/components/schemas/Connector' + type: array + description: The list of connectors in the requested parent. + type: object + description: Response for ListConnectors. + AddAclEntryResponse: type: object properties: - name: - description: >- - Identifier. The name of the topic. The `topic` segment is used when - connecting directly to the cluster. Structured like: - projects/{project}/locations/{location}/clusters/{cluster}/topics/{topic} - type: string - partitionCount: - description: >- - Required. The number of partitions this topic has. The partition - count can only be increased, not decreased. Please note that if - partitions are increased for a topic that has a key, the - partitioning logic or the ordering of the messages will be affected. - type: integer - format: int32 - replicationFactor: + aclCreated: + type: boolean + description: Whether the acl was created as a result of adding the acl entry. + acl: + $ref: '#/components/schemas/Acl' + description: The updated acl. + description: Response for AddAclEntry. + id: AddAclEntryResponse + PauseConnectorRequest: + type: object + properties: {} + description: Request for PauseConnector. + id: PauseConnectorRequest + TlsConfig: + properties: + sslPrincipalMappingRules: + type: string description: >- - Required. Immutable. The number of replicas of each partition. A - replication factor of 3 is recommended for high availability. - type: integer - format: int32 - configs: + Optional. A list of rules for mapping from SSL principal names to + short names. These are applied in order by Kafka. Refer to the + Apache Kafka documentation for `ssl.principal.mapping.rules` for the + precise formatting details and syntax. Example: + "RULE:^CN=(.*?),OU=ServiceUsers.*$/$1@example.com/,DEFAULT" This is + a static Kafka broker configuration. Setting or modifying this field + will trigger a rolling restart of the Kafka brokers to apply the + change. An empty string means no rules are applied (Kafka default). + trustConfig: description: >- - Optional. Configurations for the topic that are overridden from the - cluster defaults. The key of the map is a Kafka topic property name, - for example: `cleanup.policy`, `compression.type`. - type: object - additionalProperties: - type: string - ListConsumerGroupsResponse: - id: ListConsumerGroupsResponse - description: Response for ListConsumerGroups. + Optional. The configuration of the broker truststore. If specified, + clients can use mTLS for authentication. + $ref: '#/components/schemas/TrustConfig' type: object + id: TlsConfig + description: The TLS configuration for the Kafka cluster. + ListLocationsResponse: + description: The response message for Locations.ListLocations. properties: - consumerGroups: - description: >- - The list of consumer group in the requested parent. The order of the - consumer groups is unspecified. - type: array + locations: items: - $ref: '#/components/schemas/ConsumerGroup' - nextPageToken: + $ref: '#/components/schemas/Location' + type: array description: >- - A token that can be sent as `page_token` to retrieve the next page - of results. If this field is omitted, there are no more results. + A list of locations that matches the specified filter in the + request. + nextPageToken: + description: The standard List next-page token. type: string - ConsumerGroup: - id: ConsumerGroup - description: A Kafka consumer group in a given cluster. type: object + id: ListLocationsResponse + StopConnectorResponse: + type: object + properties: {} + description: Response for StopConnector. + id: StopConnectorResponse + RebalanceConfig: properties: - name: - description: >- - Identifier. The name of the consumer group. The `consumer_group` - segment is used when connecting directly to the cluster. Structured - like: - projects/{project}/locations/{location}/clusters/{cluster}/consumerGroups/{consumer_group} + mode: + enumDescriptions: + - A mode was not specified. Do not use. + - Do not rebalance automatically. + - >- + Automatically rebalance topic partitions among brokers when the + cluster is scaled up. type: string - topics: description: >- - Optional. Metadata for this consumer group for all topics it has - metadata for. The key of the map is a topic name, structured like: - projects/{project}/locations/{location}/clusters/{cluster}/topics/{topic} - type: object - additionalProperties: - $ref: '#/components/schemas/ConsumerTopicMetadata' - ConsumerTopicMetadata: - id: ConsumerTopicMetadata - description: Metadata for a consumer group corresponding to a specific topic. + Optional. The rebalance behavior for the cluster. When not + specified, defaults to `NO_REBALANCE`. + enum: + - MODE_UNSPECIFIED + - NO_REBALANCE + - AUTO_REBALANCE_ON_SCALE_UP + type: object + description: Defines rebalancing behavior of a Kafka cluster. + id: RebalanceConfig + RestartConnectorResponse: + description: Response for RestartConnector. + type: object + properties: {} + id: RestartConnectorResponse + CheckCompatibilityResponse: type: object + id: CheckCompatibilityResponse + description: Response for CheckCompatibility. properties: - partitions: + messages: + type: array + items: + type: string + description: Failure reasons if verbose = true. + is_compatible: description: >- - Optional. Metadata for this consumer group and topic for all - partition indexes it has metadata for. - type: object - additionalProperties: - $ref: '#/components/schemas/ConsumerPartitionMetadata' - ConsumerPartitionMetadata: - id: ConsumerPartitionMetadata - description: Metadata for a consumer group corresponding to a specific partition. + The compatibility check result. If true, the schema is compatible + with the resource. + type: boolean + ResumeConnectorRequest: + description: Request for ResumeConnector. + id: ResumeConnectorRequest type: object + properties: {} + ConnectCluster: properties: - offset: + config: + additionalProperties: + type: string description: >- - Required. The current offset for this partition, or 0 if no offset - has been committed. + Optional. Configurations for the worker that are overridden from the + defaults. The key of the map is a Kafka Connect worker property + name, for example: `exactly.once.source.support`. + type: object + createTime: + description: Output only. The time when the cluster was created. + format: google-datetime + readOnly: true type: string - format: int64 - metadata: + state: + enumDescriptions: + - A state was not specified. + - The cluster is being created. + - The cluster is active. + - The cluster is being deleted. + - The cluster is detached. + type: string + description: Output only. The current state of the Kafka Connect cluster. + readOnly: true + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + - DETACHED + labels: + description: Optional. Labels as key value pairs. + additionalProperties: + type: string + type: object + satisfiesPzs: + type: boolean + readOnly: true + description: Output only. Reserved for future use. + gcpConfig: description: >- - Optional. The associated metadata for this partition, or empty if it - does not exist. + Required. Configuration properties for a Kafka Connect cluster + deployed to Google Cloud Platform. + $ref: '#/components/schemas/ConnectGcpConfig' + updateTime: + readOnly: true type: string - ListAclsResponse: - id: ListAclsResponse - description: Response for ListAcls. + format: google-datetime + description: Output only. The time when the cluster was last updated. + capacityConfig: + description: Required. Capacity configuration for the Kafka Connect cluster. + $ref: '#/components/schemas/CapacityConfig' + name: + description: >- + Identifier. The name of the Kafka Connect cluster. Structured like: + projects/{project_number}/locations/{location}/connectClusters/{connect_cluster_id} + type: string + satisfiesPzi: + type: boolean + readOnly: true + description: Output only. Reserved for future use. + kafkaCluster: + description: >- + Required. Immutable. The name of the Kafka cluster this Kafka + Connect cluster is attached to. Structured like: + projects/{project}/locations/{location}/clusters/{cluster} + type: string + description: An Apache Kafka Connect cluster deployed in a location. type: object + id: ConnectCluster + LookupVersionRequest: properties: - acls: + schemaType: + type: string + enumDescriptions: + - No schema type. The default will be AVRO. + - Avro schema type. + - JSON schema type. + - Protobuf schema type. + description: Optional. The schema type of the schema. + enum: + - SCHEMA_TYPE_UNSPECIFIED + - AVRO + - JSON + - PROTOBUF + normalize: description: >- - The list of acls in the requested parent. The order of the acls is - unspecified. - type: array + Optional. If true, the schema will be normalized before being looked + up. The default is false. + type: boolean + references: + description: Optional. The schema references used by the schema. items: - $ref: '#/components/schemas/Acl' - nextPageToken: + $ref: '#/components/schemas/SchemaReference' + type: array + deleted: description: >- - A token that can be sent as `page_token` to retrieve the next page - of results. If this field is omitted, there are no more results. + Optional. If true, soft-deleted versions will be included in lookup, + no matter if the subject is active or soft-deleted. If false, + soft-deleted versions will be excluded. The default is false. + type: boolean + schema: + description: Required. The schema payload type: string + id: LookupVersionRequest + type: object + description: Request for LookupVersion. + RestartConnectorRequest: + properties: {} + type: object + id: RestartConnectorRequest + description: Request for RestartConnector. Acl: id: Acl + type: object description: >- Represents the set of ACLs for a given Kafka Resource Pattern, which consists of resource_type, resource_name and pattern_type. - type: object properties: name: description: >- @@ -515,14 +585,7 @@ components: `consumerGroup/*`) `allTransactionalIds` (represents `transactionalId/*`) type: string - aclEntries: - description: >- - Required. The ACL entries that apply to the resource pattern. The - maximum number of allowed entries 100. - type: array - items: - $ref: '#/components/schemas/AclEntry' - etag: + etag: description: >- Optional. `etag` is used for concurrency control. An `etag` is returned in the response to `GetAcl` and `CreateAcl`. Callers are @@ -534,11 +597,11 @@ components: due to repeated field limits. type: string resourceType: + type: string + readOnly: true description: >- Output only. The ACL resource type derived from the name. One of: CLUSTER, TOPIC, GROUP, TRANSACTIONAL_ID. - readOnly: true - type: string resourceName: description: >- Output only. The ACL resource name derived from the name. For @@ -547,28 +610,196 @@ components: readOnly: true type: string patternType: + type: string + readOnly: true description: >- Output only. The ACL pattern type derived from the name. One of: LITERAL, PREFIXED. + aclEntries: + description: >- + Required. The ACL entries that apply to the resource pattern. The + maximum number of allowed entries 100. + items: + $ref: '#/components/schemas/AclEntry' + type: array + CreateVersionResponse: + description: Response for CreateVersion. + properties: + id: + type: integer + format: int32 + description: The unique identifier of the schema created. + id: CreateVersionResponse + type: object + ListAclsResponse: + properties: + acls: + type: array + items: + $ref: '#/components/schemas/Acl' + description: >- + The list of acls in the requested parent. The order of the acls is + unspecified. + nextPageToken: + description: >- + A token that can be sent as `page_token` to retrieve the next page + of results. If this field is omitted, there are no more results. + type: string + description: Response for ListAcls. + type: object + id: ListAclsResponse + Operation: + description: >- + This resource represents a long-running operation that is the result of + a network API call. + properties: + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + response: + type: object + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + metadata: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string + type: object + id: Operation + CreateSchemaRegistryRequest: + properties: + schemaRegistry: + description: >- + Required. The schema registry instance to create. The name field is + ignored. + $ref: '#/components/schemas/SchemaRegistry' + schemaRegistryId: + description: >- + Required. The schema registry instance ID to use for this schema + registry. The ID must contain only letters (a-z, A-Z), numbers + (0-9), and underscores (-). The maximum length is 63 characters. The + ID must not start with a number. + type: string + description: Request to create a schema registry instance. + type: object + id: CreateSchemaRegistryRequest + SchemaReference: + description: SchemaReference is a reference to a schema. + type: object + properties: + subject: + description: Required. The subject of the reference. + type: string + name: + description: Required. The name of the reference. + type: string + version: + type: integer + format: int32 + description: Required. The version of the reference. + id: SchemaReference + OperationMetadata: + id: OperationMetadata + description: Represents the metadata of the long-running operation. + properties: + endTime: + format: google-datetime + description: Output only. The time the operation finished running. + readOnly: true + type: string + apiVersion: + description: Output only. API version used to start the operation. + type: string + readOnly: true + verb: + type: string + readOnly: true + description: Output only. Name of the verb executed by the operation. + requestedCancellation: + description: >- + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have been cancelled successfully + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. + type: boolean + readOnly: true + target: + description: >- + Output only. Server-defined resource path for the target of the + operation. + readOnly: true + type: string + createTime: + readOnly: true + description: Output only. The time the operation was created. + type: string + format: google-datetime + statusMessage: + description: Output only. Human-readable status of the operation, if any. readOnly: true type: string - AclEntry: - id: AclEntry - description: Represents the access granted for a given Resource Pattern in an ACL. type: object + ListConsumerGroupsResponse: + id: ListConsumerGroupsResponse + description: Response for ListConsumerGroups. properties: - principal: + consumerGroups: description: >- - Required. The principal. Specified as Google Cloud account, with the - Kafka StandardAuthorizer prefix "User:". For example: - "User:test-kafka-client@test-project.iam.gserviceaccount.com". Can - be the wildcard "User:*" to refer to all users. + The list of consumer group in the requested parent. The order of the + consumer groups is unspecified. + type: array + items: + $ref: '#/components/schemas/ConsumerGroup' + nextPageToken: type: string + description: >- + A token that can be sent as `page_token` to retrieve the next page + of results. If this field is omitted, there are no more results. + type: object + AclEntry: + properties: permissionType: description: >- Required. The permission type. Accepted values are (case insensitive): ALLOW, DENY. type: string + host: + type: string + description: >- + Required. The host. Must be set to "*" for Managed Service for + Apache Kafka. operation: description: >- Required. The operation type. Allowed values are (case insensitive): @@ -578,436 +809,112 @@ components: for valid combinations of resource_type and operation for different Kafka API requests. type: string - host: + principal: description: >- - Required. The host. Must be set to "*" for Managed Service for - Apache Kafka. + Required. The principal. Specified as Google Cloud account, with the + Kafka StandardAuthorizer prefix "User:". For example: + "User:test-kafka-client@test-project.iam.gserviceaccount.com". Can + be the wildcard "User:*" to refer to all users. type: string - AddAclEntryResponse: - id: AddAclEntryResponse - description: Response for AddAclEntry. - type: object - properties: - acl: - description: The updated acl. - $ref: '#/components/schemas/Acl' - aclCreated: - description: Whether the acl was created as a result of adding the acl entry. - type: boolean - RemoveAclEntryResponse: - id: RemoveAclEntryResponse - description: Response for RemoveAclEntry. + description: Represents the access granted for a given Resource Pattern in an ACL. + id: AclEntry type: object - properties: - acl: - description: >- - The updated acl. Returned if the removed acl entry was not the last - entry in the acl. - $ref: '#/components/schemas/Acl' - aclDeleted: - description: >- - Returned with value true if the removed acl entry was the last entry - in the acl, resulting in acl deletion. - type: boolean ListConnectClustersResponse: - id: ListConnectClustersResponse - description: Response for ListConnectClusters. - type: object properties: - connectClusters: - description: The list of Connect clusters in the requested parent. + unreachable: type: array + description: Locations that could not be reached. + items: + type: string + connectClusters: items: $ref: '#/components/schemas/ConnectCluster' + type: array + description: The list of Connect clusters in the requested parent. nextPageToken: + type: string description: >- A token that can be sent as `page_token` to retrieve the next page of results. If this field is omitted, there are no more results. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - ConnectCluster: - id: ConnectCluster - description: An Apache Kafka Connect cluster deployed in a location. + id: ListConnectClustersResponse type: object - properties: - gcpConfig: - description: >- - Required. Configuration properties for a Kafka Connect cluster - deployed to Google Cloud Platform. - $ref: '#/components/schemas/ConnectGcpConfig' - name: - description: >- - Identifier. The name of the Kafka Connect cluster. Structured like: - projects/{project_number}/locations/{location}/connectClusters/{connect_cluster_id} - type: string - kafkaCluster: - description: >- - Required. Immutable. The name of the Kafka cluster this Kafka - Connect cluster is attached to. Structured like: - projects/{project}/locations/{location}/clusters/{cluster} - type: string - createTime: - description: Output only. The time when the cluster was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time when the cluster was last updated. - readOnly: true - type: string - format: google-datetime - labels: - description: Optional. Labels as key value pairs. - type: object - additionalProperties: - type: string - capacityConfig: - description: Required. Capacity configuration for the Kafka Connect cluster. - $ref: '#/components/schemas/CapacityConfig' - state: - description: Output only. The current state of the cluster. - readOnly: true - type: string - enumDescriptions: - - A state was not specified. - - The cluster is being created. - - The cluster is active. - - The cluster is being deleted. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - config: - description: >- - Optional. Configurations for the worker that are overridden from the - defaults. The key of the map is a Kafka Connect worker property - name, for example: `exactly.once.source.support`. - type: object - additionalProperties: - type: string - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - ConnectGcpConfig: - id: ConnectGcpConfig - description: >- - Configuration properties for a Kafka Connect cluster deployed to Google - Cloud Platform. - type: object - properties: - accessConfig: - description: Required. Access configuration for the Kafka Connect cluster. - $ref: '#/components/schemas/ConnectAccessConfig' - secretPaths: - description: >- - Optional. Secrets to load into workers. Exact SecretVersions from - Secret Manager must be provided -- aliases are not supported. Up to - 32 secrets may be loaded into one cluster. Format: - projects//secrets//versions/ - type: array - items: - type: string - ConnectAccessConfig: - id: ConnectAccessConfig - description: The configuration of access to the Kafka Connect cluster. - type: object - properties: - networkConfigs: - description: >- - Required. Virtual Private Cloud (VPC) networks that must be granted - direct access to the Kafka Connect cluster. Minimum of 1 network is - required. Maximum 10 networks can be specified. - type: array - items: - $ref: '#/components/schemas/ConnectNetworkConfig' - ConnectNetworkConfig: - id: ConnectNetworkConfig - description: >- - The configuration of a Virtual Private Cloud (VPC) network that can - access the Kafka Connect cluster. - type: object - properties: - primarySubnet: - description: >- - Required. VPC subnet to make available to the Kafka Connect cluster. - Structured like: - projects/{project}/regions/{region}/subnetworks/{subnet_id} It is - used to create a Private Service Connect (PSC) interface for the - Kafka Connect workers. It must be located in the same region as the - Kafka Connect cluster. The CIDR range of the subnet must be within - the IPv4 address ranges for private networks, as specified in RFC - 1918. The primary subnet CIDR range must have a minimum size of /22 - (1024 addresses). - type: string - additionalSubnets: - description: >- - Optional. Additional subnets may be specified. They may be in - another region, but must be in the same VPC network. The Connect - workers can communicate with network endpoints in either the primary - or additional subnets. - type: array - items: - type: string - dnsDomainNames: - description: >- - Optional. Additional DNS domain names from the subnet's network to - be made visible to the Connect Cluster. When using MirrorMaker2, - it's necessary to add the bootstrap address's dns domain name of the - target cluster to make it visible to the connector. For example: - my-kafka-cluster.us-central1.managedkafka.my-project.cloud.goog - type: array - items: - type: string - ListConnectorsResponse: - id: ListConnectorsResponse - description: Response for ListConnectors. - type: object - properties: - connectors: - description: The list of connectors in the requested parent. - type: array - items: - $ref: '#/components/schemas/Connector' - nextPageToken: - description: >- - A token that can be sent as `page_token` to retrieve the next page - of results. If this field is omitted, there are no more results. - type: string - Connector: - id: Connector - description: A Kafka Connect connector in a given ConnectCluster. - type: object - properties: - taskRestartPolicy: - description: Optional. Restarts the individual tasks of a Connector. - $ref: '#/components/schemas/TaskRetryPolicy' - name: - description: >- - Identifier. The name of the connector. Structured like: - projects/{project}/locations/{location}/connectClusters/{connect_cluster}/connectors/{connector} - type: string - configs: - description: >- - Optional. Connector config as keys/values. The keys of the map are - connector property names, for example: `connector.class`, - `tasks.max`, `key.converter`. - type: object - additionalProperties: - type: string - state: - description: Output only. The current state of the connector. - readOnly: true - type: string - enumDescriptions: - - A state was not specified. - - The connector is not assigned to any tasks, usually transient. - - The connector is running. - - The connector has been paused. - - The connector has failed. See logs for why. - - The connector is restarting. - - The connector has been stopped. - enum: - - STATE_UNSPECIFIED - - UNASSIGNED - - RUNNING - - PAUSED - - FAILED - - RESTARTING - - STOPPED - TaskRetryPolicy: - id: TaskRetryPolicy - description: >- - Task Retry Policy is implemented on a best-effort basis. Retry delay - will be exponential based on provided minimum and maximum backoffs. - https://en.wikipedia.org/wiki/Exponential_backoff. Note that the delay - between consecutive task restarts may not always precisely match the - configured settings. This can happen when the ConnectCluster is in - rebalancing state or if the ConnectCluster is unresponsive etc. The - default values for minimum and maximum backoffs are 60 seconds and 30 - minutes respectively. - type: object - properties: - minimumBackoff: - description: >- - Optional. The minimum amount of time to wait before retrying a - failed task. This sets a lower bound for the backoff delay. - type: string - format: google-duration - maximumBackoff: - description: >- - Optional. The maximum amount of time to wait before retrying a - failed task. This sets an upper bound for the backoff delay. - type: string - format: google-duration - PauseConnectorRequest: - id: PauseConnectorRequest - description: Request for PauseConnector. - type: object - properties: {} - PauseConnectorResponse: - id: PauseConnectorResponse - description: Response for PauseConnector. - type: object - properties: {} - ResumeConnectorRequest: - id: ResumeConnectorRequest - description: Request for ResumeConnector. - type: object - properties: {} - ResumeConnectorResponse: - id: ResumeConnectorResponse - description: Response for ResumeConnector. - type: object - properties: {} - RestartConnectorRequest: - id: RestartConnectorRequest - description: Request for RestartConnector. - type: object - properties: {} - RestartConnectorResponse: - id: RestartConnectorResponse - description: Response for RestartConnector. - type: object - properties: {} - StopConnectorRequest: - id: StopConnectorRequest - description: Request for StopConnector. - type: object - properties: {} - StopConnectorResponse: - id: StopConnectorResponse - description: Response for StopConnector. - type: object - properties: {} - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object - properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - SchemaRegistry: - id: SchemaRegistry - description: SchemaRegistry is a schema registry instance. + description: Response for ListConnectClusters. + Status: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). type: object + id: Status properties: - name: - description: >- - Identifier. The name of the schema registry instance. Structured - like: - `projects/{project}/locations/{location}/schemaRegistries/{schema_registry}` - The instance name {schema_registry} can contain the following: * Up - to 255 characters. * Letters (uppercase or lowercase), numbers, and - underscores. - type: string - contexts: - description: Output only. The contexts of the schema registry instance. - readOnly: true + details: type: array + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. items: - type: string - ListSchemaRegistriesResponse: - id: ListSchemaRegistriesResponse - description: Request for ListSchemaRegistries. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + code: + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + format: int32 + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + Schema: type: object properties: - schemaRegistries: - description: The schema registry instances. + references: + description: Optional. The schema references used by the schema. type: array items: - $ref: '#/components/schemas/SchemaRegistry' - CreateSchemaRegistryRequest: - id: CreateSchemaRegistryRequest - description: Request to create a schema registry instance. - type: object - properties: - schemaRegistryId: - description: >- - Required. The schema registry instance ID to use for this schema - registry. The ID must contain only letters (a-z, A-Z), numbers - (0-9), and underscores (-). The maximum length is 63 characters. The - ID must not start with a number. + $ref: '#/components/schemas/SchemaReference' + schema: type: string - schemaRegistry: - description: >- - Required. The schema registry instance to create. The name field is - ignored. - $ref: '#/components/schemas/SchemaRegistry' - Context: - id: Context - description: >- - Context represents an independent schema grouping in a schema registry - instance. + description: The schema payload. + schemaType: + description: Optional. The schema type of the schema. + enumDescriptions: + - No schema type. The default will be AVRO. + - Avro schema type. + - JSON schema type. + - Protobuf schema type. + type: string + enum: + - SCHEMA_TYPE_UNSPECIFIED + - AVRO + - JSON + - PROTOBUF + id: Schema + description: Schema for a Kafka message. + GcpConfig: + id: GcpConfig type: object properties: - name: + accessConfig: + $ref: '#/components/schemas/AccessConfig' + description: Required. Access configuration for the Kafka cluster. + kmsKey: description: >- - Identifier. The name of the context. Structured like: - `projects/{project}/locations/{location}/schemaRegistries/{schema_registry}/contexts/{context}` - The context name {context} can contain the following: * Up to 255 - characters. * Allowed characters: letters (uppercase or lowercase), - numbers, and the following special characters: `.`, `-`, `_`, `+`, - `%`, and `~`. + Optional. Immutable. The Cloud KMS Key name to use for encryption. + The key must be located in the same region as the cluster and cannot + be changed. Structured like: + projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. type: string - subjects: - description: Optional. The subjects of the context. - type: array - items: - type: string + description: >- + Configuration properties for a Kafka cluster deployed to Google Cloud + Platform. HttpBody: - id: HttpBody description: >- Message that represents an arbitrary HTTP body. It should only be used for payload formats that can't be represented as JSON, such as raw @@ -1027,329 +934,295 @@ components: returns (stream google.api.HttpBody); } Use of this type only changes how the request and response bodies are handled, all other features will continue to work unchanged. - type: object properties: - contentType: - description: >- - The HTTP Content-Type header value specifying the content type of - the body. - type: string - data: - description: The HTTP request/response body as raw binary. - type: string - format: byte extensions: description: >- Application specific response metadata. Must be set in the first response for streaming APIs. - type: array items: - type: object additionalProperties: - type: any description: Properties of the object. Contains field @type with type URL. - Schema: - id: Schema - description: Schema for a Kafka message. - type: object - properties: - schemaType: - description: Optional. The schema type of the schema. + type: any + type: object + type: array + data: type: string - enumDescriptions: - - No schema type. The default will be AVRO. - - Avro schema type. - - JSON schema type. - - Protobuf schema type. - enum: - - SCHEMA_TYPE_UNSPECIFIED - - AVRO - - JSON - - PROTOBUF - schema: - description: The schema payload. + description: The HTTP request/response body as raw binary. + format: byte + contentType: + description: >- + The HTTP Content-Type header value specifying the content type of + the body. type: string - references: - description: Optional. The schema references used by the schema. + type: object + id: HttpBody + ListSchemaRegistriesResponse: + description: Request for ListSchemaRegistries. + properties: + schemaRegistries: type: array + description: The schema registry instances. items: - $ref: '#/components/schemas/SchemaReference' - SchemaReference: - id: SchemaReference - description: SchemaReference is a reference to a schema. + $ref: '#/components/schemas/SchemaRegistry' + id: ListSchemaRegistriesResponse + type: object + StopConnectorRequest: + description: Request for StopConnector. + properties: {} + id: StopConnectorRequest + type: object + TrustConfig: + id: TrustConfig + description: Sources of CA certificates to install in the broker's truststore. + type: object + properties: + casConfigs: + type: array + description: >- + Optional. Configuration for the Google Certificate Authority + Service. Maximum 10. + items: + $ref: '#/components/schemas/CertificateAuthorityServiceConfig' + CancelOperationRequest: + properties: {} + type: object + id: CancelOperationRequest + description: The request message for Operations.CancelOperation. + ResumeConnectorResponse: + description: Response for ResumeConnector. + type: object + id: ResumeConnectorResponse + properties: {} + Connector: type: object properties: name: - description: Required. The name of the reference. + description: >- + Identifier. The name of the connector. Structured like: + projects/{project}/locations/{location}/connectClusters/{connect_cluster}/connectors/{connector} type: string - subject: - description: Required. The subject of the reference. + state: type: string - version: - description: Required. The version of the reference. - type: integer - format: int32 - LookupVersionRequest: - id: LookupVersionRequest - description: Request for LookupVersion. + enumDescriptions: + - A state was not specified. + - The connector is not assigned to any tasks, usually transient. + - The connector is running. + - The connector has been paused. + - The connector has failed. See logs for why. + - The connector is restarting. + - The connector has been stopped. + enum: + - STATE_UNSPECIFIED + - UNASSIGNED + - RUNNING + - PAUSED + - FAILED + - RESTARTING + - STOPPED + description: Output only. The current state of the connector. + readOnly: true + taskRestartPolicy: + $ref: '#/components/schemas/TaskRetryPolicy' + description: Optional. Restarts the individual tasks of a Connector. + configs: + additionalProperties: + type: string + type: object + description: >- + Optional. Connector config as keys/values. The keys of the map are + connector property names, for example: `connector.class`, + `tasks.max`, `key.converter`. + description: A Kafka Connect connector in a given ConnectCluster. + id: Connector + ConsumerTopicMetadata: + id: ConsumerTopicMetadata + properties: + partitions: + additionalProperties: + $ref: '#/components/schemas/ConsumerPartitionMetadata' + type: object + description: >- + Optional. Metadata for this consumer group and topic for all + partition indexes it has metadata for. type: object + description: Metadata for a consumer group corresponding to a specific topic. + AccessConfig: properties: - schemaType: - description: Optional. The schema type of the schema. - type: string - enumDescriptions: - - No schema type. The default will be AVRO. - - Avro schema type. - - JSON schema type. - - Protobuf schema type. - enum: - - SCHEMA_TYPE_UNSPECIFIED - - AVRO - - JSON - - PROTOBUF - schema: - description: Required. The schema payload - type: string - references: - description: Optional. The schema references used by the schema. + networkConfigs: type: array + description: >- + Required. Virtual Private Cloud (VPC) networks that must be granted + direct access to the Kafka cluster. Minimum of 1 network is + required. Maximum 10 networks can be specified. items: - $ref: '#/components/schemas/SchemaReference' - normalize: + $ref: '#/components/schemas/NetworkConfig' + id: AccessConfig + description: The configuration of access to the Kafka cluster. + type: object + Cluster: + properties: + rebalanceConfig: + description: Optional. Rebalance configuration for the Kafka cluster. + $ref: '#/components/schemas/RebalanceConfig' + capacityConfig: + $ref: '#/components/schemas/CapacityConfig' + description: Required. Capacity configuration for the Kafka cluster. + updateOptions: description: >- - Optional. If true, the schema will be normalized before being looked - up. The default is false. + Optional. UpdateOptions represents options that control how updates + to the cluster are applied. + $ref: '#/components/schemas/UpdateOptions' + satisfiesPzi: + description: Output only. Reserved for future use. + readOnly: true type: boolean - deleted: + state: + enumDescriptions: + - A state was not specified. + - The cluster is being created. + - The cluster is active. + - The cluster is being deleted. + type: string + description: Output only. The current state of the cluster. + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + readOnly: true + tlsConfig: + $ref: '#/components/schemas/TlsConfig' + description: Optional. TLS configuration for the Kafka cluster. + labels: + type: object + description: Optional. Labels as key value pairs. + additionalProperties: + type: string + name: description: >- - Optional. If true, soft-deleted versions will be included in lookup, - no matter if the subject is active or soft-deleted. If false, - soft-deleted versions will be excluded. The default is false. - type: boolean - SchemaVersion: - id: SchemaVersion - description: Version of a schema. - type: object - properties: - subject: - description: Required. The subject of the version. + Identifier. The name of the cluster. Structured like: + projects/{project_number}/locations/{location}/clusters/{cluster_id} type: string - version: - description: Required. The version ID - type: integer - format: int32 - id: - description: Required. The schema ID. - type: integer - format: int32 - schemaType: - description: Optional. The schema type of the schema. + updateTime: + description: Output only. The time when the cluster was last updated. + readOnly: true + format: google-datetime type: string - enumDescriptions: - - No schema type. The default will be AVRO. - - Avro schema type. - - JSON schema type. - - Protobuf schema type. - enum: - - SCHEMA_TYPE_UNSPECIFIED - - AVRO - - JSON - - PROTOBUF - schema: - description: Required. The schema payload. + satisfiesPzs: + readOnly: true + description: Output only. Reserved for future use. + type: boolean + createTime: + format: google-datetime + readOnly: true + description: Output only. The time when the cluster was created. type: string - references: - description: Optional. The schema references used by the schema. - type: array - items: - $ref: '#/components/schemas/SchemaReference' - CreateVersionRequest: - id: CreateVersionRequest - description: Request for CreateVersion. + gcpConfig: + $ref: '#/components/schemas/GcpConfig' + description: >- + Required. Configuration properties for a Kafka cluster deployed to + Google Cloud Platform. + description: An Apache Kafka cluster deployed in a location. + type: object + id: Cluster + CapacityConfig: type: object + id: CapacityConfig properties: - version: - description: >- - Optional. The version to create. It is optional. If not specified, - the version will be created with the max version ID of the subject - increased by 1. If the version ID is specified, it will be used as - the new version ID and must not be used by an existing version of - the subject. - type: integer - format: int32 - id: - description: >- - Optional. The schema ID of the schema. If not specified, the schema - ID will be generated by the server. If the schema ID is specified, - it must not be used by an existing schema that is different from the - schema to be created. - type: integer - format: int32 - schemaType: + memoryBytes: + format: int64 description: >- - Optional. The type of the schema. It is optional. If not specified, - the schema type will be AVRO. + Required. The memory to provision for the cluster in bytes. The + CPU:memory ratio (vCPU:GiB) must be between 1:1 and 1:8. Minimum: + 3221225472 (3 GiB). type: string - enumDescriptions: - - No schema type. The default will be AVRO. - - Avro schema type. - - JSON schema type. - - Protobuf schema type. - enum: - - SCHEMA_TYPE_UNSPECIFIED - - AVRO - - JSON - - PROTOBUF - schema: - description: Required. The schema payload + vcpuCount: type: string - references: - description: Optional. The schema references used by the schema. + description: >- + Required. The number of vCPUs to provision for the cluster. Minimum: + 3. + format: int64 + description: A capacity configuration of a Kafka cluster. + ListTopicsResponse: + description: Response for ListTopics. + properties: + topics: type: array + description: >- + The list of topics in the requested parent. The order of the topics + is unspecified. items: - $ref: '#/components/schemas/SchemaReference' - normalize: + $ref: '#/components/schemas/Topic' + nextPageToken: + type: string description: >- - Optional. If true, the schema will be normalized before being - stored. The default is false. - type: boolean - CreateVersionResponse: - id: CreateVersionResponse - description: Response for CreateVersion. - type: object - properties: - id: - description: The unique identifier of the schema created. - type: integer - format: int32 - CheckCompatibilityRequest: - id: CheckCompatibilityRequest - description: Request for CheckCompatibility. + A token that can be sent as `page_token` to retrieve the next page + of results. If this field is omitted, there are no more results. + id: ListTopicsResponse type: object + Context: + description: >- + Context represents an independent schema grouping in a schema registry + instance. + id: Context properties: - schemaType: - description: Optional. The schema type of the schema. - type: string - enumDescriptions: - - No schema type. The default will be AVRO. - - Avro schema type. - - JSON schema type. - - Protobuf schema type. - enum: - - SCHEMA_TYPE_UNSPECIFIED - - AVRO - - JSON - - PROTOBUF - schema: - description: Required. The schema payload - type: string - references: - description: Optional. The schema references used by the schema. + subjects: + description: Optional. The subjects of the context. type: array items: - $ref: '#/components/schemas/SchemaReference' - verbose: + type: string + name: description: >- - Optional. If true, the response will contain the compatibility check - result with reasons for failed checks. The default is false. - type: boolean - CheckCompatibilityResponse: - id: CheckCompatibilityResponse - description: Response for CheckCompatibility. + Identifier. The name of the context. Structured like: + `projects/{project}/locations/{location}/schemaRegistries/{schema_registry}/contexts/{context}` + The context name {context} can contain the following: * Up to 255 + characters. * Allowed characters: letters (uppercase or lowercase), + numbers, and the following special characters: `.`, `-`, `_`, `+`, + `%`, and `~`. + type: string + type: object + ConnectGcpConfig: + description: >- + Configuration properties for a Kafka Connect cluster deployed to Google + Cloud Platform. + id: ConnectGcpConfig type: object properties: - is_compatible: - description: >- - The compatibility check result. If true, the schema is compatible - with the resource. - type: boolean - messages: - description: Failure reasons if verbose = true. - type: array + secretPaths: items: type: string - SchemaConfig: - id: SchemaConfig - description: >- - SchemaConfig represents configuration for a schema registry or a - specific subject. - type: object - properties: - compatibility: - description: >- - Required. The compatibility type of the schema. The default value is - BACKWARD. If unset in a SchemaSubject-level SchemaConfig, defaults - to the global value. If unset in a SchemaRegistry-level - SchemaConfig, reverts to the default value. - type: string - enumDescriptions: - - No compatibility check. - - Backwards compatible with the most recent version. - - Backwards compatible with all previous versions. - - Forwards compatible with the most recent version. - - Forwards compatible with all previous versions. - - Backwards and forwards compatible with the most recent version. - - Backwards and forwards compatible with all previous versions. - enum: - - NONE - - BACKWARD - - BACKWARD_TRANSITIVE - - FORWARD - - FORWARD_TRANSITIVE - - FULL - - FULL_TRANSITIVE - normalize: - description: >- - Optional. If true, the schema will be normalized before being stored - or looked up. The default is false. If unset in a - SchemaSubject-level SchemaConfig, the global value will be used. If - unset in a SchemaRegistry-level SchemaConfig, reverts to the default - value. - type: boolean - alias: + type: array description: >- - Optional. The subject to which this subject is an alias of. Only - applicable for subject config. - type: string - UpdateSchemaConfigRequest: - id: UpdateSchemaConfigRequest - description: >- - Request for updating schema config. On a SchemaSubject-level - SchemaConfig, an unset field will be removed from the SchemaConfig. + Optional. Secrets to load into workers. Exact SecretVersions from + Secret Manager must be provided -- aliases are not supported. Up to + 32 secrets may be loaded into one cluster. Format: + projects//secrets//versions/ + accessConfig: + description: Required. Access configuration for the Kafka Connect cluster. + $ref: '#/components/schemas/ConnectAccessConfig' + PauseConnectorResponse: + id: PauseConnectorResponse + description: Response for PauseConnector. + properties: {} + type: object + ConsumerPartitionMetadata: + id: ConsumerPartitionMetadata + description: Metadata for a consumer group corresponding to a specific partition. type: object properties: - compatibility: + offset: + format: int64 + type: string description: >- - Required. The compatibility type of the schemas. Cannot be unset for - a SchemaRegistry-level SchemaConfig. If unset on a - SchemaSubject-level SchemaConfig, removes the compatibility field - for the SchemaConfig. + Required. The current offset for this partition, or 0 if no offset + has been committed. + metadata: type: string - enumDescriptions: - - No compatibility check. - - Backwards compatible with the most recent version. - - Backwards compatible with all previous versions. - - Forwards compatible with the most recent version. - - Forwards compatible with all previous versions. - - Backwards and forwards compatible with the most recent version. - - Backwards and forwards compatible with all previous versions. - enum: - - NONE - - BACKWARD - - BACKWARD_TRANSITIVE - - FORWARD - - FORWARD_TRANSITIVE - - FULL - - FULL_TRANSITIVE - normalize: description: >- - Optional. If true, the schema will be normalized before being stored - or looked up. The default is false. Cannot be unset for a - SchemaRegistry-level SchemaConfig. If unset on a SchemaSubject-level - SchemaConfig, removes the normalize field for the SchemaConfig. - type: boolean + Optional. The associated metadata for this partition, or empty if it + does not exist. SchemaMode: - id: SchemaMode + type: object description: >- SchemaMode represents the mode of a schema registry or a specific subject. Four modes are supported: * NONE: deprecated. This was the @@ -1359,14 +1232,12 @@ components: mode, which allows limited write operations on the schema. * IMPORT: The schema registry is in import mode, which allows more editing operations on the schema for data importing purposes. - type: object properties: mode: description: >- Required. The mode type of a schema registry (READWRITE by default) or of a subject (unset by default, which means use the global schema registry setting). - type: string enumDescriptions: - >- The default / unset value. The subject mode is NONE/unset by @@ -1375,19 +1246,28 @@ components: - READONLY mode. - READWRITE mode. - IMPORT mode. + type: string enum: - NONE - READONLY - READWRITE - IMPORT + id: SchemaMode + Empty: + type: object + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + properties: {} UpdateSchemaModeRequest: - id: UpdateSchemaModeRequest - description: Request for updating schema registry or subject mode. type: object + id: UpdateSchemaModeRequest properties: mode: description: Required. The mode type. - type: string enumDescriptions: - >- The default / unset value. The subject mode is NONE/unset by @@ -1396,69 +1276,246 @@ components: - READONLY mode. - READWRITE mode. - IMPORT mode. + type: string + enum: + - NONE + - READONLY + - READWRITE + - IMPORT + description: Request for updating schema registry or subject mode. + ListOperationsResponse: + type: object + properties: + nextPageToken: + description: The standard List next-page token. + type: string + operations: + description: >- + A list of operations that matches the specified filter in the + request. + type: array + items: + $ref: '#/components/schemas/Operation' + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + items: + type: string + id: ListOperationsResponse + description: The response message for Operations.ListOperations. + TaskRetryPolicy: + id: TaskRetryPolicy + description: >- + Task Retry Policy is implemented on a best-effort basis. The default + policy retries tasks with a minimum_backoff of 60 seconds, and a + maximum_backoff of 12 hours. You can disable the policy by setting the + task_retry_disabled field to true. Retry delay will be exponential based + on provided minimum and maximum backoffs. + https://en.wikipedia.org/wiki/Exponential_backoff. Note that the delay + between consecutive task restarts may not always precisely match the + configured settings. This can happen when the ConnectCluster is in + rebalancing state or if the ConnectCluster is unresponsive etc. The + default values for minimum and maximum backoffs are 60 seconds and 12 + hours respectively. + properties: + minimumBackoff: + description: >- + Optional. The minimum amount of time to wait before retrying a + failed task. This sets a lower bound for the backoff delay. + format: google-duration + type: string + taskRetryDisabled: + description: Optional. If true, task retry is disabled. + type: boolean + maximumBackoff: + description: >- + Optional. The maximum amount of time to wait before retrying a + failed task. This sets an upper bound for the backoff delay. + type: string + format: google-duration + type: object + NetworkConfig: + type: object + properties: + subnet: + description: >- + Required. Name of the VPC subnet in which to create Private Service + Connect (PSC) endpoints for the Kafka brokers and bootstrap address. + Structured like: + projects/{project}/regions/{region}/subnetworks/{subnet_id} The + subnet must be located in the same region as the Kafka cluster. The + project may differ. Multiple subnets from the same parent network + must not be specified. + type: string + id: NetworkConfig + description: >- + The configuration of a Virtual Private Cloud (VPC) network that can + access the Kafka cluster. + SchemaVersion: + description: Version of a schema. + type: object + properties: + id: + description: Required. The schema ID. + type: integer + format: int32 + schemaType: + description: Optional. The schema type of the schema. + enumDescriptions: + - No schema type. The default will be AVRO. + - Avro schema type. + - JSON schema type. + - Protobuf schema type. + type: string + enum: + - SCHEMA_TYPE_UNSPECIFIED + - AVRO + - JSON + - PROTOBUF + version: + format: int32 + type: integer + description: Required. The version ID + references: + type: array + description: Optional. The schema references used by the schema. + items: + $ref: '#/components/schemas/SchemaReference' + subject: + description: Required. The subject of the version. + type: string + schema: + description: Required. The schema payload. + type: string + id: SchemaVersion + ListClustersResponse: + properties: + clusters: + description: The list of Clusters in the requested parent. + items: + $ref: '#/components/schemas/Cluster' + type: array + unreachable: + description: Locations that could not be reached. + type: array + items: + type: string + nextPageToken: + description: >- + A token that can be sent as `page_token` to retrieve the next page + of results. If this field is omitted, there are no more results. + type: string + type: object + id: ListClustersResponse + description: Response for ListClusters. + UpdateSchemaConfigRequest: + description: >- + Request for updating schema config. On a SchemaSubject-level + SchemaConfig, an unset field will be removed from the SchemaConfig. + properties: + normalize: + description: >- + Optional. If true, the schema will be normalized before being stored + or looked up. The default is false. Cannot be unset for a + SchemaRegistry-level SchemaConfig. If unset on a SchemaSubject-level + SchemaConfig, removes the normalize field for the SchemaConfig. + type: boolean + compatibility: enum: - NONE - - READONLY - - READWRITE - - IMPORT - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. + - BACKWARD + - BACKWARD_TRANSITIVE + - FORWARD + - FORWARD_TRANSITIVE + - FULL + - FULL_TRANSITIVE + type: string + enumDescriptions: + - No compatibility check. + - Backwards compatible with the most recent version. + - Backwards compatible with all previous versions. + - Forwards compatible with the most recent version. + - Forwards compatible with all previous versions. + - Backwards and forwards compatible with the most recent version. + - Backwards and forwards compatible with all previous versions. + description: >- + Required. The compatibility type of the schemas. Cannot be unset for + a SchemaRegistry-level SchemaConfig. If unset on a + SchemaSubject-level SchemaConfig, removes the compatibility field + for the SchemaConfig. type: object + id: UpdateSchemaConfigRequest + Topic: + type: object + id: Topic + description: A Kafka topic in a given cluster. properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + name: type: string - format: google-datetime - target: description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true - type: string - requestedCancellation: + Identifier. The name of the topic. The `topic` segment is used when + connecting directly to the cluster. Structured like: + projects/{project}/locations/{location}/clusters/{cluster}/topics/{topic} + partitionCount: description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been cancelled successfully - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string + Required. The number of partitions this topic has. The partition + count can only be increased, not decreased. Please note that if + partitions are increased for a topic that has a key, the + partitioning logic or the ordering of the messages will be affected. + type: integer + format: int32 + configs: + additionalProperties: + type: string + description: >- + Optional. Configurations for the topic that are overridden from the + cluster defaults. The key of the map is a Kafka topic property name, + for example: `cleanup.policy`, `compression.type`. + type: object + replicationFactor: + format: int32 + description: >- + Required. Immutable. The number of replicas of each partition. A + replication factor of 3 is recommended for high availability. + type: integer parameters: - access_token: - description: OAuth access token. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: access_token + name: key schema: type: string - alt: - description: Data format for response. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: alt + name: quotaUser + schema: + type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv schema: type: string enum: - - json - - media - - proto + - '1' + - '2' + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean callback: description: JSONP in: query @@ -1471,13 +1528,10 @@ components: name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + access_token: + description: OAuth access token. in: query - name: key + name: access_token schema: type: string oauth_token: @@ -1486,42 +1540,28 @@ components: name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: prettyPrint + name: uploadType schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + type: string + alt: + description: Data format for response. in: query - name: quotaUser + name: alt schema: type: string + enum: + - json + - media + - proto upload_protocol: description: Upload protocol for media (e.g. "raw", "multipart"). in: query name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - _.xgafv: - description: V1 error format. - in: query - name: $.xgafv - schema: - type: string - enum: - - '1' - - '2' x-stackQL-resources: locations: id: google.managedkafka.locations @@ -1554,6 +1594,13 @@ components: name: operations title: Operations methods: + cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' list: operation: $ref: >- @@ -1576,13 +1623,6 @@ components: response: mediaType: application/json openAPIDocKey: '200' - cancel: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post - response: - mediaType: application/json - openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/operations/methods/get' @@ -1592,433 +1632,400 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - clusters: - id: google.managedkafka.clusters - name: clusters - title: Clusters + connectors: + id: google.managedkafka.connectors + name: connectors + title: Connectors methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.clusters - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters/post - response: - mediaType: application/json - openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors~1{connectorsId}/get response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/clusters/methods/get' - - $ref: '#/components/x-stackQL-resources/clusters/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/clusters/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/clusters/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/clusters/methods/delete' - topics: - id: google.managedkafka.topics - name: topics - title: Topics - methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1topics/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.topics - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1topics/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors~1{connectorsId}/patch response: mediaType: application/json openAPIDocKey: '200' - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1topics~1{topicsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors~1{connectorsId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + pause: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1topics~1{topicsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors~1{connectorsId}:pause/post response: mediaType: application/json openAPIDocKey: '200' - delete: + restart: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1topics~1{topicsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors~1{connectorsId}:restart/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/topics/methods/get' - - $ref: '#/components/x-stackQL-resources/topics/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/topics/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/topics/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/topics/methods/delete' - consumer_groups: - id: google.managedkafka.consumer_groups - name: consumer_groups - title: Consumer_groups - methods: - list: + stop: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1consumerGroups/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors~1{connectorsId}:stop/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.consumerGroups - get: + resume: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1consumerGroups~1{consumerGroupsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors~1{connectorsId}:resume/post response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1consumerGroups~1{consumerGroupsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1consumerGroups~1{consumerGroupsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.connectors sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/consumer_groups/methods/get' - - $ref: '#/components/x-stackQL-resources/consumer_groups/methods/list' - insert: [] + - $ref: '#/components/x-stackQL-resources/connectors/methods/get' + - $ref: '#/components/x-stackQL-resources/connectors/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/connectors/methods/create' update: - - $ref: '#/components/x-stackQL-resources/consumer_groups/methods/patch' + - $ref: '#/components/x-stackQL-resources/connectors/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/consumer_groups/methods/delete' - acls: - id: google.managedkafka.acls - name: acls - title: Acls + - $ref: '#/components/x-stackQL-resources/connectors/methods/delete' + connect_clusters: + id: google.managedkafka.connect_clusters + name: connect_clusters + title: Connect_clusters methods: - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1acls/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.acls - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1acls/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1acls~1{aclsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1acls~1{aclsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1acls~1{aclsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/acls/methods/get' - - $ref: '#/components/x-stackQL-resources/acls/methods/list' + - $ref: '#/components/x-stackQL-resources/connect_clusters/methods/get' + - $ref: '#/components/x-stackQL-resources/connect_clusters/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/acls/methods/create' + - $ref: '#/components/x-stackQL-resources/connect_clusters/methods/create' update: - - $ref: '#/components/x-stackQL-resources/acls/methods/patch' + - $ref: '#/components/x-stackQL-resources/connect_clusters/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/acls/methods/delete' - acls_acl_entry: - id: google.managedkafka.acls_acl_entry - name: acls_acl_entry - title: Acls_acl_entry + - $ref: '#/components/x-stackQL-resources/connect_clusters/methods/delete' + schema_registries: + id: google.managedkafka.schema_registries + name: schema_registries + title: Schema_registries methods: - add_acl_entry: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1acls~1{aclsId}:addAclEntry/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}/get response: mediaType: application/json openAPIDocKey: '200' - remove_acl_entry: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1acls~1{aclsId}:removeAclEntry/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: - - $ref: >- - #/components/x-stackQL-resources/acls_acl_entry/methods/add_acl_entry - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/acls_acl_entry/methods/remove_acl_entry - connect_clusters: - id: google.managedkafka.connect_clusters - name: connect_clusters - title: Connect_clusters - methods: - list: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.connectClusters - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries/get response: mediaType: application/json openAPIDocKey: '200' - get: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/schema_registries/methods/get' + - $ref: '#/components/x-stackQL-resources/schema_registries/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/schema_registries/methods/create' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/schema_registries/methods/delete' + subjects: + id: google.managedkafka.subjects + name: subjects + title: Subjects + methods: + lookup_version: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts~1{contextsId}~1subjects~1{subjectsId}/post response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts~1{contextsId}~1subjects~1{subjectsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1schemas~1{schemasId}~1subjects/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/connect_clusters/methods/get' - - $ref: '#/components/x-stackQL-resources/connect_clusters/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/connect_clusters/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/connect_clusters/methods/patch' + - $ref: '#/components/x-stackQL-resources/subjects/methods/list' + insert: [] + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/connect_clusters/methods/delete' - connectors: - id: google.managedkafka.connectors - name: connectors - title: Connectors + - $ref: '#/components/x-stackQL-resources/subjects/methods/delete' + versions: + id: google.managedkafka.versions + name: versions + title: Versions methods: - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts~1{contextsId}~1subjects~1{subjectsId}~1versions~1{versionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.connectors - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts~1{contextsId}~1subjects~1{subjectsId}~1versions~1{versionsId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors~1{connectorsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts~1{contextsId}~1subjects~1{subjectsId}~1versions/post response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors~1{connectorsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1schemas~1{schemasId}~1versions/get response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/versions/methods/get' + - $ref: '#/components/x-stackQL-resources/versions/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/versions/methods/create' + update: [] + replace: [] delete: + - $ref: '#/components/x-stackQL-resources/versions/methods/delete' + versions_schema: + id: google.managedkafka.versions_schema + name: versions_schema + title: Versions_schema + methods: + get_schema: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors~1{connectorsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts~1{contextsId}~1subjects~1{subjectsId}~1versions~1{versionsId}~1schema/get response: mediaType: application/json openAPIDocKey: '200' - pause: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/versions_schema/methods/get_schema + insert: [] + update: [] + replace: [] + delete: [] + referencedby: + id: google.managedkafka.referencedby + name: referencedby + title: Referencedby + methods: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors~1{connectorsId}:pause/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts~1{contextsId}~1subjects~1{subjectsId}~1versions~1{versionsId}~1referencedby/get response: mediaType: application/json openAPIDocKey: '200' - resume: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/referencedby/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + compatibility: + id: google.managedkafka.compatibility + name: compatibility + title: Compatibility + methods: + check_compatibility: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts~1{contextsId}~1compatibility~1{compatibilityId}/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + mode: + id: google.managedkafka.mode + name: mode + title: Mode + methods: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors~1{connectorsId}:resume/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts~1{contextsId}~1mode~1{modeId}/delete response: mediaType: application/json openAPIDocKey: '200' - restart: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors~1{connectorsId}:restart/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts~1{contextsId}~1mode~1{modeId}/get response: mediaType: application/json openAPIDocKey: '200' - stop: + update: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectClusters~1{connectClustersId}~1connectors~1{connectorsId}:stop/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts~1{contextsId}~1mode~1{modeId}/put response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/connectors/methods/get' - - $ref: '#/components/x-stackQL-resources/connectors/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/connectors/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/connectors/methods/patch' - replace: [] + - $ref: '#/components/x-stackQL-resources/mode/methods/get' + insert: [] + update: [] + replace: + - $ref: '#/components/x-stackQL-resources/mode/methods/update' delete: - - $ref: '#/components/x-stackQL-resources/connectors/methods/delete' - schema_registries: - id: google.managedkafka.schema_registries - name: schema_registries - title: Schema_registries + - $ref: '#/components/x-stackQL-resources/mode/methods/delete' + config: + id: google.managedkafka.config + name: config + title: Config methods: - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts~1{contextsId}~1config~1{configId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts~1{contextsId}~1config~1{configId}/get response: mediaType: application/json openAPIDocKey: '200' - create: + update: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts~1{contextsId}~1config~1{configId}/put response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/schema_registries/methods/get' - - $ref: '#/components/x-stackQL-resources/schema_registries/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/schema_registries/methods/create' + - $ref: '#/components/x-stackQL-resources/config/methods/get' + insert: [] update: [] - replace: [] + replace: + - $ref: '#/components/x-stackQL-resources/config/methods/update' delete: - - $ref: '#/components/x-stackQL-resources/schema_registries/methods/delete' - contexts: - id: google.managedkafka.contexts - name: contexts - title: Contexts + - $ref: '#/components/x-stackQL-resources/config/methods/delete' + types: + id: google.managedkafka.types + name: types + title: Types methods: - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts~1{contextsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1schemas~1types/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/contexts/methods/get' - - $ref: '#/components/x-stackQL-resources/contexts/methods/list' + - $ref: '#/components/x-stackQL-resources/types/methods/list' insert: [] update: [] replace: [] @@ -2061,243 +2068,276 @@ components: update: [] replace: [] delete: [] - versions: - id: google.managedkafka.versions - name: versions - title: Versions + contexts: + id: google.managedkafka.contexts + name: contexts + title: Contexts methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1subjects~1{subjectsId}~1versions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts/get response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1subjects~1{subjectsId}~1versions~1{versionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1contexts~1{contextsId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/contexts/methods/get' + - $ref: '#/components/x-stackQL-resources/contexts/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + acls_acl_entry: + id: google.managedkafka.acls_acl_entry + name: acls_acl_entry + title: Acls_acl_entry + methods: + add_acl_entry: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1subjects~1{subjectsId}~1versions~1{versionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1acls~1{aclsId}:addAclEntry/post response: mediaType: application/json openAPIDocKey: '200' - create: + remove_acl_entry: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1subjects~1{subjectsId}~1versions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1acls~1{aclsId}:removeAclEntry/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/versions/methods/get' - - $ref: '#/components/x-stackQL-resources/versions/methods/list' + select: [] insert: - - $ref: '#/components/x-stackQL-resources/versions/methods/create' + - $ref: >- + #/components/x-stackQL-resources/acls_acl_entry/methods/add_acl_entry update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/versions/methods/delete' - types: - id: google.managedkafka.types - name: types - title: Types + - $ref: >- + #/components/x-stackQL-resources/acls_acl_entry/methods/remove_acl_entry + acls: + id: google.managedkafka.acls + name: acls + title: Acls methods: - list: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1schemas~1types/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1acls/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/types/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - subjects: - id: google.managedkafka.subjects - name: subjects - title: Subjects - methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1subjects/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1acls/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.acls + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1acls~1{aclsId}/get response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1subjects~1{subjectsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1acls~1{aclsId}/delete response: mediaType: application/json openAPIDocKey: '200' - lookup_version: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1subjects~1{subjectsId}/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1acls~1{aclsId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/subjects/methods/list' - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/acls/methods/get' + - $ref: '#/components/x-stackQL-resources/acls/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/acls/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/acls/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/subjects/methods/delete' - versions_schema: - id: google.managedkafka.versions_schema - name: versions_schema - title: Versions_schema + - $ref: '#/components/x-stackQL-resources/acls/methods/delete' + topics: + id: google.managedkafka.topics + name: topics + title: Topics methods: - get_schema: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1subjects~1{subjectsId}~1versions~1{versionsId}~1schema/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1topics/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/versions_schema/methods/get_schema - insert: [] - update: [] - replace: [] - delete: [] - referencedby: - id: google.managedkafka.referencedby - name: referencedby - title: Referencedby - methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1subjects~1{subjectsId}~1versions~1{versionsId}~1referencedby/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1topics/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.topics + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1topics~1{topicsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1topics~1{topicsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1topics~1{topicsId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/referencedby/methods/list' - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/topics/methods/get' + - $ref: '#/components/x-stackQL-resources/topics/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/topics/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/topics/methods/patch' replace: [] - delete: [] - compatibility: - id: google.managedkafka.compatibility - name: compatibility - title: Compatibility + delete: + - $ref: '#/components/x-stackQL-resources/topics/methods/delete' + consumer_groups: + id: google.managedkafka.consumer_groups + name: consumer_groups + title: Consumer_groups methods: - check_compatibility: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1compatibility~1{compatibilityId}/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1consumerGroups~1{consumerGroupsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1consumerGroups~1{consumerGroupsId}/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - config: - id: google.managedkafka.config - name: config - title: Config - methods: get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1config~1{configId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1consumerGroups~1{consumerGroupsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}~1consumerGroups/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.consumerGroups + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/consumer_groups/methods/get' + - $ref: '#/components/x-stackQL-resources/consumer_groups/methods/list' + insert: [] update: + - $ref: '#/components/x-stackQL-resources/consumer_groups/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/consumer_groups/methods/delete' + clusters: + id: google.managedkafka.clusters + name: clusters + title: Clusters + methods: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1config~1{configId}/put + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1config~1{configId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/config/methods/get' - insert: [] - update: [] - replace: - - $ref: '#/components/x-stackQL-resources/config/methods/update' - delete: - - $ref: '#/components/x-stackQL-resources/config/methods/delete' - mode: - id: google.managedkafka.mode - name: mode - title: Mode - methods: - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1mode~1{modeId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters~1{clustersId}/patch response: mediaType: application/json openAPIDocKey: '200' - update: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1mode~1{modeId}/put + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.clusters + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1schemaRegistries~1{schemaRegistriesId}~1mode~1{modeId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clusters/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/mode/methods/get' - insert: [] - update: [] - replace: - - $ref: '#/components/x-stackQL-resources/mode/methods/update' + - $ref: '#/components/x-stackQL-resources/clusters/methods/get' + - $ref: '#/components/x-stackQL-resources/clusters/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/clusters/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/clusters/methods/patch' + replace: [] delete: - - $ref: '#/components/x-stackQL-resources/mode/methods/delete' + - $ref: '#/components/x-stackQL-resources/clusters/methods/delete' paths: /v1/projects/{projectsId}/locations: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/upload_protocol' get: description: Lists information about the supported locations for this service. operationId: managedkafka.projects.locations.list @@ -2319,10 +2359,6 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: @@ -2332,6 +2368,10 @@ paths: name: pageToken schema: type: string + - in: query + name: filter + schema: + type: string - in: query name: extraLocationTypes schema: @@ -2364,6 +2404,53 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: managedkafka.projects.locations.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 get: @@ -2394,6 +2481,10 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: filter schema: @@ -2404,9 +2495,9 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: returnPartialSuccess schema: - type: string + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: @@ -2478,25 +2569,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/connectClusters/{connectClustersId}/connectors/{connectorsId}: parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: managedkafka.projects.locations.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + get: + description: Returns the properties of a single connector. + operationId: managedkafka.projects.locations.connectClusters.connectors.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2508,7 +2585,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Connector' parameters: - in: path name: projectsId @@ -2521,15 +2598,23 @@ paths: schema: type: string - in: path - name: operationsId + name: connectClustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters: - parameters: *ref_1 - get: - description: Lists the clusters in a given project and location. - operationId: managedkafka.projects.locations.clusters.list + - in: path + name: connectorsId + required: true + schema: + type: string + patch: + description: Updates the properties of a connector. + operationId: managedkafka.projects.locations.connectClusters.connectors.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Connector' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2541,7 +2626,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListClustersResponse' + $ref: '#/components/schemas/Connector' parameters: - in: path name: projectsId @@ -2553,31 +2638,24 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: connectClustersId + required: true schema: type: string - - in: query - name: filter + - in: path + name: connectorsId + required: true schema: type: string - in: query - name: orderBy + name: updateMask schema: type: string - post: - description: Creates a new cluster in a given project and location. - operationId: managedkafka.projects.locations.clusters.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Cluster' + format: google-fieldmask + delete: + description: Deletes a connector. + operationId: managedkafka.projects.locations.connectClusters.connectors.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2589,7 +2667,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2601,19 +2679,26 @@ paths: required: true schema: type: string - - in: query - name: clusterId + - in: path + name: connectClustersId + required: true schema: type: string - - in: query - name: requestId + - in: path + name: connectorsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}: + /v1/projects/{projectsId}/locations/{locationsId}/connectClusters/{connectClustersId}/connectors/{connectorsId}:pause: parameters: *ref_1 - get: - description: Returns the properties of a single cluster. - operationId: managedkafka.projects.locations.clusters.get + post: + description: Pauses the connector and its tasks. + operationId: managedkafka.projects.locations.connectClusters.connectors.pause + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PauseConnectorRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2625,7 +2710,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Cluster' + $ref: '#/components/schemas/PauseConnectorResponse' parameters: - in: path name: projectsId @@ -2638,18 +2723,25 @@ paths: schema: type: string - in: path - name: clustersId + name: connectClustersId required: true schema: type: string - patch: - description: Updates the properties of a single cluster. - operationId: managedkafka.projects.locations.clusters.patch + - in: path + name: connectorsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/connectClusters/{connectClustersId}/connectors/{connectorsId}:restart: + parameters: *ref_1 + post: + description: Restarts the connector. + operationId: managedkafka.projects.locations.connectClusters.connectors.restart requestBody: content: application/json: schema: - $ref: '#/components/schemas/Cluster' + $ref: '#/components/schemas/RestartConnectorRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2661,7 +2753,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/RestartConnectorResponse' parameters: - in: path name: projectsId @@ -2674,22 +2766,25 @@ paths: schema: type: string - in: path - name: clustersId + name: connectClustersId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId + - in: path + name: connectorsId + required: true schema: type: string - delete: - description: Deletes a single cluster. - operationId: managedkafka.projects.locations.clusters.delete + /v1/projects/{projectsId}/locations/{locationsId}/connectClusters/{connectClustersId}/connectors/{connectorsId}:stop: + parameters: *ref_1 + post: + description: Stops the connector. + operationId: managedkafka.projects.locations.connectClusters.connectors.stop + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/StopConnectorRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2701,7 +2796,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/StopConnectorResponse' parameters: - in: path name: projectsId @@ -2714,19 +2809,25 @@ paths: schema: type: string - in: path - name: clustersId + name: connectClustersId required: true schema: type: string - - in: query - name: requestId + - in: path + name: connectorsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/topics: + /v1/projects/{projectsId}/locations/{locationsId}/connectClusters/{connectClustersId}/connectors/{connectorsId}:resume: parameters: *ref_1 - get: - description: Lists the topics in a given cluster. - operationId: managedkafka.projects.locations.clusters.topics.list + post: + description: Resumes the connector and its tasks. + operationId: managedkafka.projects.locations.connectClusters.connectors.resume + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ResumeConnectorRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2738,7 +2839,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTopicsResponse' + $ref: '#/components/schemas/ResumeConnectorResponse' parameters: - in: path name: projectsId @@ -2751,27 +2852,25 @@ paths: schema: type: string - in: path - name: clustersId + name: connectClustersId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: connectorsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/connectClusters/{connectClustersId}/connectors: + parameters: *ref_1 post: - description: Creates a new topic in a given project and location. - operationId: managedkafka.projects.locations.clusters.topics.create + description: Creates a new connector in a given Connect cluster. + operationId: managedkafka.projects.locations.connectClusters.connectors.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Topic' + $ref: '#/components/schemas/Connector' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2783,7 +2882,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Topic' + $ref: '#/components/schemas/Connector' parameters: - in: path name: projectsId @@ -2796,19 +2895,17 @@ paths: schema: type: string - in: path - name: clustersId + name: connectClustersId required: true schema: type: string - in: query - name: topicId + name: connectorId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/topics/{topicsId}: - parameters: *ref_1 get: - description: Returns the properties of a single topic. - operationId: managedkafka.projects.locations.clusters.topics.get + description: Lists the connectors in a given Connect cluster. + operationId: managedkafka.projects.locations.connectClusters.connectors.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2820,7 +2917,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Topic' + $ref: '#/components/schemas/ListConnectorsResponse' parameters: - in: path name: projectsId @@ -2833,23 +2930,24 @@ paths: schema: type: string - in: path - name: clustersId + name: connectClustersId required: true schema: type: string - - in: path - name: topicsId - required: true + - in: query + name: pageToken schema: type: string - patch: - description: Updates the properties of a single topic. - operationId: managedkafka.projects.locations.clusters.topics.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Topic' + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/connectClusters/{connectClustersId}: + parameters: *ref_1 + delete: + description: Deletes a single Connect cluster. + operationId: managedkafka.projects.locations.connectClusters.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2861,7 +2959,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Topic' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2874,23 +2972,17 @@ paths: schema: type: string - in: path - name: clustersId - required: true - schema: - type: string - - in: path - name: topicsId + name: connectClustersId required: true schema: type: string - in: query - name: updateMask + name: requestId schema: type: string - format: google-fieldmask - delete: - description: Deletes a single topic. - operationId: managedkafka.projects.locations.clusters.topics.delete + get: + description: Returns the properties of a single Kafka Connect cluster. + operationId: managedkafka.projects.locations.connectClusters.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2902,7 +2994,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ConnectCluster' parameters: - in: path name: projectsId @@ -2915,20 +3007,18 @@ paths: schema: type: string - in: path - name: clustersId - required: true - schema: - type: string - - in: path - name: topicsId + name: connectClustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/consumerGroups: - parameters: *ref_1 - get: - description: Lists the consumer groups in a given cluster. - operationId: managedkafka.projects.locations.clusters.consumerGroups.list + patch: + description: Updates the properties of a single Kafka Connect cluster. + operationId: managedkafka.projects.locations.connectClusters.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ConnectCluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2940,7 +3030,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListConsumerGroupsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2953,24 +3043,29 @@ paths: schema: type: string - in: path - name: clustersId + name: connectClustersId required: true schema: type: string - in: query - name: pageSize + name: requestId schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/consumerGroups/{consumerGroupsId}: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/connectClusters: parameters: *ref_1 - get: - description: Returns the properties of a single consumer group. - operationId: managedkafka.projects.locations.clusters.consumerGroups.get + post: + description: Creates a new Kafka Connect cluster in a given project and location. + operationId: managedkafka.projects.locations.connectClusters.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ConnectCluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2982,7 +3077,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ConsumerGroup' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2994,24 +3089,17 @@ paths: required: true schema: type: string - - in: path - name: clustersId - required: true + - in: query + name: connectClusterId schema: type: string - - in: path - name: consumerGroupsId - required: true + - in: query + name: requestId schema: type: string - patch: - description: Updates the properties of a single consumer group. - operationId: managedkafka.projects.locations.clusters.consumerGroups.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ConsumerGroup' + get: + description: Lists the Kafka Connect clusters in a given project and location. + operationId: managedkafka.projects.locations.connectClusters.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3023,7 +3111,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ConsumerGroup' + $ref: '#/components/schemas/ListConnectClustersResponse' parameters: - in: path name: projectsId @@ -3035,24 +3123,28 @@ paths: required: true schema: type: string - - in: path - name: clustersId - required: true + - in: query + name: orderBy schema: type: string - - in: path - name: consumerGroupsId - required: true + - in: query + name: filter schema: type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - delete: - description: Deletes a single consumer group. - operationId: managedkafka.projects.locations.clusters.consumerGroups.delete + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}: + parameters: *ref_1 + get: + description: Get the schema registry instance. + operationId: managedkafka.projects.locations.schemaRegistries.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3064,7 +3156,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/SchemaRegistry' parameters: - in: path name: projectsId @@ -3077,20 +3169,13 @@ paths: schema: type: string - in: path - name: clustersId - required: true - schema: - type: string - - in: path - name: consumerGroupsId + name: schemaRegistriesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/acls: - parameters: *ref_1 - get: - description: Lists the acls in a given cluster. - operationId: managedkafka.projects.locations.clusters.acls.list + delete: + description: Delete a schema registry instance. + operationId: managedkafka.projects.locations.schemaRegistries.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3102,7 +3187,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAclsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -3115,27 +3200,20 @@ paths: schema: type: string - in: path - name: clustersId + name: schemaRegistriesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries: + parameters: *ref_1 post: - description: Creates a new acl in the given project, location, and cluster. - operationId: managedkafka.projects.locations.clusters.acls.create + description: Create a schema registry instance. + operationId: managedkafka.projects.locations.schemaRegistries.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Acl' + $ref: '#/components/schemas/CreateSchemaRegistryRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3147,7 +3225,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Acl' + $ref: '#/components/schemas/SchemaRegistry' parameters: - in: path name: projectsId @@ -3159,20 +3237,9 @@ paths: required: true schema: type: string - - in: path - name: clustersId - required: true - schema: - type: string - - in: query - name: aclId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/acls/{aclsId}: - parameters: *ref_1 get: - description: Returns the properties of a single acl. - operationId: managedkafka.projects.locations.clusters.acls.get + description: List schema registries. + operationId: managedkafka.projects.locations.schemaRegistries.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3184,7 +3251,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Acl' + $ref: '#/components/schemas/ListSchemaRegistriesResponse' parameters: - in: path name: projectsId @@ -3196,24 +3263,20 @@ paths: required: true schema: type: string - - in: path - name: clustersId - required: true - schema: - type: string - - in: path - name: aclsId - required: true + - in: query + name: view schema: type: string - patch: - description: Updates the properties of a single acl. - operationId: managedkafka.projects.locations.clusters.acls.patch + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/subjects/{subjectsId}: + parameters: *ref_1 + post: + description: Lookup a schema under the specified subject. + operationId: managedkafka.projects.locations.schemaRegistries.subjects.lookupVersion requestBody: content: application/json: schema: - $ref: '#/components/schemas/Acl' + $ref: '#/components/schemas/LookupVersionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3225,7 +3288,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Acl' + $ref: '#/components/schemas/SchemaVersion' parameters: - in: path name: projectsId @@ -3238,23 +3301,20 @@ paths: schema: type: string - in: path - name: clustersId + name: schemaRegistriesId required: true schema: type: string - in: path - name: aclsId + name: subjectsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask delete: - description: Deletes an acl. - operationId: managedkafka.projects.locations.clusters.acls.delete + description: >- + Delete a subject. The response will be an array of versions of the + deleted subject. + operationId: managedkafka.projects.locations.schemaRegistries.subjects.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3266,7 +3326,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -3279,27 +3339,26 @@ paths: schema: type: string - in: path - name: clustersId + name: schemaRegistriesId required: true schema: type: string - in: path - name: aclsId + name: subjectsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/acls/{aclsId}:addAclEntry: + - in: query + name: permanent + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/subjects: parameters: *ref_1 - post: + get: description: >- - Incremental update: Adds an acl entry to an acl. Creates the acl if it - does not exist yet. - operationId: managedkafka.projects.locations.clusters.acls.addAclEntry - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AclEntry' + List subjects in the schema registry. The response will be an array of + subject names. + operationId: managedkafka.projects.locations.schemaRegistries.subjects.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3311,7 +3370,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AddAclEntryResponse' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -3324,28 +3383,26 @@ paths: schema: type: string - in: path - name: clustersId + name: schemaRegistriesId required: true schema: type: string - - in: path - name: aclsId - required: true + - in: query + name: deleted + schema: + type: boolean + - in: query + name: subjectPrefix schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/acls/{aclsId}:removeAclEntry: + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/subjects/{subjectsId}/versions/{versionsId}: parameters: *ref_1 - post: + delete: description: >- - Incremental update: Removes an acl entry from an acl. Deletes the acl if - its acl entries become empty (i.e. if the removed entry was the last one - in the acl). - operationId: managedkafka.projects.locations.clusters.acls.removeAclEntry - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AclEntry' + Delete a version of a subject. The response will be the deleted version + id. + operationId: >- + managedkafka.projects.locations.schemaRegistries.subjects.versions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3357,7 +3414,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RemoveAclEntryResponse' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -3370,20 +3427,27 @@ paths: schema: type: string - in: path - name: clustersId + name: schemaRegistriesId required: true schema: type: string - in: path - name: aclsId + name: subjectsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connectClusters: - parameters: *ref_1 + - in: path + name: versionsId + required: true + schema: + type: string + - in: query + name: permanent + schema: + type: boolean get: - description: Lists the Kafka Connect clusters in a given project and location. - operationId: managedkafka.projects.locations.connectClusters.list + description: Get a versioned schema (schema with subject/version) of a subject. + operationId: managedkafka.projects.locations.schemaRegistries.subjects.versions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3395,7 +3459,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListConnectClustersResponse' + $ref: '#/components/schemas/SchemaVersion' parameters: - in: path name: projectsId @@ -3407,31 +3471,36 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: schemaRegistriesId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: subjectsId + required: true schema: type: string - - in: query - name: filter + - in: path + name: versionsId + required: true schema: type: string - in: query - name: orderBy + name: deleted schema: - type: string + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/subjects/{subjectsId}/versions: + parameters: *ref_1 post: - description: Creates a new Kafka Connect cluster in a given project and location. - operationId: managedkafka.projects.locations.connectClusters.create + description: Register a new version under a given subject with the given schema. + operationId: >- + managedkafka.projects.locations.schemaRegistries.subjects.versions.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/ConnectCluster' + $ref: '#/components/schemas/CreateVersionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3443,7 +3512,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/CreateVersionResponse' parameters: - in: path name: projectsId @@ -3455,19 +3524,21 @@ paths: required: true schema: type: string - - in: query - name: connectClusterId + - in: path + name: schemaRegistriesId + required: true schema: type: string - - in: query - name: requestId + - in: path + name: subjectsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connectClusters/{connectClustersId}: - parameters: *ref_1 get: - description: Returns the properties of a single Kafka Connect cluster. - operationId: managedkafka.projects.locations.connectClusters.get + description: >- + Get all versions of a subject. The response will be an array of versions + of the subject. + operationId: managedkafka.projects.locations.schemaRegistries.subjects.versions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3479,7 +3550,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ConnectCluster' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -3492,18 +3563,27 @@ paths: schema: type: string - in: path - name: connectClustersId + name: schemaRegistriesId required: true schema: type: string - patch: - description: Updates the properties of a single Kafka Connect cluster. - operationId: managedkafka.projects.locations.connectClusters.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ConnectCluster' + - in: path + name: subjectsId + required: true + schema: + type: string + - in: query + name: deleted + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/subjects/{subjectsId}/versions/{versionsId}/schema: + parameters: *ref_1 + get: + description: >- + Get the schema string only for a version of a subject. The response will + be the schema string. + operationId: >- + managedkafka.projects.locations.schemaRegistries.subjects.versions.getSchema security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3515,7 +3595,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -3528,59 +3608,32 @@ paths: schema: type: string - in: path - name: connectClustersId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId - schema: - type: string - delete: - description: Deletes a single Connect cluster. - operationId: managedkafka.projects.locations.connectClusters.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId + name: schemaRegistriesId required: true schema: type: string - in: path - name: locationsId + name: subjectsId required: true schema: type: string - in: path - name: connectClustersId + name: versionsId required: true schema: type: string - in: query - name: requestId + name: deleted schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/connectClusters/{connectClustersId}/connectors: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/subjects/{subjectsId}/versions/{versionsId}/referencedby: parameters: *ref_1 get: - description: Lists the connectors in a given Connect cluster. - operationId: managedkafka.projects.locations.connectClusters.connectors.list + description: >- + Get a list of IDs of schemas that reference the schema with the given + subject and version. + operationId: >- + managedkafka.projects.locations.schemaRegistries.subjects.versions.referencedby.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3592,7 +3645,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListConnectorsResponse' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -3605,27 +3658,33 @@ paths: schema: type: string - in: path - name: connectClustersId + name: schemaRegistriesId required: true schema: type: string - - in: query - name: pageSize + - in: path + name: subjectsId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: versionsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/compatibility/{compatibilityId}: + parameters: *ref_1 post: - description: Creates a new connector in a given Connect cluster. - operationId: managedkafka.projects.locations.connectClusters.connectors.create + description: >- + Check compatibility of a schema with all versions or a specific version + of a subject. + operationId: >- + managedkafka.projects.locations.schemaRegistries.compatibility.checkCompatibility requestBody: content: application/json: schema: - $ref: '#/components/schemas/Connector' + $ref: '#/components/schemas/CheckCompatibilityRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3637,7 +3696,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Connector' + $ref: '#/components/schemas/CheckCompatibilityResponse' parameters: - in: path name: projectsId @@ -3650,19 +3709,20 @@ paths: schema: type: string - in: path - name: connectClustersId + name: schemaRegistriesId required: true schema: type: string - - in: query - name: connectorId + - in: path + name: compatibilityId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connectClusters/{connectClustersId}/connectors/{connectorsId}: + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/mode/{modeId}: parameters: *ref_1 - get: - description: Returns the properties of a single connector. - operationId: managedkafka.projects.locations.connectClusters.connectors.get + delete: + description: Delete schema mode for a subject. + operationId: managedkafka.projects.locations.schemaRegistries.mode.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3674,7 +3734,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Connector' + $ref: '#/components/schemas/SchemaMode' parameters: - in: path name: projectsId @@ -3687,23 +3747,18 @@ paths: schema: type: string - in: path - name: connectClustersId + name: schemaRegistriesId required: true schema: type: string - in: path - name: connectorsId + name: modeId required: true schema: type: string - patch: - description: Updates the properties of a connector. - operationId: managedkafka.projects.locations.connectClusters.connectors.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Connector' + get: + description: Get mode at global level or for a subject. + operationId: managedkafka.projects.locations.schemaRegistries.mode.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3715,7 +3770,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Connector' + $ref: '#/components/schemas/SchemaMode' parameters: - in: path name: projectsId @@ -3728,23 +3783,23 @@ paths: schema: type: string - in: path - name: connectClustersId + name: schemaRegistriesId required: true schema: type: string - in: path - name: connectorsId + name: modeId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a connector. - operationId: managedkafka.projects.locations.connectClusters.connectors.delete + put: + description: Update mode at global level or for a subject. + operationId: managedkafka.projects.locations.schemaRegistries.mode.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UpdateSchemaModeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3756,7 +3811,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/SchemaMode' parameters: - in: path name: projectsId @@ -3769,25 +3824,20 @@ paths: schema: type: string - in: path - name: connectClustersId + name: schemaRegistriesId required: true schema: type: string - in: path - name: connectorsId + name: modeId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connectClusters/{connectClustersId}/connectors/{connectorsId}:pause: + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/config/{configId}: parameters: *ref_1 - post: - description: Pauses the connector and its tasks. - operationId: managedkafka.projects.locations.connectClusters.connectors.pause - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PauseConnectorRequest' + delete: + description: Delete schema config for a subject. + operationId: managedkafka.projects.locations.schemaRegistries.config.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3799,7 +3849,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PauseConnectorResponse' + $ref: '#/components/schemas/SchemaConfig' parameters: - in: path name: projectsId @@ -3812,25 +3862,18 @@ paths: schema: type: string - in: path - name: connectClustersId + name: schemaRegistriesId required: true schema: type: string - in: path - name: connectorsId + name: configId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connectClusters/{connectClustersId}/connectors/{connectorsId}:resume: - parameters: *ref_1 - post: - description: Resumes the connector and its tasks. - operationId: managedkafka.projects.locations.connectClusters.connectors.resume - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ResumeConnectorRequest' + get: + description: Get schema config at global level or for a subject. + operationId: managedkafka.projects.locations.schemaRegistries.config.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3842,7 +3885,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ResumeConnectorResponse' + $ref: '#/components/schemas/SchemaConfig' parameters: - in: path name: projectsId @@ -3855,25 +3898,29 @@ paths: schema: type: string - in: path - name: connectClustersId + name: schemaRegistriesId required: true schema: type: string - in: path - name: connectorsId + name: configId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connectClusters/{connectClustersId}/connectors/{connectorsId}:restart: - parameters: *ref_1 - post: - description: Restarts the connector. - operationId: managedkafka.projects.locations.connectClusters.connectors.restart + - in: query + name: defaultToGlobal + schema: + type: boolean + put: + description: >- + Update config at global level or for a subject. Creates a + SchemaSubject-level SchemaConfig if it does not exist. + operationId: managedkafka.projects.locations.schemaRegistries.config.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/RestartConnectorRequest' + $ref: '#/components/schemas/UpdateSchemaConfigRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3885,7 +3932,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RestartConnectorResponse' + $ref: '#/components/schemas/SchemaConfig' parameters: - in: path name: projectsId @@ -3898,25 +3945,25 @@ paths: schema: type: string - in: path - name: connectClustersId + name: schemaRegistriesId required: true schema: type: string - in: path - name: connectorsId + name: configId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connectClusters/{connectClustersId}/connectors/{connectorsId}:stop: + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/mode/{modeId}: parameters: *ref_1 - post: - description: Stops the connector. - operationId: managedkafka.projects.locations.connectClusters.connectors.stop + put: + description: Update mode at global level or for a subject. + operationId: managedkafka.projects.locations.schemaRegistries.contexts.mode.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/StopConnectorRequest' + $ref: '#/components/schemas/UpdateSchemaModeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3928,7 +3975,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/StopConnectorResponse' + $ref: '#/components/schemas/SchemaMode' parameters: - in: path name: projectsId @@ -3941,20 +3988,23 @@ paths: schema: type: string - in: path - name: connectClustersId + name: schemaRegistriesId required: true schema: type: string - in: path - name: connectorsId + name: contextsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}: - parameters: *ref_1 - get: - description: Get the schema registry instance. - operationId: managedkafka.projects.locations.schemaRegistries.get + - in: path + name: modeId + required: true + schema: + type: string + delete: + description: Delete schema mode for a subject. + operationId: managedkafka.projects.locations.schemaRegistries.contexts.mode.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3966,7 +4016,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaRegistry' + $ref: '#/components/schemas/SchemaMode' parameters: - in: path name: projectsId @@ -3983,9 +4033,19 @@ paths: required: true schema: type: string - delete: - description: Delete a schema registry instance. - operationId: managedkafka.projects.locations.schemaRegistries.delete + - in: path + name: contextsId + required: true + schema: + type: string + - in: path + name: modeId + required: true + schema: + type: string + get: + description: Get mode at global level or for a subject. + operationId: managedkafka.projects.locations.schemaRegistries.contexts.mode.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3997,7 +4057,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/SchemaMode' parameters: - in: path name: projectsId @@ -4014,11 +4074,28 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries: + - in: path + name: contextsId + required: true + schema: + type: string + - in: path + name: modeId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/config/{configId}: parameters: *ref_1 - get: - description: List schema registries. - operationId: managedkafka.projects.locations.schemaRegistries.list + put: + description: >- + Update config at global level or for a subject. Creates a + SchemaSubject-level SchemaConfig if it does not exist. + operationId: managedkafka.projects.locations.schemaRegistries.contexts.config.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UpdateSchemaConfigRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4030,7 +4107,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSchemaRegistriesResponse' + $ref: '#/components/schemas/SchemaConfig' parameters: - in: path name: projectsId @@ -4042,18 +4119,24 @@ paths: required: true schema: type: string - - in: query - name: view + - in: path + name: schemaRegistriesId + required: true + schema: + type: string + - in: path + name: contextsId + required: true + schema: + type: string + - in: path + name: configId + required: true schema: type: string - post: - description: Create a schema registry instance. - operationId: managedkafka.projects.locations.schemaRegistries.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CreateSchemaRegistryRequest' + delete: + description: Delete schema config for a subject. + operationId: managedkafka.projects.locations.schemaRegistries.contexts.config.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4065,7 +4148,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaRegistry' + $ref: '#/components/schemas/SchemaConfig' parameters: - in: path name: projectsId @@ -4077,11 +4160,24 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}: - parameters: *ref_1 + - in: path + name: schemaRegistriesId + required: true + schema: + type: string + - in: path + name: contextsId + required: true + schema: + type: string + - in: path + name: configId + required: true + schema: + type: string get: - description: Get the context. - operationId: managedkafka.projects.locations.schemaRegistries.contexts.get + description: Get schema config at global level or for a subject. + operationId: managedkafka.projects.locations.schemaRegistries.contexts.config.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4093,7 +4189,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Context' + $ref: '#/components/schemas/SchemaConfig' parameters: - in: path name: projectsId @@ -4115,11 +4211,28 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts: + - in: path + name: configId + required: true + schema: + type: string + - in: query + name: defaultToGlobal + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/compatibility/{compatibilityId}: parameters: *ref_1 - get: - description: List contexts for a schema registry. - operationId: managedkafka.projects.locations.schemaRegistries.contexts.list + post: + description: >- + Check compatibility of a schema with all versions or a specific version + of a subject. + operationId: >- + managedkafka.projects.locations.schemaRegistries.contexts.compatibility.checkCompatibility + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CheckCompatibilityRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4131,7 +4244,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/CheckCompatibilityResponse' parameters: - in: path name: projectsId @@ -4148,11 +4261,23 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/schemas/{schemasId}: + - in: path + name: contextsId + required: true + schema: + type: string + - in: path + name: compatibilityId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/subjects: parameters: *ref_1 get: - description: Get the schema for the given schema id. - operationId: managedkafka.projects.locations.schemaRegistries.contexts.schemas.get + description: >- + List subjects in the schema registry. The response will be an array of + subject names. + operationId: managedkafka.projects.locations.schemaRegistries.contexts.subjects.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4164,7 +4289,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Schema' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -4186,23 +4311,22 @@ paths: required: true schema: type: string - - in: path - name: schemasId - required: true + - in: query + name: deleted schema: - type: string + type: boolean - in: query - name: subject + name: subjectPrefix schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/schemas/{schemasId}/schema: + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/subjects/{subjectsId}: parameters: *ref_1 - get: + delete: description: >- - Get the schema string for the given schema id. The response will be the - schema string. + Delete a subject. The response will be an array of versions of the + deleted subject. operationId: >- - managedkafka.projects.locations.schemaRegistries.contexts.schemas.getSchema + managedkafka.projects.locations.schemaRegistries.contexts.subjects.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4237,23 +4361,23 @@ paths: schema: type: string - in: path - name: schemasId + name: subjectsId required: true schema: type: string - in: query - name: subject + name: permanent schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/schemas/{schemasId}/versions: - parameters: *ref_1 - get: - description: >- - List the schema versions for the given schema id. The response will be - an array of subject-version pairs as: [{"subject":"subject1", - "version":1}, {"subject":"subject2", "version":2}]. + type: boolean + post: + description: Lookup a schema under the specified subject. operationId: >- - managedkafka.projects.locations.schemaRegistries.contexts.schemas.versions.list + managedkafka.projects.locations.schemaRegistries.contexts.subjects.lookupVersion + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LookupVersionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4265,7 +4389,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/SchemaVersion' parameters: - in: path name: projectsId @@ -4288,26 +4412,18 @@ paths: schema: type: string - in: path - name: schemasId + name: subjectsId required: true schema: type: string - - in: query - name: subject - schema: - type: string - - in: query - name: deleted - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/schemas/types: + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/subjects/{subjectsId}/versions/{versionsId}: parameters: *ref_1 - get: + delete: description: >- - List the supported schema types. The response will be an array of schema - types. + Delete a version of a subject. The response will be the deleted version + id. operationId: >- - managedkafka.projects.locations.schemaRegistries.contexts.schemas.types.list + managedkafka.projects.locations.schemaRegistries.contexts.subjects.versions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4341,14 +4457,24 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/schemas/{schemasId}/subjects: - parameters: *ref_1 + - in: path + name: subjectsId + required: true + schema: + type: string + - in: path + name: versionsId + required: true + schema: + type: string + - in: query + name: permanent + schema: + type: boolean get: - description: >- - List subjects which reference a particular schema id. The response will - be an array of subject names. + description: Get a versioned schema (schema with subject/version) of a subject. operationId: >- - managedkafka.projects.locations.schemaRegistries.contexts.schemas.subjects.list + managedkafka.projects.locations.schemaRegistries.contexts.subjects.versions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4360,7 +4486,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/SchemaVersion' parameters: - in: path name: projectsId @@ -4383,25 +4509,30 @@ paths: schema: type: string - in: path - name: schemasId + name: subjectsId required: true schema: type: string - - in: query - name: subject + - in: path + name: versionsId + required: true schema: type: string - in: query name: deleted schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/subjects: + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/subjects/{subjectsId}/versions: parameters: *ref_1 - get: - description: >- - List subjects in the schema registry. The response will be an array of - subject names. - operationId: managedkafka.projects.locations.schemaRegistries.contexts.subjects.list + post: + description: Register a new version under a given subject with the given schema. + operationId: >- + managedkafka.projects.locations.schemaRegistries.contexts.subjects.versions.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CreateVersionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4413,7 +4544,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/CreateVersionResponse' parameters: - in: path name: projectsId @@ -4435,22 +4566,17 @@ paths: required: true schema: type: string - - in: query - name: subjectPrefix + - in: path + name: subjectsId + required: true schema: type: string - - in: query - name: deleted - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/subjects/{subjectsId}: - parameters: *ref_1 - delete: + get: description: >- - Delete a subject. The response will be an array of versions of the - deleted subject. + Get all versions of a subject. The response will be an array of versions + of the subject. operationId: >- - managedkafka.projects.locations.schemaRegistries.contexts.subjects.delete + managedkafka.projects.locations.schemaRegistries.contexts.subjects.versions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4490,18 +4616,17 @@ paths: schema: type: string - in: query - name: permanent + name: deleted schema: type: boolean - post: - description: Lookup a schema under the specified subject. + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/subjects/{subjectsId}/versions/{versionsId}/schema: + parameters: *ref_1 + get: + description: >- + Get the schema string only for a version of a subject. The response will + be the schema string. operationId: >- - managedkafka.projects.locations.schemaRegistries.contexts.subjects.lookupVersion - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LookupVersionRequest' + managedkafka.projects.locations.schemaRegistries.contexts.subjects.versions.getSchema security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4513,7 +4638,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaVersion' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -4540,12 +4665,23 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/subjects/{subjectsId}/versions/{versionsId}: + - in: path + name: versionsId + required: true + schema: + type: string + - in: query + name: deleted + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/subjects/{subjectsId}/versions/{versionsId}/referencedby: parameters: *ref_1 get: - description: Get a versioned schema (schema with subject/version) of a subject. + description: >- + Get a list of IDs of schemas that reference the schema with the given + subject and version. operationId: >- - managedkafka.projects.locations.schemaRegistries.contexts.subjects.versions.get + managedkafka.projects.locations.schemaRegistries.contexts.subjects.versions.referencedby.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4557,7 +4693,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaVersion' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -4588,17 +4724,15 @@ paths: name: versionsId required: true schema: - type: string - - in: query - name: deleted - schema: - type: boolean - delete: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/schemas/types: + parameters: *ref_1 + get: description: >- - Delete a version of a subject. The response will be the deleted version - id. + List the supported schema types. The response will be an array of schema + types. operationId: >- - managedkafka.projects.locations.schemaRegistries.contexts.subjects.versions.delete + managedkafka.projects.locations.schemaRegistries.contexts.schemas.types.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4632,28 +4766,15 @@ paths: required: true schema: type: string - - in: path - name: subjectsId - required: true - schema: - type: string - - in: path - name: versionsId - required: true - schema: - type: string - - in: query - name: permanent - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/subjects/{subjectsId}/versions/{versionsId}/schema: + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/schemas/{schemasId}/versions: parameters: *ref_1 get: description: >- - Get the schema string only for a version of a subject. The response will - be the schema string. + List the schema versions for the given schema id. The response will be + an array of subject-version pairs as: [{"subject":"subject1", + "version":1}, {"subject":"subject2", "version":2}]. operationId: >- - managedkafka.projects.locations.schemaRegistries.contexts.subjects.versions.getSchema + managedkafka.projects.locations.schemaRegistries.contexts.schemas.versions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4688,12 +4809,7 @@ paths: schema: type: string - in: path - name: subjectsId - required: true - schema: - type: string - - in: path - name: versionsId + name: schemasId required: true schema: type: string @@ -4701,14 +4817,18 @@ paths: name: deleted schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/subjects/{subjectsId}/versions: + - in: query + name: subject + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/schemas/{schemasId}/subjects: parameters: *ref_1 get: description: >- - Get all versions of a subject. The response will be an array of versions - of the subject. + List subjects which reference a particular schema id. The response will + be an array of subject names. operationId: >- - managedkafka.projects.locations.schemaRegistries.contexts.subjects.versions.list + managedkafka.projects.locations.schemaRegistries.contexts.schemas.subjects.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4743,7 +4863,7 @@ paths: schema: type: string - in: path - name: subjectsId + name: schemasId required: true schema: type: string @@ -4751,15 +4871,15 @@ paths: name: deleted schema: type: boolean - post: - description: Register a new version under a given subject with the given schema. - operationId: >- - managedkafka.projects.locations.schemaRegistries.contexts.subjects.versions.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CreateVersionRequest' + - in: query + name: subject + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/schemas/{schemasId}: + parameters: *ref_1 + get: + description: Get the schema for the given schema id. + operationId: managedkafka.projects.locations.schemaRegistries.contexts.schemas.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4771,7 +4891,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CreateVersionResponse' + $ref: '#/components/schemas/Schema' parameters: - in: path name: projectsId @@ -4794,18 +4914,22 @@ paths: schema: type: string - in: path - name: subjectsId + name: schemasId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/subjects/{subjectsId}/versions/{versionsId}/referencedby: + - in: query + name: subject + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/schemas/{schemasId}/schema: parameters: *ref_1 get: description: >- - Get a list of IDs of schemas that reference the schema with the given - subject and version. + Get the schema string for the given schema id. The response will be the + schema string. operationId: >- - managedkafka.projects.locations.schemaRegistries.contexts.subjects.versions.referencedby.list + managedkafka.projects.locations.schemaRegistries.contexts.schemas.getSchema security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4840,28 +4964,19 @@ paths: schema: type: string - in: path - name: subjectsId + name: schemasId required: true schema: type: string - - in: path - name: versionsId - required: true + - in: query + name: subject schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/compatibility/{compatibilityId}: + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts: parameters: *ref_1 - post: - description: >- - Check compatibility of a schema with all versions or a specific version - of a subject. - operationId: >- - managedkafka.projects.locations.schemaRegistries.contexts.compatibility.checkCompatibility - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CheckCompatibilityRequest' + get: + description: List contexts for a schema registry. + operationId: managedkafka.projects.locations.schemaRegistries.contexts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4873,7 +4988,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CheckCompatibilityResponse' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -4890,21 +5005,11 @@ paths: required: true schema: type: string - - in: path - name: contextsId - required: true - schema: - type: string - - in: path - name: compatibilityId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/config/{configId}: + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}: parameters: *ref_1 get: - description: Get schema config at global level or for a subject. - operationId: managedkafka.projects.locations.schemaRegistries.contexts.config.get + description: Get the context. + operationId: managedkafka.projects.locations.schemaRegistries.contexts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4916,7 +5021,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaConfig' + $ref: '#/components/schemas/Context' parameters: - in: path name: projectsId @@ -4938,25 +5043,13 @@ paths: required: true schema: type: string - - in: path - name: configId - required: true - schema: - type: string - - in: query - name: defaultToGlobal - schema: - type: boolean - put: + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/schemas/{schemasId}/schema: + parameters: *ref_1 + get: description: >- - Update config at global level or for a subject. Creates a - SchemaSubject-level SchemaConfig if it does not exist. - operationId: managedkafka.projects.locations.schemaRegistries.contexts.config.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UpdateSchemaConfigRequest' + Get the schema string for the given schema id. The response will be the + schema string. + operationId: managedkafka.projects.locations.schemaRegistries.schemas.getSchema security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4968,7 +5061,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaConfig' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -4986,18 +5079,19 @@ paths: schema: type: string - in: path - name: contextsId + name: schemasId required: true schema: type: string - - in: path - name: configId - required: true + - in: query + name: subject schema: type: string - delete: - description: Delete schema config for a subject. - operationId: managedkafka.projects.locations.schemaRegistries.contexts.config.delete + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/schemas/{schemasId}: + parameters: *ref_1 + get: + description: Get the schema for the given schema id. + operationId: managedkafka.projects.locations.schemaRegistries.schemas.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5009,7 +5103,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaConfig' + $ref: '#/components/schemas/Schema' parameters: - in: path name: projectsId @@ -5027,20 +5121,22 @@ paths: schema: type: string - in: path - name: contextsId + name: schemasId required: true schema: type: string - - in: path - name: configId - required: true + - in: query + name: subject schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/contexts/{contextsId}/mode/{modeId}: + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/schemas/{schemasId}/versions: parameters: *ref_1 get: - description: Get mode at global level or for a subject. - operationId: managedkafka.projects.locations.schemaRegistries.contexts.mode.get + description: >- + List the schema versions for the given schema id. The response will be + an array of subject-version pairs as: [{"subject":"subject1", + "version":1}, {"subject":"subject2", "version":2}]. + operationId: managedkafka.projects.locations.schemaRegistries.schemas.versions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5052,7 +5148,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaMode' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -5070,23 +5166,25 @@ paths: schema: type: string - in: path - name: contextsId + name: schemasId required: true schema: type: string - - in: path - name: modeId - required: true + - in: query + name: deleted + schema: + type: boolean + - in: query + name: subject schema: type: string - put: - description: Update mode at global level or for a subject. - operationId: managedkafka.projects.locations.schemaRegistries.contexts.mode.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UpdateSchemaModeRequest' + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/schemas/{schemasId}/subjects: + parameters: *ref_1 + get: + description: >- + List subjects which reference a particular schema id. The response will + be an array of subject names. + operationId: managedkafka.projects.locations.schemaRegistries.schemas.subjects.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5098,7 +5196,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaMode' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -5116,18 +5214,25 @@ paths: schema: type: string - in: path - name: contextsId + name: schemasId required: true schema: type: string - - in: path - name: modeId - required: true + - in: query + name: subject schema: type: string - delete: - description: Delete schema mode for a subject. - operationId: managedkafka.projects.locations.schemaRegistries.contexts.mode.delete + - in: query + name: deleted + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/schemas/types: + parameters: *ref_1 + get: + description: >- + List the supported schema types. The response will be an array of schema + types. + operationId: managedkafka.projects.locations.schemaRegistries.schemas.types.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5139,7 +5244,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaMode' + $ref: '#/components/schemas/HttpBody' parameters: - in: path name: projectsId @@ -5147,30 +5252,27 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: schemaRegistriesId - required: true - schema: - type: string - - in: path - name: contextsId + name: locationsId required: true schema: type: string - in: path - name: modeId + name: schemaRegistriesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/schemas/{schemasId}: + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/acls/{aclsId}:addAclEntry: parameters: *ref_1 - get: - description: Get the schema for the given schema id. - operationId: managedkafka.projects.locations.schemaRegistries.schemas.get + post: + description: >- + Incremental update: Adds an acl entry to an acl. Creates the acl if it + does not exist yet. + operationId: managedkafka.projects.locations.clusters.acls.addAclEntry + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AclEntry' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5182,7 +5284,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Schema' + $ref: '#/components/schemas/AddAclEntryResponse' parameters: - in: path name: projectsId @@ -5195,26 +5297,25 @@ paths: schema: type: string - in: path - name: schemaRegistriesId + name: clustersId required: true schema: type: string - in: path - name: schemasId + name: aclsId required: true schema: type: string - - in: query - name: subject - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/schemas/{schemasId}/schema: + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/acls: parameters: *ref_1 - get: - description: >- - Get the schema string for the given schema id. The response will be the - schema string. - operationId: managedkafka.projects.locations.schemaRegistries.schemas.getSchema + post: + description: Creates a new acl in the given project, location, and cluster. + operationId: managedkafka.projects.locations.clusters.acls.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Acl' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5226,7 +5327,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Acl' parameters: - in: path name: projectsId @@ -5239,27 +5340,17 @@ paths: schema: type: string - in: path - name: schemaRegistriesId - required: true - schema: - type: string - - in: path - name: schemasId + name: clustersId required: true schema: type: string - in: query - name: subject + name: aclId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/schemas/{schemasId}/versions: - parameters: *ref_1 get: - description: >- - List the schema versions for the given schema id. The response will be - an array of subject-version pairs as: [{"subject":"subject1", - "version":1}, {"subject":"subject2", "version":2}]. - operationId: managedkafka.projects.locations.schemaRegistries.schemas.versions.list + description: Lists the acls in a given cluster. + operationId: managedkafka.projects.locations.clusters.acls.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5271,7 +5362,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/ListAclsResponse' parameters: - in: path name: projectsId @@ -5284,30 +5375,24 @@ paths: schema: type: string - in: path - name: schemaRegistriesId - required: true - schema: - type: string - - in: path - name: schemasId + name: clustersId required: true schema: type: string - in: query - name: subject + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: deleted + name: pageToken schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/schemas/types: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/acls/{aclsId}: parameters: *ref_1 get: - description: >- - List the supported schema types. The response will be an array of schema - types. - operationId: managedkafka.projects.locations.schemaRegistries.schemas.types.list + description: Returns the properties of a single acl. + operationId: managedkafka.projects.locations.clusters.acls.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5319,7 +5404,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Acl' parameters: - in: path name: projectsId @@ -5332,17 +5417,18 @@ paths: schema: type: string - in: path - name: schemaRegistriesId + name: clustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/schemas/{schemasId}/subjects: - parameters: *ref_1 - get: - description: >- - List subjects which reference a particular schema id. The response will - be an array of subject names. - operationId: managedkafka.projects.locations.schemaRegistries.schemas.subjects.list + - in: path + name: aclsId + required: true + schema: + type: string + delete: + description: Deletes an acl. + operationId: managedkafka.projects.locations.clusters.acls.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5354,7 +5440,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -5367,30 +5453,23 @@ paths: schema: type: string - in: path - name: schemaRegistriesId + name: clustersId required: true schema: type: string - in: path - name: schemasId + name: aclsId required: true schema: type: string - - in: query - name: subject - schema: - type: string - - in: query - name: deleted - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/subjects: - parameters: *ref_1 - get: - description: >- - List subjects in the schema registry. The response will be an array of - subject names. - operationId: managedkafka.projects.locations.schemaRegistries.subjects.list + patch: + description: Updates the properties of a single acl. + operationId: managedkafka.projects.locations.clusters.acls.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Acl' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5402,7 +5481,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Acl' parameters: - in: path name: projectsId @@ -5415,25 +5494,33 @@ paths: schema: type: string - in: path - name: schemaRegistriesId + name: clustersId required: true schema: type: string - - in: query - name: subjectPrefix + - in: path + name: aclsId + required: true schema: type: string - in: query - name: deleted + name: updateMask schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/subjects/{subjectsId}: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/acls/{aclsId}:removeAclEntry: parameters: *ref_1 - delete: + post: description: >- - Delete a subject. The response will be an array of versions of the - deleted subject. - operationId: managedkafka.projects.locations.schemaRegistries.subjects.delete + Incremental update: Removes an acl entry from an acl. Deletes the acl if + its acl entries become empty (i.e. if the removed entry was the last one + in the acl). + operationId: managedkafka.projects.locations.clusters.acls.removeAclEntry + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AclEntry' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5445,7 +5532,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/RemoveAclEntryResponse' parameters: - in: path name: projectsId @@ -5458,27 +5545,25 @@ paths: schema: type: string - in: path - name: schemaRegistriesId + name: clustersId required: true schema: type: string - in: path - name: subjectsId + name: aclsId required: true schema: type: string - - in: query - name: permanent - schema: - type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/topics: + parameters: *ref_1 post: - description: Lookup a schema under the specified subject. - operationId: managedkafka.projects.locations.schemaRegistries.subjects.lookupVersion + description: Creates a new topic in a given project and location. + operationId: managedkafka.projects.locations.clusters.topics.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/LookupVersionRequest' + $ref: '#/components/schemas/Topic' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5490,7 +5575,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaVersion' + $ref: '#/components/schemas/Topic' parameters: - in: path name: projectsId @@ -5503,20 +5588,17 @@ paths: schema: type: string - in: path - name: schemaRegistriesId + name: clustersId required: true schema: type: string - - in: path - name: subjectsId - required: true + - in: query + name: topicId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/subjects/{subjectsId}/versions/{versionsId}: - parameters: *ref_1 get: - description: Get a versioned schema (schema with subject/version) of a subject. - operationId: managedkafka.projects.locations.schemaRegistries.subjects.versions.get + description: Lists the topics in a given cluster. + operationId: managedkafka.projects.locations.clusters.topics.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5528,7 +5610,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaVersion' + $ref: '#/components/schemas/ListTopicsResponse' parameters: - in: path name: projectsId @@ -5541,30 +5623,24 @@ paths: schema: type: string - in: path - name: schemaRegistriesId - required: true - schema: - type: string - - in: path - name: subjectsId + name: clustersId required: true schema: type: string - - in: path - name: versionsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: deleted + name: pageSize schema: - type: boolean - delete: - description: >- - Delete a version of a subject. The response will be the deleted version - id. - operationId: >- - managedkafka.projects.locations.schemaRegistries.subjects.versions.delete + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/topics/{topicsId}: + parameters: *ref_1 + get: + description: Returns the properties of a single topic. + operationId: managedkafka.projects.locations.clusters.topics.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5576,7 +5652,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Topic' parameters: - in: path name: projectsId @@ -5589,32 +5665,23 @@ paths: schema: type: string - in: path - name: schemaRegistriesId - required: true - schema: - type: string - - in: path - name: subjectsId + name: clustersId required: true schema: type: string - in: path - name: versionsId - required: true - schema: - type: string - - in: query - name: permanent - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/subjects/{subjectsId}/versions/{versionsId}/schema: - parameters: *ref_1 - get: - description: >- - Get the schema string only for a version of a subject. The response will - be the schema string. - operationId: >- - managedkafka.projects.locations.schemaRegistries.subjects.versions.getSchema + name: topicsId + required: true + schema: + type: string + patch: + description: Updates the properties of a single topic. + operationId: managedkafka.projects.locations.clusters.topics.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Topic' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5626,7 +5693,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Topic' parameters: - in: path name: projectsId @@ -5639,31 +5706,23 @@ paths: schema: type: string - in: path - name: schemaRegistriesId - required: true - schema: - type: string - - in: path - name: subjectsId + name: clustersId required: true schema: type: string - in: path - name: versionsId + name: topicsId required: true schema: type: string - in: query - name: deleted + name: updateMask schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/subjects/{subjectsId}/versions: - parameters: *ref_1 - get: - description: >- - Get all versions of a subject. The response will be an array of versions - of the subject. - operationId: managedkafka.projects.locations.schemaRegistries.subjects.versions.list + type: string + format: google-fieldmask + delete: + description: Deletes a single topic. + operationId: managedkafka.projects.locations.clusters.topics.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5675,7 +5734,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -5688,28 +5747,25 @@ paths: schema: type: string - in: path - name: schemaRegistriesId + name: clustersId required: true schema: type: string - in: path - name: subjectsId + name: topicsId required: true schema: type: string - - in: query - name: deleted - schema: - type: boolean - post: - description: Register a new version under a given subject with the given schema. - operationId: >- - managedkafka.projects.locations.schemaRegistries.subjects.versions.create + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/consumerGroups/{consumerGroupsId}: + parameters: *ref_1 + patch: + description: Updates the properties of a single consumer group. + operationId: managedkafka.projects.locations.clusters.consumerGroups.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/CreateVersionRequest' + $ref: '#/components/schemas/ConsumerGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5721,7 +5777,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CreateVersionResponse' + $ref: '#/components/schemas/ConsumerGroup' parameters: - in: path name: projectsId @@ -5734,23 +5790,23 @@ paths: schema: type: string - in: path - name: schemaRegistriesId + name: clustersId required: true schema: type: string - in: path - name: subjectsId + name: consumerGroupsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/subjects/{subjectsId}/versions/{versionsId}/referencedby: - parameters: *ref_1 - get: - description: >- - Get a list of IDs of schemas that reference the schema with the given - subject and version. - operationId: >- - managedkafka.projects.locations.schemaRegistries.subjects.versions.referencedby.list + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a single consumer group. + operationId: managedkafka.projects.locations.clusters.consumerGroups.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5762,7 +5818,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpBody' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -5775,33 +5831,18 @@ paths: schema: type: string - in: path - name: schemaRegistriesId - required: true - schema: - type: string - - in: path - name: subjectsId + name: clustersId required: true schema: type: string - in: path - name: versionsId + name: consumerGroupsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/compatibility/{compatibilityId}: - parameters: *ref_1 - post: - description: >- - Check compatibility of a schema with all versions or a specific version - of a subject. - operationId: >- - managedkafka.projects.locations.schemaRegistries.compatibility.checkCompatibility - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CheckCompatibilityRequest' + get: + description: Returns the properties of a single consumer group. + operationId: managedkafka.projects.locations.clusters.consumerGroups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5813,7 +5854,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CheckCompatibilityResponse' + $ref: '#/components/schemas/ConsumerGroup' parameters: - in: path name: projectsId @@ -5826,20 +5867,20 @@ paths: schema: type: string - in: path - name: schemaRegistriesId + name: clustersId required: true schema: type: string - in: path - name: compatibilityId + name: consumerGroupsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/config/{configId}: + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/consumerGroups: parameters: *ref_1 get: - description: Get schema config at global level or for a subject. - operationId: managedkafka.projects.locations.schemaRegistries.config.get + description: Lists the consumer groups in a given cluster. + operationId: managedkafka.projects.locations.clusters.consumerGroups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5851,7 +5892,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaConfig' + $ref: '#/components/schemas/ListConsumerGroupsResponse' parameters: - in: path name: projectsId @@ -5864,29 +5905,24 @@ paths: schema: type: string - in: path - name: schemaRegistriesId + name: clustersId required: true schema: type: string - - in: path - name: configId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: defaultToGlobal + name: pageSize schema: - type: boolean - put: - description: >- - Update config at global level or for a subject. Creates a - SchemaSubject-level SchemaConfig if it does not exist. - operationId: managedkafka.projects.locations.schemaRegistries.config.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UpdateSchemaConfigRequest' + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}: + parameters: *ref_1 + delete: + description: Deletes a single cluster. + operationId: managedkafka.projects.locations.clusters.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5898,7 +5934,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaConfig' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5911,18 +5947,17 @@ paths: schema: type: string - in: path - name: schemaRegistriesId + name: clustersId required: true schema: type: string - - in: path - name: configId - required: true + - in: query + name: requestId schema: type: string - delete: - description: Delete schema config for a subject. - operationId: managedkafka.projects.locations.schemaRegistries.config.delete + get: + description: Returns the properties of a single cluster. + operationId: managedkafka.projects.locations.clusters.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5934,7 +5969,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaConfig' + $ref: '#/components/schemas/Cluster' parameters: - in: path name: projectsId @@ -5947,20 +5982,18 @@ paths: schema: type: string - in: path - name: schemaRegistriesId - required: true - schema: - type: string - - in: path - name: configId + name: clustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/schemaRegistries/{schemaRegistriesId}/mode/{modeId}: - parameters: *ref_1 - get: - description: Get mode at global level or for a subject. - operationId: managedkafka.projects.locations.schemaRegistries.mode.get + patch: + description: Updates the properties of a single cluster. + operationId: managedkafka.projects.locations.clusters.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Cluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5972,7 +6005,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaMode' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5985,23 +6018,24 @@ paths: schema: type: string - in: path - name: schemaRegistriesId + name: clustersId required: true schema: type: string - - in: path - name: modeId - required: true + - in: query + name: updateMask schema: type: string - put: - description: Update mode at global level or for a subject. - operationId: managedkafka.projects.locations.schemaRegistries.mode.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UpdateSchemaModeRequest' + format: google-fieldmask + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/clusters: + parameters: *ref_1 + get: + description: Lists the clusters in a given project and location. + operationId: managedkafka.projects.locations.clusters.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6013,7 +6047,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaMode' + $ref: '#/components/schemas/ListClustersResponse' parameters: - in: path name: projectsId @@ -6025,19 +6059,31 @@ paths: required: true schema: type: string - - in: path - name: schemaRegistriesId - required: true + - in: query + name: orderBy schema: type: string - - in: path - name: modeId - required: true + - in: query + name: filter schema: type: string - delete: - description: Delete schema mode for a subject. - operationId: managedkafka.projects.locations.schemaRegistries.mode.delete + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + post: + description: Creates a new cluster in a given project and location. + operationId: managedkafka.projects.locations.clusters.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Cluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6049,7 +6095,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SchemaMode' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6061,13 +6107,11 @@ paths: required: true schema: type: string - - in: path - name: schemaRegistriesId - required: true + - in: query + name: requestId schema: type: string - - in: path - name: modeId - required: true + - in: query + name: clusterId schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/memcache.yaml b/providers/src/googleapis.com/v00.00.00000/services/memcache.yaml index c2f8a732..209c89d3 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/memcache.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/memcache.yaml @@ -9,8 +9,8 @@ info: Google Cloud Memorystore for Memcached API is used for creating and managing Memcached instances in GCP. version: v1 - x-discovery-doc-revision: '20250612' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251005' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/memorystore/ servers: @@ -100,6 +100,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -812,6 +821,92 @@ components: description: Output only. API version used to start the operation. readOnly: true type: string + GetTagsRequest: + id: GetTagsRequest + description: Request message for GetTags. + type: object + properties: + name: + description: >- + Required. The full One Platform resource name of the service + resource. + type: string + GetTagsResponse: + id: GetTagsResponse + description: Response message for GetTags. + type: object + properties: + name: + description: >- + Required. The full One Platform resource name of the service + resource. + type: string + tags: + description: >- + Required. Tag keys/values directly bound to this resource. Each item + in the map must be expressed as " : ". For example: + "123/environment" : "production", "123/costCenter" : "marketing" + type: object + additionalProperties: + type: string + tagsEtag: + description: >- + A checksum based on the current bindings. This field is always set + in server responses. + type: string + SetTagsRequest: + id: SetTagsRequest + description: Request message for SetTags. + type: object + properties: + name: + description: >- + Required. The full One Platform resource name of the service + resource. + type: string + tags: + description: >- + Required. These bindings will override any bindings previously set + and will be effective immediately. Each item in the map must be + expressed as " : ". For example: "123/environment" : "production", + "123/costCenter" : "marketing" + type: object + additionalProperties: + type: string + tagsEtag: + description: >- + Optional. A checksum based on the current bindings which can be + passed to prevent race conditions. If not passed, etag check would + be skipped. + type: string + requestId: + description: >- + Optional. A unique identifier for this request. Must be a valid + UUID. This request is only idempotent if a `request_id` is provided. + type: string + SetTagsResponse: + id: SetTagsResponse + description: Response message for SetTags. + type: object + properties: + name: + description: >- + Required. The full One Platform resource name of the service + resource. + type: string + tags: + description: >- + Required. Tag keys/values directly bound to this resource. Each item + in the map must be expressed as " : ". For example: + "123/environment" : "production", "123/costCenter" : "marketing" + type: object + additionalProperties: + type: string + tagsEtag: + description: >- + A checksum based on the current bindings. This field is always set + in server responses. + type: string GoogleCloudSaasacceleratorManagementProvidersV1Instance: id: GoogleCloudSaasacceleratorManagementProvidersV1Instance description: >- @@ -1781,6 +1876,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/migrationcenter.yaml b/providers/src/googleapis.com/v00.00.00000/services/migrationcenter.yaml index 5d096144..6acb3c00 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/migrationcenter.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/migrationcenter.yaml @@ -9,8 +9,8 @@ info: A unified platform that helps you accelerate your end-to-end cloud journey from your current on-premises or cloud environments to Google Cloud. version: v1 - x-discovery-doc-revision: '20250821' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251111' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/migration-center servers: @@ -36,1094 +36,1040 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + AggregationSum: + id: AggregationSum + type: object + properties: {} + description: Sum of field values. + ReportSummaryVmwareNode: type: object properties: - operations: + code: description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + Code to identify VMware Engine node series, e.g. "ve1-standard-72". + Based on the displayName of + cloud.google.com/vmware-engine/docs/reference/rest/v1/projects.locations.nodeTypes type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + id: ReportSummaryVmwareNode + description: A VMWare Engine Node + BatchDeleteAssetsRequest: + id: BatchDeleteAssetsRequest type: object + description: A request to delete a list of asset. properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: + cascadingRules: + items: + $ref: '#/components/schemas/CascadingRule' + type: array + description: Optional. Optional cascading rules for deleting related assets. + names: description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + Required. The IDs of the assets to delete. A maximum of 1000 assets + can be deleted in a batch. Format: + projects/{project}/locations/{location}/assets/{name}. + items: + type: string + type: array + allowMissing: description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. + Optional. When this value is set to `true` the request is a no-op + for non-existing assets. See + https://google.aip.dev/135#delete-if-existing for additional + details. Default value is `false`. type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object + FitDescriptor: + id: FitDescriptor properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + fitLevel: + readOnly: true type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array + enum: + - FIT_LEVEL_UNSPECIFIED + - FIT + - NO_FIT + - REQUIRES_EFFORT + enumDescriptions: + - Not enough information. + - Fit. + - No Fit. + - Fit with effort. + description: Output only. Fit level. + description: Describes the fit level of an asset for migration to a specific target. + type: object + NetworkConnectionList: + properties: + entries: + description: Network connection entries. items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + $ref: '#/components/schemas/NetworkConnection' + type: array + id: NetworkConnectionList + description: Network connection list. type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. + AggregationResultCount: + description: The result of a count aggregation. type: object - properties: {} - ListAssetsResponse: - id: ListAssetsResponse - description: Response message for listing assets. + id: AggregationResultCount + properties: + value: + type: string + format: int64 + ValidateImportJobRequest: type: object + id: ValidateImportJobRequest + description: A request to validate an import job. + properties: + requestId: + description: >- + Optional. An optional request ID to identify requests. Specify a + unique request ID so that if you must retry your request, the server + will know to ignore the request if it has already been completed. + The server will guarantee that for at least 60 minutes after the + first request. For example, consider a situation where you make an + initial request and the request times out. If you make the request + again with the same request ID, the server can check if original + operation with the same request ID was received, and if so, will + ignore the second request. This prevents clients from accidentally + creating duplicate commitments. The request ID must be a valid UUID + with the exception that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). + type: string + BatchUpdateAssetsResponse: + id: BatchUpdateAssetsResponse properties: assets: - description: A list of assets. type: array items: $ref: '#/components/schemas/Asset' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: + description: >- + Update asset content. The content only includes values after field + mask being applied. + description: Response for updating a list of assets. + type: object + AggregationResultFrequency: + type: object + description: The result of a frequency distribution aggregation. + properties: + values: + type: object + additionalProperties: + format: int64 type: string - Asset: - id: Asset + id: AggregationResultFrequency + ImportError: description: >- - An asset represents a resource in your environment. Asset types include - virtual machines and databases. + A resource that reports the errors encountered while processing an + import job. + id: ImportError type: object properties: - name: - description: Output only. The full name of the asset. - readOnly: true - type: string - title: - description: Output only. Server generated human readable name of the asset. - readOnly: true - type: string - createTime: - description: Output only. The timestamp when the asset was created. - readOnly: true + severity: + description: The severity of the error. + enumDescriptions: + - '' + - '' + - '' + - '' + enum: + - SEVERITY_UNSPECIFIED + - ERROR + - WARNING + - INFO type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the asset was last updated. - readOnly: true + errorDetails: + description: The error information. type: string - format: google-datetime - labels: - description: Labels as key value pairs. - type: object - additionalProperties: - type: string - attributes: - description: Generic asset attributes. - type: object - additionalProperties: - type: string - machineDetails: + MachinePreferences: + properties: + allowedMachineSeries: + items: + $ref: '#/components/schemas/MachineSeries' + type: array description: >- - Output only. Asset information specific for virtual and physical - machines. - readOnly: true - $ref: '#/components/schemas/MachineDetails' - databaseDeploymentDetails: - description: Output only. Asset information specific for database deployments. - readOnly: true - $ref: '#/components/schemas/DatabaseDeploymentDetails' - databaseDetails: - description: Output only. Asset information specific for logical databases. - readOnly: true - $ref: '#/components/schemas/DatabaseDetails' - hidden: - description: Optional. Indicates if the asset is hidden. - type: boolean - hideReason: - description: Optional. An optional reason for marking this asset as hidden. + Compute Engine machine series to consider for insights and + recommendations. If empty, no restriction is applied on the machine + series. + id: MachinePreferences + type: object + description: >- + The type of machines to consider when calculating virtual machine + migration insights and recommendations. Not all machine types are + available in all zones and regions. + AggregationResultHistogramBucket: + type: object + id: AggregationResultHistogramBucket + properties: + upperBound: + description: Upper bound - exclusive. + type: number + format: double + lowerBound: + type: number + format: double + description: Lower bound - inclusive. + count: + description: Count of items in the bucket. type: string - hideTime: - description: Output only. The timestamp when the asset was marked as hidden. - readOnly: true + format: int64 + description: >- + A histogram bucket with a lower and upper bound, and a count of items + with a field value between those bounds. The lower bound is inclusive + and the upper bound is exclusive. Lower bound may be -infinity and upper + bound may be infinity. + PostgreSqlExtension: + id: PostgreSqlExtension + properties: + extension: type: string - format: google-datetime - insightList: - description: Output only. The list of insights associated with the asset. - readOnly: true - $ref: '#/components/schemas/InsightList' - performanceData: - description: Output only. Performance data for the asset. - readOnly: true - $ref: '#/components/schemas/AssetPerformanceData' - sources: - description: Output only. The list of sources contributing to the asset. - readOnly: true - type: array - items: - type: string - assignedGroups: - description: Output only. The list of groups that the asset is assigned to. - readOnly: true + description: Required. The extension name. + version: + type: string + description: Required. The extension version. + type: object + description: PostgreSql extension. + RunningServiceList: + description: List of running guest OS services. + type: object + id: RunningServiceList + properties: + entries: type: array items: - type: string - MachineDetails: - id: MachineDetails - description: Details of a machine. + $ref: '#/components/schemas/RunningService' + description: Running service entries. + Relation: + id: Relation type: object properties: - uuid: - description: Machine unique identifier. + name: type: string - machineName: - description: Machine name. + description: Output only. Identifier. The identifier of the relation. + readOnly: true + srcAsset: + description: Output only. The source asset name in the relation. + type: string + readOnly: true + dstAsset: + readOnly: true + description: Output only. The destination asset name in the relation. type: string createTime: - description: Machine creation time. + description: Output only. The timestamp when the relation was created. + readOnly: true type: string format: google-datetime - coreCount: - description: Number of logical CPU cores in the machine. Must be non-negative. - type: integer - format: int32 - memoryMb: - description: The amount of memory in the machine. Must be non-negative. - type: integer - format: int32 - powerState: - description: Power state of the machine. + type: type: string enumDescriptions: - - Power state is unknown. + - Default value. + - DBDeployment -> Database - >- - The machine is preparing to enter the ACTIVE state. An instance - may enter the PENDING state when it launches for the first time, - or when it is started after being in the SUSPENDED state. - - The machine is active. - - The machine is being turned off. - - The machine is off. - - The machine is being deleted from the hosting platform. - - The machine is deleted from the hosting platform. + A relation between a machine/VM and the database deployment it + hosts. enum: - - POWER_STATE_UNSPECIFIED - - PENDING - - ACTIVE - - SUSPENDING - - SUSPENDED - - DELETING - - DELETED - architecture: - description: Architecture details (vendor, CPU architecture). - $ref: '#/components/schemas/MachineArchitectureDetails' - guestOs: - description: Guest OS information. - $ref: '#/components/schemas/GuestOsDetails' - network: - description: Network details. - $ref: '#/components/schemas/MachineNetworkDetails' - disks: - description: Disk details. - $ref: '#/components/schemas/MachineDiskDetails' - diskPartitions: - description: >- - Optional. Disk partitions details. Note: Partitions are not - necessarily mounted on local disks and therefore might not have a - one-to-one correspondence with local disks. - $ref: '#/components/schemas/DiskPartitionDetails' - platform: - description: Platform specific information. - $ref: '#/components/schemas/PlatformDetails' - MachineArchitectureDetails: - id: MachineArchitectureDetails - description: Details of the machine architecture. + - TYPE_UNSPECIFIED + - LOGICAL_DATABASE + - DATABASE_DEPLOYMENT_HOSTING_SERVER + description: Optional. The type of the relation. + description: Message representing a relation between 2 resource. + ReportSummaryVmwareEngineFinding: + description: A set of findings that applies to assets destined for VMWare Engine. type: object + id: ReportSummaryVmwareEngineFinding properties: - cpuArchitecture: - description: CPU architecture, e.g., "x64-based PC", "x86_64", "i686" etc. - type: string - cpuName: - description: CPU name, e.g., "Intel Xeon E5-2690", "AMD EPYC 7571" etc. - type: string - cpuManufacturer: - description: Optional. CPU manufacturer, e.g., "Intel", "AMD". + allocatedAssetCount: + description: Count of assets which are allocated + format: int64 type: string - vendor: - description: Hardware vendor. + nodeAllocations: + type: array + items: + $ref: '#/components/schemas/ReportSummaryVmwareNodeAllocation' + description: Set of per-nodetype allocation records + allocatedRegions: + description: Set of regions in which the assets were allocated + type: array + items: + type: string + ListRelationsResponse: + properties: + nextPageToken: type: string - cpuThreadCount: - description: >- - Deprecated: use MachineDetails.core_count instead. Number of CPU - threads allocated to the machine. - deprecated: true + description: A token identifying a page of results the server should return. + relations: + type: array + description: A list of relations. + items: + $ref: '#/components/schemas/Relation' + id: ListRelationsResponse + type: object + description: Response message for listing relations. + MySqlStorageEngineDetails: + type: object + id: MySqlStorageEngineDetails + properties: + encryptedTableCount: + description: Optional. The number of encrypted tables. type: integer format: int32 - cpuSocketCount: - description: Number of processor sockets allocated to the machine. + tableCount: type: integer format: int32 - bios: - description: BIOS Details. - $ref: '#/components/schemas/BiosDetails' - firmwareType: - description: Firmware type. + description: Optional. The number of tables. + engine: type: string - enumDescriptions: - - Unspecified or unknown. - - BIOS firmware. - - EFI firmware. enum: - - FIRMWARE_TYPE_UNSPECIFIED - - BIOS - - EFI - hyperthreading: - description: CPU hyper-threading support. - type: string + - ENGINE_UNSPECIFIED + - INNODB + - MYISAM + - MEMORY + - CSV + - ARCHIVE + - BLACKHOLE + - NDB + - MERGE + - FEDERATED + - EXAMPLE + - OTHER + description: Required. The storage engine. enumDescriptions: - - Unspecified or unknown. - - Hyper-threading is disabled. - - Hyper-threading is enabled. - enum: - - CPU_HYPER_THREADING_UNSPECIFIED - - DISABLED - - ENABLED - BiosDetails: - id: BiosDetails - description: Details about the BIOS. - type: object + - Unspecified storage engine. + - InnoDB. + - MyISAM. + - Memory. + - CSV. + - Archive. + - Blackhole. + - NDB. + - Merge. + - Federated. + - Example. + - Other. + description: Mysql storage engine tables. + OpenFileDetails: properties: - biosName: - description: >- - BIOS name. This fields is deprecated. Please use the `id` field - instead. - deprecated: true - type: string - id: - description: BIOS ID. + fileType: + description: Opened file file type. type: string - manufacturer: - description: BIOS manufacturer. + user: + description: Opened file user. type: string - version: - description: BIOS version. + filePath: + description: Opened file file path. type: string - releaseDate: - description: BIOS release date. - $ref: '#/components/schemas/Date' - smbiosUuid: - description: SMBIOS UUID. + command: + description: Opened file command. type: string - Date: - id: Date - description: >- - Represents a whole or partial calendar date, such as a birthday. The - time of day and time zone are either specified elsewhere or are - insignificant. The date is relative to the Gregorian Calendar. This can - represent one of the following: * A full date, with non-zero year, - month, and day values. * A month and day, with a zero year (for example, - an anniversary). * A year on its own, with a zero month and a zero day. - * A year and month, with a zero day (for example, a credit card - expiration date). Related types: * google.type.TimeOfDay * - google.type.DateTime * google.protobuf.Timestamp - type: object - properties: - year: - description: >- - Year of the date. Must be from 1 to 9999, or 0 to specify a date - without a year. - type: integer - format: int32 - month: - description: >- - Month of a year. Must be from 1 to 12, or 0 to specify a year - without a month and day. - type: integer - format: int32 - day: - description: >- - Day of a month. Must be from 1 to 31 and valid for the year and - month, or 0 to specify a year by itself or a year and month where - the day isn't significant. - type: integer - format: int32 - GuestOsDetails: - id: GuestOsDetails - description: Information from Guest-level collections. + description: Open file Information. + id: OpenFileDetails type: object + NetworkAddress: + id: NetworkAddress + description: Details of network address. properties: - osName: - description: The name of the operating system. - type: string - family: - description: What family the OS belong to, if known. - type: string + assignment: enumDescriptions: - - '' - - Microsoft Windows Server and Desktop. - - Various Linux flavors. - - Non-Linux Unix flavors. + - Unknown (default value). + - Statically assigned IP. + - Dynamically assigned IP (DHCP). + description: Whether DHCP is used to assign addresses. enum: - - OS_FAMILY_UNKNOWN - - OS_FAMILY_WINDOWS - - OS_FAMILY_LINUX - - OS_FAMILY_UNIX - version: - description: The version of the operating system. - type: string - config: - description: OS and app configuration. - $ref: '#/components/schemas/GuestConfigDetails' - runtime: - description: Runtime information. - $ref: '#/components/schemas/GuestRuntimeDetails' - GuestConfigDetails: - id: GuestConfigDetails - description: Guest OS config information. - type: object - properties: - issue: - description: OS issue (typically /etc/issue in Linux). - type: string - fstab: - description: Mount list (Linux fstab). - $ref: '#/components/schemas/FstabEntryList' - hosts: - description: Hosts file (/etc/hosts). - $ref: '#/components/schemas/HostsEntryList' - nfsExports: - description: NFS exports. - $ref: '#/components/schemas/NfsExportList' - selinuxMode: - description: Security-Enhanced Linux (SELinux) mode. + - ADDRESS_ASSIGNMENT_UNSPECIFIED + - ADDRESS_ASSIGNMENT_STATIC + - ADDRESS_ASSIGNMENT_DHCP type: string - enumDescriptions: - - SELinux mode unknown or unspecified. - - SELinux is disabled. - - SELinux permissive mode. - - SELinux enforcing mode. - enum: - - SE_LINUX_MODE_UNSPECIFIED - - SE_LINUX_MODE_DISABLED - - SE_LINUX_MODE_PERMISSIVE - - SE_LINUX_MODE_ENFORCING - FstabEntryList: - id: FstabEntryList - description: Fstab content. - type: object - properties: - entries: - description: Fstab entries. - type: array - items: - $ref: '#/components/schemas/FstabEntry' - FstabEntry: - id: FstabEntry - description: Single fstab entry. - type: object - properties: - spec: - description: The block special device or remote filesystem to be mounted. + ipAddress: type: string - file: - description: The mount point for the filesystem. + description: Assigned or configured IP Address. + bcast: + description: Broadcast address. type: string - vfstype: - description: The type of the filesystem. + fqdn: + description: Fully qualified domain name. type: string - mntops: - description: Mount options associated with the filesystem. + subnetMask: type: string - freq: - description: Used by dump to determine which filesystems need to be dumped. - type: integer + description: Subnet mask. + type: object + SqlServerSchemaDetails: + description: Specific details for a SqlServer database. + id: SqlServerSchemaDetails + properties: + clrObjectCount: format: int32 - passno: - description: >- - Used by the fsck(8) program to determine the order in which - filesystem checks are done at reboot time. type: integer - format: int32 - HostsEntryList: - id: HostsEntryList - description: Hosts content. + description: Optional. SqlServer number of CLR objects. + type: object + NetworkAddressList: + description: List of allocated/assigned network addresses. + id: NetworkAddressList type: object properties: entries: - description: Hosts entries. - type: array items: - $ref: '#/components/schemas/HostsEntry' - HostsEntry: - id: HostsEntry - description: Single /etc/hosts entry. - type: object - properties: - ip: - description: IP (raw, IPv4/6 agnostic). - type: string - hostNames: - description: List of host names / aliases. + $ref: '#/components/schemas/NetworkAddress' + description: Network address entries. type: array - items: - type: string - NfsExportList: - id: NfsExportList - description: NFS exports. - type: object + FstabEntryList: + id: FstabEntryList properties: entries: - description: NFS export entries. type: array items: - $ref: '#/components/schemas/NfsExport' - NfsExport: - id: NfsExport - description: NFS export. + $ref: '#/components/schemas/FstabEntry' + description: Fstab entries. type: object + description: Fstab content. + ListErrorFramesResponse: properties: - exportDirectory: - description: The directory being exported. - type: string - hosts: - description: The hosts or networks to which the export is being shared. + unreachable: type: array items: type: string - GuestRuntimeDetails: - id: GuestRuntimeDetails - description: Guest OS runtime information. + description: Locations that could not be reached. + errorFrames: + type: array + description: The list of error frames. + items: + $ref: '#/components/schemas/ErrorFrame' + nextPageToken: + type: string + description: A token identifying a page of results the server should return. type: object - properties: - services: - description: Running background services. - $ref: '#/components/schemas/RunningServiceList' - processes: - description: Running processes. - $ref: '#/components/schemas/RunningProcessList' - network: - description: Runtime network information (connections, ports). - $ref: '#/components/schemas/RuntimeNetworkInfo' - lastBootTime: - description: Last time the OS was booted. - type: string - format: google-datetime - domain: - description: Domain, e.g. c.stratozone-development.internal. - type: string - machineName: - description: Machine name. - type: string - installedApps: - description: Installed applications information. - $ref: '#/components/schemas/GuestInstalledApplicationList' - openFileList: - description: Open files information. - $ref: '#/components/schemas/OpenFileList' - RunningServiceList: - id: RunningServiceList - description: List of running guest OS services. - type: object - properties: - entries: - description: Running service entries. - type: array - items: - $ref: '#/components/schemas/RunningService' - RunningService: - id: RunningService - description: Guest OS running service details. + description: A response for listing error frames. + id: ListErrorFramesResponse + ComputeStorageDescriptor: + id: ComputeStorageDescriptor type: object + description: Compute Engine storage option descriptor. properties: - serviceName: - description: Service name. - type: string - state: - description: Service state (OS-agnostic). - type: string - enumDescriptions: - - Service state unspecified. - - Service is active. - - Service is paused. - - Service is stopped. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - PAUSED - - STOPPED - startMode: - description: Service start mode (OS-agnostic). + type: + readOnly: true type: string enumDescriptions: - - Start mode unspecified. - - The service is a device driver started by the system loader. - - >- - The service is a device driver started by the IOInitSystem - function. - - The service is started by the operating system, at system start-up - - The service is started only manually, by a user. - - The service is disabled. + - Unspecified. Fallback to default value based on context. + - Standard HDD Persistent Disk. + - Balanced Persistent Disk. + - SSD Persistent Disk. + description: Output only. Disk type backing the storage. enum: - - START_MODE_UNSPECIFIED - - BOOT - - SYSTEM - - AUTO - - MANUAL - - DISABLED - exePath: - description: Service binary path. - type: string - cmdline: - description: Service command line. - type: string - pid: - description: Service pid. - type: string - format: int64 - RunningProcessList: - id: RunningProcessList - description: List of running guest OS processes. + - PERSISTENT_DISK_TYPE_UNSPECIFIED + - PERSISTENT_DISK_TYPE_STANDARD + - PERSISTENT_DISK_TYPE_BALANCED + - PERSISTENT_DISK_TYPE_SSD + sizeGb: + readOnly: true + format: int32 + type: integer + description: Output only. Disk size in GiB. + DailyResourceUsageAggregation: + properties: + cpu: + description: CPU usage. + $ref: '#/components/schemas/DailyResourceUsageAggregationCPU' + disk: + description: Disk usage. + $ref: '#/components/schemas/DailyResourceUsageAggregationDisk' + memory: + description: Memory usage. + $ref: '#/components/schemas/DailyResourceUsageAggregationMemory' + date: + description: Aggregation date. Day boundaries are at midnight UTC. + $ref: '#/components/schemas/Date' + network: + description: Network usage. + $ref: '#/components/schemas/DailyResourceUsageAggregationNetwork' type: object + id: DailyResourceUsageAggregation + description: Usage data aggregation for a single day. + NfsExportList: properties: entries: - description: Running process entries. - type: array items: - $ref: '#/components/schemas/RunningProcess' - RunningProcess: - id: RunningProcess - description: Guest OS running process details. + $ref: '#/components/schemas/NfsExport' + type: array + description: NFS export entries. + id: NfsExportList + description: NFS exports. type: object + AggregationResultHistogram: properties: - pid: - description: Process ID. - type: string - format: int64 - exePath: - description: Process binary path. - type: string - cmdline: - description: Process full command line. - type: string - user: - description: User running the process. - type: string - attributes: - description: Process extended attributes. - type: object - additionalProperties: - type: string - RuntimeNetworkInfo: - id: RuntimeNetworkInfo - description: Runtime networking information. + buckets: + description: >- + Buckets in the histogram. There will be `n+1` buckets matching `n` + lower bounds in the request. The first bucket will be from -infinity + to the first bound. Subsequent buckets will be between one bound and + the next. The final bucket will be from the final bound to infinity. + type: array + items: + $ref: '#/components/schemas/AggregationResultHistogramBucket' + id: AggregationResultHistogram type: object - properties: - scanTime: - description: Time of the last network scan. - type: string - format: google-datetime - connections: - description: Network connections. - $ref: '#/components/schemas/NetworkConnectionList' - NetworkConnectionList: - id: NetworkConnectionList - description: Network connection list. + description: The result of a bucketed histogram aggregation. + ListOperationsResponse: type: object properties: - entries: - description: Network connection entries. + unreachable: type: array + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. items: - $ref: '#/components/schemas/NetworkConnection' - NetworkConnection: - id: NetworkConnection + type: string + nextPageToken: + description: The standard List next-page token. + type: string + operations: + type: array + description: >- + A list of operations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Operation' + id: ListOperationsResponse + description: The response message for Operations.ListOperations. + CascadeLogicalDBsRule: + properties: {} type: object + description: Cascading rule for related logical DBs. + id: CascadeLogicalDBsRule + DiskEntry: + description: Single disk entry. properties: - protocol: - description: Connection protocol (e.g. TCP/UDP). - type: string - localIpAddress: - description: Local IP address. - type: string - localPort: - description: Local port. - type: integer - format: int32 - remoteIpAddress: - description: Remote IP address. + capacityBytes: + description: Disk capacity. + format: int64 type: string - remotePort: - description: Remote port. - type: integer - format: int32 - state: - description: Network connection state. + interfaceType: + description: Disks interface type. type: string enumDescriptions: - - Connection state is unknown or unspecified. - - The connection is being opened. - - The connection is open. - - Listening for incoming connections. - - The connection is being closed. - - The connection is closed. + - Interface type unknown or unspecified. + - IDE interface type. + - SATA interface type. + - SAS interface type. + - SCSI interface type. + - NVME interface type. + - FC interface type. + - iSCSI interface type. enum: - - STATE_UNSPECIFIED - - OPENING - - OPEN - - LISTEN - - CLOSING - - CLOSED - pid: - description: Process ID. - type: string - format: int64 - processName: - description: Process or service name. - type: string - GuestInstalledApplicationList: - id: GuestInstalledApplicationList - description: Guest installed application list. - type: object - properties: - entries: - description: Application entries. - type: array - items: - $ref: '#/components/schemas/GuestInstalledApplication' - GuestInstalledApplication: - id: GuestInstalledApplication - description: Guest installed application information. - type: object - properties: - applicationName: - description: Installed application name. - type: string - vendor: - description: Installed application vendor. + - INTERFACE_TYPE_UNSPECIFIED + - IDE + - SATA + - SAS + - SCSI + - NVME + - FC + - ISCSI + partitions: + $ref: '#/components/schemas/DiskPartitionList' + description: Partition layout. + freeBytes: type: string - installTime: - description: The time when the application was installed. + format: int64 + description: Disk free space. + hwAddress: + description: Disk hardware address (e.g. 0:1 for SCSI). type: string - format: google-datetime - path: - description: Source path. + diskLabelType: + description: Disk label type (e.g. BIOS/GPT) type: string - version: - description: Installed application version. + diskLabel: type: string - licenses: - description: License strings associated with the installed application. - type: array - items: - type: string - OpenFileList: - id: OpenFileList - description: Open file list. + description: Disk label. + vmware: + $ref: '#/components/schemas/VmwareDiskConfig' + description: VMware disk details. + id: DiskEntry + type: object + Insight: + id: Insight + description: An insight about an asset. type: object properties: - entries: - description: Open file details entries. - type: array - items: - $ref: '#/components/schemas/OpenFileDetails' - OpenFileDetails: - id: OpenFileDetails - description: Open file Information. + migrationInsight: + $ref: '#/components/schemas/MigrationInsight' + description: Output only. An insight about potential migrations for an asset. + readOnly: true + genericInsight: + $ref: '#/components/schemas/GenericInsight' + description: Output only. A generic insight about an asset. + readOnly: true + CancelOperationRequest: type: object + description: The request message for Operations.CancelOperation. + properties: {} + id: CancelOperationRequest + MachineDetails: properties: - command: - description: Opened file command. + diskPartitions: + description: >- + Optional. Disk partitions details. Note: Partitions are not + necessarily mounted on local disks and therefore might not have a + one-to-one correspondence with local disks. + $ref: '#/components/schemas/DiskPartitionDetails' + createTime: + format: google-datetime type: string - user: - description: Opened file user. + description: Machine creation time. + memoryMb: + format: int32 + type: integer + description: The amount of memory in the machine. Must be non-negative. + network: + description: Network details. + $ref: '#/components/schemas/MachineNetworkDetails' + powerState: + description: Power state of the machine. + enum: + - POWER_STATE_UNSPECIFIED + - PENDING + - ACTIVE + - SUSPENDING + - SUSPENDED + - DELETING + - DELETED type: string - fileType: - description: Opened file file type. + enumDescriptions: + - Power state is unknown. + - >- + The machine is preparing to enter the ACTIVE state. An instance + may enter the PENDING state when it launches for the first time, + or when it is started after being in the SUSPENDED state. + - The machine is active. + - The machine is being turned off. + - The machine is off. + - The machine is being deleted from the hosting platform. + - The machine is deleted from the hosting platform. + machineName: + description: Machine name. type: string - filePath: - description: Opened file file path. + guestOs: + $ref: '#/components/schemas/GuestOsDetails' + description: Guest OS information. + coreCount: + type: integer + description: Number of logical CPU cores in the machine. Must be non-negative. + format: int32 + architecture: + description: Architecture details (vendor, CPU architecture). + $ref: '#/components/schemas/MachineArchitectureDetails' + disks: + description: Disk details. + $ref: '#/components/schemas/MachineDiskDetails' + uuid: + description: Machine unique identifier. type: string - MachineNetworkDetails: - id: MachineNetworkDetails - description: Details of network adapters and settings. + platform: + description: Platform specific information. + $ref: '#/components/schemas/PlatformDetails' type: object + id: MachineDetails + description: Details of a machine. + DailyResourceUsageAggregationCPU: + description: Statistical aggregation of CPU usage. + id: DailyResourceUsageAggregationCPU properties: - primaryIpAddress: - description: The primary IP address of the machine. - type: string - publicIpAddress: - description: The public IP address of the machine. - type: string - primaryMacAddress: - description: >- - MAC address of the machine. This property is used to uniqly identify - the machine. - type: string - adapters: - description: List of network adapters. - $ref: '#/components/schemas/NetworkAdapterList' - NetworkAdapterList: - id: NetworkAdapterList - description: List of network adapters. + utilizationPercentage: + description: CPU utilization percentage. + $ref: '#/components/schemas/DailyResourceUsageAggregationStats' type: object + NfsExport: + description: NFS export. properties: - entries: - description: Network adapter entries. + exportDirectory: + description: The directory being exported. + type: string + hosts: type: array + description: The hosts or networks to which the export is being shared. items: - $ref: '#/components/schemas/NetworkAdapterDetails' - NetworkAdapterDetails: - id: NetworkAdapterDetails - description: Details of network adapter. + type: string + type: object + id: NfsExport + Location: + description: A resource that represents a Google Cloud location. + id: Location type: object properties: - adapterType: - description: Network adapter type (e.g. VMXNET3). + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". type: string - macAddress: - description: MAC address. + labels: + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + additionalProperties: + type: string + type: object + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' type: string - addresses: - description: NetworkAddressList - $ref: '#/components/schemas/NetworkAddressList' - NetworkAddressList: - id: NetworkAddressList - description: List of allocated/assigned network addresses. - type: object - properties: - entries: - description: Network address entries. - type: array - items: - $ref: '#/components/schemas/NetworkAddress' - NetworkAddress: - id: NetworkAddress - description: Details of network address. + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + type: string + metadata: + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + GenericPlatformDetails: + id: GenericPlatformDetails type: object properties: - ipAddress: - description: Assigned or configured IP Address. + hyperthreading: + enumDescriptions: + - Simultaneous Multithreading status unknown. + - Simultaneous Multithreading is disabled or unavailable. + - Simultaneous Multithreading is enabled. + description: Whether the machine is hyperthreaded. + enum: + - HYPERTHREADING_STATUS_UNSPECIFIED + - HYPERTHREADING_STATUS_DISABLED + - HYPERTHREADING_STATUS_ENABLED type: string - subnetMask: - description: Subnet mask. - type: string - bcast: - description: Broadcast address. + location: + description: >- + Free text representation of the machine location. The format of this + field should not be relied on. Different VMs in the same location + may have different string values for this field. type: string - fqdn: - description: Fully qualified domain name. + description: Generic platform details. + DatabaseDeploymentDetails: + properties: + postgresql: + description: Optional. Details of a PostgreSQL database deployment. + $ref: '#/components/schemas/PostgreSqlDatabaseDeployment' + aggregatedStats: + readOnly: true + description: Output only. Aggregated stats for the database deployment. + $ref: '#/components/schemas/DatabaseDeploymentDetailsAggregatedStats' + mysql: + description: Optional. Details of a MYSQL database deployment. + $ref: '#/components/schemas/MysqlDatabaseDeployment' + awsRds: + $ref: '#/components/schemas/AwsRds' + description: Optional. Details of an AWS RDS instance. + generatedId: + description: Optional. The database deployment generated ID. type: string - assignment: - description: Whether DHCP is used to assign addresses. + manualUniqueId: type: string - enumDescriptions: - - Unknown (default value). - - Statically assigned IP. - - Dynamically assigned IP (DHCP). - enum: - - ADDRESS_ASSIGNMENT_UNSPECIFIED - - ADDRESS_ASSIGNMENT_STATIC - - ADDRESS_ASSIGNMENT_DHCP - MachineDiskDetails: - id: MachineDiskDetails - description: Details of machine disks. - type: object - properties: - totalCapacityBytes: - description: Disk total Capacity. + description: Optional. A manual unique ID set by the user. + version: type: string - format: int64 - totalFreeBytes: - description: Total disk free space. + description: Optional. The database deployment version. + sqlServer: + $ref: '#/components/schemas/SqlServerDatabaseDeployment' + description: Optional. Details of a Microsoft SQL Server database deployment. + topology: + $ref: '#/components/schemas/DatabaseDeploymentTopology' + description: Optional. Details of the database deployment topology. + edition: type: string - format: int64 - disks: - description: List of disks. - $ref: '#/components/schemas/DiskEntryList' - DiskEntryList: - id: DiskEntryList - description: VM disks. + description: Optional. The database deployment edition. type: object + description: The details of a database deployment asset. + id: DatabaseDeploymentDetails + RegionPreferences: properties: - entries: - description: Disk entries. - type: array + preferredRegions: items: - $ref: '#/components/schemas/DiskEntry' - DiskEntry: - id: DiskEntry - description: Single disk entry. + type: string + description: >- + A list of preferred regions, ordered by the most preferred region + first. Set only valid Google Cloud region names. See + https://cloud.google.com/compute/docs/regions-zones for available + regions. + type: array + type: object + description: The user preferences relating to target regions. + id: RegionPreferences + DailyResourceUsageAggregationDisk: type: object properties: - capacityBytes: - description: Disk capacity. - type: string - format: int64 - freeBytes: - description: Disk free space. + writeIops: + $ref: '#/components/schemas/DailyResourceUsageAggregationStats' + description: Optional. Disk write I/O operations per second. + readIops: + $ref: '#/components/schemas/DailyResourceUsageAggregationStats' + description: Optional. Disk read I/O operations per second. + iops: + description: Optional. Disk I/O operations per second. + $ref: '#/components/schemas/DailyResourceUsageAggregationStats' + id: DailyResourceUsageAggregationDisk + description: Statistical aggregation of disk usage. + PreferenceSet: + id: PreferenceSet + properties: + displayName: + description: User-friendly display name. Maximum length is 63 characters. type: string - format: int64 - diskLabel: - description: Disk label. + virtualMachinePreferences: + description: >- + Optional. A set of preferences that applies to all virtual machines + in the context. + $ref: '#/components/schemas/VirtualMachinePreferences' + description: + description: A description of the preference set. type: string - diskLabelType: - description: Disk label type (e.g. BIOS/GPT) + createTime: + format: google-datetime + description: Output only. The timestamp when the preference set was created. type: string - interfaceType: - description: Disks interface type. + readOnly: true + name: + readOnly: true type: string - enumDescriptions: - - Interface type unknown or unspecified. - - IDE interface type. - - SATA interface type. - - SAS interface type. - - SCSI interface type. - - NVME interface type. - - FC interface type. - - iSCSI interface type. - enum: - - INTERFACE_TYPE_UNSPECIFIED - - IDE - - SATA - - SAS - - SCSI - - NVME - - FC - - ISCSI - partitions: - description: Partition layout. - $ref: '#/components/schemas/DiskPartitionList' - hwAddress: - description: Disk hardware address (e.g. 0:1 for SCSI). + description: Output only. Name of the preference set. + updateTime: + readOnly: true + format: google-datetime type: string - vmware: - description: VMware disk details. - $ref: '#/components/schemas/VmwareDiskConfig' - DiskPartitionList: - id: DiskPartitionList - description: Disk partition list. - type: object - properties: - entries: - description: Partition entries. - type: array - items: - $ref: '#/components/schemas/DiskPartition' - DiskPartition: - id: DiskPartition - description: Disk Partition details. + description: Output only. The timestamp when the preference set was last updated. type: object + description: The preferences that apply to all assets in a given context. + MachineDiskDetails: properties: - type: - description: Partition type. - type: string - fileSystem: - description: Partition file system. - type: string - mountPoint: - description: Mount point (Linux/Windows) or drive letter (Windows). - type: string - capacityBytes: - description: Partition capacity. - type: string + disks: + description: List of disks. + $ref: '#/components/schemas/DiskEntryList' + totalCapacityBytes: format: int64 - freeBytes: - description: Partition free space. + type: string + description: Disk total Capacity. + totalFreeBytes: + description: Total disk free space. type: string format: int64 - uuid: - description: Partition UUID. + type: object + description: Details of machine disks. + id: MachineDiskDetails + ListReportsResponse: + id: ListReportsResponse + type: object + description: Response message for listing Reports. + properties: + nextPageToken: + description: A token identifying a page of results the server should return. type: string - subPartitions: - description: Sub-partitions. - $ref: '#/components/schemas/DiskPartitionList' - VmwareDiskConfig: - id: VmwareDiskConfig - description: VMware disk config details. + reports: + type: array + items: + $ref: '#/components/schemas/Report' + description: The list of Reports. + unreachable: + type: array + items: + type: string + description: Locations that could not be reached. + VirtualMachinePreferences: + id: VirtualMachinePreferences type: object properties: - backingType: - description: VMDK backing type. + soleTenancyPreferences: + $ref: '#/components/schemas/SoleTenancyPreferences' + description: Preferences concerning Sole Tenant nodes and virtual machines. + vmwareEnginePreferences: + description: >- + Preferences concerning insights and recommendations for Google Cloud + VMware Engine. + $ref: '#/components/schemas/VmwareEnginePreferences' + commitmentPlan: type: string enumDescriptions: - - Default value. - - Flat v1. - - Flat v2. - - Persistent memory, also known as Non-Volatile Memory (NVM). - - Raw Disk Memory v1. - - Raw Disk Memory v2. - - >- - SEsparse is a snapshot format introduced in vSphere 5.5 for large - disks. - - SEsparse v1. - - SEsparse v1. - enum: - - BACKING_TYPE_UNSPECIFIED - - BACKING_TYPE_FLAT_V1 - - BACKING_TYPE_FLAT_V2 - - BACKING_TYPE_PMEM - - BACKING_TYPE_RDM_V1 - - BACKING_TYPE_RDM_V2 - - BACKING_TYPE_SESPARSE - - BACKING_TYPE_SESPARSE_V1 - - BACKING_TYPE_SESPARSE_V2 - shared: - description: Is VMDK shared with other VMs. - type: boolean - vmdkMode: - description: VMDK disk mode. - type: string - enumDescriptions: - - VMDK disk mode unspecified or unknown. - - Dependent disk mode. - - Independent - Persistent disk mode. - - Independent - Nonpersistent disk mode. + - Unspecified commitment plan. + - No commitment plan. + - 1 year commitment. + - 3 years commitment. + description: >- + Commitment plan to consider when calculating costs for virtual + machine insights and recommendations. If you are unsure which value + to set, a 3 year commitment plan is often a good value to start + with. enum: - - VMDK_MODE_UNSPECIFIED - - DEPENDENT - - INDEPENDENT_PERSISTENT - - INDEPENDENT_NONPERSISTENT - rdmCompatibility: - description: RDM compatibility mode. + - COMMITMENT_PLAN_UNSPECIFIED + - COMMITMENT_PLAN_NONE + - COMMITMENT_PLAN_ONE_YEAR + - COMMITMENT_PLAN_THREE_YEARS + regionPreferences: + $ref: '#/components/schemas/RegionPreferences' + description: >- + Region preferences for assets using this preference set. If you are + unsure which value to set, the migration service API region is often + a good value to start with. + sizingOptimizationStrategy: + enum: + - SIZING_OPTIMIZATION_STRATEGY_UNSPECIFIED + - SIZING_OPTIMIZATION_STRATEGY_SAME_AS_SOURCE + - SIZING_OPTIMIZATION_STRATEGY_MODERATE + - SIZING_OPTIMIZATION_STRATEGY_AGGRESSIVE type: string + description: >- + Sizing optimization strategy specifies the preferred strategy used + when extrapolating usage data to calculate insights and + recommendations for a virtual machine. If you are unsure which value + to set, a moderate sizing optimization strategy is often a good + value to start with. enumDescriptions: - - Compatibility mode unspecified or unknown. - - Physical compatibility mode. - - Virtual compatibility mode. + - Unspecified (default value). + - >- + No optimization applied. Virtual machine sizing matches as closely + as possible the machine shape on the source site, not considering + any actual performance data. + - >- + Virtual machine sizing will match the reported usage and shape, + with some slack. This a good value to start with. + - >- + Virtual machine sizing will match the reported usage, with little + slack. Using this option can help reduce costs. + targetProduct: + type: string enum: - - RDM_COMPATIBILITY_UNSPECIFIED - - PHYSICAL_COMPATIBILITY - - VIRTUAL_COMPATIBILITY - DiskPartitionDetails: - id: DiskPartitionDetails - description: Disk partition details. + - COMPUTE_MIGRATION_TARGET_PRODUCT_UNSPECIFIED + - COMPUTE_MIGRATION_TARGET_PRODUCT_COMPUTE_ENGINE + - COMPUTE_MIGRATION_TARGET_PRODUCT_VMWARE_ENGINE + - COMPUTE_MIGRATION_TARGET_PRODUCT_SOLE_TENANCY + description: >- + Target product for assets using this preference set. Specify either + target product or business goal, but not both. + enumDescriptions: + - Unspecified (default value). + - Prefer to migrate to Google Cloud Compute Engine. + - Prefer to migrate to Google Cloud VMware Engine.6278 + - Prefer to migrate to Google Cloud Sole Tenant Nodes. + computeEnginePreferences: + $ref: '#/components/schemas/ComputeEnginePreferences' + description: >- + Compute Engine preferences concern insights and recommendations for + Compute Engine target. + description: >- + VirtualMachinePreferences enables you to create sets of assumptions, for + example, a geographical location and pricing track, for your migrated + virtual machines. The set of preferences influence recommendations for + migrating virtual machine assets. + Date: + properties: + month: + description: >- + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. + format: int32 + type: integer + day: + type: integer + description: >- + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. + format: int32 + year: + description: >- + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. + format: int32 + type: integer + description: >- + Represents a whole or partial calendar date, such as a birthday. The + time of day and time zone are either specified elsewhere or are + insignificant. The date is relative to the Gregorian Calendar. This can + represent one of the following: * A full date, with non-zero year, + month, and day values. * A month and day, with a zero year (for example, + an anniversary). * A year on its own, with a zero month and a zero day. + * A year and month, with a zero day (for example, a credit card + expiration date). Related types: * google.type.TimeOfDay * + google.type.DateTime * google.protobuf.Timestamp + id: Date + type: object + DiskPartition: type: object properties: - totalCapacityBytes: - description: Output only. Total capacity of all partitions. - readOnly: true + type: + type: string + description: Partition type. + subPartitions: + $ref: '#/components/schemas/DiskPartitionList' + description: Sub-partitions. + mountPoint: + type: string + description: Mount point (Linux/Windows) or drive letter (Windows). + freeBytes: type: string format: int64 - freeSpaceBytes: - description: Output only. Total free space of all partitions. - readOnly: true + description: Partition free space. + uuid: + description: Partition UUID. type: string + fileSystem: + description: Partition file system. + type: string + capacityBytes: + description: Partition capacity. format: int64 - partitions: - description: Optional. List of partitions. - $ref: '#/components/schemas/DiskPartitionList' - PlatformDetails: - id: PlatformDetails - description: Information about the platform. + type: string + id: DiskPartition + description: Disk Partition details. + ReportSummaryGroupFinding: + id: ReportSummaryGroupFinding + properties: + description: + type: string + description: Description for the Group. + displayName: + description: Display Name for the Group. + type: string + assetAggregateStats: + $ref: '#/components/schemas/ReportSummaryAssetAggregateStats' + description: Summary statistics for all the assets in this group. + overlappingAssetCount: + deprecated: true + type: string + format: int64 + description: This field is deprecated, do not rely on it having a value. + preferenceSetFindings: + description: Findings for each of the PreferenceSets for this group. + items: + $ref: '#/components/schemas/ReportSummaryGroupPreferenceSetFinding' + type: array + description: Summary Findings for a specific Group. type: object + ListGroupsResponse: + description: A response for listing groups. + id: ListGroupsResponse properties: - vmwareDetails: - description: VMware specific details. - $ref: '#/components/schemas/VmwarePlatformDetails' - awsEc2Details: - description: AWS EC2 specific details. - $ref: '#/components/schemas/AwsEc2PlatformDetails' - azureVmDetails: - description: Azure VM specific details. - $ref: '#/components/schemas/AzureVmPlatformDetails' - genericDetails: - description: Generic platform details. - $ref: '#/components/schemas/GenericPlatformDetails' - physicalDetails: - description: Physical machines platform details. - $ref: '#/components/schemas/PhysicalPlatformDetails' + groups: + items: + $ref: '#/components/schemas/Group' + description: The list of Group + type: array + nextPageToken: + description: A token identifying a page of results the server should return. + type: string + unreachable: + type: array + items: + type: string + description: Locations that could not be reached. + type: object VmwarePlatformDetails: id: VmwarePlatformDetails - description: VMware specific details. type: object properties: - vcenterVersion: - description: vCenter version. - type: string - esxVersion: - description: ESX version. - type: string osid: + type: string description: >- VMware os enum - https://vdc-repo.vmware.com/vmwb-repository/dcr-public/da47f910-60ac-438b-8b9b-6122f4d14524/16b7274a-bf8b-4b4c-a05e-746f2aa93c8c/doc/vim.vm.GuestOsDescriptor.GuestOsIdentifier.html. - type: string vcenterFolder: description: Folder name in vCenter where asset resides. type: string @@ -1131,289 +1077,406 @@ components: description: vCenter URI used in collection. type: string vcenterVmId: - description: vCenter VM ID. type: string + description: vCenter VM ID. esxHyperthreading: - description: Whether the ESX is hyperthreaded. - type: string enumDescriptions: - Simultaneous Multithreading status unknown. - Simultaneous Multithreading is disabled or unavailable. - Simultaneous Multithreading is enabled. + description: Whether the ESX is hyperthreaded. enum: - HYPERTHREADING_STATUS_UNSPECIFIED - HYPERTHREADING_STATUS_DISABLED - HYPERTHREADING_STATUS_ENABLED - AwsEc2PlatformDetails: - id: AwsEc2PlatformDetails - description: AWS EC2 specific details. - type: object - properties: - machineTypeLabel: - description: AWS platform's machine type label. type: string - location: - description: The location of the machine in the AWS format. + vcenterVersion: + description: vCenter version. type: string - hyperthreading: - description: Optional. Whether the machine is hyperthreaded. + esxVersion: + description: ESX version. type: string - enumDescriptions: - - Simultaneous Multithreading status unknown. - - Simultaneous Multithreading is disabled or unavailable. - - Simultaneous Multithreading is enabled. - enum: - - HYPERTHREADING_STATUS_UNSPECIFIED - - HYPERTHREADING_STATUS_DISABLED - - HYPERTHREADING_STATUS_ENABLED - AzureVmPlatformDetails: - id: AzureVmPlatformDetails - description: Azure VM specific details. + description: VMware specific details. + PlatformDetails: + properties: + azureVmDetails: + $ref: '#/components/schemas/AzureVmPlatformDetails' + description: Azure VM specific details. + vmwareDetails: + description: VMware specific details. + $ref: '#/components/schemas/VmwarePlatformDetails' + genericDetails: + $ref: '#/components/schemas/GenericPlatformDetails' + description: Generic platform details. + awsEc2Details: + description: AWS EC2 specific details. + $ref: '#/components/schemas/AwsEc2PlatformDetails' + physicalDetails: + description: Physical machines platform details. + $ref: '#/components/schemas/PhysicalPlatformDetails' + description: Information about the platform. type: object + id: PlatformDetails + MachineNetworkDetails: + type: object + description: Details of network adapters and settings. properties: - machineTypeLabel: - description: Azure platform's machine type label. + adapters: + $ref: '#/components/schemas/NetworkAdapterList' + description: List of network adapters. + primaryIpAddress: + description: The primary IP address of the machine. type: string - location: - description: The location of the machine in the Azure format. + publicIpAddress: type: string - provisioningState: - description: Azure platform's provisioning state. + description: The public IP address of the machine. + primaryMacAddress: + description: >- + MAC address of the machine. This property is used to uniqly identify + the machine. type: string - hyperthreading: - description: Whether the machine is hyperthreaded. + defaultGateway: + description: Optional. Default gateway address. type: string - enumDescriptions: - - Simultaneous Multithreading status unknown. - - Simultaneous Multithreading is disabled or unavailable. - - Simultaneous Multithreading is enabled. - enum: - - HYPERTHREADING_STATUS_UNSPECIFIED - - HYPERTHREADING_STATUS_DISABLED - - HYPERTHREADING_STATUS_ENABLED - GenericPlatformDetails: - id: GenericPlatformDetails - description: Generic platform details. - type: object + id: MachineNetworkDetails + AggregationHistogram: properties: - location: + lowerBounds: + type: array description: >- - Free text representation of the machine location. The format of this - field should not be relied on. Different VMs in the same location - may have different string values for this field. + Lower bounds of buckets. The response will contain `n+1` buckets for + `n` bounds. The first bucket will count all assets for which the + field value is smaller than the first bound. Subsequent buckets will + count assets for which the field value is greater or equal to a + lower bound and smaller than the next one. The last bucket will + count assets for which the field value is greater or equal to the + final lower bound. You can define up to 20 lower bounds. + items: + type: number + format: double + id: AggregationHistogram + description: Histogram of bucketed assets counts by field value. + type: object + ReportSummaryUtilizationChartData: + description: >- + Utilization Chart is a specific type of visualization which displays a + metric classified into "Used" and "Free" buckets. + id: ReportSummaryUtilizationChartData + type: object + properties: + used: + format: int64 + description: Aggregate value which falls into the "Used" bucket. type: string - hyperthreading: - description: Whether the machine is hyperthreaded. + free: + format: int64 + description: Aggregate value which falls into the "Free" bucket. type: string - enumDescriptions: - - Simultaneous Multithreading status unknown. - - Simultaneous Multithreading is disabled or unavailable. - - Simultaneous Multithreading is enabled. - enum: - - HYPERTHREADING_STATUS_UNSPECIFIED - - HYPERTHREADING_STATUS_DISABLED - - HYPERTHREADING_STATUS_ENABLED - PhysicalPlatformDetails: - id: PhysicalPlatformDetails - description: Platform specific details for Physical Machines. + NetworkAdapterDetails: + description: Details of network adapter. type: object + id: NetworkAdapterDetails properties: - location: - description: >- - Free text representation of the machine location. The format of this - field should not be relied on. Different machines in the same - location may have different string values for this field. + macAddress: + description: MAC address. type: string - hyperthreading: - description: Whether the machine is hyperthreaded. + adapterType: type: string - enumDescriptions: - - Simultaneous Multithreading status unknown. - - Simultaneous Multithreading is disabled or unavailable. - - Simultaneous Multithreading is enabled. - enum: - - HYPERTHREADING_STATUS_UNSPECIFIED - - HYPERTHREADING_STATUS_DISABLED - - HYPERTHREADING_STATUS_ENABLED - DatabaseDeploymentDetails: - id: DatabaseDeploymentDetails - description: The details of a database deployment asset. + description: Network adapter type (e.g. VMXNET3). + addresses: + description: NetworkAddressList + $ref: '#/components/schemas/NetworkAddressList' + CascadingRule: + properties: + cascadeLogicalDbs: + description: Cascading rule for related logical DBs. + $ref: '#/components/schemas/CascadeLogicalDBsRule' + id: CascadingRule + description: Specifies cascading rules for traversing relations. + type: object + AggregationCount: + description: Object count. + id: AggregationCount + type: object + properties: {} + PostgreSqlProperty: type: object + id: PostgreSqlProperty properties: - generatedId: - description: Optional. The database deployment generated ID. + property: type: string - manualUniqueId: - description: Optional. A manual unique ID set by the user. + description: Required. The property name. + numericValue: + description: Required. The property numeric value. type: string - version: - description: Optional. The database deployment version. + format: int64 + enabled: + type: boolean + description: Required. The property is enabled. + description: PostgreSql property. + ListSourcesResponse: + properties: + sources: + items: + $ref: '#/components/schemas/Source' + description: The list of sources. + type: array + unreachable: + items: + type: string + type: array + description: Locations that could not be reached. + nextPageToken: + description: A token identifying a page of results the server should return. type: string - edition: - description: Optional. The database deployment edition. + type: object + description: Response message for listing sources. + id: ListSourcesResponse + SoleTenantNodeType: + description: A Sole Tenant node type. + properties: + nodeName: type: string - topology: - description: Optional. Details of the database deployment topology. - $ref: '#/components/schemas/DatabaseDeploymentTopology' - sqlServer: - description: Optional. Details of a Microsoft SQL Server database deployment. - $ref: '#/components/schemas/SqlServerDatabaseDeployment' - mysql: - description: Optional. Details of a MYSQL database deployment. - $ref: '#/components/schemas/MysqlDatabaseDeployment' - postgresql: - description: Optional. Details of a PostgreSQL database deployment. - $ref: '#/components/schemas/PostgreSqlDatabaseDeployment' - aggregatedStats: - description: Output only. Aggregated stats for the database deployment. - readOnly: true - $ref: '#/components/schemas/DatabaseDeploymentDetailsAggregatedStats' - awsRds: - description: Optional. Details of an AWS RDS instance. - $ref: '#/components/schemas/AwsRds' + description: >- + Name of the Sole Tenant node. Consult + https://cloud.google.com/compute/docs/nodes/sole-tenant-nodes + id: SoleTenantNodeType + type: object DatabaseDeploymentTopology: id: DatabaseDeploymentTopology - description: Details of database deployment's topology. type: object + description: Details of database deployment's topology. properties: - coreCount: - description: Optional. Number of total logical cores. - type: integer + instances: + type: array + items: + $ref: '#/components/schemas/DatabaseInstance' + description: Optional. List of database instances. + physicalCoreLimit: + description: Optional. Number of total physical cores limited by db deployment. format: int32 + type: integer physicalCoreCount: - description: Optional. Number of total physical cores. type: integer format: int32 - memoryBytes: - description: Optional. Total memory in bytes. - type: string - format: int64 - diskAllocatedBytes: - description: Optional. Disk allocated in bytes. - type: string - format: int64 - diskUsedBytes: - description: Optional. Disk used in bytes. - type: string - format: int64 + description: Optional. Number of total physical cores. coreLimit: description: Optional. Number of total logical cores limited by db deployment. - type: integer format: int32 - physicalCoreLimit: - description: Optional. Number of total physical cores limited by db deployment. type: integer - format: int32 memoryLimitBytes: + format: int64 description: Optional. Total memory in bytes limited by db deployment. type: string + coreCount: + type: integer + format: int32 + description: Optional. Number of total logical cores. + diskAllocatedBytes: format: int64 - instances: - description: Optional. List of database instances. - type: array - items: - $ref: '#/components/schemas/DatabaseInstance' - DatabaseInstance: - id: DatabaseInstance - description: Details of a database instance. - type: object - properties: - instanceName: - description: Optional. The instance's name. + description: Optional. Disk allocated in bytes. type: string - role: - description: Optional. The instance role in the database engine. + memoryBytes: + description: Optional. Total memory in bytes. + format: int64 type: string - enumDescriptions: - - Unspecified. - - Primary. - - Secondary. - - Arbiter. - enum: - - ROLE_UNSPECIFIED - - PRIMARY - - SECONDARY - - ARBITER - network: - description: Optional. Networking details. - $ref: '#/components/schemas/DatabaseInstanceNetwork' - DatabaseInstanceNetwork: - id: DatabaseInstanceNetwork - description: Network details of a database instance. + diskUsedBytes: + format: int64 + description: Optional. Disk used in bytes. + type: string + ImportRowError: type: object + id: ImportRowError properties: - primaryMacAddress: - description: Optional. The instance's primary MAC address. + xlsxError: + $ref: '#/components/schemas/ImportRowErrorXlsxErrorDetails' + description: Error details for an XLSX file. + assetTitle: + description: Output only. The asset title. + readOnly: true type: string - ipAddresses: - description: Optional. The instance's IP addresses. - type: array + vmUuid: + description: The VM UUID. + type: string + vmName: + type: string + description: The name of the VM in the row. + archiveError: + description: Error details for an archive file. + $ref: '#/components/schemas/ImportRowErrorArchiveErrorDetails' + errors: + description: The list of errors detected in the row. items: - type: string - hostNames: - description: Optional. The instance's host names. + $ref: '#/components/schemas/ImportError' type: array - items: - type: string - SqlServerDatabaseDeployment: - id: SqlServerDatabaseDeployment - description: Specific details for a Microsoft SQL Server database deployment. + csvError: + $ref: '#/components/schemas/ImportRowErrorCsvErrorDetails' + description: Error details for a CSV file. + rowNumber: + description: The row number where the error was detected. + format: int32 + deprecated: true + type: integer + description: A resource that reports the import job errors at row level. + SendDiscoveryClientHeartbeatRequest: type: object properties: - features: - description: Optional. List of SQL Server features. + errors: type: array items: - $ref: '#/components/schemas/SqlServerFeature' - serverFlags: - description: Optional. List of SQL Server server flags. - type: array + $ref: '#/components/schemas/Status' + description: Optional. Errors affecting client functionality. + version: + type: string + description: Optional. Client application version. + id: SendDiscoveryClientHeartbeatRequest + description: A request to send a discovery client heartbeat. + ListImportDataFilesResponse: + id: ListImportDataFilesResponse + properties: + nextPageToken: + description: >- + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. + type: string + importDataFiles: + description: The list of import data files. items: - $ref: '#/components/schemas/SqlServerServerFlag' - traceFlags: - description: Optional. List of SQL Server trace flags. + $ref: '#/components/schemas/ImportDataFile' + type: array + unreachable: type: array + description: Locations that could not be reached. items: - $ref: '#/components/schemas/SqlServerTraceFlag' - SqlServerFeature: - id: SqlServerFeature - description: SQL Server feature details. + type: string + type: object + description: Response for listing payload files of an import job. + ImportRowErrorXlsxErrorDetails: type: object + id: ImportRowErrorXlsxErrorDetails properties: - featureName: - description: Required. The feature name. + rowNumber: + type: integer + description: The row number where the error was detected. + format: int32 + sheet: + description: The name of the sheet where the error was detected. type: string - enabled: - description: >- - Required. Field enabled is set when a feature is used on the source - deployment. - type: boolean - SqlServerServerFlag: - id: SqlServerServerFlag - description: SQL Server server flag details. - type: object + description: Error details for an XLSX file. + DiscoveryClient: properties: - serverFlagName: - description: Required. The server flag name. + state: + description: Output only. Current state of the discovery client. type: string - value: - description: Required. The server flag value set by the user. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - OFFLINE + - DEGRADED + - EXPIRED + enumDescriptions: + - Client state is unspecified. + - Client is active. + - Client is offline. + - Client is in a degraded state. See the `errors` field for details. + - Client has expired. See the expire_time field for the expire time. + readOnly: true + description: type: string - valueInUse: + description: Optional. Free text description. Maximum length is 1000 characters. + source: description: >- - Required. The server flag actual value. If `value_in_use` is - different from `value` it means that either the configuration change - was not applied or it is an expected behavior. See SQL Server - documentation for more details. + Required. Immutable. Full name of the source object associated with + this discovery client. + type: string + updateTime: + type: string + format: google-datetime + readOnly: true + description: >- + Output only. Time when the discovery client was last updated. This + value is not updated by heartbeats, to view the last heartbeat time + please refer to the `heartbeat_time` field. + serviceAccount: + description: >- + Required. Service account used by the discovery client for various + operation. + type: string + labels: + additionalProperties: + type: string + description: Optional. Labels as key value pairs. + type: object + createTime: + description: Output only. Time when the discovery client was first created. + readOnly: true + format: google-datetime + type: string + name: + readOnly: true + description: Output only. Identifier. Full name of this discovery client. + type: string + errors: + description: Output only. Errors affecting client functionality. + type: array + items: + $ref: '#/components/schemas/Status' + readOnly: true + signalsEndpoint: + type: string + description: Output only. This field is intended for internal use. + readOnly: true + displayName: + type: string + description: Optional. Free text display name. Maximum length is 63 characters. + version: + type: string + readOnly: true + description: Output only. Client version, as reported in recent heartbeat. + ttl: + format: google-duration + type: string + description: >- + Optional. Input only. Client time-to-live. If specified, the backend + will not accept new frames after this time. This field is input + only. The derived expiration time is provided as output through the + `expire_time` field. + expireTime: + type: string + description: >- + Optional. Client expiration time in UTC. If specified, the backend + will not accept new frames after this time. + format: google-datetime + heartbeatTime: + type: string + description: >- + Output only. Last heartbeat time. Healthy clients are expected to + send heartbeats regularly (normally every few minutes). + format: google-datetime + readOnly: true + type: object + id: DiscoveryClient + description: Represents an installed Migration Center Discovery Client instance. + MySqlPlugin: + properties: + plugin: + type: string + description: Required. The plugin name. + enabled: + type: boolean + description: Required. The plugin is active. + version: + description: Required. The plugin version. type: string + type: object + description: MySql plugin. + id: MySqlPlugin SqlServerTraceFlag: id: SqlServerTraceFlag - description: SQL Server trace flag details. - type: object properties: traceFlagName: - description: Required. The trace flag name. type: string + description: Required. The trace flag name. scope: description: Required. The trace flag scope. type: string @@ -1427,217 +1490,272 @@ components: - 'OFF' - GLOBAL - SESSION - MysqlDatabaseDeployment: - id: MysqlDatabaseDeployment - description: Specific details for a Mysql database deployment. + description: SQL Server trace flag details. type: object - properties: - properties: - description: Optional. List of MySql properties. - type: array - items: - $ref: '#/components/schemas/MySqlProperty' - plugins: - description: Optional. List of MySql plugins. - type: array - items: - $ref: '#/components/schemas/MySqlPlugin' - resourceGroupsCount: - description: Optional. Number of resource groups. - type: integer - format: int32 - variables: - description: Optional. List of MySql variables. - type: array - items: - $ref: '#/components/schemas/MySqlVariable' - MySqlProperty: - id: MySqlProperty - description: MySql property. + ReportSummaryHistogramChartDataBucket: + description: >- + A histogram bucket with a lower and upper bound, and a count of items + with a field value between those bounds. The lower bound is inclusive + and the upper bound is exclusive. Lower bound may be -infinity and upper + bound may be infinity. type: object + id: ReportSummaryHistogramChartDataBucket properties: - property: - description: Required. The property name. - type: string - enabled: - description: Required. The property is enabled. - type: boolean - numericValue: - description: Required. The property numeric value. - type: string + upperBound: format: int64 - MySqlPlugin: - id: MySqlPlugin - description: MySql plugin. - type: object - properties: - plugin: - description: Required. The plugin name. - type: string - version: - description: Required. The plugin version. - type: string - enabled: - description: Required. The plugin is active. - type: boolean - MySqlVariable: - id: MySqlVariable - description: MySql variable. - type: object - properties: - variable: - description: Required. The variable name. + description: Upper bound - exclusive. type: string - value: - description: Required. The variable value. + count: + description: Count of items in the bucket. type: string - category: - description: Required. The variable category. + format: int64 + lowerBound: type: string + format: int64 + description: Lower bound - inclusive. PostgreSqlDatabaseDeployment: - id: PostgreSqlDatabaseDeployment - description: Specific details for a PostgreSQL database deployment. - type: object properties: properties: - description: Optional. List of PostgreSql properties. type: array items: $ref: '#/components/schemas/PostgreSqlProperty' + description: Optional. List of PostgreSql properties. settings: description: Optional. List of PostgreSql settings. - type: array items: $ref: '#/components/schemas/PostgreSqlSetting' - PostgreSqlProperty: - id: PostgreSqlProperty - description: PostgreSql property. + type: array type: object - properties: - property: - description: Required. The property name. - type: string - enabled: - description: Required. The property is enabled. - type: boolean - numericValue: - description: Required. The property numeric value. - type: string - format: int64 - PostgreSqlSetting: - id: PostgreSqlSetting - description: PostgreSql setting. + id: PostgreSqlDatabaseDeployment + description: Specific details for a PostgreSQL database deployment. + NetworkUsageSample: type: object + id: NetworkUsageSample + description: Network usage sample. Values are across all network interfaces. properties: - setting: - description: Required. The setting name. - type: string - source: - description: Required. The setting source. - type: string - unit: - description: Optional. The setting unit. - type: string - boolValue: - description: Required. The setting boolean value. - type: boolean - intValue: - description: Required. The setting int value. - type: string - format: int64 - realValue: - description: Required. The setting real value. + averageIngressBps: + format: float + description: >- + Average network ingress in B/s sampled over a short window. Must be + non-negative. type: number + averageEgressBps: + description: >- + Average network egress in B/s sampled over a short window. Must be + non-negative. format: float - stringValue: + type: number + DatabaseDetailsParentDatabaseDeployment: + properties: + manualUniqueId: description: >- - Required. The setting string value. Notice that enum values are - stored as strings. + Optional. The parent database deployment optional manual unique ID + set by the user. type: string - DatabaseDeploymentDetailsAggregatedStats: - id: DatabaseDeploymentDetailsAggregatedStats - description: Aggregated stats for the database deployment. - type: object - properties: - databaseCount: - description: Output only. The number of databases in the deployment. - readOnly: true - type: integer - format: int32 - AwsRds: - id: AwsRds - description: Specific details for an AWS RDS database deployment. + generatedId: + description: Optional. The parent database deployment generated ID. + type: string + description: The identifiers of the parent database deployment. + id: DatabaseDetailsParentDatabaseDeployment type: object - properties: {} - DatabaseDetails: - id: DatabaseDetails - description: Details of a logical database. + ReportSummaryComputeEngineFinding: type: object properties: - databaseName: - description: Required. The name of the database. - type: string - parentDatabaseDeployment: - description: >- - Required. The parent database deployment that contains the logical - database. - $ref: '#/components/schemas/DatabaseDetailsParentDatabaseDeployment' - allocatedStorageBytes: - description: Optional. The allocated storage for the database in bytes. + allocatedDiskTypes: + type: array + items: + type: string + enum: + - PERSISTENT_DISK_TYPE_UNSPECIFIED + - PERSISTENT_DISK_TYPE_STANDARD + - PERSISTENT_DISK_TYPE_BALANCED + - PERSISTENT_DISK_TYPE_SSD + enumDescriptions: + - Unspecified. Fallback to default value based on context. + - Standard HDD Persistent Disk. + - Balanced Persistent Disk. + - SSD Persistent Disk. + description: Set of disk types allocated to assets. + allocatedRegions: + items: + type: string + description: Set of regions in which the assets were allocated. + type: array + allocatedAssetCount: + description: Count of assets which were allocated. type: string format: int64 - schemas: - description: Optional. The database schemas. - type: array + machineSeriesAllocations: items: - $ref: '#/components/schemas/DatabaseSchema' - DatabaseDetailsParentDatabaseDeployment: - id: DatabaseDetailsParentDatabaseDeployment - description: The identifiers of the parent database deployment. + $ref: '#/components/schemas/ReportSummaryMachineSeriesAllocation' + description: Distribution of assets based on the Machine Series. + type: array + id: ReportSummaryComputeEngineFinding + description: A set of findings that applies to assets destined for Compute Engine. + Empty: + id: Empty + properties: {} + type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + RunImportJobRequest: + description: A request to run an import job. type: object properties: - generatedId: - description: Optional. The parent database deployment generated ID. + requestId: type: string - manualUniqueId: description: >- - Optional. The parent database deployment optional manual unique ID - set by the user. - type: string - DatabaseSchema: - id: DatabaseSchema - description: Details of a database schema. + Optional. An optional request ID to identify requests. Specify a + unique request ID so that if you must retry your request, the server + will know to ignore the request if it has already been completed. + The server will guarantee that for at least 60 minutes after the + first request. For example, consider a situation where you make an + initial request and the request times out. If you make the request + again with the same request ID, the server can check if original + operation with the same request ID was received, and if so, will + ignore the second request. This prevents clients from accidentally + creating duplicate commitments. The request ID must be a valid UUID + with the exception that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). + id: RunImportJobRequest + ListAssetsResponse: + id: ListAssetsResponse type: object properties: - schemaName: - description: Required. The name of the schema. - type: string - tablesSizeBytes: - description: Optional. The total size of tables in bytes. + nextPageToken: + description: A token identifying a page of results the server should return. type: string - format: int64 - objects: - description: Optional. List of details of objects by category. + assets: + description: A list of assets. type: array items: - $ref: '#/components/schemas/DatabaseObjects' - sqlServer: - description: Optional. Details of a SqlServer schema. - $ref: '#/components/schemas/SqlServerSchemaDetails' - mysql: - description: Optional. Details of a Mysql schema. - $ref: '#/components/schemas/MySqlSchemaDetails' - postgresql: - description: Optional. Details of a PostgreSql schema. - $ref: '#/components/schemas/PostgreSqlSchemaDetails' + $ref: '#/components/schemas/Asset' + unreachable: + type: array + description: Locations that could not be reached. + items: + type: string + description: Response message for listing assets. + FstabEntry: + description: Single fstab entry. + id: FstabEntry + properties: + passno: + format: int32 + type: integer + description: >- + Used by the fsck(8) program to determine the order in which + filesystem checks are done at reboot time. + mntops: + type: string + description: Mount options associated with the filesystem. + vfstype: + description: The type of the filesystem. + type: string + file: + description: The mount point for the filesystem. + type: string + spec: + type: string + description: The block special device or remote filesystem to be mounted. + freq: + description: Used by dump to determine which filesystems need to be dumped. + format: int32 + type: integer + type: object + AzureVmPlatformDetails: + id: AzureVmPlatformDetails + properties: + hyperthreading: + description: Whether the machine is hyperthreaded. + enum: + - HYPERTHREADING_STATUS_UNSPECIFIED + - HYPERTHREADING_STATUS_DISABLED + - HYPERTHREADING_STATUS_ENABLED + type: string + enumDescriptions: + - Simultaneous Multithreading status unknown. + - Simultaneous Multithreading is disabled or unavailable. + - Simultaneous Multithreading is enabled. + location: + description: The location of the machine in the Azure format. + type: string + machineTypeLabel: + type: string + description: Azure platform's machine type label. + provisioningState: + description: Azure platform's provisioning state. + type: string + type: object + description: Azure VM specific details. + ReportSummaryVmwareNodeAllocation: + id: ReportSummaryVmwareNodeAllocation + type: object + properties: + nodeCount: + format: int64 + description: Count of this node type to be provisioned + type: string + allocatedAssetCount: + description: Count of assets allocated to these nodes + type: string + format: int64 + vmwareNode: + description: VMWare node type, e.g. "ve1-standard-72" + $ref: '#/components/schemas/ReportSummaryVmwareNode' + description: Represents assets allocated to a specific VMWare Node type. + RemoveAssetsFromGroupRequest: + id: RemoveAssetsFromGroupRequest + properties: + requestId: + type: string + description: >- + Optional. An optional request ID to identify requests. Specify a + unique request ID so that if you must retry your request, the server + will know to ignore the request if it has already been completed. + The server will guarantee that for at least 60 minutes after the + first request. For example, consider a situation where you make an + initial request and the request times out. If you make the request + again with the same request ID, the server can check if original + operation with the same request ID was received, and if so, will + ignore the second request. This prevents clients from accidentally + creating duplicate commitments. The request ID must be a valid UUID + with the exception that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). + assets: + $ref: '#/components/schemas/AssetList' + description: >- + Required. List of assets to be removed. The maximum number of assets + that can be removed in a single request is 1000. + allowMissing: + description: >- + Optional. When this value is set to `false` and one of the given + assets is not an existing member of the group, the operation fails + with a `Not Found` error. When set to `true` this situation is + silently ignored by the server. Default value is `false`. + type: boolean + description: A request to remove assets from a group. + type: object DatabaseObjects: - id: DatabaseObjects - description: Details of a group of database objects. type: object properties: + count: + type: string + format: int64 + description: Optional. The number of objects. category: + enum: + - CATEGORY_UNSPECIFIED + - TABLE + - INDEX + - CONSTRAINTS + - VIEWS + - SOURCE_CODE + - OTHER description: Optional. The category of the objects. - type: string enumDescriptions: - Unspecified type. - Table. @@ -1646,262 +1764,204 @@ components: - Views. - Source code, e.g. procedures. - Uncategorized objects. - enum: - - CATEGORY_UNSPECIFIED - - TABLE - - INDEX - - CONSTRAINTS - - VIEWS - - SOURCE_CODE - - OTHER - count: - description: Optional. The number of objects. type: string - format: int64 - SqlServerSchemaDetails: - id: SqlServerSchemaDetails - description: Specific details for a SqlServer database. - type: object - properties: - clrObjectCount: - description: Optional. SqlServer number of CLR objects. - type: integer - format: int32 - MySqlSchemaDetails: - id: MySqlSchemaDetails - description: Specific details for a Mysql database. + id: DatabaseObjects + description: Details of a group of database objects. + SqlServerDatabaseDeployment: type: object + id: SqlServerDatabaseDeployment properties: - storageEngines: - description: Optional. Mysql storage engine tables. + serverFlags: + description: Optional. List of SQL Server server flags. type: array items: - $ref: '#/components/schemas/MySqlStorageEngineDetails' - MySqlStorageEngineDetails: - id: MySqlStorageEngineDetails - description: Mysql storage engine tables. - type: object - properties: - engine: - description: Required. The storage engine. - type: string - enumDescriptions: - - Unspecified storage engine. - - InnoDB. - - MyISAM. - - Memory. - - CSV. - - Archive. - - Blackhole. - - NDB. - - Merge. - - Federated. - - Example. - - Other. - enum: - - ENGINE_UNSPECIFIED - - INNODB - - MYISAM - - MEMORY - - CSV - - ARCHIVE - - BLACKHOLE - - NDB - - MERGE - - FEDERATED - - EXAMPLE - - OTHER - tableCount: - description: Optional. The number of tables. - type: integer - format: int32 - encryptedTableCount: - description: Optional. The number of encrypted tables. - type: integer - format: int32 - PostgreSqlSchemaDetails: - id: PostgreSqlSchemaDetails - description: Specific details for a PostgreSql schema. - type: object - properties: - foreignTablesCount: - description: Optional. PostgreSql foreign tables. - type: integer - format: int32 - postgresqlExtensions: - description: Optional. PostgreSql extensions. + $ref: '#/components/schemas/SqlServerServerFlag' + traceFlags: type: array items: - $ref: '#/components/schemas/PostgreSqlExtension' - PostgreSqlExtension: - id: PostgreSqlExtension - description: PostgreSql extension. + $ref: '#/components/schemas/SqlServerTraceFlag' + description: Optional. List of SQL Server trace flags. + features: + type: array + items: + $ref: '#/components/schemas/SqlServerFeature' + description: Optional. List of SQL Server features. + description: Specific details for a Microsoft SQL Server database deployment. + ReportArtifactLink: type: object + id: ReportArtifactLink properties: - extension: - description: Required. The extension name. - type: string - version: - description: Required. The extension version. + uriExpirationTime: + description: Output only. Expiration time of the URI. type: string - InsightList: - id: InsightList - description: Message containing insights list. - type: object - properties: - insights: - description: Output only. Insights of the list. + format: google-datetime readOnly: true - type: array - items: - $ref: '#/components/schemas/Insight' - updateTime: - description: Output only. Update timestamp. + uri: readOnly: true type: string - format: google-datetime - Insight: - id: Insight - description: An insight about an asset. + description: Output only. URI of the artifact. + description: Describes a link to a generated artifact of the report. + Aggregation: type: object + description: >- + Message describing an aggregation. The message includes the aggregation + type, parameters, and the field on which to perform the aggregation. + id: Aggregation properties: - migrationInsight: - description: Output only. An insight about potential migrations for an asset. - readOnly: true - $ref: '#/components/schemas/MigrationInsight' - genericInsight: - description: Output only. A generic insight about an asset. - readOnly: true - $ref: '#/components/schemas/GenericInsight' - MigrationInsight: - id: MigrationInsight - description: An insight about potential migrations for an asset. + sum: + $ref: '#/components/schemas/AggregationSum' + description: Sum over a numeric field. + field: + description: The name of the field on which to aggregate. + type: string + histogram: + description: Creates a bucketed histogram of field values. + $ref: '#/components/schemas/AggregationHistogram' + count: + description: Count the number of matching objects. + $ref: '#/components/schemas/AggregationCount' + frequency: + $ref: '#/components/schemas/AggregationFrequency' + description: Creates a frequency distribution of all field values. + PostgreSqlSetting: + description: PostgreSql setting. + id: PostgreSqlSetting type: object properties: - fit: + unit: + description: Optional. The setting unit. + type: string + source: + type: string + description: Required. The setting source. + realValue: + format: float + description: Required. The setting real value. + type: number + stringValue: + type: string description: >- - Output only. Description of how well the asset this insight is - associated with fits the proposed migration. - readOnly: true - $ref: '#/components/schemas/FitDescriptor' - computeEngineTarget: - description: Output only. A Google Compute Engine target. - readOnly: true - $ref: '#/components/schemas/ComputeEngineMigrationTarget' - FitDescriptor: - id: FitDescriptor - description: Describes the fit level of an asset for migration to a specific target. - type: object - properties: - fitLevel: - description: Output only. Fit level. - readOnly: true + Required. The setting string value. Notice that enum values are + stored as strings. + boolValue: + type: boolean + description: Required. The setting boolean value. + setting: type: string - enumDescriptions: - - Not enough information. - - Fit. - - No Fit. - - Fit with effort. - enum: - - FIT_LEVEL_UNSPECIFIED - - FIT - - NO_FIT - - REQUIRES_EFFORT - ComputeEngineMigrationTarget: - id: ComputeEngineMigrationTarget - description: Compute engine migration target. - type: object + description: Required. The setting name. + intValue: + description: Required. The setting int value. + type: string + format: int64 + UpdateAssetRequest: + id: UpdateAssetRequest properties: - shape: - description: Description of the suggested shape for the migration target. - $ref: '#/components/schemas/ComputeEngineShapeDescriptor' - ComputeEngineShapeDescriptor: - id: ComputeEngineShapeDescriptor - description: Compute Engine target shape descriptor. + requestId: + description: >- + Optional. An optional request ID to identify requests. Specify a + unique request ID so that if you must retry your request, the server + will know to ignore the request if it has already been completed. + The server will guarantee that for at least 60 minutes since the + first request. For example, consider a situation where you make an + initial request and the request times out. If you make the request + again with the same request ID, the server can check if original + operation with the same request ID was received, and if so, will + ignore the second request. This prevents clients from accidentally + creating duplicate commitments. The request ID must be a valid UUID + with the exception that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). + type: string + updateMask: + description: >- + Required. Field mask is used to specify the fields to be overwritten + in the `Asset` resource by the update. The values specified in the + `update_mask` field are relative to the resource, not the full + request. A field will be overwritten if it is in the mask. A single + * value in the mask lets you to overwrite all fields. + format: google-fieldmask + type: string + asset: + $ref: '#/components/schemas/Asset' + description: Required. The resource being updated. type: object + description: A request to update an asset. + ImportRowErrorCsvErrorDetails: + id: ImportRowErrorCsvErrorDetails + description: Error details for a CSV file. properties: - memoryMb: - description: Memory in mebibytes. - type: integer - format: int32 - physicalCoreCount: - description: Number of physical cores. - type: integer + rowNumber: format: int32 - logicalCoreCount: - description: Output only. Number of logical cores. - readOnly: true type: integer - format: int32 - series: - description: Output only. Compute Engine machine series. - readOnly: true - type: string - machineType: - description: Output only. Compute Engine machine type. - readOnly: true - type: string - storage: - description: Output only. Compute Engine storage. Never empty. - readOnly: true - type: array + description: The row number where the error was detected. + type: object + AssetList: + description: Lists the asset IDs of all assets. + properties: + assetIds: items: - $ref: '#/components/schemas/ComputeStorageDescriptor' - ComputeStorageDescriptor: - id: ComputeStorageDescriptor - description: Compute Engine storage option descriptor. + type: string + description: Required. A list of asset IDs + type: array + id: AssetList type: object + AggregateAssetsValuesRequest: + description: A request to aggregate one or more values. properties: - type: - description: Output only. Disk type backing the storage. - readOnly: true + filter: type: string - enumDescriptions: - - Unspecified. Fallback to default value based on context. - - Standard HDD Persistent Disk. - - Balanced Persistent Disk. - - SSD Persistent Disk. - enum: - - PERSISTENT_DISK_TYPE_UNSPECIFIED - - PERSISTENT_DISK_TYPE_STANDARD - - PERSISTENT_DISK_TYPE_BALANCED - - PERSISTENT_DISK_TYPE_SSD - sizeGb: - description: Output only. Disk size in GiB. - readOnly: true - type: integer - format: int32 - GenericInsight: - id: GenericInsight - description: A generic insight about an asset. + description: >- + Optional. The aggregation will be performed on assets that match the + provided filter. + aggregations: + description: >- + Array of aggregations to perform. Up to 25 aggregations can be + defined. + type: array + items: + $ref: '#/components/schemas/Aggregation' + showHidden: + description: >- + Optional. When this value is set to 'true,' the response will + include all assets, including those that are hidden. + type: boolean + type: object + id: AggregateAssetsValuesRequest + SqlServerFeature: type: object + description: SQL Server feature details. + id: SqlServerFeature properties: - messageId: + enabled: + type: boolean description: >- - Output only. Represents a globally unique message id for this - insight, can be used for localization purposes, in case message_code - is not yet known by the client use default_message instead. - readOnly: true + Required. Field enabled is set when a feature is used on the source + deployment. + featureName: type: string - format: int64 - defaultMessage: - description: >- - Output only. In case message_code is not yet known by the client - default_message will be the message to be used instead. - readOnly: true + description: Required. The feature name. + ReportSummaryChartDataDataPoint: + properties: + value: + description: The Y-axis value for this data point. + format: double + type: number + label: type: string - additionalInformation: - description: >- - Output only. Additional information about the insight, each entry - can be a logical entry and must make sense if it is displayed with - line breaks between each entry. Text can contain md style links. - readOnly: true - type: array + description: The X-axis label for this data point. + id: ReportSummaryChartDataDataPoint + description: Describes a single data point in the Chart. + type: object + MySqlSchemaDetails: + description: Specific details for a Mysql database. + type: object + id: MySqlSchemaDetails + properties: + storageEngines: items: - type: string + $ref: '#/components/schemas/MySqlStorageEngineDetails' + description: Optional. Mysql storage engine tables. + type: array AssetPerformanceData: - id: AssetPerformanceData - description: Performance data for an asset. type: object properties: dailyResourceUsageAggregations: @@ -1912,800 +1972,565 @@ components: type: array items: $ref: '#/components/schemas/DailyResourceUsageAggregation' - DailyResourceUsageAggregation: - id: DailyResourceUsageAggregation - description: Usage data aggregation for a single day. - type: object + id: AssetPerformanceData + description: Performance data for an asset. + DiskPartitionList: properties: - date: - description: Aggregation date. Day boundaries are at midnight UTC. - $ref: '#/components/schemas/Date' - cpu: - description: CPU usage. - $ref: '#/components/schemas/DailyResourceUsageAggregationCPU' - memory: - description: Memory usage. - $ref: '#/components/schemas/DailyResourceUsageAggregationMemory' - network: - description: Network usage. - $ref: '#/components/schemas/DailyResourceUsageAggregationNetwork' - disk: - description: Disk usage. - $ref: '#/components/schemas/DailyResourceUsageAggregationDisk' - DailyResourceUsageAggregationCPU: - id: DailyResourceUsageAggregationCPU - description: Statistical aggregation of CPU usage. - type: object - properties: - utilizationPercentage: - description: CPU utilization percentage. - $ref: '#/components/schemas/DailyResourceUsageAggregationStats' - DailyResourceUsageAggregationStats: - id: DailyResourceUsageAggregationStats - description: Statistical aggregation of samples for a single resource usage. - type: object - properties: - average: - description: Average usage value. - type: number - format: float - median: - description: Median usage value. - type: number - format: float - ninteyFifthPercentile: - description: 95th percentile usage value. - type: number - format: float - peak: - description: Peak usage value. - type: number - format: float - DailyResourceUsageAggregationMemory: - id: DailyResourceUsageAggregationMemory - description: Statistical aggregation of memory usage. - type: object - properties: - utilizationPercentage: - description: Memory utilization percentage. - $ref: '#/components/schemas/DailyResourceUsageAggregationStats' - DailyResourceUsageAggregationNetwork: - id: DailyResourceUsageAggregationNetwork - description: Statistical aggregation of network usage. - type: object - properties: - ingressBps: - description: Network ingress in B/s. - $ref: '#/components/schemas/DailyResourceUsageAggregationStats' - egressBps: - description: Network egress in B/s. - $ref: '#/components/schemas/DailyResourceUsageAggregationStats' - DailyResourceUsageAggregationDisk: - id: DailyResourceUsageAggregationDisk - description: Statistical aggregation of disk usage. - type: object - properties: - iops: - description: Optional. Disk I/O operations per second. - $ref: '#/components/schemas/DailyResourceUsageAggregationStats' - readIops: - description: Optional. Disk read I/O operations per second. - $ref: '#/components/schemas/DailyResourceUsageAggregationStats' - writeIops: - description: Optional. Disk write I/O operations per second. - $ref: '#/components/schemas/DailyResourceUsageAggregationStats' - BatchUpdateAssetsRequest: - id: BatchUpdateAssetsRequest - description: A request to update a list of assets. - type: object - properties: - requests: - description: >- - Required. The request message specifying the resources to update. A - maximum of 1000 assets can be modified in a batch. - type: array - items: - $ref: '#/components/schemas/UpdateAssetRequest' - UpdateAssetRequest: - id: UpdateAssetRequest - description: A request to update an asset. - type: object - properties: - updateMask: - description: >- - Required. Field mask is used to specify the fields to be overwritten - in the `Asset` resource by the update. The values specified in the - `update_mask` field are relative to the resource, not the full - request. A field will be overwritten if it is in the mask. A single - * value in the mask lets you to overwrite all fields. - type: string - format: google-fieldmask - asset: - description: Required. The resource being updated. - $ref: '#/components/schemas/Asset' - requestId: - description: >- - Optional. An optional request ID to identify requests. Specify a - unique request ID so that if you must retry your request, the server - will know to ignore the request if it has already been completed. - The server will guarantee that for at least 60 minutes since the - first request. For example, consider a situation where you make an - initial request and the request times out. If you make the request - again with the same request ID, the server can check if original - operation with the same request ID was received, and if so, will - ignore the second request. This prevents clients from accidentally - creating duplicate commitments. The request ID must be a valid UUID - with the exception that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). - type: string - BatchUpdateAssetsResponse: - id: BatchUpdateAssetsResponse - description: Response for updating a list of assets. - type: object - properties: - assets: - description: >- - Update asset content. The content only includes values after field - mask being applied. - type: array - items: - $ref: '#/components/schemas/Asset' - BatchDeleteAssetsRequest: - id: BatchDeleteAssetsRequest - description: A request to delete a list of asset. - type: object - properties: - names: - description: >- - Required. The IDs of the assets to delete. A maximum of 1000 assets - can be deleted in a batch. Format: - projects/{project}/locations/{location}/assets/{name}. - type: array - items: - type: string - allowMissing: - description: >- - Optional. When this value is set to `true` the request is a no-op - for non-existing assets. See - https://google.aip.dev/135#delete-if-existing for additional - details. Default value is `false`. - type: boolean - cascadingRules: - description: Optional. Optional cascading rules for deleting related assets. + entries: + description: Partition entries. type: array items: - $ref: '#/components/schemas/CascadingRule' - CascadingRule: - id: CascadingRule - description: Specifies cascading rules for traversing relations. - type: object - properties: - cascadeLogicalDbs: - description: Cascading rule for related logical DBs. - $ref: '#/components/schemas/CascadeLogicalDBsRule' - CascadeLogicalDBsRule: - id: CascadeLogicalDBsRule - description: Cascading rule for related logical DBs. - type: object - properties: {} - Frames: - id: Frames - description: Collection of frame data. + $ref: '#/components/schemas/DiskPartition' + id: DiskPartitionList + description: Disk partition list. type: object - properties: - framesData: - description: A repeated field of asset data. - type: array - items: - $ref: '#/components/schemas/AssetFrame' - AssetFrame: - id: AssetFrame - description: Contains data reported from an inventory source on an asset. + UploadFileInfo: type: object properties: - machineDetails: - description: Asset information specific for virtual machines. - $ref: '#/components/schemas/MachineDetails' - databaseDeploymentDetails: - description: Asset information specific for database deployments. - $ref: '#/components/schemas/DatabaseDeploymentDetails' - databaseDetails: - description: Asset information specific for logical databases. - $ref: '#/components/schemas/DatabaseDetails' - reportTime: - description: The time the data was reported. + uriExpirationTime: type: string format: google-datetime - labels: - description: Labels as key value pairs. + readOnly: true + description: Output only. Expiration time of the upload URI. + signedUri: + description: Output only. Upload URI for the file. + readOnly: true + type: string + headers: type: object + description: Output only. The headers that were used to sign the URI. + readOnly: true additionalProperties: type: string - attributes: - description: Generic asset attributes. + description: A resource that contains a URI to which a data file can be uploaded. + id: UploadFileInfo + Operation: + description: >- + This resource represents a long-running operation that is the result of + a network API call. + type: object + properties: + metadata: type: object additionalProperties: - type: string - performanceSamples: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - Asset performance data samples. Samples that are from more than 40 - days ago or after tomorrow are ignored. - type: array - items: - $ref: '#/components/schemas/PerformanceSample' - traceToken: + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + done: + type: boolean description: >- - Optional. Trace token is optionally provided to assist with - debugging and traceability. - type: string - collectionType: + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + error: + $ref: '#/components/schemas/Status' description: >- - Optional. Frame collection type, if not specified the collection - type will be based on the source type of the source the frame was - reported on. - type: string - enumDescriptions: - - Unspecified - - Manually uploaded file (e.g. CSV) - - Guest-level info - - Inventory-level scan - - Third-party owned sources. - - Discovery clients - enum: - - SOURCE_TYPE_UNKNOWN - - SOURCE_TYPE_UPLOAD - - SOURCE_TYPE_GUEST_OS_SCAN - - SOURCE_TYPE_INVENTORY_SCAN - - SOURCE_TYPE_CUSTOM - - SOURCE_TYPE_DISCOVERY_CLIENT - PerformanceSample: - id: PerformanceSample - description: Performance data sample. - type: object - properties: - sampleTime: - description: >- - Time the sample was collected. If omitted, the frame report time - will be used. - type: string - format: google-datetime - memory: - description: Memory usage sample. - $ref: '#/components/schemas/MemoryUsageSample' - cpu: - description: CPU usage sample. - $ref: '#/components/schemas/CpuUsageSample' - network: - description: Network usage sample. - $ref: '#/components/schemas/NetworkUsageSample' - disk: - description: Disk usage sample. - $ref: '#/components/schemas/DiskUsageSample' - MemoryUsageSample: - id: MemoryUsageSample - description: Memory usage sample. - type: object - properties: - utilizedPercentage: - description: >- - Percentage of system memory utilized. Must be in the interval [0, - 100]. - type: number - format: float - CpuUsageSample: - id: CpuUsageSample - description: CPU usage sample. - type: object - properties: - utilizedPercentage: - description: >- - Percentage of total CPU capacity utilized. Must be in the interval - [0, 100]. On most systems can be calculated using 100 - idle - percentage. - type: number - format: float - NetworkUsageSample: - id: NetworkUsageSample - description: Network usage sample. Values are across all network interfaces. - type: object - properties: - averageIngressBps: - description: >- - Average network ingress in B/s sampled over a short window. Must be - non-negative. - type: number - format: float - averageEgressBps: - description: >- - Average network egress in B/s sampled over a short window. Must be - non-negative. - type: number - format: float - DiskUsageSample: - id: DiskUsageSample - description: Disk usage sample. Values are across all disks. - type: object - properties: - averageIops: - description: >- - Optional. Average IOPS sampled over a short window. Must be - non-negative. If read or write are set, the sum of read and write - will override the value of the average_iops. - type: number - format: float - averageReadIops: - description: >- - Optional. Average read IOPS sampled over a short window. Must be - non-negative. If both read and write are zero they are ignored. - type: number - format: float - averageWriteIops: - description: >- - Optional. Average write IOPS sampled over a short window. Must be - non-negative. If both read and write are zero they are ignored. - type: number - format: float - ReportAssetFramesResponse: - id: ReportAssetFramesResponse - description: A response to a call to `ReportAssetFrame`. - type: object - properties: {} - AggregateAssetsValuesRequest: - id: AggregateAssetsValuesRequest - description: A request to aggregate one or more values. - type: object - properties: - aggregations: - description: >- - Array of aggregations to perform. Up to 25 aggregations can be - defined. - type: array - items: - $ref: '#/components/schemas/Aggregation' - filter: + The error result of the operation in case of failure or + cancellation. + response: description: >- - Optional. The aggregation will be performed on assets that match the - provided filter. + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + name: type: string - showHidden: description: >- - Optional. When this value is set to 'true,' the response will - include all assets, including those that are hidden. - type: boolean - Aggregation: - id: Aggregation - description: >- - Message describing an aggregation. The message includes the aggregation - type, parameters, and the field on which to perform the aggregation. - type: object - properties: - field: - description: The name of the field on which to aggregate. - type: string - count: - description: Count the number of matching objects. - $ref: '#/components/schemas/AggregationCount' - sum: - description: Sum over a numeric field. - $ref: '#/components/schemas/AggregationSum' - histogram: - description: Creates a bucketed histogram of field values. - $ref: '#/components/schemas/AggregationHistogram' - frequency: - description: Creates a frequency distribution of all field values. - $ref: '#/components/schemas/AggregationFrequency' - AggregationCount: - id: AggregationCount - description: Object count. - type: object - properties: {} - AggregationSum: - id: AggregationSum - description: Sum of field values. - type: object - properties: {} - AggregationHistogram: - id: AggregationHistogram - description: Histogram of bucketed assets counts by field value. - type: object - properties: - lowerBounds: - description: >- - Lower bounds of buckets. The response will contain `n+1` buckets for - `n` bounds. The first bucket will count all assets for which the - field value is smaller than the first bound. Subsequent buckets will - count assets for which the field value is greater or equal to a - lower bound and smaller than the next one. The last bucket will - count assets for which the field value is greater or equal to the - final lower bound. You can define up to 20 lower bounds. - type: array - items: - type: number - format: double - AggregationFrequency: - id: AggregationFrequency - description: Frequency distribution of all field values. - type: object - properties: {} - AggregateAssetsValuesResponse: - id: AggregateAssetsValuesResponse - description: A response to a request to aggregated assets values. - type: object - properties: - results: - description: The aggregation results. - type: array - items: - $ref: '#/components/schemas/AggregationResult' - AggregationResult: - id: AggregationResult - description: Message describing a result of an aggregation. - type: object - properties: - field: - type: string - count: - $ref: '#/components/schemas/AggregationResultCount' - sum: - $ref: '#/components/schemas/AggregationResultSum' - histogram: - $ref: '#/components/schemas/AggregationResultHistogram' - frequency: - $ref: '#/components/schemas/AggregationResultFrequency' - AggregationResultCount: - id: AggregationResultCount - description: The result of a count aggregation. + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + id: Operation + GuestRuntimeDetails: + description: Guest OS runtime information. + id: GuestRuntimeDetails type: object properties: - value: + machineName: + description: Machine name. type: string - format: int64 - AggregationResultSum: - id: AggregationResultSum - description: The result of a sum aggregation. - type: object - properties: - value: - type: number - format: double - AggregationResultHistogram: - id: AggregationResultHistogram - description: The result of a bucketed histogram aggregation. - type: object - properties: - buckets: - description: >- - Buckets in the histogram. There will be `n+1` buckets matching `n` - lower bounds in the request. The first bucket will be from -infinity - to the first bound. Subsequent buckets will be between one bound and - the next. The final bucket will be from the final bound to infinity. - type: array - items: - $ref: '#/components/schemas/AggregationResultHistogramBucket' - AggregationResultHistogramBucket: - id: AggregationResultHistogramBucket - description: >- - A histogram bucket with a lower and upper bound, and a count of items - with a field value between those bounds. The lower bound is inclusive - and the upper bound is exclusive. Lower bound may be -infinity and upper - bound may be infinity. - type: object - properties: - lowerBound: - description: Lower bound - inclusive. - type: number - format: double - upperBound: - description: Upper bound - exclusive. - type: number - format: double - count: - description: Count of items in the bucket. + lastBootTime: + description: Last time the OS was booted. + format: google-datetime type: string - format: int64 - AggregationResultFrequency: - id: AggregationResultFrequency - description: The result of a frequency distribution aggregation. - type: object - properties: - values: - type: object - additionalProperties: - type: string - format: int64 - ImportJob: - id: ImportJob - description: A resource that represents the background job that imports asset frames. - type: object + services: + description: Running background services. + $ref: '#/components/schemas/RunningServiceList' + openFileList: + description: Open files information. + $ref: '#/components/schemas/OpenFileList' + processes: + description: Running processes. + $ref: '#/components/schemas/RunningProcessList' + network: + description: Runtime network information (connections, ports). + $ref: '#/components/schemas/RuntimeNetworkInfo' + domain: + description: Domain, e.g. c.stratozone-development.internal. + type: string + installedApps: + $ref: '#/components/schemas/GuestInstalledApplicationList' + description: Installed applications information. + ExecutionReport: + id: ExecutionReport properties: - name: - description: Output only. The full name of the import job. + totalRowsCount: readOnly: true - type: string - displayName: + type: integer + description: Output only. Total number of rows in the import job. + format: int32 + framesReported: + description: Total number of asset frames reported for the import job. + type: integer + format: int32 + executionErrors: description: >- - Optional. User-friendly display name. Maximum length is 256 - characters. - type: string - createTime: - description: Output only. The timestamp when the import job was created. + Validation errors encountered during the execution of the import + job. + $ref: '#/components/schemas/ValidationReport' + description: A resource that reports result of the import job execution. + type: object + InsightList: + description: Message containing insights list. + type: object + properties: + insights: + type: array + description: Output only. Insights of the list. + items: + $ref: '#/components/schemas/Insight' readOnly: true - type: string - format: google-datetime updateTime: - description: Output only. The timestamp when the import job was last updated. - readOnly: true type: string format: google-datetime - completeTime: - description: Output only. The timestamp when the import job was completed. + description: Output only. Update timestamp. readOnly: true + id: InsightList + GuestInstalledApplication: + description: Guest installed application information. + type: object + properties: + vendor: + type: string + description: Installed application vendor. + installTime: type: string + description: The time when the application was installed. format: google-datetime - state: - description: Output only. The state of the import job. - readOnly: true + path: + description: Source path. type: string - enumDescriptions: - - Default value. - - The import job is pending. - - The processing of the import job is ongoing. - - The import job processing has completed. - - The import job failed to be processed. - - The import job is being validated. - - The import job contains blocking errors. - - The validation of the job completed with no blocking errors. - enum: - - IMPORT_JOB_STATE_UNSPECIFIED - - IMPORT_JOB_STATE_PENDING - - IMPORT_JOB_STATE_RUNNING - - IMPORT_JOB_STATE_COMPLETED - - IMPORT_JOB_STATE_FAILED - - IMPORT_JOB_STATE_VALIDATING - - IMPORT_JOB_STATE_FAILED_VALIDATION - - IMPORT_JOB_STATE_READY - labels: - description: Labels as key value pairs. - type: object - additionalProperties: - type: string - assetSource: - description: Required. Reference to a source. + version: + description: Installed application version. type: string - validationReport: - description: >- - Output only. The report with the validation results of the import - job. - readOnly: true - $ref: '#/components/schemas/ValidationReport' - executionReport: - description: Output only. The report with the results of running the import job. - readOnly: true - $ref: '#/components/schemas/ExecutionReport' - ValidationReport: - id: ValidationReport - description: A resource that aggregates errors across import job files. + applicationName: + description: Installed application name. + type: string + licenses: + description: License strings associated with the installed application. + items: + type: string + type: array + id: GuestInstalledApplication + ListImportJobsResponse: type: object properties: - fileValidations: - description: List of errors found in files. + nextPageToken: + description: A token identifying a page of results the server should return. + type: string + importJobs: type: array items: - $ref: '#/components/schemas/FileValidationReport' - jobErrors: - description: List of job level errors. + $ref: '#/components/schemas/ImportJob' + description: The list of import jobs. + unreachable: + description: Locations that could not be reached. type: array items: - $ref: '#/components/schemas/ImportError' - FileValidationReport: - id: FileValidationReport - description: >- - A resource that aggregates the validation errors found in an import job - file. - type: object + type: string + id: ListImportJobsResponse + description: A response for listing import jobs. + DatabaseDetails: properties: - fileName: - description: The name of the file. + parentDatabaseDeployment: + description: >- + Required. The parent database deployment that contains the logical + database. + $ref: '#/components/schemas/DatabaseDetailsParentDatabaseDeployment' + databaseName: type: string - rowErrors: - description: Partial list of rows that encountered validation error. + description: Required. The name of the database. + schemas: type: array items: - $ref: '#/components/schemas/ImportRowError' - partialReport: - description: >- - Flag indicating that processing was aborted due to maximum number of - errors. - type: boolean - fileErrors: - description: List of file level errors. - type: array + $ref: '#/components/schemas/DatabaseSchema' + description: Optional. The database schemas. + allocatedStorageBytes: + type: string + description: Optional. The allocated storage for the database in bytes. + format: int64 + type: object + description: Details of a logical database. + id: DatabaseDetails + ErrorFrame: + id: ErrorFrame + type: object + properties: + originalFrame: + readOnly: true + description: Output only. The frame that was originally reported. + $ref: '#/components/schemas/AssetFrame' + violations: + description: Output only. All the violations that were detected for the frame. items: - $ref: '#/components/schemas/ImportError' - ImportRowError: - id: ImportRowError - description: A resource that reports the import job errors at row level. + $ref: '#/components/schemas/FrameViolationEntry' + readOnly: true + type: array + ingestionTime: + format: google-datetime + description: Output only. Frame ingestion time. + readOnly: true + type: string + name: + readOnly: true + type: string + description: Output only. The identifier of the ErrorFrame. + description: >- + Message representing a frame which failed to be processed due to an + error. + DiskUsageSample: + type: object + description: Disk usage sample. Values are across all disks. + properties: + averageIops: + format: float + description: >- + Optional. Average IOPS sampled over a short window. Must be + non-negative. If read or write are set, the sum of read and write + will override the value of the average_iops. + type: number + averageReadIops: + description: >- + Optional. Average read IOPS sampled over a short window. Must be + non-negative. If both read and write are zero they are ignored. + format: float + type: number + averageWriteIops: + type: number + description: >- + Optional. Average write IOPS sampled over a short window. Must be + non-negative. If both read and write are zero they are ignored. + format: float + id: DiskUsageSample + CpuUsageSample: + properties: + utilizedPercentage: + description: >- + Percentage of total CPU capacity utilized. Must be in the interval + [0, 100]. On most systems can be calculated using 100 - idle + percentage. + format: float + type: number + id: CpuUsageSample + description: CPU usage sample. type: object + AggregationResultSum: + properties: + value: + type: number + format: double + description: The result of a sum aggregation. + type: object + id: AggregationResultSum + ReportAssetFramesResponse: + type: object + description: A response to a call to `ReportAssetFrame`. + id: ReportAssetFramesResponse + properties: {} + ListDiscoveryClientsResponse: + type: object + id: ListDiscoveryClientsResponse properties: - rowNumber: - description: The row number where the error was detected. - deprecated: true - type: integer - format: int32 - vmName: - description: The name of the VM in the row. - type: string - vmUuid: - description: The VM UUID. - type: string - assetTitle: - description: Output only. The asset title. - readOnly: true - type: string - errors: - description: The list of errors detected in the row. + discoveryClients: + description: List of discovery clients. type: array items: - $ref: '#/components/schemas/ImportError' - csvError: - description: Error details for a CSV file. - $ref: '#/components/schemas/ImportRowErrorCsvErrorDetails' - xlsxError: - description: Error details for an XLSX file. - $ref: '#/components/schemas/ImportRowErrorXlsxErrorDetails' - archiveError: - description: Error details for an archive file. - $ref: '#/components/schemas/ImportRowErrorArchiveErrorDetails' - ImportError: - id: ImportError - description: >- - A resource that reports the errors encountered while processing an - import job. + $ref: '#/components/schemas/DiscoveryClient' + unreachable: + description: Locations that could not be reached. + items: + type: string + type: array + nextPageToken: + description: >- + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. + type: string + description: Response message for listing discovery clients. + VmwareDiskConfig: + description: VMware disk config details. + id: VmwareDiskConfig type: object properties: - errorDetails: - description: The error information. + backingType: type: string - severity: - description: The severity of the error. + enum: + - BACKING_TYPE_UNSPECIFIED + - BACKING_TYPE_FLAT_V1 + - BACKING_TYPE_FLAT_V2 + - BACKING_TYPE_PMEM + - BACKING_TYPE_RDM_V1 + - BACKING_TYPE_RDM_V2 + - BACKING_TYPE_SESPARSE + - BACKING_TYPE_SESPARSE_V1 + - BACKING_TYPE_SESPARSE_V2 + description: VMDK backing type. + enumDescriptions: + - Default value. + - Flat v1. + - Flat v2. + - Persistent memory, also known as Non-Volatile Memory (NVM). + - Raw Disk Memory v1. + - Raw Disk Memory v2. + - >- + SEsparse is a snapshot format introduced in vSphere 5.5 for large + disks. + - SEsparse v1. + - SEsparse v1. + shared: + description: Is VMDK shared with other VMs. + type: boolean + vmdkMode: + enumDescriptions: + - VMDK disk mode unspecified or unknown. + - Dependent disk mode. + - Independent - Persistent disk mode. + - Independent - Nonpersistent disk mode. type: string + enum: + - VMDK_MODE_UNSPECIFIED + - DEPENDENT + - INDEPENDENT_PERSISTENT + - INDEPENDENT_NONPERSISTENT + description: VMDK disk mode. + rdmCompatibility: + description: RDM compatibility mode. enumDescriptions: - - '' - - '' - - '' - - '' + - Compatibility mode unspecified or unknown. + - Physical compatibility mode. + - Virtual compatibility mode. + type: string enum: - - SEVERITY_UNSPECIFIED - - ERROR - - WARNING - - INFO - ImportRowErrorCsvErrorDetails: - id: ImportRowErrorCsvErrorDetails - description: Error details for a CSV file. - type: object + - RDM_COMPATIBILITY_UNSPECIFIED + - PHYSICAL_COMPATIBILITY + - VIRTUAL_COMPATIBILITY + MachineArchitectureDetails: + description: Details of the machine architecture. properties: - rowNumber: - description: The row number where the error was detected. + firmwareType: + type: string + enumDescriptions: + - Unspecified or unknown. + - BIOS firmware. + - EFI firmware. + description: Firmware type. + enum: + - FIRMWARE_TYPE_UNSPECIFIED + - BIOS + - EFI + cpuSocketCount: + format: int32 + description: Number of processor sockets allocated to the machine. type: integer + cpuThreadCount: + description: >- + Deprecated: use MachineDetails.core_count instead. Number of CPU + threads allocated to the machine. format: int32 - ImportRowErrorXlsxErrorDetails: - id: ImportRowErrorXlsxErrorDetails - description: Error details for an XLSX file. + type: integer + deprecated: true + cpuName: + type: string + description: CPU name, e.g., "Intel Xeon E5-2690", "AMD EPYC 7571" etc. + cpuManufacturer: + description: Optional. CPU manufacturer, e.g., "Intel", "AMD". + type: string + cpuArchitecture: + type: string + description: CPU architecture, e.g., "x64-based PC", "x86_64", "i686" etc. + hyperthreading: + enumDescriptions: + - Unspecified or unknown. + - Hyper-threading is disabled. + - Hyper-threading is enabled. + enum: + - CPU_HYPER_THREADING_UNSPECIFIED + - DISABLED + - ENABLED + type: string + description: CPU hyper-threading support. + vendor: + type: string + description: Hardware vendor. + bios: + description: BIOS Details. + $ref: '#/components/schemas/BiosDetails' + type: object + id: MachineArchitectureDetails + ReportSummaryMachineSeriesAllocation: type: object properties: - sheet: - description: The name of the sheet where the error was detected. + allocatedAssetCount: + description: Count of assets allocated to this machine series. + format: int64 type: string - rowNumber: - description: The row number where the error was detected. - type: integer - format: int32 - ImportRowErrorArchiveErrorDetails: - id: ImportRowErrorArchiveErrorDetails - description: Error details for an archive file. + machineSeries: + description: The Machine Series (e.g. "E2", "N2") + $ref: '#/components/schemas/MachineSeries' + description: >- + Represents a data point tracking the count of assets allocated for a + specific Machine Series. + id: ReportSummaryMachineSeriesAllocation + AssetFrame: type: object properties: - filePath: + labels: + additionalProperties: + type: string + description: Labels as key value pairs. + type: object + databaseDeploymentDetails: + $ref: '#/components/schemas/DatabaseDeploymentDetails' + description: Asset information specific for database deployments. + traceToken: + type: string description: >- - Output only. The file path inside the archive where the error was - detected. + Optional. Trace token is optionally provided to assist with + debugging and traceability. + databaseDetails: + $ref: '#/components/schemas/DatabaseDetails' + description: Asset information specific for logical databases. + machineDetails: + description: Asset information specific for virtual machines. + $ref: '#/components/schemas/MachineDetails' + collectionType: + enum: + - SOURCE_TYPE_UNKNOWN + - SOURCE_TYPE_UPLOAD + - SOURCE_TYPE_GUEST_OS_SCAN + - SOURCE_TYPE_INVENTORY_SCAN + - SOURCE_TYPE_CUSTOM + - SOURCE_TYPE_DISCOVERY_CLIENT + type: string + enumDescriptions: + - Unspecified + - Manually uploaded file (e.g. CSV) + - Guest-level info + - Inventory-level scan + - Third-party owned sources. + - Discovery clients + description: >- + Optional. Frame collection type, if not specified the collection + type will be based on the source type of the source the frame was + reported on. + attributes: + description: Generic asset attributes. + additionalProperties: + type: string + type: object + reportTime: + description: The time the data was reported. + type: string + format: google-datetime + performanceSamples: + description: >- + Asset performance data samples. Samples that are from more than 40 + days ago or after tomorrow are ignored. + items: + $ref: '#/components/schemas/PerformanceSample' + type: array + description: Contains data reported from an inventory source on an asset. + id: AssetFrame + ReportConfig: + properties: + groupPreferencesetAssignments: + items: + $ref: '#/components/schemas/ReportConfigGroupPreferenceSetAssignment' + description: Required. Collection of combinations of groups and preference sets. + type: array + updateTime: + type: string + format: google-datetime + description: Output only. The timestamp when the resource was last updated. readOnly: true + displayName: + description: User-friendly display name. Maximum length is 63 characters. + type: string + createTime: + description: Output only. The timestamp when the resource was created. type: string - csvError: - description: Error details for a CSV file. - $ref: '#/components/schemas/ImportRowErrorCsvErrorDetails' - ExecutionReport: - id: ExecutionReport - description: A resource that reports result of the import job execution. - type: object - properties: - framesReported: - description: Total number of asset frames reported for the import job. - type: integer - format: int32 - executionErrors: - description: >- - Validation errors encountered during the execution of the import - job. - $ref: '#/components/schemas/ValidationReport' - totalRowsCount: - description: Output only. Total number of rows in the import job. readOnly: true - type: integer - format: int32 - ListImportJobsResponse: - id: ListImportJobsResponse - description: A response for listing import jobs. - type: object - properties: - importJobs: - description: The list of import jobs. - type: array - items: - $ref: '#/components/schemas/ImportJob' - nextPageToken: - description: A token identifying a page of results the server should return. + format: google-datetime + name: type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - ValidateImportJobRequest: - id: ValidateImportJobRequest - description: A request to validate an import job. - type: object - properties: - requestId: - description: >- - Optional. An optional request ID to identify requests. Specify a - unique request ID so that if you must retry your request, the server - will know to ignore the request if it has already been completed. - The server will guarantee that for at least 60 minutes after the - first request. For example, consider a situation where you make an - initial request and the request times out. If you make the request - again with the same request ID, the server can check if original - operation with the same request ID was received, and if so, will - ignore the second request. This prevents clients from accidentally - creating duplicate commitments. The request ID must be a valid UUID - with the exception that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). + readOnly: true + description: Output only. Name of resource. + description: + description: Free-text description. type: string - RunImportJobRequest: - id: RunImportJobRequest - description: A request to run an import job. + id: ReportConfig + description: >- + The groups and associated preference sets on which we can generate + reports. type: object + DailyResourceUsageAggregationMemory: + id: DailyResourceUsageAggregationMemory + description: Statistical aggregation of memory usage. properties: - requestId: - description: >- - Optional. An optional request ID to identify requests. Specify a - unique request ID so that if you must retry your request, the server - will know to ignore the request if it has already been completed. - The server will guarantee that for at least 60 minutes after the - first request. For example, consider a situation where you make an - initial request and the request times out. If you make the request - again with the same request ID, the server can check if original - operation with the same request ID was received, and if so, will - ignore the second request. This prevents clients from accidentally - creating duplicate commitments. The request ID must be a valid UUID - with the exception that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). - type: string + utilizationPercentage: + $ref: '#/components/schemas/DailyResourceUsageAggregationStats' + description: Memory utilization percentage. + type: object ImportDataFile: - id: ImportDataFile description: A resource that represents a payload file in an import job. + id: ImportDataFile type: object properties: - name: - description: Output only. The name of the file. + state: readOnly: true type: string - displayName: - description: User-friendly display name. Maximum length is 63 characters. - type: string + description: Output only. The state of the import data file. + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + enumDescriptions: + - Default value. + - The data file is being created. + - The data file completed initialization. format: - description: Required. The payload format. type: string + enum: + - IMPORT_JOB_FORMAT_UNSPECIFIED + - IMPORT_JOB_FORMAT_RVTOOLS_XLSX + - IMPORT_JOB_FORMAT_RVTOOLS_CSV + - IMPORT_JOB_FORMAT_EXPORTED_AWS_CSV + - IMPORT_JOB_FORMAT_EXPORTED_AZURE_CSV + - IMPORT_JOB_FORMAT_STRATOZONE_CSV + - IMPORT_JOB_FORMAT_DATABASE_ZIP enumDescriptions: - Default value. - RVTools format (XLSX). @@ -2716,1480 +2541,1677 @@ components: CSV format created manually and following the StratoZone format. For more information, see Manually create and upload data tables. - ZIP file with nested CSV files generated by a database collector. - enum: - - IMPORT_JOB_FORMAT_UNSPECIFIED - - IMPORT_JOB_FORMAT_RVTOOLS_XLSX - - IMPORT_JOB_FORMAT_RVTOOLS_CSV - - IMPORT_JOB_FORMAT_EXPORTED_AWS_CSV - - IMPORT_JOB_FORMAT_EXPORTED_AZURE_CSV - - IMPORT_JOB_FORMAT_STRATOZONE_CSV - - IMPORT_JOB_FORMAT_DATABASE_ZIP + description: Required. The payload format. createTime: - description: Output only. The timestamp when the file was created. readOnly: true type: string format: google-datetime - state: - description: Output only. The state of the import data file. - readOnly: true + description: Output only. The timestamp when the file was created. + displayName: + description: User-friendly display name. Maximum length is 63 characters. type: string - enumDescriptions: - - Default value. - - The data file is being created. - - The data file completed initialization. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE + name: + type: string + description: Output only. The name of the file. + readOnly: true uploadFileInfo: - description: Information about a file that is uploaded to a storage service. $ref: '#/components/schemas/UploadFileInfo' - UploadFileInfo: - id: UploadFileInfo - description: A resource that contains a URI to which a data file can be uploaded. - type: object + description: Information about a file that is uploaded to a storage service. + ComputeEngineMigrationTarget: + description: Compute engine migration target. + id: ComputeEngineMigrationTarget properties: - signedUri: - description: Output only. Upload URI for the file. - readOnly: true - type: string - headers: - description: Output only. The headers that were used to sign the URI. - readOnly: true - type: object - additionalProperties: - type: string - uriExpirationTime: - description: Output only. Expiration time of the upload URI. - readOnly: true - type: string - format: google-datetime - ListImportDataFilesResponse: - id: ListImportDataFilesResponse - description: Response for listing payload files of an import job. + shape: + $ref: '#/components/schemas/ComputeEngineShapeDescriptor' + description: Description of the suggested shape for the migration target. type: object + BatchUpdateAssetsRequest: + description: A request to update a list of assets. + id: BatchUpdateAssetsRequest properties: - importDataFiles: - description: The list of import data files. - type: array + requests: items: - $ref: '#/components/schemas/ImportDataFile' - nextPageToken: - description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. - type: string - unreachable: - description: Locations that could not be reached. + $ref: '#/components/schemas/UpdateAssetRequest' type: array - items: - type: string - ListGroupsResponse: - id: ListGroupsResponse - description: A response for listing groups. + description: >- + Required. The request message specifying the resources to update. A + maximum of 1000 assets can be modified in a batch. + type: object + DiskPartitionDetails: type: object properties: - groups: - description: The list of Group - type: array - items: - $ref: '#/components/schemas/Group' - nextPageToken: - description: A token identifying a page of results the server should return. + freeSpaceBytes: type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - Group: - id: Group - description: >- - A resource that represents an asset group. The purpose of an asset group - is to bundle a set of assets that have something in common, while - allowing users to add annotations to the group. An asset can belong to - multiple groups. + format: int64 + readOnly: true + description: Output only. Total free space of all partitions. + partitions: + description: Optional. List of partitions. + $ref: '#/components/schemas/DiskPartitionList' + totalCapacityBytes: + format: int64 + description: Output only. Total capacity of all partitions. + readOnly: true + type: string + description: Disk partition details. + id: DiskPartitionDetails + AwsEc2PlatformDetails: + description: AWS EC2 specific details. + properties: + hyperthreading: + type: string + description: Optional. Whether the machine is hyperthreaded. + enumDescriptions: + - Simultaneous Multithreading status unknown. + - Simultaneous Multithreading is disabled or unavailable. + - Simultaneous Multithreading is enabled. + enum: + - HYPERTHREADING_STATUS_UNSPECIFIED + - HYPERTHREADING_STATUS_DISABLED + - HYPERTHREADING_STATUS_ENABLED + machineTypeLabel: + type: string + description: AWS platform's machine type label. + location: + type: string + description: The location of the machine in the AWS format. type: object + id: AwsEc2PlatformDetails + Group: properties: - name: - description: Output only. The name of the group. - readOnly: true + description: + type: string + description: Optional. The description of the group. + displayName: type: string + description: Optional. User-friendly display name. createTime: - description: Output only. The timestamp when the group was created. - readOnly: true type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the group was last updated. readOnly: true - type: string + description: Output only. The timestamp when the group was created. format: google-datetime labels: description: Labels as key value pairs. type: object additionalProperties: type: string - displayName: - description: Optional. User-friendly display name. + name: + readOnly: true type: string - description: - description: Optional. The description of the group. + description: Output only. The name of the group. + updateTime: + description: Output only. The timestamp when the group was last updated. type: string - AddAssetsToGroupRequest: - id: AddAssetsToGroupRequest - description: A request to add assets to a group. + format: google-datetime + readOnly: true type: object + description: >- + A resource that represents an asset group. The purpose of an asset group + is to bundle a set of assets that have something in common, while + allowing users to add annotations to the group. An asset can belong to + multiple groups. + id: Group + RuntimeNetworkInfo: + id: RuntimeNetworkInfo properties: - requestId: - description: >- - Optional. An optional request ID to identify requests. Specify a - unique request ID so that if you must retry your request, the server - will know to ignore the request if it has already been completed. - The server will guarantee that for at least 60 minutes after the - first request. For example, consider a situation where you make an - initial request and the request times out. If you make the request - again with the same request ID, the server can check if original - operation with the same request ID was received, and if so, will - ignore the second request. This prevents clients from accidentally - creating duplicate commitments. The request ID must be a valid UUID - with the exception that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). + connections: + $ref: '#/components/schemas/NetworkConnectionList' + description: Network connections. + scanTime: + description: Time of the last network scan. + format: google-datetime type: string - assets: - description: >- - Required. List of assets to be added. The maximum number of assets - that can be added in a single request is 1000. - $ref: '#/components/schemas/AssetList' - allowExisting: - description: >- - Optional. When this value is set to `false` and one of the given - assets is already an existing member of the group, the operation - fails with an `Already Exists` error. When set to `true` this - situation is silently ignored by the server. Default value is - `false`. - type: boolean - AssetList: - id: AssetList - description: Lists the asset IDs of all assets. + description: Runtime networking information. + type: object + ReportConfigGroupPreferenceSetAssignment: + id: ReportConfigGroupPreferenceSetAssignment type: object properties: - assetIds: - description: Required. A list of asset IDs - type: array - items: - type: string - RemoveAssetsFromGroupRequest: - id: RemoveAssetsFromGroupRequest - description: A request to remove assets from a group. + preferenceSet: + description: Required. Name of the Preference Set. + type: string + group: + type: string + description: Required. Name of the group. + description: Represents a combination of a group with a preference set. + GenerateReportArtifactLinkRequest: type: object + id: GenerateReportArtifactLinkRequest properties: - requestId: - description: >- - Optional. An optional request ID to identify requests. Specify a - unique request ID so that if you must retry your request, the server - will know to ignore the request if it has already been completed. - The server will guarantee that for at least 60 minutes after the - first request. For example, consider a situation where you make an - initial request and the request times out. If you make the request - again with the same request ID, the server can check if original - operation with the same request ID was received, and if so, will - ignore the second request. This prevents clients from accidentally - creating duplicate commitments. The request ID must be a valid UUID - with the exception that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). + artifactType: + enum: + - ARTIFACT_TYPE_UNSPECIFIED + - PRESENTATION + - SPREADSHEET + - CSV + description: Required. Type of the artifact requested. + enumDescriptions: + - Unspecified (default value). + - Google Slides presentation. + - Google Sheets document. + - Comma Separated Value Text File. type: string - assets: - description: >- - Required. List of assets to be removed. The maximum number of assets - that can be removed in a single request is 1000. - $ref: '#/components/schemas/AssetList' - allowMissing: - description: >- - Optional. When this value is set to `false` and one of the given - assets is not an existing member of the group, the operation fails - with a `Not Found` error. When set to `true` this situation is - silently ignored by the server. Default value is `false`. - type: boolean - ListErrorFramesResponse: - id: ListErrorFramesResponse - description: A response for listing error frames. + description: A request to generate a link to an artifact for a Report. + MySqlVariable: + description: MySql variable. + id: MySqlVariable + properties: + variable: + description: Required. The variable name. + type: string + category: + description: Required. The variable category. + type: string + value: + type: string + description: Required. The variable value. + type: object + AggregateAssetsValuesResponse: type: object properties: - errorFrames: - description: The list of error frames. - type: array + results: items: - $ref: '#/components/schemas/ErrorFrame' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - unreachable: - description: Locations that could not be reached. + $ref: '#/components/schemas/AggregationResult' + description: The aggregation results. type: array - items: - type: string - ErrorFrame: - id: ErrorFrame - description: >- - Message representing a frame which failed to be processed due to an - error. + description: A response to a request to aggregated assets values. + id: AggregateAssetsValuesResponse + BiosDetails: + id: BiosDetails type: object properties: - name: - description: Output only. The identifier of the ErrorFrame. - readOnly: true + releaseDate: + $ref: '#/components/schemas/Date' + description: BIOS release date. + id: + description: BIOS ID. type: string - violations: - description: Output only. All the violations that were detected for the frame. - readOnly: true - type: array - items: - $ref: '#/components/schemas/FrameViolationEntry' - originalFrame: - description: Output only. The frame that was originally reported. - readOnly: true - $ref: '#/components/schemas/AssetFrame' - ingestionTime: - description: Output only. Frame ingestion time. - readOnly: true + version: + description: BIOS version. type: string - format: google-datetime - FrameViolationEntry: - id: FrameViolationEntry - description: >- - A resource that contains a single violation of a reported `AssetFrame` - resource. - type: object - properties: - field: - description: The field of the original frame where the violation occurred. + biosName: + deprecated: true type: string - violation: - description: A message describing the violation. + description: >- + BIOS name. This fields is deprecated. Please use the `id` field + instead. + smbiosUuid: type: string - ListSourcesResponse: - id: ListSourcesResponse - description: Response message for listing sources. + description: SMBIOS UUID. + manufacturer: + description: BIOS manufacturer. + type: string + description: Details about the BIOS. + PerformanceSample: + description: Performance data sample. type: object + id: PerformanceSample properties: - sources: - description: The list of sources. + sampleTime: + description: >- + Time the sample was collected. If omitted, the frame report time + will be used. + format: google-datetime + type: string + network: + $ref: '#/components/schemas/NetworkUsageSample' + description: Network usage sample. + memory: + $ref: '#/components/schemas/MemoryUsageSample' + description: Memory usage sample. + cpu: + description: CPU usage sample. + $ref: '#/components/schemas/CpuUsageSample' + disk: + description: Disk usage sample. + $ref: '#/components/schemas/DiskUsageSample' + MysqlDatabaseDeployment: + id: MysqlDatabaseDeployment + properties: + plugins: + description: Optional. List of MySql plugins. + type: array + items: + $ref: '#/components/schemas/MySqlPlugin' + resourceGroupsCount: + description: Optional. Number of resource groups. + format: int32 + type: integer + properties: type: array + description: Optional. List of MySql properties. items: - $ref: '#/components/schemas/Source' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - unreachable: - description: Locations that could not be reached. - type: array + $ref: '#/components/schemas/MySqlProperty' + variables: + description: Optional. List of MySql variables. items: - type: string - Source: - id: Source - description: >- - Source represents an object from which asset information is streamed to - Migration Center. + $ref: '#/components/schemas/MySqlVariable' + type: array + description: Specific details for a Mysql database deployment. + type: object + SoleTenancyPreferences: + id: SoleTenancyPreferences type: object properties: - name: - description: Output only. The full name of the source. - readOnly: true - type: string - createTime: - description: Output only. The timestamp when the source was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the source was last updated. - readOnly: true - type: string - format: google-datetime - displayName: - description: User-friendly display name. - type: string - description: - description: Free-text description. - type: string - type: - description: Data source type. - type: string + cpuOvercommitRatio: + type: number + description: >- + CPU overcommit ratio. Acceptable values are between 1.0 and 2.0 + inclusive. + format: double + hostMaintenancePolicy: enumDescriptions: - - Unspecified - - Manually uploaded file (e.g. CSV) - - Guest-level info - - Inventory-level scan - - Third-party owned sources. - - Discovery clients + - Unspecified host maintenance policy. + - Default host maintenance policy. + - Restart in place host maintenance policy. + - Migrate within node group host maintenance policy. + description: Sole Tenancy nodes maintenance policy. enum: - - SOURCE_TYPE_UNKNOWN - - SOURCE_TYPE_UPLOAD - - SOURCE_TYPE_GUEST_OS_SCAN - - SOURCE_TYPE_INVENTORY_SCAN - - SOURCE_TYPE_CUSTOM - - SOURCE_TYPE_DISCOVERY_CLIENT - priority: - description: >- - The information confidence of the source. The higher the value, the - higher the confidence. - type: integer - format: int32 - managed: - description: If `true`, the source is managed by other service(s). - type: boolean - pendingFrameCount: - description: Output only. Number of frames that are still being processed. - readOnly: true - type: integer - format: int32 - errorFrameCount: - description: >- - Output only. The number of frames that were reported by the source - and contained errors. - readOnly: true - type: integer - format: int32 - state: - description: Output only. The state of the source. - readOnly: true + - HOST_MAINTENANCE_POLICY_UNSPECIFIED + - HOST_MAINTENANCE_POLICY_DEFAULT + - HOST_MAINTENANCE_POLICY_RESTART_IN_PLACE + - HOST_MAINTENANCE_POLICY_MIGRATE_WITHIN_NODE_GROUP type: string - enumDescriptions: - - Unspecified. - - The source is active and ready to be used. - - In the process of being deleted. - - >- - Source is in an invalid state. Asset frames reported to it will be - ignored. + commitmentPlan: + description: >- + Commitment plan to consider when calculating costs for virtual + machine insights and recommendations. If you are unsure which value + to set, a 3 year commitment plan is often a good value to start + with. enum: - - STATE_UNSPECIFIED - - ACTIVE - - DELETING - - INVALID - ListPreferenceSetsResponse: - id: ListPreferenceSetsResponse - description: Response message for listing preference sets. - type: object - properties: - preferenceSets: - description: The list of PreferenceSets + - COMMITMENT_PLAN_UNSPECIFIED + - ON_DEMAND + - COMMITMENT_1_YEAR + - COMMITMENT_3_YEAR + enumDescriptions: + - Unspecified commitment plan. + - No commitment plan (on-demand usage). + - 1 year commitment. + - 3 years commitment. + type: string + nodeTypes: + description: >- + A list of sole tenant node types. An empty list means that all + possible node types will be considered. type: array items: - $ref: '#/components/schemas/PreferenceSet' - nextPageToken: - description: A token identifying a page of results the server should return. + $ref: '#/components/schemas/SoleTenantNodeType' + description: Preferences concerning Sole Tenancy nodes and VMs. + DatabaseInstanceNetwork: + id: DatabaseInstanceNetwork + description: Network details of a database instance. + type: object + properties: + primaryMacAddress: type: string - unreachable: - description: Locations that could not be reached. + description: Optional. The instance's primary MAC address. + hostNames: + items: + type: string + description: Optional. The instance's host names. + type: array + ipAddresses: type: array items: type: string - PreferenceSet: - id: PreferenceSet - description: The preferences that apply to all assets in a given context. + description: Optional. The instance's IP addresses. + ReportSummaryGroupPreferenceSetFinding: + description: Summary Findings for a specific Group/PreferenceSet combination. type: object + id: ReportSummaryGroupPreferenceSetFinding properties: - name: - description: Output only. Name of the preference set. - readOnly: true - type: string - createTime: - description: Output only. The timestamp when the preference set was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the preference set was last updated. - readOnly: true - type: string - format: google-datetime + vmwareEngineFinding: + $ref: '#/components/schemas/ReportSummaryVmwareEngineFinding' + description: A set of findings that applies to VMWare machines in the input. + monthlyCostNetworkEgress: + $ref: '#/components/schemas/Money' + description: Network Egress monthly cost for this preference set. + monthlyCostCompute: + $ref: '#/components/schemas/Money' + description: Compute monthly cost for this preference set. + monthlyCostOther: + description: Miscellaneous monthly cost for this preference set. + $ref: '#/components/schemas/Money' + monthlyCostOsLicense: + description: Licensing monthly cost for this preference set. + $ref: '#/components/schemas/Money' displayName: - description: User-friendly display name. Maximum length is 63 characters. + description: Display Name of the Preference Set type: string + monthlyCostStorage: + $ref: '#/components/schemas/Money' + description: Storage monthly cost for this preference set. + monthlyCostTotal: + $ref: '#/components/schemas/Money' + description: Total monthly cost for this preference set. + computeEngineFinding: + description: >- + A set of findings that applies to Compute Engine machines in the + input. + $ref: '#/components/schemas/ReportSummaryComputeEngineFinding' description: - description: A description of the preference set. + description: Description for the Preference Set. type: string - virtualMachinePreferences: - description: >- - Optional. A set of preferences that applies to all virtual machines - in the context. + machinePreferences: $ref: '#/components/schemas/VirtualMachinePreferences' - VirtualMachinePreferences: - id: VirtualMachinePreferences - description: >- - VirtualMachinePreferences enables you to create sets of assumptions, for - example, a geographical location and pricing track, for your migrated - virtual machines. The set of preferences influence recommendations for - migrating virtual machine assets. - type: object + description: A set of preferences that applies to all machines in the context. + soleTenantFinding: + description: A set of findings that applies to Sole-Tenant machines in the input. + $ref: '#/components/schemas/ReportSummarySoleTenantFinding' + Money: + description: Represents an amount of money with its currency type. properties: - targetProduct: + nanos: description: >- - Target product for assets using this preference set. Specify either - target product or business goal, but not both. + Number of nano (10^-9) units of the amount. The value must be + between -999,999,999 and +999,999,999 inclusive. If `units` is + positive, `nanos` must be positive or zero. If `units` is zero, + `nanos` can be positive, zero, or negative. If `units` is negative, + `nanos` must be negative or zero. For example $-1.75 is represented + as `units`=-1 and `nanos`=-750,000,000. + type: integer + format: int32 + units: type: string - enumDescriptions: - - Unspecified (default value). - - Prefer to migrate to Google Cloud Compute Engine. - - Prefer to migrate to Google Cloud VMware Engine.6278 - - Prefer to migrate to Google Cloud Sole Tenant Nodes. - enum: - - COMPUTE_MIGRATION_TARGET_PRODUCT_UNSPECIFIED - - COMPUTE_MIGRATION_TARGET_PRODUCT_COMPUTE_ENGINE - - COMPUTE_MIGRATION_TARGET_PRODUCT_VMWARE_ENGINE - - COMPUTE_MIGRATION_TARGET_PRODUCT_SOLE_TENANCY - regionPreferences: description: >- - Region preferences for assets using this preference set. If you are - unsure which value to set, the migration service API region is often - a good value to start with. - $ref: '#/components/schemas/RegionPreferences' + The whole units of the amount. For example if `currencyCode` is + `"USD"`, then 1 unit is one US dollar. + format: int64 + currencyCode: + type: string + description: The three-letter currency code defined in ISO 4217. + type: object + id: Money + VmwareEnginePreferences: + type: object + properties: + cpuOvercommitRatio: + description: >- + CPU overcommit ratio. Acceptable values are between 1.0 and 8.0, + with 0.1 increment. + format: double + type: number commitmentPlan: + enumDescriptions: + - Unspecified commitment plan. + - No commitment plan (on-demand usage). + - 1 year commitment (monthly payments). + - 3 year commitment (monthly payments). + - 1 year commitment (upfront payment). + - 3 years commitment (upfront payment). description: >- Commitment plan to consider when calculating costs for virtual machine insights and recommendations. If you are unsure which value to set, a 3 year commitment plan is often a good value to start with. - type: string - enumDescriptions: - - Unspecified commitment plan. - - No commitment plan. - - 1 year commitment. - - 3 years commitment. enum: - COMMITMENT_PLAN_UNSPECIFIED - - COMMITMENT_PLAN_NONE - - COMMITMENT_PLAN_ONE_YEAR - - COMMITMENT_PLAN_THREE_YEARS - sizingOptimizationStrategy: - description: >- - Sizing optimization strategy specifies the preferred strategy used - when extrapolating usage data to calculate insights and - recommendations for a virtual machine. If you are unsure which value - to set, a moderate sizing optimization strategy is often a good - value to start with. + - ON_DEMAND + - COMMITMENT_1_YEAR_MONTHLY_PAYMENTS + - COMMITMENT_3_YEAR_MONTHLY_PAYMENTS + - COMMITMENT_1_YEAR_UPFRONT_PAYMENT + - COMMITMENT_3_YEAR_UPFRONT_PAYMENT type: string - enumDescriptions: - - Unspecified (default value). - - >- - No optimization applied. Virtual machine sizing matches as closely - as possible the machine shape on the source site, not considering - any actual performance data. - - >- - Virtual machine sizing will match the reported usage and shape, - with some slack. This a good value to start with. - - >- - Virtual machine sizing will match the reported usage, with little - slack. Using this option can help reduce costs. - enum: - - SIZING_OPTIMIZATION_STRATEGY_UNSPECIFIED - - SIZING_OPTIMIZATION_STRATEGY_SAME_AS_SOURCE - - SIZING_OPTIMIZATION_STRATEGY_MODERATE - - SIZING_OPTIMIZATION_STRATEGY_AGGRESSIVE - computeEnginePreferences: + storageDeduplicationCompressionRatio: + type: number + format: double description: >- - Compute Engine preferences concern insights and recommendations for - Compute Engine target. - $ref: '#/components/schemas/ComputeEnginePreferences' - vmwareEnginePreferences: + The Deduplication and Compression ratio is based on the logical + (Used Before) space required to store data before applying + deduplication and compression, in relation to the physical (Used + After) space required after applying deduplication and compression. + Specifically, the ratio is the Used Before space divided by the Used + After space. For example, if the Used Before space is 3 GB, but the + physical Used After space is 1 GB, the deduplication and compression + ratio is 3x. Acceptable values are between 1.0 and 4.0. + memoryOvercommitRatio: description: >- - Preferences concerning insights and recommendations for Google Cloud - VMware Engine. - $ref: '#/components/schemas/VmwareEnginePreferences' - soleTenancyPreferences: - description: Preferences concerning Sole Tenant nodes and virtual machines. - $ref: '#/components/schemas/SoleTenancyPreferences' - RegionPreferences: - id: RegionPreferences - description: The user preferences relating to target regions. - type: object + Memory overcommit ratio. Acceptable values are 1.0, 1.25, 1.5, 1.75 + and 2.0. + format: double + type: number + id: VmwareEnginePreferences + description: >- + The user preferences relating to Google Cloud VMware Engine target + platform. + HostsEntry: properties: - preferredRegions: - description: >- - A list of preferred regions, ordered by the most preferred region - first. Set only valid Google Cloud region names. See - https://cloud.google.com/compute/docs/regions-zones for available - regions. - type: array + ip: + type: string + description: IP (raw, IPv4/6 agnostic). + hostNames: items: type: string - ComputeEnginePreferences: - id: ComputeEnginePreferences - description: The user preferences relating to Compute Engine target platform. + description: List of host names / aliases. + type: array + id: HostsEntry + description: Single /etc/hosts entry. + type: object + ComputeEngineShapeDescriptor: + description: Compute Engine target shape descriptor. type: object + id: ComputeEngineShapeDescriptor properties: - persistentDiskType: - description: >- - Persistent disk type to use. If unspecified (default), all types are - considered, based on available usage data. + series: + readOnly: true type: string - enumDescriptions: - - Unspecified. Fallback to default value based on context. - - Standard HDD Persistent Disk. - - Balanced Persistent Disk. - - SSD Persistent Disk. + description: Output only. Compute Engine machine series. + memoryMb: + format: int32 + description: Memory in mebibytes. + type: integer + physicalCoreCount: + description: Number of physical cores. + type: integer + format: int32 + logicalCoreCount: + format: int32 + readOnly: true + type: integer + description: Output only. Number of logical cores. + storage: + description: Output only. Compute Engine storage. Never empty. + readOnly: true + items: + $ref: '#/components/schemas/ComputeStorageDescriptor' + type: array + machineType: + readOnly: true + type: string + description: Output only. Compute Engine machine type. + NetworkConnection: + properties: + remotePort: + type: integer + format: int32 + description: Remote port. + localIpAddress: + description: Local IP address. + type: string + localPort: + format: int32 + type: integer + description: Local port. + protocol: + description: Connection protocol (e.g. TCP/UDP). + type: string + state: + description: Network connection state. enum: - - PERSISTENT_DISK_TYPE_UNSPECIFIED - - PERSISTENT_DISK_TYPE_STANDARD - - PERSISTENT_DISK_TYPE_BALANCED - - PERSISTENT_DISK_TYPE_SSD - machinePreferences: - description: >- - Preferences concerning the machine types to consider on Compute - Engine. - $ref: '#/components/schemas/MachinePreferences' - licenseType: - description: >- - License type to consider when calculating costs for virtual machine - insights and recommendations. If unspecified, costs are calculated - based on the default licensing plan. + - STATE_UNSPECIFIED + - OPENING + - OPEN + - LISTEN + - CLOSING + - CLOSED type: string enumDescriptions: - - Unspecified (default value). - - >- - Default Google Cloud licensing plan. Licensing is charged per - usage. This a good value to start with. - - Bring-your-own-license (BYOL) plan. User provides the OS license. - enum: - - LICENSE_TYPE_UNSPECIFIED - - LICENSE_TYPE_DEFAULT - - LICENSE_TYPE_BRING_YOUR_OWN_LICENSE - MachinePreferences: - id: MachinePreferences - description: >- - The type of machines to consider when calculating virtual machine - migration insights and recommendations. Not all machine types are - available in all zones and regions. + - Connection state is unknown or unspecified. + - The connection is being opened. + - The connection is open. + - Listening for incoming connections. + - The connection is being closed. + - The connection is closed. + processName: + type: string + description: Process or service name. + pid: + description: Process ID. + format: int64 + type: string + remoteIpAddress: + type: string + description: Remote IP address. + id: NetworkConnection + type: object + HostsEntryList: type: object + id: HostsEntryList + description: Hosts content. properties: - allowedMachineSeries: - description: >- - Compute Engine machine series to consider for insights and - recommendations. If empty, no restriction is applied on the machine - series. - type: array + entries: items: - $ref: '#/components/schemas/MachineSeries' - MachineSeries: - id: MachineSeries - description: >- - A machine series, for a target product (e.g. Compute Engine, Google - Cloud VMware Engine). + $ref: '#/components/schemas/HostsEntry' + type: array + description: Hosts entries. + AggregationResult: + description: Message describing a result of an aggregation. + type: object + id: AggregationResult + properties: + histogram: + $ref: '#/components/schemas/AggregationResultHistogram' + field: + type: string + sum: + $ref: '#/components/schemas/AggregationResultSum' + frequency: + $ref: '#/components/schemas/AggregationResultFrequency' + count: + $ref: '#/components/schemas/AggregationResultCount' + MachineSeries: type: object + id: MachineSeries properties: code: + type: string description: >- Code to identify a machine series. Consult this for more details on the available series for Compute Engine: https://cloud.google.com/compute/docs/machine-resource#machine_type_comparison Consult this for more details on the available series for Google Cloud VMware Engine: https://cloud.google.com/vmware-engine/pricing - type: string - VmwareEnginePreferences: - id: VmwareEnginePreferences description: >- - The user preferences relating to Google Cloud VMware Engine target - platform. + A machine series, for a target product (e.g. Compute Engine, Google + Cloud VMware Engine). + Source: type: object + id: Source + description: >- + Source represents an object from which asset information is streamed to + Migration Center. properties: - cpuOvercommitRatio: - description: >- - CPU overcommit ratio. Acceptable values are between 1.0 and 8.0, - with 0.1 increment. - type: number - format: double - memoryOvercommitRatio: - description: >- - Memory overcommit ratio. Acceptable values are 1.0, 1.25, 1.5, 1.75 - and 2.0. - type: number - format: double - storageDeduplicationCompressionRatio: - description: >- - The Deduplication and Compression ratio is based on the logical - (Used Before) space required to store data before applying - deduplication and compression, in relation to the physical (Used - After) space required after applying deduplication and compression. - Specifically, the ratio is the Used Before space divided by the Used - After space. For example, if the Used Before space is 3 GB, but the - physical Used After space is 1 GB, the deduplication and compression - ratio is 3x. Acceptable values are between 1.0 and 4.0. - type: number - format: double - commitmentPlan: + description: + type: string + description: Free-text description. + priority: + format: int32 description: >- - Commitment plan to consider when calculating costs for virtual - machine insights and recommendations. If you are unsure which value - to set, a 3 year commitment plan is often a good value to start - with. + The information confidence of the source. The higher the value, the + higher the confidence. + type: integer + state: + readOnly: true + enum: + - STATE_UNSPECIFIED + - ACTIVE + - DELETING + - INVALID type: string + description: Output only. The state of the source. enumDescriptions: - - Unspecified commitment plan. - - No commitment plan (on-demand usage). - - 1 year commitment (monthly payments). - - 3 year commitment (monthly payments). - - 1 year commitment (upfront payment). - - 3 years commitment (upfront payment). + - Unspecified. + - The source is active and ready to be used. + - In the process of being deleted. + - >- + Source is in an invalid state. Asset frames reported to it will be + ignored. + updateTime: + format: google-datetime + readOnly: true + description: Output only. The timestamp when the source was last updated. + type: string + pendingFrameCount: + type: integer + format: int32 + description: Output only. Number of frames that are still being processed. + readOnly: true + displayName: + type: string + description: User-friendly display name. + errorFrameCount: + format: int32 + readOnly: true + description: >- + Output only. The number of frames that were reported by the source + and contained errors. + type: integer + name: + description: Output only. The full name of the source. + type: string + readOnly: true + managed: + type: boolean + description: If `true`, the source is managed by other service(s). + type: + description: Data source type. + type: string enum: - - COMMITMENT_PLAN_UNSPECIFIED - - ON_DEMAND - - COMMITMENT_1_YEAR_MONTHLY_PAYMENTS - - COMMITMENT_3_YEAR_MONTHLY_PAYMENTS - - COMMITMENT_1_YEAR_UPFRONT_PAYMENT - - COMMITMENT_3_YEAR_UPFRONT_PAYMENT - SoleTenancyPreferences: - id: SoleTenancyPreferences - description: Preferences concerning Sole Tenancy nodes and VMs. + - SOURCE_TYPE_UNKNOWN + - SOURCE_TYPE_UPLOAD + - SOURCE_TYPE_GUEST_OS_SCAN + - SOURCE_TYPE_INVENTORY_SCAN + - SOURCE_TYPE_CUSTOM + - SOURCE_TYPE_DISCOVERY_CLIENT + enumDescriptions: + - Unspecified + - Manually uploaded file (e.g. CSV) + - Guest-level info + - Inventory-level scan + - Third-party owned sources. + - Discovery clients + createTime: + format: google-datetime + description: Output only. The timestamp when the source was created. + type: string + readOnly: true + AggregationFrequency: type: object + description: Frequency distribution of all field values. + properties: {} + id: AggregationFrequency + SqlServerServerFlag: properties: - cpuOvercommitRatio: - description: >- - CPU overcommit ratio. Acceptable values are between 1.0 and 2.0 - inclusive. - type: number - format: double - hostMaintenancePolicy: - description: Sole Tenancy nodes maintenance policy. + value: type: string - enumDescriptions: - - Unspecified host maintenance policy. - - Default host maintenance policy. - - Restart in place host maintenance policy. - - Migrate within node group host maintenance policy. - enum: - - HOST_MAINTENANCE_POLICY_UNSPECIFIED - - HOST_MAINTENANCE_POLICY_DEFAULT - - HOST_MAINTENANCE_POLICY_RESTART_IN_PLACE - - HOST_MAINTENANCE_POLICY_MIGRATE_WITHIN_NODE_GROUP - commitmentPlan: - description: >- - Commitment plan to consider when calculating costs for virtual - machine insights and recommendations. If you are unsure which value - to set, a 3 year commitment plan is often a good value to start - with. + description: Required. The server flag value set by the user. + serverFlagName: + description: Required. The server flag name. + type: string + valueInUse: type: string - enumDescriptions: - - Unspecified commitment plan. - - No commitment plan (on-demand usage). - - 1 year commitment. - - 3 years commitment. - enum: - - COMMITMENT_PLAN_UNSPECIFIED - - ON_DEMAND - - COMMITMENT_1_YEAR - - COMMITMENT_3_YEAR - nodeTypes: description: >- - A list of sole tenant node types. An empty list means that all - possible node types will be considered. + Required. The server flag actual value. If `value_in_use` is + different from `value` it means that either the configuration change + was not applied or it is an expected behavior. See SQL Server + documentation for more details. + description: SQL Server server flag details. + type: object + id: SqlServerServerFlag + OpenFileList: + description: Open file list. + type: object + id: OpenFileList + properties: + entries: + items: + $ref: '#/components/schemas/OpenFileDetails' + type: array + description: Open file details entries. + ReportSummary: + properties: + allAssetsStats: + description: Aggregate statistics for all the assets across all the groups. + $ref: '#/components/schemas/ReportSummaryAssetAggregateStats' + groupFindings: type: array + description: Findings for each Group included in this report. items: - $ref: '#/components/schemas/SoleTenantNodeType' - SoleTenantNodeType: - id: SoleTenantNodeType - description: A Sole Tenant node type. + $ref: '#/components/schemas/ReportSummaryGroupFinding' + id: ReportSummary + type: object + description: >- + Describes the Summary view of a Report, which contains aggregated values + for all the groups and preference sets included in this Report. + ReportSummarySoleTenantNodeAllocation: + type: object + id: ReportSummarySoleTenantNodeAllocation + description: Represents the assets allocated to a specific Sole-Tenant node type. + properties: + allocatedAssetCount: + description: Count of assets allocated to these nodes + type: string + format: int64 + node: + description: Sole Tenant node type, e.g. "m3-node-128-3904" + $ref: '#/components/schemas/SoleTenantNodeType' + nodeCount: + type: string + format: int64 + description: Count of this node type to be provisioned + PostgreSqlSchemaDetails: + id: PostgreSqlSchemaDetails + properties: + postgresqlExtensions: + description: Optional. PostgreSql extensions. + type: array + items: + $ref: '#/components/schemas/PostgreSqlExtension' + foreignTablesCount: + description: Optional. PostgreSql foreign tables. + format: int32 + type: integer + type: object + description: Specific details for a PostgreSql schema. + DatabaseSchema: + description: Details of a database schema. + properties: + tablesSizeBytes: + format: int64 + description: Optional. The total size of tables in bytes. + type: string + schemaName: + type: string + description: Required. The name of the schema. + objects: + items: + $ref: '#/components/schemas/DatabaseObjects' + description: Optional. List of details of objects by category. + type: array + postgresql: + description: Optional. Details of a PostgreSql schema. + $ref: '#/components/schemas/PostgreSqlSchemaDetails' + mysql: + description: Optional. Details of a Mysql schema. + $ref: '#/components/schemas/MySqlSchemaDetails' + sqlServer: + $ref: '#/components/schemas/SqlServerSchemaDetails' + description: Optional. Details of a SqlServer schema. + id: DatabaseSchema + type: object + GenericInsight: + description: A generic insight about an asset. + id: GenericInsight type: object properties: - nodeName: + additionalInformation: description: >- - Name of the Sole Tenant node. Consult - https://cloud.google.com/compute/docs/nodes/sole-tenant-nodes + Output only. Additional information about the insight, each entry + can be a logical entry and must make sense if it is displayed with + line breaks between each entry. Text can contain md style links. + items: + type: string + type: array + readOnly: true + messageId: + format: int64 + readOnly: true type: string - Settings: - id: Settings - description: Describes the Migration Center settings related to the project. - type: object - properties: - name: - description: Output only. The name of the resource. + description: >- + Output only. Represents a globally unique message id for this + insight, can be used for localization purposes, in case message_code + is not yet known by the client use default_message instead. + defaultMessage: readOnly: true type: string - preferenceSet: - description: The preference set used by default for a project. + description: >- + Output only. In case message_code is not yet known by the client + default_message will be the message to be used instead. + DailyResourceUsageAggregationStats: + id: DailyResourceUsageAggregationStats + description: Statistical aggregation of samples for a single resource usage. + properties: + peak: + description: Peak usage value. + format: float + type: number + median: + format: float + type: number + description: Median usage value. + ninteyFifthPercentile: + description: 95th percentile usage value. + format: float + type: number + average: + format: float + type: number + description: Average usage value. + type: object + ListLocationsResponse: + description: The response message for Locations.ListLocations. + id: ListLocationsResponse + type: object + properties: + nextPageToken: type: string - disableCloudLogging: + description: The standard List next-page token. + locations: + type: array description: >- - Disable Cloud Logging for the Migration Center API. Users are billed - for the logs. - type: boolean - ReportConfig: - id: ReportConfig + A list of locations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Location' + Asset: description: >- - The groups and associated preference sets on which we can generate - reports. + An asset represents a resource in your environment. Asset types include + virtual machines and databases. + id: Asset type: object properties: + hideReason: + description: Optional. An optional reason for marking this asset as hidden. + type: string + insightList: + description: Output only. The list of insights associated with the asset. + $ref: '#/components/schemas/InsightList' + readOnly: true + databaseDeploymentDetails: + readOnly: true + $ref: '#/components/schemas/DatabaseDeploymentDetails' + description: Output only. Asset information specific for database deployments. + attributes: + type: object + additionalProperties: + type: string + description: Generic asset attributes. + databaseDetails: + $ref: '#/components/schemas/DatabaseDetails' + readOnly: true + description: Output only. Asset information specific for logical databases. name: - description: Output only. Name of resource. readOnly: true + description: Output only. The full name of the asset. type: string + hidden: + description: Optional. Indicates if the asset is hidden. + type: boolean + assignedGroups: + description: Output only. The list of groups that the asset is assigned to. + readOnly: true + type: array + items: + type: string + sources: + items: + type: string + readOnly: true + description: Output only. The list of sources contributing to the asset. + type: array createTime: - description: Output only. The timestamp when the resource was created. + format: google-datetime + description: Output only. The timestamp when the asset was created. + type: string readOnly: true + labels: + additionalProperties: + type: string + type: object + description: Labels as key value pairs. + title: type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the resource was last updated. readOnly: true + description: Output only. Server generated human readable name of the asset. + updateTime: + description: Output only. The timestamp when the asset was last updated. type: string + readOnly: true + format: google-datetime + hideTime: + readOnly: true + description: Output only. The timestamp when the asset was marked as hidden. format: google-datetime - displayName: - description: User-friendly display name. Maximum length is 63 characters. type: string - description: - description: Free-text description. + machineDetails: + readOnly: true + description: >- + Output only. Asset information specific for virtual and physical + machines. + $ref: '#/components/schemas/MachineDetails' + performanceData: + description: Output only. Performance data for the asset. + $ref: '#/components/schemas/AssetPerformanceData' + readOnly: true + ReportSummarySoleTenantFinding: + type: object + description: A set of findings that applies to assets destined for Sole-Tenant nodes. + properties: + allocatedRegions: + items: + type: string + description: Set of regions in which the assets are allocated + type: array + allocatedAssetCount: + description: Count of assets which are allocated type: string - groupPreferencesetAssignments: - description: Required. Collection of combinations of groups and preference sets. + format: int64 + nodeAllocations: type: array + description: Set of per-nodetype allocation records items: - $ref: '#/components/schemas/ReportConfigGroupPreferenceSetAssignment' - ReportConfigGroupPreferenceSetAssignment: - id: ReportConfigGroupPreferenceSetAssignment - description: Represents a combination of a group with a preference set. + $ref: '#/components/schemas/ReportSummarySoleTenantNodeAllocation' + id: ReportSummarySoleTenantFinding + FileValidationReport: + description: >- + A resource that aggregates the validation errors found in an import job + file. type: object + id: FileValidationReport properties: - group: - description: Required. Name of the group. - type: string - preferenceSet: - description: Required. Name of the Preference Set. + partialReport: + type: boolean + description: >- + Flag indicating that processing was aborted due to maximum number of + errors. + fileName: + description: The name of the file. type: string + fileErrors: + description: List of file level errors. + items: + $ref: '#/components/schemas/ImportError' + type: array + rowErrors: + type: array + description: Partial list of rows that encountered validation error. + items: + $ref: '#/components/schemas/ImportRowError' ListReportConfigsResponse: id: ListReportConfigsResponse + properties: + nextPageToken: + type: string + description: A token identifying a page of results the server should return. + unreachable: + description: Locations that could not be reached. + type: array + items: + type: string + reportConfigs: + type: array + items: + $ref: '#/components/schemas/ReportConfig' + description: A list of report configs. + type: object description: Response message for listing report configs. + AddAssetsToGroupRequest: + description: A request to add assets to a group. + id: AddAssetsToGroupRequest + properties: + assets: + $ref: '#/components/schemas/AssetList' + description: >- + Required. List of assets to be added. The maximum number of assets + that can be added in a single request is 2000. + allowExisting: + type: boolean + description: >- + Optional. When this value is set to `false` and one of the given + assets is already an existing member of the group, the operation + fails with an `Already Exists` error. When set to `true` this + situation is silently ignored by the server. Default value is + `false`. + requestId: + type: string + description: >- + Optional. An optional request ID to identify requests. Specify a + unique request ID so that if you must retry your request, the server + will know to ignore the request if it has already been completed. + The server will guarantee that for at least 60 minutes after the + first request. For example, consider a situation where you make an + initial request and the request times out. If you make the request + again with the same request ID, the server can check if original + operation with the same request ID was received, and if so, will + ignore the second request. This prevents clients from accidentally + creating duplicate commitments. The request ID must be a valid UUID + with the exception that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). type: object - properties: - reportConfigs: - description: A list of report configs. - type: array - items: - $ref: '#/components/schemas/ReportConfig' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - Report: - id: Report - description: Report represents a point-in-time rendering of the ReportConfig results. + AwsRds: + id: AwsRds + description: Specific details for an AWS RDS database deployment. + type: object + properties: {} + ImportJob: + description: A resource that represents the background job that imports asset frames. + id: ImportJob type: object properties: - name: - description: Output only. Name of resource. - readOnly: true + assetSource: type: string + description: Required. Reference to a source. createTime: - description: Output only. Creation timestamp. - readOnly: true + description: Output only. The timestamp when the import job was created. type: string - format: google-datetime - updateTime: - description: Output only. Last update timestamp. readOnly: true - type: string format: google-datetime displayName: - description: User-friendly display name. Maximum length is 63 characters. type: string - description: - description: Free-text description. + description: >- + Optional. User-friendly display name. Maximum length is 256 + characters. + executionReport: + $ref: '#/components/schemas/ExecutionReport' + description: Output only. The report with the results of running the import job. + readOnly: true + name: + description: Output only. The full name of the import job. + readOnly: true type: string - type: - description: Report type. + updateTime: + description: Output only. The timestamp when the import job was last updated. + format: google-datetime + readOnly: true type: string - enumDescriptions: - - Default Report type. - - Total cost of ownership Report type. - enum: - - TYPE_UNSPECIFIED - - TOTAL_COST_OF_OWNERSHIP state: - description: Report creation state. - type: string + readOnly: true + description: Output only. The state of the import job. enumDescriptions: - - Default Report creation state. - - Creating Report. - - Successfully created Report. - - Failed to create Report. + - Default value. + - The import job is pending. + - The processing of the import job is ongoing. + - The import job processing has completed. + - The import job failed to be processed. + - The import job is being validated. + - The import job contains blocking errors. + - The validation of the job completed with no blocking errors. enum: - - STATE_UNSPECIFIED - - PENDING - - SUCCEEDED - - FAILED - summary: - description: Output only. Summary view of the Report. - readOnly: true - $ref: '#/components/schemas/ReportSummary' - ReportSummary: - id: ReportSummary - description: >- - Describes the Summary view of a Report, which contains aggregated values - for all the groups and preference sets included in this Report. - type: object - properties: - allAssetsStats: - description: Aggregate statistics for all the assets across all the groups. - $ref: '#/components/schemas/ReportSummaryAssetAggregateStats' - groupFindings: - description: Findings for each Group included in this report. - type: array - items: - $ref: '#/components/schemas/ReportSummaryGroupFinding' - ReportSummaryAssetAggregateStats: - id: ReportSummaryAssetAggregateStats - description: Aggregate statistics for a collection of assets. - type: object - properties: - totalMemoryBytes: - description: Sum of the memory in bytes of all the assets in this collection. - type: string - format: int64 - totalStorageBytes: - description: >- - Sum of persistent storage in bytes of all the assets in this - collection. - type: string - format: int64 - totalCores: - description: Sum of the CPU core count of all the assets in this collection. - type: string - format: int64 - totalAssets: - description: Count of the number of unique assets in this collection. - type: string - format: int64 - memoryUtilizationChart: - description: Total memory split into Used/Free buckets. - $ref: '#/components/schemas/ReportSummaryUtilizationChartData' - storageUtilizationChart: - description: Total memory split into Used/Free buckets. - $ref: '#/components/schemas/ReportSummaryUtilizationChartData' - operatingSystem: - description: Count of assets grouped by Operating System families. - $ref: '#/components/schemas/ReportSummaryChartData' - coreCountHistogram: - description: Histogram showing a distribution of logical CPU core counts. - $ref: '#/components/schemas/ReportSummaryHistogramChartData' - memoryBytesHistogram: - description: Histogram showing a distribution of memory sizes. - $ref: '#/components/schemas/ReportSummaryHistogramChartData' - storageBytesHistogram: - description: Histogram showing a distribution of storage sizes. - $ref: '#/components/schemas/ReportSummaryHistogramChartData' - ReportSummaryUtilizationChartData: - id: ReportSummaryUtilizationChartData - description: >- - Utilization Chart is a specific type of visualization which displays a - metric classified into "Used" and "Free" buckets. - type: object - properties: - used: - description: Aggregate value which falls into the "Used" bucket. + - IMPORT_JOB_STATE_UNSPECIFIED + - IMPORT_JOB_STATE_PENDING + - IMPORT_JOB_STATE_RUNNING + - IMPORT_JOB_STATE_COMPLETED + - IMPORT_JOB_STATE_FAILED + - IMPORT_JOB_STATE_VALIDATING + - IMPORT_JOB_STATE_FAILED_VALIDATION + - IMPORT_JOB_STATE_READY type: string - format: int64 - free: - description: Aggregate value which falls into the "Free" bucket. + completeTime: type: string - format: int64 - ReportSummaryChartData: - id: ReportSummaryChartData - description: Describes a collection of data points rendered as a Chart. - type: object - properties: - dataPoints: + readOnly: true + description: Output only. The timestamp when the import job was completed. + format: google-datetime + validationReport: description: >- - Each data point in the chart is represented as a name-value pair - with the name being the x-axis label, and the value being the y-axis - value. - type: array - items: - $ref: '#/components/schemas/ReportSummaryChartDataDataPoint' - ReportSummaryChartDataDataPoint: - id: ReportSummaryChartDataDataPoint - description: Describes a single data point in the Chart. + Output only. The report with the validation results of the import + job. + $ref: '#/components/schemas/ValidationReport' + readOnly: true + labels: + type: object + additionalProperties: + type: string + description: Labels as key value pairs. + ComputeEnginePreferences: type: object properties: - label: - description: The X-axis label for this data point. + persistentDiskType: type: string - value: - description: The Y-axis value for this data point. - type: number - format: double - ReportSummaryHistogramChartData: - id: ReportSummaryHistogramChartData - description: >- - A Histogram Chart shows a distribution of values into buckets, showing a - count of values which fall into a bucket. - type: object - properties: - buckets: description: >- - Buckets in the histogram. There will be `n+1` buckets matching `n` - lower bounds in the request. The first bucket will be from -infinity - to the first bound. Subsequent buckets will be between one bound and - the next. The final bucket will be from the final bound to infinity. - type: array - items: - $ref: '#/components/schemas/ReportSummaryHistogramChartDataBucket' - ReportSummaryHistogramChartDataBucket: - id: ReportSummaryHistogramChartDataBucket - description: >- - A histogram bucket with a lower and upper bound, and a count of items - with a field value between those bounds. The lower bound is inclusive - and the upper bound is exclusive. Lower bound may be -infinity and upper - bound may be infinity. + Persistent disk type to use. If unspecified (default), all types are + considered, based on available usage data. + enum: + - PERSISTENT_DISK_TYPE_UNSPECIFIED + - PERSISTENT_DISK_TYPE_STANDARD + - PERSISTENT_DISK_TYPE_BALANCED + - PERSISTENT_DISK_TYPE_SSD + enumDescriptions: + - Unspecified. Fallback to default value based on context. + - Standard HDD Persistent Disk. + - Balanced Persistent Disk. + - SSD Persistent Disk. + licenseType: + description: >- + License type to consider when calculating costs for virtual machine + insights and recommendations. If unspecified, costs are calculated + based on the default licensing plan. + enumDescriptions: + - Unspecified (default value). + - >- + Default Google Cloud licensing plan. Licensing is charged per + usage. This a good value to start with. + - Bring-your-own-license (BYOL) plan. User provides the OS license. + enum: + - LICENSE_TYPE_UNSPECIFIED + - LICENSE_TYPE_DEFAULT + - LICENSE_TYPE_BRING_YOUR_OWN_LICENSE + type: string + machinePreferences: + $ref: '#/components/schemas/MachinePreferences' + description: >- + Preferences concerning the machine types to consider on Compute + Engine. + id: ComputeEnginePreferences + description: The user preferences relating to Compute Engine target platform. + Report: type: object + description: Report represents a point-in-time rendering of the ReportConfig results. properties: - lowerBound: - description: Lower bound - inclusive. - type: string - format: int64 - upperBound: - description: Upper bound - exclusive. + name: + description: Output only. Name of resource. + readOnly: true type: string - format: int64 - count: - description: Count of items in the bucket. + state: type: string - format: int64 - ReportSummaryGroupFinding: - id: ReportSummaryGroupFinding - description: Summary Findings for a specific Group. - type: object - properties: - displayName: - description: Display Name for the Group. + enumDescriptions: + - Default Report creation state. + - Creating Report. + - Successfully created Report. + - Failed to create Report. + enum: + - STATE_UNSPECIFIED + - PENDING + - SUCCEEDED + - FAILED + description: Report creation state. + updateTime: + readOnly: true + description: Output only. Last update timestamp. + format: google-datetime type: string - description: - description: Description for the Group. + createTime: + readOnly: true + format: google-datetime type: string - assetAggregateStats: - description: Summary statistics for all the assets in this group. - $ref: '#/components/schemas/ReportSummaryAssetAggregateStats' - overlappingAssetCount: - description: This field is deprecated, do not rely on it having a value. - deprecated: true + description: Output only. Creation timestamp. + type: + description: Report type. + enum: + - TYPE_UNSPECIFIED + - TOTAL_COST_OF_OWNERSHIP + enumDescriptions: + - Default Report type. + - Total cost of ownership Report type. type: string - format: int64 - preferenceSetFindings: - description: Findings for each of the PreferenceSets for this group. - type: array - items: - $ref: '#/components/schemas/ReportSummaryGroupPreferenceSetFinding' - ReportSummaryGroupPreferenceSetFinding: - id: ReportSummaryGroupPreferenceSetFinding - description: Summary Findings for a specific Group/PreferenceSet combination. - type: object - properties: + summary: + $ref: '#/components/schemas/ReportSummary' + readOnly: true + description: Output only. Summary view of the Report. displayName: - description: Display Name of the Preference Set type: string + description: User-friendly display name. Maximum length is 63 characters. description: - description: Description for the Preference Set. - type: string - machinePreferences: - description: A set of preferences that applies to all machines in the context. - $ref: '#/components/schemas/VirtualMachinePreferences' - monthlyCostTotal: - description: Total monthly cost for this preference set. - $ref: '#/components/schemas/Money' - monthlyCostCompute: - description: Compute monthly cost for this preference set. - $ref: '#/components/schemas/Money' - monthlyCostOsLicense: - description: Licensing monthly cost for this preference set. - $ref: '#/components/schemas/Money' - monthlyCostNetworkEgress: - description: Network Egress monthly cost for this preference set. - $ref: '#/components/schemas/Money' - monthlyCostStorage: - description: Storage monthly cost for this preference set. - $ref: '#/components/schemas/Money' - monthlyCostOther: - description: Miscellaneous monthly cost for this preference set. - $ref: '#/components/schemas/Money' - computeEngineFinding: - description: >- - A set of findings that applies to Compute Engine machines in the - input. - $ref: '#/components/schemas/ReportSummaryComputeEngineFinding' - vmwareEngineFinding: - description: A set of findings that applies to VMWare machines in the input. - $ref: '#/components/schemas/ReportSummaryVmwareEngineFinding' - soleTenantFinding: - description: A set of findings that applies to Sole-Tenant machines in the input. - $ref: '#/components/schemas/ReportSummarySoleTenantFinding' - Money: - id: Money - description: Represents an amount of money with its currency type. - type: object - properties: - currencyCode: - description: The three-letter currency code defined in ISO 4217. - type: string - units: - description: >- - The whole units of the amount. For example if `currencyCode` is - `"USD"`, then 1 unit is one US dollar. + description: Free-text description. type: string - format: int64 - nanos: - description: >- - Number of nano (10^-9) units of the amount. The value must be - between -999,999,999 and +999,999,999 inclusive. If `units` is - positive, `nanos` must be positive or zero. If `units` is zero, - `nanos` can be positive, zero, or negative. If `units` is negative, - `nanos` must be negative or zero. For example $-1.75 is represented - as `units`=-1 and `nanos`=-750,000,000. - type: integer - format: int32 - ReportSummaryComputeEngineFinding: - id: ReportSummaryComputeEngineFinding - description: A set of findings that applies to assets destined for Compute Engine. + id: Report + GuestInstalledApplicationList: + description: Guest installed application list. type: object + id: GuestInstalledApplicationList properties: - allocatedRegions: - description: Set of regions in which the assets were allocated. - type: array - items: - type: string - allocatedAssetCount: - description: Count of assets which were allocated. - type: string - format: int64 - machineSeriesAllocations: - description: Distribution of assets based on the Machine Series. + entries: type: array items: - $ref: '#/components/schemas/ReportSummaryMachineSeriesAllocation' - allocatedDiskTypes: - description: Set of disk types allocated to assets. + $ref: '#/components/schemas/GuestInstalledApplication' + description: Application entries. + Frames: + description: Collection of frame data. + type: object + properties: + framesData: + description: A repeated field of asset data. type: array items: - type: string - enumDescriptions: - - Unspecified. Fallback to default value based on context. - - Standard HDD Persistent Disk. - - Balanced Persistent Disk. - - SSD Persistent Disk. - enum: - - PERSISTENT_DISK_TYPE_UNSPECIFIED - - PERSISTENT_DISK_TYPE_STANDARD - - PERSISTENT_DISK_TYPE_BALANCED - - PERSISTENT_DISK_TYPE_SSD - ReportSummaryMachineSeriesAllocation: - id: ReportSummaryMachineSeriesAllocation - description: >- - Represents a data point tracking the count of assets allocated for a - specific Machine Series. - type: object + $ref: '#/components/schemas/AssetFrame' + id: Frames + DatabaseInstance: properties: - machineSeries: - description: The Machine Series (e.g. "E2", "N2") - $ref: '#/components/schemas/MachineSeries' - allocatedAssetCount: - description: Count of assets allocated to this machine series. + role: + enumDescriptions: + - Unspecified. + - Primary. + - Secondary. + - Arbiter. + description: Optional. The instance role in the database engine. + enum: + - ROLE_UNSPECIFIED + - PRIMARY + - SECONDARY + - ARBITER type: string - format: int64 - ReportSummaryVmwareEngineFinding: - id: ReportSummaryVmwareEngineFinding - description: A set of findings that applies to assets destined for VMWare Engine. + network: + description: Optional. Networking details. + $ref: '#/components/schemas/DatabaseInstanceNetwork' + instanceName: + description: Optional. The instance's name. + type: string + id: DatabaseInstance type: object + description: Details of a database instance. + ReportSummaryHistogramChartData: properties: - allocatedRegions: - description: Set of regions in which the assets were allocated - type: array - items: - type: string - allocatedAssetCount: - description: Count of assets which are allocated - type: string - format: int64 - nodeAllocations: - description: Set of per-nodetype allocation records + buckets: type: array + description: >- + Buckets in the histogram. There will be `n+1` buckets matching `n` + lower bounds in the request. The first bucket will be from -infinity + to the first bound. Subsequent buckets will be between one bound and + the next. The final bucket will be from the final bound to infinity. items: - $ref: '#/components/schemas/ReportSummaryVmwareNodeAllocation' - ReportSummaryVmwareNodeAllocation: - id: ReportSummaryVmwareNodeAllocation - description: Represents assets allocated to a specific VMWare Node type. + $ref: '#/components/schemas/ReportSummaryHistogramChartDataBucket' + id: ReportSummaryHistogramChartData type: object - properties: - vmwareNode: - description: VMWare node type, e.g. "ve1-standard-72" - $ref: '#/components/schemas/ReportSummaryVmwareNode' - nodeCount: - description: Count of this node type to be provisioned - type: string - format: int64 - allocatedAssetCount: - description: Count of assets allocated to these nodes - type: string - format: int64 - ReportSummaryVmwareNode: - id: ReportSummaryVmwareNode - description: A VMWare Engine Node + description: >- + A Histogram Chart shows a distribution of values into buckets, showing a + count of values which fall into a bucket. + Status: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + id: Status type: object properties: - code: + details: + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - Code to identify VMware Engine node series, e.g. "ve1-standard-72". - Based on the displayName of - cloud.google.com/vmware-engine/docs/reference/rest/v1/projects.locations.nodeTypes + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + message: type: string - ReportSummarySoleTenantFinding: - id: ReportSummarySoleTenantFinding - description: A set of findings that applies to assets destined for Sole-Tenant nodes. + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + type: integer + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + ReportSummaryAssetAggregateStats: + description: Aggregate statistics for a collection of assets. type: object + id: ReportSummaryAssetAggregateStats properties: - allocatedRegions: - description: Set of regions in which the assets are allocated - type: array - items: - type: string - allocatedAssetCount: - description: Count of assets which are allocated + totalCores: + format: int64 + description: Sum of the CPU core count of all the assets in this collection. type: string + memoryBytesHistogram: + description: Histogram showing a distribution of memory sizes. + $ref: '#/components/schemas/ReportSummaryHistogramChartData' + operatingSystem: + description: Count of assets grouped by Operating System families. + $ref: '#/components/schemas/ReportSummaryChartData' + coreCountHistogram: + description: Histogram showing a distribution of logical CPU core counts. + $ref: '#/components/schemas/ReportSummaryHistogramChartData' + totalMemoryBytes: + description: Sum of the memory in bytes of all the assets in this collection. format: int64 - nodeAllocations: - description: Set of per-nodetype allocation records - type: array - items: - $ref: '#/components/schemas/ReportSummarySoleTenantNodeAllocation' - ReportSummarySoleTenantNodeAllocation: - id: ReportSummarySoleTenantNodeAllocation - description: Represents the assets allocated to a specific Sole-Tenant node type. - type: object - properties: - node: - description: Sole Tenant node type, e.g. "m3-node-128-3904" - $ref: '#/components/schemas/SoleTenantNodeType' - nodeCount: - description: Count of this node type to be provisioned type: string + totalAssets: format: int64 - allocatedAssetCount: - description: Count of assets allocated to these nodes + description: Count of the number of unique assets in this collection. type: string + memoryUtilizationChart: + description: Total memory split into Used/Free buckets. + $ref: '#/components/schemas/ReportSummaryUtilizationChartData' + storageUtilizationChart: + $ref: '#/components/schemas/ReportSummaryUtilizationChartData' + description: Total memory split into Used/Free buckets. + totalStorageBytes: format: int64 - ListReportsResponse: - id: ListReportsResponse - description: Response message for listing Reports. + type: string + description: >- + Sum of persistent storage in bytes of all the assets in this + collection. + storageBytesHistogram: + $ref: '#/components/schemas/ReportSummaryHistogramChartData' + description: Histogram showing a distribution of storage sizes. + RunningProcess: + description: Guest OS running process details. type: object properties: - reports: - description: The list of Reports. - type: array - items: - $ref: '#/components/schemas/Report' - nextPageToken: - description: A token identifying a page of results the server should return. + exePath: type: string - unreachable: - description: Locations that could not be reached. - type: array - items: + description: Process binary path. + cmdline: + description: Process full command line. + type: string + attributes: + description: Process extended attributes. + additionalProperties: type: string - DiscoveryClient: - id: DiscoveryClient - description: Represents an installed Migration Center Discovery Client instance. - type: object + type: object + pid: + description: Process ID. + format: int64 + type: string + user: + type: string + description: User running the process. + id: RunningProcess + OperationMetadata: + description: Represents the metadata of the long-running operation. + id: OperationMetadata properties: - name: - description: Output only. Identifier. Full name of this discovery client. + apiVersion: readOnly: true type: string - createTime: - description: Output only. Time when the discovery client was first created. - readOnly: true + description: Output only. API version used to start the operation. + verb: type: string - format: google-datetime - updateTime: + description: Output only. Name of the verb executed by the operation. + readOnly: true + requestedCancellation: description: >- - Output only. Time when the discovery client was last updated. This - value is not updated by heartbeats, to view the last heartbeat time - please refer to the `heartbeat_time` field. + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have been cancelled successfully + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. readOnly: true + type: boolean + endTime: type: string format: google-datetime - source: - description: >- - Required. Immutable. Full name of the source object associated with - this discovery client. + description: Output only. The time the operation finished running. + readOnly: true + createTime: + description: Output only. The time the operation was created. + format: google-datetime + type: string + readOnly: true + target: type: string - serviceAccount: description: >- - Required. Service account used by the discovery client for various + Output only. Server-defined resource path for the target of the operation. - type: string - signalsEndpoint: - description: Output only. This field is intended for internal use. readOnly: true + statusMessage: + readOnly: true + type: string + description: Output only. Human-readable status of the operation, if any. + type: object + RunningService: + id: RunningService + description: Guest OS running service details. + properties: + startMode: + enumDescriptions: + - Start mode unspecified. + - The service is a device driver started by the system loader. + - >- + The service is a device driver started by the IOInitSystem + function. + - The service is started by the operating system, at system start-up + - The service is started only manually, by a user. + - The service is disabled. + enum: + - START_MODE_UNSPECIFIED + - BOOT + - SYSTEM + - AUTO + - MANUAL + - DISABLED + type: string + description: Service start mode (OS-agnostic). + pid: + description: Service pid. + format: int64 + type: string + exePath: + description: Service binary path. + type: string + state: + enumDescriptions: + - Service state unspecified. + - Service is active. + - Service is paused. + - Service is stopped. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - PAUSED + - STOPPED + description: Service state (OS-agnostic). + type: string + cmdline: + type: string + description: Service command line. + serviceName: + type: string + description: Service name. + type: object + PhysicalPlatformDetails: + type: object + description: Platform specific details for Physical Machines. + id: PhysicalPlatformDetails + properties: + location: + description: >- + Free text representation of the machine location. The format of this + field should not be relied on. Different machines in the same + location may have different string values for this field. + type: string + hyperthreading: + type: string + enum: + - HYPERTHREADING_STATUS_UNSPECIFIED + - HYPERTHREADING_STATUS_DISABLED + - HYPERTHREADING_STATUS_ENABLED + enumDescriptions: + - Simultaneous Multithreading status unknown. + - Simultaneous Multithreading is disabled or unavailable. + - Simultaneous Multithreading is enabled. + description: Whether the machine is hyperthreaded. + GuestOsDetails: + type: object + properties: + version: + description: The version of the operating system. type: string - displayName: - description: Optional. Free text display name. Maximum length is 63 characters. + family: + enum: + - OS_FAMILY_UNKNOWN + - OS_FAMILY_WINDOWS + - OS_FAMILY_LINUX + - OS_FAMILY_UNIX + enumDescriptions: + - '' + - Microsoft Windows Server and Desktop. + - Various Linux flavors. + - Non-Linux Unix flavors. type: string - description: - description: Optional. Free text description. Maximum length is 1000 characters. + description: What family the OS belong to, if known. + runtime: + $ref: '#/components/schemas/GuestRuntimeDetails' + description: Runtime information. + config: + description: OS and app configuration. + $ref: '#/components/schemas/GuestConfigDetails' + osName: + description: The name of the operating system. type: string - labels: - description: Optional. Labels as key value pairs. - type: object - additionalProperties: - type: string - state: - description: Output only. Current state of the discovery client. + id: GuestOsDetails + description: Information from Guest-level collections. + MigrationInsight: + type: object + id: MigrationInsight + properties: + fit: + $ref: '#/components/schemas/FitDescriptor' readOnly: true - type: string - enumDescriptions: - - Client state is unspecified. - - Client is active. - - Client is offline. - - Client is in a degraded state. See the `errors` field for details. - - Client has expired. See the expire_time field for the expire time. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - OFFLINE - - DEGRADED - - EXPIRED - version: - description: Output only. Client version, as reported in recent heartbeat. + description: >- + Output only. Description of how well the asset this insight is + associated with fits the proposed migration. + computeEngineTarget: + $ref: '#/components/schemas/ComputeEngineMigrationTarget' readOnly: true + description: Output only. A Google Compute Engine target. + description: An insight about potential migrations for an asset. + MySqlProperty: + properties: + numericValue: + description: Required. The property numeric value. + format: int64 type: string - errors: - description: Output only. Errors affecting client functionality. - readOnly: true + property: + type: string + description: Required. The property name. + enabled: + type: boolean + description: Required. The property is enabled. + id: MySqlProperty + description: MySql property. + type: object + RunningProcessList: + id: RunningProcessList + type: object + description: List of running guest OS processes. + properties: + entries: + description: Running process entries. type: array items: - $ref: '#/components/schemas/Status' - heartbeatTime: - description: >- - Output only. Last heartbeat time. Healthy clients are expected to - send heartbeats regularly (normally every few minutes). - readOnly: true + $ref: '#/components/schemas/RunningProcess' + ImportRowErrorArchiveErrorDetails: + description: Error details for an archive file. + id: ImportRowErrorArchiveErrorDetails + properties: + filePath: type: string - format: google-datetime - expireTime: + readOnly: true description: >- - Optional. Client expiration time in UTC. If specified, the backend - will not accept new frames after this time. + Output only. The file path inside the archive where the error was + detected. + csvError: + description: Error details for a CSV file. + $ref: '#/components/schemas/ImportRowErrorCsvErrorDetails' + type: object + GuestConfigDetails: + id: GuestConfigDetails + properties: + selinuxMode: + description: Security-Enhanced Linux (SELinux) mode. type: string - format: google-datetime - ttl: - description: >- - Optional. Input only. Client time-to-live. If specified, the backend - will not accept new frames after this time. This field is input - only. The derived expiration time is provided as output through the - `expire_time` field. + enumDescriptions: + - SELinux mode unknown or unspecified. + - SELinux is disabled. + - SELinux permissive mode. + - SELinux enforcing mode. + enum: + - SE_LINUX_MODE_UNSPECIFIED + - SE_LINUX_MODE_DISABLED + - SE_LINUX_MODE_PERMISSIVE + - SE_LINUX_MODE_ENFORCING + hosts: + description: Hosts file (/etc/hosts). + $ref: '#/components/schemas/HostsEntryList' + fstab: + description: Mount list (Linux fstab). + $ref: '#/components/schemas/FstabEntryList' + nfsExports: + description: NFS exports. + $ref: '#/components/schemas/NfsExportList' + issue: + description: OS issue (typically /etc/issue in Linux). type: string - format: google-duration - ListDiscoveryClientsResponse: - id: ListDiscoveryClientsResponse - description: Response message for listing discovery clients. + description: Guest OS config information. + type: object + ListPreferenceSetsResponse: type: object + id: ListPreferenceSetsResponse properties: - discoveryClients: - description: List of discovery clients. - type: array - items: - $ref: '#/components/schemas/DiscoveryClient' nextPageToken: - description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. + description: A token identifying a page of results the server should return. type: string + preferenceSets: + items: + $ref: '#/components/schemas/PreferenceSet' + type: array + description: The list of PreferenceSets unreachable: - description: Locations that could not be reached. type: array + description: Locations that could not be reached. items: type: string - SendDiscoveryClientHeartbeatRequest: - id: SendDiscoveryClientHeartbeatRequest - description: A request to send a discovery client heartbeat. - type: object + description: Response message for listing preference sets. + MemoryUsageSample: properties: - version: - description: Optional. Client application version. - type: string - errors: - description: Optional. Errors affecting client functionality. - type: array - items: - $ref: '#/components/schemas/Status' - Relation: - id: Relation - description: Message representing a relation between 2 resource. + utilizedPercentage: + type: number + description: >- + Percentage of system memory utilized. Must be in the interval [0, + 100]. + format: float + type: object + id: MemoryUsageSample + description: Memory usage sample. + Settings: + id: Settings type: object properties: name: - description: Output only. Identifier. The identifier of the relation. + description: Output only. The name of the resource. readOnly: true type: string - srcAsset: - description: Output only. The source asset name in the relation. - readOnly: true + disableCloudLogging: + description: >- + Disable Cloud Logging for the Migration Center API. Users are billed + for the logs. + type: boolean + preferenceSet: + description: The preference set used by default for a project. type: string - dstAsset: - description: Output only. The destination asset name in the relation. - readOnly: true + description: Describes the Migration Center settings related to the project. + FrameViolationEntry: + properties: + field: + description: The field of the original frame where the violation occurred. type: string - type: - description: Optional. The type of the relation. + violation: + description: A message describing the violation. type: string - enumDescriptions: - - Default value. - - DBDeployment -> Database - - >- - A relation between a machine/VM and the database deployment it - hosts. - enum: - - TYPE_UNSPECIFIED - - LOGICAL_DATABASE - - DATABASE_DEPLOYMENT_HOSTING_SERVER - createTime: - description: Output only. The timestamp when the relation was created. + type: object + id: FrameViolationEntry + description: >- + A resource that contains a single violation of a reported `AssetFrame` + resource. + DatabaseDeploymentDetailsAggregatedStats: + properties: + databaseCount: readOnly: true - type: string - format: google-datetime - ListRelationsResponse: - id: ListRelationsResponse - description: Response message for listing relations. + description: Output only. The number of databases in the deployment. + type: integer + format: int32 + id: DatabaseDeploymentDetailsAggregatedStats + description: Aggregated stats for the database deployment. + type: object + DailyResourceUsageAggregationNetwork: + type: object + properties: + ingressBps: + $ref: '#/components/schemas/DailyResourceUsageAggregationStats' + description: Network ingress in B/s. + egressBps: + description: Network egress in B/s. + $ref: '#/components/schemas/DailyResourceUsageAggregationStats' + description: Statistical aggregation of network usage. + id: DailyResourceUsageAggregationNetwork + ReportSummaryChartData: + id: ReportSummaryChartData type: object + description: Describes a collection of data points rendered as a Chart. properties: - relations: - description: A list of relations. + dataPoints: type: array + description: >- + Each data point in the chart is represented as a name-value pair + with the name being the x-axis label, and the value being the y-axis + value. items: - $ref: '#/components/schemas/Relation' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object + $ref: '#/components/schemas/ReportSummaryChartDataDataPoint' + NetworkAdapterList: properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. + entries: + description: Network adapter entries. type: array items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + $ref: '#/components/schemas/NetworkAdapterDetails' + description: List of network adapters. + id: NetworkAdapterList type: object + ValidationReport: + description: A resource that aggregates errors across import job files. properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. + jobErrors: + description: List of job level errors. + items: + $ref: '#/components/schemas/ImportError' + type: array + fileValidations: + items: + $ref: '#/components/schemas/FileValidationReport' + description: List of errors found in files. + type: array type: object + id: ValidationReport + DiskEntryList: properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - target: - description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true - type: string - requestedCancellation: - description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been cancelled successfully - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string + entries: + type: array + items: + $ref: '#/components/schemas/DiskEntry' + description: Disk entries. + description: VM disks. + type: object + id: DiskEntryList parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto callback: description: JSONP in: query name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string key: description: >- API key. Your API key identifies your project and provides you with API @@ -4199,18 +4221,12 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: oauth_token + name: upload_protocol schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -4220,10 +4236,22 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: upload_protocol + name: prettyPrint + schema: + type: boolean + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields schema: type: string uploadType: @@ -4241,6 +4269,22 @@ components: enum: - '1' - '2' + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string + alt: + description: Data format for response. + in: query + name: alt + schema: + type: string + enum: + - json + - media + - proto x-stackQL-resources: settings: id: google.migrationcenter.settings @@ -4295,54 +4339,39 @@ components: update: [] replace: [] delete: [] - operations: - id: google.migrationcenter.operations - name: operations - title: Operations + assets: + id: google.migrationcenter.assets + name: assets + title: Assets methods: - list: + report_asset_frames: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assets:reportAssetFrames/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assets~1{assetsId}/patch response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assets~1{assetsId}/delete response: mediaType: application/json openAPIDocKey: '200' - cancel: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assets~1{assetsId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' - insert: [] - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - assets: - id: google.migrationcenter.assets - name: assets - title: Assets - methods: list: operation: $ref: >- @@ -4351,119 +4380,134 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.assets - get: + batch_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assets~1{assetsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assets:batchDelete/post response: mediaType: application/json openAPIDocKey: '200' - patch: + aggregate_values: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assets~1{assetsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assets:aggregateValues/post + response: + mediaType: application/json + openAPIDocKey: '200' + batch_update: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assets:batchUpdate/post response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/assets/methods/get' + - $ref: '#/components/x-stackQL-resources/assets/methods/list' + insert: [] + update: + - $ref: '#/components/x-stackQL-resources/assets/methods/patch' + - $ref: '#/components/x-stackQL-resources/assets/methods/batch_update' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/assets/methods/delete' + - $ref: '#/components/x-stackQL-resources/assets/methods/batch_delete' + operations: + id: google.migrationcenter.operations + name: operations + title: Operations + methods: delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assets~1{assetsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - batch_update: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assets:batchUpdate/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - batch_delete: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assets:batchDelete/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - report_asset_frames: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assets:reportAssetFrames/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - aggregate_values: + objectKey: $.unreachable + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1assets:aggregateValues/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/assets/methods/get' - - $ref: '#/components/x-stackQL-resources/assets/methods/list' + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' insert: [] - update: - - $ref: '#/components/x-stackQL-resources/assets/methods/patch' - - $ref: '#/components/x-stackQL-resources/assets/methods/batch_update' + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/assets/methods/delete' - - $ref: '#/components/x-stackQL-resources/assets/methods/batch_delete' + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' import_jobs: id: google.migrationcenter.import_jobs name: import_jobs title: Import_jobs methods: - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs~1{importJobsId}/get response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs~1{importJobsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.importJobs - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs~1{importJobsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs~1{importJobsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs~1{importJobsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs/post response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs~1{importJobsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs/get response: mediaType: application/json openAPIDocKey: '200' - validate: + objectKey: $.importJobs + run: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs~1{importJobsId}:validate/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs~1{importJobsId}:run/post response: mediaType: application/json openAPIDocKey: '200' - run: + validate: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs~1{importJobsId}:run/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs~1{importJobsId}:validate/post response: mediaType: application/json openAPIDocKey: '200' @@ -4497,21 +4541,21 @@ components: response: mediaType: application/json openAPIDocKey: '200' - list: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs~1{importJobsId}~1importDataFiles/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs~1{importJobsId}~1importDataFiles/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.importDataFiles - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs~1{importJobsId}~1importDataFiles/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1importJobs~1{importJobsId}~1importDataFiles/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.importDataFiles sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/import_data_files/methods/get' @@ -4522,238 +4566,188 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/import_data_files/methods/delete' - groups: - id: google.migrationcenter.groups - name: groups - title: Groups + preference_sets: + id: google.migrationcenter.preference_sets + name: preference_sets + title: Preference_sets methods: - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1groups/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1preferenceSets~1{preferenceSetsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.groups - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1groups/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1preferenceSets~1{preferenceSetsId}/delete response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1groups~1{groupsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1preferenceSets~1{preferenceSetsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1groups~1{groupsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1preferenceSets/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.preferenceSets + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1groups~1{groupsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1preferenceSets/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/groups/methods/get' - - $ref: '#/components/x-stackQL-resources/groups/methods/list' + - $ref: '#/components/x-stackQL-resources/preference_sets/methods/get' + - $ref: '#/components/x-stackQL-resources/preference_sets/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/groups/methods/create' + - $ref: '#/components/x-stackQL-resources/preference_sets/methods/create' update: - - $ref: '#/components/x-stackQL-resources/groups/methods/patch' + - $ref: '#/components/x-stackQL-resources/preference_sets/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/groups/methods/delete' - groups_assets: - id: google.migrationcenter.groups_assets - name: groups_assets - title: Groups_assets + - $ref: '#/components/x-stackQL-resources/preference_sets/methods/delete' + discovery_clients: + id: google.migrationcenter.discovery_clients + name: discovery_clients + title: Discovery_clients methods: - add_assets: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1groups~1{groupsId}:addAssets/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryClients/post response: mediaType: application/json openAPIDocKey: '200' - remove_assets: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1groups~1{groupsId}:removeAssets/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryClients/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: - - $ref: '#/components/x-stackQL-resources/groups_assets/methods/add_assets' - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/groups_assets/methods/remove_assets - sources: - id: google.migrationcenter.sources - name: sources - title: Sources - methods: - list: + objectKey: $.discoveryClients + send_heartbeat: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryClients~1{discoveryClientsId}:sendHeartbeat/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sources - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryClients~1{discoveryClientsId}/delete response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryClients~1{discoveryClientsId}/get response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryClients~1{discoveryClientsId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/sources/methods/get' - - $ref: '#/components/x-stackQL-resources/sources/methods/list' + - $ref: '#/components/x-stackQL-resources/discovery_clients/methods/get' + - $ref: '#/components/x-stackQL-resources/discovery_clients/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/sources/methods/create' + - $ref: '#/components/x-stackQL-resources/discovery_clients/methods/create' update: - - $ref: '#/components/x-stackQL-resources/sources/methods/patch' + - $ref: '#/components/x-stackQL-resources/discovery_clients/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/sources/methods/delete' - error_frames: - id: google.migrationcenter.error_frames - name: error_frames - title: Error_frames + - $ref: '#/components/x-stackQL-resources/discovery_clients/methods/delete' + reports: + id: google.migrationcenter.reports + name: reports + title: Reports methods: - list: + artifact_link: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}~1errorFrames/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reportConfigs~1{reportConfigsId}~1reports~1{reportsId}:artifactLink/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.errorFrames get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}~1errorFrames~1{errorFramesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/error_frames/methods/get' - - $ref: '#/components/x-stackQL-resources/error_frames/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - preference_sets: - id: google.migrationcenter.preference_sets - name: preference_sets - title: Preference_sets - methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1preferenceSets/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.preferenceSets - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1preferenceSets/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reportConfigs~1{reportConfigsId}~1reports~1{reportsId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1preferenceSets~1{preferenceSetsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reportConfigs~1{reportConfigsId}~1reports~1{reportsId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1preferenceSets~1{preferenceSetsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reportConfigs~1{reportConfigsId}~1reports/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.reports + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1preferenceSets~1{preferenceSetsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reportConfigs~1{reportConfigsId}~1reports/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/preference_sets/methods/get' - - $ref: '#/components/x-stackQL-resources/preference_sets/methods/list' + - $ref: '#/components/x-stackQL-resources/reports/methods/get' + - $ref: '#/components/x-stackQL-resources/reports/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/preference_sets/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/preference_sets/methods/patch' + - $ref: '#/components/x-stackQL-resources/reports/methods/create' + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/preference_sets/methods/delete' + - $ref: '#/components/x-stackQL-resources/reports/methods/delete' report_configs: id: google.migrationcenter.report_configs name: report_configs title: Report_configs methods: - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reportConfigs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reportConfigs/get response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.reportConfigs + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reportConfigs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reportConfigs/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.reportConfigs get: operation: $ref: >- @@ -4778,151 +4772,208 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/report_configs/methods/delete' - reports: - id: google.migrationcenter.reports - name: reports - title: Reports + groups: + id: google.migrationcenter.groups + name: groups + title: Groups methods: - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reportConfigs~1{reportConfigsId}~1reports/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1groups~1{groupsId}/patch response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reportConfigs~1{reportConfigsId}~1reports/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1groups~1{groupsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.reports - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reportConfigs~1{reportConfigsId}~1reports~1{reportsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1groups~1{groupsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1reportConfigs~1{reportConfigsId}~1reports~1{reportsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1groups/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.groups + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1groups/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/reports/methods/get' - - $ref: '#/components/x-stackQL-resources/reports/methods/list' + - $ref: '#/components/x-stackQL-resources/groups/methods/get' + - $ref: '#/components/x-stackQL-resources/groups/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/reports/methods/create' - update: [] + - $ref: '#/components/x-stackQL-resources/groups/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/groups/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/reports/methods/delete' - discovery_clients: - id: google.migrationcenter.discovery_clients - name: discovery_clients - title: Discovery_clients + - $ref: '#/components/x-stackQL-resources/groups/methods/delete' + groups_assets: + id: google.migrationcenter.groups_assets + name: groups_assets + title: Groups_assets methods: - create: + remove_assets: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryClients/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1groups~1{groupsId}:removeAssets/post response: mediaType: application/json openAPIDocKey: '200' - list: + add_assets: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryClients/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1groups~1{groupsId}:addAssets/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.discoveryClients + sqlVerbs: + select: [] + insert: + - $ref: '#/components/x-stackQL-resources/groups_assets/methods/add_assets' + update: [] + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/groups_assets/methods/remove_assets + relations: + id: google.migrationcenter.relations + name: relations + title: Relations + methods: get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryClients~1{discoveryClientsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1relations~1{relationsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryClients~1{discoveryClientsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1relations/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.relations + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/relations/methods/get' + - $ref: '#/components/x-stackQL-resources/relations/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + error_frames: + id: google.migrationcenter.error_frames + name: error_frames + title: Error_frames + methods: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryClients~1{discoveryClientsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}~1errorFrames/get response: mediaType: application/json openAPIDocKey: '200' - send_heartbeat: + objectKey: $.errorFrames + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveryClients~1{discoveryClientsId}:sendHeartbeat/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}~1errorFrames~1{errorFramesId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/discovery_clients/methods/get' - - $ref: '#/components/x-stackQL-resources/discovery_clients/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/discovery_clients/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/discovery_clients/methods/patch' + - $ref: '#/components/x-stackQL-resources/error_frames/methods/get' + - $ref: '#/components/x-stackQL-resources/error_frames/methods/list' + insert: [] + update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/discovery_clients/methods/delete' - relations: - id: google.migrationcenter.relations - name: relations - title: Relations + delete: [] + sources: + id: google.migrationcenter.sources + name: sources + title: Sources methods: - get: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1relations~1{relationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1relations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.sources + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.relations sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/relations/methods/get' - - $ref: '#/components/x-stackQL-resources/relations/methods/list' - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/sources/methods/get' + - $ref: '#/components/x-stackQL-resources/sources/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/sources/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/sources/methods/patch' replace: [] - delete: [] + delete: + - $ref: '#/components/x-stackQL-resources/sources/methods/delete' paths: /v1/projects/{projectsId}/locations/{locationsId}/settings: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/alt' get: description: Gets the details of regional settings. operationId: migrationcenter.projects.locations.getSettings @@ -4981,14 +5032,14 @@ paths: schema: type: string - in: query - name: updateMask + name: requestId schema: type: string - format: google-fieldmask - in: query - name: requestId + name: updateMask schema: type: string + format: google-fieldmask /v1/projects/{projectsId}/locations: parameters: *ref_1 get: @@ -5005,90 +5056,19 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 - get: - description: Gets information about a location. - operationId: migrationcenter.projects.locations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Location' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: migrationcenter.projects.locations.operations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: extraLocationTypes schema: type: string - in: query - name: filter + name: pageToken schema: type: string - in: query @@ -5097,17 +5077,14 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}: parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: migrationcenter.projects.locations.operations.get + description: Gets information about a location. + operationId: migrationcenter.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5119,7 +5096,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId @@ -5131,18 +5108,16 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true - schema: - type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: migrationcenter.projects.locations.operations.delete + /v1/projects/{projectsId}/locations/{locationsId}/assets:reportAssetFrames: + parameters: *ref_1 + post: + description: Reports a set of frames. + operationId: migrationcenter.projects.locations.assets.reportAssetFrames + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Frames' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5154,7 +5129,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ReportAssetFramesResponse' parameters: - in: path name: projectsId @@ -5166,30 +5141,20 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: source schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/assets/{assetsId}: parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: migrationcenter.projects.locations.operations.cancel + patch: + description: Updates the parameters of an asset. + operationId: migrationcenter.projects.locations.assets.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/Asset' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5201,7 +5166,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Asset' parameters: - in: path name: projectsId @@ -5214,15 +5179,22 @@ paths: schema: type: string - in: path - name: operationsId + name: assetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/assets: - parameters: *ref_1 - get: - description: Lists all the assets in a given project and location. - operationId: migrationcenter.projects.locations.assets.list + - in: query + name: requestId + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes an asset. + operationId: migrationcenter.projects.locations.assets.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5234,7 +5206,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAssetsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -5246,33 +5218,15 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: assetsId + required: true schema: type: string - in: query - name: view + name: requestId schema: type: string - - in: query - name: showHidden - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/assets/{assetsId}: - parameters: *ref_1 get: description: Gets the details of an asset. operationId: migrationcenter.projects.locations.assets.get @@ -5308,14 +5262,11 @@ paths: name: view schema: type: string - patch: - description: Updates the parameters of an asset. - operationId: migrationcenter.projects.locations.assets.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Asset' + /v1/projects/{projectsId}/locations/{locationsId}/assets: + parameters: *ref_1 + get: + description: Lists all the assets in a given project and location. + operationId: migrationcenter.projects.locations.assets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5327,7 +5278,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Asset' + $ref: '#/components/schemas/ListAssetsResponse' parameters: - in: path name: projectsId @@ -5339,23 +5290,41 @@ paths: required: true schema: type: string - - in: path - name: assetsId - required: true + - in: query + name: view schema: type: string - in: query - name: updateMask + name: showHidden + schema: + type: boolean + - in: query + name: orderBy schema: type: string - format: google-fieldmask - in: query - name: requestId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - delete: - description: Deletes an asset. - operationId: migrationcenter.projects.locations.assets.delete + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/assets:batchDelete: + parameters: *ref_1 + post: + description: Deletes list of Assets. + operationId: migrationcenter.projects.locations.assets.batchDelete + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BatchDeleteAssetsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5379,13 +5348,37 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/assets:aggregateValues: + parameters: *ref_1 + post: + description: Aggregates the requested fields based on provided function. + operationId: migrationcenter.projects.locations.assets.aggregateValues + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AggregateAssetsValuesRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/AggregateAssetsValuesResponse' + parameters: - in: path - name: assetsId + name: projectsId required: true schema: type: string - - in: query - name: requestId + - in: path + name: locationsId + required: true schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/assets:batchUpdate: @@ -5421,16 +5414,15 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/assets:batchDelete: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Deletes list of Assets. - operationId: migrationcenter.projects.locations.assets.batchDelete - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BatchDeleteAssetsRequest' + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: migrationcenter.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5454,16 +5446,17 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/assets:reportAssetFrames: - parameters: *ref_1 - post: - description: Reports a set of frames. - operationId: migrationcenter.projects.locations.assets.reportAssetFrames - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Frames' + - in: path + name: operationsId + required: true + schema: + type: string + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: migrationcenter.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5475,7 +5468,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ReportAssetFramesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5487,20 +5480,18 @@ paths: required: true schema: type: string - - in: query - name: source + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/assets:aggregateValues: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 - post: - description: Aggregates the requested fields based on provided function. - operationId: migrationcenter.projects.locations.assets.aggregateValues - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AggregateAssetsValuesRequest' + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: migrationcenter.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5512,7 +5503,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AggregateAssetsValuesResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -5524,16 +5515,42 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/importJobs: + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: - description: Creates an import job. - operationId: migrationcenter.projects.locations.importJobs.create + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: migrationcenter.projects.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/ImportJob' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5545,7 +5562,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -5557,17 +5574,16 @@ paths: required: true schema: type: string - - in: query - name: importJobId - schema: - type: string - - in: query - name: requestId + - in: path + name: operationsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/importJobs/{importJobsId}: + parameters: *ref_1 get: - description: Lists all import jobs. - operationId: migrationcenter.projects.locations.importJobs.list + description: Gets the details of an import job. + operationId: migrationcenter.projects.locations.importJobs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5579,7 +5595,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListImportJobsResponse' + $ref: '#/components/schemas/ImportJob' parameters: - in: path name: projectsId @@ -5591,32 +5607,23 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: importJobsId + required: true schema: type: string - in: query name: view schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/importJobs/{importJobsId}: - parameters: *ref_1 - get: - description: Gets the details of an import job. - operationId: migrationcenter.projects.locations.importJobs.get + patch: + description: Updates an import job. + operationId: migrationcenter.projects.locations.importJobs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ImportJob' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5628,7 +5635,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ImportJob' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5646,9 +5653,14 @@ paths: schema: type: string - in: query - name: view + name: requestId + schema: + type: string + - in: query + name: updateMask schema: type: string + format: google-fieldmask delete: description: Deletes an import job. operationId: migrationcenter.projects.locations.importJobs.delete @@ -5688,9 +5700,11 @@ paths: name: force schema: type: boolean - patch: - description: Updates an import job. - operationId: migrationcenter.projects.locations.importJobs.patch + /v1/projects/{projectsId}/locations/{locationsId}/importJobs: + parameters: *ref_1 + post: + description: Creates an import job. + operationId: migrationcenter.projects.locations.importJobs.create requestBody: content: application/json: @@ -5719,30 +5733,71 @@ paths: required: true schema: type: string + - in: query + name: requestId + schema: + type: string + - in: query + name: importJobId + schema: + type: string + get: + description: Lists all import jobs. + operationId: migrationcenter.projects.locations.importJobs.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListImportJobsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: importJobsId + name: locationsId required: true schema: type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - in: query - name: requestId + name: view schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/importJobs/{importJobsId}:validate: + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/importJobs/{importJobsId}:run: parameters: *ref_1 post: - description: Validates an import job. - operationId: migrationcenter.projects.locations.importJobs.validate + description: Runs an import job. + operationId: migrationcenter.projects.locations.importJobs.run requestBody: content: application/json: schema: - $ref: '#/components/schemas/ValidateImportJobRequest' + $ref: '#/components/schemas/RunImportJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5771,16 +5826,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/importJobs/{importJobsId}:run: + /v1/projects/{projectsId}/locations/{locationsId}/importJobs/{importJobsId}:validate: parameters: *ref_1 post: - description: Runs an import job. - operationId: migrationcenter.projects.locations.importJobs.run + description: Validates an import job. + operationId: migrationcenter.projects.locations.importJobs.validate requestBody: content: application/json: schema: - $ref: '#/components/schemas/RunImportJobRequest' + $ref: '#/components/schemas/ValidateImportJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5889,6 +5944,50 @@ paths: type: string /v1/projects/{projectsId}/locations/{locationsId}/importJobs/{importJobsId}/importDataFiles: parameters: *ref_1 + post: + description: Creates an import data file. + operationId: migrationcenter.projects.locations.importJobs.importDataFiles.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ImportDataFile' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: importJobsId + required: true + schema: + type: string + - in: query + name: importDataFileId + schema: + type: string + - in: query + name: requestId + schema: + type: string get: description: List import data files. operationId: migrationcenter.projects.locations.importJobs.importDataFiles.list @@ -5930,21 +6029,63 @@ paths: schema: type: string - in: query - name: filter + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/preferenceSets/{preferenceSetsId}: + parameters: *ref_1 + patch: + description: Updates the parameters of a preference set. + operationId: migrationcenter.projects.locations.preferenceSets.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PreferenceSet' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: preferenceSetsId + required: true + schema: + type: string + - in: query + name: updateMask schema: type: string + format: google-fieldmask - in: query - name: orderBy + name: requestId schema: type: string - post: - description: Creates an import data file. - operationId: migrationcenter.projects.locations.importJobs.importDataFiles.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ImportDataFile' + delete: + description: Deletes a preference set. + operationId: migrationcenter.projects.locations.preferenceSets.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5969,23 +6110,17 @@ paths: schema: type: string - in: path - name: importJobsId + name: preferenceSetsId required: true schema: type: string - - in: query - name: importDataFileId - schema: - type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/groups: - parameters: *ref_1 get: - description: Lists all groups in a given project and location. - operationId: migrationcenter.projects.locations.groups.list + description: Gets the details of a preference set. + operationId: migrationcenter.projects.locations.preferenceSets.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5997,7 +6132,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListGroupsResponse' + $ref: '#/components/schemas/PreferenceSet' parameters: - in: path name: projectsId @@ -6009,31 +6144,16 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: preferenceSetsId + required: true schema: type: string - post: - description: Creates a new group in a given project and location. - operationId: migrationcenter.projects.locations.groups.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Group' + /v1/projects/{projectsId}/locations/{locationsId}/preferenceSets: + parameters: *ref_1 + get: + description: Lists all the preference sets in a given project and location. + operationId: migrationcenter.projects.locations.preferenceSets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6045,7 +6165,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListPreferenceSetsResponse' parameters: - in: path name: projectsId @@ -6058,18 +6178,26 @@ paths: schema: type: string - in: query - name: groupId + name: orderBy schema: type: string - in: query - name: requestId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/groups/{groupsId}: - parameters: *ref_1 - get: - description: Gets the details of a group. - operationId: migrationcenter.projects.locations.groups.get + post: + description: Creates a new preference set in a given project and location. + operationId: migrationcenter.projects.locations.preferenceSets.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PreferenceSet' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6081,7 +6209,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Group' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6093,19 +6221,24 @@ paths: required: true schema: type: string - - in: path - name: groupsId - required: true + - in: query + name: preferenceSetId schema: type: string - patch: - description: Updates the parameters of a group. - operationId: migrationcenter.projects.locations.groups.patch + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/discoveryClients: + parameters: *ref_1 + post: + description: Creates a new discovery client. + operationId: migrationcenter.projects.locations.discoveryClients.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Group' + $ref: '#/components/schemas/DiscoveryClient' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6129,23 +6262,17 @@ paths: required: true schema: type: string - - in: path - name: groupsId - required: true - schema: - type: string - in: query - name: updateMask + name: discoveryClientId schema: type: string - format: google-fieldmask - in: query name: requestId schema: type: string - delete: - description: Deletes a group. - operationId: migrationcenter.projects.locations.groups.delete + get: + description: Lists all the discovery clients in a given project and location. + operationId: migrationcenter.projects.locations.discoveryClients.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6157,7 +6284,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListDiscoveryClientsResponse' parameters: - in: path name: projectsId @@ -6169,25 +6296,35 @@ paths: required: true schema: type: string - - in: path - name: groupsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - in: query - name: requestId + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/groups/{groupsId}:addAssets: + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/discoveryClients/{discoveryClientsId}:sendHeartbeat: parameters: *ref_1 post: - description: Adds assets to a group. - operationId: migrationcenter.projects.locations.groups.addAssets + description: >- + Sends a discovery client heartbeat. Healthy clients are expected to send + heartbeats regularly (normally every few minutes). + operationId: migrationcenter.projects.locations.discoveryClients.sendHeartbeat requestBody: content: application/json: schema: - $ref: '#/components/schemas/AddAssetsToGroupRequest' + $ref: '#/components/schemas/SendDiscoveryClientHeartbeatRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6212,20 +6349,15 @@ paths: schema: type: string - in: path - name: groupsId + name: discoveryClientsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/groups/{groupsId}:removeAssets: + /v1/projects/{projectsId}/locations/{locationsId}/discoveryClients/{discoveryClientsId}: parameters: *ref_1 - post: - description: Removes assets from a group. - operationId: migrationcenter.projects.locations.groups.removeAssets - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RemoveAssetsFromGroupRequest' + delete: + description: Deletes a discovery client. + operationId: migrationcenter.projects.locations.discoveryClients.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6250,15 +6382,17 @@ paths: schema: type: string - in: path - name: groupsId + name: discoveryClientsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/sources: - parameters: *ref_1 + - in: query + name: requestId + schema: + type: string get: - description: Lists all the sources in a given project and location. - operationId: migrationcenter.projects.locations.sources.list + description: Gets the details of a discovery client. + operationId: migrationcenter.projects.locations.discoveryClients.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6270,7 +6404,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSourcesResponse' + $ref: '#/components/schemas/DiscoveryClient' parameters: - in: path name: projectsId @@ -6282,31 +6416,19 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: discoveryClientsId + required: true schema: type: string - post: - description: Creates a new source in a given project and location. - operationId: migrationcenter.projects.locations.sources.create + patch: + description: Updates a discovery client. + operationId: migrationcenter.projects.locations.discoveryClients.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Source' + $ref: '#/components/schemas/DiscoveryClient' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6330,19 +6452,30 @@ paths: required: true schema: type: string - - in: query - name: sourceId + - in: path + name: discoveryClientsId + required: true schema: type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/sources/{sourcesId}: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/reportConfigs/{reportConfigsId}/reports/{reportsId}:artifactLink: parameters: *ref_1 - get: - description: Gets the details of a source. - operationId: migrationcenter.projects.locations.sources.get + post: + description: Gets the link to the generated artifact of a given type for a Report. + operationId: migrationcenter.projects.locations.reportConfigs.reports.artifactLink + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GenerateReportArtifactLinkRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6354,7 +6487,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Source' + $ref: '#/components/schemas/ReportArtifactLink' parameters: - in: path name: projectsId @@ -6367,18 +6500,20 @@ paths: schema: type: string - in: path - name: sourcesId + name: reportConfigsId required: true schema: type: string - patch: - description: Updates the parameters of a source. - operationId: migrationcenter.projects.locations.sources.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Source' + - in: path + name: reportsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/reportConfigs/{reportConfigsId}/reports/{reportsId}: + parameters: *ref_1 + get: + description: Gets details of a single Report. + operationId: migrationcenter.projects.locations.reportConfigs.reports.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6390,7 +6525,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Report' parameters: - in: path name: projectsId @@ -6403,22 +6538,22 @@ paths: schema: type: string - in: path - name: sourcesId + name: reportConfigsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: reportsId + required: true schema: type: string - format: google-fieldmask - in: query - name: requestId + name: view schema: type: string delete: - description: Deletes a source. - operationId: migrationcenter.projects.locations.sources.delete + description: Deletes a Report. + operationId: migrationcenter.projects.locations.reportConfigs.reports.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6443,7 +6578,12 @@ paths: schema: type: string - in: path - name: sourcesId + name: reportConfigsId + required: true + schema: + type: string + - in: path + name: reportsId required: true schema: type: string @@ -6451,11 +6591,11 @@ paths: name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/sources/{sourcesId}/errorFrames: + /v1/projects/{projectsId}/locations/{locationsId}/reportConfigs/{reportConfigsId}/reports: parameters: *ref_1 get: - description: Lists all error frames in a given source and location. - operationId: migrationcenter.projects.locations.sources.errorFrames.list + description: Lists Reports in a given ReportConfig. + operationId: migrationcenter.projects.locations.reportConfigs.reports.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6467,7 +6607,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListErrorFramesResponse' + $ref: '#/components/schemas/ListReportsResponse' parameters: - in: path name: projectsId @@ -6480,28 +6620,39 @@ paths: schema: type: string - in: path - name: sourcesId + name: reportConfigsId required: true schema: type: string - in: query - name: pageSize + name: orderBy schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string + - in: query + name: filter + schema: + type: string - in: query name: view schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/sources/{sourcesId}/errorFrames/{errorFramesId}: - parameters: *ref_1 - get: - description: Gets the details of an error frame. - operationId: migrationcenter.projects.locations.sources.errorFrames.get + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a report. + operationId: migrationcenter.projects.locations.reportConfigs.reports.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Report' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6513,7 +6664,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ErrorFrame' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6526,24 +6677,23 @@ paths: schema: type: string - in: path - name: sourcesId + name: reportConfigsId required: true schema: type: string - - in: path - name: errorFramesId - required: true + - in: query + name: reportId schema: type: string - in: query - name: view + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/preferenceSets: + /v1/projects/{projectsId}/locations/{locationsId}/reportConfigs: parameters: *ref_1 get: - description: Lists all the preference sets in a given project and location. - operationId: migrationcenter.projects.locations.preferenceSets.list + description: Lists ReportConfigs in a given project and location. + operationId: migrationcenter.projects.locations.reportConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6555,7 +6705,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListPreferenceSetsResponse' + $ref: '#/components/schemas/ListReportConfigsResponse' parameters: - in: path name: projectsId @@ -6568,26 +6718,30 @@ paths: schema: type: string - in: query - name: pageSize + name: orderBy schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - in: query - name: orderBy + name: filter schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 post: - description: Creates a new preference set in a given project and location. - operationId: migrationcenter.projects.locations.preferenceSets.create + description: Creates a report configuration. + operationId: migrationcenter.projects.locations.reportConfigs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/PreferenceSet' + $ref: '#/components/schemas/ReportConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6612,18 +6766,18 @@ paths: schema: type: string - in: query - name: preferenceSetId + name: reportConfigId schema: type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/preferenceSets/{preferenceSetsId}: + /v1/projects/{projectsId}/locations/{locationsId}/reportConfigs/{reportConfigsId}: parameters: *ref_1 get: - description: Gets the details of a preference set. - operationId: migrationcenter.projects.locations.preferenceSets.get + description: Gets details of a single ReportConfig. + operationId: migrationcenter.projects.locations.reportConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6635,7 +6789,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PreferenceSet' + $ref: '#/components/schemas/ReportConfig' parameters: - in: path name: projectsId @@ -6648,18 +6802,13 @@ paths: schema: type: string - in: path - name: preferenceSetsId + name: reportConfigsId required: true schema: type: string - patch: - description: Updates the parameters of a preference set. - operationId: migrationcenter.projects.locations.preferenceSets.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PreferenceSet' + delete: + description: Deletes a ReportConfig. + operationId: migrationcenter.projects.locations.reportConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6684,64 +6833,28 @@ paths: schema: type: string - in: path - name: preferenceSetsId + name: reportConfigsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - in: query name: requestId schema: type: string - delete: - description: Deletes a preference set. - operationId: migrationcenter.projects.locations.preferenceSets.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: preferenceSetsId - required: true - schema: - type: string - in: query - name: requestId + name: force schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/reportConfigs: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/groups/{groupsId}: parameters: *ref_1 - post: - description: Creates a report configuration. - operationId: migrationcenter.projects.locations.reportConfigs.create + patch: + description: Updates the parameters of a group. + operationId: migrationcenter.projects.locations.groups.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/ReportConfig' + $ref: '#/components/schemas/Group' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6765,17 +6878,23 @@ paths: required: true schema: type: string + - in: path + name: groupsId + required: true + schema: + type: string - in: query - name: reportConfigId + name: updateMask schema: type: string + format: google-fieldmask - in: query name: requestId schema: type: string get: - description: Lists ReportConfigs in a given project and location. - operationId: migrationcenter.projects.locations.reportConfigs.list + description: Gets the details of a group. + operationId: migrationcenter.projects.locations.groups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6787,7 +6906,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListReportConfigsResponse' + $ref: '#/components/schemas/Group' parameters: - in: path name: projectsId @@ -6799,28 +6918,14 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: groupsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/reportConfigs/{reportConfigsId}: - parameters: *ref_1 - get: - description: Gets details of a single ReportConfig. - operationId: migrationcenter.projects.locations.reportConfigs.get + delete: + description: Deletes a group. + operationId: migrationcenter.projects.locations.groups.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6832,7 +6937,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ReportConfig' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6845,13 +6950,19 @@ paths: schema: type: string - in: path - name: reportConfigsId + name: groupsId required: true schema: type: string - delete: - description: Deletes a ReportConfig. - operationId: migrationcenter.projects.locations.reportConfigs.delete + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/groups: + parameters: *ref_1 + get: + description: Lists all groups in a given project and location. + operationId: migrationcenter.projects.locations.groups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6863,7 +6974,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListGroupsResponse' parameters: - in: path name: projectsId @@ -6875,29 +6986,31 @@ paths: required: true schema: type: string - - in: path - name: reportConfigsId - required: true + - in: query + name: filter schema: type: string - in: query - name: requestId + name: orderBy schema: type: string - in: query - name: force + name: pageSize schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/reportConfigs/{reportConfigsId}/reports: - parameters: *ref_1 + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string post: - description: Creates a report. - operationId: migrationcenter.projects.locations.reportConfigs.reports.create + description: Creates a new group in a given project and location. + operationId: migrationcenter.projects.locations.groups.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Report' + $ref: '#/components/schemas/Group' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6921,22 +7034,24 @@ paths: required: true schema: type: string - - in: path - name: reportConfigsId - required: true - schema: - type: string - in: query - name: reportId + name: groupId schema: type: string - in: query name: requestId schema: - type: string - get: - description: Lists Reports in a given ReportConfig. - operationId: migrationcenter.projects.locations.reportConfigs.reports.list + type: string + /v1/projects/{projectsId}/locations/{locationsId}/groups/{groupsId}:removeAssets: + parameters: *ref_1 + post: + description: Removes assets from a group. + operationId: migrationcenter.projects.locations.groups.removeAssets + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RemoveAssetsFromGroupRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6948,7 +7063,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListReportsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6961,36 +7076,20 @@ paths: schema: type: string - in: path - name: reportConfigsId + name: groupsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: view - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/reportConfigs/{reportConfigsId}/reports/{reportsId}: + /v1/projects/{projectsId}/locations/{locationsId}/groups/{groupsId}:addAssets: parameters: *ref_1 - get: - description: Gets details of a single Report. - operationId: migrationcenter.projects.locations.reportConfigs.reports.get + post: + description: Adds assets to a group. + operationId: migrationcenter.projects.locations.groups.addAssets + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AddAssetsToGroupRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7002,7 +7101,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Report' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7015,22 +7114,15 @@ paths: schema: type: string - in: path - name: reportConfigsId - required: true - schema: - type: string - - in: path - name: reportsId + name: groupsId required: true schema: type: string - - in: query - name: view - schema: - type: string - delete: - description: Deletes a Report. - operationId: migrationcenter.projects.locations.reportConfigs.reports.delete + /v1/projects/{projectsId}/locations/{locationsId}/relations/{relationsId}: + parameters: *ref_1 + get: + description: Gets the details of an relation. + operationId: migrationcenter.projects.locations.relations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7042,7 +7134,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Relation' parameters: - in: path name: projectsId @@ -7055,29 +7147,15 @@ paths: schema: type: string - in: path - name: reportConfigsId - required: true - schema: - type: string - - in: path - name: reportsId + name: relationsId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/discoveryClients: + /v1/projects/{projectsId}/locations/{locationsId}/relations: parameters: *ref_1 - post: - description: Creates a new discovery client. - operationId: migrationcenter.projects.locations.discoveryClients.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DiscoveryClient' + get: + description: Lists all the relations in a given project and location. + operationId: migrationcenter.projects.locations.relations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7089,7 +7167,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListRelationsResponse' parameters: - in: path name: projectsId @@ -7102,16 +7180,27 @@ paths: schema: type: string - in: query - name: discoveryClientId + name: pageToken schema: type: string - in: query - name: requestId + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/sources/{sourcesId}/errorFrames: + parameters: *ref_1 get: - description: Lists all the discovery clients in a given project and location. - operationId: migrationcenter.projects.locations.discoveryClients.list + description: Lists all error frames in a given source and location. + operationId: migrationcenter.projects.locations.sources.errorFrames.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7123,7 +7212,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDiscoveryClientsResponse' + $ref: '#/components/schemas/ListErrorFramesResponse' parameters: - in: path name: projectsId @@ -7135,28 +7224,29 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: sourcesId + required: true schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - in: query - name: filter + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: orderBy + name: view schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/discoveryClients/{discoveryClientsId}: + /v1/projects/{projectsId}/locations/{locationsId}/sources/{sourcesId}/errorFrames/{errorFramesId}: parameters: *ref_1 get: - description: Gets the details of a discovery client. - operationId: migrationcenter.projects.locations.discoveryClients.get + description: Gets the details of an error frame. + operationId: migrationcenter.projects.locations.sources.errorFrames.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7168,7 +7258,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DiscoveryClient' + $ref: '#/components/schemas/ErrorFrame' parameters: - in: path name: projectsId @@ -7181,18 +7271,29 @@ paths: schema: type: string - in: path - name: discoveryClientsId + name: sourcesId required: true schema: type: string - patch: - description: Updates a discovery client. - operationId: migrationcenter.projects.locations.discoveryClients.patch + - in: path + name: errorFramesId + required: true + schema: + type: string + - in: query + name: view + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/sources: + parameters: *ref_1 + post: + description: Creates a new source in a given project and location. + operationId: migrationcenter.projects.locations.sources.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/DiscoveryClient' + $ref: '#/components/schemas/Source' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7216,23 +7317,17 @@ paths: required: true schema: type: string - - in: path - name: discoveryClientsId - required: true - schema: - type: string - in: query - name: updateMask + name: sourceId schema: type: string - format: google-fieldmask - in: query name: requestId schema: type: string - delete: - description: Deletes a discovery client. - operationId: migrationcenter.projects.locations.discoveryClients.delete + get: + description: Lists all the sources in a given project and location. + operationId: migrationcenter.projects.locations.sources.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7244,7 +7339,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListSourcesResponse' parameters: - in: path name: projectsId @@ -7256,27 +7351,28 @@ paths: required: true schema: type: string - - in: path - name: discoveryClientsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: requestId + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/discoveryClients/{discoveryClientsId}:sendHeartbeat: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/sources/{sourcesId}: parameters: *ref_1 - post: - description: >- - Sends a discovery client heartbeat. Healthy clients are expected to send - heartbeats regularly (normally every few minutes). - operationId: migrationcenter.projects.locations.discoveryClients.sendHeartbeat - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SendDiscoveryClientHeartbeatRequest' + delete: + description: Deletes a source. + operationId: migrationcenter.projects.locations.sources.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7301,15 +7397,17 @@ paths: schema: type: string - in: path - name: discoveryClientsId + name: sourcesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/relations/{relationsId}: - parameters: *ref_1 + - in: query + name: requestId + schema: + type: string get: - description: Gets the details of an relation. - operationId: migrationcenter.projects.locations.relations.get + description: Gets the details of a source. + operationId: migrationcenter.projects.locations.sources.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7321,7 +7419,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Relation' + $ref: '#/components/schemas/Source' parameters: - in: path name: projectsId @@ -7334,15 +7432,18 @@ paths: schema: type: string - in: path - name: relationsId + name: sourcesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/relations: - parameters: *ref_1 - get: - description: Lists all the relations in a given project and location. - operationId: migrationcenter.projects.locations.relations.list + patch: + description: Updates the parameters of a source. + operationId: migrationcenter.projects.locations.sources.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Source' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7354,7 +7455,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRelationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7366,20 +7467,17 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: sourcesId + required: true schema: type: string - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: updateMask schema: type: string + format: google-fieldmask diff --git a/providers/src/googleapis.com/v00.00.00000/services/ml.yaml b/providers/src/googleapis.com/v00.00.00000/services/ml.yaml index 150b6e12..5baebe55 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/ml.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/ml.yaml @@ -7,8 +7,8 @@ info: title: AI Platform Training & Prediction API description: An API to enable creating and using machine learning models. version: v1 - x-discovery-doc-revision: '20250823' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20250920' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/ml/ servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/monitoring.yaml b/providers/src/googleapis.com/v00.00.00000/services/monitoring.yaml index 840ffa67..f1ff3dbb 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/monitoring.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/monitoring.yaml @@ -7,8 +7,8 @@ info: title: Cloud Monitoring API description: Manages your Cloud Monitoring data and configurations. version: v3 - x-discovery-doc-revision: '20250814' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251106' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/monitoring/api/ servers: @@ -2666,6 +2666,130 @@ components: description: The total number of elements matching this request. type: integer format: int32 + ListAlertsResponse: + id: ListAlertsResponse + description: The ListAlerts response. + type: object + properties: + alerts: + description: The list of alerts. + type: array + items: + $ref: '#/components/schemas/Alert' + nextPageToken: + description: >- + If not empty, indicates that there may be more results that match + the request. Use the value in the page_token field in a subsequent + request to fetch the next set of results. The token is encrypted and + only guaranteed to return correct results for 72 hours after it is + created. If empty, all results have been returned. + type: string + totalSize: + description: The estimated total number of matching results for this query. + type: integer + format: int32 + Alert: + id: Alert + description: >- + An alert is the representation of a violation of an alert policy. It is + a read-only resource that cannot be modified by the accompanied API. + type: object + properties: + name: + description: >- + Identifier. The name of the alert.The format is: + projects/[PROJECT_ID_OR_NUMBER]/alerts/[ALERT_ID] The [ALERT_ID] is + a system-assigned unique identifier for the alert. + type: string + state: + description: Output only. The current state of the alert. + readOnly: true + type: string + enumDescriptions: + - The alert state is unspecified. + - The alert is open. + - The alert is closed. + enum: + - STATE_UNSPECIFIED + - OPEN + - CLOSED + openTime: + description: The time when the alert was opened. + type: string + format: google-datetime + closeTime: + description: The time when the alert was closed. + type: string + format: google-datetime + resource: + description: >- + The monitored resource type and any monitored resource labels + preserved from the incident's generating condition. + $ref: '#/components/schemas/MonitoredResource' + metadata: + description: The metadata of the monitored resource. + $ref: '#/components/schemas/MonitoredResourceMetadata' + metric: + description: >- + The metric type and any metric labels preserved from the incident's + generating condition. + $ref: '#/components/schemas/Metric' + log: + description: >- + The log information associated with the alert. This field is only + populated for log-based alerts. + $ref: '#/components/schemas/LogMetadata' + policy: + description: The snapshot of the alert policy that generated this alert. + $ref: '#/components/schemas/PolicySnapshot' + LogMetadata: + id: LogMetadata + description: Information about the log for log-based alerts. + type: object + properties: + extractedLabels: + description: The labels extracted from the log. + type: object + additionalProperties: + type: string + PolicySnapshot: + id: PolicySnapshot + description: The state of the policy at the time the alert was generated. + type: object + properties: + name: + description: >- + The name of the alert policy resource. In the form of + "projects/PROJECT_ID_OR_NUMBER/alertPolicies/ALERT_POLICY_ID". + type: string + displayName: + description: The display name of the alert policy. + type: string + severity: + description: The severity of the alert policy. + type: string + enumDescriptions: + - No severity is specified. This is the default value. + - >- + This is the highest severity level. Use this if the problem could + cause significant damage or downtime. + - >- + This is the medium severity level. Use this if the problem could + cause minor damage or downtime. + - >- + This is the lowest severity level. Use this if the problem is not + causing any damage or downtime, but could potentially lead to a + problem in the future. + enum: + - SEVERITY_UNSPECIFIED + - CRITICAL + - ERROR + - WARNING + userLabels: + description: The user labels for the alert policy. + type: object + additionalProperties: + type: string ListNotificationChannelDescriptorsResponse: id: ListNotificationChannelDescriptorsResponse description: The ListNotificationChannelDescriptors response. @@ -5304,6 +5428,34 @@ components: update: [] replace: [] delete: [] + alerts: + id: google.monitoring.alerts + name: alerts + title: Alerts + methods: + projects_alerts_list: + operation: + $ref: '#/paths/~1v3~1projects~1{projectsId}~1alerts/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.alerts + projects_alerts_get: + operation: + $ref: '#/paths/~1v3~1projects~1{projectsId}~1alerts~1{alertsId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/alerts/methods/projects_alerts_get + - $ref: >- + #/components/x-stackQL-resources/alerts/methods/projects_alerts_list + insert: [] + update: [] + replace: [] + delete: [] notification_channel_descriptors: id: google.monitoring.notification_channel_descriptors name: notification_channel_descriptors @@ -6596,6 +6748,90 @@ paths: schema: type: string format: google-datetime + /v3/projects/{projectsId}/alerts: + parameters: *ref_1 + get: + description: Lists the existing alerts for the metrics scope of the project. + operationId: monitoring.projects.alerts.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/monitoring + Oauth2c: + - https://www.googleapis.com/auth/monitoring + - Oauth2: + - https://www.googleapis.com/auth/monitoring.read + Oauth2c: + - https://www.googleapis.com/auth/monitoring.read + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListAlertsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v3/projects/{projectsId}/alerts/{alertsId}: + parameters: *ref_1 + get: + description: Gets a single alert. + operationId: monitoring.projects.alerts.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/monitoring + Oauth2c: + - https://www.googleapis.com/auth/monitoring + - Oauth2: + - https://www.googleapis.com/auth/monitoring.read + Oauth2c: + - https://www.googleapis.com/auth/monitoring.read + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Alert' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: alertsId + required: true + schema: + type: string /v3/projects/{projectsId}/notificationChannelDescriptors: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/netapp.yaml b/providers/src/googleapis.com/v00.00.00000/services/netapp.yaml index 3ec95a64..5dbb3e2a 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/netapp.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/netapp.yaml @@ -10,8 +10,8 @@ info: service that provides advanced data management capabilities and highly scalable performance with global availability. version: v1 - x-discovery-doc-revision: '20250825' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251116' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/netapp/ servers: @@ -37,572 +37,764 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object + SnapshotPolicy: + description: Snapshot Policy for a volume. properties: - operations: + enabled: description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + If enabled, make snapshots automatically according to the schedules. + Default is false. + type: boolean + monthlySchedule: + description: Monthly schedule policy. + $ref: '#/components/schemas/MonthlySchedule' + hourlySchedule: + $ref: '#/components/schemas/HourlySchedule' + description: Hourly schedule policy. + weeklySchedule: + $ref: '#/components/schemas/WeeklySchedule' + description: Weekly schedule policy. + dailySchedule: + description: Daily schedule policy. + $ref: '#/components/schemas/DailySchedule' type: object + id: SnapshotPolicy + Backup: + type: object + id: Backup + description: A NetApp Backup. properties: name: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + Identifier. The resource name of the backup. Format: + `projects/{project_id}/locations/{location}/backupVaults/{backup_vault_id}/backups/{backup_id}`. type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. + satisfiesPzi: + readOnly: true + description: Output only. Reserved for future use type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + description: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + A description of the backup with 2048 characters or less. Requests + with longer descriptions will be rejected. type: string - details: + backupRegion: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleProtobufEmpty: - id: GoogleProtobufEmpty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - ListStoragePoolsResponse: - id: ListStoragePoolsResponse - description: ListStoragePoolsResponse is the response to a ListStoragePoolsRequest. - type: object - properties: - storagePools: - description: The list of StoragePools - type: array - items: - $ref: '#/components/schemas/StoragePool' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - StoragePool: - id: StoragePool - description: >- - StoragePool is a container for volumes with a service level and - capacity. Volumes can be created in a pool of sufficient available - capacity. StoragePool capacity is what you are billed for. - type: object - properties: - name: - description: Identifier. Name of the storage pool + Output only. Region in which backup is stored. Format: + `projects/{project_id}/locations/{location}` type: string - serviceLevel: - description: Required. Service level of the storage pool + readOnly: true + sourceVolume: type: string - enumDescriptions: - - Unspecified service level. - - Premium service level. - - Extreme service level. - - Standard service level. - - Flex service level. - enum: - - SERVICE_LEVEL_UNSPECIFIED - - PREMIUM - - EXTREME - - STANDARD - - FLEX - capacityGib: - description: Required. Capacity in GIB of the pool + description: >- + Volume full name of this backup belongs to. Format: + `projects/{projects_id}/locations/{location}/volumes/{volume_id}` + labels: + type: object + additionalProperties: + type: string + description: Resource labels to represent user provided metadata. + enforcedRetentionEndTime: type: string + readOnly: true + format: google-datetime + description: Output only. The time until which the backup is not deletable. + volumeUsageBytes: format: int64 - volumeCapacityGib: description: >- - Output only. Allocated size of all volumes in GIB in the storage - pool + Output only. Size of the file system when the backup was created. + When creating a new volume from the backup, the volume capacity will + have to be at least as big. + type: string readOnly: true + volumeRegion: + description: >- + Output only. Region of the volume from which the backup was created. + Format: `projects/{project_id}/locations/{location}` type: string - format: int64 - volumeCount: - description: Output only. Volume count of the storage pool readOnly: true - type: integer - format: int32 + sourceSnapshot: + description: >- + If specified, backup will be created from the given snapshot. If not + specified, there will be a new snapshot taken to initiate the backup + creation. Format: + `projects/{project_id}/locations/{location}/volumes/{volume_id}/snapshots/{snapshot_id}` + type: string state: - description: Output only. State of the storage pool readOnly: true + description: Output only. The backup state. type: string enumDescriptions: - - Unspecified Storage Pool State - - Storage Pool State is Ready - - Storage Pool State is Creating - - Storage Pool State is Deleting - - Storage Pool State is Updating - - Storage Pool State is Restoring - - Storage Pool State is Disabled - - Storage Pool State is Error + - State not set. + - >- + Backup is being created. While in this state, the snapshot for the + backup point-in-time may not have been created yet, and so the + point-in-time may not have been fixed. + - >- + Backup is being uploaded. While in this state, none of the writes + to the volume will be included in the backup. + - Backup is available for use. + - Backup is being deleted. + - >- + Backup is not valid and cannot be used for creating new volumes or + restoring existing volumes. + - Backup is being updated. enum: - STATE_UNSPECIFIED - - READY - CREATING + - UPLOADING + - READY - DELETING - - UPDATING - - RESTORING - - DISABLED - ERROR - stateDetails: - description: Output only. State details of the storage pool - readOnly: true - type: string + - UPDATING createTime: - description: Output only. Create time of the storage pool - readOnly: true - type: string + description: Output only. The time when the backup was created. format: google-datetime - description: - description: Optional. Description of the storage pool - type: string - labels: - description: Optional. Labels as key value pairs - type: object - additionalProperties: - type: string - network: - description: >- - Required. VPC Network name. Format: - projects/{project}/global/networks/{network} - type: string - activeDirectory: - description: >- - Optional. Specifies the Active Directory to be used for creating a - SMB volume. type: string - kmsConfig: - description: Optional. Specifies the KMS config to be used for volume encryption. - type: string - ldapEnabled: - description: Optional. Flag indicating if the pool is NFS LDAP enabled or not. - type: boolean - psaRange: - description: >- - Optional. This field is not implemented. The values provided in this - field are ignored. - type: string - encryptionType: - description: Output only. Specifies the current pool encryption key source. readOnly: true - type: string - enumDescriptions: - - The source of the encryption key is not specified. - - Google managed encryption key. - - Customer managed encryption key, which is stored in KMS. - enum: - - ENCRYPTION_TYPE_UNSPECIFIED - - SERVICE_MANAGED - - CLOUD_KMS - globalAccessAllowed: - description: >- - Deprecated. Used to allow SO pool to access AD or DNS server from - other regions. - deprecated: true - type: boolean - allowAutoTiering: + chainStorageBytes: description: >- - Optional. True if the storage pool supports Auto Tiering enabled - volumes. Default is false. Auto-tiering can be enabled after storage - pool creation but it can't be disabled once enabled. - type: boolean - replicaZone: - description: Optional. Specifies the replica zone for regional storagePool. - type: string - zone: - description: Optional. Specifies the active zone for regional storagePool. + Output only. Total size of all backups in a chain in bytes = + baseline backup size + sum(incremental backup size) + readOnly: true + format: int64 type: string satisfiesPzs: description: Output only. Reserved for future use readOnly: true type: boolean - satisfiesPzi: - description: Output only. Reserved for future use - readOnly: true - type: boolean - customPerformanceEnabled: - description: >- - Optional. True if using Independent Scaling of capacity and - performance (Hyperdisk) By default set to false - type: boolean - totalThroughputMibps: - description: Optional. Custom Performance Total Throughput of the pool (in MiBps) - type: string - format: int64 - totalIops: - description: >- - Optional. Custom Performance Total IOPS of the pool if not provided, - it will be calculated based on the total_throughput_mibps - type: string - format: int64 - hotTierSizeGib: - description: >- - Optional. Total hot tier capacity for the Storage Pool. It is - applicable only to Flex service level. It should be less than the - minimum storage pool size and cannot be more than the current - storage pool size. It cannot be decreased once set. - type: string - format: int64 - enableHotTierAutoResize: - description: >- - Optional. Flag indicating that the hot-tier threshold will be - auto-increased by 10% of the hot-tier when it hits 100%. Default is - true. The increment will kick in only if the new size after - increment is still less than or equal to storage pool size. - type: boolean - qosType: - description: Optional. QoS (Quality of Service) Type of the storage pool + backupType: type: string enumDescriptions: - - Unspecified QoS Type - - QoS Type is Auto - - QoS Type is Manual + - Unspecified backup type. + - Manual backup type. + - Scheduled backup type. enum: - - QOS_TYPE_UNSPECIFIED - - AUTO + - TYPE_UNSPECIFIED - MANUAL - availableThroughputMibps: - description: Output only. Available throughput of the storage pool (in MiB/s). + - SCHEDULED + description: >- + Output only. Type of backup, manually created or created by a backup + policy. readOnly: true - type: number - format: double - ValidateDirectoryServiceRequest: - id: ValidateDirectoryServiceRequest - description: >- - ValidateDirectoryServiceRequest validates the directory service policy - attached to the storage pool. + ExportPolicy: type: object properties: - directoryServiceType: - description: Type of directory service policy attached to the storage pool. - type: string - enumDescriptions: - - Directory service type is not specified. - - Active directory policy attached to the storage pool. - enum: - - DIRECTORY_SERVICE_TYPE_UNSPECIFIED - - ACTIVE_DIRECTORY - SwitchActiveReplicaZoneRequest: - id: SwitchActiveReplicaZoneRequest + rules: + items: + $ref: '#/components/schemas/SimpleExportPolicyRule' + type: array + description: Required. List of export policy rules + id: ExportPolicy + description: Defines the export policy for the volume. + ReverseReplicationDirectionRequest: + id: ReverseReplicationDirectionRequest description: >- - SwitchActiveReplicaZoneRequest switch the active/replica zone for a - regional storagePool. + ReverseReplicationDirectionRequest reverses direction of replication. + Source becomes destination and destination becomes source. type: object properties: {} - ListVolumesResponse: - id: ListVolumesResponse - description: Message for response to listing Volumes - type: object + HourlySchedule: + id: HourlySchedule properties: - volumes: - description: The list of Volume - type: array - items: - $ref: '#/components/schemas/Volume' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - Volume: - id: Volume - description: Volume provides a filesystem that you can mount. + snapshotsToKeep: + description: The maximum number of Snapshots to keep for the hourly schedule + format: double + type: number + minute: + type: number + format: double + description: >- + Set the minute of the hour to start the snapshot (0-59), defaults to + the top of the hour (0). + description: Make a snapshot every hour e.g. at 04:00, 05:00, 06:00. + type: object + BackupVault: + description: A NetApp BackupVault. + id: BackupVault type: object properties: - name: - description: Identifier. Name of the volume - type: string - state: - description: Output only. State of the volume - readOnly: true - type: string - enumDescriptions: - - Unspecified Volume State - - Volume State is Ready - - Volume State is Creating - - Volume State is Deleting - - Volume State is Updating - - Volume State is Restoring - - Volume State is Disabled - - Volume State is Error - - >- - Volume State is Preparing. Note that this is different from - CREATING where CREATING means the volume is being created, while - PREPARING means the volume is created and now being prepared for - the replication. - - Volume State is Read Only - enum: - - STATE_UNSPECIFIED - - READY - - CREATING - - DELETING - - UPDATING - - RESTORING - - DISABLED - - ERROR - - PREPARING - - READ_ONLY - stateDetails: - description: Output only. State details of the volume - readOnly: true + backupRegion: + description: >- + Optional. Region where the backups are stored. Format: + `projects/{project_id}/locations/{location}` type: string createTime: - description: Output only. Create time of the volume + format: google-datetime + description: Output only. Create time of the backup vault. readOnly: true type: string - format: google-datetime - shareName: - description: Required. Share name of the volume + description: + description: Description of the backup vault. type: string - psaRange: - description: >- - Output only. This field is not implemented. The values provided in - this field are ignored. + sourceBackupVault: readOnly: true + description: >- + Output only. Name of the Backup vault created in source region. + Format: + `projects/{project_id}/locations/{location}/backupVaults/{backup_vault_id}` type: string - storagePool: - description: Required. StoragePool name of the volume + backupRetentionPolicy: + description: Optional. Backup retention policy defining the retenton of backups. + $ref: '#/components/schemas/BackupRetentionPolicy' + destinationBackupVault: type: string - network: description: >- - Output only. VPC Network name. Format: - projects/{project}/global/networks/{network} - readOnly: true - type: string - serviceLevel: - description: Output only. Service level of the volume + Output only. Name of the Backup vault created in backup region. + Format: + `projects/{project_id}/locations/{location}/backupVaults/{backup_vault_id}` readOnly: true + backupVaultType: type: string - enumDescriptions: - - Unspecified service level. - - Premium service level. - - Extreme service level. - - Standard service level. - - Flex service level. enum: - - SERVICE_LEVEL_UNSPECIFIED - - PREMIUM - - EXTREME - - STANDARD - - FLEX - capacityGib: - description: Required. Capacity in GIB of the volume + - BACKUP_VAULT_TYPE_UNSPECIFIED + - IN_REGION + - CROSS_REGION + description: Optional. Type of backup vault to be created. Default is IN_REGION. + enumDescriptions: + - BackupVault type not set. + - BackupVault type is IN_REGION. + - BackupVault type is CROSS_REGION. + state: + enum: + - STATE_UNSPECIFIED + - CREATING + - READY + - DELETING + - ERROR + - UPDATING + description: Output only. The backup vault state. + readOnly: true + enumDescriptions: + - State not set. + - BackupVault is being created. + - BackupVault is available for use. + - BackupVault is being deleted. + - BackupVault is not valid and cannot be used. + - BackupVault is being updated. type: string - format: int64 - exportPolicy: - description: Optional. Export policy of the volume - $ref: '#/components/schemas/ExportPolicy' - protocols: - description: Required. Protocols required for the volume + sourceRegion: + type: string + description: >- + Output only. Region in which the backup vault is created. Format: + `projects/{project_id}/locations/{location}` + readOnly: true + labels: + additionalProperties: + type: string + description: Resource labels to represent user provided metadata. + type: object + name: + description: >- + Identifier. The resource name of the backup vault. Format: + `projects/{project_id}/locations/{location}/backupVaults/{backup_vault_id}`. + type: string + StopReplicationRequest: + type: object + description: StopReplicationRequest stops a replication until resumed. + id: StopReplicationRequest + properties: + force: + description: >- + Indicates whether to stop replication forcefully while data transfer + is in progress. Warning! if force is true, this will abort any + current transfers and can lead to data loss due to partial transfer. + If force is false, stop replication will fail while data transfer is + in progress and you will need to retry later. + type: boolean + EncryptVolumesRequest: + properties: {} + id: EncryptVolumesRequest + type: object + description: >- + EncryptVolumesRequest specifies the KMS config to encrypt existing + volumes. + UserCommands: + type: object + description: UserCommands contains the commands to be executed by the customer. + properties: + commands: type: array + description: Output only. List of commands to be executed by the customer. + readOnly: true items: type: string - enumDescriptions: - - Unspecified protocol - - NFS V3 protocol - - NFS V4 protocol - - SMB protocol - enum: - - PROTOCOLS_UNSPECIFIED - - NFSV3 - - NFSV4 - - SMB - smbSettings: - description: Optional. SMB share settings for the volume. + id: UserCommands + ListSnapshotsResponse: + id: ListSnapshotsResponse + type: object + description: ListSnapshotsResponse is the result of ListSnapshotsRequest. + properties: + snapshots: + items: + $ref: '#/components/schemas/Snapshot' + description: A list of snapshots in the project for the specified volume. type: array + unreachable: + type: array + description: Locations that could not be reached. items: type: string - enumDescriptions: - - Unspecified default option - - SMB setting encrypt data - - SMB setting browsable - - SMB setting notify change - - SMB setting not to notify change - - SMB setting oplocks - - SMB setting to show snapshots - - SMB setting to show previous versions - - SMB setting to access volume based on enumerartion - - Continuously available enumeration - enum: - - SMB_SETTINGS_UNSPECIFIED - - ENCRYPT_DATA - - BROWSABLE - - CHANGE_NOTIFY - - NON_BROWSABLE - - OPLOCKS - - SHOW_SNAPSHOT - - SHOW_PREVIOUS_VERSIONS - - ACCESS_BASED_ENUMERATION - - CONTINUOUSLY_AVAILABLE - mountOptions: - description: Output only. Mount options of this volume + nextPageToken: + description: >- + The token you can use to retrieve the next page of results. Not + returned if there are no more results in the list. + type: string + RestoreBackupFilesRequest: + properties: + restoreDestinationPath: + description: Optional. Absolute directory path in the destination volume. + type: string + backup: + type: string + description: >- + Required. The backup resource name, in the format + `projects/{project_id}/locations/{location}/backupVaults/{backup_vault_id}/backups/{backup_id}` + fileList: + type: array + items: + type: string + description: >- + Required. List of files to be restored in the form of their absolute + path as in source volume. + description: RestoreBackupFilesRequest restores files from a backup to a volume. + id: RestoreBackupFilesRequest + type: object + ValidateDirectoryServiceRequest: + description: >- + ValidateDirectoryServiceRequest validates the directory service policy + attached to the storage pool. + properties: + directoryServiceType: + type: string + description: Type of directory service policy attached to the storage pool. + enumDescriptions: + - Directory service type is not specified. + - Active directory policy attached to the storage pool. + enum: + - DIRECTORY_SERVICE_TYPE_UNSPECIFIED + - ACTIVE_DIRECTORY + id: ValidateDirectoryServiceRequest + type: object + ListQuotaRulesResponse: + description: ListQuotaRulesResponse is the response to a ListQuotaRulesRequest. + type: object + id: ListQuotaRulesResponse + properties: + quotaRules: + items: + $ref: '#/components/schemas/QuotaRule' + description: List of quota rules + type: array + unreachable: + type: array + description: Locations that could not be reached. + items: + type: string + nextPageToken: + type: string + description: A token identifying a page of results the server should return. + MountOption: + type: object + description: View only mount options for a volume. + id: MountOption + properties: + ipAddress: + description: Output only. IP Address. + type: string + readOnly: true + exportFull: + description: Full export string + type: string + export: + type: string + description: Export string + instructions: + description: Instructions for mounting + type: string + protocol: + description: Protocol to mount with. + enumDescriptions: + - Unspecified protocol + - NFS V3 protocol + - NFS V4 protocol + - SMB protocol + - ISCSI protocol + enum: + - PROTOCOLS_UNSPECIFIED + - NFSV3 + - NFSV4 + - SMB + - ISCSI + type: string + CancelOperationRequest: + id: CancelOperationRequest + description: The request message for Operations.CancelOperation. + type: object + properties: {} + Status: + type: object + id: Status + properties: + message: + type: string + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + format: int32 + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + details: + type: array + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + ListReplicationsResponse: + id: ListReplicationsResponse + type: object + properties: + replications: + description: A list of replications in the project for the specified volume. + type: array + items: + $ref: '#/components/schemas/Replication' + nextPageToken: + type: string + description: >- + The token you can use to retrieve the next page of results. Not + returned if there are no more results in the list. + unreachable: + items: + type: string + description: Locations that could not be reached. + type: array + description: ListReplicationsResponse is the result of ListReplicationsRequest. + HostGroup: + properties: + hosts: + description: Required. The list of hosts associated with the host group. + items: + type: string + type: array + type: + enum: + - TYPE_UNSPECIFIED + - ISCSI_INITIATOR + description: Required. Type of the host group. + enumDescriptions: + - Unspecified type for host group. + - iSCSI initiator host group. + type: string + osType: + type: string + description: >- + Required. The OS type of the host group. It indicates the type of + operating system used by all of the hosts in the HostGroup. All + hosts in a HostGroup must be of the same OS type. This can be set + only when creating a HostGroup. + enumDescriptions: + - Unspecified OS Type + - OS Type is Linux + - OS Type is Windows + - OS Type is VMware ESXi + enum: + - OS_TYPE_UNSPECIFIED + - LINUX + - WINDOWS + - ESXI + name: + description: >- + Identifier. The resource name of the host group. Format: + `projects/{project_number}/locations/{location_id}/hostGroups/{host_group_id}`. + type: string + state: + description: Output only. State of the host group. + type: string + enumDescriptions: + - Unspecified state for host group. + - Host group is creating. + - Host group is ready. + - Host group is updating. + - Host group is deleting. + - Host group is disabled. + enum: + - STATE_UNSPECIFIED + - CREATING + - READY + - UPDATING + - DELETING + - DISABLED + readOnly: true + description: + description: Optional. Description of the host group. + type: string + createTime: + readOnly: true + type: string + description: Output only. Create time of the host group. + format: google-datetime + labels: + description: Optional. Labels of the host group. + type: object + additionalProperties: + type: string + type: object + id: HostGroup + description: >- + Host group is a collection of hosts that can be used for accessing a + Block Volume. + HybridReplicationParameters: + properties: + labels: + description: >- + Optional. Labels to be added to the replication as the key value + pairs. + additionalProperties: + type: string + type: object + peerIpAddresses: + description: Required. List of node ip addresses to be peered with. + items: + type: string + type: array + peerClusterName: + description: >- + Required. Name of the user's local source cluster to be peered with + the destination cluster. + type: string + peerVolumeName: + description: >- + Required. Name of the user's local source volume to be peered with + the destination volume. + type: string + largeVolumeConstituentCount: + description: Optional. Constituent volume count for large volume. + type: integer + format: int32 + clusterLocation: + type: string + description: >- + Optional. Name of source cluster location associated with the Hybrid + replication. This is a free-form field for the display purpose only. + peerSvmName: + type: string + description: >- + Required. Name of the user's local source vserver svm to be peered + with the destination vserver svm. + hybridReplicationType: + type: string + description: Optional. Type of the hybrid replication. + enum: + - VOLUME_HYBRID_REPLICATION_TYPE_UNSPECIFIED + - MIGRATION + - CONTINUOUS_REPLICATION + - ONPREM_REPLICATION + - REVERSE_ONPREM_REPLICATION + enumDescriptions: + - Unspecified hybrid replication type. + - Hybrid replication type for migration. + - Hybrid replication type for continuous replication. + - >- + New field for reversible OnPrem replication, to be used for data + protection. + - >- + New field for reversible OnPrem replication, to be used for data + protection. + replication: + description: Required. Desired name for the replication of this volume. + type: string + replicationSchedule: + description: Optional. Replication Schedule for the replication created. + enum: + - HYBRID_REPLICATION_SCHEDULE_UNSPECIFIED + - EVERY_10_MINUTES + - HOURLY + - DAILY + enumDescriptions: + - Unspecified HybridReplicationSchedule + - Replication happens once every 10 minutes. + - Replication happens once every hour. + - Replication happens once every day. + type: string + description: + type: string + description: Optional. Description of the replication. + id: HybridReplicationParameters + description: The Hybrid Replication parameters for the volume. + type: object + ResumeReplicationRequest: + id: ResumeReplicationRequest + description: ResumeReplicationRequest resumes a stopped replication. + properties: {} + type: object + StoragePool: + properties: + zone: + type: string + description: Optional. Specifies the active zone for regional storagePool. + ldapEnabled: + type: boolean + description: Optional. Flag indicating if the pool is NFS LDAP enabled or not. + name: + type: string + description: Identifier. Name of the storage pool + description: + description: Optional. Description of the storage pool + type: string + allowAutoTiering: + type: boolean + description: >- + Optional. True if the storage pool supports Auto Tiering enabled + volumes. Default is false. Auto-tiering can be enabled after storage + pool creation but it can't be disabled once enabled. + enableHotTierAutoResize: + description: >- + Optional. Flag indicating that the hot-tier threshold will be + auto-increased by 10% of the hot-tier when it hits 100%. Default is + true. The increment will kick in only if the new size after + increment is still less than or equal to storage pool size. + type: boolean + satisfiesPzi: + description: Output only. Reserved for future use + readOnly: true + type: boolean + capacityGib: + description: Required. Capacity in GIB of the pool + format: int64 + type: string + customPerformanceEnabled: + description: >- + Optional. True if using Independent Scaling of capacity and + performance (Hyperdisk) By default set to false + type: boolean + volumeCount: + format: int32 + readOnly: true + type: integer + description: Output only. Volume count of the storage pool + type: + type: string + enum: + - STORAGE_POOL_TYPE_UNSPECIFIED + - FILE + - UNIFIED + description: >- + Optional. Type of the storage pool. This field is used to control + whether the pool supports FILE based volumes only or UNIFIED (both + FILE and BLOCK) volumes. If not specified during creation, it + defaults to FILE. + enumDescriptions: + - Storage pool type is not specified. + - Storage pool type is file. + - Storage pool type is unified. + network: + type: string + description: >- + Required. VPC Network name. Format: + projects/{project}/global/networks/{network} + state: + enum: + - STATE_UNSPECIFIED + - READY + - CREATING + - DELETING + - UPDATING + - RESTORING + - DISABLED + - ERROR + type: string + description: Output only. State of the storage pool + enumDescriptions: + - Unspecified Storage Pool State + - Storage Pool State is Ready + - Storage Pool State is Creating + - Storage Pool State is Deleting + - Storage Pool State is Updating + - Storage Pool State is Restoring + - Storage Pool State is Disabled + - Storage Pool State is Error readOnly: true - type: array - items: - $ref: '#/components/schemas/MountOption' - unixPermissions: - description: >- - Optional. Default unix style permission (e.g. 777) the mount point - will be created with. Applicable for NFS protocol types only. + stateDetails: + readOnly: true + description: Output only. State details of the storage pool type: string - labels: - description: Optional. Labels as key value pairs - type: object - additionalProperties: - type: string - description: - description: Optional. Description of the volume + qosType: + enumDescriptions: + - Unspecified QoS Type + - QoS Type is Auto + - QoS Type is Manual + enum: + - QOS_TYPE_UNSPECIFIED + - AUTO + - MANUAL type: string - snapshotPolicy: - description: Optional. SnapshotPolicy for a volume. - $ref: '#/components/schemas/SnapshotPolicy' - snapReserve: - description: >- - Optional. Snap_reserve specifies percentage of volume storage - reserved for snapshot storage. Default is 0 percent. + description: Optional. QoS (Quality of Service) Type of the storage pool + availableThroughputMibps: + description: Output only. Available throughput of the storage pool (in MiB/s). + readOnly: true type: number format: double - snapshotDirectory: + coldTierSizeUsedGib: + readOnly: true + format: int64 description: >- - Optional. Snapshot_directory if enabled (true) the volume will - contain a read-only .snapshot directory which provides access to - each of the volume's snapshots. - type: boolean - usedGib: + Output only. Total cold tier data rounded down to the nearest GiB + used by the storage pool. + type: string + activeDirectory: + type: string description: >- - Output only. Used capacity in GIB of the volume. This is computed - periodically and it does not represent the realtime usage. + Optional. Specifies the Active Directory to be used for creating a + SMB volume. + labels: + additionalProperties: + type: string + type: object + description: Optional. Labels as key value pairs + createTime: readOnly: true type: string - format: int64 - securityStyle: - description: Optional. Security Style of the Volume + description: Output only. Create time of the storage pool + format: google-datetime + kmsConfig: + type: string + description: Optional. Specifies the KMS config to be used for volume encryption. + psaRange: type: string - enumDescriptions: - - SecurityStyle is unspecified - - SecurityStyle uses NTFS - - SecurityStyle uses UNIX - enum: - - SECURITY_STYLE_UNSPECIFIED - - NTFS - - UNIX - kerberosEnabled: description: >- - Optional. Flag indicating if the volume is a kerberos volume or not, - export policy rules control kerberos security modes (krb5, krb5i, - krb5p). - type: boolean - ldapEnabled: + Optional. This field is not implemented. The values provided in this + field are ignored. + totalIops: description: >- - Output only. Flag indicating if the volume is NFS LDAP enabled or - not. - readOnly: true - type: boolean - activeDirectory: - description: Output only. Specifies the ActiveDirectory name of a SMB volume. - readOnly: true + Optional. Custom Performance Total IOPS of the pool if not provided, + it will be calculated based on the total_throughput_mibps + format: int64 type: string - restoreParameters: - description: Optional. Specifies the source of the volume to be created from. - $ref: '#/components/schemas/RestoreParameters' - kmsConfig: + hotTierSizeUsedGib: + type: string + format: int64 description: >- - Output only. Specifies the KMS config to be used for volume - encryption. + Output only. Total hot tier data rounded down to the nearest GiB + used by the storage pool. readOnly: true - type: string encryptionType: - description: Output only. Specified the current volume encryption key source. readOnly: true + description: Output only. Specifies the current pool encryption key source. type: string enumDescriptions: - The source of the encryption key is not specified. @@ -612,101 +804,104 @@ components: - ENCRYPTION_TYPE_UNSPECIFIED - SERVICE_MANAGED - CLOUD_KMS - hasReplication: + serviceLevel: + enumDescriptions: + - Unspecified service level. + - Premium service level. + - Extreme service level. + - Standard service level. + - Flex service level. + type: string + description: Required. Service level of the storage pool + enum: + - SERVICE_LEVEL_UNSPECIFIED + - PREMIUM + - EXTREME + - STANDARD + - FLEX + hotTierSizeGib: + format: int64 + type: string description: >- - Output only. Indicates whether the volume is part of a replication - relationship. + Optional. Total hot tier capacity for the Storage Pool. It is + applicable only to Flex service level. It should be less than the + minimum storage pool size and cannot be more than the current + storage pool size. It cannot be decreased once set. + volumeCapacityGib: readOnly: true - type: boolean - backupConfig: - description: BackupConfig of the volume. - $ref: '#/components/schemas/BackupConfig' - restrictedActions: - description: Optional. List of actions that are restricted on this volume. - type: array - items: - type: string - enumDescriptions: - - Unspecified restricted action - - Prevent volume from being deleted when mounted. - enum: - - RESTRICTED_ACTION_UNSPECIFIED - - DELETE - largeCapacity: description: >- - Optional. Flag indicating if the volume will be a large capacity - volume or a regular volume. - type: boolean - multipleEndpoints: + Output only. Allocated size of all volumes in GIB in the storage + pool + type: string + format: int64 + globalAccessAllowed: description: >- - Optional. Flag indicating if the volume will have an IP address per - node for volumes supporting multiple IP endpoints. Only the volume - with large_capacity will be allowed to have multiple endpoints. + Deprecated. Used to allow SO pool to access AD or DNS server from + other regions. type: boolean - tieringPolicy: - description: Tiering policy for the volume. - $ref: '#/components/schemas/TieringPolicy' - replicaZone: - description: Output only. Specifies the replica zone for regional volume. - readOnly: true + deprecated: true + totalThroughputMibps: type: string - zone: - description: Output only. Specifies the active zone for regional volume. - readOnly: true + description: Optional. Custom Performance Total Throughput of the pool (in MiBps) + format: int64 + replicaZone: + description: Optional. Specifies the replica zone for regional storagePool. type: string - coldTierSizeGib: - description: >- - Output only. Size of the volume cold tier data rounded down to the - nearest GiB. + satisfiesPzs: + type: boolean + description: Output only. Reserved for future use readOnly: true - type: string - format: int64 - hybridReplicationParameters: - description: Optional. The Hybrid Replication parameters for the volume. - $ref: '#/components/schemas/HybridReplicationParameters' - throughputMibps: - description: Optional. Throughput of the volume (in MiB/s) - type: number - format: double - ExportPolicy: - id: ExportPolicy - description: Defines the export policy for the volume. + id: StoragePool type: object + description: >- + StoragePool is a container for volumes with a service level and + capacity. Volumes can be created in a pool of sufficient available + capacity. StoragePool capacity is what you are billed for. + RevertVolumeRequest: + id: RevertVolumeRequest + type: object + description: RevertVolumeRequest reverts the given volume to the specified snapshot. properties: - rules: - description: Required. List of export policy rules - type: array - items: - $ref: '#/components/schemas/SimpleExportPolicyRule' + snapshotId: + description: >- + Required. The snapshot resource ID, in the format 'my-snapshot', + where the specified ID is the {snapshot_id} of the fully qualified + name like + projects/{project_id}/locations/{location_id}/volumes/{volume_id}/snapshots/{snapshot_id} + type: string SimpleExportPolicyRule: id: SimpleExportPolicyRule - description: An export policy rule describing various export options. type: object properties: - allowedClients: - description: Comma separated list of allowed clients IP addresses - type: string - hasRootAccess: - description: Whether Unix root access will be granted. - type: string + kerberos5iReadWrite: + type: boolean + description: >- + If enabled (true) the rule defines read and write access for clients + matching the 'allowedClients' specification. It enables nfs clients + to mount using 'integrity' kerberos security mode. The + 'kerberos5iReadOnly' value be ignored if this is enabled. accessType: - description: Access type (ReadWrite, ReadOnly, None) - type: string enumDescriptions: - Unspecified Access Type - Read Only - Read Write - None + description: Access type (ReadWrite, ReadOnly, None) + type: string enum: - ACCESS_TYPE_UNSPECIFIED - READ_ONLY - READ_WRITE - READ_NONE nfsv3: - description: NFS V3 protocol. type: boolean - nfsv4: - description: NFS V4 protocol. + description: NFS V3 protocol. + kerberos5pReadWrite: + description: >- + If enabled (true) the rule defines read and write access for clients + matching the 'allowedClients' specification. It enables nfs clients + to mount using 'privacy' kerberos security mode. The + 'kerberos5pReadOnly' value be ignored if this is enabled. type: boolean kerberos5ReadOnly: description: >- @@ -714,143 +909,323 @@ components: matching the 'allowedClients' specification. It enables nfs clients to mount using 'authentication' kerberos security mode. type: boolean - kerberos5ReadWrite: + nfsv4: + type: boolean + description: NFS V4 protocol. + kerberos5pReadOnly: + type: boolean description: >- - If enabled (true) the rule defines read and write access for clients + If enabled (true) the rule defines a read only access for clients matching the 'allowedClients' specification. It enables nfs clients - to mount using 'authentication' kerberos security mode. The - 'kerberos5ReadOnly' value be ignored if this is enabled. - type: boolean + to mount using 'privacy' kerberos security mode. kerberos5iReadOnly: description: >- If enabled (true) the rule defines a read only access for clients matching the 'allowedClients' specification. It enables nfs clients to mount using 'integrity' kerberos security mode. type: boolean - kerberos5iReadWrite: - description: >- - If enabled (true) the rule defines read and write access for clients - matching the 'allowedClients' specification. It enables nfs clients - to mount using 'integrity' kerberos security mode. The - 'kerberos5iReadOnly' value be ignored if this is enabled. - type: boolean - kerberos5pReadOnly: + hasRootAccess: + type: string + description: Whether Unix root access will be granted. + anonUid: + format: int64 description: >- - If enabled (true) the rule defines a read only access for clients - matching the 'allowedClients' specification. It enables nfs clients - to mount using 'privacy' kerberos security mode. + Optional. An integer representing the anonymous user ID. Range is 0 + to 4294967295. Required when squash_mode is ROOT_SQUASH or + ALL_SQUASH. + type: string + squashMode: + type: string + enumDescriptions: + - Defaults to NO_ROOT_SQUASH. + - >- + The root user (UID 0) retains full access. Other users are + unaffected. + - >- + The root user (UID 0) is squashed to anonymous user ID. Other + users are unaffected. + - All users are squashed to anonymous user ID. + description: >- + Optional. Defines how user identity squashing is applied for this + export rule. This field is the preferred way to configure squashing + behavior and takes precedence over `has_root_access` if both are + provided. + enum: + - SQUASH_MODE_UNSPECIFIED + - NO_ROOT_SQUASH + - ROOT_SQUASH + - ALL_SQUASH + allowedClients: + description: Comma separated list of allowed clients IP addresses + type: string + kerberos5ReadWrite: type: boolean - kerberos5pReadWrite: description: >- If enabled (true) the rule defines read and write access for clients matching the 'allowedClients' specification. It enables nfs clients - to mount using 'privacy' kerberos security mode. The - 'kerberos5pReadOnly' value be ignored if this is enabled. - type: boolean - MountOption: - id: MountOption - description: View only mount options for a volume. + to mount using 'authentication' kerberos security mode. The + 'kerberos5ReadOnly' value be ignored if this is enabled. + description: An export policy rule describing various export options. + GoogleProtobufEmpty: + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: GoogleProtobufEmpty + properties: {} + type: object + VerifyKmsConfigRequest: + description: VerifyKmsConfigRequest specifies the KMS config to be validated. + properties: {} + type: object + id: VerifyKmsConfigRequest + ListBackupPoliciesResponse: type: object properties: - export: - description: Export string + backupPolicies: + type: array + description: The list of backup policies. + items: + $ref: '#/components/schemas/BackupPolicy' + unreachable: + description: Locations that could not be reached. + type: array + items: + type: string + nextPageToken: + description: A token identifying a page of results the server should return. type: string - exportFull: - description: Full export string + description: ListBackupPoliciesResponse contains all the backup policies requested. + id: ListBackupPoliciesResponse + ListActiveDirectoriesResponse: + properties: + unreachable: + description: Locations that could not be reached. + type: array + items: + type: string + nextPageToken: type: string - protocol: - description: Protocol to mount with. + description: A token identifying a page of results the server should return. + activeDirectories: + description: The list of active directories. + type: array + items: + $ref: '#/components/schemas/ActiveDirectory' + description: >- + ListActiveDirectoriesResponse contains all the active directories + requested. + type: object + id: ListActiveDirectoriesResponse + SwitchActiveReplicaZoneRequest: + id: SwitchActiveReplicaZoneRequest + description: >- + SwitchActiveReplicaZoneRequest switch the active/replica zone for a + regional storagePool. + type: object + properties: {} + QuotaRule: + id: QuotaRule + description: >- + QuotaRule specifies the maximum disk space a user or group can use + within a volume. They can be used for creating default and individual + quota rules. + properties: + createTime: type: string + readOnly: true + description: Output only. Create time of the quota rule + format: google-datetime + labels: + description: Optional. Labels of the quota rule + type: object + additionalProperties: + type: string + state: + readOnly: true enumDescriptions: - - Unspecified protocol - - NFS V3 protocol - - NFS V4 protocol - - SMB protocol + - Unspecified state for quota rule + - Quota rule is creating + - Quota rule is updating + - Quota rule is deleting + - Quota rule is ready + - Quota rule is in error state. + description: Output only. State of the quota rule + type: string enum: - - PROTOCOLS_UNSPECIFIED - - NFSV3 - - NFSV4 - - SMB - instructions: - description: Instructions for mounting + - STATE_UNSPECIFIED + - CREATING + - UPDATING + - DELETING + - READY + - ERROR + description: + description: Optional. Description of the quota rule type: string - ipAddress: - description: Output only. IP Address. + target: + type: string + description: >- + Optional. The quota rule applies to the specified user or group, + identified by a Unix UID/GID, Windows SID, or null for default. + name: + description: >- + Identifier. The resource name of the quota rule. Format: + `projects/{project_number}/locations/{location_id}/volumes/volumes/{volume_id}/quotaRules/{quota_rule_id}`. + type: string + diskLimitMib: + format: int32 + description: Required. The maximum allowed disk space in MiB. + type: integer + type: + type: string + description: Required. The type of quota rule. + enum: + - TYPE_UNSPECIFIED + - INDIVIDUAL_USER_QUOTA + - INDIVIDUAL_GROUP_QUOTA + - DEFAULT_USER_QUOTA + - DEFAULT_GROUP_QUOTA + enumDescriptions: + - Unspecified type for quota rule + - Individual user quota rule + - Individual group quota rule + - Default user quota rule + - Default group quota rule + stateDetails: + description: Output only. State details of the quota rule readOnly: true type: string - SnapshotPolicy: - id: SnapshotPolicy - description: Snapshot Policy for a volume. type: object + ListLocationsResponse: + type: object + description: The response message for Locations.ListLocations. + properties: + nextPageToken: + description: The standard List next-page token. + type: string + locations: + items: + $ref: '#/components/schemas/Location' + description: >- + A list of locations that matches the specified filter in the + request. + type: array + id: ListLocationsResponse + LocationMetadata: + id: LocationMetadata + type: object + description: Metadata for a given google.cloud.location.Location. + properties: + supportedServiceLevels: + readOnly: true + type: array + items: + type: string + enumDescriptions: + - Unspecified service level. + - Premium service level. + - Extreme service level. + - Standard service level. + - Flex service level. + enum: + - SERVICE_LEVEL_UNSPECIFIED + - PREMIUM + - EXTREME + - STANDARD + - FLEX + description: Output only. Supported service levels in a location. + supportedFlexPerformance: + description: Output only. Supported flex performance in a location. + items: + enum: + - FLEX_PERFORMANCE_UNSPECIFIED + - FLEX_PERFORMANCE_DEFAULT + - FLEX_PERFORMANCE_CUSTOM + enumDescriptions: + - Unspecified flex performance. + - Flex Storage Pool with default performance. + - Flex Storage Pool with custom performance. + type: string + type: array + readOnly: true + hasVcp: + type: boolean + description: Output only. Indicates if the location has VCP support. + readOnly: true + ListVolumesResponse: + id: ListVolumesResponse + description: Message for response to listing Volumes + properties: + volumes: + type: array + description: The list of Volume + items: + $ref: '#/components/schemas/Volume' + nextPageToken: + description: A token identifying a page of results the server should return. + type: string + unreachable: + type: array + description: Locations that could not be reached. + items: + type: string + type: object + Operation: + id: Operation + description: >- + This resource represents a long-running operation that is the result of + a network API call. properties: - enabled: + done: description: >- - If enabled, make snapshots automatically according to the schedules. - Default is false. + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. type: boolean - hourlySchedule: - description: Hourly schedule policy. - $ref: '#/components/schemas/HourlySchedule' - dailySchedule: - description: Daily schedule policy. - $ref: '#/components/schemas/DailySchedule' - weeklySchedule: - description: Weekly schedule policy. - $ref: '#/components/schemas/WeeklySchedule' - monthlySchedule: - description: Monthly schedule policy. - $ref: '#/components/schemas/MonthlySchedule' - HourlySchedule: - id: HourlySchedule - description: Make a snapshot every hour e.g. at 04:00, 05:00, 06:00. - type: object - properties: - snapshotsToKeep: - description: The maximum number of Snapshots to keep for the hourly schedule - type: number - format: double - minute: + metadata: description: >- - Set the minute of the hour to start the snapshot (0-59), defaults to - the top of the hour (0). - type: number - format: double - DailySchedule: - id: DailySchedule - description: Make a snapshot every day e.g. at 04:00, 05:20, 23:50 - type: object - properties: - snapshotsToKeep: - description: The maximum number of Snapshots to keep for the hourly schedule - type: number - format: double - minute: + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + error: description: >- - Set the minute of the hour to start the snapshot (0-59), defaults to - the top of the hour (0). - type: number - format: double - hour: - description: Set the hour to start the snapshot (0-23), defaults to midnight (0). - type: number - format: double + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string + response: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + type: object WeeklySchedule: - id: WeeklySchedule description: >- Make a snapshot every week e.g. at Monday 04:00, Wednesday 05:20, Sunday 23:50 - type: object properties: - snapshotsToKeep: - description: The maximum number of Snapshots to keep for the hourly schedule - type: number - format: double - minute: - description: >- - Set the minute of the hour to start the snapshot (0-59), defaults to - the top of the hour (0). - type: number - format: double hour: description: Set the hour to start the snapshot (0-23), defaults to midnight (0). type: number @@ -860,84 +1235,194 @@ components: Set the day or days of the week to make a snapshot. Accepts a comma separated days of the week. Defaults to 'Sunday'. type: string - MonthlySchedule: - id: MonthlySchedule - description: Make a snapshot once a month e.g. at 2nd 04:00, 7th 05:20, 24th 23:50 - type: object - properties: snapshotsToKeep: - description: The maximum number of Snapshots to keep for the hourly schedule type: number format: double + description: The maximum number of Snapshots to keep for the hourly schedule minute: + type: number description: >- Set the minute of the hour to start the snapshot (0-59), defaults to the top of the hour (0). - type: number format: double + type: object + id: WeeklySchedule + DailySchedule: + type: object + properties: hour: + format: double description: Set the hour to start the snapshot (0-23), defaults to midnight (0). type: number + minute: format: double - daysOfMonth: description: >- - Set the day or days of the month to make a snapshot (1-31). Accepts - a comma separated number of days. Defaults to '1'. + Set the minute of the hour to start the snapshot (0-59), defaults to + the top of the hour (0). + type: number + snapshotsToKeep: + type: number + description: The maximum number of Snapshots to keep for the hourly schedule + format: double + id: DailySchedule + description: Make a snapshot every day e.g. at 04:00, 05:20, 23:50 + ListBackupVaultsResponse: + type: object + id: ListBackupVaultsResponse + properties: + unreachable: + items: + type: string + type: array + description: Locations that could not be reached. + nextPageToken: type: string + description: >- + The token you can use to retrieve the next page of results. Not + returned if there are no more results in the list. + backupVaults: + items: + $ref: '#/components/schemas/BackupVault' + type: array + description: A list of backupVaults in the project for the specified location. + description: ListBackupVaultsResponse is the result of ListBackupVaultsRequest. RestoreParameters: - id: RestoreParameters description: The RestoreParameters if volume is created from a snapshot or backup. type: object properties: + sourceBackup: + description: >- + Full name of the backup resource. Format: + projects/{project}/locations/{location}/backupVaults/{backup_vault_id}/backups/{backup_id} + type: string sourceSnapshot: + type: string description: >- Full name of the snapshot resource. Format: projects/{project}/locations/{location}/volumes/{volume}/snapshots/{snapshot} + id: RestoreParameters + CacheParameters: + properties: + peerSvmName: + description: Required. Name of the origin volume's SVM. type: string - sourceBackup: + peerIpAddresses: description: >- - Full name of the backup resource. Format: - projects/{project}/locations/{location}/backupVaults/{backup_vault_id}/backups/{backup_id} + Required. List of IC LIF addresses of the origin volume's ONTAP + cluster. + items: + type: string + type: array + enableGlobalFileLock: + description: >- + Optional. Field indicating whether cache volume as global file lock + enabled. + type: boolean + cacheConfig: + description: Optional. Configuration of the cache volume. + $ref: '#/components/schemas/CacheConfig' + peerClusterName: + description: Required. Name of the origin volume's ONTAP cluster. type: string - BackupConfig: - id: BackupConfig - description: BackupConfig contains backup related config on a volume. + peerVolumeName: + description: Required. Name of the origin volume for the cache volume. + type: string + command: + readOnly: true + description: >- + Output only. Copy-paste-able commands to be used on user's ONTAP to + accept peering requests. + type: string + peeringCommandExpiryTime: + format: google-datetime + type: string + description: >- + Optional. Expiration time for the peering command to be executed on + user's ONTAP. + passphrase: + readOnly: true + type: string + description: >- + Output only. Temporary passphrase generated to accept cluster + peering command. + cacheState: + type: string + enumDescriptions: + - Default unspecified state. + - State indicating waiting for cluster peering to be established. + - State indicating waiting for SVM peering to be established. + - >- + State indicating successful establishment of peering with origin + volumes's ONTAP cluster. + - >- + Terminal state wherein peering with origin volume's ONTAP cluster + has failed. + readOnly: true + enum: + - CACHE_STATE_UNSPECIFIED + - PENDING_CLUSTER_PEERING + - PENDING_SVM_PEERING + - PEERED + - ERROR + description: >- + Output only. State of the cache volume indicating the peering + status. + stateDetails: + readOnly: true + description: Output only. Detailed description of the current cache state. + type: string + id: CacheParameters + type: object + description: Cache Parameters for the volume. + HybridPeeringDetails: type: object + id: HybridPeeringDetails + description: HybridPeeringDetails contains details about the hybrid peering. properties: - backupPolicies: + peerSvmName: description: >- - Optional. When specified, schedule backups will be created based on - the policy configuration. - type: array - items: - type: string - backupVault: + Output only. Name of the user's local source vserver svm to be + peered with the destination vserver svm. + readOnly: true + type: string + subnetIp: + readOnly: true + type: string + description: Output only. IP address of the subnet. + passphrase: + type: string + readOnly: true description: >- - Optional. Name of backup vault. Format: - projects/{project_id}/locations/{location}/backupVaults/{backup_vault_id} + Output only. Temporary passphrase generated to accept cluster + peering command. + command: type: string - scheduledBackupEnabled: + readOnly: true description: >- - Optional. When set to true, scheduled backup is enabled on the - volume. This field should be nil when there's no backup policy - attached. - type: boolean - backupChainBytes: + Output only. Copy-paste-able commands to be used on user's ONTAP to + accept peering requests. + peerVolumeName: description: >- - Output only. Total size of all backups in a chain in bytes = - baseline backup size + sum(incremental backup size). + Output only. Name of the user's local source volume to be peered + with the destination volume. + type: string + readOnly: true + commandExpiryTime: + format: google-datetime + description: >- + Output only. Expiration time for the peering command to be executed + on user's ONTAP. + type: string readOnly: true + peerClusterName: + description: >- + Output only. Name of the user's local source cluster to be peered + with the destination cluster. type: string - format: int64 + readOnly: true TieringPolicy: - id: TieringPolicy - description: Defines tiering policy for the volume. - type: object properties: tierAction: - description: >- - Optional. Flag indicating if the volume has tiering policy - enable/pause. Default is PAUSED. type: string enumDescriptions: - Unspecified. @@ -945,147 +1430,53 @@ components: - >- When paused, tiering won't be performed on new data. Existing data stays tiered until accessed. + description: >- + Optional. Flag indicating if the volume has tiering policy + enable/pause. Default is PAUSED. enum: - TIER_ACTION_UNSPECIFIED - ENABLED - PAUSED - coolingThresholdDays: - description: >- - Optional. Time in days to mark the volume's data block as cold and - make it eligible for tiering, can be range from 2-183. Default is - 31. - type: integer - format: int32 hotTierBypassModeEnabled: description: >- Optional. Flag indicating that the hot tier bypass mode is enabled. Default is false. This is only applicable to Flex service level. type: boolean - HybridReplicationParameters: - id: HybridReplicationParameters - description: The Hybrid Replication parameters for the volume. - type: object - properties: - replication: - description: Required. Desired name for the replication of this volume. - type: string - peerVolumeName: - description: >- - Required. Name of the user's local source volume to be peered with - the destination volume. - type: string - peerClusterName: - description: >- - Required. Name of the user's local source cluster to be peered with - the destination cluster. - type: string - peerSvmName: - description: >- - Required. Name of the user's local source vserver svm to be peered - with the destination vserver svm. - type: string - peerIpAddresses: - description: Required. List of node ip addresses to be peered with. - type: array - items: - type: string - clusterLocation: - description: >- - Optional. Name of source cluster location associated with the Hybrid - replication. This is a free-form field for the display purpose only. - type: string - description: - description: Optional. Description of the replication. - type: string - labels: - description: >- - Optional. Labels to be added to the replication as the key value - pairs. - type: object - additionalProperties: - type: string - replicationSchedule: - description: Optional. Replication Schedule for the replication created. - type: string - enumDescriptions: - - Unspecified HybridReplicationSchedule - - Replication happens once every 10 minutes. - - Replication happens once every hour. - - Replication happens once every day. - enum: - - HYBRID_REPLICATION_SCHEDULE_UNSPECIFIED - - EVERY_10_MINUTES - - HOURLY - - DAILY - hybridReplicationType: - description: Optional. Type of the hybrid replication. - type: string - enumDescriptions: - - Unspecified hybrid replication type. - - Hybrid replication type for migration. - - Hybrid replication type for continuous replication. - - >- - New field for reversible OnPrem replication, to be used for data - protection. - - >- - New field for reversible OnPrem replication, to be used for data - protection. - enum: - - VOLUME_HYBRID_REPLICATION_TYPE_UNSPECIFIED - - MIGRATION - - CONTINUOUS_REPLICATION - - ONPREM_REPLICATION - - REVERSE_ONPREM_REPLICATION - largeVolumeConstituentCount: - description: Optional. Constituent volume count for large volume. + coolingThresholdDays: type: integer format: int32 - RevertVolumeRequest: - id: RevertVolumeRequest - description: RevertVolumeRequest reverts the given volume to the specified snapshot. - type: object - properties: - snapshotId: description: >- - Required. The snapshot resource ID, in the format 'my-snapshot', - where the specified ID is the {snapshot_id} of the fully qualified - name like - projects/{project_id}/locations/{location_id}/volumes/{volume_id}/snapshots/{snapshot_id} - type: string - ListSnapshotsResponse: - id: ListSnapshotsResponse - description: ListSnapshotsResponse is the result of ListSnapshotsRequest. + Optional. Time in days to mark the volume's data block as cold and + make it eligible for tiering, can be range from 2-183. Default is + 31. + description: Defines tiering policy for the volume. + id: TieringPolicy type: object - properties: - snapshots: - description: A list of snapshots in the project for the specified volume. - type: array - items: - $ref: '#/components/schemas/Snapshot' - nextPageToken: - description: >- - The token you can use to retrieve the next page of results. Not - returned if there are no more results in the list. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string Snapshot: - id: Snapshot description: Snapshot is a point-in-time version of a Volume's content. - type: object + id: Snapshot properties: name: + type: string description: >- Identifier. The resource name of the snapshot. Format: `projects/{project_id}/locations/{location}/volumes/{volume_id}/snapshots/{snapshot_id}`. + createTime: + description: Output only. The time when the snapshot was created. type: string - state: - description: Output only. The snapshot state. readOnly: true + format: google-datetime + usedBytes: + format: double + readOnly: true + type: number + description: Output only. Current storage usage for the snapshot in bytes. + stateDetails: type: string + readOnly: true + description: Output only. State details of the storage pool + state: + readOnly: true enumDescriptions: - Unspecified Snapshot State - Snapshot State is Ready @@ -1094,212 +1485,134 @@ components: - Snapshot State is Updating - Snapshot State is Disabled - Snapshot State is Error - enum: - - STATE_UNSPECIFIED - - READY - - CREATING - - DELETING - - UPDATING - - DISABLED - - ERROR - stateDetails: - description: Output only. State details of the storage pool - readOnly: true - type: string - description: - description: >- - A description of the snapshot with 2048 characters or less. Requests - with longer descriptions will be rejected. - type: string - usedBytes: - description: Output only. Current storage usage for the snapshot in bytes. - readOnly: true - type: number - format: double - createTime: - description: Output only. The time when the snapshot was created. - readOnly: true - type: string - format: google-datetime - labels: - description: Resource labels to represent user provided metadata. - type: object - additionalProperties: - type: string - ListActiveDirectoriesResponse: - id: ListActiveDirectoriesResponse - description: >- - ListActiveDirectoriesResponse contains all the active directories - requested. - type: object - properties: - activeDirectories: - description: The list of active directories. - type: array - items: - $ref: '#/components/schemas/ActiveDirectory' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - ActiveDirectory: - id: ActiveDirectory - description: >- - ActiveDirectory is the public representation of the active directory - config. - type: object - properties: - name: - description: >- - Identifier. The resource name of the active directory. Format: - `projects/{project_number}/locations/{location_id}/activeDirectories/{active_directory_id}`. - type: string - createTime: - description: Output only. Create time of the active directory. - readOnly: true - type: string - format: google-datetime - state: - description: Output only. The state of the AD. - readOnly: true - type: string - enumDescriptions: - - Unspecified Active Directory State - - Active Directory State is Creating - - Active Directory State is Ready - - Active Directory State is Updating - - Active Directory State is In use - - Active Directory State is Deleting - - Active Directory State is Error - - Active Directory State is Diagnosing. - enum: - - STATE_UNSPECIFIED - - CREATING - - READY - - UPDATING - - IN_USE - - DELETING - - ERROR - - DIAGNOSING - domain: - description: Required. Name of the Active Directory domain - type: string - site: - description: >- - The Active Directory site the service will limit Domain Controller - discovery too. + description: Output only. The snapshot state. type: string - dns: + enum: + - STATE_UNSPECIFIED + - READY + - CREATING + - DELETING + - UPDATING + - DISABLED + - ERROR + description: description: >- - Required. Comma separated list of DNS server IP addresses for the - Active Directory domain. + A description of the snapshot with 2048 characters or less. Requests + with longer descriptions will be rejected. type: string - netBiosPrefix: - description: Required. NetBIOSPrefix is used as a prefix for SMB server name. + labels: + description: Resource labels to represent user provided metadata. + type: object + additionalProperties: + type: string + type: object + BlockDevice: + description: >- + Block device represents the device(s) which are stored in the block + volume. + properties: + osType: type: string - organizationalUnit: + enumDescriptions: + - Unspecified OS Type + - OS Type is Linux + - OS Type is Windows + - OS Type is VMware ESXi description: >- - The Organizational Unit (OU) within the Windows Active Directory the - user belongs to. - type: string - aesEncryption: - description: If enabled, AES encryption will be enabled for SMB communication. - type: boolean - username: - description: Required. Username of the Active Directory domain administrator. - type: string - password: - description: Required. Password of the Active Directory domain administrator. + Required. Immutable. The OS type of the volume. This field can't be + changed after the block device is created. + enum: + - OS_TYPE_UNSPECIFIED + - LINUX + - WINDOWS + - ESXI + identifier: + readOnly: true type: string - backupOperators: description: >- - Optional. Users to be added to the Built-in Backup Operator active - directory group. - type: array - items: - type: string - administrators: - description: Optional. Users to be added to the Built-in Admininstrators group. - type: array + Output only. Device identifier of the Block volume. This represents + lun_serial_number for iSCSI volumes + hostGroups: items: type: string - securityOperators: - description: Optional. Domain users to be given the SeSecurityPrivilege. type: array - items: - type: string - kdcHostname: description: >- - Name of the active directory machine. This optional parameter is - used only while creating kerberos volume - type: string - kdcIp: - description: KDC server IP address for the active directory machine. - type: string - nfsUsersWithLdap: + Optional. A list of host groups that identify hosts that can mount + the block volume. Format: + `projects/{project_id}/locations/{location}/hostGroups/{host_group_id}` + This field can be updated after the block device is created. + name: description: >- - If enabled, will allow access to local users and LDAP users. If - access is needed for only LDAP users, it has to be disabled. - type: boolean - description: - description: Description of the active directory. + Optional. User-defined name for the block device, unique within the + Volume. In case no user input is provided, name will be + autogenerated in the backend. The name must meet the following + requirements: * Be between 1 and 255 characters long. * Contain only + uppercase or lowercase letters (A-Z, a-z), numbers (0-9), and the + following special characters: "-", "_", "}", "{", ".". * Spaces are + not allowed. type: string - ldapSigning: - description: Specifies whether or not the LDAP traffic needs to be signed. - type: boolean - encryptDcConnections: + sizeGib: description: >- - If enabled, traffic between the SMB server to Domain Controller (DC) - will be encrypted. - type: boolean - labels: - description: Labels for the active directory. - type: object - additionalProperties: - type: string - stateDetails: - description: Output only. The state details of the Active Directory. - readOnly: true + Optional. The size of the block device in GiB. Any value provided in + this field during Volume creation is IGNORED. The block device's + size is system-managed and will be set to match the parent Volume's + `capacity_gib`. type: string - ListKmsConfigsResponse: - id: ListKmsConfigsResponse - description: ListKmsConfigsResponse is the response to a ListKmsConfigsRequest. + format: int64 + id: BlockDevice type: object - properties: - kmsConfigs: - description: The list of KmsConfigs - type: array - items: - $ref: '#/components/schemas/KmsConfig' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string KmsConfig: id: KmsConfig - description: KmsConfig is the customer managed encryption key(CMEK) configuration. type: object + description: KmsConfig is the customer managed encryption key(CMEK) configuration. properties: + stateDetails: + description: Output only. State details of the KmsConfig. + readOnly: true + type: string + description: + description: Description of the KmsConfig. + type: string + labels: + additionalProperties: + type: string + description: Labels as key value pairs + type: object + instructions: + description: >- + Output only. Instructions to provide the access to the customer + provided encryption key. + readOnly: true + type: string name: description: Identifier. Name of the KmsConfig. type: string + serviceAccount: + description: >- + Output only. The Service account which will have access to the + customer provided encryption key. + readOnly: true + type: string cryptoKeyName: + type: string description: >- Required. Customer managed crypto key resource full name. Format: - projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{key}. - type: string + projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. state: - description: Output only. State of the KmsConfig. + enum: + - STATE_UNSPECIFIED + - READY + - CREATING + - DELETING + - UPDATING + - IN_USE + - ERROR + - KEY_CHECK_PENDING + - KEY_NOT_REACHABLE + - DISABLING + - DISABLED + - MIGRATING readOnly: true - type: string enumDescriptions: - Unspecified KmsConfig State - KmsConfig State is Ready @@ -1317,119 +1630,53 @@ components: - >- KmsConfig State is Migrating. The existing volumes are migrating from SMEK to CMEK. - enum: - - STATE_UNSPECIFIED - - READY - - CREATING - - DELETING - - UPDATING - - IN_USE - - ERROR - - KEY_CHECK_PENDING - - KEY_NOT_REACHABLE - - DISABLING - - DISABLED - - MIGRATING - stateDetails: - description: Output only. State details of the KmsConfig. - readOnly: true + description: Output only. State of the KmsConfig. type: string createTime: - description: Output only. Create time of the KmsConfig. readOnly: true + description: Output only. Create time of the KmsConfig. type: string format: google-datetime - description: - description: Description of the KmsConfig. - type: string - labels: - description: Labels as key value pairs - type: object - additionalProperties: - type: string - instructions: - description: >- - Output only. Instructions to provide the access to the customer - provided encryption key. - readOnly: true - type: string - serviceAccount: - description: >- - Output only. The Service account which will have access to the - customer provided encryption key. - readOnly: true - type: string - EncryptVolumesRequest: - id: EncryptVolumesRequest - description: >- - EncryptVolumesRequest specifies the KMS config to encrypt existing - volumes. - type: object - properties: {} - VerifyKmsConfigRequest: - id: VerifyKmsConfigRequest - description: VerifyKmsConfigRequest specifies the KMS config to be validated. - type: object - properties: {} - VerifyKmsConfigResponse: - id: VerifyKmsConfigResponse - description: >- - VerifyKmsConfigResponse contains the information if the config is - correctly and error message. + MonthlySchedule: + description: Make a snapshot once a month e.g. at 2nd 04:00, 7th 05:20, 24th 23:50 type: object properties: - healthy: - description: >- - Output only. If the customer key configured correctly to the encrypt - volume. - readOnly: true - type: boolean - healthError: - description: Output only. Error message if config is not healthy. - readOnly: true - type: string - instructions: + hour: + format: double + type: number + description: Set the hour to start the snapshot (0-23), defaults to midnight (0). + snapshotsToKeep: + type: number + format: double + description: The maximum number of Snapshots to keep for the hourly schedule + minute: description: >- - Output only. Instructions for the customers to provide the access to - the encryption key. - readOnly: true - type: string - ListReplicationsResponse: - id: ListReplicationsResponse - description: ListReplicationsResponse is the result of ListReplicationsRequest. - type: object - properties: - replications: - description: A list of replications in the project for the specified volume. - type: array - items: - $ref: '#/components/schemas/Replication' - nextPageToken: + Set the minute of the hour to start the snapshot (0-59), defaults to + the top of the hour (0). + format: double + type: number + daysOfMonth: description: >- - The token you can use to retrieve the next page of results. Not - returned if there are no more results in the list. + Set the day or days of the month to make a snapshot (1-31). Accepts + a comma separated number of days. Defaults to '1'. type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - Replication: - id: Replication - description: >- - Replication is a nested resource under Volume, that describes a - cross-region replication relationship between 2 volumes in different - regions. + id: MonthlySchedule + Replication: type: object properties: - name: - description: >- - Identifier. The resource name of the Replication. Format: - `projects/{project_id}/locations/{location}/volumes/{volume_id}/replications/{replication_id}`. - type: string state: + enum: + - STATE_UNSPECIFIED + - CREATING + - READY + - UPDATING + - DELETING + - ERROR + - PENDING_CLUSTER_PEERING + - PENDING_SVM_PEERING + - PENDING_REMOTE_RESYNC + - EXTERNALLY_MANAGED_REPLICATION description: Output only. State of the replication. - readOnly: true type: string enumDescriptions: - Unspecified replication State @@ -1446,50 +1693,128 @@ components: - >- Onprem ONTAP is destination and Replication can only be managed from Onprem. - enum: - - STATE_UNSPECIFIED - - CREATING - - READY - - UPDATING - - DELETING - - ERROR - - PENDING_CLUSTER_PEERING - - PENDING_SVM_PEERING - - PENDING_REMOTE_RESYNC - - EXTERNALLY_MANAGED_REPLICATION - stateDetails: - description: Output only. State details of the replication. readOnly: true + name: type: string - role: - description: Output only. Indicates whether this points to source or destination. + description: >- + Identifier. The resource name of the Replication. Format: + `projects/{project_id}/locations/{location}/volumes/{volume_id}/replications/{replication_id}`. + sourceVolume: + description: >- + Output only. Full name of source volume resource. Example : + "projects/{project}/locations/{location}/volumes/{volume_id}" readOnly: true type: string - enumDescriptions: - - Unspecified replication role - - Indicates Source volume. - - Indicates Destination volume. - enum: - - REPLICATION_ROLE_UNSPECIFIED - - SOURCE - - DESTINATION + hybridReplicationUserCommands: + description: >- + Output only. Copy pastable snapmirror commands to be executed on + onprem cluster by the customer. + readOnly: true + $ref: '#/components/schemas/UserCommands' + labels: + additionalProperties: + type: string + description: Resource labels to represent user provided metadata. + type: object + transferStats: + description: Output only. Replication transfer statistics. + $ref: '#/components/schemas/TransferStats' + readOnly: true + stateDetails: + readOnly: true + type: string + description: Output only. State details of the replication. replicationSchedule: description: Required. Indicates the schedule for replication. - type: string + enum: + - REPLICATION_SCHEDULE_UNSPECIFIED + - EVERY_10_MINUTES + - HOURLY + - DAILY enumDescriptions: - Unspecified ReplicationSchedule - Replication happens once every 10 minutes. - Replication happens once every hour. - Replication happens once every day. + type: string + destinationVolumeParameters: + $ref: '#/components/schemas/DestinationVolumeParameters' + description: Required. Input only. Destination volume parameters + healthy: + readOnly: true + type: boolean + description: >- + Output only. Condition of the relationship. Can be one of the + following: - true: The replication relationship is healthy. It has + not missed the most recent scheduled transfer. - false: The + replication relationship is not healthy. It has missed the most + recent scheduled transfer. + clusterLocation: + description: Optional. Location of the user cluster. + type: string + hybridReplicationType: + type: string + enumDescriptions: + - Unspecified hybrid replication type. + - Hybrid replication type for migration. + - Hybrid replication type for continuous replication. + - >- + New field for reversible OnPrem replication, to be used for data + protection. + - >- + Hybrid replication type for incremental Transfer in the reverse + direction (GCNV is source and Onprem is destination) + description: Output only. Type of the hybrid replication. + readOnly: true enum: - - REPLICATION_SCHEDULE_UNSPECIFIED - - EVERY_10_MINUTES - - HOURLY - - DAILY - mirrorState: - description: Output only. Indicates the state of mirroring. + - HYBRID_REPLICATION_TYPE_UNSPECIFIED + - MIGRATION + - CONTINUOUS_REPLICATION + - ONPREM_REPLICATION + - REVERSE_ONPREM_REPLICATION + destinationVolume: + description: >- + Output only. Full name of destination volume resource. Example : + "projects/{project}/locations/{location}/volumes/{volume_id}" + type: string + readOnly: true + hybridPeeringDetails: + readOnly: true + $ref: '#/components/schemas/HybridPeeringDetails' + description: Output only. Hybrid peering details. + description: + description: A description about this replication relationship. + type: string + role: + description: Output only. Indicates whether this points to source or destination. + type: string + readOnly: true + enum: + - REPLICATION_ROLE_UNSPECIFIED + - SOURCE + - DESTINATION + enumDescriptions: + - Unspecified replication role + - Indicates Source volume. + - Indicates Destination volume. + createTime: readOnly: true + description: Output only. Replication create time. + format: google-datetime type: string + mirrorState: + readOnly: true + enum: + - MIRROR_STATE_UNSPECIFIED + - PREPARING + - MIRRORED + - STOPPED + - TRANSFERRING + - BASELINE_TRANSFERRING + - ABORTED + - EXTERNALLY_MANAGED + - PENDING_PEERING + description: Output only. Indicates the state of mirroring. enumDescriptions: - Unspecified MirrorState - Destination volume is being prepared. @@ -1502,753 +1827,779 @@ components: - Replication is aborted. - Replication is being managed from Onprem ONTAP. - Peering is yet to be established. - enum: - - MIRROR_STATE_UNSPECIFIED - - PREPARING - - MIRRORED - - STOPPED - - TRANSFERRING - - BASELINE_TRANSFERRING - - ABORTED - - EXTERNALLY_MANAGED - - PENDING_PEERING - healthy: + type: string + description: >- + Replication is a nested resource under Volume, that describes a + cross-region replication relationship between 2 volumes in different + regions. + id: Replication + ActiveDirectory: + type: object + description: >- + ActiveDirectory is the public representation of the active directory + config. + id: ActiveDirectory + properties: + nfsUsersWithLdap: + type: boolean description: >- - Output only. Condition of the relationship. Can be one of the - following: - true: The replication relationship is healthy. It has - not missed the most recent scheduled transfer. - false: The - replication relationship is not healthy. It has missed the most - recent scheduled transfer. - readOnly: true + If enabled, will allow access to local users and LDAP users. If + access is needed for only LDAP users, it has to be disabled. + backupOperators: + items: + type: string + type: array + description: >- + Optional. Users to be added to the Built-in Backup Operator active + directory group. + username: + description: Required. Username of the Active Directory domain administrator. + type: string + encryptDcConnections: + type: boolean + description: >- + If enabled, traffic between the SMB server to Domain Controller (DC) + will be encrypted. + aesEncryption: type: boolean + description: If enabled, AES encryption will be enabled for SMB communication. + domain: + description: Required. Name of the Active Directory domain + type: string + password: + type: string + description: Required. Password of the Active Directory domain administrator. + kdcIp: + description: KDC server IP address for the active directory machine. + type: string createTime: - description: Output only. Replication create time. - readOnly: true type: string + description: Output only. Create time of the active directory. + readOnly: true format: google-datetime - destinationVolume: + organizationalUnit: + type: string description: >- - Output only. Full name of destination volume resource. Example : - "projects/{project}/locations/{location}/volumes/{volume_id}" - readOnly: true + The Organizational Unit (OU) within the Windows Active Directory the + user belongs to. + administrators: + items: + type: string + type: array + description: Optional. Users to be added to the Built-in Admininstrators group. + description: + description: Description of the active directory. type: string - transferStats: - description: Output only. Replication transfer statistics. - readOnly: true - $ref: '#/components/schemas/TransferStats' labels: - description: Resource labels to represent user provided metadata. type: object additionalProperties: type: string - description: - description: A description about this replication relationship. + description: Labels for the active directory. + name: type: string - destinationVolumeParameters: - description: Required. Input only. Destination volume parameters - $ref: '#/components/schemas/DestinationVolumeParameters' - sourceVolume: description: >- - Output only. Full name of source volume resource. Example : - "projects/{project}/locations/{location}/volumes/{volume_id}" - readOnly: true + Identifier. The resource name of the active directory. Format: + `projects/{project_number}/locations/{location_id}/activeDirectories/{active_directory_id}`. + netBiosPrefix: + description: Required. NetBIOSPrefix is used as a prefix for SMB server name. type: string - hybridPeeringDetails: - description: Output only. Hybrid peering details. + stateDetails: readOnly: true - $ref: '#/components/schemas/HybridPeeringDetails' - clusterLocation: - description: Optional. Location of the user cluster. + description: Output only. The state details of the Active Directory. type: string - hybridReplicationType: - description: Output only. Type of the hybrid replication. + state: + enumDescriptions: + - Unspecified Active Directory State + - Active Directory State is Creating + - Active Directory State is Ready + - Active Directory State is Updating + - Active Directory State is In use + - Active Directory State is Deleting + - Active Directory State is Error + - Active Directory State is Diagnosing. + description: Output only. The state of the AD. readOnly: true type: string - enumDescriptions: - - Unspecified hybrid replication type. - - Hybrid replication type for migration. - - Hybrid replication type for continuous replication. - - >- - New field for reversible OnPrem replication, to be used for data - protection. - - >- - Hybrid replication type for incremental Transfer in the reverse - direction (GCNV is source and Onprem is destination) enum: - - HYBRID_REPLICATION_TYPE_UNSPECIFIED - - MIGRATION - - CONTINUOUS_REPLICATION - - ONPREM_REPLICATION - - REVERSE_ONPREM_REPLICATION - hybridReplicationUserCommands: - description: >- - Output only. Copy pastable snapmirror commands to be executed on - onprem cluster by the customer. - readOnly: true - $ref: '#/components/schemas/UserCommands' - TransferStats: - id: TransferStats - description: TransferStats reports all statistics related to replication transfer. - type: object - properties: - transferBytes: + - STATE_UNSPECIFIED + - CREATING + - READY + - UPDATING + - IN_USE + - DELETING + - ERROR + - DIAGNOSING + dns: description: >- - Cumulative bytes transferred so far for the replication - relationship. + Required. Comma separated list of DNS server IP addresses for the + Active Directory domain. + type: string + kdcHostname: type: string - format: int64 - totalTransferDuration: description: >- - Cumulative time taken across all transfers for the replication - relationship. + Name of the active directory machine. This optional parameter is + used only while creating kerberos volume + site: type: string - format: google-duration - lastTransferBytes: - description: Last transfer size in bytes. + description: >- + The Active Directory site the service will limit Domain Controller + discovery too. + securityOperators: + description: Optional. Domain users to be given the SeSecurityPrivilege. + items: + type: string + type: array + ldapSigning: + description: Specifies whether or not the LDAP traffic needs to be signed. + type: boolean + SyncReplicationRequest: + type: object + description: SyncReplicationRequest syncs the replication from source to destination. + id: SyncReplicationRequest + properties: {} + TransferStats: + type: object + properties: + lastTransferError: type: string - format: int64 - lastTransferDuration: - description: Time taken during last transfer. + description: A message describing the cause of the last transfer failure. + lagDuration: type: string format: google-duration - lagDuration: description: >- Lag duration indicates the duration by which Destination region volume content lags behind the primary region volume content. + totalTransferDuration: type: string + description: >- + Cumulative time taken across all transfers for the replication + relationship. format: google-duration - updateTime: - description: Time when progress was updated last. + transferBytes: type: string - format: google-datetime + format: int64 + description: >- + Cumulative bytes transferred so far for the replication + relationship. lastTransferEndTime: description: Time when last transfer completed. type: string format: google-datetime - lastTransferError: - description: A message describing the cause of the last transfer failure. - type: string - DestinationVolumeParameters: - id: DestinationVolumeParameters - description: >- - DestinationVolumeParameters specify input parameters used for creating - destination volume. - type: object - properties: - storagePool: - description: Required. Existing destination StoragePool name. - type: string - volumeId: - description: >- - Desired destination volume resource id. If not specified, source - volume's resource id will be used. This value must start with a - lowercase letter followed by up to 62 lowercase letters, numbers, or - hyphens, and cannot end with a hyphen. + lastTransferDuration: + description: Time taken during last transfer. type: string - shareName: - description: >- - Destination volume's share name. If not specified, source volume's - share name will be used. + format: google-duration + lastTransferBytes: + format: int64 type: string - description: - description: Description for the destination volume. + description: Last transfer size in bytes. + updateTime: type: string - tieringPolicy: - description: Optional. Tiering policy for the volume. - $ref: '#/components/schemas/TieringPolicy' - HybridPeeringDetails: - id: HybridPeeringDetails - description: HybridPeeringDetails contains details about the hybrid peering. + format: google-datetime + description: Time when progress was updated last. + description: TransferStats reports all statistics related to replication transfer. + id: TransferStats + BackupPolicy: type: object + description: Backup Policy. + id: BackupPolicy properties: - subnetIp: - description: Output only. IP address of the subnet. - readOnly: true - type: string - command: + name: description: >- - Output only. Copy-paste-able commands to be used on user's ONTAP to - accept peering requests. - readOnly: true + Identifier. The resource name of the backup policy. Format: + `projects/{project_id}/locations/{location}/backupPolicies/{backup_policy_id}`. type: string - commandExpiryTime: + enabled: description: >- - Output only. Expiration time for the peering command to be executed - on user's ONTAP. - readOnly: true - type: string + If enabled, make backups automatically according to the schedules. + This will be applied to all volumes that have this policy attached + and enforced on volume level. If not specified, default is true. + type: boolean + createTime: format: google-datetime - passphrase: - description: >- - Output only. Temporary passphrase generated to accept cluster - peering command. readOnly: true + description: Output only. The time when the backup policy was created. type: string - peerVolumeName: + weeklyBackupLimit: + format: int32 description: >- - Output only. Name of the user's local source volume to be peered - with the destination volume. - readOnly: true - type: string - peerClusterName: + Number of weekly backups to keep. Note that the sum of daily, weekly + and monthly backups should be greater than 1. + type: integer + dailyBackupLimit: description: >- - Output only. Name of the user's local source cluster to be peered - with the destination cluster. - readOnly: true + Number of daily backups to keep. Note that the minimum daily backup + limit is 2. + type: integer + format: int32 + description: + description: Description of the backup policy. type: string - peerSvmName: + labels: + additionalProperties: + type: string + type: object + description: Resource labels to represent user provided metadata. + monthlyBackupLimit: description: >- - Output only. Name of the user's local source vserver svm to be - peered with the destination vserver svm. - readOnly: true - type: string - UserCommands: - id: UserCommands - description: UserCommands contains the commands to be executed by the customer. - type: object - properties: - commands: - description: Output only. List of commands to be executed by the customer. + Number of monthly backups to keep. Note that the sum of daily, + weekly and monthly backups should be greater than 1. + type: integer + format: int32 + assignedVolumeCount: readOnly: true - type: array - items: - type: string - StopReplicationRequest: - id: StopReplicationRequest - description: StopReplicationRequest stops a replication until resumed. - type: object - properties: - force: + type: integer + format: int32 description: >- - Indicates whether to stop replication forcefully while data transfer - is in progress. Warning! if force is true, this will abort any - current transfers and can lead to data loss due to partial transfer. - If force is false, stop replication will fail while data transfer is - in progress and you will need to retry later. - type: boolean - ResumeReplicationRequest: - id: ResumeReplicationRequest - description: ResumeReplicationRequest resumes a stopped replication. - type: object - properties: {} - ReverseReplicationDirectionRequest: - id: ReverseReplicationDirectionRequest - description: >- - ReverseReplicationDirectionRequest reverses direction of replication. - Source becomes destination and destination becomes source. - type: object - properties: {} + Output only. The total number of volumes assigned by this backup + policy. + state: + description: Output only. The backup policy state. + enumDescriptions: + - State not set. + - BackupPolicy is being created. + - BackupPolicy is available for use. + - BackupPolicy is being deleted. + - BackupPolicy is not valid and cannot be used. + - BackupPolicy is being updated. + readOnly: true + enum: + - STATE_UNSPECIFIED + - CREATING + - READY + - DELETING + - ERROR + - UPDATING + type: string EstablishPeeringRequest: id: EstablishPeeringRequest + type: object description: >- EstablishPeeringRequest establishes cluster and svm peerings between the source and the destination replications. - type: object properties: - peerClusterName: - description: >- - Required. Name of the user's local source cluster to be peered with - the destination cluster. + peerVolumeName: type: string + description: >- + Required. Name of the user's local source volume to be peered with + the destination volume. + peerIpAddresses: + items: + type: string + type: array + description: Optional. List of IPv4 ip addresses to be used for peering. peerSvmName: description: >- Required. Name of the user's local source vserver svm to be peered with the destination vserver svm. type: string - peerIpAddresses: - description: Optional. List of IPv4 ip addresses to be used for peering. - type: array + peerClusterName: + description: >- + Required. Name of the user's local source cluster to be peered with + the destination cluster. + type: string + ListKmsConfigsResponse: + id: ListKmsConfigsResponse + description: ListKmsConfigsResponse is the response to a ListKmsConfigsRequest. + properties: + unreachable: items: type: string - peerVolumeName: - description: >- - Required. Name of the user's local source volume to be peered with - the destination volume. + type: array + description: Locations that could not be reached. + nextPageToken: type: string - SyncReplicationRequest: - id: SyncReplicationRequest - description: SyncReplicationRequest syncs the replication from source to destination. + description: A token identifying a page of results the server should return. + kmsConfigs: + type: array + description: The list of KmsConfigs + items: + $ref: '#/components/schemas/KmsConfig' type: object - properties: {} - BackupVault: - id: BackupVault - description: A NetApp BackupVault. + OperationMetadata: type: object + id: OperationMetadata + description: Represents the metadata of the long-running operation. properties: - name: - description: >- - Identifier. The resource name of the backup vault. Format: - `projects/{project_id}/locations/{location}/backupVaults/{backup_vault_id}`. - type: string - state: - description: Output only. The backup vault state. - readOnly: true - type: string - enumDescriptions: - - State not set. - - BackupVault is being created. - - BackupVault is available for use. - - BackupVault is being deleted. - - BackupVault is not valid and cannot be used. - - BackupVault is being updated. - enum: - - STATE_UNSPECIFIED - - CREATING - - READY - - DELETING - - ERROR - - UPDATING - createTime: - description: Output only. Create time of the backup vault. + endTime: readOnly: true - type: string format: google-datetime - description: - description: Description of the backup vault. - type: string - labels: - description: Resource labels to represent user provided metadata. - type: object - additionalProperties: - type: string - backupVaultType: - description: Optional. Type of backup vault to be created. Default is IN_REGION. + description: Output only. The time the operation finished running. type: string - enumDescriptions: - - BackupVault type not set. - - BackupVault type is IN_REGION. - - BackupVault type is CROSS_REGION. - enum: - - BACKUP_VAULT_TYPE_UNSPECIFIED - - IN_REGION - - CROSS_REGION - sourceRegion: + requestedCancellation: + readOnly: true + type: boolean description: >- - Output only. Region in which the backup vault is created. Format: - `projects/{project_id}/locations/{location}` + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have been canceled successfully + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. + apiVersion: + description: Output only. API version used to start the operation. readOnly: true type: string - backupRegion: - description: >- - Optional. Region where the backups are stored. Format: - `projects/{project_id}/locations/{location}` + statusMessage: type: string - sourceBackupVault: - description: >- - Output only. Name of the Backup vault created in source region. - Format: - `projects/{project_id}/locations/{location}/backupVaults/{backup_vault_id}` + readOnly: true + description: Output only. Human-readable status of the operation, if any. + createTime: readOnly: true type: string - destinationBackupVault: + description: Output only. The time the operation was created. + format: google-datetime + target: description: >- - Output only. Name of the Backup vault created in backup region. - Format: - `projects/{project_id}/locations/{location}/backupVaults/{backup_vault_id}` + Output only. Server-defined resource path for the target of the + operation. + type: string + readOnly: true + verb: + description: Output only. Name of the verb executed by the operation. readOnly: true type: string - backupRetentionPolicy: - description: Optional. Backup retention policy defining the retenton of backups. - $ref: '#/components/schemas/BackupRetentionPolicy' - BackupRetentionPolicy: - id: BackupRetentionPolicy - description: Retention policy for backups in the backup vault + ListStoragePoolsResponse: + description: ListStoragePoolsResponse is the response to a ListStoragePoolsRequest. + properties: + unreachable: + description: Locations that could not be reached. + items: + type: string + type: array + nextPageToken: + description: A token identifying a page of results the server should return. + type: string + storagePools: + description: The list of StoragePools + type: array + items: + $ref: '#/components/schemas/StoragePool' type: object + id: ListStoragePoolsResponse + ListOperationsResponse: + description: The response message for Operations.ListOperations. properties: - backupMinimumEnforcedRetentionDays: - description: >- - Required. Minimum retention duration in days for backups in the - backup vault. - type: integer - format: int32 - dailyBackupImmutable: + nextPageToken: + type: string + description: The standard List next-page token. + unreachable: description: >- - Optional. Indicates if the daily backups are immutable. At least one - of daily_backup_immutable, weekly_backup_immutable, - monthly_backup_immutable and manual_backup_immutable must be true. - type: boolean - weeklyBackupImmutable: + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + items: + type: string + operations: description: >- - Optional. Indicates if the weekly backups are immutable. At least - one of daily_backup_immutable, weekly_backup_immutable, - monthly_backup_immutable and manual_backup_immutable must be true. + A list of operations that matches the specified filter in the + request. + type: array + items: + $ref: '#/components/schemas/Operation' + id: ListOperationsResponse + type: object + VerifyKmsConfigResponse: + description: >- + VerifyKmsConfigResponse contains the information if the config is + correctly and error message. + id: VerifyKmsConfigResponse + properties: + healthy: type: boolean - monthlyBackupImmutable: description: >- - Optional. Indicates if the monthly backups are immutable. At least - one of daily_backup_immutable, weekly_backup_immutable, - monthly_backup_immutable and manual_backup_immutable must be true. - type: boolean - manualBackupImmutable: + Output only. If the customer key configured correctly to the encrypt + volume. + readOnly: true + instructions: + readOnly: true + type: string description: >- - Optional. Indicates if the manual backups are immutable. At least - one of daily_backup_immutable, weekly_backup_immutable, - monthly_backup_immutable and manual_backup_immutable must be true. - type: boolean - ListBackupVaultsResponse: - id: ListBackupVaultsResponse - description: ListBackupVaultsResponse is the result of ListBackupVaultsRequest. + Output only. Instructions for the customers to provide the access to + the encryption key. + healthError: + readOnly: true + type: string + description: Output only. Error message if config is not healthy. + type: object + ListBackupsResponse: + description: ListBackupsResponse is the result of ListBackupsRequest. + id: ListBackupsResponse type: object properties: - backupVaults: - description: A list of backupVaults in the project for the specified location. - type: array - items: - $ref: '#/components/schemas/BackupVault' nextPageToken: + type: string description: >- The token you can use to retrieve the next page of results. Not returned if there are no more results in the list. - type: string unreachable: description: Locations that could not be reached. type: array items: type: string - Backup: - id: Backup - description: A NetApp Backup. + backups: + description: A list of backups in the project. + items: + $ref: '#/components/schemas/Backup' + type: array + ListHostGroupsResponse: + type: object + id: ListHostGroupsResponse + properties: + unreachable: + description: Locations that could not be reached. + type: array + items: + type: string + nextPageToken: + description: A token identifying a page of results the server should return. + type: string + hostGroups: + items: + $ref: '#/components/schemas/HostGroup' + description: The list of host groups. + type: array + description: ListHostGroupsResponse is the response to a ListHostGroupsRequest. + BackupConfig: type: object + id: BackupConfig + description: BackupConfig contains backup related config on a volume. properties: - name: + backupPolicies: + items: + type: string + type: array description: >- - Identifier. The resource name of the backup. Format: - `projects/{project_id}/locations/{location}/backupVaults/{backup_vault_id}/backups/{backup_id}`. + Optional. When specified, schedule backups will be created based on + the policy configuration. + backupChainBytes: type: string - state: - description: Output only. The backup state. readOnly: true - type: string - enumDescriptions: - - State not set. - - >- - Backup is being created. While in this state, the snapshot for the - backup point-in-time may not have been created yet, and so the - point-in-time may not have been fixed. - - >- - Backup is being uploaded. While in this state, none of the writes - to the volume will be included in the backup. - - Backup is available for use. - - Backup is being deleted. - - >- - Backup is not valid and cannot be used for creating new volumes or - restoring existing volumes. - - Backup is being updated. - enum: - - STATE_UNSPECIFIED - - CREATING - - UPLOADING - - READY - - DELETING - - ERROR - - UPDATING - description: description: >- - A description of the backup with 2048 characters or less. Requests - with longer descriptions will be rejected. - type: string - volumeUsageBytes: - description: >- - Output only. Size of the file system when the backup was created. - When creating a new volume from the backup, the volume capacity will - have to be at least as big. - readOnly: true - type: string + Output only. Total size of all backups in a chain in bytes = + baseline backup size + sum(incremental backup size). format: int64 - backupType: - description: >- - Output only. Type of backup, manually created or created by a backup - policy. - readOnly: true + backupVault: type: string - enumDescriptions: - - Unspecified backup type. - - Manual backup type. - - Scheduled backup type. - enum: - - TYPE_UNSPECIFIED - - MANUAL - - SCHEDULED - sourceVolume: description: >- - Volume full name of this backup belongs to. Format: - `projects/{projects_id}/locations/{location}/volumes/{volume_id}` - type: string - sourceSnapshot: + Optional. Name of backup vault. Format: + projects/{project_id}/locations/{location}/backupVaults/{backup_vault_id} + scheduledBackupEnabled: description: >- - If specified, backup will be created from the given snapshot. If not - specified, there will be a new snapshot taken to initiate the backup - creation. Format: - `projects/{project_id}/locations/{location}/volumes/{volume_id}/snapshots/{snapshot_id}` - type: string - createTime: - description: Output only. The time when the backup was created. - readOnly: true + Optional. When set to true, scheduled backup is enabled on the + volume. This field should be nil when there's no backup policy + attached. + type: boolean + Volume: + properties: + kmsConfig: type: string - format: google-datetime - labels: - description: Resource labels to represent user provided metadata. - type: object - additionalProperties: - type: string - chainStorageBytes: description: >- - Output only. Total size of all backups in a chain in bytes = - baseline backup size + sum(incremental backup size) + Output only. Specifies the KMS config to be used for volume + encryption. readOnly: true + shareName: type: string - format: int64 - satisfiesPzs: - description: Output only. Reserved for future use - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use - readOnly: true + description: Required. Share name of the volume + snapshotPolicy: + $ref: '#/components/schemas/SnapshotPolicy' + description: Optional. SnapshotPolicy for a volume. + kerberosEnabled: type: boolean - volumeRegion: description: >- - Output only. Region of the volume from which the backup was created. - Format: `projects/{project_id}/locations/{location}` - readOnly: true + Optional. Flag indicating if the volume is a kerberos volume or not, + export policy rules control kerberos security modes (krb5, krb5i, + krb5p). + exportPolicy: + $ref: '#/components/schemas/ExportPolicy' + description: Optional. Export policy of the volume + throughputMibps: + type: number + format: double + description: Optional. Throughput of the volume (in MiB/s) + tieringPolicy: + description: Tiering policy for the volume. + $ref: '#/components/schemas/TieringPolicy' + name: type: string - backupRegion: - description: >- - Output only. Region in which backup is stored. Format: - `projects/{project_id}/locations/{location}` - readOnly: true + description: Identifier. Name of the volume + activeDirectory: type: string - enforcedRetentionEndTime: - description: Output only. The time until which the backup is not deletable. readOnly: true + description: Output only. Specifies the ActiveDirectory name of a SMB volume. + securityStyle: type: string - format: google-datetime - ListBackupsResponse: - id: ListBackupsResponse - description: ListBackupsResponse is the result of ListBackupsRequest. - type: object - properties: - backups: - description: A list of backups in the project. - type: array - items: - $ref: '#/components/schemas/Backup' - nextPageToken: - description: >- - The token you can use to retrieve the next page of results. Not - returned if there are no more results in the list. + enum: + - SECURITY_STYLE_UNSPECIFIED + - NTFS + - UNIX + enumDescriptions: + - SecurityStyle is unspecified + - SecurityStyle uses NTFS + - SecurityStyle uses UNIX + description: Optional. Security Style of the Volume + encryptionType: + readOnly: true + enumDescriptions: + - The source of the encryption key is not specified. + - Google managed encryption key. + - Customer managed encryption key, which is stored in KMS. + enum: + - ENCRYPTION_TYPE_UNSPECIFIED + - SERVICE_MANAGED + - CLOUD_KMS + description: Output only. Specified the current volume encryption key source. type: string - unreachable: - description: Locations that could not be reached. + cacheParameters: + $ref: '#/components/schemas/CacheParameters' + description: Optional. Cache parameters for the volume. + restrictedActions: type: array + description: Optional. List of actions that are restricted on this volume. items: + enumDescriptions: + - Unspecified restricted action + - Prevent volume from being deleted when mounted. type: string - BackupPolicy: - id: BackupPolicy - description: Backup Policy. - type: object - properties: - name: + enum: + - RESTRICTED_ACTION_UNSPECIFIED + - DELETE + network: description: >- - Identifier. The resource name of the backup policy. Format: - `projects/{project_id}/locations/{location}/backupPolicies/{backup_policy_id}`. + Output only. VPC Network name. Format: + projects/{project}/global/networks/{network} + readOnly: true type: string - dailyBackupLimit: - description: >- - Number of daily backups to keep. Note that the minimum daily backup - limit is 2. - type: integer - format: int32 - weeklyBackupLimit: - description: >- - Number of weekly backups to keep. Note that the sum of daily, weekly - and monthly backups should be greater than 1. - type: integer - format: int32 - monthlyBackupLimit: + multipleEndpoints: + type: boolean description: >- - Number of monthly backups to keep. Note that the sum of daily, - weekly and monthly backups should be greater than 1. - type: integer - format: int32 + Optional. Flag indicating if the volume will have an IP address per + node for volumes supporting multiple IP endpoints. Only the volume + with large_capacity will be allowed to have multiple endpoints. description: - description: Description of the backup policy. + description: Optional. Description of the volume type: string - enabled: + createTime: + description: Output only. Create time of the volume + readOnly: true + format: google-datetime + type: string + largeCapacity: description: >- - If enabled, make backups automatically according to the schedules. - This will be applied to all volumes that have this policy attached - and enforced on volume level. If not specified, default is true. + Optional. Flag indicating if the volume will be a large capacity + volume or a regular volume. type: boolean - assignedVolumeCount: + snapshotDirectory: + type: boolean + description: >- + Optional. Snapshot_directory if enabled (true) the volume will + contain a read-only .snapshot directory which provides access to + each of the volume's snapshots. + unixPermissions: description: >- - Output only. The total number of volumes assigned by this backup - policy. - readOnly: true - type: integer - format: int32 - createTime: - description: Output only. The time when the backup policy was created. - readOnly: true + Optional. Default unix style permission (e.g. 777) the mount point + will be created with. Applicable for NFS protocol types only. type: string - format: google-datetime - labels: - description: Resource labels to represent user provided metadata. - type: object - additionalProperties: - type: string - state: - description: Output only. The backup policy state. + serviceLevel: + enum: + - SERVICE_LEVEL_UNSPECIFIED + - PREMIUM + - EXTREME + - STANDARD + - FLEX + description: Output only. Service level of the volume readOnly: true + enumDescriptions: + - Unspecified service level. + - Premium service level. + - Extreme service level. + - Standard service level. + - Flex service level. type: string + stateDetails: + description: Output only. State details of the volume + type: string + readOnly: true + state: enumDescriptions: - - State not set. - - BackupPolicy is being created. - - BackupPolicy is available for use. - - BackupPolicy is being deleted. - - BackupPolicy is not valid and cannot be used. - - BackupPolicy is being updated. + - Unspecified Volume State + - Volume State is Ready + - Volume State is Creating + - Volume State is Deleting + - Volume State is Updating + - Volume State is Restoring + - Volume State is Disabled + - Volume State is Error + - >- + Volume State is Preparing. Note that this is different from + CREATING where CREATING means the volume is being created, while + PREPARING means the volume is created and now being prepared for + the replication. + - Volume State is Read Only + description: Output only. State of the volume enum: - STATE_UNSPECIFIED - - CREATING - READY + - CREATING - DELETING - - ERROR - UPDATING - ListBackupPoliciesResponse: - id: ListBackupPoliciesResponse - description: ListBackupPoliciesResponse contains all the backup policies requested. - type: object - properties: - backupPolicies: - description: The list of backup policies. - type: array - items: - $ref: '#/components/schemas/BackupPolicy' - nextPageToken: - description: A token identifying a page of results the server should return. + - RESTORING + - DISABLED + - ERROR + - PREPARING + - READ_ONLY type: string - unreachable: - description: Locations that could not be reached. - type: array + readOnly: true + protocols: + description: Required. Protocols required for the volume items: type: string - ListQuotaRulesResponse: - id: ListQuotaRulesResponse - description: ListQuotaRulesResponse is the response to a ListQuotaRulesRequest. - type: object - properties: - quotaRules: - description: List of quota rules - type: array - items: - $ref: '#/components/schemas/QuotaRule' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - unreachable: - description: Locations that could not be reached. + enumDescriptions: + - Unspecified protocol + - NFS V3 protocol + - NFS V4 protocol + - SMB protocol + - ISCSI protocol + enum: + - PROTOCOLS_UNSPECIFIED + - NFSV3 + - NFSV4 + - SMB + - ISCSI type: array - items: - type: string - QuotaRule: - id: QuotaRule - description: >- - QuotaRule specifies the maximum disk space a user or group can use - within a volume. They can be used for creating default and individual - quota rules. - type: object - properties: - name: + hasReplication: description: >- - Identifier. The resource name of the quota rule. Format: - `projects/{project_number}/locations/{location_id}/volumes/volumes/{volume_id}/quotaRules/{quota_rule_id}`. + Output only. Indicates whether the volume is part of a replication + relationship. + type: boolean + readOnly: true + replicaZone: type: string - target: - description: >- - Optional. The quota rule applies to the specified user or group, - identified by a Unix UID/GID, Windows SID, or null for default. + readOnly: true + description: Output only. Specifies the replica zone for regional volume. + storagePool: type: string - type: - description: Required. The type of quota rule. + description: Required. StoragePool name of the volume + usedGib: + description: >- + Output only. Used capacity in GIB of the volume. This is computed + periodically and it does not represent the realtime usage. + format: int64 type: string - enumDescriptions: - - Unspecified type for quota rule - - Individual user quota rule - - Individual group quota rule - - Default user quota rule - - Default group quota rule - enum: - - TYPE_UNSPECIFIED - - INDIVIDUAL_USER_QUOTA - - INDIVIDUAL_GROUP_QUOTA - - DEFAULT_USER_QUOTA - - DEFAULT_GROUP_QUOTA - diskLimitMib: - description: Required. The maximum allowed disk space in MiB. - type: integer - format: int32 - state: - description: Output only. State of the quota rule readOnly: true + backupConfig: + $ref: '#/components/schemas/BackupConfig' + description: BackupConfig of the volume. + zone: type: string - enumDescriptions: - - Unspecified state for quota rule - - Quota rule is creating - - Quota rule is updating - - Quota rule is deleting - - Quota rule is ready - - Quota rule is in error state. - enum: - - STATE_UNSPECIFIED - - CREATING - - UPDATING - - DELETING - - READY - - ERROR - stateDetails: - description: Output only. State details of the quota rule readOnly: true - type: string - createTime: - description: Output only. Create time of the quota rule + description: Output only. Specifies the active zone for regional volume. + hybridReplicationParameters: + description: Optional. The Hybrid Replication parameters for the volume. + $ref: '#/components/schemas/HybridReplicationParameters' + mountOptions: + type: array + readOnly: true + description: Output only. Mount options of this volume + items: + $ref: '#/components/schemas/MountOption' + smbSettings: + items: + type: string + enum: + - SMB_SETTINGS_UNSPECIFIED + - ENCRYPT_DATA + - BROWSABLE + - CHANGE_NOTIFY + - NON_BROWSABLE + - OPLOCKS + - SHOW_SNAPSHOT + - SHOW_PREVIOUS_VERSIONS + - ACCESS_BASED_ENUMERATION + - CONTINUOUSLY_AVAILABLE + enumDescriptions: + - Unspecified default option + - SMB setting encrypt data + - SMB setting browsable + - SMB setting notify change + - SMB setting not to notify change + - SMB setting oplocks + - SMB setting to show snapshots + - SMB setting to show previous versions + - SMB setting to access volume based on enumerartion + - Continuously available enumeration + type: array + description: Optional. SMB share settings for the volume. + restoreParameters: + $ref: '#/components/schemas/RestoreParameters' + description: Optional. Specifies the source of the volume to be created from. + blockDevices: + description: >- + Optional. Block devices for the volume. Currently, only one block + device is permitted per Volume. + items: + $ref: '#/components/schemas/BlockDevice' + type: array + ldapEnabled: + type: boolean + description: >- + Output only. Flag indicating if the volume is NFS LDAP enabled or + not. + readOnly: true + psaRange: + description: >- + Output only. This field is not implemented. The values provided in + this field are ignored. readOnly: true type: string - format: google-datetime - description: - description: Optional. Description of the quota rule + capacityGib: type: string + format: int64 + description: Required. Capacity in GIB of the volume labels: - description: Optional. Labels of the quota rule - type: object additionalProperties: type: string - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object - properties: - locations: + description: Optional. Labels as key value pairs + type: object + snapReserve: + format: double description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. + Optional. Snap_reserve specifies percentage of volume storage + reserved for snapshot storage. Default is 0 percent. + type: number + hotTierSizeUsedGib: + format: int64 + readOnly: true type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + description: >- + Output only. Total hot tier data rounded down to the nearest GiB + used by the Volume. This field is only used for flex Service Level + coldTierSizeGib: + readOnly: true + description: >- + Output only. Size of the volume cold tier data rounded down to the + nearest GiB. + type: string + format: int64 + id: Volume type: object + description: Volume provides a filesystem that you can mount. + Location: properties: + metadata: + type: object + description: >- + Service-specific metadata. For example the available capacity at the + given location. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. name: + type: string description: >- Resource name for the location, which may vary between implementations. For example: `"projects/example-project/locations/us-east1"` - type: string locationId: description: 'The canonical id for this location. For example: `"us-east1"`.' type: string @@ -2258,131 +2609,101 @@ components: For example, "Tokyo". type: string labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object additionalProperties: type: string - metadata: description: >- - Service-specific metadata. For example the available capacity at the - given location. + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. + description: A resource that represents a Google Cloud location. type: object + id: Location + DestinationVolumeParameters: + id: DestinationVolumeParameters + description: >- + DestinationVolumeParameters specify input parameters used for creating + destination volume. properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + shareName: type: string - format: google-datetime - target: description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true + Destination volume's share name. If not specified, source volume's + share name will be used. + storagePool: + description: Required. Existing destination StoragePool name. type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true + description: type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true + description: Description for the destination volume. + volumeId: + description: >- + Desired destination volume resource id. If not specified, source + volume's resource id will be used. This value must start with a + lowercase letter followed by up to 62 lowercase letters, numbers, or + hyphens, and cannot end with a hyphen. type: string - requestedCancellation: + tieringPolicy: + $ref: '#/components/schemas/TieringPolicy' + description: Optional. Tiering policy for the volume. + type: object + CacheConfig: + properties: + cifsChangeNotifyEnabled: description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been canceled successfully - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true + Optional. Flag indicating whether a CIFS change notification is + enabled for the FlexCache volume. type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string - LocationMetadata: - id: LocationMetadata - description: Metadata for a given google.cloud.location.Location. type: object + id: CacheConfig + description: Configuration of the cache volume. + BackupRetentionPolicy: + id: BackupRetentionPolicy properties: - supportedServiceLevels: - description: Output only. Supported service levels in a location. - readOnly: true - type: array - items: - type: string - enumDescriptions: - - Unspecified service level. - - Premium service level. - - Extreme service level. - - Standard service level. - - Flex service level. - enum: - - SERVICE_LEVEL_UNSPECIFIED - - PREMIUM - - EXTREME - - STANDARD - - FLEX - supportedFlexPerformance: - description: Output only. Supported flex performance in a location. - readOnly: true - type: array - items: - type: string - enumDescriptions: - - Unspecified flex performance. - - Flex Storage Pool with default performance. - - Flex Storage Pool with custom performance. - enum: - - FLEX_PERFORMANCE_UNSPECIFIED - - FLEX_PERFORMANCE_DEFAULT - - FLEX_PERFORMANCE_CUSTOM - hasVcp: - description: Output only. Indicates if the location has VCP support. - readOnly: true + monthlyBackupImmutable: + type: boolean + description: >- + Optional. Indicates if the monthly backups are immutable. At least + one of daily_backup_immutable, weekly_backup_immutable, + monthly_backup_immutable and manual_backup_immutable must be true. + backupMinimumEnforcedRetentionDays: + description: >- + Required. Minimum retention duration in days for backups in the + backup vault. + type: integer + format: int32 + dailyBackupImmutable: + description: >- + Optional. Indicates if the daily backups are immutable. At least one + of daily_backup_immutable, weekly_backup_immutable, + monthly_backup_immutable and manual_backup_immutable must be true. + type: boolean + weeklyBackupImmutable: + description: >- + Optional. Indicates if the weekly backups are immutable. At least + one of daily_backup_immutable, weekly_backup_immutable, + monthly_backup_immutable and manual_backup_immutable must be true. + type: boolean + manualBackupImmutable: type: boolean + description: >- + Optional. Indicates if the manual backups are immutable. At least + one of daily_backup_immutable, weekly_backup_immutable, + monthly_backup_immutable and manual_backup_immutable must be true. + type: object + description: Retention policy for backups in the backup vault parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: callback + name: upload_protocol schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: fields + name: prettyPrint schema: - type: string + type: boolean key: description: >- API key. Your API key identifies your project and provides you with API @@ -2398,125 +2719,182 @@ components: name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + callback: + description: JSONP in: query - name: prettyPrint + name: callback schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: quotaUser + name: uploadType schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + access_token: + description: OAuth access token. in: query - name: upload_protocol + name: access_token schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: uploadType + name: fields schema: type: string _.xgafv: description: V1 error format. in: query - name: $.xgafv + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string + alt: + description: Data format for response. + in: query + name: alt schema: type: string enum: - - '1' - - '2' + - json + - media + - proto x-stackQL-resources: - locations: - id: google.netapp.locations - name: locations - title: Locations + active_directories: + id: google.netapp.active_directories + name: active_directories + title: Active_directories methods: - list: + delete: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1activeDirectories~1{activeDirectoriesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1activeDirectories~1{activeDirectoriesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.locations get: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1activeDirectories~1{activeDirectoriesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1activeDirectories/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1activeDirectories/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/active_directories/methods/get' + - $ref: '#/components/x-stackQL-resources/active_directories/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/active_directories/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/active_directories/methods/patch' replace: [] - delete: [] - operations: - id: google.netapp.operations - name: operations - title: Operations + delete: + - $ref: '#/components/x-stackQL-resources/active_directories/methods/delete' + kms_configs: + id: google.netapp.kms_configs + name: kms_configs + title: Kms_configs methods: - list: + encrypt: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1kmsConfigs~1{kmsConfigsId}:encrypt/post + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1kmsConfigs~1{kmsConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1kmsConfigs~1{kmsConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1kmsConfigs~1{kmsConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - cancel: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1kmsConfigs/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1kmsConfigs/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + verify: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1kmsConfigs~1{kmsConfigsId}:verify/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/kms_configs/methods/get' + - $ref: '#/components/x-stackQL-resources/kms_configs/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/kms_configs/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/kms_configs/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + - $ref: '#/components/x-stackQL-resources/kms_configs/methods/delete' storage_pools: id: google.netapp.storage_pools name: storage_pools title: Storage_pools methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1storagePools/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.storagePools create: operation: $ref: >- @@ -2524,13 +2902,14 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1storagePools~1{storagePoolsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1storagePools/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable patch: operation: $ref: >- @@ -2545,10 +2924,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - validate_directory_service: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1storagePools~1{storagePoolsId}:validateDirectoryService/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1storagePools~1{storagePoolsId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -2559,6 +2938,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + validate_directory_service: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1storagePools~1{storagePoolsId}:validateDirectoryService/post + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/storage_pools/methods/get' @@ -2597,17 +2983,17 @@ components: response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -2618,6 +3004,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + restore: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}:restore/post + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/volumes/methods/get' @@ -2649,24 +3042,24 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1snapshots~1{snapshotsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1snapshots~1{snapshotsId}/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1snapshots~1{snapshotsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1snapshots~1{snapshotsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1snapshots~1{snapshotsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1snapshots~1{snapshotsId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -2686,67 +3079,67 @@ components: name: replications title: Replications methods: - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications~1{replicationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.replications - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications~1{replicationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications~1{replicationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications~1{replicationsId}/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + reverse_direction: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications~1{replicationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications~1{replicationsId}:reverseDirection/post response: mediaType: application/json openAPIDocKey: '200' - patch: + establish_peering: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications~1{replicationsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications~1{replicationsId}:establishPeering/post response: mediaType: application/json openAPIDocKey: '200' - stop: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications~1{replicationsId}:stop/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications/post response: mediaType: application/json openAPIDocKey: '200' - resume: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications~1{replicationsId}:resume/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications/get response: mediaType: application/json openAPIDocKey: '200' - reverse_direction: + objectKey: $.replications + stop: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications~1{replicationsId}:reverseDirection/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications~1{replicationsId}:stop/post response: mediaType: application/json openAPIDocKey: '200' - establish_peering: + resume: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications~1{replicationsId}:establishPeering/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1replications~1{replicationsId}:resume/post response: mediaType: application/json openAPIDocKey: '200' @@ -2773,14 +3166,6 @@ components: name: quota_rules title: Quota_rules methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1quotaRules/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.quotaRules create: operation: $ref: >- @@ -2788,194 +3173,136 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1quotaRules~1{quotaRulesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1quotaRules~1{quotaRulesId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1quotaRules~1{quotaRulesId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/quota_rules/methods/get' - - $ref: '#/components/x-stackQL-resources/quota_rules/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/quota_rules/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/quota_rules/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/quota_rules/methods/delete' - active_directories: - id: google.netapp.active_directories - name: active_directories - title: Active_directories - methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1activeDirectories/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.activeDirectories - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1activeDirectories/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1quotaRules/get response: mediaType: application/json openAPIDocKey: '200' - get: + objectKey: $.quotaRules + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1activeDirectories~1{activeDirectoriesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1quotaRules~1{quotaRulesId}/delete response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1activeDirectories~1{activeDirectoriesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1quotaRules~1{quotaRulesId}/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1activeDirectories~1{activeDirectoriesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1volumes~1{volumesId}~1quotaRules~1{quotaRulesId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/active_directories/methods/get' - - $ref: '#/components/x-stackQL-resources/active_directories/methods/list' + - $ref: '#/components/x-stackQL-resources/quota_rules/methods/get' + - $ref: '#/components/x-stackQL-resources/quota_rules/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/active_directories/methods/create' + - $ref: '#/components/x-stackQL-resources/quota_rules/methods/create' update: - - $ref: '#/components/x-stackQL-resources/active_directories/methods/patch' + - $ref: '#/components/x-stackQL-resources/quota_rules/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/active_directories/methods/delete' - kms_configs: - id: google.netapp.kms_configs - name: kms_configs - title: Kms_configs + - $ref: '#/components/x-stackQL-resources/quota_rules/methods/delete' + host_groups: + id: google.netapp.host_groups + name: host_groups + title: Host_groups methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1kmsConfigs/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.kmsConfigs - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1kmsConfigs/post - response: - mediaType: application/json - openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1kmsConfigs~1{kmsConfigsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1hostGroups~1{hostGroupsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1kmsConfigs~1{kmsConfigsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1hostGroups~1{hostGroupsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1kmsConfigs~1{kmsConfigsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1hostGroups~1{hostGroupsId}/patch response: mediaType: application/json openAPIDocKey: '200' - encrypt: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1kmsConfigs~1{kmsConfigsId}:encrypt/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1hostGroups/get response: mediaType: application/json openAPIDocKey: '200' - verify: + objectKey: $.unreachable + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1kmsConfigs~1{kmsConfigsId}:verify/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1hostGroups/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/kms_configs/methods/get' - - $ref: '#/components/x-stackQL-resources/kms_configs/methods/list' + - $ref: '#/components/x-stackQL-resources/host_groups/methods/get' + - $ref: '#/components/x-stackQL-resources/host_groups/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/kms_configs/methods/create' + - $ref: '#/components/x-stackQL-resources/host_groups/methods/create' update: - - $ref: '#/components/x-stackQL-resources/kms_configs/methods/patch' + - $ref: '#/components/x-stackQL-resources/host_groups/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/kms_configs/methods/delete' + - $ref: '#/components/x-stackQL-resources/host_groups/methods/delete' backup_vaults: id: google.netapp.backup_vaults name: backup_vaults title: Backup_vaults methods: - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults~1{backupVaultsId}/get response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults~1{backupVaultsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.backupVaults - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults~1{backupVaultsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults~1{backupVaultsId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults~1{backupVaultsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.unreachable + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults~1{backupVaultsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults/post response: mediaType: application/json openAPIDocKey: '200' @@ -2995,42 +3322,42 @@ components: name: backups title: Backups methods: - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults~1{backupVaultsId}~1backups/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults~1{backupVaultsId}~1backups~1{backupsId}/patch response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults~1{backupVaultsId}~1backups/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults~1{backupVaultsId}~1backups~1{backupsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.backups - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults~1{backupVaultsId}~1backups~1{backupsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults~1{backupVaultsId}~1backups~1{backupsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults~1{backupVaultsId}~1backups~1{backupsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults~1{backupVaultsId}~1backups/post response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults~1{backupVaultsId}~1backups~1{backupsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupVaults~1{backupVaultsId}~1backups/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/backups/methods/get' @@ -3042,6 +3369,49 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/backups/methods/delete' + operations: + id: google.netapp.operations + name: operations + title: Operations + methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' + insert: [] + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' backup_policies: id: google.netapp.backup_policies name: backup_policies @@ -3062,17 +3432,17 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.backupPolicies - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupPolicies~1{backupPoliciesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupPolicies~1{backupPoliciesId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupPolicies~1{backupPoliciesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backupPolicies~1{backupPoliciesId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -3094,23 +3464,121 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/backup_policies/methods/delete' + locations: + id: google.netapp.locations + name: locations + title: Locations + methods: + get: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.locations + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' + insert: [] + update: [] + replace: [] + delete: [] paths: - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}/activeDirectories/{activeDirectoriesId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/alt' + delete: + description: Delete the active directory specified in the request. + operationId: netapp.projects.locations.activeDirectories.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: activeDirectoriesId + required: true + schema: + type: string + patch: + description: Update the parameters of an active directories. + operationId: netapp.projects.locations.activeDirectories.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ActiveDirectory' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: activeDirectoriesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: Lists information about the supported locations for this service. - operationId: netapp.projects.locations.list + description: Describes a specified active directory. + operationId: netapp.projects.locations.activeDirectories.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3122,35 +3590,117 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/ActiveDirectory' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: activeDirectoriesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/activeDirectories: + parameters: *ref_1 + get: + description: Lists active directories. + operationId: netapp.projects.locations.activeDirectories.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListActiveDirectoriesResponse' parameters: - in: path name: projectsId required: true schema: type: string + - in: path + name: locationsId + required: true + schema: + type: string - in: query name: filter schema: type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: orderBy + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken + post: + description: >- + CreateActiveDirectory Creates the active directory specified in the + request. + operationId: netapp.projects.locations.activeDirectories.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ActiveDirectory' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true schema: type: string - in: query - name: extraLocationTypes + name: activeDirectoryId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/kmsConfigs/{kmsConfigsId}:encrypt: parameters: *ref_1 - get: - description: Gets information about a location. - operationId: netapp.projects.locations.get + post: + description: >- + Encrypt the existing volumes without CMEK encryption with the desired + the KMS config for the whole region. + operationId: netapp.projects.locations.kmsConfigs.encrypt + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EncryptVolumesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3162,7 +3712,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3174,13 +3724,47 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + - in: path + name: kmsConfigsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/kmsConfigs/{kmsConfigsId}: parameters: *ref_1 + delete: + description: Warning! This operation will permanently delete the Kms config. + operationId: netapp.projects.locations.kmsConfigs.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: kmsConfigsId + required: true + schema: + type: string get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: netapp.projects.locations.operations.list + description: Returns the description of the specified KMS config by kms_config_id. + operationId: netapp.projects.locations.kmsConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3192,7 +3776,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/KmsConfig' parameters: - in: path name: projectsId @@ -3204,27 +3788,62 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: kmsConfigsId + required: true schema: type: string - - in: query - name: pageSize + patch: + description: Updates the Kms config properties with the full spec + operationId: netapp.projects.locations.kmsConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/KmsConfig' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true schema: - type: integer - format: int32 + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: kmsConfigsId + required: true + schema: + type: string - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/kmsConfigs: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: netapp.projects.locations.operations.get + post: + description: Creates a new KMS config. + operationId: netapp.projects.locations.kmsConfigs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/KmsConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3248,18 +3867,63 @@ paths: required: true schema: type: string + - in: query + name: kmsConfigId + schema: + type: string + get: + description: Returns descriptions of all KMS configs owned by the caller. + operationId: netapp.projects.locations.kmsConfigs.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListKmsConfigsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: operationsId + name: locationsId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: netapp.projects.locations.operations.delete + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/kmsConfigs/{kmsConfigsId}:verify: + parameters: *ref_1 + post: + description: Verifies KMS config reachability. + operationId: netapp.projects.locations.kmsConfigs.verify + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/VerifyKmsConfigRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3271,7 +3935,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/VerifyKmsConfigResponse' parameters: - in: path name: projectsId @@ -3284,29 +3948,20 @@ paths: schema: type: string - in: path - name: operationsId + name: kmsConfigsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/storagePools: parameters: *ref_1 post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: netapp.projects.locations.operations.cancel + description: Creates a new storage pool. + operationId: netapp.projects.locations.storagePools.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/StoragePool' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3318,7 +3973,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3330,13 +3985,10 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: storagePoolId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/storagePools: - parameters: *ref_1 get: description: Returns descriptions of all storage pools owned by the caller. operationId: netapp.projects.locations.storagePools.list @@ -3369,20 +4021,22 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query - name: orderBy + name: pageToken schema: type: string - in: query - name: filter + name: orderBy schema: type: string - post: - description: Creates a new storage pool. - operationId: netapp.projects.locations.storagePools.create + /v1/projects/{projectsId}/locations/{locationsId}/storagePools/{storagePoolsId}: + parameters: *ref_1 + patch: + description: Updates the storage pool properties with the full spec + operationId: netapp.projects.locations.storagePools.patch requestBody: content: application/json: @@ -3411,51 +4065,19 @@ paths: required: true schema: type: string - - in: query - name: storagePoolId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/storagePools/{storagePoolsId}: - parameters: *ref_1 - get: - description: Returns the description of the specified storage pool by poolId. - operationId: netapp.projects.locations.storagePools.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/StoragePool' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - in: path - name: locationsId + name: storagePoolsId required: true schema: type: string - - in: path - name: storagePoolsId - required: true + - in: query + name: updateMask schema: type: string - patch: - description: Updates the storage pool properties with the full spec - operationId: netapp.projects.locations.storagePools.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/StoragePool' + format: google-fieldmask + delete: + description: Warning! This operation will permanently delete the storage pool. + operationId: netapp.projects.locations.storagePools.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3484,14 +4106,9 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Warning! This operation will permanently delete the storage pool. - operationId: netapp.projects.locations.storagePools.delete + get: + description: Returns the description of the specified storage pool by poolId. + operationId: netapp.projects.locations.storagePools.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3503,7 +4120,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/StoragePool' parameters: - in: path name: projectsId @@ -3520,18 +4137,18 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/storagePools/{storagePoolsId}:validateDirectoryService: + /v1/projects/{projectsId}/locations/{locationsId}/storagePools/{storagePoolsId}:switch: parameters: *ref_1 post: description: >- - ValidateDirectoryService does a connectivity check for a directory - service policy attached to the storage pool. - operationId: netapp.projects.locations.storagePools.validateDirectoryService + This operation will switch the active/replica zone for a regional + storagePool. + operationId: netapp.projects.locations.storagePools.switch requestBody: content: application/json: schema: - $ref: '#/components/schemas/ValidateDirectoryServiceRequest' + $ref: '#/components/schemas/SwitchActiveReplicaZoneRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3560,18 +4177,18 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/storagePools/{storagePoolsId}:switch: + /v1/projects/{projectsId}/locations/{locationsId}/storagePools/{storagePoolsId}:validateDirectoryService: parameters: *ref_1 post: description: >- - This operation will switch the active/replica zone for a regional - storagePool. - operationId: netapp.projects.locations.storagePools.switch + ValidateDirectoryService does a connectivity check for a directory + service policy attached to the storage pool. + operationId: netapp.projects.locations.storagePools.validateDirectoryService requestBody: content: application/json: schema: - $ref: '#/components/schemas/SwitchActiveReplicaZoneRequest' + $ref: '#/components/schemas/ValidateDirectoryServiceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3628,11 +4245,6 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: @@ -3641,6 +4253,11 @@ paths: name: filter schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 - in: query name: orderBy schema: @@ -3713,14 +4330,9 @@ paths: required: true schema: type: string - patch: - description: Updates the parameters of a single Volume. - operationId: netapp.projects.locations.volumes.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Volume' + delete: + description: Deletes a single Volume. + operationId: netapp.projects.locations.volumes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3750,13 +4362,17 @@ paths: schema: type: string - in: query - name: updateMask + name: force schema: - type: string - format: google-fieldmask - delete: - description: Deletes a single Volume. - operationId: netapp.projects.locations.volumes.delete + type: boolean + patch: + description: Updates the parameters of a single Volume. + operationId: netapp.projects.locations.volumes.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Volume' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3786,9 +4402,10 @@ paths: schema: type: string - in: query - name: force + name: updateMask schema: - type: boolean + type: string + format: google-fieldmask /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}:revert: parameters: *ref_1 post: @@ -3830,11 +4447,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/snapshots: + /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}:restore: parameters: *ref_1 - get: - description: Returns descriptions of all snapshots for a volume. - operationId: netapp.projects.locations.volumes.snapshots.list + post: + description: Restore files from a backup to a volume. + operationId: netapp.projects.locations.volumes.restore + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RestoreBackupFilesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3846,7 +4468,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSnapshotsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3863,31 +4485,11 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: filter - schema: - type: string - post: - description: Create a new snapshot for a volume. - operationId: netapp.projects.locations.volumes.snapshots.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Snapshot' + /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/snapshots: + parameters: *ref_1 + get: + description: Returns descriptions of all snapshots for a volume. + operationId: netapp.projects.locations.volumes.snapshots.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3899,7 +4501,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListSnapshotsResponse' parameters: - in: path name: projectsId @@ -3917,50 +4519,30 @@ paths: schema: type: string - in: query - name: snapshotId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/snapshots/{snapshotsId}: - parameters: *ref_1 - get: - description: Describe a snapshot for a volume. - operationId: netapp.projects.locations.volumes.snapshots.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Snapshot' - parameters: - - in: path - name: projectsId - required: true + name: orderBy schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: volumesId - required: true + type: integer + format: int32 + - in: query + name: filter schema: type: string - - in: path - name: snapshotsId - required: true + - in: query + name: pageToken schema: type: string - delete: - description: Deletes a snapshot. - operationId: netapp.projects.locations.volumes.snapshots.delete + post: + description: Create a new snapshot for a volume. + operationId: netapp.projects.locations.volumes.snapshots.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Snapshot' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3989,11 +4571,12 @@ paths: required: true schema: type: string - - in: path - name: snapshotsId - required: true + - in: query + name: snapshotId schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/snapshots/{snapshotsId}: + parameters: *ref_1 patch: description: Updates the settings of a specific snapshot. operationId: netapp.projects.locations.volumes.snapshots.patch @@ -4040,11 +4623,9 @@ paths: schema: type: string format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/replications: - parameters: *ref_1 get: - description: Returns descriptions of all replications for a volume. - operationId: netapp.projects.locations.volumes.replications.list + description: Describe a snapshot for a volume. + operationId: netapp.projects.locations.volumes.snapshots.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4056,7 +4637,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListReplicationsResponse' + $ref: '#/components/schemas/Snapshot' parameters: - in: path name: projectsId @@ -4073,31 +4654,14 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: filter + - in: path + name: snapshotsId + required: true schema: type: string - post: - description: Create a new replication for a volume. - operationId: netapp.projects.locations.volumes.replications.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Replication' + delete: + description: Deletes a snapshot. + operationId: netapp.projects.locations.volumes.snapshots.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4126,8 +4690,9 @@ paths: required: true schema: type: string - - in: query - name: replicationId + - in: path + name: snapshotsId + required: true schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/replications/{replicationsId}: @@ -4250,16 +4815,18 @@ paths: schema: type: string format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/replications/{replicationsId}:stop: + /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/replications/{replicationsId}:reverseDirection: parameters: *ref_1 post: - description: Stop Cross Region Replication. - operationId: netapp.projects.locations.volumes.replications.stop + description: >- + Reverses direction of replication. Source becomes destination and + destination becomes source. + operationId: netapp.projects.locations.volumes.replications.reverseDirection requestBody: content: application/json: schema: - $ref: '#/components/schemas/StopReplicationRequest' + $ref: '#/components/schemas/ReverseReplicationDirectionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4293,16 +4860,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/replications/{replicationsId}:resume: + /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/replications/{replicationsId}:establishPeering: parameters: *ref_1 post: - description: Resume Cross Region Replication. - operationId: netapp.projects.locations.volumes.replications.resume + description: Establish replication peering. + operationId: netapp.projects.locations.volumes.replications.establishPeering requestBody: content: application/json: schema: - $ref: '#/components/schemas/ResumeReplicationRequest' + $ref: '#/components/schemas/EstablishPeeringRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4336,18 +4903,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/replications/{replicationsId}:reverseDirection: + /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/replications: parameters: *ref_1 post: - description: >- - Reverses direction of replication. Source becomes destination and - destination becomes source. - operationId: netapp.projects.locations.volumes.replications.reverseDirection + description: Create a new replication for a volume. + operationId: netapp.projects.locations.volumes.replications.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/ReverseReplicationDirectionRequest' + $ref: '#/components/schemas/Replication' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4376,21 +4941,13 @@ paths: required: true schema: type: string - - in: path - name: replicationsId - required: true + - in: query + name: replicationId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/replications/{replicationsId}:establishPeering: - parameters: *ref_1 - post: - description: Establish replication peering. - operationId: netapp.projects.locations.volumes.replications.establishPeering - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/EstablishPeeringRequest' + get: + description: Returns descriptions of all replications for a volume. + operationId: netapp.projects.locations.volumes.replications.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4402,7 +4959,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListReplicationsResponse' parameters: - in: path name: projectsId @@ -4419,23 +4976,33 @@ paths: required: true schema: type: string - - in: path - name: replicationsId - required: true + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/replications/{replicationsId}:sync: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/replications/{replicationsId}:stop: parameters: *ref_1 post: - description: >- - Syncs the replication. This will invoke one time volume data transfer - from source to destination. - operationId: netapp.projects.locations.volumes.replications.sync + description: Stop Cross Region Replication. + operationId: netapp.projects.locations.volumes.replications.stop requestBody: content: application/json: schema: - $ref: '#/components/schemas/SyncReplicationRequest' + $ref: '#/components/schemas/StopReplicationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4469,11 +5036,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/quotaRules: + /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/replications/{replicationsId}:resume: parameters: *ref_1 - get: - description: Returns list of all quota rules in a location. - operationId: netapp.projects.locations.volumes.quotaRules.list + post: + description: Resume Cross Region Replication. + operationId: netapp.projects.locations.volumes.replications.resume + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ResumeReplicationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4485,7 +5057,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListQuotaRulesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4502,31 +5074,23 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: replicationsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/replications/{replicationsId}:sync: + parameters: *ref_1 post: - description: Creates a new quota rule. - operationId: netapp.projects.locations.volumes.quotaRules.create + description: >- + Syncs the replication. This will invoke one time volume data transfer + from source to destination. + operationId: netapp.projects.locations.volumes.replications.sync requestBody: content: application/json: schema: - $ref: '#/components/schemas/QuotaRule' + $ref: '#/components/schemas/SyncReplicationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4555,15 +5119,21 @@ paths: required: true schema: type: string - - in: query - name: quotaRuleId + - in: path + name: replicationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/quotaRules/{quotaRulesId}: + /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/quotaRules: parameters: *ref_1 - get: - description: Returns details of the specified quota rule. - operationId: netapp.projects.locations.volumes.quotaRules.get + post: + description: Creates a new quota rule. + operationId: netapp.projects.locations.volumes.quotaRules.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/QuotaRule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4575,7 +5145,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/QuotaRule' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4592,19 +5162,13 @@ paths: required: true schema: type: string - - in: path - name: quotaRulesId - required: true + - in: query + name: quotaRuleId schema: type: string - patch: - description: Updates a quota rule. - operationId: netapp.projects.locations.volumes.quotaRules.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/QuotaRule' + get: + description: Returns list of all quota rules in a location. + operationId: netapp.projects.locations.volumes.quotaRules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4616,7 +5180,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListQuotaRulesResponse' parameters: - in: path name: projectsId @@ -4633,16 +5197,25 @@ paths: required: true schema: type: string - - in: path - name: quotaRulesId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: updateMask + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy schema: type: string - format: google-fieldmask + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/volumes/{volumesId}/quotaRules/{quotaRulesId}: + parameters: *ref_1 delete: description: Deletes a quota rule. operationId: netapp.projects.locations.volumes.quotaRules.delete @@ -4679,11 +5252,14 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/activeDirectories: - parameters: *ref_1 - get: - description: Lists active directories. - operationId: netapp.projects.locations.activeDirectories.list + patch: + description: Updates a quota rule. + operationId: netapp.projects.locations.volumes.quotaRules.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/QuotaRule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4695,7 +5271,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListActiveDirectoriesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4707,33 +5283,24 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: volumesId + required: true schema: type: string - - in: query - name: filter + - in: path + name: quotaRulesId + required: true schema: type: string - in: query - name: orderBy + name: updateMask schema: type: string - post: - description: >- - CreateActiveDirectory Creates the active directory specified in the - request. - operationId: netapp.projects.locations.activeDirectories.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ActiveDirectory' + format: google-fieldmask + get: + description: Returns details of the specified quota rule. + operationId: netapp.projects.locations.volumes.quotaRules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4745,7 +5312,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/QuotaRule' parameters: - in: path name: projectsId @@ -4757,15 +5324,21 @@ paths: required: true schema: type: string - - in: query - name: activeDirectoryId + - in: path + name: volumesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/activeDirectories/{activeDirectoriesId}: + - in: path + name: quotaRulesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/hostGroups/{hostGroupsId}: parameters: *ref_1 get: - description: Describes a specified active directory. - operationId: netapp.projects.locations.activeDirectories.get + description: Returns details of the specified host group. + operationId: netapp.projects.locations.hostGroups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4777,7 +5350,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ActiveDirectory' + $ref: '#/components/schemas/HostGroup' parameters: - in: path name: projectsId @@ -4790,18 +5363,13 @@ paths: schema: type: string - in: path - name: activeDirectoriesId + name: hostGroupsId required: true schema: type: string - patch: - description: Update the parameters of an active directories. - operationId: netapp.projects.locations.activeDirectories.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ActiveDirectory' + delete: + description: Deletes a host group. + operationId: netapp.projects.locations.hostGroups.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4826,18 +5394,18 @@ paths: schema: type: string - in: path - name: activeDirectoriesId + name: hostGroupsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Delete the active directory specified in the request. - operationId: netapp.projects.locations.activeDirectories.delete + patch: + description: Updates an existing host group. + operationId: netapp.projects.locations.hostGroups.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/HostGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4862,15 +5430,22 @@ paths: schema: type: string - in: path - name: activeDirectoriesId + name: hostGroupsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/kmsConfigs: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/hostGroups: parameters: *ref_1 get: - description: Returns descriptions of all KMS configs owned by the caller. - operationId: netapp.projects.locations.kmsConfigs.list + description: >- + Returns a list of host groups in a location. Use '-' as location to list + host groups across all locations. + operationId: netapp.projects.locations.hostGroups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4882,7 +5457,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListKmsConfigsResponse' + $ref: '#/components/schemas/ListHostGroupsResponse' parameters: - in: path name: projectsId @@ -4900,11 +5475,11 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: orderBy schema: type: string - in: query - name: orderBy + name: pageToken schema: type: string - in: query @@ -4912,13 +5487,13 @@ paths: schema: type: string post: - description: Creates a new KMS config. - operationId: netapp.projects.locations.kmsConfigs.create + description: Creates a new host group. + operationId: netapp.projects.locations.hostGroups.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/KmsConfig' + $ref: '#/components/schemas/HostGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4943,14 +5518,14 @@ paths: schema: type: string - in: query - name: kmsConfigId + name: hostGroupId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/kmsConfigs/{kmsConfigsId}: + /v1/projects/{projectsId}/locations/{locationsId}/backupVaults/{backupVaultsId}: parameters: *ref_1 get: - description: Returns the description of the specified KMS config by kms_config_id. - operationId: netapp.projects.locations.kmsConfigs.get + description: Returns the description of the specified backup vault + operationId: netapp.projects.locations.backupVaults.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4962,7 +5537,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/KmsConfig' + $ref: '#/components/schemas/BackupVault' parameters: - in: path name: projectsId @@ -4975,18 +5550,18 @@ paths: schema: type: string - in: path - name: kmsConfigsId + name: backupVaultsId required: true schema: type: string patch: - description: Updates the Kms config properties with the full spec - operationId: netapp.projects.locations.kmsConfigs.patch + description: Updates the settings of a specific backup vault. + operationId: netapp.projects.locations.backupVaults.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/KmsConfig' + $ref: '#/components/schemas/BackupVault' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5011,7 +5586,7 @@ paths: schema: type: string - in: path - name: kmsConfigsId + name: backupVaultsId required: true schema: type: string @@ -5021,8 +5596,8 @@ paths: type: string format: google-fieldmask delete: - description: Warning! This operation will permanently delete the Kms config. - operationId: netapp.projects.locations.kmsConfigs.delete + description: Warning! This operation will permanently delete the backup vault. + operationId: netapp.projects.locations.backupVaults.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5047,22 +5622,15 @@ paths: schema: type: string - in: path - name: kmsConfigsId + name: backupVaultsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/kmsConfigs/{kmsConfigsId}:encrypt: + /v1/projects/{projectsId}/locations/{locationsId}/backupVaults: parameters: *ref_1 - post: - description: >- - Encrypt the existing volumes without CMEK encryption with the desired - the KMS config for the whole region. - operationId: netapp.projects.locations.kmsConfigs.encrypt - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/EncryptVolumesRequest' + get: + description: Returns list of all available backup vaults. + operationId: netapp.projects.locations.backupVaults.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5074,7 +5642,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListBackupVaultsResponse' parameters: - in: path name: projectsId @@ -5086,51 +5654,23 @@ paths: required: true schema: type: string - - in: path - name: kmsConfigsId - required: true + - in: query + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/kmsConfigs/{kmsConfigsId}:verify: - parameters: *ref_1 - post: - description: Verifies KMS config reachability. - operationId: netapp.projects.locations.kmsConfigs.verify - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/VerifyKmsConfigRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/VerifyKmsConfigResponse' - parameters: - - in: path - name: projectsId - required: true + - in: query + name: filter schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: kmsConfigsId - required: true + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/backupVaults: - parameters: *ref_1 post: description: Creates new backup vault operationId: netapp.projects.locations.backupVaults.create @@ -5166,54 +5706,16 @@ paths: name: backupVaultId schema: type: string - get: - description: Returns list of all available backup vaults. - operationId: netapp.projects.locations.backupVaults.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListBackupVaultsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: filter - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/backupVaults/{backupVaultsId}: + /v1/projects/{projectsId}/locations/{locationsId}/backupVaults/{backupVaultsId}/backups/{backupsId}: parameters: *ref_1 - get: - description: Returns the description of the specified backup vault - operationId: netapp.projects.locations.backupVaults.get + patch: + description: Update backup with full spec. + operationId: netapp.projects.locations.backupVaults.backups.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Backup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5225,7 +5727,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BackupVault' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5242,14 +5744,19 @@ paths: required: true schema: type: string - patch: - description: Updates the settings of a specific backup vault. - operationId: netapp.projects.locations.backupVaults.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BackupVault' + - in: path + name: backupsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Returns the description of the specified backup + operationId: netapp.projects.locations.backupVaults.backups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5261,7 +5768,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Backup' parameters: - in: path name: projectsId @@ -5278,14 +5785,14 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: backupsId + required: true schema: type: string - format: google-fieldmask delete: - description: Warning! This operation will permanently delete the backup vault. - operationId: netapp.projects.locations.backupVaults.delete + description: Warning! This operation will permanently delete the backup. + operationId: netapp.projects.locations.backupVaults.backups.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5314,6 +5821,11 @@ paths: required: true schema: type: string + - in: path + name: backupsId + required: true + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/backupVaults/{backupVaultsId}/backups: parameters: *ref_1 post: @@ -5391,11 +5903,6 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: @@ -5408,11 +5915,18 @@ paths: name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/backupVaults/{backupVaultsId}/backups/{backupsId}: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 get: - description: Returns the description of the specified backup - operationId: netapp.projects.locations.backupVaults.backups.get + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: netapp.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5424,7 +5938,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Backup' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -5436,19 +5950,31 @@ paths: required: true schema: type: string - - in: path - name: backupVaultsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter schema: type: string - - in: path - name: backupsId - required: true + - in: query + name: pageToken schema: type: string - delete: - description: Warning! This operation will permanently delete the backup. - operationId: netapp.projects.locations.backupVaults.backups.delete + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: netapp.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5473,23 +5999,64 @@ paths: schema: type: string - in: path - name: backupVaultsId + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: netapp.projects.locations.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId required: true schema: type: string - in: path - name: backupsId + name: locationsId required: true schema: type: string - patch: - description: Update backup with full spec. - operationId: netapp.projects.locations.backupVaults.backups.patch + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: netapp.projects.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/Backup' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5501,7 +6068,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -5514,20 +6081,10 @@ paths: schema: type: string - in: path - name: backupVaultsId - required: true - schema: - type: string - - in: path - name: backupsId + name: operationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask /v1/projects/{projectsId}/locations/{locationsId}/backupPolicies: parameters: *ref_1 post: @@ -5591,25 +6148,66 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: orderBy schema: type: string - in: query name: filter schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/backupPolicies/{backupPoliciesId}: + parameters: *ref_1 + patch: + description: Updates settings of a specific backup policy. + operationId: netapp.projects.locations.backupPolicies.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BackupPolicy' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: backupPoliciesId + required: true + schema: + type: string - in: query - name: orderBy + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/backupPolicies/{backupPoliciesId}: - parameters: *ref_1 + format: google-fieldmask get: description: >- Returns the description of the specified backup policy by @@ -5643,14 +6241,9 @@ paths: required: true schema: type: string - patch: - description: Updates settings of a specific backup policy. - operationId: netapp.projects.locations.backupPolicies.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BackupPolicy' + delete: + description: Warning! This operation will permanently delete the backup policy. + operationId: netapp.projects.locations.backupPolicies.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5679,14 +6272,11 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Warning! This operation will permanently delete the backup policy. - operationId: netapp.projects.locations.backupPolicies.delete + /v1/projects/{projectsId}/locations/{locationsId}: + parameters: *ref_1 + get: + description: Gets information about a location. + operationId: netapp.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5698,7 +6288,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId @@ -5710,8 +6300,43 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations: + parameters: *ref_1 + get: + description: Lists information about the supported locations for this service. + operationId: netapp.projects.locations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListLocationsResponse' + parameters: - in: path - name: backupPoliciesId + name: projectsId required: true schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: extraLocationTypes + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/networkconnectivity.yaml b/providers/src/googleapis.com/v00.00.00000/services/networkconnectivity.yaml index 4ed3a4b0..39dc1994 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/networkconnectivity.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/networkconnectivity.yaml @@ -7,8 +7,8 @@ info: title: Network Connectivity API description: This API enables connectivity with and between Google Cloud resources. version: v1 - x-discovery-doc-revision: '20250819' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251113' + x-generated-date: '2025-12-10' externalDocs: url: >- https://cloud.google.com/network-connectivity/docs/reference/networkconnectivity/rest @@ -35,73 +35,173 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleLongrunningListOperationsResponse: - id: GoogleLongrunningListOperationsResponse - description: The response message for Operations.ListOperations. + AcceptSpokeUpdateRequest: + description: The request for HubService.AcceptSpokeUpdate. + id: AcceptSpokeUpdateRequest type: object properties: - operations: + requestId: + type: string description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/GoogleLongrunningOperation' - nextPageToken: - description: The standard List next-page token. + Optional. A request ID to identify requests. Specify a unique + request ID so that if you must retry your request, the server knows + to ignore the request if it has already been completed. The server + guarantees that a request doesn't result in creation of duplicate + commitments for at least 60 minutes. For example, consider a + situation where you make an initial request and the request times + out. If you make the request again with the same request ID, the + server can check to see whether the original operation was received. + If it was, the server ignores the second request. This behavior + prevents clients from mistakenly creating duplicate commitments. The + request ID must be a valid UUID, with the exception that zero UUID + is not supported (00000000-0000-0000-0000-000000000000). + spokeEtag: type: string - GoogleLongrunningOperation: - id: GoogleLongrunningOperation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + description: Required. The etag of the spoke to accept update. + spokeUri: + type: string + description: Required. The URI of the spoke to accept update. + Location: type: object + id: Location properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - done: description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + Service-specific metadata. For example the available capacity at the + given location. + name: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/GoogleRpcStatus' - response: + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + type: string + labels: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} type: object additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + type: string + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + description: A resource that represents a Google Cloud location. + PscPropagationStatus: + properties: + sourceGroup: + type: string + description: The name of the group that the source spoke belongs to. + sourceSpoke: + type: string + description: The name of the spoke that the source forwarding rule belongs to. + code: + enumDescriptions: + - The code is unspecified. + - The propagated Private Service Connect connection is ready. + - >- + The Private Service Connect connection is propagating. This is a + transient state. + - >- + The Private Service Connect connection propagation failed because + the VPC network or the project of the target spoke has exceeded + the connection limit set by the producer. + - >- + The Private Service Connect connection propagation failed because + the NAT IP subnet space has been exhausted. It is equivalent to + the `Needs attention` status of the Private Service Connect + connection. See + https://cloud.google.com/vpc/docs/about-accessing-vpc-hosted-services-endpoints#connection-statuses. + - >- + The Private Service Connect connection propagation failed because + the `PSC_ILB_CONSUMER_FORWARDING_RULES_PER_PRODUCER_NETWORK` quota + in the producer VPC network has been exceeded. + - >- + The Private Service Connect connection propagation failed because + the `PSC_PROPAGATED_CONNECTIONS_PER_VPC_NETWORK` quota in the + consumer VPC network has been exceeded. + type: string + description: The propagation status. + enum: + - CODE_UNSPECIFIED + - READY + - PROPAGATING + - ERROR_PRODUCER_PROPAGATED_CONNECTION_LIMIT_EXCEEDED + - ERROR_PRODUCER_NAT_IP_SPACE_EXHAUSTED + - ERROR_PRODUCER_QUOTA_EXCEEDED + - ERROR_CONSUMER_QUOTA_EXCEEDED + message: + description: >- + The human-readable summary of the Private Service Connect connection + propagation status. + type: string + sourceForwardingRule: + type: string + description: The name of the forwarding rule exported to the hub. + targetGroup: + description: The name of the group that the target spoke belongs to. + type: string + targetSpoke: + type: string + description: The name of the spoke that the source forwarding rule propagates to. + id: PscPropagationStatus + description: >- + The status of one or more propagated Private Service Connect connections + in a hub. + type: object + AcceptHubSpokeResponse: + description: The response for HubService.AcceptHubSpoke. + id: AcceptHubSpokeResponse + properties: + spoke: + description: The spoke that was operated on. + $ref: '#/components/schemas/Spoke' + type: object + ListLocationsResponse: + type: object + description: The response message for Locations.ListLocations. + properties: + locations: + type: array + description: >- + A list of locations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Location' + nextPageToken: + description: The standard List next-page token. + type: string + id: ListLocationsResponse + ListRouteTablesResponse: + properties: + unreachable: + type: array + description: Hubs that could not be reached. + items: + type: string + routeTables: + type: array + description: The requested route tables. + items: + $ref: '#/components/schemas/RouteTable' + nextPageToken: + description: >- + The token for the next page of the response. To see more results, + use this value as the page_token for your next request. If this + value is empty, there are no more results. + type: string + id: ListRouteTablesResponse + type: object + description: Response for HubService.ListRouteTables method. GoogleRpcStatus: - id: GoogleRpcStatus description: >- The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It @@ -112,233 +212,470 @@ components: Guide](https://cloud.google.com/apis/design/errors). type: object properties: + details: + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + type: array code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer format: int32 + type: integer + description: The status code, which should be an enum value of google.rpc.Code. message: description: >- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. type: string - details: + id: GoogleRpcStatus + RejectHubSpokeResponse: + id: RejectHubSpokeResponse + properties: + spoke: + description: The spoke that was operated on. + $ref: '#/components/schemas/Spoke' + description: The response for HubService.RejectHubSpoke. + type: object + DestinationEndpoint: + properties: + state: + type: string + description: Output only. The state of the `DestinationEndpoint` resource. + readOnly: true + enumDescriptions: + - An invalid state, which is the default case. + - The `DestinationEndpoint` resource is valid. + - The `DestinationEndpoint` resource is invalid. + enum: + - STATE_UNSPECIFIED + - VALID + - INVALID + csp: + type: string + description: Required. The CSP of the remote IP prefix. + updateTime: + readOnly: true description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + Output only. Time when the `DestinationEndpoint` resource was + updated. + format: google-datetime + type: string + asn: + type: string + format: int64 + description: Required. The ASN of the remote IP prefix. + id: DestinationEndpoint + description: The metadata for a `DestinationEndpoint` resource. + type: object + LinkedVpcNetwork: + description: An existing VPC network. + properties: + includeExportRanges: + description: Optional. IP ranges allowed to be included from peering. type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - GoogleLongrunningCancelOperationRequest: - id: GoogleLongrunningCancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - ListServiceConnectionMapsResponse: - id: ListServiceConnectionMapsResponse - description: Response for ListServiceConnectionMaps. - type: object - properties: - serviceConnectionMaps: - description: ServiceConnectionMaps to be returned. + type: string + uri: + description: Required. The URI of the VPC network resource. + type: string + proposedExcludeExportRanges: + description: >- + Output only. The proposed exclude export IP ranges waiting for hub + administration's approval. + readOnly: true type: array items: - $ref: '#/components/schemas/ServiceConnectionMap' - nextPageToken: + type: string + producerVpcSpokes: + type: array + readOnly: true + items: + type: string description: >- - The next pagination token in the List response. It should be used as - page_token for the following request. An empty value means no more - result. - type: string - unreachable: - description: Locations that could not be reached. + Output only. The list of Producer VPC spokes that this VPC spoke is + a service consumer VPC spoke for. These producer VPCs are connected + through VPC peering to this spoke's backing VPC network. Because + they are directly connected through VPC peering, NCC export filters + do not apply between the service consumer VPC spoke and any of its + producer VPC spokes. This VPC spoke cannot be deleted as long as any + of these producer VPC spokes are connected to the NCC Hub. + proposedIncludeExportRanges: type: array items: type: string - ServiceConnectionMap: - id: ServiceConnectionMap - description: The ServiceConnectionMap resource. - type: object - properties: - name: description: >- - Immutable. The name of a ServiceConnectionMap. Format: - projects/{project}/locations/{location}/serviceConnectionMaps/{service_connection_map} - See: https://google.aip.dev/122#fields-representing-resource-names - type: string - createTime: - description: Output only. Time when the ServiceConnectionMap was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Time when the ServiceConnectionMap was updated. + Output only. The proposed include export IP ranges waiting for hub + administration's approval. readOnly: true - type: string - format: google-datetime - labels: - description: User-defined labels. - type: object - additionalProperties: + excludeExportRanges: + description: >- + Optional. IP ranges encompassing the subnets to be excluded from + peering. + items: type: string - description: - description: A description of this resource. + type: array + type: object + id: LinkedVpcNetwork + NextHopVPNTunnel: + type: object + id: NextHopVPNTunnel + properties: + vpcNetwork: type: string - serviceClass: + description: The VPC network where this VPN tunnel is located. + siteToSiteDataTransfer: + type: boolean description: >- - The service class identifier this ServiceConnectionMap is for. The - user of ServiceConnectionMap create API needs to have - networkconnecitivty.serviceclasses.use iam permission for the - service class. + Indicates whether site-to-site data transfer is allowed for this VPN + tunnel resource. Data transfer is available only in [supported + locations](https://cloud.google.com/network-connectivity/docs/network-connectivity-center/concepts/locations). + uri: + description: The URI of the VPN tunnel resource. type: string - serviceClassUri: - description: Output only. The service class uri this ServiceConnectionMap is for. - readOnly: true + description: A route next hop that leads to a VPN tunnel resource. + LinkedRouterApplianceInstances: + type: object + properties: + instances: + type: array + items: + $ref: '#/components/schemas/RouterApplianceInstance' + description: The list of router appliance instances. + siteToSiteDataTransfer: + description: >- + A value that controls whether site-to-site data transfer is enabled + for these resources. Data transfer is available only in [supported + locations](https://cloud.google.com/network-connectivity/docs/network-connectivity-center/concepts/locations). + type: boolean + vpcNetwork: type: string - infrastructure: description: >- - Output only. The infrastructure used for connections between - consumers/producers. + Output only. The VPC network where these router appliance instances + are located. readOnly: true - type: string - enumDescriptions: - - An invalid infrastructure as the default case. - - Private Service Connect is used for connections. - enum: - - INFRASTRUCTURE_UNSPECIFIED - - PSC - producerPscConfigs: - description: The PSC configurations on producer side. + includeImportRanges: + description: >- + Optional. Hub routes fully encompassed by include import ranges are + included during import from hub. type: array items: - $ref: '#/components/schemas/ProducerPscConfig' - consumerPscConfigs: - description: The PSC configurations on consumer side. - type: array + type: string + description: >- + A collection of router appliance instances. If you configure multiple + router appliance instances to receive data from the same set of sites + outside of Google Cloud, we recommend that you associate those instances + with the same spoke. + id: LinkedRouterApplianceInstances + ListMulticloudDataTransferConfigsResponse: + description: Response message to list `MulticloudDataTransferConfig` resources. + type: object + id: ListMulticloudDataTransferConfigsResponse + properties: + unreachable: + description: Locations that could not be reached. items: - $ref: '#/components/schemas/ConsumerPscConfig' - consumerPscConnections: - description: Output only. PSC connection details on consumer side. - readOnly: true + type: string type: array + multicloudDataTransferConfigs: + description: The list of `MulticloudDataTransferConfig` resources to be listed. items: - $ref: '#/components/schemas/ConsumerPscConnection' - token: - description: >- - The token provided by the consumer. This token authenticates that - the consumer can create a connection within the specified project - and network. + $ref: '#/components/schemas/MulticloudDataTransferConfig' + type: array + nextPageToken: + description: The next page token. type: string - etag: - description: >- - Optional. The etag is computed by the server, and may be sent on - update and delete requests to ensure the client has an up-to-date - value before proceeding. + ListServiceConnectionTokensResponse: + type: object + id: ListServiceConnectionTokensResponse + properties: + nextPageToken: type: string + description: >- + The next pagination token in the List response. It should be used as + page_token for the following request. An empty value means no more + result. + unreachable: + type: array + items: + type: string + description: Locations that could not be reached. + serviceConnectionTokens: + description: ServiceConnectionTokens to be returned. + type: array + items: + $ref: '#/components/schemas/ServiceConnectionToken' + description: Response for ListServiceConnectionTokens. ProducerPscConfig: + type: object id: ProducerPscConfig description: The PSC configurations on producer side. - type: object properties: + automatedDnsCreationSpec: + description: >- + Optional. The specification for automatically creating a DNS record + for this PSC connection. + $ref: '#/components/schemas/AutomatedDnsCreationSpec' serviceAttachmentUri: + type: string description: >- The resource path of a service attachment. Example: projects/{projectNumOrId}/regions/{region}/serviceAttachments/{resourceId}. - type: string - ConsumerPscConfig: - id: ConsumerPscConfig - description: Allow the producer to specify which consumers can connect to it. - type: object + Migration: + id: Migration + description: Specification for migration with source and target resource names. properties: - project: + target: description: >- - The consumer project where PSC connections are allowed to be created - in. + Immutable. Resource path of the target resource. The target project + can be different, as in the cases when migrating to peer networks. + For example: + /projects/{project}/regions/{region}/subnetworks/{subnet} type: string - network: - description: >- - The resource path of the consumer network where PSC connections are - allowed to be created in. Note, this network does not need be in the - ConsumerPscConfig.project in the case of SharedVPC. Example: - projects/{projectNumOrId}/global/networks/{networkId}. + source: type: string - disableGlobalAccess: - description: >- - This is used in PSC consumer ForwardingRule to control whether the - PSC endpoint can be accessed from another region. - type: boolean - state: description: >- - Output only. Overall state of PSC Connections management for this - consumer psc config. - readOnly: true + Immutable. Resource path as an URI of the source resource, for + example a subnet. The project for the source resource should match + the project for the InternalRange. An example: + /projects/{project}/regions/{region}/subnetworks/{subnet} + type: object + RegionalEndpoint: + type: object + description: The RegionalEndpoint resource. + id: RegionalEndpoint + properties: + description: type: string - enumDescriptions: - - Default state, when Connection Map is created initially. - - >- - Set when policy and map configuration is valid, and their matching - can lead to allowing creation of PSC Connections subject to other - constraints like connections limit. - - >- - No Service Connection Policy found for this network and Service - Class - - >- - Service Connection Policy limit reached for this network and - Service Class - - >- - The consumer instance project is not in - AllowedGoogleProducersResourceHierarchyLevels of the matching - ServiceConnectionPolicy. + description: Optional. A description of this resource. + accessType: enum: - - STATE_UNSPECIFIED - - VALID - - CONNECTION_POLICY_MISSING - - POLICY_LIMIT_REACHED - - CONSUMER_INSTANCE_PROJECT_NOT_ALLOWLISTED - producerInstanceId: + - ACCESS_TYPE_UNSPECIFIED + - GLOBAL + - REGIONAL + type: string description: >- - Immutable. Deprecated. Use producer_instance_metadata instead. An - immutable identifier for the producer instance. - deprecated: true + Required. The access type of this regional endpoint. This field is + reflected in the PSC Forwarding Rule configuration to enable global + access. + enumDescriptions: + - An invalid type as the default case. + - This regional endpoint is accessible from all regions. + - >- + This regional endpoint is only accessible from the same region + where it resides. + pscForwardingRule: + description: >- + Output only. The resource reference of the PSC Forwarding Rule + created on behalf of the customer. Format: + `//compute.googleapis.com/projects/{project}/regions/{region}/forwardingRules/{forwarding_rule_name}` type: string - serviceAttachmentIpAddressMap: + readOnly: true + address: description: >- - Output only. A map to store mapping between customer vip and target - service attachment. Only service attachment with producer specified - ip addresses are stored here. + Optional. The IP Address of the Regional Endpoint. When no address + is provided, an IP from the subnetwork is allocated. Use one of the + following formats: * IPv4 address as in `10.0.0.1` * Address + resource URI as in + `projects/{project}/regions/{region}/addresses/{address_name}` for + an IPv4 or IPv6 address. + type: string + name: + description: >- + Output only. The name of a RegionalEndpoint. Pattern: + `projects/{project}/locations/{location}/regionalEndpoints/^[-a-z0-9](?:[-a-z0-9]{0,44})[a-z0-9]$`. + type: string readOnly: true - type: object + updateTime: + type: string + description: Output only. Time when the RegionalEndpoint was updated. + readOnly: true + format: google-datetime + labels: additionalProperties: type: string - consumerInstanceProject: + type: object + description: User-defined labels. + network: description: >- - Required. The project ID or project number of the consumer project. - This project is the one that the consumer uses to interact with the - producer instance. From the perspective of a consumer who's created - a producer instance, this is the project of the producer instance. - Format: 'projects/' Eg. 'projects/consumer-project' or - 'projects/1234' + Optional. The name of the VPC network for this private regional + endpoint. Format: `projects/{project}/global/networks/{network}` type: string - producerInstanceMetadata: - description: Immutable. An immutable map for the producer instance metadata. - type: object - additionalProperties: + targetGoogleApi: + description: >- + Required. The service endpoint this private regional endpoint + connects to. Format: `{apiname}.{region}.p.rep.googleapis.com` + Example: "cloudkms.us-central1.p.rep.googleapis.com". + type: string + createTime: + type: string + description: Output only. Time when the RegionalEndpoint was created. + readOnly: true + format: google-datetime + ipAddress: + type: string + deprecated: true + readOnly: true + description: >- + Output only. The literal IP address of the PSC Forwarding Rule + created on behalf of the customer. This field is deprecated. Use + address instead. + subnetwork: + description: >- + Optional. The name of the subnetwork from which the IP address will + be allocated. Format: + `projects/{project}/regions/{region}/subnetworks/{subnetwork}` + type: string + CheckConsumerConfigResponse: + id: CheckConsumerConfigResponse + description: Response for CheckConsumerConfig. + type: object + properties: + errors: + items: + enum: + - ERROR_UNSPECIFIED + - NETWORK_PROJECT_INVALID + - NETWORK_PROJECT_APIS_NOT_ENABLED + - NETWORK_INVALID + - CONNECTION_POLICY_MISSING + - IP_VERSION_NOT_SUPPORTED + - NETWORK_PROJECT_SERVICE_AGENT_NOT_FOUND + - ENDPOINT_PROJECT_INVALID + - ENDPOINT_PROJECT_API_NOT_ENABLED + - ENDPOINT_PROJECT_IS_NOT_SERVICE_PROJECT + type: string + enumDescriptions: + - An invalid error as the default case. + - Invalid Network project. + - Network Connectivity APIs not enabled in network project. + - Invalid network. + - >- + No ServiceConnectionPolicy found for this network and + ServiceClass. + - IP version not supported in any of the subnetworks. + - Service Agent missing for network project. + - Invalid endpoint project. + - Network Connectivity API is not enabled in the endpoint project. + - >- + Endpoint project is not a service project of the network + project. + type: array + description: >- + List of validation errors. If the list is empty, the consumer config + is valid. + DnsAutomationStatus: + id: DnsAutomationStatus + description: The status of DNS automation for a PSC connection. + type: object + properties: + fqdn: + readOnly: true + description: Output only. The fully qualified domain name of the DNS record. + type: string + error: + $ref: '#/components/schemas/GoogleRpcStatus' + description: >- + Output only. The error details if the state is CREATE_FAILED or + DELETE_FAILED. + readOnly: true + state: + enumDescriptions: + - Default value. This value is unused. + - DNS record creation is pending. + - DNS record is active. + - DNS record deletion is pending. + - DNS record creation failed. + - DNS record deletion failed. + enum: + - STATE_UNSPECIFIED + - PENDING_CREATE + - ACTIVE + - PENDING_DELETE + - CREATE_FAILED + - DELETE_FAILED + type: string + description: Output only. The current state of DNS automation. + readOnly: true + Filter: + id: Filter + properties: + ipProtocol: + description: >- + Optional. The IP protocol that this policy-based route applies to. + Valid values are 'TCP', 'UDP', and 'ALL'. Default is 'ALL'. + type: string + protocolVersion: + enumDescriptions: + - Default value. + - The PBR is for IPv4 internet protocol traffic. + - The PBR is for IPv6 internet protocol traffic. + enum: + - PROTOCOL_VERSION_UNSPECIFIED + - IPV4 + - IPV6 + description: >- + Required. Internet protocol versions this policy-based route applies + to. IPV4 and IPV6 is supported. + type: string + destRange: + type: string + description: >- + Optional. The destination IP range of outgoing packets that this + policy-based route applies to. Default is "0.0.0.0/0" if protocol + version is IPv4 and "::/0" if protocol version is IPv6. + srcRange: + description: >- + Optional. The source IP range of outgoing packets that this + policy-based route applies to. Default is "0.0.0.0/0" if protocol + version is IPv4 and "::/0" if protocol version is IPv6. + type: string + description: Filter matches L4 traffic. + type: object + ListMulticloudDataTransferSupportedServicesResponse: + type: object + description: >- + Response message to list the services in your project in regions that + are eligible for Data Transfer Essentials configuration. + properties: + multicloudDataTransferSupportedServices: + items: + $ref: '#/components/schemas/MulticloudDataTransferSupportedService' + description: The list of supported services. + type: array + nextPageToken: + description: The next page token. + type: string + id: ListMulticloudDataTransferSupportedServicesResponse + ListDestinationsResponse: + type: object + properties: + unreachable: + items: type: string + type: array + description: Locations that could not be reached. + destinations: + description: The list of `Destination` resources to be listed. + items: + $ref: '#/components/schemas/Destination' + type: array + nextPageToken: + description: The next page token. + type: string + id: ListDestinationsResponse + description: Response message to list `Destination` resources. + PscConnection: + description: Information about a specific Private Service Connect connection. + id: PscConnection + type: object + properties: ipVersion: description: The requested IP version for the PSC connection. - type: string enumDescriptions: - >- Default value. We will use IPv4 or IPv6 depending on the IP @@ -349,25 +686,49 @@ components: - IP_VERSION_UNSPECIFIED - IPV4 - IPV6 - ConsumerPscConnection: - id: ConsumerPscConnection - description: PSC connection details on consumer side. - type: object - properties: - serviceAttachmentUri: + type: string + producerInstanceId: description: >- - The URI of a service attachment which is the target of the PSC - connection. + Immutable. Deprecated. Use producer_instance_metadata instead. An + immutable identifier for the producer instance. + type: string + deprecated: true + consumerAddress: + description: The resource reference of the consumer address. + type: string + serviceClass: + type: string + description: >- + Output only. [Output only] The service class associated with this + PSC Connection. The value is derived from the SCPolicy and matches + the service class name provided by the customer. + readOnly: true + gceOperation: + description: The last Compute Engine operation to setup PSC connection. type: string + error: + deprecated: true + $ref: '#/components/schemas/GoogleRpcStatus' + description: >- + The most recent error during operating this connection. Deprecated, + please use error_info instead. state: - description: The state of the PSC connection. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - FAILED + - CREATING + - DELETING + - CREATE_REPAIRING + - DELETE_REPAIRING + description: State of the PSC Connection type: string enumDescriptions: - An invalid state as the default case. - >- The connection has been created successfully. However, for the - up-to-date connection status, please use the service attachment's - "ConnectedEndpoint.status" as the source of truth. + up-to-date connection status, please use the created forwarding + rule's "PscConnectionStatus" as the source of truth. - >- The connection is not functional since some resources on the connection fail to be created. @@ -375,42 +736,36 @@ components: - The connection is being deleted. - The connection is being repaired to complete creation. - The connection is being repaired to complete deletion. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - FAILED - - CREATING - - DELETING - - CREATE_REPAIRING - - DELETE_REPAIRING - project: - description: >- - The consumer project whose PSC forwarding rule is connected to the - service attachments in this service connection map. + selectedSubnetwork: type: string - network: description: >- - The consumer network whose PSC forwarding rule is connected to the - service attachments in this service connection map. Note that the - network could be on a different project (shared VPC). - type: string - pscConnectionId: + Output only. The URI of the subnetwork selected to allocate IP + address for this connection. + readOnly: true + consumerForwardingRule: description: >- - The PSC connection id of the PSC forwarding rule connected to the - service attachments in this service connection map. + The resource reference of the PSC Forwarding Rule within the + consumer VPC. type: string - ip: - description: >- - The IP literal allocated on the consumer network for the PSC - forwarding rule that is created to connect to the producer service - attachment in this service connection map. + consumerTargetProject: + description: The project where the PSC connection is created. type: string - errorType: + pscConnectionId: + description: The PSC connection id of the PSC forwarding rule. + type: string + errorInfo: + readOnly: true description: >- - The error type indicates whether the error is consumer facing, - producer facing or system internal. + Output only. The error info for the latest error during operating + this connection. + $ref: '#/components/schemas/GoogleRpcErrorInfo' + producerInstanceMetadata: + description: Immutable. An immutable map for the producer instance metadata. + type: object + additionalProperties: + type: string + errorType: deprecated: true - type: string enumDescriptions: - An invalid error type as the default case. - The error is due to Service Automation system internal. @@ -421,234 +776,330 @@ components: - ERROR_INTERNAL - ERROR_CONSUMER_SIDE - ERROR_PRODUCER_SIDE - error: - description: The most recent error during operating this connection. - deprecated: true - $ref: '#/components/schemas/GoogleRpcStatus' - gceOperation: - description: The last Compute Engine operation to setup PSC connection. type: string - forwardingRule: description: >- - The URI of the consumer forwarding rule created. Example: - projects/{projectNumOrId}/regions/us-east1/networks/{resourceId}. - type: string - errorInfo: + The error type indicates whether the error is consumer facing, + producer facing or system internal. + SpokeSummary: + type: object + description: >- + Summarizes information about the spokes associated with a hub. The + summary includes a count of spokes according to type and according to + state. If any spokes are inactive, the summary also lists the reasons + they are inactive, including a count for each reason. + properties: + spokeTypeCounts: + type: array description: >- - Output only. The error info for the latest error during operating - this connection. + Output only. Counts the number of spokes of each type that are + associated with a specific hub. readOnly: true - $ref: '#/components/schemas/GoogleRpcErrorInfo' - selectedSubnetwork: + items: + $ref: '#/components/schemas/SpokeTypeCount' + spokeStateReasonCounts: description: >- - Output only. The URI of the selected subnetwork selected to allocate - IP address for this connection. + Output only. Counts the number of spokes that are inactive for each + possible reason and associated with a given hub. + type: array + items: + $ref: '#/components/schemas/SpokeStateReasonCount' + readOnly: true + spokeStateCounts: + items: + $ref: '#/components/schemas/SpokeStateCount' + type: array readOnly: true - type: string - producerInstanceId: description: >- - Immutable. Deprecated. Use producer_instance_metadata instead. An - immutable identifier for the producer instance. - deprecated: true - type: string + Output only. Counts the number of spokes that are in each state and + associated with a given hub. + id: SpokeSummary + ConsumerPscConfig: + id: ConsumerPscConfig + properties: producerInstanceMetadata: - description: Immutable. An immutable map for the producer instance metadata. - type: object additionalProperties: type: string + description: Immutable. An immutable map for the producer instance metadata. + type: object ipVersion: - description: The requested IP version for the PSC connection. type: string + enum: + - IP_VERSION_UNSPECIFIED + - IPV4 + - IPV6 enumDescriptions: - >- Default value. We will use IPv4 or IPv6 depending on the IP version of first available subnetwork. - Will use IPv4 only. - Will use IPv6 only. - enum: - - IP_VERSION_UNSPECIFIED - - IPV4 - - IPV6 - GoogleRpcErrorInfo: - id: GoogleRpcErrorInfo - description: >- - Describes the cause of the error with structured details. Example of an - error when contacting the "pubsub.googleapis.com" API when it is not - enabled: { "reason": "API_DISABLED" "domain": "googleapis.com" - "metadata": { "resource": "projects/123", "service": - "pubsub.googleapis.com" } } This response indicates that the - pubsub.googleapis.com API is not enabled. Example of an error that is - returned when attempting to create a Spanner instance in a region that - is out of stock: { "reason": "STOCKOUT" "domain": - "spanner.googleapis.com", "metadata": { "availableRegions": - "us-central1,us-east2" } } - type: object - properties: - reason: + description: The requested IP version for the PSC connection. + producerInstanceId: description: >- - The reason of the error. This is a constant value that identifies - the proximate cause of the error. Error reasons are unique within a - particular domain of errors. This should be at most 63 characters - and match a regular expression of `A-Z+[A-Z0-9]`, which represents - UPPER_SNAKE_CASE. + Immutable. Deprecated. Use producer_instance_metadata instead. An + immutable identifier for the producer instance. type: string - domain: + deprecated: true + state: description: >- - The logical grouping to which the "reason" belongs. The error domain - is typically the registered service name of the tool or product that - generates the error. Example: "pubsub.googleapis.com". If the error - is generated by some common infrastructure, the error domain must be - a globally unique value that identifies the infrastructure. For - Google API infrastructure, the error domain is "googleapis.com". + Output only. Overall state of PSC Connections management for this + consumer psc config. + enumDescriptions: + - Default state, when Connection Map is created initially. + - >- + Set when policy and map configuration is valid, and their matching + can lead to allowing creation of PSC Connections subject to other + constraints like connections limit. + - >- + No Service Connection Policy found for this network and Service + Class + - >- + Service Connection Policy limit reached for this network and + Service Class + - >- + The consumer instance project is not in + AllowedGoogleProducersResourceHierarchyLevels of the matching + ServiceConnectionPolicy. + enum: + - STATE_UNSPECIFIED + - VALID + - CONNECTION_POLICY_MISSING + - POLICY_LIMIT_REACHED + - CONSUMER_INSTANCE_PROJECT_NOT_ALLOWLISTED + type: string + readOnly: true + network: type: string - metadata: description: >- - Additional structured details about this error. Keys must match a - regular expression of `a-z+` but should ideally be lowerCamelCase. - Also, they must be limited to 64 characters in length. When - identifying the current value of an exceeded limit, the units should - be contained in the key, not the value. For example, rather than - `{"instanceLimit": "100/request"}`, should be returned as, - `{"instanceLimitPerRequest": "100"}`, if the client exceeds the - number of instances that can be created in a single (batch) request. - type: object + The resource path of the consumer network where PSC connections are + allowed to be created in. Note, this network does not need be in the + ConsumerPscConfig.project in the case of SharedVPC. Example: + projects/{projectNumOrId}/global/networks/{networkId}. + serviceAttachmentIpAddressMap: + description: >- + Output only. A map to store mapping between customer vip and target + service attachment. Only service attachment with producer specified + ip addresses are stored here. additionalProperties: type: string - ListServiceConnectionPoliciesResponse: - id: ListServiceConnectionPoliciesResponse - description: Response for ListServiceConnectionPolicies. + readOnly: true + type: object + consumerInstanceProject: + description: >- + Required. The project ID or project number of the consumer project. + This project is the one that the consumer uses to interact with the + producer instance. From the perspective of a consumer who's created + a producer instance, this is the project of the producer instance. + Format: 'projects/' Eg. 'projects/consumer-project' or + 'projects/1234' + type: string + project: + type: string + description: >- + The consumer project where PSC connections are allowed to be created + in. + disableGlobalAccess: + description: >- + This is used in PSC consumer ForwardingRule to control whether the + PSC endpoint can be accessed from another region. + type: boolean + description: Allow the producer to specify which consumers can connect to it. + type: object + AutoAccept: type: object + id: AutoAccept properties: - serviceConnectionPolicies: - description: ServiceConnectionPolicies to be returned. + autoAcceptProjects: + description: >- + Optional. A list of project ids or project numbers for which you + want to enable auto-accept. The auto-accept setting is applied to + spokes being created or updated in these projects. + items: + type: string + type: array + description: >- + The auto-accept setting for a group controls whether proposed spokes are + automatically attached to the hub. If auto-accept is enabled, the spoke + immediately is attached to the hub and becomes part of the group. In + this case, the new spoke is in the ACTIVE state. If auto-accept is + disabled, the spoke goes to the INACTIVE state, and it must be reviewed + and accepted by a hub administrator. + LinkedProducerVpcNetwork: + properties: + proposedIncludeExportRanges: + type: array + description: >- + Output only. The proposed include export IP ranges waiting for hub + administration's approval. + readOnly: true + items: + type: string + includeExportRanges: type: array items: - $ref: '#/components/schemas/ServiceConnectionPolicy' - nextPageToken: + type: string + description: Optional. IP ranges allowed to be included from peering. + peering: description: >- - The next pagination token in the List response. It should be used as - page_token for the following request. An empty value means no more - result. + Immutable. The name of the VPC peering between the Service Consumer + VPC and the Producer VPC (defined in the Tenant project) which is + added to the NCC hub. This peering must be in ACTIVE state. type: string - unreachable: - description: Locations that could not be reached. + serviceConsumerVpcSpoke: + type: string + readOnly: true + description: Output only. The Service Consumer Network spoke. + excludeExportRanges: type: array items: type: string - ServiceConnectionPolicy: - id: ServiceConnectionPolicy - description: The ServiceConnectionPolicy resource. - type: object - properties: - name: description: >- - Immutable. The name of a ServiceConnectionPolicy. Format: - projects/{project}/locations/{location}/serviceConnectionPolicies/{service_connection_policy} - See: https://google.aip.dev/122#fields-representing-resource-names + Optional. IP ranges encompassing the subnets to be excluded from + peering. + producerNetwork: type: string - createTime: - description: Output only. Time when the ServiceConnectionPolicy was created. readOnly: true + description: Output only. The URI of the Producer VPC. + network: + description: >- + Immutable. The URI of the Service Consumer VPC that the Producer VPC + is peered with. type: string - format: google-datetime - updateTime: - description: Output only. Time when the ServiceConnectionPolicy was updated. + proposedExcludeExportRanges: + items: + type: string + description: >- + Output only. The proposed exclude export IP ranges waiting for hub + administration's approval. + type: array readOnly: true + type: object + id: LinkedProducerVpcNetwork + CheckConsumerConfigRequest: + id: CheckConsumerConfigRequest + properties: + serviceClass: type: string - format: google-datetime - labels: - description: User-defined labels. - type: object - additionalProperties: - type: string - description: - description: A description of this resource. + description: Required. The service class identifier of the producer. + requestedIpVersion: type: string - network: + enumDescriptions: + - >- + Default value. We will use IPv4 or IPv6 depending on the IP + version of first available subnetwork. + - Will use IPv4 only. + - Will use IPv6 only. + description: The requested IP Version + enum: + - IP_VERSION_UNSPECIFIED + - IPV4 + - IPV6 + consumerNetwork: description: >- - The resource path of the consumer network. Example: - - projects/{projectNumOrId}/global/networks/{resourceId}. + Required. Full resource name of the consumer network. Example: - + projects/{project}/global/networks/{network}. type: string - serviceClass: + endpointProject: + description: The project number or ID where the PSC endpoint is to be created. + type: string + description: Request for CheckConsumerConfig. + type: object + VirtualMachine: + id: VirtualMachine + properties: + tags: + type: array description: >- - The service class identifier for which this ServiceConnectionPolicy - is for. The service class identifier is a unique, symbolic - representation of a ServiceClass. It is provided by the Service - Producer. Google services have a prefix of gcp or google-cloud. For - example, gcp-memorystore-redis or google-cloud-sql. 3rd party - services do not. For example, test-service-a3dfcx. + Optional. A list of VM instance tags that this policy-based route + applies to. VM instances that have ANY of tags specified here + installs this PBR. + items: + type: string + type: object + description: VM instances that this policy-based route applies to. + RouteTable: + properties: + uid: type: string - infrastructure: + readOnly: true description: >- - Output only. The type of underlying resources used to create the - connection. + Output only. The Google-generated UUID for the route table. This + value is unique across all route table resources. If a route table + is deleted and another with the same name is created, the new route + table is assigned a different `uid`. + updateTime: readOnly: true type: string - enumDescriptions: - - An invalid infrastructure as the default case. - - Private Service Connect is used for connections. + format: google-datetime + description: Output only. The time the route table was last updated. + state: + type: string + description: Output only. The current lifecycle state of this route table. enum: - - INFRASTRUCTURE_UNSPECIFIED - - PSC - pscConfig: - description: >- - Configuration used for Private Service Connect connections. Used - when Infrastructure is PSC. - $ref: '#/components/schemas/PscConfig' - pscConnections: - description: >- - Output only. [Output only] Information about each Private Service - Connect connection. + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + - ACCEPTING + - REJECTING + - UPDATING + - INACTIVE + - OBSOLETE + - FAILED + enumDescriptions: + - No state information available + - The resource's create operation is in progress. + - The resource is active + - The resource's delete operation is in progress. + - The resource's accept operation is in progress. + - The resource's reject operation is in progress. + - The resource's update operation is in progress. + - The resource is inactive. + - >- + The hub associated with this spoke resource has been deleted. This + state applies to spoke resources only. + - >- + The resource is in an undefined state due to resource creation or + deletion failure. You can try to delete the resource later or + contact support for help. readOnly: true - type: array - items: - $ref: '#/components/schemas/PscConnection' - etag: + description: + description: An optional description of the route table. + type: string + name: description: >- - Optional. The etag is computed by the server, and may be sent on - update and delete requests to ensure the client has an up-to-date - value before proceeding. + Immutable. The name of the route table. Route table names must be + unique. They use the following form: + `projects/{project_number}/locations/global/hubs/{hub}/routeTables/{route_table_id}` type: string - PscConfig: - id: PscConfig - description: >- - Configuration used for Private Service Connect connections. Used when - Infrastructure is PSC. + createTime: + type: string + format: google-datetime + description: Output only. The time the route table was created. + readOnly: true + labels: + description: >- + Optional labels in key-value pair format. For more information about + labels, see [Requirements for + labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements). + type: object + additionalProperties: + type: string + id: RouteTable type: object + PscConfig: properties: subnetworks: description: >- The resource paths of subnetworks to use for IP address management. Example: projects/{projectNumOrId}/regions/{region}/subnetworks/{resourceId}. - type: array items: type: string - limit: - description: Optional. Max number of PSC connections for this policy. - type: string - format: int64 - producerInstanceLocation: - description: >- - Optional. ProducerInstanceLocation is used to specify which - authorization mechanism to use to determine which projects the - Producer instance can be within. - type: string - enumDescriptions: - - >- - Producer instance location is not specified. When this option is - chosen, then the PSC connections created by this - ServiceConnectionPolicy must be within the same project as the - Producer instance. This is the default ProducerInstanceLocation - value. To allow for PSC connections from this network to other - networks, use the CUSTOM_RESOURCE_HIERARCHY_LEVELS option. - - >- - Producer instance must be within one of the values provided in - allowed_google_producers_resource_hierarchy_level. - enum: - - PRODUCER_INSTANCE_LOCATION_UNSPECIFIED - - CUSTOM_RESOURCE_HIERARCHY_LEVELS + type: array allowedGoogleProducersResourceHierarchyLevel: + items: + type: string description: >- Optional. List of Projects, Folders, or Organizations from where the Producer instance can be within. For example, a network @@ -665,374 +1116,207 @@ components: or 'folders/' or 'organizations/' Eg. [projects/my-project-id, projects/567, folders/891, organizations/123] type: array - items: - type: string - PscConnection: - id: PscConnection - description: Information about a specific Private Service Connect connection. - type: object - properties: - state: - description: State of the PSC Connection + limit: + format: int64 type: string + description: Optional. Max number of PSC connections for this policy. + producerInstanceLocation: + enum: + - PRODUCER_INSTANCE_LOCATION_UNSPECIFIED + - CUSTOM_RESOURCE_HIERARCHY_LEVELS enumDescriptions: - - An invalid state as the default case. - >- - The connection has been created successfully. However, for the - up-to-date connection status, please use the created forwarding - rule's "PscConnectionStatus" as the source of truth. + Producer instance location is not specified. When this option is + chosen, then the PSC connections created by this + ServiceConnectionPolicy must be within the same project as the + Producer instance. This is the default ProducerInstanceLocation + value. To allow for PSC connections from this network to other + networks, use the CUSTOM_RESOURCE_HIERARCHY_LEVELS option. - >- - The connection is not functional since some resources on the - connection fail to be created. - - The connection is being created. - - The connection is being deleted. - - The connection is being repaired to complete creation. - - The connection is being repaired to complete deletion. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - FAILED - - CREATING - - DELETING - - CREATE_REPAIRING - - DELETE_REPAIRING - consumerForwardingRule: - description: >- - The resource reference of the PSC Forwarding Rule within the - consumer VPC. - type: string - consumerAddress: - description: The resource reference of the consumer address. + Producer instance must be within one of the values provided in + allowed_google_producers_resource_hierarchy_level. type: string - errorType: description: >- - The error type indicates whether the error is consumer facing, - producer facing or system internal. - deprecated: true - type: string - enumDescriptions: - - An invalid error type as the default case. - - The error is due to Service Automation system internal. - - The error is due to the setup on consumer side. - - The error is due to the setup on producer side. - enum: - - CONNECTION_ERROR_TYPE_UNSPECIFIED - - ERROR_INTERNAL - - ERROR_CONSUMER_SIDE - - ERROR_PRODUCER_SIDE - error: - description: >- - The most recent error during operating this connection. Deprecated, - please use error_info instead. - deprecated: true - $ref: '#/components/schemas/GoogleRpcStatus' - gceOperation: - description: The last Compute Engine operation to setup PSC connection. - type: string - consumerTargetProject: - description: The project where the PSC connection is created. - type: string - pscConnectionId: - description: The PSC connection id of the PSC forwarding rule. - type: string - errorInfo: - description: >- - Output only. The error info for the latest error during operating - this connection. - readOnly: true - $ref: '#/components/schemas/GoogleRpcErrorInfo' - selectedSubnetwork: - description: >- - Output only. The URI of the subnetwork selected to allocate IP - address for this connection. - readOnly: true + Optional. ProducerInstanceLocation is used to specify which + authorization mechanism to use to determine which projects the + Producer instance can be within. + id: PscConfig + description: >- + Configuration used for Private Service Connect connections. Used when + Infrastructure is PSC. + type: object + ListGroupsResponse: + id: ListGroupsResponse + type: object + properties: + nextPageToken: type: string - producerInstanceId: description: >- - Immutable. Deprecated. Use producer_instance_metadata instead. An - immutable identifier for the producer instance. - deprecated: true - type: string - producerInstanceMetadata: - description: Immutable. An immutable map for the producer instance metadata. - type: object - additionalProperties: + The token for the next page of the response. To see more results, + use this value as the page_token for your next request. If this + value is empty, there are no more results. + unreachable: + items: type: string - serviceClass: - description: >- - Output only. [Output only] The service class associated with this - PSC Connection. The value is derived from the SCPolicy and matches - the service class name provided by the customer. - readOnly: true - type: string - ipVersion: - description: The requested IP version for the PSC connection. - type: string - enumDescriptions: - - >- - Default value. We will use IPv4 or IPv6 depending on the IP - version of first available subnetwork. - - Will use IPv4 only. - - Will use IPv6 only. - enum: - - IP_VERSION_UNSPECIFIED - - IPV4 - - IPV6 - ListServiceClassesResponse: - id: ListServiceClassesResponse - description: Response for ListServiceClasses. - type: object + type: array + description: Hubs that could not be reached. + groups: + items: + $ref: '#/components/schemas/Group' + type: array + description: The requested groups. + description: Response for HubService.ListGroups method. + LocationMetadata: + description: Metadata about locations properties: - serviceClasses: - description: ServiceClasses to be returned. + locationFeatures: type: array items: - $ref: '#/components/schemas/ServiceClass' + type: string + enum: + - LOCATION_FEATURE_UNSPECIFIED + - SITE_TO_CLOUD_SPOKES + - SITE_TO_SITE_SPOKES + - GATEWAY_SPOKES + enumDescriptions: + - No publicly supported feature in this location + - Site-to-cloud spokes are supported in this location + - Site-to-site spokes are supported in this location + - Gateway spokes are supported in this location. + description: List of supported features + type: object + id: LocationMetadata + ListRegionalEndpointsResponse: + description: Response for ListRegionalEndpoints. + type: object + properties: nextPageToken: + type: string description: >- The next pagination token in the List response. It should be used as page_token for the following request. An empty value means no more result. - type: string + regionalEndpoints: + description: Regional endpoints to be returned. + type: array + items: + $ref: '#/components/schemas/RegionalEndpoint' unreachable: description: Locations that could not be reached. - type: array items: type: string - ServiceClass: - id: ServiceClass - description: The ServiceClass resource. - type: object + type: array + id: ListRegionalEndpointsResponse + MulticloudDataTransferSupportedService: + id: MulticloudDataTransferSupportedService properties: name: - description: >- - Immutable. The name of a ServiceClass resource. Format: - projects/{project}/locations/{location}/serviceClasses/{service_class} - See: https://google.aip.dev/122#fields-representing-resource-names type: string - serviceClass: + description: Identifier. The name of the service. + serviceConfigs: + items: + $ref: '#/components/schemas/ServiceConfig' description: >- - Output only. The generated service class name. Use this name to - refer to the Service class in Service Connection Maps and Service - Connection Policies. - readOnly: true - type: string - createTime: - description: Output only. Time when the ServiceClass was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Time when the ServiceClass was updated. + Output only. The network service tier or regional endpoint supported + for the service. readOnly: true - type: string - format: google-datetime - labels: - description: User-defined labels. - type: object - additionalProperties: - type: string - description: - description: A description of this resource. - type: string - etag: - description: >- - Optional. The etag is computed by the server, and may be sent on - update and delete requests to ensure the client has an up-to-date - value before proceeding. - type: string - ServiceConnectionToken: - id: ServiceConnectionToken - description: The ServiceConnectionToken resource. + type: array type: object + description: >- + A service in your project in a region that is eligible for Data Transfer + Essentials configuration. + AutomatedDnsCreationSpec: + id: AutomatedDnsCreationSpec properties: - name: - description: >- - Immutable. The name of a ServiceConnectionToken. Format: - projects/{project}/locations/{location}/ServiceConnectionTokens/{service_connection_token} - See: https://google.aip.dev/122#fields-representing-resource-names - type: string - createTime: - description: Output only. Time when the ServiceConnectionToken was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Time when the ServiceConnectionToken was updated. - readOnly: true - type: string - format: google-datetime - labels: - description: User-defined labels. - type: object - additionalProperties: - type: string - description: - description: A description of this resource. + ttl: + format: google-duration type: string - network: description: >- - The resource path of the network associated with this token. - Example: projects/{projectNumOrId}/global/networks/{resourceId}. - type: string - token: - description: Output only. The token generated by Automation. - readOnly: true + Optional. The Time To Live for the DNS record, in seconds. If not + provided, a default of 30 seconds will be used. + hostname: + description: >- + Required. The hostname (the first label of the FQDN) to use for the + DNS record. This should be a valid DNS label as per RFC 1035. + Generally, this means the hostname can contain letters, digits, and + hyphens, and must not start or end with a hyphen. Example: + "my-instance", "db-1" type: string - expireTime: - description: Output only. The time to which this token is valid. - readOnly: true + dnsSuffix: type: string - format: google-datetime - etag: description: >- - Optional. The etag is computed by the server, and may be sent on - update and delete requests to ensure the client has an up-to-date - value before proceeding. - type: string - ListServiceConnectionTokensResponse: - id: ListServiceConnectionTokensResponse - description: Response for ListServiceConnectionTokens. + Required. The DNS suffix to use for the DNS record. Must end with a + dot. This should be a valid DNS domain name as per RFC 1035. Each + label (between dots) can contain letters, digits, and hyphens, and + must not start or end with a hyphen. Example: + "my-service.example.com.", "internal." + description: The specification for automatically creating a DNS record. type: object + AuditLogConfig: + type: object + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. properties: - serviceConnectionTokens: - description: ServiceConnectionTokens to be returned. - type: array - items: - $ref: '#/components/schemas/ServiceConnectionToken' - nextPageToken: - description: >- - The next pagination token in the List response. It should be used as - page_token for the following request. An empty value means no more - result. + logType: + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + description: The log type that this config enables. type: string - unreachable: - description: Locations that could not be reached. - type: array + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + exemptedMembers: items: type: string - ListMulticloudDataTransferConfigsResponse: - id: ListMulticloudDataTransferConfigsResponse - description: Response message for ListMulticloudDataTransferConfigs. - type: object - properties: - multicloudDataTransferConfigs: - description: MulticloudDataTransferConfigs to be returned. type: array - items: - $ref: '#/components/schemas/MulticloudDataTransferConfig' - nextPageToken: - description: The next page token. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - MulticloudDataTransferConfig: - id: MulticloudDataTransferConfig - description: >- - The MulticloudDataTransferConfig resource. This lists the services for - which customer is opting in for Multicloud Data Transfer. - type: object - properties: - name: - description: >- - Identifier. The name of the MulticloudDataTransferConfig resource. - Format: - `projects/{project}/locations/{location}/multicloudDataTransferConfigs/{multicloud_data_transfer_config}`. - type: string - createTime: - description: Output only. Time when the MulticloudDataTransferConfig was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Time when the MulticloudDataTransferConfig was updated. - readOnly: true - type: string - format: google-datetime - labels: - description: Optional. User-defined labels. - type: object - additionalProperties: - type: string - etag: - description: >- - The etag is computed by the server, and may be sent on update and - delete requests to ensure the client has an up-to-date value before - proceeding. - type: string - description: description: >- - Optional. An optional field to provide a description of this - resource. + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + id: AuditLogConfig + HubStatusEntry: + id: HubStatusEntry + properties: + groupBy: type: string - destinationsCount: description: >- - Output only. The number of Destinations configured under the - MulticloudDataTransferConfig resource. - readOnly: true + The fields that this entry is grouped by. This has the same value as + the `group_by` field in the request message. + pscPropagationStatus: + $ref: '#/components/schemas/PscPropagationStatus' + description: The Private Service Connect propagation status. + count: type: integer - format: int32 - destinationsActiveCount: description: >- - Output only. The number of Destinations in use under the - MulticloudDataTransferConfig resource. - readOnly: true - type: integer + The number of propagated Private Service Connect connections with + this status. If the `group_by` field was not set in the request + message, the value of this field is 1. format: int32 - services: - description: >- - Optional. This map services to either their current or planned - states. Service names are keys, and the associated values describe - the service's state. If a state change is expected, the value will - be the list of ADDING or DELETING states depending on the actions - taken. Example: "services": { "big-query": { "states": [ { "state": - "ADDING", "effective_time": "2024-12-12T08:00:00Z" }, ] }, - "cloud-storage": { "states": [ { "state": "ACTIVE", } ] } } - type: object - additionalProperties: - $ref: '#/components/schemas/StateTimeline' - uid: - description: >- - Output only. The Google-generated UUID for the - MulticloudDataTransferConfig. This value is unique across all - MulticloudDataTransferConfig resources. If a - MulticloudDataTransferConfig is deleted and another with the same - name is created, the new MulticloudDataTransferConfig is assigned a - different uid. - readOnly: true - type: string - StateTimeline: - id: StateTimeline - description: The timeline of pending states for a resource. + description: >- + A hub status entry represents the status of a set of propagated Private + Service Connect connections grouped by certain fields. type: object - properties: - states: - description: >- - Output only. The state and activation time details of the resource - state. - readOnly: true - type: array - items: - $ref: '#/components/schemas/StateMetadata' StateMetadata: id: StateMetadata description: The state and activation time details of the resource state. - type: object properties: state: - description: Output only. The state of the resource. - readOnly: true - type: string enumDescriptions: - - An invalid state as the default case. + - An invalid state, which is the default case. - The resource is being added. - The resource is in use. - The resource is being deleted. - The resource is being suspended. - - The resource is not in use for billing and is suspended. + - The resource is suspended and not in use. + description: Output only. The state of the resource. enum: - STATE_UNSPECIFIED - ADDING @@ -1040,269 +1324,311 @@ components: - DELETING - SUSPENDING - SUSPENDED + readOnly: true + type: string effectiveTime: + type: string description: >- - Output only. This field will be accompanied only with transient - states (PENDING_ADD, PENDING_DELETE, PENDING_SUSPENSION) and denotes - the time when the transient state of the resource will be effective. - For instance, if the state is "ADDING," this field will show the - time the resource transitions to "ACTIVE." Similarly, if the state - is "PENDING_DELETE," it will show the deletion time. + Output only. Accompanies only the transient states, which include + `ADDING`, `DELETING`, and `SUSPENDING`, to denote the time until + which the transient state of the resource will be effective. For + instance, if the state is `ADDING`, this field shows the time when + the resource state transitions to `ACTIVE`. readOnly: true - type: string format: google-datetime - ListDestinationsResponse: - id: ListDestinationsResponse - description: Response message for ListDestinations. type: object + ListHubSpokesResponse: + description: The response for HubService.ListHubSpokes. properties: - destinations: - description: Destinations to be returned. - type: array - items: - $ref: '#/components/schemas/Destination' nextPageToken: - description: The next page token. + description: >- + The token for the next page of the response. To see more results, + use this value as the page_token for your next request. If this + value is empty, there are no more results. type: string unreachable: - description: Locations that could not be reached. - type: array items: type: string - Destination: - id: Destination - description: The Destination resource. + type: array + description: Locations that could not be reached. + spokes: + items: + $ref: '#/components/schemas/Spoke' + type: array + description: >- + The requested spokes. The spoke fields can be partially populated + based on the `view` field in the request message. type: object + id: ListHubSpokesResponse + SpokeTypeCount: + id: SpokeTypeCount properties: - name: + spokeType: + enum: + - SPOKE_TYPE_UNSPECIFIED + - VPN_TUNNEL + - INTERCONNECT_ATTACHMENT + - ROUTER_APPLIANCE + - VPC_NETWORK + - PRODUCER_VPC_NETWORK + readOnly: true + type: string + enumDescriptions: + - Unspecified spoke type. + - Spokes associated with VPN tunnels. + - Spokes associated with VLAN attachments. + - Spokes associated with router appliance instances. + - Spokes associated with VPC networks. + - Spokes that are backed by a producer VPC network. + description: Output only. The type of the spokes. + count: + readOnly: true + type: string + format: int64 description: >- - Identifier. The name of the Destination resource. Format: - `projects/{project}/locations/{location}/multicloudDataTransferConfigs/{multicloud_data_transfer_config}/destinations/{destination}`. + Output only. The total number of spokes of this type that are + associated with the hub. + description: >- + The number of spokes of a given type that are associated with a specific + hub. The type indicates what kind of resource is associated with the + spoke. + type: object + ServiceClass: + properties: + serviceClass: type: string - createTime: - description: Output only. Time when the Destination was created. + description: >- + Output only. The generated service class name. Use this name to + refer to the Service class in Service Connection Maps and Service + Connection Policies. readOnly: true + etag: + type: string + description: >- + Optional. The etag is computed by the server, and may be sent on + update and delete requests to ensure the client has an up-to-date + value before proceeding. + createTime: type: string + readOnly: true + description: Output only. Time when the ServiceClass was created. format: google-datetime + description: + type: string + description: A description of this resource. updateTime: - description: Output only. Time when the Destination was updated. + format: google-datetime readOnly: true + description: Output only. Time when the ServiceClass was updated. type: string - format: google-datetime + name: + type: string + description: >- + Immutable. The name of a ServiceClass resource. Format: + projects/{project}/locations/{location}/serviceClasses/{service_class} + See: https://google.aip.dev/122#fields-representing-resource-names labels: - description: Optional. User-defined labels. + description: User-defined labels. type: object additionalProperties: type: string - etag: - description: >- - The etag is computed by the server, and may be sent on update and - delete requests to ensure the client has an up-to-date value before - proceeding. - type: string - description: - description: >- - Optional. An optional field to provide a description of this - resource. - type: string - ipPrefix: - description: >- - Required. Immutable. Remote IP Prefix in the remote CSP, where the - customer's workload is located - type: string - endpoints: - description: >- - Required. Unordered list. The list of Endpoints configured for the - IP Prefix. + type: object + description: The ServiceClass resource. + id: ServiceClass + TestIamPermissionsRequest: + description: Request message for `TestIamPermissions` method. + id: TestIamPermissionsRequest + type: object + properties: + permissions: type: array items: - $ref: '#/components/schemas/DestinationEndpoint' - stateTimeline: - description: >- - Output only. The timeline of the expected Destination states or the - current rest state. If a state change is expected, the value will be - the list of ADDING, DELETING or SUSPENDING statesdepending on the - actions taken. Example: "state_timeline": { "states": [ { "state": - "ADDING", // The time when the Destination will be activated. - "effective_time": "2024-12-01T08:00:00Z" }, { "state": "SUSPENDING", - // The time when the Destination will be suspended. - "effective_time": "2024-12-01T20:00:00Z" } ] } - readOnly: true - $ref: '#/components/schemas/StateTimeline' - uid: + type: string description: >- - Output only. The Google-generated UUID for the destination. This - value is unique across all destination resources. If a destination - is deleted and another with the same name is created, the new - destination is assigned a different uid. - readOnly: true - type: string - DestinationEndpoint: - id: DestinationEndpoint - description: The metadata for a DestinationEndpoint. + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + OperationMetadata: type: object properties: - asn: - description: Required. The ASN of the remote IP Prefix. - type: string - format: int64 - csp: - description: Required. The name of the CSP of the remote IP Prefix. + target: type: string - state: - description: Output only. The state of the Endpoint. readOnly: true + description: >- + Output only. Server-defined resource path for the target of the + operation. + endTime: + description: Output only. The time the operation finished running. type: string - enumDescriptions: - - An invalid state as the default case. - - The Endpoint is valid. - - The Endpoint is invalid. - enum: - - STATE_UNSPECIFIED - - VALID - - INVALID - updateTime: - description: Output only. Time when the DestinationEndpoint was updated. + format: google-datetime + readOnly: true + createTime: readOnly: true type: string format: google-datetime - MulticloudDataTransferSupportedService: - id: MulticloudDataTransferSupportedService - description: The supported service for Multicloud Data Transfer. - type: object - properties: - name: - description: Identifier. The name of the service. + description: Output only. The time the operation was created. + statusMessage: type: string - serviceConfigs: - description: Output only. The network service tiers supported for the service. + description: Output only. Human-readable status of the operation, if any. readOnly: true - type: array - items: - $ref: '#/components/schemas/ServiceConfig' - ServiceConfig: - id: ServiceConfig - description: >- - Specifies the Multicloud Data Transfer supported services configuration. - This includes either the network tier or the request endpoint. If end of - support for multicloud data transfer is planned for a service's network - tier or request endpoint, the end time will be provided. - type: object - properties: - eligibilityCriteria: - description: >- - Output only. The eligibility criteria for the service. The user has - to meet the eligibility criteria specified here for the service to - qualify for multicloud data transfer. + apiVersion: readOnly: true + description: Output only. API version used to start the operation. type: string - enumDescriptions: - - An invalid eligibility criteria as the default case. - - >- - The service is eligible for multicloud data transfer only for the - premium network tier. - - >- - The service is eligible for multicloud data transfer only for the - standard network tier. - - >- - The service is eligible for multicloud data transfer only for the - regional endpoint. - enum: - - ELIGIBILITY_CRITERIA_UNSPECIFIED - - NETWORK_SERVICE_TIER_PREMIUM_ONLY - - NETWORK_SERVICE_TIER_STANDARD_ONLY - - REQUEST_ENDPOINT_REGIONAL_ENDPOINT_ONLY - supportEndTime: - description: >- - Output only. The eligibility criteria support end time. If the end - time is not specified, no planned end time is available. + requestedCancellation: readOnly: true + type: boolean + description: >- + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have been cancelled successfully + have google.longrunning.Operation.error value with a + google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. + verb: + description: Output only. Name of the verb executed by the operation. type: string - format: google-datetime - ListMulticloudDataTransferSupportedServicesResponse: - id: ListMulticloudDataTransferSupportedServicesResponse - description: Response message for ListMulticloudDataTransferSupportedServices. - type: object + readOnly: true + description: Represents the metadata of the long-running operation. + id: OperationMetadata + GoogleRpcErrorInfo: properties: - multicloudDataTransferSupportedServices: - description: The list of supported services. - type: array - items: - $ref: '#/components/schemas/MulticloudDataTransferSupportedService' - nextPageToken: - description: The next page token. + reason: + description: >- + The reason of the error. This is a constant value that identifies + the proximate cause of the error. Error reasons are unique within a + particular domain of errors. This should be at most 63 characters + and match a regular expression of `A-Z+[A-Z0-9]`, which represents + UPPER_SNAKE_CASE. + type: string + metadata: + type: object + additionalProperties: + type: string + description: >- + Additional structured details about this error. Keys must match a + regular expression of `a-z+` but should ideally be lowerCamelCase. + Also, they must be limited to 64 characters in length. When + identifying the current value of an exceeded limit, the units should + be contained in the key, not the value. For example, rather than + `{"instanceLimit": "100/request"}`, should be returned as, + `{"instanceLimitPerRequest": "100"}`, if the client exceeds the + number of instances that can be created in a single (batch) request. + domain: + description: >- + The logical grouping to which the "reason" belongs. The error domain + is typically the registered service name of the tool or product that + generates the error. Example: "pubsub.googleapis.com". If the error + is generated by some common infrastructure, the error domain must be + a globally unique value that identifies the infrastructure. For + Google API infrastructure, the error domain is "googleapis.com". type: string + type: object + description: >- + Describes the cause of the error with structured details. Example of an + error when contacting the "pubsub.googleapis.com" API when it is not + enabled: { "reason": "API_DISABLED" "domain": "googleapis.com" + "metadata": { "resource": "projects/123", "service": + "pubsub.googleapis.com" } } This response indicates that the + pubsub.googleapis.com API is not enabled. Example of an error that is + returned when attempting to create a Spanner instance in a region that + is out of stock: { "reason": "STOCKOUT" "domain": + "spanner.googleapis.com", "metadata": { "availableRegions": + "us-central1,us-east2" } } + id: GoogleRpcErrorInfo ListHubsResponse: - id: ListHubsResponse description: Response for HubService.ListHubs method. - type: object properties: - hubs: - description: The requested hubs. - type: array - items: - $ref: '#/components/schemas/Hub' nextPageToken: + type: string description: >- The token for the next page of the response. To see more results, use this value as the page_token for your next request. If this value is empty, there are no more results. - type: string unreachable: + items: + type: string description: Locations that could not be reached. type: array + hubs: + description: The requested hubs. items: - type: string - Hub: - id: Hub - description: >- - A Network Connectivity Center hub is a global management resource to - which you attach spokes. A single hub can contain spokes from multiple - regions. However, if any of a hub's spokes use the site-to-site data - transfer feature, the resources associated with those spokes must all be - in the same VPC network. Spokes that do not use site-to-site data - transfer can be associated with any VPC network in your project. + $ref: '#/components/schemas/Hub' + type: array + id: ListHubsResponse type: object + LinkedVpnTunnels: + id: LinkedVpnTunnels + description: >- + A collection of Cloud VPN tunnel resources. These resources should be + redundant HA VPN tunnels that all advertise the same prefixes to Google + Cloud. Alternatively, in a passive/active configuration, all tunnels + should be capable of advertising the same prefixes. properties: - name: + siteToSiteDataTransfer: + type: boolean description: >- - Immutable. The name of the hub. Hub names must be unique. They use - the following form: - `projects/{project_number}/locations/global/hubs/{hub_id}` - type: string - createTime: - description: Output only. The time the hub was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time the hub was last updated. + A value that controls whether site-to-site data transfer is enabled + for these resources. Data transfer is available only in [supported + locations](https://cloud.google.com/network-connectivity/docs/network-connectivity-center/concepts/locations). + uris: + type: array + items: + type: string + description: The URIs of linked VPN tunnel resources. + includeImportRanges: + description: >- + Optional. Hub routes fully encompassed by include import ranges are + included during import from hub. + type: array + items: + type: string + vpcNetwork: readOnly: true + description: Output only. The VPC network where these VPN tunnels are located. type: string - format: google-datetime - labels: + type: object + Spoke: + id: Spoke + description: >- + A Network Connectivity Center spoke represents one or more network + connectivity resources. When you create a spoke, you associate it with a + hub. You must also identify a value for exactly one of the following + fields: * linked_vpn_tunnels * linked_interconnect_attachments * + linked_router_appliance_instances * linked_vpc_network + type: object + properties: + etag: description: >- - Optional labels in key-value pair format. For more information about - labels, see [Requirements for - labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements). - type: object - additionalProperties: - type: string + Optional. This checksum is computed by the server based on the value + of other fields, and may be sent on update and delete requests to + ensure the client has an up-to-date value before proceeding. + type: string + linkedVpcNetwork: + description: Optional. VPC network that is associated with the spoke. + $ref: '#/components/schemas/LinkedVpcNetwork' description: - description: Optional. An optional description of the hub. + description: Optional. An optional description of the spoke. type: string - uniqueId: + fieldPathsPendingUpdate: + type: array + items: + type: string description: >- - Output only. The Google-generated UUID for the hub. This value is - unique across all hub resources. If a hub is deleted and another - with the same name is created, the new hub is assigned a different - unique_id. - readOnly: true - type: string + Optional. The list of fields waiting for hub administration's + approval. state: - description: Output only. The current lifecycle state of this hub. - readOnly: true - type: string + description: Output only. The current lifecycle state of this spoke. + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + - ACCEPTING + - REJECTING + - UPDATING + - INACTIVE + - OBSOLETE + - FAILED enumDescriptions: - No state information available - The resource's create operation is in progress. @@ -1319,186 +1645,379 @@ components: The resource is in an undefined state due to resource creation or deletion failure. You can try to delete the resource later or contact support for help. + type: string + readOnly: true + spokeType: + description: Output only. The type of resource associated with the spoke. enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - - ACCEPTING - - REJECTING - - UPDATING - - INACTIVE - - OBSOLETE - - FAILED - routingVpcs: + - SPOKE_TYPE_UNSPECIFIED + - VPN_TUNNEL + - INTERCONNECT_ATTACHMENT + - ROUTER_APPLIANCE + - VPC_NETWORK + - PRODUCER_VPC_NETWORK + enumDescriptions: + - Unspecified spoke type. + - Spokes associated with VPN tunnels. + - Spokes associated with VLAN attachments. + - Spokes associated with router appliance instances. + - Spokes associated with VPC networks. + - Spokes that are backed by a producer VPC network. + type: string + readOnly: true + uniqueId: + readOnly: true + type: string description: >- - Output only. The VPC networks associated with this hub's spokes. - This field is read-only. Network Connectivity Center automatically - populates it based on the set of spokes attached to the hub. + Output only. The Google-generated UUID for the spoke. This value is + unique across all spoke resources. If a spoke is deleted and another + with the same name is created, the new spoke is assigned a different + `unique_id`. + linkedInterconnectAttachments: + description: Optional. VLAN attachments that are associated with the spoke. + $ref: '#/components/schemas/LinkedInterconnectAttachments' + linkedProducerVpcNetwork: + description: Optional. The linked producer VPC that is associated with the spoke. + $ref: '#/components/schemas/LinkedProducerVpcNetwork' + updateTime: readOnly: true + format: google-datetime + description: Output only. The time the spoke was last updated. + type: string + reasons: type: array + description: Output only. The reasons for current state of the spoke. items: - $ref: '#/components/schemas/RoutingVPC' - routeTables: - description: >- - Output only. The route tables that belong to this hub. They use the - following form: - `projects/{project_number}/locations/global/hubs/{hub_id}/routeTables/{route_table_id}` - This field is read-only. Network Connectivity Center automatically - populates it based on the route tables nested under the hub. - readOnly: true - type: array - items: - type: string - spokeSummary: - description: >- - Output only. A summary of the spokes associated with a hub. The - summary includes a count of spokes according to type and according - to state. If any spokes are inactive, the summary also lists the - reasons they are inactive, including a count for each reason. + $ref: '#/components/schemas/StateReason' readOnly: true - $ref: '#/components/schemas/SpokeSummary' - policyMode: + name: + type: string description: >- - Optional. The policy mode of this hub. This field can be either - PRESET or CUSTOM. If unspecified, the policy_mode defaults to - PRESET. + Immutable. The name of the spoke. Spoke names must be unique. They + use the following form: + `projects/{project_number}/locations/{region}/spokes/{spoke_id}` + linkedVpnTunnels: + $ref: '#/components/schemas/LinkedVpnTunnels' + description: Optional. VPN tunnels that are associated with the spoke. + hub: + description: Immutable. The name of the hub that this spoke is attached to. type: string - enumDescriptions: - - >- - Policy mode is unspecified. It defaults to PRESET with - preset_topology = MESH. - - Hub uses one of the preset topologies. - enum: - - POLICY_MODE_UNSPECIFIED - - PRESET - presetTopology: + linkedRouterApplianceInstances: + $ref: '#/components/schemas/LinkedRouterApplianceInstances' description: >- - Optional. The topology implemented in this hub. Currently, this - field is only used when policy_mode = PRESET. The available preset - topologies are MESH and STAR. If preset_topology is unspecified and - policy_mode = PRESET, the preset_topology defaults to MESH. When - policy_mode = CUSTOM, the preset_topology is set to - PRESET_TOPOLOGY_UNSPECIFIED. + Optional. Router appliance instances that are associated with the + spoke. + createTime: + readOnly: true type: string - enumDescriptions: - - >- - Preset topology is unspecified. When policy_mode = PRESET, it - defaults to MESH. - - >- - Mesh topology is implemented. Group `default` is automatically - created. All spokes in the hub are added to group `default`. - - >- - Star topology is implemented. Two groups, `center` and `edge`, are - automatically created along with hub creation. Spokes have to join - one of the groups during creation. - enum: - - PRESET_TOPOLOGY_UNSPECIFIED - - MESH - - STAR - exportPsc: + format: google-datetime + description: Output only. The time the spoke was created. + group: + description: Optional. The name of the group that this spoke is associated with. + type: string + labels: + type: object + additionalProperties: + type: string description: >- - Optional. Whether Private Service Connect connection propagation is - enabled for the hub. If true, Private Service Connect endpoints in - VPC spokes attached to the hub are made accessible to other VPC - spokes attached to the hub. The default value is false. - type: boolean - RoutingVPC: - id: RoutingVPC - description: >- - RoutingVPC contains information about the VPC networks associated with - the spokes of a Network Connectivity Center hub. - type: object + Optional labels in key-value pair format. For more information about + labels, see [Requirements for + labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements). + RejectSpokeUpdateRequest: properties: - uri: - description: The URI of the VPC network. + spokeEtag: + description: Required. The etag of the spoke to reject update. + type: string + requestId: type: string - requiredForNewSiteToSiteDataTransferSpokes: description: >- - Output only. If true, indicates that this VPC network is currently - associated with spokes that use the data transfer feature (spokes - where the site_to_site_data_transfer field is set to true). If you - create new spokes that use data transfer, they must be associated - with this VPC network. At most, one VPC network will have this field - set to true. - readOnly: true - type: boolean - SpokeSummary: - id: SpokeSummary - description: >- - Summarizes information about the spokes associated with a hub. The - summary includes a count of spokes according to type and according to - state. If any spokes are inactive, the summary also lists the reasons - they are inactive, including a count for each reason. + Optional. A request ID to identify requests. Specify a unique + request ID so that if you must retry your request, the server knows + to ignore the request if it has already been completed. The server + guarantees that a request doesn't result in creation of duplicate + commitments for at least 60 minutes. For example, consider a + situation where you make an initial request and the request times + out. If you make the request again with the same request ID, the + server can check to see whether the original operation was received. + If it was, the server ignores the second request. This behavior + prevents clients from mistakenly creating duplicate commitments. The + request ID must be a valid UUID, with the exception that zero UUID + is not supported (00000000-0000-0000-0000-000000000000). + details: + description: Optional. Additional information provided by the hub administrator. + type: string + spokeUri: + type: string + description: Required. The URI of the spoke to reject update. + type: object + description: The request for HubService.RejectSpokeUpdate. + id: RejectSpokeUpdateRequest + Policy: type: object properties: - spokeTypeCounts: + etag: + format: byte + type: string description: >- - Output only. Counts the number of spokes of each type that are - associated with a specific hub. - readOnly: true - type: array - items: - $ref: '#/components/schemas/SpokeTypeCount' - spokeStateCounts: + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + version: description: >- - Output only. Counts the number of spokes that are in each state and - associated with a given hub. - readOnly: true - type: array + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + type: integer + format: int32 + bindings: items: - $ref: '#/components/schemas/SpokeStateCount' - spokeStateReasonCounts: - description: >- - Output only. Counts the number of spokes that are inactive for each - possible reason and associated with a given hub. - readOnly: true + $ref: '#/components/schemas/Binding' type: array + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + auditConfigs: items: - $ref: '#/components/schemas/SpokeStateReasonCount' - SpokeTypeCount: - id: SpokeTypeCount + $ref: '#/components/schemas/AuditConfig' + description: Specifies cloud audit logging configuration for this policy. + type: array + id: Policy description: >- - The number of spokes of a given type that are associated with a specific - hub. The type indicates what kind of resource is associated with the - spoke. + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + MulticloudDataTransferConfig: + id: MulticloudDataTransferConfig + description: >- + The `MulticloudDataTransferConfig` resource. It lists the services that + you configure for Data Transfer Essentials billing and metering. type: object properties: - spokeType: - description: Output only. The type of the spokes. + uid: readOnly: true type: string - enumDescriptions: - - Unspecified spoke type. - - Spokes associated with VPN tunnels. - - Spokes associated with VLAN attachments. - - Spokes associated with router appliance instances. - - Spokes associated with VPC networks. - - Spokes that are backed by a producer VPC network. - enum: - - SPOKE_TYPE_UNSPECIFIED - - VPN_TUNNEL - - INTERCONNECT_ATTACHMENT - - ROUTER_APPLIANCE - - VPC_NETWORK - - PRODUCER_VPC_NETWORK - count: description: >- - Output only. The total number of spokes of this type that are - associated with the hub. + Output only. The Google-generated unique ID for the + `MulticloudDataTransferConfig` resource. This value is unique across + all `MulticloudDataTransferConfig` resources. If a resource is + deleted and another with the same name is created, the new resource + is assigned a different and unique ID. + createTime: + format: google-datetime + type: string + description: >- + Output only. Time when the `MulticloudDataTransferConfig` resource + was created. readOnly: true + labels: + type: object + description: Optional. User-defined labels. + additionalProperties: + type: string + name: + description: >- + Identifier. The name of the `MulticloudDataTransferConfig` resource. + Format: + `projects/{project}/locations/{location}/multicloudDataTransferConfigs/{multicloud_data_transfer_config}`. type: string - format: int64 + etag: + description: >- + The etag is computed by the server, and might be sent with update + and delete requests so that the client has an up-to-date value + before proceeding. + type: string + updateTime: + type: string + format: google-datetime + readOnly: true + description: >- + Output only. Time when the `MulticloudDataTransferConfig` resource + was updated. + description: + type: string + description: Optional. A description of this resource. + services: + additionalProperties: + $ref: '#/components/schemas/StateTimeline' + type: object + description: >- + Optional. Maps services to their current or planned states. Service + names are keys, and the associated values describe the state of the + service. If a state change is expected, the value is either `ADDING` + or `DELETING`, depending on the actions taken. Sample output: + "services": { "big-query": { "states": [ { "effectiveTime": + "2024-12-12T08:00:00Z" "state": "ADDING", }, ] }, "cloud-storage": { + "states": [ { "state": "ACTIVE", } ] } } + destinationsActiveCount: + type: integer + format: int32 + readOnly: true + description: >- + Output only. The number of `Destination` resources in use with the + `MulticloudDataTransferConfig` resource. + destinationsCount: + readOnly: true + format: int32 + description: >- + Output only. The number of `Destination` resources configured for + the `MulticloudDataTransferConfig` resource. + type: integer + ListSpokesResponse: + type: object + id: ListSpokesResponse + description: The response for HubService.ListSpokes. + properties: + nextPageToken: + description: >- + The token for the next page of the response. To see more results, + use this value as the page_token for your next request. If this + value is empty, there are no more results. + type: string + spokes: + type: array + description: The requested spokes. + items: + $ref: '#/components/schemas/Spoke' + unreachable: + type: array + items: + type: string + description: Locations that could not be reached. + Warnings: + type: object + properties: + code: + description: Output only. A warning code, if applicable. + readOnly: true + enumDescriptions: + - Default value. + - >- + The policy-based route is not active and functioning. Common + causes are that the dependent network was deleted or the resource + project was turned off. + - >- + The policy-based route is being modified (e.g. created/deleted) at + this time. + enum: + - WARNING_UNSPECIFIED + - RESOURCE_NOT_ACTIVE + - RESOURCE_BEING_MODIFIED + type: string + warningMessage: + readOnly: true + type: string + description: Output only. A human-readable description of the warning code. + data: + description: >- + Output only. Metadata about this warning in key: value format. The + key should provides more detail on the warning being returned. For + example, for warnings where there are no results in a list request + for a particular zone, this key might be scope and the key value + might be the zone name. Other examples might be a key indicating a + deprecated resource and a suggested replacement. + type: object + readOnly: true + additionalProperties: + type: string + description: Informational warning message. + id: Warnings + Empty: + id: Empty + properties: {} + type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + ListPolicyBasedRoutesResponse: + properties: + nextPageToken: + type: string + description: >- + The next pagination token in the List response. It should be used as + page_token for the following request. An empty value means no more + result. + unreachable: + type: array + items: + type: string + description: Locations that could not be reached. + policyBasedRoutes: + type: array + description: Policy-based routes to be returned. + items: + $ref: '#/components/schemas/PolicyBasedRoute' + id: ListPolicyBasedRoutesResponse + type: object + description: Response for PolicyBasedRoutingService.ListPolicyBasedRoutes method. SpokeStateCount: - id: SpokeStateCount + type: object description: >- The number of spokes that are in a particular state and associated with a given hub. - type: object + id: SpokeStateCount properties: state: - description: Output only. The state of the spokes. - readOnly: true type: string enumDescriptions: - No state information available @@ -1527,21 +2046,28 @@ components: - INACTIVE - OBSOLETE - FAILED + readOnly: true + description: Output only. The state of the spokes. count: + readOnly: true + type: string description: >- Output only. The total number of spokes that are in this state and associated with a given hub. - readOnly: true - type: string format: int64 - SpokeStateReasonCount: - id: SpokeStateReasonCount - description: The number of spokes in the hub that are inactive for this reason. - type: object + StateReason: properties: - stateReasonCode: - description: Output only. The reason that a spoke is inactive. - readOnly: true + code: + description: The code associated with this reason. + enum: + - CODE_UNSPECIFIED + - PENDING_REVIEW + - REJECTED + - PAUSED + - FAILED + - UPDATE_PENDING_REVIEW + - UPDATE_REJECTED + - UPDATE_FAILED type: string enumDescriptions: - No information available. @@ -1558,801 +2084,919 @@ components: - >- Network Connectivity Center encountered errors while accepting the spoke update. - enum: - - CODE_UNSPECIFIED - - PENDING_REVIEW - - REJECTED - - PAUSED - - FAILED - - UPDATE_PENDING_REVIEW - - UPDATE_REJECTED - - UPDATE_FAILED - count: - description: >- - Output only. The total number of spokes that are inactive for a - particular reason and associated with a given hub. - readOnly: true + message: type: string - format: int64 - ListHubSpokesResponse: - id: ListHubSpokesResponse - description: The response for HubService.ListHubSpokes. + description: Human-readable details about this reason. + userDetails: + description: Additional information provided by the user in the RejectSpoke call. + type: string + description: The reason a spoke is inactive. type: object + id: StateReason + ListServiceConnectionMapsResponse: + id: ListServiceConnectionMapsResponse + description: Response for ListServiceConnectionMaps. properties: - spokes: - description: >- - The requested spokes. The spoke fields can be partially populated - based on the `view` field in the request message. + unreachable: type: array items: - $ref: '#/components/schemas/Spoke' + type: string + description: Locations that could not be reached. + serviceConnectionMaps: + items: + $ref: '#/components/schemas/ServiceConnectionMap' + type: array + description: ServiceConnectionMaps to be returned. nextPageToken: description: >- - The token for the next page of the response. To see more results, - use this value as the page_token for your next request. If this - value is empty, there are no more results. + The next pagination token in the List response. It should be used as + page_token for the following request. An empty value means no more + result. + type: string + type: object + GoogleLongrunningCancelOperationRequest: + id: GoogleLongrunningCancelOperationRequest + properties: {} + type: object + description: The request message for Operations.CancelOperation. + ListServiceClassesResponse: + description: Response for ListServiceClasses. + type: object + id: ListServiceClassesResponse + properties: + nextPageToken: + description: >- + The next pagination token in the List response. It should be used as + page_token for the following request. An empty value means no more + result. type: string unreachable: description: Locations that could not be reached. type: array items: type: string - Spoke: - id: Spoke - description: >- - A Network Connectivity Center spoke represents one or more network - connectivity resources. When you create a spoke, you associate it with a - hub. You must also identify a value for exactly one of the following - fields: * linked_vpn_tunnels * linked_interconnect_attachments * - linked_router_appliance_instances * linked_vpc_network + serviceClasses: + description: ServiceClasses to be returned. + items: + $ref: '#/components/schemas/ServiceClass' + type: array + GoogleLongrunningOperation: + id: GoogleLongrunningOperation type: object properties: name: description: >- - Immutable. The name of the spoke. Spoke names must be unique. They - use the following form: - `projects/{project_number}/locations/{region}/spokes/{spoke_id}` + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string - createTime: - description: Output only. The time the spoke was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time the spoke was last updated. - readOnly: true - type: string - format: google-datetime - labels: + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object description: >- - Optional labels in key-value pair format. For more information about - labels, see [Requirements for - labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements). + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + response: type: object additionalProperties: - type: string + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + error: + $ref: '#/components/schemas/GoogleRpcStatus' + description: >- + The error result of the operation in case of failure or + cancellation. + description: >- + This resource represents a long-running operation that is the result of + a network API call. + Destination: + properties: + endpoints: + type: array + description: >- + Required. Unordered list. The list of `DestinationEndpoint` + resources configured for the IP prefix. + items: + $ref: '#/components/schemas/DestinationEndpoint' description: - description: Optional. An optional description of the spoke. type: string - hub: - description: Immutable. The name of the hub that this spoke is attached to. + description: Optional. A description of this resource. + updateTime: type: string - group: - description: Optional. The name of the group that this spoke is associated with. + readOnly: true + description: Output only. Time when the `Destination` resource was updated. + format: google-datetime + stateTimeline: + $ref: '#/components/schemas/StateTimeline' + description: >- + Output only. The timeline of the expected `Destination` states or + the current rest state. If a state change is expected, the value is + `ADDING`, `DELETING` or `SUSPENDING`, depending on the action + specified. Example: "state_timeline": { "states": [ { // The time + when the `Destination` resource will be activated. "effectiveTime": + "2024-12-01T08:00:00Z", "state": "ADDING" }, { // The time when the + `Destination` resource will be suspended. "effectiveTime": + "2024-12-01T20:00:00Z", "state": "SUSPENDING" } ] } + readOnly: true + ipPrefix: type: string - linkedVpnTunnels: - description: Optional. VPN tunnels that are associated with the spoke. - $ref: '#/components/schemas/LinkedVpnTunnels' - linkedInterconnectAttachments: - description: Optional. VLAN attachments that are associated with the spoke. - $ref: '#/components/schemas/LinkedInterconnectAttachments' - linkedRouterApplianceInstances: description: >- - Optional. Router appliance instances that are associated with the - spoke. - $ref: '#/components/schemas/LinkedRouterApplianceInstances' - linkedVpcNetwork: - description: Optional. VPC network that is associated with the spoke. - $ref: '#/components/schemas/LinkedVpcNetwork' - linkedProducerVpcNetwork: - description: Optional. The linked producer VPC that is associated with the spoke. - $ref: '#/components/schemas/LinkedProducerVpcNetwork' - uniqueId: + Required. Immutable. The IP prefix that represents your workload on + another CSP. + name: description: >- - Output only. The Google-generated UUID for the spoke. This value is - unique across all spoke resources. If a spoke is deleted and another - with the same name is created, the new spoke is assigned a different - `unique_id`. - readOnly: true + Identifier. The name of the `Destination` resource. Format: + `projects/{project}/locations/{location}/multicloudDataTransferConfigs/{multicloud_data_transfer_config}/destinations/{destination}`. type: string - state: - description: Output only. The current lifecycle state of this spoke. - readOnly: true + uid: type: string - enumDescriptions: - - No state information available - - The resource's create operation is in progress. - - The resource is active - - The resource's delete operation is in progress. - - The resource's accept operation is in progress. - - The resource's reject operation is in progress. - - The resource's update operation is in progress. - - The resource is inactive. - - >- - The hub associated with this spoke resource has been deleted. This - state applies to spoke resources only. - - >- - The resource is in an undefined state due to resource creation or - deletion failure. You can try to delete the resource later or - contact support for help. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - - ACCEPTING - - REJECTING - - UPDATING - - INACTIVE - - OBSOLETE - - FAILED - reasons: - description: Output only. The reasons for current state of the spoke. - readOnly: true - type: array - items: - $ref: '#/components/schemas/StateReason' - spokeType: - description: Output only. The type of resource associated with the spoke. readOnly: true + description: >- + Output only. The Google-generated unique ID for the `Destination` + resource. This value is unique across all `Destination` resources. + If a resource is deleted and another with the same name is created, + the new resource is assigned a different and unique ID. + labels: + description: Optional. User-defined labels. + additionalProperties: + type: string + type: object + createTime: + description: Output only. Time when the `Destination` resource was created. type: string - enumDescriptions: - - Unspecified spoke type. - - Spokes associated with VPN tunnels. - - Spokes associated with VLAN attachments. - - Spokes associated with router appliance instances. - - Spokes associated with VPC networks. - - Spokes that are backed by a producer VPC network. - enum: - - SPOKE_TYPE_UNSPECIFIED - - VPN_TUNNEL - - INTERCONNECT_ATTACHMENT - - ROUTER_APPLIANCE - - VPC_NETWORK - - PRODUCER_VPC_NETWORK + readOnly: true + format: google-datetime etag: description: >- - Optional. This checksum is computed by the server based on the value - of other fields, and may be sent on update and delete requests to - ensure the client has an up-to-date value before proceeding. + The etag is computed by the server, and might be sent with update + and delete requests so that the client has an up-to-date value + before proceeding. type: string - fieldPathsPendingUpdate: - description: >- - Optional. The list of fields waiting for hub administration's - approval. - type: array - items: - type: string - LinkedVpnTunnels: - id: LinkedVpnTunnels description: >- - A collection of Cloud VPN tunnel resources. These resources should be - redundant HA VPN tunnels that all advertise the same prefixes to Google - Cloud. Alternatively, in a passive/active configuration, all tunnels - should be capable of advertising the same prefixes. + The `Destination` resource. It specifies the IP prefix and the + associated autonomous system numbers (ASN) that you want to include in a + `MulticloudDataTransferConfig` resource. + id: Destination + type: object + NextHopInterconnectAttachment: type: object + description: A route next hop that leads to an interconnect attachment resource. properties: - uris: - description: The URIs of linked VPN tunnel resources. - type: array - items: - type: string siteToSiteDataTransfer: description: >- - A value that controls whether site-to-site data transfer is enabled - for these resources. Data transfer is available only in [supported + Indicates whether site-to-site data transfer is allowed for this + interconnect attachment resource. Data transfer is available only in + [supported locations](https://cloud.google.com/network-connectivity/docs/network-connectivity-center/concepts/locations). type: boolean + uri: + type: string + description: The URI of the interconnect attachment resource. vpcNetwork: - description: Output only. The VPC network where these VPN tunnels are located. - readOnly: true type: string - includeImportRanges: - description: >- - Optional. Hub routes fully encompassed by include import ranges are - included during import from hub. - type: array - items: - type: string - LinkedInterconnectAttachments: - id: LinkedInterconnectAttachments - description: >- - A collection of VLAN attachment resources. These resources should be - redundant attachments that all advertise the same prefixes to Google - Cloud. Alternatively, in active/passive configurations, all attachments - should be capable of advertising the same prefixes. + description: The VPC network where this interconnect attachment is located. + id: NextHopInterconnectAttachment + NextHopVpcNetwork: + properties: + uri: + description: The URI of the VPC network resource + type: string + id: NextHopVpcNetwork + type: object + InterconnectAttachment: type: object + id: InterconnectAttachment + description: InterconnectAttachment that this route applies to. properties: - uris: - description: The URIs of linked interconnect attachment resources - type: array - items: - type: string - siteToSiteDataTransfer: - description: >- - A value that controls whether site-to-site data transfer is enabled - for these resources. Data transfer is available only in [supported - locations](https://cloud.google.com/network-connectivity/docs/network-connectivity-center/concepts/locations). - type: boolean - vpcNetwork: - description: >- - Output only. The VPC network where these VLAN attachments are - located. - readOnly: true + region: type: string - includeImportRanges: description: >- - Optional. Hub routes fully encompassed by include import ranges are - included during import from hub. - type: array - items: - type: string - LinkedRouterApplianceInstances: - id: LinkedRouterApplianceInstances - description: >- - A collection of router appliance instances. If you configure multiple - router appliance instances to receive data from the same set of sites - outside of Google Cloud, we recommend that you associate those instances - with the same spoke. + Optional. Cloud region to install this policy-based route on + interconnect attachment. Use `all` to install it on all interconnect + attachments. + RouterApplianceInstance: type: object properties: - instances: - description: The list of router appliance instances. - type: array - items: - $ref: '#/components/schemas/RouterApplianceInstance' - siteToSiteDataTransfer: - description: >- - A value that controls whether site-to-site data transfer is enabled - for these resources. Data transfer is available only in [supported - locations](https://cloud.google.com/network-connectivity/docs/network-connectivity-center/concepts/locations). - type: boolean - vpcNetwork: - description: >- - Output only. The VPC network where these router appliance instances - are located. - readOnly: true + virtualMachine: type: string - includeImportRanges: - description: >- - Optional. Hub routes fully encompassed by include import ranges are - included during import from hub. - type: array - items: - type: string - RouterApplianceInstance: + description: The URI of the VM. + ipAddress: + type: string + description: The IP address on the VM to use for peering. id: RouterApplianceInstance description: >- A router appliance instance is a Compute Engine virtual machine (VM) instance that acts as a BGP speaker. A router appliance instance is specified by the URI of the VM and the internal IP address of one of the VM's network interfaces. - type: object + InternalRange: + id: InternalRange properties: - virtualMachine: - description: The URI of the VM. - type: string - ipAddress: - description: The IP address on the VM to use for peering. + network: + description: >- + Immutable. The URL or resource ID of the network in which to reserve + the internal range. The network cannot be deleted if there are any + reserved internal ranges referring to it. Legacy networks are not + supported. For example: + https://www.googleapis.com/compute/v1/projects/{project}/locations/global/networks/{network} + projects/{project}/locations/global/networks/{network} {network} type: string - LinkedVpcNetwork: - id: LinkedVpcNetwork - description: An existing VPC network. - type: object - properties: - uri: - description: Required. The URI of the VPC network resource. + createTime: + description: Time when the internal range was created. type: string - excludeExportRanges: - description: >- - Optional. IP ranges encompassing the subnets to be excluded from - peering. + format: google-datetime + targetCidrRange: type: array + description: >- + Optional. Can be set to narrow down or pick a different address + space while searching for a free range. If not set, defaults to the + ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] address space (for + auto-mode networks, the "10.0.0.0/9" range is used instead of + "10.0.0.0/8"). This can be used to target the search in other + rfc-1918 address spaces like "172.16.0.0/12" and "192.168.0.0/16" or + non-rfc-1918 address spaces used in the VPC. items: type: string - includeExportRanges: - description: Optional. IP ranges allowed to be included from peering. + peering: + enumDescriptions: + - >- + If Peering is left unspecified in CreateInternalRange or + UpdateInternalRange, it will be defaulted to FOR_SELF. + - >- + This is the default behavior and represents the case that this + internal range is intended to be used in the VPC in which it is + created and is accessible from its peers. This implies that peers + or peers-of-peers cannot use this range. + - >- + This behavior can be set when the internal range is being reserved + for usage by peers. This means that no resource within the VPC in + which it is being created can use this to associate with a VPC + resource, but one of the peers can. This represents donating a + range for peers to use. + - >- + This behavior can be set when the internal range is being reserved + for usage by the VPC in which it is created, but not shared with + peers. In a sense, it is local to the VPC. This can be used to + create internal ranges for various purposes like + HTTP_INTERNAL_LOAD_BALANCER or for Interconnect routes that are + not shared with peers. This also implies that peers cannot use + this range in a way that is visible to this VPC, but can re-use + this range as long as it is NOT_SHARED from the peer VPC, too. + enum: + - PEERING_UNSPECIFIED + - FOR_SELF + - FOR_PEER + - NOT_SHARED + description: Optional. The type of peering set for this internal range. + type: string + labels: + additionalProperties: + type: string + type: object + description: User-defined labels. + migration: + description: Optional. Must be present if usage is set to FOR_MIGRATION. + $ref: '#/components/schemas/Migration' + name: + description: >- + Identifier. The name of an internal range. Format: + projects/{project}/locations/{location}/internalRanges/{internal_range} + See: https://google.aip.dev/122#fields-representing-resource-names + type: string + updateTime: + type: string + description: Time when the internal range was updated. + format: google-datetime + ipCidrRange: + description: >- + Optional. The IP range that this internal range defines. NOTE: IPv6 + ranges are limited to usage=EXTERNAL_TO_VPC and peering=FOR_SELF. + NOTE: For IPv6 Ranges this field is compulsory, i.e. the address + range must be specified explicitly. + type: string + immutable: + description: >- + Optional. Immutable ranges cannot have their fields modified, except + for labels and description. + type: boolean + overlaps: type: array items: + enumDescriptions: + - No overlap overrides. + - >- + Allow creation of static routes more specific that the current + internal range. + - >- + Allow creation of internal ranges that overlap with existing + subnets. type: string - proposedIncludeExportRanges: + enum: + - OVERLAP_UNSPECIFIED + - OVERLAP_ROUTE_RANGE + - OVERLAP_EXISTING_SUBNET_RANGE description: >- - Output only. The proposed include export IP ranges waiting for hub - administration's approval. - readOnly: true + Optional. Types of resources that are allowed to overlap with the + current internal range. + usage: + enumDescriptions: + - >- + Unspecified usage is allowed in calls which identify the resource + by other fields and do not need Usage set to complete. These are, + i.e.: GetInternalRange and DeleteInternalRange. Usage needs to be + specified explicitly in CreateInternalRange or UpdateInternalRange + calls. + - >- + A VPC resource can use the reserved CIDR block by associating it + with the internal range resource if usage is set to FOR_VPC. + - >- + Ranges created with EXTERNAL_TO_VPC cannot be associated with VPC + resources and are meant to block out address ranges for various + use cases, like for example, usage on-prem, with dynamic route + announcements via interconnect. + - >- + Ranges created FOR_MIGRATION can be used to lock a CIDR range + between a source and target subnet. If usage is set to + FOR_MIGRATION, the peering value has to be set to FOR_SELF or + default to FOR_SELF when unset. + enum: + - USAGE_UNSPECIFIED + - FOR_VPC + - EXTERNAL_TO_VPC + - FOR_MIGRATION + description: Optional. The type of usage set for this InternalRange. + type: string + users: type: array + readOnly: true + description: >- + Output only. The list of resources that refer to this internal + range. Resources that use the internal range for their range + allocation are referred to as users of the range. Other resources + mark themselves as users while doing so by creating a reference to + this internal range. Having a user, based on this reference, + prevents deletion of the internal range referred to. Can be empty. items: type: string - proposedExcludeExportRanges: + prefixLength: + format: int32 + type: integer description: >- - Output only. The proposed exclude export IP ranges waiting for hub - administration's approval. - readOnly: true - type: array + Optional. An alternate to ip_cidr_range. Can be set when trying to + create an IPv4 reservation that automatically finds a free range of + the given size. If both ip_cidr_range and prefix_length are set, + there is an error if the range sizes do not match. Can also be used + during updates to change the range size. NOTE: For IPv6 this field + only works if ip_cidr_range is set as well, and both fields must + match. In other words, with IPv6 this field only works as a + redundant parameter. + allocationOptions: + $ref: '#/components/schemas/AllocationOptions' + description: >- + Optional. Range auto-allocation options, may be set only when + auto-allocation is selected by not setting ip_cidr_range (and + setting prefix_length). + description: + type: string + description: Optional. A description of this resource. + excludeCidrRanges: items: type: string - producerVpcSpokes: description: >- - Output only. The list of Producer VPC spokes that this VPC spoke is - a service consumer VPC spoke for. These producer VPCs are connected - through VPC peering to this spoke's backing VPC network. Because - they are directly connected through VPC peering, NCC export filters - do not apply between the service consumer VPC spoke and any of its - producer VPC spokes. This VPC spoke cannot be deleted as long as any - of these producer VPC spokes are connected to the NCC Hub. - readOnly: true + Optional. ExcludeCidrRanges flag. Specifies a set of CIDR blocks + that allows exclusion of particular CIDR ranges from the + auto-allocation process, without having to reserve these blocks type: array + type: object + description: >- + The internal range resource for IPAM operations within a VPC network. + Used to represent a private address range along with behavioral + characteristics of that range (its usage and peering behavior). + Networking resources can link to this range if they are created as + belonging to it. + TestIamPermissionsResponse: + properties: + permissions: items: type: string - LinkedProducerVpcNetwork: - id: LinkedProducerVpcNetwork + type: array + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + id: TestIamPermissionsResponse type: object + description: Response message for `TestIamPermissions` method. + ServiceConnectionToken: properties: - network: - description: >- - Immutable. The URI of the Service Consumer VPC that the Producer VPC - is peered with. + description: type: string - serviceConsumerVpcSpoke: - description: Output only. The Service Consumer Network spoke. + description: A description of this resource. + createTime: readOnly: true + format: google-datetime + description: Output only. Time when the ServiceConnectionToken was created. type: string - peering: + name: description: >- - Immutable. The name of the VPC peering between the Service Consumer - VPC and the Producer VPC (defined in the Tenant project) which is - added to the NCC hub. This peering must be in ACTIVE state. + Immutable. The name of a ServiceConnectionToken. Format: + projects/{project}/locations/{location}/ServiceConnectionTokens/{service_connection_token} + See: https://google.aip.dev/122#fields-representing-resource-names + type: string + token: type: string - producerNetwork: - description: Output only. The URI of the Producer VPC. readOnly: true + description: Output only. The token generated by Automation. + network: type: string - excludeExportRanges: - description: >- - Optional. IP ranges encompassing the subnets to be excluded from - peering. - type: array - items: - type: string - includeExportRanges: - description: Optional. IP ranges allowed to be included from peering. - type: array - items: - type: string - proposedIncludeExportRanges: description: >- - Output only. The proposed include export IP ranges waiting for hub - administration's approval. + The resource path of the network associated with this token. + Example: projects/{projectNumOrId}/global/networks/{resourceId}. + updateTime: + type: string readOnly: true - type: array - items: - type: string - proposedExcludeExportRanges: + description: Output only. Time when the ServiceConnectionToken was updated. + format: google-datetime + etag: description: >- - Output only. The proposed exclude export IP ranges waiting for hub - administration's approval. + Optional. The etag is computed by the server, and may be sent on + update and delete requests to ensure the client has an up-to-date + value before proceeding. + type: string + expireTime: + description: Output only. The time to which this token is valid. readOnly: true - type: array - items: + format: google-datetime + type: string + labels: + type: object + description: User-defined labels. + additionalProperties: type: string - StateReason: - id: StateReason - description: The reason a spoke is inactive. type: object + description: The ServiceConnectionToken resource. + id: ServiceConnectionToken + ServiceConfig: properties: - code: - description: The code associated with this reason. - type: string + eligibilityCriteria: + description: Output only. The eligibility criteria for the service. enumDescriptions: - - No information available. - - The proposed spoke is pending review. - - The proposed spoke has been rejected by the hub administrator. - - The spoke has been deactivated internally. - >- - Network Connectivity Center encountered errors while accepting the - spoke. - - The proposed spoke update is pending review. + The service is not eligible for Data Transfer Essentials + configuration. This is the default case. - >- - The proposed spoke update has been rejected by the hub - administrator. + The service is eligible for Data Transfer Essentials configuration + only for Premium Tier. - >- - Network Connectivity Center encountered errors while accepting the - spoke update. + The service is eligible for Data Transfer Essentials configuration + only for Standard Tier. + - >- + The service is eligible for Data Transfer Essentials configuration + only for the regional endpoint. enum: - - CODE_UNSPECIFIED - - PENDING_REVIEW - - REJECTED - - PAUSED - - FAILED - - UPDATE_PENDING_REVIEW - - UPDATE_REJECTED - - UPDATE_FAILED - message: - description: Human-readable details about this reason. - type: string - userDetails: - description: Additional information provided by the user in the RejectSpoke call. + - ELIGIBILITY_CRITERIA_UNSPECIFIED + - NETWORK_SERVICE_TIER_PREMIUM_ONLY + - NETWORK_SERVICE_TIER_STANDARD_ONLY + - REQUEST_ENDPOINT_REGIONAL_ENDPOINT_ONLY type: string - QueryHubStatusResponse: - id: QueryHubStatusResponse - description: The response for HubService.QueryHubStatus. - type: object - properties: - hubStatusEntries: - description: The list of hub status. - type: array - items: - $ref: '#/components/schemas/HubStatusEntry' - nextPageToken: + readOnly: true + supportEndTime: description: >- - The token for the next page of the response. To see more results, - use this value as the page_token for your next request. If this - value is empty, there are no more results. + Output only. The end time for eligibility criteria support. If not + specified, no planned end time is set. type: string - HubStatusEntry: - id: HubStatusEntry - description: >- - A hub status entry represents the status of a set of propagated Private - Service Connect connections grouped by certain fields. + readOnly: true + format: google-datetime + type: object + id: ServiceConfig + description: Specifies eligibility information for the service. + RoutingVPC: type: object + description: >- + RoutingVPC contains information about the VPC networks associated with + the spokes of a Network Connectivity Center hub. + id: RoutingVPC properties: - count: - description: >- - The number of propagated Private Service Connect connections with - this status. If the `group_by` field was not set in the request - message, the value of this field is 1. - type: integer - format: int32 - groupBy: + requiredForNewSiteToSiteDataTransferSpokes: + readOnly: true description: >- - The fields that this entry is grouped by. This has the same value as - the `group_by` field in the request message. + Output only. If true, indicates that this VPC network is currently + associated with spokes that use the data transfer feature (spokes + where the site_to_site_data_transfer field is set to true). If you + create new spokes that use data transfer, they must be associated + with this VPC network. At most, one VPC network will have this field + set to true. + type: boolean + uri: type: string - pscPropagationStatus: - description: The Private Service Connect propagation status. - $ref: '#/components/schemas/PscPropagationStatus' - PscPropagationStatus: - id: PscPropagationStatus - description: >- - The status of one or more propagated Private Service Connect connections - in a hub. + description: The URI of the VPC network. + ServiceConnectionMap: + id: ServiceConnectionMap type: object + description: The ServiceConnectionMap resource. properties: - sourceSpoke: - description: The name of the spoke that the source forwarding rule belongs to. - type: string - sourceGroup: - description: The name of the group that the source spoke belongs to. - type: string - sourceForwardingRule: - description: The name of the forwarding rule exported to the hub. - type: string - targetSpoke: - description: The name of the spoke that the source forwarding rule propagates to. - type: string - targetGroup: - description: The name of the group that the target spoke belongs to. - type: string - code: - description: The propagation status. + infrastructure: type: string + description: >- + Output only. The infrastructure used for connections between + consumers/producers. + readOnly: true enumDescriptions: - - The code is unspecified. - - The propagated Private Service Connect connection is ready. - - >- - The Private Service Connect connection is propagating. This is a - transient state. - - >- - The Private Service Connect connection propagation failed because - the VPC network or the project of the target spoke has exceeded - the connection limit set by the producer. - - >- - The Private Service Connect connection propagation failed because - the NAT IP subnet space has been exhausted. It is equivalent to - the `Needs attention` status of the Private Service Connect - connection. See - https://cloud.google.com/vpc/docs/about-accessing-vpc-hosted-services-endpoints#connection-statuses. - - >- - The Private Service Connect connection propagation failed because - the `PSC_ILB_CONSUMER_FORWARDING_RULES_PER_PRODUCER_NETWORK` quota - in the producer VPC network has been exceeded. - - >- - The Private Service Connect connection propagation failed because - the `PSC_PROPAGATED_CONNECTIONS_PER_VPC_NETWORK` quota in the - consumer VPC network has been exceeded. + - An invalid infrastructure as the default case. + - Private Service Connect is used for connections. enum: - - CODE_UNSPECIFIED - - READY - - PROPAGATING - - ERROR_PRODUCER_PROPAGATED_CONNECTION_LIMIT_EXCEEDED - - ERROR_PRODUCER_NAT_IP_SPACE_EXHAUSTED - - ERROR_PRODUCER_QUOTA_EXCEEDED - - ERROR_CONSUMER_QUOTA_EXCEEDED - message: + - INFRASTRUCTURE_UNSPECIFIED + - PSC + labels: + type: object + additionalProperties: + type: string + description: User-defined labels. + serviceClass: description: >- - The human-readable summary of the Private Service Connect connection - propagation status. + The service class identifier this ServiceConnectionMap is for. The + user of ServiceConnectionMap create API needs to have + networkconnectivity.serviceClasses.use IAM permission for the + service class. type: string - ListSpokesResponse: - id: ListSpokesResponse - description: The response for HubService.ListSpokes. - type: object - properties: - spokes: - description: The requested spokes. + description: + type: string + description: A description of this resource. + createTime: + readOnly: true + type: string + format: google-datetime + description: Output only. Time when the ServiceConnectionMap was created. + consumerPscConfigs: type: array + description: The PSC configurations on consumer side. items: - $ref: '#/components/schemas/Spoke' - nextPageToken: - description: >- - The token for the next page of the response. To see more results, - use this value as the page_token for your next request. If this - value is empty, there are no more results. - type: string - unreachable: - description: Locations that could not be reached. + $ref: '#/components/schemas/ConsumerPscConfig' + consumerPscConnections: type: array items: - type: string - RejectHubSpokeRequest: - id: RejectHubSpokeRequest - description: The request for HubService.RejectHubSpoke. - type: object - properties: - spokeUri: - description: Required. The URI of the spoke to reject from the hub. + $ref: '#/components/schemas/ConsumerPscConnection' + description: Output only. PSC connection details on consumer side. + readOnly: true + etag: + description: >- + Optional. The etag is computed by the server, and may be sent on + update and delete requests to ensure the client has an up-to-date + value before proceeding. type: string - requestId: + producerPscConfigs: + type: array + description: The PSC configurations on producer side. + items: + $ref: '#/components/schemas/ProducerPscConfig' + name: description: >- - Optional. A request ID to identify requests. Specify a unique - request ID so that if you must retry your request, the server knows - to ignore the request if it has already been completed. The server - guarantees that a request doesn't result in creation of duplicate - commitments for at least 60 minutes. For example, consider a - situation where you make an initial request and the request times - out. If you make the request again with the same request ID, the - server can check to see whether the original operation was received. - If it was, the server ignores the second request. This behavior - prevents clients from mistakenly creating duplicate commitments. The - request ID must be a valid UUID, with the exception that zero UUID - is not supported (00000000-0000-0000-0000-000000000000). + Immutable. The name of a ServiceConnectionMap. Format: + projects/{project}/locations/{location}/serviceConnectionMaps/{service_connection_map} + See: https://google.aip.dev/122#fields-representing-resource-names type: string - details: - description: Optional. Additional information provided by the hub administrator. + serviceClassUri: type: string - AcceptHubSpokeRequest: - id: AcceptHubSpokeRequest - description: The request for HubService.AcceptHubSpoke. - type: object - properties: - spokeUri: - description: Required. The URI of the spoke to accept into the hub. + description: Output only. The service class uri this ServiceConnectionMap is for. + readOnly: true + updateTime: + description: Output only. Time when the ServiceConnectionMap was updated. type: string - requestId: + format: google-datetime + readOnly: true + token: description: >- - Optional. A request ID to identify requests. Specify a unique - request ID so that if you must retry your request, the server knows - to ignore the request if it has already been completed. The server - guarantees that a request doesn't result in creation of duplicate - commitments for at least 60 minutes. For example, consider a - situation where you make an initial request and the request times - out. If you make the request again with the same request ID, the - server can check to see whether the original operation was received. - If it was, the server ignores the second request. This behavior - prevents clients from mistakenly creating duplicate commitments. The - request ID must be a valid UUID, with the exception that zero UUID - is not supported (00000000-0000-0000-0000-000000000000). + The token provided by the consumer. This token authenticates that + the consumer can create a connection within the specified project + and network. type: string - AcceptSpokeUpdateRequest: - id: AcceptSpokeUpdateRequest - description: The request for HubService.AcceptSpokeUpdate. - type: object + Expr: properties: - spokeUri: - description: Required. The URI of the spoke to accept update. + title: + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. type: string - spokeEtag: - description: Required. The etag of the spoke to accept update. + description: + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + expression: type: string - requestId: description: >- - Optional. A request ID to identify requests. Specify a unique - request ID so that if you must retry your request, the server knows - to ignore the request if it has already been completed. The server - guarantees that a request doesn't result in creation of duplicate - commitments for at least 60 minutes. For example, consider a - situation where you make an initial request and the request times - out. If you make the request again with the same request ID, the - server can check to see whether the original operation was received. - If it was, the server ignores the second request. This behavior - prevents clients from mistakenly creating duplicate commitments. The - request ID must be a valid UUID, with the exception that zero UUID - is not supported (00000000-0000-0000-0000-000000000000). + Textual representation of an expression in Common Expression + Language syntax. + location: + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. type: string - RejectSpokeUpdateRequest: - id: RejectSpokeUpdateRequest - description: The request for HubService.RejectSpokeUpdate. + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + id: Expr type: object + NextHopSpoke: + id: NextHopSpoke + type: object + description: A route next hop that leads to a spoke resource. properties: - spokeUri: - description: Required. The URI of the spoke to reject update. - type: string - spokeEtag: - description: Required. The etag of the spoke to reject update. + uri: + description: The URI of the spoke resource. type: string - details: - description: Optional. Additional information provided by the hub administrator. + siteToSiteDataTransfer: + description: >- + Indicates whether site-to-site data transfer is allowed for this + spoke resource. Data transfer is available only in [supported + locations](https://cloud.google.com/network-connectivity/docs/network-connectivity-center/concepts/locations). + Whether this route is accessible to other hybrid spokes with + site-to-site data transfer enabled. If this is false, the route is + only accessible to VPC spokes of the connected Hub. + type: boolean + AllocationOptions: + description: >- + Range auto-allocation options, to be optionally used when CIDR block is + not explicitly set. + id: AllocationOptions + properties: + allocationStrategy: type: string - requestId: + enum: + - ALLOCATION_STRATEGY_UNSPECIFIED + - RANDOM + - FIRST_AVAILABLE + - RANDOM_FIRST_N_AVAILABLE + - FIRST_SMALLEST_FITTING + enumDescriptions: + - >- + Unspecified is the only valid option when the range is specified + explicitly by ip_cidr_range field. Otherwise unspefified means + using the default strategy. + - >- + Random strategy, the legacy algorithm, used for backwards + compatibility. This allocation strategy remains efficient in the + case of concurrent allocation requests in the same peered network + space and doesn't require providing the level of concurrency in an + explicit parameter, but it is prone to fragmenting available + address space. + - >- + Pick the first available address range. This strategy is + deterministic and the result is easy to predict. + - >- + Pick an arbitrary range out of the first N available ones. The N + will be set in the first_available_ranges_lookup_size field. This + strategy should be used when concurrent allocation requests are + made in the same space of peered networks while the fragmentation + of the addrress space is reduced. + - >- + Pick the smallest but fitting available range. This deterministic + strategy minimizes fragmentation of the address space. description: >- - Optional. A request ID to identify requests. Specify a unique - request ID so that if you must retry your request, the server knows - to ignore the request if it has already been completed. The server - guarantees that a request doesn't result in creation of duplicate - commitments for at least 60 minutes. For example, consider a - situation where you make an initial request and the request times - out. If you make the request again with the same request ID, the - server can check to see whether the original operation was received. - If it was, the server ignores the second request. This behavior - prevents clients from mistakenly creating duplicate commitments. The - request ID must be a valid UUID, with the exception that zero UUID - is not supported (00000000-0000-0000-0000-000000000000). + Optional. Allocation strategy Not setting this field when the + allocation is requested means an implementation defined strategy is + used. + firstAvailableRangesLookupSize: + format: int32 + description: >- + Optional. This field must be set only when allocation_strategy is + set to RANDOM_FIRST_N_AVAILABLE. The value should be the maximum + expected parallelism of range creation requests issued to the same + space of peered netwroks. + type: integer + type: object + NextHopRouterApplianceInstance: + id: NextHopRouterApplianceInstance + properties: + siteToSiteDataTransfer: + type: boolean + description: >- + Indicates whether site-to-site data transfer is allowed for this + Router appliance instance resource. Data transfer is available only + in [supported + locations](https://cloud.google.com/network-connectivity/docs/network-connectivity-center/concepts/locations). + vpcNetwork: + description: The VPC network where this VM is located. type: string - RouteTable: - id: RouteTable + uri: + type: string + description: The URI of the Router appliance instance. + description: A route next hop that leads to a Router appliance instance. type: object + ServiceConnectionPolicy: properties: name: description: >- - Immutable. The name of the route table. Route table names must be - unique. They use the following form: - `projects/{project_number}/locations/global/hubs/{hub}/routeTables/{route_table_id}` + Immutable. The name of a ServiceConnectionPolicy. Format: + projects/{project}/locations/{location}/serviceConnectionPolicies/{service_connection_policy} + See: https://google.aip.dev/122#fields-representing-resource-names type: string - createTime: - description: Output only. The time the route table was created. - readOnly: true + network: + description: >- + The resource path of the consumer network. Example: - + projects/{projectNumOrId}/global/networks/{resourceId}. type: string - format: google-datetime updateTime: - description: Output only. The time the route table was last updated. + description: Output only. Time when the ServiceConnectionPolicy was updated. readOnly: true - type: string format: google-datetime - labels: + type: string + pscConfig: + $ref: '#/components/schemas/PscConfig' description: >- - Optional labels in key-value pair format. For more information about - labels, see [Requirements for - labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements). - type: object + Configuration used for Private Service Connect connections. Used + when Infrastructure is PSC. + labels: additionalProperties: type: string - description: - description: An optional description of the route table. + description: User-defined labels. + type: object + autoCreatedSubnetInfo: + readOnly: true + $ref: '#/components/schemas/AutoCreatedSubnetworkInfo' + description: >- + Output only. Information for the automatically created subnetwork + and its associated IR. + description: + description: A description of this resource. + type: string + serviceClass: type: string - uid: description: >- - Output only. The Google-generated UUID for the route table. This - value is unique across all route table resources. If a route table - is deleted and another with the same name is created, the new route - table is assigned a different `uid`. + The service class identifier for which this ServiceConnectionPolicy + is for. The service class identifier is a unique, symbolic + representation of a ServiceClass. It is provided by the Service + Producer. Google services have a prefix of gcp or google-cloud. For + example, gcp-memorystore-redis or google-cloud-sql. 3rd party + services do not. For example, test-service-a3dfcx. + infrastructure: + description: >- + Output only. The type of underlying resources used to create the + connection. + enum: + - INFRASTRUCTURE_UNSPECIFIED + - PSC readOnly: true + enumDescriptions: + - An invalid infrastructure as the default case. + - Private Service Connect is used for connections. type: string - state: - description: Output only. The current lifecycle state of this route table. + etag: + description: >- + Optional. The etag is computed by the server, and may be sent on + update and delete requests to ensure the client has an up-to-date + value before proceeding. + type: string + pscConnections: + type: array + description: >- + Output only. [Output only] Information about each Private Service + Connect connection. + readOnly: true + items: + $ref: '#/components/schemas/PscConnection' + createTime: + description: Output only. Time when the ServiceConnectionPolicy was created. + format: google-datetime readOnly: true type: string - enumDescriptions: - - No state information available - - The resource's create operation is in progress. - - The resource is active - - The resource's delete operation is in progress. - - The resource's accept operation is in progress. - - The resource's reject operation is in progress. - - The resource's update operation is in progress. - - The resource is inactive. - - >- - The hub associated with this spoke resource has been deleted. This - state applies to spoke resources only. - - >- - The resource is in an undefined state due to resource creation or - deletion failure. You can try to delete the resource later or - contact support for help. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - - ACCEPTING - - REJECTING - - UPDATING - - INACTIVE - - OBSOLETE - - FAILED - Route: - id: Route + id: ServiceConnectionPolicy + description: The ServiceConnectionPolicy resource. + type: object + StateTimeline: + type: object + id: StateTimeline + description: The timeline of the pending states for a resource. + properties: + states: + items: + $ref: '#/components/schemas/StateMetadata' + type: array + readOnly: true + description: >- + Output only. The state and activation time details of the resource + state. + AutoCreatedSubnetworkInfo: description: >- - A route defines a path from VM instances within a spoke to a specific - destination resource. Only VPC spokes have routes. + Information for the automatically created subnetwork and its associated + IR. type: object properties: - name: + subnetworkRef: description: >- - Immutable. The name of the route. Route names must be unique. Route - names use the following form: - `projects/{project_number}/locations/global/hubs/{hub}/routeTables/{route_table_id}/routes/{route_id}` + Output only. URI of the automatically created subnetwork reference. + Only set if the subnetwork mode is AUTO_CREATED during creation. type: string - createTime: - description: Output only. The time the route was created. readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time the route was last updated. + internalRange: readOnly: true type: string - format: google-datetime - ipCidrRange: - description: The destination IP address range. + description: >- + Output only. URI of the automatically created Internal Range. Only + set if the subnetwork mode is AUTO_CREATED during creation. + internalRangeRef: + readOnly: true type: string - type: description: >- - Output only. The route's type. Its type is determined by the - properties of its IP address range. + Output only. URI of the automatically created Internal Range + reference. Only set if the subnetwork mode is AUTO_CREATED during + creation. + subnetwork: readOnly: true type: string - enumDescriptions: - - No route type information specified - - >- - The route leads to a destination within the primary address range - of the VPC network's subnet. - - >- - The route leads to a destination within the secondary address - range of the VPC network's subnet. - - >- - The route leads to a destination in a dynamic route. Dynamic - routes are derived from Border Gateway Protocol (BGP) - advertisements received from an NCC hybrid spoke. - enum: - - ROUTE_TYPE_UNSPECIFIED - - VPC_PRIMARY_SUBNET - - VPC_SECONDARY_SUBNET - - DYNAMIC_ROUTE - nextHopVpcNetwork: - description: Immutable. The destination VPC network for packets on this route. - $ref: '#/components/schemas/NextHopVpcNetwork' - labels: description: >- - Optional labels in key-value pair format. For more information about - labels, see [Requirements for - labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements). - type: object - additionalProperties: - type: string - description: - description: An optional description of the route. + Output only. URI of the automatically created subnetwork. Only set + if the subnetwork mode is AUTO_CREATED during creation. + id: AutoCreatedSubnetworkInfo + QueryHubStatusResponse: + type: object + properties: + hubStatusEntries: + items: + $ref: '#/components/schemas/HubStatusEntry' + description: The list of hub status. + type: array + nextPageToken: type: string - uid: description: >- - Output only. The Google-generated UUID for the route. This value is - unique across all Network Connectivity Center route resources. If a - route is deleted and another with the same name is created, the new - route is assigned a different `uid`. - readOnly: true + The token for the next page of the response. To see more results, + use this value as the page_token for your next request. If this + value is empty, there are no more results. + description: The response for HubService.QueryHubStatus. + id: QueryHubStatusResponse + ListInternalRangesResponse: + id: ListInternalRangesResponse + type: object + properties: + internalRanges: + description: Internal ranges to be returned. + type: array + items: + $ref: '#/components/schemas/InternalRange' + unreachable: + items: + type: string + type: array + description: Locations that could not be reached. + nextPageToken: + description: >- + The next pagination token in the List response. It should be used as + page_token for the following request. An empty value means no more + result. type: string + description: Response for InternalRange.ListInternalRanges + Hub: + type: object + properties: state: - description: Output only. The current lifecycle state of the route. + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + - ACCEPTING + - REJECTING + - UPDATING + - INACTIVE + - OBSOLETE + - FAILED readOnly: true - type: string + description: Output only. The current lifecycle state of this hub. enumDescriptions: - No state information available - The resource's create operation is in progress. @@ -2369,1186 +3013,586 @@ components: The resource is in an undefined state due to resource creation or deletion failure. You can try to delete the resource later or contact support for help. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - - ACCEPTING - - REJECTING - - UPDATING - - INACTIVE - - OBSOLETE - - FAILED - spoke: - description: >- - Immutable. The spoke that this route leads to. Example: - projects/12345/locations/global/spokes/SPOKE type: string - location: + uniqueId: + type: string description: >- - Output only. The origin location of the route. Uses the following - form: "projects/{project}/locations/{location}" Example: - projects/1234/locations/us-central1 + Output only. The Google-generated UUID for the hub. This value is + unique across all hub resources. If a hub is deleted and another + with the same name is created, the new hub is assigned a different + unique_id. readOnly: true - type: string - priority: + routeTables: description: >- - Output only. The priority of this route. Priority is used to break - ties in cases where a destination matches more than one route. In - these cases the route with the lowest-numbered priority value wins. + Output only. The route tables that belong to this hub. They use the + following form: + `projects/{project_number}/locations/global/hubs/{hub_id}/routeTables/{route_table_id}` + This field is read-only. Network Connectivity Center automatically + populates it based on the route tables nested under the hub. + type: array + items: + type: string readOnly: true - type: string - format: int64 - nextHopVpnTunnel: - description: Immutable. The next-hop VPN tunnel for packets on this route. - $ref: '#/components/schemas/NextHopVPNTunnel' - nextHopRouterApplianceInstance: + policyMode: + enumDescriptions: + - >- + Policy mode is unspecified. It defaults to PRESET with + preset_topology = MESH. + - Hub uses one of the preset topologies. + enum: + - POLICY_MODE_UNSPECIFIED + - PRESET description: >- - Immutable. The next-hop Router appliance instance for packets on - this route. - $ref: '#/components/schemas/NextHopRouterApplianceInstance' - nextHopInterconnectAttachment: - description: Immutable. The next-hop VLAN attachment for packets on this route. - $ref: '#/components/schemas/NextHopInterconnectAttachment' - nextHopSpoke: - description: Immutable. The next-hop spoke for packets on this route. - $ref: '#/components/schemas/NextHopSpoke' - NextHopVpcNetwork: - id: NextHopVpcNetwork - type: object - properties: - uri: - description: The URI of the VPC network resource - type: string - NextHopVPNTunnel: - id: NextHopVPNTunnel - description: A route next hop that leads to a VPN tunnel resource. - type: object - properties: - uri: - description: The URI of the VPN tunnel resource. - type: string - vpcNetwork: - description: The VPC network where this VPN tunnel is located. - type: string - siteToSiteDataTransfer: - description: >- - Indicates whether site-to-site data transfer is allowed for this VPN - tunnel resource. Data transfer is available only in [supported - locations](https://cloud.google.com/network-connectivity/docs/network-connectivity-center/concepts/locations). - type: boolean - NextHopRouterApplianceInstance: - id: NextHopRouterApplianceInstance - description: A route next hop that leads to a Router appliance instance. - type: object - properties: - uri: - description: The URI of the Router appliance instance. - type: string - vpcNetwork: - description: The VPC network where this VM is located. - type: string - siteToSiteDataTransfer: - description: >- - Indicates whether site-to-site data transfer is allowed for this - Router appliance instance resource. Data transfer is available only - in [supported - locations](https://cloud.google.com/network-connectivity/docs/network-connectivity-center/concepts/locations). - type: boolean - NextHopInterconnectAttachment: - id: NextHopInterconnectAttachment - description: A route next hop that leads to an interconnect attachment resource. - type: object - properties: - uri: - description: The URI of the interconnect attachment resource. - type: string - vpcNetwork: - description: The VPC network where this interconnect attachment is located. - type: string - siteToSiteDataTransfer: - description: >- - Indicates whether site-to-site data transfer is allowed for this - interconnect attachment resource. Data transfer is available only in - [supported - locations](https://cloud.google.com/network-connectivity/docs/network-connectivity-center/concepts/locations). - type: boolean - NextHopSpoke: - id: NextHopSpoke - description: A route next hop that leads to a spoke resource. - type: object - properties: - uri: - description: The URI of the spoke resource. - type: string - siteToSiteDataTransfer: - description: >- - Indicates whether site-to-site data transfer is allowed for this - spoke resource. Data transfer is available only in [supported - locations](https://cloud.google.com/network-connectivity/docs/network-connectivity-center/concepts/locations). - Whether this route is accessible to other hybrid spokes with - site-to-site data transfer enabled. If this is false, the route is - only accessible to VPC spokes of the connected Hub. - type: boolean - ListRoutesResponse: - id: ListRoutesResponse - description: Response for HubService.ListRoutes method. - type: object - properties: - routes: - description: The requested routes. - type: array - items: - $ref: '#/components/schemas/Route' - nextPageToken: - description: >- - The token for the next page of the response. To see more results, - use this value as the page_token for your next request. If this - value is empty, there are no more results. - type: string - unreachable: - description: RouteTables that could not be reached. - type: array - items: - type: string - ListRouteTablesResponse: - id: ListRouteTablesResponse - description: Response for HubService.ListRouteTables method. - type: object - properties: - routeTables: - description: The requested route tables. - type: array - items: - $ref: '#/components/schemas/RouteTable' - nextPageToken: - description: >- - The token for the next page of the response. To see more results, - use this value as the page_token for your next request. If this - value is empty, there are no more results. + Optional. The policy mode of this hub. This field can be either + PRESET or CUSTOM. If unspecified, the policy_mode defaults to + PRESET. type: string - unreachable: - description: Hubs that could not be reached. - type: array - items: - type: string - Group: - id: Group - description: A group represents a subset of spokes attached to a hub. - type: object - properties: - name: + presetTopology: + enumDescriptions: + - >- + Preset topology is unspecified. When policy_mode = PRESET, it + defaults to MESH. + - >- + Mesh topology is implemented. Group `default` is automatically + created. All spokes in the hub are added to group `default`. + - >- + Star topology is implemented. Two groups, `center` and `edge`, are + automatically created along with hub creation. Spokes have to join + one of the groups during creation. + enum: + - PRESET_TOPOLOGY_UNSPECIFIED + - MESH + - STAR description: >- - Immutable. The name of the group. Group names must be unique. They - use the following form: - `projects/{project_number}/locations/global/hubs/{hub}/groups/{group_id}` + Optional. The topology implemented in this hub. Currently, this + field is only used when policy_mode = PRESET. The available preset + topologies are MESH and STAR. If preset_topology is unspecified and + policy_mode = PRESET, the preset_topology defaults to MESH. When + policy_mode = CUSTOM, the preset_topology is set to + PRESET_TOPOLOGY_UNSPECIFIED. type: string createTime: - description: Output only. The time the group was created. - readOnly: true - type: string format: google-datetime - updateTime: - description: Output only. The time the group was last updated. readOnly: true + description: Output only. The time the hub was created. type: string - format: google-datetime labels: description: >- - Optional. Labels in key-value pair format. For more information - about labels, see [Requirements for + Optional labels in key-value pair format. For more information about + labels, see [Requirements for labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements). - type: object additionalProperties: type: string - description: - description: Optional. The description of the group. - type: string - uid: + type: object + spokeSummary: description: >- - Output only. The Google-generated UUID for the group. This value is - unique across all group resources. If a group is deleted and another - with the same name is created, the new route table is assigned a - different unique_id. + Output only. A summary of the spokes associated with a hub. The + summary includes a count of spokes according to type and according + to state. If any spokes are inactive, the summary also lists the + reasons they are inactive, including a count for each reason. + $ref: '#/components/schemas/SpokeSummary' readOnly: true + updateTime: type: string - state: - description: Output only. The current lifecycle state of this group. + description: Output only. The time the hub was last updated. readOnly: true - type: string - enumDescriptions: - - No state information available - - The resource's create operation is in progress. - - The resource is active - - The resource's delete operation is in progress. - - The resource's accept operation is in progress. - - The resource's reject operation is in progress. - - The resource's update operation is in progress. - - The resource is inactive. - - >- - The hub associated with this spoke resource has been deleted. This - state applies to spoke resources only. - - >- - The resource is in an undefined state due to resource creation or - deletion failure. You can try to delete the resource later or - contact support for help. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - - ACCEPTING - - REJECTING - - UPDATING - - INACTIVE - - OBSOLETE - - FAILED - autoAccept: - description: Optional. The auto-accept setting for this group. - $ref: '#/components/schemas/AutoAccept' - routeTable: + format: google-datetime + exportPsc: + type: boolean description: >- - Output only. The name of the route table that corresponds to this - group. They use the following form: - `projects/{project_number}/locations/global/hubs/{hub_id}/routeTables/{route_table_id}` - readOnly: true + Optional. Whether Private Service Connect connection propagation is + enabled for the hub. If true, Private Service Connect endpoints in + VPC spokes attached to the hub are made accessible to other VPC + spokes attached to the hub. The default value is false. + name: + description: >- + Immutable. The name of the hub. Hub names must be unique. They use + the following form: + `projects/{project_number}/locations/global/hubs/{hub_id}` type: string - AutoAccept: - id: AutoAccept + description: + description: Optional. An optional description of the hub. + type: string + routingVpcs: + items: + $ref: '#/components/schemas/RoutingVPC' + type: array + readOnly: true + description: >- + Output only. The VPC networks associated with this hub's spokes. + This field is read-only. Network Connectivity Center automatically + populates it based on the set of spokes attached to the hub. description: >- - The auto-accept setting for a group controls whether proposed spokes are - automatically attached to the hub. If auto-accept is enabled, the spoke - immediately is attached to the hub and becomes part of the group. In - this case, the new spoke is in the ACTIVE state. If auto-accept is - disabled, the spoke goes to the INACTIVE state, and it must be reviewed - and accepted by a hub administrator. + A Network Connectivity Center hub is a global management resource to + which you attach spokes. A single hub can contain spokes from multiple + regions. However, if any of a hub's spokes use the site-to-site data + transfer feature, the resources associated with those spokes must all be + in the same VPC network. Spokes that do not use site-to-site data + transfer can be associated with any VPC network in your project. + id: Hub + Binding: + description: Associates `members`, or principals, with a `role`. + id: Binding type: object properties: - autoAcceptProjects: + condition: + $ref: '#/components/schemas/Expr' description: >- - Optional. A list of project ids or project numbers for which you - want to enable auto-accept. The auto-accept setting is applied to - spokes being created or updated in these projects. - type: array - items: - type: string - ListGroupsResponse: - id: ListGroupsResponse - description: Response for HubService.ListGroups method. - type: object - properties: - groups: - description: The requested groups. - type: array - items: - $ref: '#/components/schemas/Group' - nextPageToken: + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + role: description: >- - The token for the next page of the response. To see more results, - use this value as the page_token for your next request. If this - value is empty, there are no more results. + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). type: string - unreachable: - description: Hubs that could not be reached. + members: type: array + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. items: type: string - ListInternalRangesResponse: - id: ListInternalRangesResponse - description: Response for InternalRange.ListInternalRanges - type: object + Route: properties: - internalRanges: - description: Internal ranges to be returned. - type: array - items: - $ref: '#/components/schemas/InternalRange' - nextPageToken: + priority: + type: string description: >- - The next pagination token in the List response. It should be used as - page_token for the following request. An empty value means no more - result. + Output only. The priority of this route. Priority is used to break + ties in cases where a destination matches more than one route. In + these cases the route with the lowest-numbered priority value wins. + readOnly: true + format: int64 + description: + description: An optional description of the route. type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - InternalRange: - id: InternalRange - description: >- - The internal range resource for IPAM operations within a VPC network. - Used to represent a private address range along with behavioral - characteristics of that range (its usage and peering behavior). - Networking resources can link to this range if they are created as - belonging to it. - type: object - properties: - name: + nextHopRouterApplianceInstance: description: >- - Identifier. The name of an internal range. Format: - projects/{project}/locations/{location}/internalRanges/{internal_range} - See: https://google.aip.dev/122#fields-representing-resource-names + Immutable. The next-hop Router appliance instance for packets on + this route. + $ref: '#/components/schemas/NextHopRouterApplianceInstance' + nextHopInterconnectAttachment: + description: Immutable. The next-hop VLAN attachment for packets on this route. + $ref: '#/components/schemas/NextHopInterconnectAttachment' + uid: + readOnly: true type: string - createTime: - description: Time when the internal range was created. + description: >- + Output only. The Google-generated UUID for the route. This value is + unique across all Network Connectivity Center route resources. If a + route is deleted and another with the same name is created, the new + route is assigned a different `uid`. + nextHopVpnTunnel: + description: Immutable. The next-hop VPN tunnel for packets on this route. + $ref: '#/components/schemas/NextHopVPNTunnel' + updateTime: + description: Output only. The time the route was last updated. type: string format: google-datetime - updateTime: - description: Time when the internal range was updated. + readOnly: true + name: + description: >- + Immutable. The name of the route. Route names must be unique. Route + names use the following form: + `projects/{project_number}/locations/global/hubs/{hub}/routeTables/{route_table_id}/routes/{route_id}` + type: string + state: + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + - ACCEPTING + - REJECTING + - UPDATING + - INACTIVE + - OBSOLETE + - FAILED + enumDescriptions: + - No state information available + - The resource's create operation is in progress. + - The resource is active + - The resource's delete operation is in progress. + - The resource's accept operation is in progress. + - The resource's reject operation is in progress. + - The resource's update operation is in progress. + - The resource is inactive. + - >- + The hub associated with this spoke resource has been deleted. This + state applies to spoke resources only. + - >- + The resource is in an undefined state due to resource creation or + deletion failure. You can try to delete the resource later or + contact support for help. + description: Output only. The current lifecycle state of the route. type: string + readOnly: true + createTime: + description: Output only. The time the route was created. format: google-datetime + type: string + readOnly: true + spoke: + type: string + description: >- + Immutable. The spoke that this route leads to. Example: + projects/12345/locations/global/spokes/SPOKE labels: - description: User-defined labels. - type: object + description: >- + Optional labels in key-value pair format. For more information about + labels, see [Requirements for + labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements). additionalProperties: type: string - description: - description: Optional. A description of this resource. - type: string - ipCidrRange: + type: object + location: + readOnly: true description: >- - Optional. The IP range that this internal range defines. NOTE: IPv6 - ranges are limited to usage=EXTERNAL_TO_VPC and peering=FOR_SELF. - NOTE: For IPv6 Ranges this field is compulsory, i.e. the address - range must be specified explicitly. + Output only. The origin location of the route. Uses the following + form: "projects/{project}/locations/{location}" Example: + projects/1234/locations/us-central1 type: string - network: - description: >- - Immutable. The URL or resource ID of the network in which to reserve - the internal range. The network cannot be deleted if there are any - reserved internal ranges referring to it. Legacy networks are not - supported. For example: - https://www.googleapis.com/compute/v1/projects/{project}/locations/global/networks/{network} - projects/{project}/locations/global/networks/{network} {network} + ipCidrRange: type: string - usage: - description: Optional. The type of usage set for this InternalRange. + description: The destination IP address range. + type: type: string - enumDescriptions: - - >- - Unspecified usage is allowed in calls which identify the resource - by other fields and do not need Usage set to complete. These are, - i.e.: GetInternalRange and DeleteInternalRange. Usage needs to be - specified explicitly in CreateInternalRange or UpdateInternalRange - calls. - - >- - A VPC resource can use the reserved CIDR block by associating it - with the internal range resource if usage is set to FOR_VPC. - - >- - Ranges created with EXTERNAL_TO_VPC cannot be associated with VPC - resources and are meant to block out address ranges for various - use cases, like for example, usage on-prem, with dynamic route - announcements via interconnect. - - >- - Ranges created FOR_MIGRATION can be used to lock a CIDR range - between a source and target subnet. If usage is set to - FOR_MIGRATION, the peering value has to be set to FOR_SELF or - default to FOR_SELF when unset. + readOnly: true + description: >- + Output only. The route's type. Its type is determined by the + properties of its IP address range. enum: - - USAGE_UNSPECIFIED - - FOR_VPC - - EXTERNAL_TO_VPC - - FOR_MIGRATION - peering: - description: Optional. The type of peering set for this internal range. - type: string + - ROUTE_TYPE_UNSPECIFIED + - VPC_PRIMARY_SUBNET + - VPC_SECONDARY_SUBNET + - DYNAMIC_ROUTE enumDescriptions: + - No route type information specified - >- - If Peering is left unspecified in CreateInternalRange or - UpdateInternalRange, it will be defaulted to FOR_SELF. - - >- - This is the default behavior and represents the case that this - internal range is intended to be used in the VPC in which it is - created and is accessible from its peers. This implies that peers - or peers-of-peers cannot use this range. + The route leads to a destination within the primary address range + of the VPC network's subnet. - >- - This behavior can be set when the internal range is being reserved - for usage by peers. This means that no resource within the VPC in - which it is being created can use this to associate with a VPC - resource, but one of the peers can. This represents donating a - range for peers to use. + The route leads to a destination within the secondary address + range of the VPC network's subnet. - >- - This behavior can be set when the internal range is being reserved - for usage by the VPC in which it is created, but not shared with - peers. In a sense, it is local to the VPC. This can be used to - create internal ranges for various purposes like - HTTP_INTERNAL_LOAD_BALANCER or for Interconnect routes that are - not shared with peers. This also implies that peers cannot use - this range in a way that is visible to this VPC, but can re-use - this range as long as it is NOT_SHARED from the peer VPC, too. - enum: - - PEERING_UNSPECIFIED - - FOR_SELF - - FOR_PEER - - NOT_SHARED - prefixLength: - description: >- - Optional. An alternate to ip_cidr_range. Can be set when trying to - create an IPv4 reservation that automatically finds a free range of - the given size. If both ip_cidr_range and prefix_length are set, - there is an error if the range sizes do not match. Can also be used - during updates to change the range size. NOTE: For IPv6 this field - only works if ip_cidr_range is set as well, and both fields must - match. In other words, with IPv6 this field only works as a - redundant parameter. - type: integer - format: int32 - targetCidrRange: + The route leads to a destination in a dynamic route. Dynamic + routes are derived from Border Gateway Protocol (BGP) + advertisements received from an NCC hybrid spoke. + nextHopVpcNetwork: + $ref: '#/components/schemas/NextHopVpcNetwork' + description: Immutable. The destination VPC network for packets on this route. + nextHopSpoke: + $ref: '#/components/schemas/NextHopSpoke' + description: Immutable. The next-hop spoke for packets on this route. + id: Route + type: object + description: >- + A route defines a path from VM instances within a spoke to a specific + destination resource. Only VPC spokes have routes. + LinkedInterconnectAttachments: + id: LinkedInterconnectAttachments + description: >- + A collection of VLAN attachment resources. These resources should be + redundant attachments that all advertise the same prefixes to Google + Cloud. Alternatively, in active/passive configurations, all attachments + should be capable of advertising the same prefixes. + type: object + properties: + siteToSiteDataTransfer: + type: boolean description: >- - Optional. Can be set to narrow down or pick a different address - space while searching for a free range. If not set, defaults to the - ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] address space (for - auto-mode networks, the "10.0.0.0/9" range is used instead of - "10.0.0.0/8"). This can be used to target the search in other - rfc-1918 address spaces like "172.16.0.0/12" and "192.168.0.0/16" or - non-rfc-1918 address spaces used in the VPC. + A value that controls whether site-to-site data transfer is enabled + for these resources. Data transfer is available only in [supported + locations](https://cloud.google.com/network-connectivity/docs/network-connectivity-center/concepts/locations). + includeImportRanges: type: array items: type: string - users: description: >- - Output only. The list of resources that refer to this internal - range. Resources that use the internal range for their range - allocation are referred to as users of the range. Other resources - mark themselves as users while doing so by creating a reference to - this internal range. Having a user, based on this reference, - prevents deletion of the internal range referred to. Can be empty. + Optional. Hub routes fully encompassed by include import ranges are + included during import from hub. + vpcNetwork: + type: string readOnly: true - type: array - items: - type: string - overlaps: description: >- - Optional. Types of resources that are allowed to overlap with the - current internal range. - type: array + Output only. The VPC network where these VLAN attachments are + located. + uris: items: type: string - enumDescriptions: - - No overlap overrides. - - >- - Allow creation of static routes more specific that the current - internal range. - - >- - Allow creation of internal ranges that overlap with existing - subnets. - enum: - - OVERLAP_UNSPECIFIED - - OVERLAP_ROUTE_RANGE - - OVERLAP_EXISTING_SUBNET_RANGE - migration: - description: Optional. Must be present if usage is set to FOR_MIGRATION. - $ref: '#/components/schemas/Migration' - immutable: - description: >- - Optional. Immutable ranges cannot have their fields modified, except - for labels and description. - type: boolean - allocationOptions: - description: >- - Optional. Range auto-allocation options, may be set only when - auto-allocation is selected by not setting ip_cidr_range (and - setting prefix_length). - $ref: '#/components/schemas/AllocationOptions' - excludeCidrRanges: - description: >- - Optional. ExcludeCidrRanges flag. Specifies a set of CIDR blocks - that allows exclusion of particular CIDR ranges from the - auto-allocation process, without having to reserve these blocks type: array - items: - type: string - Migration: - id: Migration - description: Specification for migration with source and target resource names. + description: The URIs of linked interconnect attachment resources + SetIamPolicyRequest: + description: Request message for `SetIamPolicy` method. type: object properties: - source: + updateMask: description: >- - Immutable. Resource path as an URI of the source resource, for - example a subnet. The project for the source resource should match - the project for the InternalRange. An example: - /projects/{project}/regions/{region}/subnetworks/{subnet} + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + format: google-fieldmask type: string - target: + policy: + $ref: '#/components/schemas/Policy' description: >- - Immutable. Resource path of the target resource. The target project - can be different, as in the cases when migrating to peer networks. - For example: - /projects/{project}/regions/{region}/subnetworks/{subnet} - type: string - AllocationOptions: - id: AllocationOptions - description: >- - Range auto-allocation options, to be optionally used when CIDR block is - not explicitly set. - type: object + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + id: SetIamPolicyRequest + SpokeStateReasonCount: properties: - allocationStrategy: - description: >- - Optional. Allocation strategy Not setting this field when the - allocation is requested means an implementation defined strategy is - used. - type: string + stateReasonCode: + readOnly: true + description: Output only. The reason that a spoke is inactive. enumDescriptions: + - No information available. + - The proposed spoke is pending review. + - The proposed spoke has been rejected by the hub administrator. + - The spoke has been deactivated internally. - >- - Unspecified is the only valid option when the range is specified - explicitly by ip_cidr_range field. Otherwise unspefified means - using the default strategy. - - >- - Random strategy, the legacy algorithm, used for backwards - compatibility. This allocation strategy remains efficient in the - case of concurrent allocation requests in the same peered network - space and doesn't require providing the level of concurrency in an - explicit parameter, but it is prone to fragmenting available - address space. - - >- - Pick the first available address range. This strategy is - deterministic and the result is easy to predict. + Network Connectivity Center encountered errors while accepting the + spoke. + - The proposed spoke update is pending review. - >- - Pick an arbitrary range out of the first N available ones. The N - will be set in the first_available_ranges_lookup_size field. This - strategy should be used when concurrent allocation requests are - made in the same space of peered networks while the fragmentation - of the addrress space is reduced. + The proposed spoke update has been rejected by the hub + administrator. - >- - Pick the smallest but fitting available range. This deterministic - strategy minimizes fragmentation of the address space. + Network Connectivity Center encountered errors while accepting the + spoke update. + type: string enum: - - ALLOCATION_STRATEGY_UNSPECIFIED - - RANDOM - - FIRST_AVAILABLE - - RANDOM_FIRST_N_AVAILABLE - - FIRST_SMALLEST_FITTING - firstAvailableRangesLookupSize: - description: >- - Optional. This field must be set only when allocation_strategy is - set to RANDOM_FIRST_N_AVAILABLE. The value should be the maximum - expected parallelism of range creation requests issued to the same - space of peered netwroks. - type: integer - format: int32 - ListPolicyBasedRoutesResponse: - id: ListPolicyBasedRoutesResponse - description: Response for PolicyBasedRoutingService.ListPolicyBasedRoutes method. - type: object - properties: - policyBasedRoutes: - description: Policy-based routes to be returned. - type: array - items: - $ref: '#/components/schemas/PolicyBasedRoute' - nextPageToken: - description: >- - The next pagination token in the List response. It should be used as - page_token for the following request. An empty value means no more - result. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - PolicyBasedRoute: - id: PolicyBasedRoute - description: >- - Policy-based routes route L4 network traffic based on not just - destination IP address, but also source IP address, protocol, and more. - If a policy-based route conflicts with other types of routes, the - policy-based route always takes precedence. - type: object - properties: - virtualMachine: - description: Optional. VM instances that this policy-based route applies to. - $ref: '#/components/schemas/VirtualMachine' - interconnectAttachment: - description: >- - Optional. The interconnect attachments that this policy-based route - applies to. - $ref: '#/components/schemas/InterconnectAttachment' - nextHopIlbIp: - description: >- - Optional. The IP address of a global-access-enabled L4 ILB that is - the next hop for matching packets. For this version, only - nextHopIlbIp is supported. - type: string - nextHopOtherRoutes: - description: >- - Optional. Other routes that will be referenced to determine the next - hop of the packet. - type: string - enumDescriptions: - - Default value. - - >- - Use the routes from the default routing tables (system-generated - routes, custom routes, peering route) to determine the next hop. - This effectively excludes matching packets being applied on other - PBRs with a lower priority. - enum: - - OTHER_ROUTES_UNSPECIFIED - - DEFAULT_ROUTING - name: - description: >- - Immutable. A unique name of the resource in the form of - `projects/{project_number}/locations/global/PolicyBasedRoutes/{policy_based_route_id}` - type: string - createTime: - description: Output only. Time when the policy-based route was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Time when the policy-based route was updated. - readOnly: true - type: string - format: google-datetime - labels: - description: User-defined labels. - type: object - additionalProperties: - type: string - description: - description: >- - Optional. An optional description of this resource. Provide this - field when you create the resource. - type: string - network: - description: >- - Required. Fully-qualified URL of the network that this route applies - to, for example: projects/my-project/global/networks/my-network. - type: string - filter: - description: Required. The filter to match L4 traffic. - $ref: '#/components/schemas/Filter' - priority: - description: >- - Optional. The priority of this policy-based route. Priority is used - to break ties in cases where there are more than one matching - policy-based routes found. In cases where multiple policy-based - routes are matched, the one with the lowest-numbered priority value - wins. The default value is 1000. The priority value must be from 1 - to 65535, inclusive. - type: integer - format: int32 - warnings: - description: >- - Output only. If potential misconfigurations are detected for this - route, this field will be populated with warning messages. - readOnly: true - type: array - items: - $ref: '#/components/schemas/Warnings' - selfLink: - description: Output only. Server-defined fully-qualified URL for this resource. - readOnly: true + - CODE_UNSPECIFIED + - PENDING_REVIEW + - REJECTED + - PAUSED + - FAILED + - UPDATE_PENDING_REVIEW + - UPDATE_REJECTED + - UPDATE_FAILED + count: type: string - kind: - description: >- - Output only. Type of this resource. Always - networkconnectivity#policyBasedRoute for policy-based Route - resources. readOnly: true - type: string - VirtualMachine: - id: VirtualMachine - description: VM instances that this policy-based route applies to. - type: object - properties: - tags: - description: >- - Optional. A list of VM instance tags that this policy-based route - applies to. VM instances that have ANY of tags specified here - installs this PBR. - type: array - items: - type: string - InterconnectAttachment: - id: InterconnectAttachment - description: InterconnectAttachment that this route applies to. - type: object - properties: - region: description: >- - Optional. Cloud region to install this policy-based route on - interconnect attachment. Use `all` to install it on all interconnect - attachments. - type: string - Filter: - id: Filter - description: Filter matches L4 traffic. + Output only. The total number of spokes that are inactive for a + particular reason and associated with a given hub. + format: int64 + description: The number of spokes in the hub that are inactive for this reason. type: object - properties: - ipProtocol: - description: >- - Optional. The IP protocol that this policy-based route applies to. - Valid values are 'TCP', 'UDP', and 'ALL'. Default is 'ALL'. - type: string - srcRange: - description: >- - Optional. The source IP range of outgoing packets that this - policy-based route applies to. Default is "0.0.0.0/0" if protocol - version is IPv4 and "::/0" if protocol version is IPv6. - type: string - destRange: - description: >- - Optional. The destination IP range of outgoing packets that this - policy-based route applies to. Default is "0.0.0.0/0" if protocol - version is IPv4 and "::/0" if protocol version is IPv6. - type: string - protocolVersion: - description: >- - Required. Internet protocol versions this policy-based route applies - to. IPV4 and IPV6 is supported. - type: string - enumDescriptions: - - Default value. - - The PBR is for IPv4 internet protocol traffic. - - The PBR is for IPv6 internet protocol traffic. - enum: - - PROTOCOL_VERSION_UNSPECIFIED - - IPV4 - - IPV6 - Warnings: - id: Warnings - description: Informational warning message. + id: SpokeStateReasonCount + ListRoutesResponse: + description: Response for HubService.ListRoutes method. type: object properties: - code: - description: Output only. A warning code, if applicable. - readOnly: true - type: string - enumDescriptions: - - Default value. - - >- - The policy-based route is not active and functioning. Common - causes are that the dependent network was deleted or the resource - project was turned off. - - >- - The policy-based route is being modified (e.g. created/deleted) at - this time. - enum: - - WARNING_UNSPECIFIED - - RESOURCE_NOT_ACTIVE - - RESOURCE_BEING_MODIFIED - data: - description: >- - Output only. Metadata about this warning in key: value format. The - key should provides more detail on the warning being returned. For - example, for warnings where there are no results in a list request - for a particular zone, this key might be scope and the key value - might be the zone name. Other examples might be a key indicating a - deprecated resource and a suggested replacement. - readOnly: true - type: object - additionalProperties: + unreachable: + items: type: string - warningMessage: - description: Output only. A human-readable description of the warning code. - readOnly: true - type: string - ListRegionalEndpointsResponse: - id: ListRegionalEndpointsResponse - description: Response for ListRegionalEndpoints. - type: object - properties: - regionalEndpoints: - description: Regional endpoints to be returned. type: array - items: - $ref: '#/components/schemas/RegionalEndpoint' - nextPageToken: - description: >- - The next pagination token in the List response. It should be used as - page_token for the following request. An empty value means no more - result. - type: string - unreachable: - description: Locations that could not be reached. + description: RouteTables that could not be reached. + routes: + description: The requested routes. type: array items: - type: string - RegionalEndpoint: - id: RegionalEndpoint - description: The RegionalEndpoint resource. - type: object - properties: - name: - description: >- - Output only. The name of a RegionalEndpoint. Pattern: - `projects/{project}/locations/{location}/regionalEndpoints/^[-a-z0-9](?:[-a-z0-9]{0,44})[a-z0-9]$`. - readOnly: true - type: string - createTime: - description: Output only. Time when the RegionalEndpoint was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Time when the RegionalEndpoint was updated. - readOnly: true - type: string - format: google-datetime - labels: - description: User-defined labels. - type: object - additionalProperties: - type: string - description: - description: Optional. A description of this resource. - type: string - targetGoogleApi: - description: >- - Required. The service endpoint this private regional endpoint - connects to. Format: `{apiname}.{region}.p.rep.googleapis.com` - Example: "cloudkms.us-central1.p.rep.googleapis.com". - type: string - network: - description: >- - The name of the VPC network for this private regional endpoint. - Format: `projects/{project}/global/networks/{network}` - type: string - subnetwork: - description: >- - The name of the subnetwork from which the IP address will be - allocated. Format: - `projects/{project}/regions/{region}/subnetworks/{subnetwork}` - type: string - accessType: - description: >- - Required. The access type of this regional endpoint. This field is - reflected in the PSC Forwarding Rule configuration to enable global - access. - type: string - enumDescriptions: - - An invalid type as the default case. - - This regional endpoint is accessible from all regions. - - >- - This regional endpoint is only accessible from the same region - where it resides. - enum: - - ACCESS_TYPE_UNSPECIFIED - - GLOBAL - - REGIONAL - pscForwardingRule: - description: >- - Output only. The resource reference of the PSC Forwarding Rule - created on behalf of the customer. Format: - `//compute.googleapis.com/projects/{project}/regions/{region}/forwardingRules/{forwarding_rule_name}` - readOnly: true - type: string - ipAddress: - description: >- - Output only. The literal IP address of the PSC Forwarding Rule - created on behalf of the customer. This field is deprecated. Use - address instead. - readOnly: true - deprecated: true - type: string - address: - description: >- - Optional. The IP Address of the Regional Endpoint. When no address - is provided, an IP from the subnetwork is allocated. Use one of the - following formats: * IPv4 address as in `10.0.0.1` * Address - resource URI as in - `projects/{project}/regions/{region}/addresses/{address_name}` for - an IPv4 or IPv6 address. - type: string - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object - properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/Route' nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: - description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` - type: string - format: google-fieldmask - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). - type: object - properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: - description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. - type: array - items: - $ref: '#/components/schemas/AuditConfig' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. - type: object - properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string - members: - description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + type: string + description: >- + The token for the next page of the response. To see more results, + use this value as the page_token for your next request. If this + value is empty, there are no more results. + id: ListRoutesResponse + ConsumerPscConnection: type: object + description: PSC connection details on consumer side. + id: ConsumerPscConnection properties: - expression: + errorInfo: + $ref: '#/components/schemas/GoogleRpcErrorInfo' description: >- - Textual representation of an expression in Common Expression - Language syntax. + Output only. The error info for the latest error during operating + this connection. + readOnly: true + gceOperation: + description: The last Compute Engine operation to setup PSC connection. type: string - title: + errorType: + enum: + - CONNECTION_ERROR_TYPE_UNSPECIFIED + - ERROR_INTERNAL + - ERROR_CONSUMER_SIDE + - ERROR_PRODUCER_SIDE + type: string + enumDescriptions: + - An invalid error type as the default case. + - The error is due to Service Automation system internal. + - The error is due to the setup on consumer side. + - The error is due to the setup on producer side. description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + The error type indicates whether the error is consumer facing, + producer facing or system internal. + deprecated: true + error: + deprecated: true + description: The most recent error during operating this connection. + $ref: '#/components/schemas/GoogleRpcStatus' + selectedSubnetwork: type: string - description: + readOnly: true description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + Output only. The URI of the selected subnetwork selected to allocate + IP address for this connection. + serviceAttachmentUri: + description: >- + The URI of a service attachment which is the target of the PSC + connection. + type: string + project: type: string - location: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + The consumer project whose PSC forwarding rule is connected to the + service attachments in this service connection map. + dnsAutomationStatus: + $ref: '#/components/schemas/DnsAutomationStatus' + readOnly: true + description: Output only. The status of DNS automation for this PSC connection. + pscConnectionId: + description: >- + The PSC connection id of the PSC forwarding rule connected to the + service attachments in this service connection map. + type: string + ipVersion: + enumDescriptions: + - >- + Default value. We will use IPv4 or IPv6 depending on the IP + version of first available subnetwork. + - Will use IPv4 only. + - Will use IPv6 only. + enum: + - IP_VERSION_UNSPECIFIED + - IPV4 + - IPV6 + description: The requested IP version for the PSC connection. + type: string + forwardingRule: + description: >- + The URI of the consumer forwarding rule created. Example: + projects/{projectNumOrId}/regions/us-east1/networks/{resourceId}. + type: string + producerInstanceId: + type: string + deprecated: true + description: >- + Immutable. Deprecated. Use producer_instance_metadata instead. An + immutable identifier for the producer instance. + producerInstanceMetadata: + additionalProperties: + type: string + description: Immutable. An immutable map for the producer instance metadata. + type: object + network: + description: >- + The consumer network whose PSC forwarding rule is connected to the + service attachments in this service connection map. Note that the + network could be on a different project (shared VPC). + type: string + state: + description: The state of the PSC connection. + type: string + enumDescriptions: + - An invalid state as the default case. + - >- + The connection has been created successfully. However, for the + up-to-date connection status, please use the service attachment's + "ConnectedEndpoint.status" as the source of truth. + - >- + The connection is not functional since some resources on the + connection fail to be created. + - The connection is being created. + - The connection is being deleted. + - The connection is being repaired to complete creation. + - The connection is being repaired to complete deletion. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - FAILED + - CREATING + - DELETING + - CREATE_REPAIRING + - DELETE_REPAIRING + ip: type: string + description: >- + The IP literal allocated on the consumer network for the PSC + forwarding rule that is created to connect to the producer service + attachment in this service connection map. AuditConfig: - id: AuditConfig description: >- Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if @@ -3568,180 +3612,295 @@ components: `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging. type: object + id: AuditConfig properties: + auditLogConfigs: + type: array + description: The configuration for logging of each type of permission. + items: + $ref: '#/components/schemas/AuditLogConfig' service: + type: string description: >- Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. + GoogleLongrunningListOperationsResponse: + id: GoogleLongrunningListOperationsResponse + properties: + unreachable: + items: + type: string type: array + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + nextPageToken: + description: The standard List next-page token. + type: string + operations: items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig + $ref: '#/components/schemas/GoogleLongrunningOperation' + type: array + description: >- + A list of operations that matches the specified filter in the + request. + description: The response message for Operations.ListOperations. + type: object + PolicyBasedRoute: description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. + Policy-based routes route L4 network traffic based on not just + destination IP address, but also source IP address, protocol, and more. + If a policy-based route conflicts with other types of routes, the + policy-based route always takes precedence. type: object + id: PolicyBasedRoute properties: - logType: - description: The log type that this config enables. + updateTime: + format: google-datetime + readOnly: true type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' + description: Output only. Time when the policy-based route was updated. + kind: + type: string + description: >- + Output only. Type of this resource. Always + networkconnectivity#policyBasedRoute for policy-based Route + resources. + readOnly: true + interconnectAttachment: + description: >- + Optional. The interconnect attachments that this policy-based route + applies to. + $ref: '#/components/schemas/InterconnectAttachment' + createTime: + type: string + readOnly: true + description: Output only. Time when the policy-based route was created. + format: google-datetime + description: + description: >- + Optional. An optional description of this resource. Provide this + field when you create the resource. + type: string + labels: + description: User-defined labels. + type: object + additionalProperties: + type: string + nextHopOtherRoutes: + description: >- + Optional. Other routes that will be referenced to determine the next + hop of the packet. enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: + - OTHER_ROUTES_UNSPECIFIED + - DEFAULT_ROUTING + type: string + enumDescriptions: + - Default value. + - >- + Use the routes from the default routing tables (system-generated + routes, custom routes, peering route) to determine the next hop. + This effectively excludes matching packets being applied on other + PBRs with a lower priority. + virtualMachine: + $ref: '#/components/schemas/VirtualMachine' + description: Optional. VM instances that this policy-based route applies to. + selfLink: + readOnly: true + type: string + description: Output only. Server-defined fully-qualified URL for this resource. + filter: + $ref: '#/components/schemas/Filter' + description: Required. The filter to match L4 traffic. + network: + description: >- + Required. Fully-qualified URL of the network that this route applies + to, for example: projects/my-project/global/networks/my-network. + type: string + priority: + format: int32 + type: integer + description: >- + Optional. The priority of this policy-based route. Priority is used + to break ties in cases where there are more than one matching + policy-based routes found. In cases where multiple policy-based + routes are matched, the one with the lowest-numbered priority value + wins. The default value is 1000. The priority value must be from 1 + to 65535, inclusive. + name: + type: string description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array + Immutable. Identifier. A unique name of the resource in the form of + `projects/{project_number}/locations/global/PolicyBasedRoutes/{policy_based_route_id}` + warnings: items: - type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: - description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). + $ref: '#/components/schemas/Warnings' type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object - properties: - permissions: description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. + Output only. If potential misconfigurations are detected for this + route, this field will be populated with warning messages. + readOnly: true + nextHopIlbIp: + type: string + description: >- + Optional. The IP address of a global-access-enabled L4 ILB that is + the next hop for matching packets. For this version, only + nextHopIlbIp is supported. + Group: + description: A group represents a subset of spokes attached to a hub. + id: Group type: object properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + state: + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + - ACCEPTING + - REJECTING + - UPDATING + - INACTIVE + - OBSOLETE + - FAILED type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. readOnly: true + enumDescriptions: + - No state information available + - The resource's create operation is in progress. + - The resource is active + - The resource's delete operation is in progress. + - The resource's accept operation is in progress. + - The resource's reject operation is in progress. + - The resource's update operation is in progress. + - The resource is inactive. + - >- + The hub associated with this spoke resource has been deleted. This + state applies to spoke resources only. + - >- + The resource is in an undefined state due to resource creation or + deletion failure. You can try to delete the resource later or + contact support for help. + description: Output only. The current lifecycle state of this group. + name: type: string - format: google-datetime - target: description: >- - Output only. Server-defined resource path for the target of the - operation. + Immutable. The name of the group. Group names must be unique. They + use the following form: + `projects/{project_number}/locations/global/hubs/{hub}/groups/{group_id}` + updateTime: readOnly: true type: string - verb: - description: Output only. Name of the verb executed by the operation. + description: Output only. The time the group was last updated. + format: google-datetime + routeTable: readOnly: true type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true + description: >- + Output only. The name of the route table that corresponds to this + group. They use the following form: + `projects/{project_number}/locations/global/hubs/{hub_id}/routeTables/{route_table_id}` + uid: type: string - requestedCancellation: description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been cancelled successfully - have google.longrunning.Operation.error value with a - google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. + Output only. The Google-generated UUID for the group. This value is + unique across all group resources. If a group is deleted and another + with the same name is created, the new route table is assigned a + different unique_id. readOnly: true + description: + description: Optional. The description of the group. type: string - LocationMetadata: - id: LocationMetadata - description: Metadata about locations - type: object - properties: - locationFeatures: - description: List of supported features - type: array - items: + labels: + additionalProperties: type: string - enumDescriptions: - - No publicly supported feature in this location - - Site-to-cloud spokes are supported in this location - - Site-to-site spokes are supported in this location - - Gateway spokes are supported in this location. - enum: - - LOCATION_FEATURE_UNSPECIFIED - - SITE_TO_CLOUD_SPOKES - - SITE_TO_SITE_SPOKES - - GATEWAY_SPOKES - AcceptHubSpokeResponse: - id: AcceptHubSpokeResponse - description: The response for HubService.AcceptHubSpoke. + description: >- + Optional. Labels in key-value pair format. For more information + about labels, see [Requirements for + labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements). + type: object + autoAccept: + description: Optional. The auto-accept setting for this group. + $ref: '#/components/schemas/AutoAccept' + createTime: + type: string + description: Output only. The time the group was created. + format: google-datetime + readOnly: true + RejectHubSpokeRequest: type: object properties: - spoke: - description: The spoke that was operated on. - $ref: '#/components/schemas/Spoke' - RejectHubSpokeResponse: - id: RejectHubSpokeResponse - description: The response for HubService.RejectHubSpoke. + spokeUri: + description: Required. The URI of the spoke to reject from the hub. + type: string + details: + type: string + description: Optional. Additional information provided by the hub administrator. + requestId: + description: >- + Optional. A request ID to identify requests. Specify a unique + request ID so that if you must retry your request, the server knows + to ignore the request if it has already been completed. The server + guarantees that a request doesn't result in creation of duplicate + commitments for at least 60 minutes. For example, consider a + situation where you make an initial request and the request times + out. If you make the request again with the same request ID, the + server can check to see whether the original operation was received. + If it was, the server ignores the second request. This behavior + prevents clients from mistakenly creating duplicate commitments. The + request ID must be a valid UUID, with the exception that zero UUID + is not supported (00000000-0000-0000-0000-000000000000). + type: string + description: The request for HubService.RejectHubSpoke. + id: RejectHubSpokeRequest + AcceptHubSpokeRequest: + properties: + spokeUri: + description: Required. The URI of the spoke to accept into the hub. + type: string + requestId: + description: >- + Optional. A request ID to identify requests. Specify a unique + request ID so that if you must retry your request, the server knows + to ignore the request if it has already been completed. The server + guarantees that a request doesn't result in creation of duplicate + commitments for at least 60 minutes. For example, consider a + situation where you make an initial request and the request times + out. If you make the request again with the same request ID, the + server can check to see whether the original operation was received. + If it was, the server ignores the second request. This behavior + prevents clients from mistakenly creating duplicate commitments. The + request ID must be a valid UUID, with the exception that zero UUID + is not supported (00000000-0000-0000-0000-000000000000). + type: string + type: object + description: The request for HubService.AcceptHubSpoke. + id: AcceptHubSpokeRequest + ListServiceConnectionPoliciesResponse: + id: ListServiceConnectionPoliciesResponse + description: Response for ListServiceConnectionPolicies. type: object properties: - spoke: - description: The spoke that was operated on. - $ref: '#/components/schemas/Spoke' - parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string + serviceConnectionPolicies: + type: array + description: ServiceConnectionPolicies to be returned. + items: + $ref: '#/components/schemas/ServiceConnectionPolicy' + nextPageToken: + description: >- + The next pagination token in the List response. It should be used as + page_token for the following request. An empty value means no more + result. + type: string + unreachable: + type: array + description: Locations that could not be reached. + items: + type: string + parameters: key: description: >- API key. Your API key identifies your project and provides you with API @@ -3751,48 +3910,76 @@ components: name: key schema: type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + alt: + description: Data format for response. in: query - name: quotaUser + name: alt schema: type: string + enum: + - json + - media + - proto upload_protocol: description: Upload protocol for media (e.g. "raw", "multipart"). in: query name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: uploadType + name: quotaUser schema: type: string - _.xgafv: - description: V1 error format. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: $.xgafv + name: fields + schema: + type: string + callback: + description: JSONP + in: query + name: callback schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: locations: id: google.networkconnectivity.locations @@ -3806,230 +3993,80 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.locations - get: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - operations: - id: google.networkconnectivity.operations - name: operations - title: Operations - methods: - list: + check_consumer_config: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:checkConsumerConfig/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations get: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - cancel: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - service_connection_maps: - id: google.networkconnectivity.service_connection_maps - name: service_connection_maps - title: Service_connection_maps - methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionMaps/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.serviceConnectionMaps - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionMaps/post - response: - mediaType: application/json - openAPIDocKey: '200' - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionMaps~1{serviceConnectionMapsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionMaps~1{serviceConnectionMapsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionMaps~1{serviceConnectionMapsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/service_connection_maps/methods/get - - $ref: >- - #/components/x-stackQL-resources/service_connection_maps/methods/list - insert: - - $ref: >- - #/components/x-stackQL-resources/service_connection_maps/methods/create - update: - - $ref: >- - #/components/x-stackQL-resources/service_connection_maps/methods/patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/service_connection_maps/methods/delete - service_connection_maps_iam_policies: - id: google.networkconnectivity.service_connection_maps_iam_policies - name: service_connection_maps_iam_policies - title: Service_connection_maps_iam_policies - methods: - set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionMaps~1{serviceConnectionMapsId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - get_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionMaps~1{serviceConnectionMapsId}:getIamPolicy/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionMaps~1{serviceConnectionMapsId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/service_connection_maps_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/service_connection_maps_iam_policies/methods/set_iam_policy delete: [] - service_connection_policies: - id: google.networkconnectivity.service_connection_policies - name: service_connection_policies - title: Service_connection_policies + regional_endpoints: + id: google.networkconnectivity.regional_endpoints + name: regional_endpoints + title: Regional_endpoints methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionPolicies/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.serviceConnectionPolicies - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionPolicies/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1regionalEndpoints~1{regionalEndpointsId}/delete response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionPolicies~1{serviceConnectionPoliciesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionPolicies~1{serviceConnectionPoliciesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1regionalEndpoints~1{regionalEndpointsId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionPolicies~1{serviceConnectionPoliciesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1regionalEndpoints/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/service_connection_policies/methods/get - - $ref: >- - #/components/x-stackQL-resources/service_connection_policies/methods/list - insert: - - $ref: >- - #/components/x-stackQL-resources/service_connection_policies/methods/create - update: - - $ref: >- - #/components/x-stackQL-resources/service_connection_policies/methods/patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/service_connection_policies/methods/delete - service_connection_policies_iam_policies: - id: google.networkconnectivity.service_connection_policies_iam_policies - name: service_connection_policies_iam_policies - title: Service_connection_policies_iam_policies - methods: - set_iam_policy: + objectKey: $.regionalEndpoints + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionPolicies~1{serviceConnectionPoliciesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1regionalEndpoints/post response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/regional_endpoints/methods/get' + - $ref: '#/components/x-stackQL-resources/regional_endpoints/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/regional_endpoints/methods/create' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/regional_endpoints/methods/delete' + service_classes_iam_policies: + id: google.networkconnectivity.service_classes_iam_policies + name: service_classes_iam_policies + title: Service_classes_iam_policies + methods: get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionPolicies~1{serviceConnectionPoliciesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceClasses~1{serviceClassesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' @@ -4037,37 +4074,43 @@ components: test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionPolicies~1{serviceConnectionPoliciesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceClasses~1{serviceClassesId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceClasses~1{serviceClassesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/service_connection_policies_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/service_classes_iam_policies/methods/get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/service_connection_policies_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/service_classes_iam_policies/methods/set_iam_policy delete: [] service_classes: id: google.networkconnectivity.service_classes name: service_classes title: Service_classes methods: - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceClasses/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceClasses~1{serviceClassesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.serviceClasses - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceClasses~1{serviceClassesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceClasses~1{serviceClassesId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -4078,13 +4121,14 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceClasses~1{serviceClassesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceClasses/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.serviceClasses sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/service_classes/methods/get' @@ -4095,74 +4139,80 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/service_classes/methods/delete' - service_classes_iam_policies: - id: google.networkconnectivity.service_classes_iam_policies - name: service_classes_iam_policies - title: Service_classes_iam_policies + operations: + id: google.networkconnectivity.operations + name: operations + title: Operations methods: - set_iam_policy: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceClasses~1{serviceClassesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceClasses~1{serviceClassesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceClasses~1{serviceClassesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/service_classes_iam_policies/methods/get_iam_policy + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/service_classes_iam_policies/methods/set_iam_policy - delete: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' service_connection_tokens: id: google.networkconnectivity.service_connection_tokens name: service_connection_tokens title: Service_connection_tokens methods: - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionTokens~1{serviceConnectionTokensId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionTokens/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.serviceConnectionTokens + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionTokens~1{serviceConnectionTokensId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionTokens/post response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionTokens/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionTokens~1{serviceConnectionTokensId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.serviceConnectionTokens - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionTokens/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionTokens~1{serviceConnectionTokensId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -4180,578 +4230,672 @@ components: delete: - $ref: >- #/components/x-stackQL-resources/service_connection_tokens/methods/delete - multicloud_data_transfer_configs: - id: google.networkconnectivity.multicloud_data_transfer_configs - name: multicloud_data_transfer_configs - title: Multicloud_data_transfer_configs + multicloud_data_transfer_supported_services: + id: google.networkconnectivity.multicloud_data_transfer_supported_services + name: multicloud_data_transfer_supported_services + title: Multicloud_data_transfer_supported_services methods: + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferSupportedServices~1{multicloudDataTransferSupportedServicesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferSupportedServices/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.multicloudDataTransferSupportedServices + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/multicloud_data_transfer_supported_services/methods/get + - $ref: >- + #/components/x-stackQL-resources/multicloud_data_transfer_supported_services/methods/list + insert: [] + update: [] + replace: [] + delete: [] + hubs_iam_policies: + id: google.networkconnectivity.hubs_iam_policies + name: hubs_iam_policies + title: Hubs_iam_policies + methods: + get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + test_iam_permissions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/hubs_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/hubs_iam_policies/methods/set_iam_policy + delete: [] + hubs: + id: google.networkconnectivity.hubs + name: hubs + title: Hubs + methods: + accept_spoke_update: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:acceptSpokeUpdate/post + response: + mediaType: application/json + openAPIDocKey: '200' + reject_spoke_update: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:rejectSpokeUpdate/post + response: + mediaType: application/json + openAPIDocKey: '200' + query_status: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:queryStatus/get + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.multicloudDataTransferConfigs + objectKey: $.hubs create: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs/post' + response: + mediaType: application/json + openAPIDocKey: '200' + accept_spoke: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:acceptSpoke/post response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs~1{multicloudDataTransferConfigsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}/delete response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs~1{multicloudDataTransferConfigsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + reject_spoke: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs~1{multicloudDataTransferConfigsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:rejectSpoke/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/multicloud_data_transfer_configs/methods/get - - $ref: >- - #/components/x-stackQL-resources/multicloud_data_transfer_configs/methods/list + - $ref: '#/components/x-stackQL-resources/hubs/methods/query_status' + - $ref: '#/components/x-stackQL-resources/hubs/methods/get' + - $ref: '#/components/x-stackQL-resources/hubs/methods/list' insert: - - $ref: >- - #/components/x-stackQL-resources/multicloud_data_transfer_configs/methods/create + - $ref: '#/components/x-stackQL-resources/hubs/methods/create' update: - - $ref: >- - #/components/x-stackQL-resources/multicloud_data_transfer_configs/methods/patch + - $ref: '#/components/x-stackQL-resources/hubs/methods/patch' replace: [] delete: - - $ref: >- - #/components/x-stackQL-resources/multicloud_data_transfer_configs/methods/delete - destinations: - id: google.networkconnectivity.destinations - name: destinations - title: Destinations + - $ref: '#/components/x-stackQL-resources/hubs/methods/delete' + spokes: + id: google.networkconnectivity.spokes + name: spokes + title: Spokes methods: + list_spokes: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:listSpokes/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.spokes list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs~1{multicloudDataTransferConfigsId}~1destinations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1spokes/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.destinations + objectKey: $.spokes create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs~1{multicloudDataTransferConfigsId}~1destinations/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1spokes/post response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs~1{multicloudDataTransferConfigsId}~1destinations~1{destinationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1spokes~1{spokesId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs~1{multicloudDataTransferConfigsId}~1destinations~1{destinationsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1spokes~1{spokesId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs~1{multicloudDataTransferConfigsId}~1destinations~1{destinationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1spokes~1{spokesId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/destinations/methods/get' - - $ref: '#/components/x-stackQL-resources/destinations/methods/list' + - $ref: '#/components/x-stackQL-resources/spokes/methods/get' + - $ref: '#/components/x-stackQL-resources/spokes/methods/list_spokes' + - $ref: '#/components/x-stackQL-resources/spokes/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/destinations/methods/create' + - $ref: '#/components/x-stackQL-resources/spokes/methods/create' update: - - $ref: '#/components/x-stackQL-resources/destinations/methods/patch' + - $ref: '#/components/x-stackQL-resources/spokes/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/destinations/methods/delete' - multicloud_data_transfer_supported_services: - id: google.networkconnectivity.multicloud_data_transfer_supported_services - name: multicloud_data_transfer_supported_services - title: Multicloud_data_transfer_supported_services + - $ref: '#/components/x-stackQL-resources/spokes/methods/delete' + route_tables: + id: google.networkconnectivity.route_tables + name: route_tables + title: Route_tables methods: - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferSupportedServices~1{multicloudDataTransferSupportedServicesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1routeTables/get response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.routeTables + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferSupportedServices/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1routeTables~1{routeTablesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.multicloudDataTransferSupportedServices sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/multicloud_data_transfer_supported_services/methods/get - - $ref: >- - #/components/x-stackQL-resources/multicloud_data_transfer_supported_services/methods/list + - $ref: '#/components/x-stackQL-resources/route_tables/methods/get' + - $ref: '#/components/x-stackQL-resources/route_tables/methods/list' insert: [] update: [] replace: [] delete: [] - hubs: - id: google.networkconnectivity.hubs - name: hubs - title: Hubs + routes: + id: google.networkconnectivity.routes + name: routes + title: Routes methods: list: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.hubs - create: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1routeTables~1{routeTablesId}~1routes/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.routes get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1routeTables~1{routeTablesId}~1routes~1{routesId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/routes/methods/get' + - $ref: '#/components/x-stackQL-resources/routes/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + groups: + id: google.networkconnectivity.groups + name: groups + title: Groups + methods: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1groups/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.groups + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1groups~1{groupsId}/get response: mediaType: application/json openAPIDocKey: '200' - query_status: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:queryStatus/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1groups~1{groupsId}/patch response: mediaType: application/json openAPIDocKey: '200' - reject_spoke: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/groups/methods/get' + - $ref: '#/components/x-stackQL-resources/groups/methods/list' + insert: [] + update: + - $ref: '#/components/x-stackQL-resources/groups/methods/patch' + replace: [] + delete: [] + groups_iam_policies: + id: google.networkconnectivity.groups_iam_policies + name: groups_iam_policies + title: Groups_iam_policies + methods: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:rejectSpoke/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1groups~1{groupsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - accept_spoke: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:acceptSpoke/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1groups~1{groupsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - accept_spoke_update: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:acceptSpokeUpdate/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1groups~1{groupsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - reject_spoke_update: + objectKey: $.bindings + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/groups_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/groups_iam_policies/methods/set_iam_policy + delete: [] + policy_based_routes_iam_policies: + id: google.networkconnectivity.policy_based_routes_iam_policies + name: policy_based_routes_iam_policies + title: Policy_based_routes_iam_policies + methods: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:rejectSpokeUpdate/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1policyBasedRoutes~1{policyBasedRoutesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/hubs/methods/get' - - $ref: '#/components/x-stackQL-resources/hubs/methods/query_status' - - $ref: '#/components/x-stackQL-resources/hubs/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/hubs/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/hubs/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/hubs/methods/delete' - spokes: - id: google.networkconnectivity.spokes - name: spokes - title: Spokes - methods: - list_spokes: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:listSpokes/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1policyBasedRoutes~1{policyBasedRoutesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.spokes - list: + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1spokes/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1policyBasedRoutes~1{policyBasedRoutesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.spokes - create: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/policy_based_routes_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/policy_based_routes_iam_policies/methods/set_iam_policy + delete: [] + policy_based_routes: + id: google.networkconnectivity.policy_based_routes + name: policy_based_routes + title: Policy_based_routes + methods: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1spokes/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1policyBasedRoutes~1{policyBasedRoutesId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1spokes~1{spokesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1policyBasedRoutes~1{policyBasedRoutesId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1spokes~1{spokesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1policyBasedRoutes/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1spokes~1{spokesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1policyBasedRoutes/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.policyBasedRoutes sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/spokes/methods/get' - - $ref: '#/components/x-stackQL-resources/spokes/methods/list_spokes' - - $ref: '#/components/x-stackQL-resources/spokes/methods/list' + - $ref: '#/components/x-stackQL-resources/policy_based_routes/methods/get' + - $ref: '#/components/x-stackQL-resources/policy_based_routes/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/spokes/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/spokes/methods/patch' + - $ref: >- + #/components/x-stackQL-resources/policy_based_routes/methods/create + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/spokes/methods/delete' - hubs_iam_policies: - id: google.networkconnectivity.hubs_iam_policies - name: hubs_iam_policies - title: Hubs_iam_policies + - $ref: >- + #/components/x-stackQL-resources/policy_based_routes/methods/delete + multicloud_data_transfer_configs: + id: google.networkconnectivity.multicloud_data_transfer_configs + name: multicloud_data_transfer_configs + title: Multicloud_data_transfer_configs methods: - set_iam_policy: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs~1{multicloudDataTransferConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs~1{multicloudDataTransferConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs~1{multicloudDataTransferConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/hubs_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/hubs_iam_policies/methods/set_iam_policy - delete: [] - route_tables: - id: google.networkconnectivity.route_tables - name: route_tables - title: Route_tables - methods: - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1routeTables~1{routeTablesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs/get response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.unreachable + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1routeTables/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.routeTables sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/route_tables/methods/get' - - $ref: '#/components/x-stackQL-resources/route_tables/methods/list' - insert: [] - update: [] + - $ref: >- + #/components/x-stackQL-resources/multicloud_data_transfer_configs/methods/get + - $ref: >- + #/components/x-stackQL-resources/multicloud_data_transfer_configs/methods/list + insert: + - $ref: >- + #/components/x-stackQL-resources/multicloud_data_transfer_configs/methods/create + update: + - $ref: >- + #/components/x-stackQL-resources/multicloud_data_transfer_configs/methods/patch replace: [] - delete: [] - routes: - id: google.networkconnectivity.routes - name: routes - title: Routes + delete: + - $ref: >- + #/components/x-stackQL-resources/multicloud_data_transfer_configs/methods/delete + destinations: + id: google.networkconnectivity.destinations + name: destinations + title: Destinations methods: - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1routeTables~1{routeTablesId}~1routes~1{routesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs~1{multicloudDataTransferConfigsId}~1destinations~1{destinationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1routeTables~1{routeTablesId}~1routes/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs~1{multicloudDataTransferConfigsId}~1destinations~1{destinationsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.routes - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/routes/methods/get' - - $ref: '#/components/x-stackQL-resources/routes/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - groups: - id: google.networkconnectivity.groups - name: groups - title: Groups - methods: get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1groups~1{groupsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs~1{multicloudDataTransferConfigsId}~1destinations~1{destinationsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1groups~1{groupsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs~1{multicloudDataTransferConfigsId}~1destinations/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1groups/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1multicloudDataTransferConfigs~1{multicloudDataTransferConfigsId}~1destinations/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.groups + objectKey: $.unreachable sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/groups/methods/get' - - $ref: '#/components/x-stackQL-resources/groups/methods/list' - insert: [] + - $ref: '#/components/x-stackQL-resources/destinations/methods/get' + - $ref: '#/components/x-stackQL-resources/destinations/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/destinations/methods/create' update: - - $ref: '#/components/x-stackQL-resources/groups/methods/patch' + - $ref: '#/components/x-stackQL-resources/destinations/methods/patch' replace: [] - delete: [] - groups_iam_policies: - id: google.networkconnectivity.groups_iam_policies - name: groups_iam_policies - title: Groups_iam_policies + delete: + - $ref: '#/components/x-stackQL-resources/destinations/methods/delete' + spokes_iam_policies: + id: google.networkconnectivity.spokes_iam_policies + name: spokes_iam_policies + title: Spokes_iam_policies methods: set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1groups~1{groupsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1spokes~1{spokesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1groups~1{groupsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1spokes~1{spokesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1hubs~1{hubsId}~1groups~1{groupsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1spokes~1{spokesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/groups_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/spokes_iam_policies/methods/get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/groups_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/spokes_iam_policies/methods/set_iam_policy delete: [] - policy_based_routes: - id: google.networkconnectivity.policy_based_routes - name: policy_based_routes - title: Policy_based_routes + service_connection_policies_iam_policies: + id: google.networkconnectivity.service_connection_policies_iam_policies + name: service_connection_policies_iam_policies + title: Service_connection_policies_iam_policies methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1policyBasedRoutes/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.policyBasedRoutes - create: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1policyBasedRoutes/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionPolicies~1{serviceConnectionPoliciesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - get: + objectKey: $.bindings + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1policyBasedRoutes~1{policyBasedRoutesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionPolicies~1{serviceConnectionPoliciesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - delete: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1policyBasedRoutes~1{policyBasedRoutesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionPolicies~1{serviceConnectionPoliciesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/policy_based_routes/methods/get' - - $ref: '#/components/x-stackQL-resources/policy_based_routes/methods/list' - insert: - $ref: >- - #/components/x-stackQL-resources/policy_based_routes/methods/create + #/components/x-stackQL-resources/service_connection_policies_iam_policies/methods/get_iam_policy + insert: [] update: [] - replace: [] - delete: + replace: - $ref: >- - #/components/x-stackQL-resources/policy_based_routes/methods/delete - policy_based_routes_iam_policies: - id: google.networkconnectivity.policy_based_routes_iam_policies - name: policy_based_routes_iam_policies - title: Policy_based_routes_iam_policies + #/components/x-stackQL-resources/service_connection_policies_iam_policies/methods/set_iam_policy + delete: [] + service_connection_policies: + id: google.networkconnectivity.service_connection_policies + name: service_connection_policies + title: Service_connection_policies methods: - set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1policyBasedRoutes~1{policyBasedRoutesId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - get_iam_policy: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1policyBasedRoutes~1{policyBasedRoutesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionPolicies~1{serviceConnectionPoliciesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1policyBasedRoutes~1{policyBasedRoutesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionPolicies~1{serviceConnectionPoliciesId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/policy_based_routes_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/policy_based_routes_iam_policies/methods/set_iam_policy - delete: [] - spokes_iam_policies: - id: google.networkconnectivity.spokes_iam_policies - name: spokes_iam_policies - title: Spokes_iam_policies - methods: - set_iam_policy: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1spokes~1{spokesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionPolicies~1{serviceConnectionPoliciesId}/delete response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1spokes~1{spokesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionPolicies/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1spokes~1{spokesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionPolicies/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.serviceConnectionPolicies sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/spokes_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: + #/components/x-stackQL-resources/service_connection_policies/methods/get - $ref: >- - #/components/x-stackQL-resources/spokes_iam_policies/methods/set_iam_policy - delete: [] + #/components/x-stackQL-resources/service_connection_policies/methods/list + insert: + - $ref: >- + #/components/x-stackQL-resources/service_connection_policies/methods/create + update: + - $ref: >- + #/components/x-stackQL-resources/service_connection_policies/methods/patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/service_connection_policies/methods/delete internal_ranges: id: google.networkconnectivity.internal_ranges name: internal_ranges @@ -4772,10 +4916,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1internalRanges~1{internalRangesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1internalRanges~1{internalRangesId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -4786,10 +4930,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1internalRanges~1{internalRangesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1internalRanges~1{internalRangesId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -4808,97 +4952,147 @@ components: id: google.networkconnectivity.internal_ranges_iam_policies name: internal_ranges_iam_policies title: Internal_ranges_iam_policies + methods: + get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1internalRanges~1{internalRangesId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1internalRanges~1{internalRangesId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + test_iam_permissions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1internalRanges~1{internalRangesId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/internal_ranges_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/internal_ranges_iam_policies/methods/set_iam_policy + delete: [] + service_connection_maps_iam_policies: + id: google.networkconnectivity.service_connection_maps_iam_policies + name: service_connection_maps_iam_policies + title: Service_connection_maps_iam_policies methods: set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1internalRanges~1{internalRangesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionMaps~1{serviceConnectionMapsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1internalRanges~1{internalRangesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionMaps~1{serviceConnectionMapsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1internalRanges~1{internalRangesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionMaps~1{serviceConnectionMapsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/internal_ranges_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/service_connection_maps_iam_policies/methods/get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/internal_ranges_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/service_connection_maps_iam_policies/methods/set_iam_policy delete: [] - regional_endpoints: - id: google.networkconnectivity.regional_endpoints - name: regional_endpoints - title: Regional_endpoints + service_connection_maps: + id: google.networkconnectivity.service_connection_maps + name: service_connection_maps + title: Service_connection_maps methods: + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionMaps/post + response: + mediaType: application/json + openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1regionalEndpoints/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionMaps/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.regionalEndpoints - create: + objectKey: $.serviceConnectionMaps + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1regionalEndpoints/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionMaps~1{serviceConnectionMapsId}/delete response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1regionalEndpoints~1{regionalEndpointsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionMaps~1{serviceConnectionMapsId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1regionalEndpoints~1{regionalEndpointsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceConnectionMaps~1{serviceConnectionMapsId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/regional_endpoints/methods/get' - - $ref: '#/components/x-stackQL-resources/regional_endpoints/methods/list' + - $ref: >- + #/components/x-stackQL-resources/service_connection_maps/methods/get + - $ref: >- + #/components/x-stackQL-resources/service_connection_maps/methods/list insert: - - $ref: '#/components/x-stackQL-resources/regional_endpoints/methods/create' - update: [] + - $ref: >- + #/components/x-stackQL-resources/service_connection_maps/methods/create + update: + - $ref: >- + #/components/x-stackQL-resources/service_connection_maps/methods/patch replace: [] delete: - - $ref: '#/components/x-stackQL-resources/regional_endpoints/methods/delete' + - $ref: >- + #/components/x-stackQL-resources/service_connection_maps/methods/delete paths: /v1/projects/{projectsId}/locations: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/callback' get: description: Lists information about the supported locations for this service. operationId: networkconnectivity.projects.locations.list @@ -4920,28 +5114,42 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: extraLocationTypes schema: type: string - in: query - name: extraLocationTypes + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}: + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}:checkConsumerConfig: parameters: *ref_1 - get: - description: Gets information about a location. - operationId: networkconnectivity.projects.locations.get + post: + description: >- + CheckConsumerConfig validates the consumer network and project for + potential PSC connection creation. This method performs several checks, + including: - Validating the existence and permissions of the service + class. - Ensuring the consumer network exists and is accessible. - + Verifying XPN relationships if applicable. - Checking for compatible IP + versions between the consumer network and the requested version. This + method performs a dynamic IAM check for the + `networkconnectivity.serviceClasses.use` permission on the service class + resource in the Prepare phase. + operationId: networkconnectivity.projects.locations.checkConsumerConfig + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CheckConsumerConfigRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4953,7 +5161,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/CheckConsumerConfigResponse' parameters: - in: path name: projectsId @@ -4965,13 +5173,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: networkconnectivity.projects.locations.operations.list + description: Gets information about a location. + operationId: networkconnectivity.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4983,7 +5189,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId @@ -4995,27 +5201,11 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/regionalEndpoints/{regionalEndpointsId}: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: networkconnectivity.projects.locations.operations.get + delete: + description: Deletes a single RegionalEndpoint. + operationId: networkconnectivity.projects.locations.regionalEndpoints.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5040,17 +5230,17 @@ paths: schema: type: string - in: path - name: operationsId + name: regionalEndpointsId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: networkconnectivity.projects.locations.operations.delete + - in: query + name: requestId + schema: + type: string + get: + description: Gets details of a single RegionalEndpoint. + operationId: networkconnectivity.projects.locations.regionalEndpoints.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5062,7 +5252,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/RegionalEndpoint' parameters: - in: path name: projectsId @@ -5075,29 +5265,15 @@ paths: schema: type: string - in: path - name: operationsId + name: regionalEndpointsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/regionalEndpoints: parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: networkconnectivity.projects.locations.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' + get: + description: Lists RegionalEndpoints in a given project and location. + operationId: networkconnectivity.projects.locations.regionalEndpoints.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5109,7 +5285,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListRegionalEndpointsResponse' parameters: - in: path name: projectsId @@ -5121,16 +5297,31 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionMaps: - parameters: *ref_1 - get: - description: Lists ServiceConnectionMaps in a given project and location. - operationId: networkconnectivity.projects.locations.serviceConnectionMaps.list + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a new RegionalEndpoint in a given project and location. + operationId: networkconnectivity.projects.locations.regionalEndpoints.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RegionalEndpoint' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5142,7 +5333,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListServiceConnectionMapsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -5155,30 +5346,20 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: regionalEndpointId schema: type: string - in: query - name: orderBy + name: requestId schema: type: string - post: - description: Creates a new ServiceConnectionMap in a given project and location. - operationId: networkconnectivity.projects.locations.serviceConnectionMaps.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ServiceConnectionMap' + /v1/projects/{projectsId}/locations/{locationsId}/serviceClasses/{serviceClassesId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: networkconnectivity.projects.locations.serviceClasses.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5190,7 +5371,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -5202,19 +5383,21 @@ paths: required: true schema: type: string - - in: query - name: serviceConnectionMapId + - in: path + name: serviceClassesId + required: true schema: type: string - in: query - name: requestId + name: options.requestedPolicyVersion schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionMaps/{serviceConnectionMapsId}: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/serviceClasses/{serviceClassesId}: parameters: *ref_1 get: - description: Gets details of a single ServiceConnectionMap. - operationId: networkconnectivity.projects.locations.serviceConnectionMaps.get + description: Gets details of a single ServiceClass. + operationId: networkconnectivity.projects.locations.serviceClasses.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5226,7 +5409,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ServiceConnectionMap' + $ref: '#/components/schemas/ServiceClass' parameters: - in: path name: projectsId @@ -5239,18 +5422,13 @@ paths: schema: type: string - in: path - name: serviceConnectionMapsId + name: serviceClassesId required: true schema: type: string - patch: - description: Updates the parameters of a single ServiceConnectionMap. - operationId: networkconnectivity.projects.locations.serviceConnectionMaps.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ServiceConnectionMap' + delete: + description: Deletes a single ServiceClass. + operationId: networkconnectivity.projects.locations.serviceClasses.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5275,22 +5453,26 @@ paths: schema: type: string - in: path - name: serviceConnectionMapsId + name: serviceClassesId required: true schema: type: string - in: query - name: updateMask + name: etag schema: type: string - format: google-fieldmask - in: query name: requestId schema: type: string - delete: - description: Deletes a single ServiceConnectionMap. - operationId: networkconnectivity.projects.locations.serviceConnectionMaps.delete + patch: + description: Updates the parameters of a single ServiceClass. + operationId: networkconnectivity.projects.locations.serviceClasses.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceClass' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5315,7 +5497,7 @@ paths: schema: type: string - in: path - name: serviceConnectionMapsId + name: serviceClassesId required: true schema: type: string @@ -5324,59 +5506,25 @@ paths: schema: type: string - in: query - name: etag + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionMaps/{serviceConnectionMapsId}:setIamPolicy: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/serviceClasses/{serviceClassesId}:testIamPermissions: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: >- - networkconnectivity.projects.locations.serviceConnectionMaps.setIamPolicy + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: networkconnectivity.projects.locations.serviceClasses.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Policy' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: serviceConnectionMapsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionMaps/{serviceConnectionMapsId}:getIamPolicy: - parameters: *ref_1 - get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: >- - networkconnectivity.projects.locations.serviceConnectionMaps.getIamPolicy + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5388,7 +5536,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -5401,31 +5549,23 @@ paths: schema: type: string - in: path - name: serviceConnectionMapsId + name: serviceClassesId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionMaps/{serviceConnectionMapsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/serviceClasses/{serviceClassesId}:setIamPolicy: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: >- - networkconnectivity.projects.locations.serviceConnectionMaps.testIamPermissions + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: networkconnectivity.projects.locations.serviceClasses.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5437,7 +5577,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -5450,15 +5590,15 @@ paths: schema: type: string - in: path - name: serviceConnectionMapsId + name: serviceClassesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionPolicies: + /v1/projects/{projectsId}/locations/{locationsId}/serviceClasses: parameters: *ref_1 get: - description: Lists ServiceConnectionPolicies in a given project and location. - operationId: networkconnectivity.projects.locations.serviceConnectionPolicies.list + description: Lists ServiceClasses in a given project and location. + operationId: networkconnectivity.projects.locations.serviceClasses.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5470,7 +5610,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListServiceConnectionPoliciesResponse' + $ref: '#/components/schemas/ListServiceClassesResponse' parameters: - in: path name: projectsId @@ -5483,10 +5623,9 @@ paths: schema: type: string - in: query - name: pageSize + name: orderBy schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: @@ -5496,17 +5635,19 @@ paths: schema: type: string - in: query - name: orderBy + name: pageSize schema: - type: string - post: - description: Creates a new ServiceConnectionPolicy in a given project and location. - operationId: networkconnectivity.projects.locations.serviceConnectionPolicies.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ServiceConnectionPolicy' + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: networkconnectivity.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5518,7 +5659,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -5530,19 +5671,17 @@ paths: required: true schema: type: string - - in: query - name: serviceConnectionPolicyId - schema: - type: string - - in: query - name: requestId + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionPolicies/{serviceConnectionPoliciesId}: - parameters: *ref_1 get: - description: Gets details of a single ServiceConnectionPolicy. - operationId: networkconnectivity.projects.locations.serviceConnectionPolicies.get + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: networkconnectivity.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5554,7 +5693,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ServiceConnectionPolicy' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -5567,18 +5706,17 @@ paths: schema: type: string - in: path - name: serviceConnectionPoliciesId + name: operationsId required: true schema: type: string - patch: - description: Updates the parameters of a single ServiceConnectionPolicy. - operationId: networkconnectivity.projects.locations.serviceConnectionPolicies.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ServiceConnectionPolicy' + /v1/projects/{projectsId}/locations/{locationsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: networkconnectivity.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5590,7 +5728,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -5602,23 +5740,42 @@ paths: required: true schema: type: string - - in: path - name: serviceConnectionPoliciesId - required: true + - in: query + name: filter schema: type: string - in: query - name: updateMask + name: pageSize schema: - type: string - format: google-fieldmask + type: integer + format: int32 - in: query - name: requestId + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken schema: type: string - delete: - description: Deletes a single ServiceConnectionPolicy. - operationId: networkconnectivity.projects.locations.serviceConnectionPolicies.delete + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: networkconnectivity.projects.locations.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5630,7 +5787,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -5643,32 +5800,15 @@ paths: schema: type: string - in: path - name: serviceConnectionPoliciesId + name: operationsId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - - in: query - name: etag - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionPolicies/{serviceConnectionPoliciesId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionTokens: parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: >- - networkconnectivity.projects.locations.serviceConnectionPolicies.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + get: + description: Lists ServiceConnectionTokens in a given project and location. + operationId: networkconnectivity.projects.locations.serviceConnectionTokens.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5680,7 +5820,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListServiceConnectionTokensResponse' parameters: - in: path name: projectsId @@ -5692,19 +5832,31 @@ paths: required: true schema: type: string - - in: path - name: serviceConnectionPoliciesId - required: true + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionPolicies/{serviceConnectionPoliciesId}:getIamPolicy: - parameters: *ref_1 - get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: >- - networkconnectivity.projects.locations.serviceConnectionPolicies.getIamPolicy + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a new ServiceConnectionToken in a given project and location. + operationId: networkconnectivity.projects.locations.serviceConnectionTokens.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceConnectionToken' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5716,7 +5868,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -5728,32 +5880,19 @@ paths: required: true schema: type: string - - in: path - name: serviceConnectionPoliciesId - required: true + - in: query + name: serviceConnectionTokenId schema: type: string - in: query - name: options.requestedPolicyVersion + name: requestId schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionPolicies/{serviceConnectionPoliciesId}:testIamPermissions: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionTokens/{serviceConnectionTokensId}: parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: >- - networkconnectivity.projects.locations.serviceConnectionPolicies.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + get: + description: Gets details of a single ServiceConnectionToken. + operationId: networkconnectivity.projects.locations.serviceConnectionTokens.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5765,7 +5904,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ServiceConnectionToken' parameters: - in: path name: projectsId @@ -5778,15 +5917,13 @@ paths: schema: type: string - in: path - name: serviceConnectionPoliciesId + name: serviceConnectionTokensId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceClasses: - parameters: *ref_1 - get: - description: Lists ServiceClasses in a given project and location. - operationId: networkconnectivity.projects.locations.serviceClasses.list + delete: + description: Deletes a single ServiceConnectionToken. + operationId: networkconnectivity.projects.locations.serviceConnectionTokens.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5798,7 +5935,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListServiceClassesResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -5810,28 +5947,27 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: serviceConnectionTokensId + required: true schema: type: string - in: query - name: filter + name: etag schema: type: string - in: query - name: orderBy + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceClasses/{serviceClassesId}: + /v1/projects/{projectsId}/locations/{locationsId}/multicloudDataTransferSupportedServices/{multicloudDataTransferSupportedServicesId}: parameters: *ref_1 get: - description: Gets details of a single ServiceClass. - operationId: networkconnectivity.projects.locations.serviceClasses.get + description: >- + Gets the details of a service that is supported for Data Transfer + Essentials. + operationId: >- + networkconnectivity.projects.locations.multicloudDataTransferSupportedServices.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5843,7 +5979,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ServiceClass' + $ref: '#/components/schemas/MulticloudDataTransferSupportedService' parameters: - in: path name: projectsId @@ -5856,18 +5992,18 @@ paths: schema: type: string - in: path - name: serviceClassesId + name: multicloudDataTransferSupportedServicesId required: true schema: type: string - patch: - description: Updates the parameters of a single ServiceClass. - operationId: networkconnectivity.projects.locations.serviceClasses.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ServiceClass' + /v1/projects/{projectsId}/locations/{locationsId}/multicloudDataTransferSupportedServices: + parameters: *ref_1 + get: + description: >- + Lists the services in the project for a region that are supported for + Data Transfer Essentials. + operationId: >- + networkconnectivity.projects.locations.multicloudDataTransferSupportedServices.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5879,7 +6015,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/ListMulticloudDataTransferSupportedServicesResponse parameters: - in: path name: projectsId @@ -5891,23 +6028,22 @@ paths: required: true schema: type: string - - in: path - name: serviceClassesId - required: true - schema: - type: string - in: query - name: updateMask + name: pageSize schema: - type: string - format: google-fieldmask + type: integer + format: int32 - in: query - name: requestId + name: pageToken schema: type: string - delete: - description: Deletes a single ServiceClass. - operationId: networkconnectivity.projects.locations.serviceClasses.delete + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: networkconnectivity.projects.locations.global.hubs.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5919,7 +6055,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -5927,36 +6063,27 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: serviceClassesId + name: hubsId required: true schema: type: string - in: query - name: requestId - schema: - type: string - - in: query - name: etag + name: options.requestedPolicyVersion schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceClasses/{serviceClassesId}:setIamPolicy: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:acceptSpokeUpdate: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: networkconnectivity.projects.locations.serviceClasses.setIamPolicy + Accepts a proposal to update a Network Connectivity Center spoke in a + hub. + operationId: networkconnectivity.projects.locations.global.hubs.acceptSpokeUpdate requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/AcceptSpokeUpdateRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5968,7 +6095,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -5976,22 +6103,18 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: serviceClassesId + name: hubsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceClasses/{serviceClassesId}:getIamPolicy: + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:listSpokes: parameters: *ref_1 get: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: networkconnectivity.projects.locations.serviceClasses.getIamPolicy + Lists the Network Connectivity Center spokes associated with a specified + hub and location. The list includes both spokes that are attached to the + hub and spokes that have been proposed but not yet accepted. + operationId: networkconnectivity.projects.locations.global.hubs.listSpokes security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6003,7 +6126,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListHubSpokesResponse' parameters: - in: path name: projectsId @@ -6011,21 +6134,36 @@ paths: schema: type: string - in: path - name: locationsId + name: hubsId required: true schema: type: string - - in: path - name: serviceClassesId - required: true + - in: query + name: filter schema: type: string - in: query - name: options.requestedPolicyVersion + name: spokeLocations + schema: + type: string + - in: query + name: view + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/serviceClasses/{serviceClassesId}:testIamPermissions: + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:testIamPermissions: parameters: *ref_1 post: description: >- @@ -6034,7 +6172,7 @@ paths: not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. - operationId: networkconnectivity.projects.locations.serviceClasses.testIamPermissions + operationId: networkconnectivity.projects.locations.global.hubs.testIamPermissions requestBody: content: application/json: @@ -6059,20 +6197,22 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: serviceClassesId + name: hubsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionTokens/{serviceConnectionTokensId}: + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:rejectSpokeUpdate: parameters: *ref_1 - get: - description: Gets details of a single ServiceConnectionToken. - operationId: networkconnectivity.projects.locations.serviceConnectionTokens.get + post: + description: >- + Rejects a proposal to update a Network Connectivity Center spoke in a + hub. + operationId: networkconnectivity.projects.locations.global.hubs.rejectSpokeUpdate + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RejectSpokeUpdateRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6084,26 +6224,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ServiceConnectionToken' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: - in: path - name: locationsId + name: projectsId required: true schema: type: string - in: path - name: serviceConnectionTokensId + name: hubsId required: true schema: type: string - delete: - description: Deletes a single ServiceConnectionToken. - operationId: networkconnectivity.projects.locations.serviceConnectionTokens.delete + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:queryStatus: + parameters: *ref_1 + get: + description: >- + Query the Private Service Connect propagation status of a Network + Connectivity Center hub. + operationId: networkconnectivity.projects.locations.global.hubs.queryStatus security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6115,7 +6254,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/QueryHubStatusResponse' parameters: - in: path name: projectsId @@ -6123,28 +6262,38 @@ paths: schema: type: string - in: path - name: locationsId + name: hubsId required: true schema: type: string - - in: path - name: serviceConnectionTokensId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - in: query - name: requestId + name: filter schema: type: string - in: query - name: etag + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionTokens: + - in: query + name: groupBy + schema: + type: string + /v1/projects/{projectsId}/locations/global/hubs: parameters: *ref_1 get: - description: Lists ServiceConnectionTokens in a given project and location. - operationId: networkconnectivity.projects.locations.serviceConnectionTokens.list + description: >- + Lists the Network Connectivity Center hubs associated with a given + project. + operationId: networkconnectivity.projects.locations.global.hubs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6156,16 +6305,19 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListServiceConnectionTokensResponse' + $ref: '#/components/schemas/ListHubsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter schema: type: string - in: query @@ -6177,22 +6329,52 @@ paths: name: pageToken schema: type: string + post: + description: Creates a new Network Connectivity Center hub in the specified project. + operationId: networkconnectivity.projects.locations.global.hubs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Hub' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: hubId schema: type: string + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:acceptSpoke: + parameters: *ref_1 post: - description: Creates a new ServiceConnectionToken in a given project and location. - operationId: networkconnectivity.projects.locations.serviceConnectionTokens.create + description: >- + Accepts a proposal to attach a Network Connectivity Center spoke to a + hub. + operationId: networkconnectivity.projects.locations.global.hubs.acceptSpoke requestBody: content: application/json: schema: - $ref: '#/components/schemas/ServiceConnectionToken' + $ref: '#/components/schemas/AcceptHubSpokeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6212,24 +6394,15 @@ paths: schema: type: string - in: path - name: locationsId + name: hubsId required: true schema: type: string - - in: query - name: serviceConnectionTokenId - schema: - type: string - - in: query - name: requestId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/multicloudDataTransferConfigs: + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}: parameters: *ref_1 get: - description: Lists MulticloudDataTransferConfigs in a given project and location. - operationId: >- - networkconnectivity.projects.locations.multicloudDataTransferConfigs.list + description: Gets details about a Network Connectivity Center hub. + operationId: networkconnectivity.projects.locations.global.hubs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6241,7 +6414,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListMulticloudDataTransferConfigsResponse' + $ref: '#/components/schemas/Hub' parameters: - in: path name: projectsId @@ -6249,40 +6422,50 @@ paths: schema: type: string - in: path - name: locationsId + name: hubsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + delete: + description: Deletes a Network Connectivity Center hub. + operationId: networkconnectivity.projects.locations.global.hubs.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true schema: type: string - - in: query - name: filter + - in: path + name: hubsId + required: true schema: type: string - in: query - name: orderBy + name: requestId schema: type: string - - in: query - name: returnPartialSuccess - schema: - type: boolean - post: - description: Creates a MulticloudDataTransferConfig in a given project and location. - operationId: >- - networkconnectivity.projects.locations.multicloudDataTransferConfigs.create + patch: + description: >- + Updates the description and/or labels of a Network Connectivity Center + hub. + operationId: networkconnectivity.projects.locations.global.hubs.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/MulticloudDataTransferConfig' + $ref: '#/components/schemas/Hub' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6302,23 +6485,32 @@ paths: schema: type: string - in: path - name: locationsId + name: hubsId required: true schema: type: string - in: query - name: multicloudDataTransferConfigId + name: requestId schema: type: string - in: query - name: requestId + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/multicloudDataTransferConfigs/{multicloudDataTransferConfigsId}: + format: google-fieldmask + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:setIamPolicy: parameters: *ref_1 - get: - description: Gets details of a single MulticloudDataTransferConfig. - operationId: networkconnectivity.projects.locations.multicloudDataTransferConfigs.get + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: networkconnectivity.projects.locations.global.hubs.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6330,7 +6522,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/MulticloudDataTransferConfig' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6338,24 +6530,24 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: multicloudDataTransferConfigsId + name: hubsId required: true schema: type: string - patch: - description: Updates a MulticloudDataTransferConfig in a given project and location. - operationId: >- - networkconnectivity.projects.locations.multicloudDataTransferConfigs.patch + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:rejectSpoke: + parameters: *ref_1 + post: + description: >- + Rejects a Network Connectivity Center spoke from being attached to a + hub. If the spoke was previously in the `ACTIVE` state, it transitions + to the `INACTIVE` state and is no longer able to connect to other spokes + that are attached to the hub. + operationId: networkconnectivity.projects.locations.global.hubs.rejectSpoke requestBody: content: application/json: schema: - $ref: '#/components/schemas/MulticloudDataTransferConfig' + $ref: '#/components/schemas/RejectHubSpokeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6375,28 +6567,15 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: multicloudDataTransferConfigsId + name: hubsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId - schema: - type: string - delete: - description: Deletes a single MulticloudDataTransferConfig. - operationId: >- - networkconnectivity.projects.locations.multicloudDataTransferConfigs.delete + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/routeTables: + parameters: *ref_1 + get: + description: Lists route tables in a given hub. + operationId: networkconnectivity.projects.locations.global.hubs.routeTables.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6408,7 +6587,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/ListRouteTablesResponse' parameters: - in: path name: projectsId @@ -6416,29 +6595,32 @@ paths: schema: type: string - in: path - name: locationsId + name: hubsId required: true schema: type: string - - in: path - name: multicloudDataTransferConfigsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: requestId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy schema: type: string - in: query - name: etag + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/multicloudDataTransferConfigs/{multicloudDataTransferConfigsId}/destinations: + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/routeTables/{routeTablesId}: parameters: *ref_1 - get: - description: Lists Destinations in a given project and location. - operationId: >- - networkconnectivity.projects.locations.multicloudDataTransferConfigs.destinations.list + get: + description: Gets details about a Network Connectivity Center route table. + operationId: networkconnectivity.projects.locations.global.hubs.routeTables.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6450,7 +6632,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDestinationsResponse' + $ref: '#/components/schemas/RouteTable' parameters: - in: path name: projectsId @@ -6458,45 +6640,21 @@ paths: schema: type: string - in: path - name: locationsId + name: hubsId required: true schema: type: string - in: path - name: multicloudDataTransferConfigsId + name: routeTablesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: returnPartialSuccess - schema: - type: boolean - post: - description: Creates a Destination in a given project and location. + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/routeTables/{routeTablesId}/routes: + parameters: *ref_1 + get: + description: Lists routes in a given route table. operationId: >- - networkconnectivity.projects.locations.multicloudDataTransferConfigs.destinations.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Destination' + networkconnectivity.projects.locations.global.hubs.routeTables.routes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6508,7 +6666,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/ListRoutesResponse' parameters: - in: path name: projectsId @@ -6516,29 +6674,38 @@ paths: schema: type: string - in: path - name: locationsId + name: hubsId required: true schema: type: string - in: path - name: multicloudDataTransferConfigsId + name: routeTablesId required: true schema: type: string - in: query - name: destinationId + name: filter schema: type: string - in: query - name: requestId + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/multicloudDataTransferConfigs/{multicloudDataTransferConfigsId}/destinations/{destinationsId}: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/routeTables/{routeTablesId}/routes/{routesId}: parameters: *ref_1 get: - description: Gets details of a single Destination. + description: Gets details about the specified route. operationId: >- - networkconnectivity.projects.locations.multicloudDataTransferConfigs.destinations.get + networkconnectivity.projects.locations.global.hubs.routeTables.routes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6550,7 +6717,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Destination' + $ref: '#/components/schemas/Route' parameters: - in: path name: projectsId @@ -6558,29 +6725,25 @@ paths: schema: type: string - in: path - name: locationsId + name: hubsId required: true schema: type: string - in: path - name: multicloudDataTransferConfigsId + name: routeTablesId required: true schema: type: string - in: path - name: destinationsId + name: routesId required: true schema: type: string - patch: - description: Updates a Destination in a given project and location. - operationId: >- - networkconnectivity.projects.locations.multicloudDataTransferConfigs.destinations.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Destination' + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/groups: + parameters: *ref_1 + get: + description: Lists groups in a given hub. + operationId: networkconnectivity.projects.locations.global.hubs.groups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6592,7 +6755,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/ListGroupsResponse' parameters: - in: path name: projectsId @@ -6600,33 +6763,43 @@ paths: schema: type: string - in: path - name: locationsId + name: hubsId required: true schema: type: string - - in: path - name: multicloudDataTransferConfigsId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: destinationsId - required: true + type: integer + format: int32 + - in: query + name: filter schema: type: string - in: query - name: updateMask + name: orderBy schema: type: string - format: google-fieldmask - in: query - name: requestId + name: pageToken schema: type: string - delete: - description: Deletes a single Destination. + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/groups/{groupsId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. operationId: >- - networkconnectivity.projects.locations.multicloudDataTransferConfigs.destinations.delete + networkconnectivity.projects.locations.global.hubs.groups.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6638,7 +6811,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -6646,34 +6819,20 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: multicloudDataTransferConfigsId + name: hubsId required: true schema: type: string - in: path - name: destinationsId + name: groupsId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - - in: query - name: etag - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/multicloudDataTransferSupportedServices/{multicloudDataTransferSupportedServicesId}: + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/groups/{groupsId}: parameters: *ref_1 get: - description: Gets details of a single MulticloudDataTransferSupportedServices. - operationId: >- - networkconnectivity.projects.locations.multicloudDataTransferSupportedServices.get + description: Gets details about a Network Connectivity Center group. + operationId: networkconnectivity.projects.locations.global.hubs.groups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6685,7 +6844,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/MulticloudDataTransferSupportedService' + $ref: '#/components/schemas/Group' parameters: - in: path name: projectsId @@ -6693,23 +6852,23 @@ paths: schema: type: string - in: path - name: locationsId + name: hubsId required: true schema: type: string - in: path - name: multicloudDataTransferSupportedServicesId + name: groupsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/multicloudDataTransferSupportedServices: - parameters: *ref_1 - get: - description: >- - Lists the supported services for Multicloud Data Transfer. This is a - passthrough method. - operationId: >- - networkconnectivity.projects.locations.multicloudDataTransferSupportedServices.list + patch: + description: Updates the parameters of a Network Connectivity Center group. + operationId: networkconnectivity.projects.locations.global.hubs.groups.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Group' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6721,8 +6880,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ListMulticloudDataTransferSupportedServicesResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -6730,26 +6888,37 @@ paths: schema: type: string - in: path - name: locationsId + name: hubsId + required: true + schema: + type: string + - in: path + name: groupsId required: true schema: type: string - in: query - name: pageSize + name: requestId schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/global/hubs: + format: google-fieldmask + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/groups/{groupsId}:setIamPolicy: parameters: *ref_1 - get: + post: description: >- - Lists the Network Connectivity Center hubs associated with a given - project. - operationId: networkconnectivity.projects.locations.global.hubs.list + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: networkconnectivity.projects.locations.global.hubs.groups.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6761,38 +6930,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListHubsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: hubsId + required: true schema: type: string - - in: query - name: orderBy + - in: path + name: groupsId + required: true schema: type: string - post: - description: Creates a new Network Connectivity Center hub in the specified project. - operationId: networkconnectivity.projects.locations.global.hubs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Hub' + /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/groups/{groupsId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: networkconnectivity.projects.locations.global.hubs.groups.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6804,26 +6965,44 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: hubId + - in: path + name: hubsId + required: true schema: type: string - - in: query - name: requestId + - in: path + name: groupsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/global/policyBasedRoutes/{policyBasedRoutesId}:testIamPermissions: parameters: *ref_1 - get: - description: Gets details about a Network Connectivity Center hub. - operationId: networkconnectivity.projects.locations.global.hubs.get + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: >- + networkconnectivity.projects.locations.global.policyBasedRoutes.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6835,7 +7014,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Hub' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -6843,20 +7022,15 @@ paths: schema: type: string - in: path - name: hubsId + name: policyBasedRoutesId required: true schema: type: string - patch: - description: >- - Updates the description and/or labels of a Network Connectivity Center - hub. - operationId: networkconnectivity.projects.locations.global.hubs.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Hub' + /v1/projects/{projectsId}/locations/global/policyBasedRoutes/{policyBasedRoutesId}: + parameters: *ref_1 + get: + description: Gets details of a single policy-based route. + operationId: networkconnectivity.projects.locations.global.policyBasedRoutes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6868,7 +7042,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/PolicyBasedRoute' parameters: - in: path name: projectsId @@ -6876,22 +7050,13 @@ paths: schema: type: string - in: path - name: hubsId + name: policyBasedRoutesId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId - schema: - type: string delete: - description: Deletes a Network Connectivity Center hub. - operationId: networkconnectivity.projects.locations.global.hubs.delete + description: Deletes a single policy-based route. + operationId: networkconnectivity.projects.locations.global.policyBasedRoutes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6911,7 +7076,7 @@ paths: schema: type: string - in: path - name: hubsId + name: policyBasedRoutesId required: true schema: type: string @@ -6919,14 +7084,14 @@ paths: name: requestId schema: type: string - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:listSpokes: + /v1/projects/{projectsId}/locations/global/policyBasedRoutes/{policyBasedRoutesId}:getIamPolicy: parameters: *ref_1 get: description: >- - Lists the Network Connectivity Center spokes associated with a specified - hub and location. The list includes both spokes that are attached to the - hub and spokes that have been proposed but not yet accepted. - operationId: networkconnectivity.projects.locations.global.hubs.listSpokes + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: >- + networkconnectivity.projects.locations.global.policyBasedRoutes.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6938,7 +7103,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListHubSpokesResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6946,42 +7111,29 @@ paths: schema: type: string - in: path - name: hubsId + name: policyBasedRoutesId required: true schema: type: string - in: query - name: spokeLocations - schema: - type: string - - in: query - name: pageSize + name: options.requestedPolicyVersion schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: view - schema: - type: string - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:queryStatus: + /v1/projects/{projectsId}/locations/global/policyBasedRoutes/{policyBasedRoutesId}:setIamPolicy: parameters: *ref_1 - get: + post: description: >- - Query the Private Service Connect propagation status of a Network - Connectivity Center hub. - operationId: networkconnectivity.projects.locations.global.hubs.queryStatus + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: >- + networkconnectivity.projects.locations.global.policyBasedRoutes.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6993,7 +7145,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/QueryHubStatusResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7001,45 +7153,20 @@ paths: schema: type: string - in: path - name: hubsId + name: policyBasedRoutesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: groupBy - schema: - type: string - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:rejectSpoke: + /v1/projects/{projectsId}/locations/global/policyBasedRoutes: parameters: *ref_1 post: - description: >- - Rejects a Network Connectivity Center spoke from being attached to a - hub. If the spoke was previously in the `ACTIVE` state, it transitions - to the `INACTIVE` state and is no longer able to connect to other spokes - that are attached to the hub. - operationId: networkconnectivity.projects.locations.global.hubs.rejectSpoke + description: Creates a new policy-based route in a given project and location. + operationId: networkconnectivity.projects.locations.global.policyBasedRoutes.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/RejectHubSpokeRequest' + $ref: '#/components/schemas/PolicyBasedRoute' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7058,23 +7185,17 @@ paths: required: true schema: type: string - - in: path - name: hubsId - required: true + - in: query + name: policyBasedRouteId schema: type: string - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:acceptSpoke: - parameters: *ref_1 - post: - description: >- - Accepts a proposal to attach a Network Connectivity Center spoke to a - hub. - operationId: networkconnectivity.projects.locations.global.hubs.acceptSpoke - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AcceptHubSpokeRequest' + - in: query + name: requestId + schema: + type: string + get: + description: Lists policy-based routes in a given project and location. + operationId: networkconnectivity.projects.locations.global.policyBasedRoutes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7086,30 +7207,36 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/ListPolicyBasedRoutesResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: hubsId - required: true + - in: query + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:acceptSpokeUpdate: + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/multicloudDataTransferConfigs/{multicloudDataTransferConfigsId}: parameters: *ref_1 - post: - description: >- - Accepts a proposal to update a Network Connectivity Center spoke in a - hub. - operationId: networkconnectivity.projects.locations.global.hubs.acceptSpokeUpdate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AcceptSpokeUpdateRequest' + delete: + description: Deletes a `MulticloudDataTransferConfig` resource. + operationId: >- + networkconnectivity.projects.locations.multicloudDataTransferConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7129,22 +7256,26 @@ paths: schema: type: string - in: path - name: hubsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:rejectSpokeUpdate: - parameters: *ref_1 - post: - description: >- - Rejects a proposal to update a Network Connectivity Center spoke in a - hub. - operationId: networkconnectivity.projects.locations.global.hubs.rejectSpokeUpdate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RejectSpokeUpdateRequest' + - in: path + name: multicloudDataTransferConfigsId + required: true + schema: + type: string + - in: query + name: etag + schema: + type: string + - in: query + name: requestId + schema: + type: string + get: + description: Gets the details of a `MulticloudDataTransferConfig` resource. + operationId: networkconnectivity.projects.locations.multicloudDataTransferConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7156,7 +7287,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/MulticloudDataTransferConfig' parameters: - in: path name: projectsId @@ -7164,23 +7295,26 @@ paths: schema: type: string - in: path - name: hubsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:setIamPolicy: - parameters: *ref_1 - post: + - in: path + name: multicloudDataTransferConfigsId + required: true + schema: + type: string + patch: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: networkconnectivity.projects.locations.global.hubs.setIamPolicy + Updates a `MulticloudDataTransferConfig` resource in a specified project + and location. + operationId: >- + networkconnectivity.projects.locations.multicloudDataTransferConfigs.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/MulticloudDataTransferConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7192,7 +7326,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -7200,17 +7334,32 @@ paths: schema: type: string - in: path - name: hubsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:getIamPolicy: + - in: path + name: multicloudDataTransferConfigsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/multicloudDataTransferConfigs: parameters: *ref_1 get: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: networkconnectivity.projects.locations.global.hubs.getIamPolicy + Lists the `MulticloudDataTransferConfig` resources in a specified + project and location. + operationId: >- + networkconnectivity.projects.locations.multicloudDataTransferConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7222,7 +7371,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListMulticloudDataTransferConfigsResponse' parameters: - in: path name: projectsId @@ -7230,30 +7379,42 @@ paths: schema: type: string - in: path - name: hubsId + name: locationsId required: true schema: type: string - in: query - name: options.requestedPolicyVersion + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}:testIamPermissions: - parameters: *ref_1 + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: networkconnectivity.projects.locations.global.hubs.testIamPermissions + Creates a `MulticloudDataTransferConfig` resource in a specified project + and location. + operationId: >- + networkconnectivity.projects.locations.multicloudDataTransferConfigs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/MulticloudDataTransferConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7265,7 +7426,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -7273,15 +7434,24 @@ paths: schema: type: string - in: path - name: hubsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/routeTables/{routeTablesId}: + - in: query + name: requestId + schema: + type: string + - in: query + name: multicloudDataTransferConfigId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/multicloudDataTransferConfigs/{multicloudDataTransferConfigsId}/destinations/{destinationsId}: parameters: *ref_1 - get: - description: Gets details about a Network Connectivity Center route table. - operationId: networkconnectivity.projects.locations.global.hubs.routeTables.get + delete: + description: Deletes a `Destination` resource. + operationId: >- + networkconnectivity.projects.locations.multicloudDataTransferConfigs.destinations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7293,7 +7463,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RouteTable' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -7301,20 +7471,37 @@ paths: schema: type: string - in: path - name: hubsId + name: locationsId required: true schema: type: string - in: path - name: routeTablesId + name: multicloudDataTransferConfigsId required: true schema: type: string - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/routeTables: - parameters: *ref_1 - get: - description: Lists route tables in a given hub. - operationId: networkconnectivity.projects.locations.global.hubs.routeTables.list + - in: path + name: destinationsId + required: true + schema: + type: string + - in: query + name: etag + schema: + type: string + - in: query + name: requestId + schema: + type: string + patch: + description: Updates a `Destination` resource in a specified project and location. + operationId: >- + networkconnectivity.projects.locations.multicloudDataTransferConfigs.destinations.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Destination' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7326,7 +7513,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRouteTablesResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -7334,33 +7521,33 @@ paths: schema: type: string - in: path - name: hubsId + name: locationsId required: true schema: type: string - - in: query - name: pageSize + - in: path + name: multicloudDataTransferConfigsId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: destinationsId + required: true schema: type: string - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/routeTables/{routeTablesId}/routes/{routesId}: - parameters: *ref_1 + format: google-fieldmask get: - description: Gets details about the specified route. + description: Gets the details of a `Destination` resource. operationId: >- - networkconnectivity.projects.locations.global.hubs.routeTables.routes.get + networkconnectivity.projects.locations.multicloudDataTransferConfigs.destinations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7372,7 +7559,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Route' + $ref: '#/components/schemas/Destination' parameters: - in: path name: projectsId @@ -7380,26 +7567,31 @@ paths: schema: type: string - in: path - name: hubsId + name: locationsId required: true schema: type: string - in: path - name: routeTablesId + name: multicloudDataTransferConfigsId required: true schema: type: string - in: path - name: routesId + name: destinationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/routeTables/{routeTablesId}/routes: + /v1/projects/{projectsId}/locations/{locationsId}/multicloudDataTransferConfigs/{multicloudDataTransferConfigsId}/destinations: parameters: *ref_1 - get: - description: Lists routes in a given route table. + post: + description: Creates a `Destination` resource in a specified project and location. operationId: >- - networkconnectivity.projects.locations.global.hubs.routeTables.routes.list + networkconnectivity.projects.locations.multicloudDataTransferConfigs.destinations.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Destination' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7411,7 +7603,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRoutesResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -7419,37 +7611,27 @@ paths: schema: type: string - in: path - name: hubsId + name: locationsId required: true schema: type: string - in: path - name: routeTablesId + name: multicloudDataTransferConfigsId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: destinationId schema: type: string - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/groups/{groupsId}: - parameters: *ref_1 get: - description: Gets details about a Network Connectivity Center group. - operationId: networkconnectivity.projects.locations.global.hubs.groups.get + description: Lists the `Destination` resources in a specified project and location. + operationId: >- + networkconnectivity.projects.locations.multicloudDataTransferConfigs.destinations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7461,7 +7643,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Group' + $ref: '#/components/schemas/ListDestinationsResponse' parameters: - in: path name: projectsId @@ -7469,65 +7651,43 @@ paths: schema: type: string - in: path - name: hubsId + name: locationsId required: true schema: type: string - in: path - name: groupsId + name: multicloudDataTransferConfigsId required: true schema: type: string - patch: - description: Updates the parameters of a Network Connectivity Center group. - operationId: networkconnectivity.projects.locations.global.hubs.groups.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Group' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId - required: true + - in: query + name: orderBy schema: type: string - - in: path - name: hubsId - required: true + - in: query + name: filter schema: type: string - - in: path - name: groupsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - in: query - name: requestId + name: returnPartialSuccess schema: - type: string - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/groups: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/spokes: parameters: *ref_1 get: - description: Lists groups in a given hub. - operationId: networkconnectivity.projects.locations.global.hubs.groups.list + description: >- + Lists the Network Connectivity Center spokes in a specified project and + location. + operationId: networkconnectivity.projects.locations.spokes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7539,7 +7699,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListGroupsResponse' + $ref: '#/components/schemas/ListSpokesResponse' parameters: - in: path name: projectsId @@ -7547,40 +7707,35 @@ paths: schema: type: string - in: path - name: hubsId + name: locationsId required: true schema: type: string - in: query - name: pageSize + name: filter schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: filter + name: orderBy schema: type: string - in: query - name: orderBy + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/groups/{groupsId}:setIamPolicy: - parameters: *ref_1 post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: networkconnectivity.projects.locations.global.hubs.groups.setIamPolicy + description: Creates a Network Connectivity Center spoke. + operationId: networkconnectivity.projects.locations.spokes.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/Spoke' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7592,7 +7747,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -7600,22 +7755,23 @@ paths: schema: type: string - in: path - name: hubsId + name: locationsId required: true schema: type: string - - in: path - name: groupsId - required: true + - in: query + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/groups/{groupsId}:getIamPolicy: + - in: query + name: spokeId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/spokes/{spokesId}: parameters: *ref_1 get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: networkconnectivity.projects.locations.global.hubs.groups.getIamPolicy + description: Gets details about a Network Connectivity Center spoke. + operationId: networkconnectivity.projects.locations.spokes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7627,7 +7783,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Spoke' parameters: - in: path name: projectsId @@ -7635,36 +7791,18 @@ paths: schema: type: string - in: path - name: hubsId + name: locationsId required: true schema: type: string - in: path - name: groupsId + name: spokesId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/global/hubs/{hubsId}/groups/{groupsId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: >- - networkconnectivity.projects.locations.global.hubs.groups.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + delete: + description: Deletes a Network Connectivity Center spoke. + operationId: networkconnectivity.projects.locations.spokes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7676,7 +7814,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -7684,20 +7822,27 @@ paths: schema: type: string - in: path - name: hubsId + name: locationsId required: true schema: type: string - in: path - name: groupsId + name: spokesId required: true schema: type: string - /v1/projects/{projectsId}/locations/global/policyBasedRoutes: - parameters: *ref_1 - get: - description: Lists policy-based routes in a given project and location. - operationId: networkconnectivity.projects.locations.global.policyBasedRoutes.list + - in: query + name: requestId + schema: + type: string + patch: + description: Updates the parameters of a Network Connectivity Center spoke. + operationId: networkconnectivity.projects.locations.spokes.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Spoke' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7709,38 +7854,45 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListPolicyBasedRoutesResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: pageSize + - in: path + name: locationsId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: spokesId + required: true schema: type: string - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: updateMask schema: type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/spokes/{spokesId}:setIamPolicy: + parameters: *ref_1 post: - description: Creates a new policy-based route in a given project and location. - operationId: networkconnectivity.projects.locations.global.policyBasedRoutes.create + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: networkconnectivity.projects.locations.spokes.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/PolicyBasedRoute' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7752,26 +7904,38 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: policyBasedRouteId + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: requestId + - in: path + name: spokesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/global/policyBasedRoutes/{policyBasedRoutesId}: + /v1/projects/{projectsId}/locations/{locationsId}/spokes/{spokesId}:testIamPermissions: parameters: *ref_1 - get: - description: Gets details of a single policy-based route. - operationId: networkconnectivity.projects.locations.global.policyBasedRoutes.get + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: networkconnectivity.projects.locations.spokes.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7783,7 +7947,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PolicyBasedRoute' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -7791,13 +7955,22 @@ paths: schema: type: string - in: path - name: policyBasedRoutesId + name: locationsId required: true schema: type: string - delete: - description: Deletes a single policy-based route. - operationId: networkconnectivity.projects.locations.global.policyBasedRoutes.delete + - in: path + name: spokesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/spokes/{spokesId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: networkconnectivity.projects.locations.spokes.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7809,7 +7982,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7817,28 +7990,28 @@ paths: schema: type: string - in: path - name: policyBasedRoutesId + name: locationsId required: true schema: type: string - - in: query - name: requestId + - in: path + name: spokesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/global/policyBasedRoutes/{policyBasedRoutesId}:setIamPolicy: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionPolicies/{serviceConnectionPoliciesId}:getIamPolicy: parameters: *ref_1 - post: + get: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. operationId: >- - networkconnectivity.projects.locations.global.policyBasedRoutes.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + networkconnectivity.projects.locations.serviceConnectionPolicies.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7858,18 +8031,30 @@ paths: schema: type: string - in: path - name: policyBasedRoutesId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/global/policyBasedRoutes/{policyBasedRoutesId}:getIamPolicy: + - in: path + name: serviceConnectionPoliciesId + required: true + schema: + type: string + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionPolicies/{serviceConnectionPoliciesId}: parameters: *ref_1 - get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: >- - networkconnectivity.projects.locations.global.policyBasedRoutes.getIamPolicy + patch: + description: Updates the parameters of a single ServiceConnectionPolicy. + operationId: networkconnectivity.projects.locations.serviceConnectionPolicies.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceConnectionPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7881,7 +8066,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -7889,31 +8074,27 @@ paths: schema: type: string - in: path - name: policyBasedRoutesId + name: locationsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/global/policyBasedRoutes/{policyBasedRoutesId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: >- - networkconnectivity.projects.locations.global.policyBasedRoutes.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + - in: path + name: serviceConnectionPoliciesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: requestId + schema: + type: string + get: + description: Gets details of a single ServiceConnectionPolicy. + operationId: networkconnectivity.projects.locations.serviceConnectionPolicies.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7925,7 +8106,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ServiceConnectionPolicy' parameters: - in: path name: projectsId @@ -7933,17 +8114,18 @@ paths: schema: type: string - in: path - name: policyBasedRoutesId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/spokes: - parameters: *ref_1 - get: - description: >- - Lists the Network Connectivity Center spokes in a specified project and - location. - operationId: networkconnectivity.projects.locations.spokes.list + - in: path + name: serviceConnectionPoliciesId + required: true + schema: + type: string + delete: + description: Deletes a single ServiceConnectionPolicy. + operationId: networkconnectivity.projects.locations.serviceConnectionPolicies.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7955,7 +8137,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSpokesResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -7967,31 +8149,29 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: serviceConnectionPoliciesId + required: true schema: type: string - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: etag schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionPolicies: + parameters: *ref_1 post: - description: Creates a Network Connectivity Center spoke. - operationId: networkconnectivity.projects.locations.spokes.create + description: Creates a new ServiceConnectionPolicy in a given project and location. + operationId: networkconnectivity.projects.locations.serviceConnectionPolicies.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Spoke' + $ref: '#/components/schemas/ServiceConnectionPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8016,54 +8196,33 @@ paths: schema: type: string - in: query - name: spokeId + name: requestId schema: type: string - in: query - name: requestId + name: subnetworkMode schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/spokes/{spokesId}: - parameters: *ref_1 - get: - description: Gets details about a Network Connectivity Center spoke. - operationId: networkconnectivity.projects.locations.spokes.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Spoke' - parameters: - - in: path - name: projectsId - required: true + - in: query + name: autoSubnetworkConfig.prefixLength + schema: + type: integer + format: int32 + - in: query + name: autoSubnetworkConfig.ipStack schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: autoSubnetworkConfig.allocRangeSpace schema: type: string - - in: path - name: spokesId - required: true + - in: query + name: serviceConnectionPolicyId schema: type: string - patch: - description: Updates the parameters of a Network Connectivity Center spoke. - operationId: networkconnectivity.projects.locations.spokes.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Spoke' + get: + description: Lists ServiceConnectionPolicies in a given project and location. + operationId: networkconnectivity.projects.locations.serviceConnectionPolicies.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8075,7 +8234,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/ListServiceConnectionPoliciesResponse' parameters: - in: path name: projectsId @@ -8087,23 +8246,39 @@ paths: required: true schema: type: string - - in: path - name: spokesId - required: true + - in: query + name: orderBy schema: type: string - in: query - name: updateMask + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - format: google-fieldmask - in: query - name: requestId + name: pageToken schema: type: string - delete: - description: Deletes a Network Connectivity Center spoke. - operationId: networkconnectivity.projects.locations.spokes.delete + /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionPolicies/{serviceConnectionPoliciesId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: >- + networkconnectivity.projects.locations.serviceConnectionPolicies.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8115,7 +8290,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -8128,22 +8303,19 @@ paths: schema: type: string - in: path - name: spokesId + name: serviceConnectionPoliciesId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/spokes/{spokesId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionPolicies/{serviceConnectionPoliciesId}:setIamPolicy: parameters: *ref_1 post: description: >- Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. - operationId: networkconnectivity.projects.locations.spokes.setIamPolicy + operationId: >- + networkconnectivity.projects.locations.serviceConnectionPolicies.setIamPolicy requestBody: content: application/json: @@ -8173,17 +8345,15 @@ paths: schema: type: string - in: path - name: spokesId + name: serviceConnectionPoliciesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/spokes/{spokesId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/internalRanges: parameters: *ref_1 get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: networkconnectivity.projects.locations.spokes.getIamPolicy + description: Lists internal ranges in a given project and location. + operationId: networkconnectivity.projects.locations.internalRanges.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8195,7 +8365,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListInternalRangesResponse' parameters: - in: path name: projectsId @@ -8207,31 +8377,31 @@ paths: required: true schema: type: string - - in: path - name: spokesId - required: true - schema: - type: string - in: query - name: options.requestedPolicyVersion + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/spokes/{spokesId}:testIamPermissions: - parameters: *ref_1 + - in: query + name: pageToken + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: networkconnectivity.projects.locations.spokes.testIamPermissions + description: Creates a new internal range in a given project and location. + operationId: networkconnectivity.projects.locations.internalRanges.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/InternalRange' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8243,7 +8413,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -8255,16 +8425,21 @@ paths: required: true schema: type: string - - in: path - name: spokesId - required: true + - in: query + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/internalRanges: + - in: query + name: internalRangeId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/internalRanges/{internalRangesId}:getIamPolicy: parameters: *ref_1 get: - description: Lists internal ranges in a given project and location. - operationId: networkconnectivity.projects.locations.internalRanges.list + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: networkconnectivity.projects.locations.internalRanges.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8276,7 +8451,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInternalRangesResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -8288,26 +8463,56 @@ paths: required: true schema: type: string + - in: path + name: internalRangesId + required: true + schema: + type: string - in: query - name: pageSize + name: options.requestedPolicyVersion schema: type: integer format: int32 - - in: query - name: pageToken + /v1/projects/{projectsId}/locations/{locationsId}/internalRanges/{internalRangesId}: + parameters: *ref_1 + delete: + description: Deletes a single internal range. + operationId: networkconnectivity.projects.locations.internalRanges.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: filter + - in: path + name: internalRangesId + required: true schema: type: string - in: query - name: orderBy + name: requestId schema: type: string - post: - description: Creates a new internal range in a given project and location. - operationId: networkconnectivity.projects.locations.internalRanges.create + patch: + description: Updates the parameters of a single internal range. + operationId: networkconnectivity.projects.locations.internalRanges.patch requestBody: content: application/json: @@ -8336,16 +8541,20 @@ paths: required: true schema: type: string + - in: path + name: internalRangesId + required: true + schema: + type: string - in: query - name: internalRangeId + name: updateMask schema: type: string + format: google-fieldmask - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/internalRanges/{internalRangesId}: - parameters: *ref_1 get: description: Gets details of a single internal range. operationId: networkconnectivity.projects.locations.internalRanges.get @@ -8377,14 +8586,19 @@ paths: required: true schema: type: string - patch: - description: Updates the parameters of a single internal range. - operationId: networkconnectivity.projects.locations.internalRanges.patch + /v1/projects/{projectsId}/locations/{locationsId}/internalRanges/{internalRangesId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: networkconnectivity.projects.locations.internalRanges.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/InternalRange' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8396,7 +8610,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -8413,18 +8627,21 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId - schema: - type: string - delete: - description: Deletes a single internal range. - operationId: networkconnectivity.projects.locations.internalRanges.delete + /v1/projects/{projectsId}/locations/{locationsId}/internalRanges/{internalRangesId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: networkconnectivity.projects.locations.internalRanges.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8436,7 +8653,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -8453,18 +8670,15 @@ paths: required: true schema: type: string - - in: query - name: requestId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/internalRanges/{internalRangesId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionMaps/{serviceConnectionMapsId}:setIamPolicy: parameters: *ref_1 post: description: >- Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. - operationId: networkconnectivity.projects.locations.internalRanges.setIamPolicy + operationId: >- + networkconnectivity.projects.locations.serviceConnectionMaps.setIamPolicy requestBody: content: application/json: @@ -8494,17 +8708,20 @@ paths: schema: type: string - in: path - name: internalRangesId + name: serviceConnectionMapsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/internalRanges/{internalRangesId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionMaps: parameters: *ref_1 - get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: networkconnectivity.projects.locations.internalRanges.getIamPolicy + post: + description: Creates a new ServiceConnectionMap in a given project and location. + operationId: networkconnectivity.projects.locations.serviceConnectionMaps.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceConnectionMap' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8516,7 +8733,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -8528,31 +8745,17 @@ paths: required: true schema: type: string - - in: path - name: internalRangesId - required: true + - in: query + name: serviceConnectionMapId schema: type: string - in: query - name: options.requestedPolicyVersion + name: requestId schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/internalRanges/{internalRangesId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: networkconnectivity.projects.locations.internalRanges.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + type: string + get: + description: Lists ServiceConnectionMaps in a given project and location. + operationId: networkconnectivity.projects.locations.serviceConnectionMaps.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8564,7 +8767,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ListServiceConnectionMapsResponse' parameters: - in: path name: projectsId @@ -8576,16 +8779,28 @@ paths: required: true schema: type: string - - in: path - name: internalRangesId - required: true + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/regionalEndpoints: + - in: query + name: pageToken + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionMaps/{serviceConnectionMapsId}: parameters: *ref_1 - get: - description: Lists RegionalEndpoints in a given project and location. - operationId: networkconnectivity.projects.locations.regionalEndpoints.list + delete: + description: Deletes a single ServiceConnectionMap. + operationId: networkconnectivity.projects.locations.serviceConnectionMaps.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8597,7 +8812,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRegionalEndpointsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -8609,31 +8824,58 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: serviceConnectionMapsId + required: true schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: requestId schema: type: string - in: query - name: filter + name: etag schema: type: string - - in: query - name: orderBy + get: + description: Gets details of a single ServiceConnectionMap. + operationId: networkconnectivity.projects.locations.serviceConnectionMaps.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceConnectionMap' + parameters: + - in: path + name: projectsId + required: true schema: type: string - post: - description: Creates a new RegionalEndpoint in a given project and location. - operationId: networkconnectivity.projects.locations.regionalEndpoints.create + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: serviceConnectionMapsId + required: true + schema: + type: string + patch: + description: Updates the parameters of a single ServiceConnectionMap. + operationId: networkconnectivity.projects.locations.serviceConnectionMaps.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/RegionalEndpoint' + $ref: '#/components/schemas/ServiceConnectionMap' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8657,19 +8899,36 @@ paths: required: true schema: type: string + - in: path + name: serviceConnectionMapsId + required: true + schema: + type: string - in: query - name: regionalEndpointId + name: updateMask schema: type: string + format: google-fieldmask - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/regionalEndpoints/{regionalEndpointsId}: + /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionMaps/{serviceConnectionMapsId}:testIamPermissions: parameters: *ref_1 - get: - description: Gets details of a single RegionalEndpoint. - operationId: networkconnectivity.projects.locations.regionalEndpoints.get + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: >- + networkconnectivity.projects.locations.serviceConnectionMaps.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8681,7 +8940,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RegionalEndpoint' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -8694,13 +8953,18 @@ paths: schema: type: string - in: path - name: regionalEndpointsId + name: serviceConnectionMapsId required: true schema: type: string - delete: - description: Deletes a single RegionalEndpoint. - operationId: networkconnectivity.projects.locations.regionalEndpoints.delete + /v1/projects/{projectsId}/locations/{locationsId}/serviceConnectionMaps/{serviceConnectionMapsId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: >- + networkconnectivity.projects.locations.serviceConnectionMaps.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8712,7 +8976,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -8725,11 +8989,12 @@ paths: schema: type: string - in: path - name: regionalEndpointsId + name: serviceConnectionMapsId required: true schema: type: string - in: query - name: requestId + name: options.requestedPolicyVersion schema: - type: string + type: integer + format: int32 diff --git a/providers/src/googleapis.com/v00.00.00000/services/networkmanagement.yaml b/providers/src/googleapis.com/v00.00.00000/services/networkmanagement.yaml index 6a5033d1..83782735 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/networkmanagement.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/networkmanagement.yaml @@ -9,8 +9,8 @@ info: The Network Management API provides a collection of network performance monitoring and diagnostic capabilities. version: v1 - x-discovery-doc-revision: '20250813' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251105' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/ servers: @@ -36,2125 +36,1775 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object - properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + ListVpcFlowLogsConfigsResponse: type: object properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + description: Page token to fetch the next set of configurations. + vpcFlowLogsConfigs: type: array + description: List of VPC Flow Log configurations. items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - ListNetworkMonitoringProvidersResponse: - id: ListNetworkMonitoringProvidersResponse - description: Message for response to listing NetworkMonitoringProviders - type: object - properties: - networkMonitoringProviders: - description: The list of NetworkMonitoringProvider + $ref: '#/components/schemas/VpcFlowLogsConfig' + unreachable: type: array items: - $ref: '#/components/schemas/NetworkMonitoringProvider' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - NetworkMonitoringProvider: - id: NetworkMonitoringProvider - description: Message describing NetworkMonitoringProvider resource. + type: string + description: >- + Locations that could not be reached (when querying all locations + with `-`). + description: Response for the `ListVpcFlowLogsConfigs` method. + id: ListVpcFlowLogsConfigsResponse + VpnGatewayInfo: + id: VpnGatewayInfo + description: For display only. Metadata associated with a Compute Engine VPN gateway. type: object properties: - name: - description: >- - Output only. Identifier. Name of the resource. Format: - `projects/{project}/locations/{location}/networkMonitoringProviders/{network_monitoring_provider}` - readOnly: true + ipAddress: + description: IP address of the VPN gateway. type: string - createTime: - description: Output only. The time the NetworkMonitoringProvider was created. - readOnly: true + region: + description: Name of a Google Cloud region where this VPN gateway is configured. type: string - format: google-datetime - updateTime: - description: Output only. The time the NetworkMonitoringProvider was updated. - readOnly: true + vpnTunnelUri: type: string - format: google-datetime - providerType: - description: Required. Type of the NetworkMonitoringProvider. + description: >- + A VPN tunnel that is associated with this VPN gateway. There may be + multiple VPN tunnels configured on a VPN gateway, and only the one + relevant to the test is displayed. + uri: type: string - enumDescriptions: - - The default value. This value is used if the type is omitted. - - External provider. - enum: - - PROVIDER_TYPE_UNSPECIFIED - - EXTERNAL - providerUri: - description: Output only. Link to the provider's UI. - readOnly: true + description: URI of a VPN gateway. + displayName: + description: Name of a VPN gateway. type: string - state: - description: Output only. State of the NetworkMonitoringProvider. - readOnly: true + networkUri: + description: URI of a Compute Engine network where the VPN gateway is configured. type: string - enumDescriptions: - - The default value. This value is used if the status is omitted. - - NetworkMonitoringProvider is being activated. - - NetworkMonitoringProvider is active. - - NetworkMonitoringProvider is being suspended. - - NetworkMonitoringProvider is suspended. - - NetworkMonitoringProvider is being deleted. - - NetworkMonitoringProvider is deleted. - enum: - - STATE_UNSPECIFIED - - ACTIVATING - - ACTIVE - - SUSPENDING - - SUSPENDED - - DELETING - - DELETED - errors: - description: >- - Output only. The list of error messages detected for the - NetworkMonitoringProvider. - readOnly: true - type: array - items: - type: string - ListMonitoringPointsResponse: - id: ListMonitoringPointsResponse - description: Message for response to listing MonitoringPoints - type: object + QueryOrgVpcFlowLogsConfigsResponse: properties: - monitoringPoints: - description: The list of MonitoringPoints. + unreachable: + description: >- + Locations that could not be reached (when querying all locations + with `-`). type: array items: - $ref: '#/components/schemas/MonitoringPoint' + type: string nextPageToken: - description: A token identifying a page of results the server should return. type: string - MonitoringPoint: - id: MonitoringPoint - description: Message describing MonitoringPoint resource. + description: Page token to fetch the next set of configurations. + vpcFlowLogsConfigs: + description: List of VPC Flow Log configurations. + type: array + items: + $ref: '#/components/schemas/VpcFlowLogsConfig' + id: QueryOrgVpcFlowLogsConfigsResponse + description: Response for the `QueryVpcFlowLogsConfigs` method. type: object + DeliverInfo: properties: - name: - description: >- - Identifier. Name of the resource. Format: - `projects/{project}/locations/{location}/networkMonitoringProviders/{network_monitoring_provider}/monitoringPoints/{monitoring_point}` - type: string - createTime: - description: Output only. The time the MonitoringPoint was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time the MonitoringPoint was updated. - readOnly: true - type: string - format: google-datetime - displayName: - description: Output only. Display name of the MonitoringPoint. - readOnly: true - type: string - originatingIp: - description: >- - Output only. IP address visible when MonitoringPoint connects to the - provider. - readOnly: true - type: string - version: - description: Output only. Version of the software running on the MonitoringPoint. - readOnly: true - type: string - type: - description: Output only. Deployment type of the MonitoringPoint. - readOnly: true + pscGoogleApiTarget: + description: PSC Google API target the packet is delivered to (if applicable). type: string - connectionStatus: - description: Output only. Connection status of the MonitoringPoint. - readOnly: true - type: string - enumDescriptions: - - The default value. This value is used if the status is omitted. - - MonitoringPoint is online. - - MonitoringPoint is offline. - enum: - - CONNECTION_STATUS_UNSPECIFIED - - ONLINE - - OFFLINE - hostname: - description: Output only. The hostname of the MonitoringPoint. - readOnly: true - type: string - geoLocation: - description: Output only. The geographical location of the MonitoringPoint. ; - readOnly: true - $ref: '#/components/schemas/GeoLocation' - upgradeType: - description: Output only. The type of upgrade available for the MonitoringPoint. - readOnly: true + ipAddress: + description: IP address of the target (if applicable). type: string + target: enumDescriptions: + - Target not specified. + - Target is a Compute Engine instance. + - Target is the internet. + - Target is a Google API. + - Target is a Google Kubernetes Engine cluster master. + - Target is a Cloud SQL instance. + - >- + Target is a published service that uses [Private Service + Connect](https://cloud.google.com/vpc/docs/configure-private-service-connect-services). + - >- + Target is Google APIs that use [Private Service + Connect](https://cloud.google.com/vpc/docs/configure-private-service-connect-apis). + - >- + Target is a VPC-SC that uses [Private Service + Connect](https://cloud.google.com/vpc/docs/configure-private-service-connect-apis). + - Target is a serverless network endpoint group. + - Target is a Cloud Storage bucket. + - Target is a private network. Used only for return traces. + - Target is a Cloud Function. Used only for return traces. - >- - The default value. This value is used if the upgrade type is - omitted. - - Upgrades are performed manually. - - Upgrades are managed. - - Upgrade is scheduled. - - Upgrades are performed automatically. - - Upgrades are performed externally. + Target is a App Engine service version. Used only for return + traces. + - Target is a Cloud Run revision. Used only for return traces. + - Target is a Google-managed service. Used only for return traces. + - Target is a Redis Instance. + - Target is a Redis Cluster. enum: - - UPGRADE_TYPE_UNSPECIFIED - - MANUAL - - MANAGED - - SCHEDULED - - AUTO - - EXTERNAL - networkInterfaces: - description: Output only. The network interfaces of the MonitoringPoint. - readOnly: true - type: array - items: - $ref: '#/components/schemas/NetworkInterface' - errors: - description: Output only. The codes of errors detected in the MonitoringPoint. - readOnly: true - type: array - items: - type: string - enumDescriptions: - - >- - The default value. This value is used if the error code is - omitted. - - Error detected in NTP service. - - Error detected during the upgrade process. - - Error detected while downloading. - enum: - - ERROR_CODE_UNSPECIFIED - - NTP_ERROR - - UPGRADE_ERROR - - DOWNLOAD_FAILED - autoGeoLocationEnabled: - description: >- - Output only. Indicates if automaitic geographic location is enabled - for the MonitoringPoint. - readOnly: true - type: boolean - providerTags: - description: Output only. The provider tags of the MonitoringPoint. - readOnly: true - type: array - items: - $ref: '#/components/schemas/ProviderTag' - host: - description: Output only. The host information of the MonitoringPoint. - readOnly: true - $ref: '#/components/schemas/Host' - upgradeAvailable: - description: >- - Output only. Indicates if an upgrade is available for the - MonitoringPoint. - readOnly: true - type: boolean - GeoLocation: - id: GeoLocation - description: The geographical location of the MonitoringPoint. - type: object - properties: - formattedAddress: - description: Formatted address. - type: string - country: - description: Country. - type: string - NetworkInterface: - id: NetworkInterface - description: Message describing network interfaces. - type: object - properties: - interfaceName: - description: 'Output only. The name of the network interface. Examples: eth0, eno1' - readOnly: true - type: string - speed: - description: Output only. Speed of the interface in millions of bits per second. - readOnly: true + - TARGET_UNSPECIFIED + - INSTANCE + - INTERNET + - GOOGLE_API + - GKE_MASTER + - CLOUD_SQL_INSTANCE + - PSC_PUBLISHED_SERVICE + - PSC_GOOGLE_API + - PSC_VPC_SC + - SERVERLESS_NEG + - STORAGE_BUCKET + - PRIVATE_NETWORK + - CLOUD_FUNCTION + - APP_ENGINE_VERSION + - CLOUD_RUN_REVISION + - GOOGLE_MANAGED_SERVICE + - REDIS_INSTANCE + - REDIS_CLUSTER type: string - format: int64 - ipAddress: - description: Output only. The IP address of the interface. - readOnly: true + description: Target type where the packet is delivered to. + storageBucket: type: string - cidr: description: >- - Output only. The IP address of the interface and subnet mask in CIDR - format. Examples: 192.168.1.0/24, 2001:db8::/32 - readOnly: true - type: string - macAddress: - description: Output only. The MAC address of the interface. - readOnly: true - type: string - adapterDescription: - description: Output only. The description of the interface. - readOnly: true - type: string - vlanId: - description: Output only. The id of the VLAN. - readOnly: true - type: string - format: int64 - ProviderTag: - id: ProviderTag - description: Message describing the provider tag. - type: object - properties: - category: - description: Output only. The category of the provider tag. - readOnly: true - type: string - value: - description: Output only. The value of the provider tag. - readOnly: true - type: string - resourceType: - description: Output only. The resource type of the provider tag. - readOnly: true + Name of the Cloud Storage Bucket the packet is delivered to (if + applicable). + resourceUri: type: string + description: URI of the resource that the packet is delivered to. + googleServiceType: enumDescriptions: - - The default value. This value is used if the status is omitted. - - Network path. - - Web path. - - Monitoring policy. - - Monitoring point. - enum: - - RESOURCE_TYPE_UNSPECIFIED - - NETWORK_PATH - - WEB_PATH - - MONITORING_POLICY - - MONITORING_POINT - Host: - id: Host - description: Message describing information about the host. - type: object - properties: - os: - description: Output only. The operating system of the host. - readOnly: true - type: string - cloudProvider: - description: Output only. The cloud provider of the host. - readOnly: true - type: string - cloudProjectId: - description: Output only. The cloud project id of the host. - readOnly: true - type: string - cloudInstanceId: - description: Output only. The cloud instance id of the host. - readOnly: true - type: string - cloudRegion: - description: Output only. The cloud region of the host. - readOnly: true - type: string - cloudZone: - description: Output only. The cloud zone of the host. - readOnly: true - type: string - cloudVpcId: - description: Output only. The id of Virtual Private Cloud (VPC) of the host. - readOnly: true + - Unspecified Google Service. + - >- + Identity aware proxy. + https://cloud.google.com/iap/docs/using-tcp-forwarding + - >- + One of two services sharing IP ranges: * Load Balancer proxy * + Centralized Health Check prober + https://cloud.google.com/load-balancing/docs/firewall-rules + - >- + Connectivity from Cloud DNS to forwarding targets or alternate + name servers that use private routing. + https://cloud.google.com/dns/docs/zones/forwarding-zones#firewall-rules + https://cloud.google.com/dns/docs/policies#firewall-rules + - private.googleapis.com and restricted.googleapis.com + - >- + Google API via Private Service Connect. + https://cloud.google.com/vpc/docs/configure-private-service-connect-apis + Google API via Serverless VPC Access. + https://cloud.google.com/vpc/docs/serverless-vpc-access + description: >- + Recognized type of a Google Service the packet is delivered to (if + applicable). type: string - cloudVirtualNetworkIds: - description: Output only. The ids of cloud virtual networks of the host. - readOnly: true - type: array - items: - type: string - ListNetworkPathsResponse: - id: ListNetworkPathsResponse - description: Message for response to listing NetworkPaths + enum: + - GOOGLE_SERVICE_TYPE_UNSPECIFIED + - IAP + - GFE_PROXY_OR_HEALTH_CHECK_PROBER + - CLOUD_DNS + - PRIVATE_GOOGLE_ACCESS + - SERVERLESS_VPC_ACCESS type: object - properties: - networkPaths: - description: The list of NetworkPath - type: array - items: - $ref: '#/components/schemas/NetworkPath' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - NetworkPath: - id: NetworkPath - description: Message describing NetworkPath resource. + id: DeliverInfo + description: Details of the final state "deliver" and associated resource. + Expr: type: object + id: Expr + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. properties: - name: + description: description: >- - Identifier. Name of the resource. Format: - `projects/{project}/locations/{location}/networkMonitoringProviders/{network_monitoring_provider}/networkPaths/{network_path}` - type: string - createTime: - description: Output only. The time the NetworkPath was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time the NetworkPath was updated. - readOnly: true + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. type: string - format: google-datetime - sourceMonitoringPointId: + title: description: >- - Output only. Provider's UUID of the source MonitoringPoint. This id - may not point to a resource in the GCP. - readOnly: true + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. type: string - destination: - description: Output only. IP address or hostname of the network path destination. - readOnly: true + location: type: string - dualEnded: description: >- - Output only. Indicates if the network path is dual ended. When true, - the network path is measured both: from both source to destination, - and from destination to source. When false, the network path is - measured from the source through the destination back to the source - (round trip measurement). - readOnly: true - type: boolean - displayName: - description: Output only. The display name of the network path. - readOnly: true - type: string - destinationGeoLocation: + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + expression: description: >- - Output only. Geographical location of the destination - MonitoringPoint. ; - readOnly: true - $ref: '#/components/schemas/GeoLocation' - networkProtocol: - description: Output only. The network protocol of the network path. - readOnly: true - type: string - enumDescriptions: - - >- - The default value. This value is used if the network protocol is - omitted. - - ICMP. - - UDP. - - TCP. - enum: - - NETWORK_PROTOCOL_UNSPECIFIED - - ICMP - - UDP - - TCP - monitoringEnabled: - description: Output only. Is monitoring enabled for the network path. - readOnly: true - type: boolean - monitoringStatus: - description: Output only. The monitoring status of the network path. - readOnly: true - type: string - enumDescriptions: - - The default value. This value is used if the status is omitted. - - Monitoring is enabled. - - Policy is mismatched. - - Monitoring point is offline. - - Monitoring is disabled. - enum: - - MONITORING_STATUS_UNSPECIFIED - - MONITORING - - POLICY_MISMATCH - - MONITORING_POINT_OFFLINE - - DISABLED - providerTags: - description: Output only. The provider tags of the network path. - readOnly: true - type: array - items: - $ref: '#/components/schemas/ProviderTag' - monitoringPolicyId: - description: Output only. ID of monitoring policy. - readOnly: true - type: string - monitoringPolicyDisplayName: - description: Output only. Display name of the monitoring policy. - readOnly: true - type: string - providerUiUri: - description: Output only. Link to provider's UI; link shows the NetworkPath. - readOnly: true - type: string - ListWebPathsResponse: - id: ListWebPathsResponse - description: Message for response to listing WebPaths - type: object - properties: - webPaths: - description: The list of WebPath. - type: array - items: - $ref: '#/components/schemas/WebPath' - nextPageToken: - description: A token identifying a page of results the server should return. + Textual representation of an expression in Common Expression + Language syntax. type: string - WebPath: - id: WebPath - description: Message describing WebPath resource. + AbortInfo: type: object + description: Details of the final state "abort" and associated resource. properties: - name: - description: >- - Identifier. Name of the resource. Format: - `projects/{project}/locations/{location}/networkMonitoringProviders/{network_monitoring_provider}/webPaths/{web_path}` - type: string - createTime: - description: Output only. The time the WebPath was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time the WebPath was updated. - readOnly: true - type: string - format: google-datetime - sourceMonitoringPointId: - description: Output only. ID of the source MonitoringPoint. - readOnly: true - type: string - displayName: - description: Output only. Display name of the WebPath. - readOnly: true - type: string - destination: - description: Output only. Web monitoring target. - readOnly: true - type: string - monitoringEnabled: - description: Output only. Is monitoring enabled for the WebPath. - readOnly: true - type: boolean - monitoringStatus: - description: Output only. The monitoring status of the WebPath. - readOnly: true + ipAddress: + description: IP address that caused the abort. type: string - enumDescriptions: - - The default value. This value is used if the status is omitted. - - Monitoring is enabled. - - Policy is mismatched. - - Monitoring point is offline. - - Monitoring is disabled. - enum: - - MONITORING_STATUS_UNSPECIFIED - - MONITORING - - POLICY_MISMATCH - - MONITORING_POINT_OFFLINE - - DISABLED - interval: - description: Output only. Monitoring interval. - readOnly: true - type: string - format: google-duration - workflowType: - description: Output only. The workflow type of the WebPath. - readOnly: true + cause: + enumDeprecated: + - false + - true + - true + - true + - true + - true + - true + - true + - true + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false type: string - enumDescriptions: - - The default value. This value is used if the status is omitted. - - Browser. - - HTTP. enum: - - WORKFLOW_TYPE_UNSPECIFIED - - BROWSER - - HTTP - relatedNetworkPathId: - description: Output only. Provider's UUID of the related NetworkPath. - readOnly: true - type: string - providerTags: - description: Output only. The provider tags of the web path. - readOnly: true + - CAUSE_UNSPECIFIED + - UNKNOWN_NETWORK + - UNKNOWN_PROJECT + - NO_EXTERNAL_IP + - UNINTENDED_DESTINATION + - SOURCE_ENDPOINT_NOT_FOUND + - MISMATCHED_SOURCE_NETWORK + - DESTINATION_ENDPOINT_NOT_FOUND + - MISMATCHED_DESTINATION_NETWORK + - UNKNOWN_IP + - GOOGLE_MANAGED_SERVICE_UNKNOWN_IP + - SOURCE_IP_ADDRESS_NOT_IN_SOURCE_NETWORK + - PERMISSION_DENIED + - PERMISSION_DENIED_NO_CLOUD_NAT_CONFIGS + - PERMISSION_DENIED_NO_NEG_ENDPOINT_CONFIGS + - PERMISSION_DENIED_NO_CLOUD_ROUTER_CONFIGS + - NO_SOURCE_LOCATION + - INVALID_ARGUMENT + - TRACE_TOO_LONG + - INTERNAL_ERROR + - UNSUPPORTED + - MISMATCHED_IP_VERSION + - GKE_KONNECTIVITY_PROXY_UNSUPPORTED + - RESOURCE_CONFIG_NOT_FOUND + - VM_INSTANCE_CONFIG_NOT_FOUND + - NETWORK_CONFIG_NOT_FOUND + - FIREWALL_CONFIG_NOT_FOUND + - ROUTE_CONFIG_NOT_FOUND + - GOOGLE_MANAGED_SERVICE_AMBIGUOUS_PSC_ENDPOINT + - GOOGLE_MANAGED_SERVICE_AMBIGUOUS_ENDPOINT + - SOURCE_PSC_CLOUD_SQL_UNSUPPORTED + - SOURCE_REDIS_CLUSTER_UNSUPPORTED + - SOURCE_REDIS_INSTANCE_UNSUPPORTED + - SOURCE_FORWARDING_RULE_UNSUPPORTED + - NON_ROUTABLE_IP_ADDRESS + - UNKNOWN_ISSUE_IN_GOOGLE_MANAGED_PROJECT + - UNSUPPORTED_GOOGLE_MANAGED_PROJECT_CONFIG + - NO_SERVERLESS_IP_RANGES + - IP_VERSION_PROTOCOL_MISMATCH + enumDescriptions: + - Cause is unspecified. + - >- + Aborted due to unknown network. Deprecated, not used in the new + tests. + - >- + Aborted because no project information can be derived from the + test input. Deprecated, not used in the new tests. + - >- + Aborted because traffic is sent from a public IP to an instance + without an external IP. Deprecated, not used in the new tests. + - >- + Aborted because none of the traces matches destination information + specified in the input test request. Deprecated, not used in the + new tests. + - >- + Aborted because the source endpoint could not be found. + Deprecated, not used in the new tests. + - >- + Aborted because the source network does not match the source + endpoint. Deprecated, not used in the new tests. + - >- + Aborted because the destination endpoint could not be found. + Deprecated, not used in the new tests. + - >- + Aborted because the destination network does not match the + destination endpoint. Deprecated, not used in the new tests. + - >- + Aborted because no endpoint with the packet's destination IP + address is found. + - >- + Aborted because no endpoint with the packet's destination IP is + found in the Google-managed project. + - >- + Aborted because the source IP address doesn't belong to any of the + subnets of the source VPC network. + - >- + Aborted because user lacks permission to access all or part of the + network configurations required to run the test. + - >- + Aborted because user lacks permission to access Cloud NAT configs + required to run the test. + - >- + Aborted because user lacks permission to access Network endpoint + group endpoint configs required to run the test. + - >- + Aborted because user lacks permission to access Cloud Router + configs required to run the test. + - >- + Aborted because no valid source or destination endpoint is derived + from the input test request. + - >- + Aborted because the source or destination endpoint specified in + the request is invalid. Some examples: - The request might contain + malformed resource URI, project ID, or IP address. - The request + might contain inconsistent information (for example, the request + might include both the instance and the network, but the instance + might not have a NIC in that network). + - >- + Aborted because the number of steps in the trace exceeds a certain + limit. It might be caused by a routing loop. + - Aborted due to internal server error. + - Aborted because the test scenario is not supported. + - >- + Aborted because the source and destination resources have no + common IP version. + - >- + Aborted because the connection between the control plane and the + node of the source cluster is initiated by the node and managed by + the Konnectivity proxy. + - Aborted because expected resource configuration was missing. + - Aborted because expected VM instance configuration was missing. + - Aborted because expected network configuration was missing. + - Aborted because expected firewall configuration was missing. + - Aborted because expected route configuration was missing. + - >- + Aborted because PSC endpoint selection for the Google-managed + service is ambiguous (several PSC endpoints satisfy test input). + - >- + Aborted because endpoint selection for the Google-managed service + is ambiguous (several endpoints satisfy test input). + - >- + Aborted because tests with a PSC-based Cloud SQL instance as a + source are not supported. + - >- + Aborted because tests with a Redis Cluster as a source are not + supported. + - >- + Aborted because tests with a Redis Instance as a source are not + supported. + - >- + Aborted because tests with a forwarding rule as a source are not + supported. + - >- + Aborted because one of the endpoints is a non-routable IP address + (loopback, link-local, etc). + - Aborted due to an unknown issue in the Google-managed project. + - >- + Aborted due to an unsupported configuration of the Google-managed + project. + - >- + Aborted because the source endpoint is a Cloud Run revision with + direct VPC access enabled, but there are no reserved serverless IP + ranges. + - >- + Aborted because the used protocol is not supported for the used IP + version. + description: Causes that the analysis is aborted. + projectsMissingPermission: type: array items: - $ref: '#/components/schemas/ProviderTag' - monitoringPolicyId: - description: Output only. ID of the monitoring policy. - readOnly: true - type: string - monitoringPolicyDisplayName: - description: Output only. Display name of the monitoring policy. - readOnly: true - type: string - providerUiUri: - description: Output only. Link to provider's UI; link shows the WebPath. - readOnly: true + type: string + description: >- + List of project IDs the user specified in the request but lacks + access to. In this case, analysis is aborted with the + PERMISSION_DENIED cause. + resourceUri: type: string - ListConnectivityTestsResponse: - id: ListConnectivityTestsResponse - description: Response for the `ListConnectivityTests` method. + description: URI of the resource that caused the abort. + id: AbortInfo + LoadBalancerBackend: + id: LoadBalancerBackend type: object + description: >- + For display only. Metadata associated with a specific load balancer + backend. properties: - resources: - description: List of Connectivity Tests. - type: array - items: - $ref: '#/components/schemas/ConnectivityTest' - nextPageToken: - description: Page token to fetch the next set of Connectivity Tests. - type: string - unreachable: + healthCheckAllowingFirewallRules: description: >- - Locations that could not be reached (when querying all locations - with `-`). + A list of firewall rule URIs allowing probes from health check IP + ranges. type: array items: type: string - ConnectivityTest: - id: ConnectivityTest - description: A Connectivity Test for a network reachability analysis. - type: object - properties: - name: - description: >- - Identifier. Unique name of the resource using the form: - `projects/{project_id}/locations/global/connectivityTests/{test_id}` + uri: + description: URI of a Compute Engine instance or network endpoint. type: string - description: - description: >- - The user-supplied description of the Connectivity Test. Maximum of - 512 characters. + displayName: type: string - source: + description: Name of a Compute Engine instance or network endpoint. + healthCheckBlockingFirewallRules: + items: + type: string description: >- - Required. Source specification of the Connectivity Test. You can use - a combination of source IP address, URI of a supported endpoint, - project ID, or VPC network to identify the source location. - Reachability analysis might proceed even if the source location is - ambiguous. However, the test result might include endpoints or use a - source that you don't intend to test. - $ref: '#/components/schemas/Endpoint' - destination: - description: >- - Required. Destination specification of the Connectivity Test. You - can use a combination of destination IP address, URI of a supported - endpoint, project ID, or VPC network to identify the destination - location. Reachability analysis proceeds even if the destination - location is ambiguous. However, the test result might include - endpoints or use a destination that you don't intend to test. - $ref: '#/components/schemas/Endpoint' - protocol: - description: IP Protocol of the test. When not provided, "TCP" is assumed. + A list of firewall rule URIs blocking probes from health check IP + ranges. + type: array + healthCheckFirewallState: type: string - relatedProjects: + enum: + - HEALTH_CHECK_FIREWALL_STATE_UNSPECIFIED + - CONFIGURED + - MISCONFIGURED + enumDescriptions: + - State is unspecified. Default state if not populated. + - >- + There are configured firewall rules to allow health check probes + to the backend. + - >- + There are firewall rules configured to allow partial health check + ranges or block all health check ranges. If a health check probe + is sent from denied IP ranges, the health check to the backend + will fail. Then, the backend will be marked unhealthy and will not + receive traffic sent to the load balancer. + description: State of the health check firewall configuration. + OperationMetadata: + properties: + target: description: >- - Other projects that may be relevant for reachability analysis. This - is applicable to scenarios where a test can cross project - boundaries. - type: array - items: - type: string - displayName: - description: Output only. The display name of a Connectivity Test. - readOnly: true + Target of the operation - for example + projects/project-1/locations/global/connectivityTests/test-1 type: string - labels: - description: Resource labels to represent user-provided metadata. - type: object - additionalProperties: - type: string - createTime: - description: Output only. The time the test was created. - readOnly: true + endTime: + description: The time the operation finished running. type: string format: google-datetime - updateTime: - description: Output only. The time the test's configuration was updated. - readOnly: true + createTime: type: string + description: The time the operation was created. format: google-datetime - reachabilityDetails: - description: >- - Output only. The reachability details of this test from the latest - run. The details are updated when creating a new test, updating an - existing test, or triggering a one-time rerun of an existing test. - readOnly: true - $ref: '#/components/schemas/ReachabilityDetails' - probingDetails: - description: >- - Output only. The probing details of this test from the latest run, - present for applicable tests only. The details are updated when - creating a new test, updating an existing test, or triggering a - one-time rerun of an existing test. - readOnly: true - $ref: '#/components/schemas/ProbingDetails' - roundTrip: - description: >- - Whether run analysis for the return path from destination to source. - Default value is false. - type: boolean - returnReachabilityDetails: - description: >- - Output only. The reachability details of this test from the latest - run for the return path. The details are updated when creating a new - test, updating an existing test, or triggering a one-time rerun of - an existing test. - readOnly: true - $ref: '#/components/schemas/ReachabilityDetails' - bypassFirewallChecks: - description: >- - Whether the analysis should skip firewall checking. Default value is - false. + cancelRequested: + description: Specifies if cancellation was requested for the operation. type: boolean - Endpoint: - id: Endpoint - description: Source or destination of the Connectivity Test. + statusDetail: + description: Human-readable status of the operation, if any. + type: string + verb: + type: string + description: Name of the verb executed by the operation. + apiVersion: + description: API version. + type: string + type: object + id: OperationMetadata + description: Metadata describing an Operation + DirectVpcEgressConnectionInfo: + description: >- + For display only. Metadata associated with a serverless direct VPC + egress connection. type: object properties: - ipAddress: - description: >- - The IP address of the endpoint, which can be an external or internal - IP. + selectedIpAddress: type: string - port: - description: >- - The IP protocol port of the endpoint. Only applicable when protocol - is TCP or UDP. - type: integer - format: int32 - instance: - description: A Compute Engine instance URI. + description: Selected starting IP address, from the selected IP range. + networkUri: type: string - forwardingRule: - description: >- - A forwarding rule and its corresponding IP address represent the - frontend configuration of a Google Cloud load balancer. Forwarding - rules are also used for protocol forwarding, Private Service Connect - and other network services to provide forwarding information in the - control plane. Applicable only to destination endpoint. Format: - `projects/{project}/global/forwardingRules/{id}` or - `projects/{project}/regions/{region}/forwardingRules/{id}` + description: URI of direct access network. + region: + description: Region in which the Direct VPC egress is deployed. type: string - forwardingRuleTarget: - description: >- - Output only. Specifies the type of the target of the forwarding - rule. - readOnly: true + selectedIpRange: + description: Selected IP range. + type: string + subnetworkUri: + description: URI of direct access subnetwork. type: string + id: DirectVpcEgressConnectionInfo + ReachabilityDetails: + type: object + properties: + error: + description: The details of a failure or a cancellation of reachability analysis. + $ref: '#/components/schemas/Status' + result: + enum: + - RESULT_UNSPECIFIED + - REACHABLE + - UNREACHABLE + - AMBIGUOUS + - UNDETERMINED + description: The overall result of the test's configuration analysis. enumDescriptions: - - Forwarding rule target is unknown. - - Compute Engine instance for protocol forwarding. + - No result was specified. - >- - Load Balancer. The specific type can be found from - load_balancer_type. - - Classic Cloud VPN Gateway. - - Forwarding Rule is a Private Service Connect endpoint. - enum: - - FORWARDING_RULE_TARGET_UNSPECIFIED - - INSTANCE - - LOAD_BALANCER - - VPN_GATEWAY - - PSC - loadBalancerId: + Possible scenarios are: * The configuration analysis determined + that a packet originating from the source is expected to reach the + destination. * The analysis didn't complete because the user lacks + permission for some of the resources in the trace. However, at the + time the user's permission became insufficient, the trace had been + successful so far. + - >- + A packet originating from the source is expected to be dropped + before reaching the destination. + - >- + The source and destination endpoints do not uniquely identify the + test location in the network, and the reachability result contains + multiple traces. For some traces, a packet could be delivered, and + for others, it would not be. This result is also assigned to + configuration analysis of return path if on its own it should be + REACHABLE, but configuration analysis of forward path is + AMBIGUOUS. + - >- + The configuration analysis did not complete. Possible reasons are: + * A permissions error occurred--for example, the user might not + have read permission for all of the resources named in the test. * + An internal error occurred. * The analyzer received an invalid or + unsupported argument or was unable to identify a known endpoint. + type: string + verifyTime: + format: google-datetime + description: The time of the configuration analysis. + type: string + traces: description: >- - Output only. ID of the load balancer the forwarding rule points to. - Empty for forwarding rules not related to load balancers. - readOnly: true + Result may contain a list of traces if a test has multiple possible + paths in the network, such as when destination endpoint is a load + balancer with multiple backends. + type: array + items: + $ref: '#/components/schemas/Trace' + description: Results of the configuration analysis from the last run of the test. + id: ReachabilityDetails + CloudSQLInstanceInfo: + properties: + displayName: + description: Name of a Cloud SQL instance. type: string - loadBalancerType: + networkUri: description: >- - Output only. Type of the load balancer the forwarding rule points - to. - readOnly: true + URI of a Cloud SQL instance network or empty string if the instance + does not have one. type: string - enumDescriptions: - - >- - Forwarding rule points to a different target than a load balancer - or a load balancer type is unknown. - - Global external HTTP(S) load balancer. - - Global external HTTP(S) load balancer (classic) - - Regional external HTTP(S) load balancer. - - Internal HTTP(S) load balancer. - - External SSL proxy load balancer. - - External TCP proxy load balancer. - - Internal regional TCP proxy load balancer. - - External TCP/UDP Network load balancer. - - Target-pool based external TCP/UDP Network load balancer. - - Internal TCP/UDP load balancer. - enum: - - LOAD_BALANCER_TYPE_UNSPECIFIED - - HTTPS_ADVANCED_LOAD_BALANCER - - HTTPS_LOAD_BALANCER - - REGIONAL_HTTPS_LOAD_BALANCER - - INTERNAL_HTTPS_LOAD_BALANCER - - SSL_PROXY_LOAD_BALANCER - - TCP_PROXY_LOAD_BALANCER - - INTERNAL_TCP_PROXY_LOAD_BALANCER - - NETWORK_LOAD_BALANCER - - LEGACY_NETWORK_LOAD_BALANCER - - TCP_UDP_INTERNAL_LOAD_BALANCER - gkeMasterCluster: - description: >- - A cluster URI for [Google Kubernetes Engine cluster control - plane](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture). + uri: + description: URI of a Cloud SQL instance. type: string - fqdn: - description: >- - DNS endpoint of [Google Kubernetes Engine cluster control - plane](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture). - Requires gke_master_cluster to be set, can't be used simultaneoulsly - with ip_address or network. Applicable only to destination endpoint. + externalIp: + description: External IP address of a Cloud SQL instance. type: string - cloudSqlInstance: - description: A [Cloud SQL](https://cloud.google.com/sql) instance URI. + internalIp: + description: Internal IP address of a Cloud SQL instance. type: string - redisInstance: - description: >- - A [Redis Instance](https://cloud.google.com/memorystore/docs/redis) - URI. Applicable only to destination endpoint. + region: type: string - redisCluster: - description: >- - A [Redis Cluster](https://cloud.google.com/memorystore/docs/cluster) - URI. Applicable only to destination endpoint. + description: Region in which the Cloud SQL instance is running. + id: CloudSQLInstanceInfo + description: For display only. Metadata associated with a Cloud SQL instance. + type: object + CloudRunRevisionInfo: + id: CloudRunRevisionInfo + type: object + properties: + displayName: type: string - cloudFunction: + description: Name of a Cloud Run revision. + serviceUri: + description: URI of Cloud Run service this revision belongs to. + type: string + location: + description: Location in which this revision is deployed. + type: string + uri: + type: string + description: URI of a Cloud Run revision. + description: For display only. Metadata associated with a Cloud Run revision. + VpcFlowLogsConfig: + properties: + labels: + type: object + additionalProperties: + type: string + description: Optional. Resource labels to represent user-provided metadata. + state: description: >- - A [Cloud Function](https://cloud.google.com/functions). Applicable - only to source endpoint. - $ref: '#/components/schemas/CloudFunctionEndpoint' - appEngineVersion: + Optional. The state of the VPC Flow Log configuration. Default value + is ENABLED. When creating a new configuration, it must be enabled. + Setting state=DISABLED will pause the log generation for this + config. + enum: + - STATE_UNSPECIFIED + - ENABLED + - DISABLED + type: string + enumDescriptions: + - If not specified, will default to ENABLED. + - When ENABLED, this configuration will generate logs. + - When DISABLED, this configuration will not generate logs. + metadataFields: + items: + type: string + type: array description: >- - An [App Engine](https://cloud.google.com/appengine) [service - version](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions). - Applicable only to source endpoint. - $ref: '#/components/schemas/AppEngineVersionEndpoint' - cloudRunRevision: + Optional. Custom metadata fields to include in the reported VPC flow + logs. Can only be specified if "metadata" was set to + CUSTOM_METADATA. + crossProjectMetadata: + type: string + enum: + - CROSS_PROJECT_METADATA_UNSPECIFIED + - CROSS_PROJECT_METADATA_ENABLED + - CROSS_PROJECT_METADATA_DISABLED + enumDescriptions: + - If not specified, the default is CROSS_PROJECT_METADATA_ENABLED. + - >- + When CROSS_PROJECT_METADATA_ENABLED, metadata from other projects + will be included in the logs. + - >- + When CROSS_PROJECT_METADATA_DISABLED, metadata from other projects + will not be included in the logs. description: >- - A [Cloud Run](https://cloud.google.com/run) - [revision](https://cloud.google.com/run/docs/reference/rest/v1/namespaces.revisions/get) - Applicable only to source endpoint. - $ref: '#/components/schemas/CloudRunRevisionEndpoint' + Optional. Determines whether to include cross project annotations in + the logs. This field is available only for organization + configurations. If not specified in org configs will be set to + CROSS_PROJECT_METADATA_ENABLED. + updateTime: + description: Output only. The time the config was updated. + format: google-datetime + type: string + readOnly: true network: - description: A VPC network URI. + description: >- + Traffic will be logged from VMs, VPN tunnels and Interconnect + Attachments within the network. Format: + projects/{project_id}/global/networks/{name} type: string - networkType: + createTime: + format: google-datetime + readOnly: true + type: string + description: Output only. The time the config was created. + metadata: description: >- - Type of the network where the endpoint is located. Applicable only - to source endpoint, as destination network type can be inferred from - the source. + Optional. Configures whether all, none or a subset of metadata + fields should be added to the reported VPC flow logs. Default value + is INCLUDE_ALL_METADATA. type: string enumDescriptions: - - Default type if unspecified. - - >- - A network hosted within Google Cloud. To receive more detailed - output, specify the URI for the source or destination network. - - >- - A network hosted outside of Google Cloud. This can be an - on-premises network, an internet resource or a network hosted by - another cloud provider. + - If not specified, will default to INCLUDE_ALL_METADATA. + - Include all metadata fields. + - Exclude all metadata fields. + - Include only custom fields (specified in metadata_fields). enum: - - NETWORK_TYPE_UNSPECIFIED - - GCP_NETWORK - - NON_GCP_NETWORK - projectId: + - METADATA_UNSPECIFIED + - INCLUDE_ALL_METADATA + - EXCLUDE_ALL_METADATA + - CUSTOM_METADATA + aggregationInterval: + enumDescriptions: + - If not specified, will default to INTERVAL_5_SEC. + - Aggregate logs in 5s intervals. + - Aggregate logs in 30s intervals. + - Aggregate logs in 1m intervals. + - Aggregate logs in 5m intervals. + - Aggregate logs in 10m intervals. + - Aggregate logs in 15m intervals. + enum: + - AGGREGATION_INTERVAL_UNSPECIFIED + - INTERVAL_5_SEC + - INTERVAL_30_SEC + - INTERVAL_1_MIN + - INTERVAL_5_MIN + - INTERVAL_10_MIN + - INTERVAL_15_MIN description: >- - Project ID where the endpoint is located. The project ID can be - derived from the URI if you provide a endpoint or network URI. The - following are two cases where you may need to provide the project - ID: 1. Only the IP address is specified, and the IP address is - within a Google Cloud project. 2. When you are using Shared VPC and - the IP address that you provide is from the service project. In this - case, the network that the IP address resides in is defined in the - host project. + Optional. The aggregation interval for the logs. Default value is + INTERVAL_5_SEC. type: string - CloudFunctionEndpoint: - id: CloudFunctionEndpoint - description: Wrapper for Cloud Function attributes. - type: object - properties: - uri: - description: A [Cloud Function](https://cloud.google.com/functions) name. + description: + description: >- + Optional. The user-supplied description of the VPC Flow Logs + configuration. Maximum of 512 characters. type: string - AppEngineVersionEndpoint: - id: AppEngineVersionEndpoint - description: Wrapper for the App Engine service version attributes. - type: object - properties: - uri: + filterExpr: description: >- - An [App Engine](https://cloud.google.com/appengine) [service - version](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions) - name. + Optional. Export filter used to define which VPC Flow Logs should be + logged. type: string - CloudRunRevisionEndpoint: - id: CloudRunRevisionEndpoint - description: Wrapper for Cloud Run revision attributes. - type: object - properties: - uri: + flowSampling: + format: float + type: number description: >- - A [Cloud Run](https://cloud.google.com/run) - [revision](https://cloud.google.com/run/docs/reference/rest/v1/namespaces.revisions/get) - URI. The format is: - projects/{project}/locations/{location}/revisions/{revision} + Optional. The value of the field must be in (0, 1]. The sampling + rate of VPC Flow Logs where 1.0 means all collected logs are + reported. Setting the sampling rate to 0.0 is not allowed. If you + want to disable VPC Flow Logs, use the state field instead. Default + value is 1.0. + interconnectAttachment: + description: >- + Traffic will be logged from the Interconnect Attachment. Format: + projects/{project_id}/regions/{region}/interconnectAttachments/{name} type: string - serviceUri: + vpnTunnel: description: >- - Output only. The URI of the Cloud Run service that the revision - belongs to. The format is: - projects/{project}/locations/{location}/services/{service} - readOnly: true + Traffic will be logged from the VPN Tunnel. Format: + projects/{project_id}/regions/{region}/vpnTunnels/{name} type: string - ReachabilityDetails: - id: ReachabilityDetails - description: Results of the configuration analysis from the last run of the test. - type: object - properties: - result: - description: The overall result of the test's configuration analysis. + subnet: type: string + description: >- + Traffic will be logged from VMs within the subnetwork. Format: + projects/{project_id}/regions/{region}/subnetworks/{name} + targetResourceState: + readOnly: true enumDescriptions: - - No result was specified. - - >- - Possible scenarios are: * The configuration analysis determined - that a packet originating from the source is expected to reach the - destination. * The analysis didn't complete because the user lacks - permission for some of the resources in the trace. However, at the - time the user's permission became insufficient, the trace had been - successful so far. - - >- - A packet originating from the source is expected to be dropped - before reaching the destination. - - >- - The source and destination endpoints do not uniquely identify the - test location in the network, and the reachability result contains - multiple traces. For some traces, a packet could be delivered, and - for others, it would not be. This result is also assigned to - configuration analysis of return path if on its own it should be - REACHABLE, but configuration analysis of forward path is - AMBIGUOUS. - - >- - The configuration analysis did not complete. Possible reasons are: - * A permissions error occurred--for example, the user might not - have read permission for all of the resources named in the test. * - An internal error occurred. * The analyzer received an invalid or - unsupported argument or was unable to identify a known endpoint. + - Unspecified target resource state. + - Indicates that the target resource exists. + - Indicates that the target resource does not exist. enum: - - RESULT_UNSPECIFIED - - REACHABLE - - UNREACHABLE - - AMBIGUOUS - - UNDETERMINED - verifyTime: - description: The time of the configuration analysis. + - TARGET_RESOURCE_STATE_UNSPECIFIED + - TARGET_RESOURCE_EXISTS + - TARGET_RESOURCE_DOES_NOT_EXIST type: string - format: google-datetime - error: - description: The details of a failure or a cancellation of reachability analysis. - $ref: '#/components/schemas/Status' - traces: description: >- - Result may contain a list of traces if a test has multiple possible - paths in the network, such as when destination endpoint is a load - balancer with multiple backends. - type: array - items: - $ref: '#/components/schemas/Trace' - Trace: - id: Trace - description: >- - Trace represents one simulated packet forwarding path. * Each trace - contains multiple ordered steps. * Each step is in a particular state - with associated configuration. * State is categorized as final or - non-final states. * Each final state has a reason associated. * Each - trace must end with a final state (the last step). ``` - |---------------------Trace----------------------| Step1(State) - Step2(State) --- StepN(State(final)) ``` + Output only. Describes the state of the configured target resource + for diagnostic purposes. + name: + description: >- + Identifier. Unique name of the configuration. The name can have one + of the following forms: - For project-level configurations: + `projects/{project_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` + - For organization-level configurations: + `organizations/{organization_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` + type: string + id: VpcFlowLogsConfig + description: A configuration to generate VPC Flow Logs. type: object + AuditConfig: + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. properties: - endpointInfo: + auditLogConfigs: + items: + $ref: '#/components/schemas/AuditLogConfig' + description: The configuration for logging of each type of permission. + type: array + service: + type: string description: >- - Derived from the source and destination endpoints definition - specified by user request, and validated by the data plane model. If - there are multiple traces starting from different source locations, - then the endpoint_info may be different between traces. - $ref: '#/components/schemas/EndpointInfo' - steps: + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + id: AuditConfig + type: object + InterconnectAttachmentInfo: + type: object + properties: + l2AttachmentMatchedIpAddress: + description: Appliance IP address that was matched for L2_DEDICATED attachments. + type: string + region: description: >- - A trace of a test contains multiple steps from the initial state to - the final state (delivered, dropped, forwarded, or aborted). The - steps are ordered by the processing sequence within the simulated - network state machine. It is critical to preserve the order of the - steps and avoid reordering or sorting them. - type: array - items: - $ref: '#/components/schemas/Step' - forwardTraceId: + Name of a Google Cloud region where the Interconnect attachment is + configured. + type: string + type: + type: string + enumDescriptions: + - Unspecified type. + - Attachment to a dedicated interconnect. + - Attachment to a partner interconnect, created by the customer. + - Attachment to a partner interconnect, created by the partner. + - Attachment to a L2 interconnect, created by the customer. + enum: + - TYPE_UNSPECIFIED + - DEDICATED + - PARTNER + - PARTNER_PROVIDER + - L2_DEDICATED + description: The type of interconnect attachment this is. + uri: + description: URI of an Interconnect attachment. + type: string + interconnectUri: + type: string description: >- - ID of trace. For forward traces, this ID is unique for each trace. - For return traces, it matches ID of associated forward trace. A - single forward trace can be associated with none, one or more than - one return trace. - type: integer - format: int32 + URI of the Interconnect where the Interconnect attachment is + configured. + cloudRouterUri: + description: URI of the Cloud Router to be used for dynamic routing. + type: string + displayName: + description: Name of an Interconnect attachment. + type: string + description: For display only. Metadata associated with an Interconnect attachment. + id: InterconnectAttachmentInfo EndpointInfo: - id: EndpointInfo - description: >- - For display only. The specification of the endpoints for the test. - EndpointInfo is derived from source and destination Endpoint and - validated by the backend data plane model. type: object + id: EndpointInfo properties: - sourceIp: - description: Source IP address. - type: string destinationIp: - description: Destination IP address. - type: string - protocol: - description: 'IP protocol in string format, for example: "TCP", "UDP", "ICMP".' type: string + description: Destination IP address. sourcePort: - description: Source port. Only valid when protocol is TCP or UDP. - type: integer format: int32 - destinationPort: - description: Destination port. Only valid when protocol is TCP or UDP. type: integer - format: int32 + description: Source port. Only valid when protocol is TCP or UDP. sourceNetworkUri: + type: string description: URI of the network where this packet originates from. + protocol: + description: 'IP protocol in string format, for example: "TCP", "UDP", "ICMP".' type: string destinationNetworkUri: description: URI of the network where this packet is sent to. type: string + destinationPort: + format: int32 + description: Destination port. Only valid when protocol is TCP or UDP. + type: integer sourceAgentUri: + type: string description: URI of the source telemetry agent this packet originates from. + sourceIp: + description: Source IP address. type: string - Step: - id: Step description: >- - A simulated forwarding path is composed of multiple steps. Each step has - a well-defined state and an associated configuration. + For display only. The specification of the endpoints for the test. + EndpointInfo is derived from source and destination Endpoint and + validated by the backend data plane model. + TestIamPermissionsResponse: type: object properties: - description: - description: A description of the step. Usually this is a summary of the state. - type: string - state: - description: Each step is in one of the pre-defined states. - type: string + permissions: + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + items: + type: string + type: array + description: Response message for `TestIamPermissions` method. + id: TestIamPermissionsResponse + ForwardInfo: + type: object + id: ForwardInfo + properties: + target: + description: Target type where this packet is forwarded to. + enum: + - TARGET_UNSPECIFIED + - PEERING_VPC + - VPN_GATEWAY + - INTERCONNECT + - GKE_MASTER + - IMPORTED_CUSTOM_ROUTE_NEXT_HOP + - CLOUD_SQL_INSTANCE + - ANOTHER_PROJECT + - NCC_HUB + - ROUTER_APPLIANCE + - SECURE_WEB_PROXY_GATEWAY enumDescriptions: - - Unspecified state. - - >- - Initial state: packet originating from a Compute Engine instance. - An InstanceInfo is populated with starting instance information. - - >- - Initial state: packet originating from the internet. The endpoint - information is populated. - - >- - Initial state: packet originating from a Google service. The - google_service information is populated. - - >- - Initial state: packet originating from a VPC or on-premises - network with internal source IP. If the source is a VPC network - visible to the user, a NetworkInfo is populated with details of - the network. - - >- - Initial state: packet originating from a Google Kubernetes Engine - cluster master. A GKEMasterInfo is populated with starting - instance information. - - >- - Initial state: packet originating from a Cloud SQL instance. A - CloudSQLInstanceInfo is populated with starting instance - information. - - >- - Initial state: packet originating from a Redis instance. A - RedisInstanceInfo is populated with starting instance information. - - >- - Initial state: packet originating from a Redis Cluster. A - RedisClusterInfo is populated with starting Cluster information. - - >- - Initial state: packet originating from a Cloud Function. A - CloudFunctionInfo is populated with starting function information. - - >- - Initial state: packet originating from an App Engine service - version. An AppEngineVersionInfo is populated with starting - version information. - - >- - Initial state: packet originating from a Cloud Run revision. A - CloudRunRevisionInfo is populated with starting revision - information. - - >- - Initial state: packet originating from a Storage Bucket. Used only - for return traces. The storage_bucket information is populated. - - >- - Initial state: packet originating from a published service that - uses Private Service Connect. Used only for return traces. - - >- - Initial state: packet originating from a serverless network - endpoint group backend. Used only for return traces. The - serverless_neg information is populated. - - 'Config checking state: verify ingress firewall rule.' - - 'Config checking state: verify egress firewall rule.' - - 'Config checking state: verify route.' - - 'Config checking state: match forwarding rule.' - - 'Config checking state: verify load balancer backend configuration.' + - Target not specified. + - Forwarded to a VPC peering network. + - Forwarded to a Cloud VPN gateway. + - Forwarded to a Cloud Interconnect connection. + - Forwarded to a Google Kubernetes Engine Container cluster master. - >- - Config checking state: packet sent or received under foreign IP - address and allowed. - - 'Forwarding state: arriving at a Compute Engine instance.' - - >- - Forwarding state: arriving at a Compute Engine internal load - balancer. - - >- - Forwarding state: arriving at a Compute Engine external load - balancer. - - 'Forwarding state: arriving at a Cloud VPN gateway.' - - 'Forwarding state: arriving at a Cloud VPN tunnel.' - - 'Forwarding state: arriving at an interconnect attachment.' - - 'Forwarding state: arriving at a VPC connector.' - - >- - Forwarding state: for packets originating from a serverless - endpoint forwarded through Direct VPC egress. - - >- - Forwarding state: for packets originating from a serverless - endpoint forwarded through public (external) connectivity. - - 'Transition state: packet header translated.' - - >- - Transition state: original connection is terminated and a new - proxied connection is initiated. - - 'Final state: packet could be delivered.' - - 'Final state: packet could be dropped.' - - >- - Final state: packet could be forwarded to a network with an - unknown configuration. - - 'Final state: analysis is aborted.' - - >- - Special state: viewer of the test result does not have permission - to see the configuration in this step. + Forwarded to the next hop of a custom route imported from a + peering VPC. + - Forwarded to a Cloud SQL instance. + - Forwarded to a VPC network in another project. + - Forwarded to an NCC Hub. + - Forwarded to a router appliance. + - Forwarded to a Secure Web Proxy Gateway. + type: string enumDeprecated: - false - false - false - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - true - true - false + - true - false - false - false - false - - false - - false - - false - - false - - false - - false - - false - - false - enum: - - STATE_UNSPECIFIED - - START_FROM_INSTANCE - - START_FROM_INTERNET - - START_FROM_GOOGLE_SERVICE - - START_FROM_PRIVATE_NETWORK - - START_FROM_GKE_MASTER - - START_FROM_CLOUD_SQL_INSTANCE - - START_FROM_REDIS_INSTANCE - - START_FROM_REDIS_CLUSTER - - START_FROM_CLOUD_FUNCTION - - START_FROM_APP_ENGINE_VERSION - - START_FROM_CLOUD_RUN_REVISION - - START_FROM_STORAGE_BUCKET - - START_FROM_PSC_PUBLISHED_SERVICE - - START_FROM_SERVERLESS_NEG - - APPLY_INGRESS_FIREWALL_RULE - - APPLY_EGRESS_FIREWALL_RULE - - APPLY_ROUTE - - APPLY_FORWARDING_RULE - - ANALYZE_LOAD_BALANCER_BACKEND - - SPOOFING_APPROVED - - ARRIVE_AT_INSTANCE - - ARRIVE_AT_INTERNAL_LOAD_BALANCER - - ARRIVE_AT_EXTERNAL_LOAD_BALANCER - - ARRIVE_AT_VPN_GATEWAY - - ARRIVE_AT_VPN_TUNNEL - - ARRIVE_AT_INTERCONNECT_ATTACHMENT - - ARRIVE_AT_VPC_CONNECTOR - - DIRECT_VPC_EGRESS_CONNECTION - - SERVERLESS_EXTERNAL_CONNECTION - - NAT - - PROXY_CONNECTION - - DELIVER - - DROP - - FORWARD - - ABORT - - VIEWER_PERMISSION_MISSING - causesDrop: - description: This is a step that leads to the final state Drop. - type: boolean - projectId: - description: Project ID that contains the configuration this step is validating. + resourceUri: + description: URI of the resource that the packet is forwarded to. type: string - instance: - description: Display information of a Compute Engine instance. - $ref: '#/components/schemas/InstanceInfo' - firewall: - description: Display information of a Compute Engine firewall rule. - $ref: '#/components/schemas/FirewallInfo' - route: - description: Display information of a Compute Engine route. - $ref: '#/components/schemas/RouteInfo' - endpoint: - description: >- - Display information of the source and destination under analysis. - The endpoint information in an intermediate state may differ with - the initial input, as it might be modified by state like NAT, or - Connection Proxy. - $ref: '#/components/schemas/EndpointInfo' - googleService: - description: Display information of a Google service - $ref: '#/components/schemas/GoogleServiceInfo' - forwardingRule: - description: Display information of a Compute Engine forwarding rule. - $ref: '#/components/schemas/ForwardingRuleInfo' - vpnGateway: - description: Display information of a Compute Engine VPN gateway. - $ref: '#/components/schemas/VpnGatewayInfo' - vpnTunnel: - description: Display information of a Compute Engine VPN tunnel. - $ref: '#/components/schemas/VpnTunnelInfo' - interconnectAttachment: - description: Display information of an interconnect attachment. - $ref: '#/components/schemas/InterconnectAttachmentInfo' - vpcConnector: - description: Display information of a VPC connector. - $ref: '#/components/schemas/VpcConnectorInfo' - directVpcEgressConnection: - description: Display information of a serverless direct VPC egress connection. - $ref: '#/components/schemas/DirectVpcEgressConnectionInfo' - serverlessExternalConnection: - description: Display information of a serverless public (external) connection. - $ref: '#/components/schemas/ServerlessExternalConnectionInfo' - deliver: - description: Display information of the final state "deliver" and reason. - $ref: '#/components/schemas/DeliverInfo' - forward: - description: Display information of the final state "forward" and reason. - $ref: '#/components/schemas/ForwardInfo' - abort: - description: Display information of the final state "abort" and reason. - $ref: '#/components/schemas/AbortInfo' - drop: - description: Display information of the final state "drop" and reason. - $ref: '#/components/schemas/DropInfo' - loadBalancer: - description: >- - Display information of the load balancers. Deprecated in favor of - the `load_balancer_backend_info` field, not used in new tests. - deprecated: true - $ref: '#/components/schemas/LoadBalancerInfo' - network: - description: Display information of a Google Cloud network. - $ref: '#/components/schemas/NetworkInfo' - gkeMaster: - description: Display information of a Google Kubernetes Engine cluster master. - $ref: '#/components/schemas/GKEMasterInfo' - cloudSqlInstance: - description: Display information of a Cloud SQL instance. - $ref: '#/components/schemas/CloudSQLInstanceInfo' - redisInstance: - description: Display information of a Redis Instance. - $ref: '#/components/schemas/RedisInstanceInfo' - redisCluster: - description: Display information of a Redis Cluster. - $ref: '#/components/schemas/RedisClusterInfo' - cloudFunction: - description: Display information of a Cloud Function. - $ref: '#/components/schemas/CloudFunctionInfo' - appEngineVersion: - description: Display information of an App Engine service version. - $ref: '#/components/schemas/AppEngineVersionInfo' - cloudRunRevision: - description: Display information of a Cloud Run revision. - $ref: '#/components/schemas/CloudRunRevisionInfo' - nat: - description: Display information of a NAT. - $ref: '#/components/schemas/NatInfo' - proxyConnection: - description: Display information of a ProxyConnection. - $ref: '#/components/schemas/ProxyConnectionInfo' - loadBalancerBackendInfo: - description: Display information of a specific load balancer backend. - $ref: '#/components/schemas/LoadBalancerBackendInfo' - storageBucket: - description: >- - Display information of a Storage Bucket. Used only for return - traces. - $ref: '#/components/schemas/StorageBucketInfo' - serverlessNeg: - description: >- - Display information of a Serverless network endpoint group backend. - Used only for return traces. - $ref: '#/components/schemas/ServerlessNegInfo' - InstanceInfo: - id: InstanceInfo - description: For display only. Metadata associated with a Compute Engine instance. - type: object - properties: - displayName: - description: Name of a Compute Engine instance. + ipAddress: type: string + description: IP address of the target (if applicable). + description: Details of the final state "forward" and associated resource. + CloudFunctionEndpoint: + description: Wrapper for Cloud Function attributes. + properties: uri: - description: URI of a Compute Engine instance. - type: string - interface: - description: Name of the network interface of a Compute Engine instance. - type: string - networkUri: - description: URI of a Compute Engine network. - type: string - internalIp: - description: Internal IP address of the network interface. - type: string - externalIp: - description: External IP address of the network interface. + description: A [Cloud Function](https://cloud.google.com/functions) name. type: string - networkTags: - description: Network tags configured on the instance. + type: object + id: CloudFunctionEndpoint + Trace: + id: Trace + properties: + steps: type: array items: - type: string - serviceAccount: - description: Service account authorized for the instance. - deprecated: true - type: string - pscNetworkAttachmentUri: + $ref: '#/components/schemas/Step' description: >- - URI of the PSC network attachment the NIC is attached to (if - relevant). - type: string - running: + A trace of a test contains multiple steps from the initial state to + the final state (delivered, dropped, forwarded, or aborted). The + steps are ordered by the processing sequence within the simulated + network state machine. It is critical to preserve the order of the + steps and avoid reordering or sorting them. + endpointInfo: description: >- - Indicates whether the Compute Engine instance is running. - Deprecated: use the `status` field instead. - deprecated: true - type: boolean - status: - description: The status of the instance. - type: string - enumDescriptions: - - Default unspecified value. - - The instance is running. - - The instance has any status other than "RUNNING". - enum: - - STATUS_UNSPECIFIED - - RUNNING - - NOT_RUNNING - FirewallInfo: - id: FirewallInfo + Derived from the source and destination endpoints definition + specified by user request, and validated by the data plane model. If + there are multiple traces starting from different source locations, + then the endpoint_info may be different between traces. + $ref: '#/components/schemas/EndpointInfo' + forwardTraceId: + type: integer + description: >- + ID of trace. For forward traces, this ID is unique for each trace. + For return traces, it matches ID of associated forward trace. A + single forward trace can be associated with none, one or more than + one return trace. + format: int32 description: >- - For display only. Metadata associated with a VPC firewall rule, an - implied VPC firewall rule, or a firewall policy rule. + Trace represents one simulated packet forwarding path. * Each trace + contains multiple ordered steps. * Each step is in a particular state + with associated configuration. * State is categorized as final or + non-final states. * Each final state has a reason associated. * Each + trace must end with a final state (the last step). ``` + |---------------------Trace----------------------| Step1(State) + Step2(State) --- StepN(State(final)) ``` type: object + EffectiveVpcFlowLogsConfig: properties: - displayName: - description: >- - The display name of the firewall rule. This field might be empty for - firewall policy rules. + metadata: type: string - uri: + enumDescriptions: + - If not specified, will default to INCLUDE_ALL_METADATA. + - Include all metadata fields. + - Exclude all metadata fields. + - Include only custom fields (specified in metadata_fields). + enum: + - METADATA_UNSPECIFIED + - INCLUDE_ALL_METADATA + - EXCLUDE_ALL_METADATA + - CUSTOM_METADATA description: >- - The URI of the firewall rule. This field is not applicable to - implied VPC firewall rules. + Configures whether all, none or a subset of metadata fields should + be added to the reported VPC flow logs. Default value is + INCLUDE_ALL_METADATA. + filterExpr: + description: Export filter used to define which VPC Flow Logs should be logged. type: string - direction: - description: 'Possible values: INGRESS, EGRESS' + vpnTunnel: type: string - action: - description: 'Possible values: ALLOW, DENY, APPLY_SECURITY_PROFILE_GROUP' + description: >- + Traffic will be logged from the VPN Tunnel. Format: + projects/{project_id}/regions/{region}/vpnTunnels/{name} + scope: + enum: + - SCOPE_UNSPECIFIED + - SUBNET + - COMPUTE_API_SUBNET + - NETWORK + - VPN_TUNNEL + - INTERCONNECT_ATTACHMENT + - ORGANIZATION type: string - priority: - description: The priority of the firewall rule. - type: integer - format: int32 - networkUri: + enumDescriptions: + - Scope is unspecified. + - Target resource is a subnet (Network Management API). + - >- + Target resource is a subnet, and the config originates from the + Compute API. + - Target resource is a network. + - Target resource is a VPN tunnel. + - Target resource is an interconnect attachment. + - Configuration applies to an entire organization. + description: >- + Specifies the scope of the config (e.g., SUBNET, NETWORK, + ORGANIZATION..). + network: description: >- - The URI of the VPC network that the firewall rule is associated - with. This field is not applicable to hierarchical firewall policy - rules. + Traffic will be logged from VMs, VPN tunnels and Interconnect + Attachments within the network. Format: + projects/{project_id}/global/networks/{name} type: string - targetTags: + aggregationInterval: + enum: + - AGGREGATION_INTERVAL_UNSPECIFIED + - INTERVAL_5_SEC + - INTERVAL_30_SEC + - INTERVAL_1_MIN + - INTERVAL_5_MIN + - INTERVAL_10_MIN + - INTERVAL_15_MIN description: >- - The target tags defined by the VPC firewall rule. This field is not - applicable to firewall policy rules. - type: array + The aggregation interval for the logs. Default value is + INTERVAL_5_SEC. + type: string + enumDescriptions: + - If not specified, will default to INTERVAL_5_SEC. + - Aggregate logs in 5s intervals. + - Aggregate logs in 30s intervals. + - Aggregate logs in 1m intervals. + - Aggregate logs in 5m intervals. + - Aggregate logs in 10m intervals. + - Aggregate logs in 15m intervals. + interconnectAttachment: + type: string + description: >- + Traffic will be logged from the Interconnect Attachment. Format: + projects/{project_id}/regions/{region}/interconnectAttachments/{name} + metadataFields: + description: >- + Custom metadata fields to include in the reported VPC flow logs. Can + only be specified if "metadata" was set to CUSTOM_METADATA. items: type: string - targetServiceAccounts: - description: The target service accounts specified by the firewall rule. type: array - items: - type: string - policy: + subnet: description: >- - The name of the firewall policy that this rule is associated with. - This field is not applicable to VPC firewall rules and implied VPC - firewall rules. + Traffic will be logged from VMs within the subnetwork. Format: + projects/{project_id}/regions/{region}/subnetworks/{name} type: string - policyUri: + state: + enumDescriptions: + - If not specified, will default to ENABLED. + - When ENABLED, this configuration will generate logs. + - When DISABLED, this configuration will not generate logs. description: >- - The URI of the firewall policy that this rule is associated with. - This field is not applicable to VPC firewall rules and implied VPC - firewall rules. - type: string - firewallRuleType: - description: The firewall rule's type. + The state of the VPC Flow Log configuration. Default value is + ENABLED. When creating a new configuration, it must be enabled. + Setting state=DISABLED will pause the log generation for this + config. type: string + enum: + - STATE_UNSPECIFIED + - ENABLED + - DISABLED + crossProjectMetadata: + description: >- + Determines whether to include cross project annotations in the logs. + This field is available only for organization configurations. If not + specified in org configs will be set to + CROSS_PROJECT_METADATA_ENABLED. enumDescriptions: - - Unspecified type. - - >- - Hierarchical firewall policy rule. For details, see [Hierarchical - firewall policies - overview](https://cloud.google.com/vpc/docs/firewall-policies). - - >- - VPC firewall rule. For details, see [VPC firewall rules - overview](https://cloud.google.com/vpc/docs/firewalls). - - >- - Implied VPC firewall rule. For details, see [Implied - rules](https://cloud.google.com/vpc/docs/firewalls#default_firewall_rules). - - >- - Implicit firewall rules that are managed by serverless VPC access - to allow ingress access. They are not visible in the Google Cloud - console. For details, see [VPC connector's implicit - rules](https://cloud.google.com/functions/docs/networking/connecting-vpc#restrict-access). - - >- - Global network firewall policy rule. For details, see [Network - firewall - policies](https://cloud.google.com/vpc/docs/network-firewall-policies). - - >- - Regional network firewall policy rule. For details, see [Regional - network firewall - policies](https://cloud.google.com/firewall/docs/regional-firewall-policies). - - >- - Firewall policy rule containing attributes not yet supported in - Connectivity tests. Firewall analysis is skipped if such a rule - can potentially be matched. Please see the [list of unsupported - configurations](https://cloud.google.com/network-intelligence-center/docs/connectivity-tests/concepts/overview#unsupported-configs). + - If not specified, the default is CROSS_PROJECT_METADATA_ENABLED. - >- - Tracking state for response traffic created when request traffic - goes through allow firewall rule. For details, see [firewall rules - specifications](https://cloud.google.com/firewall/docs/firewalls#specifications) + When CROSS_PROJECT_METADATA_ENABLED, metadata from other projects + will be included in the logs. - >- - Firewall analysis was skipped due to executing Connectivity Test - in the BypassFirewallChecks mode + When CROSS_PROJECT_METADATA_DISABLED, metadata from other projects + will not be included in the logs. enum: - - FIREWALL_RULE_TYPE_UNSPECIFIED - - HIERARCHICAL_FIREWALL_POLICY_RULE - - VPC_FIREWALL_RULE - - IMPLIED_VPC_FIREWALL_RULE - - SERVERLESS_VPC_ACCESS_MANAGED_FIREWALL_RULE - - NETWORK_FIREWALL_POLICY_RULE - - NETWORK_REGIONAL_FIREWALL_POLICY_RULE - - UNSUPPORTED_FIREWALL_POLICY_RULE - - TRACKING_STATE - - ANALYSIS_SKIPPED - policyPriority: + - CROSS_PROJECT_METADATA_UNSPECIFIED + - CROSS_PROJECT_METADATA_ENABLED + - CROSS_PROJECT_METADATA_DISABLED + type: string + flowSampling: + format: float + type: number description: >- - The priority of the firewall policy that this rule is associated - with. This field is not applicable to VPC firewall rules and implied - VPC firewall rules. - type: integer - format: int32 - targetType: - description: Target type of the firewall rule. + The value of the field must be in (0, 1]. The sampling rate of VPC + Flow Logs where 1.0 means all collected logs are reported. Setting + the sampling rate to 0.0 is not allowed. If you want to disable VPC + Flow Logs, use the state field instead. Default value is 1.0. + name: type: string - enumDescriptions: - - >- - Target type is not specified. In this case we treat the rule as - applying to INSTANCES target type. - - Firewall rule applies to instances. - - Firewall rule applies to internal managed load balancers. - enum: - - TARGET_TYPE_UNSPECIFIED - - INSTANCES - - INTERNAL_MANAGED_LB - RouteInfo: - id: RouteInfo - description: For display only. Metadata associated with a Compute Engine route. + description: >- + Unique name of the configuration. The name can have one of the + following forms: - For project-level configurations: + `projects/{project_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` + - For organization-level configurations: + `organizations/{organization_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` + - For a Compute config, the name will be the path of the subnet: + `projects/{project_id}/regions/{region}/subnetworks/{subnet_id}` + id: EffectiveVpcFlowLogsConfig type: object + description: >- + A configuration to generate a response for GetEffectiveVpcFlowLogsConfig + request. + Location: + id: Location properties: - routeType: - description: Type of route. + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". type: string - enumDescriptions: - - Unspecified type. Default value. - - Route is a subnet route automatically created by the system. - - >- - Static route created by the user, including the default route to - the internet. - - Dynamic route exchanged between BGP peers. - - A subnet route received from peering network or NCC Hub. - - A static route received from peering network. - - A dynamic route received from peering network or NCC Hub. - - Policy based route. - - >- - Advertised route. Synthetic route which is used to transition from - the StartFromPrivateNetwork state in Connectivity tests. - enum: - - ROUTE_TYPE_UNSPECIFIED - - SUBNET - - STATIC - - DYNAMIC - - PEERING_SUBNET - - PEERING_STATIC - - PEERING_DYNAMIC - - POLICY_BASED - - ADVERTISED - nextHopType: - description: Type of next hop. + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` type: string - enumDescriptions: - - Unspecified type. Default value. - - Next hop is an IP address. - - Next hop is a Compute Engine instance. - - Next hop is a VPC network gateway. - - >- - Next hop is a peering VPC. This scenario only happens when the - user doesn't have permissions to the project where the next hop - resource is located. - - Next hop is an interconnect. - - Next hop is a VPN tunnel. - - >- - Next hop is a VPN gateway. This scenario only happens when tracing - connectivity from an on-premises network to Google Cloud through a - VPN. The analysis simulates a packet departing from the - on-premises network through a VPN tunnel and arriving at a Cloud - VPN gateway. - - Next hop is an internet gateway. - - >- - Next hop is blackhole; that is, the next hop either does not exist - or is unusable. - - Next hop is the forwarding rule of an Internal Load Balancer. - - >- - Next hop is a [router appliance - instance](https://cloud.google.com/network-connectivity/docs/network-connectivity-center/concepts/ra-overview). - - >- - Next hop is an NCC hub. This scenario only happens when the user - doesn't have permissions to the project where the next hop - resource is located. - - Next hop is Secure Web Proxy Gateway. - enum: - - NEXT_HOP_TYPE_UNSPECIFIED - - NEXT_HOP_IP - - NEXT_HOP_INSTANCE - - NEXT_HOP_NETWORK - - NEXT_HOP_PEERING - - NEXT_HOP_INTERCONNECT - - NEXT_HOP_VPN_TUNNEL - - NEXT_HOP_VPN_GATEWAY - - NEXT_HOP_INTERNET_GATEWAY - - NEXT_HOP_BLACKHOLE - - NEXT_HOP_ILB - - NEXT_HOP_ROUTER_APPLIANCE - - NEXT_HOP_NCC_HUB - - SECURE_WEB_PROXY_GATEWAY - routeScope: + metadata: description: >- - Indicates where route is applicable. Deprecated, routes with NCC_HUB - scope are not included in the trace in new tests. - deprecated: true - type: string - enumDescriptions: - - Unspecified scope. Default value. - - Route is applicable to packets in Network. - - Route is applicable to packets using NCC Hub's routing table. - enum: - - ROUTE_SCOPE_UNSPECIFIED - - NETWORK - - NCC_HUB - displayName: - description: Name of a route. - type: string - uri: + Service-specific metadata. For example the available capacity at the + given location. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + labels: + type: object + additionalProperties: + type: string description: >- - URI of a route. SUBNET, STATIC, PEERING_SUBNET (only for peering - network) and POLICY_BASED routes only. + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + locationId: type: string - region: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: object + description: A resource that represents a Google Cloud location. + ConnectivityTest: + properties: + description: description: >- - Region of the route. DYNAMIC, PEERING_DYNAMIC, POLICY_BASED and - ADVERTISED routes only. If set for POLICY_BASED route, this is a - region of VLAN attachments for Cloud Interconnect the route applies - to. - type: string - destIpRange: - description: Destination IP range of the route. + The user-supplied description of the Connectivity Test. Maximum of + 512 characters. type: string - nextHop: + source: description: >- - String type of the next hop of the route (for example, "VPN - tunnel"). Deprecated in favor of the next_hop_type and next_hop_uri - fields, not used in new tests. - deprecated: true - type: string - networkUri: - description: URI of a VPC network where route is located. + Required. Source specification of the Connectivity Test. You can use + a combination of source IP address, URI of a supported endpoint, + project ID, or VPC network to identify the source location. + Reachability analysis might proceed even if the source location is + ambiguous. However, the test result might include endpoints or use a + source that you don't intend to test. + $ref: '#/components/schemas/Endpoint' + bypassFirewallChecks: + type: boolean + description: >- + Whether the analysis should skip firewall checking. Default value is + false. + roundTrip: + type: boolean + description: >- + Whether run analysis for the return path from destination to source. + Default value is false. + protocol: + description: IP Protocol of the test. When not provided, "TCP" is assumed. type: string - priority: - description: Priority of the route. - type: integer - format: int32 - instanceTags: - description: Instance tags of the route. - type: array - items: + labels: + additionalProperties: type: string - srcIpRange: - description: Source IP address range of the route. POLICY_BASED routes only. + description: Resource labels to represent user-provided metadata. + type: object + returnReachabilityDetails: + $ref: '#/components/schemas/ReachabilityDetails' + description: >- + Output only. The reachability details of this test from the latest + run for the return path. The details are updated when creating a new + test, updating an existing test, or triggering a one-time rerun of + an existing test. + readOnly: true + displayName: + readOnly: true + description: Output only. The display name of a Connectivity Test. type: string - destPortRanges: - description: Destination port ranges of the route. POLICY_BASED routes only. - type: array + createTime: + format: google-datetime + type: string + readOnly: true + description: Output only. The time the test was created. + reachabilityDetails: + readOnly: true + description: >- + Output only. The reachability details of this test from the latest + run. The details are updated when creating a new test, updating an + existing test, or triggering a one-time rerun of an existing test. + $ref: '#/components/schemas/ReachabilityDetails' + relatedProjects: items: type: string - srcPortRanges: - description: Source port ranges of the route. POLICY_BASED routes only. + description: >- + Other projects that may be relevant for reachability analysis. This + is applicable to scenarios where a test can cross project + boundaries. type: array + updateTime: + readOnly: true + type: string + description: Output only. The time the test's configuration was updated. + format: google-datetime + destination: + $ref: '#/components/schemas/Endpoint' + description: >- + Required. Destination specification of the Connectivity Test. You + can use a combination of destination IP address, URI of a supported + endpoint, project ID, or VPC network to identify the destination + location. Reachability analysis proceeds even if the destination + location is ambiguous. However, the test result might include + endpoints or use a destination that you don't intend to test. + name: + description: >- + Identifier. Unique name of the resource using the form: + `projects/{project_id}/locations/global/connectivityTests/{test_id}` + type: string + probingDetails: + readOnly: true + $ref: '#/components/schemas/ProbingDetails' + description: >- + Output only. The probing details of this test from the latest run, + present for applicable tests only. The details are updated when + creating a new test, updating an existing test, or triggering a + one-time rerun of an existing test. + type: object + id: ConnectivityTest + description: A Connectivity Test for a network reachability analysis. + TestIamPermissionsRequest: + type: object + id: TestIamPermissionsRequest + description: Request message for `TestIamPermissions` method. + properties: + permissions: items: type: string - protocols: - description: Protocols of the route. POLICY_BASED routes only. type: array - items: - type: string - nccHubUri: description: >- - URI of the NCC Hub the route is advertised by. PEERING_SUBNET and - PEERING_DYNAMIC routes that are advertised by NCC Hub only. + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + FirewallInfo: + description: >- + For display only. Metadata associated with a VPC firewall rule, an + implied VPC firewall rule, or a firewall policy rule. + id: FirewallInfo + properties: + targetType: + description: Target type of the firewall rule. + enumDescriptions: + - >- + Target type is not specified. In this case we treat the rule as + applying to INSTANCES target type. + - Firewall rule applies to instances. + - Firewall rule applies to internal managed load balancers. type: string - nccSpokeUri: + enum: + - TARGET_TYPE_UNSPECIFIED + - INSTANCES + - INTERNAL_MANAGED_LB + displayName: description: >- - URI of the destination NCC Spoke. PEERING_SUBNET and PEERING_DYNAMIC - routes that are advertised by NCC Hub only. + The display name of the firewall rule. This field might be empty for + firewall policy rules. type: string - advertisedRouteSourceRouterUri: - description: >- - For ADVERTISED dynamic routes, the URI of the Cloud Router that - advertised the corresponding IP prefix. + uri: type: string - advertisedRouteNextHopUri: description: >- - For ADVERTISED routes, the URI of their next hop, i.e. the URI of - the hybrid endpoint (VPN tunnel, Interconnect attachment, NCC router - appliance) the advertised prefix is advertised through, or URI of - the source peered network. Deprecated in favor of the next_hop_uri - field, not used in new tests. - deprecated: true + The URI of the firewall rule. This field is not applicable to + implied VPC firewall rules. + action: type: string - nextHopUri: - description: URI of the next hop resource. - type: string - nextHopNetworkUri: - description: URI of a VPC network where the next hop resource is located. + description: 'Possible values: ALLOW, DENY, APPLY_SECURITY_PROFILE_GROUP' + targetServiceAccounts: + description: The target service accounts specified by the firewall rule. + type: array + items: + type: string + policyUri: type: string - originatingRouteUri: description: >- - For PEERING_SUBNET and PEERING_STATIC routes, the URI of the - originating SUBNET/STATIC route. - type: string - originatingRouteDisplayName: + The URI of the firewall policy that this rule is associated with. + This field is not applicable to VPC firewall rules and implied VPC + firewall rules. + policyPriority: description: >- - For PEERING_SUBNET, PEERING_STATIC and PEERING_DYNAMIC routes, the - name of the originating SUBNET/STATIC/DYNAMIC route. + The priority of the firewall policy that this rule is associated + with. This field is not applicable to VPC firewall rules and implied + VPC firewall rules. + type: integer + format: int32 + direction: + description: 'Possible values: INGRESS, EGRESS' type: string - nccHubRouteUri: + targetTags: description: >- - For PEERING_SUBNET and PEERING_DYNAMIC routes that are advertised by - NCC Hub, the URI of the corresponding route in NCC Hub's routing - table. - type: string - GoogleServiceInfo: - id: GoogleServiceInfo - description: >- - For display only. Details of a Google Service sending packets to a VPC - network. Although the source IP might be a publicly routable address, - some Google Services use special routes within Google production - infrastructure to reach Compute Engine Instances. - https://cloud.google.com/vpc/docs/routes#special_return_paths - type: object - properties: - sourceIp: - description: Source IP address. - type: string - googleServiceType: - description: Recognized type of a Google Service. + The target tags defined by the VPC firewall rule. This field is not + applicable to firewall policy rules. + type: array + items: + type: string + priority: + format: int32 + description: The priority of the firewall rule. + type: integer + policy: type: string + description: >- + The name of the firewall policy that this rule is associated with. + This field is not applicable to VPC firewall rules and implied VPC + firewall rules. + firewallRuleType: + description: The firewall rule's type. enumDescriptions: - - Unspecified Google Service. + - Unspecified type. - >- - Identity aware proxy. - https://cloud.google.com/iap/docs/using-tcp-forwarding + Hierarchical firewall policy rule. For details, see [Hierarchical + firewall policies + overview](https://cloud.google.com/vpc/docs/firewall-policies). - >- - One of two services sharing IP ranges: * Load Balancer proxy * - Centralized Health Check prober - https://cloud.google.com/load-balancing/docs/firewall-rules + VPC firewall rule. For details, see [VPC firewall rules + overview](https://cloud.google.com/vpc/docs/firewalls). - >- - Connectivity from Cloud DNS to forwarding targets or alternate - name servers that use private routing. - https://cloud.google.com/dns/docs/zones/forwarding-zones#firewall-rules - https://cloud.google.com/dns/docs/policies#firewall-rules - - private.googleapis.com and restricted.googleapis.com + Implied VPC firewall rule. For details, see [Implied + rules](https://cloud.google.com/vpc/docs/firewalls#default_firewall_rules). - >- - Google API via Private Service Connect. - https://cloud.google.com/vpc/docs/configure-private-service-connect-apis + Implicit firewall rules that are managed by serverless VPC access + to allow ingress access. They are not visible in the Google Cloud + console. For details, see [VPC connector's implicit + rules](https://cloud.google.com/functions/docs/networking/connecting-vpc#restrict-access). - >- - Google API via VPC Service Controls. - https://cloud.google.com/vpc/docs/configure-private-service-connect-apis + User-defined global network firewall policy rule. For details, see + [Network firewall + policies](https://cloud.google.com/vpc/docs/network-firewall-policies). - >- - Google API via Serverless VPC Access. - https://cloud.google.com/vpc/docs/serverless-vpc-access + User-defined regional network firewall policy rule. For details, + see [Regional network firewall + policies](https://cloud.google.com/firewall/docs/regional-firewall-policies). + - System-defined global network firewall policy rule. + - System-defined regional network firewall policy rule. + - >- + Firewall policy rule containing attributes not yet supported in + Connectivity tests. Firewall analysis is skipped if such a rule + can potentially be matched. Please see the [list of unsupported + configurations](https://cloud.google.com/network-intelligence-center/docs/connectivity-tests/concepts/overview#unsupported-configs). + - >- + Tracking state for response traffic created when request traffic + goes through allow firewall rule. For details, see [firewall rules + specifications](https://cloud.google.com/firewall/docs/firewalls#specifications) + - >- + Firewall analysis was skipped due to executing Connectivity Test + in the BypassFirewallChecks mode + type: string enum: - - GOOGLE_SERVICE_TYPE_UNSPECIFIED - - IAP - - GFE_PROXY_OR_HEALTH_CHECK_PROBER - - CLOUD_DNS - - GOOGLE_API - - GOOGLE_API_PSC - - GOOGLE_API_VPC_SC - - SERVERLESS_VPC_ACCESS - ForwardingRuleInfo: - id: ForwardingRuleInfo + - FIREWALL_RULE_TYPE_UNSPECIFIED + - HIERARCHICAL_FIREWALL_POLICY_RULE + - VPC_FIREWALL_RULE + - IMPLIED_VPC_FIREWALL_RULE + - SERVERLESS_VPC_ACCESS_MANAGED_FIREWALL_RULE + - NETWORK_FIREWALL_POLICY_RULE + - NETWORK_REGIONAL_FIREWALL_POLICY_RULE + - SYSTEM_NETWORK_FIREWALL_POLICY_RULE + - SYSTEM_REGIONAL_NETWORK_FIREWALL_POLICY_RULE + - UNSUPPORTED_FIREWALL_POLICY_RULE + - TRACKING_STATE + - ANALYSIS_SKIPPED + networkUri: + description: >- + The URI of the VPC network that the firewall rule is associated + with. This field is not applicable to hierarchical firewall policy + rules. + type: string + type: object + ServerlessExternalConnectionInfo: description: >- - For display only. Metadata associated with a Compute Engine forwarding - rule. + For display only. Metadata associated with a serverless public + connection. type: object properties: - displayName: - description: Name of the forwarding rule. + selectedIpAddress: + description: Selected starting IP address, from the Google dynamic address pool. type: string + id: ServerlessExternalConnectionInfo + AppEngineVersionEndpoint: + type: object + description: Wrapper for the App Engine service version attributes. + properties: uri: - description: URI of the forwarding rule. - type: string - matchedProtocol: - description: Protocol defined in the forwarding rule that matches the packet. - type: string - matchedPortRange: - description: Port range defined in the forwarding rule that matches the packet. + description: >- + An [App Engine](https://cloud.google.com/appengine) [service + version](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions) + name. type: string - vip: - description: VIP of the forwarding rule. + id: AppEngineVersionEndpoint + Endpoint: + description: Source or destination of the Connectivity Test. + properties: + cloudSqlInstance: + description: A [Cloud SQL](https://cloud.google.com/sql) instance URI. type: string - target: - description: Target type of the forwarding rule. + loadBalancerId: type: string - networkUri: - description: Network URI. + description: >- + Output only. ID of the load balancer the forwarding rule points to. + Empty for forwarding rules not related to load balancers. + readOnly: true + networkType: + enum: + - NETWORK_TYPE_UNSPECIFIED + - GCP_NETWORK + - NON_GCP_NETWORK type: string - region: description: >- - Region of the forwarding rule. Set only for regional forwarding - rules. + Type of the network where the endpoint is located. Applicable only + to source endpoint, as destination network type can be inferred from + the source. + enumDescriptions: + - Default type if unspecified. + - >- + A network hosted within Google Cloud. To receive more detailed + output, specify the URI for the source or destination network. + - >- + A network hosted outside of Google Cloud. This can be an + on-premises network, an internet resource or a network hosted by + another cloud provider. + projectId: type: string - loadBalancerName: description: >- - Name of the load balancer the forwarding rule belongs to. Empty for - forwarding rules not related to load balancers (like PSC forwarding - rules). + Project ID where the endpoint is located. The project ID can be + derived from the URI if you provide a endpoint or network URI. The + following are two cases where you may need to provide the project + ID: 1. Only the IP address is specified, and the IP address is + within a Google Cloud project. 2. When you are using Shared VPC and + the IP address that you provide is from the service project. In this + case, the network that the IP address resides in is defined in the + host project. + gkeMasterCluster: + description: >- + A cluster URI for [Google Kubernetes Engine cluster control + plane](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture). type: string - pscServiceAttachmentUri: + forwardingRule: description: >- - URI of the PSC service attachment this forwarding rule targets (if - applicable). + A forwarding rule and its corresponding IP address represent the + frontend configuration of a Google Cloud load balancer. Forwarding + rules are also used for protocol forwarding, Private Service Connect + and other network services to provide forwarding information in the + control plane. Applicable only to destination endpoint. Format: + `projects/{project}/global/forwardingRules/{id}` or + `projects/{project}/regions/{region}/forwardingRules/{id}` type: string - pscGoogleApiTarget: - description: PSC Google API target this forwarding rule targets (if applicable). + forwardingRuleTarget: + enumDescriptions: + - Forwarding rule target is unknown. + - Compute Engine instance for protocol forwarding. + - >- + Load Balancer. The specific type can be found from + load_balancer_type. + - Classic Cloud VPN Gateway. + - Forwarding Rule is a Private Service Connect endpoint. type: string - VpnGatewayInfo: - id: VpnGatewayInfo - description: For display only. Metadata associated with a Compute Engine VPN gateway. - type: object - properties: - displayName: - description: Name of a VPN gateway. + enum: + - FORWARDING_RULE_TARGET_UNSPECIFIED + - INSTANCE + - LOAD_BALANCER + - VPN_GATEWAY + - PSC + readOnly: true + description: >- + Output only. Specifies the type of the target of the forwarding + rule. + network: + description: A VPC network URI. type: string - uri: - description: URI of a VPN gateway. + cloudFunction: + description: >- + A [Cloud Function](https://cloud.google.com/functions). Applicable + only to source endpoint. + $ref: '#/components/schemas/CloudFunctionEndpoint' + redisCluster: type: string - networkUri: - description: URI of a Compute Engine network where the VPN gateway is configured. + description: >- + A [Redis Cluster](https://cloud.google.com/memorystore/docs/cluster) + URI. Applicable only to destination endpoint. + port: + format: int32 + type: integer + description: >- + The IP protocol port of the endpoint. Only applicable when protocol + is TCP or UDP. + cloudRunRevision: + description: >- + A [Cloud Run](https://cloud.google.com/run) + [revision](https://cloud.google.com/run/docs/reference/rest/v1/namespaces.revisions/get) + Applicable only to source endpoint. + $ref: '#/components/schemas/CloudRunRevisionEndpoint' + redisInstance: + description: >- + A [Redis Instance](https://cloud.google.com/memorystore/docs/redis) + URI. Applicable only to destination endpoint. type: string ipAddress: - description: IP address of the VPN gateway. + description: >- + The IP address of the endpoint, which can be an external or internal + IP. type: string - vpnTunnelUri: + loadBalancerType: + enumDescriptions: + - >- + Forwarding rule points to a different target than a load balancer + or a load balancer type is unknown. + - Global external HTTP(S) load balancer. + - Global external HTTP(S) load balancer (classic) + - Regional external HTTP(S) load balancer. + - Internal HTTP(S) load balancer. + - External SSL proxy load balancer. + - External TCP proxy load balancer. + - Internal regional TCP proxy load balancer. + - External TCP/UDP Network load balancer. + - Target-pool based external TCP/UDP Network load balancer. + - Internal TCP/UDP load balancer. + type: string + readOnly: true + enum: + - LOAD_BALANCER_TYPE_UNSPECIFIED + - HTTPS_ADVANCED_LOAD_BALANCER + - HTTPS_LOAD_BALANCER + - REGIONAL_HTTPS_LOAD_BALANCER + - INTERNAL_HTTPS_LOAD_BALANCER + - SSL_PROXY_LOAD_BALANCER + - TCP_PROXY_LOAD_BALANCER + - INTERNAL_TCP_PROXY_LOAD_BALANCER + - NETWORK_LOAD_BALANCER + - LEGACY_NETWORK_LOAD_BALANCER + - TCP_UDP_INTERNAL_LOAD_BALANCER description: >- - A VPN tunnel that is associated with this VPN gateway. There may be - multiple VPN tunnels configured on a VPN gateway, and only the one - relevant to the test is displayed. + Output only. Type of the load balancer the forwarding rule points + to. + instance: + description: A Compute Engine instance URI. type: string - region: - description: Name of a Google Cloud region where this VPN gateway is configured. + fqdn: + description: >- + DNS endpoint of [Google Kubernetes Engine cluster control + plane](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture). + Requires gke_master_cluster to be set, can't be used simultaneoulsly + with ip_address or network. Applicable only to destination endpoint. type: string - VpnTunnelInfo: - id: VpnTunnelInfo - description: For display only. Metadata associated with a Compute Engine VPN tunnel. + appEngineVersion: + $ref: '#/components/schemas/AppEngineVersionEndpoint' + description: >- + An [App Engine](https://cloud.google.com/appengine) [service + version](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions). + Applicable only to source endpoint. + id: Endpoint type: object + HybridSubnetInfo: + id: HybridSubnetInfo properties: - displayName: - description: Name of a VPN tunnel. + region: type: string + description: Name of a Google Cloud region where the hybrid subnet is configured. uri: - description: URI of a VPN tunnel. + description: URI of a hybrid subnet. type: string - sourceGateway: - description: URI of the VPN gateway at local end of the tunnel. + displayName: + description: Name of a hybrid subnet. type: string - remoteGateway: - description: URI of a VPN gateway at remote end of the tunnel. + description: For display only. Metadata associated with a hybrid subnet. + type: object + StorageBucketInfo: + description: For display only. Metadata associated with Storage Bucket. + properties: + bucket: type: string - remoteGatewayIp: - description: Remote VPN gateway's IP address. + description: Cloud Storage Bucket name. + id: StorageBucketInfo + type: object + RerunConnectivityTestRequest: + properties: {} + description: Request for the `RerunConnectivityTest` method. + id: RerunConnectivityTestRequest + type: object + LatencyDistribution: + description: Describes measured latency distribution. + properties: + latencyPercentiles: + description: Representative latency percentiles. + items: + $ref: '#/components/schemas/LatencyPercentile' + type: array + id: LatencyDistribution + type: object + NatInfo: + description: For display only. Metadata associated with NAT. + type: object + id: NatInfo + properties: + routerUri: type: string - sourceGatewayIp: - description: Local VPN gateway's IP address. + description: Uri of the Cloud Router. Only valid when type is CLOUD_NAT. + oldDestinationIp: type: string - networkUri: - description: URI of a Compute Engine network where the VPN tunnel is configured. + description: Destination IP address before NAT translation. + newDestinationPort: + description: >- + Destination port after NAT translation. Only valid when protocol is + TCP or UDP. + format: int32 + type: integer + oldDestinationPort: + description: >- + Destination port before NAT translation. Only valid when protocol is + TCP or UDP. + type: integer + format: int32 + protocol: type: string - region: - description: Name of a Google Cloud region where this VPN tunnel is configured. + description: 'IP protocol in string format, for example: "TCP", "UDP", "ICMP".' + oldSourceIp: + description: Source IP address before NAT translation. type: string - routingType: - description: Type of the routing policy. + newSourceIp: + type: string + description: Source IP address after NAT translation. + newSourcePort: + description: >- + Source port after NAT translation. Only valid when protocol is TCP + or UDP. + type: integer + format: int32 + oldSourcePort: + description: >- + Source port before NAT translation. Only valid when protocol is TCP + or UDP. + format: int32 + type: integer + networkUri: + description: URI of the network where NAT translation takes place. type: string + newDestinationIp: + description: Destination IP address after NAT translation. + type: string + type: enumDescriptions: - - Unspecified type. Default value. - - Route based VPN. - - Policy based routing. - - Dynamic (BGP) routing. + - Type is unspecified. + - >- + From Compute Engine instance's internal address to external + address. + - >- + From Compute Engine instance's external address to internal + address. + - Cloud NAT Gateway. + - Private service connect NAT. + - GKE Pod IP address masquerading. + description: Type of NAT. + type: string enum: - - ROUTING_TYPE_UNSPECIFIED - - ROUTE_BASED - - POLICY_BASED - - DYNAMIC - InterconnectAttachmentInfo: - id: InterconnectAttachmentInfo - description: For display only. Metadata associated with an Interconnect attachment. - type: object + - TYPE_UNSPECIFIED + - INTERNAL_TO_EXTERNAL + - EXTERNAL_TO_INTERNAL + - CLOUD_NAT + - PRIVATE_SERVICE_CONNECT + - GKE_POD_IP_MASQUERADING + natGatewayName: + description: The name of Cloud NAT Gateway. Only valid when type is CLOUD_NAT. + type: string + GKEMasterInfo: properties: - displayName: - description: Name of an Interconnect attachment. + clusterNetworkUri: type: string - uri: - description: URI of an Interconnect attachment. + description: URI of a GKE cluster network. + clusterUri: type: string - interconnectUri: - description: >- - URI of the Interconnect where the Interconnect attachment is - configured. + description: URI of a GKE cluster. + dnsEndpoint: + description: DNS endpoint of a GKE cluster control plane. type: string - region: - description: >- - Name of a Google Cloud region where the Interconnect attachment is - configured. + internalIp: + description: Internal IP address of a GKE cluster control plane. type: string - cloudRouterUri: - description: URI of the Cloud Router to be used for dynamic routing. + externalIp: + description: External IP address of a GKE cluster control plane. type: string - VpcConnectorInfo: - id: VpcConnectorInfo - description: For display only. Metadata associated with a VPC connector. + description: >- + For display only. Metadata associated with a Google Kubernetes Engine + (GKE) cluster master. + type: object + id: GKEMasterInfo + AppEngineVersionInfo: + id: AppEngineVersionInfo type: object properties: displayName: - description: Name of a VPC connector. + description: Name of an App Engine version. + type: string + environment: + description: App Engine execution environment for a version. type: string uri: - description: URI of a VPC connector. + description: URI of an App Engine version. type: string - location: - description: Location in which the VPC connector is deployed. + runtime: type: string - DirectVpcEgressConnectionInfo: - id: DirectVpcEgressConnectionInfo - description: >- - For display only. Metadata associated with a serverless direct VPC - egress connection. - type: object - properties: - networkUri: - description: URI of direct access network. - type: string - subnetworkUri: - description: URI of direct access subnetwork. - type: string - selectedIpRange: - description: Selected IP range. - type: string - selectedIpAddress: - description: Selected starting IP address, from the selected IP range. - type: string - region: - description: Region in which the Direct VPC egress is deployed. - type: string - ServerlessExternalConnectionInfo: - id: ServerlessExternalConnectionInfo + description: Runtime of the App Engine version. + description: For display only. Metadata associated with an App Engine version. + GoogleServiceInfo: description: >- - For display only. Metadata associated with a serverless public - connection. - type: object - properties: - selectedIpAddress: - description: Selected starting IP address, from the Google dynamic address pool. - type: string - DeliverInfo: - id: DeliverInfo - description: Details of the final state "deliver" and associated resource. + For display only. Details of a Google Service sending packets to a VPC + network. Although the source IP might be a publicly routable address, + some Google Services use special routes within Google production + infrastructure to reach Compute Engine Instances. + https://cloud.google.com/vpc/docs/routes#special_return_paths type: object properties: - target: - description: Target type where the packet is delivered to. - type: string - enumDescriptions: - - Target not specified. - - Target is a Compute Engine instance. - - Target is the internet. - - Target is a Google API. - - Target is a Google Kubernetes Engine cluster master. - - Target is a Cloud SQL instance. - - >- - Target is a published service that uses [Private Service - Connect](https://cloud.google.com/vpc/docs/configure-private-service-connect-services). - - >- - Target is Google APIs that use [Private Service - Connect](https://cloud.google.com/vpc/docs/configure-private-service-connect-apis). - - >- - Target is a VPC-SC that uses [Private Service - Connect](https://cloud.google.com/vpc/docs/configure-private-service-connect-apis). - - Target is a serverless network endpoint group. - - Target is a Cloud Storage bucket. - - Target is a private network. Used only for return traces. - - Target is a Cloud Function. Used only for return traces. - - >- - Target is a App Engine service version. Used only for return - traces. - - Target is a Cloud Run revision. Used only for return traces. - - Target is a Google-managed service. Used only for return traces. - - Target is a Redis Instance. - - Target is a Redis Cluster. + googleServiceType: enum: - - TARGET_UNSPECIFIED - - INSTANCE - - INTERNET + - GOOGLE_SERVICE_TYPE_UNSPECIFIED + - IAP + - GFE_PROXY_OR_HEALTH_CHECK_PROBER + - CLOUD_DNS - GOOGLE_API - - GKE_MASTER - - CLOUD_SQL_INSTANCE - - PSC_PUBLISHED_SERVICE - - PSC_GOOGLE_API - - PSC_VPC_SC - - SERVERLESS_NEG - - STORAGE_BUCKET - - PRIVATE_NETWORK - - CLOUD_FUNCTION - - APP_ENGINE_VERSION - - CLOUD_RUN_REVISION - - GOOGLE_MANAGED_SERVICE - - REDIS_INSTANCE - - REDIS_CLUSTER - resourceUri: - description: URI of the resource that the packet is delivered to. - type: string - ipAddress: - description: IP address of the target (if applicable). - type: string - storageBucket: - description: >- - Name of the Cloud Storage Bucket the packet is delivered to (if - applicable). - type: string - pscGoogleApiTarget: - description: PSC Google API target the packet is delivered to (if applicable). - type: string - googleServiceType: - description: >- - Recognized type of a Google Service the packet is delivered to (if - applicable). - type: string + - GOOGLE_API_PSC + - GOOGLE_API_VPC_SC + - SERVERLESS_VPC_ACCESS + description: Recognized type of a Google Service. enumDescriptions: - Unspecified Google Service. - >- @@ -2173,318 +1823,341 @@ components: - >- Google API via Private Service Connect. https://cloud.google.com/vpc/docs/configure-private-service-connect-apis + - >- + Google API via VPC Service Controls. + https://cloud.google.com/vpc/docs/configure-private-service-connect-apis + - >- Google API via Serverless VPC Access. https://cloud.google.com/vpc/docs/serverless-vpc-access - enum: - - GOOGLE_SERVICE_TYPE_UNSPECIFIED - - IAP - - GFE_PROXY_OR_HEALTH_CHECK_PROBER - - CLOUD_DNS - - PRIVATE_GOOGLE_ACCESS - - SERVERLESS_VPC_ACCESS - ForwardInfo: - id: ForwardInfo - description: Details of the final state "forward" and associated resource. + type: string + sourceIp: + description: Source IP address. + type: string + id: GoogleServiceInfo + LoadBalancerInfo: type: object + description: For display only. Metadata associated with a load balancer. properties: - target: - description: Target type where this packet is forwarded to. + loadBalancerType: type: string + description: Type of the load balancer. + enum: + - LOAD_BALANCER_TYPE_UNSPECIFIED + - INTERNAL_TCP_UDP + - NETWORK_TCP_UDP + - HTTP_PROXY + - TCP_PROXY + - SSL_PROXY enumDescriptions: - - Target not specified. - - Forwarded to a VPC peering network. - - Forwarded to a Cloud VPN gateway. - - Forwarded to a Cloud Interconnect connection. - - Forwarded to a Google Kubernetes Engine Container cluster master. - - >- - Forwarded to the next hop of a custom route imported from a - peering VPC. - - Forwarded to a Cloud SQL instance. - - Forwarded to a VPC network in another project. - - Forwarded to an NCC Hub. - - Forwarded to a router appliance. - - Forwarded to a Secure Web Proxy Gateway. - enumDeprecated: - - false - - false - - false - - false - - true - - false - - true - - false - - false - - false - - false + - Type is unspecified. + - Internal TCP/UDP load balancer. + - Network TCP/UDP load balancer. + - HTTP(S) proxy load balancer. + - TCP proxy load balancer. + - SSL proxy load balancer. + healthCheckUri: + deprecated: true + type: string + description: >- + URI of the health check for the load balancer. Deprecated and no + longer populated as different load balancer backends might have + different health checks. + backendUri: + description: Backend configuration URI. + type: string + backendType: + description: Type of load balancer's backend configuration. + enumDescriptions: + - Type is unspecified. + - Backend Service as the load balancer's backend. + - Target Pool as the load balancer's backend. + - Target Instance as the load balancer's backend. enum: - - TARGET_UNSPECIFIED - - PEERING_VPC - - VPN_GATEWAY - - INTERCONNECT - - GKE_MASTER - - IMPORTED_CUSTOM_ROUTE_NEXT_HOP - - CLOUD_SQL_INSTANCE - - ANOTHER_PROJECT - - NCC_HUB - - ROUTER_APPLIANCE - - SECURE_WEB_PROXY_GATEWAY - resourceUri: - description: URI of the resource that the packet is forwarded to. + - BACKEND_TYPE_UNSPECIFIED + - BACKEND_SERVICE + - TARGET_POOL + - TARGET_INSTANCE type: string - ipAddress: - description: IP address of the target (if applicable). + backends: + items: + $ref: '#/components/schemas/LoadBalancerBackend' + description: Information for the loadbalancer backends. + type: array + id: LoadBalancerInfo + RedisClusterInfo: + type: object + properties: + location: + description: >- + Name of the region in which the Redis Cluster is defined. For + example, "us-central1". type: string - AbortInfo: - id: AbortInfo - description: Details of the final state "abort" and associated resource. + secondaryEndpointIpAddress: + type: string + description: Secondary endpoint IP address of a Redis Cluster. + discoveryEndpointIpAddress: + type: string + description: Discovery endpoint IP address of a Redis Cluster. + uri: + description: >- + URI of a Redis Cluster in format + "projects/{project_id}/locations/{location}/clusters/{cluster_id}" + type: string + networkUri: + type: string + description: >- + URI of the network containing the Redis Cluster endpoints in format + "projects/{project_id}/global/networks/{network_id}". + displayName: + type: string + description: Name of a Redis Cluster. + description: For display only. Metadata associated with a Redis Cluster. + id: RedisClusterInfo + NetworkInfo: type: object properties: - cause: - description: Causes that the analysis is aborted. + displayName: type: string - enumDescriptions: - - Cause is unspecified. - - >- - Aborted due to unknown network. Deprecated, not used in the new - tests. + description: Name of a Compute Engine network. + matchedIpRange: + description: >- + The IP range of the subnet matching the source IP address of the + test. + type: string + region: + type: string + description: The region of the subnet matching the source IP address of the test. + uri: + description: URI of a Compute Engine network. + type: string + matchedSubnetUri: + type: string + description: URI of the subnet matching the source IP address of the test. + description: For display only. Metadata associated with a Compute Engine network. + id: NetworkInfo + InstanceInfo: + type: object + properties: + networkTags: + items: + type: string + description: Network tags configured on the instance. + type: array + running: + type: boolean + description: >- + Indicates whether the Compute Engine instance is running. + Deprecated: use the `status` field instead. + deprecated: true + interface: + description: Name of the network interface of a Compute Engine instance. + type: string + internalIp: + type: string + description: Internal IP address of the network interface. + networkUri: + type: string + description: URI of a Compute Engine network. + pscNetworkAttachmentUri: + description: >- + URI of the PSC network attachment the NIC is attached to (if + relevant). + type: string + uri: + description: URI of a Compute Engine instance. + type: string + externalIp: + type: string + description: External IP address of the network interface. + displayName: + type: string + description: Name of a Compute Engine instance. + status: + enum: + - STATUS_UNSPECIFIED + - RUNNING + - NOT_RUNNING + enumDescriptions: + - Default unspecified value. + - The instance is running. + - The instance has any status other than "RUNNING". + description: The status of the instance. + type: string + serviceAccount: + deprecated: true + description: Service account authorized for the instance. + type: string + id: InstanceInfo + description: For display only. Metadata associated with a Compute Engine instance. + CloudFunctionInfo: + properties: + uri: + description: URI of a Cloud Function. + type: string + versionId: + format: int64 + type: string + description: Latest successfully deployed version id of the Cloud Function. + displayName: + type: string + description: Name of a Cloud Function. + location: + description: Location in which the Cloud Function is deployed. + type: string + type: object + description: For display only. Metadata associated with a Cloud Function. + id: CloudFunctionInfo + ServerlessNegInfo: + type: object + properties: + negUri: + type: string + description: URI of the serverless network endpoint group. + id: ServerlessNegInfo + description: >- + For display only. Metadata associated with the serverless network + endpoint group backend. + RedisInstanceInfo: + id: RedisInstanceInfo + type: object + description: For display only. Metadata associated with a Cloud Redis Instance. + properties: + readEndpointIp: + description: Read endpoint IP address of a Cloud Redis Instance (if applicable). + type: string + displayName: + description: Name of a Cloud Redis Instance. + type: string + primaryEndpointIp: + description: Primary endpoint IP address of a Cloud Redis Instance. + type: string + region: + description: Region in which the Cloud Redis Instance is defined. + type: string + uri: + type: string + description: URI of a Cloud Redis Instance. + networkUri: + description: URI of a Cloud Redis Instance network. + type: string + LoadBalancerBackendInfo: + id: LoadBalancerBackendInfo + properties: + backendServiceUri: + description: URI of the backend service this backend belongs to (if applicable). + type: string + pscGoogleApiTarget: + description: PSC Google API target this PSC NEG backend targets (if applicable). + type: string + backendBucketUri: + description: URI of the backend bucket this backend targets (if applicable). + type: string + networkEndpointGroupUri: + description: >- + URI of the network endpoint group this backend belongs to (if + applicable). + type: string + name: + type: string + description: >- + Display name of the backend. For example, it might be an instance + name for the instance group backends, or an IP address and port for + zonal network endpoint group backends. + pscServiceAttachmentUri: + type: string + description: >- + URI of the PSC service attachment this PSC NEG backend targets (if + applicable). + instanceUri: + type: string + description: >- + URI of the backend instance (if applicable). Populated for instance + group backends, and zonal NEG backends. + healthCheckUri: + description: URI of the health check attached to this backend (if applicable). + type: string + instanceGroupUri: + type: string + description: URI of the instance group this backend belongs to (if applicable). + healthCheckFirewallsConfigState: + description: >- + Output only. Health check firewalls configuration state for the + backend. This is a result of the static firewall analysis (verifying + that health check traffic from required IP ranges to the backend is + allowed or not). The backend might still be unhealthy even if these + firewalls are configured. Please refer to the documentation for more + information: + https://cloud.google.com/load-balancing/docs/firewall-rules + type: string + enumDescriptions: - >- - Aborted because no project information can be derived from the - test input. Deprecated, not used in the new tests. + Configuration state unspecified. It usually means that the backend + has no health check attached, or there was an unexpected + configuration error preventing Connectivity tests from verifying + health check configuration. - >- - Aborted because traffic is sent from a public IP to an instance - without an external IP. Deprecated, not used in the new tests. + Firewall rules (policies) allowing health check traffic from all + required IP ranges to the backend are configured. - >- - Aborted because none of the traces matches destination information - specified in the input test request. Deprecated, not used in the - new tests. + Firewall rules (policies) allow health check traffic only from a + part of required IP ranges. - >- - Aborted because the source endpoint could not be found. - Deprecated, not used in the new tests. + Firewall rules (policies) deny health check traffic from all + required IP ranges to the backend. - >- - Aborted because the source network does not match the source - endpoint. Deprecated, not used in the new tests. + The network contains firewall rules of unsupported types, so + Connectivity tests were not able to verify health check + configuration status. Please refer to the documentation for the + list of unsupported configurations: + https://cloud.google.com/network-intelligence-center/docs/connectivity-tests/concepts/overview#unsupported-configs + enum: + - HEALTH_CHECK_FIREWALLS_CONFIG_STATE_UNSPECIFIED + - FIREWALLS_CONFIGURED + - FIREWALLS_PARTIALLY_CONFIGURED + - FIREWALLS_NOT_CONFIGURED + - FIREWALLS_UNSUPPORTED + readOnly: true + type: object + description: For display only. Metadata associated with the load balancer backend. + DropInfo: + id: DropInfo + properties: + cause: + type: string + enumDescriptions: + - Cause is unspecified. - >- - Aborted because the destination endpoint could not be found. - Deprecated, not used in the new tests. + Destination external address cannot be resolved to a known target. + If the address is used in a Google Cloud project, provide the + project ID as test input. - >- - Aborted because the destination network does not match the - destination endpoint. Deprecated, not used in the new tests. + A Compute Engine instance can only send or receive a packet with a + foreign IP address if ip_forward is enabled. - >- - Aborted because no endpoint with the packet's destination IP - address is found. + Dropped due to a firewall rule, unless allowed due to connection + tracking. + - Dropped due to no matching routes. + - Dropped due to invalid route. Route's next hop is a blackhole. - >- - Aborted because no endpoint with the packet's destination IP is - found in the Google-managed project. + Packet is sent to a wrong (unintended) network. Example: you trace + a packet from VM1:Network1 to VM2:Network2, however, the route + configured in Network1 sends the packet destined for VM2's IP + address to Network3. + - Route's next hop IP address cannot be resolved to a GCP resource. + - Route's next hop resource is not found. - >- - Aborted because the source IP address doesn't belong to any of the - subnets of the source VPC network. + Route's next hop instance doesn't have a NIC in the route's + network. - >- - Aborted because user lacks permission to access all or part of the - network configurations required to run the test. + Route's next hop IP address is not a primary IP address of the + next hop instance. - >- - Aborted because user lacks permission to access Cloud NAT configs - required to run the test. + Route's next hop forwarding rule doesn't match next hop IP + address. + - Route's next hop VPN tunnel is down (does not have valid IKE SAs). - >- - Aborted because user lacks permission to access Network endpoint - group endpoint configs required to run the test. - - >- - Aborted because user lacks permission to access Cloud Router - configs required to run the test. - - >- - Aborted because no valid source or destination endpoint is derived - from the input test request. - - >- - Aborted because the source or destination endpoint specified in - the request is invalid. Some examples: - The request might contain - malformed resource URI, project ID, or IP address. - The request - might contain inconsistent information (for example, the request - might include both the instance and the network, but the instance - might not have a NIC in that network). - - >- - Aborted because the number of steps in the trace exceeds a certain - limit. It might be caused by a routing loop. - - Aborted due to internal server error. - - Aborted because the test scenario is not supported. - - >- - Aborted because the source and destination resources have no - common IP version. - - >- - Aborted because the connection between the control plane and the - node of the source cluster is initiated by the node and managed by - the Konnectivity proxy. - - Aborted because expected resource configuration was missing. - - Aborted because expected VM instance configuration was missing. - - Aborted because expected network configuration was missing. - - Aborted because expected firewall configuration was missing. - - Aborted because expected route configuration was missing. - - >- - Aborted because PSC endpoint selection for the Google-managed - service is ambiguous (several PSC endpoints satisfy test input). - - >- - Aborted because endpoint selection for the Google-managed service - is ambiguous (several endpoints satisfy test input). - - >- - Aborted because tests with a PSC-based Cloud SQL instance as a - source are not supported. - - >- - Aborted because tests with a Redis Cluster as a source are not - supported. - - >- - Aborted because tests with a Redis Instance as a source are not - supported. - - >- - Aborted because tests with a forwarding rule as a source are not - supported. - - >- - Aborted because one of the endpoints is a non-routable IP address - (loopback, link-local, etc). - - Aborted due to an unknown issue in the Google-managed project. - - >- - Aborted due to an unsupported configuration of the Google-managed - project. - - >- - Aborted because the source endpoint is a Cloud Run revision with - direct VPC access enabled, but there are no reserved serverless IP - ranges. - - >- - Aborted because the used protocol is not supported for the used IP - version. - enumDeprecated: - - false - - true - - true - - true - - true - - true - - true - - true - - true - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - enum: - - CAUSE_UNSPECIFIED - - UNKNOWN_NETWORK - - UNKNOWN_PROJECT - - NO_EXTERNAL_IP - - UNINTENDED_DESTINATION - - SOURCE_ENDPOINT_NOT_FOUND - - MISMATCHED_SOURCE_NETWORK - - DESTINATION_ENDPOINT_NOT_FOUND - - MISMATCHED_DESTINATION_NETWORK - - UNKNOWN_IP - - GOOGLE_MANAGED_SERVICE_UNKNOWN_IP - - SOURCE_IP_ADDRESS_NOT_IN_SOURCE_NETWORK - - PERMISSION_DENIED - - PERMISSION_DENIED_NO_CLOUD_NAT_CONFIGS - - PERMISSION_DENIED_NO_NEG_ENDPOINT_CONFIGS - - PERMISSION_DENIED_NO_CLOUD_ROUTER_CONFIGS - - NO_SOURCE_LOCATION - - INVALID_ARGUMENT - - TRACE_TOO_LONG - - INTERNAL_ERROR - - UNSUPPORTED - - MISMATCHED_IP_VERSION - - GKE_KONNECTIVITY_PROXY_UNSUPPORTED - - RESOURCE_CONFIG_NOT_FOUND - - VM_INSTANCE_CONFIG_NOT_FOUND - - NETWORK_CONFIG_NOT_FOUND - - FIREWALL_CONFIG_NOT_FOUND - - ROUTE_CONFIG_NOT_FOUND - - GOOGLE_MANAGED_SERVICE_AMBIGUOUS_PSC_ENDPOINT - - GOOGLE_MANAGED_SERVICE_AMBIGUOUS_ENDPOINT - - SOURCE_PSC_CLOUD_SQL_UNSUPPORTED - - SOURCE_REDIS_CLUSTER_UNSUPPORTED - - SOURCE_REDIS_INSTANCE_UNSUPPORTED - - SOURCE_FORWARDING_RULE_UNSUPPORTED - - NON_ROUTABLE_IP_ADDRESS - - UNKNOWN_ISSUE_IN_GOOGLE_MANAGED_PROJECT - - UNSUPPORTED_GOOGLE_MANAGED_PROJECT_CONFIG - - NO_SERVERLESS_IP_RANGES - - IP_VERSION_PROTOCOL_MISMATCH - resourceUri: - description: URI of the resource that caused the abort. - type: string - ipAddress: - description: IP address that caused the abort. - type: string - projectsMissingPermission: - description: >- - List of project IDs the user specified in the request but lacks - access to. In this case, analysis is aborted with the - PERMISSION_DENIED cause. - type: array - items: - type: string - DropInfo: - id: DropInfo - description: Details of the final state "drop" and associated resource. - type: object - properties: - cause: - description: Cause that the packet is dropped. - type: string - enumDescriptions: - - Cause is unspecified. - - >- - Destination external address cannot be resolved to a known target. - If the address is used in a Google Cloud project, provide the - project ID as test input. - - >- - A Compute Engine instance can only send or receive a packet with a - foreign IP address if ip_forward is enabled. - - >- - Dropped due to a firewall rule, unless allowed due to connection - tracking. - - Dropped due to no matching routes. - - Dropped due to invalid route. Route's next hop is a blackhole. - - >- - Packet is sent to a wrong (unintended) network. Example: you trace - a packet from VM1:Network1 to VM2:Network2, however, the route - configured in Network1 sends the packet destined for VM2's IP - address to Network3. - - Route's next hop IP address cannot be resolved to a GCP resource. - - Route's next hop resource is not found. - - >- - Route's next hop instance doesn't have a NIC in the route's - network. - - >- - Route's next hop IP address is not a primary IP address of the - next hop instance. - - >- - Route's next hop forwarding rule doesn't match next hop IP - address. - - Route's next hop VPN tunnel is down (does not have valid IKE SAs). - - >- - Route's next hop forwarding rule type is invalid (it's not a - forwarding rule of the internal passthrough load balancer). + Route's next hop forwarding rule type is invalid (it's not a + forwarding rule of the internal passthrough load balancer). - >- Packet is sent from the Internet or Google service to the private IPv6 address. @@ -2733,6 +2406,27 @@ components: - >- Packet is dropped by Cloud NAT due to using an unsupported protocol. + - >- + Packet is dropped due to using an unsupported protocol (any other + than UDP) for L2 Interconnect. + - >- + Packet is dropped due to using an unsupported port (any other than + 6081) for L2 Interconnect. + - >- + Packet is dropped due to destination IP not matching the appliance + mapping IPs configured on the L2 Interconnect attachment. + - >- + Packet could be dropped because it matches a route associated with + an NCC spoke in the hybrid subnet context, but such a + configuration is not supported. + - >- + Packet is dropped because the region of the hybrid subnet is + different from the region of the next hop of the route matched + within this hybrid subnet. + - >- + Packet is dropped because no matching route was found in the + hybrid subnet. + description: Cause that the packet is dropped. enum: - CAUSE_UNSPECIFIED - UNKNOWN_EXTERNAL_ADDRESS @@ -2792,673 +2486,302 @@ components: - PSC_ENDPOINT_ACCESSED_FROM_PEERED_NETWORK - PSC_NEG_PRODUCER_ENDPOINT_NO_GLOBAL_ACCESS - PSC_NEG_PRODUCER_FORWARDING_RULE_MULTIPLE_PORTS - - CLOUD_SQL_PSC_NEG_UNSUPPORTED - - NO_NAT_SUBNETS_FOR_PSC_SERVICE_ATTACHMENT - - PSC_TRANSITIVITY_NOT_PROPAGATED - - HYBRID_NEG_NON_DYNAMIC_ROUTE_MATCHED - - HYBRID_NEG_NON_LOCAL_DYNAMIC_ROUTE_MATCHED - - CLOUD_RUN_REVISION_NOT_READY - - DROPPED_INSIDE_PSC_SERVICE_PRODUCER - - LOAD_BALANCER_HAS_NO_PROXY_SUBNET - - CLOUD_NAT_NO_ADDRESSES - - ROUTING_LOOP - - DROPPED_INSIDE_GOOGLE_MANAGED_SERVICE - - LOAD_BALANCER_BACKEND_INVALID_NETWORK - - BACKEND_SERVICE_NAMED_PORT_NOT_DEFINED - - DESTINATION_IS_PRIVATE_NAT_IP_RANGE - - DROPPED_INSIDE_REDIS_INSTANCE_SERVICE - - REDIS_INSTANCE_UNSUPPORTED_PORT - - REDIS_INSTANCE_CONNECTING_FROM_PUPI_ADDRESS - - REDIS_INSTANCE_NO_ROUTE_TO_DESTINATION_NETWORK - - REDIS_INSTANCE_NO_EXTERNAL_IP - - REDIS_INSTANCE_UNSUPPORTED_PROTOCOL - - DROPPED_INSIDE_REDIS_CLUSTER_SERVICE - - REDIS_CLUSTER_UNSUPPORTED_PORT - - REDIS_CLUSTER_NO_EXTERNAL_IP - - REDIS_CLUSTER_UNSUPPORTED_PROTOCOL - - NO_ADVERTISED_ROUTE_TO_GCP_DESTINATION - - NO_TRAFFIC_SELECTOR_TO_GCP_DESTINATION - - NO_KNOWN_ROUTE_FROM_PEERED_NETWORK_TO_DESTINATION - - PRIVATE_NAT_TO_PSC_ENDPOINT_UNSUPPORTED - - PSC_PORT_MAPPING_PORT_MISMATCH - - PSC_PORT_MAPPING_WITHOUT_PSC_CONNECTION_UNSUPPORTED - - UNSUPPORTED_ROUTE_MATCHED_FOR_NAT64_DESTINATION - - TRAFFIC_FROM_HYBRID_ENDPOINT_TO_INTERNET_DISALLOWED - - NO_MATCHING_NAT64_GATEWAY - - LOAD_BALANCER_BACKEND_IP_VERSION_MISMATCH - - NO_KNOWN_ROUTE_FROM_NCC_NETWORK_TO_DESTINATION - - CLOUD_NAT_PROTOCOL_UNSUPPORTED - resourceUri: - description: URI of the resource that caused the drop. - type: string - sourceIp: - description: Source IP address of the dropped packet (if relevant). - type: string - destinationIp: - description: Destination IP address of the dropped packet (if relevant). - type: string - region: - description: Region of the dropped packet (if relevant). - type: string - sourceGeolocationCode: - description: Geolocation (region code) of the source IP address (if relevant). - type: string - destinationGeolocationCode: - description: >- - Geolocation (region code) of the destination IP address (if - relevant). - type: string - LoadBalancerInfo: - id: LoadBalancerInfo - description: For display only. Metadata associated with a load balancer. - type: object - properties: - loadBalancerType: - description: Type of the load balancer. - type: string - enumDescriptions: - - Type is unspecified. - - Internal TCP/UDP load balancer. - - Network TCP/UDP load balancer. - - HTTP(S) proxy load balancer. - - TCP proxy load balancer. - - SSL proxy load balancer. - enum: - - LOAD_BALANCER_TYPE_UNSPECIFIED - - INTERNAL_TCP_UDP - - NETWORK_TCP_UDP - - HTTP_PROXY - - TCP_PROXY - - SSL_PROXY - healthCheckUri: - description: >- - URI of the health check for the load balancer. Deprecated and no - longer populated as different load balancer backends might have - different health checks. - deprecated: true - type: string - backends: - description: Information for the loadbalancer backends. - type: array - items: - $ref: '#/components/schemas/LoadBalancerBackend' - backendType: - description: Type of load balancer's backend configuration. - type: string - enumDescriptions: - - Type is unspecified. - - Backend Service as the load balancer's backend. - - Target Pool as the load balancer's backend. - - Target Instance as the load balancer's backend. - enum: - - BACKEND_TYPE_UNSPECIFIED - - BACKEND_SERVICE - - TARGET_POOL - - TARGET_INSTANCE - backendUri: - description: Backend configuration URI. - type: string - LoadBalancerBackend: - id: LoadBalancerBackend - description: >- - For display only. Metadata associated with a specific load balancer - backend. - type: object - properties: - displayName: - description: Name of a Compute Engine instance or network endpoint. - type: string - uri: - description: URI of a Compute Engine instance or network endpoint. - type: string - healthCheckFirewallState: - description: State of the health check firewall configuration. - type: string - enumDescriptions: - - State is unspecified. Default state if not populated. - - >- - There are configured firewall rules to allow health check probes - to the backend. - - >- - There are firewall rules configured to allow partial health check - ranges or block all health check ranges. If a health check probe - is sent from denied IP ranges, the health check to the backend - will fail. Then, the backend will be marked unhealthy and will not - receive traffic sent to the load balancer. - enum: - - HEALTH_CHECK_FIREWALL_STATE_UNSPECIFIED - - CONFIGURED - - MISCONFIGURED - healthCheckAllowingFirewallRules: - description: >- - A list of firewall rule URIs allowing probes from health check IP - ranges. - type: array - items: - type: string - healthCheckBlockingFirewallRules: - description: >- - A list of firewall rule URIs blocking probes from health check IP - ranges. - type: array - items: - type: string - NetworkInfo: - id: NetworkInfo - description: For display only. Metadata associated with a Compute Engine network. - type: object - properties: - displayName: - description: Name of a Compute Engine network. - type: string - uri: - description: URI of a Compute Engine network. - type: string - matchedSubnetUri: - description: URI of the subnet matching the source IP address of the test. - type: string - matchedIpRange: - description: >- - The IP range of the subnet matching the source IP address of the - test. - type: string - region: - description: The region of the subnet matching the source IP address of the test. - type: string - GKEMasterInfo: - id: GKEMasterInfo - description: >- - For display only. Metadata associated with a Google Kubernetes Engine - (GKE) cluster master. - type: object - properties: - clusterUri: - description: URI of a GKE cluster. - type: string - clusterNetworkUri: - description: URI of a GKE cluster network. - type: string - internalIp: - description: Internal IP address of a GKE cluster control plane. - type: string - externalIp: - description: External IP address of a GKE cluster control plane. - type: string - dnsEndpoint: - description: DNS endpoint of a GKE cluster control plane. - type: string - CloudSQLInstanceInfo: - id: CloudSQLInstanceInfo - description: For display only. Metadata associated with a Cloud SQL instance. - type: object - properties: - displayName: - description: Name of a Cloud SQL instance. - type: string - uri: - description: URI of a Cloud SQL instance. - type: string - networkUri: - description: >- - URI of a Cloud SQL instance network or empty string if the instance - does not have one. - type: string - internalIp: - description: Internal IP address of a Cloud SQL instance. - type: string - externalIp: - description: External IP address of a Cloud SQL instance. - type: string - region: - description: Region in which the Cloud SQL instance is running. - type: string - RedisInstanceInfo: - id: RedisInstanceInfo - description: For display only. Metadata associated with a Cloud Redis Instance. - type: object - properties: - displayName: - description: Name of a Cloud Redis Instance. - type: string - uri: - description: URI of a Cloud Redis Instance. - type: string - networkUri: - description: URI of a Cloud Redis Instance network. - type: string - primaryEndpointIp: - description: Primary endpoint IP address of a Cloud Redis Instance. - type: string - readEndpointIp: - description: Read endpoint IP address of a Cloud Redis Instance (if applicable). - type: string - region: - description: Region in which the Cloud Redis Instance is defined. - type: string - RedisClusterInfo: - id: RedisClusterInfo - description: For display only. Metadata associated with a Redis Cluster. - type: object - properties: - displayName: - description: Name of a Redis Cluster. - type: string - uri: - description: >- - URI of a Redis Cluster in format - "projects/{project_id}/locations/{location}/clusters/{cluster_id}" - type: string - networkUri: - description: >- - URI of the network containing the Redis Cluster endpoints in format - "projects/{project_id}/global/networks/{network_id}". - type: string - discoveryEndpointIpAddress: - description: Discovery endpoint IP address of a Redis Cluster. - type: string - secondaryEndpointIpAddress: - description: Secondary endpoint IP address of a Redis Cluster. - type: string - location: - description: >- - Name of the region in which the Redis Cluster is defined. For - example, "us-central1". - type: string - CloudFunctionInfo: - id: CloudFunctionInfo - description: For display only. Metadata associated with a Cloud Function. - type: object - properties: - displayName: - description: Name of a Cloud Function. - type: string - uri: - description: URI of a Cloud Function. - type: string - location: - description: Location in which the Cloud Function is deployed. - type: string - versionId: - description: Latest successfully deployed version id of the Cloud Function. - type: string - format: int64 - AppEngineVersionInfo: - id: AppEngineVersionInfo - description: For display only. Metadata associated with an App Engine version. - type: object - properties: - displayName: - description: Name of an App Engine version. - type: string - uri: - description: URI of an App Engine version. - type: string - runtime: - description: Runtime of the App Engine version. - type: string - environment: - description: App Engine execution environment for a version. - type: string - CloudRunRevisionInfo: - id: CloudRunRevisionInfo - description: For display only. Metadata associated with a Cloud Run revision. - type: object - properties: - displayName: - description: Name of a Cloud Run revision. - type: string - uri: - description: URI of a Cloud Run revision. - type: string - location: - description: Location in which this revision is deployed. - type: string - serviceUri: - description: URI of Cloud Run service this revision belongs to. - type: string - NatInfo: - id: NatInfo - description: For display only. Metadata associated with NAT. - type: object - properties: - type: - description: Type of NAT. - type: string - enumDescriptions: - - Type is unspecified. - - >- - From Compute Engine instance's internal address to external - address. - - >- - From Compute Engine instance's external address to internal - address. - - Cloud NAT Gateway. - - Private service connect NAT. - enum: - - TYPE_UNSPECIFIED - - INTERNAL_TO_EXTERNAL - - EXTERNAL_TO_INTERNAL - - CLOUD_NAT - - PRIVATE_SERVICE_CONNECT - protocol: - description: 'IP protocol in string format, for example: "TCP", "UDP", "ICMP".' + - CLOUD_SQL_PSC_NEG_UNSUPPORTED + - NO_NAT_SUBNETS_FOR_PSC_SERVICE_ATTACHMENT + - PSC_TRANSITIVITY_NOT_PROPAGATED + - HYBRID_NEG_NON_DYNAMIC_ROUTE_MATCHED + - HYBRID_NEG_NON_LOCAL_DYNAMIC_ROUTE_MATCHED + - CLOUD_RUN_REVISION_NOT_READY + - DROPPED_INSIDE_PSC_SERVICE_PRODUCER + - LOAD_BALANCER_HAS_NO_PROXY_SUBNET + - CLOUD_NAT_NO_ADDRESSES + - ROUTING_LOOP + - DROPPED_INSIDE_GOOGLE_MANAGED_SERVICE + - LOAD_BALANCER_BACKEND_INVALID_NETWORK + - BACKEND_SERVICE_NAMED_PORT_NOT_DEFINED + - DESTINATION_IS_PRIVATE_NAT_IP_RANGE + - DROPPED_INSIDE_REDIS_INSTANCE_SERVICE + - REDIS_INSTANCE_UNSUPPORTED_PORT + - REDIS_INSTANCE_CONNECTING_FROM_PUPI_ADDRESS + - REDIS_INSTANCE_NO_ROUTE_TO_DESTINATION_NETWORK + - REDIS_INSTANCE_NO_EXTERNAL_IP + - REDIS_INSTANCE_UNSUPPORTED_PROTOCOL + - DROPPED_INSIDE_REDIS_CLUSTER_SERVICE + - REDIS_CLUSTER_UNSUPPORTED_PORT + - REDIS_CLUSTER_NO_EXTERNAL_IP + - REDIS_CLUSTER_UNSUPPORTED_PROTOCOL + - NO_ADVERTISED_ROUTE_TO_GCP_DESTINATION + - NO_TRAFFIC_SELECTOR_TO_GCP_DESTINATION + - NO_KNOWN_ROUTE_FROM_PEERED_NETWORK_TO_DESTINATION + - PRIVATE_NAT_TO_PSC_ENDPOINT_UNSUPPORTED + - PSC_PORT_MAPPING_PORT_MISMATCH + - PSC_PORT_MAPPING_WITHOUT_PSC_CONNECTION_UNSUPPORTED + - UNSUPPORTED_ROUTE_MATCHED_FOR_NAT64_DESTINATION + - TRAFFIC_FROM_HYBRID_ENDPOINT_TO_INTERNET_DISALLOWED + - NO_MATCHING_NAT64_GATEWAY + - LOAD_BALANCER_BACKEND_IP_VERSION_MISMATCH + - NO_KNOWN_ROUTE_FROM_NCC_NETWORK_TO_DESTINATION + - CLOUD_NAT_PROTOCOL_UNSUPPORTED + - L2_INTERCONNECT_UNSUPPORTED_PROTOCOL + - L2_INTERCONNECT_UNSUPPORTED_PORT + - L2_INTERCONNECT_DESTINATION_IP_MISMATCH + - NCC_ROUTE_WITHIN_HYBRID_SUBNET_UNSUPPORTED + - HYBRID_SUBNET_REGION_MISMATCH + - HYBRID_SUBNET_NO_ROUTE + destinationIp: type: string - networkUri: - description: URI of the network where NAT translation takes place. + description: Destination IP address of the dropped packet (if relevant). + sourceGeolocationCode: + description: Geolocation (region code) of the source IP address (if relevant). type: string - oldSourceIp: - description: Source IP address before NAT translation. + resourceUri: + description: URI of the resource that caused the drop. type: string - newSourceIp: - description: Source IP address after NAT translation. + sourceIp: type: string - oldDestinationIp: - description: Destination IP address before NAT translation. + description: Source IP address of the dropped packet (if relevant). + region: type: string - newDestinationIp: - description: Destination IP address after NAT translation. + description: Region of the dropped packet (if relevant). + destinationGeolocationCode: type: string - oldSourcePort: - description: >- - Source port before NAT translation. Only valid when protocol is TCP - or UDP. - type: integer - format: int32 - newSourcePort: description: >- - Source port after NAT translation. Only valid when protocol is TCP - or UDP. - type: integer - format: int32 - oldDestinationPort: - description: >- - Destination port before NAT translation. Only valid when protocol is - TCP or UDP. - type: integer - format: int32 - newDestinationPort: - description: >- - Destination port after NAT translation. Only valid when protocol is - TCP or UDP. - type: integer - format: int32 - routerUri: - description: Uri of the Cloud Router. Only valid when type is CLOUD_NAT. - type: string - natGatewayName: - description: The name of Cloud NAT Gateway. Only valid when type is CLOUD_NAT. - type: string - ProxyConnectionInfo: - id: ProxyConnectionInfo - description: For display only. Metadata associated with ProxyConnection. + Geolocation (region code) of the destination IP address (if + relevant). + type: object + description: Details of the final state "drop" and associated resource. + ShowEffectiveFlowLogsConfigsResponse: type: object properties: - protocol: - description: 'IP protocol in string format, for example: "TCP", "UDP", "ICMP".' - type: string - oldSourceIp: - description: Source IP address of an original connection. - type: string - newSourceIp: - description: Source IP address of a new connection. - type: string - oldDestinationIp: - description: Destination IP address of an original connection - type: string - newDestinationIp: - description: Destination IP address of a new connection. - type: string - oldSourcePort: - description: >- - Source port of an original connection. Only valid when protocol is - TCP or UDP. - type: integer - format: int32 - newSourcePort: - description: >- - Source port of a new connection. Only valid when protocol is TCP or - UDP. - type: integer - format: int32 - oldDestinationPort: - description: >- - Destination port of an original connection. Only valid when protocol - is TCP or UDP. - type: integer - format: int32 - newDestinationPort: + effectiveFlowLogsConfigs: + description: List of Effective Vpc Flow Logs configurations. + type: array + items: + $ref: '#/components/schemas/EffectiveVpcFlowLogsConfig' + unreachable: + type: array description: >- - Destination port of a new connection. Only valid when protocol is - TCP or UDP. - type: integer - format: int32 - subnetUri: - description: Uri of proxy subnet. - type: string - networkUri: - description: URI of the network where connection is proxied. + Locations that could not be reached (when querying all locations + with `-`). + items: + type: string + nextPageToken: + description: Page token to fetch the next set of configurations. type: string - LoadBalancerBackendInfo: - id: LoadBalancerBackendInfo - description: For display only. Metadata associated with the load balancer backend. + id: ShowEffectiveFlowLogsConfigsResponse + description: Response for the `ShowEffectiveFlowLogsConfigs` method. + ForwardingRuleInfo: type: object + description: >- + For display only. Metadata associated with a Compute Engine forwarding + rule. properties: - name: - description: >- - Display name of the backend. For example, it might be an instance - name for the instance group backends, or an IP address and port for - zonal network endpoint group backends. + networkUri: + description: Network URI. type: string - instanceUri: + region: description: >- - URI of the backend instance (if applicable). Populated for instance - group backends, and zonal NEG backends. - type: string - backendServiceUri: - description: URI of the backend service this backend belongs to (if applicable). + Region of the forwarding rule. Set only for regional forwarding + rules. type: string - instanceGroupUri: - description: URI of the instance group this backend belongs to (if applicable). + matchedProtocol: + description: Protocol defined in the forwarding rule that matches the packet. type: string - networkEndpointGroupUri: + pscServiceAttachmentUri: description: >- - URI of the network endpoint group this backend belongs to (if + URI of the PSC service attachment this forwarding rule targets (if applicable). type: string - backendBucketUri: - description: URI of the backend bucket this backend targets (if applicable). + uri: + description: URI of the forwarding rule. + type: string + loadBalancerName: type: string - pscServiceAttachmentUri: description: >- - URI of the PSC service attachment this PSC NEG backend targets (if - applicable). + Name of the load balancer the forwarding rule belongs to. Empty for + forwarding rules not related to load balancers (like PSC forwarding + rules). + displayName: + description: Name of the forwarding rule. + type: string + vip: + description: VIP of the forwarding rule. type: string pscGoogleApiTarget: - description: PSC Google API target this PSC NEG backend targets (if applicable). + description: PSC Google API target this forwarding rule targets (if applicable). type: string - healthCheckUri: - description: URI of the health check attached to this backend (if applicable). + matchedPortRange: type: string - healthCheckFirewallsConfigState: - description: >- - Output only. Health check firewalls configuration state for the - backend. This is a result of the static firewall analysis (verifying - that health check traffic from required IP ranges to the backend is - allowed or not). The backend might still be unhealthy even if these - firewalls are configured. Please refer to the documentation for more - information: - https://cloud.google.com/load-balancing/docs/firewall-rules - readOnly: true + description: Port range defined in the forwarding rule that matches the packet. + target: type: string - enumDescriptions: - - >- - Configuration state unspecified. It usually means that the backend - has no health check attached, or there was an unexpected - configuration error preventing Connectivity tests from verifying - health check configuration. - - >- - Firewall rules (policies) allowing health check traffic from all - required IP ranges to the backend are configured. - - >- - Firewall rules (policies) allow health check traffic only from a - part of required IP ranges. - - >- - Firewall rules (policies) deny health check traffic from all - required IP ranges to the backend. - - >- - The network contains firewall rules of unsupported types, so - Connectivity tests were not able to verify health check - configuration status. Please refer to the documentation for the - list of unsupported configurations: - https://cloud.google.com/network-intelligence-center/docs/connectivity-tests/concepts/overview#unsupported-configs - enum: - - HEALTH_CHECK_FIREWALLS_CONFIG_STATE_UNSPECIFIED - - FIREWALLS_CONFIGURED - - FIREWALLS_PARTIALLY_CONFIGURED - - FIREWALLS_NOT_CONFIGURED - - FIREWALLS_UNSUPPORTED - StorageBucketInfo: - id: StorageBucketInfo - description: For display only. Metadata associated with Storage Bucket. - type: object + description: Target type of the forwarding rule. + id: ForwardingRuleInfo + ListOperationsResponse: properties: - bucket: - description: Cloud Storage Bucket name. + unreachable: + type: array + items: + type: string + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + operations: + description: >- + A list of operations that matches the specified filter in the + request. + type: array + items: + $ref: '#/components/schemas/Operation' + nextPageToken: + description: The standard List next-page token. type: string - ServerlessNegInfo: - id: ServerlessNegInfo + description: The response message for Operations.ListOperations. + id: ListOperationsResponse + type: object + Empty: description: >- - For display only. Metadata associated with the serverless network - endpoint group backend. + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + properties: {} + id: Empty + Status: + id: Status + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). type: object properties: - negUri: - description: URI of the serverless network endpoint group. + details: + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - ProbingDetails: - id: ProbingDetails - description: Results of active probing from the last run of the test. + code: + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + VpcConnectorInfo: + id: VpcConnectorInfo + properties: + uri: + description: URI of a VPC connector. + type: string + displayName: + description: Name of a VPC connector. + type: string + location: + type: string + description: Location in which the VPC connector is deployed. + type: object + description: For display only. Metadata associated with a VPC connector. + VpnTunnelInfo: + description: For display only. Metadata associated with a Compute Engine VPN tunnel. type: object properties: - result: - description: The overall result of active probing. + remoteGatewayIp: type: string - enumDescriptions: - - No result was specified. - - At least 95% of packets reached the destination. - - No packets reached the destination. - - Less than 95% of packets reached the destination. - - >- - Reachability could not be determined. Possible reasons are: * The - user lacks permission to access some of the network resources - required to run the test. * No valid source endpoint could be - derived from the request. * An internal error occurred. - enum: - - PROBING_RESULT_UNSPECIFIED - - REACHABLE - - UNREACHABLE - - REACHABILITY_INCONSISTENT - - UNDETERMINED - verifyTime: - description: The time that reachability was assessed through active probing. + description: Remote VPN gateway's IP address. + sourceGateway: type: string - format: google-datetime - error: - description: >- - Details about an internal failure or the cancellation of active - probing. - $ref: '#/components/schemas/Status' - abortCause: - description: The reason probing was aborted. + description: URI of the VPN gateway at local end of the tunnel. + displayName: + description: Name of a VPN tunnel. + type: string + region: + description: Name of a Google Cloud region where this VPN tunnel is configured. + type: string + uri: + description: URI of a VPN tunnel. + type: string + routingType: + description: Type of the routing policy. type: string enumDescriptions: - - No reason was specified. - - >- - The user lacks permission to access some of the network resources - required to run the test. - - No valid source endpoint could be derived from the request. + - Unspecified type. Default value. + - Route based VPN. + - Policy based routing. + - Dynamic (BGP) routing. enum: - - PROBING_ABORT_CAUSE_UNSPECIFIED - - PERMISSION_DENIED - - NO_SOURCE_LOCATION - sentProbeCount: - description: Number of probes sent. - type: integer - format: int32 - successfulProbeCount: - description: Number of probes that reached the destination. - type: integer - format: int32 - endpointInfo: - description: >- - The source and destination endpoints derived from the test input and - used for active probing. - $ref: '#/components/schemas/EndpointInfo' - probingLatency: - description: >- - Latency as measured by active probing in one direction: from the - source to the destination endpoint. - $ref: '#/components/schemas/LatencyDistribution' - destinationEgressLocation: - description: >- - The EdgeLocation from which a packet, destined to the internet, will - egress the Google network. This will only be populated for a - connectivity test which has an internet destination address. The - absence of this field *must not* be used as an indication that the - destination is part of the Google network. - $ref: '#/components/schemas/EdgeLocation' - edgeResponses: - description: Probing results for all edge devices. - type: array - items: - $ref: '#/components/schemas/SingleEdgeResponse' - probedAllDevices: - description: Whether all relevant edge devices were probed. - type: boolean - LatencyDistribution: - id: LatencyDistribution - description: Describes measured latency distribution. + - ROUTING_TYPE_UNSPECIFIED + - ROUTE_BASED + - POLICY_BASED + - DYNAMIC + networkUri: + type: string + description: URI of a Compute Engine network where the VPN tunnel is configured. + remoteGateway: + description: URI of a VPN gateway at remote end of the tunnel. + type: string + sourceGatewayIp: + description: Local VPN gateway's IP address. + type: string + id: VpnTunnelInfo + ListLocationsResponse: + id: ListLocationsResponse + description: The response message for Locations.ListLocations. type: object properties: - latencyPercentiles: - description: Representative latency percentiles. + locations: type: array items: - $ref: '#/components/schemas/LatencyPercentile' - LatencyPercentile: - id: LatencyPercentile - description: Latency percentile rank and value. - type: object - properties: - percent: - description: Percentage of samples this data point applies to. - type: integer - format: int32 - latencyMicros: + $ref: '#/components/schemas/Location' description: >- - percent-th percentile of latency observed, in microseconds. Fraction - of percent/100 of samples have latency lower or equal to the value - of this field. + A list of locations that matches the specified filter in the + request. + nextPageToken: + description: The standard List next-page token. type: string - format: int64 - EdgeLocation: - id: EdgeLocation - description: >- - Representation of a network edge location as per - https://cloud.google.com/vpc/docs/edge-locations. - type: object + SetIamPolicyRequest: + description: Request message for `SetIamPolicy` method. properties: - metropolitanArea: - description: Name of the metropolitan area. + updateMask: type: string + format: google-fieldmask + description: >- + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + policy: + description: >- + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' + id: SetIamPolicyRequest + type: object SingleEdgeResponse: - id: SingleEdgeResponse description: Probing results for a single edge device. - type: object + id: SingleEdgeResponse properties: + sentProbeCount: + description: Number of probes sent. + format: int32 + type: integer result: - description: The overall result of active probing for this egress device. - type: string enumDescriptions: - No result was specified. - At least 95% of packets reached the destination. @@ -3469,216 +2792,128 @@ components: user lacks permission to access some of the network resources required to run the test. * No valid source endpoint could be derived from the request. * An internal error occurred. + description: The overall result of active probing for this egress device. + type: string enum: - PROBING_RESULT_UNSPECIFIED - REACHABLE - UNREACHABLE - REACHABILITY_INCONSISTENT - UNDETERMINED - sentProbeCount: - description: Number of probes sent. - type: integer - format: int32 - successfulProbeCount: - description: Number of probes that reached the destination. - type: integer - format: int32 - probingLatency: - description: >- - Latency as measured by active probing in one direction: from the - source to the destination endpoint. - $ref: '#/components/schemas/LatencyDistribution' destinationEgressLocation: + $ref: '#/components/schemas/EdgeLocation' description: >- The EdgeLocation from which a packet, destined to the internet, will egress the Google network. This will only be populated for a connectivity test which has an internet destination address. The absence of this field *must not* be used as an indication that the destination is part of the Google network. - $ref: '#/components/schemas/EdgeLocation' + successfulProbeCount: + description: Number of probes that reached the destination. + type: integer + format: int32 destinationRouter: + type: string description: >- Router name in the format '{router}.{metroshard}'. For example: pf01.aaa01, pr02.aaa01. - type: string - RerunConnectivityTestRequest: - id: RerunConnectivityTestRequest - description: Request for the `RerunConnectivityTest` method. + probingLatency: + description: >- + Latency as measured by active probing in one direction: from the + source to the destination endpoint. + $ref: '#/components/schemas/LatencyDistribution' type: object - properties: {} - ListVpcFlowLogsConfigsResponse: - id: ListVpcFlowLogsConfigsResponse - description: Response for the `ListVpcFlowLogsConfigs` method. + EdgeLocation: + id: EdgeLocation type: object + description: >- + Representation of a network edge location as per + https://cloud.google.com/vpc/docs/edge-locations. properties: - vpcFlowLogsConfigs: - description: List of VPC Flow Log configurations. - type: array - items: - $ref: '#/components/schemas/VpcFlowLogsConfig' - nextPageToken: - description: Page token to fetch the next set of configurations. + metropolitanArea: + description: Name of the metropolitan area. type: string - unreachable: - description: >- - Locations that could not be reached (when querying all locations - with `-`). - type: array - items: - type: string - VpcFlowLogsConfig: - id: VpcFlowLogsConfig - description: A configuration to generate VPC Flow Logs. + ProbingDetails: type: object properties: - name: + error: description: >- - Identifier. Unique name of the configuration. The name can have one - of the following forms: - For project-level configurations: - `projects/{project_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` - - For organization-level configurations: - `organizations/{organization_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` - type: string - description: + Details about an internal failure or the cancellation of active + probing. + $ref: '#/components/schemas/Status' + sentProbeCount: + type: integer + description: Number of probes sent. + format: int32 + destinationEgressLocation: + $ref: '#/components/schemas/EdgeLocation' description: >- - Optional. The user-supplied description of the VPC Flow Logs - configuration. Maximum of 512 characters. + The EdgeLocation from which a packet, destined to the internet, will + egress the Google network. This will only be populated for a + connectivity test which has an internet destination address. The + absence of this field *must not* be used as an indication that the + destination is part of the Google network. + verifyTime: type: string - state: + description: The time that reachability was assessed through active probing. + format: google-datetime + probingLatency: + $ref: '#/components/schemas/LatencyDistribution' description: >- - Optional. The state of the VPC Flow Log configuration. Default value - is ENABLED. When creating a new configuration, it must be enabled. - Setting state=DISABLED will pause the log generation for this - config. - type: string - enumDescriptions: - - If not specified, will default to ENABLED. - - When ENABLED, this configuration will generate logs. - - When DISABLED, this configuration will not generate logs. + Latency as measured by active probing in one direction: from the + source to the destination endpoint. + successfulProbeCount: + description: Number of probes that reached the destination. + format: int32 + type: integer + probedAllDevices: + type: boolean + description: Whether all relevant edge devices were probed. + result: enum: - - STATE_UNSPECIFIED - - ENABLED - - DISABLED - aggregationInterval: - description: >- - Optional. The aggregation interval for the logs. Default value is - INTERVAL_5_SEC. - type: string + - PROBING_RESULT_UNSPECIFIED + - REACHABLE + - UNREACHABLE + - REACHABILITY_INCONSISTENT + - UNDETERMINED enumDescriptions: - - If not specified, will default to INTERVAL_5_SEC. - - Aggregate logs in 5s intervals. - - Aggregate logs in 30s intervals. - - Aggregate logs in 1m intervals. - - Aggregate logs in 5m intervals. - - Aggregate logs in 10m intervals. - - Aggregate logs in 15m intervals. - enum: - - AGGREGATION_INTERVAL_UNSPECIFIED - - INTERVAL_5_SEC - - INTERVAL_30_SEC - - INTERVAL_1_MIN - - INTERVAL_5_MIN - - INTERVAL_10_MIN - - INTERVAL_15_MIN - flowSampling: - description: >- - Optional. The value of the field must be in (0, 1]. The sampling - rate of VPC Flow Logs where 1.0 means all collected logs are - reported. Setting the sampling rate to 0.0 is not allowed. If you - want to disable VPC Flow Logs, use the state field instead. Default - value is 1.0. - type: number - format: float - metadata: - description: >- - Optional. Configures whether all, none or a subset of metadata - fields should be added to the reported VPC flow logs. Default value - is INCLUDE_ALL_METADATA. + - No result was specified. + - At least 95% of packets reached the destination. + - No packets reached the destination. + - Less than 95% of packets reached the destination. + - >- + Reachability could not be determined. Possible reasons are: * The + user lacks permission to access some of the network resources + required to run the test. * No valid source endpoint could be + derived from the request. * An internal error occurred. type: string + description: The overall result of active probing. + abortCause: enumDescriptions: - - If not specified, will default to INCLUDE_ALL_METADATA. - - Include all metadata fields. - - Exclude all metadata fields. - - Include only custom fields (specified in metadata_fields). - enum: - - METADATA_UNSPECIFIED - - INCLUDE_ALL_METADATA - - EXCLUDE_ALL_METADATA - - CUSTOM_METADATA - metadataFields: - description: >- - Optional. Custom metadata fields to include in the reported VPC flow - logs. Can only be specified if "metadata" was set to - CUSTOM_METADATA. - type: array - items: - type: string - filterExpr: - description: >- - Optional. Export filter used to define which VPC Flow Logs should be - logged. - type: string - targetResourceState: - description: >- - Output only. Describes the state of the configured target resource - for diagnostic purposes. - readOnly: true + - No reason was specified. + - >- + The user lacks permission to access some of the network resources + required to run the test. + - No valid source endpoint could be derived from the request. + description: The reason probing was aborted. type: string - enumDescriptions: - - Unspecified target resource state. - - Indicates that the target resource exists. - - Indicates that the target resource does not exist. enum: - - TARGET_RESOURCE_STATE_UNSPECIFIED - - TARGET_RESOURCE_EXISTS - - TARGET_RESOURCE_DOES_NOT_EXIST - interconnectAttachment: - description: >- - Traffic will be logged from the Interconnect Attachment. Format: - projects/{project_id}/regions/{region}/interconnectAttachments/{name} - type: string - vpnTunnel: - description: >- - Traffic will be logged from the VPN Tunnel. Format: - projects/{project_id}/regions/{region}/vpnTunnels/{name} - type: string - labels: - description: Optional. Resource labels to represent user-provided metadata. - type: object - additionalProperties: - type: string - createTime: - description: Output only. The time the config was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time the config was updated. - readOnly: true - type: string - format: google-datetime - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: + - PROBING_ABORT_CAUSE_UNSPECIFIED + - PERMISSION_DENIED + - NO_SOURCE_LOCATION + edgeResponses: + description: Probing results for all edge devices. + items: + $ref: '#/components/schemas/SingleEdgeResponse' + type: array + endpointInfo: description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` - type: string - format: google-fieldmask + The source and destination endpoints derived from the test input and + used for active probing. + $ref: '#/components/schemas/EndpointInfo' + id: ProbingDetails + description: Results of active probing from the last run of the test. Policy: - id: Policy description: >- An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of @@ -3713,9 +2948,42 @@ components: timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). + id: Policy type: object properties: + etag: + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + format: byte + type: string + bindings: + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + type: array + items: + $ref: '#/components/schemas/Binding' version: + type: integer + format: int32 description: >- Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any @@ -3733,57 +3001,229 @@ components: specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer + auditConfigs: + description: Specifies cloud audit logging configuration for this policy. + type: array + items: + $ref: '#/components/schemas/AuditConfig' + RouteInfo: + properties: + networkUri: + type: string + description: URI of a VPC network where route is located. + nccSpokeUri: + description: >- + URI of the destination NCC Spoke. PEERING_SUBNET and PEERING_DYNAMIC + routes that are advertised by NCC Hub only. + type: string + advertisedRouteNextHopUri: + description: >- + For ADVERTISED routes, the URI of their next hop, i.e. the URI of + the hybrid endpoint (VPN tunnel, Interconnect attachment, NCC router + appliance) the advertised prefix is advertised through, or URI of + the source peered network. Deprecated in favor of the next_hop_uri + field, not used in new tests. + type: string + deprecated: true + nextHop: + description: >- + String type of the next hop of the route (for example, "VPN + tunnel"). Deprecated in favor of the next_hop_type and next_hop_uri + fields, not used in new tests. + deprecated: true + type: string + originatingRouteDisplayName: + type: string + description: >- + For PEERING_SUBNET, PEERING_STATIC and PEERING_DYNAMIC routes, the + name of the originating SUBNET/STATIC/DYNAMIC route. + uri: + description: >- + URI of a route. SUBNET, STATIC, PEERING_SUBNET (only for peering + network) and POLICY_BASED routes only. + type: string + priority: + description: Priority of the route. format: int32 - bindings: + type: integer + protocols: + description: Protocols of the route. POLICY_BASED routes only. + type: array + items: + type: string + displayName: + type: string + description: Name of a route. + destIpRange: + type: string + description: Destination IP range of the route. + routeScope: + enumDescriptions: + - Unspecified scope. Default value. + - Route is applicable to packets in Network. + - Route is applicable to packets using NCC Hub's routing table. + enum: + - ROUTE_SCOPE_UNSPECIFIED + - NETWORK + - NCC_HUB + type: string description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. + Indicates where route is applicable. Deprecated, routes with NCC_HUB + scope are not included in the trace in new tests. + deprecated: true + nextHopNetworkUri: + description: URI of a VPC network where the next hop resource is located. + type: string + nccHubRouteUri: + description: >- + For PEERING_SUBNET and PEERING_DYNAMIC routes that are advertised by + NCC Hub, the URI of the corresponding route in NCC Hub's routing + table. + type: string + nextHopUri: + description: URI of the next hop resource. + type: string + srcIpRange: + type: string + description: Source IP address range of the route. POLICY_BASED routes only. + nextHopType: + type: string + description: Type of next hop. + enumDescriptions: + - Unspecified type. Default value. + - Next hop is an IP address. + - Next hop is a Compute Engine instance. + - Next hop is a VPC network gateway. + - >- + Next hop is a peering VPC. This scenario only happens when the + user doesn't have permissions to the project where the next hop + resource is located. + - Next hop is an interconnect. + - Next hop is a VPN tunnel. + - >- + Next hop is a VPN gateway. This scenario only happens when tracing + connectivity from an on-premises network to Google Cloud through a + VPN. The analysis simulates a packet departing from the + on-premises network through a VPN tunnel and arriving at a Cloud + VPN gateway. + - Next hop is an internet gateway. + - >- + Next hop is blackhole; that is, the next hop either does not exist + or is unusable. + - Next hop is the forwarding rule of an Internal Load Balancer. + - >- + Next hop is a [router appliance + instance](https://cloud.google.com/network-connectivity/docs/network-connectivity-center/concepts/ra-overview). + - >- + Next hop is an NCC hub. This scenario only happens when the user + doesn't have permissions to the project where the next hop + resource is located. + - Next hop is Secure Web Proxy Gateway. + enum: + - NEXT_HOP_TYPE_UNSPECIFIED + - NEXT_HOP_IP + - NEXT_HOP_INSTANCE + - NEXT_HOP_NETWORK + - NEXT_HOP_PEERING + - NEXT_HOP_INTERCONNECT + - NEXT_HOP_VPN_TUNNEL + - NEXT_HOP_VPN_GATEWAY + - NEXT_HOP_INTERNET_GATEWAY + - NEXT_HOP_BLACKHOLE + - NEXT_HOP_ILB + - NEXT_HOP_ROUTER_APPLIANCE + - NEXT_HOP_NCC_HUB + - SECURE_WEB_PROXY_GATEWAY + destPortRanges: type: array + description: Destination port ranges of the route. POLICY_BASED routes only. items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. + type: string + region: + description: >- + Region of the route. DYNAMIC, PEERING_DYNAMIC, POLICY_BASED and + ADVERTISED routes only. If set for POLICY_BASED route, this is a + region of VLAN attachments for Cloud Interconnect the route applies + to. + type: string + instanceTags: + items: + type: string type: array + description: Instance tags of the route. + advertisedRouteSourceRouterUri: + description: >- + For ADVERTISED dynamic routes, the URI of the Cloud Router that + advertised the corresponding IP prefix. + type: string + originatingRouteUri: + description: >- + For PEERING_SUBNET and PEERING_STATIC routes, the URI of the + originating SUBNET/STATIC route. + type: string + srcPortRanges: items: - $ref: '#/components/schemas/AuditConfig' - etag: + type: string + description: Source port ranges of the route. POLICY_BASED routes only. + type: array + routeType: + enum: + - ROUTE_TYPE_UNSPECIFIED + - SUBNET + - STATIC + - DYNAMIC + - PEERING_SUBNET + - PEERING_STATIC + - PEERING_DYNAMIC + - POLICY_BASED + - ADVERTISED + description: Type of route. + enumDescriptions: + - Unspecified type. Default value. + - Route is a subnet route automatically created by the system. + - >- + Static route created by the user, including the default route to + the internet. + - Dynamic route exchanged between BGP peers. + - A subnet route received from peering network or NCC Hub. + - A static route received from peering network. + - A dynamic route received from peering network or NCC Hub. + - Policy based route. + - >- + Advertised route. Synthetic route which is used to transition from + the StartFromPrivateNetwork state in Connectivity tests. + type: string + nccHubUri: description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + URI of the NCC Hub the route is advertised by. PEERING_SUBNET and + PEERING_DYNAMIC routes that are advertised by NCC Hub only. type: string - format: byte + id: RouteInfo + type: object + description: For display only. Metadata associated with a Compute Engine route. + ListConnectivityTestsResponse: + type: object + id: ListConnectivityTestsResponse + properties: + nextPageToken: + description: Page token to fetch the next set of Connectivity Tests. + type: string + unreachable: + type: array + description: >- + Locations that could not be reached (when querying all locations + with `-`). + items: + type: string + resources: + description: List of Connectivity Tests. + type: array + items: + $ref: '#/components/schemas/ConnectivityTest' + description: Response for the `ListConnectivityTests` method. Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. type: object properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string members: description: >- Specifies the principals requesting access for a Google Cloud @@ -3844,9 +3284,9 @@ components: `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array items: type: string + type: array condition: description: >- The condition that is associated with this binding. If the condition @@ -3858,94 +3298,402 @@ components: their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + role: + type: string + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + id: Binding + description: Associates `members`, or principals, with a `role`. + CloudRunRevisionEndpoint: type: object + description: Wrapper for Cloud Run revision attributes. properties: - expression: + uri: description: >- - Textual representation of an expression in Common Expression - Language syntax. + A [Cloud Run](https://cloud.google.com/run) + [revision](https://cloud.google.com/run/docs/reference/rest/v1/namespaces.revisions/get) + URI. The format is: + projects/{project}/locations/{location}/revisions/{revision} type: string - title: + serviceUri: + type: string + readOnly: true description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + Output only. The URI of the Cloud Run service that the revision + belongs to. The format is: + projects/{project}/locations/{location}/services/{service} + id: CloudRunRevisionEndpoint + LatencyPercentile: + properties: + latencyMicros: + format: int64 + description: >- + percent-th percentile of latency observed, in microseconds. Fraction + of percent/100 of samples have latency lower or equal to the value + of this field. + type: string + percent: + description: Percentage of samples this data point applies to. + format: int32 + type: integer + id: LatencyPercentile + description: Latency percentile rank and value. + type: object + ProxyConnectionInfo: + properties: + oldSourceIp: + description: Source IP address of an original connection. + type: string + oldDestinationIp: + type: string + description: Destination IP address of an original connection + newSourceIp: + description: Source IP address of a new connection. + type: string + newDestinationIp: + description: Destination IP address of a new connection. + type: string + networkUri: + type: string + description: URI of the network where connection is proxied. + newDestinationPort: + type: integer + format: int32 + description: >- + Destination port of a new connection. Only valid when protocol is + TCP or UDP. + subnetUri: + type: string + description: Uri of proxy subnet. + oldDestinationPort: + format: int32 + type: integer + description: >- + Destination port of an original connection. Only valid when protocol + is TCP or UDP. + oldSourcePort: + type: integer + description: >- + Source port of an original connection. Only valid when protocol is + TCP or UDP. + format: int32 + protocol: + description: 'IP protocol in string format, for example: "TCP", "UDP", "ICMP".' + type: string + newSourcePort: + type: integer + description: >- + Source port of a new connection. Only valid when protocol is TCP or + UDP. + format: int32 + description: For display only. Metadata associated with ProxyConnection. + type: object + id: ProxyConnectionInfo + Step: + type: object + description: >- + A simulated forwarding path is composed of multiple steps. Each step has + a well-defined state and an associated configuration. + properties: + googleService: + description: Display information of a Google service + $ref: '#/components/schemas/GoogleServiceInfo' + loadBalancer: + $ref: '#/components/schemas/LoadBalancerInfo' + description: >- + Display information of the load balancers. Deprecated in favor of + the `load_balancer_backend_info` field, not used in new tests. + deprecated: true + gkeMaster: + description: Display information of a Google Kubernetes Engine cluster master. + $ref: '#/components/schemas/GKEMasterInfo' + endpoint: + description: >- + Display information of the source and destination under analysis. + The endpoint information in an intermediate state may differ with + the initial input, as it might be modified by state like NAT, or + Connection Proxy. + $ref: '#/components/schemas/EndpointInfo' + abort: + $ref: '#/components/schemas/AbortInfo' + description: Display information of the final state "abort" and reason. + appEngineVersion: + description: Display information of an App Engine service version. + $ref: '#/components/schemas/AppEngineVersionInfo' + redisInstance: + $ref: '#/components/schemas/RedisInstanceInfo' + description: Display information of a Redis Instance. + hybridSubnet: + description: Display information of a hybrid subnet. + $ref: '#/components/schemas/HybridSubnetInfo' + forwardingRule: + $ref: '#/components/schemas/ForwardingRuleInfo' + description: Display information of a Compute Engine forwarding rule. + firewall: + description: Display information of a Compute Engine firewall rule. + $ref: '#/components/schemas/FirewallInfo' + projectId: + description: Project ID that contains the configuration this step is validating. + type: string + redisCluster: + $ref: '#/components/schemas/RedisClusterInfo' + description: Display information of a Redis Cluster. + serverlessNeg: + description: >- + Display information of a Serverless network endpoint group backend. + Used only for return traces. + $ref: '#/components/schemas/ServerlessNegInfo' + loadBalancerBackendInfo: + description: Display information of a specific load balancer backend. + $ref: '#/components/schemas/LoadBalancerBackendInfo' + cloudFunction: + $ref: '#/components/schemas/CloudFunctionInfo' + description: Display information of a Cloud Function. + vpnTunnel: + $ref: '#/components/schemas/VpnTunnelInfo' + description: Display information of a Compute Engine VPN tunnel. + directVpcEgressConnection: + $ref: '#/components/schemas/DirectVpcEgressConnectionInfo' + description: Display information of a serverless direct VPC egress connection. + vpcConnector: + $ref: '#/components/schemas/VpcConnectorInfo' + description: Display information of a VPC connector. + cloudRunRevision: + description: Display information of a Cloud Run revision. + $ref: '#/components/schemas/CloudRunRevisionInfo' + causesDrop: + type: boolean + description: This is a step that leads to the final state Drop. + drop: + description: Display information of the final state "drop" and reason. + $ref: '#/components/schemas/DropInfo' + interconnectAttachment: + description: Display information of an interconnect attachment. + $ref: '#/components/schemas/InterconnectAttachmentInfo' + forward: + $ref: '#/components/schemas/ForwardInfo' + description: Display information of the final state "forward" and reason. + nat: + $ref: '#/components/schemas/NatInfo' + description: Display information of a NAT. + serverlessExternalConnection: + $ref: '#/components/schemas/ServerlessExternalConnectionInfo' + description: Display information of a serverless public (external) connection. + cloudSqlInstance: + description: Display information of a Cloud SQL instance. + $ref: '#/components/schemas/CloudSQLInstanceInfo' + instance: + description: Display information of a Compute Engine instance. + $ref: '#/components/schemas/InstanceInfo' + storageBucket: + $ref: '#/components/schemas/StorageBucketInfo' + description: >- + Display information of a Storage Bucket. Used only for return + traces. + vpnGateway: + description: Display information of a Compute Engine VPN gateway. + $ref: '#/components/schemas/VpnGatewayInfo' + state: + enumDeprecated: + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - true + - true + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + enum: + - STATE_UNSPECIFIED + - START_FROM_INSTANCE + - START_FROM_INTERNET + - START_FROM_GOOGLE_SERVICE + - START_FROM_PRIVATE_NETWORK + - START_FROM_GKE_MASTER + - START_FROM_CLOUD_SQL_INSTANCE + - START_FROM_REDIS_INSTANCE + - START_FROM_REDIS_CLUSTER + - START_FROM_CLOUD_FUNCTION + - START_FROM_APP_ENGINE_VERSION + - START_FROM_CLOUD_RUN_REVISION + - START_FROM_STORAGE_BUCKET + - START_FROM_PSC_PUBLISHED_SERVICE + - START_FROM_SERVERLESS_NEG + - APPLY_INGRESS_FIREWALL_RULE + - APPLY_EGRESS_FIREWALL_RULE + - APPLY_ROUTE + - APPLY_FORWARDING_RULE + - ANALYZE_LOAD_BALANCER_BACKEND + - SPOOFING_APPROVED + - ARRIVE_AT_INSTANCE + - ARRIVE_AT_INTERNAL_LOAD_BALANCER + - ARRIVE_AT_EXTERNAL_LOAD_BALANCER + - ARRIVE_AT_HYBRID_SUBNET + - ARRIVE_AT_VPN_GATEWAY + - ARRIVE_AT_VPN_TUNNEL + - ARRIVE_AT_INTERCONNECT_ATTACHMENT + - ARRIVE_AT_VPC_CONNECTOR + - DIRECT_VPC_EGRESS_CONNECTION + - SERVERLESS_EXTERNAL_CONNECTION + - NAT + - PROXY_CONNECTION + - DELIVER + - DROP + - FORWARD + - ABORT + - VIEWER_PERMISSION_MISSING + enumDescriptions: + - Unspecified state. + - >- + Initial state: packet originating from a Compute Engine instance. + An InstanceInfo is populated with starting instance information. + - >- + Initial state: packet originating from the internet. The endpoint + information is populated. + - >- + Initial state: packet originating from a Google service. The + google_service information is populated. + - >- + Initial state: packet originating from a VPC or on-premises + network with internal source IP. If the source is a VPC network + visible to the user, a NetworkInfo is populated with details of + the network. + - >- + Initial state: packet originating from a Google Kubernetes Engine + cluster master. A GKEMasterInfo is populated with starting + instance information. + - >- + Initial state: packet originating from a Cloud SQL instance. A + CloudSQLInstanceInfo is populated with starting instance + information. + - >- + Initial state: packet originating from a Redis instance. A + RedisInstanceInfo is populated with starting instance information. + - >- + Initial state: packet originating from a Redis Cluster. A + RedisClusterInfo is populated with starting Cluster information. + - >- + Initial state: packet originating from a Cloud Function. A + CloudFunctionInfo is populated with starting function information. + - >- + Initial state: packet originating from an App Engine service + version. An AppEngineVersionInfo is populated with starting + version information. + - >- + Initial state: packet originating from a Cloud Run revision. A + CloudRunRevisionInfo is populated with starting revision + information. + - >- + Initial state: packet originating from a Storage Bucket. Used only + for return traces. The storage_bucket information is populated. + - >- + Initial state: packet originating from a published service that + uses Private Service Connect. Used only for return traces. + - >- + Initial state: packet originating from a serverless network + endpoint group backend. Used only for return traces. The + serverless_neg information is populated. + - 'Config checking state: verify ingress firewall rule.' + - 'Config checking state: verify egress firewall rule.' + - 'Config checking state: verify route.' + - 'Config checking state: match forwarding rule.' + - 'Config checking state: verify load balancer backend configuration.' + - >- + Config checking state: packet sent or received under foreign IP + address and allowed. + - 'Forwarding state: arriving at a Compute Engine instance.' + - >- + Forwarding state: arriving at a Compute Engine internal load + balancer. + - >- + Forwarding state: arriving at a Compute Engine external load + balancer. + - >- + Forwarding state: arriving at a hybrid subnet. Appropriate routing + configuration will be determined here. + - 'Forwarding state: arriving at a Cloud VPN gateway.' + - 'Forwarding state: arriving at a Cloud VPN tunnel.' + - 'Forwarding state: arriving at an interconnect attachment.' + - 'Forwarding state: arriving at a VPC connector.' + - >- + Forwarding state: for packets originating from a serverless + endpoint forwarded through Direct VPC egress. + - >- + Forwarding state: for packets originating from a serverless + endpoint forwarded through public (external) connectivity. + - >- + Transition state: packet header translated. The `nat` field is + populated with the translation information. + - >- + Transition state: original connection is terminated and a new + proxied connection is initiated. + - 'Final state: packet could be delivered.' + - 'Final state: packet could be dropped.' + - >- + Final state: packet could be forwarded to a network with an + unknown configuration. + - 'Final state: analysis is aborted.' + - >- + Special state: viewer of the test result does not have permission + to see the configuration in this step. type: string + description: Each step is in one of the pre-defined states. + deliver: + description: Display information of the final state "deliver" and reason. + $ref: '#/components/schemas/DeliverInfo' + route: + description: Display information of a Compute Engine route. + $ref: '#/components/schemas/RouteInfo' + proxyConnection: + description: Display information of a ProxyConnection. + $ref: '#/components/schemas/ProxyConnectionInfo' + network: + description: Display information of a Google Cloud network. + $ref: '#/components/schemas/NetworkInfo' description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: - description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - AuditConfig: - id: AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. - type: object - properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/AuditLogConfig' + description: A description of the step. Usually this is a summary of the state. + id: Step AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. type: object properties: logType: description: The log type that this config enables. - type: string enumDescriptions: - Default case. Should never be this. - 'Admin reads. Example: CloudIAM getIamPolicy' @@ -3956,105 +3704,93 @@ components: - ADMIN_READ - DATA_WRITE - DATA_READ + type: string exemptedMembers: - description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array items: type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + id: AuditLogConfig + CancelOperationRequest: + description: The request message for Operations.CancelOperation. + id: CancelOperationRequest + properties: {} type: object - properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - OperationMetadata: - id: OperationMetadata - description: Metadata describing an Operation + Operation: type: object + description: >- + This resource represents a long-running operation that is the result of + a network API call. properties: - createTime: - description: The time the operation was created. - type: string - format: google-datetime - endTime: - description: The time the operation finished running. - type: string - format: google-datetime - target: + error: description: >- - Target of the operation - for example - projects/project-1/locations/global/connectivityTests/test-1 - type: string - verb: - description: Name of the verb executed by the operation. - type: string - statusDetail: - description: Human-readable status of the operation, if any. + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + response: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + metadata: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + name: type: string - cancelRequested: - description: Specifies if cancellation was requested for the operation. + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. type: boolean - apiVersion: - description: API version. - type: string + id: Operation parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: alt + name: upload_protocol schema: type: string - enum: - - json - - media - - proto callback: description: JSONP in: query name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: key + name: uploadType schema: type: string oauth_token: @@ -4063,12 +3799,12 @@ components: name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: prettyPrint + name: fields schema: - type: boolean + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -4078,16 +3814,29 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: upload_protocol + name: key schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + alt: + description: Data format for response. in: query - name: uploadType + name: alt + schema: + type: string + enum: + - json + - media + - proto + access_token: + description: OAuth access token. + in: query + name: access_token schema: type: string _.xgafv: @@ -4099,19 +3848,18 @@ components: enum: - '1' - '2' + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean x-stackQL-resources: locations: id: google.networkmanagement.locations name: locations title: Locations methods: - list: - operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations get: operation: $ref: >- @@ -4119,395 +3867,246 @@ components: response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - operations: - id: google.networkmanagement.operations - name: operations - title: Operations - methods: list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - get: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - cancel: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.locations sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - connectivity_tests: - id: google.networkmanagement.connectivity_tests - name: connectivity_tests - title: Connectivity_tests - methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.resources - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests/post - response: - mediaType: application/json - openAPIDocKey: '200' - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests~1{connectivityTestsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests~1{connectivityTestsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests~1{connectivityTestsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - rerun: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests~1{connectivityTestsId}:rerun/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/connectivity_tests/methods/get' - - $ref: '#/components/x-stackQL-resources/connectivity_tests/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/connectivity_tests/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/connectivity_tests/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/connectivity_tests/methods/delete' - connectivity_tests_iam_policies: - id: google.networkmanagement.connectivity_tests_iam_policies - name: connectivity_tests_iam_policies - title: Connectivity_tests_iam_policies + delete: [] + vpc_flow_logs_configs: + id: google.networkmanagement.vpc_flow_logs_configs + name: vpc_flow_logs_configs + title: Vpc_flow_logs_configs methods: - set_iam_policy: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests~1{connectivityTestsId}:setIamPolicy/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1vpcFlowLogsConfigs~1{vpcFlowLogsConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests~1{connectivityTestsId}:getIamPolicy/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1vpcFlowLogsConfigs~1{vpcFlowLogsConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests~1{connectivityTestsId}:testIamPermissions/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1vpcFlowLogsConfigs~1{vpcFlowLogsConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/connectivity_tests_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/connectivity_tests_iam_policies/methods/set_iam_policy - delete: [] - network_monitoring_providers: - id: google.networkmanagement.network_monitoring_providers - name: network_monitoring_providers - title: Network_monitoring_providers - methods: - list: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkMonitoringProviders/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1vpcFlowLogsConfigs/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.networkMonitoringProviders - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkMonitoringProviders/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1vpcFlowLogsConfigs/get response: mediaType: application/json openAPIDocKey: '200' - get: + objectKey: $.vpcFlowLogsConfigs + show_effective_flow_logs_configs: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkMonitoringProviders~1{networkMonitoringProvidersId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vpcFlowLogsConfigs:showEffectiveFlowLogsConfigs/get response: mediaType: application/json openAPIDocKey: '200' - delete: + query_org_vpc_flow_logs_configs: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkMonitoringProviders~1{networkMonitoringProvidersId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vpcFlowLogsConfigs:queryOrgVpcFlowLogsConfigs/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: + - $ref: '#/components/x-stackQL-resources/vpc_flow_logs_configs/methods/get' - $ref: >- - #/components/x-stackQL-resources/network_monitoring_providers/methods/get + #/components/x-stackQL-resources/vpc_flow_logs_configs/methods/list - $ref: >- - #/components/x-stackQL-resources/network_monitoring_providers/methods/list + #/components/x-stackQL-resources/vpc_flow_logs_configs/methods/query_org_vpc_flow_logs_configs insert: - $ref: >- - #/components/x-stackQL-resources/network_monitoring_providers/methods/create - update: [] + #/components/x-stackQL-resources/vpc_flow_logs_configs/methods/create + update: + - $ref: >- + #/components/x-stackQL-resources/vpc_flow_logs_configs/methods/patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/network_monitoring_providers/methods/delete - monitoring_points: - id: google.networkmanagement.monitoring_points - name: monitoring_points - title: Monitoring_points + #/components/x-stackQL-resources/vpc_flow_logs_configs/methods/delete + operations: + id: google.networkmanagement.operations + name: operations + title: Operations methods: - list: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkMonitoringProviders~1{networkMonitoringProvidersId}~1monitoringPoints/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.monitoringPoints - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkMonitoringProviders~1{networkMonitoringProvidersId}~1monitoringPoints~1{monitoringPointsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/monitoring_points/methods/get' - - $ref: '#/components/x-stackQL-resources/monitoring_points/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - network_paths: - id: google.networkmanagement.network_paths - name: network_paths - title: Network_paths - methods: - list: + objectKey: $.unreachable + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkMonitoringProviders~1{networkMonitoringProvidersId}~1networkPaths/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.networkPaths get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkMonitoringProviders~1{networkMonitoringProvidersId}~1networkPaths~1{networkPathsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/network_paths/methods/get' - - $ref: '#/components/x-stackQL-resources/network_paths/methods/list' + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' insert: [] update: [] replace: [] - delete: [] - web_paths: - id: google.networkmanagement.web_paths - name: web_paths - title: Web_paths + delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + connectivity_tests_iam_policies: + id: google.networkmanagement.connectivity_tests_iam_policies + name: connectivity_tests_iam_policies + title: Connectivity_tests_iam_policies methods: - list: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkMonitoringProviders~1{networkMonitoringProvidersId}~1webPaths/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests~1{connectivityTestsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.webPaths - get: + test_iam_permissions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests~1{connectivityTestsId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkMonitoringProviders~1{networkMonitoringProvidersId}~1webPaths~1{webPathsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests~1{connectivityTestsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/web_paths/methods/get' - - $ref: '#/components/x-stackQL-resources/web_paths/methods/list' + - $ref: >- + #/components/x-stackQL-resources/connectivity_tests_iam_policies/methods/get_iam_policy insert: [] update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/connectivity_tests_iam_policies/methods/set_iam_policy delete: [] - vpc_flow_logs_configs: - id: google.networkmanagement.vpc_flow_logs_configs - name: vpc_flow_logs_configs - title: Vpc_flow_logs_configs + connectivity_tests: + id: google.networkmanagement.connectivity_tests + name: connectivity_tests + title: Connectivity_tests methods: - list: + rerun: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vpcFlowLogsConfigs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests~1{connectivityTestsId}:rerun/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.vpcFlowLogsConfigs create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vpcFlowLogsConfigs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests/post response: mediaType: application/json openAPIDocKey: '200' - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vpcFlowLogsConfigs~1{vpcFlowLogsConfigsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests/get response: mediaType: application/json openAPIDocKey: '200' - patch: + objectKey: $.resources + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vpcFlowLogsConfigs~1{vpcFlowLogsConfigsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests~1{connectivityTestsId}/get response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vpcFlowLogsConfigs~1{vpcFlowLogsConfigsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests~1{connectivityTestsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1global~1connectivityTests~1{connectivityTestsId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/vpc_flow_logs_configs/methods/get' - - $ref: >- - #/components/x-stackQL-resources/vpc_flow_logs_configs/methods/list + - $ref: '#/components/x-stackQL-resources/connectivity_tests/methods/get' + - $ref: '#/components/x-stackQL-resources/connectivity_tests/methods/list' insert: - - $ref: >- - #/components/x-stackQL-resources/vpc_flow_logs_configs/methods/create + - $ref: '#/components/x-stackQL-resources/connectivity_tests/methods/create' update: - - $ref: >- - #/components/x-stackQL-resources/vpc_flow_logs_configs/methods/patch + - $ref: '#/components/x-stackQL-resources/connectivity_tests/methods/patch' replace: [] delete: - - $ref: >- - #/components/x-stackQL-resources/vpc_flow_logs_configs/methods/delete + - $ref: '#/components/x-stackQL-resources/connectivity_tests/methods/delete' paths: - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/_.xgafv' - get: - description: Lists information about the supported locations for this service. - operationId: networkmanagement.projects.locations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListLocationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 + - $ref: '#/components/parameters/prettyPrint' get: description: Gets information about a location. operationId: networkmanagement.projects.locations.get @@ -4534,13 +4133,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/global/operations: + /v1/projects/{projectsId}/locations: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: networkmanagement.projects.locations.global.operations.list + description: Lists information about the supported locations for this service. + operationId: networkmanagement.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4552,7 +4149,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId @@ -4560,56 +4157,40 @@ paths: schema: type: string - in: query - name: filter + name: extraLocationTypes schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/global/operations/{operationsId}: - parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: networkmanagement.projects.locations.global.operations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true + - in: query + name: filter schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize schema: - type: string - delete: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/vpcFlowLogsConfigs/{vpcFlowLogsConfigsId}: + parameters: *ref_1 + patch: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: networkmanagement.projects.locations.global.operations.delete + Updates an existing `VpcFlowLogsConfig`. If a configuration with the + exact same settings already exists (even if the ID is different), the + creation fails. Notes: 1. Updating a configuration with `state=DISABLED` + will fail. 2. The following fields are not considered as settings for + the purpose of the check mentioned above, therefore - updating another + configuration with the same fields but different values for the + following fields will fail as well: * name * create_time * update_time * + labels * description + operationId: networkmanagement.projects.locations.vpcFlowLogsConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/VpcFlowLogsConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4621,7 +4202,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4629,29 +4210,23 @@ paths: schema: type: string - in: path - name: operationsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/global/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: networkmanagement.projects.locations.global.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + - in: path + name: vpcFlowLogsConfigsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a specific `VpcFlowLogsConfig`. + operationId: networkmanagement.projects.locations.vpcFlowLogsConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4663,7 +4238,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4671,15 +4246,18 @@ paths: schema: type: string - in: path - name: operationsId + name: locationsId + required: true + schema: + type: string + - in: path + name: vpcFlowLogsConfigsId required: true schema: type: string - /v1/projects/{projectsId}/locations/global/connectivityTests: - parameters: *ref_1 get: - description: Lists all Connectivity Tests owned by a project. - operationId: networkmanagement.projects.locations.global.connectivityTests.list + description: Gets the details of a specific `VpcFlowLogsConfig`. + operationId: networkmanagement.projects.locations.vpcFlowLogsConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4691,48 +4269,41 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListConnectivityTestsResponse' + $ref: '#/components/schemas/VpcFlowLogsConfig' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: orderBy + - in: path + name: vpcFlowLogsConfigsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/vpcFlowLogsConfigs: + parameters: *ref_1 post: description: >- - Creates a new Connectivity Test. After you create a test, the - reachability analysis is performed as part of the long running - operation, which completes when the analysis completes. If the endpoint - specifications in `ConnectivityTest` are invalid (for example, - containing non-existent resources in the network, or you don't have read - permissions to the network configurations of listed projects), then the - reachability result returns a value of `UNKNOWN`. If the endpoint - specifications in `ConnectivityTest` are incomplete, the reachability - result returns a value of AMBIGUOUS. For more information, see the - Connectivity Test documentation. - operationId: networkmanagement.projects.locations.global.connectivityTests.create + Creates a new `VpcFlowLogsConfig`. If a configuration with the exact + same settings already exists (even if the ID is different), the creation + fails. Notes: 1. Creating a configuration with `state=DISABLED` will + fail 2. The following fields are not considered as settings for the + purpose of the check mentioned above, therefore - creating another + configuration with the same fields but different values for the + following fields will fail as well: * name * create_time * update_time * + labels * description + operationId: networkmanagement.projects.locations.vpcFlowLogsConfigs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/ConnectivityTest' + $ref: '#/components/schemas/VpcFlowLogsConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4751,15 +4322,18 @@ paths: required: true schema: type: string + - in: path + name: locationsId + required: true + schema: + type: string - in: query - name: testId + name: vpcFlowLogsConfigId schema: type: string - /v1/projects/{projectsId}/locations/global/connectivityTests/{connectivityTestsId}: - parameters: *ref_1 get: - description: Gets the details of a specific Connectivity Test. - operationId: networkmanagement.projects.locations.global.connectivityTests.get + description: Lists all `VpcFlowLogsConfigs` in a given project. + operationId: networkmanagement.projects.locations.vpcFlowLogsConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4771,7 +4345,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ConnectivityTest' + $ref: '#/components/schemas/ListVpcFlowLogsConfigsResponse' parameters: - in: path name: projectsId @@ -4779,29 +4353,35 @@ paths: schema: type: string - in: path - name: connectivityTestsId + name: locationsId required: true schema: type: string - patch: + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/vpcFlowLogsConfigs:showEffectiveFlowLogsConfigs: + parameters: *ref_1 + get: description: >- - Updates the configuration of an existing `ConnectivityTest`. After you - update a test, the reachability analysis is performed as part of the - long running operation, which completes when the analysis completes. The - Reachability state in the test resource is updated with the new result. - If the endpoint specifications in `ConnectivityTest` are invalid (for - example, they contain non-existent resources in the network, or the user - does not have read permissions to the network configurations of listed - projects), then the reachability result returns a value of UNKNOWN. If - the endpoint specifications in `ConnectivityTest` are incomplete, the - reachability result returns a value of `AMBIGUOUS`. See the - documentation in `ConnectivityTest` for more details. - operationId: networkmanagement.projects.locations.global.connectivityTests.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ConnectivityTest' + ShowEffectiveFlowLogsConfigs returns a list of all VPC Flow Logs + configurations applicable to a specified resource. + operationId: >- + networkmanagement.projects.locations.vpcFlowLogsConfigs.showEffectiveFlowLogsConfigs security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4813,7 +4393,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ShowEffectiveFlowLogsConfigsResponse' parameters: - in: path name: projectsId @@ -4821,60 +4401,35 @@ paths: schema: type: string - in: path - name: connectivityTestsId + name: locationsId required: true schema: type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - delete: - description: Deletes a specific `ConnectivityTest`. - operationId: networkmanagement.projects.locations.global.connectivityTests.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true + - in: query + name: resource schema: type: string - - in: path - name: connectivityTestsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/global/connectivityTests/{connectivityTestsId}:rerun: + /v1/projects/{projectsId}/locations/{locationsId}/vpcFlowLogsConfigs:queryOrgVpcFlowLogsConfigs: parameters: *ref_1 - post: + get: description: >- - Rerun an existing `ConnectivityTest`. After the user triggers the rerun, - the reachability analysis is performed as part of the long running - operation, which completes when the analysis completes. Even though the - test configuration remains the same, the reachability result may change - due to underlying network configuration changes. If the endpoint - specifications in `ConnectivityTest` become invalid (for example, - specified resources are deleted in the network, or you lost read - permissions to the network configurations of listed projects), then the - reachability result returns a value of `UNKNOWN`. - operationId: networkmanagement.projects.locations.global.connectivityTests.rerun - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RerunConnectivityTestRequest' + QueryOrgVpcFlowLogsConfigs returns a list of all organization-level VPC + Flow Logs configurations applicable to the specified project. + operationId: >- + networkmanagement.projects.locations.vpcFlowLogsConfigs.queryOrgVpcFlowLogsConfigs security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4886,7 +4441,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/QueryOrgVpcFlowLogsConfigsResponse' parameters: - in: path name: projectsId @@ -4894,24 +4449,42 @@ paths: schema: type: string - in: path - name: connectivityTestsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/global/connectivityTests/{connectivityTestsId}:setIamPolicy: + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/global/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: >- - networkmanagement.projects.locations.global.connectivityTests.setIamPolicy + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: networkmanagement.projects.locations.global.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4923,7 +4496,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -4931,18 +4504,17 @@ paths: schema: type: string - in: path - name: connectivityTestsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/global/connectivityTests/{connectivityTestsId}:getIamPolicy: - parameters: *ref_1 - get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: >- - networkmanagement.projects.locations.global.connectivityTests.getIamPolicy + /v1/projects/{projectsId}/locations/global/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: networkmanagement.projects.locations.global.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4954,39 +4526,39 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: connectivityTestsId - required: true + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter schema: type: string - in: query - name: options.requestedPolicyVersion + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/global/connectivityTests/{connectivityTestsId}:testIamPermissions: + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/global/operations/{operationsId}: parameters: *ref_1 - post: + delete: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: >- - networkmanagement.projects.locations.global.connectivityTests.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: networkmanagement.projects.locations.global.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4998,7 +4570,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -5006,15 +4578,16 @@ paths: schema: type: string - in: path - name: connectivityTestsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/networkMonitoringProviders: - parameters: *ref_1 get: - description: Lists NetworkMonitoringProviders for a given project and location. - operationId: networkmanagement.projects.locations.networkMonitoringProviders.list + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: networkmanagement.projects.locations.global.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5026,7 +4599,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListNetworkMonitoringProvidersResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5034,27 +4607,24 @@ paths: schema: type: string - in: path - name: locationsId + name: operationsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string + /v1/projects/{projectsId}/locations/global/connectivityTests/{connectivityTestsId}:setIamPolicy: + parameters: *ref_1 post: - description: Creates a NetworkMonitoringProvider resource. - operationId: networkmanagement.projects.locations.networkMonitoringProviders.create + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: >- + networkmanagement.projects.locations.global.connectivityTests.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/NetworkMonitoringProvider' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5066,7 +4636,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -5074,19 +4644,26 @@ paths: schema: type: string - in: path - name: locationsId + name: connectivityTestsId required: true schema: type: string - - in: query - name: networkMonitoringProviderId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/networkMonitoringProviders/{networkMonitoringProvidersId}: + /v1/projects/{projectsId}/locations/global/connectivityTests/{connectivityTestsId}:testIamPermissions: parameters: *ref_1 - get: - description: Gets the NetworkMonitoringProvider resource. - operationId: networkmanagement.projects.locations.networkMonitoringProviders.get + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: >- + networkmanagement.projects.locations.global.connectivityTests.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5098,7 +4675,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NetworkMonitoringProvider' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -5106,20 +4683,29 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: networkMonitoringProvidersId + name: connectivityTestsId required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/global/connectivityTests/{connectivityTestsId}:rerun: + parameters: *ref_1 + post: description: >- - Deletes a NetworkMonitoringProvider resource and all of its child - resources. - operationId: networkmanagement.projects.locations.networkMonitoringProviders.delete + Rerun an existing `ConnectivityTest`. After the user triggers the rerun, + the reachability analysis is performed as part of the long running + operation, which completes when the analysis completes. Even though the + test configuration remains the same, the reachability result may change + due to underlying network configuration changes. If the endpoint + specifications in `ConnectivityTest` become invalid (for example, + specified resources are deleted in the network, or you lost read + permissions to the network configurations of listed projects), then the + reachability result returns a value of `UNKNOWN`. + operationId: networkmanagement.projects.locations.global.connectivityTests.rerun + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RerunConnectivityTestRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5139,21 +4725,18 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: networkMonitoringProvidersId + name: connectivityTestsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/networkMonitoringProviders/{networkMonitoringProvidersId}/monitoringPoints: + /v1/projects/{projectsId}/locations/global/connectivityTests/{connectivityTestsId}:getIamPolicy: parameters: *ref_1 get: - description: Lists MonitoringPoints for a given network monitoring provider. + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. operationId: >- - networkmanagement.projects.locations.networkMonitoringProviders.monitoringPoints.list + networkmanagement.projects.locations.global.connectivityTests.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5165,7 +4748,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListMonitoringPointsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -5173,30 +4756,35 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: networkMonitoringProvidersId + name: connectivityTestsId required: true schema: type: string - in: query - name: pageSize + name: options.requestedPolicyVersion schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/networkMonitoringProviders/{networkMonitoringProvidersId}/monitoringPoints/{monitoringPointsId}: + /v1/projects/{projectsId}/locations/global/connectivityTests: parameters: *ref_1 - get: - description: Gets the MonitoringPoint resource. - operationId: >- - networkmanagement.projects.locations.networkMonitoringProviders.monitoringPoints.get + post: + description: >- + Creates a new Connectivity Test. After you create a test, the + reachability analysis is performed as part of the long running + operation, which completes when the analysis completes. If the endpoint + specifications in `ConnectivityTest` are invalid (for example, + containing non-existent resources in the network, or you don't have read + permissions to the network configurations of listed projects), then the + reachability result returns a value of `UNKNOWN`. If the endpoint + specifications in `ConnectivityTest` are incomplete, the reachability + result returns a value of AMBIGUOUS. For more information, see the + Connectivity Test documentation. + operationId: networkmanagement.projects.locations.global.connectivityTests.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ConnectivityTest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5208,34 +4796,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/MonitoringPoint' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: networkMonitoringProvidersId - required: true - schema: - type: string - - in: path - name: monitoringPointsId - required: true + - in: query + name: testId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/networkMonitoringProviders/{networkMonitoringProvidersId}/networkPaths: - parameters: *ref_1 get: - description: Lists NetworkPaths for a given network monitoring provider. - operationId: >- - networkmanagement.projects.locations.networkMonitoringProviders.networkPaths.list + description: Lists all Connectivity Tests owned by a project. + operationId: networkmanagement.projects.locations.global.connectivityTests.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5247,23 +4821,13 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListNetworkPathsResponse' + $ref: '#/components/schemas/ListConnectivityTestsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: networkMonitoringProvidersId - required: true - schema: - type: string - in: query name: pageSize schema: @@ -5273,12 +4837,19 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/networkMonitoringProviders/{networkMonitoringProvidersId}/networkPaths/{networkPathsId}: + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/global/connectivityTests/{connectivityTestsId}: parameters: *ref_1 get: - description: Gets the NetworkPath resource. - operationId: >- - networkmanagement.projects.locations.networkMonitoringProviders.networkPaths.get + description: Gets the details of a specific Connectivity Test. + operationId: networkmanagement.projects.locations.global.connectivityTests.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5290,7 +4861,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NetworkPath' + $ref: '#/components/schemas/ConnectivityTest' parameters: - in: path name: projectsId @@ -5298,26 +4869,13 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: networkMonitoringProvidersId - required: true - schema: - type: string - - in: path - name: networkPathsId + name: connectivityTestsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/networkMonitoringProviders/{networkMonitoringProvidersId}/webPaths: - parameters: *ref_1 - get: - description: Lists WebPaths for a given network monitoring provider. - operationId: >- - networkmanagement.projects.locations.networkMonitoringProviders.webPaths.list + delete: + description: Deletes a specific `ConnectivityTest`. + operationId: networkmanagement.projects.locations.global.connectivityTests.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5329,7 +4887,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListWebPathsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5337,30 +4895,29 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: networkMonitoringProvidersId + name: connectivityTestsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/networkMonitoringProviders/{networkMonitoringProvidersId}/webPaths/{webPathsId}: - parameters: *ref_1 - get: - description: Gets the WebPath resource. - operationId: >- - networkmanagement.projects.locations.networkMonitoringProviders.webPaths.get + patch: + description: >- + Updates the configuration of an existing `ConnectivityTest`. After you + update a test, the reachability analysis is performed as part of the + long running operation, which completes when the analysis completes. The + Reachability state in the test resource is updated with the new result. + If the endpoint specifications in `ConnectivityTest` are invalid (for + example, they contain non-existent resources in the network, or the user + does not have read permissions to the network configurations of listed + projects), then the reachability result returns a value of UNKNOWN. If + the endpoint specifications in `ConnectivityTest` are incomplete, the + reachability result returns a value of `AMBIGUOUS`. See the + documentation in `ConnectivityTest` for more details. + operationId: networkmanagement.projects.locations.global.connectivityTests.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ConnectivityTest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5372,7 +4929,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WebPath' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5380,25 +4937,20 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: networkMonitoringProvidersId + name: connectivityTestsId required: true schema: type: string - - in: path - name: webPathsId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/vpcFlowLogsConfigs: + format: google-fieldmask + /v1/organizations/{organizationsId}/locations: parameters: *ref_1 get: - description: Lists all `VpcFlowLogsConfigs` in a given project. - operationId: networkmanagement.projects.locations.vpcFlowLogsConfigs.list + description: Lists information about the supported locations for this service. + operationId: networkmanagement.organizations.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5410,51 +4962,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListVpcFlowLogsConfigsResponse' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId + name: organizationsId required: true schema: type: string - in: query - name: pageSize + name: extraLocationTypes schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - in: query - name: filter + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: orderBy + name: filter schema: type: string - post: - description: >- - Creates a new `VpcFlowLogsConfig`. If a configuration with the exact - same settings already exists (even if the ID is different), the creation - fails. Notes: 1. Creating a configuration with `state=DISABLED` will - fail 2. The following fields are not considered as settings for the - purpose of the check mentioned above, therefore - creating another - configuration with the same fields but different values for the - following fields will fail as well: * name * create_time * update_time * - labels * description - operationId: networkmanagement.projects.locations.vpcFlowLogsConfigs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/VpcFlowLogsConfig' + /v1/organizations/{organizationsId}/locations/{locationsId}: + parameters: *ref_1 + get: + description: Gets information about a location. + operationId: networkmanagement.organizations.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5466,10 +5002,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Location' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -5478,15 +5014,24 @@ paths: required: true schema: type: string - - in: query - name: vpcFlowLogsConfigId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/vpcFlowLogsConfigs/{vpcFlowLogsConfigsId}: + /v1/organizations/{organizationsId}/locations/{locationsId}/vpcFlowLogsConfigs/{vpcFlowLogsConfigsId}: parameters: *ref_1 - get: - description: Gets the details of a specific `VpcFlowLogsConfig`. - operationId: networkmanagement.projects.locations.vpcFlowLogsConfigs.get + patch: + description: >- + Updates an existing `VpcFlowLogsConfig`. If a configuration with the + exact same settings already exists (even if the ID is different), the + creation fails. Notes: 1. Updating a configuration with `state=DISABLED` + will fail 2. The following fields are not considered as settings for the + purpose of the check mentioned above, therefore - updating another + configuration with the same fields but different values for the + following fields will fail as well: * name * create_time * update_time * + labels * description + operationId: networkmanagement.organizations.locations.vpcFlowLogsConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/VpcFlowLogsConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5498,10 +5043,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VpcFlowLogsConfig' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -5515,22 +5060,14 @@ paths: required: true schema: type: string - patch: - description: >- - Updates an existing `VpcFlowLogsConfig`. If a configuration with the - exact same settings already exists (even if the ID is different), the - creation fails. Notes: 1. Updating a configuration with `state=DISABLED` - will fail. 2. The following fields are not considered as settings for - the purpose of the check mentioned above, therefore - updating another - configuration with the same fields but different values for the - following fields will fail as well: * name * create_time * update_time * - labels * description - operationId: networkmanagement.projects.locations.vpcFlowLogsConfigs.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/VpcFlowLogsConfig' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets the details of a specific `VpcFlowLogsConfig`. + operationId: networkmanagement.organizations.locations.vpcFlowLogsConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5542,10 +5079,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/VpcFlowLogsConfig' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -5559,14 +5096,9 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask delete: description: Deletes a specific `VpcFlowLogsConfig`. - operationId: networkmanagement.projects.locations.vpcFlowLogsConfigs.delete + operationId: networkmanagement.organizations.locations.vpcFlowLogsConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5581,7 +5113,7 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -5595,11 +5127,11 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/locations: + /v1/organizations/{organizationsId}/locations/{locationsId}/vpcFlowLogsConfigs: parameters: *ref_1 get: - description: Lists information about the supported locations for this service. - operationId: networkmanagement.organizations.locations.list + description: Lists all `VpcFlowLogsConfigs` in a given organization. + operationId: networkmanagement.organizations.locations.vpcFlowLogsConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5611,35 +5143,51 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/ListVpcFlowLogsConfigsResponse' parameters: - in: path name: organizationsId required: true schema: type: string + - in: path + name: locationsId + required: true + schema: + type: string - in: query - name: filter + name: orderBy schema: type: string - in: query - name: pageSize + name: filter schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - in: query - name: extraLocationTypes + name: pageSize schema: - type: string - /v1/organizations/{organizationsId}/locations/{locationsId}: - parameters: *ref_1 - get: - description: Gets information about a location. - operationId: networkmanagement.organizations.locations.get + type: integer + format: int32 + post: + description: >- + Creates a new `VpcFlowLogsConfig`. If a configuration with the exact + same settings already exists (even if the ID is different), the creation + fails. Notes: 1. Creating a configuration with `state=DISABLED` will + fail 2. The following fields are not considered as settings for the + purpose of the check mentioned above, therefore - creating another + configuration with the same fields but different values for the + following fields will fail as well: * name * create_time * update_time * + labels * description + operationId: networkmanagement.organizations.locations.vpcFlowLogsConfigs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/VpcFlowLogsConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5651,7 +5199,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/Operation' parameters: - in: path name: organizationsId @@ -5663,13 +5211,29 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/operations: + - in: query + name: vpcFlowLogsConfigId + schema: + type: string + /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: networkmanagement.organizations.locations.operations.list + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: networkmanagement.organizations.locations.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5681,7 +5245,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: organizationsId @@ -5693,17 +5257,9 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}: @@ -5777,25 +5333,13 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}:cancel: + /v1/organizations/{organizationsId}/locations/{locationsId}/operations: parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: networkmanagement.organizations.locations.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: networkmanagement.organizations.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5807,7 +5351,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: organizationsId @@ -5819,8 +5363,20 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/networksecurity.yaml b/providers/src/googleapis.com/v00.00.00000/services/networksecurity.yaml index 101151c3..4995ae61 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/networksecurity.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/networksecurity.yaml @@ -7,8 +7,8 @@ info: title: Network Security API description: '' version: v1 - x-discovery-doc-revision: '20250806' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251020' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/networking servers: @@ -34,1145 +34,1009 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object + InterceptLocation: + description: Details about intercept in a specific cloud location. properties: - operations: + location: + type: string description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + Output only. The cloud location, e.g. "us-central1-a" or + "asia-south1". + readOnly: true + state: + enum: + - STATE_UNSPECIFIED + - ACTIVE + - OUT_OF_SYNC + enumDescriptions: + - State not set (this is not a valid state). + - The resource is ready and in sync in the location. + - >- + The resource is out of sync in the location. In most cases, this + is a result of a transient issue within the system (e.g. an + inaccessible location) and the system is expected to recover + automatically. + readOnly: true + description: Output only. The current state of the association in this location. type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + id: InterceptLocation + type: object + InterceptEndpointGroupConnectedDeploymentGroup: + description: The endpoint group's view of a connected deployment group. + id: InterceptEndpointGroupConnectedDeploymentGroup type: object properties: name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: + Output only. The connected deployment group's resource name, for + example: + `projects/123456789/locations/global/interceptDeploymentGroups/my-dg`. + See https://google.aip.dev/124. + readOnly: true + locations: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + Output only. The list of locations where the deployment group is + present. + readOnly: true type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - ListAddressGroupsResponse: - id: ListAddressGroupsResponse - description: Response returned by the ListAddressGroups method. + $ref: '#/components/schemas/InterceptLocation' + ListInterceptEndpointGroupsResponse: type: object + description: Response message for ListInterceptEndpointGroups. + id: ListInterceptEndpointGroupsResponse properties: - addressGroups: - description: List of AddressGroups resources. - type: array - items: - $ref: '#/components/schemas/AddressGroup' nextPageToken: - description: >- - If there might be more results than those appearing in this - response, then `next_page_token` is included. To get the next set of - results, call this method again using the value of `next_page_token` - as `page_token`. type: string - unreachable: - description: Locations that could not be reached. - type: array + description: >- + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. See + https://google.aip.dev/158 for more details. + interceptEndpointGroups: + description: The endpoint groups from the specified parent. items: - type: string - AddressGroup: - id: AddressGroup - description: >- - AddressGroup is a resource that specifies how a collection of IP/DNS - used in Firewall Policy. + $ref: '#/components/schemas/InterceptEndpointGroup' + type: array + SeverityOverride: + id: SeverityOverride type: object properties: - name: - description: >- - Required. Name of the AddressGroup resource. It matches pattern - `projects/*/locations/{location}/addressGroups/`. + severity: + type: string + enumDescriptions: + - Severity level not specified. + - >- + Suspicious events that do not pose an immediate threat, but that + are reported to call attention to deeper problems that could + possibly exist. + - >- + Warning-level threats that have very little impact on an + organization's infrastructure. They usually require local or + physical system access and may often result in victim privacy + issues and information leakage. + - >- + Minor threats in which impact is minimized, that do not compromise + the target or exploits that require an attacker to reside on the + same local network as the victim, affect only non-standard + configurations or obscure applications, or provide very limited + access. + - >- + Threats that have the ability to become critical but have + mitigating factors; for example, they may be difficult to exploit, + do not result in elevated privileges, or do not have a large + victim pool. + - >- + Serious threats, such as those that affect default installations + of widely deployed software, result in root compromise of servers, + and the exploit code is widely available to attackers. The + attacker usually does not need any special authentication + credentials or knowledge about the individual victims and the + target does not need to be manipulated into performing any special + functions. + enum: + - SEVERITY_UNSPECIFIED + - INFORMATIONAL + - LOW + - MEDIUM + - HIGH + - CRITICAL + description: Required. Severity level to match. + action: + enum: + - THREAT_ACTION_UNSPECIFIED + - DEFAULT_ACTION + - ALLOW + - ALERT + - DENY type: string + enumDescriptions: + - Threat action not specified. + - The default action (as specified by the vendor) is taken. + - The packet matching this rule will be allowed to transmit. + - >- + The packet matching this rule will be allowed to transmit, but a + threat_log entry will be sent to the consumer project. + - >- + The packet matching this rule will be dropped, and a threat_log + entry will be sent to the consumer project. + description: Required. Threat action override. + description: Defines what action to take for a specific severity match. + SecurityProfile: + description: >- + SecurityProfile is a resource that defines the behavior for one of many + ProfileTypes. + properties: description: - description: Optional. Free-text description of the resource. + description: >- + Optional. An optional description of the profile. Max length 512 + characters. type: string createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true type: string format: google-datetime + readOnly: true + description: Output only. Resource creation timestamp. updateTime: - description: Output only. The timestamp when the resource was updated. readOnly: true - type: string + description: Output only. Last resource update timestamp. format: google-datetime - labels: + type: string + customMirroringProfile: description: >- - Optional. Set of label tags associated with the AddressGroup - resource. - type: object - additionalProperties: - type: string - type: + The custom Packet Mirroring v2 configuration for the + SecurityProfile. + $ref: '#/components/schemas/CustomMirroringProfile' + name: + type: string description: >- - Required. The type of the Address Group. Possible values are "IPv4" - or "IPV6". + Immutable. Identifier. Name of the SecurityProfile resource. It + matches pattern + `projects|organizations/*/locations/{location}/securityProfiles/{security_profile}`. + type: type: string enumDescriptions: - - Default value. - - IP v4 ranges. - - IP v6 ranges. + - Profile type not specified. + - Profile type for threat prevention. + - Profile type for packet mirroring v2 + - Profile type for TPPI. enum: - - TYPE_UNSPECIFIED - - IPV4 - - IPV6 - items: - description: Optional. List of items. - type: array - items: - type: string - capacity: - description: Required. Capacity of the Address Group - type: integer - format: int32 - selfLink: - description: Output only. Server-defined fully-qualified URL for this resource. - readOnly: true - type: string - purpose: - description: Optional. List of supported purposes of the Address Group. - type: array - items: - type: string - enumDescriptions: - - Default value. Should never happen. - - >- - Address Group is distributed to VMC, and is usable in Firewall - Policies and other systems that rely on VMC. - - Address Group is usable in Cloud Armor. - enum: - - PURPOSE_UNSPECIFIED - - DEFAULT - - CLOUD_ARMOR - AddAddressGroupItemsRequest: - id: AddAddressGroupItemsRequest - description: Request used by the AddAddressGroupItems method. - type: object - properties: - items: - description: Required. List of items to add. - type: array - items: + - PROFILE_TYPE_UNSPECIFIED + - THREAT_PREVENTION + - CUSTOM_MIRRORING + - CUSTOM_INTERCEPT + description: >- + Immutable. The single ProfileType that the SecurityProfile resource + configures. + labels: + description: Optional. Labels as key value pairs. + additionalProperties: type: string - requestId: + type: object + etag: description: >- - Optional. An optional request ID to identify requests. Specify a - unique request ID so that if you must retry your request, the server - will know to ignore the request if it has already been completed. - The server will guarantee that for at least 60 minutes since the - first request. For example, consider a situation where you make an - initial request and the request times out. If you make the request - again with the same request ID, the server can check if original - operation with the same request ID was received, and if so, will - ignore the second request. This prevents clients from accidentally - creating duplicate commitments. The request ID must be a valid UUID - with the exception that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). + Output only. This checksum is computed by the server based on the + value of other fields, and may be sent on update and delete requests + to ensure the client has an up-to-date value before proceeding. type: string - RemoveAddressGroupItemsRequest: - id: RemoveAddressGroupItemsRequest - description: Request used by the RemoveAddressGroupItems method. + readOnly: true + threatPreventionProfile: + description: The threat prevention configuration for the SecurityProfile. + $ref: '#/components/schemas/ThreatPreventionProfile' + customInterceptProfile: + $ref: '#/components/schemas/CustomInterceptProfile' + description: The custom TPPI configuration for the SecurityProfile. + id: SecurityProfile + type: object + ListFirewallEndpointAssociationsResponse: + description: Message for response to listing Associations type: object properties: - items: - description: Required. List of items to remove. + firewallEndpointAssociations: type: array + items: + $ref: '#/components/schemas/FirewallEndpointAssociation' + description: The list of Association + unreachable: items: type: string - requestId: - description: >- - Optional. An optional request ID to identify requests. Specify a - unique request ID so that if you must retry your request, the server - will know to ignore the request if it has already been completed. - The server will guarantee that for at least 60 minutes since the - first request. For example, consider a situation where you make an - initial request and the request times out. If you make the request - again with the same request ID, the server can check if original - operation with the same request ID was received, and if so, will - ignore the second request. This prevents clients from accidentally - creating duplicate commitments. The request ID must be a valid UUID - with the exception that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). - type: string - CloneAddressGroupItemsRequest: - id: CloneAddressGroupItemsRequest - description: Request used by the CloneAddressGroupItems method. - type: object - properties: - sourceAddressGroup: - description: Required. Source address group to clone items from. - type: string - requestId: - description: >- - Optional. An optional request ID to identify requests. Specify a - unique request ID so that if you must retry your request, the server - will know to ignore the request if it has already been completed. - The server will guarantee that for at least 60 minutes since the - first request. For example, consider a situation where you make an - initial request and the request times out. If you make the request - again with the same request ID, the server can check if original - operation with the same request ID was received, and if so, will - ignore the second request. This prevents clients from accidentally - creating duplicate commitments. The request ID must be a valid UUID - with the exception that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). + description: Locations that could not be reached. + type: array + nextPageToken: + description: A token identifying a page of results the server should return. type: string - ListAddressGroupReferencesResponse: - id: ListAddressGroupReferencesResponse - description: Response of the ListAddressGroupReferences method. - type: object + id: ListFirewallEndpointAssociationsResponse + ListAuthorizationPoliciesResponse: + id: ListAuthorizationPoliciesResponse + description: Response returned by the ListAuthorizationPolicies method. properties: - addressGroupReferences: - description: >- - A list of references that matches the specified filter in the - request. - type: array - items: - $ref: >- - #/components/schemas/ListAddressGroupReferencesResponseAddressGroupReference nextPageToken: + type: string description: >- If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`. - type: string - ListAddressGroupReferencesResponseAddressGroupReference: - id: ListAddressGroupReferencesResponseAddressGroupReference - description: The Reference of AddressGroup. + authorizationPolicies: + description: List of AuthorizationPolicies resources. + items: + $ref: '#/components/schemas/AuthorizationPolicy' + type: array + type: object + SecurityProfileGroup: + description: >- + SecurityProfileGroup is a resource that defines the behavior for various + ProfileTypes. type: object properties: - firewallPolicy: - description: FirewallPolicy that is using the Address Group. + customMirroringProfile: type: string - securityPolicy: - description: Cloud Armor SecurityPolicy that is using the Address Group. + description: >- + Optional. Reference to a SecurityProfile with the CustomMirroring + configuration. + dataPathId: + format: uint64 + description: >- + Output only. Identifier used by the data-path. Unique within + {container, location}. + readOnly: true type: string - rulePriority: - description: Rule priority of the FirewallPolicy that is using the Address Group. - type: integer - format: int32 - ListFirewallEndpointsResponse: - id: ListFirewallEndpointsResponse - description: Message for response to listing Endpoints - type: object - properties: - firewallEndpoints: - description: The list of Endpoint - type: array - items: - $ref: '#/components/schemas/FirewallEndpoint' - nextPageToken: - description: A token identifying a page of results the server should return. + description: + description: >- + Optional. An optional description of the profile group. Max length + 2048 characters. type: string - unreachable: - description: Locations that could not be reached. - type: array - items: + labels: + type: object + additionalProperties: type: string - FirewallEndpoint: - id: FirewallEndpoint - description: Message describing Endpoint object. - type: object - properties: + description: Optional. Labels as key value pairs. name: - description: Immutable. Identifier. Name of resource. type: string - description: description: >- - Optional. Description of the firewall endpoint. Max length 2048 - characters. + Immutable. Identifier. Name of the SecurityProfileGroup resource. It + matches pattern + `projects|organizations/*/locations/{location}/securityProfileGroups/{security_profile_group}`. + etag: + readOnly: true + description: >- + Output only. This checksum is computed by the server based on the + value of other fields, and may be sent on update and delete requests + to ensure the client has an up-to-date value before proceeding. + type: string + customInterceptProfile: + description: >- + Optional. Reference to a SecurityProfile with the CustomIntercept + configuration. type: string createTime: - description: Output only. Create time stamp. + description: Output only. Resource creation timestamp. + format: google-datetime readOnly: true type: string - format: google-datetime updateTime: - description: Output only. Update time stamp readOnly: true + description: Output only. Last resource update timestamp. type: string format: google-datetime - labels: - description: Optional. Labels as key value pairs - type: object - additionalProperties: + threatPreventionProfile: + description: >- + Optional. Reference to a SecurityProfile with the ThreatPrevention + configuration. + type: string + id: SecurityProfileGroup + AuthzPolicyAuthzRuleIpBlock: + properties: + prefix: + type: string + description: Required. The address prefix. + length: + description: Required. The length of the address range. + type: integer + format: int32 + description: Represents a range of IP Addresses. + type: object + id: AuthzPolicyAuthzRuleIpBlock + AddressGroup: + id: AddressGroup + properties: + purpose: + description: Optional. List of supported purposes of the Address Group. + type: array + items: type: string - state: - description: Output only. Current state of the endpoint. - readOnly: true + enum: + - PURPOSE_UNSPECIFIED + - DEFAULT + - CLOUD_ARMOR + enumDescriptions: + - Default value. Should never happen. + - >- + Address Group is distributed to VMC, and is usable in Firewall + Policies and other systems that rely on VMC. + - Address Group is usable in Cloud Armor. + createTime: + format: google-datetime type: string - enumDescriptions: - - Not set. - - Being created. - - Processing configuration updates. - - Being deleted. - - Down or in an error state. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - - INACTIVE - reconciling: - description: >- - Output only. Whether reconciling is in progress, recommended per - https://google.aip.dev/128. readOnly: true - type: boolean - associatedNetworks: - description: >- - Output only. List of networks that are associated with this endpoint - in the local zone. This is a projection of the - FirewallEndpointAssociations pointing at this endpoint. A network - will only appear in this list after traffic routing is fully - configured. Format: projects/{project}/global/networks/{name}. + description: Output only. The timestamp when the resource was created. + selfLink: + description: Output only. Server-defined fully-qualified URL for this resource. readOnly: true - deprecated: true + type: string + items: + description: Optional. List of items. type: array items: type: string - associations: + type: description: >- - Output only. List of FirewallEndpointAssociations that are - associated to this endpoint. An association will only appear in this - list after traffic routing is fully configured. - readOnly: true - type: array - items: - $ref: '#/components/schemas/FirewallEndpointAssociationReference' - satisfiesPzs: - description: Output only. [Output Only] Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. [Output Only] Reserved for future use. - readOnly: true - type: boolean - billingProjectId: - description: Required. Project to bill on endpoint uptime usage. + Required. The type of the Address Group. Possible values are "IPv4" + or "IPV6". + enum: + - TYPE_UNSPECIFIED + - IPV4 + - IPV6 + enumDescriptions: + - Default value. + - IP v4 ranges. + - IP v6 ranges. type: string - FirewallEndpointAssociationReference: - id: FirewallEndpointAssociationReference - description: >- - This is a subset of the FirewallEndpointAssociation message, containing - fields to be used by the consumer. - type: object - properties: name: description: >- - Output only. The resource name of the FirewallEndpointAssociation. - Format: - projects/{project}/locations/{location}/firewallEndpointAssociations/{id} + Required. Name of the AddressGroup resource. It matches pattern + `projects/*/locations/{location}/addressGroups/`. + type: string + capacity: + description: Required. Capacity of the Address Group + format: int32 + type: integer + updateTime: readOnly: true + description: Output only. The timestamp when the resource was updated. + format: google-datetime type: string - network: + labels: description: >- - Output only. The VPC network associated. Format: - projects/{project}/global/networks/{name}. - readOnly: true + Optional. Set of label tags associated with the AddressGroup + resource. + type: object + additionalProperties: + type: string + description: + description: Optional. Free-text description of the resource. type: string - ListFirewallEndpointAssociationsResponse: - id: ListFirewallEndpointAssociationsResponse - description: Message for response to listing Associations + type: object + description: >- + AddressGroup is a resource that specifies how a collection of IP/DNS + used in Firewall Policy. + AuthzPolicyCustomProvider: + type: object + description: >- + Allows delegating authorization decisions to Cloud IAP or to Service + Extensions. + id: AuthzPolicyCustomProvider + properties: + authzExtension: + description: >- + Optional. Delegate authorization decision to user authored Service + Extension. Only one of cloudIap or authzExtension can be specified. + $ref: '#/components/schemas/AuthzPolicyCustomProviderAuthzExtension' + cloudIap: + $ref: '#/components/schemas/AuthzPolicyCustomProviderCloudIap' + description: >- + Optional. Delegates authorization decisions to Cloud IAP. Applicable + only for managed load balancers. Enabling Cloud IAP at the + AuthzPolicy level is not compatible with Cloud IAP settings in the + BackendService. Enabling IAP in both places will result in request + failure. Ensure that IAP is enabled in either the AuthzPolicy or the + BackendService but not in both places. + ListServerTlsPoliciesResponse: type: object properties: - firewallEndpointAssociations: - description: The list of Association - type: array - items: - $ref: '#/components/schemas/FirewallEndpointAssociation' nextPageToken: - description: A token identifying a page of results the server should return. type: string + description: >- + If there might be more results than those appearing in this + response, then `next_page_token` is included. To get the next set of + results, call this method again using the value of `next_page_token` + as `page_token`. unreachable: - description: Locations that could not be reached. type: array + description: >- + Unreachable resources. Populated when the request opts into + `return_partial_success` and reading across collections e.g. when + attempting to list all resources across all supported locations. items: type: string - FirewallEndpointAssociation: - id: FirewallEndpointAssociation - description: Message describing Association object + serverTlsPolicies: + description: List of ServerTlsPolicy resources. + type: array + items: + $ref: '#/components/schemas/ServerTlsPolicy' + id: ListServerTlsPoliciesResponse + description: Response returned by the ListServerTlsPolicies method. + ListAuthzPoliciesResponse: type: object properties: - name: - description: Immutable. Identifier. name of resource - type: string - createTime: - description: Output only. Create time stamp - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Update time stamp - readOnly: true - type: string - format: google-datetime - labels: - description: Optional. Labels as key value pairs - type: object - additionalProperties: + authzPolicies: + description: The list of `AuthzPolicy` resources. + items: + $ref: '#/components/schemas/AuthzPolicy' + type: array + unreachable: + type: array + items: type: string + description: Locations that could not be reached. + nextPageToken: + description: A token identifying a page of results that the server returns. + type: string + id: ListAuthzPoliciesResponse + description: Message for response to listing `AuthzPolicy` resources. + MirroringDeploymentGroup: + type: object + description: >- + A deployment group aggregates many zonal mirroring backends + (deployments) into a single global mirroring service. Consumers can + connect this service using an endpoint group. + properties: state: - description: Output only. Current state of the association. - readOnly: true type: string - enumDescriptions: - - Not set. - - Being created. - - Active and ready for traffic. - - Being deleted. - - Down or in an error state. - - The project that housed the association has been deleted. + description: >- + Output only. The current state of the deployment group. See + https://google.aip.dev/216. + readOnly: true enum: - STATE_UNSPECIFIED - - CREATING - ACTIVE + - CREATING - DELETING - - INACTIVE - - ORPHAN - network: - description: Required. The URL of the network that is being associated. - type: string - firewallEndpoint: - description: Required. The URL of the FirewallEndpoint that is being associated. - type: string - tlsInspectionPolicy: - description: >- - Optional. The URL of the TlsInspectionPolicy that is being - associated. - type: string - reconciling: + - CLOSED + enumDescriptions: + - State not set (this is not a valid state). + - The deployment group is ready. + - The deployment group is being created. + - The deployment group is being deleted. + - The deployment group is being wiped out (project deleted). + locations: description: >- - Output only. Whether reconciling is in progress, recommended per - https://google.aip.dev/128. + Output only. The list of locations where the deployment group is + present. readOnly: true - type: boolean - disabled: + items: + $ref: '#/components/schemas/MirroringLocation' + type: array + labels: + type: object description: >- - Optional. Whether the association is disabled. True indicates that - traffic won't be intercepted - type: boolean - ListInterceptEndpointGroupsResponse: - id: ListInterceptEndpointGroupsResponse - description: Response message for ListInterceptEndpointGroups. - type: object - properties: - interceptEndpointGroups: - description: The endpoint groups from the specified parent. + Optional. Labels are key/value pairs that help to organize and + filter resources. + additionalProperties: + type: string + connectedEndpointGroups: type: array items: - $ref: '#/components/schemas/InterceptEndpointGroup' - nextPageToken: - description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. See - https://google.aip.dev/158 for more details. - type: string - InterceptEndpointGroup: - id: InterceptEndpointGroup - description: >- - An endpoint group is a consumer frontend for a deployment group - (backend). In order to configure intercept for a network, consumers must - create: - An association between their network and the endpoint group. - - A security profile that points to the endpoint group. - A firewall rule - that references the security profile (group). - type: object - properties: - name: - description: >- - Immutable. Identifier. The resource name of this endpoint group, for - example: - `projects/123456789/locations/global/interceptEndpointGroups/my-eg`. - See https://google.aip.dev/122 for more details. - type: string - createTime: + $ref: >- + #/components/schemas/MirroringDeploymentGroupConnectedEndpointGroup description: >- - Output only. The timestamp when the resource was created. See - https://google.aip.dev/148#timestamps. + Output only. The list of endpoint groups that are connected to this + resource. readOnly: true - type: string - format: google-datetime updateTime: + type: string + readOnly: true description: >- Output only. The timestamp when the resource was most recently updated. See https://google.aip.dev/148#timestamps. - readOnly: true - type: string format: google-datetime - labels: + name: description: >- - Optional. Labels are key/value pairs that help to organize and - filter resources. - type: object - additionalProperties: - type: string - interceptDeploymentGroup: + Immutable. Identifier. The resource name of this deployment group, + for example: + `projects/123456789/locations/global/mirroringDeploymentGroups/my-dg`. + See https://google.aip.dev/122 for more details. + type: string + network: description: >- - Required. Immutable. The deployment group that this endpoint group - is connected to, for example: - `projects/123456789/locations/global/interceptDeploymentGroups/my-dg`. - See https://google.aip.dev/124. + Required. Immutable. The network that will be used for all child + deployments, for example: + `projects/{project}/global/networks/{network}`. See + https://google.aip.dev/124. + type: string + createTime: + format: google-datetime type: string - connectedDeploymentGroup: description: >- - Output only. Details about the connected deployment group to this - endpoint group. + Output only. The timestamp when the resource was created. See + https://google.aip.dev/148#timestamps. readOnly: true - $ref: '#/components/schemas/InterceptEndpointGroupConnectedDeploymentGroup' - state: + nestedDeployments: description: >- - Output only. The current state of the endpoint group. See - https://google.aip.dev/216. + Output only. The list of Mirroring Deployments that belong to this + group. + type: array readOnly: true + items: + $ref: '#/components/schemas/MirroringDeploymentGroupDeployment' + deprecated: true + description: + description: >- + Optional. User-provided description of the deployment group. Used as + additional context for the deployment group. type: string - enumDescriptions: - - State not set (this is not a valid state). - - >- - The endpoint group is ready and in sync with the target deployment - group. - - >- - The deployment group backing this endpoint group has been - force-deleted. This endpoint group cannot be used and interception - is effectively disabled. - - The endpoint group is being created. - - The endpoint group is being deleted. - - >- - The endpoint group is out of sync with the backing deployment - group. In most cases, this is a result of a transient issue within - the system (e.g. an inaccessible location) and the system is - expected to recover automatically. See the associations field for - details per network and location. - - >- - An attempt to delete the endpoint group has failed. This is a - terminal state and the endpoint group is not expected to recover. - The only permitted operation is to retry deleting the endpoint - group. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - CLOSED - - CREATING - - DELETING - - OUT_OF_SYNC - - DELETE_FAILED reconciling: + readOnly: true description: >- Output only. The current state of the resource does not match the user's intended state, and the system is working to reconcile them. - This is part of the normal operation (e.g. adding a new association - to the group). See https://google.aip.dev/128. - readOnly: true + This is part of the normal operation (e.g. adding a new deployment + to the group) See https://google.aip.dev/128. type: boolean - associations: - description: Output only. List of associations to this endpoint group. - readOnly: true - type: array - items: - $ref: '#/components/schemas/InterceptEndpointGroupAssociationDetails' - description: - description: >- - Optional. User-provided description of the endpoint group. Used as - additional context for the endpoint group. - type: string - InterceptEndpointGroupConnectedDeploymentGroup: - id: InterceptEndpointGroupConnectedDeploymentGroup - description: The endpoint group's view of a connected deployment group. + id: MirroringDeploymentGroup + MTLSPolicy: + id: MTLSPolicy type: object + description: Specification of the MTLSPolicy. properties: - name: - description: >- - Output only. The connected deployment group's resource name, for - example: - `projects/123456789/locations/global/interceptDeploymentGroups/my-dg`. - See https://google.aip.dev/124. - readOnly: true + clientValidationTrustConfig: type: string - locations: description: >- - Output only. The list of locations where the deployment group is - present. - readOnly: true - type: array - items: - $ref: '#/components/schemas/InterceptLocation' - InterceptLocation: - id: InterceptLocation - description: Details about intercept in a specific cloud location. - type: object - properties: - location: + Reference to the TrustConfig from certificatemanager.googleapis.com + namespace. If specified, the chain validation will be performed + against certificates configured in the given TrustConfig. Allowed + only if the policy is to be used with Application Load Balancers. + clientValidationMode: description: >- - Output only. The cloud location, e.g. "us-central1-a" or - "asia-south1". - readOnly: true - type: string - state: - description: Output only. The current state of the association in this location. - readOnly: true + When the client presents an invalid certificate or no certificate to + the load balancer, the `client_validation_mode` specifies how the + client connection is handled. Required if the policy is to be used + with the Application Load Balancers. For Traffic Director it must be + empty. type: string + enum: + - CLIENT_VALIDATION_MODE_UNSPECIFIED + - ALLOW_INVALID_OR_MISSING_CLIENT_CERT + - REJECT_INVALID enumDescriptions: - - State not set (this is not a valid state). - - The resource is ready and in sync in the location. + - Not allowed. - >- - The resource is out of sync in the location. In most cases, this - is a result of a transient issue within the system (e.g. an - inaccessible location) and the system is expected to recover - automatically. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - OUT_OF_SYNC - InterceptEndpointGroupAssociationDetails: - id: InterceptEndpointGroupAssociationDetails - description: The endpoint group's view of a connected association. + Allow connection even if certificate chain validation of the + client certificate failed or no client certificate was presented. + The proof of possession of the private key is always checked if + client certificate was presented. This mode requires the backend + to implement processing of data extracted from a client + certificate to authenticate the peer, or to reject connections if + the client certificate fingerprint is missing. + - >- + Require a client certificate and allow connection to the backend + only if validation of the client certificate passed. If set, + requires a reference to non-empty TrustConfig specified in + `client_validation_trust_config`. + clientValidationCa: + items: + $ref: '#/components/schemas/ValidationCA' + type: array + description: >- + Required if the policy is to be used with Traffic Director. For + Application Load Balancers it must be empty. Defines the mechanism + to obtain the Certificate Authority certificate to validate the + client certificate. + AuthzPolicyAuthzRulePrincipal: + description: Describes the properties of a principal to be matched against. + id: AuthzPolicyAuthzRulePrincipal type: object properties: - name: - description: >- - Output only. The connected association's resource name, for example: - `projects/123456789/locations/global/interceptEndpointGroupAssociations/my-ega`. - See https://google.aip.dev/124. - readOnly: true - type: string - network: - description: >- - Output only. The associated network, for example: - projects/123456789/global/networks/my-network. See - https://google.aip.dev/124. - readOnly: true - type: string - state: - description: Output only. Most recent known state of the association. - readOnly: true + principalSelector: type: string enumDescriptions: - - Not set. - >- - The association is ready and in sync with the linked endpoint - group. - - The association is being created. - - The association is being deleted. + Unspecified principal selector. It will be treated as + CLIENT_CERT_URI_SAN by default. - >- - The association is disabled due to a breaking change in another - resource. + The principal rule is matched against a list of URI SANs in the + validated client's certificate. A match happens when there is any + exact URI SAN value match. This is the default principal selector. - >- - The association is out of sync with the linked endpoint group. In - most cases, this is a result of a transient issue within the - system (e.g. an inaccessible location) and the system is expected - to recover automatically. Check the `locations_details` field for - more details. + The principal rule is matched against a list of DNS Name SANs in + the validated client's certificate. A match happens when there is + any exact DNS Name SAN value match. This is only applicable for + Application Load Balancers except for classic Global External + Application load balancer. CLIENT_CERT_DNS_NAME_SAN is not + supported for INTERNAL_SELF_MANAGED load balancing scheme. - >- - An attempt to delete the association has failed. This is a - terminal state and the association is not expected to be usable as - some of its resources have been deleted. The only permitted - operation is to retry deleting the association. + The principal rule is matched against the common name in the + client's certificate. Authorization against multiple common names + in the client certificate is not supported. Requests with multiple + common names in the client certificate will be rejected if + CLIENT_CERT_COMMON_NAME is set as the principal selector. A match + happens when there is an exact common name value match. This is + only applicable for Application Load Balancers except for global + external Application Load Balancer and classic Application Load + Balancer. CLIENT_CERT_COMMON_NAME is not supported for + INTERNAL_SELF_MANAGED load balancing scheme. enum: - - STATE_UNSPECIFIED - - ACTIVE - - CREATING - - DELETING - - CLOSED - - OUT_OF_SYNC - - DELETE_FAILED - ListInterceptEndpointGroupAssociationsResponse: - id: ListInterceptEndpointGroupAssociationsResponse - description: Response message for ListInterceptEndpointGroupAssociations. - type: object - properties: - interceptEndpointGroupAssociations: - description: The associations from the specified parent. - type: array - items: - $ref: '#/components/schemas/InterceptEndpointGroupAssociation' - nextPageToken: + - PRINCIPAL_SELECTOR_UNSPECIFIED + - CLIENT_CERT_URI_SAN + - CLIENT_CERT_DNS_NAME_SAN + - CLIENT_CERT_COMMON_NAME description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. See - https://google.aip.dev/158 for more details. - type: string - InterceptEndpointGroupAssociation: - id: InterceptEndpointGroupAssociation - description: >- - An endpoint group association represents a link between a network and an - endpoint group in the organization. Creating an association creates the - networking infrastructure linking the network to the endpoint group, but - does not enable intercept by itself. To enable intercept, the user must - also create a network firewall policy containing intercept rules and - associate it with the network. - type: object - properties: - name: + Optional. An enum to decide what principal value the principal rule + will match against. If not specified, the PrincipalSelector is + CLIENT_CERT_URI_SAN. + principal: + $ref: '#/components/schemas/AuthzPolicyAuthzRuleStringMatch' description: >- - Immutable. Identifier. The resource name of this endpoint group - association, for example: - `projects/123456789/locations/global/interceptEndpointGroupAssociations/my-eg-association`. - See https://google.aip.dev/122 for more details. - type: string + Required. A non-empty string whose value is matched against the + principal value based on the principal_selector. Only exact match + can be applied for CLIENT_CERT_URI_SAN, CLIENT_CERT_DNS_NAME_SAN, + CLIENT_CERT_COMMON_NAME selectors. + UrlList: + properties: createTime: - description: >- - Output only. The timestamp when the resource was created. See - https://google.aip.dev/148#timestamps. readOnly: true - type: string format: google-datetime + description: Output only. Time when the security policy was created. + type: string updateTime: - description: >- - Output only. The timestamp when the resource was most recently - updated. See https://google.aip.dev/148#timestamps. - readOnly: true + description: Output only. Time when the security policy was updated. type: string format: google-datetime - labels: - description: >- - Optional. Labels are key/value pairs that help to organize and - filter resources. - type: object - additionalProperties: - type: string - interceptEndpointGroup: - description: >- - Required. Immutable. The endpoint group that this association is - connected to, for example: - `projects/123456789/locations/global/interceptEndpointGroups/my-eg`. - See https://google.aip.dev/124. - type: string - network: + readOnly: true + name: description: >- - Required. Immutable. The VPC network that is associated. for - example: `projects/123456789/global/networks/my-network`. See - https://google.aip.dev/124. + Required. Name of the resource provided by the user. Name is of the + form projects/{project}/locations/{location}/urlLists/{url_list} + url_list should match the + pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$). type: string - locationsDetails: - description: >- - Output only. The list of locations where the association is present. - This information is retrieved from the linked endpoint group, and - not configured as part of the association itself. - readOnly: true - deprecated: true - type: array - items: - $ref: >- - #/components/schemas/InterceptEndpointGroupAssociationLocationDetails - state: - description: Output only. Current state of the endpoint group association. - readOnly: true + description: type: string - enumDescriptions: - - Not set. - - >- - The association is ready and in sync with the linked endpoint - group. - - The association is being created. - - The association is being deleted. - - >- - The association is disabled due to a breaking change in another - resource. - - >- - The association is out of sync with the linked endpoint group. In - most cases, this is a result of a transient issue within the - system (e.g. an inaccessible location) and the system is expected - to recover automatically. Check the `locations_details` field for - more details. - - >- - An attempt to delete the association has failed. This is a - terminal state and the association is not expected to be usable as - some of its resources have been deleted. The only permitted - operation is to retry deleting the association. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - CREATING - - DELETING - - CLOSED - - OUT_OF_SYNC - - DELETE_FAILED - reconciling: - description: >- - Output only. The current state of the resource does not match the - user's intended state, and the system is working to reconcile them. - This part of the normal operation (e.g. adding a new location to the - target deployment group). See https://google.aip.dev/128. - readOnly: true - type: boolean - locations: - description: >- - Output only. The list of locations where the association is - configured. This information is retrieved from the linked endpoint - group. - readOnly: true + description: Optional. Free-text description of the resource. + values: type: array items: - $ref: '#/components/schemas/InterceptLocation' - InterceptEndpointGroupAssociationLocationDetails: - id: InterceptEndpointGroupAssociationLocationDetails + type: string + description: Required. FQDNs and URLs. + type: object description: >- - Contains details about the state of an association in a specific cloud - location. + UrlList proto helps users to set reusable, independently manageable + lists of hosts, host patterns, URLs, URL patterns. + id: UrlList + CustomMirroringProfile: + description: >- + CustomMirroringProfile defines out-of-band integration behavior + (mirroring). It is used by mirroring rules with a MIRROR action. + id: CustomMirroringProfile type: object properties: - location: + mirroringEndpointGroup: description: >- - Output only. The cloud location, e.g. "us-central1-a" or - "asia-south1". - readOnly: true - type: string - state: - description: Output only. The current state of the association in this location. - readOnly: true + Required. The target MirroringEndpointGroup. When a mirroring rule + with this security profile attached matches a packet, a replica will + be mirrored to the location-local target in this group. type: string - enumDescriptions: - - Not set. - - >- - The association is ready and in sync with the linked endpoint - group. - - >- - The association is out of sync with the linked endpoint group. In - most cases, this is a result of a transient issue within the - system (e.g. an inaccessible location) and the system is expected - to recover automatically. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - OUT_OF_SYNC - ListInterceptDeploymentGroupsResponse: - id: ListInterceptDeploymentGroupsResponse - description: Response message for ListInterceptDeploymentGroups. - type: object + AuthzPolicyAuthzRuleTo: + id: AuthzPolicyAuthzRuleTo properties: - interceptDeploymentGroups: - description: The deployment groups from the specified parent. + notOperations: type: array items: - $ref: '#/components/schemas/InterceptDeploymentGroup' - nextPageToken: + $ref: '#/components/schemas/AuthzPolicyAuthzRuleToRequestOperation' description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. See - https://google.aip.dev/158 for more details. - type: string - InterceptDeploymentGroup: - id: InterceptDeploymentGroup - description: >- - A deployment group aggregates many zonal intercept backends - (deployments) into a single global intercept service. Consumers can - connect this service using an endpoint group. + Optional. Describes the negated properties of the targets of a + request. Matches requests for operations that do not match the + criteria specified in this field. At least one of operations or + notOperations must be specified. + operations: + items: + $ref: '#/components/schemas/AuthzPolicyAuthzRuleToRequestOperation' + description: >- + Optional. Describes properties of one or more targets of a request. + At least one of operations or notOperations must be specified. + Limited to 1 operation. A match occurs when ANY operation (in + operations or notOperations) matches. Within an operation, the match + follows AND semantics across fields and OR semantics within a field, + i.e. a match occurs when ANY path matches AND ANY header matches and + ANY method matches. + type: array + type: object + description: Describes properties of one or more targets of a request. + GoogleIamV1Binding: type: object + description: Associates `members`, or principals, with a `role`. + id: GoogleIamV1Binding properties: - name: - description: >- - Immutable. Identifier. The resource name of this deployment group, - for example: - `projects/123456789/locations/global/interceptDeploymentGroups/my-dg`. - See https://google.aip.dev/122 for more details. - type: string - createTime: - description: >- - Output only. The timestamp when the resource was created. See - https://google.aip.dev/148#timestamps. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. The timestamp when the resource was most recently - updated. See https://google.aip.dev/148#timestamps. - readOnly: true - type: string - format: google-datetime - labels: - description: >- - Optional. Labels are key/value pairs that help to organize and - filter resources. - type: object - additionalProperties: - type: string - network: + condition: description: >- - Required. Immutable. The network that will be used for all child - deployments, for example: - `projects/{project}/global/networks/{network}`. See - https://google.aip.dev/124. - type: string - connectedEndpointGroups: + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + members: description: >- - Output only. The list of endpoint groups that are connected to this - resource. - readOnly: true + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. type: array items: - $ref: >- - #/components/schemas/InterceptDeploymentGroupConnectedEndpointGroup - nestedDeployments: + type: string + role: description: >- - Output only. The list of Intercept Deployments that belong to this - group. - readOnly: true - deprecated: true - type: array - items: - $ref: '#/components/schemas/InterceptDeploymentGroupDeployment' + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + type: string + InterceptEndpointGroupAssociationLocationDetails: + properties: state: - description: >- - Output only. The current state of the deployment group. See - https://google.aip.dev/216. readOnly: true - type: string enumDescriptions: - - State not set (this is not a valid state). - - The deployment group is ready. - - The deployment group is being created. - - The deployment group is being deleted. + - Not set. + - >- + The association is ready and in sync with the linked endpoint + group. + - >- + The association is out of sync with the linked endpoint group. In + most cases, this is a result of a transient issue within the + system (e.g. an inaccessible location) and the system is expected + to recover automatically. + type: string enum: - STATE_UNSPECIFIED - ACTIVE - - CREATING - - DELETING - reconciling: + - OUT_OF_SYNC + description: Output only. The current state of the association in this location. + location: description: >- - Output only. The current state of the resource does not match the - user's intended state, and the system is working to reconcile them. - This is part of the normal operation (e.g. adding a new deployment - to the group) See https://google.aip.dev/128. + Output only. The cloud location, e.g. "us-central1-a" or + "asia-south1". + type: string readOnly: true - type: boolean - description: + description: >- + Contains details about the state of an association in a specific cloud + location. + type: object + id: InterceptEndpointGroupAssociationLocationDetails + ValidationCA: + type: object + description: >- + Specification of ValidationCA. Defines the mechanism to obtain the + Certificate Authority certificate to validate the peer certificate. + id: ValidationCA + properties: + certificateProviderInstance: + $ref: '#/components/schemas/CertificateProviderInstance' description: >- - Optional. User-provided description of the deployment group. Used as - additional context for the deployment group. - type: string - locations: + The certificate provider instance specification that will be passed + to the data plane, which will be used to load necessary credential + information. + grpcEndpoint: description: >- - Output only. The list of locations where the deployment group is - present. - readOnly: true - type: array - items: - $ref: '#/components/schemas/InterceptLocation' - InterceptDeploymentGroupConnectedEndpointGroup: - id: InterceptDeploymentGroupConnectedEndpointGroup + gRPC specific configuration to access the gRPC server to obtain the + CA certificate. + $ref: '#/components/schemas/GoogleCloudNetworksecurityV1GrpcEndpoint' + MirroringDeploymentGroupConnectedEndpointGroup: description: An endpoint group connected to this deployment group. - type: object properties: name: + readOnly: true + type: string description: >- Output only. The connected endpoint group's resource name, for example: - `projects/123456789/locations/global/interceptEndpointGroups/my-eg`. + `projects/123456789/locations/global/mirroringEndpointGroups/my-eg`. See https://google.aip.dev/124. - readOnly: true - type: string - InterceptDeploymentGroupDeployment: - id: InterceptDeploymentGroupDeployment - description: A deployment belonging to this deployment group. + id: MirroringDeploymentGroupConnectedEndpointGroup type: object + AuthzPolicyAuthzRule: + description: Conditions to match against the incoming request. properties: - name: + when: description: >- - Output only. The name of the Intercept Deployment, in the format: - `projects/{project}/locations/{location}/interceptDeployments/{intercept_deployment}`. - readOnly: true - type: string - state: - description: Output only. Most recent known state of the deployment. - readOnly: true + Optional. CEL expression that describes the conditions to be + satisfied for the action. The result of the CEL expression is ANDed + with the from and to. Refer to the CEL language reference for a list + of available attributes. type: string - enumDescriptions: - - State not set (this is not a valid state). - - The deployment is ready and in sync with the parent group. - - The deployment is being created. - - The deployment is being deleted. - - >- - The deployment is out of sync with the parent group. In most - cases, this is a result of a transient issue within the system - (e.g. a delayed data-path config) and the system is expected to - recover automatically. See the parent deployment group's state for - more details. - - >- - An attempt to delete the deployment has failed. This is a terminal - state and the deployment is not expected to recover. The only - permitted operation is to retry deleting the deployment. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - CREATING - - DELETING - - OUT_OF_SYNC - - DELETE_FAILED - ListInterceptDeploymentsResponse: - id: ListInterceptDeploymentsResponse - description: Response message for ListInterceptDeployments. + from: + description: Optional. Describes properties of a source of a request. + $ref: '#/components/schemas/AuthzPolicyAuthzRuleFrom' + to: + $ref: '#/components/schemas/AuthzPolicyAuthzRuleTo' + description: Optional. Describes properties of a target of a request. + id: AuthzPolicyAuthzRule type: object + GoogleIamV1TestIamPermissionsResponse: + description: Response message for `TestIamPermissions` method. properties: - interceptDeployments: - description: The deployments from the specified parent. + permissions: type: array - items: - $ref: '#/components/schemas/InterceptDeployment' - nextPageToken: description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. See - https://google.aip.dev/158 for more details. - type: string - unreachable: - description: Locations that could not be reached. - type: array + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. items: type: string - InterceptDeployment: - id: InterceptDeployment - description: >- - A deployment represents a zonal intercept backend ready to accept - GENEVE-encapsulated traffic, e.g. a zonal instance group fronted by an - internal passthrough load balancer. Deployments are always part of a - global deployment group which represents a global intercept service. + id: GoogleIamV1TestIamPermissionsResponse type: object + FirewallEndpointAssociation: properties: - name: + createTime: + type: string + readOnly: true + description: Output only. Create time stamp + format: google-datetime + firewallEndpoint: + type: string + description: Required. The URL of the FirewallEndpoint that is being associated. + disabled: description: >- - Immutable. Identifier. The resource name of this deployment, for - example: - `projects/123456789/locations/us-central1-a/interceptDeployments/my-dep`. - See https://google.aip.dev/122 for more details. + Optional. Whether the association is disabled. True indicates that + traffic won't be intercepted + type: boolean + name: + description: Immutable. Identifier. name of resource type: string - createTime: + reconciling: description: >- - Output only. The timestamp when the resource was created. See - https://google.aip.dev/148#timestamps. + Output only. Whether reconciling is in progress, recommended per + https://google.aip.dev/128. + type: boolean readOnly: true + tlsInspectionPolicy: type: string - format: google-datetime - updateTime: description: >- - Output only. The timestamp when the resource was most recently - updated. See https://google.aip.dev/148#timestamps. - readOnly: true + Optional. The URL of the TlsInspectionPolicy that is being + associated. + network: type: string - format: google-datetime + description: Required. The URL of the network that is being associated. labels: - description: >- - Optional. Labels are key/value pairs that help to organize and - filter resources. type: object + description: Optional. Labels as key value pairs additionalProperties: type: string - forwardingRule: - description: >- - Required. Immutable. The regional forwarding rule that fronts the - interceptors, for example: - `projects/123456789/regions/us-central1/forwardingRules/my-rule`. - See https://google.aip.dev/124. + state: + description: Output only. Current state of the association. type: string - interceptDeploymentGroup: - description: >- - Required. Immutable. The deployment group that this deployment is a - part of, for example: - `projects/123456789/locations/global/interceptDeploymentGroups/my-dg`. - See https://google.aip.dev/124. + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + - INACTIVE + - ORPHAN + readOnly: true + enumDescriptions: + - Not set. + - Being created. + - Active and ready for traffic. + - Being deleted. + - Down or in an error state. + - The project that housed the association has been deleted. + updateTime: + readOnly: true + format: google-datetime type: string - state: + description: Output only. Update time stamp + type: object + description: Message describing Association object + id: FirewallEndpointAssociation + AuthzPolicyAuthzRuleRequestResource: + description: >- + Describes the properties of a client VM resource accessing the internal + application load balancers. + properties: + tagValueIdSet: + $ref: >- + #/components/schemas/AuthzPolicyAuthzRuleRequestResourceTagValueIdSet description: >- - Output only. The current state of the deployment. See - https://google.aip.dev/216. - readOnly: true + Optional. A list of resource tag value permanent IDs to match + against the resource manager tags value associated with the source + VM of a request. + iamServiceAccount: + $ref: '#/components/schemas/AuthzPolicyAuthzRuleStringMatch' + description: >- + Optional. An IAM service account to match against the source service + account of the VM sending the request. + id: AuthzPolicyAuthzRuleRequestResource + type: object + ListAddressGroupReferencesResponse: + type: object + description: Response of the ListAddressGroupReferences method. + properties: + addressGroupReferences: + type: array + description: >- + A list of references that matches the specified filter in the + request. + items: + $ref: >- + #/components/schemas/ListAddressGroupReferencesResponseAddressGroupReference + nextPageToken: + description: >- + If there might be more results than those appearing in this + response, then `next_page_token` is included. To get the next set of + results, call this method again using the value of `next_page_token` + as `page_token`. + type: string + id: ListAddressGroupReferencesResponse + InterceptDeploymentGroupDeployment: + type: object + id: InterceptDeploymentGroupDeployment + description: A deployment belonging to this deployment group. + properties: + name: type: string + readOnly: true + description: >- + Output only. The name of the Intercept Deployment, in the format: + `projects/{project}/locations/{location}/interceptDeployments/{intercept_deployment}`. + state: + description: Output only. Most recent known state of the deployment. enumDescriptions: - State not set (this is not a valid state). - The deployment is ready and in sync with the parent group. @@ -1195,578 +1059,506 @@ components: - DELETING - OUT_OF_SYNC - DELETE_FAILED - reconciling: - description: >- - Output only. The current state of the resource does not match the - user's intended state, and the system is working to reconcile them. - This part of the normal operation (e.g. linking a new association to - the parent group). See https://google.aip.dev/128. readOnly: true - type: boolean - description: - description: >- - Optional. User-provided description of the deployment. Used as - additional context for the deployment. - type: string - ListMirroringEndpointGroupsResponse: - id: ListMirroringEndpointGroupsResponse - description: Response message for ListMirroringEndpointGroups. - type: object - properties: - mirroringEndpointGroups: - description: The endpoint groups from the specified parent. - type: array - items: - $ref: '#/components/schemas/MirroringEndpointGroup' - nextPageToken: - description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. See - https://google.aip.dev/158 for more details. type: string - MirroringEndpointGroup: - id: MirroringEndpointGroup + AuthzPolicy: description: >- - An endpoint group is a consumer frontend for a deployment group - (backend). In order to configure mirroring for a network, consumers must - create: - An association between their network and the endpoint group. - - A security profile that points to the endpoint group. - A mirroring rule - that references the security profile (group). + `AuthzPolicy` is a resource that allows to forward traffic to a callout + backend designed to scan the traffic for security purposes. type: object properties: - name: + target: description: >- - Immutable. Identifier. The resource name of this endpoint group, for - example: - `projects/123456789/locations/global/mirroringEndpointGroups/my-eg`. - See https://google.aip.dev/122 for more details. + Required. Specifies the set of resources to which this policy should + be applied to. + $ref: '#/components/schemas/AuthzPolicyTarget' + name: type: string - createTime: description: >- - Output only. The timestamp when the resource was created. See - https://google.aip.dev/148#timestamps. - readOnly: true - type: string - format: google-datetime - updateTime: + Required. Identifier. Name of the `AuthzPolicy` resource in the + following format: + `projects/{project}/locations/{location}/authzPolicies/{authz_policy}`. + httpRules: + type: array description: >- - Output only. The timestamp when the resource was most recently - updated. See https://google.aip.dev/148#timestamps. + Optional. A list of authorization HTTP rules to match against the + incoming request. A policy match occurs when at least one HTTP rule + matches the request or when no HTTP rules are specified in the + policy. At least one HTTP Rule is required for Allow or Deny Action. + Limited to 5 rules. + items: + $ref: '#/components/schemas/AuthzPolicyAuthzRule' + updateTime: + format: google-datetime readOnly: true + description: Output only. The timestamp when the resource was updated. type: string - format: google-datetime + customProvider: + description: >- + Optional. Required if the action is `CUSTOM`. Allows delegating + authorization decisions to Cloud IAP or to Service Extensions. One + of `cloudIap` or `authzExtension` must be specified. + $ref: '#/components/schemas/AuthzPolicyCustomProvider' labels: + type: object description: >- - Optional. Labels are key/value pairs that help to organize and - filter resources. - type: object + Optional. Set of labels associated with the `AuthzPolicy` resource. + The format must comply with [the following + requirements](/compute/docs/labeling-resources#requirements). additionalProperties: type: string - mirroringDeploymentGroup: - description: >- - Immutable. The deployment group that this DIRECT endpoint group is - connected to, for example: - `projects/123456789/locations/global/mirroringDeploymentGroups/my-dg`. - See https://google.aip.dev/124. + action: type: string - connectedDeploymentGroups: - description: >- - Output only. List of details about the connected deployment groups - to this endpoint group. - readOnly: true - type: array - items: - $ref: >- - #/components/schemas/MirroringEndpointGroupConnectedDeploymentGroup - state: description: >- - Output only. The current state of the endpoint group. See - https://google.aip.dev/216. - readOnly: true - type: string + Required. Can be one of `ALLOW`, `DENY`, `CUSTOM`. When the action + is `CUSTOM`, `customProvider` must be specified. When the action is + `ALLOW`, only requests matching the policy will be allowed. When the + action is `DENY`, only requests matching the policy will be denied. + When a request arrives, the policies are evaluated in the following + order: 1. If there is a `CUSTOM` policy that matches the request, + the `CUSTOM` policy is evaluated using the custom authorization + providers and the request is denied if the provider rejects the + request. 2. If there are any `DENY` policies that match the request, + the request is denied. 3. If there are no `ALLOW` policies for the + resource or if any of the `ALLOW` policies match the request, the + request is allowed. 4. Else the request is denied by default if none + of the configured AuthzPolicies with `ALLOW` action match the + request. enumDescriptions: - - State not set (this is not a valid state). - - >- - The endpoint group is ready and in sync with the target deployment - group. - - >- - The deployment group backing this endpoint group has been - force-deleted. This endpoint group cannot be used and mirroring is - effectively disabled. - - The endpoint group is being created. - - The endpoint group is being deleted. - - >- - The endpoint group is out of sync with the backing deployment - group. In most cases, this is a result of a transient issue within - the system (e.g. an inaccessible location) and the system is - expected to recover automatically. See the associations field for - details per network and location. + - Unspecified action. + - Allow request to pass through to the backend. + - Deny the request and return a HTTP 404 to the client. - >- - An attempt to delete the endpoint group has failed. This is a - terminal state and the endpoint group is not expected to recover. - The only permitted operation is to retry deleting the endpoint - group. + Delegate the authorization decision to an external authorization + engine. enum: - - STATE_UNSPECIFIED - - ACTIVE - - CLOSED - - CREATING - - DELETING - - OUT_OF_SYNC - - DELETE_FAILED - reconciling: - description: >- - Output only. The current state of the resource does not match the - user's intended state, and the system is working to reconcile them. - This is part of the normal operation (e.g. adding a new association - to the group). See https://google.aip.dev/128. - readOnly: true - type: boolean - associations: - description: Output only. List of associations to this endpoint group. - readOnly: true - type: array - items: - $ref: '#/components/schemas/MirroringEndpointGroupAssociationDetails' + - AUTHZ_ACTION_UNSPECIFIED + - ALLOW + - DENY + - CUSTOM description: - description: >- - Optional. User-provided description of the endpoint group. Used as - additional context for the endpoint group. type: string - MirroringEndpointGroupConnectedDeploymentGroup: - id: MirroringEndpointGroupConnectedDeploymentGroup - description: The endpoint group's view of a connected deployment group. + description: Optional. A human-readable description of the resource. + createTime: + type: string + description: Output only. The timestamp when the resource was created. + format: google-datetime + readOnly: true + id: AuthzPolicy + FirewallEndpointAssociationReference: type: object + id: FirewallEndpointAssociationReference properties: name: + type: string + readOnly: true description: >- - Output only. The connected deployment group's resource name, for - example: - `projects/123456789/locations/global/mirroringDeploymentGroups/my-dg`. - See https://google.aip.dev/124. + Output only. The resource name of the FirewallEndpointAssociation. + Format: + projects/{project}/locations/{location}/firewallEndpointAssociations/{id} + network: readOnly: true + description: >- + Output only. The VPC network associated. Format: + projects/{project}/global/networks/{name}. type: string - locations: + description: >- + This is a subset of the FirewallEndpointAssociation message, containing + fields to be used by the consumer. + OperationMetadata: + description: Represents the metadata of the long-running operation. + properties: + createTime: + format: google-datetime + type: string + description: Output only. The time the operation was created. + readOnly: true + verb: + readOnly: true + description: Output only. Name of the verb executed by the operation. + type: string + target: description: >- - Output only. The list of locations where the deployment group is - present. + Output only. Server-defined resource path for the target of the + operation. readOnly: true - type: array - items: - $ref: '#/components/schemas/MirroringLocation' - MirroringLocation: - id: MirroringLocation - description: Details about mirroring in a specific cloud location. - type: object - properties: - location: + type: string + statusMessage: + description: Output only. Human-readable status of the operation, if any. + readOnly: true + type: string + endTime: + format: google-datetime + type: string + readOnly: true + description: Output only. The time the operation finished running. + requestedCancellation: + type: boolean description: >- - Output only. The cloud location, e.g. "us-central1-a" or - "asia-south1". + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. readOnly: true + apiVersion: type: string - state: - description: Output only. The current state of the association in this location. + description: Output only. API version used to start the operation. readOnly: true + id: OperationMetadata + type: object + ListSecurityProfilesResponse: + id: ListSecurityProfilesResponse + description: Response returned by the ListSecurityProfiles method. + properties: + nextPageToken: type: string - enumDescriptions: - - State not set (this is not a valid state). - - The resource is ready and in sync in the location. - - >- - The resource is out of sync in the location. In most cases, this - is a result of a transient issue within the system (e.g. an - inaccessible location) and the system is expected to recover - automatically. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - OUT_OF_SYNC - MirroringEndpointGroupAssociationDetails: - id: MirroringEndpointGroupAssociationDetails - description: The endpoint group's view of a connected association. + description: >- + If there might be more results than those appearing in this + response, then `next_page_token` is included. To get the next set of + results, call this method again using the value of `next_page_token` + as `page_token`. + securityProfiles: + description: List of SecurityProfile resources. + items: + $ref: '#/components/schemas/SecurityProfile' + type: array + type: object + Empty: + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + properties: {} + id: Empty + MirroringDeploymentGroupDeployment: type: object + id: MirroringDeploymentGroupDeployment + description: A deployment belonging to this deployment group. properties: name: - description: >- - Output only. The connected association's resource name, for example: - `projects/123456789/locations/global/mirroringEndpointGroupAssociations/my-ega`. - See https://google.aip.dev/124. - readOnly: true type: string - network: - description: >- - Output only. The associated network, for example: - projects/123456789/global/networks/my-network. See - https://google.aip.dev/124. readOnly: true - type: string + description: >- + Output only. The name of the Mirroring Deployment, in the format: + `projects/{project}/locations/{location}/mirroringDeployments/{mirroring_deployment}`. state: - description: Output only. Most recent known state of the association. readOnly: true type: string - enumDescriptions: - - Not set. - - >- - The association is ready and in sync with the linked endpoint - group. - - The association is being created. - - The association is being deleted. - - >- - The association is disabled due to a breaking change in another - resource. - - >- - The association is out of sync with the linked endpoint group. In - most cases, this is a result of a transient issue within the - system (e.g. an inaccessible location) and the system is expected - to recover automatically. Check the `locations_details` field for - more details. - - >- - An attempt to delete the association has failed. This is a - terminal state and the association is not expected to be usable as - some of its resources have been deleted. The only permitted - operation is to retry deleting the association. enum: - STATE_UNSPECIFIED - ACTIVE - CREATING - DELETING - - CLOSED - OUT_OF_SYNC - DELETE_FAILED - ListMirroringEndpointGroupAssociationsResponse: - id: ListMirroringEndpointGroupAssociationsResponse - description: Response message for ListMirroringEndpointGroupAssociations. + enumDescriptions: + - State not set (this is not a valid state). + - The deployment is ready and in sync with the parent group. + - The deployment is being created. + - The deployment is being deleted. + - >- + The deployment is out of sync with the parent group. In most + cases, this is a result of a transient issue within the system + (e.g. a delayed data-path config) and the system is expected to + recover automatically. See the parent deployment group's state for + more details. + - >- + An attempt to delete the deployment has failed. This is a terminal + state and the deployment is not expected to recover. The only + permitted operation is to retry deleting the deployment. + description: Output only. Most recent known state of the deployment. + ListGatewaySecurityPolicyRulesResponse: + description: Response returned by the ListGatewaySecurityPolicyRules method. + id: ListGatewaySecurityPolicyRulesResponse + properties: + gatewaySecurityPolicyRules: + items: + $ref: '#/components/schemas/GatewaySecurityPolicyRule' + description: List of GatewaySecurityPolicyRule resources. + type: array + nextPageToken: + type: string + description: >- + If there might be more results than those appearing in this + response, then 'next_page_token' is included. To get the next set of + results, call this method again using the value of 'next_page_token' + as 'page_token'. + unreachable: + description: Locations that could not be reached. + type: array + items: + type: string type: object + Rule: properties: - mirroringEndpointGroupAssociations: - description: The associations from the specified parent. + sources: type: array + description: >- + Optional. List of attributes for the traffic source. All of the + sources must match. A source is a match if both principals and + ip_blocks match. If not set, the action specified in the 'action' + field will be applied without any rule checks for the source. items: - $ref: '#/components/schemas/MirroringEndpointGroupAssociation' + $ref: '#/components/schemas/Source' + destinations: + description: >- + Optional. List of attributes for the traffic destination. All of the + destinations must match. A destination is a match if a request + matches all the specified hosts, ports, methods and headers. If not + set, the action specified in the 'action' field will be applied + without any rule checks for the destination. + items: + $ref: '#/components/schemas/Destination' + type: array + type: object + description: Specification of rules. + id: Rule + GoogleIamV1TestIamPermissionsRequest: + properties: + permissions: + items: + type: string + type: array + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + description: Request message for `TestIamPermissions` method. + id: GoogleIamV1TestIamPermissionsRequest + type: object + ListSecurityProfileGroupsResponse: + properties: + securityProfileGroups: + type: array + items: + $ref: '#/components/schemas/SecurityProfileGroup' + description: List of SecurityProfileGroups resources. nextPageToken: description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. See - https://google.aip.dev/158 for more details. + If there might be more results than those appearing in this + response, then `next_page_token` is included. To get the next set of + results, call this method again using the value of `next_page_token` + as `page_token`. type: string - MirroringEndpointGroupAssociation: - id: MirroringEndpointGroupAssociation + id: ListSecurityProfileGroupsResponse + type: object + description: Response returned by the ListSecurityProfileGroups method. + MirroringDeployment: + id: MirroringDeployment description: >- - An endpoint group association represents a link between a network and an - endpoint group in the organization. Creating an association creates the - networking infrastructure linking the network to the endpoint group, but - does not enable mirroring by itself. To enable mirroring, the user must - also create a network firewall policy containing mirroring rules and - associate it with the network. + A deployment represents a zonal mirroring backend ready to accept + GENEVE-encapsulated replica traffic, e.g. a zonal instance group fronted + by an internal passthrough load balancer. Deployments are always part of + a global deployment group which represents a global mirroring service. type: object properties: - name: - description: >- - Immutable. Identifier. The resource name of this endpoint group - association, for example: - `projects/123456789/locations/global/mirroringEndpointGroupAssociations/my-eg-association`. - See https://google.aip.dev/122 for more details. - type: string - createTime: - description: >- - Output only. The timestamp when the resource was created. See - https://google.aip.dev/148#timestamps. + updateTime: readOnly: true - type: string format: google-datetime - updateTime: + type: string description: >- Output only. The timestamp when the resource was most recently updated. See https://google.aip.dev/148#timestamps. - readOnly: true - type: string - format: google-datetime - labels: - description: >- - Optional. Labels are key/value pairs that help to organize and - filter resources. - type: object - additionalProperties: - type: string - mirroringEndpointGroup: + forwardingRule: description: >- - Immutable. The endpoint group that this association is connected to, - for example: - `projects/123456789/locations/global/mirroringEndpointGroups/my-eg`. + Required. Immutable. The regional forwarding rule that fronts the + mirroring collectors, for example: + `projects/123456789/regions/us-central1/forwardingRules/my-rule`. See https://google.aip.dev/124. type: string - network: + mirroringDeploymentGroup: + type: string description: >- - Immutable. The VPC network that is associated. for example: - `projects/123456789/global/networks/my-network`. See - https://google.aip.dev/124. + Required. Immutable. The deployment group that this deployment is a + part of, for example: + `projects/123456789/locations/global/mirroringDeploymentGroups/my-dg`. + See https://google.aip.dev/124. + reconciling: + readOnly: true + type: boolean + description: >- + Output only. The current state of the resource does not match the + user's intended state, and the system is working to reconcile them. + This part of the normal operation (e.g. linking a new association to + the parent group). See https://google.aip.dev/128. + createTime: type: string - locationsDetails: description: >- - Output only. The list of locations where the association is present. - This information is retrieved from the linked endpoint group, and - not configured as part of the association itself. + Output only. The timestamp when the resource was created. See + https://google.aip.dev/148#timestamps. + format: google-datetime readOnly: true - deprecated: true - type: array - items: - $ref: >- - #/components/schemas/MirroringEndpointGroupAssociationLocationDetails state: - description: Output only. Current state of the endpoint group association. - readOnly: true - type: string enumDescriptions: - - Not set. - - >- - The association is ready and in sync with the linked endpoint - group. - - The association is being created. - - The association is being deleted. - - >- - The association is disabled due to a breaking change in another - resource. + - State not set (this is not a valid state). + - The deployment is ready and in sync with the parent group. + - The deployment is being created. + - The deployment is being deleted. - >- - The association is out of sync with the linked endpoint group. In - most cases, this is a result of a transient issue within the - system (e.g. an inaccessible location) and the system is expected - to recover automatically. Check the `locations_details` field for + The deployment is out of sync with the parent group. In most + cases, this is a result of a transient issue within the system + (e.g. a delayed data-path config) and the system is expected to + recover automatically. See the parent deployment group's state for more details. - >- - An attempt to delete the association has failed. This is a - terminal state and the association is not expected to be usable as - some of its resources have been deleted. The only permitted - operation is to retry deleting the association. + An attempt to delete the deployment has failed. This is a terminal + state and the deployment is not expected to recover. The only + permitted operation is to retry deleting the deployment. + description: >- + Output only. The current state of the deployment. See + https://google.aip.dev/216. + type: string enum: - STATE_UNSPECIFIED - ACTIVE - CREATING - DELETING - - CLOSED - OUT_OF_SYNC - DELETE_FAILED - reconciling: - description: >- - Output only. The current state of the resource does not match the - user's intended state, and the system is working to reconcile them. - This part of the normal operation (e.g. adding a new location to the - target deployment group). See https://google.aip.dev/128. readOnly: true - type: boolean - locations: + name: + type: string description: >- - Output only. The list of locations where the association is - configured. This information is retrieved from the linked endpoint - group. - readOnly: true - type: array - items: - $ref: '#/components/schemas/MirroringLocation' - MirroringEndpointGroupAssociationLocationDetails: - id: MirroringEndpointGroupAssociationLocationDetails - description: >- - Contains details about the state of an association in a specific cloud - location. + Immutable. Identifier. The resource name of this deployment, for + example: + `projects/123456789/locations/us-central1-a/mirroringDeployments/my-dep`. + See https://google.aip.dev/122 for more details. + description: + type: string + description: >- + Optional. User-provided description of the deployment. Used as + additional context for the deployment. + labels: + additionalProperties: + type: string + type: object + description: >- + Optional. Labels are key/value pairs that help to organize and + filter resources. + AuthzPolicyAuthzRuleToRequestOperationHeaderSet: + id: AuthzPolicyAuthzRuleToRequestOperationHeaderSet + description: Describes a set of HTTP headers to match against. type: object properties: - location: + headers: + type: array + items: + $ref: '#/components/schemas/AuthzPolicyAuthzRuleHeaderMatch' description: >- - Output only. The cloud location, e.g. "us-central1-a" or - "asia-south1". - readOnly: true - type: string - state: - description: Output only. The current state of the association in this location. - readOnly: true - type: string - enumDescriptions: - - Not set. - - >- - The association is ready and in sync with the linked endpoint - group. - - >- - The association is out of sync with the linked endpoint group. In - most cases, this is a result of a transient issue within the - system (e.g. an inaccessible location) and the system is expected - to recover automatically. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - OUT_OF_SYNC - ListMirroringDeploymentGroupsResponse: - id: ListMirroringDeploymentGroupsResponse - description: Response message for ListMirroringDeploymentGroups. - type: object - properties: - mirroringDeploymentGroups: - description: The deployment groups from the specified parent. - type: array - items: - $ref: '#/components/schemas/MirroringDeploymentGroup' - nextPageToken: - description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted, there are no subsequent pages. See - https://google.aip.dev/158 for more details. - type: string - MirroringDeploymentGroup: - id: MirroringDeploymentGroup + Required. A list of headers to match against in http header. The + match can be one of exact, prefix, suffix, or contains (substring + match). The match follows AND semantics which means all the headers + must match. Matches are always case sensitive unless the ignoreCase + is set. Limited to 10 headers per Authorization Policy. + InterceptDeploymentGroup: + id: InterceptDeploymentGroup description: >- - A deployment group aggregates many zonal mirroring backends - (deployments) into a single global mirroring service. Consumers can + A deployment group aggregates many zonal intercept backends + (deployments) into a single global intercept service. Consumers can connect this service using an endpoint group. type: object properties: - name: - description: >- - Immutable. Identifier. The resource name of this deployment group, - for example: - `projects/123456789/locations/global/mirroringDeploymentGroups/my-dg`. - See https://google.aip.dev/122 for more details. - type: string - createTime: - description: >- - Output only. The timestamp when the resource was created. See - https://google.aip.dev/148#timestamps. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. The timestamp when the resource was most recently - updated. See https://google.aip.dev/148#timestamps. - readOnly: true - type: string - format: google-datetime - labels: - description: >- - Optional. Labels are key/value pairs that help to organize and - filter resources. - type: object - additionalProperties: - type: string - network: - description: >- - Required. Immutable. The network that will be used for all child - deployments, for example: - `projects/{project}/global/networks/{network}`. See - https://google.aip.dev/124. - type: string connectedEndpointGroups: description: >- Output only. The list of endpoint groups that are connected to this resource. - readOnly: true - type: array items: $ref: >- - #/components/schemas/MirroringDeploymentGroupConnectedEndpointGroup + #/components/schemas/InterceptDeploymentGroupConnectedEndpointGroup + readOnly: true + type: array nestedDeployments: + type: array description: >- - Output only. The list of Mirroring Deployments that belong to this + Output only. The list of Intercept Deployments that belong to this group. - readOnly: true deprecated: true - type: array items: - $ref: '#/components/schemas/MirroringDeploymentGroupDeployment' - state: - description: >- - Output only. The current state of the deployment group. See - https://google.aip.dev/216. + $ref: '#/components/schemas/InterceptDeploymentGroupDeployment' readOnly: true + network: type: string + description: >- + Required. Immutable. The network that will be used for all child + deployments, for example: + `projects/{project}/global/networks/{network}`. See + https://google.aip.dev/124. + reconciling: + readOnly: true + description: >- + Output only. The current state of the resource does not match the + user's intended state, and the system is working to reconcile them. + This is part of the normal operation (e.g. adding a new deployment + to the group) See https://google.aip.dev/128. + type: boolean + labels: + additionalProperties: + type: string + type: object + description: >- + Optional. Labels are key/value pairs that help to organize and + filter resources. + state: enumDescriptions: - State not set (this is not a valid state). - The deployment group is ready. - The deployment group is being created. - The deployment group is being deleted. + readOnly: true + type: string + description: >- + Output only. The current state of the deployment group. See + https://google.aip.dev/216. enum: - STATE_UNSPECIFIED - ACTIVE - CREATING - DELETING - reconciling: - description: >- - Output only. The current state of the resource does not match the - user's intended state, and the system is working to reconcile them. - This is part of the normal operation (e.g. adding a new deployment - to the group) See https://google.aip.dev/128. - readOnly: true - type: boolean - description: - description: >- - Optional. User-provided description of the deployment group. Used as - additional context for the deployment group. - type: string locations: + type: array description: >- Output only. The list of locations where the deployment group is present. readOnly: true - type: array items: - $ref: '#/components/schemas/MirroringLocation' - MirroringDeploymentGroupConnectedEndpointGroup: - id: MirroringDeploymentGroupConnectedEndpointGroup - description: An endpoint group connected to this deployment group. - type: object - properties: - name: - description: >- - Output only. The connected endpoint group's resource name, for - example: - `projects/123456789/locations/global/mirroringEndpointGroups/my-eg`. - See https://google.aip.dev/124. + $ref: '#/components/schemas/InterceptLocation' + updateTime: readOnly: true + format: google-datetime type: string - MirroringDeploymentGroupDeployment: - id: MirroringDeploymentGroupDeployment - description: A deployment belonging to this deployment group. - type: object - properties: - name: description: >- - Output only. The name of the Mirroring Deployment, in the format: - `projects/{project}/locations/{location}/mirroringDeployments/{mirroring_deployment}`. - readOnly: true + Output only. The timestamp when the resource was most recently + updated. See https://google.aip.dev/148#timestamps. + description: + description: >- + Optional. User-provided description of the deployment group. Used as + additional context for the deployment group. type: string - state: - description: Output only. Most recent known state of the deployment. + createTime: + type: string + description: >- + Output only. The timestamp when the resource was created. See + https://google.aip.dev/148#timestamps. + format: google-datetime readOnly: true + name: + description: >- + Immutable. Identifier. The resource name of this deployment group, + for example: + `projects/123456789/locations/global/interceptDeploymentGroups/my-dg`. + See https://google.aip.dev/122 for more details. type: string - enumDescriptions: - - State not set (this is not a valid state). - - The deployment is ready and in sync with the parent group. - - The deployment is being created. - - The deployment is being deleted. - - >- - The deployment is out of sync with the parent group. In most - cases, this is a result of a transient issue within the system - (e.g. a delayed data-path config) and the system is expected to - recover automatically. See the parent deployment group's state for - more details. - - >- - An attempt to delete the deployment has failed. This is a terminal - state and the deployment is not expected to recover. The only - permitted operation is to retry deleting the deployment. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - CREATING - - DELETING - - OUT_OF_SYNC - - DELETE_FAILED - ListMirroringDeploymentsResponse: - id: ListMirroringDeploymentsResponse - description: Response message for ListMirroringDeployments. + ListInterceptDeploymentsResponse: type: object properties: - mirroringDeployments: - description: The deployments from the specified parent. + interceptDeployments: type: array + description: The deployments from the specified parent. items: - $ref: '#/components/schemas/MirroringDeployment' + $ref: '#/components/schemas/InterceptDeployment' nextPageToken: description: >- A token that can be sent as `page_token` to retrieve the next page. @@ -1774,67 +1566,220 @@ components: https://google.aip.dev/158 for more details. type: string unreachable: - description: Locations that could not be reached. - type: array items: type: string - MirroringDeployment: - id: MirroringDeployment + type: array + description: Locations that could not be reached. + description: Response message for ListInterceptDeployments. + id: ListInterceptDeploymentsResponse + GatewaySecurityPolicyRule: description: >- - A deployment represents a zonal mirroring backend ready to accept - GENEVE-encapsulated replica traffic, e.g. a zonal instance group fronted - by an internal passthrough load balancer. Deployments are always part of - a global deployment group which represents a global mirroring service. - type: object + The GatewaySecurityPolicyRule resource is in a nested collection within + a GatewaySecurityPolicy and represents a traffic matching condition and + associated action to perform. properties: name: description: >- - Immutable. Identifier. The resource name of this deployment, for - example: - `projects/123456789/locations/us-central1-a/mirroringDeployments/my-dep`. - See https://google.aip.dev/122 for more details. - type: string - createTime: - description: >- - Output only. The timestamp when the resource was created. See - https://google.aip.dev/148#timestamps. - readOnly: true + Required. Immutable. Name of the resource. ame is the full resource + name so + projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} + rule should match the pattern: (^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$). type: string - format: google-datetime updateTime: - description: >- - Output only. The timestamp when the resource was most recently - updated. See https://google.aip.dev/148#timestamps. + format: google-datetime readOnly: true type: string - format: google-datetime - labels: - description: >- - Optional. Labels are key/value pairs that help to organize and - filter resources. - type: object - additionalProperties: + description: Output only. Time when the rule was updated. + description: + type: string + description: Optional. Free-text description of the resource. + tlsInspectionEnabled: + description: >- + Optional. Flag to enable TLS inspection of traffic matching on , can + only be true if the parent GatewaySecurityPolicy references a + TLSInspectionConfig. + type: boolean + priority: + format: int32 + type: integer + description: >- + Required. Priority of the rule. Lower number corresponds to higher + precedence. + basicProfile: + type: string + enumDescriptions: + - If there is not a mentioned action for the target. + - Allow the matched traffic. + - Deny the matched traffic. + description: Required. Profile which tells what the primitive action should be. + enum: + - BASIC_PROFILE_UNSPECIFIED + - ALLOW + - DENY + sessionMatcher: + description: Required. CEL expression for matching on session criteria. + type: string + createTime: + format: google-datetime + type: string + readOnly: true + description: Output only. Time when the rule was created. + enabled: + type: boolean + description: Required. Whether the rule is enforced. + applicationMatcher: + description: >- + Optional. CEL expression for matching on L7/application level + criteria. + type: string + id: GatewaySecurityPolicyRule + type: object + Expr: + properties: + description: + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + expression: + description: >- + Textual representation of an expression in Common Expression + Language syntax. + type: string + title: + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + type: string + location: + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: string + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + type: object + id: Expr + ListMirroringDeploymentsResponse: + id: ListMirroringDeploymentsResponse + description: Response message for ListMirroringDeployments. + properties: + unreachable: + type: array + description: Locations that could not be reached. + items: type: string - forwardingRule: + nextPageToken: description: >- - Required. Immutable. The regional forwarding rule that fronts the - mirroring collectors, for example: - `projects/123456789/regions/us-central1/forwardingRules/my-rule`. - See https://google.aip.dev/124. + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. See + https://google.aip.dev/158 for more details. type: string - mirroringDeploymentGroup: + mirroringDeployments: + type: array + description: The deployments from the specified parent. + items: + $ref: '#/components/schemas/MirroringDeployment' + type: object + AddAddressGroupItemsRequest: + id: AddAddressGroupItemsRequest + properties: + requestId: description: >- - Required. Immutable. The deployment group that this deployment is a - part of, for example: - `projects/123456789/locations/global/mirroringDeploymentGroups/my-dg`. - See https://google.aip.dev/124. + Optional. An optional request ID to identify requests. Specify a + unique request ID so that if you must retry your request, the server + will know to ignore the request if it has already been completed. + The server will guarantee that for at least 60 minutes since the + first request. For example, consider a situation where you make an + initial request and the request times out. If you make the request + again with the same request ID, the server can check if original + operation with the same request ID was received, and if so, will + ignore the second request. This prevents clients from accidentally + creating duplicate commitments. The request ID must be a valid UUID + with the exception that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). + type: string + items: + type: array + items: + type: string + description: Required. List of items to add. + description: Request used by the AddAddressGroupItems method. + type: object + AntivirusOverride: + description: Defines what action to take for antivirus threats per protocol. + id: AntivirusOverride + properties: + action: + enumDescriptions: + - Threat action not specified. + - The default action (as specified by the vendor) is taken. + - The packet matching this rule will be allowed to transmit. + - >- + The packet matching this rule will be allowed to transmit, but a + threat_log entry will be sent to the consumer project. + - >- + The packet matching this rule will be dropped, and a threat_log + entry will be sent to the consumer project. + type: string + description: >- + Required. Threat action override. For some threat types, only a + subset of actions applies. + enum: + - THREAT_ACTION_UNSPECIFIED + - DEFAULT_ACTION + - ALLOW + - ALERT + - DENY + protocol: + enum: + - PROTOCOL_UNSPECIFIED + - SMTP + - SMB + - POP3 + - IMAP + - HTTP2 + - HTTP + - FTP + enumDescriptions: + - Protocol not specified. + - SMTP protocol + - SMB protocol + - POP3 protocol + - IMAP protocol + - HTTP2 protocol + - HTTP protocol + - FTP protocol + description: Required. Protocol to match. + type: string + type: object + InterceptDeployment: + properties: + description: + description: >- + Optional. User-provided description of the deployment. Used as + additional context for the deployment. type: string state: description: >- Output only. The current state of the deployment. See https://google.aip.dev/216. - readOnly: true - type: string enumDescriptions: - State not set (this is not a valid state). - The deployment is ready and in sync with the parent group. @@ -1850,6 +1795,7 @@ components: An attempt to delete the deployment has failed. This is a terminal state and the deployment is not expected to recover. The only permitted operation is to retry deleting the deployment. + type: string enum: - STATE_UNSPECIFIED - ACTIVE @@ -1857,340 +1803,346 @@ components: - DELETING - OUT_OF_SYNC - DELETE_FAILED + readOnly: true + interceptDeploymentGroup: + description: >- + Required. Immutable. The deployment group that this deployment is a + part of, for example: + `projects/123456789/locations/global/interceptDeploymentGroups/my-dg`. + See https://google.aip.dev/124. + type: string + updateTime: + readOnly: true + description: >- + Output only. The timestamp when the resource was most recently + updated. See https://google.aip.dev/148#timestamps. + type: string + format: google-datetime reconciling: + readOnly: true + type: boolean description: >- Output only. The current state of the resource does not match the user's intended state, and the system is working to reconcile them. This part of the normal operation (e.g. linking a new association to the parent group). See https://google.aip.dev/128. - readOnly: true - type: boolean - description: + name: description: >- - Optional. User-provided description of the deployment. Used as - additional context for the deployment. + Immutable. Identifier. The resource name of this deployment, for + example: + `projects/123456789/locations/us-central1-a/interceptDeployments/my-dep`. + See https://google.aip.dev/122 for more details. type: string - ListAuthorizationPoliciesResponse: - id: ListAuthorizationPoliciesResponse - description: Response returned by the ListAuthorizationPolicies method. - type: object - properties: - authorizationPolicies: - description: List of AuthorizationPolicies resources. - type: array - items: - $ref: '#/components/schemas/AuthorizationPolicy' - nextPageToken: + createTime: description: >- - If there might be more results than those appearing in this - response, then `next_page_token` is included. To get the next set of - results, call this method again using the value of `next_page_token` - as `page_token`. + Output only. The timestamp when the resource was created. See + https://google.aip.dev/148#timestamps. + readOnly: true + format: google-datetime type: string - AuthorizationPolicy: - id: AuthorizationPolicy - description: >- - AuthorizationPolicy is a resource that specifies how a server should - authorize incoming connections. This resource in itself does not change - the configuration unless it's attached to a target https proxy or - endpoint config selector resource. - type: object - properties: - name: - description: >- - Required. Name of the AuthorizationPolicy resource. It matches - pattern - `projects/{project}/locations/{location}/authorizationPolicies/`. - type: string - description: - description: Optional. Free-text description of the resource. - type: string - createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the resource was updated. - readOnly: true - type: string - format: google-datetime labels: description: >- - Optional. Set of label tags associated with the AuthorizationPolicy - resource. - type: object + Optional. Labels are key/value pairs that help to organize and + filter resources. additionalProperties: type: string - action: - description: >- - Required. The action to take when a rule match is found. Possible - values are "ALLOW" or "DENY". + type: object + forwardingRule: type: string - enumDescriptions: - - Default value. - - Grant access. - - >- - Deny access. Deny rules should be avoided unless they are used to - provide a default "deny all" fallback. - enum: - - ACTION_UNSPECIFIED - - ALLOW - - DENY - rules: description: >- - Optional. List of rules to match. Note that at least one of the - rules must match in order for the action specified in the 'action' - field to be taken. A rule is a match if there is a matching source - and destination. If left blank, the action specified in the `action` - field will be applied on every request. - type: array - items: - $ref: '#/components/schemas/Rule' - Rule: - id: Rule - description: Specification of rules. + Required. Immutable. The regional forwarding rule that fronts the + interceptors, for example: + `projects/123456789/regions/us-central1/forwardingRules/my-rule`. + See https://google.aip.dev/124. + description: >- + A deployment represents a zonal intercept backend ready to accept + GENEVE-encapsulated traffic, e.g. a zonal instance group fronted by an + internal passthrough load balancer. Deployments are always part of a + global deployment group which represents a global intercept service. + id: InterceptDeployment type: object - properties: - sources: - description: >- - Optional. List of attributes for the traffic source. All of the - sources must match. A source is a match if both principals and - ip_blocks match. If not set, the action specified in the 'action' - field will be applied without any rule checks for the source. - type: array - items: - $ref: '#/components/schemas/Source' - destinations: - description: >- - Optional. List of attributes for the traffic destination. All of the - destinations must match. A destination is a match if a request - matches all the specified hosts, ports, methods and headers. If not - set, the action specified in the 'action' field will be applied - without any rule checks for the destination. - type: array - items: - $ref: '#/components/schemas/Destination' - Source: - id: Source - description: Specification of traffic source attributes. + ListAddressGroupsResponse: type: object + id: ListAddressGroupsResponse properties: - principals: - description: >- - Optional. List of peer identities to match for authorization. At - least one principal should match. Each peer can be an exact match, - or a prefix match (example, "namespace/*") or a suffix match - (example, "*/service-account") or a presence match "*". - Authorization based on the principal name without certificate - validation (configured by ServerTlsPolicy resource) is considered - insecure. - type: array + unreachable: items: type: string - ipBlocks: + description: Locations that could not be reached. + type: array + nextPageToken: + type: string description: >- - Optional. List of CIDR ranges to match based on source IP address. - At least one IP block should match. Single IP (e.g., "1.2.3.4") and - CIDR (e.g., "1.2.3.0/24") are supported. Authorization based on - source IP alone should be avoided. The IP addresses of any load - balancers or proxies should be considered untrusted. + If there might be more results than those appearing in this + response, then `next_page_token` is included. To get the next set of + results, call this method again using the value of `next_page_token` + as `page_token`. + addressGroups: type: array items: - type: string - Destination: - id: Destination - description: Specification of traffic destination attributes. + $ref: '#/components/schemas/AddressGroup' + description: List of AddressGroups resources. + description: Response returned by the ListAddressGroups method. + AuthzPolicyAuthzRuleHeaderMatch: + properties: + value: + $ref: '#/components/schemas/AuthzPolicyAuthzRuleStringMatch' + description: Optional. Specifies how the header match will be performed. + name: + type: string + description: Optional. Specifies the name of the header in the request. + description: Determines how a HTTP header should be matched. + id: AuthzPolicyAuthzRuleHeaderMatch type: object + AuthzPolicyAuthzRuleFromRequestSource: properties: - hosts: - description: >- - Required. List of host names to match. Matched against the - ":authority" header in http requests. At least one host should - match. Each host can be an exact match, or a prefix match (example - "mydomain.*") or a suffix match (example "*.myorg.com") or a - presence (any) match "*". + ipBlocks: type: array items: - type: string - ports: + $ref: '#/components/schemas/AuthzPolicyAuthzRuleIpBlock' description: >- - Required. List of destination ports to match. At least one port - should match. + Optional. A list of IP addresses or IP address ranges to match + against the source IP address of the request. Limited to 10 + ip_blocks per Authorization Policy + principals: type: array items: - type: integer - format: uint32 - methods: + $ref: '#/components/schemas/AuthzPolicyAuthzRulePrincipal' description: >- - Optional. A list of HTTP methods to match. At least one method - should match. Should not be set for gRPC services. + Optional. A list of identities derived from the client's + certificate. This field will not match on a request unless frontend + mutual TLS is enabled for the forwarding rule or Gateway and the + client certificate has been successfully validated by mTLS. Each + identity is a string whose value is matched against a list of URI + SANs, DNS Name SANs, or the common name in the client's certificate. + A match happens when any principal matches with the rule. Limited to + 50 principals per Authorization Policy for regional internal + Application Load Balancers, regional external Application Load + Balancers, cross-region internal Application Load Balancers, and + Cloud Service Mesh. This field is not supported for global external + Application Load Balancers. + resources: type: array - items: - type: string - httpHeaderMatch: description: >- - Optional. Match against key:value pair in http header. Provides a - flexible match based on HTTP headers, for potentially advanced use - cases. At least one header should match. Avoid using header matches - to make authorization decisions unless there is a strong guarantee - that requests arrive through a trusted client or proxy. - $ref: '#/components/schemas/HttpHeaderMatch' - HttpHeaderMatch: - id: HttpHeaderMatch - description: Specification of HTTP header match attributes. + Optional. A list of resources to match against the resource of the + source VM of a request. Limited to 10 resources per Authorization + Policy. + items: + $ref: '#/components/schemas/AuthzPolicyAuthzRuleRequestResource' + type: object + id: AuthzPolicyAuthzRuleFromRequestSource + description: Describes the properties of a single source. + GoogleIamV1Policy: + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). type: object properties: - regexMatch: + version: + type: integer + format: int32 description: >- - Required. The value of the header must match the regular expression - specified in regexMatch. For regular expression grammar, please see: - en.cppreference.com/w/cpp/regex/ecmascript For matching against a - port specified in the HTTP request, use a headerMatch with - headerName set to Host and a regular expression that satisfies the - RFC2616 Host header's port specifier. + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + auditConfigs: + items: + $ref: '#/components/schemas/GoogleIamV1AuditConfig' + description: Specifies cloud audit logging configuration for this policy. + type: array + etag: type: string - headerName: + format: byte description: >- - Required. The name of the HTTP header to match. For matching against - the HTTP request's authority, use a headerMatch with the header name - ":authority". For matching a request's method, use the headerName - ":method". - type: string - ListBackendAuthenticationConfigsResponse: - id: ListBackendAuthenticationConfigsResponse - description: Response returned by the ListBackendAuthenticationConfigs method. - type: object - properties: - backendAuthenticationConfigs: - description: List of BackendAuthenticationConfig resources. - type: array - items: - $ref: '#/components/schemas/BackendAuthenticationConfig' - nextPageToken: + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + bindings: description: >- - If there might be more results than those appearing in this - response, then `next_page_token` is included. To get the next set of - results, call this method again using the value of `next_page_token` - as `page_token`. - type: string - unreachable: - description: Locations that could not be reached. - type: array + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. items: - type: string - BackendAuthenticationConfig: - id: BackendAuthenticationConfig - description: >- - BackendAuthenticationConfig message groups the TrustConfig together with - other settings that control how the load balancer authenticates, and - expresses its identity to, the backend: * `trustConfig` is the attached - TrustConfig. * `wellKnownRoots` indicates whether the load balance - should trust backend server certificates that are issued by public - certificate authorities, in addition to certificates trusted by the - TrustConfig. * `clientCertificate` is a client certificate that the load - balancer uses to express its identity to the backend, if the connection - to the backend uses mTLS. You can attach the BackendAuthenticationConfig - to the load balancer's BackendService directly determining how that - BackendService negotiates TLS. + $ref: '#/components/schemas/GoogleIamV1Binding' + type: array + id: GoogleIamV1Policy + FirewallEndpointEndpointSettings: type: object + id: FirewallEndpointEndpointSettings properties: - name: + jumboFramesEnabled: description: >- - Required. Name of the BackendAuthenticationConfig resource. It - matches the pattern - `projects/*/locations/{location}/backendAuthenticationConfigs/{backend_authentication_config}` + Optional. Immutable. Indicates whether Jumbo Frames are enabled. + Default value is false. + type: boolean + description: Settings for the endpoint. + CloneAddressGroupItemsRequest: + description: Request used by the CloneAddressGroupItems method. + properties: + sourceAddressGroup: type: string - description: - description: Optional. Free-text description of the resource. + description: Required. Source address group to clone items from. + requestId: + description: >- + Optional. An optional request ID to identify requests. Specify a + unique request ID so that if you must retry your request, the server + will know to ignore the request if it has already been completed. + The server will guarantee that for at least 60 minutes since the + first request. For example, consider a situation where you make an + initial request and the request times out. If you make the request + again with the same request ID, the server can check if original + operation with the same request ID was received, and if so, will + ignore the second request. This prevents clients from accidentally + creating duplicate commitments. The request ID must be a valid UUID + with the exception that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). type: string - createTime: - description: Output only. The timestamp when the resource was created. + id: CloneAddressGroupItemsRequest + type: object + InterceptEndpointGroupAssociationDetails: + properties: + state: + enumDescriptions: + - Not set. + - >- + The association is ready and in sync with the linked endpoint + group. + - The association is being created. + - The association is being deleted. + - >- + The association is disabled due to a breaking change in another + resource. + - >- + The association is out of sync with the linked endpoint group. In + most cases, this is a result of a transient issue within the + system (e.g. an inaccessible location) and the system is expected + to recover automatically. Check the `locations_details` field for + more details. + - >- + An attempt to delete the association has failed. This is a + terminal state and the association is not expected to be usable as + some of its resources have been deleted. The only permitted + operation is to retry deleting the association. + type: string + description: Output only. Most recent known state of the association. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - CREATING + - DELETING + - CLOSED + - OUT_OF_SYNC + - DELETE_FAILED readOnly: true + network: + description: >- + Output only. The associated network, for example: + projects/123456789/global/networks/my-network. See + https://google.aip.dev/124. type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the resource was updated. + readOnly: true + name: readOnly: true type: string - format: google-datetime - labels: - description: Set of label tags associated with the resource. - type: object - additionalProperties: - type: string - clientCertificate: description: >- - Optional. A reference to a - certificatemanager.googleapis.com.Certificate resource. This is a - relative resource path following the form - "projects/{project}/locations/{location}/certificates/{certificate}". - Used by a BackendService to negotiate mTLS when the backend - connection uses TLS and the backend requests a client certificate. - Must have a CLIENT_AUTH scope. - type: string - trustConfig: + Output only. The connected association's resource name, for example: + `projects/123456789/locations/global/interceptEndpointGroupAssociations/my-ega`. + See https://google.aip.dev/124. + type: object + id: InterceptEndpointGroupAssociationDetails + description: The endpoint group's view of a connected association. + MirroringEndpointGroupAssociationLocationDetails: + properties: + location: description: >- - Optional. A reference to a TrustConfig resource from the - certificatemanager.googleapis.com namespace. This is a relative - resource path following the form - "projects/{project}/locations/{location}/trustConfigs/{trust_config}". - A BackendService uses the chain of trust represented by this - TrustConfig, if specified, to validate the server certificates - presented by the backend. Required unless wellKnownRoots is set to - PUBLIC_ROOTS. - type: string - wellKnownRoots: - description: Well known roots to use for server certificate validation. + Output only. The cloud location, e.g. "us-central1-a" or + "asia-south1". type: string + readOnly: true + state: enumDescriptions: - - Equivalent to NONE. + - Not set. - >- - The BackendService will only validate server certificates against - roots specified in TrustConfig. + The association is ready and in sync with the linked endpoint + group. - >- - The BackendService uses a set of well-known public roots, in - addition to any roots specified in the trustConfig field, when - validating the server certificates presented by the backend. - Validation with these roots is only considered when the - TlsSettings.sni field in the BackendService is set. The well-known - roots are a set of root CAs managed by Google. CAs in this set can - be added or removed without notice. - enum: - - WELL_KNOWN_ROOTS_UNSPECIFIED - - NONE - - PUBLIC_ROOTS - etag: - description: Output only. Etag of the resource. + The association is out of sync with the linked endpoint group. In + most cases, this is a result of a transient issue within the + system (e.g. an inaccessible location) and the system is expected + to recover automatically. + description: Output only. The current state of the association in this location. readOnly: true + enum: + - STATE_UNSPECIFIED + - ACTIVE + - OUT_OF_SYNC type: string - ListServerTlsPoliciesResponse: - id: ListServerTlsPoliciesResponse - description: Response returned by the ListServerTlsPolicies method. + description: >- + Contains details about the state of an association in a specific cloud + location. + id: MirroringEndpointGroupAssociationLocationDetails type: object - properties: - serverTlsPolicies: - description: List of ServerTlsPolicy resources. - type: array - items: - $ref: '#/components/schemas/ServerTlsPolicy' - nextPageToken: - description: >- - If there might be more results than those appearing in this - response, then `next_page_token` is included. To get the next set of - results, call this method again using the value of `next_page_token` - as `page_token`. - type: string - unreachable: - description: >- - Unreachable resources. Populated when the request opts into - `return_partial_success` and reading across collections e.g. when - attempting to list all resources across all supported locations. - type: array - items: - type: string ServerTlsPolicy: - id: ServerTlsPolicy + type: object description: >- ServerTlsPolicy is a resource that specifies how a server should authenticate incoming requests. This resource itself does not affect @@ -2201,7 +2153,6 @@ components: scheme. Traffic Director compatible ServerTlsPolicies can be attached to EndpointPolicy and TargetHttpsProxy with Traffic Director `INTERNAL_SELF_MANAGED` load balancing scheme. - type: object properties: name: description: >- @@ -2209,45 +2160,14 @@ components: pattern `projects/*/locations/{location}/serverTlsPolicies/{server_tls_policy}` type: string - description: - description: Free-text description of the resource. - type: string - createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the resource was updated. - readOnly: true - type: string - format: google-datetime - labels: - description: Set of label tags associated with the resource. - type: object - additionalProperties: - type: string - allowOpen: - description: >- - This field applies only for Traffic Director policies. It is must be - set to false for Application Load Balancer policies. Determines if - server allows plaintext connections. If set to true, server allows - plain text connections. By default, it is set to false. This setting - is not exclusive of other encryption modes. For example, if - `allow_open` and `mtls_policy` are set, server allows both plain - text and mTLS connections. See documentation of other encryption - modes to confirm compatibility. Consider using it if you wish to - upgrade in place your deployment to TLS while having mixed TLS and - non-TLS traffic reaching port :80. - type: boolean - serverCertificate: + serverCertificate: + $ref: '#/components/schemas/GoogleCloudNetworksecurityV1CertificateProvider' description: >- Optional if policy is to be used with Traffic Director. For Application Load Balancers must be empty. Defines a mechanism to provision server identity (public and private keys). Cannot be combined with `allow_open` as a permissive mode that allows both plain text and TLS is not supported. - $ref: '#/components/schemas/GoogleCloudNetworksecurityV1CertificateProvider' mtlsPolicy: description: >- This field is required if the policy is used with Application Load @@ -2258,334 +2178,153 @@ components: and not mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain text and mTLS connections. $ref: '#/components/schemas/MTLSPolicy' - GoogleCloudNetworksecurityV1CertificateProvider: - id: GoogleCloudNetworksecurityV1CertificateProvider - description: >- - Specification of certificate provider. Defines the mechanism to obtain - the certificate and private key for peer to peer authentication. - type: object - properties: - grpcEndpoint: - description: >- - gRPC specific configuration to access the gRPC server to obtain the - cert and private key. - $ref: '#/components/schemas/GoogleCloudNetworksecurityV1GrpcEndpoint' - certificateProviderInstance: - description: >- - The certificate provider instance specification that will be passed - to the data plane, which will be used to load necessary credential - information. - $ref: '#/components/schemas/CertificateProviderInstance' - GoogleCloudNetworksecurityV1GrpcEndpoint: - id: GoogleCloudNetworksecurityV1GrpcEndpoint - description: Specification of the GRPC Endpoint. - type: object - properties: - targetUri: - description: >- - Required. The target URI of the gRPC endpoint. Only UDS path is - supported, and should start with "unix:". - type: string - CertificateProviderInstance: - id: CertificateProviderInstance - description: >- - Specification of a TLS certificate provider instance. Workloads may have - one or more CertificateProvider instances (plugins) and one of them is - enabled and configured by specifying this message. Workloads use the - values from this message to locate and load the CertificateProvider - instance configuration. - type: object - properties: - pluginInstance: - description: >- - Required. Plugin instance name, used to locate and load - CertificateProvider instance configuration. Set to - "google_cloud_private_spiffe" to use Certificate Authority Service - certificate provider instance. - type: string - MTLSPolicy: - id: MTLSPolicy - description: Specification of the MTLSPolicy. - type: object - properties: - clientValidationMode: - description: >- - When the client presents an invalid certificate or no certificate to - the load balancer, the `client_validation_mode` specifies how the - client connection is handled. Required if the policy is to be used - with the Application Load Balancers. For Traffic Director it must be - empty. - type: string - enumDescriptions: - - Not allowed. - - >- - Allow connection even if certificate chain validation of the - client certificate failed or no client certificate was presented. - The proof of possession of the private key is always checked if - client certificate was presented. This mode requires the backend - to implement processing of data extracted from a client - certificate to authenticate the peer, or to reject connections if - the client certificate fingerprint is missing. - - >- - Require a client certificate and allow connection to the backend - only if validation of the client certificate passed. If set, - requires a reference to non-empty TrustConfig specified in - `client_validation_trust_config`. - enum: - - CLIENT_VALIDATION_MODE_UNSPECIFIED - - ALLOW_INVALID_OR_MISSING_CLIENT_CERT - - REJECT_INVALID - clientValidationCa: - description: >- - Required if the policy is to be used with Traffic Director. For - Application Load Balancers it must be empty. Defines the mechanism - to obtain the Certificate Authority certificate to validate the - client certificate. - type: array - items: - $ref: '#/components/schemas/ValidationCA' - clientValidationTrustConfig: - description: >- - Reference to the TrustConfig from certificatemanager.googleapis.com - namespace. If specified, the chain validation will be performed - against certificates configured in the given TrustConfig. Allowed - only if the policy is to be used with Application Load Balancers. - type: string - ValidationCA: - id: ValidationCA - description: >- - Specification of ValidationCA. Defines the mechanism to obtain the - Certificate Authority certificate to validate the peer certificate. - type: object - properties: - grpcEndpoint: - description: >- - gRPC specific configuration to access the gRPC server to obtain the - CA certificate. - $ref: '#/components/schemas/GoogleCloudNetworksecurityV1GrpcEndpoint' - certificateProviderInstance: - description: >- - The certificate provider instance specification that will be passed - to the data plane, which will be used to load necessary credential - information. - $ref: '#/components/schemas/CertificateProviderInstance' - ListClientTlsPoliciesResponse: - id: ListClientTlsPoliciesResponse - description: Response returned by the ListClientTlsPolicies method. - type: object - properties: - clientTlsPolicies: - description: List of ClientTlsPolicy resources. - type: array - items: - $ref: '#/components/schemas/ClientTlsPolicy' - nextPageToken: - description: >- - If there might be more results than those appearing in this - response, then `next_page_token` is included. To get the next set of - results, call this method again using the value of `next_page_token` - as `page_token`. - type: string - ClientTlsPolicy: - id: ClientTlsPolicy - description: >- - ClientTlsPolicy is a resource that specifies how a client should - authenticate connections to backends of a service. This resource itself - does not affect configuration unless it is attached to a backend service - resource. - type: object - properties: - name: + labels: + type: object + description: Set of label tags associated with the resource. + additionalProperties: + type: string + allowOpen: description: >- - Required. Name of the ClientTlsPolicy resource. It matches the - pattern - `projects/{project}/locations/{location}/clientTlsPolicies/{client_tls_policy}` - type: string - description: - description: Optional. Free-text description of the resource. - type: string + This field applies only for Traffic Director policies. It is must be + set to false for Application Load Balancer policies. Determines if + server allows plaintext connections. If set to true, server allows + plain text connections. By default, it is set to false. This setting + is not exclusive of other encryption modes. For example, if + `allow_open` and `mtls_policy` are set, server allows both plain + text and mTLS connections. See documentation of other encryption + modes to confirm compatibility. Consider using it if you wish to + upgrade in place your deployment to TLS while having mixed TLS and + non-TLS traffic reaching port :80. + type: boolean createTime: - description: Output only. The timestamp when the resource was created. readOnly: true - type: string format: google-datetime + description: Output only. The timestamp when the resource was created. + type: string + description: + type: string + description: Free-text description of the resource. updateTime: description: Output only. The timestamp when the resource was updated. readOnly: true - type: string format: google-datetime - labels: - description: Optional. Set of label tags associated with the resource. - type: object - additionalProperties: - type: string - sni: - description: >- - Optional. Server Name Indication string to present to the server - during TLS handshake. E.g: "secure.example.com". type: string - clientCertificate: - description: >- - Optional. Defines a mechanism to provision client identity (public - and private keys) for peer to peer authentication. The presence of - this dictates mTLS. - $ref: '#/components/schemas/GoogleCloudNetworksecurityV1CertificateProvider' - serverValidationCa: - description: >- - Optional. Defines the mechanism to obtain the Certificate Authority - certificate to validate the server certificate. If empty, client - does not validate the server certificate. - type: array - items: - $ref: '#/components/schemas/ValidationCA' - ListGatewaySecurityPoliciesResponse: - id: ListGatewaySecurityPoliciesResponse - description: Response returned by the ListGatewaySecurityPolicies method. - type: object + id: ServerTlsPolicy + ListInterceptEndpointGroupAssociationsResponse: properties: - gatewaySecurityPolicies: - description: List of GatewaySecurityPolicies resources. - type: array - items: - $ref: '#/components/schemas/GatewaySecurityPolicy' nextPageToken: - description: >- - If there might be more results than those appearing in this - response, then 'next_page_token' is included. To get the next set of - results, call this method again using the value of 'next_page_token' - as 'page_token'. type: string - unreachable: - description: Locations that could not be reached. - type: array + description: >- + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. See + https://google.aip.dev/158 for more details. + interceptEndpointGroupAssociations: items: - type: string - GatewaySecurityPolicy: - id: GatewaySecurityPolicy - description: >- - The GatewaySecurityPolicy resource contains a collection of - GatewaySecurityPolicyRules and associated metadata. + $ref: '#/components/schemas/InterceptEndpointGroupAssociation' + description: The associations from the specified parent. + type: array + id: ListInterceptEndpointGroupAssociationsResponse + description: Response message for ListInterceptEndpointGroupAssociations. type: object + GatewaySecurityPolicy: properties: + description: + type: string + description: Optional. Free-text description of the resource. name: + type: string description: >- Required. Name of the resource. Name is of the form projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy} gateway_security_policy should match the pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$). + tlsInspectionPolicy: + description: >- + Optional. Name of a TLS Inspection Policy resource that defines how + TLS inspection will be performed for any rule(s) which enables it. type: string - createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true + updateTime: type: string + readOnly: true format: google-datetime - updateTime: description: Output only. The timestamp when the resource was updated. + createTime: readOnly: true + description: Output only. The timestamp when the resource was created. type: string format: google-datetime - description: - description: Optional. Free-text description of the resource. - type: string - tlsInspectionPolicy: - description: >- - Optional. Name of a TLS Inspection Policy resource that defines how - TLS inspection will be performed for any rule(s) which enables it. - type: string - ListGatewaySecurityPolicyRulesResponse: - id: ListGatewaySecurityPolicyRulesResponse - description: Response returned by the ListGatewaySecurityPolicyRules method. type: object + description: >- + The GatewaySecurityPolicy resource contains a collection of + GatewaySecurityPolicyRules and associated metadata. + id: GatewaySecurityPolicy + GoogleIamV1AuditLogConfig: + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. properties: - gatewaySecurityPolicyRules: - description: List of GatewaySecurityPolicyRule resources. + exemptedMembers: type: array - items: - $ref: '#/components/schemas/GatewaySecurityPolicyRule' - nextPageToken: description: >- - If there might be more results than those appearing in this - response, then 'next_page_token' is included. To get the next set of - results, call this method again using the value of 'next_page_token' - as 'page_token'. - type: string - unreachable: - description: Locations that could not be reached. - type: array + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. items: type: string - GatewaySecurityPolicyRule: - id: GatewaySecurityPolicyRule - description: >- - The GatewaySecurityPolicyRule resource is in a nested collection within - a GatewaySecurityPolicy and represents a traffic matching condition and - associated action to perform. - type: object - properties: - basicProfile: - description: Required. Profile which tells what the primitive action should be. + logType: type: string - enumDescriptions: - - If there is not a mentioned action for the target. - - Allow the matched traffic. - - Deny the matched traffic. enum: - - BASIC_PROFILE_UNSPECIFIED - - ALLOW - - DENY - name: - description: >- - Required. Immutable. Name of the resource. ame is the full resource - name so - projects/{project}/locations/{location}/gatewaySecurityPolicies/{gateway_security_policy}/rules/{rule} - rule should match the pattern: (^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$). - type: string - createTime: - description: Output only. Time when the rule was created. - readOnly: true + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + description: The log type that this config enables. + id: GoogleIamV1AuditLogConfig + type: object + ListAddressGroupReferencesResponseAddressGroupReference: + type: object + id: ListAddressGroupReferencesResponseAddressGroupReference + description: The Reference of AddressGroup. + properties: + firewallPolicy: type: string - format: google-datetime - updateTime: - description: Output only. Time when the rule was updated. - readOnly: true + description: FirewallPolicy that is using the Address Group. + securityPolicy: + description: Cloud Armor SecurityPolicy that is using the Address Group. type: string - format: google-datetime - enabled: - description: Required. Whether the rule is enforced. - type: boolean - priority: - description: >- - Required. Priority of the rule. Lower number corresponds to higher - precedence. + rulePriority: type: integer format: int32 - description: - description: Optional. Free-text description of the resource. - type: string - sessionMatcher: - description: Required. CEL expression for matching on session criteria. - type: string - applicationMatcher: + description: Rule priority of the FirewallPolicy that is using the Address Group. + CustomInterceptProfile: + properties: + interceptEndpointGroup: description: >- - Optional. CEL expression for matching on L7/application level - criteria. + Required. The target InterceptEndpointGroup. When a firewall rule + with this security profile attached matches a packet, the packet + will be intercepted to the location-local target in this group. type: string - tlsInspectionEnabled: - description: >- - Optional. Flag to enable TLS inspection of traffic matching on , can - only be true if the parent GatewaySecurityPolicy references a - TLSInspectionConfig. - type: boolean - ListUrlListsResponse: - id: ListUrlListsResponse - description: Response returned by the ListUrlLists method. + type: object + id: CustomInterceptProfile + description: >- + CustomInterceptProfile defines in-band integration behavior (intercept). + It is used by firewall rules with an APPLY_SECURITY_PROFILE_GROUP + action. + ListBackendAuthenticationConfigsResponse: type: object properties: - urlLists: - description: List of UrlList resources. - type: array + unreachable: + description: Locations that could not be reached. items: - $ref: '#/components/schemas/UrlList' + type: string + type: array nextPageToken: description: >- If there might be more results than those appearing in this @@ -2593,455 +2332,283 @@ components: results, call this method again using the value of `next_page_token` as `page_token`. type: string - unreachable: - description: Locations that could not be reached. + backendAuthenticationConfigs: + items: + $ref: '#/components/schemas/BackendAuthenticationConfig' + description: List of BackendAuthenticationConfig resources. type: array + id: ListBackendAuthenticationConfigsResponse + description: Response returned by the ListBackendAuthenticationConfigs method. + AuthzPolicyTarget: + id: AuthzPolicyTarget + properties: + resources: items: type: string - UrlList: - id: UrlList - description: >- - UrlList proto helps users to set reusable, independently manageable - lists of hosts, host patterns, URLs, URL patterns. + type: array + description: >- + Required. A list of references to the Forwarding Rules on which this + policy will be applied. + loadBalancingScheme: + enumDescriptions: + - Default value. Do not use. + - >- + Signifies that this is used for Regional internal or Cross-region + internal Application Load Balancing. + - >- + Signifies that this is used for Global external or Regional + external Application Load Balancing. + - >- + Signifies that this is used for Cloud Service Mesh. Meant for use + by CSM GKE controller only. + enum: + - LOAD_BALANCING_SCHEME_UNSPECIFIED + - INTERNAL_MANAGED + - EXTERNAL_MANAGED + - INTERNAL_SELF_MANAGED + type: string + description: >- + Required. All gateways and forwarding rules referenced by this + policy and extensions must share the same load balancing scheme. + Supported values: `INTERNAL_MANAGED` and `EXTERNAL_MANAGED`. For + more information, refer to [Backend services + overview](https://cloud.google.com/load-balancing/docs/backend-service). + description: Specifies the set of targets to which this policy should be applied to. + type: object + InterceptDeploymentGroupConnectedEndpointGroup: type: object + id: InterceptDeploymentGroupConnectedEndpointGroup + description: An endpoint group connected to this deployment group. properties: name: - description: >- - Required. Name of the resource provided by the user. Name is of the - form projects/{project}/locations/{location}/urlLists/{url_list} - url_list should match the - pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$). - type: string - createTime: - description: Output only. Time when the security policy was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Time when the security policy was updated. readOnly: true + description: >- + Output only. The connected endpoint group's resource name, for + example: + `projects/123456789/locations/global/interceptEndpointGroups/my-eg`. + See https://google.aip.dev/124. type: string - format: google-datetime - description: - description: Optional. Free-text description of the resource. - type: string - values: - description: Required. FQDNs and URLs. - type: array + Source: + properties: + ipBlocks: + description: >- + Optional. List of CIDR ranges to match based on source IP address. + At least one IP block should match. Single IP (e.g., "1.2.3.4") and + CIDR (e.g., "1.2.3.0/24") are supported. Authorization based on + source IP alone should be avoided. The IP addresses of any load + balancers or proxies should be considered untrusted. items: type: string - ListTlsInspectionPoliciesResponse: - id: ListTlsInspectionPoliciesResponse - description: Response returned by the ListTlsInspectionPolicies method. - type: object - properties: - tlsInspectionPolicies: - description: List of TlsInspectionPolicies resources. type: array - items: - $ref: '#/components/schemas/TlsInspectionPolicy' - nextPageToken: + principals: description: >- - If there might be more results than those appearing in this - response, then 'next_page_token' is included. To get the next set of - results, call this method again using the value of 'next_page_token' - as 'page_token'. - type: string - unreachable: - description: Locations that could not be reached. + Optional. List of peer identities to match for authorization. At + least one principal should match. Each peer can be an exact match, + or a prefix match (example, "namespace/*") or a suffix match + (example, "*/service-account") or a presence match "*". + Authorization based on the principal name without certificate + validation (configured by ServerTlsPolicy resource) is considered + insecure. type: array items: type: string - TlsInspectionPolicy: - id: TlsInspectionPolicy - description: >- - The TlsInspectionPolicy resource contains references to CA pools in - Certificate Authority Service and associated metadata. + description: Specification of traffic source attributes. + id: Source type: object - properties: - name: + InterceptEndpointGroup: + description: >- + An endpoint group is a consumer frontend for a deployment group + (backend). In order to configure intercept for a network, consumers must + create: - An association between their network and the endpoint group. - + A security profile that points to the endpoint group. - A firewall rule + that references the security profile (group). + type: object + properties: + labels: description: >- - Required. Name of the resource. Name is of the form - projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy} - tls_inspection_policy should match the - pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$). - type: string - description: - description: Optional. Free-text description of the resource. - type: string - createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true + Optional. Labels are key/value pairs that help to organize and + filter resources. + additionalProperties: + type: string + type: object + name: type: string - format: google-datetime + description: >- + Immutable. Identifier. The resource name of this endpoint group, for + example: + `projects/123456789/locations/global/interceptEndpointGroups/my-eg`. + See https://google.aip.dev/122 for more details. updateTime: - description: Output only. The timestamp when the resource was updated. readOnly: true type: string format: google-datetime - caPool: description: >- - Required. A CA pool resource used to issue interception - certificates. The CA pool string has a relative resource path - following the form - "projects/{project}/locations/{location}/caPools/{ca_pool}". + Output only. The timestamp when the resource was most recently + updated. See https://google.aip.dev/148#timestamps. + associations: + type: array + readOnly: true + items: + $ref: '#/components/schemas/InterceptEndpointGroupAssociationDetails' + description: Output only. List of associations to this endpoint group. + description: type: string - trustConfig: description: >- - Optional. A TrustConfig resource used when making a connection to - the TLS server. This is a relative resource path following the form - "projects/{project}/locations/{location}/trustConfigs/{trust_config}". - This is necessary to intercept TLS connections to servers with - certificates signed by a private CA or self-signed certificates. - Note that Secure Web Proxy does not yet honor this field. - type: string - excludePublicCaSet: + Optional. User-provided description of the endpoint group. Used as + additional context for the endpoint group. + createTime: + readOnly: true description: >- - Optional. If FALSE (the default), use our default set of public CAs - in addition to any CAs specified in trust_config. These public CAs - are currently based on the Mozilla Root Program and are subject to - change over time. If TRUE, do not accept our default set of public - CAs. Only CAs specified in trust_config will be accepted. This - defaults to FALSE (use public CAs in addition to trust_config) for - backwards compatibility, but trusting public root CAs is *not - recommended* unless the traffic in question is outbound to public - web servers. When possible, prefer setting this to "false" and - explicitly specifying trusted CAs and certificates in a TrustConfig. - Note that Secure Web Proxy does not yet honor this field. + Output only. The timestamp when the resource was created. See + https://google.aip.dev/148#timestamps. + format: google-datetime + type: string + reconciling: type: boolean - minTlsVersion: + readOnly: true description: >- - Optional. Minimum TLS version that the firewall should use when - negotiating connections with both clients and servers. If this is - not set, then the default value is to allow the broadest set of - clients and servers (TLS 1.0 or higher). Setting this to more - restrictive values may improve security, but may also prevent the - firewall from connecting to some clients or servers. Note that - Secure Web Proxy does not yet honor this field. + Output only. The current state of the resource does not match the + user's intended state, and the system is working to reconcile them. + This is part of the normal operation (e.g. adding a new association + to the group). See https://google.aip.dev/128. + interceptDeploymentGroup: type: string - enumDescriptions: - - Indicates no TLS version was specified. - - TLS 1.0 - - TLS 1.1 - - TLS 1.2 - - TLS 1.3 - enum: - - TLS_VERSION_UNSPECIFIED - - TLS_1_0 - - TLS_1_1 - - TLS_1_2 - - TLS_1_3 - tlsFeatureProfile: description: >- - Optional. The selected Profile. If this is not set, then the default - value is to allow the broadest set of clients and servers - ("PROFILE_COMPATIBLE"). Setting this to more restrictive values may - improve security, but may also prevent the TLS inspection proxy from - connecting to some clients or servers. Note that Secure Web Proxy - does not yet honor this field. - type: string + Required. Immutable. The deployment group that this endpoint group + is connected to, for example: + `projects/123456789/locations/global/interceptDeploymentGroups/my-dg`. + See https://google.aip.dev/124. + state: + enum: + - STATE_UNSPECIFIED + - ACTIVE + - CLOSED + - CREATING + - DELETING + - OUT_OF_SYNC + - DELETE_FAILED + readOnly: true enumDescriptions: - - Indicates no profile was specified. + - State not set (this is not a valid state). - >- - Compatible profile. Allows the broadest set of clients, even those - which support only out-of-date SSL features to negotiate with the - TLS inspection proxy. + The endpoint group is ready and in sync with the target deployment + group. - >- - Modern profile. Supports a wide set of SSL features, allowing - modern clients to negotiate SSL with the TLS inspection proxy. + The deployment group backing this endpoint group has been + force-deleted. This endpoint group cannot be used and interception + is effectively disabled. + - The endpoint group is being created. + - The endpoint group is being deleted. - >- - Restricted profile. Supports a reduced set of SSL features, - intended to meet stricter compliance requirements. + The endpoint group is out of sync with the backing deployment + group. In most cases, this is a result of a transient issue within + the system (e.g. an inaccessible location) and the system is + expected to recover automatically. See the associations field for + details per network and location. - >- - Custom profile. Allow only the set of allowed SSL features - specified in the custom_features field of SslPolicy. - enum: - - PROFILE_UNSPECIFIED - - PROFILE_COMPATIBLE - - PROFILE_MODERN - - PROFILE_RESTRICTED - - PROFILE_CUSTOM - customTlsFeatures: + An attempt to delete the endpoint group has failed. This is a + terminal state and the endpoint group is not expected to recover. + The only permitted operation is to retry deleting the endpoint + group. description: >- - Optional. List of custom TLS cipher suites selected. This field is - valid only if the selected tls_feature_profile is CUSTOM. The - compute.SslPoliciesService.ListAvailableFeatures method returns the - set of features that can be specified in this list. Note that Secure - Web Proxy does not yet honor this field. + Output only. The current state of the endpoint group. See + https://google.aip.dev/216. + type: string + connectedDeploymentGroup: + description: >- + Output only. Details about the connected deployment group to this + endpoint group. + $ref: '#/components/schemas/InterceptEndpointGroupConnectedDeploymentGroup' + readOnly: true + id: InterceptEndpointGroup + Destination: + description: Specification of traffic destination attributes. + properties: + httpHeaderMatch: + description: >- + Optional. Match against key:value pair in http header. Provides a + flexible match based on HTTP headers, for potentially advanced use + cases. At least one header should match. Avoid using header matches + to make authorization decisions unless there is a strong guarantee + that requests arrive through a trusted client or proxy. + $ref: '#/components/schemas/HttpHeaderMatch' + ports: + description: >- + Required. List of destination ports to match. At least one port + should match. + type: array + items: + type: integer + format: uint32 + methods: + items: + type: string type: array + description: >- + Optional. A list of HTTP methods to match. At least one method + should match. Should not be set for gRPC services. + hosts: + description: >- + Required. List of host names to match. Matched against the + ":authority" header in http requests. At least one host should + match. Each host can be an exact match, or a prefix match (example + "mydomain.*") or a suffix match (example "*.myorg.com") or a + presence (any) match "*". items: type: string - ListAuthzPoliciesResponse: - id: ListAuthzPoliciesResponse - description: Message for response to listing `AuthzPolicy` resources. + type: array + id: Destination type: object + ListUrlListsResponse: properties: - authzPolicies: - description: The list of `AuthzPolicy` resources. - type: array - items: - $ref: '#/components/schemas/AuthzPolicy' nextPageToken: - description: A token identifying a page of results that the server returns. + description: >- + If there might be more results than those appearing in this + response, then `next_page_token` is included. To get the next set of + results, call this method again using the value of `next_page_token` + as `page_token`. type: string + urlLists: + items: + $ref: '#/components/schemas/UrlList' + description: List of UrlList resources. + type: array unreachable: - description: Locations that could not be reached. type: array items: type: string - AuthzPolicy: - id: AuthzPolicy - description: >- - `AuthzPolicy` is a resource that allows to forward traffic to a callout - backend designed to scan the traffic for security purposes. + description: Locations that could not be reached. + description: Response returned by the ListUrlLists method. type: object + id: ListUrlListsResponse + ListMirroringDeploymentGroupsResponse: + description: Response message for ListMirroringDeploymentGroups. + id: ListMirroringDeploymentGroupsResponse properties: - name: - description: >- - Required. Identifier. Name of the `AuthzPolicy` resource in the - following format: - `projects/{project}/locations/{location}/authzPolicies/{authz_policy}`. - type: string - createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the resource was updated. - readOnly: true + nextPageToken: type: string - format: google-datetime - description: - description: Optional. A human-readable description of the resource. - type: string - labels: - description: >- - Optional. Set of labels associated with the `AuthzPolicy` resource. - The format must comply with [the following - requirements](/compute/docs/labeling-resources#requirements). - type: object - additionalProperties: - type: string - target: - description: >- - Required. Specifies the set of resources to which this policy should - be applied to. - $ref: '#/components/schemas/AuthzPolicyTarget' - httpRules: description: >- - Optional. A list of authorization HTTP rules to match against the - incoming request. A policy match occurs when at least one HTTP rule - matches the request or when no HTTP rules are specified in the - policy. At least one HTTP Rule is required for Allow or Deny Action. - Limited to 5 rules. - type: array + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. See + https://google.aip.dev/158 for more details. + mirroringDeploymentGroups: + description: The deployment groups from the specified parent. items: - $ref: '#/components/schemas/AuthzPolicyAuthzRule' - action: - description: >- - Required. Can be one of `ALLOW`, `DENY`, `CUSTOM`. When the action - is `CUSTOM`, `customProvider` must be specified. When the action is - `ALLOW`, only requests matching the policy will be allowed. When the - action is `DENY`, only requests matching the policy will be denied. - When a request arrives, the policies are evaluated in the following - order: 1. If there is a `CUSTOM` policy that matches the request, - the `CUSTOM` policy is evaluated using the custom authorization - providers and the request is denied if the provider rejects the - request. 2. If there are any `DENY` policies that match the request, - the request is denied. 3. If there are no `ALLOW` policies for the - resource or if any of the `ALLOW` policies match the request, the - request is allowed. 4. Else the request is denied by default if none - of the configured AuthzPolicies with `ALLOW` action match the - request. - type: string - enumDescriptions: - - Unspecified action. - - Allow request to pass through to the backend. - - Deny the request and return a HTTP 404 to the client. - - >- - Delegate the authorization decision to an external authorization - engine. - enum: - - AUTHZ_ACTION_UNSPECIFIED - - ALLOW - - DENY - - CUSTOM - customProvider: - description: >- - Optional. Required if the action is `CUSTOM`. Allows delegating - authorization decisions to Cloud IAP or to Service Extensions. One - of `cloudIap` or `authzExtension` must be specified. - $ref: '#/components/schemas/AuthzPolicyCustomProvider' - AuthzPolicyTarget: - id: AuthzPolicyTarget - description: Specifies the set of targets to which this policy should be applied to. - type: object - properties: - loadBalancingScheme: - description: >- - Required. All gateways and forwarding rules referenced by this - policy and extensions must share the same load balancing scheme. - Supported values: `INTERNAL_MANAGED` and `EXTERNAL_MANAGED`. For - more information, refer to [Backend services - overview](https://cloud.google.com/load-balancing/docs/backend-service). - type: string - enumDescriptions: - - Default value. Do not use. - - >- - Signifies that this is used for Regional internal or Cross-region - internal Application Load Balancing. - - >- - Signifies that this is used for Global external or Regional - external Application Load Balancing. - - >- - Signifies that this is used for Cloud Service Mesh. Meant for use - by CSM GKE controller only. - enum: - - LOAD_BALANCING_SCHEME_UNSPECIFIED - - INTERNAL_MANAGED - - EXTERNAL_MANAGED - - INTERNAL_SELF_MANAGED - resources: - description: >- - Required. A list of references to the Forwarding Rules on which this - policy will be applied. + $ref: '#/components/schemas/MirroringDeploymentGroup' type: array - items: - type: string - AuthzPolicyAuthzRule: - id: AuthzPolicyAuthzRule - description: Conditions to match against the incoming request. type: object + GoogleCloudNetworksecurityV1GrpcEndpoint: + description: Specification of the GRPC Endpoint. properties: - from: - description: Optional. Describes properties of a source of a request. - $ref: '#/components/schemas/AuthzPolicyAuthzRuleFrom' - to: - description: Optional. Describes properties of a target of a request. - $ref: '#/components/schemas/AuthzPolicyAuthzRuleTo' - when: + targetUri: description: >- - Optional. CEL expression that describes the conditions to be - satisfied for the action. The result of the CEL expression is ANDed - with the from and to. Refer to the CEL language reference for a list - of available attributes. + Required. The target URI of the gRPC endpoint. Only UDS path is + supported, and should start with "unix:". type: string - AuthzPolicyAuthzRuleFrom: - id: AuthzPolicyAuthzRuleFrom - description: Describes properties of one or more sources of a request. - type: object - properties: - sources: - description: >- - Optional. Describes the properties of a request's sources. At least - one of sources or notSources must be specified. Limited to 1 source. - A match occurs when ANY source (in sources or notSources) matches - the request. Within a single source, the match follows AND semantics - across fields and OR semantics within a single field, i.e. a match - occurs when ANY principal matches AND ANY ipBlocks match. - type: array - items: - $ref: '#/components/schemas/AuthzPolicyAuthzRuleFromRequestSource' - notSources: - description: >- - Optional. Describes the negated properties of request sources. - Matches requests from sources that do not match the criteria - specified in this field. At least one of sources or notSources must - be specified. - type: array - items: - $ref: '#/components/schemas/AuthzPolicyAuthzRuleFromRequestSource' - AuthzPolicyAuthzRuleFromRequestSource: - id: AuthzPolicyAuthzRuleFromRequestSource - description: Describes the properties of a single source. - type: object - properties: - principals: - description: >- - Optional. A list of identities derived from the client's - certificate. This field will not match on a request unless frontend - mutual TLS is enabled for the forwarding rule or Gateway and the - client certificate has been successfully validated by mTLS. Each - identity is a string whose value is matched against a list of URI - SANs, DNS Name SANs, or the common name in the client's certificate. - A match happens when any principal matches with the rule. Limited to - 50 principals per Authorization Policy for Regional Internal - Application Load Balancer, Regional External Application Load - Balancer, Cross-region Internal Application Load Balancer, and Cloud - Service Mesh. Limited to 25 principals per Authorization Policy for - Global External Application Load Balancer. - type: array - items: - $ref: '#/components/schemas/AuthzPolicyAuthzRulePrincipal' - ipBlocks: - description: >- - Optional. A list of IP addresses or IP address ranges to match - against the source IP address of the request. Limited to 10 - ip_blocks per Authorization Policy - type: array - items: - $ref: '#/components/schemas/AuthzPolicyAuthzRuleIpBlock' - resources: - description: >- - Optional. A list of resources to match against the resource of the - source VM of a request. Limited to 10 resources per Authorization - Policy. - type: array - items: - $ref: '#/components/schemas/AuthzPolicyAuthzRuleRequestResource' - AuthzPolicyAuthzRulePrincipal: - id: AuthzPolicyAuthzRulePrincipal - description: Describes the properties of a principal to be matched against. + id: GoogleCloudNetworksecurityV1GrpcEndpoint type: object - properties: - principalSelector: - description: >- - Optional. An enum to decide what principal value the principal rule - will match against. If not specified, the PrincipalSelector is - CLIENT_CERT_URI_SAN. - type: string - enumDescriptions: - - >- - Unspecified principal selector. It will be treated as - CLIENT_CERT_URI_SAN by default. - - >- - The principal rule is matched against a list of URI SANs in the - validated client's certificate. A match happens when there is any - exact URI SAN value match. This is the default principal selector. - - >- - The principal rule is matched against a list of DNS Name SANs in - the validated client's certificate. A match happens when there is - any exact DNS Name SAN value match. This is only applicable for - Application Load Balancers except for classic Global External - Application load balancer. CLIENT_CERT_DNS_NAME_SAN is not - supported for INTERNAL_SELF_MANAGED load balancing scheme. - - >- - The principal rule is matched against the common name in the - client's certificate. Authorization against multiple common names - in the client certificate is not supported. Requests with multiple - common names in the client certificate will be rejected if - CLIENT_CERT_COMMON_NAME is set as the principal selector. A match - happens when there is an exact common name value match. This is - only applicable for Application Load Balancers except for classic - Global External Application load balancer. CLIENT_CERT_COMMON_NAME - is not supported for INTERNAL_SELF_MANAGED load balancing scheme. - enum: - - PRINCIPAL_SELECTOR_UNSPECIFIED - - CLIENT_CERT_URI_SAN - - CLIENT_CERT_DNS_NAME_SAN - - CLIENT_CERT_COMMON_NAME - principal: - description: >- - Required. A non-empty string whose value is matched against the - principal value based on the principal_selector. Only exact match - can be applied for CLIENT_CERT_URI_SAN, CLIENT_CERT_DNS_NAME_SAN, - CLIENT_CERT_COMMON_NAME selectors. - $ref: '#/components/schemas/AuthzPolicyAuthzRuleStringMatch' AuthzPolicyAuthzRuleStringMatch: - id: AuthzPolicyAuthzRuleStringMatch description: Determines how a string value should be matched. - type: object properties: exact: description: >- @@ -3054,17 +2621,17 @@ components: prefix is not allowed, please use regex instead. Examples: * ``abc`` matches the value ``abc.xyz`` type: string - suffix: - description: >- - The input string must have the suffix specified here. Note: empty - prefix is not allowed, please use regex instead. Examples: * ``abc`` - matches the value ``xyz.abc`` - type: string contains: + type: string description: >- The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead. Examples: * ``abc`` matches the value ``xyz.abc.def`` + suffix: + description: >- + The input string must have the suffix specified here. Note: empty + prefix is not allowed, please use regex instead. Examples: * ``abc`` + matches the value ``xyz.abc`` type: string ignoreCase: description: >- @@ -3072,446 +2639,368 @@ components: be case insensitive. For example, the matcher ``data`` will match both input string ``Data`` and ``data`` if set to true. type: boolean - AuthzPolicyAuthzRuleIpBlock: - id: AuthzPolicyAuthzRuleIpBlock - description: Represents a range of IP Addresses. type: object + id: AuthzPolicyAuthzRuleStringMatch + MirroringEndpointGroupConnectedDeploymentGroup: + description: The endpoint group's view of a connected deployment group. + id: MirroringEndpointGroupConnectedDeploymentGroup properties: - prefix: - description: Required. The address prefix. + name: + readOnly: true type: string - length: - description: Required. The length of the address range. - type: integer - format: int32 - AuthzPolicyAuthzRuleRequestResource: - id: AuthzPolicyAuthzRuleRequestResource - description: >- - Describes the properties of a client VM resource accessing the internal - application load balancers. - type: object - properties: - tagValueIdSet: - description: >- - Optional. A list of resource tag value permanent IDs to match - against the resource manager tags value associated with the source - VM of a request. - $ref: >- - #/components/schemas/AuthzPolicyAuthzRuleRequestResourceTagValueIdSet - iamServiceAccount: description: >- - Optional. An IAM service account to match against the source service - account of the VM sending the request. - $ref: '#/components/schemas/AuthzPolicyAuthzRuleStringMatch' - AuthzPolicyAuthzRuleRequestResourceTagValueIdSet: - id: AuthzPolicyAuthzRuleRequestResourceTagValueIdSet - description: >- - Describes a set of resource tag value permanent IDs to match against the - resource manager tags value associated with the source VM of a request. - type: object - properties: - ids: + Output only. The connected deployment group's resource name, for + example: + `projects/123456789/locations/global/mirroringDeploymentGroups/my-dg`. + See https://google.aip.dev/124. + locations: description: >- - Required. A list of resource tag value permanent IDs to match - against the resource manager tags value associated with the source - VM of a request. The match follows AND semantics which means all the - ids must match. Limited to 5 ids in the Tag value id set. + Output only. The list of locations where the deployment group is + present. + readOnly: true type: array items: - type: string - format: int64 - AuthzPolicyAuthzRuleTo: - id: AuthzPolicyAuthzRuleTo - description: Describes properties of one or more targets of a request. + $ref: '#/components/schemas/MirroringLocation' type: object + GoogleCloudNetworksecurityV1CertificateProvider: + id: GoogleCloudNetworksecurityV1CertificateProvider properties: - operations: + grpcEndpoint: + $ref: '#/components/schemas/GoogleCloudNetworksecurityV1GrpcEndpoint' description: >- - Optional. Describes properties of one or more targets of a request. - At least one of operations or notOperations must be specified. - Limited to 1 operation. A match occurs when ANY operation (in - operations or notOperations) matches. Within an operation, the match - follows AND semantics across fields and OR semantics within a field, - i.e. a match occurs when ANY path matches AND ANY header matches and - ANY method matches. - type: array - items: - $ref: '#/components/schemas/AuthzPolicyAuthzRuleToRequestOperation' - notOperations: + gRPC specific configuration to access the gRPC server to obtain the + cert and private key. + certificateProviderInstance: description: >- - Optional. Describes the negated properties of the targets of a - request. Matches requests for operations that do not match the - criteria specified in this field. At least one of operations or - notOperations must be specified. - type: array - items: - $ref: '#/components/schemas/AuthzPolicyAuthzRuleToRequestOperation' - AuthzPolicyAuthzRuleToRequestOperation: - id: AuthzPolicyAuthzRuleToRequestOperation - description: Describes properties of one or more targets of a request. + The certificate provider instance specification that will be passed + to the data plane, which will be used to load necessary credential + information. + $ref: '#/components/schemas/CertificateProviderInstance' + description: >- + Specification of certificate provider. Defines the mechanism to obtain + the certificate and private key for peer to peer authentication. type: object + MirroringEndpointGroup: + type: object + id: MirroringEndpointGroup properties: - headerSet: - description: Optional. A list of headers to match against in http header. - $ref: '#/components/schemas/AuthzPolicyAuthzRuleToRequestOperationHeaderSet' - hosts: + updateTime: + readOnly: true + format: google-datetime description: >- - Optional. A list of HTTP Hosts to match against. The match can be - one of exact, prefix, suffix, or contains (substring match). Matches - are always case sensitive unless the ignoreCase is set. Limited to - 10 hosts per Authorization Policy. - type: array - items: - $ref: '#/components/schemas/AuthzPolicyAuthzRuleStringMatch' - paths: + Output only. The timestamp when the resource was most recently + updated. See https://google.aip.dev/148#timestamps. + type: string + name: description: >- - Optional. A list of paths to match against. The match can be one of - exact, prefix, suffix, or contains (substring match). Matches are - always case sensitive unless the ignoreCase is set. Limited to 10 - paths per Authorization Policy. Note that this path match includes - the query parameters. For gRPC services, this should be a - fully-qualified name of the form /package.service/method. + Immutable. Identifier. The resource name of this endpoint group, for + example: + `projects/123456789/locations/global/mirroringEndpointGroups/my-eg`. + See https://google.aip.dev/122 for more details. + type: string + associations: type: array + description: Output only. List of associations to this endpoint group. items: - $ref: '#/components/schemas/AuthzPolicyAuthzRuleStringMatch' - methods: + $ref: '#/components/schemas/MirroringEndpointGroupAssociationDetails' + readOnly: true + state: description: >- - Optional. A list of HTTP methods to match against. Each entry must - be a valid HTTP method name (GET, PUT, POST, HEAD, PATCH, DELETE, - OPTIONS). It only allows exact match and is always case sensitive. - Limited to 10 methods per Authorization Policy. - type: array - items: + Output only. The current state of the endpoint group. See + https://google.aip.dev/216. + enumDescriptions: + - State not set (this is not a valid state). + - >- + The endpoint group is ready and in sync with the target deployment + group. + - >- + The deployment group backing this endpoint group has been + force-deleted. This endpoint group cannot be used and mirroring is + effectively disabled. + - The endpoint group is being created. + - The endpoint group is being deleted. + - >- + The endpoint group is out of sync with the backing deployment + group. In most cases, this is a result of a transient issue within + the system (e.g. an inaccessible location) and the system is + expected to recover automatically. See the associations field for + details per network and location. + - >- + An attempt to delete the endpoint group has failed. This is a + terminal state and the endpoint group is not expected to recover. + The only permitted operation is to retry deleting the endpoint + group. + type: string + readOnly: true + enum: + - STATE_UNSPECIFIED + - ACTIVE + - CLOSED + - CREATING + - DELETING + - OUT_OF_SYNC + - DELETE_FAILED + labels: + type: object + additionalProperties: type: string - AuthzPolicyAuthzRuleToRequestOperationHeaderSet: - id: AuthzPolicyAuthzRuleToRequestOperationHeaderSet - description: Describes a set of HTTP headers to match against. - type: object - properties: - headers: description: >- - Required. A list of headers to match against in http header. The - match can be one of exact, prefix, suffix, or contains (substring - match). The match follows AND semantics which means all the headers - must match. Matches are always case sensitive unless the ignoreCase - is set. Limited to 10 headers per Authorization Policy. + Optional. Labels are key/value pairs that help to organize and + filter resources. + reconciling: + description: >- + Output only. The current state of the resource does not match the + user's intended state, and the system is working to reconcile them. + This is part of the normal operation (e.g. adding a new association + to the group). See https://google.aip.dev/128. + type: boolean + readOnly: true + connectedDeploymentGroups: + readOnly: true type: array items: - $ref: '#/components/schemas/AuthzPolicyAuthzRuleHeaderMatch' - AuthzPolicyAuthzRuleHeaderMatch: - id: AuthzPolicyAuthzRuleHeaderMatch - description: Determines how a HTTP header should be matched. - type: object - properties: - name: - description: Optional. Specifies the name of the header in the request. + $ref: >- + #/components/schemas/MirroringEndpointGroupConnectedDeploymentGroup + description: >- + Output only. List of details about the connected deployment groups + to this endpoint group. + description: + description: >- + Optional. User-provided description of the endpoint group. Used as + additional context for the endpoint group. type: string - value: - description: Optional. Specifies how the header match will be performed. - $ref: '#/components/schemas/AuthzPolicyAuthzRuleStringMatch' - AuthzPolicyCustomProvider: - id: AuthzPolicyCustomProvider - description: >- - Allows delegating authorization decisions to Cloud IAP or to Service - Extensions. - type: object - properties: - cloudIap: + createTime: description: >- - Optional. Delegates authorization decisions to Cloud IAP. Applicable - only for managed load balancers. Enabling Cloud IAP at the - AuthzPolicy level is not compatible with Cloud IAP settings in the - BackendService. Enabling IAP in both places will result in request - failure. Ensure that IAP is enabled in either the AuthzPolicy or the - BackendService but not in both places. - $ref: '#/components/schemas/AuthzPolicyCustomProviderCloudIap' - authzExtension: + Output only. The timestamp when the resource was created. See + https://google.aip.dev/148#timestamps. + format: google-datetime + type: string + readOnly: true + mirroringDeploymentGroup: description: >- - Optional. Delegate authorization decision to user authored Service - Extension. Only one of cloudIap or authzExtension can be specified. - $ref: '#/components/schemas/AuthzPolicyCustomProviderAuthzExtension' - AuthzPolicyCustomProviderCloudIap: - id: AuthzPolicyCustomProviderCloudIap - description: >- - Optional. Delegates authorization decisions to Cloud IAP. Applicable - only for managed load balancers. Enabling Cloud IAP at the AuthzPolicy - level is not compatible with Cloud IAP settings in the BackendService. - Enabling IAP in both places will result in request failure. Ensure that - IAP is enabled in either the AuthzPolicy or the BackendService but not - in both places. - type: object - properties: {} - AuthzPolicyCustomProviderAuthzExtension: - id: AuthzPolicyCustomProviderAuthzExtension + Immutable. The deployment group that this DIRECT endpoint group is + connected to, for example: + `projects/123456789/locations/global/mirroringDeploymentGroups/my-dg`. + See https://google.aip.dev/124. + type: string description: >- - Optional. Delegate authorization decision to user authored extension. - Only one of cloudIap or authzExtension can be specified. - type: object + An endpoint group is a consumer frontend for a deployment group + (backend). In order to configure mirroring for a network, consumers must + create: - An association between their network and the endpoint group. - + A security profile that points to the endpoint group. - A mirroring rule + that references the security profile (group). + InterceptEndpointGroupAssociation: + id: InterceptEndpointGroupAssociation properties: - resources: - description: >- - Required. A list of references to authorization extensions that will - be invoked for requests matching this policy. Limited to 1 custom - provider. - type: array + locations: + readOnly: true items: - type: string - ListSecurityProfileGroupsResponse: - id: ListSecurityProfileGroupsResponse - description: Response returned by the ListSecurityProfileGroups method. - type: object - properties: - securityProfileGroups: - description: List of SecurityProfileGroups resources. + $ref: '#/components/schemas/InterceptLocation' type: array - items: - $ref: '#/components/schemas/SecurityProfileGroup' - nextPageToken: description: >- - If there might be more results than those appearing in this - response, then `next_page_token` is included. To get the next set of - results, call this method again using the value of `next_page_token` - as `page_token`. - type: string - SecurityProfileGroup: - id: SecurityProfileGroup - description: >- - SecurityProfileGroup is a resource that defines the behavior for various - ProfileTypes. - type: object - properties: - name: + Output only. The list of locations where the association is + configured. This information is retrieved from the linked endpoint + group. + reconciling: + type: boolean description: >- - Immutable. Identifier. Name of the SecurityProfileGroup resource. It - matches pattern - `projects|organizations/*/locations/{location}/securityProfileGroups/{security_profile_group}`. - type: string - description: + Output only. The current state of the resource does not match the + user's intended state, and the system is working to reconcile them. + This part of the normal operation (e.g. adding a new location to the + target deployment group). See https://google.aip.dev/128. + readOnly: true + labels: description: >- - Optional. An optional description of the profile group. Max length - 2048 characters. - type: string + Optional. Labels are key/value pairs that help to organize and + filter resources. + type: object + additionalProperties: + type: string createTime: - description: Output only. Resource creation timestamp. - readOnly: true type: string + readOnly: true + description: >- + Output only. The timestamp when the resource was created. See + https://google.aip.dev/148#timestamps. format: google-datetime - updateTime: - description: Output only. Last resource update timestamp. + locationsDetails: + type: array readOnly: true + deprecated: true + description: >- + Output only. The list of locations where the association is present. + This information is retrieved from the linked endpoint group, and + not configured as part of the association itself. + items: + $ref: >- + #/components/schemas/InterceptEndpointGroupAssociationLocationDetails + state: + enumDescriptions: + - Not set. + - >- + The association is ready and in sync with the linked endpoint + group. + - The association is being created. + - The association is being deleted. + - >- + The association is disabled due to a breaking change in another + resource. + - >- + The association is out of sync with the linked endpoint group. In + most cases, this is a result of a transient issue within the + system (e.g. an inaccessible location) and the system is expected + to recover automatically. Check the `locations_details` field for + more details. + - >- + An attempt to delete the association has failed. This is a + terminal state and the association is not expected to be usable as + some of its resources have been deleted. The only permitted + operation is to retry deleting the association. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - CREATING + - DELETING + - CLOSED + - OUT_OF_SYNC + - DELETE_FAILED type: string + description: Output only. Current state of the endpoint group association. + readOnly: true + updateTime: + readOnly: true format: google-datetime - etag: description: >- - Output only. This checksum is computed by the server based on the - value of other fields, and may be sent on update and delete requests - to ensure the client has an up-to-date value before proceeding. - readOnly: true + Output only. The timestamp when the resource was most recently + updated. See https://google.aip.dev/148#timestamps. type: string - dataPathId: + interceptEndpointGroup: description: >- - Output only. Identifier used by the data-path. Unique within - {container, location}. - readOnly: true + Required. Immutable. The endpoint group that this association is + connected to, for example: + `projects/123456789/locations/global/interceptEndpointGroups/my-eg`. + See https://google.aip.dev/124. type: string - format: uint64 - labels: - description: Optional. Labels as key value pairs. - type: object - additionalProperties: - type: string - threatPreventionProfile: - description: >- - Optional. Reference to a SecurityProfile with the ThreatPrevention - configuration. + network: type: string - customMirroringProfile: description: >- - Optional. Reference to a SecurityProfile with the CustomMirroring - configuration. + Required. Immutable. The VPC network that is associated. for + example: `projects/123456789/global/networks/my-network`. See + https://google.aip.dev/124. + name: type: string - customInterceptProfile: description: >- - Optional. Reference to a SecurityProfile with the CustomIntercept - configuration. - type: string - ListSecurityProfilesResponse: - id: ListSecurityProfilesResponse - description: Response returned by the ListSecurityProfiles method. + Immutable. Identifier. The resource name of this endpoint group + association, for example: + `projects/123456789/locations/global/interceptEndpointGroupAssociations/my-eg-association`. + See https://google.aip.dev/122 for more details. type: object + description: >- + An endpoint group association represents a link between a network and an + endpoint group in the organization. Creating an association creates the + networking infrastructure linking the network to the endpoint group, but + does not enable intercept by itself. To enable intercept, the user must + also create a network firewall policy containing intercept rules and + associate it with the network. + AuthzPolicyAuthzRuleRequestResourceTagValueIdSet: + id: AuthzPolicyAuthzRuleRequestResourceTagValueIdSet + description: >- + Describes a set of resource tag value permanent IDs to match against the + resource manager tags value associated with the source VM of a request. properties: - securityProfiles: - description: List of SecurityProfile resources. - type: array - items: - $ref: '#/components/schemas/SecurityProfile' - nextPageToken: + ids: description: >- - If there might be more results than those appearing in this - response, then `next_page_token` is included. To get the next set of - results, call this method again using the value of `next_page_token` - as `page_token`. - type: string - SecurityProfile: - id: SecurityProfile - description: >- - SecurityProfile is a resource that defines the behavior for one of many - ProfileTypes. + Required. A list of resource tag value permanent IDs to match + against the resource manager tags value associated with the source + VM of a request. The match follows AND semantics which means all the + ids must match. Limited to 5 ids in the Tag value id set. + items: + type: string + format: int64 + type: array + type: object + CancelOperationRequest: type: object + description: The request message for Operations.CancelOperation. + id: CancelOperationRequest + properties: {} + ClientTlsPolicy: + id: ClientTlsPolicy + description: >- + ClientTlsPolicy is a resource that specifies how a client should + authenticate connections to backends of a service. This resource itself + does not affect configuration unless it is attached to a backend service + resource. properties: - threatPreventionProfile: - description: The threat prevention configuration for the SecurityProfile. - $ref: '#/components/schemas/ThreatPreventionProfile' - customMirroringProfile: + sni: + type: string description: >- - The custom Packet Mirroring v2 configuration for the - SecurityProfile. - $ref: '#/components/schemas/CustomMirroringProfile' - customInterceptProfile: - description: The custom TPPI configuration for the SecurityProfile. - $ref: '#/components/schemas/CustomInterceptProfile' - name: + Optional. Server Name Indication string to present to the server + during TLS handshake. E.g: "secure.example.com". + clientCertificate: + $ref: '#/components/schemas/GoogleCloudNetworksecurityV1CertificateProvider' description: >- - Immutable. Identifier. Name of the SecurityProfile resource. It - matches pattern - `projects|organizations/*/locations/{location}/securityProfiles/{security_profile}`. - type: string + Optional. Defines a mechanism to provision client identity (public + and private keys) for peer to peer authentication. The presence of + this dictates mTLS. + labels: + description: Optional. Set of label tags associated with the resource. + additionalProperties: + type: string + type: object description: - description: >- - Optional. An optional description of the profile. Max length 512 - characters. type: string + description: Optional. Free-text description of the resource. createTime: - description: Output only. Resource creation timestamp. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Last resource update timestamp. - readOnly: true type: string format: google-datetime - etag: - description: >- - Output only. This checksum is computed by the server based on the - value of other fields, and may be sent on update and delete requests - to ensure the client has an up-to-date value before proceeding. + description: Output only. The timestamp when the resource was created. readOnly: true + name: type: string - labels: - description: Optional. Labels as key value pairs. - type: object - additionalProperties: - type: string - type: description: >- - Immutable. The single ProfileType that the SecurityProfile resource - configures. + Required. Name of the ClientTlsPolicy resource. It matches the + pattern + `projects/{project}/locations/{location}/clientTlsPolicies/{client_tls_policy}` + serverValidationCa: + description: >- + Optional. Defines the mechanism to obtain the Certificate Authority + certificate to validate the server certificate. If empty, client + does not validate the server certificate. + type: array + items: + $ref: '#/components/schemas/ValidationCA' + updateTime: + description: Output only. The timestamp when the resource was updated. + readOnly: true + format: google-datetime type: string - enumDescriptions: - - Profile type not specified. - - Profile type for threat prevention. - - Profile type for packet mirroring v2 - - Profile type for TPPI. - enum: - - PROFILE_TYPE_UNSPECIFIED - - THREAT_PREVENTION - - CUSTOM_MIRRORING - - CUSTOM_INTERCEPT - ThreatPreventionProfile: - id: ThreatPreventionProfile - description: >- - ThreatPreventionProfile defines an action for specific threat signatures - or severity levels. type: object + AuthzPolicyAuthzRuleFrom: + id: AuthzPolicyAuthzRuleFrom properties: - severityOverrides: - description: >- - Optional. Configuration for overriding threats actions by severity - match. + notSources: type: array - items: - $ref: '#/components/schemas/SeverityOverride' - threatOverrides: description: >- - Optional. Configuration for overriding threats actions by threat_id - match. If a threat is matched both by configuration provided in - severity_overrides and threat_overrides, the threat_overrides action - is applied. - type: array + Optional. Describes the negated properties of request sources. + Matches requests from sources that do not match the criteria + specified in this field. At least one of sources or notSources must + be specified. items: - $ref: '#/components/schemas/ThreatOverride' - antivirusOverrides: + $ref: '#/components/schemas/AuthzPolicyAuthzRuleFromRequestSource' + sources: description: >- - Optional. Configuration for overriding antivirus actions per - protocol. + Optional. Describes the properties of a request's sources. At least + one of sources or notSources must be specified. Limited to 1 source. + A match occurs when ANY source (in sources or notSources) matches + the request. Within a single source, the match follows AND semantics + across fields and OR semantics within a single field, i.e. a match + occurs when ANY principal matches AND ANY ipBlocks match. type: array items: - $ref: '#/components/schemas/AntivirusOverride' - SeverityOverride: - id: SeverityOverride - description: Defines what action to take for a specific severity match. + $ref: '#/components/schemas/AuthzPolicyAuthzRuleFromRequestSource' + description: Describes properties of one or more sources of a request. type: object - properties: - severity: - description: Required. Severity level to match. - type: string - enumDescriptions: - - Severity level not specified. - - >- - Suspicious events that do not pose an immediate threat, but that - are reported to call attention to deeper problems that could - possibly exist. - - >- - Warning-level threats that have very little impact on an - organization's infrastructure. They usually require local or - physical system access and may often result in victim privacy - issues and information leakage. - - >- - Minor threats in which impact is minimized, that do not compromise - the target or exploits that require an attacker to reside on the - same local network as the victim, affect only non-standard - configurations or obscure applications, or provide very limited - access. - - >- - Threats that have the ability to become critical but have - mitigating factors; for example, they may be difficult to exploit, - do not result in elevated privileges, or do not have a large - victim pool. - - >- - Serious threats, such as those that affect default installations - of widely deployed software, result in root compromise of servers, - and the exploit code is widely available to attackers. The - attacker usually does not need any special authentication - credentials or knowledge about the individual victims and the - target does not need to be manipulated into performing any special - functions. - enum: - - SEVERITY_UNSPECIFIED - - INFORMATIONAL - - LOW - - MEDIUM - - HIGH - - CRITICAL - action: - description: Required. Threat action override. - type: string - enumDescriptions: - - Threat action not specified. - - The default action (as specified by the vendor) is taken. - - The packet matching this rule will be allowed to transmit. - - >- - The packet matching this rule will be allowed to transmit, but a - threat_log entry will be sent to the consumer project. - - >- - The packet matching this rule will be dropped, and a threat_log - entry will be sent to the consumer project. - enum: - - THREAT_ACTION_UNSPECIFIED - - DEFAULT_ACTION - - ALLOW - - ALERT - - DENY ThreatOverride: id: ThreatOverride description: Defines what action to take for a specific threat_id match. @@ -3521,8 +3010,6 @@ components: description: Required. Vendor-specific ID of a threat to override. type: string type: - description: Output only. Type of the threat (read only). - readOnly: true type: string enumDescriptions: - Type of threat not specified. @@ -3541,6 +3028,7 @@ components: spyware on an infected client is collecting data without the user's consent and/or communicating with a remote attacker. - Threats related to DNS. + readOnly: true enum: - THREAT_TYPE_UNSPECIFIED - UNKNOWN @@ -3548,11 +3036,11 @@ components: - ANTIVIRUS - SPYWARE - DNS + description: Output only. Type of the threat (read only). action: description: >- Required. Threat action override. For some threat types, only a subset of actions applies. - type: string enumDescriptions: - Threat action not specified. - The default action (as specified by the vendor) is taken. @@ -3569,502 +3057,1039 @@ components: - ALLOW - ALERT - DENY - AntivirusOverride: - id: AntivirusOverride - description: Defines what action to take for antivirus threats per protocol. - type: object - properties: - protocol: - description: Required. Protocol to match. - type: string - enumDescriptions: - - Protocol not specified. - - SMTP protocol - - SMB protocol - - POP3 protocol - - IMAP protocol - - HTTP2 protocol - - HTTP protocol - - FTP protocol - enum: - - PROTOCOL_UNSPECIFIED - - SMTP - - SMB - - POP3 - - IMAP - - HTTP2 - - HTTP - - FTP - action: - description: >- - Required. Threat action override. For some threat types, only a - subset of actions applies. type: string - enumDescriptions: - - Threat action not specified. - - The default action (as specified by the vendor) is taken. - - The packet matching this rule will be allowed to transmit. - - >- - The packet matching this rule will be allowed to transmit, but a - threat_log entry will be sent to the consumer project. - - >- - The packet matching this rule will be dropped, and a threat_log - entry will be sent to the consumer project. - enum: - - THREAT_ACTION_UNSPECIFIED - - DEFAULT_ACTION - - ALLOW - - ALERT - - DENY - CustomMirroringProfile: - id: CustomMirroringProfile - description: >- - CustomMirroringProfile defines out-of-band integration behavior - (mirroring). It is used by mirroring rules with a MIRROR action. + ThreatPreventionProfile: type: object - properties: - mirroringEndpointGroup: - description: >- - Required. The target MirroringEndpointGroup. When a mirroring rule - with this security profile attached matches a packet, a replica will - be mirrored to the location-local target in this group. - type: string - CustomInterceptProfile: - id: CustomInterceptProfile + id: ThreatPreventionProfile description: >- - CustomInterceptProfile defines in-band integration behavior (intercept). - It is used by firewall rules with an APPLY_SECURITY_PROFILE_GROUP - action. - type: object + ThreatPreventionProfile defines an action for specific threat signatures + or severity levels. properties: - interceptEndpointGroup: + threatOverrides: + items: + $ref: '#/components/schemas/ThreatOverride' + type: array description: >- - Required. The target InterceptEndpointGroup. When a firewall rule - with this security profile attached matches a packet, the packet - will be intercepted to the location-local target in this group. - type: string - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. + Optional. Configuration for overriding threats actions by threat_id + match. If a threat is matched both by configuration provided in + severity_overrides and threat_overrides, the threat_overrides action + is applied. + antivirusOverrides: + description: >- + Optional. Configuration for overriding antivirus actions per + protocol. + items: + $ref: '#/components/schemas/AntivirusOverride' + type: array + severityOverrides: + items: + $ref: '#/components/schemas/SeverityOverride' + type: array + description: >- + Optional. Configuration for overriding threats actions by severity + match. + ListFirewallEndpointsResponse: type: object + description: Message for response to listing Endpoints + id: ListFirewallEndpointsResponse properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. + firewallEndpoints: type: array items: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/FirewallEndpoint' + description: The list of Endpoint + unreachable: + items: + type: string + type: array + description: Locations that could not be reached. nextPageToken: - description: The standard List next-page token. type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + description: A token identifying a page of results the server should return. + FirewallEndpoint: + id: FirewallEndpoint type: object + description: Message describing Endpoint object. properties: - name: + associations: description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + Output only. List of FirewallEndpointAssociations that are + associated to this endpoint. An association will only appear in this + list after traffic routing is fully configured. + items: + $ref: '#/components/schemas/FirewallEndpointAssociationReference' + type: array + readOnly: true + state: + description: Output only. Current state of the endpoint. + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + - INACTIVE + readOnly: true type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + enumDescriptions: + - Not set. + - Being created. + - Processing configuration updates. + - Being deleted. + - Down or in an error state. + createTime: + description: Output only. Create time stamp. type: string - displayName: + format: google-datetime + readOnly: true + associatedNetworks: + type: array + items: + type: string + deprecated: true description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string + Output only. List of networks that are associated with this endpoint + in the local zone. This is a projection of the + FirewallEndpointAssociations pointing at this endpoint. A network + will only appear in this list after traffic routing is fully + configured. Format: projects/{project}/global/networks/{name}. + readOnly: true labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} type: object additionalProperties: type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleIamV1SetIamPolicyRequest: - id: GoogleIamV1SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: + description: Optional. Labels as key value pairs + updateTime: + type: string + description: Output only. Update time stamp + readOnly: true + format: google-datetime + billingProjectId: + description: Required. Project to bill on endpoint uptime usage. + type: string + endpointSettings: + $ref: '#/components/schemas/FirewallEndpointEndpointSettings' + description: Optional. Settings for the endpoint. + name: + type: string + description: Immutable. Identifier. Name of resource. + satisfiesPzi: + readOnly: true + description: Output only. [Output Only] Reserved for future use. + type: boolean + satisfiesPzs: + description: Output only. [Output Only] Reserved for future use. + readOnly: true + type: boolean + reconciling: + type: boolean description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/GoogleIamV1Policy' - updateMask: + Output only. Whether reconciling is in progress, recommended per + https://google.aip.dev/128. + readOnly: true + description: description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` + Optional. Description of the firewall endpoint. Max length 2048 + characters. type: string - format: google-fieldmask - GoogleIamV1Policy: - id: GoogleIamV1Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + GoogleIamV1AuditConfig: + id: GoogleIamV1AuditConfig type: object properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + service: + type: string description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + auditLogConfigs: items: - $ref: '#/components/schemas/GoogleIamV1Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. + $ref: '#/components/schemas/GoogleIamV1AuditLogConfig' type: array - items: - $ref: '#/components/schemas/GoogleIamV1AuditConfig' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte - GoogleIamV1Binding: - id: GoogleIamV1Binding - description: Associates `members`, or principals, with a `role`. + description: The configuration for logging of each type of permission. + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + HttpHeaderMatch: + id: HttpHeaderMatch type: object properties: - role: + regexMatch: + type: string description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + Required. The value of the header must match the regular expression + specified in regexMatch. For regular expression grammar, please see: + en.cppreference.com/w/cpp/regex/ecmascript For matching against a + port specified in the HTTP request, use a headerMatch with + headerName set to Host and a regular expression that satisfies the + RFC2616 Host header's port specifier. + headerName: type: string - members: description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + Required. The name of the HTTP header to match. For matching against + the HTTP request's authority, use a headerMatch with the header name + ":authority". For matching a request's method, use the headerName + ":method". + description: Specification of HTTP header match attributes. + RemoveAddressGroupItemsRequest: + description: Request used by the RemoveAddressGroupItems method. + type: object + id: RemoveAddressGroupItemsRequest + properties: + items: + items: + type: string + type: array + description: Required. List of items to remove. + requestId: + description: >- + Optional. An optional request ID to identify requests. Specify a + unique request ID so that if you must retry your request, the server + will know to ignore the request if it has already been completed. + The server will guarantee that for at least 60 minutes since the + first request. For example, consider a situation where you make an + initial request and the request times out. If you make the request + again with the same request ID, the server can check if original + operation with the same request ID was received, and if so, will + ignore the second request. This prevents clients from accidentally + creating duplicate commitments. The request ID must be a valid UUID + with the exception that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). + type: string + ListInterceptDeploymentGroupsResponse: + id: ListInterceptDeploymentGroupsResponse + type: object + properties: + interceptDeploymentGroups: + description: The deployment groups from the specified parent. + items: + $ref: '#/components/schemas/InterceptDeploymentGroup' + type: array + nextPageToken: + type: string + description: >- + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. See + https://google.aip.dev/158 for more details. + description: Response message for ListInterceptDeploymentGroups. + AuthzPolicyAuthzRuleToRequestOperation: + description: Describes properties of one or more targets of a request. + id: AuthzPolicyAuthzRuleToRequestOperation + type: object + properties: + hosts: + type: array + description: >- + Optional. A list of HTTP Hosts to match against. The match can be + one of exact, prefix, suffix, or contains (substring match). Matches + are always case sensitive unless the ignoreCase is set. Limited to + 10 hosts per Authorization Policy. + items: + $ref: '#/components/schemas/AuthzPolicyAuthzRuleStringMatch' + methods: + type: array + items: + type: string + description: >- + Optional. A list of HTTP methods to match against. Each entry must + be a valid HTTP method name (GET, PUT, POST, HEAD, PATCH, DELETE, + OPTIONS). It only allows exact match and is always case sensitive. + Limited to 10 methods per Authorization Policy. + headerSet: + description: Optional. A list of headers to match against in http header. + $ref: '#/components/schemas/AuthzPolicyAuthzRuleToRequestOperationHeaderSet' + paths: + items: + $ref: '#/components/schemas/AuthzPolicyAuthzRuleStringMatch' + description: >- + Optional. A list of paths to match against. The match can be one of + exact, prefix, suffix, or contains (substring match). Matches are + always case sensitive unless the ignoreCase is set. Limited to 10 + paths per Authorization Policy. Note that this path match includes + the query parameters. For gRPC services, this should be a + fully-qualified name of the form /package.service/method. + type: array + Location: + properties: + metadata: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + Service-specific metadata. For example the available capacity at the + given location. + name: + type: string + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + labels: + type: object + additionalProperties: + type: string + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + id: Location + description: A resource that represents a Google Cloud location. + type: object + ListGatewaySecurityPoliciesResponse: + properties: + nextPageToken: + type: string + description: >- + If there might be more results than those appearing in this + response, then 'next_page_token' is included. To get the next set of + results, call this method again using the value of 'next_page_token' + as 'page_token'. + unreachable: + items: + type: string + type: array + description: Locations that could not be reached. + gatewaySecurityPolicies: + items: + $ref: '#/components/schemas/GatewaySecurityPolicy' + description: List of GatewaySecurityPolicies resources. + type: array + type: object + description: Response returned by the ListGatewaySecurityPolicies method. + id: ListGatewaySecurityPoliciesResponse + Status: + id: Status + type: object + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + properties: + message: + type: string + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + details: + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + ListTlsInspectionPoliciesResponse: + description: Response returned by the ListTlsInspectionPolicies method. + type: object + properties: + nextPageToken: + type: string + description: >- + If there might be more results than those appearing in this + response, then 'next_page_token' is included. To get the next set of + results, call this method again using the value of 'next_page_token' + as 'page_token'. + unreachable: + description: Locations that could not be reached. + type: array + items: + type: string + tlsInspectionPolicies: + type: array + description: List of TlsInspectionPolicies resources. + items: + $ref: '#/components/schemas/TlsInspectionPolicy' + id: ListTlsInspectionPoliciesResponse + AuthorizationPolicy: + id: AuthorizationPolicy + description: >- + AuthorizationPolicy is a resource that specifies how a server should + authorize incoming connections. This resource in itself does not change + the configuration unless it's attached to a target https proxy or + endpoint config selector resource. + type: object + properties: + action: + enumDescriptions: + - Default value. + - Grant access. + - >- + Deny access. Deny rules should be avoided unless they are used to + provide a default "deny all" fallback. + type: string + enum: + - ACTION_UNSPECIFIED + - ALLOW + - DENY + description: >- + Required. The action to take when a rule match is found. Possible + values are "ALLOW" or "DENY". + rules: + type: array + items: + $ref: '#/components/schemas/Rule' + description: >- + Optional. List of rules to match. Note that at least one of the + rules must match in order for the action specified in the 'action' + field to be taken. A rule is a match if there is a matching source + and destination. If left blank, the action specified in the `action` + field will be applied on every request. + labels: + description: >- + Optional. Set of label tags associated with the AuthorizationPolicy + resource. + type: object + additionalProperties: + type: string + createTime: + type: string + description: Output only. The timestamp when the resource was created. + format: google-datetime + readOnly: true + name: + type: string + description: >- + Required. Name of the AuthorizationPolicy resource. It matches + pattern + `projects/{project}/locations/{location}/authorizationPolicies/`. + description: + type: string + description: Optional. Free-text description of the resource. + updateTime: + type: string + description: Output only. The timestamp when the resource was updated. + readOnly: true + format: google-datetime + ListMirroringEndpointGroupAssociationsResponse: + properties: + mirroringEndpointGroupAssociations: + type: array + items: + $ref: '#/components/schemas/MirroringEndpointGroupAssociation' + description: The associations from the specified parent. + nextPageToken: + description: >- + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. See + https://google.aip.dev/158 for more details. + type: string + id: ListMirroringEndpointGroupAssociationsResponse + type: object + description: Response message for ListMirroringEndpointGroupAssociations. + MirroringEndpointGroupAssociationDetails: + properties: + network: + readOnly: true + description: >- + Output only. The associated network, for example: + projects/123456789/global/networks/my-network. See + https://google.aip.dev/124. + type: string + state: + description: Output only. Most recent known state of the association. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - CREATING + - DELETING + - CLOSED + - OUT_OF_SYNC + - DELETE_FAILED + type: string + readOnly: true + enumDescriptions: + - Not set. + - >- + The association is ready and in sync with the linked endpoint + group. + - The association is being created. + - The association is being deleted. + - >- + The association is disabled due to a breaking change in another + resource. + - >- + The association is out of sync with the linked endpoint group. In + most cases, this is a result of a transient issue within the + system (e.g. an inaccessible location) and the system is expected + to recover automatically. Check the `locations_details` field for + more details. + - >- + An attempt to delete the association has failed. This is a + terminal state and the association is not expected to be usable as + some of its resources have been deleted. The only permitted + operation is to retry deleting the association. + name: + description: >- + Output only. The connected association's resource name, for example: + `projects/123456789/locations/global/mirroringEndpointGroupAssociations/my-ega`. + See https://google.aip.dev/124. + readOnly: true + type: string + description: The endpoint group's view of a connected association. + type: object + id: MirroringEndpointGroupAssociationDetails + ListMirroringEndpointGroupsResponse: + type: object + properties: + mirroringEndpointGroups: + items: + $ref: '#/components/schemas/MirroringEndpointGroup' + type: array + description: The endpoint groups from the specified parent. + nextPageToken: + description: >- + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted, there are no subsequent pages. See + https://google.aip.dev/158 for more details. + type: string + id: ListMirroringEndpointGroupsResponse + description: Response message for ListMirroringEndpointGroups. + MirroringEndpointGroupAssociation: + description: >- + An endpoint group association represents a link between a network and an + endpoint group in the organization. Creating an association creates the + networking infrastructure linking the network to the endpoint group, but + does not enable mirroring by itself. To enable mirroring, the user must + also create a network firewall policy containing mirroring rules and + associate it with the network. + properties: + locations: + items: + $ref: '#/components/schemas/MirroringLocation' + type: array + readOnly: true + description: >- + Output only. The list of locations where the association is + configured. This information is retrieved from the linked endpoint + group. + state: + description: Output only. Current state of the endpoint group association. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - CREATING + - DELETING + - CLOSED + - OUT_OF_SYNC + - DELETE_FAILED + type: string + enumDescriptions: + - Not set. + - >- + The association is ready and in sync with the linked endpoint + group. + - The association is being created. + - The association is being deleted. + - >- + The association is disabled due to a breaking change in another + resource. + - >- + The association is out of sync with the linked endpoint group. In + most cases, this is a result of a transient issue within the + system (e.g. an inaccessible location) and the system is expected + to recover automatically. Check the `locations_details` field for + more details. + - >- + An attempt to delete the association has failed. This is a + terminal state and the association is not expected to be usable as + some of its resources have been deleted. The only permitted + operation is to retry deleting the association. + readOnly: true + createTime: + description: >- + Output only. The timestamp when the resource was created. See + https://google.aip.dev/148#timestamps. + readOnly: true + format: google-datetime + type: string + labels: + additionalProperties: + type: string + type: object + description: >- + Optional. Labels are key/value pairs that help to organize and + filter resources. + network: + description: >- + Immutable. The VPC network that is associated. for example: + `projects/123456789/global/networks/my-network`. See + https://google.aip.dev/124. + type: string + locationsDetails: + deprecated: true + readOnly: true + items: + $ref: >- + #/components/schemas/MirroringEndpointGroupAssociationLocationDetails + description: >- + Output only. The list of locations where the association is present. + This information is retrieved from the linked endpoint group, and + not configured as part of the association itself. + type: array + reconciling: + type: boolean + description: >- + Output only. The current state of the resource does not match the + user's intended state, and the system is working to reconcile them. + This part of the normal operation (e.g. adding a new location to the + target deployment group). See https://google.aip.dev/128. + readOnly: true + name: + description: >- + Immutable. Identifier. The resource name of this endpoint group + association, for example: + `projects/123456789/locations/global/mirroringEndpointGroupAssociations/my-eg-association`. + See https://google.aip.dev/122 for more details. + type: string + mirroringEndpointGroup: + type: string + description: >- + Immutable. The endpoint group that this association is connected to, + for example: + `projects/123456789/locations/global/mirroringEndpointGroups/my-eg`. + See https://google.aip.dev/124. + updateTime: + format: google-datetime + type: string + description: >- + Output only. The timestamp when the resource was most recently + updated. See https://google.aip.dev/148#timestamps. + readOnly: true + id: MirroringEndpointGroupAssociation + type: object + ListClientTlsPoliciesResponse: + description: Response returned by the ListClientTlsPolicies method. + type: object + properties: + nextPageToken: + type: string + description: >- + If there might be more results than those appearing in this + response, then `next_page_token` is included. To get the next set of + results, call this method again using the value of `next_page_token` + as `page_token`. + clientTlsPolicies: type: array + items: + $ref: '#/components/schemas/ClientTlsPolicy' + description: List of ClientTlsPolicy resources. + id: ListClientTlsPoliciesResponse + TlsInspectionPolicy: + id: TlsInspectionPolicy + type: object + properties: + customTlsFeatures: + description: >- + Optional. List of custom TLS cipher suites selected. This field is + valid only if the selected tls_feature_profile is CUSTOM. The + compute.SslPoliciesService.ListAvailableFeatures method returns the + set of features that can be specified in this list. Note that Secure + Web Proxy does not yet honor this field. items: type: string - condition: + type: array + excludePublicCaSet: + type: boolean description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr + Optional. If FALSE (the default), use our default set of public CAs + in addition to any CAs specified in trust_config. These public CAs + are currently based on the Mozilla Root Program and are subject to + change over time. If TRUE, do not accept our default set of public + CAs. Only CAs specified in trust_config will be accepted. This + defaults to FALSE (use public CAs in addition to trust_config) for + backwards compatibility, but trusting public root CAs is *not + recommended* unless the traffic in question is outbound to public + web servers. When possible, prefer setting this to "false" and + explicitly specifying trusted CAs and certificates in a TrustConfig. + Note that Secure Web Proxy does not yet honor this field. + caPool: + type: string + description: >- + Required. A CA pool resource used to issue interception + certificates. The CA pool string has a relative resource path + following the form + "projects/{project}/locations/{location}/caPools/{ca_pool}". + tlsFeatureProfile: + description: >- + Optional. The selected Profile. If this is not set, then the default + value is to allow the broadest set of clients and servers + ("PROFILE_COMPATIBLE"). Setting this to more restrictive values may + improve security, but may also prevent the TLS inspection proxy from + connecting to some clients or servers. Note that Secure Web Proxy + does not yet honor this field. + type: string + enum: + - PROFILE_UNSPECIFIED + - PROFILE_COMPATIBLE + - PROFILE_MODERN + - PROFILE_RESTRICTED + - PROFILE_CUSTOM + enumDescriptions: + - Indicates no profile was specified. + - >- + Compatible profile. Allows the broadest set of clients, even those + which support only out-of-date SSL features to negotiate with the + TLS inspection proxy. + - >- + Modern profile. Supports a wide set of SSL features, allowing + modern clients to negotiate SSL with the TLS inspection proxy. + - >- + Restricted profile. Supports a reduced set of SSL features, + intended to meet stricter compliance requirements. + - >- + Custom profile. Allow only the set of allowed SSL features + specified in the custom_features field of SslPolicy. + createTime: + type: string + format: google-datetime + readOnly: true + description: Output only. The timestamp when the resource was created. + trustConfig: + type: string + description: >- + Optional. A TrustConfig resource used when making a connection to + the TLS server. This is a relative resource path following the form + "projects/{project}/locations/{location}/trustConfigs/{trust_config}". + This is necessary to intercept TLS connections to servers with + certificates signed by a private CA or self-signed certificates. + Note that Secure Web Proxy does not yet honor this field. + description: + description: Optional. Free-text description of the resource. + type: string + updateTime: + type: string + readOnly: true + format: google-datetime + description: Output only. The timestamp when the resource was updated. + name: + type: string + description: >- + Required. Name of the resource. Name is of the form + projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy} + tls_inspection_policy should match the + pattern:(^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$). + minTlsVersion: + type: string + description: >- + Optional. Minimum TLS version that the firewall should use when + negotiating connections with both clients and servers. If this is + not set, then the default value is to allow the broadest set of + clients and servers (TLS 1.0 or higher). Setting this to more + restrictive values may improve security, but may also prevent the + firewall from connecting to some clients or servers. Note that + Secure Web Proxy does not yet honor this field. + enum: + - TLS_VERSION_UNSPECIFIED + - TLS_1_0 + - TLS_1_1 + - TLS_1_2 + - TLS_1_3 + enumDescriptions: + - Indicates no TLS version was specified. + - TLS 1.0 + - TLS 1.1 + - TLS 1.2 + - TLS 1.3 description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + The TlsInspectionPolicy resource contains references to CA pools in + Certificate Authority Service and associated metadata. + ListOperationsResponse: + id: ListOperationsResponse type: object + description: The response message for Operations.ListOperations. properties: - expression: + unreachable: description: >- - Textual representation of an expression in Common Expression - Language syntax. + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + items: + type: string + type: array + operations: + description: >- + A list of operations that matches the specified filter in the + request. + type: array + items: + $ref: '#/components/schemas/Operation' + nextPageToken: + type: string + description: The standard List next-page token. + MirroringLocation: + description: Details about mirroring in a specific cloud location. + type: object + properties: + state: + readOnly: true + enum: + - STATE_UNSPECIFIED + - ACTIVE + - OUT_OF_SYNC + type: string + enumDescriptions: + - State not set (this is not a valid state). + - The resource is ready and in sync in the location. + - >- + The resource is out of sync in the location. In most cases, this + is a result of a transient issue within the system (e.g. an + inaccessible location) and the system is expected to recover + automatically. + description: Output only. The current state of the association in this location. + location: + readOnly: true + description: >- + Output only. The cloud location, e.g. "us-central1-a" or + "asia-south1". + type: string + id: MirroringLocation + ListLocationsResponse: + properties: + locations: + items: + $ref: '#/components/schemas/Location' + type: array + description: >- + A list of locations that matches the specified filter in the + request. + nextPageToken: + description: The standard List next-page token. + type: string + description: The response message for Locations.ListLocations. + id: ListLocationsResponse + type: object + BackendAuthenticationConfig: + id: BackendAuthenticationConfig + properties: + clientCertificate: + description: >- + Optional. A reference to a + certificatemanager.googleapis.com.Certificate resource. This is a + relative resource path following the form + "projects/{project}/locations/{location}/certificates/{certificate}". + Used by a BackendService to negotiate mTLS when the backend + connection uses TLS and the backend requests a client certificate. + Must have a CLIENT_AUTH scope. + type: string + description: + description: Optional. Free-text description of the resource. + type: string + updateTime: + type: string + description: Output only. The timestamp when the resource was updated. + readOnly: true + format: google-datetime + etag: + type: string + description: Output only. Etag of the resource. + readOnly: true + labels: + type: object + additionalProperties: + type: string + description: Set of label tags associated with the resource. + wellKnownRoots: + description: Well known roots to use for server certificate validation. + enumDescriptions: + - Equivalent to NONE. + - >- + The BackendService will only validate server certificates against + roots specified in TrustConfig. + - >- + The BackendService uses a set of well-known public roots, in + addition to any roots specified in the trustConfig field, when + validating the server certificates presented by the backend. + Validation with these roots is only considered when the + TlsSettings.sni field in the BackendService is set. The well-known + roots are a set of root CAs managed by Google. CAs in this set can + be added or removed without notice. type: string - title: + enum: + - WELL_KNOWN_ROOTS_UNSPECIFIED + - NONE + - PUBLIC_ROOTS + name: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + Required. Name of the BackendAuthenticationConfig resource. It + matches the pattern + `projects/*/locations/{location}/backendAuthenticationConfigs/{backend_authentication_config}` type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + createTime: type: string - location: + readOnly: true + description: Output only. The timestamp when the resource was created. + format: google-datetime + trustConfig: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + Optional. A reference to a TrustConfig resource from the + certificatemanager.googleapis.com namespace. This is a relative + resource path following the form + "projects/{project}/locations/{location}/trustConfigs/{trust_config}". + A BackendService uses the chain of trust represented by this + TrustConfig, if specified, to validate the server certificates + presented by the backend. Required unless wellKnownRoots is set to + PUBLIC_ROOTS. type: string - GoogleIamV1AuditConfig: - id: GoogleIamV1AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. type: object - properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/GoogleIamV1AuditLogConfig' - GoogleIamV1AuditLogConfig: - id: GoogleIamV1AuditLogConfig description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - type: object + BackendAuthenticationConfig message groups the TrustConfig together with + other settings that control how the load balancer authenticates, and + expresses its identity to, the backend: * `trustConfig` is the attached + TrustConfig. * `wellKnownRoots` indicates whether the load balance + should trust backend server certificates that are issued by public + certificate authorities, in addition to certificates trusted by the + TrustConfig. * `clientCertificate` is a client certificate that the load + balancer uses to express its identity to the backend, if the connection + to the backend uses mTLS. You can attach the BackendAuthenticationConfig + to the load balancer's BackendService directly determining how that + BackendService negotiates TLS. + GoogleIamV1SetIamPolicyRequest: + id: GoogleIamV1SetIamPolicyRequest + description: Request message for `SetIamPolicy` method. properties: - logType: - description: The log type that this config enables. + policy: + description: >- + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/GoogleIamV1Policy' + updateMask: + format: google-fieldmask type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: - type: string - GoogleIamV1TestIamPermissionsRequest: - id: GoogleIamV1TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` type: object - properties: - permissions: - description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - GoogleIamV1TestIamPermissionsResponse: - id: GoogleIamV1TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. + AuthzPolicyCustomProviderAuthzExtension: type: object + id: AuthzPolicyCustomProviderAuthzExtension properties: - permissions: + resources: description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. + Required. A list of references to authorization extensions that will + be invoked for requests matching this policy. Limited to 1 custom + provider. type: array items: type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. - type: object + description: >- + Optional. Delegate authorization decision to user authored extension. + Only one of cloudIap or authzExtension can be specified. + Operation: + id: Operation + description: >- + This resource represents a long-running operation that is the result of + a network API call. properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - target: + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true - type: string - requestedCancellation: + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + error: description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string + done: type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + response: + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + AuthzPolicyCustomProviderCloudIap: + properties: {} + type: object + description: >- + Optional. Delegates authorization decisions to Cloud IAP. Applicable + only for managed load balancers. Enabling Cloud IAP at the AuthzPolicy + level is not compatible with Cloud IAP settings in the BackendService. + Enabling IAP in both places will result in request failure. Ensure that + IAP is enabled in either the AuthzPolicy or the BackendService but not + in both places. + id: AuthzPolicyCustomProviderCloudIap + CertificateProviderInstance: + id: CertificateProviderInstance + properties: + pluginInstance: + description: >- + Required. Plugin instance name, used to locate and load + CertificateProvider instance configuration. Set to + "google_cloud_private_spiffe" to use Certificate Authority Service + certificate provider instance. type: string + type: object + description: >- + Specification of a TLS certificate provider instance. Workloads may have + one or more CertificateProvider instances (plugins) and one of them is + enabled and configured by specifying this message. Workloads use the + values from this message to locate and load the CertificateProvider + instance configuration. parameters: access_token: description: OAuth access token. @@ -4072,22 +4097,30 @@ components: name: access_token schema: type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto callback: description: JSONP in: query name: callback schema: type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string fields: description: Selector specifying which fields to include in a partial response. in: query @@ -4103,18 +4136,12 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: oauth_token + name: uploadType schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -4124,18 +4151,6 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string _.xgafv: description: V1 error format. in: query @@ -4145,348 +4160,302 @@ components: enum: - '1' - '2' + alt: + description: Data format for response. + in: query + name: alt + schema: + type: string + enum: + - json + - media + - proto x-stackQL-resources: - locations: - id: google.networksecurity.locations - name: locations - title: Locations - methods: - projects_locations_list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations - projects_locations_get: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/locations/methods/projects_locations_get - - $ref: >- - #/components/x-stackQL-resources/locations/methods/projects_locations_list - insert: [] - update: [] - replace: [] - delete: [] - operations: - id: google.networksecurity.operations - name: operations - title: Operations + mirroring_deployments: + id: google.networksecurity.mirroring_deployments + name: mirroring_deployments + title: Mirroring_deployments methods: - projects_locations_operations_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_operations_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_operations_delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_operations_cancel: + projects_locations_mirroring_deployments_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeployments~1{mirroringDeploymentsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_operations_list: + projects_locations_mirroring_deployments_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeployments~1{mirroringDeploymentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - organizations_locations_operations_get: + projects_locations_mirroring_deployments_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeployments~1{mirroringDeploymentsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_operations_delete: + projects_locations_mirroring_deployments_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeployments/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_operations_cancel: + objectKey: $.unreachable + projects_locations_mirroring_deployments_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeployments/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get + #/components/x-stackQL-resources/mirroring_deployments/methods/projects_locations_mirroring_deployments_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/organizations_locations_operations_get + #/components/x-stackQL-resources/mirroring_deployments/methods/projects_locations_mirroring_deployments_list + insert: - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_list + #/components/x-stackQL-resources/mirroring_deployments/methods/projects_locations_mirroring_deployments_create + update: - $ref: >- - #/components/x-stackQL-resources/operations/methods/organizations_locations_operations_list - insert: [] - update: [] + #/components/x-stackQL-resources/mirroring_deployments/methods/projects_locations_mirroring_deployments_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_delete - - $ref: >- - #/components/x-stackQL-resources/operations/methods/organizations_locations_operations_delete - address_groups: - id: google.networksecurity.address_groups - name: address_groups - title: Address_groups + #/components/x-stackQL-resources/mirroring_deployments/methods/projects_locations_mirroring_deployments_delete + mirroring_endpoint_group_associations: + id: google.networksecurity.mirroring_endpoint_group_associations + name: mirroring_endpoint_group_associations + title: Mirroring_endpoint_group_associations methods: - projects_locations_address_groups_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.addressGroups - projects_locations_address_groups_create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_address_groups_get: + projects_locations_mirroring_endpoint_group_associations_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroupAssociations~1{mirroringEndpointGroupAssociationsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_address_groups_patch: + projects_locations_mirroring_endpoint_group_associations_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroupAssociations~1{mirroringEndpointGroupAssociationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_address_groups_delete: + projects_locations_mirroring_endpoint_group_associations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroupAssociations~1{mirroringEndpointGroupAssociationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_address_groups_clone_items: + projects_locations_mirroring_endpoint_group_associations_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:cloneItems/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroupAssociations/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_address_groups_list: + projects_locations_mirroring_endpoint_group_associations_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroupAssociations/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.addressGroups - organizations_locations_address_groups_create: + objectKey: $.mirroringEndpointGroupAssociations + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/mirroring_endpoint_group_associations/methods/projects_locations_mirroring_endpoint_group_associations_get + - $ref: >- + #/components/x-stackQL-resources/mirroring_endpoint_group_associations/methods/projects_locations_mirroring_endpoint_group_associations_list + insert: + - $ref: >- + #/components/x-stackQL-resources/mirroring_endpoint_group_associations/methods/projects_locations_mirroring_endpoint_group_associations_create + update: + - $ref: >- + #/components/x-stackQL-resources/mirroring_endpoint_group_associations/methods/projects_locations_mirroring_endpoint_group_associations_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/mirroring_endpoint_group_associations/methods/projects_locations_mirroring_endpoint_group_associations_delete + intercept_endpoint_group_associations: + id: google.networksecurity.intercept_endpoint_group_associations + name: intercept_endpoint_group_associations + title: Intercept_endpoint_group_associations + methods: + projects_locations_intercept_endpoint_group_associations_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroupAssociations~1{interceptEndpointGroupAssociationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_address_groups_get: + projects_locations_intercept_endpoint_group_associations_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroupAssociations~1{interceptEndpointGroupAssociationsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_address_groups_patch: + projects_locations_intercept_endpoint_group_associations_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroupAssociations~1{interceptEndpointGroupAssociationsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_address_groups_delete: + projects_locations_intercept_endpoint_group_associations_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroupAssociations/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_address_groups_clone_items: + projects_locations_intercept_endpoint_group_associations_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:cloneItems/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroupAssociations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.interceptEndpointGroupAssociations sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/address_groups/methods/projects_locations_address_groups_get - - $ref: >- - #/components/x-stackQL-resources/address_groups/methods/organizations_locations_address_groups_get - - $ref: >- - #/components/x-stackQL-resources/address_groups/methods/projects_locations_address_groups_list + #/components/x-stackQL-resources/intercept_endpoint_group_associations/methods/projects_locations_intercept_endpoint_group_associations_get - $ref: >- - #/components/x-stackQL-resources/address_groups/methods/organizations_locations_address_groups_list + #/components/x-stackQL-resources/intercept_endpoint_group_associations/methods/projects_locations_intercept_endpoint_group_associations_list insert: - $ref: >- - #/components/x-stackQL-resources/address_groups/methods/projects_locations_address_groups_create - - $ref: >- - #/components/x-stackQL-resources/address_groups/methods/organizations_locations_address_groups_create + #/components/x-stackQL-resources/intercept_endpoint_group_associations/methods/projects_locations_intercept_endpoint_group_associations_create update: - $ref: >- - #/components/x-stackQL-resources/address_groups/methods/projects_locations_address_groups_patch - - $ref: >- - #/components/x-stackQL-resources/address_groups/methods/organizations_locations_address_groups_patch + #/components/x-stackQL-resources/intercept_endpoint_group_associations/methods/projects_locations_intercept_endpoint_group_associations_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/address_groups/methods/projects_locations_address_groups_delete - - $ref: >- - #/components/x-stackQL-resources/address_groups/methods/organizations_locations_address_groups_delete - address_groups_items: - id: google.networksecurity.address_groups_items - name: address_groups_items - title: Address_groups_items + #/components/x-stackQL-resources/intercept_endpoint_group_associations/methods/projects_locations_intercept_endpoint_group_associations_delete + mirroring_deployment_groups: + id: google.networksecurity.mirroring_deployment_groups + name: mirroring_deployment_groups + title: Mirroring_deployment_groups methods: - projects_locations_address_groups_add_items: + projects_locations_mirroring_deployment_groups_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:addItems/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeploymentGroups~1{mirroringDeploymentGroupsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_address_groups_remove_items: + projects_locations_mirroring_deployment_groups_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:removeItems/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeploymentGroups~1{mirroringDeploymentGroupsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_address_groups_add_items: + projects_locations_mirroring_deployment_groups_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:addItems/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeploymentGroups~1{mirroringDeploymentGroupsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_address_groups_remove_items: + projects_locations_mirroring_deployment_groups_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:removeItems/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeploymentGroups/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_mirroring_deployment_groups_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeploymentGroups/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.mirroringDeploymentGroups sqlVerbs: - select: [] + select: + - $ref: >- + #/components/x-stackQL-resources/mirroring_deployment_groups/methods/projects_locations_mirroring_deployment_groups_get + - $ref: >- + #/components/x-stackQL-resources/mirroring_deployment_groups/methods/projects_locations_mirroring_deployment_groups_list insert: - $ref: >- - #/components/x-stackQL-resources/address_groups_items/methods/projects_locations_address_groups_add_items + #/components/x-stackQL-resources/mirroring_deployment_groups/methods/projects_locations_mirroring_deployment_groups_create + update: - $ref: >- - #/components/x-stackQL-resources/address_groups_items/methods/organizations_locations_address_groups_add_items - update: [] + #/components/x-stackQL-resources/mirroring_deployment_groups/methods/projects_locations_mirroring_deployment_groups_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/address_groups_items/methods/projects_locations_address_groups_remove_items - - $ref: >- - #/components/x-stackQL-resources/address_groups_items/methods/organizations_locations_address_groups_remove_items - address_groups_references: - id: google.networksecurity.address_groups_references - name: address_groups_references - title: Address_groups_references + #/components/x-stackQL-resources/mirroring_deployment_groups/methods/projects_locations_mirroring_deployment_groups_delete + intercept_deployment_groups: + id: google.networksecurity.intercept_deployment_groups + name: intercept_deployment_groups + title: Intercept_deployment_groups methods: - projects_locations_address_groups_list_references: + projects_locations_intercept_deployment_groups_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:listReferences/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeploymentGroups~1{interceptDeploymentGroupsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.addressGroupReferences - organizations_locations_address_groups_list_references: + projects_locations_intercept_deployment_groups_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:listReferences/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeploymentGroups~1{interceptDeploymentGroupsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.addressGroupReferences - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/address_groups_references/methods/projects_locations_address_groups_list_references - - $ref: >- - #/components/x-stackQL-resources/address_groups_references/methods/organizations_locations_address_groups_list_references - insert: [] - update: [] - replace: [] - delete: [] - address_groups_iam_policies: - id: google.networksecurity.address_groups_iam_policies - name: address_groups_iam_policies - title: Address_groups_iam_policies - methods: - projects_locations_address_groups_set_iam_policy: + projects_locations_intercept_deployment_groups_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeploymentGroups~1{interceptDeploymentGroupsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_address_groups_get_iam_policy: + projects_locations_intercept_deployment_groups_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeploymentGroups/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_address_groups_test_iam_permissions: + objectKey: $.interceptDeploymentGroups + projects_locations_intercept_deployment_groups_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeploymentGroups/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/address_groups_iam_policies/methods/projects_locations_address_groups_get_iam_policy - insert: [] - update: [] - replace: + #/components/x-stackQL-resources/intercept_deployment_groups/methods/projects_locations_intercept_deployment_groups_get - $ref: >- - #/components/x-stackQL-resources/address_groups_iam_policies/methods/projects_locations_address_groups_set_iam_policy - delete: [] + #/components/x-stackQL-resources/intercept_deployment_groups/methods/projects_locations_intercept_deployment_groups_list + insert: + - $ref: >- + #/components/x-stackQL-resources/intercept_deployment_groups/methods/projects_locations_intercept_deployment_groups_create + update: + - $ref: >- + #/components/x-stackQL-resources/intercept_deployment_groups/methods/projects_locations_intercept_deployment_groups_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/intercept_deployment_groups/methods/projects_locations_intercept_deployment_groups_delete firewall_endpoint_associations: id: google.networksecurity.firewall_endpoint_associations name: firewall_endpoint_associations @@ -4507,10 +4476,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_firewall_endpoint_associations_get: + projects_locations_firewall_endpoint_associations_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1firewallEndpointAssociations~1{firewallEndpointAssociationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1firewallEndpointAssociations~1{firewallEndpointAssociationsId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -4521,10 +4490,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_firewall_endpoint_associations_patch: + projects_locations_firewall_endpoint_associations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1firewallEndpointAssociations~1{firewallEndpointAssociationsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1firewallEndpointAssociations~1{firewallEndpointAssociationsId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -4544,712 +4513,784 @@ components: delete: - $ref: >- #/components/x-stackQL-resources/firewall_endpoint_associations/methods/projects_locations_firewall_endpoint_associations_delete - intercept_endpoint_groups: - id: google.networksecurity.intercept_endpoint_groups - name: intercept_endpoint_groups - title: Intercept_endpoint_groups + server_tls_policies: + id: google.networksecurity.server_tls_policies + name: server_tls_policies + title: Server_tls_policies methods: - projects_locations_intercept_endpoint_groups_list: + projects_locations_server_tls_policies_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroups/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serverTlsPolicies~1{serverTlsPoliciesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.interceptEndpointGroups - projects_locations_intercept_endpoint_groups_create: + projects_locations_server_tls_policies_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroups/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serverTlsPolicies~1{serverTlsPoliciesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_intercept_endpoint_groups_get: + projects_locations_server_tls_policies_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroups~1{interceptEndpointGroupsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serverTlsPolicies~1{serverTlsPoliciesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_intercept_endpoint_groups_patch: + projects_locations_server_tls_policies_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroups~1{interceptEndpointGroupsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serverTlsPolicies/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_intercept_endpoint_groups_delete: + projects_locations_server_tls_policies_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroups~1{interceptEndpointGroupsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serverTlsPolicies/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/intercept_endpoint_groups/methods/projects_locations_intercept_endpoint_groups_get + #/components/x-stackQL-resources/server_tls_policies/methods/projects_locations_server_tls_policies_get - $ref: >- - #/components/x-stackQL-resources/intercept_endpoint_groups/methods/projects_locations_intercept_endpoint_groups_list + #/components/x-stackQL-resources/server_tls_policies/methods/projects_locations_server_tls_policies_list insert: - $ref: >- - #/components/x-stackQL-resources/intercept_endpoint_groups/methods/projects_locations_intercept_endpoint_groups_create + #/components/x-stackQL-resources/server_tls_policies/methods/projects_locations_server_tls_policies_create update: - $ref: >- - #/components/x-stackQL-resources/intercept_endpoint_groups/methods/projects_locations_intercept_endpoint_groups_patch + #/components/x-stackQL-resources/server_tls_policies/methods/projects_locations_server_tls_policies_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/intercept_endpoint_groups/methods/projects_locations_intercept_endpoint_groups_delete - intercept_endpoint_group_associations: - id: google.networksecurity.intercept_endpoint_group_associations - name: intercept_endpoint_group_associations - title: Intercept_endpoint_group_associations + #/components/x-stackQL-resources/server_tls_policies/methods/projects_locations_server_tls_policies_delete + server_tls_policies_iam_policies: + id: google.networksecurity.server_tls_policies_iam_policies + name: server_tls_policies_iam_policies + title: Server_tls_policies_iam_policies + methods: + projects_locations_server_tls_policies_set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serverTlsPolicies~1{serverTlsPoliciesId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_server_tls_policies_get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serverTlsPolicies~1{serverTlsPoliciesId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + projects_locations_server_tls_policies_test_iam_permissions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serverTlsPolicies~1{serverTlsPoliciesId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/server_tls_policies_iam_policies/methods/projects_locations_server_tls_policies_get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/server_tls_policies_iam_policies/methods/projects_locations_server_tls_policies_set_iam_policy + delete: [] + address_groups_iam_policies: + id: google.networksecurity.address_groups_iam_policies + name: address_groups_iam_policies + title: Address_groups_iam_policies + methods: + projects_locations_address_groups_get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + projects_locations_address_groups_set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_address_groups_test_iam_permissions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/address_groups_iam_policies/methods/projects_locations_address_groups_get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/address_groups_iam_policies/methods/projects_locations_address_groups_set_iam_policy + delete: [] + address_groups: + id: google.networksecurity.address_groups + name: address_groups + title: Address_groups methods: - projects_locations_intercept_endpoint_group_associations_list: + projects_locations_address_groups_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroupAssociations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.interceptEndpointGroupAssociations - projects_locations_intercept_endpoint_group_associations_create: + projects_locations_address_groups_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroupAssociations/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_intercept_endpoint_group_associations_get: + objectKey: $.unreachable + projects_locations_address_groups_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroupAssociations~1{interceptEndpointGroupAssociationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_intercept_endpoint_group_associations_patch: + projects_locations_address_groups_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroupAssociations~1{interceptEndpointGroupAssociationsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_intercept_endpoint_group_associations_delete: + projects_locations_address_groups_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroupAssociations~1{interceptEndpointGroupAssociationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}/patch response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/intercept_endpoint_group_associations/methods/projects_locations_intercept_endpoint_group_associations_get - - $ref: >- - #/components/x-stackQL-resources/intercept_endpoint_group_associations/methods/projects_locations_intercept_endpoint_group_associations_list - insert: - - $ref: >- - #/components/x-stackQL-resources/intercept_endpoint_group_associations/methods/projects_locations_intercept_endpoint_group_associations_create - update: - - $ref: >- - #/components/x-stackQL-resources/intercept_endpoint_group_associations/methods/projects_locations_intercept_endpoint_group_associations_patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/intercept_endpoint_group_associations/methods/projects_locations_intercept_endpoint_group_associations_delete - intercept_deployment_groups: - id: google.networksecurity.intercept_deployment_groups - name: intercept_deployment_groups - title: Intercept_deployment_groups - methods: - projects_locations_intercept_deployment_groups_list: + projects_locations_address_groups_clone_items: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeploymentGroups/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:cloneItems/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.interceptDeploymentGroups - projects_locations_intercept_deployment_groups_create: + organizations_locations_address_groups_clone_items: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeploymentGroups/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:cloneItems/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_intercept_deployment_groups_get: + organizations_locations_address_groups_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeploymentGroups~1{interceptDeploymentGroupsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_intercept_deployment_groups_patch: + organizations_locations_address_groups_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeploymentGroups~1{interceptDeploymentGroupsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_intercept_deployment_groups_delete: + organizations_locations_address_groups_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeploymentGroups~1{interceptDeploymentGroupsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_locations_address_groups_create: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups/post + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_locations_address_groups_list: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/intercept_deployment_groups/methods/projects_locations_intercept_deployment_groups_get + #/components/x-stackQL-resources/address_groups/methods/projects_locations_address_groups_get - $ref: >- - #/components/x-stackQL-resources/intercept_deployment_groups/methods/projects_locations_intercept_deployment_groups_list + #/components/x-stackQL-resources/address_groups/methods/organizations_locations_address_groups_get + - $ref: >- + #/components/x-stackQL-resources/address_groups/methods/projects_locations_address_groups_list + - $ref: >- + #/components/x-stackQL-resources/address_groups/methods/organizations_locations_address_groups_list insert: - $ref: >- - #/components/x-stackQL-resources/intercept_deployment_groups/methods/projects_locations_intercept_deployment_groups_create + #/components/x-stackQL-resources/address_groups/methods/projects_locations_address_groups_create + - $ref: >- + #/components/x-stackQL-resources/address_groups/methods/organizations_locations_address_groups_create update: - $ref: >- - #/components/x-stackQL-resources/intercept_deployment_groups/methods/projects_locations_intercept_deployment_groups_patch + #/components/x-stackQL-resources/address_groups/methods/projects_locations_address_groups_patch + - $ref: >- + #/components/x-stackQL-resources/address_groups/methods/organizations_locations_address_groups_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/intercept_deployment_groups/methods/projects_locations_intercept_deployment_groups_delete - intercept_deployments: - id: google.networksecurity.intercept_deployments - name: intercept_deployments - title: Intercept_deployments + #/components/x-stackQL-resources/address_groups/methods/projects_locations_address_groups_delete + - $ref: >- + #/components/x-stackQL-resources/address_groups/methods/organizations_locations_address_groups_delete + address_groups_items: + id: google.networksecurity.address_groups_items + name: address_groups_items + title: Address_groups_items methods: - projects_locations_intercept_deployments_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeployments/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.interceptDeployments - projects_locations_intercept_deployments_create: + projects_locations_address_groups_remove_items: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeployments/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:removeItems/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_intercept_deployments_get: + projects_locations_address_groups_add_items: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeployments~1{interceptDeploymentsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:addItems/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_intercept_deployments_patch: + organizations_locations_address_groups_remove_items: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeployments~1{interceptDeploymentsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:removeItems/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_intercept_deployments_delete: + organizations_locations_address_groups_add_items: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeployments~1{interceptDeploymentsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:addItems/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/intercept_deployments/methods/projects_locations_intercept_deployments_get - - $ref: >- - #/components/x-stackQL-resources/intercept_deployments/methods/projects_locations_intercept_deployments_list + select: [] insert: - $ref: >- - #/components/x-stackQL-resources/intercept_deployments/methods/projects_locations_intercept_deployments_create - update: + #/components/x-stackQL-resources/address_groups_items/methods/projects_locations_address_groups_add_items - $ref: >- - #/components/x-stackQL-resources/intercept_deployments/methods/projects_locations_intercept_deployments_patch + #/components/x-stackQL-resources/address_groups_items/methods/organizations_locations_address_groups_add_items + update: [] replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/intercept_deployments/methods/projects_locations_intercept_deployments_delete - mirroring_endpoint_groups: - id: google.networksecurity.mirroring_endpoint_groups - name: mirroring_endpoint_groups - title: Mirroring_endpoint_groups + #/components/x-stackQL-resources/address_groups_items/methods/projects_locations_address_groups_remove_items + - $ref: >- + #/components/x-stackQL-resources/address_groups_items/methods/organizations_locations_address_groups_remove_items + address_groups_references: + id: google.networksecurity.address_groups_references + name: address_groups_references + title: Address_groups_references methods: - projects_locations_mirroring_endpoint_groups_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroups/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.mirroringEndpointGroups - projects_locations_mirroring_endpoint_groups_create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroups/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_mirroring_endpoint_groups_get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroups~1{mirroringEndpointGroupsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_mirroring_endpoint_groups_patch: + projects_locations_address_groups_list_references: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroups~1{mirroringEndpointGroupsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:listReferences/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_mirroring_endpoint_groups_delete: + objectKey: $.addressGroupReferences + organizations_locations_address_groups_list_references: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroups~1{mirroringEndpointGroupsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1addressGroups~1{addressGroupsId}:listReferences/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.addressGroupReferences sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/mirroring_endpoint_groups/methods/projects_locations_mirroring_endpoint_groups_get - - $ref: >- - #/components/x-stackQL-resources/mirroring_endpoint_groups/methods/projects_locations_mirroring_endpoint_groups_list - insert: - - $ref: >- - #/components/x-stackQL-resources/mirroring_endpoint_groups/methods/projects_locations_mirroring_endpoint_groups_create - update: + #/components/x-stackQL-resources/address_groups_references/methods/projects_locations_address_groups_list_references - $ref: >- - #/components/x-stackQL-resources/mirroring_endpoint_groups/methods/projects_locations_mirroring_endpoint_groups_patch + #/components/x-stackQL-resources/address_groups_references/methods/organizations_locations_address_groups_list_references + insert: [] + update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/mirroring_endpoint_groups/methods/projects_locations_mirroring_endpoint_groups_delete - mirroring_endpoint_group_associations: - id: google.networksecurity.mirroring_endpoint_group_associations - name: mirroring_endpoint_group_associations - title: Mirroring_endpoint_group_associations + delete: [] + gateway_security_policies: + id: google.networksecurity.gateway_security_policies + name: gateway_security_policies + title: Gateway_security_policies methods: - projects_locations_mirroring_endpoint_group_associations_list: + projects_locations_gateway_security_policies_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroupAssociations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies~1{gatewaySecurityPoliciesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.mirroringEndpointGroupAssociations - projects_locations_mirroring_endpoint_group_associations_create: + projects_locations_gateway_security_policies_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroupAssociations/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies~1{gatewaySecurityPoliciesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_mirroring_endpoint_group_associations_get: + projects_locations_gateway_security_policies_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroupAssociations~1{mirroringEndpointGroupAssociationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies~1{gatewaySecurityPoliciesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_mirroring_endpoint_group_associations_patch: + projects_locations_gateway_security_policies_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroupAssociations~1{mirroringEndpointGroupAssociationsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_mirroring_endpoint_group_associations_delete: + objectKey: $.gatewaySecurityPolicies + projects_locations_gateway_security_policies_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroupAssociations~1{mirroringEndpointGroupAssociationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/mirroring_endpoint_group_associations/methods/projects_locations_mirroring_endpoint_group_associations_get + #/components/x-stackQL-resources/gateway_security_policies/methods/projects_locations_gateway_security_policies_get - $ref: >- - #/components/x-stackQL-resources/mirroring_endpoint_group_associations/methods/projects_locations_mirroring_endpoint_group_associations_list + #/components/x-stackQL-resources/gateway_security_policies/methods/projects_locations_gateway_security_policies_list insert: - $ref: >- - #/components/x-stackQL-resources/mirroring_endpoint_group_associations/methods/projects_locations_mirroring_endpoint_group_associations_create + #/components/x-stackQL-resources/gateway_security_policies/methods/projects_locations_gateway_security_policies_create update: - $ref: >- - #/components/x-stackQL-resources/mirroring_endpoint_group_associations/methods/projects_locations_mirroring_endpoint_group_associations_patch + #/components/x-stackQL-resources/gateway_security_policies/methods/projects_locations_gateway_security_policies_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/mirroring_endpoint_group_associations/methods/projects_locations_mirroring_endpoint_group_associations_delete - mirroring_deployment_groups: - id: google.networksecurity.mirroring_deployment_groups - name: mirroring_deployment_groups - title: Mirroring_deployment_groups + #/components/x-stackQL-resources/gateway_security_policies/methods/projects_locations_gateway_security_policies_delete + rules: + id: google.networksecurity.rules + name: rules + title: Rules methods: - projects_locations_mirroring_deployment_groups_list: + projects_locations_gateway_security_policies_rules_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeploymentGroups/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies~1{gatewaySecurityPoliciesId}~1rules/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.mirroringDeploymentGroups - projects_locations_mirroring_deployment_groups_create: + projects_locations_gateway_security_policies_rules_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeploymentGroups/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies~1{gatewaySecurityPoliciesId}~1rules/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_mirroring_deployment_groups_get: + objectKey: $.gatewaySecurityPolicyRules + projects_locations_gateway_security_policies_rules_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeploymentGroups~1{mirroringDeploymentGroupsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies~1{gatewaySecurityPoliciesId}~1rules~1{rulesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_mirroring_deployment_groups_patch: + projects_locations_gateway_security_policies_rules_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeploymentGroups~1{mirroringDeploymentGroupsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies~1{gatewaySecurityPoliciesId}~1rules~1{rulesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_mirroring_deployment_groups_delete: + projects_locations_gateway_security_policies_rules_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeploymentGroups~1{mirroringDeploymentGroupsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies~1{gatewaySecurityPoliciesId}~1rules~1{rulesId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/mirroring_deployment_groups/methods/projects_locations_mirroring_deployment_groups_get + #/components/x-stackQL-resources/rules/methods/projects_locations_gateway_security_policies_rules_get - $ref: >- - #/components/x-stackQL-resources/mirroring_deployment_groups/methods/projects_locations_mirroring_deployment_groups_list + #/components/x-stackQL-resources/rules/methods/projects_locations_gateway_security_policies_rules_list insert: - $ref: >- - #/components/x-stackQL-resources/mirroring_deployment_groups/methods/projects_locations_mirroring_deployment_groups_create + #/components/x-stackQL-resources/rules/methods/projects_locations_gateway_security_policies_rules_create update: - $ref: >- - #/components/x-stackQL-resources/mirroring_deployment_groups/methods/projects_locations_mirroring_deployment_groups_patch + #/components/x-stackQL-resources/rules/methods/projects_locations_gateway_security_policies_rules_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/mirroring_deployment_groups/methods/projects_locations_mirroring_deployment_groups_delete - mirroring_deployments: - id: google.networksecurity.mirroring_deployments - name: mirroring_deployments - title: Mirroring_deployments + #/components/x-stackQL-resources/rules/methods/projects_locations_gateway_security_policies_rules_delete + intercept_deployments: + id: google.networksecurity.intercept_deployments + name: intercept_deployments + title: Intercept_deployments methods: - projects_locations_mirroring_deployments_list: + projects_locations_intercept_deployments_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeployments/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeployments~1{interceptDeploymentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.mirroringDeployments - projects_locations_mirroring_deployments_create: + projects_locations_intercept_deployments_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeployments/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeployments~1{interceptDeploymentsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_mirroring_deployments_get: + projects_locations_intercept_deployments_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeployments~1{mirroringDeploymentsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeployments~1{interceptDeploymentsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_mirroring_deployments_patch: + projects_locations_intercept_deployments_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeployments~1{mirroringDeploymentsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeployments/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_mirroring_deployments_delete: + projects_locations_intercept_deployments_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringDeployments~1{mirroringDeploymentsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptDeployments/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.interceptDeployments sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/mirroring_deployments/methods/projects_locations_mirroring_deployments_get + #/components/x-stackQL-resources/intercept_deployments/methods/projects_locations_intercept_deployments_get - $ref: >- - #/components/x-stackQL-resources/mirroring_deployments/methods/projects_locations_mirroring_deployments_list + #/components/x-stackQL-resources/intercept_deployments/methods/projects_locations_intercept_deployments_list insert: - $ref: >- - #/components/x-stackQL-resources/mirroring_deployments/methods/projects_locations_mirroring_deployments_create + #/components/x-stackQL-resources/intercept_deployments/methods/projects_locations_intercept_deployments_create update: - $ref: >- - #/components/x-stackQL-resources/mirroring_deployments/methods/projects_locations_mirroring_deployments_patch + #/components/x-stackQL-resources/intercept_deployments/methods/projects_locations_intercept_deployments_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/mirroring_deployments/methods/projects_locations_mirroring_deployments_delete - authorization_policies: - id: google.networksecurity.authorization_policies - name: authorization_policies - title: Authorization_policies + #/components/x-stackQL-resources/intercept_deployments/methods/projects_locations_intercept_deployments_delete + authz_policies: + id: google.networksecurity.authz_policies + name: authz_policies + title: Authz_policies methods: - projects_locations_authorization_policies_list: + projects_locations_authz_policies_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizationPolicies/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzPolicies~1{authzPoliciesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.authorizationPolicies - projects_locations_authorization_policies_create: + projects_locations_authz_policies_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizationPolicies/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzPolicies~1{authzPoliciesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_authorization_policies_get: + projects_locations_authz_policies_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizationPolicies~1{authorizationPoliciesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzPolicies~1{authzPoliciesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_authorization_policies_patch: + projects_locations_authz_policies_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizationPolicies~1{authorizationPoliciesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzPolicies/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_authorization_policies_delete: + objectKey: $.authzPolicies + projects_locations_authz_policies_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizationPolicies~1{authorizationPoliciesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzPolicies/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/authorization_policies/methods/projects_locations_authorization_policies_get + #/components/x-stackQL-resources/authz_policies/methods/projects_locations_authz_policies_get - $ref: >- - #/components/x-stackQL-resources/authorization_policies/methods/projects_locations_authorization_policies_list + #/components/x-stackQL-resources/authz_policies/methods/projects_locations_authz_policies_list insert: - $ref: >- - #/components/x-stackQL-resources/authorization_policies/methods/projects_locations_authorization_policies_create + #/components/x-stackQL-resources/authz_policies/methods/projects_locations_authz_policies_create update: - $ref: >- - #/components/x-stackQL-resources/authorization_policies/methods/projects_locations_authorization_policies_patch + #/components/x-stackQL-resources/authz_policies/methods/projects_locations_authz_policies_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/authorization_policies/methods/projects_locations_authorization_policies_delete - authorization_policies_iam_policies: - id: google.networksecurity.authorization_policies_iam_policies - name: authorization_policies_iam_policies - title: Authorization_policies_iam_policies + #/components/x-stackQL-resources/authz_policies/methods/projects_locations_authz_policies_delete + authz_policies_iam_policies: + id: google.networksecurity.authz_policies_iam_policies + name: authz_policies_iam_policies + title: Authz_policies_iam_policies methods: - projects_locations_authorization_policies_set_iam_policy: + projects_locations_authz_policies_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizationPolicies~1{authorizationPoliciesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzPolicies~1{authzPoliciesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_authorization_policies_get_iam_policy: + objectKey: $.bindings + projects_locations_authz_policies_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizationPolicies~1{authorizationPoliciesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzPolicies~1{authzPoliciesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_authorization_policies_test_iam_permissions: + projects_locations_authz_policies_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizationPolicies~1{authorizationPoliciesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzPolicies~1{authzPoliciesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/authorization_policies_iam_policies/methods/projects_locations_authorization_policies_get_iam_policy + #/components/x-stackQL-resources/authz_policies_iam_policies/methods/projects_locations_authz_policies_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/authorization_policies_iam_policies/methods/projects_locations_authorization_policies_set_iam_policy + #/components/x-stackQL-resources/authz_policies_iam_policies/methods/projects_locations_authz_policies_set_iam_policy delete: [] - backend_authentication_configs: - id: google.networksecurity.backend_authentication_configs - name: backend_authentication_configs - title: Backend_authentication_configs + operations: + id: google.networksecurity.operations + name: operations + title: Operations methods: - projects_locations_backend_authentication_configs_list: + projects_locations_operations_cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backendAuthenticationConfigs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.backendAuthenticationConfigs - projects_locations_backend_authentication_configs_create: + projects_locations_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backendAuthenticationConfigs/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_backend_authentication_configs_get: + objectKey: $.unreachable + projects_locations_operations_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backendAuthenticationConfigs~1{backendAuthenticationConfigsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_backend_authentication_configs_patch: + projects_locations_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backendAuthenticationConfigs~1{backendAuthenticationConfigsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_backend_authentication_configs_delete: + organizations_locations_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backendAuthenticationConfigs~1{backendAuthenticationConfigsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + organizations_locations_operations_get: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_locations_operations_delete: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_locations_operations_cancel: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/backend_authentication_configs/methods/projects_locations_backend_authentication_configs_get + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get - $ref: >- - #/components/x-stackQL-resources/backend_authentication_configs/methods/projects_locations_backend_authentication_configs_list - insert: + #/components/x-stackQL-resources/operations/methods/organizations_locations_operations_get - $ref: >- - #/components/x-stackQL-resources/backend_authentication_configs/methods/projects_locations_backend_authentication_configs_create - update: + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_list - $ref: >- - #/components/x-stackQL-resources/backend_authentication_configs/methods/projects_locations_backend_authentication_configs_patch + #/components/x-stackQL-resources/operations/methods/organizations_locations_operations_list + insert: [] + update: [] replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/backend_authentication_configs/methods/projects_locations_backend_authentication_configs_delete - server_tls_policies: - id: google.networksecurity.server_tls_policies - name: server_tls_policies - title: Server_tls_policies + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_delete + - $ref: >- + #/components/x-stackQL-resources/operations/methods/organizations_locations_operations_delete + authorization_policies: + id: google.networksecurity.authorization_policies + name: authorization_policies + title: Authorization_policies methods: - projects_locations_server_tls_policies_list: + projects_locations_authorization_policies_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serverTlsPolicies/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizationPolicies/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.serverTlsPolicies - projects_locations_server_tls_policies_create: + objectKey: $.authorizationPolicies + projects_locations_authorization_policies_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serverTlsPolicies/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizationPolicies/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_server_tls_policies_get: + projects_locations_authorization_policies_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serverTlsPolicies~1{serverTlsPoliciesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizationPolicies~1{authorizationPoliciesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_server_tls_policies_patch: + projects_locations_authorization_policies_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serverTlsPolicies~1{serverTlsPoliciesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizationPolicies~1{authorizationPoliciesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_server_tls_policies_delete: + projects_locations_authorization_policies_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serverTlsPolicies~1{serverTlsPoliciesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizationPolicies~1{authorizationPoliciesId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/server_tls_policies/methods/projects_locations_server_tls_policies_get + #/components/x-stackQL-resources/authorization_policies/methods/projects_locations_authorization_policies_get - $ref: >- - #/components/x-stackQL-resources/server_tls_policies/methods/projects_locations_server_tls_policies_list + #/components/x-stackQL-resources/authorization_policies/methods/projects_locations_authorization_policies_list insert: - $ref: >- - #/components/x-stackQL-resources/server_tls_policies/methods/projects_locations_server_tls_policies_create + #/components/x-stackQL-resources/authorization_policies/methods/projects_locations_authorization_policies_create update: - $ref: >- - #/components/x-stackQL-resources/server_tls_policies/methods/projects_locations_server_tls_policies_patch + #/components/x-stackQL-resources/authorization_policies/methods/projects_locations_authorization_policies_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/server_tls_policies/methods/projects_locations_server_tls_policies_delete - server_tls_policies_iam_policies: - id: google.networksecurity.server_tls_policies_iam_policies - name: server_tls_policies_iam_policies - title: Server_tls_policies_iam_policies + #/components/x-stackQL-resources/authorization_policies/methods/projects_locations_authorization_policies_delete + authorization_policies_iam_policies: + id: google.networksecurity.authorization_policies_iam_policies + name: authorization_policies_iam_policies + title: Authorization_policies_iam_policies methods: - projects_locations_server_tls_policies_set_iam_policy: + projects_locations_authorization_policies_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serverTlsPolicies~1{serverTlsPoliciesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizationPolicies~1{authorizationPoliciesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_server_tls_policies_get_iam_policy: + projects_locations_authorization_policies_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serverTlsPolicies~1{serverTlsPoliciesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizationPolicies~1{authorizationPoliciesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - projects_locations_server_tls_policies_test_iam_permissions: + projects_locations_authorization_policies_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serverTlsPolicies~1{serverTlsPoliciesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authorizationPolicies~1{authorizationPoliciesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/server_tls_policies_iam_policies/methods/projects_locations_server_tls_policies_get_iam_policy + #/components/x-stackQL-resources/authorization_policies_iam_policies/methods/projects_locations_authorization_policies_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/server_tls_policies_iam_policies/methods/projects_locations_server_tls_policies_set_iam_policy + #/components/x-stackQL-resources/authorization_policies_iam_policies/methods/projects_locations_authorization_policies_set_iam_policy delete: [] client_tls_policies: id: google.networksecurity.client_tls_policies name: client_tls_policies title: Client_tls_policies methods: + projects_locations_client_tls_policies_create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clientTlsPolicies/post + response: + mediaType: application/json + openAPIDocKey: '200' projects_locations_client_tls_policies_list: operation: $ref: >- @@ -5258,10 +5299,10 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.clientTlsPolicies - projects_locations_client_tls_policies_create: + projects_locations_client_tls_policies_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clientTlsPolicies/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clientTlsPolicies~1{clientTlsPoliciesId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -5279,13 +5320,6 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_client_tls_policies_delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clientTlsPolicies~1{clientTlsPoliciesId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' sqlVerbs: select: - $ref: >- @@ -5307,28 +5341,28 @@ components: name: client_tls_policies_iam_policies title: Client_tls_policies_iam_policies methods: - projects_locations_client_tls_policies_set_iam_policy: + projects_locations_client_tls_policies_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clientTlsPolicies~1{clientTlsPoliciesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clientTlsPolicies~1{clientTlsPoliciesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_client_tls_policies_get_iam_policy: + projects_locations_client_tls_policies_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clientTlsPolicies~1{clientTlsPoliciesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clientTlsPolicies~1{clientTlsPoliciesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_client_tls_policies_test_iam_permissions: + projects_locations_client_tls_policies_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clientTlsPolicies~1{clientTlsPoliciesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1clientTlsPolicies~1{clientTlsPoliciesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- @@ -5339,369 +5373,360 @@ components: - $ref: >- #/components/x-stackQL-resources/client_tls_policies_iam_policies/methods/projects_locations_client_tls_policies_set_iam_policy delete: [] - gateway_security_policies: - id: google.networksecurity.gateway_security_policies - name: gateway_security_policies - title: Gateway_security_policies + url_lists: + id: google.networksecurity.url_lists + name: url_lists + title: Url_lists methods: - projects_locations_gateway_security_policies_list: + projects_locations_url_lists_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1urlLists/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.gatewaySecurityPolicies - projects_locations_gateway_security_policies_create: + objectKey: $.urlLists + projects_locations_url_lists_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1urlLists/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_gateway_security_policies_get: + projects_locations_url_lists_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies~1{gatewaySecurityPoliciesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1urlLists~1{urlListsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_gateway_security_policies_patch: + projects_locations_url_lists_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies~1{gatewaySecurityPoliciesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1urlLists~1{urlListsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_gateway_security_policies_delete: + projects_locations_url_lists_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies~1{gatewaySecurityPoliciesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1urlLists~1{urlListsId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/gateway_security_policies/methods/projects_locations_gateway_security_policies_get + #/components/x-stackQL-resources/url_lists/methods/projects_locations_url_lists_get - $ref: >- - #/components/x-stackQL-resources/gateway_security_policies/methods/projects_locations_gateway_security_policies_list + #/components/x-stackQL-resources/url_lists/methods/projects_locations_url_lists_list insert: - $ref: >- - #/components/x-stackQL-resources/gateway_security_policies/methods/projects_locations_gateway_security_policies_create + #/components/x-stackQL-resources/url_lists/methods/projects_locations_url_lists_create update: - $ref: >- - #/components/x-stackQL-resources/gateway_security_policies/methods/projects_locations_gateway_security_policies_patch + #/components/x-stackQL-resources/url_lists/methods/projects_locations_url_lists_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/gateway_security_policies/methods/projects_locations_gateway_security_policies_delete - rules: - id: google.networksecurity.rules - name: rules - title: Rules + #/components/x-stackQL-resources/url_lists/methods/projects_locations_url_lists_delete + backend_authentication_configs: + id: google.networksecurity.backend_authentication_configs + name: backend_authentication_configs + title: Backend_authentication_configs methods: - projects_locations_gateway_security_policies_rules_list: + projects_locations_backend_authentication_configs_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies~1{gatewaySecurityPoliciesId}~1rules/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backendAuthenticationConfigs~1{backendAuthenticationConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.gatewaySecurityPolicyRules - projects_locations_gateway_security_policies_rules_create: + projects_locations_backend_authentication_configs_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies~1{gatewaySecurityPoliciesId}~1rules/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backendAuthenticationConfigs~1{backendAuthenticationConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_gateway_security_policies_rules_get: + projects_locations_backend_authentication_configs_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies~1{gatewaySecurityPoliciesId}~1rules~1{rulesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backendAuthenticationConfigs~1{backendAuthenticationConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_gateway_security_policies_rules_patch: + projects_locations_backend_authentication_configs_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies~1{gatewaySecurityPoliciesId}~1rules~1{rulesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backendAuthenticationConfigs/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_gateway_security_policies_rules_delete: + objectKey: $.unreachable + projects_locations_backend_authentication_configs_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gatewaySecurityPolicies~1{gatewaySecurityPoliciesId}~1rules~1{rulesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1backendAuthenticationConfigs/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/rules/methods/projects_locations_gateway_security_policies_rules_get + #/components/x-stackQL-resources/backend_authentication_configs/methods/projects_locations_backend_authentication_configs_get - $ref: >- - #/components/x-stackQL-resources/rules/methods/projects_locations_gateway_security_policies_rules_list + #/components/x-stackQL-resources/backend_authentication_configs/methods/projects_locations_backend_authentication_configs_list insert: - $ref: >- - #/components/x-stackQL-resources/rules/methods/projects_locations_gateway_security_policies_rules_create + #/components/x-stackQL-resources/backend_authentication_configs/methods/projects_locations_backend_authentication_configs_create update: - $ref: >- - #/components/x-stackQL-resources/rules/methods/projects_locations_gateway_security_policies_rules_patch + #/components/x-stackQL-resources/backend_authentication_configs/methods/projects_locations_backend_authentication_configs_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/rules/methods/projects_locations_gateway_security_policies_rules_delete - url_lists: - id: google.networksecurity.url_lists - name: url_lists - title: Url_lists + #/components/x-stackQL-resources/backend_authentication_configs/methods/projects_locations_backend_authentication_configs_delete + intercept_endpoint_groups: + id: google.networksecurity.intercept_endpoint_groups + name: intercept_endpoint_groups + title: Intercept_endpoint_groups methods: - projects_locations_url_lists_list: + projects_locations_intercept_endpoint_groups_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1urlLists/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroups/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.urlLists - projects_locations_url_lists_create: + objectKey: $.interceptEndpointGroups + projects_locations_intercept_endpoint_groups_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1urlLists/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroups/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_url_lists_get: + projects_locations_intercept_endpoint_groups_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1urlLists~1{urlListsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroups~1{interceptEndpointGroupsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_url_lists_patch: + projects_locations_intercept_endpoint_groups_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1urlLists~1{urlListsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroups~1{interceptEndpointGroupsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_url_lists_delete: + projects_locations_intercept_endpoint_groups_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1urlLists~1{urlListsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1interceptEndpointGroups~1{interceptEndpointGroupsId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/url_lists/methods/projects_locations_url_lists_get + #/components/x-stackQL-resources/intercept_endpoint_groups/methods/projects_locations_intercept_endpoint_groups_get - $ref: >- - #/components/x-stackQL-resources/url_lists/methods/projects_locations_url_lists_list + #/components/x-stackQL-resources/intercept_endpoint_groups/methods/projects_locations_intercept_endpoint_groups_list insert: - $ref: >- - #/components/x-stackQL-resources/url_lists/methods/projects_locations_url_lists_create + #/components/x-stackQL-resources/intercept_endpoint_groups/methods/projects_locations_intercept_endpoint_groups_create update: - $ref: >- - #/components/x-stackQL-resources/url_lists/methods/projects_locations_url_lists_patch + #/components/x-stackQL-resources/intercept_endpoint_groups/methods/projects_locations_intercept_endpoint_groups_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/url_lists/methods/projects_locations_url_lists_delete - tls_inspection_policies: - id: google.networksecurity.tls_inspection_policies - name: tls_inspection_policies - title: Tls_inspection_policies + #/components/x-stackQL-resources/intercept_endpoint_groups/methods/projects_locations_intercept_endpoint_groups_delete + mirroring_endpoint_groups: + id: google.networksecurity.mirroring_endpoint_groups + name: mirroring_endpoint_groups + title: Mirroring_endpoint_groups methods: - projects_locations_tls_inspection_policies_list: + projects_locations_mirroring_endpoint_groups_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tlsInspectionPolicies/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroups~1{mirroringEndpointGroupsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tlsInspectionPolicies - projects_locations_tls_inspection_policies_create: + projects_locations_mirroring_endpoint_groups_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tlsInspectionPolicies/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroups~1{mirroringEndpointGroupsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_tls_inspection_policies_get: + projects_locations_mirroring_endpoint_groups_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tlsInspectionPolicies~1{tlsInspectionPoliciesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroups~1{mirroringEndpointGroupsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_tls_inspection_policies_patch: + projects_locations_mirroring_endpoint_groups_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tlsInspectionPolicies~1{tlsInspectionPoliciesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroups/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_tls_inspection_policies_delete: + objectKey: $.mirroringEndpointGroups + projects_locations_mirroring_endpoint_groups_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tlsInspectionPolicies~1{tlsInspectionPoliciesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1mirroringEndpointGroups/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/tls_inspection_policies/methods/projects_locations_tls_inspection_policies_get + #/components/x-stackQL-resources/mirroring_endpoint_groups/methods/projects_locations_mirroring_endpoint_groups_get - $ref: >- - #/components/x-stackQL-resources/tls_inspection_policies/methods/projects_locations_tls_inspection_policies_list + #/components/x-stackQL-resources/mirroring_endpoint_groups/methods/projects_locations_mirroring_endpoint_groups_list insert: - $ref: >- - #/components/x-stackQL-resources/tls_inspection_policies/methods/projects_locations_tls_inspection_policies_create + #/components/x-stackQL-resources/mirroring_endpoint_groups/methods/projects_locations_mirroring_endpoint_groups_create update: - $ref: >- - #/components/x-stackQL-resources/tls_inspection_policies/methods/projects_locations_tls_inspection_policies_patch + #/components/x-stackQL-resources/mirroring_endpoint_groups/methods/projects_locations_mirroring_endpoint_groups_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/tls_inspection_policies/methods/projects_locations_tls_inspection_policies_delete - authz_policies: - id: google.networksecurity.authz_policies - name: authz_policies - title: Authz_policies + #/components/x-stackQL-resources/mirroring_endpoint_groups/methods/projects_locations_mirroring_endpoint_groups_delete + tls_inspection_policies: + id: google.networksecurity.tls_inspection_policies + name: tls_inspection_policies + title: Tls_inspection_policies methods: - projects_locations_authz_policies_list: + projects_locations_tls_inspection_policies_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzPolicies/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tlsInspectionPolicies/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.authzPolicies - projects_locations_authz_policies_create: + objectKey: $.tlsInspectionPolicies + projects_locations_tls_inspection_policies_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzPolicies/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tlsInspectionPolicies/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_authz_policies_get: + projects_locations_tls_inspection_policies_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzPolicies~1{authzPoliciesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tlsInspectionPolicies~1{tlsInspectionPoliciesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_authz_policies_patch: + projects_locations_tls_inspection_policies_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzPolicies~1{authzPoliciesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tlsInspectionPolicies~1{tlsInspectionPoliciesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_authz_policies_delete: + projects_locations_tls_inspection_policies_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzPolicies~1{authzPoliciesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tlsInspectionPolicies~1{tlsInspectionPoliciesId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/authz_policies/methods/projects_locations_authz_policies_get + #/components/x-stackQL-resources/tls_inspection_policies/methods/projects_locations_tls_inspection_policies_get - $ref: >- - #/components/x-stackQL-resources/authz_policies/methods/projects_locations_authz_policies_list + #/components/x-stackQL-resources/tls_inspection_policies/methods/projects_locations_tls_inspection_policies_list insert: - $ref: >- - #/components/x-stackQL-resources/authz_policies/methods/projects_locations_authz_policies_create + #/components/x-stackQL-resources/tls_inspection_policies/methods/projects_locations_tls_inspection_policies_create update: - $ref: >- - #/components/x-stackQL-resources/authz_policies/methods/projects_locations_authz_policies_patch + #/components/x-stackQL-resources/tls_inspection_policies/methods/projects_locations_tls_inspection_policies_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/authz_policies/methods/projects_locations_authz_policies_delete - authz_policies_iam_policies: - id: google.networksecurity.authz_policies_iam_policies - name: authz_policies_iam_policies - title: Authz_policies_iam_policies + #/components/x-stackQL-resources/tls_inspection_policies/methods/projects_locations_tls_inspection_policies_delete + locations: + id: google.networksecurity.locations + name: locations + title: Locations methods: - projects_locations_authz_policies_set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzPolicies~1{authzPoliciesId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_authz_policies_get_iam_policy: + projects_locations_list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzPolicies~1{authzPoliciesId}:getIamPolicy/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - projects_locations_authz_policies_test_iam_permissions: + openAPIDocKey: '200' + objectKey: $.locations + projects_locations_get: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzPolicies~1{authzPoliciesId}:testIamPermissions/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/authz_policies_iam_policies/methods/projects_locations_authz_policies_get_iam_policy + #/components/x-stackQL-resources/locations/methods/projects_locations_get + - $ref: >- + #/components/x-stackQL-resources/locations/methods/projects_locations_list insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/authz_policies_iam_policies/methods/projects_locations_authz_policies_set_iam_policy + replace: [] delete: [] firewall_endpoints: id: google.networksecurity.firewall_endpoints name: firewall_endpoints title: Firewall_endpoints methods: - organizations_locations_firewall_endpoints_list: + organizations_locations_firewall_endpoints_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1firewallEndpoints/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1firewallEndpoints~1{firewallEndpointsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.firewallEndpoints - organizations_locations_firewall_endpoints_create: + organizations_locations_firewall_endpoints_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1firewallEndpoints/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1firewallEndpoints~1{firewallEndpointsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_firewall_endpoints_get: + organizations_locations_firewall_endpoints_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1firewallEndpoints~1{firewallEndpointsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1firewallEndpoints~1{firewallEndpointsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_firewall_endpoints_delete: + organizations_locations_firewall_endpoints_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1firewallEndpoints~1{firewallEndpointsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1firewallEndpoints/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_firewall_endpoints_patch: + organizations_locations_firewall_endpoints_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1firewallEndpoints~1{firewallEndpointsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1firewallEndpoints/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.firewallEndpoints sqlVerbs: select: - $ref: >- @@ -5723,18 +5748,17 @@ components: name: security_profile_groups title: Security_profile_groups methods: - organizations_locations_security_profile_groups_list: + organizations_locations_security_profile_groups_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1securityProfileGroups/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1securityProfileGroups~1{securityProfileGroupsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.securityProfileGroups - organizations_locations_security_profile_groups_create: + organizations_locations_security_profile_groups_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1securityProfileGroups/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1securityProfileGroups~1{securityProfileGroupsId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -5745,17 +5769,18 @@ components: response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_security_profile_groups_patch: + organizations_locations_security_profile_groups_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1securityProfileGroups~1{securityProfileGroupsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1securityProfileGroups/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_security_profile_groups_delete: + objectKey: $.securityProfileGroups + organizations_locations_security_profile_groups_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1securityProfileGroups~1{securityProfileGroupsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1securityProfileGroups/post response: mediaType: application/json openAPIDocKey: '200' @@ -5780,18 +5805,17 @@ components: name: security_profiles title: Security_profiles methods: - organizations_locations_security_profiles_list: + organizations_locations_security_profiles_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1securityProfiles/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1securityProfiles~1{securityProfilesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.securityProfiles - organizations_locations_security_profiles_create: + organizations_locations_security_profiles_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1securityProfiles/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1securityProfiles~1{securityProfilesId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -5802,20 +5826,21 @@ components: response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_security_profiles_patch: + organizations_locations_security_profiles_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1securityProfiles~1{securityProfilesId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1securityProfiles/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_security_profiles_delete: + organizations_locations_security_profiles_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1securityProfiles~1{securityProfilesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1securityProfiles/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.securityProfiles sqlVerbs: select: - $ref: >- @@ -5833,22 +5858,27 @@ components: - $ref: >- #/components/x-stackQL-resources/security_profiles/methods/organizations_locations_security_profiles_delete paths: - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}/mirroringDeployments/{mirroringDeploymentsId}: parameters: &ref_1 - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/_.xgafv' - get: - description: Lists information about the supported locations for this service. - operationId: networksecurity.projects.locations.list + - $ref: '#/components/parameters/alt' + patch: + description: Updates a deployment. See https://google.aip.dev/134. + operationId: networksecurity.projects.locations.mirroringDeployments.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/MirroringDeployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5860,35 +5890,70 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: mirroringDeploymentsId + required: true schema: type: string - in: query - name: pageSize + name: requestId schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a deployment. See https://google.aip.dev/135. + operationId: networksecurity.projects.locations.mirroringDeployments.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: mirroringDeploymentsId + required: true schema: type: string - in: query - name: extraLocationTypes + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 get: - description: Gets information about a location. - operationId: networksecurity.projects.locations.get + description: Gets a specific deployment. See https://google.aip.dev/131. + operationId: networksecurity.projects.locations.mirroringDeployments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5900,7 +5965,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/MirroringDeployment' parameters: - in: path name: projectsId @@ -5912,13 +5977,18 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + - in: path + name: mirroringDeploymentsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/mirroringDeployments: parameters: *ref_1 get: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: networksecurity.projects.locations.operations.list + Lists deployments in a given project and location. See + https://google.aip.dev/132. + operationId: networksecurity.projects.locations.mirroringDeployments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5930,7 +6000,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/ListMirroringDeploymentsResponse' parameters: - in: path name: projectsId @@ -5943,7 +6013,7 @@ paths: schema: type: string - in: query - name: filter + name: orderBy schema: type: string - in: query @@ -5955,14 +6025,20 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 - get: + - in: query + name: filter + schema: + type: string + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: networksecurity.projects.locations.operations.get + Creates a deployment in a given project and location. See + https://google.aip.dev/133. + operationId: networksecurity.projects.locations.mirroringDeployments.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/MirroringDeployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5986,18 +6062,25 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: mirroringDeploymentId schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: networksecurity.projects.locations.operations.delete + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroupAssociations/{mirroringEndpointGroupAssociationsId}: + parameters: *ref_1 + patch: + description: Updates an association. See https://google.aip.dev/134. + operationId: >- + networksecurity.projects.locations.mirroringEndpointGroupAssociations.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/MirroringEndpointGroupAssociation' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6009,7 +6092,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6022,29 +6105,23 @@ paths: schema: type: string - in: path - name: operationsId + name: mirroringEndpointGroupAssociationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: networksecurity.projects.locations.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: requestId + schema: + type: string + delete: + description: Deletes an association. See https://google.aip.dev/135. + operationId: >- + networksecurity.projects.locations.mirroringEndpointGroupAssociations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6056,7 +6133,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6069,15 +6146,18 @@ paths: schema: type: string - in: path - name: operationsId + name: mirroringEndpointGroupAssociationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/addressGroups: - parameters: *ref_1 + - in: query + name: requestId + schema: + type: string get: - description: Lists address groups in a given project and location. - operationId: networksecurity.projects.locations.addressGroups.list + description: Gets a specific association. See https://google.aip.dev/131. + operationId: >- + networksecurity.projects.locations.mirroringEndpointGroupAssociations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6089,7 +6169,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAddressGroupsResponse' + $ref: '#/components/schemas/MirroringEndpointGroupAssociation' parameters: - in: path name: projectsId @@ -6101,27 +6181,24 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: mirroringEndpointGroupAssociationsId + required: true schema: type: string - - in: query - name: returnPartialSuccess - schema: - type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroupAssociations: + parameters: *ref_1 post: - description: Creates a new address group in a given project and location. - operationId: networksecurity.projects.locations.addressGroups.create + description: >- + Creates an association in a given project and location. See + https://google.aip.dev/133. + operationId: >- + networksecurity.projects.locations.mirroringEndpointGroupAssociations.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/AddressGroup' + $ref: '#/components/schemas/MirroringEndpointGroupAssociation' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6146,18 +6223,19 @@ paths: schema: type: string - in: query - name: addressGroupId + name: mirroringEndpointGroupAssociationId schema: type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/addressGroups/{addressGroupsId}: - parameters: *ref_1 get: - description: Gets details of a single address group. - operationId: networksecurity.projects.locations.addressGroups.get + description: >- + Lists associations in a given project and location. See + https://google.aip.dev/132. + operationId: >- + networksecurity.projects.locations.mirroringEndpointGroupAssociations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6169,7 +6247,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AddressGroup' + $ref: >- + #/components/schemas/ListMirroringEndpointGroupAssociationsResponse parameters: - in: path name: projectsId @@ -6181,19 +6260,29 @@ paths: required: true schema: type: string - - in: path - name: addressGroupsId - required: true + - in: query + name: pageToken schema: type: string - patch: - description: Updates the parameters of a single address group. - operationId: networksecurity.projects.locations.addressGroups.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AddressGroup' + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/interceptEndpointGroupAssociations/{interceptEndpointGroupAssociationsId}: + parameters: *ref_1 + delete: + description: Deletes an association. See https://google.aip.dev/135. + operationId: >- + networksecurity.projects.locations.interceptEndpointGroupAssociations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6218,22 +6307,18 @@ paths: schema: type: string - in: path - name: addressGroupsId + name: interceptEndpointGroupAssociationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - in: query name: requestId schema: type: string - delete: - description: Deletes a single address group. - operationId: networksecurity.projects.locations.addressGroups.delete + get: + description: Gets a specific association. See https://google.aip.dev/131. + operationId: >- + networksecurity.projects.locations.interceptEndpointGroupAssociations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6245,7 +6330,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/InterceptEndpointGroupAssociation' parameters: - in: path name: projectsId @@ -6258,24 +6343,19 @@ paths: schema: type: string - in: path - name: addressGroupsId + name: interceptEndpointGroupAssociationsId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:addItems: - parameters: *ref_1 - post: - description: Adds items to an address group. - operationId: networksecurity.projects.locations.addressGroups.addItems + patch: + description: Updates an association. See https://google.aip.dev/134. + operationId: >- + networksecurity.projects.locations.interceptEndpointGroupAssociations.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/AddAddressGroupItemsRequest' + $ref: '#/components/schemas/InterceptEndpointGroupAssociation' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6300,20 +6380,32 @@ paths: schema: type: string - in: path - name: addressGroupsId + name: interceptEndpointGroupAssociationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:removeItems: + - in: query + name: requestId + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/interceptEndpointGroupAssociations: parameters: *ref_1 post: - description: Removes items from an address group. - operationId: networksecurity.projects.locations.addressGroups.removeItems + description: >- + Creates an association in a given project and location. See + https://google.aip.dev/133. + operationId: >- + networksecurity.projects.locations.interceptEndpointGroupAssociations.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/RemoveAddressGroupItemsRequest' + $ref: '#/components/schemas/InterceptEndpointGroupAssociation' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6337,21 +6429,20 @@ paths: required: true schema: type: string - - in: path - name: addressGroupsId - required: true + - in: query + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:cloneItems: - parameters: *ref_1 - post: - description: Clones items from one address group to another. - operationId: networksecurity.projects.locations.addressGroups.cloneItems - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CloneAddressGroupItemsRequest' + - in: query + name: interceptEndpointGroupAssociationId + schema: + type: string + get: + description: >- + Lists associations in a given project and location. See + https://google.aip.dev/132. + operationId: >- + networksecurity.projects.locations.interceptEndpointGroupAssociations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6363,7 +6454,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: >- + #/components/schemas/ListInterceptEndpointGroupAssociationsResponse parameters: - in: path name: projectsId @@ -6375,16 +6467,28 @@ paths: required: true schema: type: string - - in: path - name: addressGroupsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:listReferences: + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/mirroringDeploymentGroups/{mirroringDeploymentGroupsId}: parameters: *ref_1 - get: - description: Lists references of an address group. - operationId: networksecurity.projects.locations.addressGroups.listReferences + delete: + description: Deletes a deployment group. See https://google.aip.dev/135. + operationId: networksecurity.projects.locations.mirroringDeploymentGroups.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6396,7 +6500,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAddressGroupReferencesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6409,32 +6513,17 @@ paths: schema: type: string - in: path - name: addressGroupsId + name: mirroringDeploymentGroupsId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: networksecurity.projects.locations.addressGroups.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + get: + description: Gets a specific deployment group. See https://google.aip.dev/131. + operationId: networksecurity.projects.locations.mirroringDeploymentGroups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6446,7 +6535,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/MirroringDeploymentGroup' parameters: - in: path name: projectsId @@ -6459,17 +6548,18 @@ paths: schema: type: string - in: path - name: addressGroupsId + name: mirroringDeploymentGroupsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:getIamPolicy: - parameters: *ref_1 - get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: networksecurity.projects.locations.addressGroups.getIamPolicy + patch: + description: Updates a deployment group. See https://google.aip.dev/134. + operationId: networksecurity.projects.locations.mirroringDeploymentGroups.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/MirroringDeploymentGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6481,7 +6571,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6494,30 +6584,31 @@ paths: schema: type: string - in: path - name: addressGroupsId + name: mirroringDeploymentGroupsId required: true schema: type: string - in: query - name: options.requestedPolicyVersion + name: updateMask schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:testIamPermissions: + type: string + format: google-fieldmask + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/mirroringDeploymentGroups: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: networksecurity.projects.locations.addressGroups.testIamPermissions + Creates a deployment group in a given project and location. See + https://google.aip.dev/133. + operationId: networksecurity.projects.locations.mirroringDeploymentGroups.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' + $ref: '#/components/schemas/MirroringDeploymentGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6529,7 +6620,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6541,16 +6632,19 @@ paths: required: true schema: type: string - - in: path - name: addressGroupsId - required: true + - in: query + name: mirroringDeploymentGroupId + schema: + type: string + - in: query + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/firewallEndpointAssociations: - parameters: *ref_1 get: - description: Lists Associations in a given project and location. - operationId: networksecurity.projects.locations.firewallEndpointAssociations.list + description: >- + Lists deployment groups in a given project and location. See + https://google.aip.dev/132. + operationId: networksecurity.projects.locations.mirroringDeploymentGroups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6562,7 +6656,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListFirewallEndpointAssociationsResponse' + $ref: '#/components/schemas/ListMirroringDeploymentGroupsResponse' parameters: - in: path name: projectsId @@ -6574,6 +6668,10 @@ paths: required: true schema: type: string + - in: query + name: orderBy + schema: + type: string - in: query name: pageSize schema: @@ -6587,20 +6685,16 @@ paths: name: filter schema: type: string - - in: query - name: orderBy - schema: - type: string - post: - description: >- - Creates a new FirewallEndpointAssociation in a given project and - location. - operationId: networksecurity.projects.locations.firewallEndpointAssociations.create + /v1/projects/{projectsId}/locations/{locationsId}/interceptDeploymentGroups/{interceptDeploymentGroupsId}: + parameters: *ref_1 + patch: + description: Updates a deployment group. See https://google.aip.dev/134. + operationId: networksecurity.projects.locations.interceptDeploymentGroups.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/FirewallEndpointAssociation' + $ref: '#/components/schemas/InterceptDeploymentGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6624,19 +6718,23 @@ paths: required: true schema: type: string - - in: query - name: firewallEndpointAssociationId + - in: path + name: interceptDeploymentGroupsId + required: true schema: type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/firewallEndpointAssociations/{firewallEndpointAssociationsId}: - parameters: *ref_1 + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: Gets details of a single FirewallEndpointAssociation. - operationId: networksecurity.projects.locations.firewallEndpointAssociations.get + description: Gets a specific deployment group. See https://google.aip.dev/131. + operationId: networksecurity.projects.locations.interceptDeploymentGroups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6648,7 +6746,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FirewallEndpointAssociation' + $ref: '#/components/schemas/InterceptDeploymentGroup' parameters: - in: path name: projectsId @@ -6661,13 +6759,13 @@ paths: schema: type: string - in: path - name: firewallEndpointAssociationsId + name: interceptDeploymentGroupsId required: true schema: type: string delete: - description: Deletes a single FirewallEndpointAssociation. - operationId: networksecurity.projects.locations.firewallEndpointAssociations.delete + description: Deletes a deployment group. See https://google.aip.dev/135. + operationId: networksecurity.projects.locations.interceptDeploymentGroups.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6692,7 +6790,7 @@ paths: schema: type: string - in: path - name: firewallEndpointAssociationsId + name: interceptDeploymentGroupsId required: true schema: type: string @@ -6700,14 +6798,13 @@ paths: name: requestId schema: type: string - patch: - description: Update a single FirewallEndpointAssociation. - operationId: networksecurity.projects.locations.firewallEndpointAssociations.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/FirewallEndpointAssociation' + /v1/projects/{projectsId}/locations/{locationsId}/interceptDeploymentGroups: + parameters: *ref_1 + get: + description: >- + Lists deployment groups in a given project and location. See + https://google.aip.dev/132. + operationId: networksecurity.projects.locations.interceptDeploymentGroups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6719,7 +6816,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListInterceptDeploymentGroupsResponse' parameters: - in: path name: projectsId @@ -6731,27 +6828,33 @@ paths: required: true schema: type: string - - in: path - name: firewallEndpointAssociationsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: updateMask + name: orderBy schema: type: string - format: google-fieldmask - in: query - name: requestId + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/interceptEndpointGroups: - parameters: *ref_1 - get: + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: description: >- - Lists endpoint groups in a given project and location. See - https://google.aip.dev/132. - operationId: networksecurity.projects.locations.interceptEndpointGroups.list + Creates a deployment group in a given project and location. See + https://google.aip.dev/133. + operationId: networksecurity.projects.locations.interceptDeploymentGroups.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InterceptDeploymentGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6763,7 +6866,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInterceptEndpointGroupsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6776,32 +6879,18 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: interceptDeploymentGroupId schema: type: string - post: - description: >- - Creates an endpoint group in a given project and location. See - https://google.aip.dev/133. - operationId: networksecurity.projects.locations.interceptEndpointGroups.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InterceptEndpointGroup' + /v1/projects/{projectsId}/locations/{locationsId}/firewallEndpointAssociations: + parameters: *ref_1 + get: + description: Lists Associations in a given project and location. + operationId: networksecurity.projects.locations.firewallEndpointAssociations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6813,7 +6902,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListFirewallEndpointAssociationsResponse' parameters: - in: path name: projectsId @@ -6826,18 +6915,32 @@ paths: schema: type: string - in: query - name: interceptEndpointGroupId + name: pageToken schema: type: string - in: query - name: requestId + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/interceptEndpointGroups/{interceptEndpointGroupsId}: - parameters: *ref_1 - get: - description: Gets a specific endpoint group. See https://google.aip.dev/131. - operationId: networksecurity.projects.locations.interceptEndpointGroups.get + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: >- + Creates a new FirewallEndpointAssociation in a given project and + location. + operationId: networksecurity.projects.locations.firewallEndpointAssociations.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FirewallEndpointAssociation' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6849,7 +6952,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/InterceptEndpointGroup' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6861,19 +6964,24 @@ paths: required: true schema: type: string - - in: path - name: interceptEndpointGroupsId - required: true + - in: query + name: firewallEndpointAssociationId + schema: + type: string + - in: query + name: requestId schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/firewallEndpointAssociations/{firewallEndpointAssociationsId}: + parameters: *ref_1 patch: - description: Updates an endpoint group. See https://google.aip.dev/134. - operationId: networksecurity.projects.locations.interceptEndpointGroups.patch + description: Update a single FirewallEndpointAssociation. + operationId: networksecurity.projects.locations.firewallEndpointAssociations.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/InterceptEndpointGroup' + $ref: '#/components/schemas/FirewallEndpointAssociation' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6898,22 +7006,22 @@ paths: schema: type: string - in: path - name: interceptEndpointGroupsId + name: firewallEndpointAssociationsId required: true schema: type: string - in: query - name: updateMask + name: requestId schema: type: string - format: google-fieldmask - in: query - name: requestId + name: updateMask schema: type: string + format: google-fieldmask delete: - description: Deletes an endpoint group. See https://google.aip.dev/135. - operationId: networksecurity.projects.locations.interceptEndpointGroups.delete + description: Deletes a single FirewallEndpointAssociation. + operationId: networksecurity.projects.locations.firewallEndpointAssociations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6938,7 +7046,7 @@ paths: schema: type: string - in: path - name: interceptEndpointGroupsId + name: firewallEndpointAssociationsId required: true schema: type: string @@ -6946,14 +7054,9 @@ paths: name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/interceptEndpointGroupAssociations: - parameters: *ref_1 get: - description: >- - Lists associations in a given project and location. See - https://google.aip.dev/132. - operationId: >- - networksecurity.projects.locations.interceptEndpointGroupAssociations.list + description: Gets details of a single FirewallEndpointAssociation. + operationId: networksecurity.projects.locations.firewallEndpointAssociations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6965,8 +7068,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ListInterceptEndpointGroupAssociationsResponse + $ref: '#/components/schemas/FirewallEndpointAssociation' parameters: - in: path name: projectsId @@ -6978,34 +7080,21 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - post: - description: >- - Creates an association in a given project and location. See - https://google.aip.dev/133. - operationId: >- - networksecurity.projects.locations.interceptEndpointGroupAssociations.create + - in: path + name: firewallEndpointAssociationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}: + parameters: *ref_1 + patch: + description: Updates the parameters of a single ServerTlsPolicy. + operationId: networksecurity.projects.locations.serverTlsPolicies.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/InterceptEndpointGroupAssociation' + $ref: '#/components/schemas/ServerTlsPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7029,20 +7118,19 @@ paths: required: true schema: type: string - - in: query - name: interceptEndpointGroupAssociationId + - in: path + name: serverTlsPoliciesId + required: true schema: type: string - in: query - name: requestId + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/interceptEndpointGroupAssociations/{interceptEndpointGroupAssociationsId}: - parameters: *ref_1 - get: - description: Gets a specific association. See https://google.aip.dev/131. - operationId: >- - networksecurity.projects.locations.interceptEndpointGroupAssociations.get + format: google-fieldmask + delete: + description: Deletes a single ServerTlsPolicy. + operationId: networksecurity.projects.locations.serverTlsPolicies.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7054,7 +7142,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/InterceptEndpointGroupAssociation' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7067,19 +7155,13 @@ paths: schema: type: string - in: path - name: interceptEndpointGroupAssociationsId + name: serverTlsPoliciesId required: true schema: type: string - patch: - description: Updates an association. See https://google.aip.dev/134. - operationId: >- - networksecurity.projects.locations.interceptEndpointGroupAssociations.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InterceptEndpointGroupAssociation' + get: + description: Gets details of a single ServerTlsPolicy. + operationId: networksecurity.projects.locations.serverTlsPolicies.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7091,7 +7173,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ServerTlsPolicy' parameters: - in: path name: projectsId @@ -7104,23 +7186,20 @@ paths: schema: type: string - in: path - name: interceptEndpointGroupAssociationsId + name: serverTlsPoliciesId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId - schema: - type: string - delete: - description: Deletes an association. See https://google.aip.dev/135. - operationId: >- - networksecurity.projects.locations.interceptEndpointGroupAssociations.delete + /v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies: + parameters: *ref_1 + post: + description: Creates a new ServerTlsPolicy in a given project and location. + operationId: networksecurity.projects.locations.serverTlsPolicies.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ServerTlsPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7144,22 +7223,13 @@ paths: required: true schema: type: string - - in: path - name: interceptEndpointGroupAssociationsId - required: true - schema: - type: string - in: query - name: requestId + name: serverTlsPolicyId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/interceptDeploymentGroups: - parameters: *ref_1 get: - description: >- - Lists deployment groups in a given project and location. See - https://google.aip.dev/132. - operationId: networksecurity.projects.locations.interceptDeploymentGroups.list + description: Lists ServerTlsPolicies in a given project and location. + operationId: networksecurity.projects.locations.serverTlsPolicies.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7171,7 +7241,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInterceptDeploymentGroupsResponse' + $ref: '#/components/schemas/ListServerTlsPoliciesResponse' parameters: - in: path name: projectsId @@ -7189,27 +7259,26 @@ paths: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: returnPartialSuccess schema: - type: string + type: boolean - in: query - name: orderBy + name: pageToken schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}:setIamPolicy: + parameters: *ref_1 post: description: >- - Creates a deployment group in a given project and location. See - https://google.aip.dev/133. - operationId: networksecurity.projects.locations.interceptDeploymentGroups.create + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: networksecurity.projects.locations.serverTlsPolicies.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/InterceptDeploymentGroup' + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7221,7 +7290,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -7233,19 +7302,18 @@ paths: required: true schema: type: string - - in: query - name: interceptDeploymentGroupId - schema: - type: string - - in: query - name: requestId + - in: path + name: serverTlsPoliciesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/interceptDeploymentGroups/{interceptDeploymentGroupsId}: + /v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}:getIamPolicy: parameters: *ref_1 get: - description: Gets a specific deployment group. See https://google.aip.dev/131. - operationId: networksecurity.projects.locations.interceptDeploymentGroups.get + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: networksecurity.projects.locations.serverTlsPolicies.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7257,7 +7325,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/InterceptDeploymentGroup' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -7270,18 +7338,30 @@ paths: schema: type: string - in: path - name: interceptDeploymentGroupsId + name: serverTlsPoliciesId required: true schema: type: string - patch: - description: Updates a deployment group. See https://google.aip.dev/134. - operationId: networksecurity.projects.locations.interceptDeploymentGroups.patch + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: networksecurity.projects.locations.serverTlsPolicies.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/InterceptDeploymentGroup' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7293,7 +7373,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -7306,22 +7386,17 @@ paths: schema: type: string - in: path - name: interceptDeploymentGroupsId + name: serverTlsPoliciesId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId - schema: - type: string - delete: - description: Deletes a deployment group. See https://google.aip.dev/135. - operationId: networksecurity.projects.locations.interceptDeploymentGroups.delete + /v1/projects/{projectsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: networksecurity.projects.locations.addressGroups.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7333,7 +7408,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -7346,21 +7421,28 @@ paths: schema: type: string - in: path - name: interceptDeploymentGroupsId + name: addressGroupsId required: true schema: type: string - in: query - name: requestId + name: options.requestedPolicyVersion schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/interceptDeployments: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:setIamPolicy: parameters: *ref_1 - get: + post: description: >- - Lists deployments in a given project and location. See - https://google.aip.dev/132. - operationId: networksecurity.projects.locations.interceptDeployments.list + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: networksecurity.projects.locations.addressGroups.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7372,7 +7454,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInterceptDeploymentsResponse' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -7384,33 +7466,21 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: addressGroupsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/addressGroups: + parameters: *ref_1 post: - description: >- - Creates a deployment in a given project and location. See - https://google.aip.dev/133. - operationId: networksecurity.projects.locations.interceptDeployments.create + description: Creates a new address group in a given project and location. + operationId: networksecurity.projects.locations.addressGroups.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/InterceptDeployment' + $ref: '#/components/schemas/AddressGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7435,18 +7505,16 @@ paths: schema: type: string - in: query - name: interceptDeploymentId + name: addressGroupId schema: type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/interceptDeployments/{interceptDeploymentsId}: - parameters: *ref_1 get: - description: Gets a specific deployment. See https://google.aip.dev/131. - operationId: networksecurity.projects.locations.interceptDeployments.get + description: Lists address groups in a given project and location. + operationId: networksecurity.projects.locations.addressGroups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7458,7 +7526,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/InterceptDeployment' + $ref: '#/components/schemas/ListAddressGroupsResponse' parameters: - in: path name: projectsId @@ -7470,19 +7538,29 @@ paths: required: true schema: type: string - - in: path - name: interceptDeploymentsId - required: true + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken schema: type: string - patch: - description: Updates a deployment. See https://google.aip.dev/134. - operationId: networksecurity.projects.locations.interceptDeployments.patch + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:removeItems: + parameters: *ref_1 + post: + description: Removes items from an address group. + operationId: networksecurity.projects.locations.addressGroups.removeItems requestBody: content: application/json: schema: - $ref: '#/components/schemas/InterceptDeployment' + $ref: '#/components/schemas/RemoveAddressGroupItemsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7507,22 +7585,15 @@ paths: schema: type: string - in: path - name: interceptDeploymentsId + name: addressGroupsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId - schema: - type: string + /v1/projects/{projectsId}/locations/{locationsId}/addressGroups/{addressGroupsId}: + parameters: *ref_1 delete: - description: Deletes a deployment. See https://google.aip.dev/135. - operationId: networksecurity.projects.locations.interceptDeployments.delete + description: Deletes a single address group. + operationId: networksecurity.projects.locations.addressGroups.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7547,7 +7618,7 @@ paths: schema: type: string - in: path - name: interceptDeploymentsId + name: addressGroupsId required: true schema: type: string @@ -7555,13 +7626,9 @@ paths: name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroups: - parameters: *ref_1 get: - description: >- - Lists endpoint groups in a given project and location. See - https://google.aip.dev/132. - operationId: networksecurity.projects.locations.mirroringEndpointGroups.list + description: Gets details of a single address group. + operationId: networksecurity.projects.locations.addressGroups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7573,7 +7640,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListMirroringEndpointGroupsResponse' + $ref: '#/components/schemas/AddressGroup' parameters: - in: path name: projectsId @@ -7585,33 +7652,19 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: addressGroupsId + required: true schema: type: string - post: - description: >- - Creates an endpoint group in a given project and location. See - https://google.aip.dev/133. - operationId: networksecurity.projects.locations.mirroringEndpointGroups.create + patch: + description: Updates the parameters of a single address group. + operationId: networksecurity.projects.locations.addressGroups.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/MirroringEndpointGroup' + $ref: '#/components/schemas/AddressGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7635,19 +7688,30 @@ paths: required: true schema: type: string - - in: query - name: mirroringEndpointGroupId + - in: path + name: addressGroupsId + required: true schema: type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroups/{mirroringEndpointGroupsId}: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:cloneItems: parameters: *ref_1 - get: - description: Gets a specific endpoint group. See https://google.aip.dev/131. - operationId: networksecurity.projects.locations.mirroringEndpointGroups.get + post: + description: Clones items from one address group to another. + operationId: networksecurity.projects.locations.addressGroups.cloneItems + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CloneAddressGroupItemsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7659,7 +7723,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/MirroringEndpointGroup' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7672,18 +7736,20 @@ paths: schema: type: string - in: path - name: mirroringEndpointGroupsId + name: addressGroupsId required: true schema: type: string - patch: - description: Updates an endpoint group. See https://google.aip.dev/134. - operationId: networksecurity.projects.locations.mirroringEndpointGroups.patch + /v1/projects/{projectsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:addItems: + parameters: *ref_1 + post: + description: Adds items to an address group. + operationId: networksecurity.projects.locations.addressGroups.addItems requestBody: content: application/json: schema: - $ref: '#/components/schemas/MirroringEndpointGroup' + $ref: '#/components/schemas/AddAddressGroupItemsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7708,22 +7774,25 @@ paths: schema: type: string - in: path - name: mirroringEndpointGroupsId + name: addressGroupsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId - schema: - type: string - delete: - description: Deletes an endpoint group. See https://google.aip.dev/135. - operationId: networksecurity.projects.locations.mirroringEndpointGroups.delete + /v1/projects/{projectsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: networksecurity.projects.locations.addressGroups.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7735,7 +7804,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -7748,22 +7817,15 @@ paths: schema: type: string - in: path - name: mirroringEndpointGroupsId + name: addressGroupsId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroupAssociations: + /v1/projects/{projectsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:listReferences: parameters: *ref_1 get: - description: >- - Lists associations in a given project and location. See - https://google.aip.dev/132. - operationId: >- - networksecurity.projects.locations.mirroringEndpointGroupAssociations.list + description: Lists references of an address group. + operationId: networksecurity.projects.locations.addressGroups.listReferences security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7775,8 +7837,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ListMirroringEndpointGroupAssociationsResponse + $ref: '#/components/schemas/ListAddressGroupReferencesResponse' parameters: - in: path name: projectsId @@ -7788,71 +7849,25 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - post: - description: >- - Creates an association in a given project and location. See - https://google.aip.dev/133. - operationId: >- - networksecurity.projects.locations.mirroringEndpointGroupAssociations.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/MirroringEndpointGroupAssociation' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - in: path - name: locationsId + name: addressGroupsId required: true schema: type: string - in: query - name: mirroringEndpointGroupAssociationId + name: pageToken schema: type: string - in: query - name: requestId + name: pageSize schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroupAssociations/{mirroringEndpointGroupAssociationsId}: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/gatewaySecurityPolicies/{gatewaySecurityPoliciesId}: parameters: *ref_1 - get: - description: Gets a specific association. See https://google.aip.dev/131. - operationId: >- - networksecurity.projects.locations.mirroringEndpointGroupAssociations.get + delete: + description: Deletes a single GatewaySecurityPolicy. + operationId: networksecurity.projects.locations.gatewaySecurityPolicies.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7864,7 +7879,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/MirroringEndpointGroupAssociation' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7877,19 +7892,18 @@ paths: schema: type: string - in: path - name: mirroringEndpointGroupAssociationsId + name: gatewaySecurityPoliciesId required: true schema: type: string patch: - description: Updates an association. See https://google.aip.dev/134. - operationId: >- - networksecurity.projects.locations.mirroringEndpointGroupAssociations.patch + description: Updates the parameters of a single GatewaySecurityPolicy. + operationId: networksecurity.projects.locations.gatewaySecurityPolicies.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/MirroringEndpointGroupAssociation' + $ref: '#/components/schemas/GatewaySecurityPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7914,7 +7928,7 @@ paths: schema: type: string - in: path - name: mirroringEndpointGroupAssociationsId + name: gatewaySecurityPoliciesId required: true schema: type: string @@ -7923,14 +7937,9 @@ paths: schema: type: string format: google-fieldmask - - in: query - name: requestId - schema: - type: string - delete: - description: Deletes an association. See https://google.aip.dev/135. - operationId: >- - networksecurity.projects.locations.mirroringEndpointGroupAssociations.delete + get: + description: Gets details of a single GatewaySecurityPolicy. + operationId: networksecurity.projects.locations.gatewaySecurityPolicies.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7942,7 +7951,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/GatewaySecurityPolicy' parameters: - in: path name: projectsId @@ -7955,21 +7964,15 @@ paths: schema: type: string - in: path - name: mirroringEndpointGroupAssociationsId + name: gatewaySecurityPoliciesId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/mirroringDeploymentGroups: + /v1/projects/{projectsId}/locations/{locationsId}/gatewaySecurityPolicies: parameters: *ref_1 get: - description: >- - Lists deployment groups in a given project and location. See - https://google.aip.dev/132. - operationId: networksecurity.projects.locations.mirroringDeploymentGroups.list + description: Lists GatewaySecurityPolicies in a given project and location. + operationId: networksecurity.projects.locations.gatewaySecurityPolicies.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7981,7 +7984,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListMirroringDeploymentGroupsResponse' + $ref: '#/components/schemas/ListGatewaySecurityPoliciesResponse' parameters: - in: path name: projectsId @@ -7993,33 +7996,60 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken + post: + description: Creates a new GatewaySecurityPolicy in a given project and location. + operationId: networksecurity.projects.locations.gatewaySecurityPolicies.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GatewaySecurityPolicy' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true schema: type: string - - in: query - name: filter + - in: path + name: locationsId + required: true schema: type: string - in: query - name: orderBy + name: gatewaySecurityPolicyId schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/gatewaySecurityPolicies/{gatewaySecurityPoliciesId}/rules: + parameters: *ref_1 post: - description: >- - Creates a deployment group in a given project and location. See - https://google.aip.dev/133. - operationId: networksecurity.projects.locations.mirroringDeploymentGroups.create + description: Creates a new GatewaySecurityPolicy in a given project and location. + operationId: networksecurity.projects.locations.gatewaySecurityPolicies.rules.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/MirroringDeploymentGroup' + $ref: '#/components/schemas/GatewaySecurityPolicyRule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8043,19 +8073,18 @@ paths: required: true schema: type: string - - in: query - name: mirroringDeploymentGroupId + - in: path + name: gatewaySecurityPoliciesId + required: true schema: type: string - in: query - name: requestId + name: gatewaySecurityPolicyRuleId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/mirroringDeploymentGroups/{mirroringDeploymentGroupsId}: - parameters: *ref_1 get: - description: Gets a specific deployment group. See https://google.aip.dev/131. - operationId: networksecurity.projects.locations.mirroringDeploymentGroups.get + description: Lists GatewaySecurityPolicyRules in a given project and location. + operationId: networksecurity.projects.locations.gatewaySecurityPolicies.rules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8067,7 +8096,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/MirroringDeploymentGroup' + $ref: '#/components/schemas/ListGatewaySecurityPolicyRulesResponse' parameters: - in: path name: projectsId @@ -8080,18 +8109,24 @@ paths: schema: type: string - in: path - name: mirroringDeploymentGroupsId + name: gatewaySecurityPoliciesId required: true schema: type: string - patch: - description: Updates a deployment group. See https://google.aip.dev/134. - operationId: networksecurity.projects.locations.mirroringDeploymentGroups.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/MirroringDeploymentGroup' + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/gatewaySecurityPolicies/{gatewaySecurityPoliciesId}/rules/{rulesId}: + parameters: *ref_1 + get: + description: Gets details of a single GatewaySecurityPolicyRule. + operationId: networksecurity.projects.locations.gatewaySecurityPolicies.rules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8103,7 +8138,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/GatewaySecurityPolicyRule' parameters: - in: path name: projectsId @@ -8116,22 +8151,18 @@ paths: schema: type: string - in: path - name: mirroringDeploymentGroupsId + name: gatewaySecurityPoliciesId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId + - in: path + name: rulesId + required: true schema: type: string delete: - description: Deletes a deployment group. See https://google.aip.dev/135. - operationId: networksecurity.projects.locations.mirroringDeploymentGroups.delete + description: Deletes a single GatewaySecurityPolicyRule. + operationId: networksecurity.projects.locations.gatewaySecurityPolicies.rules.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8156,21 +8187,23 @@ paths: schema: type: string - in: path - name: mirroringDeploymentGroupsId + name: gatewaySecurityPoliciesId required: true schema: type: string - - in: query - name: requestId + - in: path + name: rulesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/mirroringDeployments: - parameters: *ref_1 - get: - description: >- - Lists deployments in a given project and location. See - https://google.aip.dev/132. - operationId: networksecurity.projects.locations.mirroringDeployments.list + patch: + description: Updates the parameters of a single GatewaySecurityPolicyRule. + operationId: networksecurity.projects.locations.gatewaySecurityPolicies.rules.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GatewaySecurityPolicyRule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8182,7 +8215,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListMirroringDeploymentsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -8194,33 +8227,26 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: gatewaySecurityPoliciesId + required: true schema: type: string - - in: query - name: filter + - in: path + name: rulesId + required: true schema: type: string - in: query - name: orderBy + name: updateMask schema: type: string - post: - description: >- - Creates a deployment in a given project and location. See - https://google.aip.dev/133. - operationId: networksecurity.projects.locations.mirroringDeployments.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/MirroringDeployment' + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/interceptDeployments/{interceptDeploymentsId}: + parameters: *ref_1 + delete: + description: Deletes a deployment. See https://google.aip.dev/135. + operationId: networksecurity.projects.locations.interceptDeployments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8244,19 +8270,18 @@ paths: required: true schema: type: string - - in: query - name: mirroringDeploymentId + - in: path + name: interceptDeploymentsId + required: true schema: type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/mirroringDeployments/{mirroringDeploymentsId}: - parameters: *ref_1 get: description: Gets a specific deployment. See https://google.aip.dev/131. - operationId: networksecurity.projects.locations.mirroringDeployments.get + operationId: networksecurity.projects.locations.interceptDeployments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8268,7 +8293,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/MirroringDeployment' + $ref: '#/components/schemas/InterceptDeployment' parameters: - in: path name: projectsId @@ -8281,18 +8306,18 @@ paths: schema: type: string - in: path - name: mirroringDeploymentsId + name: interceptDeploymentsId required: true schema: type: string patch: description: Updates a deployment. See https://google.aip.dev/134. - operationId: networksecurity.projects.locations.mirroringDeployments.patch + operationId: networksecurity.projects.locations.interceptDeployments.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/MirroringDeployment' + $ref: '#/components/schemas/InterceptDeployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8317,7 +8342,7 @@ paths: schema: type: string - in: path - name: mirroringDeploymentsId + name: interceptDeploymentsId required: true schema: type: string @@ -8330,9 +8355,18 @@ paths: name: requestId schema: type: string - delete: - description: Deletes a deployment. See https://google.aip.dev/135. - operationId: networksecurity.projects.locations.mirroringDeployments.delete + /v1/projects/{projectsId}/locations/{locationsId}/interceptDeployments: + parameters: *ref_1 + post: + description: >- + Creates a deployment in a given project and location. See + https://google.aip.dev/133. + operationId: networksecurity.projects.locations.interceptDeployments.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InterceptDeployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8356,20 +8390,19 @@ paths: required: true schema: type: string - - in: path - name: mirroringDeploymentsId - required: true + - in: query + name: interceptDeploymentId schema: type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizationPolicies: - parameters: *ref_1 get: - description: Lists AuthorizationPolicies in a given project and location. - operationId: networksecurity.projects.locations.authorizationPolicies.list + description: >- + Lists deployments in a given project and location. See + https://google.aip.dev/132. + operationId: networksecurity.projects.locations.interceptDeployments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8381,7 +8414,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAuthorizationPoliciesResponse' + $ref: '#/components/schemas/ListInterceptDeploymentsResponse' parameters: - in: path name: projectsId @@ -8399,49 +8432,22 @@ paths: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - post: - description: Creates a new AuthorizationPolicy in a given project and location. - operationId: networksecurity.projects.locations.authorizationPolicies.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AuthorizationPolicy' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true + name: filter schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: orderBy schema: type: string - in: query - name: authorizationPolicyId + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizationPolicies/{authorizationPoliciesId}: + /v1/projects/{projectsId}/locations/{locationsId}/authzPolicies/{authzPoliciesId}: parameters: *ref_1 - get: - description: Gets details of a single AuthorizationPolicy. - operationId: networksecurity.projects.locations.authorizationPolicies.get + delete: + description: Deletes a single AuthzPolicy. + operationId: networksecurity.projects.locations.authzPolicies.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8453,7 +8459,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AuthorizationPolicy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -8466,18 +8472,22 @@ paths: schema: type: string - in: path - name: authorizationPoliciesId + name: authzPoliciesId required: true schema: type: string + - in: query + name: requestId + schema: + type: string patch: - description: Updates the parameters of a single AuthorizationPolicy. - operationId: networksecurity.projects.locations.authorizationPolicies.patch + description: Updates the parameters of a single AuthzPolicy. + operationId: networksecurity.projects.locations.authzPolicies.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/AuthorizationPolicy' + $ref: '#/components/schemas/AuthzPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8502,18 +8512,22 @@ paths: schema: type: string - in: path - name: authorizationPoliciesId + name: authzPoliciesId required: true schema: type: string + - in: query + name: requestId + schema: + type: string - in: query name: updateMask schema: type: string format: google-fieldmask - delete: - description: Deletes a single AuthorizationPolicy. - operationId: networksecurity.projects.locations.authorizationPolicies.delete + get: + description: Gets details of a single AuthzPolicy. + operationId: networksecurity.projects.locations.authzPolicies.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8525,7 +8539,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/AuthzPolicy' parameters: - in: path name: projectsId @@ -8538,23 +8552,17 @@ paths: schema: type: string - in: path - name: authorizationPoliciesId + name: authzPoliciesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizationPolicies/{authorizationPoliciesId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/authzPolicies/{authzPoliciesId}:getIamPolicy: parameters: *ref_1 - post: + get: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: networksecurity.projects.locations.authorizationPolicies.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: networksecurity.projects.locations.authzPolicies.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8579,17 +8587,28 @@ paths: schema: type: string - in: path - name: authorizationPoliciesId + name: authzPoliciesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authorizationPolicies/{authorizationPoliciesId}:getIamPolicy: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/authzPolicies/{authzPoliciesId}:setIamPolicy: parameters: *ref_1 - get: + post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: networksecurity.projects.locations.authorizationPolicies.getIamPolicy + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: networksecurity.projects.locations.authzPolicies.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8614,16 +8633,11 @@ paths: schema: type: string - in: path - name: authorizationPoliciesId + name: authzPoliciesId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/authorizationPolicies/{authorizationPoliciesId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/authzPolicies/{authzPoliciesId}:testIamPermissions: parameters: *ref_1 post: description: >- @@ -8632,8 +8646,7 @@ paths: not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. - operationId: >- - networksecurity.projects.locations.authorizationPolicies.testIamPermissions + operationId: networksecurity.projects.locations.authzPolicies.testIamPermissions requestBody: content: application/json: @@ -8663,15 +8676,15 @@ paths: schema: type: string - in: path - name: authorizationPoliciesId + name: authzPoliciesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/backendAuthenticationConfigs: + /v1/projects/{projectsId}/locations/{locationsId}/authzPolicies: parameters: *ref_1 get: - description: Lists BackendAuthenticationConfigs in a given project and location. - operationId: networksecurity.projects.locations.backendAuthenticationConfigs.list + description: Lists AuthzPolicies in a given project and location. + operationId: networksecurity.projects.locations.authzPolicies.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8683,7 +8696,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBackendAuthenticationConfigsResponse' + $ref: '#/components/schemas/ListAuthzPoliciesResponse' parameters: - in: path name: projectsId @@ -8700,20 +8713,26 @@ paths: schema: type: integer format: int32 + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string - in: query name: pageToken schema: type: string post: - description: >- - Creates a new BackendAuthenticationConfig in a given project and - location. - operationId: networksecurity.projects.locations.backendAuthenticationConfigs.create + description: Creates a new AuthzPolicy in a given project and location. + operationId: networksecurity.projects.locations.authzPolicies.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/BackendAuthenticationConfig' + $ref: '#/components/schemas/AuthzPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8738,16 +8757,32 @@ paths: schema: type: string - in: query - name: backendAuthenticationConfigId + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/backendAuthenticationConfigs/{backendAuthenticationConfigsId}: + - in: query + name: authzPolicyId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Gets details of a single BackendAuthenticationConfig to - BackendAuthenticationConfig. - operationId: networksecurity.projects.locations.backendAuthenticationConfigs.get + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: networksecurity.projects.locations.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8759,7 +8794,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BackendAuthenticationConfig' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -8772,20 +8807,17 @@ paths: schema: type: string - in: path - name: backendAuthenticationConfigsId + name: operationsId required: true schema: type: string - patch: + /v1/projects/{projectsId}/locations/{locationsId}/operations: + parameters: *ref_1 + get: description: >- - Updates the parameters of a single BackendAuthenticationConfig to - BackendAuthenticationConfig. - operationId: networksecurity.projects.locations.backendAuthenticationConfigs.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BackendAuthenticationConfig' + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: networksecurity.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8797,7 +8829,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -8809,21 +8841,32 @@ paths: required: true schema: type: string - - in: path - name: backendAuthenticationConfigsId - required: true + - in: query + name: filter schema: type: string - in: query - name: updateMask + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 delete: description: >- - Deletes a single BackendAuthenticationConfig to - BackendAuthenticationConfig. - operationId: networksecurity.projects.locations.backendAuthenticationConfigs.delete + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: networksecurity.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8835,7 +8878,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -8848,19 +8891,49 @@ paths: schema: type: string - in: path - name: backendAuthenticationConfigsId + name: operationsId required: true schema: type: string - - in: query - name: etag + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: networksecurity.projects.locations.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies: + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/authorizationPolicies: parameters: *ref_1 get: - description: Lists ServerTlsPolicies in a given project and location. - operationId: networksecurity.projects.locations.serverTlsPolicies.list + description: Lists AuthorizationPolicies in a given project and location. + operationId: networksecurity.projects.locations.authorizationPolicies.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8872,7 +8945,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListServerTlsPoliciesResponse' + $ref: '#/components/schemas/ListAuthorizationPoliciesResponse' parameters: - in: path name: projectsId @@ -8884,27 +8957,23 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: type: string - in: query - name: returnPartialSuccess + name: pageSize schema: - type: boolean + type: integer + format: int32 post: - description: Creates a new ServerTlsPolicy in a given project and location. - operationId: networksecurity.projects.locations.serverTlsPolicies.create + description: Creates a new AuthorizationPolicy in a given project and location. + operationId: networksecurity.projects.locations.authorizationPolicies.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/ServerTlsPolicy' + $ref: '#/components/schemas/AuthorizationPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8929,14 +8998,19 @@ paths: schema: type: string - in: query - name: serverTlsPolicyId + name: authorizationPolicyId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}: + /v1/projects/{projectsId}/locations/{locationsId}/authorizationPolicies/{authorizationPoliciesId}: parameters: *ref_1 - get: - description: Gets details of a single ServerTlsPolicy. - operationId: networksecurity.projects.locations.serverTlsPolicies.get + patch: + description: Updates the parameters of a single AuthorizationPolicy. + operationId: networksecurity.projects.locations.authorizationPolicies.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthorizationPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8948,7 +9022,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ServerTlsPolicy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -8961,18 +9035,18 @@ paths: schema: type: string - in: path - name: serverTlsPoliciesId + name: authorizationPoliciesId required: true schema: type: string - patch: - description: Updates the parameters of a single ServerTlsPolicy. - operationId: networksecurity.projects.locations.serverTlsPolicies.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ServerTlsPolicy' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets details of a single AuthorizationPolicy. + operationId: networksecurity.projects.locations.authorizationPolicies.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8984,7 +9058,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/AuthorizationPolicy' parameters: - in: path name: projectsId @@ -8997,18 +9071,13 @@ paths: schema: type: string - in: path - name: serverTlsPoliciesId + name: authorizationPoliciesId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask delete: - description: Deletes a single ServerTlsPolicy. - operationId: networksecurity.projects.locations.serverTlsPolicies.delete + description: Deletes a single AuthorizationPolicy. + operationId: networksecurity.projects.locations.authorizationPolicies.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9033,18 +9102,18 @@ paths: schema: type: string - in: path - name: serverTlsPoliciesId + name: authorizationPoliciesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/authorizationPolicies/{authorizationPoliciesId}:setIamPolicy: parameters: *ref_1 post: description: >- Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. - operationId: networksecurity.projects.locations.serverTlsPolicies.setIamPolicy + operationId: networksecurity.projects.locations.authorizationPolicies.setIamPolicy requestBody: content: application/json: @@ -9074,17 +9143,17 @@ paths: schema: type: string - in: path - name: serverTlsPoliciesId + name: authorizationPoliciesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/authorizationPolicies/{authorizationPoliciesId}:getIamPolicy: parameters: *ref_1 get: description: >- Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. - operationId: networksecurity.projects.locations.serverTlsPolicies.getIamPolicy + operationId: networksecurity.projects.locations.authorizationPolicies.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9109,7 +9178,7 @@ paths: schema: type: string - in: path - name: serverTlsPoliciesId + name: authorizationPoliciesId required: true schema: type: string @@ -9118,7 +9187,7 @@ paths: schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/serverTlsPolicies/{serverTlsPoliciesId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/authorizationPolicies/{authorizationPoliciesId}:testIamPermissions: parameters: *ref_1 post: description: >- @@ -9127,7 +9196,8 @@ paths: not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. - operationId: networksecurity.projects.locations.serverTlsPolicies.testIamPermissions + operationId: >- + networksecurity.projects.locations.authorizationPolicies.testIamPermissions requestBody: content: application/json: @@ -9157,47 +9227,12 @@ paths: schema: type: string - in: path - name: serverTlsPoliciesId + name: authorizationPoliciesId required: true schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/clientTlsPolicies: parameters: *ref_1 - get: - description: Lists ClientTlsPolicies in a given project and location. - operationId: networksecurity.projects.locations.clientTlsPolicies.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListClientTlsPoliciesResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string post: description: Creates a new ClientTlsPolicy in a given project and location. operationId: networksecurity.projects.locations.clientTlsPolicies.create @@ -9233,47 +9268,9 @@ paths: name: clientTlsPolicyId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clientTlsPolicies/{clientTlsPoliciesId}: - parameters: *ref_1 get: - description: Gets details of a single ClientTlsPolicy. - operationId: networksecurity.projects.locations.clientTlsPolicies.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ClientTlsPolicy' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: clientTlsPoliciesId - required: true - schema: - type: string - patch: - description: Updates the parameters of a single ClientTlsPolicy. - operationId: networksecurity.projects.locations.clientTlsPolicies.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ClientTlsPolicy' + description: Lists ClientTlsPolicies in a given project and location. + operationId: networksecurity.projects.locations.clientTlsPolicies.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9285,7 +9282,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListClientTlsPoliciesResponse' parameters: - in: path name: projectsId @@ -9297,16 +9294,17 @@ paths: required: true schema: type: string - - in: path - name: clientTlsPoliciesId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: updateMask + name: pageSize schema: - type: string - format: google-fieldmask + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/clientTlsPolicies/{clientTlsPoliciesId}: + parameters: *ref_1 delete: description: Deletes a single ClientTlsPolicy. operationId: networksecurity.projects.locations.clientTlsPolicies.delete @@ -9338,19 +9336,9 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clientTlsPolicies/{clientTlsPoliciesId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: networksecurity.projects.locations.clientTlsPolicies.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + get: + description: Gets details of a single ClientTlsPolicy. + operationId: networksecurity.projects.locations.clientTlsPolicies.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9362,7 +9350,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/ClientTlsPolicy' parameters: - in: path name: projectsId @@ -9379,13 +9367,14 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/clientTlsPolicies/{clientTlsPoliciesId}:getIamPolicy: - parameters: *ref_1 - get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: networksecurity.projects.locations.clientTlsPolicies.getIamPolicy + patch: + description: Updates the parameters of a single ClientTlsPolicy. + operationId: networksecurity.projects.locations.clientTlsPolicies.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ClientTlsPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9397,7 +9386,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9415,10 +9404,10 @@ paths: schema: type: string - in: query - name: options.requestedPolicyVersion + name: updateMask schema: - type: integer - format: int32 + type: string + format: google-fieldmask /v1/projects/{projectsId}/locations/{locationsId}/clientTlsPolicies/{clientTlsPoliciesId}:testIamPermissions: parameters: *ref_1 post: @@ -9462,11 +9451,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/gatewaySecurityPolicies: + /v1/projects/{projectsId}/locations/{locationsId}/clientTlsPolicies/{clientTlsPoliciesId}:setIamPolicy: parameters: *ref_1 - get: - description: Lists GatewaySecurityPolicies in a given project and location. - operationId: networksecurity.projects.locations.gatewaySecurityPolicies.list + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: networksecurity.projects.locations.clientTlsPolicies.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9478,7 +9475,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListGatewaySecurityPoliciesResponse' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -9490,23 +9487,18 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: clientTlsPoliciesId + required: true schema: type: string - post: - description: Creates a new GatewaySecurityPolicy in a given project and location. - operationId: networksecurity.projects.locations.gatewaySecurityPolicies.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GatewaySecurityPolicy' + /v1/projects/{projectsId}/locations/{locationsId}/clientTlsPolicies/{clientTlsPoliciesId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: networksecurity.projects.locations.clientTlsPolicies.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9518,7 +9510,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -9530,15 +9522,21 @@ paths: required: true schema: type: string - - in: query - name: gatewaySecurityPolicyId + - in: path + name: clientTlsPoliciesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/gatewaySecurityPolicies/{gatewaySecurityPoliciesId}: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/urlLists: parameters: *ref_1 get: - description: Gets details of a single GatewaySecurityPolicy. - operationId: networksecurity.projects.locations.gatewaySecurityPolicies.get + description: Lists UrlLists in a given project and location. + operationId: networksecurity.projects.locations.urlLists.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9550,7 +9548,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GatewaySecurityPolicy' + $ref: '#/components/schemas/ListUrlListsResponse' parameters: - in: path name: projectsId @@ -9562,19 +9560,23 @@ paths: required: true schema: type: string - - in: path - name: gatewaySecurityPoliciesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - patch: - description: Updates the parameters of a single GatewaySecurityPolicy. - operationId: networksecurity.projects.locations.gatewaySecurityPolicies.patch + post: + description: Creates a new UrlList in a given project and location. + operationId: networksecurity.projects.locations.urlLists.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GatewaySecurityPolicy' + $ref: '#/components/schemas/UrlList' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9598,19 +9600,15 @@ paths: required: true schema: type: string - - in: path - name: gatewaySecurityPoliciesId - required: true - schema: - type: string - in: query - name: updateMask + name: urlListId schema: type: string - format: google-fieldmask - delete: - description: Deletes a single GatewaySecurityPolicy. - operationId: networksecurity.projects.locations.gatewaySecurityPolicies.delete + /v1/projects/{projectsId}/locations/{locationsId}/urlLists/{urlListsId}: + parameters: *ref_1 + get: + description: Gets details of a single UrlList. + operationId: networksecurity.projects.locations.urlLists.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9622,7 +9620,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/UrlList' parameters: - in: path name: projectsId @@ -9635,15 +9633,18 @@ paths: schema: type: string - in: path - name: gatewaySecurityPoliciesId + name: urlListsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/gatewaySecurityPolicies/{gatewaySecurityPoliciesId}/rules: - parameters: *ref_1 - get: - description: Lists GatewaySecurityPolicyRules in a given project and location. - operationId: networksecurity.projects.locations.gatewaySecurityPolicies.rules.list + patch: + description: Updates the parameters of a single UrlList. + operationId: networksecurity.projects.locations.urlLists.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UrlList' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9655,7 +9656,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListGatewaySecurityPolicyRulesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9668,27 +9669,18 @@ paths: schema: type: string - in: path - name: gatewaySecurityPoliciesId + name: urlListsId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: updateMask schema: type: string - post: - description: Creates a new GatewaySecurityPolicy in a given project and location. - operationId: networksecurity.projects.locations.gatewaySecurityPolicies.rules.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GatewaySecurityPolicyRule' + format: google-fieldmask + delete: + description: Deletes a single UrlList. + operationId: networksecurity.projects.locations.urlLists.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9713,19 +9705,17 @@ paths: schema: type: string - in: path - name: gatewaySecurityPoliciesId + name: urlListsId required: true schema: type: string - - in: query - name: gatewaySecurityPolicyRuleId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/gatewaySecurityPolicies/{gatewaySecurityPoliciesId}/rules/{rulesId}: + /v1/projects/{projectsId}/locations/{locationsId}/backendAuthenticationConfigs/{backendAuthenticationConfigsId}: parameters: *ref_1 - get: - description: Gets details of a single GatewaySecurityPolicyRule. - operationId: networksecurity.projects.locations.gatewaySecurityPolicies.rules.get + delete: + description: >- + Deletes a single BackendAuthenticationConfig to + BackendAuthenticationConfig. + operationId: networksecurity.projects.locations.backendAuthenticationConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9737,7 +9727,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GatewaySecurityPolicyRule' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9750,23 +9740,24 @@ paths: schema: type: string - in: path - name: gatewaySecurityPoliciesId + name: backendAuthenticationConfigsId required: true schema: type: string - - in: path - name: rulesId - required: true + - in: query + name: etag schema: type: string patch: - description: Updates the parameters of a single GatewaySecurityPolicyRule. - operationId: networksecurity.projects.locations.gatewaySecurityPolicies.rules.patch + description: >- + Updates the parameters of a single BackendAuthenticationConfig to + BackendAuthenticationConfig. + operationId: networksecurity.projects.locations.backendAuthenticationConfigs.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GatewaySecurityPolicyRule' + $ref: '#/components/schemas/BackendAuthenticationConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9791,12 +9782,7 @@ paths: schema: type: string - in: path - name: gatewaySecurityPoliciesId - required: true - schema: - type: string - - in: path - name: rulesId + name: backendAuthenticationConfigsId required: true schema: type: string @@ -9805,9 +9791,11 @@ paths: schema: type: string format: google-fieldmask - delete: - description: Deletes a single GatewaySecurityPolicyRule. - operationId: networksecurity.projects.locations.gatewaySecurityPolicies.rules.delete + get: + description: >- + Gets details of a single BackendAuthenticationConfig to + BackendAuthenticationConfig. + operationId: networksecurity.projects.locations.backendAuthenticationConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9819,7 +9807,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/BackendAuthenticationConfig' parameters: - in: path name: projectsId @@ -9832,20 +9820,15 @@ paths: schema: type: string - in: path - name: gatewaySecurityPoliciesId - required: true - schema: - type: string - - in: path - name: rulesId + name: backendAuthenticationConfigsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/urlLists: + /v1/projects/{projectsId}/locations/{locationsId}/backendAuthenticationConfigs: parameters: *ref_1 get: - description: Lists UrlLists in a given project and location. - operationId: networksecurity.projects.locations.urlLists.list + description: Lists BackendAuthenticationConfigs in a given project and location. + operationId: networksecurity.projects.locations.backendAuthenticationConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9857,7 +9840,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListUrlListsResponse' + $ref: '#/components/schemas/ListBackendAuthenticationConfigsResponse' parameters: - in: path name: projectsId @@ -9869,23 +9852,25 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string post: - description: Creates a new UrlList in a given project and location. - operationId: networksecurity.projects.locations.urlLists.create + description: >- + Creates a new BackendAuthenticationConfig in a given project and + location. + operationId: networksecurity.projects.locations.backendAuthenticationConfigs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/UrlList' + $ref: '#/components/schemas/BackendAuthenticationConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9910,14 +9895,16 @@ paths: schema: type: string - in: query - name: urlListId + name: backendAuthenticationConfigId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/urlLists/{urlListsId}: + /v1/projects/{projectsId}/locations/{locationsId}/interceptEndpointGroups: parameters: *ref_1 get: - description: Gets details of a single UrlList. - operationId: networksecurity.projects.locations.urlLists.get + description: >- + Lists endpoint groups in a given project and location. See + https://google.aip.dev/132. + operationId: networksecurity.projects.locations.interceptEndpointGroups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9929,7 +9916,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UrlList' + $ref: '#/components/schemas/ListInterceptEndpointGroupsResponse' parameters: - in: path name: projectsId @@ -9941,19 +9928,33 @@ paths: required: true schema: type: string - - in: path - name: urlListsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - patch: - description: Updates the parameters of a single UrlList. - operationId: networksecurity.projects.locations.urlLists.patch + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + post: + description: >- + Creates an endpoint group in a given project and location. See + https://google.aip.dev/133. + operationId: networksecurity.projects.locations.interceptEndpointGroups.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/UrlList' + $ref: '#/components/schemas/InterceptEndpointGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9977,19 +9978,19 @@ paths: required: true schema: type: string - - in: path - name: urlListsId - required: true + - in: query + name: requestId schema: type: string - in: query - name: updateMask + name: interceptEndpointGroupId schema: type: string - format: google-fieldmask - delete: - description: Deletes a single UrlList. - operationId: networksecurity.projects.locations.urlLists.delete + /v1/projects/{projectsId}/locations/{locationsId}/interceptEndpointGroups/{interceptEndpointGroupsId}: + parameters: *ref_1 + get: + description: Gets a specific endpoint group. See https://google.aip.dev/131. + operationId: networksecurity.projects.locations.interceptEndpointGroups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10001,7 +10002,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/InterceptEndpointGroup' parameters: - in: path name: projectsId @@ -10014,15 +10015,18 @@ paths: schema: type: string - in: path - name: urlListsId + name: interceptEndpointGroupsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tlsInspectionPolicies: - parameters: *ref_1 - get: - description: Lists TlsInspectionPolicies in a given project and location. - operationId: networksecurity.projects.locations.tlsInspectionPolicies.list + patch: + description: Updates an endpoint group. See https://google.aip.dev/134. + operationId: networksecurity.projects.locations.interceptEndpointGroups.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InterceptEndpointGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10034,7 +10038,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTlsInspectionPoliciesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -10046,23 +10050,23 @@ paths: required: true schema: type: string + - in: path + name: interceptEndpointGroupsId + required: true + schema: + type: string - in: query - name: pageSize + name: requestId schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: updateMask schema: type: string - post: - description: Creates a new TlsInspectionPolicy in a given project and location. - operationId: networksecurity.projects.locations.tlsInspectionPolicies.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TlsInspectionPolicy' + format: google-fieldmask + delete: + description: Deletes an endpoint group. See https://google.aip.dev/135. + operationId: networksecurity.projects.locations.interceptEndpointGroups.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10086,15 +10090,25 @@ paths: required: true schema: type: string + - in: path + name: interceptEndpointGroupsId + required: true + schema: + type: string - in: query - name: tlsInspectionPolicyId + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tlsInspectionPolicies/{tlsInspectionPoliciesId}: + /v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroups/{mirroringEndpointGroupsId}: parameters: *ref_1 - get: - description: Gets details of a single TlsInspectionPolicy. - operationId: networksecurity.projects.locations.tlsInspectionPolicies.get + patch: + description: Updates an endpoint group. See https://google.aip.dev/134. + operationId: networksecurity.projects.locations.mirroringEndpointGroups.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/MirroringEndpointGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10106,7 +10120,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TlsInspectionPolicy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -10119,18 +10133,22 @@ paths: schema: type: string - in: path - name: tlsInspectionPoliciesId + name: mirroringEndpointGroupsId required: true schema: type: string - patch: - description: Updates the parameters of a single TlsInspectionPolicy. - operationId: networksecurity.projects.locations.tlsInspectionPolicies.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TlsInspectionPolicy' + - in: query + name: requestId + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets a specific endpoint group. See https://google.aip.dev/131. + operationId: networksecurity.projects.locations.mirroringEndpointGroups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10142,7 +10160,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/MirroringEndpointGroup' parameters: - in: path name: projectsId @@ -10155,18 +10173,13 @@ paths: schema: type: string - in: path - name: tlsInspectionPoliciesId + name: mirroringEndpointGroupsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask delete: - description: Deletes a single TlsInspectionPolicy. - operationId: networksecurity.projects.locations.tlsInspectionPolicies.delete + description: Deletes an endpoint group. See https://google.aip.dev/135. + operationId: networksecurity.projects.locations.mirroringEndpointGroups.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10191,19 +10204,21 @@ paths: schema: type: string - in: path - name: tlsInspectionPoliciesId + name: mirroringEndpointGroupsId required: true schema: type: string - in: query - name: force + name: requestId schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/authzPolicies: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/mirroringEndpointGroups: parameters: *ref_1 get: - description: Lists AuthzPolicies in a given project and location. - operationId: networksecurity.projects.locations.authzPolicies.list + description: >- + Lists endpoint groups in a given project and location. See + https://google.aip.dev/132. + operationId: networksecurity.projects.locations.mirroringEndpointGroups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10215,7 +10230,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAuthzPoliciesResponse' + $ref: '#/components/schemas/ListMirroringEndpointGroupsResponse' parameters: - in: path name: projectsId @@ -10227,31 +10242,33 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: orderBy schema: type: string - in: query name: filter schema: type: string - - in: query - name: orderBy - schema: - type: string post: - description: Creates a new AuthzPolicy in a given project and location. - operationId: networksecurity.projects.locations.authzPolicies.create + description: >- + Creates an endpoint group in a given project and location. See + https://google.aip.dev/133. + operationId: networksecurity.projects.locations.mirroringEndpointGroups.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/AuthzPolicy' + $ref: '#/components/schemas/MirroringEndpointGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10276,18 +10293,18 @@ paths: schema: type: string - in: query - name: authzPolicyId + name: mirroringEndpointGroupId schema: type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authzPolicies/{authzPoliciesId}: + /v1/projects/{projectsId}/locations/{locationsId}/tlsInspectionPolicies: parameters: *ref_1 get: - description: Gets details of a single AuthzPolicy. - operationId: networksecurity.projects.locations.authzPolicies.get + description: Lists TlsInspectionPolicies in a given project and location. + operationId: networksecurity.projects.locations.tlsInspectionPolicies.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10299,7 +10316,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AuthzPolicy' + $ref: '#/components/schemas/ListTlsInspectionPoliciesResponse' parameters: - in: path name: projectsId @@ -10311,19 +10328,23 @@ paths: required: true schema: type: string - - in: path - name: authzPoliciesId - required: true + - in: query + name: pageToken schema: type: string - patch: - description: Updates the parameters of a single AuthzPolicy. - operationId: networksecurity.projects.locations.authzPolicies.patch + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a new TlsInspectionPolicy in a given project and location. + operationId: networksecurity.projects.locations.tlsInspectionPolicies.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/AuthzPolicy' + $ref: '#/components/schemas/TlsInspectionPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10347,23 +10368,15 @@ paths: required: true schema: type: string - - in: path - name: authzPoliciesId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - in: query - name: requestId + name: tlsInspectionPolicyId schema: type: string - delete: - description: Deletes a single AuthzPolicy. - operationId: networksecurity.projects.locations.authzPolicies.delete + /v1/projects/{projectsId}/locations/{locationsId}/tlsInspectionPolicies/{tlsInspectionPoliciesId}: + parameters: *ref_1 + get: + description: Gets details of a single TlsInspectionPolicy. + operationId: networksecurity.projects.locations.tlsInspectionPolicies.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10375,7 +10388,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TlsInspectionPolicy' parameters: - in: path name: projectsId @@ -10388,27 +10401,18 @@ paths: schema: type: string - in: path - name: authzPoliciesId + name: tlsInspectionPoliciesId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/authzPolicies/{authzPoliciesId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: networksecurity.projects.locations.authzPolicies.setIamPolicy + patch: + description: Updates the parameters of a single TlsInspectionPolicy. + operationId: networksecurity.projects.locations.tlsInspectionPolicies.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + $ref: '#/components/schemas/TlsInspectionPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10420,7 +10424,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -10433,17 +10437,18 @@ paths: schema: type: string - in: path - name: authzPoliciesId + name: tlsInspectionPoliciesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authzPolicies/{authzPoliciesId}:getIamPolicy: - parameters: *ref_1 - get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: networksecurity.projects.locations.authzPolicies.getIamPolicy + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a single TlsInspectionPolicy. + operationId: networksecurity.projects.locations.tlsInspectionPolicies.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10455,7 +10460,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -10468,30 +10473,19 @@ paths: schema: type: string - in: path - name: authzPoliciesId + name: tlsInspectionPoliciesId required: true schema: type: string - in: query - name: options.requestedPolicyVersion + name: force schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/authzPolicies/{authzPoliciesId}:testIamPermissions: + type: boolean + /v1/projects/{projectsId}/locations: parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: networksecurity.projects.locations.authzPolicies.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' + get: + description: Lists information about the supported locations for this service. + operationId: networksecurity.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10503,30 +10497,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: extraLocationTypes schema: type: string - - in: path - name: authzPoliciesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/operations: + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: networksecurity.organizations.locations.operations.list + description: Gets information about a location. + operationId: networksecurity.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10538,10 +10537,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Location' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -10550,27 +10549,11 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: networksecurity.organizations.locations.operations.get + /v1/organizations/{organizationsId}/locations/{locationsId}/firewallEndpoints/{firewallEndpointsId}: + parameters: *ref_1 + delete: + description: Deletes a single Endpoint. + operationId: networksecurity.organizations.locations.firewallEndpoints.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10595,17 +10578,17 @@ paths: schema: type: string - in: path - name: operationsId + name: firewallEndpointsId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: networksecurity.organizations.locations.operations.delete + - in: query + name: requestId + schema: + type: string + get: + description: Gets details of a single Endpoint. + operationId: networksecurity.organizations.locations.firewallEndpoints.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10617,7 +10600,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/FirewallEndpoint' parameters: - in: path name: organizationsId @@ -10630,29 +10613,18 @@ paths: schema: type: string - in: path - name: operationsId + name: firewallEndpointsId required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: networksecurity.organizations.locations.operations.cancel + patch: + description: Update a single Endpoint. + operationId: networksecurity.organizations.locations.firewallEndpoints.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/FirewallEndpoint' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10664,7 +10636,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: organizationsId @@ -10677,15 +10649,29 @@ paths: schema: type: string - in: path - name: operationsId + name: firewallEndpointsId required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/addressGroups: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: requestId + schema: + type: string + /v1/organizations/{organizationsId}/locations/{locationsId}/firewallEndpoints: parameters: *ref_1 - get: - description: Lists address groups in a given project and location. - operationId: networksecurity.organizations.locations.addressGroups.list + post: + description: Creates a new FirewallEndpoint in a given project and location. + operationId: networksecurity.organizations.locations.firewallEndpoints.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FirewallEndpoint' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10697,7 +10683,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAddressGroupsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: organizationsId @@ -10710,26 +10696,16 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: requestId schema: type: string - in: query - name: returnPartialSuccess + name: firewallEndpointId schema: - type: boolean - post: - description: Creates a new address group in a given project and location. - operationId: networksecurity.organizations.locations.addressGroups.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AddressGroup' + type: string + get: + description: Lists FirewallEndpoints in a given project and location. + operationId: networksecurity.organizations.locations.firewallEndpoints.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10741,7 +10717,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListFirewallEndpointsResponse' parameters: - in: path name: organizationsId @@ -10754,18 +10730,29 @@ paths: schema: type: string - in: query - name: addressGroupId + name: orderBy schema: type: string - in: query - name: requestId + name: pageToken schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/addressGroups/{addressGroupsId}: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/organizations/{organizationsId}/locations/{locationsId}/operations: parameters: *ref_1 get: - description: Gets details of a single address group. - operationId: networksecurity.organizations.locations.addressGroups.get + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: networksecurity.organizations.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10777,7 +10764,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AddressGroup' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: organizationsId @@ -10789,19 +10776,31 @@ paths: required: true schema: type: string - - in: path - name: addressGroupsId - required: true + - in: query + name: pageToken schema: type: string - patch: - description: Updates parameters of an address group. - operationId: networksecurity.organizations.locations.addressGroups.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AddressGroup' + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: networksecurity.organizations.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10826,22 +10825,17 @@ paths: schema: type: string - in: path - name: addressGroupsId + name: operationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId - schema: - type: string delete: - description: Deletes an address group. - operationId: networksecurity.organizations.locations.addressGroups.delete + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: networksecurity.organizations.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10853,7 +10847,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: organizationsId @@ -10866,24 +10860,29 @@ paths: schema: type: string - in: path - name: addressGroupsId + name: operationsId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:addItems: + /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: - description: Adds items to an address group. - operationId: networksecurity.organizations.locations.addressGroups.addItems + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: networksecurity.organizations.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/AddAddressGroupItemsRequest' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10895,7 +10894,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: organizationsId @@ -10908,20 +10907,15 @@ paths: schema: type: string - in: path - name: addressGroupsId + name: operationsId required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:removeItems: + /v1/organizations/{organizationsId}/locations/{locationsId}/securityProfileGroups/{securityProfileGroupsId}: parameters: *ref_1 - post: - description: Removes items from an address group. - operationId: networksecurity.organizations.locations.addressGroups.removeItems - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RemoveAddressGroupItemsRequest' + delete: + description: Deletes a single SecurityProfileGroup. + operationId: networksecurity.organizations.locations.securityProfileGroups.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10946,20 +10940,22 @@ paths: schema: type: string - in: path - name: addressGroupsId + name: securityProfileGroupsId required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:cloneItems: - parameters: *ref_1 - post: - description: Clones items from one address group to another. - operationId: networksecurity.organizations.locations.addressGroups.cloneItems + - in: query + name: etag + schema: + type: string + patch: + description: Updates the parameters of a single SecurityProfileGroup. + operationId: networksecurity.organizations.locations.securityProfileGroups.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/CloneAddressGroupItemsRequest' + $ref: '#/components/schemas/SecurityProfileGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10984,15 +10980,18 @@ paths: schema: type: string - in: path - name: addressGroupsId + name: securityProfileGroupsId required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:listReferences: - parameters: *ref_1 + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: Lists references of an address group. - operationId: networksecurity.organizations.locations.addressGroups.listReferences + description: Gets details of a single SecurityProfileGroup. + operationId: networksecurity.organizations.locations.securityProfileGroups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11004,7 +11003,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAddressGroupReferencesResponse' + $ref: '#/components/schemas/SecurityProfileGroup' parameters: - in: path name: organizationsId @@ -11017,24 +11016,15 @@ paths: schema: type: string - in: path - name: addressGroupsId + name: securityProfileGroupsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/firewallEndpoints: + /v1/organizations/{organizationsId}/locations/{locationsId}/securityProfileGroups: parameters: *ref_1 get: - description: Lists FirewallEndpoints in a given project and location. - operationId: networksecurity.organizations.locations.firewallEndpoints.list + description: Lists SecurityProfileGroups in a given organization and location. + operationId: networksecurity.organizations.locations.securityProfileGroups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11046,7 +11036,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListFirewallEndpointsResponse' + $ref: '#/components/schemas/ListSecurityProfileGroupsResponse' parameters: - in: path name: organizationsId @@ -11067,22 +11057,14 @@ paths: name: pageToken schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string post: - description: Creates a new FirewallEndpoint in a given project and location. - operationId: networksecurity.organizations.locations.firewallEndpoints.create + description: Creates a new SecurityProfileGroup in a given organization and location. + operationId: networksecurity.organizations.locations.securityProfileGroups.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/FirewallEndpoint' + $ref: '#/components/schemas/SecurityProfileGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11107,18 +11089,19 @@ paths: schema: type: string - in: query - name: firewallEndpointId - schema: - type: string - - in: query - name: requestId + name: securityProfileGroupId schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/firewallEndpoints/{firewallEndpointsId}: + /v1/organizations/{organizationsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:cloneItems: parameters: *ref_1 - get: - description: Gets details of a single Endpoint. - operationId: networksecurity.organizations.locations.firewallEndpoints.get + post: + description: Clones items from one address group to another. + operationId: networksecurity.organizations.locations.addressGroups.cloneItems + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CloneAddressGroupItemsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11130,7 +11113,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FirewallEndpoint' + $ref: '#/components/schemas/Operation' parameters: - in: path name: organizationsId @@ -11143,13 +11126,15 @@ paths: schema: type: string - in: path - name: firewallEndpointsId + name: addressGroupsId required: true schema: type: string + /v1/organizations/{organizationsId}/locations/{locationsId}/addressGroups/{addressGroupsId}: + parameters: *ref_1 delete: - description: Deletes a single Endpoint. - operationId: networksecurity.organizations.locations.firewallEndpoints.delete + description: Deletes an address group. + operationId: networksecurity.organizations.locations.addressGroups.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11174,7 +11159,7 @@ paths: schema: type: string - in: path - name: firewallEndpointsId + name: addressGroupsId required: true schema: type: string @@ -11183,13 +11168,13 @@ paths: schema: type: string patch: - description: Update a single Endpoint. - operationId: networksecurity.organizations.locations.firewallEndpoints.patch + description: Updates parameters of an address group. + operationId: networksecurity.organizations.locations.addressGroups.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/FirewallEndpoint' + $ref: '#/components/schemas/AddressGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11214,7 +11199,7 @@ paths: schema: type: string - in: path - name: firewallEndpointsId + name: addressGroupsId required: true schema: type: string @@ -11227,11 +11212,9 @@ paths: name: requestId schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/securityProfileGroups: - parameters: *ref_1 get: - description: Lists SecurityProfileGroups in a given organization and location. - operationId: networksecurity.organizations.locations.securityProfileGroups.list + description: Gets details of a single address group. + operationId: networksecurity.organizations.locations.addressGroups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11243,7 +11226,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSecurityProfileGroupsResponse' + $ref: '#/components/schemas/AddressGroup' parameters: - in: path name: organizationsId @@ -11255,23 +11238,21 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: addressGroupsId + required: true schema: type: string + /v1/organizations/{organizationsId}/locations/{locationsId}/addressGroups: + parameters: *ref_1 post: - description: Creates a new SecurityProfileGroup in a given organization and location. - operationId: networksecurity.organizations.locations.securityProfileGroups.create + description: Creates a new address group in a given project and location. + operationId: networksecurity.organizations.locations.addressGroups.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SecurityProfileGroup' + $ref: '#/components/schemas/AddressGroup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11296,14 +11277,57 @@ paths: schema: type: string - in: query - name: securityProfileGroupId + name: addressGroupId schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/securityProfileGroups/{securityProfileGroupsId}: + - in: query + name: requestId + schema: + type: string + get: + description: Lists address groups in a given project and location. + operationId: networksecurity.organizations.locations.addressGroups.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListAddressGroupsResponse' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/organizations/{organizationsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:listReferences: parameters: *ref_1 get: - description: Gets details of a single SecurityProfileGroup. - operationId: networksecurity.organizations.locations.securityProfileGroups.get + description: Lists references of an address group. + operationId: networksecurity.organizations.locations.addressGroups.listReferences security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11315,7 +11339,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SecurityProfileGroup' + $ref: '#/components/schemas/ListAddressGroupReferencesResponse' parameters: - in: path name: organizationsId @@ -11328,18 +11352,29 @@ paths: schema: type: string - in: path - name: securityProfileGroupsId + name: addressGroupsId required: true schema: type: string - patch: - description: Updates the parameters of a single SecurityProfileGroup. - operationId: networksecurity.organizations.locations.securityProfileGroups.patch + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/organizations/{organizationsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:removeItems: + parameters: *ref_1 + post: + description: Removes items from an address group. + operationId: networksecurity.organizations.locations.addressGroups.removeItems requestBody: content: application/json: schema: - $ref: '#/components/schemas/SecurityProfileGroup' + $ref: '#/components/schemas/RemoveAddressGroupItemsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11364,18 +11399,20 @@ paths: schema: type: string - in: path - name: securityProfileGroupsId + name: addressGroupsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a single SecurityProfileGroup. - operationId: networksecurity.organizations.locations.securityProfileGroups.delete + /v1/organizations/{organizationsId}/locations/{locationsId}/addressGroups/{addressGroupsId}:addItems: + parameters: *ref_1 + post: + description: Adds items to an address group. + operationId: networksecurity.organizations.locations.addressGroups.addItems + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AddAddressGroupItemsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11400,19 +11437,15 @@ paths: schema: type: string - in: path - name: securityProfileGroupsId + name: addressGroupsId required: true schema: type: string - - in: query - name: etag - schema: - type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/securityProfiles: + /v1/organizations/{organizationsId}/locations/{locationsId}/securityProfiles/{securityProfilesId}: parameters: *ref_1 - get: - description: Lists SecurityProfiles in a given organization and location. - operationId: networksecurity.organizations.locations.securityProfiles.list + delete: + description: Deletes a single SecurityProfile. + operationId: networksecurity.organizations.locations.securityProfiles.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11424,7 +11457,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSecurityProfilesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: organizationsId @@ -11436,18 +11469,18 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: securityProfilesId + required: true schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: etag schema: type: string - post: - description: Creates a new SecurityProfile in a given organization and location. - operationId: networksecurity.organizations.locations.securityProfiles.create + patch: + description: Updates the parameters of a single SecurityProfile. + operationId: networksecurity.organizations.locations.securityProfiles.patch requestBody: content: application/json: @@ -11476,12 +11509,16 @@ paths: required: true schema: type: string + - in: path + name: securityProfilesId + required: true + schema: + type: string - in: query - name: securityProfileId + name: updateMask schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/securityProfiles/{securityProfilesId}: - parameters: *ref_1 + format: google-fieldmask get: description: Gets details of a single SecurityProfile. operationId: networksecurity.organizations.locations.securityProfiles.get @@ -11513,9 +11550,11 @@ paths: required: true schema: type: string - patch: - description: Updates the parameters of a single SecurityProfile. - operationId: networksecurity.organizations.locations.securityProfiles.patch + /v1/organizations/{organizationsId}/locations/{locationsId}/securityProfiles: + parameters: *ref_1 + post: + description: Creates a new SecurityProfile in a given organization and location. + operationId: networksecurity.organizations.locations.securityProfiles.create requestBody: content: application/json: @@ -11544,19 +11583,13 @@ paths: required: true schema: type: string - - in: path - name: securityProfilesId - required: true - schema: - type: string - in: query - name: updateMask + name: securityProfileId schema: type: string - format: google-fieldmask - delete: - description: Deletes a single SecurityProfile. - operationId: networksecurity.organizations.locations.securityProfiles.delete + get: + description: Lists SecurityProfiles in a given organization and location. + operationId: networksecurity.organizations.locations.securityProfiles.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11568,7 +11601,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListSecurityProfilesResponse' parameters: - in: path name: organizationsId @@ -11580,12 +11613,12 @@ paths: required: true schema: type: string - - in: path - name: securityProfilesId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: etag + name: pageToken schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/networkservices.yaml b/providers/src/googleapis.com/v00.00.00000/services/networkservices.yaml index 07b79b9a..91151225 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/networkservices.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/networkservices.yaml @@ -7,8 +7,8 @@ info: title: Network Services API description: '' version: v1 - x-discovery-doc-revision: '20250730' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251105' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/networking servers: @@ -34,455 +34,487 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + Mesh: type: object - properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object + Mesh represents a logical configuration grouping for workload to + workload communication within a service mesh. Routes that point to mesh + dictate how requests are routed within this logical mesh boundary. properties: - name: + selfLink: + description: Output only. Server-defined URL of this resource + readOnly: true + type: string + description: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + Optional. A free-text description of the resource. Max length 1024 + characters. type: string - metadata: + interceptionPort: + format: int32 + type: integer description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. + Optional. If set to a valid TCP port (1-65535), instructs the + SIDECAR proxy to listen on the specified port of localhost + (127.0.0.1) address. The SIDECAR proxy will expect all traffic to be + redirected to this port regardless of its actual ip:port + destination. If unset, a port '15001' is used as the interception + port. This is applicable only for sidecar proxy deployments. + labels: + description: Optional. Set of label tags associated with the Mesh resource. type: object additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + type: string + updateTime: + description: Output only. The timestamp when the resource was updated. + readOnly: true + format: google-datetime + type: string + name: description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. + Identifier. Name of the Mesh resource. It matches pattern + `projects/*/locations/*/meshes/`. + type: string + createTime: + description: Output only. The timestamp when the resource was created. + format: google-datetime + type: string + readOnly: true + envoyHeaders: + enumDescriptions: + - Defaults to NONE. + - Suppress envoy debug headers. + - >- + Envoy will insert default internal debug headers into upstream + requests: x-envoy-attempt-count x-envoy-is-timeout-retry + x-envoy-expected-rq-timeout-ms x-envoy-original-path + x-envoy-upstream-stream-duration-ms + description: >- + Optional. Determines if envoy will insert internal debug headers + into upstream requests. Other Envoy headers may still be injected. + By default, envoy will not insert any debug headers. + type: string + enum: + - ENVOY_HEADERS_UNSPECIFIED + - NONE + - DEBUG_HEADERS + id: Mesh + HttpRouteHeaderMatch: + description: Specifies how to select a route rule based on HTTP request headers. + properties: + regexMatch: + description: >- + The value of the header must match the regular expression specified + in regex_match. For regular expression grammar, please see: + https://github.com/google/re2/wiki/Syntax + type: string + invertMatch: type: boolean - error: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + If specified, the match result will be inverted before checking. + Default value is set to false. + exactMatch: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + The value of the header should match exactly the content of + exact_match. + type: string + suffixMatch: + description: The value of the header must end with the contents of suffix_match. + type: string + presentMatch: + description: >- + A header with header_name must exist. The match takes place whether + or not the header has a value. + type: boolean + prefixMatch: + description: >- + The value of the header must start with the contents of + prefix_match. + type: string + rangeMatch: + $ref: '#/components/schemas/HttpRouteHeaderMatchIntegerRange' + description: >- + If specified, the rule will match if the request header value is + within the range. + header: + type: string + description: The name of the HTTP header to match against. + id: HttpRouteHeaderMatch type: object + HttpRouteHeaderMatchIntegerRange: properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. + end: + format: int32 + description: End of the range (exclusive) + type: integer + start: + description: Start of the range (inclusive) type: integer format: int32 - message: + id: HttpRouteHeaderMatchIntegerRange + type: object + description: Represents an integer value range. + GatewayRouteView: + description: GatewayRouteView defines view-only resource for Routes to a Gateway + properties: + routeId: + readOnly: true + description: Output only. The resource id for the route. + type: string + routeProjectNumber: + format: int64 + type: string + readOnly: true + description: Output only. Project number where the route exists. + routeLocation: + readOnly: true + description: Output only. Location where the route exists. + type: string + name: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + Output only. Identifier. Full path name of the GatewayRouteView + resource. Format: + projects/{project_number}/locations/{location}/gateways/{gateway}/routeViews/{route_view} + type: string + readOnly: true + routeType: type: string - details: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. + Output only. Type of the route: HttpRoute,GrpcRoute,TcpRoute, or + TlsRoute + readOnly: true + id: GatewayRouteView type: object - properties: {} - ListLbTrafficExtensionsResponse: - id: ListLbTrafficExtensionsResponse - description: Message for response to listing `LbTrafficExtension` resources. + ListWasmPluginsResponse: type: object + description: Response returned by the `ListWasmPlugins` method. properties: - lbTrafficExtensions: - description: The list of `LbTrafficExtension` resources. - type: array - items: - $ref: '#/components/schemas/LbTrafficExtension' - nextPageToken: - description: A token identifying a page of results that the server returns. - type: string unreachable: - description: Locations that could not be reached. type: array items: type: string - LbTrafficExtension: - id: LbTrafficExtension - description: >- - `LbTrafficExtension` is a resource that lets the extension service - modify the headers and payloads of both requests and responses without - impacting the choice of backend services or any other security policies - associated with the backend service. - type: object - properties: - name: description: >- - Required. Identifier. Name of the `LbTrafficExtension` resource in - the following format: - `projects/{project}/locations/{location}/lbTrafficExtensions/{lb_traffic_extension}`. - type: string - createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true + Unreachable resources. Populated when the request attempts to list + all resources across all supported locations, while some locations + are temporarily unavailable. + nextPageToken: type: string - format: google-datetime + description: >- + If there might be more results than those appearing in this + response, then `next_page_token` is included. To get the next set of + results, call this method again using the value of `next_page_token` + as `page_token`. + wasmPlugins: + items: + $ref: '#/components/schemas/WasmPlugin' + description: List of `WasmPlugin` resources. + type: array + id: ListWasmPluginsResponse + EndpointPolicy: + properties: updateTime: description: Output only. The timestamp when the resource was updated. - readOnly: true type: string + readOnly: true format: google-datetime - description: - description: Optional. A human-readable description of the resource. - type: string - labels: + trafficPortSelector: description: >- - Optional. Set of labels associated with the `LbTrafficExtension` - resource. The format must comply with [the requirements for - labels](https://cloud.google.com/compute/docs/labeling-resources#requirements) - for Google Cloud resources. - type: object - additionalProperties: - type: string - forwardingRules: + Optional. Port selector for the (matched) endpoints. If no port + selector is provided, the matched config is applied to all ports. + $ref: '#/components/schemas/TrafficPortSelector' + createTime: + readOnly: true + format: google-datetime + description: Output only. The timestamp when the resource was created. + type: string + endpointMatcher: + $ref: '#/components/schemas/EndpointMatcher' description: >- - Optional. A list of references to the forwarding rules to which this - service extension is attached. At least one forwarding rule is - required. Only one `LbTrafficExtension` resource can be associated - with a forwarding rule. - type: array - items: - type: string - extensionChains: + Required. A matcher that selects endpoints to which the policies + should be applied. + clientTlsPolicy: + type: string description: >- - Required. A set of ordered extension chains that contain the match - conditions and extensions to execute. Match conditions for each - extension chain are evaluated in sequence for a given request. The - first extension chain that has a condition that matches the request - is executed. Any subsequent extension chains do not execute. Limited - to 5 extension chains per resource. - type: array - items: - $ref: '#/components/schemas/ExtensionChain' - loadBalancingScheme: + Optional. A URL referring to a ClientTlsPolicy resource. + ClientTlsPolicy can be set to specify the authentication for traffic + from the proxy to the actual endpoints. More specifically, it is + applied to the outgoing traffic from the proxy to the endpoint. This + is typically used for sidecar model where the proxy identifies + itself as endpoint to the control plane, with the connection between + sidecar and endpoint requiring authentication. If this field is not + set, authentication is disabled(open). Applicable only when + EndpointPolicyType is SIDECAR_PROXY. + authorizationPolicy: description: >- - Required. All backend services and forwarding rules referenced by - this extension must share the same load balancing scheme. Supported - values: `INTERNAL_MANAGED` and `EXTERNAL_MANAGED`. For more - information, refer to [Backend services - overview](https://cloud.google.com/load-balancing/docs/backend-service). + Optional. This field specifies the URL of AuthorizationPolicy + resource that applies authorization policies to the inbound traffic + at the matched endpoints. Refer to Authorization. If this field is + not specified, authorization is disabled(no authz checks) for this + endpoint. type: string + type: + description: >- + Required. The type of endpoint policy. This is primarily used to + validate the configuration. enumDescriptions: - - Default value. Do not use. - - Signifies that this is used for Internal HTTP(S) Load Balancing. - - >- - Signifies that this is used for External Managed HTTP(S) Load - Balancing. + - Default value. Must not be used. + - Represents a proxy deployed as a sidecar. + - Represents a proxyless gRPC backend. enum: - - LOAD_BALANCING_SCHEME_UNSPECIFIED - - INTERNAL_MANAGED - - EXTERNAL_MANAGED - metadata: + - ENDPOINT_POLICY_TYPE_UNSPECIFIED + - SIDECAR_PROXY + - GRPC_SERVER + type: string + serverTlsPolicy: + type: string description: >- - Optional. The metadata provided here is included as part of the - `metadata_context` (of type `google.protobuf.Struct`) in the - `ProcessingRequest` message sent to the extension server. The - metadata applies to all extensions in all extensions chains in this - resource. The metadata is available under the key - `com.google.lb_traffic_extension.`. The following variables are - supported in the metadata: `{forwarding_rule_id}` - substituted with - the forwarding rule's fully qualified resource name. This field must - not be set if at least one of the extension chains contains plugin - extensions. Setting it results in a validation error. You can set - metadata at either the resource level or the extension level. The - extension level metadata is recommended because you can pass a - different set of metadata through each extension to the backend. + Optional. A URL referring to ServerTlsPolicy resource. + ServerTlsPolicy is used to determine the authentication policy to be + applied to terminate the inbound traffic at the identified backends. + If this field is not set, authentication is disabled(open) for this + endpoint. + labels: type: object additionalProperties: - type: any - description: Properties of the object. - ExtensionChain: - id: ExtensionChain - description: >- - A single extension chain wrapper that contains the match conditions and - extensions to execute. - type: object - properties: - name: + type: string description: >- - Required. The name for this extension chain. The name is logged as - part of the HTTP request logs. The name must conform with RFC-1034, - is restricted to lower-cased letters, numbers and hyphens, and can - have a maximum length of 63 characters. Additionally, the first - character must be a letter and the last a letter or a number. + Optional. Set of label tags associated with the EndpointPolicy + resource. + name: type: string - matchCondition: description: >- - Required. Conditions under which this chain is invoked for a - request. - $ref: '#/components/schemas/ExtensionChainMatchCondition' - extensions: + Identifier. Name of the EndpointPolicy resource. It matches pattern + `projects/{project}/locations/*/endpointPolicies/{endpoint_policy}`. + description: description: >- - Required. A set of extensions to execute for the matching request. - At least one extension is required. Up to 3 extensions can be - defined for each extension chain for `LbTrafficExtension` resource. - `LbRouteExtension` and `LbEdgeExtension` chains are limited to 1 - extension per extension chain. - type: array - items: - $ref: '#/components/schemas/ExtensionChainExtension' - ExtensionChainMatchCondition: - id: ExtensionChainMatchCondition - description: Conditions under which this chain is invoked for a request. + Optional. A free-text description of the resource. Max length 1024 + characters. + type: string + id: EndpointPolicy + type: object + description: >- + EndpointPolicy is a resource that helps apply desired configuration on + the endpoints that match specific criteria. For example, this resource + can be used to apply "authentication config" an all endpoints that serve + on port 8080. + ListAuthzExtensionsResponse: + description: Message for response to listing `AuthzExtension` resources. + id: ListAuthzExtensionsResponse type: object properties: - celExpression: - description: >- - Required. A Common Expression Language (CEL) expression that is used - to match requests for which the extension chain is executed. For - more information, see [CEL matcher language - reference](https://cloud.google.com/service-extensions/docs/cel-matcher-language-reference). + unreachable: + type: array + items: + type: string + description: Locations that could not be reached. + authzExtensions: + items: + $ref: '#/components/schemas/AuthzExtension' + description: The list of `AuthzExtension` resources. + type: array + nextPageToken: type: string - ExtensionChainExtension: - id: ExtensionChainExtension - description: A single extension in the chain to execute for the matching request. + description: A token identifying a page of results that the server returns. + TcpRoute: + description: >- + TcpRoute is the resource defining how TCP traffic should be routed by a + Mesh/Gateway resource. type: object + id: TcpRoute properties: - name: - description: >- - Required. The name for this extension. The name is logged as part of - the HTTP request logs. The name must conform with RFC-1034, is - restricted to lower-cased letters, numbers and hyphens, and can have - a maximum length of 63 characters. Additionally, the first character - must be a letter and the last a letter or a number. + labels: + additionalProperties: + type: string + type: object + description: Optional. Set of label tags associated with the TcpRoute resource. + updateTime: + format: google-datetime + readOnly: true type: string - authority: - description: >- - Optional. The `:authority` header in the gRPC request sent from - Envoy to the extension service. Required for Callout extensions. - This field is not supported for plugin extensions. Setting it - results in a validation error. + description: Output only. The timestamp when the resource was updated. + createTime: type: string - service: + description: Output only. The timestamp when the resource was created. + format: google-datetime + readOnly: true + name: description: >- - Required. The reference to the service that runs the extension. To - configure a callout extension, `service` must be a fully-qualified - reference to a [backend - service](https://cloud.google.com/compute/docs/reference/rest/v1/backendServices) - in the format: - `https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/backendServices/{backendService}` - or - `https://www.googleapis.com/compute/v1/projects/{project}/global/backendServices/{backendService}`. - To configure a plugin extension, `service` must be a reference to a - [`WasmPlugin` - resource](https://cloud.google.com/service-extensions/docs/reference/rest/v1beta1/projects.locations.wasmPlugins) - in the format: - `projects/{project}/locations/{location}/wasmPlugins/{plugin}` or - `//networkservices.googleapis.com/projects/{project}/locations/{location}/wasmPlugins/{wasmPlugin}`. - Plugin extensions are currently supported for the - `LbTrafficExtension`, the `LbRouteExtension`, and the - `LbEdgeExtension` resources. + Identifier. Name of the TcpRoute resource. It matches pattern + `projects/*/locations/*/tcpRoutes/tcp_route_name>`. type: string - supportedEvents: - description: >- - Optional. A set of events during request or response processing for - which this extension is called. For the `LbTrafficExtension` - resource, this field is required. For the `LbRouteExtension` - resource, this field is optional. If unspecified, `REQUEST_HEADERS` - event is assumed as supported. For the `LbEdgeExtension` resource, - this field is required and must only contain `REQUEST_HEADERS` - event. - type: array + gateways: items: type: string - enumDescriptions: - - Unspecified value. Do not use. - - >- - If included in `supported_events`, the extension is called when - the HTTP request headers arrive. - - >- - If included in `supported_events`, the extension is called when - the HTTP request body arrives. - - >- - If included in `supported_events`, the extension is called when - the HTTP response headers arrive. - - >- - If included in `supported_events`, the extension is called when - the HTTP response body arrives. - - >- - If included in `supported_events`, the extension is called when - the HTTP request trailers arrives. - - >- - If included in `supported_events`, the extension is called when - the HTTP response trailers arrives. - enum: - - EVENT_TYPE_UNSPECIFIED - - REQUEST_HEADERS - - REQUEST_BODY - - RESPONSE_HEADERS - - RESPONSE_BODY - - REQUEST_TRAILERS - - RESPONSE_TRAILERS - timeout: - description: >- - Optional. Specifies the timeout for each individual message on the - stream. The timeout must be between `10`-`10000` milliseconds. - Required for callout extensions. This field is not supported for - plugin extensions. Setting it results in a validation error. - type: string - format: google-duration - failOpen: + type: array description: >- - Optional. Determines how the proxy behaves if the call to the - extension fails or times out. When set to `TRUE`, request or - response processing continues without error. Any subsequent - extensions in the extension chain are also executed. When set to - `FALSE` or the default setting of `FALSE` is used, one of the - following happens: * If response headers have not been delivered to - the downstream client, a generic 500 error is returned to the - client. The error response can be tailored by configuring a custom - error response in the load balancer. * If response headers have been - delivered, then the HTTP stream to the downstream client is reset. - type: boolean - forwardHeaders: + Optional. Gateways defines a list of gateways this TcpRoute is + attached to, as one of the routing rules to route the requests + served by the gateway. Each gateway reference should match the + pattern: `projects/*/locations/*/gateways/` + rules: description: >- - Optional. List of the HTTP headers to forward to the extension (from - the client or backend). If omitted, all headers are sent. Each - element is a string indicating the header name. + Required. Rules that define how traffic is routed and handled. At + least one RouteRule must be supplied. If there are multiple rules + then the action taken will be the first rule to match. type: array + items: + $ref: '#/components/schemas/TcpRouteRouteRule' + meshes: items: type: string - metadata: + type: array description: >- - Optional. The metadata provided here is included as part of the - `metadata_context` (of type `google.protobuf.Struct`) in the - `ProcessingRequest` message sent to the extension server. The - metadata is available under the namespace `com.google....`. For - example: - `com.google.lb_traffic_extension.lbtrafficextension1.chain1.ext1`. - The following variables are supported in the metadata: - `{forwarding_rule_id}` - substituted with the forwarding rule's - fully qualified resource name. This field must not be set for plugin - extensions. Setting it results in a validation error. You can set - metadata at either the resource level or the extension level. The - extension level metadata is recommended because you can pass a - different set of metadata through each extension to the backend. - This field is subject to following limitations: * The total size of - the metadata must be less than 1KiB. * The total number of keys in - the metadata must be less than 16. * The length of each key must be - less than 64 characters. * The length of each value must be less - than 1024 characters. * All values must be strings. - type: object - additionalProperties: - type: any - description: Properties of the object. - ListLbRouteExtensionsResponse: - id: ListLbRouteExtensionsResponse - description: Message for response to listing `LbRouteExtension` resources. - type: object + Optional. Meshes defines a list of meshes this TcpRoute is attached + to, as one of the routing rules to route the requests served by the + mesh. Each mesh reference should match the pattern: + `projects/*/locations/*/meshes/` The attached Mesh should be of a + type SIDECAR + description: + type: string + description: >- + Optional. A free-text description of the resource. Max length 1024 + characters. + selfLink: + readOnly: true + description: Output only. Server-defined URL of this resource + type: string + Status: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + id: Status properties: - lbRouteExtensions: - description: The list of `LbRouteExtension` resources. + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + details: type: array items: - $ref: '#/components/schemas/LbRouteExtension' + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + code: + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + type: object + ListGatewaysResponse: + description: Response returned by the ListGateways method. + type: object + id: ListGatewaysResponse + properties: nextPageToken: - description: A token identifying a page of results that the server returns. + description: >- + If there might be more results than those appearing in this + response, then `next_page_token` is included. To get the next set of + results, call this method again using the value of `next_page_token` + as `page_token`. type: string unreachable: + items: + type: string description: Locations that could not be reached. type: array + gateways: items: - type: string - LbRouteExtension: - id: LbRouteExtension - description: >- - `LbRouteExtension` is a resource that lets you control where traffic is - routed to for a given request. - type: object + $ref: '#/components/schemas/Gateway' + type: array + description: List of Gateway resources. + OperationMetadata: + id: OperationMetadata properties: - name: - description: >- - Required. Identifier. Name of the `LbRouteExtension` resource in the - following format: - `projects/{project}/locations/{location}/lbRouteExtensions/{lb_route_extension}`. + endTime: + description: Output only. The time the operation finished running. type: string + format: google-datetime + readOnly: true + requestedCancellation: + readOnly: true + type: boolean + description: >- + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. createTime: - description: Output only. The timestamp when the resource was created. + format: google-datetime readOnly: true + description: Output only. The time the operation was created. type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the resource was updated. + apiVersion: + type: string + description: Output only. API version used to start the operation. + readOnly: true + target: readOnly: true type: string - format: google-datetime - description: - description: Optional. A human-readable description of the resource. + description: >- + Output only. Server-defined resource path for the target of the + operation. + statusMessage: + type: string + readOnly: true + description: Output only. Human-readable status of the operation, if any. + verb: + readOnly: true + description: Output only. Name of the verb executed by the operation. type: string + type: object + description: Represents the metadata of the long-running operation. + GrpcRouteRetryPolicy: + id: GrpcRouteRetryPolicy + type: object + description: >- + The specifications for retries. Specifies one or more conditions for + which this retry rule applies. Valid values are: + properties: + retryConditions: + type: array + description: >- + - connect-failure: Router will retry on failures connecting to + Backend Services, for example due to connection timeouts. - + refused-stream: Router will retry if the backend service resets the + stream with a REFUSED_STREAM error code. This reset type indicates + that it is safe to retry. - cancelled: Router will retry if the gRPC + status code in the response header is set to cancelled - + deadline-exceeded: Router will retry if the gRPC status code in the + response header is set to deadline-exceeded - resource-exhausted: + Router will retry if the gRPC status code in the response header is + set to resource-exhausted - unavailable: Router will retry if the + gRPC status code in the response header is set to unavailable + items: + type: string + numRetries: + description: >- + Specifies the allowed number of retries. This number must be > 0. If + not specified, default to 1. + type: integer + format: uint32 + LbRouteExtension: + description: >- + `LbRouteExtension` is a resource that lets you control where traffic is + routed to for a given request. + id: LbRouteExtension + properties: labels: + type: object description: >- Optional. Set of labels associated with the `LbRouteExtension` resource. The format must comply with [the requirements for labels](https://cloud.google.com/compute/docs/labeling-resources#requirements) for Google Cloud resources. - type: object additionalProperties: type: string forwardingRules: @@ -494,36 +526,10 @@ components: type: array items: type: string - extensionChains: - description: >- - Required. A set of ordered extension chains that contain the match - conditions and extensions to execute. Match conditions for each - extension chain are evaluated in sequence for a given request. The - first extension chain that has a condition that matches the request - is executed. Any subsequent extension chains do not execute. Limited - to 5 extension chains per resource. - type: array - items: - $ref: '#/components/schemas/ExtensionChain' - loadBalancingScheme: - description: >- - Required. All backend services and forwarding rules referenced by - this extension must share the same load balancing scheme. Supported - values: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. For more - information, refer to [Backend services - overview](https://cloud.google.com/load-balancing/docs/backend-service). - type: string - enumDescriptions: - - Default value. Do not use. - - Signifies that this is used for Internal HTTP(S) Load Balancing. - - >- - Signifies that this is used for External Managed HTTP(S) Load - Balancing. - enum: - - LOAD_BALANCING_SCHEME_UNSPECIFIED - - INTERNAL_MANAGED - - EXTERNAL_MANAGED - metadata: + metadata: + additionalProperties: + description: Properties of the object. + type: any description: >- Optional. The metadata provided here is included as part of the `metadata_context` (of type `google.protobuf.Struct`) in the @@ -539,437 +545,381 @@ components: extension level metadata is recommended because you can pass a different set of metadata through each extension to the backend. type: object - additionalProperties: - type: any - description: Properties of the object. - ListAuthzExtensionsResponse: - id: ListAuthzExtensionsResponse - description: Message for response to listing `AuthzExtension` resources. - type: object - properties: - authzExtensions: - description: The list of `AuthzExtension` resources. - type: array - items: - $ref: '#/components/schemas/AuthzExtension' - nextPageToken: - description: A token identifying a page of results that the server returns. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - AuthzExtension: - id: AuthzExtension - description: >- - `AuthzExtension` is a resource that allows traffic forwarding to a - callout backend service to make an authorization decision. - type: object - properties: - name: - description: >- - Required. Identifier. Name of the `AuthzExtension` resource in the - following format: - `projects/{project}/locations/{location}/authzExtensions/{authz_extension}`. - type: string createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true - type: string format: google-datetime - updateTime: - description: Output only. The timestamp when the resource was updated. + description: Output only. The timestamp when the resource was created. readOnly: true type: string - format: google-datetime - description: - description: Optional. A human-readable description of the resource. - type: string - labels: - description: >- - Optional. Set of labels associated with the `AuthzExtension` - resource. The format must comply with [the requirements for - labels](/compute/docs/labeling-resources#requirements) for Google - Cloud resources. - type: object - additionalProperties: - type: string loadBalancingScheme: + type: string description: >- Required. All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. Supported values: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. For more information, refer to [Backend services overview](https://cloud.google.com/load-balancing/docs/backend-service). - type: string + enum: + - LOAD_BALANCING_SCHEME_UNSPECIFIED + - INTERNAL_MANAGED + - EXTERNAL_MANAGED enumDescriptions: - Default value. Do not use. - Signifies that this is used for Internal HTTP(S) Load Balancing. - >- Signifies that this is used for External Managed HTTP(S) Load Balancing. - enum: - - LOAD_BALANCING_SCHEME_UNSPECIFIED - - INTERNAL_MANAGED - - EXTERNAL_MANAGED - authority: + name: description: >- - Required. The `:authority` header in the gRPC request sent from - Envoy to the extension service. + Required. Identifier. Name of the `LbRouteExtension` resource in the + following format: + `projects/{project}/locations/{location}/lbRouteExtensions/{lb_route_extension}`. type: string - service: - description: >- - Required. The reference to the service that runs the extension. To - configure a callout extension, `service` must be a fully-qualified - reference to a [backend - service](https://cloud.google.com/compute/docs/reference/rest/v1/backendServices) - in the format: - `https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/backendServices/{backendService}` - or - `https://www.googleapis.com/compute/v1/projects/{project}/global/backendServices/{backendService}`. + description: type: string - timeout: - description: >- - Required. Specifies the timeout for each individual message on the - stream. The timeout must be between 10-10000 milliseconds. + description: Optional. A human-readable description of the resource. + updateTime: + format: google-datetime + description: Output only. The timestamp when the resource was updated. type: string - format: google-duration - failOpen: - description: >- - Optional. Determines how the proxy behaves if the call to the - extension fails or times out. When set to `TRUE`, request or - response processing continues without error. Any subsequent - extensions in the extension chain are also executed. When set to - `FALSE` or the default setting of `FALSE` is used, one of the - following happens: * If response headers have not been delivered to - the downstream client, a generic 500 error is returned to the - client. The error response can be tailored by configuring a custom - error response in the load balancer. * If response headers have been - delivered, then the HTTP stream to the downstream client is reset. - type: boolean - metadata: - description: >- - Optional. The metadata provided here is included as part of the - `metadata_context` (of type `google.protobuf.Struct`) in the - `ProcessingRequest` message sent to the extension server. The - metadata is available under the namespace - `com.google.authz_extension.`. The following variables are supported - in the metadata Struct: `{forwarding_rule_id}` - substituted with - the forwarding rule's fully qualified resource name. - type: object - additionalProperties: - type: any - description: Properties of the object. - forwardHeaders: - description: >- - Optional. List of the HTTP headers to forward to the extension (from - the client). If omitted, all headers are sent. Each element is a - string indicating the header name. + readOnly: true + extensionChains: type: array items: - type: string - wireFormat: + $ref: '#/components/schemas/ExtensionChain' description: >- - Optional. The format of communication supported by the callout - extension. If not specified, the default value `EXT_PROC_GRPC` is - used. - type: string - enumDescriptions: - - Not specified. - - >- - The extension service uses ext_proc gRPC API over a gRPC stream. - This is the default value if the wire format is not specified. The - backend service for the extension must use HTTP2 or H2C as the - protocol. All `supported_events` for a client request are sent as - part of the same gRPC stream. - - >- - The extension service uses Envoy's `ext_authz` gRPC API. The - backend service for the extension must use HTTP2, or H2C as the - protocol. `EXT_AUTHZ_GRPC` is only supported for `AuthzExtension` - resources. - enum: - - WIRE_FORMAT_UNSPECIFIED - - EXT_PROC_GRPC - - EXT_AUTHZ_GRPC - ListEndpointPoliciesResponse: - id: ListEndpointPoliciesResponse - description: Response returned by the ListEndpointPolicies method. + Required. A set of ordered extension chains that contain the match + conditions and extensions to execute. Match conditions for each + extension chain are evaluated in sequence for a given request. The + first extension chain that has a condition that matches the request + is executed. Any subsequent extension chains do not execute. Limited + to 5 extension chains per resource. + type: object + ListGatewayRouteViewsResponse: + description: Response returned by the ListGatewayRouteViews method. + id: ListGatewayRouteViewsResponse type: object properties: - endpointPolicies: - description: List of EndpointPolicy resources. + gatewayRouteViews: type: array items: - $ref: '#/components/schemas/EndpointPolicy' + $ref: '#/components/schemas/GatewayRouteView' + description: List of GatewayRouteView resources. nextPageToken: - description: >- - If there might be more results than those appearing in this - response, then `next_page_token` is included. To get the next set of - results, call this method again using the value of `next_page_token` - as `page_token`. type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. unreachable: + items: + type: string + type: array description: >- - Unreachable resources. Populated when the request opts into - return_partial_success and reading across collections e.g. when - attempting to list all resources across all supported locations. + Unreachable resources. Populated when the request attempts to list + all resources across all supported locations, while some locations + are temporarily unavailable. + ListMeshRouteViewsResponse: + description: Response returned by the ListMeshRouteViews method. + id: ListMeshRouteViewsResponse + properties: + nextPageToken: + type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + meshRouteViews: + description: List of MeshRouteView resources. + items: + $ref: '#/components/schemas/MeshRouteView' + type: array + unreachable: type: array items: type: string - EndpointPolicy: - id: EndpointPolicy - description: >- - EndpointPolicy is a resource that helps apply desired configuration on - the endpoints that match specific criteria. For example, this resource - can be used to apply "authentication config" an all endpoints that serve - on port 8080. + description: >- + Unreachable resources. Populated when the request attempts to list + all resources across all supported locations, while some locations + are temporarily unavailable. + type: object + GrpcRouteMethodMatch: + description: Specifies a match against a method. type: object properties: - name: + type: + enumDescriptions: + - Unspecified. + - Will only match the exact name provided. + - >- + Will interpret grpc_method and grpc_service as regexes. RE2 syntax + is supported. + enum: + - TYPE_UNSPECIFIED + - EXACT + - REGULAR_EXPRESSION description: >- - Identifier. Name of the EndpointPolicy resource. It matches pattern - `projects/{project}/locations/global/endpointPolicies/{endpoint_policy}`. + Optional. Specifies how to match against the name. If not specified, + a default value of "EXACT" is used. type: string - createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true + grpcService: + description: >- + Required. Name of the service to match against. If unspecified, will + match all services. type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the resource was updated. - readOnly: true + grpcMethod: type: string - format: google-datetime - labels: description: >- - Optional. Set of label tags associated with the EndpointPolicy - resource. - type: object - additionalProperties: - type: string - type: + Required. Name of the method to match against. If unspecified, will + match all methods. + caseSensitive: + type: boolean description: >- - Required. The type of endpoint policy. This is primarily used to - validate the configuration. - type: string - enumDescriptions: - - Default value. Must not be used. - - Represents a proxy deployed as a sidecar. - - Represents a proxyless gRPC backend. - enum: - - ENDPOINT_POLICY_TYPE_UNSPECIFIED - - SIDECAR_PROXY - - GRPC_SERVER - authorizationPolicy: + Optional. Specifies that matches are case sensitive. The default + value is true. case_sensitive must not be used with a type of + REGULAR_EXPRESSION. + id: GrpcRouteMethodMatch + HttpRouteRouteAction: + id: HttpRouteRouteAction + description: The specifications for routing traffic and applying associated policies. + type: object + properties: + timeout: description: >- - Optional. This field specifies the URL of AuthorizationPolicy - resource that applies authorization policies to the inbound traffic - at the matched endpoints. Refer to Authorization. If this field is - not specified, authorization is disabled(no authz checks) for this - endpoint. + Specifies the timeout for selected route. Timeout is computed from + the time the request has been fully processed (i.e. end of stream) + up until the response has been completely processed. Timeout + includes all retries. + type: string + format: google-duration + idleTimeout: type: string - endpointMatcher: description: >- - Required. A matcher that selects endpoints to which the policies - should be applied. - $ref: '#/components/schemas/EndpointMatcher' - trafficPortSelector: + Optional. Specifies the idle timeout for the selected route. The + idle timeout is defined as the period in which there are no bytes + sent or received on either the upstream or downstream connection. If + not set, the default idle timeout is 1 hour. If set to 0s, the + timeout will be disabled. + format: google-duration + urlRewrite: description: >- - Optional. Port selector for the (matched) endpoints. If no port - selector is provided, the matched config is applied to all ports. - $ref: '#/components/schemas/TrafficPortSelector' - description: + The specification for rewrite URL before forwarding requests to the + destination. + $ref: '#/components/schemas/HttpRouteURLRewrite' + requestHeaderModifier: + $ref: '#/components/schemas/HttpRouteHeaderModifier' description: >- - Optional. A free-text description of the resource. Max length 1024 - characters. - type: string - serverTlsPolicy: + The specification for modifying the headers of a matching request + prior to delivery of the request to the destination. If + HeaderModifiers are set on both the Destination and the RouteAction, + they will be merged. Conflicts between the two will not be resolved + on the configuration. + retryPolicy: + description: Specifies the retry policy associated with this route. + $ref: '#/components/schemas/HttpRouteRetryPolicy' + corsPolicy: + $ref: '#/components/schemas/HttpRouteCorsPolicy' + description: The specification for allowing client side cross-origin requests. + redirect: + description: If set, the request is directed as configured by this field. + $ref: '#/components/schemas/HttpRouteRedirect' + statefulSessionAffinity: + description: Optional. Specifies cookie-based stateful session affinity. + $ref: '#/components/schemas/HttpRouteStatefulSessionAffinityPolicy' + responseHeaderModifier: description: >- - Optional. A URL referring to ServerTlsPolicy resource. - ServerTlsPolicy is used to determine the authentication policy to be - applied to terminate the inbound traffic at the identified backends. - If this field is not set, authentication is disabled(open) for this - endpoint. - type: string - clientTlsPolicy: + The specification for modifying the headers of a response prior to + sending the response back to the client. If HeaderModifiers are set + on both the Destination and the RouteAction, they will be merged. + Conflicts between the two will not be resolved on the configuration. + $ref: '#/components/schemas/HttpRouteHeaderModifier' + faultInjectionPolicy: + $ref: '#/components/schemas/HttpRouteFaultInjectionPolicy' description: >- - Optional. A URL referring to a ClientTlsPolicy resource. - ClientTlsPolicy can be set to specify the authentication for traffic - from the proxy to the actual endpoints. More specifically, it is - applied to the outgoing traffic from the proxy to the endpoint. This - is typically used for sidecar model where the proxy identifies - itself as endpoint to the control plane, with the connection between - sidecar and endpoint requiring authentication. If this field is not - set, authentication is disabled(open). Applicable only when - EndpointPolicyType is SIDECAR_PROXY. - type: string - EndpointMatcher: - id: EndpointMatcher - description: >- - A definition of a matcher that selects endpoints to which the policies - should be applied. - type: object - properties: - metadataLabelMatcher: - description: The matcher is based on node metadata presented by xDS clients. - $ref: '#/components/schemas/EndpointMatcherMetadataLabelMatcher' - EndpointMatcherMetadataLabelMatcher: - id: EndpointMatcherMetadataLabelMatcher - description: The matcher that is based on node metadata presented by xDS clients. - type: object - properties: - metadataLabelMatchCriteria: + The specification for fault injection introduced into traffic to + test the resiliency of clients to backend service failure. As part + of fault injection, when clients send requests to a backend service, + delays can be introduced on a percentage of requests before sending + those requests to the backend service. Similarly requests from + clients can be aborted for a percentage of requests. timeout and + retry_policy will be ignored by clients that are configured with a + fault_injection_policy + directResponse: description: >- - Specifies how matching should be done. Supported values are: - MATCH_ANY: At least one of the Labels specified in the matcher - should match the metadata presented by xDS client. MATCH_ALL: The - metadata presented by the xDS client should contain all of the - labels specified here. The selection is determined based on the best - match. For example, suppose there are three EndpointPolicy resources - P1, P2 and P3 and if P1 has a the matcher as MATCH_ANY , P2 has - MATCH_ALL , and P3 has MATCH_ALL . If a client with label connects, - the config from P1 will be selected. If a client with label - connects, the config from P2 will be selected. If a client with - label connects, the config from P3 will be selected. If there is - more than one best match, (for example, if a config P4 with selector - exists and if a client with label connects), pick up the one with - older creation time. - type: string - enumDescriptions: - - Default value. Should not be used. - - >- - At least one of the Labels specified in the matcher should match - the metadata presented by xDS client. - - >- - The metadata presented by the xDS client should contain all of the - labels specified here. - enum: - - METADATA_LABEL_MATCH_CRITERIA_UNSPECIFIED - - MATCH_ANY - - MATCH_ALL - metadataLabels: + Optional. Static HTTP Response object to be returned regardless of + the request. + $ref: '#/components/schemas/HttpRouteHttpDirectResponse' + requestMirrorPolicy: + $ref: '#/components/schemas/HttpRouteRequestMirrorPolicy' description: >- - The list of label value pairs that must match labels in the provided - metadata based on filterMatchCriteria This list can have at most 64 - entries. The list can be empty if the match criteria is MATCH_ANY, - to specify a wildcard match (i.e this matches any client). + Specifies the policy on how requests intended for the routes + destination are shadowed to a separate mirrored destination. Proxy + will not wait for the shadow destination to respond before returning + the response. Prior to sending traffic to the shadow service, the + host/authority header is suffixed with -shadow. + destinations: type: array items: - $ref: >- - #/components/schemas/EndpointMatcherMetadataLabelMatcherMetadataLabels - EndpointMatcherMetadataLabelMatcherMetadataLabels: - id: EndpointMatcherMetadataLabelMatcherMetadataLabels - description: Defines a name-pair value for a single label. - type: object - properties: - labelName: - description: Required. Label name presented as key in xDS Node Metadata. - type: string - labelValue: - description: >- - Required. Label value presented as value corresponding to the above - key, in xDS Node Metadata. - type: string - TrafficPortSelector: - id: TrafficPortSelector - description: Specification of a port-based selector. + $ref: '#/components/schemas/HttpRouteDestination' + description: The destination to which traffic should be forwarded. + ListOperationsResponse: + id: ListOperationsResponse type: object + description: The response message for Operations.ListOperations. properties: - ports: - description: >- - Optional. A list of ports. Can be port numbers or port range - (example, [80-90] specifies all ports from 80 to 90, including 80 - and 90) or named ports or * to specify all ports. If the list is - empty, all ports are selected. - type: array + operations: items: - type: string - ListWasmPluginVersionsResponse: - id: ListWasmPluginVersionsResponse - description: Response returned by the `ListWasmPluginVersions` method. - type: object - properties: - wasmPluginVersions: - description: List of `WasmPluginVersion` resources. + $ref: '#/components/schemas/Operation' + description: >- + A list of operations that matches the specified filter in the + request. type: array - items: - $ref: '#/components/schemas/WasmPluginVersion' nextPageToken: - description: >- - If there might be more results than those appearing in this - response, then `next_page_token` is included. To get the next set of - results, call this method again using the value of `next_page_token` - as `page_token`. + description: The standard List next-page token. type: string unreachable: description: >- - Unreachable resources. Populated when the request attempts to list - all resources across all supported locations, while some locations - are temporarily unavailable. - type: array + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. items: type: string - WasmPluginVersion: - id: WasmPluginVersion - description: >- - A single immutable version of a `WasmPlugin` resource. Defines the Wasm - module used and optionally its runtime config. + type: array + GrpcRouteStatefulSessionAffinityPolicy: type: object + description: >- + The specification for cookie-based stateful session affinity where the + date plane supplies a “session cookie” with the name "GSSA" which + encodes a specific destination host and each request containing that + cookie will be directed to that host as long as the destination host + remains up and healthy. The gRPC proxyless mesh library or sidecar proxy + will manage the session cookie but the client application code is + responsible for copying the cookie from each RPC in the session to the + next. properties: - pluginConfigData: - description: >- - Configuration for the plugin. The configuration is provided to the - plugin at runtime through the `ON_CONFIGURE` callback. When a new - `WasmPluginVersion` resource is created, the digest of the contents - is saved in the `plugin_config_digest` field. - type: string - format: byte - pluginConfigUri: + cookieTtl: description: >- - URI of the plugin configuration stored in the Artifact Registry. The - configuration is provided to the plugin at runtime through the - `ON_CONFIGURE` callback. The URI can refer to one of the following - repository formats: * Container images: the `plugin_config_uri` must - point to a container that contains a single file with the name - `plugin.config`. When a new `WasmPluginVersion` resource is created, - the digest of the image is saved in the `plugin_config_digest` - field. When pulling a container image from Artifact Registry, the - digest value is used instead of an image tag. * Generic artifacts: - the `plugin_config_uri` must be in this format: - `projects/{project}/locations/{location}/repositories/{repository}/ - genericArtifacts/{package}:{version}`. The specified package and - version must contain a file with the name `plugin.config`. When a - new `WasmPluginVersion` resource is created, the checksum of the - contents of the file is saved in the `plugin_config_digest` field. + Required. The cookie TTL value for the Set-Cookie header generated + by the data plane. The lifetime of the cookie may be set to a value + from 0 to 86400 seconds (24 hours) inclusive. Set this to 0s to use + a session cookie and disable cookie expiration. + format: google-duration type: string - name: + id: GrpcRouteStatefulSessionAffinityPolicy + TcpRouteRouteDestination: + type: object + properties: + serviceName: + type: string + description: Required. The URL of a BackendService to route traffic to. + weight: description: >- - Identifier. Name of the `WasmPluginVersion` resource in the - following format: - `projects/{project}/locations/{location}/wasmPlugins/{wasm_plugin}/ - versions/{wasm_plugin_version}`. + Optional. Specifies the proportion of requests forwarded to the + backend referenced by the serviceName field. This is computed as: - + weight/Sum(weights in this destination list). For non-zero values, + there may be some epsilon from the exact proportion defined here + depending on the precision an implementation supports. If only one + serviceName is specified and it has a weight greater than 0, 100% of + the traffic is forwarded to that backend. If weights are specified + for any one service name, they need to be specified for all of them. + If weights are unspecified for all services, then, traffic is + distributed in equal proportions to all of them. + type: integer + format: int32 + id: TcpRouteRouteDestination + description: Describe the destination for traffic to be routed to. + ServiceBinding: + id: ServiceBinding + properties: + description: type: string + description: >- + Optional. A free-text description of the resource. Max length 1024 + characters. createTime: description: Output only. The timestamp when the resource was created. + format: google-datetime readOnly: true type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the resource was updated. + service: + description: >- + Optional. The full Service Directory Service name of the format + `projects/*/locations/*/namespaces/*/services/*`. This field is for + Service Directory integration which will be deprecated soon. + deprecated: true + type: string + serviceId: + deprecated: true + description: >- + Output only. The unique identifier of the Service Directory Service + against which the ServiceBinding resource is validated. This is + populated when the Service Binding resource is used in another + resource (like Backend Service). This is of the UUID4 format. This + field is for Service Directory integration which will be deprecated + soon. + type: string readOnly: true + name: type: string - format: google-datetime - description: - description: Optional. A human-readable description of the resource. + description: >- + Identifier. Name of the ServiceBinding resource. It matches pattern + `projects/*/locations/*/serviceBindings/`. + updateTime: type: string + format: google-datetime + description: Output only. The timestamp when the resource was updated. + readOnly: true labels: description: >- - Optional. Set of labels associated with the `WasmPluginVersion` + Optional. Set of label tags associated with the ServiceBinding resource. type: object additionalProperties: type: string + description: >- + ServiceBinding can be used to: - Bind a Service Directory Service to be + used in a BackendService resource. This feature will be deprecated soon. + - Bind a Private Service Connect producer service to be used in consumer + Cloud Service Mesh or Application Load Balancers. - Bind a Cloud Run + service to be used in consumer Cloud Service Mesh or Application Load + Balancers. + type: object + ListLocationsResponse: + properties: + locations: + items: + $ref: '#/components/schemas/Location' + description: >- + A list of locations that matches the specified filter in the + request. + type: array + nextPageToken: + description: The standard List next-page token. + type: string + type: object + id: ListLocationsResponse + description: The response message for Locations.ListLocations. + WasmPluginVersionDetails: + properties: + pluginConfigDigest: + description: >- + Output only. This field holds the digest (usually checksum) value + for the plugin configuration. The value is calculated based on the + contents of `plugin_config_data` field or the image defined by the + `plugin_config_uri` field. + readOnly: true + type: string + pluginConfigData: + description: >- + Configuration for the plugin. The configuration is provided to the + plugin at runtime through the `ON_CONFIGURE` callback. When a new + `WasmPluginVersion` version is created, the digest of the contents + is saved in the `plugin_config_digest` field. + type: string + format: byte + updateTime: + type: string + description: Output only. The timestamp when the resource was updated. + readOnly: true + format: google-datetime imageUri: description: >- Optional. URI of the image containing the Wasm module, stored in @@ -987,6 +937,24 @@ components: `WasmPluginVersion` resource is created, the checksum of the contents of the file is saved in the `image_digest` field. type: string + pluginConfigUri: + description: >- + URI of the plugin configuration stored in the Artifact Registry. The + configuration is provided to the plugin at runtime through the + `ON_CONFIGURE` callback. The URI can refer to one of the following + repository formats: * Container images: the `plugin_config_uri` must + point to a container that contains a single file with the name + `plugin.config`. When a new `WasmPluginVersion` resource is created, + the digest of the image is saved in the `plugin_config_digest` + field. When pulling a container image from Artifact Registry, the + digest value is used instead of an image tag. * Generic artifacts: + the `plugin_config_uri` must be in this format: + `projects/{project}/locations/{location}/repositories/{repository}/ + genericArtifacts/{package}:{version}`. The specified package and + version must contain a file with the name `plugin.config`. When a + new `WasmPluginVersion` resource is created, the checksum of the + contents of the file is saved in the `plugin_config_digest` field. + type: string imageDigest: description: >- Output only. This field holds the digest (usually checksum) value @@ -995,127 +963,297 @@ components: image, the digest value is obtained from the container image. If the `image_uri` field refers to a generic artifact, the digest value is calculated based on the contents of the file. + type: string readOnly: true + description: type: string - pluginConfigDigest: - description: >- - Output only. This field holds the digest (usually checksum) value - for the plugin configuration. The value is calculated based on the - contents of `plugin_config_data` field or the image defined by the - `plugin_config_uri` field. + description: Optional. A human-readable description of the resource. + createTime: + description: Output only. The timestamp when the resource was created. + format: google-datetime readOnly: true type: string - ListWasmPluginsResponse: - id: ListWasmPluginsResponse - description: Response returned by the `ListWasmPlugins` method. + labels: + description: >- + Optional. Set of labels associated with the `WasmPluginVersion` + resource. + type: object + additionalProperties: + type: string + id: WasmPluginVersionDetails type: object + description: >- + Details of a `WasmPluginVersion` resource to be inlined in the + `WasmPlugin` resource. + ListMeshesResponse: properties: - wasmPlugins: - description: List of `WasmPlugin` resources. - type: array + unreachable: + description: >- + Unreachable resources. Populated when the request opts into + `return_partial_success` and reading across collections e.g. when + attempting to list all resources across all supported locations. items: - $ref: '#/components/schemas/WasmPlugin' + type: string + type: array nextPageToken: + type: string description: >- If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`. - type: string + meshes: + items: + $ref: '#/components/schemas/Mesh' + type: array + description: List of Mesh resources. + id: ListMeshesResponse + type: object + description: Response returned by the ListMeshes method. + Empty: + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + properties: {} + type: object + ListLbTrafficExtensionsResponse: + type: object + properties: unreachable: - description: >- - Unreachable resources. Populated when the request attempts to list - all resources across all supported locations, while some locations - are temporarily unavailable. type: array + description: Locations that could not be reached. items: type: string - WasmPlugin: - id: WasmPlugin - description: >- - `WasmPlugin` is a resource representing a service executing a - customer-provided Wasm module. - type: object + nextPageToken: + description: A token identifying a page of results that the server returns. + type: string + lbTrafficExtensions: + items: + $ref: '#/components/schemas/LbTrafficExtension' + type: array + description: The list of `LbTrafficExtension` resources. + description: Message for response to listing `LbTrafficExtension` resources. + id: ListLbTrafficExtensionsResponse + ListTlsRoutesResponse: + id: ListTlsRoutesResponse properties: - name: + unreachable: + type: array description: >- - Identifier. Name of the `WasmPlugin` resource in the following - format: - `projects/{project}/locations/{location}/wasmPlugins/{wasm_plugin}`. - type: string - createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the resource was updated. - readOnly: true + Unreachable resources. Populated when the request opts into + return_partial_success and reading across collections e.g. when + attempting to list all resources across all supported locations. + items: + type: string + nextPageToken: type: string + description: >- + If there might be more results than those appearing in this + response, then `next_page_token` is included. To get the next set of + results, call this method again using the value of `next_page_token` + as `page_token`. + tlsRoutes: + description: List of TlsRoute resources. + type: array + items: + $ref: '#/components/schemas/TlsRoute' + type: object + description: Response returned by the ListTlsRoutes method. + SetIamPolicyRequest: + description: Request message for `SetIamPolicy` method. + id: SetIamPolicyRequest + type: object + properties: + updateMask: + format: google-fieldmask + description: >- + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + type: string + policy: + description: >- + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' + HttpRouteRedirect: + properties: + portRedirect: + format: int32 + description: >- + The port that will be used in the redirected request instead of the + one that was supplied in the request. + type: integer + stripQuery: + description: >- + if set to true, any accompanying query portion of the original URL + is removed prior to redirecting the request. If set to false, the + query portion of the original URL is retained. The default is set to + false. + type: boolean + pathRedirect: + description: >- + The path that will be used in the redirect response instead of the + one that was supplied in the request. path_redirect can not be + supplied together with prefix_redirect. Supply one alone or neither. + If neither is supplied, the path of the original request will be + used for the redirect. + type: string + hostRedirect: + type: string + description: >- + The host that will be used in the redirect response instead of the + one that was supplied in the request. + prefixRewrite: + description: >- + Indicates that during redirection, the matched prefix (or path) + should be swapped with this value. This option allows URLs be + dynamically created based on the request. + type: string + responseCode: + enumDescriptions: + - Default value + - Corresponds to 301. + - Corresponds to 302. + - Corresponds to 303. + - >- + Corresponds to 307. In this case, the request method will be + retained. + - >- + Corresponds to 308. In this case, the request method will be + retained. + enum: + - RESPONSE_CODE_UNSPECIFIED + - MOVED_PERMANENTLY_DEFAULT + - FOUND + - SEE_OTHER + - TEMPORARY_REDIRECT + - PERMANENT_REDIRECT + type: string + description: The HTTP Status code to use for the redirect. + httpsRedirect: + type: boolean + description: >- + If set to true, the URL scheme in the redirected request is set to + https. If set to false, the URL scheme of the redirected request + will remain the same as that of the request. The default is set to + false. + type: object + description: The specification for redirecting traffic. + id: HttpRouteRedirect + ServiceLbPolicy: + id: ServiceLbPolicy + type: object + description: >- + ServiceLbPolicy holds global load balancing and traffic distribution + configuration that can be applied to a BackendService. + properties: + name: + type: string + description: >- + Identifier. Name of the ServiceLbPolicy resource. It matches pattern + `projects/{project}/locations/{location}/serviceLbPolicies/{service_lb_policy_name}`. + updateTime: format: google-datetime + readOnly: true + description: Output only. The timestamp when this resource was last updated. + type: string description: - description: Optional. A human-readable description of the resource. type: string - labels: description: >- - Optional. Set of labels associated with the `WasmPlugin` resource. - The format must comply with [the following - requirements](/compute/docs/labeling-resources#requirements). + Optional. A free-text description of the resource. Max length 1024 + characters. + isolationConfig: + $ref: '#/components/schemas/ServiceLbPolicyIsolationConfig' + description: >- + Optional. Configuration to provide isolation support for the + associated Backend Service. + labels: type: object additionalProperties: type: string - mainVersionId: description: >- - Optional. The ID of the `WasmPluginVersion` resource that is the - currently serving one. The version referred to must be a child of - this `WasmPlugin` resource. + Optional. Set of label tags associated with the ServiceLbPolicy + resource. + loadBalancingAlgorithm: + enumDescriptions: + - The type of the loadbalancing algorithm is unspecified. + - >- + Balance traffic across all backends across the world + proportionally based on capacity. + - >- + Direct traffic to the nearest region with endpoints and capacity + before spilling over to other regions and spread the traffic from + each client to all the MIGs/NEGs in a region. + - >- + Direct traffic to the nearest region with endpoints and capacity + before spilling over to other regions. All MIGs/NEGs within a + region are evenly loaded but each client might not spread the + traffic to all the MIGs/NEGs in the region. + - >- + Attempt to keep traffic in a single zone closest to the client, + before spilling over to other zones. + description: >- + Optional. The type of load balancing algorithm to be used. The + default behavior is WATERFALL_BY_REGION. type: string - logConfig: + enum: + - LOAD_BALANCING_ALGORITHM_UNSPECIFIED + - SPRAY_TO_WORLD + - SPRAY_TO_REGION + - WATERFALL_BY_REGION + - WATERFALL_BY_ZONE + failoverConfig: + $ref: '#/components/schemas/ServiceLbPolicyFailoverConfig' + description: Optional. Configuration related to health based failover. + createTime: + format: google-datetime + type: string + description: Output only. The timestamp when this resource was created. + readOnly: true + autoCapacityDrain: + $ref: '#/components/schemas/ServiceLbPolicyAutoCapacityDrain' description: >- - Optional. Specifies the logging options for the activity performed - by this plugin. If logging is enabled, plugin logs are exported to - Cloud Logging. Note that the settings relate to the logs generated - by using logging statements in your Wasm code. - $ref: '#/components/schemas/WasmPluginLogConfig' - versions: + Optional. Configuration to automatically move traffic away for + unhealthy IG/NEG for the associated Backend Service. + HttpRouteRequestMirrorPolicy: + type: object + properties: + destination: description: >- - Optional. All versions of this `WasmPlugin` resource in the - key-value format. The key is the resource ID, and the value is the - `VersionDetails` object. Lets you create or update a `WasmPlugin` - resource and its versions in a single request. When the - `main_version_id` field is not empty, it must point to one of the - `VersionDetails` objects in the map. If provided in a `PATCH` - request, the new versions replace the previous set. Any version - omitted from the `versions` field is removed. Because the - `WasmPluginVersion` resource is immutable, if a `WasmPluginVersion` - resource with the same name already exists and differs, the request - fails. Note: In a `GET` request, this field is populated only if the - field `GetWasmPluginRequest.view` is set to `WASM_PLUGIN_VIEW_FULL`. - type: object - additionalProperties: - $ref: '#/components/schemas/WasmPluginVersionDetails' - usedBy: + The destination the requests will be mirrored to. The weight of the + destination will be ignored. + $ref: '#/components/schemas/HttpRouteDestination' + mirrorPercent: + type: number description: >- - Output only. List of all - [extensions](https://cloud.google.com/service-extensions/docs/overview) - that use this `WasmPlugin` resource. - readOnly: true - type: array - items: - $ref: '#/components/schemas/WasmPluginUsedBy' + Optional. The percentage of requests to get mirrored to the desired + destination. + format: float + description: >- + Specifies the policy on how requests are shadowed to a separate mirrored + destination service. The proxy does not wait for responses from the + shadow service. Prior to sending traffic to the shadow service, the + host/authority header is suffixed with -shadow. Mirroring is currently + not supported for Cloud Run destinations. + id: HttpRouteRequestMirrorPolicy WasmPluginLogConfig: id: WasmPluginLogConfig - description: >- - Specifies the logging options for the activity performed by this plugin. - If logging is enabled, plugin logs are exported to Cloud Logging. type: object properties: enable: + type: boolean description: >- Optional. Specifies whether to enable logging for activity by this plugin. Defaults to `false`. - type: boolean sampleRate: + type: number description: >- Non-empty default. Configures the sampling rate of activity logs, where `1.0` means all logged activity is reported and `0.0` means no @@ -1124,17 +1262,8 @@ components: value when logging is enabled is `1.0`. The value of the field must be between `0` and `1` (inclusive). This field can be specified only if logging is enabled for this plugin. - type: number format: float minLogLevel: - description: >- - Non-empty default. Specifies the lowest level of the plugin logs - that are exported to Cloud Logging. This setting relates to the logs - generated by using logging statements in your Wasm code. This field - is can be set only if logging is enabled for the plugin. If the - field is not provided when logging is enabled, it is set to `INFO` - by default. - type: string enumDescriptions: - Unspecified value. Defaults to `LogLevel.INFO`. - Report logs with TRACE level and above. @@ -1143,6 +1272,14 @@ components: - Report logs with WARN level and above. - Report logs with ERROR level and above. - Report logs with CRITICAL level only. + description: >- + Non-empty default. Specifies the lowest level of the plugin logs + that are exported to Cloud Logging. This setting relates to the logs + generated by using logging statements in your Wasm code. This field + is can be set only if logging is enabled for the plugin. If the + field is not provided when logging is enabled, it is set to `INFO` + by default. + type: string enum: - LOG_LEVEL_UNSPECIFIED - TRACE @@ -1151,21 +1288,167 @@ components: - WARN - ERROR - CRITICAL - WasmPluginVersionDetails: - id: WasmPluginVersionDetails description: >- - Details of a `WasmPluginVersion` resource to be inlined in the - `WasmPlugin` resource. - type: object + Specifies the logging options for the activity performed by this plugin. + If logging is enabled, plugin logs are exported to Cloud Logging. + ListLbRouteExtensionsResponse: + description: Message for response to listing `LbRouteExtension` resources. + id: ListLbRouteExtensionsResponse properties: - pluginConfigData: - description: >- - Configuration for the plugin. The configuration is provided to the - plugin at runtime through the `ON_CONFIGURE` callback. When a new - `WasmPluginVersion` version is created, the digest of the contents - is saved in the `plugin_config_digest` field. + unreachable: + type: array + description: Locations that could not be reached. + items: + type: string + lbRouteExtensions: + description: The list of `LbRouteExtension` resources. + type: array + items: + $ref: '#/components/schemas/LbRouteExtension' + nextPageToken: type: string - format: byte + description: A token identifying a page of results that the server returns. + type: object + AuditConfig: + type: object + properties: + service: + description: >- + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + type: string + auditLogConfigs: + items: + $ref: '#/components/schemas/AuditLogConfig' + description: The configuration for logging of each type of permission. + type: array + id: AuditConfig + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + TestIamPermissionsRequest: + description: Request message for `TestIamPermissions` method. + id: TestIamPermissionsRequest + properties: + permissions: + type: array + items: + type: string + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + type: object + MeshRouteView: + description: MeshRouteView defines view-only resource for Routes to a Mesh + properties: + routeLocation: + type: string + description: Output only. Location where the route exists. + readOnly: true + routeType: + readOnly: true + description: >- + Output only. Type of the route: HttpRoute,GrpcRoute,TcpRoute, or + TlsRoute + type: string + name: + type: string + description: >- + Output only. Identifier. Full path name of the MeshRouteView + resource. Format: + projects/{project_number}/locations/{location}/meshes/{mesh}/routeViews/{route_view} + readOnly: true + routeProjectNumber: + description: Output only. Project number where the route exists. + readOnly: true + format: int64 + type: string + routeId: + readOnly: true + description: Output only. The resource id for the route. + type: string + type: object + id: MeshRouteView + ListServiceBindingsResponse: + description: Response returned by the ListServiceBindings method. + type: object + id: ListServiceBindingsResponse + properties: + nextPageToken: + description: >- + If there might be more results than those appearing in this + response, then `next_page_token` is included. To get the next set of + results, call this method again using the value of `next_page_token` + as `page_token`. + type: string + unreachable: + description: >- + Unreachable resources. Populated when the request attempts to list + all resources across all supported locations, while some locations + are temporarily unavailable. + items: + type: string + type: array + serviceBindings: + items: + $ref: '#/components/schemas/ServiceBinding' + type: array + description: List of ServiceBinding resources. + GrpcRouteRouteRule: + id: GrpcRouteRouteRule + type: object + description: Describes how to route traffic. + properties: + matches: + description: >- + Optional. Matches define conditions used for matching the rule + against incoming gRPC requests. Each match is independent, i.e. this + rule will be matched if ANY one of the matches is satisfied. If no + matches field is specified, this rule will unconditionally match + traffic. + type: array + items: + $ref: '#/components/schemas/GrpcRouteRouteMatch' + action: + description: >- + Required. A detailed rule defining how to route traffic. This field + is required. + $ref: '#/components/schemas/GrpcRouteRouteAction' + WasmPluginVersion: + properties: + imageDigest: + readOnly: true + type: string + description: >- + Output only. This field holds the digest (usually checksum) value + for the plugin image. The value is calculated based on the + `image_uri` field. If the `image_uri` field refers to a container + image, the digest value is obtained from the container image. If the + `image_uri` field refers to a generic artifact, the digest value is + calculated based on the contents of the file. + updateTime: + description: Output only. The timestamp when the resource was updated. + type: string + readOnly: true + format: google-datetime pluginConfigUri: description: >- URI of the plugin configuration stored in the Artifact Registry. The @@ -1185,18 +1468,18 @@ components: contents of the file is saved in the `plugin_config_digest` field. type: string createTime: + format: google-datetime + type: string description: Output only. The timestamp when the resource was created. readOnly: true + pluginConfigDigest: + description: >- + Output only. This field holds the digest (usually checksum) value + for the plugin configuration. The value is calculated based on the + contents of `plugin_config_data` field or the image defined by the + `plugin_config_uri` field. type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the resource was updated. readOnly: true - type: string - format: google-datetime - description: - description: Optional. A human-readable description of the resource. - type: string labels: description: >- Optional. Set of labels associated with the `WasmPluginVersion` @@ -1204,6 +1487,21 @@ components: type: object additionalProperties: type: string + name: + type: string + description: >- + Identifier. Name of the `WasmPluginVersion` resource in the + following format: + `projects/{project}/locations/{location}/wasmPlugins/{wasm_plugin}/ + versions/{wasm_plugin_version}`. + pluginConfigData: + description: >- + Configuration for the plugin. The configuration is provided to the + plugin at runtime through the `ON_CONFIGURE` callback. When a new + `WasmPluginVersion` resource is created, the digest of the contents + is saved in the `plugin_config_digest` field. + type: string + format: byte imageUri: description: >- Optional. URI of the image containing the Wasm module, stored in @@ -1221,239 +1519,248 @@ components: `WasmPluginVersion` resource is created, the checksum of the contents of the file is saved in the `image_digest` field. type: string - imageDigest: - description: >- - Output only. This field holds the digest (usually checksum) value - for the plugin image. The value is calculated based on the - `image_uri` field. If the `image_uri` field refers to a container - image, the digest value is obtained from the container image. If the - `image_uri` field refers to a generic artifact, the digest value is - calculated based on the contents of the file. - readOnly: true - type: string - pluginConfigDigest: - description: >- - Output only. This field holds the digest (usually checksum) value - for the plugin configuration. The value is calculated based on the - contents of `plugin_config_data` field or the image defined by the - `plugin_config_uri` field. - readOnly: true + description: + description: Optional. A human-readable description of the resource. type: string - WasmPluginUsedBy: - id: WasmPluginUsedBy - description: Defines a resource that uses the `WasmPlugin` resource. + type: object + id: WasmPluginVersion + description: >- + A single immutable version of a `WasmPlugin` resource. Defines the Wasm + module used and optionally its runtime config. + WasmPlugin: type: object properties: - name: - description: >- - Output only. Full name of the resource - https://google.aip.dev/122#full-resource-names, for example - `//networkservices.googleapis.com/projects/{project}/locations/{location}/lbRouteExtensions/{extension}` + createTime: + format: google-datetime readOnly: true + description: Output only. The timestamp when the resource was created. type: string - ListGatewaysResponse: - id: ListGatewaysResponse - description: Response returned by the ListGateways method. - type: object - properties: - gateways: - description: List of Gateway resources. - type: array - items: - $ref: '#/components/schemas/Gateway' - nextPageToken: + usedBy: description: >- - If there might be more results than those appearing in this - response, then `next_page_token` is included. To get the next set of - results, call this method again using the value of `next_page_token` - as `page_token`. - type: string - unreachable: - description: Locations that could not be reached. + Output only. List of all + [extensions](https://cloud.google.com/service-extensions/docs/overview) + that use this `WasmPlugin` resource. + readOnly: true type: array items: + $ref: '#/components/schemas/WasmPluginUsedBy' + mainVersionId: + type: string + description: >- + Optional. The ID of the `WasmPluginVersion` resource that is the + currently serving one. The version referred to must be a child of + this `WasmPlugin` resource. + labels: + additionalProperties: type: string - Gateway: - id: Gateway - description: >- - Gateway represents the configuration for a proxy, typically a load - balancer. It captures the ip:port over which the services are exposed by - the proxy, along with any policy configurations. Routes have reference - to to Gateways to dictate how requests should be routed by this Gateway. - type: object - properties: - name: description: >- - Identifier. Name of the Gateway resource. It matches pattern - `projects/*/locations/*/gateways/`. - type: string - selfLink: - description: Output only. Server-defined URL of this resource - readOnly: true - type: string - createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true - type: string - format: google-datetime + Optional. Set of labels associated with the `WasmPlugin` resource. + The format must comply with [the following + requirements](/compute/docs/labeling-resources#requirements). + type: object updateTime: - description: Output only. The timestamp when the resource was updated. readOnly: true type: string + description: Output only. The timestamp when the resource was updated. format: google-datetime - labels: - description: Optional. Set of label tags associated with the Gateway resource. + logConfig: + description: >- + Optional. Specifies the logging options for the activity performed + by this plugin. If logging is enabled, plugin logs are exported to + Cloud Logging. Note that the settings relate to the logs generated + by using logging statements in your Wasm code. + $ref: '#/components/schemas/WasmPluginLogConfig' + name: + description: >- + Identifier. Name of the `WasmPlugin` resource in the following + format: + `projects/{project}/locations/{location}/wasmPlugins/{wasm_plugin}`. + type: string + versions: type: object additionalProperties: - type: string - description: + $ref: '#/components/schemas/WasmPluginVersionDetails' description: >- - Optional. A free-text description of the resource. Max length 1024 - characters. + Optional. All versions of this `WasmPlugin` resource in the + key-value format. The key is the resource ID, and the value is the + `VersionDetails` object. Lets you create or update a `WasmPlugin` + resource and its versions in a single request. When the + `main_version_id` field is not empty, it must point to one of the + `VersionDetails` objects in the map. If provided in a `PATCH` + request, the new versions replace the previous set. Any version + omitted from the `versions` field is removed. Because the + `WasmPluginVersion` resource is immutable, if a `WasmPluginVersion` + resource with the same name already exists and differs, the request + fails. Note: In a `GET` request, this field is populated only if the + field `GetWasmPluginRequest.view` is set to `WASM_PLUGIN_VIEW_FULL`. + description: + description: Optional. A human-readable description of the resource. type: string - type: + id: WasmPlugin + description: >- + `WasmPlugin` is a resource representing a service executing a + customer-provided Wasm module. + EndpointMatcherMetadataLabelMatcher: + properties: + metadataLabels: description: >- - Immutable. The type of the customer managed gateway. This field is - required. If unspecified, an error is returned. + The list of label value pairs that must match labels in the provided + metadata based on filterMatchCriteria This list can have at most 64 + entries. The list can be empty if the match criteria is MATCH_ANY, + to specify a wildcard match (i.e this matches any client). + type: array + items: + $ref: >- + #/components/schemas/EndpointMatcherMetadataLabelMatcherMetadataLabels + metadataLabelMatchCriteria: type: string + enum: + - METADATA_LABEL_MATCH_CRITERIA_UNSPECIFIED + - MATCH_ANY + - MATCH_ALL + description: >- + Specifies how matching should be done. Supported values are: + MATCH_ANY: At least one of the Labels specified in the matcher + should match the metadata presented by xDS client. MATCH_ALL: The + metadata presented by the xDS client should contain all of the + labels specified here. The selection is determined based on the best + match. For example, suppose there are three EndpointPolicy resources + P1, P2 and P3 and if P1 has a the matcher as MATCH_ANY , P2 has + MATCH_ALL , and P3 has MATCH_ALL . If a client with label connects, + the config from P1 will be selected. If a client with label + connects, the config from P2 will be selected. If a client with + label connects, the config from P3 will be selected. If there is + more than one best match, (for example, if a config P4 with selector + exists and if a client with label connects), pick up the one with + older creation time. enumDescriptions: - - The type of the customer managed gateway is unspecified. + - Default value. Should not be used. - >- - The type of the customer managed gateway is TrafficDirector Open - Mesh. + At least one of the Labels specified in the matcher should match + the metadata presented by xDS client. - >- - The type of the customer managed gateway is SecureWebGateway - (SWG). - enum: - - TYPE_UNSPECIFIED - - OPEN_MESH - - SECURE_WEB_GATEWAY - addresses: + The metadata presented by the xDS client should contain all of the + labels specified here. + description: The matcher that is based on node metadata presented by xDS clients. + type: object + id: EndpointMatcherMetadataLabelMatcher + HttpRouteRouteMatch: + type: object + description: >- + RouteMatch defines specifications used to match requests. If multiple + match types are set, this RouteMatch will match if ALL type of matches + are matched. + id: HttpRouteRouteMatch + properties: + prefixMatch: + type: string description: >- - Optional. Zero or one IPv4 or IPv6 address on which the Gateway will - receive the traffic. When no address is provided, an IP from the - subnetwork is allocated This field only applies to gateways of type - 'SECURE_WEB_GATEWAY'. Gateways of type 'OPEN_MESH' listen on 0.0.0.0 - for IPv4 and :: for IPv6. - type: array - items: - type: string - ports: + The HTTP request path value must begin with specified prefix_match. + prefix_match must begin with a /. Only one of full_path_match, + prefix_match, or regex_match should be used. + fullPathMatch: + type: string description: >- - Required. One or more port numbers (1-65535), on which the Gateway - will receive traffic. The proxy binds to the specified ports. - Gateways of type 'SECURE_WEB_GATEWAY' are limited to 5 ports. - Gateways of type 'OPEN_MESH' listen on 0.0.0.0 for IPv4 and :: for - IPv6 and support multiple ports. + The HTTP request path value should exactly match this value. Only + one of full_path_match, prefix_match, or regex_match should be used. + queryParameters: + description: >- + Specifies a list of query parameters to match against. ALL of the + query parameters must be matched. type: array items: - type: integer - format: int32 - scope: + $ref: '#/components/schemas/HttpRouteQueryParameterMatch' + regexMatch: description: >- - Optional. Scope determines how configuration across multiple Gateway - instances are merged. The configuration for multiple Gateway - instances with the same scope will be merged as presented as a - single configuration to the proxy/load balancer. Max length 64 - characters. Scope should start with a letter and can only have - letters, numbers, hyphens. + The HTTP request path value must satisfy the regular expression + specified by regex_match after removing any query parameters and + anchor supplied with the original URL. For regular expression + grammar, please see https://github.com/google/re2/wiki/Syntax Only + one of full_path_match, prefix_match, or regex_match should be used. type: string - serverTlsPolicy: + ignoreCase: + type: boolean description: >- - Optional. A fully-qualified ServerTLSPolicy URL reference. Specifies - how TLS traffic is terminated. If empty, TLS termination is - disabled. - type: string - certificateUrls: + Specifies if prefix_match and full_path_match matches are case + sensitive. The default value is false. + headers: + type: array description: >- - Optional. A fully-qualified Certificates URL reference. The proxy - presents a Certificate (selected based on SNI) when establishing a - TLS connection. This feature only applies to gateways of type - 'SECURE_WEB_GATEWAY'. + Specifies a list of HTTP request headers to match against. ALL of + the supplied headers must be matched. + items: + $ref: '#/components/schemas/HttpRouteHeaderMatch' + HttpRouteCorsPolicy: + properties: + allowCredentials: + description: >- + In response to a preflight request, setting this to true indicates + that the actual request can include user credentials. This + translates to the Access-Control-Allow-Credentials header. Default + value is false. + type: boolean + disabled: + description: >- + If true, the CORS policy is disabled. The default value is false, + which indicates that the CORS policy is in effect. + type: boolean + allowHeaders: + items: + type: string + type: array + description: Specifies the content for Access-Control-Allow-Headers header. + allowMethods: + items: + type: string + description: Specifies the content for Access-Control-Allow-Methods header. + type: array + exposeHeaders: + type: array + description: Specifies the content for Access-Control-Expose-Headers header. + items: + type: string + allowOriginRegexes: type: array items: type: string - gatewaySecurityPolicy: - description: >- - Optional. A fully-qualified GatewaySecurityPolicy URL reference. - Defines how a server should apply security policy to inbound (VM to - Proxy) initiated connections. For example: - `projects/*/locations/*/gatewaySecurityPolicies/swg-policy`. This - policy is specific to gateways of type 'SECURE_WEB_GATEWAY'. - type: string - network: description: >- - Optional. The relative resource name identifying the VPC network - that is using this configuration. For example: - `projects/*/global/networks/network-1`. Currently, this field is - specific to gateways of type 'SECURE_WEB_GATEWAY'. - type: string - subnetwork: + Specifies the regular expression patterns that match allowed + origins. For regular expression grammar, please see + https://github.com/google/re2/wiki/Syntax. + maxAge: description: >- - Optional. The relative resource name identifying the subnetwork in - which this SWG is allocated. For example: - `projects/*/regions/us-central1/subnetworks/network-1` Currently, - this field is specific to gateways of type 'SECURE_WEB_GATEWAY". + Specifies how long result of a preflight request can be cached in + seconds. This translates to the Access-Control-Max-Age header. type: string - ipVersion: + allowOrigins: + type: array description: >- - Optional. The IP Version that will be used by this gateway. Valid - options are IPV4 or IPV6. Default is IPV4. - type: string - enumDescriptions: - - The type when IP version is not specified. Defaults to IPV4. - - The type for IP version 4. - - The type for IP version 6. - enum: - - IP_VERSION_UNSPECIFIED - - IPV4 - - IPV6 - envoyHeaders: - description: >- - Optional. Determines if envoy will insert internal debug headers - into upstream requests. Other Envoy headers may still be injected. - By default, envoy will not insert any debug headers. - type: string - enumDescriptions: - - Defaults to NONE. - - Suppress envoy debug headers. - - >- - Envoy will insert default internal debug headers into upstream - requests: x-envoy-attempt-count x-envoy-is-timeout-retry - x-envoy-expected-rq-timeout-ms x-envoy-original-path - x-envoy-upstream-stream-duration-ms - enum: - - ENVOY_HEADERS_UNSPECIFIED - - NONE - - DEBUG_HEADERS - routingMode: - description: >- - Optional. The routing mode of the Gateway. This field is - configurable only for gateways of type SECURE_WEB_GATEWAY. This - field is required for gateways of type SECURE_WEB_GATEWAY. - type: string - enumDescriptions: - - >- - The routing mode is explicit; clients are configured to send - traffic through the gateway. This is the default routing mode. - - >- - The routing mode is next-hop. Clients are unaware of the gateway, - and a route (advanced route or other route type) can be configured - to direct traffic from client to gateway. The gateway then acts as - a next-hop to the destination. - enum: - - EXPLICIT_ROUTING_MODE - - NEXT_HOP_ROUTING_MODE - ListGrpcRoutesResponse: - id: ListGrpcRoutesResponse - description: Response returned by the ListGrpcRoutes method. + Specifies the list of origins that will be allowed to do CORS + requests. An origin is allowed if it matches either an item in + allow_origins or an item in allow_origin_regexes. + items: + type: string + description: The Specification for allowing client side cross-origin requests. type: object + id: HttpRouteCorsPolicy + ListEndpointPoliciesResponse: + id: ListEndpointPoliciesResponse + type: object + description: Response returned by the ListEndpointPolicies method. properties: - grpcRoutes: - description: List of GrpcRoute resources. + endpointPolicies: type: array items: - $ref: '#/components/schemas/GrpcRoute' + $ref: '#/components/schemas/EndpointPolicy' + description: List of EndpointPolicy resources. + unreachable: + type: array + description: >- + Unreachable resources. Populated when the request opts into + return_partial_success and reading across collections e.g. when + attempting to list all resources across all supported locations. + items: + type: string nextPageToken: description: >- If there might be more results than those appearing in this @@ -1461,266 +1768,185 @@ components: results, call this method again using the value of `next_page_token` as `page_token`. type: string + ListTcpRoutesResponse: + type: object + properties: unreachable: + items: + type: string description: >- Unreachable resources. Populated when the request opts into return_partial_success and reading across collections e.g. when attempting to list all resources across all supported locations. type: array + tcpRoutes: + description: List of TcpRoute resources. items: + $ref: '#/components/schemas/TcpRoute' + type: array + nextPageToken: + type: string + description: >- + If there might be more results than those appearing in this + response, then `next_page_token` is included. To get the next set of + results, call this method again using the value of `next_page_token` + as `page_token`. + description: Response returned by the ListTcpRoutes method. + id: ListTcpRoutesResponse + Location: + type: object + description: A resource that represents a Google Cloud location. + id: Location + properties: + labels: + type: object + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + additionalProperties: type: string - GrpcRoute: - id: GrpcRoute + metadata: + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + type: string + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + TcpRouteRouteMatch: description: >- - GrpcRoute is the resource defining how gRPC traffic routed by a Mesh or - Gateway resource is routed. + RouteMatch defines the predicate used to match requests to a given + action. Multiple match types are "OR"ed for evaluation. If no routeMatch + field is specified, this rule will unconditionally match traffic. + properties: + port: + type: string + description: Required. Specifies the destination port to match against. + address: + description: >- + Required. Must be specified in the CIDR range format. A CIDR range + consists of an IP Address and a prefix length to construct the + subnet mask. By default, the prefix length is 32 (i.e. matches a + single IP address). Only IPV4 addresses are supported. Examples: + "10.0.0.1" - matches against this exact IP address. "10.0.0.0/8" - + matches against any IP address within the 10.0.0.0 subnet and + 255.255.255.0 mask. "0.0.0.0/0" - matches against any IP address'. + type: string type: object + id: TcpRouteRouteMatch + TlsRoute: + description: >- + TlsRoute defines how traffic should be routed based on SNI and other + matching L3 attributes. properties: name: description: >- - Identifier. Name of the GrpcRoute resource. It matches pattern - `projects/*/locations/global/grpcRoutes/` - type: string - selfLink: - description: Output only. Server-defined URL of this resource - readOnly: true + Identifier. Name of the TlsRoute resource. It matches pattern + `projects/*/locations/*/tlsRoutes/tls_route_name>`. type: string createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the resource was updated. readOnly: true - type: string format: google-datetime + description: Output only. The timestamp when the resource was created. labels: - description: Optional. Set of label tags associated with the GrpcRoute resource. - type: object additionalProperties: type: string + type: object + description: Optional. Set of label tags associated with the TlsRoute resource. + gateways: + items: + type: string + description: >- + Optional. Gateways defines a list of gateways this TlsRoute is + attached to, as one of the routing rules to route the requests + served by the gateway. Each gateway reference should match the + pattern: `projects/*/locations/*/gateways/` + type: array description: description: >- Optional. A free-text description of the resource. Max length 1024 characters. type: string - hostnames: - description: >- - Required. Service hostnames with an optional port for which this - route describes traffic. Format: [:] Hostname is the fully qualified - domain name of a network host. This matches the RFC 1123 definition - of a hostname with 2 notable exceptions: - IPs are not allowed. - A - hostname may be prefixed with a wildcard label (`*.`). The wildcard - label must appear by itself as the first label. Hostname can be - "precise" which is a domain name without the terminating dot of a - network host (e.g. `foo.example.com`) or "wildcard", which is a - domain name prefixed with a single wildcard label (e.g. - `*.example.com`). Note that as per RFC1035 and RFC1123, a label must - consist of lower case alphanumeric characters or '-', and must start - and end with an alphanumeric character. No other punctuation is - allowed. The routes associated with a Mesh or Gateway must have - unique hostnames. If you attempt to attach multiple routes with - conflicting hostnames, the configuration will be rejected. For - example, while it is acceptable for routes for the hostnames - `*.foo.bar.com` and `*.bar.com` to be associated with the same - route, it is not possible to associate two routes both with - `*.bar.com` or both with `bar.com`. If a port is specified, then - gRPC clients must use the channel URI with the port to match this - rule (i.e. "xds:///service:123"), otherwise they must supply the URI - without a port (i.e. "xds:///service"). - type: array - items: - type: string + updateTime: + description: Output only. The timestamp when the resource was updated. + readOnly: true + format: google-datetime + type: string + selfLink: + readOnly: true + type: string + description: Output only. Server-defined URL of this resource meshes: description: >- - Optional. Meshes defines a list of meshes this GrpcRoute is attached + Optional. Meshes defines a list of meshes this TlsRoute is attached to, as one of the routing rules to route the requests served by the mesh. Each mesh reference should match the pattern: - `projects/*/locations/global/meshes/` - type: array + `projects/*/locations/*/meshes/` The attached Mesh should be of a + type SIDECAR items: type: string - gateways: - description: >- - Optional. Gateways defines a list of gateways this GrpcRoute is - attached to, as one of the routing rules to route the requests - served by the gateway. Each gateway reference should match the - pattern: `projects/*/locations/global/gateways/` type: array - items: - type: string rules: - description: >- - Required. A list of detailed rules defining how to route traffic. - Within a single GrpcRoute, the GrpcRoute.RouteAction associated with - the first matching GrpcRoute.RouteRule will be executed. At least - one rule must be supplied. - type: array items: - $ref: '#/components/schemas/GrpcRouteRouteRule' - GrpcRouteRouteRule: - id: GrpcRouteRouteRule - description: Describes how to route traffic. - type: object - properties: - matches: + $ref: '#/components/schemas/TlsRouteRouteRule' description: >- - Optional. Matches define conditions used for matching the rule - against incoming gRPC requests. Each match is independent, i.e. this - rule will be matched if ANY one of the matches is satisfied. If no - matches field is specified, this rule will unconditionally match - traffic. + Required. Rules that define how traffic is routed and handled. At + least one RouteRule must be supplied. If there are multiple rules + then the action taken will be the first rule to match. type: array - items: - $ref: '#/components/schemas/GrpcRouteRouteMatch' - action: - description: >- - Required. A detailed rule defining how to route traffic. This field - is required. - $ref: '#/components/schemas/GrpcRouteRouteAction' - GrpcRouteRouteMatch: - id: GrpcRouteRouteMatch - description: >- - Criteria for matching traffic. A RouteMatch will be considered to match - when all supplied fields match. + type: object + id: TlsRoute + TlsRouteRouteDestination: type: object properties: - method: + weight: + format: int32 description: >- - Optional. A gRPC method to match against. If this field is empty or - omitted, will match all methods. - $ref: '#/components/schemas/GrpcRouteMethodMatch' - headers: - description: Optional. Specifies a collection of headers to match. - type: array - items: - $ref: '#/components/schemas/GrpcRouteHeaderMatch' - GrpcRouteMethodMatch: - id: GrpcRouteMethodMatch - description: Specifies a match against a method. - type: object - properties: - type: - description: >- - Optional. Specifies how to match against the name. If not specified, - a default value of "EXACT" is used. - type: string - enumDescriptions: - - Unspecified. - - Will only match the exact name provided. - - >- - Will interpret grpc_method and grpc_service as regexes. RE2 syntax - is supported. - enum: - - TYPE_UNSPECIFIED - - EXACT - - REGULAR_EXPRESSION - grpcService: - description: >- - Required. Name of the service to match against. If unspecified, will - match all services. - type: string - grpcMethod: - description: >- - Required. Name of the method to match against. If unspecified, will - match all methods. - type: string - caseSensitive: - description: >- - Optional. Specifies that matches are case sensitive. The default - value is true. case_sensitive must not be used with a type of - REGULAR_EXPRESSION. - type: boolean - GrpcRouteHeaderMatch: - id: GrpcRouteHeaderMatch - description: A match against a collection of headers. - type: object - properties: - type: - description: >- - Optional. Specifies how to match against the value of the header. If - not specified, a default value of EXACT is used. - type: string - enumDescriptions: - - Unspecified. - - Will only match the exact value provided. - - >- - Will match paths conforming to the prefix specified by value. RE2 - syntax is supported. - enum: - - TYPE_UNSPECIFIED - - EXACT - - REGULAR_EXPRESSION - key: - description: Required. The key of the header. - type: string - value: - description: Required. The value of the header. + Optional. Specifies the proportion of requests forwarded to the + backend referenced by the service_name field. This is computed as: - + weight/Sum(weights in destinations) Weights in all destinations does + not need to sum up to 100. + type: integer + serviceName: + description: Required. The URL of a BackendService to route traffic to. type: string - GrpcRouteRouteAction: - id: GrpcRouteRouteAction - description: Specifies how to route matched traffic. + id: TlsRouteRouteDestination + description: Describe the destination for traffic to be routed to. + HttpRouteDestination: + id: HttpRouteDestination type: object properties: - destinations: - description: >- - Optional. The destination services to which traffic should be - forwarded. If multiple destinations are specified, traffic will be - split between Backend Service(s) according to the weight field of - these destinations. - type: array - items: - $ref: '#/components/schemas/GrpcRouteDestination' - faultInjectionPolicy: - description: >- - Optional. The specification for fault injection introduced into - traffic to test the resiliency of clients to destination service - failure. As part of fault injection, when clients send requests to a - destination, delays can be introduced on a percentage of requests - before sending those requests to the destination service. Similarly - requests from clients can be aborted by for a percentage of - requests. timeout and retry_policy will be ignored by clients that - are configured with a fault_injection_policy - $ref: '#/components/schemas/GrpcRouteFaultInjectionPolicy' - timeout: - description: >- - Optional. Specifies the timeout for selected route. Timeout is - computed from the time the request has been fully processed (i.e. - end of stream) up until the response has been completely processed. - Timeout includes all retries. - type: string - format: google-duration - retryPolicy: - description: Optional. Specifies the retry policy associated with this route. - $ref: '#/components/schemas/GrpcRouteRetryPolicy' - statefulSessionAffinity: - description: Optional. Specifies cookie-based stateful session affinity. - $ref: '#/components/schemas/GrpcRouteStatefulSessionAffinityPolicy' - idleTimeout: + responseHeaderModifier: description: >- - Optional. Specifies the idle timeout for the selected route. The - idle timeout is defined as the period in which there are no bytes - sent or received on either the upstream or downstream connection. If - not set, the default idle timeout is 1 hour. If set to 0s, the - timeout will be disabled. - type: string - format: google-duration - GrpcRouteDestination: - id: GrpcRouteDestination - description: The destination to which traffic will be routed. - type: object - properties: + Optional. The specification for modifying the headers of a response + prior to sending the response back to the client. If HeaderModifiers + are set on both the Destination and the RouteAction, they will be + merged. Conflicts between the two will not be resolved on the + configuration. + $ref: '#/components/schemas/HttpRouteHeaderModifier' serviceName: - description: >- - Required. The URL of a destination service to which to route - traffic. Must refer to either a BackendService or - ServiceDirectoryService. + description: The URL of a BackendService to route traffic to. type: string weight: + format: int32 description: >- - Optional. Specifies the proportion of requests forwarded to the - backend referenced by the serviceName field. This is computed as: - + Specifies the proportion of requests forwarded to the backend + referenced by the serviceName field. This is computed as: - weight/Sum(weights in this destination list). For non-zero values, there may be some epsilon from the exact proportion defined here depending on the precision an implementation supports. If only one @@ -1730,91 +1956,154 @@ components: If weights are unspecified for all services, then, traffic is distributed in equal proportions to all of them. type: integer - format: int32 - GrpcRouteFaultInjectionPolicy: - id: GrpcRouteFaultInjectionPolicy + requestHeaderModifier: + $ref: '#/components/schemas/HttpRouteHeaderModifier' + description: >- + Optional. The specification for modifying the headers of a matching + request prior to delivery of the request to the destination. If + HeaderModifiers are set on both the Destination and the RouteAction, + they will be merged. Conflicts between the two will not be resolved + on the configuration. description: >- - The specification for fault injection introduced into traffic to test - the resiliency of clients to destination service failure. As part of - fault injection, when clients send requests to a destination, delays can - be introduced on a percentage of requests before sending those requests - to the destination service. Similarly requests from clients can be - aborted by for a percentage of requests. - type: object + Specifications of a destination to which the request should be routed + to. + ListGrpcRoutesResponse: + id: ListGrpcRoutesResponse + description: Response returned by the ListGrpcRoutes method. properties: - delay: - description: The specification for injecting delay to client requests. - $ref: '#/components/schemas/GrpcRouteFaultInjectionPolicyDelay' - abort: - description: The specification for aborting to client requests. - $ref: '#/components/schemas/GrpcRouteFaultInjectionPolicyAbort' - GrpcRouteFaultInjectionPolicyDelay: - id: GrpcRouteFaultInjectionPolicyDelay - description: >- - Specification of how client requests are delayed as part of fault - injection before being sent to a destination. + unreachable: + items: + type: string + type: array + description: >- + Unreachable resources. Populated when the request opts into + return_partial_success and reading across collections e.g. when + attempting to list all resources across all supported locations. + grpcRoutes: + type: array + description: List of GrpcRoute resources. + items: + $ref: '#/components/schemas/GrpcRoute' + nextPageToken: + description: >- + If there might be more results than those appearing in this + response, then `next_page_token` is included. To get the next set of + results, call this method again using the value of `next_page_token` + as `page_token`. + type: string type: object + HttpRouteFaultInjectionPolicyDelay: properties: fixedDelay: - description: Specify a fixed delay before forwarding the request. type: string + description: Specify a fixed delay before forwarding the request. format: google-duration percentage: + type: integer description: >- The percentage of traffic on which delay will be injected. The value must be between [0, 100] - type: integer format: int32 - GrpcRouteFaultInjectionPolicyAbort: - id: GrpcRouteFaultInjectionPolicyAbort + type: object description: >- - Specification of how client requests are aborted as part of fault + Specification of how client requests are delayed as part of fault injection before being sent to a destination. - type: object + id: HttpRouteFaultInjectionPolicyDelay + LbTrafficExtension: properties: - httpStatus: + createTime: + type: string + format: google-datetime + readOnly: true + description: Output only. The timestamp when the resource was created. + description: + description: Optional. A human-readable description of the resource. + type: string + labels: description: >- - The HTTP status code used to abort the request. The value must be - between 200 and 599 inclusive. - type: integer - format: int32 - percentage: + Optional. Set of labels associated with the `LbTrafficExtension` + resource. The format must comply with [the requirements for + labels](https://cloud.google.com/compute/docs/labeling-resources#requirements) + for Google Cloud resources. + additionalProperties: + type: string + type: object + name: description: >- - The percentage of traffic which will be aborted. The value must be - between [0, 100] - type: integer - format: int32 - GrpcRouteRetryPolicy: - id: GrpcRouteRetryPolicy - description: >- - The specifications for retries. Specifies one or more conditions for - which this retry rule applies. Valid values are: - type: object - properties: - retryConditions: + Required. Identifier. Name of the `LbTrafficExtension` resource in + the following format: + `projects/{project}/locations/{location}/lbTrafficExtensions/{lb_traffic_extension}`. + type: string + forwardingRules: description: >- - - connect-failure: Router will retry on failures connecting to - Backend Services, for example due to connection timeouts. - - refused-stream: Router will retry if the backend service resets the - stream with a REFUSED_STREAM error code. This reset type indicates - that it is safe to retry. - cancelled: Router will retry if the gRPC - status code in the response header is set to cancelled - - deadline-exceeded: Router will retry if the gRPC status code in the - response header is set to deadline-exceeded - resource-exhausted: - Router will retry if the gRPC status code in the response header is - set to resource-exhausted - unavailable: Router will retry if the - gRPC status code in the response header is set to unavailable + Optional. A list of references to the forwarding rules to which this + service extension is attached. At least one forwarding rule is + required. Only one `LbTrafficExtension` resource can be associated + with a forwarding rule. type: array items: type: string - numRetries: + metadata: description: >- - Specifies the allowed number of retries. This number must be > 0. If - not specified, default to 1. - type: integer - format: uint32 - GrpcRouteStatefulSessionAffinityPolicy: - id: GrpcRouteStatefulSessionAffinityPolicy + Optional. The metadata provided here is included as part of the + `metadata_context` (of type `google.protobuf.Struct`) in the + `ProcessingRequest` message sent to the extension server. The + metadata applies to all extensions in all extensions chains in this + resource. The metadata is available under the key + `com.google.lb_traffic_extension.`. The following variables are + supported in the metadata: `{forwarding_rule_id}` - substituted with + the forwarding rule's fully qualified resource name. This field must + not be set if at least one of the extension chains contains plugin + extensions. Setting it results in a validation error. You can set + metadata at either the resource level or the extension level. The + extension level metadata is recommended because you can pass a + different set of metadata through each extension to the backend. + type: object + additionalProperties: + description: Properties of the object. + type: any + loadBalancingScheme: + type: string + enumDescriptions: + - Default value. Do not use. + - Signifies that this is used for Internal HTTP(S) Load Balancing. + - >- + Signifies that this is used for External Managed HTTP(S) Load + Balancing. + enum: + - LOAD_BALANCING_SCHEME_UNSPECIFIED + - INTERNAL_MANAGED + - EXTERNAL_MANAGED + description: >- + Required. All backend services and forwarding rules referenced by + this extension must share the same load balancing scheme. Supported + values: `INTERNAL_MANAGED` and `EXTERNAL_MANAGED`. For more + information, refer to [Backend services + overview](https://cloud.google.com/load-balancing/docs/backend-service). + updateTime: + description: Output only. The timestamp when the resource was updated. + readOnly: true + format: google-datetime + type: string + extensionChains: + items: + $ref: '#/components/schemas/ExtensionChain' + description: >- + Required. A set of ordered extension chains that contain the match + conditions and extensions to execute. Match conditions for each + extension chain are evaluated in sequence for a given request. The + first extension chain that has a condition that matches the request + is executed. Any subsequent extension chains do not execute. Limited + to 5 extension chains per resource. + type: array + type: object + description: >- + `LbTrafficExtension` is a resource that lets the extension service + modify the headers and payloads of both requests and responses without + impacting the choice of backend services or any other security policies + associated with the backend service. + id: LbTrafficExtension + HttpRouteStatefulSessionAffinityPolicy: description: >- The specification for cookie-based stateful session affinity where the date plane supplies a “session cookie” with the name "GSSA" which @@ -1824,73 +2113,88 @@ components: will manage the session cookie but the client application code is responsible for copying the cookie from each RPC in the session to the next. - type: object + id: HttpRouteStatefulSessionAffinityPolicy properties: cookieTtl: + type: string + format: google-duration description: >- Required. The cookie TTL value for the Set-Cookie header generated by the data plane. The lifetime of the cookie may be set to a value from 0 to 86400 seconds (24 hours) inclusive. Set this to 0s to use a session cookie and disable cookie expiration. - type: string - format: google-duration - ListHttpRoutesResponse: - id: ListHttpRoutesResponse - description: Response returned by the ListHttpRoutes method. type: object + TrafficPortSelector: + type: object + description: Specification of a port-based selector. + id: TrafficPortSelector properties: - httpRoutes: - description: List of HttpRoute resources. - type: array - items: - $ref: '#/components/schemas/HttpRoute' - nextPageToken: - description: >- - If there might be more results than those appearing in this - response, then `next_page_token` is included. To get the next set of - results, call this method again using the value of `next_page_token` - as `page_token`. - type: string - unreachable: + ports: description: >- - Unreachable resources. Populated when the request opts into - return_partial_success and reading across collections e.g. when - attempting to list all resources across all supported locations. + Optional. A list of ports. Can be port numbers or port range + (example, [80-90] specifies all ports from 80 to 90, including 80 + and 90) or named ports or * to specify all ports. If the list is + empty, all ports are selected. + items: + type: string + type: array + AuditLogConfig: + properties: + exemptedMembers: type: array items: type: string - HttpRoute: - id: HttpRoute + description: >- + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + logType: + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + description: The log type that this config enables. + type: string + type: object + id: AuditLogConfig description: >- - HttpRoute is the resource defining how HTTP traffic should be routed by - a Mesh or Gateway resource. + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + ServiceLbPolicyAutoCapacityDrain: + id: ServiceLbPolicyAutoCapacityDrain type: object + description: >- + Option to specify if an unhealthy IG/NEG should be considered for global + load balancing and traffic routing. properties: - name: - description: >- - Identifier. Name of the HttpRoute resource. It matches pattern - `projects/*/locations/global/httpRoutes/http_route_name>`. - type: string - selfLink: - description: Output only. Server-defined URL of this resource - readOnly: true - type: string - description: + enable: + type: boolean description: >- - Optional. A free-text description of the resource. Max length 1024 - characters. - type: string + Optional. If set to 'True', an unhealthy IG/NEG will be set as + drained. - An IG/NEG is considered unhealthy if less than 25% of the + instances/endpoints in the IG/NEG are healthy. - This option will + never result in draining more than 50% of the configured IGs/NEGs + for the Backend Service. + HttpRoute: + id: HttpRoute + properties: createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true - type: string format: google-datetime - updateTime: - description: Output only. The timestamp when the resource was updated. readOnly: true type: string - format: google-datetime + description: Output only. The timestamp when the resource was created. hostnames: + items: + type: string + type: array description: >- Required. Hostnames define a set of hosts that should match against the HTTP host header to select a HttpRoute to process the request. @@ -1911,16 +2215,23 @@ components: `*.foo.bar.com` and `*.bar.com` to be associated with the same Mesh (or Gateways under the same scope), it is not possible to associate two routes both with `*.bar.com` or both with `bar.com`. - type: array - items: - type: string + description: + type: string + description: >- + Optional. A free-text description of the resource. Max length 1024 + characters. + name: + description: >- + Identifier. Name of the HttpRoute resource. It matches pattern + `projects/*/locations/*/httpRoutes/http_route_name>`. + type: string meshes: description: >- Optional. Meshes defines a list of meshes this HttpRoute is attached to, as one of the routing rules to route the requests served by the mesh. Each mesh reference should match the pattern: - `projects/*/locations/global/meshes/` The attached Mesh should be of - a type SIDECAR + `projects/*/locations/*/meshes/` The attached Mesh should be of a + type SIDECAR type: array items: type: string @@ -1929,1135 +2240,1166 @@ components: Optional. Gateways defines a list of gateways this HttpRoute is attached to, as one of the routing rules to route the requests served by the gateway. Each gateway reference should match the - pattern: `projects/*/locations/global/gateways/` + pattern: `projects/*/locations/*/gateways/` type: array items: type: string - labels: - description: Optional. Set of label tags associated with the HttpRoute resource. - type: object - additionalProperties: - type: string + selfLink: + description: Output only. Server-defined URL of this resource + type: string + readOnly: true rules: description: >- Required. Rules that define how traffic is routed and handled. Rules will be matched sequentially based on the RouteMatch specified for the rule. - type: array items: $ref: '#/components/schemas/HttpRouteRouteRule' - HttpRouteRouteRule: - id: HttpRouteRouteRule - description: >- - Specifies how to match traffic and how to route traffic when traffic is - matched. - type: object - properties: - matches: - description: >- - A list of matches define conditions used for matching the rule - against incoming HTTP requests. Each match is independent, i.e. this - rule will be matched if ANY one of the matches is satisfied. If no - matches field is specified, this rule will unconditionally match - traffic. If a default rule is desired to be configured, add a rule - with no matches specified to the end of the rules list. type: array - items: - $ref: '#/components/schemas/HttpRouteRouteMatch' - action: - description: The detailed rule defining how to route matched traffic. - $ref: '#/components/schemas/HttpRouteRouteAction' - HttpRouteRouteMatch: - id: HttpRouteRouteMatch + updateTime: + readOnly: true + type: string + format: google-datetime + description: Output only. The timestamp when the resource was updated. + labels: + description: Optional. Set of label tags associated with the HttpRoute resource. + additionalProperties: + type: string + type: object + type: object description: >- - RouteMatch defines specifications used to match requests. If multiple - match types are set, this RouteMatch will match if ALL type of matches - are matched. + HttpRoute is the resource defining how HTTP traffic should be routed by + a Mesh or Gateway resource. + GrpcRouteFaultInjectionPolicyDelay: + description: >- + Specification of how client requests are delayed as part of fault + injection before being sent to a destination. type: object + id: GrpcRouteFaultInjectionPolicyDelay properties: - fullPathMatch: + percentage: + type: integer + format: int32 description: >- - The HTTP request path value should exactly match this value. Only - one of full_path_match, prefix_match, or regex_match should be used. - type: string - prefixMatch: - description: >- - The HTTP request path value must begin with specified prefix_match. - prefix_match must begin with a /. Only one of full_path_match, - prefix_match, or regex_match should be used. - type: string - regexMatch: - description: >- - The HTTP request path value must satisfy the regular expression - specified by regex_match after removing any query parameters and - anchor supplied with the original URL. For regular expression - grammar, please see https://github.com/google/re2/wiki/Syntax Only - one of full_path_match, prefix_match, or regex_match should be used. - type: string - ignoreCase: - description: >- - Specifies if prefix_match and full_path_match matches are case - sensitive. The default value is false. - type: boolean - headers: - description: >- - Specifies a list of HTTP request headers to match against. ALL of - the supplied headers must be matched. - type: array - items: - $ref: '#/components/schemas/HttpRouteHeaderMatch' - queryParameters: - description: >- - Specifies a list of query parameters to match against. ALL of the - query parameters must be matched. - type: array - items: - $ref: '#/components/schemas/HttpRouteQueryParameterMatch' - HttpRouteHeaderMatch: - id: HttpRouteHeaderMatch - description: Specifies how to select a route rule based on HTTP request headers. - type: object - properties: - exactMatch: - description: >- - The value of the header should match exactly the content of - exact_match. - type: string - regexMatch: - description: >- - The value of the header must match the regular expression specified - in regex_match. For regular expression grammar, please see: - https://github.com/google/re2/wiki/Syntax - type: string - prefixMatch: - description: >- - The value of the header must start with the contents of - prefix_match. - type: string - presentMatch: - description: >- - A header with header_name must exist. The match takes place whether - or not the header has a value. - type: boolean - suffixMatch: - description: The value of the header must end with the contents of suffix_match. - type: string - rangeMatch: - description: >- - If specified, the rule will match if the request header value is - within the range. - $ref: '#/components/schemas/HttpRouteHeaderMatchIntegerRange' - header: - description: The name of the HTTP header to match against. + The percentage of traffic on which delay will be injected. The value + must be between [0, 100] + fixedDelay: + format: google-duration + description: Specify a fixed delay before forwarding the request. type: string - invertMatch: - description: >- - If specified, the match result will be inverted before checking. - Default value is set to false. - type: boolean - HttpRouteHeaderMatchIntegerRange: - id: HttpRouteHeaderMatchIntegerRange - description: Represents an integer value range. + GrpcRouteFaultInjectionPolicy: type: object + description: >- + The specification for fault injection introduced into traffic to test + the resiliency of clients to destination service failure. As part of + fault injection, when clients send requests to a destination, delays can + be introduced on a percentage of requests before sending those requests + to the destination service. Similarly requests from clients can be + aborted by for a percentage of requests. + id: GrpcRouteFaultInjectionPolicy properties: - start: - description: Start of the range (inclusive) - type: integer - format: int32 - end: - description: End of the range (exclusive) - type: integer - format: int32 - HttpRouteQueryParameterMatch: - id: HttpRouteQueryParameterMatch - description: Specifications to match a query parameter in the request. + abort: + description: The specification for aborting to client requests. + $ref: '#/components/schemas/GrpcRouteFaultInjectionPolicyAbort' + delay: + $ref: '#/components/schemas/GrpcRouteFaultInjectionPolicyDelay' + description: The specification for injecting delay to client requests. + GrpcRouteRouteAction: + id: GrpcRouteRouteAction type: object + description: Specifies how to route matched traffic. properties: - exactMatch: - description: >- - The value of the query parameter must exactly match the contents of - exact_match. Only one of exact_match, regex_match, or present_match - must be set. - type: string - regexMatch: + timeout: description: >- - The value of the query parameter must match the regular expression - specified by regex_match. For regular expression grammar, please see - https://github.com/google/re2/wiki/Syntax Only one of exact_match, - regex_match, or present_match must be set. + Optional. Specifies the timeout for selected route. Timeout is + computed from the time the request has been fully processed (i.e. + end of stream) up until the response has been completely processed. + Timeout includes all retries. + format: google-duration type: string - presentMatch: + faultInjectionPolicy: description: >- - Specifies that the QueryParameterMatcher matches if request contains - query parameter, irrespective of whether the parameter has a value - or not. Only one of exact_match, regex_match, or present_match must - be set. - type: boolean - queryParameter: - description: The name of the query parameter to match. - type: string - HttpRouteRouteAction: - id: HttpRouteRouteAction - description: The specifications for routing traffic and applying associated policies. - type: object - properties: + Optional. The specification for fault injection introduced into + traffic to test the resiliency of clients to destination service + failure. As part of fault injection, when clients send requests to a + destination, delays can be introduced on a percentage of requests + before sending those requests to the destination service. Similarly + requests from clients can be aborted by for a percentage of + requests. timeout and retry_policy will be ignored by clients that + are configured with a fault_injection_policy + $ref: '#/components/schemas/GrpcRouteFaultInjectionPolicy' + retryPolicy: + $ref: '#/components/schemas/GrpcRouteRetryPolicy' + description: Optional. Specifies the retry policy associated with this route. destinations: - description: The destination to which traffic should be forwarded. type: array items: - $ref: '#/components/schemas/HttpRouteDestination' - redirect: - description: If set, the request is directed as configured by this field. - $ref: '#/components/schemas/HttpRouteRedirect' - faultInjectionPolicy: - description: >- - The specification for fault injection introduced into traffic to - test the resiliency of clients to backend service failure. As part - of fault injection, when clients send requests to a backend service, - delays can be introduced on a percentage of requests before sending - those requests to the backend service. Similarly requests from - clients can be aborted for a percentage of requests. timeout and - retry_policy will be ignored by clients that are configured with a - fault_injection_policy - $ref: '#/components/schemas/HttpRouteFaultInjectionPolicy' - requestHeaderModifier: - description: >- - The specification for modifying the headers of a matching request - prior to delivery of the request to the destination. If - HeaderModifiers are set on both the Destination and the RouteAction, - they will be merged. Conflicts between the two will not be resolved - on the configuration. - $ref: '#/components/schemas/HttpRouteHeaderModifier' - responseHeaderModifier: - description: >- - The specification for modifying the headers of a response prior to - sending the response back to the client. If HeaderModifiers are set - on both the Destination and the RouteAction, they will be merged. - Conflicts between the two will not be resolved on the configuration. - $ref: '#/components/schemas/HttpRouteHeaderModifier' - urlRewrite: - description: >- - The specification for rewrite URL before forwarding requests to the - destination. - $ref: '#/components/schemas/HttpRouteURLRewrite' - timeout: - description: >- - Specifies the timeout for selected route. Timeout is computed from - the time the request has been fully processed (i.e. end of stream) - up until the response has been completely processed. Timeout - includes all retries. - type: string - format: google-duration - retryPolicy: - description: Specifies the retry policy associated with this route. - $ref: '#/components/schemas/HttpRouteRetryPolicy' - requestMirrorPolicy: - description: >- - Specifies the policy on how requests intended for the routes - destination are shadowed to a separate mirrored destination. Proxy - will not wait for the shadow destination to respond before returning - the response. Prior to sending traffic to the shadow service, the - host/authority header is suffixed with -shadow. - $ref: '#/components/schemas/HttpRouteRequestMirrorPolicy' - corsPolicy: - description: The specification for allowing client side cross-origin requests. - $ref: '#/components/schemas/HttpRouteCorsPolicy' - statefulSessionAffinity: - description: Optional. Specifies cookie-based stateful session affinity. - $ref: '#/components/schemas/HttpRouteStatefulSessionAffinityPolicy' - directResponse: + $ref: '#/components/schemas/GrpcRouteDestination' description: >- - Optional. Static HTTP Response object to be returned regardless of - the request. - $ref: '#/components/schemas/HttpRouteHttpDirectResponse' + Optional. The destination services to which traffic should be + forwarded. If multiple destinations are specified, traffic will be + split between Backend Service(s) according to the weight field of + these destinations. idleTimeout: + format: google-duration + type: string description: >- Optional. Specifies the idle timeout for the selected route. The idle timeout is defined as the period in which there are no bytes sent or received on either the upstream or downstream connection. If not set, the default idle timeout is 1 hour. If set to 0s, the timeout will be disabled. - type: string - format: google-duration - HttpRouteDestination: - id: HttpRouteDestination - description: >- - Specifications of a destination to which the request should be routed - to. + statefulSessionAffinity: + description: Optional. Specifies cookie-based stateful session affinity. + $ref: '#/components/schemas/GrpcRouteStatefulSessionAffinityPolicy' + ListHttpRoutesResponse: + id: ListHttpRoutesResponse type: object properties: - serviceName: - description: The URL of a BackendService to route traffic to. + nextPageToken: + description: >- + If there might be more results than those appearing in this + response, then `next_page_token` is included. To get the next set of + results, call this method again using the value of `next_page_token` + as `page_token`. type: string - weight: + httpRoutes: + description: List of HttpRoute resources. + type: array + items: + $ref: '#/components/schemas/HttpRoute' + unreachable: + type: array description: >- - Specifies the proportion of requests forwarded to the backend - referenced by the serviceName field. This is computed as: - - weight/Sum(weights in this destination list). For non-zero values, - there may be some epsilon from the exact proportion defined here - depending on the precision an implementation supports. If only one - serviceName is specified and it has a weight greater than 0, 100% of - the traffic is forwarded to that backend. If weights are specified - for any one service name, they need to be specified for all of them. - If weights are unspecified for all services, then, traffic is - distributed in equal proportions to all of them. - type: integer - format: int32 - requestHeaderModifier: + Unreachable resources. Populated when the request opts into + return_partial_success and reading across collections e.g. when + attempting to list all resources across all supported locations. + items: + type: string + description: Response returned by the ListHttpRoutes method. + ListWasmPluginVersionsResponse: + properties: + wasmPluginVersions: + description: List of `WasmPluginVersion` resources. + items: + $ref: '#/components/schemas/WasmPluginVersion' + type: array + unreachable: description: >- - Optional. The specification for modifying the headers of a matching - request prior to delivery of the request to the destination. If - HeaderModifiers are set on both the Destination and the RouteAction, - they will be merged. Conflicts between the two will not be resolved - on the configuration. - $ref: '#/components/schemas/HttpRouteHeaderModifier' - responseHeaderModifier: + Unreachable resources. Populated when the request attempts to list + all resources across all supported locations, while some locations + are temporarily unavailable. + items: + type: string + type: array + nextPageToken: + type: string description: >- - Optional. The specification for modifying the headers of a response - prior to sending the response back to the client. If HeaderModifiers - are set on both the Destination and the RouteAction, they will be - merged. Conflicts between the two will not be resolved on the - configuration. - $ref: '#/components/schemas/HttpRouteHeaderModifier' - HttpRouteHeaderModifier: - id: HttpRouteHeaderModifier - description: >- - The specification for modifying HTTP header in HTTP request and HTTP - response. + If there might be more results than those appearing in this + response, then `next_page_token` is included. To get the next set of + results, call this method again using the value of `next_page_token` + as `page_token`. + id: ListWasmPluginVersionsResponse + description: Response returned by the `ListWasmPluginVersions` method. + type: object + Binding: type: object + description: Associates `members`, or principals, with a `role`. + id: Binding properties: - set: + role: + type: string description: >- - Completely overwrite/replace the headers with given map where key is - the name of the header, value is the value of the header. - type: object - additionalProperties: - type: string - add: + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + members: description: >- - Add the headers with given map where key is the name of the header, - value is the value of the header. - type: object - additionalProperties: + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + items: type: string - remove: - description: Remove headers (matching by header names) specified in the list. type: array + condition: + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + ListLbEdgeExtensionsResponse: + id: ListLbEdgeExtensionsResponse + type: object + properties: + lbEdgeExtensions: + type: array + items: + $ref: '#/components/schemas/LbEdgeExtension' + description: The list of `LbEdgeExtension` resources. + nextPageToken: + type: string + description: A token identifying a page of results that the server returns. + unreachable: items: type: string - HttpRouteRedirect: - id: HttpRouteRedirect - description: The specification for redirecting traffic. + type: array + description: Locations that could not be reached. + description: Message for response to listing `LbEdgeExtension` resources. + HttpRouteURLRewrite: type: object + id: HttpRouteURLRewrite + description: >- + The specification for modifying the URL of the request, prior to + forwarding the request to the destination. properties: - hostRedirect: + hostRewrite: description: >- - The host that will be used in the redirect response instead of the - one that was supplied in the request. + Prior to forwarding the request to the selected destination, the + requests host header is replaced by this value. type: string - pathRedirect: + pathPrefixRewrite: description: >- - The path that will be used in the redirect response instead of the - one that was supplied in the request. path_redirect can not be - supplied together with prefix_redirect. Supply one alone or neither. - If neither is supplied, the path of the original request will be - used for the redirect. + Prior to forwarding the request to the selected destination, the + matching portion of the requests path is replaced by this value. type: string - prefixRewrite: + Expr: + type: object + id: Expr + properties: + description: description: >- - Indicates that during redirection, the matched prefix (or path) - should be swapped with this value. This option allows URLs be - dynamically created based on the request. + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. type: string - responseCode: - description: The HTTP Status code to use for the redirect. + expression: type: string - enumDescriptions: - - Default value - - Corresponds to 301. - - Corresponds to 302. - - Corresponds to 303. - - >- - Corresponds to 307. In this case, the request method will be - retained. - - >- - Corresponds to 308. In this case, the request method will be - retained. - enum: - - RESPONSE_CODE_UNSPECIFIED - - MOVED_PERMANENTLY_DEFAULT - - FOUND - - SEE_OTHER - - TEMPORARY_REDIRECT - - PERMANENT_REDIRECT - httpsRedirect: description: >- - If set to true, the URL scheme in the redirected request is set to - https. If set to false, the URL scheme of the redirected request - will remain the same as that of the request. The default is set to - false. - type: boolean - stripQuery: + Textual representation of an expression in Common Expression + Language syntax. + location: description: >- - if set to true, any accompanying query portion of the original URL - is removed prior to redirecting the request. If set to false, the - query portion of the original URL is retained. The default is set to - false. - type: boolean - portRedirect: + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: string + title: + type: string description: >- - The port that will be used in the redirected request instead of the - one that was supplied in the request. - type: integer - format: int32 - HttpRouteFaultInjectionPolicy: - id: HttpRouteFaultInjectionPolicy + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. description: >- - The specification for fault injection introduced into traffic to test - the resiliency of clients to destination service failure. As part of - fault injection, when clients send requests to a destination, delays can - be introduced by client proxy on a percentage of requests before sending - those requests to the destination service. Similarly requests can be - aborted by client proxy for a percentage of requests. - type: object - properties: - delay: - description: The specification for injecting delay to client requests. - $ref: '#/components/schemas/HttpRouteFaultInjectionPolicyDelay' - abort: - description: The specification for aborting to client requests. - $ref: '#/components/schemas/HttpRouteFaultInjectionPolicyAbort' - HttpRouteFaultInjectionPolicyDelay: - id: HttpRouteFaultInjectionPolicyDelay + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + GrpcRouteRouteMatch: description: >- - Specification of how client requests are delayed as part of fault - injection before being sent to a destination. + Criteria for matching traffic. A RouteMatch will be considered to match + when all supplied fields match. type: object + id: GrpcRouteRouteMatch properties: - fixedDelay: - description: Specify a fixed delay before forwarding the request. - type: string - format: google-duration - percentage: + headers: + type: array + items: + $ref: '#/components/schemas/GrpcRouteHeaderMatch' + description: Optional. Specifies a collection of headers to match. + method: description: >- - The percentage of traffic on which delay will be injected. The value - must be between [0, 100] - type: integer - format: int32 - HttpRouteFaultInjectionPolicyAbort: - id: HttpRouteFaultInjectionPolicyAbort + Optional. A gRPC method to match against. If this field is empty or + omitted, will match all methods. + $ref: '#/components/schemas/GrpcRouteMethodMatch' + HttpRouteHeaderModifier: + id: HttpRouteHeaderModifier description: >- - Specification of how client requests are aborted as part of fault - injection before being sent to a destination. + The specification for modifying HTTP header in HTTP request and HTTP + response. type: object properties: - httpStatus: + remove: + description: Remove headers (matching by header names) specified in the list. + items: + type: string + type: array + add: + additionalProperties: + type: string description: >- - The HTTP status code used to abort the request. The value must be - between 200 and 599 inclusive. - type: integer - format: int32 - percentage: + Add the headers with given map where key is the name of the header, + value is the value of the header. + type: object + set: + additionalProperties: + type: string description: >- - The percentage of traffic which will be aborted. The value must be - between [0, 100] - type: integer - format: int32 - HttpRouteURLRewrite: - id: HttpRouteURLRewrite - description: >- - The specification for modifying the URL of the request, prior to - forwarding the request to the destination. + Completely overwrite/replace the headers with given map where key is + the name of the header, value is the value of the header. + type: object + EndpointMatcher: type: object + id: EndpointMatcher properties: - pathPrefixRewrite: + metadataLabelMatcher: + description: The matcher is based on node metadata presented by xDS clients. + $ref: '#/components/schemas/EndpointMatcherMetadataLabelMatcher' + description: >- + A definition of a matcher that selects endpoints to which the policies + should be applied. + LbEdgeExtension: + description: >- + `LbEdgeExtension` is a resource that lets the extension service + influence the selection of backend services and Cloud CDN cache keys by + modifying request headers. + id: LbEdgeExtension + properties: + loadBalancingScheme: description: >- - Prior to forwarding the request to the selected destination, the - matching portion of the requests path is replaced by this value. + Required. All forwarding rules referenced by this extension must + share the same load balancing scheme. Supported values: + `EXTERNAL_MANAGED`. + enum: + - LOAD_BALANCING_SCHEME_UNSPECIFIED + - INTERNAL_MANAGED + - EXTERNAL_MANAGED type: string - hostRewrite: + enumDescriptions: + - Default value. Do not use. + - Signifies that this is used for Internal HTTP(S) Load Balancing. + - >- + Signifies that this is used for External Managed HTTP(S) Load + Balancing. + extensionChains: + type: array description: >- - Prior to forwarding the request to the selected destination, the - requests host header is replaced by this value. - type: string - HttpRouteRetryPolicy: - id: HttpRouteRetryPolicy - description: The specifications for retries. - type: object - properties: - retryConditions: + Required. A set of ordered extension chains that contain the match + conditions and extensions to execute. Match conditions for each + extension chain are evaluated in sequence for a given request. The + first extension chain that has a condition that matches the request + is executed. Any subsequent extension chains do not execute. Limited + to 5 extension chains per resource. + items: + $ref: '#/components/schemas/ExtensionChain' + labels: + type: object description: >- - Specifies one or more conditions when this retry policy applies. - Valid values are: 5xx: Proxy will attempt a retry if the destination - service responds with any 5xx response code, of if the destination - service does not respond at all, example: disconnect, reset, read - timeout, connection failure and refused streams. gateway-error: - Similar to 5xx, but only applies to response codes 502, 503, 504. - reset: Proxy will attempt a retry if the destination service does - not respond at all (disconnect/reset/read timeout) connect-failure: - Proxy will retry on failures connecting to destination for example - due to connection timeouts. retriable-4xx: Proxy will retry fro - retriable 4xx response codes. Currently the only retriable error - supported is 409. refused-stream: Proxy will retry if the - destination resets the stream with a REFUSED_STREAM error code. This - reset type indicates that it is safe to retry. + Optional. Set of labels associated with the `LbEdgeExtension` + resource. The format must comply with [the requirements for + labels](https://cloud.google.com/compute/docs/labeling-resources#requirements) + for Google Cloud resources. + additionalProperties: + type: string + updateTime: + description: Output only. The timestamp when the resource was updated. + format: google-datetime + type: string + readOnly: true + forwardingRules: type: array items: type: string - numRetries: description: >- - Specifies the allowed number of retries. This number must be > 0. If - not specified, default to 1. - type: integer - format: int32 - perTryTimeout: - description: Specifies a non-zero timeout per retry attempt. + Required. A list of references to the forwarding rules to which this + service extension is attached. At least one forwarding rule is + required. Only one `LbEdgeExtension` resource can be associated with + a forwarding rule. + createTime: + description: Output only. The timestamp when the resource was created. + format: google-datetime + type: string + readOnly: true + description: + type: string + description: Optional. A human-readable description of the resource. + name: type: string - format: google-duration - HttpRouteRequestMirrorPolicy: - id: HttpRouteRequestMirrorPolicy - description: >- - Specifies the policy on how requests are shadowed to a separate mirrored - destination service. The proxy does not wait for responses from the - shadow service. Prior to sending traffic to the shadow service, the - host/authority header is suffixed with -shadow. Mirroring is currently - not supported for Cloud Run destinations. - type: object - properties: - destination: - description: >- - The destination the requests will be mirrored to. The weight of the - destination will be ignored. - $ref: '#/components/schemas/HttpRouteDestination' - mirrorPercent: description: >- - Optional. The percentage of requests to get mirrored to the desired - destination. - type: number - format: float - HttpRouteCorsPolicy: - id: HttpRouteCorsPolicy - description: The Specification for allowing client side cross-origin requests. + Required. Identifier. Name of the `LbEdgeExtension` resource in the + following format: + `projects/{project}/locations/{location}/lbEdgeExtensions/{lb_edge_extension}`. + type: object + CancelOperationRequest: + id: CancelOperationRequest + description: The request message for Operations.CancelOperation. + properties: {} type: object + AuthzExtension: properties: - allowOrigins: - description: >- - Specifies the list of origins that will be allowed to do CORS - requests. An origin is allowed if it matches either an item in - allow_origins or an item in allow_origin_regexes. - type: array - items: - type: string - allowOriginRegexes: + createTime: + readOnly: true + format: google-datetime + type: string + description: Output only. The timestamp when the resource was created. + labels: description: >- - Specifies the regular expression patterns that match allowed - origins. For regular expression grammar, please see - https://github.com/google/re2/wiki/Syntax. - type: array - items: - type: string - allowMethods: - description: Specifies the content for Access-Control-Allow-Methods header. - type: array - items: - type: string - allowHeaders: - description: Specifies the content for Access-Control-Allow-Headers header. - type: array - items: - type: string - exposeHeaders: - description: Specifies the content for Access-Control-Expose-Headers header. - type: array - items: + Optional. Set of labels associated with the `AuthzExtension` + resource. The format must comply with [the requirements for + labels](/compute/docs/labeling-resources#requirements) for Google + Cloud resources. + type: object + additionalProperties: type: string - maxAge: + metadata: description: >- - Specifies how long result of a preflight request can be cached in - seconds. This translates to the Access-Control-Max-Age header. - type: string - allowCredentials: + Optional. The metadata provided here is included as part of the + `metadata_context` (of type `google.protobuf.Struct`) in the + `ProcessingRequest` message sent to the extension server. The + metadata is available under the namespace + `com.google.authz_extension.`. The following variables are supported + in the metadata Struct: `{forwarding_rule_id}` - substituted with + the forwarding rule's fully qualified resource name. + additionalProperties: + description: Properties of the object. + type: any + type: object + service: + type: string description: >- - In response to a preflight request, setting this to true indicates - that the actual request can include user credentials. This - translates to the Access-Control-Allow-Credentials header. Default - value is false. - type: boolean - disabled: + Required. The reference to the service that runs the extension. To + configure a callout extension, `service` must be a fully-qualified + reference to a [backend + service](https://cloud.google.com/compute/docs/reference/rest/v1/backendServices) + in the format: + `https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/backendServices/{backendService}` + or + `https://www.googleapis.com/compute/v1/projects/{project}/global/backendServices/{backendService}`. + authority: description: >- - If true, the CORS policy is disabled. The default value is false, - which indicates that the CORS policy is in effect. - type: boolean - HttpRouteStatefulSessionAffinityPolicy: - id: HttpRouteStatefulSessionAffinityPolicy - description: >- - The specification for cookie-based stateful session affinity where the - date plane supplies a “session cookie” with the name "GSSA" which - encodes a specific destination host and each request containing that - cookie will be directed to that host as long as the destination host - remains up and healthy. The gRPC proxyless mesh library or sidecar proxy - will manage the session cookie but the client application code is - responsible for copying the cookie from each RPC in the session to the - next. - type: object - properties: - cookieTtl: + Required. The `:authority` header in the gRPC request sent from + Envoy to the extension service. + type: string + loadBalancingScheme: description: >- - Required. The cookie TTL value for the Set-Cookie header generated - by the data plane. The lifetime of the cookie may be set to a value - from 0 to 86400 seconds (24 hours) inclusive. Set this to 0s to use - a session cookie and disable cookie expiration. + Required. All backend services and forwarding rules referenced by + this extension must share the same load balancing scheme. Supported + values: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. For more + information, refer to [Backend services + overview](https://cloud.google.com/load-balancing/docs/backend-service). type: string - format: google-duration - HttpRouteHttpDirectResponse: - id: HttpRouteHttpDirectResponse - description: Static HTTP response object to be returned. - type: object - properties: - stringBody: + enum: + - LOAD_BALANCING_SCHEME_UNSPECIFIED + - INTERNAL_MANAGED + - EXTERNAL_MANAGED + enumDescriptions: + - Default value. Do not use. + - Signifies that this is used for Internal HTTP(S) Load Balancing. + - >- + Signifies that this is used for External Managed HTTP(S) Load + Balancing. + forwardHeaders: + items: + type: string + type: array description: >- - Optional. Response body as a string. Maximum body length is 1024 - characters. + Optional. List of the HTTP headers to forward to the extension (from + the client). If omitted, all headers are sent. Each element is a + string indicating the header name. + updateTime: + format: google-datetime + readOnly: true type: string - bytesBody: - description: Optional. Response body as bytes. Maximum body size is 4096B. + description: Output only. The timestamp when the resource was updated. + description: + type: string + description: Optional. A human-readable description of the resource. + wireFormat: + enum: + - WIRE_FORMAT_UNSPECIFIED + - EXT_PROC_GRPC + - EXT_AUTHZ_GRPC type: string - format: byte - status: description: >- - Required. Status to return as part of HTTP Response. Must be a - positive integer. - type: integer - format: int32 - ListTcpRoutesResponse: - id: ListTcpRoutesResponse - description: Response returned by the ListTcpRoutes method. - type: object - properties: - tcpRoutes: - description: List of TcpRoute resources. - type: array - items: - $ref: '#/components/schemas/TcpRoute' - nextPageToken: + Optional. The format of communication supported by the callout + extension. If not specified, the default value `EXT_PROC_GRPC` is + used. + enumDescriptions: + - Not specified. + - >- + The extension service uses ext_proc gRPC API over a gRPC stream. + This is the default value if the wire format is not specified. The + backend service for the extension must use HTTP2 or H2C as the + protocol. All `supported_events` for a client request are sent as + part of the same gRPC stream. + - >- + The extension service uses Envoy's `ext_authz` gRPC API. The + backend service for the extension must use HTTP2, or H2C as the + protocol. `EXT_AUTHZ_GRPC` is only supported for regional + `AuthzExtension` resources. + failOpen: description: >- - If there might be more results than those appearing in this - response, then `next_page_token` is included. To get the next set of - results, call this method again using the value of `next_page_token` - as `page_token`. + Optional. Determines how the proxy behaves if the call to the + extension fails or times out. When set to `TRUE`, request or + response processing continues without error. Any subsequent + extensions in the extension chain are also executed. When set to + `FALSE` or the default setting of `FALSE` is used, one of the + following happens: * If response headers have not been delivered to + the downstream client, a generic 500 error is returned to the + client. The error response can be tailored by configuring a custom + error response in the load balancer. * If response headers have been + delivered, then the HTTP stream to the downstream client is reset. + type: boolean + timeout: type: string - unreachable: + format: google-duration description: >- - Unreachable resources. Populated when the request opts into - return_partial_success and reading across collections e.g. when - attempting to list all resources across all supported locations. - type: array - items: - type: string - TcpRoute: - id: TcpRoute - description: >- - TcpRoute is the resource defining how TCP traffic should be routed by a - Mesh/Gateway resource. - type: object - properties: + Required. Specifies the timeout for each individual message on the + stream. The timeout must be between 10-10000 milliseconds. name: description: >- - Identifier. Name of the TcpRoute resource. It matches pattern - `projects/*/locations/global/tcpRoutes/tcp_route_name>`. - type: string - selfLink: - description: Output only. Server-defined URL of this resource - readOnly: true - type: string - createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true + Required. Identifier. Name of the `AuthzExtension` resource in the + following format: + `projects/{project}/locations/{location}/authzExtensions/{authz_extension}`. type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the resource was updated. - readOnly: true + description: >- + `AuthzExtension` is a resource that allows traffic forwarding to a + callout backend service to make an authorization decision. + id: AuthzExtension + type: object + HttpRouteQueryParameterMatch: + properties: + queryParameter: type: string - format: google-datetime - description: + description: The name of the query parameter to match. + regexMatch: description: >- - Optional. A free-text description of the resource. Max length 1024 - characters. + The value of the query parameter must match the regular expression + specified by regex_match. For regular expression grammar, please see + https://github.com/google/re2/wiki/Syntax Only one of exact_match, + regex_match, or present_match must be set. type: string - rules: + exactMatch: description: >- - Required. Rules that define how traffic is routed and handled. At - least one RouteRule must be supplied. If there are multiple rules - then the action taken will be the first rule to match. - type: array - items: - $ref: '#/components/schemas/TcpRouteRouteRule' - meshes: + The value of the query parameter must exactly match the contents of + exact_match. Only one of exact_match, regex_match, or present_match + must be set. + type: string + presentMatch: description: >- - Optional. Meshes defines a list of meshes this TcpRoute is attached - to, as one of the routing rules to route the requests served by the - mesh. Each mesh reference should match the pattern: - `projects/*/locations/global/meshes/` The attached Mesh should be of - a type SIDECAR + Specifies that the QueryParameterMatcher matches if request contains + query parameter, irrespective of whether the parameter has a value + or not. Only one of exact_match, regex_match, or present_match must + be set. + type: boolean + description: Specifications to match a query parameter in the request. + type: object + id: HttpRouteQueryParameterMatch + ExtensionChainExtension: + properties: + forwardHeaders: type: array items: type: string - gateways: description: >- - Optional. Gateways defines a list of gateways this TcpRoute is - attached to, as one of the routing rules to route the requests - served by the gateway. Each gateway reference should match the - pattern: `projects/*/locations/global/gateways/` + Optional. List of the HTTP headers to forward to the extension (from + the client or backend). If omitted, all headers are sent. Each + element is a string indicating the header name. + responseBodySendMode: + type: string + enumDescriptions: + - Default value. Do not use. + - >- + Calls to the extension are executed in the streamed mode. + Subsequent chunks will be sent only after the previous chunks have + been processed. The content of the body chunks is sent one way to + the extension. Extension may send modified chunks back. This is + the default value if the processing mode is not specified. + - >- + Calls are executed in the full duplex mode. Subsequent chunks will + be sent for processing without waiting for the response for the + previous chunk or for the response for `REQUEST_HEADERS` event. + Extension can freely modify or chunk the body contents. If the + extension doesn't send the body contents back, the next extension + in the chain or the upstream will receive an empty body. + description: >- + Optional. Configures the send mode for response processing. If + unspecified, the default value `STREAMED` is used. The field can + only be set if `supported_events` includes `RESPONSE_BODY`. If + `supported_events` includes `RESPONSE_BODY`, but + `response_body_send_mode` is unset, the default value `STREAMED` is + used. When this field is set to `FULL_DUPLEX_STREAMED`, + `supported_events` must include both `RESPONSE_BODY` and + `RESPONSE_TRAILERS`. This field can be set only for + `LbTrafficExtension` resources, and only when the `service` field of + the extension points to a `BackendService`. + enum: + - BODY_SEND_MODE_UNSPECIFIED + - BODY_SEND_MODE_STREAMED + - BODY_SEND_MODE_FULL_DUPLEX_STREAMED + timeout: + type: string + format: google-duration + description: >- + Optional. Specifies the timeout for each individual message on the + stream. The timeout must be between `10`-`10000` milliseconds. + Required for callout extensions. This field is not supported for + plugin extensions. Setting it results in a validation error. + requestBodySendMode: + enumDescriptions: + - Default value. Do not use. + - >- + Calls to the extension are executed in the streamed mode. + Subsequent chunks will be sent only after the previous chunks have + been processed. The content of the body chunks is sent one way to + the extension. Extension may send modified chunks back. This is + the default value if the processing mode is not specified. + - >- + Calls are executed in the full duplex mode. Subsequent chunks will + be sent for processing without waiting for the response for the + previous chunk or for the response for `REQUEST_HEADERS` event. + Extension can freely modify or chunk the body contents. If the + extension doesn't send the body contents back, the next extension + in the chain or the upstream will receive an empty body. + enum: + - BODY_SEND_MODE_UNSPECIFIED + - BODY_SEND_MODE_STREAMED + - BODY_SEND_MODE_FULL_DUPLEX_STREAMED + type: string + description: >- + Optional. Configures the send mode for request body processing. The + field can only be set if `supported_events` includes `REQUEST_BODY`. + If `supported_events` includes `REQUEST_BODY`, but + `request_body_send_mode` is unset, the default value `STREAMED` is + used. When this field is set to `FULL_DUPLEX_STREAMED`, + `supported_events` must include both `REQUEST_BODY` and + `REQUEST_TRAILERS`. This field can be set only for + `LbTrafficExtension` and `LbRouteExtension` resources, and only when + the `service` field of the extension points to a `BackendService`. + Only `FULL_DUPLEX_STREAMED` mode is supported for `LbRouteExtension` + resources. + supportedEvents: type: array items: + enumDescriptions: + - Unspecified value. Do not use. + - >- + If included in `supported_events`, the extension is called when + the HTTP request headers arrive. + - >- + If included in `supported_events`, the extension is called when + the HTTP request body arrives. + - >- + If included in `supported_events`, the extension is called when + the HTTP response headers arrive. + - >- + If included in `supported_events`, the extension is called when + the HTTP response body arrives. + - >- + If included in `supported_events`, the extension is called when + the HTTP request trailers arrives. + - >- + If included in `supported_events`, the extension is called when + the HTTP response trailers arrives. + enum: + - EVENT_TYPE_UNSPECIFIED + - REQUEST_HEADERS + - REQUEST_BODY + - RESPONSE_HEADERS + - RESPONSE_BODY + - REQUEST_TRAILERS + - RESPONSE_TRAILERS type: string - labels: - description: Optional. Set of label tags associated with the TcpRoute resource. - type: object - additionalProperties: - type: string - TcpRouteRouteRule: - id: TcpRouteRouteRule - description: >- - Specifies how to match traffic and how to route traffic when traffic is - matched. - type: object - properties: - matches: description: >- - Optional. RouteMatch defines the predicate used to match requests to - a given action. Multiple match types are "OR"ed for evaluation. If - no routeMatch field is specified, this rule will unconditionally - match traffic. - type: array - items: - $ref: '#/components/schemas/TcpRouteRouteMatch' - action: - description: Required. The detailed rule defining how to route matched traffic. - $ref: '#/components/schemas/TcpRouteRouteAction' - TcpRouteRouteMatch: - id: TcpRouteRouteMatch - description: >- - RouteMatch defines the predicate used to match requests to a given - action. Multiple match types are "OR"ed for evaluation. If no routeMatch - field is specified, this rule will unconditionally match traffic. - type: object - properties: - address: + Optional. A set of events during request or response processing for + which this extension is called. For the `LbTrafficExtension` + resource, this field is required. For the `LbRouteExtension` + resource, this field is optional. If unspecified, `REQUEST_HEADERS` + event is assumed as supported. For the `LbEdgeExtension` resource, + this field is required and must only contain `REQUEST_HEADERS` + event. For the `AuthzExtension` resource, this field is optional. + `REQUEST_HEADERS` is the only supported event. If unspecified, + `REQUEST_HEADERS` event is assumed as supported. + metadata: + type: object + additionalProperties: + description: Properties of the object. + type: any description: >- - Required. Must be specified in the CIDR range format. A CIDR range - consists of an IP Address and a prefix length to construct the - subnet mask. By default, the prefix length is 32 (i.e. matches a - single IP address). Only IPV4 addresses are supported. Examples: - "10.0.0.1" - matches against this exact IP address. "10.0.0.0/8" - - matches against any IP address within the 10.0.0.0 subnet and - 255.255.255.0 mask. "0.0.0.0/0" - matches against any IP address'. - type: string - port: - description: Required. Specifies the destination port to match against. + Optional. The metadata provided here is included as part of the + `metadata_context` (of type `google.protobuf.Struct`) in the + `ProcessingRequest` message sent to the extension server. For + `AuthzExtension` resources, the metadata is available under the + namespace `com.google.authz_extension.`. For other types of + extensions, the metadata is available under the namespace + `com.google....`. For example: + `com.google.lb_traffic_extension.lbtrafficextension1.chain1.ext1`. + The following variables are supported in the metadata: + `{forwarding_rule_id}` - substituted with the forwarding rule's + fully qualified resource name. This field must not be set for plugin + extensions. Setting it results in a validation error. You can set + metadata at either the resource level or the extension level. The + extension level metadata is recommended because you can pass a + different set of metadata through each extension to the backend. + This field is subject to following limitations: * The total size of + the metadata must be less than 1KiB. * The total number of keys in + the metadata must be less than 16. * The length of each key must be + less than 64 characters. * The length of each value must be less + than 1024 characters. * All values must be strings. + name: type: string - TcpRouteRouteAction: - id: TcpRouteRouteAction - description: The specifications for routing traffic and applying associated policies. - type: object - properties: - destinations: - description: >- - Optional. The destination services to which traffic should be - forwarded. At least one destination service is required. Only one of - route destination or original destination can be set. - type: array - items: - $ref: '#/components/schemas/TcpRouteRouteDestination' - originalDestination: description: >- - Optional. If true, Router will use the destination IP and port of - the original connection as the destination of the request. Default - is false. Only one of route destinations or original destination can - be set. - type: boolean - idleTimeout: + Optional. The name for this extension. The name is logged as part of + the HTTP request logs. The name must conform with RFC-1034, is + restricted to lower-cased letters, numbers and hyphens, and can have + a maximum length of 63 characters. Additionally, the first character + must be a letter and the last a letter or a number. This field is + required except for AuthzExtension. + service: description: >- - Optional. Specifies the idle timeout for the selected route. The - idle timeout is defined as the period in which there are no bytes - sent or received on either the upstream or downstream connection. If - not set, the default idle timeout is 30 seconds. If set to 0s, the - timeout will be disabled. - type: string - format: google-duration - TcpRouteRouteDestination: - id: TcpRouteRouteDestination - description: Describe the destination for traffic to be routed to. - type: object - properties: - serviceName: - description: Required. The URL of a BackendService to route traffic to. + Required. The reference to the service that runs the extension. To + configure a callout extension, `service` must be a fully-qualified + reference to a [backend + service](https://cloud.google.com/compute/docs/reference/rest/v1/backendServices) + in the format: + `https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/backendServices/{backendService}` + or + `https://www.googleapis.com/compute/v1/projects/{project}/global/backendServices/{backendService}`. + To configure a plugin extension, `service` must be a reference to a + [`WasmPlugin` + resource](https://cloud.google.com/service-extensions/docs/reference/rest/v1beta1/projects.locations.wasmPlugins) + in the format: + `projects/{project}/locations/{location}/wasmPlugins/{plugin}` or + `//networkservices.googleapis.com/projects/{project}/locations/{location}/wasmPlugins/{wasmPlugin}`. + Plugin extensions are currently supported for the + `LbTrafficExtension`, the `LbRouteExtension`, and the + `LbEdgeExtension` resources. type: string - weight: - description: >- - Optional. Specifies the proportion of requests forwarded to the - backend referenced by the serviceName field. This is computed as: - - weight/Sum(weights in this destination list). For non-zero values, - there may be some epsilon from the exact proportion defined here - depending on the precision an implementation supports. If only one - serviceName is specified and it has a weight greater than 0, 100% of - the traffic is forwarded to that backend. If weights are specified - for any one service name, they need to be specified for all of them. - If weights are unspecified for all services, then, traffic is - distributed in equal proportions to all of them. - type: integer - format: int32 - ListTlsRoutesResponse: - id: ListTlsRoutesResponse - description: Response returned by the ListTlsRoutes method. - type: object - properties: - tlsRoutes: - description: List of TlsRoute resources. - type: array - items: - $ref: '#/components/schemas/TlsRoute' - nextPageToken: + failOpen: description: >- - If there might be more results than those appearing in this - response, then `next_page_token` is included. To get the next set of - results, call this method again using the value of `next_page_token` - as `page_token`. + Optional. Determines how the proxy behaves if the call to the + extension fails or times out. When set to `TRUE`, request or + response processing continues without error. Any subsequent + extensions in the extension chain are also executed. When set to + `FALSE` or the default setting of `FALSE` is used, one of the + following happens: * If response headers have not been delivered to + the downstream client, a generic 500 error is returned to the + client. The error response can be tailored by configuring a custom + error response in the load balancer. * If response headers have been + delivered, then the HTTP stream to the downstream client is reset. + type: boolean + observabilityMode: + description: >- + Optional. When set to `TRUE`, enables `observability_mode` on the + `ext_proc` filter. This makes `ext_proc` calls asynchronous. Envoy + doesn't check for the response from `ext_proc` calls. For more + information about the filter, see: + https://www.envoyproxy.io/docs/envoy/v1.32.3/api-v3/extensions/filters/http/ext_proc/v3/ext_proc.proto#extensions-filters-http-ext-proc-v3-externalprocessor + This field is helpful when you want to try out the extension in + async log-only mode. Supported by regional `LbTrafficExtension` and + `LbRouteExtension` resources. Only `STREAMED` (default) body + processing mode is supported. + type: boolean + authority: type: string - unreachable: description: >- - Unreachable resources. Populated when the request opts into - return_partial_success and reading across collections e.g. when - attempting to list all resources across all supported locations. - type: array - items: - type: string - TlsRoute: - id: TlsRoute - description: >- - TlsRoute defines how traffic should be routed based on SNI and other - matching L3 attributes. + Optional. The `:authority` header in the gRPC request sent from + Envoy to the extension service. Required for Callout extensions. + This field is not supported for plugin extensions. Setting it + results in a validation error. + description: A single extension in the chain to execute for the matching request. type: object + id: ExtensionChainExtension + GrpcRoute: properties: - name: - description: >- - Identifier. Name of the TlsRoute resource. It matches pattern - `projects/*/locations/global/tlsRoutes/tls_route_name>`. - type: string selfLink: - description: Output only. Server-defined URL of this resource - readOnly: true type: string - createTime: - description: Output only. The timestamp when the resource was created. + description: Output only. Server-defined URL of this resource readOnly: true - type: string - format: google-datetime + labels: + description: Optional. Set of label tags associated with the GrpcRoute resource. + additionalProperties: + type: string + type: object updateTime: - description: Output only. The timestamp when the resource was updated. - readOnly: true type: string + description: Output only. The timestamp when the resource was updated. format: google-datetime - description: - description: >- - Optional. A free-text description of the resource. Max length 1024 - characters. - type: string + readOnly: true rules: description: >- - Required. Rules that define how traffic is routed and handled. At - least one RouteRule must be supplied. If there are multiple rules - then the action taken will be the first rule to match. + Required. A list of detailed rules defining how to route traffic. + Within a single GrpcRoute, the GrpcRoute.RouteAction associated with + the first matching GrpcRoute.RouteRule will be executed. At least + one rule must be supplied. type: array items: - $ref: '#/components/schemas/TlsRouteRouteRule' - meshes: - description: >- - Optional. Meshes defines a list of meshes this TlsRoute is attached - to, as one of the routing rules to route the requests served by the - mesh. Each mesh reference should match the pattern: - `projects/*/locations/global/meshes/` The attached Mesh should be of - a type SIDECAR + $ref: '#/components/schemas/GrpcRouteRouteRule' + gateways: type: array items: type: string - gateways: description: >- - Optional. Gateways defines a list of gateways this TlsRoute is + Optional. Gateways defines a list of gateways this GrpcRoute is attached to, as one of the routing rules to route the requests served by the gateway. Each gateway reference should match the - pattern: `projects/*/locations/global/gateways/` - type: array - items: - type: string - labels: - description: Optional. Set of label tags associated with the TlsRoute resource. - type: object - additionalProperties: + pattern: `projects/*/locations/*/gateways/` + createTime: + description: Output only. The timestamp when the resource was created. + readOnly: true + type: string + format: google-datetime + meshes: + items: + type: string + type: array + description: >- + Optional. Meshes defines a list of meshes this GrpcRoute is attached + to, as one of the routing rules to route the requests served by the + mesh. Each mesh reference should match the pattern: + `projects/*/locations/*/meshes/` + name: + type: string + description: >- + Identifier. Name of the GrpcRoute resource. It matches pattern + `projects/*/locations/*/grpcRoutes/` + hostnames: + description: >- + Required. Service hostnames with an optional port for which this + route describes traffic. Format: [:] Hostname is the fully qualified + domain name of a network host. This matches the RFC 1123 definition + of a hostname with 2 notable exceptions: - IPs are not allowed. - A + hostname may be prefixed with a wildcard label (`*.`). The wildcard + label must appear by itself as the first label. Hostname can be + "precise" which is a domain name without the terminating dot of a + network host (e.g. `foo.example.com`) or "wildcard", which is a + domain name prefixed with a single wildcard label (e.g. + `*.example.com`). Note that as per RFC1035 and RFC1123, a label must + consist of lower case alphanumeric characters or '-', and must start + and end with an alphanumeric character. No other punctuation is + allowed. The routes associated with a Mesh or Gateway must have + unique hostnames. If you attempt to attach multiple routes with + conflicting hostnames, the configuration will be rejected. For + example, while it is acceptable for routes for the hostnames + `*.foo.bar.com` and `*.bar.com` to be associated with the same + route, it is not possible to associate two routes both with + `*.bar.com` or both with `bar.com`. If a port is specified, then + gRPC clients must use the channel URI with the port to match this + rule (i.e. "xds:///service:123"), otherwise they must supply the URI + without a port (i.e. "xds:///service"). + items: type: string + type: array + description: + description: >- + Optional. A free-text description of the resource. Max length 1024 + characters. + type: string + id: GrpcRoute + description: >- + GrpcRoute is the resource defining how gRPC traffic routed by a Mesh or + Gateway resource is routed. + type: object + HttpRouteFaultInjectionPolicy: + id: HttpRouteFaultInjectionPolicy + type: object + properties: + delay: + description: The specification for injecting delay to client requests. + $ref: '#/components/schemas/HttpRouteFaultInjectionPolicyDelay' + abort: + description: The specification for aborting to client requests. + $ref: '#/components/schemas/HttpRouteFaultInjectionPolicyAbort' + description: >- + The specification for fault injection introduced into traffic to test + the resiliency of clients to destination service failure. As part of + fault injection, when clients send requests to a destination, delays can + be introduced by client proxy on a percentage of requests before sending + those requests to the destination service. Similarly requests can be + aborted by client proxy for a percentage of requests. + HttpRouteHttpDirectResponse: + description: Static HTTP response object to be returned. + id: HttpRouteHttpDirectResponse + properties: + status: + description: >- + Required. Status to return as part of HTTP Response. Must be a + positive integer. + type: integer + format: int32 + bytesBody: + type: string + description: Optional. Response body as bytes. Maximum body size is 4096B. + format: byte + stringBody: + description: >- + Optional. Response body as a string. Maximum body length is 1024 + characters. + type: string + type: object TlsRouteRouteRule: - id: TlsRouteRouteRule description: >- Specifies how to match traffic and how to route traffic when traffic is matched. + id: TlsRouteRouteRule type: object properties: matches: + items: + $ref: '#/components/schemas/TlsRouteRouteMatch' description: >- Required. RouteMatch defines the predicate used to match requests to a given action. Multiple match types are "OR"ed for evaluation. Atleast one RouteMatch must be supplied. type: array - items: - $ref: '#/components/schemas/TlsRouteRouteMatch' action: - description: Required. The detailed rule defining how to route matched traffic. $ref: '#/components/schemas/TlsRouteRouteAction' - TlsRouteRouteMatch: - id: TlsRouteRouteMatch - description: >- - RouteMatch defines the predicate used to match requests to a given - action. Multiple match types are "AND"ed for evaluation. - type: object - properties: - sniHost: - description: >- - Optional. SNI (server name indicator) to match against. SNI will be - matched against all wildcard domains, i.e. `www.example.com` will be - first matched against `www.example.com`, then `*.example.com`, then - `*.com.` Partial wildcards are not supported, and values like - *w.example.com are invalid. At least one of sni_host and alpn is - required. Up to 100 sni hosts across all matches can be set. - type: array - items: - type: string - alpn: - description: >- - Optional. ALPN (Application-Layer Protocol Negotiation) to match - against. Examples: "http/1.1", "h2". At least one of sni_host and - alpn is required. Up to 5 alpns across all matches can be set. - type: array - items: - type: string - TlsRouteRouteAction: - id: TlsRouteRouteAction + description: Required. The detailed rule defining how to route matched traffic. + TcpRouteRouteAction: description: The specifications for routing traffic and applying associated policies. + id: TcpRouteRouteAction type: object properties: - destinations: - description: >- - Required. The destination services to which traffic should be - forwarded. At least one destination service is required. - type: array - items: - $ref: '#/components/schemas/TlsRouteRouteDestination' idleTimeout: description: >- Optional. Specifies the idle timeout for the selected route. The idle timeout is defined as the period in which there are no bytes sent or received on either the upstream or downstream connection. If - not set, the default idle timeout is 1 hour. If set to 0s, the + not set, the default idle timeout is 30 seconds. If set to 0s, the timeout will be disabled. - type: string format: google-duration - TlsRouteRouteDestination: - id: TlsRouteRouteDestination - description: Describe the destination for traffic to be routed to. - type: object + type: string + destinations: + items: + $ref: '#/components/schemas/TcpRouteRouteDestination' + description: >- + Optional. The destination services to which traffic should be + forwarded. At least one destination service is required. Only one of + route destination or original destination can be set. + type: array + originalDestination: + type: boolean + description: >- + Optional. If true, Router will use the destination IP and port of + the original connection as the destination of the request. Default + is false. Only one of route destinations or original destination can + be set. + GrpcRouteHeaderMatch: + id: GrpcRouteHeaderMatch properties: - serviceName: - description: Required. The URL of a BackendService to route traffic to. + value: type: string - weight: + description: Required. The value of the header. + type: description: >- - Optional. Specifies the proportion of requests forwarded to the - backend referenced by the service_name field. This is computed as: - - weight/Sum(weights in destinations) Weights in all destinations does - not need to sum up to 100. - type: integer - format: int32 - ListServiceBindingsResponse: - id: ListServiceBindingsResponse - description: Response returned by the ListServiceBindings method. + Optional. Specifies how to match against the value of the header. If + not specified, a default value of EXACT is used. + type: string + enum: + - TYPE_UNSPECIFIED + - EXACT + - REGULAR_EXPRESSION + enumDescriptions: + - Unspecified. + - Will only match the exact value provided. + - >- + Will match paths conforming to the prefix specified by value. RE2 + syntax is supported. + key: + description: Required. The key of the header. + type: string + description: A match against a collection of headers. type: object + HttpRouteRetryPolicy: + type: object + id: HttpRouteRetryPolicy + description: The specifications for retries. properties: - serviceBindings: - description: List of ServiceBinding resources. - type: array - items: - $ref: '#/components/schemas/ServiceBinding' - nextPageToken: - description: >- - If there might be more results than those appearing in this - response, then `next_page_token` is included. To get the next set of - results, call this method again using the value of `next_page_token` - as `page_token`. + perTryTimeout: + format: google-duration type: string - unreachable: + description: Specifies a non-zero timeout per retry attempt. + retryConditions: description: >- - Unreachable resources. Populated when the request attempts to list - all resources across all supported locations, while some locations - are temporarily unavailable. + Specifies one or more conditions when this retry policy applies. + Valid values are: 5xx: Proxy will attempt a retry if the destination + service responds with any 5xx response code, of if the destination + service does not respond at all, example: disconnect, reset, read + timeout, connection failure and refused streams. gateway-error: + Similar to 5xx, but only applies to response codes 502, 503, 504. + reset: Proxy will attempt a retry if the destination service does + not respond at all (disconnect/reset/read timeout) connect-failure: + Proxy will retry on failures connecting to destination for example + due to connection timeouts. retriable-4xx: Proxy will retry fro + retriable 4xx response codes. Currently the only retriable error + supported is 409. refused-stream: Proxy will retry if the + destination resets the stream with a REFUSED_STREAM error code. This + reset type indicates that it is safe to retry. type: array items: type: string - ServiceBinding: - id: ServiceBinding - description: >- - ServiceBinding can be used to: - Bind a Service Directory Service to be - used in a BackendService resource. This feature will be deprecated soon. - - Bind a Private Service Connect producer service to be used in consumer - Cloud Service Mesh or Application Load Balancers. - Bind a Cloud Run - service to be used in consumer Cloud Service Mesh or Application Load - Balancers. + numRetries: + description: >- + Specifies the allowed number of retries. This number must be > 0. If + not specified, default to 1. + type: integer + format: int32 + TestIamPermissionsResponse: + id: TestIamPermissionsResponse type: object properties: - name: + permissions: + type: array + items: + type: string description: >- - Identifier. Name of the ServiceBinding resource. It matches pattern - `projects/*/locations/*/serviceBindings/`. - type: string - description: - description: >- - Optional. A free-text description of the resource. Max length 1024 - characters. - type: string - createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the resource was updated. - readOnly: true - type: string - format: google-datetime - service: - description: >- - Optional. The full Service Directory Service name of the format - `projects/*/locations/*/namespaces/*/services/*`. This field is for - Service Directory integration which will be deprecated soon. - deprecated: true - type: string - serviceId: - description: >- - Output only. The unique identifier of the Service Directory Service - against which the ServiceBinding resource is validated. This is - populated when the Service Binding resource is used in another - resource (like Backend Service). This is of the UUID4 format. This - field is for Service Directory integration which will be deprecated - soon. - readOnly: true - deprecated: true - type: string - labels: + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + description: Response message for `TestIamPermissions` method. + ServiceLbPolicyFailoverConfig: + properties: + failoverHealthThreshold: + type: integer + format: int32 description: >- - Optional. Set of label tags associated with the ServiceBinding - resource. - type: object - additionalProperties: - type: string - ListMeshesResponse: - id: ListMeshesResponse - description: Response returned by the ListMeshes method. + Optional. The percentage threshold that a load balancer will begin + to send traffic to failover backends. If the percentage of endpoints + in a MIG/NEG is smaller than this value, traffic would be sent to + failover backends if possible. This field should be set to a value + between 1 and 99. The default value is 50 for Global external + HTTP(S) load balancer (classic) and Proxyless service mesh, and 70 + for others. + description: >- + Option to specify health based failover behavior. This is not related to + Network load balancer FailoverPolicy. + id: ServiceLbPolicyFailoverConfig + type: object + LoggingConfig: type: object properties: - meshes: - description: List of Mesh resources. - type: array - items: - $ref: '#/components/schemas/Mesh' - nextPageToken: + logSeverity: description: >- - If there might be more results than those appearing in this - response, then `next_page_token` is included. To get the next set of - results, call this method again using the value of `next_page_token` - as `page_token`. + Optional. The minimum severity of logs that will be sent to + Stackdriver/Platform Telemetry. Logs at severitiy ≥ this value will + be sent, unless it is NONE. + enumDescriptions: + - >- + Log severity is not specified. This value is treated the same as + NONE, but is used to distinguish between no update and update to + NONE in update_masks. + - >- + Default value at resource creation, presence of this value must be + treated as no logging/disable logging. + - Debug or trace level logging. + - Routine information, such as ongoing status or performance. + - >- + Normal but significant events, such as start up, shut down, or a + configuration change. + - Warning events might cause problems. + - Error events are likely to cause problems. + - Critical events cause more severe problems or outages. + - A person must take action immediately. + - One or more systems are unusable. + enum: + - LOG_SEVERITY_UNSPECIFIED + - NONE + - DEBUG + - INFO + - NOTICE + - WARNING + - ERROR + - CRITICAL + - ALERT + - EMERGENCY type: string - unreachable: - description: >- - Unreachable resources. Populated when the request opts into - `return_partial_success` and reading across collections e.g. when - attempting to list all resources across all supported locations. - type: array - items: - type: string - Mesh: - id: Mesh description: >- - Mesh represents a logical configuration grouping for workload to - workload communication within a service mesh. Routes that point to mesh - dictate how requests are routed within this logical mesh boundary. + The configuration for Platform Telemetry logging for Eventarc Advanced + resources. + id: LoggingConfig + HttpRouteFaultInjectionPolicyAbort: type: object + description: >- + Specification of how client requests are aborted as part of fault + injection before being sent to a destination. properties: - name: - description: >- - Identifier. Name of the Mesh resource. It matches pattern - `projects/*/locations/global/meshes/`. - type: string - selfLink: - description: Output only. Server-defined URL of this resource - readOnly: true - type: string - createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when the resource was updated. - readOnly: true - type: string - format: google-datetime - labels: - description: Optional. Set of label tags associated with the Mesh resource. - type: object - additionalProperties: - type: string - description: - description: >- - Optional. A free-text description of the resource. Max length 1024 - characters. - type: string - interceptionPort: + httpStatus: + type: integer + format: int32 description: >- - Optional. If set to a valid TCP port (1-65535), instructs the - SIDECAR proxy to listen on the specified port of localhost - (127.0.0.1) address. The SIDECAR proxy will expect all traffic to be - redirected to this port regardless of its actual ip:port - destination. If unset, a port '15001' is used as the interception - port. This is applicable only for sidecar proxy deployments. + The HTTP status code used to abort the request. The value must be + between 200 and 599 inclusive. + percentage: type: integer format: int32 - envoyHeaders: description: >- - Optional. Determines if envoy will insert internal debug headers - into upstream requests. Other Envoy headers may still be injected. - By default, envoy will not insert any debug headers. - type: string - enumDescriptions: - - Defaults to NONE. - - Suppress envoy debug headers. - - >- - Envoy will insert default internal debug headers into upstream - requests: x-envoy-attempt-count x-envoy-is-timeout-retry - x-envoy-expected-rq-timeout-ms x-envoy-original-path - x-envoy-upstream-stream-duration-ms - enum: - - ENVOY_HEADERS_UNSPECIFIED - - NONE - - DEBUG_HEADERS + The percentage of traffic which will be aborted. The value must be + between [0, 100] + id: HttpRouteFaultInjectionPolicyAbort ListServiceLbPoliciesResponse: - id: ListServiceLbPoliciesResponse - description: Response returned by the ListServiceLbPolicies method. type: object properties: - serviceLbPolicies: - description: List of ServiceLbPolicy resources. - type: array - items: - $ref: '#/components/schemas/ServiceLbPolicy' nextPageToken: description: >- If there might be more results than those appearing in this @@ -3065,371 +3407,186 @@ components: results, call this method again using the value of `next_page_token` as `page_token`. type: string + serviceLbPolicies: + description: List of ServiceLbPolicy resources. + type: array + items: + $ref: '#/components/schemas/ServiceLbPolicy' unreachable: + items: + type: string + type: array description: >- Unreachable resources. Populated when the request attempts to list all resources across all supported locations, while some locations are temporarily unavailable. - type: array - items: - type: string - ServiceLbPolicy: - id: ServiceLbPolicy - description: >- - ServiceLbPolicy holds global load balancing and traffic distribution - configuration that can be applied to a BackendService. + description: Response returned by the ListServiceLbPolicies method. + id: ListServiceLbPoliciesResponse + EndpointMatcherMetadataLabelMatcherMetadataLabels: + description: Defines a name-pair value for a single label. type: object properties: - name: - description: >- - Identifier. Name of the ServiceLbPolicy resource. It matches pattern - `projects/{project}/locations/{location}/serviceLbPolicies/{service_lb_policy_name}`. - type: string - createTime: - description: Output only. The timestamp when this resource was created. - readOnly: true + labelName: + description: Required. Label name presented as key in xDS Node Metadata. type: string - format: google-datetime - updateTime: - description: Output only. The timestamp when this resource was last updated. - readOnly: true + labelValue: type: string - format: google-datetime - labels: - description: >- - Optional. Set of label tags associated with the ServiceLbPolicy - resource. - type: object - additionalProperties: - type: string - description: description: >- - Optional. A free-text description of the resource. Max length 1024 - characters. + Required. Label value presented as value corresponding to the above + key, in xDS Node Metadata. + id: EndpointMatcherMetadataLabelMatcherMetadataLabels + RetryFilterPerRouteConfig: + type: object + id: RetryFilterPerRouteConfig + properties: + cryptoKeyName: + description: The name of the crypto key to use for encrypting event data. type: string - loadBalancingAlgorithm: + TlsRouteRouteMatch: + properties: + sniHost: description: >- - Optional. The type of load balancing algorithm to be used. The - default behavior is WATERFALL_BY_REGION. - type: string - enumDescriptions: - - The type of the loadbalancing algorithm is unspecified. - - >- - Balance traffic across all backends across the world - proportionally based on capacity. - - >- - Direct traffic to the nearest region with endpoints and capacity - before spilling over to other regions and spread the traffic from - each client to all the MIGs/NEGs in a region. - - >- - Direct traffic to the nearest region with endpoints and capacity - before spilling over to other regions. All MIGs/NEGs within a - region are evenly loaded but each client might not spread the - traffic to all the MIGs/NEGs in the region. - - >- - Attempt to keep traffic in a single zone closest to the client, - before spilling over to other zones. - enum: - - LOAD_BALANCING_ALGORITHM_UNSPECIFIED - - SPRAY_TO_WORLD - - SPRAY_TO_REGION - - WATERFALL_BY_REGION - - WATERFALL_BY_ZONE - autoCapacityDrain: - description: >- - Optional. Configuration to automatically move traffic away for - unhealthy IG/NEG for the associated Backend Service. - $ref: '#/components/schemas/ServiceLbPolicyAutoCapacityDrain' - failoverConfig: - description: Optional. Configuration related to health based failover. - $ref: '#/components/schemas/ServiceLbPolicyFailoverConfig' - isolationConfig: + Optional. SNI (server name indicator) to match against. SNI will be + matched against all wildcard domains, i.e. `www.example.com` will be + first matched against `www.example.com`, then `*.example.com`, then + `*.com.` Partial wildcards are not supported, and values like + *w.example.com are invalid. At least one of sni_host and alpn is + required. Up to 100 sni hosts across all matches can be set. + items: + type: string + type: array + alpn: + items: + type: string + type: array description: >- - Optional. Configuration to provide isolation support for the - associated Backend Service. - $ref: '#/components/schemas/ServiceLbPolicyIsolationConfig' - ServiceLbPolicyAutoCapacityDrain: - id: ServiceLbPolicyAutoCapacityDrain - description: >- - Option to specify if an unhealthy IG/NEG should be considered for global - load balancing and traffic routing. + Optional. ALPN (Application-Layer Protocol Negotiation) to match + against. Examples: "http/1.1", "h2". At least one of sni_host and + alpn is required. Up to 5 alpns across all matches can be set. + id: TlsRouteRouteMatch type: object - properties: - enable: - description: >- - Optional. If set to 'True', an unhealthy IG/NEG will be set as - drained. - An IG/NEG is considered unhealthy if less than 25% of the - instances/endpoints in the IG/NEG are healthy. - This option will - never result in draining more than 50% of the configured IGs/NEGs - for the Backend Service. - type: boolean - ServiceLbPolicyFailoverConfig: - id: ServiceLbPolicyFailoverConfig description: >- - Option to specify health based failover behavior. This is not related to - Network load balancer FailoverPolicy. - type: object + RouteMatch defines the predicate used to match requests to a given + action. Multiple match types are "AND"ed for evaluation. + HttpRouteRouteRule: + id: HttpRouteRouteRule properties: - failoverHealthThreshold: + matches: description: >- - Optional. The percentage threshold that a load balancer will begin - to send traffic to failover backends. If the percentage of endpoints - in a MIG/NEG is smaller than this value, traffic would be sent to - failover backends if possible. This field should be set to a value - between 1 and 99. The default value is 50 for Global external - HTTP(S) load balancer (classic) and Proxyless service mesh, and 70 - for others. - type: integer - format: int32 - ServiceLbPolicyIsolationConfig: - id: ServiceLbPolicyIsolationConfig - description: >- - Configuration to provide isolation support for the associated Backend - Service. - type: object - properties: - isolationGranularity: - description: Optional. The isolation granularity of the load balancer. - type: string - enumDescriptions: - - >- - No isolation is configured for the backend service. Traffic can - overflow based on the load balancing algorithm. - - >- - Traffic for this service will be isolated at the cloud region - level. - enum: - - ISOLATION_GRANULARITY_UNSPECIFIED - - REGION - isolationMode: - description: Optional. The isolation mode of the load balancer. - type: string - enumDescriptions: - - No isolation mode is configured for the backend service. - - Traffic will be sent to the nearest region. - - >- - Traffic will fail if no serving backends are available in the same - region as the load balancer. - enum: - - ISOLATION_MODE_UNSPECIFIED - - NEAREST - - STRICT - GatewayRouteView: - id: GatewayRouteView - description: GatewayRouteView defines view-only resource for Routes to a Gateway + A list of matches define conditions used for matching the rule + against incoming HTTP requests. Each match is independent, i.e. this + rule will be matched if ANY one of the matches is satisfied. If no + matches field is specified, this rule will unconditionally match + traffic. If a default rule is desired to be configured, add a rule + with no matches specified to the end of the rules list. + items: + $ref: '#/components/schemas/HttpRouteRouteMatch' + type: array + action: + description: The detailed rule defining how to route matched traffic. + $ref: '#/components/schemas/HttpRouteRouteAction' type: object + description: >- + Specifies how to match traffic and how to route traffic when traffic is + matched. + WasmPluginUsedBy: + id: WasmPluginUsedBy + description: Defines a resource that uses the `WasmPlugin` resource. properties: name: - description: >- - Output only. Identifier. Full path name of the GatewayRouteView - resource. Format: - projects/{project_number}/locations/{location}/gateways/{gateway}/routeViews/{route_view} - readOnly: true - type: string - routeProjectNumber: - description: Output only. Project number where the route exists. - readOnly: true - type: string - format: int64 - routeLocation: - description: Output only. Location where the route exists. readOnly: true - type: string - routeType: description: >- - Output only. Type of the route: HttpRoute,GrpcRoute,TcpRoute, or - TlsRoute - readOnly: true - type: string - routeId: - description: Output only. The resource id for the route. - readOnly: true + Output only. Full name of the resource + https://google.aip.dev/122#full-resource-names, for example + `//networkservices.googleapis.com/projects/{project}/locations/{location}/lbRouteExtensions/{extension}` type: string - MeshRouteView: - id: MeshRouteView - description: MeshRouteView defines view-only resource for Routes to a Mesh type: object + ExtensionChainMatchCondition: + description: Conditions under which this chain is invoked for a request. properties: - name: - description: >- - Output only. Identifier. Full path name of the MeshRouteView - resource. Format: - projects/{project_number}/locations/{location}/meshes/{mesh}/routeViews/{route_view} - readOnly: true - type: string - routeProjectNumber: - description: Output only. Project number where the route exists. - readOnly: true - type: string - format: int64 - routeLocation: - description: Output only. Location where the route exists. - readOnly: true - type: string - routeType: + celExpression: description: >- - Output only. Type of the route: HttpRoute,GrpcRoute,TcpRoute, or - TlsRoute - readOnly: true - type: string - routeId: - description: Output only. The resource id for the route. - readOnly: true + Required. A Common Expression Language (CEL) expression that is used + to match requests for which the extension chain is executed. For + more information, see [CEL matcher language + reference](https://cloud.google.com/service-extensions/docs/cel-matcher-language-reference). type: string - ListGatewayRouteViewsResponse: - id: ListGatewayRouteViewsResponse - description: Response returned by the ListGatewayRouteViews method. + id: ExtensionChainMatchCondition + type: object + Policy: + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). type: object properties: - gatewayRouteViews: - description: List of GatewayRouteView resources. - type: array + auditConfigs: items: - $ref: '#/components/schemas/GatewayRouteView' - nextPageToken: + $ref: '#/components/schemas/AuditConfig' + description: Specifies cloud audit logging configuration for this policy. + type: array + etag: + format: byte description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - unreachable: - description: >- - Unreachable resources. Populated when the request attempts to list - all resources across all supported locations, while some locations - are temporarily unavailable. - type: array - items: - type: string - ListMeshRouteViewsResponse: - id: ListMeshRouteViewsResponse - description: Response returned by the ListMeshRouteViews method. - type: object - properties: - meshRouteViews: - description: List of MeshRouteView resources. - type: array - items: - $ref: '#/components/schemas/MeshRouteView' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. type: string - unreachable: - description: >- - Unreachable resources. Populated when the request attempts to list - all resources across all supported locations, while some locations - are temporarily unavailable. - type: array - items: - type: string - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object - properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. + bindings: type: array items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: + $ref: '#/components/schemas/Binding' description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` - type: string - format: google-fieldmask - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). - type: object - properties: + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. version: + type: integer description: >- Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any @@ -3447,357 +3604,396 @@ components: specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer format: int32 - bindings: + id: Policy + ExtensionChain: + id: ExtensionChain + type: object + properties: + matchCondition: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array + Required. Conditions under which this chain is invoked for a + request. + $ref: '#/components/schemas/ExtensionChainMatchCondition' + name: + description: >- + Required. The name for this extension chain. The name is logged as + part of the HTTP request logs. The name must conform with RFC-1034, + is restricted to lower-cased letters, numbers and hyphens, and can + have a maximum length of 63 characters. Additionally, the first + character must be a letter and the last a letter or a number. + type: string + extensions: items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. + $ref: '#/components/schemas/ExtensionChainExtension' + description: >- + Required. A set of extensions to execute for the matching request. + At least one extension is required. Up to 3 extensions can be + defined for each extension chain for `LbTrafficExtension` resource. + `LbRouteExtension` and `LbEdgeExtension` chains are limited to 1 + extension per extension chain. type: array - items: - $ref: '#/components/schemas/AuditConfig' - etag: + description: >- + A single extension chain wrapper that contains the match conditions and + extensions to execute. + TlsRouteRouteAction: + description: The specifications for routing traffic and applying associated policies. + id: TlsRouteRouteAction + type: object + properties: + idleTimeout: description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + Optional. Specifies the idle timeout for the selected route. The + idle timeout is defined as the period in which there are no bytes + sent or received on either the upstream or downstream connection. If + not set, the default idle timeout is 1 hour. If set to 0s, the + timeout will be disabled. + format: google-duration type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + destinations: + type: array + description: >- + Required. The destination services to which traffic should be + forwarded. At least one destination service is required. + items: + $ref: '#/components/schemas/TlsRouteRouteDestination' + ServiceLbPolicyIsolationConfig: + id: ServiceLbPolicyIsolationConfig type: object + description: >- + Configuration to provide isolation support for the associated Backend + Service. properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + isolationMode: + description: Optional. The isolation mode of the load balancer. type: string - members: + enum: + - ISOLATION_MODE_UNSPECIFIED + - NEAREST + - STRICT + enumDescriptions: + - No isolation mode is configured for the backend service. + - Traffic will be sent to the nearest region. + - >- + Traffic will fail if no serving backends are available in the same + region as the load balancer. + isolationGranularity: + description: Optional. The isolation granularity of the load balancer. + enumDescriptions: + - >- + No isolation is configured for the backend service. Traffic can + overflow based on the load balancing algorithm. + - >- + Traffic for this service will be isolated at the cloud region + level. + type: string + enum: + - ISOLATION_GRANULARITY_UNSPECIFIED + - REGION + TcpRouteRouteRule: + description: >- + Specifies how to match traffic and how to route traffic when traffic is + matched. + properties: + matches: description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + Optional. RouteMatch defines the predicate used to match requests to + a given action. Multiple match types are "OR"ed for evaluation. If + no routeMatch field is specified, this rule will unconditionally + match traffic. type: array items: - type: string - condition: + $ref: '#/components/schemas/TcpRouteRouteMatch' + action: + description: Required. The detailed rule defining how to route matched traffic. + $ref: '#/components/schemas/TcpRouteRouteAction' + type: object + id: TcpRouteRouteRule + GrpcRouteDestination: + properties: + weight: + type: integer + format: int32 description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr + Optional. Specifies the proportion of requests forwarded to the + backend referenced by the serviceName field. This is computed as: - + weight/Sum(weights in this destination list). For non-zero values, + there may be some epsilon from the exact proportion defined here + depending on the precision an implementation supports. If only one + serviceName is specified and it has a weight greater than 0, 100% of + the traffic is forwarded to that backend. If weights are specified + for any one service name, they need to be specified for all of them. + If weights are unspecified for all services, then, traffic is + distributed in equal proportions to all of them. + serviceName: + type: string + description: >- + Required. The URL of a destination service to which to route + traffic. Must refer to either a BackendService or + ServiceDirectoryService. + type: object + id: GrpcRouteDestination + description: The destination to which traffic will be routed. + GrpcRouteFaultInjectionPolicyAbort: description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + Specification of how client requests are aborted as part of fault + injection before being sent to a destination. + id: GrpcRouteFaultInjectionPolicyAbort type: object properties: - expression: + percentage: description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string - title: + The percentage of traffic which will be aborted. The value must be + between [0, 100] + type: integer + format: int32 + httpStatus: + type: integer description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. - type: string - description: + The HTTP status code used to abort the request. The value must be + between 200 and 599 inclusive. + format: int32 + Operation: + id: Operation + description: >- + This resource represents a long-running operation that is the result of + a network API call. + type: object + properties: + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + response: + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + metadata: + type: object + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + error: description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + name: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string - AuditConfig: - id: AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + Gateway: type: object - properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig + id: Gateway description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - type: object + Gateway represents the configuration for a proxy, typically a load + balancer. It captures the ip:port over which the services are exposed by + the proxy, along with any policy configurations. Routes have reference + to to Gateways to dictate how requests should be routed by this Gateway. properties: - logType: - description: The log type that this config enables. + network: type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. + Optional. The relative resource name identifying the VPC network + that is using this configuration. For example: + `projects/*/global/networks/network-1`. Currently, this field is + specific to gateways of type 'SECURE_WEB_GATEWAY'. + name: + description: >- + Identifier. Name of the Gateway resource. It matches pattern + `projects/*/locations/*/gateways/`. + type: string + createTime: + type: string + format: google-datetime + readOnly: true + description: Output only. The timestamp when the resource was created. + certificateUrls: type: array items: type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array + Optional. A fully-qualified Certificates URL reference. The proxy + presents a Certificate (selected based on SNI) when establishing a + TLS connection. This feature only applies to gateways of type + 'SECURE_WEB_GATEWAY'. + addresses: items: type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object - properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. type: array - items: + description: >- + Optional. Zero or one IPv4 or IPv6 address on which the Gateway will + receive the traffic. When no address is provided, an IP from the + subnetwork is allocated This field only applies to gateways of type + 'SECURE_WEB_GATEWAY'. Gateways of type 'OPEN_MESH' listen on 0.0.0.0 + for IPv4 and :: for IPv6. + description: + type: string + description: >- + Optional. A free-text description of the resource. Max length 1024 + characters. + subnetwork: + description: >- + Optional. The relative resource name identifying the subnetwork in + which this SWG is allocated. For example: + `projects/*/regions/us-central1/subnetworks/network-1` Currently, + this field is specific to gateways of type 'SECURE_WEB_GATEWAY". + type: string + routingMode: + description: >- + Optional. The routing mode of the Gateway. This field is + configurable only for gateways of type SECURE_WEB_GATEWAY. This + field is required for gateways of type SECURE_WEB_GATEWAY. + type: string + enum: + - EXPLICIT_ROUTING_MODE + - NEXT_HOP_ROUTING_MODE + enumDescriptions: + - >- + The routing mode is explicit; clients are configured to send + traffic through the gateway. This is the default routing mode. + - >- + The routing mode is next-hop. Clients are unaware of the gateway, + and a route (advanced route or other route type) can be configured + to direct traffic from client to gateway. The gateway then acts as + a next-hop to the destination. + labels: + type: object + additionalProperties: type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. - type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + description: Optional. Set of label tags associated with the Gateway resource. + selfLink: type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. readOnly: true + description: Output only. Server-defined URL of this resource + serverTlsPolicy: type: string - format: google-datetime - target: description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true + Optional. A fully-qualified ServerTLSPolicy URL reference. Specifies + how TLS traffic is terminated. If empty, TLS termination is + disabled. + updateTime: type: string - verb: - description: Output only. Name of the verb executed by the operation. readOnly: true + description: Output only. The timestamp when the resource was updated. + format: google-datetime + envoyHeaders: type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true + enumDescriptions: + - Defaults to NONE. + - Suppress envoy debug headers. + - >- + Envoy will insert default internal debug headers into upstream + requests: x-envoy-attempt-count x-envoy-is-timeout-retry + x-envoy-expected-rq-timeout-ms x-envoy-original-path + x-envoy-upstream-stream-duration-ms + enum: + - ENVOY_HEADERS_UNSPECIFIED + - NONE + - DEBUG_HEADERS + description: >- + Optional. Determines if envoy will insert internal debug headers + into upstream requests. Other Envoy headers may still be injected. + By default, envoy will not insert any debug headers. + type: + description: >- + Immutable. The type of the customer managed gateway. This field is + required. If unspecified, an error is returned. type: string - requestedCancellation: + enum: + - TYPE_UNSPECIFIED + - OPEN_MESH + - SECURE_WEB_GATEWAY + enumDescriptions: + - The type of the customer managed gateway is unspecified. + - >- + The type of the customer managed gateway is TrafficDirector Open + Mesh. + - >- + The type of the customer managed gateway is SecureWebGateway + (SWG). + ipVersion: + enum: + - IP_VERSION_UNSPECIFIED + - IPV4 + - IPV6 description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + Optional. The IP Version that will be used by this gateway. Valid + options are IPV4 or IPV6. Default is IPV4. + enumDescriptions: + - The type when IP version is not specified. Defaults to IPV4. + - The type for IP version 4. + - The type for IP version 6. type: string - LoggingConfig: - id: LoggingConfig - description: >- - The configuration for Platform Telemetry logging for Eventarc Advanced - resources. - type: object - properties: - logSeverity: + ports: + items: + format: int32 + type: integer + type: array description: >- - Optional. The minimum severity of logs that will be sent to - Stackdriver/Platform Telemetry. Logs at severitiy ≥ this value will - be sent, unless it is NONE. + Required. One or more port numbers (1-65535), on which the Gateway + will receive traffic. The proxy binds to the specified ports. + Gateways of type 'SECURE_WEB_GATEWAY' are limited to 5 ports. + Gateways of type 'OPEN_MESH' listen on 0.0.0.0 for IPv4 and :: for + IPv6 and support multiple ports. + gatewaySecurityPolicy: type: string - enumDescriptions: - - >- - Log severity is not specified. This value is treated the same as - NONE, but is used to distinguish between no update and update to - NONE in update_masks. - - >- - Default value at resource creation, presence of this value must be - treated as no logging/disable logging. - - Debug or trace level logging. - - Routine information, such as ongoing status or performance. - - >- - Normal but significant events, such as start up, shut down, or a - configuration change. - - Warning events might cause problems. - - Error events are likely to cause problems. - - Critical events cause more severe problems or outages. - - A person must take action immediately. - - One or more systems are unusable. - enum: - - LOG_SEVERITY_UNSPECIFIED - - NONE - - DEBUG - - INFO - - NOTICE - - WARNING - - ERROR - - CRITICAL - - ALERT - - EMERGENCY - RetryFilterPerRouteConfig: - id: RetryFilterPerRouteConfig - type: object - properties: - cryptoKeyName: - description: The name of the crypto key to use for encrypting event data. + description: >- + Optional. A fully-qualified GatewaySecurityPolicy URL reference. + Defines how a server should apply security policy to inbound (VM to + Proxy) initiated connections. For example: + `projects/*/locations/*/gatewaySecurityPolicies/swg-policy`. This + policy is specific to gateways of type 'SECURE_WEB_GATEWAY'. + scope: + description: >- + Optional. Scope determines how configuration across multiple Gateway + instances are merged. The configuration for multiple Gateway + instances with the same scope will be merged as presented as a + single configuration to the proxy/load balancer. Max length 64 + characters. Scope should start with a letter and can only have + letters, numbers, hyphens. type: string parameters: - access_token: - description: OAuth access token. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: access_token + name: prettyPrint + schema: + type: boolean + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token schema: type: string alt: @@ -3810,39 +4006,39 @@ components: - json - media - proto - callback: - description: JSONP + _.xgafv: + description: V1 error format. in: query - name: callback + name: $.xgafv schema: type: string + enum: + - '1' + - '2' fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + access_token: + description: OAuth access token. in: query - name: key + name: access_token schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + callback: + description: JSONP in: query - name: oauth_token + name: callback schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: prettyPrint + name: upload_protocol schema: - type: boolean + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -3852,27 +4048,12 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query name: uploadType schema: type: string - _.xgafv: - description: V1 error format. - in: query - name: $.xgafv - schema: - type: string - enum: - - '1' - - '2' x-stackQL-resources: locations: id: google.networkservices.locations @@ -3905,6 +4086,27 @@ components: name: operations title: Operations methods: + cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' list: operation: $ref: >- @@ -3913,250 +4115,347 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.operations + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' + insert: [] + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + route_views: + id: google.networkservices.route_views + name: route_views + title: Route_views + methods: get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1meshes~1{meshesId}~1routeViews~1{routeViewsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1meshes~1{meshesId}~1routeViews/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.meshRouteViews + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/route_views/methods/get' + - $ref: '#/components/x-stackQL-resources/route_views/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + gateways: + id: google.networkservices.gateways + name: gateways + title: Gateways + methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.gateways + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways/post + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways~1{gatewaysId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways~1{gatewaysId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways~1{gatewaysId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/gateways/methods/get' + - $ref: '#/components/x-stackQL-resources/gateways/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/gateways/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/gateways/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/gateways/methods/delete' + grpc_routes: + id: google.networkservices.grpc_routes + name: grpc_routes + title: Grpc_routes + methods: + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1grpcRoutes/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1grpcRoutes/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1grpcRoutes~1{grpcRoutesId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1grpcRoutes~1{grpcRoutesId}/patch response: mediaType: application/json openAPIDocKey: '200' - cancel: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1grpcRoutes~1{grpcRoutesId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/grpc_routes/methods/get' + - $ref: '#/components/x-stackQL-resources/grpc_routes/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/grpc_routes/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/grpc_routes/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - lb_traffic_extensions: - id: google.networkservices.lb_traffic_extensions - name: lb_traffic_extensions - title: Lb_traffic_extensions + - $ref: '#/components/x-stackQL-resources/grpc_routes/methods/delete' + service_bindings: + id: google.networkservices.service_bindings + name: service_bindings + title: Service_bindings methods: - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbTrafficExtensions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceBindings~1{serviceBindingsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.lbTrafficExtensions - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbTrafficExtensions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceBindings~1{serviceBindingsId}/delete response: mediaType: application/json openAPIDocKey: '200' - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbTrafficExtensions~1{lbTrafficExtensionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceBindings~1{serviceBindingsId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbTrafficExtensions~1{lbTrafficExtensionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceBindings/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbTrafficExtensions~1{lbTrafficExtensionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceBindings/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/lb_traffic_extensions/methods/get' - - $ref: >- - #/components/x-stackQL-resources/lb_traffic_extensions/methods/list + - $ref: '#/components/x-stackQL-resources/service_bindings/methods/get' + - $ref: '#/components/x-stackQL-resources/service_bindings/methods/list' insert: - - $ref: >- - #/components/x-stackQL-resources/lb_traffic_extensions/methods/create + - $ref: '#/components/x-stackQL-resources/service_bindings/methods/create' update: - - $ref: >- - #/components/x-stackQL-resources/lb_traffic_extensions/methods/patch + - $ref: '#/components/x-stackQL-resources/service_bindings/methods/patch' replace: [] delete: - - $ref: >- - #/components/x-stackQL-resources/lb_traffic_extensions/methods/delete - lb_route_extensions: - id: google.networkservices.lb_route_extensions - name: lb_route_extensions - title: Lb_route_extensions + - $ref: '#/components/x-stackQL-resources/service_bindings/methods/delete' + meshes: + id: google.networkservices.meshes + name: meshes + title: Meshes methods: - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbRouteExtensions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1meshes~1{meshesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.lbRouteExtensions - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbRouteExtensions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1meshes~1{meshesId}/patch response: mediaType: application/json openAPIDocKey: '200' - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbRouteExtensions~1{lbRouteExtensionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1meshes~1{meshesId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbRouteExtensions~1{lbRouteExtensionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1meshes/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.unreachable + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbRouteExtensions~1{lbRouteExtensionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1meshes/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/lb_route_extensions/methods/get' - - $ref: '#/components/x-stackQL-resources/lb_route_extensions/methods/list' + - $ref: '#/components/x-stackQL-resources/meshes/methods/get' + - $ref: '#/components/x-stackQL-resources/meshes/methods/list' insert: - - $ref: >- - #/components/x-stackQL-resources/lb_route_extensions/methods/create + - $ref: '#/components/x-stackQL-resources/meshes/methods/create' update: - - $ref: '#/components/x-stackQL-resources/lb_route_extensions/methods/patch' + - $ref: '#/components/x-stackQL-resources/meshes/methods/patch' replace: [] delete: - - $ref: >- - #/components/x-stackQL-resources/lb_route_extensions/methods/delete - authz_extensions: - id: google.networkservices.authz_extensions - name: authz_extensions - title: Authz_extensions + - $ref: '#/components/x-stackQL-resources/meshes/methods/delete' + http_routes: + id: google.networkservices.http_routes + name: http_routes + title: Http_routes methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzExtensions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1httpRoutes/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.authzExtensions + objectKey: $.httpRoutes create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzExtensions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1httpRoutes/post response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzExtensions~1{authzExtensionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1httpRoutes~1{httpRoutesId}/get response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzExtensions~1{authzExtensionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1httpRoutes~1{httpRoutesId}/patch response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzExtensions~1{authzExtensionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1httpRoutes~1{httpRoutesId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/authz_extensions/methods/get' - - $ref: '#/components/x-stackQL-resources/authz_extensions/methods/list' + - $ref: '#/components/x-stackQL-resources/http_routes/methods/get' + - $ref: '#/components/x-stackQL-resources/http_routes/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/authz_extensions/methods/create' + - $ref: '#/components/x-stackQL-resources/http_routes/methods/create' update: - - $ref: '#/components/x-stackQL-resources/authz_extensions/methods/patch' + - $ref: '#/components/x-stackQL-resources/http_routes/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/authz_extensions/methods/delete' - endpoint_policies: - id: google.networkservices.endpoint_policies - name: endpoint_policies - title: Endpoint_policies + - $ref: '#/components/x-stackQL-resources/http_routes/methods/delete' + versions: + id: google.networkservices.versions + name: versions + title: Versions methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpointPolicies/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1wasmPlugins~1{wasmPluginsId}~1versions/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.endpointPolicies + objectKey: $.wasmPluginVersions create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpointPolicies/post - response: - mediaType: application/json - openAPIDocKey: '200' - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpointPolicies~1{endpointPoliciesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1wasmPlugins~1{wasmPluginsId}~1versions/post response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpointPolicies~1{endpointPoliciesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1wasmPlugins~1{wasmPluginsId}~1versions~1{versionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpointPolicies~1{endpointPoliciesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1wasmPlugins~1{wasmPluginsId}~1versions~1{versionsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/endpoint_policies/methods/get' - - $ref: '#/components/x-stackQL-resources/endpoint_policies/methods/list' + - $ref: '#/components/x-stackQL-resources/versions/methods/get' + - $ref: '#/components/x-stackQL-resources/versions/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/endpoint_policies/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/endpoint_policies/methods/patch' + - $ref: '#/components/x-stackQL-resources/versions/methods/create' + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/endpoint_policies/methods/delete' + - $ref: '#/components/x-stackQL-resources/versions/methods/delete' wasm_plugins: id: google.networkservices.wasm_plugins name: wasm_plugins @@ -4169,7 +4468,7 @@ components: response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.wasmPlugins + objectKey: $.unreachable create: operation: $ref: >- @@ -4209,239 +4508,228 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/wasm_plugins/methods/delete' - versions: - id: google.networkservices.versions - name: versions - title: Versions + authz_extensions: + id: google.networkservices.authz_extensions + name: authz_extensions + title: Authz_extensions methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1wasmPlugins~1{wasmPluginsId}~1versions/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.wasmPluginVersions - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1wasmPlugins~1{wasmPluginsId}~1versions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzExtensions~1{authzExtensionsId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1wasmPlugins~1{wasmPluginsId}~1versions~1{versionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzExtensions~1{authzExtensionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1wasmPlugins~1{wasmPluginsId}~1versions~1{versionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzExtensions~1{authzExtensionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/versions/methods/get' - - $ref: '#/components/x-stackQL-resources/versions/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/versions/methods/create' - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/versions/methods/delete' - gateways: - id: google.networkservices.gateways - name: gateways - title: Gateways - methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzExtensions/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.gateways + objectKey: $.unreachable create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1authzExtensions/post response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/authz_extensions/methods/get' + - $ref: '#/components/x-stackQL-resources/authz_extensions/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/authz_extensions/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/authz_extensions/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/authz_extensions/methods/delete' + endpoint_policies: + id: google.networkservices.endpoint_policies + name: endpoint_policies + title: Endpoint_policies + methods: get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways~1{gatewaysId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpointPolicies~1{endpointPoliciesId}/get response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways~1{gatewaysId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1gateways~1{gatewaysId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpointPolicies~1{endpointPoliciesId}/patch response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/gateways/methods/get' - - $ref: '#/components/x-stackQL-resources/gateways/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/gateways/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/gateways/methods/patch' - replace: [] delete: - - $ref: '#/components/x-stackQL-resources/gateways/methods/delete' - route_views: - id: google.networkservices.route_views - name: route_views - title: Route_views - methods: - get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1meshes~1{meshesId}~1routeViews~1{routeViewsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpointPolicies~1{endpointPoliciesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpointPolicies/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1meshes~1{meshesId}~1routeViews/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1endpointPolicies/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.meshRouteViews + objectKey: $.endpointPolicies sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/route_views/methods/get' - - $ref: '#/components/x-stackQL-resources/route_views/methods/list' - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/endpoint_policies/methods/get' + - $ref: '#/components/x-stackQL-resources/endpoint_policies/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/endpoint_policies/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/endpoint_policies/methods/patch' replace: [] - delete: [] - grpc_routes: - id: google.networkservices.grpc_routes - name: grpc_routes - title: Grpc_routes + delete: + - $ref: '#/components/x-stackQL-resources/endpoint_policies/methods/delete' + lb_route_extensions: + id: google.networkservices.lb_route_extensions + name: lb_route_extensions + title: Lb_route_extensions methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1grpcRoutes/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbRouteExtensions/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.grpcRoutes + objectKey: $.unreachable create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1grpcRoutes/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbRouteExtensions/post response: mediaType: application/json openAPIDocKey: '200' - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1grpcRoutes~1{grpcRoutesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbRouteExtensions~1{lbRouteExtensionsId}/delete response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1grpcRoutes~1{grpcRoutesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbRouteExtensions~1{lbRouteExtensionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1grpcRoutes~1{grpcRoutesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbRouteExtensions~1{lbRouteExtensionsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/grpc_routes/methods/get' - - $ref: '#/components/x-stackQL-resources/grpc_routes/methods/list' + - $ref: '#/components/x-stackQL-resources/lb_route_extensions/methods/get' + - $ref: '#/components/x-stackQL-resources/lb_route_extensions/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/grpc_routes/methods/create' + - $ref: >- + #/components/x-stackQL-resources/lb_route_extensions/methods/create update: - - $ref: '#/components/x-stackQL-resources/grpc_routes/methods/patch' + - $ref: '#/components/x-stackQL-resources/lb_route_extensions/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/grpc_routes/methods/delete' - http_routes: - id: google.networkservices.http_routes - name: http_routes - title: Http_routes + - $ref: >- + #/components/x-stackQL-resources/lb_route_extensions/methods/delete + lb_edge_extensions: + id: google.networkservices.lb_edge_extensions + name: lb_edge_extensions + title: Lb_edge_extensions methods: - list: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1httpRoutes/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbEdgeExtensions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.httpRoutes - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1httpRoutes/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbEdgeExtensions/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.lbEdgeExtensions get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1httpRoutes~1{httpRoutesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbEdgeExtensions~1{lbEdgeExtensionsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1httpRoutes~1{httpRoutesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbEdgeExtensions~1{lbEdgeExtensionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1httpRoutes~1{httpRoutesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbEdgeExtensions~1{lbEdgeExtensionsId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/http_routes/methods/get' - - $ref: '#/components/x-stackQL-resources/http_routes/methods/list' + - $ref: '#/components/x-stackQL-resources/lb_edge_extensions/methods/get' + - $ref: '#/components/x-stackQL-resources/lb_edge_extensions/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/http_routes/methods/create' + - $ref: '#/components/x-stackQL-resources/lb_edge_extensions/methods/create' update: - - $ref: '#/components/x-stackQL-resources/http_routes/methods/patch' + - $ref: '#/components/x-stackQL-resources/lb_edge_extensions/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/http_routes/methods/delete' + - $ref: '#/components/x-stackQL-resources/lb_edge_extensions/methods/delete' tcp_routes: id: google.networkservices.tcp_routes name: tcp_routes title: Tcp_routes methods: + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tcpRoutes/post + response: + mediaType: application/json + openAPIDocKey: '200' list: operation: $ref: >- @@ -4449,11 +4737,11 @@ components: response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tcpRoutes - create: + objectKey: $.unreachable + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tcpRoutes/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tcpRoutes~1{tcpRoutesId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -4471,13 +4759,6 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tcpRoutes~1{tcpRoutesId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/tcp_routes/methods/get' @@ -4489,26 +4770,63 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/tcp_routes/methods/delete' + edge_cache_origins_iam_policies: + id: google.networkservices.edge_cache_origins_iam_policies + name: edge_cache_origins_iam_policies + title: Edge_cache_origins_iam_policies + methods: + get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1edgeCacheOrigins~1{edgeCacheOriginsId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + test_iam_permissions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1edgeCacheOrigins~1{edgeCacheOriginsId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1edgeCacheOrigins~1{edgeCacheOriginsId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/edge_cache_origins_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/edge_cache_origins_iam_policies/methods/set_iam_policy + delete: [] tls_routes: id: google.networkservices.tls_routes name: tls_routes title: Tls_routes methods: - list: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tlsRoutes/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tlsRoutes/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tlsRoutes - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tlsRoutes/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1tlsRoutes/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable get: operation: $ref: >- @@ -4541,123 +4859,104 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/tls_routes/methods/delete' - service_bindings: - id: google.networkservices.service_bindings - name: service_bindings - title: Service_bindings + edge_cache_services_iam_policies: + id: google.networkservices.edge_cache_services_iam_policies + name: edge_cache_services_iam_policies + title: Edge_cache_services_iam_policies methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceBindings/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.serviceBindings - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceBindings/post - response: - mediaType: application/json - openAPIDocKey: '200' - get: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceBindings~1{serviceBindingsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1edgeCacheServices~1{edgeCacheServicesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - patch: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceBindings~1{serviceBindingsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1edgeCacheServices~1{edgeCacheServicesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - delete: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceBindings~1{serviceBindingsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1edgeCacheServices~1{edgeCacheServicesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/service_bindings/methods/get' - - $ref: '#/components/x-stackQL-resources/service_bindings/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/service_bindings/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/service_bindings/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/service_bindings/methods/delete' - meshes: - id: google.networkservices.meshes - name: meshes - title: Meshes + - $ref: >- + #/components/x-stackQL-resources/edge_cache_services_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/edge_cache_services_iam_policies/methods/set_iam_policy + delete: [] + lb_traffic_extensions: + id: google.networkservices.lb_traffic_extensions + name: lb_traffic_extensions + title: Lb_traffic_extensions methods: - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1meshes/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbTrafficExtensions~1{lbTrafficExtensionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.meshes - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1meshes/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbTrafficExtensions~1{lbTrafficExtensionsId}/patch response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1meshes~1{meshesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbTrafficExtensions~1{lbTrafficExtensionsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1meshes~1{meshesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbTrafficExtensions/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.unreachable + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1meshes~1{meshesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1lbTrafficExtensions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/meshes/methods/get' - - $ref: '#/components/x-stackQL-resources/meshes/methods/list' + - $ref: '#/components/x-stackQL-resources/lb_traffic_extensions/methods/get' + - $ref: >- + #/components/x-stackQL-resources/lb_traffic_extensions/methods/list insert: - - $ref: '#/components/x-stackQL-resources/meshes/methods/create' + - $ref: >- + #/components/x-stackQL-resources/lb_traffic_extensions/methods/create update: - - $ref: '#/components/x-stackQL-resources/meshes/methods/patch' + - $ref: >- + #/components/x-stackQL-resources/lb_traffic_extensions/methods/patch replace: [] delete: - - $ref: '#/components/x-stackQL-resources/meshes/methods/delete' - service_lb_policies: - id: google.networkservices.service_lb_policies - name: service_lb_policies - title: Service_lb_policies - methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceLbPolicies/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.serviceLbPolicies + - $ref: >- + #/components/x-stackQL-resources/lb_traffic_extensions/methods/delete + service_lb_policies: + id: google.networkservices.service_lb_policies + name: service_lb_policies + title: Service_lb_policies + methods: create: operation: $ref: >- @@ -4665,13 +4964,14 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceLbPolicies~1{serviceLbPoliciesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceLbPolicies/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.serviceLbPolicies patch: operation: $ref: >- @@ -4686,6 +4986,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1serviceLbPolicies~1{serviceLbPoliciesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/service_lb_policies/methods/get' @@ -4711,14 +5018,6 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1edgeCacheKeysets~1{edgeCacheKeysetsId}:getIamPolicy/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings test_iam_permissions: operation: $ref: >- @@ -4726,104 +5025,38 @@ components: response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/edge_cache_keysets_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/edge_cache_keysets_iam_policies/methods/set_iam_policy - delete: [] - edge_cache_origins_iam_policies: - id: google.networkservices.edge_cache_origins_iam_policies - name: edge_cache_origins_iam_policies - title: Edge_cache_origins_iam_policies - methods: - set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1edgeCacheOrigins~1{edgeCacheOriginsId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - get_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1edgeCacheOrigins~1{edgeCacheOriginsId}:getIamPolicy/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1edgeCacheOrigins~1{edgeCacheOriginsId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/edge_cache_origins_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/edge_cache_origins_iam_policies/methods/set_iam_policy - delete: [] - edge_cache_services_iam_policies: - id: google.networkservices.edge_cache_services_iam_policies - name: edge_cache_services_iam_policies - title: Edge_cache_services_iam_policies - methods: - set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1edgeCacheServices~1{edgeCacheServicesId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1edgeCacheServices~1{edgeCacheServicesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1edgeCacheKeysets~1{edgeCacheKeysetsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - test_iam_permissions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1edgeCacheServices~1{edgeCacheServicesId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/edge_cache_services_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/edge_cache_keysets_iam_policies/methods/get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/edge_cache_services_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/edge_cache_keysets_iam_policies/methods/set_iam_policy delete: [] paths: /v1/projects/{projectsId}/locations: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' get: description: Lists information about the supported locations for this service. operationId: networkservices.projects.locations.list @@ -4845,10 +5078,6 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: @@ -4862,6 +5091,10 @@ paths: name: extraLocationTypes schema: type: string + - in: query + name: filter + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}: parameters: *ref_1 get: @@ -4890,13 +5123,25 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: networkservices.projects.locations.operations.list + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: networkservices.projects.locations.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4908,7 +5153,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -4920,17 +5165,9 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: @@ -5004,25 +5241,96 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: networkservices.projects.locations.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: networkservices.projects.locations.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListOperationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/gateways/{gatewaysId}/routeViews/{routeViewsId}: + parameters: *ref_1 + get: + description: Get a single RouteView of a Gateway. + operationId: networkservices.projects.locations.gateways.routeViews.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GatewayRouteView' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: gatewaysId + required: true + schema: + type: string + - in: path + name: routeViewsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/gateways/{gatewaysId}/routeViews: + parameters: *ref_1 + get: + description: Lists RouteViews + operationId: networkservices.projects.locations.gateways.routeViews.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5034,7 +5342,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListGatewayRouteViewsResponse' parameters: - in: path name: projectsId @@ -5047,15 +5355,24 @@ paths: schema: type: string - in: path - name: operationsId + name: gatewaysId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/lbTrafficExtensions: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/gateways: parameters: *ref_1 get: - description: Lists `LbTrafficExtension` resources in a given project and location. - operationId: networkservices.projects.locations.lbTrafficExtensions.list + description: Lists Gateways in a given project and location. + operationId: networkservices.projects.locations.gateways.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5067,7 +5384,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLbTrafficExtensionsResponse' + $ref: '#/components/schemas/ListGatewaysResponse' parameters: - in: path name: projectsId @@ -5088,24 +5405,14 @@ paths: name: pageToken schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string post: - description: >- - Creates a new `LbTrafficExtension` resource in a given project and - location. - operationId: networkservices.projects.locations.lbTrafficExtensions.create + description: Creates a new Gateway in a given project and location. + operationId: networkservices.projects.locations.gateways.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/LbTrafficExtension' + $ref: '#/components/schemas/Gateway' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5130,18 +5437,45 @@ paths: schema: type: string - in: query - name: lbTrafficExtensionId + name: gatewayId schema: type: string - - in: query - name: requestId + /v1/projects/{projectsId}/locations/{locationsId}/gateways/{gatewaysId}: + parameters: *ref_1 + delete: + description: Deletes a single Gateway. + operationId: networkservices.projects.locations.gateways.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: gatewaysId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/lbTrafficExtensions/{lbTrafficExtensionsId}: - parameters: *ref_1 get: - description: Gets details of the specified `LbTrafficExtension` resource. - operationId: networkservices.projects.locations.lbTrafficExtensions.get + description: Gets details of a single Gateway. + operationId: networkservices.projects.locations.gateways.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5153,7 +5487,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LbTrafficExtension' + $ref: '#/components/schemas/Gateway' parameters: - in: path name: projectsId @@ -5166,18 +5500,18 @@ paths: schema: type: string - in: path - name: lbTrafficExtensionsId + name: gatewaysId required: true schema: type: string patch: - description: Updates the parameters of the specified `LbTrafficExtension` resource. - operationId: networkservices.projects.locations.lbTrafficExtensions.patch + description: Updates the parameters of a single Gateway. + operationId: networkservices.projects.locations.gateways.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/LbTrafficExtension' + $ref: '#/components/schemas/Gateway' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5202,7 +5536,7 @@ paths: schema: type: string - in: path - name: lbTrafficExtensionsId + name: gatewaysId required: true schema: type: string @@ -5211,13 +5545,16 @@ paths: schema: type: string format: google-fieldmask - - in: query - name: requestId - schema: - type: string - delete: - description: Deletes the specified `LbTrafficExtension` resource. - operationId: networkservices.projects.locations.lbTrafficExtensions.delete + /v1/projects/{projectsId}/locations/{locationsId}/grpcRoutes: + parameters: *ref_1 + post: + description: Creates a new GrpcRoute in a given project and location. + operationId: networkservices.projects.locations.grpcRoutes.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GrpcRoute' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5241,20 +5578,13 @@ paths: required: true schema: type: string - - in: path - name: lbTrafficExtensionsId - required: true - schema: - type: string - in: query - name: requestId + name: grpcRouteId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/lbRouteExtensions: - parameters: *ref_1 get: - description: Lists `LbRouteExtension` resources in a given project and location. - operationId: networkservices.projects.locations.lbRouteExtensions.list + description: Lists GrpcRoutes in a given project and location. + operationId: networkservices.projects.locations.grpcRoutes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5266,7 +5596,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLbRouteExtensionsResponse' + $ref: '#/components/schemas/ListGrpcRoutesResponse' parameters: - in: path name: projectsId @@ -5278,33 +5608,60 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/grpcRoutes/{grpcRoutesId}: + parameters: *ref_1 + delete: + description: Deletes a single GrpcRoute. + operationId: networkservices.projects.locations.grpcRoutes.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true schema: type: string - - in: query - name: filter + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: orderBy + - in: path + name: grpcRoutesId + required: true schema: type: string - post: - description: >- - Creates a new `LbRouteExtension` resource in a given project and - location. - operationId: networkservices.projects.locations.lbRouteExtensions.create + patch: + description: Updates the parameters of a single GrpcRoute. + operationId: networkservices.projects.locations.grpcRoutes.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/LbRouteExtension' + $ref: '#/components/schemas/GrpcRoute' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5328,19 +5685,19 @@ paths: required: true schema: type: string - - in: query - name: lbRouteExtensionId + - in: path + name: grpcRoutesId + required: true schema: type: string - in: query - name: requestId + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/lbRouteExtensions/{lbRouteExtensionsId}: - parameters: *ref_1 + format: google-fieldmask get: - description: Gets details of the specified `LbRouteExtension` resource. - operationId: networkservices.projects.locations.lbRouteExtensions.get + description: Gets details of a single GrpcRoute. + operationId: networkservices.projects.locations.grpcRoutes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5352,7 +5709,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LbRouteExtension' + $ref: '#/components/schemas/GrpcRoute' parameters: - in: path name: projectsId @@ -5365,18 +5722,15 @@ paths: schema: type: string - in: path - name: lbRouteExtensionsId + name: grpcRoutesId required: true schema: type: string - patch: - description: Updates the parameters of the specified `LbRouteExtension` resource. - operationId: networkservices.projects.locations.lbRouteExtensions.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LbRouteExtension' + /v1/projects/{projectsId}/locations/{locationsId}/serviceBindings/{serviceBindingsId}: + parameters: *ref_1 + get: + description: Gets details of a single ServiceBinding. + operationId: networkservices.projects.locations.serviceBindings.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5388,7 +5742,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ServiceBinding' parameters: - in: path name: projectsId @@ -5401,22 +5755,49 @@ paths: schema: type: string - in: path - name: lbRouteExtensionsId + name: serviceBindingsId required: true schema: type: string - - in: query - name: updateMask + delete: + description: Deletes a single ServiceBinding. + operationId: networkservices.projects.locations.serviceBindings.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true schema: type: string - format: google-fieldmask - - in: query - name: requestId + - in: path + name: locationsId + required: true schema: type: string - delete: - description: Deletes the specified `LbRouteExtension` resource. - operationId: networkservices.projects.locations.lbRouteExtensions.delete + - in: path + name: serviceBindingsId + required: true + schema: + type: string + patch: + description: Updates the parameters of a single ServiceBinding. + operationId: networkservices.projects.locations.serviceBindings.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceBinding' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5441,19 +5822,25 @@ paths: schema: type: string - in: path - name: lbRouteExtensionsId + name: serviceBindingsId required: true schema: type: string - in: query - name: requestId + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authzExtensions: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/serviceBindings: parameters: *ref_1 - get: - description: Lists `AuthzExtension` resources in a given project and location. - operationId: networkservices.projects.locations.authzExtensions.list + post: + description: Creates a new ServiceBinding in a given project and location. + operationId: networkservices.projects.locations.serviceBindings.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceBinding' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5465,7 +5852,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAuthzExtensionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5478,30 +5865,12 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + name: serviceBindingId schema: type: string - post: - description: Creates a new `AuthzExtension` resource in a given project and location. - operationId: networkservices.projects.locations.authzExtensions.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AuthzExtension' + get: + description: Lists ServiceBinding in a given project and location. + operationId: networkservices.projects.locations.serviceBindings.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5513,7 +5882,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListServiceBindingsResponse' parameters: - in: path name: projectsId @@ -5526,18 +5895,19 @@ paths: schema: type: string - in: query - name: authzExtensionId + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: requestId + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/authzExtensions/{authzExtensionsId}: + /v1/projects/{projectsId}/locations/{locationsId}/meshes/{meshesId}: parameters: *ref_1 get: - description: Gets details of the specified `AuthzExtension` resource. - operationId: networkservices.projects.locations.authzExtensions.get + description: Gets details of a single Mesh. + operationId: networkservices.projects.locations.meshes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5549,7 +5919,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AuthzExtension' + $ref: '#/components/schemas/Mesh' parameters: - in: path name: projectsId @@ -5562,18 +5932,18 @@ paths: schema: type: string - in: path - name: authzExtensionsId + name: meshesId required: true schema: type: string patch: - description: Updates the parameters of the specified `AuthzExtension` resource. - operationId: networkservices.projects.locations.authzExtensions.patch + description: Updates the parameters of a single Mesh. + operationId: networkservices.projects.locations.meshes.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/AuthzExtension' + $ref: '#/components/schemas/Mesh' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5598,7 +5968,7 @@ paths: schema: type: string - in: path - name: authzExtensionsId + name: meshesId required: true schema: type: string @@ -5607,13 +5977,9 @@ paths: schema: type: string format: google-fieldmask - - in: query - name: requestId - schema: - type: string delete: - description: Deletes the specified `AuthzExtension` resource. - operationId: networkservices.projects.locations.authzExtensions.delete + description: Deletes a single Mesh. + operationId: networkservices.projects.locations.meshes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5638,19 +6004,15 @@ paths: schema: type: string - in: path - name: authzExtensionsId + name: meshesId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpointPolicies: + /v1/projects/{projectsId}/locations/{locationsId}/meshes: parameters: *ref_1 get: - description: Lists EndpointPolicies in a given project and location. - operationId: networkservices.projects.locations.endpointPolicies.list + description: Lists Meshes in a given project and location. + operationId: networkservices.projects.locations.meshes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5662,7 +6024,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListEndpointPoliciesResponse' + $ref: '#/components/schemas/ListMeshesResponse' parameters: - in: path name: projectsId @@ -5679,22 +6041,22 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - in: query name: returnPartialSuccess schema: type: boolean + - in: query + name: pageToken + schema: + type: string post: - description: Creates a new EndpointPolicy in a given project and location. - operationId: networkservices.projects.locations.endpointPolicies.create + description: Creates a new Mesh in a given project and location. + operationId: networkservices.projects.locations.meshes.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/EndpointPolicy' + $ref: '#/components/schemas/Mesh' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5719,14 +6081,14 @@ paths: schema: type: string - in: query - name: endpointPolicyId + name: meshId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/endpointPolicies/{endpointPoliciesId}: + /v1/projects/{projectsId}/locations/{locationsId}/meshes/{meshesId}/routeViews: parameters: *ref_1 get: - description: Gets details of a single EndpointPolicy. - operationId: networkservices.projects.locations.endpointPolicies.get + description: Lists RouteViews + operationId: networkservices.projects.locations.meshes.routeViews.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5738,7 +6100,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EndpointPolicy' + $ref: '#/components/schemas/ListMeshRouteViewsResponse' parameters: - in: path name: projectsId @@ -5751,54 +6113,24 @@ paths: schema: type: string - in: path - name: endpointPoliciesId - required: true - schema: - type: string - patch: - description: Updates the parameters of a single EndpointPolicy. - operationId: networkservices.projects.locations.endpointPolicies.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/EndpointPolicy' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId + name: meshesId required: true schema: type: string - - in: path - name: endpointPoliciesId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - delete: - description: Deletes a single EndpointPolicy. - operationId: networkservices.projects.locations.endpointPolicies.delete + /v1/projects/{projectsId}/locations/{locationsId}/meshes/{meshesId}/routeViews/{routeViewsId}: + parameters: *ref_1 + get: + description: Get a single RouteView of a Mesh. + operationId: networkservices.projects.locations.meshes.routeViews.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5810,7 +6142,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/MeshRouteView' parameters: - in: path name: projectsId @@ -5823,15 +6155,20 @@ paths: schema: type: string - in: path - name: endpointPoliciesId + name: meshesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/wasmPlugins: + - in: path + name: routeViewsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/httpRoutes: parameters: *ref_1 get: - description: Lists `WasmPlugin` resources in a given project and location. - operationId: networkservices.projects.locations.wasmPlugins.list + description: Lists HttpRoute in a given project and location. + operationId: networkservices.projects.locations.httpRoutes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5843,7 +6180,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListWasmPluginsResponse' + $ref: '#/components/schemas/ListHttpRoutesResponse' parameters: - in: path name: projectsId @@ -5860,18 +6197,22 @@ paths: schema: type: integer format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: pageToken schema: type: string post: - description: Creates a new `WasmPlugin` resource in a given project and location. - operationId: networkservices.projects.locations.wasmPlugins.create + description: Creates a new HttpRoute in a given project and location. + operationId: networkservices.projects.locations.httpRoutes.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/WasmPlugin' + $ref: '#/components/schemas/HttpRoute' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5896,14 +6237,14 @@ paths: schema: type: string - in: query - name: wasmPluginId + name: httpRouteId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/wasmPlugins/{wasmPluginsId}: + /v1/projects/{projectsId}/locations/{locationsId}/httpRoutes/{httpRoutesId}: parameters: *ref_1 get: - description: Gets details of the specified `WasmPlugin` resource. - operationId: networkservices.projects.locations.wasmPlugins.get + description: Gets details of a single HttpRoute. + operationId: networkservices.projects.locations.httpRoutes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5915,7 +6256,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WasmPlugin' + $ref: '#/components/schemas/HttpRoute' parameters: - in: path name: projectsId @@ -5928,22 +6269,18 @@ paths: schema: type: string - in: path - name: wasmPluginsId + name: httpRoutesId required: true schema: type: string - - in: query - name: view - schema: - type: string patch: - description: Updates the parameters of the specified `WasmPlugin` resource. - operationId: networkservices.projects.locations.wasmPlugins.patch + description: Updates the parameters of a single HttpRoute. + operationId: networkservices.projects.locations.httpRoutes.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/WasmPlugin' + $ref: '#/components/schemas/HttpRoute' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5968,7 +6305,7 @@ paths: schema: type: string - in: path - name: wasmPluginsId + name: httpRoutesId required: true schema: type: string @@ -5978,8 +6315,8 @@ paths: type: string format: google-fieldmask delete: - description: Deletes the specified `WasmPlugin` resource. - operationId: networkservices.projects.locations.wasmPlugins.delete + description: Deletes a single HttpRoute. + operationId: networkservices.projects.locations.httpRoutes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6004,7 +6341,7 @@ paths: schema: type: string - in: path - name: wasmPluginsId + name: httpRoutesId required: true schema: type: string @@ -6094,9 +6431,9 @@ paths: type: string /v1/projects/{projectsId}/locations/{locationsId}/wasmPlugins/{wasmPluginsId}/versions/{versionsId}: parameters: *ref_1 - get: - description: Gets details of the specified `WasmPluginVersion` resource. - operationId: networkservices.projects.locations.wasmPlugins.versions.get + delete: + description: Deletes the specified `WasmPluginVersion` resource. + operationId: networkservices.projects.locations.wasmPlugins.versions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6108,7 +6445,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WasmPluginVersion' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6130,9 +6467,9 @@ paths: required: true schema: type: string - delete: - description: Deletes the specified `WasmPluginVersion` resource. - operationId: networkservices.projects.locations.wasmPlugins.versions.delete + get: + description: Gets details of the specified `WasmPluginVersion` resource. + operationId: networkservices.projects.locations.wasmPlugins.versions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6144,7 +6481,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/WasmPluginVersion' parameters: - in: path name: projectsId @@ -6166,11 +6503,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/gateways: + /v1/projects/{projectsId}/locations/{locationsId}/wasmPlugins: parameters: *ref_1 get: - description: Lists Gateways in a given project and location. - operationId: networkservices.projects.locations.gateways.list + description: Lists `WasmPlugin` resources in a given project and location. + operationId: networkservices.projects.locations.wasmPlugins.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6182,7 +6519,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListGatewaysResponse' + $ref: '#/components/schemas/ListWasmPluginsResponse' parameters: - in: path name: projectsId @@ -6194,23 +6531,23 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string post: - description: Creates a new Gateway in a given project and location. - operationId: networkservices.projects.locations.gateways.create + description: Creates a new `WasmPlugin` resource in a given project and location. + operationId: networkservices.projects.locations.wasmPlugins.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Gateway' + $ref: '#/components/schemas/WasmPlugin' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6235,14 +6572,14 @@ paths: schema: type: string - in: query - name: gatewayId + name: wasmPluginId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/gateways/{gatewaysId}: + /v1/projects/{projectsId}/locations/{locationsId}/wasmPlugins/{wasmPluginsId}: parameters: *ref_1 get: - description: Gets details of a single Gateway. - operationId: networkservices.projects.locations.gateways.get + description: Gets details of the specified `WasmPlugin` resource. + operationId: networkservices.projects.locations.wasmPlugins.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6254,7 +6591,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Gateway' + $ref: '#/components/schemas/WasmPlugin' parameters: - in: path name: projectsId @@ -6267,18 +6604,22 @@ paths: schema: type: string - in: path - name: gatewaysId + name: wasmPluginsId required: true schema: type: string + - in: query + name: view + schema: + type: string patch: - description: Updates the parameters of a single Gateway. - operationId: networkservices.projects.locations.gateways.patch + description: Updates the parameters of the specified `WasmPlugin` resource. + operationId: networkservices.projects.locations.wasmPlugins.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Gateway' + $ref: '#/components/schemas/WasmPlugin' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6303,7 +6644,7 @@ paths: schema: type: string - in: path - name: gatewaysId + name: wasmPluginsId required: true schema: type: string @@ -6313,8 +6654,8 @@ paths: type: string format: google-fieldmask delete: - description: Deletes a single Gateway. - operationId: networkservices.projects.locations.gateways.delete + description: Deletes the specified `WasmPlugin` resource. + operationId: networkservices.projects.locations.wasmPlugins.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6339,15 +6680,15 @@ paths: schema: type: string - in: path - name: gatewaysId + name: wasmPluginsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/gateways/{gatewaysId}/routeViews/{routeViewsId}: + /v1/projects/{projectsId}/locations/{locationsId}/authzExtensions/{authzExtensionsId}: parameters: *ref_1 get: - description: Get a single RouteView of a Gateway. - operationId: networkservices.projects.locations.gateways.routeViews.get + description: Gets details of the specified `AuthzExtension` resource. + operationId: networkservices.projects.locations.authzExtensions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6359,7 +6700,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GatewayRouteView' + $ref: '#/components/schemas/AuthzExtension' parameters: - in: path name: projectsId @@ -6372,20 +6713,53 @@ paths: schema: type: string - in: path - name: gatewaysId + name: authzExtensionsId + required: true + schema: + type: string + delete: + description: Deletes the specified `AuthzExtension` resource. + operationId: networkservices.projects.locations.authzExtensions.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId required: true schema: type: string - in: path - name: routeViewsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/gateways/{gatewaysId}/routeViews: - parameters: *ref_1 - get: - description: Lists RouteViews - operationId: networkservices.projects.locations.gateways.routeViews.list + - in: path + name: authzExtensionsId + required: true + schema: + type: string + - in: query + name: requestId + schema: + type: string + patch: + description: Updates the parameters of the specified `AuthzExtension` resource. + operationId: networkservices.projects.locations.authzExtensions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthzExtension' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6397,7 +6771,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListGatewayRouteViewsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6410,24 +6784,24 @@ paths: schema: type: string - in: path - name: gatewaysId + name: authzExtensionsId required: true schema: type: string - in: query - name: pageSize + name: requestId schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/grpcRoutes: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/authzExtensions: parameters: *ref_1 get: - description: Lists GrpcRoutes in a given project and location. - operationId: networkservices.projects.locations.grpcRoutes.list + description: Lists `AuthzExtension` resources in a given project and location. + operationId: networkservices.projects.locations.authzExtensions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6439,7 +6813,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListGrpcRoutesResponse' + $ref: '#/components/schemas/ListAuthzExtensionsResponse' parameters: - in: path name: projectsId @@ -6451,6 +6825,10 @@ paths: required: true schema: type: string + - in: query + name: filter + schema: + type: string - in: query name: pageSize schema: @@ -6461,17 +6839,17 @@ paths: schema: type: string - in: query - name: returnPartialSuccess + name: orderBy schema: - type: boolean + type: string post: - description: Creates a new GrpcRoute in a given project and location. - operationId: networkservices.projects.locations.grpcRoutes.create + description: Creates a new `AuthzExtension` resource in a given project and location. + operationId: networkservices.projects.locations.authzExtensions.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GrpcRoute' + $ref: '#/components/schemas/AuthzExtension' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6496,14 +6874,18 @@ paths: schema: type: string - in: query - name: grpcRouteId + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/grpcRoutes/{grpcRoutesId}: + - in: query + name: authzExtensionId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/endpointPolicies/{endpointPoliciesId}: parameters: *ref_1 get: - description: Gets details of a single GrpcRoute. - operationId: networkservices.projects.locations.grpcRoutes.get + description: Gets details of a single EndpointPolicy. + operationId: networkservices.projects.locations.endpointPolicies.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6515,7 +6897,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GrpcRoute' + $ref: '#/components/schemas/EndpointPolicy' parameters: - in: path name: projectsId @@ -6528,18 +6910,18 @@ paths: schema: type: string - in: path - name: grpcRoutesId + name: endpointPoliciesId required: true schema: type: string patch: - description: Updates the parameters of a single GrpcRoute. - operationId: networkservices.projects.locations.grpcRoutes.patch + description: Updates the parameters of a single EndpointPolicy. + operationId: networkservices.projects.locations.endpointPolicies.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GrpcRoute' + $ref: '#/components/schemas/EndpointPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6564,7 +6946,7 @@ paths: schema: type: string - in: path - name: grpcRoutesId + name: endpointPoliciesId required: true schema: type: string @@ -6574,8 +6956,8 @@ paths: type: string format: google-fieldmask delete: - description: Deletes a single GrpcRoute. - operationId: networkservices.projects.locations.grpcRoutes.delete + description: Deletes a single EndpointPolicy. + operationId: networkservices.projects.locations.endpointPolicies.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6600,15 +6982,20 @@ paths: schema: type: string - in: path - name: grpcRoutesId + name: endpointPoliciesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/httpRoutes: + /v1/projects/{projectsId}/locations/{locationsId}/endpointPolicies: parameters: *ref_1 - get: - description: Lists HttpRoute in a given project and location. - operationId: networkservices.projects.locations.httpRoutes.list + post: + description: Creates a new EndpointPolicy in a given project and location. + operationId: networkservices.projects.locations.endpointPolicies.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EndpointPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6620,7 +7007,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListHttpRoutesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6633,26 +7020,53 @@ paths: schema: type: string - in: query - name: pageSize + name: endpointPolicyId schema: - type: integer - format: int32 + type: string + get: + description: Lists EndpointPolicies in a given project and location. + operationId: networkservices.projects.locations.endpointPolicies.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListEndpointPoliciesResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string - in: query name: pageToken schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 - in: query name: returnPartialSuccess schema: type: boolean - post: - description: Creates a new HttpRoute in a given project and location. - operationId: networkservices.projects.locations.httpRoutes.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/HttpRoute' + /v1/projects/{projectsId}/locations/{locationsId}/lbRouteExtensions: + parameters: *ref_1 + get: + description: Lists `LbRouteExtension` resources in a given project and location. + operationId: networkservices.projects.locations.lbRouteExtensions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6664,7 +7078,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListLbRouteExtensionsResponse' parameters: - in: path name: projectsId @@ -6677,14 +7091,32 @@ paths: schema: type: string - in: query - name: httpRouteId + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/httpRoutes/{httpRoutesId}: - parameters: *ref_1 - get: - description: Gets details of a single HttpRoute. - operationId: networkservices.projects.locations.httpRoutes.get + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + post: + description: >- + Creates a new `LbRouteExtension` resource in a given project and + location. + operationId: networkservices.projects.locations.lbRouteExtensions.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LbRouteExtension' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6696,7 +7128,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HttpRoute' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6708,19 +7140,19 @@ paths: required: true schema: type: string - - in: path - name: httpRoutesId - required: true + - in: query + name: requestId schema: type: string - patch: - description: Updates the parameters of a single HttpRoute. - operationId: networkservices.projects.locations.httpRoutes.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/HttpRoute' + - in: query + name: lbRouteExtensionId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/lbRouteExtensions/{lbRouteExtensionsId}: + parameters: *ref_1 + delete: + description: Deletes the specified `LbRouteExtension` resource. + operationId: networkservices.projects.locations.lbRouteExtensions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6745,18 +7177,22 @@ paths: schema: type: string - in: path - name: httpRoutesId + name: lbRouteExtensionsId required: true schema: type: string - in: query - name: updateMask + name: requestId schema: type: string - format: google-fieldmask - delete: - description: Deletes a single HttpRoute. - operationId: networkservices.projects.locations.httpRoutes.delete + patch: + description: Updates the parameters of the specified `LbRouteExtension` resource. + operationId: networkservices.projects.locations.lbRouteExtensions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LbRouteExtension' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6781,15 +7217,22 @@ paths: schema: type: string - in: path - name: httpRoutesId + name: lbRouteExtensionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tcpRoutes: - parameters: *ref_1 + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: requestId + schema: + type: string get: - description: Lists TcpRoute in a given project and location. - operationId: networkservices.projects.locations.tcpRoutes.list + description: Gets details of the specified `LbRouteExtension` resource. + operationId: networkservices.projects.locations.lbRouteExtensions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6801,7 +7244,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTcpRoutesResponse' + $ref: '#/components/schemas/LbRouteExtension' parameters: - in: path name: projectsId @@ -6813,27 +7256,23 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: lbRouteExtensionsId + required: true schema: type: string - - in: query - name: returnPartialSuccess - schema: - type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/lbEdgeExtensions: + parameters: *ref_1 post: - description: Creates a new TcpRoute in a given project and location. - operationId: networkservices.projects.locations.tcpRoutes.create + description: >- + Creates a new `LbEdgeExtension` resource in a given project and + location. + operationId: networkservices.projects.locations.lbEdgeExtensions.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TcpRoute' + $ref: '#/components/schemas/LbEdgeExtension' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6858,14 +7297,16 @@ paths: schema: type: string - in: query - name: tcpRouteId + name: lbEdgeExtensionId + schema: + type: string + - in: query + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tcpRoutes/{tcpRoutesId}: - parameters: *ref_1 get: - description: Gets details of a single TcpRoute. - operationId: networkservices.projects.locations.tcpRoutes.get + description: Lists `LbEdgeExtension` resources in a given project and location. + operationId: networkservices.projects.locations.lbEdgeExtensions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6877,7 +7318,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TcpRoute' + $ref: '#/components/schemas/ListLbEdgeExtensionsResponse' parameters: - in: path name: projectsId @@ -6889,19 +7330,28 @@ paths: required: true schema: type: string - - in: path - name: tcpRoutesId - required: true + - in: query + name: pageToken schema: type: string - patch: - description: Updates the parameters of a single TcpRoute. - operationId: networkservices.projects.locations.tcpRoutes.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TcpRoute' + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/lbEdgeExtensions/{lbEdgeExtensionsId}: + parameters: *ref_1 + get: + description: Gets details of the specified `LbEdgeExtension` resource. + operationId: networkservices.projects.locations.lbEdgeExtensions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6913,7 +7363,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/LbEdgeExtension' parameters: - in: path name: projectsId @@ -6926,18 +7376,13 @@ paths: schema: type: string - in: path - name: tcpRoutesId + name: lbEdgeExtensionsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask delete: - description: Deletes a single TcpRoute. - operationId: networkservices.projects.locations.tcpRoutes.delete + description: Deletes the specified `LbEdgeExtension` resource. + operationId: networkservices.projects.locations.lbEdgeExtensions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6962,15 +7407,22 @@ paths: schema: type: string - in: path - name: tcpRoutesId + name: lbEdgeExtensionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tlsRoutes: - parameters: *ref_1 - get: - description: Lists TlsRoute in a given project and location. - operationId: networkservices.projects.locations.tlsRoutes.list + - in: query + name: requestId + schema: + type: string + patch: + description: Updates the parameters of the specified `LbEdgeExtension` resource. + operationId: networkservices.projects.locations.lbEdgeExtensions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LbEdgeExtension' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6982,7 +7434,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTlsRoutesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6994,27 +7446,30 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: lbEdgeExtensionsId + required: true schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: updateMask schema: type: string + format: google-fieldmask - in: query - name: returnPartialSuccess + name: requestId schema: - type: boolean + type: string + /v1/projects/{projectsId}/locations/{locationsId}/tcpRoutes: + parameters: *ref_1 post: - description: Creates a new TlsRoute in a given project and location. - operationId: networkservices.projects.locations.tlsRoutes.create + description: Creates a new TcpRoute in a given project and location. + operationId: networkservices.projects.locations.tcpRoutes.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TlsRoute' + $ref: '#/components/schemas/TcpRoute' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7039,14 +7494,12 @@ paths: schema: type: string - in: query - name: tlsRouteId + name: tcpRouteId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/tlsRoutes/{tlsRoutesId}: - parameters: *ref_1 get: - description: Gets details of a single TlsRoute. - operationId: networkservices.projects.locations.tlsRoutes.get + description: Lists TcpRoute in a given project and location. + operationId: networkservices.projects.locations.tcpRoutes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7058,7 +7511,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TlsRoute' + $ref: '#/components/schemas/ListTcpRoutesResponse' parameters: - in: path name: projectsId @@ -7070,55 +7523,24 @@ paths: required: true schema: type: string - - in: path - name: tlsRoutesId - required: true - schema: - type: string - patch: - description: Updates the parameters of a single TlsRoute. - operationId: networkservices.projects.locations.tlsRoutes.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TlsRoute' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true + - in: query + name: returnPartialSuccess schema: - type: string - - in: path - name: tlsRoutesId - required: true + type: boolean + - in: query + name: pageToken schema: type: string - in: query - name: updateMask + name: pageSize schema: - type: string - format: google-fieldmask + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/tcpRoutes/{tcpRoutesId}: + parameters: *ref_1 delete: - description: Deletes a single TlsRoute. - operationId: networkservices.projects.locations.tlsRoutes.delete + description: Deletes a single TcpRoute. + operationId: networkservices.projects.locations.tcpRoutes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7143,15 +7565,13 @@ paths: schema: type: string - in: path - name: tlsRoutesId + name: tcpRoutesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceBindings: - parameters: *ref_1 get: - description: Lists ServiceBinding in a given project and location. - operationId: networkservices.projects.locations.serviceBindings.list + description: Gets details of a single TcpRoute. + operationId: networkservices.projects.locations.tcpRoutes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7163,7 +7583,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListServiceBindingsResponse' + $ref: '#/components/schemas/TcpRoute' parameters: - in: path name: projectsId @@ -7175,23 +7595,19 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: tcpRoutesId + required: true schema: type: string - post: - description: Creates a new ServiceBinding in a given project and location. - operationId: networkservices.projects.locations.serviceBindings.create + patch: + description: Updates the parameters of a single TcpRoute. + operationId: networkservices.projects.locations.tcpRoutes.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/ServiceBinding' + $ref: '#/components/schemas/TcpRoute' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7215,15 +7631,23 @@ paths: required: true schema: type: string + - in: path + name: tcpRoutesId + required: true + schema: + type: string - in: query - name: serviceBindingId + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceBindings/{serviceBindingsId}: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheOrigins/{edgeCacheOriginsId}:getIamPolicy: parameters: *ref_1 get: - description: Gets details of a single ServiceBinding. - operationId: networkservices.projects.locations.serviceBindings.get + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: networkservices.projects.locations.edgeCacheOrigins.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7235,7 +7659,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ServiceBinding' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7248,18 +7672,30 @@ paths: schema: type: string - in: path - name: serviceBindingsId + name: edgeCacheOriginsId required: true schema: type: string - patch: - description: Updates the parameters of a single ServiceBinding. - operationId: networkservices.projects.locations.serviceBindings.patch + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheOrigins/{edgeCacheOriginsId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: networkservices.projects.locations.edgeCacheOrigins.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/ServiceBinding' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7271,7 +7707,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -7284,18 +7720,23 @@ paths: schema: type: string - in: path - name: serviceBindingsId + name: edgeCacheOriginsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a single ServiceBinding. - operationId: networkservices.projects.locations.serviceBindings.delete + /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheOrigins/{edgeCacheOriginsId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: networkservices.projects.locations.edgeCacheOrigins.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7307,7 +7748,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7320,15 +7761,20 @@ paths: schema: type: string - in: path - name: serviceBindingsId + name: edgeCacheOriginsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/meshes: + /v1/projects/{projectsId}/locations/{locationsId}/tlsRoutes: parameters: *ref_1 - get: - description: Lists Meshes in a given project and location. - operationId: networkservices.projects.locations.meshes.list + post: + description: Creates a new TlsRoute in a given project and location. + operationId: networkservices.projects.locations.tlsRoutes.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TlsRoute' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7340,7 +7786,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListMeshesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7353,26 +7799,12 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: tlsRouteId schema: type: string - - in: query - name: returnPartialSuccess - schema: - type: boolean - post: - description: Creates a new Mesh in a given project and location. - operationId: networkservices.projects.locations.meshes.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Mesh' + get: + description: Lists TlsRoute in a given project and location. + operationId: networkservices.projects.locations.tlsRoutes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7384,7 +7816,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListTlsRoutesResponse' parameters: - in: path name: projectsId @@ -7397,14 +7829,23 @@ paths: schema: type: string - in: query - name: meshId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/meshes/{meshesId}: + /v1/projects/{projectsId}/locations/{locationsId}/tlsRoutes/{tlsRoutesId}: parameters: *ref_1 get: - description: Gets details of a single Mesh. - operationId: networkservices.projects.locations.meshes.get + description: Gets details of a single TlsRoute. + operationId: networkservices.projects.locations.tlsRoutes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7416,7 +7857,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Mesh' + $ref: '#/components/schemas/TlsRoute' parameters: - in: path name: projectsId @@ -7429,18 +7870,18 @@ paths: schema: type: string - in: path - name: meshesId + name: tlsRoutesId required: true schema: type: string patch: - description: Updates the parameters of a single Mesh. - operationId: networkservices.projects.locations.meshes.patch + description: Updates the parameters of a single TlsRoute. + operationId: networkservices.projects.locations.tlsRoutes.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Mesh' + $ref: '#/components/schemas/TlsRoute' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7465,7 +7906,7 @@ paths: schema: type: string - in: path - name: meshesId + name: tlsRoutesId required: true schema: type: string @@ -7475,8 +7916,8 @@ paths: type: string format: google-fieldmask delete: - description: Deletes a single Mesh. - operationId: networkservices.projects.locations.meshes.delete + description: Deletes a single TlsRoute. + operationId: networkservices.projects.locations.tlsRoutes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7501,15 +7942,23 @@ paths: schema: type: string - in: path - name: meshesId + name: tlsRoutesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/meshes/{meshesId}/routeViews/{routeViewsId}: + /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheServices/{edgeCacheServicesId}:setIamPolicy: parameters: *ref_1 - get: - description: Get a single RouteView of a Mesh. - operationId: networkservices.projects.locations.meshes.routeViews.get + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: networkservices.projects.locations.edgeCacheServices.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7521,7 +7970,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/MeshRouteView' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7534,20 +7983,60 @@ paths: schema: type: string - in: path - name: meshesId + name: edgeCacheServicesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheServices/{edgeCacheServicesId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: networkservices.projects.locations.edgeCacheServices.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsResponse' + parameters: + - in: path + name: projectsId required: true schema: type: string - in: path - name: routeViewsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/meshes/{meshesId}/routeViews: + - in: path + name: edgeCacheServicesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheServices/{edgeCacheServicesId}:getIamPolicy: parameters: *ref_1 get: - description: Lists RouteViews - operationId: networkservices.projects.locations.meshes.routeViews.list + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: networkservices.projects.locations.edgeCacheServices.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7559,7 +8048,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListMeshRouteViewsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7572,24 +8061,20 @@ paths: schema: type: string - in: path - name: meshesId + name: edgeCacheServicesId required: true schema: type: string - in: query - name: pageSize + name: options.requestedPolicyVersion schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceLbPolicies: + /v1/projects/{projectsId}/locations/{locationsId}/lbTrafficExtensions/{lbTrafficExtensionsId}: parameters: *ref_1 - get: - description: Lists ServiceLbPolicies in a given project and location. - operationId: networkservices.projects.locations.serviceLbPolicies.list + delete: + description: Deletes the specified `LbTrafficExtension` resource. + operationId: networkservices.projects.locations.lbTrafficExtensions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7601,7 +8086,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListServiceLbPoliciesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7613,23 +8098,23 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: lbTrafficExtensionsId + required: true schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: requestId schema: type: string - post: - description: Creates a new ServiceLbPolicy in a given project and location. - operationId: networkservices.projects.locations.serviceLbPolicies.create + patch: + description: Updates the parameters of the specified `LbTrafficExtension` resource. + operationId: networkservices.projects.locations.lbTrafficExtensions.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/ServiceLbPolicy' + $ref: '#/components/schemas/LbTrafficExtension' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7644,24 +8129,32 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId required: true schema: type: string - in: path - name: locationsId + name: lbTrafficExtensionsId required: true schema: type: string - in: query - name: serviceLbPolicyId + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/serviceLbPolicies/{serviceLbPoliciesId}: - parameters: *ref_1 + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: Gets details of a single ServiceLbPolicy. - operationId: networkservices.projects.locations.serviceLbPolicies.get + description: Gets details of the specified `LbTrafficExtension` resource. + operationId: networkservices.projects.locations.lbTrafficExtensions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7673,7 +8166,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ServiceLbPolicy' + $ref: '#/components/schemas/LbTrafficExtension' parameters: - in: path name: projectsId @@ -7686,18 +8179,15 @@ paths: schema: type: string - in: path - name: serviceLbPoliciesId + name: lbTrafficExtensionsId required: true schema: type: string - patch: - description: Updates the parameters of a single ServiceLbPolicy. - operationId: networkservices.projects.locations.serviceLbPolicies.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ServiceLbPolicy' + /v1/projects/{projectsId}/locations/{locationsId}/lbTrafficExtensions: + parameters: *ref_1 + get: + description: Lists `LbTrafficExtension` resources in a given project and location. + operationId: networkservices.projects.locations.lbTrafficExtensions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7709,7 +8199,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListLbTrafficExtensionsResponse' parameters: - in: path name: projectsId @@ -7721,19 +8211,33 @@ paths: required: true schema: type: string - - in: path - name: serviceLbPoliciesId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: updateMask + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy schema: type: string - format: google-fieldmask - delete: - description: Deletes a single ServiceLbPolicy. - operationId: networkservices.projects.locations.serviceLbPolicies.delete + - in: query + name: filter + schema: + type: string + post: + description: >- + Creates a new `LbTrafficExtension` resource in a given project and + location. + operationId: networkservices.projects.locations.lbTrafficExtensions.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LbTrafficExtension' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7757,24 +8261,24 @@ paths: required: true schema: type: string - - in: path - name: serviceLbPoliciesId - required: true + - in: query + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheKeysets/{edgeCacheKeysetsId}:setIamPolicy: + - in: query + name: lbTrafficExtensionId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/serviceLbPolicies: parameters: *ref_1 post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: networkservices.projects.locations.edgeCacheKeysets.setIamPolicy + description: Creates a new ServiceLbPolicy in a given project and location. + operationId: networkservices.projects.locations.serviceLbPolicies.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/ServiceLbPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7786,7 +8290,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7798,18 +8302,13 @@ paths: required: true schema: type: string - - in: path - name: edgeCacheKeysetsId - required: true + - in: query + name: serviceLbPolicyId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheKeysets/{edgeCacheKeysetsId}:getIamPolicy: - parameters: *ref_1 get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: networkservices.projects.locations.edgeCacheKeysets.getIamPolicy + description: Lists ServiceLbPolicies in a given project and location. + operationId: networkservices.projects.locations.serviceLbPolicies.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7821,7 +8320,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListServiceLbPoliciesResponse' parameters: - in: path name: projectsId @@ -7833,31 +8332,25 @@ paths: required: true schema: type: string - - in: path - name: edgeCacheKeysetsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: options.requestedPolicyVersion + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheKeysets/{edgeCacheKeysetsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/serviceLbPolicies/{serviceLbPoliciesId}: parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: networkservices.projects.locations.edgeCacheKeysets.testIamPermissions + patch: + description: Updates the parameters of a single ServiceLbPolicy. + operationId: networkservices.projects.locations.serviceLbPolicies.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/ServiceLbPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7869,7 +8362,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7882,23 +8375,18 @@ paths: schema: type: string - in: path - name: edgeCacheKeysetsId + name: serviceLbPoliciesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheOrigins/{edgeCacheOriginsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: networkservices.projects.locations.edgeCacheOrigins.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a single ServiceLbPolicy. + operationId: networkservices.projects.locations.serviceLbPolicies.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7910,7 +8398,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7923,17 +8411,13 @@ paths: schema: type: string - in: path - name: edgeCacheOriginsId + name: serviceLbPoliciesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheOrigins/{edgeCacheOriginsId}:getIamPolicy: - parameters: *ref_1 get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: networkservices.projects.locations.edgeCacheOrigins.getIamPolicy + description: Gets details of a single ServiceLbPolicy. + operationId: networkservices.projects.locations.serviceLbPolicies.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7945,7 +8429,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ServiceLbPolicy' parameters: - in: path name: projectsId @@ -7958,30 +8442,23 @@ paths: schema: type: string - in: path - name: edgeCacheOriginsId + name: serviceLbPoliciesId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheOrigins/{edgeCacheOriginsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheKeysets/{edgeCacheKeysetsId}:setIamPolicy: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: networkservices.projects.locations.edgeCacheOrigins.testIamPermissions + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: networkservices.projects.locations.edgeCacheKeysets.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7993,7 +8470,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -8006,23 +8483,25 @@ paths: schema: type: string - in: path - name: edgeCacheOriginsId + name: edgeCacheKeysetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheServices/{edgeCacheServicesId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheKeysets/{edgeCacheKeysetsId}:testIamPermissions: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: networkservices.projects.locations.edgeCacheServices.setIamPolicy + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: networkservices.projects.locations.edgeCacheKeysets.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8034,7 +8513,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -8047,17 +8526,17 @@ paths: schema: type: string - in: path - name: edgeCacheServicesId + name: edgeCacheKeysetsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheServices/{edgeCacheServicesId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheKeysets/{edgeCacheKeysetsId}:getIamPolicy: parameters: *ref_1 get: description: >- Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. - operationId: networkservices.projects.locations.edgeCacheServices.getIamPolicy + operationId: networkservices.projects.locations.edgeCacheKeysets.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8082,7 +8561,7 @@ paths: schema: type: string - in: path - name: edgeCacheServicesId + name: edgeCacheKeysetsId required: true schema: type: string @@ -8091,46 +8570,3 @@ paths: schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/edgeCacheServices/{edgeCacheServicesId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: networkservices.projects.locations.edgeCacheServices.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: edgeCacheServicesId - required: true - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/notebooks.yaml b/providers/src/googleapis.com/v00.00.00000/services/notebooks.yaml index 6618c443..b30f0730 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/notebooks.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/notebooks.yaml @@ -7,8 +7,8 @@ info: title: Notebooks API description: Notebooks API is used to manage notebook resources in Google Cloud. version: v2 - x-discovery-doc-revision: '20250730' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251121' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/notebooks/docs/ servers: @@ -34,107 +34,193 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object + GenerateAccessTokenRequest: properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. + vmToken: type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + description: >- + Required. The VM identity token (a JWT) for authenticating the VM. + https://cloud.google.com/compute/docs/instances/verifying-instance-identity + id: GenerateAccessTokenRequest type: object + description: Request message for generating an EUC for the instance owner. + Expr: + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. properties: - name: + expression: + type: string description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + Textual representation of an expression in Common Expression + Language syntax. + title: type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + description: + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. type: string - displayName: + location: description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. type: string - labels: + id: Expr + type: object + GceSetup: + type: object + properties: + containerImage: + $ref: '#/components/schemas/ContainerImage' + description: Optional. Use a container image to start the notebook instance. + networkInterfaces: description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object + Optional. The network interfaces for the VM. Supports only one + interface. + type: array + items: + $ref: '#/components/schemas/NetworkInterface' + dataDisks: + description: >- + Optional. Data disks attached to the VM instance. Currently supports + only one data disk. + items: + $ref: '#/components/schemas/DataDisk' + type: array + serviceAccounts: + items: + $ref: '#/components/schemas/ServiceAccount' + description: >- + Optional. The service account that serves as an identity for the VM + instance. Currently supports only one service account. + type: array + disablePublicIp: + description: >- + Optional. If true, no external IP will be assigned to this VM + instance. + type: boolean + metadata: additionalProperties: type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. + description: Optional. Custom metadata to apply to this instance. type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object - properties: - operations: + bootDisk: + description: Optional. The boot disk for the VM. + $ref: '#/components/schemas/BootDisk' + vmImage: description: >- - A list of operations that matches the specified filter in the - request. + Optional. Use a Compute Engine VM image to start the notebook + instance. + $ref: '#/components/schemas/VmImage' + confidentialInstanceConfig: + description: Optional. Confidential instance configuration. + $ref: '#/components/schemas/ConfidentialInstanceConfig' + minCpuPlatform: + description: >- + Optional. The minimum CPU platform to use for this instance. The + list of valid values can be found in + https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform#availablezones + type: string + reservationAffinity: + $ref: '#/components/schemas/ReservationAffinity' + description: >- + Optional. Specifies the reservations that this instance can consume + from. + acceleratorConfigs: + description: >- + Optional. The hardware accelerators used on this instance. If you + use accelerators, make sure that your configuration has [enough + vCPUs and memory to support the `machine_type` you have + selected](https://cloud.google.com/compute/docs/gpus/#gpus-list). + Currently supports only one accelerator configuration. type: array items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + $ref: '#/components/schemas/AcceleratorConfig' + machineType: + description: >- + Optional. The machine type of the VM instance. + https://cloud.google.com/compute/docs/machine-resource type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: + shieldedInstanceConfig: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + Optional. Shielded VM configuration. [Images using supported + Shielded VM + features](https://cloud.google.com/compute/docs/instances/modifying-shielded-vm). + $ref: '#/components/schemas/ShieldedInstanceConfig' + enableIpForwarding: + description: >- + Optional. Flag to enable ip forwarding or not, default false/off. + https://cloud.google.com/vpc/docs/using-routes#canipforward + type: boolean + gpuDriverConfig: + $ref: '#/components/schemas/GPUDriverConfig' + description: Optional. Configuration for GPU drivers. + instanceId: type: string - metadata: + description: Output only. The unique ID of the Compute Engine instance resource. + readOnly: true + tags: + type: array description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + Optional. The Compute Engine network tags to add to runtime (see + [Add network + tags](https://cloud.google.com/vpc/docs/add-remove-network-tags)). + items: + type: string + description: >- + The definition of how to configure a VM instance outside of Resources + and Identity. + id: GceSetup + CheckAuthorizationResponse: + description: Response message for checking authorization for the instance owner. + id: CheckAuthorizationResponse + type: object + properties: + success: description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. + Success indicates that the user completed OAuth consent and access + tokens can be generated. type: boolean - error: + createTime: + format: google-datetime + type: string + readOnly: true + description: Output only. Timestamp when this Authorization request was created. + oauth_uri: + type: string description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' + If the user has not completed OAuth consent, then the oauth_url is + returned. Otherwise, this field is not set. + StartInstanceRequest: + id: StartInstanceRequest + description: Request for starting a notebook instance + properties: {} + type: object + Operation: + id: Operation + type: object + properties: response: + type: object description: >- The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is @@ -144,358 +230,421 @@ components: where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. - type: object additionalProperties: + description: Properties of the object. Contains field @type with type URL. type: any + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + metadata: + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + type: any + type: object + name: type: string - details: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - ListInstancesResponse: - id: ListInstancesResponse - description: Response for listing notebook instances. + This resource represents a long-running operation that is the result of + a network API call. + SetIamPolicyRequest: type: object + description: Request message for `SetIamPolicy` method. properties: - instances: - description: A list of returned instances. - type: array - items: - $ref: '#/components/schemas/Instance' - nextPageToken: + policy: + $ref: '#/components/schemas/Policy' description: >- - Page token that can be used to continue listing from the last result - in the next list call. - type: string - unreachable: + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + id: SetIamPolicyRequest + TestIamPermissionsResponse: + type: object + properties: + permissions: description: >- - Locations that could not be reached. For example, ['us-west1-a', - 'us-central1-b']. A ListInstancesResponse will only contain either - instances or unreachables, + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. type: array items: type: string - Instance: - id: Instance - description: The definition of a notebook instance. + id: TestIamPermissionsResponse + description: Response message for `TestIamPermissions` method. + ReportInstanceInfoSystemRequest: + id: ReportInstanceInfoSystemRequest + description: Request for notebook instances to report information to Notebooks API. type: object properties: - name: + event: + description: Required. The Event to be reported. + $ref: '#/components/schemas/Event' + vmId: description: >- - Output only. The name of this notebook instance. Format: - `projects/{project_id}/locations/{location}/instances/{instance_id}` - readOnly: true + Required. The VM hardware token for authenticating the VM. + https://cloud.google.com/compute/docs/instances/verifying-instance-identity type: string - gceSetup: - description: >- - Optional. Compute Engine setup for the notebook. Uses - notebook-defined fields. - $ref: '#/components/schemas/GceSetup' - proxyUri: - description: >- - Output only. The proxy endpoint that is used to access the Jupyter - notebook. + RollbackInstanceRequest: + type: object + description: Request for rollbacking a notebook instance + properties: + revisionId: + description: Required. Output only. Revision Id readOnly: true type: string - instanceOwners: + targetSnapshot: + type: string description: >- - Optional. The owner of this instance after creation. Format: - `alias@example.com` Currently supports one owner only. If not - specified, all of the service account users of your VM instance's - service account can use the instance. + Required. The snapshot for rollback. Example: + "projects/test-project/global/snapshots/krwlzipynril". + id: RollbackInstanceRequest + NetworkInterface: + description: The definition of a network interface resource attached to a VM. + properties: + accessConfigs: type: array items: - type: string - creator: + $ref: '#/components/schemas/AccessConfig' description: >- - Output only. Email address of entity that sent original - CreateInstance request. - readOnly: true + Optional. An array of configurations for this interface. Currently, + only one access config, ONE_TO_ONE_NAT, is supported. If no + accessConfigs specified, the instance will have an external internet + access through an ephemeral external IP address. + network: type: string - state: - description: Output only. The state of this instance. - readOnly: true + description: >- + Optional. The name of the VPC that this VM instance is in. Format: + `projects/{project_id}/global/networks/{network_id}` + subnet: type: string + description: >- + Optional. The name of the subnet that this VM instance is in. + Format: + `projects/{project_id}/regions/{region}/subnetworks/{subnetwork_id}` + nicType: enumDescriptions: - - State is not specified. - - The control logic is starting the instance. - - >- - The control logic is installing required frameworks and - registering the instance with notebook proxy - - The instance is running. - - The control logic is stopping the instance. - - The instance is stopped. - - The instance is deleted. - - The instance is upgrading. - - The instance is being created. - - The instance is suspending. - - The instance is suspended. + - No type specified. + - VIRTIO + - GVNIC + description: >- + Optional. The type of vNIC to be used on this interface. This may be + gVNIC or VirtioNet. enum: - - STATE_UNSPECIFIED - - STARTING - - PROVISIONING - - ACTIVE - - STOPPING - - STOPPED - - DELETED - - UPGRADING - - INITIALIZING - - SUSPENDING - - SUSPENDED - upgradeHistory: - description: Output only. The upgrade history of this instance. - readOnly: true - type: array - items: - $ref: '#/components/schemas/UpgradeHistoryEntry' - id: - description: Output only. Unique ID of the resource. - readOnly: true - type: string - healthState: - description: Output only. Instance health_state. - readOnly: true + - NIC_TYPE_UNSPECIFIED + - VIRTIO_NET + - GVNIC type: string - enumDescriptions: - - The instance substate is unknown. - - >- - The instance is known to be in an healthy state (for example, - critical daemons are running) Applies to ACTIVE state. - - >- - The instance is known to be in an unhealthy state (for example, - critical daemons are not running) Applies to ACTIVE state. - - >- - The instance has not installed health monitoring agent. Applies to - ACTIVE state. - - >- - The instance health monitoring agent is not running. Applies to - ACTIVE state. - enum: - - HEALTH_STATE_UNSPECIFIED - - HEALTHY - - UNHEALTHY - - AGENT_NOT_INSTALLED - - AGENT_NOT_RUNNING - healthInfo: + id: NetworkInterface + type: object + DiagnosticConfig: + properties: + relativePath: description: >- - Output only. Additional information about instance health. Example: - healthInfo": { "docker_proxy_agent_status": "1", "docker_status": - "1", "jupyterlab_api_status": "-1", "jupyterlab_status": "-1", - "updated": "2020-10-18 09:40:03.573409" } - readOnly: true - type: object - additionalProperties: - type: string - createTime: - description: Output only. Instance creation time. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Instance update time. - readOnly: true + Optional. Defines the relative storage path in the Cloud Storage + bucket where the diagnostic logs will be written: Default path will + be the root directory of the Cloud Storage bucket + (`gs://$GCS_BUCKET/$DATE_$TIME.tar.gz`) Example of full path where + Log file will be written: `gs://$GCS_BUCKET/$RELATIVE_PATH/` type: string - format: google-datetime - disableProxyAccess: - description: >- - Optional. If true, the notebook instance will not register with the - proxy. + enableRepairFlag: + description: Optional. Enables flag to repair service for instance type: boolean - labels: - description: >- - Optional. Labels to apply to this instance. These can be later - modified by the UpdateInstance method. - type: object - additionalProperties: - type: string - thirdPartyProxyUrl: - description: >- - Output only. The workforce pools proxy endpoint that is used to - access the Jupyter notebook. - readOnly: true - type: string - satisfiesPzs: - description: Output only. Reserved for future use for Zone Separation. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use for Zone Isolation. - readOnly: true - type: boolean - enableThirdPartyIdentity: - description: >- - Optional. Flag that specifies that a notebook can be accessed with - third party identity provider. + enableCopyHomeFilesFlag: type: boolean - enableManagedEuc: + description: Optional. Enables flag to copy all `/home/jupyter` folder contents + enablePacketCaptureFlag: description: >- - Optional. Flag to enable managed end user credentials for the - instance. + Optional. Enables flag to capture packets from the instance for 30 + seconds type: boolean - enableDeletionProtection: + gcsBucket: description: >- - Optional. If true, deletion protection will be enabled for this - Workbench Instance. If false, deletion protection will be disabled - for this Workbench Instance. - type: boolean - GceSetup: - id: GceSetup - description: >- - The definition of how to configure a VM instance outside of Resources - and Identity. + Required. User Cloud Storage bucket location (REQUIRED). Must be + formatted with path prefix (`gs://$GCS_BUCKET`). Permissions: User + Managed Notebooks: - storage.buckets.writer: Must be given to the + project's service account attached to VM. Google Managed Notebooks: + - storage.buckets.writer: Must be given to the project's service + account or user credentials attached to VM depending on + authentication mode. Cloud Storage bucket Log file will be written + to `gs://$GCS_BUCKET/$RELATIVE_PATH/$VM_DATE_$TIME.tar.gz` + type: string + id: DiagnosticConfig + type: object + description: Defines flags that are used to run the diagnostic tool + OperationMetadata: + id: OperationMetadata type: object + description: Represents the metadata of the long-running operation. properties: - machineType: - description: >- - Optional. The machine type of the VM instance. - https://cloud.google.com/compute/docs/machine-resource + verb: + description: Name of the verb executed by the operation. type: string - minCpuPlatform: + requestedCancellation: + type: boolean description: >- - Optional. The minimum CPU platform to use for this instance. The - list of valid values can be found in - https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform#availablezones + Identifies whether the user has requested cancellation of the + operation. Operations that have successfully been cancelled have + google.longrunning.Operation.error value with a + google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. + statusMessage: + description: Human-readable status of the operation, if any. type: string - acceleratorConfigs: - description: >- - Optional. The hardware accelerators used on this instance. If you - use accelerators, make sure that your configuration has [enough - vCPUs and memory to support the `machine_type` you have - selected](https://cloud.google.com/compute/docs/gpus/#gpus-list). - Currently supports only one accelerator configuration. - type: array - items: - $ref: '#/components/schemas/AcceleratorConfig' - serviceAccounts: - description: >- - Optional. The service account that serves as an identity for the VM - instance. Currently supports only one service account. - type: array - items: - $ref: '#/components/schemas/ServiceAccount' - vmImage: - description: >- - Optional. Use a Compute Engine VM image to start the notebook - instance. - $ref: '#/components/schemas/VmImage' - containerImage: - description: Optional. Use a container image to start the notebook instance. - $ref: '#/components/schemas/ContainerImage' + target: + type: string + description: Server-defined resource path for the target of the operation. + endpoint: + type: string + description: API endpoint name of this operation. + apiVersion: + description: API version used to start the operation. + type: string + endTime: + type: string + format: google-datetime + description: The time the operation finished running. + createTime: + description: The time the operation was created. + format: google-datetime + type: string + RestoreInstanceRequest: + id: RestoreInstanceRequest + description: Request for restoring the notebook instance from a BackupSource. + properties: + snapshot: + $ref: '#/components/schemas/Snapshot' + description: Snapshot to be used for restore. + type: object + ResizeDiskRequest: + description: Request for resizing the notebook instance disks + properties: bootDisk: - description: Optional. The boot disk for the VM. + description: >- + Required. The boot disk to be resized. Only disk_size_gb will be + used. $ref: '#/components/schemas/BootDisk' - dataDisks: + dataDisk: + $ref: '#/components/schemas/DataDisk' description: >- - Optional. Data disks attached to the VM instance. Currently supports - only one data disk. - type: array - items: - $ref: '#/components/schemas/DataDisk' - shieldedInstanceConfig: + Required. The data disk to be resized. Only disk_size_gb will be + used. + type: object + id: ResizeDiskRequest + GenerateAccessTokenResponse: + properties: + access_token: + type: string description: >- - Optional. Shielded VM configuration. [Images using supported - Shielded VM - features](https://cloud.google.com/compute/docs/instances/modifying-shielded-vm). - $ref: '#/components/schemas/ShieldedInstanceConfig' - networkInterfaces: + Short-lived access token string which may be used to access Google + APIs. + token_type: description: >- - Optional. The network interfaces for the VM. Supports only one - interface. - type: array - items: - $ref: '#/components/schemas/NetworkInterface' - disablePublicIp: + Type of the returned access token (e.g. "Bearer"). It specifies how + the token must be used. Bearer tokens may be used by any entity + without proof of identity. + type: string + expires_in: + format: int32 + type: integer description: >- - Optional. If true, no external IP will be assigned to this VM - instance. - type: boolean - tags: + The time in seconds when the access token expires. Typically that's + 3600. + scope: description: >- - Optional. The Compute Engine network tags to add to runtime (see - [Add network - tags](https://cloud.google.com/vpc/docs/add-remove-network-tags)). - type: array - items: - type: string + Space-separated list of scopes contained in the returned token. + https://cloud.google.com/docs/authentication/token-types#access-contents + type: string + type: object + id: GenerateAccessTokenResponse + description: Response message for generating an EUC for the instance owner. + Location: + type: object + description: A resource that represents a Google Cloud location. + id: Location + properties: metadata: - description: Optional. Custom metadata to apply to this instance. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + displayName: + type: string + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + labels: type: object + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} additionalProperties: type: string - enableIpForwarding: - description: >- - Optional. Flag to enable ip forwarding or not, default false/off. - https://cloud.google.com/vpc/docs/using-routes#canipforward - type: boolean - gpuDriverConfig: - description: Optional. Configuration for GPU drivers. - $ref: '#/components/schemas/GPUDriverConfig' - reservationAffinity: + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + name: description: >- - Optional. Specifies the reservations that this instance can consume - from. - $ref: '#/components/schemas/ReservationAffinity' - confidentialInstanceConfig: - description: Optional. Confidential instance configuration. - $ref: '#/components/schemas/ConfidentialInstanceConfig' - AcceleratorConfig: - id: AcceleratorConfig - description: >- - An accelerator configuration for a VM instance Definition of a hardware - accelerator. Note that there is no check on `type` and `core_count` - combinations. TPUs are not supported. See [GPUs on Compute - Engine](https://cloud.google.com/compute/docs/gpus/#gpus-list) to find a - valid combination. - type: object + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + type: string + ConfidentialInstanceConfig: properties: - type: - description: Optional. Type of this accelerator. + confidentialInstanceType: type: string + description: >- + Optional. Defines the type of technology used by the confidential + instance. + enum: + - CONFIDENTIAL_INSTANCE_TYPE_UNSPECIFIED + - SEV enumDescriptions: - - Accelerator type is not specified. - - Accelerator type is Nvidia Tesla P100. + - No type specified. Do not use this value. + - AMD Secure Encrypted Virtualization. + id: ConfidentialInstanceConfig + type: object + description: A set of Confidential Instance options. + Policy: + properties: + bindings: + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + items: + $ref: '#/components/schemas/Binding' + type: array + etag: + format: byte + type: string + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + version: + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + format: int32 + type: integer + id: Policy + type: object + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + GPUDriverConfig: + type: object + id: GPUDriverConfig + description: A GPU driver configuration + properties: + customGpuDriverPath: + description: >- + Optional. Specify a custom Cloud Storage path where the GPU driver + is stored. If not specified, we'll automatically choose from + official GPU drivers. + type: string + enableGpuDriver: + type: boolean + description: >- + Optional. Whether the end user authorizes Google Cloud to install + GPU driver on this VM instance. If this field is empty or set to + false, the GPU driver won't be installed. Only applicable to + instances with GPUs. + AcceleratorConfig: + type: object + description: >- + An accelerator configuration for a VM instance Definition of a hardware + accelerator. Note that there is no check on `type` and `core_count` + combinations. TPUs are not supported. See [GPUs on Compute + Engine](https://cloud.google.com/compute/docs/gpus/#gpus-list) to find a + valid combination. + id: AcceleratorConfig + properties: + type: + description: Optional. Type of this accelerator. + enumDescriptions: + - Accelerator type is not specified. + - Accelerator type is Nvidia Tesla P100. - Accelerator type is Nvidia Tesla V100. - Accelerator type is Nvidia Tesla P4. - Accelerator type is Nvidia Tesla T4. @@ -504,9 +653,12 @@ components: - Accelerator type is Nvidia Tesla L4. - Accelerator type is Nvidia Tesla H100 - 80GB. - Accelerator type is Nvidia Tesla H100 - MEGA 80GB. + - Accelerator type is Nvidia Tesla H200 - 141GB. - Accelerator type is NVIDIA Tesla T4 Virtual Workstations. - Accelerator type is NVIDIA Tesla P100 Virtual Workstations. - Accelerator type is NVIDIA Tesla P4 Virtual Workstations. + - Accelerator type is NVIDIA B200. + type: string enum: - ACCELERATOR_TYPE_UNSPECIFIED - NVIDIA_TESLA_P100 @@ -518,168 +670,238 @@ components: - NVIDIA_L4 - NVIDIA_H100_80GB - NVIDIA_H100_MEGA_80GB + - NVIDIA_H200_141GB - NVIDIA_TESLA_T4_VWS - NVIDIA_TESLA_P100_VWS - NVIDIA_TESLA_P4_VWS + - NVIDIA_B200 coreCount: - description: Optional. Count of cores of this accelerator. type: string format: int64 - ServiceAccount: - id: ServiceAccount - description: A service account that acts as an identity. - type: object + description: Optional. Count of cores of this accelerator. + SupportedValues: + description: SupportedValues represents the values supported by the configuration. properties: - email: - description: Optional. Email address of the service account. - type: string - scopes: - description: >- - Output only. The list of scopes to be made available for this - service account. Set by the CLH to - https://www.googleapis.com/auth/cloud-platform - readOnly: true + acceleratorTypes: + description: Output only. The accelerator types supported by WbI. + items: + type: string type: array + readOnly: true + machineTypes: + description: Output only. The machine types supported by WbI. + readOnly: true items: type: string - VmImage: - id: VmImage - description: >- - Definition of a custom Compute Engine virtual machine image for starting - a notebook instance with the environment installed directly on the VM. - type: object - properties: - project: - description: >- - Required. The name of the Google Cloud project that this VM image - belongs to. Format: `{project_id}` - type: string - name: - description: Optional. Use VM image name to find the image. - type: string - family: - description: >- - Optional. Use this VM image family to find the image; the newest - image in this family will be used. - type: string - ContainerImage: - id: ContainerImage - description: >- - Definition of a container image for starting a notebook instance with - the environment installed in a container. - type: object - properties: - repository: - description: >- - Required. The path to the container image repository. For example: - `gcr.io/{project_id}/{image_name}` - type: string - tag: - description: >- - Optional. The tag of the container image. If not specified, this - defaults to the latest tag. - type: string - BootDisk: - id: BootDisk - description: The definition of a boot disk. + type: array + id: SupportedValues type: object + Binding: properties: - diskSizeGb: + condition: + $ref: '#/components/schemas/Expr' description: >- - Optional. The size of the boot disk in GB attached to this instance, - up to a maximum of 64000 GB (64 TB). If not specified, this defaults - to the recommended value of 150GB. - type: string - format: int64 - diskType: - description: Optional. Indicates the type of the disk. - type: string - enumDescriptions: - - Disk type not set. - - Standard persistent disk type. - - SSD persistent disk type. - - Balanced persistent disk type. - - Extreme persistent disk type. - enum: - - DISK_TYPE_UNSPECIFIED - - PD_STANDARD - - PD_SSD - - PD_BALANCED - - PD_EXTREME - diskEncryption: + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + role: description: >- - Optional. Input only. Disk encryption method used on the boot and - data disks, defaults to GMEK. + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). type: string - enumDescriptions: - - Disk encryption is not specified. - - Use Google managed encryption keys to encrypt the boot disk. - - Use customer managed encryption keys to encrypt the boot disk. - enum: - - DISK_ENCRYPTION_UNSPECIFIED - - GMEK - - CMEK - kmsKey: + members: + items: + type: string + type: array description: >- - Optional. Input only. The KMS key used to encrypt the disks, only - applicable if disk_encryption is CMEK. Format: - `projects/{project_id}/locations/{location}/keyRings/{key_ring_id}/cryptoKeys/{key_id}` - Learn more about using your own encryption keys. - type: string - DataDisk: - id: DataDisk - description: An instance-attached disk resource. + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + type: object + description: Associates `members`, or principals, with a `role`. + id: Binding + ListOperationsResponse: type: object + id: ListOperationsResponse properties: - diskSizeGb: + operations: + type: array description: >- - Optional. The size of the disk in GB attached to this VM instance, - up to a maximum of 64000 GB (64 TB). If not specified, this defaults - to 100. + A list of operations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Operation' + nextPageToken: + description: The standard List next-page token. type: string - format: int64 - diskType: - description: Optional. Input only. Indicates the type of the disk. + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + items: + type: string + type: array + description: The response message for Operations.ListOperations. + CheckAuthorizationRequest: + properties: + authorizationDetails: + additionalProperties: + type: string + type: object + description: >- + Optional. The details of the OAuth authorization response. This may + include additional params such as dry_run, version_info, origin, + propagate, etc. + type: object + description: Request message for checking authorization for the instance owner. + id: CheckAuthorizationRequest + ReservationAffinity: + id: ReservationAffinity + properties: + values: + description: >- + Optional. Corresponds to the label values of a reservation resource. + This can be either a name to a reservation in the same project or + "projects/different-project/reservations/some-reservation-name" to + target a shared reservation in the same zone but in a different + project. + type: array + items: + type: string + consumeReservationType: type: string enumDescriptions: - - Disk type not set. - - Standard persistent disk type. - - SSD persistent disk type. - - Balanced persistent disk type. - - Extreme persistent disk type. + - Default type. + - Do not consume from any allocated capacity. + - Consume any reservation available. + - >- + Must consume from a specific reservation. Must specify key value + fields for specifying the reservations. + description: >- + Required. Specifies the type of reservation from which this instance + can consume resources: RESERVATION_ANY (default), + RESERVATION_SPECIFIC, or RESERVATION_NONE. See Consuming reserved + instances for examples. enum: - - DISK_TYPE_UNSPECIFIED - - PD_STANDARD - - PD_SSD - - PD_BALANCED - - PD_EXTREME - diskEncryption: + - RESERVATION_UNSPECIFIED + - RESERVATION_NONE + - RESERVATION_ANY + - RESERVATION_SPECIFIC + key: + type: string description: >- - Optional. Input only. Disk encryption method used on the boot and - data disks, defaults to GMEK. + Optional. Corresponds to the label key of a reservation resource. To + target a RESERVATION_SPECIFIC by name, use + compute.googleapis.com/reservation-name as the key and specify the + name of your reservation as its value. + type: object + description: A reservation that an instance can consume from. + DefaultValues: + description: DefaultValues represents the default configuration values. + properties: + machineType: + readOnly: true + description: >- + Output only. The default machine type used by the backend if not + provided by the user. type: string - enumDescriptions: - - Disk encryption is not specified. - - Use Google managed encryption keys to encrypt the boot disk. - - Use customer managed encryption keys to encrypt the boot disk. - enum: - - DISK_ENCRYPTION_UNSPECIFIED - - GMEK - - CMEK - kmsKey: + type: object + id: DefaultValues + ServiceAccount: + type: object + id: ServiceAccount + properties: + scopes: + readOnly: true + items: + type: string + type: array description: >- - Optional. Input only. The KMS key used to encrypt the disks, only - applicable if disk_encryption is CMEK. Format: - `projects/{project_id}/locations/{location}/keyRings/{key_ring_id}/cryptoKeys/{key_id}` - Learn more about using your own encryption keys. + Output only. The list of scopes to be made available for this + service account. Set by the CLH to + https://www.googleapis.com/auth/cloud-platform + email: + description: Optional. Email address of the service account. type: string + description: A service account that acts as an identity. + ResetInstanceRequest: + id: ResetInstanceRequest + type: object + description: Request for resetting a notebook instance + properties: {} ShieldedInstanceConfig: - id: ShieldedInstanceConfig description: >- A set of Shielded Instance options. See [Images using supported Shielded VM features](https://cloud.google.com/compute/docs/instances/modifying-shielded-vm). Not all combinations are valid. + id: ShieldedInstanceConfig type: object properties: enableSecureBoot: @@ -691,8 +913,8 @@ components: Disabled by default. type: boolean enableVtpm: - description: Optional. Defines whether the VM instance has the vTPM enabled. type: boolean + description: Optional. Defines whether the VM instance has the vTPM enabled. enableIntegrityMonitoring: description: >- Optional. Defines whether the VM instance has integrity monitoring @@ -701,828 +923,644 @@ components: policy baseline. This baseline is initially derived from the implicitly trusted boot image when the VM instance is created. type: boolean - NetworkInterface: - id: NetworkInterface - description: The definition of a network interface resource attached to a VM. + Instance: + description: The definition of a notebook instance. type: object properties: - network: - description: >- - Optional. The name of the VPC that this VM instance is in. Format: - `projects/{project_id}/global/networks/{network_id}` + healthState: type: string - subnet: + readOnly: true + enumDescriptions: + - The instance substate is unknown. + - >- + The instance is known to be in an healthy state (for example, + critical daemons are running) Applies to ACTIVE state. + - >- + The instance is known to be in an unhealthy state (for example, + critical daemons are not running) Applies to ACTIVE state. + - >- + The instance has not installed health monitoring agent. Applies to + ACTIVE state. + - >- + The instance health monitoring agent is not running. Applies to + ACTIVE state. + description: Output only. Instance health_state. + enum: + - HEALTH_STATE_UNSPECIFIED + - HEALTHY + - UNHEALTHY + - AGENT_NOT_INSTALLED + - AGENT_NOT_RUNNING + enableThirdPartyIdentity: + type: boolean description: >- - Optional. The name of the subnet that this VM instance is in. - Format: - `projects/{project_id}/regions/{region}/subnetworks/{subnetwork_id}` + Optional. Flag that specifies that a notebook can be accessed with + third party identity provider. + satisfiesPzi: + readOnly: true + type: boolean + description: Output only. Reserved for future use for Zone Isolation. + satisfiesPzs: + type: boolean + description: Output only. Reserved for future use for Zone Separation. + readOnly: true + name: type: string - nicType: description: >- - Optional. The type of vNIC to be used on this interface. This may be - gVNIC or VirtioNet. + Output only. Identifier. The name of this notebook instance. Format: + `projects/{project_id}/locations/{location}/instances/{instance_id}` + readOnly: true + state: + description: Output only. The state of this instance. + readOnly: true type: string - enumDescriptions: - - No type specified. - - VIRTIO - - GVNIC enum: - - NIC_TYPE_UNSPECIFIED - - VIRTIO_NET - - GVNIC - accessConfigs: + - STATE_UNSPECIFIED + - STARTING + - PROVISIONING + - ACTIVE + - STOPPING + - STOPPED + - DELETED + - UPGRADING + - INITIALIZING + - SUSPENDING + - SUSPENDED + enumDescriptions: + - State is not specified. + - The control logic is starting the instance. + - >- + The control logic is installing required frameworks and + registering the instance with notebook proxy + - The instance is running. + - The control logic is stopping the instance. + - The instance is stopped. + - The instance is deleted. + - The instance is upgrading. + - The instance is being created. + - The instance is suspending. + - The instance is suspended. + healthInfo: + additionalProperties: + type: string description: >- - Optional. An array of configurations for this interface. Currently, - only one access config, ONE_TO_ONE_NAT, is supported. If no - accessConfigs specified, the instance will have an external internet - access through an ephemeral external IP address. + Output only. Additional information about instance health. Example: + healthInfo": { "docker_proxy_agent_status": "1", "docker_status": + "1", "jupyterlab_api_status": "-1", "jupyterlab_status": "-1", + "updated": "2020-10-18 09:40:03.573409" } + type: object + readOnly: true + id: + readOnly: true + description: Output only. Unique ID of the resource. + type: string + enableManagedEuc: + type: boolean + description: >- + Optional. Flag to enable managed end user credentials for the + instance. + enableDeletionProtection: + description: >- + Optional. If true, deletion protection will be enabled for this + Workbench Instance. If false, deletion protection will be disabled + for this Workbench Instance. + type: boolean + updateTime: + format: google-datetime + description: Output only. Instance update time. + type: string + readOnly: true + proxyUri: + readOnly: true + description: >- + Output only. The proxy endpoint that is used to access the Jupyter + notebook. + type: string + thirdPartyProxyUrl: + type: string + readOnly: true + description: >- + Output only. The workforce pools proxy endpoint that is used to + access the Jupyter notebook. + instanceOwners: + description: >- + Optional. The owner of this instance after creation. Format: + `alias@example.com` Currently supports one owner only. If not + specified, all of the service account users of your VM instance's + service account can use the instance. type: array items: - $ref: '#/components/schemas/AccessConfig' - AccessConfig: - id: AccessConfig - description: An access configuration attached to an instance's network interface. - type: object - properties: - externalIp: + type: string + gceSetup: description: >- - An external IP address associated with this instance. Specify an - unused static external IP address available to the project or leave - this field undefined to use an IP from a shared ephemeral IP address - pool. If you specify a static external IP address, it must live in - the same region as the zone of the instance. + Optional. Compute Engine setup for the notebook. Uses + notebook-defined fields. + $ref: '#/components/schemas/GceSetup' + labels: + additionalProperties: + type: string + description: >- + Optional. Labels to apply to this instance. These can be later + modified by the UpdateInstance method. + type: object + upgradeHistory: + readOnly: true + description: Output only. The upgrade history of this instance. + type: array + items: + $ref: '#/components/schemas/UpgradeHistoryEntry' + creator: type: string - GPUDriverConfig: - id: GPUDriverConfig - description: A GPU driver configuration - type: object - properties: - enableGpuDriver: description: >- - Optional. Whether the end user authorizes Google Cloud to install - GPU driver on this VM instance. If this field is empty or set to - false, the GPU driver won't be installed. Only applicable to - instances with GPUs. + Output only. Email address of entity that sent original + CreateInstance request. + readOnly: true + disableProxyAccess: type: boolean - customGpuDriverPath: description: >- - Optional. Specify a custom Cloud Storage path where the GPU driver - is stored. If not specified, we'll automatically choose from - official GPU drivers. + Optional. If true, the notebook instance will not register with the + proxy. + createTime: + format: google-datetime + readOnly: true type: string - ReservationAffinity: - id: ReservationAffinity - description: A reservation that an instance can consume from. - type: object + description: Output only. Instance creation time. + id: Instance + CheckInstanceUpgradabilityResponse: properties: - consumeReservationType: - description: >- - Required. Specifies the type of reservation from which this instance - can consume resources: RESERVATION_ANY (default), - RESERVATION_SPECIFIC, or RESERVATION_NONE. See Consuming reserved - instances for examples. + upgradeImage: type: string - enumDescriptions: - - Default type. - - Do not consume from any allocated capacity. - - Consume any reservation available. - - >- - Must consume from a specific reservation. Must specify key value - fields for specifying the reservations. - enum: - - RESERVATION_UNSPECIFIED - - RESERVATION_NONE - - RESERVATION_ANY - - RESERVATION_SPECIFIC - key: description: >- - Optional. Corresponds to the label key of a reservation resource. To - target a RESERVATION_SPECIFIC by name, use - compute.googleapis.com/reservation-name as the key and specify the - name of your reservation as its value. + The new image self link this instance will be upgraded to if calling + the upgrade endpoint. This field will only be populated if field + upgradeable is true. + upgradeInfo: + description: Additional information about upgrade. + type: string + upgradeVersion: type: string - values: description: >- - Optional. Corresponds to the label values of a reservation resource. - This can be either a name to a reservation in the same project or - "projects/different-project/reservations/some-reservation-name" to - target a shared reservation in the same zone but in a different - project. - type: array - items: - type: string - ConfidentialInstanceConfig: - id: ConfidentialInstanceConfig - description: A set of Confidential Instance options. + The version this instance will be upgraded to if calling the upgrade + endpoint. This field will only be populated if field upgradeable is + true. + upgradeable: + type: boolean + description: If an instance is upgradeable. + type: object + id: CheckInstanceUpgradabilityResponse + description: Response for checking if a notebook instance is upgradeable. + VmImage: type: object + id: VmImage properties: - confidentialInstanceType: + project: + type: string description: >- - Optional. Defines the type of technology used by the confidential - instance. + Required. The name of the Google Cloud project that this VM image + belongs to. Format: `{project_id}` + family: + description: >- + Optional. Use this VM image family to find the image; the newest + image in this family will be used. type: string - enumDescriptions: - - No type specified. Do not use this value. - - AMD Secure Encrypted Virtualization. - enum: - - CONFIDENTIAL_INSTANCE_TYPE_UNSPECIFIED - - SEV - UpgradeHistoryEntry: - id: UpgradeHistoryEntry - description: The entry of VM image upgrade history. - type: object + name: + type: string + description: Optional. Use VM image name to find the image. + description: >- + Definition of a custom Compute Engine virtual machine image for starting + a notebook instance with the environment installed directly on the VM. + ContainerImage: properties: - snapshot: + repository: description: >- - Optional. The snapshot of the boot disk of this notebook instance - before upgrade. - type: string - vmImage: - description: Optional. The VM image before this instance upgrade. + Required. The path to the container image repository. For example: + `gcr.io/{project_id}/{image_name}` type: string - containerImage: - description: Optional. The container image before this instance upgrade. + tag: type: string + description: >- + Optional. The tag of the container image. If not specified, this + defaults to the latest tag. + type: object + description: >- + Definition of a container image for starting a notebook instance with + the environment installed in a container. + id: ContainerImage + UpgradeHistoryEntry: + description: The entry of VM image upgrade history. + properties: framework: description: Optional. The framework of this notebook instance. type: string - version: - description: Optional. The version of the notebook instance before this upgrade. - type: string state: - description: Output only. The state of this instance upgrade history entry. + enum: + - STATE_UNSPECIFIED + - STARTED + - SUCCEEDED + - FAILED readOnly: true + description: Output only. The state of this instance upgrade history entry. type: string enumDescriptions: - State is not specified. - The instance upgrade is started. - The instance upgrade is succeeded. - The instance upgrade is failed. + action: enum: - - STATE_UNSPECIFIED - - STARTED - - SUCCEEDED - - FAILED + - ACTION_UNSPECIFIED + - UPGRADE + - ROLLBACK + enumDescriptions: + - Operation is not specified. + - Upgrade. + - Rollback. + type: string + description: Optional. Action. Rolloback or Upgrade. + vmImage: + description: Optional. The VM image before this instance upgrade. + type: string + version: + type: string + description: Optional. The version of the notebook instance before this upgrade. createTime: + type: string + format: google-datetime description: >- Immutable. The time that this instance upgrade history entry is created. + containerImage: + description: Optional. The container image before this instance upgrade. type: string - format: google-datetime - action: - description: Optional. Action. Rolloback or Upgrade. + snapshot: type: string - enumDescriptions: - - Operation is not specified. - - Upgrade. - - Rollback. - enum: - - ACTION_UNSPECIFIED - - UPGRADE - - ROLLBACK + description: >- + Optional. The snapshot of the boot disk of this notebook instance + before upgrade. targetVersion: description: Optional. Target VM Version, like m63. type: string - StartInstanceRequest: - id: StartInstanceRequest - description: Request for starting a notebook instance + id: UpgradeHistoryEntry type: object - properties: {} StopInstanceRequest: - id: StopInstanceRequest description: Request for stopping a notebook instance - type: object - properties: {} - ResetInstanceRequest: - id: ResetInstanceRequest - description: Request for resetting a notebook instance - type: object properties: {} - CheckInstanceUpgradabilityResponse: - id: CheckInstanceUpgradabilityResponse - description: Response for checking if a notebook instance is upgradeable. type: object + id: StopInstanceRequest + Snapshot: + description: >- + Snapshot represents the snapshot of the data disk used to restore the + Workbench Instance from. Refers to: + compute/v1/projects/{project_id}/global/snapshots/{snapshot_id} properties: - upgradeable: - description: If an instance is upgradeable. - type: boolean - upgradeVersion: - description: >- - The version this instance will be upgraded to if calling the upgrade - endpoint. This field will only be populated if field upgradeable is - true. - type: string - upgradeInfo: - description: Additional information about upgrade. + snapshotId: + description: Required. The ID of the snapshot. type: string - upgradeImage: - description: >- - The new image self link this instance will be upgraded to if calling - the upgrade endpoint. This field will only be populated if field - upgradeable is true. + projectId: + description: Required. The project ID of the snapshot. type: string - UpgradeInstanceRequest: - id: UpgradeInstanceRequest - description: Request for upgrading a notebook instance - type: object - properties: {} - ResizeDiskRequest: - id: ResizeDiskRequest - description: Request for resizing the notebook instance disks - type: object - properties: - bootDisk: - description: >- - Required. The boot disk to be resized. Only disk_size_gb will be - used. - $ref: '#/components/schemas/BootDisk' - dataDisk: - description: >- - Required. The data disk to be resized. Only disk_size_gb will be - used. - $ref: '#/components/schemas/DataDisk' - RollbackInstanceRequest: - id: RollbackInstanceRequest - description: Request for rollbacking a notebook instance + id: Snapshot type: object + Event: + description: >- + The definition of an Event for a managed / semi-managed notebook + instance. properties: - targetSnapshot: + details: + type: object + additionalProperties: + type: string description: >- - Required. The snapshot for rollback. Example: - "projects/test-project/global/snapshots/krwlzipynril". + Optional. Event details. This field is used to pass event + information. + type: type: string - revisionId: - description: Required. Output only. Revision Id - readOnly: true + description: Optional. Event type. + enum: + - EVENT_TYPE_UNSPECIFIED + - IDLE + - HEARTBEAT + - HEALTH + - MAINTENANCE + - METADATA_CHANGE + enumDescriptions: + - Event is not specified. + - The instance / runtime is idle + - >- + The instance / runtime is available. This event indicates that + instance / runtime underlying compute is operational. + - >- + The instance / runtime health is available. This event indicates + that instance / runtime health information. + - >- + The instance / runtime is available. This event allows instance / + runtime to send Host maintenance information to Control Plane. + https://cloud.google.com/compute/docs/gpus/gpu-host-maintenance + - >- + The instance / runtime is available. This event indicates that the + instance had metadata that needs to be modified. + reportTime: type: string - DiagnoseInstanceRequest: - id: DiagnoseInstanceRequest - description: Request for creating a notebook instance diagnostic file. - type: object - properties: - diagnosticConfig: - description: Required. Defines flags that are used to run the diagnostic tool - $ref: '#/components/schemas/DiagnosticConfig' - timeoutMinutes: - description: >- - Optional. Maximum amount of time in minutes before the operation - times out. - type: integer - format: int32 - DiagnosticConfig: - id: DiagnosticConfig - description: Defines flags that are used to run the diagnostic tool + description: Optional. Event report time. + format: google-datetime type: object - properties: - gcsBucket: - description: >- - Required. User Cloud Storage bucket location (REQUIRED). Must be - formatted with path prefix (`gs://$GCS_BUCKET`). Permissions: User - Managed Notebooks: - storage.buckets.writer: Must be given to the - project's service account attached to VM. Google Managed Notebooks: - - storage.buckets.writer: Must be given to the project's service - account or user credentials attached to VM depending on - authentication mode. Cloud Storage bucket Log file will be written - to `gs://$GCS_BUCKET/$RELATIVE_PATH/$VM_DATE_$TIME.tar.gz` - type: string - relativePath: - description: >- - Optional. Defines the relative storage path in the Cloud Storage - bucket where the diagnostic logs will be written: Default path will - be the root directory of the Cloud Storage bucket - (`gs://$GCS_BUCKET/$DATE_$TIME.tar.gz`) Example of full path where - Log file will be written: `gs://$GCS_BUCKET/$RELATIVE_PATH/` - type: string - enableRepairFlag: - description: Optional. Enables flag to repair service for instance - type: boolean - enablePacketCaptureFlag: - description: >- - Optional. Enables flag to capture packets from the instance for 30 - seconds - type: boolean - enableCopyHomeFilesFlag: - description: Optional. Enables flag to copy all `/home/jupyter` folder contents - type: boolean + id: Event Config: id: Config description: Response for getting WbI configurations in a location type: object properties: - defaultValues: - description: Output only. The default values for configuration. - readOnly: true - $ref: '#/components/schemas/DefaultValues' supportedValues: - description: Output only. The supported values for configuration. - readOnly: true $ref: '#/components/schemas/SupportedValues' - availableImages: - description: Output only. The list of available images to create a WbI. + description: Output only. The supported values for configuration. readOnly: true - type: array - items: - $ref: '#/components/schemas/ImageRelease' disableWorkbenchLegacyCreation: description: >- Output only. Flag to disable the creation of legacy Workbench notebooks (User-managed notebooks and Google-managed notebooks). readOnly: true type: boolean - DefaultValues: - id: DefaultValues - description: DefaultValues represents the default configuration values. - type: object - properties: - machineType: - description: >- - Output only. The default machine type used by the backend if not - provided by the user. - readOnly: true - type: string - SupportedValues: - id: SupportedValues - description: SupportedValues represents the values supported by the configuration. - type: object - properties: - machineTypes: - description: Output only. The machine types supported by WbI. - readOnly: true - type: array + availableImages: + description: Output only. The list of available images to create a WbI. items: - type: string - acceleratorTypes: - description: Output only. The accelerator types supported by WbI. + $ref: '#/components/schemas/ImageRelease' readOnly: true type: array - items: - type: string - ImageRelease: - id: ImageRelease - description: ConfigImage represents an image release available to create a WbI + defaultValues: + description: Output only. The default values for configuration. + readOnly: true + $ref: '#/components/schemas/DefaultValues' + DiagnoseInstanceRequest: + id: DiagnoseInstanceRequest + description: Request for creating a notebook instance diagnostic file. type: object properties: - imageName: + timeoutMinutes: + type: integer description: >- - Output only. The name of the image of the form - workbench-instances-vYYYYmmdd-- - readOnly: true - type: string - releaseName: - description: Output only. The release of the image of the form m123 - readOnly: true - type: string - RestoreInstanceRequest: - id: RestoreInstanceRequest - description: Request for restoring the notebook instance from a BackupSource. - type: object - properties: - snapshot: - description: Snapshot to be used for restore. - $ref: '#/components/schemas/Snapshot' - Snapshot: - id: Snapshot - description: >- - Snapshot represents the snapshot of the data disk used to restore the - Workbench Instance from. Refers to: - compute/v1/projects/{project_id}/global/snapshots/{snapshot_id} - type: object - properties: - snapshotId: - description: Required. The ID of the snapshot. - type: string - projectId: - description: Required. The project ID of the snapshot. - type: string - ReportInstanceInfoSystemRequest: - id: ReportInstanceInfoSystemRequest - description: Request for notebook instances to report information to Notebooks API. + Optional. Maximum amount of time in minutes before the operation + times out. + format: int32 + diagnosticConfig: + description: Required. Defines flags that are used to run the diagnostic tool + $ref: '#/components/schemas/DiagnosticConfig' + CancelOperationRequest: + properties: {} type: object + id: CancelOperationRequest + description: The request message for Operations.CancelOperation. + ListLocationsResponse: + id: ListLocationsResponse properties: - vmId: + locations: + items: + $ref: '#/components/schemas/Location' + type: array description: >- - Required. The VM hardware token for authenticating the VM. - https://cloud.google.com/compute/docs/instances/verifying-instance-identity + A list of locations that matches the specified filter in the + request. + nextPageToken: type: string - event: - description: Required. The Event to be reported. - $ref: '#/components/schemas/Event' - Event: - id: Event - description: >- - The definition of an Event for a managed / semi-managed notebook - instance. + description: The standard List next-page token. + type: object + description: The response message for Locations.ListLocations. + TestIamPermissionsRequest: + description: Request message for `TestIamPermissions` method. type: object properties: - reportTime: - description: Optional. Event report time. - type: string - format: google-datetime - type: - description: Optional. Event type. - type: string - enumDescriptions: - - Event is not specified. - - The instance / runtime is idle - - >- - The instance / runtime is available. This event indicates that - instance / runtime underlying compute is operational. - - >- - The instance / runtime health is available. This event indicates - that instance / runtime health information. - - >- - The instance / runtime is available. This event allows instance / - runtime to send Host maintenance information to Control Plane. - https://cloud.google.com/compute/docs/gpus/gpu-host-maintenance - - >- - The instance / runtime is available. This event indicates that the - instance had metadata that needs to be modified. - enum: - - EVENT_TYPE_UNSPECIFIED - - IDLE - - HEARTBEAT - - HEALTH - - MAINTENANCE - - METADATA_CHANGE - details: - description: >- - Optional. Event details. This field is used to pass event - information. - type: object - additionalProperties: + permissions: + items: type: string + type: array + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + id: TestIamPermissionsRequest + Empty: + id: Empty + type: object + properties: {} + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } UpgradeInstanceSystemRequest: id: UpgradeInstanceSystemRequest description: Request for upgrading a notebook instance from within the VM - type: object properties: vmId: description: >- Required. The VM hardware token for authenticating the VM. https://cloud.google.com/compute/docs/instances/verifying-instance-identity type: string - CheckAuthorizationRequest: - id: CheckAuthorizationRequest - description: Request message for checking authorization for the instance owner. - type: object - properties: - authorizationDetails: - description: >- - Optional. The details of the OAuth authorization response. This may - include additional params such as dry_run, version_info, origin, - propagate, etc. - type: object - additionalProperties: - type: string - CheckAuthorizationResponse: - id: CheckAuthorizationResponse - description: Response message for checking authorization for the instance owner. - type: object - properties: - createTime: - description: Output only. Timestamp when this Authorization request was created. - readOnly: true - type: string - format: google-datetime - success: - description: >- - Success indicates that the user completed OAuth consent and access - tokens can be generated. - type: boolean - oauth_uri: - description: >- - If the user has not completed OAuth consent, then the oauth_url is - returned. Otherwise, this field is not set. - type: string - GenerateAccessTokenRequest: - id: GenerateAccessTokenRequest - description: Request message for generating an EUC for the instance owner. - type: object - properties: - vmToken: - description: >- - Required. The VM identity token (a JWT) for authenticating the VM. - https://cloud.google.com/compute/docs/instances/verifying-instance-identity - type: string - GenerateAccessTokenResponse: - id: GenerateAccessTokenResponse - description: Response message for generating an EUC for the instance owner. - type: object - properties: - access_token: - description: >- - Short-lived access token string which may be used to access Google - APIs. - type: string - expires_in: - description: >- - The time in seconds when the access token expires. Typically that's - 3600. - type: integer - format: int32 - scope: - description: >- - Space-separated list of scopes contained in the returned token. - https://cloud.google.com/docs/authentication/token-types#access-contents - type: string - token_type: - description: >- - Type of the returned access token (e.g. "Bearer"). It specifies how - the token must be used. Bearer tokens may be used by any entity - without proof of identity. - type: string - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). type: object + DataDisk: + id: DataDisk properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: - description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' - etag: + kmsKey: description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + Optional. Input only. The KMS key used to encrypt the disks, only + applicable if disk_encryption is CMEK. Format: + `projects/{project_id}/locations/{location}/keyRings/{key_ring_id}/cryptoKeys/{key_id}` + Learn more about using your own encryption keys. type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. - type: object - properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + diskType: + description: Optional. Input only. Indicates the type of the disk. type: string - members: - description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + enumDescriptions: + - Disk type not set. + - Standard persistent disk type. + - SSD persistent disk type. + - Balanced persistent disk type. + - Extreme persistent disk type. + - Hyperdisk Balanced persistent disk type. + enum: + - DISK_TYPE_UNSPECIFIED + - PD_STANDARD + - PD_SSD + - PD_BALANCED + - PD_EXTREME + - HYPERDISK_BALANCED + diskSizeGb: + format: int64 + type: string + description: >- + Optional. The size of the disk in GB attached to this VM instance, + up to a maximum of 64000 GB (64 TB). If not specified, this defaults + to 100. + resourcePolicies: + items: + type: string + description: Optional. The resource policies to apply to the data disk. + type: array + diskEncryption: + description: >- + Optional. Input only. Disk encryption method used on the boot and + data disks, defaults to GMEK. + enumDescriptions: + - Disk encryption is not specified. + - Use Google managed encryption keys to encrypt the boot disk. + - Use customer managed encryption keys to encrypt the boot disk. + type: string + enum: + - DISK_ENCRYPTION_UNSPECIFIED + - GMEK + - CMEK + type: object + description: An instance-attached disk resource. + UpgradeInstanceRequest: + id: UpgradeInstanceRequest + properties: {} + description: Request for upgrading a notebook instance type: object + BootDisk: + id: BootDisk properties: - expression: + diskEncryption: description: >- - Textual representation of an expression in Common Expression - Language syntax. + Optional. Input only. Disk encryption method used on the boot and + data disks, defaults to GMEK. type: string - title: + enumDescriptions: + - Disk encryption is not specified. + - Use Google managed encryption keys to encrypt the boot disk. + - Use customer managed encryption keys to encrypt the boot disk. + enum: + - DISK_ENCRYPTION_UNSPECIFIED + - GMEK + - CMEK + diskSizeGb: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + Optional. The size of the boot disk in GB attached to this instance, + up to a maximum of 64000 GB (64 TB). If not specified, this defaults + to the recommended value of 150GB. + format: int64 type: string - description: + kmsKey: description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + Optional. Input only. The KMS key used to encrypt the disks, only + applicable if disk_encryption is CMEK. Format: + `projects/{project_id}/locations/{location}/keyRings/{key_ring_id}/cryptoKeys/{key_id}` + Learn more about using your own encryption keys. type: string - location: - description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + diskType: + enum: + - DISK_TYPE_UNSPECIFIED + - PD_STANDARD + - PD_SSD + - PD_BALANCED + - PD_EXTREME + - HYPERDISK_BALANCED + description: Optional. Indicates the type of the disk. type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. + enumDescriptions: + - Disk type not set. + - Standard persistent disk type. + - SSD persistent disk type. + - Balanced persistent disk type. + - Extreme persistent disk type. + - Hyperdisk Balanced persistent disk type. + description: The definition of a boot disk. + type: object + Status: + id: Status + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). type: object properties: - permissions: - description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). + code: + format: int32 + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + details: type: array + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + AccessConfig: + id: AccessConfig + description: An access configuration attached to an instance's network interface. properties: - permissions: + externalIp: + type: string description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. + An external IP address associated with this instance. Specify an + unused static external IP address available to the project or leave + this field undefined to use an IP from a shared ephemeral IP address + pool. If you specify a static external IP address, it must live in + the same region as the zone of the instance. + type: object + ListInstancesResponse: + description: Response for listing notebook instances. + type: object + id: ListInstancesResponse + properties: + instances: + items: + $ref: '#/components/schemas/Instance' + description: A list of returned instances. type: array + nextPageToken: + description: >- + Page token that can be used to continue listing from the last result + in the next list call. + type: string + unreachable: + description: >- + Locations that could not be reached. For example, ['us-west1-a', + 'us-central1-b']. A ListInstancesResponse will only contain either + instances or unreachables, items: type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. - type: object + type: array + ImageRelease: + description: ConfigImage represents an image release available to create a WbI + id: ImageRelease properties: - createTime: - description: The time the operation was created. - type: string - format: google-datetime - endTime: - description: The time the operation finished running. - type: string - format: google-datetime - target: - description: Server-defined resource path for the target of the operation. - type: string - verb: - description: Name of the verb executed by the operation. - type: string - statusMessage: - description: Human-readable status of the operation, if any. - type: string - requestedCancellation: + imageName: + readOnly: true description: >- - Identifies whether the user has requested cancellation of the - operation. Operations that have successfully been cancelled have - google.longrunning.Operation.error value with a - google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - type: boolean - apiVersion: - description: API version used to start the operation. + Output only. The name of the image of the form + workbench-instances-vYYYYmmdd-- type: string - endpoint: - description: API endpoint name of this operation. + releaseName: + readOnly: true type: string + description: Output only. The release of the image of the form m123 + type: object parameters: + callback: + description: JSONP + in: query + name: callback + schema: + type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string access_token: description: OAuth access token. in: query @@ -1539,33 +1577,21 @@ components: - json - media - proto - callback: - description: JSONP + _.xgafv: + description: V1 error format. in: query - name: callback + name: $.xgafv schema: type: string + enum: + - '1' + - '2' fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string prettyPrint: description: Returns response with indentations and line breaks. in: query @@ -1581,114 +1607,70 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: upload_protocol + name: oauth_token schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: uploadType + name: key schema: type: string - _.xgafv: - description: V1 error format. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: $.xgafv + name: upload_protocol schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: locations: id: google.notebooks.locations name: locations title: Locations methods: - list: - operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations get: operation: $ref: '#/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - operations: - id: google.notebooks.operations - name: operations - title: Operations - methods: list: operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - get: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - cancel: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + $ref: '#/paths/~1v2~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.locations sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + delete: [] instances: id: google.notebooks.instances name: instances title: Instances methods: - list: + upgrade: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:upgrade/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.instances - create: + delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -1706,45 +1688,38 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - start: + reset: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:start/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:reset/post response: mediaType: application/json openAPIDocKey: '200' - stop: + check_upgradability: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:stop/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:checkUpgradability/get response: mediaType: application/json openAPIDocKey: '200' - reset: + upgrade_system: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:reset/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:upgradeSystem/post response: mediaType: application/json openAPIDocKey: '200' - check_upgradability: + check_authorization: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:checkUpgradability/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:checkAuthorization/post response: mediaType: application/json openAPIDocKey: '200' - upgrade: + stop: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:upgrade/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:stop/post response: mediaType: application/json openAPIDocKey: '200' @@ -1769,10 +1744,17 @@ components: response: mediaType: application/json openAPIDocKey: '200' - restore: + generate_access_token: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:restore/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:generateAccessToken/post + response: + mediaType: application/json + openAPIDocKey: '200' + start: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:start/post response: mediaType: application/json openAPIDocKey: '200' @@ -1783,24 +1765,25 @@ components: response: mediaType: application/json openAPIDocKey: '200' - upgrade_system: + create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:upgradeSystem/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances/post response: mediaType: application/json openAPIDocKey: '200' - check_authorization: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:checkAuthorization/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances/get response: mediaType: application/json openAPIDocKey: '200' - generate_access_token: + objectKey: $.instances + restore: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:generateAccessToken/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:restore/post response: mediaType: application/json openAPIDocKey: '200' @@ -1815,6 +1798,43 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/instances/methods/delete' + instances_iam_policies: + id: google.notebooks.instances_iam_policies + name: instances_iam_policies + title: Instances_iam_policies + methods: + set_iam_policy: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + get_iam_policy: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + test_iam_permissions: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/instances_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/instances_iam_policies/methods/set_iam_policy + delete: [] instances_config: id: google.notebooks.instances_config name: instances_config @@ -1835,97 +1855,63 @@ components: update: [] replace: [] delete: [] - instances_iam_policies: - id: google.notebooks.instances_iam_policies - name: instances_iam_policies - title: Instances_iam_policies + operations: + id: google.notebooks.operations + name: operations + title: Operations methods: - set_iam_policy: + delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:setIamPolicy/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:getIamPolicy/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + cancel: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:testIamPermissions/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.operations sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/instances_iam_policies/methods/get_iam_policy + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/instances_iam_policies/methods/set_iam_policy - delete: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' paths: - /v2/projects/{projectsId}/locations: + /v2/projects/{projectsId}/locations/{locationsId}: parameters: &ref_1 + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - get: - description: Lists information about the supported locations for this service. - operationId: notebooks.projects.locations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListLocationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 get: description: Gets information about a location. operationId: notebooks.projects.locations.get @@ -1952,13 +1938,11 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/operations: + /v2/projects/{projectsId}/locations: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: notebooks.projects.locations.operations.list + description: Lists information about the supported locations for this service. + operationId: notebooks.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1970,22 +1954,13 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: @@ -1995,14 +1970,24 @@ paths: name: pageToken schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + - in: query + name: extraLocationTypes + schema: + type: string + - in: query + name: filter + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:upgrade: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: notebooks.projects.locations.operations.get + post: + description: Upgrades a notebook instance to the latest version. + operationId: notebooks.projects.locations.instances.upgrade + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UpgradeInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2027,17 +2012,15 @@ paths: schema: type: string - in: path - name: operationsId + name: instancesId required: true schema: type: string + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}: + parameters: *ref_1 delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: notebooks.projects.locations.operations.delete + description: Deletes a single Instance. + operationId: notebooks.projects.locations.instances.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2049,7 +2032,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2062,29 +2045,17 @@ paths: schema: type: string - in: path - name: operationsId + name: instancesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: notebooks.projects.locations.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + - in: query + name: requestId + schema: + type: string + get: + description: Gets details of a single Instance. + operationId: notebooks.projects.locations.instances.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2096,7 +2067,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Instance' parameters: - in: path name: projectsId @@ -2109,15 +2080,18 @@ paths: schema: type: string - in: path - name: operationsId + name: instancesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances: - parameters: *ref_1 - get: - description: Lists instances in a given project and location. - operationId: notebooks.projects.locations.instances.list + patch: + description: UpdateInstance updates an Instance. + operationId: notebooks.projects.locations.instances.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Instance' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2129,7 +2103,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInstancesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2141,31 +2115,30 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: instancesId + required: true schema: type: string - in: query - name: orderBy + name: requestId schema: type: string - in: query - name: filter + name: updateMask schema: type: string + format: google-fieldmask + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:reset: + parameters: *ref_1 post: - description: Creates a new Instance in a given project and location. - operationId: notebooks.projects.locations.instances.create + description: Resets a notebook instance. + operationId: notebooks.projects.locations.instances.reset requestBody: content: application/json: schema: - $ref: '#/components/schemas/Instance' + $ref: '#/components/schemas/ResetInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2189,19 +2162,16 @@ paths: required: true schema: type: string - - in: query - name: instanceId - schema: - type: string - - in: query - name: requestId + - in: path + name: instancesId + required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}: + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:checkUpgradability: parameters: *ref_1 get: - description: Gets details of a single Instance. - operationId: notebooks.projects.locations.instances.get + description: Checks whether a notebook instance is upgradable. + operationId: notebooks.projects.locations.instances.checkUpgradability security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2213,7 +2183,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Instance' + $ref: '#/components/schemas/CheckInstanceUpgradabilityResponse' parameters: - in: path name: projectsId @@ -2230,54 +2200,19 @@ paths: required: true schema: type: string - patch: - description: UpdateInstance updates an Instance. - operationId: notebooks.projects.locations.instances.patch + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: notebooks.projects.locations.instances.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/Instance' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: instancesId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId - schema: - type: string - delete: - description: Deletes a single Instance. - operationId: notebooks.projects.locations.instances.delete + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2289,7 +2224,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2306,20 +2241,18 @@ paths: required: true schema: type: string - - in: query - name: requestId - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:start: + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:upgradeSystem: parameters: *ref_1 post: - description: Starts a notebook instance. - operationId: notebooks.projects.locations.instances.start + description: >- + Allows notebook instances to upgrade themselves. Do not use this method + directly. + operationId: notebooks.projects.locations.instances.upgradeSystem requestBody: content: application/json: schema: - $ref: '#/components/schemas/StartInstanceRequest' + $ref: '#/components/schemas/UpgradeInstanceSystemRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2348,16 +2281,13 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:stop: + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:getIamPolicy: parameters: *ref_1 - post: - description: Stops a notebook instance. - operationId: notebooks.projects.locations.instances.stop - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/StopInstanceRequest' + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: notebooks.projects.locations.instances.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2369,7 +2299,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2386,16 +2316,26 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:reset: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:testIamPermissions: parameters: *ref_1 post: - description: Resets a notebook instance. - operationId: notebooks.projects.locations.instances.reset + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: notebooks.projects.locations.instances.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/ResetInstanceRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2407,7 +2347,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -2424,11 +2364,19 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:checkUpgradability: - parameters: *ref_1 - get: - description: Checks whether a notebook instance is upgradable. - operationId: notebooks.projects.locations.instances.checkUpgradability + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:checkAuthorization: + parameters: *ref_1 + post: + description: >- + Initiated by Cloud Console for Oauth consent flow for Workbench + Instances. Do not use this method directly. Design doc: + go/wbi-euc:auth-dd + operationId: notebooks.projects.locations.instances.checkAuthorization + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CheckAuthorizationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2440,7 +2388,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CheckInstanceUpgradabilityResponse' + $ref: '#/components/schemas/CheckAuthorizationResponse' parameters: - in: path name: projectsId @@ -2457,16 +2405,16 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:upgrade: + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:stop: parameters: *ref_1 post: - description: Upgrades a notebook instance to the latest version. - operationId: notebooks.projects.locations.instances.upgrade + description: Stops a notebook instance. + operationId: notebooks.projects.locations.instances.stop requestBody: content: application/json: schema: - $ref: '#/components/schemas/UpgradeInstanceRequest' + $ref: '#/components/schemas/StopInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2571,6 +2519,34 @@ paths: required: true schema: type: string + /v2/projects/{projectsId}/locations/{locationsId}/instances:getConfig: + parameters: *ref_1 + get: + description: Returns various configuration parameters. + operationId: notebooks.projects.locations.instances.getConfig + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Config' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:diagnose: parameters: *ref_1 post: @@ -2609,11 +2585,18 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances:getConfig: + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:generateAccessToken: parameters: *ref_1 - get: - description: Returns various configuration parameters. - operationId: notebooks.projects.locations.instances.getConfig + post: + description: >- + Called by VM to return an EUC for the instance owner. Do not use this + method directly. Design doc: go/wbi-euc:dd + operationId: notebooks.projects.locations.instances.generateAccessToken + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GenerateAccessTokenRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2625,7 +2608,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Config' + $ref: '#/components/schemas/GenerateAccessTokenResponse' parameters: - in: path name: projectsId @@ -2637,16 +2620,21 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:restore: + - in: path + name: instancesId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:start: parameters: *ref_1 post: - description: RestoreInstance restores an Instance from a BackupSource. - operationId: notebooks.projects.locations.instances.restore + description: Starts a notebook instance. + operationId: notebooks.projects.locations.instances.start requestBody: content: application/json: schema: - $ref: '#/components/schemas/RestoreInstanceRequest' + $ref: '#/components/schemas/StartInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2716,18 +2704,16 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:upgradeSystem: + /v2/projects/{projectsId}/locations/{locationsId}/instances: parameters: *ref_1 post: - description: >- - Allows notebook instances to upgrade themselves. Do not use this method - directly. - operationId: notebooks.projects.locations.instances.upgradeSystem + description: Creates a new Instance in a given project and location. + operationId: notebooks.projects.locations.instances.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/UpgradeInstanceSystemRequest' + $ref: '#/components/schemas/Instance' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2751,24 +2737,17 @@ paths: required: true schema: type: string - - in: path - name: instancesId - required: true + - in: query + name: requestId schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:checkAuthorization: - parameters: *ref_1 - post: - description: >- - Initiated by Cloud Console for Oauth consent flow for Workbench - Instances. Do not use this method directly. Design doc: - go/wbi-euc:auth-dd - operationId: notebooks.projects.locations.instances.checkAuthorization - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CheckAuthorizationRequest' + - in: query + name: instanceId + schema: + type: string + get: + description: Lists instances in a given project and location. + operationId: notebooks.projects.locations.instances.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2780,7 +2759,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CheckAuthorizationResponse' + $ref: '#/components/schemas/ListInstancesResponse' parameters: - in: path name: projectsId @@ -2792,23 +2771,33 @@ paths: required: true schema: type: string - - in: path - name: instancesId - required: true + - in: query + name: orderBy schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:generateAccessToken: + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:restore: parameters: *ref_1 post: - description: >- - Called by VM to return an EUC for the instance owner. Do not use this - method directly. Design doc: go/wbi-euc:dd - operationId: notebooks.projects.locations.instances.generateAccessToken + description: RestoreInstance restores an Instance from a BackupSource. + operationId: notebooks.projects.locations.instances.restore requestBody: content: application/json: schema: - $ref: '#/components/schemas/GenerateAccessTokenRequest' + $ref: '#/components/schemas/RestoreInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2820,7 +2809,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GenerateAccessTokenResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2837,19 +2826,15 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:setIamPolicy: + /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - post: + delete: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: notebooks.projects.locations.instances.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: notebooks.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2861,7 +2846,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2874,17 +2859,16 @@ paths: schema: type: string - in: path - name: instancesId + name: operationsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:getIamPolicy: - parameters: *ref_1 get: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: notebooks.projects.locations.instances.getIamPolicy + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: notebooks.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2896,7 +2880,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2909,30 +2893,29 @@ paths: schema: type: string - in: path - name: instancesId + name: operationsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v2/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:testIamPermissions: + /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: notebooks.projects.locations.instances.testIamPermissions + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: notebooks.projects.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2944,7 +2927,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2957,7 +2940,54 @@ paths: schema: type: string - in: path - name: instancesId + name: operationsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: notebooks.projects.locations.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListOperationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId required: true schema: type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 diff --git a/providers/src/googleapis.com/v00.00.00000/services/observability.yaml b/providers/src/googleapis.com/v00.00.00000/services/observability.yaml index 0686bac3..a6d84295 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/observability.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/observability.yaml @@ -7,8 +7,8 @@ info: title: Observability API description: '' version: v1 - x-discovery-doc-revision: '20250822' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251113' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/stackdriver/docs/ servers: @@ -49,6 +49,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -668,6 +677,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/ondemandscanning.yaml b/providers/src/googleapis.com/v00.00.00000/services/ondemandscanning.yaml index df6cf9f7..41b9ff07 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/ondemandscanning.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/ondemandscanning.yaml @@ -7,8 +7,8 @@ info: title: On-Demand Scanning API description: A service to scan container images for vulnerabilities. version: v1 - x-discovery-doc-revision: '20250815' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251208' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/container-analysis/docs/on-demand-scanning/ servers: @@ -34,504 +34,586 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + GrafeasV1BaseImage: type: object + description: BaseImage describes a base image of a container image. properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + name: type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object + description: The name of the base image. + repository: + description: The repository name in which the base image is from. + type: string + layerCount: + type: integer + description: The number of layers that the base image is composed of. + format: int32 + id: GrafeasV1BaseImage + GerritSourceContext: + description: A SourceContext referring to a Gerrit project. properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + revisionId: + description: A revision (commit) ID. type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + gerritProject: description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + The full project name within the host. Projects may be nested, so + "project/subproject" is a valid project name. The "repo name" is the + hostURI/project. + type: string + hostUri: + description: The URI of a running Gerrit instance. + type: string + aliasContext: + description: An alias, which may be a branch or tag. + $ref: '#/components/schemas/AliasContext' + id: GerritSourceContext + type: object + SlsaProvenance: + properties: + builder: + description: required + $ref: '#/components/schemas/SlsaBuilder' + materials: + type: array description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + The collection of artifacts that influenced the build including + sources, dependencies, build tools, base images, and so on. This is + considered to be incomplete unless metadata.completeness.materials + is true. Unset or null is equivalent to empty. + items: + $ref: '#/components/schemas/Material' + recipe: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + Identifies the configuration used for the build. When combined with + materials, this SHOULD fully describe the build, such that + re-running this recipe results in bit-for-bit identical output (if + the build is reproducible). required + $ref: '#/components/schemas/SlsaRecipe' + metadata: + $ref: '#/components/schemas/SlsaMetadata' + id: SlsaProvenance + type: object + SbomReferenceIntotoPayload: type: object + description: >- + The actual payload that contains the SBOM Reference data. The payload + follows the intoto statement specification. See + https://github.com/in-toto/attestation/blob/main/spec/v1.0/statement.md + for more details. properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + subject: + type: array description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + Set of software artifacts that the attestation applies to. Each + element represents a single software artifact. + items: + $ref: '#/components/schemas/Subject' + _type: type: string - details: + description: Identifier for the schema of the Statement. + predicateType: + description: URI identifying the type of the Predicate. + type: string + predicate: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty + Additional parameters of the Predicate. Includes the actual data + about the SBOM. + $ref: '#/components/schemas/SbomReferenceIntotoPredicate' + id: SbomReferenceIntotoPayload + NonCompliantFile: description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + Details about files that caused a compliance check to fail. + display_command is a single command that can be used to display a list + of non compliant files. When there is no such command, we can also + iterate a list of non compliant file using 'path'. + id: NonCompliantFile type: object - properties: {} + properties: + path: + type: string + description: Empty if `display_command` is set. + displayCommand: + description: Command to display the non-compliant files. + type: string + reason: + type: string + description: Explains why a file is non compliant for a CIS check. + SecretLocation: + properties: + fileLocation: + description: The secret is found from a file. + $ref: '#/components/schemas/GrafeasV1FileLocation' + id: SecretLocation + type: object + description: The location of the secret. AnalyzePackagesRequestV1: - id: AnalyzePackagesRequestV1 description: >- AnalyzePackagesRequest is the request to analyze a list of packages and create Vulnerability Occurrences for it. - type: object + id: AnalyzePackagesRequestV1 properties: - resourceUri: - description: Required. The resource URI of the container image being scanned. - type: string packages: - description: The packages to analyze. type: array + description: The packages to analyze. items: $ref: '#/components/schemas/PackageData' + resourceUri: + type: string + description: Required. The resource URI of the container image being scanned. includeOsvData: + deprecated: true + type: boolean description: >- [DEPRECATED] Whether to include OSV data in the scan. For backwards compatibility reasons, this field can be neither removed nor renamed. - deprecated: true - type: boolean - PackageData: - id: PackageData type: object + Version: properties: - package: - description: The package being analysed for vulnerabilities - type: string - version: - description: The version of the package being analysed + name: type: string - os: description: >- - The OS affected by a vulnerability Used to generate the cpe_uri for - OS packages - type: string - osVersion: - description: The version of the OS Used to generate the cpe_uri for OS packages + Required only when version kind is NORMAL. The main part of the + version name. + kind: + description: >- + Required. Distinguishes between sentinel MIN/MAX versions and normal + versions. + enumDescriptions: + - Unknown. + - A standard package version. + - A special version representing negative infinity. + - A special version representing positive infinity. + enum: + - VERSION_KIND_UNSPECIFIED + - NORMAL + - MINIMUM + - MAXIMUM type: string - cpeUri: + epoch: + type: integer + format: int32 + description: Used to correct mistakes in the version numbering scheme. + inclusive: + type: boolean description: >- - The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) - in which the vulnerability may manifest. Examples include distro or - storage location for vulnerable jar. + Whether this version is specifying part of an inclusive range. + Grafeas does not have the capability to specify version ranges; + instead we have fields that specify start version and end versions. + At times this is insufficient - we also need to specify whether the + version is included in the range or is excluded from the range. This + boolean is expected to be set to true when the version is included + in a range. + revision: + description: The iteration of the package build from the above version. type: string - unused: + fullName: type: string - packageType: - description: 'The type of package: os, maven, go, etc.' + description: >- + Human readable version string. This string is of the form :- and is + only set when kind is NORMAL. + description: Version contains structured information about the version of a package. + id: Version + type: object + ComplianceVersion: + type: object + properties: + cpeUri: + type: string + description: >- + The CPE URI (https://cpe.mitre.org/specification/) this benchmark is + applicable to. + version: + type: string + description: >- + The version of the benchmark. This is set to the version of the + OS-specific CIS document the benchmark is defined in. + benchmarkDocument: + description: >- + The name of the document that defines this benchmark, e.g. "CIS + Container-Optimized OS". + type: string + id: ComplianceVersion + description: >- + Describes the CIS benchmark version that is applicable to a given OS and + os version. + AnalyzePackagesResponse: + properties: + scan: type: string + description: The name of the scan resource created by this successful scan. + description: >- + AnalyzePackagesResponse contains the information necessary to find + results for the given scan. + type: object + id: AnalyzePackagesResponse + Remediation: + type: object + properties: + remediationType: + description: The type of remediation that can be applied. enumDescriptions: - - '' - - Operating System - - Java packages from Maven. - - Go third-party packages. - - Go toolchain + standard library packages. - - Python packages. - - NPM packages. - - Nuget (C#/.NET) packages. - - Ruby packges (from RubyGems package manager). - - Rust packages from Cargo (GitHub ecosystem is `RUST`). - - PHP packages from Composer package manager. - - Swift packages from Swift Package Manager (SwiftPM). + - No remediation type specified. + - A MITIGATION is available. + - No fix is planned. + - Not available. + - A vendor fix is available. + - A workaround is available. + type: string enum: - - PACKAGE_TYPE_UNSPECIFIED - - OS - - MAVEN - - GO - - GO_STDLIB - - PYPI - - NPM - - NUGET - - RUBYGEMS - - RUST - - COMPOSER - - SWIFT - hashDigest: + - REMEDIATION_TYPE_UNSPECIFIED + - MITIGATION + - NO_FIX_PLANNED + - NONE_AVAILABLE + - VENDOR_FIX + - WORKAROUND + details: description: >- - HashDigest stores the SHA512 hash digest of the jar file if the - package is of type Maven. This field will be unset for non Maven - packages. + Contains a comprehensive human-readable discussion of the + remediation. type: string - fileLocation: - description: The path to the jar file / go binary file. - type: array - items: - $ref: '#/components/schemas/FileLocation' - patchedCve: - description: CVEs that this package is no longer vulnerable to + remediationUri: + description: Contains the URL where to obtain the remediation. + $ref: '#/components/schemas/RelatedUrl' + id: Remediation + description: >- + Specifies details on how to handle (and presumably, fix) a + vulnerability. + SBOMReferenceOccurrence: + id: SBOMReferenceOccurrence + type: object + description: >- + The occurrence representing an SBOM reference as applied to a specific + resource. The occurrence follows the DSSE specification. See + https://github.com/secure-systems-lab/dsse/blob/master/envelope.md for + more details. + properties: + payload: + description: The actual payload that contains the SBOM reference data. + $ref: '#/components/schemas/SbomReferenceIntotoPayload' + signatures: type: array items: - type: string - dependencyChain: + $ref: '#/components/schemas/EnvelopeSignature' + description: The signatures over the payload. + payloadType: description: >- - The dependency chain between this package and the user's artifact. - List in order from the customer's package under review first, to the - current package last. Inclusive of the original package and the - current package. - type: array - items: - $ref: '#/components/schemas/LanguagePackageDependency' - maintainer: - description: The maintainer of the package. - $ref: '#/components/schemas/Maintainer' - architecture: - description: The architecture of the package. + The kind of payload that SbomReferenceIntotoPayload takes. Since + it's in the intoto format, this value is expected to be + 'application/vnd.in-toto+json'. type: string - binaryVersion: - description: DEPRECATED - $ref: '#/components/schemas/PackageVersion' - sourceVersion: - description: DEPRECATED - $ref: '#/components/schemas/PackageVersion' - binarySourceInfo: - description: A bundle containing the binary and source information. - type: array - items: - $ref: '#/components/schemas/BinarySourceInfo' - licenses: - description: >- - The list of licenses found that are related to a given package. Note - that licenses may also be stored on the BinarySourceInfo. If there - is no BinarySourceInfo (because there's no concept of source vs - binary), then it will be stored here, while if there are - BinarySourceInfos, it will be stored there, as one source can have - multiple binaries with different licenses. - type: array - items: + Material: + id: Material + properties: + uri: + type: string + digest: + additionalProperties: type: string - layerDetails: - $ref: '#/components/schemas/LayerDetails' - FileLocation: - id: FileLocation - description: Indicates the location at which a package was found. + type: object type: object + FileLocation: properties: filePath: + type: string description: >- For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file. - type: string layerDetails: $ref: '#/components/schemas/LayerDetails' - LayerDetails: - id: LayerDetails - description: Details about the layer a package was found in. + id: FileLocation type: object - properties: - index: - description: The index of the layer in the container image. - type: integer - format: int32 - diffId: - description: The diff ID (sha256 hash) of the layer in the container image. - type: string - chainId: - description: >- - The layer chain ID (sha256 hash) of the layer in the container - image. - https://github.com/opencontainers/image-spec/blob/main/config.md#layer-chainid - type: string - command: - description: >- - The layer build command that was used to build the layer. This may - not be found in all layers depending on how the container image is - built. - type: string - baseImages: - description: The base images the layer is found within. - type: array - items: - $ref: '#/components/schemas/BaseImage' + description: Indicates the location at which a package was found. BaseImage: id: BaseImage - description: BaseImage describes a base image of a container image. - type: object properties: - name: - description: The name of the base image. - type: string repository: + type: string description: The repository name in which the base image is from. + name: + description: The name of the base image. type: string layerCount: description: The number of layers that the base image is composed of. type: integer format: int32 - LanguagePackageDependency: - id: LanguagePackageDependency - description: >- - Indicates a language package available between this package and the - customer's resource artifact. - type: object - properties: - package: - type: string - version: - type: string - Maintainer: - id: Maintainer - type: object - properties: - name: - type: string - kind: - type: string - email: - type: string - url: - type: string - PackageVersion: - id: PackageVersion + description: BaseImage describes a base image of a container image. type: object + Source: properties: - name: - type: string - version: - type: string - licenses: + additionalContexts: description: >- - The licenses associated with this package. Note that this has to go - on the PackageVersion level, because we can have cases with images - with the same source having different licences. E.g. in Alpine, musl - and musl-utils both have the same origin musl, but have different - sets of licenses. - type: array + If provided, some of the source code used for the build may be found + in these locations, in the case where the source repository had + multiple remotes or submodules. This list will not include the + context specified in the context field. items: - type: string - BinarySourceInfo: - id: BinarySourceInfo + $ref: '#/components/schemas/SourceContext' + type: array + context: + $ref: '#/components/schemas/SourceContext' + description: >- + If provided, the source code used for the build came from this + location. + fileHashes: + description: >- + Hash(es) of the build source, which can be used to verify that the + original source integrity was maintained in the build. The keys to + this map are file paths used as build source and the values contain + the hash values for those files. If the build source came in a + single package such as a gzipped tarfile (.tar.gz), the FileHash + will be for the single path to that file. + additionalProperties: + $ref: '#/components/schemas/FileHashes' + type: object + artifactStorageSourceUri: + description: >- + If provided, the input binary artifacts for the build came from this + location. + type: string + id: Source type: object + description: Source describes the location of the source used for the build. + UpgradeOccurrence: + type: object + id: UpgradeOccurrence + description: >- + An Upgrade Occurrence represents that a specific resource_url could + install a specific upgrade. This presence is supplied via local sources + (i.e. it is present in the mirror and the running system has noticed its + availability). For Windows, both distribution and windows_update contain + information for the Windows update. properties: - binaryVersion: + distribution: + $ref: '#/components/schemas/UpgradeDistribution' description: >- - The binary package. This is significant when the source is different - than the binary itself. Historically if they've differed, we've - stored the name of the source and its version in the package/version - fields, but we should also store the binary package info, as that's - what's actually installed. - $ref: '#/components/schemas/PackageVersion' - sourceVersion: + Metadata about the upgrade for available for the specific operating + system for the resource_url. This allows efficient filtering, as + well as making it easier to use the occurrence. + package: + description: Required for non-Windows OS. The package this Upgrade is for. + type: string + parsedVersion: + $ref: '#/components/schemas/Version' description: >- - The source package. Similar to the above, this is significant when - the source is different than the binary itself. Since the top-level - package/version fields are based on an if/else, we need a separate - field for both binary and source if we want to know definitively - where the data is coming from. - $ref: '#/components/schemas/PackageVersion' + Required for non-Windows OS. The version of the package in a machine + + human readable form. + windowsUpdate: + $ref: '#/components/schemas/WindowsUpdate' + description: >- + Required for Windows OS. Represents the metadata about the Windows + update. + ExploitPredictionScoringSystem: + id: ExploitPredictionScoringSystem + properties: + percentile: + description: >- + The percentile of the current score, the proportion of all scored + vulnerabilities with the same or a lower EPSS score + type: number + format: double + score: + format: double + description: >- + The EPSS score representing the probability [0-1] of exploitation in + the wild in the next 30 days + type: number + type: object + GrafeasV1LayerDetails: + properties: + command: + description: >- + The layer build command that was used to build the layer. This may + not be found in all layers depending on how the container image is + built. + type: string + baseImages: + type: array + description: The base images the layer is found within. + items: + $ref: '#/components/schemas/GrafeasV1BaseImage' + diffId: + description: >- + The diff ID (typically a sha256 hash) of the layer in the container + image. + type: string + index: + format: int32 + type: integer + description: The index of the layer in the container image. + chainId: + description: >- + The layer chain ID (sha256 hash) of the layer in the container + image. + https://github.com/opencontainers/image-spec/blob/main/config.md#layer-chainid + type: string + type: object + description: Details about the layer a package was found in. + id: GrafeasV1LayerDetails ListVulnerabilitiesResponseV1: - id: ListVulnerabilitiesResponseV1 description: >- ListVulnerabilitiesResponse contains a single page of vulnerabilities resulting from a scan. - type: object + id: ListVulnerabilitiesResponseV1 properties: occurrences: - description: The list of Vulnerability Occurrences resulting from a scan. type: array items: $ref: '#/components/schemas/Occurrence' + description: The list of Vulnerability Occurrences resulting from a scan. nextPageToken: + type: string description: >- A page token that can be used in a subsequent call to ListVulnerabilities to continue retrieving results. - type: string - Occurrence: - id: Occurrence - description: An instance of an analysis type that has been found on a resource. type: object + Justification: properties: - name: - description: >- - Output only. The name of the occurrence in the form of - `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`. - type: string - resourceUri: - description: >- - Required. Immutable. A URI that represents the resource for which - the occurrence applies. For example, - `https://gcr.io/project/image@sha256:123abc` for a Docker image. + justificationType: type: string - noteName: - description: >- - Required. Immutable. The analysis note associated with this - occurrence, in the form of `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. - This field can be used as a filter in list requests. + enumDescriptions: + - JUSTIFICATION_TYPE_UNSPECIFIED. + - The vulnerable component is not present in the product. + - >- + The vulnerable code is not present. Typically this case occurs + when source code is configured or built in a way that excludes the + vulnerable code. + - >- + The vulnerable code can not be executed. Typically this case + occurs when the product includes the vulnerable code but does not + call or use the vulnerable code. + - >- + The vulnerable code cannot be controlled by an attacker to exploit + the vulnerability. + - >- + The product includes built-in protections or features that prevent + exploitation of the vulnerability. These built-in protections + cannot be subverted by the attacker and cannot be configured or + disabled by the user. These mitigations completely prevent + exploitation based on known attack vectors. + enum: + - JUSTIFICATION_TYPE_UNSPECIFIED + - COMPONENT_NOT_PRESENT + - VULNERABLE_CODE_NOT_PRESENT + - VULNERABLE_CODE_NOT_IN_EXECUTE_PATH + - VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY + - INLINE_MITIGATIONS_ALREADY_EXIST + description: The justification type for this vulnerability. + details: + description: Additional details on why this justification was chosen. type: string + type: object + description: >- + Justification provides the justification when the state of the + assessment if NOT_AFFECTED. + id: Justification + SecretOccurrence: + description: The occurrence provides details of a secret. + id: SecretOccurrence + type: object + properties: kind: - description: >- - Output only. This explicitly denotes which of the occurrence details - are specified. This field can be used as a filter in list requests. - type: string enumDescriptions: - - Default value. This value is unused. - - The note and occurrence represent a package vulnerability. - - The note and occurrence assert build provenance. - - This represents an image basis relationship. - - This represents a package installed via a package manager. - - The note and occurrence track deployment events. + - Unspecified + - The secret kind is unknown. - >- - The note and occurrence track the initial discovery status of a - resource. - - This represents a logical "role" that can attest to artifacts. - - This represents an available package upgrade. - - This represents a Compliance Note - - This represents a DSSE attestation Note - - This represents a Vulnerability Assessment. - - This represents an SBOM Reference. - - This represents a secret. + A Google Cloud service account key per: + https://cloud.google.com/iam/docs/creating-managing-service-account-keys + - >- + A Google Cloud API key per: + https://cloud.google.com/docs/authentication/api-keys + - >- + A Google Cloud OAuth2 client credentials per: + https://developers.google.com/identity/protocols/oauth2 + - >- + A Google Cloud OAuth2 access token per: + https://cloud.google.com/docs/authentication/token-types#access + - An Anthropic Admin API key. + - An Anthropic API key. + - An Azure access token. + - An Azure Identity Platform ID token. + - A Docker Hub personal access token. + - A GitHub App refresh token. + - A GitHub App server-to-server token. + - A GitHub App user-to-server token. + - A GitHub personal access token (classic). + - A GitHub fine-grained personal access token. + - A GitHub OAuth token. + - A Hugging Face API key. + - An OpenAI API key. + - A Perplexity API key. + - A Stripe secret key. + - A Stripe restricted key. + - A Stripe webhook secret. + type: string + description: Required. Type of secret. enum: - - NOTE_KIND_UNSPECIFIED - - VULNERABILITY - - BUILD - - IMAGE - - PACKAGE - - DEPLOYMENT - - DISCOVERY - - ATTESTATION - - UPGRADE - - COMPLIANCE - - DSSE_ATTESTATION - - VULNERABILITY_ASSESSMENT - - SBOM_REFERENCE - - SECRET - remediation: - description: A description of actions that can be taken to remedy the note. + - SECRET_KIND_UNSPECIFIED + - SECRET_KIND_UNKNOWN + - SECRET_KIND_GCP_SERVICE_ACCOUNT_KEY + - SECRET_KIND_GCP_API_KEY + - SECRET_KIND_GCP_OAUTH2_CLIENT_CREDENTIALS + - SECRET_KIND_GCP_OAUTH2_ACCESS_TOKEN + - SECRET_KIND_ANTHROPIC_ADMIN_API_KEY + - SECRET_KIND_ANTHROPIC_API_KEY + - SECRET_KIND_AZURE_ACCESS_TOKEN + - SECRET_KIND_AZURE_IDENTITY_TOKEN + - SECRET_KIND_DOCKER_HUB_PERSONAL_ACCESS_TOKEN + - SECRET_KIND_GITHUB_APP_REFRESH_TOKEN + - SECRET_KIND_GITHUB_APP_SERVER_TO_SERVER_TOKEN + - SECRET_KIND_GITHUB_APP_USER_TO_SERVER_TOKEN + - SECRET_KIND_GITHUB_CLASSIC_PERSONAL_ACCESS_TOKEN + - SECRET_KIND_GITHUB_FINE_GRAINED_PERSONAL_ACCESS_TOKEN + - SECRET_KIND_GITHUB_OAUTH_TOKEN + - SECRET_KIND_HUGGINGFACE_API_KEY + - SECRET_KIND_OPENAI_API_KEY + - SECRET_KIND_PERPLEXITY_API_KEY + - SECRET_KIND_STRIPE_SECRET_KEY + - SECRET_KIND_STRIPE_RESTRICTED_KEY + - SECRET_KIND_STRIPE_WEBHOOK_SECRET + statuses: + type: array + items: + $ref: '#/components/schemas/SecretStatus' + description: Optional. Status of the secret. + locations: + type: array + description: Optional. Locations where the secret is detected. + items: + $ref: '#/components/schemas/SecretLocation' + VulnerabilityOccurrence: + properties: + extraDetails: type: string - createTime: - description: Output only. The time this occurrence was created. + description: Occurrence-specific extra details about the vulnerability. + effectiveSeverity: + enum: + - SEVERITY_UNSPECIFIED + - MINIMAL + - LOW + - MEDIUM + - HIGH + - CRITICAL + enumDescriptions: + - Unknown. + - Minimal severity. + - Low severity. + - Medium severity. + - High severity. + - Critical severity. type: string - format: google-datetime - updateTime: - description: Output only. The time this occurrence was last updated. - type: string - format: google-datetime - vulnerability: - description: Describes a security vulnerability. - $ref: '#/components/schemas/VulnerabilityOccurrence' - build: - description: Describes a verifiable build. - $ref: '#/components/schemas/BuildOccurrence' - image: - description: >- - Describes how this resource derives from the basis in the associated - note. - $ref: '#/components/schemas/ImageOccurrence' - package: - description: Describes the installation of a package on the linked resource. - $ref: '#/components/schemas/PackageOccurrence' - deployment: - description: Describes the deployment of an artifact on a runtime. - $ref: '#/components/schemas/DeploymentOccurrence' - discovery: - description: Describes when a resource was discovered. - $ref: '#/components/schemas/DiscoveryOccurrence' - attestation: - description: Describes an attestation of an artifact. - $ref: '#/components/schemas/AttestationOccurrence' - upgrade: - description: Describes an available package upgrade on the linked resource. - $ref: '#/components/schemas/UpgradeOccurrence' - compliance: - description: Describes a compliance violation on a linked resource. - $ref: '#/components/schemas/ComplianceOccurrence' - dsseAttestation: - description: Describes an attestation of an artifact using dsse. - $ref: '#/components/schemas/DSSEAttestationOccurrence' - sbomReference: - description: Describes a specific SBOM reference occurrences. - $ref: '#/components/schemas/SBOMReferenceOccurrence' - secret: - description: Describes a secret. - $ref: '#/components/schemas/SecretOccurrence' - envelope: - description: https://github.com/secure-systems-lab/dsse - $ref: '#/components/schemas/Envelope' - VulnerabilityOccurrence: - id: VulnerabilityOccurrence - description: An occurrence of a severity vulnerability on a resource. - type: object - properties: - type: description: >- - The type of package; whether native or non native (e.g., ruby gems, - node.js packages, etc.). - type: string + The distro assigned severity for this vulnerability when it is + available, otherwise this is the note provider assigned severity. + When there are multiple PackageIssues for this vulnerability, they + can have different effective severities because some might be + provided by the distro while others are provided by the language + ecosystem for a language pack. For this reason, it is advised to use + the effective severity on the PackageIssue level. In the case where + multiple PackageIssues have differing effective severities, this + field should be the highest severity for any of the PackageIssues. severity: - description: >- - Output only. The note provider assigned severity of this - vulnerability. - type: string enumDescriptions: - Unknown. - Minimal severity. @@ -539,6 +621,10 @@ components: - Medium severity. - High severity. - Critical severity. + type: string + description: >- + Output only. The note provider assigned severity of this + vulnerability. enum: - SEVERITY_UNSPECIFIED - MINIMAL @@ -546,1080 +632,997 @@ components: - MEDIUM - HIGH - CRITICAL + risk: + description: Risk information about the vulnerability, such as CISA, EPSS, etc. + $ref: '#/components/schemas/Risk' + cvssV2: + $ref: '#/components/schemas/CVSS' + description: The cvss v2 score for the vulnerability. + type: + description: >- + The type of package; whether native or non native (e.g., ruby gems, + node.js packages, etc.). + type: string + shortDescription: + type: string + description: Output only. A one sentence description of this vulnerability. + relatedUrls: + description: Output only. URLs related to this vulnerability. + items: + $ref: '#/components/schemas/RelatedUrl' + type: array + vexAssessment: + $ref: '#/components/schemas/VexAssessment' + fixAvailable: + type: boolean + description: >- + Output only. Whether at least one of the affected packages has a fix + available. cvssScore: + type: number description: >- Output only. The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity. - type: number format: float cvssv3: - description: The cvss v3 score for the vulnerability. $ref: '#/components/schemas/CVSS' + description: The cvss v3 score for the vulnerability. + longDescription: + type: string + description: Output only. A detailed description of this vulnerability. packageIssue: + items: + $ref: '#/components/schemas/PackageIssue' description: >- Required. The set of affected locations and their fixes (if available) within the associated resource. type: array - items: - $ref: '#/components/schemas/PackageIssue' - shortDescription: - description: Output only. A one sentence description of this vulnerability. - type: string - longDescription: - description: Output only. A detailed description of this vulnerability. - type: string - relatedUrls: - description: Output only. URLs related to this vulnerability. - type: array - items: - $ref: '#/components/schemas/RelatedUrl' - effectiveSeverity: - description: >- - The distro assigned severity for this vulnerability when it is - available, otherwise this is the note provider assigned severity. - When there are multiple PackageIssues for this vulnerability, they - can have different effective severities because some might be - provided by the distro while others are provided by the language - ecosystem for a language pack. For this reason, it is advised to use - the effective severity on the PackageIssue level. In the case where - multiple PackageIssues have differing effective severities, this - field should be the highest severity for any of the PackageIssues. - type: string - enumDescriptions: - - Unknown. - - Minimal severity. - - Low severity. - - Medium severity. - - High severity. - - Critical severity. - enum: - - SEVERITY_UNSPECIFIED - - MINIMAL - - LOW - - MEDIUM - - HIGH - - CRITICAL - fixAvailable: - description: >- - Output only. Whether at least one of the affected packages has a fix - available. - type: boolean cvssVersion: - description: Output only. CVSS version used to populate cvss_score and severity. - type: string - enumDescriptions: - - '' - - '' - - '' enum: - CVSS_VERSION_UNSPECIFIED - CVSS_VERSION_2 - CVSS_VERSION_3 - cvssV2: - description: The cvss v2 score for the vulnerability. - $ref: '#/components/schemas/CVSS' - vexAssessment: - $ref: '#/components/schemas/VexAssessment' - extraDetails: - description: Occurrence-specific extra details about the vulnerability. - type: string - risk: - description: Risk information about the vulnerability, such as CISA, EPSS, etc. - $ref: '#/components/schemas/Risk' - CVSS: - id: CVSS - description: >- - Common Vulnerability Scoring System. For details, see - https://www.first.org/cvss/specification-document This is a message we - will try to use for storing various versions of CVSS rather than making - a separate proto for storing a specific version. - type: object - properties: - baseScore: - description: The base score is a function of the base metric scores. - type: number - format: float - exploitabilityScore: - type: number - format: float - impactScore: - type: number - format: float - attackVector: - description: >- - Base Metrics Represents the intrinsic characteristics of a - vulnerability that are constant over time and across user - environments. type: string enumDescriptions: - '' - '' - '' - - '' - - '' - enum: - - ATTACK_VECTOR_UNSPECIFIED - - ATTACK_VECTOR_NETWORK - - ATTACK_VECTOR_ADJACENT - - ATTACK_VECTOR_LOCAL - - ATTACK_VECTOR_PHYSICAL - attackComplexity: - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - enum: - - ATTACK_COMPLEXITY_UNSPECIFIED - - ATTACK_COMPLEXITY_LOW - - ATTACK_COMPLEXITY_HIGH - - ATTACK_COMPLEXITY_MEDIUM - authentication: + description: Output only. CVSS version used to populate cvss_score and severity. + description: An occurrence of a severity vulnerability on a resource. + id: VulnerabilityOccurrence + type: object + GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSource: + id: GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSource + type: object + description: >- + Describes where the config file that kicked off the build came from. + This is effectively a pointer to the source where buildConfig came from. + properties: + entryPoint: type: string - enumDescriptions: - - '' - - '' - - '' - - '' - enum: - - AUTHENTICATION_UNSPECIFIED - - AUTHENTICATION_MULTIPLE - - AUTHENTICATION_SINGLE - - AUTHENTICATION_NONE - privilegesRequired: + digest: + additionalProperties: + type: string + type: object + uri: type: string - enumDescriptions: - - '' - - '' - - '' - - '' - enum: - - PRIVILEGES_REQUIRED_UNSPECIFIED - - PRIVILEGES_REQUIRED_NONE - - PRIVILEGES_REQUIRED_LOW - - PRIVILEGES_REQUIRED_HIGH - userInteraction: + LayerDetails: + properties: + diffId: type: string - enumDescriptions: - - '' - - '' - - '' - enum: - - USER_INTERACTION_UNSPECIFIED - - USER_INTERACTION_NONE - - USER_INTERACTION_REQUIRED - scope: - type: string - enumDescriptions: - - '' - - '' - - '' - enum: - - SCOPE_UNSPECIFIED - - SCOPE_UNCHANGED - - SCOPE_CHANGED - confidentialityImpact: - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - IMPACT_UNSPECIFIED - - IMPACT_HIGH - - IMPACT_LOW - - IMPACT_NONE - - IMPACT_PARTIAL - - IMPACT_COMPLETE - integrityImpact: + description: The diff ID (sha256 hash) of the layer in the container image. + index: + type: integer + description: The index of the layer in the container image. + format: int32 + baseImages: + items: + $ref: '#/components/schemas/BaseImage' + type: array + description: The base images the layer is found within. + chainId: + description: >- + The layer chain ID (sha256 hash) of the layer in the container + image. + https://github.com/opencontainers/image-spec/blob/main/config.md#layer-chainid type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - IMPACT_UNSPECIFIED - - IMPACT_HIGH - - IMPACT_LOW - - IMPACT_NONE - - IMPACT_PARTIAL - - IMPACT_COMPLETE - availabilityImpact: + command: + description: >- + The layer build command that was used to build the layer. This may + not be found in all layers depending on how the container image is + built. type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - IMPACT_UNSPECIFIED - - IMPACT_HIGH - - IMPACT_LOW - - IMPACT_NONE - - IMPACT_PARTIAL - - IMPACT_COMPLETE - PackageIssue: - id: PackageIssue - description: >- - A detail for a distro and package this vulnerability occurrence was - found in and its associated fix (if one is available). + type: object + id: LayerDetails + description: Details about the layer a package was found in. + InTotoSlsaProvenanceV1: + id: InTotoSlsaProvenanceV1 type: object properties: - affectedCpeUri: - description: >- - Required. The [CPE URI](https://cpe.mitre.org/specification/) this - vulnerability was found in. - type: string - affectedPackage: - description: Required. The package this vulnerability was found in. + _type: type: string - affectedVersion: - description: >- - Required. The version of the package that is installed on the - resource affected by this vulnerability. - $ref: '#/components/schemas/Version' - fixedCpeUri: description: >- - The [CPE URI](https://cpe.mitre.org/specification/) this - vulnerability was fixed in. It is possible for this to be different - from the affected_cpe_uri. + InToto spec defined at + https://github.com/in-toto/attestation/tree/main/spec#statement + predicateType: type: string - fixedPackage: + subject: + items: + $ref: '#/components/schemas/Subject' + type: array + predicate: + $ref: '#/components/schemas/SlsaProvenanceV1' + SlsaCompleteness: + id: SlsaCompleteness + properties: + environment: description: >- - The package this vulnerability was fixed in. It is possible for this - to be different from the affected_package. - type: string - fixedVersion: + If true, the builder claims that recipe.environment is claimed to be + complete. + type: boolean + materials: description: >- - Required. The version of the package this vulnerability was fixed - in. Setting this to VersionKind.MAXIMUM means no fix is yet - available. - $ref: '#/components/schemas/Version' - fixAvailable: - description: Output only. Whether a fix is available for this package. + If true, the builder claims that materials are complete, usually + through some controls to prevent network access. Sometimes called + "hermetic". + type: boolean + arguments: type: boolean - packageType: - description: The type of package (e.g. OS, MAVEN, GO). - type: string - effectiveSeverity: description: >- - Output only. The distro or language system assigned severity for - this vulnerability when that is available and note provider assigned - severity when it is not available. - readOnly: true + If true, the builder claims that recipe.arguments is complete, + meaning that all external inputs are properly captured in the + recipe. + type: object + description: >- + Indicates that the builder claims certain fields in this message to be + complete. + BuildMetadata: + properties: + invocationId: type: string - enumDescriptions: - - Unknown. - - Minimal severity. - - Low severity. - - Medium severity. - - High severity. - - Critical severity. - enum: - - SEVERITY_UNSPECIFIED - - MINIMAL - - LOW - - MEDIUM - - HIGH - - CRITICAL - fileLocation: - description: The location at which this package was found. + startedOn: + format: google-datetime + type: string + finishedOn: + format: google-datetime + type: string + id: BuildMetadata + type: object + GrafeasV1SlsaProvenanceZeroTwoSlsaMetadata: + description: Other properties of the build. + type: object + properties: + buildStartedOn: + type: string + format: google-datetime + buildInvocationId: + type: string + completeness: + $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaCompleteness' + reproducible: + type: boolean + buildFinishedOn: + type: string + format: google-datetime + id: GrafeasV1SlsaProvenanceZeroTwoSlsaMetadata + RunDetails: + id: RunDetails + properties: + byproducts: type: array items: - $ref: '#/components/schemas/GrafeasV1FileLocation' - Version: - id: Version - description: Version contains structured information about the version of a package. + $ref: '#/components/schemas/ResourceDescriptor' + builder: + $ref: '#/components/schemas/ProvenanceBuilder' + metadata: + $ref: '#/components/schemas/BuildMetadata' type: object + PackageOccurrence: + id: PackageOccurrence + description: Details on how a particular software package was installed on a system. properties: - epoch: - description: Used to correct mistakes in the version numbering scheme. - type: integer - format: int32 name: - description: >- - Required only when version kind is NORMAL. The main part of the - version name. type: string - revision: - description: The iteration of the package build from the above version. + readOnly: true + description: Required. Output only. The name of the installed package. + packageType: type: string - inclusive: - description: >- - Whether this version is specifying part of an inclusive range. - Grafeas does not have the capability to specify version ranges; - instead we have fields that specify start version and end versions. - At times this is insufficient - we also need to specify whether the - version is included in the range or is excluded from the range. This - boolean is expected to be set to true when the version is included - in a range. - type: boolean - kind: + readOnly: true description: >- - Required. Distinguishes between sentinel MIN/MAX versions and normal - versions. + Output only. The type of package; whether native or non native + (e.g., ruby gems, node.js packages, etc.). + cpeUri: type: string - enumDescriptions: - - Unknown. - - A standard package version. - - A special version representing negative infinity. - - A special version representing positive infinity. - enum: - - VERSION_KIND_UNSPECIFIED - - NORMAL - - MINIMUM - - MAXIMUM - fullName: description: >- - Human readable version string. This string is of the form :- and is - only set when kind is NORMAL. - type: string - GrafeasV1FileLocation: - id: GrafeasV1FileLocation - description: Indicates the location at which a package was found. - type: object - properties: - filePath: + Output only. The cpe_uri in [CPE + format](https://cpe.mitre.org/specification/) denoting the package + manager version distributing a package. The cpe_uri will be blank + for language packages. + readOnly: true + location: description: >- - For jars that are contained inside .war files, this filepath can - indicate the path to war file combined with the path to jar file. + All of the places within the filesystem versions of this package + have been found. + items: + $ref: '#/components/schemas/Location' + type: array + architecture: + readOnly: true + enum: + - ARCHITECTURE_UNSPECIFIED + - X86 + - X64 type: string - layerDetails: + enumDescriptions: + - Unknown architecture. + - X86 architecture. + - X64 architecture. description: >- - Each package found in a file should have its own layer metadata - (that is, information from the origin layer of the package). - $ref: '#/components/schemas/GrafeasV1LayerDetails' - GrafeasV1LayerDetails: - id: GrafeasV1LayerDetails - description: Details about the layer a package was found in. + Output only. The CPU architecture for which packages in this + distribution channel were built. Architecture will be blank for + language packages. + license: + $ref: '#/components/schemas/License' + description: Licenses that have been declared by the authors of the package. + version: + readOnly: true + $ref: '#/components/schemas/Version' + description: Output only. The version of the package. + type: object + Status: type: object + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + id: Status properties: - index: - description: The index of the layer in the container image. - type: integer - format: int32 - diffId: - description: >- - The diff ID (typically a sha256 hash) of the layer in the container - image. - type: string - chainId: - description: >- - The layer chain ID (sha256 hash) of the layer in the container - image. - https://github.com/opencontainers/image-spec/blob/main/config.md#layer-chainid + message: type: string - command: description: >- - The layer build command that was used to build the layer. This may - not be found in all layers depending on how the container image is - built. - type: string - baseImages: - description: The base images the layer is found within. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + details: type: array + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. items: - $ref: '#/components/schemas/GrafeasV1BaseImage' - GrafeasV1BaseImage: - id: GrafeasV1BaseImage - description: BaseImage describes a base image of a container image. - type: object - properties: - name: - description: The name of the base image. - type: string - repository: - description: The repository name in which the base image is from. - type: string - layerCount: - description: The number of layers that the base image is composed of. + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + code: type: integer + description: The status code, which should be an enum value of google.rpc.Code. format: int32 - RelatedUrl: - id: RelatedUrl - description: Metadata for any related URL information. - type: object + PackageData: properties: - url: - description: Specific URL associated with the resource. + unused: type: string - label: - description: Label to describe usage of the URL. + packageType: type: string - VexAssessment: - id: VexAssessment - description: >- - VexAssessment provides all publisher provided Vex information that is - related to this vulnerability. - type: object - properties: - cve: - description: >- - Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) - tracking number for the vulnerability. Deprecated: Use - vulnerability_id instead to denote CVEs. - deprecated: true + enum: + - PACKAGE_TYPE_UNSPECIFIED + - OS + - MAVEN + - GO + - GO_STDLIB + - PYPI + - NPM + - NUGET + - RUBYGEMS + - RUST + - COMPOSER + - SWIFT + enumDescriptions: + - '' + - Operating System + - Java packages from Maven. + - Go third-party packages. + - Go toolchain + standard library packages. + - Python packages. + - NPM packages. + - Nuget (C#/.NET) packages. + - Ruby packges (from RubyGems package manager). + - Rust packages from Cargo (GitHub ecosystem is `RUST`). + - PHP packages from Composer package manager. + - Swift packages from Swift Package Manager (SwiftPM). + description: 'The type of package: os, maven, go, etc.' + fileLocation: + description: The path to the jar file / go binary file. + type: array + items: + $ref: '#/components/schemas/FileLocation' + os: type: string - vulnerabilityId: description: >- - The vulnerability identifier for this Assessment. Will hold one of - common identifiers e.g. CVE, GHSA etc. + The OS affected by a vulnerability Used to generate the cpe_uri for + OS packages + version: + description: The version of the package being analysed type: string - relatedUris: + layerDetails: + $ref: '#/components/schemas/LayerDetails' + dependencyChain: description: >- - Holds a list of references associated with this vulnerability item - and assessment. - type: array + The dependency chain between this package and the user's artifact. + List in order from the customer's package under review first, to the + current package last. Inclusive of the original package and the + current package. items: - $ref: '#/components/schemas/RelatedUrl' - noteName: + $ref: '#/components/schemas/LanguagePackageDependency' + type: array + cpeUri: description: >- - The VulnerabilityAssessment note from which this VexAssessment was - generated. This will be of the form: - `projects/[PROJECT_ID]/notes/[NOTE_ID]`. - type: string - state: - description: Provides the state of this Vulnerability assessment. + The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) + in which the vulnerability may manifest. Examples include distro or + storage location for vulnerable jar. type: string - enumDescriptions: - - No state is specified. - - This product is known to be affected by this vulnerability. - - This product is known to be not affected by this vulnerability. - - This product contains a fix for this vulnerability. - - >- - It is not known yet whether these versions are or are not affected - by the vulnerability. However, it is still under investigation. - enum: - - STATE_UNSPECIFIED - - AFFECTED - - NOT_AFFECTED - - FIXED - - UNDER_INVESTIGATION - impacts: - description: >- - Contains information about the impact of this vulnerability, this - will change with time. - type: array + patchedCve: items: type: string - remediations: - description: >- - Specifies details on how to handle (and presumably, fix) a - vulnerability. + description: CVEs that this package is no longer vulnerable to + type: array + sourceVersion: + $ref: '#/components/schemas/PackageVersion' + description: DEPRECATED + licenses: type: array items: - $ref: '#/components/schemas/Remediation' - justification: + type: string description: >- - Justification provides the justification when the state of the - assessment if NOT_AFFECTED. - $ref: '#/components/schemas/Justification' - Remediation: - id: Remediation - description: >- - Specifies details on how to handle (and presumably, fix) a - vulnerability. - type: object - properties: - remediationType: - description: The type of remediation that can be applied. + The list of licenses found that are related to a given package. Note + that licenses may also be stored on the BinarySourceInfo. If there + is no BinarySourceInfo (because there's no concept of source vs + binary), then it will be stored here, while if there are + BinarySourceInfos, it will be stored there, as one source can have + multiple binaries with different licenses. + binaryVersion: + $ref: '#/components/schemas/PackageVersion' + description: DEPRECATED + package: + description: The package being analysed for vulnerabilities type: string - enumDescriptions: - - No remediation type specified. - - A MITIGATION is available. - - No fix is planned. - - Not available. - - A vendor fix is available. - - A workaround is available. - enum: - - REMEDIATION_TYPE_UNSPECIFIED - - MITIGATION - - NO_FIX_PLANNED - - NONE_AVAILABLE - - VENDOR_FIX - - WORKAROUND - details: + architecture: + description: The architecture of the package. + type: string + maintainer: + description: The maintainer of the package. + $ref: '#/components/schemas/Maintainer' + hashDigest: description: >- - Contains a comprehensive human-readable discussion of the - remediation. + HashDigest stores the SHA512 hash digest of the jar file if the + package is of type Maven. This field will be unset for non Maven + packages. + type: string + binarySourceInfo: + description: A bundle containing the binary and source information. + type: array + items: + $ref: '#/components/schemas/BinarySourceInfo' + osVersion: + description: The version of the OS Used to generate the cpe_uri for OS packages type: string - remediationUri: - description: Contains the URL where to obtain the remediation. - $ref: '#/components/schemas/RelatedUrl' - Justification: - id: Justification - description: >- - Justification provides the justification when the state of the - assessment if NOT_AFFECTED. type: object + id: PackageData + PackageIssue: properties: - justificationType: - description: The justification type for this vulnerability. + fixedCpeUri: + description: >- + The [CPE URI](https://cpe.mitre.org/specification/) this + vulnerability was fixed in. It is possible for this to be different + from the affected_cpe_uri. + type: string + affectedPackage: + type: string + description: Required. The package this vulnerability was found in. + affectedVersion: + $ref: '#/components/schemas/Version' + description: >- + Required. The version of the package that is installed on the + resource affected by this vulnerability. + fixAvailable: + description: Output only. Whether a fix is available for this package. + type: boolean + effectiveSeverity: type: string + description: >- + Output only. The distro or language system assigned severity for + this vulnerability when that is available and note provider assigned + severity when it is not available. + readOnly: true enumDescriptions: - - JUSTIFICATION_TYPE_UNSPECIFIED. - - The vulnerable component is not present in the product. - - >- - The vulnerable code is not present. Typically this case occurs - when source code is configured or built in a way that excludes the - vulnerable code. - - >- - The vulnerable code can not be executed. Typically this case - occurs when the product includes the vulnerable code but does not - call or use the vulnerable code. - - >- - The vulnerable code cannot be controlled by an attacker to exploit - the vulnerability. - - >- - The product includes built-in protections or features that prevent - exploitation of the vulnerability. These built-in protections - cannot be subverted by the attacker and cannot be configured or - disabled by the user. These mitigations completely prevent - exploitation based on known attack vectors. + - Unknown. + - Minimal severity. + - Low severity. + - Medium severity. + - High severity. + - Critical severity. enum: - - JUSTIFICATION_TYPE_UNSPECIFIED - - COMPONENT_NOT_PRESENT - - VULNERABLE_CODE_NOT_PRESENT - - VULNERABLE_CODE_NOT_IN_EXECUTE_PATH - - VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY - - INLINE_MITIGATIONS_ALREADY_EXIST - details: - description: Additional details on why this justification was chosen. + - SEVERITY_UNSPECIFIED + - MINIMAL + - LOW + - MEDIUM + - HIGH + - CRITICAL + packageType: + description: The type of package (e.g. OS, MAVEN, GO). type: string - Risk: - id: Risk - type: object - properties: - cisaKev: - description: >- - CISA maintains the authoritative source of vulnerabilities that have - been exploited in the wild. - $ref: '#/components/schemas/CISAKnownExploitedVulnerabilities' - epss: + fixedVersion: description: >- - The Exploit Prediction Scoring System (EPSS) estimates the - likelihood (probability) that a software vulnerability will be - exploited in the wild. - $ref: '#/components/schemas/ExploitPredictionScoringSystem' - CISAKnownExploitedVulnerabilities: - id: CISAKnownExploitedVulnerabilities - type: object - properties: - knownRansomwareCampaignUse: + Required. The version of the package this vulnerability was fixed + in. Setting this to VersionKind.MAXIMUM means no fix is yet + available. + $ref: '#/components/schemas/Version' + fileLocation: + type: array + description: The location at which this package was found. + items: + $ref: '#/components/schemas/GrafeasV1FileLocation' + affectedCpeUri: description: >- - Whether the vulnerability is known to have been leveraged as part of - a ransomware campaign. + Required. The [CPE URI](https://cpe.mitre.org/specification/) this + vulnerability was found in. type: string - ExploitPredictionScoringSystem: - id: ExploitPredictionScoringSystem - type: object - properties: - percentile: - description: >- - The percentile of the current score, the proportion of all scored - vulnerabilities with the same or a lower EPSS score - type: number - format: double - score: + fixedPackage: description: >- - The EPSS score representing the probability [0-1] of exploitation in - the wild in the next 30 days - type: number - format: double - BuildOccurrence: - id: BuildOccurrence - description: Details of a build occurrence. + The package this vulnerability was fixed in. It is possible for this + to be different from the affected_package. + type: string + description: >- + A detail for a distro and package this vulnerability occurrence was + found in and its associated fix (if one is available). + id: PackageIssue type: object + VexAssessment: properties: - provenance: - description: The actual provenance for the build. - $ref: '#/components/schemas/BuildProvenance' - provenanceBytes: + vulnerabilityId: description: >- - Serialized JSON representation of the provenance, used in generating - the build signature in the corresponding build note. After verifying - the signature, `provenance_bytes` can be unmarshalled and compared - to the provenance to confirm that it is unchanged. A base64-encoded - string representation of the provenance bytes is used for the - signature in order to interoperate with openssl which expects this - format for signature verification. The serialized form is captured - both to avoid ambiguity in how the provenance is marshalled to json - as well to prevent incompatibilities with future changes. + The vulnerability identifier for this Assessment. Will hold one of + common identifiers e.g. CVE, GHSA etc. type: string - intotoProvenance: - description: >- - Deprecated. See InTotoStatement for the replacement. In-toto - Provenance representation as defined in spec. - $ref: '#/components/schemas/InTotoProvenance' - intotoStatement: + justification: description: >- - In-toto Statement representation as defined in spec. The - intoto_statement can contain any type of provenance. The serialized - payload of the statement can be stored and signed in the - Occurrence's envelope. - $ref: '#/components/schemas/InTotoStatement' - inTotoSlsaProvenanceV1: + Justification provides the justification when the state of the + assessment if NOT_AFFECTED. + $ref: '#/components/schemas/Justification' + relatedUris: description: >- - In-Toto Slsa Provenance V1 represents a slsa provenance meeting the - slsa spec, wrapped in an in-toto statement. This allows for direct - jsonification of a to-spec in-toto slsa statement with a to-spec - slsa provenance. - $ref: '#/components/schemas/InTotoSlsaProvenanceV1' - BuildProvenance: - id: BuildProvenance - description: >- - Provenance of a build. Contains all information needed to verify the - full details about the build from source to completion. - type: object - properties: - id: - description: Required. Unique identifier of the build. - type: string - projectId: - description: ID of the project. - type: string - commands: - description: Commands requested by the build. - type: array + Holds a list of references associated with this vulnerability item + and assessment. items: - $ref: '#/components/schemas/Command' - builtArtifacts: - description: Output of the build. + $ref: '#/components/schemas/RelatedUrl' type: array + remediations: items: - $ref: '#/components/schemas/Artifact' - createTime: - description: Time at which the build was created. - type: string - format: google-datetime - startTime: - description: Time at which execution of the build was started. + $ref: '#/components/schemas/Remediation' + type: array + description: >- + Specifies details on how to handle (and presumably, fix) a + vulnerability. + noteName: + description: >- + The VulnerabilityAssessment note from which this VexAssessment was + generated. This will be of the form: + `projects/[PROJECT_ID]/notes/[NOTE_ID]`. type: string - format: google-datetime - endTime: - description: Time at which execution of the build was finished. + cve: type: string - format: google-datetime - creator: + deprecated: true + description: >- + Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) + tracking number for the vulnerability. Deprecated: Use + vulnerability_id instead to denote CVEs. + impacts: + items: + type: string + description: >- + Contains information about the impact of this vulnerability, this + will change with time. + type: array + state: + enum: + - STATE_UNSPECIFIED + - AFFECTED + - NOT_AFFECTED + - FIXED + - UNDER_INVESTIGATION + enumDescriptions: + - No state is specified. + - This product is known to be affected by this vulnerability. + - This product is known to be not affected by this vulnerability. + - This product contains a fix for this vulnerability. + - >- + It is not known yet whether these versions are or are not affected + by the vulnerability. However, it is still under investigation. + description: Provides the state of this Vulnerability assessment. + type: string + description: >- + VexAssessment provides all publisher provided Vex information that is + related to this vulnerability. + type: object + id: VexAssessment + BuildProvenance: + description: >- + Provenance of a build. Contains all information needed to verify the + full details about the build from source to completion. + type: object + id: BuildProvenance + properties: + creator: description: >- E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time. type: string - logsUri: - description: URI where any logs for this provenance were written. - type: string - sourceProvenance: - description: Details of the Source input to the build. - $ref: '#/components/schemas/Source' - triggerId: - description: >- - Trigger identifier if the build was triggered automatically; empty - if not. + endTime: + description: Time at which execution of the build was finished. + format: google-datetime type: string + commands: + description: Commands requested by the build. + type: array + items: + $ref: '#/components/schemas/Command' + builtArtifacts: + description: Output of the build. + items: + $ref: '#/components/schemas/Artifact' + type: array buildOptions: description: >- Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details. - type: object additionalProperties: type: string + type: object + startTime: + format: google-datetime + description: Time at which execution of the build was started. + type: string + logsUri: + description: URI where any logs for this provenance were written. + type: string builderVersion: + type: string description: Version string of the builder at the time this build was executed. + id: type: string - Command: - id: Command - description: Command describes a step performed as part of the build pipeline. + description: Required. Unique identifier of the build. + projectId: + description: ID of the project. + type: string + createTime: + format: google-datetime + description: Time at which the build was created. + type: string + sourceProvenance: + $ref: '#/components/schemas/Source' + description: Details of the Source input to the build. + triggerId: + description: >- + Trigger identifier if the build was triggered automatically; empty + if not. + type: string + ImageOccurrence: + description: >- + Details of the derived image portion of the DockerImage relationship. + This image would be produced from a Dockerfile with FROM . + id: ImageOccurrence type: object properties: - name: + layerInfo: description: >- - Required. Name of the command, as presented on the command line, or - if the command is packaged as a Docker container, as presented to - `docker pull`. - type: string - env: - description: Environment variables set before running this command. - type: array + This contains layer-specific metadata, if populated it has length + "distance" and is ordered with [distance] being the layer + immediately following the base image and [1] being the final layer. items: - type: string - args: - description: Command-line arguments used when executing this command. + $ref: '#/components/schemas/Layer' type: array - items: - type: string - dir: + fingerprint: + description: Required. The fingerprint of the derived image. + $ref: '#/components/schemas/Fingerprint' + baseResourceUrl: description: >- - Working directory (relative to project source root) used when - running this command. + Output only. This contains the base image URL for the derived image + occurrence. type: string - id: + distance: + format: int32 description: >- - Optional unique identifier for this command, used in wait_for to - reference this command as a dependency. + Output only. The number of layers by which this image differs from + the associated image basis. + type: integer + ListOperationsResponse: + type: object + properties: + nextPageToken: + description: The standard List next-page token. type: string - waitFor: - description: The ID(s) of the command(s) that this command depends on. + operations: + items: + $ref: '#/components/schemas/Operation' + description: >- + A list of operations that matches the specified filter in the + request. + type: array + unreachable: type: array items: type: string - Artifact: - id: Artifact - description: Artifact describes a build product. - type: object - properties: - checksum: description: >- - Hash or checksum value of a binary, or Docker Registry 2.0 digest of - a container. + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + id: ListOperationsResponse + description: The response message for Operations.ListOperations. + SBOMStatus: + properties: + sbomState: + description: The progress of the SBOM generation. + enumDescriptions: + - Default unknown state. + - SBOM scanning is pending. + - SBOM scanning has completed. type: string - id: + enum: + - SBOM_STATE_UNSPECIFIED + - PENDING + - COMPLETE + error: description: >- - Artifact ID, if any; for container images, this will be a URL by - digest like `gcr.io/projectID/imagename@sha256:123456`. + If there was an error generating an SBOM, this will indicate what + that error was. type: string - names: - description: >- - Related artifact names. This may be the path to a binary or jar - file, or in the case of a container build, the name used to push the - container image to Google Container Registry, as presented to - `docker push`. Note that a single Artifact ID can have multiple - names, for example if two tags are applied to one image. - type: array - items: - type: string - Source: - id: Source - description: Source describes the location of the source used for the build. + type: object + id: SBOMStatus + description: The status of an SBOM generation. + GrafeasV1FileLocation: type: object properties: - artifactStorageSourceUri: + layerDetails: description: >- - If provided, the input binary artifacts for the build came from this - location. + Each package found in a file should have its own layer metadata + (that is, information from the origin layer of the package). + $ref: '#/components/schemas/GrafeasV1LayerDetails' + filePath: type: string - fileHashes: description: >- - Hash(es) of the build source, which can be used to verify that the - original source integrity was maintained in the build. The keys to - this map are file paths used as build source and the values contain - the hash values for those files. If the build source came in a - single package such as a gzipped tarfile (.tar.gz), the FileHash - will be for the single path to that file. - type: object - additionalProperties: - $ref: '#/components/schemas/FileHashes' - context: + For jars that are contained inside .war files, this filepath can + indicate the path to war file combined with the path to jar file. + description: Indicates the location at which a package was found. + id: GrafeasV1FileLocation + Completeness: + properties: + materials: + type: boolean description: >- - If provided, the source code used for the build came from this - location. - $ref: '#/components/schemas/SourceContext' - additionalContexts: + If true, the builder claims that materials are complete, usually + through some controls to prevent network access. Sometimes called + "hermetic". + arguments: description: >- - If provided, some of the source code used for the build may be found - in these locations, in the case where the source repository had - multiple remotes or submodules. This list will not include the - context specified in the context field. - type: array - items: - $ref: '#/components/schemas/SourceContext' - FileHashes: - id: FileHashes - description: >- - Container message for hashes of byte content of files, used in source - messages to verify integrity of source input to the build. + If true, the builder claims that recipe.arguments is complete, + meaning that all external inputs are properly captured in the + recipe. + type: boolean + environment: + type: boolean + description: >- + If true, the builder claims that recipe.environment is claimed to be + complete. type: object + description: >- + Indicates that the builder claims certain fields in this message to be + complete. + id: Completeness + Operation: properties: - fileHash: - description: Required. Collection of file hashes. - type: array - items: - $ref: '#/components/schemas/Hash' - Hash: - id: Hash - description: Container message for hash values. - type: object - properties: - type: - description: Required. The type of hash that was performed, e.g. "SHA-256". - type: string - value: - description: Required. The hash value. - type: string - format: byte - SourceContext: - id: SourceContext - description: >- - A SourceContext is a reference to a tree of files. A SourceContext - together with a path point to a unique revision of a single file or - directory. - type: object - properties: - cloudRepo: - description: >- - A SourceContext referring to a revision in a Google Cloud Source - Repo. - $ref: '#/components/schemas/CloudRepoSourceContext' - gerrit: - description: A SourceContext referring to a Gerrit project. - $ref: '#/components/schemas/GerritSourceContext' - git: + response: description: >- - A SourceContext referring to any third party Git repo (e.g., - GitHub). - $ref: '#/components/schemas/GitSourceContext' - labels: - description: Labels with user defined metadata. + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. type: object additionalProperties: - type: string - CloudRepoSourceContext: - id: CloudRepoSourceContext - description: >- - A CloudRepoSourceContext denotes a particular revision in a Google Cloud - Source Repo. - type: object - properties: - repoId: - description: The ID of the repo. - $ref: '#/components/schemas/RepoId' - revisionId: - description: A revision ID. + description: Properties of the object. Contains field @type with type URL. + type: any + metadata: + type: object + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string - aliasContext: - description: An alias, which may be a branch or tag. - $ref: '#/components/schemas/AliasContext' - RepoId: - id: RepoId - description: A unique identifier for a Cloud Repo. + description: >- + This resource represents a long-running operation that is the result of + a network API call. + id: Operation type: object - properties: - projectRepoId: - description: A combination of a project ID and a repo name. - $ref: '#/components/schemas/ProjectRepoId' - uid: - description: A server-assigned, globally unique identifier. - type: string - ProjectRepoId: - id: ProjectRepoId + AnalyzePackagesMetadataV1: description: >- - Selects a repo using a Google Cloud Platform project ID (e.g., - winged-cargo-31) and a repo name within that project. + AnalyzePackagesMetadata contains metadata for an active scan of a + container image. + id: AnalyzePackagesMetadataV1 type: object properties: - projectId: - description: The ID of the project. + createTime: type: string - repoName: - description: The name of the repo. Leave empty for the default repo. + description: When the scan was created. + format: google-datetime + resourceUri: + description: The resource URI of the container image being scanned. type: string - AliasContext: - id: AliasContext - description: An alias to a repo revision. - type: object + UpgradeDistribution: properties: - kind: - description: The alias kind. - type: string - enumDescriptions: - - Unknown. - - Git tag. - - Git branch. - - >- - Used to specify non-standard aliases. For example, if a Git repo - has a ref named "refs/foo/bar". - enum: - - KIND_UNSPECIFIED - - FIXED - - MOVABLE - - OTHER - name: - description: The alias name. + severity: + description: The severity as specified by the upstream operating system. type: string - GerritSourceContext: - id: GerritSourceContext - description: A SourceContext referring to a Gerrit project. - type: object - properties: - hostUri: - description: The URI of a running Gerrit instance. + cpeUri: type: string - gerritProject: description: >- - The full project name within the host. Projects may be nested, so - "project/subproject" is a valid project name. The "repo name" is the - hostURI/project. - type: string - revisionId: - description: A revision (commit) ID. + Required - The specific operating system this metadata applies to. + See https://cpe.mitre.org/specification/. + cve: + description: The cve tied to this Upgrade. + type: array + items: + type: string + classification: + description: >- + The operating system classification of this Upgrade, as specified by + the upstream operating system upgrade feed. For Windows the + classification is one of the category_ids listed at + https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85) type: string - aliasContext: - description: An alias, which may be a branch or tag. - $ref: '#/components/schemas/AliasContext' - GitSourceContext: - id: GitSourceContext + type: object + id: UpgradeDistribution description: >- - A GitSourceContext denotes a particular revision in a third party Git - repository (e.g., GitHub). + The Upgrade Distribution represents metadata about the Upgrade for each + operating system (CPE). Some distributions have additional metadata + around updates, classifying them into various categories and severities. + Artifact: type: object properties: - url: - description: Git repository URL. - type: string - revisionId: - description: Git commit hash. + checksum: type: string - InTotoProvenance: - id: InTotoProvenance - type: object - properties: - builderConfig: - description: required - $ref: '#/components/schemas/BuilderConfig' - recipe: - description: >- - Identifies the configuration used for the build. When combined with - materials, this SHOULD fully describe the build, such that - re-running this recipe results in bit-for-bit identical output (if - the build is reproducible). required - $ref: '#/components/schemas/Recipe' - metadata: - $ref: '#/components/schemas/Metadata' - materials: description: >- - The collection of artifacts that influenced the build including - sources, dependencies, build tools, base images, and so on. This is - considered to be incomplete unless metadata.completeness.materials - is true. Unset or null is equivalent to empty. - type: array + Hash or checksum value of a binary, or Docker Registry 2.0 digest of + a container. + names: items: type: string - BuilderConfig: - id: BuilderConfig - type: object - properties: + type: array + description: >- + Related artifact names. This may be the path to a binary or jar + file, or in the case of a container build, the name used to push the + container image to Google Container Registry, as presented to + `docker push`. Note that a single Artifact ID can have multiple + names, for example if two tags are applied to one image. id: + description: >- + Artifact ID, if any; for container images, this will be a URL by + digest like `gcr.io/projectID/imagename@sha256:123456`. type: string - Recipe: - id: Recipe - description: >- - Steps taken to build the artifact. For a TaskRun, typically each - container corresponds to one step in the recipe. - type: object + description: Artifact describes a build product. + id: Artifact + Jwt: properties: - type: + compactJwt: description: >- - URI indicating what type of recipe was performed. It determines the - meaning of recipe.entryPoint, recipe.arguments, recipe.environment, - and materials. + The compact encoding of a JWS, which is always three base64 encoded + strings joined by periods. For details, see: + https://tools.ietf.org/html/rfc7515.html#section-3.1 type: string - definedInMaterial: - description: >- - Index in materials containing the recipe steps that are not implied - by recipe.type. For example, if the recipe type were "make", then - this would point to the source containing the Makefile, not the make - program itself. Set to -1 if the recipe doesn't come from a - material, as zero is default unset value for int64. + type: object + id: Jwt + GrafeasV1SlsaProvenanceZeroTwoSlsaBuilder: + description: >- + Identifies the entity that executed the recipe, which is trusted to have + correctly performed the operation and populated this provenance. + id: GrafeasV1SlsaProvenanceZeroTwoSlsaBuilder + type: object + properties: + id: type: string - format: int64 - entryPoint: - description: >- - String identifying the entry point into the build. This is often a - path to a configuration file and/or a target label within that file. - The syntax and meaning are defined by recipe.type. For example, if - the recipe type were "make", then this would reference the directory - in which to run make as well as which target to use. + Envelope: + description: >- + MUST match + https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. + An authenticated message of arbitrary type. + id: Envelope + properties: + payload: + format: byte type: string - arguments: - description: >- - Collection of all external inputs that influenced the build on top - of recipe.definedInMaterial and recipe.entryPoint. For example, if - the recipe type were "make", then this might be the flags passed to - make aside from the target, which is captured in recipe.entryPoint. - Since the arguments field can greatly vary in structure, depending - on the builder and recipe type, this is of form "Any". - type: array + signatures: items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - environment: + $ref: '#/components/schemas/EnvelopeSignature' + type: array + payloadType: + type: string + type: object + BinarySourceInfo: + id: BinarySourceInfo + type: object + properties: + binaryVersion: description: >- - Any other builder-controlled inputs necessary for correctly - evaluating the recipe. Usually only needed for reproducing the build - but not evaluated as part of policy. Since the environment field can - greatly vary in structure, depending on the builder and recipe type, - this is of form "Any". + The binary package. This is significant when the source is different + than the binary itself. Historically if they've differed, we've + stored the name of the source and its version in the package/version + fields, but we should also store the binary package info, as that's + what's actually installed. + $ref: '#/components/schemas/PackageVersion' + sourceVersion: + $ref: '#/components/schemas/PackageVersion' + description: >- + The source package. Similar to the above, this is significant when + the source is different than the binary itself. Since the top-level + package/version fields are based on an if/else, we need a separate + field for both binary and source if we want to know definitively + where the data is coming from. + BuilderConfig: + type: object + properties: + id: + type: string + id: BuilderConfig + AnalysisCompleted: + type: object + id: AnalysisCompleted + description: >- + Indicates which analysis completed successfully. Multiple types of + analysis can be performed on a single resource. + properties: + analysisType: + items: + type: string type: array + File: + type: object + id: File + properties: + name: + type: string + digest: + type: object + additionalProperties: + type: string + ComplianceOccurrence: + description: >- + An indication that the compliance checks in the associated + ComplianceNote were not satisfied for particular resources or a + specified reason. + properties: + version: + $ref: '#/components/schemas/ComplianceVersion' + description: The OS and config version the benchmark was run on. + nonComplianceReason: + type: string + nonCompliantFiles: items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Metadata: - id: Metadata - description: Other properties of the build. + $ref: '#/components/schemas/NonCompliantFile' + type: array + id: ComplianceOccurrence type: object + SlsaMetadata: + description: Other properties of the build. properties: + completeness: + $ref: '#/components/schemas/SlsaCompleteness' + description: >- + Indicates that the builder claims certain fields in this message to + be complete. + buildStartedOn: + description: The timestamp of when the build started. + format: google-datetime + type: string buildInvocationId: description: >- Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec. type: string - buildStartedOn: - description: The timestamp of when the build started. - type: string - format: google-datetime buildFinishedOn: + format: google-datetime description: The timestamp of when the build completed. type: string - format: google-datetime - completeness: - description: >- - Indicates that the builder claims certain fields in this message to - be complete. - $ref: '#/components/schemas/Completeness' reproducible: + type: boolean description: >- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output. - type: boolean - Completeness: - id: Completeness + type: object + id: SlsaMetadata + FileHashes: + properties: + fileHash: + type: array + items: + $ref: '#/components/schemas/Hash' + description: Required. Collection of file hashes. + type: object description: >- - Indicates that the builder claims certain fields in this message to be - complete. + Container message for hashes of byte content of files, used in source + messages to verify integrity of source input to the build. + id: FileHashes + InTotoProvenance: + id: InTotoProvenance type: object properties: - arguments: - description: >- - If true, the builder claims that recipe.arguments is complete, - meaning that all external inputs are properly captured in the - recipe. - type: boolean - environment: - description: >- - If true, the builder claims that recipe.environment is claimed to be - complete. - type: boolean + metadata: + $ref: '#/components/schemas/Metadata' materials: + items: + type: string description: >- - If true, the builder claims that materials are complete, usually - through some controls to prevent network access. Sometimes called - "hermetic". - type: boolean + The collection of artifacts that influenced the build including + sources, dependencies, build tools, base images, and so on. This is + considered to be incomplete unless metadata.completeness.materials + is true. Unset or null is equivalent to empty. + type: array + recipe: + description: >- + Identifies the configuration used for the build. When combined with + materials, this SHOULD fully describe the build, such that + re-running this recipe results in bit-for-bit identical output (if + the build is reproducible). required + $ref: '#/components/schemas/Recipe' + builderConfig: + description: required + $ref: '#/components/schemas/BuilderConfig' + CloudRepoSourceContext: + properties: + repoId: + description: The ID of the repo. + $ref: '#/components/schemas/RepoId' + revisionId: + description: A revision ID. + type: string + aliasContext: + description: An alias, which may be a branch or tag. + $ref: '#/components/schemas/AliasContext' + id: CloudRepoSourceContext + description: >- + A CloudRepoSourceContext denotes a particular revision in a Google Cloud + Source Repo. + type: object InTotoStatement: id: InTotoStatement description: >- @@ -1629,750 +1632,854 @@ components: Envelope.payloadType is always "application/vnd.in-toto+json". type: object properties: - _type: - description: Always `https://in-toto.io/Statement/v0.1`. - type: string + slsaProvenance: + $ref: '#/components/schemas/SlsaProvenance' + slsaProvenanceZeroTwo: + $ref: '#/components/schemas/SlsaProvenanceZeroTwo' subject: - type: array items: $ref: '#/components/schemas/Subject' + type: array predicateType: - description: '`https://slsa.dev/provenance/v0.1` for SlsaProvenance.' type: string + description: '`https://slsa.dev/provenance/v0.1` for SlsaProvenance.' provenance: $ref: '#/components/schemas/InTotoProvenance' - slsaProvenance: - $ref: '#/components/schemas/SlsaProvenance' - slsaProvenanceZeroTwo: - $ref: '#/components/schemas/SlsaProvenanceZeroTwo' - Subject: - id: Subject + _type: + type: string + description: Always `https://in-toto.io/Statement/v0.1`. + DSSEAttestationOccurrence: + description: >- + Deprecated. Prefer to use a regular Occurrence, and populate the + Envelope at the top level of the Occurrence. type: object properties: - name: - type: string - digest: + envelope: description: >- - `"": ""` Algorithms can be e.g. sha256, sha512 See - https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet + If doing something security critical, make sure to verify the + signatures in this metadata. + $ref: '#/components/schemas/Envelope' + statement: + $ref: '#/components/schemas/InTotoStatement' + id: DSSEAttestationOccurrence + GrafeasV1SlsaProvenanceZeroTwoSlsaMaterial: + properties: + digest: type: object additionalProperties: type: string - SlsaProvenance: - id: SlsaProvenance - type: object - properties: - builder: - description: required - $ref: '#/components/schemas/SlsaBuilder' - recipe: - description: >- - Identifies the configuration used for the build. When combined with - materials, this SHOULD fully describe the build, such that - re-running this recipe results in bit-for-bit identical output (if - the build is reproducible). required - $ref: '#/components/schemas/SlsaRecipe' - metadata: - $ref: '#/components/schemas/SlsaMetadata' - materials: - description: >- - The collection of artifacts that influenced the build including - sources, dependencies, build tools, base images, and so on. This is - considered to be incomplete unless metadata.completeness.materials - is true. Unset or null is equivalent to empty. - type: array - items: - $ref: '#/components/schemas/Material' - SlsaBuilder: - id: SlsaBuilder + uri: + type: string type: object + description: >- + The collection of artifacts that influenced the build including sources, + dependencies, build tools, base images, and so on. + id: GrafeasV1SlsaProvenanceZeroTwoSlsaMaterial + AliasContext: properties: - id: + kind: + enumDescriptions: + - Unknown. + - Git tag. + - Git branch. + - >- + Used to specify non-standard aliases. For example, if a Git repo + has a ref named "refs/foo/bar". + description: The alias kind. type: string - SlsaRecipe: - id: SlsaRecipe - description: >- - Steps taken to build the artifact. For a TaskRun, typically each - container corresponds to one step in the recipe. + enum: + - KIND_UNSPECIFIED + - FIXED + - MOVABLE + - OTHER + name: + description: The alias name. + type: string + id: AliasContext + description: An alias to a repo revision. type: object + EnvelopeSignature: + id: EnvelopeSignature properties: - type: - description: >- - URI indicating what type of recipe was performed. It determines the - meaning of recipe.entryPoint, recipe.arguments, recipe.environment, - and materials. - type: string - definedInMaterial: - description: >- - Index in materials containing the recipe steps that are not implied - by recipe.type. For example, if the recipe type were "make", then - this would point to the source containing the Makefile, not the make - program itself. Set to -1 if the recipe doesn't come from a - material, as zero is default unset value for int64. + keyid: type: string - format: int64 - entryPoint: - description: >- - String identifying the entry point into the build. This is often a - path to a configuration file and/or a target label within that file. - The syntax and meaning are defined by recipe.type. For example, if - the recipe type were "make", then this would reference the directory - in which to run make as well as which target to use. + sig: + format: byte type: string - arguments: - description: >- - Collection of all external inputs that influenced the build on top - of recipe.definedInMaterial and recipe.entryPoint. For example, if - the recipe type were "make", then this might be the flags passed to - make aside from the target, which is captured in recipe.entryPoint. - Depending on the recipe Type, the structure may be different. - type: object + type: object + BuildDefinition: + properties: + externalParameters: additionalProperties: + description: Properties of the object. type: any - description: Properties of the object. Contains field @type with type URL. - environment: - description: >- - Any other builder-controlled inputs necessary for correctly - evaluating the recipe. Usually only needed for reproducing the build - but not evaluated as part of policy. Depending on the recipe Type, - the structure may be different. type: object + buildType: + type: string + resolvedDependencies: + items: + $ref: '#/components/schemas/ResourceDescriptor' + type: array + internalParameters: additionalProperties: + description: Properties of the object. type: any - description: Properties of the object. Contains field @type with type URL. - SlsaMetadata: - id: SlsaMetadata - description: Other properties of the build. + type: object + id: BuildDefinition type: object + Command: properties: - buildInvocationId: + id: description: >- - Identifies the particular build invocation, which can be useful for - finding associated logs or other ad-hoc analysis. The value SHOULD - be globally unique, per in-toto Provenance spec. - type: string - buildStartedOn: - description: The timestamp of when the build started. + Optional unique identifier for this command, used in wait_for to + reference this command as a dependency. type: string - format: google-datetime - buildFinishedOn: - description: The timestamp of when the build completed. + waitFor: + description: The ID(s) of the command(s) that this command depends on. + type: array + items: + type: string + env: + description: Environment variables set before running this command. + items: + type: string + type: array + dir: type: string - format: google-datetime - completeness: description: >- - Indicates that the builder claims certain fields in this message to - be complete. - $ref: '#/components/schemas/SlsaCompleteness' - reproducible: + Working directory (relative to project source root) used when + running this command. + name: description: >- - If true, the builder claims that running the recipe on materials - will produce bit-for-bit identical output. - type: boolean - SlsaCompleteness: - id: SlsaCompleteness - description: >- - Indicates that the builder claims certain fields in this message to be - complete. + Required. Name of the command, as presented on the command line, or + if the command is packaged as a Docker container, as presented to + `docker pull`. + type: string + args: + description: Command-line arguments used when executing this command. + items: + type: string + type: array + id: Command type: object + description: Command describes a step performed as part of the build pipeline. + CVSS: + description: >- + Common Vulnerability Scoring System. For details, see + https://www.first.org/cvss/specification-document This is a message we + will try to use for storing various versions of CVSS rather than making + a separate proto for storing a specific version. + id: CVSS properties: - arguments: + authentication: + enum: + - AUTHENTICATION_UNSPECIFIED + - AUTHENTICATION_MULTIPLE + - AUTHENTICATION_SINGLE + - AUTHENTICATION_NONE + type: string + enumDescriptions: + - '' + - '' + - '' + - '' + confidentialityImpact: + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + enum: + - IMPACT_UNSPECIFIED + - IMPACT_HIGH + - IMPACT_LOW + - IMPACT_NONE + - IMPACT_PARTIAL + - IMPACT_COMPLETE + type: string + attackVector: + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + type: string description: >- - If true, the builder claims that recipe.arguments is complete, - meaning that all external inputs are properly captured in the - recipe. - type: boolean - environment: + Base Metrics Represents the intrinsic characteristics of a + vulnerability that are constant over time and across user + environments. + enum: + - ATTACK_VECTOR_UNSPECIFIED + - ATTACK_VECTOR_NETWORK + - ATTACK_VECTOR_ADJACENT + - ATTACK_VECTOR_LOCAL + - ATTACK_VECTOR_PHYSICAL + integrityImpact: + type: string + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + enum: + - IMPACT_UNSPECIFIED + - IMPACT_HIGH + - IMPACT_LOW + - IMPACT_NONE + - IMPACT_PARTIAL + - IMPACT_COMPLETE + exploitabilityScore: + format: float + type: number + availabilityImpact: + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + type: string + enum: + - IMPACT_UNSPECIFIED + - IMPACT_HIGH + - IMPACT_LOW + - IMPACT_NONE + - IMPACT_PARTIAL + - IMPACT_COMPLETE + baseScore: + type: number + description: The base score is a function of the base metric scores. + format: float + userInteraction: + enum: + - USER_INTERACTION_UNSPECIFIED + - USER_INTERACTION_NONE + - USER_INTERACTION_REQUIRED + type: string + enumDescriptions: + - '' + - '' + - '' + privilegesRequired: + type: string + enum: + - PRIVILEGES_REQUIRED_UNSPECIFIED + - PRIVILEGES_REQUIRED_NONE + - PRIVILEGES_REQUIRED_LOW + - PRIVILEGES_REQUIRED_HIGH + enumDescriptions: + - '' + - '' + - '' + - '' + impactScore: + type: number + format: float + scope: + type: string + enumDescriptions: + - '' + - '' + - '' + enum: + - SCOPE_UNSPECIFIED + - SCOPE_UNCHANGED + - SCOPE_CHANGED + attackComplexity: + enumDescriptions: + - '' + - '' + - '' + - '' + enum: + - ATTACK_COMPLEXITY_UNSPECIFIED + - ATTACK_COMPLEXITY_LOW + - ATTACK_COMPLEXITY_HIGH + - ATTACK_COMPLEXITY_MEDIUM + type: string + type: object + Fingerprint: + properties: + v2Blob: + description: Required. The ordered list of v2 blobs that represent a given image. + items: + type: string + type: array + v1Name: description: >- - If true, the builder claims that recipe.environment is claimed to be - complete. - type: boolean - materials: + Required. The layer ID of the final layer in the Docker image's v1 + representation. + type: string + v2Name: description: >- - If true, the builder claims that materials are complete, usually - through some controls to prevent network access. Sometimes called - "hermetic". - type: boolean - Material: - id: Material + Output only. The name of the image's v2 blobs computed via: [bottom] + := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the + name of the final blob is kept. + type: string + id: Fingerprint + type: object + description: A set of properties that uniquely identify a given Docker image. + WindowsUpdate: + id: WindowsUpdate type: object + description: >- + Windows Update represents the metadata about the update for the Windows + operating system. The fields in this message come from the Windows + Update API documented at + https://docs.microsoft.com/en-us/windows/win32/api/wuapi/nn-wuapi-iupdate. properties: - uri: + lastPublishedTimestamp: type: string - digest: - type: object - additionalProperties: + format: google-datetime + description: The last published timestamp of the update. + identity: + description: Required - The unique identifier for the update. + $ref: '#/components/schemas/Identity' + supportUrl: + type: string + description: The hyperlink to the support information for the update. + kbArticleIds: + type: array + items: type: string - SlsaProvenanceZeroTwo: - id: SlsaProvenanceZeroTwo - description: See full explanation of fields at slsa.dev/provenance/v0.2. - type: object - properties: - builder: - $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaBuilder' - buildType: + description: >- + The Microsoft Knowledge Base article IDs that are associated with + the update. + description: type: string - invocation: - $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaInvocation' - buildConfig: - type: object - additionalProperties: - type: any - description: Properties of the object. - metadata: - $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaMetadata' - materials: + description: The localized description of the update. + categories: + description: The list of categories to which the update belongs. type: array items: - $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaMaterial' - GrafeasV1SlsaProvenanceZeroTwoSlsaBuilder: - id: GrafeasV1SlsaProvenanceZeroTwoSlsaBuilder - description: >- - Identifies the entity that executed the recipe, which is trusted to have - correctly performed the operation and populated this provenance. - type: object - properties: - id: + $ref: '#/components/schemas/Category' + title: type: string - GrafeasV1SlsaProvenanceZeroTwoSlsaInvocation: - id: GrafeasV1SlsaProvenanceZeroTwoSlsaInvocation - description: Identifies the event that kicked off the build. + description: The localized title of the update. + SourceContext: type: object + description: >- + A SourceContext is a reference to a tree of files. A SourceContext + together with a path point to a unique revision of a single file or + directory. + id: SourceContext properties: - configSource: - $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSource' - parameters: - type: object + git: + $ref: '#/components/schemas/GitSourceContext' + description: >- + A SourceContext referring to any third party Git repo (e.g., + GitHub). + labels: additionalProperties: - type: any - description: Properties of the object. - environment: + type: string + description: Labels with user defined metadata. type: object - additionalProperties: - type: any - description: Properties of the object. - GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSource: - id: GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSource - description: >- - Describes where the config file that kicked off the build came from. - This is effectively a pointer to the source where buildConfig came from. + cloudRepo: + $ref: '#/components/schemas/CloudRepoSourceContext' + description: >- + A SourceContext referring to a revision in a Google Cloud Source + Repo. + gerrit: + description: A SourceContext referring to a Gerrit project. + $ref: '#/components/schemas/GerritSourceContext' + DeploymentOccurrence: type: object + id: DeploymentOccurrence + description: The period during which some deployable was active in a runtime. properties: - uri: + deployTime: + format: google-datetime + description: Required. Beginning of the lifetime of this deployment. type: string - digest: - type: object - additionalProperties: + resourceUri: + items: type: string - entryPoint: + description: >- + Output only. Resource URI for the artifact being deployed taken from + the deployable field with the same name. + type: array + userEmail: type: string - GrafeasV1SlsaProvenanceZeroTwoSlsaMetadata: - id: GrafeasV1SlsaProvenanceZeroTwoSlsaMetadata - description: Other properties of the build. - type: object - properties: - buildInvocationId: + description: Identity of the user that triggered this deployment. + address: + description: Address of the runtime element hosting this deployment. type: string - buildStartedOn: + config: type: string - format: google-datetime - buildFinishedOn: + description: Configuration used to create this deployment. + platform: + enum: + - PLATFORM_UNSPECIFIED + - GKE + - FLEX + - CUSTOM + enumDescriptions: + - Unknown. + - Google Container Engine. + - 'Google App Engine: Flexible Environment.' + - Custom user-defined platform. + description: Platform hosting this deployment. type: string + undeployTime: + type: string + description: End of the lifetime of this deployment. format: google-datetime - completeness: - $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaCompleteness' - reproducible: - type: boolean - GrafeasV1SlsaProvenanceZeroTwoSlsaCompleteness: - id: GrafeasV1SlsaProvenanceZeroTwoSlsaCompleteness - description: >- - Indicates that the builder claims certain fields in this message to be - complete. - type: object - properties: - parameters: - type: boolean - environment: - type: boolean - materials: - type: boolean - GrafeasV1SlsaProvenanceZeroTwoSlsaMaterial: - id: GrafeasV1SlsaProvenanceZeroTwoSlsaMaterial - description: >- - The collection of artifacts that influenced the build including sources, - dependencies, build tools, base images, and so on. + SlsaRecipe: type: object properties: - uri: + entryPoint: + description: >- + String identifying the entry point into the build. This is often a + path to a configuration file and/or a target label within that file. + The syntax and meaning are defined by recipe.type. For example, if + the recipe type were "make", then this would reference the directory + in which to run make as well as which target to use. type: string - digest: + environment: type: object + description: >- + Any other builder-controlled inputs necessary for correctly + evaluating the recipe. Usually only needed for reproducing the build + but not evaluated as part of policy. Depending on the recipe Type, + the structure may be different. additionalProperties: - type: string - InTotoSlsaProvenanceV1: - id: InTotoSlsaProvenanceV1 - type: object - properties: - _type: + type: any + description: Properties of the object. Contains field @type with type URL. + type: description: >- - InToto spec defined at - https://github.com/in-toto/attestation/tree/main/spec#statement - type: string - subject: - type: array - items: - $ref: '#/components/schemas/Subject' - predicateType: - type: string - predicate: - $ref: '#/components/schemas/SlsaProvenanceV1' - SlsaProvenanceV1: - id: SlsaProvenanceV1 - description: >- - Keep in sync with schema at - https://github.com/slsa-framework/slsa/blob/main/docs/provenance/schema/v1/provenance.proto - Builder renamed to ProvenanceBuilder because of Java conflicts. - type: object - properties: - buildDefinition: - $ref: '#/components/schemas/BuildDefinition' - runDetails: - $ref: '#/components/schemas/RunDetails' - BuildDefinition: - id: BuildDefinition - type: object - properties: - buildType: + URI indicating what type of recipe was performed. It determines the + meaning of recipe.entryPoint, recipe.arguments, recipe.environment, + and materials. type: string - externalParameters: - type: object + arguments: + description: >- + Collection of all external inputs that influenced the build on top + of recipe.definedInMaterial and recipe.entryPoint. For example, if + the recipe type were "make", then this might be the flags passed to + make aside from the target, which is captured in recipe.entryPoint. + Depending on the recipe Type, the structure may be different. additionalProperties: type: any - description: Properties of the object. - internalParameters: + description: Properties of the object. Contains field @type with type URL. type: object - additionalProperties: - type: any - description: Properties of the object. - resolvedDependencies: - type: array - items: - $ref: '#/components/schemas/ResourceDescriptor' - ResourceDescriptor: - id: ResourceDescriptor - type: object + definedInMaterial: + type: string + format: int64 + description: >- + Index in materials containing the recipe steps that are not implied + by recipe.type. For example, if the recipe type were "make", then + this would point to the source containing the Makefile, not the make + program itself. Set to -1 if the recipe doesn't come from a + material, as zero is default unset value for int64. + description: >- + Steps taken to build the artifact. For a TaskRun, typically each + container corresponds to one step in the recipe. + id: SlsaRecipe + SbomReferenceIntotoPredicate: properties: - name: + mimeType: type: string - uri: + description: The mime type of the SBOM. + location: + description: The location of the SBOM. type: string digest: + description: A map of algorithm to digest of the contents of the SBOM. type: object additionalProperties: type: string - content: - type: string - format: byte - downloadLocation: - type: string - mediaType: + referrerId: type: string - annotations: - type: object - additionalProperties: - type: any - RunDetails: - id: RunDetails + description: The person or system referring this predicate to the consumer. + description: A predicate which describes the SBOM being referenced. type: object - properties: - builder: - $ref: '#/components/schemas/ProvenanceBuilder' - metadata: - $ref: '#/components/schemas/BuildMetadata' - byproducts: - type: array - items: - $ref: '#/components/schemas/ResourceDescriptor' - ProvenanceBuilder: - id: ProvenanceBuilder + id: SbomReferenceIntotoPredicate + Risk: type: object + id: Risk properties: - id: - type: string - version: + cisaKev: + $ref: '#/components/schemas/CISAKnownExploitedVulnerabilities' + description: >- + CISA maintains the authoritative source of vulnerabilities that have + been exploited in the wild. + epss: + description: >- + The Exploit Prediction Scoring System (EPSS) estimates the + likelihood (probability) that a software vulnerability will be + exploited in the wild. + $ref: '#/components/schemas/ExploitPredictionScoringSystem' + SlsaProvenanceZeroTwo: + properties: + builder: + $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaBuilder' + invocation: + $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaInvocation' + buildConfig: type: object additionalProperties: - type: string - builderDependencies: + description: Properties of the object. + type: any + metadata: + $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaMetadata' + materials: type: array items: - $ref: '#/components/schemas/ResourceDescriptor' - BuildMetadata: - id: BuildMetadata - type: object - properties: - invocationId: - type: string - startedOn: - type: string - format: google-datetime - finishedOn: + $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaMaterial' + buildType: type: string - format: google-datetime - ImageOccurrence: - id: ImageOccurrence - description: >- - Details of the derived image portion of the DockerImage relationship. - This image would be produced from a Dockerfile with FROM . + description: See full explanation of fields at slsa.dev/provenance/v0.2. + id: SlsaProvenanceZeroTwo type: object - properties: - fingerprint: - description: Required. The fingerprint of the derived image. - $ref: '#/components/schemas/Fingerprint' - distance: - description: >- - Output only. The number of layers by which this image differs from - the associated image basis. - type: integer - format: int32 - layerInfo: - description: >- - This contains layer-specific metadata, if populated it has length - "distance" and is ordered with [distance] being the layer - immediately following the base image and [1] being the final layer. - type: array - items: - $ref: '#/components/schemas/Layer' - baseResourceUrl: - description: >- - Output only. This contains the base image URL for the derived image - occurrence. - type: string - Fingerprint: - id: Fingerprint - description: A set of properties that uniquely identify a given Docker image. + RepoId: type: object + id: RepoId properties: - v1Name: - description: >- - Required. The layer ID of the final layer in the Docker image's v1 - representation. - type: string - v2Blob: - description: Required. The ordered list of v2 blobs that represent a given image. - type: array - items: - type: string - v2Name: - description: >- - Output only. The name of the image's v2 blobs computed via: [bottom] - := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the - name of the final blob is kept. + projectRepoId: + description: A combination of a project ID and a repo name. + $ref: '#/components/schemas/ProjectRepoId' + uid: type: string - Layer: - id: Layer - description: Layer holds metadata specific to a layer of a Docker image. + description: A server-assigned, globally unique identifier. + description: A unique identifier for a Cloud Repo. + AnalyzePackagesMetadata: + description: >- + AnalyzePackagesMetadata contains metadata for an active scan of a + container image. type: object properties: - directive: - description: >- - Required. The recovered Dockerfile directive used to construct this - layer. See https://docs.docker.com/engine/reference/builder/ for - more information. + resourceUri: type: string - arguments: - description: The recovered arguments to the Dockerfile directive. + description: The resource URI of the container image being scanned. + createTime: + format: google-datetime + description: When the scan was created. type: string - PackageOccurrence: - id: PackageOccurrence - description: Details on how a particular software package was installed on a system. - type: object + id: AnalyzePackagesMetadata + LanguagePackageDependency: + id: LanguagePackageDependency properties: - name: - description: Required. Output only. The name of the installed package. - readOnly: true - type: string - location: - description: >- - All of the places within the filesystem versions of this package - have been found. - type: array - items: - $ref: '#/components/schemas/Location' - packageType: - description: >- - Output only. The type of package; whether native or non native - (e.g., ruby gems, node.js packages, etc.). - readOnly: true - type: string - cpeUri: - description: >- - Output only. The cpe_uri in [CPE - format](https://cpe.mitre.org/specification/) denoting the package - manager version distributing a package. The cpe_uri will be blank - for language packages. - readOnly: true - type: string - architecture: - description: >- - Output only. The CPU architecture for which packages in this - distribution channel were built. Architecture will be blank for - language packages. - readOnly: true + package: type: string - enumDescriptions: - - Unknown architecture. - - X86 architecture. - - X64 architecture. - enum: - - ARCHITECTURE_UNSPECIFIED - - X86 - - X64 - license: - description: Licenses that have been declared by the authors of the package. - $ref: '#/components/schemas/License' version: - description: Output only. The version of the package. - readOnly: true - $ref: '#/components/schemas/Version' - Location: - id: Location + type: string description: >- - An occurrence of a particular package installation found within a - system's filesystem. E.g., glibc was found in `/var/lib/dpkg/status`. + Indicates a language package available between this package and the + customer's resource artifact. + type: object + Empty: + type: object + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + properties: {} + ProvenanceBuilder: type: object properties: - cpeUri: - description: >- - Deprecated. The CPE URI in [CPE - format](https://cpe.mitre.org/specification/) + id: type: string + builderDependencies: + items: + $ref: '#/components/schemas/ResourceDescriptor' + type: array version: - description: Deprecated. The version installed at this location. - $ref: '#/components/schemas/Version' - path: - description: >- - The path from which we gathered that this package/version is - installed. - type: string - License: - id: License - description: License information. - type: object + additionalProperties: + type: string + type: object + id: ProvenanceBuilder + Hash: + description: Container message for hash values. properties: - expression: - description: >- - Often a single license can be used to represent the licensing terms. - Sometimes it is necessary to include a choice of one or more - licenses or some combination of license identifiers. Examples: - "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later - WITH Bison-exception-2.2". + type: + description: Required. The type of hash that was performed, e.g. "SHA-256". type: string - comments: - description: Comments + value: + format: byte + description: Required. The hash value. type: string - DeploymentOccurrence: - id: DeploymentOccurrence - description: The period during which some deployable was active in a runtime. type: object + id: Hash + GrafeasV1SlsaProvenanceZeroTwoSlsaInvocation: + description: Identifies the event that kicked off the build. properties: - userEmail: - description: Identity of the user that triggered this deployment. - type: string - deployTime: - description: Required. Beginning of the lifetime of this deployment. + environment: + additionalProperties: + type: any + description: Properties of the object. + type: object + configSource: + $ref: '#/components/schemas/GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSource' + parameters: + type: object + additionalProperties: + type: any + description: Properties of the object. + id: GrafeasV1SlsaProvenanceZeroTwoSlsaInvocation + type: object + Maintainer: + properties: + name: type: string - format: google-datetime - undeployTime: - description: End of the lifetime of this deployment. + kind: type: string - format: google-datetime - config: - description: Configuration used to create this deployment. + url: type: string - address: - description: Address of the runtime element hosting this deployment. + email: type: string - resourceUri: - description: >- - Output only. Resource URI for the artifact being deployed taken from - the deployable field with the same name. - type: array + type: object + id: Maintainer + SlsaProvenanceV1: + type: object + id: SlsaProvenanceV1 + description: >- + Keep in sync with schema at + https://github.com/slsa-framework/slsa/blob/main/docs/provenance/schema/v1/provenance.proto + Builder renamed to ProvenanceBuilder because of Java conflicts. + properties: + buildDefinition: + $ref: '#/components/schemas/BuildDefinition' + runDetails: + $ref: '#/components/schemas/RunDetails' + PackageVersion: + id: PackageVersion + properties: + licenses: items: type: string - platform: - description: Platform hosting this deployment. + type: array + description: >- + The licenses associated with this package. Note that this has to go + on the PackageVersion level, because we can have cases with images + with the same source having different licences. E.g. in Alpine, musl + and musl-utils both have the same origin musl, but have different + sets of licenses. + name: + type: string + version: type: string - enumDescriptions: - - Unknown. - - Google Container Engine. - - 'Google App Engine: Flexible Environment.' - - Custom user-defined platform. - enum: - - PLATFORM_UNSPECIFIED - - GKE - - FLEX - - CUSTOM - DiscoveryOccurrence: - id: DiscoveryOccurrence - description: Provides information about the analysis status of a discovered resource. + type: object + BuildOccurrence: + id: BuildOccurrence + description: Details of a build occurrence. type: object properties: - continuousAnalysis: - description: Whether the resource is continuously analyzed. - type: string - enumDescriptions: - - Unknown. - - The resource is continuously analyzed. - - The resource is ignored for continuous analysis. - enum: - - CONTINUOUS_ANALYSIS_UNSPECIFIED - - ACTIVE - - INACTIVE - analysisStatus: - description: The status of discovery for the resource. - type: string - enumDescriptions: - - Unknown. - - Resource is known but no action has been taken yet. - - Resource is being analyzed. - - Analysis has finished successfully. - - Analysis has completed. - - >- - Analysis has finished unsuccessfully, the analysis itself is in a - bad state. - - The resource is known not to be supported. - enum: - - ANALYSIS_STATUS_UNSPECIFIED - - PENDING - - SCANNING - - FINISHED_SUCCESS - - COMPLETE - - FINISHED_FAILED - - FINISHED_UNSUPPORTED - analysisCompleted: - $ref: '#/components/schemas/AnalysisCompleted' - analysisError: + intotoStatement: + $ref: '#/components/schemas/InTotoStatement' description: >- - Indicates any errors encountered during analysis of a resource. - There could be 0 or more of these errors. - type: array - items: - $ref: '#/components/schemas/Status' - analysisStatusError: + In-toto Statement representation as defined in spec. The + intoto_statement can contain any type of provenance. The serialized + payload of the statement can be stored and signed in the + Occurrence's envelope. + intotoProvenance: + $ref: '#/components/schemas/InTotoProvenance' description: >- - When an error is encountered this will contain a LocalizedMessage - under details to show to the user. The LocalizedMessage is output - only and populated by the API. - $ref: '#/components/schemas/Status' - cpe: - description: The CPE of the resource being scanned. - type: string - lastScanTime: - description: The last time this resource was scanned. + Deprecated. See InTotoStatement for the replacement. In-toto + Provenance representation as defined in spec. + provenanceBytes: type: string - format: google-datetime - archiveTime: description: >- - Output only. The time occurrences related to this discovery - occurrence were archived. - readOnly: true - type: string - format: google-datetime - sbomStatus: - description: The status of an SBOM generation. - $ref: '#/components/schemas/SBOMStatus' - files: - description: Files that make up the resource described by the occurrence. - type: array - items: - $ref: '#/components/schemas/File' - AnalysisCompleted: - id: AnalysisCompleted - description: >- - Indicates which analysis completed successfully. Multiple types of - analysis can be performed on a single resource. + Serialized JSON representation of the provenance, used in generating + the build signature in the corresponding build note. After verifying + the signature, `provenance_bytes` can be unmarshalled and compared + to the provenance to confirm that it is unchanged. A base64-encoded + string representation of the provenance bytes is used for the + signature in order to interoperate with openssl which expects this + format for signature verification. The serialized form is captured + both to avoid ambiguity in how the provenance is marshalled to json + as well to prevent incompatibilities with future changes. + inTotoSlsaProvenanceV1: + description: >- + In-Toto Slsa Provenance V1 represents a slsa provenance meeting the + slsa spec, wrapped in an in-toto statement. This allows for direct + jsonification of a to-spec in-toto slsa statement with a to-spec + slsa provenance. + $ref: '#/components/schemas/InTotoSlsaProvenanceV1' + provenance: + description: The actual provenance for the build. + $ref: '#/components/schemas/BuildProvenance' + ResourceDescriptor: type: object properties: - analysisType: - type: array - items: + mediaType: + type: string + downloadLocation: + type: string + content: + type: string + format: byte + uri: + type: string + annotations: + additionalProperties: + type: any + type: object + digest: + type: object + additionalProperties: type: string - SBOMStatus: - id: SBOMStatus - description: The status of an SBOM generation. + name: + type: string + id: ResourceDescriptor + License: + description: License information. type: object + id: License properties: - sbomState: - description: The progress of the SBOM generation. + expression: type: string - enumDescriptions: - - Default unknown state. - - SBOM scanning is pending. - - SBOM scanning has completed. - enum: - - SBOM_STATE_UNSPECIFIED - - PENDING - - COMPLETE - error: description: >- - If there was an error generating an SBOM, this will indicate what - that error was. + Often a single license can be used to represent the licensing terms. + Sometimes it is necessary to include a choice of one or more + licenses or some combination of license identifiers. Examples: + "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later + WITH Bison-exception-2.2". + comments: type: string - File: - id: File + description: Comments + CISAKnownExploitedVulnerabilities: type: object + id: CISAKnownExploitedVulnerabilities properties: - name: + knownRansomwareCampaignUse: type: string - digest: - type: object - additionalProperties: - type: string - AttestationOccurrence: - id: AttestationOccurrence + description: >- + Whether the vulnerability is known to have been leveraged as part of + a ransomware campaign. + ProjectRepoId: + id: ProjectRepoId description: >- - Occurrence that represents a single "attestation". The authenticity of - an attestation can be verified using the attached signature. If the - verifier trusts the public key of the signer, then verifying the - signature is sufficient to establish trust. In this circumstance, the - authority to which this attestation is attached is primarily useful for - lookup (how to find this attestation if you already know the authority - and artifact to be verified) and intent (for which authority this - attestation was intended to sign. + Selects a repo using a Google Cloud Platform project ID (e.g., + winged-cargo-31) and a repo name within that project. type: object properties: - serializedPayload: + projectId: + description: The ID of the project. + type: string + repoName: + description: The name of the repo. Leave empty for the default repo. + type: string + Occurrence: + properties: + dsseAttestation: + description: Describes an attestation of an artifact using dsse. + $ref: '#/components/schemas/DSSEAttestationOccurrence' + secret: + description: Describes a secret. + $ref: '#/components/schemas/SecretOccurrence' + resourceUri: + type: string description: >- - Required. The serialized payload that is verified by one or more - `signatures`. + Required. Immutable. A URI that represents the resource for which + the occurrence applies. For example, + `https://gcr.io/project/image@sha256:123abc` for a Docker image. + updateTime: type: string - format: byte - signatures: + format: google-datetime + description: Output only. The time this occurrence was last updated. + compliance: + $ref: '#/components/schemas/ComplianceOccurrence' + description: Describes a compliance violation on a linked resource. + name: description: >- - One or more signatures over `serialized_payload`. Verifier - implementations should consider this attestation message verified if - at least one `signature` verifies `serialized_payload`. See - `Signature` in common.proto for more details on signature structure - and verification. - type: array - items: - $ref: '#/components/schemas/Signature' - jwts: + Output only. The name of the occurrence in the form of + `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`. + type: string + package: + description: Describes the installation of a package on the linked resource. + $ref: '#/components/schemas/PackageOccurrence' + build: + $ref: '#/components/schemas/BuildOccurrence' + description: Describes a verifiable build. + discovery: + description: Describes when a resource was discovered. + $ref: '#/components/schemas/DiscoveryOccurrence' + image: description: >- - One or more JWTs encoding a self-contained attestation. Each JWT - encodes the payload that it verifies within the JWT itself. Verifier - implementation SHOULD ignore the `serialized_payload` field when - verifying these JWTs. If only JWTs are present on this - AttestationOccurrence, then the `serialized_payload` SHOULD be left - empty. Each JWT SHOULD encode a claim specific to the `resource_uri` - of this Occurrence, but this is not validated by Grafeas metadata - API implementations. The JWT itself is opaque to Grafeas. - type: array - items: - $ref: '#/components/schemas/Jwt' + Describes how this resource derives from the basis in the associated + note. + $ref: '#/components/schemas/ImageOccurrence' + createTime: + format: google-datetime + description: Output only. The time this occurrence was created. + type: string + upgrade: + description: Describes an available package upgrade on the linked resource. + $ref: '#/components/schemas/UpgradeOccurrence' + deployment: + $ref: '#/components/schemas/DeploymentOccurrence' + description: Describes the deployment of an artifact on a runtime. + remediation: + description: A description of actions that can be taken to remedy the note. + type: string + noteName: + type: string + description: >- + Required. Immutable. The analysis note associated with this + occurrence, in the form of `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. + This field can be used as a filter in list requests. + kind: + description: >- + Output only. This explicitly denotes which of the occurrence details + are specified. This field can be used as a filter in list requests. + enum: + - NOTE_KIND_UNSPECIFIED + - VULNERABILITY + - BUILD + - IMAGE + - PACKAGE + - DEPLOYMENT + - DISCOVERY + - ATTESTATION + - UPGRADE + - COMPLIANCE + - DSSE_ATTESTATION + - VULNERABILITY_ASSESSMENT + - SBOM_REFERENCE + - SECRET + enumDescriptions: + - Default value. This value is unused. + - The note and occurrence represent a package vulnerability. + - The note and occurrence assert build provenance. + - This represents an image basis relationship. + - This represents a package installed via a package manager. + - The note and occurrence track deployment events. + - >- + The note and occurrence track the initial discovery status of a + resource. + - This represents a logical "role" that can attest to artifacts. + - This represents an available package upgrade. + - This represents a Compliance Note + - This represents a DSSE attestation Note + - This represents a Vulnerability Assessment. + - This represents an SBOM Reference. + - This represents a secret. + type: string + sbomReference: + description: Describes a specific SBOM reference occurrences. + $ref: '#/components/schemas/SBOMReferenceOccurrence' + vulnerability: + description: Describes a security vulnerability. + $ref: '#/components/schemas/VulnerabilityOccurrence' + envelope: + description: https://github.com/secure-systems-lab/dsse + $ref: '#/components/schemas/Envelope' + attestation: + $ref: '#/components/schemas/AttestationOccurrence' + description: Describes an attestation of an artifact. + id: Occurrence + description: An instance of an analysis type that has been found on a resource. + type: object Signature: - id: Signature + type: object description: >- Verifiers (e.g. Kritis implementations) MUST verify signatures with respect to the trust anchors defined in policy (e.g. a Kritis policy). @@ -2393,19 +2500,10 @@ components: explicitly provided payload (e.g. a `payload` field on the proto message that holds this Signature, or the canonical serialization of the proto message that holds this signature). - type: object + id: Signature properties: - signature: - description: >- - The content of the signature, an opaque bytestring. The payload that - this signature verifies MUST be unambiguously provided with the - Signature during verification. A wrapper message might provide the - payload explicitly. Alternatively, a message might have a canonical - serialization that can always be unambiguously computed to derive - the payload. - type: string - format: byte publicKeyId: + type: string description: >- The identifier for the public key that verifies this signature. * The `public_key_id` is required. * The `public_key_id` SHOULD be an @@ -2418,409 +2516,366 @@ components: SubjectPublicKeyInfo (digest of the DER serialization): * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" - type: string - Jwt: - id: Jwt - type: object - properties: - compactJwt: - description: >- - The compact encoding of a JWS, which is always three base64 encoded - strings joined by periods. For details, see: - https://tools.ietf.org/html/rfc7515.html#section-3.1 - type: string - UpgradeOccurrence: - id: UpgradeOccurrence - description: >- - An Upgrade Occurrence represents that a specific resource_url could - install a specific upgrade. This presence is supplied via local sources - (i.e. it is present in the mirror and the running system has noticed its - availability). For Windows, both distribution and windows_update contain - information for the Windows update. - type: object - properties: - package: - description: Required for non-Windows OS. The package this Upgrade is for. - type: string - parsedVersion: - description: >- - Required for non-Windows OS. The version of the package in a machine - + human readable form. - $ref: '#/components/schemas/Version' - distribution: - description: >- - Metadata about the upgrade for available for the specific operating - system for the resource_url. This allows efficient filtering, as - well as making it easier to use the occurrence. - $ref: '#/components/schemas/UpgradeDistribution' - windowsUpdate: - description: >- - Required for Windows OS. Represents the metadata about the Windows - update. - $ref: '#/components/schemas/WindowsUpdate' - UpgradeDistribution: - id: UpgradeDistribution - description: >- - The Upgrade Distribution represents metadata about the Upgrade for each - operating system (CPE). Some distributions have additional metadata - around updates, classifying them into various categories and severities. - type: object - properties: - cpeUri: + signature: description: >- - Required - The specific operating system this metadata applies to. - See https://cpe.mitre.org/specification/. + The content of the signature, an opaque bytestring. The payload that + this signature verifies MUST be unambiguously provided with the + Signature during verification. A wrapper message might provide the + payload explicitly. Alternatively, a message might have a canonical + serialization that can always be unambiguously computed to derive + the payload. type: string - classification: - description: >- - The operating system classification of this Upgrade, as specified by - the upstream operating system upgrade feed. For Windows the - classification is one of the category_ids listed at - https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85) + format: byte + Layer: + id: Layer + description: Layer holds metadata specific to a layer of a Docker image. + properties: + arguments: + description: The recovered arguments to the Dockerfile directive. type: string - severity: - description: The severity as specified by the upstream operating system. + directive: type: string - cve: - description: The cve tied to this Upgrade. - type: array - items: - type: string - WindowsUpdate: - id: WindowsUpdate - description: >- - Windows Update represents the metadata about the update for the Windows - operating system. The fields in this message come from the Windows - Update API documented at - https://docs.microsoft.com/en-us/windows/win32/api/wuapi/nn-wuapi-iupdate. + description: >- + Required. The recovered Dockerfile directive used to construct this + layer. See https://docs.docker.com/engine/reference/builder/ for + more information. type: object + AttestationOccurrence: properties: - identity: - description: Required - The unique identifier for the update. - $ref: '#/components/schemas/Identity' - title: - description: The localized title of the update. - type: string - description: - description: The localized description of the update. - type: string - categories: - description: The list of categories to which the update belongs. - type: array + jwts: items: - $ref: '#/components/schemas/Category' - kbArticleIds: + $ref: '#/components/schemas/Jwt' description: >- - The Microsoft Knowledge Base article IDs that are associated with - the update. + One or more JWTs encoding a self-contained attestation. Each JWT + encodes the payload that it verifies within the JWT itself. Verifier + implementation SHOULD ignore the `serialized_payload` field when + verifying these JWTs. If only JWTs are present on this + AttestationOccurrence, then the `serialized_payload` SHOULD be left + empty. Each JWT SHOULD encode a claim specific to the `resource_uri` + of this Occurrence, but this is not validated by Grafeas metadata + API implementations. The JWT itself is opaque to Grafeas. type: array + signatures: + description: >- + One or more signatures over `serialized_payload`. Verifier + implementations should consider this attestation message verified if + at least one `signature` verifies `serialized_payload`. See + `Signature` in common.proto for more details on signature structure + and verification. items: - type: string - supportUrl: - description: The hyperlink to the support information for the update. - type: string - lastPublishedTimestamp: - description: The last published timestamp of the update. + $ref: '#/components/schemas/Signature' + type: array + serializedPayload: + format: byte + description: >- + Required. The serialized payload that is verified by one or more + `signatures`. type: string - format: google-datetime - Identity: - id: Identity - description: The unique identifier of the update. + description: >- + Occurrence that represents a single "attestation". The authenticity of + an attestation can be verified using the attached signature. If the + verifier trusts the public key of the signer, then verifying the + signature is sufficient to establish trust. In this circumstance, the + authority to which this attestation is attached is primarily useful for + lookup (how to find this attestation if you already know the authority + and artifact to be verified) and intent (for which authority this + attestation was intended to sign. + type: object + id: AttestationOccurrence + GrafeasV1SlsaProvenanceZeroTwoSlsaCompleteness: + id: GrafeasV1SlsaProvenanceZeroTwoSlsaCompleteness type: object + description: >- + Indicates that the builder claims certain fields in this message to be + complete. properties: - updateId: - description: The revision independent identifier of the update. - type: string - revision: - description: The revision number of the update. - type: integer - format: int32 + environment: + type: boolean + materials: + type: boolean + parameters: + type: boolean Category: id: Category description: The category to which the update belongs. type: object properties: categoryId: - description: The identifier of the category. type: string + description: The identifier of the category. name: description: The localized name of the category. type: string - ComplianceOccurrence: - id: ComplianceOccurrence - description: >- - An indication that the compliance checks in the associated - ComplianceNote were not satisfied for particular resources or a - specified reason. - type: object - properties: - nonCompliantFiles: - type: array - items: - $ref: '#/components/schemas/NonCompliantFile' - nonComplianceReason: - type: string - version: - description: The OS and config version the benchmark was run on. - $ref: '#/components/schemas/ComplianceVersion' - NonCompliantFile: - id: NonCompliantFile - description: >- - Details about files that caused a compliance check to fail. - display_command is a single command that can be used to display a list - of non compliant files. When there is no such command, we can also - iterate a list of non compliant file using 'path'. - type: object - properties: - path: - description: Empty if `display_command` is set. - type: string - displayCommand: - description: Command to display the non-compliant files. - type: string - reason: - description: Explains why a file is non compliant for a CIS check. - type: string - ComplianceVersion: - id: ComplianceVersion - description: >- - Describes the CIS benchmark version that is applicable to a given OS and - os version. + Subject: + id: Subject type: object properties: - cpeUri: - description: >- - The CPE URI (https://cpe.mitre.org/specification/) this benchmark is - applicable to. - type: string - benchmarkDocument: - description: >- - The name of the document that defines this benchmark, e.g. "CIS - Container-Optimized OS". - type: string - version: - description: >- - The version of the benchmark. This is set to the version of the - OS-specific CIS document the benchmark is defined in. + name: type: string - DSSEAttestationOccurrence: - id: DSSEAttestationOccurrence - description: >- - Deprecated. Prefer to use a regular Occurrence, and populate the - Envelope at the top level of the Occurrence. - type: object - properties: - envelope: + digest: + type: object description: >- - If doing something security critical, make sure to verify the - signatures in this metadata. - $ref: '#/components/schemas/Envelope' - statement: - $ref: '#/components/schemas/InTotoStatement' - Envelope: - id: Envelope - description: >- - MUST match - https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. - An authenticated message of arbitrary type. - type: object - properties: - payload: - type: string - format: byte - payloadType: - type: string - signatures: - type: array - items: - $ref: '#/components/schemas/EnvelopeSignature' - EnvelopeSignature: - id: EnvelopeSignature - type: object - properties: - sig: - type: string - format: byte - keyid: - type: string - SBOMReferenceOccurrence: - id: SBOMReferenceOccurrence + `"": ""` Algorithms can be e.g. sha256, sha512 See + https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet + additionalProperties: + type: string + GitSourceContext: + id: GitSourceContext description: >- - The occurrence representing an SBOM reference as applied to a specific - resource. The occurrence follows the DSSE specification. See - https://github.com/secure-systems-lab/dsse/blob/master/envelope.md for - more details. + A GitSourceContext denotes a particular revision in a third party Git + repository (e.g., GitHub). type: object properties: - payload: - description: The actual payload that contains the SBOM reference data. - $ref: '#/components/schemas/SbomReferenceIntotoPayload' - payloadType: - description: >- - The kind of payload that SbomReferenceIntotoPayload takes. Since - it's in the intoto format, this value is expected to be - 'application/vnd.in-toto+json'. + url: type: string - signatures: - description: The signatures over the payload. - type: array - items: - $ref: '#/components/schemas/EnvelopeSignature' - SbomReferenceIntotoPayload: - id: SbomReferenceIntotoPayload - description: >- - The actual payload that contains the SBOM Reference data. The payload - follows the intoto statement specification. See - https://github.com/in-toto/attestation/blob/main/spec/v1.0/statement.md - for more details. + description: Git repository URL. + revisionId: + type: string + description: Git commit hash. + AnalyzePackagesResponseV1: + id: AnalyzePackagesResponseV1 type: object properties: - _type: - description: Identifier for the schema of the Statement. + scan: + description: The name of the scan resource created by this successful scan. type: string - predicateType: - description: URI identifying the type of the Predicate. + description: >- + AnalyzePackagesResponse contains the information necessary to find + results for the given scan. + Recipe: + id: Recipe + description: >- + Steps taken to build the artifact. For a TaskRun, typically each + container corresponds to one step in the recipe. + type: object + properties: + entryPoint: type: string - subject: description: >- - Set of software artifacts that the attestation applies to. Each - element represents a single software artifact. + String identifying the entry point into the build. This is often a + path to a configuration file and/or a target label within that file. + The syntax and meaning are defined by recipe.type. For example, if + the recipe type were "make", then this would reference the directory + in which to run make as well as which target to use. + arguments: + description: >- + Collection of all external inputs that influenced the build on top + of recipe.definedInMaterial and recipe.entryPoint. For example, if + the recipe type were "make", then this might be the flags passed to + make aside from the target, which is captured in recipe.entryPoint. + Since the arguments field can greatly vary in structure, depending + on the builder and recipe type, this is of form "Any". type: array items: - $ref: '#/components/schemas/Subject' - predicate: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + definedInMaterial: + format: int64 + type: string description: >- - Additional parameters of the Predicate. Includes the actual data - about the SBOM. - $ref: '#/components/schemas/SbomReferenceIntotoPredicate' - SbomReferenceIntotoPredicate: - id: SbomReferenceIntotoPredicate - description: A predicate which describes the SBOM being referenced. - type: object + Index in materials containing the recipe steps that are not implied + by recipe.type. For example, if the recipe type were "make", then + this would point to the source containing the Makefile, not the make + program itself. Set to -1 if the recipe doesn't come from a + material, as zero is default unset value for int64. + environment: + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: array + description: >- + Any other builder-controlled inputs necessary for correctly + evaluating the recipe. Usually only needed for reproducing the build + but not evaluated as part of policy. Since the environment field can + greatly vary in structure, depending on the builder and recipe type, + this is of form "Any". + type: + type: string + description: >- + URI indicating what type of recipe was performed. It determines the + meaning of recipe.entryPoint, recipe.arguments, recipe.environment, + and materials. + Metadata: properties: - referrerId: - description: The person or system referring this predicate to the consumer. + buildFinishedOn: + format: google-datetime type: string - location: - description: The location of the SBOM. + description: The timestamp of when the build completed. + buildInvocationId: + description: >- + Identifies the particular build invocation, which can be useful for + finding associated logs or other ad-hoc analysis. The value SHOULD + be globally unique, per in-toto Provenance spec. type: string - mimeType: - description: The mime type of the SBOM. + reproducible: + description: >- + If true, the builder claims that running the recipe on materials + will produce bit-for-bit identical output. + type: boolean + completeness: + description: >- + Indicates that the builder claims certain fields in this message to + be complete. + $ref: '#/components/schemas/Completeness' + buildStartedOn: + description: The timestamp of when the build started. + format: google-datetime type: string - digest: - description: A map of algorithm to digest of the contents of the SBOM. - type: object - additionalProperties: - type: string - SecretOccurrence: - id: SecretOccurrence - description: The occurrence provides details of a secret. + description: Other properties of the build. + id: Metadata type: object + DiscoveryOccurrence: properties: - kind: - description: Required. Type of secret. + analysisStatusError: + $ref: '#/components/schemas/Status' + description: >- + When an error is encountered this will contain a LocalizedMessage + under details to show to the user. The LocalizedMessage is output + only and populated by the API. + cpe: + description: The CPE of the resource being scanned. + type: string + archiveTime: + description: >- + Output only. The time occurrences related to this discovery + occurrence were archived. + readOnly: true + format: google-datetime type: string + continuousAnalysis: enumDescriptions: - - Unspecified - - The secret kind is unknown. + - Unknown. + - The resource is continuously analyzed. + - The resource is ignored for continuous analysis. + enum: + - CONTINUOUS_ANALYSIS_UNSPECIFIED + - ACTIVE + - INACTIVE + type: string + description: Whether the resource is continuously analyzed. + analysisStatus: + enumDescriptions: + - Unknown. + - Resource is known but no action has been taken yet. + - Resource is being analyzed. + - Analysis has finished successfully. + - Analysis has completed. - >- - A GCP service account key per: - https://cloud.google.com/iam/docs/creating-managing-service-account-keys + Analysis has finished unsuccessfully, the analysis itself is in a + bad state. + - The resource is known not to be supported. + description: The status of discovery for the resource. + type: string enum: - - SECRET_KIND_UNSPECIFIED - - SECRET_KIND_UNKNOWN - - SECRET_KIND_GCP_SERVICE_ACCOUNT_KEY - locations: - description: Optional. Locations where the secret is detected. + - ANALYSIS_STATUS_UNSPECIFIED + - PENDING + - SCANNING + - FINISHED_SUCCESS + - COMPLETE + - FINISHED_FAILED + - FINISHED_UNSUPPORTED + analysisCompleted: + $ref: '#/components/schemas/AnalysisCompleted' + files: type: array + description: Files that make up the resource described by the occurrence. items: - $ref: '#/components/schemas/SecretLocation' - statuses: - description: Optional. Status of the secret. + $ref: '#/components/schemas/File' + analysisError: type: array + description: >- + Indicates any errors encountered during analysis of a resource. + There could be 0 or more of these errors. items: - $ref: '#/components/schemas/SecretStatus' - SecretLocation: - id: SecretLocation - description: The location of the secret. + $ref: '#/components/schemas/Status' + lastScanTime: + type: string + description: The last time this resource was scanned. + format: google-datetime + sbomStatus: + $ref: '#/components/schemas/SBOMStatus' + description: The status of an SBOM generation. + description: Provides information about the analysis status of a discovered resource. + id: DiscoveryOccurrence type: object - properties: - fileLocation: - description: The secret is found from a file. - $ref: '#/components/schemas/GrafeasV1FileLocation' SecretStatus: id: SecretStatus - description: The status of the secret with a timestamp. - type: object properties: + updateTime: + description: Optional. The time the secret status was last updated. + type: string + format: google-datetime status: description: Optional. The status of the secret. type: string - enumDescriptions: - - Unspecified - - The status of the secret is unknown. - - The secret is valid. - - The secret is invalid. enum: - STATUS_UNSPECIFIED - UNKNOWN - VALID - INVALID - updateTime: - description: Optional. The time the secret status was last updated. - type: string - format: google-datetime + enumDescriptions: + - Unspecified + - The status of the secret is unknown. + - The secret is valid. + - The secret is invalid. message: description: Optional. Optional message about the status code. type: string - AnalyzePackagesMetadataV1: - id: AnalyzePackagesMetadataV1 - description: >- - AnalyzePackagesMetadata contains metadata for an active scan of a - container image. + description: The status of the secret with a timestamp. + type: object + RelatedUrl: + description: Metadata for any related URL information. type: object + id: RelatedUrl properties: - resourceUri: - description: The resource URI of the container image being scanned. + label: type: string - createTime: - description: When the scan was created. + description: Label to describe usage of the URL. + url: type: string - format: google-datetime - AnalyzePackagesResponseV1: - id: AnalyzePackagesResponseV1 - description: >- - AnalyzePackagesResponse contains the information necessary to find - results for the given scan. - type: object + description: Specific URL associated with the resource. + SlsaBuilder: properties: - scan: - description: The name of the scan resource created by this successful scan. - type: string - AnalyzePackagesMetadata: - id: AnalyzePackagesMetadata - description: >- - AnalyzePackagesMetadata contains metadata for an active scan of a - container image. + id: + type: string + id: SlsaBuilder type: object + Location: + description: >- + An occurrence of a particular package installation found within a + system's filesystem. E.g., glibc was found in `/var/lib/dpkg/status`. properties: - resourceUri: - description: The resource URI of the container image being scanned. + path: type: string - createTime: - description: When the scan was created. + description: >- + The path from which we gathered that this package/version is + installed. + cpeUri: type: string - format: google-datetime - AnalyzePackagesResponse: - id: AnalyzePackagesResponse - description: >- - AnalyzePackagesResponse contains the information necessary to find - results for the given scan. + description: >- + Deprecated. The CPE URI in [CPE + format](https://cpe.mitre.org/specification/) + version: + $ref: '#/components/schemas/Version' + description: Deprecated. The version installed at this location. + id: Location type: object + Identity: + type: object + description: The unique identifier of the update. properties: - scan: - description: The name of the scan resource created by this successful scan. + revision: + format: int32 + type: integer + description: The revision number of the update. + updateId: + description: The revision independent identifier of the update. type: string + id: Identity parameters: access_token: description: OAuth access token. @@ -2828,28 +2883,12 @@ components: name: access_token schema: type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto callback: description: JSONP in: query name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string key: description: >- API key. Your API key identifies your project and provides you with API @@ -2859,39 +2898,40 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + alt: + description: Data format for response. in: query - name: quotaUser + name: alt schema: type: string + enum: + - json + - media + - proto upload_protocol: description: Upload protocol for media (e.g. "raw", "multipart"). in: query name: upload_protocol schema: type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query name: uploadType schema: type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string _.xgafv: description: V1 error format. in: query @@ -2901,24 +2941,38 @@ components: enum: - '1' - '2' + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string x-stackQL-resources: operations: id: google.ondemandscanning.operations name: operations title: Operations methods: - list: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - get: + wait: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:wait/post response: mediaType: application/json openAPIDocKey: '200' @@ -2929,20 +2983,21 @@ components: response: mediaType: application/json openAPIDocKey: '200' - cancel: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - wait: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:wait/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.operations sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/operations/methods/get' @@ -2991,24 +3046,31 @@ components: replace: [] delete: [] paths: - /v1/projects/{projectsId}/locations/{locationsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: &ref_1 - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/_.xgafv' - get: + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/quotaUser' + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: ondemandscanning.projects.locations.operations.list + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: ondemandscanning.projects.locations.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3020,7 +3082,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -3032,27 +3094,25 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:wait: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: ondemandscanning.projects.locations.operations.get + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: ondemandscanning.projects.locations.operations.wait security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3081,6 +3141,13 @@ paths: required: true schema: type: string + - in: query + name: timeout + schema: + type: string + format: google-duration + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 delete: description: >- Deletes a long-running operation. This method indicates that the client @@ -3116,20 +3183,12 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: ondemandscanning.projects.locations.operations.cancel + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: ondemandscanning.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3141,7 +3200,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3158,20 +3217,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:wait: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 - post: + get: description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: ondemandscanning.projects.locations.operations.wait + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: ondemandscanning.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3183,7 +3235,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -3195,16 +3247,23 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - in: query - name: timeout + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter schema: type: string - format: google-duration /v1/projects/{projectsId}/locations/{locationsId}/scans:analyzePackages: parameters: *ref_1 post: @@ -3271,12 +3330,12 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/oracledatabase.yaml b/providers/src/googleapis.com/v00.00.00000/services/oracledatabase.yaml index f55101fe..70c6e5f5 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/oracledatabase.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/oracledatabase.yaml @@ -9,8 +9,8 @@ info: The Oracle Database@Google Cloud API provides a set of APIs to manage Oracle database services, such as Exadata and Autonomous Databases. version: v1 - x-discovery-doc-revision: '20250825' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251204' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/oracle/database/docs servers: @@ -51,6 +51,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -634,6 +643,12 @@ components: Cluster. Format: projects/{project}/locations/{location}/odbNetworks/{odb_network}/odbSubnets/{odb_subnet} type: string + identityConnector: + description: >- + Output only. The identity connector details which will allow OCI to + securely access the resources in the customer project. + readOnly: true + $ref: '#/components/schemas/IdentityConnector' CloudVmClusterProperties: id: CloudVmClusterProperties description: Various properties and settings associated with Exadata VM cluster. @@ -860,6 +875,36 @@ components: Optional. Indicates whether incident logs and trace collection are enabled for the VM cluster type: boolean + IdentityConnector: + id: IdentityConnector + description: >- + The identity connector details which will allow OCI to securely access + the resources in the customer project. + type: object + properties: + serviceAgentEmail: + description: >- + Output only. A google managed service account on which customers can + grant roles to access resources in the customer project. Example: + `p176944527254-55-75119d87fd8f@gcp-sa-oci.iam.gserviceaccount.com` + readOnly: true + type: string + connectionState: + description: Output only. The connection state of the identity connector. + readOnly: true + type: string + enumDescriptions: + - Default unspecified value. + - The identity pool connection is connected. + - The identity pool connection is partially connected. + - The identity pool connection is disconnected. + - The identity pool connection is in an unknown state. + enum: + - CONNECTION_STATE_UNSPECIFIED + - CONNECTED + - PARTIALLY_CONNECTED + - DISCONNECTED + - UNKNOWN ListEntitlementsResponse: id: ListEntitlementsResponse description: The response for `Entitlement.List`. @@ -1144,6 +1189,37 @@ components: version: description: Optional. version type: string + ListMinorVersionsResponse: + id: ListMinorVersionsResponse + description: The response for `MinorVersion.List`. + type: object + properties: + minorVersions: + description: The list of MinorVersions. + type: array + items: + $ref: '#/components/schemas/MinorVersion' + nextPageToken: + description: A token identifying a page of results the server should return. + type: string + MinorVersion: + id: MinorVersion + description: >- + MinorVersion represents a minor version of a GI. + https://docs.oracle.com/en-us/iaas/api/#/en/database/20160918/GiMinorVersionSummary/ + type: object + properties: + name: + description: >- + Identifier. The name of the MinorVersion resource with the format: + projects/{project}/locations/{region}/giVersions/{gi_version}/minorVersions/{minor_version} + type: string + gridImageId: + description: Optional. The ID of the Grid Image. + type: string + version: + description: Optional. The valid Oracle grid infrastructure software version. + type: string ListDbSystemShapesResponse: id: ListDbSystemShapesResponse description: The response for `DbSystemShape.List`. @@ -1856,6 +1932,27 @@ components: type: array items: type: string + encryptionKey: + description: >- + Optional. The encryption key used to encrypt the Autonomous + Database. Updating this field will add a new entry in the + `encryption_key_history_entries` field with the former version. + $ref: '#/components/schemas/EncryptionKey' + encryptionKeyHistoryEntries: + description: >- + Output only. The history of the encryption keys used to encrypt the + Autonomous Database. + readOnly: true + type: array + items: + $ref: '#/components/schemas/EncryptionKeyHistoryEntry' + serviceAgentEmail: + description: >- + Output only. An Oracle-managed Google Cloud service account on which + customers can grant roles to access resources in the customer + project. + readOnly: true + type: string AutonomousDatabaseApex: id: AutonomousDatabaseApex description: >- @@ -2265,6 +2362,51 @@ components: to 0 and less than or equal to 999,999,999. type: integer format: int32 + EncryptionKey: + id: EncryptionKey + description: The encryption key used to encrypt the Autonomous Database. + type: object + properties: + provider: + description: Optional. The provider of the encryption key. + type: string + enumDescriptions: + - Default unspecified value. + - >- + Google Managed KMS key, if selected, please provide the KMS key + name. + - Oracle Managed. + enum: + - PROVIDER_UNSPECIFIED + - GOOGLE_MANAGED + - ORACLE_MANAGED + kmsKey: + description: >- + Optional. The KMS key used to encrypt the Autonomous Database. This + field is required if the provider is GOOGLE_MANAGED. The name of the + KMS key resource in the following format: + `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. + type: string + EncryptionKeyHistoryEntry: + id: EncryptionKeyHistoryEntry + description: >- + The history of the encryption keys used to encrypt the Autonomous + Database. + type: object + properties: + encryptionKey: + description: >- + Output only. The encryption key used to encrypt the Autonomous + Database. + readOnly: true + $ref: '#/components/schemas/EncryptionKey' + activationTime: + description: >- + Output only. The date and time when the encryption key was activated + on the Autonomous Database.. + readOnly: true + type: string + format: google-datetime SourceConfig: id: SourceConfig description: The source configuration for the standby Autonomous Database. @@ -2621,6 +2763,14 @@ components: peerAutonomousDatabase: description: Required. The peer database name to switch over to. type: string + FailoverAutonomousDatabaseRequest: + id: FailoverAutonomousDatabaseRequest + description: The request for `OracleDatabase.FailoverAutonomousDatabase`. + type: object + properties: + peerAutonomousDatabase: + description: Required. The peer database name to fail over to. + type: string ListOdbNetworksResponse: id: ListOdbNetworksResponse description: The response for `OdbNetwork.List`. @@ -2689,6 +2839,12 @@ components: the OdbNetwork. readOnly: true type: string + gcpOracleZone: + description: >- + Optional. The GCP Oracle zone where OdbNetwork is hosted. Example: + us-east4-b-r2. If not specified, the system will pick a zone based + on availability. + type: string ListOdbSubnetsResponse: id: ListOdbSubnetsResponse description: The response for `OdbSubnet.List`. @@ -2760,260 +2916,1697 @@ components: - AVAILABLE - TERMINATING - FAILED - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. + ListExadbVmClustersResponse: + id: ListExadbVmClustersResponse + description: The response for `ExadbVmCluster.List`. type: object properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. + exadbVmClusters: + description: The list of ExadbVmClusters. type: array items: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/ExadbVmCluster' nextPageToken: - description: The standard List next-page token. + description: A token identifying a page of results the server should return. type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + ExadbVmCluster: + id: ExadbVmCluster + description: >- + ExadbVmCluster represents a cluster of VMs that are used to run Exadata + workloads. + https://docs.oracle.com/en-us/iaas/api/#/en/database/20160918/ExadbVmCluster/ type: object properties: name: description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + Identifier. The name of the ExadbVmCluster resource in the following + format: + projects/{project}/locations/{region}/exadbVmClusters/{exadb_vm_cluster} type: string - displayName: + properties: + description: Required. The properties of the ExadbVmCluster. + $ref: '#/components/schemas/ExadbVmClusterProperties' + gcpOracleZone: description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + Output only. Immutable. The GCP Oracle zone where Oracle + ExadbVmCluster is hosted. Example: us-east4-b-r2. During creation, + the system will pick the zone assigned to the + ExascaleDbStorageVault. + readOnly: true type: string labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} + description: Optional. The labels or tags associated with the ExadbVmCluster. type: object additionalProperties: type: string - metadata: + odbNetwork: description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. - type: object - properties: + Optional. Immutable. The name of the OdbNetwork associated with the + ExadbVmCluster. Format: + projects/{project}/locations/{location}/odbNetworks/{odb_network} It + is optional but if specified, this should match the parent + ODBNetwork of the OdbSubnet. + type: string + odbSubnet: + description: >- + Required. Immutable. The name of the OdbSubnet associated with the + ExadbVmCluster for IP allocation. Format: + projects/{project}/locations/{location}/odbNetworks/{odb_network}/odbSubnets/{odb_subnet} + type: string + backupOdbSubnet: + description: >- + Required. Immutable. The name of the backup OdbSubnet associated + with the ExadbVmCluster. Format: + projects/{project}/locations/{location}/odbNetworks/{odb_network}/odbSubnets/{odb_subnet} + type: string + displayName: + description: >- + Required. Immutable. The display name for the ExadbVmCluster. The + name does not have to be unique within your project. The name must + be 1-255 characters long and can only contain alphanumeric + characters. + type: string createTime: - description: Output only. The time the operation was created. + description: Output only. The date and time that the ExadbVmCluster was created. readOnly: true type: string format: google-datetime - endTime: - description: Output only. The time the operation finished running. + entitlementId: + description: >- + Output only. The ID of the subscription entitlement associated with + the ExadbVmCluster. readOnly: true type: string - format: google-datetime - target: + ExadbVmClusterProperties: + id: ExadbVmClusterProperties + description: The properties of an ExadbVmCluster. + type: object + properties: + clusterName: description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true + Optional. Immutable. The cluster name for Exascale vm cluster. The + cluster name must begin with an alphabetic character and may contain + hyphens(-) but can not contain underscores(_). It should be not more + than 11 characters and is not case sensitive. OCI Cluster name. type: string - verb: - description: Output only. Name of the verb executed by the operation. + gridImageId: + description: Required. Immutable. Grid Infrastructure Version. + type: string + nodeCount: + description: Required. The number of nodes/VMs in the ExadbVmCluster. + type: integer + format: int32 + enabledEcpuCountPerNode: + description: >- + Required. Immutable. The number of ECPUs enabled per node for an + exadata vm cluster on exascale infrastructure. + type: integer + format: int32 + additionalEcpuCountPerNode: + description: >- + Optional. Immutable. The number of additional ECPUs per node for an + Exadata VM cluster on exascale infrastructure. + type: integer + format: int32 + vmFileSystemStorage: + description: Required. Immutable. Total storage details for the ExadbVmCluster. + $ref: '#/components/schemas/ExadbVmClusterStorageDetails' + licenseModel: + description: Optional. Immutable. The license type of the ExadbVmCluster. + type: string + enumDescriptions: + - Unspecified. + - Default is license included. + - Bring your own license. + enum: + - LICENSE_MODEL_UNSPECIFIED + - LICENSE_INCLUDED + - BRING_YOUR_OWN_LICENSE + exascaleDbStorageVault: + description: >- + Required. Immutable. The name of ExascaleDbStorageVault associated + with the ExadbVmCluster. It can refer to an existing + ExascaleDbStorageVault. Or a new one can be created during the + ExadbVmCluster creation (requires storage_vault_properties to be + set). Format: + projects/{project}/locations/{location}/exascaleDbStorageVaults/{exascale_db_storage_vault} + type: string + hostnamePrefix: + description: Required. Immutable. Prefix for VM cluster host names. + type: string + hostname: + description: Output only. The hostname of the ExadbVmCluster. readOnly: true type: string - statusMessage: - description: Output only. The status of the operation. + sshPublicKeys: + description: Required. Immutable. The SSH public keys for the ExadbVmCluster. + type: array + items: + type: string + dataCollectionOptions: + description: >- + Optional. Immutable. Indicates user preference for data collection + options. + $ref: '#/components/schemas/DataCollectionOptionsCommon' + timeZone: + description: Optional. Immutable. The time zone of the ExadbVmCluster. + $ref: '#/components/schemas/TimeZone' + lifecycleState: + description: Output only. State of the cluster. readOnly: true type: string - requestedCancellation: + enumDescriptions: + - Default unspecified value. + - Indicates that the resource is in provisioning state. + - Indicates that the resource is in available state. + - Indicates that the resource is in updating state. + - Indicates that the resource is in terminating state. + - Indicates that the resource is in terminated state. + - Indicates that the resource is in failed state. + - Indicates that the resource is in maintenance in progress state. + enum: + - EXADB_VM_CLUSTER_LIFECYCLE_STATE_UNSPECIFIED + - PROVISIONING + - AVAILABLE + - UPDATING + - TERMINATING + - TERMINATED + - FAILED + - MAINTENANCE_IN_PROGRESS + shapeAttribute: description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been cancelled successfully - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. + Required. Immutable. The shape attribute of the VM cluster. The type + of Exascale storage used for Exadata VM cluster. The default is + SMART_STORAGE which supports Oracle Database 23ai and later + type: string + enumDescriptions: + - Default unspecified value. + - Indicates that the resource is in smart storage. + - Indicates that the resource is in block storage. + enum: + - SHAPE_ATTRIBUTE_UNSPECIFIED + - SMART_STORAGE + - BLOCK_STORAGE + memorySizeGb: + description: >- + Output only. Memory per VM (GB) (Read-only): Shows the amount of + memory allocated to each VM. Memory is calculated based on 2.75 GB + per Total ECPUs. readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. + type: integer + format: int32 + scanListenerPortTcp: + description: Optional. Immutable. SCAN listener port - TCP + type: integer + format: int32 + ociUri: + description: Output only. Deep link to the OCI console to view this resource. readOnly: true type: string - percentComplete: - description: >- - Output only. An estimated percentage of the operation that has been - completed at a given moment of time, between 0 and 100. + giVersion: + description: Output only. The Oracle Grid Infrastructure (GI) software version. readOnly: true - type: number - format: double - LocationMetadata: - id: LocationMetadata - description: Metadata for a given Location. + type: string + ExadbVmClusterStorageDetails: + id: ExadbVmClusterStorageDetails + description: The storage allocation for the exadbvmcluster, in gigabytes (GB). type: object properties: - gcpOracleZones: - description: Output only. Google Cloud Platform Oracle zones in a location. - readOnly: true + sizeInGbsPerNode: + description: >- + Required. The storage allocation for the exadbvmcluster per node, in + gigabytes (GB). This field is used to calculate the total storage + allocation for the exadbvmcluster. + type: integer + format: int32 + DataCollectionOptionsCommon: + id: DataCollectionOptionsCommon + description: >- + Data collection options for diagnostics. + https://docs.oracle.com/en-us/iaas/api/#/en/database/20160918/datatypes/DataCollectionOptions + type: object + properties: + isDiagnosticsEventsEnabled: + description: >- + Optional. Indicates whether to enable data collection for + diagnostics. + type: boolean + isHealthMonitoringEnabled: + description: Optional. Indicates whether to enable health monitoring. + type: boolean + isIncidentLogsEnabled: + description: >- + Optional. Indicates whether to enable incident logs and trace + collection. + type: boolean + RemoveVirtualMachineExadbVmClusterRequest: + id: RemoveVirtualMachineExadbVmClusterRequest + description: The request for `ExadbVmCluster.RemoveVirtualMachine`. + type: object + properties: + requestId: + description: >- + Optional. An optional ID to identify the request. This value is used + to identify duplicate requests. If you make a request with the same + request ID and the original request is still in progress or + completed, the server ignores the second request. This prevents + clients from accidentally creating duplicate commitments. The + request ID must be a valid UUID with the exception that zero UUID is + not supported (00000000-0000-0000-0000-000000000000). + type: string + hostnames: + description: >- + Required. The list of host names of db nodes to be removed from the + ExadbVmCluster. type: array items: type: string - parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string - key: + ListExascaleDbStorageVaultsResponse: + id: ListExascaleDbStorageVaultsResponse + description: The response for `ExascaleDbStorageVault.List`. + type: object + properties: + exascaleDbStorageVaults: + description: The ExascaleDbStorageVaults. + type: array + items: + $ref: '#/components/schemas/ExascaleDbStorageVault' + nextPageToken: + description: >- + A token identifying a page of results the server should return. If + present, the next page token can be provided to a subsequent + ListExascaleDbStorageVaults call to list the next page. If empty, + there are no more pages. + type: string + ExascaleDbStorageVault: + id: ExascaleDbStorageVault description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: + ExascaleDbStorageVault represents a storage vault exadb vm cluster + resource. + https://docs.oracle.com/en-us/iaas/api/#/en/database/20160918/ExascaleDbStorageVault/ + type: object + properties: + name: + description: >- + Identifier. The resource name of the ExascaleDbStorageVault. Format: + projects/{project}/locations/{location}/exascaleDbStorageVaults/{exascale_db_storage_vault} + type: string + displayName: + description: >- + Required. The display name for the ExascaleDbStorageVault. The name + does not have to be unique within your project. The name must be + 1-255 characters long and can only contain alphanumeric characters. + type: string + gcpOracleZone: + description: >- + Optional. The GCP Oracle zone where Oracle ExascaleDbStorageVault is + hosted. Example: us-east4-b-r2. If not specified, the system will + pick a zone based on availability. + type: string + properties: + description: Required. The properties of the ExascaleDbStorageVault. + $ref: '#/components/schemas/ExascaleDbStorageVaultProperties' + createTime: + description: >- + Output only. The date and time when the ExascaleDbStorageVault was + created. + readOnly: true + type: string + format: google-datetime + entitlementId: + description: >- + Output only. The ID of the subscription entitlement associated with + the ExascaleDbStorageVault. + readOnly: true + type: string + labels: + description: >- + Optional. The labels or tags associated with the + ExascaleDbStorageVault. + type: object + additionalProperties: + type: string + ExascaleDbStorageVaultProperties: + id: ExascaleDbStorageVaultProperties + description: 'The properties of the ExascaleDbStorageVault. next ID: 12' + type: object + properties: + ocid: + description: Output only. The OCID for the ExascaleDbStorageVault. + readOnly: true + type: string + timeZone: + description: Output only. The time zone of the ExascaleDbStorageVault. + readOnly: true + $ref: '#/components/schemas/TimeZone' + exascaleDbStorageDetails: + description: Required. The storage details of the ExascaleDbStorageVault. + $ref: '#/components/schemas/ExascaleDbStorageDetails' + state: + description: Output only. The state of the ExascaleDbStorageVault. + readOnly: true + type: string + enumDescriptions: + - The state of the ExascaleDbStorageVault is unspecified. + - The ExascaleDbStorageVault is being provisioned. + - The ExascaleDbStorageVault is available. + - The ExascaleDbStorageVault is being updated. + - The ExascaleDbStorageVault is being deleted. + - The ExascaleDbStorageVault has been deleted. + - The ExascaleDbStorageVault has failed. + enum: + - STATE_UNSPECIFIED + - PROVISIONING + - AVAILABLE + - UPDATING + - TERMINATING + - TERMINATED + - FAILED + description: + description: Optional. The description of the ExascaleDbStorageVault. + type: string + vmClusterIds: + description: >- + Output only. The list of VM cluster OCIDs associated with the + ExascaleDbStorageVault. + readOnly: true + type: array + items: + type: string + vmClusterCount: + description: >- + Output only. The number of VM clusters associated with the + ExascaleDbStorageVault. + readOnly: true + type: integer + format: int32 + additionalFlashCachePercent: + description: >- + Optional. The size of additional flash cache in percentage of high + capacity database storage. + type: integer + format: int32 + ociUri: + description: Output only. Deep link to the OCI console to view this resource. + readOnly: true + type: string + attachedShapeAttributes: + description: >- + Output only. The shape attributes of the VM clusters attached to the + ExascaleDbStorageVault. + readOnly: true + type: array + items: + type: string + enumDescriptions: + - Default unspecified value. + - Indicates that the resource is in smart storage. + - Indicates that the resource is in block storage. + enum: + - SHAPE_ATTRIBUTE_UNSPECIFIED + - SMART_STORAGE + - BLOCK_STORAGE + availableShapeAttributes: + description: >- + Output only. The shape attributes available for the VM clusters to + be attached to the ExascaleDbStorageVault. + readOnly: true + type: array + items: + type: string + enumDescriptions: + - Default unspecified value. + - Indicates that the resource is in smart storage. + - Indicates that the resource is in block storage. + enum: + - SHAPE_ATTRIBUTE_UNSPECIFIED + - SMART_STORAGE + - BLOCK_STORAGE + ExascaleDbStorageDetails: + id: ExascaleDbStorageDetails + description: The storage details of the ExascaleDbStorageVault. + type: object + properties: + availableSizeGbs: + description: >- + Output only. The available storage capacity for the + ExascaleDbStorageVault, in gigabytes (GB). + readOnly: true + type: integer + format: int32 + totalSizeGbs: + description: >- + Required. The total storage allocation for the + ExascaleDbStorageVault, in gigabytes (GB). + type: integer + format: int32 + ListDbSystemInitialStorageSizesResponse: + id: ListDbSystemInitialStorageSizesResponse + description: The response for `DbSystemInitialStorageSizes.List`. + type: object + properties: + dbSystemInitialStorageSizes: + description: The list of DbSystemInitialStorageSizes. + type: array + items: + $ref: '#/components/schemas/DbSystemInitialStorageSize' + nextPageToken: + description: A token identifying a page of results the server should return. + type: string + DbSystemInitialStorageSize: + id: DbSystemInitialStorageSize + description: Summary of the DbSystem initial storage size. + type: object + properties: + name: + description: Output only. The name of the resource. + readOnly: true + type: string + properties: + description: >- + Output only. The properties of the DbSystem initial storage size + summary. + readOnly: true + $ref: '#/components/schemas/DbSystemInitialStorageSizeProperties' + DbSystemInitialStorageSizeProperties: + id: DbSystemInitialStorageSizeProperties + description: The properties of a DbSystem initial storage size summary. + type: object + properties: + storageManagement: + description: Output only. The storage option used in DB system. + readOnly: true + type: string + enumDescriptions: + - Unspecified storage management. + - Automatic Storage Management. + - Logical Volume Management. + enum: + - STORAGE_MANAGEMENT_UNSPECIFIED + - ASM + - LVM + shapeType: + description: Output only. VM shape platform type + readOnly: true + type: string + enumDescriptions: + - Unspecified shape type. + - Standard X86. + enum: + - SHAPE_TYPE_UNSPECIFIED + - STANDARD_X86 + storageSizeDetails: + description: Output only. List of storage disk details. + readOnly: true + type: array + items: + $ref: '#/components/schemas/StorageSizeDetails' + launchFromBackupStorageSizeDetails: + description: >- + Output only. List of storage disk details available for launches + from backup. + readOnly: true + type: array + items: + $ref: '#/components/schemas/StorageSizeDetails' + StorageSizeDetails: + id: StorageSizeDetails description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - _.xgafv: - description: V1 error format. - in: query - name: $.xgafv - schema: - type: string - enum: - - '1' - - '2' - x-stackQL-resources: - locations: - id: google.oracledatabase.locations - name: locations - title: Locations - methods: - list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations - get: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - operations: - id: google.oracledatabase.operations - name: operations - title: Operations - methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - cancel: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' - insert: [] + The initial storage size, in gigabytes, that is applicable for virtual + machine DBSystem. + type: object + properties: + dataStorageSizeInGbs: + description: >- + Output only. The data storage size, in gigabytes, that is applicable + for virtual machine DBSystem. + readOnly: true + type: integer + format: int32 + recoStorageSizeInGbs: + description: >- + Output only. The RECO/REDO storage size, in gigabytes, that is + applicable for virtual machine DBSystem. + readOnly: true + type: integer + format: int32 + ListDatabasesResponse: + id: ListDatabasesResponse + description: The response for `Database.List`. + type: object + properties: + databases: + description: The list of Databases. + type: array + items: + $ref: '#/components/schemas/Database' + nextPageToken: + description: A token identifying a page of results the server should return. + type: string + Database: + id: Database + description: >- + Details of the Database resource. + https://docs.oracle.com/en-us/iaas/api/#/en/database/20160918/Database/ + type: object + properties: + name: + description: >- + Identifier. The name of the Database resource in the following + format: projects/{project}/locations/{region}/databases/{database} + type: string + dbName: + description: >- + Optional. The database name. The name must begin with an alphabetic + character and can contain a maximum of eight alphanumeric + characters. Special characters are not permitted. + type: string + dbUniqueName: + description: Optional. The DB_UNIQUE_NAME of the Oracle Database being backed up. + type: string + adminPassword: + description: Required. The password for the default ADMIN user. + type: string + tdeWalletPassword: + description: Optional. The TDE wallet password for the database. + type: string + characterSet: + description: >- + Optional. The character set for the database. The default is + AL32UTF8. + type: string + ncharacterSet: + description: >- + Optional. The national character set for the database. The default + is AL16UTF16. + type: string + ociUrl: + description: >- + Output only. HTTPS link to OCI resources exposed to Customer via UI + Interface. + readOnly: true + type: string + createTime: + description: Output only. The date and time that the Database was created. + readOnly: true + type: string + format: google-datetime + properties: + description: Optional. The properties of the Database. + $ref: '#/components/schemas/DatabaseProperties' + databaseId: + description: Optional. The database ID of the Database. + type: string + dbHomeName: + description: >- + Optional. The name of the DbHome resource associated with the + Database. + type: string + gcpOracleZone: + description: Output only. The GCP Oracle zone where the Database is created. + readOnly: true + type: string + opsInsightsStatus: + description: Output only. The Status of Operations Insights for this Database. + readOnly: true + type: string + enumDescriptions: + - Default unspecified value. + - Indicates that the operations insights are being enabled. + - Indicates that the operations insights are enabled. + - Indicates that the operations insights are being disabled. + - Indicates that the operations insights are not enabled. + - Indicates that the operations insights failed to enable. + - Indicates that the operations insights failed to disable. + enum: + - OPERATIONS_INSIGHTS_STATUS_UNSPECIFIED + - ENABLING + - ENABLED + - DISABLING + - NOT_ENABLED + - FAILED_ENABLING + - FAILED_DISABLING + DatabaseProperties: + id: DatabaseProperties + description: The properties of a Database. + type: object + properties: + state: + description: Output only. State of the Database. + readOnly: true + type: string + enumDescriptions: + - Default unspecified value. + - Indicates that the resource is in provisioning state. + - Indicates that the resource is in available state. + - Indicates that the resource is in updating state. + - Indicates that the resource is in backup in progress state. + - Indicates that the resource is in upgrading state. + - Indicates that the resource is in converting state. + - Indicates that the resource is in terminating state. + - Indicates that the resource is in terminated state. + - Indicates that the resource is in restore failed state. + - Indicates that the resource is in failed state. + enum: + - DATABASE_LIFECYCLE_STATE_UNSPECIFIED + - PROVISIONING + - AVAILABLE + - UPDATING + - BACKUP_IN_PROGRESS + - UPGRADING + - CONVERTING + - TERMINATING + - TERMINATED + - RESTORE_FAILED + - FAILED + dbVersion: + description: Required. The Oracle Database version. + type: string + dbBackupConfig: + description: Optional. Backup options for the Database. + $ref: '#/components/schemas/DbBackupConfig' + databaseManagementConfig: + description: Output only. The Database Management config. + readOnly: true + $ref: '#/components/schemas/DatabaseManagementConfig' + DbBackupConfig: + id: DbBackupConfig + description: Backup Options for the Database. + type: object + properties: + autoBackupEnabled: + description: Optional. If set to true, enables automatic backups on the database. + type: boolean + backupDestinationDetails: + description: Optional. Details of the database backup destinations. + type: array + items: + $ref: '#/components/schemas/BackupDestinationDetails' + retentionPeriodDays: + description: >- + Optional. The number of days an automatic backup is retained before + being automatically deleted. This value determines the earliest + point in time to which a database can be restored. Min: 1, Max: 60. + type: integer + format: int32 + backupDeletionPolicy: + description: >- + Optional. This defines when the backups will be deleted after + Database termination. + type: string + enumDescriptions: + - Default unspecified value. + - >- + Keeps the backup for predefined time i.e. 72 hours and then delete + permanently. + - Keeps the backups as per the policy defined for database backups. + enum: + - BACKUP_DELETION_POLICY_UNSPECIFIED + - DELETE_IMMEDIATELY + - DELETE_AFTER_RETENTION_PERIOD + autoFullBackupDay: + description: >- + Optional. The day of the week on which the full backup should be + performed on the database. If no value is provided, it will default + to Sunday. + type: string + enumDescriptions: + - The day of the week is unspecified. + - Monday + - Tuesday + - Wednesday + - Thursday + - Friday + - Saturday + - Sunday + enum: + - DAY_OF_WEEK_UNSPECIFIED + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + - SUNDAY + autoFullBackupWindow: + description: >- + Optional. The window in which the full backup should be performed on + the database. If no value is provided, the default is anytime. + type: string + enumDescriptions: + - Default unspecified value. + - 12:00 AM - 2:00 AM + - 2:00 AM - 4:00 AM + - 4:00 AM - 6:00 AM + - 6:00 AM - 8:00 AM + - 8:00 AM - 10:00 AM + - 10:00 AM - 12:00 PM + - 12:00 PM - 2:00 PM + - 2:00 PM - 4:00 PM + - 4:00 PM - 6:00 PM + - 6:00 PM - 8:00 PM + - 8:00 PM - 10:00 PM + - 10:00 PM - 12:00 AM + enum: + - BACKUP_WINDOW_UNSPECIFIED + - SLOT_ONE + - SLOT_TWO + - SLOT_THREE + - SLOT_FOUR + - SLOT_FIVE + - SLOT_SIX + - SLOT_SEVEN + - SLOT_EIGHT + - SLOT_NINE + - SLOT_TEN + - SLOT_ELEVEN + - SLOT_TWELVE + autoIncrementalBackupWindow: + description: >- + Optional. The window in which the incremental backup should be + performed on the database. If no value is provided, the default is + anytime except the auto full backup day. + type: string + enumDescriptions: + - Default unspecified value. + - 12:00 AM - 2:00 AM + - 2:00 AM - 4:00 AM + - 4:00 AM - 6:00 AM + - 6:00 AM - 8:00 AM + - 8:00 AM - 10:00 AM + - 10:00 AM - 12:00 PM + - 12:00 PM - 2:00 PM + - 2:00 PM - 4:00 PM + - 4:00 PM - 6:00 PM + - 6:00 PM - 8:00 PM + - 8:00 PM - 10:00 PM + - 10:00 PM - 12:00 AM + enum: + - BACKUP_WINDOW_UNSPECIFIED + - SLOT_ONE + - SLOT_TWO + - SLOT_THREE + - SLOT_FOUR + - SLOT_FIVE + - SLOT_SIX + - SLOT_SEVEN + - SLOT_EIGHT + - SLOT_NINE + - SLOT_TEN + - SLOT_ELEVEN + - SLOT_TWELVE + BackupDestinationDetails: + id: BackupDestinationDetails + description: The details of the database backup destination. + type: object + properties: + type: + description: Optional. The type of the database backup destination. + type: string + enumDescriptions: + - Default unspecified value. + - Backup destination type is NFS. + - Backup destination type is Recovery Appliance. + - Backup destination type is Object Store. + - Backup destination type is Local. + - Backup destination type is DBRS. + enum: + - BACKUP_DESTINATION_TYPE_UNSPECIFIED + - NFS + - RECOVERY_APPLIANCE + - OBJECT_STORE + - LOCAL + - DBRS + DatabaseManagementConfig: + id: DatabaseManagementConfig + description: The configuration of the Database Management service. + type: object + properties: + managementState: + description: Output only. The status of the Database Management service. + readOnly: true + type: string + enumDescriptions: + - The status is not specified. + - The Database Management service is enabling. + - The Database Management service is enabled. + - The Database Management service is disabling. + - The Database Management service is disabled. + - The Database Management service is updating. + - The Database Management service failed to enable. + - The Database Management service failed to disable. + - The Database Management service failed to update. + enum: + - MANAGEMENT_STATE_UNSPECIFIED + - ENABLING + - ENABLED + - DISABLING + - DISABLED + - UPDATING + - FAILED_ENABLING + - FAILED_DISABLING + - FAILED_UPDATING + managementType: + description: Output only. The Database Management type. + readOnly: true + type: string + enumDescriptions: + - The type is not specified. + - Basic Database Management. + - Advanced Database Management. + enum: + - MANAGEMENT_TYPE_UNSPECIFIED + - BASIC + - ADVANCED + ListPluggableDatabasesResponse: + id: ListPluggableDatabasesResponse + description: The response for `PluggableDatabase.List`. + type: object + properties: + pluggableDatabases: + description: The list of PluggableDatabases. + type: array + items: + $ref: '#/components/schemas/PluggableDatabase' + nextPageToken: + description: A token identifying a page of results the server should return. + type: string + PluggableDatabase: + id: PluggableDatabase + description: >- + The PluggableDatabase resource. + https://docs.oracle.com/en-us/iaas/api/#/en/database/20160918/PluggableDatabase/ + type: object + properties: + name: + description: >- + Identifier. The name of the PluggableDatabase resource in the + following format: + projects/{project}/locations/{region}/pluggableDatabases/{pluggable_database} + type: string + properties: + description: Optional. The properties of the PluggableDatabase. + $ref: '#/components/schemas/PluggableDatabaseProperties' + ociUrl: + description: >- + Output only. HTTPS link to OCI resources exposed to Customer via UI + Interface. + readOnly: true + type: string + createTime: + description: >- + Output only. The date and time that the PluggableDatabase was + created. + readOnly: true + type: string + format: google-datetime + PluggableDatabaseProperties: + id: PluggableDatabaseProperties + description: The properties of a PluggableDatabase. + type: object + properties: + compartmentId: + description: Required. The OCID of the compartment. + type: string + connectionStrings: + description: >- + Optional. The Connection strings used to connect to the Oracle + Database. + $ref: '#/components/schemas/PluggableDatabaseConnectionStrings' + containerDatabaseOcid: + description: Required. The OCID of the CDB. + type: string + definedTags: + description: >- + Optional. Defined tags for this resource. Each key is predefined and + scoped to a namespace. + type: object + additionalProperties: + $ref: '#/components/schemas/DefinedTagValue' + freeformTags: + description: >- + Optional. Free-form tags for this resource. Each tag is a simple + key-value pair with no predefined name, type, or namespace. + type: object + additionalProperties: + type: string + ocid: + description: Output only. The OCID of the pluggable database. + readOnly: true + type: string + isRestricted: + description: >- + Optional. The restricted mode of the pluggable database. If a + pluggable database is opened in restricted mode, the user needs both + create a session and have restricted session privileges to connect + to it. + type: boolean + lifecycleDetails: + description: >- + Output only. Additional information about the current lifecycle + state. + readOnly: true + type: string + lifecycleState: + description: Output only. The current state of the pluggable database. + readOnly: true + type: string + enumDescriptions: + - The lifecycle state is unspecified. + - The pluggable database is provisioning. + - The pluggable database is available. + - The pluggable database is terminating. + - The pluggable database is terminated. + - The pluggable database is updating. + - The pluggable database is in a failed state. + - The pluggable database is relocating. + - The pluggable database is relocated. + - The pluggable database is refreshing. + - The pluggable database is restoring. + - The pluggable database restore failed. + - The pluggable database is backing up. + - The pluggable database is disabled. + enum: + - PLUGGABLE_DATABASE_LIFECYCLE_STATE_UNSPECIFIED + - PROVISIONING + - AVAILABLE + - TERMINATING + - TERMINATED + - UPDATING + - FAILED + - RELOCATING + - RELOCATED + - REFRESHING + - RESTORE_IN_PROGRESS + - RESTORE_FAILED + - BACKUP_IN_PROGRESS + - DISABLED + pdbName: + description: Required. The database name. + type: string + pdbNodeLevelDetails: + description: Optional. Pluggable Database Node Level Details + type: array + items: + $ref: '#/components/schemas/PluggableDatabaseNodeLevelDetails' + databaseManagementConfig: + description: Output only. The configuration of the Database Management service. + readOnly: true + $ref: '#/components/schemas/DatabaseManagementConfig' + operationsInsightsState: + description: Output only. The status of Operations Insights for this Database. + readOnly: true + type: string + enumDescriptions: + - The status is not specified. + - Operations Insights is enabling. + - Operations Insights is enabled. + - Operations Insights is disabling. + - Operations Insights is not enabled. + - Operations Insights failed to enable. + - Operations Insights failed to disable. + enum: + - OPERATIONS_INSIGHTS_STATE_UNSPECIFIED + - ENABLING + - ENABLED + - DISABLING + - NOT_ENABLED + - FAILED_ENABLING + - FAILED_DISABLING + PluggableDatabaseConnectionStrings: + id: PluggableDatabaseConnectionStrings + description: The connection strings used to connect to the Oracle Database. + type: object + properties: + allConnectionStrings: + description: >- + Optional. All connection strings to use to connect to the pluggable + database. + type: object + additionalProperties: + type: string + pdbDefault: + description: >- + Optional. The default connection string to use to connect to the + pluggable database. + type: string + pdbIpDefault: + description: >- + Optional. The default connection string to use to connect to the + pluggable database using IP. + type: string + DefinedTagValue: + id: DefinedTagValue + description: Wrapper message for the value of a defined tag. + type: object + properties: + tags: + description: The tags within the namespace. + type: object + additionalProperties: + type: string + PluggableDatabaseNodeLevelDetails: + id: PluggableDatabaseNodeLevelDetails + description: The Pluggable Database Node Level Details. + type: object + properties: + nodeName: + description: Required. The Node name of the Database home. + type: string + openMode: + description: Required. The mode that the pluggable database is in to open it. + type: string + enumDescriptions: + - The open mode is unspecified. + - The pluggable database is opened in read-only mode. + - The pluggable database is opened in read-write mode. + - The pluggable database is mounted. + - The pluggable database is migrated. + enum: + - PLUGGABLE_DATABASE_OPEN_MODE_UNSPECIFIED + - READ_ONLY + - READ_WRITE + - MOUNTED + - MIGRATE + pluggableDatabaseId: + description: Required. The OCID of the Pluggable Database. + type: string + ListDbSystemsResponse: + id: ListDbSystemsResponse + description: The response for `DbSystem.List`. + type: object + properties: + dbSystems: + description: The list of DbSystems. + type: array + items: + $ref: '#/components/schemas/DbSystem' + nextPageToken: + description: A token identifying a page of results the server should return. + type: string + DbSystem: + id: DbSystem + description: >- + Details of the DbSystem (BaseDB) resource. + https://docs.oracle.com/en-us/iaas/api/#/en/database/20160918/DbSystem/ + type: object + properties: + name: + description: >- + Identifier. The name of the DbSystem resource in the following + format: projects/{project}/locations/{region}/dbSystems/{db_system} + type: string + properties: + description: Optional. The properties of the DbSystem. + $ref: '#/components/schemas/DbSystemProperties' + gcpOracleZone: + description: >- + Optional. The GCP Oracle zone where Oracle DbSystem is hosted. + Example: us-east4-b-r2. If not specified, the system will pick a + zone based on availability. + type: string + labels: + description: Optional. The labels or tags associated with the DbSystem. + type: object + additionalProperties: + type: string + odbNetwork: + description: >- + Optional. The name of the OdbNetwork associated with the DbSystem. + Format: + projects/{project}/locations/{location}/odbNetworks/{odb_network} It + is optional but if specified, this should match the parent + ODBNetwork of the OdbSubnet. + type: string + odbSubnet: + description: >- + Required. The name of the OdbSubnet associated with the DbSystem for + IP allocation. Format: + projects/{project}/locations/{location}/odbNetworks/{odb_network}/odbSubnets/{odb_subnet} + type: string + entitlementId: + description: >- + Output only. The ID of the subscription entitlement associated with + the DbSystem + readOnly: true + type: string + displayName: + description: >- + Required. The display name for the System db. The name does not have + to be unique within your project. + type: string + createTime: + description: Output only. The date and time that the DbSystem was created. + readOnly: true + type: string + format: google-datetime + ociUrl: + description: >- + Output only. HTTPS link to OCI resources exposed to Customer via UI + Interface. + readOnly: true + type: string + DbSystemProperties: + id: DbSystemProperties + description: The properties of a DbSystem. + type: object + properties: + shape: + description: Required. Shape of DB System. + type: string + computeCount: + description: Required. The number of CPU cores to enable for the DbSystem. + type: integer + format: int32 + initialDataStorageSizeGb: + description: Required. The initial data storage size in GB. + type: integer + format: int32 + databaseEdition: + description: Required. The database edition of the DbSystem. + type: string + enumDescriptions: + - The database edition is unspecified. + - The database edition is Standard. + - The database edition is Enterprise. + - The database edition is Enterprise Edition. + enum: + - DB_SYSTEM_DATABASE_EDITION_UNSPECIFIED + - STANDARD_EDITION + - ENTERPRISE_EDITION + - ENTERPRISE_EDITION_HIGH_PERFORMANCE + licenseModel: + description: Required. The license model of the DbSystem. + type: string + enumDescriptions: + - The license model is unspecified. + - The license model is included. + - The license model is bring your own license. + enum: + - LICENSE_MODEL_UNSPECIFIED + - LICENSE_INCLUDED + - BRING_YOUR_OWN_LICENSE + sshPublicKeys: + description: Required. SSH public keys to be stored with the DbSystem. + type: array + items: + type: string + hostnamePrefix: + description: Optional. Prefix for DB System host names. + type: string + hostname: + description: Output only. The hostname of the DbSystem. + readOnly: true + type: string + privateIp: + description: Optional. The private IP address of the DbSystem. + type: string + dataCollectionOptions: + description: Optional. Data collection options for diagnostics. + $ref: '#/components/schemas/DataCollectionOptionsDbSystem' + timeZone: + description: Optional. Time zone of the DbSystem. + $ref: '#/components/schemas/TimeZone' + lifecycleState: + description: Output only. State of the DbSystem. + readOnly: true + type: string + enumDescriptions: + - Default unspecified value. + - Indicates that the resource is in provisioning state. + - Indicates that the resource is in available state. + - Indicates that the resource is in updating state. + - Indicates that the resource is in terminating state. + - Indicates that the resource is in terminated state. + - Indicates that the resource is in failed state. + - Indicates that the resource has been migrated. + - Indicates that the resource is in maintenance in progress state. + - Indicates that the resource needs attention. + - Indicates that the resource is upgrading. + enum: + - DB_SYSTEM_LIFECYCLE_STATE_UNSPECIFIED + - PROVISIONING + - AVAILABLE + - UPDATING + - TERMINATING + - TERMINATED + - FAILED + - MIGRATED + - MAINTENANCE_IN_PROGRESS + - NEEDS_ATTENTION + - UPGRADING + dbHome: + description: Optional. Details for creating a Database Home. + $ref: '#/components/schemas/DbHome' + ocid: + description: Output only. OCID of the DbSystem. + readOnly: true + type: string + memorySizeGb: + description: Optional. The memory size in GB. + type: integer + format: int32 + computeModel: + description: Optional. The compute model of the DbSystem. + type: string + enumDescriptions: + - The compute model is unspecified. + - The compute model is virtual. + - The compute model is physical. + enum: + - COMPUTE_MODEL_UNSPECIFIED + - ECPU + - OCPU + dataStorageSizeGb: + description: >- + Optional. The data storage size in GB that is currently available to + DbSystems. + type: integer + format: int32 + recoStorageSizeGb: + description: Optional. The reco/redo storage size in GB. + type: integer + format: int32 + domain: + description: Optional. The host domain name of the DbSystem. + type: string + nodeCount: + description: Optional. The number of nodes in the DbSystem. + type: integer + format: int32 + dbSystemOptions: + description: Optional. The options for the DbSystem. + $ref: '#/components/schemas/DbSystemOptions' + DataCollectionOptionsDbSystem: + id: DataCollectionOptionsDbSystem + description: Data collection options for DbSystem. + type: object + properties: + isDiagnosticsEventsEnabled: + description: >- + Optional. Indicates whether to enable data collection for + diagnostics. + type: boolean + isIncidentLogsEnabled: + description: >- + Optional. Indicates whether to enable incident logs and trace + collection. + type: boolean + DbHome: + id: DbHome + description: Details of the Database Home resource. + type: object + properties: + displayName: + description: >- + Optional. The display name for the Database Home. The name does not + have to be unique within your project. + type: string + dbVersion: + description: >- + Required. A valid Oracle Database version. For a list of supported + versions, use the ListDbVersions operation. + type: string + database: + description: Required. The Database resource. + $ref: '#/components/schemas/Database' + isUnifiedAuditingEnabled: + description: Optional. Whether unified auditing is enabled for the Database Home. + type: boolean + DbSystemOptions: + id: DbSystemOptions + description: Details of the DbSystem Options. + type: object + properties: + storageManagement: + description: Optional. The storage option used in DB system. + type: string + enumDescriptions: + - The storage management is unspecified. + - Automatic storage management. + - Logical Volume management. + enum: + - STORAGE_MANAGEMENT_UNSPECIFIED + - ASM + - LVM + ListDbVersionsResponse: + id: ListDbVersionsResponse + description: The response for `DbVersions.List`. + type: object + properties: + dbVersions: + description: The list of DbVersions. + type: array + items: + $ref: '#/components/schemas/DbVersion' + nextPageToken: + description: A token identifying a page of results the server should return. + type: string + DbVersion: + id: DbVersion + description: A valid Oracle Database version. + type: object + properties: + name: + description: >- + Output only. The name of the DbVersion resource in the following + format: + projects/{project}/locations/{region}/dbVersions/{db_version} + readOnly: true + type: string + properties: + description: Output only. The properties of the DbVersion. + readOnly: true + $ref: '#/components/schemas/DbVersionProperties' + DbVersionProperties: + id: DbVersionProperties + description: The properties of a DbVersion. + type: object + properties: + version: + description: Output only. A valid Oracle Database version. + readOnly: true + type: string + isLatestForMajorVersion: + description: >- + Output only. True if this version of the Oracle Database software is + the latest version for a release. + readOnly: true + type: boolean + supportsPdb: + description: >- + Output only. True if this version of the Oracle Database software + supports pluggable databases. + readOnly: true + type: boolean + isPreviewDbVersion: + description: >- + Output only. True if this version of the Oracle Database software is + the preview version. + readOnly: true + type: boolean + isUpgradeSupported: + description: >- + Output only. True if this version of the Oracle Database software is + supported for Upgrade. + readOnly: true + type: boolean + ListDatabaseCharacterSetsResponse: + id: ListDatabaseCharacterSetsResponse + description: The response for `DatabaseCharacterSet.List`. + type: object + properties: + databaseCharacterSets: + description: The list of DatabaseCharacterSets. + type: array + items: + $ref: '#/components/schemas/DatabaseCharacterSet' + nextPageToken: + description: A token identifying a page of results the server should return. + type: string + DatabaseCharacterSet: + id: DatabaseCharacterSet + description: Details of the Database character set resource. + type: object + properties: + name: + description: >- + Identifier. The name of the Database Character Set resource in the + following format: + projects/{project}/locations/{region}/databaseCharacterSets/{database_character_set} + type: string + characterSetType: + description: Output only. The character set type for the Database. + readOnly: true + type: string + enumDescriptions: + - Character set type is not specified. + - Character set type is set to database. + - Character set type is set to national. + enum: + - CHARACTER_SET_TYPE_UNSPECIFIED + - DATABASE + - NATIONAL + characterSet: + description: >- + Output only. The character set name for the Database which is the ID + in the resource name. + readOnly: true + type: string + ListLocationsResponse: + id: ListLocationsResponse + description: The response message for Locations.ListLocations. + type: object + properties: + locations: + description: >- + A list of locations that matches the specified filter in the + request. + type: array + items: + $ref: '#/components/schemas/Location' + nextPageToken: + description: The standard List next-page token. + type: string + Location: + id: Location + description: A resource that represents a Google Cloud location. + type: object + properties: + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + type: string + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + labels: + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + type: object + additionalProperties: + type: string + metadata: + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + OperationMetadata: + id: OperationMetadata + description: Represents the metadata of the long-running operation. + type: object + properties: + createTime: + description: Output only. The time the operation was created. + readOnly: true + type: string + format: google-datetime + endTime: + description: Output only. The time the operation finished running. + readOnly: true + type: string + format: google-datetime + target: + description: >- + Output only. Server-defined resource path for the target of the + operation. + readOnly: true + type: string + verb: + description: Output only. Name of the verb executed by the operation. + readOnly: true + type: string + statusMessage: + description: Output only. The status of the operation. + readOnly: true + type: string + requestedCancellation: + description: >- + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have been cancelled successfully + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. + readOnly: true + type: boolean + apiVersion: + description: Output only. API version used to start the operation. + readOnly: true + type: string + percentComplete: + description: >- + Output only. An estimated percentage of the operation that has been + completed at a given moment of time, between 0 and 100. + readOnly: true + type: number + format: double + LocationMetadata: + id: LocationMetadata + description: Metadata for a given Location. + type: object + properties: + gcpOracleZones: + description: Output only. Google Cloud Platform Oracle zones in a location. + readOnly: true + type: array + items: + type: string + parameters: + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string + alt: + description: Data format for response. + in: query + name: alt + schema: + type: string + enum: + - json + - media + - proto + callback: + description: JSONP + in: query + name: callback + schema: + type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' + x-stackQL-resources: + locations: + id: google.oracledatabase.locations + name: locations + title: Locations + methods: + list: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.locations + get: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + operations: + id: google.oracledatabase.operations + name: operations + title: Operations + methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.operations + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' + insert: [] update: [] replace: [] delete: @@ -3034,421 +4627,739 @@ components: create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudExadataInfrastructures/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudExadataInfrastructures/post + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudExadataInfrastructures~1{cloudExadataInfrastructuresId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudExadataInfrastructures~1{cloudExadataInfrastructuresId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/cloud_exadata_infrastructures/methods/get + - $ref: >- + #/components/x-stackQL-resources/cloud_exadata_infrastructures/methods/list + insert: + - $ref: >- + #/components/x-stackQL-resources/cloud_exadata_infrastructures/methods/create + update: [] + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/cloud_exadata_infrastructures/methods/delete + db_servers: + id: google.oracledatabase.db_servers + name: db_servers + title: Db_servers + methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudExadataInfrastructures~1{cloudExadataInfrastructuresId}~1dbServers/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.dbServers + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/db_servers/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + cloud_vm_clusters: + id: google.oracledatabase.cloud_vm_clusters + name: cloud_vm_clusters + title: Cloud_vm_clusters + methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudVmClusters/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.cloudVmClusters + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudVmClusters/post + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudVmClusters~1{cloudVmClustersId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudVmClusters~1{cloudVmClustersId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/cloud_vm_clusters/methods/get' + - $ref: '#/components/x-stackQL-resources/cloud_vm_clusters/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/cloud_vm_clusters/methods/create' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/cloud_vm_clusters/methods/delete' + db_nodes: + id: google.oracledatabase.db_nodes + name: db_nodes + title: Db_nodes + methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1exadbVmClusters~1{exadbVmClustersId}~1dbNodes/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.dbNodes + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/db_nodes/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + entitlements: + id: google.oracledatabase.entitlements + name: entitlements + title: Entitlements + methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1entitlements/get response: mediaType: application/json openAPIDocKey: '200' - get: + objectKey: $.entitlements + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/entitlements/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + gi_versions: + id: google.oracledatabase.gi_versions + name: gi_versions + title: Gi_versions + methods: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudExadataInfrastructures~1{cloudExadataInfrastructuresId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1giVersions/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.giVersions + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/gi_versions/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + minor_versions: + id: google.oracledatabase.minor_versions + name: minor_versions + title: Minor_versions + methods: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudExadataInfrastructures~1{cloudExadataInfrastructuresId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1giVersions~1{giVersionsId}~1minorVersions/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.minorVersions sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/cloud_exadata_infrastructures/methods/get - - $ref: >- - #/components/x-stackQL-resources/cloud_exadata_infrastructures/methods/list - insert: - - $ref: >- - #/components/x-stackQL-resources/cloud_exadata_infrastructures/methods/create + - $ref: '#/components/x-stackQL-resources/minor_versions/methods/list' + insert: [] update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/cloud_exadata_infrastructures/methods/delete - db_servers: - id: google.oracledatabase.db_servers - name: db_servers - title: Db_servers + delete: [] + db_system_shapes: + id: google.oracledatabase.db_system_shapes + name: db_system_shapes + title: Db_system_shapes methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudExadataInfrastructures~1{cloudExadataInfrastructuresId}~1dbServers/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dbSystemShapes/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.dbServers + objectKey: $.dbSystemShapes sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/db_servers/methods/list' + - $ref: '#/components/x-stackQL-resources/db_system_shapes/methods/list' insert: [] update: [] replace: [] delete: [] - cloud_vm_clusters: - id: google.oracledatabase.cloud_vm_clusters - name: cloud_vm_clusters - title: Cloud_vm_clusters + autonomous_databases: + id: google.oracledatabase.autonomous_databases + name: autonomous_databases + title: Autonomous_databases methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudVmClusters/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.cloudVmClusters + objectKey: $.autonomousDatabases create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudVmClusters/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases/post response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudVmClusters~1{cloudVmClustersId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}/patch response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudVmClusters~1{cloudVmClustersId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + restore: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}:restore/post + response: + mediaType: application/json + openAPIDocKey: '200' + generate_wallet: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}:generateWallet/post + response: + mediaType: application/json + openAPIDocKey: '200' + stop: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}:stop/post + response: + mediaType: application/json + openAPIDocKey: '200' + start: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}:start/post + response: + mediaType: application/json + openAPIDocKey: '200' + restart: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}:restart/post + response: + mediaType: application/json + openAPIDocKey: '200' + switchover: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}:switchover/post + response: + mediaType: application/json + openAPIDocKey: '200' + failover: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}:failover/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/cloud_vm_clusters/methods/get' - - $ref: '#/components/x-stackQL-resources/cloud_vm_clusters/methods/list' + - $ref: '#/components/x-stackQL-resources/autonomous_databases/methods/get' + - $ref: '#/components/x-stackQL-resources/autonomous_databases/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/cloud_vm_clusters/methods/create' - update: [] + - $ref: >- + #/components/x-stackQL-resources/autonomous_databases/methods/create + update: + - $ref: >- + #/components/x-stackQL-resources/autonomous_databases/methods/patch replace: [] delete: - - $ref: '#/components/x-stackQL-resources/cloud_vm_clusters/methods/delete' - db_nodes: - id: google.oracledatabase.db_nodes - name: db_nodes - title: Db_nodes + - $ref: >- + #/components/x-stackQL-resources/autonomous_databases/methods/delete + autonomous_db_versions: + id: google.oracledatabase.autonomous_db_versions + name: autonomous_db_versions + title: Autonomous_db_versions methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1cloudVmClusters~1{cloudVmClustersId}~1dbNodes/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDbVersions/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.dbNodes + objectKey: $.autonomousDbVersions sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/db_nodes/methods/list' + - $ref: >- + #/components/x-stackQL-resources/autonomous_db_versions/methods/list insert: [] update: [] replace: [] delete: [] - entitlements: - id: google.oracledatabase.entitlements - name: entitlements - title: Entitlements + autonomous_database_character_sets: + id: google.oracledatabase.autonomous_database_character_sets + name: autonomous_database_character_sets + title: Autonomous_database_character_sets methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1entitlements/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabaseCharacterSets/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.entitlements + objectKey: $.autonomousDatabaseCharacterSets sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/entitlements/methods/list' + - $ref: >- + #/components/x-stackQL-resources/autonomous_database_character_sets/methods/list insert: [] update: [] replace: [] delete: [] - gi_versions: - id: google.oracledatabase.gi_versions - name: gi_versions - title: Gi_versions + autonomous_database_backups: + id: google.oracledatabase.autonomous_database_backups + name: autonomous_database_backups + title: Autonomous_database_backups + methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabaseBackups/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.autonomousDatabaseBackups + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/autonomous_database_backups/methods/list + insert: [] + update: [] + replace: [] + delete: [] + odb_networks: + id: google.oracledatabase.odb_networks + name: odb_networks + title: Odb_networks + methods: + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1odbNetworks/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.odbNetworks + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1odbNetworks/post + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1odbNetworks~1{odbNetworksId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1odbNetworks~1{odbNetworksId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/odb_networks/methods/get' + - $ref: '#/components/x-stackQL-resources/odb_networks/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/odb_networks/methods/create' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/odb_networks/methods/delete' + odb_subnets: + id: google.oracledatabase.odb_subnets + name: odb_subnets + title: Odb_subnets methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1giVersions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1odbNetworks~1{odbNetworksId}~1odbSubnets/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.odbSubnets + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1odbNetworks~1{odbNetworksId}~1odbSubnets/post + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1odbNetworks~1{odbNetworksId}~1odbSubnets~1{odbSubnetsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.giVersions - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/gi_versions/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - db_system_shapes: - id: google.oracledatabase.db_system_shapes - name: db_system_shapes - title: Db_system_shapes - methods: - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dbSystemShapes/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1odbNetworks~1{odbNetworksId}~1odbSubnets~1{odbSubnetsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.dbSystemShapes sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/db_system_shapes/methods/list' - insert: [] + - $ref: '#/components/x-stackQL-resources/odb_subnets/methods/get' + - $ref: '#/components/x-stackQL-resources/odb_subnets/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/odb_subnets/methods/create' update: [] replace: [] - delete: [] - autonomous_databases: - id: google.oracledatabase.autonomous_databases - name: autonomous_databases - title: Autonomous_databases + delete: + - $ref: '#/components/x-stackQL-resources/odb_subnets/methods/delete' + exadb_vm_clusters: + id: google.oracledatabase.exadb_vm_clusters + name: exadb_vm_clusters + title: Exadb_vm_clusters methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1exadbVmClusters/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.autonomousDatabases + objectKey: $.exadbVmClusters create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1exadbVmClusters/post response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1exadbVmClusters~1{exadbVmClustersId}/get response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1exadbVmClusters~1{exadbVmClustersId}/delete response: mediaType: application/json openAPIDocKey: '200' - restore: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}:restore/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1exadbVmClusters~1{exadbVmClustersId}/patch response: mediaType: application/json openAPIDocKey: '200' - generate_wallet: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/exadb_vm_clusters/methods/get' + - $ref: '#/components/x-stackQL-resources/exadb_vm_clusters/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/exadb_vm_clusters/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/exadb_vm_clusters/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/exadb_vm_clusters/methods/delete' + exadb_vm_clusters_virtual_machine: + id: google.oracledatabase.exadb_vm_clusters_virtual_machine + name: exadb_vm_clusters_virtual_machine + title: Exadb_vm_clusters_virtual_machine + methods: + remove_virtual_machine: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}:generateWallet/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1exadbVmClusters~1{exadbVmClustersId}:removeVirtualMachine/post response: mediaType: application/json openAPIDocKey: '200' - stop: + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/exadb_vm_clusters_virtual_machine/methods/remove_virtual_machine + exascale_db_storage_vaults: + id: google.oracledatabase.exascale_db_storage_vaults + name: exascale_db_storage_vaults + title: Exascale_db_storage_vaults + methods: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}:stop/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1exascaleDbStorageVaults/get response: mediaType: application/json openAPIDocKey: '200' - start: + objectKey: $.exascaleDbStorageVaults + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}:start/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1exascaleDbStorageVaults/post response: mediaType: application/json openAPIDocKey: '200' - restart: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}:restart/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1exascaleDbStorageVaults~1{exascaleDbStorageVaultsId}/get response: mediaType: application/json openAPIDocKey: '200' - switchover: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabases~1{autonomousDatabasesId}:switchover/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1exascaleDbStorageVaults~1{exascaleDbStorageVaultsId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/autonomous_databases/methods/get' - - $ref: '#/components/x-stackQL-resources/autonomous_databases/methods/list' + - $ref: >- + #/components/x-stackQL-resources/exascale_db_storage_vaults/methods/get + - $ref: >- + #/components/x-stackQL-resources/exascale_db_storage_vaults/methods/list insert: - $ref: >- - #/components/x-stackQL-resources/autonomous_databases/methods/create + #/components/x-stackQL-resources/exascale_db_storage_vaults/methods/create update: [] replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/autonomous_databases/methods/delete - autonomous_db_versions: - id: google.oracledatabase.autonomous_db_versions - name: autonomous_db_versions - title: Autonomous_db_versions + #/components/x-stackQL-resources/exascale_db_storage_vaults/methods/delete + db_system_initial_storage_sizes: + id: google.oracledatabase.db_system_initial_storage_sizes + name: db_system_initial_storage_sizes + title: Db_system_initial_storage_sizes methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDbVersions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dbSystemInitialStorageSizes/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.autonomousDbVersions + objectKey: $.dbSystemInitialStorageSizes sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/autonomous_db_versions/methods/list + #/components/x-stackQL-resources/db_system_initial_storage_sizes/methods/list insert: [] update: [] replace: [] delete: [] - autonomous_database_character_sets: - id: google.oracledatabase.autonomous_database_character_sets - name: autonomous_database_character_sets - title: Autonomous_database_character_sets + databases: + id: google.oracledatabase.databases + name: databases + title: Databases methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabaseCharacterSets/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1databases/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.databases + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1databases~1{databasesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.autonomousDatabaseCharacterSets sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/autonomous_database_character_sets/methods/list + - $ref: '#/components/x-stackQL-resources/databases/methods/get' + - $ref: '#/components/x-stackQL-resources/databases/methods/list' insert: [] update: [] replace: [] delete: [] - autonomous_database_backups: - id: google.oracledatabase.autonomous_database_backups - name: autonomous_database_backups - title: Autonomous_database_backups + pluggable_databases: + id: google.oracledatabase.pluggable_databases + name: pluggable_databases + title: Pluggable_databases methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1autonomousDatabaseBackups/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1pluggableDatabases/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.pluggableDatabases + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1pluggableDatabases~1{pluggableDatabasesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.autonomousDatabaseBackups sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/autonomous_database_backups/methods/list + - $ref: '#/components/x-stackQL-resources/pluggable_databases/methods/get' + - $ref: '#/components/x-stackQL-resources/pluggable_databases/methods/list' insert: [] update: [] replace: [] delete: [] - odb_networks: - id: google.oracledatabase.odb_networks - name: odb_networks - title: Odb_networks + db_systems: + id: google.oracledatabase.db_systems + name: db_systems + title: Db_systems methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1odbNetworks/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dbSystems/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.odbNetworks + objectKey: $.dbSystems create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1odbNetworks/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dbSystems/post response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1odbNetworks~1{odbNetworksId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dbSystems~1{dbSystemsId}/get response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1odbNetworks~1{odbNetworksId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dbSystems~1{dbSystemsId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/odb_networks/methods/get' - - $ref: '#/components/x-stackQL-resources/odb_networks/methods/list' + - $ref: '#/components/x-stackQL-resources/db_systems/methods/get' + - $ref: '#/components/x-stackQL-resources/db_systems/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/odb_networks/methods/create' + - $ref: '#/components/x-stackQL-resources/db_systems/methods/create' update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/odb_networks/methods/delete' - odb_subnets: - id: google.oracledatabase.odb_subnets - name: odb_subnets - title: Odb_subnets + - $ref: '#/components/x-stackQL-resources/db_systems/methods/delete' + db_versions: + id: google.oracledatabase.db_versions + name: db_versions + title: Db_versions methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1odbNetworks~1{odbNetworksId}~1odbSubnets/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.odbSubnets - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1odbNetworks~1{odbNetworksId}~1odbSubnets/post - response: - mediaType: application/json - openAPIDocKey: '200' - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1odbNetworks~1{odbNetworksId}~1odbSubnets~1{odbSubnetsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dbVersions/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.dbVersions + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/db_versions/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + database_character_sets: + id: google.oracledatabase.database_character_sets + name: database_character_sets + title: Database_character_sets + methods: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1odbNetworks~1{odbNetworksId}~1odbSubnets~1{odbSubnetsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1databaseCharacterSets/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.databaseCharacterSets sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/odb_subnets/methods/get' - - $ref: '#/components/x-stackQL-resources/odb_subnets/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/odb_subnets/methods/create' + - $ref: >- + #/components/x-stackQL-resources/database_character_sets/methods/list + insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/odb_subnets/methods/delete' + delete: [] paths: /v1/projects/{projectsId}/locations: parameters: &ref_1 @@ -3464,8 +5375,887 @@ paths: - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' get: - description: Lists information about the supported locations for this service. - operationId: oracledatabase.projects.locations.list + description: Lists information about the supported locations for this service. + operationId: oracledatabase.projects.locations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListLocationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: extraLocationTypes + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}: + parameters: *ref_1 + get: + description: Gets information about a location. + operationId: oracledatabase.projects.locations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Location' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: oracledatabase.projects.locations.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListOperationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: oracledatabase.projects.locations.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: oracledatabase.projects.locations.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: oracledatabase.projects.locations.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/cloudExadataInfrastructures: + parameters: *ref_1 + get: + description: Lists Exadata Infrastructures in a given project and location. + operationId: oracledatabase.projects.locations.cloudExadataInfrastructures.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListCloudExadataInfrastructuresResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + post: + description: Creates a new Exadata Infrastructure in a given project and location. + operationId: oracledatabase.projects.locations.cloudExadataInfrastructures.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CloudExadataInfrastructure' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: cloudExadataInfrastructureId + schema: + type: string + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/cloudExadataInfrastructures/{cloudExadataInfrastructuresId}: + parameters: *ref_1 + get: + description: Gets details of a single Exadata Infrastructure. + operationId: oracledatabase.projects.locations.cloudExadataInfrastructures.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/CloudExadataInfrastructure' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: cloudExadataInfrastructuresId + required: true + schema: + type: string + delete: + description: Deletes a single Exadata Infrastructure. + operationId: oracledatabase.projects.locations.cloudExadataInfrastructures.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: cloudExadataInfrastructuresId + required: true + schema: + type: string + - in: query + name: requestId + schema: + type: string + - in: query + name: force + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/cloudExadataInfrastructures/{cloudExadataInfrastructuresId}/dbServers: + parameters: *ref_1 + get: + description: Lists the database servers of an Exadata Infrastructure instance. + operationId: >- + oracledatabase.projects.locations.cloudExadataInfrastructures.dbServers.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListDbServersResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: cloudExadataInfrastructuresId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/cloudVmClusters: + parameters: *ref_1 + get: + description: Lists the VM Clusters in a given project and location. + operationId: oracledatabase.projects.locations.cloudVmClusters.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListCloudVmClustersResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + post: + description: Creates a new VM Cluster in a given project and location. + operationId: oracledatabase.projects.locations.cloudVmClusters.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CloudVmCluster' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: cloudVmClusterId + schema: + type: string + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/cloudVmClusters/{cloudVmClustersId}: + parameters: *ref_1 + get: + description: Gets details of a single VM Cluster. + operationId: oracledatabase.projects.locations.cloudVmClusters.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/CloudVmCluster' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: cloudVmClustersId + required: true + schema: + type: string + delete: + description: Deletes a single VM Cluster. + operationId: oracledatabase.projects.locations.cloudVmClusters.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: cloudVmClustersId + required: true + schema: + type: string + - in: query + name: requestId + schema: + type: string + - in: query + name: force + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/cloudVmClusters/{cloudVmClustersId}/dbNodes: + parameters: *ref_1 + get: + description: Lists the database nodes of a VM Cluster. + operationId: oracledatabase.projects.locations.cloudVmClusters.dbNodes.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListDbNodesResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: cloudVmClustersId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/entitlements: + parameters: *ref_1 + get: + description: Lists the entitlements in a given project. + operationId: oracledatabase.projects.locations.entitlements.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListEntitlementsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/giVersions: + parameters: *ref_1 + get: + description: >- + Lists all the valid Oracle Grid Infrastructure (GI) versions for the + given project and location. + operationId: oracledatabase.projects.locations.giVersions.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListGiVersionsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/giVersions/{giVersionsId}/minorVersions: + parameters: *ref_1 + get: + description: >- + Lists all the valid minor versions for the given project, location, gi + version and shape family. + operationId: oracledatabase.projects.locations.giVersions.minorVersions.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListMinorVersionsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: giVersionsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/dbSystemShapes: + parameters: *ref_1 + get: + description: Lists the database system shapes available for the project and location. + operationId: oracledatabase.projects.locations.dbSystemShapes.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListDbSystemShapesResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabases: + parameters: *ref_1 + get: + description: Lists the Autonomous Databases in a given project and location. + operationId: oracledatabase.projects.locations.autonomousDatabases.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListAutonomousDatabasesResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + post: + description: Creates a new Autonomous Database in a given project and location. + operationId: oracledatabase.projects.locations.autonomousDatabases.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AutonomousDatabase' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: autonomousDatabaseId + schema: + type: string + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabases/{autonomousDatabasesId}: + parameters: *ref_1 + get: + description: Gets the details of a single Autonomous Database. + operationId: oracledatabase.projects.locations.autonomousDatabases.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3477,35 +6267,71 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/AutonomousDatabase' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: pageSize + - in: path + name: autonomousDatabasesId + required: true schema: - type: integer - format: int32 + type: string + patch: + description: Updates the parameters of a single Autonomous Database. + operationId: oracledatabase.projects.locations.autonomousDatabases.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AutonomousDatabase' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: autonomousDatabasesId + required: true + schema: + type: string - in: query - name: pageToken + name: updateMask schema: type: string + format: google-fieldmask - in: query - name: extraLocationTypes + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 - get: - description: Gets information about a location. - operationId: oracledatabase.projects.locations.get + delete: + description: Deletes a single Autonomous Database. + operationId: oracledatabase.projects.locations.autonomousDatabases.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3517,7 +6343,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3529,13 +6355,25 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + - in: path + name: autonomousDatabasesId + required: true + schema: + type: string + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabases/{autonomousDatabasesId}:restore: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: oracledatabase.projects.locations.operations.list + post: + description: Restores a single Autonomous Database. + operationId: oracledatabase.projects.locations.autonomousDatabases.restore + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RestoreAutonomousDatabaseRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3547,7 +6385,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3559,27 +6397,59 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: autonomousDatabasesId + required: true schema: type: string - - in: query - name: pageSize + /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabases/{autonomousDatabasesId}:generateWallet: + parameters: *ref_1 + post: + description: Generates a wallet for an Autonomous Database. + operationId: oracledatabase.projects.locations.autonomousDatabases.generateWallet + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GenerateAutonomousDatabaseWalletRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GenerateAutonomousDatabaseWalletResponse' + parameters: + - in: path + name: projectsId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: locationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + - in: path + name: autonomousDatabasesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabases/{autonomousDatabasesId}:stop: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: oracledatabase.projects.locations.operations.get + post: + description: Stops an Autonomous Database. + operationId: oracledatabase.projects.locations.autonomousDatabases.stop + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/StopAutonomousDatabaseRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3604,17 +6474,20 @@ paths: schema: type: string - in: path - name: operationsId + name: autonomousDatabasesId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: oracledatabase.projects.locations.operations.delete + /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabases/{autonomousDatabasesId}:start: + parameters: *ref_1 + post: + description: Starts an Autonomous Database. + operationId: oracledatabase.projects.locations.autonomousDatabases.start + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/StartAutonomousDatabaseRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3626,7 +6499,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3639,29 +6512,20 @@ paths: schema: type: string - in: path - name: operationsId + name: autonomousDatabasesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabases/{autonomousDatabasesId}:restart: parameters: *ref_1 post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: oracledatabase.projects.locations.operations.cancel + description: Restarts an Autonomous Database. + operationId: oracledatabase.projects.locations.autonomousDatabases.restart requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/RestartAutonomousDatabaseRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3673,7 +6537,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3686,15 +6550,22 @@ paths: schema: type: string - in: path - name: operationsId + name: autonomousDatabasesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/cloudExadataInfrastructures: + /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabases/{autonomousDatabasesId}:switchover: parameters: *ref_1 - get: - description: Lists Exadata Infrastructures in a given project and location. - operationId: oracledatabase.projects.locations.cloudExadataInfrastructures.list + post: + description: >- + Initiates a switchover of specified autonomous database to the + associated peer database. + operationId: oracledatabase.projects.locations.autonomousDatabases.switchover + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SwitchoverAutonomousDatabaseRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3706,7 +6577,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListCloudExadataInfrastructuresResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3718,23 +6589,23 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: autonomousDatabasesId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabases/{autonomousDatabasesId}:failover: + parameters: *ref_1 post: - description: Creates a new Exadata Infrastructure in a given project and location. - operationId: oracledatabase.projects.locations.cloudExadataInfrastructures.create + description: >- + Initiates a failover to target autonomous database from the associated + primary database. + operationId: oracledatabase.projects.locations.autonomousDatabases.failover requestBody: content: application/json: schema: - $ref: '#/components/schemas/CloudExadataInfrastructure' + $ref: '#/components/schemas/FailoverAutonomousDatabaseRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3758,19 +6629,18 @@ paths: required: true schema: type: string - - in: query - name: cloudExadataInfrastructureId - schema: - type: string - - in: query - name: requestId + - in: path + name: autonomousDatabasesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/cloudExadataInfrastructures/{cloudExadataInfrastructuresId}: + /v1/projects/{projectsId}/locations/{locationsId}/autonomousDbVersions: parameters: *ref_1 - get: - description: Gets details of a single Exadata Infrastructure. - operationId: oracledatabase.projects.locations.cloudExadataInfrastructures.get + get: + description: >- + Lists all the available Autonomous Database versions for a project and + location. + operationId: oracledatabase.projects.locations.autonomousDbVersions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3782,7 +6652,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CloudExadataInfrastructure' + $ref: '#/components/schemas/ListAutonomousDbVersionsResponse' parameters: - in: path name: projectsId @@ -3794,14 +6664,22 @@ paths: required: true schema: type: string - - in: path - name: cloudExadataInfrastructuresId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - delete: - description: Deletes a single Exadata Infrastructure. - operationId: oracledatabase.projects.locations.cloudExadataInfrastructures.delete + /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabaseCharacterSets: + parameters: *ref_1 + get: + description: >- + Lists Autonomous Database Character Sets in a given project and + location. + operationId: oracledatabase.projects.locations.autonomousDatabaseCharacterSets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3813,7 +6691,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: >- + #/components/schemas/ListAutonomousDatabaseCharacterSetsResponse parameters: - in: path name: projectsId @@ -3825,25 +6704,24 @@ paths: required: true schema: type: string - - in: path - name: cloudExadataInfrastructuresId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: requestId + name: pageToken schema: type: string - in: query - name: force + name: filter schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/cloudExadataInfrastructures/{cloudExadataInfrastructuresId}/dbServers: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabaseBackups: parameters: *ref_1 get: - description: Lists the database servers of an Exadata Infrastructure instance. - operationId: >- - oracledatabase.projects.locations.cloudExadataInfrastructures.dbServers.list + description: Lists the long-term and automatic backups of an Autonomous Database. + operationId: oracledatabase.projects.locations.autonomousDatabaseBackups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3855,7 +6733,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDbServersResponse' + $ref: '#/components/schemas/ListAutonomousDatabaseBackupsResponse' parameters: - in: path name: projectsId @@ -3867,9 +6745,8 @@ paths: required: true schema: type: string - - in: path - name: cloudExadataInfrastructuresId - required: true + - in: query + name: filter schema: type: string - in: query @@ -3881,11 +6758,11 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/cloudVmClusters: + /v1/projects/{projectsId}/locations/{locationsId}/odbNetworks: parameters: *ref_1 get: - description: Lists the VM Clusters in a given project and location. - operationId: oracledatabase.projects.locations.cloudVmClusters.list + description: Lists the ODB Networks in a given project and location. + operationId: oracledatabase.projects.locations.odbNetworks.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3897,7 +6774,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListCloudVmClustersResponse' + $ref: '#/components/schemas/ListOdbNetworksResponse' parameters: - in: path name: projectsId @@ -3922,14 +6799,18 @@ paths: name: filter schema: type: string + - in: query + name: orderBy + schema: + type: string post: - description: Creates a new VM Cluster in a given project and location. - operationId: oracledatabase.projects.locations.cloudVmClusters.create + description: Creates a new ODB Network in a given project and location. + operationId: oracledatabase.projects.locations.odbNetworks.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/CloudVmCluster' + $ref: '#/components/schemas/OdbNetwork' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3954,18 +6835,18 @@ paths: schema: type: string - in: query - name: cloudVmClusterId + name: odbNetworkId schema: type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/cloudVmClusters/{cloudVmClustersId}: + /v1/projects/{projectsId}/locations/{locationsId}/odbNetworks/{odbNetworksId}: parameters: *ref_1 get: - description: Gets details of a single VM Cluster. - operationId: oracledatabase.projects.locations.cloudVmClusters.get + description: Gets details of a single ODB Network. + operationId: oracledatabase.projects.locations.odbNetworks.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3977,7 +6858,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CloudVmCluster' + $ref: '#/components/schemas/OdbNetwork' parameters: - in: path name: projectsId @@ -3990,13 +6871,13 @@ paths: schema: type: string - in: path - name: cloudVmClustersId + name: odbNetworksId required: true schema: type: string delete: - description: Deletes a single VM Cluster. - operationId: oracledatabase.projects.locations.cloudVmClusters.delete + description: Deletes a single ODB Network. + operationId: oracledatabase.projects.locations.odbNetworks.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4021,7 +6902,7 @@ paths: schema: type: string - in: path - name: cloudVmClustersId + name: odbNetworksId required: true schema: type: string @@ -4029,15 +6910,11 @@ paths: name: requestId schema: type: string - - in: query - name: force - schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/cloudVmClusters/{cloudVmClustersId}/dbNodes: + /v1/projects/{projectsId}/locations/{locationsId}/odbNetworks/{odbNetworksId}/odbSubnets: parameters: *ref_1 get: - description: Lists the database nodes of a VM Cluster. - operationId: oracledatabase.projects.locations.cloudVmClusters.dbNodes.list + description: Lists all the ODB Subnets in a given ODB Network. + operationId: oracledatabase.projects.locations.odbNetworks.odbSubnets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4049,7 +6926,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDbNodesResponse' + $ref: '#/components/schemas/ListOdbSubnetsResponse' parameters: - in: path name: projectsId @@ -4062,7 +6939,7 @@ paths: schema: type: string - in: path - name: cloudVmClustersId + name: odbNetworksId required: true schema: type: string @@ -4075,11 +6952,22 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/entitlements: - parameters: *ref_1 - get: - description: Lists the entitlements in a given project. - operationId: oracledatabase.projects.locations.entitlements.list + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + post: + description: Creates a new ODB Subnet in a given ODB Network. + operationId: oracledatabase.projects.locations.odbNetworks.odbSubnets.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OdbSubnet' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4091,7 +6979,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListEntitlementsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4103,22 +6991,24 @@ paths: required: true schema: type: string + - in: path + name: odbNetworksId + required: true + schema: + type: string - in: query - name: pageSize + name: odbSubnetId schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/giVersions: + /v1/projects/{projectsId}/locations/{locationsId}/odbNetworks/{odbNetworksId}/odbSubnets/{odbSubnetsId}: parameters: *ref_1 get: - description: >- - Lists all the valid Oracle Grid Infrastructure (GI) versions for the - given project and location. - operationId: oracledatabase.projects.locations.giVersions.list + description: Gets details of a single ODB Subnet. + operationId: oracledatabase.projects.locations.odbNetworks.odbSubnets.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4130,7 +7020,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListGiVersionsResponse' + $ref: '#/components/schemas/OdbSubnet' parameters: - in: path name: projectsId @@ -4142,24 +7032,19 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: odbNetworksId + required: true schema: type: string - - in: query - name: filter + - in: path + name: odbSubnetsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dbSystemShapes: - parameters: *ref_1 - get: - description: Lists the database system shapes available for the project and location. - operationId: oracledatabase.projects.locations.dbSystemShapes.list + delete: + description: Deletes a single ODB Subnet. + operationId: oracledatabase.projects.locations.odbNetworks.odbSubnets.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4171,7 +7056,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDbSystemShapesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4183,20 +7068,27 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: odbNetworksId + required: true schema: - type: integer - format: int32 + type: string + - in: path + name: odbSubnetsId + required: true + schema: + type: string - in: query - name: pageToken + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabases: + /v1/projects/{projectsId}/locations/{locationsId}/exadbVmClusters: parameters: *ref_1 get: - description: Lists the Autonomous Databases in a given project and location. - operationId: oracledatabase.projects.locations.autonomousDatabases.list + description: >- + Lists all the Exadb (Exascale) VM Clusters for the given project and + location. + operationId: oracledatabase.projects.locations.exadbVmClusters.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4208,7 +7100,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAutonomousDatabasesResponse' + $ref: '#/components/schemas/ListExadbVmClustersResponse' parameters: - in: path name: projectsId @@ -4238,13 +7130,13 @@ paths: schema: type: string post: - description: Creates a new Autonomous Database in a given project and location. - operationId: oracledatabase.projects.locations.autonomousDatabases.create + description: Creates a new Exadb (Exascale) VM Cluster resource. + operationId: oracledatabase.projects.locations.exadbVmClusters.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/AutonomousDatabase' + $ref: '#/components/schemas/ExadbVmCluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4269,18 +7161,18 @@ paths: schema: type: string - in: query - name: autonomousDatabaseId + name: exadbVmClusterId schema: type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabases/{autonomousDatabasesId}: + /v1/projects/{projectsId}/locations/{locationsId}/exadbVmClusters/{exadbVmClustersId}: parameters: *ref_1 get: - description: Gets the details of a single Autonomous Database. - operationId: oracledatabase.projects.locations.autonomousDatabases.get + description: Gets details of a single Exadb (Exascale) VM Cluster. + operationId: oracledatabase.projects.locations.exadbVmClusters.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4292,7 +7184,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AutonomousDatabase' + $ref: '#/components/schemas/ExadbVmCluster' parameters: - in: path name: projectsId @@ -4305,13 +7197,13 @@ paths: schema: type: string - in: path - name: autonomousDatabasesId + name: exadbVmClustersId required: true schema: type: string delete: - description: Deletes a single Autonomous Database. - operationId: oracledatabase.projects.locations.autonomousDatabases.delete + description: Deletes a single Exadb (Exascale) VM Cluster. + operationId: oracledatabase.projects.locations.exadbVmClusters.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4336,7 +7228,7 @@ paths: schema: type: string - in: path - name: autonomousDatabasesId + name: exadbVmClustersId required: true schema: type: string @@ -4344,16 +7236,16 @@ paths: name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabases/{autonomousDatabasesId}:restore: - parameters: *ref_1 - post: - description: Restores a single Autonomous Database. - operationId: oracledatabase.projects.locations.autonomousDatabases.restore + patch: + description: >- + Updates a single Exadb (Exascale) VM Cluster. To add virtual machines to + existing exadb vm cluster, only pass the node count. + operationId: oracledatabase.projects.locations.exadbVmClusters.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/RestoreAutonomousDatabaseRequest' + $ref: '#/components/schemas/ExadbVmCluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4378,20 +7270,62 @@ paths: schema: type: string - in: path - name: autonomousDatabasesId + name: exadbVmClustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabases/{autonomousDatabasesId}:generateWallet: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/exadbVmClusters/{exadbVmClustersId}:removeVirtualMachine: parameters: *ref_1 post: - description: Generates a wallet for an Autonomous Database. - operationId: oracledatabase.projects.locations.autonomousDatabases.generateWallet + description: Removes virtual machines from an existing exadb vm cluster. + operationId: oracledatabase.projects.locations.exadbVmClusters.removeVirtualMachine requestBody: content: application/json: schema: - $ref: '#/components/schemas/GenerateAutonomousDatabaseWalletRequest' + $ref: '#/components/schemas/RemoveVirtualMachineExadbVmClusterRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: exadbVmClustersId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/exadbVmClusters/{exadbVmClustersId}/dbNodes: + parameters: *ref_1 + get: + description: Lists the database nodes of a VM Cluster. + operationId: oracledatabase.projects.locations.exadbVmClusters.dbNodes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4403,7 +7337,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GenerateAutonomousDatabaseWalletResponse' + $ref: '#/components/schemas/ListDbNodesResponse' parameters: - in: path name: projectsId @@ -4416,20 +7350,26 @@ paths: schema: type: string - in: path - name: autonomousDatabasesId + name: exadbVmClustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabases/{autonomousDatabasesId}:stop: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/exascaleDbStorageVaults: parameters: *ref_1 - post: - description: Stops an Autonomous Database. - operationId: oracledatabase.projects.locations.autonomousDatabases.stop - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/StopAutonomousDatabaseRequest' + get: + description: >- + Lists all the ExascaleDB Storage Vaults for the given project and + location. + operationId: oracledatabase.projects.locations.exascaleDbStorageVaults.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4441,7 +7381,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListExascaleDbStorageVaultsResponse' parameters: - in: path name: projectsId @@ -4453,21 +7393,31 @@ paths: required: true schema: type: string - - in: path - name: autonomousDatabasesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabases/{autonomousDatabasesId}:start: - parameters: *ref_1 post: - description: Starts an Autonomous Database. - operationId: oracledatabase.projects.locations.autonomousDatabases.start + description: Creates a new ExascaleDB Storage Vault resource. + operationId: oracledatabase.projects.locations.exascaleDbStorageVaults.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/StartAutonomousDatabaseRequest' + $ref: '#/components/schemas/ExascaleDbStorageVault' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4491,21 +7441,19 @@ paths: required: true schema: type: string - - in: path - name: autonomousDatabasesId - required: true + - in: query + name: exascaleDbStorageVaultId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabases/{autonomousDatabasesId}:restart: + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/exascaleDbStorageVaults/{exascaleDbStorageVaultsId}: parameters: *ref_1 - post: - description: Restarts an Autonomous Database. - operationId: oracledatabase.projects.locations.autonomousDatabases.restart - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RestartAutonomousDatabaseRequest' + get: + description: Gets details of a single ExascaleDB Storage Vault. + operationId: oracledatabase.projects.locations.exascaleDbStorageVaults.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4517,7 +7465,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ExascaleDbStorageVault' parameters: - in: path name: projectsId @@ -4530,22 +7478,13 @@ paths: schema: type: string - in: path - name: autonomousDatabasesId + name: exascaleDbStorageVaultsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabases/{autonomousDatabasesId}:switchover: - parameters: *ref_1 - post: - description: >- - Initiates a switchover of specified autonomous database to the - associated peer database. - operationId: oracledatabase.projects.locations.autonomousDatabases.switchover - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SwitchoverAutonomousDatabaseRequest' + delete: + description: Deletes a single ExascaleDB Storage Vault. + operationId: oracledatabase.projects.locations.exascaleDbStorageVaults.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4570,17 +7509,21 @@ paths: schema: type: string - in: path - name: autonomousDatabasesId + name: exascaleDbStorageVaultsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/autonomousDbVersions: + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/dbSystemInitialStorageSizes: parameters: *ref_1 get: description: >- - Lists all the available Autonomous Database versions for a project and + Lists all the DbSystemInitialStorageSizes for the given project and location. - operationId: oracledatabase.projects.locations.autonomousDbVersions.list + operationId: oracledatabase.projects.locations.dbSystemInitialStorageSizes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4592,7 +7535,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAutonomousDbVersionsResponse' + $ref: '#/components/schemas/ListDbSystemInitialStorageSizesResponse' parameters: - in: path name: projectsId @@ -4613,13 +7556,11 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabaseCharacterSets: + /v1/projects/{projectsId}/locations/{locationsId}/databases: parameters: *ref_1 get: - description: >- - Lists Autonomous Database Character Sets in a given project and - location. - operationId: oracledatabase.projects.locations.autonomousDatabaseCharacterSets.list + description: Lists all the Databases for the given project, location and DbSystem. + operationId: oracledatabase.projects.locations.databases.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4631,8 +7572,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ListAutonomousDatabaseCharacterSetsResponse + $ref: '#/components/schemas/ListDatabasesResponse' parameters: - in: path name: projectsId @@ -4657,11 +7597,11 @@ paths: name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/autonomousDatabaseBackups: + /v1/projects/{projectsId}/locations/{locationsId}/databases/{databasesId}: parameters: *ref_1 get: - description: Lists the long-term and automatic backups of an Autonomous Database. - operationId: oracledatabase.projects.locations.autonomousDatabaseBackups.list + description: Gets details of a single Database. + operationId: oracledatabase.projects.locations.databases.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4673,7 +7613,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAutonomousDatabaseBackupsResponse' + $ref: '#/components/schemas/Database' parameters: - in: path name: projectsId @@ -4685,24 +7625,18 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: databasesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/odbNetworks: + /v1/projects/{projectsId}/locations/{locationsId}/pluggableDatabases: parameters: *ref_1 get: - description: Lists the ODB Networks in a given project and location. - operationId: oracledatabase.projects.locations.odbNetworks.list + description: >- + Lists all the PluggableDatabases for the given project, location and + Container Database. + operationId: oracledatabase.projects.locations.pluggableDatabases.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4714,7 +7648,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOdbNetworksResponse' + $ref: '#/components/schemas/ListPluggableDatabasesResponse' parameters: - in: path name: projectsId @@ -4739,18 +7673,11 @@ paths: name: filter schema: type: string - - in: query - name: orderBy - schema: - type: string - post: - description: Creates a new ODB Network in a given project and location. - operationId: oracledatabase.projects.locations.odbNetworks.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/OdbNetwork' + /v1/projects/{projectsId}/locations/{locationsId}/pluggableDatabases/{pluggableDatabasesId}: + parameters: *ref_1 + get: + description: Gets details of a single PluggableDatabase. + operationId: oracledatabase.projects.locations.pluggableDatabases.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4762,7 +7689,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/PluggableDatabase' parameters: - in: path name: projectsId @@ -4774,19 +7701,16 @@ paths: required: true schema: type: string - - in: query - name: odbNetworkId - schema: - type: string - - in: query - name: requestId + - in: path + name: pluggableDatabasesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/odbNetworks/{odbNetworksId}: + /v1/projects/{projectsId}/locations/{locationsId}/dbSystems: parameters: *ref_1 get: - description: Gets details of a single ODB Network. - operationId: oracledatabase.projects.locations.odbNetworks.get + description: Lists all the DbSystems for the given project and location. + operationId: oracledatabase.projects.locations.dbSystems.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4798,7 +7722,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/OdbNetwork' + $ref: '#/components/schemas/ListDbSystemsResponse' parameters: - in: path name: projectsId @@ -4810,14 +7734,31 @@ paths: required: true schema: type: string - - in: path - name: odbNetworksId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - delete: - description: Deletes a single ODB Network. - operationId: oracledatabase.projects.locations.odbNetworks.delete + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + post: + description: Creates a new DbSystem in a given project and location. + operationId: oracledatabase.projects.locations.dbSystems.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DbSystem' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4841,20 +7782,19 @@ paths: required: true schema: type: string - - in: path - name: odbNetworksId - required: true + - in: query + name: dbSystemId schema: type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/odbNetworks/{odbNetworksId}/odbSubnets: + /v1/projects/{projectsId}/locations/{locationsId}/dbSystems/{dbSystemsId}: parameters: *ref_1 get: - description: Lists all the ODB Subnets in a given ODB Network. - operationId: oracledatabase.projects.locations.odbNetworks.odbSubnets.list + description: Gets details of a single DbSystem. + operationId: oracledatabase.projects.locations.dbSystems.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4866,7 +7806,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOdbSubnetsResponse' + $ref: '#/components/schemas/DbSystem' parameters: - in: path name: projectsId @@ -4879,35 +7819,13 @@ paths: schema: type: string - in: path - name: odbNetworksId + name: dbSystemsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - post: - description: Creates a new ODB Subnet in a given ODB Network. - operationId: oracledatabase.projects.locations.odbNetworks.odbSubnets.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/OdbSubnet' + delete: + description: Deletes a single DbSystem. + operationId: oracledatabase.projects.locations.dbSystems.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4932,23 +7850,19 @@ paths: schema: type: string - in: path - name: odbNetworksId + name: dbSystemsId required: true schema: type: string - - in: query - name: odbSubnetId - schema: - type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/odbNetworks/{odbNetworksId}/odbSubnets/{odbSubnetsId}: + /v1/projects/{projectsId}/locations/{locationsId}/dbVersions: parameters: *ref_1 get: - description: Gets details of a single ODB Subnet. - operationId: oracledatabase.projects.locations.odbNetworks.odbSubnets.get + description: List DbVersions for the given project and location. + operationId: oracledatabase.projects.locations.dbVersions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4960,7 +7874,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/OdbSubnet' + $ref: '#/components/schemas/ListDbVersionsResponse' parameters: - in: path name: projectsId @@ -4972,19 +7886,24 @@ paths: required: true schema: type: string - - in: path - name: odbNetworksId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - - in: path - name: odbSubnetsId - required: true + - in: query + name: filter schema: type: string - delete: - description: Deletes a single ODB Subnet. - operationId: oracledatabase.projects.locations.odbNetworks.odbSubnets.delete + /v1/projects/{projectsId}/locations/{locationsId}/databaseCharacterSets: + parameters: *ref_1 + get: + description: List DatabaseCharacterSets for the given project and location. + operationId: oracledatabase.projects.locations.databaseCharacterSets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4996,7 +7915,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListDatabaseCharacterSetsResponse' parameters: - in: path name: projectsId @@ -5008,17 +7927,16 @@ paths: required: true schema: type: string - - in: path - name: odbNetworksId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: odbSubnetsId - required: true + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - in: query - name: requestId + name: filter schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/orgpolicy.yaml b/providers/src/googleapis.com/v00.00.00000/services/orgpolicy.yaml index 9bf0670c..05e06c51 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/orgpolicy.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/orgpolicy.yaml @@ -9,8 +9,8 @@ info: The Organization Policy API allows users to configure governance rules on their Google Cloud resources across the resource hierarchy. version: v2 - x-discovery-doc-revision: '20250822' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251105' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/orgpolicy/docs/reference/rest/index.html servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/osconfig.yaml b/providers/src/googleapis.com/v00.00.00000/services/osconfig.yaml index f6e5702a..57064940 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/osconfig.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/osconfig.yaml @@ -9,8 +9,8 @@ info: OS management tools that can be used for patch management, patch compliance, and configuration management on VM instances. version: v2 - x-discovery-doc-revision: '20250824' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251204' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/compute/docs/osconfig/rest servers: @@ -36,494 +36,537 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object + OSPolicy: + description: An OS policy defines the desired state configuration for a VM. properties: - operations: + allowNoResourceGroupMatch: + type: boolean description: >- - A list of operations that matches the specified filter in the - request. + This flag determines the OS policy compliance status when none of + the resource groups within the policy are applicable for a VM. Set + this value to `true` if the policy needs to be reported as compliant + even if the policy has nothing to validate or enforce. + id: + description: >- + Required. The id of the OS policy with the following restrictions: * + Must contain only lowercase letters, numbers, and hyphens. * Must + start with a letter. * Must be between 1-63 characters. * Must end + with a number or a letter. * Must be unique within the assignment. + type: string + resourceGroups: type: array items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + $ref: '#/components/schemas/OSPolicyResourceGroup' + description: >- + Required. List of resource groups for the policy. For a particular + VM, resource groups are evaluated in the order specified and the + first resource group that is applicable is selected and the rest are + ignored. If none of the resource groups are applicable for a VM, the + VM is considered to be non-compliant w.r.t this policy. This + behavior can be toggled by the flag `allow_no_resource_group_match` + description: + description: >- + Policy description. Length of the description is limited to 1024 + characters. type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + mode: + enum: + - MODE_UNSPECIFIED + - VALIDATION + - ENFORCEMENT + type: string + enumDescriptions: + - Invalid mode + - >- + This mode checks if the configuration resources in the policy are + in their desired state. No actions are performed if they are not + in the desired state. This mode is used for reporting purposes. + - >- + This mode checks if the configuration resources in the policy are + in their desired state, and if not, enforces the desired state. + description: Required. Policy mode + id: OSPolicy type: object + GoogleCloudOsconfigV1__OSPolicyAssignmentOperationMetadata: + description: >- + OS policy assignment operation metadata provided by OS policy assignment + API methods that return long running operations. + id: GoogleCloudOsconfigV1__OSPolicyAssignmentOperationMetadata properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + rolloutStartTime: type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + format: google-datetime + description: Rollout start time + apiMethod: + description: The OS policy assignment API method. + type: string + enumDescriptions: + - Invalid value + - Create OS policy assignment API method + - Update OS policy assignment API method + - Delete OS policy assignment API method + enum: + - API_METHOD_UNSPECIFIED + - CREATE + - UPDATE + - DELETE + rolloutUpdateTime: + format: google-datetime + description: Rollout update time + type: string + osPolicyAssignment: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + Reference to the `OSPolicyAssignment` API resource. Format: + `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id@revision_id}` + type: string + rolloutState: + enumDescriptions: + - Invalid value + - The rollout is in progress. + - The rollout is being cancelled. + - The rollout is cancelled. + - The rollout has completed successfully. + description: State of the rollout + type: string + enum: + - ROLLOUT_STATE_UNSPECIFIED + - IN_PROGRESS + - CANCELLING + - CANCELLED + - SUCCEEDED type: object + OSPolicyInventoryFilter: + id: OSPolicyInventoryFilter properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + osShortName: + description: Required. The OS short name + type: string + osVersion: type: string - details: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. + The OS version Prefix matches are supported if asterisk(*) is + provided as the last character. For example, to match all versions + with a major version of `7`, specify the following value for this + field `7.*` An empty string matches all OS versions. + description: Filtering criteria to select VMs based on inventory details. type: object - properties: {} - GoogleCloudOsconfigV2__PolicyOrchestrator: - id: GoogleCloudOsconfigV2__PolicyOrchestrator - description: >- - PolicyOrchestrator helps managing project+zone level policy resources - (e.g. OS Policy Assignments), by providing tools to create, update and - delete them across projects and locations, at scale. Policy orchestrator - functions as an endless loop. Each iteration orchestrator computes a set - of resources that should be affected, then progressively applies changes - to them. If for some reason this set of resources changes over time - (e.g. new projects are added), the future loop iterations will address - that. Orchestrator can either upsert or delete policy resources. For - more details, see the description of the `action`, and - `orchestrated_resource` fields. Note that policy orchestrator do not - "manage" the resources it creates. Every iteration is independent and - only minimal history of past actions is retained (apart from Cloud - Logging). If orchestrator gets deleted, it does not affect the resources - it created in the past. Those will remain where they were. Same applies - if projects are removed from the orchestrator's scope. + GoogleCloudOsconfigV2_PolicyOrchestrator_IterationState: + id: GoogleCloudOsconfigV2_PolicyOrchestrator_IterationState + description: Describes the state of a single iteration of the orchestrator. type: object properties: - name: + failedActions: + readOnly: true + format: int64 description: >- - Immutable. Identifier. In form of * - `organizations/{organization_id}/locations/global/policyOrchestrators/{orchestrator_id}` - * - `folders/{folder_id}/locations/global/policyOrchestrators/{orchestrator_id}` - * - `projects/{project_id_or_number}/locations/global/policyOrchestrators/{orchestrator_id}` - type: string - description: - description: Optional. Freeform text describing the purpose of the resource. + Output only. Number of orchestration actions which failed so far. + For more details, query the Cloud Logs. type: string - etag: - description: >- - Output only. This checksum is computed by the server based on the - value of other fields, and may be sent on update and delete requests - to ensure the client has an up-to-date value before proceeding. + error: + $ref: '#/components/schemas/Status' readOnly: true + description: Output only. Error thrown in the wave iteration. + performedActions: + readOnly: true + description: >- + Output only. Overall number of actions done by the orchestrator so + far. + format: int64 type: string state: - description: >- - Optional. State of the orchestrator. Can be updated to change - orchestrator behaviour. Allowed values: - `ACTIVE` - orchestrator is - actively looking for actions to be taken. - `STOPPED` - orchestrator - won't make any changes. Note: There might be more states added in - the future. We use string here instead of an enum, to avoid the need - of propagating new states to all the client code. + description: Output only. State of the iteration. + readOnly: true type: string - reconciling: - description: >- - Output only. Set to true, if the there are ongoing changes being - applied by the orchestrator. + enum: + - STATE_UNSPECIFIED + - PROCESSING + - COMPLETED + - FAILED + - CANCELLED + - UNKNOWN + enumDescriptions: + - Default value. This value is unused. + - Iteration is in progress. + - Iteration completed, with all actions being successful. + - Iteration completed, with failures. + - Iteration was explicitly cancelled. + - Impossible to determine current state of the iteration. + iterationId: + type: string + description: Output only. Unique identifier of the iteration. readOnly: true - type: boolean - orchestrationScope: - description: >- - Optional. Defines scope for the orchestration, in context of the - enclosing PolicyOrchestrator resource. Scope is expanded into a list - of pairs, in which the rollout action will take place. Expansion - starts with a Folder resource parenting the PolicyOrchestrator - resource: - All the descendant projects are listed. - List of - project is cross joined with a list of all available zones. - - Resulting list of pairs is filtered according to the selectors. - $ref: '#/components/schemas/GoogleCloudOsconfigV2__OrchestrationScope' - action: - description: >- - Required. Action to be done by the orchestrator in - `projects/{project_id}/zones/{zone_id}` locations defined by the - `orchestration_scope`. Allowed values: - `UPSERT` - Orchestrator - will create or update target resources. - `DELETE` - Orchestrator - will delete target resources, if they exist + startTime: + format: google-datetime type: string - orchestratedResource: - description: Required. Resource to be orchestrated by the policy orchestrator. - $ref: '#/components/schemas/GoogleCloudOsconfigV2__OrchestratedResource' - orchestrationState: - description: Output only. State of the orchestration. readOnly: true - $ref: >- - #/components/schemas/GoogleCloudOsconfigV2_PolicyOrchestrator_OrchestrationState - createTime: - description: >- - Output only. Timestamp when the policy orchestrator resource was - created. + description: Output only. Start time of the wave iteration. + finishTime: + description: Output only. Finish time of the wave iteration. + format: google-datetime readOnly: true type: string - format: google-datetime - updateTime: + progress: description: >- - Output only. Timestamp when the policy orchestrator resource was - last modified. + Output only. An estimated percentage of the progress. Number between + 0 and 100. + format: float + type: number readOnly: true + OSPolicyResourcePackageResourceGooGet: + type: object + id: OSPolicyResourcePackageResourceGooGet + properties: + name: type: string - format: google-datetime - labels: - description: Optional. Labels as key value pairs - type: object - additionalProperties: - type: string - GoogleCloudOsconfigV2__OrchestrationScope: - id: GoogleCloudOsconfigV2__OrchestrationScope + description: Required. Package name. description: >- - Defines a set of selectors which drive which resources are in scope of - policy orchestration. + A package managed by GooGet. - install: `googet -noconfirm install + package` - remove: `googet -noconfirm remove package` + OSPolicyResourceFileGcs: + id: OSPolicyResourceFileGcs type: object properties: - selectors: - description: >- - Optional. Selectors of the orchestration scope. There is a logical - AND between each selector defined. When there is no explicit - `ResourceHierarchySelector` selector specified, the scope is by - default bounded to the parent of the policy orchestrator resource. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudOsconfigV2_OrchestrationScope_Selector - GoogleCloudOsconfigV2_OrchestrationScope_Selector: - id: GoogleCloudOsconfigV2_OrchestrationScope_Selector - description: Selector for the resources in scope of orchestration. - type: object + generation: + format: int64 + description: Generation number of the Cloud Storage object. + type: string + object: + type: string + description: Required. Name of the Cloud Storage object. + bucket: + description: Required. Bucket of the Cloud Storage object. + type: string + description: Specifies a file available as a Cloud Storage Object. + OSPolicyResourcePackageResourceZypper: + description: >- + A package managed by Zypper. - install: `zypper -y install package` - + remove: `zypper -y rm package` + id: OSPolicyResourcePackageResourceZypper properties: - resourceHierarchySelector: - description: Selector for selecting resource hierarchy. - $ref: >- - #/components/schemas/GoogleCloudOsconfigV2_OrchestrationScope_ResourceHierarchySelector - locationSelector: - description: Selector for selecting locations. - $ref: >- - #/components/schemas/GoogleCloudOsconfigV2_OrchestrationScope_LocationSelector - GoogleCloudOsconfigV2_OrchestrationScope_ResourceHierarchySelector: - id: GoogleCloudOsconfigV2_OrchestrationScope_ResourceHierarchySelector - description: Selector containing Cloud Resource Manager resource hierarchy nodes. + name: + description: Required. Package name. + type: string type: object + CancelOperationRequest: + properties: {} + description: The request message for Operations.CancelOperation. + type: object + id: CancelOperationRequest + OSPolicyResource: properties: - includedProjects: - description: >- - Optional. Names of the projects in scope. Format: - `projects/{project_number}` - type: array - items: - type: string - includedFolders: + id: + type: string description: >- - Optional. Names of the folders in scope. Format: - `folders/{folder_id}` - type: array - items: - type: string - GoogleCloudOsconfigV2_OrchestrationScope_LocationSelector: - id: GoogleCloudOsconfigV2_OrchestrationScope_LocationSelector - description: Selector containing locations in scope. + Required. The id of the resource with the following restrictions: * + Must contain only lowercase letters, numbers, and hyphens. * Must + start with a letter. * Must be between 1-63 characters. * Must end + with a number or a letter. * Must be unique within the OS policy. + repository: + description: Package repository resource + $ref: '#/components/schemas/OSPolicyResourceRepositoryResource' + pkg: + description: Package resource + $ref: '#/components/schemas/OSPolicyResourcePackageResource' + file: + $ref: '#/components/schemas/OSPolicyResourceFileResource' + description: File resource + exec: + description: Exec resource + $ref: '#/components/schemas/OSPolicyResourceExecResource' + description: >- + An OS policy resource is used to define the desired state configuration + and provides a specific functionality like installing/removing packages, + executing a script etc. The system ensures that resources are always in + their desired state by taking necessary actions if they have drifted + from their desired state. type: object - properties: - includedLocations: - description: 'Optional. Names of the locations in scope. Format: `us-central1-a`' - type: array - items: - type: string - GoogleCloudOsconfigV2__OrchestratedResource: - id: GoogleCloudOsconfigV2__OrchestratedResource + id: OSPolicyResource + Empty: + id: Empty + type: object + properties: {} description: >- - Represents a resource that is being orchestrated by the policy - orchestrator. + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + OSPolicyAssignmentRollout: + description: >- + Message to configure the rollout at the zonal level for the OS policy + assignment. + type: object + id: OSPolicyAssignmentRollout + properties: + minWaitDuration: + type: string + description: >- + Required. This determines the minimum duration of time to wait after + the configuration changes are applied through the current rollout. A + VM continues to count towards the `disruption_budget` at least until + this duration of time has passed after configuration changes are + applied. + format: google-duration + disruptionBudget: + description: >- + Required. The maximum number (or percentage) of VMs per zone to + disrupt at any given moment. + $ref: '#/components/schemas/FixedOrPercent' + OSPolicyResourceRepositoryResource: + description: A resource that manages a package repository. type: object + id: OSPolicyResourceRepositoryResource properties: - osPolicyAssignmentV1Payload: - description: >- - Optional. OSPolicyAssignment resource to be created, updated or - deleted. Name field is ignored and replace with a generated value. - With this field set, orchestrator will perform actions on - `project/{project}/locations/{zone}/osPolicyAssignments/{resource_id}` - resources, where `project` and `zone` pairs come from the expanded - scope, and `resource_id` comes from the `resource_id` field of - orchestrator resource. - $ref: '#/components/schemas/OSPolicyAssignment' - id: - description: >- - Optional. ID of the resource to be used while generating set of - affected resources. For UPSERT action the value is auto-generated - during PolicyOrchestrator creation when not set. When the value is - set it should following next restrictions: * Must contain only - lowercase letters, numbers, and hyphens. * Must start with a letter. - * Must be between 1-63 characters. * Must end with a number or a - letter. * Must be unique within the project. For DELETE action, ID - must be specified explicitly during PolicyOrchestrator creation. - type: string - OSPolicyAssignment: - id: OSPolicyAssignment - description: >- - OS policy assignment is an API resource that is used to apply a set of - OS policies to a dynamically targeted group of Compute Engine VM - instances. An OS policy is used to define the desired state - configuration for a Compute Engine VM instance through a set of - configuration resources that provide capabilities such as installing or - removing software packages, or executing a script. For more information - about the OS policy resource definitions and examples, see [OS policy - and OS policy - assignment](https://cloud.google.com/compute/docs/os-configuration-management/working-with-os-policies). + zypper: + $ref: >- + #/components/schemas/OSPolicyResourceRepositoryResourceZypperRepository + description: A Zypper Repository. + goo: + $ref: '#/components/schemas/OSPolicyResourceRepositoryResourceGooRepository' + description: A Goo Repository. + yum: + $ref: '#/components/schemas/OSPolicyResourceRepositoryResourceYumRepository' + description: A Yum Repository. + apt: + $ref: '#/components/schemas/OSPolicyResourceRepositoryResourceAptRepository' + description: An Apt Repository. + OSPolicyResourcePackageResource: + description: A resource that manages a system package. + id: OSPolicyResourcePackageResource type: object properties: - name: + zypper: + $ref: '#/components/schemas/OSPolicyResourcePackageResourceZypper' + description: A package managed by Zypper. + yum: + $ref: '#/components/schemas/OSPolicyResourcePackageResourceYUM' + description: A package managed by YUM. + desiredState: description: >- - Resource name. Format: - `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id}` - This field is ignored when you create an OS policy assignment. + Required. The desired state the agent should maintain for this + package. type: string + enum: + - DESIRED_STATE_UNSPECIFIED + - INSTALLED + - REMOVED + enumDescriptions: + - Unspecified is invalid. + - Ensure that the package is installed. + - >- + The agent ensures that the package is not installed and uninstalls + it if detected. + msi: + $ref: '#/components/schemas/OSPolicyResourcePackageResourceMSI' + description: An MSI package. + rpm: + $ref: '#/components/schemas/OSPolicyResourcePackageResourceRPM' + description: An rpm package file. + googet: + description: A package managed by GooGet. + $ref: '#/components/schemas/OSPolicyResourcePackageResourceGooGet' + apt: + $ref: '#/components/schemas/OSPolicyResourcePackageResourceAPT' + description: A package managed by Apt. + deb: + $ref: '#/components/schemas/OSPolicyResourcePackageResourceDeb' + description: A deb package file. + GoogleCloudOsconfigV2__PolicyOrchestrator: + type: object + properties: + orchestratedResource: + $ref: '#/components/schemas/GoogleCloudOsconfigV2__OrchestratedResource' + description: Required. Resource to be orchestrated by the policy orchestrator. + labels: + type: object + additionalProperties: + type: string + description: Optional. Labels as key value pairs description: - description: >- - OS policy assignment description. Length of the description is - limited to 1024 characters. + description: Optional. Freeform text describing the purpose of the resource. + type: string + etag: + readOnly: true type: string - osPolicies: - description: Required. List of OS policies to be applied to the VMs. - type: array - items: - $ref: '#/components/schemas/OSPolicy' - instanceFilter: - description: Required. Filter to select VMs. - $ref: '#/components/schemas/OSPolicyAssignmentInstanceFilter' - rollout: description: >- - Required. Rollout to deploy the OS policy assignment. A rollout is - triggered in the following situations: 1) OSPolicyAssignment is - created. 2) OSPolicyAssignment is updated and the update contains - changes to one of the following fields: - instance_filter - - os_policies 3) OSPolicyAssignment is deleted. - $ref: '#/components/schemas/OSPolicyAssignmentRollout' - revisionId: + Output only. This checksum is computed by the server based on the + value of other fields, and may be sent on update and delete requests + to ensure the client has an up-to-date value before proceeding. + createTime: + format: google-datetime description: >- - Output only. The assignment revision ID A new revision is committed - whenever a rollout is triggered for a OS policy assignment + Output only. Timestamp when the policy orchestrator resource was + created. readOnly: true type: string - revisionCreateTime: - description: Output only. The timestamp that the revision was created. - readOnly: true + action: + description: >- + Required. Action to be done by the orchestrator in + `projects/{project_id}/zones/{zone_id}` locations defined by the + `orchestration_scope`. Allowed values: - `UPSERT` - Orchestrator + will create or update target resources. - `DELETE` - Orchestrator + will delete target resources, if they exist type: string - format: google-datetime - etag: + state: description: >- - The etag for this OS policy assignment. If this is provided on - update, it must match the server's etag. + Optional. State of the orchestrator. Can be updated to change + orchestrator behaviour. Allowed values: - `ACTIVE` - orchestrator is + actively looking for actions to be taken. - `STOPPED` - orchestrator + won't make any changes. Note: There might be more states added in + the future. We use string here instead of an enum, to avoid the need + of propagating new states to all the client code. type: string - rolloutState: - description: Output only. OS policy assignment rollout state + updateTime: readOnly: true type: string - enumDescriptions: - - Invalid value - - The rollout is in progress. - - The rollout is being cancelled. - - The rollout is cancelled. - - The rollout has completed successfully. - enum: - - ROLLOUT_STATE_UNSPECIFIED - - IN_PROGRESS - - CANCELLING - - CANCELLED - - SUCCEEDED - baseline: description: >- - Output only. Indicates that this revision has been successfully - rolled out in this zone and new VMs will be assigned OS policies - from this revision. For a given OS policy assignment, there is only - one revision with a value of `true` for this field. + Output only. Timestamp when the policy orchestrator resource was + last modified. + format: google-datetime + orchestrationState: + $ref: >- + #/components/schemas/GoogleCloudOsconfigV2_PolicyOrchestrator_OrchestrationState + description: Output only. State of the orchestration. readOnly: true - type: boolean - deleted: + name: description: >- - Output only. Indicates that this revision deletes the OS policy - assignment. - readOnly: true - type: boolean - reconciling: + Immutable. Identifier. In form of * + `organizations/{organization_id}/locations/global/policyOrchestrators/{orchestrator_id}` + * + `folders/{folder_id}/locations/global/policyOrchestrators/{orchestrator_id}` + * + `projects/{project_id_or_number}/locations/global/policyOrchestrators/{orchestrator_id}` + type: string + orchestrationScope: + $ref: '#/components/schemas/GoogleCloudOsconfigV2__OrchestrationScope' description: >- - Output only. Indicates that reconciliation is in progress for the - revision. This value is `true` when the `rollout_state` is one of: * - IN_PROGRESS * CANCELLING + Optional. Defines scope for the orchestration, in context of the + enclosing PolicyOrchestrator resource. Scope is expanded into a list + of pairs, in which the rollout action will take place. Expansion + starts with a Folder resource parenting the PolicyOrchestrator + resource: - All the descendant projects are listed. - List of + project is cross joined with a list of all available zones. - + Resulting list of pairs is filtered according to the selectors. + reconciling: readOnly: true - type: boolean - uid: description: >- - Output only. Server generated unique id for the OS policy assignment - resource. - readOnly: true + Output only. Set to true, if the there are ongoing changes being + applied by the orchestrator. + type: boolean + description: >- + PolicyOrchestrator helps managing project+zone level policy resources + (e.g. OS Policy Assignments), by providing tools to create, update and + delete them across projects and locations, at scale. Policy orchestrator + functions as an endless loop. Each iteration orchestrator computes a set + of resources that should be affected, then progressively applies changes + to them. If for some reason this set of resources changes over time + (e.g. new projects are added), the future loop iterations will address + that. Orchestrator can either upsert or delete policy resources. For + more details, see the description of the `action`, and + `orchestrated_resource` fields. Note that policy orchestrator do not + "manage" the resources it creates. Every iteration is independent and + only minimal history of past actions is retained (apart from Cloud + Logging). If orchestrator gets deleted, it does not affect the resources + it created in the past. Those will remain where they were. Same applies + if projects are removed from the orchestrator's scope. + id: GoogleCloudOsconfigV2__PolicyOrchestrator + MessageSet: + type: object + description: >- + This is proto2's version of MessageSet. DEPRECATED: DO NOT USE FOR NEW + FIELDS. If you are using editions or proto2, please make your own + extendable messages for your use case. If you are using proto3, please + use `Any` instead. MessageSet was the implementation of extensions for + proto1. When proto2 was introduced, extensions were implemented as a + first-class feature. This schema for MessageSet was meant to be a + "bridge" solution to migrate MessageSet-bearing messages from proto1 to + proto2. This schema has been open-sourced only to facilitate the + migration of Google products with MessageSet-bearing messages to + open-source environments. + id: MessageSet + deprecated: true + properties: {} + GoogleCloudOsconfigV2__ListPolicyOrchestratorsResponse: + properties: + unreachable: + type: array + items: + type: string + description: Locations that could not be reached. + policyOrchestrators: + description: The policy orchestrators for the specified parent resource. + items: + $ref: '#/components/schemas/GoogleCloudOsconfigV2__PolicyOrchestrator' + type: array + nextPageToken: type: string - OSPolicy: - id: OSPolicy - description: An OS policy defines the desired state configuration for a VM. + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + description: Response for the list policy orchestrator resources. + id: GoogleCloudOsconfigV2__ListPolicyOrchestratorsResponse type: object + OSPolicyResourceExecResourceExec: + id: OSPolicyResourceExecResourceExec properties: - id: - description: >- - Required. The id of the OS policy with the following restrictions: * - Must contain only lowercase letters, numbers, and hyphens. * Must - start with a letter. * Must be between 1-63 characters. * Must end - with a number or a letter. * Must be unique within the assignment. + script: + description: An inline script. The size of the script is limited to 32KiB. type: string - description: + file: + description: A remote or local file. + $ref: '#/components/schemas/OSPolicyResourceFile' + args: + description: Optional arguments to pass to the source during execution. + items: + type: string + type: array + outputFilePath: description: >- - Policy description. Length of the description is limited to 1024 - characters. + Only recorded for enforce Exec. Path to an output file (that is + created by this Exec) whose content will be recorded in + OSPolicyResourceCompliance after a successful run. Absence or + failure to read this file will result in this ExecResource being + non-compliant. Output file size is limited to 500K bytes. type: string - mode: - description: Required. Policy mode + interpreter: + description: Required. The script interpreter to use. + enum: + - INTERPRETER_UNSPECIFIED + - NONE + - SHELL + - POWERSHELL type: string enumDescriptions: - - Invalid mode + - Invalid value, the request will return validation error. - >- - This mode checks if the configuration resources in the policy are - in their desired state. No actions are performed if they are not - in the desired state. This mode is used for reporting purposes. + If an interpreter is not specified, the source is executed + directly. This execution, without an interpreter, only succeeds + for executables and scripts that have shebang lines. - >- - This mode checks if the configuration resources in the policy are - in their desired state, and if not, enforces the desired state. - enum: - - MODE_UNSPECIFIED - - VALIDATION - - ENFORCEMENT - resourceGroups: - description: >- - Required. List of resource groups for the policy. For a particular - VM, resource groups are evaluated in the order specified and the - first resource group that is applicable is selected and the rest are - ignored. If none of the resource groups are applicable for a VM, the - VM is considered to be non-compliant w.r.t this policy. This - behavior can be toggled by the flag `allow_no_resource_group_match` - type: array - items: - $ref: '#/components/schemas/OSPolicyResourceGroup' - allowNoResourceGroupMatch: - description: >- - This flag determines the OS policy compliance status when none of - the resource groups within the policy are applicable for a VM. Set - this value to `true` if the policy needs to be reported as compliant - even if the policy has nothing to validate or enforce. - type: boolean - OSPolicyResourceGroup: - id: OSPolicyResourceGroup - description: >- - Resource groups provide a mechanism to group OS policy resources. - Resource groups enable OS policy authors to create a single OS policy to - be applied to VMs running different operating Systems. When the OS - policy is applied to a target VM, the appropriate resource group within - the OS policy is selected based on the `OSFilter` specified within the - resource group. + Indicates that the script runs with `/bin/sh` on Linux and + `cmd.exe` on Windows. + - Indicates that the script runs with PowerShell. + description: A file or script to execute. type: object + OSPolicyResourceFileRemote: + id: OSPolicyResourceFileRemote + type: object + description: Specifies a file available via some URI. properties: - inventoryFilters: - description: >- - List of inventory filters for the resource group. The resources in - this resource group are applied to the target VM if it satisfies at - least one of the following inventory filters. For example, to apply - this resource group to VMs running either `RHEL` or `CentOS` - operating systems, specify 2 items for the list with following - values: inventory_filters[0].os_short_name='rhel' and - inventory_filters[1].os_short_name='centos' If the list is empty, - this resource group will be applied to the target VM - unconditionally. - type: array - items: - $ref: '#/components/schemas/OSPolicyInventoryFilter' - resources: + sha256Checksum: + type: string + description: SHA256 checksum of the remote file. + uri: + type: string description: >- - Required. List of resources configured for this resource group. The - resources are executed in the exact order specified here. - type: array - items: - $ref: '#/components/schemas/OSPolicyResource' - OSPolicyInventoryFilter: - id: OSPolicyInventoryFilter - description: Filtering criteria to select VMs based on inventory details. + Required. URI from which to fetch the object. It should contain both + the protocol and path following the format + `{protocol}://{location}`. + OSPolicyAssignmentInstanceFilterInventory: type: object properties: osShortName: - description: Required. The OS short name type: string + description: Required. The OS short name osVersion: description: >- The OS version Prefix matches are supported if asterisk(*) is @@ -531,927 +574,877 @@ components: with a major version of `7`, specify the following value for this field `7.*` An empty string matches all OS versions. type: string - OSPolicyResource: - id: OSPolicyResource + id: OSPolicyAssignmentInstanceFilterInventory + description: VM inventory details. + OSPolicyResourcePackageResourceYUM: description: >- - An OS policy resource is used to define the desired state configuration - and provides a specific functionality like installing/removing packages, - executing a script etc. The system ensures that resources are always in - their desired state by taking necessary actions if they have drifted - from their desired state. - type: object + A package managed by YUM. - install: `yum -y install package` - remove: + `yum -y remove package` properties: - id: - description: >- - Required. The id of the resource with the following restrictions: * - Must contain only lowercase letters, numbers, and hyphens. * Must - start with a letter. * Must be between 1-63 characters. * Must end - with a number or a letter. * Must be unique within the OS policy. + name: type: string - pkg: - description: Package resource - $ref: '#/components/schemas/OSPolicyResourcePackageResource' - repository: - description: Package repository resource - $ref: '#/components/schemas/OSPolicyResourceRepositoryResource' - exec: - description: Exec resource - $ref: '#/components/schemas/OSPolicyResourceExecResource' - file: - description: File resource - $ref: '#/components/schemas/OSPolicyResourceFileResource' - OSPolicyResourcePackageResource: - id: OSPolicyResourcePackageResource - description: A resource that manages a system package. + description: Required. Package name. + id: OSPolicyResourcePackageResourceYUM type: object + FixedOrPercent: + description: >- + Message encapsulating a value that can be either absolute ("fixed") or + relative ("percent") to a value. + id: FixedOrPercent properties: - desiredState: + fixed: + type: integer + format: int32 + description: Specifies a fixed value. + percent: + type: integer + format: int32 description: >- - Required. The desired state the agent should maintain for this - package. - type: string + Specifies the relative value defined as a percentage, which will be + multiplied by a reference value. + type: object + OSPolicyResourceFileResource: + id: OSPolicyResourceFileResource + properties: + state: + description: Required. Desired state of the file. + enum: + - DESIRED_STATE_UNSPECIFIED + - PRESENT + - ABSENT + - CONTENTS_MATCH enumDescriptions: - Unspecified is invalid. - - Ensure that the package is installed. + - Ensure file at path is present. + - Ensure file at path is absent. - >- - The agent ensures that the package is not installed and uninstalls - it if detected. - enum: - - DESIRED_STATE_UNSPECIFIED - - INSTALLED - - REMOVED - apt: - description: A package managed by Apt. - $ref: '#/components/schemas/OSPolicyResourcePackageResourceAPT' - deb: - description: A deb package file. - $ref: '#/components/schemas/OSPolicyResourcePackageResourceDeb' - yum: - description: A package managed by YUM. - $ref: '#/components/schemas/OSPolicyResourcePackageResourceYUM' - zypper: - description: A package managed by Zypper. - $ref: '#/components/schemas/OSPolicyResourcePackageResourceZypper' - rpm: - description: An rpm package file. - $ref: '#/components/schemas/OSPolicyResourcePackageResourceRPM' - googet: - description: A package managed by GooGet. - $ref: '#/components/schemas/OSPolicyResourcePackageResourceGooGet' - msi: - description: An MSI package. - $ref: '#/components/schemas/OSPolicyResourcePackageResourceMSI' - OSPolicyResourcePackageResourceAPT: - id: OSPolicyResourcePackageResourceAPT - description: >- - A package managed by APT. - install: `apt-get update && apt-get -y - install [name]` - remove: `apt-get -y remove [name]` - type: object - properties: - name: - description: Required. Package name. + Ensure the contents of the file at path matches. If the file does + not exist it will be created. + type: string + path: + description: Required. The absolute path of the file within the VM. + type: string + permissions: + type: string + description: >- + Consists of three octal digits which represent, in order, the + permissions of the owner, group, and other users for the file + (similarly to the numeric mode used in the linux chmod utility). + Each digit represents a three bit number with the 4 bit + corresponding to the read permissions, the 2 bit corresponds to the + write bit, and the one bit corresponds to the execute permission. + Default behavior is 755. Below are some examples of permissions and + their associated values: read, write, and execute: 7 read and + execute: 5 read and write: 6 read only: 4 + file: + description: A remote or local source. + $ref: '#/components/schemas/OSPolicyResourceFile' + content: type: string - OSPolicyResourcePackageResourceDeb: - id: OSPolicyResourcePackageResourceDeb - description: A deb package file. dpkg packages only support INSTALLED state. + description: >- + A a file with this content. The size of the content is limited to + 32KiB. + description: A resource that manages the state of a file. type: object + GoogleCloudOsconfigV2_OrchestrationScope_LocationSelector: + description: Selector containing locations in scope. properties: - source: - description: Required. A deb package. - $ref: '#/components/schemas/OSPolicyResourceFile' - pullDeps: - description: >- - Whether dependencies should also be installed. - install when false: - `dpkg -i package` - install when true: `apt-get update && apt-get -y - install package.deb` - type: boolean - OSPolicyResourceFile: - id: OSPolicyResourceFile - description: A remote or local file. + includedLocations: + description: 'Optional. Names of the locations in scope. Format: `us-central1-a`' + items: + type: string + type: array type: object + id: GoogleCloudOsconfigV2_OrchestrationScope_LocationSelector + OSPolicyResourceRepositoryResourceAptRepository: properties: - remote: - description: A generic remote file. - $ref: '#/components/schemas/OSPolicyResourceFileRemote' - gcs: - description: A Cloud Storage object. - $ref: '#/components/schemas/OSPolicyResourceFileGcs' - localPath: - description: A local path within the VM to use. + components: + items: + type: string + description: >- + Required. List of components for this repository. Must contain at + least one item. + type: array + archiveType: + enumDescriptions: + - Unspecified is invalid. + - Deb indicates that the archive contains binary files. + - Deb-src indicates that the archive contains source files. + description: Required. Type of archive files in this repository. type: string - allowInsecure: + enum: + - ARCHIVE_TYPE_UNSPECIFIED + - DEB + - DEB_SRC + gpgKey: description: >- - Defaults to false. When false, files are subject to validations - based on the file type: Remote: A checksum must be specified. Cloud - Storage: An object generation number must be specified. - type: boolean - OSPolicyResourceFileRemote: - id: OSPolicyResourceFileRemote - description: Specifies a file available via some URI. - type: object - properties: + URI of the key file for this repository. The agent maintains a + keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg`. + type: string uri: - description: >- - Required. URI from which to fetch the object. It should contain both - the protocol and path following the format - `{protocol}://{location}`. type: string - sha256Checksum: - description: SHA256 checksum of the remote file. + description: Required. URI for this repository. + distribution: + description: Required. Distribution of this repository. type: string - OSPolicyResourceFileGcs: - id: OSPolicyResourceFileGcs - description: Specifies a file available as a Cloud Storage Object. type: object + description: >- + Represents a single apt package repository. These will be added to a + repo file that will be managed at + `/etc/apt/sources.list.d/google_osconfig.list`. + id: OSPolicyResourceRepositoryResourceAptRepository + OSPolicyAssignmentOperationMetadata: + type: object + id: OSPolicyAssignmentOperationMetadata + description: >- + OS policy assignment operation metadata provided by OS policy assignment + API methods that return long running operations. properties: - bucket: - description: Required. Bucket of the Cloud Storage object. + apiMethod: + enum: + - API_METHOD_UNSPECIFIED + - CREATE + - UPDATE + - DELETE type: string - object: - description: Required. Name of the Cloud Storage object. + enumDescriptions: + - Invalid value + - Create OS policy assignment API method + - Update OS policy assignment API method + - Delete OS policy assignment API method + description: The OS policy assignment API method. + rolloutUpdateTime: type: string - generation: - description: Generation number of the Cloud Storage object. + format: google-datetime + description: Rollout update time + rolloutStartTime: + description: Rollout start time + format: google-datetime type: string - format: int64 - OSPolicyResourcePackageResourceYUM: - id: OSPolicyResourcePackageResourceYUM + rolloutState: + type: string + enumDescriptions: + - Invalid value + - The rollout is in progress. + - The rollout is being cancelled. + - The rollout is cancelled. + - The rollout has completed successfully. + enum: + - ROLLOUT_STATE_UNSPECIFIED + - IN_PROGRESS + - CANCELLING + - CANCELLED + - SUCCEEDED + description: State of the rollout + osPolicyAssignment: + description: >- + Reference to the `OSPolicyAssignment` API resource. Format: + `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id@revision_id}` + type: string + Status: description: >- - A package managed by YUM. - install: `yum -y install package` - remove: - `yum -y remove package` + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + id: Status type: object properties: - name: - description: Required. Package name. + code: + type: integer + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + message: type: string - OSPolicyResourcePackageResourceZypper: - id: OSPolicyResourcePackageResourceZypper - description: >- - A package managed by Zypper. - install: `zypper -y install package` - - remove: `zypper -y rm package` + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + details: + type: array + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + OSPolicyAssignmentLabelSet: type: object + id: OSPolicyAssignmentLabelSet + description: >- + Message representing label set. * A label is a key value pair set for a + VM. * A LabelSet is a set of labels. * Labels within a LabelSet are + ANDed. In other words, a LabelSet is applicable for a VM only if it + matches all the labels in the LabelSet. * Example: A LabelSet with 2 + labels: `env=prod` and `type=webserver` will only be applicable for + those VMs with both labels present. + properties: + labels: + type: object + description: >- + Labels are identified by key/value pairs in this map. A VM should + contain all the key/value pairs specified in this map to be + selected. + additionalProperties: + type: string + OSPolicyResourcePackageResourceAPT: properties: name: - description: Required. Package name. type: string - OSPolicyResourcePackageResourceRPM: - id: OSPolicyResourcePackageResourceRPM - description: An RPM package file. RPM packages only support INSTALLED state. + description: Required. Package name. + description: >- + A package managed by APT. - install: `apt-get update && apt-get -y + install [name]` - remove: `apt-get -y remove [name]` + id: OSPolicyResourcePackageResourceAPT type: object + GoogleCloudOsconfigV2_PolicyOrchestrator_OrchestrationState: + properties: + previousIterationState: + description: Output only. Previous Wave iteration state. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudOsconfigV2_PolicyOrchestrator_IterationState + currentIterationState: + $ref: >- + #/components/schemas/GoogleCloudOsconfigV2_PolicyOrchestrator_IterationState + description: Output only. Current Wave iteration state. + readOnly: true + type: object + description: Describes the state of the orchestration process. + id: GoogleCloudOsconfigV2_PolicyOrchestrator_OrchestrationState + OSPolicyResourcePackageResourceDeb: + id: OSPolicyResourcePackageResourceDeb + description: A deb package file. dpkg packages only support INSTALLED state. properties: - source: - description: Required. An rpm package. - $ref: '#/components/schemas/OSPolicyResourceFile' pullDeps: + type: boolean description: >- Whether dependencies should also be installed. - install when false: - `rpm --upgrade --replacepkgs package.rpm` - install when true: `yum - -y install package.rpm` or `zypper -y install package.rpm` - type: boolean - OSPolicyResourcePackageResourceGooGet: - id: OSPolicyResourcePackageResourceGooGet - description: >- - A package managed by GooGet. - install: `googet -noconfirm install - package` - remove: `googet -noconfirm remove package` + `dpkg -i package` - install when true: `apt-get update && apt-get -y + install package.deb` + source: + description: Required. A deb package. + $ref: '#/components/schemas/OSPolicyResourceFile' type: object - properties: - name: - description: Required. Package name. - type: string OSPolicyResourcePackageResourceMSI: - id: OSPolicyResourcePackageResourceMSI description: An MSI package. MSI packages only support INSTALLED state. + id: OSPolicyResourcePackageResourceMSI type: object - properties: - source: - description: Required. The MSI package. - $ref: '#/components/schemas/OSPolicyResourceFile' + properties: properties: + type: array description: >- Additional properties to use during installation. This should be in the format of Property=Setting. Appended to the defaults of `ACTION=INSTALL REBOOT=ReallySuppress`. - type: array items: type: string - OSPolicyResourceRepositoryResource: - id: OSPolicyResourceRepositoryResource - description: A resource that manages a package repository. - type: object - properties: - apt: - description: An Apt Repository. - $ref: '#/components/schemas/OSPolicyResourceRepositoryResourceAptRepository' - yum: - description: A Yum Repository. - $ref: '#/components/schemas/OSPolicyResourceRepositoryResourceYumRepository' - zypper: - description: A Zypper Repository. - $ref: >- - #/components/schemas/OSPolicyResourceRepositoryResourceZypperRepository - goo: - description: A Goo Repository. - $ref: '#/components/schemas/OSPolicyResourceRepositoryResourceGooRepository' - OSPolicyResourceRepositoryResourceAptRepository: - id: OSPolicyResourceRepositoryResourceAptRepository - description: >- - Represents a single apt package repository. These will be added to a - repo file that will be managed at - `/etc/apt/sources.list.d/google_osconfig.list`. + source: + $ref: '#/components/schemas/OSPolicyResourceFile' + description: Required. The MSI package. + GoogleCloudOsconfigV2_OrchestrationScope_ResourceHierarchySelector: + id: GoogleCloudOsconfigV2_OrchestrationScope_ResourceHierarchySelector + description: Selector containing Cloud Resource Manager resource hierarchy nodes. type: object properties: - archiveType: - description: Required. Type of archive files in this repository. - type: string - enumDescriptions: - - Unspecified is invalid. - - Deb indicates that the archive contains binary files. - - Deb-src indicates that the archive contains source files. - enum: - - ARCHIVE_TYPE_UNSPECIFIED - - DEB - - DEB_SRC - uri: - description: Required. URI for this repository. - type: string - distribution: - description: Required. Distribution of this repository. - type: string - components: + includedFolders: description: >- - Required. List of components for this repository. Must contain at - least one item. + Optional. Names of the folders in scope. Format: + `folders/{folder_id}` type: array items: type: string - gpgKey: + includedProjects: + items: + type: string description: >- - URI of the key file for this repository. The agent maintains a - keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg`. - type: string - OSPolicyResourceRepositoryResourceYumRepository: - id: OSPolicyResourceRepositoryResourceYumRepository - description: >- - Represents a single yum package repository. These are added to a repo - file that is managed at `/etc/yum.repos.d/google_osconfig.repo`. + Optional. Names of the projects in scope. Format: + `projects/{project_number}` + type: array + GoogleCloudOsconfigV2__OperationMetadata: + id: GoogleCloudOsconfigV2__OperationMetadata + description: Represents the metadata of the long-running operation. type: object properties: - id: + requestedCancellation: + readOnly: true description: >- - Required. A one word, unique name for this repository. This is the - `repo id` in the yum config file and also the `display_name` if - `display_name` is omitted. This id is also used as the unique - identifier when checking for resource conflicts. + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have been cancelled successfully + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. + type: boolean + endTime: + readOnly: true type: string - displayName: - description: The display name of the repository. + format: google-datetime + description: Output only. The time the operation finished running. + apiVersion: type: string - baseUrl: - description: Required. The location of the repository directory. + readOnly: true + description: Output only. API version used to start the operation. + createTime: + format: google-datetime type: string - gpgKeys: - description: URIs of GPG keys. - type: array - items: - type: string - OSPolicyResourceRepositoryResourceZypperRepository: - id: OSPolicyResourceRepositoryResourceZypperRepository - description: >- - Represents a single zypper package repository. These are added to a repo - file that is managed at `/etc/zypp/repos.d/google_osconfig.repo`. - type: object - properties: - id: - description: >- - Required. A one word, unique name for this repository. This is the - `repo id` in the zypper config file and also the `display_name` if - `display_name` is omitted. This id is also used as the unique - identifier when checking for GuestPolicy conflicts. + description: Output only. The time the operation was created. + readOnly: true + statusMessage: + description: Output only. Human-readable status of the operation, if any. type: string - displayName: - description: The display name of the repository. + readOnly: true + target: type: string - baseUrl: - description: Required. The location of the repository directory. + description: >- + Output only. Server-defined resource path for the target of the + operation. + readOnly: true + verb: type: string - gpgKeys: - description: URIs of GPG keys. - type: array - items: - type: string - OSPolicyResourceRepositoryResourceGooRepository: - id: OSPolicyResourceRepositoryResourceGooRepository - description: >- - Represents a Goo package repository. These are added to a repo file that - is managed at `C:/ProgramData/GooGet/repos/google_osconfig.repo`. - type: object + readOnly: true + description: Output only. Name of the verb executed by the operation. + OSPolicyResourceFile: properties: - name: - description: Required. The name of the repository. - type: string - url: - description: Required. The url of the repository. + gcs: + description: A Cloud Storage object. + $ref: '#/components/schemas/OSPolicyResourceFileGcs' + remote: + description: A generic remote file. + $ref: '#/components/schemas/OSPolicyResourceFileRemote' + allowInsecure: + description: >- + Defaults to false. When false, files are subject to validations + based on the file type: Remote: A checksum must be specified. Cloud + Storage: An object generation number must be specified. + type: boolean + localPath: + description: A local path within the VM to use. type: string - OSPolicyResourceExecResource: - id: OSPolicyResourceExecResource - description: >- - A resource that allows executing scripts on the VM. The `ExecResource` - has 2 stages: `validate` and `enforce` and both stages accept a script - as an argument to execute. When the `ExecResource` is applied by the - agent, it first executes the script in the `validate` stage. The - `validate` stage can signal that the `ExecResource` is already in the - desired state by returning an exit code of `100`. If the `ExecResource` - is not in the desired state, it should return an exit code of `101`. Any - other exit code returned by this stage is considered an error. If the - `ExecResource` is not in the desired state based on the exit code from - the `validate` stage, the agent proceeds to execute the script from the - `enforce` stage. If the `ExecResource` is already in the desired state, - the `enforce` stage will not be run. Similar to `validate` stage, the - `enforce` stage should return an exit code of `100` to indicate that the - resource in now in its desired state. Any other exit code is considered - an error. NOTE: An exit code of `100` was chosen over `0` (and `101` vs - `1`) to have an explicit indicator of `in desired state`, `not in - desired state` and errors. Because, for example, Powershell will always - return an exit code of `0` unless an `exit` statement is provided in the - script. So, for reasons of consistency and being explicit, exit codes - `100` and `101` were chosen. + id: OSPolicyResourceFile + description: A remote or local file. type: object + GoogleCloudOsconfigV2__OrchestrationScope: properties: - validate: - description: >- - Required. What to run to validate this resource is in the desired - state. An exit code of 100 indicates "in desired state", and exit - code of 101 indicates "not in desired state". Any other exit code - indicates a failure running validate. - $ref: '#/components/schemas/OSPolicyResourceExecResourceExec' - enforce: + selectors: description: >- - What to run to bring this resource into the desired state. An exit - code of 100 indicates "success", any other exit code indicates a - failure running enforce. - $ref: '#/components/schemas/OSPolicyResourceExecResourceExec' - OSPolicyResourceExecResourceExec: - id: OSPolicyResourceExecResourceExec - description: A file or script to execute. - type: object - properties: - file: - description: A remote or local file. - $ref: '#/components/schemas/OSPolicyResourceFile' - script: - description: An inline script. The size of the script is limited to 32KiB. - type: string - args: - description: Optional arguments to pass to the source during execution. - type: array + Optional. Selectors of the orchestration scope. There is a logical + AND between each selector defined. When there is no explicit + `ResourceHierarchySelector` selector specified, the scope is by + default bounded to the parent of the policy orchestrator resource. items: - type: string - interpreter: - description: Required. The script interpreter to use. - type: string - enumDescriptions: - - Invalid value, the request will return validation error. - - >- - If an interpreter is not specified, the source is executed - directly. This execution, without an interpreter, only succeeds - for executables and scripts that have shebang lines. - - >- - Indicates that the script runs with `/bin/sh` on Linux and - `cmd.exe` on Windows. - - Indicates that the script runs with PowerShell. - enum: - - INTERPRETER_UNSPECIFIED - - NONE - - SHELL - - POWERSHELL - outputFilePath: - description: >- - Only recorded for enforce Exec. Path to an output file (that is - created by this Exec) whose content will be recorded in - OSPolicyResourceCompliance after a successful run. Absence or - failure to read this file will result in this ExecResource being - non-compliant. Output file size is limited to 500K bytes. - type: string - OSPolicyResourceFileResource: - id: OSPolicyResourceFileResource - description: A resource that manages the state of a file. + $ref: >- + #/components/schemas/GoogleCloudOsconfigV2_OrchestrationScope_Selector + type: array + id: GoogleCloudOsconfigV2__OrchestrationScope + description: >- + Defines a set of selectors which drive which resources are in scope of + policy orchestration. type: object + OSPolicyAssignment: + id: OSPolicyAssignment properties: - file: - description: A remote or local source. - $ref: '#/components/schemas/OSPolicyResourceFile' - content: + baseline: description: >- - A a file with this content. The size of the content is limited to - 32KiB. - type: string - path: - description: Required. The absolute path of the file within the VM. + Output only. Indicates that this revision has been successfully + rolled out in this zone and new VMs will be assigned OS policies + from this revision. For a given OS policy assignment, there is only + one revision with a value of `true` for this field. + type: boolean + readOnly: true + reconciling: + readOnly: true + type: boolean + description: >- + Output only. Indicates that reconciliation is in progress for the + revision. This value is `true` when the `rollout_state` is one of: * + IN_PROGRESS * CANCELLING + revisionCreateTime: type: string - state: - description: Required. Desired state of the file. + format: google-datetime + description: Output only. The timestamp that the revision was created. + readOnly: true + rolloutState: + readOnly: true type: string - enumDescriptions: - - Unspecified is invalid. - - Ensure file at path is present. - - Ensure file at path is absent. - - >- - Ensure the contents of the file at path matches. If the file does - not exist it will be created. enum: - - DESIRED_STATE_UNSPECIFIED - - PRESENT - - ABSENT - - CONTENTS_MATCH - permissions: + - ROLLOUT_STATE_UNSPECIFIED + - IN_PROGRESS + - CANCELLING + - CANCELLED + - SUCCEEDED + description: Output only. OS policy assignment rollout state + enumDescriptions: + - Invalid value + - The rollout is in progress. + - The rollout is being cancelled. + - The rollout is cancelled. + - The rollout has completed successfully. + name: description: >- - Consists of three octal digits which represent, in order, the - permissions of the owner, group, and other users for the file - (similarly to the numeric mode used in the linux chmod utility). - Each digit represents a three bit number with the 4 bit - corresponding to the read permissions, the 2 bit corresponds to the - write bit, and the one bit corresponds to the execute permission. - Default behavior is 755. Below are some examples of permissions and - their associated values: read, write, and execute: 7 read and - execute: 5 read and write: 6 read only: 4 + Resource name. Format: + `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id}` + This field is ignored when you create an OS policy assignment. type: string - OSPolicyAssignmentInstanceFilter: - id: OSPolicyAssignmentInstanceFilter - description: >- - Filters to select target VMs for an assignment. If more than one filter - criteria is specified below, a VM will be selected if and only if it - satisfies all of them. - type: object - properties: - all: - description: >- - Target all VMs in the project. If true, no other criteria is - permitted. + deleted: type: boolean - inclusionLabels: + readOnly: true description: >- - List of label sets used for VM inclusion. If the list has more than - one `LabelSet`, the VM is included if any of the label sets are - applicable for the VM. - type: array - items: - $ref: '#/components/schemas/OSPolicyAssignmentLabelSet' - exclusionLabels: + Output only. Indicates that this revision deletes the OS policy + assignment. + description: description: >- - List of label sets used for VM exclusion. If the list has more than - one label set, the VM is excluded if any of the label sets are - applicable for the VM. - type: array - items: - $ref: '#/components/schemas/OSPolicyAssignmentLabelSet' - inventories: + OS policy assignment description. Length of the description is + limited to 1024 characters. + type: string + etag: + type: string description: >- - List of inventories to select VMs. A VM is selected if its inventory - data matches at least one of the following inventories. - type: array + The etag for this OS policy assignment. If this is provided on + update, it must match the server's etag. + osPolicies: items: - $ref: '#/components/schemas/OSPolicyAssignmentInstanceFilterInventory' - OSPolicyAssignmentLabelSet: - id: OSPolicyAssignmentLabelSet - description: >- - Message representing label set. * A label is a key value pair set for a - VM. * A LabelSet is a set of labels. * Labels within a LabelSet are - ANDed. In other words, a LabelSet is applicable for a VM only if it - matches all the labels in the LabelSet. * Example: A LabelSet with 2 - labels: `env=prod` and `type=webserver` will only be applicable for - those VMs with both labels present. - type: object - properties: - labels: + $ref: '#/components/schemas/OSPolicy' + type: array + description: Required. List of OS policies to be applied to the VMs. + revisionId: + readOnly: true description: >- - Labels are identified by key/value pairs in this map. A VM should - contain all the key/value pairs specified in this map to be - selected. - type: object - additionalProperties: - type: string - OSPolicyAssignmentInstanceFilterInventory: - id: OSPolicyAssignmentInstanceFilterInventory - description: VM inventory details. - type: object - properties: - osShortName: - description: Required. The OS short name + Output only. The assignment revision ID A new revision is committed + whenever a rollout is triggered for a OS policy assignment type: string - osVersion: - description: >- - The OS version Prefix matches are supported if asterisk(*) is - provided as the last character. For example, to match all versions - with a major version of `7`, specify the following value for this - field `7.*` An empty string matches all OS versions. + uid: + readOnly: true type: string - OSPolicyAssignmentRollout: - id: OSPolicyAssignmentRollout - description: >- - Message to configure the rollout at the zonal level for the OS policy - assignment. - type: object - properties: - disruptionBudget: description: >- - Required. The maximum number (or percentage) of VMs per zone to - disrupt at any given moment. - $ref: '#/components/schemas/FixedOrPercent' - minWaitDuration: + Output only. Server generated unique id for the OS policy assignment + resource. + instanceFilter: + description: Required. Filter to select VMs. + $ref: '#/components/schemas/OSPolicyAssignmentInstanceFilter' + rollout: description: >- - Required. This determines the minimum duration of time to wait after - the configuration changes are applied through the current rollout. A - VM continues to count towards the `disruption_budget` at least until - this duration of time has passed after configuration changes are - applied. - type: string - format: google-duration - FixedOrPercent: - id: FixedOrPercent - description: >- - Message encapsulating a value that can be either absolute ("fixed") or - relative ("percent") to a value. + Required. Rollout to deploy the OS policy assignment. A rollout is + triggered in the following situations: 1) OSPolicyAssignment is + created. 2) OSPolicyAssignment is updated and the update contains + changes to one of the following fields: - instance_filter - + os_policies 3) OSPolicyAssignment is deleted. + $ref: '#/components/schemas/OSPolicyAssignmentRollout' type: object + description: >- + OS policy assignment is an API resource that is used to apply a set of + OS policies to a dynamically targeted group of Compute Engine VM + instances. An OS policy is used to define the desired state + configuration for a Compute Engine VM instance through a set of + configuration resources that provide capabilities such as installing or + removing software packages, or executing a script. For more information + about the OS policy resource definitions and examples, see [OS policy + and OS policy + assignment](https://cloud.google.com/compute/docs/os-configuration-management/working-with-os-policies). + OSPolicyResourceRepositoryResourceYumRepository: properties: - fixed: - description: Specifies a fixed value. - type: integer - format: int32 - percent: + id: description: >- - Specifies the relative value defined as a percentage, which will be - multiplied by a reference value. - type: integer - format: int32 - GoogleCloudOsconfigV2_PolicyOrchestrator_OrchestrationState: - id: GoogleCloudOsconfigV2_PolicyOrchestrator_OrchestrationState - description: Describes the state of the orchestration process. + Required. A one word, unique name for this repository. This is the + `repo id` in the yum config file and also the `display_name` if + `display_name` is omitted. This id is also used as the unique + identifier when checking for resource conflicts. + type: string + displayName: + type: string + description: The display name of the repository. + baseUrl: + type: string + description: Required. The location of the repository directory. + gpgKeys: + description: URIs of GPG keys. + items: + type: string + type: array type: object - properties: - currentIterationState: - description: Output only. Current Wave iteration state. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudOsconfigV2_PolicyOrchestrator_IterationState - previousIterationState: - description: Output only. Previous Wave iteration state. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudOsconfigV2_PolicyOrchestrator_IterationState - GoogleCloudOsconfigV2_PolicyOrchestrator_IterationState: - id: GoogleCloudOsconfigV2_PolicyOrchestrator_IterationState - description: Describes the state of a single iteration of the orchestrator. + id: OSPolicyResourceRepositoryResourceYumRepository + description: >- + Represents a single yum package repository. These are added to a repo + file that is managed at `/etc/yum.repos.d/google_osconfig.repo`. + GoogleCloudOsconfigV2beta__OperationMetadata: type: object + id: GoogleCloudOsconfigV2beta__OperationMetadata properties: - state: - description: Output only. State of the iteration. + verb: readOnly: true type: string - enumDescriptions: - - Default value. This value is unused. - - Iteration is in progress. - - Iteration completed, with all actions being successful. - - Iteration completed, with failures. - - Iteration was explicitly cancelled. - - Impossible to determine current state of the iteration. - enum: - - STATE_UNSPECIFIED - - PROCESSING - - COMPLETED - - FAILED - - CANCELLED - - UNKNOWN - iterationId: - description: Output only. Unique identifier of the iteration. + description: Output only. Name of the verb executed by the operation. + requestedCancellation: readOnly: true - type: string - progress: description: >- - Output only. An estimated percentage of the progress. Number between - 0 and 100. + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have been cancelled successfully + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. + type: boolean + endTime: + description: Output only. The time the operation finished running. + type: string readOnly: true - type: number - format: float - performedActions: - description: >- - Output only. Overall number of actions done by the orchestrator so - far. + format: google-datetime + apiVersion: readOnly: true type: string - format: int64 - failedActions: - description: >- - Output only. Number of orchestration actions which failed so far. - For more details, query the Cloud Logs. + description: Output only. API version used to start the operation. + createTime: readOnly: true + description: Output only. The time the operation was created. + format: google-datetime type: string - format: int64 - startTime: - description: Output only. Start time of the wave iteration. + statusMessage: readOnly: true type: string - format: google-datetime - finishTime: - description: Output only. Finish time of the wave iteration. + description: Output only. Human-readable status of the operation, if any. + target: + description: >- + Output only. Server-defined resource path for the target of the + operation. readOnly: true type: string - format: google-datetime - error: - description: Output only. Error thrown in the wave iteration. - readOnly: true - $ref: '#/components/schemas/Status' - GoogleCloudOsconfigV2__ListPolicyOrchestratorsResponse: - id: GoogleCloudOsconfigV2__ListPolicyOrchestratorsResponse - description: Response for the list policy orchestrator resources. + description: Represents the metadata of the long-running operation. + OSPolicyResourceGroup: + id: OSPolicyResourceGroup type: object + description: >- + Resource groups provide a mechanism to group OS policy resources. + Resource groups enable OS policy authors to create a single OS policy to + be applied to VMs running different operating Systems. When the OS + policy is applied to a target VM, the appropriate resource group within + the OS policy is selected based on the `OSFilter` specified within the + resource group. properties: - policyOrchestrators: - description: The policy orchestrators for the specified parent resource. + resources: + description: >- + Required. List of resources configured for this resource group. The + resources are executed in the exact order specified here. + items: + $ref: '#/components/schemas/OSPolicyResource' type: array + inventoryFilters: + description: >- + List of inventory filters for the resource group. The resources in + this resource group are applied to the target VM if it satisfies at + least one of the following inventory filters. For example, to apply + this resource group to VMs running either `RHEL` or `CentOS` + operating systems, specify 2 items for the list with following + values: inventory_filters[0].os_short_name='rhel' and + inventory_filters[1].os_short_name='centos' If the list is empty, + this resource group will be applied to the target VM + unconditionally. items: - $ref: '#/components/schemas/GoogleCloudOsconfigV2__PolicyOrchestrator' + $ref: '#/components/schemas/OSPolicyInventoryFilter' + type: array + ListOperationsResponse: + properties: nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. type: string + description: The standard List next-page token. unreachable: - description: Locations that could not be reached. type: array items: type: string - OSPolicyAssignmentOperationMetadata: - id: OSPolicyAssignmentOperationMetadata + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + operations: + description: >- + A list of operations that matches the specified filter in the + request. + type: array + items: + $ref: '#/components/schemas/Operation' + type: object + description: The response message for Operations.ListOperations. + id: ListOperationsResponse + OSPolicyResourceRepositoryResourceGooRepository: + id: OSPolicyResourceRepositoryResourceGooRepository description: >- - OS policy assignment operation metadata provided by OS policy assignment - API methods that return long running operations. + Represents a Goo package repository. These are added to a repo file that + is managed at `C:/ProgramData/GooGet/repos/google_osconfig.repo`. type: object properties: - osPolicyAssignment: - description: >- - Reference to the `OSPolicyAssignment` API resource. Format: - `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id@revision_id}` - type: string - apiMethod: - description: The OS policy assignment API method. - type: string - enumDescriptions: - - Invalid value - - Create OS policy assignment API method - - Update OS policy assignment API method - - Delete OS policy assignment API method - enum: - - API_METHOD_UNSPECIFIED - - CREATE - - UPDATE - - DELETE - rolloutState: - description: State of the rollout + name: + description: Required. The name of the repository. type: string - enumDescriptions: - - Invalid value - - The rollout is in progress. - - The rollout is being cancelled. - - The rollout is cancelled. - - The rollout has completed successfully. - enum: - - ROLLOUT_STATE_UNSPECIFIED - - IN_PROGRESS - - CANCELLING - - CANCELLED - - SUCCEEDED - rolloutStartTime: - description: Rollout start time + url: + description: Required. The url of the repository. type: string - format: google-datetime - rolloutUpdateTime: - description: Rollout update time + Operation: + properties: + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + name: type: string - format: google-datetime - GoogleCloudOsconfigV1__OSPolicyAssignmentOperationMetadata: - id: GoogleCloudOsconfigV1__OSPolicyAssignmentOperationMetadata + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + response: + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + metadata: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + id: Operation description: >- - OS policy assignment operation metadata provided by OS policy assignment - API methods that return long running operations. + This resource represents a long-running operation that is the result of + a network API call. + type: object + GoogleCloudOsconfigV2_OrchestrationScope_Selector: + id: GoogleCloudOsconfigV2_OrchestrationScope_Selector + description: Selector for the resources in scope of orchestration. + type: object + properties: + locationSelector: + $ref: >- + #/components/schemas/GoogleCloudOsconfigV2_OrchestrationScope_LocationSelector + description: Selector for selecting locations. + resourceHierarchySelector: + $ref: >- + #/components/schemas/GoogleCloudOsconfigV2_OrchestrationScope_ResourceHierarchySelector + description: Selector for selecting resource hierarchy. + OSPolicyResourceExecResource: + properties: + validate: + description: >- + Required. What to run to validate this resource is in the desired + state. An exit code of 100 indicates "in desired state", and exit + code of 101 indicates "not in desired state". Any other exit code + indicates a failure running validate. + $ref: '#/components/schemas/OSPolicyResourceExecResourceExec' + enforce: + description: >- + What to run to bring this resource into the desired state. An exit + code of 100 indicates "success", any other exit code indicates a + failure running enforce. + $ref: '#/components/schemas/OSPolicyResourceExecResourceExec' + id: OSPolicyResourceExecResource + description: >- + A resource that allows executing scripts on the VM. The `ExecResource` + has 2 stages: `validate` and `enforce` and both stages accept a script + as an argument to execute. When the `ExecResource` is applied by the + agent, it first executes the script in the `validate` stage. The + `validate` stage can signal that the `ExecResource` is already in the + desired state by returning an exit code of `100`. If the `ExecResource` + is not in the desired state, it should return an exit code of `101`. Any + other exit code returned by this stage is considered an error. If the + `ExecResource` is not in the desired state based on the exit code from + the `validate` stage, the agent proceeds to execute the script from the + `enforce` stage. If the `ExecResource` is already in the desired state, + the `enforce` stage will not be run. Similar to `validate` stage, the + `enforce` stage should return an exit code of `100` to indicate that the + resource in now in its desired state. Any other exit code is considered + an error. NOTE: An exit code of `100` was chosen over `0` (and `101` vs + `1`) to have an explicit indicator of `in desired state`, `not in + desired state` and errors. Because, for example, Powershell will always + return an exit code of `0` unless an `exit` statement is provided in the + script. So, for reasons of consistency and being explicit, exit codes + `100` and `101` were chosen. type: object + OSPolicyResourcePackageResourceRPM: properties: - osPolicyAssignment: + pullDeps: description: >- - Reference to the `OSPolicyAssignment` API resource. Format: - `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id@revision_id}` - type: string - apiMethod: - description: The OS policy assignment API method. - type: string - enumDescriptions: - - Invalid value - - Create OS policy assignment API method - - Update OS policy assignment API method - - Delete OS policy assignment API method - enum: - - API_METHOD_UNSPECIFIED - - CREATE - - UPDATE - - DELETE - rolloutState: - description: State of the rollout - type: string - enumDescriptions: - - Invalid value - - The rollout is in progress. - - The rollout is being cancelled. - - The rollout is cancelled. - - The rollout has completed successfully. - enum: - - ROLLOUT_STATE_UNSPECIFIED - - IN_PROGRESS - - CANCELLING - - CANCELLED - - SUCCEEDED - rolloutStartTime: - description: Rollout start time - type: string - format: google-datetime - rolloutUpdateTime: - description: Rollout update time - type: string - format: google-datetime - GoogleCloudOsconfigV2__OperationMetadata: - id: GoogleCloudOsconfigV2__OperationMetadata - description: Represents the metadata of the long-running operation. + Whether dependencies should also be installed. - install when false: + `rpm --upgrade --replacepkgs package.rpm` - install when true: `yum + -y install package.rpm` or `zypper -y install package.rpm` + type: boolean + source: + description: Required. An rpm package. + $ref: '#/components/schemas/OSPolicyResourceFile' + description: An RPM package file. RPM packages only support INSTALLED state. + id: OSPolicyResourcePackageResourceRPM type: object + OSPolicyResourceRepositoryResourceZypperRepository: properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + gpgKeys: + items: + type: string + description: URIs of GPG keys. + type: array + displayName: type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + description: The display name of the repository. + id: type: string - format: google-datetime - target: description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true + Required. A one word, unique name for this repository. This is the + `repo id` in the zypper config file and also the `display_name` if + `display_name` is omitted. This id is also used as the unique + identifier when checking for GuestPolicy conflicts. + baseUrl: + description: Required. The location of the repository directory. type: string - requestedCancellation: + id: OSPolicyResourceRepositoryResourceZypperRepository + description: >- + Represents a single zypper package repository. These are added to a repo + file that is managed at `/etc/zypp/repos.d/google_osconfig.repo`. + type: object + GoogleCloudOsconfigV2__OrchestratedResource: + type: object + description: >- + Represents a resource that is being orchestrated by the policy + orchestrator. + properties: + id: description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been cancelled successfully - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + Optional. ID of the resource to be used while generating set of + affected resources. For UPSERT action the value is auto-generated + during PolicyOrchestrator creation when not set. When the value is + set it should following next restrictions: * Must contain only + lowercase letters, numbers, and hyphens. * Must start with a letter. + * Must be between 1-63 characters. * Must end with a number or a + letter. * Must be unique within the project. For DELETE action, ID + must be specified explicitly during PolicyOrchestrator creation. type: string - GoogleCloudOsconfigV2beta__OperationMetadata: - id: GoogleCloudOsconfigV2beta__OperationMetadata - description: Represents the metadata of the long-running operation. + osPolicyAssignmentV1Payload: + $ref: '#/components/schemas/OSPolicyAssignment' + description: >- + Optional. OSPolicyAssignment resource to be created, updated or + deleted. Name field is ignored and replace with a generated value. + With this field set, orchestrator will perform actions on + `project/{project}/locations/{zone}/osPolicyAssignments/{resource_id}` + resources, where `project` and `zone` pairs come from the expanded + scope, and `resource_id` comes from the `resource_id` field of + orchestrator resource. + id: GoogleCloudOsconfigV2__OrchestratedResource + OSPolicyAssignmentInstanceFilter: + description: >- + Filters to select target VMs for an assignment. If more than one filter + criteria is specified below, a VM will be selected if and only if it + satisfies all of them. type: object + id: OSPolicyAssignmentInstanceFilter properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - target: + inventories: description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true - type: string - requestedCancellation: + List of inventories to select VMs. A VM is selected if its inventory + data matches at least one of the following inventories. + type: array + items: + $ref: '#/components/schemas/OSPolicyAssignmentInstanceFilterInventory' + all: description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been cancelled successfully - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true + Target all VMs in the project. If true, no other criteria is + permitted. type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string + inclusionLabels: + type: array + description: >- + List of label sets used for VM inclusion. If the list has more than + one `LabelSet`, the VM is included if any of the label sets are + applicable for the VM. + items: + $ref: '#/components/schemas/OSPolicyAssignmentLabelSet' + exclusionLabels: + items: + $ref: '#/components/schemas/OSPolicyAssignmentLabelSet' + type: array + description: >- + List of label sets used for VM exclusion. If the list has more than + one label set, the VM is excluded if any of the label sets are + applicable for the VM. StatusProto: - id: StatusProto description: Wire-format for a Status object - type: object properties: - code: + messageSet: + $ref: '#/components/schemas/MessageSet' description: >- - Numeric code drawn from the space specified below. Often, this is - the canonical error space, and code is drawn from - google3/util/task/codes.proto copybara:strip_begin(b/383363683) - copybara:strip_end_and_replace optional int32 code = 1; - type: integer - format: int32 + message_set associates an arbitrary proto message with the status. + copybara:strip_begin(b/383363683) copybara:strip_end_and_replace + optional proto2.bridge.MessageSet message_set = 5; space: description: >- copybara:strip_begin(b/383363683) Space to which this status belongs copybara:strip_end_and_replace optional string space = 2; // Space to which this status belongs type: string - message: - description: >- - Detail message copybara:strip_begin(b/383363683) - copybara:strip_end_and_replace optional string message = 3; - type: string - canonicalCode: - description: >- - copybara:strip_begin(b/383363683) copybara:strip_end_and_replace - optional int32 canonical_code = 6; - type: integer - format: int32 - messageSet: - description: >- - message_set associates an arbitrary proto message with the status. - copybara:strip_begin(b/383363683) copybara:strip_end_and_replace - optional proto2.bridge.MessageSet message_set = 5; - $ref: '#/components/schemas/MessageSet' - MessageSet: - id: MessageSet - deprecated: true - description: >- - This is proto2's version of MessageSet. DEPRECATED: DO NOT USE FOR NEW - FIELDS. If you are using editions or proto2, please make your own - extendable messages for your use case. If you are using proto3, please - use `Any` instead. MessageSet was the implementation of extensions for - proto1. When proto2 was introduced, extensions were implemented as a - first-class feature. This schema for MessageSet was meant to be a - "bridge" solution to migrate MessageSet-bearing messages from proto1 to - proto2. This schema has been open-sourced only to facilitate the - migration of Google products with MessageSet-bearing messages to - open-source environments. + code: + format: int32 + type: integer + description: >- + Numeric code drawn from the space specified below. Often, this is + the canonical error space, and code is drawn from + google3/util/task/codes.proto copybara:strip_begin(b/383363683) + copybara:strip_end_and_replace optional int32 code = 1; + canonicalCode: + description: >- + copybara:strip_begin(b/383363683) copybara:strip_end_and_replace + optional int32 canonical_code = 6; + type: integer + format: int32 + message: + type: string + description: >- + Detail message copybara:strip_begin(b/383363683) + copybara:strip_end_and_replace optional string message = 3; + id: StatusProto type: object - properties: {} parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: alt + name: quotaUser schema: type: string - enum: - - json - - media - - proto callback: description: JSONP in: query name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + access_token: + description: OAuth access token. in: query - name: key + name: access_token schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: oauth_token + name: fields schema: type: string prettyPrint: @@ -1460,13 +1453,13 @@ components: name: prettyPrint schema: type: boolean - quotaUser: + key: description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: quotaUser + name: key schema: type: string upload_protocol: @@ -1475,6 +1468,12 @@ components: name: upload_protocol schema: type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query @@ -1490,38 +1489,48 @@ components: enum: - '1' - '2' + alt: + description: Data format for response. + in: query + name: alt + schema: + type: string + enum: + - json + - media + - proto x-stackQL-resources: operations: id: google.osconfig.operations name: operations title: Operations methods: - list: + get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - get: + delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable cancel: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' @@ -1539,39 +1548,39 @@ components: name: policy_orchestrators title: Policy_orchestrators methods: - create: + patch: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1global~1policyOrchestrators/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1global~1policyOrchestrators~1{policyOrchestratorsId}/patch response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1global~1policyOrchestrators/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1global~1policyOrchestrators~1{policyOrchestratorsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.policyOrchestrators - get: + delete: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1global~1policyOrchestrators~1{policyOrchestratorsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1global~1policyOrchestrators~1{policyOrchestratorsId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1global~1policyOrchestrators~1{policyOrchestratorsId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1global~1policyOrchestrators/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.unreachable + create: operation: $ref: >- - #/paths/~1v2~1organizations~1{organizationsId}~1locations~1global~1policyOrchestrators~1{policyOrchestratorsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1global~1policyOrchestrators/post response: mediaType: application/json openAPIDocKey: '200' @@ -1590,24 +1599,25 @@ components: - $ref: >- #/components/x-stackQL-resources/policy_orchestrators/methods/delete paths: - /v2/projects/{projectsId}/locations/{locationsId}/operations: + /v2/folders/{foldersId}/locations/{locationsId}/operations/{operationsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/alt' get: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: osconfig.projects.locations.operations.list + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: osconfig.folders.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1619,10 +1629,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: foldersId required: true schema: type: string @@ -1631,27 +1641,18 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 - get: + delete: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: osconfig.projects.locations.operations.get + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: osconfig.folders.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1663,10 +1664,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId + name: foldersId required: true schema: type: string @@ -1680,13 +1681,13 @@ paths: required: true schema: type: string - delete: + /v2/folders/{foldersId}/locations/{locationsId}/operations: + parameters: *ref_1 + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: osconfig.projects.locations.operations.delete + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: osconfig.folders.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1698,10 +1699,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path - name: projectsId + name: foldersId required: true schema: type: string @@ -1710,12 +1711,24 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageToken schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v2/folders/{foldersId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- @@ -1728,7 +1741,7 @@ paths: cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - operationId: osconfig.projects.locations.operations.cancel + operationId: osconfig.folders.locations.operations.cancel requestBody: content: application/json: @@ -1748,7 +1761,7 @@ paths: $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId + name: foldersId required: true schema: type: string @@ -1762,16 +1775,11 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/global/policyOrchestrators: + /v2/folders/{foldersId}/locations/global/policyOrchestrators/{policyOrchestratorsId}: parameters: *ref_1 - post: - description: >- - Creates a new policy orchestrator under the given project resource. - `name` field of the given orchestrator are ignored and instead replaced - by a product of `parent` and `policy_orchestrator_id`. Orchestrator - state field might be only set to `ACTIVE`, `STOPPED` or omitted (in - which case, the created resource will be in `ACTIVE` state anyway). - operationId: osconfig.projects.locations.global.policyOrchestrators.create + patch: + description: Updates an existing policy orchestrator, parented by a folder. + operationId: osconfig.folders.locations.global.policyOrchestrators.patch requestBody: content: application/json: @@ -1791,21 +1799,23 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: foldersId required: true schema: type: string - - in: query - name: policyOrchestratorId + - in: path + name: policyOrchestratorsId + required: true schema: type: string - in: query - name: requestId + name: updateMask schema: type: string + format: google-fieldmask get: - description: Lists the policy orchestrators under the given parent project resource. - operationId: osconfig.projects.locations.global.policyOrchestrators.list + description: Retrieves an existing policy orchestrator, parented by a folder. + operationId: osconfig.folders.locations.global.policyOrchestrators.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1817,36 +1827,21 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudOsconfigV2__ListPolicyOrchestratorsResponse + $ref: '#/components/schemas/GoogleCloudOsconfigV2__PolicyOrchestrator' parameters: - in: path - name: projectsId + name: foldersId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: policyOrchestratorsId + required: true schema: type: string - /v2/projects/{projectsId}/locations/global/policyOrchestrators/{policyOrchestratorsId}: - parameters: *ref_1 - get: - description: Retrieves an existing policy orchestrator, parented by a project. - operationId: osconfig.projects.locations.global.policyOrchestrators.get + delete: + description: Deletes an existing policy orchestrator resource, parented by a folder. + operationId: osconfig.folders.locations.global.policyOrchestrators.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1858,10 +1853,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudOsconfigV2__PolicyOrchestrator' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: foldersId required: true schema: type: string @@ -1870,14 +1865,19 @@ paths: required: true schema: type: string - patch: - description: Updates an existing policy orchestrator, parented by a project. - operationId: osconfig.projects.locations.global.policyOrchestrators.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudOsconfigV2__PolicyOrchestrator' + - in: query + name: etag + schema: + type: string + - in: query + name: requestId + schema: + type: string + /v2/folders/{foldersId}/locations/global/policyOrchestrators: + parameters: *ref_1 + get: + description: Lists the policy orchestrators under the given parent folder resource. + operationId: osconfig.folders.locations.global.policyOrchestrators.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1889,26 +1889,44 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: >- + #/components/schemas/GoogleCloudOsconfigV2__ListPolicyOrchestratorsResponse parameters: - in: path - name: projectsId + name: foldersId required: true schema: type: string - - in: path - name: policyOrchestratorsId - required: true + - in: query + name: orderBy schema: type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - delete: - description: Deletes an existing policy orchestrator resource, parented by a project. - operationId: osconfig.projects.locations.global.policyOrchestrators.delete + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: >- + Creates a new policy orchestrator under the given folder resource. + `name` field of the given orchestrator are ignored and instead replaced + by a product of `parent` and `policy_orchestrator_id`. Orchestrator + state field might be only set to `ACTIVE`, `STOPPED` or omitted (in + which case, the created resource will be in `ACTIVE` state anyway). + operationId: osconfig.folders.locations.global.policyOrchestrators.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudOsconfigV2__PolicyOrchestrator' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1923,30 +1941,25 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: policyOrchestratorsId + name: foldersId required: true schema: type: string - in: query - name: requestId + name: policyOrchestratorId schema: type: string - in: query - name: etag + name: requestId schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/operations: + /v2/organizations/{organizationsId}/locations/{locationsId}/operations: parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: osconfig.folders.locations.operations.list + operationId: osconfig.organizations.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1961,7 +1974,7 @@ paths: $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path - name: foldersId + name: organizationsId required: true schema: type: string @@ -1971,9 +1984,9 @@ paths: schema: type: string - in: query - name: filter + name: returnPartialSuccess schema: - type: string + type: boolean - in: query name: pageSize schema: @@ -1983,14 +1996,19 @@ paths: name: pageToken schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/operations/{operationsId}: + - in: query + name: filter + schema: + type: string + /v2/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - get: + delete: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: osconfig.folders.locations.operations.get + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: osconfig.organizations.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2002,10 +2020,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: foldersId + name: organizationsId required: true schema: type: string @@ -2019,13 +2037,12 @@ paths: required: true schema: type: string - delete: + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: osconfig.folders.locations.operations.delete + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: osconfig.organizations.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2037,10 +2054,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: foldersId + name: organizationsId required: true schema: type: string @@ -2054,7 +2071,7 @@ paths: required: true schema: type: string - /v2/folders/{foldersId}/locations/{locationsId}/operations/{operationsId}:cancel: + /v2/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- @@ -2067,7 +2084,7 @@ paths: cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - operationId: osconfig.folders.locations.operations.cancel + operationId: osconfig.organizations.locations.operations.cancel requestBody: content: application/json: @@ -2087,7 +2104,7 @@ paths: $ref: '#/components/schemas/Empty' parameters: - in: path - name: foldersId + name: organizationsId required: true schema: type: string @@ -2101,21 +2118,11 @@ paths: required: true schema: type: string - /v2/folders/{foldersId}/locations/global/policyOrchestrators: + /v2/organizations/{organizationsId}/locations/global/policyOrchestrators/{policyOrchestratorsId}: parameters: *ref_1 - post: - description: >- - Creates a new policy orchestrator under the given folder resource. - `name` field of the given orchestrator are ignored and instead replaced - by a product of `parent` and `policy_orchestrator_id`. Orchestrator - state field might be only set to `ACTIVE`, `STOPPED` or omitted (in - which case, the created resource will be in `ACTIVE` state anyway). - operationId: osconfig.folders.locations.global.policyOrchestrators.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudOsconfigV2__PolicyOrchestrator' + get: + description: Retrieves an existing policy orchestrator, parented by an organization. + operationId: osconfig.organizations.locations.global.policyOrchestrators.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2127,65 +2134,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/GoogleCloudOsconfigV2__PolicyOrchestrator' parameters: - in: path - name: foldersId + name: organizationsId required: true schema: type: string - - in: query - name: policyOrchestratorId - schema: - type: string - - in: query - name: requestId - schema: - type: string - get: - description: Lists the policy orchestrators under the given parent folder resource. - operationId: osconfig.folders.locations.global.policyOrchestrators.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudOsconfigV2__ListPolicyOrchestratorsResponse - parameters: - in: path - name: foldersId + name: policyOrchestratorsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - /v2/folders/{foldersId}/locations/global/policyOrchestrators/{policyOrchestratorsId}: - parameters: *ref_1 - get: - description: Retrieves an existing policy orchestrator, parented by a folder. - operationId: osconfig.folders.locations.global.policyOrchestrators.get + patch: + description: Updates an existing policy orchestrator, parented by an organization. + operationId: osconfig.organizations.locations.global.policyOrchestrators.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudOsconfigV2__PolicyOrchestrator' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2197,10 +2165,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudOsconfigV2__PolicyOrchestrator' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: foldersId + name: organizationsId required: true schema: type: string @@ -2209,14 +2177,16 @@ paths: required: true schema: type: string - patch: - description: Updates an existing policy orchestrator, parented by a folder. - operationId: osconfig.folders.locations.global.policyOrchestrators.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudOsconfigV2__PolicyOrchestrator' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: >- + Deletes an existing policy orchestrator resource, parented by an + organization. + operationId: osconfig.organizations.locations.global.policyOrchestrators.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2231,7 +2201,7 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: foldersId + name: organizationsId required: true schema: type: string @@ -2241,13 +2211,29 @@ paths: schema: type: string - in: query - name: updateMask + name: requestId schema: type: string - format: google-fieldmask - delete: - description: Deletes an existing policy orchestrator resource, parented by a folder. - operationId: osconfig.folders.locations.global.policyOrchestrators.delete + - in: query + name: etag + schema: + type: string + /v2/organizations/{organizationsId}/locations/global/policyOrchestrators: + parameters: *ref_1 + post: + description: >- + Creates a new policy orchestrator under the given organizations + resource. `name` field of the given orchestrator are ignored and instead + replaced by a product of `parent` and `policy_orchestrator_id`. + Orchestrator state field might be only set to `ACTIVE`, `STOPPED` or + omitted (in which case, the created resource will be in `ACTIVE` state + anyway). + operationId: osconfig.organizations.locations.global.policyOrchestrators.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudOsconfigV2__PolicyOrchestrator' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2262,12 +2248,7 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: foldersId - required: true - schema: - type: string - - in: path - name: policyOrchestratorsId + name: organizationsId required: true schema: type: string @@ -2276,16 +2257,14 @@ paths: schema: type: string - in: query - name: etag + name: policyOrchestratorId schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/operations: - parameters: *ref_1 get: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: osconfig.organizations.locations.operations.list + Lists the policy orchestrators under the given parent organization + resource. + operationId: osconfig.organizations.locations.global.policyOrchestrators.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2297,39 +2276,50 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudOsconfigV2__ListPolicyOrchestratorsResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: filter + name: orderBy schema: type: string - in: query - name: pageSize + name: filter schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}: + /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: osconfig.organizations.locations.operations.get + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: osconfig.projects.locations.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2341,10 +2331,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -2358,13 +2348,15 @@ paths: required: true schema: type: string + /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 delete: description: >- Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. - operationId: osconfig.organizations.locations.operations.delete + operationId: osconfig.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2379,7 +2371,7 @@ paths: $ref: '#/components/schemas/Empty' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -2393,25 +2385,12 @@ paths: required: true schema: type: string - /v2/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: osconfig.organizations.locations.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: osconfig.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2423,10 +2402,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -2440,22 +2419,13 @@ paths: required: true schema: type: string - /v2/organizations/{organizationsId}/locations/global/policyOrchestrators: + /v2/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 - post: + get: description: >- - Creates a new policy orchestrator under the given organizations - resource. `name` field of the given orchestrator are ignored and instead - replaced by a product of `parent` and `policy_orchestrator_id`. - Orchestrator state field might be only set to `ACTIVE`, `STOPPED` or - omitted (in which case, the created resource will be in `ACTIVE` state - anyway). - operationId: osconfig.organizations.locations.global.policyOrchestrators.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudOsconfigV2__PolicyOrchestrator' + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: osconfig.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2467,26 +2437,45 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path - name: organizationsId + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId required: true schema: type: string - in: query - name: policyOrchestratorId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - in: query - name: requestId + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter schema: type: string - get: - description: >- - Lists the policy orchestrators under the given parent organization - resource. - operationId: osconfig.organizations.locations.global.policyOrchestrators.list + /v2/projects/{projectsId}/locations/global/policyOrchestrators/{policyOrchestratorsId}: + parameters: *ref_1 + patch: + description: Updates an existing policy orchestrator, parented by a project. + operationId: osconfig.projects.locations.global.policyOrchestrators.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudOsconfigV2__PolicyOrchestrator' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2498,36 +2487,26 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudOsconfigV2__ListPolicyOrchestratorsResponse + $ref: '#/components/schemas/Operation' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: policyOrchestratorsId + required: true schema: type: string - in: query - name: orderBy + name: updateMask schema: type: string - /v2/organizations/{organizationsId}/locations/global/policyOrchestrators/{policyOrchestratorsId}: - parameters: *ref_1 + format: google-fieldmask get: - description: Retrieves an existing policy orchestrator, parented by an organization. - operationId: osconfig.organizations.locations.global.policyOrchestrators.get + description: Retrieves an existing policy orchestrator, parented by a project. + operationId: osconfig.projects.locations.global.policyOrchestrators.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2542,7 +2521,7 @@ paths: $ref: '#/components/schemas/GoogleCloudOsconfigV2__PolicyOrchestrator' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -2551,14 +2530,9 @@ paths: required: true schema: type: string - patch: - description: Updates an existing policy orchestrator, parented by an organization. - operationId: osconfig.organizations.locations.global.policyOrchestrators.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudOsconfigV2__PolicyOrchestrator' + delete: + description: Deletes an existing policy orchestrator resource, parented by a project. + operationId: osconfig.projects.locations.global.policyOrchestrators.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2573,7 +2547,7 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -2583,15 +2557,18 @@ paths: schema: type: string - in: query - name: updateMask + name: etag schema: type: string - format: google-fieldmask - delete: - description: >- - Deletes an existing policy orchestrator resource, parented by an - organization. - operationId: osconfig.organizations.locations.global.policyOrchestrators.delete + - in: query + name: requestId + schema: + type: string + /v2/projects/{projectsId}/locations/global/policyOrchestrators: + parameters: *ref_1 + get: + description: Lists the policy orchestrators under the given parent project resource. + operationId: osconfig.projects.locations.global.policyOrchestrators.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2603,23 +2580,67 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: >- + #/components/schemas/GoogleCloudOsconfigV2__ListPolicyOrchestratorsResponse parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + post: + description: >- + Creates a new policy orchestrator under the given project resource. + `name` field of the given orchestrator are ignored and instead replaced + by a product of `parent` and `policy_orchestrator_id`. Orchestrator + state field might be only set to `ACTIVE`, `STOPPED` or omitted (in + which case, the created resource will be in `ACTIVE` state anyway). + operationId: osconfig.projects.locations.global.policyOrchestrators.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudOsconfigV2__PolicyOrchestrator' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: - in: path - name: policyOrchestratorsId + name: projectsId required: true schema: type: string - in: query - name: requestId + name: policyOrchestratorId schema: type: string - in: query - name: etag + name: requestId schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/oslogin.yaml b/providers/src/googleapis.com/v00.00.00000/services/oslogin.yaml index 6d50a21a..e0b8afcd 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/oslogin.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/oslogin.yaml @@ -7,8 +7,8 @@ info: title: Cloud OS Login API description: You can use OS Login to manage access to your VM instances using IAM roles. version: v1 - x-discovery-doc-revision: '20250810' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251207' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/compute/docs/oslogin/ servers: @@ -25,11 +25,11 @@ components: https://www.googleapis.com/auth/cloud-platform: >- See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account. + https://www.googleapis.com/auth/compute.readonly: View your Google Compute Engine resources https://www.googleapis.com/auth/cloud-platform.read-only: >- View your data across Google Cloud services and see the email address of your Google Account https://www.googleapis.com/auth/compute: View and manage your Google Compute Engine resources - https://www.googleapis.com/auth/compute.readonly: View your Google Compute Engine resources Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -39,28 +39,6 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - SshPublicKey: - id: SshPublicKey - description: The SSH public key information associated with a Google account. - type: object - properties: - key: - description: >- - Required. Public key text in SSH format, defined by - [RFC4253](https://www.ietf.org/rfc/rfc4253.txt) section 6.6. - type: string - expirationTimeUsec: - description: An expiration time in microseconds since epoch. - type: string - format: int64 - fingerprint: - description: Output only. The SHA-256 fingerprint of the SSH public key. - readOnly: true - type: string - name: - description: Output only. The canonical resource name. - readOnly: true - type: string Empty: id: Empty description: >- @@ -70,120 +48,184 @@ components: { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } type: object properties: {} + SignSshPublicKeyResponse: + type: object + description: The response message for signing an SSH public key. + properties: + signedSshPublicKey: + type: string + description: The signed SSH public key to use in the SSH handshake. + id: SignSshPublicKeyResponse LoginProfile: - id: LoginProfile - description: >- - The user profile information used for logging in to a virtual machine on - Google Compute Engine. type: object + id: LoginProfile properties: + sshPublicKeys: + type: object + description: A map from SSH public key fingerprint to the associated key object. + additionalProperties: + $ref: '#/components/schemas/SshPublicKey' name: description: Required. A unique user ID. type: string posixAccounts: - description: The list of POSIX accounts associated with the user. type: array + description: The list of POSIX accounts associated with the user. items: $ref: '#/components/schemas/PosixAccount' - sshPublicKeys: - description: A map from SSH public key fingerprint to the associated key object. - type: object - additionalProperties: - $ref: '#/components/schemas/SshPublicKey' - PosixAccount: - id: PosixAccount - description: The POSIX account information associated with a Google account. + description: >- + The user profile information used for logging in to a virtual machine on + Google Compute Engine. + SshPublicKey: type: object properties: - primary: - description: Only one POSIX account can be marked as primary. - type: boolean - username: - description: The username of the POSIX account. + name: + readOnly: true + description: Output only. The canonical resource name. type: string - uid: - description: The user ID. + expirationTimeUsec: type: string format: int64 - gid: - description: The default group ID. + description: An expiration time in microseconds since epoch. + key: + description: >- + Required. Public key text in SSH format, defined by + [RFC4253](https://www.ietf.org/rfc/rfc4253.txt) section 6.6. type: string - format: int64 - homeDirectory: - description: The path to the home directory for this account. + fingerprint: + readOnly: true type: string - shell: - description: The path to the logic shell for this account. + description: Output only. The SHA-256 fingerprint of the SSH public key. + id: SshPublicKey + description: The SSH public key information associated with a Google account. + ImportSshPublicKeyResponse: + properties: + loginProfile: + $ref: '#/components/schemas/LoginProfile' + description: The login profile information for the user. + details: type: string - gecos: - description: The GECOS (user information) entry for this account. + description: Detailed information about import results. + id: ImportSshPublicKeyResponse + description: A response message for importing an SSH public key. + type: object + SignSshPublicKeyRequest: + id: SignSshPublicKeyRequest + type: object + description: A request message for signing an SSH public key. + properties: + computeInstance: + description: >- + The Compute instance to sign the SSH public key for. Expected + format: + projects/{project}/zones/{zone}/instances/{numeric_instance_id} + type: string + appEngineInstance: type: string - systemId: description: >- - System identifier for which account the username or uid applies to. - By default, the empty value is used. + The App Engine instance to sign the SSH public key for. Expected + format: + apps/{app}/services/{service}/versions/{version}/instances/{instance} + sshPublicKey: type: string - accountId: - description: Output only. A POSIX account identifier. - readOnly: true + description: Required. The SSH public key to sign. + serviceAccount: + type: string + description: >- + Optional. The service account for the instance. If the instance in + question does not have a service account, this field should be left + empty. If the wrong service account is provided, this operation will + return a signed certificate that will not be accepted by the VM. + PosixAccount: + properties: + username: type: string + description: The username of the POSIX account. + primary: + description: Only one POSIX account can be marked as primary. + type: boolean + uid: + format: int64 + type: string + description: The user ID. operatingSystemType: - description: The operating system type where this account applies. type: string + description: The operating system type where this account applies. + enum: + - OPERATING_SYSTEM_TYPE_UNSPECIFIED + - LINUX + - WINDOWS enumDescriptions: - >- The operating system type associated with the user account information is unspecified. - Linux user account information. - Windows user account information. - enum: - - OPERATING_SYSTEM_TYPE_UNSPECIFIED - - LINUX - - WINDOWS + gecos: + description: The GECOS (user information) entry for this account. + type: string name: + readOnly: true + type: string description: Output only. The canonical resource name. + accountId: readOnly: true + description: Output only. A POSIX account identifier. type: string - ImportSshPublicKeyResponse: - id: ImportSshPublicKeyResponse - description: A response message for importing an SSH public key. + systemId: + type: string + description: >- + System identifier for which account the username or uid applies to. + By default, the empty value is used. + shell: + type: string + description: The path to the logic shell for this account. + homeDirectory: + type: string + description: The path to the home directory for this account. + gid: + type: string + format: int64 + description: The default group ID. type: object + id: PosixAccount + description: The POSIX account information associated with a Google account. + ProvisionPosixAccountRequest: + type: object + id: ProvisionPosixAccountRequest + description: A request message for creating a POSIX account entry. properties: - loginProfile: - description: The login profile information for the user. - $ref: '#/components/schemas/LoginProfile' - details: - description: Detailed information about import results. - type: string + regions: + type: array + items: + type: string + description: >- + Optional. The regions to wait for a POSIX account to be written to + before returning a response. If unspecified, defaults to all + regions. Regions are listed at + https://cloud.google.com/about/locations#region. parameters: - access_token: - description: OAuth access token. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: access_token + name: uploadType schema: type: string - alt: - description: Data format for response. + _.xgafv: + description: V1 error format. in: query - name: alt + name: $.xgafv schema: type: string enum: - - json - - media - - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. + - '1' + - '2' + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: fields + name: prettyPrint schema: - type: string + type: boolean key: description: >- API key. Your API key identifies your project and provides you with API @@ -193,18 +235,12 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + callback: + description: JSONP in: query - name: oauth_token + name: callback schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -214,55 +250,55 @@ components: name: quotaUser schema: type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string upload_protocol: description: Upload protocol for media (e.g. "raw", "multipart"). in: query name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: uploadType + name: fields schema: type: string - _.xgafv: - description: V1 error format. + access_token: + description: OAuth access token. in: query - name: $.xgafv + name: access_token + schema: + type: string + alt: + description: Data format for response. + in: query + name: alt schema: type: string enum: - - '1' - - '2' + - json + - media + - proto x-stackQL-resources: - users_login_profile: - id: google.oslogin.users_login_profile - name: users_login_profile - title: Users_login_profile + projects: + id: google.oslogin.projects + name: projects + title: Projects methods: - get_login_profile: + delete: operation: - $ref: '#/paths/~1v1~1users~1{usersId}~1loginProfile/get' + $ref: '#/paths/~1v1~1users~1{usersId}~1projects~1{projectsId}/delete' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/users_login_profile/methods/get_login_profile - insert: [] - update: [] - replace: [] - delete: [] - users: - id: google.oslogin.users - name: users - title: Users - methods: - import_ssh_public_key: + provision_posix_account: operation: - $ref: '#/paths/~1v1~1users~1{usersId}:importSshPublicKey/post' + $ref: '#/paths/~1v1~1users~1{usersId}~1projects~1{projectsId}/post' response: mediaType: application/json openAPIDocKey: '200' @@ -271,22 +307,24 @@ components: insert: [] update: [] replace: [] - delete: [] + delete: + - $ref: '#/components/x-stackQL-resources/projects/methods/delete' ssh_public_keys: id: google.oslogin.ssh_public_keys name: ssh_public_keys title: Ssh_public_keys methods: - create: + delete: operation: - $ref: '#/paths/~1v1~1users~1{usersId}~1sshPublicKeys/post' + $ref: >- + #/paths/~1v1~1users~1{usersId}~1sshPublicKeys~1{sshPublicKeysId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1users~1{usersId}~1sshPublicKeys~1{sshPublicKeysId}/delete + #/paths/~1v1~1users~1{usersId}~1sshPublicKeys~1{sshPublicKeysId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -297,10 +335,9 @@ components: response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: - $ref: >- - #/paths/~1v1~1users~1{usersId}~1sshPublicKeys~1{sshPublicKeysId}/patch + $ref: '#/paths/~1v1~1users~1{usersId}~1sshPublicKeys/post' response: mediaType: application/json openAPIDocKey: '200' @@ -314,14 +351,14 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/ssh_public_keys/methods/delete' - projects: - id: google.oslogin.projects - name: projects - title: Projects + users: + id: google.oslogin.users + name: users + title: Users methods: - delete: + import_ssh_public_key: operation: - $ref: '#/paths/~1v1~1users~1{usersId}~1projects~1{projectsId}/delete' + $ref: '#/paths/~1v1~1users~1{usersId}:importSshPublicKey/post' response: mediaType: application/json openAPIDocKey: '200' @@ -330,78 +367,99 @@ components: insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/projects/methods/delete' + delete: [] + users_login_profile: + id: google.oslogin.users_login_profile + name: users_login_profile + title: Users_login_profile + methods: + get_login_profile: + operation: + $ref: '#/paths/~1v1~1users~1{usersId}~1loginProfile/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/users_login_profile/methods/get_login_profile + insert: [] + update: [] + replace: [] + delete: [] + locations: + id: google.oslogin.locations + name: locations + title: Locations + methods: + sign_ssh_public_key: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}:signSshPublicKey/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] paths: - /v1/users/{usersId}/loginProfile: + /v1/users/{usersId}/projects/{projectsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - get: - description: >- - Retrieves the profile information used for logging in to a virtual - machine on Google Compute Engine. - operationId: oslogin.users.getLoginProfile + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/alt' + delete: + description: Deletes a POSIX account. + operationId: oslogin.users.projects.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/compute Oauth2c: - https://www.googleapis.com/auth/compute - - Oauth2: - - https://www.googleapis.com/auth/compute.readonly - Oauth2c: - - https://www.googleapis.com/auth/compute.readonly responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/LoginProfile' + $ref: '#/components/schemas/Empty' parameters: - in: path name: usersId required: true schema: type: string - - in: query - name: projectId - schema: - type: string - - in: query - name: systemId + - in: path + name: projectsId + required: true schema: type: string - /v1/users/{usersId}:importSshPublicKey: - parameters: *ref_1 post: description: >- - Adds an SSH public key and returns the profile information. Default - POSIX account information is set when no username and UID exist as part - of the login profile. - operationId: oslogin.users.importSshPublicKey + Adds a POSIX account and returns the profile information. Default POSIX + account information is set when no username and UID exist as part of the + login profile. + operationId: oslogin.users.projects.provisionPosixAccount requestBody: content: application/json: schema: - $ref: '#/components/schemas/SshPublicKey' + $ref: '#/components/schemas/ProvisionPosixAccountRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -417,31 +475,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ImportSshPublicKeyResponse' + $ref: '#/components/schemas/PosixAccount' parameters: - in: path name: usersId required: true schema: type: string - - in: query - name: projectId - schema: - type: string - - in: query - name: regions + - in: path + name: projectsId + required: true schema: type: string - /v1/users/{usersId}/sshPublicKeys: + /v1/users/{usersId}/sshPublicKeys/{sshPublicKeysId}: parameters: *ref_1 - post: - description: Create an SSH public key - operationId: oslogin.users.sshPublicKeys.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SshPublicKey' + delete: + description: Deletes an SSH public key. + operationId: oslogin.users.sshPublicKeys.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -457,18 +507,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SshPublicKey' + $ref: '#/components/schemas/Empty' parameters: - in: path name: usersId required: true schema: type: string - /v1/users/{usersId}/sshPublicKeys/{sshPublicKeysId}: - parameters: *ref_1 - delete: - description: Deletes an SSH public key. - operationId: oslogin.users.sshPublicKeys.delete + - in: path + name: sshPublicKeysId + required: true + schema: + type: string + patch: + description: >- + Updates an SSH public key and returns the profile information. This + method supports patch semantics. + operationId: oslogin.users.sshPublicKeys.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SshPublicKey' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -484,7 +544,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/SshPublicKey' parameters: - in: path name: usersId @@ -496,6 +556,11 @@ paths: required: true schema: type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: description: Retrieves an SSH public key. operationId: oslogin.users.sshPublicKeys.get @@ -526,11 +591,11 @@ paths: required: true schema: type: string - patch: - description: >- - Updates an SSH public key and returns the profile information. This - method supports patch semantics. - operationId: oslogin.users.sshPublicKeys.patch + /v1/users/{usersId}/sshPublicKeys: + parameters: *ref_1 + post: + description: Create an SSH public key + operationId: oslogin.users.sshPublicKeys.create requestBody: content: application/json: @@ -558,45 +623,126 @@ paths: required: true schema: type: string + /v1/users/{usersId}:importSshPublicKey: + parameters: *ref_1 + post: + description: >- + Adds an SSH public key and returns the profile information. Default + POSIX account information is set when no username and UID exist as part + of the login profile. + operationId: oslogin.users.importSshPublicKey + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SshPublicKey' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/compute + Oauth2c: + - https://www.googleapis.com/auth/compute + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ImportSshPublicKeyResponse' + parameters: - in: path - name: sshPublicKeysId + name: usersId required: true schema: type: string - in: query - name: updateMask + name: regions schema: type: string - format: google-fieldmask - /v1/users/{usersId}/projects/{projectsId}: + - in: query + name: projectId + schema: + type: string + /v1/users/{usersId}/loginProfile: parameters: *ref_1 - delete: - description: Deletes a POSIX account. - operationId: oslogin.users.projects.delete + get: + description: >- + Retrieves the profile information used for logging in to a virtual + machine on Google Compute Engine. + operationId: oslogin.users.getLoginProfile security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform.read-only + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform.read-only - Oauth2: - https://www.googleapis.com/auth/compute Oauth2c: - https://www.googleapis.com/auth/compute + - Oauth2: + - https://www.googleapis.com/auth/compute.readonly + Oauth2c: + - https://www.googleapis.com/auth/compute.readonly responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/LoginProfile' parameters: - in: path name: usersId required: true schema: type: string + - in: query + name: systemId + schema: + type: string + - in: query + name: projectId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}:signSshPublicKey: + parameters: *ref_1 + post: + description: >- + Signs an SSH public key for a user to authenticate to a virtual machine + on Google Compute Engine. + operationId: oslogin.projects.locations.signSshPublicKey + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SignSshPublicKeyRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/SignSshPublicKeyResponse' + parameters: - in: path name: projectsId required: true schema: type: string + - in: path + name: locationsId + required: true + schema: + type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/parallelstore.yaml b/providers/src/googleapis.com/v00.00.00000/services/parallelstore.yaml index 4f099593..ef79cd24 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/parallelstore.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/parallelstore.yaml @@ -7,8 +7,8 @@ info: title: Parallelstore API description: '' version: v1 - x-discovery-doc-revision: '20250804' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251029' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/parallelstore servers: @@ -49,6 +49,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -937,6 +946,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/parametermanager.yaml b/providers/src/googleapis.com/v00.00.00000/services/parametermanager.yaml index de46320d..ff8af9d6 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/parametermanager.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/parametermanager.yaml @@ -11,8 +11,8 @@ info: management of sensitive application parameters effortless for customers without diminishing focus on security. version: v1 - x-discovery-doc-revision: '20250820' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251113' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/secret-manager/parameter-manager/docs/overview servers: @@ -44,78 +44,19 @@ components: type: object properties: parameters: - description: The list of Parameters - type: array items: $ref: '#/components/schemas/Parameter' + type: array + description: The list of Parameters nextPageToken: description: A token identifying a page of results the server should return. type: string unreachable: - description: Unordered list. Locations that could not be reached. - type: array items: type: string - Parameter: - id: Parameter - description: Message describing Parameter resource - type: object - properties: - name: - description: >- - Identifier. [Output only] The resource name of the Parameter in the - format `projects/*/locations/*/parameters/*`. - type: string - createTime: - description: Output only. [Output only] Create time stamp - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. [Output only] Update time stamp - readOnly: true - type: string - format: google-datetime - labels: - description: Optional. Labels as key value pairs - type: object - additionalProperties: - type: string - format: - description: Optional. Specifies the format of a Parameter. - type: string - enumDescriptions: - - >- - The default / unset value. The API will default to the UNFORMATTED - format. - - Unformatted. - - YAML format. - - JSON format. - enum: - - PARAMETER_FORMAT_UNSPECIFIED - - UNFORMATTED - - YAML - - JSON - policyMember: - description: >- - Output only. [Output-only] policy member strings of a Google Cloud - resource. - readOnly: true - $ref: '#/components/schemas/ResourcePolicyMember' - kmsKey: - description: >- - Optional. Customer managed encryption key (CMEK) to use for - encrypting the Parameter Versions. If not set, the default - Google-managed encryption key will be used. Cloud KMS CryptoKeys - must reside in the same location as the Parameter. The expected - format is `projects/*/locations/*/keyRings/*/cryptoKeys/*`. - type: string + type: array + description: Unordered list. Locations that could not be reached. ResourcePolicyMember: - id: ResourcePolicyMember - description: >- - Output-only policy member strings of a Google Cloud resource's built-in - identity. - type: object properties: iamPolicyNamePrincipal: description: >- @@ -127,6 +68,8 @@ components: readOnly: true type: string iamPolicyUidPrincipal: + type: string + readOnly: true description: >- Output only. IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier @@ -134,53 +77,104 @@ components: recreated with the same name, the binding will not be applicable to the new resource Example: `principal://parametermanager.googleapis.com/projects/12345/uid/locations/us-central1-a/parameters/a918fed5` - readOnly: true - type: string - Empty: - id: Empty description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + Output-only policy member strings of a Google Cloud resource's built-in + identity. + id: ResourcePolicyMember type: object - properties: {} - ListParameterVersionsResponse: - id: ListParameterVersionsResponse - description: Message for response to listing ParameterVersions + RenderParameterVersionResponse: + id: RenderParameterVersionResponse + properties: + renderedPayload: + readOnly: true + description: >- + Output only. Server generated rendered version of the user provided + payload data (ParameterVersionPayload) which has substitutions of + all (if any) references to a SecretManager SecretVersion resources. + This substitution only works for a Parameter which is in JSON or + YAML format. + type: string + format: byte + parameterVersion: + type: string + readOnly: true + description: >- + Output only. Resource identifier of a ParameterVersion in the format + `projects/*/locations/*/parameters/*/versions/*`. + payload: + description: Payload content of a ParameterVersion resource. + $ref: '#/components/schemas/ParameterVersionPayload' + description: Message describing RenderParameterVersionResponse resource type: object + ListLocationsResponse: + description: The response message for Locations.ListLocations. properties: - parameterVersions: - description: The list of ParameterVersions - type: array + locations: items: - $ref: '#/components/schemas/ParameterVersion' + $ref: '#/components/schemas/Location' + type: array + description: >- + A list of locations that matches the specified filter in the + request. nextPageToken: - description: A token identifying a page of results the server should return. type: string - unreachable: - description: Unordered list. Locations that could not be reached. - type: array - items: + description: The standard List next-page token. + id: ListLocationsResponse + type: object + Location: + type: object + description: A resource that represents a Google Cloud location. + id: Location + properties: + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + type: string + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + labels: + type: object + additionalProperties: type: string + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + metadata: + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + ParameterVersionPayload: + type: object + description: Message for storing a ParameterVersion resource's payload data + id: ParameterVersionPayload + properties: + data: + format: byte + description: Required. bytes data for storing payload. + type: string ParameterVersion: - id: ParameterVersion description: Message describing ParameterVersion resource - type: object properties: name: + type: string description: >- Identifier. [Output only] The resource name of the ParameterVersion in the format `projects/*/locations/*/parameters/*/versions/*`. - type: string createTime: - description: Output only. [Output only] Create time stamp - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. [Output only] Update time stamp readOnly: true + description: Output only. [Output only] Create time stamp type: string format: google-datetime disabled: @@ -192,107 +186,113 @@ components: render call on a disabled resource fails with an error. Default value is False. type: boolean - payload: - description: >- - Required. Immutable. Payload content of a ParameterVersion resource. - This is only returned when the request provides the View value of - FULL (default for GET request). - $ref: '#/components/schemas/ParameterVersionPayload' + updateTime: + description: Output only. [Output only] Update time stamp + type: string + format: google-datetime + readOnly: true kmsKeyVersion: description: >- Optional. Output only. [Output only] The resource name of the KMS key version used to encrypt the ParameterVersion payload. This field is populated only if the Parameter resource has customer managed encryption key (CMEK) configured. - readOnly: true - type: string - ParameterVersionPayload: - id: ParameterVersionPayload - description: Message for storing a ParameterVersion resource's payload data - type: object - properties: - data: - description: Required. bytes data for storing payload. type: string - format: byte - RenderParameterVersionResponse: - id: RenderParameterVersionResponse - description: Message describing RenderParameterVersionResponse resource - type: object - properties: - parameterVersion: - description: >- - Output only. Resource identifier of a ParameterVersion in the format - `projects/*/locations/*/parameters/*/versions/*`. readOnly: true - type: string payload: - description: Payload content of a ParameterVersion resource. - $ref: '#/components/schemas/ParameterVersionPayload' - renderedPayload: description: >- - Output only. Server generated rendered version of the user provided - payload data (ParameterVersionPayload) which has substitutions of - all (if any) references to a SecretManager SecretVersion resources. - This substitution only works for a Parameter which is in JSON or - YAML format. - readOnly: true - type: string - format: byte - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. + Required. Immutable. Payload content of a ParameterVersion resource. + This is only returned when the request provides the View value of + FULL (default for GET request). + $ref: '#/components/schemas/ParameterVersionPayload' + id: ParameterVersion type: object + Empty: + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + properties: {} + id: Empty + type: object + ListParameterVersionsResponse: + type: object + id: ListParameterVersionsResponse properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' nextPageToken: - description: The standard List next-page token. + description: A token identifying a page of results the server should return. type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object + unreachable: + type: array + items: + type: string + description: Unordered list. Locations that could not be reached. + parameterVersions: + description: The list of ParameterVersions + type: array + items: + $ref: '#/components/schemas/ParameterVersion' + description: Message for response to listing ParameterVersions + Parameter: properties: + updateTime: + format: google-datetime + type: string + readOnly: true + description: Output only. [Output only] Update time stamp + labels: + additionalProperties: + type: string + type: object + description: Optional. Labels as key value pairs name: description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + Identifier. [Output only] The resource name of the Parameter in the + format `projects/*/locations/*/parameters/*`. type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + format: + description: Optional. Specifies the format of a Parameter. type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + enum: + - PARAMETER_FORMAT_UNSPECIFIED + - UNFORMATTED + - YAML + - JSON + enumDescriptions: + - >- + The default / unset value. The API will default to the UNFORMATTED + format. + - Unformatted. + - YAML format. + - JSON format. + createTime: type: string - labels: + description: Output only. [Output only] Create time stamp + format: google-datetime + readOnly: true + policyMember: description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: + Output only. [Output-only] policy member strings of a Google Cloud + resource. + readOnly: true + $ref: '#/components/schemas/ResourcePolicyMember' + kmsKey: + type: string description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + Optional. Customer managed encryption key (CMEK) to use for + encrypting the Parameter Versions. If not set, the default + Google-managed encryption key will be used. Cloud KMS CryptoKeys + must reside in the same location as the Parameter. The expected + format is `projects/*/locations/*/keyRings/*/cryptoKeys/*`. + description: Message describing Parameter resource + type: object + id: Parameter parameters: - access_token: - description: OAuth access token. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: access_token + name: oauth_token schema: type: string alt: @@ -305,39 +305,39 @@ components: - json - media - proto - callback: - description: JSONP + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: callback + name: uploadType schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + access_token: + description: OAuth access token. in: query - name: fields + name: access_token schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: key + name: prettyPrint schema: - type: string - oauth_token: - description: OAuth 2.0 token for the current user. + type: boolean + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: oauth_token + name: fields schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + _.xgafv: + description: V1 error format. in: query - name: prettyPrint + name: $.xgafv schema: - type: boolean + type: string + enum: + - '1' + - '2' quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -347,27 +347,27 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: upload_protocol + name: key schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: uploadType + name: upload_protocol schema: type: string - _.xgafv: - description: V1 error format. + callback: + description: JSONP in: query - name: $.xgafv + name: callback schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: locations: id: google.parametermanager.locations @@ -395,131 +395,131 @@ components: update: [] replace: [] delete: [] - parameters: - id: google.parametermanager.parameters - name: parameters - title: Parameters + versions: + id: google.parametermanager.versions + name: versions + title: Versions methods: - list: + render: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}~1versions~1{versionsId}:render/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.parameters - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}~1versions~1{versionsId}/patch response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}~1versions~1{versionsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}~1versions~1{versionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}~1versions/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}~1versions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/parameters/methods/get' - - $ref: '#/components/x-stackQL-resources/parameters/methods/list' + - $ref: '#/components/x-stackQL-resources/versions/methods/get' + - $ref: '#/components/x-stackQL-resources/versions/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/parameters/methods/create' + - $ref: '#/components/x-stackQL-resources/versions/methods/create' update: - - $ref: '#/components/x-stackQL-resources/parameters/methods/patch' + - $ref: '#/components/x-stackQL-resources/versions/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/parameters/methods/delete' - versions: - id: google.parametermanager.versions - name: versions - title: Versions + - $ref: '#/components/x-stackQL-resources/versions/methods/delete' + parameters: + id: google.parametermanager.parameters + name: parameters + title: Parameters methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}~1versions/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.parameterVersions - create: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}~1versions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}/delete response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}~1versions~1{versionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}/get response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}~1versions~1{versionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}~1versions~1{versionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters/get response: mediaType: application/json openAPIDocKey: '200' - render: + objectKey: $.parameters + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters~1{parametersId}~1versions~1{versionsId}:render/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1parameters/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/versions/methods/get' - - $ref: '#/components/x-stackQL-resources/versions/methods/list' + - $ref: '#/components/x-stackQL-resources/parameters/methods/get' + - $ref: '#/components/x-stackQL-resources/parameters/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/versions/methods/create' + - $ref: '#/components/x-stackQL-resources/parameters/methods/create' update: - - $ref: '#/components/x-stackQL-resources/versions/methods/patch' + - $ref: '#/components/x-stackQL-resources/parameters/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/versions/methods/delete' + - $ref: '#/components/x-stackQL-resources/parameters/methods/delete' paths: /v1/projects/{projectsId}/locations: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/callback' get: description: Lists information about the supported locations for this service. operationId: parametermanager.projects.locations.list @@ -542,22 +542,22 @@ paths: schema: type: string - in: query - name: filter + name: pageToken schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: filter schema: type: string - in: query name: extraLocationTypes schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 /v1/projects/{projectsId}/locations/{locationsId}: parameters: *ref_1 get: @@ -586,11 +586,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/parameters: + /v1/projects/{projectsId}/locations/{locationsId}/parameters/{parametersId}/versions/{versionsId}:render: parameters: *ref_1 get: - description: Lists Parameters in a given project and location. - operationId: parametermanager.projects.locations.parameters.list + description: Gets rendered version of a ParameterVersion. + operationId: parametermanager.projects.locations.parameters.versions.render security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -602,7 +602,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListParametersResponse' + $ref: '#/components/schemas/RenderParameterVersionResponse' parameters: - in: path name: projectsId @@ -614,31 +614,26 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: parametersId + required: true schema: type: string - - in: query - name: orderBy + - in: path + name: versionsId + required: true schema: type: string - post: - description: Creates a new Parameter in a given project and location. - operationId: parametermanager.projects.locations.parameters.create + /v1/projects/{projectsId}/locations/{locationsId}/parameters/{parametersId}/versions/{versionsId}: + parameters: *ref_1 + patch: + description: Updates a single ParameterVersion. + operationId: parametermanager.projects.locations.parameters.versions.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Parameter' + $ref: '#/components/schemas/ParameterVersion' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -650,7 +645,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Parameter' + $ref: '#/components/schemas/ParameterVersion' parameters: - in: path name: projectsId @@ -662,55 +657,28 @@ paths: required: true schema: type: string - - in: query - name: parameterId - schema: - type: string - - in: query - name: requestId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/parameters/{parametersId}: - parameters: *ref_1 - get: - description: Gets details of a single Parameter. - operationId: parametermanager.projects.locations.parameters.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Parameter' - parameters: - in: path - name: projectsId + name: parametersId required: true schema: type: string - in: path - name: locationsId + name: versionsId required: true schema: type: string - - in: path - name: parametersId - required: true + - in: query + name: requestId schema: type: string - patch: - description: Updates a single Parameter. - operationId: parametermanager.projects.locations.parameters.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Parameter' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets details of a single ParameterVersion. + operationId: parametermanager.projects.locations.parameters.versions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -722,7 +690,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Parameter' + $ref: '#/components/schemas/ParameterVersion' parameters: - in: path name: projectsId @@ -739,18 +707,18 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: versionsId + required: true schema: type: string - format: google-fieldmask - in: query - name: requestId + name: view schema: type: string delete: - description: Deletes a single Parameter. - operationId: parametermanager.projects.locations.parameters.delete + description: Deletes a single ParameterVersion. + operationId: parametermanager.projects.locations.parameters.versions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -779,6 +747,11 @@ paths: required: true schema: type: string + - in: path + name: versionsId + required: true + schema: + type: string - in: query name: requestId schema: @@ -816,21 +789,21 @@ paths: required: true schema: type: string + - in: query + name: filter + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: orderBy schema: type: string - in: query - name: orderBy + name: pageToken schema: type: string post: @@ -879,11 +852,11 @@ paths: name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/parameters/{parametersId}/versions/{versionsId}: + /v1/projects/{projectsId}/locations/{locationsId}/parameters/{parametersId}: parameters: *ref_1 - get: - description: Gets details of a single ParameterVersion. - operationId: parametermanager.projects.locations.parameters.versions.get + delete: + description: Deletes a single Parameter. + operationId: parametermanager.projects.locations.parameters.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -895,7 +868,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ParameterVersion' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -912,23 +885,49 @@ paths: required: true schema: type: string + - in: query + name: requestId + schema: + type: string + get: + description: Gets details of a single Parameter. + operationId: parametermanager.projects.locations.parameters.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Parameter' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: versionsId + name: locationsId required: true schema: type: string - - in: query - name: view + - in: path + name: parametersId + required: true schema: type: string patch: - description: Updates a single ParameterVersion. - operationId: parametermanager.projects.locations.parameters.versions.patch + description: Updates a single Parameter. + operationId: parametermanager.projects.locations.parameters.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/ParameterVersion' + $ref: '#/components/schemas/Parameter' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -940,7 +939,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ParameterVersion' + $ref: '#/components/schemas/Parameter' parameters: - in: path name: projectsId @@ -957,11 +956,6 @@ paths: required: true schema: type: string - - in: path - name: versionsId - required: true - schema: - type: string - in: query name: updateMask schema: @@ -971,9 +965,11 @@ paths: name: requestId schema: type: string - delete: - description: Deletes a single ParameterVersion. - operationId: parametermanager.projects.locations.parameters.versions.delete + /v1/projects/{projectsId}/locations/{locationsId}/parameters: + parameters: *ref_1 + get: + description: Lists Parameters in a given project and location. + operationId: parametermanager.projects.locations.parameters.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -985,7 +981,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListParametersResponse' parameters: - in: path name: projectsId @@ -997,25 +993,31 @@ paths: required: true schema: type: string - - in: path - name: parametersId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: versionsId - required: true + - in: query + name: filter schema: type: string - in: query - name: requestId + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/parameters/{parametersId}/versions/{versionsId}:render: - parameters: *ref_1 - get: - description: Gets rendered version of a ParameterVersion. - operationId: parametermanager.projects.locations.parameters.versions.render + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a new Parameter in a given project and location. + operationId: parametermanager.projects.locations.parameters.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Parameter' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1027,7 +1029,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RenderParameterVersionResponse' + $ref: '#/components/schemas/Parameter' parameters: - in: path name: projectsId @@ -1039,13 +1041,11 @@ paths: required: true schema: type: string - - in: path - name: parametersId - required: true + - in: query + name: requestId schema: type: string - - in: path - name: versionsId - required: true + - in: query + name: parameterId schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/places.yaml b/providers/src/googleapis.com/v00.00.00000/services/places.yaml index 39015e70..ffc38c83 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/places.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/places.yaml @@ -7,8 +7,8 @@ info: title: Places API (New) description: '' version: v1 - x-discovery-doc-revision: '20250826' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251208' + x-generated-date: '2025-12-10' externalDocs: url: https://mapsplatform.google.com/maps-products/#places-section servers: @@ -22,27 +22,27 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 - https://www.googleapis.com/auth/cloud-platform: >- - See, edit, configure, and delete your Google Cloud data and see - the email address for your Google Account. - https://www.googleapis.com/auth/maps-platform.places: >- + https://www.googleapis.com/auth/maps-platform.places.details: >- Private Service: - https://www.googleapis.com/auth/maps-platform.places + https://www.googleapis.com/auth/maps-platform.places.details https://www.googleapis.com/auth/maps-platform.places.autocomplete: >- Private Service: https://www.googleapis.com/auth/maps-platform.places.autocomplete - https://www.googleapis.com/auth/maps-platform.places.details: >- + https://www.googleapis.com/auth/maps-platform.places.textsearch: >- Private Service: - https://www.googleapis.com/auth/maps-platform.places.details - https://www.googleapis.com/auth/maps-platform.places.getphotomedia: >- + https://www.googleapis.com/auth/maps-platform.places.textsearch + https://www.googleapis.com/auth/maps-platform.places: >- Private Service: - https://www.googleapis.com/auth/maps-platform.places.getphotomedia + https://www.googleapis.com/auth/maps-platform.places + https://www.googleapis.com/auth/cloud-platform: >- + See, edit, configure, and delete your Google Cloud data and see + the email address for your Google Account. https://www.googleapis.com/auth/maps-platform.places.nearbysearch: >- Private Service: https://www.googleapis.com/auth/maps-platform.places.nearbysearch - https://www.googleapis.com/auth/maps-platform.places.textsearch: >- + https://www.googleapis.com/auth/maps-platform.places.getphotomedia: >- Private Service: - https://www.googleapis.com/auth/maps-platform.places.textsearch + https://www.googleapis.com/auth/maps-platform.places.getphotomedia Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -52,144 +52,84 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleMapsPlacesV1SearchNearbyRequest: - id: GoogleMapsPlacesV1SearchNearbyRequest - description: 'Request proto for Search Nearby. ' - type: object + GoogleMapsPlacesV1PlaceGenerativeSummary: properties: - languageCode: - description: >- - Place details will be displayed with the preferred language if - available. If the language code is unspecified or unrecognized, - place details of any language may be returned, with a preference for - English if such details exist. Current list of supported languages: - https://developers.google.com/maps/faq#languagesupport. - type: string - regionCode: - description: >- - The Unicode country/region code (CLDR) of the location where the - request is coming from. This parameter is used to display the place - details, like region-specific place name, if available. The - parameter can affect results based on applicable law. For more - information, see - https://www.unicode.org/cldr/charts/latest/supplemental/territory_language_information.html. - Note that 3-digit region codes are not currently supported. + overview: + description: The overview of the place. + $ref: '#/components/schemas/GoogleTypeLocalizedText' + overviewFlagContentUri: type: string - includedTypes: + description: A link where users can flag a problem with the overview summary. + disclosureText: + $ref: '#/components/schemas/GoogleTypeLocalizedText' description: >- - Included Place type (eg, "restaurant" or "gas_station") from - https://developers.google.com/maps/documentation/places/web-service/place-types. - Up to 50 types from [Table - A](https://developers.google.com/maps/documentation/places/web-service/place-types#table-a) - may be specified. If there are any conflicting types, i.e. a type - appears in both included_types and excluded_types, an - INVALID_ARGUMENT error is returned. If a Place type is specified - with multiple type restrictions, only places that satisfy all of the - restrictions are returned. For example, if we have {included_types = - ["restaurant"], excluded_primary_types = ["restaurant"]}, the - returned places provide "restaurant" related services but do not - operate primarily as "restaurants". - type: array - items: - type: string - excludedTypes: + The AI disclosure message "Summarized with Gemini" (and its + localized variants). This will be in the language specified in the + request if available. + id: GoogleMapsPlacesV1PlaceGenerativeSummary + type: object + description: AI-generated summary of the place. + GoogleMapsPlacesV1EVChargeOptions: + properties: + connectorCount: + type: integer description: >- - Excluded Place type (eg, "restaurant" or "gas_station") from - https://developers.google.com/maps/documentation/places/web-service/place-types. - Up to 50 types from [Table - A](https://developers.google.com/maps/documentation/places/web-service/place-types#table-a) - may be specified. If the client provides both included_types (e.g. - restaurant) and excluded_types (e.g. cafe), then the response should - include places that are restaurant but not cafe. The response - includes places that match at least one of the included_types and - none of the excluded_types. If there are any conflicting types, i.e. - a type appears in both included_types and excluded_types, an - INVALID_ARGUMENT error is returned. If a Place type is specified - with multiple type restrictions, only places that satisfy all of the - restrictions are returned. For example, if we have {included_types = - ["restaurant"], excluded_primary_types = ["restaurant"]}, the - returned places provide "restaurant" related services but do not - operate primarily as "restaurants". - type: array - items: - type: string - includedPrimaryTypes: + Number of connectors at this station. However, because some ports + can have multiple connectors but only be able to charge one car at a + time (e.g.) the number of connectors may be greater than the total + number of cars which can charge simultaneously. + format: int32 + connectorAggregation: description: >- - Included primary Place type (e.g. "restaurant" or "gas_station") - from - https://developers.google.com/maps/documentation/places/web-service/place-types. - A place can only have a single primary type from the supported types - table associated with it. Up to 50 types from [Table - A](https://developers.google.com/maps/documentation/places/web-service/place-types#table-a) - may be specified. If there are any conflicting primary types, i.e. a - type appears in both included_primary_types and - excluded_primary_types, an INVALID_ARGUMENT error is returned. If a - Place type is specified with multiple type restrictions, only places - that satisfy all of the restrictions are returned. For example, if - we have {included_types = ["restaurant"], excluded_primary_types = - ["restaurant"]}, the returned places provide "restaurant" related - services but do not operate primarily as "restaurants". - type: array + A list of EV charging connector aggregations that contain connectors + of the same type and same charge rate. items: - type: string - excludedPrimaryTypes: - description: >- - Excluded primary Place type (e.g. "restaurant" or "gas_station") - from - https://developers.google.com/maps/documentation/places/web-service/place-types. - Up to 50 types from [Table - A](https://developers.google.com/maps/documentation/places/web-service/place-types#table-a) - may be specified. If there are any conflicting primary types, i.e. a - type appears in both included_primary_types and - excluded_primary_types, an INVALID_ARGUMENT error is returned. If a - Place type is specified with multiple type restrictions, only places - that satisfy all of the restrictions are returned. For example, if - we have {included_types = ["restaurant"], excluded_primary_types = - ["restaurant"]}, the returned places provide "restaurant" related - services but do not operate primarily as "restaurants". + $ref: >- + #/components/schemas/GoogleMapsPlacesV1EVChargeOptionsConnectorAggregation type: array - items: - type: string - maxResultCount: + type: object + id: GoogleMapsPlacesV1EVChargeOptions + description: >- + Information about the EV Charge Station hosted in Place. Terminology + follows https://afdc.energy.gov/fuels/electricity_infrastructure.html + One port could charge one car at a time. One port has one or more + connectors. One station has one or more ports. + GoogleMapsPlacesV1PlaceReviewSummary: + description: AI-generated summary of the place using user reviews. + id: GoogleMapsPlacesV1PlaceReviewSummary + properties: + disclosureText: + $ref: '#/components/schemas/GoogleTypeLocalizedText' description: >- - Maximum number of results to return. It must be between 1 and 20 - (default), inclusively. If the number is unset, it falls back to the - upper limit. If the number is set to negative or exceeds the upper - limit, an INVALID_ARGUMENT error is returned. - type: integer - format: int32 - locationRestriction: - description: Required. The region to search. - $ref: >- - #/components/schemas/GoogleMapsPlacesV1SearchNearbyRequestLocationRestriction - rankPreference: - description: How results will be ranked in the response. + The AI disclosure message "Summarized with Gemini" (and its + localized variants). This will be in the language specified in the + request if available. + text: + $ref: '#/components/schemas/GoogleTypeLocalizedText' + description: The summary of user reviews. + reviewsUri: type: string - enumDescriptions: - - >- - RankPreference value not set. Will use rank by POPULARITY by - default. - - Ranks results by distance. - - Ranks results by popularity. - enum: - - RANK_PREFERENCE_UNSPECIFIED - - DISTANCE - - POPULARITY - routingParameters: - description: Optional. Parameters that affect the routing to the search results. - $ref: '#/components/schemas/GoogleMapsPlacesV1RoutingParameters' - GoogleMapsPlacesV1SearchNearbyRequestLocationRestriction: - id: GoogleMapsPlacesV1SearchNearbyRequestLocationRestriction - description: The region to search. + description: A link to show reviews of this place on Google Maps. + flagContentUri: + type: string + description: A link where users can flag a problem with the summary. type: object + GoogleMapsPlacesV1PlaceConsumerAlertDetailsLink: properties: - circle: - description: A circle defined by center point and radius. - $ref: '#/components/schemas/GoogleMapsPlacesV1Circle' + title: + type: string + description: The title to show for the link. + uri: + description: The uri of the link. + type: string + type: object + description: >- + The link to show together with the description to provide more + information. + id: GoogleMapsPlacesV1PlaceConsumerAlertDetailsLink GoogleMapsPlacesV1Circle: id: GoogleMapsPlacesV1Circle description: Circle with a LatLng as center and radius. - type: object properties: center: description: >- @@ -198,175 +138,170 @@ components: [-180.0, 180.0]. $ref: '#/components/schemas/GoogleTypeLatLng' radius: + type: number description: >- Required. Radius measured in meters. The radius must be within [0.0, 50000.0]. - type: number format: double - GoogleTypeLatLng: - id: GoogleTypeLatLng - description: >- - An object that represents a latitude/longitude pair. This is expressed - as a pair of doubles to represent degrees latitude and degrees - longitude. Unless specified otherwise, this object must conform to the - WGS84 standard. Values must be within normalized ranges. type: object - properties: - latitude: - description: The latitude in degrees. It must be in the range [-90.0, +90.0]. - type: number - format: double - longitude: - description: The longitude in degrees. It must be in the range [-180.0, +180.0]. - type: number - format: double - GoogleMapsPlacesV1RoutingParameters: - id: GoogleMapsPlacesV1RoutingParameters + GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionStructuredFormat: + id: GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionStructuredFormat description: >- - Parameters to configure the routing calculations to the places in the - response, both along a route (where result ranking will be influenced) - and for calculating travel times on results. + Contains a breakdown of a Place or query prediction into main text and + secondary text. For Place predictions, the main text contains the + specific name of the Place. For query predictions, the main text + contains the query. The secondary text contains additional + disambiguating features (such as a city or region) to further identify + the Place or refine the query. type: object properties: - origin: + mainText: + description: Represents the name of the Place or query. + $ref: >- + #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionFormattableText + secondaryText: description: >- - Optional. An explicit routing origin that overrides the origin - defined in the polyline. By default, the polyline origin is used. - $ref: '#/components/schemas/GoogleTypeLatLng' - travelMode: - description: Optional. The travel mode. + Represents additional disambiguating features (such as a city or + region) to further identify the Place or refine the query. + $ref: >- + #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionFormattableText + GoogleMapsPlacesV1PlaceConsumerAlertDetails: + id: GoogleMapsPlacesV1PlaceConsumerAlertDetails + properties: + title: + description: The title to show together with the description. type: string - enumDescriptions: - - No travel mode specified. Defaults to `DRIVE`. - - Travel by passenger car. - - >- - Travel by bicycle. Not supported with - `search_along_route_parameters`. - - >- - Travel by walking. Not supported with - `search_along_route_parameters`. - - >- - Motorized two wheeled vehicles of all kinds such as scooters and - motorcycles. Note that this is distinct from the `BICYCLE` travel - mode which covers human-powered transport. Not supported with - `search_along_route_parameters`. Only supported in those countries - listed at [Countries and regions supported for two-wheeled - vehicles](https://developers.google.com/maps/documentation/routes/coverage-two-wheeled). - enum: - - TRAVEL_MODE_UNSPECIFIED - - DRIVE - - BICYCLE - - WALK - - TWO_WHEELER - routeModifiers: - description: Optional. The route modifiers. - $ref: '#/components/schemas/GoogleMapsPlacesV1RouteModifiers' - routingPreference: - description: >- - Optional. Specifies how to compute the routing summaries. The server - attempts to use the selected routing preference to compute the - route. The traffic aware routing preference is only available for - the `DRIVE` or `TWO_WHEELER` `travelMode`. + description: type: string - enumDescriptions: - - No routing preference specified. Default to `TRAFFIC_UNAWARE`. - - >- - Computes routes without taking live traffic conditions into - consideration. Suitable when traffic conditions don't matter or - are not applicable. Using this value produces the lowest latency. - Note: For `TravelMode` `DRIVE` and `TWO_WHEELER`, the route and - duration chosen are based on road network and average - time-independent traffic conditions, not current road conditions. - Consequently, routes may include roads that are temporarily - closed. Results for a given request may vary over time due to - changes in the road network, updated average traffic conditions, - and the distributed nature of the service. Results may also vary - between nearly-equivalent routes at any time or frequency. - - >- - Calculates routes taking live traffic conditions into - consideration. In contrast to `TRAFFIC_AWARE_OPTIMAL`, some - optimizations are applied to significantly reduce latency. - - >- - Calculates the routes taking live traffic conditions into - consideration, without applying most performance optimizations. - Using this value produces the highest latency. - enum: - - ROUTING_PREFERENCE_UNSPECIFIED - - TRAFFIC_UNAWARE - - TRAFFIC_AWARE - - TRAFFIC_AWARE_OPTIMAL - GoogleMapsPlacesV1RouteModifiers: - id: GoogleMapsPlacesV1RouteModifiers - description: >- - Encapsulates a set of optional conditions to satisfy when calculating - the routes. - type: object - properties: - avoidTolls: - description: >- - Optional. When set to true, avoids toll roads where reasonable, - giving preference to routes not containing toll roads. Applies only - to the `DRIVE` and `TWO_WHEELER` `TravelMode`. - type: boolean - avoidHighways: - description: >- - Optional. When set to true, avoids highways where reasonable, giving - preference to routes not containing highways. Applies only to the - `DRIVE` and `TWO_WHEELER` `TravelMode`. - type: boolean - avoidFerries: - description: >- - Optional. When set to true, avoids ferries where reasonable, giving - preference to routes not containing ferries. Applies only to the - `DRIVE` and `TWO_WHEELER` `TravelMode`. - type: boolean - avoidIndoor: + description: The description of the consumer alert message. + aboutLink: + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceConsumerAlertDetailsLink' description: >- - Optional. When set to true, avoids navigating indoors where - reasonable, giving preference to routes not containing indoor - navigation. Applies only to the `WALK` `TravelMode`. - type: boolean - GoogleMapsPlacesV1SearchNearbyResponse: - id: GoogleMapsPlacesV1SearchNearbyResponse - description: 'Response proto for Search Nearby. ' + The link to show together with the description to provide more + information. + type: object + description: The details of the consumer alert message. + GoogleMapsPlacesV1Polyline: type: object + description: >- + A route polyline. Only supports an [encoded + polyline](https://developers.google.com/maps/documentation/utilities/polylinealgorithm), + which can be passed as a string and includes compression with minimal + lossiness. This is the Routes API default output. properties: - places: + encodedPolyline: + type: string description: >- - A list of places that meets user's requirements like places types, - number of places and specific location restriction. - type: array + An [encoded + polyline](https://developers.google.com/maps/documentation/utilities/polylinealgorithm), + as returned by the [Routes API by + default](https://developers.google.com/maps/documentation/routes/reference/rest/v2/TopLevel/computeRoutes#polylineencoding). + See the + [encoder](https://developers.google.com/maps/documentation/utilities/polylineutility) + and + [decoder](https://developers.google.com/maps/documentation/routes/polylinedecoder) + tools. + id: GoogleMapsPlacesV1Polyline + GoogleMapsPlacesV1FuelOptions: + id: GoogleMapsPlacesV1FuelOptions + properties: + fuelPrices: items: - $ref: '#/components/schemas/GoogleMapsPlacesV1Place' - routingSummaries: - description: >- - A list of routing summaries where each entry associates to the - corresponding place in the same index in the `places` field. If the - routing summary is not available for one of the places, it will - contain an empty entry. This list should have as many entries as the - list of places if requested. + $ref: '#/components/schemas/GoogleMapsPlacesV1FuelOptionsFuelPrice' type: array - items: - $ref: '#/components/schemas/GoogleMapsPlacesV1RoutingSummary' - GoogleMapsPlacesV1Place: - id: GoogleMapsPlacesV1Place - description: All the information representing a Place. + description: >- + The last known fuel price for each type of fuel this station has. + There is one entry per fuel type this station has. Order is not + important. + description: >- + The most recent information about fuel options in a gas station. This + information is updated regularly. type: object + GoogleMapsPlacesV1Place: properties: - name: + location: + $ref: '#/components/schemas/GoogleTypeLatLng' + description: The position of this place. + delivery: + description: Specifies if the business supports delivery. + type: boolean + googleMapsLinks: + description: Links to trigger different Google Maps actions. + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceGoogleMapsLinks' + shortFormattedAddress: + type: string + description: A short, human-readable address for this place. + goodForWatchingSports: + description: Place is suitable for watching sports. + type: boolean + servesBreakfast: + type: boolean + description: Specifies if the place serves breakfast. + reservable: + type: boolean + description: Specifies if the place supports reservations. + curbsidePickup: + type: boolean + description: Specifies if the business supports curbside pickup. + servesCoffee: + type: boolean + description: Place serves coffee. + generativeSummary: + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceGenerativeSummary' + description: AI-generated summary of the place. + evChargeAmenitySummary: + description: The summary of amenities near the EV charging station. + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceEvChargeAmenitySummary' + dineIn: + type: boolean description: >- - This Place's resource name, in `places/{place_id}` format. Can be - used to look up the Place. + Specifies if the business supports indoor or outdoor seating + options. + movedPlace: type: string + description: >- + If this Place is permanently closed and has moved to a new Place, + this field contains the new Place's resource name, in + `places/{place_id}` format. If this Place moved multiple times, this + field will represent the first moved place. This field will not be + populated if this Place has not moved. id: + type: string description: The unique identifier of a place. + servesDinner: + description: Specifies if the place serves dinner. + type: boolean + iconMaskBaseUri: + description: >- + A truncated URL to an icon mask. User can access different icon type + by appending type suffix to the end (eg, ".svg" or ".png"). type: string - displayName: + currentOpeningHours: + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceOpeningHours' description: >- - The localized name of the place, suitable as a short human-readable - description. For example, "Google Sydney", "Starbucks", "Pyrmont", - etc. - $ref: '#/components/schemas/GoogleTypeLocalizedText' + The hours of operation for the next seven days (including today). + The time period starts at midnight on the date of the request and + ends at 11:59 pm six days later. This field includes the + special_days subfield of all hours, set for dates that have + exceptional hours. + attributions: + type: array + items: + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceAttribution' + description: A set of data provider that must be shown with this result. + nationalPhoneNumber: + type: string + description: A human-readable phone number for the place, in national format. + userRatingCount: + format: int32 + description: The total number of reviews (with or without text) for this place. + type: integer + servesWine: + type: boolean + description: Specifies if the place serves wine. + servesBeer: + type: boolean + description: Specifies if the place serves beer. types: description: >- A set of type tags for this result. For example, "political" and @@ -376,43 +311,47 @@ components: type: array items: type: string - primaryType: - description: >- - The primary type of the given result. This type must be one of the - Places API supported types. For example, "restaurant", "cafe", - "airport", etc. A place can only have a single primary type. For the - complete list of possible values, see Table A and Table B at - https://developers.google.com/maps/documentation/places/web-service/place-types. - The primary type may be missing if the place's primary type is not a - supported type. When a primary type is present, it is always one of - the types in the `types` field. - type: string - primaryTypeDisplayName: + name: description: >- - The display name of the primary type, localized to the request - language if applicable. For the complete list of possible values, - see Table A and Table B at - https://developers.google.com/maps/documentation/places/web-service/place-types. - The primary type may be missing if the place's primary type is not a - supported type. - $ref: '#/components/schemas/GoogleTypeLocalizedText' - nationalPhoneNumber: - description: A human-readable phone number for the place, in national format. + This Place's resource name, in `places/{place_id}` format. Can be + used to look up the Place. type: string - internationalPhoneNumber: - description: >- - A human-readable phone number for the place, in international - format. + servesBrunch: + description: Specifies if the place serves brunch. + type: boolean + googleMapsUri: type: string + description: A URL providing more information about this place. + priceRange: + description: The price range associated with a Place. + $ref: '#/components/schemas/GoogleMapsPlacesV1PriceRange' formattedAddress: description: A full, human-readable address for this place. type: string - shortFormattedAddress: - description: A short, human-readable address for this place. - type: string - postalAddress: - description: The address in postal address format. - $ref: '#/components/schemas/GoogleTypePostalAddress' + goodForChildren: + description: Place is good for children. + type: boolean + liveMusic: + description: Place provides live music. + type: boolean + rating: + format: double + type: number + description: A rating between 1.0 and 5.0, based on user reviews of this place. + paymentOptions: + description: >- + Payment options the place accepts. If a payment option data is not + available, the payment option field will be unset. + $ref: '#/components/schemas/GoogleMapsPlacesV1PlacePaymentOptions' + timeZone: + $ref: '#/components/schemas/GoogleTypeTimeZone' + description: IANA Time Zone Database time zone. For example "America/New_York". + postalAddress: + description: The address in postal address format. + $ref: '#/components/schemas/GoogleTypePostalAddress' + allowsDogs: + description: Place allows dogs. + type: boolean addressComponents: description: >- Repeated components for each locality level. Note the following @@ -429,28 +368,15 @@ components: change over time for the same address. A component can change position in the array. The type of the component can change. A particular component may be missing in a later response. - type: array items: $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceAddressComponent' - plusCode: - description: Plus code of the place location lat/long. - $ref: '#/components/schemas/GoogleMapsPlacesV1PlacePlusCode' - location: - description: The position of this place. - $ref: '#/components/schemas/GoogleTypeLatLng' - viewport: - description: >- - A viewport suitable for displaying the place on an average-sized - map. This viewport should not be used as the physical boundary or - the service area of the business. - $ref: '#/components/schemas/GoogleGeoTypeViewport' - rating: - description: A rating between 1.0 and 5.0, based on user reviews of this place. - type: number - format: double - googleMapsUri: - description: A URL providing more information about this place. - type: string + type: array + evChargeOptions: + $ref: '#/components/schemas/GoogleMapsPlacesV1EVChargeOptions' + description: Information of ev charging options. + servesCocktails: + description: Place serves cocktails. + type: boolean websiteUri: description: >- The authoritative website for this place, e.g. a business' homepage. @@ -458,13 +384,32 @@ components: this will usually be the website for the individual store, not the overall chain. type: string - reviews: + parkingOptions: + description: Options of parking provided by the place. + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceParkingOptions' + takeout: + description: Specifies if the business supports takeout. + type: boolean + primaryTypeDisplayName: + $ref: '#/components/schemas/GoogleTypeLocalizedText' description: >- - List of reviews about this place, sorted by relevance. A maximum of - 5 reviews can be returned. - type: array - items: - $ref: '#/components/schemas/GoogleMapsPlacesV1Review' + The display name of the primary type, localized to the request + language if applicable. For the complete list of possible values, + see Table A and Table B at + https://developers.google.com/maps/documentation/places/web-service/place-types. + The primary type may be missing if the place's primary type is not a + supported type. + displayName: + $ref: '#/components/schemas/GoogleTypeLocalizedText' + description: >- + The localized name of the place, suitable as a short human-readable + description. For example, "Google Sydney", "Starbucks", "Pyrmont", + etc. + internationalPhoneNumber: + type: string + description: >- + A human-readable phone number for the place, in international + format. regularOpeningHours: description: >- The regular hours of operation. Note that if a place is always open @@ -479,44 +424,79 @@ components: [`minute`](https://developers.google.com/maps/documentation/places/web-service/reference/rest/v1/places#Point) with value `0`. $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceOpeningHours' - utcOffsetMinutes: + goodForGroups: + description: Place accommodates groups. + type: boolean + addressDescriptor: + $ref: '#/components/schemas/GoogleMapsPlacesV1AddressDescriptor' description: >- - Number of minutes this place's timezone is currently offset from - UTC. This is expressed in minutes to support timezones that are - offset by fractions of an hour, e.g. X hours and 15 minutes. - type: integer - format: int32 - timeZone: - description: IANA Time Zone Database time zone. For example "America/New_York". - $ref: '#/components/schemas/GoogleTypeTimeZone' - photos: + The address descriptor of the place. Address descriptors include + additional information that help describe a location using landmarks + and areas. See address descriptor regional coverage in + https://developers.google.com/maps/documentation/geocoding/address-descriptors/coverage. + viewport: description: >- - Information (including references) about photos of this place. A - maximum of 10 photos can be returned. + A viewport suitable for displaying the place on an average-sized + map. This viewport should not be used as the physical boundary or + the service area of the business. + $ref: '#/components/schemas/GoogleGeoTypeViewport' + currentSecondaryOpeningHours: type: array + description: >- + Contains an array of entries for the next seven days including + information about secondary hours of a business. Secondary hours are + different from a business's main hours. For example, a restaurant + can specify drive through hours or delivery hours as its secondary + hours. This field populates the type subfield, which draws from a + predefined list of opening hours types (such as DRIVE_THROUGH, + PICKUP, or TAKEOUT) based on the types of the place. This field + includes the special_days subfield of all hours, set for dates that + have exceptional hours. items: - $ref: '#/components/schemas/GoogleMapsPlacesV1Photo' - adrFormatAddress: + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceOpeningHours' + movedPlaceId: description: >- - The place's address in adr microformat: - http://microformats.org/wiki/adr. + If this Place is permanently closed and has moved to a new Place, + this field contains the new Place's place ID. If this Place moved + multiple times, this field will represent the first moved Place. + This field will not be populated if this Place has not moved. type: string + servesDessert: + type: boolean + description: Place serves dessert. + outdoorSeating: + description: Place provides outdoor seating. + type: boolean businessStatus: - description: The business status for the place. - type: string - enumDescriptions: - - Default value. This value is unused. - - The establishment is operational, not necessarily open now. - - The establishment is temporarily closed. - - The establishment is permanently closed. enum: - BUSINESS_STATUS_UNSPECIFIED - OPERATIONAL - CLOSED_TEMPORARILY - CLOSED_PERMANENTLY + enumDescriptions: + - Default value. This value is unused. + - The establishment is operational, not necessarily open now. + - The establishment is temporarily closed. + - The establishment is permanently closed. + description: The business status for the place. + type: string + fuelOptions: + $ref: '#/components/schemas/GoogleMapsPlacesV1FuelOptions' + description: >- + The most recent information about fuel options in a gas station. + This information is updated regularly. + accessibilityOptions: + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceAccessibilityOptions' + description: Information about the accessibility options a place offers. + editorialSummary: + $ref: '#/components/schemas/GoogleTypeLocalizedText' + description: >- + Contains a summary of the place. A summary is comprised of a textual + overview, and also includes the language code for these if + applicable. Summary text must be presented as-is and can not be + modified or altered. priceLevel: description: Price level of the place. - type: string enumDescriptions: - Place price level is unspecified or unknown. - Place provides free services. @@ -531,83 +511,28 @@ components: - PRICE_LEVEL_MODERATE - PRICE_LEVEL_EXPENSIVE - PRICE_LEVEL_VERY_EXPENSIVE - attributions: - description: A set of data provider that must be shown with this result. + type: string + containingPlaces: + description: List of places in which the current place is located. type: array items: - $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceAttribution' - userRatingCount: - description: The total number of reviews (with or without text) for this place. - type: integer - format: int32 - iconMaskBaseUri: + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceContainingPlace' + primaryType: description: >- - A truncated URL to an icon mask. User can access different icon type - by appending type suffix to the end (eg, ".svg" or ".png"). - type: string - iconBackgroundColor: - description: 'Background color for icon_mask in hex format, e.g. #909CE1.' + The primary type of the given result. This type must be one of the + Places API supported types. For example, "restaurant", "cafe", + "airport", etc. A place can only have a single primary type. For the + complete list of possible values, see Table A and Table B at + https://developers.google.com/maps/documentation/places/web-service/place-types. + The primary type may be missing if the place's primary type is not a + supported type. When a primary type is present, it is always one of + the types in the `types` field. type: string - takeout: - description: Specifies if the business supports takeout. - type: boolean - delivery: - description: Specifies if the business supports delivery. - type: boolean - dineIn: - description: >- - Specifies if the business supports indoor or outdoor seating - options. - type: boolean - curbsidePickup: - description: Specifies if the business supports curbside pickup. - type: boolean - reservable: - description: Specifies if the place supports reservations. - type: boolean - servesBreakfast: - description: Specifies if the place serves breakfast. - type: boolean - servesLunch: - description: Specifies if the place serves lunch. - type: boolean - servesDinner: - description: Specifies if the place serves dinner. - type: boolean - servesBeer: - description: Specifies if the place serves beer. - type: boolean - servesWine: - description: Specifies if the place serves wine. - type: boolean - servesBrunch: - description: Specifies if the place serves brunch. - type: boolean - servesVegetarianFood: - description: Specifies if the place serves vegetarian food. - type: boolean - currentOpeningHours: - description: >- - The hours of operation for the next seven days (including today). - The time period starts at midnight on the date of the request and - ends at 11:59 pm six days later. This field includes the - special_days subfield of all hours, set for dates that have - exceptional hours. - $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceOpeningHours' - currentSecondaryOpeningHours: - description: >- - Contains an array of entries for the next seven days including - information about secondary hours of a business. Secondary hours are - different from a business's main hours. For example, a restaurant - can specify drive through hours or delivery hours as its secondary - hours. This field populates the type subfield, which draws from a - predefined list of opening hours types (such as DRIVE_THROUGH, - PICKUP, or TAKEOUT) based on the types of the place. This field - includes the special_days subfield of all hours, set for dates that - have exceptional hours. + subDestinations: + description: A list of sub-destinations related to the place. type: array items: - $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceOpeningHours' + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceSubDestination' regularSecondaryOpeningHours: description: >- Contains an array of entries for information about regular secondary @@ -620,78 +545,13 @@ components: type: array items: $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceOpeningHours' - editorialSummary: + reviews: + type: array description: >- - Contains a summary of the place. A summary is comprised of a textual - overview, and also includes the language code for these if - applicable. Summary text must be presented as-is and can not be - modified or altered. - $ref: '#/components/schemas/GoogleTypeLocalizedText' - outdoorSeating: - description: Place provides outdoor seating. - type: boolean - liveMusic: - description: Place provides live music. - type: boolean - menuForChildren: - description: Place has a children's menu. - type: boolean - servesCocktails: - description: Place serves cocktails. - type: boolean - servesDessert: - description: Place serves dessert. - type: boolean - servesCoffee: - description: Place serves coffee. - type: boolean - goodForChildren: - description: Place is good for children. - type: boolean - allowsDogs: - description: Place allows dogs. - type: boolean - restroom: - description: Place has restroom. - type: boolean - goodForGroups: - description: Place accommodates groups. - type: boolean - goodForWatchingSports: - description: Place is suitable for watching sports. - type: boolean - paymentOptions: - description: >- - Payment options the place accepts. If a payment option data is not - available, the payment option field will be unset. - $ref: '#/components/schemas/GoogleMapsPlacesV1PlacePaymentOptions' - parkingOptions: - description: Options of parking provided by the place. - $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceParkingOptions' - subDestinations: - description: A list of sub-destinations related to the place. - type: array - items: - $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceSubDestination' - accessibilityOptions: - description: Information about the accessibility options a place offers. - $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceAccessibilityOptions' - fuelOptions: - description: >- - The most recent information about fuel options in a gas station. - This information is updated regularly. - $ref: '#/components/schemas/GoogleMapsPlacesV1FuelOptions' - evChargeOptions: - description: Information of ev charging options. - $ref: '#/components/schemas/GoogleMapsPlacesV1EVChargeOptions' - generativeSummary: - description: AI-generated summary of the place. - $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceGenerativeSummary' - containingPlaces: - description: List of places in which the current place is located. - type: array + List of reviews about this place, sorted by relevance. A maximum of + 5 reviews can be returned. items: - $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceContainingPlace' + $ref: '#/components/schemas/GoogleMapsPlacesV1Review' pureServiceAreaBusiness: description: >- Indicates whether the place is a pure service area business. Pure @@ -701,46 +561,58 @@ components: Those businesses may not have a physical address or location on Google Maps. type: boolean - addressDescriptor: + restroom: + description: Place has restroom. + type: boolean + menuForChildren: + description: Place has a children's menu. + type: boolean + utcOffsetMinutes: description: >- - The address descriptor of the place. Address descriptors include - additional information that help describe a location using landmarks - and areas. See address descriptor regional coverage in - https://developers.google.com/maps/documentation/geocoding/address-descriptors/coverage. - $ref: '#/components/schemas/GoogleMapsPlacesV1AddressDescriptor' - googleMapsLinks: - description: Links to trigger different Google Maps actions. - $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceGoogleMapsLinks' - priceRange: - description: The price range associated with a Place. - $ref: '#/components/schemas/GoogleMapsPlacesV1PriceRange' - reviewSummary: - description: AI-generated summary of the place using user reviews. - $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceReviewSummary' - evChargeAmenitySummary: - description: The summary of amenities near the EV charging station. - $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceEvChargeAmenitySummary' + Number of minutes this place's timezone is currently offset from + UTC. This is expressed in minutes to support timezones that are + offset by fractions of an hour, e.g. X hours and 15 minutes. + format: int32 + type: integer + photos: + type: array + description: >- + Information (including references) about photos of this place. A + maximum of 10 photos can be returned. + items: + $ref: '#/components/schemas/GoogleMapsPlacesV1Photo' + servesVegetarianFood: + description: Specifies if the place serves vegetarian food. + type: boolean neighborhoodSummary: description: A summary of points of interest near the place. $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceNeighborhoodSummary' - GoogleTypeLocalizedText: - id: GoogleTypeLocalizedText - description: Localized variant of a text in a particular language. - type: object - properties: - text: + plusCode: + description: Plus code of the place location lat/long. + $ref: '#/components/schemas/GoogleMapsPlacesV1PlacePlusCode' + adrFormatAddress: description: >- - Localized string in the language corresponding to language_code - below. + The place's address in adr microformat: + http://microformats.org/wiki/adr. type: string - languageCode: + reviewSummary: + description: AI-generated summary of the place using user reviews. + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceReviewSummary' + consumerAlert: + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceConsumerAlert' description: >- - The text's BCP-47 language code, such as "en-US" or "sr-Latn". For - more information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + The consumer alert message for the place when we detect suspicious + review activity on a business or a business violates our policies. + servesLunch: + description: Specifies if the place serves lunch. + type: boolean + iconBackgroundColor: type: string + description: 'Background color for icon_mask in hex format, e.g. #909CE1.' + id: GoogleMapsPlacesV1Place + description: All the information representing a Place. + type: object GoogleTypePostalAddress: - id: GoogleTypePostalAddress description: >- Represents a postal address, such as for postal delivery or payments addresses. With a postal address, a postal service can deliver items to @@ -753,23 +625,7 @@ components: presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, see: https://support.google.com/business/answer/6397478. - type: object properties: - revision: - description: >- - The schema revision of the `PostalAddress`. This must be set to 0, - which is the latest revision. All new revisions **must** be backward - compatible with old revisions. - type: integer - format: int32 - regionCode: - description: >- - Required. CLDR region code of the country/region of the address. - This is never inferred and it is up to the user to ensure the value - is correct. See https://cldr.unicode.org/ and - https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html - for details. Example: "CH" for Switzerland. - type: string languageCode: description: >- Optional. BCP-47 language code of the contents of this address (if @@ -782,32 +638,14 @@ components: it should be omitted (rather than specifying a possibly incorrect default). Examples: "zh-Hant", "ja", "ja-Latn", "en". type: string - postalCode: - description: >- - Optional. Postal code of the address. Not all countries use or - require postal codes to be present, but where they are used, they - may trigger additional validation with other parts of the address - (for example, state or zip code validation in the United States). - type: string - sortingCode: - description: >- - Optional. Additional, country-specific, sorting code. This is not - used in most regions. Where it is used, the value is either a string - like "CEDEX", optionally followed by a number (for example, "CEDEX - 7"), or just a number alone, representing the "sector code" - (Jamaica), "delivery area indicator" (Malawi) or "post office - indicator" (Côte d'Ivoire). - type: string - administrativeArea: + recipients: description: >- - Optional. Highest administrative subdivision which is used for - postal addresses of a country or region. For example, this can be a - state, a province, an oblast, or a prefecture. For Spain, this is - the province and not the autonomous community (for example, - "Barcelona" and not "Catalonia"). Many countries don't use an - administrative area in postal addresses. For example, in - Switzerland, this should be left unpopulated. - type: string + Optional. The recipient at the address. This field may, under + certain circumstances, contain multiline information. For example, + it might contain "care of" information. + items: + type: string + type: array locality: description: >- Optional. Generally refers to the city or town portion of the @@ -815,12 +653,8 @@ components: the world where localities are not well defined or do not fit into this structure well, leave `locality` empty and use `address_lines`. type: string - sublocality: - description: >- - Optional. Sublocality of the address. For example, this can be a - neighborhood, borough, or district. - type: string addressLines: + type: array description: >- Unstructured address lines describing the lower levels of an address. Because values in `address_lines` do not have type @@ -842,601 +676,369 @@ components: recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas). - type: array - items: - type: string - recipients: - description: >- - Optional. The recipient at the address. This field may, under - certain circumstances, contain multiline information. For example, - it might contain "care of" information. - type: array items: type: string organization: - description: Optional. The name of the organization at the address. - type: string - GoogleMapsPlacesV1PlaceAddressComponent: - id: GoogleMapsPlacesV1PlaceAddressComponent - description: >- - The structured components that form the formatted address, if this - information is available. - type: object - properties: - longText: - description: >- - The full text description or name of the address component. For - example, an address component for the country Australia may have a - long_name of "Australia". type: string - shortText: + description: Optional. The name of the organization at the address. + postalCode: description: >- - An abbreviated textual name for the address component, if available. - For example, an address component for the country of Australia may - have a short_name of "AU". + Optional. Postal code of the address. Not all countries use or + require postal codes to be present, but where they are used, they + may trigger additional validation with other parts of the address + (for example, state or zip code validation in the United States). type: string - types: - description: An array indicating the type(s) of the address component. - type: array - items: - type: string - languageCode: - description: The language used to format this components, in CLDR notation. + sublocality: type: string - GoogleMapsPlacesV1PlacePlusCode: - id: GoogleMapsPlacesV1PlacePlusCode - description: >- - Plus code (http://plus.codes) is a location reference with two formats: - global code defining a 14mx14m (1/8000th of a degree) or smaller - rectangle, and compound code, replacing the prefix with a reference - location. - type: object - properties: - globalCode: description: >- - Place's global (full) code, such as "9FWM33GV+HQ", representing an - 1/8000 by 1/8000 degree area (~14 by 14 meters). - type: string - compoundCode: + Optional. Sublocality of the address. For example, this can be a + neighborhood, borough, or district. + revision: description: >- - Place's compound code, such as "33GV+HQ, Ramberg, Norway", - containing the suffix of the global code and replacing the prefix - with a formatted name of a reference entity. - type: string - GoogleGeoTypeViewport: - id: GoogleGeoTypeViewport - description: >- - A latitude-longitude viewport, represented as two diagonally opposite - `low` and `high` points. A viewport is considered a closed region, i.e. - it includes its boundary. The latitude bounds must range between -90 to - 90 degrees inclusive, and the longitude bounds must range between -180 - to 180 degrees inclusive. Various cases include: - If `low` = `high`, - the viewport consists of that single point. - If `low.longitude` > - `high.longitude`, the longitude range is inverted (the viewport crosses - the 180 degree longitude line). - If `low.longitude` = -180 degrees and - `high.longitude` = 180 degrees, the viewport includes all longitudes. - - If `low.longitude` = 180 degrees and `high.longitude` = -180 degrees, - the longitude range is empty. - If `low.latitude` > `high.latitude`, the - latitude range is empty. Both `low` and `high` must be populated, and - the represented box cannot be empty (as specified by the definitions - above). An empty viewport will result in an error. For example, this - viewport fully encloses New York City: { "low": { "latitude": 40.477398, - "longitude": -74.259087 }, "high": { "latitude": 40.91618, "longitude": - -73.70018 } } - type: object - properties: - low: - description: Required. The low point of the viewport. - $ref: '#/components/schemas/GoogleTypeLatLng' - high: - description: Required. The high point of the viewport. - $ref: '#/components/schemas/GoogleTypeLatLng' - GoogleMapsPlacesV1Review: - id: GoogleMapsPlacesV1Review - description: Information about a review of a place. - type: object - properties: - name: + The schema revision of the `PostalAddress`. This must be set to 0, + which is the latest revision. All new revisions **must** be backward + compatible with old revisions. + format: int32 + type: integer + sortingCode: description: >- - A reference representing this place review which may be used to look - up this place review again (also called the API "resource" name: - `places/{place_id}/reviews/{review}`). + Optional. Additional, country-specific, sorting code. This is not + used in most regions. Where it is used, the value is either a string + like "CEDEX", optionally followed by a number (for example, "CEDEX + 7"), or just a number alone, representing the "sector code" + (Jamaica), "delivery area indicator" (Malawi) or "post office + indicator" (Côte d'Ivoire). type: string - relativePublishTimeDescription: + regionCode: description: >- - A string of formatted recent time, expressing the review time - relative to the current time in a form appropriate for the language - and country. - type: string - text: - description: The localized text of the review. - $ref: '#/components/schemas/GoogleTypeLocalizedText' - originalText: - description: The review text in its original language. - $ref: '#/components/schemas/GoogleTypeLocalizedText' - rating: - description: A number between 1.0 and 5.0, also called the number of stars. - type: number - format: double - authorAttribution: - description: This review's author. - $ref: '#/components/schemas/GoogleMapsPlacesV1AuthorAttribution' - publishTime: - description: Timestamp for the review. - type: string - format: google-datetime - flagContentUri: - description: A link where users can flag a problem with the review. + Required. CLDR region code of the country/region of the address. + This is never inferred and it is up to the user to ensure the value + is correct. See https://cldr.unicode.org/ and + https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html + for details. Example: "CH" for Switzerland. type: string - googleMapsUri: - description: A link to show the review on Google Maps. + administrativeArea: + description: >- + Optional. Highest administrative subdivision which is used for + postal addresses of a country or region. For example, this can be a + state, a province, an oblast, or a prefecture. For Spain, this is + the province and not the autonomous community (for example, + "Barcelona" and not "Catalonia"). Many countries don't use an + administrative area in postal addresses. For example, in + Switzerland, this should be left unpopulated. type: string - GoogleMapsPlacesV1AuthorAttribution: - id: GoogleMapsPlacesV1AuthorAttribution - description: Information about the author of the UGC data. Used in Photo, and Review. type: object + id: GoogleTypePostalAddress + GoogleMapsPlacesV1RoutingParameters: properties: - displayName: - description: Name of the author of the Photo or Review. - type: string - uri: - description: URI of the author of the Photo or Review. + origin: + $ref: '#/components/schemas/GoogleTypeLatLng' + description: >- + Optional. An explicit routing origin that overrides the origin + defined in the polyline. By default, the polyline origin is used. + routeModifiers: + description: Optional. The route modifiers. + $ref: '#/components/schemas/GoogleMapsPlacesV1RouteModifiers' + travelMode: + enum: + - TRAVEL_MODE_UNSPECIFIED + - DRIVE + - BICYCLE + - WALK + - TWO_WHEELER + description: Optional. The travel mode. type: string - photoUri: - description: Profile photo URI of the author of the Photo or Review. + enumDescriptions: + - No travel mode specified. Defaults to `DRIVE`. + - Travel by passenger car. + - >- + Travel by bicycle. Not supported with + `search_along_route_parameters`. + - >- + Travel by walking. Not supported with + `search_along_route_parameters`. + - >- + Motorized two wheeled vehicles of all kinds such as scooters and + motorcycles. Note that this is distinct from the `BICYCLE` travel + mode which covers human-powered transport. Not supported with + `search_along_route_parameters`. Only supported in those countries + listed at [Countries and regions supported for two-wheeled + vehicles](https://developers.google.com/maps/documentation/routes/coverage-two-wheeled). + routingPreference: type: string - GoogleMapsPlacesV1PlaceOpeningHours: - id: GoogleMapsPlacesV1PlaceOpeningHours - description: Information about business hour of the place. + enum: + - ROUTING_PREFERENCE_UNSPECIFIED + - TRAFFIC_UNAWARE + - TRAFFIC_AWARE + - TRAFFIC_AWARE_OPTIMAL + enumDescriptions: + - No routing preference specified. Default to `TRAFFIC_UNAWARE`. + - >- + Computes routes without taking live traffic conditions into + consideration. Suitable when traffic conditions don't matter or + are not applicable. Using this value produces the lowest latency. + Note: For `TravelMode` `DRIVE` and `TWO_WHEELER`, the route and + duration chosen are based on road network and average + time-independent traffic conditions, not current road conditions. + Consequently, routes may include roads that are temporarily + closed. Results for a given request may vary over time due to + changes in the road network, updated average traffic conditions, + and the distributed nature of the service. Results may also vary + between nearly-equivalent routes at any time or frequency. + - >- + Calculates routes taking live traffic conditions into + consideration. In contrast to `TRAFFIC_AWARE_OPTIMAL`, some + optimizations are applied to significantly reduce latency. + - >- + Calculates the routes taking live traffic conditions into + consideration, without applying most performance optimizations. + Using this value produces the highest latency. + description: >- + Optional. Specifies how to compute the routing summaries. The server + attempts to use the selected routing preference to compute the + route. The traffic aware routing preference is only available for + the `DRIVE` or `TWO_WHEELER` `travelMode`. + type: object + id: GoogleMapsPlacesV1RoutingParameters + description: >- + Parameters to configure the routing calculations to the places in the + response, both along a route (where result ranking will be influenced) + and for calculating travel times on results. + GoogleMapsPlacesV1SearchTextResponse: type: object + id: GoogleMapsPlacesV1SearchTextResponse + description: 'Response proto for SearchText. ' properties: - openNow: - description: >- - Whether the opening hours period is currently active. For regular - opening hours and current opening hours, this field means whether - the place is open. For secondary opening hours and current secondary - opening hours, this field means whether the secondary hours of this - place is active. - type: boolean - periods: - description: >- - The periods that this place is open during the week. The periods are - in chronological order, in the place-local timezone. An empty (but - not absent) value indicates a place that is never open, e.g. because - it is closed temporarily for renovations. The starting day of - `periods` is NOT fixed and should not be assumed to be Sunday. The - API determines the start day based on a variety of factors. For - example, for a 24/7 business, the first period may begin on the day - of the request. For other businesses, it might be the first day of - the week that they are open. NOTE: The ordering of the `periods` - array is independent of the ordering of the `weekday_descriptions` - array. Do not assume they will begin on the same day. + places: + items: + $ref: '#/components/schemas/GoogleMapsPlacesV1Place' + description: A list of places that meet the user's text search criteria. type: array + routingSummaries: items: - $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceOpeningHoursPeriod' - weekdayDescriptions: + $ref: '#/components/schemas/GoogleMapsPlacesV1RoutingSummary' + type: array description: >- - Localized strings describing the opening hours of this place, one - string for each day of the week. NOTE: The order of the days and the - start of the week is determined by the locale (language and region). - The ordering of the `periods` array is independent of the ordering - of the `weekday_descriptions` array. Do not assume they will begin - on the same day. Will be empty if the hours are unknown or could not - be converted to localized text. Example: "Sun: 18:00–06:00" + A list of routing summaries where each entry associates to the + corresponding place in the same index in the `places` field. If the + routing summary is not available for one of the places, it will + contain an empty entry. This list will have as many entries as the + list of places if requested. + nextPageToken: + description: >- + A token that can be sent as `page_token` to retrieve the next page. + If this field is omitted or empty, there are no subsequent pages. + type: string + contextualContents: + description: >- + Experimental: See + https://developers.google.com/maps/documentation/places/web-service/experimental/places-generative + for more details. A list of contextual contents where each entry + associates to the corresponding place in the same index in the + places field. The contents that are relevant to the `text_query` in + the request are preferred. If the contextual content is not + available for one of the places, it will return non-contextual + content. It will be empty only when the content is unavailable for + this place. This list will have as many entries as the list of + places if requested. type: array items: - type: string - secondaryHoursType: - description: A type string used to identify the type of secondary hours. + $ref: '#/components/schemas/GoogleMapsPlacesV1ContextualContent' + searchUri: type: string - enumDescriptions: - - Default value when secondary hour type is not specified. - - The drive-through hour for banks, restaurants, or pharmacies. - - The happy hour. - - The delivery hour. - - The takeout hour. - - The kitchen hour. - - The breakfast hour. - - The lunch hour. - - The dinner hour. - - The brunch hour. - - The pickup hour. - - The access hours for storage places. - - The special hours for seniors. - - The online service hours. - enum: - - SECONDARY_HOURS_TYPE_UNSPECIFIED - - DRIVE_THROUGH - - HAPPY_HOUR - - DELIVERY - - TAKEOUT - - KITCHEN - - BREAKFAST - - LUNCH - - DINNER - - BRUNCH - - PICKUP - - ACCESS - - SENIOR_HOURS - - ONLINE_SERVICE_HOURS - specialDays: - description: >- - Structured information for special days that fall within the period - that the returned opening hours cover. Special days are days that - could impact the business hours of a place, e.g. Christmas day. Set - for current_opening_hours and current_secondary_opening_hours if - there are exceptional hours. - type: array - items: - $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceOpeningHoursSpecialDay' - nextOpenTime: - description: >- - The next time the current opening hours period starts up to 7 days - in the future. This field is only populated if the opening hours - period is not active at the time of serving the request. - type: string - format: google-datetime - nextCloseTime: - description: >- - The next time the current opening hours period ends up to 7 days in - the future. This field is only populated if the opening hours period - is active at the time of serving the request. - type: string - format: google-datetime - GoogleMapsPlacesV1PlaceOpeningHoursPeriod: - id: GoogleMapsPlacesV1PlaceOpeningHoursPeriod - description: A period the place remains in open_now status. - type: object - properties: - open: - description: The time that the place starts to be open. - $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceOpeningHoursPeriodPoint' - close: - description: The time that the place starts to be closed. - $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceOpeningHoursPeriodPoint' - GoogleMapsPlacesV1PlaceOpeningHoursPeriodPoint: - id: GoogleMapsPlacesV1PlaceOpeningHoursPeriodPoint - description: Status changing points. - type: object - properties: - day: - description: >- - A day of the week, as an integer in the range 0-6. 0 is Sunday, 1 is - Monday, etc. - type: integer - format: int32 - hour: - description: The hour in 24 hour format. Ranges from 0 to 23. - type: integer - format: int32 - minute: - description: The minute. Ranges from 0 to 59. - type: integer - format: int32 - date: - description: Date in the local timezone for the place. - $ref: '#/components/schemas/GoogleTypeDate' - truncated: description: >- - Whether or not this endpoint was truncated. Truncation occurs when - the real hours are outside the times we are willing to return hours - between, so we truncate the hours back to these boundaries. This - ensures that at most 24 * 7 hours from midnight of the day of the - request are returned. - type: boolean - GoogleTypeDate: - id: GoogleTypeDate - description: >- - Represents a whole or partial calendar date, such as a birthday. The - time of day and time zone are either specified elsewhere or are - insignificant. The date is relative to the Gregorian Calendar. This can - represent one of the following: * A full date, with non-zero year, - month, and day values. * A month and day, with a zero year (for example, - an anniversary). * A year on its own, with a zero month and a zero day. - * A year and month, with a zero day (for example, a credit card - expiration date). Related types: * google.type.TimeOfDay * - google.type.DateTime * google.protobuf.Timestamp - type: object + A link allows the user to search with the same text query as + specified in the request on Google Maps. + GoogleMapsPlacesV1ContextualContentJustificationReviewJustificationHighlightedTextHighlightedTextRange: properties: - year: - description: >- - Year of the date. Must be from 1 to 9999, or 0 to specify a date - without a year. + endIndex: type: integer format: int32 - month: - description: >- - Month of a year. Must be from 1 to 12, or 0 to specify a year - without a month and day. - type: integer + startIndex: format: int32 - day: - description: >- - Day of a month. Must be from 1 to 31 and valid for the year and - month, or 0 to specify a year by itself or a year and month where - the day isn't significant. type: integer - format: int32 - GoogleMapsPlacesV1PlaceOpeningHoursSpecialDay: - id: GoogleMapsPlacesV1PlaceOpeningHoursSpecialDay - description: >- - Structured information for special days that fall within the period that - the returned opening hours cover. Special days are days that could - impact the business hours of a place, e.g. Christmas day. + description: The range of highlighted text. + id: >- + GoogleMapsPlacesV1ContextualContentJustificationReviewJustificationHighlightedTextHighlightedTextRange type: object - properties: - date: - description: The date of this special day. - $ref: '#/components/schemas/GoogleTypeDate' GoogleTypeTimeZone: + type: object id: GoogleTypeTimeZone description: >- Represents a time zone from the [IANA Time Zone Database](https://www.iana.org/time-zones). - type: object properties: - id: - description: IANA Time Zone Database time zone. For example "America/New_York". - type: string version: + type: string description: >- Optional. IANA Time Zone Database version number. For example "2019a". + id: type: string - GoogleMapsPlacesV1Photo: - id: GoogleMapsPlacesV1Photo - description: Information about a photo of a place. + description: IANA Time Zone Database time zone. For example "America/New_York". + GoogleMapsPlacesV1SearchNearbyRequestLocationRestriction: type: object + description: The region to search. + id: GoogleMapsPlacesV1SearchNearbyRequestLocationRestriction properties: - name: - description: >- - Identifier. A reference representing this place photo which may be - used to look up this place photo again (also called the API - "resource" name: `places/{place_id}/photos/{photo}`). - type: string - widthPx: - description: The maximum available width, in pixels. - type: integer - format: int32 - heightPx: - description: The maximum available height, in pixels. - type: integer - format: int32 - authorAttributions: - description: This photo's authors. - type: array - items: - $ref: '#/components/schemas/GoogleMapsPlacesV1AuthorAttribution' - flagContentUri: - description: A link where users can flag a problem with the photo. - type: string - googleMapsUri: - description: A link to show the photo on Google Maps. - type: string - GoogleMapsPlacesV1PlaceAttribution: - id: GoogleMapsPlacesV1PlaceAttribution - description: Information about data providers of this place. + circle: + description: A circle defined by center point and radius. + $ref: '#/components/schemas/GoogleMapsPlacesV1Circle' + GoogleMapsPlacesV1PlaceNeighborhoodSummary: type: object properties: - provider: - description: Name of the Place's data provider. - type: string - providerUri: - description: URI to the Place's data provider. + flagContentUri: type: string - GoogleMapsPlacesV1PlacePaymentOptions: - id: GoogleMapsPlacesV1PlacePaymentOptions - description: Payment options the place accepts. - type: object - properties: - acceptsCreditCards: - description: Place accepts credit cards as payment. - type: boolean - acceptsDebitCards: - description: Place accepts debit cards as payment. - type: boolean - acceptsCashOnly: + description: A link where users can flag a problem with the summary. + description: + $ref: '#/components/schemas/GoogleMapsPlacesV1ContentBlock' + description: A detailed description of the neighborhood. + disclosureText: description: >- - Place accepts cash only as payment. Places with this attribute may - still accept other payment methods. - type: boolean - acceptsNfc: - description: Place accepts NFC payments. - type: boolean - GoogleMapsPlacesV1PlaceParkingOptions: - id: GoogleMapsPlacesV1PlaceParkingOptions - description: >- - Information about parking options for the place. A parking lot could - support more than one option at the same time. + The AI disclosure message "Summarized with Gemini" (and its + localized variants). This will be in the language specified in the + request if available. + $ref: '#/components/schemas/GoogleTypeLocalizedText' + overview: + $ref: '#/components/schemas/GoogleMapsPlacesV1ContentBlock' + description: An overview summary of the neighborhood. + description: A summary of points of interest near the place. + id: GoogleMapsPlacesV1PlaceNeighborhoodSummary + GoogleMapsPlacesV1AutocompletePlacesRequest: type: object + description: Request proto for AutocompletePlaces. + id: GoogleMapsPlacesV1AutocompletePlacesRequest properties: - freeParkingLot: - description: Place offers free parking lots. - type: boolean - paidParkingLot: - description: Place offers paid parking lots. - type: boolean - freeStreetParking: - description: Place offers free street parking. + origin: + $ref: '#/components/schemas/GoogleTypeLatLng' + description: >- + Optional. The origin point from which to calculate geodesic distance + to the destination (returned as `distance_meters`). If this value is + omitted, geodesic distance will not be returned. + locationRestriction: + $ref: >- + #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesRequestLocationRestriction + description: >- + Optional. Restrict results to a specified location. At most one of + `location_bias` or `location_restriction` should be set. If neither + are set, the results will be biased by IP address, meaning the IP + address will be mapped to an imprecise location and used as a + biasing signal. + languageCode: + description: >- + Optional. The language in which to return results. Defaults to + en-US. The results may be in mixed languages if the language used in + `input` is different from `language_code` or if the returned Place + does not have a translation from the local language to + `language_code`. + type: string + includePureServiceAreaBusinesses: + description: >- + Optional. Include pure service area businesses if the field is set + to true. Pure service area business is a business that visits or + delivers to customers directly but does not serve customers at their + business address. For example, businesses like cleaning services or + plumbers. Those businesses do not have a physical address or + location on Google Maps. Places will not return fields including + `location`, `plus_code`, and other location related fields for these + businesses. type: boolean - paidStreetParking: - description: Place offers paid street parking. - type: boolean - valetParking: - description: Place offers valet parking. - type: boolean - freeGarageParking: - description: Place offers free garage parking. - type: boolean - paidGarageParking: - description: Place offers paid garage parking. - type: boolean - GoogleMapsPlacesV1PlaceSubDestination: - id: GoogleMapsPlacesV1PlaceSubDestination - description: >- - Sub-destinations are specific places associated with a main place. These - provide more specific destinations for users who are searching within a - large or complex place, like an airport, national park, university, or - stadium. For example, sub-destinations at an airport might include - associated terminals and parking lots. Sub-destinations return the place - ID and place resource name, which can be used in subsequent Place - Details (New) requests to fetch richer details, including the - sub-destination's display name and location. - type: object - properties: - name: - description: The resource name of the sub-destination. - type: string - id: - description: The place id of the sub-destination. - type: string - GoogleMapsPlacesV1PlaceAccessibilityOptions: - id: GoogleMapsPlacesV1PlaceAccessibilityOptions - description: Information about the accessibility options a place offers. - type: object - properties: - wheelchairAccessibleParking: - description: Place offers wheelchair accessible parking. - type: boolean - wheelchairAccessibleEntrance: - description: Places has wheelchair accessible entrance. - type: boolean - wheelchairAccessibleRestroom: - description: Place has wheelchair accessible restroom. - type: boolean - wheelchairAccessibleSeating: - description: Place has wheelchair accessible seating. - type: boolean - GoogleMapsPlacesV1FuelOptions: - id: GoogleMapsPlacesV1FuelOptions - description: >- - The most recent information about fuel options in a gas station. This - information is updated regularly. - type: object - properties: - fuelPrices: + inputOffset: description: >- - The last known fuel price for each type of fuel this station has. - There is one entry per fuel type this station has. Order is not - important. + Optional. A zero-based Unicode character offset of `input` + indicating the cursor position in `input`. The cursor position may + influence what predictions are returned. If empty, defaults to the + length of `input`. + type: integer + format: int32 + includedRegionCodes: + description: >- + Optional. Only include results in the specified regions, specified + as up to 15 CLDR two-character region codes. An empty set will not + restrict the results. If both `location_restriction` and + `included_region_codes` are set, the results will be located in the + area of intersection. type: array items: - $ref: '#/components/schemas/GoogleMapsPlacesV1FuelOptionsFuelPrice' - GoogleMapsPlacesV1FuelOptionsFuelPrice: - id: GoogleMapsPlacesV1FuelOptionsFuelPrice - description: Fuel price information for a given type. - type: object - properties: - type: - description: The type of fuel. - type: string - enumDescriptions: - - Unspecified fuel type. - - Diesel fuel. - - Diesel plus fuel. - - Regular unleaded. - - Midgrade. - - Premium. - - SP 91. - - SP 91 E10. - - SP 92. - - SP 95. - - SP95 E10. - - SP 98. - - SP 99. - - SP 100. - - Liquefied Petroleum Gas. - - E 80. - - E 85. - - E 100. - - Methane. - - Bio-diesel. - - Truck diesel. - enum: - - FUEL_TYPE_UNSPECIFIED - - DIESEL - - DIESEL_PLUS - - REGULAR_UNLEADED - - MIDGRADE - - PREMIUM - - SP91 - - SP91_E10 - - SP92 - - SP95 - - SP95_E10 - - SP98 - - SP99 - - SP100 - - LPG - - E80 - - E85 - - E100 - - METHANE - - BIO_DIESEL - - TRUCK_DIESEL - price: - description: The price of the fuel. - $ref: '#/components/schemas/GoogleTypeMoney' - updateTime: - description: The time the fuel price was last updated. - type: string - format: google-datetime - GoogleTypeMoney: - id: GoogleTypeMoney - description: Represents an amount of money with its currency type. - type: object - properties: - currencyCode: - description: The three-letter currency code defined in ISO 4217. + type: string + input: type: string - units: + description: Required. The text string on which to search. + includedPrimaryTypes: + type: array + items: + type: string description: >- - The whole units of the amount. For example if `currencyCode` is - `"USD"`, then 1 unit is one US dollar. + Optional. Included primary Place type (for example, "restaurant" or + "gas_station") in Place Types + (https://developers.google.com/maps/documentation/places/web-service/place-types), + or only `(regions)`, or only `(cities)`. A Place is only returned if + its primary type is included in this list. Up to 5 values can be + specified. If no types are specified, all Place types are returned. + locationBias: + $ref: >- + #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesRequestLocationBias + description: >- + Optional. Bias results to a specified location. At most one of + `location_bias` or `location_restriction` should be set. If neither + are set, the results will be biased by IP address, meaning the IP + address will be mapped to an imprecise location and used as a + biasing signal. + includeQueryPredictions: + type: boolean + description: >- + Optional. If true, the response will include both Place and query + predictions. Otherwise the response will only return Place + predictions. + sessionToken: + description: >- + Optional. A string which identifies an Autocomplete session for + billing purposes. Must be a URL and filename safe base64 string with + at most 36 ASCII characters in length. Otherwise an INVALID_ARGUMENT + error is returned. The session begins when the user starts typing a + query, and concludes when they select a place and a call to Place + Details or Address Validation is made. Each session can have + multiple queries, followed by one Place Details or Address + Validation request. The credentials used for each request within a + session must belong to the same Google Cloud Console project. Once a + session has concluded, the token is no longer valid; your app must + generate a fresh token for each session. If the `session_token` + parameter is omitted, or if you reuse a session token, the session + is charged as if no session token was provided (each request is + billed separately). We recommend the following guidelines: * Use + session tokens for all Place Autocomplete calls. * Generate a fresh + token for each session. Using a version 4 UUID is recommended. * + Ensure that the credentials used for all Place Autocomplete, Place + Details, and Address Validation requests within a session belong to + the same Cloud Console project. * Be sure to pass a unique session + token for each new session. Using the same token for more than one + session will result in each request being billed individually. + type: string + regionCode: type: string - format: int64 - nanos: description: >- - Number of nano (10^-9) units of the amount. The value must be - between -999,999,999 and +999,999,999 inclusive. If `units` is - positive, `nanos` must be positive or zero. If `units` is zero, - `nanos` can be positive, zero, or negative. If `units` is negative, - `nanos` must be negative or zero. For example $-1.75 is represented - as `units`=-1 and `nanos`=-750,000,000. - type: integer - format: int32 - GoogleMapsPlacesV1EVChargeOptions: - id: GoogleMapsPlacesV1EVChargeOptions - description: >- - Information about the EV Charge Station hosted in Place. Terminology - follows https://afdc.energy.gov/fuels/electricity_infrastructure.html - One port could charge one car at a time. One port has one or more - connectors. One station has one or more ports. - type: object + Optional. The region code, specified as a CLDR two-character region + code. This affects address formatting, result ranking, and may + influence what results are returned. This does not restrict results + to the specified region. To restrict results to a region, use + `region_code_restriction`. + GoogleTypeLocalizedText: properties: - connectorCount: + text: description: >- - Number of connectors at this station. However, because some ports - can have multiple connectors but only be able to charge one car at a - time (e.g.) the number of connectors may be greater than the total - number of cars which can charge simultaneously. - type: integer - format: int32 - connectorAggregation: + Localized string in the language corresponding to language_code + below. + type: string + languageCode: + type: string description: >- - A list of EV charging connector aggregations that contain connectors - of the same type and same charge rate. - type: array - items: - $ref: >- - #/components/schemas/GoogleMapsPlacesV1EVChargeOptionsConnectorAggregation - GoogleMapsPlacesV1EVChargeOptionsConnectorAggregation: - id: GoogleMapsPlacesV1EVChargeOptionsConnectorAggregation - description: >- - EV charging information grouped by [type, max_charge_rate_kw]. Shows EV - charge aggregation of connectors that have the same type and max charge - rate in kw. + The text's BCP-47 language code, such as "en-US" or "sr-Latn". For + more information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. type: object + id: GoogleTypeLocalizedText + description: Localized variant of a text in a particular language. + GoogleMapsPlacesV1EVChargeOptionsConnectorAggregation: properties: type: description: The connector type of this aggregation. @@ -1478,522 +1080,1101 @@ components: - EV_CONNECTOR_TYPE_UNSPECIFIED_GB_T - EV_CONNECTOR_TYPE_UNSPECIFIED_WALL_OUTLET - EV_CONNECTOR_TYPE_NACS - maxChargeRateKw: + availableCount: + type: integer description: >- - The static max charging rate in kw of each connector in the - aggregation. - type: number - format: double + Number of connectors in this aggregation that are currently + available. + format: int32 + availabilityLastUpdateTime: + format: google-datetime + type: string + description: >- + The timestamp when the connector availability information in this + aggregation was last updated. count: + format: int32 description: Number of connectors in this aggregation. type: integer - format: int32 - availableCount: + maxChargeRateKw: + type: number + format: double description: >- - Number of connectors in this aggregation that are currently - available. + The static max charging rate in kw of each connector in the + aggregation. + outOfServiceCount: type: integer format: int32 - outOfServiceCount: description: >- Number of connectors in this aggregation that are currently out of service. - type: integer - format: int32 - availabilityLastUpdateTime: - description: >- - The timestamp when the connector availability information in this - aggregation was last updated. - type: string - format: google-datetime - GoogleMapsPlacesV1PlaceGenerativeSummary: - id: GoogleMapsPlacesV1PlaceGenerativeSummary - description: AI-generated summary of the place. + description: >- + EV charging information grouped by [type, max_charge_rate_kw]. Shows EV + charge aggregation of connectors that have the same type and max charge + rate in kw. + id: GoogleMapsPlacesV1EVChargeOptionsConnectorAggregation type: object + GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionQueryPrediction: properties: - overview: - description: The overview of the place. - $ref: '#/components/schemas/GoogleTypeLocalizedText' - overviewFlagContentUri: - description: A link where users can flag a problem with the overview summary. - type: string - disclosureText: + text: + $ref: >- + #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionFormattableText description: >- - The AI disclosure message "Summarized with Gemini" (and its - localized variants). This will be in the language specified in the - request if available. - $ref: '#/components/schemas/GoogleTypeLocalizedText' - GoogleMapsPlacesV1PlaceContainingPlace: - id: GoogleMapsPlacesV1PlaceContainingPlace - description: Info about the place in which this place is located. + The predicted text. This text does not represent a Place, but rather + a text query that could be used in a search endpoint (for example, + Text Search). `text` is recommended for developers who wish to show + a single UI element. Developers who wish to show two separate, but + related, UI elements may want to use `structured_format` instead. + They are two different ways to represent a query prediction. Users + should not try to parse `structured_format` into `text` or vice + versa. May be in mixed languages if the request `input` and + `language_code` are in different languages or if part of the query + does not have a translation from the local language to + `language_code`. + structuredFormat: + description: >- + A breakdown of the query prediction into main text containing the + query and secondary text containing additional disambiguating + features (such as a city or region). `structured_format` is + recommended for developers who wish to show two separate, but + related, UI elements. Developers who wish to show a single UI + element may want to use `text` instead. They are two different ways + to represent a query prediction. Users should not try to parse + `structured_format` into `text` or vice versa. + $ref: >- + #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionStructuredFormat type: object + id: GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionQueryPrediction + description: Prediction results for a Query Autocomplete prediction. + GoogleMapsPlacesV1PlaceConsumerAlert: properties: - name: - description: The resource name of the place in which this place is located. + overview: + description: The overview of the consumer alert message. type: string - id: - description: The place id of the place in which this place is located. + details: + description: The details of the consumer alert message. + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceConsumerAlertDetails' + languageCode: + description: >- + The language code of the consumer alert message. This is a BCP 47 + language code. type: string - GoogleMapsPlacesV1AddressDescriptor: - id: GoogleMapsPlacesV1AddressDescriptor + type: object + id: GoogleMapsPlacesV1PlaceConsumerAlert description: >- - A relational description of a location. Includes a ranked set of nearby - landmarks and precise containing areas and their relationship to the - target location. + The consumer alert message for the place when we detect suspicious + review activity on a business or a business violates our policies. + GoogleMapsPlacesV1PlaceAccessibilityOptions: type: object + id: GoogleMapsPlacesV1PlaceAccessibilityOptions properties: - landmarks: - description: >- - A ranked list of nearby landmarks. The most recognizable and nearby - landmarks are ranked first. + wheelchairAccessibleEntrance: + type: boolean + description: Places has wheelchair accessible entrance. + wheelchairAccessibleSeating: + type: boolean + description: Place has wheelchair accessible seating. + wheelchairAccessibleRestroom: + description: Place has wheelchair accessible restroom. + type: boolean + wheelchairAccessibleParking: + description: Place offers wheelchair accessible parking. + type: boolean + description: Information about the accessibility options a place offers. + GoogleMapsPlacesV1Photo: + type: object + properties: + authorAttributions: + description: This photo's authors. type: array items: - $ref: '#/components/schemas/GoogleMapsPlacesV1AddressDescriptorLandmark' - areas: + $ref: '#/components/schemas/GoogleMapsPlacesV1AuthorAttribution' + widthPx: + format: int32 + type: integer + description: The maximum available width, in pixels. + googleMapsUri: + description: A link to show the photo on Google Maps. + type: string + name: description: >- - A ranked list of containing or adjacent areas. The most recognizable - and precise areas are ranked first. - type: array - items: - $ref: '#/components/schemas/GoogleMapsPlacesV1AddressDescriptorArea' - GoogleMapsPlacesV1AddressDescriptorLandmark: - id: GoogleMapsPlacesV1AddressDescriptorLandmark - description: >- - Basic landmark information and the landmark's relationship with the - target location. Landmarks are prominent places that can be used to - describe a location. - type: object + Identifier. A reference representing this place photo which may be + used to look up this place photo again (also called the API + "resource" name: `places/{place_id}/photos/{photo}`). + type: string + flagContentUri: + description: A link where users can flag a problem with the photo. + type: string + heightPx: + description: The maximum available height, in pixels. + format: int32 + type: integer + id: GoogleMapsPlacesV1Photo + description: Information about a photo of a place. + GoogleMapsPlacesV1PlaceAttribution: properties: - name: - description: The landmark's resource name. + provider: type: string - placeId: - description: The landmark's place id. + description: Name of the Place's data provider. + providerUri: type: string - displayName: - description: The landmark's display name. - $ref: '#/components/schemas/GoogleTypeLocalizedText' - types: - description: >- - A set of type tags for this landmark. For a complete list of - possible values, see - https://developers.google.com/maps/documentation/places/web-service/place-types. - type: array - items: - type: string - spatialRelationship: - description: >- - Defines the spatial relationship between the target location and the - landmark. + description: URI to the Place's data provider. + type: object + description: Information about data providers of this place. + id: GoogleMapsPlacesV1PlaceAttribution + GoogleMapsPlacesV1PlacePlusCode: + type: object + id: GoogleMapsPlacesV1PlacePlusCode + properties: + globalCode: type: string - enumDescriptions: - - >- - This is the default relationship when nothing more specific below - applies. - - >- - The landmark has a spatial geometry and the target is within its - bounds. - - The target is directly adjacent to the landmark. - - >- - The target is directly opposite the landmark on the other side of - the road. - - On the same route as the landmark but not besides or across. - - Not on the same route as the landmark but a single turn away. - - >- - Close to the landmark's structure but further away from its street - entrances. - enum: - - NEAR - - WITHIN - - BESIDE - - ACROSS_THE_ROAD - - DOWN_THE_ROAD - - AROUND_THE_CORNER - - BEHIND - straightLineDistanceMeters: description: >- - The straight line distance, in meters, between the center point of - the target and the center point of the landmark. In some situations, - this value can be longer than `travel_distance_meters`. - type: number - format: float - travelDistanceMeters: + Place's global (full) code, such as "9FWM33GV+HQ", representing an + 1/8000 by 1/8000 degree area (~14 by 14 meters). + compoundCode: + type: string description: >- - The travel distance, in meters, along the road network from the - target to the landmark, if known. This value does not take into - account the mode of transportation, such as walking, driving, or - biking. - type: number - format: float - GoogleMapsPlacesV1AddressDescriptorArea: - id: GoogleMapsPlacesV1AddressDescriptorArea + Place's compound code, such as "33GV+HQ, Ramberg, Norway", + containing the suffix of the global code and replacing the prefix + with a formatted name of a reference entity. description: >- - Area information and the area's relationship with the target location. - Areas includes precise sublocality, neighborhoods, and large compounds - that are useful for describing a location. - type: object + Plus code (http://plus.codes) is a location reference with two formats: + global code defining a 14mx14m (1/8000th of a degree) or smaller + rectangle, and compound code, replacing the prefix with a reference + location. + GoogleMapsPlacesV1PlaceGoogleMapsLinks: + id: GoogleMapsPlacesV1PlaceGoogleMapsLinks + description: Links to trigger different Google Maps actions. properties: - name: - description: The area's resource name. + placeUri: type: string - placeId: - description: The area's place id. + description: A link to show this place. + photosUri: + description: A link to show photos of this place on Google Maps. type: string - displayName: - description: The area's display name. - $ref: '#/components/schemas/GoogleTypeLocalizedText' - containment: - description: >- - Defines the spatial relationship between the target location and the - area. + writeAReviewUri: type: string - enumDescriptions: - - The containment is unspecified. - - >- - The target location is within the area region, close to the - center. - - The target location is within the area region, close to the edge. - - The target location is outside the area region, but close by. - enum: - - CONTAINMENT_UNSPECIFIED - - WITHIN - - OUTSKIRTS - - NEAR - GoogleMapsPlacesV1PlaceGoogleMapsLinks: - id: GoogleMapsPlacesV1PlaceGoogleMapsLinks - description: Links to trigger different Google Maps actions. - type: object - properties: + description: A link to write a review for this place on Google Maps. directionsUri: description: >- A link to show the directions to the place. The link only populates the destination location and uses the default travel mode `DRIVE`. type: string - placeUri: - description: A link to show this place. - type: string - writeAReviewUri: - description: A link to write a review for this place on Google Maps. - type: string reviewsUri: - description: A link to show reviews of this place on Google Maps. type: string - photosUri: description: A link to show reviews of this place on Google Maps. - type: string - GoogleMapsPlacesV1PriceRange: - id: GoogleMapsPlacesV1PriceRange - description: >- - The price range associated with a Place. `end_price` could be unset, - which indicates a range without upper bound (e.g. "More than $100"). - type: object - properties: - startPrice: - description: >- - The low end of the price range (inclusive). Price should be at or - above this amount. - $ref: '#/components/schemas/GoogleTypeMoney' - endPrice: - description: >- - The high end of the price range (exclusive). Price should be lower - than this amount. - $ref: '#/components/schemas/GoogleTypeMoney' - GoogleMapsPlacesV1PlaceReviewSummary: - id: GoogleMapsPlacesV1PlaceReviewSummary - description: AI-generated summary of the place using user reviews. type: object - properties: - text: - description: The summary of user reviews. - $ref: '#/components/schemas/GoogleTypeLocalizedText' - flagContentUri: - description: A link where users can flag a problem with the summary. - type: string - disclosureText: - description: >- - The AI disclosure message "Summarized with Gemini" (and its - localized variants). This will be in the language specified in the - request if available. - $ref: '#/components/schemas/GoogleTypeLocalizedText' - reviewsUri: - description: A link to show reviews of this place on Google Maps. - type: string GoogleMapsPlacesV1PlaceEvChargeAmenitySummary: - id: GoogleMapsPlacesV1PlaceEvChargeAmenitySummary - description: >- - The summary of amenities near the EV charging station. This only applies - to places with type `electric_vehicle_charging_station`. The `overview` - field is guaranteed to be provided while the other fields are optional. type: object properties: overview: + $ref: '#/components/schemas/GoogleMapsPlacesV1ContentBlock' description: >- An overview of the available amenities. This is guaranteed to be provided. - $ref: '#/components/schemas/GoogleMapsPlacesV1ContentBlock' - coffee: - description: A summary of the nearby coffee options. - $ref: '#/components/schemas/GoogleMapsPlacesV1ContentBlock' - restaurant: - description: A summary of the nearby restaurants. - $ref: '#/components/schemas/GoogleMapsPlacesV1ContentBlock' - store: - description: A summary of the nearby stores. - $ref: '#/components/schemas/GoogleMapsPlacesV1ContentBlock' - flagContentUri: - description: A link where users can flag a problem with the summary. - type: string disclosureText: description: >- The AI disclosure message "Summarized with Gemini" (and its localized variants). This will be in the language specified in the request if available. $ref: '#/components/schemas/GoogleTypeLocalizedText' - GoogleMapsPlacesV1ContentBlock: - id: GoogleMapsPlacesV1ContentBlock - description: A block of content that can be served individually. - type: object - properties: - content: - description: Content related to the topic. - $ref: '#/components/schemas/GoogleTypeLocalizedText' - referencedPlaces: - description: >- - The list of resource names of the referenced places. This name can - be used in other APIs that accept Place resource names. - type: array - items: - type: string - GoogleMapsPlacesV1PlaceNeighborhoodSummary: - id: GoogleMapsPlacesV1PlaceNeighborhoodSummary - description: A summary of points of interest near the place. - type: object - properties: - overview: - description: An overview summary of the neighborhood. + restaurant: + description: A summary of the nearby restaurants. $ref: '#/components/schemas/GoogleMapsPlacesV1ContentBlock' - description: - description: A detailed description of the neighborhood. + store: + description: A summary of the nearby stores. $ref: '#/components/schemas/GoogleMapsPlacesV1ContentBlock' flagContentUri: description: A link where users can flag a problem with the summary. type: string - disclosureText: - description: >- - The AI disclosure message "Summarized with Gemini" (and its - localized variants). This will be in the language specified in the - request if available. - $ref: '#/components/schemas/GoogleTypeLocalizedText' - GoogleMapsPlacesV1RoutingSummary: - id: GoogleMapsPlacesV1RoutingSummary + coffee: + description: A summary of the nearby coffee options. + $ref: '#/components/schemas/GoogleMapsPlacesV1ContentBlock' + id: GoogleMapsPlacesV1PlaceEvChargeAmenitySummary description: >- - The duration and distance from the routing origin to a place in the - response, and a second leg from that place to the destination, if - requested. **Note:** Adding `routingSummaries` in the field mask without - also including either the `routingParameters.origin` parameter or the - `searchAlongRouteParameters.polyline.encodedPolyline` parameter in the - request causes an error. - type: object + The summary of amenities near the EV charging station. This only applies + to places with type `electric_vehicle_charging_station`. The `overview` + field is guaranteed to be provided while the other fields are optional. + GoogleMapsPlacesV1AutocompletePlacesRequestLocationBias: properties: - legs: - description: >- - The legs of the trip. When you calculate travel duration and - distance from a set origin, `legs` contains a single leg containing - the duration and distance from the origin to the destination. When - you do a search along route, `legs` contains two legs: one from the - origin to place, and one from the place to the destination. - type: array - items: - $ref: '#/components/schemas/GoogleMapsPlacesV1RoutingSummaryLeg' - directionsUri: - description: >- - A link to show directions on Google Maps using the waypoints from - the given routing summary. The route generated by this link is not - guaranteed to be the same as the route used to generate the routing - summary. The link uses information provided in the request, from - fields including `routingParameters` and - `searchAlongRouteParameters` when applicable, to generate the - directions link. - type: string - GoogleMapsPlacesV1RoutingSummaryLeg: - id: GoogleMapsPlacesV1RoutingSummaryLeg - description: A leg is a single portion of a journey from one location to another. + rectangle: + description: A viewport defined by a northeast and a southwest corner. + $ref: '#/components/schemas/GoogleGeoTypeViewport' + circle: + $ref: '#/components/schemas/GoogleMapsPlacesV1Circle' + description: A circle defined by a center point and radius. + description: >- + The region to search. The results may be biased around the specified + region. type: object - properties: - duration: - description: The time it takes to complete this leg of the trip. - type: string - format: google-duration - distanceMeters: - description: The distance of this leg of the trip. - type: integer - format: int32 - GoogleMapsPlacesV1SearchTextRequest: - id: GoogleMapsPlacesV1SearchTextRequest - description: 'Request proto for SearchText. ' + id: GoogleMapsPlacesV1AutocompletePlacesRequestLocationBias + GoogleMapsPlacesV1PlaceOpeningHours: type: object + id: GoogleMapsPlacesV1PlaceOpeningHours + description: Information about business hour of the place. properties: - textQuery: - description: Required. The text query for textual search. - type: string - languageCode: - description: >- - Place details will be displayed with the preferred language if - available. If the language code is unspecified or unrecognized, - place details of any language may be returned, with a preference for - English if such details exist. Current list of supported languages: - https://developers.google.com/maps/faq#languagesupport. + nextOpenTime: type: string - regionCode: description: >- - The Unicode country/region code (CLDR) of the location where the - request is coming from. This parameter is used to display the place - details, like region-specific place name, if available. The - parameter can affect results based on applicable law. For more - information, see - https://www.unicode.org/cldr/charts/latest/supplemental/territory_language_information.html. - Note that 3-digit region codes are not currently supported. - type: string - rankPreference: - description: How results will be ranked in the response. - type: string - enumDescriptions: - - >- - For a categorical query such as "Restaurants in New York City", - RELEVANCE is the default. For non-categorical queries such as - "Mountain View, CA" we recommend that you leave rankPreference - unset. - - Ranks results by distance. - - >- - Ranks results by relevance. Sort order determined by normal - ranking stack. - enum: - - RANK_PREFERENCE_UNSPECIFIED - - DISTANCE - - RELEVANCE - includedType: + The next time the current opening hours period starts up to 7 days + in the future. This field is only populated if the opening hours + period is not active at the time of serving the request. + format: google-datetime + nextCloseTime: description: >- - The requested place type. Full list of types supported: - https://developers.google.com/maps/documentation/places/web-service/place-types. - Only support one included type. + The next time the current opening hours period ends up to 7 days in + the future. This field is only populated if the opening hours period + is active at the time of serving the request. type: string + format: google-datetime openNow: description: >- - Used to restrict the search to places that are currently open. The - default is false. + Whether the opening hours period is currently active. For regular + opening hours and current opening hours, this field means whether + the place is open. For secondary opening hours and current secondary + opening hours, this field means whether the secondary hours of this + place is active. type: boolean - minRating: - description: >- - Filter out results whose average user rating is strictly less than - this limit. A valid value must be a float between 0 and 5 - (inclusively) at a 0.5 cadence i.e. [0, 0.5, 1.0, ... , 5.0] - inclusively. The input rating will round up to the nearest - 0.5(ceiling). For instance, a rating of 0.6 will eliminate all - results with a less than 1.0 rating. - type: number - format: double - maxResultCount: + periods: description: >- - Deprecated: Use `page_size` instead. The maximum number of results - per page that can be returned. If the number of available results is - larger than `max_result_count`, a `next_page_token` is returned - which can be passed to `page_token` to get the next page of results - in subsequent requests. If 0 or no value is provided, a default of - 20 is used. The maximum value is 20; values above 20 will be coerced - to 20. Negative values will return an INVALID_ARGUMENT error. If - both `max_result_count` and `page_size` are specified, - `max_result_count` will be ignored. - deprecated: true + The periods that this place is open during the week. The periods are + in chronological order, in the place-local timezone. An empty (but + not absent) value indicates a place that is never open, e.g. because + it is closed temporarily for renovations. The starting day of + `periods` is NOT fixed and should not be assumed to be Sunday. The + API determines the start day based on a variety of factors. For + example, for a 24/7 business, the first period may begin on the day + of the request. For other businesses, it might be the first day of + the week that they are open. NOTE: The ordering of the `periods` + array is independent of the ordering of the `weekday_descriptions` + array. Do not assume they will begin on the same day. + type: array + items: + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceOpeningHoursPeriod' + specialDays: + description: >- + Structured information for special days that fall within the period + that the returned opening hours cover. Special days are days that + could impact the business hours of a place, e.g. Christmas day. Set + for current_opening_hours and current_secondary_opening_hours if + there are exceptional hours. + items: + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceOpeningHoursSpecialDay' + type: array + weekdayDescriptions: + type: array + description: >- + Localized strings describing the opening hours of this place, one + string for each day of the week. NOTE: The order of the days and the + start of the week is determined by the locale (language and region). + The ordering of the `periods` array is independent of the ordering + of the `weekday_descriptions` array. Do not assume they will begin + on the same day. Will be empty if the hours are unknown or could not + be converted to localized text. Example: "Sun: 18:00–06:00" + items: + type: string + secondaryHoursType: + type: string + enumDescriptions: + - Default value when secondary hour type is not specified. + - The drive-through hour for banks, restaurants, or pharmacies. + - The happy hour. + - The delivery hour. + - The takeout hour. + - The kitchen hour. + - The breakfast hour. + - The lunch hour. + - The dinner hour. + - The brunch hour. + - The pickup hour. + - The access hours for storage places. + - The special hours for seniors. + - The online service hours. + enum: + - SECONDARY_HOURS_TYPE_UNSPECIFIED + - DRIVE_THROUGH + - HAPPY_HOUR + - DELIVERY + - TAKEOUT + - KITCHEN + - BREAKFAST + - LUNCH + - DINNER + - BRUNCH + - PICKUP + - ACCESS + - SENIOR_HOURS + - ONLINE_SERVICE_HOURS + description: A type string used to identify the type of secondary hours. + GoogleTypeMoney: + description: Represents an amount of money with its currency type. + type: object + id: GoogleTypeMoney + properties: + currencyCode: + type: string + description: The three-letter currency code defined in ISO 4217. + units: + format: int64 + description: >- + The whole units of the amount. For example if `currencyCode` is + `"USD"`, then 1 unit is one US dollar. + type: string + nanos: + format: int32 + type: integer + description: >- + Number of nano (10^-9) units of the amount. The value must be + between -999,999,999 and +999,999,999 inclusive. If `units` is + positive, `nanos` must be positive or zero. If `units` is zero, + `nanos` can be positive, zero, or negative. If `units` is negative, + `nanos` must be negative or zero. For example $-1.75 is represented + as `units`=-1 and `nanos`=-750,000,000. + GoogleMapsPlacesV1SearchTextRequestSearchAlongRouteParameters: + type: object + description: >- + Specifies a precalculated polyline from the [Routes + API](https://developers.google.com/maps/documentation/routes) defining + the route to search. Searching along a route is similar to using the + `locationBias` or `locationRestriction` request option to bias the + search results. However, while the `locationBias` and + `locationRestriction` options let you specify a region to bias the + search results, this option lets you bias the results along a trip + route. Results are not guaranteed to be along the route provided, but + rather are ranked within the search area defined by the polyline and, + optionally, by the `locationBias` or `locationRestriction` based on + minimal detour times from origin to destination. The results might be + along an alternate route, especially if the provided polyline does not + define an optimal route from origin to destination. + properties: + polyline: + description: Required. The route polyline. + $ref: '#/components/schemas/GoogleMapsPlacesV1Polyline' + id: GoogleMapsPlacesV1SearchTextRequestSearchAlongRouteParameters + GoogleMapsPlacesV1ContextualContentJustification: + id: GoogleMapsPlacesV1ContextualContentJustification + type: object + properties: + reviewJustification: + description: >- + Experimental: See + https://developers.google.com/maps/documentation/places/web-service/experimental/places-generative + for more details. + $ref: >- + #/components/schemas/GoogleMapsPlacesV1ContextualContentJustificationReviewJustification + businessAvailabilityAttributesJustification: + $ref: >- + #/components/schemas/GoogleMapsPlacesV1ContextualContentJustificationBusinessAvailabilityAttributesJustification + description: >- + Experimental: See + https://developers.google.com/maps/documentation/places/web-service/experimental/places-generative + for more details. + description: >- + Experimental: See + https://developers.google.com/maps/documentation/places/web-service/experimental/places-generative + for more details. Justifications for the place. Justifications answers + the question of why a place could interest an end user. + GoogleMapsPlacesV1AutocompletePlacesResponse: + id: GoogleMapsPlacesV1AutocompletePlacesResponse + properties: + suggestions: + description: >- + Contains a list of suggestions, ordered in descending order of + relevance. + type: array + items: + $ref: >- + #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestion + description: Response proto for AutocompletePlaces. + type: object + GoogleMapsPlacesV1AutocompletePlacesResponseSuggestion: + properties: + queryPrediction: + description: A prediction for a query. + $ref: >- + #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionQueryPrediction + placePrediction: + $ref: >- + #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionPlacePrediction + description: A prediction for a Place. + description: An Autocomplete suggestion result. + type: object + id: GoogleMapsPlacesV1AutocompletePlacesResponseSuggestion + GoogleMapsPlacesV1PlacePaymentOptions: + id: GoogleMapsPlacesV1PlacePaymentOptions + type: object + description: Payment options the place accepts. + properties: + acceptsCashOnly: + type: boolean + description: >- + Place accepts cash only as payment. Places with this attribute may + still accept other payment methods. + acceptsNfc: + description: Place accepts NFC payments. + type: boolean + acceptsDebitCards: + description: Place accepts debit cards as payment. + type: boolean + acceptsCreditCards: + type: boolean + description: Place accepts credit cards as payment. + GoogleMapsPlacesV1ContextualContent: + description: >- + Experimental: See + https://developers.google.com/maps/documentation/places/web-service/experimental/places-generative + for more details. Content that is contextual to the place query. + type: object + id: GoogleMapsPlacesV1ContextualContent + properties: + justifications: + description: >- + Experimental: See + https://developers.google.com/maps/documentation/places/web-service/experimental/places-generative + for more details. Justifications for the place. + type: array + items: + $ref: >- + #/components/schemas/GoogleMapsPlacesV1ContextualContentJustification + reviews: + description: List of reviews about this place, contexual to the place query. + type: array + items: + $ref: '#/components/schemas/GoogleMapsPlacesV1Review' + photos: + description: >- + Information (including references) about photos of this place, + contexual to the place query. + items: + $ref: '#/components/schemas/GoogleMapsPlacesV1Photo' + type: array + GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionStringRange: + properties: + endOffset: + format: int32 + description: Zero-based offset of the last Unicode character (exclusive). + type: integer + startOffset: + format: int32 + type: integer + description: >- + Zero-based offset of the first Unicode character of the string + (inclusive). + id: GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionStringRange + type: object + description: Identifies a substring within a given text. + GoogleMapsPlacesV1SearchNearbyResponse: + properties: + routingSummaries: + items: + $ref: '#/components/schemas/GoogleMapsPlacesV1RoutingSummary' + type: array + description: >- + A list of routing summaries where each entry associates to the + corresponding place in the same index in the `places` field. If the + routing summary is not available for one of the places, it will + contain an empty entry. This list should have as many entries as the + list of places if requested. + places: + items: + $ref: '#/components/schemas/GoogleMapsPlacesV1Place' + description: >- + A list of places that meets user's requirements like places types, + number of places and specific location restriction. + type: array + type: object + id: GoogleMapsPlacesV1SearchNearbyResponse + description: 'Response proto for Search Nearby. ' + GoogleMapsPlacesV1RoutingSummaryLeg: + id: GoogleMapsPlacesV1RoutingSummaryLeg + type: object + description: A leg is a single portion of a journey from one location to another. + properties: + distanceMeters: + description: The distance of this leg of the trip. + format: int32 + type: integer + duration: + format: google-duration + type: string + description: The time it takes to complete this leg of the trip. + GoogleMapsPlacesV1PriceRange: + type: object + properties: + startPrice: + description: >- + The low end of the price range (inclusive). Price should be at or + above this amount. + $ref: '#/components/schemas/GoogleTypeMoney' + endPrice: + $ref: '#/components/schemas/GoogleTypeMoney' + description: >- + The high end of the price range (exclusive). Price should be lower + than this amount. + id: GoogleMapsPlacesV1PriceRange + description: >- + The price range associated with a Place. `end_price` could be unset, + which indicates a range without upper bound (e.g. "More than $100"). + GoogleMapsPlacesV1RoutingSummary: + id: GoogleMapsPlacesV1RoutingSummary + properties: + directionsUri: + description: >- + A link to show directions on Google Maps using the waypoints from + the given routing summary. The route generated by this link is not + guaranteed to be the same as the route used to generate the routing + summary. The link uses information provided in the request, from + fields including `routingParameters` and + `searchAlongRouteParameters` when applicable, to generate the + directions link. + type: string + legs: + description: >- + The legs of the trip. When you calculate travel duration and + distance from a set origin, `legs` contains a single leg containing + the duration and distance from the origin to the destination. When + you do a search along route, `legs` contains two legs: one from the + origin to place, and one from the place to the destination. + items: + $ref: '#/components/schemas/GoogleMapsPlacesV1RoutingSummaryLeg' + type: array + description: >- + The duration and distance from the routing origin to a place in the + response, and a second leg from that place to the destination, if + requested. **Note:** Adding `routingSummaries` in the field mask without + also including either the `routingParameters.origin` parameter or the + `searchAlongRouteParameters.polyline.encodedPolyline` parameter in the + request causes an error. + type: object + GoogleMapsPlacesV1PlaceContainingPlace: + type: object + description: Info about the place in which this place is located. + id: GoogleMapsPlacesV1PlaceContainingPlace + properties: + id: + type: string + description: The place id of the place in which this place is located. + name: + description: The resource name of the place in which this place is located. + type: string + GoogleMapsPlacesV1ContextualContentJustificationBusinessAvailabilityAttributesJustification: + type: object + description: >- + Experimental: See + https://developers.google.com/maps/documentation/places/web-service/experimental/places-generative + for more details. BusinessAvailabilityAttributes justifications. This + shows some attributes a business has that could interest an end user. + id: >- + GoogleMapsPlacesV1ContextualContentJustificationBusinessAvailabilityAttributesJustification + properties: + takeout: + type: boolean + description: If a place provides takeout. + dineIn: + description: If a place provides dine-in. + type: boolean + delivery: + type: boolean + description: If a place provides delivery. + GoogleMapsPlacesV1AddressDescriptorLandmark: + description: >- + Basic landmark information and the landmark's relationship with the + target location. Landmarks are prominent places that can be used to + describe a location. + type: object + properties: + name: + description: The landmark's resource name. + type: string + spatialRelationship: + enumDescriptions: + - >- + This is the default relationship when nothing more specific below + applies. + - >- + The landmark has a spatial geometry and the target is within its + bounds. + - The target is directly adjacent to the landmark. + - >- + The target is directly opposite the landmark on the other side of + the road. + - On the same route as the landmark but not besides or across. + - Not on the same route as the landmark but a single turn away. + - >- + Close to the landmark's structure but further away from its street + entrances. + description: >- + Defines the spatial relationship between the target location and the + landmark. + type: string + enum: + - NEAR + - WITHIN + - BESIDE + - ACROSS_THE_ROAD + - DOWN_THE_ROAD + - AROUND_THE_CORNER + - BEHIND + placeId: + description: The landmark's place id. + type: string + straightLineDistanceMeters: + description: >- + The straight line distance, in meters, between the center point of + the target and the center point of the landmark. In some situations, + this value can be longer than `travel_distance_meters`. + type: number + format: float + displayName: + $ref: '#/components/schemas/GoogleTypeLocalizedText' + description: The landmark's display name. + travelDistanceMeters: + type: number + format: float + description: >- + The travel distance, in meters, along the road network from the + target to the landmark, if known. This value does not take into + account the mode of transportation, such as walking, driving, or + biking. + types: + type: array + items: + type: string + description: >- + A set of type tags for this landmark. For a complete list of + possible values, see + https://developers.google.com/maps/documentation/places/web-service/place-types. + id: GoogleMapsPlacesV1AddressDescriptorLandmark + GoogleMapsPlacesV1SearchNearbyRequest: + properties: + routingParameters: + description: Optional. Parameters that affect the routing to the search results. + $ref: '#/components/schemas/GoogleMapsPlacesV1RoutingParameters' + excludedTypes: + items: + type: string + type: array + description: >- + Excluded Place type (eg, "restaurant" or "gas_station") from + https://developers.google.com/maps/documentation/places/web-service/place-types. + Up to 50 types from [Table + A](https://developers.google.com/maps/documentation/places/web-service/place-types#table-a) + may be specified. If the client provides both included_types (e.g. + restaurant) and excluded_types (e.g. cafe), then the response should + include places that are restaurant but not cafe. The response + includes places that match at least one of the included_types and + none of the excluded_types. If there are any conflicting types, i.e. + a type appears in both included_types and excluded_types, an + INVALID_ARGUMENT error is returned. If a Place type is specified + with multiple type restrictions, only places that satisfy all of the + restrictions are returned. For example, if we have {included_types = + ["restaurant"], excluded_primary_types = ["restaurant"]}, the + returned places provide "restaurant" related services but do not + operate primarily as "restaurants". + maxResultCount: + type: integer + description: >- + Maximum number of results to return. It must be between 1 and 20 + (default), inclusively. If the number is unset, it falls back to the + upper limit. If the number is set to negative or exceeds the upper + limit, an INVALID_ARGUMENT error is returned. + format: int32 + includedTypes: + description: >- + Included Place type (eg, "restaurant" or "gas_station") from + https://developers.google.com/maps/documentation/places/web-service/place-types. + Up to 50 types from [Table + A](https://developers.google.com/maps/documentation/places/web-service/place-types#table-a) + may be specified. If there are any conflicting types, i.e. a type + appears in both included_types and excluded_types, an + INVALID_ARGUMENT error is returned. If a Place type is specified + with multiple type restrictions, only places that satisfy all of the + restrictions are returned. For example, if we have {included_types = + ["restaurant"], excluded_primary_types = ["restaurant"]}, the + returned places provide "restaurant" related services but do not + operate primarily as "restaurants". + type: array + items: + type: string + rankPreference: + type: string + description: How results will be ranked in the response. + enumDescriptions: + - >- + RankPreference value not set. Will use rank by POPULARITY by + default. + - Ranks results by distance. + - Ranks results by popularity. + enum: + - RANK_PREFERENCE_UNSPECIFIED + - DISTANCE + - POPULARITY + languageCode: + description: >- + Place details will be displayed with the preferred language if + available. If the language code is unspecified or unrecognized, + place details of any language may be returned, with a preference for + English if such details exist. Current list of supported languages: + https://developers.google.com/maps/faq#languagesupport. + type: string + includedPrimaryTypes: + items: + type: string + description: >- + Included primary Place type (e.g. "restaurant" or "gas_station") + from + https://developers.google.com/maps/documentation/places/web-service/place-types. + A place can only have a single primary type from the supported types + table associated with it. Up to 50 types from [Table + A](https://developers.google.com/maps/documentation/places/web-service/place-types#table-a) + may be specified. If there are any conflicting primary types, i.e. a + type appears in both included_primary_types and + excluded_primary_types, an INVALID_ARGUMENT error is returned. If a + Place type is specified with multiple type restrictions, only places + that satisfy all of the restrictions are returned. For example, if + we have {included_types = ["restaurant"], excluded_primary_types = + ["restaurant"]}, the returned places provide "restaurant" related + services but do not operate primarily as "restaurants". + type: array + regionCode: + type: string + description: >- + The Unicode country/region code (CLDR) of the location where the + request is coming from. This parameter is used to display the place + details, like region-specific place name, if available. The + parameter can affect results based on applicable law. For more + information, see + https://www.unicode.org/cldr/charts/latest/supplemental/territory_language_information.html. + Note that 3-digit region codes are not currently supported. + excludedPrimaryTypes: + items: + type: string + type: array + description: >- + Excluded primary Place type (e.g. "restaurant" or "gas_station") + from + https://developers.google.com/maps/documentation/places/web-service/place-types. + Up to 50 types from [Table + A](https://developers.google.com/maps/documentation/places/web-service/place-types#table-a) + may be specified. If there are any conflicting primary types, i.e. a + type appears in both included_primary_types and + excluded_primary_types, an INVALID_ARGUMENT error is returned. If a + Place type is specified with multiple type restrictions, only places + that satisfy all of the restrictions are returned. For example, if + we have {included_types = ["restaurant"], excluded_primary_types = + ["restaurant"]}, the returned places provide "restaurant" related + services but do not operate primarily as "restaurants". + locationRestriction: + description: Required. The region to search. + $ref: >- + #/components/schemas/GoogleMapsPlacesV1SearchNearbyRequestLocationRestriction + id: GoogleMapsPlacesV1SearchNearbyRequest + description: 'Request proto for Search Nearby. ' + type: object + GoogleGeoTypeViewport: + id: GoogleGeoTypeViewport + description: >- + A latitude-longitude viewport, represented as two diagonally opposite + `low` and `high` points. A viewport is considered a closed region, i.e. + it includes its boundary. The latitude bounds must range between -90 to + 90 degrees inclusive, and the longitude bounds must range between -180 + to 180 degrees inclusive. Various cases include: - If `low` = `high`, + the viewport consists of that single point. - If `low.longitude` > + `high.longitude`, the longitude range is inverted (the viewport crosses + the 180 degree longitude line). - If `low.longitude` = -180 degrees and + `high.longitude` = 180 degrees, the viewport includes all longitudes. - + If `low.longitude` = 180 degrees and `high.longitude` = -180 degrees, + the longitude range is empty. - If `low.latitude` > `high.latitude`, the + latitude range is empty. Both `low` and `high` must be populated, and + the represented box cannot be empty (as specified by the definitions + above). An empty viewport will result in an error. For example, this + viewport fully encloses New York City: { "low": { "latitude": 40.477398, + "longitude": -74.259087 }, "high": { "latitude": 40.91618, "longitude": + -73.70018 } } + type: object + properties: + low: + $ref: '#/components/schemas/GoogleTypeLatLng' + description: Required. The low point of the viewport. + high: + description: Required. The high point of the viewport. + $ref: '#/components/schemas/GoogleTypeLatLng' + GoogleMapsPlacesV1PlaceOpeningHoursPeriodPoint: + description: Status changing points. + id: GoogleMapsPlacesV1PlaceOpeningHoursPeriodPoint + type: object + properties: + day: + description: >- + A day of the week, as an integer in the range 0-6. 0 is Sunday, 1 is + Monday, etc. type: integer format: int32 - pageSize: + truncated: description: >- - Optional. The maximum number of results per page that can be - returned. If the number of available results is larger than - `page_size`, a `next_page_token` is returned which can be passed to - `page_token` to get the next page of results in subsequent requests. - If 0 or no value is provided, a default of 20 is used. The maximum - value is 20; values above 20 will be set to 20. Negative values will - return an INVALID_ARGUMENT error. If both `max_result_count` and - `page_size` are specified, `max_result_count` will be ignored. + Whether or not this endpoint was truncated. Truncation occurs when + the real hours are outside the times we are willing to return hours + between, so we truncate the hours back to these boundaries. This + ensures that at most 24 * 7 hours from midnight of the day of the + request are returned. + type: boolean + date: + description: Date in the local timezone for the place. + $ref: '#/components/schemas/GoogleTypeDate' + hour: + format: int32 + description: The hour in 24 hour format. Ranges from 0 to 23. + type: integer + minute: type: integer + description: The minute. Ranges from 0 to 59. format: int32 - pageToken: + GoogleMapsPlacesV1FuelOptionsFuelPrice: + description: Fuel price information for a given type. + properties: + updateTime: + format: google-datetime + type: string + description: The time the fuel price was last updated. + type: + type: string + enum: + - FUEL_TYPE_UNSPECIFIED + - DIESEL + - DIESEL_PLUS + - REGULAR_UNLEADED + - MIDGRADE + - PREMIUM + - SP91 + - SP91_E10 + - SP92 + - SP95 + - SP95_E10 + - SP98 + - SP99 + - SP100 + - LPG + - E80 + - E85 + - E100 + - METHANE + - BIO_DIESEL + - TRUCK_DIESEL + description: The type of fuel. + enumDescriptions: + - Unspecified fuel type. + - Diesel fuel. + - Diesel plus fuel. + - Regular unleaded. + - Midgrade. + - Premium. + - SP 91. + - SP 91 E10. + - SP 92. + - SP 95. + - SP95 E10. + - SP 98. + - SP 99. + - SP 100. + - Liquefied Petroleum Gas. + - E 80. + - E 85. + - E 100. + - Methane. + - Bio-diesel. + - Truck diesel. + price: + description: The price of the fuel. + $ref: '#/components/schemas/GoogleTypeMoney' + id: GoogleMapsPlacesV1FuelOptionsFuelPrice + type: object + GoogleMapsPlacesV1PlaceAddressComponent: + properties: + longText: + type: string description: >- - Optional. A page token, received from a previous TextSearch call. - Provide this to retrieve the subsequent page. When paginating, all - parameters other than `page_token`, `page_size`, and - `max_result_count` provided to TextSearch must match the initial - call that provided the page token. Otherwise an INVALID_ARGUMENT - error is returned. + The full text description or name of the address component. For + example, an address component for the country Australia may have a + long_name of "Australia". + languageCode: type: string - priceLevels: + description: The language used to format this components, in CLDR notation. + shortText: description: >- - Used to restrict the search to places that are marked as certain - price levels. Users can choose any combinations of price levels. - Default to select all price levels. + An abbreviated textual name for the address component, if available. + For example, an address component for the country of Australia may + have a short_name of "AU". + type: string + types: + type: array + description: An array indicating the type(s) of the address component. + items: + type: string + id: GoogleMapsPlacesV1PlaceAddressComponent + type: object + description: >- + The structured components that form the formatted address, if this + information is available. + GoogleMapsPlacesV1AuthorAttribution: + type: object + properties: + photoUri: + type: string + description: Profile photo URI of the author of the Photo or Review. + uri: + type: string + description: URI of the author of the Photo or Review. + displayName: + description: Name of the author of the Photo or Review. + type: string + id: GoogleMapsPlacesV1AuthorAttribution + description: Information about the author of the UGC data. Used in Photo, and Review. + GoogleMapsPlacesV1PlaceParkingOptions: + type: object + id: GoogleMapsPlacesV1PlaceParkingOptions + properties: + paidStreetParking: + type: boolean + description: Place offers paid street parking. + freeParkingLot: + description: Place offers free parking lots. + type: boolean + paidParkingLot: + description: Place offers paid parking lots. + type: boolean + freeGarageParking: + type: boolean + description: Place offers free garage parking. + freeStreetParking: + type: boolean + description: Place offers free street parking. + valetParking: + description: Place offers valet parking. + type: boolean + paidGarageParking: + type: boolean + description: Place offers paid garage parking. + description: >- + Information about parking options for the place. A parking lot could + support more than one option at the same time. + GoogleMapsPlacesV1AutocompletePlacesRequestLocationRestriction: + id: GoogleMapsPlacesV1AutocompletePlacesRequestLocationRestriction + description: >- + The region to search. The results will be restricted to the specified + region. + properties: + circle: + $ref: '#/components/schemas/GoogleMapsPlacesV1Circle' + description: A circle defined by a center point and radius. + rectangle: + description: A viewport defined by a northeast and a southwest corner. + $ref: '#/components/schemas/GoogleGeoTypeViewport' + type: object + GoogleMapsPlacesV1ContentBlock: + description: A block of content that can be served individually. + id: GoogleMapsPlacesV1ContentBlock + properties: + content: + description: Content related to the topic. + $ref: '#/components/schemas/GoogleTypeLocalizedText' + referencedPlaces: type: array items: type: string - enumDescriptions: - - Place price level is unspecified or unknown. - - Place provides free services. - - Place provides inexpensive services. - - Place provides moderately priced services. - - Place provides expensive services. - - Place provides very expensive services. - enum: - - PRICE_LEVEL_UNSPECIFIED - - PRICE_LEVEL_FREE - - PRICE_LEVEL_INEXPENSIVE - - PRICE_LEVEL_MODERATE - - PRICE_LEVEL_EXPENSIVE - - PRICE_LEVEL_VERY_EXPENSIVE - strictTypeFiltering: description: >- - Used to set strict type filtering for included_type. If set to true, - only results of the same type will be returned. Default to false. - type: boolean - locationBias: + The list of resource names of the referenced places. This name can + be used in other APIs that accept Place resource names. + type: object + GoogleMapsPlacesV1Review: + id: GoogleMapsPlacesV1Review + properties: + flagContentUri: + description: A link where users can flag a problem with the review. + type: string + visitDate: description: >- - The region to search. This location serves as a bias which means - results around given location might be returned. Cannot be set along - with location_restriction. - $ref: '#/components/schemas/GoogleMapsPlacesV1SearchTextRequestLocationBias' - locationRestriction: + The date when the author visited the place. This is truncated to the + year and month of the visit. + $ref: '#/components/schemas/GoogleTypeDate' + name: + type: string description: >- - The region to search. This location serves as a restriction which - means results outside given location will not be returned. Cannot be - set along with location_bias. - $ref: >- - #/components/schemas/GoogleMapsPlacesV1SearchTextRequestLocationRestriction - evOptions: - description: Optional. Set the searchable EV options of a place search request. - $ref: '#/components/schemas/GoogleMapsPlacesV1SearchTextRequestEVOptions' - routingParameters: - description: Optional. Additional parameters for routing to results. - $ref: '#/components/schemas/GoogleMapsPlacesV1RoutingParameters' - searchAlongRouteParameters: - description: Optional. Additional parameters proto for searching along a route. - $ref: >- - #/components/schemas/GoogleMapsPlacesV1SearchTextRequestSearchAlongRouteParameters - includePureServiceAreaBusinesses: + A reference representing this place review which may be used to look + up this place review again (also called the API "resource" name: + `places/{place_id}/reviews/{review}`). + authorAttribution: + description: This review's author. + $ref: '#/components/schemas/GoogleMapsPlacesV1AuthorAttribution' + text: + description: The localized text of the review. + $ref: '#/components/schemas/GoogleTypeLocalizedText' + relativePublishTimeDescription: + type: string description: >- - Optional. Include pure service area businesses if the field is set - to true. Pure service area business is a business that visits or - delivers to customers directly but does not serve customers at their - business address. For example, businesses like cleaning services or - plumbers. Those businesses do not have a physical address or - location on Google Maps. Places will not return fields including - `location`, `plus_code`, and other location related fields for these - businesses. - type: boolean + A string of formatted recent time, expressing the review time + relative to the current time in a form appropriate for the language + and country. + googleMapsUri: + type: string + description: A link to show the review on Google Maps. + publishTime: + format: google-datetime + type: string + description: Timestamp for the review. + rating: + format: double + type: number + description: A number between 1.0 and 5.0, also called the number of stars. + originalText: + description: The review text in its original language. + $ref: '#/components/schemas/GoogleTypeLocalizedText' + type: object + description: Information about a review of a place. + GoogleMapsPlacesV1AddressDescriptor: + properties: + landmarks: + description: >- + A ranked list of nearby landmarks. The most recognizable and nearby + landmarks are ranked first. + items: + $ref: '#/components/schemas/GoogleMapsPlacesV1AddressDescriptorLandmark' + type: array + areas: + items: + $ref: '#/components/schemas/GoogleMapsPlacesV1AddressDescriptorArea' + type: array + description: >- + A ranked list of containing or adjacent areas. The most recognizable + and precise areas are ranked first. + id: GoogleMapsPlacesV1AddressDescriptor + description: >- + A relational description of a location. Includes a ranked set of nearby + landmarks and precise containing areas and their relationship to the + target location. + type: object + GoogleMapsPlacesV1PlaceSubDestination: + properties: + name: + type: string + description: The resource name of the sub-destination. + id: + type: string + description: The place id of the sub-destination. + id: GoogleMapsPlacesV1PlaceSubDestination + description: >- + Sub-destinations are specific places associated with a main place. These + provide more specific destinations for users who are searching within a + large or complex place, like an airport, national park, university, or + stadium. For example, sub-destinations at an airport might include + associated terminals and parking lots. Sub-destinations return the place + ID and place resource name, which can be used in subsequent Place + Details (New) requests to fetch richer details, including the + sub-destination's display name and location. + type: object GoogleMapsPlacesV1SearchTextRequestLocationBias: - id: GoogleMapsPlacesV1SearchTextRequestLocationBias description: >- The region to search. This location serves as a bias which means results around given location might be returned. - type: object properties: rectangle: description: >- @@ -2008,14 +2189,16 @@ components: circle: description: A circle defined by center point and radius. $ref: '#/components/schemas/GoogleMapsPlacesV1Circle' + type: object + id: GoogleMapsPlacesV1SearchTextRequestLocationBias GoogleMapsPlacesV1SearchTextRequestLocationRestriction: id: GoogleMapsPlacesV1SearchTextRequestLocationRestriction description: >- The region to search. This location serves as a restriction which means results outside given location will not be returned. - type: object properties: rectangle: + $ref: '#/components/schemas/GoogleGeoTypeViewport' description: >- A rectangle box defined by northeast and southwest corner. `rectangle.high()` must be the northeast point of the rectangle @@ -2024,481 +2207,437 @@ components: than `rectangle.high().latitude()`. This will result in an empty latitude range. A rectangle viewport cannot be wider than 180 degrees. - $ref: '#/components/schemas/GoogleGeoTypeViewport' - GoogleMapsPlacesV1SearchTextRequestEVOptions: - id: GoogleMapsPlacesV1SearchTextRequestEVOptions - description: Searchable EV options of a place search request. - type: object - properties: - minimumChargingRateKw: - description: >- - Optional. Minimum required charging rate in kilowatts. A place with - a charging rate less than the specified rate is filtered out. - type: number - format: double - connectorTypes: - description: >- - Optional. The list of preferred EV connector types. A place that - does not support any of the listed connector types is filtered out. - type: array - items: - type: string - enumDescriptions: - - Unspecified connector. - - Other connector types. - - J1772 type 1 connector. - - IEC 62196 type 2 connector. Often referred to as MENNEKES. - - CHAdeMO type connector. - - >- - Combined Charging System (AC and DC). Based on SAE. Type-1 - J-1772 connector - - >- - Combined Charging System (AC and DC). Based on Type-2 Mennekes - connector - - >- - The generic TESLA connector. This is NACS in the North America - but can be non-NACS in other parts of the world (e.g. CCS Combo - 2 (CCS2) or GB/T). This value is less representative of an - actual connector type, and more represents the ability to charge - a Tesla brand vehicle at a Tesla owned charging station. - - >- - GB/T type corresponds to the GB/T standard in China. This type - covers all GB_T types. - - Unspecified wall outlet. - - >- - The North American Charging System (NACS), standardized as SAE - J3400. - enum: - - EV_CONNECTOR_TYPE_UNSPECIFIED - - EV_CONNECTOR_TYPE_OTHER - - EV_CONNECTOR_TYPE_J1772 - - EV_CONNECTOR_TYPE_TYPE_2 - - EV_CONNECTOR_TYPE_CHADEMO - - EV_CONNECTOR_TYPE_CCS_COMBO_1 - - EV_CONNECTOR_TYPE_CCS_COMBO_2 - - EV_CONNECTOR_TYPE_TESLA - - EV_CONNECTOR_TYPE_UNSPECIFIED_GB_T - - EV_CONNECTOR_TYPE_UNSPECIFIED_WALL_OUTLET - - EV_CONNECTOR_TYPE_NACS - GoogleMapsPlacesV1SearchTextRequestSearchAlongRouteParameters: - id: GoogleMapsPlacesV1SearchTextRequestSearchAlongRouteParameters - description: >- - Specifies a precalculated polyline from the [Routes - API](https://developers.google.com/maps/documentation/routes) defining - the route to search. Searching along a route is similar to using the - `locationBias` or `locationRestriction` request option to bias the - search results. However, while the `locationBias` and - `locationRestriction` options let you specify a region to bias the - search results, this option lets you bias the results along a trip - route. Results are not guaranteed to be along the route provided, but - rather are ranked within the search area defined by the polyline and, - optionally, by the `locationBias` or `locationRestriction` based on - minimal detour times from origin to destination. The results might be - along an alternate route, especially if the provided polyline does not - define an optimal route from origin to destination. - type: object - properties: - polyline: - description: Required. The route polyline. - $ref: '#/components/schemas/GoogleMapsPlacesV1Polyline' - GoogleMapsPlacesV1Polyline: - id: GoogleMapsPlacesV1Polyline - description: >- - A route polyline. Only supports an [encoded - polyline](https://developers.google.com/maps/documentation/utilities/polylinealgorithm), - which can be passed as a string and includes compression with minimal - lossiness. This is the Routes API default output. - type: object - properties: - encodedPolyline: - description: >- - An [encoded - polyline](https://developers.google.com/maps/documentation/utilities/polylinealgorithm), - as returned by the [Routes API by - default](https://developers.google.com/maps/documentation/routes/reference/rest/v2/TopLevel/computeRoutes#polylineencoding). - See the - [encoder](https://developers.google.com/maps/documentation/utilities/polylineutility) - and - [decoder](https://developers.google.com/maps/documentation/routes/polylinedecoder) - tools. - type: string - GoogleMapsPlacesV1SearchTextResponse: - id: GoogleMapsPlacesV1SearchTextResponse - description: 'Response proto for SearchText. ' type: object + GoogleMapsPlacesV1SearchTextRequest: properties: - places: - description: A list of places that meet the user's text search criteria. - type: array - items: - $ref: '#/components/schemas/GoogleMapsPlacesV1Place' - routingSummaries: + pageSize: + type: integer + format: int32 description: >- - A list of routing summaries where each entry associates to the - corresponding place in the same index in the `places` field. If the - routing summary is not available for one of the places, it will - contain an empty entry. This list will have as many entries as the - list of places if requested. - type: array - items: - $ref: '#/components/schemas/GoogleMapsPlacesV1RoutingSummary' - contextualContents: + Optional. The maximum number of results per page that can be + returned. If the number of available results is larger than + `page_size`, a `next_page_token` is returned which can be passed to + `page_token` to get the next page of results in subsequent requests. + If 0 or no value is provided, a default of 20 is used. The maximum + value is 20; values above 20 will be set to 20. Negative values will + return an INVALID_ARGUMENT error. If both `max_result_count` and + `page_size` are specified, `max_result_count` will be ignored. + evOptions: + $ref: '#/components/schemas/GoogleMapsPlacesV1SearchTextRequestEVOptions' + description: Optional. Set the searchable EV options of a place search request. + languageCode: + type: string description: >- - Experimental: See - https://developers.google.com/maps/documentation/places/web-service/experimental/places-generative - for more details. A list of contextual contents where each entry - associates to the corresponding place in the same index in the - places field. The contents that are relevant to the `text_query` in - the request are preferred. If the contextual content is not - available for one of the places, it will return non-contextual - content. It will be empty only when the content is unavailable for - this place. This list will have as many entries as the list of - places if requested. + Place details will be displayed with the preferred language if + available. If the language code is unspecified or unrecognized, + place details of any language may be returned, with a preference for + English if such details exist. Current list of supported languages: + https://developers.google.com/maps/faq#languagesupport. + priceLevels: type: array - items: - $ref: '#/components/schemas/GoogleMapsPlacesV1ContextualContent' - nextPageToken: description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is omitted or empty, there are no subsequent pages. + Used to restrict the search to places that are marked as certain + price levels. Users can choose any combinations of price levels. + Default to select all price levels. + items: + type: string + enum: + - PRICE_LEVEL_UNSPECIFIED + - PRICE_LEVEL_FREE + - PRICE_LEVEL_INEXPENSIVE + - PRICE_LEVEL_MODERATE + - PRICE_LEVEL_EXPENSIVE + - PRICE_LEVEL_VERY_EXPENSIVE + enumDescriptions: + - Place price level is unspecified or unknown. + - Place provides free services. + - Place provides inexpensive services. + - Place provides moderately priced services. + - Place provides expensive services. + - Place provides very expensive services. + rankPreference: + description: How results will be ranked in the response. + type: string + enumDescriptions: + - >- + For a categorical query such as "Restaurants in New York City", + RELEVANCE is the default. For non-categorical queries such as + "Mountain View, CA" we recommend that you leave rankPreference + unset. + - Ranks results by distance. + - >- + Ranks results by relevance. Sort order determined by normal + ranking stack. + enum: + - RANK_PREFERENCE_UNSPECIFIED + - DISTANCE + - RELEVANCE + pageToken: type: string - searchUri: description: >- - A link allows the user to search with the same text query as - specified in the request on Google Maps. + Optional. A page token, received from a previous TextSearch call. + Provide this to retrieve the subsequent page. When paginating, all + parameters other than `page_token`, `page_size`, and + `max_result_count` provided to TextSearch must match the initial + call that provided the page token. Otherwise an INVALID_ARGUMENT + error is returned. + openNow: + description: >- + Used to restrict the search to places that are currently open. The + default is false. + type: boolean + minRating: + description: >- + Filter out results whose average user rating is strictly less than + this limit. A valid value must be a float between 0 and 5 + (inclusively) at a 0.5 cadence i.e. [0, 0.5, 1.0, ... , 5.0] + inclusively. The input rating will round up to the nearest + 0.5(ceiling). For instance, a rating of 0.6 will eliminate all + results with a less than 1.0 rating. + type: number + format: double + includedType: + description: >- + The requested place type. Full list of types supported: + https://developers.google.com/maps/documentation/places/web-service/place-types. + Only support one included type. + type: string + regionCode: type: string - GoogleMapsPlacesV1ContextualContent: - id: GoogleMapsPlacesV1ContextualContent - description: >- - Experimental: See - https://developers.google.com/maps/documentation/places/web-service/experimental/places-generative - for more details. Content that is contextual to the place query. - type: object - properties: - reviews: - description: List of reviews about this place, contexual to the place query. - type: array - items: - $ref: '#/components/schemas/GoogleMapsPlacesV1Review' - photos: description: >- - Information (including references) about photos of this place, - contexual to the place query. - type: array - items: - $ref: '#/components/schemas/GoogleMapsPlacesV1Photo' - justifications: + The Unicode country/region code (CLDR) of the location where the + request is coming from. This parameter is used to display the place + details, like region-specific place name, if available. The + parameter can affect results based on applicable law. For more + information, see + https://www.unicode.org/cldr/charts/latest/supplemental/territory_language_information.html. + Note that 3-digit region codes are not currently supported. + maxResultCount: description: >- - Experimental: See - https://developers.google.com/maps/documentation/places/web-service/experimental/places-generative - for more details. Justifications for the place. - type: array - items: - $ref: >- - #/components/schemas/GoogleMapsPlacesV1ContextualContentJustification - GoogleMapsPlacesV1ContextualContentJustification: - id: GoogleMapsPlacesV1ContextualContentJustification - description: >- - Experimental: See - https://developers.google.com/maps/documentation/places/web-service/experimental/places-generative - for more details. Justifications for the place. Justifications answers - the question of why a place could interest an end user. - type: object - properties: - reviewJustification: + Deprecated: Use `page_size` instead. The maximum number of results + per page that can be returned. If the number of available results is + larger than `max_result_count`, a `next_page_token` is returned + which can be passed to `page_token` to get the next page of results + in subsequent requests. If 0 or no value is provided, a default of + 20 is used. The maximum value is 20; values above 20 will be coerced + to 20. Negative values will return an INVALID_ARGUMENT error. If + both `max_result_count` and `page_size` are specified, + `max_result_count` will be ignored. + format: int32 + type: integer + deprecated: true + strictTypeFiltering: + type: boolean description: >- - Experimental: See - https://developers.google.com/maps/documentation/places/web-service/experimental/places-generative - for more details. - $ref: >- - #/components/schemas/GoogleMapsPlacesV1ContextualContentJustificationReviewJustification - businessAvailabilityAttributesJustification: + Used to set strict type filtering for included_type. If set to true, + only results of the same type will be returned. Default to false. + includePureServiceAreaBusinesses: description: >- - Experimental: See - https://developers.google.com/maps/documentation/places/web-service/experimental/places-generative - for more details. - $ref: >- - #/components/schemas/GoogleMapsPlacesV1ContextualContentJustificationBusinessAvailabilityAttributesJustification - GoogleMapsPlacesV1ContextualContentJustificationReviewJustification: - id: GoogleMapsPlacesV1ContextualContentJustificationReviewJustification - description: >- - Experimental: See - https://developers.google.com/maps/documentation/places/web-service/experimental/places-generative - for more details. User review justifications. This highlights a section - of the user review that would interest an end user. For instance, if the - search query is "firewood pizza", the review justification highlights - the text relevant to the search query. - type: object - properties: - highlightedText: + Optional. Include pure service area businesses if the field is set + to true. Pure service area business is a business that visits or + delivers to customers directly but does not serve customers at their + business address. For example, businesses like cleaning services or + plumbers. Those businesses do not have a physical address or + location on Google Maps. Places will not return fields including + `location`, `plus_code`, and other location related fields for these + businesses. + type: boolean + locationBias: + description: >- + The region to search. This location serves as a bias which means + results around given location might be returned. Cannot be set along + with location_restriction. + $ref: '#/components/schemas/GoogleMapsPlacesV1SearchTextRequestLocationBias' + routingParameters: + description: Optional. Additional parameters for routing to results. + $ref: '#/components/schemas/GoogleMapsPlacesV1RoutingParameters' + searchAlongRouteParameters: + description: Optional. Additional parameters proto for searching along a route. $ref: >- - #/components/schemas/GoogleMapsPlacesV1ContextualContentJustificationReviewJustificationHighlightedText - review: - description: The review that the highlighted text is generated from. - $ref: '#/components/schemas/GoogleMapsPlacesV1Review' - GoogleMapsPlacesV1ContextualContentJustificationReviewJustificationHighlightedText: - id: >- - GoogleMapsPlacesV1ContextualContentJustificationReviewJustificationHighlightedText - description: >- - The text highlighted by the justification. This is a subset of the - review itself. The exact word to highlight is marked by the - HighlightedTextRange. There could be several words in the text being - highlighted. - type: object - properties: - text: + #/components/schemas/GoogleMapsPlacesV1SearchTextRequestSearchAlongRouteParameters + textQuery: + description: Required. The text query for textual search. type: string - highlightedTextRanges: - description: The list of the ranges of the highlighted text. - type: array - items: - $ref: >- - #/components/schemas/GoogleMapsPlacesV1ContextualContentJustificationReviewJustificationHighlightedTextHighlightedTextRange - GoogleMapsPlacesV1ContextualContentJustificationReviewJustificationHighlightedTextHighlightedTextRange: - id: >- - GoogleMapsPlacesV1ContextualContentJustificationReviewJustificationHighlightedTextHighlightedTextRange - description: The range of highlighted text. + locationRestriction: + description: >- + The region to search. This location serves as a restriction which + means results outside given location will not be returned. Cannot be + set along with location_bias. + $ref: >- + #/components/schemas/GoogleMapsPlacesV1SearchTextRequestLocationRestriction + description: 'Request proto for SearchText. ' + id: GoogleMapsPlacesV1SearchTextRequest type: object - properties: - startIndex: - type: integer - format: int32 - endIndex: - type: integer - format: int32 - GoogleMapsPlacesV1ContextualContentJustificationBusinessAvailabilityAttributesJustification: - id: >- - GoogleMapsPlacesV1ContextualContentJustificationBusinessAvailabilityAttributesJustification + GoogleMapsPlacesV1ContextualContentJustificationReviewJustification: + id: GoogleMapsPlacesV1ContextualContentJustificationReviewJustification description: >- Experimental: See https://developers.google.com/maps/documentation/places/web-service/experimental/places-generative - for more details. BusinessAvailabilityAttributes justifications. This - shows some attributes a business has that could interest an end user. + for more details. User review justifications. This highlights a section + of the user review that would interest an end user. For instance, if the + search query is "firewood pizza", the review justification highlights + the text relevant to the search query. type: object properties: - takeout: - description: If a place provides takeout. - type: boolean - delivery: - description: If a place provides delivery. - type: boolean - dineIn: - description: If a place provides dine-in. - type: boolean - GoogleMapsPlacesV1PhotoMedia: - id: GoogleMapsPlacesV1PhotoMedia - description: A photo media from Places API. + highlightedText: + $ref: >- + #/components/schemas/GoogleMapsPlacesV1ContextualContentJustificationReviewJustificationHighlightedText + review: + $ref: '#/components/schemas/GoogleMapsPlacesV1Review' + description: The review that the highlighted text is generated from. + GoogleTypeLatLng: + description: >- + An object that represents a latitude/longitude pair. This is expressed + as a pair of doubles to represent degrees latitude and degrees + longitude. Unless specified otherwise, this object must conform to the + WGS84 standard. Values must be within normalized ranges. + properties: + latitude: + type: number + format: double + description: The latitude in degrees. It must be in the range [-90.0, +90.0]. + longitude: + description: The longitude in degrees. It must be in the range [-180.0, +180.0]. + format: double + type: number type: object + id: GoogleTypeLatLng + GoogleMapsPlacesV1PlaceOpeningHoursSpecialDay: + id: GoogleMapsPlacesV1PlaceOpeningHoursSpecialDay properties: - name: - description: >- - The resource name of a photo media in the format: - `places/{place_id}/photos/{photo_reference}/media`. - type: string - photoUri: - description: A short-lived uri that can be used to render the photo. - type: string - GoogleMapsPlacesV1AutocompletePlacesRequest: - id: GoogleMapsPlacesV1AutocompletePlacesRequest - description: Request proto for AutocompletePlaces. + date: + description: The date of this special day. + $ref: '#/components/schemas/GoogleTypeDate' type: object + description: >- + Structured information for special days that fall within the period that + the returned opening hours cover. Special days are days that could + impact the business hours of a place, e.g. Christmas day. + GoogleMapsPlacesV1RouteModifiers: properties: - input: - description: Required. The text string on which to search. - type: string - locationBias: + avoidFerries: + type: boolean description: >- - Optional. Bias results to a specified location. At most one of - `location_bias` or `location_restriction` should be set. If neither - are set, the results will be biased by IP address, meaning the IP - address will be mapped to an imprecise location and used as a - biasing signal. - $ref: >- - #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesRequestLocationBias - locationRestriction: + Optional. When set to true, avoids ferries where reasonable, giving + preference to routes not containing ferries. Applies only to the + `DRIVE` and `TWO_WHEELER` `TravelMode`. + avoidIndoor: description: >- - Optional. Restrict results to a specified location. At most one of - `location_bias` or `location_restriction` should be set. If neither - are set, the results will be biased by IP address, meaning the IP - address will be mapped to an imprecise location and used as a - biasing signal. - $ref: >- - #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesRequestLocationRestriction - includedPrimaryTypes: + Optional. When set to true, avoids navigating indoors where + reasonable, giving preference to routes not containing indoor + navigation. Applies only to the `WALK` `TravelMode`. + type: boolean + avoidHighways: + type: boolean description: >- - Optional. Included primary Place type (for example, "restaurant" or - "gas_station") in Place Types - (https://developers.google.com/maps/documentation/places/web-service/place-types), - or only `(regions)`, or only `(cities)`. A Place is only returned if - its primary type is included in this list. Up to 5 values can be - specified. If no types are specified, all Place types are returned. - type: array - items: - type: string - includedRegionCodes: + Optional. When set to true, avoids highways where reasonable, giving + preference to routes not containing highways. Applies only to the + `DRIVE` and `TWO_WHEELER` `TravelMode`. + avoidTolls: + type: boolean description: >- - Optional. Only include results in the specified regions, specified - as up to 15 CLDR two-character region codes. An empty set will not - restrict the results. If both `location_restriction` and - `included_region_codes` are set, the results will be located in the - area of intersection. + Optional. When set to true, avoids toll roads where reasonable, + giving preference to routes not containing toll roads. Applies only + to the `DRIVE` and `TWO_WHEELER` `TravelMode`. + id: GoogleMapsPlacesV1RouteModifiers + description: >- + Encapsulates a set of optional conditions to satisfy when calculating + the routes. + type: object + GoogleMapsPlacesV1SearchTextRequestEVOptions: + id: GoogleMapsPlacesV1SearchTextRequestEVOptions + properties: + connectorTypes: type: array items: + enum: + - EV_CONNECTOR_TYPE_UNSPECIFIED + - EV_CONNECTOR_TYPE_OTHER + - EV_CONNECTOR_TYPE_J1772 + - EV_CONNECTOR_TYPE_TYPE_2 + - EV_CONNECTOR_TYPE_CHADEMO + - EV_CONNECTOR_TYPE_CCS_COMBO_1 + - EV_CONNECTOR_TYPE_CCS_COMBO_2 + - EV_CONNECTOR_TYPE_TESLA + - EV_CONNECTOR_TYPE_UNSPECIFIED_GB_T + - EV_CONNECTOR_TYPE_UNSPECIFIED_WALL_OUTLET + - EV_CONNECTOR_TYPE_NACS type: string - languageCode: - description: >- - Optional. The language in which to return results. Defaults to - en-US. The results may be in mixed languages if the language used in - `input` is different from `language_code` or if the returned Place - does not have a translation from the local language to - `language_code`. - type: string - regionCode: - description: >- - Optional. The region code, specified as a CLDR two-character region - code. This affects address formatting, result ranking, and may - influence what results are returned. This does not restrict results - to the specified region. To restrict results to a region, use - `region_code_restriction`. - type: string - origin: - description: >- - Optional. The origin point from which to calculate geodesic distance - to the destination (returned as `distance_meters`). If this value is - omitted, geodesic distance will not be returned. - $ref: '#/components/schemas/GoogleTypeLatLng' - inputOffset: - description: >- - Optional. A zero-based Unicode character offset of `input` - indicating the cursor position in `input`. The cursor position may - influence what predictions are returned. If empty, defaults to the - length of `input`. - type: integer - format: int32 - includeQueryPredictions: + enumDescriptions: + - Unspecified connector. + - Other connector types. + - J1772 type 1 connector. + - IEC 62196 type 2 connector. Often referred to as MENNEKES. + - CHAdeMO type connector. + - >- + Combined Charging System (AC and DC). Based on SAE. Type-1 + J-1772 connector + - >- + Combined Charging System (AC and DC). Based on Type-2 Mennekes + connector + - >- + The generic TESLA connector. This is NACS in the North America + but can be non-NACS in other parts of the world (e.g. CCS Combo + 2 (CCS2) or GB/T). This value is less representative of an + actual connector type, and more represents the ability to charge + a Tesla brand vehicle at a Tesla owned charging station. + - >- + GB/T type corresponds to the GB/T standard in China. This type + covers all GB_T types. + - Unspecified wall outlet. + - >- + The North American Charging System (NACS), standardized as SAE + J3400. description: >- - Optional. If true, the response will include both Place and query - predictions. Otherwise the response will only return Place - predictions. - type: boolean - sessionToken: + Optional. The list of preferred EV connector types. A place that + does not support any of the listed connector types is filtered out. + minimumChargingRateKw: description: >- - Optional. A string which identifies an Autocomplete session for - billing purposes. Must be a URL and filename safe base64 string with - at most 36 ASCII characters in length. Otherwise an INVALID_ARGUMENT - error is returned. The session begins when the user starts typing a - query, and concludes when they select a place and a call to Place - Details or Address Validation is made. Each session can have - multiple queries, followed by one Place Details or Address - Validation request. The credentials used for each request within a - session must belong to the same Google Cloud Console project. Once a - session has concluded, the token is no longer valid; your app must - generate a fresh token for each session. If the `session_token` - parameter is omitted, or if you reuse a session token, the session - is charged as if no session token was provided (each request is - billed separately). We recommend the following guidelines: * Use - session tokens for all Place Autocomplete calls. * Generate a fresh - token for each session. Using a version 4 UUID is recommended. * - Ensure that the credentials used for all Place Autocomplete, Place - Details, and Address Validation requests within a session belong to - the same Cloud Console project. * Be sure to pass a unique session - token for each new session. Using the same token for more than one - session will result in each request being billed individually. - type: string - includePureServiceAreaBusinesses: + Optional. Minimum required charging rate in kilowatts. A place with + a charging rate less than the specified rate is filtered out. + format: double + type: number + type: object + description: Searchable EV options of a place search request. + GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionFormattableText: + properties: + matches: + type: array + items: + $ref: >- + #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionStringRange description: >- - Optional. Include pure service area businesses if the field is set - to true. Pure service area business is a business that visits or - delivers to customers directly but does not serve customers at their - business address. For example, businesses like cleaning services or - plumbers. Those businesses do not have a physical address or - location on Google Maps. Places will not return fields including - `location`, `plus_code`, and other location related fields for these - businesses. - type: boolean - GoogleMapsPlacesV1AutocompletePlacesRequestLocationBias: - id: GoogleMapsPlacesV1AutocompletePlacesRequestLocationBias + A list of string ranges identifying where the input request matched + in `text`. The ranges can be used to format specific parts of + `text`. The substrings may not be exact matches of `input` if the + matching was determined by criteria other than string matching (for + example, spell corrections or transliterations). These values are + Unicode character offsets of `text`. The ranges are guaranteed to be + ordered in increasing offset values. + text: + description: Text that may be used as is or formatted with `matches`. + type: string + id: GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionFormattableText description: >- - The region to search. The results may be biased around the specified - region. + Text representing a Place or query prediction. The text may be used as + is or formatted. + type: object + GoogleTypeDate: type: object + id: GoogleTypeDate properties: - rectangle: - description: A viewport defined by a northeast and a southwest corner. - $ref: '#/components/schemas/GoogleGeoTypeViewport' - circle: - description: A circle defined by a center point and radius. - $ref: '#/components/schemas/GoogleMapsPlacesV1Circle' - GoogleMapsPlacesV1AutocompletePlacesRequestLocationRestriction: - id: GoogleMapsPlacesV1AutocompletePlacesRequestLocationRestriction + year: + format: int32 + description: >- + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. + type: integer + day: + type: integer + format: int32 + description: >- + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. + month: + type: integer + description: >- + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. + format: int32 description: >- - The region to search. The results will be restricted to the specified - region. + Represents a whole or partial calendar date, such as a birthday. The + time of day and time zone are either specified elsewhere or are + insignificant. The date is relative to the Gregorian Calendar. This can + represent one of the following: * A full date, with non-zero year, + month, and day values. * A month and day, with a zero year (for example, + an anniversary). * A year on its own, with a zero month and a zero day. + * A year and month, with a zero day (for example, a credit card + expiration date). Related types: * google.type.TimeOfDay * + google.type.DateTime * google.protobuf.Timestamp + GoogleMapsPlacesV1AddressDescriptorArea: + description: >- + Area information and the area's relationship with the target location. + Areas includes precise sublocality, neighborhoods, and large compounds + that are useful for describing a location. + properties: + placeId: + type: string + description: The area's place id. + name: + description: The area's resource name. + type: string + displayName: + description: The area's display name. + $ref: '#/components/schemas/GoogleTypeLocalizedText' + containment: + enum: + - CONTAINMENT_UNSPECIFIED + - WITHIN + - OUTSKIRTS + - NEAR + description: >- + Defines the spatial relationship between the target location and the + area. + enumDescriptions: + - The containment is unspecified. + - >- + The target location is within the area region, close to the + center. + - The target location is within the area region, close to the edge. + - The target location is outside the area region, but close by. + type: string + id: GoogleMapsPlacesV1AddressDescriptorArea + type: object + GoogleMapsPlacesV1PlaceOpeningHoursPeriod: + id: GoogleMapsPlacesV1PlaceOpeningHoursPeriod + description: A period the place remains in open_now status. type: object properties: - rectangle: - description: A viewport defined by a northeast and a southwest corner. - $ref: '#/components/schemas/GoogleGeoTypeViewport' - circle: - description: A circle defined by a center point and radius. - $ref: '#/components/schemas/GoogleMapsPlacesV1Circle' - GoogleMapsPlacesV1AutocompletePlacesResponse: - id: GoogleMapsPlacesV1AutocompletePlacesResponse - description: Response proto for AutocompletePlaces. + close: + description: The time that the place starts to be closed. + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceOpeningHoursPeriodPoint' + open: + $ref: '#/components/schemas/GoogleMapsPlacesV1PlaceOpeningHoursPeriodPoint' + description: The time that the place starts to be open. + GoogleMapsPlacesV1ContextualContentJustificationReviewJustificationHighlightedText: + description: >- + The text highlighted by the justification. This is a subset of the + review itself. The exact word to highlight is marked by the + HighlightedTextRange. There could be several words in the text being + highlighted. + id: >- + GoogleMapsPlacesV1ContextualContentJustificationReviewJustificationHighlightedText type: object properties: - suggestions: - description: >- - Contains a list of suggestions, ordered in descending order of - relevance. - type: array + highlightedTextRanges: items: $ref: >- - #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestion - GoogleMapsPlacesV1AutocompletePlacesResponseSuggestion: - id: GoogleMapsPlacesV1AutocompletePlacesResponseSuggestion - description: An Autocomplete suggestion result. - type: object - properties: - placePrediction: - description: A prediction for a Place. - $ref: >- - #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionPlacePrediction - queryPrediction: - description: A prediction for a query. - $ref: >- - #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionQueryPrediction - GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionPlacePrediction: - id: GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionPlacePrediction - description: Prediction results for a Place Autocomplete prediction. - type: object + #/components/schemas/GoogleMapsPlacesV1ContextualContentJustificationReviewJustificationHighlightedTextHighlightedTextRange + type: array + description: The list of the ranges of the highlighted text. + text: + type: string + GoogleMapsPlacesV1PhotoMedia: + id: GoogleMapsPlacesV1PhotoMedia properties: - place: - description: >- - The resource name of the suggested Place. This name can be used in - other APIs that accept Place names. + name: type: string - placeId: description: >- - The unique identifier of the suggested Place. This identifier can be - used in other APIs that accept Place IDs. + The resource name of a photo media in the format: + `places/{place_id}/photos/{photo_reference}/media`. + photoUri: type: string - text: - description: >- - Contains the human-readable name for the returned result. For - establishment results, this is usually the business name and - address. `text` is recommended for developers who wish to show a - single UI element. Developers who wish to show two separate, but - related, UI elements may want to use `structured_format` instead. - They are two different ways to represent a Place prediction. Users - should not try to parse `structured_format` into `text` or vice - versa. This text may be different from the `display_name` returned - by GetPlace. May be in mixed languages if the request `input` and - `language_code` are in different languages or if the Place does not - have a translation from the local language to `language_code`. - $ref: >- - #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionFormattableText + description: A short-lived uri that can be used to render the photo. + description: A photo media from Places API. + type: object + GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionPlacePrediction: + type: object + id: GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionPlacePrediction + properties: structuredFormat: + $ref: >- + #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionStructuredFormat description: >- A breakdown of the Place prediction into main text containing the name of the Place and secondary text containing additional @@ -2508,8 +2647,6 @@ components: a single UI element may want to use `text` instead. They are two different ways to represent a Place prediction. Users should not try to parse `structured_format` into `text` or vice versa. - $ref: >- - #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionStructuredFormat types: description: >- List of types that apply to this Place from Table A or Table B in @@ -2520,132 +2657,78 @@ components: items: type: string distanceMeters: + type: integer + format: int32 description: >- The length of the geodesic in meters from `origin` if `origin` is specified. Certain predictions such as routes may not populate this field. - type: integer - format: int32 - GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionFormattableText: - id: GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionFormattableText - description: >- - Text representing a Place or query prediction. The text may be used as - is or formatted. - type: object - properties: - text: - description: Text that may be used as is or formatted with `matches`. + place: type: string - matches: - description: >- - A list of string ranges identifying where the input request matched - in `text`. The ranges can be used to format specific parts of - `text`. The substrings may not be exact matches of `input` if the - matching was determined by criteria other than string matching (for - example, spell corrections or transliterations). These values are - Unicode character offsets of `text`. The ranges are guaranteed to be - ordered in increasing offset values. - type: array - items: - $ref: >- - #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionStringRange - GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionStringRange: - id: GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionStringRange - description: Identifies a substring within a given text. - type: object - properties: - startOffset: - description: >- - Zero-based offset of the first Unicode character of the string - (inclusive). - type: integer - format: int32 - endOffset: - description: Zero-based offset of the last Unicode character (exclusive). - type: integer - format: int32 - GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionStructuredFormat: - id: GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionStructuredFormat - description: >- - Contains a breakdown of a Place or query prediction into main text and - secondary text. For Place predictions, the main text contains the - specific name of the Place. For query predictions, the main text - contains the query. The secondary text contains additional - disambiguating features (such as a city or region) to further identify - the Place or refine the query. - type: object - properties: - mainText: - description: Represents the name of the Place or query. - $ref: >- - #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionFormattableText - secondaryText: - description: >- - Represents additional disambiguating features (such as a city or - region) to further identify the Place or refine the query. + description: >- + The resource name of the suggested Place. This name can be used in + other APIs that accept Place names. + text: $ref: >- #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionFormattableText - GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionQueryPrediction: - id: GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionQueryPrediction - description: Prediction results for a Query Autocomplete prediction. - type: object - properties: - text: description: >- - The predicted text. This text does not represent a Place, but rather - a text query that could be used in a search endpoint (for example, - Text Search). `text` is recommended for developers who wish to show - a single UI element. Developers who wish to show two separate, but + Contains the human-readable name for the returned result. For + establishment results, this is usually the business name and + address. `text` is recommended for developers who wish to show a + single UI element. Developers who wish to show two separate, but related, UI elements may want to use `structured_format` instead. - They are two different ways to represent a query prediction. Users + They are two different ways to represent a Place prediction. Users should not try to parse `structured_format` into `text` or vice - versa. May be in mixed languages if the request `input` and - `language_code` are in different languages or if part of the query - does not have a translation from the local language to - `language_code`. - $ref: >- - #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionFormattableText - structuredFormat: + versa. This text may be different from the `display_name` returned + by GetPlace. May be in mixed languages if the request `input` and + `language_code` are in different languages or if the Place does not + have a translation from the local language to `language_code`. + placeId: description: >- - A breakdown of the query prediction into main text containing the - query and secondary text containing additional disambiguating - features (such as a city or region). `structured_format` is - recommended for developers who wish to show two separate, but - related, UI elements. Developers who wish to show a single UI - element may want to use `text` instead. They are two different ways - to represent a query prediction. Users should not try to parse - `structured_format` into `text` or vice versa. - $ref: >- - #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponseSuggestionStructuredFormat + The unique identifier of the suggested Place. This identifier can be + used in other APIs that accept Place IDs. + type: string + description: Prediction results for a Place Autocomplete prediction. parameters: - access_token: - description: OAuth access token. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: access_token + name: oauth_token schema: type: string - alt: - description: Data format for response. + _.xgafv: + description: V1 error format. in: query - name: alt + name: $.xgafv schema: type: string enum: - - json - - media - - proto - callback: - description: JSONP + - '1' + - '2' + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: callback + name: prettyPrint schema: - type: string + type: boolean fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string + callback: + description: JSONP + in: query + name: callback + schema: + type: string key: description: >- API key. Your API key identifies your project and provides you with API @@ -2655,18 +2738,16 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + alt: + description: Data format for response. in: query - name: oauth_token + name: alt schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean + enum: + - json + - media + - proto quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -2676,54 +2757,45 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query name: uploadType schema: type: string - _.xgafv: - description: V1 error format. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: $.xgafv + name: upload_protocol schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: places: id: google.places.places name: places title: Places methods: - search_nearby: + get: operation: - $ref: '#/paths/~1v1~1places:searchNearby/post' + $ref: '#/paths/~1v1~1places~1{placesId}/get' response: mediaType: application/json openAPIDocKey: '200' - search_text: + autocomplete: operation: - $ref: '#/paths/~1v1~1places:searchText/post' + $ref: '#/paths/~1v1~1places:autocomplete/post' response: mediaType: application/json openAPIDocKey: '200' - get: + search_nearby: operation: - $ref: '#/paths/~1v1~1places~1{placesId}/get' + $ref: '#/paths/~1v1~1places:searchNearby/post' response: mediaType: application/json openAPIDocKey: '200' - autocomplete: + search_text: operation: - $ref: '#/paths/~1v1~1places:autocomplete/post' + $ref: '#/paths/~1v1~1places:searchText/post' response: mediaType: application/json openAPIDocKey: '200' @@ -2753,27 +2825,24 @@ components: replace: [] delete: [] paths: - /v1/places:searchNearby: + /v1/places/{placesId}: parameters: &ref_1 + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - post: - description: Search for places near locations. - operationId: places.places.searchNearby - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleMapsPlacesV1SearchNearbyRequest' + - $ref: '#/components/parameters/upload_protocol' + get: + description: >- + Get the details of a place based on its resource name, which is a string + in the `places/{place_id}` format. + operationId: places.places.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2784,27 +2853,44 @@ paths: Oauth2c: - https://www.googleapis.com/auth/maps-platform.places - Oauth2: - - https://www.googleapis.com/auth/maps-platform.places.nearbysearch + - https://www.googleapis.com/auth/maps-platform.places.details Oauth2c: - - https://www.googleapis.com/auth/maps-platform.places.nearbysearch + - https://www.googleapis.com/auth/maps-platform.places.details responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleMapsPlacesV1SearchNearbyResponse' - parameters: [] - /v1/places:searchText: + $ref: '#/components/schemas/GoogleMapsPlacesV1Place' + parameters: + - in: path + name: placesId + required: true + schema: + type: string + - in: query + name: languageCode + schema: + type: string + - in: query + name: sessionToken + schema: + type: string + - in: query + name: regionCode + schema: + type: string + /v1/places:autocomplete: parameters: *ref_1 post: - description: Text query based place search. - operationId: places.places.searchText + description: Returns predictions for the given input. + operationId: places.places.autocomplete requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleMapsPlacesV1SearchTextRequest' + $ref: '#/components/schemas/GoogleMapsPlacesV1AutocompletePlacesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2815,24 +2901,28 @@ paths: Oauth2c: - https://www.googleapis.com/auth/maps-platform.places - Oauth2: - - https://www.googleapis.com/auth/maps-platform.places.textsearch + - https://www.googleapis.com/auth/maps-platform.places.autocomplete Oauth2c: - - https://www.googleapis.com/auth/maps-platform.places.textsearch + - https://www.googleapis.com/auth/maps-platform.places.autocomplete responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleMapsPlacesV1SearchTextResponse' + $ref: >- + #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponse parameters: [] - /v1/places/{placesId}: + /v1/places:searchNearby: parameters: *ref_1 - get: - description: >- - Get the details of a place based on its resource name, which is a string - in the `places/{place_id}` format. - operationId: places.places.get + post: + description: Search for places near locations. + operationId: places.places.searchNearby + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleMapsPlacesV1SearchNearbyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2843,44 +2933,27 @@ paths: Oauth2c: - https://www.googleapis.com/auth/maps-platform.places - Oauth2: - - https://www.googleapis.com/auth/maps-platform.places.details + - https://www.googleapis.com/auth/maps-platform.places.nearbysearch Oauth2c: - - https://www.googleapis.com/auth/maps-platform.places.details + - https://www.googleapis.com/auth/maps-platform.places.nearbysearch responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleMapsPlacesV1Place' - parameters: - - in: path - name: placesId - required: true - schema: - type: string - - in: query - name: languageCode - schema: - type: string - - in: query - name: regionCode - schema: - type: string - - in: query - name: sessionToken - schema: - type: string - /v1/places:autocomplete: + $ref: '#/components/schemas/GoogleMapsPlacesV1SearchNearbyResponse' + parameters: [] + /v1/places:searchText: parameters: *ref_1 post: - description: Returns predictions for the given input. - operationId: places.places.autocomplete + description: Text query based place search. + operationId: places.places.searchText requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleMapsPlacesV1AutocompletePlacesRequest' + $ref: '#/components/schemas/GoogleMapsPlacesV1SearchTextRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2891,17 +2964,16 @@ paths: Oauth2c: - https://www.googleapis.com/auth/maps-platform.places - Oauth2: - - https://www.googleapis.com/auth/maps-platform.places.autocomplete + - https://www.googleapis.com/auth/maps-platform.places.textsearch Oauth2c: - - https://www.googleapis.com/auth/maps-platform.places.autocomplete + - https://www.googleapis.com/auth/maps-platform.places.textsearch responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/GoogleMapsPlacesV1AutocompletePlacesResponse + $ref: '#/components/schemas/GoogleMapsPlacesV1SearchTextResponse' parameters: [] /v1/places/{placesId}/photos/{photosId}/media: parameters: *ref_1 @@ -2940,12 +3012,12 @@ paths: schema: type: string - in: query - name: maxWidthPx + name: maxHeightPx schema: type: integer format: int32 - in: query - name: maxHeightPx + name: maxWidthPx schema: type: integer format: int32 diff --git a/providers/src/googleapis.com/v00.00.00000/services/policyanalyzer.yaml b/providers/src/googleapis.com/v00.00.00000/services/policyanalyzer.yaml index eb184bb8..c1fb8a28 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/policyanalyzer.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/policyanalyzer.yaml @@ -7,8 +7,8 @@ info: title: Policy Analyzer API description: '' version: v1 - x-discovery-doc-revision: '20250824' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251207' + x-generated-date: '2025-12-10' externalDocs: url: https://www.google.com servers: @@ -34,99 +34,95 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleCloudPolicyanalyzerV1QueryActivityResponse: - id: GoogleCloudPolicyanalyzerV1QueryActivityResponse - description: Response to the `QueryActivity` method. - type: object - properties: - activities: - description: The set of activities that match the filter included in the request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudPolicyanalyzerV1Activity' - nextPageToken: - description: >- - If there might be more results than those appearing in this - response, then `nextPageToken` is included. To get the next set of - results, call this method again using the value of `nextPageToken` - as `pageToken`. - type: string GoogleCloudPolicyanalyzerV1Activity: - id: GoogleCloudPolicyanalyzerV1Activity - description: Represents Activity on a GCP resource over specific observation period. type: object properties: fullResourceName: + type: string description: >- The full resource name that identifies the resource. For examples of full resource names for Google Cloud services, see https://cloud.google.com/iam/help/troubleshooter/full-resource-names. - type: string activityType: - description: The type of the activity. type: string + description: The type of the activity. observationPeriod: description: The data observation period to build the activity. $ref: '#/components/schemas/GoogleCloudPolicyanalyzerV1ObservationPeriod' activity: - description: A struct of custom fields to explain the activity. type: object + description: A struct of custom fields to explain the activity. additionalProperties: type: any description: Properties of the object. + description: Represents Activity on a GCP resource over specific observation period. + id: GoogleCloudPolicyanalyzerV1Activity + GoogleCloudPolicyanalyzerV1QueryActivityResponse: + description: Response to the `QueryActivity` method. + id: GoogleCloudPolicyanalyzerV1QueryActivityResponse + properties: + activities: + items: + $ref: '#/components/schemas/GoogleCloudPolicyanalyzerV1Activity' + type: array + description: The set of activities that match the filter included in the request. + nextPageToken: + type: string + description: >- + If there might be more results than those appearing in this + response, then `nextPageToken` is included. To get the next set of + results, call this method again using the value of `nextPageToken` + as `pageToken`. + type: object GoogleCloudPolicyanalyzerV1ObservationPeriod: id: GoogleCloudPolicyanalyzerV1ObservationPeriod - description: Represents data observation period. - type: object properties: - startTime: + endTime: description: >- - The observation start time. The time in this timestamp is always + The observation end time. The time in this timestamp is always `07:00:00Z`. type: string format: google-datetime - endTime: + startTime: description: >- - The observation end time. The time in this timestamp is always + The observation start time. The time in this timestamp is always `07:00:00Z`. - type: string format: google-datetime + type: string + description: Represents data observation period. + type: object parameters: - access_token: - description: OAuth access token. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: access_token + name: key schema: type: string - alt: - description: Data format for response. + _.xgafv: + description: V1 error format. in: query - name: alt + name: $.xgafv schema: type: string enum: - - json - - media - - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. + - '1' + - '2' + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: fields + name: quotaUser schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: key + name: uploadType schema: type: string oauth_token: @@ -135,19 +131,22 @@ components: name: oauth_token schema: type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + access_token: + description: OAuth access token. in: query - name: quotaUser + name: access_token schema: type: string upload_protocol: @@ -156,21 +155,22 @@ components: name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + alt: + description: Data format for response. in: query - name: uploadType + name: alt schema: type: string - _.xgafv: - description: V1 error format. + enum: + - json + - media + - proto + callback: + description: JSONP in: query - name: $.xgafv + name: callback schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: activities: id: google.policyanalyzer.activities @@ -194,17 +194,17 @@ components: paths: /v1/projects/{projectsId}/locations/{locationsId}/activityTypes/{activityTypesId}/activities:query: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/callback' get: description: Queries policy activities on Google Cloud resources. operationId: policyanalyzer.projects.locations.activityTypes.activities.query @@ -237,15 +237,15 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: filter + schema: + type: string - in: query name: pageToken schema: @@ -284,6 +284,10 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: filter schema: @@ -293,10 +297,6 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string /v1/folders/{foldersId}/locations/{locationsId}/activityTypes/{activityTypesId}/activities:query: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/policysimulator.yaml b/providers/src/googleapis.com/v00.00.00000/services/policysimulator.yaml index e3290159..dd417350 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/policysimulator.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/policysimulator.yaml @@ -7,8 +7,8 @@ info: title: Policy Simulator API description: ' Policy Simulator is a collection of endpoints for creating, running, and viewing a Replay. A `Replay` is a type of simulation that lets you see how your members'' access to resources might change if you changed your IAM policy. During a `Replay`, Policy Simulator re-evaluates, or replays, past access attempts under both the current policy and your proposed policy, and compares those results to determine how your members'' access might change under the proposed policy.' version: v1 - x-discovery-doc-revision: '20250821' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251204' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/iam/docs/simulating-access servers: @@ -34,108 +34,169 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleLongrunningListOperationsResponse: - id: GoogleLongrunningListOperationsResponse - description: The response message for Operations.ListOperations. + GoogleCloudPolicysimulatorV1BindingExplanation: type: object - properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/GoogleLongrunningOperation' - nextPageToken: - description: The standard List next-page token. - type: string - GoogleLongrunningOperation: - id: GoogleLongrunningOperation description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object + Details about how a binding in a policy affects a principal's ability to + use a permission. properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + role: type: string - metadata: description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + The role that this binding grants. For example, + `roles/compute.serviceAgent`. For a complete list of predefined IAM + roles, as well as the permissions in each role, see + https://cloud.google.com/iam/help/roles/reference. + access: description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + Required. Indicates whether _this binding_ provides the specified + permission to the specified principal for the specified resource. + This field does _not_ indicate whether the principal actually has + the permission for the resource. There might be another binding that + overrides this binding. To determine whether the principal actually + has the permission, use the `access` field in the + TroubleshootIamPolicyResponse. + enum: + - ACCESS_STATE_UNSPECIFIED + - GRANTED + - NOT_GRANTED + - UNKNOWN_CONDITIONAL + - UNKNOWN_INFO_DENIED + enumDescriptions: + - Default value. This value is unused. + - The principal has the permission. + - The principal does not have the permission. + - >- + The principal has the permission only if a condition expression + evaluates to `true`. + - >- + The user who created the Replay does not have access to all of the + policies that Policy Simulator needs to evaluate. + type: string + rolePermission: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/GoogleRpcStatus' - response: + Indicates whether the role granted by this binding contains the + specified permission. + enum: + - ROLE_PERMISSION_UNSPECIFIED + - ROLE_PERMISSION_INCLUDED + - ROLE_PERMISSION_NOT_INCLUDED + - ROLE_PERMISSION_UNKNOWN_INFO_DENIED + type: string + enumDescriptions: + - Default value. This value is unused. + - The permission is included in the role. + - The permission is not included in the role. + - >- + The user who created the Replay is not allowed to access the + binding. + condition: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. + A condition expression that prevents this binding from granting + access unless the expression evaluates to `true`. To learn about IAM + Conditions, see + https://cloud.google.com/iam/docs/conditions-overview. + $ref: '#/components/schemas/GoogleTypeExpr' + rolePermissionRelevance: + enum: + - HEURISTIC_RELEVANCE_UNSPECIFIED + - NORMAL + - HIGH + description: >- + The relevance of the permission's existence, or nonexistence, in the + role to the overall determination for the entire policy. + type: string + enumDescriptions: + - Default value. This value is unused. + - >- + The data point has a limited effect on the result. Changing the + data point is unlikely to affect the overall determination. + - >- + The data point has a strong effect on the result. Changing the + data point is likely to affect the overall determination. + memberships: type: object + description: >- + Indicates whether each principal in the binding includes the + principal specified in the request, either directly or indirectly. + Each key identifies a principal in the binding, and each value + indicates whether the principal in the binding includes the + principal in the request. For example, suppose that a binding + includes the following principals: * `user:alice@example.com` * + `group:product-eng@example.com` The principal in the replayed access + tuple is `user:bob@example.com`. This user is a principal of the + group `group:product-eng@example.com`. For the first principal in + the binding, the key is `user:alice@example.com`, and the + `membership` field in the value is set to `MEMBERSHIP_NOT_INCLUDED`. + For the second principal in the binding, the key is + `group:product-eng@example.com`, and the `membership` field in the + value is set to `MEMBERSHIP_INCLUDED`. additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleRpcStatus: - id: GoogleRpcStatus - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + $ref: >- + #/components/schemas/GoogleCloudPolicysimulatorV1BindingExplanationAnnotatedMembership + relevance: + type: string + enumDescriptions: + - Default value. This value is unused. + - >- + The data point has a limited effect on the result. Changing the + data point is unlikely to affect the overall determination. + - >- + The data point has a strong effect on the result. Changing the + data point is likely to affect the overall determination. + enum: + - HEURISTIC_RELEVANCE_UNSPECIFIED + - NORMAL + - HIGH + description: >- + The relevance of this binding to the overall determination for the + entire policy. + id: GoogleCloudPolicysimulatorV1BindingExplanation + GoogleTypeDate: type: object + id: GoogleTypeDate properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. + year: + type: integer + description: >- + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. + format: int32 + month: type: integer format: int32 - message: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. + day: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. + type: integer + format: int32 + description: >- + Represents a whole or partial calendar date, such as a birthday. The + time of day and time zone are either specified elsewhere or are + insignificant. The date is relative to the Gregorian Calendar. This can + represent one of the following: * A full date, with non-zero year, + month, and day values. * A month and day, with a zero year (for example, + an anniversary). * A year on its own, with a zero month and a zero day. + * A year and month, with a zero day (for example, a credit card + expiration date). Related types: * google.type.TimeOfDay * + google.type.DateTime * google.protobuf.Timestamp GoogleCloudPolicysimulatorV1Replay: id: GoogleCloudPolicysimulatorV1Replay description: A resource describing a `Replay`, or simulation. - type: object properties: + resultsSummary: + $ref: >- + #/components/schemas/GoogleCloudPolicysimulatorV1ReplayResultsSummary + description: Output only. Summary statistics about the replayed log entries. + readOnly: true + config: + $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1ReplayConfig' + description: Required. The configuration used for the `Replay`. name: description: >- Output only. The resource name of the `Replay`, which has the @@ -147,35 +208,117 @@ components: readOnly: true type: string state: - description: Output only. The current state of the `Replay`. - readOnly: true - type: string - enumDescriptions: - - Default value. This value is unused. - - The `Replay` has not started yet. - - The `Replay` is currently running. - - The `Replay` has successfully completed. - - The `Replay` has finished with an error. enum: - STATE_UNSPECIFIED - PENDING - RUNNING - SUCCEEDED - FAILED - config: - description: Required. The configuration used for the `Replay`. - $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1ReplayConfig' - resultsSummary: - description: Output only. Summary statistics about the replayed log entries. + enumDescriptions: + - Default value. This value is unused. + - The `Replay` has not started yet. + - The `Replay` is currently running. + - The `Replay` has successfully completed. + - The `Replay` has finished with an error. readOnly: true - $ref: >- - #/components/schemas/GoogleCloudPolicysimulatorV1ReplayResultsSummary - GoogleCloudPolicysimulatorV1ReplayConfig: - id: GoogleCloudPolicysimulatorV1ReplayConfig - description: The configuration used for a Replay. + description: Output only. The current state of the `Replay`. + type: string + type: object + GoogleCloudOrgpolicyV2CustomConstraint: type: object properties: - policyOverlay: + name: + description: >- + Immutable. Name of the constraint. This is unique within the + organization. Format of the name should be * + `organizations/{organization_id}/customConstraints/{custom_constraint_id}` + Example: + `organizations/123/customConstraints/custom.createOnlyE2TypeVms` The + max length is 70 characters and the minimum length is 1. Note that + the prefix `organizations/{organization_id}/customConstraints/` is + not counted. + type: string + actionType: + enum: + - ACTION_TYPE_UNSPECIFIED + - ALLOW + - DENY + description: Allow or deny type. + type: string + enumDescriptions: + - >- + This is only used for distinguishing unset values and should never + be used. Results in an error. + - Allowed action type. + - Deny action type. + methodTypes: + type: array + items: + enum: + - METHOD_TYPE_UNSPECIFIED + - CREATE + - UPDATE + - DELETE + - REMOVE_GRANT + - GOVERN_TAGS + type: string + enumDescriptions: + - >- + This is only used for distinguishing unset values and should + never be used. Results in an error. + - Constraint applied when creating the resource. + - Constraint applied when updating the resource. + - >- + Constraint applied when deleting the resource. Not currently + supported. + - Constraint applied when removing an IAM grant. + - Constraint applied when enforcing forced tagging. + description: All the operations being applied for this constraint. + displayName: + type: string + description: >- + One line display name for the UI. The max length of the display_name + is 200 characters. + condition: + type: string + description: >- + A Common Expression Language (CEL) condition which is used in the + evaluation of the constraint. For example: + `resource.instanceName.matches("(production|test)_(.+_)?[\d]+")` or, + `resource.management.auto_upgrade == true` The max length of the + condition is 1000 characters. + updateTime: + readOnly: true + format: google-datetime + description: >- + Output only. The last time this custom constraint was updated. This + represents the last time that the `CreateCustomConstraint` or + `UpdateCustomConstraint` methods were called. + type: string + description: + description: >- + Detailed information about this custom policy constraint. The max + length of the description is 2000 characters. + type: string + resourceTypes: + type: array + items: + type: string + description: >- + Immutable. The resource instance type on which this policy applies. + Format will be of the form : `/` Example: * + `compute.googleapis.com/Instance`. + id: GoogleCloudOrgpolicyV2CustomConstraint + description: >- + A custom constraint defined by customers which can *only* be applied to + the given resource types and organization. By creating a custom + constraint, customers can apply policies of this custom constraint. + *Creating a custom constraint itself does NOT apply any policy + enforcement*. + GoogleCloudPolicysimulatorV1ReplayConfig: + properties: + policyOverlay: + type: object description: >- A mapping of the resources that you want to simulate policies for and the policies that you want to simulate. Keys are the full @@ -188,12 +331,9 @@ components: inherited through the resource hierarchy, and any policies set on descendant resources. You do not need to include these policies in the policy overlay. - type: object additionalProperties: $ref: '#/components/schemas/GoogleIamV1Policy' logSource: - description: The logs to use as input for the Replay. - type: string enumDescriptions: - >- An unspecified log source. If the log source is unspecified, the @@ -201,707 +341,689 @@ components: - >- All access logs from the last 90 days. These logs may not include logs from the most recent 7 days. + description: The logs to use as input for the Replay. enum: - LOG_SOURCE_UNSPECIFIED - RECENT_ACCESSES - GoogleIamV1Policy: - id: GoogleIamV1Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + type: string + type: object + id: GoogleCloudPolicysimulatorV1ReplayConfig + description: The configuration used for a Replay. + GoogleCloudPolicysimulatorV1ReplayResult: + description: The result of replaying a single access tuple against a simulated state. + id: GoogleCloudPolicysimulatorV1ReplayResult type: object properties: - version: + error: + $ref: '#/components/schemas/GoogleRpcStatus' description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + The error that caused the access tuple replay to fail. This field is + only included for access tuples that were not replayed successfully. + name: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/GoogleIamV1Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. - type: array - items: - $ref: '#/components/schemas/GoogleIamV1AuditConfig' - etag: + The resource name of the `ReplayResult`, in the following format: + `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}/results/{replay-result-id}`, + where `{resource-id}` is the ID of the project, folder, or + organization that owns the Replay. Example: + `projects/my-example-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36/results/1234` + type: string + accessTuple: description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + The access tuple that was replayed. This field includes information + about the principal, resource, and permission that were involved in + the access attempt. + $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1AccessTuple' + lastSeenDate: + description: The latest date this access tuple was seen in the logs. + $ref: '#/components/schemas/GoogleTypeDate' + parent: type: string - format: byte - GoogleIamV1Binding: - id: GoogleIamV1Binding - description: Associates `members`, or principals, with a `role`. + description: The Replay that the access tuple was included in. + diff: + description: >- + The difference between the principal's access under the current + (baseline) policies and the principal's access under the proposed + (simulated) policies. This field is only included for access tuples + that were successfully replayed and had different results under the + current policies and the proposed policies. + $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1ReplayDiff' + GoogleCloudPolicysimulatorV1betaCreateOrgPolicyViolationsPreviewOperationMetadata: + id: >- + GoogleCloudPolicysimulatorV1betaCreateOrgPolicyViolationsPreviewOperationMetadata + description: >- + CreateOrgPolicyViolationsPreviewOperationMetadata is metadata about an + OrgPolicyViolationsPreview generations operation. type: object properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + resourcesScanned: + description: Number of resources already scanned. + format: int32 + type: integer + state: + description: Output only. The current state of the operation. + type: string + enumDescriptions: + - The state is unspecified. + - The OrgPolicyViolationsPreview has not been created yet. + - The OrgPolicyViolationsPreview is currently being created. + - The OrgPolicyViolationsPreview creation finished successfully. + - The OrgPolicyViolationsPreview creation failed with an error. + enum: + - PREVIEW_STATE_UNSPECIFIED + - PREVIEW_PENDING + - PREVIEW_RUNNING + - PREVIEW_SUCCEEDED + - PREVIEW_FAILED + readOnly: true + requestTime: + description: Time when the request was received. + type: string + format: google-datetime + startTime: + format: google-datetime type: string - members: - description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/GoogleTypeExpr' - GoogleTypeExpr: - id: GoogleTypeExpr + Time when the request started processing, i.e., when the state was + set to RUNNING. + resourcesPending: + format: int32 + description: Number of resources still to scan. + type: integer + resourcesFound: + type: integer + format: int32 + description: >- + Total number of resources that need scanning. Should equal + resource_scanned + resources_pending + GoogleCloudPolicysimulatorV1ReplayDiff: + type: object + id: GoogleCloudPolicysimulatorV1ReplayDiff + properties: + accessDiff: + description: >- + A summary and comparison of the principal's access under the current + (baseline) policies and the proposed (simulated) policies for a + single access tuple. The evaluation of the principal's access is + reported in the AccessState field. + $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1AccessStateDiff' description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + The difference between the results of evaluating an access tuple under + the current (baseline) policies and under the proposed (simulated) + policies. This difference explains how a principal's access could change + if the proposed policies were applied. + GoogleLongrunningOperation: + description: >- + This resource represents a long-running operation that is the result of + a network API call. + id: GoogleLongrunningOperation type: object properties: - expression: + done: + type: boolean description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string - title: + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + name: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string - description: + error: description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/GoogleRpcStatus' + metadata: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - GoogleIamV1AuditConfig: - id: GoogleIamV1AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + response: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + GoogleCloudPolicysimulatorV1betaOrgPolicyViolationsPreview: + id: GoogleCloudPolicysimulatorV1betaOrgPolicyViolationsPreview type: object + description: >- + OrgPolicyViolationsPreview is a resource providing a preview of the + violations that will exist if an OrgPolicy change is made. The list of + violations are modeled as child resources and retrieved via a + ListOrgPolicyViolations API call. There are potentially more + OrgPolicyViolations than could fit in an embedded field. Thus, the use + of a child resource instead of a field. properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. + customConstraints: + readOnly: true type: array items: - $ref: '#/components/schemas/GoogleIamV1AuditLogConfig' - GoogleIamV1AuditLogConfig: - id: GoogleIamV1AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - type: object - properties: - logType: - description: The log type that this config enables. + type: string + description: >- + Output only. The names of the constraints against which all + `OrgPolicyViolations` were evaluated. If `OrgPolicyOverlay` only + contains `PolicyOverlay` then it contains the name of the configured + custom constraint, applicable to the specified policies. Otherwise + it contains the name of the constraint specified in + `CustomConstraintOverlay`. Format: + `organizations/{organization_id}/customConstraints/{custom_constraint_id}` + Example: + `organizations/123/customConstraints/custom.createOnlyE2TypeVms` + createTime: + type: string + readOnly: true + description: >- + Output only. Time when this `OrgPolicyViolationsPreview` was + created. + format: google-datetime + overlay: + $ref: >- + #/components/schemas/GoogleCloudPolicysimulatorV1betaOrgPolicyOverlay + description: Required. The proposed changes we are previewing violations for. + name: + description: >- + Output only. The resource name of the `OrgPolicyViolationsPreview`. + It has the following format: + `organizations/{organization}/locations/{location}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreview}` + Example: + `organizations/my-example-org/locations/global/orgPolicyViolationsPreviews/506a5f7f` type: string + readOnly: true + resourceCounts: + $ref: >- + #/components/schemas/GoogleCloudPolicysimulatorV1betaOrgPolicyViolationsPreviewResourceCounts + readOnly: true + description: >- + Output only. A summary of the state of all resources scanned for + compliance with the changed OrgPolicy. + state: + type: string + description: Output only. The state of the `OrgPolicyViolationsPreview`. enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' + - The state is unspecified. + - The OrgPolicyViolationsPreview has not been created yet. + - The OrgPolicyViolationsPreview is currently being created. + - The OrgPolicyViolationsPreview creation finished successfully. + - The OrgPolicyViolationsPreview creation failed with an error. + readOnly: true enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: + - PREVIEW_STATE_UNSPECIFIED + - PREVIEW_PENDING + - PREVIEW_RUNNING + - PREVIEW_SUCCEEDED + - PREVIEW_FAILED + violationsCount: + type: integer + readOnly: true + format: int32 description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: - type: string + Output only. The number of OrgPolicyViolations in this + `OrgPolicyViolationsPreview`. This count may differ from + `resource_summary.noncompliant_count` because each + OrgPolicyViolation is specific to a resource **and** constraint. If + there are multiple constraints being evaluated (i.e. multiple + policies in the overlay), a single resource may violate multiple + constraints. GoogleCloudPolicysimulatorV1ReplayResultsSummary: - id: GoogleCloudPolicysimulatorV1ReplayResultsSummary - description: Summary statistics about the replayed log entries. type: object + description: Summary statistics about the replayed log entries. + id: GoogleCloudPolicysimulatorV1ReplayResultsSummary properties: - logCount: - description: The total number of log entries replayed. - type: integer + differenceCount: format: int32 - unchangedCount: - description: >- - The number of replayed log entries with no difference between - baseline and simulated policies. type: integer - format: int32 - differenceCount: description: >- The number of replayed log entries with a difference between baseline and simulated policies. + oldestDate: + description: The date of the oldest log entry replayed. + $ref: '#/components/schemas/GoogleTypeDate' + errorCount: type: integer format: int32 - errorCount: description: The number of log entries that could not be replayed. - type: integer + logCount: format: int32 - oldestDate: - description: The date of the oldest log entry replayed. - $ref: '#/components/schemas/GoogleTypeDate' + description: The total number of log entries replayed. + type: integer newestDate: description: The date of the newest log entry replayed. $ref: '#/components/schemas/GoogleTypeDate' - GoogleTypeDate: - id: GoogleTypeDate + unchangedCount: + type: integer + format: int32 + description: >- + The number of replayed log entries with no difference between + baseline and simulated policies. + GoogleCloudOrgpolicyV2PolicySpec: + id: GoogleCloudOrgpolicyV2PolicySpec description: >- - Represents a whole or partial calendar date, such as a birthday. The - time of day and time zone are either specified elsewhere or are - insignificant. The date is relative to the Gregorian Calendar. This can - represent one of the following: * A full date, with non-zero year, - month, and day values. * A month and day, with a zero year (for example, - an anniversary). * A year on its own, with a zero month and a zero day. - * A year and month, with a zero day (for example, a credit card - expiration date). Related types: * google.type.TimeOfDay * - google.type.DateTime * google.protobuf.Timestamp - type: object + Defines a Google Cloud policy specification which is used to specify + constraints for configurations of Google Cloud resources. properties: - year: + rules: + type: array + items: + $ref: '#/components/schemas/GoogleCloudOrgpolicyV2PolicySpecPolicyRule' description: >- - Year of the date. Must be from 1 to 9999, or 0 to specify a date - without a year. - type: integer - format: int32 - month: + In policies for boolean constraints, the following requirements + apply: - There must be one and only one policy rule where condition + is unset. - Boolean policy rules with conditions must set `enforced` + to the opposite of the policy rule without a condition. - During + policy evaluation, policy rules with conditions that are true for a + target resource take precedence. + updateTime: + format: google-datetime + readOnly: true description: >- - Month of a year. Must be from 1 to 12, or 0 to specify a year - without a month and day. - type: integer - format: int32 - day: + Output only. The time stamp this was previously updated. This + represents the last time a call to `CreatePolicy` or `UpdatePolicy` + was made for that policy. + type: string + reset: + type: boolean description: >- - Day of a month. Must be from 1 to 31 and valid for the year and - month, or 0 to specify a year by itself or a year and month where - the day isn't significant. - type: integer - format: int32 - GoogleCloudPolicysimulatorV1ListReplayResultsResponse: - id: GoogleCloudPolicysimulatorV1ListReplayResultsResponse - description: Response message for Simulator.ListReplayResults. + Ignores policies set above this resource and restores the + `constraint_default` enforcement behavior of the specific constraint + at this resource. This field can be set in policies for either list + or boolean constraints. If set, `rules` must be empty and + `inherit_from_parent` must be set to false. + inheritFromParent: + type: boolean + description: >- + Determines the inheritance behavior for this policy. If + `inherit_from_parent` is true, policy rules set higher up in the + hierarchy (up to the closest root) are inherited and present in the + effective policy. If it is false, then no rules are inherited, and + this policy becomes the new root for evaluation. This field can be + set only for policies which configure list constraints. + etag: + description: >- + An opaque tag indicating the current version of the policySpec, used + for concurrency control. This field is ignored if used in a + `CreatePolicy` request. When the policy is returned from either a + `GetPolicy` or a `ListPolicies` request, this `etag` indicates the + version of the current policySpec to use when executing a + read-modify-write loop. When the policy is returned from a + `GetEffectivePolicy` request, the `etag` will be unset. + type: string + type: object + GoogleCloudPolicysimulatorV1ReplayOperationMetadata: + id: GoogleCloudPolicysimulatorV1ReplayOperationMetadata type: object properties: - replayResults: - description: The results of running a Replay. + startTime: + type: string + format: google-datetime + description: Time when the request was received. + description: Metadata about a Replay operation. + GoogleCloudOrgpolicyV2Policy: + description: >- + Defines an organization policy which is used to specify constraints for + configurations of Google Cloud resources. + id: GoogleCloudOrgpolicyV2Policy + type: object + properties: + spec: + $ref: '#/components/schemas/GoogleCloudOrgpolicyV2PolicySpec' + description: Basic information about the organization policy. + alternate: + description: Deprecated. + $ref: '#/components/schemas/GoogleCloudOrgpolicyV2AlternatePolicySpec' + deprecated: true + dryRunSpec: + $ref: '#/components/schemas/GoogleCloudOrgpolicyV2PolicySpec' + description: >- + Dry-run policy. Audit-only policy, can be used to monitor how the + policy would have impacted the existing and future resources if it's + enforced. + name: + description: >- + Immutable. The resource name of the policy. Must be one of the + following forms, where `constraint_name` is the name of the + constraint which this policy configures: * + `projects/{project_number}/policies/{constraint_name}` * + `folders/{folder_id}/policies/{constraint_name}` * + `organizations/{organization_id}/policies/{constraint_name}` For + example, `projects/123/policies/compute.disableSerialPortAccess`. + Note: `projects/{project_id}/policies/{constraint_name}` is also an + acceptable name for API requests, but responses will return the name + using the equivalent project number. + type: string + etag: + description: >- + Optional. An opaque tag indicating the current state of the policy, + used for concurrency control. This 'etag' is computed by the server + based on the value of other fields, and may be sent on update and + delete requests to ensure the client has an up-to-date value before + proceeding. + type: string + GoogleCloudPolicysimulatorV1betaOrgPolicyOverlay: + id: GoogleCloudPolicysimulatorV1betaOrgPolicyOverlay + properties: + policies: type: array + description: >- + Optional. The OrgPolicy changes to preview violations for. Any + existing OrgPolicies with the same name will be overridden in the + simulation. That is, violations will be determined as if all + policies in the overlay were created or updated. items: - $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1ReplayResult' - nextPageToken: + $ref: >- + #/components/schemas/GoogleCloudPolicysimulatorV1betaOrgPolicyOverlayPolicyOverlay + customConstraints: + items: + $ref: >- + #/components/schemas/GoogleCloudPolicysimulatorV1betaOrgPolicyOverlayCustomConstraintOverlay description: >- - A token that you can use to retrieve the next page of ReplayResult - objects. If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudPolicysimulatorV1ReplayResult: - id: GoogleCloudPolicysimulatorV1ReplayResult - description: The result of replaying a single access tuple against a simulated state. + Optional. The OrgPolicy CustomConstraint changes to preview + violations for. Any existing CustomConstraints with the same name + will be overridden in the simulation. That is, violations will be + determined as if all custom constraints in the overlay were + instantiated. Only a single custom_constraint is supported in the + overlay at a time. For evaluating multiple constraints, multiple + `GenerateOrgPolicyViolationsPreview` requests are made, where each + request evaluates a single constraint. + type: array type: object + description: The proposed changes to OrgPolicy. + GoogleTypeExpr: + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + id: GoogleTypeExpr properties: - diff: + expression: + type: string description: >- - The difference between the principal's access under the current - (baseline) policies and the principal's access under the proposed - (simulated) policies. This field is only included for access tuples - that were successfully replayed and had different results under the - current policies and the proposed policies. - $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1ReplayDiff' - error: + Textual representation of an expression in Common Expression + Language syntax. + title: description: >- - The error that caused the access tuple replay to fail. This field is - only included for access tuples that were not replayed successfully. - $ref: '#/components/schemas/GoogleRpcStatus' - name: + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + type: string + location: description: >- - The resource name of the `ReplayResult`, in the following format: - `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}/results/{replay-result-id}`, - where `{resource-id}` is the ID of the project, folder, or - organization that owns the Replay. Example: - `projects/my-example-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36/results/1234` + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. type: string - parent: - description: The Replay that the access tuple was included in. + description: type: string - accessTuple: description: >- - The access tuple that was replayed. This field includes information - about the principal, resource, and permission that were involved in - the access attempt. - $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1AccessTuple' - lastSeenDate: - description: The latest date this access tuple was seen in the logs. - $ref: '#/components/schemas/GoogleTypeDate' - GoogleCloudPolicysimulatorV1ReplayDiff: - id: GoogleCloudPolicysimulatorV1ReplayDiff - description: >- - The difference between the results of evaluating an access tuple under - the current (baseline) policies and under the proposed (simulated) - policies. This difference explains how a principal's access could change - if the proposed policies were applied. + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: object + GoogleCloudOrgpolicyV2PolicySpecPolicyRuleStringValues: type: object + description: >- + A message that holds specific allowed and denied values. This message + can define specific values and subtrees of the Resource Manager resource + hierarchy (`Organizations`, `Folders`, `Projects`) that are allowed or + denied. This is achieved by using the `under:` and optional `is:` + prefixes. The `under:` prefix is used to denote resource subtree values. + The `is:` prefix is used to denote specific values, and is required only + if the value contains a ":". Values prefixed with "is:" are treated the + same as values with no prefix. Ancestry subtrees must be in one of the + following formats: - `projects/` (for example, + `projects/tokyo-rain-123`) - `folders/` (for example, `folders/1234`) - + `organizations/` (for example, `organizations/1234`) The + `supports_under` field of the associated `Constraint` defines whether + ancestry prefixes can be used. properties: - accessDiff: - description: >- - A summary and comparison of the principal's access under the current - (baseline) policies and the proposed (simulated) policies for a - single access tuple. The evaluation of the principal's access is - reported in the AccessState field. - $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1AccessStateDiff' - GoogleCloudPolicysimulatorV1AccessStateDiff: - id: GoogleCloudPolicysimulatorV1AccessStateDiff + allowedValues: + type: array + items: + type: string + description: List of values allowed at this resource. + deniedValues: + items: + type: string + type: array + description: List of values denied at this resource. + id: GoogleCloudOrgpolicyV2PolicySpecPolicyRuleStringValues + GoogleCloudPolicysimulatorV1OrgPolicyViolation: description: >- - A summary and comparison of the principal's access under the current - (baseline) policies and the proposed (simulated) policies for a single - access tuple. + OrgPolicyViolation is a resource representing a single resource + violating a single OrgPolicy constraint. type: object properties: - baseline: - description: >- - The results of evaluating the access tuple under the current - (baseline) policies. If the AccessState couldn't be fully evaluated, - this field explains why. - $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1ExplainedAccess' - simulated: - description: >- - The results of evaluating the access tuple under the proposed - (simulated) policies. If the AccessState couldn't be fully - evaluated, this field explains why. - $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1ExplainedAccess' - accessChange: + name: description: >- - How the principal's access, specified in the AccessState field, - changed between the current (baseline) policies and proposed - (simulated) policies. + The name of the `OrgPolicyViolation`. Example: + organizations/my-example-org/locations/global/orgPolicyViolationsPreviews/506a5f7f/orgPolicyViolations/38ce` type: string - enumDescriptions: - - Default value. This value is unused. - - >- - The principal's access did not change. This includes the case - where both baseline and simulated are UNKNOWN, but the unknown - information is equivalent. - - >- - The principal's access under both the current policies and the - proposed policies is `UNKNOWN`, but the unknown information - differs between them. - - >- - The principal had access under the current policies (`GRANTED`), - but will no longer have access after the proposed changes - (`NOT_GRANTED`). - - >- - The principal did not have access under the current policies - (`NOT_GRANTED`), but will have access after the proposed changes - (`GRANTED`). - - >- - This result can occur for the following reasons: * The principal - had access under the current policies (`GRANTED`), but their - access after the proposed changes is `UNKNOWN`. * The principal's - access under the current policies is `UNKNOWN`, but they will not - have access after the proposed changes (`NOT_GRANTED`). - - >- - This result can occur for the following reasons: * The principal - did not have access under the current policies (`NOT_GRANTED`), - but their access after the proposed changes is `UNKNOWN`. * The - principal's access under the current policies is `UNKNOWN`, but - they will have access after the proposed changes (`GRANTED`). - enum: - - ACCESS_CHANGE_TYPE_UNSPECIFIED - - NO_CHANGE - - UNKNOWN_CHANGE - - ACCESS_REVOKED - - ACCESS_GAINED - - ACCESS_MAYBE_REVOKED - - ACCESS_MAYBE_GAINED - GoogleCloudPolicysimulatorV1ExplainedAccess: - id: GoogleCloudPolicysimulatorV1ExplainedAccess + customConstraint: + $ref: '#/components/schemas/GoogleCloudOrgpolicyV2CustomConstraint' + description: The custom constraint being violated. + resource: + description: The resource violating the constraint. + $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1ResourceContext' + error: + description: Any error encountered during the evaluation. + $ref: '#/components/schemas/GoogleRpcStatus' + id: GoogleCloudPolicysimulatorV1OrgPolicyViolation + GoogleCloudPolicysimulatorV1ListOrgPolicyViolationsPreviewsResponse: description: >- - Details about how a set of policies, listed in ExplainedPolicy, resulted - in a certain AccessState when replaying an access tuple. + ListOrgPolicyViolationsPreviewsResponse is the response message for + OrgPolicyViolationsPreviewService.ListOrgPolicyViolationsPreviews. type: object + id: GoogleCloudPolicysimulatorV1ListOrgPolicyViolationsPreviewsResponse properties: - accessState: + orgPolicyViolationsPreviews: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudPolicysimulatorV1OrgPolicyViolationsPreview + description: The list of OrgPolicyViolationsPreview + nextPageToken: description: >- - Whether the principal in the access tuple has permission to access - the resource in the access tuple under the given policies. + A token that you can use to retrieve the next page of results. If + this field is omitted, there are no subsequent pages. type: string - enumDescriptions: - - Default value. This value is unused. - - The principal has the permission. - - The principal does not have the permission. - - >- - The principal has the permission only if a condition expression - evaluates to `true`. - - >- - The user who created the Replay does not have access to all of the - policies that Policy Simulator needs to evaluate. - enum: - - ACCESS_STATE_UNSPECIFIED - - GRANTED - - NOT_GRANTED - - UNKNOWN_CONDITIONAL - - UNKNOWN_INFO_DENIED - policies: - description: >- - If the AccessState is `UNKNOWN`, this field contains the policies - that led to that result. If the `AccessState` is `GRANTED` or - `NOT_GRANTED`, this field is omitted. - type: array + GoogleIamV1AuditLogConfig: + properties: + logType: + type: string + description: The log type that this config enables. + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + exemptedMembers: items: - $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1ExplainedPolicy' - errors: - description: >- - If the AccessState is `UNKNOWN`, this field contains a list of - errors explaining why the result is `UNKNOWN`. If the `AccessState` - is `GRANTED` or `NOT_GRANTED`, this field is omitted. + type: string type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudPolicysimulatorV1ExplainedPolicy: - id: GoogleCloudPolicysimulatorV1ExplainedPolicy - description: Details about how a specific IAM Policy contributed to the access check. + description: >- + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + id: GoogleIamV1AuditLogConfig + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. type: object + GoogleCloudPolicysimulatorV1OrgPolicyOverlayCustomConstraintOverlay: + id: GoogleCloudPolicysimulatorV1OrgPolicyOverlayCustomConstraintOverlay + type: object + description: A change to an OrgPolicy custom constraint. properties: - access: + customConstraint: + $ref: '#/components/schemas/GoogleCloudOrgpolicyV2CustomConstraint' + description: Optional. The new or updated custom constraint. + customConstraintParent: description: >- - Indicates whether _this policy_ provides the specified permission to - the specified principal for the specified resource. This field does - _not_ indicate whether the principal actually has the permission for - the resource. There might be another policy that overrides this - policy. To determine whether the principal actually has the - permission, use the `access` field in the - TroubleshootIamPolicyResponse. + Optional. Resource the constraint is attached to. Example: + "organization/987654" type: string - enumDescriptions: - - Default value. This value is unused. - - The principal has the permission. - - The principal does not have the permission. - - >- - The principal has the permission only if a condition expression - evaluates to `true`. - - >- - The user who created the Replay does not have access to all of the - policies that Policy Simulator needs to evaluate. - enum: - - ACCESS_STATE_UNSPECIFIED - - GRANTED - - NOT_GRANTED - - UNKNOWN_CONDITIONAL - - UNKNOWN_INFO_DENIED - fullResourceName: + GoogleCloudPolicysimulatorV1ResourceContext: + properties: + resource: description: >- - The full resource name that identifies the resource. For example, - `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`. - If the user who created the Replay does not have access to the - policy, this field is omitted. For examples of full resource names - for Google Cloud services, see - https://cloud.google.com/iam/help/troubleshooter/full-resource-names. + The full name of the resource. Example: + `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1` + See [Resource + names](https://cloud.google.com/apis/design/resource_names#full_resource_name) + for more information. type: string - policy: - description: >- - The IAM policy attached to the resource. If the user who created the - Replay does not have access to the policy, this field is empty. - $ref: '#/components/schemas/GoogleIamV1Policy' - bindingExplanations: + assetType: description: >- - Details about how each binding in the policy affects the principal's - ability, or inability, to use the permission for the resource. If - the user who created the Replay does not have access to the policy, - this field is omitted. - type: array + The asset type of the resource as defined by CAIS. Example: + `compute.googleapis.com/Firewall` See [Supported asset + types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) + for more information. + type: string + ancestors: items: - $ref: >- - #/components/schemas/GoogleCloudPolicysimulatorV1BindingExplanation - relevance: + type: string description: >- - The relevance of this policy to the overall determination in the - TroubleshootIamPolicyResponse. If the user who created the Replay - does not have access to the policy, this field is omitted. - type: string - enumDescriptions: - - Default value. This value is unused. - - >- - The data point has a limited effect on the result. Changing the - data point is unlikely to affect the overall determination. - - >- - The data point has a strong effect on the result. Changing the - data point is likely to affect the overall determination. - enum: - - HEURISTIC_RELEVANCE_UNSPECIFIED - - NORMAL - - HIGH - GoogleCloudPolicysimulatorV1BindingExplanation: - id: GoogleCloudPolicysimulatorV1BindingExplanation + The ancestry path of the resource in Google Cloud [resource + hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), + represented as a list of relative resource names. An ancestry path + starts with the closest ancestor in the hierarchy and ends at root. + If the resource is a project, folder, or organization, the ancestry + path starts from the resource itself. Example: + `["projects/123456789", "folders/5432", "organizations/1234"]` + type: array + id: GoogleCloudPolicysimulatorV1ResourceContext description: >- - Details about how a binding in a policy affects a principal's ability to - use a permission. + ResourceContext provides the context we know about a resource. It is + similar in concept to google.cloud.asset.v1.Resource, but focuses on the + information specifically used by Simulator. type: object + GoogleCloudPolicysimulatorV1OrgPolicyViolationsPreview: + id: GoogleCloudPolicysimulatorV1OrgPolicyViolationsPreview properties: - access: + overlay: + $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1OrgPolicyOverlay' + description: Required. The proposed changes we are previewing violations for. + customConstraints: description: >- - Required. Indicates whether _this binding_ provides the specified - permission to the specified principal for the specified resource. - This field does _not_ indicate whether the principal actually has - the permission for the resource. There might be another binding that - overrides this binding. To determine whether the principal actually - has the permission, use the `access` field in the - TroubleshootIamPolicyResponse. + Output only. The names of the constraints against which all + `OrgPolicyViolations` were evaluated. If `OrgPolicyOverlay` only + contains `PolicyOverlay` then it contains the name of the configured + custom constraint, applicable to the specified policies. Otherwise + it contains the name of the constraint specified in + `CustomConstraintOverlay`. Format: + `organizations/{organization_id}/customConstraints/{custom_constraint_id}` + Example: + `organizations/123/customConstraints/custom.createOnlyE2TypeVms` + items: + type: string + type: array + readOnly: true + createTime: + readOnly: true + description: >- + Output only. Time when this `OrgPolicyViolationsPreview` was + created. type: string - enumDescriptions: - - Default value. This value is unused. - - The principal has the permission. - - The principal does not have the permission. - - >- - The principal has the permission only if a condition expression - evaluates to `true`. - - >- - The user who created the Replay does not have access to all of the - policies that Policy Simulator needs to evaluate. - enum: - - ACCESS_STATE_UNSPECIFIED - - GRANTED - - NOT_GRANTED - - UNKNOWN_CONDITIONAL - - UNKNOWN_INFO_DENIED - role: + format: google-datetime + resourceCounts: + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudPolicysimulatorV1OrgPolicyViolationsPreviewResourceCounts description: >- - The role that this binding grants. For example, - `roles/compute.serviceAgent`. For a complete list of predefined IAM - roles, as well as the permissions in each role, see - https://cloud.google.com/iam/help/roles/reference. + Output only. A summary of the state of all resources scanned for + compliance with the changed OrgPolicy. + violationsCount: + type: integer + readOnly: true + format: int32 + description: >- + Output only. The number of OrgPolicyViolations in this + `OrgPolicyViolationsPreview`. This count may differ from + `resource_summary.noncompliant_count` because each + OrgPolicyViolation is specific to a resource **and** constraint. If + there are multiple constraints being evaluated (i.e. multiple + policies in the overlay), a single resource may violate multiple + constraints. + name: + readOnly: true type: string - rolePermission: description: >- - Indicates whether the role granted by this binding contains the - specified permission. + Output only. The resource name of the `OrgPolicyViolationsPreview`. + It has the following format: + `organizations/{organization}/locations/{location}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreview}` + Example: + `organizations/my-example-org/locations/global/orgPolicyViolationsPreviews/506a5f7f` + state: type: string - enumDescriptions: - - Default value. This value is unused. - - The permission is included in the role. - - The permission is not included in the role. - - >- - The user who created the Replay is not allowed to access the - binding. enum: - - ROLE_PERMISSION_UNSPECIFIED - - ROLE_PERMISSION_INCLUDED - - ROLE_PERMISSION_NOT_INCLUDED - - ROLE_PERMISSION_UNKNOWN_INFO_DENIED - rolePermissionRelevance: + - PREVIEW_STATE_UNSPECIFIED + - PREVIEW_PENDING + - PREVIEW_RUNNING + - PREVIEW_SUCCEEDED + - PREVIEW_FAILED + enumDescriptions: + - The state is unspecified. + - The OrgPolicyViolationsPreview has not been created yet. + - The OrgPolicyViolationsPreview is currently being created. + - The OrgPolicyViolationsPreview creation finished successfully. + - The OrgPolicyViolationsPreview creation failed with an error. + readOnly: true + description: Output only. The state of the `OrgPolicyViolationsPreview`. + description: >- + OrgPolicyViolationsPreview is a resource providing a preview of the + violations that will exist if an OrgPolicy change is made. The list of + violations are modeled as child resources and retrieved via a + ListOrgPolicyViolations API call. There are potentially more + OrgPolicyViolations than could fit in an embedded field. Thus, the use + of a child resource instead of a field. + type: object + GoogleCloudPolicysimulatorV1BindingExplanationAnnotatedMembership: + id: GoogleCloudPolicysimulatorV1BindingExplanationAnnotatedMembership + description: Details about whether the binding includes the principal. + properties: + relevance: description: >- - The relevance of the permission's existence, or nonexistence, in the - role to the overall determination for the entire policy. - type: string - enumDescriptions: - - Default value. This value is unused. - - >- - The data point has a limited effect on the result. Changing the - data point is unlikely to affect the overall determination. - - >- - The data point has a strong effect on the result. Changing the - data point is likely to affect the overall determination. + The relevance of the principal's status to the overall determination + for the binding. enum: - HEURISTIC_RELEVANCE_UNSPECIFIED - NORMAL - HIGH - memberships: - description: >- - Indicates whether each principal in the binding includes the - principal specified in the request, either directly or indirectly. - Each key identifies a principal in the binding, and each value - indicates whether the principal in the binding includes the - principal in the request. For example, suppose that a binding - includes the following principals: * `user:alice@example.com` * - `group:product-eng@example.com` The principal in the replayed access - tuple is `user:bob@example.com`. This user is a principal of the - group `group:product-eng@example.com`. For the first principal in - the binding, the key is `user:alice@example.com`, and the - `membership` field in the value is set to `MEMBERSHIP_NOT_INCLUDED`. - For the second principal in the binding, the key is - `group:product-eng@example.com`, and the `membership` field in the - value is set to `MEMBERSHIP_INCLUDED`. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudPolicysimulatorV1BindingExplanationAnnotatedMembership - relevance: - description: >- - The relevance of this binding to the overall determination for the - entire policy. type: string enumDescriptions: - Default value. This value is unused. @@ -911,25 +1033,13 @@ components: - >- The data point has a strong effect on the result. Changing the data point is likely to affect the overall determination. - enum: - - HEURISTIC_RELEVANCE_UNSPECIFIED - - NORMAL - - HIGH - condition: - description: >- - A condition expression that prevents this binding from granting - access unless the expression evaluates to `true`. To learn about IAM - Conditions, see - https://cloud.google.com/iam/docs/conditions-overview. - $ref: '#/components/schemas/GoogleTypeExpr' - GoogleCloudPolicysimulatorV1BindingExplanationAnnotatedMembership: - id: GoogleCloudPolicysimulatorV1BindingExplanationAnnotatedMembership - description: Details about whether the binding includes the principal. - type: object - properties: membership: - description: Indicates whether the binding includes the principal. - type: string + enum: + - MEMBERSHIP_UNSPECIFIED + - MEMBERSHIP_INCLUDED + - MEMBERSHIP_NOT_INCLUDED + - MEMBERSHIP_UNKNOWN_INFO_DENIED + - MEMBERSHIP_UNKNOWN_UNSUPPORTED enumDescriptions: - Default value. This value is unused. - >- @@ -945,173 +1055,202 @@ components: - >- The principal is an unsupported type. Only Google Accounts and service accounts are supported. - enum: - - MEMBERSHIP_UNSPECIFIED - - MEMBERSHIP_INCLUDED - - MEMBERSHIP_NOT_INCLUDED - - MEMBERSHIP_UNKNOWN_INFO_DENIED - - MEMBERSHIP_UNKNOWN_UNSUPPORTED - relevance: - description: >- - The relevance of the principal's status to the overall determination - for the binding. + description: Indicates whether the binding includes the principal. type: string - enumDescriptions: - - Default value. This value is unused. - - >- - The data point has a limited effect on the result. Changing the - data point is unlikely to affect the overall determination. - - >- - The data point has a strong effect on the result. Changing the - data point is likely to affect the overall determination. - enum: - - HEURISTIC_RELEVANCE_UNSPECIFIED - - NORMAL - - HIGH + type: object GoogleCloudPolicysimulatorV1AccessTuple: - id: GoogleCloudPolicysimulatorV1AccessTuple description: Information about the principal, resource, and permission to check. type: object properties: - principal: - description: >- - Required. The principal whose access you want to check, in the form - of the email address that represents that principal. For example, - `alice@example.com` or - `my-service-account@my-project.iam.gserviceaccount.com`. The - principal must be a Google Account or a service account. Other types - of principals are not supported. + permission: type: string + description: >- + Required. The IAM permission to check for the specified principal + and resource. For a complete list of IAM permissions, see + https://cloud.google.com/iam/help/permissions/reference. For a + complete list of predefined IAM roles and the permissions in each + role, see https://cloud.google.com/iam/help/roles/reference. fullResourceName: + type: string description: >- Required. The full resource name that identifies the resource. For example, `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`. For examples of full resource names for Google Cloud services, see https://cloud.google.com/iam/help/troubleshooter/full-resource-names. + principal: type: string - permission: description: >- - Required. The IAM permission to check for the specified principal - and resource. For a complete list of IAM permissions, see - https://cloud.google.com/iam/help/permissions/reference. For a - complete list of predefined IAM roles and the permissions in each - role, see https://cloud.google.com/iam/help/roles/reference. - type: string - GoogleCloudPolicysimulatorV1ListOrgPolicyViolationsPreviewsResponse: - id: GoogleCloudPolicysimulatorV1ListOrgPolicyViolationsPreviewsResponse + Required. The principal whose access you want to check, in the form + of the email address that represents that principal. For example, + `alice@example.com` or + `my-service-account@my-project.iam.gserviceaccount.com`. The + principal must be a Google Account or a service account. Other types + of principals are not supported. + id: GoogleCloudPolicysimulatorV1AccessTuple + GoogleCloudPolicysimulatorV1ListOrgPolicyViolationsResponse: description: >- - ListOrgPolicyViolationsPreviewsResponse is the response message for - OrgPolicyViolationsPreviewService.ListOrgPolicyViolationsPreviews. - type: object + ListOrgPolicyViolationsResponse is the response message for + OrgPolicyViolationsPreviewService.ListOrgPolicyViolations + id: GoogleCloudPolicysimulatorV1ListOrgPolicyViolationsResponse properties: - orgPolicyViolationsPreviews: - description: The list of OrgPolicyViolationsPreview + orgPolicyViolations: + description: The list of OrgPolicyViolations type: array items: $ref: >- - #/components/schemas/GoogleCloudPolicysimulatorV1OrgPolicyViolationsPreview + #/components/schemas/GoogleCloudPolicysimulatorV1OrgPolicyViolation nextPageToken: description: >- A token that you can use to retrieve the next page of results. If this field is omitted, there are no subsequent pages. type: string - GoogleCloudPolicysimulatorV1OrgPolicyViolationsPreview: - id: GoogleCloudPolicysimulatorV1OrgPolicyViolationsPreview - description: >- - OrgPolicyViolationsPreview is a resource providing a preview of the - violations that will exist if an OrgPolicy change is made. The list of - violations are modeled as child resources and retrieved via a - ListOrgPolicyViolations API call. There are potentially more - OrgPolicyViolations than could fit in an embedded field. Thus, the use - of a child resource instead of a field. type: object + GoogleCloudPolicysimulatorV1betaOrgPolicyViolationsPreviewResourceCounts: + type: object + id: GoogleCloudPolicysimulatorV1betaOrgPolicyViolationsPreviewResourceCounts + description: >- + A summary of the state of all resources scanned for compliance with the + changed OrgPolicy. properties: - name: + unenforced: description: >- - Output only. The resource name of the `OrgPolicyViolationsPreview`. - It has the following format: - `organizations/{organization}/locations/{location}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreview}` - Example: - `organizations/my-example-org/locations/global/orgPolicyViolationsPreviews/506a5f7f` + Output only. Number of resources where the constraint was not + enforced, i.e. the Policy set `enforced: false` for that resource. readOnly: true - type: string - state: - description: Output only. The state of the `OrgPolicyViolationsPreview`. + format: int32 + type: integer + noncompliant: + type: integer readOnly: true - type: string - enumDescriptions: - - The state is unspecified. - - The OrgPolicyViolationsPreview has not been created yet. - - The OrgPolicyViolationsPreview is currently being created. - - The OrgPolicyViolationsPreview creation finished successfully. - - The OrgPolicyViolationsPreview creation failed with an error. - enum: - - PREVIEW_STATE_UNSPECIFIED - - PREVIEW_PENDING - - PREVIEW_RUNNING - - PREVIEW_SUCCEEDED - - PREVIEW_FAILED - overlay: - description: Required. The proposed changes we are previewing violations for. - $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1OrgPolicyOverlay' - violationsCount: + format: int32 description: >- - Output only. The number of OrgPolicyViolations in this - `OrgPolicyViolationsPreview`. This count may differ from - `resource_summary.noncompliant_count` because each - OrgPolicyViolation is specific to a resource **and** constraint. If - there are multiple constraints being evaluated (i.e. multiple - policies in the overlay), a single resource may violate multiple - constraints. - readOnly: true + Output only. Number of scanned resources with at least one + violation. + compliant: type: integer + readOnly: true format: int32 - resourceCounts: + description: Output only. Number of scanned resources with zero violations. + scanned: description: >- - Output only. A summary of the state of all resources scanned for - compliance with the changed OrgPolicy. + Output only. Number of resources checked for compliance. Must equal: + unenforced + noncompliant + compliant + error + format: int32 readOnly: true - $ref: >- - #/components/schemas/GoogleCloudPolicysimulatorV1OrgPolicyViolationsPreviewResourceCounts - customConstraints: + type: integer + errors: description: >- - Output only. The names of the constraints against which all - `OrgPolicyViolations` were evaluated. If `OrgPolicyOverlay` only - contains `PolicyOverlay` then it contains the name of the configured - custom constraint, applicable to the specified policies. Otherwise - it contains the name of the constraint specified in - `CustomConstraintOverlay`. Format: - `organizations/{organization_id}/customConstraints/{custom_constraint_id}` - Example: - `organizations/123/customConstraints/custom.createOnlyE2TypeVms` + Output only. Number of resources that returned an error when + scanned. + format: int32 + type: integer readOnly: true + GoogleIamV1Binding: + properties: + role: + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + type: string + condition: + $ref: '#/components/schemas/GoogleTypeExpr' + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + members: + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. type: array items: type: string - createTime: - description: >- - Output only. Time when this `OrgPolicyViolationsPreview` was - created. - readOnly: true - type: string - format: google-datetime - GoogleCloudPolicysimulatorV1OrgPolicyOverlay: - id: GoogleCloudPolicysimulatorV1OrgPolicyOverlay - description: The proposed changes to OrgPolicy. + description: Associates `members`, or principals, with a `role`. type: object + id: GoogleIamV1Binding + GoogleCloudPolicysimulatorV1OrgPolicyOverlay: properties: policies: + type: array description: >- Optional. The OrgPolicy changes to preview violations for. Any existing OrgPolicies with the same name will be overridden in the simulation. That is, violations will be determined as if all policies in the overlay were created or updated. - type: array items: $ref: >- #/components/schemas/GoogleCloudPolicysimulatorV1OrgPolicyOverlayPolicyOverlay customConstraints: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudPolicysimulatorV1OrgPolicyOverlayCustomConstraintOverlay description: >- Optional. The OrgPolicy CustomConstraint changes to preview violations for. Any existing CustomConstraints with the same name @@ -1121,202 +1260,55 @@ components: overlay at a time. For evaluating multiple constraints, multiple `GenerateOrgPolicyViolationsPreview` requests are made, where each request evaluates a single constraint. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudPolicysimulatorV1OrgPolicyOverlayCustomConstraintOverlay - GoogleCloudPolicysimulatorV1OrgPolicyOverlayPolicyOverlay: - id: GoogleCloudPolicysimulatorV1OrgPolicyOverlayPolicyOverlay - description: A change to an OrgPolicy. - type: object - properties: - policyParent: - description: >- - Optional. The parent of the policy we are attaching to. Example: - "projects/123456" - type: string - policy: - description: Optional. The new or updated OrgPolicy. - $ref: '#/components/schemas/GoogleCloudOrgpolicyV2Policy' - GoogleCloudOrgpolicyV2Policy: - id: GoogleCloudOrgpolicyV2Policy - description: >- - Defines an organization policy which is used to specify constraints for - configurations of Google Cloud resources. - type: object - properties: - name: - description: >- - Immutable. The resource name of the policy. Must be one of the - following forms, where `constraint_name` is the name of the - constraint which this policy configures: * - `projects/{project_number}/policies/{constraint_name}` * - `folders/{folder_id}/policies/{constraint_name}` * - `organizations/{organization_id}/policies/{constraint_name}` For - example, `projects/123/policies/compute.disableSerialPortAccess`. - Note: `projects/{project_id}/policies/{constraint_name}` is also an - acceptable name for API requests, but responses will return the name - using the equivalent project number. - type: string - spec: - description: Basic information about the organization policy. - $ref: '#/components/schemas/GoogleCloudOrgpolicyV2PolicySpec' - alternate: - description: Deprecated. - deprecated: true - $ref: '#/components/schemas/GoogleCloudOrgpolicyV2AlternatePolicySpec' - dryRunSpec: - description: >- - Dry-run policy. Audit-only policy, can be used to monitor how the - policy would have impacted the existing and future resources if it's - enforced. - $ref: '#/components/schemas/GoogleCloudOrgpolicyV2PolicySpec' - etag: - description: >- - Optional. An opaque tag indicating the current state of the policy, - used for concurrency control. This 'etag' is computed by the server - based on the value of other fields, and may be sent on update and - delete requests to ensure the client has an up-to-date value before - proceeding. - type: string - GoogleCloudOrgpolicyV2PolicySpec: - id: GoogleCloudOrgpolicyV2PolicySpec - description: >- - Defines a Google Cloud policy specification which is used to specify - constraints for configurations of Google Cloud resources. + id: GoogleCloudPolicysimulatorV1OrgPolicyOverlay type: object + description: The proposed changes to OrgPolicy. + GoogleCloudPolicysimulatorV1OrgPolicyViolationsPreviewResourceCounts: properties: - etag: - description: >- - An opaque tag indicating the current version of the policySpec, used - for concurrency control. This field is ignored if used in a - `CreatePolicy` request. When the policy is returned from either a - `GetPolicy` or a `ListPolicies` request, this `etag` indicates the - version of the current policySpec to use when executing a - read-modify-write loop. When the policy is returned from a - `GetEffectivePolicy` request, the `etag` will be unset. - type: string - updateTime: + scanned: + type: integer description: >- - Output only. The time stamp this was previously updated. This - represents the last time a call to `CreatePolicy` or `UpdatePolicy` - was made for that policy. + Output only. Number of resources checked for compliance. Must equal: + unenforced + noncompliant + compliant + error readOnly: true - type: string - format: google-datetime - rules: - description: >- - In policies for boolean constraints, the following requirements - apply: - There must be one and only one policy rule where condition - is unset. - Boolean policy rules with conditions must set `enforced` - to the opposite of the policy rule without a condition. - During - policy evaluation, policy rules with conditions that are true for a - target resource take precedence. - type: array - items: - $ref: '#/components/schemas/GoogleCloudOrgpolicyV2PolicySpecPolicyRule' - inheritFromParent: - description: >- - Determines the inheritance behavior for this policy. If - `inherit_from_parent` is true, policy rules set higher up in the - hierarchy (up to the closest root) are inherited and present in the - effective policy. If it is false, then no rules are inherited, and - this policy becomes the new root for evaluation. This field can be - set only for policies which configure list constraints. - type: boolean - reset: - description: >- - Ignores policies set above this resource and restores the - `constraint_default` enforcement behavior of the specific constraint - at this resource. This field can be set in policies for either list - or boolean constraints. If set, `rules` must be empty and - `inherit_from_parent` must be set to false. - type: boolean - GoogleCloudOrgpolicyV2PolicySpecPolicyRule: - id: GoogleCloudOrgpolicyV2PolicySpecPolicyRule - description: A rule used to express this policy. - type: object - properties: - values: - description: >- - List of values to be used for this policy rule. This field can be - set only in policies for list constraints. - $ref: >- - #/components/schemas/GoogleCloudOrgpolicyV2PolicySpecPolicyRuleStringValues - allowAll: - description: >- - Setting this to true means that all values are allowed. This field - can be set only in policies for list constraints. - type: boolean - denyAll: - description: >- - Setting this to true means that all values are denied. This field - can be set only in policies for list constraints. - type: boolean - enforce: - description: >- - If `true`, then the policy is enforced. If `false`, then any - configuration is acceptable. This field can be set in policies for - boolean constraints, custom constraints and managed constraints. - type: boolean - condition: + format: int32 + compliant: + readOnly: true + format: int32 + description: Output only. Number of scanned resources with zero violations. + type: integer + noncompliant: description: >- - A condition which determines whether this rule is used in the - evaluation of the policy. When set, the `expression` field in the - `Expr' must include from 1 to 10 subexpressions, joined by the "||" - or "&&" operators. Each subexpression must be of the form - "resource.matchTag('/tag_key_short_name, 'tag_value_short_name')". - or "resource.matchTagId('tagKeys/key_id', 'tagValues/value_id')". - where key_name and value_name are the resource names for Label Keys - and Values. These names are available from the Tag Manager Service. - An example expression is: "resource.matchTag('123456789/environment, - 'prod')". or "resource.matchTagId('tagKeys/123', 'tagValues/456')". - $ref: '#/components/schemas/GoogleTypeExpr' - parameters: + Output only. Number of scanned resources with at least one + violation. + format: int32 + readOnly: true + type: integer + errors: + type: integer description: >- - Optional. Required for managed constraints if parameters are - defined. Passes parameter values when policy enforcement is enabled. - Ensure that parameter value types match those defined in the - constraint definition. For example: ``` { "allowedLocations" : - ["us-east1", "us-west1"], "allowAll" : true } ``` - type: object - additionalProperties: - type: any - description: Properties of the object. - GoogleCloudOrgpolicyV2PolicySpecPolicyRuleStringValues: - id: GoogleCloudOrgpolicyV2PolicySpecPolicyRuleStringValues - description: >- - A message that holds specific allowed and denied values. This message - can define specific values and subtrees of the Resource Manager resource - hierarchy (`Organizations`, `Folders`, `Projects`) that are allowed or - denied. This is achieved by using the `under:` and optional `is:` - prefixes. The `under:` prefix is used to denote resource subtree values. - The `is:` prefix is used to denote specific values, and is required only - if the value contains a ":". Values prefixed with "is:" are treated the - same as values with no prefix. Ancestry subtrees must be in one of the - following formats: - `projects/` (for example, - `projects/tokyo-rain-123`) - `folders/` (for example, `folders/1234`) - - `organizations/` (for example, `organizations/1234`) The - `supports_under` field of the associated `Constraint` defines whether - ancestry prefixes can be used. + Output only. Number of resources that returned an error when + scanned. + readOnly: true + format: int32 + unenforced: + type: integer + readOnly: true + format: int32 + description: >- + Output only. Number of resources where the constraint was not + enforced, i.e. the Policy set `enforced: false` for that resource. + description: >- + A summary of the state of all resources scanned for compliance with the + changed OrgPolicy. type: object - properties: - allowedValues: - description: List of values allowed at this resource. - type: array - items: - type: string - deniedValues: - description: List of values denied at this resource. - type: array - items: - type: string + id: GoogleCloudPolicysimulatorV1OrgPolicyViolationsPreviewResourceCounts GoogleCloudOrgpolicyV2AlternatePolicySpec: - id: GoogleCloudOrgpolicyV2AlternatePolicySpec + type: object description: >- Similar to PolicySpec but with an extra 'launch' field for launch reference. The PolicySpec here is specific for dry-run. - type: object + id: GoogleCloudOrgpolicyV2AlternatePolicySpec properties: launch: description: >- @@ -1324,444 +1316,461 @@ components: control the launch. Should be set only in the alternate policy. type: string spec: - description: Specify constraint for configurations of Google Cloud resources. $ref: '#/components/schemas/GoogleCloudOrgpolicyV2PolicySpec' - GoogleCloudPolicysimulatorV1OrgPolicyOverlayCustomConstraintOverlay: - id: GoogleCloudPolicysimulatorV1OrgPolicyOverlayCustomConstraintOverlay - description: A change to an OrgPolicy custom constraint. + description: Specify constraint for configurations of Google Cloud resources. + GoogleCloudPolicysimulatorV1betaOrgPolicyOverlayPolicyOverlay: + description: A change to an OrgPolicy. + id: GoogleCloudPolicysimulatorV1betaOrgPolicyOverlayPolicyOverlay type: object properties: - customConstraintParent: + policyParent: description: >- - Optional. Resource the constraint is attached to. Example: - "organization/987654" + Optional. The parent of the policy we are attaching to. Example: + "projects/123456" type: string - customConstraint: - description: Optional. The new or updated custom constraint. - $ref: '#/components/schemas/GoogleCloudOrgpolicyV2CustomConstraint' - GoogleCloudOrgpolicyV2CustomConstraint: - id: GoogleCloudOrgpolicyV2CustomConstraint - description: >- - A custom constraint defined by customers which can *only* be applied to - the given resource types and organization. By creating a custom - constraint, customers can apply policies of this custom constraint. - *Creating a custom constraint itself does NOT apply any policy - enforcement*. - type: object + policy: + description: Optional. The new or updated OrgPolicy. + $ref: '#/components/schemas/GoogleCloudOrgpolicyV2Policy' + GoogleIamV1Policy: + id: GoogleIamV1Policy properties: - name: + version: + format: int32 description: >- - Immutable. Name of the constraint. This is unique within the - organization. Format of the name should be * - `organizations/{organization_id}/customConstraints/{custom_constraint_id}` - Example: - `organizations/123/customConstraints/custom.createOnlyE2TypeVms` The - max length is 70 characters and the minimum length is 1. Note that - the prefix `organizations/{organization_id}/customConstraints/` is - not counted. + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + type: integer + etag: + format: byte type: string - resourceTypes: description: >- - Immutable. The resource instance type on which this policy applies. - Format will be of the form : `/` Example: * - `compute.googleapis.com/Instance`. - type: array - items: - type: string - methodTypes: - description: All the operations being applied for this constraint. + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + auditConfigs: type: array items: - type: string - enumDescriptions: - - >- - This is only used for distinguishing unset values and should - never be used. Results in an error. - - Constraint applied when creating the resource. - - Constraint applied when updating the resource. - - >- - Constraint applied when deleting the resource. Not currently - supported. - - Constraint applied when removing an IAM grant. - - Constraint applied when enforcing forced tagging. - enum: - - METHOD_TYPE_UNSPECIFIED - - CREATE - - UPDATE - - DELETE - - REMOVE_GRANT - - GOVERN_TAGS - condition: - description: >- - A Common Expression Language (CEL) condition which is used in the - evaluation of the constraint. For example: - `resource.instanceName.matches("[production|test]_.*_(\d)+")` or, - `resource.management.auto_upgrade == true` The max length of the - condition is 1000 characters. - type: string - actionType: - description: Allow or deny type. - type: string - enumDescriptions: - - >- - This is only used for distinguishing unset values and should never - be used. Results in an error. - - Allowed action type. - - Deny action type. - enum: - - ACTION_TYPE_UNSPECIFIED - - ALLOW - - DENY - displayName: - description: >- - One line display name for the UI. The max length of the display_name - is 200 characters. - type: string - description: - description: >- - Detailed information about this custom policy constraint. The max - length of the description is 2000 characters. - type: string - updateTime: + $ref: '#/components/schemas/GoogleIamV1AuditConfig' + description: Specifies cloud audit logging configuration for this policy. + bindings: description: >- - Output only. The last time this custom constraint was updated. This - represents the last time that the `CreateCustomConstraint` or - `UpdateCustomConstraint` methods were called. - readOnly: true - type: string - format: google-datetime - GoogleCloudPolicysimulatorV1OrgPolicyViolationsPreviewResourceCounts: - id: GoogleCloudPolicysimulatorV1OrgPolicyViolationsPreviewResourceCounts + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + items: + $ref: '#/components/schemas/GoogleIamV1Binding' + type: array description: >- - A summary of the state of all resources scanned for compliance with the - changed OrgPolicy. + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). type: object + GoogleCloudOrgpolicyV2PolicySpecPolicyRule: properties: - scanned: + allowAll: description: >- - Output only. Number of resources checked for compliance. Must equal: - unenforced + noncompliant + compliant + error - readOnly: true - type: integer - format: int32 - noncompliant: + Setting this to true means that all values are allowed. This field + can be set only in policies for list constraints. + type: boolean + enforce: description: >- - Output only. Number of scanned resources with at least one - violation. - readOnly: true - type: integer - format: int32 - compliant: - description: Output only. Number of scanned resources with zero violations. - readOnly: true - type: integer - format: int32 - unenforced: + If `true`, then the policy is enforced. If `false`, then any + configuration is acceptable. This field can be set in policies for + boolean constraints, custom constraints and managed constraints. + type: boolean + denyAll: + type: boolean + description: >- + Setting this to true means that all values are denied. This field + can be set only in policies for list constraints. + values: + description: >- + List of values to be used for this policy rule. This field can be + set only in policies for list constraints. + $ref: >- + #/components/schemas/GoogleCloudOrgpolicyV2PolicySpecPolicyRuleStringValues + parameters: + additionalProperties: + description: Properties of the object. + type: any description: >- - Output only. Number of resources where the constraint was not - enforced, i.e. the Policy set `enforced: false` for that resource. - readOnly: true - type: integer - format: int32 - errors: + Optional. Required for managed constraints if parameters are + defined. Passes parameter values when policy enforcement is enabled. + Ensure that parameter value types match those defined in the + constraint definition. For example: ``` { "allowedLocations" : + ["us-east1", "us-west1"], "allowAll" : true } ``` + type: object + condition: description: >- - Output only. Number of resources that returned an error when - scanned. - readOnly: true - type: integer - format: int32 - GoogleCloudPolicysimulatorV1ListOrgPolicyViolationsResponse: - id: GoogleCloudPolicysimulatorV1ListOrgPolicyViolationsResponse - description: >- - ListOrgPolicyViolationsResponse is the response message for - OrgPolicyViolationsPreviewService.ListOrgPolicyViolations + A condition that determines whether this rule is used to evaluate + the policy. When set, the google.type.Expr.expression field must + contain 1 to 10 subexpressions, joined by the `||` or `&&` + operators. Each subexpression must use the `resource.matchTag()`, + `resource.matchTagId()`, `resource.hasTagKey()`, or + `resource.hasTagKeyId()` Common Expression Language (CEL) function. + The `resource.matchTag()` function takes the following arguments: * + `key_name`: the namespaced name of the tag key, with the + organization ID and a slash (`/`) as a prefix; for example, + `123456789012/environment` * `value_name`: the short name of the tag + value For example: `resource.matchTag('123456789012/environment, + 'prod')` The `resource.matchTagId()` function takes the following + arguments: * `key_id`: the permanent ID of the tag key; for example, + `tagKeys/123456789012` * `value_id`: the permanent ID of the tag + value; for example, `tagValues/567890123456` For example: + `resource.matchTagId('tagKeys/123456789012', + 'tagValues/567890123456')` The `resource.hasTagKey()` function takes + the following argument: * `key_name`: the namespaced name of the tag + key, with the organization ID and a slash (`/`) as a prefix; for + example, `123456789012/environment` For example: + `resource.hasTagKey('123456789012/environment')` The + `resource.hasTagKeyId()` function takes the following arguments: * + `key_id`: the permanent ID of the tag key; for example, + `tagKeys/123456789012` For example: + `resource.hasTagKeyId('tagKeys/123456789012')` + $ref: '#/components/schemas/GoogleTypeExpr' + description: A rule used to express this policy. + id: GoogleCloudOrgpolicyV2PolicySpecPolicyRule type: object + GoogleCloudPolicysimulatorV1ListReplayResultsResponse: + description: Response message for Simulator.ListReplayResults. properties: - orgPolicyViolations: - description: The list of OrgPolicyViolations - type: array + replayResults: items: - $ref: >- - #/components/schemas/GoogleCloudPolicysimulatorV1OrgPolicyViolation + $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1ReplayResult' + description: The results of running a Replay. + type: array nextPageToken: description: >- - A token that you can use to retrieve the next page of results. If - this field is omitted, there are no subsequent pages. + A token that you can use to retrieve the next page of ReplayResult + objects. If this field is omitted, there are no subsequent pages. type: string - GoogleCloudPolicysimulatorV1OrgPolicyViolation: - id: GoogleCloudPolicysimulatorV1OrgPolicyViolation - description: >- - OrgPolicyViolation is a resource representing a single resource - violating a single OrgPolicy constraint. + id: GoogleCloudPolicysimulatorV1ListReplayResultsResponse type: object - properties: - name: - description: >- - The name of the `OrgPolicyViolation`. Example: - organizations/my-example-org/locations/global/orgPolicyViolationsPreviews/506a5f7f/orgPolicyViolations/38ce` - type: string - resource: - description: The resource violating the constraint. - $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1ResourceContext' - customConstraint: - description: The custom constraint being violated. - $ref: '#/components/schemas/GoogleCloudOrgpolicyV2CustomConstraint' - error: - description: Any error encountered during the evaluation. - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudPolicysimulatorV1ResourceContext: - id: GoogleCloudPolicysimulatorV1ResourceContext + GoogleIamV1AuditConfig: description: >- - ResourceContext provides the context we know about a resource. It is - similar in concept to google.cloud.asset.v1.Resource, but focuses on the - information specifically used by Simulator. + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. type: object + id: GoogleIamV1AuditConfig properties: - resource: - description: >- - The full name of the resource. Example: - `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1` - See [Resource - names](https://cloud.google.com/apis/design/resource_names#full_resource_name) - for more information. - type: string - assetType: - description: >- - The asset type of the resource as defined by CAIS. Example: - `compute.googleapis.com/Firewall` See [Supported asset - types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) - for more information. - type: string - ancestors: - description: >- - The ancestry path of the resource in Google Cloud [resource - hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), - represented as a list of relative resource names. An ancestry path - starts with the closest ancestor in the hierarchy and ends at root. - If the resource is a project, folder, or organization, the ancestry - path starts from the resource itself. Example: - `["projects/123456789", "folders/5432", "organizations/1234"]` - type: array + auditLogConfigs: items: - type: string - GoogleCloudPolicysimulatorV1ReplayOperationMetadata: - id: GoogleCloudPolicysimulatorV1ReplayOperationMetadata - description: Metadata about a Replay operation. - type: object - properties: - startTime: - description: Time when the request was received. + $ref: '#/components/schemas/GoogleIamV1AuditLogConfig' + description: The configuration for logging of each type of permission. + type: array + service: + description: >- + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. type: string - format: google-datetime GoogleCloudPolicysimulatorV1betaGenerateOrgPolicyViolationsPreviewOperationMetadata: - id: >- - GoogleCloudPolicysimulatorV1betaGenerateOrgPolicyViolationsPreviewOperationMetadata description: >- GenerateOrgPolicyViolationsPreviewOperationMetadata is metadata about an OrgPolicyViolationsPreview generations operation. type: object - properties: - requestTime: - description: Time when the request was received. - type: string - format: google-datetime - startTime: - description: >- - Time when the request started processing, i.e. when the state was - set to RUNNING. - type: string - format: google-datetime - state: - description: The current state of the operation. - type: string - enumDescriptions: - - The state is unspecified. - - The OrgPolicyViolationsPreview has not been created yet. - - The OrgPolicyViolationsPreview is currently being created. - - The OrgPolicyViolationsPreview creation finished successfully. - - The OrgPolicyViolationsPreview creation failed with an error. - enum: - - PREVIEW_STATE_UNSPECIFIED - - PREVIEW_PENDING - - PREVIEW_RUNNING - - PREVIEW_SUCCEEDED - - PREVIEW_FAILED - resourcesFound: - description: >- - Total number of resources that need scanning. Should equal - resource_scanned + resources_pending - type: integer - format: int32 - resourcesScanned: - description: Number of resources already scanned. - type: integer - format: int32 - resourcesPending: - description: Number of resources still to scan. - type: integer - format: int32 - GoogleCloudPolicysimulatorV1betaCreateOrgPolicyViolationsPreviewOperationMetadata: id: >- - GoogleCloudPolicysimulatorV1betaCreateOrgPolicyViolationsPreviewOperationMetadata - description: >- - CreateOrgPolicyViolationsPreviewOperationMetadata is metadata about an - OrgPolicyViolationsPreview generations operation. - type: object + GoogleCloudPolicysimulatorV1betaGenerateOrgPolicyViolationsPreviewOperationMetadata properties: - requestTime: - description: Time when the request was received. - type: string - format: google-datetime startTime: description: >- - Time when the request started processing, i.e., when the state was + Time when the request started processing, i.e. when the state was set to RUNNING. - type: string format: google-datetime - state: - description: Output only. The current state of the operation. - readOnly: true type: string - enumDescriptions: - - The state is unspecified. - - The OrgPolicyViolationsPreview has not been created yet. - - The OrgPolicyViolationsPreview is currently being created. - - The OrgPolicyViolationsPreview creation finished successfully. - - The OrgPolicyViolationsPreview creation failed with an error. - enum: - - PREVIEW_STATE_UNSPECIFIED - - PREVIEW_PENDING - - PREVIEW_RUNNING - - PREVIEW_SUCCEEDED - - PREVIEW_FAILED - resourcesFound: - description: >- - Total number of resources that need scanning. Should equal - resource_scanned + resources_pending - type: integer - format: int32 - resourcesScanned: - description: Number of resources already scanned. - type: integer - format: int32 resourcesPending: description: Number of resources still to scan. type: integer format: int32 - GoogleCloudPolicysimulatorV1betaOrgPolicyViolationsPreview: - id: GoogleCloudPolicysimulatorV1betaOrgPolicyViolationsPreview - description: >- - OrgPolicyViolationsPreview is a resource providing a preview of the - violations that will exist if an OrgPolicy change is made. The list of - violations are modeled as child resources and retrieved via a - ListOrgPolicyViolations API call. There are potentially more - OrgPolicyViolations than could fit in an embedded field. Thus, the use - of a child resource instead of a field. - type: object - properties: - name: - description: >- - Output only. The resource name of the `OrgPolicyViolationsPreview`. - It has the following format: - `organizations/{organization}/locations/{location}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreview}` - Example: - `organizations/my-example-org/locations/global/orgPolicyViolationsPreviews/506a5f7f` - readOnly: true - type: string state: - description: Output only. The state of the `OrgPolicyViolationsPreview`. - readOnly: true - type: string - enumDescriptions: - - The state is unspecified. - - The OrgPolicyViolationsPreview has not been created yet. - - The OrgPolicyViolationsPreview is currently being created. - - The OrgPolicyViolationsPreview creation finished successfully. - - The OrgPolicyViolationsPreview creation failed with an error. enum: - PREVIEW_STATE_UNSPECIFIED - PREVIEW_PENDING - PREVIEW_RUNNING - PREVIEW_SUCCEEDED - PREVIEW_FAILED - overlay: - description: Required. The proposed changes we are previewing violations for. - $ref: >- - #/components/schemas/GoogleCloudPolicysimulatorV1betaOrgPolicyOverlay - violationsCount: - description: >- - Output only. The number of OrgPolicyViolations in this - `OrgPolicyViolationsPreview`. This count may differ from - `resource_summary.noncompliant_count` because each - OrgPolicyViolation is specific to a resource **and** constraint. If - there are multiple constraints being evaluated (i.e. multiple - policies in the overlay), a single resource may violate multiple - constraints. - readOnly: true + enumDescriptions: + - The state is unspecified. + - The OrgPolicyViolationsPreview has not been created yet. + - The OrgPolicyViolationsPreview is currently being created. + - The OrgPolicyViolationsPreview creation finished successfully. + - The OrgPolicyViolationsPreview creation failed with an error. + type: string + description: The current state of the operation. + requestTime: + format: google-datetime + type: string + description: Time when the request was received. + resourcesScanned: + description: Number of resources already scanned. + format: int32 type: integer + resourcesFound: + description: >- + Total number of resources that need scanning. Should equal + resource_scanned + resources_pending format: int32 - resourceCounts: + type: integer + GoogleCloudPolicysimulatorV1betaOrgPolicyOverlayCustomConstraintOverlay: + id: GoogleCloudPolicysimulatorV1betaOrgPolicyOverlayCustomConstraintOverlay + properties: + customConstraintParent: description: >- - Output only. A summary of the state of all resources scanned for - compliance with the changed OrgPolicy. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudPolicysimulatorV1betaOrgPolicyViolationsPreviewResourceCounts - customConstraints: + Optional. Resource the constraint is attached to. Example: + "organization/987654" + type: string + customConstraint: + $ref: '#/components/schemas/GoogleCloudOrgpolicyV2CustomConstraint' + description: Optional. The new or updated custom constraint. + description: A change to an OrgPolicy custom constraint. + type: object + GoogleRpcStatus: + properties: + message: + type: string description: >- - Output only. The names of the constraints against which all - `OrgPolicyViolations` were evaluated. If `OrgPolicyOverlay` only - contains `PolicyOverlay` then it contains the name of the configured - custom constraint, applicable to the specified policies. Otherwise - it contains the name of the constraint specified in - `CustomConstraintOverlay`. Format: - `organizations/{organization_id}/customConstraints/{custom_constraint_id}` - Example: - `organizations/123/customConstraints/custom.createOnlyE2TypeVms` - readOnly: true + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer + details: type: array items: - type: string - createTime: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object description: >- - Output only. Time when this `OrgPolicyViolationsPreview` was - created. - readOnly: true - type: string - format: google-datetime - GoogleCloudPolicysimulatorV1betaOrgPolicyOverlay: - id: GoogleCloudPolicysimulatorV1betaOrgPolicyOverlay - description: The proposed changes to OrgPolicy. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + type: object + id: GoogleRpcStatus + GoogleCloudPolicysimulatorV1ExplainedPolicy: + description: Details about how a specific IAM Policy contributed to the access check. + id: GoogleCloudPolicysimulatorV1ExplainedPolicy type: object properties: - policies: + relevance: description: >- - Optional. The OrgPolicy changes to preview violations for. Any - existing OrgPolicies with the same name will be overridden in the - simulation. That is, violations will be determined as if all - policies in the overlay were created or updated. + The relevance of this policy to the overall determination in the + TroubleshootIamPolicyResponse. If the user who created the Replay + does not have access to the policy, this field is omitted. + enum: + - HEURISTIC_RELEVANCE_UNSPECIFIED + - NORMAL + - HIGH + enumDescriptions: + - Default value. This value is unused. + - >- + The data point has a limited effect on the result. Changing the + data point is unlikely to affect the overall determination. + - >- + The data point has a strong effect on the result. Changing the + data point is likely to affect the overall determination. + type: string + bindingExplanations: type: array items: $ref: >- - #/components/schemas/GoogleCloudPolicysimulatorV1betaOrgPolicyOverlayPolicyOverlay - customConstraints: + #/components/schemas/GoogleCloudPolicysimulatorV1BindingExplanation description: >- - Optional. The OrgPolicy CustomConstraint changes to preview - violations for. Any existing CustomConstraints with the same name - will be overridden in the simulation. That is, violations will be - determined as if all custom constraints in the overlay were - instantiated. Only a single custom_constraint is supported in the - overlay at a time. For evaluating multiple constraints, multiple - `GenerateOrgPolicyViolationsPreview` requests are made, where each - request evaluates a single constraint. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudPolicysimulatorV1betaOrgPolicyOverlayCustomConstraintOverlay - GoogleCloudPolicysimulatorV1betaOrgPolicyOverlayPolicyOverlay: - id: GoogleCloudPolicysimulatorV1betaOrgPolicyOverlayPolicyOverlay - description: A change to an OrgPolicy. + Details about how each binding in the policy affects the principal's + ability, or inability, to use the permission for the resource. If + the user who created the Replay does not have access to the policy, + this field is omitted. + access: + enumDescriptions: + - Default value. This value is unused. + - The principal has the permission. + - The principal does not have the permission. + - >- + The principal has the permission only if a condition expression + evaluates to `true`. + - >- + The user who created the Replay does not have access to all of the + policies that Policy Simulator needs to evaluate. + type: string + description: >- + Indicates whether _this policy_ provides the specified permission to + the specified principal for the specified resource. This field does + _not_ indicate whether the principal actually has the permission for + the resource. There might be another policy that overrides this + policy. To determine whether the principal actually has the + permission, use the `access` field in the + TroubleshootIamPolicyResponse. + enum: + - ACCESS_STATE_UNSPECIFIED + - GRANTED + - NOT_GRANTED + - UNKNOWN_CONDITIONAL + - UNKNOWN_INFO_DENIED + policy: + description: >- + The IAM policy attached to the resource. If the user who created the + Replay does not have access to the policy, this field is empty. + $ref: '#/components/schemas/GoogleIamV1Policy' + fullResourceName: + description: >- + The full resource name that identifies the resource. For example, + `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`. + If the user who created the Replay does not have access to the + policy, this field is omitted. For examples of full resource names + for Google Cloud services, see + https://cloud.google.com/iam/help/troubleshooter/full-resource-names. + type: string + GoogleCloudPolicysimulatorV1AccessStateDiff: + type: object + id: GoogleCloudPolicysimulatorV1AccessStateDiff + properties: + accessChange: + description: >- + How the principal's access, specified in the AccessState field, + changed between the current (baseline) policies and proposed + (simulated) policies. + type: string + enumDescriptions: + - Default value. This value is unused. + - >- + The principal's access did not change. This includes the case + where both baseline and simulated are UNKNOWN, but the unknown + information is equivalent. + - >- + The principal's access under both the current policies and the + proposed policies is `UNKNOWN`, but the unknown information + differs between them. + - >- + The principal had access under the current policies (`GRANTED`), + but will no longer have access after the proposed changes + (`NOT_GRANTED`). + - >- + The principal did not have access under the current policies + (`NOT_GRANTED`), but will have access after the proposed changes + (`GRANTED`). + - >- + This result can occur for the following reasons: * The principal + had access under the current policies (`GRANTED`), but their + access after the proposed changes is `UNKNOWN`. * The principal's + access under the current policies is `UNKNOWN`, but they will not + have access after the proposed changes (`NOT_GRANTED`). + - >- + This result can occur for the following reasons: * The principal + did not have access under the current policies (`NOT_GRANTED`), + but their access after the proposed changes is `UNKNOWN`. * The + principal's access under the current policies is `UNKNOWN`, but + they will have access after the proposed changes (`GRANTED`). + enum: + - ACCESS_CHANGE_TYPE_UNSPECIFIED + - NO_CHANGE + - UNKNOWN_CHANGE + - ACCESS_REVOKED + - ACCESS_GAINED + - ACCESS_MAYBE_REVOKED + - ACCESS_MAYBE_GAINED + simulated: + $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1ExplainedAccess' + description: >- + The results of evaluating the access tuple under the proposed + (simulated) policies. If the AccessState couldn't be fully + evaluated, this field explains why. + baseline: + description: >- + The results of evaluating the access tuple under the current + (baseline) policies. If the AccessState couldn't be fully evaluated, + this field explains why. + $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1ExplainedAccess' + description: >- + A summary and comparison of the principal's access under the current + (baseline) policies and the proposed (simulated) policies for a single + access tuple. + GoogleCloudPolicysimulatorV1OrgPolicyOverlayPolicyOverlay: type: object + description: A change to an OrgPolicy. + id: GoogleCloudPolicysimulatorV1OrgPolicyOverlayPolicyOverlay properties: policyParent: description: >- @@ -1769,66 +1778,81 @@ components: "projects/123456" type: string policy: - description: Optional. The new or updated OrgPolicy. $ref: '#/components/schemas/GoogleCloudOrgpolicyV2Policy' - GoogleCloudPolicysimulatorV1betaOrgPolicyOverlayCustomConstraintOverlay: - id: GoogleCloudPolicysimulatorV1betaOrgPolicyOverlayCustomConstraintOverlay - description: A change to an OrgPolicy custom constraint. - type: object + description: Optional. The new or updated OrgPolicy. + GoogleLongrunningListOperationsResponse: properties: - customConstraintParent: + unreachable: + items: + type: string + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + operations: + items: + $ref: '#/components/schemas/GoogleLongrunningOperation' + type: array description: >- - Optional. Resource the constraint is attached to. Example: - "organization/987654" + A list of operations that matches the specified filter in the + request. + nextPageToken: + description: The standard List next-page token. type: string - customConstraint: - description: Optional. The new or updated custom constraint. - $ref: '#/components/schemas/GoogleCloudOrgpolicyV2CustomConstraint' - GoogleCloudPolicysimulatorV1betaOrgPolicyViolationsPreviewResourceCounts: - id: GoogleCloudPolicysimulatorV1betaOrgPolicyViolationsPreviewResourceCounts - description: >- - A summary of the state of all resources scanned for compliance with the - changed OrgPolicy. type: object + id: GoogleLongrunningListOperationsResponse + description: The response message for Operations.ListOperations. + GoogleCloudPolicysimulatorV1ExplainedAccess: + type: object + id: GoogleCloudPolicysimulatorV1ExplainedAccess properties: - scanned: - description: >- - Output only. Number of resources checked for compliance. Must equal: - unenforced + noncompliant + compliant + error - readOnly: true - type: integer - format: int32 - noncompliant: - description: >- - Output only. Number of scanned resources with at least one - violation. - readOnly: true - type: integer - format: int32 - compliant: - description: Output only. Number of scanned resources with zero violations. - readOnly: true - type: integer - format: int32 - unenforced: + policies: description: >- - Output only. Number of resources where the constraint was not - enforced, i.e. the Policy set `enforced: false` for that resource. - readOnly: true - type: integer - format: int32 + If the AccessState is `UNKNOWN`, this field contains the policies + that led to that result. If the `AccessState` is `GRANTED` or + `NOT_GRANTED`, this field is omitted. + type: array + items: + $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1ExplainedPolicy' errors: + type: array description: >- - Output only. Number of resources that returned an error when - scanned. - readOnly: true - type: integer - format: int32 + If the AccessState is `UNKNOWN`, this field contains a list of + errors explaining why the result is `UNKNOWN`. If the `AccessState` + is `GRANTED` or `NOT_GRANTED`, this field is omitted. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + accessState: + description: >- + Whether the principal in the access tuple has permission to access + the resource in the access tuple under the given policies. + enum: + - ACCESS_STATE_UNSPECIFIED + - GRANTED + - NOT_GRANTED + - UNKNOWN_CONDITIONAL + - UNKNOWN_INFO_DENIED + type: string + enumDescriptions: + - Default value. This value is unused. + - The principal has the permission. + - The principal does not have the permission. + - >- + The principal has the permission only if a condition expression + evaluates to `true`. + - >- + The user who created the Replay does not have access to all of the + policies that Policy Simulator needs to evaluate. + description: >- + Details about how a set of policies, listed in ExplainedPolicy, resulted + in a certain AccessState when replaying an access tuple. parameters: - access_token: - description: OAuth access token. + callback: + description: JSONP in: query - name: access_token + name: callback schema: type: string alt: @@ -1841,18 +1865,33 @@ components: - json - media - proto - callback: - description: JSONP + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: callback + name: prettyPrint + schema: + type: boolean + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv schema: type: string + enum: + - '1' + - '2' fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string key: description: >- API key. Your API key identifies your project and provides you with API @@ -1862,18 +1901,6 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -1883,27 +1910,24 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query name: uploadType schema: type: string - _.xgafv: - description: V1 error format. + access_token: + description: OAuth access token. in: query - name: $.xgafv + name: access_token + schema: + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: operations: id: google.policysimulator.operations @@ -1916,126 +1940,126 @@ components: response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations + objectKey: $.unreachable operations_get: operation: $ref: '#/paths/~1v1~1operations~1{operationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - projects_locations_org_policy_violations_previews_operations_get: + projects_locations_replays_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1orgPolicyViolationsPreviews~1{orgPolicyViolationsPreviewsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1replays~1{replaysId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_access_policy_simulations_operations_get: + objectKey: $.unreachable + projects_locations_replays_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1accessPolicySimulations~1{accessPolicySimulationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1replays~1{replaysId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_replays_operations_list: + projects_locations_org_policy_violations_previews_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1replays~1{replaysId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1orgPolicyViolationsPreviews~1{orgPolicyViolationsPreviewsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_locations_replays_operations_get: + projects_locations_access_policy_simulations_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1replays~1{replaysId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1accessPolicySimulations~1{accessPolicySimulationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - folders_locations_org_policy_violations_previews_operations_get: + organizations_locations_org_policy_violations_previews_operations_get: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1orgPolicyViolationsPreviews~1{orgPolicyViolationsPreviewsId}~1operations~1{operationsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1orgPolicyViolationsPreviews~1{orgPolicyViolationsPreviewsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - folders_locations_access_policy_simulations_operations_get: + organizations_locations_access_policy_simulations_operations_get: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1accessPolicySimulations~1{accessPolicySimulationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1accessPolicySimulations~1{accessPolicySimulationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - folders_locations_replays_operations_list: + organizations_locations_replays_operations_list: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1replays~1{replaysId}~1operations/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1replays~1{replaysId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - folders_locations_replays_operations_get: + objectKey: $.unreachable + organizations_locations_replays_operations_get: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1replays~1{replaysId}~1operations~1{operationsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1replays~1{replaysId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_access_policy_simulations_operations_get: + folders_locations_access_policy_simulations_operations_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1accessPolicySimulations~1{accessPolicySimulationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1accessPolicySimulations~1{accessPolicySimulationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_replays_operations_list: + folders_locations_org_policy_violations_previews_operations_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1replays~1{replaysId}~1operations/get + #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1orgPolicyViolationsPreviews~1{orgPolicyViolationsPreviewsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - organizations_locations_replays_operations_get: + folders_locations_replays_operations_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1replays~1{replaysId}~1operations~1{operationsId}/get + #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1replays~1{replaysId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_org_policy_violations_previews_operations_get: + objectKey: $.unreachable + folders_locations_replays_operations_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1orgPolicyViolationsPreviews~1{orgPolicyViolationsPreviewsId}~1operations~1{operationsId}/get + #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1replays~1{replaysId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_org_policy_violations_previews_operations_get - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_access_policy_simulations_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_locations_replays_operations_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/folders_locations_org_policy_violations_previews_operations_get + #/components/x-stackQL-resources/operations/methods/projects_locations_org_policy_violations_previews_operations_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/folders_locations_access_policy_simulations_operations_get + #/components/x-stackQL-resources/operations/methods/projects_locations_access_policy_simulations_operations_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/folders_locations_replays_operations_get + #/components/x-stackQL-resources/operations/methods/organizations_locations_org_policy_violations_previews_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/organizations_locations_access_policy_simulations_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/organizations_locations_replays_operations_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/organizations_locations_org_policy_violations_previews_operations_get + #/components/x-stackQL-resources/operations/methods/folders_locations_access_policy_simulations_operations_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_replays_operations_list + #/components/x-stackQL-resources/operations/methods/folders_locations_org_policy_violations_previews_operations_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/folders_locations_replays_operations_list + #/components/x-stackQL-resources/operations/methods/folders_locations_replays_operations_get + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_locations_replays_operations_list - $ref: >- #/components/x-stackQL-resources/operations/methods/organizations_locations_replays_operations_list + - $ref: >- + #/components/x-stackQL-resources/operations/methods/folders_locations_replays_operations_list - $ref: '#/components/x-stackQL-resources/operations/methods/operations_get' - $ref: >- #/components/x-stackQL-resources/operations/methods/operations_list @@ -2048,45 +2072,45 @@ components: name: replays title: Replays methods: - projects_locations_replays_get: + projects_locations_replays_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1replays~1{replaysId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1replays/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_replays_create: + projects_locations_replays_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1replays/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1replays~1{replaysId}/get response: mediaType: application/json openAPIDocKey: '200' - folders_locations_replays_get: + organizations_locations_replays_get: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1replays~1{replaysId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1replays~1{replaysId}/get response: mediaType: application/json openAPIDocKey: '200' - folders_locations_replays_create: + organizations_locations_replays_create: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1replays/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1replays/post response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_replays_get: + folders_locations_replays_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1replays~1{replaysId}/get + #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1replays~1{replaysId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_replays_create: + folders_locations_replays_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1replays/post + #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1replays/post response: mediaType: application/json openAPIDocKey: '200' @@ -2094,17 +2118,17 @@ components: select: - $ref: >- #/components/x-stackQL-resources/replays/methods/projects_locations_replays_get - - $ref: >- - #/components/x-stackQL-resources/replays/methods/folders_locations_replays_get - $ref: >- #/components/x-stackQL-resources/replays/methods/organizations_locations_replays_get + - $ref: >- + #/components/x-stackQL-resources/replays/methods/folders_locations_replays_get insert: - $ref: >- #/components/x-stackQL-resources/replays/methods/projects_locations_replays_create - - $ref: >- - #/components/x-stackQL-resources/replays/methods/folders_locations_replays_create - $ref: >- #/components/x-stackQL-resources/replays/methods/organizations_locations_replays_create + - $ref: >- + #/components/x-stackQL-resources/replays/methods/folders_locations_replays_create update: [] replace: [] delete: [] @@ -2121,18 +2145,18 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.replayResults - folders_locations_replays_results_list: + organizations_locations_replays_results_list: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1replays~1{replaysId}~1results/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1replays~1{replaysId}~1results/get response: mediaType: application/json openAPIDocKey: '200' objectKey: $.replayResults - organizations_locations_replays_results_list: + folders_locations_replays_results_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1replays~1{replaysId}~1results/get + #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1replays~1{replaysId}~1results/get response: mediaType: application/json openAPIDocKey: '200' @@ -2141,10 +2165,10 @@ components: select: - $ref: >- #/components/x-stackQL-resources/results/methods/projects_locations_replays_results_list - - $ref: >- - #/components/x-stackQL-resources/results/methods/folders_locations_replays_results_list - $ref: >- #/components/x-stackQL-resources/results/methods/organizations_locations_replays_results_list + - $ref: >- + #/components/x-stackQL-resources/results/methods/folders_locations_replays_results_list insert: [] update: [] replace: [] @@ -2154,21 +2178,21 @@ components: name: org_policy_violations_previews title: Org_policy_violations_previews methods: - organizations_locations_org_policy_violations_previews_list: + organizations_locations_org_policy_violations_previews_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1orgPolicyViolationsPreviews/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1orgPolicyViolationsPreviews/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.orgPolicyViolationsPreviews - organizations_locations_org_policy_violations_previews_create: + organizations_locations_org_policy_violations_previews_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1orgPolicyViolationsPreviews/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1orgPolicyViolationsPreviews/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.orgPolicyViolationsPreviews organizations_locations_org_policy_violations_previews_get: operation: $ref: >- @@ -2212,17 +2236,17 @@ components: paths: /v1/operations: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/upload_protocol' get: description: >- Lists operations that match the specified filter in the request. If the @@ -2242,14 +2266,18 @@ paths: $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: query - name: filter + name: returnPartialSuccess schema: - type: string + type: boolean - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: filter + schema: + type: string - in: query name: pageToken schema: @@ -2280,15 +2308,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreviewsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/replays: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: >- - policysimulator.projects.locations.orgPolicyViolationsPreviews.operations.get + post: + description: Creates and starts a Replay using the given ReplayConfig. + operationId: policysimulator.projects.locations.replays.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1Replay' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2312,25 +2341,13 @@ paths: required: true schema: type: string - - in: path - name: orgPolicyViolationsPreviewsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/accessPolicySimulations/{accessPolicySimulationsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/replays/{replaysId}: parameters: *ref_1 get: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: >- - policysimulator.projects.locations.accessPolicySimulations.operations.get + Gets the specified Replay. Each `Replay` is available for at least 7 + days. + operationId: policysimulator.projects.locations.replays.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2342,7 +2359,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1Replay' parameters: - in: path name: projectsId @@ -2355,22 +2372,15 @@ paths: schema: type: string - in: path - name: accessPolicySimulationsId - required: true - schema: - type: string - - in: path - name: operationsId + name: replaysId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/replays/{replaysId}: + /v1/projects/{projectsId}/locations/{locationsId}/replays/{replaysId}/results: parameters: *ref_1 get: - description: >- - Gets the specified Replay. Each `Replay` is available for at least 7 - days. - operationId: policysimulator.projects.locations.replays.get + description: Lists the results of running a Replay. + operationId: policysimulator.projects.locations.replays.results.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2382,7 +2392,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1Replay' + $ref: >- + #/components/schemas/GoogleCloudPolicysimulatorV1ListReplayResultsResponse parameters: - in: path name: projectsId @@ -2399,37 +2410,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/replays: - parameters: *ref_1 - post: - description: Creates and starts a Replay using the given ReplayConfig. - operationId: policysimulator.projects.locations.replays.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1Replay' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: locationsId - required: true + type: integer + format: int32 + - in: query + name: pageToken schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/replays/{replaysId}/operations: @@ -2468,7 +2455,7 @@ paths: schema: type: string - in: query - name: filter + name: pageToken schema: type: string - in: query @@ -2477,9 +2464,13 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/replays/{replaysId}/operations/{operationsId}: parameters: *ref_1 get: @@ -2521,50 +2512,7 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/replays/{replaysId}/results: - parameters: *ref_1 - get: - description: Lists the results of running a Replay. - operationId: policysimulator.projects.locations.replays.results.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudPolicysimulatorV1ListReplayResultsResponse - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: replaysId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/folders/{foldersId}/locations/{locationsId}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreviewsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreviewsId}/operations/{operationsId}: parameters: *ref_1 get: description: >- @@ -2572,7 +2520,7 @@ paths: method to poll the operation result at intervals as recommended by the API service. operationId: >- - policysimulator.folders.locations.orgPolicyViolationsPreviews.operations.get + policysimulator.projects.locations.orgPolicyViolationsPreviews.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2587,7 +2535,7 @@ paths: $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -2606,14 +2554,15 @@ paths: required: true schema: type: string - /v1/folders/{foldersId}/locations/{locationsId}/accessPolicySimulations/{accessPolicySimulationsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/accessPolicySimulations/{accessPolicySimulationsId}/operations/{operationsId}: parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: policysimulator.folders.locations.accessPolicySimulations.operations.get + operationId: >- + policysimulator.projects.locations.accessPolicySimulations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2628,7 +2577,7 @@ paths: $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: foldersId + name: projectsId required: true schema: type: string @@ -2647,13 +2596,23 @@ paths: required: true schema: type: string - /v1/folders/{foldersId}/locations/{locationsId}/replays/{replaysId}: + /v1/organizations/{organizationsId}/locations/{locationsId}/orgPolicyViolationsPreviews: parameters: *ref_1 - get: + post: description: >- - Gets the specified Replay. Each `Replay` is available for at least 7 - days. - operationId: policysimulator.folders.locations.replays.get + CreateOrgPolicyViolationsPreview creates an OrgPolicyViolationsPreview + for the proposed changes in the provided + OrgPolicyViolationsPreview.OrgPolicyOverlay. The changes to OrgPolicy + are specified by this `OrgPolicyOverlay`. The resources to scan are + inferred from these specified changes. + operationId: >- + policysimulator.organizations.locations.orgPolicyViolationsPreviews.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudPolicysimulatorV1OrgPolicyViolationsPreview security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2665,10 +2624,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1Replay' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: foldersId + name: organizationsId required: true schema: type: string @@ -2677,21 +2636,16 @@ paths: required: true schema: type: string - - in: path - name: replaysId - required: true + - in: query + name: orgPolicyViolationsPreviewId schema: type: string - /v1/folders/{foldersId}/locations/{locationsId}/replays: - parameters: *ref_1 - post: - description: Creates and starts a Replay using the given ReplayConfig. - operationId: policysimulator.folders.locations.replays.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1Replay' + get: + description: >- + ListOrgPolicyViolationsPreviews lists each OrgPolicyViolationsPreview in + an organization. Each OrgPolicyViolationsPreview is available for at + least 7 days. + operationId: policysimulator.organizations.locations.orgPolicyViolationsPreviews.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2703,10 +2657,11 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudPolicysimulatorV1ListOrgPolicyViolationsPreviewsResponse parameters: - in: path - name: foldersId + name: organizationsId required: true schema: type: string @@ -2715,13 +2670,23 @@ paths: required: true schema: type: string - /v1/folders/{foldersId}/locations/{locationsId}/replays/{replaysId}/operations: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/organizations/{organizationsId}/locations/{locationsId}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreviewsId}: parameters: *ref_1 get: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: policysimulator.folders.locations.replays.operations.list + GetOrgPolicyViolationsPreview gets the specified + OrgPolicyViolationsPreview. Each OrgPolicyViolationsPreview is available + for at least 7 days. + operationId: policysimulator.organizations.locations.orgPolicyViolationsPreviews.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2733,10 +2698,11 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudPolicysimulatorV1OrgPolicyViolationsPreview parameters: - in: path - name: foldersId + name: organizationsId required: true schema: type: string @@ -2746,31 +2712,19 @@ paths: schema: type: string - in: path - name: replaysId + name: orgPolicyViolationsPreviewsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/folders/{foldersId}/locations/{locationsId}/replays/{replaysId}/operations/{operationsId}: + /v1/organizations/{organizationsId}/locations/{locationsId}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreviewsId}/operations/{operationsId}: parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. - operationId: policysimulator.folders.locations.replays.operations.get + operationId: >- + policysimulator.organizations.locations.orgPolicyViolationsPreviews.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2785,7 +2739,7 @@ paths: $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: foldersId + name: organizationsId required: true schema: type: string @@ -2795,7 +2749,7 @@ paths: schema: type: string - in: path - name: replaysId + name: orgPolicyViolationsPreviewsId required: true schema: type: string @@ -2804,11 +2758,14 @@ paths: required: true schema: type: string - /v1/folders/{foldersId}/locations/{locationsId}/replays/{replaysId}/results: + /v1/organizations/{organizationsId}/locations/{locationsId}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreviewsId}/orgPolicyViolations: parameters: *ref_1 get: - description: Lists the results of running a Replay. - operationId: policysimulator.folders.locations.replays.results.list + description: >- + ListOrgPolicyViolations lists the OrgPolicyViolations that are present + in an OrgPolicyViolationsPreview. + operationId: >- + policysimulator.organizations.locations.orgPolicyViolationsPreviews.orgPolicyViolations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2821,10 +2778,10 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudPolicysimulatorV1ListReplayResultsResponse + #/components/schemas/GoogleCloudPolicysimulatorV1ListOrgPolicyViolationsResponse parameters: - in: path - name: foldersId + name: organizationsId required: true schema: type: string @@ -2834,7 +2791,7 @@ paths: schema: type: string - in: path - name: replaysId + name: orgPolicyViolationsPreviewsId required: true schema: type: string @@ -2992,19 +2949,23 @@ paths: required: true schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: filter schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string /v1/organizations/{organizationsId}/locations/{locationsId}/replays/{replaysId}/operations/{operationsId}: parameters: *ref_1 get: @@ -3080,23 +3041,23 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/orgPolicyViolationsPreviews: + /v1/folders/{foldersId}/locations/{locationsId}/accessPolicySimulations/{accessPolicySimulationsId}/operations/{operationsId}: parameters: *ref_1 get: description: >- - ListOrgPolicyViolationsPreviews lists each OrgPolicyViolationsPreview in - an organization. Each OrgPolicyViolationsPreview is available for at - least 7 days. - operationId: policysimulator.organizations.locations.orgPolicyViolationsPreviews.list + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: policysimulator.folders.locations.accessPolicySimulations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3108,11 +3069,10 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudPolicysimulatorV1ListOrgPolicyViolationsPreviewsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: organizationsId + name: foldersId required: true schema: type: string @@ -3121,30 +3081,25 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: accessPolicySimulationsId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: operationsId + required: true schema: type: string - post: + /v1/folders/{foldersId}/locations/{locationsId}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreviewsId}/operations/{operationsId}: + parameters: *ref_1 + get: description: >- - CreateOrgPolicyViolationsPreview creates an OrgPolicyViolationsPreview - for the proposed changes in the provided - OrgPolicyViolationsPreview.OrgPolicyOverlay. The changes to OrgPolicy - are specified by this `OrgPolicyOverlay`. The resources to scan are - inferred from these specified changes. + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. operationId: >- - policysimulator.organizations.locations.orgPolicyViolationsPreviews.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudPolicysimulatorV1OrgPolicyViolationsPreview + policysimulator.folders.locations.orgPolicyViolationsPreviews.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3159,7 +3114,7 @@ paths: $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: organizationsId + name: foldersId required: true schema: type: string @@ -3168,18 +3123,23 @@ paths: required: true schema: type: string - - in: query - name: orgPolicyViolationsPreviewId + - in: path + name: orgPolicyViolationsPreviewsId + required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreviewsId}: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/folders/{foldersId}/locations/{locationsId}/replays/{replaysId}: parameters: *ref_1 get: description: >- - GetOrgPolicyViolationsPreview gets the specified - OrgPolicyViolationsPreview. Each OrgPolicyViolationsPreview is available - for at least 7 days. - operationId: policysimulator.organizations.locations.orgPolicyViolationsPreviews.get + Gets the specified Replay. Each `Replay` is available for at least 7 + days. + operationId: policysimulator.folders.locations.replays.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3191,11 +3151,10 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudPolicysimulatorV1OrgPolicyViolationsPreview + $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1Replay' parameters: - in: path - name: organizationsId + name: foldersId required: true schema: type: string @@ -3205,19 +3164,20 @@ paths: schema: type: string - in: path - name: orgPolicyViolationsPreviewsId + name: replaysId required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreviewsId}/operations/{operationsId}: + /v1/folders/{foldersId}/locations/{locationsId}/replays: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: >- - policysimulator.organizations.locations.orgPolicyViolationsPreviews.operations.get + post: + description: Creates and starts a Replay using the given ReplayConfig. + operationId: policysimulator.folders.locations.replays.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudPolicysimulatorV1Replay' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3232,7 +3192,7 @@ paths: $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path - name: organizationsId + name: foldersId required: true schema: type: string @@ -3241,24 +3201,56 @@ paths: required: true schema: type: string + /v1/folders/{foldersId}/locations/{locationsId}/replays/{replaysId}/results: + parameters: *ref_1 + get: + description: Lists the results of running a Replay. + operationId: policysimulator.folders.locations.replays.results.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudPolicysimulatorV1ListReplayResultsResponse + parameters: + - in: path + name: foldersId + required: true + schema: + type: string - in: path - name: orgPolicyViolationsPreviewsId + name: locationsId required: true schema: type: string - in: path - name: operationsId + name: replaysId required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreviewsId}/orgPolicyViolations: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/folders/{foldersId}/locations/{locationsId}/replays/{replaysId}/operations: parameters: *ref_1 get: description: >- - ListOrgPolicyViolations lists the OrgPolicyViolations that are present - in an OrgPolicyViolationsPreview. - operationId: >- - policysimulator.organizations.locations.orgPolicyViolationsPreviews.orgPolicyViolations.list + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: policysimulator.folders.locations.replays.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3270,11 +3262,10 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudPolicysimulatorV1ListOrgPolicyViolationsResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path - name: organizationsId + name: foldersId required: true schema: type: string @@ -3284,10 +3275,14 @@ paths: schema: type: string - in: path - name: orgPolicyViolationsPreviewsId + name: replaysId required: true schema: type: string + - in: query + name: filter + schema: + type: string - in: query name: pageSize schema: @@ -3297,3 +3292,48 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/folders/{foldersId}/locations/{locationsId}/replays/{replaysId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: policysimulator.folders.locations.replays.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: foldersId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: replaysId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/policytroubleshooter.yaml b/providers/src/googleapis.com/v00.00.00000/services/policytroubleshooter.yaml index 969c8fa5..545aca7c 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/policytroubleshooter.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/policytroubleshooter.yaml @@ -7,8 +7,8 @@ info: title: Policy Troubleshooter API description: '' version: v1 - x-discovery-doc-revision: '20250825' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251207' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/iam/ servers: @@ -34,56 +34,31 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleCloudPolicytroubleshooterV1TroubleshootIamPolicyRequest: - id: GoogleCloudPolicytroubleshooterV1TroubleshootIamPolicyRequest - description: Request for TroubleshootIamPolicy. - type: object - properties: - accessTuple: - description: >- - The information to use for checking whether a principal has a - permission for a resource. - $ref: '#/components/schemas/GoogleCloudPolicytroubleshooterV1AccessTuple' - GoogleCloudPolicytroubleshooterV1AccessTuple: - id: GoogleCloudPolicytroubleshooterV1AccessTuple - description: Information about the principal, resource, and permission to check. - type: object - properties: - principal: - description: >- - Required. The principal whose access you want to check, in the form - of the email address that represents that principal. For example, - `alice@example.com` or - `my-service-account@my-project.iam.gserviceaccount.com`. The - principal must be a Google Account or a service account. Other types - of principals are not supported. - type: string - fullResourceName: - description: >- - Required. The full resource name that identifies the resource. For - example, - `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`. - For examples of full resource names for Google Cloud services, see - https://cloud.google.com/iam/help/troubleshooter/full-resource-names. - type: string - permission: - description: >- - Required. The IAM permission to check for the specified principal - and resource. For a complete list of IAM permissions, see - https://cloud.google.com/iam/help/permissions/reference. For a - complete list of predefined IAM roles and the permissions in each - role, see https://cloud.google.com/iam/help/roles/reference. - type: string GoogleCloudPolicytroubleshooterV1TroubleshootIamPolicyResponse: id: GoogleCloudPolicytroubleshooterV1TroubleshootIamPolicyResponse description: Response for TroubleshootIamPolicy. type: object properties: - access: + explainedPolicies: + items: + $ref: >- + #/components/schemas/GoogleCloudPolicytroubleshooterV1ExplainedPolicy description: >- - Indicates whether the principal has the specified permission for the - specified resource, based on evaluating all of the applicable IAM - policies. + List of IAM policies that were evaluated to check the principal's + permissions, with annotations to indicate how each policy + contributed to the final result. The list of policies can include + the policy for the resource itself. It can also include policies + that are inherited from higher levels of the resource hierarchy, + including the organization, the folder, and the project. To learn + more about the resource hierarchy, see + https://cloud.google.com/iam/help/resource-hierarchy. + type: array + errors: + items: + $ref: '#/components/schemas/GoogleRpcStatus' + description: The general errors contained in the troubleshooting response. + type: array + access: type: string enumDescriptions: - Default value. This value is unused. @@ -95,36 +70,169 @@ components: - >- The sender of the request does not have access to all of the policies that Policy Troubleshooter needs to evaluate. + description: >- + Indicates whether the principal has the specified permission for the + specified resource, based on evaluating all of the applicable IAM + policies. enum: - ACCESS_STATE_UNSPECIFIED - GRANTED - NOT_GRANTED - UNKNOWN_CONDITIONAL - UNKNOWN_INFO_DENIED - explainedPolicies: + GoogleCloudPolicytroubleshooterV1BindingExplanation: + description: >- + Details about how a binding in a policy affects a principal's ability to + use a permission. + type: object + properties: + rolePermissionRelevance: description: >- - List of IAM policies that were evaluated to check the principal's - permissions, with annotations to indicate how each policy - contributed to the final result. The list of policies can include - the policy for the resource itself. It can also include policies - that are inherited from higher levels of the resource hierarchy, - including the organization, the folder, and the project. To learn - more about the resource hierarchy, see - https://cloud.google.com/iam/help/resource-hierarchy. - type: array - items: + The relevance of the permission's existence, or nonexistence, in the + role to the overall determination for the entire policy. + type: string + enum: + - HEURISTIC_RELEVANCE_UNSPECIFIED + - NORMAL + - HIGH + enumDescriptions: + - Default value. This value is unused. + - >- + The data point has a limited effect on the result. Changing the + data point is unlikely to affect the overall determination. + - >- + The data point has a strong effect on the result. Changing the + data point is likely to affect the overall determination. + role: + description: >- + The role that this binding grants. For example, + `roles/compute.serviceAgent`. For a complete list of predefined IAM + roles, as well as the permissions in each role, see + https://cloud.google.com/iam/help/roles/reference. + type: string + access: + type: string + enum: + - ACCESS_STATE_UNSPECIFIED + - GRANTED + - NOT_GRANTED + - UNKNOWN_CONDITIONAL + - UNKNOWN_INFO_DENIED + description: >- + Required. Indicates whether _this binding_ provides the specified + permission to the specified principal for the specified resource. + This field does _not_ indicate whether the principal actually has + the permission for the resource. There might be another binding that + overrides this binding. To determine whether the principal actually + has the permission, use the `access` field in the + TroubleshootIamPolicyResponse. + enumDescriptions: + - Default value. This value is unused. + - The principal has the permission. + - The principal does not have the permission. + - >- + The principal has the permission only if a condition expression + evaluates to `true`. + - >- + The sender of the request does not have access to all of the + policies that Policy Troubleshooter needs to evaluate. + memberships: + additionalProperties: $ref: >- - #/components/schemas/GoogleCloudPolicytroubleshooterV1ExplainedPolicy - errors: - description: The general errors contained in the troubleshooting response. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' + #/components/schemas/GoogleCloudPolicytroubleshooterV1BindingExplanationAnnotatedMembership + type: object + description: >- + Indicates whether each principal in the binding includes the + principal specified in the request, either directly or indirectly. + Each key identifies a principal in the binding, and each value + indicates whether the principal in the binding includes the + principal in the request. For example, suppose that a binding + includes the following principals: * `user:alice@example.com` * + `group:product-eng@example.com` You want to troubleshoot access for + `user:bob@example.com`. This user is a principal of the group + `group:product-eng@example.com`. For the first principal in the + binding, the key is `user:alice@example.com`, and the `membership` + field in the value is set to `MEMBERSHIP_NOT_INCLUDED`. For the + second principal in the binding, the key is + `group:product-eng@example.com`, and the `membership` field in the + value is set to `MEMBERSHIP_INCLUDED`. + relevance: + enumDescriptions: + - Default value. This value is unused. + - >- + The data point has a limited effect on the result. Changing the + data point is unlikely to affect the overall determination. + - >- + The data point has a strong effect on the result. Changing the + data point is likely to affect the overall determination. + type: string + enum: + - HEURISTIC_RELEVANCE_UNSPECIFIED + - NORMAL + - HIGH + description: >- + The relevance of this binding to the overall determination for the + entire policy. + condition: + $ref: '#/components/schemas/GoogleTypeExpr' + description: >- + A condition expression that prevents this binding from granting + access unless the expression evaluates to `true`. To learn about IAM + Conditions, see + https://cloud.google.com/iam/help/conditions/overview. + rolePermission: + enum: + - ROLE_PERMISSION_UNSPECIFIED + - ROLE_PERMISSION_INCLUDED + - ROLE_PERMISSION_NOT_INCLUDED + - ROLE_PERMISSION_UNKNOWN_INFO_DENIED + enumDescriptions: + - Default value. This value is unused. + - The permission is included in the role. + - The permission is not included in the role. + - The sender of the request is not allowed to access the binding. + description: >- + Indicates whether the role granted by this binding contains the + specified permission. + type: string + id: GoogleCloudPolicytroubleshooterV1BindingExplanation GoogleCloudPolicytroubleshooterV1ExplainedPolicy: - id: GoogleCloudPolicytroubleshooterV1ExplainedPolicy - description: Details about how a specific IAM Policy contributed to the access check. type: object + id: GoogleCloudPolicytroubleshooterV1ExplainedPolicy properties: + relevance: + description: >- + The relevance of this policy to the overall determination in the + TroubleshootIamPolicyResponse. If the sender of the request does not + have access to the policy, this field is omitted. + enumDescriptions: + - Default value. This value is unused. + - >- + The data point has a limited effect on the result. Changing the + data point is unlikely to affect the overall determination. + - >- + The data point has a strong effect on the result. Changing the + data point is likely to affect the overall determination. + type: string + enum: + - HEURISTIC_RELEVANCE_UNSPECIFIED + - NORMAL + - HIGH + bindingExplanations: + type: array + description: >- + Details about how each binding in the policy affects the principal's + ability, or inability, to use the permission for the resource. If + the sender of the request does not have access to the policy, this + field is omitted. + items: + $ref: >- + #/components/schemas/GoogleCloudPolicytroubleshooterV1BindingExplanation + policy: + description: >- + The IAM policy attached to the resource. If the sender of the + request does not have access to the policy, this field is empty. + $ref: '#/components/schemas/GoogleIamV1Policy' access: description: >- Indicates whether _this policy_ provides the specified permission to @@ -134,7 +242,6 @@ components: policy. To determine whether the principal actually has the permission, use the `access` field in the TroubleshootIamPolicyResponse. - type: string enumDescriptions: - Default value. This value is unused. - The principal has the permission. @@ -151,7 +258,9 @@ components: - NOT_GRANTED - UNKNOWN_CONDITIONAL - UNKNOWN_INFO_DENIED + type: string fullResourceName: + type: string description: >- The full resource name that identifies the resource. For example, `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`. @@ -159,27 +268,35 @@ components: this field is omitted. For examples of full resource names for Google Cloud services, see https://cloud.google.com/iam/help/troubleshooter/full-resource-names. + description: Details about how a specific IAM Policy contributed to the access check. + GoogleCloudPolicytroubleshooterV1BindingExplanationAnnotatedMembership: + properties: + membership: type: string - policy: - description: >- - The IAM policy attached to the resource. If the sender of the - request does not have access to the policy, this field is empty. - $ref: '#/components/schemas/GoogleIamV1Policy' - bindingExplanations: - description: >- - Details about how each binding in the policy affects the principal's - ability, or inability, to use the permission for the resource. If - the sender of the request does not have access to the policy, this - field is omitted. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudPolicytroubleshooterV1BindingExplanation + enum: + - MEMBERSHIP_UNSPECIFIED + - MEMBERSHIP_INCLUDED + - MEMBERSHIP_NOT_INCLUDED + - MEMBERSHIP_UNKNOWN_INFO_DENIED + - MEMBERSHIP_UNKNOWN_UNSUPPORTED + enumDescriptions: + - Default value. This value is unused. + - >- + The binding includes the principal. The principal can be included + directly or indirectly. For example: * A principal is included + directly if that principal is listed in the binding. * A principal + is included indirectly if that principal is in a Google group or + Google Workspace domain that is listed in the binding. + - The binding does not include the principal. + - The sender of the request is not allowed to access the binding. + - >- + The principal is an unsupported type. Only Google Accounts and + service accounts are supported. + description: Indicates whether the binding includes the principal. relevance: description: >- - The relevance of this policy to the overall determination in the - TroubleshootIamPolicyResponse. If the sender of the request does not - have access to the policy, this field is omitted. + The relevance of the principal's status to the overall determination + for the binding. type: string enumDescriptions: - Default value. This value is unused. @@ -193,114 +310,25 @@ components: - HEURISTIC_RELEVANCE_UNSPECIFIED - NORMAL - HIGH - GoogleIamV1Policy: - id: GoogleIamV1Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + id: GoogleCloudPolicytroubleshooterV1BindingExplanationAnnotatedMembership type: object - properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: - description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/GoogleIamV1Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. - type: array - items: - $ref: '#/components/schemas/GoogleIamV1AuditConfig' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte + description: Details about whether the binding includes the principal. GoogleIamV1Binding: id: GoogleIamV1Binding - description: Associates `members`, or principals, with a `role`. - type: object properties: - role: + condition: + $ref: '#/components/schemas/GoogleTypeExpr' description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). members: + type: array description: >- Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A @@ -360,64 +388,50 @@ components: `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array items: type: string - condition: + role: + type: string description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/GoogleTypeExpr' - GoogleTypeExpr: - id: GoogleTypeExpr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + description: Associates `members`, or principals, with a `role`. type: object + GoogleCloudPolicytroubleshooterV1AccessTuple: + id: GoogleCloudPolicytroubleshooterV1AccessTuple + description: Information about the principal, resource, and permission to check. properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. + fullResourceName: type: string - title: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. - type: string - description: + Required. The full resource name that identifies the resource. For + example, + `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`. + For examples of full resource names for Google Cloud services, see + https://cloud.google.com/iam/help/troubleshooter/full-resource-names. + principal: description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + Required. The principal whose access you want to check, in the form + of the email address that represents that principal. For example, + `alice@example.com` or + `my-service-account@my-project.iam.gserviceaccount.com`. The + principal must be a Google Account or a service account. Other types + of principals are not supported. type: string - location: - description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + permission: type: string + description: >- + Required. The IAM permission to check for the specified principal + and resource. For a complete list of IAM permissions, see + https://cloud.google.com/iam/help/permissions/reference. For a + complete list of predefined IAM roles and the permissions in each + role, see https://cloud.google.com/iam/help/roles/reference. + type: object GoogleIamV1AuditConfig: - id: GoogleIamV1AuditConfig description: >- Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if @@ -436,211 +450,126 @@ components: enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging. - type: object properties: + auditLogConfigs: + items: + $ref: '#/components/schemas/GoogleIamV1AuditLogConfig' + description: The configuration for logging of each type of permission. + type: array service: description: >- Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services. type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/GoogleIamV1AuditLogConfig' - GoogleIamV1AuditLogConfig: - id: GoogleIamV1AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. + id: GoogleIamV1AuditConfig type: object + GoogleCloudPolicytroubleshooterV1TroubleshootIamPolicyRequest: + id: GoogleCloudPolicytroubleshooterV1TroubleshootIamPolicyRequest properties: - logType: - description: The log type that this config enables. - type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: + accessTuple: + $ref: '#/components/schemas/GoogleCloudPolicytroubleshooterV1AccessTuple' description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: - type: string - GoogleCloudPolicytroubleshooterV1BindingExplanation: - id: GoogleCloudPolicytroubleshooterV1BindingExplanation - description: >- - Details about how a binding in a policy affects a principal's ability to - use a permission. + The information to use for checking whether a principal has a + permission for a resource. type: object + description: Request for TroubleshootIamPolicy. + GoogleIamV1Policy: + type: object + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + id: GoogleIamV1Policy properties: - access: - description: >- - Required. Indicates whether _this binding_ provides the specified - permission to the specified principal for the specified resource. - This field does _not_ indicate whether the principal actually has - the permission for the resource. There might be another binding that - overrides this binding. To determine whether the principal actually - has the permission, use the `access` field in the - TroubleshootIamPolicyResponse. - type: string - enumDescriptions: - - Default value. This value is unused. - - The principal has the permission. - - The principal does not have the permission. - - >- - The principal has the permission only if a condition expression - evaluates to `true`. - - >- - The sender of the request does not have access to all of the - policies that Policy Troubleshooter needs to evaluate. - enum: - - ACCESS_STATE_UNSPECIFIED - - GRANTED - - NOT_GRANTED - - UNKNOWN_CONDITIONAL - - UNKNOWN_INFO_DENIED - role: - description: >- - The role that this binding grants. For example, - `roles/compute.serviceAgent`. For a complete list of predefined IAM - roles, as well as the permissions in each role, see - https://cloud.google.com/iam/help/roles/reference. - type: string - rolePermission: - description: >- - Indicates whether the role granted by this binding contains the - specified permission. - type: string - enumDescriptions: - - Default value. This value is unused. - - The permission is included in the role. - - The permission is not included in the role. - - The sender of the request is not allowed to access the binding. - enum: - - ROLE_PERMISSION_UNSPECIFIED - - ROLE_PERMISSION_INCLUDED - - ROLE_PERMISSION_NOT_INCLUDED - - ROLE_PERMISSION_UNKNOWN_INFO_DENIED - rolePermissionRelevance: - description: >- - The relevance of the permission's existence, or nonexistence, in the - role to the overall determination for the entire policy. - type: string - enumDescriptions: - - Default value. This value is unused. - - >- - The data point has a limited effect on the result. Changing the - data point is unlikely to affect the overall determination. - - >- - The data point has a strong effect on the result. Changing the - data point is likely to affect the overall determination. - enum: - - HEURISTIC_RELEVANCE_UNSPECIFIED - - NORMAL - - HIGH - memberships: - description: >- - Indicates whether each principal in the binding includes the - principal specified in the request, either directly or indirectly. - Each key identifies a principal in the binding, and each value - indicates whether the principal in the binding includes the - principal in the request. For example, suppose that a binding - includes the following principals: * `user:alice@example.com` * - `group:product-eng@example.com` You want to troubleshoot access for - `user:bob@example.com`. This user is a principal of the group - `group:product-eng@example.com`. For the first principal in the - binding, the key is `user:alice@example.com`, and the `membership` - field in the value is set to `MEMBERSHIP_NOT_INCLUDED`. For the - second principal in the binding, the key is - `group:product-eng@example.com`, and the `membership` field in the - value is set to `MEMBERSHIP_INCLUDED`. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudPolicytroubleshooterV1BindingExplanationAnnotatedMembership - relevance: + version: + format: int32 description: >- - The relevance of this binding to the overall determination for the - entire policy. - type: string - enumDescriptions: - - Default value. This value is unused. - - >- - The data point has a limited effect on the result. Changing the - data point is unlikely to affect the overall determination. - - >- - The data point has a strong effect on the result. Changing the - data point is likely to affect the overall determination. - enum: - - HEURISTIC_RELEVANCE_UNSPECIFIED - - NORMAL - - HIGH - condition: + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + type: integer + bindings: description: >- - A condition expression that prevents this binding from granting - access unless the expression evaluates to `true`. To learn about IAM - Conditions, see - https://cloud.google.com/iam/help/conditions/overview. - $ref: '#/components/schemas/GoogleTypeExpr' - GoogleCloudPolicytroubleshooterV1BindingExplanationAnnotatedMembership: - id: GoogleCloudPolicytroubleshooterV1BindingExplanationAnnotatedMembership - description: Details about whether the binding includes the principal. - type: object - properties: - membership: - description: Indicates whether the binding includes the principal. + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + items: + $ref: '#/components/schemas/GoogleIamV1Binding' + type: array + etag: type: string - enumDescriptions: - - Default value. This value is unused. - - >- - The binding includes the principal. The principal can be included - directly or indirectly. For example: * A principal is included - directly if that principal is listed in the binding. * A principal - is included indirectly if that principal is in a Google group or - Google Workspace domain that is listed in the binding. - - The binding does not include the principal. - - The sender of the request is not allowed to access the binding. - - >- - The principal is an unsupported type. Only Google Accounts and - service accounts are supported. - enum: - - MEMBERSHIP_UNSPECIFIED - - MEMBERSHIP_INCLUDED - - MEMBERSHIP_NOT_INCLUDED - - MEMBERSHIP_UNKNOWN_INFO_DENIED - - MEMBERSHIP_UNKNOWN_UNSUPPORTED - relevance: + format: byte description: >- - The relevance of the principal's status to the overall determination - for the binding. - type: string - enumDescriptions: - - Default value. This value is unused. - - >- - The data point has a limited effect on the result. Changing the - data point is unlikely to affect the overall determination. - - >- - The data point has a strong effect on the result. Changing the - data point is likely to affect the overall determination. - enum: - - HEURISTIC_RELEVANCE_UNSPECIFIED - - NORMAL - - HIGH + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + auditConfigs: + description: Specifies cloud audit logging configuration for this policy. + type: array + items: + $ref: '#/components/schemas/GoogleIamV1AuditConfig' GoogleRpcStatus: id: GoogleRpcStatus + type: object description: >- The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It @@ -649,51 +578,106 @@ components: details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). - type: object properties: code: + format: int32 description: The status code, which should be an enum value of google.rpc.Code. type: integer - format: int32 + details: + type: array + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. message: description: >- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + GoogleIamV1AuditLogConfig: + id: GoogleIamV1AuditLogConfig + type: object + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + properties: + exemptedMembers: type: array + description: >- + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + type: string + logType: + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + description: The log type that this config enables. + type: string + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + GoogleTypeExpr: + properties: + location: + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: string + expression: + type: string + description: >- + Textual representation of an expression in Common Expression + Language syntax. + title: + type: string + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + description: + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + id: GoogleTypeExpr + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + type: object parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: callback + name: prettyPrint schema: - type: string + type: boolean fields: description: Selector specifying which fields to include in a partial response. in: query @@ -715,19 +699,10 @@ components: name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + access_token: + description: OAuth access token. in: query - name: quotaUser + name: access_token schema: type: string upload_protocol: @@ -736,10 +711,20 @@ components: name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + alt: + description: Data format for response. in: query - name: uploadType + name: alt + schema: + type: string + enum: + - json + - media + - proto + callback: + description: JSONP + in: query + name: callback schema: type: string _.xgafv: @@ -751,6 +736,21 @@ components: enum: - '1' - '2' + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string x-stackQL-resources: iam: id: google.policytroubleshooter.iam @@ -772,17 +772,17 @@ components: paths: /v1/iam:troubleshoot: parameters: - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/quotaUser' post: description: >- Checks whether a principal has a specific permission for a specific diff --git a/providers/src/googleapis.com/v00.00.00000/services/pollen.yaml b/providers/src/googleapis.com/v00.00.00000/services/pollen.yaml index 6f15126c..c43c6289 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/pollen.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/pollen.yaml @@ -7,8 +7,8 @@ info: title: Pollen API description: 'The Pollen API. ' version: v1 - x-discovery-doc-revision: '20250826' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251208' + x-generated-date: '2025-12-10' externalDocs: url: https://developers.google.com/maps/documentation/pollen servers: @@ -34,53 +34,88 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - LookupForecastResponse: - id: LookupForecastResponse - type: object + HttpBody: properties: - regionCode: - description: >- - The ISO_3166-1 alpha-2 code of the country/region corresponding to - the location provided in the request. This field might be omitted - from the response if the location provided in the request resides in - a disputed territory. + data: type: string - dailyInfo: + format: byte + description: The HTTP request/response body as raw binary. + extensions: description: >- - Required. This object contains the daily forecast information for - each day requested. - type: array + Application specific response metadata. Must be set in the first + response for streaming APIs. items: - $ref: '#/components/schemas/DayInfo' - nextPageToken: - description: Optional. The token to retrieve the next page. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: array + contentType: + description: >- + The HTTP Content-Type header value specifying the content type of + the body. type: string - DayInfo: - id: DayInfo - description: >- - This object contains the daily forecast information for each day - requested. type: object + id: HttpBody + description: >- + Message that represents an arbitrary HTTP body. It should only be used + for payload formats that can't be represented as JSON, such as raw + binary or an HTML page. This message can be used both in streaming and + non-streaming API methods in the request as well as the response. It can + be used as a top-level request field, which is convenient if one wants + to extract parameters from either the URL or HTTP template into the + request fields and also want access to the raw HTTP body. Example: + message GetResourceRequest { // A unique request id. string request_id = + 1; // The raw HTTP body is bound to this field. google.api.HttpBody + http_body = 2; } service ResourceService { rpc + GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc + UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } + Example with streaming methods: service CaldavService { rpc + GetCalendar(stream google.api.HttpBody) returns (stream + google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) + returns (stream google.api.HttpBody); } Use of this type only changes + how the request and response bodies are handled, all other features will + continue to work unchanged. + IndexInfo: properties: - date: - description: The date in UTC at which the pollen forecast data is represented. - $ref: '#/components/schemas/Date' - pollenTypeInfo: + value: + format: int32 + description: The index's numeric score. Numeric range is between 0 and 5. + type: integer + category: description: >- - This list will include up to three pollen types (GRASS, WEED, TREE) - affecting the location specified in the request. - type: array - items: - $ref: '#/components/schemas/PollenTypeInfo' - plantInfo: + Text classification of index numerical score interpretation. The + index consists of six categories: * 0: "None" * 1: "Very low" * 2: + "Low" * 3: "Moderate" * 4: "High" * 5: "Very high + type: string + indexDescription: + description: Textual explanation of current index level. + type: string + displayName: + type: string description: >- - This list will include up to 15 pollen species affecting the - location specified in the request. - type: array - items: - $ref: '#/components/schemas/PlantInfo' + A human readable representation of the index name. Example: + "Universal Pollen Index". + color: + description: The color used to represent the Pollen Index numeric score. + $ref: '#/components/schemas/Color' + code: + type: string + description: >- + The index's code. This field represents the index for programming + purposes by using snake cases instead of spaces. Example: "UPI". + enum: + - INDEX_UNSPECIFIED + - UPI + enumDescriptions: + - Unspecified index. + - Universal Pollen Index. + id: IndexInfo + description: >- + This object contains data representing specific pollen index value, + category and description. + type: object Date: - id: Date description: >- Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are @@ -91,58 +126,83 @@ components: * A year and month, with a zero day (for example, a credit card expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp + id: Date type: object properties: - year: - description: >- - Year of the date. Must be from 1 to 9999, or 0 to specify a date - without a year. - type: integer - format: int32 month: + format: int32 + type: integer description: >- Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day. - type: integer + year: format: int32 + type: integer + description: >- + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. day: description: >- Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant. - type: integer format: int32 + type: integer + DayInfo: + description: >- + This object contains the daily forecast information for each day + requested. + id: DayInfo + type: object + properties: + pollenTypeInfo: + type: array + description: >- + This list will include up to three pollen types (GRASS, WEED, TREE) + affecting the location specified in the request. + items: + $ref: '#/components/schemas/PollenTypeInfo' + plantInfo: + type: array + items: + $ref: '#/components/schemas/PlantInfo' + description: >- + This list will include up to 15 pollen species affecting the + location specified in the request. + date: + description: The date in UTC at which the pollen forecast data is represented. + $ref: '#/components/schemas/Date' PollenTypeInfo: - id: PollenTypeInfo description: >- This object contains the pollen type index and health recommendation information on specific pollen type. type: object + id: PollenTypeInfo properties: + indexInfo: + $ref: '#/components/schemas/IndexInfo' + description: Contains the Universal Pollen Index (UPI) data for the pollen type. code: - description: 'The pollen type''s code name. For example: "GRASS"' type: string - enumDescriptions: - - Unspecified plant type. - - Grass pollen type. - - Tree pollen type. - - Weed pollen type. + description: 'The pollen type''s code name. For example: "GRASS"' enum: - POLLEN_TYPE_UNSPECIFIED - GRASS - TREE - WEED + enumDescriptions: + - Unspecified plant type. + - Grass pollen type. + - Tree pollen type. + - Weed pollen type. + inSeason: + type: boolean + description: Indication whether the plant is in season or not. displayName: description: >- A human readable representation of the pollen type name. Example: "Grass" type: string - inSeason: - description: Indication whether the plant is in season or not. - type: boolean - indexInfo: - description: Contains the Universal Pollen Index (UPI) data for the pollen type. - $ref: '#/components/schemas/IndexInfo' healthRecommendations: description: >- Textual list of explanations, related to health insights based on @@ -150,155 +210,28 @@ components: type: array items: type: string - IndexInfo: - id: IndexInfo - description: >- - This object contains data representing specific pollen index value, - category and description. + PlantInfo: + description: This object contains the daily information on specific plant. type: object + id: PlantInfo properties: - code: - description: >- - The index's code. This field represents the index for programming - purposes by using snake cases instead of spaces. Example: "UPI". - type: string - enumDescriptions: - - Unspecified index. - - Universal Pollen Index. - enum: - - INDEX_UNSPECIFIED - - UPI displayName: description: >- - A human readable representation of the index name. Example: - "Universal Pollen Index". + A human readable representation of the plant name. Example: + “Cottonwood". type: string - value: - description: The index's numeric score. Numeric range is between 0 and 5. - type: integer - format: int32 - category: + indexInfo: description: >- - Text classification of index numerical score interpretation. The - index consists of six categories: * 0: "None" * 1: "Very low" * 2: - "Low" * 3: "Moderate" * 4: "High" * 5: "Very high - type: string - indexDescription: - description: Textual explanation of current index level. - type: string - color: - description: The color used to represent the Pollen Index numeric score. - $ref: '#/components/schemas/Color' - Color: - id: Color - description: >- - Represents a color in the RGBA color space. This representation is - designed for simplicity of conversion to and from color representations - in various languages over compactness. For example, the fields of this - representation can be trivially provided to the constructor of - `java.awt.Color` in Java; it can also be trivially provided to UIColor's - `+colorWithRed:green:blue:alpha` method in iOS; and, with just a little - work, it can be easily formatted into a CSS `rgba()` string in - JavaScript. This reference page doesn't have information about the - absolute color space that should be used to interpret the RGB value—for - example, sRGB, Adobe RGB, DCI-P3, and BT.2020. By default, applications - should assume the sRGB color space. When color equality needs to be - decided, implementations, unless documented otherwise, treat two colors - as equal if all their red, green, blue, and alpha values each differ by - at most `1e-5`. Example (Java): import com.google.type.Color; // ... - public static java.awt.Color fromProto(Color protocolor) { float alpha = - protocolor.hasAlpha() ? protocolor.getAlpha().getValue() : 1.0; return - new java.awt.Color( protocolor.getRed(), protocolor.getGreen(), - protocolor.getBlue(), alpha); } public static Color - toProto(java.awt.Color color) { float red = (float) color.getRed(); - float green = (float) color.getGreen(); float blue = (float) - color.getBlue(); float denominator = 255.0; Color.Builder resultBuilder - = Color .newBuilder() .setRed(red / denominator) .setGreen(green / - denominator) .setBlue(blue / denominator); int alpha = color.getAlpha(); - if (alpha != 255) { result.setAlpha( FloatValue .newBuilder() - .setValue(((float) alpha) / denominator) .build()); } return - resultBuilder.build(); } // ... Example (iOS / Obj-C): // ... static - UIColor* fromProto(Color* protocolor) { float red = [protocolor red]; - float green = [protocolor green]; float blue = [protocolor blue]; - FloatValue* alpha_wrapper = [protocolor alpha]; float alpha = 1.0; if - (alpha_wrapper != nil) { alpha = [alpha_wrapper value]; } return - [UIColor colorWithRed:red green:green blue:blue alpha:alpha]; } static - Color* toProto(UIColor* color) { CGFloat red, green, blue, alpha; if - (![color getRed:&red green:&green blue:&blue alpha:&alpha]) { return - nil; } Color* result = [[Color alloc] init]; [result setRed:red]; - [result setGreen:green]; [result setBlue:blue]; if (alpha <= 0.9999) { - [result setAlpha:floatWrapperWithValue(alpha)]; } [result autorelease]; - return result; } // ... Example (JavaScript): // ... var protoToCssColor - = function(rgb_color) { var redFrac = rgb_color.red || 0.0; var - greenFrac = rgb_color.green || 0.0; var blueFrac = rgb_color.blue || - 0.0; var red = Math.floor(redFrac * 255); var green = - Math.floor(greenFrac * 255); var blue = Math.floor(blueFrac * 255); if - (!('alpha' in rgb_color)) { return rgbToCssColor(red, green, blue); } - var alphaFrac = rgb_color.alpha.value || 0.0; var rgbParams = [red, - green, blue].join(','); return ['rgba(', rgbParams, ',', alphaFrac, - ')'].join(''); }; var rgbToCssColor = function(red, green, blue) { var - rgbNumber = new Number((red << 16) | (green << 8) | blue); var hexString - = rgbNumber.toString(16); var missingZeros = 6 - hexString.length; var - resultBuilder = ['#']; for (var i = 0; i < missingZeros; i++) { - resultBuilder.push('0'); } resultBuilder.push(hexString); return - resultBuilder.join(''); }; // ... - type: object - properties: - red: - description: The amount of red in the color as a value in the interval [0, 1]. - type: number - format: float - green: - description: The amount of green in the color as a value in the interval [0, 1]. - type: number - format: float - blue: - description: The amount of blue in the color as a value in the interval [0, 1]. - type: number - format: float - alpha: + This object contains data representing specific pollen index value, + category and description. + $ref: '#/components/schemas/IndexInfo' + plantDescription: description: >- - The fraction of this color that should be applied to the pixel. That - is, the final pixel color is defined by the equation: `pixel color = - alpha * (this color) + (1.0 - alpha) * (background color)` This - means that a value of 1.0 corresponds to a solid color, whereas a - value of 0.0 corresponds to a completely transparent color. This - uses a wrapper message rather than a simple float scalar so that it - is possible to distinguish between a default value and the value - being unset. If omitted, this color object is rendered as a solid - color (as if the alpha value had been explicitly given a value of - 1.0). - type: number - format: float - PlantInfo: - id: PlantInfo - description: This object contains the daily information on specific plant. - type: object - properties: + Contains general information about plants, including details on + their seasonality, special shapes and colors, information about + allergic cross-reactions, and plant photos. + $ref: '#/components/schemas/PlantDescription' code: - description: >- - The plant code name. For example: "COTTONWOOD". A list of all - available codes could be found here. - type: string - enumDescriptions: - - Unspecified plant code. - - Alder is classified as a tree pollen type. - - Ash is classified as a tree pollen type. - - Birch is classified as a tree pollen type. - - Cottonwood is classified as a tree pollen type. - - Elm is classified as a tree pollen type. - - Maple is classified as a tree pollen type. - - Olive is classified as a tree pollen type. - - Juniper is classified as a tree pollen type. - - Oak is classified as a tree pollen type. - - Pine is classified as a tree pollen type. - - Cypress pine is classified as a tree pollen type. - - Hazel is classified as a tree pollen type. - - Graminales is classified as a grass pollen type. - - Ragweed is classified as a weed pollen type. - - Mugwort is classified as a weed pollen type. - - Japanese cedar is classified as a tree pollen type. - - Japanese cypress is classified as a tree pollen type. enum: - PLANT_UNSPECIFIED - ALDER @@ -318,148 +251,202 @@ components: - MUGWORT - JAPANESE_CEDAR - JAPANESE_CYPRESS - displayName: - description: >- - A human readable representation of the plant name. Example: - “Cottonwood". + enumDescriptions: + - Unspecified plant code. + - Alder is classified as a tree pollen type. + - Ash is classified as a tree pollen type. + - Birch is classified as a tree pollen type. + - Cottonwood is classified as a tree pollen type. + - Elm is classified as a tree pollen type. + - Maple is classified as a tree pollen type. + - Olive is classified as a tree pollen type. + - Juniper is classified as a tree pollen type. + - Oak is classified as a tree pollen type. + - Pine is classified as a tree pollen type. + - Cypress pine is classified as a tree pollen type. + - Hazel is classified as a tree pollen type. + - Graminales is classified as a grass pollen type. + - Ragweed is classified as a weed pollen type. + - Mugwort is classified as a weed pollen type. + - Japanese cedar is classified as a tree pollen type. + - Japanese cypress is classified as a tree pollen type. type: string + description: >- + The plant code name. For example: "COTTONWOOD". A list of all + available codes could be found here. inSeason: description: Indication of either the plant is in season or not. type: boolean - indexInfo: - description: >- - This object contains data representing specific pollen index value, - category and description. - $ref: '#/components/schemas/IndexInfo' - plantDescription: + Color: + id: Color + properties: + green: + format: float + description: The amount of green in the color as a value in the interval [0, 1]. + type: number + alpha: description: >- - Contains general information about plants, including details on - their seasonality, special shapes and colors, information about - allergic cross-reactions, and plant photos. - $ref: '#/components/schemas/PlantDescription' + The fraction of this color that should be applied to the pixel. That + is, the final pixel color is defined by the equation: `pixel color = + alpha * (this color) + (1.0 - alpha) * (background color)` This + means that a value of 1.0 corresponds to a solid color, whereas a + value of 0.0 corresponds to a completely transparent color. This + uses a wrapper message rather than a simple float scalar so that it + is possible to distinguish between a default value and the value + being unset. If omitted, this color object is rendered as a solid + color (as if the alpha value had been explicitly given a value of + 1.0). + type: number + format: float + red: + type: number + description: The amount of red in the color as a value in the interval [0, 1]. + format: float + blue: + description: The amount of blue in the color as a value in the interval [0, 1]. + format: float + type: number + description: >- + Represents a color in the RGBA color space. This representation is + designed for simplicity of conversion to and from color representations + in various languages over compactness. For example, the fields of this + representation can be trivially provided to the constructor of + `java.awt.Color` in Java; it can also be trivially provided to UIColor's + `+colorWithRed:green:blue:alpha` method in iOS; and, with just a little + work, it can be easily formatted into a CSS `rgba()` string in + JavaScript. This reference page doesn't have information about the + absolute color space that should be used to interpret the RGB value—for + example, sRGB, Adobe RGB, DCI-P3, and BT.2020. By default, applications + should assume the sRGB color space. When color equality needs to be + decided, implementations, unless documented otherwise, treat two colors + as equal if all their red, green, blue, and alpha values each differ by + at most `1e-5`. Example (Java): import com.google.type.Color; // ... + public static java.awt.Color fromProto(Color protocolor) { float alpha = + protocolor.hasAlpha() ? protocolor.getAlpha().getValue() : 1.0; return + new java.awt.Color( protocolor.getRed(), protocolor.getGreen(), + protocolor.getBlue(), alpha); } public static Color + toProto(java.awt.Color color) { float red = (float) color.getRed(); + float green = (float) color.getGreen(); float blue = (float) + color.getBlue(); float denominator = 255.0; Color.Builder resultBuilder + = Color .newBuilder() .setRed(red / denominator) .setGreen(green / + denominator) .setBlue(blue / denominator); int alpha = color.getAlpha(); + if (alpha != 255) { result.setAlpha( FloatValue .newBuilder() + .setValue(((float) alpha) / denominator) .build()); } return + resultBuilder.build(); } // ... Example (iOS / Obj-C): // ... static + UIColor* fromProto(Color* protocolor) { float red = [protocolor red]; + float green = [protocolor green]; float blue = [protocolor blue]; + FloatValue* alpha_wrapper = [protocolor alpha]; float alpha = 1.0; if + (alpha_wrapper != nil) { alpha = [alpha_wrapper value]; } return + [UIColor colorWithRed:red green:green blue:blue alpha:alpha]; } static + Color* toProto(UIColor* color) { CGFloat red, green, blue, alpha; if + (![color getRed:&red green:&green blue:&blue alpha:&alpha]) { return + nil; } Color* result = [[Color alloc] init]; [result setRed:red]; + [result setGreen:green]; [result setBlue:blue]; if (alpha <= 0.9999) { + [result setAlpha:floatWrapperWithValue(alpha)]; } [result autorelease]; + return result; } // ... Example (JavaScript): // ... var protoToCssColor + = function(rgb_color) { var redFrac = rgb_color.red || 0.0; var + greenFrac = rgb_color.green || 0.0; var blueFrac = rgb_color.blue || + 0.0; var red = Math.floor(redFrac * 255); var green = + Math.floor(greenFrac * 255); var blue = Math.floor(blueFrac * 255); if + (!('alpha' in rgb_color)) { return rgbToCssColor(red, green, blue); } + var alphaFrac = rgb_color.alpha.value || 0.0; var rgbParams = [red, + green, blue].join(','); return ['rgba(', rgbParams, ',', alphaFrac, + ')'].join(''); }; var rgbToCssColor = function(red, green, blue) { var + rgbNumber = new Number((red << 16) | (green << 8) | blue); var hexString + = rgbNumber.toString(16); var missingZeros = 6 - hexString.length; var + resultBuilder = ['#']; for (var i = 0; i < missingZeros; i++) { + resultBuilder.push('0'); } resultBuilder.push(hexString); return + resultBuilder.join(''); }; // ... + type: object PlantDescription: id: PlantDescription + type: object description: >- Contains general information about plants, including details on their seasonality, special shapes and colors, information about allergic cross-reactions, and plant photos. - type: object properties: - type: + season: + type: string description: >- - The plant's pollen type. For example: "GRASS". A list of all - available codes could be found here. + Textual list of explanations of seasons where the pollen is active. + Example: "Late winter, spring". + pictureCloseup: + description: Link to a closeup picture of the plant. type: string - enumDescriptions: - - Unspecified plant type. - - Grass pollen type. - - Tree pollen type. - - Weed pollen type. - enum: - - POLLEN_TYPE_UNSPECIFIED - - GRASS - - TREE - - WEED family: + type: string description: >- A human readable representation of the plant family name. Example: "Betulaceae (the Birch family)". + crossReaction: type: string - season: description: >- - Textual list of explanations of seasons where the pollen is active. - Example: "Late winter, spring". - type: string + Textual description of pollen cross reaction plants. Example: Alder, + Hazel, Hornbeam, Beech, Willow, and Oak pollen. specialColors: description: >- Textual description of the plants' colors of leaves, bark, flowers or seeds that helps identify the plant. type: string specialShapes: + type: string description: >- Textual description of the plants' shapes of leaves, bark, flowers or seeds that helps identify the plant. - type: string - crossReaction: + type: + enum: + - POLLEN_TYPE_UNSPECIFIED + - GRASS + - TREE + - WEED + enumDescriptions: + - Unspecified plant type. + - Grass pollen type. + - Tree pollen type. + - Weed pollen type. description: >- - Textual description of pollen cross reaction plants. Example: Alder, - Hazel, Hornbeam, Beech, Willow, and Oak pollen. + The plant's pollen type. For example: "GRASS". A list of all + available codes could be found here. type: string picture: - description: Link to the picture of the plant. - type: string - pictureCloseup: - description: Link to a closeup picture of the plant. type: string - HttpBody: - id: HttpBody - description: >- - Message that represents an arbitrary HTTP body. It should only be used - for payload formats that can't be represented as JSON, such as raw - binary or an HTML page. This message can be used both in streaming and - non-streaming API methods in the request as well as the response. It can - be used as a top-level request field, which is convenient if one wants - to extract parameters from either the URL or HTTP template into the - request fields and also want access to the raw HTTP body. Example: - message GetResourceRequest { // A unique request id. string request_id = - 1; // The raw HTTP body is bound to this field. google.api.HttpBody - http_body = 2; } service ResourceService { rpc - GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc - UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } - Example with streaming methods: service CaldavService { rpc - GetCalendar(stream google.api.HttpBody) returns (stream - google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) - returns (stream google.api.HttpBody); } Use of this type only changes - how the request and response bodies are handled, all other features will - continue to work unchanged. - type: object + description: Link to the picture of the plant. + LookupForecastResponse: + id: LookupForecastResponse properties: - contentType: + dailyInfo: description: >- - The HTTP Content-Type header value specifying the content type of - the body. + Required. This object contains the daily forecast information for + each day requested. + items: + $ref: '#/components/schemas/DayInfo' + type: array + nextPageToken: type: string - data: - description: The HTTP request/response body as raw binary. + description: Optional. The token to retrieve the next page. + regionCode: type: string - format: byte - extensions: description: >- - Application specific response metadata. Must be set in the first - response for streaming APIs. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + The ISO_3166-1 alpha-2 code of the country/region corresponding to + the location provided in the request. This field might be omitted + from the response if the location provided in the request resides in + a disputed territory. + type: object parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: callback + name: upload_protocol schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: fields + name: quotaUser schema: type: string key: @@ -471,31 +458,16 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: upload_protocol + name: fields schema: type: string uploadType: @@ -513,6 +485,34 @@ components: enum: - '1' - '2' + callback: + description: JSONP + in: query + name: callback + schema: + type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + alt: + description: Data format for response. + in: query + name: alt + schema: + type: string + enum: + - json + - media + - proto + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string x-stackQL-resources: forecast: id: google.pollen.forecast @@ -552,17 +552,17 @@ components: paths: /v1/forecast:lookup: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/access_token' get: description: >- Returns up to 5 days of daily pollen information in more than 65 @@ -582,37 +582,37 @@ paths: $ref: '#/components/schemas/LookupForecastResponse' parameters: - in: query - name: location.latitude + name: languageCode schema: - type: number - format: double + type: string + - in: query + name: pageToken + schema: + type: string - in: query name: location.longitude schema: type: number format: double - in: query - name: days + name: location.latitude schema: - type: integer - format: int32 + type: number + format: double - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: languageCode - schema: - type: string - in: query name: plantsDescription schema: type: boolean + - in: query + name: days + schema: + type: integer + format: int32 /v1/mapTypes/{mapType}/heatmapTiles/{zoom}/{x}/{y}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/privateca.yaml b/providers/src/googleapis.com/v00.00.00000/services/privateca.yaml index a79259ea..169faa44 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/privateca.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/privateca.yaml @@ -11,8 +11,8 @@ info: certificate authorities (CAs) while staying in control of your private keys. version: v1 - x-discovery-doc-revision: '20250625' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251022' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/ servers: @@ -38,534 +38,619 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. + AuditLogConfig: + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. type: object properties: - locations: + exemptedMembers: + items: + type: string description: >- - A list of locations that matches the specified filter in the - request. + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. + logType: + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + description: The log type that this config enables. type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + id: AuditLogConfig + KeyId: + description: >- + A KeyId identifies a specific public key, usually by hashing the public + key. + id: KeyId properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + keyId: type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + Optional. The value of this KeyId encoded in lowercase hexadecimal. + This is most likely the 160 bit SHA-1 hash of the public key. type: object + Policy: + id: Policy + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. + auditConfigs: type: array + description: Specifies cloud audit logging configuration for this policy. items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: + $ref: '#/components/schemas/AuditConfig' + bindings: + type: array description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + items: + $ref: '#/components/schemas/Binding' + etag: type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + format: byte description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + version: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + format: int32 + type: integer + type: object + PublishingOptions: description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + Options relating to the publication of each CertificateAuthority's CA + certificate and CRLs and their inclusion as extensions in issued + Certificates. The options set here apply to certificates issued by any + CertificateAuthority in the CaPool. type: object + id: PublishingOptions properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + publishCrl: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: + Optional. When true, publishes each CertificateAuthority's CRL and + includes its URL in the "CRL Distribution Points" X.509 extension in + all issued Certificates. If this is false, CRLs will not be + published and the corresponding X.509 extension will not be written + in issued certificates. CRLs will expire 7 days from their creation. + However, we will rebuild daily. CRLs are also rebuilt shortly after + a certificate is revoked. + type: boolean + encodingFormat: + enum: + - ENCODING_FORMAT_UNSPECIFIED + - PEM + - DER description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} + Optional. Specifies the encoding format of each CertificateAuthority + resource's CA certificate and CRLs. If this is omitted, CA + certificates and CRLs will be published in PEM. + type: string + enumDescriptions: + - Not specified. By default, PEM format will be used. + - >- + The CertificateAuthority's CA certificate and CRLs will be + published in PEM format. + - >- + The CertificateAuthority's CA certificate and CRLs will be + published in DER format. + publishCaCert: + description: >- + Optional. When true, publishes each CertificateAuthority's CA + certificate and includes its URL in the "Authority Information + Access" X.509 extension in all issued Certificates. If this is + false, the CA certificate will not be published and the + corresponding X.509 extension will not be written in issued + certificates. + type: boolean CancelOperationRequest: id: CancelOperationRequest description: The request message for Operations.CancelOperation. - type: object properties: {} - Certificate: - id: Certificate - description: >- - A Certificate corresponds to a signed X.509 certificate issued by a - CertificateAuthority. type: object + CertificateAuthority: properties: - name: - description: >- - Identifier. The resource name for this Certificate in the format - `projects/*/locations/*/caPools/*/certificates/*`. + satisfiesPzi: + type: boolean + description: Output only. Reserved for future use. + readOnly: true + gcsBucket: type: string - pemCsr: - description: Immutable. A pem-encoded X.509 certificate signing request (CSR). + description: >- + Immutable. The name of a Cloud Storage bucket where this + CertificateAuthority will publish content, such as the CA + certificate and CRLs. This must be a bucket name, without any + prefixes (such as `gs://`) or suffixes (such as `.googleapis.com`). + For example, to use a bucket named `my-bucket`, you would simply + specify `my-bucket`. If not specified, a managed bucket will be + created. + labels: + type: object + description: Optional. Labels with user-defined metadata. + additionalProperties: + type: string + pemCaCertificates: + type: array + readOnly: true + description: >- + Output only. This CertificateAuthority's certificate chain, + including the current CertificateAuthority's certificate. Ordered + such that the root issuer is the final element (consistent with RFC + 5246). For a self-signed CA, this will only list the current + CertificateAuthority's certificate. + items: + type: string + tier: type: string - config: + enumDescriptions: + - Not specified. + - Enterprise tier. + - DevOps tier. + enum: + - TIER_UNSPECIFIED + - ENTERPRISE + - DEVOPS + readOnly: true description: >- - Immutable. A description of the certificate and key that does not - require X.509 or ASN.1. + Output only. The CaPool.Tier of the CaPool that includes this + CertificateAuthority. + config: $ref: '#/components/schemas/CertificateConfig' - issuerCertificateAuthority: description: >- - Output only. The resource name of the issuing CertificateAuthority - in the format - `projects/*/locations/*/caPools/*/certificateAuthorities/*`. + Required. Immutable. The config used to create a self-signed X.509 + certificate or CSR. + caCertificateDescriptions: + description: >- + Output only. A structured description of this CertificateAuthority's + CA certificate and its issuers. Ordered as self-to-root. readOnly: true - type: string + items: + $ref: '#/components/schemas/CertificateDescription' + type: array lifetime: - description: >- - Required. Immutable. The desired lifetime of a certificate. Used to - create the "not_before_time" and "not_after_time" fields inside an - X.509 certificate. Note that the lifetime may be truncated if it - would extend past the life of any certificate authority in the - issuing chain. type: string format: google-duration - certificateTemplate: description: >- - Immutable. The resource name for a CertificateTemplate used to issue - this certificate, in the format - `projects/*/locations/*/certificateTemplates/*`. If this is - specified, the caller must have the necessary permission to use this - template. If this is omitted, no template will be used. This - template must be in the same location as the Certificate. + Required. Immutable. The desired lifetime of the CA certificate. + Used to create the "not_before_time" and "not_after_time" fields + inside an X.509 certificate. + type: + enumDescriptions: + - Not specified. + - Self-signed CA. + - >- + Subordinate CA. Could be issued by a Private CA + CertificateAuthority or an unmanaged CA. type: string - subjectMode: + description: Required. Immutable. The Type of this CertificateAuthority. + enum: + - TYPE_UNSPECIFIED + - SELF_SIGNED + - SUBORDINATE + subordinateConfig: description: >- - Immutable. Specifies how the Certificate's identity fields are to be - decided. If this is omitted, the `DEFAULT` subject mode will be - used. + Optional. If this is a subordinate CertificateAuthority, this field + will be set with the subordinate configuration, which describes its + issuers. This may be updated, but this CertificateAuthority must + continue to validate. + $ref: '#/components/schemas/SubordinateConfig' + state: + readOnly: true type: string enumDescriptions: - Not specified. - >- - The default mode used in most cases. Indicates that the - certificate's Subject and/or SubjectAltNames are specified in the - certificate request. This mode requires the caller to have the - `privateca.certificates.create` permission. + Certificates can be issued from this CA. CRLs will be generated + for this CA. The CA will be part of the CaPool's trust anchor, and + will be used to issue certificates from the CaPool. - >- - A mode used to get an accurate representation of the Subject - field's distinguished name. Indicates that the certificate's - Subject and/or SubjectAltNames are specified in the certificate - request. When parsing a PEM CSR this mode will maintain the - sequence of RDNs found in the CSR's subject field in the issued - Certificate. This mode requires the caller to have the - `privateca.certificates.create` permission. + Certificates cannot be issued from this CA. CRLs will still be + generated. The CA will be part of the CaPool's trust anchor, but + will not be used to issue certificates from the CaPool. - >- - A mode reserved for special cases. Indicates that the certificate - should have one SPIFFE SubjectAltNames set by the service based on - the caller's identity. This mode will ignore any explicitly - specified Subject and/or SubjectAltNames in the certificate - request. This mode requires the caller to have the - `privateca.certificates.createForSelf` permission. + Certificates can be issued from this CA. CRLs will be generated + for this CA. The CA will be part of the CaPool's trust anchor, but + will not be used to issue certificates from the CaPool. + - >- + Certificates cannot be issued from this CA. CRLs will not be + generated. The CA will not be part of the CaPool's trust anchor, + and will not be used to issue certificates from the CaPool. + - >- + Certificates cannot be issued from this CA. CRLs will not be + generated. The CA may still be recovered by calling + CertificateAuthorityService.UndeleteCertificateAuthority before + expire_time. The CA will not be part of the CaPool's trust anchor, + and will not be used to issue certificates from the CaPool. enum: - - SUBJECT_REQUEST_MODE_UNSPECIFIED - - DEFAULT - - RDN_SEQUENCE - - REFLECTED_SPIFFE - revocationDetails: + - STATE_UNSPECIFIED + - ENABLED + - DISABLED + - STAGED + - AWAITING_USER_ACTIVATION + - DELETED + description: Output only. The State for this CertificateAuthority. + keySpec: description: >- - Output only. Details regarding the revocation of this Certificate. - This Certificate is considered revoked if and only if this field is - present. + Required. Immutable. Used when issuing certificates for this + CertificateAuthority. If this CertificateAuthority is a self-signed + CertificateAuthority, this key is also used to sign the self-signed + CA certificate. Otherwise, it is used to sign a CSR. + $ref: '#/components/schemas/KeyVersionSpec' + satisfiesPzs: + description: Output only. Reserved for future use. readOnly: true - $ref: '#/components/schemas/RevocationDetails' - pemCertificate: - description: Output only. The pem-encoded, signed X.509 certificate. + type: boolean + expireTime: + type: string + format: google-datetime readOnly: true + description: >- + Output only. The time at which this CertificateAuthority will be + permanently purged, if it is in the DELETED state. + name: type: string - certificateDescription: description: >- - Output only. A structured description of the issued X.509 - certificate. + Identifier. The resource name for this CertificateAuthority in the + format `projects/*/locations/*/caPools/*/certificateAuthorities/*`. + accessUrls: readOnly: true - $ref: '#/components/schemas/CertificateDescription' - pemCertificateChain: + $ref: '#/components/schemas/AccessUrls' description: >- - Output only. The chain that may be used to verify the X.509 - certificate. Expected to be in issuer-to-root order according to RFC - 5246. - readOnly: true - type: array - items: - type: string - createTime: - description: Output only. The time at which this Certificate was created. + Output only. URLs for accessing content published by this CA, such + as the CA certificate and CRLs. + userDefinedAccessUrls: + description: >- + Optional. User-defined URLs for CA certificate and CRLs. The service + does not publish content to these URLs. It is up to the user to + mirror content to these URLs. + $ref: '#/components/schemas/UserDefinedAccessUrls' + deleteTime: + description: >- + Output only. The time at which this CertificateAuthority was soft + deleted, if it is in the DELETED state. + format: google-datetime readOnly: true type: string - format: google-datetime updateTime: - description: Output only. The time at which this Certificate was updated. readOnly: true - type: string - format: google-datetime - labels: - description: Optional. Labels with user-defined metadata. - type: object - additionalProperties: - type: string - CertificateConfig: - id: CertificateConfig + description: >- + Output only. The time at which this CertificateAuthority was last + updated. + format: google-datetime + type: string + createTime: + readOnly: true + type: string + description: >- + Output only. The time at which this CertificateAuthority was + created. + format: google-datetime + type: object + id: CertificateAuthority description: >- - A CertificateConfig describes an X.509 certificate or CSR that is to be - created, as an alternative to using ASN.1. + A CertificateAuthority represents an individual Certificate Authority. A + CertificateAuthority can be used to create Certificates. + Operation: type: object + description: >- + This resource represents a long-running operation that is the result of + a network API call. + id: Operation properties: - subjectConfig: + name: description: >- - Required. Specifies some of the values in a certificate that are - related to the subject. - $ref: '#/components/schemas/SubjectConfig' - x509Config: + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string + error: + $ref: '#/components/schemas/Status' description: >- - Required. Describes how some of the technical X.509 fields in a - certificate should be populated. - $ref: '#/components/schemas/X509Parameters' - publicKey: + The error result of the operation in case of failure or + cancellation. + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object description: >- - Optional. The public key that corresponds to this config. This is, - for example, used when issuing Certificates, but not when creating a - self-signed CertificateAuthority or CertificateAuthority CSR. - $ref: '#/components/schemas/PublicKey' - subjectKeyId: + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + response: description: >- - Optional. When specified this provides a custom SKI to be used in - the certificate. This should only be used to maintain a SKI of an - existing CA originally created outside CA service, which was not - generated using method (1) described in RFC 5280 section 4.2.1.2. - $ref: '#/components/schemas/CertificateConfigKeyId' - SubjectConfig: - id: SubjectConfig - description: >- - These values are used to create the distinguished name and subject - alternative name fields in an X.509 certificate. + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + IssuanceModes: + id: IssuanceModes type: object properties: - subject: + allowCsrBasedIssuance: description: >- - Optional. Contains distinguished name fields such as the common - name, location and organization. - $ref: '#/components/schemas/Subject' - subjectAltName: - description: Optional. The subject alternative name fields. - $ref: '#/components/schemas/SubjectAltNames' - Subject: - id: Subject + Optional. When true, allows callers to create Certificates by + specifying a CSR. + type: boolean + allowConfigBasedIssuance: + description: >- + Optional. When true, allows callers to create Certificates by + specifying a CertificateConfig. + type: boolean description: >- - Subject describes parts of a distinguished name that, in turn, describes - the subject of the certificate. + IssuanceModes specifies the allowed ways in which Certificates may be + requested from this CaPool. + ListCertificateAuthoritiesResponse: type: object - properties: - commonName: - description: The "common name" of the subject. - type: string - countryCode: - description: The country code of the subject. - type: string - organization: - description: The organization of the subject. - type: string - organizationalUnit: - description: The organizational_unit of the subject. - type: string - locality: - description: The locality or city of the subject. - type: string - province: - description: The province, territory, or regional state of the subject. - type: string - streetAddress: - description: The street address of the subject. - type: string - postalCode: - description: The postal code of the subject. - type: string - rdnSequence: - description: This field can be used in place of the named subject fields. - type: array - items: - $ref: '#/components/schemas/RelativeDistinguishedName' - RelativeDistinguishedName: - id: RelativeDistinguishedName description: >- - RelativeDistinguishedName specifies a relative distinguished name which - will be used to build a distinguished name. - type: object + Response message for + CertificateAuthorityService.ListCertificateAuthorities. properties: - attributes: - description: Attributes describes the attribute value assertions in the RDN. + unreachable: type: array + description: A list of locations (e.g. "us-west1") that could not be reached. items: - $ref: '#/components/schemas/AttributeTypeAndValue' - AttributeTypeAndValue: - id: AttributeTypeAndValue - description: >- - AttributeTypeAndValue specifies an attribute type and value. It can use - either a OID or enum value to specify the attribute type. - type: object + type: string + certificateAuthorities: + items: + $ref: '#/components/schemas/CertificateAuthority' + type: array + description: The list of CertificateAuthorities. + nextPageToken: + type: string + description: >- + A token to retrieve next page of results. Pass this value in + ListCertificateAuthoritiesRequest.page_token to retrieve the next + page of results. + id: ListCertificateAuthoritiesResponse + CaPool: properties: - type: - description: The attribute type of the attribute and value pair. + tier: type: string enumDescriptions: - - Attribute type is unspecified. - - The "common name" of the subject. - - The country code of the subject. - - The organization of the subject. - - The organizational unit of the subject. - - The locality or city of the subject. - - The province, territory, or regional state of the subject. - - The street address of the subject. - - The postal code of the subject. + - Not specified. + - Enterprise tier. + - DevOps tier. + description: Required. Immutable. The Tier of this CaPool. enum: - - ATTRIBUTE_TYPE_UNSPECIFIED - - COMMON_NAME - - COUNTRY_CODE - - ORGANIZATION - - ORGANIZATIONAL_UNIT - - LOCALITY - - PROVINCE - - STREET_ADDRESS - - POSTAL_CODE - objectId: - description: Object ID for an attribute type of an attribute and value pair. - $ref: '#/components/schemas/ObjectId' - value: - description: The value for the attribute type. + - TIER_UNSPECIFIED + - ENTERPRISE + - DEVOPS + issuancePolicy: + description: >- + Optional. The IssuancePolicy to control how Certificates will be + issued from this CaPool. + $ref: '#/components/schemas/IssuancePolicy' + labels: + additionalProperties: + type: string + type: object + description: Optional. Labels with user-defined metadata. + name: + description: >- + Identifier. The resource name for this CaPool in the format + `projects/*/locations/*/caPools/*`. type: string - ObjectId: - id: ObjectId + publishingOptions: + description: >- + Optional. The PublishingOptions to follow when issuing Certificates + from any CertificateAuthority in this CaPool. + $ref: '#/components/schemas/PublishingOptions' + encryptionSpec: + description: >- + Optional. When EncryptionSpec is provided, the Subject, + SubjectAltNames, and the PEM-encoded certificate fields will be + encrypted at rest. + $ref: '#/components/schemas/EncryptionSpec' + type: object + id: CaPool description: >- - An ObjectId specifies an object identifier (OID). These provide context - and describe types in ASN.1 messages. + A CaPool represents a group of CertificateAuthorities that form a trust + anchor. A CaPool can be used to manage issuance policies for one or more + CertificateAuthority resources and to rotate CA certificates in and out + of the trust anchor. + AccessUrls: + id: AccessUrls type: object + description: URLs where a CertificateAuthority will publish content. properties: - objectIdPath: - description: >- - Required. The parts of an OID path. The most significant parts of - the path come first. - type: array - items: - type: integer - format: int32 - SubjectAltNames: - id: SubjectAltNames - description: >- - SubjectAltNames corresponds to a more modern way of listing what the - asserted identity is in a certificate (i.e., compared to the "common - name" in the distinguished name). - type: object - properties: - dnsNames: - description: Contains only valid, fully-qualified host names. - type: array - items: - type: string - uris: - description: Contains only valid RFC 3986 URIs. - type: array - items: - type: string - emailAddresses: - description: Contains only valid RFC 2822 E-mail addresses. + crlAccessUrls: type: array items: type: string - ipAddresses: description: >- - Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 - addresses. - type: array - items: - type: string - customSans: + The URLs where this CertificateAuthority's CRLs are published. This + will only be set for CAs that have been activated. + caCertificateAccessUrl: description: >- - Contains additional subject alternative name values. For each - custom_san, the `value` field must contain an ASN.1 encoded - UTF8String. - type: array - items: - $ref: '#/components/schemas/X509Extension' - X509Extension: - id: X509Extension - description: >- - An X509Extension specifies an X.509 extension, which may be used in - different parts of X.509 objects like certificates, CSRs, and CRLs. + The URL where this CertificateAuthority's CA certificate is + published. This will only be set for CAs that have been activated. + type: string + CaOptions: type: object properties: - objectId: - description: Required. The OID for this X.509 extension. - $ref: '#/components/schemas/ObjectId' - critical: + maxIssuerPathLength: + type: integer description: >- - Optional. Indicates whether or not this extension is critical (i.e., - if the client does not know how to handle this extension, the client - should consider this to be an error). + Optional. Refers to the path length constraint field in the X.509 + extension. For a CA certificate, this value describes the depth of + subordinate CA certificates that are allowed. If this value is less + than 0, the request will fail. If this value is missing, the max + path length will be omitted from the certificate. + format: int32 + isCa: + description: >- + Optional. Refers to the "CA" boolean field in the X.509 extension. + When this value is missing, the basic constraints extension will be + omitted from the certificate. type: boolean - value: - description: Required. The value of this X.509 extension. - type: string - format: byte - X509Parameters: - id: X509Parameters description: >- - An X509Parameters is used to describe certain fields of an X.509 - certificate, such as the key usage fields, fields specific to CA - certificates, certificate policy extensions and custom extensions. + Describes the X.509 basic constraints extension, per [RFC 5280 section + 4.2.1.9](https://tools.ietf.org/html/rfc5280#section-4.2.1.9) + id: CaOptions + Expr: type: object + id: Expr properties: - keyUsage: + title: description: >- - Optional. Indicates the intended use for keys that correspond to a - certificate. - $ref: '#/components/schemas/KeyUsage' - caOptions: + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + type: string + expression: + type: string description: >- - Optional. Describes options in this X509Parameters that are relevant - in a CA certificate. If not specified, a default basic constraints - extension with `is_ca=false` will be added for leaf certificates. - $ref: '#/components/schemas/CaOptions' - policyIds: + Textual representation of an expression in Common Expression + Language syntax. + description: + type: string description: >- - Optional. Describes the X.509 certificate policy object identifiers, - per https://tools.ietf.org/html/rfc5280#section-4.2.1.4. - type: array - items: - $ref: '#/components/schemas/ObjectId' - aiaOcspServers: + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + location: + type: string description: >- - Optional. Describes Online Certificate Status Protocol (OCSP) - endpoint addresses that appear in the "Authority Information Access" - extension in the certificate. - type: array - items: - type: string - nameConstraints: - description: Optional. Describes the X.509 name constraints extension. - $ref: '#/components/schemas/NameConstraints' - additionalExtensions: - description: Optional. Describes custom X.509 extensions. + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + ListLocationsResponse: + id: ListLocationsResponse + type: object + properties: + nextPageToken: + description: The standard List next-page token. + type: string + locations: + description: >- + A list of locations that matches the specified filter in the + request. type: array items: - $ref: '#/components/schemas/X509Extension' - KeyUsage: - id: KeyUsage + $ref: '#/components/schemas/Location' + description: The response message for Locations.ListLocations. + CertificateConfigKeyId: + id: CertificateConfigKeyId + type: object description: >- - A KeyUsage describes key usage values that may appear in an X.509 - certificate. + A KeyId identifies a specific public key, usually by hashing the public + key. + properties: + keyId: + type: string + description: >- + Required. The value of this KeyId encoded in lowercase hexadecimal. + This is most likely the 160 bit SHA-1 hash of the public key. + KeyUsage: type: object properties: baseKeyUsage: @@ -575,243 +660,734 @@ components: description: Detailed scenarios in which a key may be used. $ref: '#/components/schemas/ExtendedKeyUsageOptions' unknownExtendedKeyUsages: + items: + $ref: '#/components/schemas/ObjectId' description: >- Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message. type: array - items: - $ref: '#/components/schemas/ObjectId' - KeyUsageOptions: - id: KeyUsageOptions description: >- - KeyUsage.KeyUsageOptions corresponds to the key usage values described - in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. - type: object + A KeyUsage describes key usage values that may appear in an X.509 + certificate. + id: KeyUsage + CertificateIdentityConstraints: + description: Describes constraints on a Certificate's Subject and SubjectAltNames. properties: - digitalSignature: - description: The key may be used for digital signatures. + allowSubjectAltNamesPassthrough: type: boolean - contentCommitment: description: >- - The key may be used for cryptographic commitments. Note that this - may also be referred to as "non-repudiation". - type: boolean - keyEncipherment: - description: The key may be used to encipher other keys. - type: boolean - dataEncipherment: - description: The key may be used to encipher data. - type: boolean - keyAgreement: - description: The key may be used in a key agreement protocol. - type: boolean - certSign: - description: The key may be used to sign certificates. - type: boolean - crlSign: - description: The key may be used sign certificate revocation lists. - type: boolean - encipherOnly: - description: The key may be used to encipher only. - type: boolean - decipherOnly: - description: The key may be used to decipher only. + Required. If this is true, the SubjectAltNames extension may be + copied from a certificate request into the signed certificate. + Otherwise, the requested SubjectAltNames will be discarded. + allowSubjectPassthrough: + description: >- + Required. If this is true, the Subject field may be copied from a + certificate request into the signed certificate. Otherwise, the + requested Subject will be discarded. type: boolean - ExtendedKeyUsageOptions: - id: ExtendedKeyUsageOptions - description: >- - KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain - common OIDs that could be specified as an extended key usage value. + celExpression: + $ref: '#/components/schemas/Expr' + description: >- + Optional. A CEL expression that may be used to validate the resolved + X.509 Subject and/or Subject Alternative Name before a certificate + is signed. To see the full allowed syntax and some examples, see + https://cloud.google.com/certificate-authority-service/docs/using-cel + type: object + id: CertificateIdentityConstraints + TestIamPermissionsResponse: + description: Response message for `TestIamPermissions` method. type: object + id: TestIamPermissionsResponse properties: - serverAuth: - description: >- - Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS - WWW server authentication", though regularly used for non-WWW TLS. - type: boolean - clientAuth: + permissions: + type: array + items: + type: string description: >- - Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS - WWW client authentication", though regularly used for non-WWW TLS. - type: boolean - codeSigning: + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + CertificateFingerprint: + id: CertificateFingerprint + type: object + properties: + sha256Hash: description: >- - Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as - "Signing of downloadable executable code client authentication". - type: boolean - emailProtection: + The SHA 256 hash, encoded in hexadecimal, of the DER x509 + certificate. + type: string + description: A group of fingerprints for the x509 certificate. + FetchCaCertsResponse: + properties: + caCerts: + items: + $ref: '#/components/schemas/CertChain' description: >- - Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email - protection". + The PEM encoded CA certificate chains of all certificate authorities + in this CaPool in the ENABLED, DISABLED, or STAGED states. + type: array + type: object + description: Response message for CertificateAuthorityService.FetchCaCerts. + id: FetchCaCertsResponse + SubjectDescription: + type: object + description: >- + These values describe fields in an issued X.509 certificate such as the + distinguished name, subject alternative names, serial number, and + lifetime. + id: SubjectDescription + properties: + subject: + description: >- + Contains distinguished name fields such as the common name, location + and / organization. + $ref: '#/components/schemas/Subject' + notAfterTime: + format: google-datetime + description: >- + The time after which the certificate is expired. Per RFC 5280, the + validity period for a certificate is the period of time from + not_before_time through not_after_time, inclusive. Corresponds to + 'not_before_time' + 'lifetime' - 1 second. + type: string + hexSerialNumber: + type: string + description: The serial number encoded in lowercase hexadecimal. + lifetime: + type: string + description: For convenience, the actual lifetime of an issued certificate. + format: google-duration + subjectAltName: + description: The subject alternative name fields. + $ref: '#/components/schemas/SubjectAltNames' + notBeforeTime: + type: string + format: google-datetime + description: The time at which the certificate becomes valid. + KeyVersionSpec: + properties: + algorithm: + type: string + description: >- + The algorithm to use for creating a managed Cloud KMS key for a for + a simplified experience. All managed keys will be have their + ProtectionLevel as `HSM`. + enumDescriptions: + - Not specified. + - maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_2048_SHA256 + - maps to CryptoKeyVersionAlgorithm. RSA_SIGN_PSS_3072_SHA256 + - maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_4096_SHA256 + - maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256 + - maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_3072_SHA256 + - maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_4096_SHA256 + - maps to CryptoKeyVersionAlgorithm.EC_SIGN_P256_SHA256 + - maps to CryptoKeyVersionAlgorithm.EC_SIGN_P384_SHA384 + enum: + - SIGN_HASH_ALGORITHM_UNSPECIFIED + - RSA_PSS_2048_SHA256 + - RSA_PSS_3072_SHA256 + - RSA_PSS_4096_SHA256 + - RSA_PKCS1_2048_SHA256 + - RSA_PKCS1_3072_SHA256 + - RSA_PKCS1_4096_SHA256 + - EC_P256_SHA256 + - EC_P384_SHA384 + cloudKmsKeyVersion: + description: >- + The resource name for an existing Cloud KMS CryptoKeyVersion in the + format + `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. + This option enables full flexibility in the key's capabilities and + properties. + type: string + id: KeyVersionSpec + type: object + description: A Cloud KMS key configuration that a CertificateAuthority will use. + IssuancePolicy: + type: object + description: Defines controls over all certificate issuance within a CaPool. + properties: + baselineValues: + description: >- + Optional. A set of X.509 values that will be applied to all + certificates issued through this CaPool. If a certificate request + includes conflicting values for the same properties, they will be + overwritten by the values defined here. If a certificate request + uses a CertificateTemplate that defines conflicting + predefined_values for the same properties, the certificate issuance + request will fail. + $ref: '#/components/schemas/X509Parameters' + maximumLifetime: + type: string + description: >- + Optional. The maximum lifetime allowed for issued Certificates. Note + that if the issuing CertificateAuthority expires before a + Certificate resource's requested maximum_lifetime, the effective + lifetime will be explicitly truncated to match it. + format: google-duration + backdateDuration: + type: string + format: google-duration + description: >- + Optional. The duration to backdate all certificates issued from this + CaPool. If not set, the certificates will be issued with a + not_before_time of the issuance time (i.e. the current time). If + set, the certificates will be issued with a not_before_time of the + issuance time minus the backdate_duration. The not_after_time will + be adjusted to preserve the requested lifetime. The + backdate_duration must be less than or equal to 48 hours. + passthroughExtensions: + $ref: '#/components/schemas/CertificateExtensionConstraints' + description: >- + Optional. Describes the set of X.509 extensions that may appear in a + Certificate issued through this CaPool. If a certificate request + sets extensions that don't appear in the passthrough_extensions, + those extensions will be dropped. If a certificate request uses a + CertificateTemplate with predefined_values that don't appear here, + the certificate issuance request will fail. If this is omitted, then + this CaPool will not add restrictions on a certificate's X.509 + extensions. These constraints do not apply to X.509 extensions set + in this CaPool's baseline_values. + identityConstraints: + description: >- + Optional. Describes constraints on identities that may appear in + Certificates issued through this CaPool. If this is omitted, then + this CaPool will not add restrictions on a certificate's identity. + $ref: '#/components/schemas/CertificateIdentityConstraints' + allowedIssuanceModes: + description: >- + Optional. If specified, then only methods allowed in the + IssuanceModes may be used to issue Certificates. + $ref: '#/components/schemas/IssuanceModes' + allowedKeyTypes: + description: >- + Optional. If any AllowedKeyType is specified, then the certificate + request's public key must match one of the key types listed here. + Otherwise, any key may be used. + type: array + items: + $ref: '#/components/schemas/AllowedKeyType' + id: IssuancePolicy + X509Extension: + id: X509Extension + properties: + value: + format: byte + description: Required. The value of this X.509 extension. + type: string + objectId: + description: Required. The OID for this X.509 extension. + $ref: '#/components/schemas/ObjectId' + critical: + description: >- + Optional. Indicates whether or not this extension is critical (i.e., + if the client does not know how to handle this extension, the client + should consider this to be an error). type: boolean - timeStamping: + description: >- + An X509Extension specifies an X.509 extension, which may be used in + different parts of X.509 objects like certificates, CSRs, and CRLs. + type: object + AuditConfig: + type: object + properties: + auditLogConfigs: + description: The configuration for logging of each type of permission. + type: array + items: + $ref: '#/components/schemas/AuditLogConfig' + service: + description: >- + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + type: string + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + id: AuditConfig + X509Parameters: + description: >- + An X509Parameters is used to describe certain fields of an X.509 + certificate, such as the key usage fields, fields specific to CA + certificates, certificate policy extensions and custom extensions. + type: object + id: X509Parameters + properties: + aiaOcspServers: + items: + type: string + type: array + description: >- + Optional. Describes Online Certificate Status Protocol (OCSP) + endpoint addresses that appear in the "Authority Information Access" + extension in the certificate. + additionalExtensions: + type: array + items: + $ref: '#/components/schemas/X509Extension' + description: Optional. Describes custom X.509 extensions. + policyIds: + items: + $ref: '#/components/schemas/ObjectId' + description: >- + Optional. Describes the X.509 certificate policy object identifiers, + per https://tools.ietf.org/html/rfc5280#section-4.2.1.4. + type: array + nameConstraints: + description: Optional. Describes the X.509 name constraints extension. + $ref: '#/components/schemas/NameConstraints' + caOptions: + description: >- + Optional. Describes options in this X509Parameters that are relevant + in a CA certificate. If not specified, a default basic constraints + extension with `is_ca=false` will be added for leaf certificates. + $ref: '#/components/schemas/CaOptions' + keyUsage: + description: >- + Optional. Indicates the intended use for keys that correspond to a + certificate. + $ref: '#/components/schemas/KeyUsage' + ListCaPoolsResponse: + id: ListCaPoolsResponse + properties: + nextPageToken: + description: >- + A token to retrieve next page of results. Pass this value in + ListCertificateAuthoritiesRequest.page_token to retrieve the next + page of results. + type: string + caPools: + items: + $ref: '#/components/schemas/CaPool' + type: array + description: The list of CaPools. + unreachable: + type: array + description: A list of locations (e.g. "us-west1") that could not be reached. + items: + type: string + description: Response message for CertificateAuthorityService.ListCaPools. + type: object + SubjectConfig: + properties: + subjectAltName: + description: Optional. The subject alternative name fields. + $ref: '#/components/schemas/SubjectAltNames' + subject: + description: >- + Optional. Contains distinguished name fields such as the common + name, location and organization. + $ref: '#/components/schemas/Subject' + description: >- + These values are used to create the distinguished name and subject + alternative name fields in an X.509 certificate. + type: object + id: SubjectConfig + EnableCertificateAuthorityRequest: + properties: + requestId: + type: string + description: >- + Optional. An ID to identify requests. Specify a unique request ID so + that if you must retry your request, the server will know to ignore + the request if it has already been completed. The server will + guarantee that for at least 60 minutes since the first request. For + example, consider a situation where you make an initial request and + the request times out. If you make the request again with the same + request ID, the server can check if original operation with the same + request ID was received, and if so, will ignore the second request. + This prevents clients from accidentally creating duplicate + commitments. The request ID must be a valid UUID with the exception + that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). + type: object + description: >- + Request message for + CertificateAuthorityService.EnableCertificateAuthority. + id: EnableCertificateAuthorityRequest + Status: + id: Status + properties: + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer + details: + type: array + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + type: object + SetIamPolicyRequest: + description: Request message for `SetIamPolicy` method. + properties: + updateMask: + format: google-fieldmask + type: string + description: >- + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + policy: + $ref: '#/components/schemas/Policy' + description: >- + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + id: SetIamPolicyRequest + type: object + AttributeTypeAndValue: + description: >- + AttributeTypeAndValue specifies an attribute type and value. It can use + either a OID or enum value to specify the attribute type. + id: AttributeTypeAndValue + type: object + properties: + objectId: + $ref: '#/components/schemas/ObjectId' + description: Object ID for an attribute type of an attribute and value pair. + type: + enum: + - ATTRIBUTE_TYPE_UNSPECIFIED + - COMMON_NAME + - COUNTRY_CODE + - ORGANIZATION + - ORGANIZATIONAL_UNIT + - LOCALITY + - PROVINCE + - STREET_ADDRESS + - POSTAL_CODE + enumDescriptions: + - Attribute type is unspecified. + - The "common name" of the subject. + - The country code of the subject. + - The organization of the subject. + - The organizational unit of the subject. + - The locality or city of the subject. + - The province, territory, or regional state of the subject. + - The street address of the subject. + - The postal code of the subject. + type: string + description: The attribute type of the attribute and value pair. + value: + type: string + description: The value for the attribute type. + CertificateTemplate: + type: object + description: >- + A CertificateTemplate refers to a managed template for certificate + issuance. + properties: + predefinedValues: + $ref: '#/components/schemas/X509Parameters' + description: >- + Optional. A set of X.509 values that will be applied to all issued + certificates that use this template. If the certificate request + includes conflicting values for the same properties, they will be + overwritten by the values defined here. If the issuing CaPool's + IssuancePolicy defines conflicting baseline_values for the same + properties, the certificate issuance request will fail. + labels: + additionalProperties: + type: string + type: object + description: Optional. Labels with user-defined metadata. + passthroughExtensions: + $ref: '#/components/schemas/CertificateExtensionConstraints' + description: >- + Optional. Describes the set of X.509 extensions that may appear in a + Certificate issued using this CertificateTemplate. If a certificate + request sets extensions that don't appear in the + passthrough_extensions, those extensions will be dropped. If the + issuing CaPool's IssuancePolicy defines baseline_values that don't + appear here, the certificate issuance request will fail. If this is + omitted, then this template will not add restrictions on a + certificate's X.509 extensions. These constraints do not apply to + X.509 extensions set in this CertificateTemplate's + predefined_values. + identityConstraints: description: >- - Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as - "Binding the hash of an object to a time". - type: boolean - ocspSigning: + Optional. Describes constraints on identities that may be appear in + Certificates issued using this template. If this is omitted, then + this template will not add restrictions on a certificate's identity. + $ref: '#/components/schemas/CertificateIdentityConstraints' + updateTime: + format: google-datetime + type: string + description: Output only. The time at which this CertificateTemplate was updated. + readOnly: true + maximumLifetime: description: >- - Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as - "Signing OCSP responses". - type: boolean - CaOptions: - id: CaOptions - description: >- - Describes the X.509 basic constraints extension, per [RFC 5280 section - 4.2.1.9](https://tools.ietf.org/html/rfc5280#section-4.2.1.9) - type: object - properties: - isCa: + Optional. The maximum lifetime allowed for issued Certificates that + use this template. If the issuing CaPool resource's IssuancePolicy + specifies a maximum_lifetime the minimum of the two durations will + be the maximum lifetime for issued Certificates. Note that if the + issuing CertificateAuthority expires before a Certificate's + requested maximum_lifetime, the effective lifetime will be + explicitly truncated to match it. + format: google-duration + type: string + description: + type: string description: >- - Optional. Refers to the "CA" boolean field in the X.509 extension. - When this value is missing, the basic constraints extension will be - omitted from the certificate. - type: boolean - maxIssuerPathLength: + Optional. A human-readable description of scenarios this template is + intended for. + name: + type: string description: >- - Optional. Refers to the path length constraint field in the X.509 - extension. For a CA certificate, this value describes the depth of - subordinate CA certificates that are allowed. If this value is less - than 0, the request will fail. If this value is missing, the max - path length will be omitted from the certificate. - type: integer - format: int32 - NameConstraints: - id: NameConstraints - description: >- - Describes the X.509 name constraints extension, per - https://tools.ietf.org/html/rfc5280#section-4.2.1.10 - type: object + Identifier. The resource name for this CertificateTemplate in the + format `projects/*/locations/*/certificateTemplates/*`. + createTime: + readOnly: true + type: string + description: Output only. The time at which this CertificateTemplate was created. + format: google-datetime + id: CertificateTemplate + ListCertificateRevocationListsResponse: properties: - critical: - description: Indicates whether or not the name constraints are marked critical. - type: boolean - permittedDnsNames: + nextPageToken: + type: string description: >- - Contains permitted DNS names. Any DNS name that can be constructed - by simply adding zero or more labels to the left-hand side of the - name satisfies the name constraint. For example, `example.com`, - `www.example.com`, `www.sub.example.com` would satisfy `example.com` - while `example1.com` does not. + A token to retrieve next page of results. Pass this value in + ListCertificateRevocationListsRequest.page_token to retrieve the + next page of results. + certificateRevocationLists: type: array + description: The list of CertificateRevocationLists. items: - type: string - excludedDnsNames: - description: >- - Contains excluded DNS names. Any DNS name that can be constructed by - simply adding zero or more labels to the left-hand side of the name - satisfies the name constraint. For example, `example.com`, - `www.example.com`, `www.sub.example.com` would satisfy `example.com` - while `example1.com` does not. + $ref: '#/components/schemas/CertificateRevocationList' + unreachable: + description: A list of locations (e.g. "us-west1") that could not be reached. type: array items: type: string - permittedIpRanges: - description: >- - Contains the permitted IP ranges. For IPv4 addresses, the ranges are - expressed using CIDR notation as specified in RFC 4632. For IPv6 - addresses, the ranges are expressed in similar encoding as IPv4 - addresses. + description: >- + Response message for + CertificateAuthorityService.ListCertificateRevocationLists. + id: ListCertificateRevocationListsResponse + type: object + Subject: + id: Subject + properties: + rdnSequence: + description: This field can be used in place of the named subject fields. type: array items: + $ref: '#/components/schemas/RelativeDistinguishedName' + commonName: + description: The "common name" of the subject. + type: string + streetAddress: + type: string + description: The street address of the subject. + countryCode: + description: The country code of the subject. + type: string + postalCode: + description: The postal code of the subject. + type: string + locality: + description: The locality or city of the subject. + type: string + organization: + description: The organization of the subject. + type: string + province: + description: The province, territory, or regional state of the subject. + type: string + organizationalUnit: + type: string + description: The organizational_unit of the subject. + type: object + description: >- + Subject describes parts of a distinguished name that, in turn, describes + the subject of the certificate. + CertificateRevocationList: + properties: + labels: + type: object + description: Optional. Labels with user-defined metadata. + additionalProperties: type: string - excludedIpRanges: + updateTime: + format: google-datetime + type: string description: >- - Contains the excluded IP ranges. For IPv4 addresses, the ranges are - expressed using CIDR notation as specified in RFC 4632. For IPv6 - addresses, the ranges are expressed in similar encoding as IPv4 - addresses. - type: array - items: - type: string - permittedEmailAddresses: + Output only. The time at which this CertificateRevocationList was + updated. + readOnly: true + accessUrl: + description: Output only. The location where 'pem_crl' can be accessed. + readOnly: true + type: string + revisionId: + readOnly: true description: >- - Contains the permitted email addresses. The value can be a - particular email address, a hostname to indicate all email addresses - on that host or a domain with a leading period (e.g. `.example.com`) - to indicate all email addresses in that domain. - type: array + Output only. The revision ID of this CertificateRevocationList. A + new revision is committed whenever a new CRL is published. The + format is an 8-character hexadecimal string. + type: string + createTime: + readOnly: true + description: >- + Output only. The time at which this CertificateRevocationList was + created. + type: string + format: google-datetime + sequenceNumber: + format: int64 + description: Output only. The CRL sequence number that appears in pem_crl. + type: string + readOnly: true + revokedCertificates: + readOnly: true + description: Output only. The revoked serial numbers that appear in pem_crl. items: - type: string - excludedEmailAddresses: + $ref: '#/components/schemas/RevokedCertificate' + type: array + name: + type: string + description: >- + Identifier. The resource name for this CertificateRevocationList in + the format + `projects/*/locations/*/caPools/*certificateAuthorities/*/ + certificateRevocationLists/*`. + state: + description: Output only. The State for this CertificateRevocationList. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - SUPERSEDED + enumDescriptions: + - Not specified. + - The CertificateRevocationList is up to date. + - The CertificateRevocationList is no longer current. + readOnly: true + type: string + pemCrl: + type: string + readOnly: true + description: Output only. The PEM-encoded X.509 CRL. + description: >- + A CertificateRevocationList corresponds to a signed X.509 certificate + Revocation List (CRL). A CRL contains the serial numbers of certificates + that should no longer be trusted. + id: CertificateRevocationList + type: object + FetchCaCertsRequest: + id: FetchCaCertsRequest + description: Request message for CertificateAuthorityService.FetchCaCerts. + type: object + properties: + requestId: + description: >- + Optional. An ID to identify requests. Specify a unique request ID so + that if you must retry your request, the server will know to ignore + the request if it has already been completed. The server will + guarantee that for at least 60 minutes since the first request. For + example, consider a situation where you make an initial request and + the request times out. If you make the request again with the same + request ID, the server can check if original operation with the same + request ID was received, and if so, will ignore the second request. + This prevents clients from accidentally creating duplicate + commitments. The request ID must be a valid UUID with the exception + that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). + type: string + CertificateConfig: + properties: + subjectKeyId: + description: >- + Optional. When specified this provides a custom SKI to be used in + the certificate. This should only be used to maintain a SKI of an + existing CA originally created outside CA service, which was not + generated using method (1) described in RFC 5280 section 4.2.1.2. + $ref: '#/components/schemas/CertificateConfigKeyId' + x509Config: + $ref: '#/components/schemas/X509Parameters' description: >- - Contains the excluded email addresses. The value can be a particular - email address, a hostname to indicate all email addresses on that - host or a domain with a leading period (e.g. `.example.com`) to - indicate all email addresses in that domain. - type: array - items: - type: string - permittedUris: + Required. Describes how some of the technical X.509 fields in a + certificate should be populated. + subjectConfig: description: >- - Contains the permitted URIs that apply to the host part of the name. - The value can be a hostname or a domain with a leading period (like - `.example.com`) - type: array - items: - type: string - excludedUris: + Required. Specifies some of the values in a certificate that are + related to the subject. + $ref: '#/components/schemas/SubjectConfig' + publicKey: + $ref: '#/components/schemas/PublicKey' description: >- - Contains the excluded URIs that apply to the host part of the name. - The value can be a hostname or a domain with a leading period (like - `.example.com`) - type: array - items: - type: string - PublicKey: - id: PublicKey - description: A PublicKey describes a public key. + Optional. The public key that corresponds to this config. This is, + for example, used when issuing Certificates, but not when creating a + self-signed CertificateAuthority or CertificateAuthority CSR. type: object + description: >- + A CertificateConfig describes an X.509 certificate or CSR that is to be + created, as an alternative to using ASN.1. + id: CertificateConfig + AllowedKeyType: + id: AllowedKeyType properties: - key: - description: >- - Required. A public key. The padding and encoding must match with the - `KeyFormat` value specified for the `format` field. - type: string - format: byte - format: - description: Required. The format of the public key. - type: string - enumDescriptions: - - Default unspecified value. - - >- - The key is PEM-encoded as defined in [RFC - 7468](https://tools.ietf.org/html/rfc7468). It can be any of the - following: a PEM-encoded PKCS#1/RFC 3447 RSAPublicKey structure, - an RFC 5280 - [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1) - or a PEM-encoded X.509 certificate signing request (CSR). If a - [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1) - is specified, it can contain a A PEM-encoded PKCS#1/RFC 3447 - RSAPublicKey or a NIST P-256/secp256r1/prime256v1 or P-384 key. If - a CSR is specified, it will used solely for the purpose of - extracting the public key. When generated by the service, it will - always be an RFC 5280 - [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1) - structure containing an algorithm identifier and a key. - enum: - - KEY_FORMAT_UNSPECIFIED - - PEM - CertificateConfigKeyId: - id: CertificateConfigKeyId + rsa: + description: Represents an allowed RSA key type. + $ref: '#/components/schemas/RsaKeyType' + ellipticCurve: + description: Represents an allowed Elliptic Curve key type. + $ref: '#/components/schemas/EcKeyType' description: >- - A KeyId identifies a specific public key, usually by hashing the public - key. + Describes a "type" of key that may be used in a Certificate issued from + a CaPool. Note that a single AllowedKeyType may refer to either a + fully-qualified key algorithm, such as RSA 4096, or a family of key + algorithms, such as any RSA key. + type: object + RevokedCertificate: + id: RevokedCertificate type: object properties: - keyId: + certificate: description: >- - Required. The value of this KeyId encoded in lowercase hexadecimal. - This is most likely the 160 bit SHA-1 hash of the public key. + The resource name for the Certificate in the format + `projects/*/locations/*/caPools/*/certificates/*`. type: string - RevocationDetails: - id: RevocationDetails - description: Describes fields that are relavent to the revocation of a Certificate. - type: object - properties: - revocationState: - description: Indicates why a Certificate was revoked. + hexSerialNumber: + description: The serial number of the Certificate. type: string + revocationReason: enumDescriptions: - >- Default unspecified value. This value does indicate that a @@ -835,6 +1411,8 @@ components: - >- The authority which determines appropriate attributes for a Certificate may have been compromised. + type: string + description: The reason the Certificate was revoked. enum: - REVOCATION_REASON_UNSPECIFIED - KEY_COMPROMISE @@ -845,150 +1423,129 @@ components: - CERTIFICATE_HOLD - PRIVILEGE_WITHDRAWN - ATTRIBUTE_AUTHORITY_COMPROMISE - revocationTime: - description: The time at which this Certificate was revoked. - type: string - format: google-datetime - CertificateDescription: - id: CertificateDescription - description: >- - A CertificateDescription describes an X.509 certificate or CSR that has - been issued, as an alternative to using ASN.1 / X.509. + description: Describes a revoked Certificate. + ObjectId: + id: ObjectId type: object + description: >- + An ObjectId specifies an object identifier (OID). These provide context + and describe types in ASN.1 messages. properties: - subjectDescription: - description: >- - Describes some of the values in a certificate that are related to - the subject and lifetime. - $ref: '#/components/schemas/SubjectDescription' - x509Description: - description: Describes some of the technical X.509 fields in a certificate. - $ref: '#/components/schemas/X509Parameters' - publicKey: - description: The public key that corresponds to an issued certificate. - $ref: '#/components/schemas/PublicKey' - subjectKeyId: - description: >- - Provides a means of identifiying certificates that contain a - particular public key, per - https://tools.ietf.org/html/rfc5280#section-4.2.1.2. - $ref: '#/components/schemas/KeyId' - authorityKeyId: - description: >- - Identifies the subject_key_id of the parent certificate, per - https://tools.ietf.org/html/rfc5280#section-4.2.1.1 - $ref: '#/components/schemas/KeyId' - crlDistributionPoints: - description: >- - Describes a list of locations to obtain CRL information, i.e. the - DistributionPoint.fullName described by - https://tools.ietf.org/html/rfc5280#section-4.2.1.13 - type: array + objectIdPath: items: - type: string - aiaIssuingCertificateUrls: + type: integer + format: int32 + type: array description: >- - Describes lists of issuer CA certificate URLs that appear in the - "Authority Information Access" extension in the certificate. + Required. The parts of an OID path. The most significant parts of + the path come first. + TestIamPermissionsRequest: + type: object + properties: + permissions: + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). type: array items: type: string - certFingerprint: - description: The hash of the x.509 certificate. - $ref: '#/components/schemas/CertificateFingerprint' - tbsCertificateDigest: - description: >- - The hash of the pre-signed certificate, which will be signed by the - CA. Corresponds to the TBS Certificate in - https://tools.ietf.org/html/rfc5280#section-4.1.2. The field will - always be populated. - type: string - SubjectDescription: - id: SubjectDescription - description: >- - These values describe fields in an issued X.509 certificate such as the - distinguished name, subject alternative names, serial number, and - lifetime. + description: Request message for `TestIamPermissions` method. + id: TestIamPermissionsRequest + OperationMetadata: + description: Represents the metadata of the long-running operation. + id: OperationMetadata type: object properties: - subject: - description: >- - Contains distinguished name fields such as the common name, location - and / organization. - $ref: '#/components/schemas/Subject' - subjectAltName: - description: The subject alternative name fields. - $ref: '#/components/schemas/SubjectAltNames' - hexSerialNumber: - description: The serial number encoded in lowercase hexadecimal. - type: string - lifetime: - description: For convenience, the actual lifetime of an issued certificate. + statusMessage: + description: Output only. Human-readable status of the operation, if any. + readOnly: true type: string - format: google-duration - notBeforeTime: - description: The time at which the certificate becomes valid. + createTime: + description: Output only. The time the operation was created. type: string + readOnly: true format: google-datetime - notAfterTime: + requestedCancellation: description: >- - The time after which the certificate is expired. Per RFC 5280, the - validity period for a certificate is the period of time from - not_before_time through not_after_time, inclusive. Corresponds to - 'not_before_time' + 'lifetime' - 1 second. + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have google.longrunning.Operation.error value with a + google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. + type: boolean + readOnly: true + verb: + readOnly: true + description: Output only. Name of the verb executed by the operation. type: string + endTime: + description: Output only. The time the operation finished running. format: google-datetime - KeyId: - id: KeyId - description: >- - A KeyId identifies a specific public key, usually by hashing the public - key. - type: object - properties: - keyId: - description: >- - Optional. The value of this KeyId encoded in lowercase hexadecimal. - This is most likely the 160 bit SHA-1 hash of the public key. + readOnly: true type: string - CertificateFingerprint: - id: CertificateFingerprint - description: A group of fingerprints for the x509 certificate. - type: object - properties: - sha256Hash: - description: >- - The SHA 256 hash, encoded in hexadecimal, of the DER x509 - certificate. + apiVersion: + readOnly: true + type: string + description: Output only. API version used to start the operation. + target: + readOnly: true + description: >- + Output only. Server-defined resource path for the target of the + operation. type: string - ListCertificatesResponse: - id: ListCertificatesResponse - description: Response message for CertificateAuthorityService.ListCertificates. - type: object + PublicKey: properties: - certificates: - description: The list of Certificates. - type: array - items: - $ref: '#/components/schemas/Certificate' - nextPageToken: + key: + type: string + format: byte description: >- - A token to retrieve next page of results. Pass this value in - ListCertificatesRequest.page_token to retrieve the next page of - results. + Required. A public key. The padding and encoding must match with the + `KeyFormat` value specified for the `format` field. + format: + description: Required. The format of the public key. + enumDescriptions: + - Default unspecified value. + - >- + The key is PEM-encoded as defined in [RFC + 7468](https://tools.ietf.org/html/rfc7468). It can be any of the + following: a PEM-encoded PKCS#1/RFC 3447 RSAPublicKey structure, + an RFC 5280 + [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1) + or a PEM-encoded X.509 certificate signing request (CSR). If a + [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1) + is specified, it can contain a A PEM-encoded PKCS#1/RFC 3447 + RSAPublicKey or a NIST P-256/secp256r1/prime256v1 or P-384 key. If + a CSR is specified, it will used solely for the purpose of + extracting the public key. When generated by the service, it will + always be an RFC 5280 + [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1) + structure containing an algorithm identifier and a key. type: string - unreachable: - description: A list of locations (e.g. "us-west1") that could not be reached. - type: array - items: - type: string - RevokeCertificateRequest: - id: RevokeCertificateRequest - description: Request message for CertificateAuthorityService.RevokeCertificate. + enum: + - KEY_FORMAT_UNSPECIFIED + - PEM type: object + description: A PublicKey describes a public key. + id: PublicKey + RevokeCertificateRequest: properties: - reason: - description: Required. The RevocationReason for revoking this certificate. + requestId: type: string + description: >- + Optional. An ID to identify requests. Specify a unique request ID so + that if you must retry your request, the server will know to ignore + the request if it has already been completed. The server will + guarantee that for at least 60 minutes since the first request. For + example, consider a situation where you make an initial request and + the request times out. If you make the request again with the same + request ID, the server can check if original operation with the same + request ID was received, and if so, will ignore the second request. + This prevents clients from accidentally creating duplicate + commitments. The request ID must be a valid UUID with the exception + that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). + reason: enumDescriptions: - >- Default unspecified value. This value does indicate that a @@ -1012,6 +1569,8 @@ components: - >- The authority which determines appropriate attributes for a Certificate may have been compromised. + type: string + description: Required. The RevocationReason for revoking this certificate. enum: - REVOCATION_REASON_UNSPECIFIED - KEY_COMPROMISE @@ -1022,718 +1581,445 @@ components: - CERTIFICATE_HOLD - PRIVILEGE_WITHDRAWN - ATTRIBUTE_AUTHORITY_COMPROMISE - requestId: - description: >- - Optional. An ID to identify requests. Specify a unique request ID so - that if you must retry your request, the server will know to ignore - the request if it has already been completed. The server will - guarantee that for at least 60 minutes since the first request. For - example, consider a situation where you make an initial request and - the request times out. If you make the request again with the same - request ID, the server can check if original operation with the same - request ID was received, and if so, will ignore the second request. - This prevents clients from accidentally creating duplicate - commitments. The request ID must be a valid UUID with the exception - that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). - type: string - ActivateCertificateAuthorityRequest: - id: ActivateCertificateAuthorityRequest - description: >- - Request message for - CertificateAuthorityService.ActivateCertificateAuthority. - type: object - properties: - pemCaCertificate: - description: >- - Required. The signed CA certificate issued from - FetchCertificateAuthorityCsrResponse.pem_csr. - type: string - subordinateConfig: - description: >- - Required. Must include information about the issuer of - 'pem_ca_certificate', and any further issuers until the self-signed - CA. - $ref: '#/components/schemas/SubordinateConfig' - requestId: - description: >- - Optional. An ID to identify requests. Specify a unique request ID so - that if you must retry your request, the server will know to ignore - the request if it has already been completed. The server will - guarantee that for at least 60 minutes since the first request. For - example, consider a situation where you make an initial request and - the request times out. If you make the request again with the same - request ID, the server can check if original operation with the same - request ID was received, and if so, will ignore the second request. - This prevents clients from accidentally creating duplicate - commitments. The request ID must be a valid UUID with the exception - that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). - type: string - SubordinateConfig: - id: SubordinateConfig - description: >- - Describes a subordinate CA's issuers. This is either a resource name to - a known issuing CertificateAuthority, or a PEM issuer certificate chain. - type: object - properties: - certificateAuthority: - description: >- - Required. This can refer to a CertificateAuthority that was used to - create a subordinate CertificateAuthority. This field is used for - information and usability purposes only. The resource name is in the - format `projects/*/locations/*/caPools/*/certificateAuthorities/*`. - type: string - pemIssuerChain: - description: >- - Required. Contains the PEM certificate chain for the issuers of this - CertificateAuthority, but not pem certificate for this CA itself. - $ref: '#/components/schemas/SubordinateConfigChain' - SubordinateConfigChain: - id: SubordinateConfigChain - description: >- - This message describes a subordinate CA's issuer certificate chain. This - wrapper exists for compatibility reasons. + description: Request message for CertificateAuthorityService.RevokeCertificate. + id: RevokeCertificateRequest type: object - properties: - pemCertificates: - description: >- - Required. Expected to be in leaf-to-root order according to RFC - 5246. - type: array - items: - type: string - CertificateAuthority: - id: CertificateAuthority - description: >- - A CertificateAuthority represents an individual Certificate Authority. A - CertificateAuthority can be used to create Certificates. + NameConstraints: type: object properties: - name: - description: >- - Identifier. The resource name for this CertificateAuthority in the - format `projects/*/locations/*/caPools/*/certificateAuthorities/*`. - type: string - type: - description: Required. Immutable. The Type of this CertificateAuthority. - type: string - enumDescriptions: - - Not specified. - - Self-signed CA. - - >- - Subordinate CA. Could be issued by a Private CA - CertificateAuthority or an unmanaged CA. - enum: - - TYPE_UNSPECIFIED - - SELF_SIGNED - - SUBORDINATE - config: - description: >- - Required. Immutable. The config used to create a self-signed X.509 - certificate or CSR. - $ref: '#/components/schemas/CertificateConfig' - lifetime: - description: >- - Required. Immutable. The desired lifetime of the CA certificate. - Used to create the "not_before_time" and "not_after_time" fields - inside an X.509 certificate. - type: string - format: google-duration - keySpec: - description: >- - Required. Immutable. Used when issuing certificates for this - CertificateAuthority. If this CertificateAuthority is a self-signed - CertificateAuthority, this key is also used to sign the self-signed - CA certificate. Otherwise, it is used to sign a CSR. - $ref: '#/components/schemas/KeyVersionSpec' - subordinateConfig: - description: >- - Optional. If this is a subordinate CertificateAuthority, this field - will be set with the subordinate configuration, which describes its - issuers. This may be updated, but this CertificateAuthority must - continue to validate. - $ref: '#/components/schemas/SubordinateConfig' - tier: - description: >- - Output only. The CaPool.Tier of the CaPool that includes this - CertificateAuthority. - readOnly: true - type: string - enumDescriptions: - - Not specified. - - Enterprise tier. - - DevOps tier. - enum: - - TIER_UNSPECIFIED - - ENTERPRISE - - DEVOPS - state: - description: Output only. The State for this CertificateAuthority. - readOnly: true - type: string - enumDescriptions: - - Not specified. - - >- - Certificates can be issued from this CA. CRLs will be generated - for this CA. The CA will be part of the CaPool's trust anchor, and - will be used to issue certificates from the CaPool. - - >- - Certificates cannot be issued from this CA. CRLs will still be - generated. The CA will be part of the CaPool's trust anchor, but - will not be used to issue certificates from the CaPool. - - >- - Certificates can be issued from this CA. CRLs will be generated - for this CA. The CA will be part of the CaPool's trust anchor, but - will not be used to issue certificates from the CaPool. - - >- - Certificates cannot be issued from this CA. CRLs will not be - generated. The CA will not be part of the CaPool's trust anchor, - and will not be used to issue certificates from the CaPool. - - >- - Certificates cannot be issued from this CA. CRLs will not be - generated. The CA may still be recovered by calling - CertificateAuthorityService.UndeleteCertificateAuthority before - expire_time. The CA will not be part of the CaPool's trust anchor, - and will not be used to issue certificates from the CaPool. - enum: - - STATE_UNSPECIFIED - - ENABLED - - DISABLED - - STAGED - - AWAITING_USER_ACTIVATION - - DELETED - pemCaCertificates: + permittedEmailAddresses: description: >- - Output only. This CertificateAuthority's certificate chain, - including the current CertificateAuthority's certificate. Ordered - such that the root issuer is the final element (consistent with RFC - 5246). For a self-signed CA, this will only list the current - CertificateAuthority's certificate. - readOnly: true + Contains the permitted email addresses. The value can be a + particular email address, a hostname to indicate all email addresses + on that host or a domain with a leading period (e.g. `.example.com`) + to indicate all email addresses in that domain. + items: + type: string + type: array + excludedUris: type: array items: type: string - caCertificateDescriptions: description: >- - Output only. A structured description of this CertificateAuthority's - CA certificate and its issuers. Ordered as self-to-root. - readOnly: true + Contains the excluded URIs that apply to the host part of the name. + The value can be a hostname or a domain with a leading period (like + `.example.com`) + excludedDnsNames: + description: >- + Contains excluded DNS names. Any DNS name that can be constructed by + simply adding zero or more labels to the left-hand side of the name + satisfies the name constraint. For example, `example.com`, + `www.example.com`, `www.sub.example.com` would satisfy `example.com` + while `example1.com` does not. + items: + type: string + type: array + critical: + type: boolean + description: Indicates whether or not the name constraints are marked critical. + excludedIpRanges: + description: >- + Contains the excluded IP ranges. For IPv4 addresses, the ranges are + expressed using CIDR notation as specified in RFC 4632. For IPv6 + addresses, the ranges are expressed in similar encoding as IPv4 + addresses. + items: + type: string + type: array + permittedIpRanges: type: array items: - $ref: '#/components/schemas/CertificateDescription' - gcsBucket: + type: string description: >- - Immutable. The name of a Cloud Storage bucket where this - CertificateAuthority will publish content, such as the CA - certificate and CRLs. This must be a bucket name, without any - prefixes (such as `gs://`) or suffixes (such as `.googleapis.com`). - For example, to use a bucket named `my-bucket`, you would simply - specify `my-bucket`. If not specified, a managed bucket will be - created. - type: string - accessUrls: + Contains the permitted IP ranges. For IPv4 addresses, the ranges are + expressed using CIDR notation as specified in RFC 4632. For IPv6 + addresses, the ranges are expressed in similar encoding as IPv4 + addresses. + permittedUris: description: >- - Output only. URLs for accessing content published by this CA, such - as the CA certificate and CRLs. - readOnly: true - $ref: '#/components/schemas/AccessUrls' - createTime: + Contains the permitted URIs that apply to the host part of the name. + The value can be a hostname or a domain with a leading period (like + `.example.com`) + type: array + items: + type: string + permittedDnsNames: description: >- - Output only. The time at which this CertificateAuthority was - created. - readOnly: true - type: string - format: google-datetime - updateTime: + Contains permitted DNS names. Any DNS name that can be constructed + by simply adding zero or more labels to the left-hand side of the + name satisfies the name constraint. For example, `example.com`, + `www.example.com`, `www.sub.example.com` would satisfy `example.com` + while `example1.com` does not. + type: array + items: + type: string + excludedEmailAddresses: + items: + type: string description: >- - Output only. The time at which this CertificateAuthority was last - updated. + Contains the excluded email addresses. The value can be a particular + email address, a hostname to indicate all email addresses on that + host or a domain with a leading period (e.g. `.example.com`) to + indicate all email addresses in that domain. + type: array + description: >- + Describes the X.509 name constraints extension, per + https://tools.ietf.org/html/rfc5280#section-4.2.1.10 + id: NameConstraints + FetchCertificateAuthorityCsrResponse: + properties: + pemCsr: readOnly: true type: string - format: google-datetime - deleteTime: description: >- - Output only. The time at which this CertificateAuthority was soft - deleted, if it is in the DELETED state. - readOnly: true + Output only. The PEM-encoded signed certificate signing request + (CSR). + id: FetchCertificateAuthorityCsrResponse + description: >- + Response message for + CertificateAuthorityService.FetchCertificateAuthorityCsr. + type: object + RevocationDetails: + id: RevocationDetails + properties: + revocationState: + description: Indicates why a Certificate was revoked. + enumDescriptions: + - >- + Default unspecified value. This value does indicate that a + Certificate has been revoked, but that a reason has not been + recorded. + - Key material for this Certificate may have leaked. + - >- + The key material for a certificate authority in the issuing path + may have leaked. + - The subject or other attributes in this Certificate have changed. + - This Certificate has been superseded. + - >- + This Certificate or entities in the issuing path have ceased to + operate. + - >- + This Certificate should not be considered valid, it is expected + that it may become valid in the future. + - >- + This Certificate no longer has permission to assert the listed + attributes. + - >- + The authority which determines appropriate attributes for a + Certificate may have been compromised. type: string + enum: + - REVOCATION_REASON_UNSPECIFIED + - KEY_COMPROMISE + - CERTIFICATE_AUTHORITY_COMPROMISE + - AFFILIATION_CHANGED + - SUPERSEDED + - CESSATION_OF_OPERATION + - CERTIFICATE_HOLD + - PRIVILEGE_WITHDRAWN + - ATTRIBUTE_AUTHORITY_COMPROMISE + revocationTime: format: google-datetime - expireTime: - description: >- - Output only. The time at which this CertificateAuthority will be - permanently purged, if it is in the DELETED state. - readOnly: true + description: The time at which this Certificate was revoked. type: string - format: google-datetime - labels: - description: Optional. Labels with user-defined metadata. - type: object - additionalProperties: - type: string - userDefinedAccessUrls: - description: >- - Optional. User-defined URLs for CA certificate and CRLs. The service - does not publish content to these URLs. It is up to the user to - mirror content to these URLs. - $ref: '#/components/schemas/UserDefinedAccessUrls' - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - KeyVersionSpec: - id: KeyVersionSpec - description: A Cloud KMS key configuration that a CertificateAuthority will use. + description: Describes fields that are relavent to the revocation of a Certificate. + type: object + ListCertificatesResponse: type: object properties: - cloudKmsKeyVersion: - description: >- - The resource name for an existing Cloud KMS CryptoKeyVersion in the - format - `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. - This option enables full flexibility in the key's capabilities and - properties. - type: string - algorithm: + certificates: + description: The list of Certificates. + items: + $ref: '#/components/schemas/Certificate' + type: array + unreachable: + description: A list of locations (e.g. "us-west1") that could not be reached. + type: array + items: + type: string + nextPageToken: description: >- - The algorithm to use for creating a managed Cloud KMS key for a for - a simplified experience. All managed keys will be have their - ProtectionLevel as `HSM`. + A token to retrieve next page of results. Pass this value in + ListCertificatesRequest.page_token to retrieve the next page of + results. type: string - enumDescriptions: - - Not specified. - - maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_2048_SHA256 - - maps to CryptoKeyVersionAlgorithm. RSA_SIGN_PSS_3072_SHA256 - - maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_4096_SHA256 - - maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256 - - maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_3072_SHA256 - - maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_4096_SHA256 - - maps to CryptoKeyVersionAlgorithm.EC_SIGN_P256_SHA256 - - maps to CryptoKeyVersionAlgorithm.EC_SIGN_P384_SHA384 - enum: - - SIGN_HASH_ALGORITHM_UNSPECIFIED - - RSA_PSS_2048_SHA256 - - RSA_PSS_3072_SHA256 - - RSA_PSS_4096_SHA256 - - RSA_PKCS1_2048_SHA256 - - RSA_PKCS1_3072_SHA256 - - RSA_PKCS1_4096_SHA256 - - EC_P256_SHA256 - - EC_P384_SHA384 - AccessUrls: - id: AccessUrls - description: URLs where a CertificateAuthority will publish content. + description: Response message for CertificateAuthorityService.ListCertificates. + id: ListCertificatesResponse + SubjectAltNames: type: object + id: SubjectAltNames properties: - caCertificateAccessUrl: - description: >- - The URL where this CertificateAuthority's CA certificate is - published. This will only be set for CAs that have been activated. - type: string - crlAccessUrls: - description: >- - The URLs where this CertificateAuthority's CRLs are published. This - will only be set for CAs that have been activated. + emailAddresses: + description: Contains only valid RFC 2822 E-mail addresses. + type: array + items: + type: string + uris: + description: Contains only valid RFC 3986 URIs. type: array items: type: string - UserDefinedAccessUrls: - id: UserDefinedAccessUrls - description: >- - User-defined URLs for accessing content published by this - CertificateAuthority. - type: object - properties: - aiaIssuingCertificateUrls: + customSans: description: >- - Optional. A list of URLs where the issuer CA certificate may be - downloaded, which appears in the "Authority Information Access" - extension in the certificate. If specified, the default Cloud - Storage URLs will be omitted. + Contains additional subject alternative name values. For each + custom_san, the `value` field must contain an ASN.1 encoded + UTF8String. + items: + $ref: '#/components/schemas/X509Extension' + type: array + dnsNames: type: array items: type: string - crlAccessUrls: - description: >- - Optional. A list of URLs where to obtain CRL information, i.e. the - DistributionPoint.fullName described by - https://tools.ietf.org/html/rfc5280#section-4.2.1.13. If specified, - the default Cloud Storage URLs will be omitted. + description: Contains only valid, fully-qualified host names. + ipAddresses: type: array + description: >- + Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 + addresses. items: type: string - DisableCertificateAuthorityRequest: - id: DisableCertificateAuthorityRequest description: >- - Request message for - CertificateAuthorityService.DisableCertificateAuthority. - type: object + SubjectAltNames corresponds to a more modern way of listing what the + asserted identity is in a certificate (i.e., compared to the "common + name" in the distinguished name). + Certificate: properties: - requestId: + certificateTemplate: + type: string description: >- - Optional. An ID to identify requests. Specify a unique request ID so - that if you must retry your request, the server will know to ignore - the request if it has already been completed. The server will - guarantee that for at least 60 minutes since the first request. For - example, consider a situation where you make an initial request and - the request times out. If you make the request again with the same - request ID, the server can check if original operation with the same - request ID was received, and if so, will ignore the second request. - This prevents clients from accidentally creating duplicate - commitments. The request ID must be a valid UUID with the exception - that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). + Immutable. The resource name for a CertificateTemplate used to issue + this certificate, in the format + `projects/*/locations/*/certificateTemplates/*`. If this is + specified, the caller must have the necessary permission to use this + template. If this is omitted, no template will be used. This + template must be in the same location as the Certificate. + updateTime: + readOnly: true type: string - ignoreDependentResources: + description: Output only. The time at which this Certificate was updated. + format: google-datetime + config: description: >- - Optional. This field allows this CA to be disabled even if it's - being depended on by another resource. However, doing so may result - in unintended and unrecoverable effects on any dependent resources - since the CA will no longer be able to issue certificates. - type: boolean - EnableCertificateAuthorityRequest: - id: EnableCertificateAuthorityRequest - description: >- - Request message for - CertificateAuthorityService.EnableCertificateAuthority. - type: object - properties: - requestId: + Immutable. A description of the certificate and key that does not + require X.509 or ASN.1. + $ref: '#/components/schemas/CertificateConfig' + certificateDescription: description: >- - Optional. An ID to identify requests. Specify a unique request ID so - that if you must retry your request, the server will know to ignore - the request if it has already been completed. The server will - guarantee that for at least 60 minutes since the first request. For - example, consider a situation where you make an initial request and - the request times out. If you make the request again with the same - request ID, the server can check if original operation with the same - request ID was received, and if so, will ignore the second request. - This prevents clients from accidentally creating duplicate - commitments. The request ID must be a valid UUID with the exception - that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). - type: string - FetchCertificateAuthorityCsrResponse: - id: FetchCertificateAuthorityCsrResponse - description: >- - Response message for - CertificateAuthorityService.FetchCertificateAuthorityCsr. - type: object - properties: - pemCsr: + Output only. A structured description of the issued X.509 + certificate. + readOnly: true + $ref: '#/components/schemas/CertificateDescription' + revocationDetails: description: >- - Output only. The PEM-encoded signed certificate signing request - (CSR). + Output only. Details regarding the revocation of this Certificate. + This Certificate is considered revoked if and only if this field is + present. + $ref: '#/components/schemas/RevocationDetails' readOnly: true + createTime: + format: google-datetime type: string - ListCertificateAuthoritiesResponse: - id: ListCertificateAuthoritiesResponse - description: >- - Response message for - CertificateAuthorityService.ListCertificateAuthorities. - type: object - properties: - certificateAuthorities: - description: The list of CertificateAuthorities. - type: array - items: - $ref: '#/components/schemas/CertificateAuthority' - nextPageToken: + readOnly: true + description: Output only. The time at which this Certificate was created. + subjectMode: + enumDescriptions: + - Not specified. + - >- + The default mode used in most cases. Indicates that the + certificate's Subject and/or SubjectAltNames are specified in the + certificate request. This mode requires the caller to have the + `privateca.certificates.create` permission. + - >- + A mode used to get an accurate representation of the Subject + field's distinguished name. Indicates that the certificate's + Subject and/or SubjectAltNames are specified in the certificate + request. When parsing a PEM CSR this mode will maintain the + sequence of RDNs found in the CSR's subject field in the issued + Certificate. This mode requires the caller to have the + `privateca.certificates.create` permission. + - >- + A mode reserved for special cases. Indicates that the certificate + should have one SPIFFE SubjectAltNames set by the service based on + the caller's identity. This mode will ignore any explicitly + specified Subject and/or SubjectAltNames in the certificate + request. This mode requires the caller to have the + `privateca.certificates.createForSelf` permission. description: >- - A token to retrieve next page of results. Pass this value in - ListCertificateAuthoritiesRequest.page_token to retrieve the next - page of results. + Immutable. Specifies how the Certificate's identity fields are to be + decided. If this is omitted, the `DEFAULT` subject mode will be + used. type: string - unreachable: - description: A list of locations (e.g. "us-west1") that could not be reached. + enum: + - SUBJECT_REQUEST_MODE_UNSPECIFIED + - DEFAULT + - RDN_SEQUENCE + - REFLECTED_SPIFFE + pemCertificateChain: + description: >- + Output only. The chain that may be used to verify the X.509 + certificate. Expected to be in issuer-to-root order according to RFC + 5246. type: array + readOnly: true items: type: string - UndeleteCertificateAuthorityRequest: - id: UndeleteCertificateAuthorityRequest - description: >- - Request message for - CertificateAuthorityService.UndeleteCertificateAuthority. - type: object - properties: - requestId: + name: + type: string description: >- - Optional. An ID to identify requests. Specify a unique request ID so - that if you must retry your request, the server will know to ignore - the request if it has already been completed. The server will - guarantee that for at least 60 minutes since the first request. For - example, consider a situation where you make an initial request and - the request times out. If you make the request again with the same - request ID, the server can check if original operation with the same - request ID was received, and if so, will ignore the second request. - This prevents clients from accidentally creating duplicate - commitments. The request ID must be a valid UUID with the exception - that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). + Identifier. The resource name for this Certificate in the format + `projects/*/locations/*/caPools/*/certificates/*`. + pemCsr: + description: Immutable. A pem-encoded X.509 certificate signing request (CSR). type: string - CaPool: - id: CaPool - description: >- - A CaPool represents a group of CertificateAuthorities that form a trust - anchor. A CaPool can be used to manage issuance policies for one or more - CertificateAuthority resources and to rotate CA certificates in and out - of the trust anchor. - type: object - properties: - name: + issuerCertificateAuthority: + readOnly: true description: >- - Identifier. The resource name for this CaPool in the format - `projects/*/locations/*/caPools/*`. + Output only. The resource name of the issuing CertificateAuthority + in the format + `projects/*/locations/*/caPools/*/certificateAuthorities/*`. type: string - tier: - description: Required. Immutable. The Tier of this CaPool. + lifetime: type: string - enumDescriptions: - - Not specified. - - Enterprise tier. - - DevOps tier. - enum: - - TIER_UNSPECIFIED - - ENTERPRISE - - DEVOPS - issuancePolicy: - description: >- - Optional. The IssuancePolicy to control how Certificates will be - issued from this CaPool. - $ref: '#/components/schemas/IssuancePolicy' - publishingOptions: description: >- - Optional. The PublishingOptions to follow when issuing Certificates - from any CertificateAuthority in this CaPool. - $ref: '#/components/schemas/PublishingOptions' + Required. Immutable. The desired lifetime of a certificate. Used to + create the "not_before_time" and "not_after_time" fields inside an + X.509 certificate. Note that the lifetime may be truncated if it + would extend past the life of any certificate authority in the + issuing chain. + format: google-duration labels: - description: Optional. Labels with user-defined metadata. - type: object additionalProperties: type: string - IssuancePolicy: - id: IssuancePolicy - description: Defines controls over all certificate issuance within a CaPool. + type: object + description: Optional. Labels with user-defined metadata. + pemCertificate: + readOnly: true + description: Output only. The pem-encoded, signed X.509 certificate. + type: string type: object + description: >- + A Certificate corresponds to a signed X.509 certificate issued by a + CertificateAuthority. + id: Certificate + ActivateCertificateAuthorityRequest: + type: object + description: >- + Request message for + CertificateAuthorityService.ActivateCertificateAuthority. + id: ActivateCertificateAuthorityRequest properties: - allowedKeyTypes: + subordinateConfig: + $ref: '#/components/schemas/SubordinateConfig' description: >- - Optional. If any AllowedKeyType is specified, then the certificate - request's public key must match one of the key types listed here. - Otherwise, any key may be used. - type: array - items: - $ref: '#/components/schemas/AllowedKeyType' - backdateDuration: + Required. Must include information about the issuer of + 'pem_ca_certificate', and any further issuers until the self-signed + CA. + pemCaCertificate: description: >- - Optional. The duration to backdate all certificates issued from this - CaPool. If not set, the certificates will be issued with a - not_before_time of the issuance time (i.e. the current time). If - set, the certificates will be issued with a not_before_time of the - issuance time minus the backdate_duration. The not_after_time will - be adjusted to preserve the requested lifetime. The - backdate_duration must be less than or equal to 48 hours. + Required. The signed CA certificate issued from + FetchCertificateAuthorityCsrResponse.pem_csr. type: string - format: google-duration - maximumLifetime: + requestId: description: >- - Optional. The maximum lifetime allowed for issued Certificates. Note - that if the issuing CertificateAuthority expires before a - Certificate resource's requested maximum_lifetime, the effective - lifetime will be explicitly truncated to match it. + Optional. An ID to identify requests. Specify a unique request ID so + that if you must retry your request, the server will know to ignore + the request if it has already been completed. The server will + guarantee that for at least 60 minutes since the first request. For + example, consider a situation where you make an initial request and + the request times out. If you make the request again with the same + request ID, the server can check if original operation with the same + request ID was received, and if so, will ignore the second request. + This prevents clients from accidentally creating duplicate + commitments. The request ID must be a valid UUID with the exception + that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). type: string - format: google-duration - allowedIssuanceModes: - description: >- - Optional. If specified, then only methods allowed in the - IssuanceModes may be used to issue Certificates. - $ref: '#/components/schemas/IssuanceModes' - baselineValues: - description: >- - Optional. A set of X.509 values that will be applied to all - certificates issued through this CaPool. If a certificate request - includes conflicting values for the same properties, they will be - overwritten by the values defined here. If a certificate request - uses a CertificateTemplate that defines conflicting - predefined_values for the same properties, the certificate issuance - request will fail. - $ref: '#/components/schemas/X509Parameters' - identityConstraints: - description: >- - Optional. Describes constraints on identities that may appear in - Certificates issued through this CaPool. If this is omitted, then - this CaPool will not add restrictions on a certificate's identity. - $ref: '#/components/schemas/CertificateIdentityConstraints' - passthroughExtensions: - description: >- - Optional. Describes the set of X.509 extensions that may appear in a - Certificate issued through this CaPool. If a certificate request - sets extensions that don't appear in the passthrough_extensions, - those extensions will be dropped. If a certificate request uses a - CertificateTemplate with predefined_values that don't appear here, - the certificate issuance request will fail. If this is omitted, then - this CaPool will not add restrictions on a certificate's X.509 - extensions. These constraints do not apply to X.509 extensions set - in this CaPool's baseline_values. - $ref: '#/components/schemas/CertificateExtensionConstraints' - AllowedKeyType: - id: AllowedKeyType - description: >- - Describes a "type" of key that may be used in a Certificate issued from - a CaPool. Note that a single AllowedKeyType may refer to either a - fully-qualified key algorithm, such as RSA 4096, or a family of key - algorithms, such as any RSA key. - type: object - properties: - rsa: - description: Represents an allowed RSA key type. - $ref: '#/components/schemas/RsaKeyType' - ellipticCurve: - description: Represents an allowed Elliptic Curve key type. - $ref: '#/components/schemas/EcKeyType' RsaKeyType: - id: RsaKeyType description: >- Describes an RSA key that may be used in a Certificate issued from a CaPool. + id: RsaKeyType type: object properties: - minModulusSize: - description: >- - Optional. The minimum allowed RSA modulus size (inclusive), in bits. - If this is not set, or if set to zero, the service-level min RSA - modulus size will continue to apply. - type: string - format: int64 maxModulusSize: + format: int64 description: >- Optional. The maximum allowed RSA modulus size (inclusive), in bits. If this is not set, or if set to zero, the service will not enforce an explicit upper bound on RSA modulus sizes. type: string + minModulusSize: format: int64 - EcKeyType: - id: EcKeyType - description: >- - Describes an Elliptic Curve key that may be used in a Certificate issued - from a CaPool. - type: object - properties: - signatureAlgorithm: - description: >- - Optional. A signature algorithm that must be used. If this is - omitted, any EC-based signature algorithm will be allowed. type: string - enumDescriptions: - - Not specified. Signifies that any signature algorithm may be used. - - >- - Refers to the Elliptic Curve Digital Signature Algorithm over the - NIST P-256 curve. - - >- - Refers to the Elliptic Curve Digital Signature Algorithm over the - NIST P-384 curve. - - >- - Refers to the Edwards-curve Digital Signature Algorithm over curve - 25519, as described in RFC 8410. - enum: - - EC_SIGNATURE_ALGORITHM_UNSPECIFIED - - ECDSA_P256 - - ECDSA_P384 - - EDDSA_25519 - IssuanceModes: - id: IssuanceModes - description: >- - IssuanceModes specifies the allowed ways in which Certificates may be - requested from this CaPool. - type: object - properties: - allowCsrBasedIssuance: - description: >- - Optional. When true, allows callers to create Certificates by - specifying a CSR. - type: boolean - allowConfigBasedIssuance: description: >- - Optional. When true, allows callers to create Certificates by - specifying a CertificateConfig. - type: boolean - CertificateIdentityConstraints: - id: CertificateIdentityConstraints - description: Describes constraints on a Certificate's Subject and SubjectAltNames. + Optional. The minimum allowed RSA modulus size (inclusive), in bits. + If this is not set, or if set to zero, the service-level min RSA + modulus size will continue to apply. + ListOperationsResponse: + id: ListOperationsResponse type: object properties: - celExpression: - description: >- - Optional. A CEL expression that may be used to validate the resolved - X.509 Subject and/or Subject Alternative Name before a certificate - is signed. To see the full allowed syntax and some examples, see - https://cloud.google.com/certificate-authority-service/docs/using-cel - $ref: '#/components/schemas/Expr' - allowSubjectPassthrough: + nextPageToken: + type: string + description: The standard List next-page token. + operations: description: >- - Required. If this is true, the Subject field may be copied from a - certificate request into the signed certificate. Otherwise, the - requested Subject will be discarded. - type: boolean - allowSubjectAltNamesPassthrough: + A list of operations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Operation' + type: array + unreachable: description: >- - Required. If this is true, the SubjectAltNames extension may be - copied from a certificate request into the signed certificate. - Otherwise, the requested SubjectAltNames will be discarded. - type: boolean - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string + description: The response message for Operations.ListOperations. + DisableCertificateAuthorityRequest: type: object properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string - title: - description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. - type: string - description: + ignoreDependentResources: + type: boolean description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + Optional. This field allows this CA to be disabled even if it's + being depended on by another resource. However, doing so may result + in unintended and unrecoverable effects on any dependent resources + since the CA will no longer be able to issue certificates. + requestId: type: string - location: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - CertificateExtensionConstraints: - id: CertificateExtensionConstraints + Optional. An ID to identify requests. Specify a unique request ID so + that if you must retry your request, the server will know to ignore + the request if it has already been completed. The server will + guarantee that for at least 60 minutes since the first request. For + example, consider a situation where you make an initial request and + the request times out. If you make the request again with the same + request ID, the server can check if original operation with the same + request ID was received, and if so, will ignore the second request. + This prevents clients from accidentally creating duplicate + commitments. The request ID must be a valid UUID with the exception + that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). + id: DisableCertificateAuthorityRequest description: >- - Describes a set of X.509 extensions that may be part of some certificate - issuance controls. + Request message for + CertificateAuthorityService.DisableCertificateAuthority. + CertificateExtensionConstraints: type: object properties: + additionalExtensions: + description: >- + Optional. A set of ObjectIds identifying custom X.509 extensions. + Will be combined with known_extensions to determine the full set of + X.509 extensions. + items: + $ref: '#/components/schemas/ObjectId' + type: array knownExtensions: description: >- Optional. A set of named X.509 extensions. Will be combined with @@ -1780,479 +2066,252 @@ components: - POLICY_IDS - AIA_OCSP_SERVERS - NAME_CONSTRAINTS - additionalExtensions: - description: >- - Optional. A set of ObjectIds identifying custom X.509 extensions. - Will be combined with known_extensions to determine the full set of - X.509 extensions. - type: array - items: - $ref: '#/components/schemas/ObjectId' - PublishingOptions: - id: PublishingOptions - description: >- - Options relating to the publication of each CertificateAuthority's CA - certificate and CRLs and their inclusion as extensions in issued - Certificates. The options set here apply to certificates issued by any - CertificateAuthority in the CaPool. - type: object - properties: - publishCaCert: - description: >- - Optional. When true, publishes each CertificateAuthority's CA - certificate and includes its URL in the "Authority Information - Access" X.509 extension in all issued Certificates. If this is - false, the CA certificate will not be published and the - corresponding X.509 extension will not be written in issued - certificates. - type: boolean - publishCrl: - description: >- - Optional. When true, publishes each CertificateAuthority's CRL and - includes its URL in the "CRL Distribution Points" X.509 extension in - all issued Certificates. If this is false, CRLs will not be - published and the corresponding X.509 extension will not be written - in issued certificates. CRLs will expire 7 days from their creation. - However, we will rebuild daily. CRLs are also rebuilt shortly after - a certificate is revoked. - type: boolean - encodingFormat: - description: >- - Optional. Specifies the encoding format of each CertificateAuthority - resource's CA certificate and CRLs. If this is omitted, CA - certificates and CRLs will be published in PEM. - type: string - enumDescriptions: - - Not specified. By default, PEM format will be used. - - >- - The CertificateAuthority's CA certificate and CRLs will be - published in PEM format. - - >- - The CertificateAuthority's CA certificate and CRLs will be - published in DER format. - enum: - - ENCODING_FORMAT_UNSPECIFIED - - PEM - - DER - ListCaPoolsResponse: - id: ListCaPoolsResponse - description: Response message for CertificateAuthorityService.ListCaPools. - type: object - properties: - caPools: - description: The list of CaPools. - type: array - items: - $ref: '#/components/schemas/CaPool' - nextPageToken: - description: >- - A token to retrieve next page of results. Pass this value in - ListCertificateAuthoritiesRequest.page_token to retrieve the next - page of results. - type: string - unreachable: - description: A list of locations (e.g. "us-west1") that could not be reached. - type: array - items: - type: string - FetchCaCertsRequest: - id: FetchCaCertsRequest - description: Request message for CertificateAuthorityService.FetchCaCerts. - type: object - properties: - requestId: - description: >- - Optional. An ID to identify requests. Specify a unique request ID so - that if you must retry your request, the server will know to ignore - the request if it has already been completed. The server will - guarantee that for at least 60 minutes since the first request. For - example, consider a situation where you make an initial request and - the request times out. If you make the request again with the same - request ID, the server can check if original operation with the same - request ID was received, and if so, will ignore the second request. - This prevents clients from accidentally creating duplicate - commitments. The request ID must be a valid UUID with the exception - that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). - type: string - FetchCaCertsResponse: - id: FetchCaCertsResponse - description: Response message for CertificateAuthorityService.FetchCaCerts. - type: object - properties: - caCerts: - description: >- - The PEM encoded CA certificate chains of all certificate authorities - in this CaPool in the ENABLED, DISABLED, or STAGED states. - type: array - items: - $ref: '#/components/schemas/CertChain' - CertChain: - id: CertChain - type: object - properties: - certificates: - description: The certificates that form the CA chain, from leaf to root order. - type: array - items: - type: string - CertificateRevocationList: - id: CertificateRevocationList - description: >- - A CertificateRevocationList corresponds to a signed X.509 certificate - Revocation List (CRL). A CRL contains the serial numbers of certificates - that should no longer be trusted. - type: object - properties: - name: - description: >- - Identifier. The resource name for this CertificateRevocationList in - the format - `projects/*/locations/*/caPools/*certificateAuthorities/*/ - certificateRevocationLists/*`. - type: string - sequenceNumber: - description: Output only. The CRL sequence number that appears in pem_crl. - readOnly: true - type: string - format: int64 - revokedCertificates: - description: Output only. The revoked serial numbers that appear in pem_crl. - readOnly: true - type: array - items: - $ref: '#/components/schemas/RevokedCertificate' - pemCrl: - description: Output only. The PEM-encoded X.509 CRL. - readOnly: true - type: string - accessUrl: - description: Output only. The location where 'pem_crl' can be accessed. - readOnly: true - type: string - state: - description: Output only. The State for this CertificateRevocationList. - readOnly: true - type: string - enumDescriptions: - - Not specified. - - The CertificateRevocationList is up to date. - - The CertificateRevocationList is no longer current. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - SUPERSEDED - createTime: - description: >- - Output only. The time at which this CertificateRevocationList was - created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. The time at which this CertificateRevocationList was - updated. - readOnly: true - type: string - format: google-datetime - revisionId: - description: >- - Output only. The revision ID of this CertificateRevocationList. A - new revision is committed whenever a new CRL is published. The - format is an 8-character hexadecimal string. - readOnly: true - type: string - labels: - description: Optional. Labels with user-defined metadata. - type: object - additionalProperties: - type: string - RevokedCertificate: - id: RevokedCertificate - description: Describes a revoked Certificate. - type: object - properties: - certificate: - description: >- - The resource name for the Certificate in the format - `projects/*/locations/*/caPools/*/certificates/*`. - type: string - hexSerialNumber: - description: The serial number of the Certificate. - type: string - revocationReason: - description: The reason the Certificate was revoked. - type: string - enumDescriptions: - - >- - Default unspecified value. This value does indicate that a - Certificate has been revoked, but that a reason has not been - recorded. - - Key material for this Certificate may have leaked. - - >- - The key material for a certificate authority in the issuing path - may have leaked. - - The subject or other attributes in this Certificate have changed. - - This Certificate has been superseded. - - >- - This Certificate or entities in the issuing path have ceased to - operate. - - >- - This Certificate should not be considered valid, it is expected - that it may become valid in the future. - - >- - This Certificate no longer has permission to assert the listed - attributes. - - >- - The authority which determines appropriate attributes for a - Certificate may have been compromised. - enum: - - REVOCATION_REASON_UNSPECIFIED - - KEY_COMPROMISE - - CERTIFICATE_AUTHORITY_COMPROMISE - - AFFILIATION_CHANGED - - SUPERSEDED - - CESSATION_OF_OPERATION - - CERTIFICATE_HOLD - - PRIVILEGE_WITHDRAWN - - ATTRIBUTE_AUTHORITY_COMPROMISE - ListCertificateRevocationListsResponse: - id: ListCertificateRevocationListsResponse description: >- - Response message for - CertificateAuthorityService.ListCertificateRevocationLists. + Describes a set of X.509 extensions that may be part of some certificate + issuance controls. + id: CertificateExtensionConstraints + CertificateDescription: type: object properties: - certificateRevocationLists: - description: The list of CertificateRevocationLists. - type: array - items: - $ref: '#/components/schemas/CertificateRevocationList' - nextPageToken: - description: >- - A token to retrieve next page of results. Pass this value in - ListCertificateRevocationListsRequest.page_token to retrieve the - next page of results. - type: string - unreachable: - description: A list of locations (e.g. "us-west1") that could not be reached. - type: array + aiaIssuingCertificateUrls: items: type: string - CertificateTemplate: - id: CertificateTemplate - description: >- - A CertificateTemplate refers to a managed template for certificate - issuance. - type: object - properties: - name: - description: >- - Identifier. The resource name for this CertificateTemplate in the - format `projects/*/locations/*/certificateTemplates/*`. - type: string - maximumLifetime: + type: array description: >- - Optional. The maximum lifetime allowed for issued Certificates that - use this template. If the issuing CaPool resource's IssuancePolicy - specifies a maximum_lifetime the minimum of the two durations will - be the maximum lifetime for issued Certificates. Note that if the - issuing CertificateAuthority expires before a Certificate's - requested maximum_lifetime, the effective lifetime will be - explicitly truncated to match it. + Describes lists of issuer CA certificate URLs that appear in the + "Authority Information Access" extension in the certificate. + tbsCertificateDigest: type: string - format: google-duration - predefinedValues: description: >- - Optional. A set of X.509 values that will be applied to all issued - certificates that use this template. If the certificate request - includes conflicting values for the same properties, they will be - overwritten by the values defined here. If the issuing CaPool's - IssuancePolicy defines conflicting baseline_values for the same - properties, the certificate issuance request will fail. + The hash of the pre-signed certificate, which will be signed by the + CA. Corresponds to the TBS Certificate in + https://tools.ietf.org/html/rfc5280#section-4.1.2. The field will + always be populated. + x509Description: + description: Describes some of the technical X.509 fields in a certificate. $ref: '#/components/schemas/X509Parameters' - identityConstraints: + subjectKeyId: description: >- - Optional. Describes constraints on identities that may be appear in - Certificates issued using this template. If this is omitted, then - this template will not add restrictions on a certificate's identity. - $ref: '#/components/schemas/CertificateIdentityConstraints' - passthroughExtensions: + Provides a means of identifiying certificates that contain a + particular public key, per + https://tools.ietf.org/html/rfc5280#section-4.2.1.2. + $ref: '#/components/schemas/KeyId' + authorityKeyId: description: >- - Optional. Describes the set of X.509 extensions that may appear in a - Certificate issued using this CertificateTemplate. If a certificate - request sets extensions that don't appear in the - passthrough_extensions, those extensions will be dropped. If the - issuing CaPool's IssuancePolicy defines baseline_values that don't - appear here, the certificate issuance request will fail. If this is - omitted, then this template will not add restrictions on a - certificate's X.509 extensions. These constraints do not apply to - X.509 extensions set in this CertificateTemplate's - predefined_values. - $ref: '#/components/schemas/CertificateExtensionConstraints' - description: + Identifies the subject_key_id of the parent certificate, per + https://tools.ietf.org/html/rfc5280#section-4.2.1.1 + $ref: '#/components/schemas/KeyId' + subjectDescription: + $ref: '#/components/schemas/SubjectDescription' description: >- - Optional. A human-readable description of scenarios this template is - intended for. - type: string - createTime: - description: Output only. The time at which this CertificateTemplate was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time at which this CertificateTemplate was updated. - readOnly: true - type: string - format: google-datetime - labels: - description: Optional. Labels with user-defined metadata. - type: object - additionalProperties: + Describes some of the values in a certificate that are related to + the subject and lifetime. + certFingerprint: + $ref: '#/components/schemas/CertificateFingerprint' + description: The hash of the x.509 certificate. + crlDistributionPoints: + items: type: string + description: >- + Describes a list of locations to obtain CRL information, i.e. the + DistributionPoint.fullName described by + https://tools.ietf.org/html/rfc5280#section-4.2.1.13 + type: array + publicKey: + $ref: '#/components/schemas/PublicKey' + description: The public key that corresponds to an issued certificate. + description: >- + A CertificateDescription describes an X.509 certificate or CSR that has + been issued, as an alternative to using ASN.1 / X.509. + id: CertificateDescription ListCertificateTemplatesResponse: - id: ListCertificateTemplatesResponse description: >- Response message for CertificateAuthorityService.ListCertificateTemplates. - type: object + id: ListCertificateTemplatesResponse properties: + unreachable: + type: array + description: A list of locations (e.g. "us-west1") that could not be reached. + items: + type: string certificateTemplates: - description: The list of CertificateTemplates. type: array + description: The list of CertificateTemplates. items: $ref: '#/components/schemas/CertificateTemplate' nextPageToken: + type: string description: >- A token to retrieve next page of results. Pass this value in ListCertificateTemplatesRequest.page_token to retrieve the next page of results. - type: string - unreachable: - description: A list of locations (e.g. "us-west1") that could not be reached. - type: array - items: - type: string - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. type: object + Empty: + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: Empty + properties: {} + type: object + UndeleteCertificateAuthorityRequest: + description: >- + Request message for + CertificateAuthorityService.UndeleteCertificateAuthority. + type: object + id: UndeleteCertificateAuthorityRequest properties: - policy: + requestId: + type: string description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: + Optional. An ID to identify requests. Specify a unique request ID so + that if you must retry your request, the server will know to ignore + the request if it has already been completed. The server will + guarantee that for at least 60 minutes since the first request. For + example, consider a situation where you make an initial request and + the request times out. If you make the request again with the same + request ID, the server can check if original operation with the same + request ID was received, and if so, will ignore the second request. + This prevents clients from accidentally creating duplicate + commitments. The request ID must be a valid UUID with the exception + that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). + EcKeyType: + properties: + signatureAlgorithm: + enumDescriptions: + - Not specified. Signifies that any signature algorithm may be used. + - >- + Refers to the Elliptic Curve Digital Signature Algorithm over the + NIST P-256 curve. + - >- + Refers to the Elliptic Curve Digital Signature Algorithm over the + NIST P-384 curve. + - >- + Refers to the Edwards-curve Digital Signature Algorithm over curve + 25519, as described in RFC 8410. description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` + Optional. A signature algorithm that must be used. If this is + omitted, any EC-based signature algorithm will be allowed. + enum: + - EC_SIGNATURE_ALGORITHM_UNSPECIFIED + - ECDSA_P256 + - ECDSA_P384 + - EDDSA_25519 type: string - format: google-fieldmask - Policy: - id: Policy + type: object description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + Describes an Elliptic Curve key that may be used in a Certificate issued + from a CaPool. + id: EcKeyType + ExtendedKeyUsageOptions: type: object + description: >- + KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain + common OIDs that could be specified as an extended key usage value. properties: - version: + timeStamping: + description: >- + Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as + "Binding the hash of an object to a time". + type: boolean + ocspSigning: + type: boolean + description: >- + Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as + "Signing OCSP responses". + clientAuth: + description: >- + Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS + WWW client authentication", though regularly used for non-WWW TLS. + type: boolean + codeSigning: description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as + "Signing of downloadable executable code client authentication". + type: boolean + emailProtection: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array + Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email + protection". + type: boolean + serverAuth: + type: boolean + description: >- + Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS + WWW server authentication", though regularly used for non-WWW TLS. + id: ExtendedKeyUsageOptions + RelativeDistinguishedName: + type: object + properties: + attributes: + description: Attributes describes the attribute value assertions in the RDN. items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. + $ref: '#/components/schemas/AttributeTypeAndValue' type: array + id: RelativeDistinguishedName + description: >- + RelativeDistinguishedName specifies a relative distinguished name which + will be used to build a distinguished name. + SubordinateConfigChain: + type: object + id: SubordinateConfigChain + properties: + pemCertificates: items: - $ref: '#/components/schemas/AuditConfig' - etag: + type: string description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte + Required. Expected to be in leaf-to-root order according to RFC + 5246. + type: array + description: >- + This message describes a subordinate CA's issuer certificate chain. This + wrapper exists for compatibility reasons. + KeyUsageOptions: + properties: + keyEncipherment: + description: The key may be used to encipher other keys. + type: boolean + dataEncipherment: + description: The key may be used to encipher data. + type: boolean + digitalSignature: + description: The key may be used for digital signatures. + type: boolean + decipherOnly: + description: The key may be used to decipher only. + type: boolean + contentCommitment: + description: >- + The key may be used for cryptographic commitments. Note that this + may also be referred to as "non-repudiation". + type: boolean + keyAgreement: + type: boolean + description: The key may be used in a key agreement protocol. + encipherOnly: + description: The key may be used to encipher only. + type: boolean + certSign: + type: boolean + description: The key may be used to sign certificates. + crlSign: + type: boolean + description: The key may be used sign certificate revocation lists. + type: object + description: >- + KeyUsage.KeyUsageOptions corresponds to the key usage values described + in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. + id: KeyUsageOptions Binding: id: Binding - description: Associates `members`, or principals, with a `role`. type: object + description: Associates `members`, or principals, with a `role`. properties: role: + type: string description: >- Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an @@ -2260,7 +2319,6 @@ components: documentation](https://cloud.google.com/iam/docs/roles-overview). For a list of the available pre-defined roles, see [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string members: description: >- Specifies the principals requesting access for a Google Cloud @@ -2325,6 +2383,7 @@ components: items: type: string condition: + $ref: '#/components/schemas/Expr' description: >- The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current @@ -2334,199 +2393,137 @@ components: in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - AuditConfig: - id: AuditConfig + UserDefinedAccessUrls: + id: UserDefinedAccessUrls description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + User-defined URLs for accessing content published by this + CertificateAuthority. type: object properties: - service: + crlAccessUrls: + items: + type: string description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. + Optional. A list of URLs where to obtain CRL information, i.e. the + DistributionPoint.fullName described by + https://tools.ietf.org/html/rfc5280#section-4.2.1.13. If specified, + the default Cloud Storage URLs will be omitted. + type: array + aiaIssuingCertificateUrls: type: array items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - type: object + type: string + description: >- + Optional. A list of URLs where the issuer CA certificate may be + downloaded, which appears in the "Authority Information Access" + extension in the certificate. If specified, the default Cloud + Storage URLs will be omitted. + Location: properties: - logType: - description: The log type that this config enables. - type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: + metadata: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: + Service-specific metadata. For example the available capacity at the + given location. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + labels: + additionalProperties: type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. + type: object + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + locationId: + type: string + description: 'The canonical id for this location. For example: `"us-east1"`.' + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + name: + type: string + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` type: object + description: A resource that represents a Google Cloud location. + id: Location + SubordinateConfig: + id: SubordinateConfig + description: >- + Describes a subordinate CA's issuers. This is either a resource name to + a known issuing CertificateAuthority, or a PEM issuer certificate chain. properties: - permissions: + certificateAuthority: + type: string description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. + Required. This can refer to a CertificateAuthority that was used to + create a subordinate CertificateAuthority. This field is used for + information and usability purposes only. The resource name is in the + format `projects/*/locations/*/caPools/*/certificateAuthorities/*`. + pemIssuerChain: + $ref: '#/components/schemas/SubordinateConfigChain' + description: >- + Required. Contains the PEM certificate chain for the issuers of this + CertificateAuthority, but not pem certificate for this CA itself. type: object + CertChain: + id: CertChain properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. + certificates: + description: The certificates that form the CA chain, from leaf to root order. type: array items: type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - target: - description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true - type: string - requestedCancellation: - description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have google.longrunning.Operation.error value with a - google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string - ReconciliationOperationMetadata: - id: ReconciliationOperationMetadata - description: >- - Operation metadata returned by the CLH during resource state - reconciliation. + EncryptionSpec: type: object + description: The configuration used for encrypting data at rest. + id: EncryptionSpec properties: - deleteResource: - description: DEPRECATED. Use exclusive_action instead. - deprecated: true - type: boolean - exclusiveAction: - description: Excluisive action returned by the CLH. + cloudKmsKey: + description: >- + The resource name for a Cloud KMS key in the format + `projects/*/locations/*/keyRings/*/cryptoKeys/*`. type: string - enumDescriptions: - - Unknown repair action. - - >- - The resource has to be deleted. When using this bit, the CLH - should fail the operation. DEPRECATED. Instead use DELETE_RESOURCE - OperationSignal in SideChannel. - - >- - This resource could not be repaired but the repair should be tried - again at a later time. This can happen if there is a dependency - that needs to be resolved first- e.g. if a parent resource must be - repaired before a child resource. - enumDeprecated: - - false - - true - - false - enum: - - UNKNOWN_REPAIR_ACTION - - DELETE - - RETRY parameters: + callback: + description: JSONP + in: query + name: callback + schema: + type: string access_token: description: OAuth access token. in: query name: access_token schema: type: string - alt: - description: Data format for response. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: alt + name: upload_protocol schema: type: string - enum: - - json - - media - - proto - callback: - description: JSONP + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: callback + name: oauth_token schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + _.xgafv: + description: V1 error format. in: query - name: fields + name: $.xgafv schema: type: string + enum: + - '1' + - '2' key: description: >- API key. Your API key identifies your project and provides you with API @@ -2536,18 +2533,34 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: oauth_token + name: uploadType + schema: + type: string + alt: + description: Data format for response. + in: query + name: alt schema: type: string + enum: + - json + - media + - proto prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -2557,206 +2570,76 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - _.xgafv: - description: V1 error format. - in: query - name: $.xgafv - schema: - type: string - enum: - - '1' - - '2' x-stackQL-resources: locations: id: google.privateca.locations name: locations title: Locations methods: - list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations - get: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - operations: - id: google.privateca.operations - name: operations - title: Operations - methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - cancel: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' - insert: [] - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - ca_pools: - id: google.privateca.ca_pools - name: ca_pools - title: Ca_pools - methods: - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.caPools - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/ca_pools/methods/get' - - $ref: '#/components/x-stackQL-resources/ca_pools/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/ca_pools/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/ca_pools/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/ca_pools/methods/delete' - ca_pools_ca_certs: - id: google.privateca.ca_pools_ca_certs - name: ca_pools_ca_certs - title: Ca_pools_ca_certs - methods: - fetch_ca_certs: + get: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}:fetchCaCerts/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.locations sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/ca_pools_ca_certs/methods/fetch_ca_certs + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' insert: [] update: [] replace: [] delete: [] - ca_pools_iam_policies: - id: google.privateca.ca_pools_iam_policies - name: ca_pools_iam_policies - title: Ca_pools_iam_policies + operations: + id: google.privateca.operations + name: operations + title: Operations methods: - set_iam_policy: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.operations sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/ca_pools_iam_policies/methods/get_iam_policy + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/ca_pools_iam_policies/methods/set_iam_policy - delete: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' certificates: id: google.privateca.certificates name: certificates @@ -2777,17 +2660,17 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.certificates - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificates~1{certificatesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificates~1{certificatesId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificates~1{certificatesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificates~1{certificatesId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -2813,10 +2696,10 @@ components: name: certificate_authorities title: Certificate_authorities methods: - activate: + undelete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}:activate/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}:undelete/post response: mediaType: application/json openAPIDocKey: '200' @@ -2835,61 +2718,61 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.certificateAuthorities - disable: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}:disable/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}/delete response: mediaType: application/json openAPIDocKey: '200' - enable: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}:enable/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}/get response: mediaType: application/json openAPIDocKey: '200' - fetch: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}:fetch/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}/patch response: mediaType: application/json openAPIDocKey: '200' - get: + fetch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}:fetch/get response: mediaType: application/json openAPIDocKey: '200' - delete: + disable: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}:disable/post response: mediaType: application/json openAPIDocKey: '200' - patch: + activate: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}:activate/post response: mediaType: application/json openAPIDocKey: '200' - undelete: + enable: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}:undelete/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}:enable/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/certificate_authorities/methods/fetch - $ref: >- #/components/x-stackQL-resources/certificate_authorities/methods/get + - $ref: >- + #/components/x-stackQL-resources/certificate_authorities/methods/fetch - $ref: >- #/components/x-stackQL-resources/certificate_authorities/methods/list insert: @@ -2907,13 +2790,14 @@ components: name: certificate_revocation_lists title: Certificate_revocation_lists methods: - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}~1certificateRevocationLists~1{certificateRevocationListsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}~1certificateRevocationLists/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.certificateRevocationLists patch: operation: $ref: >- @@ -2921,14 +2805,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}~1certificateRevocationLists/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}~1certificateRevocationLists~1{certificateRevocationListsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.certificateRevocationLists sqlVerbs: select: - $ref: >- @@ -2946,21 +2829,21 @@ components: name: certificate_revocation_lists_iam_policies title: Certificate_revocation_lists_iam_policies methods: - set_iam_policy: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}~1certificateRevocationLists~1{certificateRevocationListsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}~1certificateRevocationLists~1{certificateRevocationListsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}~1certificateRevocationLists~1{certificateRevocationListsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}~1certificateAuthorities~1{certificateAuthoritiesId}~1certificateRevocationLists~1{certificateRevocationListsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings test_iam_permissions: operation: $ref: >- @@ -2978,33 +2861,120 @@ components: - $ref: >- #/components/x-stackQL-resources/certificate_revocation_lists_iam_policies/methods/set_iam_policy delete: [] - certificate_templates: - id: google.privateca.certificate_templates - name: certificate_templates - title: Certificate_templates + ca_pools_iam_policies: + id: google.privateca.ca_pools_iam_policies + name: ca_pools_iam_policies + title: Ca_pools_iam_policies methods: - create: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificateTemplates/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/ca_pools_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/ca_pools_iam_policies/methods/set_iam_policy + delete: [] + ca_pools: + id: google.privateca.ca_pools + name: ca_pools + title: Ca_pools + methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificateTemplates/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.caPools + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools/post + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.certificateTemplates delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificateTemplates~1{certificateTemplatesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/ca_pools/methods/get' + - $ref: '#/components/x-stackQL-resources/ca_pools/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/ca_pools/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/ca_pools/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/ca_pools/methods/delete' + ca_pools_ca_certs: + id: google.privateca.ca_pools_ca_certs + name: ca_pools_ca_certs + title: Ca_pools_ca_certs + methods: + fetch_ca_certs: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1caPools~1{caPoolsId}:fetchCaCerts/post response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/ca_pools_ca_certs/methods/fetch_ca_certs + insert: [] + update: [] + replace: [] + delete: [] + certificate_templates: + id: google.privateca.certificate_templates + name: certificate_templates + title: Certificate_templates + methods: get: operation: $ref: >- @@ -3019,6 +2989,28 @@ components: response: mediaType: application/json openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificateTemplates~1{certificateTemplatesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificateTemplates/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificateTemplates/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.certificateTemplates sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/certificate_templates/methods/get' @@ -3039,21 +3031,21 @@ components: name: certificate_templates_iam_policies title: Certificate_templates_iam_policies methods: - set_iam_policy: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificateTemplates~1{certificateTemplatesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificateTemplates~1{certificateTemplatesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificateTemplates~1{certificateTemplatesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1certificateTemplates~1{certificateTemplatesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings test_iam_permissions: operation: $ref: >- @@ -3072,59 +3064,19 @@ components: #/components/x-stackQL-resources/certificate_templates_iam_policies/methods/set_iam_policy delete: [] paths: - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - get: - description: Lists information about the supported locations for this service. - operationId: privateca.projects.locations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListLocationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 get: description: Gets information about a location. operationId: privateca.projects.locations.get @@ -3151,13 +3103,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + /v1/projects/{projectsId}/locations: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: privateca.projects.locations.operations.list + description: Lists information about the supported locations for this service. + operationId: privateca.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3169,39 +3119,49 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: extraLocationTypes schema: type: string - in: query name: filter schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: privateca.projects.locations.operations.get + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: privateca.projects.locations.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3213,7 +3173,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -3230,6 +3190,8 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 delete: description: >- Deletes a long-running operation. This method indicates that the client @@ -3265,25 +3227,12 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: privateca.projects.locations.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: privateca.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3295,7 +3244,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3312,16 +3261,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/caPools: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 - post: - description: Create a CaPool. - operationId: privateca.projects.locations.caPools.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CaPool' + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: privateca.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3333,7 +3279,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -3346,37 +3292,15 @@ paths: schema: type: string - in: query - name: caPoolId + name: filter schema: type: string - in: query - name: requestId - schema: - type: string - get: - description: Lists CaPools. - operationId: privateca.projects.locations.caPools.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListCaPoolsResponse' - parameters: - - in: path - name: projectsId - required: true + name: returnPartialSuccess schema: - type: string - - in: path - name: locationsId - required: true + type: boolean + - in: query + name: pageToken schema: type: string - in: query @@ -3384,28 +3308,18 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}: + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificates: parameters: *ref_1 - patch: - description: Update a CaPool. - operationId: privateca.projects.locations.caPools.patch + post: + description: >- + Create a new Certificate in a given Project, Location from a particular + CaPool. + operationId: privateca.projects.locations.caPools.certificates.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/CaPool' + $ref: '#/components/schemas/Certificate' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3417,7 +3331,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Certificate' parameters: - in: path name: projectsId @@ -3435,17 +3349,24 @@ paths: schema: type: string - in: query - name: updateMask + name: certificateId + schema: + type: string + - in: query + name: issuingCertificateAuthorityId schema: type: string - format: google-fieldmask - in: query name: requestId schema: type: string + - in: query + name: validateOnly + schema: + type: boolean get: - description: Returns a CaPool. - operationId: privateca.projects.locations.caPools.get + description: Lists Certificates. + operationId: privateca.projects.locations.caPools.certificates.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3457,7 +3378,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CaPool' + $ref: '#/components/schemas/ListCertificatesResponse' parameters: - in: path name: projectsId @@ -3474,9 +3395,35 @@ paths: required: true schema: type: string - delete: - description: Delete a CaPool. - operationId: privateca.projects.locations.caPools.delete + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificates/{certificatesId}: + parameters: *ref_1 + patch: + description: >- + Update a Certificate. Currently, the only field you can update is the + labels field. + operationId: privateca.projects.locations.caPools.certificates.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Certificate' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3488,7 +3435,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Certificate' parameters: - in: path name: projectsId @@ -3505,27 +3452,23 @@ paths: required: true schema: type: string + - in: path + name: certificatesId + required: true + schema: + type: string - in: query name: requestId schema: type: string - in: query - name: ignoreDependentResources + name: updateMask schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}:fetchCaCerts: - parameters: *ref_1 - post: - description: >- - FetchCaCerts returns the current trust anchor for the CaPool. This will - include CA certificate chains for all certificate authorities in the - ENABLED, DISABLED, or STAGED states. - operationId: privateca.projects.locations.caPools.fetchCaCerts - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/FetchCaCertsRequest' + type: string + format: google-fieldmask + get: + description: Returns a Certificate. + operationId: privateca.projects.locations.caPools.certificates.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3537,7 +3480,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchCaCertsResponse' + $ref: '#/components/schemas/Certificate' parameters: - in: path name: projectsId @@ -3554,19 +3497,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}:setIamPolicy: + - in: path + name: certificatesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificates/{certificatesId}:revoke: parameters: *ref_1 post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: privateca.projects.locations.caPools.setIamPolicy + description: Revoke a Certificate. + operationId: privateca.projects.locations.caPools.certificates.revoke requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/RevokeCertificateRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3578,7 +3523,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Certificate' parameters: - in: path name: projectsId @@ -3595,13 +3540,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}:getIamPolicy: + - in: path + name: certificatesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}:undelete: parameters: *ref_1 - get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: privateca.projects.locations.caPools.getIamPolicy + post: + description: Undelete a CertificateAuthority that has been deleted. + operationId: privateca.projects.locations.caPools.certificateAuthorities.undelete + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UndeleteCertificateAuthorityRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3613,7 +3566,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3630,26 +3583,21 @@ paths: required: true schema: type: string - - in: query - name: options.requestedPolicyVersion + - in: path + name: certificateAuthoritiesId + required: true schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}:testIamPermissions: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities: parameters: *ref_1 post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: privateca.projects.locations.caPools.testIamPermissions + description: Create a new CertificateAuthority in a given Project and Location. + operationId: privateca.projects.locations.caPools.certificateAuthorities.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/CertificateAuthority' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3661,7 +3609,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3678,18 +3626,17 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificates: - parameters: *ref_1 - post: - description: >- - Create a new Certificate in a given Project, Location from a particular - CaPool. - operationId: privateca.projects.locations.caPools.certificates.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Certificate' + - in: query + name: requestId + schema: + type: string + - in: query + name: certificateAuthorityId + schema: + type: string + get: + description: Lists CertificateAuthorities. + operationId: privateca.projects.locations.caPools.certificateAuthorities.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3701,7 +3648,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Certificate' + $ref: '#/components/schemas/ListCertificateAuthoritiesResponse' parameters: - in: path name: projectsId @@ -3719,24 +3666,27 @@ paths: schema: type: string - in: query - name: certificateId + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: requestId + name: orderBy schema: type: string - in: query - name: validateOnly + name: filter schema: - type: boolean + type: string - in: query - name: issuingCertificateAuthorityId + name: pageToken schema: type: string - get: - description: Lists Certificates. - operationId: privateca.projects.locations.caPools.certificates.list + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}: + parameters: *ref_1 + delete: + description: Delete a CertificateAuthority. + operationId: privateca.projects.locations.caPools.certificateAuthorities.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3748,7 +3698,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListCertificatesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3765,28 +3715,30 @@ paths: required: true schema: type: string + - in: path + name: certificateAuthoritiesId + required: true + schema: + type: string - in: query - name: pageSize + name: ignoreActiveCertificates schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: skipGracePeriod schema: - type: string + type: boolean - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: ignoreDependentResources schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificates/{certificatesId}: - parameters: *ref_1 + type: boolean get: - description: Returns a Certificate. - operationId: privateca.projects.locations.caPools.certificates.get + description: Returns a CertificateAuthority. + operationId: privateca.projects.locations.caPools.certificateAuthorities.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3798,7 +3750,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Certificate' + $ref: '#/components/schemas/CertificateAuthority' parameters: - in: path name: projectsId @@ -3816,20 +3768,18 @@ paths: schema: type: string - in: path - name: certificatesId + name: certificateAuthoritiesId required: true schema: type: string patch: - description: >- - Update a Certificate. Currently, the only field you can update is the - labels field. - operationId: privateca.projects.locations.caPools.certificates.patch + description: Update a CertificateAuthority. + operationId: privateca.projects.locations.caPools.certificateAuthorities.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Certificate' + $ref: '#/components/schemas/CertificateAuthority' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3841,7 +3791,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Certificate' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3859,29 +3809,72 @@ paths: schema: type: string - in: path - name: certificatesId + name: certificateAuthoritiesId required: true schema: type: string + - in: query + name: requestId + schema: + type: string - in: query name: updateMask schema: type: string format: google-fieldmask - - in: query - name: requestId + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}:fetch: + parameters: *ref_1 + get: + description: >- + Fetch a certificate signing request (CSR) from a CertificateAuthority + that is in state AWAITING_USER_ACTIVATION and is of type SUBORDINATE. + The CSR must then be signed by the desired parent Certificate Authority, + which could be another CertificateAuthority resource, or could be an + on-prem certificate authority. See also ActivateCertificateAuthority. + operationId: privateca.projects.locations.caPools.certificateAuthorities.fetch + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/FetchCertificateAuthorityCsrResponse' + parameters: + - in: path + name: projectsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificates/{certificatesId}:revoke: + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: caPoolsId + required: true + schema: + type: string + - in: path + name: certificateAuthoritiesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}:disable: parameters: *ref_1 post: - description: Revoke a Certificate. - operationId: privateca.projects.locations.caPools.certificates.revoke + description: Disable a CertificateAuthority. + operationId: privateca.projects.locations.caPools.certificateAuthorities.disable requestBody: content: application/json: schema: - $ref: '#/components/schemas/RevokeCertificateRequest' + $ref: '#/components/schemas/DisableCertificateAuthorityRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3893,7 +3886,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Certificate' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3911,7 +3904,7 @@ paths: schema: type: string - in: path - name: certificatesId + name: certificateAuthoritiesId required: true schema: type: string @@ -3963,16 +3956,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities: + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}:enable: parameters: *ref_1 post: - description: Create a new CertificateAuthority in a given Project and Location. - operationId: privateca.projects.locations.caPools.certificateAuthorities.create + description: Enable a CertificateAuthority. + operationId: privateca.projects.locations.caPools.certificateAuthorities.enable requestBody: content: application/json: schema: - $ref: '#/components/schemas/CertificateAuthority' + $ref: '#/components/schemas/EnableCertificateAuthorityRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3996,22 +3989,22 @@ paths: required: true schema: type: string - - in: path - name: caPoolsId - required: true - schema: - type: string - - in: query - name: certificateAuthorityId + - in: path + name: caPoolsId + required: true schema: type: string - - in: query - name: requestId + - in: path + name: certificateAuthoritiesId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists: + parameters: *ref_1 get: - description: Lists CertificateAuthorities. - operationId: privateca.projects.locations.caPools.certificateAuthorities.list + description: Lists CertificateRevocationLists. + operationId: >- + privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4023,7 +4016,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListCertificateAuthoritiesResponse' + $ref: '#/components/schemas/ListCertificateRevocationListsResponse' parameters: - in: path name: projectsId @@ -4040,11 +4033,11 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: certificateAuthoritiesId + required: true schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: @@ -4057,16 +4050,22 @@ paths: name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}:disable: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists/{certificateRevocationListsId}: parameters: *ref_1 - post: - description: Disable a CertificateAuthority. - operationId: privateca.projects.locations.caPools.certificateAuthorities.disable + patch: + description: Update a CertificateRevocationList. + operationId: >- + privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/DisableCertificateAuthorityRequest' + $ref: '#/components/schemas/CertificateRevocationList' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4100,16 +4099,24 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}:enable: - parameters: *ref_1 - post: - description: Enable a CertificateAuthority. - operationId: privateca.projects.locations.caPools.certificateAuthorities.enable - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/EnableCertificateAuthorityRequest' + - in: path + name: certificateRevocationListsId + required: true + schema: + type: string + - in: query + name: requestId + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Returns a CertificateRevocationList. + operationId: >- + privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4121,7 +4128,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/CertificateRevocationList' parameters: - in: path name: projectsId @@ -4143,16 +4150,19 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}:fetch: + - in: path + name: certificateRevocationListsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists/{certificateRevocationListsId}:getIamPolicy: parameters: *ref_1 get: description: >- - Fetch a certificate signing request (CSR) from a CertificateAuthority - that is in state AWAITING_USER_ACTIVATION and is of type SUBORDINATE. - The CSR must then be signed by the desired parent Certificate Authority, - which could be another CertificateAuthority resource, or could be an - on-prem certificate authority. See also ActivateCertificateAuthority. - operationId: privateca.projects.locations.caPools.certificateAuthorities.fetch + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: >- + privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4164,7 +4174,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchCertificateAuthorityCsrResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -4186,11 +4196,30 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}: + - in: path + name: certificateRevocationListsId + required: true + schema: + type: string + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists/{certificateRevocationListsId}:setIamPolicy: parameters: *ref_1 - get: - description: Returns a CertificateAuthority. - operationId: privateca.projects.locations.caPools.certificateAuthorities.get + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: >- + privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4202,7 +4231,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CertificateAuthority' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -4224,9 +4253,27 @@ paths: required: true schema: type: string - delete: - description: Delete a CertificateAuthority. - operationId: privateca.projects.locations.caPools.certificateAuthorities.delete + - in: path + name: certificateRevocationListsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists/{certificateRevocationListsId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: >- + privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4238,7 +4285,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -4260,30 +4307,26 @@ paths: required: true schema: type: string - - in: query - name: requestId + - in: path + name: certificateRevocationListsId + required: true schema: type: string - - in: query - name: ignoreActiveCertificates - schema: - type: boolean - - in: query - name: skipGracePeriod - schema: - type: boolean - - in: query - name: ignoreDependentResources - schema: - type: boolean - patch: - description: Update a CertificateAuthority. - operationId: privateca.projects.locations.caPools.certificateAuthorities.patch + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: privateca.projects.locations.caPools.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/CertificateAuthority' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4295,7 +4338,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -4312,30 +4355,59 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/caPools: + parameters: *ref_1 + get: + description: Lists CaPools. + operationId: privateca.projects.locations.caPools.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListCaPoolsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: certificateAuthoritiesId + name: locationsId required: true schema: type: string - in: query - name: updateMask + name: orderBy schema: type: string - format: google-fieldmask - in: query - name: requestId + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}:undelete: - parameters: *ref_1 post: - description: Undelete a CertificateAuthority that has been deleted. - operationId: privateca.projects.locations.caPools.certificateAuthorities.undelete + description: Create a CaPool. + operationId: privateca.projects.locations.caPools.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/UndeleteCertificateAuthorityRequest' + $ref: '#/components/schemas/CaPool' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4359,22 +4431,19 @@ paths: required: true schema: type: string - - in: path - name: caPoolsId - required: true + - in: query + name: caPoolId schema: type: string - - in: path - name: certificateAuthoritiesId - required: true + - in: query + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists/{certificateRevocationListsId}: + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}: parameters: *ref_1 get: - description: Returns a CertificateRevocationList. - operationId: >- - privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.get + description: Returns a CaPool. + operationId: privateca.projects.locations.caPools.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4386,42 +4455,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CertificateRevocationList' + $ref: '#/components/schemas/CaPool' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: caPoolsId + name: projectsId required: true schema: type: string - in: path - name: certificateAuthoritiesId + name: locationsId required: true schema: type: string - in: path - name: certificateRevocationListsId + name: caPoolsId required: true schema: type: string patch: - description: Update a CertificateRevocationList. - operationId: >- - privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.patch + description: Update a CaPool. + operationId: privateca.projects.locations.caPools.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/CertificateRevocationList' + $ref: '#/components/schemas/CaPool' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4450,14 +4508,8 @@ paths: required: true schema: type: string - - in: path - name: certificateAuthoritiesId - required: true - schema: - type: string - - in: path - name: certificateRevocationListsId - required: true + - in: query + name: requestId schema: type: string - in: query @@ -4465,16 +4517,9 @@ paths: schema: type: string format: google-fieldmask - - in: query - name: requestId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists: - parameters: *ref_1 - get: - description: Lists CertificateRevocationLists. - operationId: >- - privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.list + delete: + description: Delete a CaPool. + operationId: privateca.projects.locations.caPools.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4486,7 +4531,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListCertificateRevocationListsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4503,37 +4548,22 @@ paths: required: true schema: type: string - - in: path - name: certificateAuthoritiesId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: ignoreDependentResources schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists/{certificateRevocationListsId}:setIamPolicy: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}:setIamPolicy: parameters: *ref_1 post: description: >- Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. - operationId: >- - privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.setIamPolicy + operationId: privateca.projects.locations.caPools.setIamPolicy requestBody: content: application/json: @@ -4567,24 +4597,13 @@ paths: required: true schema: type: string - - in: path - name: certificateAuthoritiesId - required: true - schema: - type: string - - in: path - name: certificateRevocationListsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists/{certificateRevocationListsId}:getIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}:getIamPolicy: parameters: *ref_1 get: description: >- Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. - operationId: >- - privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.getIamPolicy + operationId: privateca.projects.locations.caPools.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4613,37 +4632,24 @@ paths: required: true schema: type: string - - in: path - name: certificateAuthoritiesId - required: true - schema: - type: string - - in: path - name: certificateRevocationListsId - required: true - schema: - type: string - in: query name: options.requestedPolicyVersion schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists/{certificateRevocationListsId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}:fetchCaCerts: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: >- - privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.testIamPermissions + FetchCaCerts returns the current trust anchor for the CaPool. This will + include CA certificate chains for all certificate authorities in the + ENABLED, DISABLED, or STAGED states. + operationId: privateca.projects.locations.caPools.fetchCaCerts requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/FetchCaCertsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4655,7 +4661,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/FetchCaCertsResponse' parameters: - in: path name: projectsId @@ -4672,26 +4678,11 @@ paths: required: true schema: type: string - - in: path - name: certificateAuthoritiesId - required: true - schema: - type: string - - in: path - name: certificateRevocationListsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/certificateTemplates: + /v1/projects/{projectsId}/locations/{locationsId}/certificateTemplates/{certificateTemplatesId}: parameters: *ref_1 - post: - description: Create a new CertificateTemplate in a given Project and Location. - operationId: privateca.projects.locations.certificateTemplates.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CertificateTemplate' + get: + description: Returns a CertificateTemplate. + operationId: privateca.projects.locations.certificateTemplates.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4703,7 +4694,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/CertificateTemplate' parameters: - in: path name: projectsId @@ -4715,17 +4706,19 @@ paths: required: true schema: type: string - - in: query - name: certificateTemplateId - schema: - type: string - - in: query - name: requestId + - in: path + name: certificateTemplatesId + required: true schema: type: string - get: - description: Lists CertificateTemplates. - operationId: privateca.projects.locations.certificateTemplates.list + patch: + description: Update a CertificateTemplate. + operationId: privateca.projects.locations.certificateTemplates.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateTemplate' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4737,7 +4730,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListCertificateTemplatesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4749,25 +4742,20 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: certificateTemplatesId + required: true schema: type: string - in: query - name: filter + name: updateMask schema: type: string + format: google-fieldmask - in: query - name: orderBy + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/certificateTemplates/{certificateTemplatesId}: - parameters: *ref_1 delete: description: DeleteCertificateTemplate deletes a CertificateTemplate. operationId: privateca.projects.locations.certificateTemplates.delete @@ -4803,9 +4791,13 @@ paths: name: requestId schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/certificateTemplates/{certificateTemplatesId}:getIamPolicy: + parameters: *ref_1 get: - description: Returns a CertificateTemplate. - operationId: privateca.projects.locations.certificateTemplates.get + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: privateca.projects.locations.certificateTemplates.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4817,7 +4809,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CertificateTemplate' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -4834,9 +4826,16 @@ paths: required: true schema: type: string - patch: - description: Update a CertificateTemplate. - operationId: privateca.projects.locations.certificateTemplates.patch + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/certificateTemplates: + parameters: *ref_1 + post: + description: Create a new CertificateTemplate in a given Project and Location. + operationId: privateca.projects.locations.certificateTemplates.create requestBody: content: application/json: @@ -4865,33 +4864,17 @@ paths: required: true schema: type: string - - in: path - name: certificateTemplatesId - required: true - schema: - type: string - in: query - name: updateMask + name: certificateTemplateId schema: type: string - format: google-fieldmask - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/certificateTemplates/{certificateTemplatesId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: privateca.projects.locations.certificateTemplates.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + get: + description: Lists CertificateTemplates. + operationId: privateca.projects.locations.certificateTemplates.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4903,7 +4886,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListCertificateTemplatesResponse' parameters: - in: path name: projectsId @@ -4915,18 +4898,36 @@ paths: required: true schema: type: string - - in: path - name: certificateTemplatesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/certificateTemplates/{certificateTemplatesId}:getIamPolicy: + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/certificateTemplates/{certificateTemplatesId}:setIamPolicy: parameters: *ref_1 - get: + post: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: privateca.projects.locations.certificateTemplates.getIamPolicy + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: privateca.projects.locations.certificateTemplates.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4955,11 +4956,6 @@ paths: required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 /v1/projects/{projectsId}/locations/{locationsId}/certificateTemplates/{certificateTemplatesId}:testIamPermissions: parameters: *ref_1 post: diff --git a/providers/src/googleapis.com/v00.00.00000/services/prod_tt_sasportal.yaml b/providers/src/googleapis.com/v00.00.00000/services/prod_tt_sasportal.yaml index 3382876a..b3c1c4c7 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/prod_tt_sasportal.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/prod_tt_sasportal.yaml @@ -7,8 +7,8 @@ info: title: SAS Portal API (Testing) description: '' version: v1alpha1 - x-discovery-doc-revision: '20250826' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251207' + x-generated-date: '2025-12-10' externalDocs: url: https://developers.google.com/spectrum-access-system/ servers: @@ -22,10 +22,10 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 + https://www.googleapis.com/auth/sasportal: Read, create, update, and delete your SAS Portal data. https://www.googleapis.com/auth/cloud-platform: >- See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account. - https://www.googleapis.com/auth/sasportal: Read, create, update, and delete your SAS Portal data. Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -35,287 +35,273 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - SasPortalCustomer: - id: SasPortalCustomer - description: Entity representing a SAS customer. + SasPortalListLegacyOrganizationsResponse: + id: SasPortalListLegacyOrganizationsResponse type: object + description: >- + Response for [ListLegacyOrganizations]. + [spectrum.sas.portal.v1alpha1.Provisioning.ListLegacyOrganizations]. properties: - name: - description: Output only. Resource name of the customer. - type: string - displayName: - description: >- - Required. Name of the organization that the customer entity - represents. - type: string - sasUserIds: - description: User IDs used by the devices belonging to this customer. + organizations: + description: Optional. Legacy SAS organizations. type: array items: - type: string - SasPortalListCustomersResponse: - id: SasPortalListCustomersResponse - description: Response for `ListCustomers`. + $ref: '#/components/schemas/SasPortalOrganization' + SasPortalSetPolicyRequest: type: object properties: - customers: - description: The list of customers that match the request. - type: array - items: - $ref: '#/components/schemas/SasPortalCustomer' - nextPageToken: + disableNotification: + type: boolean description: >- - A pagination token returned from a previous call to ListCustomers - that indicates from where listing should continue. If the field is - missing or empty, it means there are no more customers. + Optional. Set the field as `true` to disable the onboarding + notification. + policy: + $ref: '#/components/schemas/SasPortalPolicy' + description: Required. The policy to be applied to the `resource`. + resource: + description: >- + Required. The resource for which the policy is being specified. This + policy replaces any existing policy. type: string - SasPortalListGcpProjectDeploymentsResponse: - id: SasPortalListGcpProjectDeploymentsResponse - description: Response for [ListGcpProjectDeployments]. - type: object - properties: - deployments: - description: Optional. Deployments associated with the GCP project - type: array - items: - $ref: '#/components/schemas/SasPortalGcpProjectDeployment' - SasPortalGcpProjectDeployment: - id: SasPortalGcpProjectDeployment - description: >- - Deployment associated with the GCP project. Includes whether SAS - analytics has been enabled or not. - type: object - properties: - hasEnabledAnalytics: - description: Whether SAS analytics has been enabled. - type: boolean - deployment: - description: Deployment associated with the GCP project. - $ref: '#/components/schemas/SasPortalDeployment' + description: Request message for `SetPolicy` method. + id: SasPortalSetPolicyRequest SasPortalDeployment: - id: SasPortalDeployment description: The Deployment. - type: object properties: name: description: Output only. Resource name. readOnly: true type: string - displayName: - description: The deployment's display name. - type: string - sasUserIds: - description: >- - User ID used by the devices belonging to this deployment. Each - deployment should be associated with one unique user ID. + frns: type: array + readOnly: true items: type: string - frns: description: >- Output only. The FCC Registration Numbers (FRNs) copied from its direct parent. - readOnly: true + sasUserIds: type: array + description: >- + User ID used by the devices belonging to this deployment. Each + deployment should be associated with one unique user ID. items: type: string - SasPortalProvisionDeploymentRequest: - id: SasPortalProvisionDeploymentRequest - description: >- - Request for [ProvisionDeployment]. - [spectrum.sas.portal.v1alpha1.Provisioning.ProvisionDeployment]. GCP - Project, Organization Info, and caller’s GAIA ID should be retrieved - from the RPC handler, and used as inputs to create a new SAS - organization (if not exists) and a new SAS deployment. + displayName: + type: string + description: The deployment's display name. + id: SasPortalDeployment type: object + SasPortalSignDeviceRequest: properties: - newOrganizationDisplayName: + device: + $ref: '#/components/schemas/SasPortalDevice' description: >- - Optional. If this field is set, and a new SAS Portal Organization - needs to be created, its display name will be set to the value of - this field. + Required. The device to sign. The device fields name, fcc_id and + serial_number must be set. The user_id field must be set. + description: Request for SignDevice. + type: object + id: SasPortalSignDeviceRequest + SasPortalDeviceMetadata: + id: SasPortalDeviceMetadata + description: Device data overridable by both SAS Portal and registration requests. + type: object + properties: + antennaModel: + description: >- + If populated, the Antenna Model Pattern to use. Format is: + `RecordCreatorId:PatternId` + type: string + nrqzValidation: + readOnly: true + $ref: '#/components/schemas/SasPortalNrqzValidation' + description: Output only. National Radio Quiet Zone validation info. + interferenceCoordinationGroup: type: string - newDeploymentDisplayName: description: >- - Optional. If this field is set, and a new SAS Portal Deployment - needs to be created, its display name will be set to the value of - this field. + Interference Coordination Group (ICG). A group of CBSDs that manage + their own interference with the group. For more details, see + [CBRSA-TS-2001 + V3.0.0](https://ongoalliance.org/wp-content/uploads/2020/02/CBRSA-TS-2001-V3.0.0_Approved-for-publication.pdf). + commonChannelGroup: + description: >- + Common Channel Group (CCG). A group of CBSDs in the same ICG + requesting a common primary channel assignment. For more details, + see [CBRSA-TS-2001 + V3.0.0](https://ongoalliance.org/wp-content/uploads/2020/02/CBRSA-TS-2001-V3.0.0_Approved-for-publication.pdf). type: string - organizationId: + nrqzValidated: description: >- - Optional. If this field is set then a new deployment will be created - under the organization specified by this id. + Output only. Set to `true` if a CPI has validated that they have + coordinated with the National Quiet Zone office. + type: boolean + deprecated: true + readOnly: true + SasPortalAssignment: + id: SasPortalAssignment + properties: + role: + description: Required. Role that is assigned to `members`. type: string - format: int64 - SasPortalProvisionDeploymentResponse: - id: SasPortalProvisionDeploymentResponse + members: + description: >- + The identities the role is assigned to. It can have the following + values: * `{user_email}`: An email address that represents a + specific Google account. For example: `alice@gmail.com`. * + `{group_email}`: An email address that represents a Google group. + For example, `viewers@gmail.com`. + type: array + items: + type: string + description: Associates `members` with a `role`. + type: object + SasPortalStatus: + id: SasPortalStatus description: >- - Response for [ProvisionDeployment]. - [spectrum.sas.portal.v1alpha1.Provisioning.ProvisionDeployment]. + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + properties: + details: + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + type: array + message: + type: string + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + type: integer type: object + SasPortalTestPermissionsRequest: properties: - errorMessage: + permissions: + items: + type: string + description: The set of permissions to check for the `resource`. + type: array + resource: description: >- - Optional. Optional error message if the provisioning request is not - successful. + Required. The resource for which the permissions are being + requested. type: string - SasPortalListLegacyOrganizationsResponse: - id: SasPortalListLegacyOrganizationsResponse - description: >- - Response for [ListLegacyOrganizations]. - [spectrum.sas.portal.v1alpha1.Provisioning.ListLegacyOrganizations]. + description: Request message for `TestPermissions` method. + id: SasPortalTestPermissionsRequest type: object + SasPortalNode: properties: - organizations: - description: Optional. Legacy SAS organizations. + sasUserIds: type: array items: - $ref: '#/components/schemas/SasPortalOrganization' + type: string + description: User ids used by the devices belonging to this node. + name: + type: string + description: Output only. Resource name. + displayName: + description: The node's display name. + type: string + type: object + id: SasPortalNode + description: The Node. SasPortalOrganization: - id: SasPortalOrganization description: Organization details. - type: object properties: id: - description: Id of organization type: string + description: Id of organization format: int64 displayName: description: Name of organization type: string - SasPortalMigrateOrganizationRequest: - id: SasPortalMigrateOrganizationRequest - description: >- - Request for [MigrateOrganization]. - [spectrum.sas.portal.v1alpha1.Provisioning.MigrateOrganization]. GCP - Project, Organization Info, and caller's GAIA ID should be retrieved - from the RPC handler, and used to check authorization on SAS Portal - organization and to create GCP Projects. type: object + id: SasPortalOrganization + SasPortalListGcpProjectDeploymentsResponse: + description: Response for [ListGcpProjectDeployments]. properties: - organizationId: - description: Required. Id of the SAS organization to be migrated. - type: string - format: int64 - SasPortalOperation: - id: SasPortalOperation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + deployments: + items: + $ref: '#/components/schemas/SasPortalGcpProjectDeployment' + description: Optional. Deployments associated with the GCP project + type: array type: object + id: SasPortalListGcpProjectDeploymentsResponse + SasPortalChannelWithScore: properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/SasPortalStatus' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - SasPortalStatus: - id: SasPortalStatus + score: + type: number + description: The channel score, normalized to be in the range [0,100]. + format: double + frequencyRange: + $ref: '#/components/schemas/SasPortalFrequencyRange' + description: The frequency range of the channel. + type: object + description: The channel with score. + id: SasPortalChannelWithScore + SasPortalSetupSasAnalyticsResponse: description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + Response returned by the long running operation for the + SetupSasAnalytics rpc. + properties: {} + id: SasPortalSetupSasAnalyticsResponse type: object + SasPortalMoveDeviceRequest: properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + destination: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + Required. The name of the new parent resource node or customer to + reparent the device under. type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - SasPortalSetupSasAnalyticsRequest: - id: SasPortalSetupSasAnalyticsRequest - description: Request for the SetupSasAnalytics rpc. + type: object + description: Request for MoveDevice. + id: SasPortalMoveDeviceRequest + SasPortalGetPolicyRequest: + description: Request message for `GetPolicy` method. type: object properties: - userId: - description: >- - Optional. User id to setup analytics for, if not provided the user - id associated with the project is used. optional + resource: type: string + description: Required. The resource for which the policy is being requested. + id: SasPortalGetPolicyRequest + SasPortalGcpProjectDeployment: + type: object + id: SasPortalGcpProjectDeployment + description: >- + Deployment associated with the GCP project. Includes whether SAS + analytics has been enabled or not. + properties: + hasEnabledAnalytics: + description: Whether SAS analytics has been enabled. + type: boolean + deployment: + description: Deployment associated with the GCP project. + $ref: '#/components/schemas/SasPortalDeployment' SasPortalDevice: - id: SasPortalDevice type: object + id: SasPortalDevice properties: - name: - description: Output only. The resource path name. - type: string - fccId: - description: >- - The FCC identifier of the device. Refer to - https://www.fcc.gov/oet/ea/fccid for FccID format. Accept - underscores and periods because some test-SAS customers use them. - type: string - serialNumber: - description: A serial number assigned to the device by the device manufacturer. - type: string - preloadedConfig: - description: Configuration of the device, as specified via SAS Portal API. - $ref: '#/components/schemas/SasPortalDeviceConfig' - activeConfig: + grantRangeAllowlists: description: >- - Output only. Current configuration of the device as registered to - the SAS. - $ref: '#/components/schemas/SasPortalDeviceConfig' + Only ranges that are within the allowlists are available for new + grants. + type: array + items: + $ref: '#/components/schemas/SasPortalFrequencyRange' state: - description: Output only. Device state. - type: string enumDescriptions: - Unspecified state. - >- @@ -328,124 +314,194 @@ components: - RESERVED - REGISTERED - DEREGISTERED - grants: - description: Output only. Grants held by the device. - type: array - items: - $ref: '#/components/schemas/SasPortalDeviceGrant' + description: Output only. Device state. + type: string + activeConfig: + $ref: '#/components/schemas/SasPortalDeviceConfig' + description: >- + Output only. Current configuration of the device as registered to + the SAS. displayName: + type: string description: Device display name. + preloadedConfig: + description: Configuration of the device, as specified via SAS Portal API. + $ref: '#/components/schemas/SasPortalDeviceConfig' + name: type: string + description: Output only. The resource path name. deviceMetadata: + $ref: '#/components/schemas/SasPortalDeviceMetadata' description: >- Device parameters that can be overridden by both SAS Portal and SAS registration requests. - $ref: '#/components/schemas/SasPortalDeviceMetadata' currentChannels: - description: Output only. Current channels with scores. readOnly: true deprecated: true - type: array items: $ref: '#/components/schemas/SasPortalChannelWithScore' - grantRangeAllowlists: + description: Output only. Current channels with scores. + type: array + fccId: description: >- - Only ranges that are within the allowlists are available for new - grants. + The FCC identifier of the device. Refer to + https://www.fcc.gov/oet/ea/fccid for FccID format. Accept + underscores and periods because some test-SAS customers use them. + type: string + serialNumber: + description: A serial number assigned to the device by the device manufacturer. + type: string + grants: type: array + description: Output only. Grants held by the device. items: - $ref: '#/components/schemas/SasPortalFrequencyRange' - SasPortalDeviceConfig: - id: SasPortalDeviceConfig - description: Information about the device configuration. + $ref: '#/components/schemas/SasPortalDeviceGrant' + SasPortalGenerateSecretRequest: + id: SasPortalGenerateSecretRequest + type: object + properties: {} + description: Request for GenerateSecret. + SasPortalSetupSasAnalyticsMetadata: + properties: {} + description: >- + Metadata returned by the long running operation for the + SetupSasAnalytics rpc. type: object + id: SasPortalSetupSasAnalyticsMetadata + SasPortalMigrateOrganizationRequest: properties: - category: - description: FCC category of the device. - type: string - enumDescriptions: - - Unspecified device category. - - Category A. - - Category B. - enum: - - DEVICE_CATEGORY_UNSPECIFIED - - DEVICE_CATEGORY_A - - DEVICE_CATEGORY_B - model: - description: Information about this device model. - $ref: '#/components/schemas/SasPortalDeviceModel' - airInterface: - description: Information about this device's air interface. - $ref: '#/components/schemas/SasPortalDeviceAirInterface' - installationParams: - description: Installation parameters for the device. - $ref: '#/components/schemas/SasPortalInstallationParams' - measurementCapabilities: - description: Measurement reporting capabilities of the device. - type: array - items: - type: string - enumDescriptions: - - '' - - '' - - '' - enum: - - MEASUREMENT_CAPABILITY_UNSPECIFIED - - MEASUREMENT_CAPABILITY_RECEIVED_POWER_WITH_GRANT - - MEASUREMENT_CAPABILITY_RECEIVED_POWER_WITHOUT_GRANT - userId: - description: The identifier of a device user. - type: string - callSign: - description: The call sign of the device operator. - type: string - state: - description: State of the configuration. + organizationId: type: string - enumDescriptions: - - '' - - '' - - '' - enum: - - DEVICE_CONFIG_STATE_UNSPECIFIED - - DRAFT - - FINAL - isSigned: - description: Output only. Whether the configuration has been signed by a CPI. - type: boolean - updateTime: - description: Output only. The last time the device configuration was edited. + format: int64 + description: Required. Id of the SAS organization to be migrated. + description: >- + Request for [MigrateOrganization]. + [spectrum.sas.portal.v1alpha1.Provisioning.MigrateOrganization]. GCP + Project, Organization Info, and caller's GAIA ID should be retrieved + from the RPC handler, and used to check authorization on SAS Portal + organization and to create GCP Projects. + id: SasPortalMigrateOrganizationRequest + type: object + SasPortalDeploymentAssociation: + id: SasPortalDeploymentAssociation + type: object + properties: + gcpProjectId: type: string - format: google-datetime - SasPortalDeviceModel: - id: SasPortalDeviceModel - description: Information about the model of the device. + description: GCP project id of the associated project. + userId: + type: string + description: User id of the deployment. + description: Association between a gcp project and a SAS user id. + SasPortalDpaMoveList: + description: An entry in a DPA's move list. + id: SasPortalDpaMoveList type: object properties: - vendor: - description: The name of the device vendor. + dpaId: type: string + description: The ID of the DPA. + frequencyRange: + description: The frequency range that the move list affects. + $ref: '#/components/schemas/SasPortalFrequencyRange' + SasPortalOperation: + properties: + response: + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/SasPortalStatus' + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + metadata: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object name: - description: The name of the device model. type: string - softwareVersion: - description: The software version of the device. + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + id: SasPortalOperation + type: object + description: >- + This resource represents a long-running operation that is the result of + a network API call. + SasPortalListCustomersResponse: + description: Response for `ListCustomers`. + properties: + nextPageToken: + description: >- + A pagination token returned from a previous call to ListCustomers + that indicates from where listing should continue. If the field is + missing or empty, it means there are no more customers. type: string + customers: + description: The list of customers that match the request. + type: array + items: + $ref: '#/components/schemas/SasPortalCustomer' + id: SasPortalListCustomersResponse + type: object + SasPortalDeviceModel: + properties: + name: + type: string + description: The name of the device model. hardwareVersion: description: The hardware version of the device. type: string firmwareVersion: + type: string description: The firmware version of the device. + vendor: + description: The name of the device vendor. type: string + softwareVersion: + description: The software version of the device. + type: string + description: Information about the model of the device. + id: SasPortalDeviceModel + type: object SasPortalDeviceAirInterface: id: SasPortalDeviceAirInterface - description: Information about the device's air interface. type: object + description: Information about the device's air interface. properties: - radioTechnology: + supportedSpec: description: >- - Conditional. This field specifies the radio access technology that - is used for the CBSD. + Optional. This field is related to the `radioTechnology` and + provides the air interface specification that the CBSD is compliant + with at the time of registration. + type: string + radioTechnology: type: string enumDescriptions: - '' @@ -458,6 +514,9 @@ components: - '' - '' - '' + description: >- + Conditional. This field specifies the radio access technology that + is used for the CBSD. enum: - RADIO_TECHNOLOGY_UNSPECIFIED - E_UTRA @@ -469,72 +528,68 @@ components: - REDLINE - TARANA_WIRELESS - FAROS - supportedSpec: + SasPortalMoveDeploymentRequest: + properties: + destination: description: >- - Optional. This field is related to the `radioTechnology` and - provides the air interface specification that the CBSD is compliant - with at the time of registration. + Required. The name of the new parent resource node or customer to + reparent the deployment under. type: string - SasPortalInstallationParams: - id: SasPortalInstallationParams - description: Information about the device installation parameters. type: object + description: Request for MoveDeployment. + id: SasPortalMoveDeploymentRequest + SasPortalProvisionDeploymentRequest: properties: - latitude: + newDeploymentDisplayName: description: >- - Latitude of the device antenna location in degrees relative to the - WGS 84 datum. The allowed range is from -90.000000 to +90.000000. - Positive values represent latitudes north of the equator; negative - values south of the equator. - type: number - format: double - longitude: + Optional. If this field is set, and a new SAS Portal Deployment + needs to be created, its display name will be set to the value of + this field. + type: string + newOrganizationDisplayName: + type: string description: >- - Longitude of the device antenna location in degrees relative to the - WGS 84 datum. The allowed range is from -180.000000 to +180.000000. - Positive values represent longitudes east of the prime meridian; - negative values west of the prime meridian. - type: number - format: double + Optional. If this field is set, and a new SAS Portal Organization + needs to be created, its display name will be set to the value of + this field. + organizationId: + description: >- + Optional. If this field is set then a new deployment will be created + under the organization specified by this id. + type: string + format: int64 + type: object + description: >- + Request for [ProvisionDeployment]. + [spectrum.sas.portal.v1alpha1.Provisioning.ProvisionDeployment]. GCP + Project, Organization Info, and caller’s GAIA ID should be retrieved + from the RPC handler, and used as inputs to create a new SAS + organization (if not exists) and a new SAS deployment. + id: SasPortalProvisionDeploymentRequest + SasPortalInstallationParams: + type: object + id: SasPortalInstallationParams + description: Information about the device installation parameters. + properties: height: description: >- Device antenna height in meters. When the `heightType` parameter value is "AGL", the antenna height should be given relative to ground level. When the `heightType` parameter value is "AMSL", it is given with respect to WGS84 datum. - type: number - format: double - heightType: - description: Specifies how the height is measured. - type: string - enumDescriptions: - - Unspecified height type. - - AGL height is measured relative to the ground level. - - AMSL height is measured relative to the mean sea level. - enum: - - HEIGHT_TYPE_UNSPECIFIED - - HEIGHT_TYPE_AGL - - HEIGHT_TYPE_AMSL - horizontalAccuracy: - description: >- - A positive number in meters to indicate accuracy of the device - antenna horizontal location. This optional parameter should only be - present if its value is less than the FCC requirement of 50 meters. - type: number format: double - verticalAccuracy: - description: >- - A positive number in meters to indicate accuracy of the device - antenna vertical location. This optional parameter should only be - present if its value is less than the FCC requirement of 3 meters. type: number - format: double - indoorDeployment: + eirpCapability: description: >- - Whether the device antenna is indoor or not. `true`: indoor. - `false`: outdoor. - type: boolean + This parameter is the maximum device EIRP in units of dBm/10MHz and + is an integer with a value between -127 and +47 (dBm/10 MHz) + inclusive. If not included, SAS interprets it as maximum allowable + EIRP in units of dBm/10MHz for device category. + type: integer + format: int32 antennaAzimuth: + format: int32 + type: integer description: >- Boresight direction of the horizontal plane of the antenna in degrees with respect to true north. The value of this parameter is @@ -542,31 +597,24 @@ components: degrees means true north; a value of 90 degrees means east. This parameter is optional for Category A devices and conditional for Category B devices. - type: integer - format: int32 - antennaDowntilt: + indoorDeployment: + type: boolean description: >- - Antenna downtilt in degrees and is an integer with a value between - -90 and +90 inclusive; a negative value means the antenna is tilted - up (above horizontal). This parameter is optional for Category A - devices and conditional for Category B devices. - type: integer - format: int32 - antennaGain: + Whether the device antenna is indoor or not. `true`: indoor. + `false`: outdoor. + verticalAccuracy: description: >- - Peak antenna gain in dBi. This parameter is a double with a value - between -127 and +128 (dBi) inclusive. Part of Release 2 to support - floating-point value + A positive number in meters to indicate accuracy of the device + antenna vertical location. This optional parameter should only be + present if its value is less than the FCC requirement of 3 meters. type: number format: double - eirpCapability: + antennaModel: + type: string description: >- - This parameter is the maximum device EIRP in units of dBm/10MHz and - is an integer with a value between -127 and +47 (dBm/10 MHz) - inclusive. If not included, SAS interprets it as maximum allowable - EIRP in units of dBm/10MHz for device category. - type: integer - format: int32 + If an external antenna is used, the antenna model is optionally + provided in this field. The string has a maximum length of 128 + octets. antennaBeamwidth: description: >- 3-dB antenna beamwidth of the antenna in the horizontal-plane in @@ -575,243 +623,199 @@ components: devices and conditional for Category B devices. type: integer format: int32 - antennaModel: - description: >- - If an external antenna is used, the antenna model is optionally - provided in this field. The string has a maximum length of 128 - octets. - type: string - cpeCbsdIndication: - description: >- - If present, this parameter specifies whether the CBSD is a CPE-CBSD - or not. - type: boolean - SasPortalDeviceGrant: - id: SasPortalDeviceGrant - description: >- - Device grant. It is an authorization provided by the Spectrum Access - System to a device to transmit using specified operating parameters - after a successful heartbeat by the device. - type: object - properties: - maxEirp: - description: >- - Maximum Equivalent Isotropically Radiated Power (EIRP) permitted by - the grant. The maximum EIRP is in units of dBm/MHz. The value of - `maxEirp` represents the average (RMS) EIRP that would be measured - by the procedure defined in FCC part 96.41(e)(3). - type: number - format: double - frequencyRange: - description: The transmission frequency range. - $ref: '#/components/schemas/SasPortalFrequencyRange' - state: - description: State of the grant. - type: string - enumDescriptions: - - '' - - >- - The grant has been granted but the device is not heartbeating on - it. - - The grant has been terminated by the SAS. - - The grant has been suspended by the SAS. - - The device is currently transmitting. - - The grant has expired. - enum: - - GRANT_STATE_UNSPECIFIED - - GRANT_STATE_GRANTED - - GRANT_STATE_TERMINATED - - GRANT_STATE_SUSPENDED - - GRANT_STATE_AUTHORIZED - - GRANT_STATE_EXPIRED - channelType: - description: Type of channel used. - type: string - enumDescriptions: - - '' - - '' - - '' - enum: - - CHANNEL_TYPE_UNSPECIFIED - - CHANNEL_TYPE_GAA - - CHANNEL_TYPE_PAL - moveList: - description: The DPA move lists on which this grant appears. - type: array - items: - $ref: '#/components/schemas/SasPortalDpaMoveList' - expireTime: - description: The expiration time of the grant. - type: string - format: google-datetime - suspensionReason: - description: If the grant is suspended, the reason(s) for suspension. - type: array - items: - type: string - grantId: - description: Grant Id. - type: string - lastHeartbeatTransmitExpireTime: - description: The transmit expiration time of the last heartbeat. - type: string - format: google-datetime - SasPortalFrequencyRange: - id: SasPortalFrequencyRange - description: Frequency range from `low_frequency` to `high_frequency`. - type: object - properties: - lowFrequencyMhz: - description: The lowest frequency of the frequency range in MHz. - type: number - format: double - highFrequencyMhz: - description: The highest frequency of the frequency range in MHz. - type: number - format: double - SasPortalDpaMoveList: - id: SasPortalDpaMoveList - description: An entry in a DPA's move list. - type: object - properties: - dpaId: - description: The ID of the DPA. - type: string - frequencyRange: - description: The frequency range that the move list affects. - $ref: '#/components/schemas/SasPortalFrequencyRange' - SasPortalDeviceMetadata: - id: SasPortalDeviceMetadata - description: Device data overridable by both SAS Portal and registration requests. - type: object - properties: - interferenceCoordinationGroup: - description: >- - Interference Coordination Group (ICG). A group of CBSDs that manage - their own interference with the group. For more details, see - [CBRSA-TS-2001 - V3.0.0](https://ongoalliance.org/wp-content/uploads/2020/02/CBRSA-TS-2001-V3.0.0_Approved-for-publication.pdf). - type: string - commonChannelGroup: - description: >- - Common Channel Group (CCG). A group of CBSDs in the same ICG - requesting a common primary channel assignment. For more details, - see [CBRSA-TS-2001 - V3.0.0](https://ongoalliance.org/wp-content/uploads/2020/02/CBRSA-TS-2001-V3.0.0_Approved-for-publication.pdf). - type: string - antennaModel: - description: >- - If populated, the Antenna Model Pattern to use. Format is: - `RecordCreatorId:PatternId` - type: string - nrqzValidated: + horizontalAccuracy: description: >- - Output only. Set to `true` if a CPI has validated that they have - coordinated with the National Quiet Zone office. - readOnly: true - deprecated: true - type: boolean - nrqzValidation: - description: Output only. National Radio Quiet Zone validation info. - readOnly: true - $ref: '#/components/schemas/SasPortalNrqzValidation' - SasPortalNrqzValidation: - id: SasPortalNrqzValidation - description: Information about National Radio Quiet Zone validation. - type: object - properties: - caseId: - description: Validation case ID. + A positive number in meters to indicate accuracy of the device + antenna horizontal location. This optional parameter should only be + present if its value is less than the FCC requirement of 50 meters. + type: number + format: double + cpeCbsdIndication: + description: >- + If present, this parameter specifies whether the CBSD is a CPE-CBSD + or not. + type: boolean + heightType: type: string + enumDescriptions: + - Unspecified height type. + - AGL height is measured relative to the ground level. + - AMSL height is measured relative to the mean sea level. + enum: + - HEIGHT_TYPE_UNSPECIFIED + - HEIGHT_TYPE_AGL + - HEIGHT_TYPE_AMSL + description: Specifies how the height is measured. + antennaGain: + type: number + description: >- + Peak antenna gain in dBi. This parameter is a double with a value + between -127 and +128 (dBi) inclusive. Part of Release 2 to support + floating-point value + format: double latitude: - description: Device latitude that's associated with the validation. type: number format: double + description: >- + Latitude of the device antenna location in degrees relative to the + WGS 84 datum. The allowed range is from -90.000000 to +90.000000. + Positive values represent latitudes north of the equator; negative + values south of the equator. longitude: - description: Device longitude that's associated with the validation. + description: >- + Longitude of the device antenna location in degrees relative to the + WGS 84 datum. The allowed range is from -180.000000 to +180.000000. + Positive values represent longitudes east of the prime meridian; + negative values west of the prime meridian. type: number format: double - cpiId: - description: CPI who signed the validation. + antennaDowntilt: + type: integer + description: >- + Antenna downtilt in degrees and is an integer with a value between + -90 and +90 inclusive; a negative value means the antenna is tilted + up (above horizontal). This parameter is optional for Category A + devices and conditional for Category B devices. + format: int32 + SasPortalDeviceConfig: + id: SasPortalDeviceConfig + properties: + installationParams: + description: Installation parameters for the device. + $ref: '#/components/schemas/SasPortalInstallationParams' + userId: + description: The identifier of a device user. + type: string + category: + type: string + enum: + - DEVICE_CATEGORY_UNSPECIFIED + - DEVICE_CATEGORY_A + - DEVICE_CATEGORY_B + enumDescriptions: + - Unspecified device category. + - Category A. + - Category B. + description: FCC category of the device. + measurementCapabilities: + items: + enum: + - MEASUREMENT_CAPABILITY_UNSPECIFIED + - MEASUREMENT_CAPABILITY_RECEIVED_POWER_WITH_GRANT + - MEASUREMENT_CAPABILITY_RECEIVED_POWER_WITHOUT_GRANT + type: string + enumDescriptions: + - '' + - '' + - '' + type: array + description: Measurement reporting capabilities of the device. + updateTime: + description: Output only. The last time the device configuration was edited. + format: google-datetime type: string + callSign: + description: The call sign of the device operator. + type: string + isSigned: + type: boolean + description: Output only. Whether the configuration has been signed by a CPI. + airInterface: + description: Information about this device's air interface. + $ref: '#/components/schemas/SasPortalDeviceAirInterface' + model: + description: Information about this device model. + $ref: '#/components/schemas/SasPortalDeviceModel' state: - description: State of the NRQZ validation info. type: string enumDescriptions: - - Unspecified state. - - Draft state. - - Final state. + - '' + - '' + - '' enum: - - STATE_UNSPECIFIED + - DEVICE_CONFIG_STATE_UNSPECIFIED - DRAFT - FINAL - SasPortalChannelWithScore: - id: SasPortalChannelWithScore - description: The channel with score. + description: State of the configuration. + description: Information about the device configuration. type: object - properties: - frequencyRange: - description: The frequency range of the channel. - $ref: '#/components/schemas/SasPortalFrequencyRange' - score: - description: The channel score, normalized to be in the range [0,100]. - type: number - format: double - SasPortalCreateSignedDeviceRequest: - id: SasPortalCreateSignedDeviceRequest - description: Request for CreateSignedDevice. + SasPortalValidateInstallerResponse: + id: SasPortalValidateInstallerResponse + properties: {} + description: Response for ValidateInstaller. + type: object + SasPortalPolicy: type: object + description: Defines an access control policy to the resources. properties: - encodedDevice: + etag: description: >- - Required. JSON Web Token signed using a CPI private key. Payload - must be the JSON encoding of the device. The user_id field must be - set. + The etag is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the etag in + the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An etag is returned in the response to + GetPolicy, and systems are expected to put that etag in the request + to SetPolicy to ensure that their change will be applied to the same + version of the policy. If no etag is provided in the call to + GetPolicy, then the existing policy is overwritten blindly. type: string format: byte - installerId: - description: >- - Required. Unique installer id (CPI ID) from the Certified - Professional Installers database. + assignments: + description: List of assignments + items: + $ref: '#/components/schemas/SasPortalAssignment' + type: array + id: SasPortalPolicy + SasPortalGenerateSecretResponse: + id: SasPortalGenerateSecretResponse + properties: + secret: type: string + description: The secret generated by the string and used by ValidateInstaller. + description: Response for GenerateSecret. + type: object SasPortalEmpty: - id: SasPortalEmpty + type: object description: >- A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object properties: {} - SasPortalListDevicesResponse: - id: SasPortalListDevicesResponse - description: Response for ListDevices. - type: object + id: SasPortalEmpty + SasPortalNrqzValidation: + description: Information about National Radio Quiet Zone validation. properties: - devices: - description: The devices that match the request. - type: array - items: - $ref: '#/components/schemas/SasPortalDevice' - nextPageToken: - description: >- - A pagination token returned from a previous call to ListDevices that - indicates from where listing should continue. If the field is - missing or empty, it means there is no more devices. + latitude: + type: number + description: Device latitude that's associated with the validation. + format: double + state: + enumDescriptions: + - Unspecified state. + - Draft state. + - Final state. type: string - SasPortalMoveDeviceRequest: - id: SasPortalMoveDeviceRequest - description: Request for MoveDevice. - type: object - properties: - destination: - description: >- - Required. The name of the new parent resource node or customer to - reparent the device under. + description: State of the NRQZ validation info. + enum: + - STATE_UNSPECIFIED + - DRAFT + - FINAL + caseId: + type: string + description: Validation case ID. + cpiId: + description: CPI who signed the validation. type: string + longitude: + type: number + format: double + description: Device longitude that's associated with the validation. + id: SasPortalNrqzValidation + type: object SasPortalUpdateSignedDeviceRequest: id: SasPortalUpdateSignedDeviceRequest - description: Request for UpdateSignedDevice. type: object properties: encodedDevice: @@ -819,82 +823,101 @@ components: Required. The JSON Web Token signed using a CPI private key. Payload must be the JSON encoding of the device. The user_id field must be set. - type: string format: byte + type: string installerId: + type: string description: >- Required. Unique installer ID (CPI ID) from the Certified Professional Installers database. - type: string - SasPortalSignDeviceRequest: - id: SasPortalSignDeviceRequest - description: Request for SignDevice. - type: object - properties: - device: - description: >- - Required. The device to sign. The device fields name, fcc_id and - serial_number must be set. The user_id field must be set. - $ref: '#/components/schemas/SasPortalDevice' - SasPortalNode: - id: SasPortalNode - description: The Node. - type: object - properties: - name: - description: Output only. Resource name. - type: string - displayName: - description: The node's display name. - type: string - sasUserIds: - description: User ids used by the devices belonging to this node. - type: array - items: - type: string - SasPortalListNodesResponse: - id: SasPortalListNodesResponse - description: Response for ListNodes. - type: object - properties: - nodes: - description: The nodes that match the request. - type: array - items: - $ref: '#/components/schemas/SasPortalNode' + description: Request for UpdateSignedDevice. + SasPortalListDevicesResponse: + type: object + id: SasPortalListDevicesResponse + description: Response for ListDevices. + properties: nextPageToken: description: >- - A pagination token returned from a previous call to ListNodes that + A pagination token returned from a previous call to ListDevices that indicates from where listing should continue. If the field is - missing or empty, it means there is no more nodes. + missing or empty, it means there is no more devices. type: string + devices: + type: array + items: + $ref: '#/components/schemas/SasPortalDevice' + description: The devices that match the request. SasPortalMoveNodeRequest: - id: SasPortalMoveNodeRequest - description: Request for MoveNode. type: object + description: Request for MoveNode. + id: SasPortalMoveNodeRequest properties: destination: description: >- Required. The name of the new parent resource node or customer to reparent the node under. type: string - SasPortalGenerateSecretRequest: - id: SasPortalGenerateSecretRequest - description: Request for GenerateSecret. + SasPortalListDeploymentsResponse: + description: Response for ListDeployments. + properties: + nextPageToken: + type: string + description: >- + A pagination token returned from a previous call to ListDeployments + that indicates from where listing should continue. If the field is + missing or empty, it means there are no more deployments. + deployments: + type: array + items: + $ref: '#/components/schemas/SasPortalDeployment' + description: The deployments that match the request. type: object - properties: {} - SasPortalGenerateSecretResponse: - id: SasPortalGenerateSecretResponse - description: Response for GenerateSecret. + id: SasPortalListDeploymentsResponse + SasPortalProvisionDeploymentResponse: + description: >- + Response for [ProvisionDeployment]. + [spectrum.sas.portal.v1alpha1.Provisioning.ProvisionDeployment]. type: object + id: SasPortalProvisionDeploymentResponse properties: - secret: - description: The secret generated by the string and used by ValidateInstaller. + errorMessage: + type: string + description: >- + Optional. Optional error message if the provisioning request is not + successful. + SasPortalCustomer: + type: object + description: Entity representing a SAS customer. + properties: + sasUserIds: + type: array + items: + type: string + description: User IDs used by the devices belonging to this customer. + displayName: + type: string + description: >- + Required. Name of the organization that the customer entity + represents. + name: + description: Output only. Resource name of the customer. type: string + id: SasPortalCustomer + SasPortalFrequencyRange: + properties: + lowFrequencyMhz: + description: The lowest frequency of the frequency range in MHz. + type: number + format: double + highFrequencyMhz: + type: number + description: The highest frequency of the frequency range in MHz. + format: double + id: SasPortalFrequencyRange + type: object + description: Frequency range from `low_frequency` to `high_frequency`. SasPortalValidateInstallerRequest: id: SasPortalValidateInstallerRequest - description: Request for ValidateInstaller. - type: object properties: installerId: description: >- @@ -902,147 +925,124 @@ components: Professional Installers database. type: string secret: - description: Required. Secret returned by the GenerateSecret. type: string + description: Required. Secret returned by the GenerateSecret. encodedSecret: description: >- Required. JSON Web Token signed using a CPI private key. Payload must include a "secret" claim whose value is the secret. type: string - SasPortalValidateInstallerResponse: - id: SasPortalValidateInstallerResponse - description: Response for ValidateInstaller. - type: object - properties: {} - SasPortalListDeploymentsResponse: - id: SasPortalListDeploymentsResponse - description: Response for ListDeployments. - type: object - properties: - deployments: - description: The deployments that match the request. - type: array - items: - $ref: '#/components/schemas/SasPortalDeployment' - nextPageToken: - description: >- - A pagination token returned from a previous call to ListDeployments - that indicates from where listing should continue. If the field is - missing or empty, it means there are no more deployments. - type: string - SasPortalMoveDeploymentRequest: - id: SasPortalMoveDeploymentRequest - description: Request for MoveDeployment. type: object + description: Request for ValidateInstaller. + SasPortalCreateSignedDeviceRequest: properties: - destination: - description: >- - Required. The name of the new parent resource node or customer to - reparent the deployment under. + encodedDevice: + format: byte type: string - SasPortalSetPolicyRequest: - id: SasPortalSetPolicyRequest - description: Request message for `SetPolicy` method. - type: object - properties: - resource: description: >- - Required. The resource for which the policy is being specified. This - policy replaces any existing policy. + Required. JSON Web Token signed using a CPI private key. Payload + must be the JSON encoding of the device. The user_id field must be + set. + installerId: type: string - policy: - description: Required. The policy to be applied to the `resource`. - $ref: '#/components/schemas/SasPortalPolicy' - disableNotification: description: >- - Optional. Set the field as `true` to disable the onboarding - notification. - type: boolean - SasPortalPolicy: - id: SasPortalPolicy - description: Defines an access control policy to the resources. + Required. Unique installer id (CPI ID) from the Certified + Professional Installers database. + description: Request for CreateSignedDevice. + type: object + id: SasPortalCreateSignedDeviceRequest + SasPortalListNodesResponse: + description: Response for ListNodes. type: object + id: SasPortalListNodesResponse properties: - assignments: - description: List of assignments + nodes: + description: The nodes that match the request. type: array items: - $ref: '#/components/schemas/SasPortalAssignment' - etag: + $ref: '#/components/schemas/SasPortalNode' + nextPageToken: description: >- - The etag is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the etag in - the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An etag is returned in the response to - GetPolicy, and systems are expected to put that etag in the request - to SetPolicy to ensure that their change will be applied to the same - version of the policy. If no etag is provided in the call to - GetPolicy, then the existing policy is overwritten blindly. + A pagination token returned from a previous call to ListNodes that + indicates from where listing should continue. If the field is + missing or empty, it means there is no more nodes. type: string - format: byte - SasPortalAssignment: - id: SasPortalAssignment - description: Associates `members` with a `role`. + SasPortalDeviceGrant: + id: SasPortalDeviceGrant + description: >- + Device grant. It is an authorization provided by the Spectrum Access + System to a device to transmit using specified operating parameters + after a successful heartbeat by the device. type: object properties: - role: - description: Required. Role that is assigned to `members`. - type: string - members: - description: >- - The identities the role is assigned to. It can have the following - values: * `{user_email}`: An email address that represents a - specific Google account. For example: `alice@gmail.com`. * - `{group_email}`: An email address that represents a Google group. - For example, `viewers@gmail.com`. + suspensionReason: type: array + description: If the grant is suspended, the reason(s) for suspension. items: type: string - SasPortalGetPolicyRequest: - id: SasPortalGetPolicyRequest - description: Request message for `GetPolicy` method. - type: object - properties: - resource: - description: Required. The resource for which the policy is being requested. - type: string - SasPortalTestPermissionsRequest: - id: SasPortalTestPermissionsRequest - description: Request message for `TestPermissions` method. - type: object - properties: - resource: + frequencyRange: + $ref: '#/components/schemas/SasPortalFrequencyRange' + description: The transmission frequency range. + maxEirp: description: >- - Required. The resource for which the permissions are being - requested. + Maximum Equivalent Isotropically Radiated Power (EIRP) permitted by + the grant. The maximum EIRP is in units of dBm/MHz. The value of + `maxEirp` represents the average (RMS) EIRP that would be measured + by the procedure defined in FCC part 96.41(e)(3). + format: double + type: number + expireTime: + format: google-datetime type: string - permissions: - description: The set of permissions to check for the `resource`. - type: array - items: - type: string - SasPortalTestPermissionsResponse: - id: SasPortalTestPermissionsResponse - description: Response message for `TestPermissions` method. - type: object - properties: - permissions: - description: A set of permissions that the caller is allowed. + description: The expiration time of the grant. + lastHeartbeatTransmitExpireTime: + description: The transmit expiration time of the last heartbeat. + type: string + format: google-datetime + channelType: + description: Type of channel used. + enum: + - CHANNEL_TYPE_UNSPECIFIED + - CHANNEL_TYPE_GAA + - CHANNEL_TYPE_PAL + type: string + enumDescriptions: + - '' + - '' + - '' + state: + type: string + enum: + - GRANT_STATE_UNSPECIFIED + - GRANT_STATE_GRANTED + - GRANT_STATE_TERMINATED + - GRANT_STATE_SUSPENDED + - GRANT_STATE_AUTHORIZED + - GRANT_STATE_EXPIRED + description: State of the grant. + enumDescriptions: + - '' + - >- + The grant has been granted but the device is not heartbeating on + it. + - The grant has been terminated by the SAS. + - The grant has been suspended by the SAS. + - The device is currently transmitting. + - The grant has expired. + grantId: + description: Grant Id. + type: string + moveList: type: array items: - type: string + $ref: '#/components/schemas/SasPortalDpaMoveList' + description: The DPA move lists on which this grant appears. SasPortalMigrateOrganizationMetadata: - id: SasPortalMigrateOrganizationMetadata description: >- Long-running operation metadata message returned by the MigrateOrganization. - type: object properties: operationState: - description: Output only. Current operation state - readOnly: true - type: string enumDescriptions: - Unspecified. - Pending (Not started). @@ -1055,50 +1055,56 @@ components: - OPERATION_STATE_RUNNING - OPERATION_STATE_SUCCEEDED - OPERATION_STATE_FAILED + type: string + readOnly: true + description: Output only. Current operation state + id: SasPortalMigrateOrganizationMetadata + type: object + SasPortalTestPermissionsResponse: + id: SasPortalTestPermissionsResponse + description: Response message for `TestPermissions` method. + properties: + permissions: + items: + type: string + description: A set of permissions that the caller is allowed. + type: array + type: object SasPortalMigrateOrganizationResponse: id: SasPortalMigrateOrganizationResponse + type: object description: >- Response for [MigrateOrganization]. [spectrum.sas.portal.v1alpha1.Provisioning.MigrateOrganization]. - type: object properties: deploymentAssociation: description: >- Optional. A list of deployment association that were created for the migration, or current associations if they already exist. - type: array items: $ref: '#/components/schemas/SasPortalDeploymentAssociation' - SasPortalDeploymentAssociation: - id: SasPortalDeploymentAssociation - description: Association between a gcp project and a SAS user id. + type: array + SasPortalSetupSasAnalyticsRequest: type: object + id: SasPortalSetupSasAnalyticsRequest properties: userId: - description: User id of the deployment. - type: string - gcpProjectId: - description: GCP project id of the associated project. type: string - SasPortalSetupSasAnalyticsMetadata: - id: SasPortalSetupSasAnalyticsMetadata - description: >- - Metadata returned by the long running operation for the - SetupSasAnalytics rpc. - type: object - properties: {} - SasPortalSetupSasAnalyticsResponse: - id: SasPortalSetupSasAnalyticsResponse - description: >- - Response returned by the long running operation for the - SetupSasAnalytics rpc. - type: object - properties: {} + description: >- + Optional. User id to setup analytics for, if not provided the user + id associated with the project is used. optional + description: Request for the SetupSasAnalytics rpc. parameters: - access_token: - description: OAuth access token. + callback: + description: JSONP in: query - name: access_token + name: callback + schema: + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol schema: type: string alt: @@ -1111,27 +1117,12 @@ components: - json - media - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string fields: description: Selector specifying which fields to include in a partial response. in: query name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string oauth_token: description: OAuth 2.0 token for the current user. in: query @@ -1144,25 +1135,25 @@ components: name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: quotaUser + name: uploadType schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + access_token: + description: OAuth access token. in: query - name: upload_protocol + name: access_token schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: uploadType + name: quotaUser schema: type: string _.xgafv: @@ -1174,754 +1165,768 @@ components: enum: - '1' - '2' + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string x-stackQL-resources: - customers: - id: google.prod_tt_sasportal.customers - name: customers - title: Customers + policies: + id: google.prod_tt_sasportal.policies + name: policies + title: Policies methods: - customers_get: + policies_test: operation: - $ref: '#/paths/~1v1alpha1~1customers~1{customersId}/get' + $ref: '#/paths/~1v1alpha1~1policies:test/post' response: mediaType: application/json openAPIDocKey: '200' - customers_patch: + policies_set: operation: - $ref: '#/paths/~1v1alpha1~1customers~1{customersId}/patch' + $ref: '#/paths/~1v1alpha1~1policies:set/post' response: mediaType: application/json openAPIDocKey: '200' - customers_list: + policies_get: operation: - $ref: '#/paths/~1v1alpha1~1customers/get' + $ref: '#/paths/~1v1alpha1~1policies:get/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.customers - customers_provision_deployment: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/policies/methods/policies_get' + insert: [] + update: [] + replace: [] + delete: [] + nodes: + id: google.prod_tt_sasportal.nodes + name: nodes + title: Nodes + methods: + customers_nodes_patch: operation: - $ref: '#/paths/~1v1alpha1~1customers:provisionDeployment/post' + $ref: >- + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}/patch response: mediaType: application/json openAPIDocKey: '200' - customers_migrate_organization: + customers_nodes_move: operation: - $ref: '#/paths/~1v1alpha1~1customers:migrateOrganization/post' + $ref: >- + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}:move/post response: mediaType: application/json openAPIDocKey: '200' - customers_setup_sas_analytics: + nodes_nodes_create: operation: - $ref: '#/paths/~1v1alpha1~1customers:setupSasAnalytics/post' + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes/post' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/customers/methods/customers_get' - - $ref: '#/components/x-stackQL-resources/customers/methods/customers_list' - insert: [] - update: - - $ref: '#/components/x-stackQL-resources/customers/methods/customers_patch' - replace: [] - delete: [] - customers_gcp_project_deployments: - id: google.prod_tt_sasportal.customers_gcp_project_deployments - name: customers_gcp_project_deployments - title: Customers_gcp_project_deployments - methods: - customers_list_gcp_project_deployments: + nodes_nodes_list: operation: - $ref: '#/paths/~1v1alpha1~1customers:listGcpProjectDeployments/get' + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes/get' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/customers_gcp_project_deployments/methods/customers_list_gcp_project_deployments - insert: [] - update: [] - replace: [] - delete: [] - customers_legacy_organizations: - id: google.prod_tt_sasportal.customers_legacy_organizations - name: customers_legacy_organizations - title: Customers_legacy_organizations - methods: - customers_list_legacy_organizations: + objectKey: $.nodes + nodes_nodes_move: operation: - $ref: '#/paths/~1v1alpha1~1customers:listLegacyOrganizations/get' + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}:move/post' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/customers_legacy_organizations/methods/customers_list_legacy_organizations - insert: [] - update: [] - replace: [] - delete: [] - devices: - id: google.prod_tt_sasportal.devices - name: devices - title: Devices - methods: - customers_devices_create: + nodes_nodes_delete: operation: - $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1devices/post' + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}/delete' response: mediaType: application/json openAPIDocKey: '200' - customers_devices_list: + nodes_nodes_patch: operation: - $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1devices/get' + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}/patch' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.devices - customers_devices_delete: + nodes_nodes_nodes_create: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}/delete + #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1nodes/post response: mediaType: application/json openAPIDocKey: '200' - customers_devices_get: + nodes_nodes_nodes_list: + operation: + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1nodes/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.nodes + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/nodes/methods/nodes_nodes_nodes_list + - $ref: '#/components/x-stackQL-resources/nodes/methods/nodes_nodes_list' + insert: + - $ref: >- + #/components/x-stackQL-resources/nodes/methods/nodes_nodes_nodes_create + - $ref: '#/components/x-stackQL-resources/nodes/methods/nodes_nodes_create' + update: + - $ref: >- + #/components/x-stackQL-resources/nodes/methods/customers_nodes_patch + - $ref: '#/components/x-stackQL-resources/nodes/methods/nodes_nodes_patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/nodes/methods/nodes_nodes_delete' + customer_nodes: + id: google.prod_tt_sasportal.customer_nodes + name: customer_nodes + title: Customer_nodes + methods: + customers_nodes_delete: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}/get + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}/delete response: mediaType: application/json openAPIDocKey: '200' - customers_devices_patch: + customers_nodes_list: operation: - $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}/patch + $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1nodes/get' response: mediaType: application/json openAPIDocKey: '200' - customers_devices_move: + objectKey: $.nodes + customers_nodes_create: operation: - $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}:move/post + $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1nodes/post' response: mediaType: application/json openAPIDocKey: '200' - customers_devices_sign_device: + customers_nodes_nodes_list: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}:signDevice/post + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1nodes/get response: mediaType: application/json openAPIDocKey: '200' - customers_nodes_devices_create: + objectKey: $.nodes + customers_nodes_nodes_create: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1devices/post + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1nodes/post response: mediaType: application/json openAPIDocKey: '200' - customers_nodes_devices_list: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_nodes_list + - $ref: >- + #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_list + insert: + - $ref: >- + #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_nodes_create + - $ref: >- + #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_create + update: [] + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_delete + customer_node: + id: google.prod_tt_sasportal.customer_node + name: customer_node + title: Customer_node + methods: + customers_nodes_get: operation: - $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1devices/get + $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.devices - customers_deployments_devices_create: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/customer_node/methods/customers_nodes_get + insert: [] + update: [] + replace: [] + delete: [] + deployments: + id: google.prod_tt_sasportal.deployments + name: deployments + title: Deployments + methods: + customers_nodes_deployments_create: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}~1devices/post + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1deployments/post response: mediaType: application/json openAPIDocKey: '200' - customers_deployments_devices_list: + customers_nodes_deployments_list: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}~1devices/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.devices - nodes_devices_create: - operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices/post' - response: - mediaType: application/json - openAPIDocKey: '200' - nodes_devices_list: - operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices/get' + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1deployments/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.devices - nodes_devices_delete: + objectKey: $.deployments + customers_deployments_create: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}/delete' + $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1deployments/post' response: mediaType: application/json openAPIDocKey: '200' - nodes_devices_get: + customers_deployments_list: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}/get' + $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1deployments/get' response: mediaType: application/json openAPIDocKey: '200' - nodes_devices_patch: + objectKey: $.deployments + customers_deployments_get: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}/patch' + $ref: >- + #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}/get response: mediaType: application/json openAPIDocKey: '200' - nodes_devices_move: + customers_deployments_delete: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}:move/post + #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - nodes_devices_sign_device: + customers_deployments_patch: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}:signDevice/post + #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}/patch response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_devices_create: + customers_deployments_move: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1devices/post + #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}:move/post response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_devices_list: + deployments_get: operation: - $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1devices/get + $ref: '#/paths/~1v1alpha1~1deployments~1{deploymentsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.devices - nodes_deployments_devices_create: + nodes_nodes_deployments_list: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}~1devices/post + #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1deployments/get response: mediaType: application/json openAPIDocKey: '200' - nodes_deployments_devices_list: + objectKey: $.deployments + nodes_nodes_deployments_create: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}~1devices/get + #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1deployments/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.devices - deployments_devices_delete: + nodes_deployments_patch: operation: $ref: >- - #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}/delete + #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}/patch response: mediaType: application/json openAPIDocKey: '200' - deployments_devices_get: + nodes_deployments_get: operation: $ref: >- - #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}/get + #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}/get response: mediaType: application/json openAPIDocKey: '200' - deployments_devices_patch: + nodes_deployments_delete: operation: $ref: >- - #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}/patch + #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - deployments_devices_move: + nodes_deployments_list: operation: - $ref: >- - #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}:move/post + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments/get' response: mediaType: application/json openAPIDocKey: '200' - deployments_devices_sign_device: + objectKey: $.deployments + nodes_deployments_move: operation: $ref: >- - #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}:signDevice/post + #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}:move/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_devices_get - - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_nodes_devices_list + #/components/x-stackQL-resources/deployments/methods/customers_nodes_deployments_list - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_deployments_devices_list - - $ref: '#/components/x-stackQL-resources/devices/methods/nodes_devices_get' + #/components/x-stackQL-resources/deployments/methods/customers_deployments_get - $ref: >- - #/components/x-stackQL-resources/devices/methods/nodes_nodes_devices_list + #/components/x-stackQL-resources/deployments/methods/nodes_nodes_deployments_list - $ref: >- - #/components/x-stackQL-resources/devices/methods/nodes_deployments_devices_list + #/components/x-stackQL-resources/deployments/methods/nodes_deployments_get - $ref: >- - #/components/x-stackQL-resources/devices/methods/deployments_devices_get + #/components/x-stackQL-resources/deployments/methods/customers_deployments_list - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_devices_list + #/components/x-stackQL-resources/deployments/methods/deployments_get - $ref: >- - #/components/x-stackQL-resources/devices/methods/nodes_devices_list + #/components/x-stackQL-resources/deployments/methods/nodes_deployments_list insert: - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_nodes_devices_create - - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_deployments_devices_create - - $ref: >- - #/components/x-stackQL-resources/devices/methods/nodes_nodes_devices_create - - $ref: >- - #/components/x-stackQL-resources/devices/methods/nodes_deployments_devices_create + #/components/x-stackQL-resources/deployments/methods/customers_nodes_deployments_create - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_devices_create + #/components/x-stackQL-resources/deployments/methods/nodes_nodes_deployments_create - $ref: >- - #/components/x-stackQL-resources/devices/methods/nodes_devices_create + #/components/x-stackQL-resources/deployments/methods/customers_deployments_create update: - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_devices_patch - - $ref: >- - #/components/x-stackQL-resources/devices/methods/nodes_devices_patch + #/components/x-stackQL-resources/deployments/methods/customers_deployments_patch - $ref: >- - #/components/x-stackQL-resources/devices/methods/deployments_devices_patch + #/components/x-stackQL-resources/deployments/methods/nodes_deployments_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_devices_delete - - $ref: >- - #/components/x-stackQL-resources/devices/methods/nodes_devices_delete + #/components/x-stackQL-resources/deployments/methods/customers_deployments_delete - $ref: >- - #/components/x-stackQL-resources/devices/methods/deployments_devices_delete - devices_signed: - id: google.prod_tt_sasportal.devices_signed - name: devices_signed - title: Devices_signed + #/components/x-stackQL-resources/deployments/methods/nodes_deployments_delete + devices: + id: google.prod_tt_sasportal.devices + name: devices + title: Devices methods: - customers_devices_create_signed: + customers_nodes_devices_list: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1devices:createSigned/post + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1devices/get response: mediaType: application/json openAPIDocKey: '200' - customers_devices_update_signed: + objectKey: $.devices + customers_nodes_devices_create: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}:updateSigned/patch + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1devices/post response: mediaType: application/json openAPIDocKey: '200' - customers_nodes_devices_create_signed: + customers_devices_patch: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1devices:createSigned/post + #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}/patch response: mediaType: application/json openAPIDocKey: '200' - customers_deployments_devices_create_signed: + customers_devices_delete: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}~1devices:createSigned/post + #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}/delete response: mediaType: application/json openAPIDocKey: '200' - nodes_devices_create_signed: + customers_devices_get: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices:createSigned/post' + $ref: >- + #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}/get response: mediaType: application/json openAPIDocKey: '200' - nodes_devices_update_signed: + customers_devices_list: + operation: + $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1devices/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.devices + customers_devices_create: + operation: + $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1devices/post' + response: + mediaType: application/json + openAPIDocKey: '200' + customers_devices_move: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}:updateSigned/patch + #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}:move/post response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_devices_create_signed: + customers_devices_sign_device: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1devices:createSigned/post + #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}:signDevice/post + response: + mediaType: application/json + openAPIDocKey: '200' + customers_deployments_devices_list: + operation: + $ref: >- + #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}~1devices/get response: mediaType: application/json openAPIDocKey: '200' - nodes_deployments_devices_create_signed: + objectKey: $.devices + customers_deployments_devices_create: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}~1devices:createSigned/post + #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}~1devices/post response: mediaType: application/json openAPIDocKey: '200' - deployments_devices_update_signed: + deployments_devices_move: operation: $ref: >- - #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}:updateSigned/patch + #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}:move/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/customers_nodes_devices_create_signed - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/customers_deployments_devices_create_signed - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/nodes_nodes_devices_create_signed - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/nodes_deployments_devices_create_signed - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/customers_devices_create_signed - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/nodes_devices_create_signed - update: - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/customers_devices_update_signed - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/nodes_devices_update_signed - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/deployments_devices_update_signed - replace: [] - delete: [] - customer_nodes: - id: google.prod_tt_sasportal.customer_nodes - name: customer_nodes - title: Customer_nodes - methods: - customers_nodes_create: + deployments_devices_sign_device: operation: - $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1nodes/post' + $ref: >- + #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}:signDevice/post response: mediaType: application/json openAPIDocKey: '200' - customers_nodes_list: + deployments_devices_delete: operation: - $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1nodes/get' + $ref: >- + #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.nodes - customers_nodes_delete: + deployments_devices_get: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}/delete + #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}/get response: mediaType: application/json openAPIDocKey: '200' - customers_nodes_nodes_create: + deployments_devices_patch: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1nodes/post + #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}/patch response: mediaType: application/json openAPIDocKey: '200' - customers_nodes_nodes_list: + nodes_devices_sign_device: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1nodes/get + #/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}:signDevice/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.nodes - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_nodes_list - - $ref: >- - #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_list - insert: - - $ref: >- - #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_nodes_create - - $ref: >- - #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_create - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_delete - customer_node: - id: google.prod_tt_sasportal.customer_node - name: customer_node - title: Customer_node - methods: - customers_nodes_get: + nodes_devices_delete: operation: - $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}/get' + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}/delete' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/customer_node/methods/customers_nodes_get - insert: [] - update: [] - replace: [] - delete: [] - nodes: - id: google.prod_tt_sasportal.nodes - name: nodes - title: Nodes - methods: - customers_nodes_patch: + nodes_devices_get: operation: - $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}/patch + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}/get' response: mediaType: application/json openAPIDocKey: '200' - customers_nodes_move: + nodes_devices_patch: operation: - $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}:move/post + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}/patch' response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_create: + nodes_devices_move: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes/post' + $ref: >- + #/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}:move/post response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_list: + nodes_devices_create: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes/get' + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.nodes - nodes_nodes_delete: + nodes_devices_list: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}/delete' + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices/get' response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_patch: + objectKey: $.devices + nodes_nodes_devices_create: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}/patch' + $ref: >- + #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1devices/post response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_move: + nodes_nodes_devices_list: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}:move/post' + $ref: >- + #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1devices/get response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_nodes_create: + objectKey: $.devices + nodes_deployments_devices_create: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1nodes/post + #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}~1devices/post response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_nodes_list: + nodes_deployments_devices_list: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1nodes/get' + $ref: >- + #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}~1devices/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.nodes + objectKey: $.devices sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/nodes/methods/nodes_nodes_nodes_list - - $ref: '#/components/x-stackQL-resources/nodes/methods/nodes_nodes_list' + #/components/x-stackQL-resources/devices/methods/customers_nodes_devices_list + - $ref: >- + #/components/x-stackQL-resources/devices/methods/customers_devices_get + - $ref: >- + #/components/x-stackQL-resources/devices/methods/customers_deployments_devices_list + - $ref: >- + #/components/x-stackQL-resources/devices/methods/deployments_devices_get + - $ref: '#/components/x-stackQL-resources/devices/methods/nodes_devices_get' + - $ref: >- + #/components/x-stackQL-resources/devices/methods/nodes_nodes_devices_list + - $ref: >- + #/components/x-stackQL-resources/devices/methods/nodes_deployments_devices_list + - $ref: >- + #/components/x-stackQL-resources/devices/methods/customers_devices_list + - $ref: >- + #/components/x-stackQL-resources/devices/methods/nodes_devices_list insert: - $ref: >- - #/components/x-stackQL-resources/nodes/methods/nodes_nodes_nodes_create - - $ref: '#/components/x-stackQL-resources/nodes/methods/nodes_nodes_create' + #/components/x-stackQL-resources/devices/methods/customers_nodes_devices_create + - $ref: >- + #/components/x-stackQL-resources/devices/methods/customers_deployments_devices_create + - $ref: >- + #/components/x-stackQL-resources/devices/methods/nodes_nodes_devices_create + - $ref: >- + #/components/x-stackQL-resources/devices/methods/nodes_deployments_devices_create + - $ref: >- + #/components/x-stackQL-resources/devices/methods/customers_devices_create + - $ref: >- + #/components/x-stackQL-resources/devices/methods/nodes_devices_create update: - $ref: >- - #/components/x-stackQL-resources/nodes/methods/customers_nodes_patch - - $ref: '#/components/x-stackQL-resources/nodes/methods/nodes_nodes_patch' + #/components/x-stackQL-resources/devices/methods/customers_devices_patch + - $ref: >- + #/components/x-stackQL-resources/devices/methods/deployments_devices_patch + - $ref: >- + #/components/x-stackQL-resources/devices/methods/nodes_devices_patch replace: [] delete: - - $ref: '#/components/x-stackQL-resources/nodes/methods/nodes_nodes_delete' - deployments: - id: google.prod_tt_sasportal.deployments - name: deployments - title: Deployments + - $ref: >- + #/components/x-stackQL-resources/devices/methods/customers_devices_delete + - $ref: >- + #/components/x-stackQL-resources/devices/methods/deployments_devices_delete + - $ref: >- + #/components/x-stackQL-resources/devices/methods/nodes_devices_delete + devices_signed: + id: google.prod_tt_sasportal.devices_signed + name: devices_signed + title: Devices_signed methods: - customers_nodes_deployments_create: + customers_nodes_devices_create_signed: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1deployments/post + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1devices:createSigned/post response: mediaType: application/json openAPIDocKey: '200' - customers_nodes_deployments_list: + customers_devices_create_signed: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1deployments/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.deployments - customers_deployments_create: - operation: - $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1deployments/post' + #/paths/~1v1alpha1~1customers~1{customersId}~1devices:createSigned/post response: mediaType: application/json openAPIDocKey: '200' - customers_deployments_list: + customers_devices_update_signed: operation: - $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1deployments/get' + $ref: >- + #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}:updateSigned/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.deployments - customers_deployments_delete: + customers_deployments_devices_create_signed: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}/delete + #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}~1devices:createSigned/post response: mediaType: application/json openAPIDocKey: '200' - customers_deployments_get: + deployments_devices_update_signed: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}/get + #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}:updateSigned/patch response: mediaType: application/json openAPIDocKey: '200' - customers_deployments_patch: + nodes_devices_create_signed: operation: - $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}/patch + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices:createSigned/post' response: mediaType: application/json openAPIDocKey: '200' - customers_deployments_move: + nodes_devices_update_signed: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}:move/post + #/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}:updateSigned/patch response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_deployments_create: + nodes_nodes_devices_create_signed: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1deployments/post + #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1devices:createSigned/post response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_deployments_list: + nodes_deployments_devices_create_signed: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1deployments/get + #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}~1devices:createSigned/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.deployments - nodes_deployments_delete: + sqlVerbs: + select: [] + insert: + - $ref: >- + #/components/x-stackQL-resources/devices_signed/methods/customers_nodes_devices_create_signed + - $ref: >- + #/components/x-stackQL-resources/devices_signed/methods/customers_deployments_devices_create_signed + - $ref: >- + #/components/x-stackQL-resources/devices_signed/methods/nodes_nodes_devices_create_signed + - $ref: >- + #/components/x-stackQL-resources/devices_signed/methods/nodes_deployments_devices_create_signed + - $ref: >- + #/components/x-stackQL-resources/devices_signed/methods/customers_devices_create_signed + - $ref: >- + #/components/x-stackQL-resources/devices_signed/methods/nodes_devices_create_signed + update: + - $ref: >- + #/components/x-stackQL-resources/devices_signed/methods/customers_devices_update_signed + - $ref: >- + #/components/x-stackQL-resources/devices_signed/methods/deployments_devices_update_signed + - $ref: >- + #/components/x-stackQL-resources/devices_signed/methods/nodes_devices_update_signed + replace: [] + delete: [] + customers: + id: google.prod_tt_sasportal.customers + name: customers + title: Customers + methods: + customers_setup_sas_analytics: operation: - $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}/delete + $ref: '#/paths/~1v1alpha1~1customers:setupSasAnalytics/post' response: mediaType: application/json openAPIDocKey: '200' - nodes_deployments_get: + customers_list: operation: - $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}/get + $ref: '#/paths/~1v1alpha1~1customers/get' response: mediaType: application/json openAPIDocKey: '200' - nodes_deployments_patch: + objectKey: $.customers + customers_provision_deployment: operation: - $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}/patch + $ref: '#/paths/~1v1alpha1~1customers:provisionDeployment/post' response: mediaType: application/json openAPIDocKey: '200' - nodes_deployments_list: + customers_migrate_organization: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments/get' + $ref: '#/paths/~1v1alpha1~1customers:migrateOrganization/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.deployments - nodes_deployments_move: + customers_get: operation: - $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}:move/post + $ref: '#/paths/~1v1alpha1~1customers~1{customersId}/get' response: mediaType: application/json openAPIDocKey: '200' - deployments_get: + customers_patch: operation: - $ref: '#/paths/~1v1alpha1~1deployments~1{deploymentsId}/get' + $ref: '#/paths/~1v1alpha1~1customers~1{customersId}/patch' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/customers_nodes_deployments_list - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/customers_deployments_get - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/nodes_nodes_deployments_list - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/nodes_deployments_get - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/customers_deployments_list - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/nodes_deployments_list - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/deployments_get - insert: - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/customers_nodes_deployments_create - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/nodes_nodes_deployments_create - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/customers_deployments_create + - $ref: '#/components/x-stackQL-resources/customers/methods/customers_get' + - $ref: '#/components/x-stackQL-resources/customers/methods/customers_list' + insert: [] update: - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/customers_deployments_patch - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/nodes_deployments_patch + - $ref: '#/components/x-stackQL-resources/customers/methods/customers_patch' replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/customers_deployments_delete - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/nodes_deployments_delete - node: - id: google.prod_tt_sasportal.node - name: node - title: Node + delete: [] + customers_legacy_organizations: + id: google.prod_tt_sasportal.customers_legacy_organizations + name: customers_legacy_organizations + title: Customers_legacy_organizations methods: - nodes_get: + customers_list_legacy_organizations: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}/get' + $ref: '#/paths/~1v1alpha1~1customers:listLegacyOrganizations/get' response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_get: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/customers_legacy_organizations/methods/customers_list_legacy_organizations + insert: [] + update: [] + replace: [] + delete: [] + customers_gcp_project_deployments: + id: google.prod_tt_sasportal.customers_gcp_project_deployments + name: customers_gcp_project_deployments + title: Customers_gcp_project_deployments + methods: + customers_list_gcp_project_deployments: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}/get' + $ref: '#/paths/~1v1alpha1~1customers:listGcpProjectDeployments/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/node/methods/nodes_nodes_get' - - $ref: '#/components/x-stackQL-resources/node/methods/nodes_get' + - $ref: >- + #/components/x-stackQL-resources/customers_gcp_project_deployments/methods/customers_list_gcp_project_deployments insert: [] update: [] replace: [] @@ -1949,148 +1954,53 @@ components: update: [] replace: [] delete: [] - policies: - id: google.prod_tt_sasportal.policies - name: policies - title: Policies + node: + id: google.prod_tt_sasportal.node + name: node + title: Node methods: - policies_set: - operation: - $ref: '#/paths/~1v1alpha1~1policies:set/post' - response: - mediaType: application/json - openAPIDocKey: '200' - policies_get: + nodes_nodes_get: operation: - $ref: '#/paths/~1v1alpha1~1policies:get/post' + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}/get' response: mediaType: application/json openAPIDocKey: '200' - policies_test: + nodes_get: operation: - $ref: '#/paths/~1v1alpha1~1policies:test/post' + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/policies/methods/policies_get' + - $ref: '#/components/x-stackQL-resources/node/methods/nodes_nodes_get' + - $ref: '#/components/x-stackQL-resources/node/methods/nodes_get' insert: [] update: [] replace: [] delete: [] paths: - /v1alpha1/customers/{customersId}: + /v1alpha1/policies:test: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/_.xgafv' - get: - description: Returns a requested customer. - operationId: prod_tt_sasportal.customers.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/sasportal - Oauth2c: - - https://www.googleapis.com/auth/sasportal - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalCustomer' - parameters: - - in: path - name: customersId - required: true - schema: - type: string - patch: - description: Updates an existing customer. - operationId: prod_tt_sasportal.customers.patch + - $ref: '#/components/parameters/key' + post: + description: Returns permissions that a caller has on the specified resource. + operationId: prod_tt_sasportal.policies.test requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalCustomer' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/sasportal - Oauth2c: - - https://www.googleapis.com/auth/sasportal - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalCustomer' - parameters: - - in: path - name: customersId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1alpha1/customers: - parameters: *ref_1 - get: - description: Returns a list of requested customers. - operationId: prod_tt_sasportal.customers.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/sasportal - Oauth2c: - - https://www.googleapis.com/auth/sasportal - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalListCustomersResponse' - parameters: - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1alpha1/customers:listGcpProjectDeployments: - parameters: *ref_1 - get: - description: >- - Returns a list of SAS deployments associated with current GCP project. - Includes whether SAS analytics has been enabled or not. - operationId: prod_tt_sasportal.customers.listGcpProjectDeployments + $ref: '#/components/schemas/SasPortalTestPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2106,21 +2016,20 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/SasPortalListGcpProjectDeploymentsResponse + $ref: '#/components/schemas/SasPortalTestPermissionsResponse' parameters: [] - /v1alpha1/customers:provisionDeployment: + /v1alpha1/policies:set: parameters: *ref_1 post: description: >- - Creates a new SAS deployment through the GCP workflow. Creates a SAS - organization if an organization match is not found. - operationId: prod_tt_sasportal.customers.provisionDeployment + Sets the access control policy on the specified resource. Replaces any + existing policy. + operationId: prod_tt_sasportal.policies.set requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalProvisionDeploymentRequest' + $ref: '#/components/schemas/SasPortalSetPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2136,13 +2045,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalProvisionDeploymentResponse' + $ref: '#/components/schemas/SasPortalPolicy' parameters: [] - /v1alpha1/customers:listLegacyOrganizations: + /v1alpha1/policies:get: parameters: *ref_1 - get: - description: Returns a list of legacy organizations. - operationId: prod_tt_sasportal.customers.listLegacyOrganizations + post: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: prod_tt_sasportal.policies.get + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalGetPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2158,22 +2074,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListLegacyOrganizationsResponse' + $ref: '#/components/schemas/SasPortalPolicy' parameters: [] - /v1alpha1/customers:migrateOrganization: + /v1alpha1/customers/{customersId}/nodes/{nodesId}: parameters: *ref_1 - post: - description: >- - Migrates a SAS organization to the cloud. This will create GCP projects - for each deployment and associate them. The SAS Organization is linked - to the gcp project that called the command. - go/sas-legacy-customer-migration - operationId: prod_tt_sasportal.customers.migrateOrganization + patch: + description: Updates an existing node. + operationId: prod_tt_sasportal.customers.nodes.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalMigrateOrganizationRequest' + $ref: '#/components/schemas/SasPortalNode' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2189,21 +2101,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalOperation' - parameters: [] - /v1alpha1/customers:setupSasAnalytics: - parameters: *ref_1 - post: - description: >- - Setups the a GCP Project to receive SAS Analytics messages via GCP - Pub/Sub with a subscription to BigQuery. All the Pub/Sub topics and - BigQuery tables are created automatically as part of this service. - operationId: prod_tt_sasportal.customers.setupSasAnalytics - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalSetupSasAnalyticsRequest' + $ref: '#/components/schemas/SasPortalNode' + parameters: + - in: path + name: customersId + required: true + schema: + type: string + - in: path + name: nodesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a node. + operationId: prod_tt_sasportal.customers.nodes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2219,18 +2136,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalOperation' - parameters: [] - /v1alpha1/customers/{customersId}/devices: - parameters: *ref_1 - post: - description: Creates a device under a node or customer. - operationId: prod_tt_sasportal.customers.devices.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalEmpty' + parameters: + - in: path + name: customersId + required: true + schema: + type: string + - in: path + name: nodesId + required: true + schema: + type: string + get: + description: Returns a requested node. + operationId: prod_tt_sasportal.customers.nodes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2246,16 +2166,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalNode' parameters: - in: path name: customersId required: true schema: type: string + - in: path + name: nodesId + required: true + schema: + type: string + /v1alpha1/customers/{customersId}/nodes: + parameters: *ref_1 get: - description: Lists devices under a node or customer. - operationId: prod_tt_sasportal.customers.devices.list + description: Lists nodes. + operationId: prod_tt_sasportal.customers.nodes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2271,36 +2198,66 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListDevicesResponse' + $ref: '#/components/schemas/SasPortalListNodesResponse' parameters: - in: path name: customersId required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - - in: query - name: filter + post: + description: Creates a new node. + operationId: prod_tt_sasportal.customers.nodes.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalNode' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sasportal + Oauth2c: + - https://www.googleapis.com/auth/sasportal + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalNode' + parameters: + - in: path + name: customersId + required: true schema: type: string - /v1alpha1/customers/{customersId}/devices:createSigned: + /v1alpha1/customers/{customersId}/nodes/{nodesId}:move: parameters: *ref_1 post: - description: Creates a signed device under a node or customer. - operationId: prod_tt_sasportal.customers.devices.createSigned + description: Moves a node under another node or customer. + operationId: prod_tt_sasportal.customers.nodes.move requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' + $ref: '#/components/schemas/SasPortalMoveNodeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2316,18 +2273,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalOperation' parameters: - in: path name: customersId required: true schema: type: string - /v1alpha1/customers/{customersId}/devices/{devicesId}: + - in: path + name: nodesId + required: true + schema: + type: string + /v1alpha1/customers/{customersId}/nodes/{nodesId}/deployments: parameters: *ref_1 - delete: - description: Deletes a device. - operationId: prod_tt_sasportal.customers.devices.delete + post: + description: Creates a new deployment. + operationId: prod_tt_sasportal.customers.nodes.deployments.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalDeployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2343,7 +2310,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalEmpty' + $ref: '#/components/schemas/SasPortalDeployment' parameters: - in: path name: customersId @@ -2351,13 +2318,13 @@ paths: schema: type: string - in: path - name: devicesId + name: nodesId required: true schema: type: string get: - description: Gets details about a device. - operationId: prod_tt_sasportal.customers.devices.get + description: Lists deployments. + operationId: prod_tt_sasportal.customers.nodes.deployments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2373,7 +2340,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalListDeploymentsResponse' parameters: - in: path name: customersId @@ -2381,18 +2348,28 @@ paths: schema: type: string - in: path - name: devicesId + name: nodesId required: true schema: type: string - patch: - description: Updates a device. - operationId: prod_tt_sasportal.customers.devices.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalDevice' + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1alpha1/customers/{customersId}/nodes/{nodesId}/devices: + parameters: *ref_1 + get: + description: Lists devices under a node or customer. + operationId: prod_tt_sasportal.customers.nodes.devices.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2408,7 +2385,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalListDevicesResponse' parameters: - in: path name: customersId @@ -2416,25 +2393,31 @@ paths: schema: type: string - in: path - name: devicesId + name: nodesId required: true schema: type: string - in: query - name: updateMask + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken schema: type: string - format: google-fieldmask - /v1alpha1/customers/{customersId}/devices/{devicesId}:move: - parameters: *ref_1 post: - description: Moves a device under another node or customer. - operationId: prod_tt_sasportal.customers.devices.move + description: Creates a device under a node or customer. + operationId: prod_tt_sasportal.customers.nodes.devices.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalMoveDeviceRequest' + $ref: '#/components/schemas/SasPortalDevice' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2450,7 +2433,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalOperation' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path name: customersId @@ -2458,20 +2441,20 @@ paths: schema: type: string - in: path - name: devicesId + name: nodesId required: true schema: type: string - /v1alpha1/customers/{customersId}/devices/{devicesId}:updateSigned: + /v1alpha1/customers/{customersId}/nodes/{nodesId}/devices:createSigned: parameters: *ref_1 - patch: - description: Updates a signed device. - operationId: prod_tt_sasportal.customers.devices.updateSigned + post: + description: Creates a signed device under a node or customer. + operationId: prod_tt_sasportal.customers.nodes.devices.createSigned requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalUpdateSignedDeviceRequest' + $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2495,20 +2478,15 @@ paths: schema: type: string - in: path - name: devicesId + name: nodesId required: true schema: type: string - /v1alpha1/customers/{customersId}/devices/{devicesId}:signDevice: + /v1alpha1/customers/{customersId}/nodes/{nodesId}/nodes: parameters: *ref_1 - post: - description: Signs a device. - operationId: prod_tt_sasportal.customers.devices.signDevice - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalSignDeviceRequest' + get: + description: Lists nodes. + operationId: prod_tt_sasportal.customers.nodes.nodes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2524,7 +2502,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalEmpty' + $ref: '#/components/schemas/SasPortalListNodesResponse' parameters: - in: path name: customersId @@ -2532,15 +2510,26 @@ paths: schema: type: string - in: path - name: devicesId + name: nodesId required: true schema: type: string - /v1alpha1/customers/{customersId}/nodes: - parameters: *ref_1 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 post: description: Creates a new node. - operationId: prod_tt_sasportal.customers.nodes.create + operationId: prod_tt_sasportal.customers.nodes.nodes.create requestBody: content: application/json: @@ -2568,9 +2557,21 @@ paths: required: true schema: type: string - get: - description: Lists nodes. - operationId: prod_tt_sasportal.customers.nodes.list + - in: path + name: nodesId + required: true + schema: + type: string + /v1alpha1/customers/{customersId}/devices/{devicesId}: + parameters: *ref_1 + patch: + description: Updates a device. + operationId: prod_tt_sasportal.customers.devices.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalDevice' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2586,31 +2587,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListNodesResponse' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path name: customersId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: devicesId + required: true schema: type: string - in: query - name: filter + name: updateMask schema: type: string - /v1alpha1/customers/{customersId}/nodes/{nodesId}: - parameters: *ref_1 + format: google-fieldmask delete: - description: Deletes a node. - operationId: prod_tt_sasportal.customers.nodes.delete + description: Deletes a device. + operationId: prod_tt_sasportal.customers.devices.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2634,13 +2630,13 @@ paths: schema: type: string - in: path - name: nodesId + name: devicesId required: true schema: type: string get: - description: Returns a requested node. - operationId: prod_tt_sasportal.customers.nodes.get + description: Gets details about a device. + operationId: prod_tt_sasportal.customers.devices.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2656,7 +2652,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path name: customersId @@ -2664,18 +2660,15 @@ paths: schema: type: string - in: path - name: nodesId + name: devicesId required: true schema: type: string - patch: - description: Updates an existing node. - operationId: prod_tt_sasportal.customers.nodes.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalNode' + /v1alpha1/customers/{customersId}/devices: + parameters: *ref_1 + get: + description: Lists devices under a node or customer. + operationId: prod_tt_sasportal.customers.devices.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2691,33 +2684,34 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalListDevicesResponse' parameters: - in: path name: customersId required: true schema: type: string - - in: path - name: nodesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - in: query - name: updateMask + name: filter schema: type: string - format: google-fieldmask - /v1alpha1/customers/{customersId}/nodes/{nodesId}:move: - parameters: *ref_1 post: - description: Moves a node under another node or customer. - operationId: prod_tt_sasportal.customers.nodes.move + description: Creates a device under a node or customer. + operationId: prod_tt_sasportal.customers.devices.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalMoveNodeRequest' + $ref: '#/components/schemas/SasPortalDevice' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2733,28 +2727,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalOperation' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path name: customersId required: true schema: type: string - - in: path - name: nodesId - required: true - schema: - type: string - /v1alpha1/customers/{customersId}/nodes/{nodesId}/devices: + /v1alpha1/customers/{customersId}/devices/{devicesId}:move: parameters: *ref_1 post: - description: Creates a device under a node or customer. - operationId: prod_tt_sasportal.customers.nodes.devices.create + description: Moves a device under another node or customer. + operationId: prod_tt_sasportal.customers.devices.move requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalMoveDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2770,7 +2759,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalOperation' parameters: - in: path name: customersId @@ -2778,13 +2767,20 @@ paths: schema: type: string - in: path - name: nodesId + name: devicesId required: true schema: type: string - get: - description: Lists devices under a node or customer. - operationId: prod_tt_sasportal.customers.nodes.devices.list + /v1alpha1/customers/{customersId}/devices:createSigned: + parameters: *ref_1 + post: + description: Creates a signed device under a node or customer. + operationId: prod_tt_sasportal.customers.devices.createSigned + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2800,41 +2796,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListDevicesResponse' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path name: customersId required: true schema: type: string - - in: path - name: nodesId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - /v1alpha1/customers/{customersId}/nodes/{nodesId}/devices:createSigned: + /v1alpha1/customers/{customersId}/devices/{devicesId}:updateSigned: parameters: *ref_1 - post: - description: Creates a signed device under a node or customer. - operationId: prod_tt_sasportal.customers.nodes.devices.createSigned + patch: + description: Updates a signed device. + operationId: prod_tt_sasportal.customers.devices.updateSigned requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' + $ref: '#/components/schemas/SasPortalUpdateSignedDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2858,20 +2836,20 @@ paths: schema: type: string - in: path - name: nodesId + name: devicesId required: true schema: type: string - /v1alpha1/customers/{customersId}/nodes/{nodesId}/nodes: + /v1alpha1/customers/{customersId}/devices/{devicesId}:signDevice: parameters: *ref_1 post: - description: Creates a new node. - operationId: prod_tt_sasportal.customers.nodes.nodes.create + description: Signs a device. + operationId: prod_tt_sasportal.customers.devices.signDevice requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalSignDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2887,7 +2865,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalEmpty' parameters: - in: path name: customersId @@ -2895,13 +2873,15 @@ paths: schema: type: string - in: path - name: nodesId + name: devicesId required: true schema: type: string + /v1alpha1/customers/{customersId}/deployments/{deploymentsId}/devices: + parameters: *ref_1 get: - description: Lists nodes. - operationId: prod_tt_sasportal.customers.nodes.nodes.list + description: Lists devices under a node or customer. + operationId: prod_tt_sasportal.customers.deployments.devices.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2917,7 +2897,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListNodesResponse' + $ref: '#/components/schemas/SasPortalListDevicesResponse' parameters: - in: path name: customersId @@ -2925,7 +2905,7 @@ paths: schema: type: string - in: path - name: nodesId + name: deploymentsId required: true schema: type: string @@ -2942,16 +2922,14 @@ paths: name: filter schema: type: string - /v1alpha1/customers/{customersId}/nodes/{nodesId}/deployments: - parameters: *ref_1 post: - description: Creates a new deployment. - operationId: prod_tt_sasportal.customers.nodes.deployments.create + description: Creates a device under a node or customer. + operationId: prod_tt_sasportal.customers.deployments.devices.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDeployment' + $ref: '#/components/schemas/SasPortalDevice' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2967,7 +2945,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDeployment' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path name: customersId @@ -2975,13 +2953,20 @@ paths: schema: type: string - in: path - name: nodesId + name: deploymentsId required: true schema: type: string - get: - description: Lists deployments. - operationId: prod_tt_sasportal.customers.nodes.deployments.list + /v1alpha1/customers/{customersId}/deployments/{deploymentsId}/devices:createSigned: + parameters: *ref_1 + post: + description: Creates a signed device under a node or customer. + operationId: prod_tt_sasportal.customers.deployments.devices.createSigned + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2997,29 +2982,16 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListDeploymentsResponse' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path name: customersId required: true schema: - type: string - - in: path - name: nodesId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + type: string + - in: path + name: deploymentsId + required: true schema: type: string /v1alpha1/customers/{customersId}/deployments: @@ -3085,18 +3057,18 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query - name: filter + name: pageToken schema: type: string /v1alpha1/customers/{customersId}/deployments/{deploymentsId}: parameters: *ref_1 - delete: - description: Deletes a deployment. - operationId: prod_tt_sasportal.customers.deployments.delete + get: + description: Returns a requested deployment. + operationId: prod_tt_sasportal.customers.deployments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3112,7 +3084,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalEmpty' + $ref: '#/components/schemas/SasPortalDeployment' parameters: - in: path name: customersId @@ -3124,9 +3096,9 @@ paths: required: true schema: type: string - get: - description: Returns a requested deployment. - operationId: prod_tt_sasportal.customers.deployments.get + delete: + description: Deletes a deployment. + operationId: prod_tt_sasportal.customers.deployments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3142,7 +3114,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDeployment' + $ref: '#/components/schemas/SasPortalEmpty' parameters: - in: path name: customersId @@ -3231,16 +3203,19 @@ paths: required: true schema: type: string - /v1alpha1/customers/{customersId}/deployments/{deploymentsId}/devices: + /v1alpha1/customers:setupSasAnalytics: parameters: *ref_1 post: - description: Creates a device under a node or customer. - operationId: prod_tt_sasportal.customers.deployments.devices.create + description: >- + Setups the a GCP Project to receive SAS Analytics messages via GCP + Pub/Sub with a subscription to BigQuery. All the Pub/Sub topics and + BigQuery tables are created automatically as part of this service. + operationId: prod_tt_sasportal.customers.setupSasAnalytics requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalSetupSasAnalyticsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3256,21 +3231,13 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' - parameters: - - in: path - name: customersId - required: true - schema: - type: string - - in: path - name: deploymentsId - required: true - schema: - type: string + $ref: '#/components/schemas/SasPortalOperation' + parameters: [] + /v1alpha1/customers:listLegacyOrganizations: + parameters: *ref_1 get: - description: Lists devices under a node or customer. - operationId: prod_tt_sasportal.customers.deployments.devices.list + description: Returns a list of legacy organizations. + operationId: prod_tt_sasportal.customers.listLegacyOrganizations security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3286,18 +3253,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListDevicesResponse' + $ref: '#/components/schemas/SasPortalListLegacyOrganizationsResponse' + parameters: [] + /v1alpha1/customers: + parameters: *ref_1 + get: + description: Returns a list of requested customers. + operationId: prod_tt_sasportal.customers.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sasportal + Oauth2c: + - https://www.googleapis.com/auth/sasportal + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalListCustomersResponse' parameters: - - in: path - name: customersId - required: true - schema: - type: string - - in: path - name: deploymentsId - required: true - schema: - type: string - in: query name: pageSize schema: @@ -3307,20 +3286,18 @@ paths: name: pageToken schema: type: string - - in: query - name: filter - schema: - type: string - /v1alpha1/customers/{customersId}/deployments/{deploymentsId}/devices:createSigned: + /v1alpha1/customers:provisionDeployment: parameters: *ref_1 post: - description: Creates a signed device under a node or customer. - operationId: prod_tt_sasportal.customers.deployments.devices.createSigned + description: >- + Creates a new SAS deployment through the GCP workflow. Creates a SAS + organization if an organization match is not found. + operationId: prod_tt_sasportal.customers.provisionDeployment requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' + $ref: '#/components/schemas/SasPortalProvisionDeploymentRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3336,23 +3313,15 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' - parameters: - - in: path - name: customersId - required: true - schema: - type: string - - in: path - name: deploymentsId - required: true - schema: - type: string - /v1alpha1/nodes/{nodesId}: + $ref: '#/components/schemas/SasPortalProvisionDeploymentResponse' + parameters: [] + /v1alpha1/customers:listGcpProjectDeployments: parameters: *ref_1 get: - description: Returns a requested node. - operationId: prod_tt_sasportal.nodes.get + description: >- + Returns a list of SAS deployments associated with current GCP project. + Includes whether SAS analytics has been enabled or not. + operationId: prod_tt_sasportal.customers.listGcpProjectDeployments security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3368,23 +3337,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' - parameters: - - in: path - name: nodesId - required: true - schema: - type: string - /v1alpha1/nodes/{nodesId}/devices: + $ref: >- + #/components/schemas/SasPortalListGcpProjectDeploymentsResponse + parameters: [] + /v1alpha1/customers:migrateOrganization: parameters: *ref_1 post: - description: Creates a device under a node or customer. - operationId: prod_tt_sasportal.nodes.devices.create + description: >- + Migrates a SAS organization to the cloud. This will create GCP projects + for each deployment and associate them. The SAS Organization is linked + to the gcp project that called the command. + go/sas-legacy-customer-migration + operationId: prod_tt_sasportal.customers.migrateOrganization requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalMigrateOrganizationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3400,16 +3369,43 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalOperation' + parameters: [] + /v1alpha1/customers/{customersId}: + parameters: *ref_1 + get: + description: Returns a requested customer. + operationId: prod_tt_sasportal.customers.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sasportal + Oauth2c: + - https://www.googleapis.com/auth/sasportal + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalCustomer' parameters: - in: path - name: nodesId + name: customersId required: true schema: type: string - get: - description: Lists devices under a node or customer. - operationId: prod_tt_sasportal.nodes.devices.list + patch: + description: Updates an existing customer. + operationId: prod_tt_sasportal.customers.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalCustomer' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3425,36 +3421,77 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListDevicesResponse' + $ref: '#/components/schemas/SasPortalCustomer' parameters: - in: path - name: nodesId + name: customersId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: updateMask schema: type: string - /v1alpha1/nodes/{nodesId}/devices:createSigned: + format: google-fieldmask + /v1alpha1/installer:generateSecret: + parameters: *ref_1 + post: + description: Generates a secret to be used with the ValidateInstaller. + operationId: prod_tt_sasportal.installer.generateSecret + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalGenerateSecretRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sasportal + Oauth2c: + - https://www.googleapis.com/auth/sasportal + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalGenerateSecretResponse' + parameters: [] + /v1alpha1/installer:validate: + parameters: *ref_1 + post: + description: Validates the identity of a Certified Professional Installer (CPI). + operationId: prod_tt_sasportal.installer.validate + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalValidateInstallerRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sasportal + Oauth2c: + - https://www.googleapis.com/auth/sasportal + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalValidateInstallerResponse' + parameters: [] + /v1alpha1/deployments/{deploymentsId}: parameters: *ref_1 - post: - description: Creates a signed device under a node or customer. - operationId: prod_tt_sasportal.nodes.devices.createSigned - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' + get: + description: Returns a requested deployment. + operationId: prod_tt_sasportal.deployments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3470,18 +3507,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalDeployment' parameters: - in: path - name: nodesId + name: deploymentsId required: true schema: type: string - /v1alpha1/nodes/{nodesId}/devices/{devicesId}: + /v1alpha1/deployments/{deploymentsId}/devices/{devicesId}:move: parameters: *ref_1 - delete: - description: Deletes a device. - operationId: prod_tt_sasportal.nodes.devices.delete + post: + description: Moves a device under another node or customer. + operationId: prod_tt_sasportal.deployments.devices.move + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalMoveDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3497,10 +3539,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalEmpty' + $ref: '#/components/schemas/SasPortalOperation' parameters: - in: path - name: nodesId + name: deploymentsId required: true schema: type: string @@ -3509,9 +3551,16 @@ paths: required: true schema: type: string - get: - description: Gets details about a device. - operationId: prod_tt_sasportal.nodes.devices.get + /v1alpha1/deployments/{deploymentsId}/devices/{devicesId}:signDevice: + parameters: *ref_1 + post: + description: Signs a device. + operationId: prod_tt_sasportal.deployments.devices.signDevice + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalSignDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3527,10 +3576,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalEmpty' parameters: - in: path - name: nodesId + name: deploymentsId required: true schema: type: string @@ -3539,14 +3588,16 @@ paths: required: true schema: type: string + /v1alpha1/deployments/{deploymentsId}/devices/{devicesId}:updateSigned: + parameters: *ref_1 patch: - description: Updates a device. - operationId: prod_tt_sasportal.nodes.devices.patch + description: Updates a signed device. + operationId: prod_tt_sasportal.deployments.devices.updateSigned requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalUpdateSignedDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3565,7 +3616,7 @@ paths: $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path - name: nodesId + name: deploymentsId required: true schema: type: string @@ -3574,21 +3625,11 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1alpha1/nodes/{nodesId}/devices/{devicesId}:move: + /v1alpha1/deployments/{deploymentsId}/devices/{devicesId}: parameters: *ref_1 - post: - description: Moves a device under another node or customer. - operationId: prod_tt_sasportal.nodes.devices.move - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalMoveDeviceRequest' + delete: + description: Deletes a device. + operationId: prod_tt_sasportal.deployments.devices.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3604,10 +3645,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalOperation' + $ref: '#/components/schemas/SasPortalEmpty' parameters: - in: path - name: nodesId + name: deploymentsId required: true schema: type: string @@ -3616,16 +3657,9 @@ paths: required: true schema: type: string - /v1alpha1/nodes/{nodesId}/devices/{devicesId}:updateSigned: - parameters: *ref_1 - patch: - description: Updates a signed device. - operationId: prod_tt_sasportal.nodes.devices.updateSigned - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalUpdateSignedDeviceRequest' + get: + description: Gets details about a device. + operationId: prod_tt_sasportal.deployments.devices.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3644,7 +3678,7 @@ paths: $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path - name: nodesId + name: deploymentsId required: true schema: type: string @@ -3653,16 +3687,14 @@ paths: required: true schema: type: string - /v1alpha1/nodes/{nodesId}/devices/{devicesId}:signDevice: - parameters: *ref_1 - post: - description: Signs a device. - operationId: prod_tt_sasportal.nodes.devices.signDevice + patch: + description: Updates a device. + operationId: prod_tt_sasportal.deployments.devices.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalSignDeviceRequest' + $ref: '#/components/schemas/SasPortalDevice' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3678,10 +3710,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalEmpty' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path - name: nodesId + name: deploymentsId required: true schema: type: string @@ -3690,16 +3722,21 @@ paths: required: true schema: type: string - /v1alpha1/nodes/{nodesId}/nodes: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1alpha1/nodes/{nodesId}/devices/{devicesId}:signDevice: parameters: *ref_1 post: - description: Creates a new node. - operationId: prod_tt_sasportal.nodes.nodes.create + description: Signs a device. + operationId: prod_tt_sasportal.nodes.devices.signDevice requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalSignDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3715,16 +3752,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalEmpty' parameters: - in: path name: nodesId required: true schema: type: string - get: - description: Lists nodes. - operationId: prod_tt_sasportal.nodes.nodes.list + - in: path + name: devicesId + required: true + schema: + type: string + /v1alpha1/nodes/{nodesId}/devices:createSigned: + parameters: *ref_1 + post: + description: Creates a signed device under a node or customer. + operationId: prod_tt_sasportal.nodes.devices.createSigned + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3740,31 +3789,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListNodesResponse' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path name: nodesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}: + /v1alpha1/nodes/{nodesId}/devices/{devicesId}: parameters: *ref_1 delete: - description: Deletes a node. - operationId: prod_tt_sasportal.nodes.nodes.delete + description: Deletes a device. + operationId: prod_tt_sasportal.nodes.devices.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3788,13 +3824,13 @@ paths: schema: type: string - in: path - name: nodesId1 + name: devicesId required: true schema: type: string get: - description: Returns a requested node. - operationId: prod_tt_sasportal.nodes.nodes.get + description: Gets details about a device. + operationId: prod_tt_sasportal.nodes.devices.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3810,7 +3846,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path name: nodesId @@ -3818,18 +3854,18 @@ paths: schema: type: string - in: path - name: nodesId1 + name: devicesId required: true schema: type: string patch: - description: Updates an existing node. - operationId: prod_tt_sasportal.nodes.nodes.patch + description: Updates a device. + operationId: prod_tt_sasportal.nodes.devices.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalDevice' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3845,7 +3881,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path name: nodesId @@ -3853,7 +3889,7 @@ paths: schema: type: string - in: path - name: nodesId1 + name: devicesId required: true schema: type: string @@ -3862,16 +3898,16 @@ paths: schema: type: string format: google-fieldmask - /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}:move: + /v1alpha1/nodes/{nodesId}/devices/{devicesId}:move: parameters: *ref_1 post: - description: Moves a node under another node or customer. - operationId: prod_tt_sasportal.nodes.nodes.move + description: Moves a device under another node or customer. + operationId: prod_tt_sasportal.nodes.devices.move requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalMoveNodeRequest' + $ref: '#/components/schemas/SasPortalMoveDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3895,20 +3931,20 @@ paths: schema: type: string - in: path - name: nodesId1 + name: devicesId required: true schema: type: string - /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}/devices: + /v1alpha1/nodes/{nodesId}/devices/{devicesId}:updateSigned: parameters: *ref_1 - post: - description: Creates a device under a node or customer. - operationId: prod_tt_sasportal.nodes.nodes.devices.create + patch: + description: Updates a signed device. + operationId: prod_tt_sasportal.nodes.devices.updateSigned requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalUpdateSignedDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3932,63 +3968,20 @@ paths: schema: type: string - in: path - name: nodesId1 - required: true - schema: - type: string - get: - description: Lists devices under a node or customer. - operationId: prod_tt_sasportal.nodes.nodes.devices.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/sasportal - Oauth2c: - - https://www.googleapis.com/auth/sasportal - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalListDevicesResponse' - parameters: - - in: path - name: nodesId - required: true - schema: - type: string - - in: path - name: nodesId1 + name: devicesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}/devices:createSigned: + /v1alpha1/nodes/{nodesId}/devices: parameters: *ref_1 post: - description: Creates a signed device under a node or customer. - operationId: prod_tt_sasportal.nodes.nodes.devices.createSigned + description: Creates a device under a node or customer. + operationId: prod_tt_sasportal.nodes.devices.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' + $ref: '#/components/schemas/SasPortalDevice' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4011,16 +4004,49 @@ paths: required: true schema: type: string + get: + description: Lists devices under a node or customer. + operationId: prod_tt_sasportal.nodes.devices.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sasportal + Oauth2c: + - https://www.googleapis.com/auth/sasportal + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalListDevicesResponse' + parameters: - in: path - name: nodesId1 + name: nodesId required: true schema: type: string - /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}/nodes: + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1alpha1/nodes/{nodesId}/nodes: parameters: *ref_1 post: description: Creates a new node. - operationId: prod_tt_sasportal.nodes.nodes.nodes.create + operationId: prod_tt_sasportal.nodes.nodes.create requestBody: content: application/json: @@ -4048,14 +4074,9 @@ paths: required: true schema: type: string - - in: path - name: nodesId1 - required: true - schema: - type: string get: description: Lists nodes. - operationId: prod_tt_sasportal.nodes.nodes.nodes.list + operationId: prod_tt_sasportal.nodes.nodes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4078,9 +4099,8 @@ paths: required: true schema: type: string - - in: path - name: nodesId1 - required: true + - in: query + name: filter schema: type: string - in: query @@ -4092,20 +4112,16 @@ paths: name: pageToken schema: type: string - - in: query - name: filter - schema: - type: string - /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}/deployments: + /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}:move: parameters: *ref_1 post: - description: Creates a new deployment. - operationId: prod_tt_sasportal.nodes.nodes.deployments.create + description: Moves a node under another node or customer. + operationId: prod_tt_sasportal.nodes.nodes.move requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDeployment' + $ref: '#/components/schemas/SasPortalMoveNodeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4121,7 +4137,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDeployment' + $ref: '#/components/schemas/SasPortalOperation' parameters: - in: path name: nodesId @@ -4133,9 +4149,11 @@ paths: required: true schema: type: string + /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}: + parameters: *ref_1 get: - description: Lists deployments. - operationId: prod_tt_sasportal.nodes.nodes.deployments.list + description: Returns a requested node. + operationId: prod_tt_sasportal.nodes.nodes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4151,7 +4169,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListDeploymentsResponse' + $ref: '#/components/schemas/SasPortalNode' parameters: - in: path name: nodesId @@ -4163,24 +4181,9 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - /v1alpha1/nodes/{nodesId}/deployments/{deploymentsId}: - parameters: *ref_1 delete: - description: Deletes a deployment. - operationId: prod_tt_sasportal.nodes.deployments.delete + description: Deletes a node. + operationId: prod_tt_sasportal.nodes.nodes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4204,13 +4207,18 @@ paths: schema: type: string - in: path - name: deploymentsId + name: nodesId1 required: true schema: type: string - get: - description: Returns a requested deployment. - operationId: prod_tt_sasportal.nodes.deployments.get + patch: + description: Updates an existing node. + operationId: prod_tt_sasportal.nodes.nodes.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalNode' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4226,7 +4234,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDeployment' + $ref: '#/components/schemas/SasPortalNode' parameters: - in: path name: nodesId @@ -4234,18 +4242,25 @@ paths: schema: type: string - in: path - name: deploymentsId + name: nodesId1 required: true schema: type: string - patch: - description: Updates an existing deployment. - operationId: prod_tt_sasportal.nodes.deployments.patch + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}/nodes: + parameters: *ref_1 + post: + description: Creates a new node. + operationId: prod_tt_sasportal.nodes.nodes.nodes.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDeployment' + $ref: '#/components/schemas/SasPortalNode' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4261,7 +4276,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDeployment' + $ref: '#/components/schemas/SasPortalNode' parameters: - in: path name: nodesId @@ -4269,20 +4284,13 @@ paths: schema: type: string - in: path - name: deploymentsId + name: nodesId1 required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1alpha1/nodes/{nodesId}/deployments: - parameters: *ref_1 get: - description: Lists deployments. - operationId: prod_tt_sasportal.nodes.deployments.list + description: Lists nodes. + operationId: prod_tt_sasportal.nodes.nodes.nodes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4298,18 +4306,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListDeploymentsResponse' + $ref: '#/components/schemas/SasPortalListNodesResponse' parameters: - in: path name: nodesId required: true schema: type: string - - in: query - name: pageSize + - in: path + name: nodesId1 + required: true schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: @@ -4318,16 +4326,21 @@ paths: name: filter schema: type: string - /v1alpha1/nodes/{nodesId}/deployments/{deploymentsId}:move: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}/devices:createSigned: parameters: *ref_1 post: - description: Moves a deployment under another node or customer. - operationId: prod_tt_sasportal.nodes.deployments.move + description: Creates a signed device under a node or customer. + operationId: prod_tt_sasportal.nodes.nodes.devices.createSigned requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalMoveDeploymentRequest' + $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4343,7 +4356,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalOperation' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path name: nodesId @@ -4351,15 +4364,15 @@ paths: schema: type: string - in: path - name: deploymentsId + name: nodesId1 required: true schema: type: string - /v1alpha1/nodes/{nodesId}/deployments/{deploymentsId}/devices: + /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}/devices: parameters: *ref_1 post: description: Creates a device under a node or customer. - operationId: prod_tt_sasportal.nodes.deployments.devices.create + operationId: prod_tt_sasportal.nodes.nodes.devices.create requestBody: content: application/json: @@ -4388,13 +4401,13 @@ paths: schema: type: string - in: path - name: deploymentsId + name: nodesId1 required: true schema: type: string get: description: Lists devices under a node or customer. - operationId: prod_tt_sasportal.nodes.deployments.devices.list + operationId: prod_tt_sasportal.nodes.nodes.devices.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4418,7 +4431,7 @@ paths: schema: type: string - in: path - name: deploymentsId + name: nodesId1 required: true schema: type: string @@ -4427,88 +4440,19 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - in: query name: filter schema: type: string - /v1alpha1/nodes/{nodesId}/deployments/{deploymentsId}/devices:createSigned: - parameters: *ref_1 - post: - description: Creates a signed device under a node or customer. - operationId: prod_tt_sasportal.nodes.deployments.devices.createSigned - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/sasportal - Oauth2c: - - https://www.googleapis.com/auth/sasportal - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalDevice' - parameters: - - in: path - name: nodesId - required: true - schema: - type: string - - in: path - name: deploymentsId - required: true + - in: query + name: pageToken schema: type: string - /v1alpha1/installer:generateSecret: - parameters: *ref_1 - post: - description: Generates a secret to be used with the ValidateInstaller. - operationId: prod_tt_sasportal.installer.generateSecret - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalGenerateSecretRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/sasportal - Oauth2c: - - https://www.googleapis.com/auth/sasportal - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalGenerateSecretResponse' - parameters: [] - /v1alpha1/installer:validate: - parameters: *ref_1 - post: - description: Validates the identity of a Certified Professional Installer (CPI). - operationId: prod_tt_sasportal.installer.validate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalValidateInstallerRequest' + /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}/deployments: + parameters: *ref_1 + get: + description: Lists deployments. + operationId: prod_tt_sasportal.nodes.nodes.deployments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4524,13 +4468,39 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalValidateInstallerResponse' - parameters: [] - /v1alpha1/deployments/{deploymentsId}: - parameters: *ref_1 - get: - description: Returns a requested deployment. - operationId: prod_tt_sasportal.deployments.get + $ref: '#/components/schemas/SasPortalListDeploymentsResponse' + parameters: + - in: path + name: nodesId + required: true + schema: + type: string + - in: path + name: nodesId1 + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a new deployment. + operationId: prod_tt_sasportal.nodes.nodes.deployments.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalDeployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4549,15 +4519,25 @@ paths: $ref: '#/components/schemas/SasPortalDeployment' parameters: - in: path - name: deploymentsId + name: nodesId required: true schema: type: string - /v1alpha1/deployments/{deploymentsId}/devices/{devicesId}: + - in: path + name: nodesId1 + required: true + schema: + type: string + /v1alpha1/nodes/{nodesId}/deployments/{deploymentsId}: parameters: *ref_1 - delete: - description: Deletes a device. - operationId: prod_tt_sasportal.deployments.devices.delete + patch: + description: Updates an existing deployment. + operationId: prod_tt_sasportal.nodes.deployments.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalDeployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4573,21 +4553,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalEmpty' + $ref: '#/components/schemas/SasPortalDeployment' parameters: - in: path - name: deploymentsId + name: nodesId required: true schema: type: string - in: path - name: devicesId + name: deploymentsId required: true schema: type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: Gets details about a device. - operationId: prod_tt_sasportal.deployments.devices.get + description: Returns a requested deployment. + operationId: prod_tt_sasportal.nodes.deployments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4603,26 +4588,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalDeployment' parameters: - in: path - name: deploymentsId + name: nodesId required: true schema: type: string - in: path - name: devicesId + name: deploymentsId required: true schema: type: string - patch: - description: Updates a device. - operationId: prod_tt_sasportal.deployments.devices.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalDevice' + delete: + description: Deletes a deployment. + operationId: prod_tt_sasportal.nodes.deployments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4638,33 +4618,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalEmpty' parameters: - in: path - name: deploymentsId + name: nodesId required: true schema: type: string - in: path - name: devicesId + name: deploymentsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1alpha1/deployments/{deploymentsId}/devices/{devicesId}:move: + /v1alpha1/nodes/{nodesId}/deployments: parameters: *ref_1 - post: - description: Moves a device under another node or customer. - operationId: prod_tt_sasportal.deployments.devices.move - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalMoveDeviceRequest' + get: + description: Lists deployments. + operationId: prod_tt_sasportal.nodes.deployments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4680,28 +4650,36 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalOperation' + $ref: '#/components/schemas/SasPortalListDeploymentsResponse' parameters: - in: path - name: deploymentsId + name: nodesId required: true schema: type: string - - in: path - name: devicesId - required: true + - in: query + name: filter schema: type: string - /v1alpha1/deployments/{deploymentsId}/devices/{devicesId}:updateSigned: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1alpha1/nodes/{nodesId}/deployments/{deploymentsId}:move: parameters: *ref_1 - patch: - description: Updates a signed device. - operationId: prod_tt_sasportal.deployments.devices.updateSigned + post: + description: Moves a deployment under another node or customer. + operationId: prod_tt_sasportal.nodes.deployments.move requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalUpdateSignedDeviceRequest' + $ref: '#/components/schemas/SasPortalMoveDeploymentRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4717,28 +4695,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalOperation' parameters: - in: path - name: deploymentsId + name: nodesId required: true schema: type: string - in: path - name: devicesId + name: deploymentsId required: true schema: type: string - /v1alpha1/deployments/{deploymentsId}/devices/{devicesId}:signDevice: + /v1alpha1/nodes/{nodesId}/deployments/{deploymentsId}/devices: parameters: *ref_1 post: - description: Signs a device. - operationId: prod_tt_sasportal.deployments.devices.signDevice + description: Creates a device under a node or customer. + operationId: prod_tt_sasportal.nodes.deployments.devices.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalSignDeviceRequest' + $ref: '#/components/schemas/SasPortalDevice' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4754,30 +4732,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalEmpty' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path - name: deploymentsId + name: nodesId required: true schema: type: string - in: path - name: devicesId + name: deploymentsId required: true schema: type: string - /v1alpha1/policies:set: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. - operationId: prod_tt_sasportal.policies.set - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalSetPolicyRequest' + get: + description: Lists devices under a node or customer. + operationId: prod_tt_sasportal.nodes.deployments.devices.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4793,20 +4762,41 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalPolicy' - parameters: [] - /v1alpha1/policies:get: + $ref: '#/components/schemas/SasPortalListDevicesResponse' + parameters: + - in: path + name: nodesId + required: true + schema: + type: string + - in: path + name: deploymentsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1alpha1/nodes/{nodesId}/deployments/{deploymentsId}/devices:createSigned: parameters: *ref_1 post: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: prod_tt_sasportal.policies.get + description: Creates a signed device under a node or customer. + operationId: prod_tt_sasportal.nodes.deployments.devices.createSigned requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalGetPolicyRequest' + $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4822,18 +4812,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalPolicy' - parameters: [] - /v1alpha1/policies:test: + $ref: '#/components/schemas/SasPortalDevice' + parameters: + - in: path + name: nodesId + required: true + schema: + type: string + - in: path + name: deploymentsId + required: true + schema: + type: string + /v1alpha1/nodes/{nodesId}: parameters: *ref_1 - post: - description: Returns permissions that a caller has on the specified resource. - operationId: prod_tt_sasportal.policies.test - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalTestPermissionsRequest' + get: + description: Returns a requested node. + operationId: prod_tt_sasportal.nodes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4849,5 +4844,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalTestPermissionsResponse' - parameters: [] + $ref: '#/components/schemas/SasPortalNode' + parameters: + - in: path + name: nodesId + required: true + schema: + type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/publicca.yaml b/providers/src/googleapis.com/v00.00.00000/services/publicca.yaml index 7e2b40c5..1529ef90 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/publicca.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/publicca.yaml @@ -10,8 +10,8 @@ info: external account binding keys associated with Google Trust Services' publicly trusted certificate authority. version: v1 - x-discovery-doc-revision: '20250825' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251111' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/public-certificate-authority/docs servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/pubsub.yaml b/providers/src/googleapis.com/v00.00.00000/services/pubsub.yaml index e974c1af..ddf9fd12 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/pubsub.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/pubsub.yaml @@ -9,8 +9,8 @@ info: Provides reliable, many-to-many, asynchronous messaging between applications. version: v1 - x-discovery-doc-revision: '20250812' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251125' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/pubsub/docs servers: @@ -37,493 +37,94 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). - type: object - properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: - description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. - type: object - properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string - members: - description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - type: object - properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string - title: - description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. - type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: - description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: - description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object - properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string Schema: - id: Schema - description: A schema resource. type: object properties: - name: - description: >- - Required. Name of the schema. Format is - `projects/{project}/schemas/{schema}`. - type: string - type: - description: The type of the schema definition. - type: string - enumDescriptions: - - Default value. This value is unused. - - A Protocol Buffer schema definition. - - An Avro schema definition. - enum: - - TYPE_UNSPECIFIED - - PROTOCOL_BUFFER - - AVRO definition: description: >- The definition of the schema. This should contain a string representing the full definition of the schema that is a valid schema definition of the type specified in `type`. type: string - revisionId: - description: Output only. Immutable. The revision ID of the schema. - readOnly: true - type: string - revisionCreateTime: - description: Output only. The timestamp that the revision was created. - readOnly: true - type: string - format: google-datetime - ListSchemasResponse: - id: ListSchemasResponse - description: Response for the `ListSchemas` method. - type: object - properties: - schemas: - description: The resulting schemas. - type: array - items: - $ref: '#/components/schemas/Schema' - nextPageToken: - description: >- - If not empty, indicates that there may be more schemas that match - the request; this value should be passed in a new - `ListSchemasRequest`. - type: string - ListSchemaRevisionsResponse: - id: ListSchemaRevisionsResponse - description: Response for the `ListSchemaRevisions` method. - type: object - properties: - schemas: - description: The revisions of the schema. - type: array - items: - $ref: '#/components/schemas/Schema' - nextPageToken: - description: >- - A token that can be sent as `page_token` to retrieve the next page. - If this field is empty, there are no subsequent pages. - type: string - CommitSchemaRequest: - id: CommitSchemaRequest - description: Request for CommitSchema method. - type: object - properties: - schema: - description: Required. The schema revision to commit. - $ref: '#/components/schemas/Schema' - RollbackSchemaRequest: - id: RollbackSchemaRequest - description: Request for the `RollbackSchema` method. - type: object - properties: - revisionId: - description: >- - Required. The revision ID to roll back to. It must be a revision of - the same schema. Example: c7cfa2a8 - type: string - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - ValidateSchemaRequest: - id: ValidateSchemaRequest - description: Request for the `ValidateSchema` method. - type: object - properties: - schema: - description: Required. The schema object to validate. - $ref: '#/components/schemas/Schema' - ValidateSchemaResponse: - id: ValidateSchemaResponse - description: Response for the `ValidateSchema` method. Empty for now. - type: object - properties: {} - ValidateMessageRequest: - id: ValidateMessageRequest - description: Request for the `ValidateMessage` method. - type: object - properties: name: description: >- - Name of the schema against which to validate. Format is + Required. Name of the schema. Format is `projects/{project}/schemas/{schema}`. type: string - schema: - description: Ad-hoc schema against which to validate - $ref: '#/components/schemas/Schema' - message: - description: Message to validate against the provided `schema_spec`. - type: string - format: byte - encoding: - description: The encoding expected for messages - type: string - enumDescriptions: - - Unspecified - - JSON encoding - - >- - Binary encoding, as defined by the schema type. For some schema - types, binary encoding may not be available. - enum: - - ENCODING_UNSPECIFIED - - JSON - - BINARY - ValidateMessageResponse: - id: ValidateMessageResponse - description: Response for the `ValidateMessage` method. Empty for now. - type: object - properties: {} - Topic: - id: Topic - description: A topic resource. - type: object - properties: - name: - description: >- - Required. The name of the topic. It must have the format - `"projects/{project}/topics/{topic}"`. `{topic}` must start with a - letter, and contain only letters (`[A-Za-z]`), numbers (`[0-9]`), - dashes (`-`), underscores (`_`), periods (`.`), tildes (`~`), plus - (`+`) or percent signs (`%`). It must be between 3 and 255 - characters in length, and it must not start with `"goog"`. - type: string - labels: - description: >- - Optional. See [Creating and managing labels] - (https://cloud.google.com/pubsub/docs/labels). - type: object - additionalProperties: - type: string - messageStoragePolicy: - description: >- - Optional. Policy constraining the set of Google Cloud Platform - regions where messages published to the topic may be stored. If not - present, then no constraints are in effect. - $ref: '#/components/schemas/MessageStoragePolicy' - kmsKeyName: - description: >- - Optional. The resource name of the Cloud KMS CryptoKey to be used to - protect access to messages published on this topic. The expected - format is `projects/*/locations/*/keyRings/*/cryptoKeys/*`. - type: string - schemaSettings: - description: >- - Optional. Settings for validating messages published against a - schema. - $ref: '#/components/schemas/SchemaSettings' - satisfiesPzs: - description: >- - Optional. Reserved for future use. This field is set only in - responses from the server; it is ignored if it is set in any - requests. - type: boolean - messageRetentionDuration: - description: >- - Optional. Indicates the minimum duration to retain a message after - it is published to the topic. If this field is set, messages - published to the topic in the last `message_retention_duration` are - always available to subscribers. For instance, it allows any - attached subscription to [seek to a - timestamp](https://cloud.google.com/pubsub/docs/replay-overview#seek_to_a_time) - that is up to `message_retention_duration` in the past. If this - field is not set, message retention is controlled by settings on - individual subscriptions. Cannot be more than 31 days or less than - 10 minutes. + revisionId: type: string - format: google-duration - state: - description: Output only. An output-only field indicating the state of the topic. + description: Output only. Immutable. The revision ID of the schema. + readOnly: true + revisionCreateTime: readOnly: true type: string + format: google-datetime + description: Output only. The timestamp that the revision was created. + type: + type: string + description: The type of the schema definition. enumDescriptions: - Default value. This value is unused. - - The topic does not have any persistent errors. - - >- - Ingestion from the data source has encountered a permanent error. - See the more detailed error state in the corresponding ingestion - source configuration. + - A Protocol Buffer schema definition. + - An Avro schema definition. enum: - - STATE_UNSPECIFIED - - ACTIVE - - INGESTION_RESOURCE_ERROR - ingestionDataSourceSettings: - description: Optional. Settings for ingestion from a data source into this topic. - $ref: '#/components/schemas/IngestionDataSourceSettings' - messageTransforms: + - TYPE_UNSPECIFIED + - PROTOCOL_BUFFER + - AVRO + id: Schema + description: A schema resource. + PlatformLogsSettings: + description: Settings for Platform Logs produced by Pub/Sub. + properties: + severity: + enum: + - SEVERITY_UNSPECIFIED + - DISABLED + - DEBUG + - INFO + - WARNING + - ERROR description: >- - Optional. Transforms to be applied to messages published to the - topic. Transforms are applied in the order specified. + Optional. The minimum severity level of Platform Logs that will be + written. + type: string + enumDescriptions: + - Default value. Logs level is unspecified. Logs will be disabled. + - Logs will be disabled. + - Debug logs and higher-severity logs will be written. + - Info logs and higher-severity logs will be written. + - Warning logs and higher-severity logs will be written. + - Only error logs will be written. + id: PlatformLogsSettings + type: object + AcknowledgeRequest: + description: Request for the Acknowledge method. + properties: + ackIds: type: array items: - $ref: '#/components/schemas/MessageTransform' + type: string + description: >- + Required. The acknowledgment ID for the messages being acknowledged + that was returned by the Pub/Sub system in the `Pull` response. Must + not be empty. + type: object + id: AcknowledgeRequest MessageStoragePolicy: - id: MessageStoragePolicy - description: A policy constraining the storage of messages published to the topic. type: object + description: A policy constraining the storage of messages published to the topic. + id: MessageStoragePolicy properties: + enforceInTransit: + description: >- + Optional. If true, `allowed_persistence_regions` is also used to + enforce in-transit guarantees for messages. That is, Pub/Sub will + fail Publish operations on this topic and subscribe operations on + any subscription attached to this topic in any region that is not in + `allowed_persistence_regions`. + type: boolean allowedPersistenceRegions: + type: array description: >- Optional. A list of IDs of Google Cloud regions where messages that are published to the topic may be persisted in storage. Messages @@ -531,227 +132,354 @@ components: (or running outside of Google Cloud altogether) are routed for storage in one of the allowed regions. An empty list means that no regions are allowed, and is not a valid configuration. - type: array items: type: string - enforceInTransit: - description: >- - Optional. If true, `allowed_persistence_regions` is also used to - enforce in-transit guarantees for messages. That is, Pub/Sub will - fail Publish operations on this topic and subscribe operations on - any subscription attached to this topic in any region that is not in - `allowed_persistence_regions`. - type: boolean - SchemaSettings: - id: SchemaSettings - description: Settings for validating messages published against a schema. - type: object + DeadLetterPolicy: properties: - schema: + maxDeliveryAttempts: description: >- - Required. The name of the schema that messages published should be - validated against. Format is `projects/{project}/schemas/{schema}`. - The value of this field will be `_deleted-schema_` if the schema has - been deleted. - type: string - encoding: - description: Optional. The encoding of messages validated against `schema`. - type: string - enumDescriptions: - - Unspecified - - JSON encoding - - >- - Binary encoding, as defined by the schema type. For some schema - types, binary encoding may not be available. - enum: - - ENCODING_UNSPECIFIED - - JSON - - BINARY - firstRevisionId: + Optional. The maximum number of delivery attempts for any message. + The value must be between 5 and 100. The number of delivery attempts + is defined as 1 + (the sum of number of NACKs and number of times + the acknowledgment deadline has been exceeded for the message). A + NACK is any call to ModifyAckDeadline with a 0 deadline. Note that + client libraries may automatically extend ack_deadlines. This field + will be honored on a best effort basis. If this parameter is 0, a + default value of 5 is used. + type: integer + format: int32 + deadLetterTopic: description: >- - Optional. The minimum (inclusive) revision allowed for validating - messages. If empty or not present, allow any revision to be - validated against last_revision or any revision created before. + Optional. The name of the topic to which dead letter messages should + be published. Format is `projects/{project}/topics/{topic}`.The + Pub/Sub service account associated with the enclosing subscription's + parent project (i.e., + service-{project_number}@gcp-sa-pubsub.iam.gserviceaccount.com) must + have permission to Publish() to this topic. The operation will fail + if the topic does not exist. Users should ensure that there is a + subscription attached to this topic since messages published to a + topic with no subscriptions are lost. type: string - lastRevisionId: + id: DeadLetterPolicy + description: >- + Dead lettering is done on a best effort basis. The same message might be + dead lettered multiple times. If validation on any of the fields fails + at subscription creation/updation, the create/update subscription + request will fail. + type: object + TextConfig: + id: TextConfig + properties: {} + description: >- + Configuration for writing message data in text format. Message payloads + will be written to files as raw text, separated by a newline. + type: object + ModifyAckDeadlineRequest: + properties: + ackIds: + type: array + description: Required. List of acknowledgment IDs. + items: + type: string + ackDeadlineSeconds: + type: integer + format: int32 description: >- - Optional. The maximum (inclusive) revision allowed for validating - messages. If empty or not present, allow any revision to be - validated against first_revision or any revision created after. + Required. The new ack deadline with respect to the time this request + was sent to the Pub/Sub system. For example, if the value is 10, the + new ack deadline will expire 10 seconds after the + `ModifyAckDeadline` call was made. Specifying zero might immediately + make the message available for delivery to another subscriber + client. This typically results in an increase in the rate of message + redeliveries (that is, duplicates). The minimum deadline you can + specify is 0 seconds. The maximum deadline you can specify in a + single request is 600 seconds (10 minutes). + description: Request for the ModifyAckDeadline method. + id: ModifyAckDeadlineRequest + type: object + TextFormat: + description: >- + Configuration for reading Cloud Storage data in text format. Each line + of text as specified by the delimiter will be set to the `data` field of + a Pub/Sub message. + properties: + delimiter: + description: Optional. When unset, '\n' is used. type: string - IngestionDataSourceSettings: - id: IngestionDataSourceSettings - description: Settings for an ingestion data source on a topic. + id: TextFormat type: object + CreateSnapshotRequest: properties: - awsKinesis: - description: Optional. Amazon Kinesis Data Streams. - $ref: '#/components/schemas/AwsKinesis' - cloudStorage: - description: Optional. Cloud Storage. - $ref: '#/components/schemas/CloudStorage' - azureEventHubs: - description: Optional. Azure Event Hubs. - $ref: '#/components/schemas/AzureEventHubs' - awsMsk: - description: Optional. Amazon MSK. - $ref: '#/components/schemas/AwsMsk' - confluentCloud: - description: Optional. Confluent Cloud. - $ref: '#/components/schemas/ConfluentCloud' - platformLogsSettings: + tags: description: >- - Optional. Platform Logs settings. If unset, no Platform Logs will be - generated. - $ref: '#/components/schemas/PlatformLogsSettings' - AwsKinesis: - id: AwsKinesis - description: Ingestion settings for Amazon Kinesis Data Streams. + Optional. Input only. Immutable. Tag keys/values directly bound to + this resource. For example: "123/environment": "production", + "123/costCenter": "marketing" + additionalProperties: + type: string + type: object + labels: + description: >- + Optional. See [Creating and managing + labels](https://cloud.google.com/pubsub/docs/labels). + additionalProperties: + type: string + type: object + subscription: + type: string + description: >- + Required. The subscription whose backlog the snapshot retains. + Specifically, the created snapshot is guaranteed to retain: (a) The + existing backlog on the subscription. More precisely, this is + defined as the messages in the subscription's backlog that are + unacknowledged upon the successful completion of the + `CreateSnapshot` request; as well as: (b) Any messages published to + the subscription's topic following the successful completion of the + CreateSnapshot request. Format is + `projects/{project}/subscriptions/{sub}`. + description: Request for the `CreateSnapshot` method. type: object + id: CreateSnapshotRequest + CloudStorageConfig: + id: CloudStorageConfig properties: state: - description: >- - Output only. An output-only field that indicates the state of the - Kinesis ingestion source. readOnly: true - type: string - enumDescriptions: - - Default value. This value is unused. - - Ingestion is active. - - >- - Permission denied encountered while consuming data from Kinesis. - This can happen if: - The provided `aws_role_arn` does not exist - or does not have the appropriate permissions attached. - The - provided `aws_role_arn` is not set up properly for Identity - Federation using `gcp_service_account`. - The Pub/Sub SA is not - granted the `iam.serviceAccounts.getOpenIdToken` permission on - `gcp_service_account`. - - >- - Permission denied encountered while publishing to the topic. This - can happen if the Pub/Sub SA has not been granted the [appropriate - publish - permissions](https://cloud.google.com/pubsub/docs/access-control#pubsub.publisher) - - The Kinesis stream does not exist. - - The Kinesis consumer does not exist. + type: string enum: - STATE_UNSPECIFIED - ACTIVE - - KINESIS_PERMISSION_DENIED - - PUBLISH_PERMISSION_DENIED - - STREAM_NOT_FOUND - - CONSUMER_NOT_FOUND - streamArn: - description: Required. The Kinesis stream ARN to ingest data from. + - PERMISSION_DENIED + - NOT_FOUND + - IN_TRANSIT_LOCATION_RESTRICTION + - SCHEMA_MISMATCH + description: >- + Output only. An output-only field that indicates whether or not the + subscription can receive messages. + enumDescriptions: + - Default value. This value is unused. + - The subscription can actively send messages to Cloud Storage. + - >- + Cannot write to the Cloud Storage bucket because of permission + denied errors. + - >- + Cannot write to the Cloud Storage bucket because it does not + exist. + - >- + Cannot write to the destination because enforce_in_transit is set + to true and the destination locations are not in the allowed + regions. + - >- + Cannot write to the Cloud Storage bucket due to an incompatibility + between the topic schema and subscription settings. + maxDuration: + description: >- + Optional. The maximum duration that can elapse before a new Cloud + Storage file is created. Min 1 minute, max 10 minutes, default 5 + minutes. May not exceed the subscription's acknowledgment deadline. + format: google-duration type: string - consumerArn: + maxBytes: + format: int64 description: >- - Required. The Kinesis consumer ARN to used for ingestion in Enhanced - Fan-Out mode. The consumer must be already created and ready to be + Optional. The maximum bytes that can be written to a Cloud Storage + file before a new file is created. Min 1 KB, max 10 GiB. The + max_bytes limit may be exceeded in cases where messages are larger + than the limit. + type: string + serviceAccountEmail: + description: >- + Optional. The service account to use to write to Cloud Storage. The + subscription creator or updater that specifies this field must have + `iam.serviceAccounts.actAs` permission on the service account. If + not specified, the Pub/Sub [service + agent](https://cloud.google.com/iam/docs/service-agents), + service-{project_number}@gcp-sa-pubsub.iam.gserviceaccount.com, is used. type: string - awsRoleArn: + avroConfig: description: >- - Required. AWS role ARN to be used for Federated Identity - authentication with Kinesis. Check the Pub/Sub docs for how to set - up this role and the required permissions that need to be attached - to it. + Optional. If set, message data will be written to Cloud Storage in + Avro format. + $ref: '#/components/schemas/AvroConfig' + maxMessages: type: string - gcpServiceAccount: description: >- - Required. The GCP service account to be used for Federated Identity - authentication with Kinesis (via a `AssumeRoleWithWebIdentity` call - for the provided role). The `aws_role_arn` must be set up with - `accounts.google.com:sub` equals to this service account number. + Optional. The maximum number of messages that can be written to a + Cloud Storage file before a new file is created. Min 1000 messages. + format: int64 + filenamePrefix: + description: >- + Optional. User-provided prefix for Cloud Storage filename. See the + [object naming + requirements](https://cloud.google.com/storage/docs/objects#naming). type: string - CloudStorage: - id: CloudStorage - description: Ingestion settings for Cloud Storage. + filenameDatetimeFormat: + description: >- + Optional. User-provided format string specifying how to represent + datetimes in Cloud Storage filenames. See the [datetime format + guidance](https://cloud.google.com/pubsub/docs/create-cloudstorage-subscription#file_names). + type: string + textConfig: + description: >- + Optional. If set, message data will be written to Cloud Storage in + text format. + $ref: '#/components/schemas/TextConfig' + filenameSuffix: + description: >- + Optional. User-provided suffix for Cloud Storage filename. See the + [object naming + requirements](https://cloud.google.com/storage/docs/objects#naming). + Must not end in "/". + type: string + bucket: + description: >- + Required. User-provided name for the Cloud Storage bucket. The + bucket must be created by the user. The bucket name must be without + any prefix like "gs://". See the [bucket naming requirements] + (https://cloud.google.com/storage/docs/buckets#naming). + type: string + type: object + description: Configuration for a Cloud Storage subscription. + PubsubWrapper: + id: PubsubWrapper type: object + properties: {} + description: >- + The payload to the push endpoint is in the form of the JSON + representation of a PubsubMessage + (https://cloud.google.com/pubsub/docs/reference/rpc/google.pubsub.v1#pubsubmessage). + BigQueryConfig: + id: BigQueryConfig properties: state: - description: >- - Output only. An output-only field that indicates the state of the - Cloud Storage ingestion source. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - PERMISSION_DENIED + - NOT_FOUND + - SCHEMA_MISMATCH + - IN_TRANSIT_LOCATION_RESTRICTION readOnly: true - type: string enumDescriptions: - Default value. This value is unused. - - Ingestion is active. - - >- - Permission denied encountered while calling the Cloud Storage API. - This can happen if the Pub/Sub SA has not been granted the - [appropriate - permissions](https://cloud.google.com/storage/docs/access-control/iam-permissions): - - storage.objects.list: to list the objects in a bucket. - - storage.objects.get: to read the objects in a bucket. - - storage.buckets.get: to verify the bucket exists. + - The subscription can actively send messages to BigQuery - >- - Permission denied encountered while publishing to the topic. This - can happen if the Pub/Sub SA has not been granted the [appropriate - publish - permissions](https://cloud.google.com/pubsub/docs/access-control#pubsub.publisher) - - The provided Cloud Storage bucket doesn't exist. + Cannot write to the BigQuery table because of permission denied + errors. This can happen if - Pub/Sub SA has not been granted the + [appropriate BigQuery IAM + permissions](https://cloud.google.com/pubsub/docs/create-subscription#assign_bigquery_service_account) + - bigquery.googleapis.com API is not enabled for the project + ([instructions](https://cloud.google.com/service-usage/docs/enable-disable)) + - Cannot write to the BigQuery table because it does not exist. + - Cannot write to the BigQuery table due to a schema mismatch. - >- - The Cloud Storage bucket has too many objects, ingestion will be - paused. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - CLOUD_STORAGE_PERMISSION_DENIED - - PUBLISH_PERMISSION_DENIED - - BUCKET_NOT_FOUND - - TOO_MANY_OBJECTS - bucket: + Cannot write to the destination because enforce_in_transit is set + to true and the destination locations are not in the allowed + regions. description: >- - Optional. Cloud Storage bucket. The bucket name must be without any - prefix like "gs://". See the [bucket naming requirements] - (https://cloud.google.com/storage/docs/buckets#naming). + Output only. An output-only field that indicates whether or not the + subscription can receive messages. type: string - textFormat: - description: Optional. Data from Cloud Storage will be interpreted as text. - $ref: '#/components/schemas/TextFormat' - avroFormat: + dropUnknownFields: description: >- - Optional. Data from Cloud Storage will be interpreted in Avro - format. - $ref: '#/components/schemas/AvroFormat' - pubsubAvroFormat: + Optional. When true and use_topic_schema is true, any fields that + are a part of the topic schema that are not part of the BigQuery + table schema are dropped when writing to BigQuery. Otherwise, the + schemas must be kept in sync and any messages with extra fields are + not written and remain in the subscription's backlog. + type: boolean + table: description: >- - Optional. It will be assumed data from Cloud Storage was written via - [Cloud Storage - subscriptions](https://cloud.google.com/pubsub/docs/cloudstorage). - $ref: '#/components/schemas/PubSubAvroFormat' - minimumObjectCreateTime: + Optional. The name of the table to which to write data, of the form + {projectId}.{datasetId}.{tableId} + type: string + useTableSchema: description: >- - Optional. Only objects with a larger or equal creation timestamp - will be ingested. + Optional. When true, use the BigQuery table's schema as the columns + to write to in BigQuery. `use_table_schema` and `use_topic_schema` + cannot be enabled at the same time. + type: boolean + useTopicSchema: + type: boolean + description: >- + Optional. When true, use the topic's schema as the columns to write + to in BigQuery, if it exists. `use_topic_schema` and + `use_table_schema` cannot be enabled at the same time. + writeMetadata: + description: >- + Optional. When true, write the subscription name, message_id, + publish_time, attributes, and ordering_key to additional columns in + the table. The subscription name, message_id, and publish_time + fields are put in their own columns while all other message + properties (other than data) are written to a JSON object in the + attributes column. + type: boolean + serviceAccountEmail: type: string - format: google-datetime - matchGlob: description: >- - Optional. Glob pattern used to match objects that will be ingested. - If unset, all objects will be ingested. See the [supported - patterns](https://cloud.google.com/storage/docs/json_api/v1/objects/list#list-objects-and-prefixes-using-glob). + Optional. The service account to use to write to BigQuery. The + subscription creator or updater that specifies this field must have + `iam.serviceAccounts.actAs` permission on the service account. If + not specified, the Pub/Sub [service + agent](https://cloud.google.com/iam/docs/service-agents), + service-{project_number}@gcp-sa-pubsub.iam.gserviceaccount.com, is + used. + type: object + description: Configuration for a BigQuery subscription. + SeekRequest: + properties: + time: + description: >- + Optional. The time to seek to. Messages retained in the subscription + that were published before this time are marked as acknowledged, and + messages retained in the subscription that were published after this + time are marked as unacknowledged. Note that this operation affects + only those messages retained in the subscription (configured by the + combination of `message_retention_duration` and + `retain_acked_messages`). For example, if `time` corresponds to a + point before the message retention window (or to a point before the + system's notion of the subscription creation time), only retained + messages will be marked as unacknowledged, and already-expunged + messages will not be restored. + format: google-datetime type: string - TextFormat: - id: TextFormat - description: >- - Configuration for reading Cloud Storage data in text format. Each line - of text as specified by the delimiter will be set to the `data` field of - a Pub/Sub message. + snapshot: + description: >- + Optional. The snapshot to seek to. The snapshot's topic must be the + same as that of the provided subscription. Format is + `projects/{project}/snapshots/{snap}`. + type: string + type: object + description: Request for the `Seek` method. + id: SeekRequest + NoWrapper: + id: NoWrapper type: object + description: Sets the `data` field as the HTTP body for delivery. properties: - delimiter: - description: Optional. When unset, '\n' is used. - type: string - AvroFormat: - id: AvroFormat - description: >- - Configuration for reading Cloud Storage data in Avro binary format. The - bytes of each object will be set to the `data` field of a Pub/Sub - message. + writeMetadata: + type: boolean + description: >- + Optional. When true, writes the Pub/Sub message metadata to + `x-goog-pubsub-:` headers of the HTTP request. Writes the Pub/Sub + message attributes to `:` headers of the HTTP request. + PullResponse: + properties: + receivedMessages: + items: + $ref: '#/components/schemas/ReceivedMessage' + description: >- + Optional. Received Pub/Sub messages. The list will be empty if there + are no more messages available in the backlog, or if no messages + could be returned before the request timeout. For JSON, the response + can be entirely empty. The Pub/Sub system may return fewer than the + `maxMessages` requested even if there are more messages available in + the backlog. + type: array + description: Response for the `Pull` method. + id: PullResponse type: object - properties: {} PubSubAvroFormat: id: PubSubAvroFormat description: >- @@ -759,78 +487,121 @@ components: subscriptions](https://cloud.google.com/pubsub/docs/cloudstorage). The data and attributes fields of the originally exported Pub/Sub message will be restored when publishing. - type: object properties: {} - AzureEventHubs: - id: AzureEventHubs - description: Ingestion settings for Azure Event Hubs. type: object + ExpirationPolicy: properties: - state: + ttl: + format: google-duration description: >- - Output only. An output-only field that indicates the state of the - Event Hubs ingestion source. - readOnly: true - type: string - enumDescriptions: - - Default value. This value is unused. - - Ingestion is active. - - >- - Permission denied encountered while consuming data from Event - Hubs. This can happen when `client_id`, or `tenant_id` are - invalid. Or the right permissions haven't been granted. - - Permission denied encountered while publishing to the topic. - - The provided Event Hubs namespace couldn't be found. - - The provided Event Hub couldn't be found. - - The provided Event Hubs subscription couldn't be found. - - The provided Event Hubs resource group couldn't be found. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - EVENT_HUBS_PERMISSION_DENIED - - PUBLISH_PERMISSION_DENIED - - NAMESPACE_NOT_FOUND - - EVENT_HUB_NOT_FOUND - - SUBSCRIPTION_NOT_FOUND - - RESOURCE_GROUP_NOT_FOUND - resourceGroup: - description: Optional. Name of the resource group within the azure subscription. - type: string - namespace: - description: Optional. The name of the Event Hubs namespace. + Optional. Specifies the "time-to-live" duration for an associated + resource. The resource expires if it is not active for a period of + `ttl`. The definition of "activity" depends on the type of the + associated resource. The minimum and maximum allowed values for + `ttl` depend on the type of the associated resource, as well. If + `ttl` is not set, the associated resource never expires. type: string - eventHub: - description: Optional. The name of the Event Hub. + description: >- + A policy that specifies the conditions for resource expiration (i.e., + automatic resource deletion). + id: ExpirationPolicy + type: object + CommitSchemaRequest: + properties: + schema: + description: Required. The schema revision to commit. + $ref: '#/components/schemas/Schema' + description: Request for CommitSchema method. + id: CommitSchemaRequest + type: object + PushConfig: + description: Configuration for a push delivery endpoint. + properties: + pushEndpoint: type: string - clientId: description: >- - Optional. The client id of the Azure application that is being used - to authenticate Pub/Sub. - type: string - tenantId: + Optional. A URL locating the endpoint to which messages should be + pushed. For example, a Webhook endpoint might use + `https://example.com/push`. + oidcToken: description: >- - Optional. The tenant id of the Azure application that is being used - to authenticate Pub/Sub. - type: string - subscriptionId: - description: Optional. The Azure subscription id. - type: string - gcpServiceAccount: + Optional. If specified, Pub/Sub will generate and attach an OIDC JWT + token as an `Authorization` header in the HTTP request for every + pushed message. + $ref: '#/components/schemas/OidcToken' + noWrapper: + description: Optional. When set, the payload to the push endpoint is not wrapped. + $ref: '#/components/schemas/NoWrapper' + attributes: + type: object + additionalProperties: + type: string description: >- - Optional. The GCP service account to be used for Federated Identity - authentication. + Optional. Endpoint configuration attributes that can be used to + control different aspects of the message delivery. The only + currently supported attribute is `x-goog-version`, which you can use + to change the format of the pushed message. This attribute indicates + the version of the data expected by the endpoint. This controls the + shape of the pushed message (i.e., its fields and metadata). If not + present during the `CreateSubscription` call, it will default to the + version of the Pub/Sub API used to make such call. If not present in + a `ModifyPushConfig` call, its value will not be changed. + `GetSubscription` calls will always return a valid version, even if + the subscription was created without this attribute. The only + supported values for the `x-goog-version` attribute are: * + `v1beta1`: uses the push format defined in the v1beta1 Pub/Sub API. + * `v1` or `v1beta2`: uses the push format defined in the v1 Pub/Sub + API. For example: `attributes { "x-goog-version": "v1" }` + pubsubWrapper: + $ref: '#/components/schemas/PubsubWrapper' + description: >- + Optional. When set, the payload to the push endpoint is in the form + of the JSON representation of a PubsubMessage + (https://cloud.google.com/pubsub/docs/reference/rpc/google.pubsub.v1#pubsubmessage). + type: object + id: PushConfig + ValidateSchemaResponse: + properties: {} + id: ValidateSchemaResponse + type: object + description: Response for the `ValidateSchema` method. Empty for now. + ListTopicSubscriptionsResponse: + description: Response for the `ListTopicSubscriptions` method. + id: ListTopicSubscriptionsResponse + properties: + nextPageToken: + description: >- + Optional. If not empty, indicates that there may be more + subscriptions that match the request; this value should be passed in + a new `ListTopicSubscriptionsRequest` to get more subscriptions. type: string + subscriptions: + items: + type: string + type: array + description: >- + Optional. The names of subscriptions attached to the topic specified + in the request. + type: object AwsMsk: id: AwsMsk - description: Ingestion settings for Amazon MSK. - type: object properties: - state: + awsRoleArn: + type: string description: >- - Output only. An output-only field that indicates the state of the - Amazon MSK ingestion source. + Required. AWS role ARN to be used for Federated Identity + authentication with Amazon MSK. Check the Pub/Sub docs for how to + set up this role and the required permissions that need to be + attached to it. + state: readOnly: true - type: string + enum: + - STATE_UNSPECIFIED + - ACTIVE + - MSK_PERMISSION_DENIED + - PUBLISH_PERMISSION_DENIED + - CLUSTER_NOT_FOUND + - TOPIC_NOT_FOUND enumDescriptions: - Default value. This value is unused. - Ingestion is active. @@ -840,48 +611,106 @@ components: - Permission denied encountered while publishing to the topic. - The provided MSK cluster wasn't found. - The provided topic wasn't found. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - MSK_PERMISSION_DENIED - - PUBLISH_PERMISSION_DENIED - - CLUSTER_NOT_FOUND - - TOPIC_NOT_FOUND - clusterArn: description: >- - Required. The Amazon Resource Name (ARN) that uniquely identifies - the cluster. + Output only. An output-only field that indicates the state of the + Amazon MSK ingestion source. type: string topic: description: >- Required. The name of the topic in the Amazon MSK cluster that Pub/Sub will import from. type: string - awsRoleArn: + gcpServiceAccount: + type: string + description: >- + Required. The GCP service account to be used for Federated Identity + authentication with Amazon MSK (via a `AssumeRoleWithWebIdentity` + call for the provided role). The `aws_role_arn` must be set up with + `accounts.google.com:sub` equals to this service account number. + clusterArn: + type: string + description: >- + Required. The Amazon Resource Name (ARN) that uniquely identifies + the cluster. + type: object + description: Ingestion settings for Amazon MSK. + Expr: + type: object + properties: + description: + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + title: + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + type: string + location: + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: string + expression: + description: >- + Textual representation of an expression in Common Expression + Language syntax. + type: string + id: Expr + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + ListSubscriptionsResponse: + description: Response for the `ListSubscriptions` method. + properties: + subscriptions: + type: array + items: + $ref: '#/components/schemas/Subscription' + description: Optional. The subscriptions that match the request. + nextPageToken: + type: string description: >- - Required. AWS role ARN to be used for Federated Identity - authentication with Amazon MSK. Check the Pub/Sub docs for how to - set up this role and the required permissions that need to be - attached to it. - type: string - gcpServiceAccount: + Optional. If not empty, indicates that there may be more + subscriptions that match the request; this value should be passed in + a new `ListSubscriptionsRequest` to get more subscriptions. + type: object + id: ListSubscriptionsResponse + TestIamPermissionsRequest: + description: Request message for `TestIamPermissions` method. + type: object + properties: + permissions: + type: array + items: + type: string description: >- - Required. The GCP service account to be used for Federated Identity - authentication with Amazon MSK (via a `AssumeRoleWithWebIdentity` - call for the provided role). The `aws_role_arn` must be set up with - `accounts.google.com:sub` equals to this service account number. - type: string + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + id: TestIamPermissionsRequest ConfluentCloud: - id: ConfluentCloud description: Ingestion settings for Confluent Cloud. - type: object properties: state: - description: >- - Output only. An output-only field that indicates the state of the - Confluent Cloud ingestion source. readOnly: true - type: string enumDescriptions: - Default value. This value is unused. - Ingestion is active. @@ -892,6 +721,10 @@ components: - The provided bootstrap server address is unreachable. - The provided cluster wasn't found. - The provided topic wasn't found. + type: string + description: >- + Output only. An output-only field that indicates the state of the + Confluent Cloud ingestion source. enum: - STATE_UNSPECIFIED - ACTIVE @@ -905,182 +738,300 @@ components: Required. The address of the bootstrap server. The format is url:port. type: string - clusterId: - description: Required. The id of the cluster. - type: string - topic: - description: >- - Required. The name of the topic in the Confluent Cloud cluster that - Pub/Sub will import from. - type: string identityPoolId: description: >- Required. The id of the identity pool to be used for Federated Identity authentication with Confluent Cloud. See https://docs.confluent.io/cloud/current/security/authenticate/workload-identities/identity-providers/oauth/identity-pools.html#add-oauth-identity-pools. type: string + topic: + description: >- + Required. The name of the topic in the Confluent Cloud cluster that + Pub/Sub will import from. + type: string gcpServiceAccount: description: >- Required. The GCP service account to be used for Federated Identity authentication with `identity_pool_id`. type: string - PlatformLogsSettings: - id: PlatformLogsSettings - description: Settings for Platform Logs produced by Pub/Sub. + clusterId: + description: Required. The id of the cluster. + type: string + type: object + id: ConfluentCloud + AvroConfig: + type: object + properties: + writeMetadata: + description: >- + Optional. When true, write the subscription name, message_id, + publish_time, attributes, and ordering_key as additional fields in + the output. The subscription name, message_id, and publish_time + fields are put in their own fields while all other message + properties other than data (for example, an ordering_key, if + present) are added as entries in the attributes map. + type: boolean + useTopicSchema: + type: boolean + description: >- + Optional. When true, the output Cloud Storage file will be + serialized using the topic schema, if it exists. + id: AvroConfig + description: >- + Configuration for writing message data in Avro format. Message payloads + and metadata will be written to files as an Avro binary. + ModifyPushConfigRequest: + type: object + properties: + pushConfig: + description: >- + Required. The push configuration for future deliveries. An empty + `pushConfig` indicates that the Pub/Sub system should stop pushing + messages from the given subscription and allow messages to be pulled + and acknowledged - effectively pausing the subscription if `Pull` or + `StreamingPull` is not called. + $ref: '#/components/schemas/PushConfig' + id: ModifyPushConfigRequest + description: Request for the ModifyPushConfig method. + Binding: + type: object + properties: + role: + type: string + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + members: + type: array + items: + type: string + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + condition: + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + id: Binding + description: Associates `members`, or principals, with a `role`. + Policy: type: object properties: - severity: + bindings: + type: array + items: + $ref: '#/components/schemas/Binding' + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + version: + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + type: integer + format: int32 + etag: + type: string + format: byte + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + id: Policy + SetIamPolicyRequest: + properties: + policy: description: >- - Optional. The minimum severity level of Platform Logs that will be - written. - type: string - enumDescriptions: - - Default value. Logs level is unspecified. Logs will be disabled. - - Logs will be disabled. - - Debug logs and higher-severity logs will be written. - - Info logs and higher-severity logs will be written. - - Warning logs and higher-severity logs will be written. - - Only error logs will be written. - enum: - - SEVERITY_UNSPECIFIED - - DISABLED - - DEBUG - - INFO - - WARNING - - ERROR - MessageTransform: - id: MessageTransform - description: All supported message transforms types. + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' + id: SetIamPolicyRequest type: object - properties: - javascriptUdf: - description: >- - Optional. JavaScript User Defined Function. If multiple - JavaScriptUDF's are specified on a resource, each must have a unique - `function_name`. - $ref: '#/components/schemas/JavaScriptUDF' - enabled: - description: >- - Optional. This field is deprecated, use the `disabled` field to - disable transforms. - deprecated: true - type: boolean - disabled: - description: >- - Optional. If true, the transform is disabled and will not be applied - to messages. Defaults to `false`. - type: boolean - JavaScriptUDF: - id: JavaScriptUDF - description: >- - User-defined JavaScript function that can transform or filter a Pub/Sub - message. + description: Request message for `SetIamPolicy` method. + ReceivedMessage: type: object + description: A message and its corresponding acknowledgment ID. + id: ReceivedMessage properties: - functionName: - description: >- - Required. Name of the JavasScript function that should applied to - Pub/Sub messages. + ackId: + description: Optional. This ID can be used to acknowledge the received message. type: string - code: + message: + $ref: '#/components/schemas/PubsubMessage' + description: Optional. The message. + deliveryAttempt: description: >- - Required. JavaScript code that contains a function `function_name` - with the below signature: ``` /** * Transforms a Pub/Sub message. * - @return {(Object)>|null)} - To * filter a message, return `null`. To - transform a message return a map * with the following keys: * - - (required) 'data' : {string} * - (optional) 'attributes' : {Object} - * Returning empty `attributes` will remove all attributes from the * - message. * * @param {(Object)>} Pub/Sub * message. Keys: * - - (required) 'data' : {string} * - (required) 'attributes' : {Object} - * * @param {Object} metadata - Pub/Sub message metadata. * Keys: * - - (optional) 'message_id' : {string} * - (optional) 'publish_time': - {string} YYYY-MM-DDTHH:MM:SSZ format * - (optional) 'ordering_key': - {string} */ function (message, metadata) { } ``` - type: string - UpdateTopicRequest: - id: UpdateTopicRequest - description: Request for the UpdateTopic method. - type: object + Optional. The approximate number of times that Pub/Sub has attempted + to deliver the associated message to a subscriber. More precisely, + this is 1 + (number of NACKs) + (number of ack_deadline exceeds) for + this message. A NACK is any call to ModifyAckDeadline with a 0 + deadline. An ack_deadline exceeds event is whenever a message is not + acknowledged within ack_deadline. Note that ack_deadline is + initially Subscription.ackDeadlineSeconds, but may get extended + automatically by the client library. Upon the first delivery of a + given message, `delivery_attempt` will have a value of 1. The value + is calculated at best effort and is approximate. If a + DeadLetterPolicy is not set on the subscription, this will be 0. + format: int32 + type: integer + UpdateSubscriptionRequest: + description: Request for the UpdateSubscription method. + id: UpdateSubscriptionRequest properties: - topic: - description: Required. The updated topic object. - $ref: '#/components/schemas/Topic' updateMask: description: >- - Required. Indicates which fields in the provided topic to update. - Must be specified and non-empty. Note that if `update_mask` contains - "message_storage_policy" but the `message_storage_policy` is not set - in the `topic` provided above, then the updated value is determined - by the policy configured at the project or organization level. - type: string + Required. Indicates which fields in the provided subscription to + update. Must be specified and non-empty. format: google-fieldmask + type: string + subscription: + $ref: '#/components/schemas/Subscription' + description: Required. The updated subscription object. + type: object PublishRequest: - id: PublishRequest - description: Request for the Publish method. type: object + id: PublishRequest properties: messages: - description: Required. The messages to publish. - type: array items: $ref: '#/components/schemas/PubsubMessage' - PubsubMessage: - id: PubsubMessage - description: >- - A message that is published by publishers and consumed by subscribers. - The message must contain either a non-empty data field or at least one - attribute. Note that client libraries represent this object differently - depending on the language. See the corresponding [client library - documentation](https://cloud.google.com/pubsub/docs/reference/libraries) - for more information. See [quotas and limits] - (https://cloud.google.com/pubsub/quotas) for more information about - message limits. - type: object - properties: - data: - description: >- - Optional. The message data field. If this field is empty, the - message must contain at least one attribute. - type: string - format: byte - attributes: - description: >- - Optional. Attributes for this message. If this field is empty, the - message must contain non-empty data. This can be used to filter - messages on the subscription. - type: object - additionalProperties: - type: string - messageId: - description: >- - ID of this message, assigned by the server when the message is - published. Guaranteed to be unique within the topic. This value may - be read by a subscriber that receives a `PubsubMessage` via a `Pull` - call or a push delivery. It must not be populated by the publisher - in a `Publish` call. - type: string - publishTime: - description: >- - The time at which the message was published, populated by the server - when it receives the `Publish` call. It must not be populated by the - publisher in a `Publish` call. - type: string - format: google-datetime - orderingKey: - description: >- - Optional. If non-empty, identifies related messages for which - publish order should be respected. If a `Subscription` has - `enable_message_ordering` set to `true`, messages published with the - same non-empty `ordering_key` value will be delivered to subscribers - in the order in which they are received by the Pub/Sub system. All - `PubsubMessage`s published in a given `PublishRequest` must specify - the same `ordering_key` value. For more information, see [ordering - messages](https://cloud.google.com/pubsub/docs/ordering). - type: string + type: array + description: Required. The messages to publish. + description: Request for the Publish method. PublishResponse: - id: PublishResponse - description: Response for the `Publish` method. - type: object properties: messageIds: description: >- @@ -1090,102 +1041,188 @@ components: type: array items: type: string - ListTopicsResponse: - id: ListTopicsResponse - description: Response for the `ListTopics` method. + id: PublishResponse + description: Response for the `Publish` method. type: object + AzureEventHubs: + description: Ingestion settings for Azure Event Hubs. + type: object + id: AzureEventHubs properties: - topics: - description: Optional. The resulting topics. - type: array - items: - $ref: '#/components/schemas/Topic' - nextPageToken: + gcpServiceAccount: + description: >- + Optional. The GCP service account to be used for Federated Identity + authentication. + type: string + tenantId: + type: string + description: >- + Optional. The tenant id of the Azure application that is being used + to authenticate Pub/Sub. + namespace: + description: Optional. The name of the Event Hubs namespace. + type: string + resourceGroup: + description: Optional. Name of the resource group within the azure subscription. + type: string + state: + type: string + enum: + - STATE_UNSPECIFIED + - ACTIVE + - EVENT_HUBS_PERMISSION_DENIED + - PUBLISH_PERMISSION_DENIED + - NAMESPACE_NOT_FOUND + - EVENT_HUB_NOT_FOUND + - SUBSCRIPTION_NOT_FOUND + - RESOURCE_GROUP_NOT_FOUND + enumDescriptions: + - Default value. This value is unused. + - Ingestion is active. + - >- + Permission denied encountered while consuming data from Event + Hubs. This can happen when `client_id`, or `tenant_id` are + invalid. Or the right permissions haven't been granted. + - Permission denied encountered while publishing to the topic. + - The provided Event Hubs namespace couldn't be found. + - The provided Event Hub couldn't be found. + - The provided Event Hubs subscription couldn't be found. + - The provided Event Hubs resource group couldn't be found. + readOnly: true description: >- - Optional. If not empty, indicates that there may be more topics that - match the request; this value should be passed in a new - `ListTopicsRequest`. + Output only. An output-only field that indicates the state of the + Event Hubs ingestion source. + subscriptionId: + description: Optional. The Azure subscription id. type: string - ListTopicSubscriptionsResponse: - id: ListTopicSubscriptionsResponse - description: Response for the `ListTopicSubscriptions` method. - type: object - properties: - subscriptions: - description: >- - Optional. The names of subscriptions attached to the topic specified - in the request. - type: array - items: - type: string - nextPageToken: + eventHub: + description: Optional. The name of the Event Hub. + type: string + clientId: description: >- - Optional. If not empty, indicates that there may be more - subscriptions that match the request; this value should be passed in - a new `ListTopicSubscriptionsRequest` to get more subscriptions. + Optional. The client id of the Azure application that is being used + to authenticate Pub/Sub. type: string ListTopicSnapshotsResponse: - id: ListTopicSnapshotsResponse - description: Response for the `ListTopicSnapshots` method. - type: object properties: snapshots: - description: Optional. The names of the snapshots that match the request. type: array items: type: string + description: Optional. The names of the snapshots that match the request. nextPageToken: + type: string description: >- Optional. If not empty, indicates that there may be more snapshots that match the request; this value should be passed in a new `ListTopicSnapshotsRequest` to get more snapshots. + description: Response for the `ListTopicSnapshots` method. + type: object + id: ListTopicSnapshotsResponse + ValidateMessageRequest: + properties: + schema: + $ref: '#/components/schemas/Schema' + description: Ad-hoc schema against which to validate + message: + format: byte + type: string + description: Message to validate against the provided `schema_spec`. + name: + type: string + description: >- + Name of the schema against which to validate. Format is + `projects/{project}/schemas/{schema}`. + encoding: + type: string + enumDescriptions: + - Unspecified + - JSON encoding + - >- + Binary encoding, as defined by the schema type. For some schema + types, binary encoding may not be available. + description: The encoding expected for messages + enum: + - ENCODING_UNSPECIFIED + - JSON + - BINARY + id: ValidateMessageRequest + type: object + description: Request for the `ValidateMessage` method. + OidcToken: + properties: + serviceAccountEmail: + description: >- + Optional. [Service account + email](https://cloud.google.com/iam/docs/service-accounts) used for + generating the OIDC token. For more information on setting up + authentication, see [Push + subscriptions](https://cloud.google.com/pubsub/docs/push). + type: string + audience: type: string + description: >- + Optional. Audience to be used when generating OIDC token. The + audience claim identifies the recipients that the JWT is intended + for. The audience value is a single case-sensitive string. Having + multiple values (array) for the audience field is not supported. + More info about the OIDC JWT token audience here: + https://tools.ietf.org/html/rfc7519#section-4.1.3 Note: if not + specified, the Push endpoint URL will be used. + description: >- + Contains information needed for generating an [OpenID Connect + token](https://developers.google.com/identity/protocols/OpenIDConnect). + id: OidcToken + type: object + ValidateMessageResponse: + id: ValidateMessageResponse + description: Response for the `ValidateMessage` method. Empty for now. + properties: {} + type: object DetachSubscriptionResponse: id: DetachSubscriptionResponse - description: Response for the DetachSubscription method. Reserved for future use. - type: object properties: {} - Subscription: - id: Subscription - description: >- - A subscription resource. If none of `push_config`, `bigquery_config`, or - `cloud_storage_config` is set, then the subscriber will pull and ack - messages using API methods. At most one of these fields may be set. type: object + description: Response for the DetachSubscription method. Reserved for future use. + ListSchemasResponse: + id: ListSchemasResponse + description: Response for the `ListSchemas` method. properties: - name: + schemas: + items: + $ref: '#/components/schemas/Schema' + description: The resulting schemas. + type: array + nextPageToken: description: >- - Required. The name of the subscription. It must have the format - `"projects/{project}/subscriptions/{subscription}"`. - `{subscription}` must start with a letter, and contain only letters - (`[A-Za-z]`), numbers (`[0-9]`), dashes (`-`), underscores (`_`), - periods (`.`), tildes (`~`), plus (`+`) or percent signs (`%`). It - must be between 3 and 255 characters in length, and it must not - start with `"goog"`. + If not empty, indicates that there may be more schemas that match + the request; this value should be passed in a new + `ListSchemasRequest`. type: string - topic: - description: >- - Required. The name of the topic from which this subscription is - receiving messages. Format is `projects/{project}/topics/{topic}`. - The value of this field will be `_deleted-topic_` if the topic has - been deleted. + type: object + Subscription: + type: object + properties: + messageRetentionDuration: + format: google-duration type: string - pushConfig: - description: >- - Optional. If push delivery is used with this subscription, this - field is used to configure it. - $ref: '#/components/schemas/PushConfig' - bigqueryConfig: description: >- - Optional. If delivery to BigQuery is used with this subscription, - this field is used to configure it. - $ref: '#/components/schemas/BigQueryConfig' - cloudStorageConfig: + Optional. How long to retain unacknowledged messages in the + subscription's backlog, from the moment a message is published. If + `retain_acked_messages` is true, then this also configures the + retention of acknowledged messages, and thus configures how far back + in time a `Seek` can be done. Defaults to 7 days. Cannot be more + than 31 days or less than 10 minutes. + labels: + additionalProperties: + type: string description: >- - Optional. If delivery to Google Cloud Storage is used with this - subscription, this field is used to configure it. - $ref: '#/components/schemas/CloudStorageConfig' + Optional. See [Creating and managing + labels](https://cloud.google.com/pubsub/docs/labels). + type: object ackDeadlineSeconds: + format: int32 + type: integer description: >- Optional. The approximate amount of time (on a best-effort basis) Pub/Sub waits for the subscriber to acknowledge receipt before @@ -1204,9 +1241,37 @@ components: for the call to the push endpoint. If the subscriber never acknowledges the message, the Pub/Sub system will eventually redeliver the message. - type: integer - format: int32 + messageTransforms: + type: array + items: + $ref: '#/components/schemas/MessageTransform' + description: >- + Optional. Transforms to be applied to messages before they are + delivered to subscribers. Transforms are applied in the order + specified. + pushConfig: + description: >- + Optional. If push delivery is used with this subscription, this + field is used to configure it. + $ref: '#/components/schemas/PushConfig' + detached: + description: >- + Optional. Indicates whether the subscription is detached from its + topic. Detached subscriptions don't receive messages from their + topic and don't retain any backlog. `Pull` and `StreamingPull` + requests will return FAILED_PRECONDITION. If the subscription is a + push subscription, pushes to the endpoint will not be made. + type: boolean + tags: + type: object + description: >- + Optional. Input only. Immutable. Tag keys/values directly bound to + this resource. For example: "123/environment": "production", + "123/costCenter": "marketing" + additionalProperties: + type: string retainAckedMessages: + type: boolean description: >- Optional. Indicates whether to retain acknowledged messages. If true, then messages are not expunged from the subscription's @@ -1215,31 +1280,57 @@ components: like to [`Seek` to a timestamp] (https://cloud.google.com/pubsub/docs/replay-overview#seek_to_a_time) in the past to replay previously-acknowledged messages. - type: boolean - messageRetentionDuration: + name: description: >- - Optional. How long to retain unacknowledged messages in the - subscription's backlog, from the moment a message is published. If - `retain_acked_messages` is true, then this also configures the - retention of acknowledged messages, and thus configures how far back - in time a `Seek` can be done. Defaults to 7 days. Cannot be more - than 31 days or less than 10 minutes. + Required. The name of the subscription. It must have the format + `"projects/{project}/subscriptions/{subscription}"`. + `{subscription}` must start with a letter, and contain only letters + (`[A-Za-z]`), numbers (`[0-9]`), dashes (`-`), underscores (`_`), + periods (`.`), tildes (`~`), plus (`+`) or percent signs (`%`). It + must be between 3 and 255 characters in length, and it must not + start with `"goog"`. type: string - format: google-duration - labels: + enableExactlyOnceDelivery: description: >- - Optional. See [Creating and managing - labels](https://cloud.google.com/pubsub/docs/labels). - type: object - additionalProperties: - type: string - enableMessageOrdering: + Optional. If true, Pub/Sub provides the following guarantees for the + delivery of a message with a given value of `message_id` on this + subscription: * The message sent to a subscriber is guaranteed not + to be resent before the message's acknowledgment deadline expires. * + An acknowledged message will not be resent to a subscriber. Note + that subscribers may still receive multiple copies of a message when + `enable_exactly_once_delivery` is true if the message was published + multiple times by a publisher client. These copies are considered + distinct by Pub/Sub and have distinct `message_id` values. + type: boolean + topicMessageRetentionDuration: + readOnly: true + type: string + description: >- + Output only. Indicates the minimum duration for which a message is + retained after it is published to the subscription's topic. If this + field is set, messages published to the subscription's topic in the + last `topic_message_retention_duration` are always available to + subscribers. See the `message_retention_duration` field in `Topic`. + This field is set only in responses from the server; it is ignored + if it is set in any requests. + format: google-duration + state: + enum: + - STATE_UNSPECIFIED + - ACTIVE + - RESOURCE_ERROR + enumDescriptions: + - Default value. This value is unused. + - The subscription can actively receive messages + - >- + The subscription cannot receive messages because of an error with + the resource to which it pushes messages. See the more detailed + error state in the corresponding configuration. + type: string + readOnly: true description: >- - Optional. If true, messages published with the same `ordering_key` - in `PubsubMessage` will be delivered to the subscribers in the order - in which they are received by the Pub/Sub system. Otherwise, they - may be delivered in any order. - type: boolean + Output only. An output-only field indicating whether or not the + subscription can receive messages. expirationPolicy: description: >- Optional. A policy that specifies the conditions for this @@ -1251,6 +1342,46 @@ components: `expiration_policy.ttl` is 1 day. If `expiration_policy` is set, but `expiration_policy.ttl` is not set, the subscription never expires. $ref: '#/components/schemas/ExpirationPolicy' + topic: + type: string + description: >- + Required. The name of the topic from which this subscription is + receiving messages. Format is `projects/{project}/topics/{topic}`. + The value of this field will be `_deleted-topic_` if the topic has + been deleted. + bigqueryConfig: + $ref: '#/components/schemas/BigQueryConfig' + description: >- + Optional. If delivery to BigQuery is used with this subscription, + this field is used to configure it. + enableMessageOrdering: + description: >- + Optional. If true, messages published with the same `ordering_key` + in `PubsubMessage` will be delivered to the subscribers in the order + in which they are received by the Pub/Sub system. Otherwise, they + may be delivered in any order. + type: boolean + analyticsHubSubscriptionInfo: + description: >- + Output only. Information about the associated Analytics Hub + subscription. Only set if the subscritpion is created by Analytics + Hub. + $ref: '#/components/schemas/AnalyticsHubSubscriptionInfo' + readOnly: true + retryPolicy: + $ref: '#/components/schemas/RetryPolicy' + description: >- + Optional. A policy that specifies how Pub/Sub retries message + delivery for this subscription. If not set, the default retry policy + is applied. This generally implies that messages will be retried as + soon as possible for healthy subscribers. RetryPolicy will be + triggered on NACKs or acknowledgment deadline exceeded events for a + given message. + cloudStorageConfig: + description: >- + Optional. If delivery to Google Cloud Storage is used with this + subscription, this field is used to configure it. + $ref: '#/components/schemas/CloudStorageConfig' filter: description: >- Optional. An expression written in the Pub/Sub [filter @@ -1260,6 +1391,7 @@ components: then no messages are filtered out. type: string deadLetterPolicy: + $ref: '#/components/schemas/DeadLetterPolicy' description: >- Optional. A policy that specifies the conditions for dead lettering messages in this subscription. If dead_letter_policy is not set, @@ -1267,619 +1399,595 @@ components: with this subscriptions's parent project (i.e., service-{project_number}@gcp-sa-pubsub.iam.gserviceaccount.com) must have permission to Acknowledge() messages on this subscription. - $ref: '#/components/schemas/DeadLetterPolicy' - retryPolicy: - description: >- - Optional. A policy that specifies how Pub/Sub retries message - delivery for this subscription. If not set, the default retry policy - is applied. This generally implies that messages will be retried as - soon as possible for healthy subscribers. RetryPolicy will be - triggered on NACKs or acknowledgment deadline exceeded events for a - given message. - $ref: '#/components/schemas/RetryPolicy' - detached: - description: >- - Optional. Indicates whether the subscription is detached from its - topic. Detached subscriptions don't receive messages from their - topic and don't retain any backlog. `Pull` and `StreamingPull` - requests will return FAILED_PRECONDITION. If the subscription is a - push subscription, pushes to the endpoint will not be made. - type: boolean - enableExactlyOnceDelivery: - description: >- - Optional. If true, Pub/Sub provides the following guarantees for the - delivery of a message with a given value of `message_id` on this - subscription: * The message sent to a subscriber is guaranteed not - to be resent before the message's acknowledgment deadline expires. * - An acknowledged message will not be resent to a subscriber. Note - that subscribers may still receive multiple copies of a message when - `enable_exactly_once_delivery` is true if the message was published - multiple times by a publisher client. These copies are considered - distinct by Pub/Sub and have distinct `message_id` values. - type: boolean - topicMessageRetentionDuration: + description: >- + A subscription resource. If none of `push_config`, `bigquery_config`, or + `cloud_storage_config` is set, then the subscriber will pull and ack + messages using API methods. At most one of these fields may be set. + id: Subscription + CloudStorage: + id: CloudStorage + type: object + properties: + matchGlob: description: >- - Output only. Indicates the minimum duration for which a message is - retained after it is published to the subscription's topic. If this - field is set, messages published to the subscription's topic in the - last `topic_message_retention_duration` are always available to - subscribers. See the `message_retention_duration` field in `Topic`. - This field is set only in responses from the server; it is ignored - if it is set in any requests. - readOnly: true + Optional. Glob pattern used to match objects that will be ingested. + If unset, all objects will be ingested. See the [supported + patterns](https://cloud.google.com/storage/docs/json_api/v1/objects/list#list-objects-and-prefixes-using-glob). type: string - format: google-duration + pubsubAvroFormat: + description: >- + Optional. It will be assumed data from Cloud Storage was written via + [Cloud Storage + subscriptions](https://cloud.google.com/pubsub/docs/cloudstorage). + $ref: '#/components/schemas/PubSubAvroFormat' state: description: >- - Output only. An output-only field indicating whether or not the - subscription can receive messages. + Output only. An output-only field that indicates the state of the + Cloud Storage ingestion source. readOnly: true - type: string enumDescriptions: - Default value. This value is unused. - - The subscription can actively receive messages + - Ingestion is active. - >- - The subscription cannot receive messages because of an error with - the resource to which it pushes messages. See the more detailed - error state in the corresponding configuration. + Permission denied encountered while calling the Cloud Storage API. + This can happen if the Pub/Sub SA has not been granted the + [appropriate + permissions](https://cloud.google.com/storage/docs/access-control/iam-permissions): + - storage.objects.list: to list the objects in a bucket. - + storage.objects.get: to read the objects in a bucket. - + storage.buckets.get: to verify the bucket exists. + - >- + Permission denied encountered while publishing to the topic. This + can happen if the Pub/Sub SA has not been granted the [appropriate + publish + permissions](https://cloud.google.com/pubsub/docs/access-control#pubsub.publisher) + - The provided Cloud Storage bucket doesn't exist. + - >- + The Cloud Storage bucket has too many objects, ingestion will be + paused. + type: string enum: - STATE_UNSPECIFIED - ACTIVE - - RESOURCE_ERROR - analyticsHubSubscriptionInfo: + - CLOUD_STORAGE_PERMISSION_DENIED + - PUBLISH_PERMISSION_DENIED + - BUCKET_NOT_FOUND + - TOO_MANY_OBJECTS + textFormat: + $ref: '#/components/schemas/TextFormat' + description: Optional. Data from Cloud Storage will be interpreted as text. + bucket: + type: string description: >- - Output only. Information about the associated Analytics Hub - subscription. Only set if the subscritpion is created by Analytics - Hub. - readOnly: true - $ref: '#/components/schemas/AnalyticsHubSubscriptionInfo' - messageTransforms: + Optional. Cloud Storage bucket. The bucket name must be without any + prefix like "gs://". See the [bucket naming requirements] + (https://cloud.google.com/storage/docs/buckets#naming). + minimumObjectCreateTime: + type: string + format: google-datetime description: >- - Optional. Transforms to be applied to messages before they are - delivered to subscribers. Transforms are applied in the order - specified. - type: array - items: - $ref: '#/components/schemas/MessageTransform' - PushConfig: - id: PushConfig - description: Configuration for a push delivery endpoint. - type: object + Optional. Only objects with a larger or equal creation timestamp + will be ingested. + avroFormat: + $ref: '#/components/schemas/AvroFormat' + description: >- + Optional. Data from Cloud Storage will be interpreted in Avro + format. + description: Ingestion settings for Cloud Storage. + PubsubMessage: properties: - pushEndpoint: + orderingKey: description: >- - Optional. A URL locating the endpoint to which messages should be - pushed. For example, a Webhook endpoint might use - `https://example.com/push`. + Optional. If non-empty, identifies related messages for which + publish order should be respected. If a `Subscription` has + `enable_message_ordering` set to `true`, messages published with the + same non-empty `ordering_key` value will be delivered to subscribers + in the order in which they are received by the Pub/Sub system. All + `PubsubMessage`s published in a given `PublishRequest` must specify + the same `ordering_key` value. For more information, see [ordering + messages](https://cloud.google.com/pubsub/docs/ordering). type: string attributes: - description: >- - Optional. Endpoint configuration attributes that can be used to - control different aspects of the message delivery. The only - currently supported attribute is `x-goog-version`, which you can use - to change the format of the pushed message. This attribute indicates - the version of the data expected by the endpoint. This controls the - shape of the pushed message (i.e., its fields and metadata). If not - present during the `CreateSubscription` call, it will default to the - version of the Pub/Sub API used to make such call. If not present in - a `ModifyPushConfig` call, its value will not be changed. - `GetSubscription` calls will always return a valid version, even if - the subscription was created without this attribute. The only - supported values for the `x-goog-version` attribute are: * - `v1beta1`: uses the push format defined in the v1beta1 Pub/Sub API. - * `v1` or `v1beta2`: uses the push format defined in the v1 Pub/Sub - API. For example: `attributes { "x-goog-version": "v1" }` type: object additionalProperties: type: string - oidcToken: description: >- - Optional. If specified, Pub/Sub will generate and attach an OIDC JWT - token as an `Authorization` header in the HTTP request for every - pushed message. - $ref: '#/components/schemas/OidcToken' - pubsubWrapper: + Optional. Attributes for this message. If this field is empty, the + message must contain non-empty data. This can be used to filter + messages on the subscription. + data: description: >- - Optional. When set, the payload to the push endpoint is in the form - of the JSON representation of a PubsubMessage - (https://cloud.google.com/pubsub/docs/reference/rpc/google.pubsub.v1#pubsubmessage). - $ref: '#/components/schemas/PubsubWrapper' - noWrapper: - description: Optional. When set, the payload to the push endpoint is not wrapped. - $ref: '#/components/schemas/NoWrapper' - OidcToken: - id: OidcToken + Optional. The message data field. If this field is empty, the + message must contain at least one attribute. + format: byte + type: string + messageId: + description: >- + ID of this message, assigned by the server when the message is + published. Guaranteed to be unique within the topic. This value may + be read by a subscriber that receives a `PubsubMessage` via a `Pull` + call or a push delivery. It must not be populated by the publisher + in a `Publish` call. + type: string + publishTime: + type: string + description: >- + The time at which the message was published, populated by the server + when it receives the `Publish` call. It must not be populated by the + publisher in a `Publish` call. + format: google-datetime description: >- - Contains information needed for generating an [OpenID Connect - token](https://developers.google.com/identity/protocols/OpenIDConnect). + A message that is published by publishers and consumed by subscribers. + The message must contain either a non-empty data field or at least one + attribute. Note that client libraries represent this object differently + depending on the language. See the corresponding [client library + documentation](https://cloud.google.com/pubsub/docs/reference/libraries) + for more information. See [quotas and limits] + (https://cloud.google.com/pubsub/quotas) for more information about + message limits. + type: object + id: PubsubMessage + TestIamPermissionsResponse: type: object + description: Response message for `TestIamPermissions` method. properties: - serviceAccountEmail: + permissions: + type: array description: >- - Optional. [Service account - email](https://cloud.google.com/iam/docs/service-accounts) used for - generating the OIDC token. For more information on setting up - authentication, see [Push - subscriptions](https://cloud.google.com/pubsub/docs/push). + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + items: + type: string + id: TestIamPermissionsResponse + JavaScriptUDF: + properties: + code: + description: >- + Required. JavaScript code that contains a function `function_name` + with the below signature: ``` /** * Transforms a Pub/Sub message. * + @return {(Object)>|null)} - To * filter a message, return `null`. To + transform a message return a map * with the following keys: * - + (required) 'data' : {string} * - (optional) 'attributes' : {Object} + * Returning empty `attributes` will remove all attributes from the * + message. * * @param {(Object)>} Pub/Sub * message. Keys: * - + (required) 'data' : {string} * - (required) 'attributes' : {Object} + * * @param {Object} metadata - Pub/Sub message metadata. * Keys: * - + (optional) 'message_id' : {string} * - (optional) 'publish_time': + {string} YYYY-MM-DDTHH:MM:SSZ format * - (optional) 'ordering_key': + {string} */ function (message, metadata) { } ``` type: string - audience: + functionName: description: >- - Optional. Audience to be used when generating OIDC token. The - audience claim identifies the recipients that the JWT is intended - for. The audience value is a single case-sensitive string. Having - multiple values (array) for the audience field is not supported. - More info about the OIDC JWT token audience here: - https://tools.ietf.org/html/rfc7519#section-4.1.3 Note: if not - specified, the Push endpoint URL will be used. + Required. Name of the JavasScript function that should applied to + Pub/Sub messages. type: string - PubsubWrapper: - id: PubsubWrapper + id: JavaScriptUDF description: >- - The payload to the push endpoint is in the form of the JSON - representation of a PubsubMessage - (https://cloud.google.com/pubsub/docs/reference/rpc/google.pubsub.v1#pubsubmessage). + User-defined JavaScript function that can transform or filter a Pub/Sub + message. type: object + SeekResponse: + id: SeekResponse + description: Response for the `Seek` method (this response is empty). properties: {} - NoWrapper: - id: NoWrapper - description: Sets the `data` field as the HTTP body for delivery. type: object - properties: - writeMetadata: - description: >- - Optional. When true, writes the Pub/Sub message metadata to - `x-goog-pubsub-:` headers of the HTTP request. Writes the Pub/Sub - message attributes to `:` headers of the HTTP request. - type: boolean - BigQueryConfig: - id: BigQueryConfig - description: Configuration for a BigQuery subscription. + Empty: + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + properties: {} + AwsKinesis: type: object properties: - table: + gcpServiceAccount: description: >- - Optional. The name of the table to which to write data, of the form - {projectId}.{datasetId}.{tableId} + Required. The GCP service account to be used for Federated Identity + authentication with Kinesis (via a `AssumeRoleWithWebIdentity` call + for the provided role). The `aws_role_arn` must be set up with + `accounts.google.com:sub` equals to this service account number. type: string - useTopicSchema: - description: >- - Optional. When true, use the topic's schema as the columns to write - to in BigQuery, if it exists. `use_topic_schema` and - `use_table_schema` cannot be enabled at the same time. - type: boolean - writeMetadata: + consumerArn: description: >- - Optional. When true, write the subscription name, message_id, - publish_time, attributes, and ordering_key to additional columns in - the table. The subscription name, message_id, and publish_time - fields are put in their own columns while all other message - properties (other than data) are written to a JSON object in the - attributes column. - type: boolean - dropUnknownFields: + Required. The Kinesis consumer ARN to used for ingestion in Enhanced + Fan-Out mode. The consumer must be already created and ready to be + used. + type: string + awsRoleArn: + type: string description: >- - Optional. When true and use_topic_schema is true, any fields that - are a part of the topic schema that are not part of the BigQuery - table schema are dropped when writing to BigQuery. Otherwise, the - schemas must be kept in sync and any messages with extra fields are - not written and remain in the subscription's backlog. - type: boolean + Required. AWS role ARN to be used for Federated Identity + authentication with Kinesis. Check the Pub/Sub docs for how to set + up this role and the required permissions that need to be attached + to it. + streamArn: + description: Required. The Kinesis stream ARN to ingest data from. + type: string state: - description: >- - Output only. An output-only field that indicates whether or not the - subscription can receive messages. - readOnly: true type: string + description: >- + Output only. An output-only field that indicates the state of the + Kinesis ingestion source. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - KINESIS_PERMISSION_DENIED + - PUBLISH_PERMISSION_DENIED + - STREAM_NOT_FOUND + - CONSUMER_NOT_FOUND enumDescriptions: - Default value. This value is unused. - - The subscription can actively send messages to BigQuery + - Ingestion is active. - >- - Cannot write to the BigQuery table because of permission denied - errors. This can happen if - Pub/Sub SA has not been granted the - [appropriate BigQuery IAM - permissions](https://cloud.google.com/pubsub/docs/create-subscription#assign_bigquery_service_account) - - bigquery.googleapis.com API is not enabled for the project - ([instructions](https://cloud.google.com/service-usage/docs/enable-disable)) - - Cannot write to the BigQuery table because it does not exist. - - Cannot write to the BigQuery table due to a schema mismatch. + Permission denied encountered while consuming data from Kinesis. + This can happen if: - The provided `aws_role_arn` does not exist + or does not have the appropriate permissions attached. - The + provided `aws_role_arn` is not set up properly for Identity + Federation using `gcp_service_account`. - The Pub/Sub SA is not + granted the `iam.serviceAccounts.getOpenIdToken` permission on + `gcp_service_account`. - >- - Cannot write to the destination because enforce_in_transit is set - to true and the destination locations are not in the allowed - regions. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - PERMISSION_DENIED - - NOT_FOUND - - SCHEMA_MISMATCH - - IN_TRANSIT_LOCATION_RESTRICTION - useTableSchema: - description: >- - Optional. When true, use the BigQuery table's schema as the columns - to write to in BigQuery. `use_table_schema` and `use_topic_schema` - cannot be enabled at the same time. - type: boolean - serviceAccountEmail: - description: >- - Optional. The service account to use to write to BigQuery. The - subscription creator or updater that specifies this field must have - `iam.serviceAccounts.actAs` permission on the service account. If - not specified, the Pub/Sub [service - agent](https://cloud.google.com/iam/docs/service-agents), - service-{project_number}@gcp-sa-pubsub.iam.gserviceaccount.com, is - used. - type: string - CloudStorageConfig: - id: CloudStorageConfig - description: Configuration for a Cloud Storage subscription. + Permission denied encountered while publishing to the topic. This + can happen if the Pub/Sub SA has not been granted the [appropriate + publish + permissions](https://cloud.google.com/pubsub/docs/access-control#pubsub.publisher) + - The Kinesis stream does not exist. + - The Kinesis consumer does not exist. + readOnly: true + id: AwsKinesis + description: Ingestion settings for Amazon Kinesis Data Streams. + PullRequest: type: object + id: PullRequest + description: Request for the `Pull` method. properties: - bucket: + returnImmediately: description: >- - Required. User-provided name for the Cloud Storage bucket. The - bucket must be created by the user. The bucket name must be without - any prefix like "gs://". See the [bucket naming requirements] - (https://cloud.google.com/storage/docs/buckets#naming). - type: string - filenamePrefix: + Optional. If this field set to true, the system will respond + immediately even if it there are no messages available to return in + the `Pull` response. Otherwise, the system may wait (for a bounded + amount of time) until at least one message is available, rather than + returning no messages. Warning: setting this field to `true` is + discouraged because it adversely impacts the performance of `Pull` + operations. We recommend that users do not set this field. + deprecated: true + type: boolean + maxMessages: + type: integer + format: int32 description: >- - Optional. User-provided prefix for Cloud Storage filename. See the - [object naming - requirements](https://cloud.google.com/storage/docs/objects#naming). + Required. The maximum number of messages to return for this request. + Must be a positive integer. The Pub/Sub system may return fewer than + the number specified. + UpdateSnapshotRequest: + properties: + updateMask: + format: google-fieldmask type: string - filenameSuffix: description: >- - Optional. User-provided suffix for Cloud Storage filename. See the - [object naming - requirements](https://cloud.google.com/storage/docs/objects#naming). - Must not end in "/". - type: string - filenameDatetimeFormat: + Required. Indicates which fields in the provided snapshot to update. + Must be specified and non-empty. + snapshot: + description: Required. The updated snapshot object. + $ref: '#/components/schemas/Snapshot' + description: Request for the UpdateSnapshot method. + id: UpdateSnapshotRequest + type: object + MessageTransform: + type: object + properties: + javascriptUdf: description: >- - Optional. User-provided format string specifying how to represent - datetimes in Cloud Storage filenames. See the [datetime format - guidance](https://cloud.google.com/pubsub/docs/create-cloudstorage-subscription#file_names). - type: string - textConfig: + Optional. JavaScript User Defined Function. If multiple + JavaScriptUDF's are specified on a resource, each must have a unique + `function_name`. + $ref: '#/components/schemas/JavaScriptUDF' + disabled: description: >- - Optional. If set, message data will be written to Cloud Storage in - text format. - $ref: '#/components/schemas/TextConfig' - avroConfig: + Optional. If true, the transform is disabled and will not be applied + to messages. Defaults to `false`. + type: boolean + enabled: + deprecated: true description: >- - Optional. If set, message data will be written to Cloud Storage in - Avro format. - $ref: '#/components/schemas/AvroConfig' - maxDuration: + Optional. This field is deprecated, use the `disabled` field to + disable transforms. + type: boolean + id: MessageTransform + description: All supported message transforms types. + RollbackSchemaRequest: + properties: + revisionId: description: >- - Optional. The maximum duration that can elapse before a new Cloud - Storage file is created. Min 1 minute, max 10 minutes, default 5 - minutes. May not exceed the subscription's acknowledgment deadline. + Required. The revision ID to roll back to. It must be a revision of + the same schema. Example: c7cfa2a8 type: string - format: google-duration - maxBytes: + description: Request for the `RollbackSchema` method. + id: RollbackSchemaRequest + type: object + ListTopicsResponse: + type: object + description: Response for the `ListTopics` method. + properties: + topics: + type: array + items: + $ref: '#/components/schemas/Topic' + description: Optional. The resulting topics. + nextPageToken: description: >- - Optional. The maximum bytes that can be written to a Cloud Storage - file before a new file is created. Min 1 KB, max 10 GiB. The - max_bytes limit may be exceeded in cases where messages are larger - than the limit. + Optional. If not empty, indicates that there may be more topics that + match the request; this value should be passed in a new + `ListTopicsRequest`. type: string - format: int64 - maxMessages: + id: ListTopicsResponse + Topic: + properties: + messageStoragePolicy: + $ref: '#/components/schemas/MessageStoragePolicy' description: >- - Optional. The maximum number of messages that can be written to a - Cloud Storage file before a new file is created. Min 1000 messages. + Optional. Policy constraining the set of Google Cloud Platform + regions where messages published to the topic may be stored. If not + present, then no constraints are in effect. + name: + description: >- + Required. The name of the topic. It must have the format + `"projects/{project}/topics/{topic}"`. `{topic}` must start with a + letter, and contain only letters (`[A-Za-z]`), numbers (`[0-9]`), + dashes (`-`), underscores (`_`), periods (`.`), tildes (`~`), plus + (`+`) or percent signs (`%`). It must be between 3 and 255 + characters in length, and it must not start with `"goog"`. type: string - format: int64 state: - description: >- - Output only. An output-only field that indicates whether or not the - subscription can receive messages. - readOnly: true + description: Output only. An output-only field indicating the state of the topic. type: string - enumDescriptions: - - Default value. This value is unused. - - The subscription can actively send messages to Cloud Storage. - - >- - Cannot write to the Cloud Storage bucket because of permission - denied errors. - - >- - Cannot write to the Cloud Storage bucket because it does not - exist. - - >- - Cannot write to the destination because enforce_in_transit is set - to true and the destination locations are not in the allowed - regions. - - >- - Cannot write to the Cloud Storage bucket due to an incompatibility - between the topic schema and subscription settings. enum: - STATE_UNSPECIFIED - ACTIVE - - PERMISSION_DENIED - - NOT_FOUND - - IN_TRANSIT_LOCATION_RESTRICTION - - SCHEMA_MISMATCH - serviceAccountEmail: + - INGESTION_RESOURCE_ERROR + readOnly: true + enumDescriptions: + - Default value. This value is unused. + - The topic does not have any persistent errors. + - >- + Ingestion from the data source has encountered a permanent error. + See the more detailed error state in the corresponding ingestion + source configuration. + labels: + type: object + additionalProperties: + type: string description: >- - Optional. The service account to use to write to Cloud Storage. The - subscription creator or updater that specifies this field must have - `iam.serviceAccounts.actAs` permission on the service account. If - not specified, the Pub/Sub [service - agent](https://cloud.google.com/iam/docs/service-agents), - service-{project_number}@gcp-sa-pubsub.iam.gserviceaccount.com, is - used. + Optional. See [Creating and managing labels] + (https://cloud.google.com/pubsub/docs/labels). + satisfiesPzs: + type: boolean + description: >- + Optional. Reserved for future use. This field is set only in + responses from the server; it is ignored if it is set in any + requests. + kmsKeyName: type: string - TextConfig: - id: TextConfig - description: >- - Configuration for writing message data in text format. Message payloads - will be written to files as raw text, separated by a newline. - type: object - properties: {} - AvroConfig: - id: AvroConfig - description: >- - Configuration for writing message data in Avro format. Message payloads - and metadata will be written to files as an Avro binary. - type: object - properties: - writeMetadata: description: >- - Optional. When true, write the subscription name, message_id, - publish_time, attributes, and ordering_key as additional fields in - the output. The subscription name, message_id, and publish_time - fields are put in their own fields while all other message - properties other than data (for example, an ordering_key, if - present) are added as entries in the attributes map. - type: boolean - useTopicSchema: + Optional. The resource name of the Cloud KMS CryptoKey to be used to + protect access to messages published on this topic. The expected + format is `projects/*/locations/*/keyRings/*/cryptoKeys/*`. + tags: + type: object description: >- - Optional. When true, the output Cloud Storage file will be - serialized using the topic schema, if it exists. - type: boolean - ExpirationPolicy: - id: ExpirationPolicy - description: >- - A policy that specifies the conditions for resource expiration (i.e., - automatic resource deletion). - type: object - properties: - ttl: + Optional. Input only. Immutable. Tag keys/values directly bound to + this resource. For example: "123/environment": "production", + "123/costCenter": "marketing" + additionalProperties: + type: string + messageRetentionDuration: description: >- - Optional. Specifies the "time-to-live" duration for an associated - resource. The resource expires if it is not active for a period of - `ttl`. The definition of "activity" depends on the type of the - associated resource. The minimum and maximum allowed values for - `ttl` depend on the type of the associated resource, as well. If - `ttl` is not set, the associated resource never expires. - type: string + Optional. Indicates the minimum duration to retain a message after + it is published to the topic. If this field is set, messages + published to the topic in the last `message_retention_duration` are + always available to subscribers. For instance, it allows any + attached subscription to [seek to a + timestamp](https://cloud.google.com/pubsub/docs/replay-overview#seek_to_a_time) + that is up to `message_retention_duration` in the past. If this + field is not set, message retention is controlled by settings on + individual subscriptions. Cannot be more than 31 days or less than + 10 minutes. format: google-duration - DeadLetterPolicy: - id: DeadLetterPolicy - description: >- - Dead lettering is done on a best effort basis. The same message might be - dead lettered multiple times. If validation on any of the fields fails - at subscription creation/updation, the create/update subscription - request will fail. + type: string + ingestionDataSourceSettings: + description: Optional. Settings for ingestion from a data source into this topic. + $ref: '#/components/schemas/IngestionDataSourceSettings' + schemaSettings: + description: >- + Optional. Settings for validating messages published against a + schema. + $ref: '#/components/schemas/SchemaSettings' + messageTransforms: + description: >- + Optional. Transforms to be applied to messages published to the + topic. Transforms are applied in the order specified. + type: array + items: + $ref: '#/components/schemas/MessageTransform' + id: Topic type: object + description: A topic resource. + ListSnapshotsResponse: + id: ListSnapshotsResponse + description: Response for the `ListSnapshots` method. properties: - deadLetterTopic: + snapshots: + items: + $ref: '#/components/schemas/Snapshot' + description: Optional. The resulting snapshots. + type: array + nextPageToken: description: >- - Optional. The name of the topic to which dead letter messages should - be published. Format is `projects/{project}/topics/{topic}`.The - Pub/Sub service account associated with the enclosing subscription's - parent project (i.e., - service-{project_number}@gcp-sa-pubsub.iam.gserviceaccount.com) must - have permission to Publish() to this topic. The operation will fail - if the topic does not exist. Users should ensure that there is a - subscription attached to this topic since messages published to a - topic with no subscriptions are lost. + Optional. If not empty, indicates that there may be more snapshot + that match the request; this value should be passed in a new + `ListSnapshotsRequest`. type: string - maxDeliveryAttempts: - description: >- - Optional. The maximum number of delivery attempts for any message. - The value must be between 5 and 100. The number of delivery attempts - is defined as 1 + (the sum of number of NACKs and number of times - the acknowledgment deadline has been exceeded for the message). A - NACK is any call to ModifyAckDeadline with a 0 deadline. Note that - client libraries may automatically extend ack_deadlines. This field - will be honored on a best effort basis. If this parameter is 0, a - default value of 5 is used. - type: integer - format: int32 - RetryPolicy: - id: RetryPolicy - description: >- - A policy that specifies how Pub/Sub retries message delivery. Retry - delay will be exponential based on provided minimum and maximum - backoffs. https://en.wikipedia.org/wiki/Exponential_backoff. RetryPolicy - will be triggered on NACKs or acknowledgment deadline exceeded events - for a given message. Retry Policy is implemented on a best effort basis. - At times, the delay between consecutive deliveries may not match the - configuration. That is, delay can be more or less than configured - backoff. type: object + IngestionDataSourceSettings: + description: Settings for an ingestion data source on a topic. + type: object + id: IngestionDataSourceSettings properties: - minimumBackoff: + confluentCloud: + description: Optional. Confluent Cloud. + $ref: '#/components/schemas/ConfluentCloud' + awsKinesis: + description: Optional. Amazon Kinesis Data Streams. + $ref: '#/components/schemas/AwsKinesis' + platformLogsSettings: + $ref: '#/components/schemas/PlatformLogsSettings' description: >- - Optional. The minimum delay between consecutive deliveries of a - given message. Value should be between 0 and 600 seconds. Defaults - to 10 seconds. - type: string - format: google-duration - maximumBackoff: + Optional. Platform Logs settings. If unset, no Platform Logs will be + generated. + cloudStorage: + description: Optional. Cloud Storage. + $ref: '#/components/schemas/CloudStorage' + awsMsk: + $ref: '#/components/schemas/AwsMsk' + description: Optional. Amazon MSK. + azureEventHubs: + $ref: '#/components/schemas/AzureEventHubs' + description: Optional. Azure Event Hubs. + ListSchemaRevisionsResponse: + properties: + schemas: + description: The revisions of the schema. + type: array + items: + $ref: '#/components/schemas/Schema' + nextPageToken: description: >- - Optional. The maximum delay between consecutive deliveries of a - given message. Value should be between 0 and 600 seconds. Defaults - to 600 seconds. + A token that can be sent as `page_token` to retrieve the next page. + If this field is empty, there are no subsequent pages. type: string - format: google-duration + description: Response for the `ListSchemaRevisions` method. + type: object + id: ListSchemaRevisionsResponse + ValidateSchemaRequest: + properties: + schema: + description: Required. The schema object to validate. + $ref: '#/components/schemas/Schema' + id: ValidateSchemaRequest + description: Request for the `ValidateSchema` method. + type: object AnalyticsHubSubscriptionInfo: id: AnalyticsHubSubscriptionInfo - description: >- - Information about an associated [Analytics Hub - subscription](https://cloud.google.com/bigquery/docs/analytics-hub-manage-subscriptions). type: object properties: - listing: - description: >- - Optional. The name of the associated Analytics Hub listing resource. - Pattern: - "projects/{project}/locations/{location}/dataExchanges/{data_exchange}/listings/{listing}" - type: string subscription: + type: string description: >- Optional. The name of the associated Analytics Hub subscription resource. Pattern: "projects/{project}/locations/{location}/subscriptions/{subscription}" - type: string - UpdateSubscriptionRequest: - id: UpdateSubscriptionRequest - description: Request for the UpdateSubscription method. - type: object - properties: - subscription: - description: Required. The updated subscription object. - $ref: '#/components/schemas/Subscription' - updateMask: + listing: description: >- - Required. Indicates which fields in the provided subscription to - update. Must be specified and non-empty. + Optional. The name of the associated Analytics Hub listing resource. + Pattern: + "projects/{project}/locations/{location}/dataExchanges/{data_exchange}/listings/{listing}" type: string - format: google-fieldmask - ListSubscriptionsResponse: - id: ListSubscriptionsResponse - description: Response for the `ListSubscriptions` method. + description: >- + Information about an associated [Analytics Hub + subscription](https://cloud.google.com/bigquery/docs/analytics-hub-manage-subscriptions). + SchemaSettings: + id: SchemaSettings type: object properties: - subscriptions: - description: Optional. The subscriptions that match the request. - type: array - items: - $ref: '#/components/schemas/Subscription' - nextPageToken: + lastRevisionId: description: >- - Optional. If not empty, indicates that there may be more - subscriptions that match the request; this value should be passed in - a new `ListSubscriptionsRequest` to get more subscriptions. + Optional. The maximum (inclusive) revision allowed for validating + messages. If empty or not present, allow any revision to be + validated against first_revision or any revision created after. type: string - ModifyAckDeadlineRequest: - id: ModifyAckDeadlineRequest - description: Request for the ModifyAckDeadline method. - type: object - properties: - ackIds: - description: Required. List of acknowledgment IDs. - type: array - items: - type: string - ackDeadlineSeconds: + schema: description: >- - Required. The new ack deadline with respect to the time this request - was sent to the Pub/Sub system. For example, if the value is 10, the - new ack deadline will expire 10 seconds after the - `ModifyAckDeadline` call was made. Specifying zero might immediately - make the message available for delivery to another subscriber - client. This typically results in an increase in the rate of message - redeliveries (that is, duplicates). The minimum deadline you can - specify is 0 seconds. The maximum deadline you can specify in a - single request is 600 seconds (10 minutes). - type: integer - format: int32 - AcknowledgeRequest: - id: AcknowledgeRequest - description: Request for the Acknowledge method. - type: object - properties: - ackIds: + Required. The name of the schema that messages published should be + validated against. Format is `projects/{project}/schemas/{schema}`. + The value of this field will be `_deleted-schema_` if the schema has + been deleted. + type: string + firstRevisionId: description: >- - Required. The acknowledgment ID for the messages being acknowledged - that was returned by the Pub/Sub system in the `Pull` response. Must - not be empty. - type: array - items: - type: string - PullRequest: - id: PullRequest - description: Request for the `Pull` method. + Optional. The minimum (inclusive) revision allowed for validating + messages. If empty or not present, allow any revision to be + validated against last_revision or any revision created before. + type: string + encoding: + type: string + enumDescriptions: + - Unspecified + - JSON encoding + - >- + Binary encoding, as defined by the schema type. For some schema + types, binary encoding may not be available. + enum: + - ENCODING_UNSPECIFIED + - JSON + - BINARY + description: Optional. The encoding of messages validated against `schema`. + description: Settings for validating messages published against a schema. + UpdateTopicRequest: + id: UpdateTopicRequest type: object properties: - returnImmediately: - description: >- - Optional. If this field set to true, the system will respond - immediately even if it there are no messages available to return in - the `Pull` response. Otherwise, the system may wait (for a bounded - amount of time) until at least one message is available, rather than - returning no messages. Warning: setting this field to `true` is - discouraged because it adversely impacts the performance of `Pull` - operations. We recommend that users do not set this field. - deprecated: true - type: boolean - maxMessages: + updateMask: + format: google-fieldmask description: >- - Required. The maximum number of messages to return for this request. - Must be a positive integer. The Pub/Sub system may return fewer than - the number specified. - type: integer - format: int32 - PullResponse: - id: PullResponse - description: Response for the `Pull` method. + Required. Indicates which fields in the provided topic to update. + Must be specified and non-empty. Note that if `update_mask` contains + "message_storage_policy" but the `message_storage_policy` is not set + in the `topic` provided above, then the updated value is determined + by the policy configured at the project or organization level. + type: string + topic: + description: Required. The updated topic object. + $ref: '#/components/schemas/Topic' + description: Request for the UpdateTopic method. + RetryPolicy: + id: RetryPolicy type: object + description: >- + A policy that specifies how Pub/Sub retries message delivery. Retry + delay will be exponential based on provided minimum and maximum + backoffs. https://en.wikipedia.org/wiki/Exponential_backoff. RetryPolicy + will be triggered on NACKs or acknowledgment deadline exceeded events + for a given message. Retry Policy is implemented on a best effort basis. + At times, the delay between consecutive deliveries may not match the + configuration. That is, delay can be more or less than configured + backoff. properties: - receivedMessages: + maximumBackoff: + type: string description: >- - Optional. Received Pub/Sub messages. The list will be empty if there - are no more messages available in the backlog, or if no messages - could be returned before the request timeout. For JSON, the response - can be entirely empty. The Pub/Sub system may return fewer than the - `maxMessages` requested even if there are more messages available in - the backlog. - type: array - items: - $ref: '#/components/schemas/ReceivedMessage' - ReceivedMessage: - id: ReceivedMessage - description: A message and its corresponding acknowledgment ID. - type: object - properties: - ackId: - description: Optional. This ID can be used to acknowledge the received message. + Optional. The maximum delay between consecutive deliveries of a + given message. Value should be between 0 and 600 seconds. Defaults + to 600 seconds. + format: google-duration + minimumBackoff: type: string - message: - description: Optional. The message. - $ref: '#/components/schemas/PubsubMessage' - deliveryAttempt: + format: google-duration description: >- - Optional. The approximate number of times that Pub/Sub has attempted - to deliver the associated message to a subscriber. More precisely, - this is 1 + (number of NACKs) + (number of ack_deadline exceeds) for - this message. A NACK is any call to ModifyAckDeadline with a 0 - deadline. An ack_deadline exceeds event is whenever a message is not - acknowledged within ack_deadline. Note that ack_deadline is - initially Subscription.ackDeadlineSeconds, but may get extended - automatically by the client library. Upon the first delivery of a - given message, `delivery_attempt` will have a value of 1. The value - is calculated at best effort and is approximate. If a - DeadLetterPolicy is not set on the subscription, this will be 0. - type: integer - format: int32 - ModifyPushConfigRequest: - id: ModifyPushConfigRequest - description: Request for the ModifyPushConfig method. + Optional. The minimum delay between consecutive deliveries of a + given message. Value should be between 0 and 600 seconds. Defaults + to 10 seconds. + AvroFormat: type: object - properties: - pushConfig: - description: >- - Required. The push configuration for future deliveries. An empty - `pushConfig` indicates that the Pub/Sub system should stop pushing - messages from the given subscription and allow messages to be pulled - and acknowledged - effectively pausing the subscription if `Pull` or - `StreamingPull` is not called. - $ref: '#/components/schemas/PushConfig' + properties: {} + id: AvroFormat + description: >- + Configuration for reading Cloud Storage data in Avro binary format. The + bytes of each object will be set to the `data` field of a Pub/Sub + message. Snapshot: - id: Snapshot description: >- A snapshot resource. Snapshots are used in [Seek](https://cloud.google.com/pubsub/docs/replay-overview) operations, @@ -1887,16 +1995,19 @@ components: can set the acknowledgment state of messages in an existing subscription to the state captured by a snapshot. type: object + id: Snapshot properties: name: - description: Optional. The name of the snapshot. type: string + description: Optional. The name of the snapshot. topic: + type: string description: >- Optional. The name of the topic from which this snapshot is retaining messages. - type: string expireTime: + format: google-datetime + type: string description: >- Optional. The snapshot is guaranteed to exist up until this time. A newly-created snapshot expires no later than 7 days from the time of @@ -1909,127 +2020,42 @@ components: 3-day-old backlog as long as the snapshot exists -- will expire in 4 days. The service will refuse to create a snapshot that would expire in less than 1 hour after creation. - type: string - format: google-datetime labels: + type: object description: >- Optional. See [Creating and managing labels] (https://cloud.google.com/pubsub/docs/labels). - type: object - additionalProperties: - type: string - ListSnapshotsResponse: - id: ListSnapshotsResponse - description: Response for the `ListSnapshots` method. - type: object - properties: - snapshots: - description: Optional. The resulting snapshots. - type: array - items: - $ref: '#/components/schemas/Snapshot' - nextPageToken: - description: >- - Optional. If not empty, indicates that there may be more snapshot - that match the request; this value should be passed in a new - `ListSnapshotsRequest`. - type: string - CreateSnapshotRequest: - id: CreateSnapshotRequest - description: Request for the `CreateSnapshot` method. - type: object - properties: - subscription: - description: >- - Required. The subscription whose backlog the snapshot retains. - Specifically, the created snapshot is guaranteed to retain: (a) The - existing backlog on the subscription. More precisely, this is - defined as the messages in the subscription's backlog that are - unacknowledged upon the successful completion of the - `CreateSnapshot` request; as well as: (b) Any messages published to - the subscription's topic following the successful completion of the - CreateSnapshot request. Format is - `projects/{project}/subscriptions/{sub}`. - type: string - labels: - description: >- - Optional. See [Creating and managing - labels](https://cloud.google.com/pubsub/docs/labels). - type: object additionalProperties: type: string - UpdateSnapshotRequest: - id: UpdateSnapshotRequest - description: Request for the UpdateSnapshot method. - type: object - properties: - snapshot: - description: Required. The updated snapshot object. - $ref: '#/components/schemas/Snapshot' - updateMask: - description: >- - Required. Indicates which fields in the provided snapshot to update. - Must be specified and non-empty. - type: string - format: google-fieldmask - SeekRequest: - id: SeekRequest - description: Request for the `Seek` method. - type: object - properties: - time: - description: >- - Optional. The time to seek to. Messages retained in the subscription - that were published before this time are marked as acknowledged, and - messages retained in the subscription that were published after this - time are marked as unacknowledged. Note that this operation affects - only those messages retained in the subscription (configured by the - combination of `message_retention_duration` and - `retain_acked_messages`). For example, if `time` corresponds to a - point before the message retention window (or to a point before the - system's notion of the subscription creation time), only retained - messages will be marked as unacknowledged, and already-expunged - messages will not be restored. - type: string - format: google-datetime - snapshot: - description: >- - Optional. The snapshot to seek to. The snapshot's topic must be the - same as that of the provided subscription. Format is - `projects/{project}/snapshots/{snap}`. - type: string - SeekResponse: - id: SeekResponse - description: Response for the `Seek` method (this response is empty). - type: object - properties: {} parameters: - access_token: - description: OAuth access token. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: access_token + name: quotaUser schema: type: string - alt: - description: Data format for response. + _.xgafv: + description: V1 error format. in: query - name: alt + name: $.xgafv schema: type: string enum: - - json - - media - - proto - callback: - description: JSONP + - '1' + - '2' + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: callback + name: oauth_token schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + access_token: + description: OAuth access token. in: query - name: fields + name: access_token schema: type: string key: @@ -2041,223 +2067,331 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: oauth_token + name: fields schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: prettyPrint + name: uploadType schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + type: string + alt: + description: Data format for response. in: query - name: quotaUser + name: alt schema: type: string + enum: + - json + - media + - proto upload_protocol: description: Upload protocol for media (e.g. "raw", "multipart"). in: query name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: uploadType + name: prettyPrint schema: - type: string - _.xgafv: - description: V1 error format. + type: boolean + callback: + description: JSONP in: query - name: $.xgafv + name: callback schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: - topics_iam_policies: - id: google.pubsub.topics_iam_policies - name: topics_iam_policies - title: Topics_iam_policies + snapshots: + id: google.pubsub.snapshots + name: snapshots + title: Snapshots + methods: + projects_snapshots_create: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1snapshots~1{snapshotsId}/put' + response: + mediaType: application/json + openAPIDocKey: '200' + projects_snapshots_patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1snapshots~1{snapshotsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_snapshots_get: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1snapshots~1{snapshotsId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + projects_snapshots_delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1snapshots~1{snapshotsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_snapshots_list: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1snapshots/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.snapshots + projects_topics_snapshots_list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}~1snapshots/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.snapshots + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/snapshots/methods/projects_snapshots_get + - $ref: >- + #/components/x-stackQL-resources/snapshots/methods/projects_topics_snapshots_list + - $ref: >- + #/components/x-stackQL-resources/snapshots/methods/projects_snapshots_list + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/snapshots/methods/projects_snapshots_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/snapshots/methods/projects_snapshots_delete + snapshots_iam_policies: + id: google.pubsub.snapshots_iam_policies + name: snapshots_iam_policies + title: Snapshots_iam_policies methods: - projects_topics_set_iam_policy: + projects_snapshots_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1snapshots~1{snapshotsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - projects_topics_get_iam_policy: + objectKey: $.bindings + projects_snapshots_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1snapshots~1{snapshotsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_topics_test_iam_permissions: + projects_snapshots_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1snapshots~1{snapshotsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/topics_iam_policies/methods/projects_topics_get_iam_policy + #/components/x-stackQL-resources/snapshots_iam_policies/methods/projects_snapshots_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/topics_iam_policies/methods/projects_topics_set_iam_policy + #/components/x-stackQL-resources/snapshots_iam_policies/methods/projects_snapshots_set_iam_policy delete: [] - topics: - id: google.pubsub.topics - name: topics - title: Topics + schemas: + id: google.pubsub.schemas + name: schemas + title: Schemas methods: - projects_topics_create: + projects_schemas_validate: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}/put' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1schemas:validate/post' response: mediaType: application/json openAPIDocKey: '200' - projects_topics_patch: + projects_schemas_get: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}/patch' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}/get' response: mediaType: application/json openAPIDocKey: '200' - projects_topics_get: + projects_schemas_delete: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}/delete' response: mediaType: application/json openAPIDocKey: '200' - projects_topics_delete: + projects_schemas_rollback: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}/delete' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}:rollback/post response: mediaType: application/json openAPIDocKey: '200' - projects_topics_publish: + projects_schemas_list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}:publish/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1schemas/get' response: mediaType: application/json openAPIDocKey: '200' - projects_topics_list: + objectKey: $.schemas + projects_schemas_create: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1topics/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1schemas/post' + response: + mediaType: application/json + openAPIDocKey: '200' + projects_schemas_validate_message: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1schemas:validateMessage/post' + response: + mediaType: application/json + openAPIDocKey: '200' + projects_schemas_commit: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}:commit/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.topics sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/topics/methods/projects_topics_get + #/components/x-stackQL-resources/schemas/methods/projects_schemas_get - $ref: >- - #/components/x-stackQL-resources/topics/methods/projects_topics_list - insert: [] - update: + #/components/x-stackQL-resources/schemas/methods/projects_schemas_list + insert: - $ref: >- - #/components/x-stackQL-resources/topics/methods/projects_topics_patch + #/components/x-stackQL-resources/schemas/methods/projects_schemas_create + update: [] replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/topics/methods/projects_topics_delete - subscriptions: - id: google.pubsub.subscriptions - name: subscriptions - title: Subscriptions + #/components/x-stackQL-resources/schemas/methods/projects_schemas_delete + schemas_iam_policies: + id: google.pubsub.schemas_iam_policies + name: schemas_iam_policies + title: Schemas_iam_policies methods: - projects_topics_subscriptions_list: + projects_schemas_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}~1subscriptions/get + #/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.subscriptions - projects_subscriptions_detach: + objectKey: $.bindings + projects_schemas_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}:detach/post + #/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - projects_subscriptions_create: + projects_schemas_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}/put + #/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_subscriptions_get: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/schemas_iam_policies/methods/projects_schemas_get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/schemas_iam_policies/methods/projects_schemas_set_iam_policy + delete: [] + schemas_revision: + id: google.pubsub.schemas_revision + name: schemas_revision + title: Schemas_revision + methods: + projects_schemas_delete_revision: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}:deleteRevision/delete response: mediaType: application/json openAPIDocKey: '200' - projects_subscriptions_patch: + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/schemas_revision/methods/projects_schemas_delete_revision + schemas_revisions: + id: google.pubsub.schemas_revisions + name: schemas_revisions + title: Schemas_revisions + methods: + projects_schemas_list_revisions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}:listRevisions/get response: mediaType: application/json openAPIDocKey: '200' - projects_subscriptions_delete: + objectKey: $.schemas + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/schemas_revisions/methods/projects_schemas_list_revisions + insert: [] + update: [] + replace: [] + delete: [] + subscriptions: + id: google.pubsub.subscriptions + name: subscriptions + title: Subscriptions + methods: + projects_subscriptions_modify_push_config: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - projects_subscriptions_list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1subscriptions/get' + #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}:modifyPushConfig/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.subscriptions - projects_subscriptions_modify_ack_deadline: + projects_subscriptions_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}:modifyAckDeadline/post + #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_subscriptions_acknowledge: + projects_subscriptions_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}:acknowledge/post + #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}/put response: mediaType: application/json openAPIDocKey: '200' - projects_subscriptions_pull: + projects_subscriptions_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}:pull/post + #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_subscriptions_modify_push_config: + projects_subscriptions_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}:modifyPushConfig/post + #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -2268,365 +2402,234 @@ components: response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/subscriptions/methods/projects_topics_subscriptions_list - - $ref: >- - #/components/x-stackQL-resources/subscriptions/methods/projects_subscriptions_get - - $ref: >- - #/components/x-stackQL-resources/subscriptions/methods/projects_subscriptions_list - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/subscriptions/methods/projects_subscriptions_patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/subscriptions/methods/projects_subscriptions_delete - snapshots: - id: google.pubsub.snapshots - name: snapshots - title: Snapshots - methods: - projects_topics_snapshots_list: + projects_subscriptions_detach: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}~1snapshots/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.snapshots - projects_snapshots_get: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1snapshots~1{snapshotsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - projects_snapshots_create: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1snapshots~1{snapshotsId}/put' + #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}:detach/post response: mediaType: application/json openAPIDocKey: '200' - projects_snapshots_patch: + projects_subscriptions_pull: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1snapshots~1{snapshotsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}:pull/post response: mediaType: application/json openAPIDocKey: '200' - projects_snapshots_delete: + projects_subscriptions_modify_ack_deadline: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1snapshots~1{snapshotsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - projects_snapshots_list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1snapshots/get' + #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}:modifyAckDeadline/post response: mediaType: application/json - openAPIDocKey: '200' - objectKey: $.snapshots - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/snapshots/methods/projects_topics_snapshots_list - - $ref: >- - #/components/x-stackQL-resources/snapshots/methods/projects_snapshots_get - - $ref: >- - #/components/x-stackQL-resources/snapshots/methods/projects_snapshots_list - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/snapshots/methods/projects_snapshots_patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/snapshots/methods/projects_snapshots_delete - subscriptions_iam_policies: - id: google.pubsub.subscriptions_iam_policies - name: subscriptions_iam_policies - title: Subscriptions_iam_policies - methods: - projects_subscriptions_set_iam_policy: + openAPIDocKey: '200' + projects_subscriptions_acknowledge: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}:acknowledge/post response: mediaType: application/json openAPIDocKey: '200' - projects_subscriptions_get_iam_policy: + projects_subscriptions_list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}:getIamPolicy/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1subscriptions/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_subscriptions_test_iam_permissions: + objectKey: $.subscriptions + projects_topics_subscriptions_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}~1subscriptions/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.subscriptions sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/subscriptions_iam_policies/methods/projects_subscriptions_get_iam_policy + #/components/x-stackQL-resources/subscriptions/methods/projects_subscriptions_get + - $ref: >- + #/components/x-stackQL-resources/subscriptions/methods/projects_topics_subscriptions_list + - $ref: >- + #/components/x-stackQL-resources/subscriptions/methods/projects_subscriptions_list insert: [] - update: [] - replace: + update: - $ref: >- - #/components/x-stackQL-resources/subscriptions_iam_policies/methods/projects_subscriptions_set_iam_policy - delete: [] - snapshots_iam_policies: - id: google.pubsub.snapshots_iam_policies - name: snapshots_iam_policies - title: Snapshots_iam_policies + #/components/x-stackQL-resources/subscriptions/methods/projects_subscriptions_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/subscriptions/methods/projects_subscriptions_delete + subscriptions_iam_policies: + id: google.pubsub.subscriptions_iam_policies + name: subscriptions_iam_policies + title: Subscriptions_iam_policies methods: - projects_snapshots_set_iam_policy: + projects_subscriptions_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1snapshots~1{snapshotsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - projects_snapshots_get_iam_policy: + projects_subscriptions_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1snapshots~1{snapshotsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_snapshots_test_iam_permissions: + projects_subscriptions_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1snapshots~1{snapshotsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1subscriptions~1{subscriptionsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/snapshots_iam_policies/methods/projects_snapshots_get_iam_policy + #/components/x-stackQL-resources/subscriptions_iam_policies/methods/projects_subscriptions_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/snapshots_iam_policies/methods/projects_snapshots_set_iam_policy + #/components/x-stackQL-resources/subscriptions_iam_policies/methods/projects_subscriptions_set_iam_policy delete: [] - schemas_iam_policies: - id: google.pubsub.schemas_iam_policies - name: schemas_iam_policies - title: Schemas_iam_policies + topics_iam_policies: + id: google.pubsub.topics_iam_policies + name: topics_iam_policies + title: Topics_iam_policies methods: - projects_schemas_set_iam_policy: + projects_topics_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_schemas_get_iam_policy: + projects_topics_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_schemas_test_iam_permissions: + projects_topics_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/schemas_iam_policies/methods/projects_schemas_get_iam_policy + #/components/x-stackQL-resources/topics_iam_policies/methods/projects_topics_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/schemas_iam_policies/methods/projects_schemas_set_iam_policy + #/components/x-stackQL-resources/topics_iam_policies/methods/projects_topics_set_iam_policy delete: [] - schemas: - id: google.pubsub.schemas - name: schemas - title: Schemas + topics: + id: google.pubsub.topics + name: topics + title: Topics methods: - projects_schemas_create: + projects_topics_list: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1schemas/post' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1topics/get' response: mediaType: application/json openAPIDocKey: '200' - projects_schemas_list: + objectKey: $.topics + projects_topics_get: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1schemas/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.schemas - projects_schemas_get: + projects_topics_patch: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}/patch' response: mediaType: application/json openAPIDocKey: '200' - projects_schemas_delete: + projects_topics_delete: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}/delete' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}/delete' response: mediaType: application/json openAPIDocKey: '200' - projects_schemas_commit: + projects_topics_create: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}:commit/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}/put' response: mediaType: application/json openAPIDocKey: '200' - projects_schemas_rollback: + projects_topics_publish: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}:rollback/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_schemas_validate: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1schemas:validate/post' - response: - mediaType: application/json - openAPIDocKey: '200' - projects_schemas_validate_message: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1schemas:validateMessage/post' + #/paths/~1v1~1projects~1{projectsId}~1topics~1{topicsId}:publish/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/schemas/methods/projects_schemas_get - - $ref: >- - #/components/x-stackQL-resources/schemas/methods/projects_schemas_list - insert: - - $ref: >- - #/components/x-stackQL-resources/schemas/methods/projects_schemas_create - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/schemas/methods/projects_schemas_delete - schemas_revisions: - id: google.pubsub.schemas_revisions - name: schemas_revisions - title: Schemas_revisions - methods: - projects_schemas_list_revisions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}:listRevisions/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.schemas - sqlVerbs: - select: + #/components/x-stackQL-resources/topics/methods/projects_topics_get - $ref: >- - #/components/x-stackQL-resources/schemas_revisions/methods/projects_schemas_list_revisions - insert: [] - update: [] - replace: [] - delete: [] - schemas_revision: - id: google.pubsub.schemas_revision - name: schemas_revision - title: Schemas_revision - methods: - projects_schemas_delete_revision: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1schemas~1{schemasId}:deleteRevision/delete - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: [] + #/components/x-stackQL-resources/topics/methods/projects_topics_list insert: [] - update: [] + update: + - $ref: >- + #/components/x-stackQL-resources/topics/methods/projects_topics_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/schemas_revision/methods/projects_schemas_delete_revision + #/components/x-stackQL-resources/topics/methods/projects_topics_delete paths: - /v1/projects/{projectsId}/topics/{topicsId}:setIamPolicy: + /v1/projects/{projectsId}/snapshots/{snapshotsId}: parameters: &ref_1 + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: pubsub.projects.topics.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/pubsub - Oauth2c: - - https://www.googleapis.com/auth/pubsub - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Policy' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: topicsId - required: true - schema: - type: string - /v1/projects/{projectsId}/topics/{topicsId}:getIamPolicy: - parameters: *ref_1 - get: + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/callback' + put: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: pubsub.projects.topics.getIamPolicy + Creates a snapshot from the requested subscription. Snapshots are used + in [Seek](https://cloud.google.com/pubsub/docs/replay-overview) + operations, which allow you to manage message acknowledgments in bulk. + That is, you can set the acknowledgment state of messages in an existing + subscription to the state captured by a snapshot. If the snapshot + already exists, returns `ALREADY_EXISTS`. If the requested subscription + doesn't exist, returns `NOT_FOUND`. If the backlog in the subscription + is too old -- and the resulting snapshot would expire in less than 1 + hour -- then `FAILED_PRECONDITION` is returned. See also the + `Snapshot.expire_time` field. If the name is not provided in the + request, the server will assign a random name for this snapshot on the + same project as the subscription, conforming to the [resource name + format] + (https://cloud.google.com/pubsub/docs/pubsub-basics#resource_names). The + generated name is populated in the returned Snapshot object. Note that + for REST API requests, you must specify a name in the request. + operationId: pubsub.projects.snapshots.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CreateSnapshotRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2642,7 +2645,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Snapshot' parameters: - in: path name: projectsId @@ -2650,30 +2653,24 @@ paths: schema: type: string - in: path - name: topicsId + name: snapshotsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/topics/{topicsId}:testIamPermissions: - parameters: *ref_1 - post: + patch: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: pubsub.projects.topics.testIamPermissions + Updates an existing snapshot by updating the fields specified in the + update mask. Snapshots are used in + [Seek](https://cloud.google.com/pubsub/docs/replay-overview) operations, + which allow you to manage message acknowledgments in bulk. That is, you + can set the acknowledgment state of messages in an existing subscription + to the state captured by a snapshot. + operationId: pubsub.projects.snapshots.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/UpdateSnapshotRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2689,7 +2686,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Snapshot' parameters: - in: path name: projectsId @@ -2697,23 +2694,18 @@ paths: schema: type: string - in: path - name: topicsId + name: snapshotsId required: true schema: type: string - /v1/projects/{projectsId}/topics/{topicsId}: - parameters: *ref_1 - put: + get: description: >- - Creates the given topic with the given name. See the [resource name - rules] - (https://cloud.google.com/pubsub/docs/pubsub-basics#resource_names). - operationId: pubsub.projects.topics.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Topic' + Gets the configuration details of a snapshot. Snapshots are used in + [Seek](https://cloud.google.com/pubsub/docs/replay-overview) operations, + which allow you to manage message acknowledgments in bulk. That is, you + can set the acknowledgment state of messages in an existing subscription + to the state captured by a snapshot. + operationId: pubsub.projects.snapshots.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2729,7 +2721,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Topic' + $ref: '#/components/schemas/Snapshot' parameters: - in: path name: projectsId @@ -2737,20 +2729,22 @@ paths: schema: type: string - in: path - name: topicsId + name: snapshotsId required: true schema: type: string - patch: + delete: description: >- - Updates an existing topic by updating the fields specified in the update - mask. Note that certain properties of a topic are not modifiable. - operationId: pubsub.projects.topics.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UpdateTopicRequest' + Removes an existing snapshot. Snapshots are used in [Seek] + (https://cloud.google.com/pubsub/docs/replay-overview) operations, which + allow you to manage message acknowledgments in bulk. That is, you can + set the acknowledgment state of messages in an existing subscription to + the state captured by a snapshot. When the snapshot is deleted, all + messages retained in the snapshot are immediately dropped. After a + snapshot is deleted, a new one may be created with the same name, but + the new one has no association with the old snapshot or its + subscription, unless the same subscription is specified. + operationId: pubsub.projects.snapshots.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2766,7 +2760,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Topic' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2774,13 +2768,20 @@ paths: schema: type: string - in: path - name: topicsId + name: snapshotsId required: true schema: type: string + /v1/projects/{projectsId}/snapshots: + parameters: *ref_1 get: - description: Gets the configuration of a topic. - operationId: pubsub.projects.topics.get + description: >- + Lists the existing snapshots. Snapshots are used in [Seek]( + https://cloud.google.com/pubsub/docs/replay-overview) operations, which + allow you to manage message acknowledgments in bulk. That is, you can + set the acknowledgment state of messages in an existing subscription to + the state captured by a snapshot. + operationId: pubsub.projects.snapshots.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2796,26 +2797,29 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Topic' + $ref: '#/components/schemas/ListSnapshotsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: topicsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - delete: + /v1/projects/{projectsId}/snapshots/{snapshotsId}:getIamPolicy: + parameters: *ref_1 + get: description: >- - Deletes the topic with the given name. Returns `NOT_FOUND` if the topic - does not exist. After a topic is deleted, a new topic may be created - with the same name; this is an entirely new topic with none of the old - configuration or subscriptions. Existing subscriptions to this topic are - not deleted, but their `topic` field is set to `_deleted-topic_`. - operationId: pubsub.projects.topics.delete + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: pubsub.projects.snapshots.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2831,7 +2835,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2839,22 +2843,28 @@ paths: schema: type: string - in: path - name: topicsId + name: snapshotsId required: true schema: type: string - /v1/projects/{projectsId}/topics/{topicsId}:publish: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/snapshots/{snapshotsId}:setIamPolicy: parameters: *ref_1 post: description: >- - Adds one or more messages to the topic. Returns `NOT_FOUND` if the topic - does not exist. - operationId: pubsub.projects.topics.publish + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: pubsub.projects.snapshots.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/PublishRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2870,7 +2880,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PublishResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2878,15 +2888,25 @@ paths: schema: type: string - in: path - name: topicsId + name: snapshotsId required: true schema: type: string - /v1/projects/{projectsId}/topics: + /v1/projects/{projectsId}/snapshots/{snapshotsId}:testIamPermissions: parameters: *ref_1 - get: - description: Lists matching topics. - operationId: pubsub.projects.topics.list + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: pubsub.projects.snapshots.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2902,27 +2922,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTopicsResponse' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: snapshotsId + required: true schema: type: string - /v1/projects/{projectsId}/topics/{topicsId}/subscriptions: + /v1/projects/{projectsId}/schemas:validate: parameters: *ref_1 - get: - description: Lists the names of the attached subscriptions on this topic. - operationId: pubsub.projects.topics.subscriptions.list + post: + description: Validates a schema. + operationId: pubsub.projects.schemas.validate + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ValidateSchemaRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2938,37 +2959,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTopicSubscriptionsResponse' + $ref: '#/components/schemas/ValidateSchemaResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: topicsId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/topics/{topicsId}/snapshots: + /v1/projects/{projectsId}/schemas/{schemasId}: parameters: *ref_1 get: - description: >- - Lists the names of the snapshots on this topic. Snapshots are used in - [Seek](https://cloud.google.com/pubsub/docs/replay-overview) operations, - which allow you to manage message acknowledgments in bulk. That is, you - can set the acknowledgment state of messages in an existing subscription - to the state captured by a snapshot. - operationId: pubsub.projects.topics.snapshots.list + description: Gets a schema. + operationId: pubsub.projects.schemas.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2984,7 +2986,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTopicSnapshotsResponse' + $ref: '#/components/schemas/Schema' parameters: - in: path name: projectsId @@ -2992,32 +2994,17 @@ paths: schema: type: string - in: path - name: topicsId + name: schemasId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: view schema: type: string - /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: pubsub.projects.subscriptions.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + delete: + description: Deletes a schema. + operationId: pubsub.projects.schemas.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3033,7 +3020,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -3041,17 +3028,17 @@ paths: schema: type: string - in: path - name: subscriptionsId + name: schemasId required: true schema: type: string - /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:getIamPolicy: + /v1/projects/{projectsId}/schemas/{schemasId}:getIamPolicy: parameters: *ref_1 get: description: >- Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. - operationId: pubsub.projects.subscriptions.getIamPolicy + operationId: pubsub.projects.schemas.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3075,7 +3062,7 @@ paths: schema: type: string - in: path - name: subscriptionsId + name: schemasId required: true schema: type: string @@ -3084,21 +3071,11 @@ paths: schema: type: integer format: int32 - /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:testIamPermissions: + /v1/projects/{projectsId}/schemas/{schemasId}:deleteRevision: parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: pubsub.projects.subscriptions.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + delete: + description: Deletes a specific schema revision. + operationId: pubsub.projects.schemas.deleteRevision security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3114,7 +3091,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Schema' parameters: - in: path name: projectsId @@ -3122,19 +3099,26 @@ paths: schema: type: string - in: path - name: subscriptionsId + name: schemasId required: true schema: type: string - /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:detach: + - in: query + name: revisionId + schema: + type: string + /v1/projects/{projectsId}/schemas/{schemasId}:rollback: parameters: *ref_1 post: description: >- - Detaches a subscription from this topic. All messages retained in the - subscription are dropped. Subsequent `Pull` and `StreamingPull` requests - will return FAILED_PRECONDITION. If the subscription is a push - subscription, pushes to the endpoint will stop. - operationId: pubsub.projects.subscriptions.detach + Creates a new schema revision that is a copy of the provided + revision_id. + operationId: pubsub.projects.schemas.rollback + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RollbackSchemaRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3150,7 +3134,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DetachSubscriptionResponse' + $ref: '#/components/schemas/Schema' parameters: - in: path name: projectsId @@ -3158,30 +3142,25 @@ paths: schema: type: string - in: path - name: subscriptionsId + name: schemasId required: true schema: type: string - /v1/projects/{projectsId}/subscriptions/{subscriptionsId}: + /v1/projects/{projectsId}/schemas/{schemasId}:testIamPermissions: parameters: *ref_1 - put: + post: description: >- - Creates a subscription to a given topic. See the [resource name rules] - (https://cloud.google.com/pubsub/docs/pubsub-basics#resource_names). If - the subscription already exists, returns `ALREADY_EXISTS`. If the - corresponding topic doesn't exist, returns `NOT_FOUND`. If the name is - not provided in the request, the server will assign a random name for - this subscription on the same project as the topic, conforming to the - [resource name format] - (https://cloud.google.com/pubsub/docs/pubsub-basics#resource_names). The - generated name is populated in the returned Subscription object. Note - that for REST API requests, you must specify a name in the request. - operationId: pubsub.projects.subscriptions.create + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: pubsub.projects.schemas.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/Subscription' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3197,7 +3176,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Subscription' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -3205,13 +3184,15 @@ paths: schema: type: string - in: path - name: subscriptionsId + name: schemasId required: true schema: type: string + /v1/projects/{projectsId}/schemas: + parameters: *ref_1 get: - description: Gets the configuration details of a subscription. - operationId: pubsub.projects.subscriptions.get + description: Lists schemas in a project. + operationId: pubsub.projects.schemas.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3227,29 +3208,34 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Subscription' + $ref: '#/components/schemas/ListSchemasResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: subscriptionsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: view schema: type: string - patch: - description: >- - Updates an existing subscription by updating the fields specified in the - update mask. Note that certain properties of a subscription, such as its - topic, are not modifiable. - operationId: pubsub.projects.subscriptions.patch + - in: query + name: pageToken + schema: + type: string + post: + description: Creates a schema. + operationId: pubsub.projects.schemas.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/UpdateSubscriptionRequest' + $ref: '#/components/schemas/Schema' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3265,26 +3251,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Subscription' + $ref: '#/components/schemas/Schema' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: subscriptionsId - required: true + - in: query + name: schemaId schema: type: string - delete: + /v1/projects/{projectsId}/schemas/{schemasId}:setIamPolicy: + parameters: *ref_1 + post: description: >- - Deletes an existing subscription. All messages retained in the - subscription are immediately dropped. Calls to `Pull` after deletion - will return `NOT_FOUND`. After a subscription is deleted, a new one may - be created with the same name, but the new one has no association with - the old subscription or its topic unless the same topic is specified. - operationId: pubsub.projects.subscriptions.delete + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: pubsub.projects.schemas.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3300,7 +3290,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -3308,15 +3298,15 @@ paths: schema: type: string - in: path - name: subscriptionsId + name: schemasId required: true schema: type: string - /v1/projects/{projectsId}/subscriptions: + /v1/projects/{projectsId}/schemas/{schemasId}:listRevisions: parameters: *ref_1 get: - description: Lists matching subscriptions. - operationId: pubsub.projects.subscriptions.list + description: Lists all schema revisions for the named schema. + operationId: pubsub.projects.schemas.listRevisions security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3332,37 +3322,73 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSubscriptionsResponse' + $ref: '#/components/schemas/ListSchemaRevisionsResponse' parameters: - in: path name: projectsId required: true schema: type: string + - in: path + name: schemasId + required: true + schema: + type: string + - in: query + name: view + schema: + type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken + /v1/projects/{projectsId}/schemas:validateMessage: + parameters: *ref_1 + post: + description: Validates a message against a schema. + operationId: pubsub.projects.schemas.validateMessage + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ValidateMessageRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/pubsub + Oauth2c: + - https://www.googleapis.com/auth/pubsub + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ValidateMessageResponse' + parameters: + - in: path + name: projectsId + required: true schema: type: string - /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:modifyAckDeadline: + /v1/projects/{projectsId}/schemas/{schemasId}:commit: parameters: *ref_1 post: - description: >- - Modifies the ack deadline for a specific message. This method is useful - to indicate that more time is needed to process a message by the - subscriber, or to make the message available for redelivery if the - processing was interrupted. Note that this does not modify the - subscription-level `ackDeadlineSeconds` used for subsequent messages. - operationId: pubsub.projects.subscriptions.modifyAckDeadline + description: Commits a new schema revision to an existing schema. + operationId: pubsub.projects.schemas.commit requestBody: content: application/json: schema: - $ref: '#/components/schemas/ModifyAckDeadlineRequest' + $ref: '#/components/schemas/CommitSchemaRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3378,7 +3404,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Schema' parameters: - in: path name: projectsId @@ -3386,26 +3412,25 @@ paths: schema: type: string - in: path - name: subscriptionsId + name: schemasId required: true schema: type: string - /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:acknowledge: + /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:modifyPushConfig: parameters: *ref_1 post: description: >- - Acknowledges the messages associated with the `ack_ids` in the - `AcknowledgeRequest`. The Pub/Sub system can remove the relevant - messages from the subscription. Acknowledging a message whose ack - deadline has expired may succeed, but such a message may be redelivered - later. Acknowledging a message more than once will not result in an - error. - operationId: pubsub.projects.subscriptions.acknowledge + Modifies the `PushConfig` for a specified subscription. This may be used + to change a push subscription to a pull one (signified by an empty + `PushConfig`) or vice versa, or change the endpoint URL and other + attributes of a push subscription. Messages will accumulate for delivery + continuously through the call regardless of changes to the `PushConfig`. + operationId: pubsub.projects.subscriptions.modifyPushConfig requestBody: content: application/json: schema: - $ref: '#/components/schemas/AcknowledgeRequest' + $ref: '#/components/schemas/ModifyPushConfigRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3433,16 +3458,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:pull: + /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:testIamPermissions: parameters: *ref_1 post: - description: Pulls messages from the server. - operationId: pubsub.projects.subscriptions.pull + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: pubsub.projects.subscriptions.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/PullRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3458,7 +3488,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PullResponse' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -3470,21 +3500,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:modifyPushConfig: + /v1/projects/{projectsId}/subscriptions/{subscriptionsId}: parameters: *ref_1 - post: + delete: description: >- - Modifies the `PushConfig` for a specified subscription. This may be used - to change a push subscription to a pull one (signified by an empty - `PushConfig`) or vice versa, or change the endpoint URL and other - attributes of a push subscription. Messages will accumulate for delivery - continuously through the call regardless of changes to the `PushConfig`. - operationId: pubsub.projects.subscriptions.modifyPushConfig - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ModifyPushConfigRequest' + Deletes an existing subscription. All messages retained in the + subscription are immediately dropped. Calls to `Pull` after deletion + will return `NOT_FOUND`. After a subscription is deleted, a new one may + be created with the same name, but the new one has no association with + the old subscription or its topic unless the same topic is specified. + operationId: pubsub.projects.subscriptions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3512,23 +3537,24 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:seek: - parameters: *ref_1 - post: + put: description: >- - Seeks an existing subscription to a point in time or to a given - snapshot, whichever is provided in the request. Snapshots are used in - [Seek] (https://cloud.google.com/pubsub/docs/replay-overview) - operations, which allow you to manage message acknowledgments in bulk. - That is, you can set the acknowledgment state of messages in an existing - subscription to the state captured by a snapshot. Note that both the - subscription and the snapshot must be on the same topic. - operationId: pubsub.projects.subscriptions.seek + Creates a subscription to a given topic. See the [resource name rules] + (https://cloud.google.com/pubsub/docs/pubsub-basics#resource_names). If + the subscription already exists, returns `ALREADY_EXISTS`. If the + corresponding topic doesn't exist, returns `NOT_FOUND`. If the name is + not provided in the request, the server will assign a random name for + this subscription on the same project as the topic, conforming to the + [resource name format] + (https://cloud.google.com/pubsub/docs/pubsub-basics#resource_names). The + generated name is populated in the returned Subscription object. Note + that for REST API requests, you must specify a name in the request. + operationId: pubsub.projects.subscriptions.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SeekRequest' + $ref: '#/components/schemas/Subscription' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3544,7 +3570,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SeekResponse' + $ref: '#/components/schemas/Subscription' parameters: - in: path name: projectsId @@ -3556,19 +3582,9 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/snapshots/{snapshotsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: pubsub.projects.snapshots.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + get: + description: Gets the configuration details of a subscription. + operationId: pubsub.projects.subscriptions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3584,7 +3600,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Subscription' parameters: - in: path name: projectsId @@ -3592,17 +3608,21 @@ paths: schema: type: string - in: path - name: snapshotsId + name: subscriptionsId required: true schema: type: string - /v1/projects/{projectsId}/snapshots/{snapshotsId}:getIamPolicy: - parameters: *ref_1 - get: + patch: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: pubsub.projects.snapshots.getIamPolicy + Updates an existing subscription by updating the fields specified in the + update mask. Note that certain properties of a subscription, such as its + topic, are not modifiable. + operationId: pubsub.projects.subscriptions.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UpdateSubscriptionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3618,7 +3638,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Subscription' parameters: - in: path name: projectsId @@ -3626,30 +3646,27 @@ paths: schema: type: string - in: path - name: snapshotsId + name: subscriptionsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/snapshots/{snapshotsId}:testIamPermissions: + /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:seek: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: pubsub.projects.snapshots.testIamPermissions + Seeks an existing subscription to a point in time or to a given + snapshot, whichever is provided in the request. Snapshots are used in + [Seek] (https://cloud.google.com/pubsub/docs/replay-overview) + operations, which allow you to manage message acknowledgments in bulk. + That is, you can set the acknowledgment state of messages in an existing + subscription to the state captured by a snapshot. Note that both the + subscription and the snapshot must be on the same topic. + operationId: pubsub.projects.subscriptions.seek requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/SeekRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3665,7 +3682,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/SeekResponse' parameters: - in: path name: projectsId @@ -3673,20 +3690,19 @@ paths: schema: type: string - in: path - name: snapshotsId + name: subscriptionsId required: true schema: type: string - /v1/projects/{projectsId}/snapshots/{snapshotsId}: + /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:detach: parameters: *ref_1 - get: + post: description: >- - Gets the configuration details of a snapshot. Snapshots are used in - [Seek](https://cloud.google.com/pubsub/docs/replay-overview) operations, - which allow you to manage message acknowledgments in bulk. That is, you - can set the acknowledgment state of messages in an existing subscription - to the state captured by a snapshot. - operationId: pubsub.projects.snapshots.get + Detaches a subscription from this topic. All messages retained in the + subscription are dropped. Subsequent `Pull` and `StreamingPull` requests + will return FAILED_PRECONDITION. If the subscription is a push + subscription, pushes to the endpoint will stop. + operationId: pubsub.projects.subscriptions.detach security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3702,7 +3718,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Snapshot' + $ref: '#/components/schemas/DetachSubscriptionResponse' parameters: - in: path name: projectsId @@ -3710,34 +3726,20 @@ paths: schema: type: string - in: path - name: snapshotsId + name: subscriptionsId required: true schema: type: string - put: - description: >- - Creates a snapshot from the requested subscription. Snapshots are used - in [Seek](https://cloud.google.com/pubsub/docs/replay-overview) - operations, which allow you to manage message acknowledgments in bulk. - That is, you can set the acknowledgment state of messages in an existing - subscription to the state captured by a snapshot. If the snapshot - already exists, returns `ALREADY_EXISTS`. If the requested subscription - doesn't exist, returns `NOT_FOUND`. If the backlog in the subscription - is too old -- and the resulting snapshot would expire in less than 1 - hour -- then `FAILED_PRECONDITION` is returned. See also the - `Snapshot.expire_time` field. If the name is not provided in the - request, the server will assign a random name for this snapshot on the - same project as the subscription, conforming to the [resource name - format] - (https://cloud.google.com/pubsub/docs/pubsub-basics#resource_names). The - generated name is populated in the returned Snapshot object. Note that - for REST API requests, you must specify a name in the request. - operationId: pubsub.projects.snapshots.create + /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:pull: + parameters: *ref_1 + post: + description: Pulls messages from the server. + operationId: pubsub.projects.subscriptions.pull requestBody: content: application/json: schema: - $ref: '#/components/schemas/CreateSnapshotRequest' + $ref: '#/components/schemas/PullRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3753,7 +3755,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Snapshot' + $ref: '#/components/schemas/PullResponse' parameters: - in: path name: projectsId @@ -3761,24 +3763,25 @@ paths: schema: type: string - in: path - name: snapshotsId + name: subscriptionsId required: true schema: type: string - patch: + /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:modifyAckDeadline: + parameters: *ref_1 + post: description: >- - Updates an existing snapshot by updating the fields specified in the - update mask. Snapshots are used in - [Seek](https://cloud.google.com/pubsub/docs/replay-overview) operations, - which allow you to manage message acknowledgments in bulk. That is, you - can set the acknowledgment state of messages in an existing subscription - to the state captured by a snapshot. - operationId: pubsub.projects.snapshots.patch + Modifies the ack deadline for a specific message. This method is useful + to indicate that more time is needed to process a message by the + subscriber, or to make the message available for redelivery if the + processing was interrupted. Note that this does not modify the + subscription-level `ackDeadlineSeconds` used for subsequent messages. + operationId: pubsub.projects.subscriptions.modifyAckDeadline requestBody: content: application/json: schema: - $ref: '#/components/schemas/UpdateSnapshotRequest' + $ref: '#/components/schemas/ModifyAckDeadlineRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3794,7 +3797,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Snapshot' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -3802,22 +3805,26 @@ paths: schema: type: string - in: path - name: snapshotsId + name: subscriptionsId required: true schema: type: string - delete: + /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:acknowledge: + parameters: *ref_1 + post: description: >- - Removes an existing snapshot. Snapshots are used in [Seek] - (https://cloud.google.com/pubsub/docs/replay-overview) operations, which - allow you to manage message acknowledgments in bulk. That is, you can - set the acknowledgment state of messages in an existing subscription to - the state captured by a snapshot. When the snapshot is deleted, all - messages retained in the snapshot are immediately dropped. After a - snapshot is deleted, a new one may be created with the same name, but - the new one has no association with the old snapshot or its - subscription, unless the same subscription is specified. - operationId: pubsub.projects.snapshots.delete + Acknowledges the messages associated with the `ack_ids` in the + `AcknowledgeRequest`. The Pub/Sub system can remove the relevant + messages from the subscription. Acknowledging a message whose ack + deadline has expired may succeed, but such a message may be redelivered + later. Acknowledging a message more than once will not result in an + error. + operationId: pubsub.projects.subscriptions.acknowledge + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AcknowledgeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3841,20 +3848,15 @@ paths: schema: type: string - in: path - name: snapshotsId + name: subscriptionsId required: true schema: type: string - /v1/projects/{projectsId}/snapshots: + /v1/projects/{projectsId}/subscriptions: parameters: *ref_1 get: - description: >- - Lists the existing snapshots. Snapshots are used in [Seek]( - https://cloud.google.com/pubsub/docs/replay-overview) operations, which - allow you to manage message acknowledgments in bulk. That is, you can - set the acknowledgment state of messages in an existing subscription to - the state captured by a snapshot. - operationId: pubsub.projects.snapshots.list + description: Lists matching subscriptions. + operationId: pubsub.projects.subscriptions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3870,7 +3872,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSnapshotsResponse' + $ref: '#/components/schemas/ListSubscriptionsResponse' parameters: - in: path name: projectsId @@ -3886,14 +3888,14 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/schemas/{schemasId}:setIamPolicy: + /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:setIamPolicy: parameters: *ref_1 post: description: >- Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. - operationId: pubsub.projects.schemas.setIamPolicy + operationId: pubsub.projects.subscriptions.setIamPolicy requestBody: content: application/json: @@ -3922,17 +3924,54 @@ paths: schema: type: string - in: path - name: schemasId + name: subscriptionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/subscriptions/{subscriptionsId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: pubsub.projects.subscriptions.getIamPolicy + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/pubsub + Oauth2c: + - https://www.googleapis.com/auth/pubsub + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Policy' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: subscriptionsId required: true schema: - type: string - /v1/projects/{projectsId}/schemas/{schemasId}:getIamPolicy: + type: string + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/topics/{topicsId}/subscriptions: parameters: *ref_1 get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: pubsub.projects.schemas.getIamPolicy + description: Lists the names of the attached subscriptions on this topic. + operationId: pubsub.projects.topics.subscriptions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3948,7 +3987,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListTopicSubscriptionsResponse' parameters: - in: path name: projectsId @@ -3956,30 +3995,29 @@ paths: schema: type: string - in: path - name: schemasId + name: topicsId required: true schema: type: string - in: query - name: options.requestedPolicyVersion + name: pageToken + schema: + type: string + - in: query + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/schemas/{schemasId}:testIamPermissions: + /v1/projects/{projectsId}/topics/{topicsId}/snapshots: parameters: *ref_1 - post: + get: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: pubsub.projects.schemas.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + Lists the names of the snapshots on this topic. Snapshots are used in + [Seek](https://cloud.google.com/pubsub/docs/replay-overview) operations, + which allow you to manage message acknowledgments in bulk. That is, you + can set the acknowledgment state of messages in an existing subscription + to the state captured by a snapshot. + operationId: pubsub.projects.topics.snapshots.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3995,7 +4033,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ListTopicSnapshotsResponse' parameters: - in: path name: projectsId @@ -4003,20 +4041,32 @@ paths: schema: type: string - in: path - name: schemasId + name: topicsId required: true schema: type: string - /v1/projects/{projectsId}/schemas: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/topics/{topicsId}:setIamPolicy: parameters: *ref_1 post: - description: Creates a schema. - operationId: pubsub.projects.schemas.create + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: pubsub.projects.topics.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/Schema' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4032,20 +4082,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Schema' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: schemaId + - in: path + name: topicsId + required: true schema: type: string + /v1/projects/{projectsId}/topics: + parameters: *ref_1 get: - description: Lists schemas in a project. - operationId: pubsub.projects.schemas.list + description: Lists matching topics. + operationId: pubsub.projects.topics.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4061,7 +4114,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSchemasResponse' + $ref: '#/components/schemas/ListTopicsResponse' parameters: - in: path name: projectsId @@ -4069,7 +4122,7 @@ paths: schema: type: string - in: query - name: view + name: pageToken schema: type: string - in: query @@ -4077,15 +4130,11 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/schemas/{schemasId}: + /v1/projects/{projectsId}/topics/{topicsId}: parameters: *ref_1 get: - description: Gets a schema. - operationId: pubsub.projects.schemas.get + description: Gets the configuration of a topic. + operationId: pubsub.projects.topics.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4101,7 +4150,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Schema' + $ref: '#/components/schemas/Topic' parameters: - in: path name: projectsId @@ -4109,17 +4158,20 @@ paths: schema: type: string - in: path - name: schemasId + name: topicsId required: true schema: type: string - - in: query - name: view - schema: - type: string - delete: - description: Deletes a schema. - operationId: pubsub.projects.schemas.delete + patch: + description: >- + Updates an existing topic by updating the fields specified in the update + mask. Note that certain properties of a topic are not modifiable. + operationId: pubsub.projects.topics.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UpdateTopicRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4135,7 +4187,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Topic' parameters: - in: path name: projectsId @@ -4143,15 +4195,18 @@ paths: schema: type: string - in: path - name: schemasId + name: topicsId required: true schema: type: string - /v1/projects/{projectsId}/schemas/{schemasId}:listRevisions: - parameters: *ref_1 - get: - description: Lists all schema revisions for the named schema. - operationId: pubsub.projects.schemas.listRevisions + delete: + description: >- + Deletes the topic with the given name. Returns `NOT_FOUND` if the topic + does not exist. After a topic is deleted, a new topic may be created + with the same name; this is an entirely new topic with none of the old + configuration or subscriptions. Existing subscriptions to this topic are + not deleted, but their `topic` field is set to `_deleted-topic_`. + operationId: pubsub.projects.topics.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4167,7 +4222,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSchemaRevisionsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -4175,33 +4230,21 @@ paths: schema: type: string - in: path - name: schemasId + name: topicsId required: true schema: type: string - - in: query - name: view - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/schemas/{schemasId}:commit: - parameters: *ref_1 - post: - description: Commits a new schema revision to an existing schema. - operationId: pubsub.projects.schemas.commit + put: + description: >- + Creates the given topic with the given name. See the [resource name + rules] + (https://cloud.google.com/pubsub/docs/pubsub-basics#resource_names). + operationId: pubsub.projects.topics.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/CommitSchemaRequest' + $ref: '#/components/schemas/Topic' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4217,7 +4260,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Schema' + $ref: '#/components/schemas/Topic' parameters: - in: path name: projectsId @@ -4225,22 +4268,25 @@ paths: schema: type: string - in: path - name: schemasId + name: topicsId required: true schema: type: string - /v1/projects/{projectsId}/schemas/{schemasId}:rollback: + /v1/projects/{projectsId}/topics/{topicsId}:testIamPermissions: parameters: *ref_1 post: description: >- - Creates a new schema revision that is a copy of the provided - revision_id. - operationId: pubsub.projects.schemas.rollback + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: pubsub.projects.topics.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/RollbackSchemaRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4256,7 +4302,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Schema' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -4264,15 +4310,22 @@ paths: schema: type: string - in: path - name: schemasId + name: topicsId required: true schema: type: string - /v1/projects/{projectsId}/schemas/{schemasId}:deleteRevision: + /v1/projects/{projectsId}/topics/{topicsId}:publish: parameters: *ref_1 - delete: - description: Deletes a specific schema revision. - operationId: pubsub.projects.schemas.deleteRevision + post: + description: >- + Adds one or more messages to the topic. Returns `NOT_FOUND` if the topic + does not exist. + operationId: pubsub.projects.topics.publish + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PublishRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4288,7 +4341,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Schema' + $ref: '#/components/schemas/PublishResponse' parameters: - in: path name: projectsId @@ -4296,24 +4349,17 @@ paths: schema: type: string - in: path - name: schemasId + name: topicsId required: true schema: type: string - - in: query - name: revisionId - schema: - type: string - /v1/projects/{projectsId}/schemas:validate: + /v1/projects/{projectsId}/topics/{topicsId}:getIamPolicy: parameters: *ref_1 - post: - description: Validates a schema. - operationId: pubsub.projects.schemas.validate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ValidateSchemaRequest' + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: pubsub.projects.topics.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4329,42 +4375,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ValidateSchemaResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/schemas:validateMessage: - parameters: *ref_1 - post: - description: Validates a message against a schema. - operationId: pubsub.projects.schemas.validateMessage - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ValidateMessageRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/pubsub - Oauth2c: - - https://www.googleapis.com/auth/pubsub - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ValidateMessageResponse' - parameters: - in: path - name: projectsId + name: topicsId required: true schema: type: string + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 diff --git a/providers/src/googleapis.com/v00.00.00000/services/pubsublite.yaml b/providers/src/googleapis.com/v00.00.00000/services/pubsublite.yaml index 31099b5c..1145f601 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/pubsublite.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/pubsublite.yaml @@ -7,8 +7,8 @@ info: title: Pub/Sub Lite API description: '' version: v1 - x-discovery-doc-revision: '20250815' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251114' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/pubsub/lite/docs servers: @@ -49,6 +49,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -1158,6 +1167,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/admin/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/rapidmigrationassessment.yaml b/providers/src/googleapis.com/v00.00.00000/services/rapidmigrationassessment.yaml index bc2ad79b..8f0e6385 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/rapidmigrationassessment.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/rapidmigrationassessment.yaml @@ -10,7 +10,7 @@ info: assessment and planning tool. version: v1 x-discovery-doc-revision: '20250718' - x-generated-date: '2025-08-28' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/migration-center servers: @@ -36,72 +36,29 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object + Status: properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. + code: + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + details: type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + message: type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: object id: Status description: >- The `Status` type defines a logical error model that is suitable for @@ -111,28 +68,21 @@ components: details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). - type: object + ListOperationsResponse: + id: ListOperationsResponse properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + nextPageToken: + description: The standard List next-page token. type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + operations: type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + $ref: '#/components/schemas/Operation' + description: >- + A list of operations that matches the specified filter in the + request. + type: object + description: The response message for Operations.ListOperations. Empty: id: Empty description: >- @@ -142,172 +92,112 @@ components: { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } type: object properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - Collector: - id: Collector - description: Message describing Collector object. - type: object + VSphereScan: + description: Message describing a MC Source of type VSphere Scan. properties: - name: - description: name of resource. - type: string - createTime: - description: Output only. Create time stamp. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Update time stamp. - readOnly: true + coreSource: type: string - format: google-datetime + description: reference to the corresponding VSphere Scan in MC Source. + id: VSphereScan + type: object + Location: + id: Location + properties: labels: - description: Labels as key value pairs. - type: object additionalProperties: type: string + type: object + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} displayName: - description: User specified name of the Collector. - type: string - description: - description: User specified description of the Collector. - type: string - serviceAccount: - description: Service Account email used to ingest data to this Collector. - type: string - bucket: description: >- - Output only. Store cloud storage bucket name (which is a guid) - created with this Collector. - readOnly: true - type: string - expectedAssetCount: - description: User specified expected asset count. + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". type: string - format: int64 - state: - description: Output only. State of the Collector. - readOnly: true + metadata: + description: >- + Service-specific metadata. For example the available capacity at the + given location. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' type: string - enumDescriptions: - - Collector state is not recognized. - - >- - Collector started to create, but hasn't been completed MC source - creation and db object creation. - - >- - Collector has been created, MC source creation and db object - creation completed. - - Collector client has been registered with client. - - Collector client is actively scanning. - - Collector is not actively scanning. - - Collector is starting background job for deletion. - - Collector completed all tasks for deletion. - - Collector is in error state. - enum: - - STATE_UNSPECIFIED - - STATE_INITIALIZING - - STATE_READY_TO_USE - - STATE_REGISTERED - - STATE_ACTIVE - - STATE_PAUSED - - STATE_DELETING - - STATE_DECOMMISSIONED - - STATE_ERROR - clientVersion: - description: Output only. Client version. - readOnly: true + name: type: string - guestOsScan: - description: Output only. Reference to MC Source Guest Os Scan. - readOnly: true - $ref: '#/components/schemas/GuestOsScan' - vsphereScan: - description: Output only. Reference to MC Source vsphere_scan. - readOnly: true - $ref: '#/components/schemas/VSphereScan' - collectionDays: - description: How many days to collect data. - type: integer - format: int32 - eulaUri: - description: Uri for EULA (End User License Agreement) from customer. + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + type: object + description: A resource that represents a Google Cloud location. + ListCollectorsResponse: + id: ListCollectorsResponse + type: object + description: Message for response to listing Collectors. + properties: + nextPageToken: type: string + description: A token identifying a page of results the server should return. + unreachable: + type: array + description: Locations that could not be reached. + items: + type: string + collectors: + type: array + description: The list of Collectors. + items: + $ref: '#/components/schemas/Collector' GuestOsScan: - id: GuestOsScan description: Message describing a MC Source of type Guest OS Scan. - type: object properties: coreSource: - description: reference to the corresponding Guest OS Scan in MC Source. type: string - VSphereScan: - id: VSphereScan - description: Message describing a MC Source of type VSphere Scan. + description: reference to the corresponding Guest OS Scan in MC Source. + id: GuestOsScan type: object - properties: - coreSource: - description: reference to the corresponding VSphere Scan in MC Source. - type: string Annotation: - id: Annotation description: Message describing an Annotation + id: Annotation type: object properties: + updateTime: + type: string + description: Output only. Update time stamp. + format: google-datetime + readOnly: true name: description: name of resource. type: string + type: + type: string + enum: + - TYPE_UNSPECIFIED + - TYPE_LEGACY_EXPORT_CONSENT + - TYPE_QWIKLAB + description: Type of an annotation. + enumDescriptions: + - Unknown type + - Indicates that this project has opted into StratoZone export. + - Indicates that this project is created by Qwiklab. createTime: description: Output only. Create time stamp. - readOnly: true - type: string format: google-datetime - updateTime: - description: Output only. Update time stamp. readOnly: true type: string - format: google-datetime labels: description: Labels as key value pairs. type: object additionalProperties: type: string - type: - description: Type of an annotation. - type: string - enumDescriptions: - - Unknown type - - Indicates that this project has opted into StratoZone export. - - Indicates that this project is created by Qwiklab. - enum: - - TYPE_UNSPECIFIED - - TYPE_LEGACY_EXPORT_CONSENT - - TYPE_QWIKLAB - ListCollectorsResponse: - id: ListCollectorsResponse - description: Message for response to listing Collectors. - type: object - properties: - collectors: - description: The list of Collectors. - type: array - items: - $ref: '#/components/schemas/Collector' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - ResumeCollectorRequest: - id: ResumeCollectorRequest - description: Message for resuming a Collector. + PauseCollectorRequest: + description: Message for pausing a Collector. type: object + id: PauseCollectorRequest properties: requestId: description: >- @@ -325,9 +215,6 @@ components: (00000000-0000-0000-0000-000000000000). type: string RegisterCollectorRequest: - id: RegisterCollectorRequest - description: Message for registering a Collector. - type: object properties: requestId: description: >- @@ -344,12 +231,15 @@ components: with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000). type: string - PauseCollectorRequest: - id: PauseCollectorRequest - description: Message for pausing a Collector. + id: RegisterCollectorRequest + description: Message for registering a Collector. + type: object + ResumeCollectorRequest: + id: ResumeCollectorRequest type: object properties: requestId: + type: string description: >- Optional. An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server @@ -363,114 +253,214 @@ components: creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000). + description: Message for resuming a Collector. + Collector: + description: Message describing Collector object. + id: Collector + properties: + name: + type: string + description: name of resource. + state: + enum: + - STATE_UNSPECIFIED + - STATE_INITIALIZING + - STATE_READY_TO_USE + - STATE_REGISTERED + - STATE_ACTIVE + - STATE_PAUSED + - STATE_DELETING + - STATE_DECOMMISSIONED + - STATE_ERROR + description: Output only. State of the Collector. type: string + enumDescriptions: + - Collector state is not recognized. + - >- + Collector started to create, but hasn't been completed MC source + creation and db object creation. + - >- + Collector has been created, MC source creation and db object + creation completed. + - Collector client has been registered with client. + - Collector client is actively scanning. + - Collector is not actively scanning. + - Collector is starting background job for deletion. + - Collector completed all tasks for deletion. + - Collector is in error state. + readOnly: true + vsphereScan: + readOnly: true + $ref: '#/components/schemas/VSphereScan' + description: Output only. Reference to MC Source vsphere_scan. + expectedAssetCount: + description: User specified expected asset count. + format: int64 + type: string + eulaUri: + type: string + description: Uri for EULA (End User License Agreement) from customer. + guestOsScan: + readOnly: true + description: Output only. Reference to MC Source Guest Os Scan. + $ref: '#/components/schemas/GuestOsScan' + serviceAccount: + type: string + description: Service Account email used to ingest data to this Collector. + updateTime: + description: Output only. Update time stamp. + type: string + format: google-datetime + readOnly: true + clientVersion: + description: Output only. Client version. + type: string + readOnly: true + bucket: + type: string + description: >- + Output only. Store cloud storage bucket name (which is a guid) + created with this Collector. + readOnly: true + createTime: + type: string + format: google-datetime + description: Output only. Create time stamp. + readOnly: true + collectionDays: + type: integer + format: int32 + description: How many days to collect data. + description: + description: User specified description of the Collector. + type: string + labels: + type: object + description: Labels as key value pairs. + additionalProperties: + type: string + displayName: + type: string + description: User specified name of the Collector. + type: object ListLocationsResponse: id: ListLocationsResponse description: The response message for Locations.ListLocations. type: object properties: locations: + type: array description: >- A list of locations that matches the specified filter in the request. - type: array items: $ref: '#/components/schemas/Location' nextPageToken: - description: The standard List next-page token. type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + description: The standard List next-page token. + Operation: type: object + description: >- + This resource represents a long-running operation that is the result of + a network API call. properties: - name: + done: + type: boolean description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + response: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + name: type: string - labels: description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object additionalProperties: - type: any description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + id: Operation OperationMetadata: id: OperationMetadata - description: Represents the metadata of the long-running operation. type: object + description: Represents the metadata of the long-running operation. properties: createTime: - description: Output only. The time the operation was created. readOnly: true - type: string format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true - type: string - format: google-datetime - target: - description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true type: string + description: Output only. The time the operation was created. requestedCancellation: + readOnly: true + type: boolean description: >- Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. + statusMessage: + description: Output only. Human-readable status of the operation, if any. readOnly: true - type: boolean + type: string + verb: + readOnly: true + type: string + description: Output only. Name of the verb executed by the operation. apiVersion: description: Output only. API version used to start the operation. readOnly: true type: string + target: + type: string + readOnly: true + description: >- + Output only. Server-defined resource path for the target of the + operation. + endTime: + format: google-datetime + description: Output only. The time the operation finished running. + type: string + readOnly: true + CancelOperationRequest: + description: The request message for Operations.CancelOperation. + type: object + id: CancelOperationRequest + properties: {} parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: alt + name: uploadType schema: type: string - enum: - - json - - media - - proto callback: description: JSONP in: query @@ -492,39 +482,28 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + access_token: + description: OAuth access token. in: query - name: upload_protocol + name: access_token schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + alt: + description: Data format for response. in: query - name: uploadType + name: alt schema: type: string + enum: + - json + - media + - proto _.xgafv: description: V1 error format. in: query @@ -534,25 +513,46 @@ components: enum: - '1' - '2' + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string x-stackQL-resources: locations: id: google.rapidmigrationassessment.locations name: locations title: Locations methods: - list: + get: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.locations - get: + list: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.locations sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/locations/methods/get' @@ -561,122 +561,122 @@ components: update: [] replace: [] delete: [] - operations: - id: google.rapidmigrationassessment.operations - name: operations - title: Operations + collectors: + id: google.rapidmigrationassessment.collectors + name: collectors + title: Collectors methods: - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collectors~1{collectorsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collectors~1{collectorsId}/get response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collectors~1{collectorsId}/delete response: mediaType: application/json openAPIDocKey: '200' - cancel: + resume: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collectors~1{collectorsId}:resume/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' - insert: [] - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - collectors: - id: google.rapidmigrationassessment.collectors - name: collectors - title: Collectors - methods: - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collectors/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collectors/get response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.unreachable + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collectors/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collectors/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.collectors - get: + register: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collectors~1{collectorsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collectors~1{collectorsId}:register/post response: mediaType: application/json openAPIDocKey: '200' - patch: + pause: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collectors~1{collectorsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collectors~1{collectorsId}:pause/post response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/collectors/methods/get' + - $ref: '#/components/x-stackQL-resources/collectors/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/collectors/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/collectors/methods/patch' + replace: [] delete: + - $ref: '#/components/x-stackQL-resources/collectors/methods/delete' + operations: + id: google.rapidmigrationassessment.operations + name: operations + title: Operations + methods: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collectors~1{collectorsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - resume: + objectKey: $.operations + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collectors~1{collectorsId}:resume/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - register: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collectors~1{collectorsId}:register/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - pause: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1collectors~1{collectorsId}:pause/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/collectors/methods/get' - - $ref: '#/components/x-stackQL-resources/collectors/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/collectors/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/collectors/methods/patch' + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' + insert: [] + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/collectors/methods/delete' + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' annotations: id: google.rapidmigrationassessment.annotations name: annotations @@ -705,22 +705,22 @@ components: replace: [] delete: [] paths: - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' get: - description: Lists information about the supported locations for this service. - operationId: rapidmigrationassessment.projects.locations.list + description: Gets information about a location. + operationId: rapidmigrationassessment.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -732,35 +732,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes + - in: path + name: locationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}: + /v1/projects/{projectsId}/locations: parameters: *ref_1 get: - description: Gets information about a location. - operationId: rapidmigrationassessment.projects.locations.get + description: Lists information about the supported locations for this service. + operationId: rapidmigrationassessment.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -772,25 +760,40 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: extraLocationTypes schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/collectors/{collectorsId}: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: rapidmigrationassessment.projects.locations.operations.list + patch: + description: Updates the parameters of a single Collector. + operationId: rapidmigrationassessment.projects.locations.collectors.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Collector' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -802,7 +805,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -814,27 +817,23 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: collectorsId + required: true schema: type: string - in: query - name: pageSize + name: requestId schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 + format: google-fieldmask get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: rapidmigrationassessment.projects.locations.operations.get + description: Gets details of a single Collector. + operationId: rapidmigrationassessment.projects.locations.collectors.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -846,7 +845,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Collector' parameters: - in: path name: projectsId @@ -859,17 +858,15 @@ paths: schema: type: string - in: path - name: operationsId + name: collectorsId required: true schema: type: string delete: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: rapidmigrationassessment.projects.locations.operations.delete + Deletes a single Collector - changes state of collector to "Deleting". + Background jobs does final deletion through producer API. + operationId: rapidmigrationassessment.projects.locations.collectors.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -881,7 +878,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -894,29 +891,24 @@ paths: schema: type: string - in: path - name: operationsId + name: collectorsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/collectors/{collectorsId}:resume: parameters: *ref_1 post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: rapidmigrationassessment.projects.locations.operations.cancel + description: Resumes the given collector. + operationId: rapidmigrationassessment.projects.locations.collectors.resume requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/ResumeCollectorRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -928,7 +920,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -941,22 +933,15 @@ paths: schema: type: string - in: path - name: operationsId + name: collectorsId required: true schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/collectors: parameters: *ref_1 - post: - description: >- - Create a Collector to manage the on-prem appliance which collects - information about Customer assets. - operationId: rapidmigrationassessment.projects.locations.collectors.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Collector' + get: + description: Lists Collectors in a given project and location. + operationId: rapidmigrationassessment.projects.locations.collectors.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -968,7 +953,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListCollectorsResponse' parameters: - in: path name: projectsId @@ -981,16 +966,32 @@ paths: schema: type: string - in: query - name: collectorId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - in: query - name: requestId + name: orderBy schema: type: string - get: - description: Lists Collectors in a given project and location. - operationId: rapidmigrationassessment.projects.locations.collectors.list + - in: query + name: filter + schema: + type: string + post: + description: >- + Create a Collector to manage the on-prem appliance which collects + information about Customer assets. + operationId: rapidmigrationassessment.projects.locations.collectors.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Collector' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1002,7 +1003,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListCollectorsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -1015,27 +1016,23 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: collectorId schema: type: string - in: query - name: orderBy + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collectors/{collectorsId}: + /v1/projects/{projectsId}/locations/{locationsId}/collectors/{collectorsId}:register: parameters: *ref_1 - get: - description: Gets details of a single Collector. - operationId: rapidmigrationassessment.projects.locations.collectors.get + post: + description: Registers the given collector. + operationId: rapidmigrationassessment.projects.locations.collectors.register + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RegisterCollectorRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1047,7 +1044,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Collector' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -1064,14 +1061,16 @@ paths: required: true schema: type: string - patch: - description: Updates the parameters of a single Collector. - operationId: rapidmigrationassessment.projects.locations.collectors.patch + /v1/projects/{projectsId}/locations/{locationsId}/collectors/{collectorsId}:pause: + parameters: *ref_1 + post: + description: Pauses the given collector. + operationId: rapidmigrationassessment.projects.locations.collectors.pause requestBody: content: application/json: schema: - $ref: '#/components/schemas/Collector' + $ref: '#/components/schemas/PauseCollectorRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1100,20 +1099,13 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId - schema: - type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/operations: + parameters: *ref_1 + get: description: >- - Deletes a single Collector - changes state of collector to "Deleting". - Background jobs does final deletion through producer API. - operationId: rapidmigrationassessment.projects.locations.collectors.delete + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: rapidmigrationassessment.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1125,7 +1117,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -1137,25 +1129,27 @@ paths: required: true schema: type: string - - in: path - name: collectorsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - in: query - name: requestId + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collectors/{collectorsId}:resume: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Resumes the given collector. - operationId: rapidmigrationassessment.projects.locations.collectors.resume - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ResumeCollectorRequest' + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: rapidmigrationassessment.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1180,20 +1174,17 @@ paths: schema: type: string - in: path - name: collectorsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collectors/{collectorsId}:register: - parameters: *ref_1 - post: - description: Registers the given collector. - operationId: rapidmigrationassessment.projects.locations.collectors.register - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RegisterCollectorRequest' + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: rapidmigrationassessment.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1205,7 +1196,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -1218,20 +1209,29 @@ paths: schema: type: string - in: path - name: collectorsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/collectors/{collectorsId}:pause: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: - description: Pauses the given collector. - operationId: rapidmigrationassessment.projects.locations.collectors.pause + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: rapidmigrationassessment.projects.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/PauseCollectorRequest' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1243,7 +1243,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -1256,7 +1256,7 @@ paths: schema: type: string - in: path - name: collectorsId + name: operationsId required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/recaptchaenterprise.yaml b/providers/src/googleapis.com/v00.00.00000/services/recaptchaenterprise.yaml index 68cf615d..75bc5358 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/recaptchaenterprise.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/recaptchaenterprise.yaml @@ -9,8 +9,8 @@ info: Help protect your website from fraudulent activity, spam, and abuse without creating friction. version: v1 - x-discovery-doc-revision: '20250713' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251201' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/recaptcha-enterprise/ servers: @@ -36,177 +36,114 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleCloudRecaptchaenterpriseV1Assessment: - id: GoogleCloudRecaptchaenterpriseV1Assessment - description: A reCAPTCHA Enterprise assessment resource. + GoogleCloudRecaptchaenterpriseV1FirewallActionRedirectAction: + description: >- + A redirect action returns a 307 (temporary redirect) response, pointing + the user to a reCAPTCHA interstitial page to attach a token. type: object + id: GoogleCloudRecaptchaenterpriseV1FirewallActionRedirectAction + properties: {} + GoogleCloudRecaptchaenterpriseV1RelatedAccountGroup: + description: A group of related accounts. + id: GoogleCloudRecaptchaenterpriseV1RelatedAccountGroup properties: name: - description: >- - Output only. Identifier. The resource name for the Assessment in the - format `projects/{project}/assessments/{assessment}`. - readOnly: true type: string - event: - description: Optional. The event being assessed. - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1Event' - riskAnalysis: - description: Output only. The risk analysis result for the event being assessed. - readOnly: true - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1RiskAnalysis' - tokenProperties: - description: Output only. Properties of the provided event token. - readOnly: true - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1TokenProperties' - accountVerification: - description: >- - Optional. Account verification information for identity - verification. The assessment event must include a token and site key - to use this feature. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1AccountVerificationInfo - accountDefenderAssessment: - description: >- - Output only. Assessment returned by account defender when an account - identifier is provided. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1AccountDefenderAssessment - privatePasswordLeakVerification: - description: >- - Optional. The private password leak verification field contains the - parameters that are used to to check for leaks privately without - sharing user credentials. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1PrivatePasswordLeakVerification - firewallPolicyAssessment: - description: >- - Output only. Assessment returned when firewall policies belonging to - the project are evaluated using the field - firewall_policy_evaluation. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallPolicyAssessment - fraudPreventionAssessment: - description: >- - Output only. Assessment returned by Fraud Prevention when - TransactionData is provided. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessment - fraudSignals: description: >- - Output only. Fraud Signals specific to the users involved in a - payment transaction. - readOnly: true - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1FraudSignals' - phoneFraudAssessment: - description: >- - Output only. Assessment returned when a site key, a token, and a - phone number as `user_id` are provided. Account defender and SMS - toll fraud protection need to be enabled. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1PhoneFraudAssessment - assessmentEnvironment: - description: >- - Optional. The environment creating the assessment. This describes - your environment (the system invoking CreateAssessment), NOT the - environment of your user. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1AssessmentEnvironment + Required. Identifier. The resource name for the related account + group in the format + `projects/{project}/relatedaccountgroups/{related_account_group}`. + type: object GoogleCloudRecaptchaenterpriseV1Event: - id: GoogleCloudRecaptchaenterpriseV1Event - description: The event being assessed. type: object + description: The event being assessed. properties: - token: - description: >- - Optional. The user response token provided by the reCAPTCHA - Enterprise client-side integration on your site. - type: string - siteKey: - description: >- - Optional. The site key that was used to invoke reCAPTCHA Enterprise - on your site and generate the token. - type: string - userAgent: + wafTokenAssessment: + type: boolean description: >- - Optional. The user agent present in the request from the user's - device related to this event. - type: string + Optional. Flag for running Web Application Firewall (WAF) token + assessment. If enabled, the token must be specified, and have been + created by a WAF-enabled key. userIpAddress: + type: string description: >- Optional. The IP address in the request from the user's device related to this event. + token: type: string + description: >- + Optional. The user response token provided by the reCAPTCHA + Enterprise client-side integration on your site. expectedAction: description: >- Optional. The expected action for this type of event. This should be the same action provided at token generation time on client-side platforms already integrated with recaptcha enterprise. type: string - hashedAccountId: - description: >- - Optional. Deprecated: use `user_info.account_id` instead. Unique - stable hashed user identifier for the request. The identifier must - be hashed using hmac-sha256 with stable secret. - deprecated: true - type: string - format: byte - express: - description: >- - Optional. Flag for a reCAPTCHA express request for an assessment - without a token. If enabled, `site_key` must reference an Express - site key. - type: boolean requestedUri: + type: string description: >- Optional. The URI resource the user requested that triggered an assessment. - type: string - wafTokenAssessment: - description: >- - Optional. Flag for running WAF token assessment. If enabled, the - token must be specified, and have been created by a WAF-enabled key. - type: boolean ja3: description: >- Optional. JA3 fingerprint for SSL clients. To learn how to compute this fingerprint, please refer to https://github.com/salesforce/ja3. type: string + transactionData: + description: >- + Optional. Data describing a payment transaction to be assessed. + Sending this data enables reCAPTCHA Enterprise Fraud Prevention and + the FraudPreventionAssessment component in the response. + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1TransactionData' ja4: + type: string description: >- Optional. JA4 fingerprint for SSL clients. To learn how to compute this fingerprint, please refer to https://github.com/FoxIO-LLC/ja4. - type: string - headers: - description: Optional. HTTP header information about the request. - type: array - items: - type: string firewallPolicyEvaluation: + type: boolean description: >- Optional. Flag for enabling firewall policy config assessment. If this flag is enabled, the firewall policy is evaluated and a suggested firewall action is returned in the response. - type: boolean - transactionData: + siteKey: description: >- - Optional. Data describing a payment transaction to be assessed. - Sending this data enables reCAPTCHA Enterprise Fraud Prevention and - the FraudPreventionAssessment component in the response. - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1TransactionData' + Optional. The site key that was used to invoke reCAPTCHA Enterprise + on your site and generate the token. + type: string + userAgent: + description: >- + Optional. The user agent present in the request from the user's + device related to this event. + type: string + hashedAccountId: + description: >- + Optional. Deprecated: use `user_info.account_id` instead. Unique + stable hashed user identifier for the request. The identifier must + be hashed using hmac-sha256 with stable secret. + type: string + format: byte + deprecated: true + headers: + type: array + description: Optional. HTTP header information about the request. + items: + type: string userInfo: + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1UserInfo' description: >- Optional. Information about the user that generates this event, when they can be identified. They are often identified through the use of an account for logged-in requests or login/registration requests, or by providing user identifiers for guest actions like checkout. - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1UserInfo' fraudPrevention: - description: Optional. The Fraud Prevention setting for this assessment. type: string + enum: + - FRAUD_PREVENTION_UNSPECIFIED + - ENABLED + - DISABLED + description: Optional. The Fraud Prevention setting for this assessment. enumDescriptions: - >- Default, unspecified setting. `fraud_prevention_assessment` is @@ -218,649 +155,593 @@ components: - >- Disable Fraud Prevention for this assessment, regardless of the Google Cloud console settings. - enum: - - FRAUD_PREVENTION_UNSPECIFIED - - ENABLED - - DISABLED - GoogleCloudRecaptchaenterpriseV1TransactionData: - id: GoogleCloudRecaptchaenterpriseV1TransactionData - description: >- - Transaction data associated with a payment protected by reCAPTCHA - Enterprise. + express: + type: boolean + description: >- + Optional. Flag for a reCAPTCHA express request for an assessment + without a token. If enabled, `site_key` must reference an Express + site key. + id: GoogleCloudRecaptchaenterpriseV1Event + GoogleCloudRecaptchaenterpriseV1ListRelatedAccountGroupMembershipsResponse: + id: >- + GoogleCloudRecaptchaenterpriseV1ListRelatedAccountGroupMembershipsResponse + description: The response to a `ListRelatedAccountGroupMemberships` call. type: object properties: - transactionId: + nextPageToken: description: >- - Unique identifier for the transaction. This custom identifier can be - used to reference this transaction in the future, for example, - labeling a refund or chargeback event. Two attempts at the same - transaction should use the same transaction id. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - paymentMethod: + relatedAccountGroupMemberships: + items: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1RelatedAccountGroupMembership + description: The memberships listed by the query. + type: array + GoogleCloudRecaptchaenterpriseV1AddIpOverrideRequest: + type: object + id: GoogleCloudRecaptchaenterpriseV1AddIpOverrideRequest + properties: + ipOverrideData: + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1IpOverrideData' + description: Required. IP override added to the key. + description: The AddIpOverride request message. + GoogleCloudRecaptchaenterpriseV1PhoneFraudAssessment: + description: Assessment for Phone Fraud + id: GoogleCloudRecaptchaenterpriseV1PhoneFraudAssessment + properties: + smsTollFraudVerdict: description: >- - Optional. The payment method for the transaction. The allowed values - are: * credit-card * debit-card * gift-card * processor-{name} (If a - third-party is used, for example, processor-paypal) * custom-{name} - (If an alternative method is used, for example, custom-crypto) - type: string - cardBin: + Output only. Assessment of this phone event for risk of SMS toll + fraud. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1SmsTollFraudVerdict + type: object + GoogleCloudRecaptchaenterpriseV1ChallengeMetrics: + properties: + failedCount: + format: int64 description: >- - Optional. The Bank Identification Number - generally the first 6 or - 8 digits of the card. - type: string - cardLastFour: - description: Optional. The last four digits of the card. + Count of submitted challenge solutions that were incorrect or + otherwise deemed suspicious such that a subsequent challenge was + triggered. type: string - currencyCode: - description: Optional. The currency code in ISO-4217 format. + passedCount: type: string - value: description: >- - Optional. The decimal value of the transaction in the specified - currency. - type: number - format: double - shippingValue: - description: >- - Optional. The value of shipping in the specified currency. 0 for - free or no shipping. - type: number - format: double - shippingAddress: - description: >- - Optional. Destination address if this transaction involves shipping - a physical item. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1TransactionDataAddress - billingAddress: - description: >- - Optional. Address associated with the payment method when - applicable. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1TransactionDataAddress - user: - description: >- - Optional. Information about the user paying/initiating the - transaction. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1TransactionDataUser - merchants: + Count of nocaptchas (successful verification without a challenge) + plus submitted challenge solutions that were correct and resulted in + verification. + format: int64 + nocaptchaCount: + format: int64 description: >- - Optional. Information about the user or users fulfilling the - transaction. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1TransactionDataUser - items: - description: Optional. Items purchased in this transaction. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1TransactionDataItem - gatewayInfo: + Count of nocaptchas (successful verification without a challenge) + issued. + type: string + pageloadCount: + type: string description: >- - Optional. Information about the payment gateway's response to the - transaction. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1TransactionDataGatewayInfo - GoogleCloudRecaptchaenterpriseV1TransactionDataAddress: - id: GoogleCloudRecaptchaenterpriseV1TransactionDataAddress - description: Structured address format for billing and shipping addresses. + Count of reCAPTCHA checkboxes or badges rendered. This is mostly + equivalent to a count of pageloads for pages that include reCAPTCHA. + format: int64 + id: GoogleCloudRecaptchaenterpriseV1ChallengeMetrics + type: object + description: Metrics related to challenges. + GoogleCloudRecaptchaenterpriseV1TokenProperties: + description: Properties of the provided event token. + id: GoogleCloudRecaptchaenterpriseV1TokenProperties type: object properties: - recipient: - description: >- - Optional. The recipient name, potentially including information such - as "care of". - type: string - address: - description: >- - Optional. The first lines of the address. The first line generally - contains the street name and number, and further lines may include - information such as an apartment number. - type: array - items: - type: string - locality: - description: Optional. The town/city of the address. + invalidReason: + description: Output only. Reason associated with the response when valid = false. type: string - administrativeArea: + readOnly: true + enumDescriptions: + - Default unspecified type. + - If the failure reason was not accounted for. + - The provided user verification token was malformed. + - The user verification token had expired. + - The user verification had already been seen. + - The user verification token was not present. + - >- + A retriable error (such as network failure) occurred on the + browser. Could easily be simulated by an attacker. + - >- + The action provided at token generation was different than the + `expected_action` in the assessment request. The comparison is + case-insensitive. This reason can only be returned if all of the + following are true: - your `site_key` has the + POLICY_BASED_CHALLENGE integration type - you set an action score + threshold higher than 0.0 - you provided a non-empty + `expected_action` + enum: + - INVALID_REASON_UNSPECIFIED + - UNKNOWN_INVALID_REASON + - MALFORMED + - EXPIRED + - DUPE + - MISSING + - BROWSER_ERROR + - UNEXPECTED_ACTION + hostname: + readOnly: true description: >- - Optional. The state, province, or otherwise administrative area of - the address. - type: string - regionCode: - description: Optional. The CLDR country/region of the address. + Output only. The hostname of the page on which the token was + generated (Web keys only). type: string - postalCode: - description: Optional. The postal or ZIP code of the address. + iosBundleId: type: string - GoogleCloudRecaptchaenterpriseV1TransactionDataUser: - id: GoogleCloudRecaptchaenterpriseV1TransactionDataUser - description: Details about a user's account involved in the transaction. - type: object - properties: - accountId: + readOnly: true description: >- - Optional. Unique account identifier for this user. If using account - defender, this should match the hashed_account_id field. Otherwise, - a unique and persistent identifier for this account. - type: string - creationMs: - description: Optional. The epoch milliseconds of the user's account creation. + Output only. The ID of the iOS bundle with which the token was + generated (iOS keys only). + androidPackageName: + description: >- + Output only. The name of the Android package with which the token + was generated (Android keys only). + readOnly: true type: string - format: int64 - email: - description: Optional. The email address of the user. + action: + description: Output only. Action name provided at token generation. type: string - emailVerified: + readOnly: true + valid: description: >- - Optional. Whether the email has been verified to be accessible by - the user (OTP or similar). + Output only. Whether the provided user response token is valid. When + valid = false, the reason could be specified in invalid_reason or it + could also be due to a user failing to solve a challenge or a + sitekey mismatch (i.e the sitekey used to generate the token was + different than the one specified in the assessment). type: boolean - phoneNumber: - description: Optional. The phone number of the user, with country code. + readOnly: true + createTime: + format: google-datetime type: string - phoneVerified: + readOnly: true description: >- - Optional. Whether the phone number has been verified to be - accessible by the user (OTP or similar). - type: boolean - GoogleCloudRecaptchaenterpriseV1TransactionDataItem: - id: GoogleCloudRecaptchaenterpriseV1TransactionDataItem - description: Line items being purchased in this transaction. - type: object + Output only. The timestamp corresponding to the generation of the + token. + GoogleCloudRecaptchaenterpriseV1ReorderFirewallPoliciesRequest: + description: The reorder firewall policies request message. properties: - name: - description: Optional. The full name of the item. - type: string - value: - description: >- - Optional. The value per item that the user is paying, in the - transaction currency, after discounts. - type: number - format: double - quantity: - description: Optional. The quantity of this item that is being purchased. - type: string - format: int64 - merchantAccountId: + names: + items: + type: string description: >- - Optional. When a merchant is specified, its corresponding - account_id. Necessary to populate marketplace-style transactions. - type: string - GoogleCloudRecaptchaenterpriseV1TransactionDataGatewayInfo: - id: GoogleCloudRecaptchaenterpriseV1TransactionDataGatewayInfo - description: Details about the transaction from the gateway. + Required. A list containing all policy names, in the new order. Each + name is in the format + `projects/{project}/firewallpolicies/{firewallpolicy}`. + type: array + id: GoogleCloudRecaptchaenterpriseV1ReorderFirewallPoliciesRequest type: object + GoogleCloudRecaptchaenterpriseV1Metrics: + id: GoogleCloudRecaptchaenterpriseV1Metrics + type: object + description: Metrics for a single Key. properties: name: + readOnly: true description: >- - Optional. Name of the gateway service (for example, stripe, square, - paypal). - type: string - gatewayResponseCode: - description: >- - Optional. Gateway response code describing the state of the - transaction. + Output only. Identifier. The name of the metrics, in the format + `projects/{project}/keys/{key}/metrics`. type: string - avsResponseCode: + challengeMetrics: + items: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1ChallengeMetrics + type: array description: >- - Optional. AVS response code from the gateway (available only when - reCAPTCHA Enterprise is called after authorization). - type: string - cvvResponseCode: + Metrics are continuous and in order by dates, and in the granularity + of day. Only challenge-based keys (CHECKBOX, INVISIBLE) have + challenge-based data. + scoreMetrics: description: >- - Optional. CVV response code from the gateway (available only when - reCAPTCHA Enterprise is called after authorization). + Metrics are continuous and in order by dates, and in the granularity + of day. All Key types should have score-based data. + type: array + items: + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1ScoreMetrics' + startTime: type: string - GoogleCloudRecaptchaenterpriseV1UserInfo: - id: GoogleCloudRecaptchaenterpriseV1UserInfo - description: >- - User information associated with a request protected by reCAPTCHA - Enterprise. - type: object - properties: - createAccountTime: description: >- - Optional. Creation time for this account associated with this user. - Leave blank for non logged-in actions, guest checkout, or when there - is no account associated with the current user. - type: string + Inclusive start time aligned to a day in the America/Los_Angeles + (Pacific) timezone. format: google-datetime - accountId: + GoogleCloudRecaptchaenterpriseV1MigrateKeyRequest: + properties: + skipBillingCheck: description: >- - Optional. For logged-in requests or login/registration requests, the - unique account identifier associated with this user. You can use the - username if it is stable (meaning it is the same for every request - associated with the same user), or any stable user ID of your - choice. Leave blank for non logged-in actions or guest checkout. - type: string - userIds: - description: Optional. Identifiers associated with this user or request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1UserId' - GoogleCloudRecaptchaenterpriseV1UserId: - id: GoogleCloudRecaptchaenterpriseV1UserId - description: An identifier associated with a user. + Optional. If true, skips the billing check. A reCAPTCHA Enterprise + key or migrated key behaves differently than a reCAPTCHA + (non-Enterprise version) key when you reach a quota limit (see + https://docs.cloud.google.com/recaptcha/quotas#quota_limit). To + avoid any disruption of your usage, we check that a billing account + is present. If your usage of reCAPTCHA is under the free quota, you + can safely skip the billing check and proceed with the migration. + See https://cloud.google.com/recaptcha/docs/billing-information. + type: boolean + description: The migrate key request message. + id: GoogleCloudRecaptchaenterpriseV1MigrateKeyRequest type: object - properties: - email: - description: Optional. An email address. - type: string - phoneNumber: - description: Optional. A phone number. Should use the E.164 format. - type: string - username: - description: >- - Optional. A unique username, if different from all the other - identifiers and `account_id` that are provided. Can be a unique - login handle or display name for a user. - type: string - GoogleCloudRecaptchaenterpriseV1RiskAnalysis: - id: GoogleCloudRecaptchaenterpriseV1RiskAnalysis - description: Risk analysis result for an event. + GoogleCloudRecaptchaenterpriseV1FraudSignalsUserSignals: type: object + description: Signals describing the user involved in this transaction. + id: GoogleCloudRecaptchaenterpriseV1FraudSignalsUserSignals properties: - score: - description: >- - Output only. Legitimate event score from 0.0 to 1.0. (1.0 means very - likely legitimate traffic while 0.0 means very likely non-legitimate - traffic). - readOnly: true - type: number - format: float - reasons: - description: Output only. Reasons contributing to the risk analysis verdict. + activeDaysLowerBound: readOnly: true - type: array - items: - type: string - enumDescriptions: - - Default unspecified type. - - Interactions matched the behavior of an automated agent. - - The event originated from an illegitimate environment. - - Traffic volume from the event source is higher than normal. - - >- - Interactions with the site were significantly different than - expected patterns. - - >- - Too little traffic has been received from this site thus far to - generate quality risk analysis. - - >- - The request matches behavioral characteristics of a carding - attack. - - >- - The request matches behavioral characteristics of chargebacks - for fraud. - enum: - - CLASSIFICATION_REASON_UNSPECIFIED - - AUTOMATION - - UNEXPECTED_ENVIRONMENT - - TOO_MUCH_TRAFFIC - - UNEXPECTED_USAGE_PATTERNS - - LOW_CONFIDENCE_SCORE - - SUSPECTED_CARDING - - SUSPECTED_CHARGEBACK - extendedVerdictReasons: + type: integer description: >- - Output only. Extended verdict reasons to be used for experimentation - only. The set of possible reasons is subject to change. - readOnly: true - type: array - items: - type: string - challenge: + Output only. This user (based on email, phone, and other + identifiers) has been seen on the internet for at least this number + of days. + format: int32 + syntheticRisk: + format: float + type: number description: >- - Output only. Challenge information for POLICY_BASED_CHALLENGE and - INVISIBLE keys + Output only. Likelihood (from 0.0 to 1.0) this user includes + synthetic components in their identity, such as a randomly generated + email address, temporary phone number, or fake shipping address. readOnly: true - type: string - enumDescriptions: - - Default unspecified type. - - No challenge was presented for solving. - - A solution was submitted that was correct. - - >- - A solution was submitted that was incorrect or otherwise deemed - suspicious. - enum: - - CHALLENGE_UNSPECIFIED - - NOCAPTCHA - - PASSED - - FAILED - verifiedBots: + GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentStolenInstrumentVerdict: + id: >- + GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentStolenInstrumentVerdict + description: >- + Information about stolen instrument fraud, where the user is not the + legitimate owner of the instrument being used for the purchase. + type: object + properties: + risk: description: >- - Output only. Bots with identities that have been verified by - reCAPTCHA and detected in the event. + Output only. Probability of this transaction being executed with a + stolen instrument. Values are from 0.0 (lowest) to 1.0 (highest). + format: float + type: number readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1Bot' - GoogleCloudRecaptchaenterpriseV1Bot: - id: GoogleCloudRecaptchaenterpriseV1Bot - description: Bot information and metadata. + GoogleCloudRecaptchaenterpriseV1FirewallActionAllowAction: + type: object + description: An allow action continues processing a request unimpeded. + properties: {} + id: GoogleCloudRecaptchaenterpriseV1FirewallActionAllowAction + GoogleCloudRecaptchaenterpriseV1IpOverrideData: + description: Information about the IP or IP range override. type: object + id: GoogleCloudRecaptchaenterpriseV1IpOverrideData properties: - name: + ip: description: >- - Optional. Enumerated string value that indicates the identity of the - bot, formatted in kebab-case. + Required. The IP address to override (can be IPv4, IPv6 or CIDR). + The IP override must be a valid IPv4 or IPv6 address, or a CIDR + range. The IP override must be a public IP address. Example of IPv4: + 168.192.5.6 Example of IPv6: 2001:0000:130F:0000:0000:09C0:876A:130B + Example of IPv4 with CIDR: 168.192.5.0/24 Example of IPv6 with CIDR: + 2001:0DB8:1234::/48 type: string - botType: - description: Optional. Enumerated field representing the type of bot. + overrideType: type: string enumDescriptions: - - Default unspecified type. - >- - Software program that interacts with a site and performs tasks - autonomously. - - Software that extracts specific data from sites for use. + Default override type that indicates this enum hasn't been + specified. - >- - Software that crawls sites and stores content for the purpose of - efficient retrieval, likely as part of a search engine. + Allowlist the IP address; i.e. give a `risk_analysis.score` of 0.9 + for all valid assessments. + description: Required. Describes the type of IP override. enum: - - BOT_TYPE_UNSPECIFIED - - AI_AGENT - - CONTENT_SCRAPER - - SEARCH_INDEXER - GoogleCloudRecaptchaenterpriseV1TokenProperties: - id: GoogleCloudRecaptchaenterpriseV1TokenProperties - description: Properties of the provided event token. - type: object + - OVERRIDE_TYPE_UNSPECIFIED + - ALLOW + GoogleCloudRecaptchaenterpriseV1EndpointVerificationInfo: properties: - valid: + phoneNumber: description: >- - Output only. Whether the provided user response token is valid. When - valid = false, the reason could be specified in invalid_reason or it - could also be due to a user failing to solve a challenge or a - sitekey mismatch (i.e the sitekey used to generate the token was - different than the one specified in the assessment). - readOnly: true - type: boolean - invalidReason: - description: Output only. Reason associated with the response when valid = false. - readOnly: true + Phone number for which to trigger a verification request. Should be + given in E.164 format. type: string - enumDescriptions: - - Default unspecified type. - - If the failure reason was not accounted for. - - The provided user verification token was malformed. - - The user verification token had expired. - - The user verification had already been seen. - - The user verification token was not present. - - >- - A retriable error (such as network failure) occurred on the - browser. Could easily be simulated by an attacker. - enum: - - INVALID_REASON_UNSPECIFIED - - UNKNOWN_INVALID_REASON - - MALFORMED - - EXPIRED - - DUPE - - MISSING - - BROWSER_ERROR - createTime: - description: >- - Output only. The timestamp corresponding to the generation of the - token. + requestToken: readOnly: true - type: string - format: google-datetime - hostname: description: >- - Output only. The hostname of the page on which the token was - generated (Web keys only). - readOnly: true + Output only. Token to provide to the client to trigger endpoint + verification. It must be used within 15 minutes. type: string - androidPackageName: - description: >- - Output only. The name of the Android package with which the token - was generated (Android keys only). - readOnly: true + emailAddress: type: string - iosBundleId: - description: >- - Output only. The ID of the iOS bundle with which the token was - generated (iOS keys only). - readOnly: true + description: Email address for which to trigger a verification request. + lastVerificationTime: type: string - action: - description: Output only. Action name provided at token generation. readOnly: true - type: string - GoogleCloudRecaptchaenterpriseV1AccountVerificationInfo: - id: GoogleCloudRecaptchaenterpriseV1AccountVerificationInfo - description: Information about account verification, used for identity verification. + format: google-datetime + description: >- + Output only. Timestamp of the last successful verification for the + endpoint, if any. + type: object + id: GoogleCloudRecaptchaenterpriseV1EndpointVerificationInfo + description: Information about a verification endpoint that can be used for 2FA. + GoogleCloudRecaptchaenterpriseV1AddIpOverrideResponse: + properties: {} + description: Response for AddIpOverride. + type: object + id: GoogleCloudRecaptchaenterpriseV1AddIpOverrideResponse + GoogleCloudRecaptchaenterpriseV1Key: type: object + id: GoogleCloudRecaptchaenterpriseV1Key properties: - endpoints: - description: Optional. Endpoints that can be used for identity verification. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1EndpointVerificationInfo - languageCode: + labels: description: >- - Optional. Language code preference for the verification message, set - as a IETF BCP 47 language code. + Optional. See [Creating and managing labels] + (https://cloud.google.com/recaptcha/docs/labels). + additionalProperties: + type: string + type: object + iosSettings: + description: Settings for keys that can be used by iOS apps. + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1IOSKeySettings' + webSettings: + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1WebKeySettings' + description: Settings for keys that can be used by websites. + androidSettings: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1AndroidKeySettings + description: Settings for keys that can be used by Android apps. + name: type: string - latestVerificationResult: - description: Output only. Result of the latest account verification challenge. + description: >- + Identifier. The resource name for the Key in the format + `projects/{project}/keys/{key}`. + expressSettings: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1ExpressKeySettings + description: Settings for keys that can be used by reCAPTCHA Express. + createTime: + description: >- + Output only. The timestamp corresponding to the creation of this + key. + type: string + format: google-datetime readOnly: true + wafSettings: + description: Optional. Settings for Web Application Firewall (WAF). + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1WafSettings' + displayName: + type: string + description: >- + Required. Human-readable display name of this key. Modifiable by + user. + testingOptions: + description: Optional. Options for user acceptance testing. + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1TestingOptions' + description: >- + A key used to identify and configure applications (web and/or mobile) + that use reCAPTCHA Enterprise. + GoogleCloudRecaptchaenterpriseV1TestingOptions: + type: object + id: GoogleCloudRecaptchaenterpriseV1TestingOptions + description: Options for user acceptance testing. + properties: + testingScore: + format: float + description: >- + Optional. All assessments for this Key return this score. Must be + between 0 (likely not legitimate) and 1 (likely legitimate) + inclusive. + type: number + testingChallenge: + enum: + - TESTING_CHALLENGE_UNSPECIFIED + - NOCAPTCHA + - UNSOLVABLE_CHALLENGE + description: >- + Optional. For challenge-based keys only (CHECKBOX, INVISIBLE), all + challenge requests for this site return nocaptcha if NOCAPTCHA, or + an unsolvable challenge if CHALLENGE. type: string enumDescriptions: - - No information about the latest account verification. - - >- - The user was successfully verified. This means the account - verification challenge was successfully completed. - - The user failed the verification challenge. - - >- - The site is not properly onboarded to use the account verification - feature. - >- - The recipient is not allowed for account verification. This can - occur during integration but should not occur in production. - - >- - The recipient has already been sent too many verification codes in - a short amount of time. - - >- - The verification flow could not be completed due to a critical - internal error. - - >- - The client has exceeded their two factor request quota for this - period of time. + Perform the normal risk analysis and return either nocaptcha or a + challenge depending on risk and trust factors. - >- - The request cannot be processed at the time because of an - incident. This bypass can be restricted to a problematic - destination email domain, a customer, or could affect the entire - service. + Challenge requests for this key always return a nocaptcha, which + does not require a solution. - >- - The request parameters do not match with the token provided and - cannot be processed. - enum: - - RESULT_UNSPECIFIED - - SUCCESS_USER_VERIFIED - - ERROR_USER_NOT_VERIFIED - - ERROR_SITE_ONBOARDING_INCOMPLETE - - ERROR_RECIPIENT_NOT_ALLOWED - - ERROR_RECIPIENT_ABUSE_LIMIT_EXHAUSTED - - ERROR_CRITICAL_INTERNAL - - ERROR_CUSTOMER_QUOTA_EXHAUSTED - - ERROR_VERIFICATION_BYPASSED - - ERROR_VERDICT_MISMATCH - username: - description: >- - Username of the account that is being verified. Deprecated. - Customers should now provide the `account_id` field in - `event.user_info`. - deprecated: true - type: string - GoogleCloudRecaptchaenterpriseV1EndpointVerificationInfo: - id: GoogleCloudRecaptchaenterpriseV1EndpointVerificationInfo - description: Information about a verification endpoint that can be used for 2FA. + Challenge requests for this key always return an unsolvable + challenge. + GoogleCloudRecaptchaenterpriseV1ExpressKeySettings: + type: object + id: GoogleCloudRecaptchaenterpriseV1ExpressKeySettings + properties: {} + description: Settings specific to keys that can be used for reCAPTCHA Express. + GoogleCloudRecaptchaenterpriseV1SearchRelatedAccountGroupMembershipsRequest: + description: The request message to search related account group memberships. type: object + id: >- + GoogleCloudRecaptchaenterpriseV1SearchRelatedAccountGroupMembershipsRequest properties: - emailAddress: - description: Email address for which to trigger a verification request. - type: string - phoneNumber: + hashedAccountId: description: >- - Phone number for which to trigger a verification request. Should be - given in E.164 format. + Optional. Deprecated: use `account_id` instead. The unique stable + hashed account identifier used to search connections. The identifier + should correspond to a `hashed_account_id` provided in a previous + `CreateAssessment` or `AnnotateAssessment` call. Either + hashed_account_id or account_id must be set, but not both. + format: byte + deprecated: true type: string - requestToken: + pageSize: + format: int32 description: >- - Output only. Token to provide to the client to trigger endpoint - verification. It must be used within 15 minutes. - readOnly: true + Optional. The maximum number of groups to return. The service might + return fewer than this value. If unspecified, at most 50 groups are + returned. The maximum value is 1000; values above 1000 are coerced + to 1000. + type: integer + pageToken: type: string - lastVerificationTime: description: >- - Output only. Timestamp of the last successful verification for the - endpoint, if any. - readOnly: true + Optional. A page token, received from a previous + `SearchRelatedAccountGroupMemberships` call. Provide this to + retrieve the subsequent page. When paginating, all other parameters + provided to `SearchRelatedAccountGroupMemberships` must match the + call that provided the page token. + accountId: type: string - format: google-datetime - GoogleCloudRecaptchaenterpriseV1AccountDefenderAssessment: - id: GoogleCloudRecaptchaenterpriseV1AccountDefenderAssessment - description: Account defender risk assessment. + description: >- + Optional. The unique stable account identifier used to search + connections. The identifier should correspond to an `account_id` + provided in a previous `CreateAssessment` or `AnnotateAssessment` + call. Either hashed_account_id or account_id must be set, but not + both. + GoogleCloudRecaptchaenterpriseV1TransactionDataItem: type: object + description: Line items being purchased in this transaction. + id: GoogleCloudRecaptchaenterpriseV1TransactionDataItem properties: - labels: - description: Output only. Labels for this request. - readOnly: true - type: array - items: - type: string - enumDescriptions: - - Default unspecified type. - - The request matches a known good profile for the user. - - >- - The request is potentially a suspicious login event and must be - further verified either through multi-factor authentication or - another system. - - >- - The request matched a profile that previously had suspicious - account creation behavior. This can mean that this is a fake - account. - - >- - The account in the request has a high number of related - accounts. It does not necessarily imply that the account is bad - but can require further investigation. - enum: - - ACCOUNT_DEFENDER_LABEL_UNSPECIFIED - - PROFILE_MATCH - - SUSPICIOUS_LOGIN_ACTIVITY - - SUSPICIOUS_ACCOUNT_CREATION - - RELATED_ACCOUNTS_NUMBER_HIGH - GoogleCloudRecaptchaenterpriseV1PrivatePasswordLeakVerification: - id: GoogleCloudRecaptchaenterpriseV1PrivatePasswordLeakVerification - description: Private password leak verification info. + name: + description: Optional. The full name of the item. + type: string + quantity: + format: int64 + description: Optional. The quantity of this item that is being purchased. + type: string + merchantAccountId: + description: >- + Optional. When a merchant is specified, its corresponding + account_id. Necessary to populate marketplace-style transactions. + type: string + value: + format: double + description: >- + Optional. The value per item that the user is paying, in the + transaction currency, after discounts. + type: number + GoogleCloudRecaptchaenterpriseV1TransactionDataUser: type: object + id: GoogleCloudRecaptchaenterpriseV1TransactionDataUser properties: - lookupHashPrefix: - description: >- - Required. Exactly 26-bit prefix of the SHA-256 hash of the - canonicalized username. It is used to look up password leaks - associated with that hash prefix. + accountId: type: string - format: byte - encryptedUserCredentialsHash: description: >- - Optional. Encrypted Scrypt hash of the canonicalized - username+password. It is re-encrypted by the server and returned - through `reencrypted_user_credentials_hash`. + Optional. Unique account identifier for this user. If using account + defender, this should match the hashed_account_id field. Otherwise, + a unique and persistent identifier for this account. + email: + description: Optional. The email address of the user. type: string - format: byte - encryptedLeakMatchPrefixes: + phoneVerified: + type: boolean description: >- - Output only. List of prefixes of the encrypted potential password - leaks that matched the given parameters. They must be compared with - the client-side decryption prefix of - `reencrypted_user_credentials_hash` - readOnly: true - type: array - items: - type: string - format: byte - reencryptedUserCredentialsHash: - description: >- - Output only. Corresponds to the re-encryption of the - `encrypted_user_credentials_hash` field. It is used to match - potential password leaks within `encrypted_leak_match_prefixes`. - readOnly: true + Optional. Whether the phone number has been verified to be + accessible by the user (OTP or similar). + creationMs: + description: Optional. The epoch milliseconds of the user's account creation. type: string - format: byte - GoogleCloudRecaptchaenterpriseV1FirewallPolicyAssessment: - id: GoogleCloudRecaptchaenterpriseV1FirewallPolicyAssessment - description: Policy config assessment. - type: object - properties: - error: - description: >- - Output only. If the processing of a policy config fails, an error is - populated and the firewall_policy is left empty. - readOnly: true - $ref: '#/components/schemas/GoogleRpcStatus' - firewallPolicy: + format: int64 + phoneNumber: + type: string + description: Optional. The phone number of the user, with country code. + emailVerified: + type: boolean description: >- - Output only. The policy that matched the request. If more than one - policy may match, this is the first match. If no policy matches the - incoming request, the policy field is left empty. - readOnly: true - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallPolicy' - GoogleRpcStatus: - id: GoogleRpcStatus + Optional. Whether the email has been verified to be accessible by + the user (OTP or similar). + description: Details about a user's account involved in the transaction. + GoogleCloudRecaptchaenterpriseV1TransactionData: description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + Transaction data associated with a payment protected by reCAPTCHA + Enterprise. type: object + id: GoogleCloudRecaptchaenterpriseV1TransactionData properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + paymentMethod: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + Optional. The payment method for the transaction. The allowed values + are: * credit-card * debit-card * gift-card * processor-{name} (If a + third-party is used, for example, processor-paypal) * custom-{name} + (If an alternative method is used, for example, custom-crypto) type: string - details: + merchants: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + Optional. Information about the user or users fulfilling the + transaction. type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleCloudRecaptchaenterpriseV1FirewallPolicy: - id: GoogleCloudRecaptchaenterpriseV1FirewallPolicy - description: >- - A FirewallPolicy represents a single matching pattern and resulting - actions to take. - type: object - properties: - name: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1TransactionDataUser + user: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1TransactionDataUser description: >- - Identifier. The resource name for the FirewallPolicy in the format - `projects/{project}/firewallpolicies/{firewallpolicy}`. + Optional. Information about the user paying/initiating the + transaction. + cardLastFour: + type: string + description: Optional. The last four digits of the card. + gatewayInfo: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1TransactionDataGatewayInfo + description: >- + Optional. Information about the payment gateway's response to the + transaction. + cardBin: + type: string + description: >- + Optional. The Bank Identification Number - generally the first 6 or + 8 digits of the card. + billingAddress: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1TransactionDataAddress + description: >- + Optional. Address associated with the payment method when + applicable. + shippingValue: + format: double + type: number + description: >- + Optional. The value of shipping in the specified currency. 0 for + free or no shipping. + value: + type: number + format: double + description: >- + Optional. The decimal value of the transaction in the specified + currency. + transactionId: type: string + description: >- + Unique identifier for the transaction. This custom identifier can be + used to reference this transaction in the future, for example, + labeling a refund or chargeback event. Two attempts at the same + transaction should use the same transaction id. + items: + items: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1TransactionDataItem + type: array + description: Optional. Items purchased in this transaction. + currencyCode: + description: Optional. The currency code in ISO-4217 format. + type: string + shippingAddress: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1TransactionDataAddress + description: >- + Optional. Destination address if this transaction involves shipping + a physical item. + GoogleCloudRecaptchaenterpriseV1FirewallPolicy: + properties: description: description: >- Optional. A description of what this policy aims to achieve, for convenience purposes. The description can at most include 256 UTF-8 characters. type: string + name: + description: >- + Identifier. The resource name for the FirewallPolicy in the format + `projects/{project}/firewallpolicies/{firewallpolicy}`. + type: string path: description: >- Optional. The path for which this policy applies, specified as a @@ -868,7 +749,20 @@ components: page](https://man7.org/linux/man-pages/man7/glob.7.html). A path has a max length of 200 characters. type: string + actions: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallAction + description: >- + Optional. The actions that the caller should take regarding user + access. There should be at most one terminal action. A terminal + action is any action that forces a response, such as `AllowAction`, + `BlockAction` or `SubstituteAction`. Zero or more non-terminal + actions such as `SetHeader` might be specified. A single policy can + contain up to 16 actions. condition: + type: string description: >- Optional. A CEL (Common Expression Language) conditional expression that specifies if this policy applies to an incoming user request. @@ -879,496 +773,378 @@ components: spec](https://github.com/google/cel-spec) and its [language definition](https://github.com/google/cel-spec/blob/master/doc/langdef.md). A condition has a max length of 500 characters. - type: string - actions: - description: >- - Optional. The actions that the caller should take regarding user - access. There should be at most one terminal action. A terminal - action is any action that forces a response, such as `AllowAction`, - `BlockAction` or `SubstituteAction`. Zero or more non-terminal - actions such as `SetHeader` might be specified. A single policy can - contain up to 16 actions. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallAction - GoogleCloudRecaptchaenterpriseV1FirewallAction: - id: GoogleCloudRecaptchaenterpriseV1FirewallAction + type: object + id: GoogleCloudRecaptchaenterpriseV1FirewallPolicy description: >- - An individual action. Each action represents what to do if a policy - matches. + A FirewallPolicy represents a single matching pattern and resulting + actions to take. + GoogleCloudRecaptchaenterpriseV1RiskAnalysis: + description: Risk analysis result for an event. + id: GoogleCloudRecaptchaenterpriseV1RiskAnalysis type: object properties: - allow: - description: >- - The user request did not match any policy and should be allowed - access to the requested resource. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallActionAllowAction - block: - description: >- - This action denies access to a given page. The user gets an HTTP - error code. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallActionBlockAction - includeRecaptchaScript: - description: >- - This action injects reCAPTCHA JavaScript code into the HTML page - returned by the site backend. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallActionIncludeRecaptchaScriptAction - redirect: + reasons: + description: Output only. Reasons contributing to the risk analysis verdict. + type: array + readOnly: true + items: + type: string + enum: + - CLASSIFICATION_REASON_UNSPECIFIED + - AUTOMATION + - UNEXPECTED_ENVIRONMENT + - TOO_MUCH_TRAFFIC + - UNEXPECTED_USAGE_PATTERNS + - LOW_CONFIDENCE_SCORE + - SUSPECTED_CARDING + - SUSPECTED_CHARGEBACK + enumDescriptions: + - Default unspecified type. + - Interactions matched the behavior of an automated agent. + - The event originated from an illegitimate environment. + - Traffic volume from the event source is higher than normal. + - >- + Interactions with the site were significantly different than + expected patterns. + - >- + Too little traffic has been received from this site thus far to + generate quality risk analysis. + - >- + The request matches behavioral characteristics of a carding + attack. + - >- + The request matches behavioral characteristics of chargebacks + for fraud. + verifiedBots: + readOnly: true + type: array + items: + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1Bot' description: >- - This action redirects the request to a reCAPTCHA interstitial to - attach a token. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallActionRedirectAction - substitute: + Output only. Bots with identities that have been verified by + reCAPTCHA and detected in the event. + challenge: description: >- - This action transparently serves a different page to an offending - user. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallActionSubstituteAction - setHeader: - description: >- - This action sets a custom header but allow the request to continue - to the customer backend. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallActionSetHeaderAction - GoogleCloudRecaptchaenterpriseV1FirewallActionAllowAction: - id: GoogleCloudRecaptchaenterpriseV1FirewallActionAllowAction - description: An allow action continues processing a request unimpeded. - type: object - properties: {} - GoogleCloudRecaptchaenterpriseV1FirewallActionBlockAction: - id: GoogleCloudRecaptchaenterpriseV1FirewallActionBlockAction - description: >- - A block action serves an HTTP error code a prevents the request from - hitting the backend. - type: object - properties: {} - GoogleCloudRecaptchaenterpriseV1FirewallActionIncludeRecaptchaScriptAction: - id: >- - GoogleCloudRecaptchaenterpriseV1FirewallActionIncludeRecaptchaScriptAction - description: >- - An include reCAPTCHA script action involves injecting reCAPTCHA - JavaScript code into the HTML returned by the site backend. This - reCAPTCHA script is tasked with collecting user signals on the requested - web page, issuing tokens as a cookie within the site domain, and - enabling their utilization in subsequent page requests. - type: object - properties: {} - GoogleCloudRecaptchaenterpriseV1FirewallActionRedirectAction: - id: GoogleCloudRecaptchaenterpriseV1FirewallActionRedirectAction - description: >- - A redirect action returns a 307 (temporary redirect) response, pointing - the user to a reCAPTCHA interstitial page to attach a token. - type: object - properties: {} - GoogleCloudRecaptchaenterpriseV1FirewallActionSubstituteAction: - id: GoogleCloudRecaptchaenterpriseV1FirewallActionSubstituteAction - description: >- - A substitute action transparently serves a different page than the one - requested. - type: object - properties: - path: - description: >- - Optional. The address to redirect to. The target is a relative path - in the current host. Example: "/blog/404.html". - type: string - GoogleCloudRecaptchaenterpriseV1FirewallActionSetHeaderAction: - id: GoogleCloudRecaptchaenterpriseV1FirewallActionSetHeaderAction - description: >- - A set header action sets a header and forwards the request to the - backend. This can be used to trigger custom protection implemented on - the backend. - type: object - properties: - key: - description: >- - Optional. The header key to set in the request to the backend - server. - type: string - value: - description: >- - Optional. The header value to set in the request to the backend - server. - type: string - GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessment: - id: GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessment - description: Assessment for Fraud Prevention. - type: object - properties: - transactionRisk: - description: >- - Output only. Probability of this transaction being fraudulent. - Summarizes the combined risk of attack vectors below. Values are - from 0.0 (lowest) to 1.0 (highest). - readOnly: true - type: number - format: float - riskReasons: - description: >- - Output only. Reasons why the transaction is probably fraudulent and - received a high transaction risk score. - readOnly: true - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentRiskReason - stolenInstrumentVerdict: - description: >- - Output only. Assessment of this transaction for risk of a stolen - instrument. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentStolenInstrumentVerdict - cardTestingVerdict: - description: >- - Output only. Assessment of this transaction for risk of being part - of a card testing attack. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentCardTestingVerdict - behavioralTrustVerdict: - description: Output only. Assessment of this transaction for behavioral trust. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentBehavioralTrustVerdict - GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentRiskReason: - id: GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentRiskReason - description: Risk reasons applicable to the Fraud Prevention assessment. - type: object - properties: - reason: - description: >- - Output only. Risk reasons applicable to the Fraud Prevention - assessment. + Output only. Challenge information for POLICY_BASED_CHALLENGE and + INVISIBLE keys. + enum: + - CHALLENGE_UNSPECIFIED + - NOCAPTCHA + - PASSED + - FAILED readOnly: true type: string enumDescriptions: - Default unspecified type. + - No challenge was presented for solving. + - A solution was submitted that was correct. - >- - A suspiciously high number of recent transactions have used - identifiers present in this transaction. - - >- - User is cycling through a suspiciously large number of - identifiers, suggesting enumeration or validation attacks within a - potential fraud network. - - >- - User has a short history or no history in the reCAPTCHA network, - suggesting the possibility of synthetic identity generation. - - >- - Identifiers used in this transaction originate from an unusual or - conflicting set of geolocations. - - >- - This transaction is linked to a cluster of known fraudulent - activity. - enum: - - REASON_UNSPECIFIED - - HIGH_TRANSACTION_VELOCITY - - EXCESSIVE_ENUMERATION_PATTERN - - SHORT_IDENTITY_HISTORY - - GEOLOCATION_DISCREPANCY - - ASSOCIATED_WITH_FRAUD_CLUSTER - GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentStolenInstrumentVerdict: - id: >- - GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentStolenInstrumentVerdict - description: >- - Information about stolen instrument fraud, where the user is not the - legitimate owner of the instrument being used for the purchase. - type: object - properties: - risk: - description: >- - Output only. Probability of this transaction being executed with a - stolen instrument. Values are from 0.0 (lowest) to 1.0 (highest). + A solution was submitted that was incorrect or otherwise deemed + suspicious. + score: readOnly: true - type: number format: float - GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentCardTestingVerdict: - id: >- - GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentCardTestingVerdict - description: >- - Information about card testing fraud, where an adversary is testing - fraudulently obtained cards or brute forcing their details. - type: object - properties: - risk: description: >- - Output only. Probability of this transaction attempt being part of a - card testing attack. Values are from 0.0 (lowest) to 1.0 (highest). - readOnly: true + Output only. Legitimate event score from 0.0 to 1.0. (1.0 means very + likely legitimate traffic while 0.0 means very likely non-legitimate + traffic). type: number - format: float + extendedVerdictReasons: + items: + type: string + description: >- + Output only. Extended verdict reasons to be used for experimentation + only. The set of possible reasons is subject to change. + type: array + readOnly: true GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentBehavioralTrustVerdict: id: >- GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentBehavioralTrustVerdict - description: Information about behavioral trust of the transaction. type: object + description: Information about behavioral trust of the transaction. properties: trust: + readOnly: true + type: number description: >- Output only. Probability of this transaction attempt being executed in a behaviorally trustworthy way. Values are from 0.0 (lowest) to 1.0 (highest). - readOnly: true - type: number format: float - GoogleCloudRecaptchaenterpriseV1FraudSignals: - id: GoogleCloudRecaptchaenterpriseV1FraudSignals - description: Fraud signals describing users and cards involved in the transaction. + GoogleCloudRecaptchaenterpriseV1FirewallPolicyAssessment: + description: Policy config assessment. + id: GoogleCloudRecaptchaenterpriseV1FirewallPolicyAssessment type: object properties: - userSignals: - description: Output only. Signals describing the end user in this transaction. - readOnly: true - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FraudSignalsUserSignals - cardSignals: - description: >- - Output only. Signals describing the payment card or cards used in - this transaction. + error: readOnly: true - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FraudSignalsCardSignals - GoogleCloudRecaptchaenterpriseV1FraudSignalsUserSignals: - id: GoogleCloudRecaptchaenterpriseV1FraudSignalsUserSignals - description: Signals describing the user involved in this transaction. - type: object - properties: - activeDaysLowerBound: + $ref: '#/components/schemas/GoogleRpcStatus' description: >- - Output only. This user (based on email, phone, and other - identifiers) has been seen on the internet for at least this number - of days. - readOnly: true - type: integer - format: int32 - syntheticRisk: + Output only. If the processing of a policy config fails, an error is + populated and the firewall_policy is left empty. + firewallPolicy: description: >- - Output only. Likelihood (from 0.0 to 1.0) this user includes - synthetic components in their identity, such as a randomly generated - email address, temporary phone number, or fake shipping address. + Output only. The policy that matched the request. If more than one + policy may match, this is the first match. If no policy matches the + incoming request, the policy field is left empty. + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallPolicy' readOnly: true - type: number - format: float - GoogleCloudRecaptchaenterpriseV1FraudSignalsCardSignals: - id: GoogleCloudRecaptchaenterpriseV1FraudSignalsCardSignals - description: Signals describing the payment card used in this transaction. - type: object + GoogleCloudRecaptchaenterpriseV1PrivatePasswordLeakVerification: properties: - cardLabels: - description: Output only. The labels for the payment card in this transaction. - readOnly: true - type: array + encryptedLeakMatchPrefixes: + description: >- + Output only. List of prefixes of the encrypted potential password + leaks that matched the given parameters. They must be compared with + the client-side decryption prefix of + `reencrypted_user_credentials_hash` items: type: string - enumDescriptions: - - No label specified. - - This card has been detected as prepaid. - - >- - This card has been detected as virtual, such as a card number - generated for a single transaction or merchant. - - >- - This card has been detected as being used in an unexpected - geographic location. - enum: - - CARD_LABEL_UNSPECIFIED - - PREPAID - - VIRTUAL - - UNEXPECTED_LOCATION - GoogleCloudRecaptchaenterpriseV1PhoneFraudAssessment: - id: GoogleCloudRecaptchaenterpriseV1PhoneFraudAssessment - description: Assessment for Phone Fraud - type: object - properties: - smsTollFraudVerdict: + format: byte + type: array + readOnly: true + encryptedUserCredentialsHash: description: >- - Output only. Assessment of this phone event for risk of SMS toll - fraud. + Optional. Encrypted Scrypt hash of the canonicalized + username+password. It is re-encrypted by the server and returned + through `reencrypted_user_credentials_hash`. + format: byte + type: string + lookupHashPrefix: + type: string + format: byte + description: >- + Required. Exactly 26-bit prefix of the SHA-256 hash of the + canonicalized username. It is used to look up password leaks + associated with that hash prefix. + reencryptedUserCredentialsHash: + description: >- + Output only. Corresponds to the re-encryption of the + `encrypted_user_credentials_hash` field. It is used to match + potential password leaks within `encrypted_leak_match_prefixes`. readOnly: true - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1SmsTollFraudVerdict - GoogleCloudRecaptchaenterpriseV1SmsTollFraudVerdict: - id: GoogleCloudRecaptchaenterpriseV1SmsTollFraudVerdict - description: Information about SMS toll fraud. + format: byte + type: string + id: GoogleCloudRecaptchaenterpriseV1PrivatePasswordLeakVerification + type: object + description: Private password leak verification info. + GoogleCloudRecaptchaenterpriseV1FraudSignals: type: object + description: Fraud signals describing users and cards involved in the transaction. + id: GoogleCloudRecaptchaenterpriseV1FraudSignals properties: - risk: + cardSignals: description: >- - Output only. Probability of an SMS event being fraudulent. Values - are from 0.0 (lowest) to 1.0 (highest). + Output only. Signals describing the payment card or cards used in + this transaction. readOnly: true - type: number - format: float - reasons: - description: Output only. Reasons contributing to the SMS toll fraud verdict. + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FraudSignalsCardSignals + userSignals: + description: Output only. Signals describing the end user in this transaction. + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FraudSignalsUserSignals readOnly: true + GoogleCloudRecaptchaenterpriseV1IOSKeySettings: + id: GoogleCloudRecaptchaenterpriseV1IOSKeySettings + type: object + description: Settings specific to keys that can be used by iOS apps. + properties: + allowAllBundleIds: + type: boolean + description: Optional. If set to true, allowed_bundle_ids are not enforced. + allowedBundleIds: type: array items: type: string - enumDescriptions: - - Default unspecified reason - - The provided phone number was invalid - enum: - - SMS_TOLL_FRAUD_REASON_UNSPECIFIED - - INVALID_PHONE_NUMBER - GoogleCloudRecaptchaenterpriseV1AssessmentEnvironment: - id: GoogleCloudRecaptchaenterpriseV1AssessmentEnvironment + description: >- + Optional. iOS bundle IDs of apps allowed to use the key. Example: + 'com.companyname.productname.appname' Each key supports a maximum of + 250 bundle IDs. To use a key on more apps, set + `allow_all_bundle_ids` to true. When this is set, you are + responsible for validating the bundle id by checking the + `token_properties.ios_bundle_id` field in each assessment response + against your list of allowed bundle IDs. + appleDeveloperId: + description: >- + Optional. Apple Developer account details for the app that is + protected by the reCAPTCHA Key. reCAPTCHA leverages + platform-specific checks like Apple App Attest and Apple DeviceCheck + to protect your app from abuse. Providing these fields allows + reCAPTCHA to get a better assessment of the integrity of your app. + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1AppleDeveloperId + GoogleCloudRecaptchaenterpriseV1WebKeySettingsChallengeSettings: description: >- - The environment creating the assessment. This describes your environment - (the system invoking CreateAssessment), NOT the environment of your - user. + Settings for POLICY_BASED_CHALLENGE keys to control when a challenge is + triggered. type: object + id: GoogleCloudRecaptchaenterpriseV1WebKeySettingsChallengeSettings properties: - client: + defaultSettings: description: >- - Optional. Identifies the client module initiating the - CreateAssessment request. This can be the link to the client - module's project. Examples include: - - "github.com/GoogleCloudPlatform/recaptcha-enterprise-google-tag-manager" - - "cloud.google.com/recaptcha/docs/implement-waf-akamai" - - "cloud.google.com/recaptcha/docs/implement-waf-cloudflare" - - "wordpress.org/plugins/recaptcha-something" - type: string - version: - description: Optional. The version of the client module. For example, "1.0.0". - type: string - GoogleCloudRecaptchaenterpriseV1AnnotateAssessmentRequest: - id: GoogleCloudRecaptchaenterpriseV1AnnotateAssessmentRequest - description: The request message to annotate an Assessment. - type: object + Required. Defines when a challenge is triggered (unless the default + threshold is overridden for the given action, see + `action_settings`). + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1WebKeySettingsActionSettings + actionSettings: + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1WebKeySettingsActionSettings + description: >- + Optional. The action to score threshold map. The action name should + be the same as the action name passed in the `data-action` attribute + (see https://cloud.google.com/recaptcha/docs/actions-website). + Action names are case-insensitive. There is a maximum of 100 action + settings. An action name has a maximum length of 100. + type: object + GoogleCloudRecaptchaenterpriseV1WafSettings: + id: GoogleCloudRecaptchaenterpriseV1WafSettings properties: - annotation: + wafService: + enum: + - WAF_SERVICE_UNSPECIFIED + - CA + - FASTLY + - CLOUDFLARE + - AKAMAI description: >- - Optional. The annotation that is assigned to the Event. This field - can be left empty to provide reasons that apply to an event without - concluding whether the event is legitimate or fraudulent. - type: string + Required. The Web Application Firewall (WAF) service that uses this + key. enumDescriptions: - - Default unspecified type. - - Provides information that the event turned out to be legitimate. - - Provides information that the event turned out to be fraudulent. - - >- - Provides information that the event was related to a login event - in which the user typed the correct password. Deprecated, prefer - indicating CORRECT_PASSWORD through the reasons field instead. - - >- - Provides information that the event was related to a login event - in which the user typed the incorrect password. Deprecated, prefer - indicating INCORRECT_PASSWORD through the reasons field instead. + - Undefined WAF + - Cloud Armor + - Fastly + - Cloudflare + - Akamai + type: string + wafFeature: enumDeprecated: - false - false - false - - true + - false - true enum: - - ANNOTATION_UNSPECIFIED - - LEGITIMATE - - FRAUDULENT - - PASSWORD_CORRECT - - PASSWORD_INCORRECT - reasons: - description: Optional. Reasons for the annotation that are assigned to the event. - type: array - items: - type: string - enumDescriptions: - - Unspecified reason. Do not use. - - >- - Indicates that the transaction had a chargeback issued with no - other details. When possible, specify the type by using - CHARGEBACK_FRAUD or CHARGEBACK_DISPUTE instead. - - >- - Indicates that the transaction had a chargeback issued related - to an alleged unauthorized transaction from the cardholder's - perspective (for example, the card number was stolen). - - >- - Indicates that the transaction had a chargeback issued related - to the cardholder having provided their card details but - allegedly not being satisfied with the purchase (for example, - misrepresentation, attempted cancellation). - - >- - Indicates that the completed payment transaction was refunded by - the seller. - - >- - Indicates that the completed payment transaction was determined - to be fraudulent by the seller, and was cancelled and refunded - as a result. - - >- - Indicates that the payment transaction was accepted, and the - user was charged. - - >- - Indicates that the payment transaction was declined, for example - due to invalid card details. - - >- - Indicates the transaction associated with the assessment is - suspected of being fraudulent based on the payment method, - billing details, shipping address or other transaction - information. - - >- - Indicates that the user was served a 2FA challenge. An old - assessment with `ENUM_VALUES.INITIATED_TWO_FACTOR` reason that - has not been overwritten with `PASSED_TWO_FACTOR` is treated as - an abandoned 2FA flow. This is equivalent to - `FAILED_TWO_FACTOR`. - - Indicates that the user passed a 2FA challenge. - - Indicates that the user failed a 2FA challenge. - - Indicates the user provided the correct password. - - Indicates the user provided an incorrect password. - - >- - Indicates that the user sent unwanted and abusive messages to - other users of the platform, such as spam, scams, phishing, or - social engineering. - enum: - - REASON_UNSPECIFIED - - CHARGEBACK - - CHARGEBACK_FRAUD - - CHARGEBACK_DISPUTE - - REFUND - - REFUND_FRAUD - - TRANSACTION_ACCEPTED - - TRANSACTION_DECLINED - - PAYMENT_HEURISTICS - - INITIATED_TWO_FACTOR - - PASSED_TWO_FACTOR - - FAILED_TWO_FACTOR - - CORRECT_PASSWORD - - INCORRECT_PASSWORD - - SOCIAL_SPAM - accountId: - description: >- - Optional. A stable account identifier to apply to the assessment. - This is an alternative to setting `account_id` in - `CreateAssessment`, for example when a stable account identifier is - not yet known in the initial request. + - WAF_FEATURE_UNSPECIFIED + - CHALLENGE_PAGE + - SESSION_TOKEN + - ACTION_TOKEN + - EXPRESS type: string - hashedAccountId: description: >- - Optional. A stable hashed account identifier to apply to the - assessment. This is an alternative to setting `hashed_account_id` in - `CreateAssessment`, for example when a stable account identifier is - not yet known in the initial request. + Required. The Web Application Firewall (WAF) feature for which this + key is enabled. + enumDescriptions: + - Undefined feature. + - Redirects suspicious traffic to reCAPTCHA. + - >- + Use reCAPTCHA session-tokens to protect the whole user session on + the site's domain. + - Use reCAPTCHA action-tokens to protect user actions. + - 'Deprecated: Use `express_settings` instead.' + type: object + description: >- + Settings specific to keys that can be used for WAF (Web Application + Firewall). + GoogleCloudRecaptchaenterpriseV1FirewallActionBlockAction: + type: object + id: GoogleCloudRecaptchaenterpriseV1FirewallActionBlockAction + description: >- + A block action serves an HTTP error code a prevents the request from + hitting the backend. + properties: {} + GoogleProtobufEmpty: + type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + properties: {} + id: GoogleProtobufEmpty + GoogleCloudRecaptchaenterpriseV1ListFirewallPoliciesResponse: + id: GoogleCloudRecaptchaenterpriseV1ListFirewallPoliciesResponse + description: Response to request to list firewall policies belonging to a project. + type: object + properties: + firewallPolicies: + type: array + description: Policy details. + items: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallPolicy + nextPageToken: type: string - format: byte - transactionEvent: description: >- - Optional. If the assessment is part of a payment transaction, - provide details on payment lifecycle events that occur in the - transaction. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1TransactionEvent + Token to retrieve the next page of results. It is set to empty if no + policies remain in results. + GoogleCloudRecaptchaenterpriseV1AppleDeveloperId: + properties: + teamId: + type: string + description: >- + Required. The Apple team ID (10-character string) owning the + provisioning profile used to build your application. + privateKey: + description: >- + Required. Input only. A private key (downloaded as a text file with + a .p8 file extension) generated for your Apple Developer account. + Ensure that Apple DeviceCheck is enabled for the private key. + type: string + keyId: + description: Required. The Apple developer key ID (10-character string). + type: string + type: object + description: >- + Contains fields that are required to perform Apple-specific integrity + checks. + id: GoogleCloudRecaptchaenterpriseV1AppleDeveloperId GoogleCloudRecaptchaenterpriseV1TransactionEvent: id: GoogleCloudRecaptchaenterpriseV1TransactionEvent - description: Describes an event in the lifecycle of a payment transaction. - type: object properties: + reason: + description: >- + Optional. The reason or standardized code that corresponds with this + transaction event, if one exists. For example, a CHARGEBACK event + with code 6005. + type: string + value: + format: double + type: number + description: >- + Optional. The value that corresponds with this transaction event, if + one exists. For example, a refund event where $5.00 was refunded. + Currency is obtained from the original transaction data. + eventTime: + type: string + format: google-datetime + description: >- + Optional. Timestamp when this transaction event occurred; otherwise + assumed to be the time of the API call. eventType: - description: Optional. The type of this transaction event. type: string + description: Optional. The type of this transaction event. + enum: + - TRANSACTION_EVENT_TYPE_UNSPECIFIED + - MERCHANT_APPROVE + - MERCHANT_DENY + - MANUAL_REVIEW + - AUTHORIZATION + - AUTHORIZATION_DECLINE + - PAYMENT_CAPTURE + - PAYMENT_CAPTURE_DECLINE + - CANCEL + - CHARGEBACK_INQUIRY + - CHARGEBACK_ALERT + - FRAUD_NOTIFICATION + - CHARGEBACK + - CHARGEBACK_REPRESENTMENT + - CHARGEBACK_REVERSE + - REFUND_REQUEST + - REFUND_DECLINE + - REFUND + - REFUND_REVERSE enumDescriptions: - Default, unspecified event type. - >- @@ -1453,739 +1229,1011 @@ components: Indicates that the completed transaction was refunded by the merchant, and that this refund was reversed. For partial refunds, we recommend that you include an amount in the `value` field. - enum: - - TRANSACTION_EVENT_TYPE_UNSPECIFIED - - MERCHANT_APPROVE - - MERCHANT_DENY - - MANUAL_REVIEW - - AUTHORIZATION - - AUTHORIZATION_DECLINE - - PAYMENT_CAPTURE - - PAYMENT_CAPTURE_DECLINE - - CANCEL - - CHARGEBACK_INQUIRY - - CHARGEBACK_ALERT - - FRAUD_NOTIFICATION - - CHARGEBACK - - CHARGEBACK_REPRESENTMENT - - CHARGEBACK_REVERSE - - REFUND_REQUEST - - REFUND_DECLINE - - REFUND - - REFUND_REVERSE - reason: - description: >- - Optional. The reason or standardized code that corresponds with this - transaction event, if one exists. For example, a CHARGEBACK event - with code 6005. + description: Describes an event in the lifecycle of a payment transaction. + type: object + GoogleCloudRecaptchaenterpriseV1ListRelatedAccountGroupsResponse: + properties: + nextPageToken: type: string - value: - description: >- - Optional. The value that corresponds with this transaction event, if - one exists. For example, a refund event where $5.00 was refunded. - Currency is obtained from the original transaction data. - type: number - format: double - eventTime: description: >- - Optional. Timestamp when this transaction event occurred; otherwise - assumed to be the time of the API call. - type: string - format: google-datetime - GoogleCloudRecaptchaenterpriseV1AnnotateAssessmentResponse: - id: GoogleCloudRecaptchaenterpriseV1AnnotateAssessmentResponse - description: Empty response for AnnotateAssessment. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + relatedAccountGroups: + items: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1RelatedAccountGroup + type: array + description: The groups of related accounts listed by the query. + id: GoogleCloudRecaptchaenterpriseV1ListRelatedAccountGroupsResponse + type: object + description: The response to a `ListRelatedAccountGroups` call. + GoogleCloudRecaptchaenterpriseV1RemoveIpOverrideResponse: + id: GoogleCloudRecaptchaenterpriseV1RemoveIpOverrideResponse + description: Response for RemoveIpOverride. type: object properties: {} - GoogleCloudRecaptchaenterpriseV1Key: - id: GoogleCloudRecaptchaenterpriseV1Key + GoogleCloudRecaptchaenterpriseV1RetrieveLegacySecretKeyResponse: description: >- - A key used to identify and configure applications (web and/or mobile) - that use reCAPTCHA Enterprise. - type: object + Secret key is used only in legacy reCAPTCHA. It must be used in a 3rd + party integration with legacy reCAPTCHA. properties: - name: - description: >- - Identifier. The resource name for the Key in the format - `projects/{project}/keys/{key}`. - type: string - displayName: - description: >- - Required. Human-readable display name of this key. Modifiable by - user. - type: string - webSettings: - description: Settings for keys that can be used by websites. - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1WebKeySettings' - androidSettings: - description: Settings for keys that can be used by Android apps. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1AndroidKeySettings - iosSettings: - description: Settings for keys that can be used by iOS apps. - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1IOSKeySettings' - expressSettings: - description: Settings for keys that can be used by reCAPTCHA Express. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1ExpressKeySettings - labels: - description: >- - Optional. See [Creating and managing labels] - (https://cloud.google.com/recaptcha/docs/labels). - type: object - additionalProperties: - type: string - createTime: + legacySecretKey: description: >- - Output only. The timestamp corresponding to the creation of this - key. - readOnly: true + The secret key (also known as shared secret) authorizes + communication between your application backend and the reCAPTCHA + Enterprise server to create an assessment. The secret key needs to + be kept safe for security purposes. type: string - format: google-datetime - testingOptions: - description: Optional. Options for user acceptance testing. - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1TestingOptions' - wafSettings: - description: Optional. Settings for WAF - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1WafSettings' - GoogleCloudRecaptchaenterpriseV1WebKeySettings: - id: GoogleCloudRecaptchaenterpriseV1WebKeySettings - description: Settings specific to keys that can be used by websites. + type: object + id: GoogleCloudRecaptchaenterpriseV1RetrieveLegacySecretKeyResponse + GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentRiskReason: + description: Risk reasons applicable to the Fraud Prevention assessment. + id: GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentRiskReason type: object properties: - allowAllDomains: - description: Optional. If set to true, it means allowed_domains are not enforced. - type: boolean - allowedDomains: - description: >- - Optional. Domains or subdomains of websites allowed to use the key. - All subdomains of an allowed domain are automatically allowed. A - valid domain requires a host and must not include any path, port, - query or fragment. Examples: 'example.com' or - 'subdomain.example.com' - type: array - items: - type: string - allowAmpTraffic: + reason: + type: string description: >- - Optional. If set to true, the key can be used on AMP (Accelerated - Mobile Pages) websites. This is supported only for the SCORE - integration type. - type: boolean - integrationType: - description: Required. Describes how this key is integrated with the website. - type: string + Output only. Risk reasons applicable to the Fraud Prevention + assessment. + readOnly: true enumDescriptions: + - Default unspecified type. - >- - Default type that indicates this enum hasn't been specified. This - is not a valid IntegrationType, one of the other types must be - specified instead. + A suspiciously high number of recent transactions have used + identifiers present in this transaction. - >- - Only used to produce scores. It doesn't display the "I'm not a - robot" checkbox and never shows captcha challenges. + User is cycling through a suspiciously large number of + identifiers, suggesting enumeration or validation attacks within a + potential fraud network. - >- - Displays the "I'm not a robot" checkbox and may show captcha - challenges after it is checked. + User has a short history or no history in the reCAPTCHA network, + suggesting the possibility of synthetic identity generation. - >- - Doesn't display the "I'm not a robot" checkbox, but may show - captcha challenges after risk analysis. + Identifiers used in this transaction originate from an unusual or + conflicting set of geolocations. - >- - Displays a visual challenge or not depending on the user risk - analysis score. + This transaction is linked to a cluster of known fraudulent + activity. enum: - - INTEGRATION_TYPE_UNSPECIFIED - - SCORE - - CHECKBOX - - INVISIBLE - - POLICY_BASED_CHALLENGE - challengeSecurityPreference: + - REASON_UNSPECIFIED + - HIGH_TRANSACTION_VELOCITY + - EXCESSIVE_ENUMERATION_PATTERN + - SHORT_IDENTITY_HISTORY + - GEOLOCATION_DISCREPANCY + - ASSOCIATED_WITH_FRAUD_CLUSTER + GoogleCloudRecaptchaenterpriseV1ListKeysResponse: + id: GoogleCloudRecaptchaenterpriseV1ListKeysResponse + properties: + nextPageToken: description: >- - Optional. Settings for the frequency and difficulty at which this - key triggers captcha challenges. This should only be specified for - `IntegrationType` CHECKBOX, INVISIBLE or POLICY_BASED_CHALLENGE. + Token to retrieve the next page of results. It is set to empty if no + keys remain in results. type: string - enumDescriptions: - - Default type that indicates this enum hasn't been specified. - - Key tends to show fewer and easier challenges. - - Key tends to show balanced (in amount and difficulty) challenges. - - Key tends to show more and harder challenges. - enum: - - CHALLENGE_SECURITY_PREFERENCE_UNSPECIFIED - - USABILITY - - BALANCE - - SECURITY - challengeSettings: - description: Optional. Challenge settings. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1WebKeySettingsChallengeSettings - GoogleCloudRecaptchaenterpriseV1WebKeySettingsChallengeSettings: - id: GoogleCloudRecaptchaenterpriseV1WebKeySettingsChallengeSettings - description: >- - Settings for POLICY_BASED_CHALLENGE keys to control when a challenge is - triggered. + keys: + type: array + items: + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1Key' + description: Key details. type: object - properties: - defaultSettings: - description: >- - Required. Defines when a challenge is triggered (unless the default - threshold is overridden for the given action, see - `action_settings`). - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1WebKeySettingsActionSettings - actionSettings: - description: >- - Optional. The action to score threshold map. The action name should - be the same as the action name passed in the `data-action` attribute - (see https://cloud.google.com/recaptcha/docs/actions-website). - Action names are case-insensitive. There is a maximum of 100 action - settings. An action name has a maximum length of 100. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1WebKeySettingsActionSettings - GoogleCloudRecaptchaenterpriseV1WebKeySettingsActionSettings: - id: GoogleCloudRecaptchaenterpriseV1WebKeySettingsActionSettings - description: Per-action challenge settings. + description: Response to request to list keys in a project. + GoogleCloudRecaptchaenterpriseV1UserId: + id: GoogleCloudRecaptchaenterpriseV1UserId type: object + description: An identifier associated with a user. properties: - scoreThreshold: + phoneNumber: + type: string + description: Optional. A phone number. Should use the E.164 format. + username: + type: string description: >- - Required. A challenge is triggered if the end-user score is below - that threshold. Value must be between 0 and 1 (inclusive). - type: number - format: float - GoogleCloudRecaptchaenterpriseV1AndroidKeySettings: - id: GoogleCloudRecaptchaenterpriseV1AndroidKeySettings - description: Settings specific to keys that can be used by Android apps. + Optional. A unique username, if different from all the other + identifiers and `account_id` that are provided. Can be a unique + login handle or display name for a user. + email: + description: Optional. An email address. + type: string + GoogleCloudRecaptchaenterpriseV1Assessment: + id: GoogleCloudRecaptchaenterpriseV1Assessment type: object properties: - allowAllPackageNames: - description: Optional. If set to true, allowed_package_names are not enforced. - type: boolean - allowedPackageNames: + fraudSignals: description: >- - Optional. Android package names of apps allowed to use the key. - Example: 'com.companyname.appname' - type: array - items: - type: string - supportNonGoogleAppStoreDistribution: + Output only. Fraud Signals specific to the users involved in a + payment transaction. + readOnly: true + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1FraudSignals' + name: + readOnly: true description: >- - Optional. Set to true for keys that are used in an Android - application that is available for download in app stores in addition - to the Google Play Store. - type: boolean - GoogleCloudRecaptchaenterpriseV1IOSKeySettings: - id: GoogleCloudRecaptchaenterpriseV1IOSKeySettings - description: Settings specific to keys that can be used by iOS apps. - type: object - properties: - allowAllBundleIds: - description: Optional. If set to true, allowed_bundle_ids are not enforced. - type: boolean - allowedBundleIds: + Output only. Identifier. The resource name for the Assessment in the + format `projects/{project}/assessments/{assessment}`. + type: string + assessmentEnvironment: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1AssessmentEnvironment description: >- - Optional. iOS bundle ids of apps allowed to use the key. Example: - 'com.companyname.productname.appname' - type: array - items: - type: string - appleDeveloperId: + Optional. The environment creating the assessment. This describes + your environment (the system invoking CreateAssessment), NOT the + environment of your user. + riskAnalysis: + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1RiskAnalysis' + description: Output only. The risk analysis result for the event being assessed. + readOnly: true + phoneFraudAssessment: description: >- - Optional. Apple Developer account details for the app that is - protected by the reCAPTCHA Key. reCAPTCHA leverages - platform-specific checks like Apple App Attest and Apple DeviceCheck - to protect your app from abuse. Providing these fields allows - reCAPTCHA to get a better assessment of the integrity of your app. + Output only. Assessment returned when a site key, a token, and a + phone number as `user_id` are provided. Account defender and SMS + toll fraud protection need to be enabled. + readOnly: true $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1AppleDeveloperId - GoogleCloudRecaptchaenterpriseV1AppleDeveloperId: - id: GoogleCloudRecaptchaenterpriseV1AppleDeveloperId - description: >- - Contains fields that are required to perform Apple-specific integrity - checks. - type: object - properties: - privateKey: + #/components/schemas/GoogleCloudRecaptchaenterpriseV1PhoneFraudAssessment + firewallPolicyAssessment: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallPolicyAssessment + readOnly: true description: >- - Required. Input only. A private key (downloaded as a text file with - a .p8 file extension) generated for your Apple Developer account. - Ensure that Apple DeviceCheck is enabled for the private key. - type: string - keyId: - description: Required. The Apple developer key ID (10-character string). - type: string - teamId: + Output only. Assessment returned when firewall policies belonging to + the project are evaluated using the field + firewall_policy_evaluation. + accountDefenderAssessment: + readOnly: true description: >- - Required. The Apple team ID (10-character string) owning the - provisioning profile used to build your application. - type: string - GoogleCloudRecaptchaenterpriseV1ExpressKeySettings: - id: GoogleCloudRecaptchaenterpriseV1ExpressKeySettings - description: Settings specific to keys that can be used for reCAPTCHA Express. - type: object - properties: {} - GoogleCloudRecaptchaenterpriseV1TestingOptions: - id: GoogleCloudRecaptchaenterpriseV1TestingOptions - description: Options for user acceptance testing. - type: object - properties: - testingScore: + Output only. Assessment returned by account defender when an account + identifier is provided. + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1AccountDefenderAssessment + accountVerification: description: >- - Optional. All assessments for this Key return this score. Must be - between 0 (likely not legitimate) and 1 (likely legitimate) - inclusive. - type: number - format: float - testingChallenge: + Optional. Account verification information for identity + verification. The assessment event must include a token and site key + to use this feature. + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1AccountVerificationInfo + event: + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1Event' + description: Optional. The event being assessed. + tokenProperties: + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1TokenProperties' + readOnly: true + description: Output only. Properties of the provided event token. + privatePasswordLeakVerification: description: >- - Optional. For challenge-based keys only (CHECKBOX, INVISIBLE), all - challenge requests for this site return nocaptcha if NOCAPTCHA, or - an unsolvable challenge if CHALLENGE. - type: string - enumDescriptions: - - >- - Perform the normal risk analysis and return either nocaptcha or a - challenge depending on risk and trust factors. - - >- - Challenge requests for this key always return a nocaptcha, which - does not require a solution. - - >- - Challenge requests for this key always return an unsolvable - challenge. - enum: - - TESTING_CHALLENGE_UNSPECIFIED - - NOCAPTCHA - - UNSOLVABLE_CHALLENGE - GoogleCloudRecaptchaenterpriseV1WafSettings: - id: GoogleCloudRecaptchaenterpriseV1WafSettings - description: >- - Settings specific to keys that can be used for WAF (Web Application - Firewall). - type: object + Optional. The private password leak verification field contains the + parameters that are used to to check for leaks privately without + sharing user credentials. + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1PrivatePasswordLeakVerification + fraudPreventionAssessment: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessment + readOnly: true + description: >- + Output only. Assessment returned by Fraud Prevention when + TransactionData is provided. + description: A reCAPTCHA Enterprise assessment resource. + GoogleCloudRecaptchaenterpriseV1AnnotateAssessmentRequest: properties: - wafService: - description: Required. The WAF service that uses this key. + accountId: type: string - enumDescriptions: - - Undefined WAF - - Cloud Armor - - Fastly - - Cloudflare - - Akamai - enum: - - WAF_SERVICE_UNSPECIFIED - - CA - - FASTLY - - CLOUDFLARE - - AKAMAI - wafFeature: - description: Required. The WAF feature for which this key is enabled. + description: >- + Optional. A stable account identifier to apply to the assessment. + This is an alternative to setting `account_id` in + `CreateAssessment`, for example when a stable account identifier is + not yet known in the initial request. + annotation: + description: >- + Optional. The annotation that is assigned to the Event. This field + can be left empty to provide reasons that apply to an event without + concluding whether the event is legitimate or fraudulent. type: string enumDescriptions: - - Undefined feature. - - Redirects suspicious traffic to reCAPTCHA. + - Default unspecified type. + - Provides information that the event turned out to be legitimate. + - Provides information that the event turned out to be fraudulent. - >- - Use reCAPTCHA session-tokens to protect the whole user session on - the site's domain. - - Use reCAPTCHA action-tokens to protect user actions. - - 'Deprecated: Use `express_settings` instead.' + Provides information that the event was related to a login event + in which the user typed the correct password. Deprecated, prefer + indicating CORRECT_PASSWORD through the reasons field instead. + - >- + Provides information that the event was related to a login event + in which the user typed the incorrect password. Deprecated, prefer + indicating INCORRECT_PASSWORD through the reasons field instead. + enum: + - ANNOTATION_UNSPECIFIED + - LEGITIMATE + - FRAUDULENT + - PASSWORD_CORRECT + - PASSWORD_INCORRECT enumDeprecated: - false - false - false - - false - true + - true + transactionEvent: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1TransactionEvent + description: >- + Optional. If the assessment is part of a payment transaction, + provide details on payment lifecycle events that occur in the + transaction. + reasons: + description: Optional. Reasons for the annotation that are assigned to the event. + type: array + items: + enum: + - REASON_UNSPECIFIED + - CHARGEBACK + - CHARGEBACK_FRAUD + - CHARGEBACK_DISPUTE + - REFUND + - REFUND_FRAUD + - TRANSACTION_ACCEPTED + - TRANSACTION_DECLINED + - PAYMENT_HEURISTICS + - INITIATED_TWO_FACTOR + - PASSED_TWO_FACTOR + - FAILED_TWO_FACTOR + - CORRECT_PASSWORD + - INCORRECT_PASSWORD + - SOCIAL_SPAM + type: string + enumDescriptions: + - Unspecified reason. Do not use. + - >- + Indicates that the transaction had a chargeback issued with no + other details. When possible, specify the type by using + CHARGEBACK_FRAUD or CHARGEBACK_DISPUTE instead. + - >- + Indicates that the transaction had a chargeback issued related + to an alleged unauthorized transaction from the cardholder's + perspective (for example, the card number was stolen). + - >- + Indicates that the transaction had a chargeback issued related + to the cardholder having provided their card details but + allegedly not being satisfied with the purchase (for example, + misrepresentation, attempted cancellation). + - >- + Indicates that the completed payment transaction was refunded by + the seller. + - >- + Indicates that the completed payment transaction was determined + to be fraudulent by the seller, and was cancelled and refunded + as a result. + - >- + Indicates that the payment transaction was accepted, and the + user was charged. + - >- + Indicates that the payment transaction was declined, for example + due to invalid card details. + - >- + Indicates the transaction associated with the assessment is + suspected of being fraudulent based on the payment method, + billing details, shipping address or other transaction + information. + - >- + Indicates that the user was served a 2FA challenge. An old + assessment with `ENUM_VALUES.INITIATED_TWO_FACTOR` reason that + has not been overwritten with `PASSED_TWO_FACTOR` is treated as + an abandoned 2FA flow. This is equivalent to + `FAILED_TWO_FACTOR`. + - Indicates that the user passed a 2FA challenge. + - Indicates that the user failed a 2FA challenge. + - Indicates the user provided the correct password. + - Indicates the user provided an incorrect password. + - >- + Indicates that the user sent unwanted and abusive messages to + other users of the platform, such as spam, scams, phishing, or + social engineering. + hashedAccountId: + description: >- + Optional. A stable hashed account identifier to apply to the + assessment. This is an alternative to setting `hashed_account_id` in + `CreateAssessment`, for example when a stable account identifier is + not yet known in the initial request. + type: string + format: byte + phoneAuthenticationEvent: + description: >- + Optional. If using an external multi-factor authentication provider, + provide phone authentication details for fraud detection purposes. + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1PhoneAuthenticationEvent + description: The request message to annotate an Assessment. + id: GoogleCloudRecaptchaenterpriseV1AnnotateAssessmentRequest + type: object + GoogleCloudRecaptchaenterpriseV1Bot: + id: GoogleCloudRecaptchaenterpriseV1Bot + description: Bot information and metadata. + properties: + name: + description: >- + Optional. Enumerated string value that indicates the identity of the + bot, formatted in kebab-case. + type: string + botType: + description: Optional. Enumerated field representing the type of bot. + type: string + enumDescriptions: + - Default unspecified type. + - >- + Software program that interacts with a site and performs tasks + autonomously. + - Software that extracts specific data from sites for use. + - >- + Software that crawls sites and stores content for the purpose of + efficient retrieval, likely as part of a search engine. enum: - - WAF_FEATURE_UNSPECIFIED - - CHALLENGE_PAGE - - SESSION_TOKEN - - ACTION_TOKEN - - EXPRESS - GoogleCloudRecaptchaenterpriseV1ListKeysResponse: - id: GoogleCloudRecaptchaenterpriseV1ListKeysResponse - description: Response to request to list keys in a project. + - BOT_TYPE_UNSPECIFIED + - AI_AGENT + - CONTENT_SCRAPER + - SEARCH_INDEXER type: object + GoogleCloudRecaptchaenterpriseV1AndroidKeySettings: + id: GoogleCloudRecaptchaenterpriseV1AndroidKeySettings + description: Settings specific to keys that can be used by Android apps. properties: - keys: - description: Key details. - type: array + supportNonGoogleAppStoreDistribution: + type: boolean + description: >- + Optional. Set to true for keys that are used in an Android + application that is available for download in app stores in addition + to the Google Play Store. + allowAllPackageNames: + description: Optional. If set to true, allowed_package_names are not enforced. + type: boolean + allowedPackageNames: items: - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1Key' - nextPageToken: + type: string + type: array description: >- - Token to retrieve the next page of results. It is set to empty if no - keys remain in results. + Optional. Android package names of apps allowed to use the key. + Example: 'com.companyname.appname' Each key supports a maximum of + 250 package names. To use a key on more apps, set + `allow_all_package_names` to true. When this is set, you are + responsible for validating the package name by checking the + `token_properties.android_package_name` field in each assessment + response against your list of allowed package names. + type: object + GoogleCloudRecaptchaenterpriseV1RelatedAccountGroupMembership: + properties: + name: + description: >- + Required. Identifier. The resource name for this membership in the + format + `projects/{project}/relatedaccountgroups/{relatedaccountgroup}/memberships/{membership}`. type: string - GoogleCloudRecaptchaenterpriseV1RetrieveLegacySecretKeyResponse: - id: GoogleCloudRecaptchaenterpriseV1RetrieveLegacySecretKeyResponse - description: >- - Secret key is used only in legacy reCAPTCHA. It must be used in a 3rd - party integration with legacy reCAPTCHA. + hashedAccountId: + deprecated: true + format: byte + description: >- + Deprecated: use `account_id` instead. The unique stable hashed + account identifier of the member. The identifier corresponds to a + `hashed_account_id` provided in a previous `CreateAssessment` or + `AnnotateAssessment` call. + type: string + accountId: + type: string + description: >- + The unique stable account identifier of the member. The identifier + corresponds to an `account_id` provided in a previous + `CreateAssessment` or `AnnotateAssessment` call. + description: A membership in a group of related accounts. + type: object + id: GoogleCloudRecaptchaenterpriseV1RelatedAccountGroupMembership + GoogleCloudRecaptchaenterpriseV1PhoneAuthenticationEvent: + id: GoogleCloudRecaptchaenterpriseV1PhoneAuthenticationEvent + description: Details on a phone authentication event type: object properties: - legacySecretKey: + phoneNumber: description: >- - The secret key (also known as shared secret) authorizes - communication between your application backend and the reCAPTCHA - Enterprise server to create an assessment. The secret key needs to - be kept safe for security purposes. + Required. Phone number in E.164 format for which a multi-factor + authentication challenge was initiated, succeeded, or failed. type: string - GoogleProtobufEmpty: - id: GoogleProtobufEmpty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + eventTime: + format: google-datetime + type: string + description: >- + Optional. The time at which the multi-factor authentication event + (challenge or verification) occurred. + GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessment: + description: Assessment for Fraud Prevention. + id: GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessment type: object + properties: + behavioralTrustVerdict: + description: Output only. Assessment of this transaction for behavioral trust. + readOnly: true + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentBehavioralTrustVerdict + stolenInstrumentVerdict: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentStolenInstrumentVerdict + description: >- + Output only. Assessment of this transaction for risk of a stolen + instrument. + readOnly: true + riskReasons: + description: >- + Output only. Reasons why the transaction is probably fraudulent and + received a high transaction risk score. + readOnly: true + items: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentRiskReason + type: array + cardTestingVerdict: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentCardTestingVerdict + description: >- + Output only. Assessment of this transaction for risk of being part + of a card testing attack. + readOnly: true + transactionRisk: + description: >- + Output only. Probability of this transaction being fraudulent. + Summarizes the combined risk of attack vectors below. Values are + from 0.0 (lowest) to 1.0 (highest). + type: number + readOnly: true + format: float + GoogleCloudRecaptchaenterpriseV1FirewallActionIncludeRecaptchaScriptAction: + id: >- + GoogleCloudRecaptchaenterpriseV1FirewallActionIncludeRecaptchaScriptAction properties: {} - GoogleCloudRecaptchaenterpriseV1MigrateKeyRequest: - id: GoogleCloudRecaptchaenterpriseV1MigrateKeyRequest - description: The migrate key request message. + description: >- + An include reCAPTCHA script action involves injecting reCAPTCHA + JavaScript code into the HTML returned by the site backend. This + reCAPTCHA script is tasked with collecting user signals on the requested + web page, issuing tokens as a cookie within the site domain, and + enabling their utilization in subsequent page requests. type: object + GoogleCloudRecaptchaenterpriseV1AccountDefenderAssessment: properties: - skipBillingCheck: - description: >- - Optional. If true, skips the billing check. A reCAPTCHA Enterprise - key or migrated key behaves differently than a reCAPTCHA - (non-Enterprise version) key when you reach a quota limit (see - https://cloud.google.com/recaptcha/quotas#quota_limit). To avoid any - disruption of your usage, we check that a billing account is - present. If your usage of reCAPTCHA is under the free quota, you can - safely skip the billing check and proceed with the migration. See - https://cloud.google.com/recaptcha/docs/billing-information. - type: boolean - GoogleCloudRecaptchaenterpriseV1AddIpOverrideRequest: - id: GoogleCloudRecaptchaenterpriseV1AddIpOverrideRequest - description: The AddIpOverride request message. + labels: + type: array + readOnly: true + items: + enum: + - ACCOUNT_DEFENDER_LABEL_UNSPECIFIED + - PROFILE_MATCH + - SUSPICIOUS_LOGIN_ACTIVITY + - SUSPICIOUS_ACCOUNT_CREATION + - RELATED_ACCOUNTS_NUMBER_HIGH + enumDescriptions: + - Default unspecified type. + - The request matches a known good profile for the user. + - >- + The request is potentially a suspicious login event and must be + further verified either through multi-factor authentication or + another system. + - >- + The request matched a profile that previously had suspicious + account creation behavior. This can mean that this is a fake + account. + - >- + The account in the request has a high number of related + accounts. It does not necessarily imply that the account is bad + but can require further investigation. + type: string + description: Output only. Labels for this request. + type: object + id: GoogleCloudRecaptchaenterpriseV1AccountDefenderAssessment + description: Account defender risk assessment. + GoogleCloudRecaptchaenterpriseV1FirewallAction: + id: GoogleCloudRecaptchaenterpriseV1FirewallAction + description: >- + An individual action. Each action represents what to do if a policy + matches. type: object properties: - ipOverrideData: - description: Required. IP override added to the key. - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1IpOverrideData' - GoogleCloudRecaptchaenterpriseV1IpOverrideData: - id: GoogleCloudRecaptchaenterpriseV1IpOverrideData - description: Information about the IP or IP range override. + includeRecaptchaScript: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallActionIncludeRecaptchaScriptAction + description: >- + This action injects reCAPTCHA JavaScript code into the HTML page + returned by the site backend. + redirect: + description: >- + This action redirects the request to a reCAPTCHA interstitial to + attach a token. + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallActionRedirectAction + allow: + description: >- + The user request did not match any policy and should be allowed + access to the requested resource. + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallActionAllowAction + substitute: + description: >- + This action transparently serves a different page to an offending + user. + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallActionSubstituteAction + setHeader: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallActionSetHeaderAction + description: >- + This action sets a custom header but allow the request to continue + to the customer backend. + block: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallActionBlockAction + description: >- + This action denies access to a given page. The user gets an HTTP + error code. + GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentCardTestingVerdict: + description: >- + Information about card testing fraud, where an adversary is testing + fraudulently obtained cards or brute forcing their details. + properties: + risk: + readOnly: true + type: number + description: >- + Output only. Probability of this transaction attempt being part of a + card testing attack. Values are from 0.0 (lowest) to 1.0 (highest). + format: float + id: >- + GoogleCloudRecaptchaenterpriseV1FraudPreventionAssessmentCardTestingVerdict type: object + GoogleCloudRecaptchaenterpriseV1WebKeySettings: + id: GoogleCloudRecaptchaenterpriseV1WebKeySettings properties: - ip: + allowAllDomains: + type: boolean + description: Optional. If set to true, it means allowed_domains are not enforced. + challengeSecurityPreference: + enum: + - CHALLENGE_SECURITY_PREFERENCE_UNSPECIFIED + - USABILITY + - BALANCE + - SECURITY description: >- - Required. The IP address to override (can be IPv4, IPv6 or CIDR). - The IP override must be a valid IPv4 or IPv6 address, or a CIDR - range. The IP override must be a public IP address. Example of IPv4: - 168.192.5.6 Example of IPv6: 2001:0000:130F:0000:0000:09C0:876A:130B - Example of IPv4 with CIDR: 168.192.5.0/24 Example of IPv6 with CIDR: - 2001:0DB8:1234::/48 + Optional. Settings for the frequency and difficulty at which this + key triggers captcha challenges. This should only be specified for + `IntegrationType` CHECKBOX, INVISIBLE or POLICY_BASED_CHALLENGE. + enumDescriptions: + - Default type that indicates this enum hasn't been specified. + - Key tends to show fewer and easier challenges. + - Key tends to show balanced (in amount and difficulty) challenges. + - Key tends to show more and harder challenges. type: string - overrideType: - description: Required. Describes the type of IP override. + integrationType: type: string enumDescriptions: - >- - Default override type that indicates this enum hasn't been - specified. + Default type that indicates this enum hasn't been specified. This + is not a valid IntegrationType, one of the other types must be + specified instead. - >- - Allowlist the IP address; i.e. give a `risk_analysis.score` of 0.9 - for all valid assessments. - enum: - - OVERRIDE_TYPE_UNSPECIFIED - - ALLOW - GoogleCloudRecaptchaenterpriseV1AddIpOverrideResponse: - id: GoogleCloudRecaptchaenterpriseV1AddIpOverrideResponse - description: Response for AddIpOverride. - type: object - properties: {} - GoogleCloudRecaptchaenterpriseV1RemoveIpOverrideRequest: - id: GoogleCloudRecaptchaenterpriseV1RemoveIpOverrideRequest - description: The RemoveIpOverride request message. - type: object - properties: - ipOverrideData: - description: Required. IP override to be removed from the key. - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1IpOverrideData' - GoogleCloudRecaptchaenterpriseV1RemoveIpOverrideResponse: - id: GoogleCloudRecaptchaenterpriseV1RemoveIpOverrideResponse - description: Response for RemoveIpOverride. + Only used to produce scores. It doesn't display the "I'm not a + robot" checkbox and never shows captcha challenges. + - >- + Displays the "I'm not a robot" checkbox and may show captcha + challenges after it is checked. + - >- + Doesn't display the "I'm not a robot" checkbox, but may show + captcha challenges after risk analysis. + - >- + Displays a visual challenge or not depending on the user risk + analysis score. + description: Required. Describes how this key is integrated with the website. + enum: + - INTEGRATION_TYPE_UNSPECIFIED + - SCORE + - CHECKBOX + - INVISIBLE + - POLICY_BASED_CHALLENGE + challengeSettings: + description: Optional. Challenge settings. + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1WebKeySettingsChallengeSettings + allowAmpTraffic: + type: boolean + description: >- + Optional. If set to true, the key can be used on AMP (Accelerated + Mobile Pages) websites. This is supported only for the SCORE + integration type. + allowedDomains: + description: >- + Optional. Domains or subdomains of websites allowed to use the key. + All subdomains of an allowed domain are automatically allowed. A + valid domain requires a host and must not include any path, port, + query or fragment. Examples: 'example.com' or + 'subdomain.example.com' Each key supports a maximum of 250 domains. + To use a key on more domains, set `allow_all_domains` to true. When + this is set, you are responsible for validating the hostname by + checking the `token_properties.hostname` field in each assessment + response against your list of allowed domains. + type: array + items: + type: string type: object - properties: {} - GoogleCloudRecaptchaenterpriseV1ListIpOverridesResponse: - id: GoogleCloudRecaptchaenterpriseV1ListIpOverridesResponse - description: Response for ListIpOverrides. + description: Settings specific to keys that can be used by websites. + GoogleCloudRecaptchaenterpriseV1TransactionDataAddress: type: object + id: GoogleCloudRecaptchaenterpriseV1TransactionDataAddress properties: - ipOverrides: - description: IP Overrides details. + postalCode: + type: string + description: Optional. The postal or ZIP code of the address. + regionCode: + description: Optional. The CLDR country/region of the address. + type: string + administrativeArea: + type: string + description: >- + Optional. The state, province, or otherwise administrative area of + the address. + address: type: array items: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1IpOverrideData - nextPageToken: + type: string description: >- - Token to retrieve the next page of results. If this field is empty, - no keys remain in the results. + Optional. The first lines of the address. The first line generally + contains the street name and number, and further lines may include + information such as an apartment number. + locality: + description: Optional. The town/city of the address. type: string - GoogleCloudRecaptchaenterpriseV1Metrics: - id: GoogleCloudRecaptchaenterpriseV1Metrics - description: Metrics for a single Key. + recipient: + description: >- + Optional. The recipient name, potentially including information such + as "care of". + type: string + description: Structured address format for billing and shipping addresses. + GoogleCloudRecaptchaenterpriseV1TransactionDataGatewayInfo: type: object + description: Details about the transaction from the gateway. + id: GoogleCloudRecaptchaenterpriseV1TransactionDataGatewayInfo properties: + avsResponseCode: + type: string + description: >- + Optional. AVS response code from the gateway (available only when + reCAPTCHA Enterprise is called after authorization). name: description: >- - Output only. Identifier. The name of the metrics, in the format - `projects/{project}/keys/{key}/metrics`. - readOnly: true + Optional. Name of the gateway service (for example, stripe, square, + paypal). type: string - startTime: + cvvResponseCode: description: >- - Inclusive start time aligned to a day in the America/Los_Angeles - (Pacific) timezone. + Optional. CVV response code from the gateway (available only when + reCAPTCHA Enterprise is called after authorization). + type: string + gatewayResponseCode: type: string - format: google-datetime - scoreMetrics: description: >- - Metrics are continuous and in order by dates, and in the granularity - of day. All Key types should have score-based data. + Optional. Gateway response code describing the state of the + transaction. + GoogleRpcStatus: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + properties: + details: type: array items: - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1ScoreMetrics' - challengeMetrics: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - Metrics are continuous and in order by dates, and in the granularity - of day. Only challenge-based keys (CHECKBOX, INVISIBLE) have - challenge-based data. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1ChallengeMetrics - GoogleCloudRecaptchaenterpriseV1ScoreMetrics: - id: GoogleCloudRecaptchaenterpriseV1ScoreMetrics - description: Metrics related to scoring. - type: object - properties: - overallMetrics: - description: Aggregated score metrics for all traffic. - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1ScoreDistribution - actionMetrics: + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + message: description: >- - Action-based metrics. The map key is the action name which specified - by the site owners at time of the "execute" client-side call. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1ScoreDistribution - GoogleCloudRecaptchaenterpriseV1ScoreDistribution: - id: GoogleCloudRecaptchaenterpriseV1ScoreDistribution - description: Score distribution. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer type: object - properties: - scoreBuckets: - description: >- - Map key is score value multiplied by 100. The scores are discrete - values between [0, 1]. The maximum number of buckets is on order of - a few dozen, but typically much lower (ie. 10). - type: object - additionalProperties: - type: string - format: int64 - GoogleCloudRecaptchaenterpriseV1ChallengeMetrics: - id: GoogleCloudRecaptchaenterpriseV1ChallengeMetrics - description: Metrics related to challenges. + id: GoogleRpcStatus + GoogleCloudRecaptchaenterpriseV1ListIpOverridesResponse: + id: GoogleCloudRecaptchaenterpriseV1ListIpOverridesResponse type: object properties: - pageloadCount: + nextPageToken: description: >- - Count of reCAPTCHA checkboxes or badges rendered. This is mostly - equivalent to a count of pageloads for pages that include reCAPTCHA. + Token to retrieve the next page of results. If this field is empty, + no keys remain in the results. type: string - format: int64 - nocaptchaCount: + ipOverrides: + description: IP Overrides details. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1IpOverrideData + description: Response for ListIpOverrides. + GoogleCloudRecaptchaenterpriseV1FirewallActionSetHeaderAction: + properties: + value: description: >- - Count of nocaptchas (successful verification without a challenge) - issued. + Optional. The header value to set in the request to the backend + server. type: string - format: int64 - failedCount: - description: >- - Count of submitted challenge solutions that were incorrect or - otherwise deemed suspicious such that a subsequent challenge was - triggered. + key: type: string - format: int64 - passedCount: description: >- - Count of nocaptchas (successful verification without a challenge) - plus submitted challenge solutions that were correct and resulted in - verification. - type: string - format: int64 - GoogleCloudRecaptchaenterpriseV1ListFirewallPoliciesResponse: - id: GoogleCloudRecaptchaenterpriseV1ListFirewallPoliciesResponse - description: Response to request to list firewall policies belonging to a project. + Optional. The header key to set in the request to the backend + server. + id: GoogleCloudRecaptchaenterpriseV1FirewallActionSetHeaderAction + description: >- + A set header action sets a header and forwards the request to the + backend. This can be used to trigger custom protection implemented on + the backend. + type: object + GoogleCloudRecaptchaenterpriseV1ReorderFirewallPoliciesResponse: + description: The reorder firewall policies response message. + id: GoogleCloudRecaptchaenterpriseV1ReorderFirewallPoliciesResponse + properties: {} type: object + GoogleCloudRecaptchaenterpriseV1FraudSignalsCardSignals: properties: - firewallPolicies: - description: Policy details. - type: array + cardLabels: + readOnly: true items: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallPolicy - nextPageToken: + enumDescriptions: + - No label specified. + - This card has been detected as prepaid. + - >- + This card has been detected as virtual, such as a card number + generated for a single transaction or merchant. + - >- + This card has been detected as being used in an unexpected + geographic location. + enum: + - CARD_LABEL_UNSPECIFIED + - PREPAID + - VIRTUAL + - UNEXPECTED_LOCATION + type: string + description: Output only. The labels for the payment card in this transaction. + type: array + type: object + id: GoogleCloudRecaptchaenterpriseV1FraudSignalsCardSignals + description: Signals describing the payment card used in this transaction. + GoogleCloudRecaptchaenterpriseV1FirewallActionSubstituteAction: + description: >- + A substitute action transparently serves a different page than the one + requested. + type: object + id: GoogleCloudRecaptchaenterpriseV1FirewallActionSubstituteAction + properties: + path: + description: >- + Optional. The address to redirect to. The target is a relative path + in the current host. Example: "/blog/404.html". + type: string + GoogleCloudRecaptchaenterpriseV1AssessmentEnvironment: + properties: + client: description: >- - Token to retrieve the next page of results. It is set to empty if no - policies remain in results. + Optional. Identifies the client module initiating the + CreateAssessment request. This can be the link to the client + module's project. Examples include: - + "github.com/GoogleCloudPlatform/recaptcha-enterprise-google-tag-manager" + - "wordpress.org/plugins/recaptcha-something" type: string - GoogleCloudRecaptchaenterpriseV1ReorderFirewallPoliciesRequest: - id: GoogleCloudRecaptchaenterpriseV1ReorderFirewallPoliciesRequest - description: The reorder firewall policies request message. + version: + description: Optional. The version of the client module. For example, "1.0.0". + type: string + type: object + description: >- + The environment creating the assessment. This describes your environment + (the system invoking CreateAssessment), NOT the environment of your + user. + id: GoogleCloudRecaptchaenterpriseV1AssessmentEnvironment + GoogleCloudRecaptchaenterpriseV1WebKeySettingsActionSettings: type: object + id: GoogleCloudRecaptchaenterpriseV1WebKeySettingsActionSettings properties: - names: + scoreThreshold: description: >- - Required. A list containing all policy names, in the new order. Each - name is in the format - `projects/{project}/firewallpolicies/{firewallpolicy}`. - type: array - items: - type: string - GoogleCloudRecaptchaenterpriseV1ReorderFirewallPoliciesResponse: - id: GoogleCloudRecaptchaenterpriseV1ReorderFirewallPoliciesResponse - description: The reorder firewall policies response message. - type: object - properties: {} - GoogleCloudRecaptchaenterpriseV1ListRelatedAccountGroupsResponse: - id: GoogleCloudRecaptchaenterpriseV1ListRelatedAccountGroupsResponse - description: The response to a `ListRelatedAccountGroups` call. + Required. A challenge is triggered if the end-user score is below + that threshold. Value must be between 0 and 1 (inclusive). + format: float + type: number + description: Per-action challenge settings. + GoogleCloudRecaptchaenterpriseV1SmsTollFraudVerdict: type: object properties: - relatedAccountGroups: - description: The groups of related accounts listed by the query. + reasons: + readOnly: true type: array + description: Output only. Reasons contributing to the SMS toll fraud verdict. items: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1RelatedAccountGroup - nextPageToken: + type: string + enum: + - SMS_TOLL_FRAUD_REASON_UNSPECIFIED + - INVALID_PHONE_NUMBER + enumDescriptions: + - Default unspecified reason + - The provided phone number was invalid + risk: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - GoogleCloudRecaptchaenterpriseV1RelatedAccountGroup: - id: GoogleCloudRecaptchaenterpriseV1RelatedAccountGroup - description: A group of related accounts. - type: object + Output only. Probability of an SMS event being fraudulent. Values + are from 0.0 (lowest) to 1.0 (highest). + type: number + readOnly: true + format: float + description: Information about SMS toll fraud. + id: GoogleCloudRecaptchaenterpriseV1SmsTollFraudVerdict + GoogleCloudRecaptchaenterpriseV1RemoveIpOverrideRequest: + description: The RemoveIpOverride request message. + id: GoogleCloudRecaptchaenterpriseV1RemoveIpOverrideRequest properties: - name: - description: >- - Required. Identifier. The resource name for the related account - group in the format - `projects/{project}/relatedaccountgroups/{related_account_group}`. - type: string - GoogleCloudRecaptchaenterpriseV1ListRelatedAccountGroupMembershipsResponse: - id: >- - GoogleCloudRecaptchaenterpriseV1ListRelatedAccountGroupMembershipsResponse - description: The response to a `ListRelatedAccountGroupMemberships` call. + ipOverrideData: + description: Required. IP override to be removed from the key. + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1IpOverrideData' + type: object + GoogleCloudRecaptchaenterpriseV1SearchRelatedAccountGroupMembershipsResponse: type: object properties: relatedAccountGroupMemberships: - description: The memberships listed by the query. - type: array items: $ref: >- #/components/schemas/GoogleCloudRecaptchaenterpriseV1RelatedAccountGroupMembership + description: The queried memberships. + type: array nextPageToken: description: >- A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. type: string - GoogleCloudRecaptchaenterpriseV1RelatedAccountGroupMembership: - id: GoogleCloudRecaptchaenterpriseV1RelatedAccountGroupMembership - description: A membership in a group of related accounts. + description: The response to a `SearchRelatedAccountGroupMemberships` call. + id: >- + GoogleCloudRecaptchaenterpriseV1SearchRelatedAccountGroupMembershipsResponse + GoogleCloudRecaptchaenterpriseV1UserInfo: type: object + id: GoogleCloudRecaptchaenterpriseV1UserInfo + description: >- + User information associated with a request protected by reCAPTCHA + Enterprise. properties: - name: + createAccountTime: description: >- - Required. Identifier. The resource name for this membership in the - format - `projects/{project}/relatedaccountgroups/{relatedaccountgroup}/memberships/{membership}`. + Optional. Creation time for this account associated with this user. + Leave blank for non logged-in actions, guest checkout, or when there + is no account associated with the current user. type: string + format: google-datetime + userIds: + description: Optional. Identifiers associated with this user or request. + items: + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1UserId' + type: array accountId: description: >- - The unique stable account identifier of the member. The identifier - corresponds to an `account_id` provided in a previous - `CreateAssessment` or `AnnotateAssessment` call. + Optional. For logged-in requests or login/registration requests, the + unique account identifier associated with this user. You can use the + username if it is stable (meaning it is the same for every request + associated with the same user), or any stable user ID of your + choice. Leave blank for non logged-in actions or guest checkout. type: string - hashedAccountId: + GoogleCloudRecaptchaenterpriseV1AnnotateAssessmentResponse: + properties: {} + id: GoogleCloudRecaptchaenterpriseV1AnnotateAssessmentResponse + type: object + description: Empty response for AnnotateAssessment. + GoogleCloudRecaptchaenterpriseV1ScoreDistribution: + id: GoogleCloudRecaptchaenterpriseV1ScoreDistribution + properties: + scoreBuckets: + additionalProperties: + format: int64 + type: string description: >- - Deprecated: use `account_id` instead. The unique stable hashed - account identifier of the member. The identifier corresponds to a - `hashed_account_id` provided in a previous `CreateAssessment` or - `AnnotateAssessment` call. - deprecated: true - type: string - format: byte - GoogleCloudRecaptchaenterpriseV1SearchRelatedAccountGroupMembershipsRequest: - id: >- - GoogleCloudRecaptchaenterpriseV1SearchRelatedAccountGroupMembershipsRequest - description: The request message to search related account group memberships. + Map key is score value multiplied by 100. The scores are discrete + values between [0, 1]. The maximum number of buckets is on order of + a few dozen, but typically much lower (ie. 10). + type: object + description: Score distribution. type: object + GoogleCloudRecaptchaenterpriseV1AccountVerificationInfo: properties: - accountId: + endpoints: + items: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1EndpointVerificationInfo + description: Optional. Endpoints that can be used for identity verification. + type: array + languageCode: description: >- - Optional. The unique stable account identifier used to search - connections. The identifier should correspond to an `account_id` - provided in a previous `CreateAssessment` or `AnnotateAssessment` - call. Either hashed_account_id or account_id must be set, but not - both. + Optional. Language code preference for the verification message, set + as a IETF BCP 47 language code. type: string - hashedAccountId: - description: >- - Optional. Deprecated: use `account_id` instead. The unique stable - hashed account identifier used to search connections. The identifier - should correspond to a `hashed_account_id` provided in a previous - `CreateAssessment` or `AnnotateAssessment` call. Either - hashed_account_id or account_id must be set, but not both. - deprecated: true + latestVerificationResult: type: string - format: byte - pageSize: - description: >- - Optional. The maximum number of groups to return. The service might - return fewer than this value. If unspecified, at most 50 groups are - returned. The maximum value is 1000; values above 1000 are coerced - to 1000. - type: integer - format: int32 - pageToken: - description: >- - Optional. A page token, received from a previous - `SearchRelatedAccountGroupMemberships` call. Provide this to - retrieve the subsequent page. When paginating, all other parameters - provided to `SearchRelatedAccountGroupMemberships` must match the - call that provided the page token. + enumDescriptions: + - No information about the latest account verification. + - >- + The user was successfully verified. This means the account + verification challenge was successfully completed. + - The user failed the verification challenge. + - >- + The site is not properly onboarded to use the account verification + feature. + - >- + The recipient is not allowed for account verification. This can + occur during integration but should not occur in production. + - >- + The recipient has already been sent too many verification codes in + a short amount of time. + - >- + The verification flow could not be completed due to a critical + internal error. + - >- + The client has exceeded their two factor request quota for this + period of time. + - >- + The request cannot be processed at the time because of an + incident. This bypass can be restricted to a problematic + destination email domain, a customer, or could affect the entire + service. + - >- + The request parameters do not match with the token provided and + cannot be processed. + enum: + - RESULT_UNSPECIFIED + - SUCCESS_USER_VERIFIED + - ERROR_USER_NOT_VERIFIED + - ERROR_SITE_ONBOARDING_INCOMPLETE + - ERROR_RECIPIENT_NOT_ALLOWED + - ERROR_RECIPIENT_ABUSE_LIMIT_EXHAUSTED + - ERROR_CRITICAL_INTERNAL + - ERROR_CUSTOMER_QUOTA_EXHAUSTED + - ERROR_VERIFICATION_BYPASSED + - ERROR_VERDICT_MISMATCH + readOnly: true + description: Output only. Result of the latest account verification challenge. + username: type: string - GoogleCloudRecaptchaenterpriseV1SearchRelatedAccountGroupMembershipsResponse: - id: >- - GoogleCloudRecaptchaenterpriseV1SearchRelatedAccountGroupMembershipsResponse - description: The response to a `SearchRelatedAccountGroupMemberships` call. + description: >- + Username of the account that is being verified. Deprecated. + Customers should now provide the `account_id` field in + `event.user_info`. + deprecated: true + id: GoogleCloudRecaptchaenterpriseV1AccountVerificationInfo type: object + description: Information about account verification, used for identity verification. + GoogleCloudRecaptchaenterpriseV1ScoreMetrics: + description: Metrics related to scoring. + id: GoogleCloudRecaptchaenterpriseV1ScoreMetrics properties: - relatedAccountGroupMemberships: - description: The queried memberships. - type: array - items: + actionMetrics: + additionalProperties: $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1RelatedAccountGroupMembership - nextPageToken: + #/components/schemas/GoogleCloudRecaptchaenterpriseV1ScoreDistribution + type: object description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string + Action-based metrics. The map key is the action name which specified + by the site owners at time of the "execute" client-side call. + overallMetrics: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1ScoreDistribution + description: Aggregated score metrics for all traffic. + type: object parameters: - access_token: - description: OAuth access token. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: access_token + name: uploadType schema: type: string alt: @@ -2198,10 +2246,25 @@ components: - json - media - proto - callback: - description: JSONP + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: callback + name: quotaUser + schema: + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token schema: type: string fields: @@ -2210,6 +2273,12 @@ components: name: fields schema: type: string + callback: + description: JSONP + in: query + name: callback + schema: + type: string key: description: >- API key. Your API key identifies your project and provides you with API @@ -2219,39 +2288,12 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string _.xgafv: description: V1 error format. in: query @@ -2261,6 +2303,12 @@ components: enum: - '1' - '2' + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string x-stackQL-resources: assessments: id: google.recaptchaenterprise.assessments @@ -2287,129 +2335,116 @@ components: update: [] replace: [] delete: [] - keys: - id: google.recaptchaenterprise.keys - name: keys - title: Keys + firewallpolicies: + id: google.recaptchaenterprise.firewallpolicies + name: firewallpolicies + title: Firewallpolicies methods: - create: + get: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1keys/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1firewallpolicies~1{firewallpoliciesId}/get response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1keys/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1firewallpolicies~1{firewallpoliciesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.keys - get: + patch: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1keys~1{keysId}/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1firewallpolicies~1{firewallpoliciesId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1keys~1{keysId}/patch' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1firewallpolicies/post' response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1keys~1{keysId}/delete' + $ref: '#/paths/~1v1~1projects~1{projectsId}~1firewallpolicies/get' response: mediaType: application/json openAPIDocKey: '200' - migrate: + objectKey: $.firewallPolicies + reorder: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1keys~1{keysId}:migrate/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1firewallpolicies:reorder/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/keys/methods/get' - - $ref: '#/components/x-stackQL-resources/keys/methods/list' + - $ref: '#/components/x-stackQL-resources/firewallpolicies/methods/get' + - $ref: '#/components/x-stackQL-resources/firewallpolicies/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/keys/methods/create' + - $ref: '#/components/x-stackQL-resources/firewallpolicies/methods/create' update: - - $ref: '#/components/x-stackQL-resources/keys/methods/patch' + - $ref: '#/components/x-stackQL-resources/firewallpolicies/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/keys/methods/delete' - keys_legacy_secret_key: - id: google.recaptchaenterprise.keys_legacy_secret_key - name: keys_legacy_secret_key - title: Keys_legacy_secret_key + - $ref: '#/components/x-stackQL-resources/firewallpolicies/methods/delete' + keys: + id: google.recaptchaenterprise.keys + name: keys + title: Keys methods: - retrieve_legacy_secret_key: + delete: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1keys~1{keysId}:retrieveLegacySecretKey/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1keys~1{keysId}/delete' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/keys_legacy_secret_key/methods/retrieve_legacy_secret_key - insert: [] - update: [] - replace: [] - delete: [] - keys_ip_override: - id: google.recaptchaenterprise.keys_ip_override - name: keys_ip_override - title: Keys_ip_override - methods: - add_ip_override: + get: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1keys~1{keysId}:addIpOverride/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1keys~1{keysId}/get' response: mediaType: application/json openAPIDocKey: '200' - remove_ip_override: + patch: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1keys~1{keysId}:removeIpOverride/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1keys~1{keysId}/patch' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: - - $ref: >- - #/components/x-stackQL-resources/keys_ip_override/methods/add_ip_override - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/keys_ip_override/methods/remove_ip_override - keys_ip_overrides: - id: google.recaptchaenterprise.keys_ip_overrides - name: keys_ip_overrides - title: Keys_ip_overrides - methods: - list_ip_overrides: + migrate: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1keys~1{keysId}:listIpOverrides/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1keys~1{keysId}:migrate/post' + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1keys/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.keys + create: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1keys/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.ipOverrides sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/keys_ip_overrides/methods/list_ip_overrides - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/keys/methods/get' + - $ref: '#/components/x-stackQL-resources/keys/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/keys/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/keys/methods/patch' replace: [] - delete: [] + delete: + - $ref: '#/components/x-stackQL-resources/keys/methods/delete' keys_metrics: id: google.recaptchaenterprise.keys_metrics name: keys_metrics @@ -2428,78 +2463,90 @@ components: update: [] replace: [] delete: [] - firewallpolicies: - id: google.recaptchaenterprise.firewallpolicies - name: firewallpolicies - title: Firewallpolicies + keys_ip_override: + id: google.recaptchaenterprise.keys_ip_override + name: keys_ip_override + title: Keys_ip_override methods: - create: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1firewallpolicies/post' - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1firewallpolicies/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.firewallPolicies - get: + remove_ip_override: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1firewallpolicies~1{firewallpoliciesId}/get + #/paths/~1v1~1projects~1{projectsId}~1keys~1{keysId}:removeIpOverride/post response: mediaType: application/json openAPIDocKey: '200' - patch: + add_ip_override: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1firewallpolicies~1{firewallpoliciesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1keys~1{keysId}:addIpOverride/post response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: + - $ref: >- + #/components/x-stackQL-resources/keys_ip_override/methods/add_ip_override + update: [] + replace: [] delete: + - $ref: >- + #/components/x-stackQL-resources/keys_ip_override/methods/remove_ip_override + keys_legacy_secret_key: + id: google.recaptchaenterprise.keys_legacy_secret_key + name: keys_legacy_secret_key + title: Keys_legacy_secret_key + methods: + retrieve_legacy_secret_key: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1firewallpolicies~1{firewallpoliciesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1keys~1{keysId}:retrieveLegacySecretKey/get response: mediaType: application/json openAPIDocKey: '200' - reorder: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/keys_legacy_secret_key/methods/retrieve_legacy_secret_key + insert: [] + update: [] + replace: [] + delete: [] + keys_ip_overrides: + id: google.recaptchaenterprise.keys_ip_overrides + name: keys_ip_overrides + title: Keys_ip_overrides + methods: + list_ip_overrides: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1firewallpolicies:reorder/post + #/paths/~1v1~1projects~1{projectsId}~1keys~1{keysId}:listIpOverrides/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.ipOverrides sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/firewallpolicies/methods/get' - - $ref: '#/components/x-stackQL-resources/firewallpolicies/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/firewallpolicies/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/firewallpolicies/methods/patch' + - $ref: >- + #/components/x-stackQL-resources/keys_ip_overrides/methods/list_ip_overrides + insert: [] + update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/firewallpolicies/methods/delete' - relatedaccountgroups: - id: google.recaptchaenterprise.relatedaccountgroups - name: relatedaccountgroups - title: Relatedaccountgroups + delete: [] + relatedaccountgroupmemberships: + id: google.recaptchaenterprise.relatedaccountgroupmemberships + name: relatedaccountgroupmemberships + title: Relatedaccountgroupmemberships methods: - list: + search: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1relatedaccountgroups/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1relatedaccountgroupmemberships:search/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.relatedAccountGroups sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/relatedaccountgroups/methods/list' + select: [] insert: [] update: [] replace: [] @@ -2524,20 +2571,21 @@ components: update: [] replace: [] delete: [] - relatedaccountgroupmemberships: - id: google.recaptchaenterprise.relatedaccountgroupmemberships - name: relatedaccountgroupmemberships - title: Relatedaccountgroupmemberships + relatedaccountgroups: + id: google.recaptchaenterprise.relatedaccountgroups + name: relatedaccountgroups + title: Relatedaccountgroups methods: - search: + list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1relatedaccountgroupmemberships:search/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1relatedaccountgroups/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.relatedAccountGroups sqlVerbs: - select: [] + select: + - $ref: '#/components/x-stackQL-resources/relatedaccountgroups/methods/list' insert: [] update: [] replace: [] @@ -2545,17 +2593,17 @@ components: paths: /v1/projects/{projectsId}/assessments: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/access_token' post: description: Creates an Assessment of the likelihood an event is legitimate. operationId: recaptchaenterprise.projects.assessments.create @@ -2621,16 +2669,113 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/keys: + /v1/projects/{projectsId}/firewallpolicies/{firewallpoliciesId}: + parameters: *ref_1 + get: + description: Returns the specified firewall policy. + operationId: recaptchaenterprise.projects.firewallpolicies.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallPolicy + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: firewallpoliciesId + required: true + schema: + type: string + delete: + description: Deletes the specified firewall policy. + operationId: recaptchaenterprise.projects.firewallpolicies.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: firewallpoliciesId + required: true + schema: + type: string + patch: + description: Updates the specified firewall policy. + operationId: recaptchaenterprise.projects.firewallpolicies.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallPolicy + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallPolicy + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: firewallpoliciesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/firewallpolicies: parameters: *ref_1 post: - description: Creates a new reCAPTCHA Enterprise key. - operationId: recaptchaenterprise.projects.keys.create + description: >- + Creates a new FirewallPolicy, specifying conditions at which reCAPTCHA + Enterprise actions can be executed. A project may have a maximum of 1000 + policies. + operationId: recaptchaenterprise.projects.firewallpolicies.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1Key' + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2642,7 +2787,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1Key' + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallPolicy parameters: - in: path name: projectsId @@ -2650,8 +2796,8 @@ paths: schema: type: string get: - description: Returns the list of all keys that belong to a project. - operationId: recaptchaenterprise.projects.keys.list + description: Returns the list of all firewall policies that belong to a project. + operationId: recaptchaenterprise.projects.firewallpolicies.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2664,7 +2810,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1ListKeysResponse + #/components/schemas/GoogleCloudRecaptchaenterpriseV1ListFirewallPoliciesResponse parameters: - in: path name: projectsId @@ -2680,14 +2826,17 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/keys/{keysId}:retrieveLegacySecretKey: + /v1/projects/{projectsId}/firewallpolicies:reorder: parameters: *ref_1 - get: - description: >- - Returns the secret key related to the specified public key. You must use - the legacy secret key only in a 3rd party integration with legacy - reCAPTCHA. - operationId: recaptchaenterprise.projects.keys.retrieveLegacySecretKey + post: + description: Reorders all firewall policies. + operationId: recaptchaenterprise.projects.firewallpolicies.reorder + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1ReorderFirewallPoliciesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2700,23 +2849,18 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1RetrieveLegacySecretKeyResponse + #/components/schemas/GoogleCloudRecaptchaenterpriseV1ReorderFirewallPoliciesResponse parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: keysId - required: true - schema: - type: string /v1/projects/{projectsId}/keys/{keysId}: parameters: *ref_1 - get: - description: Returns the specified key. - operationId: recaptchaenterprise.projects.keys.get + delete: + description: Deletes the specified key. + operationId: recaptchaenterprise.projects.keys.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2728,7 +2872,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1Key' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -2740,14 +2884,9 @@ paths: required: true schema: type: string - patch: - description: Updates the specified key. - operationId: recaptchaenterprise.projects.keys.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1Key' + get: + description: Returns the specified key. + operationId: recaptchaenterprise.projects.keys.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2771,14 +2910,14 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes the specified key. - operationId: recaptchaenterprise.projects.keys.delete + patch: + description: Updates the specified key. + operationId: recaptchaenterprise.projects.keys.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1Key' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2790,7 +2929,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1Key' parameters: - in: path name: projectsId @@ -2802,6 +2941,11 @@ paths: required: true schema: type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask /v1/projects/{projectsId}/keys/{keysId}:migrate: parameters: *ref_1 post: @@ -2841,21 +2985,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/keys/{keysId}:addIpOverride: + /v1/projects/{projectsId}/keys/{keysId}/metrics: parameters: *ref_1 - post: + get: description: >- - Adds an IP override to a key. The following restrictions hold: * The - maximum number of IP overrides per key is 1000. * For any conflict (such - as IP already exists or IP part of an existing IP range), an error is - returned. - operationId: recaptchaenterprise.projects.keys.addIpOverride - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1AddIpOverrideRequest + Get some aggregated metrics for a Key. This data can be used to build + dashboards. + operationId: recaptchaenterprise.projects.keys.getMetrics security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2867,8 +3003,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1AddIpOverrideResponse + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1Metrics' parameters: - in: path name: projectsId @@ -2919,51 +3054,14 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/keys/{keysId}:listIpOverrides: - parameters: *ref_1 - get: - description: Lists all IP overrides for a key. - operationId: recaptchaenterprise.projects.keys.listIpOverrides - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1ListIpOverridesResponse - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: keysId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/keys/{keysId}/metrics: + /v1/projects/{projectsId}/keys/{keysId}:retrieveLegacySecretKey: parameters: *ref_1 get: description: >- - Get some aggregated metrics for a Key. This data can be used to build - dashboards. - operationId: recaptchaenterprise.projects.keys.getMetrics + Returns the secret key related to the specified public key. You must use + the legacy secret key only in a 3rd party integration with legacy + reCAPTCHA. + operationId: recaptchaenterprise.projects.keys.retrieveLegacySecretKey security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2975,7 +3073,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1Metrics' + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1RetrieveLegacySecretKeyResponse parameters: - in: path name: projectsId @@ -2987,42 +3086,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/firewallpolicies: + /v1/projects/{projectsId}/keys: parameters: *ref_1 - post: - description: >- - Creates a new FirewallPolicy, specifying conditions at which reCAPTCHA - Enterprise actions can be executed. A project may have a maximum of 1000 - policies. - operationId: recaptchaenterprise.projects.firewallpolicies.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallPolicy - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallPolicy - parameters: - - in: path - name: projectsId - required: true - schema: - type: string get: - description: Returns the list of all firewall policies that belong to a project. - operationId: recaptchaenterprise.projects.firewallpolicies.list + description: Returns the list of all keys that belong to a project. + operationId: recaptchaenterprise.projects.keys.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3035,7 +3103,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1ListFirewallPoliciesResponse + #/components/schemas/GoogleCloudRecaptchaenterpriseV1ListKeysResponse parameters: - in: path name: projectsId @@ -3051,11 +3119,14 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/firewallpolicies/{firewallpoliciesId}: - parameters: *ref_1 - get: - description: Returns the specified firewall policy. - operationId: recaptchaenterprise.projects.firewallpolicies.get + post: + description: Creates a new reCAPTCHA Enterprise key. + operationId: recaptchaenterprise.projects.keys.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1Key' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3067,28 +3138,28 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallPolicy + $ref: '#/components/schemas/GoogleCloudRecaptchaenterpriseV1Key' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: firewallpoliciesId - required: true - schema: - type: string - patch: - description: Updates the specified firewall policy. - operationId: recaptchaenterprise.projects.firewallpolicies.patch + /v1/projects/{projectsId}/keys/{keysId}:addIpOverride: + parameters: *ref_1 + post: + description: >- + Adds an IP override to a key. The following restrictions hold: * The + maximum number of IP overrides per key is 1000. * For any conflict (such + as IP already exists or IP part of an existing IP range), an error is + returned. + operationId: recaptchaenterprise.projects.keys.addIpOverride requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallPolicy + #/components/schemas/GoogleCloudRecaptchaenterpriseV1AddIpOverrideRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3101,7 +3172,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1FirewallPolicy + #/components/schemas/GoogleCloudRecaptchaenterpriseV1AddIpOverrideResponse parameters: - in: path name: projectsId @@ -3109,18 +3180,15 @@ paths: schema: type: string - in: path - name: firewallpoliciesId + name: keysId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes the specified firewall policy. - operationId: recaptchaenterprise.projects.firewallpolicies.delete + /v1/projects/{projectsId}/keys/{keysId}:listIpOverrides: + parameters: *ref_1 + get: + description: Lists all IP overrides for a key. + operationId: recaptchaenterprise.projects.keys.listIpOverrides security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3132,7 +3200,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudRecaptchaenterpriseV1ListIpOverridesResponse parameters: - in: path name: projectsId @@ -3140,45 +3209,30 @@ paths: schema: type: string - in: path - name: firewallpoliciesId + name: keysId required: true schema: type: string - /v1/projects/{projectsId}/firewallpolicies:reorder: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/relatedaccountgroupmemberships:search: parameters: *ref_1 post: - description: Reorders all firewall policies. - operationId: recaptchaenterprise.projects.firewallpolicies.reorder + description: Search group memberships related to a given account. + operationId: recaptchaenterprise.projects.relatedaccountgroupmemberships.search requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1ReorderFirewallPoliciesRequest - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1ReorderFirewallPoliciesResponse - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - /v1/projects/{projectsId}/relatedaccountgroups: - parameters: *ref_1 - get: - description: List groups of related accounts. - operationId: recaptchaenterprise.projects.relatedaccountgroups.list + #/components/schemas/GoogleCloudRecaptchaenterpriseV1SearchRelatedAccountGroupMembershipsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3191,22 +3245,13 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1ListRelatedAccountGroupsResponse + #/components/schemas/GoogleCloudRecaptchaenterpriseV1SearchRelatedAccountGroupMembershipsResponse parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string /v1/projects/{projectsId}/relatedaccountgroups/{relatedaccountgroupsId}/memberships: parameters: *ref_1 get: @@ -3245,17 +3290,11 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/relatedaccountgroupmemberships:search: + /v1/projects/{projectsId}/relatedaccountgroups: parameters: *ref_1 - post: - description: Search group memberships related to a given account. - operationId: recaptchaenterprise.projects.relatedaccountgroupmemberships.search - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1SearchRelatedAccountGroupMembershipsRequest + get: + description: List groups of related accounts. + operationId: recaptchaenterprise.projects.relatedaccountgroups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3268,10 +3307,19 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRecaptchaenterpriseV1SearchRelatedAccountGroupMembershipsResponse + #/components/schemas/GoogleCloudRecaptchaenterpriseV1ListRelatedAccountGroupsResponse parameters: - in: path name: projectsId required: true schema: type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 diff --git a/providers/src/googleapis.com/v00.00.00000/services/recommendationengine.yaml b/providers/src/googleapis.com/v00.00.00000/services/recommendationengine.yaml index f578a2de..30130c08 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/recommendationengine.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/recommendationengine.yaml @@ -14,8 +14,8 @@ info: personalized recommendation systems without requiring a high level of expertise in machine learning, recommendation system, or Google Cloud. version: v1beta1 - x-discovery-doc-revision: '20250717' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251201' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/recommendations-ai/docs servers: @@ -41,135 +41,21 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleLongrunningListOperationsResponse: - id: GoogleLongrunningListOperationsResponse - description: The response message for Operations.ListOperations. - type: object - properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/GoogleLongrunningOperation' - nextPageToken: - description: The standard List next-page token. - type: string - GoogleLongrunningOperation: - id: GoogleLongrunningOperation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/GoogleRpcStatus' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleRpcStatus: - id: GoogleRpcStatus + GoogleCloudRecommendationengineV1beta1ProductCatalogItemPriceRange: + id: GoogleCloudRecommendationengineV1beta1ProductCatalogItemPriceRange description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleCloudRecommendationengineV1beta1ListCatalogsResponse: - id: GoogleCloudRecommendationengineV1beta1ListCatalogsResponse - description: Response for ListCatalogs method. - type: object - properties: - catalogs: - description: Output only. All the customer's catalogs. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudRecommendationengineV1beta1Catalog' - nextPageToken: - description: Pagination token, if not returned indicates the last page. - type: string - GoogleCloudRecommendationengineV1beta1Catalog: - id: GoogleCloudRecommendationengineV1beta1Catalog - description: 'The catalog configuration. Next ID: 5.' + Product price range when there are a range of prices for different + variations of the same product. type: object properties: - name: - description: The fully qualified resource name of the catalog. - type: string - displayName: - description: Required. The catalog display name. - type: string - defaultEventStoreId: - description: Required. The ID of the default event store. - type: string - catalogItemLevelConfig: - description: Required. The catalog item level configuration. - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItemLevelConfig + max: + description: Required. The maximum product price. + type: number + format: float + min: + description: Required. The minimum product price. + type: number + format: float GoogleCloudRecommendationengineV1beta1CatalogItemLevelConfig: id: GoogleCloudRecommendationengineV1beta1CatalogItemLevelConfig description: >- @@ -178,25 +64,24 @@ components: type: object properties: eventItemLevel: - description: >- - Optional. Level of the catalog at which events are uploaded. See - https://cloud.google.com/recommendations-ai/docs/catalog#catalog-levels - for more details. - type: string enumDescriptions: - Unknown value - should never be used. - Catalog items are at variant level. - Catalog items are at master level. + description: >- + Optional. Level of the catalog at which events are uploaded. See + https://cloud.google.com/recommendations-ai/docs/catalog#catalog-levels + for more details. enum: - CATALOG_ITEM_LEVEL_UNSPECIFIED - VARIANT - MASTER + type: string predictItemLevel: description: >- Optional. Level of the catalog at which predictions are made. See https://cloud.google.com/recommendations-ai/docs/catalog#catalog-levels for more details. - type: string enumDescriptions: - Unknown value - should never be used. - Catalog items are at variant level. @@ -205,178 +90,161 @@ components: - CATALOG_ITEM_LEVEL_UNSPECIFIED - VARIANT - MASTER - GoogleCloudRecommendationengineV1beta1CatalogItem: - id: GoogleCloudRecommendationengineV1beta1CatalogItem - description: >- - CatalogItem captures all metadata information of items to be - recommended. + type: string + GoogleCloudRecommendationengineV1beta1CatalogInlineSource: + description: The inline source for the input config for ImportCatalogItems method. type: object + id: GoogleCloudRecommendationengineV1beta1CatalogInlineSource properties: - id: - description: >- - Required. Catalog item identifier. UTF-8 encoded string with a - length limit of 128 bytes. This id must be unique among all catalog - items within the same catalog. It should also be used when logging - user events in order for the user events to be joined with the - Catalog. - type: string - categoryHierarchies: - description: >- - Required. Catalog item categories. This field is repeated for - supporting one catalog item belonging to several parallel category - hierarchies. For example, if a shoes product belongs to both ["Shoes - & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic - Clothing" -> "Shoes"], it could be represented as: - "categoryHierarchies": [ { "categories": ["Shoes & Accessories", - "Shoes"]}, { "categories": ["Sports & Fitness", "Athletic Clothing", - "Shoes"] } ] + catalogItems: type: array items: $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItemCategoryHierarchy - title: + #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItem description: >- - Required. Catalog item title. UTF-8 encoded string with a length - limit of 1 KiB. + Optional. A list of catalog items to update/create. Recommended max + of 10k items. + GoogleCloudRecommendationengineV1beta1BigQuerySource: + type: object + properties: + datasetId: + description: Required. The BigQuery data set to copy the data from. type: string - description: - description: >- - Optional. Catalog item description. UTF-8 encoded string with a - length limit of 5 KiB. + projectId: type: string - itemAttributes: description: >- - Optional. Highly encouraged. Extra catalog item attributes to be - included in the recommendation model. For example, for retail - products, this could include the store name, vendor, style, color, - etc. These are very strong signals for recommendation model, thus we - highly recommend providing the item attributes here. - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1FeatureMap - languageCode: + Optional. The project id (can be project # or id) that the BigQuery + source is in. If not specified, inherits the project id from the + parent request. + gcsStagingDir: description: >- - Optional. Deprecated. The model automatically detects the text - language. Your catalog can include text in different languages, but - duplicating catalog items to provide text in multiple languages can - result in degraded model performance. + Optional. Intermediate Cloud Storage directory used for the import. + Can be specified if one wants to have the BigQuery export to a + specific Cloud Storage directory. type: string - tags: - description: >- - Optional. Filtering tags associated with the catalog item. Each tag - should be a UTF-8 encoded string with a length limit of 1 KiB. This - tag can be used for filtering recommendation results by passing the - tag as part of the predict request filter. - type: array - items: - type: string - itemGroupId: + tableId: + description: Required. The BigQuery table to copy the data from. + type: string + dataSchema: description: >- - Optional. Variant group identifier for prediction results. UTF-8 - encoded string with a length limit of 128 bytes. This field must be - enabled before it can be used. [Learn - more](/recommendations-ai/docs/catalog#item-group-id). + Optional. The schema to use when parsing the data from the source. + Supported values for catalog imports: 1: + "catalog_recommendations_ai" using + https://cloud.google.com/recommendations-ai/docs/upload-catalog#json + (Default for catalogItems.import) 2: "catalog_merchant_center" using + https://cloud.google.com/recommendations-ai/docs/upload-catalog#mc + Supported values for user event imports: 1: + "user_events_recommendations_ai" using + https://cloud.google.com/recommendations-ai/docs/manage-user-events#import + (Default for userEvents.import) 2. "user_events_ga360" using + https://support.google.com/analytics/answer/3437719?hl=en type: string - productMetadata: - description: Optional. Metadata specific to retail products. - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1ProductCatalogItem - GoogleCloudRecommendationengineV1beta1CatalogItemCategoryHierarchy: - id: GoogleCloudRecommendationengineV1beta1CatalogItemCategoryHierarchy - description: Category represents catalog item category hierarchy. + id: GoogleCloudRecommendationengineV1beta1BigQuerySource + description: BigQuery source import data from. + GoogleCloudRecommendationengineV1beta1GcsSource: + description: Google Cloud Storage location for input content. format. + id: GoogleCloudRecommendationengineV1beta1GcsSource type: object properties: - categories: - description: >- - Required. Catalog item categories. Each category should be a UTF-8 - encoded string with a length limit of 2 KiB. Note that the order in - the list denotes the specificity (from least to most specific). - type: array - items: - type: string - GoogleCloudRecommendationengineV1beta1FeatureMap: - id: GoogleCloudRecommendationengineV1beta1FeatureMap - description: >- - FeatureMap represents extra features that customers want to include in - the recommendation model for catalogs/user events as - categorical/numerical features. - type: object - properties: - categoricalFeatures: + jsonSchema: description: >- - Categorical features that can take on one of a limited number of - possible values. Some examples would be the brand/maker of a - product, or country of a customer. Feature names and values must be - UTF-8 encoded strings. For example: `{ "colors": {"value": - ["yellow", "green"]}, "sizes": {"value":["S", "M"]}` - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1FeatureMapStringList - numericalFeatures: + Optional. The schema to use when parsing the data from the source. + Supported values for catalog imports: 1: + "catalog_recommendations_ai" using + https://cloud.google.com/recommendations-ai/docs/upload-catalog#json + (Default for catalogItems.import) 2: "catalog_merchant_center" using + https://cloud.google.com/recommendations-ai/docs/upload-catalog#mc + Supported values for user events imports: 1: + "user_events_recommendations_ai" using + https://cloud.google.com/recommendations-ai/docs/manage-user-events#import + (Default for userEvents.import) 2. "user_events_ga360" using + https://support.google.com/analytics/answer/3437719?hl=en + type: string + inputUris: description: >- - Numerical features. Some examples would be the height/weight of a - product, or age of a customer. Feature names must be UTF-8 encoded - strings. For example: `{ "lengths_cm": {"value":[2.3, 15.4]}, - "heights_cm": {"value":[8.1, 6.4]} }` - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1FeatureMapFloatList - GoogleCloudRecommendationengineV1beta1FeatureMapStringList: - id: GoogleCloudRecommendationengineV1beta1FeatureMapStringList - description: A list of string features. - type: object - properties: - value: - description: String feature value with a length limit of 128 bytes. - type: array + Required. Google Cloud Storage URIs to input files. URI can be up to + 2000 characters long. URIs can match the full object path (for + example, `gs://bucket/directory/object.json`) or a pattern matching + one or more files, such as `gs://bucket/directory/*.json`. A request + can contain at most 100 files, and each file can be up to 2 GB. See + [Importing catalog + information](/recommendations-ai/docs/upload-catalog) for the + expected file format and setup instructions. items: type: string - GoogleCloudRecommendationengineV1beta1FeatureMapFloatList: - id: GoogleCloudRecommendationengineV1beta1FeatureMapFloatList - description: A list of float features. - type: object - properties: - value: - description: Float feature value. type: array - items: - type: number - format: float - GoogleCloudRecommendationengineV1beta1ProductCatalogItem: - id: GoogleCloudRecommendationengineV1beta1ProductCatalogItem - description: ProductCatalogItem captures item metadata specific to retail products. - type: object + GoogleCloudRecommendationengineV1beta1ImportCatalogItemsRequest: properties: - exactPrice: - description: Optional. The exact product price. + inputConfig: + description: Required. The desired input location of the data. $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1ProductCatalogItemExactPrice - priceRange: - description: Optional. The product price range. + #/components/schemas/GoogleCloudRecommendationengineV1beta1InputConfig + errorsConfig: + description: Optional. The desired location of errors incurred during the Import. $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1ProductCatalogItemPriceRange - costs: + #/components/schemas/GoogleCloudRecommendationengineV1beta1ImportErrorsConfig + requestId: + type: string description: >- - Optional. A map to pass the costs associated with the product. For - example: {"manufacturing": 45.5} The profit of selling this item is - computed like so: * If 'exactPrice' is provided, profit = - displayPrice - sum(costs) * If 'priceRange' is provided, profit = - minPrice - sum(costs) - type: object - additionalProperties: - type: number - format: float + Optional. Unique identifier provided by client, within the ancestor + dataset scope. Ensures idempotency and used for request + deduplication. Server-generated if unspecified. Up to 128 characters + long. This is returned as google.longrunning.Operation.name in the + response. + updateMask: + type: string + format: google-fieldmask + description: >- + Optional. Indicates which fields in the provided imported 'items' to + update. If not set, will by default update all fields. + id: GoogleCloudRecommendationengineV1beta1ImportCatalogItemsRequest + description: Request message for Import methods. + type: object + GoogleCloudRecommendationengineV1beta1ProductDetail: + properties: + quantity: + type: integer + description: >- + Optional. Quantity of the product associated with the user event. + For example, this field will be 2 if two products are added to the + shopping cart for `add-to-cart` event. Required for `add-to-cart`, + `add-to-list`, `remove-from-cart`, `checkout-start`, + `purchase-complete`, `refund` event types. + format: int32 + displayPrice: + type: number + format: float + description: >- + Optional. Display price of the product (e.g. discounted price). If + provided, this will override the display price in Catalog for this + product. + originalPrice: + format: float + type: number + description: >- + Optional. Original price of the product. If provided, this will + override the original price in Catalog for this product. currencyCode: description: >- - Optional. Only required if the price is set. Currency code for - price/costs. Use three-character ISO-4217 code. + Optional. Currency code for price/costs. Use three-character + ISO-4217 code. Required only if originalPrice or displayPrice is + set. type: string + availableQuantity: + type: integer + format: int32 + description: >- + Optional. Quantity of the products in stock when a user event + happens. Optional. If provided, this overrides the available + quantity in Catalog for this event. and can only be set if + `stock_status` is set to `IN_STOCK`. Note that if an item is out of + stock, you must set the `stock_state` field to be `OUT_OF_STOCK`. + Leaving this field unspecified / as zero is not sufficient to mark + the item out of stock. stockState: description: >- - Optional. Online stock state of the catalog item. Default is - `IN_STOCK`. - type: string + Optional. Item stock state. If provided, this overrides the stock + state in Catalog for items in this event. enumDescriptions: - Default item stock status. Should never be used. - Item in stock. @@ -389,82 +257,189 @@ components: - OUT_OF_STOCK - PREORDER - BACKORDER - availableQuantity: - description: Optional. The available quantity of the item. type: string - format: int64 - canonicalProductUri: + id: description: >- - Optional. Canonical URL directly linking to the item detail page - with a length limit of 5 KiB.. + Required. Catalog item ID. UTF-8 encoded string with a length limit + of 128 characters. type: string - images: - description: Optional. Product images for the catalog item. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRecommendationengineV1beta1Image' - GoogleCloudRecommendationengineV1beta1ProductCatalogItemExactPrice: - id: GoogleCloudRecommendationengineV1beta1ProductCatalogItemExactPrice - description: Exact product price. + itemAttributes: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1FeatureMap + description: >- + Optional. Extra features associated with a product in the user + event. + id: GoogleCloudRecommendationengineV1beta1ProductDetail + description: Detailed product information associated with a user event. + type: object + GoogleCloudRecommendationengineV1beta1ImportUserEventsResponse: + id: GoogleCloudRecommendationengineV1beta1ImportUserEventsResponse type: object + description: >- + Response of the ImportUserEventsRequest. If the long running operation + was successful, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. properties: - displayPrice: - description: Optional. Display price of the product. - type: number - format: float - originalPrice: + errorsConfig: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1ImportErrorsConfig description: >- - Optional. Price of the product without any discount. If zero, by - default set to be the 'displayPrice'. - type: number - format: float - GoogleCloudRecommendationengineV1beta1ProductCatalogItemPriceRange: - id: GoogleCloudRecommendationengineV1beta1ProductCatalogItemPriceRange - description: >- - Product price range when there are a range of prices for different - variations of the same product. + Echoes the destination for the complete errors if this field was set + in the request. + errorSamples: + description: A sample of errors encountered while processing the request. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + importSummary: + description: Aggregated statistics of user event import status. + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1UserEventImportSummary + GoogleCloudRecommendationengineV1beta1PredictResponsePredictionResult: type: object + description: PredictionResult represents the recommendation prediction results. + id: GoogleCloudRecommendationengineV1beta1PredictResponsePredictionResult properties: - min: - description: Required. The minimum product price. - type: number - format: float - max: - description: Required. The maximum product price. - type: number - format: float - GoogleCloudRecommendationengineV1beta1Image: - id: GoogleCloudRecommendationengineV1beta1Image - description: Catalog item thumbnail/detail image. + id: + description: ID of the recommended catalog item + type: string + itemMetadata: + description: >- + Additional item metadata / annotations. Possible values: * + `catalogItem`: JSON representation of the catalogItem. Will be set + if `returnCatalogItem` is set to true in `PredictRequest.params`. * + `score`: Prediction score in double value. Will be set if + `returnItemScore` is set to true in `PredictRequest.params`. + additionalProperties: + type: any + type: object + GoogleCloudRecommendationengineV1beta1FeatureMapFloatList: type: object + id: GoogleCloudRecommendationengineV1beta1FeatureMapFloatList + description: A list of float features. properties: - uri: - description: Required. URL of the image with a length limit of 5 KiB. - type: string - height: - description: Optional. Height of the image in number of pixels. - type: integer + value: + type: array + items: + type: number + format: float + description: Float feature value. + GoogleRpcStatus: + type: object + properties: + code: format: int32 - width: - description: Optional. Width of the image in number of pixels. type: integer - format: int32 - GoogleCloudRecommendationengineV1beta1ListCatalogItemsResponse: - id: GoogleCloudRecommendationengineV1beta1ListCatalogItemsResponse - description: Response message for ListCatalogItems method. + description: The status code, which should be an enum value of google.rpc.Code. + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + details: + type: array + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + id: GoogleRpcStatus + GoogleCloudRecommendationengineV1beta1RejoinUserEventsRequest: + description: Request message for CatalogRejoin method. + properties: + userEventRejoinScope: + type: string + enumDescriptions: + - >- + Rejoin catalogs with all events including both joined events and + unjoined events. + - Only rejoin catalogs with joined events. + - Only rejoin catalogs with unjoined events. + enum: + - USER_EVENT_REJOIN_SCOPE_UNSPECIFIED + - JOINED_EVENTS + - UNJOINED_EVENTS + description: >- + Required. The type of the catalog rejoin to define the scope and + range of the user events to be rejoined with catalog items. + id: GoogleCloudRecommendationengineV1beta1RejoinUserEventsRequest + type: object + GoogleCloudRecommendationengineV1beta1RejoinUserEventsMetadata: + type: object + description: Metadata for RejoinUserEvents method. + properties: {} + id: GoogleCloudRecommendationengineV1beta1RejoinUserEventsMetadata + GoogleCloudRecommendationengineV1beta1PurgeUserEventsResponse: type: object properties: - catalogItems: - description: The catalog items. + userEventsSample: type: array + description: >- + A sampling of events deleted (or will be deleted) depending on the + `force` property in the request. Max of 500 items will be returned. items: $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItem - nextPageToken: + #/components/schemas/GoogleCloudRecommendationengineV1beta1UserEvent + purgedEventsCount: + description: The total count of events purged as a result of the operation. + format: int64 + type: string + description: >- + Response of the PurgeUserEventsRequest. If the long running operation is + successfully done, then this message is returned by the + google.longrunning.Operations.response field. + id: GoogleCloudRecommendationengineV1beta1PurgeUserEventsResponse + GoogleCloudRecommendationengineV1beta1PurgeUserEventsRequest: + description: Request message for PurgeUserEvents method. + properties: + filter: description: >- - If empty, the list is complete. If nonempty, the token to pass to - the next request's ListCatalogItemRequest.page_token. + Required. The filter string to specify the events to be deleted. + Empty string filter is not allowed. The eligible fields for + filtering are: * `eventType`: UserEvent.eventType field of type + string. * `eventTime`: in ISO 8601 "zulu" format. * `visitorId`: + field of type string. Specifying this will delete all events + associated with a visitor. * `userId`: field of type string. + Specifying this will delete all events associated with a user. + Examples: * Deleting all events in a time range: `eventTime > + "2012-04-23T18:25:43.511Z" eventTime < "2012-04-23T18:30:43.511Z"` * + Deleting specific eventType in time range: `eventTime > + "2012-04-23T18:25:43.511Z" eventType = "detail-page-view"` * + Deleting all events for a specific visitor: `visitorId = + "visitor1024"` The filtering fields are assumed to have an implicit + AND. type: string + force: + type: boolean + description: >- + Optional. The default value is false. Override this flag to true to + actually perform the purge. If the field is not set to true, a + sampling of events to be deleted will be returned. + type: object + id: GoogleCloudRecommendationengineV1beta1PurgeUserEventsRequest + GoogleCloudRecommendationengineV1beta1CreatePredictionApiKeyRegistrationRequest: + description: Request message for the `CreatePredictionApiKeyRegistration` method. + type: object + id: >- + GoogleCloudRecommendationengineV1beta1CreatePredictionApiKeyRegistrationRequest + properties: + predictionApiKeyRegistration: + description: Required. The prediction API key registration. + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1PredictionApiKeyRegistration GoogleProtobufEmpty: id: GoogleProtobufEmpty description: >- @@ -472,562 +447,501 @@ components: empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object properties: {} - GoogleCloudRecommendationengineV1beta1ImportCatalogItemsRequest: - id: GoogleCloudRecommendationengineV1beta1ImportCatalogItemsRequest - description: Request message for Import methods. + type: object + GoogleLongrunningListOperationsResponse: type: object properties: - requestId: - description: >- - Optional. Unique identifier provided by client, within the ancestor - dataset scope. Ensures idempotency and used for request - deduplication. Server-generated if unspecified. Up to 128 characters - long. This is returned as google.longrunning.Operation.name in the - response. + nextPageToken: type: string - inputConfig: - description: Required. The desired input location of the data. - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1InputConfig - errorsConfig: - description: Optional. The desired location of errors incurred during the Import. - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1ImportErrorsConfig - updateMask: + description: The standard List next-page token. + unreachable: + items: + type: string description: >- - Optional. Indicates which fields in the provided imported 'items' to - update. If not set, will by default update all fields. - type: string - format: google-fieldmask - GoogleCloudRecommendationengineV1beta1InputConfig: - id: GoogleCloudRecommendationengineV1beta1InputConfig - description: The input config source. - type: object + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + operations: + type: array + description: >- + A list of operations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/GoogleLongrunningOperation' + description: The response message for Operations.ListOperations. + id: GoogleLongrunningListOperationsResponse + GoogleCloudRecommendationengineV1beta1ImportUserEventsRequest: + id: GoogleCloudRecommendationengineV1beta1ImportUserEventsRequest + description: Request message for the ImportUserEvents request. properties: - catalogInlineSource: - description: The Inline source for the input content for Catalog items. - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogInlineSource - gcsSource: - description: Google Cloud Storage location for the input content. - $ref: '#/components/schemas/GoogleCloudRecommendationengineV1beta1GcsSource' - userEventInlineSource: - description: The Inline source for the input content for UserEvents. + errorsConfig: $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1UserEventInlineSource - bigQuerySource: - description: BigQuery input source. + #/components/schemas/GoogleCloudRecommendationengineV1beta1ImportErrorsConfig + description: Optional. The desired location of errors incurred during the Import. + inputConfig: $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1BigQuerySource - GoogleCloudRecommendationengineV1beta1CatalogInlineSource: - id: GoogleCloudRecommendationengineV1beta1CatalogInlineSource - description: The inline source for the input config for ImportCatalogItems method. - type: object - properties: - catalogItems: + #/components/schemas/GoogleCloudRecommendationengineV1beta1InputConfig + description: Required. The desired input location of the data. + requestId: + type: string description: >- - Optional. A list of catalog items to update/create. Recommended max - of 10k items. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItem - GoogleCloudRecommendationengineV1beta1GcsSource: - id: GoogleCloudRecommendationengineV1beta1GcsSource - description: Google Cloud Storage location for input content. format. + Optional. Unique identifier provided by client, within the ancestor + dataset scope. Ensures idempotency for expensive long running + operations. Server-generated if unspecified. Up to 128 characters + long. This is returned as google.longrunning.Operation.name in the + response. Note that this field must not be set if the desired input + config is catalog_inline_source. type: object + GoogleCloudRecommendationengineV1beta1UserEventImportSummary: properties: - inputUris: + unjoinedEventsCount: + format: int64 + type: string description: >- - Required. Google Cloud Storage URIs to input files. URI can be up to - 2000 characters long. URIs can match the full object path (for - example, `gs://bucket/directory/object.json`) or a pattern matching - one or more files, such as `gs://bucket/directory/*.json`. A request - can contain at most 100 files, and each file can be up to 2 GB. See - [Importing catalog - information](/recommendations-ai/docs/upload-catalog) for the - expected file format and setup instructions. - type: array - items: - type: string - jsonSchema: + Count of user events imported, but with catalog information not + found in the imported catalog. + joinedEventsCount: + format: int64 description: >- - Optional. The schema to use when parsing the data from the source. - Supported values for catalog imports: 1: - "catalog_recommendations_ai" using - https://cloud.google.com/recommendations-ai/docs/upload-catalog#json - (Default for catalogItems.import) 2: "catalog_merchant_center" using - https://cloud.google.com/recommendations-ai/docs/upload-catalog#mc - Supported values for user events imports: 1: - "user_events_recommendations_ai" using - https://cloud.google.com/recommendations-ai/docs/manage-user-events#import - (Default for userEvents.import) 2. "user_events_ga360" using - https://support.google.com/analytics/answer/3437719?hl=en + Count of user events imported with complete existing catalog + information. type: string - GoogleCloudRecommendationengineV1beta1UserEventInlineSource: - id: GoogleCloudRecommendationengineV1beta1UserEventInlineSource - description: The inline source for the input config for ImportUserEvents method. type: object - properties: - userEvents: - description: >- - Optional. A list of user events to import. Recommended max of 10k - items. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1UserEvent - GoogleCloudRecommendationengineV1beta1UserEvent: - id: GoogleCloudRecommendationengineV1beta1UserEvent description: >- - UserEvent captures all metadata information recommendation engine needs - to know about how end users interact with customers' website. - type: object + A summary of import result. The UserEventImportSummary summarizes the + import status for user events. + id: GoogleCloudRecommendationengineV1beta1UserEventImportSummary + GoogleApiHttpBody: + description: >- + Message that represents an arbitrary HTTP body. It should only be used + for payload formats that can't be represented as JSON, such as raw + binary or an HTML page. This message can be used both in streaming and + non-streaming API methods in the request as well as the response. It can + be used as a top-level request field, which is convenient if one wants + to extract parameters from either the URL or HTTP template into the + request fields and also want access to the raw HTTP body. Example: + message GetResourceRequest { // A unique request id. string request_id = + 1; // The raw HTTP body is bound to this field. google.api.HttpBody + http_body = 2; } service ResourceService { rpc + GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc + UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } + Example with streaming methods: service CaldavService { rpc + GetCalendar(stream google.api.HttpBody) returns (stream + google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) + returns (stream google.api.HttpBody); } Use of this type only changes + how the request and response bodies are handled, all other features will + continue to work unchanged. properties: - eventType: - description: >- - Required. User event type. Allowed values are: * `add-to-cart` - Products being added to cart. * `add-to-list` Items being added to a - list (shopping list, favorites etc). * `category-page-view` Special - pages such as sale or promotion pages viewed. * `checkout-start` - User starting a checkout process. * `detail-page-view` Products - detail page viewed. * `home-page-view` Homepage viewed. * - `page-visit` Generic page visits not included in the event types - above. * `purchase-complete` User finishing a purchase. * `refund` - Purchased items being refunded or returned. * `remove-from-cart` - Products being removed from cart. * `remove-from-list` Items being - removed from a list. * `search` Product search. * - `shopping-cart-page-view` User viewing a shopping cart. * - `impression` List of items displayed. Used by Google Tag Manager. + contentType: type: string - userInfo: - description: Required. User information. - $ref: '#/components/schemas/GoogleCloudRecommendationengineV1beta1UserInfo' - eventDetail: - description: >- - Optional. User event detailed information common across different - recommendation types. - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1EventDetail - productEventDetail: - description: >- - Optional. Retail product specific user event metadata. This field is - required for the following event types: * `add-to-cart` * - `add-to-list` * `category-page-view` * `checkout-start` * - `detail-page-view` * `purchase-complete` * `refund` * - `remove-from-cart` * `remove-from-list` * `search` This field is - optional for the following event types: * `page-visit` * - `shopping-cart-page-view` - note that 'product_event_detail' should - be set for this unless the shopping cart is empty. This field is not - allowed for the following event types: * `home-page-view` - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1ProductEventDetail - eventTime: description: >- - Optional. Only required for ImportUserEvents method. Timestamp of - user event created. - type: string - format: google-datetime - eventSource: + The HTTP Content-Type header value specifying the content type of + the body. + extensions: description: >- - Optional. This field should *not* be set when using JavaScript pixel - or the Recommendations AI Tag. Defaults to - `EVENT_SOURCE_UNSPECIFIED`. + Application specific response metadata. Must be set in the first + response for streaming APIs. + type: array + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + data: + format: byte type: string - enumDescriptions: - - Unspecified event source. - - >- - The event is ingested via a javascript pixel or Recommendations AI - Tag through automl datalayer or JS Macros. - - >- - The event is ingested via Recommendations AI Tag through Enhanced - Ecommerce datalayer. - - The event is ingested via Import user events API. - enum: - - EVENT_SOURCE_UNSPECIFIED - - AUTOML - - ECOMMERCE - - BATCH_UPLOAD - GoogleCloudRecommendationengineV1beta1UserInfo: - id: GoogleCloudRecommendationengineV1beta1UserInfo - description: Information of end users. + description: The HTTP request/response body as raw binary. + type: object + id: GoogleApiHttpBody + GoogleCloudRecommendationengineV1beta1ListCatalogItemsResponse: type: object + id: GoogleCloudRecommendationengineV1beta1ListCatalogItemsResponse + description: Response message for ListCatalogItems method. properties: - visitorId: - description: >- - Required. A unique identifier for tracking visitors with a length - limit of 128 bytes. For example, this could be implemented with an - HTTP cookie, which should be able to uniquely identify a visitor on - a single device. This unique identifier should not change if the - visitor logs in or out of the website. Maximum length 128 bytes. - Cannot be empty. Don't set the field to the same fixed ID for - different users. This mixes the event history of those users - together, which results in degraded model quality. - type: string - userId: - description: >- - Optional. Unique identifier for logged-in user with a length limit - of 128 bytes. Required only for logged-in users. Don't set for - anonymous users. Don't set the field to the same fixed ID for - different users. This mixes the event history of those users - together, which results in degraded model quality. - type: string - ipAddress: - description: >- - Optional. IP address of the user. This could be either IPv4 (e.g. - 104.133.9.80) or IPv6 (e.g. - 2001:0db8:85a3:0000:0000:8a2e:0370:7334). This should *not* be set - when using the javascript pixel or if `direct_user_request` is set. - Used to extract location information for personalization. - type: string - userAgent: - description: >- - Optional. User agent as included in the HTTP header. UTF-8 encoded - string with a length limit of 1 KiB. This should *not* be set when - using the JavaScript pixel or if `directUserRequest` is set. + nextPageToken: type: string - directUserRequest: description: >- - Optional. Indicates if the request is made directly from the end - user in which case the user_agent and ip_address fields can be - populated from the HTTP request. This should *not* be set when using - the javascript pixel. This flag should be set only if the API - request is made directly from the end user such as a mobile app (and - not if a gateway or a server is processing and pushing the user - events). - type: boolean - GoogleCloudRecommendationengineV1beta1EventDetail: - id: GoogleCloudRecommendationengineV1beta1EventDetail - description: User event details shared by all recommendation types. + If empty, the list is complete. If nonempty, the token to pass to + the next request's ListCatalogItemRequest.page_token. + catalogItems: + items: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItem + description: The catalog items. + type: array + GoogleCloudRecommendationengineV1beta1ProductCatalogItemExactPrice: type: object + id: GoogleCloudRecommendationengineV1beta1ProductCatalogItemExactPrice properties: - uri: - description: >- - Optional. Complete url (window.location.href) of the user's current - page. When using the JavaScript pixel, this value is filled in - automatically. Maximum length 5KB. - type: string - referrerUri: - description: >- - Optional. The referrer url of the current page. When using the - JavaScript pixel, this value is filled in automatically. - type: string - pageViewId: + originalPrice: description: >- - Optional. A unique id of a web page view. This should be kept the - same for all user events triggered from the same pageview. For - example, an item detail page view could trigger multiple events as - the user is browsing the page. The `pageViewId` property should be - kept the same for all these events so that they can be grouped - together properly. This `pageViewId` will be automatically generated - if using the JavaScript pixel. + Optional. Price of the product without any discount. If zero, by + default set to be the 'displayPrice'. + type: number + format: float + displayPrice: + description: Optional. Display price of the product. + type: number + format: float + description: Exact product price. + GoogleCloudRecommendationengineV1alphaRejoinCatalogMetadata: + id: GoogleCloudRecommendationengineV1alphaRejoinCatalogMetadata + type: object + properties: {} + description: Metadata for TriggerCatalogRejoin method. + GoogleCloudRecommendationengineV1beta1PredictionApiKeyRegistration: + properties: + apiKey: + description: The API key. type: string - experimentIds: - description: >- - Optional. A list of identifiers for the independent experiment - groups this user event belongs to. This is used to distinguish - between user events associated with different experiment setups - (e.g. using Recommendation Engine system, using different - recommendation models). + type: object + id: GoogleCloudRecommendationengineV1beta1PredictionApiKeyRegistration + description: Registered Api Key. + GoogleCloudRecommendationengineV1beta1ListCatalogsResponse: + id: GoogleCloudRecommendationengineV1beta1ListCatalogsResponse + type: object + properties: + catalogs: type: array + description: Output only. All the customer's catalogs. + readOnly: true items: - type: string - recommendationToken: - description: >- - Optional. Recommendation token included in the recommendation - prediction response. This field enables accurate attribution of - recommendation model performance. This token enables us to - accurately attribute page view or purchase back to the event and the - particular predict response containing this clicked/purchased item. - If user clicks on product K in the recommendation results, pass the - `PredictResponse.recommendationToken` property as a url parameter to - product K's page. When recording events on product K's page, log the - PredictResponse.recommendation_token to this field. Optional, but - highly encouraged for user events that are the result of a - recommendation prediction query. + $ref: '#/components/schemas/GoogleCloudRecommendationengineV1beta1Catalog' + nextPageToken: type: string - eventAttributes: - description: >- - Optional. Extra user event features to include in the recommendation - model. For product recommendation, an example of extra user - information is traffic_channel, i.e. how user arrives at the site. - Users can arrive at the site by coming to the site directly, or - coming through Google search, and etc. - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1FeatureMap - GoogleCloudRecommendationengineV1beta1ProductEventDetail: - id: GoogleCloudRecommendationengineV1beta1ProductEventDetail + description: Pagination token, if not returned indicates the last page. + description: Response for ListCatalogs method. + GoogleCloudRecommendationengineV1alphaRejoinCatalogResponse: + id: GoogleCloudRecommendationengineV1alphaRejoinCatalogResponse + description: Response message for TriggerCatalogRejoin method. + type: object + properties: + rejoinedUserEventsCount: + format: int64 + description: Number of user events that were joined with latest catalog items. + type: string + GoogleCloudRecommendationengineV1beta1ImportMetadata: description: >- - ProductEventDetail captures user event information specific to retail - products. + Metadata related to the progress of the Import operation. This will be + returned by the google.longrunning.Operation.metadata field. type: object + id: GoogleCloudRecommendationengineV1beta1ImportMetadata properties: - searchQuery: + requestId: description: >- - At least one of search_query or page_categories is required for - `search` events. Other event types should not set this field. The - user's search query as UTF-8 encoded text with a length limit of 5 - KiB. + Id of the request / operation. This is parroting back the requestId + that was passed in the request. type: string - pageCategories: - description: >- - Required for `category-page-view` events. At least one of - search_query or page_categories is required for `search` events. - Other event types should not set this field. The categories - associated with a category page. Category pages include special - pages such as sales or promotions. For instance, a special sale page - may have the category hierarchy: categories : ["Sales", "2017 Black - Friday Deals"]. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItemCategoryHierarchy - productDetails: - description: >- - The main product details related to the event. This field is - required for the following event types: * `add-to-cart` * - `add-to-list` * `checkout-start` * `detail-page-view` * - `purchase-complete` * `refund` * `remove-from-cart` * - `remove-from-list` This field is optional for the following event - types: * `page-visit` * `shopping-cart-page-view` - note that - 'product_details' should be set for this unless the shopping cart is - empty. * `search` (highly encouraged) In a `search` event, this - field represents the products returned to the end user on the - current page (the end user may have not finished broswing the whole - page yet). When a new page is returned to the end user, after - pagination/filtering/ordering even for the same query, a new SEARCH - event with different product_details is desired. The end user may - have not finished broswing the whole page yet. This field is not - allowed for the following event types: * `category-page-view` * - `home-page-view` - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1ProductDetail - listId: - description: >- - Required for `add-to-list` and `remove-from-list` events. The id or - name of the list that the item is being added to or removed from. - Other event types should not set this field. + operationName: type: string - cartId: - description: >- - Optional. The id or name of the associated shopping cart. This id is - used to associate multiple items added or present in the cart before - purchase. This can only be set for `add-to-cart`, - `remove-from-cart`, `checkout-start`, `purchase-complete`, or - `shopping-cart-page-view` events. + description: Name of the operation. + successCount: + format: int64 + description: Count of entries that were processed successfully. + type: string + createTime: + description: Operation create time. + format: google-datetime + type: string + failureCount: + format: int64 + description: Count of entries that encountered errors while processing. + type: string + updateTime: type: string - purchaseTransaction: description: >- - Optional. A transaction represents the entire purchase transaction. - Required for `purchase-complete` events. Optional for - `checkout-start` events. Other event types should not set this - field. - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1PurchaseTransaction - GoogleCloudRecommendationengineV1beta1ProductDetail: - id: GoogleCloudRecommendationengineV1beta1ProductDetail - description: Detailed product information associated with a user event. + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + GoogleCloudRecommendationengineV1beta1ListPredictionApiKeyRegistrationsResponse: type: object + description: Response message for the `ListPredictionApiKeyRegistrations`. + id: >- + GoogleCloudRecommendationengineV1beta1ListPredictionApiKeyRegistrationsResponse properties: - id: + predictionApiKeyRegistrations: + items: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1PredictionApiKeyRegistration + description: The list of registered API keys. + type: array + nextPageToken: description: >- - Required. Catalog item ID. UTF-8 encoded string with a length limit - of 128 characters. + If empty, the list is complete. If nonempty, pass the token to the + next request's + `ListPredictionApiKeysRegistrationsRequest.pageToken`. type: string - currencyCode: + GoogleCloudRecommendationengineV1alphaTuningResponse: + id: GoogleCloudRecommendationengineV1alphaTuningResponse + properties: {} + type: object + description: Response associated with a tune operation. + GoogleCloudRecommendationengineV1beta1CatalogItem: + type: object + id: GoogleCloudRecommendationengineV1beta1CatalogItem + properties: + itemGroupId: description: >- - Optional. Currency code for price/costs. Use three-character - ISO-4217 code. Required only if originalPrice or displayPrice is - set. + Optional. Variant group identifier for prediction results. UTF-8 + encoded string with a length limit of 128 bytes. This field must be + enabled before it can be used. [Learn + more](/recommendations-ai/docs/catalog#item-group-id). + type: string + description: type: string - originalPrice: description: >- - Optional. Original price of the product. If provided, this will - override the original price in Catalog for this product. - type: number - format: float - displayPrice: + Optional. Catalog item description. UTF-8 encoded string with a + length limit of 5 KiB. + tags: + type: array description: >- - Optional. Display price of the product (e.g. discounted price). If - provided, this will override the display price in Catalog for this - product. - type: number - format: float - stockState: + Optional. Filtering tags associated with the catalog item. Each tag + should be a UTF-8 encoded string with a length limit of 1 KiB. This + tag can be used for filtering recommendation results by passing the + tag as part of the predict request filter. + items: + type: string + productMetadata: + description: Optional. Metadata specific to retail products. + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1ProductCatalogItem + categoryHierarchies: + items: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItemCategoryHierarchy description: >- - Optional. Item stock state. If provided, this overrides the stock - state in Catalog for items in this event. + Required. Catalog item categories. This field is repeated for + supporting one catalog item belonging to several parallel category + hierarchies. For example, if a shoes product belongs to both ["Shoes + & Accessories" -> "Shoes"] and ["Sports & Fitness" -> "Athletic + Clothing" -> "Shoes"], it could be represented as: + "categoryHierarchies": [ { "categories": ["Shoes & Accessories", + "Shoes"]}, { "categories": ["Sports & Fitness", "Athletic Clothing", + "Shoes"] } ] + type: array + id: type: string - enumDescriptions: - - Default item stock status. Should never be used. - - Item in stock. - - Item out of stock. - - Item that is in pre-order state. - - Item that is back-ordered (i.e. temporarily out of stock). - enum: - - STOCK_STATE_UNSPECIFIED - - IN_STOCK - - OUT_OF_STOCK - - PREORDER - - BACKORDER - quantity: description: >- - Optional. Quantity of the product associated with the user event. - For example, this field will be 2 if two products are added to the - shopping cart for `add-to-cart` event. Required for `add-to-cart`, - `add-to-list`, `remove-from-cart`, `checkout-start`, - `purchase-complete`, `refund` event types. - type: integer - format: int32 - availableQuantity: + Required. Catalog item identifier. UTF-8 encoded string with a + length limit of 128 bytes. This id must be unique among all catalog + items within the same catalog. It should also be used when logging + user events in order for the user events to be joined with the + Catalog. + languageCode: + type: string description: >- - Optional. Quantity of the products in stock when a user event - happens. Optional. If provided, this overrides the available - quantity in Catalog for this event. and can only be set if - `stock_status` is set to `IN_STOCK`. Note that if an item is out of - stock, you must set the `stock_state` field to be `OUT_OF_STOCK`. - Leaving this field unspecified / as zero is not sufficient to mark - the item out of stock. - type: integer - format: int32 + Optional. Deprecated. The model automatically detects the text + language. Your catalog can include text in different languages, but + duplicating catalog items to provide text in multiple languages can + result in degraded model performance. itemAttributes: - description: >- - Optional. Extra features associated with a product in the user - event. $ref: >- #/components/schemas/GoogleCloudRecommendationengineV1beta1FeatureMap - GoogleCloudRecommendationengineV1beta1PurchaseTransaction: - id: GoogleCloudRecommendationengineV1beta1PurchaseTransaction - description: A transaction represents the entire purchase transaction. + description: >- + Optional. Highly encouraged. Extra catalog item attributes to be + included in the recommendation model. For example, for retail + products, this could include the store name, vendor, style, color, + etc. These are very strong signals for recommendation model, thus we + highly recommend providing the item attributes here. + title: + description: >- + Required. Catalog item title. UTF-8 encoded string with a length + limit of 1 KiB. + type: string + description: >- + CatalogItem captures all metadata information of items to be + recommended. + GoogleCloudRecommendationengineV1beta1UserEventInlineSource: + type: object + description: The inline source for the input config for ImportUserEvents method. + id: GoogleCloudRecommendationengineV1beta1UserEventInlineSource + properties: + userEvents: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1UserEvent + description: >- + Optional. A list of user events to import. Recommended max of 10k + items. + GoogleCloudRecommendationengineV1beta1RejoinUserEventsResponse: type: object properties: - id: - description: Optional. The transaction ID with a length limit of 128 bytes. + rejoinedUserEventsCount: type: string - revenue: + description: Number of user events that were joined with latest catalog items. + format: int64 + id: GoogleCloudRecommendationengineV1beta1RejoinUserEventsResponse + description: Response message for RejoinUserEvents method. + GoogleCloudRecommendationengineV1beta1FeatureMap: + properties: + numericalFeatures: description: >- - Required. Total revenue or grand total associated with the - transaction. This value include shipping, tax, or other adjustments - to total revenue that you want to include as part of your revenue - calculations. This field is not required if the event type is - `refund`. - type: number - format: float - taxes: - description: Optional. All the taxes associated with the transaction. - type: object + Numerical features. Some examples would be the height/weight of a + product, or age of a customer. Feature names must be UTF-8 encoded + strings. For example: `{ "lengths_cm": {"value":[2.3, 15.4]}, + "heights_cm": {"value":[8.1, 6.4]} }` additionalProperties: - type: number - format: float - costs: - description: >- - Optional. All the costs associated with the product. These can be - manufacturing costs, shipping expenses not borne by the end user, or - any other costs. Total product cost such that profit = revenue - - (sum(taxes) + sum(costs)) If product_cost is not set, then profit = - revenue - tax - shipping - sum(CatalogItem.costs). If - CatalogItem.cost is not specified for one of the items, - CatalogItem.cost based profit *cannot* be calculated for this - Transaction. + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1FeatureMapFloatList type: object + categoricalFeatures: additionalProperties: - type: number - format: float - currencyCode: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1FeatureMapStringList description: >- - Required. Currency code. Use three-character ISO-4217 code. This - field is not required if the event type is `refund`. - type: string - GoogleCloudRecommendationengineV1beta1BigQuerySource: - id: GoogleCloudRecommendationengineV1beta1BigQuerySource - description: BigQuery source import data from. + Categorical features that can take on one of a limited number of + possible values. Some examples would be the brand/maker of a + product, or country of a customer. Feature names and values must be + UTF-8 encoded strings. For example: `{ "colors": {"value": + ["yellow", "green"]}, "sizes": {"value":["S", "M"]}` + type: object + type: object + description: >- + FeatureMap represents extra features that customers want to include in + the recommendation model for catalogs/user events as + categorical/numerical features. + id: GoogleCloudRecommendationengineV1beta1FeatureMap + GoogleCloudRecommendationengineV1beta1UserInfo: + id: GoogleCloudRecommendationengineV1beta1UserInfo type: object properties: - projectId: - description: >- - Optional. The project id (can be project # or id) that the BigQuery - source is in. If not specified, inherits the project id from the - parent request. - type: string - datasetId: - description: Required. The BigQuery data set to copy the data from. + visitorId: type: string - tableId: - description: Required. The BigQuery table to copy the data from. + description: >- + Required. A unique identifier for tracking visitors with a length + limit of 128 bytes. For example, this could be implemented with an + HTTP cookie, which should be able to uniquely identify a visitor on + a single device. This unique identifier should not change if the + visitor logs in or out of the website. Maximum length 128 bytes. + Cannot be empty. Don't set the field to the same fixed ID for + different users. This mixes the event history of those users + together, which results in degraded model quality. + directUserRequest: + description: >- + Optional. Indicates if the request is made directly from the end + user in which case the user_agent and ip_address fields can be + populated from the HTTP request. This should *not* be set when using + the javascript pixel. This flag should be set only if the API + request is made directly from the end user such as a mobile app (and + not if a gateway or a server is processing and pushing the user + events). + type: boolean + userAgent: + description: >- + Optional. User agent as included in the HTTP header. UTF-8 encoded + string with a length limit of 1 KiB. This should *not* be set when + using the JavaScript pixel or if `directUserRequest` is set. type: string - gcsStagingDir: + userId: description: >- - Optional. Intermediate Cloud Storage directory used for the import. - Can be specified if one wants to have the BigQuery export to a - specific Cloud Storage directory. + Optional. Unique identifier for logged-in user with a length limit + of 128 bytes. Required only for logged-in users. Don't set for + anonymous users. Don't set the field to the same fixed ID for + different users. This mixes the event history of those users + together, which results in degraded model quality. type: string - dataSchema: + ipAddress: description: >- - Optional. The schema to use when parsing the data from the source. - Supported values for catalog imports: 1: - "catalog_recommendations_ai" using - https://cloud.google.com/recommendations-ai/docs/upload-catalog#json - (Default for catalogItems.import) 2: "catalog_merchant_center" using - https://cloud.google.com/recommendations-ai/docs/upload-catalog#mc - Supported values for user event imports: 1: - "user_events_recommendations_ai" using - https://cloud.google.com/recommendations-ai/docs/manage-user-events#import - (Default for userEvents.import) 2. "user_events_ga360" using - https://support.google.com/analytics/answer/3437719?hl=en + Optional. IP address of the user. This could be either IPv4 (e.g. + 104.133.9.80) or IPv6 (e.g. + 2001:0db8:85a3:0000:0000:8a2e:0370:7334). This should *not* be set + when using the javascript pixel or if `direct_user_request` is set. + Used to extract location information for personalization. type: string - GoogleCloudRecommendationengineV1beta1ImportErrorsConfig: - id: GoogleCloudRecommendationengineV1beta1ImportErrorsConfig - description: Configuration of destination for Import related errors. - type: object + description: Information of end users. + GoogleCloudRecommendationengineV1beta1PredictRequest: properties: - gcsPrefix: + params: + type: object description: >- - Google Cloud Storage path for import errors. This must be an empty, - existing Cloud Storage bucket. Import errors will be written to a - file in this bucket, one per line, as a JSON-encoded - `google.rpc.Status` message. - type: string - GoogleCloudRecommendationengineV1beta1CreatePredictionApiKeyRegistrationRequest: - id: >- - GoogleCloudRecommendationengineV1beta1CreatePredictionApiKeyRegistrationRequest - description: Request message for the `CreatePredictionApiKeyRegistration` method. - type: object - properties: - predictionApiKeyRegistration: - description: Required. The prediction API key registration. - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1PredictionApiKeyRegistration - GoogleCloudRecommendationengineV1beta1PredictionApiKeyRegistration: - id: GoogleCloudRecommendationengineV1beta1PredictionApiKeyRegistration - description: Registered Api Key. - type: object - properties: - apiKey: - description: The API key. + Optional. Additional domain specific parameters for the predictions. + Allowed values: * `returnCatalogItem`: Boolean. If set to true, the + associated catalogItem object will be returned in the + `PredictResponse.PredictionResult.itemMetadata` object in the method + response. * `returnItemScore`: Boolean. If set to true, the + prediction 'score' corresponding to each returned item will be set + in the `metadata` field in the prediction response. The given + 'score' indicates the probability of an item being clicked/purchased + given the user's context and history. * `strictFiltering`: Boolean. + True by default. If set to false, the service will return generic + (unfiltered) popular items instead of empty if your filter blocks + all prediction results. * `priceRerankLevel`: String. Default empty. + If set to be non-empty, then it needs to be one of + {'no-price-reranking', 'low-price-reranking', + 'medium-price-reranking', 'high-price-reranking'}. This gives + request level control and adjust prediction results based on product + price. * `diversityLevel`: String. Default empty. If set to be + non-empty, then it needs to be one of {'no-diversity', + 'low-diversity', 'medium-diversity', 'high-diversity', + 'auto-diversity'}. This gives request level control and adjust + prediction results based on product category. + additionalProperties: + type: any + pageToken: type: string - GoogleCloudRecommendationengineV1beta1ListPredictionApiKeyRegistrationsResponse: - id: >- - GoogleCloudRecommendationengineV1beta1ListPredictionApiKeyRegistrationsResponse - description: Response message for the `ListPredictionApiKeyRegistrations`. - type: object - properties: - predictionApiKeyRegistrations: - description: The list of registered API keys. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1PredictionApiKeyRegistration - nextPageToken: + description: Optional. The previous PredictResponse.next_page_token. + labels: description: >- - If empty, the list is complete. If nonempty, pass the token to the - next request's - `ListPredictionApiKeysRegistrationsRequest.pageToken`. + Optional. The labels for the predict request. * Label keys can + contain lowercase letters, digits and hyphens, must start with a + letter, and must end with a letter or digit. * Non-zero label values + can contain lowercase letters, digits and hyphens, must start with a + letter, and must end with a letter or digit. * No more than 64 + labels can be associated with a given request. See + https://goo.gl/xmQnxf for more information on and examples of + labels. + additionalProperties: + type: string + type: object + dryRun: + type: boolean + description: >- + Optional. Use dryRun mode for this prediction query. If set to true, + a fake model will be used that returns arbitrary catalog items. Note + that the dryRun mode should only be used for testing the API, or if + the model is not ready. + filter: type: string - GoogleCloudRecommendationengineV1beta1PredictRequest: + description: >- + Optional. Filter for restricting prediction results. Accepts values + for tags and the `filterOutOfStockItems` flag. * Tag expressions. + Restricts predictions to items that match all of the specified tags. + Boolean operators `OR` and `NOT` are supported if the expression is + enclosed in parentheses, and must be separated from the tag values + by a space. `-"tagA"` is also supported and is equivalent to `NOT + "tagA"`. Tag values must be double quoted UTF-8 encoded strings with + a size limit of 1 KiB. * filterOutOfStockItems. Restricts + predictions to items that do not have a stockState value of + OUT_OF_STOCK. Examples: * tag=("Red" OR "Blue") tag="New-Arrival" + tag=(NOT "promotional") * filterOutOfStockItems tag=(-"promotional") + * filterOutOfStockItems If your filter blocks all prediction + results, nothing will be returned. If you want generic (unfiltered) + popular items to be returned instead, set `strictFiltering` to false + in `PredictRequest.params`. + pageSize: + type: integer + format: int32 + description: >- + Optional. Maximum number of results to return per page. Set this + property to the number of prediction results required. If zero, the + service will choose a reasonable default. + userEvent: + description: >- + Required. Context about the user, what they are looking at and what + action they took to trigger the predict request. Note that this user + event detail won't be ingested to userEvent logs. Thus, a separate + userEvent write request is required for event logging. Don't set + UserInfo.visitor_id or UserInfo.user_id to the same fixed ID for + different users. If you are trying to receive non-personalized + recommendations (not recommended; this can negatively impact model + performance), instead set UserInfo.visitor_id to a random unique ID + and leave UserInfo.user_id unset. + $ref: '#/components/schemas/GoogleCloudRecommendationengineV1beta1UserEvent' + type: object id: GoogleCloudRecommendationengineV1beta1PredictRequest description: >- Request message for Predict method. Full resource name of the format: @@ -1051,456 +965,572 @@ components: nothing if neither of them has viewed any items yet. For example - Recently viewed. The full list of available placements can be seen at https://console.cloud.google.com/recommendation/catalogs/default_catalog/placements + GoogleCloudRecommendationengineV1beta1FeatureMapStringList: + type: object + description: A list of string features. + properties: + value: + description: String feature value with a length limit of 128 bytes. + items: + type: string + type: array + id: GoogleCloudRecommendationengineV1beta1FeatureMapStringList + GoogleCloudRecommendationengineV1beta1EventDetail: + id: GoogleCloudRecommendationengineV1beta1EventDetail + type: object + properties: + experimentIds: + description: >- + Optional. A list of identifiers for the independent experiment + groups this user event belongs to. This is used to distinguish + between user events associated with different experiment setups + (e.g. using Recommendation Engine system, using different + recommendation models). + items: + type: string + type: array + recommendationToken: + description: >- + Optional. Recommendation token included in the recommendation + prediction response. This field enables accurate attribution of + recommendation model performance. This token enables us to + accurately attribute page view or purchase back to the event and the + particular predict response containing this clicked/purchased item. + If user clicks on product K in the recommendation results, pass the + `PredictResponse.recommendationToken` property as a url parameter to + product K's page. When recording events on product K's page, log the + PredictResponse.recommendation_token to this field. Optional, but + highly encouraged for user events that are the result of a + recommendation prediction query. + type: string + pageViewId: + description: >- + Optional. A unique id of a web page view. This should be kept the + same for all user events triggered from the same pageview. For + example, an item detail page view could trigger multiple events as + the user is browsing the page. The `pageViewId` property should be + kept the same for all these events so that they can be grouped + together properly. This `pageViewId` will be automatically generated + if using the JavaScript pixel. + type: string + referrerUri: + description: >- + Optional. The referrer url of the current page. When using the + JavaScript pixel, this value is filled in automatically. + type: string + eventAttributes: + description: >- + Optional. Extra user event features to include in the recommendation + model. For product recommendation, an example of extra user + information is traffic_channel, i.e. how user arrives at the site. + Users can arrive at the site by coming to the site directly, or + coming through Google search, and etc. + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1FeatureMap + uri: + description: >- + Optional. Complete url (window.location.href) of the user's current + page. When using the JavaScript pixel, this value is filled in + automatically. Maximum length 5KB. + type: string + description: User event details shared by all recommendation types. + GoogleCloudRecommendationengineV1beta1ListUserEventsResponse: + type: object + properties: + userEvents: + items: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1UserEvent + type: array + description: The user events. + nextPageToken: + description: >- + If empty, the list is complete. If nonempty, the token to pass to + the next request's ListUserEvents.page_token. + type: string + description: Response message for ListUserEvents method. + id: GoogleCloudRecommendationengineV1beta1ListUserEventsResponse + GoogleCloudRecommendationengineV1beta1InputConfig: + type: object + properties: + gcsSource: + description: Google Cloud Storage location for the input content. + $ref: '#/components/schemas/GoogleCloudRecommendationengineV1beta1GcsSource' + bigQuerySource: + description: BigQuery input source. + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1BigQuerySource + catalogInlineSource: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogInlineSource + description: The Inline source for the input content for Catalog items. + userEventInlineSource: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1UserEventInlineSource + description: The Inline source for the input content for UserEvents. + id: GoogleCloudRecommendationengineV1beta1InputConfig + description: The input config source. + GoogleCloudRecommendationengineV1beta1ImportCatalogItemsResponse: + description: >- + Response of the ImportCatalogItemsRequest. If the long running operation + is done, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. type: object properties: - userEvent: - description: >- - Required. Context about the user, what they are looking at and what - action they took to trigger the predict request. Note that this user - event detail won't be ingested to userEvent logs. Thus, a separate - userEvent write request is required for event logging. Don't set - UserInfo.visitor_id or UserInfo.user_id to the same fixed ID for - different users. If you are trying to receive non-personalized - recommendations (not recommended; this can negatively impact model - performance), instead set UserInfo.visitor_id to a random unique ID - and leave UserInfo.user_id unset. - $ref: '#/components/schemas/GoogleCloudRecommendationengineV1beta1UserEvent' - pageSize: + errorSamples: + type: array + description: A sample of errors encountered while processing the request. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + errorsConfig: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1ImportErrorsConfig description: >- - Optional. Maximum number of results to return per page. Set this - property to the number of prediction results required. If zero, the - service will choose a reasonable default. - type: integer - format: int32 - pageToken: - description: Optional. The previous PredictResponse.next_page_token. - type: string - filter: + Echoes the destination for the complete errors in the request if + set. + id: GoogleCloudRecommendationengineV1beta1ImportCatalogItemsResponse + GoogleCloudRecommendationengineV1alphaTuningMetadata: + type: object + properties: + recommendationModel: description: >- - Optional. Filter for restricting prediction results. Accepts values - for tags and the `filterOutOfStockItems` flag. * Tag expressions. - Restricts predictions to items that match all of the specified tags. - Boolean operators `OR` and `NOT` are supported if the expression is - enclosed in parentheses, and must be separated from the tag values - by a space. `-"tagA"` is also supported and is equivalent to `NOT - "tagA"`. Tag values must be double quoted UTF-8 encoded strings with - a size limit of 1 KiB. * filterOutOfStockItems. Restricts - predictions to items that do not have a stockState value of - OUT_OF_STOCK. Examples: * tag=("Red" OR "Blue") tag="New-Arrival" - tag=(NOT "promotional") * filterOutOfStockItems tag=(-"promotional") - * filterOutOfStockItems If your filter blocks all prediction - results, nothing will be returned. If you want generic (unfiltered) - popular items to be returned instead, set `strictFiltering` to false - in `PredictRequest.params`. + The resource name of the recommendation model that this tune applies + to. Format: + projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/eventStores/{event_store_id}/recommendationModels/{recommendation_model_id} type: string - dryRun: + id: GoogleCloudRecommendationengineV1alphaTuningMetadata + description: Metadata associated with a tune operation. + GoogleCloudRecommendationengineV1beta1PurchaseTransaction: + description: A transaction represents the entire purchase transaction. + type: object + id: GoogleCloudRecommendationengineV1beta1PurchaseTransaction + properties: + revenue: + format: float + type: number description: >- - Optional. Use dryRun mode for this prediction query. If set to true, - a fake model will be used that returns arbitrary catalog items. Note - that the dryRun mode should only be used for testing the API, or if - the model is not ready. - type: boolean - params: + Required. Total revenue or grand total associated with the + transaction. This value include shipping, tax, or other adjustments + to total revenue that you want to include as part of your revenue + calculations. This field is not required if the event type is + `refund`. + costs: description: >- - Optional. Additional domain specific parameters for the predictions. - Allowed values: * `returnCatalogItem`: Boolean. If set to true, the - associated catalogItem object will be returned in the - `PredictResponse.PredictionResult.itemMetadata` object in the method - response. * `returnItemScore`: Boolean. If set to true, the - prediction 'score' corresponding to each returned item will be set - in the `metadata` field in the prediction response. The given - 'score' indicates the probability of an item being clicked/purchased - given the user's context and history. * `strictFiltering`: Boolean. - True by default. If set to false, the service will return generic - (unfiltered) popular items instead of empty if your filter blocks - all prediction results. * `priceRerankLevel`: String. Default empty. - If set to be non-empty, then it needs to be one of - {'no-price-reranking', 'low-price-reranking', - 'medium-price-reranking', 'high-price-reranking'}. This gives - request level control and adjust prediction results based on product - price. * `diversityLevel`: String. Default empty. If set to be - non-empty, then it needs to be one of {'no-diversity', - 'low-diversity', 'medium-diversity', 'high-diversity', - 'auto-diversity'}. This gives request level control and adjust - prediction results based on product category. - type: object + Optional. All the costs associated with the product. These can be + manufacturing costs, shipping expenses not borne by the end user, or + any other costs. Total product cost such that profit = revenue - + (sum(taxes) + sum(costs)) If product_cost is not set, then profit = + revenue - tax - shipping - sum(CatalogItem.costs). If + CatalogItem.cost is not specified for one of the items, + CatalogItem.cost based profit *cannot* be calculated for this + Transaction. additionalProperties: - type: any - labels: - description: >- - Optional. The labels for the predict request. * Label keys can - contain lowercase letters, digits and hyphens, must start with a - letter, and must end with a letter or digit. * Non-zero label values - can contain lowercase letters, digits and hyphens, must start with a - letter, and must end with a letter or digit. * No more than 64 - labels can be associated with a given request. See - https://goo.gl/xmQnxf for more information on and examples of - labels. + type: number + format: float type: object + id: + description: Optional. The transaction ID with a length limit of 128 bytes. + type: string + taxes: additionalProperties: - type: string - GoogleCloudRecommendationengineV1beta1PredictResponse: - id: GoogleCloudRecommendationengineV1beta1PredictResponse - description: Response message for predict method. - type: object + format: float + type: number + description: Optional. All the taxes associated with the transaction. + type: object + currencyCode: + description: >- + Required. Currency code. Use three-character ISO-4217 code. This + field is not required if the event type is `refund`. + type: string + GoogleLongrunningOperation: properties: - results: + error: description: >- - A list of recommended items. The order represents the ranking (from - the most relevant item to the least). - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1PredictResponsePredictionResult - recommendationToken: + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/GoogleRpcStatus' + done: description: >- - A unique recommendation token. This should be included in the user - event logs resulting from this recommendation, which enables - accurate attribution of recommendation model performance. - type: string - itemsMissingInCatalog: - description: IDs of items in the request that were missing from the catalog. - type: array - items: - type: string - dryRun: - description: True if the dryRun property was set in the request. + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. type: boolean metadata: - description: Additional domain specific prediction response metadata. - type: object additionalProperties: + description: Properties of the object. Contains field @type with type URL. type: any - nextPageToken: description: >- - If empty, the list is complete. If nonempty, the token to pass to - the next request's PredictRequest.page_token. - type: string - GoogleCloudRecommendationengineV1beta1PredictResponsePredictionResult: - id: GoogleCloudRecommendationengineV1beta1PredictResponsePredictionResult - description: PredictionResult represents the recommendation prediction results. - type: object - properties: - id: - description: ID of the recommended catalog item + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + name: type: string - itemMetadata: description: >- - Additional item metadata / annotations. Possible values: * - `catalogItem`: JSON representation of the catalogItem. Will be set - if `returnCatalogItem` is set to true in `PredictRequest.params`. * - `score`: Prediction score in double value. Will be set if - `returnItemScore` is set to true in `PredictRequest.params`. + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + response: type: object additionalProperties: + description: Properties of the object. Contains field @type with type URL. type: any - GoogleApiHttpBody: - id: GoogleApiHttpBody + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + id: GoogleLongrunningOperation description: >- - Message that represents an arbitrary HTTP body. It should only be used - for payload formats that can't be represented as JSON, such as raw - binary or an HTML page. This message can be used both in streaming and - non-streaming API methods in the request as well as the response. It can - be used as a top-level request field, which is convenient if one wants - to extract parameters from either the URL or HTTP template into the - request fields and also want access to the raw HTTP body. Example: - message GetResourceRequest { // A unique request id. string request_id = - 1; // The raw HTTP body is bound to this field. google.api.HttpBody - http_body = 2; } service ResourceService { rpc - GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc - UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } - Example with streaming methods: service CaldavService { rpc - GetCalendar(stream google.api.HttpBody) returns (stream - google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) - returns (stream google.api.HttpBody); } Use of this type only changes - how the request and response bodies are handled, all other features will - continue to work unchanged. + This resource represents a long-running operation that is the result of + a network API call. + GoogleCloudRecommendationengineV1beta1ImportErrorsConfig: + description: Configuration of destination for Import related errors. + id: GoogleCloudRecommendationengineV1beta1ImportErrorsConfig + properties: + gcsPrefix: + description: >- + Google Cloud Storage path for import errors. This must be an empty, + existing Cloud Storage bucket. Import errors will be written to a + file in this bucket, one per line, as a JSON-encoded + `google.rpc.Status` message. + type: string type: object + GoogleCloudRecommendationengineV1beta1Catalog: + description: 'The catalog configuration. Next ID: 5.' properties: - contentType: - description: >- - The HTTP Content-Type header value specifying the content type of - the body. + name: + description: The fully qualified resource name of the catalog. type: string - data: - description: The HTTP request/response body as raw binary. + displayName: type: string - format: byte - extensions: - description: >- - Application specific response metadata. Must be set in the first - response for streaming APIs. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleCloudRecommendationengineV1beta1ListUserEventsResponse: - id: GoogleCloudRecommendationengineV1beta1ListUserEventsResponse - description: Response message for ListUserEvents method. + description: Required. The catalog display name. + catalogItemLevelConfig: + description: Required. The catalog item level configuration. + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItemLevelConfig + defaultEventStoreId: + type: string + description: Required. The ID of the default event store. + type: object + id: GoogleCloudRecommendationengineV1beta1Catalog + GoogleCloudRecommendationengineV1beta1PurgeUserEventsMetadata: type: object + id: GoogleCloudRecommendationengineV1beta1PurgeUserEventsMetadata properties: - userEvents: - description: The user events. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1UserEvent - nextPageToken: - description: >- - If empty, the list is complete. If nonempty, the token to pass to - the next request's ListUserEvents.page_token. + operationName: type: string - GoogleCloudRecommendationengineV1beta1PurgeUserEventsRequest: - id: GoogleCloudRecommendationengineV1beta1PurgeUserEventsRequest - description: Request message for PurgeUserEvents method. + description: The ID of the request / operation. + createTime: + description: Operation create time. + format: google-datetime + type: string + description: >- + Metadata related to the progress of the PurgeUserEvents operation. This + will be returned by the google.longrunning.Operation.metadata field. + GoogleCloudRecommendationengineV1beta1UserEvent: type: object properties: - filter: - description: >- - Required. The filter string to specify the events to be deleted. - Empty string filter is not allowed. The eligible fields for - filtering are: * `eventType`: UserEvent.eventType field of type - string. * `eventTime`: in ISO 8601 "zulu" format. * `visitorId`: - field of type string. Specifying this will delete all events - associated with a visitor. * `userId`: field of type string. - Specifying this will delete all events associated with a user. - Examples: * Deleting all events in a time range: `eventTime > - "2012-04-23T18:25:43.511Z" eventTime < "2012-04-23T18:30:43.511Z"` * - Deleting specific eventType in time range: `eventTime > - "2012-04-23T18:25:43.511Z" eventType = "detail-page-view"` * - Deleting all events for a specific visitor: `visitorId = - "visitor1024"` The filtering fields are assumed to have an implicit - AND. + userInfo: + description: Required. User information. + $ref: '#/components/schemas/GoogleCloudRecommendationengineV1beta1UserInfo' + eventType: type: string - force: description: >- - Optional. The default value is false. Override this flag to true to - actually perform the purge. If the field is not set to true, a - sampling of events to be deleted will be returned. - type: boolean - GoogleCloudRecommendationengineV1beta1ImportUserEventsRequest: - id: GoogleCloudRecommendationengineV1beta1ImportUserEventsRequest - description: Request message for the ImportUserEvents request. - type: object - properties: - requestId: + Required. User event type. Allowed values are: * `add-to-cart` + Products being added to cart. * `add-to-list` Items being added to a + list (shopping list, favorites etc). * `category-page-view` Special + pages such as sale or promotion pages viewed. * `checkout-start` + User starting a checkout process. * `detail-page-view` Products + detail page viewed. * `home-page-view` Homepage viewed. * + `page-visit` Generic page visits not included in the event types + above. * `purchase-complete` User finishing a purchase. * `refund` + Purchased items being refunded or returned. * `remove-from-cart` + Products being removed from cart. * `remove-from-list` Items being + removed from a list. * `search` Product search. * + `shopping-cart-page-view` User viewing a shopping cart. * + `impression` List of items displayed. Used by Google Tag Manager. + eventDetail: description: >- - Optional. Unique identifier provided by client, within the ancestor - dataset scope. Ensures idempotency for expensive long running - operations. Server-generated if unspecified. Up to 128 characters - long. This is returned as google.longrunning.Operation.name in the - response. Note that this field must not be set if the desired input - config is catalog_inline_source. - type: string - inputConfig: - description: Required. The desired input location of the data. - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1InputConfig - errorsConfig: - description: Optional. The desired location of errors incurred during the Import. + Optional. User event detailed information common across different + recommendation types. $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1ImportErrorsConfig - GoogleCloudRecommendationengineV1beta1RejoinUserEventsRequest: - id: GoogleCloudRecommendationengineV1beta1RejoinUserEventsRequest - description: Request message for CatalogRejoin method. - type: object - properties: - userEventRejoinScope: + #/components/schemas/GoogleCloudRecommendationengineV1beta1EventDetail + eventTime: description: >- - Required. The type of the catalog rejoin to define the scope and - range of the user events to be rejoined with catalog items. + Optional. Only required for ImportUserEvents method. Timestamp of + user event created. + format: google-datetime + type: string + productEventDetail: + description: >- + Optional. Retail product specific user event metadata. This field is + required for the following event types: * `add-to-cart` * + `add-to-list` * `category-page-view` * `checkout-start` * + `detail-page-view` * `purchase-complete` * `refund` * + `remove-from-cart` * `remove-from-list` * `search` This field is + optional for the following event types: * `page-visit` * + `shopping-cart-page-view` - note that 'product_event_detail' should + be set for this unless the shopping cart is empty. This field is not + allowed for the following event types: * `home-page-view` + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1ProductEventDetail + eventSource: type: string + description: >- + Optional. This field should *not* be set when using JavaScript pixel + or the Recommendations AI Tag. Defaults to + `EVENT_SOURCE_UNSPECIFIED`. enumDescriptions: + - Unspecified event source. - >- - Rejoin catalogs with all events including both joined events and - unjoined events. - - Only rejoin catalogs with joined events. - - Only rejoin catalogs with unjoined events. + The event is ingested via a javascript pixel or Recommendations AI + Tag through automl datalayer or JS Macros. + - >- + The event is ingested via Recommendations AI Tag through Enhanced + Ecommerce datalayer. + - The event is ingested via Import user events API. enum: - - USER_EVENT_REJOIN_SCOPE_UNSPECIFIED - - JOINED_EVENTS - - UNJOINED_EVENTS - GoogleCloudRecommendationengineV1alphaRejoinCatalogMetadata: - id: GoogleCloudRecommendationengineV1alphaRejoinCatalogMetadata - description: Metadata for TriggerCatalogRejoin method. - type: object - properties: {} - GoogleCloudRecommendationengineV1alphaRejoinCatalogResponse: - id: GoogleCloudRecommendationengineV1alphaRejoinCatalogResponse - description: Response message for TriggerCatalogRejoin method. - type: object + - EVENT_SOURCE_UNSPECIFIED + - AUTOML + - ECOMMERCE + - BATCH_UPLOAD + id: GoogleCloudRecommendationengineV1beta1UserEvent + description: >- + UserEvent captures all metadata information recommendation engine needs + to know about how end users interact with customers' website. + GoogleCloudRecommendationengineV1beta1ProductCatalogItem: properties: - rejoinedUserEventsCount: - description: Number of user events that were joined with latest catalog items. + availableQuantity: + description: Optional. The available quantity of the item. type: string format: int64 - GoogleCloudRecommendationengineV1alphaTuningMetadata: - id: GoogleCloudRecommendationengineV1alphaTuningMetadata - description: Metadata associated with a tune operation. - type: object - properties: - recommendationModel: + priceRange: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1ProductCatalogItemPriceRange + description: Optional. The product price range. + currencyCode: description: >- - The resource name of the recommendation model that this tune applies - to. Format: - projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/eventStores/{event_store_id}/recommendationModels/{recommendation_model_id} + Optional. Only required if the price is set. Currency code for + price/costs. Use three-character ISO-4217 code. type: string - GoogleCloudRecommendationengineV1alphaTuningResponse: - id: GoogleCloudRecommendationengineV1alphaTuningResponse - description: Response associated with a tune operation. - type: object - properties: {} - GoogleCloudRecommendationengineV1beta1ImportCatalogItemsResponse: - id: GoogleCloudRecommendationengineV1beta1ImportCatalogItemsResponse - description: >- - Response of the ImportCatalogItemsRequest. If the long running operation - is done, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. + stockState: + enumDescriptions: + - Default item stock status. Should never be used. + - Item in stock. + - Item out of stock. + - Item that is in pre-order state. + - Item that is back-ordered (i.e. temporarily out of stock). + type: string + enum: + - STOCK_STATE_UNSPECIFIED + - IN_STOCK + - OUT_OF_STOCK + - PREORDER + - BACKORDER + description: >- + Optional. Online stock state of the catalog item. Default is + `IN_STOCK`. + images: + type: array + items: + $ref: '#/components/schemas/GoogleCloudRecommendationengineV1beta1Image' + description: Optional. Product images for the catalog item. + exactPrice: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1ProductCatalogItemExactPrice + description: Optional. The exact product price. + canonicalProductUri: + description: >- + Optional. Canonical URL directly linking to the item detail page + with a length limit of 5 KiB.. + type: string + costs: + description: >- + Optional. A map to pass the costs associated with the product. For + example: {"manufacturing": 45.5} The profit of selling this item is + computed like so: * If 'exactPrice' is provided, profit = + displayPrice - sum(costs) * If 'priceRange' is provided, profit = + minPrice - sum(costs) + additionalProperties: + type: number + format: float + type: object type: object + id: GoogleCloudRecommendationengineV1beta1ProductCatalogItem + description: ProductCatalogItem captures item metadata specific to retail products. + GoogleCloudRecommendationengineV1beta1CatalogItemCategoryHierarchy: + description: Category represents catalog item category hierarchy. + id: GoogleCloudRecommendationengineV1beta1CatalogItemCategoryHierarchy properties: - errorSamples: - description: A sample of errors encountered while processing the request. + categories: type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorsConfig: description: >- - Echoes the destination for the complete errors in the request if - set. - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1ImportErrorsConfig - GoogleCloudRecommendationengineV1beta1ImportMetadata: - id: GoogleCloudRecommendationengineV1beta1ImportMetadata - description: >- - Metadata related to the progress of the Import operation. This will be - returned by the google.longrunning.Operation.metadata field. + Required. Catalog item categories. Each category should be a UTF-8 + encoded string with a length limit of 2 KiB. Note that the order in + the list denotes the specificity (from least to most specific). + items: + type: string + type: object + GoogleCloudRecommendationengineV1beta1Image: type: object properties: - operationName: - description: Name of the operation. + uri: + description: Required. URL of the image with a length limit of 5 KiB. type: string - requestId: + height: + type: integer + description: Optional. Height of the image in number of pixels. + format: int32 + width: + description: Optional. Width of the image in number of pixels. + type: integer + format: int32 + id: GoogleCloudRecommendationengineV1beta1Image + description: Catalog item thumbnail/detail image. + GoogleCloudRecommendationengineV1beta1ProductEventDetail: + properties: + purchaseTransaction: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1PurchaseTransaction description: >- - Id of the request / operation. This is parroting back the requestId - that was passed in the request. - type: string - createTime: - description: Operation create time. - type: string - format: google-datetime - successCount: - description: Count of entries that were processed successfully. - type: string - format: int64 - failureCount: - description: Count of entries that encountered errors while processing. - type: string - format: int64 - updateTime: + Optional. A transaction represents the entire purchase transaction. + Required for `purchase-complete` events. Optional for + `checkout-start` events. Other event types should not set this + field. + searchQuery: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + At least one of search_query or page_categories is required for + `search` events. Other event types should not set this field. The + user's search query as UTF-8 encoded text with a length limit of 5 + KiB. type: string - format: google-datetime - GoogleCloudRecommendationengineV1beta1ImportUserEventsResponse: - id: GoogleCloudRecommendationengineV1beta1ImportUserEventsResponse - description: >- - Response of the ImportUserEventsRequest. If the long running operation - was successful, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. - type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array + productDetails: + description: >- + The main product details related to the event. This field is + required for the following event types: * `add-to-cart` * + `add-to-list` * `checkout-start` * `detail-page-view` * + `purchase-complete` * `refund` * `remove-from-cart` * + `remove-from-list` This field is optional for the following event + types: * `page-visit` * `shopping-cart-page-view` - note that + 'product_details' should be set for this unless the shopping cart is + empty. * `search` (highly encouraged) In a `search` event, this + field represents the products returned to the end user on the + current page (the end user may have not finished broswing the whole + page yet). When a new page is returned to the end user, after + pagination/filtering/ordering even for the same query, a new SEARCH + event with different product_details is desired. The end user may + have not finished broswing the whole page yet. This field is not + allowed for the following event types: * `category-page-view` * + `home-page-view` items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorsConfig: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1ProductDetail + type: array + cartId: + type: string description: >- - Echoes the destination for the complete errors if this field was set - in the request. - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1ImportErrorsConfig - importSummary: - description: Aggregated statistics of user event import status. - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1UserEventImportSummary - GoogleCloudRecommendationengineV1beta1UserEventImportSummary: - id: GoogleCloudRecommendationengineV1beta1UserEventImportSummary - description: >- - A summary of import result. The UserEventImportSummary summarizes the - import status for user events. - type: object - properties: - joinedEventsCount: + Optional. The id or name of the associated shopping cart. This id is + used to associate multiple items added or present in the cart before + purchase. This can only be set for `add-to-cart`, + `remove-from-cart`, `checkout-start`, `purchase-complete`, or + `shopping-cart-page-view` events. + pageCategories: + type: array description: >- - Count of user events imported with complete existing catalog - information. + Required for `category-page-view` events. At least one of + search_query or page_categories is required for `search` events. + Other event types should not set this field. The categories + associated with a category page. Category pages include special + pages such as sales or promotions. For instance, a special sale page + may have the category hierarchy: categories : ["Sales", "2017 Black + Friday Deals"]. + items: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItemCategoryHierarchy + listId: type: string - format: int64 - unjoinedEventsCount: description: >- - Count of user events imported, but with catalog information not - found in the imported catalog. - type: string - format: int64 - GoogleCloudRecommendationengineV1beta1PurgeUserEventsMetadata: - id: GoogleCloudRecommendationengineV1beta1PurgeUserEventsMetadata - description: >- - Metadata related to the progress of the PurgeUserEvents operation. This - will be returned by the google.longrunning.Operation.metadata field. + Required for `add-to-list` and `remove-from-list` events. The id or + name of the list that the item is being added to or removed from. + Other event types should not set this field. type: object - properties: - operationName: - description: The ID of the request / operation. - type: string - createTime: - description: Operation create time. - type: string - format: google-datetime - GoogleCloudRecommendationengineV1beta1PurgeUserEventsResponse: - id: GoogleCloudRecommendationengineV1beta1PurgeUserEventsResponse + id: GoogleCloudRecommendationengineV1beta1ProductEventDetail description: >- - Response of the PurgeUserEventsRequest. If the long running operation is - successfully done, then this message is returned by the - google.longrunning.Operations.response field. - type: object + ProductEventDetail captures user event information specific to retail + products. + GoogleCloudRecommendationengineV1beta1PredictResponse: properties: - purgedEventsCount: - description: The total count of events purged as a result of the operation. + recommendationToken: + description: >- + A unique recommendation token. This should be included in the user + event logs resulting from this recommendation, which enables + accurate attribution of recommendation model performance. + type: string + dryRun: + description: True if the dryRun property was set in the request. + type: boolean + nextPageToken: type: string - format: int64 - userEventsSample: description: >- - A sampling of events deleted (or will be deleted) depending on the - `force` property in the request. Max of 500 items will be returned. + If empty, the list is complete. If nonempty, the token to pass to + the next request's PredictRequest.page_token. + itemsMissingInCatalog: + type: array + description: IDs of items in the request that were missing from the catalog. + items: + type: string + results: type: array + description: >- + A list of recommended items. The order represents the ranking (from + the most relevant item to the least). items: $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1UserEvent - GoogleCloudRecommendationengineV1beta1RejoinUserEventsResponse: - id: GoogleCloudRecommendationengineV1beta1RejoinUserEventsResponse - description: Response message for RejoinUserEvents method. - type: object - properties: - rejoinedUserEventsCount: - description: Number of user events that were joined with latest catalog items. - type: string - format: int64 - GoogleCloudRecommendationengineV1beta1RejoinUserEventsMetadata: - id: GoogleCloudRecommendationengineV1beta1RejoinUserEventsMetadata - description: Metadata for RejoinUserEvents method. + #/components/schemas/GoogleCloudRecommendationengineV1beta1PredictResponsePredictionResult + metadata: + type: object + additionalProperties: + type: any + description: Additional domain specific prediction response metadata. + id: GoogleCloudRecommendationengineV1beta1PredictResponse type: object - properties: {} + description: Response message for predict method. parameters: - access_token: - description: OAuth access token. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: access_token + name: quotaUser schema: type: string alt: @@ -1519,25 +1549,10 @@ components: name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string - oauth_token: - description: OAuth 2.0 token for the current user. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: oauth_token + name: uploadType schema: type: string prettyPrint: @@ -1546,116 +1561,95 @@ components: name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: quotaUser + name: fields schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + access_token: + description: OAuth access token. in: query - name: upload_protocol + name: access_token schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: uploadType + name: upload_protocol schema: type: string - _.xgafv: - description: V1 error format. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: $.xgafv + name: oauth_token schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: - catalogs: - id: google.recommendationengine.catalogs - name: catalogs - title: Catalogs + catalog_items: + id: google.recommendationengine.catalog_items + name: catalog_items + title: Catalog_items methods: - projects_locations_catalogs_list: + projects_locations_catalogs_catalog_items_import: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1catalogItems:import/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.catalogs - projects_locations_catalogs_patch: + projects_locations_catalogs_catalog_items_list: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}/patch + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1catalogItems/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/catalogs/methods/projects_locations_catalogs_list - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/catalogs/methods/projects_locations_catalogs_patch - replace: [] - delete: [] - operations: - id: google.recommendationengine.operations - name: operations - title: Operations - methods: - projects_locations_catalogs_operations_list: + objectKey: $.catalogItems + projects_locations_catalogs_catalog_items_create: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1operations/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1catalogItems/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_locations_catalogs_operations_get: + projects_locations_catalogs_catalog_items_get: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1operations~1{operationsId}/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1catalogItems~1{catalogItemsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_event_stores_operations_list: + projects_locations_catalogs_catalog_items_delete: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1eventStores~1{eventStoresId}~1operations/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1catalogItems~1{catalogItemsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_locations_catalogs_event_stores_operations_get: + projects_locations_catalogs_catalog_items_patch: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1eventStores~1{eventStoresId}~1operations~1{operationsId}/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1catalogItems~1{catalogItemsId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_catalogs_event_stores_operations_get + #/components/x-stackQL-resources/catalog_items/methods/projects_locations_catalogs_catalog_items_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_catalogs_operations_get + #/components/x-stackQL-resources/catalog_items/methods/projects_locations_catalogs_catalog_items_list + insert: - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_catalogs_event_stores_operations_list + #/components/x-stackQL-resources/catalog_items/methods/projects_locations_catalogs_catalog_items_create + update: - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_catalogs_operations_list - insert: [] - update: [] + #/components/x-stackQL-resources/catalog_items/methods/projects_locations_catalogs_catalog_items_patch replace: [] - delete: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/catalog_items/methods/projects_locations_catalogs_catalog_items_delete prediction_api_key_registrations: id: google.recommendationengine.prediction_api_key_registrations name: prediction_api_key_registrations @@ -1695,20 +1689,51 @@ components: delete: - $ref: >- #/components/x-stackQL-resources/prediction_api_key_registrations/methods/projects_locations_catalogs_event_stores_prediction_api_key_registrations_delete - placements: - id: google.recommendationengine.placements - name: placements - title: Placements + operations: + id: google.recommendationengine.operations + name: operations + title: Operations methods: - projects_locations_catalogs_event_stores_placements_predict: + projects_locations_catalogs_event_stores_operations_list: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1eventStores~1{eventStoresId}~1placements~1{placementsId}:predict/post + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1eventStores~1{eventStoresId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + projects_locations_catalogs_event_stores_operations_get: + operation: + $ref: >- + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1eventStores~1{eventStoresId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_catalogs_operations_get: + operation: + $ref: >- + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_catalogs_operations_list: + operation: + $ref: >- + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: - select: [] + select: + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_locations_catalogs_event_stores_operations_get + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_locations_catalogs_event_stores_operations_list + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_locations_catalogs_operations_get + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_locations_catalogs_operations_list insert: [] update: [] replace: [] @@ -1718,17 +1743,17 @@ components: name: user_events title: User_events methods: - projects_locations_catalogs_event_stores_user_events_write: + projects_locations_catalogs_event_stores_user_events_import: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1eventStores~1{eventStoresId}~1userEvents:write/post + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1eventStores~1{eventStoresId}~1userEvents:import/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_event_stores_user_events_collect: + projects_locations_catalogs_event_stores_user_events_write: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1eventStores~1{eventStoresId}~1userEvents:collect/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1eventStores~1{eventStoresId}~1userEvents:write/post response: mediaType: application/json openAPIDocKey: '200' @@ -1740,17 +1765,17 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.userEvents - projects_locations_catalogs_event_stores_user_events_purge: + projects_locations_catalogs_event_stores_user_events_collect: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1eventStores~1{eventStoresId}~1userEvents:purge/post + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1eventStores~1{eventStoresId}~1userEvents:collect/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_event_stores_user_events_import: + projects_locations_catalogs_event_stores_user_events_purge: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1eventStores~1{eventStoresId}~1userEvents:import/post + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1eventStores~1{eventStoresId}~1userEvents:purge/post response: mediaType: application/json openAPIDocKey: '200' @@ -1769,87 +1794,81 @@ components: update: [] replace: [] delete: [] - catalog_items: - id: google.recommendationengine.catalog_items - name: catalog_items - title: Catalog_items + placements: + id: google.recommendationengine.placements + name: placements + title: Placements methods: - projects_locations_catalogs_catalog_items_create: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1catalogItems/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_catalogs_catalog_items_list: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1catalogItems/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.catalogItems - projects_locations_catalogs_catalog_items_get: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1catalogItems~1{catalogItemsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_catalogs_catalog_items_patch: + projects_locations_catalogs_event_stores_placements_predict: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1catalogItems~1{catalogItemsId}/patch + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1eventStores~1{eventStoresId}~1placements~1{placementsId}:predict/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_catalog_items_delete: + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + catalogs: + id: google.recommendationengine.catalogs + name: catalogs + title: Catalogs + methods: + projects_locations_catalogs_list: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1catalogItems~1{catalogItemsId}/delete + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_catalog_items_import: + objectKey: $.catalogs + projects_locations_catalogs_patch: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1catalogItems:import/post + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/catalog_items/methods/projects_locations_catalogs_catalog_items_get - - $ref: >- - #/components/x-stackQL-resources/catalog_items/methods/projects_locations_catalogs_catalog_items_list - insert: - - $ref: >- - #/components/x-stackQL-resources/catalog_items/methods/projects_locations_catalogs_catalog_items_create + #/components/x-stackQL-resources/catalogs/methods/projects_locations_catalogs_list + insert: [] update: - $ref: >- - #/components/x-stackQL-resources/catalog_items/methods/projects_locations_catalogs_catalog_items_patch + #/components/x-stackQL-resources/catalogs/methods/projects_locations_catalogs_patch replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/catalog_items/methods/projects_locations_catalogs_catalog_items_delete + delete: [] paths: - /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs: + /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/catalogItems:import: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - get: - description: Lists all the catalog configurations associated with the project. - operationId: recommendationengine.projects.locations.catalogs.list + - $ref: '#/components/parameters/oauth_token' + post: + description: >- + Bulk import of multiple catalog items. Request processing may be + synchronous. No partial updating supported. Non-existing items will be + created. Operation.response is of type ImportResponse. Note that it is + possible for a subset of the items to be successfully updated. + operationId: recommendationengine.projects.locations.catalogs.catalogItems.import + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1ImportCatalogItemsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1861,8 +1880,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1ListCatalogsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -1874,26 +1892,16 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: catalogsId + required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}: + /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/catalogItems: parameters: *ref_1 - patch: - description: Updates the catalog configuration. - operationId: recommendationengine.projects.locations.catalogs.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1Catalog + get: + description: Gets a list of catalog items. + operationId: recommendationengine.projects.locations.catalogs.catalogItems.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1906,7 +1914,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1Catalog + #/components/schemas/GoogleCloudRecommendationengineV1beta1ListCatalogItemsResponse parameters: - in: path name: projectsId @@ -1924,17 +1932,27 @@ paths: schema: type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: recommendationengine.projects.locations.catalogs.operations.list + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a catalog item. + operationId: recommendationengine.projects.locations.catalogs.catalogItems.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItem security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1946,7 +1964,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItem parameters: - in: path name: projectsId @@ -1963,27 +1982,11 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/operations/{operationsId}: + /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/catalogItems/{catalogItemsId}: parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: recommendationengine.projects.locations.catalogs.operations.get + description: Gets a specific catalog item. + operationId: recommendationengine.projects.locations.catalogs.catalogItems.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1995,7 +1998,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItem parameters: - in: path name: projectsId @@ -2013,18 +2017,13 @@ paths: schema: type: string - in: path - name: operationsId + name: catalogItemsId required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/eventStores/{eventStoresId}/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: >- - recommendationengine.projects.locations.catalogs.eventStores.operations.list + delete: + description: Deletes a catalog item. + operationId: recommendationengine.projects.locations.catalogs.catalogItems.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2036,7 +2035,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -2054,32 +2053,21 @@ paths: schema: type: string - in: path - name: eventStoresId + name: catalogItemsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/eventStores/{eventStoresId}/operations/{operationsId}: - parameters: *ref_1 - get: + patch: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: >- - recommendationengine.projects.locations.catalogs.eventStores.operations.get + Updates a catalog item. Partial updating is supported. Non-existing + items will be created. + operationId: recommendationengine.projects.locations.catalogs.catalogItems.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItem security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2091,7 +2079,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItem parameters: - in: path name: projectsId @@ -2109,15 +2098,15 @@ paths: schema: type: string - in: path - name: eventStoresId + name: catalogItemsId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: updateMask schema: type: string + format: google-fieldmask /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/eventStores/{eventStoresId}/predictionApiKeyRegistrations: parameters: *ref_1 post: @@ -2202,15 +2191,15 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/eventStores/{eventStoresId}/predictionApiKeyRegistrations/{predictionApiKeyRegistrationsId}: parameters: *ref_1 delete: @@ -2255,22 +2244,14 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/eventStores/{eventStoresId}/placements/{placementsId}:predict: + /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/eventStores/{eventStoresId}/operations: parameters: *ref_1 - post: + get: description: >- - Makes a recommendation prediction. If using API Key based - authentication, the API Key must be registered using the - PredictionApiKeyRegistry service. [Learn - more](https://cloud.google.com/recommendations-ai/docs/setting-up#register-key). + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. operationId: >- - recommendationengine.projects.locations.catalogs.eventStores.placements.predict - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1PredictRequest + recommendationengine.projects.locations.catalogs.eventStores.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2282,8 +2263,66 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1PredictResponse + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: catalogsId + required: true + schema: + type: string + - in: path + name: eventStoresId + required: true + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/eventStores/{eventStoresId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: >- + recommendationengine.projects.locations.catalogs.eventStores.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -2306,22 +2345,27 @@ paths: schema: type: string - in: path - name: placementsId + name: operationsId required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/eventStores/{eventStoresId}/userEvents:write: + /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/eventStores/{eventStoresId}/userEvents:import: parameters: *ref_1 post: - description: Writes a single user event. + description: >- + Bulk import of User events. Request processing might be synchronous. + Events that already exist are skipped. Use this method for backfilling + historical user events. Operation.response is of type ImportResponse. + Note that it is possible for a subset of the items to be successfully + inserted. Operation.metadata is of type ImportMetadata. operationId: >- - recommendationengine.projects.locations.catalogs.eventStores.userEvents.write + recommendationengine.projects.locations.catalogs.eventStores.userEvents.import requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1UserEvent + #/components/schemas/GoogleCloudRecommendationengineV1beta1ImportUserEventsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2333,8 +2377,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1UserEvent + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -2356,16 +2399,18 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/eventStores/{eventStoresId}/userEvents:collect: + /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/eventStores/{eventStoresId}/userEvents:write: parameters: *ref_1 - get: - description: >- - Writes a single user event from the browser. This uses a GET request to - due to browser restriction of POST-ing to a 3rd party domain. This - method is used only by the Recommendations AI JavaScript pixel. Users - should not call this method directly. + post: + description: Writes a single user event. operationId: >- - recommendationengine.projects.locations.catalogs.eventStores.userEvents.collect + recommendationengine.projects.locations.catalogs.eventStores.userEvents.write + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1UserEvent security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2377,7 +2422,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1UserEvent parameters: - in: path name: projectsId @@ -2399,19 +2445,6 @@ paths: required: true schema: type: string - - in: query - name: userEvent - schema: - type: string - - in: query - name: uri - schema: - type: string - - in: query - name: ets - schema: - type: string - format: int64 /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/eventStores/{eventStoresId}/userEvents: parameters: *ref_1 get: @@ -2459,6 +2492,10 @@ paths: required: true schema: type: string + - in: query + name: filter + schema: + type: string - in: query name: pageSize schema: @@ -2468,26 +2505,16 @@ paths: name: pageToken schema: type: string - - in: query - name: filter - schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/eventStores/{eventStoresId}/userEvents:purge: + /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/eventStores/{eventStoresId}/userEvents:collect: parameters: *ref_1 - post: + get: description: >- - Deletes permanently all user events specified by the filter provided. - Depending on the number of events specified by the filter, this - operation could take hours or days to complete. To test a filter, use - the list command first. + Writes a single user event from the browser. This uses a GET request to + due to browser restriction of POST-ing to a 3rd party domain. This + method is used only by the Recommendations AI JavaScript pixel. Users + should not call this method directly. operationId: >- - recommendationengine.projects.locations.catalogs.eventStores.userEvents.purge - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1PurgeUserEventsRequest + recommendationengine.projects.locations.catalogs.eventStores.userEvents.collect security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2499,7 +2526,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: projectsId @@ -2521,23 +2548,35 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/eventStores/{eventStoresId}/userEvents:import: + - in: query + name: uri + schema: + type: string + - in: query + name: ets + schema: + type: string + format: int64 + - in: query + name: userEvent + schema: + type: string + /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/eventStores/{eventStoresId}/userEvents:purge: parameters: *ref_1 post: description: >- - Bulk import of User events. Request processing might be synchronous. - Events that already exist are skipped. Use this method for backfilling - historical user events. Operation.response is of type ImportResponse. - Note that it is possible for a subset of the items to be successfully - inserted. Operation.metadata is of type ImportMetadata. + Deletes permanently all user events specified by the filter provided. + Depending on the number of events specified by the filter, this + operation could take hours or days to complete. To test a filter, use + the list command first. operationId: >- - recommendationengine.projects.locations.catalogs.eventStores.userEvents.import + recommendationengine.projects.locations.catalogs.eventStores.userEvents.purge requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1ImportUserEventsRequest + #/components/schemas/GoogleCloudRecommendationengineV1beta1PurgeUserEventsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2623,17 +2662,22 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/catalogItems: + /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/eventStores/{eventStoresId}/placements/{placementsId}:predict: parameters: *ref_1 post: - description: Creates a catalog item. - operationId: recommendationengine.projects.locations.catalogs.catalogItems.create + description: >- + Makes a recommendation prediction. If using API Key based + authentication, the API Key must be registered using the + PredictionApiKeyRegistry service. [Learn + more](https://cloud.google.com/recommendations-ai/docs/setting-up#register-key). + operationId: >- + recommendationengine.projects.locations.catalogs.eventStores.placements.predict requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItem + #/components/schemas/GoogleCloudRecommendationengineV1beta1PredictRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2646,7 +2690,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItem + #/components/schemas/GoogleCloudRecommendationengineV1beta1PredictResponse parameters: - in: path name: projectsId @@ -2663,56 +2707,24 @@ paths: required: true schema: type: string - get: - description: Gets a list of catalog items. - operationId: recommendationengine.projects.locations.catalogs.catalogItems.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1ListCatalogItemsResponse - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - in: path - name: locationsId + name: eventStoresId required: true schema: type: string - in: path - name: catalogsId + name: placementsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/catalogItems/{catalogItemsId}: + /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/operations/{operationsId}: parameters: *ref_1 get: - description: Gets a specific catalog item. - operationId: recommendationengine.projects.locations.catalogs.catalogItems.get + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: recommendationengine.projects.locations.catalogs.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2724,8 +2736,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItem + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -2743,21 +2754,17 @@ paths: schema: type: string - in: path - name: catalogItemsId + name: operationsId required: true schema: type: string - patch: + /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/operations: + parameters: *ref_1 + get: description: >- - Updates a catalog item. Partial updating is supported. Non-existing - items will be created. - operationId: recommendationengine.projects.locations.catalogs.catalogItems.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItem + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: recommendationengine.projects.locations.catalogs.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2769,8 +2776,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1CatalogItem + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -2787,19 +2793,28 @@ paths: required: true schema: type: string - - in: path - name: catalogItemsId - required: true + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - delete: - description: Deletes a catalog item. - operationId: recommendationengine.projects.locations.catalogs.catalogItems.delete + /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs: + parameters: *ref_1 + get: + description: Lists all the catalog configurations associated with the project. + operationId: recommendationengine.projects.locations.catalogs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2811,7 +2826,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1ListCatalogsResponse parameters: - in: path name: projectsId @@ -2823,31 +2839,26 @@ paths: required: true schema: type: string - - in: path - name: catalogsId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: catalogItemsId - required: true + - in: query + name: pageSize schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/catalogItems:import: + type: integer + format: int32 + /v1beta1/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}: parameters: *ref_1 - post: - description: >- - Bulk import of multiple catalog items. Request processing may be - synchronous. No partial updating supported. Non-existing items will be - created. Operation.response is of type ImportResponse. Note that it is - possible for a subset of the items to be successfully updated. - operationId: recommendationengine.projects.locations.catalogs.catalogItems.import + patch: + description: Updates the catalog configuration. + operationId: recommendationengine.projects.locations.catalogs.patch requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRecommendationengineV1beta1ImportCatalogItemsRequest + #/components/schemas/GoogleCloudRecommendationengineV1beta1Catalog security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2859,7 +2870,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudRecommendationengineV1beta1Catalog parameters: - in: path name: projectsId @@ -2876,3 +2888,8 @@ paths: required: true schema: type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask diff --git a/providers/src/googleapis.com/v00.00.00000/services/recommender.yaml b/providers/src/googleapis.com/v00.00.00000/services/recommender.yaml index fdc583b0..656369c4 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/recommender.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/recommender.yaml @@ -7,8 +7,8 @@ info: title: Recommender API description: '' version: v1 - x-discovery-doc-revision: '20250824' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251117' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/recommender/docs/ servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/redis.yaml b/providers/src/googleapis.com/v00.00.00000/services/redis.yaml index b55b49ca..43b651d3 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/redis.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/redis.yaml @@ -7,8 +7,8 @@ info: title: Google Cloud Memorystore for Redis API description: Creates and manages Redis instances on the Google Cloud Platform. version: v1 - x-discovery-doc-revision: '20250819' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251104' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/memorystore/docs/redis/ servers: @@ -49,6 +49,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -461,14 +470,35 @@ components: endpoint can be de-registered before the forwarding rules in the cluster endpoint are deleted. type: boolean - allowFewerZonesDeployment: + maintenanceVersion: + description: >- + Optional. This field can be used to trigger self service update to + indicate the desired maintenance version. The input to this field + can be determined by the available_maintenance_versions field. + type: string + effectiveMaintenanceVersion: description: >- - Optional. Immutable. Allows customers to specify if they are okay - with deploying a multi-zone cluster in less than 3 zones. Once set, - if there is a zonal outage during the cluster creation, the cluster - will only be deployed in 2 zones, and stay within the 2 zones for - its lifecycle. + Output only. This field represents the actual maintenance version of + the cluster. + readOnly: true + type: string + availableMaintenanceVersions: + description: >- + Output only. This field is used to determine the available + maintenance versions for the self service update. + readOnly: true + type: array + items: + type: string + allowFewerZonesDeployment: + description: Optional. Immutable. Deprecated, do not use. + deprecated: true type: boolean + labels: + description: Optional. Labels to represent user-provided metadata. + type: object + additionalProperties: + type: string GcsBackupSource: id: GcsBackupSource description: >- @@ -2237,7 +2267,7 @@ components: description: >- DatabaseResourceFeed is the top level proto to be used to ingest different database resource level events into Condor platform. Next ID: - 11 + 13 type: object properties: resourceId: @@ -2261,6 +2291,7 @@ components: - Database resource recommendation signal data - Database config based signal data - Database resource metadata from BackupDR + - Database resource signal data enum: - FEEDTYPE_UNSPECIFIED - RESOURCE_METADATA @@ -2269,6 +2300,7 @@ components: - RECOMMENDATION_SIGNAL_DATA - CONFIG_BASED_SIGNAL_DATA - BACKUPDR_METADATA + - DATABASE_RESOURCE_SIGNAL_DATA resourceMetadata: $ref: '#/components/schemas/DatabaseResourceMetadata' resourceHealthSignalData: @@ -2285,6 +2317,11 @@ components: backupdrMetadata: description: BackupDR metadata is used to ingest metadata from BackupDR. $ref: '#/components/schemas/BackupDRMetadata' + databaseResourceSignalData: + description: >- + Database resource signal data is used to ingest signals from + database resource signal feeds. + $ref: '#/components/schemas/DatabaseResourceSignalData' skipIngestion: description: >- Optional. If true, the feed won't be ingested by DB Center. This @@ -2352,7 +2389,7 @@ components: type: string DatabaseResourceMetadata: id: DatabaseResourceMetadata - description: 'Common model for database resource instance metadata. Next ID: 26' + description: 'Common model for database resource instance metadata. Next ID: 30' type: object properties: id: @@ -2389,6 +2426,11 @@ components: location: description: The resource location. REQUIRED type: string + zone: + description: >- + The resource zone. This is only applicable for zonal resources and + will be empty for regional and multi-regional resources. + type: string creationTime: description: >- The creation time of the resource, i.e. the time when resource is @@ -2516,10 +2558,12 @@ components: - Default, to make it consistent with instance edition enum. - Represents the enterprise edition. - Represents the enterprise plus edition. + - Represents the standard edition. enum: - EDITION_UNSPECIFIED - EDITION_ENTERPRISE - EDITION_ENTERPRISE_PLUS + - EDITION_STANDARD suspensionReason: description: Optional. Suspension reason for the resource. type: string @@ -2546,6 +2590,12 @@ components: backupdrConfiguration: description: Optional. BackupDR Configuration for the resource. $ref: '#/components/schemas/BackupDRConfiguration' + maintenanceInfo: + description: Optional. Maintenance info for the resource. + $ref: '#/components/schemas/ResourceMaintenanceInfo' + isDeletionProtectionEnabled: + description: Optional. Whether deletion protection is enabled for this resource. + type: boolean Product: id: Product description: Product specification for Condor resources. @@ -2570,6 +2620,7 @@ components: - Firestore product area in GCP. - Compute Engine self managed databases - Oracle product area in GCP + - BigQuery product area in GCP - >- Other refers to rest of other product type. This is to be when product type is known, but it is not present in this enum. @@ -2588,6 +2639,7 @@ components: - false - false - false + - false enum: - PRODUCT_TYPE_UNSPECIFIED - PRODUCT_TYPE_CLOUD_SQL @@ -2602,6 +2654,7 @@ components: - PRODUCT_TYPE_FIRESTORE - PRODUCT_TYPE_COMPUTE_ENGINE - PRODUCT_TYPE_ORACLE_ON_GCP + - PRODUCT_TYPE_BIGQUERY - PRODUCT_TYPE_OTHER engine: description: The specific engine that the underlying database is running. @@ -3004,6 +3057,133 @@ components: backupdrManaged: description: Indicates if the resource is managed by BackupDR. type: boolean + ResourceMaintenanceInfo: + id: ResourceMaintenanceInfo + description: MaintenanceInfo to capture the maintenance details of database resource. + type: object + properties: + maintenanceSchedule: + description: Optional. Maintenance window for the database resource. + $ref: '#/components/schemas/ResourceMaintenanceSchedule' + denyMaintenanceSchedules: + description: Optional. List of Deny maintenance period for the database resource. + type: array + items: + $ref: '#/components/schemas/ResourceMaintenanceDenySchedule' + maintenanceVersion: + description: >- + Optional. Current Maintenance version of the database resource. + Example: "MYSQL_8_0_41.R20250531.01_15" + type: string + ResourceMaintenanceSchedule: + id: ResourceMaintenanceSchedule + description: >- + Maintenance window for the database resource. It specifies preferred + time and day of the week and phase in some cases, when the maintenance + can start. This is configured by the customer. + type: object + properties: + time: + description: >- + Optional. Preferred time to start the maintenance operation on the + specified day. + $ref: '#/components/schemas/TimeOfDay' + day: + description: >- + Optional. Preferred day of the week for maintenance, e.g. MONDAY, + TUESDAY, etc. + type: string + enumDescriptions: + - The day of the week is unspecified. + - Monday + - Tuesday + - Wednesday + - Thursday + - Friday + - Saturday + - Sunday + enum: + - DAY_OF_WEEK_UNSPECIFIED + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + - SUNDAY + phase: + description: >- + Optional. Phase of the maintenance window. This is to capture order + of maintenance. For example, for Cloud SQL resources, this can be + used to capture if the maintenance window is in Week1, Week2, Week5, + etc. Non production resources are usually part of early phase. For + more details, refer to Cloud SQL resources - + https://cloud.google.com/sql/docs/mysql/maintenance + type: string + enumDescriptions: + - Phase is unspecified. + - Any phase. + - Week 1. + - Week 2. + - Week 5. + enum: + - PHASE_UNSPECIFIED + - ANY + - WEEK1 + - WEEK2 + - WEEK5 + ResourceMaintenanceDenySchedule: + id: ResourceMaintenanceDenySchedule + description: >- + Deny maintenance period for the database resource. It specifies the time + range during which the maintenance cannot start. This is configured by + the customer. + type: object + properties: + startDate: + description: Optional. The start date of the deny maintenance period. + $ref: '#/components/schemas/Date' + endDate: + description: Optional. Deny period end date. + $ref: '#/components/schemas/Date' + time: + description: >- + Optional. Time in UTC when the deny period starts on start_date and + ends on end_date. + $ref: '#/components/schemas/TimeOfDay' + Date: + id: Date + description: >- + Represents a whole or partial calendar date, such as a birthday. The + time of day and time zone are either specified elsewhere or are + insignificant. The date is relative to the Gregorian Calendar. This can + represent one of the following: * A full date, with non-zero year, + month, and day values. * A month and day, with a zero year (for example, + an anniversary). * A year on its own, with a zero month and a zero day. + * A year and month, with a zero day (for example, a credit card + expiration date). Related types: * google.type.TimeOfDay * + google.type.DateTime * google.protobuf.Timestamp + type: object + properties: + year: + description: >- + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. + type: integer + format: int32 + month: + description: >- + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. + type: integer + format: int32 + day: + description: >- + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. + type: integer + format: int32 DatabaseResourceHealthSignalData: id: DatabaseResourceHealthSignalData description: Common model for database resource health signal data. @@ -3365,6 +3545,9 @@ components: - Replication delay. - Outdated version. - Outdated client. + - Databoost is disabled. + - Recommended maintenance policy. + - Resource version is in extended support. enumDeprecated: - false - false @@ -3468,6 +3651,9 @@ components: - false - false - false + - false + - false + - false enum: - SIGNAL_TYPE_UNSPECIFIED - SIGNAL_TYPE_NOT_PROTECTED_BY_AUTOMATIC_FAILOVER @@ -3571,6 +3757,9 @@ components: - SIGNAL_TYPE_REPLICATION_LAG - SIGNAL_TYPE_OUTDATED_VERSION - SIGNAL_TYPE_OUTDATED_CLIENT + - SIGNAL_TYPE_DATABOOST_DISABLED + - SIGNAL_TYPE_RECOMMENDED_MAINTENANCE_POLICIES + - SIGNAL_TYPE_EXTENDED_SUPPORT location: description: >- This is used to identify the location of the resource. Example: @@ -3809,6 +3998,9 @@ components: - Replication delay. - Outdated version. - Outdated client. + - Databoost is disabled. + - Recommended maintenance policy. + - Resource version is in extended support. enumDeprecated: - false - false @@ -3912,6 +4104,9 @@ components: - false - false - false + - false + - false + - false enum: - SIGNAL_TYPE_UNSPECIFIED - SIGNAL_TYPE_NOT_PROTECTED_BY_AUTOMATIC_FAILOVER @@ -4015,6 +4210,9 @@ components: - SIGNAL_TYPE_REPLICATION_LAG - SIGNAL_TYPE_OUTDATED_VERSION - SIGNAL_TYPE_OUTDATED_CLIENT + - SIGNAL_TYPE_DATABOOST_DISABLED + - SIGNAL_TYPE_RECOMMENDED_MAINTENANCE_POLICIES + - SIGNAL_TYPE_EXTENDED_SUPPORT lastRefreshTime: description: Required. last time recommendationw as refreshed type: string @@ -4196,6 +4394,7 @@ components: - >- Represents if a resources requires all incoming connections to use SSL or not. + - Represents if a resource version is in extended support. enum: - SIGNAL_TYPE_UNSPECIFIED - SIGNAL_TYPE_OUTDATED_MINOR_VERSION @@ -4203,6 +4402,7 @@ components: - SIGNAL_TYPE_NO_ROOT_PASSWORD - SIGNAL_TYPE_EXPOSED_TO_PUBLIC_ACCESS - SIGNAL_TYPE_UNENCRYPTED_CONNECTIONS + - SIGNAL_TYPE_EXTENDED_SUPPORT signalBoolValue: description: Signal data for boolean signals. type: boolean @@ -4232,6 +4432,66 @@ components: fullResourceName: description: Required. Full resource name of this instance. type: string + DatabaseResourceSignalData: + id: DatabaseResourceSignalData + description: >- + Database resource signal data. This is used to send signals to Condor + which are based on the DB/Instance/Fleet level configurations. These + will be used to send signals for all inventory types. Next ID: 7 + type: object + properties: + resourceId: + description: Database resource id. + $ref: '#/components/schemas/DatabaseResourceId' + fullResourceName: + description: Required. Full Resource name of the source resource. + type: string + lastRefreshTime: + description: Required. Last time signal was refreshed + type: string + format: google-datetime + signalType: + description: Required. Signal type of the signal + type: string + enumDescriptions: + - Unspecified signal type. + - Outdated Minor Version + - Represents database auditing is disabled. + - >- + Represents if a database has a password configured for the root + account or not. + - Represents if a resource is exposed to public access. + - >- + Represents if a resources requires all incoming connections to use + SSL or not. + - Represents if a resource version is in extended support. + enum: + - SIGNAL_TYPE_UNSPECIFIED + - SIGNAL_TYPE_OUTDATED_MINOR_VERSION + - SIGNAL_TYPE_DATABASE_AUDITING_DISABLED + - SIGNAL_TYPE_NO_ROOT_PASSWORD + - SIGNAL_TYPE_EXPOSED_TO_PUBLIC_ACCESS + - SIGNAL_TYPE_UNENCRYPTED_CONNECTIONS + - SIGNAL_TYPE_EXTENDED_SUPPORT + signalState: + description: Required. Output only. Signal state of the signal + readOnly: true + type: string + enumDescriptions: + - Unspecified signal state. + - Signal is active and requires attention. + - Signal is inactive and does not require attention. + - >- + Signal is dismissed by the user and should not be shown to the + user again. + enum: + - SIGNAL_STATE_UNSPECIFIED + - ACTIVE + - INACTIVE + - DISMISSED + signalBoolValue: + description: Signal data for boolean signals. + type: boolean OperationMetadata: id: OperationMetadata description: Pre-defined metadata fields. @@ -4864,6 +5124,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/retail.yaml b/providers/src/googleapis.com/v00.00.00000/services/retail.yaml index a88723d5..b0c1e0e4 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/retail.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/retail.yaml @@ -11,8 +11,8 @@ info: personalized search, browse and recommendations, based on machine learning models, across your websites and mobile applications. version: v2 - x-discovery-doc-revision: '20250821' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251202' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/recommendations servers: @@ -38,1416 +38,868 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleLongrunningListOperationsResponse: - id: GoogleLongrunningListOperationsResponse - description: The response message for Operations.ListOperations. - type: object + GoogleCloudRetailV2LocalInventory: properties: - operations: + fulfillmentTypes: description: >- - A list of operations that matches the specified filter in the - request. + Optional. Supported fulfillment types. Valid fulfillment type values + include commonly used types (such as pickup in store and same day + delivery), and custom types. Customers have to map custom types to + their display names before rendering UI. Supported values: * + "pickup-in-store" * "ship-to-store" * "same-day-delivery" * + "next-day-delivery" * "custom-type-1" * "custom-type-2" * + "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is + set to an invalid value other than these, an INVALID_ARGUMENT error + is returned. All the elements must be distinct. Otherwise, an + INVALID_ARGUMENT error is returned. type: array items: - $ref: '#/components/schemas/GoogleLongrunningOperation' - nextPageToken: - description: The standard List next-page token. - type: string - GoogleLongrunningOperation: - id: GoogleLongrunningOperation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: + type: string + priceInfo: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: + Optional. Product price and cost information. Google Merchant Center + property + [price](https://support.google.com/merchants/answer/6324371). + $ref: '#/components/schemas/GoogleCloudRetailV2PriceInfo' + attributes: description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object + Optional. Additional local inventory attributes, for example, store + name, promotion tags, etc. This field needs to pass all below + criteria, otherwise an INVALID_ARGUMENT error is returned: * At most + 30 attributes are allowed. * The key must be a UTF-8 encoded string + with a length limit of 32 characters. * The key must match the + pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. + * The attribute values must be of the same type (text or number). * + Only 1 value is allowed for each attribute. * For text values, the + length limit is 256 UTF-8 characters. * The attribute does not + support search. The `searchable` field should be unset or set to + false. * The max summed total bytes of custom attribute keys and + values per product is 5MiB. additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/GoogleRpcStatus' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. + $ref: '#/components/schemas/GoogleCloudRetailV2CustomAttribute' type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleRpcStatus: - id: GoogleRpcStatus - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + placeId: + type: string + description: Optional. The place ID for the current set of inventory information. + id: GoogleCloudRetailV2LocalInventory type: object + description: >- + The inventory information at a place (e.g. a store) identified by a + place ID. + GoogleCloudRetailV2TuneModelMetadata: properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + model: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + The resource name of the model that this tune applies to. Format: + `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` type: string - details: + id: GoogleCloudRetailV2TuneModelMetadata + type: object + description: Metadata associated with a tune operation. + GoogleCloudRetailV2SearchRequestBoostSpec: + description: Boost specification to boost certain items. + id: GoogleCloudRetailV2SearchRequestBoostSpec + type: object + properties: + conditionBoostSpecs: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + Condition boost specifications. If a product matches multiple + conditions in the specifications, boost scores from these + specifications are all applied and combined in a non-linear way. + Maximum number of specifications is 20. type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleCloudRetailV2ExportAnalyticsMetricsRequest: - id: GoogleCloudRetailV2ExportAnalyticsMetricsRequest - description: Request message for the `ExportAnalyticsMetrics` method. - type: object + $ref: >- + #/components/schemas/GoogleCloudRetailV2SearchRequestBoostSpecConditionBoostSpec + skipBoostSpecValidation: + description: >- + Whether to skip boostspec validation. If this field is set to true, + invalid BoostSpec.condition_boost_specs will be ignored and valid + BoostSpec.condition_boost_specs will still be applied. + type: boolean + GoogleCloudRetailV2ExperimentInfoServingConfigExperiment: properties: - outputConfig: - description: Required. The output location of the data. - $ref: '#/components/schemas/GoogleCloudRetailV2OutputConfig' - filter: + originalServingConfig: + type: string description: >- - A filtering expression to specify restrictions on returned metrics. - The expression is a sequence of terms. Each term applies a - restriction to the returned metrics. Use this expression to restrict - results to a specific time range. Currently we expect only one types - of fields: * `timestamp`: This can be specified twice, once with a - less than operator and once with a greater than operator. The - `timestamp` restriction should result in one, contiguous, valid, - `timestamp` range. Some examples of valid filters expressions: * - Example 1: `timestamp > "2012-04-23T18:25:43.511Z" timestamp < - "2012-04-23T18:30:43.511Z"` * Example 2: `timestamp > - "2012-04-23T18:25:43.511Z"` + The fully qualified resource name of the original + SearchRequest.placement in the search request prior to reassignment + by experiment API. For example: + `projects/*/locations/*/catalogs/*/servingConfigs/*`. + experimentServingConfig: type: string - GoogleCloudRetailV2OutputConfig: - id: GoogleCloudRetailV2OutputConfig - description: The output configuration setting. - type: object - properties: - gcsDestination: description: >- - The Google Cloud Storage location where the output is to be written - to. - $ref: '#/components/schemas/GoogleCloudRetailV2OutputConfigGcsDestination' - bigqueryDestination: - description: The BigQuery location where the output is to be written to. - $ref: >- - #/components/schemas/GoogleCloudRetailV2OutputConfigBigQueryDestination - GoogleCloudRetailV2OutputConfigGcsDestination: - id: GoogleCloudRetailV2OutputConfigGcsDestination - description: The Google Cloud Storage output destination configuration. + The fully qualified resource name of the serving config + `Experiment.VariantArm.serving_config_id` responsible for generating + the search response. For example: + `projects/*/locations/*/catalogs/*/servingConfigs/*`. + description: Metadata for active serving config A/B tests. type: object - properties: - outputUriPrefix: - description: >- - Required. The output uri prefix for saving output data to json - files. Some mapping examples are as follows: output_uri_prefix - sample output(assuming the object is foo.json) - ======================== - ============================================= gs://bucket/ - gs://bucket/foo.json gs://bucket/folder/ gs://bucket/folder/foo.json - gs://bucket/folder/item_ gs://bucket/folder/item_foo.json - type: string - GoogleCloudRetailV2OutputConfigBigQueryDestination: - id: GoogleCloudRetailV2OutputConfigBigQueryDestination - description: The BigQuery output destination configuration. + id: GoogleCloudRetailV2ExperimentInfoServingConfigExperiment + GoogleCloudRetailV2betaTuneModelResponse: + description: Response associated with a tune operation. type: object + id: GoogleCloudRetailV2betaTuneModelResponse + properties: {} + GoogleCloudRetailV2SearchResponseFacetFacetValue: + description: A facet value which contains value names and their count. properties: - datasetId: - description: Required. The ID of a BigQuery Dataset. + value: type: string - tableIdPrefix: - description: Required. The prefix of exported BigQuery tables. + description: Text value of a facet, such as "Black" for facet "colorFamilies". + count: type: string - tableType: + format: int64 + description: Number of items that have this facet value. + interval: + description: Interval value for a facet, such as [10, 20) for facet "price". + $ref: '#/components/schemas/GoogleCloudRetailV2Interval' + minValue: + format: double + type: number description: >- - Required. Describes the table type. The following values are - supported: * `table`: A BigQuery native table. * `view`: A virtual - table defined by a SQL query. - type: string - GoogleCloudRetailV2ListCatalogsResponse: - id: GoogleCloudRetailV2ListCatalogsResponse - description: Response for CatalogService.ListCatalogs method. + The minimum value in the FacetValue.interval. Only supported on + numerical facets and returned if + SearchRequest.FacetSpec.FacetKey.return_min_max is true. + maxValue: + format: double + description: >- + The maximum value in the FacetValue.interval. Only supported on + numerical facets and returned if + SearchRequest.FacetSpec.FacetKey.return_min_max is true. + type: number + id: GoogleCloudRetailV2SearchResponseFacetFacetValue + type: object + GoogleCloudRetailV2SetDefaultBranchRequest: + id: GoogleCloudRetailV2SetDefaultBranchRequest + description: Request message to set a specified branch as new default_branch. type: object properties: - catalogs: - description: All the customer's Catalogs. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2Catalog' - nextPageToken: - description: >- - A token that can be sent as ListCatalogsRequest.page_token to - retrieve the next page. If this field is omitted, there are no - subsequent pages. - type: string - GoogleCloudRetailV2Catalog: - id: GoogleCloudRetailV2Catalog - description: The catalog configuration. - type: object - properties: - name: - description: >- - Required. Immutable. The fully qualified resource name of the - catalog. - type: string - displayName: - description: >- - Required. Immutable. The catalog display name. This field must be a - UTF-8 encoded string with a length limit of 128 characters. - Otherwise, an INVALID_ARGUMENT error is returned. - type: string - productLevelConfig: - description: Required. The product level configuration. - $ref: '#/components/schemas/GoogleCloudRetailV2ProductLevelConfig' - GoogleCloudRetailV2ProductLevelConfig: - id: GoogleCloudRetailV2ProductLevelConfig - description: >- - Configures what level the product should be uploaded with regards to how - users will be send events and how predictions will be made. - type: object - properties: - ingestionProductType: - description: >- - The type of Products allowed to be ingested into the catalog. - Acceptable values are: * `primary` (default): You can ingest - Products of all types. When ingesting a Product, its type will - default to Product.Type.PRIMARY if unset. * `variant` (incompatible - with Retail Search): You can only ingest Product.Type.VARIANT - Products. This means Product.primary_product_id cannot be empty. If - this field is set to an invalid value other than these, an - INVALID_ARGUMENT error is returned. If this field is `variant` and - merchant_center_product_id_field is `itemGroupId`, an - INVALID_ARGUMENT error is returned. See [Product - levels](https://cloud.google.com/retail/docs/catalog#product-levels) - for more details. + note: type: string - merchantCenterProductIdField: description: >- - Which field of [Merchant Center - Product](/bigquery-transfer/docs/merchant-center-products-schema) - should be imported as Product.id. Acceptable values are: * `offerId` - (default): Import `offerId` as the product ID. * `itemGroupId`: - Import `itemGroupId` as the product ID. Notice that Retail API will - choose one item from the ones with the same `itemGroupId`, and use - it to represent the item group. If this field is set to an invalid - value other than these, an INVALID_ARGUMENT error is returned. If - this field is `itemGroupId` and ingestion_product_type is `variant`, - an INVALID_ARGUMENT error is returned. See [Product - levels](https://cloud.google.com/retail/docs/catalog#product-levels) - for more details. - type: string - GoogleCloudRetailV2SetDefaultBranchRequest: - id: GoogleCloudRetailV2SetDefaultBranchRequest - description: Request message to set a specified branch as new default_branch. - type: object - properties: + Some note on this request, this can be retrieved by + CatalogService.GetDefaultBranch before next valid default branch set + occurs. This field must be a UTF-8 encoded string with a length + limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is + returned. branchId: + type: string description: >- The final component of the resource name of a branch. This field must be one of "0", "1" or "2". Otherwise, an INVALID_ARGUMENT error is returned. If there are no sufficient active products in the targeted branch and force is not set, a FAILED_PRECONDITION error is returned. - type: string - note: - description: >- - Some note on this request, this can be retrieved by - CatalogService.GetDefaultBranch before next valid default branch set - occurs. This field must be a UTF-8 encoded string with a length - limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT error is - returned. - type: string force: + type: boolean description: >- If set to true, it permits switching to a branch with branch_id even if it has no sufficient active products. - type: boolean - GoogleProtobufEmpty: - id: GoogleProtobufEmpty + GoogleCloudRetailV2alphaUserEventImportSummary: + id: GoogleCloudRetailV2alphaUserEventImportSummary + properties: + unjoinedEventsCount: + description: >- + Count of user events imported, but with catalog information not + found in the imported catalog. + format: int64 + type: string + joinedEventsCount: + format: int64 + type: string + description: >- + Count of user events imported with complete existing catalog + information. + type: object description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + A summary of import result. The UserEventImportSummary summarizes the + import status for user events. + GoogleCloudRetailV2RuleOnewaySynonymsAction: + description: >- + Maps a set of terms to a set of synonyms. Set of synonyms will be + treated as synonyms of each query term only. `query_terms` will not be + treated as synonyms of each other. Example: "sneakers" will use a + synonym of "shoes". "shoes" will not use a synonym of "sneakers". + type: object + properties: + onewayTerms: + items: + type: string + type: array + description: Will be [deprecated = true] post migration; + synonyms: + description: >- + Defines a set of synonyms. Cannot contain duplicates. Can specify up + to 100 synonyms. + type: array + items: + type: string + queryTerms: + description: >- + Terms from the search query. Will treat synonyms as their synonyms. + Not themselves synonyms of the synonyms. Can specify up to 100 + terms. + type: array + items: + type: string + id: GoogleCloudRetailV2RuleOnewaySynonymsAction + GoogleCloudRetailV2alphaRemoveLocalInventoriesMetadata: type: object + description: >- + Metadata related to the progress of the RemoveLocalInventories + operation. Currently empty because there is no meaningful metadata + populated from the ProductService.RemoveLocalInventories method. properties: {} - GoogleCloudRetailV2GetDefaultBranchResponse: - id: GoogleCloudRetailV2GetDefaultBranchResponse - description: Response message of CatalogService.GetDefaultBranch. + id: GoogleCloudRetailV2alphaRemoveLocalInventoriesMetadata + GoogleCloudRetailV2SetInventoryResponse: type: object + properties: {} + id: GoogleCloudRetailV2SetInventoryResponse + description: >- + Response of the SetInventoryRequest. Currently empty because there is no + meaningful response populated from the ProductService.SetInventory + method. + GoogleCloudRetailV2ImportErrorsConfig: properties: - branch: - description: Full resource name of the branch id currently set as default branch. - type: string - setTime: - description: The time when this branch is set to default. + gcsPrefix: type: string - format: google-datetime - note: description: >- - This corresponds to SetDefaultBranchRequest.note field, when this - branch was set as default. - type: string - GoogleCloudRetailV2CompletionConfig: - id: GoogleCloudRetailV2CompletionConfig - description: >- - Catalog level autocomplete config for customers to customize - autocomplete feature's settings. + Google Cloud Storage prefix for import errors. This must be an + empty, existing Cloud Storage directory. Import errors are written + to sharded files in this directory, one per line, as a JSON-encoded + `google.rpc.Status` message. + id: GoogleCloudRetailV2ImportErrorsConfig type: object + description: Configuration of destination for Import related errors. + GoogleCloudRetailV2PriceInfoPriceRange: + type: object + id: GoogleCloudRetailV2PriceInfoPriceRange properties: - name: + price: + $ref: '#/components/schemas/GoogleCloudRetailV2Interval' description: >- - Required. Immutable. Fully qualified name - `projects/*/locations/*/catalogs/*/completionConfig` - type: string - matchingOrder: + The inclusive Product.pricing_info.price interval of all variant + Product having the same Product.primary_product_id. + originalPrice: description: >- - Specifies the matching order for autocomplete suggestions, e.g., a - query consisting of 'sh' with 'out-of-order' specified would suggest - "women's shoes", whereas a query of 'red s' with 'exact-prefix' - specified would suggest "red shoes". Currently supported values: * - 'out-of-order' * 'exact-prefix' Default value: 'exact-prefix'. + The inclusive Product.pricing_info.original_price internal of all + variant Product having the same Product.primary_product_id. + $ref: '#/components/schemas/GoogleCloudRetailV2Interval' + description: >- + The price range of all variant Product having the same + Product.primary_product_id. + GoogleCloudRetailV2betaExportMetadata: + id: GoogleCloudRetailV2betaExportMetadata + description: >- + Metadata related to the progress of the Export operation. This is + returned by the google.longrunning.Operation.metadata field. + properties: + createTime: + type: string + description: Operation create time. + format: google-datetime + updateTime: + format: google-datetime type: string - maxSuggestions: description: >- - The maximum number of autocomplete suggestions returned per term. - Default value is 20. If left unset or set to 0, then will fallback - to default value. Value range is 1 to 20. + Operation last update time. If the operation is done, this is also + the finish time. + type: object + GoogleCloudRetailV2CompletionDetail: + type: object + id: GoogleCloudRetailV2CompletionDetail + description: >- + Detailed completion information including completion attribution token + and clicked completion info. + properties: + selectedPosition: type: integer format: int32 - minPrefixLength: description: >- - The minimum number of characters needed to be typed in order to get - suggestions. Default value is 2. If left unset or set to 0, then - will fallback to default value. Value range is 1 to 20. - type: integer - format: int32 - autoLearning: + End user selected CompleteQueryResponse.CompletionResult.suggestion + position, starting from 0. + selectedSuggestion: + type: string + description: End user selected CompleteQueryResponse.CompletionResult.suggestion. + completionAttributionToken: + type: string description: >- - If set to true, the auto learning function is enabled. Auto learning - uses user data to generate suggestions using ML techniques. Default - value is false. Only after enabling auto learning can users use - `cloud-retail` data in CompleteQueryRequest. - type: boolean - suggestionsInputConfig: + Completion attribution token in + CompleteQueryResponse.attribution_token. + GoogleCloudRetailV2SearchResponseConversationalSearchResultAdditionalFilter: + type: object + properties: + productAttributeValue: + $ref: '#/components/schemas/GoogleCloudRetailV2ProductAttributeValue' description: >- - Output only. The source data for the latest import of the - autocomplete suggestion phrases. - readOnly: true - $ref: '#/components/schemas/GoogleCloudRetailV2CompletionDataInputConfig' - lastSuggestionsImportOperation: - description: >- - Output only. Name of the LRO corresponding to the latest suggestion - terms list import. Can use GetOperation API method to retrieve the - latest state of the Long Running Operation. - readOnly: true - type: string - denylistInputConfig: - description: >- - Output only. The source data for the latest import of the - autocomplete denylist phrases. - readOnly: true - $ref: '#/components/schemas/GoogleCloudRetailV2CompletionDataInputConfig' - lastDenylistImportOperation: - description: >- - Output only. Name of the LRO corresponding to the latest denylist - import. Can use GetOperation API to retrieve the latest state of the - Long Running Operation. - readOnly: true - type: string - allowlistInputConfig: - description: >- - Output only. The source data for the latest import of the - autocomplete allowlist phrases. - readOnly: true - $ref: '#/components/schemas/GoogleCloudRetailV2CompletionDataInputConfig' - lastAllowlistImportOperation: - description: >- - Output only. Name of the LRO corresponding to the latest allowlist - import. Can use GetOperation API to retrieve the latest state of the - Long Running Operation. - readOnly: true - type: string - GoogleCloudRetailV2CompletionDataInputConfig: - id: GoogleCloudRetailV2CompletionDataInputConfig - description: The input config source for completion data. - type: object - properties: - bigQuerySource: - description: >- - Required. BigQuery input source. Add the IAM permission "BigQuery - Data Viewer" for - cloud-retail-customer-data-access@system.gserviceaccount.com before - using this feature otherwise an error is thrown. - $ref: '#/components/schemas/GoogleCloudRetailV2BigQuerySource' - GoogleCloudRetailV2BigQuerySource: - id: GoogleCloudRetailV2BigQuerySource - description: BigQuery source import data from. + Product attribute value, including an attribute key and an attribute + value. Other types can be added here in the future. + description: Additional filter that client side need to apply. + id: >- + GoogleCloudRetailV2SearchResponseConversationalSearchResultAdditionalFilter + GoogleCloudRetailV2ModelModelFeaturesConfig: type: object + id: GoogleCloudRetailV2ModelModelFeaturesConfig properties: - partitionDate: - description: >- - BigQuery time partitioned table's _PARTITIONDATE in YYYY-MM-DD - format. - $ref: '#/components/schemas/GoogleTypeDate' - projectId: - description: >- - The project ID (can be project # or ID) that the BigQuery source is - in with a length limit of 128 characters. If not specified, inherits - the project ID from the parent request. - type: string - datasetId: - description: >- - Required. The BigQuery data set to copy the data from with a length - limit of 1,024 characters. - type: string - tableId: - description: >- - Required. The BigQuery table to copy the data from with a length - limit of 1,024 characters. - type: string - gcsStagingDir: - description: >- - Intermediate Cloud Storage directory used for the import with a - length limit of 2,000 characters. Can be specified if one wants to - have the BigQuery export to a specific Cloud Storage directory. - type: string - dataSchema: - description: >- - The schema to use when parsing the data from the source. Supported - values for product imports: * `product` (default): One JSON Product - per line. Each product must have a valid Product.id. * - `product_merchant_center`: See [Importing catalog data from Merchant - Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). - Supported values for user events imports: * `user_event` (default): - One JSON UserEvent per line. * `user_event_ga360`: The schema is - available here: https://support.google.com/analytics/answer/3437719. - * `user_event_ga4`: The schema is available here: - https://support.google.com/analytics/answer/7029846. Supported - values for autocomplete imports: * `suggestions` (default): One JSON - completion suggestion per line. * `denylist`: One JSON deny - suggestion per line. * `allowlist`: One JSON allow suggestion per - line. - type: string - GoogleTypeDate: - id: GoogleTypeDate + frequentlyBoughtTogetherConfig: + description: Additional configs for frequently-bought-together models. + $ref: >- + #/components/schemas/GoogleCloudRetailV2ModelFrequentlyBoughtTogetherFeaturesConfig + description: Additional model features config. + GoogleCloudRetailV2RuleIgnoreAction: description: >- - Represents a whole or partial calendar date, such as a birthday. The - time of day and time zone are either specified elsewhere or are - insignificant. The date is relative to the Gregorian Calendar. This can - represent one of the following: * A full date, with non-zero year, - month, and day values. * A month and day, with a zero year (for example, - an anniversary). * A year on its own, with a zero month and a zero day. - * A year and month, with a zero day (for example, a credit card - expiration date). Related types: * google.type.TimeOfDay * - google.type.DateTime * google.protobuf.Timestamp + Prevents a term in the query from being used in search. Example: Don't + search for "shoddy". type: object properties: - year: - description: >- - Year of the date. Must be from 1 to 9999, or 0 to specify a date - without a year. - type: integer - format: int32 - month: - description: >- - Month of a year. Must be from 1 to 12, or 0 to specify a year - without a month and day. - type: integer - format: int32 - day: - description: >- - Day of a month. Must be from 1 to 31 and valid for the year and - month, or 0 to specify a year by itself or a year and month where - the day isn't significant. - type: integer - format: int32 - GoogleCloudRetailV2AttributesConfig: - id: GoogleCloudRetailV2AttributesConfig - description: Catalog level attribute config. + ignoreTerms: + type: array + description: Terms to ignore in the search query. + items: + type: string + id: GoogleCloudRetailV2RuleIgnoreAction + GoogleCloudRetailLoggingErrorLog: + id: GoogleCloudRetailLoggingErrorLog type: object properties: - name: + importPayload: + description: The error payload that is populated on LRO import APIs. + $ref: '#/components/schemas/GoogleCloudRetailLoggingImportErrorContext' + serviceContext: + $ref: '#/components/schemas/GoogleCloudRetailLoggingServiceContext' + description: The service context in which this error has occurred. + requestPayload: description: >- - Required. Immutable. The fully qualified resource name of the - attribute config. Format: - `projects/*/locations/*/catalogs/*/attributesConfig` + The API request payload, represented as a protocol buffer. Most API + request types are supported. For example: + "type.googleapis.com/google.cloud.retail.v2.ProductService.CreateProductRequest" + "type.googleapis.com/google.cloud.retail.v2.UserEventService.WriteUserEventRequest" + additionalProperties: + type: any + description: Properties of the object. + type: object + message: type: string - catalogAttributes: + description: A message describing the error. + context: + description: A description of the context in which the error occurred. + $ref: '#/components/schemas/GoogleCloudRetailLoggingErrorContext' + status: + description: The RPC status associated with the error log. + $ref: '#/components/schemas/GoogleRpcStatus' + responsePayload: + additionalProperties: + type: any + description: Properties of the object. description: >- - Enable attribute(s) config at catalog level. For example, indexable, - dynamic_facetable, or searchable for each attribute. The key is - catalog attribute's name. For example: `color`, `brands`, - `attributes.custom_attribute`, such as `attributes.xyz`. The maximum - number of catalog attributes allowed in a request is 1000. + The API response payload, represented as a protocol buffer. This is + used to log some "soft errors", where the response is valid but we + consider there are some quality issues like unjoined events. The + following API responses are supported and no PII is included: + "google.cloud.retail.v2.PredictionService.Predict" + "google.cloud.retail.v2.UserEventService.WriteUserEvent" + "google.cloud.retail.v2.UserEventService.CollectUserEvent" type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudRetailV2CatalogAttribute' - attributeConfigLevel: - description: Output only. The AttributeConfigLevel used for this catalog. - readOnly: true - type: string + description: >- + An error log which is reported to the Error Reporting system. This proto + a superset of + google.devtools.clouderrorreporting.v1beta1.ReportedErrorEvent. + GoogleCloudRetailV2ModelFrequentlyBoughtTogetherFeaturesConfig: + id: GoogleCloudRetailV2ModelFrequentlyBoughtTogetherFeaturesConfig + description: Additional configs for the frequently-bought-together model type. + type: object + properties: + contextProductsType: enumDescriptions: - >- - Value used when unset. In this case, server behavior defaults to - CATALOG_LEVEL_ATTRIBUTE_CONFIG. + Unspecified default value, should never be explicitly set. + Defaults to MULTIPLE_CONTEXT_PRODUCTS. - >- - At this level, we honor the attribute configurations set in - Product.attributes. + Use only a single product as context for the recommendation. + Typically used on pages like add-to-cart or product details. - >- - At this level, we honor the attribute configurations set in - `CatalogConfig.attribute_configs`. + Use one or multiple products as context for the recommendation. + Typically used on shopping cart pages. + type: string + description: >- + Optional. Specifies the context of the model when it is used in + predict requests. Can only be set for the + `frequently-bought-together` type. If it isn't specified, it + defaults to MULTIPLE_CONTEXT_PRODUCTS. enum: - - ATTRIBUTE_CONFIG_LEVEL_UNSPECIFIED - - PRODUCT_LEVEL_ATTRIBUTE_CONFIG - - CATALOG_LEVEL_ATTRIBUTE_CONFIG - GoogleCloudRetailV2CatalogAttribute: - id: GoogleCloudRetailV2CatalogAttribute - description: >- - Catalog level attribute config for an attribute. For example, if - customers want to enable/disable facet for a specific attribute. + - CONTEXT_PRODUCTS_TYPE_UNSPECIFIED + - SINGLE_CONTEXT_PRODUCT + - MULTIPLE_CONTEXT_PRODUCTS + GoogleCloudRetailV2RejoinUserEventsResponse: + id: GoogleCloudRetailV2RejoinUserEventsResponse type: object properties: - key: - description: >- - Required. Attribute name. For example: `color`, `brands`, - `attributes.custom_attribute`, such as `attributes.xyz`. To be - indexable, the attribute name can contain only alpha-numeric - characters and underscores. For example, an attribute named - `attributes.abc_xyz` can be indexed, but an attribute named - `attributes.abc-xyz` cannot be indexed. If the attribute key starts - with `attributes.`, then the attribute is a custom attribute. - Attributes such as `brands`, `patterns`, and `title` are built-in - and called system attributes. + rejoinedUserEventsCount: type: string - inUse: - description: >- - Output only. Indicates whether this attribute has been used by any - products. `True` if at least one Product is using this attribute in - Product.attributes. Otherwise, this field is `False`. - CatalogAttribute can be pre-loaded by using - CatalogService.AddCatalogAttribute or - CatalogService.UpdateAttributesConfig APIs. This field is `False` - for pre-loaded CatalogAttributes. Only pre-loaded catalog attributes - that are neither in use by products nor predefined can be deleted. - Catalog attributes that are either in use by products or are - predefined attributes cannot be deleted; however, their - configuration properties will reset to default values upon removal - request. After catalog changes, it takes about 10 minutes for this - field to update. - readOnly: true - type: boolean - type: - description: >- - Output only. The type of this attribute. This is derived from the - attribute in Product.attributes. - readOnly: true - type: string - enumDescriptions: - - >- - The type of the attribute is unknown. Used when type cannot be - derived from attribute that is not in_use. - - Textual attribute. - - Numerical attribute. - enum: - - UNKNOWN - - TEXTUAL - - NUMERICAL - indexableOption: + description: Number of user events that were joined with latest product catalog. + format: int64 + description: Response message for `RejoinUserEvents` method. + GoogleCloudRetailV2OutputConfig: + properties: + gcsDestination: + $ref: '#/components/schemas/GoogleCloudRetailV2OutputConfigGcsDestination' description: >- - When AttributesConfig.attribute_config_level is - CATALOG_LEVEL_ATTRIBUTE_CONFIG, if INDEXABLE_ENABLED attribute - values are indexed so that it can be filtered, faceted, or boosted - in SearchService.Search. Must be specified when - AttributesConfig.attribute_config_level is - CATALOG_LEVEL_ATTRIBUTE_CONFIG, otherwise throws INVALID_FORMAT - error. - type: string - enumDescriptions: - - Value used when unset. - - Indexable option enabled for an attribute. - - Indexable option disabled for an attribute. - enum: - - INDEXABLE_OPTION_UNSPECIFIED - - INDEXABLE_ENABLED - - INDEXABLE_DISABLED - dynamicFacetableOption: + The Google Cloud Storage location where the output is to be written + to. + bigqueryDestination: + $ref: >- + #/components/schemas/GoogleCloudRetailV2OutputConfigBigQueryDestination + description: The BigQuery location where the output is to be written to. + description: The output configuration setting. + type: object + id: GoogleCloudRetailV2OutputConfig + GoogleCloudRetailV2PinControlMetadata: + properties: + allMatchedPins: + description: Map of all matched pins, keyed by pin position. + type: object + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudRetailV2PinControlMetadataProductPins + droppedPins: description: >- - If DYNAMIC_FACETABLE_ENABLED, attribute values are available for - dynamic facet. Could only be DYNAMIC_FACETABLE_DISABLED if - CatalogAttribute.indexable_option is INDEXABLE_DISABLED. Otherwise, - an INVALID_ARGUMENT error is returned. Must be specified, otherwise - throws INVALID_FORMAT error. - type: string + Map of pins that were dropped due to overlap with other matching + pins, keyed by pin position. + type: object + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudRetailV2PinControlMetadataProductPins + type: object + description: >- + Metadata for pinning to be returned in the response. This is used for + distinguishing between applied vs dropped pins. + id: GoogleCloudRetailV2PinControlMetadata + GoogleCloudRetailV2AttributesConfig: + description: Catalog level attribute config. + properties: + attributeConfigLevel: + description: Output only. The AttributeConfigLevel used for this catalog. enumDescriptions: - - Value used when unset. - - Dynamic facetable option enabled for an attribute. - - Dynamic facetable option disabled for an attribute. - enum: - - DYNAMIC_FACETABLE_OPTION_UNSPECIFIED - - DYNAMIC_FACETABLE_ENABLED - - DYNAMIC_FACETABLE_DISABLED - searchableOption: - description: >- - When AttributesConfig.attribute_config_level is - CATALOG_LEVEL_ATTRIBUTE_CONFIG, if SEARCHABLE_ENABLED, attribute - values are searchable by text queries in SearchService.Search. If - SEARCHABLE_ENABLED but attribute type is numerical, attribute values - will not be searchable by text queries in SearchService.Search, as - there are no text values associated to numerical attributes. Must be - specified, when AttributesConfig.attribute_config_level is - CATALOG_LEVEL_ATTRIBUTE_CONFIG, otherwise throws INVALID_FORMAT - error. + - >- + Value used when unset. In this case, server behavior defaults to + CATALOG_LEVEL_ATTRIBUTE_CONFIG. + - >- + At this level, we honor the attribute configurations set in + Product.attributes. + - >- + At this level, we honor the attribute configurations set in + `CatalogConfig.attribute_configs`. + readOnly: true type: string - enumDescriptions: - - Value used when unset. - - Searchable option enabled for an attribute. - - Searchable option disabled for an attribute. enum: - - SEARCHABLE_OPTION_UNSPECIFIED - - SEARCHABLE_ENABLED - - SEARCHABLE_DISABLED - exactSearchableOption: + - ATTRIBUTE_CONFIG_LEVEL_UNSPECIFIED + - PRODUCT_LEVEL_ATTRIBUTE_CONFIG + - CATALOG_LEVEL_ATTRIBUTE_CONFIG + name: description: >- - If EXACT_SEARCHABLE_ENABLED, attribute values will be exact - searchable. This property only applies to textual custom attributes - and requires indexable set to enabled to enable exact-searchable. If - unset, the server behavior defaults to EXACT_SEARCHABLE_DISABLED. + Required. Immutable. The fully qualified resource name of the + attribute config. Format: + `projects/*/locations/*/catalogs/*/attributesConfig` type: string - enumDescriptions: - - Value used when unset. - - Exact searchable option enabled for an attribute. - - Exact searchable option disabled for an attribute. - enum: - - EXACT_SEARCHABLE_OPTION_UNSPECIFIED - - EXACT_SEARCHABLE_ENABLED - - EXACT_SEARCHABLE_DISABLED - retrievableOption: + catalogAttributes: + additionalProperties: + $ref: '#/components/schemas/GoogleCloudRetailV2CatalogAttribute' description: >- - If RETRIEVABLE_ENABLED, attribute values are retrievable in the - search results. If unset, the server behavior defaults to - RETRIEVABLE_DISABLED. - type: string - enumDescriptions: - - Value used when unset. - - Retrievable option enabled for an attribute. - - Retrievable option disabled for an attribute. - enum: - - RETRIEVABLE_OPTION_UNSPECIFIED - - RETRIEVABLE_ENABLED - - RETRIEVABLE_DISABLED - facetConfig: - description: Contains facet options. - $ref: '#/components/schemas/GoogleCloudRetailV2CatalogAttributeFacetConfig' - GoogleCloudRetailV2CatalogAttributeFacetConfig: - id: GoogleCloudRetailV2CatalogAttributeFacetConfig + Enable attribute(s) config at catalog level. For example, indexable, + dynamic_facetable, or searchable for each attribute. The key is + catalog attribute's name. For example: `color`, `brands`, + `attributes.custom_attribute`, such as `attributes.xyz`. The maximum + number of catalog attributes allowed in a request is 1000. + type: object + type: object + id: GoogleCloudRetailV2AttributesConfig + GoogleCloudRetailV2betaSetInventoryResponse: description: >- - Possible options for the facet that corresponds to the current attribute - config. + Response of the SetInventoryRequest. Currently empty because there is no + meaningful response populated from the ProductService.SetInventory + method. + properties: {} type: object + id: GoogleCloudRetailV2betaSetInventoryResponse + GoogleCloudRetailV2RuleTwowaySynonymsAction: + description: >- + Creates a set of terms that will be treated as synonyms of each other. + Example: synonyms of "sneakers" and "shoes": * "sneakers" will use a + synonym of "shoes". * "shoes" will use a synonym of "sneakers". properties: - facetIntervals: + synonyms: description: >- - If you don't set the facet - SearchRequest.FacetSpec.FacetKey.intervals in the request to a - numerical attribute, then we use the computed intervals with rounded - bounds obtained from all its product numerical attribute values. The - computed intervals might not be ideal for some attributes. - Therefore, we give you the option to overwrite them with the - facet_intervals field. The maximum of facet intervals per - CatalogAttribute is 40. Each interval must have a lower bound or an - upper bound. If both bounds are provided, then the lower bound must - be smaller or equal than the upper bound. + Defines a set of synonyms. Can specify up to 100 synonyms. Must + specify at least 2 synonyms. type: array items: - $ref: '#/components/schemas/GoogleCloudRetailV2Interval' - ignoredFacetValues: - description: >- - Each instance represents a list of attribute values to ignore as - facet values for a specific time range. The maximum number of - instances per CatalogAttribute is 25. + type: string + type: object + id: GoogleCloudRetailV2RuleTwowaySynonymsAction + GoogleCloudRetailV2SearchRequestConversationalSearchSpecUserAnswerSelectedAnswer: + properties: + productAttributeValues: + description: This field is deprecated and should not be set. type: array items: - $ref: >- - #/components/schemas/GoogleCloudRetailV2CatalogAttributeFacetConfigIgnoredFacetValues - mergedFacetValues: + $ref: '#/components/schemas/GoogleCloudRetailV2ProductAttributeValue' + deprecated: true + productAttributeValue: + $ref: '#/components/schemas/GoogleCloudRetailV2ProductAttributeValue' description: >- - Each instance replaces a list of facet values by a merged facet - value. If a facet value is not in any list, then it will stay the - same. To avoid conflicts, only paths of length 1 are accepted. In - other words, if "dark_blue" merged into "BLUE", then the latter - can't merge into "blues" because this would create a path of length - 2. The maximum number of instances of MergedFacetValue per - CatalogAttribute is 100. This feature is available only for textual - custom attributes. + This field specifies the selected answer which is a attribute + key-value. + type: object + id: >- + GoogleCloudRetailV2SearchRequestConversationalSearchSpecUserAnswerSelectedAnswer + description: >- + This field specifies the selected answers during the conversational + search. + GoogleCloudRetailV2RuleForceReturnFacetAction: + properties: + facetPositionAdjustments: type: array + description: >- + Each instance corresponds to a force return attribute for the given + condition. There can't be more 15 instances here. items: $ref: >- - #/components/schemas/GoogleCloudRetailV2CatalogAttributeFacetConfigMergedFacetValue - mergedFacet: - description: >- - Use this field only if you want to merge a facet key into another - facet key. - $ref: >- - #/components/schemas/GoogleCloudRetailV2CatalogAttributeFacetConfigMergedFacet - rerankConfig: - description: >- - Set this field only if you want to rerank based on facet values - engaged by the user for the current key. This option is only - possible for custom facetable textual keys. - $ref: >- - #/components/schemas/GoogleCloudRetailV2CatalogAttributeFacetConfigRerankConfig - GoogleCloudRetailV2Interval: - id: GoogleCloudRetailV2Interval - description: A floating point interval. - type: object - properties: - minimum: - description: Inclusive lower bound. - type: number - format: double - exclusiveMinimum: - description: Exclusive lower bound. - type: number - format: double - maximum: - description: Inclusive upper bound. - type: number - format: double - exclusiveMaximum: - description: Exclusive upper bound. - type: number - format: double - GoogleCloudRetailV2CatalogAttributeFacetConfigIgnoredFacetValues: - id: GoogleCloudRetailV2CatalogAttributeFacetConfigIgnoredFacetValues + #/components/schemas/GoogleCloudRetailV2RuleForceReturnFacetActionFacetPositionAdjustment + id: GoogleCloudRetailV2RuleForceReturnFacetAction description: >- - Facet values to ignore on facets during the specified time range for the - given SearchResponse.Facet.key attribute. + Force returns an attribute/facet in the request around a certain + position or above. * Rule Condition: Must specify non-empty + Condition.query_terms (for search only) or Condition.page_categories + (for browse only), but can't specify both. * Action Inputs: attribute + name, position * Action Result: Will force return a facet key around a + certain position or above if the condition is satisfied. Example: + Suppose the query is "shoes", the Condition.query_terms is "shoes", the + ForceReturnFacetAction.FacetPositionAdjustment.attribute_name is "size" + and the ForceReturnFacetAction.FacetPositionAdjustment.position is 8. + Two cases: a) The facet key "size" is not already in the top 8 slots, + then the facet "size" will appear at a position close to 8. b) The facet + key "size" in among the top 8 positions in the request, then it will + stay at its current rank. + type: object + GoogleCloudRetailV2AddLocalInventoriesRequest: + id: GoogleCloudRetailV2AddLocalInventoriesRequest + description: Request message for ProductService.AddLocalInventories method. type: object properties: - values: + addMask: description: >- - List of facet values to ignore for the following time range. The - facet values are the same as the attribute values. There is a limit - of 10 values per instance of IgnoredFacetValues. Each value can have - at most 128 characters. + Indicates which inventory fields in the provided list of + LocalInventory to update. The field is updated to the provided + value. If a field is set while the place does not have a previous + local inventory, the local inventory at that store is created. If a + field is set while the value of that field is not provided, the + original field value, if it exists, is deleted. If the mask is not + set or set with empty paths, all inventory fields will be updated. + If an unsupported or unknown field is provided, an INVALID_ARGUMENT + error is returned and the entire update will be ignored. + format: google-fieldmask + type: string + localInventories: + description: >- + Required. A list of inventory information at difference places. Each + place is identified by its place ID. At most 3000 inventories are + allowed per request. type: array items: - type: string - startTime: + $ref: '#/components/schemas/GoogleCloudRetailV2LocalInventory' + allowMissing: description: >- - Time range for the current list of facet values to ignore. If - multiple time ranges are specified for an facet value for the - current attribute, consider all of them. If both are empty, ignore - always. If start time and end time are set, then start time must be - before end time. If start time is not empty and end time is empty, - then will ignore these facet values after the start time. - type: string - format: google-datetime - endTime: + If set to true, and the Product is not found, the local inventory + will still be processed and retained for at most 1 day and processed + once the Product is created. If set to false, a NOT_FOUND error is + returned if the Product is not found. + type: boolean + addTime: description: >- - If start time is empty and end time is not empty, then ignore these - facet values before end time. - type: string + The time when the inventory updates are issued. Used to prevent + out-of-order updates on local inventory fields. If not provided, the + internal system time will be used. format: google-datetime - GoogleCloudRetailV2CatalogAttributeFacetConfigMergedFacetValue: - id: GoogleCloudRetailV2CatalogAttributeFacetConfigMergedFacetValue - description: >- - Replaces a set of textual facet values by the same (possibly different) - merged facet value. Each facet value should appear at most once as a - value per CatalogAttribute. This feature is available only for textual - custom attributes. + type: string + GoogleCloudRetailLoggingHttpRequestContext: type: object + description: HTTP request data that is related to a reported error. + id: GoogleCloudRetailLoggingHttpRequestContext properties: - values: + responseStatusCode: + type: integer + description: The HTTP response status code for the request. + format: int32 + GoogleCloudRetailV2IntentClassificationConfig: + description: >- + The public proto to represent the intent classification config. It will + be converted to the internal proto in the backend. + properties: + inlineSource: + description: Optional. Inline source for intent classifications. + $ref: >- + #/components/schemas/GoogleCloudRetailV2IntentClassificationConfigInlineSource + disabledIntentTypes: description: >- - All the facet values that are replaces by the same merged_value that - follows. The maximum number of values per MergedFacetValue is 25. - Each value can have up to 128 characters. + Optional. A list of intent types that will be disabled for this + customer. The intent types must match one of the predefined intent + types defined at + https://cloud.google.com/retail/docs/reference/rpc/google.cloud.retail.v2alpha#querytype + items: + type: string + type: array + example: + description: Optional. A list of examples for intent classification. type: array + items: + $ref: >- + #/components/schemas/GoogleCloudRetailV2IntentClassificationConfigExample + blocklistKeywords: items: type: string - mergedValue: description: >- - All the previous values are replaced by this merged facet value. - This merged_value must be non-empty and can have up to 128 - characters. - type: string - GoogleCloudRetailV2CatalogAttributeFacetConfigMergedFacet: - id: GoogleCloudRetailV2CatalogAttributeFacetConfigMergedFacet - description: >- - The current facet key (i.e. attribute config) maps into the - merged_facet_key. A facet key can have at most one child. The current - facet key and the merged facet key need both to be textual custom - attributes or both numerical custom attributes (same type). - type: object - properties: - mergedFacetKey: + Optional. A list of keywords that will be used to classify the query + to the "BLOCKLISTED" intent type. The keywords are case insensitive. + type: array + modelPreamble: description: >- - The merged facet key should be a valid facet key that is different - than the facet key of the current catalog attribute. We refer this - is merged facet key as the child of the current catalog attribute. - This merged facet key can't be a parent of another facet key (i.e. - no directed path of length 2). This merged facet key needs to be - either a textual custom attribute or a numerical custom attribute. + Optional. Customers can use the preamble to specify any requirements + for blocklisting intent classification. This preamble will be added + to the blocklisting intent classification model prompt. type: string - GoogleCloudRetailV2CatalogAttributeFacetConfigRerankConfig: - id: GoogleCloudRetailV2CatalogAttributeFacetConfigRerankConfig - description: >- - Options to rerank based on facet values engaged by the user for the - current key. That key needs to be a custom textual key and facetable. To - use this control, you also need to pass all the facet keys engaged by - the user in the request using the field [SearchRequest.FacetSpec]. In - particular, if you don't pass the facet keys engaged that you want to - rerank on, this control won't be effective. Moreover, to obtain better - results, the facet values that you want to rerank on should be close to - English (ideally made of words, underscores, and spaces). type: object + id: GoogleCloudRetailV2IntentClassificationConfig + GoogleCloudRetailV2ImportCompletionDataResponse: + id: GoogleCloudRetailV2ImportCompletionDataResponse + description: >- + Response of the ImportCompletionDataRequest. If the long running + operation is done, this message is returned by the + google.longrunning.Operations.response field if the operation is + successful. properties: - rerankFacet: - description: >- - If set to true, then we also rerank the dynamic facets based on the - facet values engaged by the user for the current attribute key - during serving. - type: boolean - facetValues: - description: >- - If empty, rerank on all facet values for the current key. Otherwise, - will rerank on the facet values from this list only. + errorSamples: type: array items: - type: string - GoogleCloudRetailV2AddCatalogAttributeRequest: - id: GoogleCloudRetailV2AddCatalogAttributeRequest - description: Request for CatalogService.AddCatalogAttribute method. - type: object - properties: - catalogAttribute: - description: Required. The CatalogAttribute to add. - $ref: '#/components/schemas/GoogleCloudRetailV2CatalogAttribute' - GoogleCloudRetailV2RemoveCatalogAttributeRequest: - id: GoogleCloudRetailV2RemoveCatalogAttributeRequest - description: Request for CatalogService.RemoveCatalogAttribute method. - type: object - properties: - key: - description: Required. The attribute name key of the CatalogAttribute to remove. - type: string - GoogleCloudRetailV2ReplaceCatalogAttributeRequest: - id: GoogleCloudRetailV2ReplaceCatalogAttributeRequest - description: Request for CatalogService.ReplaceCatalogAttribute method. + $ref: '#/components/schemas/GoogleRpcStatus' + description: A sample of errors encountered while processing the request. type: object + GoogleCloudRetailV2SearchResponseConversationalSearchResult: + description: >- + This field specifies all related information that is needed on client + side for UI rendering of conversational retail search. properties: - catalogAttribute: - description: Required. The updated CatalogAttribute. - $ref: '#/components/schemas/GoogleCloudRetailV2CatalogAttribute' - updateMask: + refinedQuery: description: >- - Indicates which fields in the provided CatalogAttribute to update. - The following are NOT supported: * CatalogAttribute.key If not set, - all supported fields are updated. + The current refined query for the conversational search. This field + will be used in customer UI that the query in the search bar should + be replaced with the refined query. For example, if + SearchRequest.query is `dress` and next + SearchRequest.ConversationalSearchSpec.UserAnswer.text_answer is + `red color`, which does not match any product attribute value + filters, the refined query will be `dress, red color`. type: string - format: google-fieldmask - GoogleCloudRetailV2SearchRequest: - id: GoogleCloudRetailV2SearchRequest - description: Request message for SearchService.Search method. - type: object - properties: - branch: - description: >- - The branch resource name, such as - `projects/*/locations/global/catalogs/default_catalog/branches/0`. - Use "default_branch" as the branch ID or leave this field empty, to - search products under the default branch. + followupQuestion: + description: The follow-up question. e.g., `What is the color?` type: string - query: + additionalFilter: description: >- - Raw search query. If this field is empty, the request is considered - a category browsing request and returned results are based on filter - and page_categories. - type: string - visitorId: + This is the incremental additional filters implied from the current + user answer. User should add the suggested addition filters to the + previous SearchRequest.filter, and use the merged filter in the + follow up search request. + $ref: >- + #/components/schemas/GoogleCloudRetailV2SearchResponseConversationalSearchResultAdditionalFilter + conversationId: description: >- - Required. A unique identifier for tracking visitors. For example, - this could be implemented with an HTTP cookie, which should be able - to uniquely identify a visitor on a single device. This unique - identifier should not change if the visitor logs in or out of the - website. This should be the same identifier as UserEvent.visitor_id. - The field must be a UTF-8 encoded string with a length limit of 128 - characters. Otherwise, an INVALID_ARGUMENT error is returned. + Conversation UUID. This field will be stored in client side storage + to maintain the conversation session with server and will be used + for next search request's + SearchRequest.ConversationalSearchSpec.conversation_id to restore + conversation state in server. type: string - userInfo: - description: User information. - $ref: '#/components/schemas/GoogleCloudRetailV2UserInfo' - pageSize: - description: >- - Maximum number of Products to return. If unspecified, defaults to a - reasonable value. The maximum allowed value is 120. Values above 120 - will be coerced to 120. If this field is negative, an - INVALID_ARGUMENT is returned. - type: integer - format: int32 - pageToken: + suggestedAnswers: + type: array + description: The answer options provided to client for the follow-up question. + items: + $ref: >- + #/components/schemas/GoogleCloudRetailV2SearchResponseConversationalSearchResultSuggestedAnswer + additionalFilters: description: >- - A page token SearchResponse.next_page_token, received from a - previous SearchService.Search call. Provide this to retrieve the - subsequent page. When paginating, all other parameters provided to - SearchService.Search must match the call that provided the page - token. Otherwise, an INVALID_ARGUMENT error is returned. + This field is deprecated but will be kept for backward + compatibility. There is expected to have only one additional filter + and the value will be the same to the same as field + `additional_filter`. + items: + $ref: >- + #/components/schemas/GoogleCloudRetailV2SearchResponseConversationalSearchResultAdditionalFilter + type: array + deprecated: true + type: object + id: GoogleCloudRetailV2SearchResponseConversationalSearchResult + GoogleCloudRetailV2alphaEnrollSolutionMetadata: + id: GoogleCloudRetailV2alphaEnrollSolutionMetadata + type: object + description: >- + Metadata related to the EnrollSolution method. This will be returned by + the google.longrunning.Operation.metadata field. + properties: {} + GoogleCloudRetailV2alphaSetInventoryMetadata: + type: object + id: GoogleCloudRetailV2alphaSetInventoryMetadata + description: >- + Metadata related to the progress of the SetInventory operation. + Currently empty because there is no meaningful metadata populated from + the ProductService.SetInventory method. + properties: {} + GoogleCloudRetailV2ConditionTimeRange: + properties: + startTime: + description: Start of time range. Range is inclusive. + format: google-datetime type: string - offset: - description: >- - A 0-indexed integer that specifies the current offset (that is, - starting result location, amongst the Products deemed by the API as - relevant) in search results. This field is only considered if - page_token is unset. If this field is negative, an INVALID_ARGUMENT - is returned. - type: integer - format: int32 - filter: - description: >- - The filter syntax consists of an expression language for - constructing a predicate from one or more fields of the products - being filtered. Filter expression is case-sensitive. For more - information, see - [Filter](https://cloud.google.com/retail/docs/filter-and-order#filter). - If this field is unrecognizable, an INVALID_ARGUMENT is returned. + endTime: + description: End of time range. Range is inclusive. + format: google-datetime type: string - canonicalFilter: - description: >- - The default filter that is applied when a user performs a search - without checking any filters on the search page. The filter applied - to every search request when quality improvement such as query - expansion is needed. In the case a query does not have a sufficient - amount of results this filter will be used to determine whether or - not to enable the query expansion flow. The original filter will - still be used for the query expanded search. This field is strongly - recommended to achieve high search quality. For more information - about filter syntax, see SearchRequest.filter. + type: object + id: GoogleCloudRetailV2ConditionTimeRange + description: >- + Used for time-dependent conditions. Example: Want to have rule applied + for week long sale. + GoogleCloudRetailV2FulfillmentInfo: + id: GoogleCloudRetailV2FulfillmentInfo + properties: + type: type: string - orderBy: description: >- - The order in which products are returned. Products can be ordered by - a field in an Product object. Leave it unset if ordered by - relevance. OrderBy expression is case-sensitive. For more - information, see - [Order](https://cloud.google.com/retail/docs/filter-and-order#order). - If this field is unrecognizable, an INVALID_ARGUMENT is returned. + The fulfillment type, including commonly used types (such as pickup + in store and same day delivery), and custom types. Customers have to + map custom types to their display names before rendering UI. + Supported values: * "pickup-in-store" * "ship-to-store" * + "same-day-delivery" * "next-day-delivery" * "custom-type-1" * + "custom-type-2" * "custom-type-3" * "custom-type-4" * + "custom-type-5" If this field is set to an invalid value other than + these, an INVALID_ARGUMENT error is returned. + placeIds: + type: array + description: >- + The IDs for this type, such as the store IDs for + FulfillmentInfo.type.pickup-in-store or the region IDs for + FulfillmentInfo.type.same-day-delivery. A maximum of 3000 values are + allowed. Each value must be a string with a length limit of 30 + characters, matching the pattern `[a-zA-Z0-9_-]+`, such as "store1" + or "REGION-2". Otherwise, an INVALID_ARGUMENT error is returned. + items: + type: string + type: object + description: >- + Fulfillment information, such as the store IDs for in-store pickup or + region IDs for different shipping methods. + GoogleCloudRetailV2UpdateGenerativeQuestionConfigRequest: + properties: + updateMask: type: string - facetSpecs: + format: google-fieldmask description: >- - Facet specifications for faceted search. If empty, no facets are - returned. A maximum of 200 values are allowed. Otherwise, an + Optional. Indicates which fields in the provided + GenerativeQuestionConfig to update. The following are NOT supported: + * GenerativeQuestionConfig.frequency If not set or empty, all + supported fields are updated. + generativeQuestionConfig: + description: Required. The question to update. + $ref: '#/components/schemas/GoogleCloudRetailV2GenerativeQuestionConfig' + type: object + description: Request for UpdateGenerativeQuestionConfig method. + id: GoogleCloudRetailV2UpdateGenerativeQuestionConfigRequest + GoogleCloudRetailV2Rating: + description: The rating of a Product. + type: object + properties: + ratingCount: + format: int32 + description: >- + The total number of ratings. This value is independent of the value + of rating_histogram. This value must be nonnegative. Otherwise, an INVALID_ARGUMENT error is returned. + type: integer + ratingHistogram: type: array items: - $ref: '#/components/schemas/GoogleCloudRetailV2SearchRequestFacetSpec' - dynamicFacetSpec: + type: integer + format: int32 description: >- - Deprecated. Refer to - https://cloud.google.com/retail/docs/configs#dynamic to enable - dynamic facets. Do not set this field. The specification for - dynamically generated facets. Notice that only textual facets can be - dynamically generated. - deprecated: true - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchRequestDynamicFacetSpec - boostSpec: + List of rating counts per rating value (index = rating - 1). The + list is empty if there is no rating. If the list is non-empty, its + size is always 5. Otherwise, an INVALID_ARGUMENT error is returned. + For example, [41, 14, 13, 47, 303]. It means that the Product got 41 + ratings with 1 star, 14 ratings with 2 star, and so on. + averageRating: description: >- - Boost specification to boost certain products. For more information, - see [Boost results](https://cloud.google.com/retail/docs/boosting). - Notice that if both ServingConfig.boost_control_ids and - SearchRequest.boost_spec are set, the boost conditions from both - places are evaluated. If a search request matches multiple boost - conditions, the final boost score is equal to the sum of the boost - scores from all matched boost conditions. - $ref: '#/components/schemas/GoogleCloudRetailV2SearchRequestBoostSpec' - queryExpansionSpec: + The average rating of the Product. The rating is scaled at 1-5. + Otherwise, an INVALID_ARGUMENT error is returned. + format: float + type: number + id: GoogleCloudRetailV2Rating + GoogleCloudRetailV2RejoinUserEventsRequest: + id: GoogleCloudRetailV2RejoinUserEventsRequest + properties: + userEventRejoinScope: + enum: + - USER_EVENT_REJOIN_SCOPE_UNSPECIFIED + - JOINED_EVENTS + - UNJOINED_EVENTS + enumDescriptions: + - >- + Rejoin all events with the latest product catalog, including both + joined events and unjoined events. + - Only rejoin joined events with the latest product catalog. + - Only rejoin unjoined events with the latest product catalog. description: >- - The query expansion specification that specifies the conditions - under which query expansion occurs. For more information, see [Query - expansion](https://cloud.google.com/retail/docs/result-size#query_expansion). - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchRequestQueryExpansionSpec - variantRollupKeys: + The type of the user event rejoin to define the scope and range of + the user events to be rejoined with the latest product catalog. + Defaults to `USER_EVENT_REJOIN_SCOPE_UNSPECIFIED` if this field is + not set, or set to an invalid integer value. + type: string + type: object + description: Request message for RejoinUserEvents method. + GoogleCloudRetailV2alphaModelFrequentlyBoughtTogetherFeaturesConfig: + id: GoogleCloudRetailV2alphaModelFrequentlyBoughtTogetherFeaturesConfig + properties: + contextProductsType: + enumDescriptions: + - >- + Unspecified default value, should never be explicitly set. + Defaults to MULTIPLE_CONTEXT_PRODUCTS. + - >- + Use only a single product as context for the recommendation. + Typically used on pages like add-to-cart or product details. + - >- + Use one or multiple products as context for the recommendation. + Typically used on shopping cart pages. description: >- - The keys to fetch and rollup the matching variant Products - attributes, FulfillmentInfo or LocalInventorys attributes. The - attributes from all the matching variant Products or LocalInventorys - are merged and de-duplicated. Notice that rollup attributes will - lead to extra query latency. Maximum number of keys is 30. For - FulfillmentInfo, a fulfillment type and a fulfillment ID must be - provided in the format of "fulfillmentType.fulfillmentId". E.g., in - "pickupInStore.store123", "pickupInStore" is fulfillment type and - "store123" is the store ID. Supported keys are: * colorFamilies * - price * originalPrice * discount * variantId * - inventory(place_id,price) * inventory(place_id,original_price) * - inventory(place_id,attributes.key), where key is any key in the - Product.local_inventories.attributes map. * attributes.key, where - key is any key in the Product.attributes map. * pickupInStore.id, - where id is any FulfillmentInfo.place_ids for FulfillmentInfo.type - "pickup-in-store". * shipToStore.id, where id is any - FulfillmentInfo.place_ids for FulfillmentInfo.type "ship-to-store". - * sameDayDelivery.id, where id is any FulfillmentInfo.place_ids for - FulfillmentInfo.type "same-day-delivery". * nextDayDelivery.id, - where id is any FulfillmentInfo.place_ids for FulfillmentInfo.type - "next-day-delivery". * customFulfillment1.id, where id is any - FulfillmentInfo.place_ids for FulfillmentInfo.type "custom-type-1". - * customFulfillment2.id, where id is any FulfillmentInfo.place_ids - for FulfillmentInfo.type "custom-type-2". * customFulfillment3.id, - where id is any FulfillmentInfo.place_ids for FulfillmentInfo.type - "custom-type-3". * customFulfillment4.id, where id is any - FulfillmentInfo.place_ids for FulfillmentInfo.type "custom-type-4". - * customFulfillment5.id, where id is any FulfillmentInfo.place_ids - for FulfillmentInfo.type "custom-type-5". If this field is set to an - invalid value other than these, an INVALID_ARGUMENT error is - returned. - type: array - items: - type: string - pageCategories: - description: >- - The categories associated with a category page. Must be set for - category navigation queries to achieve good search quality. The - format should be the same as UserEvent.page_categories; To represent - full path of category, use '>' sign to separate different - hierarchies. If '>' is part of the category name, replace it with - other character(s). Category pages include special pages such as - sales or promotions. For instance, a special sale page may have the - category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday - Deals"]. - type: array - items: - type: string - searchMode: - description: >- - The search mode of the search request. If not specified, a single - search request triggers both product search and faceted search. - type: string - enumDescriptions: - - >- - Default value. In this case both product search and faceted search - will be performed. Both SearchResponse.SearchResult and - SearchResponse.Facet will be returned. - - >- - Only product search will be performed. The faceted search will be - disabled. Only SearchResponse.SearchResult will be returned. - SearchResponse.Facet will not be returned, even if - SearchRequest.facet_specs or SearchRequest.dynamic_facet_spec is - set. - - >- - Only faceted search will be performed. The product search will be - disabled. When in this mode, one or both of - SearchRequest.facet_specs and SearchRequest.dynamic_facet_spec - should be set. Otherwise, an INVALID_ARGUMENT error is returned. - Only SearchResponse.Facet will be returned. - SearchResponse.SearchResult will not be returned. - enum: - - SEARCH_MODE_UNSPECIFIED - - PRODUCT_SEARCH_ONLY - - FACETED_SEARCH_ONLY - personalizationSpec: - description: >- - The specification for personalization. Notice that if both - ServingConfig.personalization_spec and - SearchRequest.personalization_spec are set. - SearchRequest.personalization_spec will override - ServingConfig.personalization_spec. - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchRequestPersonalizationSpec - labels: - description: >- - The labels applied to a resource must meet the following - requirements: * Each resource can have multiple labels, up to a - maximum of 64. * Each label must be a key-value pair. * Keys have a - minimum length of 1 character and a maximum length of 63 characters - and cannot be empty. Values can be empty and have a maximum length - of 63 characters. * Keys and values can contain only lowercase - letters, numeric characters, underscores, and dashes. All characters - must use UTF-8 encoding, and international characters are allowed. * - The key portion of a label must be unique. However, you can use the - same key with multiple resources. * Keys must start with a lowercase - letter or international character. For more information, see - [Requirements for - labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) - in the Resource Manager documentation. - type: object - additionalProperties: - type: string - spellCorrectionSpec: - description: >- - The spell correction specification that specifies the mode under - which spell correction will take effect. - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchRequestSpellCorrectionSpec - entity: - description: >- - The entity for customers that may run multiple different entities, - domains, sites or regions, for example, `Google US`, `Google Ads`, - `Waymo`, `google.com`, `youtube.com`, etc. If this is set, it should - be exactly matched with UserEvent.entity to get search results - boosted by entity. - type: string - conversationalSearchSpec: - description: >- - Optional. This field specifies all conversational related parameters - addition to traditional retail search. - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchRequestConversationalSearchSpec - tileNavigationSpec: - description: Optional. This field specifies tile navigation related parameters. - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchRequestTileNavigationSpec - languageCode: - description: >- - Optional. The BCP-47 language code, such as "en-US" or "sr-Latn" - [list](https://www.unicode.org/cldr/charts/46/summary/root.html). - For more information, see [Standardized - codes](https://google.aip.dev/143). This field helps to better - interpret the query. If a value isn't specified, the query language - code is automatically detected, which may not be accurate. - type: string - regionCode: - description: >- - Optional. The Unicode country/region code (CLDR) of a location, such - as "US" and "419" - [list](https://www.unicode.org/cldr/charts/46/supplemental/territory_information.html). - For more information, see [Standardized - codes](https://google.aip.dev/143). If set, then results will be - boosted based on the region_code provided. - type: string - placeId: - description: >- - Optional. An id corresponding to a place, such as a store id or - region id. When specified, we use the price from the local inventory - with the matching product's LocalInventory.place_id for revenue - optimization. - type: string - userAttributes: - description: >- - Optional. The user attributes that could be used for personalization - of search results. * Populate at most 100 key-value pairs per query. - * Only supports string keys and repeated string values. * Duplicate - keys are not allowed within a single query. Example: - user_attributes: [ { key: "pets" value { values: "dog" values: "cat" - } }, { key: "state" value { values: "CA" } } ] - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudRetailV2StringList' - GoogleCloudRetailV2UserInfo: - id: GoogleCloudRetailV2UserInfo - description: Information of an end user. - type: object - properties: - userId: - description: >- - Highly recommended for logged-in users. Unique identifier for - logged-in user, such as a user name. Don't set for anonymous users. - Always use a hashed value for this ID. Don't set the field to the - same fixed ID for different users. This mixes the event history of - those users together, which results in degraded model quality. The - field must be a UTF-8 encoded string with a length limit of 128 - characters. Otherwise, an INVALID_ARGUMENT error is returned. - type: string - ipAddress: - description: >- - The end user's IP address. This field is used to extract location - information for personalization. This field must be either an IPv4 - address (e.g. "104.133.9.80") or an IPv6 address (e.g. - "2001:0db8:85a3:0000:0000:8a2e:0370:7334"). Otherwise, an - INVALID_ARGUMENT error is returned. This should not be set when: * - setting SearchRequest.user_info. * using the JavaScript tag in - UserEventService.CollectUserEvent or if direct_user_request is set. - type: string - userAgent: - description: >- - User agent as included in the HTTP header. The field must be a UTF-8 - encoded string with a length limit of 1,000 characters. Otherwise, - an INVALID_ARGUMENT error is returned. This should not be set when - using the client side event reporting with GTM or JavaScript tag in - UserEventService.CollectUserEvent or if direct_user_request is set. - type: string - directUserRequest: - description: >- - True if the request is made directly from the end user, in which - case the ip_address and user_agent can be populated from the HTTP - request. This flag should be set only if the API request is made - directly from the end user such as a mobile app (and not if a - gateway or a server is processing and pushing the user events). This - should not be set when using the JavaScript tag in - UserEventService.CollectUserEvent. - type: boolean - GoogleCloudRetailV2SearchRequestFacetSpec: - id: GoogleCloudRetailV2SearchRequestFacetSpec - description: A facet specification to perform faceted search. - type: object - properties: - facetKey: - description: Required. The facet key specification. - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchRequestFacetSpecFacetKey - limit: - description: >- - Maximum of facet values that should be returned for this facet. If - unspecified, defaults to 50. The maximum allowed value is 300. - Values above 300 will be coerced to 300. If this field is negative, - an INVALID_ARGUMENT is returned. - type: integer - format: int32 - excludedFilterKeys: - description: >- - List of keys to exclude when faceting. By default, FacetKey.key is - not excluded from the filter unless it is listed in this field. - Listing a facet key in this field allows its values to appear as - facet results, even when they are filtered out of search results. - Using this field does not affect what search results are returned. - For example, suppose there are 100 products with the color facet - "Red" and 200 products with the color facet "Blue". A query - containing the filter "colorFamilies:ANY("Red")" and having - "colorFamilies" as FacetKey.key would by default return only "Red" - products in the search results, and also return "Red" with count 100 - as the only color facet. Although there are also blue products - available, "Blue" would not be shown as an available facet value. If - "colorFamilies" is listed in "excludedFilterKeys", then the query - returns the facet values "Red" with count 100 and "Blue" with count - 200, because the "colorFamilies" key is now excluded from the - filter. Because this field doesn't affect search results, the search - results are still correctly filtered to return only "Red" products. - A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT - error is returned. - type: array - items: - type: string - enableDynamicPosition: - description: >- - Enables dynamic position for this facet. If set to true, the - position of this facet among all facets in the response is - determined by Google Retail Search. It is ordered together with - dynamic facets if dynamic facets is enabled. If set to false, the - position of this facet in the response is the same as in the - request, and it is ranked before the facets with dynamic position - enable and all dynamic facets. For example, you may always want to - have rating facet returned in the response, but it's not necessarily - to always display the rating facet at the top. In that case, you can - set enable_dynamic_position to true so that the position of rating - facet in response is determined by Google Retail Search. Another - example, assuming you have the following facets in the request: * - "rating", enable_dynamic_position = true * "price", - enable_dynamic_position = false * "brands", enable_dynamic_position - = false And also you have a dynamic facets enable, which generates a - facet "gender". Then, the final order of the facets in the response - can be ("price", "brands", "rating", "gender") or ("price", - "brands", "gender", "rating") depends on how Google Retail Search - orders "gender" and "rating" facets. However, notice that "price" - and "brands" are always ranked at first and second position because - their enable_dynamic_position values are false. - type: boolean - GoogleCloudRetailV2SearchRequestFacetSpecFacetKey: - id: GoogleCloudRetailV2SearchRequestFacetSpecFacetKey - description: Specifies how a facet is computed. - type: object - properties: - key: - description: >- - Required. Supported textual and numerical facet keys in Product - object, over which the facet values are computed. Facet key is - case-sensitive. Allowed facet keys when FacetKey.query is not - specified: * textual_field = * "brands" * "categories" * "genders" * - "ageGroups" * "availability" * "colorFamilies" * "colors" * "sizes" - * "materials" * "patterns" * "conditions" * "attributes.key" * - "pickupInStore" * "shipToStore" * "sameDayDelivery" * - "nextDayDelivery" * "customFulfillment1" * "customFulfillment2" * - "customFulfillment3" * "customFulfillment4" * "customFulfillment5" * - "inventory(place_id,attributes.key)" * numerical_field = * "price" * - "discount" * "rating" * "ratingCount" * "attributes.key" * - "inventory(place_id,price)" * "inventory(place_id,original_price)" * - "inventory(place_id,attributes.key)" - type: string - intervals: - description: >- - Set only if values should be bucketized into intervals. Must be set - for facets with numerical values. Must not be set for facet with - text values. Maximum number of intervals is 40. For all numerical - facet keys that appear in the list of products from the catalog, the - percentiles 0, 10, 30, 50, 70, 90, and 100 are computed from their - distribution weekly. If the model assigns a high score to a - numerical facet key and its intervals are not specified in the - search request, these percentiles become the bounds for its - intervals and are returned in the response. If the facet key - intervals are specified in the request, then the specified intervals - are returned instead. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2Interval' - restrictedValues: - description: >- - Only get facet for the given restricted values. For example, when - using "pickupInStore" as key and set restricted values to - ["store123", "store456"], only facets for "store123" and "store456" - are returned. Only supported on predefined textual fields, custom - textual attributes and fulfillments. Maximum is 20. Must be set for - the fulfillment facet keys: * pickupInStore * shipToStore * - sameDayDelivery * nextDayDelivery * customFulfillment1 * - customFulfillment2 * customFulfillment3 * customFulfillment4 * - customFulfillment5 - type: array - items: - type: string - prefixes: - description: >- - Only get facet values that start with the given string prefix. For - example, suppose "categories" has three values "Women > Shoe", - "Women > Dress" and "Men > Shoe". If set "prefixes" to "Women", the - "categories" facet gives only "Women > Shoe" and "Women > Dress". - Only supported on textual fields. Maximum is 10. - type: array - items: - type: string - contains: - description: >- - Only get facet values that contains the given strings. For example, - suppose "categories" has three values "Women > Shoe", "Women > - Dress" and "Men > Shoe". If set "contains" to "Shoe", the - "categories" facet gives only "Women > Shoe" and "Men > Shoe". Only - supported on textual fields. Maximum is 10. - type: array - items: - type: string - caseInsensitive: - description: >- - True to make facet keys case insensitive when getting faceting - values with prefixes or contains; false otherwise. - type: boolean - orderBy: - description: >- - The order in which SearchResponse.Facet.values are returned. Allowed - values are: * "count desc", which means order by - SearchResponse.Facet.values.count descending. * "value desc", which - means order by SearchResponse.Facet.values.value descending. Only - applies to textual facets. If not set, textual values are sorted in - [natural order](https://en.wikipedia.org/wiki/Natural_sort_order); - numerical intervals are sorted in the order given by - FacetSpec.FacetKey.intervals; FulfillmentInfo.place_ids are sorted - in the order given by FacetSpec.FacetKey.restricted_values. - type: string - query: - description: >- - The query that is used to compute facet for the given facet key. - When provided, it overrides the default behavior of facet - computation. The query syntax is the same as a filter expression. - See SearchRequest.filter for detail syntax and limitations. Notice - that there is no limitation on FacetKey.key when query is specified. - In the response, SearchResponse.Facet.values.value is always "1" and - SearchResponse.Facet.values.count is the number of results that - match the query. For example, you can set a customized facet for - "shipToStore", where FacetKey.key is "customizedShipToStore", and - FacetKey.query is "availability: ANY(\"IN_STOCK\") AND shipToStore: - ANY(\"123\")". Then the facet counts the products that are both in - stock and ship to store "123". - type: string - returnMinMax: - description: >- - Returns the min and max value for each numerical facet intervals. - Ignored for textual facets. - type: boolean - GoogleCloudRetailV2SearchRequestDynamicFacetSpec: - id: GoogleCloudRetailV2SearchRequestDynamicFacetSpec - description: The specifications of dynamically generated facets. - type: object - properties: - mode: - description: >- - Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's - unset. + Optional. Specifies the context of the model when it is used in + predict requests. Can only be set for the + `frequently-bought-together` type. If it isn't specified, it + defaults to MULTIPLE_CONTEXT_PRODUCTS. type: string - enumDescriptions: - - Default value. - - Disable Dynamic Facet. - - Automatic mode built by Google Retail Search. enum: - - MODE_UNSPECIFIED - - DISABLED - - ENABLED - GoogleCloudRetailV2SearchRequestBoostSpec: - id: GoogleCloudRetailV2SearchRequestBoostSpec - description: Boost specification to boost certain items. + - CONTEXT_PRODUCTS_TYPE_UNSPECIFIED + - SINGLE_CONTEXT_PRODUCT + - MULTIPLE_CONTEXT_PRODUCTS type: object - properties: - conditionBoostSpecs: - description: >- - Condition boost specifications. If a product matches multiple - conditions in the specifications, boost scores from these - specifications are all applied and combined in a non-linear way. - Maximum number of specifications is 20. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchRequestBoostSpecConditionBoostSpec - skipBoostSpecValidation: - description: >- - Whether to skip boostspec validation. If this field is set to true, - invalid BoostSpec.condition_boost_specs will be ignored and valid - BoostSpec.condition_boost_specs will still be applied. - type: boolean - GoogleCloudRetailV2SearchRequestBoostSpecConditionBoostSpec: - id: GoogleCloudRetailV2SearchRequestBoostSpecConditionBoostSpec - description: Boost applies to products which match a condition. + description: Additional configs for the frequently-bought-together model type. + GoogleCloudRetailV2RuleBoostAction: + id: GoogleCloudRetailV2RuleBoostAction type: object properties: - condition: - description: >- - An expression which specifies a boost condition. The syntax and - supported fields are the same as a filter expression. See - SearchRequest.filter for detail syntax and limitations. Examples: * - To boost products with product ID "product_1" or "product_2", and - color "Red" or "Blue": * (id: ANY("product_1", "product_2")) AND - (colorFamilies: ANY("Red","Blue")) - type: string boost: + type: number description: >- - Strength of the condition boost, which should be in [-1, 1]. - Negative boost means demotion. Default is 0.0. Setting to 1.0 gives - the item a big promotion. However, it does not necessarily mean that - the boosted item will be the top result at all times, nor that other + Strength of the condition boost, which must be in [-1, 1]. Negative + boost means demotion. Default is 0.0. Setting to 1.0 gives the item + a big promotion. However, it does not necessarily mean that the + boosted item will be the top result at all times, nor that other items will be excluded. Results could still be shown even when none of them matches the condition. And results that are significantly more relevant to the search query can still trump your heavily @@ -1456,19 +908,32 @@ components: shown. The item will have an upstream battle to get a fairly high ranking, but it is not blocked out completely. Setting to 0.0 means no boost applied. The boosting condition is ignored. - type: number format: float + productsFilter: + type: string + description: >- + The filter can have a max size of 5000 characters. An expression + which specifies which products to apply an action to. The syntax and + supported fields are the same as a filter expression. See + SearchRequest.filter for detail syntax and limitations. Examples: * + To boost products with product ID "product_1" or "product_2", and + color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * + *(colorFamilies: ANY("Red", "Blue")) * + description: A boost action to apply to results matching condition specified above. GoogleCloudRetailV2SearchRequestQueryExpansionSpec: - id: GoogleCloudRetailV2SearchRequestQueryExpansionSpec description: >- Specification to determine under which conditions query expansion should occur. - type: object + id: GoogleCloudRetailV2SearchRequestQueryExpansionSpec properties: condition: description: >- The condition under which query expansion should occur. Default to Condition.DISABLED. + enum: + - CONDITION_UNSPECIFIED + - DISABLED + - AUTO type: string enumDescriptions: - >- @@ -1478,509 +943,637 @@ components: Disabled query expansion. Only the exact search query is used, even if SearchResponse.total_size is zero. - Automatic query expansion built by Google Retail Search. - enum: - - CONDITION_UNSPECIFIED - - DISABLED - - AUTO pinUnexpandedResults: description: >- Whether to pin unexpanded results. The default value is false. If this field is set to true, unexpanded products are always at the top of the search results, followed by the expanded results. type: boolean - GoogleCloudRetailV2SearchRequestPersonalizationSpec: - id: GoogleCloudRetailV2SearchRequestPersonalizationSpec - description: The specification for personalization. + type: object + GoogleCloudRetailV2PurchaseTransaction: + description: A transaction represents the entire purchase transaction. + id: GoogleCloudRetailV2PurchaseTransaction type: object properties: - mode: - description: Defaults to Mode.AUTO. + revenue: + description: >- + Required. Total non-zero revenue or grand total associated with the + transaction. This value include shipping, tax, or other adjustments + to total revenue that you want to include as part of your revenue + calculations. + type: number + format: float + id: type: string - enumDescriptions: - - >- - Default value. In this case, server behavior defaults to - Mode.AUTO. - - >- - Let CRS decide whether to use personalization based on quality of - user event data. - - Disable personalization. - enum: - - MODE_UNSPECIFIED - - AUTO - - DISABLED - GoogleCloudRetailV2SearchRequestSpellCorrectionSpec: - id: GoogleCloudRetailV2SearchRequestSpellCorrectionSpec - description: The specification for query spell correction. + description: The transaction ID with a length limit of 128 characters. + cost: + description: >- + All the costs associated with the products. These can be + manufacturing costs, shipping expenses not borne by the end user, or + any other costs, such that: * Profit = revenue - tax - cost + format: float + type: number + currencyCode: + description: Required. Currency code. Use three-character ISO-4217 code. + type: string + tax: + description: All the taxes associated with the transaction. + format: float + type: number + GoogleCloudRetailV2alphaAddLocalInventoriesMetadata: type: object + id: GoogleCloudRetailV2alphaAddLocalInventoriesMetadata + properties: {} + description: >- + Metadata related to the progress of the AddLocalInventories operation. + Currently empty because there is no meaningful metadata populated from + the ProductService.AddLocalInventories method. + GoogleCloudRetailV2betaImportErrorsConfig: properties: - mode: + gcsPrefix: description: >- - The mode under which spell correction should take effect to replace - the original search query. Default to Mode.AUTO. + Google Cloud Storage prefix for import errors. This must be an + empty, existing Cloud Storage directory. Import errors are written + to sharded files in this directory, one per line, as a JSON-encoded + `google.rpc.Status` message. type: string - enumDescriptions: - - >- - Unspecified spell correction mode. In this case, server behavior - defaults to Mode.AUTO. - - >- - Google Retail Search will try to find a spell suggestion if there - is any and put in the SearchResponse.corrected_query. The spell - suggestion will not be used as the search query. - - >- - Automatic spell correction built by Google Retail Search. Search - will be based on the corrected query if found. - enum: - - MODE_UNSPECIFIED - - SUGGESTION_ONLY - - AUTO - GoogleCloudRetailV2SearchRequestConversationalSearchSpec: - id: GoogleCloudRetailV2SearchRequestConversationalSearchSpec - description: >- - This field specifies all conversational related parameters addition to - traditional retail search. + description: Configuration of destination for Import related errors. type: object + id: GoogleCloudRetailV2betaImportErrorsConfig + GoogleCloudRetailV2Control: + id: GoogleCloudRetailV2Control + description: >- + Configures dynamic metadata that can be linked to a ServingConfig and + affect search or recommendation results at serving time. properties: - followupConversationRequested: + associatedServingConfigIds: description: >- - This field specifies whether the customer would like to do - conversational search. If this field is set to true, conversational - related extra information will be returned from server side, - including follow-up question, answer options, etc. - type: boolean - conversationId: + Output only. List of serving config ids that are associated with + this control in the same Catalog. Note the association is managed + via the ServingConfig, this is an output only denormalized view. + items: + type: string + type: array + readOnly: true + solutionTypes: + items: + type: string + enumDescriptions: + - Default value. + - Used for Recommendations AI. + - Used for Retail Search. + enum: + - SOLUTION_TYPE_UNSPECIFIED + - SOLUTION_TYPE_RECOMMENDATION + - SOLUTION_TYPE_SEARCH + type: array description: >- - This field specifies the conversation id, which maintains the state - of the conversation between client side and server side. Use the - value from the previous ConversationalSearchResult.conversation_id. - For the initial request, this should be empty. + Required. Immutable. The solution types that the control is used + for. Currently we support setting only one type of solution at + creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the + moment. If no solution type is provided at creation time, will + default to SOLUTION_TYPE_SEARCH. + searchSolutionUseCase: + description: >- + Specifies the use case for the control. Affects what condition + fields can be set. Only settable by search controls. Will default to + SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only + allow one search_solution_use_case per control. + items: + enumDescriptions: + - >- + The value when it's unspecified. In this case, server behavior + defaults to SEARCH_SOLUTION_USE_CASE_SEARCH. + - Search use case. Expects the traffic has a non-empty query. + - Browse use case. Expects the traffic has an empty query. + enum: + - SEARCH_SOLUTION_USE_CASE_UNSPECIFIED + - SEARCH_SOLUTION_USE_CASE_SEARCH + - SEARCH_SOLUTION_USE_CASE_BROWSE + type: string + type: array + name: + description: >- + Immutable. Fully qualified name + `projects/*/locations/global/catalogs/*/controls/*` type: string - userAnswer: + rule: + $ref: '#/components/schemas/GoogleCloudRetailV2Rule' description: >- - This field specifies the current user answer during the - conversational search. This can be either user selected from - suggested answers or user input plain text. - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchRequestConversationalSearchSpecUserAnswer - GoogleCloudRetailV2SearchRequestConversationalSearchSpecUserAnswer: - id: GoogleCloudRetailV2SearchRequestConversationalSearchSpecUserAnswer - description: >- - This field specifies the current user answer during the conversational - search. This can be either user selected from suggested answers or user - input plain text. + A rule control - a condition-action pair. Enacts a set action when + the condition is triggered. For example: Boost "gShoe" when query + full matches "Running Shoes". + displayName: + description: >- + Required. The human readable control display name. Used in Retail + UI. This field must be a UTF-8 encoded string with a length limit of + 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown. + type: string type: object + GoogleCloudRetailV2ResumeModelRequest: + type: object + id: GoogleCloudRetailV2ResumeModelRequest + description: Request for resuming training of a model. + properties: {} + GoogleCloudRetailV2alphaModelPageOptimizationConfigCandidate: + type: object + description: >- + A candidate to consider for a given panel. Currently only ServingConfig + are valid candidates. + id: GoogleCloudRetailV2alphaModelPageOptimizationConfigCandidate properties: - textAnswer: + servingConfigId: description: >- - This field specifies the incremental input text from the user during - the conversational search. + This has to be a valid ServingConfig identifier. For example, for a + ServingConfig with full name: + `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config`, + this would be `my_candidate_config`. type: string - selectedAnswer: - description: >- - This field specifies the selected attributes during the - conversational search. This should be a subset of - ConversationalSearchResult.suggested_answers. - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchRequestConversationalSearchSpecUserAnswerSelectedAnswer - GoogleCloudRetailV2SearchRequestConversationalSearchSpecUserAnswerSelectedAnswer: - id: >- - GoogleCloudRetailV2SearchRequestConversationalSearchSpecUserAnswerSelectedAnswer + GoogleCloudRetailV2alphaRemoveLocalInventoriesResponse: + id: GoogleCloudRetailV2alphaRemoveLocalInventoriesResponse description: >- - This field specifies the selected answers during the conversational - search. + Response of the ProductService.RemoveLocalInventories API. Currently + empty because there is no meaningful response populated from the + ProductService.RemoveLocalInventories method. + properties: {} type: object + GoogleCloudRetailV2ConversationalSearchResponseFollowupQuestionSuggestedAnswer: + description: >- + Suggested answers to the follow-up question. If it's numerical + attribute, only ProductAttributeInterval will be set. If it's textual + attribute, only productAttributeValue will be set. properties: - productAttributeValues: - description: This field is deprecated and should not be set. - deprecated: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2ProductAttributeValue' productAttributeValue: description: >- - This field specifies the selected answer which is a attribute - key-value. + Product attribute value, including an attribute key and an attribute + value. Other types can be added here in the future. $ref: '#/components/schemas/GoogleCloudRetailV2ProductAttributeValue' - GoogleCloudRetailV2ProductAttributeValue: - id: GoogleCloudRetailV2ProductAttributeValue - description: >- - Product attribute which structured by an attribute name and value. This - structure is used in conversational search filters and answers. For - example, if we have `name=color` and `value=red`, this means that the - color is `red`. + id: >- + GoogleCloudRetailV2ConversationalSearchResponseFollowupQuestionSuggestedAnswer type: object + GoogleCloudRetailV2SearchRequest: + id: GoogleCloudRetailV2SearchRequest properties: - name: - description: The attribute name. + canonicalFilter: type: string - value: - description: The attribute value. + description: >- + The default filter that is applied when a user performs a search + without checking any filters on the search page. The filter applied + to every search request when quality improvement such as query + expansion is needed. In the case a query does not have a sufficient + amount of results this filter will be used to determine whether or + not to enable the query expansion flow. The original filter will + still be used for the query expanded search. This field is strongly + recommended to achieve high search quality. For more information + about filter syntax, see SearchRequest.filter. + conversationalSearchSpec: + $ref: >- + #/components/schemas/GoogleCloudRetailV2SearchRequestConversationalSearchSpec + description: >- + Optional. This field specifies all conversational related parameters + addition to traditional retail search. + placeId: + description: >- + Optional. An id corresponding to a place, such as a store id or + region id. When specified, we use the price from the local inventory + with the matching product's LocalInventory.place_id for revenue + optimization. type: string - GoogleCloudRetailV2SearchRequestTileNavigationSpec: - id: GoogleCloudRetailV2SearchRequestTileNavigationSpec - description: This field specifies tile navigation related parameters. - type: object - properties: - tileNavigationRequested: + searchMode: + enum: + - SEARCH_MODE_UNSPECIFIED + - PRODUCT_SEARCH_ONLY + - FACETED_SEARCH_ONLY description: >- - This field specifies whether the customer would like to request tile - navigation. - type: boolean - appliedTiles: + The search mode of the search request. If not specified, a single + search request triggers both product search and faceted search. + type: string + enumDescriptions: + - >- + Default value. In this case both product search and faceted search + will be performed. Both SearchResponse.SearchResult and + SearchResponse.Facet will be returned. + - >- + Only product search will be performed. The faceted search will be + disabled. Only SearchResponse.SearchResult will be returned. + SearchResponse.Facet will not be returned, even if + SearchRequest.facet_specs or SearchRequest.dynamic_facet_spec is + set. + - >- + Only faceted search will be performed. The product search will be + disabled. When in this mode, one or both of + SearchRequest.facet_specs and SearchRequest.dynamic_facet_spec + should be set. Otherwise, an INVALID_ARGUMENT error is returned. + Only SearchResponse.Facet will be returned. + SearchResponse.SearchResult will not be returned. + pageToken: description: >- - This optional field specifies the tiles which are already clicked in - client side. While the feature works without this field set, - particularly for an initial query, it is highly recommended to set - this field because it can improve the quality of the search response - and removes possible duplicate tiles. NOTE: This field is not being - used for filtering search products. Client side should also put all - the applied tiles in SearchRequest.filter. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2Tile' - GoogleCloudRetailV2Tile: - id: GoogleCloudRetailV2Tile - description: >- - This field specifies the tile information including an attribute key, - attribute value. More fields will be added in the future, eg: product id - or product counts, etc. - type: object - properties: - productAttributeValue: - description: The product attribute key-value. - $ref: '#/components/schemas/GoogleCloudRetailV2ProductAttributeValue' - productAttributeInterval: - description: The product attribute key-numeric interval. - $ref: '#/components/schemas/GoogleCloudRetailV2ProductAttributeInterval' - representativeProductId: - description: The representative product id for this tile. + A page token SearchResponse.next_page_token, received from a + previous SearchService.Search call. Provide this to retrieve the + subsequent page. When paginating, all other parameters provided to + SearchService.Search must match the call that provided the page + token. Otherwise, an INVALID_ARGUMENT error is returned. type: string - GoogleCloudRetailV2ProductAttributeInterval: - id: GoogleCloudRetailV2ProductAttributeInterval - description: Product attribute name and numeric interval. - type: object - properties: - name: - description: The attribute name (e.g. "length") + userAttributes: + type: object + description: >- + Optional. The user attributes that could be used for personalization + of search results. * Populate at most 100 key-value pairs per query. + * Only supports string keys and repeated string values. * Duplicate + keys are not allowed within a single query. Example: + user_attributes: [ { key: "pets" value { values: "dog" values: "cat" + } }, { key: "state" value { values: "CA" } } ] + additionalProperties: + $ref: '#/components/schemas/GoogleCloudRetailV2StringList' + dynamicFacetSpec: + deprecated: true + description: >- + Deprecated. Refer to + https://cloud.google.com/retail/docs/configs#dynamic to enable + dynamic facets. Do not set this field. The specification for + dynamically generated facets. Notice that only textual facets can be + dynamically generated. + $ref: >- + #/components/schemas/GoogleCloudRetailV2SearchRequestDynamicFacetSpec + offset: + format: int32 + type: integer + description: >- + A 0-indexed integer that specifies the current offset (that is, + starting result location, amongst the Products deemed by the API as + relevant) in search results. This field is only considered if + page_token is unset. If this field is negative, an INVALID_ARGUMENT + is returned. + query: type: string - interval: - description: The numeric interval (e.g. [10, 20)) - $ref: '#/components/schemas/GoogleCloudRetailV2Interval' - GoogleCloudRetailV2StringList: - id: GoogleCloudRetailV2StringList - description: A list of string values. - type: object - properties: - values: - description: String values. - type: array + description: >- + Raw search query. If this field is empty, the request is considered + a category browsing request and returned results are based on filter + and page_categories. + facetSpecs: items: - type: string - GoogleCloudRetailV2SearchResponse: - id: GoogleCloudRetailV2SearchResponse - description: Response message for SearchService.Search method. - type: object - properties: - results: - description: A list of matched items. The order represents the ranking. + $ref: '#/components/schemas/GoogleCloudRetailV2SearchRequestFacetSpec' type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2SearchResponseSearchResult' - facets: - description: Results of facets requested by user. + description: >- + Facet specifications for faceted search. If empty, no facets are + returned. A maximum of 200 values are allowed. Otherwise, an + INVALID_ARGUMENT error is returned. + languageCode: + type: string + description: >- + Optional. The BCP-47 language code, such as "en-US" or "sr-Latn" + [list](https://www.unicode.org/cldr/charts/46/summary/root.html). + For more information, see [Standardized + codes](https://google.aip.dev/143). This field helps to better + interpret the query. If a value isn't specified, the query language + code is automatically detected, which may not be accurate. + personalizationSpec: + description: >- + The specification for personalization. Notice that if both + ServingConfig.personalization_spec and + SearchRequest.personalization_spec are set. + SearchRequest.personalization_spec will override + ServingConfig.personalization_spec. + $ref: >- + #/components/schemas/GoogleCloudRetailV2SearchRequestPersonalizationSpec + queryExpansionSpec: + $ref: >- + #/components/schemas/GoogleCloudRetailV2SearchRequestQueryExpansionSpec + description: >- + The query expansion specification that specifies the conditions + under which query expansion occurs. For more information, see [Query + expansion](https://cloud.google.com/retail/docs/result-size#query_expansion). + variantRollupKeys: type: array items: - $ref: '#/components/schemas/GoogleCloudRetailV2SearchResponseFacet' - totalSize: + type: string description: >- - The estimated total count of matched items irrespective of - pagination. The count of results returned by pagination may be less - than the total_size that matches. - type: integer + The keys to fetch and rollup the matching variant Products + attributes, FulfillmentInfo or LocalInventorys attributes. The + attributes from all the matching variant Products or LocalInventorys + are merged and de-duplicated. Notice that rollup attributes will + lead to extra query latency. Maximum number of keys is 30. For + FulfillmentInfo, a fulfillment type and a fulfillment ID must be + provided in the format of "fulfillmentType.fulfillmentId". E.g., in + "pickupInStore.store123", "pickupInStore" is fulfillment type and + "store123" is the store ID. Supported keys are: * colorFamilies * + price * originalPrice * discount * variantId * + inventory(place_id,price) * inventory(place_id,original_price) * + inventory(place_id,attributes.key), where key is any key in the + Product.local_inventories.attributes map. * attributes.key, where + key is any key in the Product.attributes map. * pickupInStore.id, + where id is any FulfillmentInfo.place_ids for FulfillmentInfo.type + "pickup-in-store". * shipToStore.id, where id is any + FulfillmentInfo.place_ids for FulfillmentInfo.type "ship-to-store". + * sameDayDelivery.id, where id is any FulfillmentInfo.place_ids for + FulfillmentInfo.type "same-day-delivery". * nextDayDelivery.id, + where id is any FulfillmentInfo.place_ids for FulfillmentInfo.type + "next-day-delivery". * customFulfillment1.id, where id is any + FulfillmentInfo.place_ids for FulfillmentInfo.type "custom-type-1". + * customFulfillment2.id, where id is any FulfillmentInfo.place_ids + for FulfillmentInfo.type "custom-type-2". * customFulfillment3.id, + where id is any FulfillmentInfo.place_ids for FulfillmentInfo.type + "custom-type-3". * customFulfillment4.id, where id is any + FulfillmentInfo.place_ids for FulfillmentInfo.type "custom-type-4". + * customFulfillment5.id, where id is any FulfillmentInfo.place_ids + for FulfillmentInfo.type "custom-type-5". If this field is set to an + invalid value other than these, an INVALID_ARGUMENT error is + returned. + tileNavigationSpec: + description: Optional. This field specifies tile navigation related parameters. + $ref: >- + #/components/schemas/GoogleCloudRetailV2SearchRequestTileNavigationSpec + pageSize: format: int32 - correctedQuery: - description: >- - Contains the spell corrected query, if found. If the spell - correction type is AUTOMATIC, then the search results are based on - corrected_query. Otherwise the original query is used for search. - type: string - attributionToken: - description: >- - A unique search token. This should be included in the UserEvent logs - resulting from this search, which enables accurate attribution of - search model performance. - type: string - nextPageToken: description: >- - A token that can be sent as SearchRequest.page_token to retrieve the - next page. If this field is omitted, there are no subsequent pages. - type: string - queryExpansionInfo: - description: Query expansion information for the returned results. - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchResponseQueryExpansionInfo - redirectUri: + Maximum number of Products to return. If unspecified, defaults to a + reasonable value. The maximum allowed value is 120. Values above 120 + will be coerced to 120. If this field is negative, an + INVALID_ARGUMENT is returned. + type: integer + regionCode: description: >- - The URI of a customer-defined redirect page. If redirect action is - triggered, no search is performed, and only redirect_uri and - attribution_token are set in the response. + Optional. The Unicode country/region code (CLDR) of a location, such + as "US" and "419" + [list](https://www.unicode.org/cldr/charts/46/supplemental/territory_information.html). + For more information, see [Standardized + codes](https://google.aip.dev/143). If set, then results will be + boosted based on the region_code provided. type: string - appliedControls: - description: >- - The fully qualified resource name of applied - [controls](https://cloud.google.com/retail/docs/serving-control-rules). + pageCategories: type: array + description: >- + The categories associated with a category page. Must be set for + category navigation queries to achieve good search quality. The + format should be the same as UserEvent.page_categories; To represent + full path of category, use '>' sign to separate different + hierarchies. If '>' is part of the category name, replace it with + other character(s). Category pages include special pages such as + sales or promotions. For instance, a special sale page may have the + category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday + Deals"]. items: type: string - pinControlMetadata: - description: >- - Metadata for pin controls which were applicable to the request. This - contains two map fields, one for all matched pins and one for pins - which were matched but not applied. The two maps are keyed by pin - position, and the values are the product ids which were matched to - that pin. - $ref: '#/components/schemas/GoogleCloudRetailV2PinControlMetadata' - invalidConditionBoostSpecs: + userInfo: + description: User information. + $ref: '#/components/schemas/GoogleCloudRetailV2UserInfo' + visitorId: + type: string description: >- - The invalid SearchRequest.BoostSpec.condition_boost_specs that are - not applied during serving. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchRequestBoostSpecConditionBoostSpec - experimentInfo: + Required. A unique identifier for tracking visitors. For example, + this could be implemented with an HTTP cookie, which should be able + to uniquely identify a visitor on a single device. This unique + identifier should not change if the visitor logs in or out of the + website. This should be the same identifier as UserEvent.visitor_id. + The field must be a UTF-8 encoded string with a length limit of 128 + characters. Otherwise, an INVALID_ARGUMENT error is returned. + labels: + type: object description: >- - Metadata related to A/B testing experiment associated with this - response. Only exists when an experiment is triggered. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2ExperimentInfo' - conversationalSearchResult: + The labels applied to a resource must meet the following + requirements: * Each resource can have multiple labels, up to a + maximum of 64. * Each label must be a key-value pair. * Keys have a + minimum length of 1 character and a maximum length of 63 characters + and cannot be empty. Values can be empty and have a maximum length + of 63 characters. * Keys and values can contain only lowercase + letters, numeric characters, underscores, and dashes. All characters + must use UTF-8 encoding, and international characters are allowed. * + The key portion of a label must be unique. However, you can use the + same key with multiple resources. * Keys must start with a lowercase + letter or international character. For more information, see + [Requirements for + labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) + in the Resource Manager documentation. + additionalProperties: + type: string + spellCorrectionSpec: description: >- - This field specifies all related information that is needed on - client side for UI rendering of conversational retail search. + The spell correction specification that specifies the mode under + which spell correction will take effect. $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchResponseConversationalSearchResult - tileNavigationResult: + #/components/schemas/GoogleCloudRetailV2SearchRequestSpellCorrectionSpec + filter: description: >- - This field specifies all related information for tile navigation - that will be used in client side. - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchResponseTileNavigationResult - GoogleCloudRetailV2SearchResponseSearchResult: - id: GoogleCloudRetailV2SearchResponseSearchResult - description: Represents the search results. - type: object - properties: - id: - description: Product.id of the searched Product. + The filter syntax consists of an expression language for + constructing a predicate from one or more fields of the products + being filtered. Filter expression is case-sensitive. For more + information, see + [Filter](https://cloud.google.com/retail/docs/filter-and-order#filter). + If this field is unrecognizable, an INVALID_ARGUMENT is returned. type: string - product: + boostSpec: + $ref: '#/components/schemas/GoogleCloudRetailV2SearchRequestBoostSpec' description: >- - The product data snippet in the search response. Only Product.name - is guaranteed to be populated. Product.variants contains the product - variants that match the search query. If there are multiple product - variants matching the query, top 5 most relevant product variants - are returned and ordered by relevancy. If relevancy can be - deternmined, use matching_variant_fields to look up matched product - variants fields. If relevancy cannot be determined, e.g. when - searching "shoe" all products in a shoe product can be a match, 5 - product variants are returned but order is meaningless. - $ref: '#/components/schemas/GoogleCloudRetailV2Product' - matchingVariantCount: - description: The count of matched variant Products. - type: integer - format: int32 - matchingVariantFields: + Boost specification to boost certain products. For more information, + see [Boost results](https://cloud.google.com/retail/docs/boosting). + Notice that if both ServingConfig.boost_control_ids and + SearchRequest.boost_spec are set, the boost conditions from both + places are evaluated. If a search request matches multiple boost + conditions, the final boost score is equal to the sum of the boost + scores from all matched boost conditions. + branch: description: >- - If a variant Product matches the search query, this map indicates - which Product fields are matched. The key is the Product.name, the - value is a field mask of the matched Product fields. If matched - attributes cannot be determined, this map will be empty. For - example, a key "sku1" with field mask "products.color_info" - indicates there is a match between "sku1" ColorInfo and the query. - type: object - additionalProperties: - type: string - format: google-fieldmask - variantRollupValues: + The branch resource name, such as + `projects/*/locations/global/catalogs/default_catalog/branches/0`. + Use "default_branch" as the branch ID or leave this field empty, to + search products under the default branch. + type: string + entity: description: >- - The rollup matching variant Product attributes. The key is one of - the SearchRequest.variant_rollup_keys. The values are the merged and - de-duplicated Product attributes. Notice that the rollup values are - respect filter. For example, when filtering by - "colorFamilies:ANY(\"red\")" and rollup "colorFamilies", only "red" - is returned. For textual and numerical attributes, the rollup values - is a list of string or double values with type - google.protobuf.ListValue. For example, if there are two variants - with colors "red" and "blue", the rollup values are { key: - "colorFamilies" value { list_value { values { string_value: "red" } - values { string_value: "blue" } } } } For FulfillmentInfo, the - rollup values is a double value with type google.protobuf.Value. For - example, `{key: "pickupInStore.store1" value { number_value: 10 }}` - means a there are 10 variants in this product are available in the - store "store1". - type: object - additionalProperties: - type: any - personalLabels: + The entity for customers that may run multiple different entities, + domains, sites or regions, for example, `Google US`, `Google Ads`, + `Waymo`, `google.com`, `youtube.com`, etc. If this is set, it should + be exactly matched with UserEvent.entity to get search results + boosted by entity. + type: string + orderBy: + type: string description: >- - Specifies previous events related to this product for this user - based on UserEvent with same SearchRequest.visitor_id or - UserInfo.user_id. This is set only when - SearchRequest.PersonalizationSpec.mode is - SearchRequest.PersonalizationSpec.Mode.AUTO. Possible values: * - `purchased`: Indicates that this product has been purchased before. - type: array + The order in which products are returned. Products can be ordered by + a field in an Product object. Leave it unset if ordered by + relevance. OrderBy expression is case-sensitive. For more + information, see + [Order](https://cloud.google.com/retail/docs/filter-and-order#order). + If this field is unrecognizable, an INVALID_ARGUMENT is returned. + type: object + description: Request message for SearchService.Search method. + GoogleCloudRetailV2ModelServingConfigList: + id: GoogleCloudRetailV2ModelServingConfigList + type: object + properties: + servingConfigIds: items: type: string - modelScores: - description: Google provided available scores. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudRetailV2DoubleList' - GoogleCloudRetailV2Product: - id: GoogleCloudRetailV2Product + description: >- + Optional. A set of valid serving configs that may be used for + `PAGE_OPTIMIZATION`. + type: array description: >- - Product captures all metadata information of items to be recommended or - searched. + Represents an ordered combination of valid serving configs, which can be + used for `PAGE_OPTIMIZATION` recommendations. + GoogleCloudRetailV2PanelInfo: + description: Detailed panel information associated with a user event. type: object + id: GoogleCloudRetailV2PanelInfo properties: - expireTime: - description: >- - Note that this field is applied in the following ways: * If the - Product is already expired when it is uploaded, this product is not - indexed for search. * If the Product is not expired when it is - uploaded, only the Type.PRIMARY's and Type.COLLECTION's expireTime - is respected, and Type.VARIANT's expireTime is not used. In general, - we suggest the users to delete the stale products explicitly, - instead of using this field to determine staleness. expire_time must - be later than available_time and publish_time, otherwise an - INVALID_ARGUMENT error is thrown. Corresponding properties: Google - Merchant Center property - [expiration_date](https://support.google.com/merchants/answer/6324499). + panelId: type: string - format: google-datetime - ttl: + description: Required. The panel ID. + productDetails: + items: + $ref: '#/components/schemas/GoogleCloudRetailV2ProductDetail' + description: Optional. The product details associated with the panel. + type: array + panelPosition: + type: integer description: >- - Input only. The TTL (time to live) of the product. Note that this is - only applicable to Type.PRIMARY and Type.COLLECTION, and ignored for - Type.VARIANT. In general, we suggest the users to delete the stale - products explicitly, instead of using this field to determine - staleness. If it is set, it must be a non-negative value, and - expire_time is set as current timestamp plus ttl. The derived - expire_time is returned in the output and ttl is left blank when - retrieving the Product. If it is set, the product is not available - for SearchService.Search after current timestamp plus ttl. However, - the product can still be retrieved by ProductService.GetProduct and - ProductService.ListProducts. + Optional. The ordered position of the panel, if shown to the user + with other panels. If set, then total_panels must also be set. + format: int32 + displayName: + description: Optional. The display name of the panel. type: string - format: google-duration - name: - description: >- - Immutable. Full resource name of the product, such as - `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/product_id`. + attributionToken: type: string - id: + description: Optional. The attribution token of the panel. + totalPanels: + format: int32 + type: integer description: >- - Immutable. Product identifier, which is the final component of name. - For example, this field is "id_1", if name is - `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/id_1`. - This field must be a UTF-8 encoded string with a length limit of 128 - characters. Otherwise, an INVALID_ARGUMENT error is returned. - Corresponding properties: Google Merchant Center property - [id](https://support.google.com/merchants/answer/6324405). - Schema.org property [Product.sku](https://schema.org/sku). + Optional. The total number of panels, including this one, shown to + the user. Must be set if panel_position is set. + GoogleCloudRetailV2Tile: + type: object + properties: + productAttributeInterval: + $ref: '#/components/schemas/GoogleCloudRetailV2ProductAttributeInterval' + description: The product attribute key-numeric interval. + productAttributeValue: + description: The product attribute key-value. + $ref: '#/components/schemas/GoogleCloudRetailV2ProductAttributeValue' + representativeProductId: type: string - type: - description: >- - Immutable. The type of the product. Default to - Catalog.product_level_config.ingestion_product_type if unset. + description: The representative product id for this tile. + description: >- + This field specifies the tile information including an attribute key, + attribute value. More fields will be added in the future, eg: product id + or product counts, etc. + id: GoogleCloudRetailV2Tile + GoogleCloudRetailV2OutputResult: + id: GoogleCloudRetailV2OutputResult + properties: + gcsResult: + type: array + items: + $ref: '#/components/schemas/GoogleCloudRetailV2GcsOutputResult' + description: The Google Cloud Storage location where the result is stored. + bigqueryResult: + items: + $ref: '#/components/schemas/GoogleCloudRetailV2BigQueryOutputResult' + description: The BigQuery location where the result is stored. + type: array + type: object + description: >- + Output result that stores the information about where the exported data + is stored. + GoogleCloudRetailV2AddLocalInventoriesResponse: + description: >- + Response of the ProductService.AddLocalInventories API. Currently empty + because there is no meaningful response populated from the + ProductService.AddLocalInventories method. + id: GoogleCloudRetailV2AddLocalInventoriesResponse + type: object + properties: {} + GoogleCloudRetailV2SetInventoryRequest: + description: Request message for ProductService.SetInventory method. + properties: + setMask: type: string - enumDescriptions: - - >- - Default value. Default to - Catalog.product_level_config.ingestion_product_type if unset. - - >- - The primary type. As the primary unit for predicting, indexing and - search serving, a Type.PRIMARY Product is grouped with multiple - Type.VARIANT Products. - - >- - The variant type. Type.VARIANT Products usually share some common - attributes on the same Type.PRIMARY Products, but they have - variant attributes like different colors, sizes and prices, etc. - - >- - The collection type. Collection products are bundled Type.PRIMARY - Products or Type.VARIANT Products that are sold together, such as - a jewelry set with necklaces, earrings and rings, etc. - enum: - - TYPE_UNSPECIFIED - - PRIMARY - - VARIANT - - COLLECTION - primaryProductId: description: >- - Variant group identifier. Must be an id, with the same parent branch - with this product. Otherwise, an error is thrown. For Type.PRIMARY - Products, this field can only be empty or set to the same value as - id. For VARIANT Products, this field cannot be empty. A maximum of - 2,000 products are allowed to share the same Type.PRIMARY Product. - Otherwise, an INVALID_ARGUMENT error is returned. Corresponding - properties: Google Merchant Center property - [item_group_id](https://support.google.com/merchants/answer/6324507). - Schema.org property - [Product.inProductGroupWithID](https://schema.org/inProductGroupWithID). + Indicates which inventory fields in the provided Product to update. + At least one field must be provided. If an unsupported or unknown + field is provided, an INVALID_ARGUMENT error is returned and the + entire update will be ignored. + format: google-fieldmask + setTime: + format: google-datetime type: string - collectionMemberIds: description: >- - The id of the collection members when type is Type.COLLECTION. - Non-existent product ids are allowed. The type of the members must - be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT - error is thrown. Should not set it for other types. A maximum of - 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is - return. - type: array - items: - type: string - gtin: + The time when the request is issued, used to prevent out-of-order + updates on inventory fields with the last update time recorded. If + not provided, the internal system time will be used. + allowMissing: + type: boolean description: >- - The Global Trade Item Number (GTIN) of the product. This field must - be a UTF-8 encoded string with a length limit of 128 characters. - Otherwise, an INVALID_ARGUMENT error is returned. This field must be - a Unigram. Otherwise, an INVALID_ARGUMENT error is returned. - Corresponding properties: Google Merchant Center property - [gtin](https://support.google.com/merchants/answer/6324461). - Schema.org property [Product.isbn](https://schema.org/isbn), - [Product.gtin8](https://schema.org/gtin8), - [Product.gtin12](https://schema.org/gtin12), - [Product.gtin13](https://schema.org/gtin13), or - [Product.gtin14](https://schema.org/gtin14). If the value is not a - valid GTIN, an INVALID_ARGUMENT error is returned. + If set to true, and the Product with name Product.name is not found, + the inventory update will still be processed and retained for at + most 1 day until the Product is created. If set to false, a + NOT_FOUND error is returned if the Product is not found. + inventory: + $ref: '#/components/schemas/GoogleCloudRetailV2Product' + description: >- + Required. The inventory information to update. The allowable fields + to update are: * Product.price_info * Product.availability * + Product.available_quantity * Product.fulfillment_info The updated + inventory fields must be specified in SetInventoryRequest.set_mask. + If SetInventoryRequest.inventory.name is empty or invalid, an + INVALID_ARGUMENT error is returned. If the caller does not have + permission to update the Product named in Product.name, regardless + of whether or not it exists, a PERMISSION_DENIED error is returned. + If the Product to update does not have existing inventory + information, the provided inventory information will be inserted. If + the Product to update has existing inventory information, the + provided inventory information will be merged while respecting the + last update time for each inventory field, using the provided or + default value for SetInventoryRequest.set_time. The caller can + replace place IDs for a subset of fulfillment types in the following + ways: * Adds "fulfillment_info" in SetInventoryRequest.set_mask * + Specifies only the desired fulfillment types and corresponding place + IDs to update in SetInventoryRequest.inventory.fulfillment_info The + caller can clear all place IDs from a subset of fulfillment types in + the following ways: * Adds "fulfillment_info" in + SetInventoryRequest.set_mask * Specifies only the desired + fulfillment types to clear in + SetInventoryRequest.inventory.fulfillment_info * Checks that only + the desired fulfillment info types have empty + SetInventoryRequest.inventory.fulfillment_info.place_ids The last + update time is recorded for the following inventory fields: * + Product.price_info * Product.availability * + Product.available_quantity * Product.fulfillment_info If a full + overwrite of inventory information while ignoring timestamps is + needed, ProductService.UpdateProduct should be invoked instead. + id: GoogleCloudRetailV2SetInventoryRequest + type: object + GoogleCloudRetailV2Product: + id: GoogleCloudRetailV2Product + properties: + localInventories: + description: >- + Output only. A list of local inventories specific to different + places. This field can be managed by + ProductService.AddLocalInventories and + ProductService.RemoveLocalInventories APIs if fine-grained, + high-volume updates are necessary. + readOnly: true + items: + $ref: '#/components/schemas/GoogleCloudRetailV2LocalInventory' + type: array + name: type: string - categories: description: >- - Product categories. This field is repeated for supporting one - product belonging to several parallel categories. Strongly - recommended using the full path for better search / recommendation - quality. To represent full path of category, use '>' sign to - separate different hierarchies. If '>' is part of the category name, - replace it with other character(s). For example, if a shoes product - belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & - Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented - as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness - > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product - otherwise an INVALID_ARGUMENT error is returned. At most 250 values - are allowed per Product unless overridden through the Google Cloud - console. Empty values are not allowed. Each value must be a UTF-8 - encoded string with a length limit of 5,000 characters. Otherwise, - an INVALID_ARGUMENT error is returned. Corresponding properties: - Google Merchant Center property google_product_category. Schema.org - property [Product.category] (https://schema.org/category). - [mc_google_product_category]: - https://support.google.com/merchants/answer/6324436 - type: array - items: - type: string + Immutable. Full resource name of the product, such as + `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/product_id`. + publishTime: + type: string + description: >- + The timestamp when the product is published by the retailer for the + first time, which indicates the freshness of the products. Note that + this field is different from available_time, given it purely + describes product freshness regardless of when it is available on + search and recommendation. + format: google-datetime title: + type: string description: >- Required. Product title. This field must be a UTF-8 encoded string with a length limit of 1,000 characters. Otherwise, an @@ -1988,8 +1581,31 @@ components: Merchant Center property [title](https://support.google.com/merchants/answer/6324415). Schema.org property [Product.name](https://schema.org/name). - type: string + sizes: + description: >- + The size of the product. To represent different size systems or size + types, consider using this format: + [[[size_system:]size_type:]size_value]. For example, in "US:MENS:M", + "US" represents size system; "MENS" represents size type; "M" + represents size value. In "GIRLS:27", size system is empty; "GIRLS" + represents size type; "27" represents size value. In "32 inches", + both size system and size type are empty, while size value is "32 + inches". A maximum of 20 values are allowed per Product. Each value + must be a UTF-8 encoded string with a length limit of 128 + characters. Otherwise, an INVALID_ARGUMENT error is returned. + Corresponding properties: Google Merchant Center property + [size](https://support.google.com/merchants/answer/6324492), + [size_type](https://support.google.com/merchants/answer/6324497), + and + [size_system](https://support.google.com/merchants/answer/6324502). + Schema.org property [Product.size](https://schema.org/size). + type: array + items: + type: string brands: + items: + type: string + type: array description: >- The brands of the product. A maximum of 30 brands are allowed unless overridden through the Google Cloud console. Each brand must be a @@ -1998,20 +1614,8 @@ components: properties: Google Merchant Center property [brand](https://support.google.com/merchants/answer/6324351). Schema.org property [Product.brand](https://schema.org/brand). - type: array - items: - type: string - description: - description: >- - Product description. This field must be a UTF-8 encoded string with - a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT - error is returned. Corresponding properties: Google Merchant Center - property - [description](https://support.google.com/merchants/answer/6324468). - Schema.org property - [Product.description](https://schema.org/description). - type: string languageCode: + type: string description: >- Language of the title/description and other string attributes. Use language tags defined by [BCP @@ -2021,180 +1625,125 @@ components: languages, but duplicating Products to provide text in multiple languages can result in degraded model performance. For product search this field is in use. It defaults to "en-US" if unset. - type: string - attributes: - description: >- - Highly encouraged. Extra product attributes to be included. For - example, for products, this could include the store name, vendor, - style, color, etc. These are very strong signals for recommendation - model, thus we highly recommend providing the attributes here. - Features that can take on one of a limited number of possible - values. Two types of features can be set are: Textual features. some - examples would be the brand/maker of a product, or country of a - customer. Numerical features. Some examples would be the - height/weight of a product, or age of a customer. For example: `{ - "vendor": {"text": ["vendor123", "vendor456"]}, "lengths_cm": - {"numbers":[2.3, 15.4]}, "heights_cm": {"numbers":[8.1, 6.4]} }`. - This field needs to pass all below criteria, otherwise an - INVALID_ARGUMENT error is returned: * Max entries count: 200. * The - key must be a UTF-8 encoded string with a length limit of 128 - characters. * For indexable attribute, the key must match the - pattern: `a-zA-Z0-9*`. For example, `key0LikeThis` or - `KEY_1_LIKE_THIS`. * For text attributes, at most 400 values are - allowed. Empty values are not allowed. Each value must be a - non-empty UTF-8 encoded string with a length limit of 256 - characters. * For number attributes, at most 400 values are allowed. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudRetailV2CustomAttribute' - tags: + variants: + readOnly: true description: >- - Custom tags associated with the product. At most 250 values are - allowed per Product. This value must be a UTF-8 encoded string with - a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT - error is returned. This tag can be used for filtering recommendation - results by passing the tag as part of the PredictRequest.filter. - Corresponding properties: Google Merchant Center property - [custom_label_0–4](https://support.google.com/merchants/answer/6324473). + Output only. Product variants grouped together on primary product + which share similar product attributes. It's automatically grouped + by primary_product_id for all the product variants. Only populated + for Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for + ProductService.GetProduct. Do not set this field in API requests. + items: + $ref: '#/components/schemas/GoogleCloudRetailV2Product' + type: array + promotions: type: array items: - type: string + $ref: '#/components/schemas/GoogleCloudRetailV2Promotion' + description: >- + The promotions applied to the product. A maximum of 10 values are + allowed per Product. Only Promotion.promotion_id will be used, other + fields will be ignored if set. + retrievableFields: + type: string + format: google-fieldmask + deprecated: true + description: >- + Indicates which fields in the Products are returned in + SearchResponse. Supported fields for all types: * audience * + availability * brands * color_info * conditions * gtin * materials * + name * patterns * price_info * rating * sizes * title * uri + Supported fields only for Type.PRIMARY and Type.COLLECTION: * + categories * description * images Supported fields only for + Type.VARIANT: * Only the first image in images To mark attributes as + retrievable, include paths of the form "attributes.key" where "key" + is the key of a custom attribute, as specified in attributes. For + Type.PRIMARY and Type.COLLECTION, the following fields are always + returned in SearchResponse by default: * name For Type.VARIANT, the + following fields are always returned in by default: * name * + color_info Note: Returning more fields in SearchResponse can + increase response payload size and serving latency. This field is + deprecated. Use the retrievable site-wide control instead. priceInfo: + $ref: '#/components/schemas/GoogleCloudRetailV2PriceInfo' description: >- Product price and cost information. Corresponding properties: Google Merchant Center property [price](https://support.google.com/merchants/answer/6324371). - $ref: '#/components/schemas/GoogleCloudRetailV2PriceInfo' - rating: - description: The rating of this product. - $ref: '#/components/schemas/GoogleCloudRetailV2Rating' - availableTime: - description: >- - The timestamp when this Product becomes available for - SearchService.Search. Note that this is only applicable to - Type.PRIMARY and Type.COLLECTION, and ignored for Type.VARIANT. - type: string - format: google-datetime - availability: - description: >- - The online availability of the Product. Default to - Availability.IN_STOCK. For primary products with variants set the - availability of the primary as Availability.OUT_OF_STOCK and set the - true availability at the variant level. This way the primary product - will be considered "in stock" as long as it has at least one variant - in stock. For primary products with no variants set the true - availability at the primary level. Corresponding properties: Google - Merchant Center property - [availability](https://support.google.com/merchants/answer/6324448). - Schema.org property - [Offer.availability](https://schema.org/availability). - type: string - enumDescriptions: - - >- - Default product availability. Default to Availability.IN_STOCK if - unset. - - Product in stock. - - Product out of stock. - - Product that is in pre-order state. - - Product that is back-ordered (i.e. temporarily out of stock). - enum: - - AVAILABILITY_UNSPECIFIED - - IN_STOCK - - OUT_OF_STOCK - - PREORDER - - BACKORDER - availableQuantity: - description: The available quantity of the item. - type: integer - format: int32 - fulfillmentInfo: - description: >- - Fulfillment information, such as the store IDs for in-store pickup - or region IDs for different shipping methods. All the elements must - have distinct FulfillmentInfo.type. Otherwise, an INVALID_ARGUMENT - error is returned. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2FulfillmentInfo' - uri: - description: >- - Canonical URL directly linking to the product detail page. It is - strongly recommended to provide a valid uri for the product, - otherwise the service performance could be significantly degraded. - This field must be a UTF-8 encoded string with a length limit of - 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. - Corresponding properties: Google Merchant Center property - [link](https://support.google.com/merchants/answer/6324416). - Schema.org property [Offer.url](https://schema.org/url). - type: string - images: - description: >- - Product images for the product. We highly recommend putting the main - image first. A maximum of 300 images are allowed. Corresponding - properties: Google Merchant Center property - [image_link](https://support.google.com/merchants/answer/6324350). - Schema.org property [Product.image](https://schema.org/image). - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2Image' audience: description: >- The target group associated with a given audience (e.g. male, veterans, car owners, musicians, etc.) of the product. $ref: '#/components/schemas/GoogleCloudRetailV2Audience' - colorInfo: - description: >- - The color of the product. Corresponding properties: Google Merchant - Center property - [color](https://support.google.com/merchants/answer/6324487). - Schema.org property [Product.color](https://schema.org/color). - $ref: '#/components/schemas/GoogleCloudRetailV2ColorInfo' - sizes: + type: description: >- - The size of the product. To represent different size systems or size - types, consider using this format: - [[[size_system:]size_type:]size_value]. For example, in "US:MENS:M", - "US" represents size system; "MENS" represents size type; "M" - represents size value. In "GIRLS:27", size system is empty; "GIRLS" - represents size type; "27" represents size value. In "32 inches", - both size system and size type are empty, while size value is "32 - inches". A maximum of 20 values are allowed per Product. Each value - must be a UTF-8 encoded string with a length limit of 128 + Immutable. The type of the product. Default to + Catalog.product_level_config.ingestion_product_type if unset. + enum: + - TYPE_UNSPECIFIED + - PRIMARY + - VARIANT + - COLLECTION + enumDescriptions: + - >- + Default value. Default to + Catalog.product_level_config.ingestion_product_type if unset. + - >- + The primary type. As the primary unit for predicting, indexing and + search serving, a Type.PRIMARY Product is grouped with multiple + Type.VARIANT Products. + - >- + The variant type. Type.VARIANT Products usually share some common + attributes on the same Type.PRIMARY Products, but they have + variant attributes like different colors, sizes and prices, etc. + - >- + The collection type. Collection products are bundled Type.PRIMARY + Products or Type.VARIANT Products that are sold together, such as + a jewelry set with necklaces, earrings and rings, etc. + type: string + id: + description: >- + Immutable. Product identifier, which is the final component of name. + For example, this field is "id_1", if name is + `projects/*/locations/global/catalogs/default_catalog/branches/default_branch/products/id_1`. + This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned. Corresponding properties: Google Merchant Center property - [size](https://support.google.com/merchants/answer/6324492), - [size_type](https://support.google.com/merchants/answer/6324497), - and - [size_system](https://support.google.com/merchants/answer/6324502). - Schema.org property [Product.size](https://schema.org/size). - type: array - items: - type: string - materials: + [id](https://support.google.com/merchants/answer/6324405). + Schema.org property [Product.sku](https://schema.org/sku). + type: string + ttl: description: >- - The material of the product. For example, "leather", "wooden". A - maximum of 20 values are allowed. Each value must be a UTF-8 encoded - string with a length limit of 200 characters. Otherwise, an - INVALID_ARGUMENT error is returned. Corresponding properties: Google - Merchant Center property - [material](https://support.google.com/merchants/answer/6324410). - Schema.org property [Product.material](https://schema.org/material). - type: array + Input only. The TTL (time to live) of the product. Note that this is + only applicable to Type.PRIMARY and Type.COLLECTION, and ignored for + Type.VARIANT. In general, we suggest the users to delete the stale + products explicitly, instead of using this field to determine + staleness. If it is set, it must be a non-negative value, and + expire_time is set as current timestamp plus ttl. The derived + expire_time is returned in the output and ttl is left blank when + retrieving the Product. If it is set, the product is not available + for SearchService.Search after current timestamp plus ttl. However, + the product can still be retrieved by ProductService.GetProduct and + ProductService.ListProducts. + format: google-duration + type: string + availableQuantity: + format: int32 + description: The available quantity of the item. + type: integer + collectionMemberIds: items: type: string - patterns: description: >- - The pattern or graphic print of the product. For example, "striped", - "polka dot", "paisley". A maximum of 20 values are allowed per - Product. Each value must be a UTF-8 encoded string with a length - limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is - returned. Corresponding properties: Google Merchant Center property - [pattern](https://support.google.com/merchants/answer/6324483). - Schema.org property [Product.pattern](https://schema.org/pattern). + The id of the collection members when type is Type.COLLECTION. + Non-existent product ids are allowed. The type of the members must + be either Type.PRIMARY or Type.VARIANT otherwise an INVALID_ARGUMENT + error is thrown. Should not set it for other types. A maximum of + 1000 values are allowed. Otherwise, an INVALID_ARGUMENT error is + return. type: array - items: - type: string conditions: + type: array description: >- The condition of the product. Strongly encouraged to use the standard values: "new", "refurbished", "used". A maximum of 1 value @@ -2205,2592 +1754,3093 @@ components: [condition](https://support.google.com/merchants/answer/6324469). Schema.org property [Offer.itemCondition](https://schema.org/itemCondition). - type: array items: type: string - promotions: + fulfillmentInfo: description: >- - The promotions applied to the product. A maximum of 10 values are - allowed per Product. Only Promotion.promotion_id will be used, other - fields will be ignored if set. + Fulfillment information, such as the store IDs for in-store pickup + or region IDs for different shipping methods. All the elements must + have distinct FulfillmentInfo.type. Otherwise, an INVALID_ARGUMENT + error is returned. type: array items: - $ref: '#/components/schemas/GoogleCloudRetailV2Promotion' - publishTime: + $ref: '#/components/schemas/GoogleCloudRetailV2FulfillmentInfo' + primaryProductId: description: >- - The timestamp when the product is published by the retailer for the - first time, which indicates the freshness of the products. Note that - this field is different from available_time, given it purely - describes product freshness regardless of when it is available on - search and recommendation. + Variant group identifier. Must be an id, with the same parent branch + with this product. Otherwise, an error is thrown. For Type.PRIMARY + Products, this field can only be empty or set to the same value as + id. For VARIANT Products, this field cannot be empty. A maximum of + 2,000 products are allowed to share the same Type.PRIMARY Product. + Otherwise, an INVALID_ARGUMENT error is returned. Corresponding + properties: Google Merchant Center property + [item_group_id](https://support.google.com/merchants/answer/6324507). + Schema.org property + [Product.inProductGroupWithID](https://schema.org/inProductGroupWithID). type: string - format: google-datetime - retrievableFields: + patterns: + items: + type: string + type: array description: >- - Indicates which fields in the Products are returned in - SearchResponse. Supported fields for all types: * audience * - availability * brands * color_info * conditions * gtin * materials * - name * patterns * price_info * rating * sizes * title * uri - Supported fields only for Type.PRIMARY and Type.COLLECTION: * - categories * description * images Supported fields only for - Type.VARIANT: * Only the first image in images To mark attributes as - retrievable, include paths of the form "attributes.key" where "key" - is the key of a custom attribute, as specified in attributes. For - Type.PRIMARY and Type.COLLECTION, the following fields are always - returned in SearchResponse by default: * name For Type.VARIANT, the - following fields are always returned in by default: * name * - color_info Note: Returning more fields in SearchResponse can - increase response payload size and serving latency. This field is - deprecated. Use the retrievable site-wide control instead. - deprecated: true + The pattern or graphic print of the product. For example, "striped", + "polka dot", "paisley". A maximum of 20 values are allowed per + Product. Each value must be a UTF-8 encoded string with a length + limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is + returned. Corresponding properties: Google Merchant Center property + [pattern](https://support.google.com/merchants/answer/6324483). + Schema.org property [Product.pattern](https://schema.org/pattern). + gtin: + description: >- + The Global Trade Item Number (GTIN) of the product. This field must + be a UTF-8 encoded string with a length limit of 128 characters. + Otherwise, an INVALID_ARGUMENT error is returned. This field must be + a Unigram. Otherwise, an INVALID_ARGUMENT error is returned. + Corresponding properties: Google Merchant Center property + [gtin](https://support.google.com/merchants/answer/6324461). + Schema.org property [Product.isbn](https://schema.org/isbn), + [Product.gtin8](https://schema.org/gtin8), + [Product.gtin12](https://schema.org/gtin12), + [Product.gtin13](https://schema.org/gtin13), or + [Product.gtin14](https://schema.org/gtin14). If the value is not a + valid GTIN, an INVALID_ARGUMENT error is returned. type: string - format: google-fieldmask - variants: + rating: + description: The rating of this product. + $ref: '#/components/schemas/GoogleCloudRetailV2Rating' + colorInfo: description: >- - Output only. Product variants grouped together on primary product - which share similar product attributes. It's automatically grouped - by primary_product_id for all the product variants. Only populated - for Type.PRIMARY Products. Note: This field is OUTPUT_ONLY for - ProductService.GetProduct. Do not set this field in API requests. - readOnly: true + The color of the product. Corresponding properties: Google Merchant + Center property + [color](https://support.google.com/merchants/answer/6324487). + Schema.org property [Product.color](https://schema.org/color). + $ref: '#/components/schemas/GoogleCloudRetailV2ColorInfo' + tags: type: array items: - $ref: '#/components/schemas/GoogleCloudRetailV2Product' - localInventories: + type: string description: >- - Output only. A list of local inventories specific to different - places. This field can be managed by - ProductService.AddLocalInventories and - ProductService.RemoveLocalInventories APIs if fine-grained, - high-volume updates are necessary. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2LocalInventory' - GoogleCloudRetailV2CustomAttribute: - id: GoogleCloudRetailV2CustomAttribute - description: A custom attribute that is not explicitly modeled in Product. - type: object - properties: - text: + Custom tags associated with the product. At most 250 values are + allowed per Product. This value must be a UTF-8 encoded string with + a length limit of 1,000 characters. Otherwise, an INVALID_ARGUMENT + error is returned. This tag can be used for filtering recommendation + results by passing the tag as part of the PredictRequest.filter. + Corresponding properties: Google Merchant Center property + [custom_label_0–4](https://support.google.com/merchants/answer/6324473). + expireTime: + format: google-datetime + type: string description: >- - The textual values of this custom attribute. For example, - `["yellow", "green"]` when the key is "color". Empty string is not - allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly - one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT - error is returned. + Note that this field is applied in the following ways: * If the + Product is already expired when it is uploaded, this product is not + indexed for search. * If the Product is not expired when it is + uploaded, only the Type.PRIMARY's and Type.COLLECTION's expireTime + is respected, and Type.VARIANT's expireTime is not used. In general, + we suggest the users to delete the stale products explicitly, + instead of using this field to determine staleness. expire_time must + be later than available_time and publish_time, otherwise an + INVALID_ARGUMENT error is thrown. Corresponding properties: Google + Merchant Center property + [expiration_date](https://support.google.com/merchants/answer/6324499). + images: type: array items: - type: string - numbers: + $ref: '#/components/schemas/GoogleCloudRetailV2Image' description: >- - The numerical values of this custom attribute. For example, `[2.3, - 15.4]` when the key is "lengths_cm". Exactly one of text or numbers - should be set. Otherwise, an INVALID_ARGUMENT error is returned. - type: array - items: - type: number - format: double - searchable: + Product images for the product. We highly recommend putting the main + image first. A maximum of 300 images are allowed. Corresponding + properties: Google Merchant Center property + [image_link](https://support.google.com/merchants/answer/6324350). + Schema.org property [Product.image](https://schema.org/image). + availability: description: >- - This field is normally ignored unless - AttributesConfig.attribute_config_level of the Catalog is set to the - deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information - about product-level attribute configuration, see [Configuration - modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). - If true, custom attribute values are searchable by text queries in - SearchService.Search. This field is ignored in a UserEvent. Only set - if type text is set. Otherwise, a INVALID_ARGUMENT error is - returned. - deprecated: true - type: boolean - indexable: + The online availability of the Product. Default to + Availability.IN_STOCK. For primary products with variants set the + availability of the primary as Availability.OUT_OF_STOCK and set the + true availability at the variant level. This way the primary product + will be considered "in stock" as long as it has at least one variant + in stock. For primary products with no variants set the true + availability at the primary level. Corresponding properties: Google + Merchant Center property + [availability](https://support.google.com/merchants/answer/6324448). + Schema.org property + [Offer.availability](https://schema.org/availability). + type: string + enum: + - AVAILABILITY_UNSPECIFIED + - IN_STOCK + - OUT_OF_STOCK + - PREORDER + - BACKORDER + enumDescriptions: + - >- + Default product availability. Default to Availability.IN_STOCK if + unset. + - Product in stock. + - Product out of stock. + - Product that is in pre-order state. + - Product that is back-ordered (i.e. temporarily out of stock). + materials: + type: array + items: + type: string description: >- - This field is normally ignored unless - AttributesConfig.attribute_config_level of the Catalog is set to the - deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information - about product-level attribute configuration, see [Configuration - modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). - If true, custom attribute values are indexed, so that they can be - filtered, faceted or boosted in SearchService.Search. This field is - ignored in a UserEvent. See SearchRequest.filter, - SearchRequest.facet_specs and SearchRequest.boost_spec for more - details. - deprecated: true - type: boolean - GoogleCloudRetailV2PriceInfo: - id: GoogleCloudRetailV2PriceInfo - description: The price information of a Product. - type: object - properties: - currencyCode: + The material of the product. For example, "leather", "wooden". A + maximum of 20 values are allowed. Each value must be a UTF-8 encoded + string with a length limit of 200 characters. Otherwise, an + INVALID_ARGUMENT error is returned. Corresponding properties: Google + Merchant Center property + [material](https://support.google.com/merchants/answer/6324410). + Schema.org property [Product.material](https://schema.org/material). + categories: + items: + type: string description: >- - The 3-letter currency code defined in [ISO - 4217](https://www.iso.org/iso-4217-currency-codes.html). If this - field is an unrecognizable currency code, an INVALID_ARGUMENT error - is returned. The Product.Type.VARIANT Products with the same - Product.primary_product_id must share the same currency_code. - Otherwise, a FAILED_PRECONDITION error is returned. + Product categories. This field is repeated for supporting one + product belonging to several parallel categories. Strongly + recommended using the full path for better search / recommendation + quality. To represent full path of category, use '>' sign to + separate different hierarchies. If '>' is part of the category name, + replace it with other character(s). For example, if a shoes product + belongs to both ["Shoes & Accessories" -> "Shoes"] and ["Sports & + Fitness" -> "Athletic Clothing" -> "Shoes"], it could be represented + as: "categories": [ "Shoes & Accessories > Shoes", "Sports & Fitness + > Athletic Clothing > Shoes" ] Must be set for Type.PRIMARY Product + otherwise an INVALID_ARGUMENT error is returned. At most 250 values + are allowed per Product unless overridden through the Google Cloud + console. Empty values are not allowed. Each value must be a UTF-8 + encoded string with a length limit of 5,000 characters. Otherwise, + an INVALID_ARGUMENT error is returned. Corresponding properties: + Google Merchant Center property google_product_category. Schema.org + property [Product.category] (https://schema.org/category). + [mc_google_product_category]: + https://support.google.com/merchants/answer/6324436 + type: array + availableTime: type: string - price: - description: >- - Price of the product. Google Merchant Center property - [price](https://support.google.com/merchants/answer/6324371). - Schema.org property [Offer.price](https://schema.org/price). - type: number - format: float - originalPrice: description: >- - Price of the product without any discount. If zero, by default set - to be the price. If set, original_price should be greater than or - equal to price, otherwise an INVALID_ARGUMENT error is thrown. - type: number - format: float - cost: + The timestamp when this Product becomes available for + SearchService.Search. Note that this is only applicable to + Type.PRIMARY and Type.COLLECTION, and ignored for Type.VARIANT. + format: google-datetime + description: + type: string description: >- - The costs associated with the sale of a particular product. Used for - gross profit reporting. * Profit = price - cost Google Merchant - Center property - [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895). - type: number - format: float - priceEffectiveTime: + Product description. This field must be a UTF-8 encoded string with + a length limit of 5,000 characters. Otherwise, an INVALID_ARGUMENT + error is returned. Corresponding properties: Google Merchant Center + property + [description](https://support.google.com/merchants/answer/6324468). + Schema.org property + [Product.description](https://schema.org/description). + attributes: + additionalProperties: + $ref: '#/components/schemas/GoogleCloudRetailV2CustomAttribute' + type: object description: >- - The timestamp when the price starts to be effective. This can be set - as a future timestamp, and the price is only used for search after - price_effective_time. If so, the original_price must be set and - original_price is used before price_effective_time. Do not set if - price is always effective because it will cause additional latency - during search. - type: string - format: google-datetime - priceExpireTime: + Highly encouraged. Extra product attributes to be included. For + example, for products, this could include the store name, vendor, + style, color, etc. These are very strong signals for recommendation + model, thus we highly recommend providing the attributes here. + Features that can take on one of a limited number of possible + values. Two types of features can be set are: Textual features. some + examples would be the brand/maker of a product, or country of a + customer. Numerical features. Some examples would be the + height/weight of a product, or age of a customer. For example: `{ + "vendor": {"text": ["vendor123", "vendor456"]}, "lengths_cm": + {"numbers":[2.3, 15.4]}, "heights_cm": {"numbers":[8.1, 6.4]} }`. + This field needs to pass all below criteria, otherwise an + INVALID_ARGUMENT error is returned: * Max entries count: 200. * The + key must be a UTF-8 encoded string with a length limit of 128 + characters. * For indexable attribute, the key must match the + pattern: `a-zA-Z0-9*`. For example, `key0LikeThis` or + `KEY_1_LIKE_THIS`. * For text attributes, at most 400 values are + allowed. Empty values are not allowed. Each value must be a + non-empty UTF-8 encoded string with a length limit of 256 + characters. * For number attributes, at most 400 values are allowed. + uri: description: >- - The timestamp when the price stops to be effective. The price is - used for search before price_expire_time. If this field is set, the - original_price must be set and original_price is used after - price_expire_time. Do not set if price is always effective because - it will cause additional latency during search. + Canonical URL directly linking to the product detail page. It is + strongly recommended to provide a valid uri for the product, + otherwise the service performance could be significantly degraded. + This field must be a UTF-8 encoded string with a length limit of + 5,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. + Corresponding properties: Google Merchant Center property + [link](https://support.google.com/merchants/answer/6324416). + Schema.org property [Offer.url](https://schema.org/url). type: string - format: google-datetime - priceRange: - description: >- - Output only. The price range of all the child Product.Type.VARIANT - Products grouped together on the Product.Type.PRIMARY Product. Only - populated for Product.Type.PRIMARY Products. Note: This field is - OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in - API requests. - readOnly: true - $ref: '#/components/schemas/GoogleCloudRetailV2PriceInfoPriceRange' - GoogleCloudRetailV2PriceInfoPriceRange: - id: GoogleCloudRetailV2PriceInfoPriceRange description: >- - The price range of all variant Product having the same - Product.primary_product_id. + Product captures all metadata information of items to be recommended or + searched. type: object + GoogleCloudRetailV2ProductAttributeInterval: properties: - price: - description: >- - The inclusive Product.pricing_info.price interval of all variant - Product having the same Product.primary_product_id. - $ref: '#/components/schemas/GoogleCloudRetailV2Interval' - originalPrice: - description: >- - The inclusive Product.pricing_info.original_price internal of all - variant Product having the same Product.primary_product_id. + name: + type: string + description: The attribute name (e.g. "length") + interval: $ref: '#/components/schemas/GoogleCloudRetailV2Interval' - GoogleCloudRetailV2Rating: - id: GoogleCloudRetailV2Rating - description: The rating of a Product. + description: The numeric interval (e.g. [10, 20)) + id: GoogleCloudRetailV2ProductAttributeInterval + description: Product attribute name and numeric interval. + type: object + GoogleCloudRetailV2ConversationalSearchResponseRefinedSearch: + id: GoogleCloudRetailV2ConversationalSearchResponseRefinedSearch + description: >- + The proposed refined search for intent-refinement/bundled shopping + conversation. When using CONVERSATIONAL_FILTER_ONLY mode, the + refined_query from search response will be populated here. type: object properties: - ratingCount: - description: >- - The total number of ratings. This value is independent of the value - of rating_histogram. This value must be nonnegative. Otherwise, an - INVALID_ARGUMENT error is returned. - type: integer - format: int32 - averageRating: + query: + type: string + description: The query to be used for search. + GoogleCloudRetailV2ImportUserEventsResponse: + properties: + errorsConfig: + $ref: '#/components/schemas/GoogleCloudRetailV2ImportErrorsConfig' description: >- - The average rating of the Product. The rating is scaled at 1-5. - Otherwise, an INVALID_ARGUMENT error is returned. - type: number - format: float - ratingHistogram: + Echoes the destination for the complete errors if this field was set + in the request. + errorSamples: + description: A sample of errors encountered while processing the request. + type: array + items: + $ref: '#/components/schemas/GoogleRpcStatus' + importSummary: + $ref: '#/components/schemas/GoogleCloudRetailV2UserEventImportSummary' + description: Aggregated statistics of user event import status. + description: >- + Response of the ImportUserEventsRequest. If the long running operation + was successful, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. + id: GoogleCloudRetailV2ImportUserEventsResponse + type: object + GoogleCloudRetailV2betaRemoveFulfillmentPlacesResponse: + id: GoogleCloudRetailV2betaRemoveFulfillmentPlacesResponse + description: >- + Response of the RemoveFulfillmentPlacesRequest. Currently empty because + there is no meaningful response populated from the + ProductService.RemoveFulfillmentPlaces method. + type: object + properties: {} + GoogleCloudRetailV2SearchResponseConversationalSearchResultSuggestedAnswer: + id: >- + GoogleCloudRetailV2SearchResponseConversationalSearchResultSuggestedAnswer + type: object + properties: + productAttributeValue: description: >- - List of rating counts per rating value (index = rating - 1). The - list is empty if there is no rating. If the list is non-empty, its - size is always 5. Otherwise, an INVALID_ARGUMENT error is returned. - For example, [41, 14, 13, 47, 303]. It means that the Product got 41 - ratings with 1 star, 14 ratings with 2 star, and so on. + Product attribute value, including an attribute key and an attribute + value. Other types can be added here in the future. + $ref: '#/components/schemas/GoogleCloudRetailV2ProductAttributeValue' + description: Suggested answers to the follow-up question. + GoogleCloudRetailV2betaSetInventoryMetadata: + properties: {} + description: >- + Metadata related to the progress of the SetInventory operation. + Currently empty because there is no meaningful metadata populated from + the ProductService.SetInventory method. + type: object + id: GoogleCloudRetailV2betaSetInventoryMetadata + GoogleCloudRetailV2alphaExportUserEventsResponse: + properties: + outputResult: + description: Output result indicating where the data were exported to. + $ref: '#/components/schemas/GoogleCloudRetailV2alphaOutputResult' + errorsConfig: + description: This field is never set. + $ref: '#/components/schemas/GoogleCloudRetailV2alphaExportErrorsConfig' + errorSamples: type: array + description: A sample of errors encountered while processing the request. items: - type: integer - format: int32 - GoogleCloudRetailV2FulfillmentInfo: - id: GoogleCloudRetailV2FulfillmentInfo + $ref: '#/components/schemas/GoogleRpcStatus' + type: object + id: GoogleCloudRetailV2alphaExportUserEventsResponse description: >- - Fulfillment information, such as the store IDs for in-store pickup or - region IDs for different shipping methods. + Response of the ExportUserEventsRequest. If the long running operation + was successful, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. + GoogleCloudRetailV2SearchResponse: + id: GoogleCloudRetailV2SearchResponse type: object + description: Response message for SearchService.Search method. properties: - type: + attributionToken: description: >- - The fulfillment type, including commonly used types (such as pickup - in store and same day delivery), and custom types. Customers have to - map custom types to their display names before rendering UI. - Supported values: * "pickup-in-store" * "ship-to-store" * - "same-day-delivery" * "next-day-delivery" * "custom-type-1" * - "custom-type-2" * "custom-type-3" * "custom-type-4" * - "custom-type-5" If this field is set to an invalid value other than - these, an INVALID_ARGUMENT error is returned. + A unique search token. This should be included in the UserEvent logs + resulting from this search, which enables accurate attribution of + search model performance. type: string - placeIds: - description: >- - The IDs for this type, such as the store IDs for - FulfillmentInfo.type.pickup-in-store or the region IDs for - FulfillmentInfo.type.same-day-delivery. A maximum of 3000 values are - allowed. Each value must be a string with a length limit of 30 - characters, matching the pattern `[a-zA-Z0-9_-]+`, such as "store1" - or "REGION-2". Otherwise, an INVALID_ARGUMENT error is returned. + queryExpansionInfo: + description: Query expansion information for the returned results. + $ref: >- + #/components/schemas/GoogleCloudRetailV2SearchResponseQueryExpansionInfo + experimentInfo: type: array items: - type: string - GoogleCloudRetailV2Image: - id: GoogleCloudRetailV2Image - description: >- - Product image. Recommendations AI and Retail Search use product images - to improve prediction and search results. Product images can be returned - in results, and are shown in prediction or search previews in the - console. Please try to provide correct product images and avoid using - images with size too small. - type: object - properties: - uri: + $ref: '#/components/schemas/GoogleCloudRetailV2ExperimentInfo' description: >- - Required. URI of the image. This field must be a valid UTF-8 encoded - URI with a length limit of 5,000 characters. Otherwise, an - INVALID_ARGUMENT error is returned. Google Merchant Center property - [image_link](https://support.google.com/merchants/answer/6324350). - Schema.org property [Product.image](https://schema.org/image). + Metadata related to A/B testing experiment associated with this + response. Only exists when an experiment is triggered. + tileNavigationResult: + $ref: >- + #/components/schemas/GoogleCloudRetailV2SearchResponseTileNavigationResult + description: >- + This field specifies all related information for tile navigation + that will be used in client side. + nextPageToken: + description: >- + A token that can be sent as SearchRequest.page_token to retrieve the + next page. If this field is omitted, there are no subsequent pages. type: string - height: + pinControlMetadata: description: >- - Height of the image in number of pixels. This field must be - nonnegative. Otherwise, an INVALID_ARGUMENT error is returned. - type: integer - format: int32 - width: + Metadata for pin controls which were applicable to the request. This + contains two map fields, one for all matched pins and one for pins + which were matched but not applied. The two maps are keyed by pin + position, and the values are the product ids which were matched to + that pin. + $ref: '#/components/schemas/GoogleCloudRetailV2PinControlMetadata' + correctedQuery: + type: string description: >- - Width of the image in number of pixels. This field must be - nonnegative. Otherwise, an INVALID_ARGUMENT error is returned. + Contains the spell corrected query, if found. If the spell + correction type is AUTOMATIC, then the search results are based on + corrected_query. Otherwise the original query is used for search. + facets: + items: + $ref: '#/components/schemas/GoogleCloudRetailV2SearchResponseFacet' + description: Results of facets requested by user. + type: array + totalSize: type: integer format: int32 - GoogleCloudRetailV2Audience: - id: GoogleCloudRetailV2Audience - description: An intended audience of the Product for whom it's sold. - type: object - properties: - genders: description: >- - The genders of the audience. Strongly encouraged to use the standard - values: "male", "female", "unisex". At most 5 values are allowed. - Each value must be a UTF-8 encoded string with a length limit of 128 - characters. Otherwise, an INVALID_ARGUMENT error is returned. Google - Merchant Center property - [gender](https://support.google.com/merchants/answer/6324479). - Schema.org property - [Product.audience.suggestedGender](https://schema.org/suggestedGender). + The estimated total count of matched items irrespective of + pagination. The count of results returned by pagination may be less + than the total_size that matches. + conversationalSearchResult: + description: >- + This field specifies all related information that is needed on + client side for UI rendering of conversational retail search. + $ref: >- + #/components/schemas/GoogleCloudRetailV2SearchResponseConversationalSearchResult + results: + items: + $ref: '#/components/schemas/GoogleCloudRetailV2SearchResponseSearchResult' type: array + description: A list of matched items. The order represents the ranking. + appliedControls: items: type: string - ageGroups: - description: >- - The age groups of the audience. Strongly encouraged to use the - standard values: "newborn" (up to 3 months old), "infant" (3–12 - months old), "toddler" (1–5 years old), "kids" (5–13 years old), - "adult" (typically teens or older). At most 5 values are allowed. - Each value must be a UTF-8 encoded string with a length limit of 128 - characters. Otherwise, an INVALID_ARGUMENT error is returned. Google - Merchant Center property - [age_group](https://support.google.com/merchants/answer/6324463). - Schema.org property - [Product.audience.suggestedMinAge](https://schema.org/suggestedMinAge) - and - [Product.audience.suggestedMaxAge](https://schema.org/suggestedMaxAge). type: array + description: >- + The fully qualified resource name of applied + [controls](https://cloud.google.com/retail/docs/serving-control-rules). + redirectUri: + description: >- + The URI of a customer-defined redirect page. If redirect action is + triggered, no search is performed, and only redirect_uri and + attribution_token are set in the response. + type: string + invalidConditionBoostSpecs: items: - type: string - GoogleCloudRetailV2ColorInfo: - id: GoogleCloudRetailV2ColorInfo - description: The color information of a Product. - type: object + $ref: >- + #/components/schemas/GoogleCloudRetailV2SearchRequestBoostSpecConditionBoostSpec + type: array + description: >- + The invalid SearchRequest.BoostSpec.condition_boost_specs that are + not applied during serving. + GoogleCloudRetailV2betaExportErrorsConfig: + description: Configuration of destination for Export related errors. + id: GoogleCloudRetailV2betaExportErrorsConfig properties: - colorFamilies: + gcsPrefix: description: >- - The standard color families. Strongly recommended to use the - following standard color groups: "Red", "Pink", "Orange", "Yellow", - "Purple", "Green", "Cyan", "Blue", "Brown", "White", "Gray", "Black" - and "Mixed". Normally it is expected to have only 1 color family. - May consider using single "Mixed" instead of multiple values. A - maximum of 5 values are allowed. Each value must be a UTF-8 encoded - string with a length limit of 128 characters. Otherwise, an - INVALID_ARGUMENT error is returned. Google Merchant Center property - [color](https://support.google.com/merchants/answer/6324487). - Schema.org property [Product.color](https://schema.org/color). The - colorFamilies field as a system attribute is not a required field - but strongly recommended to be specified. Google Search models treat - this field as more important than a custom product attribute when - specified. + Google Cloud Storage path for import errors. This must be an empty, + existing Cloud Storage bucket. Export errors will be written to a + file in this bucket, one per line, as a JSON-encoded + `google.rpc.Status` message. + type: string + type: object + GoogleCloudRetailV2SearchResponseTileNavigationResult: + properties: + tiles: type: array items: - type: string - colors: + $ref: '#/components/schemas/GoogleCloudRetailV2Tile' description: >- - The color display names, which may be different from standard color - family names, such as the color aliases used in the website - frontend. Normally it is expected to have only 1 color. May consider - using single "Mixed" instead of multiple values. A maximum of 75 - colors are allowed. Each value must be a UTF-8 encoded string with a - length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error - is returned. Google Merchant Center property - [color](https://support.google.com/merchants/answer/6324487). - Schema.org property [Product.color](https://schema.org/color). - type: array + The current tiles that are used for tile navigation, sorted by + engagement. + type: object + id: GoogleCloudRetailV2SearchResponseTileNavigationResult + description: >- + This field specifies all related information for tile navigation that + will be used in client side. + GoogleCloudRetailV2ExportAnalyticsMetricsResponse: + description: >- + Response of the ExportAnalyticsMetricsRequest. If the long running + operation was successful, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. + properties: + outputResult: + description: Output result indicating where the data were exported to. + $ref: '#/components/schemas/GoogleCloudRetailV2OutputResult' + errorsConfig: + $ref: '#/components/schemas/GoogleCloudRetailV2ExportErrorsConfig' + description: This field is never set. + errorSamples: items: - type: string - GoogleCloudRetailV2Promotion: - id: GoogleCloudRetailV2Promotion - description: Promotion specification. + $ref: '#/components/schemas/GoogleRpcStatus' + description: A sample of errors encountered while processing the request. + type: array + type: object + id: GoogleCloudRetailV2ExportAnalyticsMetricsResponse + GoogleCloudRetailV2ExportMetadata: + description: >- + Metadata related to the progress of the Export operation. This is + returned by the google.longrunning.Operation.metadata field. type: object properties: - promotionId: + updateTime: + format: google-datetime description: >- - Promotion identifier, which is the final component of name. For - example, this field is "free_gift", if name is - `projects/*/locations/global/catalogs/default_catalog/promotions/free_gift`. - The value must be a UTF-8 encoded string with a length limit of 128 - characters, and match the pattern: `a-zA-Z*`. For example, - id0LikeThis or ID_1_LIKE_THIS. Otherwise, an INVALID_ARGUMENT error - is returned. Corresponds to Google Merchant Center property - [promotion_id](https://support.google.com/merchants/answer/7050148). + Operation last update time. If the operation is done, this is also + the finish time. type: string - GoogleCloudRetailV2LocalInventory: - id: GoogleCloudRetailV2LocalInventory + createTime: + type: string + description: Operation create time. + format: google-datetime + id: GoogleCloudRetailV2ExportMetadata + GoogleCloudRetailV2betaAddLocalInventoriesResponse: description: >- - The inventory information at a place (e.g. a store) identified by a - place ID. + Response of the ProductService.AddLocalInventories API. Currently empty + because there is no meaningful response populated from the + ProductService.AddLocalInventories method. + id: GoogleCloudRetailV2betaAddLocalInventoriesResponse + type: object + properties: {} + GoogleCloudRetailV2betaModelServingConfigList: type: object properties: - placeId: - description: Optional. The place ID for the current set of inventory information. - type: string - priceInfo: - description: >- - Optional. Product price and cost information. Google Merchant Center - property - [price](https://support.google.com/merchants/answer/6324371). - $ref: '#/components/schemas/GoogleCloudRetailV2PriceInfo' - attributes: - description: >- - Optional. Additional local inventory attributes, for example, store - name, promotion tags, etc. This field needs to pass all below - criteria, otherwise an INVALID_ARGUMENT error is returned: * At most - 30 attributes are allowed. * The key must be a UTF-8 encoded string - with a length limit of 32 characters. * The key must match the - pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. - * The attribute values must be of the same type (text or number). * - Only 1 value is allowed for each attribute. * For text values, the - length limit is 256 UTF-8 characters. * The attribute does not - support search. The `searchable` field should be unset or set to - false. * The max summed total bytes of custom attribute keys and - values per product is 5MiB. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudRetailV2CustomAttribute' - fulfillmentTypes: + servingConfigIds: description: >- - Optional. Supported fulfillment types. Valid fulfillment type values - include commonly used types (such as pickup in store and same day - delivery), and custom types. Customers have to map custom types to - their display names before rendering UI. Supported values: * - "pickup-in-store" * "ship-to-store" * "same-day-delivery" * - "next-day-delivery" * "custom-type-1" * "custom-type-2" * - "custom-type-3" * "custom-type-4" * "custom-type-5" If this field is - set to an invalid value other than these, an INVALID_ARGUMENT error - is returned. All the elements must be distinct. Otherwise, an - INVALID_ARGUMENT error is returned. - type: array + Optional. A set of valid serving configs that may be used for + `PAGE_OPTIMIZATION`. items: type: string - GoogleCloudRetailV2DoubleList: - id: GoogleCloudRetailV2DoubleList - description: A message with a list of double values. + type: array + id: GoogleCloudRetailV2betaModelServingConfigList + description: >- + Represents an ordered combination of valid serving configs, which can be + used for `PAGE_OPTIMIZATION` recommendations. + GoogleCloudRetailV2ProductInlineSource: + description: The inline source for the input config for ImportProducts method. + id: GoogleCloudRetailV2ProductInlineSource type: object properties: - values: - description: The list of double values. + products: type: array items: - type: number - format: double - GoogleCloudRetailV2SearchResponseFacet: - id: GoogleCloudRetailV2SearchResponseFacet - description: A facet result. - type: object - properties: - key: + $ref: '#/components/schemas/GoogleCloudRetailV2Product' description: >- - The key for this facet. E.g., "colorFamilies" or "price" or - "attributes.attr1". + Required. A list of products to update/create. Each product must + have a valid Product.id. Recommended max of 100 items. + GoogleCloudRetailV2OutputConfigGcsDestination: + properties: + outputUriPrefix: type: string - values: - description: The facet values for this field. + description: >- + Required. The output uri prefix for saving output data to json + files. Some mapping examples are as follows: output_uri_prefix + sample output(assuming the object is foo.json) + ======================== + ============================================= gs://bucket/ + gs://bucket/foo.json gs://bucket/folder/ gs://bucket/folder/foo.json + gs://bucket/folder/item_ gs://bucket/folder/item_foo.json + type: object + id: GoogleCloudRetailV2OutputConfigGcsDestination + description: The Google Cloud Storage output destination configuration. + GoogleCloudRetailV2alphaSetInventoryResponse: + description: >- + Response of the SetInventoryRequest. Currently empty because there is no + meaningful response populated from the ProductService.SetInventory + method. + type: object + properties: {} + id: GoogleCloudRetailV2alphaSetInventoryResponse + GoogleCloudRetailV2betaImportProductsResponse: + id: GoogleCloudRetailV2betaImportProductsResponse + type: object + description: >- + Response of the ImportProductsRequest. If the long running operation is + done, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. + properties: + errorSamples: + description: A sample of errors encountered while processing the request. type: array items: - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchResponseFacetFacetValue - dynamicFacet: - description: Whether the facet is dynamically generated. - type: boolean - GoogleCloudRetailV2SearchResponseFacetFacetValue: - id: GoogleCloudRetailV2SearchResponseFacetFacetValue - description: A facet value which contains value names and their count. - type: object + $ref: '#/components/schemas/GoogleRpcStatus' + errorsConfig: + description: >- + Echoes the destination for the complete errors in the request if + set. + $ref: '#/components/schemas/GoogleCloudRetailV2betaImportErrorsConfig' + GoogleRpcStatus: properties: - value: - description: Text value of a facet, such as "Black" for facet "colorFamilies". - type: string - interval: - description: Interval value for a facet, such as [10, 20) for facet "price". - $ref: '#/components/schemas/GoogleCloudRetailV2Interval' - count: - description: Number of items that have this facet value. + message: type: string - format: int64 - minValue: description: >- - The minimum value in the FacetValue.interval. Only supported on - numerical facets and returned if - SearchRequest.FacetSpec.FacetKey.return_min_max is true. - type: number - format: double - maxValue: + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer + details: + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: array description: >- - The maximum value in the FacetValue.interval. Only supported on - numerical facets and returned if - SearchRequest.FacetSpec.FacetKey.return_min_max is true. - type: number - format: double - GoogleCloudRetailV2SearchResponseQueryExpansionInfo: - id: GoogleCloudRetailV2SearchResponseQueryExpansionInfo + A list of messages that carry the error details. There is a common + set of message types for APIs to use. description: >- - Information describing query expansion including whether expansion has - occurred. + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). type: object + id: GoogleRpcStatus + GoogleCloudRetailV2Condition: properties: - expandedQuery: - description: Bool describing whether query expansion has occurred. - type: boolean - pinnedResultCount: + activeTimeRange: description: >- - Number of pinned results. This field will only be set when expansion - happens and SearchRequest.QueryExpansionSpec.pin_unexpanded_results - is set to true. - type: string - format: int64 - GoogleCloudRetailV2PinControlMetadata: - id: GoogleCloudRetailV2PinControlMetadata - description: >- - Metadata for pinning to be returned in the response. This is used for - distinguishing between applied vs dropped pins. + Range of time(s) specifying when Condition is active. Condition true + if any time range matches. + type: array + items: + $ref: '#/components/schemas/GoogleCloudRetailV2ConditionTimeRange' + queryTerms: + description: >- + A list (up to 10 entries) of terms to match the query on. If not + specified, match all queries. If many query terms are specified, the + condition is matched if any of the terms is a match (i.e. using the + OR operator). + items: + $ref: '#/components/schemas/GoogleCloudRetailV2ConditionQueryTerm' + type: array + pageCategories: + type: array + description: >- + Used to support browse uses cases. A list (up to 10 entries) of + categories or departments. The format should be the same as + UserEvent.page_categories; + items: + type: string type: object + id: GoogleCloudRetailV2Condition + description: >- + Metadata that is used to define a condition that triggers an action. A + valid condition must specify at least one of 'query_terms' or + 'products_filter'. If multiple fields are specified, the condition is + met if all the fields are satisfied e.g. if a set of query terms and + product_filter are set, then only items matching the product_filter for + requests with a query matching the query terms wil get boosted. + GoogleCloudRetailV2betaUserEventImportSummary: + id: GoogleCloudRetailV2betaUserEventImportSummary properties: - allMatchedPins: - description: Map of all matched pins, keyed by pin position. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudRetailV2PinControlMetadataProductPins - droppedPins: + unjoinedEventsCount: + format: int64 description: >- - Map of pins that were dropped due to overlap with other matching - pins, keyed by pin position. - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudRetailV2PinControlMetadataProductPins - GoogleCloudRetailV2PinControlMetadataProductPins: - id: GoogleCloudRetailV2PinControlMetadataProductPins - description: List of product ids which have associated pins. + Count of user events imported, but with catalog information not + found in the imported catalog. + type: string + joinedEventsCount: + format: int64 + description: >- + Count of user events imported with complete existing catalog + information. + type: string type: object + description: >- + A summary of import result. The UserEventImportSummary summarizes the + import status for user events. + GoogleCloudRetailV2StringList: + description: A list of string values. properties: - productId: - description: List of product ids which have associated pins. + values: + description: String values. type: array items: type: string - GoogleCloudRetailV2ExperimentInfo: - id: GoogleCloudRetailV2ExperimentInfo - description: Metadata for active A/B testing experiment. type: object + id: GoogleCloudRetailV2StringList + GoogleCloudRetailV2Image: properties: - servingConfigExperiment: - description: A/B test between existing Cloud Retail Search ServingConfigs. - $ref: >- - #/components/schemas/GoogleCloudRetailV2ExperimentInfoServingConfigExperiment - experiment: + width: + type: integer + format: int32 description: >- - The fully qualified resource name of the experiment that provides - the serving config under test, should an active experiment exist. - For example: - `projects/*/locations/global/catalogs/default_catalog/experiments/experiment_id` + Width of the image in number of pixels. This field must be + nonnegative. Otherwise, an INVALID_ARGUMENT error is returned. + uri: + description: >- + Required. URI of the image. This field must be a valid UTF-8 encoded + URI with a length limit of 5,000 characters. Otherwise, an + INVALID_ARGUMENT error is returned. Google Merchant Center property + [image_link](https://support.google.com/merchants/answer/6324350). + Schema.org property [Product.image](https://schema.org/image). type: string - GoogleCloudRetailV2ExperimentInfoServingConfigExperiment: - id: GoogleCloudRetailV2ExperimentInfoServingConfigExperiment - description: Metadata for active serving config A/B tests. + height: + description: >- + Height of the image in number of pixels. This field must be + nonnegative. Otherwise, an INVALID_ARGUMENT error is returned. + format: int32 + type: integer type: object + description: >- + Product image. Recommendations AI and Retail Search use product images + to improve prediction and search results. Product images can be returned + in results, and are shown in prediction or search previews in the + console. Please try to provide correct product images and avoid using + images with size too small. + id: GoogleCloudRetailV2Image + GoogleCloudRetailV2PurgeProductsMetadata: properties: - originalServingConfig: - description: >- - The fully qualified resource name of the original - SearchRequest.placement in the search request prior to reassignment - by experiment API. For example: - `projects/*/locations/*/catalogs/*/servingConfigs/*`. + createTime: + format: google-datetime + description: Operation create time. type: string - experimentServingConfig: - description: >- - The fully qualified resource name of the serving config - `Experiment.VariantArm.serving_config_id` responsible for generating - the search response. For example: - `projects/*/locations/*/catalogs/*/servingConfigs/*`. + failureCount: + description: Count of entries that encountered errors while processing. type: string - GoogleCloudRetailV2SearchResponseConversationalSearchResult: - id: GoogleCloudRetailV2SearchResponseConversationalSearchResult - description: >- - This field specifies all related information that is needed on client - side for UI rendering of conversational retail search. + format: int64 + successCount: + type: string + description: Count of entries that were deleted successfully. + format: int64 + updateTime: + format: google-datetime + type: string + description: >- + Operation last update time. If the operation is done, this is also + the finish time. type: object + description: >- + Metadata related to the progress of the PurgeProducts operation. This + will be returned by the google.longrunning.Operation.metadata field. + id: GoogleCloudRetailV2PurgeProductsMetadata + GoogleCloudRetailV2PurgeUserEventsRequest: properties: - conversationId: - description: >- - Conversation UUID. This field will be stored in client side storage - to maintain the conversation session with server and will be used - for next search request's - SearchRequest.ConversationalSearchSpec.conversation_id to restore - conversation state in server. - type: string - refinedQuery: + filter: description: >- - The current refined query for the conversational search. This field - will be used in customer UI that the query in the search bar should - be replaced with the refined query. For example, if - SearchRequest.query is `dress` and next - SearchRequest.ConversationalSearchSpec.UserAnswer.text_answer is - `red color`, which does not match any product attribute value - filters, the refined query will be `dress, red color`. + Required. The filter string to specify the events to be deleted with + a length limit of 5,000 characters. Empty string filter is not + allowed. The eligible fields for filtering are: * `eventType`: + Double quoted UserEvent.event_type string. * `eventTime`: in ISO + 8601 "zulu" format. * `visitorId`: Double quoted string. Specifying + this will delete all events associated with a visitor. * `userId`: + Double quoted string. Specifying this will delete all events + associated with a user. Examples: * Deleting all events in a time + range: `eventTime > "2012-04-23T18:25:43.511Z" eventTime < + "2012-04-23T18:30:43.511Z"` * Deleting specific eventType in time + range: `eventTime > "2012-04-23T18:25:43.511Z" eventType = + "detail-page-view"` * Deleting all events for a specific visitor: + `visitorId = "visitor1024"` The filtering fields are assumed to have + an implicit AND. type: string - additionalFilters: + force: + type: boolean description: >- - This field is deprecated but will be kept for backward - compatibility. There is expected to have only one additional filter - and the value will be the same to the same as field - `additional_filter`. - deprecated: true - type: array + Actually perform the purge. If `force` is set to false, the method + will return the expected purge count without deleting any user + events. + type: object + id: GoogleCloudRetailV2PurgeUserEventsRequest + description: Request message for PurgeUserEvents method. + GoogleCloudRetailV2SearchResponseFacet: + properties: + values: + description: The facet values for this field. items: $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchResponseConversationalSearchResultAdditionalFilter - followupQuestion: - description: The follow-up question. e.g., `What is the color?` - type: string - suggestedAnswers: - description: The answer options provided to client for the follow-up question. + #/components/schemas/GoogleCloudRetailV2SearchResponseFacetFacetValue type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchResponseConversationalSearchResultSuggestedAnswer - additionalFilter: + dynamicFacet: + description: Whether the facet is dynamically generated. + type: boolean + key: description: >- - This is the incremental additional filters implied from the current - user answer. User should add the suggested addition filters to the - previous SearchRequest.filter, and use the merged filter in the - follow up search request. - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchResponseConversationalSearchResultAdditionalFilter - GoogleCloudRetailV2SearchResponseConversationalSearchResultAdditionalFilter: - id: >- - GoogleCloudRetailV2SearchResponseConversationalSearchResultAdditionalFilter - description: Additional filter that client side need to apply. + The key for this facet. E.g., "colorFamilies" or "price" or + "attributes.attr1". + type: string + id: GoogleCloudRetailV2SearchResponseFacet type: object + description: A facet result. + GoogleCloudRetailV2betaExportAnalyticsMetricsResponse: + description: >- + Response of the ExportAnalyticsMetricsRequest. If the long running + operation was successful, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. + id: GoogleCloudRetailV2betaExportAnalyticsMetricsResponse properties: - productAttributeValue: - description: >- - Product attribute value, including an attribute key and an attribute - value. Other types can be added here in the future. - $ref: '#/components/schemas/GoogleCloudRetailV2ProductAttributeValue' - GoogleCloudRetailV2SearchResponseConversationalSearchResultSuggestedAnswer: - id: >- - GoogleCloudRetailV2SearchResponseConversationalSearchResultSuggestedAnswer - description: Suggested answers to the follow-up question. + outputResult: + $ref: '#/components/schemas/GoogleCloudRetailV2betaOutputResult' + description: Output result indicating where the data were exported to. + errorsConfig: + $ref: '#/components/schemas/GoogleCloudRetailV2betaExportErrorsConfig' + description: This field is never set. + errorSamples: + description: A sample of errors encountered while processing the request. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + type: object + GoogleCloudRetailV2betaRejoinUserEventsMetadata: + properties: {} + type: object + description: Metadata for `RejoinUserEvents` method. + id: GoogleCloudRetailV2betaRejoinUserEventsMetadata + GoogleCloudRetailV2IntentClassificationConfigExample: type: object + description: An example for intent classification. properties: - productAttributeValue: + intentType: + type: string description: >- - Product attribute value, including an attribute key and an attribute - value. Other types can be added here in the future. - $ref: '#/components/schemas/GoogleCloudRetailV2ProductAttributeValue' - GoogleCloudRetailV2SearchResponseTileNavigationResult: - id: GoogleCloudRetailV2SearchResponseTileNavigationResult - description: >- - This field specifies all related information for tile navigation that - will be used in client side. + Optional. The intent_type must match one of the predefined intent + types defined at + https://cloud.google.com/retail/docs/reference/rpc/google.cloud.retail.v2alpha#querytype + classifiedPositive: + description: Required. Whether the example is classified positively. + type: boolean + reason: + description: >- + Optional. The reason for the intent classification. This is used to + explain the intent classification decision. + type: string + query: + description: Required. Example query. + type: string + id: GoogleCloudRetailV2IntentClassificationConfigExample + GoogleCloudRetailV2BigQueryOutputResult: + description: A BigQuery output result. type: object properties: - tiles: + tableId: + type: string + description: The ID of a BigQuery Table. + datasetId: + description: The ID of a BigQuery Dataset. + type: string + id: GoogleCloudRetailV2BigQueryOutputResult + GoogleTypeDate: + id: GoogleTypeDate + description: >- + Represents a whole or partial calendar date, such as a birthday. The + time of day and time zone are either specified elsewhere or are + insignificant. The date is relative to the Gregorian Calendar. This can + represent one of the following: * A full date, with non-zero year, + month, and day values. * A month and day, with a zero year (for example, + an anniversary). * A year on its own, with a zero month and a zero day. + * A year and month, with a zero day (for example, a credit card + expiration date). Related types: * google.type.TimeOfDay * + google.type.DateTime * google.protobuf.Timestamp + properties: + year: + format: int32 + type: integer description: >- - The current tiles that are used for tile navigation, sorted by - engagement. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2Tile' - GoogleCloudRetailV2CompleteQueryResponse: - id: GoogleCloudRetailV2CompleteQueryResponse - description: Response of the autocomplete query. + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. + month: + type: integer + format: int32 + description: >- + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. + day: + format: int32 + type: integer + description: >- + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. type: object + GoogleCloudRetailV2UserInfo: properties: - completionResults: + ipAddress: description: >- - Results of the matching suggestions. The result list is ordered and - the first result is top suggestion. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRetailV2CompleteQueryResponseCompletionResult - attributionToken: + The end user's IP address. This field is used to extract location + information for personalization. This field must be either an IPv4 + address (e.g. "104.133.9.80") or an IPv6 address (e.g. + "2001:0db8:85a3:0000:0000:8a2e:0370:7334"). Otherwise, an + INVALID_ARGUMENT error is returned. This should not be set when: * + setting SearchRequest.user_info. * using the JavaScript tag in + UserEventService.CollectUserEvent or if direct_user_request is set. + type: string + directUserRequest: + type: boolean description: >- - A unique complete token. This should be included in the - UserEvent.completion_detail for search events resulting from this - completion, which enables accurate attribution of complete model - performance. + True if the request is made directly from the end user, in which + case the ip_address and user_agent can be populated from the HTTP + request. This flag should be set only if the API request is made + directly from the end user such as a mobile app (and not if a + gateway or a server is processing and pushing the user events). This + should not be set when using the JavaScript tag in + UserEventService.CollectUserEvent. + userAgent: type: string - recentSearchResults: description: >- - Deprecated. Matched recent searches of this user. The maximum number - of recent searches is 10. This field is a restricted feature. If you - want to enable it, contact Retail Search support. This feature is - only available when CompleteQueryRequest.visitor_id field is set and - UserEvent is imported. The recent searches satisfy the follow rules: - * They are ordered from latest to oldest. * They are matched with - CompleteQueryRequest.query case insensitively. * They are - transformed to lower case. * They are UTF-8 safe. Recent searches - are deduplicated. More recent searches will be reserved when - duplication happens. - deprecated: true - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRetailV2CompleteQueryResponseRecentSearchResult - attributeResults: + User agent as included in the HTTP header. The field must be a UTF-8 + encoded string with a length limit of 1,000 characters. Otherwise, + an INVALID_ARGUMENT error is returned. This should not be set when + using the client side event reporting with GTM or JavaScript tag in + UserEventService.CollectUserEvent or if direct_user_request is set. + userId: + type: string description: >- - A map of matched attribute suggestions. This field is only available - for `cloud-retail` dataset. Current supported keys: * `brands` * - `categories` - type: object - additionalProperties: - $ref: >- - #/components/schemas/GoogleCloudRetailV2CompleteQueryResponseAttributeResult - GoogleCloudRetailV2CompleteQueryResponseCompletionResult: - id: GoogleCloudRetailV2CompleteQueryResponseCompletionResult - description: Resource that represents completion results. + Highly recommended for logged-in users. Unique identifier for + logged-in user, such as a user name. Don't set for anonymous users. + Always use a hashed value for this ID. Don't set the field to the + same fixed ID for different users. This mixes the event history of + those users together, which results in degraded model quality. The + field must be a UTF-8 encoded string with a length limit of 128 + characters. Otherwise, an INVALID_ARGUMENT error is returned. type: object + id: GoogleCloudRetailV2UserInfo + description: Information of an end user. + GoogleCloudRetailV2alphaTransformedUserEventsMetadata: properties: - suggestion: - description: The suggestion for the query. + sourceEventsCount: type: string - attributes: + format: int64 + description: Count of entries in the source user events BigQuery table. + transformedEventsCount: + type: string + format: int64 description: >- - Custom attributes for the suggestion term. * For `user-data`, the - attributes are additional custom attributes ingested through - BigQuery. * For `cloud-retail`, the attributes are product - attributes generated by Cloud Retail. It requires - UserEvent.product_details is imported properly. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudRetailV2CustomAttribute' - GoogleCloudRetailV2CompleteQueryResponseRecentSearchResult: - id: GoogleCloudRetailV2CompleteQueryResponseRecentSearchResult - deprecated: true - description: 'Deprecated: Recent search of this user.' + Count of entries in the transformed user events BigQuery table, + which could be different from the actually imported number of user + events. type: object + id: GoogleCloudRetailV2alphaTransformedUserEventsMetadata + description: Metadata related to transform user events operation. + GoogleCloudRetailV2ExportAnalyticsMetricsRequest: + id: GoogleCloudRetailV2ExportAnalyticsMetricsRequest properties: - recentSearch: - description: The recent search query. + filter: + description: >- + A filtering expression to specify restrictions on returned metrics. + The expression is a sequence of terms. Each term applies a + restriction to the returned metrics. Use this expression to restrict + results to a specific time range. Currently we expect only one types + of fields: * `timestamp`: This can be specified twice, once with a + less than operator and once with a greater than operator. The + `timestamp` restriction should result in one, contiguous, valid, + `timestamp` range. Some examples of valid filters expressions: * + Example 1: `timestamp > "2012-04-23T18:25:43.511Z" timestamp < + "2012-04-23T18:30:43.511Z"` * Example 2: `timestamp > + "2012-04-23T18:25:43.511Z"` type: string - GoogleCloudRetailV2CompleteQueryResponseAttributeResult: - id: GoogleCloudRetailV2CompleteQueryResponseAttributeResult - description: Resource that represents attribute results. + outputConfig: + $ref: '#/components/schemas/GoogleCloudRetailV2OutputConfig' + description: Required. The output location of the data. + description: Request message for the `ExportAnalyticsMetrics` method. type: object + GoogleCloudRetailV2alphaImportErrorsConfig: + id: GoogleCloudRetailV2alphaImportErrorsConfig properties: - suggestions: - description: The list of suggestions for the attribute. + gcsPrefix: + type: string + description: >- + Google Cloud Storage prefix for import errors. This must be an + empty, existing Cloud Storage directory. Import errors are written + to sharded files in this directory, one per line, as a JSON-encoded + `google.rpc.Status` message. + type: object + description: Configuration of destination for Import related errors. + GoogleLongrunningListOperationsResponse: + id: GoogleLongrunningListOperationsResponse + properties: + nextPageToken: + description: The standard List next-page token. + type: string + operations: + items: + $ref: '#/components/schemas/GoogleLongrunningOperation' type: array + description: >- + A list of operations that matches the specified filter in the + request. + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. items: type: string - GoogleCloudRetailV2ImportCompletionDataRequest: - id: GoogleCloudRetailV2ImportCompletionDataRequest - description: Request message for ImportCompletionData methods. + type: array + description: The response message for Operations.ListOperations. type: object + GoogleCloudRetailV2SearchRequestFacetSpecFacetKey: + id: GoogleCloudRetailV2SearchRequestFacetSpecFacetKey properties: - inputConfig: - description: Required. The desired input location of the data. - $ref: '#/components/schemas/GoogleCloudRetailV2CompletionDataInputConfig' - notificationPubsubTopic: + returnMinMax: description: >- - Pub/Sub topic for receiving notification. If this field is set, when - the import is finished, a notification is sent to specified Pub/Sub - topic. The message data is JSON string of a Operation. Format of the - Pub/Sub topic is `projects/{project}/topics/{topic}`. - type: string - GoogleCloudRetailV2Control: - id: GoogleCloudRetailV2Control - description: >- - Configures dynamic metadata that can be linked to a ServingConfig and - affect search or recommendation results at serving time. - type: object - properties: - name: + Returns the min and max value for each numerical facet intervals. + Ignored for textual facets. + type: boolean + query: description: >- - Immutable. Fully qualified name - `projects/*/locations/global/catalogs/*/controls/*` + The query that is used to compute facet for the given facet key. + When provided, it overrides the default behavior of facet + computation. The query syntax is the same as a filter expression. + See SearchRequest.filter for detail syntax and limitations. Notice + that there is no limitation on FacetKey.key when query is specified. + In the response, SearchResponse.Facet.values.value is always "1" and + SearchResponse.Facet.values.count is the number of results that + match the query. For example, you can set a customized facet for + "shipToStore", where FacetKey.key is "customizedShipToStore", and + FacetKey.query is "availability: ANY(\"IN_STOCK\") AND shipToStore: + ANY(\"123\")". Then the facet counts the products that are both in + stock and ship to store "123". type: string - displayName: + intervals: + type: array description: >- - Required. The human readable control display name. Used in Retail - UI. This field must be a UTF-8 encoded string with a length limit of - 128 characters. Otherwise, an INVALID_ARGUMENT error is thrown. - type: string - rule: + Set only if values should be bucketized into intervals. Must be set + for facets with numerical values. Must not be set for facet with + text values. Maximum number of intervals is 40. For all numerical + facet keys that appear in the list of products from the catalog, the + percentiles 0, 10, 30, 50, 70, 90, and 100 are computed from their + distribution weekly. If the model assigns a high score to a + numerical facet key and its intervals are not specified in the + search request, these percentiles become the bounds for its + intervals and are returned in the response. If the facet key + intervals are specified in the request, then the specified intervals + are returned instead. + items: + $ref: '#/components/schemas/GoogleCloudRetailV2Interval' + orderBy: description: >- - A rule control - a condition-action pair. Enacts a set action when - the condition is triggered. For example: Boost "gShoe" when query - full matches "Running Shoes". - $ref: '#/components/schemas/GoogleCloudRetailV2Rule' - associatedServingConfigIds: + The order in which SearchResponse.Facet.values are returned. Allowed + values are: * "count desc", which means order by + SearchResponse.Facet.values.count descending. * "value desc", which + means order by SearchResponse.Facet.values.value descending. Only + applies to textual facets. If not set, textual values are sorted in + [natural order](https://en.wikipedia.org/wiki/Natural_sort_order); + numerical intervals are sorted in the order given by + FacetSpec.FacetKey.intervals; FulfillmentInfo.place_ids are sorted + in the order given by FacetSpec.FacetKey.restricted_values. + type: string + contains: description: >- - Output only. List of serving config ids that are associated with - this control in the same Catalog. Note the association is managed - via the ServingConfig, this is an output only denormalized view. - readOnly: true + Only get facet values that contains the given strings. For example, + suppose "categories" has three values "Women > Shoe", "Women > + Dress" and "Men > Shoe". If set "contains" to "Shoe", the + "categories" facet gives only "Women > Shoe" and "Men > Shoe". Only + supported on textual fields. Maximum is 10. type: array items: type: string - solutionTypes: - description: >- - Required. Immutable. The solution types that the control is used - for. Currently we support setting only one type of solution at - creation time. Only `SOLUTION_TYPE_SEARCH` value is supported at the - moment. If no solution type is provided at creation time, will - default to SOLUTION_TYPE_SEARCH. + restrictedValues: type: array + description: >- + Only get facet for the given restricted values. For example, when + using "pickupInStore" as key and set restricted values to + ["store123", "store456"], only facets for "store123" and "store456" + are returned. Only supported on predefined textual fields, custom + textual attributes and fulfillments. Maximum is 20. Must be set for + the fulfillment facet keys: * pickupInStore * shipToStore * + sameDayDelivery * nextDayDelivery * customFulfillment1 * + customFulfillment2 * customFulfillment3 * customFulfillment4 * + customFulfillment5 items: type: string - enumDescriptions: - - Default value. - - Used for Recommendations AI. - - Used for Retail Search. - enum: - - SOLUTION_TYPE_UNSPECIFIED - - SOLUTION_TYPE_RECOMMENDATION - - SOLUTION_TYPE_SEARCH - searchSolutionUseCase: - description: >- - Specifies the use case for the control. Affects what condition - fields can be set. Only settable by search controls. Will default to - SEARCH_SOLUTION_USE_CASE_SEARCH if not specified. Currently only - allow one search_solution_use_case per control. + prefixes: type: array + description: >- + Only get facet values that start with the given string prefix. For + example, suppose "categories" has three values "Women > Shoe", + "Women > Dress" and "Men > Shoe". If set "prefixes" to "Women", the + "categories" facet gives only "Women > Shoe" and "Women > Dress". + Only supported on textual fields. Maximum is 10. items: type: string - enumDescriptions: - - >- - The value when it's unspecified. In this case, server behavior - defaults to SEARCH_SOLUTION_USE_CASE_SEARCH. - - Search use case. Expects the traffic has a non-empty query. - - Browse use case. Expects the traffic has an empty query. - enum: - - SEARCH_SOLUTION_USE_CASE_UNSPECIFIED - - SEARCH_SOLUTION_USE_CASE_SEARCH - - SEARCH_SOLUTION_USE_CASE_BROWSE - GoogleCloudRetailV2Rule: - id: GoogleCloudRetailV2Rule - description: >- - A rule is a condition-action pair * A condition defines when a rule is - to be triggered. * An action specifies what occurs on that trigger. - Currently rules only work for controls with SOLUTION_TYPE_SEARCH. - type: object - properties: - boostAction: - description: A boost action. - $ref: '#/components/schemas/GoogleCloudRetailV2RuleBoostAction' - redirectAction: - description: Redirects a shopper to a specific page. - $ref: '#/components/schemas/GoogleCloudRetailV2RuleRedirectAction' - onewaySynonymsAction: - description: >- - Treats specific term as a synonym with a group of terms. Group of - terms will not be treated as synonyms with the specific term. - $ref: '#/components/schemas/GoogleCloudRetailV2RuleOnewaySynonymsAction' - doNotAssociateAction: - description: Prevents term from being associated with other terms. - $ref: '#/components/schemas/GoogleCloudRetailV2RuleDoNotAssociateAction' - replacementAction: - description: Replaces specific terms in the query. - $ref: '#/components/schemas/GoogleCloudRetailV2RuleReplacementAction' - ignoreAction: - description: Ignores specific terms from query during search. - $ref: '#/components/schemas/GoogleCloudRetailV2RuleIgnoreAction' - filterAction: - description: Filters results. - $ref: '#/components/schemas/GoogleCloudRetailV2RuleFilterAction' - twowaySynonymsAction: - description: Treats a set of terms as synonyms of one another. - $ref: '#/components/schemas/GoogleCloudRetailV2RuleTwowaySynonymsAction' - forceReturnFacetAction: - description: Force returns an attribute as a facet in the request. - $ref: '#/components/schemas/GoogleCloudRetailV2RuleForceReturnFacetAction' - removeFacetAction: - description: Remove an attribute as a facet in the request (if present). - $ref: '#/components/schemas/GoogleCloudRetailV2RuleRemoveFacetAction' - pinAction: + key: + type: string description: >- - Pins one or more specified products to a specific position in the - results. - $ref: '#/components/schemas/GoogleCloudRetailV2RulePinAction' - condition: + Required. Supported textual and numerical facet keys in Product + object, over which the facet values are computed. Facet key is + case-sensitive. Allowed facet keys when FacetKey.query is not + specified: * textual_field = * "brands" * "categories" * "genders" * + "ageGroups" * "availability" * "colorFamilies" * "colors" * "sizes" + * "materials" * "patterns" * "conditions" * "attributes.key" * + "pickupInStore" * "shipToStore" * "sameDayDelivery" * + "nextDayDelivery" * "customFulfillment1" * "customFulfillment2" * + "customFulfillment3" * "customFulfillment4" * "customFulfillment5" * + "inventory(place_id,attributes.key)" * numerical_field = * "price" * + "discount" * "rating" * "ratingCount" * "attributes.key" * + "inventory(place_id,price)" * "inventory(place_id,original_price)" * + "inventory(place_id,attributes.key)" + caseInsensitive: description: >- - Required. The condition that triggers the rule. If the condition is - empty, the rule will always apply. - $ref: '#/components/schemas/GoogleCloudRetailV2Condition' - GoogleCloudRetailV2RuleBoostAction: - id: GoogleCloudRetailV2RuleBoostAction - description: A boost action to apply to results matching condition specified above. + True to make facet keys case insensitive when getting faceting + values with prefixes or contains; false otherwise. + type: boolean type: object + description: Specifies how a facet is computed. + GoogleCloudRetailV2alphaImportUserEventsResponse: properties: - boost: - description: >- - Strength of the condition boost, which must be in [-1, 1]. Negative - boost means demotion. Default is 0.0. Setting to 1.0 gives the item - a big promotion. However, it does not necessarily mean that the - boosted item will be the top result at all times, nor that other - items will be excluded. Results could still be shown even when none - of them matches the condition. And results that are significantly - more relevant to the search query can still trump your heavily - favored but irrelevant items. Setting to -1.0 gives the item a big - demotion. However, results that are deeply relevant might still be - shown. The item will have an upstream battle to get a fairly high - ranking, but it is not blocked out completely. Setting to 0.0 means - no boost applied. The boosting condition is ignored. - type: number - format: float - productsFilter: + errorSamples: + items: + $ref: '#/components/schemas/GoogleRpcStatus' + description: A sample of errors encountered while processing the request. + type: array + importSummary: + $ref: '#/components/schemas/GoogleCloudRetailV2alphaUserEventImportSummary' + description: Aggregated statistics of user event import status. + errorsConfig: + $ref: '#/components/schemas/GoogleCloudRetailV2alphaImportErrorsConfig' description: >- - The filter can have a max size of 5000 characters. An expression - which specifies which products to apply an action to. The syntax and - supported fields are the same as a filter expression. See - SearchRequest.filter for detail syntax and limitations. Examples: * - To boost products with product ID "product_1" or "product_2", and - color "Red" or "Blue": *(id: ANY("product_1", "product_2")) * *AND * - *(colorFamilies: ANY("Red", "Blue")) * - type: string - GoogleCloudRetailV2RuleRedirectAction: - id: GoogleCloudRetailV2RuleRedirectAction + Echoes the destination for the complete errors if this field was set + in the request. description: >- - Redirects a shopper to a specific page. * Rule Condition: Must specify - Condition.query_terms. * Action Input: Request Query * Action Result: - Redirects shopper to provided uri. + Response of the ImportUserEventsRequest. If the long running operation + was successful, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. type: object + id: GoogleCloudRetailV2alphaImportUserEventsResponse + GoogleCloudRetailV2betaExportProductsResponse: + type: object + description: >- + Response of the ExportProductsRequest. If the long running operation is + done, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. properties: - redirectUri: - description: URL must have length equal or less than 2000 characters. + errorsConfig: + $ref: '#/components/schemas/GoogleCloudRetailV2betaExportErrorsConfig' + description: This field is never set. + outputResult: + $ref: '#/components/schemas/GoogleCloudRetailV2betaOutputResult' + description: Output result indicating where the data were exported to. + errorSamples: + type: array + description: A sample of errors encountered while processing the request. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + id: GoogleCloudRetailV2betaExportProductsResponse + GoogleCloudRetailV2CatalogAttributeFacetConfigMergedFacet: + properties: + mergedFacetKey: + description: >- + The merged facet key should be a valid facet key that is different + than the facet key of the current catalog attribute. We refer this + is merged facet key as the child of the current catalog attribute. + This merged facet key can't be a parent of another facet key (i.e. + no directed path of length 2). This merged facet key needs to be + either a textual custom attribute or a numerical custom attribute. type: string - GoogleCloudRetailV2RuleOnewaySynonymsAction: - id: GoogleCloudRetailV2RuleOnewaySynonymsAction description: >- - Maps a set of terms to a set of synonyms. Set of synonyms will be - treated as synonyms of each query term only. `query_terms` will not be - treated as synonyms of each other. Example: "sneakers" will use a - synonym of "shoes". "shoes" will not use a synonym of "sneakers". + The current facet key (i.e. attribute config) maps into the + merged_facet_key. A facet key can have at most one child. The current + facet key and the merged facet key need both to be textual custom + attributes or both numerical custom attributes (same type). type: object + id: GoogleCloudRetailV2CatalogAttributeFacetConfigMergedFacet + GoogleCloudRetailV2SearchResponseQueryExpansionInfo: properties: - queryTerms: - description: >- - Terms from the search query. Will treat synonyms as their synonyms. - Not themselves synonyms of the synonyms. Can specify up to 100 - terms. - type: array - items: - type: string - synonyms: + expandedQuery: + description: Bool describing whether query expansion has occurred. + type: boolean + pinnedResultCount: description: >- - Defines a set of synonyms. Cannot contain duplicates. Can specify up - to 100 synonyms. - type: array - items: - type: string - onewayTerms: - description: Will be [deprecated = true] post migration; - type: array - items: - type: string - GoogleCloudRetailV2RuleDoNotAssociateAction: - id: GoogleCloudRetailV2RuleDoNotAssociateAction + Number of pinned results. This field will only be set when expansion + happens and SearchRequest.QueryExpansionSpec.pin_unexpanded_results + is set to true. + type: string + format: int64 + type: object description: >- - Prevents `query_term` from being associated with specified terms during - search. Example: Don't associate "gShoe" and "cheap". + Information describing query expansion including whether expansion has + occurred. + id: GoogleCloudRetailV2SearchResponseQueryExpansionInfo + GoogleCloudRetailV2DoubleList: type: object + id: GoogleCloudRetailV2DoubleList properties: - queryTerms: - description: >- - Terms from the search query. Will not consider - do_not_associate_terms for search if in search query. Can specify up - to 100 terms. + values: type: array + description: The list of double values. items: - type: string - doNotAssociateTerms: + format: double + type: number + description: A message with a list of double values. + GoogleCloudRetailV2SafetySetting: + id: GoogleCloudRetailV2SafetySetting + properties: + method: + enumDescriptions: + - The harm block method is unspecified. + - The harm block method uses both probability and severity scores. + - The harm block method uses the probability score. + type: string + enum: + - HARM_BLOCK_METHOD_UNSPECIFIED + - SEVERITY + - PROBABILITY description: >- - Cannot contain duplicates or the query term. Can specify up to 100 - terms. - type: array + Optional. Specify if the threshold is used for probability or + severity score. If not specified, the threshold is used for + probability score. + threshold: + type: string + description: The harm block threshold. + enumDescriptions: + - Unspecified harm block threshold. + - Block low threshold and above (i.e. block more). + - Block medium threshold and above. + - Block only high threshold (i.e. block less). + - Block none. + - Turn off the safety filter. + enum: + - HARM_BLOCK_THRESHOLD_UNSPECIFIED + - BLOCK_LOW_AND_ABOVE + - BLOCK_MEDIUM_AND_ABOVE + - BLOCK_ONLY_HIGH + - BLOCK_NONE + - 'OFF' + category: + enumDescriptions: + - The harm category is unspecified. + - The harm category is hate speech. + - The harm category is dangerous content. + - The harm category is harassment. + - The harm category is sexually explicit content. + - The harm category is civic integrity. + description: Harm category. + type: string + enum: + - HARM_CATEGORY_UNSPECIFIED + - HARM_CATEGORY_HATE_SPEECH + - HARM_CATEGORY_DANGEROUS_CONTENT + - HARM_CATEGORY_HARASSMENT + - HARM_CATEGORY_SEXUALLY_EXPLICIT + - HARM_CATEGORY_CIVIC_INTEGRITY + type: object + description: Safety settings. + GoogleCloudRetailV2alphaOutputResult: + description: >- + Output result that stores the information about where the exported data + is stored. + id: GoogleCloudRetailV2alphaOutputResult + properties: + bigqueryResult: items: - type: string - terms: - description: Will be [deprecated = true] post migration; + $ref: '#/components/schemas/GoogleCloudRetailV2alphaBigQueryOutputResult' + description: The BigQuery location where the result is stored. + type: array + gcsResult: type: array + description: The Google Cloud Storage location where the result is stored. items: - type: string - GoogleCloudRetailV2RuleReplacementAction: - id: GoogleCloudRetailV2RuleReplacementAction + $ref: '#/components/schemas/GoogleCloudRetailV2alphaGcsOutputResult' + type: object + GoogleCloudRetailV2RemoveFulfillmentPlacesResponse: description: >- - Replaces a term in the query. Multiple replacement candidates can be - specified. All `query_terms` will be replaced with the replacement term. - Example: Replace "gShoe" with "google shoe". + Response of the RemoveFulfillmentPlacesRequest. Currently empty because + there is no meaningful response populated from the + ProductService.RemoveFulfillmentPlaces method. + id: GoogleCloudRetailV2RemoveFulfillmentPlacesResponse + type: object + properties: {} + GoogleCloudRetailV2betaImportUserEventsResponse: + description: >- + Response of the ImportUserEventsRequest. If the long running operation + was successful, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. type: object + id: GoogleCloudRetailV2betaImportUserEventsResponse properties: - queryTerms: + errorsConfig: description: >- - Terms from the search query. Will be replaced by replacement term. - Can specify up to 100 terms. + Echoes the destination for the complete errors if this field was set + in the request. + $ref: '#/components/schemas/GoogleCloudRetailV2betaImportErrorsConfig' + errorSamples: type: array items: - type: string - replacementTerm: - description: Term that will be used for replacement. - type: string - term: - description: Will be [deprecated = true] post migration; - type: string - GoogleCloudRetailV2RuleIgnoreAction: - id: GoogleCloudRetailV2RuleIgnoreAction + $ref: '#/components/schemas/GoogleRpcStatus' + description: A sample of errors encountered while processing the request. + importSummary: + $ref: '#/components/schemas/GoogleCloudRetailV2betaUserEventImportSummary' + description: Aggregated statistics of user event import status. + GoogleCloudRetailV2betaModel: description: >- - Prevents a term in the query from being used in search. Example: Don't - search for "shoddy". - type: object + Metadata that describes the training and serving parameters of a Model. + A Model can be associated with a ServingConfig and then queried through + the Predict API. properties: - ignoreTerms: - description: Terms to ignore in the search query. + optimizationObjective: + type: string + description: >- + Optional. The optimization objective e.g. `cvr`. Currently supported + values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we + choose default based on model type. Default depends on type of + recommendation: `recommended-for-you` => `ctr` `others-you-may-like` + => `ctr` `frequently-bought-together` => `revenue_per_order` This + field together with optimization_objective describe model metadata + to use to control model training and serving. See + https://cloud.google.com/retail/docs/models for more details on what + the model metadata control and which combination of parameters are + valid. For invalid combinations of parameters (e.g. type = + `frequently-bought-together` and optimization_objective = `ctr`), + you receive an error 400 if you try to create/update a + recommendation with this set of knobs. + lastTuneTime: + description: Output only. The timestamp when the latest successful tune finished. + readOnly: true + type: string + format: google-datetime + dataState: + enumDescriptions: + - Unspecified default value, should never be explicitly set. + - The model has sufficient training data. + - >- + The model does not have sufficient training data. Error messages + can be queried via Stackdriver. + enum: + - DATA_STATE_UNSPECIFIED + - DATA_OK + - DATA_ERROR + type: string + description: >- + Output only. The state of data requirements for this model: + `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained + if the data is in `DATA_ERROR` state. Recommendation model can have + `DATA_ERROR` state even if serving state is `ACTIVE`: models were + trained successfully before, but cannot be refreshed because model + no longer has sufficient data for training. + readOnly: true + periodicTuningState: + type: string + description: >- + Optional. The state of periodic tuning. The period we use is 3 + months - to do a one-off tune earlier use the `TuneModel` method. + Default value is `PERIODIC_TUNING_ENABLED`. + enum: + - PERIODIC_TUNING_STATE_UNSPECIFIED + - PERIODIC_TUNING_DISABLED + - ALL_TUNING_DISABLED + - PERIODIC_TUNING_ENABLED + enumDescriptions: + - Unspecified default value, should never be explicitly set. + - >- + The model has periodic tuning disabled. Tuning can be reenabled by + calling the `EnableModelPeriodicTuning` method or by calling the + `TuneModel` method. + - >- + The model cannot be tuned with periodic tuning OR the `TuneModel` + method. Hide the options in customer UI and reject any requests + through the backend self serve API. + - >- + The model has periodic tuning enabled. Tuning can be disabled by + calling the `DisableModelPeriodicTuning` method. + servingState: + readOnly: true + type: string + enumDescriptions: + - Unspecified serving state. + - The model is not serving. + - The model is serving and can be queried. + - The model is trained on tuned hyperparameters and can be queried. + enum: + - SERVING_STATE_UNSPECIFIED + - INACTIVE + - ACTIVE + - TUNED + description: 'Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.' + name: + description: >- + Required. The fully qualified resource name of the model. Format: + `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` + catalog_id has char limit of 50. recommendation_model_id has char + limit of 40. + type: string + updateTime: + format: google-datetime + readOnly: true + type: string + description: >- + Output only. Timestamp the Recommendation Model was last updated. + E.g. if a Recommendation Model was paused - this would be the time + the pause was initiated. + modelFeaturesConfig: + description: Optional. Additional model features config. + $ref: '#/components/schemas/GoogleCloudRetailV2betaModelModelFeaturesConfig' + filteringOption: + enum: + - RECOMMENDATIONS_FILTERING_OPTION_UNSPECIFIED + - RECOMMENDATIONS_FILTERING_DISABLED + - RECOMMENDATIONS_FILTERING_ENABLED + enumDescriptions: + - >- + Value used when unset. In this case, server behavior defaults to + RECOMMENDATIONS_FILTERING_DISABLED. + - Recommendation filtering is disabled. + - Recommendation filtering is enabled. + description: >- + Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation + filtering by attributes is enabled for the model. + type: string + tuningOperation: + description: >- + Output only. The tune operation associated with the model. Can be + used to determine if there is an ongoing tune for this + recommendation. Empty field implies no tune is goig on. + type: string + readOnly: true + createTime: + readOnly: true + type: string + description: Output only. Timestamp the Recommendation Model was created at. + format: google-datetime + trainingState: + type: string + description: >- + Optional. The training state that the model is in (e.g. `TRAINING` + or `PAUSED`). Since part of the cost of running the service is + frequency of training - this can be used to determine when to train + model in order to control cost. If not specified: the default value + for `CreateModel` method is `TRAINING`. The default value for + `UpdateModel` method is to keep the state the same as before. + enum: + - TRAINING_STATE_UNSPECIFIED + - PAUSED + - TRAINING + enumDescriptions: + - Unspecified training state. + - The model training is paused. + - The model is training. + servingConfigLists: + readOnly: true type: array items: - type: string - GoogleCloudRetailV2RuleFilterAction: - id: GoogleCloudRetailV2RuleFilterAction - description: >- - * Rule Condition: - No Condition.query_terms provided is a global match. - - 1 or more Condition.query_terms provided are combined with OR - operator. * Action Input: The request query and filter that are applied - to the retrieved products, in addition to any filters already provided - with the SearchRequest. The AND operator is used to combine the query's - existing filters with the filter rule(s). NOTE: May result in 0 results - when filters conflict. * Action Result: Filters the returned objects to - be ONLY those that passed the filter. - type: object - properties: - filter: + $ref: '#/components/schemas/GoogleCloudRetailV2betaModelServingConfigList' + description: >- + Output only. The list of valid serving configs associated with the + PageOptimizationConfig. + type: + type: string description: >- - A filter to apply on the matching condition results. Supported - features: * filter must be set. * Filter syntax is identical to - SearchRequest.filter. For more information, see - [Filter](/retail/docs/filter-and-order#filter). * To filter products - with product ID "product_1" or "product_2", and color "Red" or - "Blue": *(id: ANY("product_1", "product_2")) * *AND * - *(colorFamilies: ANY("Red", "Blue")) * + Required. The type of model e.g. `home-page`. Currently supported + values: `recommended-for-you`, `others-you-may-like`, + `frequently-bought-together`, `page-optimization`, `similar-items`, + `buy-it-again`, `on-sale-items`, and `recently-viewed`(readonly + value). This field together with optimization_objective describe + model metadata to use to control model training and serving. See + https://cloud.google.com/retail/docs/models for more details on what + the model metadata control and which combination of parameters are + valid. For invalid combinations of parameters (e.g. type = + `frequently-bought-together` and optimization_objective = `ctr`), + you receive an error 400 if you try to create/update a + recommendation with this set of knobs. + displayName: type: string - GoogleCloudRetailV2RuleTwowaySynonymsAction: - id: GoogleCloudRetailV2RuleTwowaySynonymsAction - description: >- - Creates a set of terms that will be treated as synonyms of each other. - Example: synonyms of "sneakers" and "shoes": * "sneakers" will use a - synonym of "shoes". * "shoes" will use a synonym of "sneakers". + description: >- + Required. The display name of the model. Should be human readable, + used to display Recommendation Models in the Retail Cloud Console + Dashboard. UTF-8 encoded string with limit of 1024 characters. + id: GoogleCloudRetailV2betaModel type: object + GoogleCloudRetailV2alphaModelModelFeaturesConfig: + description: Additional model features config. properties: - synonyms: - description: >- - Defines a set of synonyms. Can specify up to 100 synonyms. Must - specify at least 2 synonyms. - type: array - items: - type: string - GoogleCloudRetailV2RuleForceReturnFacetAction: - id: GoogleCloudRetailV2RuleForceReturnFacetAction - description: >- - Force returns an attribute/facet in the request around a certain - position or above. * Rule Condition: Must specify non-empty - Condition.query_terms (for search only) or Condition.page_categories - (for browse only), but can't specify both. * Action Inputs: attribute - name, position * Action Result: Will force return a facet key around a - certain position or above if the condition is satisfied. Example: - Suppose the query is "shoes", the Condition.query_terms is "shoes", the - ForceReturnFacetAction.FacetPositionAdjustment.attribute_name is "size" - and the ForceReturnFacetAction.FacetPositionAdjustment.position is 8. - Two cases: a) The facet key "size" is not already in the top 8 slots, - then the facet "size" will appear at a position close to 8. b) The facet - key "size" in among the top 8 positions in the request, then it will - stay at its current rank. + frequentlyBoughtTogetherConfig: + $ref: >- + #/components/schemas/GoogleCloudRetailV2alphaModelFrequentlyBoughtTogetherFeaturesConfig + description: Additional configs for frequently-bought-together models. type: object + id: GoogleCloudRetailV2alphaModelModelFeaturesConfig + GoogleCloudRetailV2ImportProductsResponse: + description: >- + Response of the ImportProductsRequest. If the long running operation is + done, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. + id: GoogleCloudRetailV2ImportProductsResponse properties: - facetPositionAdjustments: - description: >- - Each instance corresponds to a force return attribute for the given - condition. There can't be more 15 instances here. + errorSamples: type: array + description: A sample of errors encountered while processing the request. items: - $ref: >- - #/components/schemas/GoogleCloudRetailV2RuleForceReturnFacetActionFacetPositionAdjustment - GoogleCloudRetailV2RuleForceReturnFacetActionFacetPositionAdjustment: - id: GoogleCloudRetailV2RuleForceReturnFacetActionFacetPositionAdjustment - description: >- - Each facet position adjustment consists of a single attribute name (i.e. - facet key) along with a specified position. + $ref: '#/components/schemas/GoogleRpcStatus' + errorsConfig: + description: >- + Echoes the destination for the complete errors in the request if + set. + $ref: '#/components/schemas/GoogleCloudRetailV2ImportErrorsConfig' type: object + GoogleCloudRetailV2SearchRequestConversationalSearchSpec: properties: - attributeName: + conversationId: description: >- - The attribute name to force return as a facet. Each attribute name - should be a valid attribute name, be non-empty and contain at most - 80 characters long. + This field specifies the conversation id, which maintains the state + of the conversation between client side and server side. Use the + value from the previous ConversationalSearchResult.conversation_id. + For the initial request, this should be empty. type: string - position: + followupConversationRequested: description: >- - This is the position in the request as explained above. It should be - strictly positive be at most 100. - type: integer - format: int32 - GoogleCloudRetailV2RuleRemoveFacetAction: - id: GoogleCloudRetailV2RuleRemoveFacetAction - description: >- - Removes an attribute/facet in the request if is present. * Rule - Condition: Must specify non-empty Condition.query_terms (for search - only) or Condition.page_categories (for browse only), but can't specify - both. * Action Input: attribute name * Action Result: Will remove the - attribute (as a facet) from the request if it is present. Example: - Suppose the query is "shoes", the Condition.query_terms is "shoes" and - the attribute name "size", then facet key "size" will be removed from - the request (if it is present). + This field specifies whether the customer would like to do + conversational search. If this field is set to true, conversational + related extra information will be returned from server side, + including follow-up question, answer options, etc. + type: boolean + userAnswer: + description: >- + This field specifies the current user answer during the + conversational search. This can be either user selected from + suggested answers or user input plain text. + $ref: >- + #/components/schemas/GoogleCloudRetailV2SearchRequestConversationalSearchSpecUserAnswer type: object + description: >- + This field specifies all conversational related parameters addition to + traditional retail search. + id: GoogleCloudRetailV2SearchRequestConversationalSearchSpec + GoogleCloudRetailV2Audience: properties: - attributeNames: - description: >- - The attribute names (i.e. facet keys) to remove from the dynamic - facets (if present in the request). There can't be more 3 attribute - names. Each attribute name should be a valid attribute name, be - non-empty and contain at most 80 characters. + genders: type: array + description: >- + The genders of the audience. Strongly encouraged to use the standard + values: "male", "female", "unisex". At most 5 values are allowed. + Each value must be a UTF-8 encoded string with a length limit of 128 + characters. Otherwise, an INVALID_ARGUMENT error is returned. Google + Merchant Center property + [gender](https://support.google.com/merchants/answer/6324479). + Schema.org property + [Product.audience.suggestedGender](https://schema.org/suggestedGender). items: type: string - GoogleCloudRetailV2RulePinAction: - id: GoogleCloudRetailV2RulePinAction + ageGroups: + items: + type: string + type: array + description: >- + The age groups of the audience. Strongly encouraged to use the + standard values: "newborn" (up to 3 months old), "infant" (3–12 + months old), "toddler" (1–5 years old), "kids" (5–13 years old), + "adult" (typically teens or older). At most 5 values are allowed. + Each value must be a UTF-8 encoded string with a length limit of 128 + characters. Otherwise, an INVALID_ARGUMENT error is returned. Google + Merchant Center property + [age_group](https://support.google.com/merchants/answer/6324463). + Schema.org property + [Product.audience.suggestedMinAge](https://schema.org/suggestedMinAge) + and + [Product.audience.suggestedMaxAge](https://schema.org/suggestedMaxAge). + id: GoogleCloudRetailV2Audience + description: An intended audience of the Product for whom it's sold. + type: object + GoogleCloudRetailV2betaAddFulfillmentPlacesMetadata: + id: GoogleCloudRetailV2betaAddFulfillmentPlacesMetadata + properties: {} description: >- - Pins one or more specified products to a specific position in the - results. * Rule Condition: Must specify non-empty Condition.query_terms - (for search only) or Condition.page_categories (for browse only), but - can't specify both. * Action Input: mapping of `[pin_position, - product_id]` pairs (pin position uses 1-based indexing). * Action - Result: Will pin products with matching ids to the position specified in - the final result order. Example: Suppose the query is `shoes`, the - Condition.query_terms is `shoes` and the pin_map has `{1, "pid1"}`, then - product with `pid1` will be pinned to the top position in the final - results. If multiple PinActions are matched to a single request the - actions will be processed from most to least recently updated. Pins to - positions larger than the max allowed page size of 120 are not allowed. + Metadata related to the progress of the AddFulfillmentPlaces operation. + Currently empty because there is no meaningful metadata populated from + the ProductService.AddFulfillmentPlaces method. type: object + GoogleLongrunningOperation: + description: >- + This resource represents a long-running operation that is the result of + a network API call. properties: - pinMap: + response: description: >- - Required. A map of positions to product_ids. Partial matches per - action are allowed, if a certain position in the map is already - filled that `[position, product_id]` pair will be ignored but the - rest may still be applied. This case will only occur if multiple pin - actions are matched to a single request, as the map guarantees that - pin positions are unique within the same action. Duplicate - product_ids are not permitted within a single pin map. The max size - of this map is 120, equivalent to the max [request page - size](https://cloud.google.com/retail/docs/reference/rest/v2/projects.locations.catalogs.placements/search#request-body). + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any type: object + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + name: + type: string + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + metadata: additionalProperties: - type: string - GoogleCloudRetailV2Condition: - id: GoogleCloudRetailV2Condition - description: >- - Metadata that is used to define a condition that triggers an action. A - valid condition must specify at least one of 'query_terms' or - 'products_filter'. If multiple fields are specified, the condition is - met if all the fields are satisfied e.g. if a set of query terms and - product_filter are set, then only items matching the product_filter for - requests with a query matching the query terms wil get boosted. + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + error: + $ref: '#/components/schemas/GoogleRpcStatus' + description: >- + The error result of the operation in case of failure or + cancellation. + type: object + id: GoogleLongrunningOperation + GoogleCloudRetailV2alphaModelServingConfigList: + id: GoogleCloudRetailV2alphaModelServingConfigList type: object properties: - queryTerms: - description: >- - A list (up to 10 entries) of terms to match the query on. If not - specified, match all queries. If many query terms are specified, the - condition is matched if any of the terms is a match (i.e. using the - OR operator). - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2ConditionQueryTerm' - activeTimeRange: - description: >- - Range of time(s) specifying when Condition is active. Condition true - if any time range matches. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2ConditionTimeRange' - pageCategories: + servingConfigIds: description: >- - Used to support browse uses cases. A list (up to 10 entries) of - categories or departments. The format should be the same as - UserEvent.page_categories; + Optional. A set of valid serving configs that may be used for + `PAGE_OPTIMIZATION`. type: array items: type: string - GoogleCloudRetailV2ConditionQueryTerm: - id: GoogleCloudRetailV2ConditionQueryTerm - description: Query terms that we want to match on. - type: object + description: >- + Represents an ordered combination of valid serving configs, which can be + used for `PAGE_OPTIMIZATION` recommendations. + GoogleCloudRetailV2RuleForceReturnFacetActionFacetPositionAdjustment: + id: GoogleCloudRetailV2RuleForceReturnFacetActionFacetPositionAdjustment + description: >- + Each facet position adjustment consists of a single attribute name (i.e. + facet key) along with a specified position. properties: - value: + position: description: >- - The value of the term to match on. Value cannot be empty. Value can - have at most 3 terms if specified as a partial match. Each space - separated string is considered as one term. For example, "a b c" is - 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a - partial match. + This is the position in the request as explained above. It should be + strictly positive be at most 100. + format: int32 + type: integer + attributeName: + description: >- + The attribute name to force return as a facet. Each attribute name + should be a valid attribute name, be non-empty and contain at most + 80 characters long. type: string - fullMatch: - description: Whether this is supposed to be a full or partial match. - type: boolean - GoogleCloudRetailV2ConditionTimeRange: - id: GoogleCloudRetailV2ConditionTimeRange - description: >- - Used for time-dependent conditions. Example: Want to have rule applied - for week long sale. + type: object + GoogleCloudRetailV2OutputConfigBigQueryDestination: + description: The BigQuery output destination configuration. + id: GoogleCloudRetailV2OutputConfigBigQueryDestination type: object properties: - startTime: - description: Start of time range. Range is inclusive. + tableIdPrefix: + description: Required. The prefix of exported BigQuery tables. type: string - format: google-datetime - endTime: - description: End of time range. Range is inclusive. + datasetId: type: string - format: google-datetime - GoogleCloudRetailV2ListControlsResponse: - id: GoogleCloudRetailV2ListControlsResponse - description: Response for ListControls method. + description: Required. The ID of a BigQuery Dataset. + tableType: + description: >- + Required. Describes the table type. The following values are + supported: * `table`: A BigQuery native table. * `view`: A virtual + table defined by a SQL query. + type: string + GoogleCloudRetailV2alphaRejoinUserEventsResponse: + description: Response message for `RejoinUserEvents` method. + id: GoogleCloudRetailV2alphaRejoinUserEventsResponse type: object properties: - controls: - description: All the Controls for a given catalog. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2Control' - nextPageToken: - description: Pagination token, if not returned indicates the last page. + rejoinedUserEventsCount: type: string - GoogleCloudRetailV2GenerativeQuestionsFeatureConfig: - id: GoogleCloudRetailV2GenerativeQuestionsFeatureConfig - description: Configuration for overall generative question feature state. + description: Number of user events that were joined with latest product catalog. + format: int64 + GoogleCloudRetailV2IntentClassificationConfigInlineForceIntent: + description: An inline force intent classification configuration. type: object properties: - catalog: + intentType: + type: string description: >- - Required. Resource name of the affected catalog. Format: - projects/{project}/locations/{location}/catalogs/{catalog} + Optional. The intent_type must match one of the predefined intent + types defined at + https://cloud.google.com/retail/docs/reference/rpc/google.cloud.retail.v2alpha#querytype + query: type: string - featureEnabled: + description: Optional. A example query. + operation: + description: Optional. The operation to perform for the query. + type: string + enumDescriptions: + - Unspecified match operation. + - Exact match. + - Contains match. + enum: + - OPERATION_UNSPECIFIED + - EXACT_MATCH + - CONTAINS + id: GoogleCloudRetailV2IntentClassificationConfigInlineForceIntent + GoogleCloudRetailV2RemoveLocalInventoriesRequest: + properties: + removeTime: + format: google-datetime description: >- - Optional. Determines whether questions will be used at serving time. - Note: This feature cannot be enabled until initial data requirements - are satisfied. + The time when the inventory deletions are issued. Used to prevent + out-of-order updates and deletions on local inventory fields. If not + provided, the internal system time will be used. + type: string + allowMissing: + description: >- + If set to true, and the Product is not found, the local inventory + removal request will still be processed and retained for at most 1 + day and processed once the Product is created. If set to false, a + NOT_FOUND error is returned if the Product is not found. type: boolean - minimumProducts: + placeIds: + items: + type: string + type: array description: >- - Optional. Minimum number of products in the response to trigger - follow-up questions. Value must be 0 or positive. - type: integer - format: int32 - GoogleCloudRetailV2ListGenerativeQuestionConfigsResponse: - id: GoogleCloudRetailV2ListGenerativeQuestionConfigsResponse - description: Response for ListQuestions method. + Required. A list of place IDs to have their inventory deleted. At + most 3000 place IDs are allowed per request. + type: object + description: Request message for ProductService.RemoveLocalInventories method. + id: GoogleCloudRetailV2RemoveLocalInventoriesRequest + GoogleCloudRetailV2betaImportCompletionDataResponse: type: object + id: GoogleCloudRetailV2betaImportCompletionDataResponse + description: >- + Response of the ImportCompletionDataRequest. If the long running + operation is done, this message is returned by the + google.longrunning.Operations.response field if the operation is + successful. properties: - generativeQuestionConfigs: - description: All the questions for a given catalog. - type: array + errorSamples: + description: A sample of errors encountered while processing the request. items: - $ref: '#/components/schemas/GoogleCloudRetailV2GenerativeQuestionConfig' - GoogleCloudRetailV2GenerativeQuestionConfig: - id: GoogleCloudRetailV2GenerativeQuestionConfig - description: Configuration for a single generated question. + $ref: '#/components/schemas/GoogleRpcStatus' + type: array + GoogleCloudRetailV2RemoveLocalInventoriesResponse: + description: >- + Response of the ProductService.RemoveLocalInventories API. Currently + empty because there is no meaningful response populated from the + ProductService.RemoveLocalInventories method. + properties: {} + type: object + id: GoogleCloudRetailV2RemoveLocalInventoriesResponse + GoogleCloudRetailV2PauseModelRequest: + properties: {} + description: Request for pausing training of a model. + type: object + id: GoogleCloudRetailV2PauseModelRequest + GoogleCloudRetailV2AddCatalogAttributeRequest: type: object properties: - catalog: + catalogAttribute: + description: Required. The CatalogAttribute to add. + $ref: '#/components/schemas/GoogleCloudRetailV2CatalogAttribute' + description: Request for CatalogService.AddCatalogAttribute method. + id: GoogleCloudRetailV2AddCatalogAttributeRequest + GoogleCloudRetailV2ExportErrorsConfig: + type: object + description: Configuration of destination for Export related errors. + properties: + gcsPrefix: description: >- - Required. Resource name of the catalog. Format: - projects/{project}/locations/{location}/catalogs/{catalog} - type: string - facet: - description: Required. The facet to which the question is associated. - type: string - generatedQuestion: - description: Output only. The LLM generated question. - readOnly: true + Google Cloud Storage path for import errors. This must be an empty, + existing Cloud Storage bucket. Export errors will be written to a + file in this bucket, one per line, as a JSON-encoded + `google.rpc.Status` message. type: string - finalQuestion: - description: >- - Optional. The question that will be used at serving time. Question - can have a max length of 300 bytes. When not populated, - generated_question should be used. + id: GoogleCloudRetailV2ExportErrorsConfig + GoogleCloudRetailV2CompleteQueryResponseRecentSearchResult: + properties: + recentSearch: + description: The recent search query. type: string - exampleValues: - description: Output only. Values that can be used to answer the question. - readOnly: true - type: array - items: - type: string - frequency: - description: Output only. The ratio of how often a question was asked. - readOnly: true - type: number - format: float - allowedInConversation: - description: Optional. Whether the question is asked at serving time. - type: boolean - GoogleCloudRetailV2BatchUpdateGenerativeQuestionConfigsRequest: - id: GoogleCloudRetailV2BatchUpdateGenerativeQuestionConfigsRequest - description: Request for BatchUpdateGenerativeQuestionConfig method. type: object + deprecated: true + description: 'Deprecated: Recent search of this user.' + id: GoogleCloudRetailV2CompleteQueryResponseRecentSearchResult + GoogleCloudRetailV2betaRemoveLocalInventoriesResponse: + type: object + id: GoogleCloudRetailV2betaRemoveLocalInventoriesResponse + properties: {} + description: >- + Response of the ProductService.RemoveLocalInventories API. Currently + empty because there is no meaningful response populated from the + ProductService.RemoveLocalInventories method. + GoogleCloudRetailV2SearchResponseSearchResult: + description: Represents the search results. + type: object + id: GoogleCloudRetailV2SearchResponseSearchResult properties: - requests: - description: Required. The updates question configs. + modelScores: + additionalProperties: + $ref: '#/components/schemas/GoogleCloudRetailV2DoubleList' + description: Google provided available scores. + type: object + matchingVariantCount: + description: The count of matched variant Products. + type: integer + format: int32 + id: + type: string + description: Product.id of the searched Product. + personalLabels: type: array items: - $ref: >- - #/components/schemas/GoogleCloudRetailV2UpdateGenerativeQuestionConfigRequest - GoogleCloudRetailV2UpdateGenerativeQuestionConfigRequest: - id: GoogleCloudRetailV2UpdateGenerativeQuestionConfigRequest - description: Request for UpdateGenerativeQuestionConfig method. + type: string + description: >- + Specifies previous events related to this product for this user + based on UserEvent with same SearchRequest.visitor_id or + UserInfo.user_id. This is set only when + SearchRequest.PersonalizationSpec.mode is + SearchRequest.PersonalizationSpec.Mode.AUTO. Possible values: * + `purchased`: Indicates that this product has been purchased before. + variantRollupValues: + additionalProperties: + type: any + type: object + description: >- + The rollup matching variant Product attributes. The key is one of + the SearchRequest.variant_rollup_keys. The values are the merged and + de-duplicated Product attributes. Notice that the rollup values are + respect filter. For example, when filtering by + "colorFamilies:ANY(\"red\")" and rollup "colorFamilies", only "red" + is returned. For textual and numerical attributes, the rollup values + is a list of string or double values with type + google.protobuf.ListValue. For example, if there are two variants + with colors "red" and "blue", the rollup values are { key: + "colorFamilies" value { list_value { values { string_value: "red" } + values { string_value: "blue" } } } } For FulfillmentInfo, the + rollup values is a double value with type google.protobuf.Value. For + example, `{key: "pickupInStore.store1" value { number_value: 10 }}` + means a there are 10 variants in this product are available in the + store "store1". + product: + description: >- + The product data snippet in the search response. Only Product.name + is guaranteed to be populated. Product.variants contains the product + variants that match the search query. If there are multiple product + variants matching the query, top 5 most relevant product variants + are returned and ordered by relevancy. If relevancy can be + deternmined, use matching_variant_fields to look up matched product + variants fields. If relevancy cannot be determined, e.g. when + searching "shoe" all products in a shoe product can be a match, 5 + product variants are returned but order is meaningless. + $ref: '#/components/schemas/GoogleCloudRetailV2Product' + matchingVariantFields: + description: >- + If a variant Product matches the search query, this map indicates + which Product fields are matched. The key is the Product.name, the + value is a field mask of the matched Product fields. If matched + attributes cannot be determined, this map will be empty. For + example, a key "sku1" with field mask "products.color_info" + indicates there is a match between "sku1" ColorInfo and the query. + additionalProperties: + type: string + format: google-fieldmask + type: object + GoogleCloudRetailV2betaAddFulfillmentPlacesResponse: type: object + id: GoogleCloudRetailV2betaAddFulfillmentPlacesResponse + description: >- + Response of the AddFulfillmentPlacesRequest. Currently empty because + there is no meaningful response populated from the + ProductService.AddFulfillmentPlaces method. + properties: {} + GoogleCloudRetailLoggingErrorContext: properties: - generativeQuestionConfig: - description: Required. The question to update. - $ref: '#/components/schemas/GoogleCloudRetailV2GenerativeQuestionConfig' - updateMask: + httpRequest: + description: The HTTP request which was processed when the error was triggered. + $ref: '#/components/schemas/GoogleCloudRetailLoggingHttpRequestContext' + reportLocation: + $ref: '#/components/schemas/GoogleCloudRetailLoggingSourceLocation' description: >- - Optional. Indicates which fields in the provided - GenerativeQuestionConfig to update. The following are NOT supported: - * GenerativeQuestionConfig.frequency If not set or empty, all - supported fields are updated. - type: string - format: google-fieldmask - GoogleCloudRetailV2BatchUpdateGenerativeQuestionConfigsResponse: - id: GoogleCloudRetailV2BatchUpdateGenerativeQuestionConfigsResponse - description: Aggregated response for UpdateGenerativeQuestionConfig method. + The location in the source code where the decision was made to + report the error, usually the place where it was logged. + id: GoogleCloudRetailLoggingErrorContext type: object - properties: - generativeQuestionConfigs: - description: Optional. The updates question configs. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2GenerativeQuestionConfig' + description: A description of the context in which an error occurred. GoogleCloudRetailV2ConversationalSearchCustomizationConfig: - id: GoogleCloudRetailV2ConversationalSearchCustomizationConfig + type: object description: >- The public proto to represent the conversational search customization config. It will be converted to the internal proto in the backend. - type: object + id: GoogleCloudRetailV2ConversationalSearchCustomizationConfig properties: + catalog: + description: >- + Required. Resource name of the catalog. Format: + projects/{project}/locations/{location}/catalogs/{catalog} + type: string retailerDisplayName: description: >- Optional. The retailer's display name that could be used in our LLM answers. Example - "Google" type: string intentClassificationConfig: - description: Optional. The configs for intent classification. $ref: '#/components/schemas/GoogleCloudRetailV2IntentClassificationConfig' - catalog: - description: >- - Required. Resource name of the catalog. Format: - projects/{project}/locations/{location}/catalogs/{catalog} - type: string - GoogleCloudRetailV2IntentClassificationConfig: - id: GoogleCloudRetailV2IntentClassificationConfig - description: >- - The public proto to represent the intent classification config. It will - be converted to the internal proto in the backend. - type: object + description: Optional. The configs for intent classification. + GoogleCloudRetailV2ServingConfig: + id: GoogleCloudRetailV2ServingConfig properties: - inlineSource: - description: Optional. Inline source for intent classifications. + personalizationSpec: + description: >- + The specification for personalization spec. Can only be set if + solution_types is SOLUTION_TYPE_SEARCH. Notice that if both + ServingConfig.personalization_spec and + SearchRequest.personalization_spec are set. + SearchRequest.personalization_spec will override + ServingConfig.personalization_spec. $ref: >- - #/components/schemas/GoogleCloudRetailV2IntentClassificationConfigInlineSource - modelPreamble: + #/components/schemas/GoogleCloudRetailV2SearchRequestPersonalizationSpec + priceRerankingLevel: description: >- - Optional. Customers can use the preamble to specify any requirements - for blocklisting intent classification. This preamble will be added - to the blocklisting intent classification model prompt. + How much price ranking we want in serving results. Price reranking + causes product items with a similar recommendation probability to be + ordered by price, with the highest-priced items first. This setting + could result in a decrease in click-through and conversion rates. + Allowed values are: * `no-price-reranking` * `low-price-reranking` * + `medium-price-reranking` * `high-price-reranking` If not specified, + we choose default based on model type. Default value: + `no-price-reranking`. Can only be set if solution_types is + SOLUTION_TYPE_RECOMMENDATION. type: string - example: - description: Optional. A list of examples for intent classification. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRetailV2IntentClassificationConfigExample - blocklistKeywords: - description: >- - Optional. A list of keywords that will be used to classify the query - to the "BLOCKLISTED" intent type. The keywords are case insensitive. + doNotAssociateControlIds: type: array - items: - type: string - disabledIntentTypes: description: >- - Optional. A list of intent types that will be disabled for this - customer. The intent types must match one of the predefined intent - types defined at - https://cloud.google.com/retail/docs/reference/rpc/google.cloud.retail.v2alpha#querytype - type: array + Condition do not associate specifications. If multiple do not + associate conditions match, all matching do not associate controls + in the list will execute. - Order does not matter. - Maximum number + of specifications is 100. Can only be set if solution_types is + SOLUTION_TYPE_SEARCH. items: type: string - GoogleCloudRetailV2IntentClassificationConfigInlineSource: - id: GoogleCloudRetailV2IntentClassificationConfigInlineSource - description: Inline source for intent classifications. - type: object - properties: - inlineForceIntents: - description: Optional. A list of inline force intent classifications. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRetailV2IntentClassificationConfigInlineForceIntent - GoogleCloudRetailV2IntentClassificationConfigInlineForceIntent: - id: GoogleCloudRetailV2IntentClassificationConfigInlineForceIntent - description: An inline force intent classification configuration. - type: object - properties: - query: - description: Optional. A example query. - type: string - operation: - description: Optional. The operation to perform for the query. - type: string - enumDescriptions: - - Unspecified match operation. - - Exact match. - - Contains match. - enum: - - OPERATION_UNSPECIFIED - - EXACT_MATCH - - CONTAINS - intentType: - description: >- - Optional. The intent_type must match one of the predefined intent - types defined at - https://cloud.google.com/retail/docs/reference/rpc/google.cloud.retail.v2alpha#querytype - type: string - GoogleCloudRetailV2IntentClassificationConfigExample: - id: GoogleCloudRetailV2IntentClassificationConfigExample - description: An example for intent classification. - type: object - properties: - query: - description: Required. Example query. - type: string - intentType: - description: >- - Optional. The intent_type must match one of the predefined intent - types defined at - https://cloud.google.com/retail/docs/reference/rpc/google.cloud.retail.v2alpha#querytype - type: string - reason: + enableCategoryFilterLevel: description: >- - Optional. The reason for the intent classification. This is used to - explain the intent classification decision. - type: string - classifiedPositive: - description: Required. Whether the example is classified positively. - type: boolean - GoogleCloudRetailV2Model: - id: GoogleCloudRetailV2Model - description: >- - Metadata that describes the training and serving parameters of a Model. - A Model can be associated with a ServingConfig and then queried through - the Predict API. - type: object - properties: + Whether to add additional category filters on the `similar-items` + model. If not specified, we enable it by default. Allowed values + are: * `no-category-match`: No additional filtering of original + results from the model and the customer's filters. * + `relaxed-category-match`: Only keep results with categories that + match at least one item categories in the PredictRequests's context + item. * If customer also sends filters in the PredictRequest, then + the results will satisfy both conditions (user given and category + match). Can only be set if solution_types is + SOLUTION_TYPE_RECOMMENDATION. + type: string + boostControlIds: + description: >- + Condition boost specifications. If a product matches multiple + conditions in the specifications, boost scores from these + specifications are all applied and combined in a non-linear way. + Maximum number of specifications is 100. Notice that if both + ServingConfig.boost_control_ids and SearchRequest.boost_spec are + set, the boost conditions from both places are evaluated. If a + search request matches multiple boost conditions, the final boost + score is equal to the sum of the boost scores from all matched boost + conditions. Can only be set if solution_types is + SOLUTION_TYPE_SEARCH. + items: + type: string + type: array name: description: >- - Required. The fully qualified resource name of the model. Format: - `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` - catalog_id has char limit of 50. recommendation_model_id has char - limit of 40. + Immutable. Fully qualified name + `projects/*/locations/global/catalogs/*/servingConfig/*` type: string - displayName: + modelId: description: >- - Required. The display name of the model. Should be human readable, - used to display Recommendation Models in the Retail Cloud Console - Dashboard. UTF-8 encoded string with limit of 1024 characters. + The id of the model in the same Catalog to use at serving time. + Currently only RecommendationModels are supported: + https://cloud.google.com/retail/recommendations-ai/docs/create-models + Can be changed but only to a compatible model (e.g. + others-you-may-like CTR to others-you-may-like CVR). Required when + solution_types is SOLUTION_TYPE_RECOMMENDATION. type: string - trainingState: + redirectControlIds: + items: + type: string description: >- - Optional. The training state that the model is in (e.g. `TRAINING` - or `PAUSED`). Since part of the cost of running the service is - frequency of training - this can be used to determine when to train - model in order to control cost. If not specified: the default value - for `CreateModel` method is `TRAINING`. The default value for - `UpdateModel` method is to keep the state the same as before. - type: string - enumDescriptions: - - Unspecified training state. - - The model training is paused. - - The model is training. - enum: - - TRAINING_STATE_UNSPECIFIED - - PAUSED - - TRAINING - servingState: - description: 'Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.' - readOnly: true + Condition redirect specifications. Only the first triggered redirect + action is applied, even if multiple apply. Maximum number of + specifications is 1000. Can only be set if solution_types is + SOLUTION_TYPE_SEARCH. + type: array + diversityType: type: string - enumDescriptions: - - Unspecified serving state. - - The model is not serving. - - The model is serving and can be queried. - - The model is trained on tuned hyperparameters and can be queried. enum: - - SERVING_STATE_UNSPECIFIED - - INACTIVE - - ACTIVE - - TUNED - createTime: - description: Output only. Timestamp the Recommendation Model was created at. - readOnly: true - type: string - format: google-datetime - updateTime: + - DIVERSITY_TYPE_UNSPECIFIED + - RULE_BASED_DIVERSITY + - DATA_DRIVEN_DIVERSITY description: >- - Output only. Timestamp the Recommendation Model was last updated. - E.g. if a Recommendation Model was paused - this would be the time - the pause was initiated. - readOnly: true - type: string - format: google-datetime - type: + What kind of diversity to use - data driven or rule based. If unset, + the server behavior defaults to RULE_BASED_DIVERSITY. + enumDescriptions: + - Default value. + - Rule based diversity. + - Data driven diversity. + solutionTypes: + type: array + items: + type: string + enumDescriptions: + - Default value. + - Used for Recommendations AI. + - Used for Retail Search. + enum: + - SOLUTION_TYPE_UNSPECIFIED + - SOLUTION_TYPE_RECOMMENDATION + - SOLUTION_TYPE_SEARCH description: >- - Required. The type of model e.g. `home-page`. Currently supported - values: `recommended-for-you`, `others-you-may-like`, - `frequently-bought-together`, `page-optimization`, `similar-items`, - `buy-it-again`, `on-sale-items`, and `recently-viewed`(readonly - value). This field together with optimization_objective describe - model metadata to use to control model training and serving. See - https://cloud.google.com/retail/docs/models for more details on what - the model metadata control and which combination of parameters are - valid. For invalid combinations of parameters (e.g. type = - `frequently-bought-together` and optimization_objective = `ctr`), - you receive an error 400 if you try to create/update a - recommendation with this set of knobs. - type: string - optimizationObjective: + Required. Immutable. Specifies the solution types that a serving + config can be associated with. Currently we support setting only one + type of solution. + displayName: description: >- - Optional. The optimization objective e.g. `cvr`. Currently supported - values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we - choose default based on model type. Default depends on type of - recommendation: `recommended-for-you` => `ctr` `others-you-may-like` - => `ctr` `frequently-bought-together` => `revenue_per_order` This - field together with optimization_objective describe model metadata - to use to control model training and serving. See - https://cloud.google.com/retail/docs/models for more details on what - the model metadata control and which combination of parameters are - valid. For invalid combinations of parameters (e.g. type = - `frequently-bought-together` and optimization_objective = `ctr`), - you receive an error 400 if you try to create/update a - recommendation with this set of knobs. + Required. The human readable serving config display name. Used in + Retail UI. This field must be a UTF-8 encoded string with a length + limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is + returned. type: string - periodicTuningState: + replacementControlIds: + items: + type: string + type: array description: >- - Optional. The state of periodic tuning. The period we use is 3 - months - to do a one-off tune earlier use the `TuneModel` method. - Default value is `PERIODIC_TUNING_ENABLED`. - type: string - enumDescriptions: - - Unspecified default value, should never be explicitly set. - - >- - The model has periodic tuning disabled. Tuning can be reenabled by - calling the `EnableModelPeriodicTuning` method or by calling the - `TuneModel` method. - - >- - The model cannot be tuned with periodic tuning OR the `TuneModel` - method. Hide the options in customer UI and reject any requests - through the backend self serve API. - - >- - The model has periodic tuning enabled. Tuning can be disabled by - calling the `DisableModelPeriodicTuning` method. - enum: - - PERIODIC_TUNING_STATE_UNSPECIFIED - - PERIODIC_TUNING_DISABLED - - ALL_TUNING_DISABLED - - PERIODIC_TUNING_ENABLED - lastTuneTime: - description: Output only. The timestamp when the latest successful tune finished. - readOnly: true - type: string - format: google-datetime - tuningOperation: + Condition replacement specifications. - Applied according to the + order in the list. - A previously replaced term can not be + re-replaced. - Maximum number of specifications is 100. Can only be + set if solution_types is SOLUTION_TYPE_SEARCH. + twowaySynonymsControlIds: + type: array description: >- - Output only. The tune operation associated with the model. Can be - used to determine if there is an ongoing tune for this - recommendation. Empty field implies no tune is goig on. - readOnly: true - type: string - dataState: + Condition synonyms specifications. If multiple syonyms conditions + match, all matching synonyms control in the list will execute. Order + of controls in the list will not matter. Maximum number of + specifications is 100. Can only be set if solution_types is + SOLUTION_TYPE_SEARCH. + items: + type: string + filterControlIds: + type: array description: >- - Output only. The state of data requirements for this model: - `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained - if the data is in `DATA_ERROR` state. Recommendation model can have - `DATA_ERROR` state even if serving state is `ACTIVE`: models were - trained successfully before, but cannot be refreshed because model - no longer has sufficient data for training. - readOnly: true - type: string - enumDescriptions: - - Unspecified default value, should never be explicitly set. - - The model has sufficient training data. - - >- - The model does not have sufficient training data. Error messages - can be queried via Stackdriver. - enum: - - DATA_STATE_UNSPECIFIED - - DATA_OK - - DATA_ERROR - filteringOption: + Condition filter specifications. If a product matches multiple + conditions in the specifications, filters from these specifications + are all applied and combined via the AND operator. Maximum number of + specifications is 100. Can only be set if solution_types is + SOLUTION_TYPE_SEARCH. + items: + type: string + ignoreControlIds: + type: array description: >- - Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation - filtering by attributes is enabled for the model. + Condition ignore specifications. If multiple ignore conditions + match, all matching ignore controls in the list will execute. - + Order does not matter. - Maximum number of specifications is 100. + Can only be set if solution_types is SOLUTION_TYPE_SEARCH. + items: + type: string + diversityLevel: type: string - enumDescriptions: - - >- - Value used when unset. In this case, server behavior defaults to - RECOMMENDATIONS_FILTERING_DISABLED. - - Recommendation filtering is disabled. - - Recommendation filtering is enabled. - enum: - - RECOMMENDATIONS_FILTERING_OPTION_UNSPECIFIED - - RECOMMENDATIONS_FILTERING_DISABLED - - RECOMMENDATIONS_FILTERING_ENABLED - servingConfigLists: description: >- - Output only. The list of valid serving configs associated with the - PageOptimizationConfig. - readOnly: true - type: array + How much diversity to use in recommendation model results e.g. + `medium-diversity` or `high-diversity`. Currently supported values: + * `no-diversity` * `low-diversity` * `medium-diversity` * + `high-diversity` * `auto-diversity` If not specified, we choose + default based on recommendation model type. Default value: + `no-diversity`. Can only be set if solution_types is + SOLUTION_TYPE_RECOMMENDATION. + onewaySynonymsControlIds: items: - $ref: '#/components/schemas/GoogleCloudRetailV2ModelServingConfigList' - modelFeaturesConfig: - description: Optional. Additional model features config. - $ref: '#/components/schemas/GoogleCloudRetailV2ModelModelFeaturesConfig' - GoogleCloudRetailV2ModelServingConfigList: - id: GoogleCloudRetailV2ModelServingConfigList - description: >- - Represents an ordered combination of valid serving configs, which can be - used for `PAGE_OPTIMIZATION` recommendations. - type: object - properties: - servingConfigIds: + type: string description: >- - Optional. A set of valid serving configs that may be used for - `PAGE_OPTIMIZATION`. + Condition oneway synonyms specifications. If multiple oneway + synonyms conditions match, all matching oneway synonyms controls in + the list will execute. Order of controls in the list will not + matter. Maximum number of specifications is 100. Can only be set if + solution_types is SOLUTION_TYPE_SEARCH. + type: array + facetControlIds: + description: >- + Facet specifications for faceted search. If empty, no facets are + returned. The ids refer to the ids of Control resources with only + the Facet control set. These controls are assumed to be in the same + Catalog as the ServingConfig. A maximum of 100 values are allowed. + Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if + solution_types is SOLUTION_TYPE_SEARCH. type: array items: type: string - GoogleCloudRetailV2ModelModelFeaturesConfig: - id: GoogleCloudRetailV2ModelModelFeaturesConfig - description: Additional model features config. - type: object - properties: - frequentlyBoughtTogetherConfig: - description: Additional configs for frequently-bought-together models. + dynamicFacetSpec: $ref: >- - #/components/schemas/GoogleCloudRetailV2ModelFrequentlyBoughtTogetherFeaturesConfig - GoogleCloudRetailV2ModelFrequentlyBoughtTogetherFeaturesConfig: - id: GoogleCloudRetailV2ModelFrequentlyBoughtTogetherFeaturesConfig - description: Additional configs for the frequently-bought-together model type. + #/components/schemas/GoogleCloudRetailV2SearchRequestDynamicFacetSpec + description: >- + The specification for dynamically generated facets. Notice that only + textual facets can be dynamically generated. Can only be set if + solution_types is SOLUTION_TYPE_SEARCH. + ignoreRecsDenylist: + type: boolean + description: >- + When the flag is enabled, the products in the denylist will not be + filtered out in the recommendation filtering results. + description: >- + Configures metadata that is used to generate serving time results (e.g. + search results or recommendation predictions). type: object + GoogleCloudRetailV2ImportProductsRequest: + description: Request message for Import methods. + id: GoogleCloudRetailV2ImportProductsRequest properties: - contextProductsType: + errorsConfig: + description: The desired location of errors incurred during the Import. + $ref: '#/components/schemas/GoogleCloudRetailV2ImportErrorsConfig' + reconciliationMode: + enum: + - RECONCILIATION_MODE_UNSPECIFIED + - INCREMENTAL + - FULL description: >- - Optional. Specifies the context of the model when it is used in - predict requests. Can only be set for the - `frequently-bought-together` type. If it isn't specified, it - defaults to MULTIPLE_CONTEXT_PRODUCTS. + The mode of reconciliation between existing products and the + products to be imported. Defaults to ReconciliationMode.INCREMENTAL. type: string enumDescriptions: + - Defaults to INCREMENTAL. + - Inserts new products or updates existing products. - >- - Unspecified default value, should never be explicitly set. - Defaults to MULTIPLE_CONTEXT_PRODUCTS. - - >- - Use only a single product as context for the recommendation. - Typically used on pages like add-to-cart or product details. - - >- - Use one or multiple products as context for the recommendation. - Typically used on shopping cart pages. - enum: - - CONTEXT_PRODUCTS_TYPE_UNSPECIFIED - - SINGLE_CONTEXT_PRODUCT - - MULTIPLE_CONTEXT_PRODUCTS - GoogleCloudRetailV2PauseModelRequest: - id: GoogleCloudRetailV2PauseModelRequest - description: Request for pausing training of a model. - type: object - properties: {} - GoogleCloudRetailV2ResumeModelRequest: - id: GoogleCloudRetailV2ResumeModelRequest - description: Request for resuming training of a model. + Calculates diff and replaces the entire product dataset. Existing + products may be deleted if they are not present in the source + location. + updateMask: + type: string + description: >- + Indicates which fields in the provided imported `products` to + update. If not set, all fields are updated. If provided, only the + existing product fields are updated. Missing products will not be + created. + format: google-fieldmask + notificationPubsubTopic: + type: string + description: >- + Full Pub/Sub topic name for receiving notification. If this field is + set, when the import is finished, a notification is sent to + specified Pub/Sub topic. The message data is JSON string of a + Operation. Format of the Pub/Sub topic is + `projects/{project}/topics/{topic}`. It has to be within the same + project as ImportProductsRequest.parent. Make sure that both + `cloud-retail-customer-data-access@system.gserviceaccount.com` and + `service-@gcp-sa-retail.iam.gserviceaccount.com` have the + `pubsub.topics.publish` IAM permission on the topic. Only supported + when ImportProductsRequest.reconciliation_mode is set to `FULL`. + requestId: + description: Deprecated. This field has no effect. + deprecated: true + type: string + inputConfig: + description: Required. The desired input location of the data. + $ref: '#/components/schemas/GoogleCloudRetailV2ProductInputConfig' type: object - properties: {} - GoogleCloudRetailV2ListModelsResponse: - id: GoogleCloudRetailV2ListModelsResponse - description: Response to a ListModelRequest. + GoogleCloudRetailV2betaTuneModelMetadata: type: object + id: GoogleCloudRetailV2betaTuneModelMetadata properties: - models: - description: List of Models. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2Model' - nextPageToken: - description: Pagination token, if not returned indicates the last page. + model: + description: >- + The resource name of the model that this tune applies to. Format: + `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` type: string - GoogleCloudRetailV2TuneModelRequest: - id: GoogleCloudRetailV2TuneModelRequest + description: Metadata associated with a tune operation. + GoogleCloudRetailV2RemoveControlRequest: + description: Request for RemoveControl method. + id: GoogleCloudRetailV2RemoveControlRequest + properties: + controlId: + type: string + description: >- + Required. The id of the control to apply. Assumed to be in the same + catalog as the serving config. + type: object + GoogleCloudRetailV2SetInventoryMetadata: + id: GoogleCloudRetailV2SetInventoryMetadata description: >- - Request to manually start a tuning process now (instead of waiting for - the periodically scheduled tuning to happen). + Metadata related to the progress of the SetInventory operation. + Currently empty because there is no meaningful metadata populated from + the ProductService.SetInventory method. type: object properties: {} - GoogleCloudRetailV2UserEvent: - id: GoogleCloudRetailV2UserEvent + GoogleCloudRetailV2alphaExportMetadata: description: >- - UserEvent captures all metadata information Retail API needs to know - about how end users interact with customers' website. + Metadata related to the progress of the Export operation. This is + returned by the google.longrunning.Operation.metadata field. + id: GoogleCloudRetailV2alphaExportMetadata type: object properties: - eventType: - description: >- - Required. User event type. Allowed values are: * `add-to-cart`: - Products being added to cart. * `remove-from-cart`: Products being - removed from cart. * `category-page-view`: Special pages such as - sale or promotion pages viewed. * `detail-page-view`: Products - detail page viewed. * `home-page-view`: Homepage viewed. * - `purchase-complete`: User finishing a purchase. * `search`: Product - search. * `shopping-cart-page-view`: User viewing a shopping cart. - type: string - visitorId: - description: >- - Required. A unique identifier for tracking visitors. For example, - this could be implemented with an HTTP cookie, which should be able - to uniquely identify a visitor on a single device. This unique - identifier should not change if the visitor log in/out of the - website. Don't set the field to the same fixed ID for different - users. This mixes the event history of those users together, which - results in degraded model quality. The field must be a UTF-8 encoded - string with a length limit of 128 characters. Otherwise, an - INVALID_ARGUMENT error is returned. The field should not contain PII - or user-data. We recommend to use Google Analytics [Client - ID](https://developers.google.com/analytics/devguides/collection/analyticsjs/field-reference#clientId) - for this field. - type: string - sessionId: - description: >- - A unique identifier for tracking a visitor session with a length - limit of 128 bytes. A session is an aggregation of an end user - behavior in a time span. A general guideline to populate the - session_id: 1. If user has no activity for 30 min, a new session_id - should be assigned. 2. The session_id should be unique across users, - suggest use uuid or add visitor_id as prefix. - type: string - eventTime: - description: >- - Only required for UserEventService.ImportUserEvents method. - Timestamp of when the user event happened. + updateTime: type: string format: google-datetime - experimentIds: - description: >- - A list of identifiers for the independent experiment groups this - user event belongs to. This is used to distinguish between user - events associated with different experiment setups (e.g. using - Retail API, using different recommendation models). - type: array - items: - type: string - attributionToken: description: >- - Highly recommended for user events that are the result of - PredictionService.Predict. This field enables accurate attribution - of recommendation model performance. The value must be a valid - PredictResponse.attribution_token for user events that are the - result of PredictionService.Predict. The value must be a valid - SearchResponse.attribution_token for user events that are the result - of SearchService.Search. This token enables us to accurately - attribute page view or purchase back to the event and the particular - predict response containing this clicked/purchased product. If user - clicks on product K in the recommendation results, pass - PredictResponse.attribution_token as a URL parameter to product K's - page. When recording events on product K's page, log the - PredictResponse.attribution_token to this field. + Operation last update time. If the operation is done, this is also + the finish time. + createTime: + description: Operation create time. + format: google-datetime type: string - productDetails: - description: >- - The main product details related to the event. This field is - optional except for the following event types: * `add-to-cart` * - `detail-page-view` * `purchase-complete` In a `search` event, this - field represents the products returned to the end user on the - current page (the end user may have not finished browsing the whole - page yet). When a new page is returned to the end user, after - pagination/filtering/ordering even for the same query, a new - `search` event with different product_details is desired. The end - user may have not finished browsing the whole page yet. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2ProductDetail' - completionDetail: + GoogleCloudRetailV2GenerativeQuestionsFeatureConfig: + description: Configuration for overall generative question feature state. + id: GoogleCloudRetailV2GenerativeQuestionsFeatureConfig + properties: + catalog: description: >- - The main auto-completion details related to the event. This field - should be set for `search` event when autocomplete function is - enabled and the user clicks a suggestion for search. - $ref: '#/components/schemas/GoogleCloudRetailV2CompletionDetail' - attributes: + Required. Resource name of the affected catalog. Format: + projects/{project}/locations/{location}/catalogs/{catalog} + type: string + minimumProducts: + type: integer description: >- - Extra user event features to include in the recommendation model. If - you provide custom attributes for ingested user events, also include - them in the user events that you associate with prediction requests. - Custom attribute formatting must be consistent between imported - events and events provided with prediction requests. This lets the - Retail API use those custom attributes when training models and - serving predictions, which helps improve recommendation quality. - This field needs to pass all below criteria, otherwise an - INVALID_ARGUMENT error is returned: * The key must be a UTF-8 - encoded string with a length limit of 5,000 characters. * For text - attributes, at most 400 values are allowed. Empty values are not - allowed. Each value must be a UTF-8 encoded string with a length - limit of 256 characters. * For number attributes, at most 400 values - are allowed. For product recommendations, an example of extra user - information is traffic_channel, which is how a user arrives at the - site. Users can arrive at the site by coming to the site directly, - coming through Google search, or in other ways. - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudRetailV2CustomAttribute' - cartId: + Optional. Minimum number of products in the response to trigger + follow-up questions. Value must be 0 or positive. + format: int32 + featureEnabled: description: >- - The ID or name of the associated shopping cart. This ID is used to - associate multiple items added or present in the cart before - purchase. This can only be set for `add-to-cart`, - `purchase-complete`, or `shopping-cart-page-view` events. + Optional. Determines whether questions will be used at serving time. + Note: This feature cannot be enabled until initial data requirements + are satisfied. + type: boolean + type: object + GoogleCloudRetailV2Model: + type: object + id: GoogleCloudRetailV2Model + description: >- + Metadata that describes the training and serving parameters of a Model. + A Model can be associated with a ServingConfig and then queried through + the Predict API. + properties: + servingState: + description: 'Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.' + enum: + - SERVING_STATE_UNSPECIFIED + - INACTIVE + - ACTIVE + - TUNED + enumDescriptions: + - Unspecified serving state. + - The model is not serving. + - The model is serving and can be queried. + - The model is trained on tuned hyperparameters and can be queried. + readOnly: true type: string - purchaseTransaction: + optimizationObjective: description: >- - A transaction represents the entire purchase transaction. Required - for `purchase-complete` events. Other event types should not set - this field. Otherwise, an INVALID_ARGUMENT error is returned. - $ref: '#/components/schemas/GoogleCloudRetailV2PurchaseTransaction' - searchQuery: + Optional. The optimization objective e.g. `cvr`. Currently supported + values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we + choose default based on model type. Default depends on type of + recommendation: `recommended-for-you` => `ctr` `others-you-may-like` + => `ctr` `frequently-bought-together` => `revenue_per_order` This + field together with optimization_objective describe model metadata + to use to control model training and serving. See + https://cloud.google.com/retail/docs/models for more details on what + the model metadata control and which combination of parameters are + valid. For invalid combinations of parameters (e.g. type = + `frequently-bought-together` and optimization_objective = `ctr`), + you receive an error 400 if you try to create/update a + recommendation with this set of knobs. + type: string + tuningOperation: + readOnly: true + type: string description: >- - The user's search query. See SearchRequest.query for definition. The - value must be a UTF-8 encoded string with a length limit of 5,000 - characters. Otherwise, an INVALID_ARGUMENT error is returned. At - least one of search_query or page_categories is required for - `search` events. Other event types should not set this field. - Otherwise, an INVALID_ARGUMENT error is returned. + Output only. The tune operation associated with the model. Can be + used to determine if there is an ongoing tune for this + recommendation. Empty field implies no tune is goig on. + displayName: + description: >- + Required. The display name of the model. Should be human readable, + used to display Recommendation Models in the Retail Cloud Console + Dashboard. UTF-8 encoded string with limit of 1024 characters. type: string - filter: + filteringOption: description: >- - The filter syntax consists of an expression language for - constructing a predicate from one or more fields of the products - being filtered. See SearchRequest.filter for definition and syntax. - The value must be a UTF-8 encoded string with a length limit of - 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. + Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation + filtering by attributes is enabled for the model. + enumDescriptions: + - >- + Value used when unset. In this case, server behavior defaults to + RECOMMENDATIONS_FILTERING_DISABLED. + - Recommendation filtering is disabled. + - Recommendation filtering is enabled. + type: string + enum: + - RECOMMENDATIONS_FILTERING_OPTION_UNSPECIFIED + - RECOMMENDATIONS_FILTERING_DISABLED + - RECOMMENDATIONS_FILTERING_ENABLED + modelFeaturesConfig: + $ref: '#/components/schemas/GoogleCloudRetailV2ModelModelFeaturesConfig' + description: Optional. Additional model features config. + type: type: string - orderBy: description: >- - The order in which products are returned. See SearchRequest.order_by - for definition and syntax. The value must be a UTF-8 encoded string - with a length limit of 1,000 characters. Otherwise, an - INVALID_ARGUMENT error is returned. This can only be set for - `search` events. Other event types should not set this field. - Otherwise, an INVALID_ARGUMENT error is returned. + Required. The type of model e.g. `home-page`. Currently supported + values: `recommended-for-you`, `others-you-may-like`, + `frequently-bought-together`, `page-optimization`, `similar-items`, + `buy-it-again`, `on-sale-items`, and `recently-viewed`(readonly + value). This field together with optimization_objective describe + model metadata to use to control model training and serving. See + https://cloud.google.com/retail/docs/models for more details on what + the model metadata control and which combination of parameters are + valid. For invalid combinations of parameters (e.g. type = + `frequently-bought-together` and optimization_objective = `ctr`), + you receive an error 400 if you try to create/update a + recommendation with this set of knobs. + lastTuneTime: + format: google-datetime + description: Output only. The timestamp when the latest successful tune finished. + readOnly: true type: string - offset: + createTime: + format: google-datetime + type: string + readOnly: true + description: Output only. Timestamp the Recommendation Model was created at. + updateTime: description: >- - An integer that specifies the current offset for pagination (the - 0-indexed starting location, amongst the products deemed by the API - as relevant). See SearchRequest.offset for definition. If this field - is negative, an INVALID_ARGUMENT is returned. This can only be set - for `search` events. Other event types should not set this field. - Otherwise, an INVALID_ARGUMENT error is returned. - type: integer - format: int32 - pageCategories: + Output only. Timestamp the Recommendation Model was last updated. + E.g. if a Recommendation Model was paused - this would be the time + the pause was initiated. + format: google-datetime + readOnly: true + type: string + name: + type: string description: >- - The categories associated with a category page. To represent full - path of category, use '>' sign to separate different hierarchies. If - '>' is part of the category name, replace it with other - character(s). Category pages include special pages such as sales or - promotions. For instance, a special sale page may have the category - hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. - Required for `category-page-view` events. At least one of - search_query or page_categories is required for `search` events. - Other event types should not set this field. Otherwise, an - INVALID_ARGUMENT error is returned. + Required. The fully qualified resource name of the model. Format: + `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` + catalog_id has char limit of 50. recommendation_model_id has char + limit of 40. + servingConfigLists: + readOnly: true type: array items: - type: string - userInfo: - description: User information. - $ref: '#/components/schemas/GoogleCloudRetailV2UserInfo' - uri: + $ref: '#/components/schemas/GoogleCloudRetailV2ModelServingConfigList' description: >- - Complete URL (window.location.href) of the user's current page. When - using the client side event reporting with JavaScript pixel and - Google Tag Manager, this value is filled in automatically. Maximum - length 5,000 characters. + Output only. The list of valid serving configs associated with the + PageOptimizationConfig. + dataState: + description: >- + Output only. The state of data requirements for this model: + `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained + if the data is in `DATA_ERROR` state. Recommendation model can have + `DATA_ERROR` state even if serving state is `ACTIVE`: models were + trained successfully before, but cannot be refreshed because model + no longer has sufficient data for training. + readOnly: true + enumDescriptions: + - Unspecified default value, should never be explicitly set. + - The model has sufficient training data. + - >- + The model does not have sufficient training data. Error messages + can be queried via Stackdriver. type: string - referrerUri: + enum: + - DATA_STATE_UNSPECIFIED + - DATA_OK + - DATA_ERROR + periodicTuningState: + enumDescriptions: + - Unspecified default value, should never be explicitly set. + - >- + The model has periodic tuning disabled. Tuning can be reenabled by + calling the `EnableModelPeriodicTuning` method or by calling the + `TuneModel` method. + - >- + The model cannot be tuned with periodic tuning OR the `TuneModel` + method. Hide the options in customer UI and reject any requests + through the backend self serve API. + - >- + The model has periodic tuning enabled. Tuning can be disabled by + calling the `DisableModelPeriodicTuning` method. + type: string + enum: + - PERIODIC_TUNING_STATE_UNSPECIFIED + - PERIODIC_TUNING_DISABLED + - ALL_TUNING_DISABLED + - PERIODIC_TUNING_ENABLED description: >- - The referrer URL of the current page. When using the client side - event reporting with JavaScript pixel and Google Tag Manager, this - value is filled in automatically. + Optional. The state of periodic tuning. The period we use is 3 + months - to do a one-off tune earlier use the `TuneModel` method. + Default value is `PERIODIC_TUNING_ENABLED`. + trainingState: + description: >- + Optional. The training state that the model is in (e.g. `TRAINING` + or `PAUSED`). Since part of the cost of running the service is + frequency of training - this can be used to determine when to train + model in order to control cost. If not specified: the default value + for `CreateModel` method is `TRAINING`. The default value for + `UpdateModel` method is to keep the state the same as before. type: string - pageViewId: - description: >- - A unique ID of a web page view. This should be kept the same for all - user events triggered from the same pageview. For example, an item - detail page view could trigger multiple events as the user is - browsing the page. The `pageViewId` property should be kept the same - for all these events so that they can be grouped together properly. - When using the client side event reporting with JavaScript pixel and - Google Tag Manager, this value is filled in automatically. + enumDescriptions: + - Unspecified training state. + - The model training is paused. + - The model is training. + enum: + - TRAINING_STATE_UNSPECIFIED + - PAUSED + - TRAINING + GoogleCloudRetailV2ListServingConfigsResponse: + properties: + nextPageToken: type: string - entity: - description: >- - The entity for customers that may run multiple different entities, - domains, sites or regions, for example, `Google US`, `Google Ads`, - `Waymo`, `google.com`, `youtube.com`, etc. We recommend that you set - this field to get better per-entity search, completion, and - prediction results. + description: Pagination token, if not returned indicates the last page. + servingConfigs: + items: + $ref: '#/components/schemas/GoogleCloudRetailV2ServingConfig' + type: array + description: All the ServingConfigs for a given catalog. + type: object + description: Response for ListServingConfigs method. + id: GoogleCloudRetailV2ListServingConfigsResponse + GoogleCloudRetailLoggingSourceLocation: + id: GoogleCloudRetailLoggingSourceLocation + properties: + functionName: type: string - panels: description: >- - Optional. List of panels associated with this event. Used for - panel-level impression data. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2PanelInfo' - GoogleCloudRetailV2ProductDetail: - id: GoogleCloudRetailV2ProductDetail - description: Detailed product information associated with a user event. + Human-readable name of a function or method. For example, + "google.cloud.retail.v2.UserEventService.ImportUserEvents". + description: >- + Indicates a location in the source code of the service for which errors + are reported. + type: object + GoogleCloudRetailV2SearchRequestTileNavigationSpec: type: object + id: GoogleCloudRetailV2SearchRequestTileNavigationSpec properties: - product: + appliedTiles: description: >- - Required. Product information. Required field(s): * Product.id - Optional override field(s): * Product.price_info If any supported - optional fields are provided, we will treat them as a full override - when looking up product information from the catalog. Thus, it is - important to ensure that the overriding fields are accurate and - complete. All other product fields are ignored and instead populated - via catalog lookup after event ingestion. - $ref: '#/components/schemas/GoogleCloudRetailV2Product' - quantity: + This optional field specifies the tiles which are already clicked in + client side. While the feature works without this field set, + particularly for an initial query, it is highly recommended to set + this field because it can improve the quality of the search response + and removes possible duplicate tiles. NOTE: This field is not being + used for filtering search products. Client side should also put all + the applied tiles in SearchRequest.filter. + type: array + items: + $ref: '#/components/schemas/GoogleCloudRetailV2Tile' + tileNavigationRequested: + type: boolean description: >- - Quantity of the product associated with the user event. For example, - this field will be 2 if two products are added to the shopping cart - for `purchase-complete` event. Required for `add-to-cart` and - `purchase-complete` event types. - type: integer - format: int32 - GoogleCloudRetailV2CompletionDetail: - id: GoogleCloudRetailV2CompletionDetail + This field specifies whether the customer would like to request tile + navigation. + description: This field specifies tile navigation related parameters. + GoogleCloudRetailV2betaExportUserEventsResponse: description: >- - Detailed completion information including completion attribution token - and clicked completion info. + Response of the ExportUserEventsRequest. If the long running operation + was successful, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. + id: GoogleCloudRetailV2betaExportUserEventsResponse type: object properties: - completionAttributionToken: - description: >- - Completion attribution token in - CompleteQueryResponse.attribution_token. + errorsConfig: + description: This field is never set. + $ref: '#/components/schemas/GoogleCloudRetailV2betaExportErrorsConfig' + errorSamples: + type: array + items: + $ref: '#/components/schemas/GoogleRpcStatus' + description: A sample of errors encountered while processing the request. + outputResult: + $ref: '#/components/schemas/GoogleCloudRetailV2betaOutputResult' + description: Output result indicating where the data were exported to. + GoogleCloudRetailV2betaBigQueryOutputResult: + id: GoogleCloudRetailV2betaBigQueryOutputResult + description: A BigQuery output result. + type: object + properties: + datasetId: type: string - selectedSuggestion: - description: End user selected CompleteQueryResponse.CompletionResult.suggestion. + description: The ID of a BigQuery Dataset. + tableId: type: string - selectedPosition: - description: >- - End user selected CompleteQueryResponse.CompletionResult.suggestion - position, starting from 0. - type: integer - format: int32 - GoogleCloudRetailV2PurchaseTransaction: - id: GoogleCloudRetailV2PurchaseTransaction - description: A transaction represents the entire purchase transaction. + description: The ID of a BigQuery Table. + GoogleCloudRetailV2PinControlMetadataProductPins: type: object properties: - id: - description: The transaction ID with a length limit of 128 characters. + productId: + type: array + description: List of product ids which have associated pins. + items: + type: string + id: GoogleCloudRetailV2PinControlMetadataProductPins + description: List of product ids which have associated pins. + GoogleCloudRetailV2alphaEnrollSolutionResponse: + properties: + enrolledSolution: type: string - revenue: + description: Retail API solution that the project has enrolled. + enumDescriptions: + - Default value. + - Used for Recommendations AI. + - Used for Retail Search. + enum: + - SOLUTION_TYPE_UNSPECIFIED + - SOLUTION_TYPE_RECOMMENDATION + - SOLUTION_TYPE_SEARCH + id: GoogleCloudRetailV2alphaEnrollSolutionResponse + type: object + description: Response for EnrollSolution method. + GoogleCloudRetailV2alphaImportProductsResponse: + properties: + errorSamples: + type: array + description: A sample of errors encountered while processing the request. + items: + $ref: '#/components/schemas/GoogleRpcStatus' + errorsConfig: description: >- - Required. Total non-zero revenue or grand total associated with the - transaction. This value include shipping, tax, or other adjustments - to total revenue that you want to include as part of your revenue - calculations. - type: number - format: float - tax: - description: All the taxes associated with the transaction. - type: number - format: float - cost: + Echoes the destination for the complete errors in the request if + set. + $ref: '#/components/schemas/GoogleCloudRetailV2alphaImportErrorsConfig' + id: GoogleCloudRetailV2alphaImportProductsResponse + type: object + description: >- + Response of the ImportProductsRequest. If the long running operation is + done, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. + GoogleCloudRetailV2RulePinAction: + properties: + pinMap: + type: object + additionalProperties: + type: string description: >- - All the costs associated with the products. These can be - manufacturing costs, shipping expenses not borne by the end user, or - any other costs, such that: * Profit = revenue - tax - cost - type: number - format: float - currencyCode: - description: Required. Currency code. Use three-character ISO-4217 code. - type: string - GoogleCloudRetailV2PanelInfo: - id: GoogleCloudRetailV2PanelInfo - description: Detailed panel information associated with a user event. + Required. A map of positions to product_ids. Partial matches per + action are allowed, if a certain position in the map is already + filled that `[position, product_id]` pair will be ignored but the + rest may still be applied. This case will only occur if multiple pin + actions are matched to a single request, as the map guarantees that + pin positions are unique within the same action. Duplicate + product_ids are not permitted within a single pin map. The max size + of this map is 120, equivalent to the max [request page + size](https://cloud.google.com/retail/docs/reference/rest/v2/projects.locations.catalogs.placements/search#request-body). + type: object + id: GoogleCloudRetailV2RulePinAction + description: >- + Pins one or more specified products to a specific position in the + results. * Rule Condition: Must specify non-empty Condition.query_terms + (for search only) or Condition.page_categories (for browse only), but + can't specify both. * Action Input: mapping of `[pin_position, + product_id]` pairs (pin position uses 1-based indexing). * Action + Result: Will pin products with matching ids to the position specified in + the final result order. Example: Suppose the query is `shoes`, the + Condition.query_terms is `shoes` and the pin_map has `{1, "pid1"}`, then + product with `pid1` will be pinned to the top position in the final + results. If multiple PinActions are matched to a single request the + actions will be processed from most to least recently updated. Pins to + positions larger than the max allowed page size of 120 are not allowed. + GoogleCloudRetailV2PurgeMetadata: + properties: {} + id: GoogleCloudRetailV2PurgeMetadata type: object + description: >- + Metadata related to the progress of the Purge operation. This will be + returned by the google.longrunning.Operation.metadata field. + GoogleCloudRetailV2ConversationalSearchResponse: properties: - panelId: - description: Required. The panel ID. + followupQuestion: + description: >- + The conversational followup question generated for Intent + refinement. + $ref: >- + #/components/schemas/GoogleCloudRetailV2ConversationalSearchResponseFollowupQuestion + conversationId: type: string - displayName: - description: Optional. The display name of the panel. + description: >- + Conversation UUID. This field will be stored in client side storage + to maintain the conversation session with server and will be used + for next search request's + ConversationalSearchRequest.conversation_id to restore conversation + state in server. + conversationalFilteringResult: + description: >- + This field specifies all related information that is needed on + client side for UI rendering of conversational filtering search. + $ref: >- + #/components/schemas/GoogleCloudRetailV2ConversationalSearchResponseConversationalFilteringResult + state: + description: Output only. The state of the response generation. type: string - productDetails: - description: Optional. The product details associated with the panel. - type: array + enumDescriptions: + - Unknown. + - Response generation is being streamed. + - Response generation has succeeded. + readOnly: true + enum: + - STATE_UNSPECIFIED + - STREAMING + - SUCCEEDED + refinedSearch: items: - $ref: '#/components/schemas/GoogleCloudRetailV2ProductDetail' - totalPanels: + $ref: >- + #/components/schemas/GoogleCloudRetailV2ConversationalSearchResponseRefinedSearch description: >- - Optional. The total number of panels, including this one, shown to - the user. Must be set if panel_position is set. - type: integer - format: int32 - panelPosition: + The proposed refined search queries. They can be used to fetch the + relevant search results. When using CONVERSATIONAL_FILTER_ONLY mode, + the refined_query from search response will be populated here. + type: array + conversationalTextResponse: description: >- - Optional. The ordered position of the panel, if shown to the user - with other panels. If set, then total_panels must also be set. - type: integer - format: int32 - attributionToken: - description: Optional. The attribution token of the panel. + The conversational answer-based text response generated by the + Server. type: string - GoogleApiHttpBody: - id: GoogleApiHttpBody + userQueryTypes: + type: array + items: + type: string + description: >- + The types Retail classifies the search query as. Supported values + are: - "ORDER_SUPPORT" - "SIMPLE_PRODUCT_SEARCH" - + "INTENT_REFINEMENT" - "PRODUCT_DETAILS" - "PRODUCT_COMPARISON" - + "DEALS_AND_COUPONS" - "STORE_RELEVANT" - "BLOCKLISTED" - + "BEST_PRODUCT" - "RETAIL_SUPPORT" - "DISABLED" + type: object description: >- - Message that represents an arbitrary HTTP body. It should only be used - for payload formats that can't be represented as JSON, such as raw - binary or an HTML page. This message can be used both in streaming and - non-streaming API methods in the request as well as the response. It can - be used as a top-level request field, which is convenient if one wants - to extract parameters from either the URL or HTTP template into the - request fields and also want access to the raw HTTP body. Example: - message GetResourceRequest { // A unique request id. string request_id = - 1; // The raw HTTP body is bound to this field. google.api.HttpBody - http_body = 2; } service ResourceService { rpc - GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc - UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } - Example with streaming methods: service CaldavService { rpc - GetCalendar(stream google.api.HttpBody) returns (stream - google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) - returns (stream google.api.HttpBody); } Use of this type only changes - how the request and response bodies are handled, all other features will - continue to work unchanged. + Response message for ConversationalSearchService.ConversationalSearch + method. + id: GoogleCloudRetailV2ConversationalSearchResponse + GoogleCloudRetailV2RuleRedirectAction: + description: >- + Redirects a shopper to a specific page. * Rule Condition: Must specify + Condition.query_terms. * Action Input: Request Query * Action Result: + Redirects shopper to provided uri. + id: GoogleCloudRetailV2RuleRedirectAction type: object properties: - contentType: + redirectUri: + description: URL must have length equal or less than 2000 characters. + type: string + GoogleCloudRetailV2TuneModelResponse: + type: object + id: GoogleCloudRetailV2TuneModelResponse + properties: {} + description: Response associated with a tune operation. + GoogleCloudRetailV2GetDefaultBranchResponse: + properties: + note: description: >- - The HTTP Content-Type header value specifying the content type of - the body. + This corresponds to SetDefaultBranchRequest.note field, when this + branch was set as default. type: string - data: - description: The HTTP request/response body as raw binary. + branch: + description: Full resource name of the branch id currently set as default branch. type: string - format: byte - extensions: - description: >- - Application specific response metadata. Must be set in the first - response for streaming APIs. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleCloudRetailV2CollectUserEventRequest: - id: GoogleCloudRetailV2CollectUserEventRequest - description: Request message for CollectUserEvent method. + setTime: + format: google-datetime + description: The time when this branch is set to default. + type: string + id: GoogleCloudRetailV2GetDefaultBranchResponse type: object + description: Response message of CatalogService.GetDefaultBranch. + GoogleCloudRetailV2alphaModelPageOptimizationConfigPanel: properties: - prebuiltRule: + candidates: + items: + $ref: >- + #/components/schemas/GoogleCloudRetailV2alphaModelPageOptimizationConfigCandidate + description: Required. The candidates to consider on the panel. + type: array + defaultCandidate: description: >- - The prebuilt rule name that can convert a specific type of raw_json. - For example: "ga4_bq" rule for the GA4 user event schema. + Required. The default candidate. If the model fails at serving time, + we fall back to the default. + $ref: >- + #/components/schemas/GoogleCloudRetailV2alphaModelPageOptimizationConfigCandidate + displayName: + description: Optional. The name to display for the panel. type: string - userEvent: - description: >- - Required. URL encoded UserEvent proto with a length limit of - 2,000,000 characters. + type: object + description: An individual panel with a list of ServingConfigs to consider for it. + id: GoogleCloudRetailV2alphaModelPageOptimizationConfigPanel + GoogleCloudRetailV2betaImportMetadata: + type: object + description: >- + Metadata related to the progress of the Import operation. This is + returned by the google.longrunning.Operation.metadata field. + properties: + createTime: + description: Operation create time. + type: string + format: google-datetime + notificationPubsubTopic: type: string - uri: description: >- - The URL including cgi-parameters but excluding the hash fragment - with a length limit of 5,000 characters. This is often more useful - than the referer URL, because many browsers only send the domain for - 3rd party requests. + Pub/Sub topic for receiving notification. If this field is set, when + the import is finished, a notification is sent to specified Pub/Sub + topic. The message data is JSON string of a Operation. Format of the + Pub/Sub topic is `projects/{project}/topics/{topic}`. + successCount: + format: int64 + description: Count of entries that were processed successfully. + type: string + requestId: + type: string + description: Deprecated. This field is never set. + deprecated: true + updateTime: type: string - ets: description: >- - The event timestamp in milliseconds. This prevents browser caching - of otherwise identical get requests. The name is abbreviated to - reduce the payload bytes. + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime + failureCount: + description: Count of entries that encountered errors while processing. + format: int64 type: string + id: GoogleCloudRetailV2betaImportMetadata + GoogleCloudRetailV2betaRejoinUserEventsResponse: + id: GoogleCloudRetailV2betaRejoinUserEventsResponse + description: Response message for `RejoinUserEvents` method. + properties: + rejoinedUserEventsCount: format: int64 - rawJson: - description: >- - An arbitrary serialized JSON string that contains necessary - information that can comprise a user event. When this field is - specified, the user_event field will be ignored. Note: - line-delimited JSON is not supported, a single JSON only. type: string - GoogleCloudRetailV2PurgeUserEventsRequest: - id: GoogleCloudRetailV2PurgeUserEventsRequest - description: Request message for PurgeUserEvents method. + description: Number of user events that were joined with latest product catalog. type: object + GoogleCloudRetailV2CompleteQueryResponse: properties: - filter: + attributeResults: description: >- - Required. The filter string to specify the events to be deleted with - a length limit of 5,000 characters. Empty string filter is not - allowed. The eligible fields for filtering are: * `eventType`: - Double quoted UserEvent.event_type string. * `eventTime`: in ISO - 8601 "zulu" format. * `visitorId`: Double quoted string. Specifying - this will delete all events associated with a visitor. * `userId`: - Double quoted string. Specifying this will delete all events - associated with a user. Examples: * Deleting all events in a time - range: `eventTime > "2012-04-23T18:25:43.511Z" eventTime < - "2012-04-23T18:30:43.511Z"` * Deleting specific eventType in time - range: `eventTime > "2012-04-23T18:25:43.511Z" eventType = - "detail-page-view"` * Deleting all events for a specific visitor: - `visitorId = "visitor1024"` The filtering fields are assumed to have - an implicit AND. - type: string - force: + A map of matched attribute suggestions. This field is only available + for `cloud-retail` dataset. Current supported keys: * `brands` * + `categories` + additionalProperties: + $ref: >- + #/components/schemas/GoogleCloudRetailV2CompleteQueryResponseAttributeResult + type: object + recentSearchResults: + deprecated: true + type: array description: >- - Actually perform the purge. If `force` is set to false, the method - will return the expected purge count without deleting any user - events. - type: boolean - GoogleCloudRetailV2ImportUserEventsRequest: - id: GoogleCloudRetailV2ImportUserEventsRequest - description: Request message for the ImportUserEvents request. - type: object - properties: - inputConfig: - description: Required. The desired input location of the data. - $ref: '#/components/schemas/GoogleCloudRetailV2UserEventInputConfig' - errorsConfig: + Deprecated. Matched recent searches of this user. The maximum number + of recent searches is 10. This field is a restricted feature. If you + want to enable it, contact Retail Search support. This feature is + only available when CompleteQueryRequest.visitor_id field is set and + UserEvent is imported. The recent searches satisfy the follow rules: + * They are ordered from latest to oldest. * They are matched with + CompleteQueryRequest.query case insensitively. * They are + transformed to lower case. * They are UTF-8 safe. Recent searches + are deduplicated. More recent searches will be reserved when + duplication happens. + items: + $ref: >- + #/components/schemas/GoogleCloudRetailV2CompleteQueryResponseRecentSearchResult + attributionToken: description: >- - The desired location of errors incurred during the Import. Cannot be - set for inline user event imports. - $ref: '#/components/schemas/GoogleCloudRetailV2ImportErrorsConfig' - GoogleCloudRetailV2UserEventInputConfig: - id: GoogleCloudRetailV2UserEventInputConfig - description: The input config source for user events. - type: object - properties: - userEventInlineSource: - description: Required. The Inline source for the input content for UserEvents. - $ref: '#/components/schemas/GoogleCloudRetailV2UserEventInlineSource' - gcsSource: - description: Required. Google Cloud Storage location for the input content. - $ref: '#/components/schemas/GoogleCloudRetailV2GcsSource' - bigQuerySource: - description: Required. BigQuery input source. - $ref: '#/components/schemas/GoogleCloudRetailV2BigQuerySource' - GoogleCloudRetailV2UserEventInlineSource: - id: GoogleCloudRetailV2UserEventInlineSource - description: The inline source for the input config for ImportUserEvents method. + A unique complete token. This should be included in the + UserEvent.completion_detail for search events resulting from this + completion, which enables accurate attribution of complete model + performance. + type: string + completionResults: + description: >- + Results of the matching suggestions. The result list is ordered and + the first result is top suggestion. + items: + $ref: >- + #/components/schemas/GoogleCloudRetailV2CompleteQueryResponseCompletionResult + type: array + description: Response of the autocomplete query. + id: GoogleCloudRetailV2CompleteQueryResponse type: object + GoogleCloudRetailV2ListCatalogsResponse: properties: - userEvents: - description: >- - Required. A list of user events to import. Recommended max of 10k - items. + catalogs: type: array items: - $ref: '#/components/schemas/GoogleCloudRetailV2UserEvent' - GoogleCloudRetailV2GcsSource: - id: GoogleCloudRetailV2GcsSource - description: Google Cloud Storage location for input content. + $ref: '#/components/schemas/GoogleCloudRetailV2Catalog' + description: All the customer's Catalogs. + nextPageToken: + type: string + description: >- + A token that can be sent as ListCatalogsRequest.page_token to + retrieve the next page. If this field is omitted, there are no + subsequent pages. + id: GoogleCloudRetailV2ListCatalogsResponse type: object + description: Response for CatalogService.ListCatalogs method. + GoogleCloudRetailV2ListModelsResponse: + id: GoogleCloudRetailV2ListModelsResponse + description: Response to a ListModelRequest. properties: - inputUris: - description: >- - Required. Google Cloud Storage URIs to input files. URI can be up to - 2000 characters long. URIs can match the full object path (for - example, `gs://bucket/directory/object.json`) or a pattern matching - one or more files, such as `gs://bucket/directory/*.json`. A request - can contain at most 100 files, and each file can be up to 2 GB. See - [Importing product - information](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog) - for the expected file format and setup instructions. + models: type: array items: - type: string - dataSchema: - description: >- - The schema to use when parsing the data from the source. Supported - values for product imports: * `product` (default): One JSON Product - per line. Each product must have a valid Product.id. * - `product_merchant_center`: See [Importing catalog data from Merchant - Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). - Supported values for user events imports: * `user_event` (default): - One JSON UserEvent per line. * `user_event_ga360`: Using - https://support.google.com/analytics/answer/3437719. Supported - values for control imports: * `control` (default): One JSON Control - per line. Supported values for catalog attribute imports: * - `catalog_attribute` (default): One CSV CatalogAttribute per line. + $ref: '#/components/schemas/GoogleCloudRetailV2Model' + description: List of Models. + nextPageToken: + description: Pagination token, if not returned indicates the last page. type: string - GoogleCloudRetailV2ImportErrorsConfig: - id: GoogleCloudRetailV2ImportErrorsConfig - description: Configuration of destination for Import related errors. type: object - properties: - gcsPrefix: - description: >- - Google Cloud Storage prefix for import errors. This must be an - empty, existing Cloud Storage directory. Import errors are written - to sharded files in this directory, one per line, as a JSON-encoded - `google.rpc.Status` message. - type: string - GoogleCloudRetailV2RejoinUserEventsRequest: - id: GoogleCloudRetailV2RejoinUserEventsRequest - description: Request message for RejoinUserEvents method. + GoogleCloudRetailV2Interval: type: object properties: - userEventRejoinScope: - description: >- - The type of the user event rejoin to define the scope and range of - the user events to be rejoined with the latest product catalog. - Defaults to `USER_EVENT_REJOIN_SCOPE_UNSPECIFIED` if this field is - not set, or set to an invalid integer value. - type: string - enumDescriptions: - - >- - Rejoin all events with the latest product catalog, including both - joined events and unjoined events. - - Only rejoin joined events with the latest product catalog. - - Only rejoin unjoined events with the latest product catalog. - enum: - - USER_EVENT_REJOIN_SCOPE_UNSPECIFIED - - JOINED_EVENTS - - UNJOINED_EVENTS - GoogleCloudRetailV2PredictRequest: - id: GoogleCloudRetailV2PredictRequest - description: Request message for Predict method. + minimum: + description: Inclusive lower bound. + type: number + format: double + exclusiveMaximum: + format: double + description: Exclusive upper bound. + type: number + exclusiveMinimum: + description: Exclusive lower bound. + type: number + format: double + maximum: + format: double + type: number + description: Inclusive upper bound. + id: GoogleCloudRetailV2Interval + description: A floating point interval. + GoogleCloudRetailV2ConversationalSearchRequestSearchParams: + description: Search parameters. type: object properties: - userEvent: - description: >- - Required. Context about the user, what they are looking at and what - action they took to trigger the predict request. Note that this user - event detail won't be ingested to userEvent logs. Thus, a separate - userEvent write request is required for event logging. Don't set - UserEvent.visitor_id or UserInfo.user_id to the same fixed ID for - different users. If you are trying to receive non-personalized - recommendations (not recommended; this can negatively impact model - performance), instead set UserEvent.visitor_id to a random unique ID - and leave UserInfo.user_id unset. - $ref: '#/components/schemas/GoogleCloudRetailV2UserEvent' - pageSize: - description: >- - Maximum number of results to return. Set this property to the number - of prediction results needed. If zero, the service will choose a - reasonable default. The maximum allowed value is 100. Values above - 100 will be coerced to 100. - type: integer - format: int32 - pageToken: - description: This field is not used; leave it unset. - deprecated: true - type: string filter: description: >- - Filter for restricting prediction results with a length limit of - 5,000 characters. Accepts values for tags and the - `filterOutOfStockItems` flag. * Tag expressions. Restricts - predictions to products that match all of the specified tags. - Boolean operators `OR` and `NOT` are supported if the expression is - enclosed in parentheses, and must be separated from the tag values - by a space. `-"tagA"` is also supported and is equivalent to `NOT - "tagA"`. Tag values must be double quoted UTF-8 encoded strings with - a size limit of 1,000 characters. Note: "Recently viewed" models - don't support tag filtering at the moment. * filterOutOfStockItems. - Restricts predictions to products that do not have a stockState - value of OUT_OF_STOCK. Examples: * tag=("Red" OR "Blue") - tag="New-Arrival" tag=(NOT "promotional") * filterOutOfStockItems - tag=(-"promotional") * filterOutOfStockItems If your filter blocks - all prediction results, the API will return *no* results. If instead - you want empty result sets to return generic (unfiltered) popular - products, set `strictFiltering` to False in `PredictRequest.params`. - Note that the API will never return items with storageStatus of - "EXPIRED" or "DELETED" regardless of filter choices. If - `filterSyntaxV2` is set to true under the `params` field, then - attribute-based expressions are expected instead of the above - described tag-based syntax. Examples: * (colors: ANY("Red", "Blue")) - AND NOT (categories: ANY("Phones")) * (availability: - ANY("IN_STOCK")) AND (colors: ANY("Red") OR categories: - ANY("Phones")) For more information, see [Filter - recommendations](https://cloud.google.com/retail/docs/filter-recs). + Optional. The filter string to restrict search results. The syntax + of the filter string is the same as SearchRequest.filter. + type: string + canonicalFilter: type: string - validateOnly: description: >- - Use validate only mode for this prediction query. If set to true, a - dummy model will be used that returns arbitrary products. Note that - the validate only mode should only be used for testing the API, or - if the model is not ready. - type: boolean - params: + Optional. The canonical filter string to restrict search results. + The syntax of the canonical filter string is the same as + SearchRequest.canonical_filter. + sortBy: + type: string description: >- - Additional domain specific parameters for the predictions. Allowed - values: * `returnProduct`: Boolean. If set to true, the associated - product object will be returned in the `results.metadata` field in - the prediction response. * `returnScore`: Boolean. If set to true, - the prediction 'score' corresponding to each returned product will - be set in the `results.metadata` field in the prediction response. - The given 'score' indicates the probability of a product being - clicked/purchased given the user's context and history. * - `strictFiltering`: Boolean. True by default. If set to false, the - service will return generic (unfiltered) popular products instead of - empty if your filter blocks all prediction results. * - `priceRerankLevel`: String. Default empty. If set to be non-empty, - then it needs to be one of {'no-price-reranking', - 'low-price-reranking', 'medium-price-reranking', - 'high-price-reranking'}. This gives request-level control and - adjusts prediction results based on product price. * - `diversityLevel`: String. Default empty. If set to be non-empty, - then it needs to be one of {'no-diversity', 'low-diversity', - 'medium-diversity', 'high-diversity', 'auto-diversity'}. This gives - request-level control and adjusts prediction results based on - product category. * `filterSyntaxV2`: Boolean. False by default. If - set to true, the `filter` field is interpreteted according to the - new, attribute-based syntax. - type: object - additionalProperties: - type: any - labels: + Optional. The sort string to specify the sorting of search results. + The syntax of the sort string is the same as SearchRequest.sort. + boostSpec: + $ref: '#/components/schemas/GoogleCloudRetailV2SearchRequestBoostSpec' description: >- - The labels applied to a resource must meet the following - requirements: * Each resource can have multiple labels, up to a - maximum of 64. * Each label must be a key-value pair. * Keys have a - minimum length of 1 character and a maximum length of 63 characters - and cannot be empty. Values can be empty and have a maximum length - of 63 characters. * Keys and values can contain only lowercase - letters, numeric characters, underscores, and dashes. All characters - must use UTF-8 encoding, and international characters are allowed. * - The key portion of a label must be unique. However, you can use the - same key with multiple resources. * Keys must start with a lowercase - letter or international character. See [Google Cloud - Document](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) - for more details. - type: object - additionalProperties: - type: string - GoogleCloudRetailV2PredictResponse: - id: GoogleCloudRetailV2PredictResponse - description: Response message for predict method. + Optional. The boost spec to specify the boosting of search results. + The syntax of the boost spec is the same as + SearchRequest.boost_spec. + id: GoogleCloudRetailV2ConversationalSearchRequestSearchParams + GoogleCloudRetailV2alphaExportAnalyticsMetricsResponse: + id: GoogleCloudRetailV2alphaExportAnalyticsMetricsResponse type: object properties: - results: - description: >- - A list of recommended products. The order represents the ranking - (from the most relevant product to the least). - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRetailV2PredictResponsePredictionResult - attributionToken: - description: >- - A unique attribution token. This should be included in the UserEvent - logs resulting from this recommendation, which enables accurate - attribution of recommendation model performance. - type: string - missingIds: - description: IDs of products in the request that were missing from the inventory. + errorSamples: type: array + description: A sample of errors encountered while processing the request. items: - type: string - validateOnly: - description: True if the validateOnly property was set in the request. - type: boolean - GoogleCloudRetailV2PredictResponsePredictionResult: - id: GoogleCloudRetailV2PredictResponsePredictionResult - description: PredictionResult represents the recommendation prediction results. + $ref: '#/components/schemas/GoogleRpcStatus' + errorsConfig: + description: This field is never set. + $ref: '#/components/schemas/GoogleCloudRetailV2alphaExportErrorsConfig' + outputResult: + description: Output result indicating where the data were exported to. + $ref: '#/components/schemas/GoogleCloudRetailV2alphaOutputResult' + description: >- + Response of the ExportAnalyticsMetricsRequest. If the long running + operation was successful, then this message is returned by the + google.longrunning.Operations.response field if the operation was + successful. + GoogleCloudRetailV2RemoveLocalInventoriesMetadata: + properties: {} + id: GoogleCloudRetailV2RemoveLocalInventoriesMetadata type: object - properties: - id: - description: ID of the recommended product - type: string - metadata: - description: >- - Additional product metadata / annotations. Possible values: * - `product`: JSON representation of the product. Is set if - `returnProduct` is set to true in `PredictRequest.params`. * - `score`: Prediction score in double value. Is set if `returnScore` - is set to true in `PredictRequest.params`. - type: object - additionalProperties: - type: any - GoogleCloudRetailV2ListProductsResponse: - id: GoogleCloudRetailV2ListProductsResponse - description: Response message for ProductService.ListProducts method. + description: >- + Metadata related to the progress of the RemoveLocalInventories + operation. Currently empty because there is no meaningful metadata + populated from the ProductService.RemoveLocalInventories method. + GoogleCloudRetailV2RemoveFulfillmentPlacesMetadata: + properties: {} + id: GoogleCloudRetailV2RemoveFulfillmentPlacesMetadata type: object + description: >- + Metadata related to the progress of the RemoveFulfillmentPlaces + operation. Currently empty because there is no meaningful metadata + populated from the ProductService.RemoveFulfillmentPlaces method. + GoogleCloudRetailV2RuleRemoveFacetAction: + id: GoogleCloudRetailV2RuleRemoveFacetAction + description: >- + Removes an attribute/facet in the request if is present. * Rule + Condition: Must specify non-empty Condition.query_terms (for search + only) or Condition.page_categories (for browse only), but can't specify + both. * Action Input: attribute name * Action Result: Will remove the + attribute (as a facet) from the request if it is present. Example: + Suppose the query is "shoes", the Condition.query_terms is "shoes" and + the attribute name "size", then facet key "size" will be removed from + the request (if it is present). properties: - products: - description: The Products. + attributeNames: type: array items: - $ref: '#/components/schemas/GoogleCloudRetailV2Product' - nextPageToken: + type: string description: >- - A token that can be sent as ListProductsRequest.page_token to - retrieve the next page. If this field is omitted, there are no - subsequent pages. - type: string - GoogleCloudRetailV2PurgeProductsRequest: - id: GoogleCloudRetailV2PurgeProductsRequest - description: Request message for PurgeProducts method. + The attribute names (i.e. facet keys) to remove from the dynamic + facets (if present in the request). There can't be more 3 attribute + names. Each attribute name should be a valid attribute name, be + non-empty and contain at most 80 characters. type: object + GoogleCloudRetailV2Rule: + type: object + description: >- + A rule is a condition-action pair * A condition defines when a rule is + to be triggered. * An action specifies what occurs on that trigger. + Currently rules only work for controls with SOLUTION_TYPE_SEARCH. properties: - filter: + condition: description: >- - Required. The filter string to specify the products to be deleted - with a length limit of 5,000 characters. Empty string filter is not - allowed. "*" implies delete all items in a branch. The eligible - fields for filtering are: * `availability`: Double quoted - Product.availability string. * `create_time` : in ISO 8601 "zulu" - format. Supported syntax: * Comparators (">", "<", ">=", "<=", "="). - Examples: * create_time <= "2015-02-13T17:05:46Z" * availability = - "IN_STOCK" * Conjunctions ("AND") Examples: * create_time <= - "2015-02-13T17:05:46Z" AND availability = "PREORDER" * Disjunctions - ("OR") Examples: * create_time <= "2015-02-13T17:05:46Z" OR - availability = "IN_STOCK" * Can support nested queries. Examples: * - (create_time <= "2015-02-13T17:05:46Z" AND availability = - "PREORDER") OR (create_time >= "2015-02-14T13:03:32Z" AND - availability = "IN_STOCK") * Filter Limits: * Filter should not - contain more than 6 conditions. * Max nesting depth should not - exceed 2 levels. Examples queries: * Delete back order products - created before a timestamp. create_time <= "2015-02-13T17:05:46Z" OR - availability = "BACKORDER" - type: string - force: + Required. The condition that triggers the rule. If the condition is + empty, the rule will always apply. + $ref: '#/components/schemas/GoogleCloudRetailV2Condition' + redirectAction: + description: Redirects a shopper to a specific page. + $ref: '#/components/schemas/GoogleCloudRetailV2RuleRedirectAction' + doNotAssociateAction: + description: Prevents term from being associated with other terms. + $ref: '#/components/schemas/GoogleCloudRetailV2RuleDoNotAssociateAction' + replacementAction: + description: Replaces specific terms in the query. + $ref: '#/components/schemas/GoogleCloudRetailV2RuleReplacementAction' + onewaySynonymsAction: description: >- - Actually perform the purge. If `force` is set to false, the method - will return the expected purge count without deleting any products. - type: boolean - GoogleCloudRetailV2ImportProductsRequest: - id: GoogleCloudRetailV2ImportProductsRequest - description: Request message for Import methods. - type: object + Treats specific term as a synonym with a group of terms. Group of + terms will not be treated as synonyms with the specific term. + $ref: '#/components/schemas/GoogleCloudRetailV2RuleOnewaySynonymsAction' + forceReturnFacetAction: + description: Force returns an attribute as a facet in the request. + $ref: '#/components/schemas/GoogleCloudRetailV2RuleForceReturnFacetAction' + twowaySynonymsAction: + description: Treats a set of terms as synonyms of one another. + $ref: '#/components/schemas/GoogleCloudRetailV2RuleTwowaySynonymsAction' + removeFacetAction: + description: Remove an attribute as a facet in the request (if present). + $ref: '#/components/schemas/GoogleCloudRetailV2RuleRemoveFacetAction' + filterAction: + description: Filters results. + $ref: '#/components/schemas/GoogleCloudRetailV2RuleFilterAction' + ignoreAction: + description: Ignores specific terms from query during search. + $ref: '#/components/schemas/GoogleCloudRetailV2RuleIgnoreAction' + pinAction: + $ref: '#/components/schemas/GoogleCloudRetailV2RulePinAction' + description: >- + Pins one or more specified products to a specific position in the + results. + boostAction: + $ref: '#/components/schemas/GoogleCloudRetailV2RuleBoostAction' + description: A boost action. + id: GoogleCloudRetailV2Rule + GoogleCloudRetailV2Catalog: + id: GoogleCloudRetailV2Catalog properties: - requestId: - description: Deprecated. This field has no effect. - deprecated: true - type: string - inputConfig: - description: Required. The desired input location of the data. - $ref: '#/components/schemas/GoogleCloudRetailV2ProductInputConfig' - errorsConfig: - description: The desired location of errors incurred during the Import. - $ref: '#/components/schemas/GoogleCloudRetailV2ImportErrorsConfig' - updateMask: + productLevelConfig: + $ref: '#/components/schemas/GoogleCloudRetailV2ProductLevelConfig' + description: Required. The product level configuration. + displayName: description: >- - Indicates which fields in the provided imported `products` to - update. If not set, all fields are updated. If provided, only the - existing product fields are updated. Missing products will not be - created. + Required. Immutable. The catalog display name. This field must be a + UTF-8 encoded string with a length limit of 128 characters. + Otherwise, an INVALID_ARGUMENT error is returned. type: string - format: google-fieldmask - reconciliationMode: - description: >- - The mode of reconciliation between existing products and the - products to be imported. Defaults to ReconciliationMode.INCREMENTAL. + name: type: string - enumDescriptions: - - Defaults to INCREMENTAL. - - Inserts new products or updates existing products. - - >- - Calculates diff and replaces the entire product dataset. Existing - products may be deleted if they are not present in the source - location. - enum: - - RECONCILIATION_MODE_UNSPECIFIED - - INCREMENTAL - - FULL - notificationPubsubTopic: description: >- - Full Pub/Sub topic name for receiving notification. If this field is - set, when the import is finished, a notification is sent to - specified Pub/Sub topic. The message data is JSON string of a - Operation. Format of the Pub/Sub topic is - `projects/{project}/topics/{topic}`. It has to be within the same - project as ImportProductsRequest.parent. Make sure that both - `cloud-retail-customer-data-access@system.gserviceaccount.com` and - `service-@gcp-sa-retail.iam.gserviceaccount.com` have the - `pubsub.topics.publish` IAM permission on the topic. Only supported - when ImportProductsRequest.reconciliation_mode is set to `FULL`. - type: string - GoogleCloudRetailV2ProductInputConfig: - id: GoogleCloudRetailV2ProductInputConfig - description: The input config source for products. + Required. Immutable. The fully qualified resource name of the + catalog. + description: The catalog configuration. type: object + GoogleCloudRetailV2ProductAttributeValue: + id: GoogleCloudRetailV2ProductAttributeValue properties: - productInlineSource: - description: The Inline source for the input content for products. - $ref: '#/components/schemas/GoogleCloudRetailV2ProductInlineSource' - gcsSource: - description: Google Cloud Storage location for the input content. - $ref: '#/components/schemas/GoogleCloudRetailV2GcsSource' - bigQuerySource: - description: BigQuery input source. - $ref: '#/components/schemas/GoogleCloudRetailV2BigQuerySource' - GoogleCloudRetailV2ProductInlineSource: - id: GoogleCloudRetailV2ProductInlineSource - description: The inline source for the input config for ImportProducts method. + value: + description: The attribute value. + type: string + name: + type: string + description: The attribute name. + description: >- + Product attribute which structured by an attribute name and value. This + structure is used in conversational search filters and answers. For + example, if we have `name=color` and `value=red`, this means that the + color is `red`. + type: object + GoogleCloudRetailV2betaAddLocalInventoriesMetadata: + type: object + id: GoogleCloudRetailV2betaAddLocalInventoriesMetadata + description: >- + Metadata related to the progress of the AddLocalInventories operation. + Currently empty because there is no meaningful metadata populated from + the ProductService.AddLocalInventories method. + properties: {} + GoogleCloudRetailV2ProductDetail: + id: GoogleCloudRetailV2ProductDetail type: object properties: - products: + quantity: + type: integer + format: int32 + description: >- + Quantity of the product associated with the user event. For example, + this field will be 2 if two products are added to the shopping cart + for `purchase-complete` event. Required for `add-to-cart` and + `purchase-complete` event types. + product: + description: >- + Required. Product information. Required field(s): * Product.id + Optional override field(s): * Product.price_info If any supported + optional fields are provided, we will treat them as a full override + when looking up product information from the catalog. Thus, it is + important to ensure that the overriding fields are accurate and + complete. All other product fields are ignored and instead populated + via catalog lookup after event ingestion. + $ref: '#/components/schemas/GoogleCloudRetailV2Product' + description: Detailed product information associated with a user event. + GoogleCloudRetailV2RuleDoNotAssociateAction: + description: >- + Prevents `query_term` from being associated with specified terms during + search. Example: Don't associate "gShoe" and "cheap". + properties: + terms: + items: + type: string + description: Will be [deprecated = true] post migration; + type: array + queryTerms: + items: + type: string + type: array description: >- - Required. A list of products to update/create. Each product must - have a valid Product.id. Recommended max of 100 items. + Terms from the search query. Will not consider + do_not_associate_terms for search if in search query. Can specify up + to 100 terms. + doNotAssociateTerms: type: array items: - $ref: '#/components/schemas/GoogleCloudRetailV2Product' - GoogleCloudRetailV2SetInventoryRequest: - id: GoogleCloudRetailV2SetInventoryRequest - description: Request message for ProductService.SetInventory method. + type: string + description: >- + Cannot contain duplicates or the query term. Can specify up to 100 + terms. + id: GoogleCloudRetailV2RuleDoNotAssociateAction type: object + GoogleCloudRetailV2GenerativeQuestionConfig: properties: - inventory: + exampleValues: + items: + type: string + description: Output only. Values that can be used to answer the question. + type: array + readOnly: true + finalQuestion: description: >- - Required. The inventory information to update. The allowable fields - to update are: * Product.price_info * Product.availability * - Product.available_quantity * Product.fulfillment_info The updated - inventory fields must be specified in SetInventoryRequest.set_mask. - If SetInventoryRequest.inventory.name is empty or invalid, an - INVALID_ARGUMENT error is returned. If the caller does not have - permission to update the Product named in Product.name, regardless - of whether or not it exists, a PERMISSION_DENIED error is returned. - If the Product to update does not have existing inventory - information, the provided inventory information will be inserted. If - the Product to update has existing inventory information, the - provided inventory information will be merged while respecting the - last update time for each inventory field, using the provided or - default value for SetInventoryRequest.set_time. The caller can - replace place IDs for a subset of fulfillment types in the following - ways: * Adds "fulfillment_info" in SetInventoryRequest.set_mask * - Specifies only the desired fulfillment types and corresponding place - IDs to update in SetInventoryRequest.inventory.fulfillment_info The - caller can clear all place IDs from a subset of fulfillment types in - the following ways: * Adds "fulfillment_info" in - SetInventoryRequest.set_mask * Specifies only the desired - fulfillment types to clear in - SetInventoryRequest.inventory.fulfillment_info * Checks that only - the desired fulfillment info types have empty - SetInventoryRequest.inventory.fulfillment_info.place_ids The last - update time is recorded for the following inventory fields: * - Product.price_info * Product.availability * - Product.available_quantity * Product.fulfillment_info If a full - overwrite of inventory information while ignoring timestamps is - needed, ProductService.UpdateProduct should be invoked instead. - $ref: '#/components/schemas/GoogleCloudRetailV2Product' - setMask: + Optional. The question that will be used at serving time. Question + can have a max length of 300 bytes. When not populated, + generated_question should be used. + type: string + facet: + type: string + description: Required. The facet to which the question is associated. + generatedQuestion: + description: Output only. The LLM generated question. + readOnly: true + type: string + allowedInConversation: + description: Optional. Whether the question is asked at serving time. + type: boolean + catalog: description: >- - Indicates which inventory fields in the provided Product to update. - At least one field must be provided. If an unsupported or unknown - field is provided, an INVALID_ARGUMENT error is returned and the - entire update will be ignored. + Required. Resource name of the catalog. Format: + projects/{project}/locations/{location}/catalogs/{catalog} type: string - format: google-fieldmask - setTime: + frequency: + format: float + readOnly: true + type: number + description: Output only. The ratio of how often a question was asked. + type: object + description: Configuration for a single generated question. + id: GoogleCloudRetailV2GenerativeQuestionConfig + GoogleCloudRetailV2AddFulfillmentPlacesMetadata: + properties: {} + type: object + id: GoogleCloudRetailV2AddFulfillmentPlacesMetadata + description: >- + Metadata related to the progress of the AddFulfillmentPlaces operation. + Currently empty because there is no meaningful metadata populated from + the ProductService.AddFulfillmentPlaces method. + GoogleCloudRetailV2GcsSource: + type: object + description: Google Cloud Storage location for input content. + id: GoogleCloudRetailV2GcsSource + properties: + inputUris: + type: array description: >- - The time when the request is issued, used to prevent out-of-order - updates on inventory fields with the last update time recorded. If - not provided, the internal system time will be used. + Required. Google Cloud Storage URIs to input files. URI can be up to + 2000 characters long. URIs can match the full object path (for + example, `gs://bucket/directory/object.json`) or a pattern matching + one or more files, such as `gs://bucket/directory/*.json`. A request + can contain at most 100 files, and each file can be up to 2 GB. See + [Importing product + information](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog) + for the expected file format and setup instructions. + items: + type: string + dataSchema: type: string - format: google-datetime - allowMissing: description: >- - If set to true, and the Product with name Product.name is not found, - the inventory update will still be processed and retained for at - most 1 day until the Product is created. If set to false, a - NOT_FOUND error is returned if the Product is not found. - type: boolean + The schema to use when parsing the data from the source. Supported + values for product imports: * `product` (default): One JSON Product + per line. Each product must have a valid Product.id. * + `product_merchant_center`: See [Importing catalog data from Merchant + Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). + Supported values for user events imports: * `user_event` (default): + One JSON UserEvent per line. * `user_event_ga360`: Using + https://support.google.com/analytics/answer/3437719. Supported + values for control imports: * `control` (default): One JSON Control + per line. Supported values for catalog attribute imports: * + `catalog_attribute` (default): One CSV CatalogAttribute per line. GoogleCloudRetailV2AddFulfillmentPlacesRequest: - id: GoogleCloudRetailV2AddFulfillmentPlacesRequest - description: Request message for ProductService.AddFulfillmentPlaces method. type: object + description: Request message for ProductService.AddFulfillmentPlaces method. + id: GoogleCloudRetailV2AddFulfillmentPlacesRequest properties: - type: - description: >- - Required. The fulfillment type, including commonly used types (such - as pickup in store and same day delivery), and custom types. - Supported values: * "pickup-in-store" * "ship-to-store" * - "same-day-delivery" * "next-day-delivery" * "custom-type-1" * - "custom-type-2" * "custom-type-3" * "custom-type-4" * - "custom-type-5" If this field is set to an invalid value other than - these, an INVALID_ARGUMENT error is returned. This field directly - corresponds to Product.fulfillment_info.type. - type: string placeIds: description: >- Required. The IDs for this type, such as the store IDs for @@ -4805,26 +4855,8 @@ components: type: array items: type: string - addTime: - description: >- - The time when the fulfillment updates are issued, used to prevent - out-of-order updates on fulfillment information. If not provided, - the internal system time will be used. - type: string - format: google-datetime - allowMissing: - description: >- - If set to true, and the Product is not found, the fulfillment - information will still be processed and retained for at most 1 day - and processed once the Product is created. If set to false, a - NOT_FOUND error is returned if the Product is not found. - type: boolean - GoogleCloudRetailV2RemoveFulfillmentPlacesRequest: - id: GoogleCloudRetailV2RemoveFulfillmentPlacesRequest - description: Request message for ProductService.RemoveFulfillmentPlaces method. - type: object - properties: type: + type: string description: >- Required. The fulfillment type, including commonly used types (such as pickup in store and same day delivery), and custom types. @@ -4834,20 +4866,7 @@ components: "custom-type-5" If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. This field directly corresponds to Product.fulfillment_info.type. - type: string - placeIds: - description: >- - Required. The IDs for this type, such as the store IDs for - "pickup-in-store" or the region IDs for "same-day-delivery", to be - removed for this type. At least 1 value is required, and a maximum - of 2000 values are allowed. Each value must be a string with a - length limit of 10 characters, matching the pattern - `[a-zA-Z0-9_-]+`, such as "store1" or "REGION-2". Otherwise, an - INVALID_ARGUMENT error is returned. - type: array - items: - type: string - removeTime: + addTime: description: >- The time when the fulfillment updates are issued, used to prevent out-of-order updates on fulfillment information. If not provided, @@ -4855,2343 +4874,2634 @@ components: type: string format: google-datetime allowMissing: + type: boolean description: >- If set to true, and the Product is not found, the fulfillment information will still be processed and retained for at most 1 day and processed once the Product is created. If set to false, a NOT_FOUND error is returned if the Product is not found. - type: boolean - GoogleCloudRetailV2AddLocalInventoriesRequest: - id: GoogleCloudRetailV2AddLocalInventoriesRequest - description: Request message for ProductService.AddLocalInventories method. + GoogleCloudRetailV2betaRemoveFulfillmentPlacesMetadata: + description: >- + Metadata related to the progress of the RemoveFulfillmentPlaces + operation. Currently empty because there is no meaningful metadata + populated from the ProductService.RemoveFulfillmentPlaces method. + type: object + properties: {} + id: GoogleCloudRetailV2betaRemoveFulfillmentPlacesMetadata + GoogleCloudRetailV2ImportUserEventsRequest: type: object properties: - localInventories: + inputConfig: + $ref: '#/components/schemas/GoogleCloudRetailV2UserEventInputConfig' + description: Required. The desired input location of the data. + errorsConfig: + description: >- + The desired location of errors incurred during the Import. Cannot be + set for inline user event imports. + $ref: '#/components/schemas/GoogleCloudRetailV2ImportErrorsConfig' + description: Request message for the ImportUserEvents request. + id: GoogleCloudRetailV2ImportUserEventsRequest + GoogleCloudRetailV2betaPurgeMetadata: + type: object + properties: {} + id: GoogleCloudRetailV2betaPurgeMetadata + description: >- + Metadata related to the progress of the Purge operation. This will be + returned by the google.longrunning.Operation.metadata field. + GoogleCloudRetailV2CatalogAttributeFacetConfig: + description: >- + Possible options for the facet that corresponds to the current attribute + config. + properties: + mergedFacetValues: + type: array + description: >- + Each instance replaces a list of facet values by a merged facet + value. If a facet value is not in any list, then it will stay the + same. To avoid conflicts, only paths of length 1 are accepted. In + other words, if "dark_blue" merged into "BLUE", then the latter + can't merge into "blues" because this would create a path of length + 2. The maximum number of instances of MergedFacetValue per + CatalogAttribute is 100. This feature is available only for textual + custom attributes. + items: + $ref: >- + #/components/schemas/GoogleCloudRetailV2CatalogAttributeFacetConfigMergedFacetValue + rerankConfig: + description: >- + Set this field only if you want to rerank based on facet values + engaged by the user for the current key. This option is only + possible for custom facetable textual keys. + $ref: >- + #/components/schemas/GoogleCloudRetailV2CatalogAttributeFacetConfigRerankConfig + ignoredFacetValues: + type: array + description: >- + Each instance represents a list of attribute values to ignore as + facet values for a specific time range. The maximum number of + instances per CatalogAttribute is 25. + items: + $ref: >- + #/components/schemas/GoogleCloudRetailV2CatalogAttributeFacetConfigIgnoredFacetValues + mergedFacet: + $ref: >- + #/components/schemas/GoogleCloudRetailV2CatalogAttributeFacetConfigMergedFacet description: >- - Required. A list of inventory information at difference places. Each - place is identified by its place ID. At most 3000 inventories are - allowed per request. - type: array + Use this field only if you want to merge a facet key into another + facet key. + facetIntervals: items: - $ref: '#/components/schemas/GoogleCloudRetailV2LocalInventory' - addMask: + $ref: '#/components/schemas/GoogleCloudRetailV2Interval' description: >- - Indicates which inventory fields in the provided list of - LocalInventory to update. The field is updated to the provided - value. If a field is set while the place does not have a previous - local inventory, the local inventory at that store is created. If a - field is set while the value of that field is not provided, the - original field value, if it exists, is deleted. If the mask is not - set or set with empty paths, all inventory fields will be updated. - If an unsupported or unknown field is provided, an INVALID_ARGUMENT - error is returned and the entire update will be ignored. + If you don't set the facet + SearchRequest.FacetSpec.FacetKey.intervals in the request to a + numerical attribute, then we use the computed intervals with rounded + bounds obtained from all its product numerical attribute values. The + computed intervals might not be ideal for some attributes. + Therefore, we give you the option to overwrite them with the + facet_intervals field. The maximum of facet intervals per + CatalogAttribute is 40. Each interval must have a lower bound or an + upper bound. If both bounds are provided, then the lower bound must + be smaller or equal than the upper bound. + type: array + id: GoogleCloudRetailV2CatalogAttributeFacetConfig + type: object + GoogleCloudRetailV2CatalogAttribute: + id: GoogleCloudRetailV2CatalogAttribute + description: >- + Catalog level attribute config for an attribute. For example, if + customers want to enable/disable facet for a specific attribute. + properties: + searchableOption: type: string - format: google-fieldmask - addTime: description: >- - The time when the inventory updates are issued. Used to prevent - out-of-order updates on local inventory fields. If not provided, the - internal system time will be used. - type: string - format: google-datetime - allowMissing: + When AttributesConfig.attribute_config_level is + CATALOG_LEVEL_ATTRIBUTE_CONFIG, if SEARCHABLE_ENABLED, attribute + values are searchable by text queries in SearchService.Search. If + SEARCHABLE_ENABLED but attribute type is numerical, attribute values + will not be searchable by text queries in SearchService.Search, as + there are no text values associated to numerical attributes. Must be + specified, when AttributesConfig.attribute_config_level is + CATALOG_LEVEL_ATTRIBUTE_CONFIG, otherwise throws INVALID_FORMAT + error. + enumDescriptions: + - Value used when unset. + - Searchable option enabled for an attribute. + - Searchable option disabled for an attribute. + enum: + - SEARCHABLE_OPTION_UNSPECIFIED + - SEARCHABLE_ENABLED + - SEARCHABLE_DISABLED + inUse: + readOnly: true description: >- - If set to true, and the Product is not found, the local inventory - will still be processed and retained for at most 1 day and processed - once the Product is created. If set to false, a NOT_FOUND error is - returned if the Product is not found. + Output only. Indicates whether this attribute has been used by any + products. `True` if at least one Product is using this attribute in + Product.attributes. Otherwise, this field is `False`. + CatalogAttribute can be pre-loaded by using + CatalogService.AddCatalogAttribute or + CatalogService.UpdateAttributesConfig APIs. This field is `False` + for pre-loaded CatalogAttributes. Only pre-loaded catalog attributes + that are neither in use by products nor predefined can be deleted. + Catalog attributes that are either in use by products or are + predefined attributes cannot be deleted; however, their + configuration properties will reset to default values upon removal + request. After catalog changes, it takes about 10 minutes for this + field to update. type: boolean - GoogleCloudRetailV2RemoveLocalInventoriesRequest: - id: GoogleCloudRetailV2RemoveLocalInventoriesRequest - description: Request message for ProductService.RemoveLocalInventories method. - type: object - properties: - placeIds: - description: >- - Required. A list of place IDs to have their inventory deleted. At - most 3000 place IDs are allowed per request. - type: array - items: - type: string - removeTime: + dynamicFacetableOption: + enum: + - DYNAMIC_FACETABLE_OPTION_UNSPECIFIED + - DYNAMIC_FACETABLE_ENABLED + - DYNAMIC_FACETABLE_DISABLED description: >- - The time when the inventory deletions are issued. Used to prevent - out-of-order updates and deletions on local inventory fields. If not - provided, the internal system time will be used. + If DYNAMIC_FACETABLE_ENABLED, attribute values are available for + dynamic facet. Could only be DYNAMIC_FACETABLE_DISABLED if + CatalogAttribute.indexable_option is INDEXABLE_DISABLED. Otherwise, + an INVALID_ARGUMENT error is returned. Must be specified, otherwise + throws INVALID_FORMAT error. + enumDescriptions: + - Value used when unset. + - Dynamic facetable option enabled for an attribute. + - Dynamic facetable option disabled for an attribute. type: string - format: google-datetime - allowMissing: + exactSearchableOption: description: >- - If set to true, and the Product is not found, the local inventory - removal request will still be processed and retained for at most 1 - day and processed once the Product is created. If set to false, a - NOT_FOUND error is returned if the Product is not found. - type: boolean - GoogleCloudRetailV2ServingConfig: - id: GoogleCloudRetailV2ServingConfig - description: >- - Configures metadata that is used to generate serving time results (e.g. - search results or recommendation predictions). - type: object - properties: - name: + If EXACT_SEARCHABLE_ENABLED, attribute values will be exact + searchable. This property only applies to textual custom attributes + and requires indexable set to enabled to enable exact-searchable. If + unset, the server behavior defaults to EXACT_SEARCHABLE_DISABLED. + enum: + - EXACT_SEARCHABLE_OPTION_UNSPECIFIED + - EXACT_SEARCHABLE_ENABLED + - EXACT_SEARCHABLE_DISABLED + type: string + enumDescriptions: + - Value used when unset. + - Exact searchable option enabled for an attribute. + - Exact searchable option disabled for an attribute. + type: description: >- - Immutable. Fully qualified name - `projects/*/locations/global/catalogs/*/servingConfig/*` + Output only. The type of this attribute. This is derived from the + attribute in Product.attributes. + enumDescriptions: + - >- + The type of the attribute is unknown. Used when type cannot be + derived from attribute that is not in_use. + - Textual attribute. + - Numerical attribute. + enum: + - UNKNOWN + - TEXTUAL + - NUMERICAL type: string - displayName: + readOnly: true + key: description: >- - Required. The human readable serving config display name. Used in - Retail UI. This field must be a UTF-8 encoded string with a length - limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is - returned. + Required. Attribute name. For example: `color`, `brands`, + `attributes.custom_attribute`, such as `attributes.xyz`. To be + indexable, the attribute name can contain only alpha-numeric + characters and underscores. For example, an attribute named + `attributes.abc_xyz` can be indexed, but an attribute named + `attributes.abc-xyz` cannot be indexed. If the attribute key starts + with `attributes.`, then the attribute is a custom attribute. + Attributes such as `brands`, `patterns`, and `title` are built-in + and called system attributes. type: string - modelId: + indexableOption: description: >- - The id of the model in the same Catalog to use at serving time. - Currently only RecommendationModels are supported: - https://cloud.google.com/retail/recommendations-ai/docs/create-models - Can be changed but only to a compatible model (e.g. - others-you-may-like CTR to others-you-may-like CVR). Required when - solution_types is SOLUTION_TYPE_RECOMMENDATION. + When AttributesConfig.attribute_config_level is + CATALOG_LEVEL_ATTRIBUTE_CONFIG, if INDEXABLE_ENABLED attribute + values are indexed so that it can be filtered, faceted, or boosted + in SearchService.Search. Must be specified when + AttributesConfig.attribute_config_level is + CATALOG_LEVEL_ATTRIBUTE_CONFIG, otherwise throws INVALID_FORMAT + error. type: string - priceRerankingLevel: + enumDescriptions: + - Value used when unset. + - Indexable option enabled for an attribute. + - Indexable option disabled for an attribute. + enum: + - INDEXABLE_OPTION_UNSPECIFIED + - INDEXABLE_ENABLED + - INDEXABLE_DISABLED + facetConfig: + $ref: '#/components/schemas/GoogleCloudRetailV2CatalogAttributeFacetConfig' + description: Contains facet options. + retrievableOption: + type: string + enumDescriptions: + - Value used when unset. + - Retrievable option enabled for an attribute. + - Retrievable option disabled for an attribute. description: >- - How much price ranking we want in serving results. Price reranking - causes product items with a similar recommendation probability to be - ordered by price, with the highest-priced items first. This setting - could result in a decrease in click-through and conversion rates. - Allowed values are: * `no-price-reranking` * `low-price-reranking` * - `medium-price-reranking` * `high-price-reranking` If not specified, - we choose default based on model type. Default value: - `no-price-reranking`. Can only be set if solution_types is - SOLUTION_TYPE_RECOMMENDATION. + If RETRIEVABLE_ENABLED, attribute values are retrievable in the + search results. If unset, the server behavior defaults to + RETRIEVABLE_DISABLED. + enum: + - RETRIEVABLE_OPTION_UNSPECIFIED + - RETRIEVABLE_ENABLED + - RETRIEVABLE_DISABLED + type: object + GoogleCloudRetailV2alphaCreateMerchantCenterAccountLinkMetadata: + type: object + description: Common metadata related to the progress of the operations. + properties: + createTime: type: string - facetControlIds: + description: Operation create time. + format: google-datetime + updateTime: + type: string + format: google-datetime description: >- - Facet specifications for faceted search. If empty, no facets are - returned. The ids refer to the ids of Control resources with only - the Facet control set. These controls are assumed to be in the same - Catalog as the ServingConfig. A maximum of 100 values are allowed. - Otherwise, an INVALID_ARGUMENT error is returned. Can only be set if - solution_types is SOLUTION_TYPE_SEARCH. - type: array - items: - type: string - dynamicFacetSpec: + Operation last update time. If the operation is done, this is also + the finish time. + id: GoogleCloudRetailV2alphaCreateMerchantCenterAccountLinkMetadata + GoogleCloudRetailV2PredictRequest: + type: object + id: GoogleCloudRetailV2PredictRequest + properties: + userEvent: description: >- - The specification for dynamically generated facets. Notice that only - textual facets can be dynamically generated. Can only be set if - solution_types is SOLUTION_TYPE_SEARCH. - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchRequestDynamicFacetSpec - boostControlIds: + Required. Context about the user, what they are looking at and what + action they took to trigger the predict request. Note that this user + event detail won't be ingested to userEvent logs. Thus, a separate + userEvent write request is required for event logging. Don't set + UserEvent.visitor_id or UserInfo.user_id to the same fixed ID for + different users. If you are trying to receive non-personalized + recommendations (not recommended; this can negatively impact model + performance), instead set UserEvent.visitor_id to a random unique ID + and leave UserInfo.user_id unset. + $ref: '#/components/schemas/GoogleCloudRetailV2UserEvent' + pageSize: description: >- - Condition boost specifications. If a product matches multiple - conditions in the specifications, boost scores from these - specifications are all applied and combined in a non-linear way. - Maximum number of specifications is 100. Notice that if both - ServingConfig.boost_control_ids and SearchRequest.boost_spec are - set, the boost conditions from both places are evaluated. If a - search request matches multiple boost conditions, the final boost - score is equal to the sum of the boost scores from all matched boost - conditions. Can only be set if solution_types is - SOLUTION_TYPE_SEARCH. - type: array - items: - type: string - filterControlIds: + Maximum number of results to return. Set this property to the number + of prediction results needed. If zero, the service will choose a + reasonable default. The maximum allowed value is 100. Values above + 100 will be coerced to 100. + type: integer + format: int32 + labels: description: >- - Condition filter specifications. If a product matches multiple - conditions in the specifications, filters from these specifications - are all applied and combined via the AND operator. Maximum number of - specifications is 100. Can only be set if solution_types is - SOLUTION_TYPE_SEARCH. - type: array - items: + The labels applied to a resource must meet the following + requirements: * Each resource can have multiple labels, up to a + maximum of 64. * Each label must be a key-value pair. * Keys have a + minimum length of 1 character and a maximum length of 63 characters + and cannot be empty. Values can be empty and have a maximum length + of 63 characters. * Keys and values can contain only lowercase + letters, numeric characters, underscores, and dashes. All characters + must use UTF-8 encoding, and international characters are allowed. * + The key portion of a label must be unique. However, you can use the + same key with multiple resources. * Keys must start with a lowercase + letter or international character. See [Google Cloud + Document](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) + for more details. + additionalProperties: type: string - redirectControlIds: + type: object + validateOnly: + type: boolean description: >- - Condition redirect specifications. Only the first triggered redirect - action is applied, even if multiple apply. Maximum number of - specifications is 1000. Can only be set if solution_types is - SOLUTION_TYPE_SEARCH. - type: array - items: - type: string - twowaySynonymsControlIds: + Use validate only mode for this prediction query. If set to true, a + dummy model will be used that returns arbitrary products. Note that + the validate only mode should only be used for testing the API, or + if the model is not ready. + filter: description: >- - Condition synonyms specifications. If multiple syonyms conditions - match, all matching synonyms control in the list will execute. Order - of controls in the list will not matter. Maximum number of - specifications is 100. Can only be set if solution_types is - SOLUTION_TYPE_SEARCH. - type: array - items: - type: string - onewaySynonymsControlIds: + Filter for restricting prediction results with a length limit of + 5,000 characters. Accepts values for tags and the + `filterOutOfStockItems` flag. * Tag expressions. Restricts + predictions to products that match all of the specified tags. + Boolean operators `OR` and `NOT` are supported if the expression is + enclosed in parentheses, and must be separated from the tag values + by a space. `-"tagA"` is also supported and is equivalent to `NOT + "tagA"`. Tag values must be double quoted UTF-8 encoded strings with + a size limit of 1,000 characters. Note: "Recently viewed" models + don't support tag filtering at the moment. * filterOutOfStockItems. + Restricts predictions to products that do not have a stockState + value of OUT_OF_STOCK. Examples: * tag=("Red" OR "Blue") + tag="New-Arrival" tag=(NOT "promotional") * filterOutOfStockItems + tag=(-"promotional") * filterOutOfStockItems If your filter blocks + all prediction results, the API will return *no* results. If instead + you want empty result sets to return generic (unfiltered) popular + products, set `strictFiltering` to False in `PredictRequest.params`. + Note that the API will never return items with storageStatus of + "EXPIRED" or "DELETED" regardless of filter choices. If + `filterSyntaxV2` is set to true under the `params` field, then + attribute-based expressions are expected instead of the above + described tag-based syntax. Examples: * (colors: ANY("Red", "Blue")) + AND NOT (categories: ANY("Phones")) * (availability: + ANY("IN_STOCK")) AND (colors: ANY("Red") OR categories: + ANY("Phones")) For more information, see [Filter + recommendations](https://cloud.google.com/retail/docs/filter-recs). + type: string + pageToken: + type: string + description: This field is not used; leave it unset. + deprecated: true + params: + additionalProperties: + type: any description: >- - Condition oneway synonyms specifications. If multiple oneway - synonyms conditions match, all matching oneway synonyms controls in - the list will execute. Order of controls in the list will not - matter. Maximum number of specifications is 100. Can only be set if - solution_types is SOLUTION_TYPE_SEARCH. - type: array - items: - type: string - doNotAssociateControlIds: + Additional domain specific parameters for the predictions. Allowed + values: * `returnProduct`: Boolean. If set to true, the associated + product object will be returned in the `results.metadata` field in + the prediction response. * `returnScore`: Boolean. If set to true, + the prediction 'score' corresponding to each returned product will + be set in the `results.metadata` field in the prediction response. + The given 'score' indicates the probability of a product being + clicked/purchased given the user's context and history. * + `strictFiltering`: Boolean. True by default. If set to false, the + service will return generic (unfiltered) popular products instead of + empty if your filter blocks all prediction results. * + `priceRerankLevel`: String. Default empty. If set to be non-empty, + then it needs to be one of {'no-price-reranking', + 'low-price-reranking', 'medium-price-reranking', + 'high-price-reranking'}. This gives request-level control and + adjusts prediction results based on product price. * + `diversityLevel`: String. Default empty. If set to be non-empty, + then it needs to be one of {'no-diversity', 'low-diversity', + 'medium-diversity', 'high-diversity', 'auto-diversity'}. This gives + request-level control and adjusts prediction results based on + product category. * `filterSyntaxV2`: Boolean. False by default. If + set to true, the `filter` field is interpreteted according to the + new, attribute-based syntax. + type: object + description: Request message for Predict method. + GoogleCloudRetailV2CompletionConfig: + id: GoogleCloudRetailV2CompletionConfig + properties: + lastDenylistImportOperation: + type: string + readOnly: true description: >- - Condition do not associate specifications. If multiple do not - associate conditions match, all matching do not associate controls - in the list will execute. - Order does not matter. - Maximum number - of specifications is 100. Can only be set if solution_types is - SOLUTION_TYPE_SEARCH. - type: array - items: - type: string - replacementControlIds: + Output only. Name of the LRO corresponding to the latest denylist + import. Can use GetOperation API to retrieve the latest state of the + Long Running Operation. + denylistInputConfig: + $ref: '#/components/schemas/GoogleCloudRetailV2CompletionDataInputConfig' + readOnly: true description: >- - Condition replacement specifications. - Applied according to the - order in the list. - A previously replaced term can not be - re-replaced. - Maximum number of specifications is 100. Can only be - set if solution_types is SOLUTION_TYPE_SEARCH. - type: array - items: - type: string - ignoreControlIds: + Output only. The source data for the latest import of the + autocomplete denylist phrases. + maxSuggestions: description: >- - Condition ignore specifications. If multiple ignore conditions - match, all matching ignore controls in the list will execute. - - Order does not matter. - Maximum number of specifications is 100. - Can only be set if solution_types is SOLUTION_TYPE_SEARCH. - type: array - items: - type: string - diversityLevel: + The maximum number of autocomplete suggestions returned per term. + Default value is 20. If left unset or set to 0, then will fallback + to default value. Value range is 1 to 20. + type: integer + format: int32 + allowlistInputConfig: + readOnly: true + $ref: '#/components/schemas/GoogleCloudRetailV2CompletionDataInputConfig' description: >- - How much diversity to use in recommendation model results e.g. - `medium-diversity` or `high-diversity`. Currently supported values: - * `no-diversity` * `low-diversity` * `medium-diversity` * - `high-diversity` * `auto-diversity` If not specified, we choose - default based on recommendation model type. Default value: - `no-diversity`. Can only be set if solution_types is - SOLUTION_TYPE_RECOMMENDATION. + Output only. The source data for the latest import of the + autocomplete allowlist phrases. + lastSuggestionsImportOperation: type: string - diversityType: + readOnly: true description: >- - What kind of diversity to use - data driven or rule based. If unset, - the server behavior defaults to RULE_BASED_DIVERSITY. - type: string - enumDescriptions: - - Default value. - - Rule based diversity. - - Data driven diversity. - enum: - - DIVERSITY_TYPE_UNSPECIFIED - - RULE_BASED_DIVERSITY - - DATA_DRIVEN_DIVERSITY - enableCategoryFilterLevel: + Output only. Name of the LRO corresponding to the latest suggestion + terms list import. Can use GetOperation API method to retrieve the + latest state of the Long Running Operation. + minPrefixLength: + format: int32 description: >- - Whether to add additional category filters on the `similar-items` - model. If not specified, we enable it by default. Allowed values - are: * `no-category-match`: No additional filtering of original - results from the model and the customer's filters. * - `relaxed-category-match`: Only keep results with categories that - match at least one item categories in the PredictRequests's context - item. * If customer also sends filters in the PredictRequest, then - the results will satisfy both conditions (user given and category - match). Can only be set if solution_types is - SOLUTION_TYPE_RECOMMENDATION. + The minimum number of characters needed to be typed in order to get + suggestions. Default value is 2. If left unset or set to 0, then + will fallback to default value. Value range is 1 to 20. + type: integer + matchingOrder: type: string - ignoreRecsDenylist: description: >- - When the flag is enabled, the products in the denylist will not be - filtered out in the recommendation filtering results. - type: boolean - personalizationSpec: + Specifies the matching order for autocomplete suggestions, e.g., a + query consisting of 'sh' with 'out-of-order' specified would suggest + "women's shoes", whereas a query of 'red s' with 'exact-prefix' + specified would suggest "red shoes". Currently supported values: * + 'out-of-order' * 'exact-prefix' Default value: 'exact-prefix'. + suggestionsInputConfig: + description: >- + Output only. The source data for the latest import of the + autocomplete suggestion phrases. + readOnly: true + $ref: '#/components/schemas/GoogleCloudRetailV2CompletionDataInputConfig' + lastAllowlistImportOperation: + description: >- + Output only. Name of the LRO corresponding to the latest allowlist + import. Can use GetOperation API to retrieve the latest state of the + Long Running Operation. + readOnly: true + type: string + name: + type: string description: >- - The specification for personalization spec. Can only be set if - solution_types is SOLUTION_TYPE_SEARCH. Notice that if both - ServingConfig.personalization_spec and - SearchRequest.personalization_spec are set. - SearchRequest.personalization_spec will override - ServingConfig.personalization_spec. - $ref: >- - #/components/schemas/GoogleCloudRetailV2SearchRequestPersonalizationSpec - solutionTypes: + Required. Immutable. Fully qualified name + `projects/*/locations/*/catalogs/*/completionConfig` + autoLearning: description: >- - Required. Immutable. Specifies the solution types that a serving - config can be associated with. Currently we support setting only one - type of solution. - type: array - items: - type: string - enumDescriptions: - - Default value. - - Used for Recommendations AI. - - Used for Retail Search. - enum: - - SOLUTION_TYPE_UNSPECIFIED - - SOLUTION_TYPE_RECOMMENDATION - - SOLUTION_TYPE_SEARCH - GoogleCloudRetailV2ListServingConfigsResponse: - id: GoogleCloudRetailV2ListServingConfigsResponse - description: Response for ListServingConfigs method. + If set to true, the auto learning function is enabled. Auto learning + uses user data to generate suggestions using ML techniques. Default + value is false. Only after enabling auto learning can users use + `cloud-retail` data in CompleteQueryRequest. + type: boolean + description: >- + Catalog level autocomplete config for customers to customize + autocomplete feature's settings. + type: object + GoogleCloudRetailV2RemoveCatalogAttributeRequest: type: object + id: GoogleCloudRetailV2RemoveCatalogAttributeRequest properties: - servingConfigs: - description: All the ServingConfigs for a given catalog. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2ServingConfig' - nextPageToken: - description: Pagination token, if not returned indicates the last page. + key: type: string - GoogleCloudRetailV2AddControlRequest: - id: GoogleCloudRetailV2AddControlRequest - description: Request for AddControl method. + description: Required. The attribute name key of the CatalogAttribute to remove. + description: Request for CatalogService.RemoveCatalogAttribute method. + GoogleCloudRetailV2alphaPurgeUserEventsResponse: + properties: + purgedEventsCount: + description: The total count of events purged as a result of the operation. + format: int64 + type: string + id: GoogleCloudRetailV2alphaPurgeUserEventsResponse type: object + description: >- + Response of the PurgeUserEventsRequest. If the long running operation is + successfully done, then this message is returned by the + google.longrunning.Operations.response field. + GoogleCloudRetailV2CompleteQueryResponseCompletionResult: + id: GoogleCloudRetailV2CompleteQueryResponseCompletionResult properties: - controlId: + attributes: + type: object description: >- - Required. The id of the control to apply. Assumed to be in the same - catalog as the serving config - if id is not found a NOT_FOUND error - is returned. + Custom attributes for the suggestion term. * For `user-data`, the + attributes are additional custom attributes ingested through + BigQuery. * For `cloud-retail`, the attributes are product + attributes generated by Cloud Retail. It requires + UserEvent.product_details is imported properly. + additionalProperties: + $ref: '#/components/schemas/GoogleCloudRetailV2CustomAttribute' + suggestion: type: string - GoogleCloudRetailV2RemoveControlRequest: - id: GoogleCloudRetailV2RemoveControlRequest - description: Request for RemoveControl method. + description: The suggestion for the query. + description: Resource that represents completion results. + type: object + GoogleCloudRetailV2GcsOutputResult: + description: A Gcs output result. + id: GoogleCloudRetailV2GcsOutputResult type: object properties: - controlId: - description: >- - Required. The id of the control to apply. Assumed to be in the same - catalog as the serving config. + outputUri: type: string - GoogleCloudRetailLoggingErrorLog: - id: GoogleCloudRetailLoggingErrorLog + description: The uri of Gcs output + GoogleCloudRetailV2ImportMetadata: description: >- - An error log which is reported to the Error Reporting system. This proto - a superset of - google.devtools.clouderrorreporting.v1beta1.ReportedErrorEvent. - type: object + Metadata related to the progress of the Import operation. This is + returned by the google.longrunning.Operation.metadata field. properties: - serviceContext: - description: The service context in which this error has occurred. - $ref: '#/components/schemas/GoogleCloudRetailLoggingServiceContext' - context: - description: A description of the context in which the error occurred. - $ref: '#/components/schemas/GoogleCloudRetailLoggingErrorContext' - message: - description: A message describing the error. + updateTime: + description: >- + Operation last update time. If the operation is done, this is also + the finish time. + type: string + format: google-datetime + createTime: + type: string + format: google-datetime + description: Operation create time. + requestId: + description: Deprecated. This field is never set. + type: string + deprecated: true + failureCount: + description: Count of entries that encountered errors while processing. + type: string + format: int64 + successCount: + description: Count of entries that were processed successfully. + format: int64 + type: string + notificationPubsubTopic: type: string - status: - description: The RPC status associated with the error log. - $ref: '#/components/schemas/GoogleRpcStatus' - requestPayload: description: >- - The API request payload, represented as a protocol buffer. Most API - request types are supported. For example: - "type.googleapis.com/google.cloud.retail.v2.ProductService.CreateProductRequest" - "type.googleapis.com/google.cloud.retail.v2.UserEventService.WriteUserEventRequest" - type: object - additionalProperties: - type: any - description: Properties of the object. - responsePayload: + Pub/Sub topic for receiving notification. If this field is set, when + the import is finished, a notification is sent to specified Pub/Sub + topic. The message data is JSON string of a Operation. Format of the + Pub/Sub topic is `projects/{project}/topics/{topic}`. + type: object + id: GoogleCloudRetailV2ImportMetadata + GoogleCloudRetailV2CompletionDataInputConfig: + description: The input config source for completion data. + properties: + bigQuerySource: + $ref: '#/components/schemas/GoogleCloudRetailV2BigQuerySource' description: >- - The API response payload, represented as a protocol buffer. This is - used to log some "soft errors", where the response is valid but we - consider there are some quality issues like unjoined events. The - following API responses are supported and no PII is included: - "google.cloud.retail.v2.PredictionService.Predict" - "google.cloud.retail.v2.UserEventService.WriteUserEvent" - "google.cloud.retail.v2.UserEventService.CollectUserEvent" - type: object - additionalProperties: - type: any - description: Properties of the object. - importPayload: - description: The error payload that is populated on LRO import APIs. - $ref: '#/components/schemas/GoogleCloudRetailLoggingImportErrorContext' - GoogleCloudRetailLoggingServiceContext: - id: GoogleCloudRetailLoggingServiceContext - description: Describes a running service that sends errors. + Required. BigQuery input source. Add the IAM permission "BigQuery + Data Viewer" for + cloud-retail-customer-data-access@system.gserviceaccount.com before + using this feature otherwise an error is thrown. + id: GoogleCloudRetailV2CompletionDataInputConfig type: object + GoogleCloudRetailV2alphaBigQueryOutputResult: + id: GoogleCloudRetailV2alphaBigQueryOutputResult properties: - service: - description: An identifier of the service. For example, "retail.googleapis.com". + datasetId: type: string - GoogleCloudRetailLoggingErrorContext: - id: GoogleCloudRetailLoggingErrorContext - description: A description of the context in which an error occurred. + description: The ID of a BigQuery Dataset. + tableId: + description: The ID of a BigQuery Table. + type: string + description: A BigQuery output result. type: object + GoogleCloudRetailV2ConversationalSearchRequestConversationalFilteringSpec: + description: >- + This field specifies all conversational filtering related parameters + addition to conversational retail search. + id: >- + GoogleCloudRetailV2ConversationalSearchRequestConversationalFilteringSpec properties: - httpRequest: - description: The HTTP request which was processed when the error was triggered. - $ref: '#/components/schemas/GoogleCloudRetailLoggingHttpRequestContext' - reportLocation: + conversationalFilteringMode: + type: string description: >- - The location in the source code where the decision was made to - report the error, usually the place where it was logged. - $ref: '#/components/schemas/GoogleCloudRetailLoggingSourceLocation' - GoogleCloudRetailLoggingHttpRequestContext: - id: GoogleCloudRetailLoggingHttpRequestContext - description: HTTP request data that is related to a reported error. + Optional. Mode to control Conversational Filtering. Defaults to + Mode.DISABLED if it's unset. + enumDescriptions: + - Default value. + - >- + Disables Conversational Filtering when using Conversational + Search. + - Enables Conversational Filtering when using Conversational Search. + - Enables Conversational Filtering without Conversational Search. + enum: + - MODE_UNSPECIFIED + - DISABLED + - ENABLED + - CONVERSATIONAL_FILTER_ONLY + enableConversationalFiltering: + deprecated: true + description: >- + Optional. This field is deprecated. Please use + ConversationalFilteringSpec.conversational_filtering_mode instead. + type: boolean + userAnswer: + $ref: >- + #/components/schemas/GoogleCloudRetailV2ConversationalSearchRequestUserAnswer + description: >- + Optional. This field specifies the current user answer during the + conversational filtering search. It can be either user selected from + suggested answers or user input plain text. + type: object + GoogleCloudRetailV2ConversationalSearchResponseConversationalFilteringResultAdditionalFilter: type: object + description: Additional filter that client side need to apply. properties: - responseStatusCode: - description: The HTTP response status code for the request. - type: integer - format: int32 - GoogleCloudRetailLoggingSourceLocation: - id: GoogleCloudRetailLoggingSourceLocation + productAttributeValue: + $ref: '#/components/schemas/GoogleCloudRetailV2ProductAttributeValue' + description: >- + Product attribute value, including an attribute key and an attribute + value. Other types can be added here in the future. + id: >- + GoogleCloudRetailV2ConversationalSearchResponseConversationalFilteringResultAdditionalFilter + GoogleCloudRetailV2alphaRemoveFulfillmentPlacesMetadata: description: >- - Indicates a location in the source code of the service for which errors - are reported. + Metadata related to the progress of the RemoveFulfillmentPlaces + operation. Currently empty because there is no meaningful metadata + populated from the ProductService.RemoveFulfillmentPlaces method. + id: GoogleCloudRetailV2alphaRemoveFulfillmentPlacesMetadata + type: object + properties: {} + GoogleCloudRetailV2betaModelFrequentlyBoughtTogetherFeaturesConfig: + id: GoogleCloudRetailV2betaModelFrequentlyBoughtTogetherFeaturesConfig type: object + description: Additional configs for the frequently-bought-together model type. properties: - functionName: + contextProductsType: description: >- - Human-readable name of a function or method. For example, - "google.cloud.retail.v2.UserEventService.ImportUserEvents". + Optional. Specifies the context of the model when it is used in + predict requests. Can only be set for the + `frequently-bought-together` type. If it isn't specified, it + defaults to MULTIPLE_CONTEXT_PRODUCTS. type: string - GoogleCloudRetailLoggingImportErrorContext: - id: GoogleCloudRetailLoggingImportErrorContext - description: >- - The error payload that is populated on LRO import APIs, including - "google.cloud.retail.v2.ProductService.ImportProducts" and - "google.cloud.retail.v2.EventService.ImportUserEvents". + enum: + - CONTEXT_PRODUCTS_TYPE_UNSPECIFIED + - SINGLE_CONTEXT_PRODUCT + - MULTIPLE_CONTEXT_PRODUCTS + enumDescriptions: + - >- + Unspecified default value, should never be explicitly set. + Defaults to MULTIPLE_CONTEXT_PRODUCTS. + - >- + Use only a single product as context for the recommendation. + Typically used on pages like add-to-cart or product details. + - >- + Use one or multiple products as context for the recommendation. + Typically used on shopping cart pages. + GoogleCloudRetailV2ProductLevelConfig: + id: GoogleCloudRetailV2ProductLevelConfig type: object + description: >- + Configures what level the product should be uploaded with regards to how + users will be send events and how predictions will be made. properties: - operationName: - description: The operation resource name of the LRO. - type: string - gcsPath: - description: >- - Cloud Storage file path of the import source. Can be set for batch - operation error. + ingestionProductType: type: string - lineNumber: description: >- - Line number of the content in file. Should be empty for permission - or batch operation error. + The type of Products allowed to be ingested into the catalog. + Acceptable values are: * `primary` (default): You can ingest + Products of all types. When ingesting a Product, its type will + default to Product.Type.PRIMARY if unset. * `variant` (incompatible + with Retail Search): You can only ingest Product.Type.VARIANT + Products. This means Product.primary_product_id cannot be empty. If + this field is set to an invalid value other than these, an + INVALID_ARGUMENT error is returned. If this field is `variant` and + merchant_center_product_id_field is `itemGroupId`, an + INVALID_ARGUMENT error is returned. See [Product + levels](https://cloud.google.com/retail/docs/catalog#product-levels) + for more details. + merchantCenterProductIdField: type: string - catalogItem: description: >- - The detailed content which caused the error on importing a catalog - item. - type: string - product: - description: The detailed content which caused the error on importing a product. + Which field of [Merchant Center + Product](/bigquery-transfer/docs/merchant-center-products-schema) + should be imported as Product.id. Acceptable values are: * `offerId` + (default): Import `offerId` as the product ID. * `itemGroupId`: + Import `itemGroupId` as the product ID. Notice that Retail API will + choose one item from the ones with the same `itemGroupId`, and use + it to represent the item group. If this field is set to an invalid + value other than these, an INVALID_ARGUMENT error is returned. If + this field is `itemGroupId` and ingestion_product_type is `variant`, + an INVALID_ARGUMENT error is returned. See [Product + levels](https://cloud.google.com/retail/docs/catalog#product-levels) + for more details. + GoogleCloudRetailV2AddControlRequest: + type: object + id: GoogleCloudRetailV2AddControlRequest + properties: + controlId: type: string - userEvent: description: >- - The detailed content which caused the error on importing a user - event. - type: string - GoogleCloudRetailV2AddFulfillmentPlacesMetadata: - id: GoogleCloudRetailV2AddFulfillmentPlacesMetadata + Required. The id of the control to apply. Assumed to be in the same + catalog as the serving config - if id is not found a NOT_FOUND error + is returned. + description: Request for AddControl method. + GoogleCloudRetailV2CatalogAttributeFacetConfigRerankConfig: description: >- - Metadata related to the progress of the AddFulfillmentPlaces operation. - Currently empty because there is no meaningful metadata populated from - the ProductService.AddFulfillmentPlaces method. + Options to rerank based on facet values engaged by the user for the + current key. That key needs to be a custom textual key and facetable. To + use this control, you also need to pass all the facet keys engaged by + the user in the request using the field [SearchRequest.FacetSpec]. In + particular, if you don't pass the facet keys engaged that you want to + rerank on, this control won't be effective. Moreover, to obtain better + results, the facet values that you want to rerank on should be close to + English (ideally made of words, underscores, and spaces). + id: GoogleCloudRetailV2CatalogAttributeFacetConfigRerankConfig + properties: + rerankFacet: + type: boolean + description: >- + If set to true, then we also rerank the dynamic facets based on the + facet values engaged by the user for the current attribute key + during serving. + facetValues: + type: array + items: + type: string + description: >- + If empty, rerank on all facet values for the current key. Otherwise, + will rerank on the facet values from this list only. type: object - properties: {} - GoogleCloudRetailV2AddFulfillmentPlacesResponse: - id: GoogleCloudRetailV2AddFulfillmentPlacesResponse - description: >- - Response of the AddFulfillmentPlacesRequest. Currently empty because - there is no meaningful response populated from the - ProductService.AddFulfillmentPlaces method. + GoogleCloudRetailV2TuneModelRequest: type: object - properties: {} - GoogleCloudRetailV2AddLocalInventoriesMetadata: - id: GoogleCloudRetailV2AddLocalInventoriesMetadata description: >- - Metadata related to the progress of the AddLocalInventories operation. - Currently empty because there is no meaningful metadata populated from - the ProductService.AddLocalInventories method. - type: object + Request to manually start a tuning process now (instead of waiting for + the periodically scheduled tuning to happen). + id: GoogleCloudRetailV2TuneModelRequest properties: {} - GoogleCloudRetailV2AddLocalInventoriesResponse: - id: GoogleCloudRetailV2AddLocalInventoriesResponse + GoogleCloudRetailV2PurgeUserEventsResponse: description: >- - Response of the ProductService.AddLocalInventories API. Currently empty - because there is no meaningful response populated from the - ProductService.AddLocalInventories method. - type: object - properties: {} - GoogleCloudRetailV2CreateModelMetadata: - id: GoogleCloudRetailV2CreateModelMetadata - description: Metadata associated with a create operation. - type: object + Response of the PurgeUserEventsRequest. If the long running operation is + successfully done, then this message is returned by the + google.longrunning.Operations.response field. properties: - model: - description: >- - The resource name of the model that this create applies to. Format: - `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` + purgedEventsCount: + format: int64 + description: The total count of events purged as a result of the operation. type: string - GoogleCloudRetailV2ExportAnalyticsMetricsResponse: - id: GoogleCloudRetailV2ExportAnalyticsMetricsResponse - description: >- - Response of the ExportAnalyticsMetricsRequest. If the long running - operation was successful, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorsConfig: - description: This field is never set. - $ref: '#/components/schemas/GoogleCloudRetailV2ExportErrorsConfig' - outputResult: - description: Output result indicating where the data were exported to. - $ref: '#/components/schemas/GoogleCloudRetailV2OutputResult' - GoogleCloudRetailV2ExportErrorsConfig: - id: GoogleCloudRetailV2ExportErrorsConfig - description: Configuration of destination for Export related errors. + id: GoogleCloudRetailV2PurgeUserEventsResponse + GoogleCloudRetailV2ExperimentInfo: + id: GoogleCloudRetailV2ExperimentInfo type: object properties: - gcsPrefix: + experiment: description: >- - Google Cloud Storage path for import errors. This must be an empty, - existing Cloud Storage bucket. Export errors will be written to a - file in this bucket, one per line, as a JSON-encoded - `google.rpc.Status` message. + The fully qualified resource name of the experiment that provides + the serving config under test, should an active experiment exist. + For example: + `projects/*/locations/global/catalogs/default_catalog/experiments/experiment_id` type: string - GoogleCloudRetailV2OutputResult: - id: GoogleCloudRetailV2OutputResult - description: >- - Output result that stores the information about where the exported data - is stored. - type: object - properties: - bigqueryResult: - description: The BigQuery location where the result is stored. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2BigQueryOutputResult' - gcsResult: - description: The Google Cloud Storage location where the result is stored. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2GcsOutputResult' - GoogleCloudRetailV2BigQueryOutputResult: - id: GoogleCloudRetailV2BigQueryOutputResult - description: A BigQuery output result. + servingConfigExperiment: + description: A/B test between existing Cloud Retail Search ServingConfigs. + $ref: >- + #/components/schemas/GoogleCloudRetailV2ExperimentInfoServingConfigExperiment + description: Metadata for active A/B testing experiment. + GoogleCloudRetailV2RuleFilterAction: type: object + description: >- + * Rule Condition: - No Condition.query_terms provided is a global match. + - 1 or more Condition.query_terms provided are combined with OR + operator. * Action Input: The request query and filter that are applied + to the retrieved products, in addition to any filters already provided + with the SearchRequest. The AND operator is used to combine the query's + existing filters with the filter rule(s). NOTE: May result in 0 results + when filters conflict. * Action Result: Filters the returned objects to + be ONLY those that passed the filter. + id: GoogleCloudRetailV2RuleFilterAction properties: - datasetId: - description: The ID of a BigQuery Dataset. - type: string - tableId: - description: The ID of a BigQuery Table. + filter: + description: >- + A filter to apply on the matching condition results. Supported + features: * filter must be set. * Filter syntax is identical to + SearchRequest.filter. For more information, see + [Filter](/retail/docs/filter-and-order#filter). * To filter products + with product ID "product_1" or "product_2", and color "Red" or + "Blue": *(id: ANY("product_1", "product_2")) * *AND * + *(colorFamilies: ANY("Red", "Blue")) * type: string - GoogleCloudRetailV2GcsOutputResult: - id: GoogleCloudRetailV2GcsOutputResult - description: A Gcs output result. + GoogleCloudRetailV2alphaAddLocalInventoriesResponse: + properties: {} + description: >- + Response of the ProductService.AddLocalInventories API. Currently empty + because there is no meaningful response populated from the + ProductService.AddLocalInventories method. type: object + id: GoogleCloudRetailV2alphaAddLocalInventoriesResponse + GoogleCloudRetailV2betaCreateModelMetadata: properties: - outputUri: - description: The uri of Gcs output + model: + description: >- + The resource name of the model that this create applies to. Format: + `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` type: string - GoogleCloudRetailV2ExportMetadata: - id: GoogleCloudRetailV2ExportMetadata - description: >- - Metadata related to the progress of the Export operation. This is - returned by the google.longrunning.Operation.metadata field. + description: Metadata associated with a create operation. + id: GoogleCloudRetailV2betaCreateModelMetadata type: object + GoogleCloudRetailV2UserEvent: + id: GoogleCloudRetailV2UserEvent properties: - createTime: - description: Operation create time. + uri: + description: >- + Complete URL (window.location.href) of the user's current page. When + using the client side event reporting with JavaScript pixel and + Google Tag Manager, this value is filled in automatically. Maximum + length 5,000 characters. + type: string + eventTime: type: string format: google-datetime - updateTime: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Only required for UserEventService.ImportUserEvents method. + Timestamp of when the user event happened. + filter: + description: >- + The filter syntax consists of an expression language for + constructing a predicate from one or more fields of the products + being filtered. See SearchRequest.filter for definition and syntax. + The value must be a UTF-8 encoded string with a length limit of + 1,000 characters. Otherwise, an INVALID_ARGUMENT error is returned. type: string - format: google-datetime - GoogleCloudRetailV2ImportCompletionDataResponse: - id: GoogleCloudRetailV2ImportCompletionDataResponse - description: >- - Response of the ImportCompletionDataRequest. If the long running - operation is done, this message is returned by the - google.longrunning.Operations.response field if the operation is - successful. - type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. + panels: type: array items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudRetailV2ImportMetadata: - id: GoogleCloudRetailV2ImportMetadata - description: >- - Metadata related to the progress of the Import operation. This is - returned by the google.longrunning.Operation.metadata field. - type: object - properties: - createTime: - description: Operation create time. + $ref: '#/components/schemas/GoogleCloudRetailV2PanelInfo' + description: >- + Optional. List of panels associated with this event. Used for + panel-level impression data. + pageViewId: + description: >- + A unique ID of a web page view. This should be kept the same for all + user events triggered from the same pageview. For example, an item + detail page view could trigger multiple events as the user is + browsing the page. The `pageViewId` property should be kept the same + for all these events so that they can be grouped together properly. + When using the client side event reporting with JavaScript pixel and + Google Tag Manager, this value is filled in automatically. type: string - format: google-datetime - updateTime: + completionDetail: + $ref: '#/components/schemas/GoogleCloudRetailV2CompletionDetail' description: >- - Operation last update time. If the operation is done, this is also - the finish time. + The main auto-completion details related to the event. This field + should be set for `search` event when autocomplete function is + enabled and the user clicks a suggestion for search. + pageCategories: + description: >- + The categories associated with a category page. To represent full + path of category, use '>' sign to separate different hierarchies. If + '>' is part of the category name, replace it with other + character(s). Category pages include special pages such as sales or + promotions. For instance, a special sale page may have the category + hierarchy: "pageCategories" : ["Sales > 2017 Black Friday Deals"]. + Required for `category-page-view` events. At least one of + search_query or page_categories is required for `search` events. + Other event types should not set this field. Otherwise, an + INVALID_ARGUMENT error is returned. + type: array + items: + type: string + attributionToken: + description: >- + Highly recommended for user events that are the result of + PredictionService.Predict. This field enables accurate attribution + of recommendation model performance. The value must be a valid + PredictResponse.attribution_token for user events that are the + result of PredictionService.Predict. The value must be a valid + SearchResponse.attribution_token for user events that are the result + of SearchService.Search. This token enables us to accurately + attribute page view or purchase back to the event and the particular + predict response containing this clicked/purchased product. If user + clicks on product K in the recommendation results, pass + PredictResponse.attribution_token as a URL parameter to product K's + page. When recording events on product K's page, log the + PredictResponse.attribution_token to this field. type: string - format: google-datetime - successCount: - description: Count of entries that were processed successfully. + experimentIds: + type: array + items: + type: string + description: >- + A list of identifiers for the independent experiment groups this + user event belongs to. This is used to distinguish between user + events associated with different experiment setups (e.g. using + Retail API, using different recommendation models). + productDetails: + type: array + items: + $ref: '#/components/schemas/GoogleCloudRetailV2ProductDetail' + description: >- + The main product details related to the event. This field is + optional except for the following event types: * `add-to-cart` * + `detail-page-view` * `purchase-complete` In a `search` event, this + field represents the products returned to the end user on the + current page (the end user may have not finished browsing the whole + page yet). When a new page is returned to the end user, after + pagination/filtering/ordering even for the same query, a new + `search` event with different product_details is desired. The end + user may have not finished browsing the whole page yet. + sessionId: + description: >- + A unique identifier for tracking a visitor session with a length + limit of 128 bytes. A session is an aggregation of an end user + behavior in a time span. A general guideline to populate the + session_id: 1. If user has no activity for 30 min, a new session_id + should be assigned. 2. The session_id should be unique across users, + suggest use uuid or add visitor_id as prefix. type: string - format: int64 - failureCount: - description: Count of entries that encountered errors while processing. + referrerUri: + description: >- + The referrer URL of the current page. When using the client side + event reporting with JavaScript pixel and Google Tag Manager, this + value is filled in automatically. type: string - format: int64 - requestId: - description: Deprecated. This field is never set. - deprecated: true + purchaseTransaction: + description: >- + A transaction represents the entire purchase transaction. Required + for `purchase-complete` events. Other event types should not set + this field. Otherwise, an INVALID_ARGUMENT error is returned. + $ref: '#/components/schemas/GoogleCloudRetailV2PurchaseTransaction' + orderBy: + description: >- + The order in which products are returned. See SearchRequest.order_by + for definition and syntax. The value must be a UTF-8 encoded string + with a length limit of 1,000 characters. Otherwise, an + INVALID_ARGUMENT error is returned. This can only be set for + `search` events. Other event types should not set this field. + Otherwise, an INVALID_ARGUMENT error is returned. type: string - notificationPubsubTopic: + entity: description: >- - Pub/Sub topic for receiving notification. If this field is set, when - the import is finished, a notification is sent to specified Pub/Sub - topic. The message data is JSON string of a Operation. Format of the - Pub/Sub topic is `projects/{project}/topics/{topic}`. + The entity for customers that may run multiple different entities, + domains, sites or regions, for example, `Google US`, `Google Ads`, + `Waymo`, `google.com`, `youtube.com`, etc. We recommend that you set + this field to get better per-entity search, completion, and + prediction results. type: string - GoogleCloudRetailV2ImportProductsResponse: - id: GoogleCloudRetailV2ImportProductsResponse - description: >- - Response of the ImportProductsRequest. If the long running operation is - done, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. + cartId: + type: string + description: >- + The ID or name of the associated shopping cart. This ID is used to + associate multiple items added or present in the cart before + purchase. This can only be set for `add-to-cart`, + `purchase-complete`, or `shopping-cart-page-view` events. + attributes: + description: >- + Extra user event features to include in the recommendation model. If + you provide custom attributes for ingested user events, also include + them in the user events that you associate with prediction requests. + Custom attribute formatting must be consistent between imported + events and events provided with prediction requests. This lets the + Retail API use those custom attributes when training models and + serving predictions, which helps improve recommendation quality. + This field needs to pass all below criteria, otherwise an + INVALID_ARGUMENT error is returned: * The key must be a UTF-8 + encoded string with a length limit of 5,000 characters. * For text + attributes, at most 400 values are allowed. Empty values are not + allowed. Each value must be a UTF-8 encoded string with a length + limit of 256 characters. * For number attributes, at most 400 values + are allowed. For product recommendations, an example of extra user + information is traffic_channel, which is how a user arrives at the + site. Users can arrive at the site by coming to the site directly, + coming through Google search, or in other ways. + additionalProperties: + $ref: '#/components/schemas/GoogleCloudRetailV2CustomAttribute' + type: object + searchQuery: + description: >- + The user's search query. See SearchRequest.query for definition. The + value must be a UTF-8 encoded string with a length limit of 5,000 + characters. Otherwise, an INVALID_ARGUMENT error is returned. At + least one of search_query or page_categories is required for + `search` events. Other event types should not set this field. + Otherwise, an INVALID_ARGUMENT error is returned. + type: string + eventType: + type: string + description: >- + Required. User event type. Allowed values are: * `add-to-cart`: + Products being added to cart. * `remove-from-cart`: Products being + removed from cart. * `category-page-view`: Special pages such as + sale or promotion pages viewed. * `detail-page-view`: Products + detail page viewed. * `home-page-view`: Homepage viewed. * + `purchase-complete`: User finishing a purchase. * `search`: Product + search. * `shopping-cart-page-view`: User viewing a shopping cart. + visitorId: + description: >- + Required. A unique identifier for tracking visitors. For example, + this could be implemented with an HTTP cookie, which should be able + to uniquely identify a visitor on a single device. This unique + identifier should not change if the visitor log in/out of the + website. Don't set the field to the same fixed ID for different + users. This mixes the event history of those users together, which + results in degraded model quality. The field must be a UTF-8 encoded + string with a length limit of 128 characters. Otherwise, an + INVALID_ARGUMENT error is returned. The field should not contain PII + or user-data. We recommend to use Google Analytics [Client + ID](https://developers.google.com/analytics/devguides/collection/analyticsjs/field-reference#clientId) + for this field. + type: string + offset: + type: integer + description: >- + An integer that specifies the current offset for pagination (the + 0-indexed starting location, amongst the products deemed by the API + as relevant). See SearchRequest.offset for definition. If this field + is negative, an INVALID_ARGUMENT is returned. This can only be set + for `search` events. Other event types should not set this field. + Otherwise, an INVALID_ARGUMENT error is returned. + format: int32 + userInfo: + $ref: '#/components/schemas/GoogleCloudRetailV2UserInfo' + description: User information. type: object + description: >- + UserEvent captures all metadata information Retail API needs to know + about how end users interact with customers' website. + GoogleCloudRetailV2alphaImportCompletionDataResponse: properties: errorSamples: - description: A sample of errors encountered while processing the request. type: array items: $ref: '#/components/schemas/GoogleRpcStatus' - errorsConfig: - description: >- - Echoes the destination for the complete errors in the request if - set. - $ref: '#/components/schemas/GoogleCloudRetailV2ImportErrorsConfig' - GoogleCloudRetailV2ImportUserEventsResponse: - id: GoogleCloudRetailV2ImportUserEventsResponse + description: A sample of errors encountered while processing the request. + id: GoogleCloudRetailV2alphaImportCompletionDataResponse description: >- - Response of the ImportUserEventsRequest. If the long running operation - was successful, then this message is returned by the - google.longrunning.Operations.response field if the operation was + Response of the ImportCompletionDataRequest. If the long running + operation is done, this message is returned by the + google.longrunning.Operations.response field if the operation is successful. type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorsConfig: - description: >- - Echoes the destination for the complete errors if this field was set - in the request. - $ref: '#/components/schemas/GoogleCloudRetailV2ImportErrorsConfig' - importSummary: - description: Aggregated statistics of user event import status. - $ref: '#/components/schemas/GoogleCloudRetailV2UserEventImportSummary' - GoogleCloudRetailV2UserEventImportSummary: - id: GoogleCloudRetailV2UserEventImportSummary + GoogleCloudRetailV2alphaMerchantCenterAccountLink: description: >- - A summary of import result. The UserEventImportSummary summarizes the - import status for user events. + Represents a link between a Merchant Center account and a branch. After + a link is established, products from the linked Merchant Center account + are streamed to the linked branch. type: object properties: - joinedEventsCount: + projectId: + readOnly: true + description: Output only. Google Cloud project ID. + type: string + id: + type: string description: >- - Count of user events imported with complete existing catalog - information. + Output only. Immutable. MerchantCenterAccountLink identifier, which + is the final component of name. This field is auto generated and + follows the convention: `BranchId_MerchantCenterAccountId`. + `projects/*/locations/global/catalogs/default_catalog/merchantCenterAccountLinks/id_1`. + readOnly: true + branchId: type: string - format: int64 - unjoinedEventsCount: description: >- - Count of user events imported, but with catalog information not - found in the imported catalog. + Required. The branch ID (e.g. 0/1/2) within the catalog that + products from merchant_center_account_id are streamed to. When + updating this field, an empty value will use the currently + configured default branch. However, changing the default branch + later on won't change the linked branch here. A single branch ID can + only have one linked Merchant Center account ID. + languageCode: type: string + description: >- + Language of the title/description and other string attributes. Use + language tags defined by [BCP + 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). ISO 639-1. This + specifies the language of offers in Merchant Center that will be + accepted. If empty, no language filtering will be performed. Example + value: `en`. + merchantCenterAccountId: format: int64 - GoogleCloudRetailV2PurgeMetadata: - id: GoogleCloudRetailV2PurgeMetadata - description: >- - Metadata related to the progress of the Purge operation. This will be - returned by the google.longrunning.Operation.metadata field. - type: object - properties: {} - GoogleCloudRetailV2PurgeProductsMetadata: - id: GoogleCloudRetailV2PurgeProductsMetadata - description: >- - Metadata related to the progress of the PurgeProducts operation. This - will be returned by the google.longrunning.Operation.metadata field. - type: object - properties: - createTime: - description: Operation create time. type: string - format: google-datetime - updateTime: description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string - format: google-datetime - successCount: - description: Count of entries that were deleted successfully. - type: string - format: int64 - failureCount: - description: Count of entries that encountered errors while processing. + Required. The linked [Merchant center account + id](https://developers.google.com/shopping-content/guides/accountstatuses). + The account must be a standalone account or a sub-account of a MCA. + name: + readOnly: true + description: >- + Output only. Immutable. Full resource name of the Merchant Center + Account Link, such as + `projects/*/locations/global/catalogs/default_catalog/merchantCenterAccountLinks/merchant_center_account_link`. type: string - format: int64 - GoogleCloudRetailV2PurgeProductsResponse: - id: GoogleCloudRetailV2PurgeProductsResponse - description: >- - Response of the PurgeProductsRequest. If the long running operation is - successfully done, then this message is returned by the - google.longrunning.Operations.response field. - type: object - properties: - purgeCount: - description: The total count of products purged as a result of the operation. + source: type: string - format: int64 - purgeSample: description: >- - A sample of the product names that will be deleted. Only populated - if `force` is set to false. A max of 100 names will be returned and - the names are chosen at random. + Optional. An optional arbitrary string that could be used as a tag + for tracking link source. + feedFilters: + description: >- + Criteria for the Merchant Center feeds to be ingested via the link. + All offers will be ingested if the list is empty. Otherwise the + offers will be ingested from selected feeds. type: array items: - type: string - GoogleCloudRetailV2PurgeUserEventsResponse: - id: GoogleCloudRetailV2PurgeUserEventsResponse - description: >- - Response of the PurgeUserEventsRequest. If the long running operation is - successfully done, then this message is returned by the - google.longrunning.Operations.response field. - type: object - properties: - purgedEventsCount: - description: The total count of events purged as a result of the operation. + $ref: >- + #/components/schemas/GoogleCloudRetailV2alphaMerchantCenterAccountLinkMerchantCenterFeedFilter + feedLabel: + description: >- + The FeedLabel used to perform filtering. Note: this replaces + [region_id](https://developers.google.com/shopping-content/reference/rest/v2.1/products#Product.FIELDS.feed_label). + Example value: `US`. Example value: `FeedLabel1`. type: string - format: int64 - GoogleCloudRetailV2RejoinUserEventsMetadata: - id: GoogleCloudRetailV2RejoinUserEventsMetadata - description: Metadata for `RejoinUserEvents` method. - type: object - properties: {} - GoogleCloudRetailV2RejoinUserEventsResponse: - id: GoogleCloudRetailV2RejoinUserEventsResponse - description: Response message for `RejoinUserEvents` method. - type: object - properties: - rejoinedUserEventsCount: - description: Number of user events that were joined with latest product catalog. + state: + description: Output only. Represents the state of the link. + enum: + - STATE_UNSPECIFIED + - PENDING + - ACTIVE + - FAILED + enumDescriptions: + - Default value. + - Link is created and LRO is not complete. + - Link is active. + - Link creation failed. type: string - format: int64 - GoogleCloudRetailV2RemoveFulfillmentPlacesMetadata: - id: GoogleCloudRetailV2RemoveFulfillmentPlacesMetadata - description: >- - Metadata related to the progress of the RemoveFulfillmentPlaces - operation. Currently empty because there is no meaningful metadata - populated from the ProductService.RemoveFulfillmentPlaces method. - type: object - properties: {} - GoogleCloudRetailV2RemoveFulfillmentPlacesResponse: - id: GoogleCloudRetailV2RemoveFulfillmentPlacesResponse - description: >- - Response of the RemoveFulfillmentPlacesRequest. Currently empty because - there is no meaningful response populated from the - ProductService.RemoveFulfillmentPlaces method. - type: object - properties: {} - GoogleCloudRetailV2RemoveLocalInventoriesMetadata: - id: GoogleCloudRetailV2RemoveLocalInventoriesMetadata - description: >- - Metadata related to the progress of the RemoveLocalInventories - operation. Currently empty because there is no meaningful metadata - populated from the ProductService.RemoveLocalInventories method. - type: object - properties: {} - GoogleCloudRetailV2RemoveLocalInventoriesResponse: - id: GoogleCloudRetailV2RemoveLocalInventoriesResponse - description: >- - Response of the ProductService.RemoveLocalInventories API. Currently - empty because there is no meaningful response populated from the - ProductService.RemoveLocalInventories method. - type: object - properties: {} - GoogleCloudRetailV2SetInventoryMetadata: - id: GoogleCloudRetailV2SetInventoryMetadata - description: >- - Metadata related to the progress of the SetInventory operation. - Currently empty because there is no meaningful metadata populated from - the ProductService.SetInventory method. - type: object - properties: {} - GoogleCloudRetailV2SetInventoryResponse: - id: GoogleCloudRetailV2SetInventoryResponse - description: >- - Response of the SetInventoryRequest. Currently empty because there is no - meaningful response populated from the ProductService.SetInventory - method. - type: object - properties: {} - GoogleCloudRetailV2TuneModelMetadata: - id: GoogleCloudRetailV2TuneModelMetadata - description: Metadata associated with a tune operation. + readOnly: true + id: GoogleCloudRetailV2alphaMerchantCenterAccountLink + GoogleCloudRetailV2ReplaceCatalogAttributeRequest: + id: GoogleCloudRetailV2ReplaceCatalogAttributeRequest type: object + description: Request for CatalogService.ReplaceCatalogAttribute method. properties: - model: + catalogAttribute: + $ref: '#/components/schemas/GoogleCloudRetailV2CatalogAttribute' + description: Required. The updated CatalogAttribute. + updateMask: description: >- - The resource name of the model that this tune applies to. Format: - `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` + Indicates which fields in the provided CatalogAttribute to update. + The following are NOT supported: * CatalogAttribute.key If not set, + all supported fields are updated. + format: google-fieldmask type: string - GoogleCloudRetailV2TuneModelResponse: - id: GoogleCloudRetailV2TuneModelResponse - description: Response associated with a tune operation. - type: object - properties: {} GoogleCloudRetailV2alphaAddFulfillmentPlacesMetadata: id: GoogleCloudRetailV2alphaAddFulfillmentPlacesMetadata + type: object description: >- Metadata related to the progress of the AddFulfillmentPlaces operation. Currently empty because there is no meaningful metadata populated from the ProductService.AddFulfillmentPlaces method. - type: object - properties: {} - GoogleCloudRetailV2alphaAddFulfillmentPlacesResponse: - id: GoogleCloudRetailV2alphaAddFulfillmentPlacesResponse - description: >- - Response of the AddFulfillmentPlacesRequest. Currently empty because - there is no meaningful response populated from the - ProductService.AddFulfillmentPlaces method. - type: object - properties: {} - GoogleCloudRetailV2alphaAddLocalInventoriesMetadata: - id: GoogleCloudRetailV2alphaAddLocalInventoriesMetadata - description: >- - Metadata related to the progress of the AddLocalInventories operation. - Currently empty because there is no meaningful metadata populated from - the ProductService.AddLocalInventories method. - type: object - properties: {} - GoogleCloudRetailV2alphaAddLocalInventoriesResponse: - id: GoogleCloudRetailV2alphaAddLocalInventoriesResponse - description: >- - Response of the ProductService.AddLocalInventories API. Currently empty - because there is no meaningful response populated from the - ProductService.AddLocalInventories method. - type: object properties: {} - GoogleCloudRetailV2alphaCreateMerchantCenterAccountLinkMetadata: - id: GoogleCloudRetailV2alphaCreateMerchantCenterAccountLinkMetadata - description: Common metadata related to the progress of the operations. + GoogleCloudRetailV2PredictResponsePredictionResult: type: object properties: - createTime: - description: Operation create time. + metadata: + type: object + additionalProperties: + type: any + description: >- + Additional product metadata / annotations. Possible values: * + `product`: JSON representation of the product. Is set if + `returnProduct` is set to true in `PredictRequest.params`. * + `score`: Prediction score in double value. Is set if `returnScore` + is set to true in `PredictRequest.params`. + id: + description: ID of the recommended product + type: string + description: PredictionResult represents the recommendation prediction results. + id: GoogleCloudRetailV2PredictResponsePredictionResult + GoogleCloudRetailV2PriceInfo: + id: GoogleCloudRetailV2PriceInfo + properties: + currencyCode: + description: >- + The 3-letter currency code defined in [ISO + 4217](https://www.iso.org/iso-4217-currency-codes.html). If this + field is an unrecognizable currency code, an INVALID_ARGUMENT error + is returned. The Product.Type.VARIANT Products with the same + Product.primary_product_id must share the same currency_code. + Otherwise, a FAILED_PRECONDITION error is returned. type: string + priceEffectiveTime: format: google-datetime - updateTime: + type: string description: >- - Operation last update time. If the operation is done, this is also - the finish time. + The timestamp when the price starts to be effective. This can be set + as a future timestamp, and the price is only used for search after + price_effective_time. If so, the original_price must be set and + original_price is used before price_effective_time. Do not set if + price is always effective because it will cause additional latency + during search. + price: + description: >- + Price of the product. Google Merchant Center property + [price](https://support.google.com/merchants/answer/6324371). + Schema.org property [Offer.price](https://schema.org/price). + type: number + format: float + cost: + description: >- + The costs associated with the sale of a particular product. Used for + gross profit reporting. * Profit = price - cost Google Merchant + Center property + [cost_of_goods_sold](https://support.google.com/merchants/answer/9017895). + type: number + format: float + originalPrice: + description: >- + Price of the product without any discount. If zero, by default set + to be the price. If set, original_price should be greater than or + equal to price, otherwise an INVALID_ARGUMENT error is thrown. + format: float + type: number + priceExpireTime: type: string + description: >- + The timestamp when the price stops to be effective. The price is + used for search before price_expire_time. If this field is set, the + original_price must be set and original_price is used after + price_expire_time. Do not set if price is always effective because + it will cause additional latency during search. format: google-datetime - GoogleCloudRetailV2alphaCreateModelMetadata: - id: GoogleCloudRetailV2alphaCreateModelMetadata - description: Metadata associated with a create operation. + priceRange: + description: >- + Output only. The price range of all the child Product.Type.VARIANT + Products grouped together on the Product.Type.PRIMARY Product. Only + populated for Product.Type.PRIMARY Products. Note: This field is + OUTPUT_ONLY for ProductService.GetProduct. Do not set this field in + API requests. + $ref: '#/components/schemas/GoogleCloudRetailV2PriceInfoPriceRange' + readOnly: true + type: object + description: The price information of a Product. + GoogleCloudRetailV2CollectUserEventRequest: type: object + description: Request message for CollectUserEvent method. + id: GoogleCloudRetailV2CollectUserEventRequest properties: - model: + prebuiltRule: description: >- - The resource name of the model that this create applies to. Format: - `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` + The prebuilt rule name that can convert a specific type of raw_json. + For example: "ga4_bq" rule for the GA4 user event schema. type: string - GoogleCloudRetailV2alphaEnrollSolutionMetadata: - id: GoogleCloudRetailV2alphaEnrollSolutionMetadata - description: >- - Metadata related to the EnrollSolution method. This will be returned by - the google.longrunning.Operation.metadata field. - type: object + userEvent: + type: string + description: >- + Required. URL encoded UserEvent proto with a length limit of + 2,000,000 characters. + rawJson: + description: >- + An arbitrary serialized JSON string that contains necessary + information that can comprise a user event. When this field is + specified, the user_event field will be ignored. Note: + line-delimited JSON is not supported, a single JSON only. + type: string + uri: + description: >- + The URL including cgi-parameters but excluding the hash fragment + with a length limit of 5,000 characters. This is often more useful + than the referer URL, because many browsers only send the domain for + 3rd party requests. + type: string + ets: + description: >- + The event timestamp in milliseconds. This prevents browser caching + of otherwise identical get requests. The name is abbreviated to + reduce the payload bytes. + format: int64 + type: string + GoogleCloudRetailV2alphaRejoinUserEventsMetadata: properties: {} - GoogleCloudRetailV2alphaEnrollSolutionResponse: - id: GoogleCloudRetailV2alphaEnrollSolutionResponse - description: Response for EnrollSolution method. + id: GoogleCloudRetailV2alphaRejoinUserEventsMetadata + description: Metadata for `RejoinUserEvents` method. type: object + GoogleCloudRetailLoggingServiceContext: + id: GoogleCloudRetailLoggingServiceContext properties: - enrolledSolution: - description: Retail API solution that the project has enrolled. + service: + description: An identifier of the service. For example, "retail.googleapis.com". type: string - enumDescriptions: - - Default value. - - Used for Recommendations AI. - - Used for Retail Search. - enum: - - SOLUTION_TYPE_UNSPECIFIED - - SOLUTION_TYPE_RECOMMENDATION - - SOLUTION_TYPE_SEARCH - GoogleCloudRetailV2alphaExportAnalyticsMetricsResponse: - id: GoogleCloudRetailV2alphaExportAnalyticsMetricsResponse + description: Describes a running service that sends errors. + type: object + GoogleCloudRetailV2alphaExportErrorsConfig: + description: Configuration of destination for Export related errors. + properties: + gcsPrefix: + description: >- + Google Cloud Storage path for import errors. This must be an empty, + existing Cloud Storage bucket. Export errors will be written to a + file in this bucket, one per line, as a JSON-encoded + `google.rpc.Status` message. + type: string + type: object + id: GoogleCloudRetailV2alphaExportErrorsConfig + GoogleCloudRetailV2ListControlsResponse: + type: object + properties: + controls: + description: All the Controls for a given catalog. + items: + $ref: '#/components/schemas/GoogleCloudRetailV2Control' + type: array + nextPageToken: + type: string + description: Pagination token, if not returned indicates the last page. + id: GoogleCloudRetailV2ListControlsResponse + description: Response for ListControls method. + GoogleCloudRetailV2betaRemoveLocalInventoriesMetadata: + type: object description: >- - Response of the ExportAnalyticsMetricsRequest. If the long running - operation was successful, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. + Metadata related to the progress of the RemoveLocalInventories + operation. Currently empty because there is no meaningful metadata + populated from the ProductService.RemoveLocalInventories method. + id: GoogleCloudRetailV2betaRemoveLocalInventoriesMetadata + properties: {} + GoogleCloudRetailV2PurgeProductsRequest: type: object + id: GoogleCloudRetailV2PurgeProductsRequest properties: - errorSamples: - description: A sample of errors encountered while processing the request. + filter: + description: >- + Required. The filter string to specify the products to be deleted + with a length limit of 5,000 characters. Empty string filter is not + allowed. "*" implies delete all items in a branch. The eligible + fields for filtering are: * `availability`: Double quoted + Product.availability string. * `create_time` : in ISO 8601 "zulu" + format. Supported syntax: * Comparators (">", "<", ">=", "<=", "="). + Examples: * create_time <= "2015-02-13T17:05:46Z" * availability = + "IN_STOCK" * Conjunctions ("AND") Examples: * create_time <= + "2015-02-13T17:05:46Z" AND availability = "PREORDER" * Disjunctions + ("OR") Examples: * create_time <= "2015-02-13T17:05:46Z" OR + availability = "IN_STOCK" * Can support nested queries. Examples: * + (create_time <= "2015-02-13T17:05:46Z" AND availability = + "PREORDER") OR (create_time >= "2015-02-14T13:03:32Z" AND + availability = "IN_STOCK") * Filter Limits: * Filter should not + contain more than 6 conditions. * Max nesting depth should not + exceed 2 levels. Examples queries: * Delete back order products + created before a timestamp. create_time <= "2015-02-13T17:05:46Z" OR + availability = "BACKORDER" + type: string + force: + description: >- + Actually perform the purge. If `force` is set to false, the method + will return the expected purge count without deleting any products. + type: boolean + description: Request message for PurgeProducts method. + GoogleCloudRetailV2PredictResponse: + properties: + validateOnly: + description: True if the validateOnly property was set in the request. + type: boolean + results: + items: + $ref: >- + #/components/schemas/GoogleCloudRetailV2PredictResponsePredictionResult + type: array + description: >- + A list of recommended products. The order represents the ranking + (from the most relevant product to the least). + missingIds: type: array items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorsConfig: - description: This field is never set. - $ref: '#/components/schemas/GoogleCloudRetailV2alphaExportErrorsConfig' - outputResult: - description: Output result indicating where the data were exported to. - $ref: '#/components/schemas/GoogleCloudRetailV2alphaOutputResult' - GoogleCloudRetailV2alphaExportErrorsConfig: - id: GoogleCloudRetailV2alphaExportErrorsConfig - description: Configuration of destination for Export related errors. + type: string + description: IDs of products in the request that were missing from the inventory. + attributionToken: + description: >- + A unique attribution token. This should be included in the UserEvent + logs resulting from this recommendation, which enables accurate + attribution of recommendation model performance. + type: string + id: GoogleCloudRetailV2PredictResponse type: object + description: Response message for predict method. + GoogleCloudRetailV2UserEventImportSummary: properties: - gcsPrefix: + unjoinedEventsCount: + type: string + format: int64 description: >- - Google Cloud Storage path for import errors. This must be an empty, - existing Cloud Storage bucket. Export errors will be written to a - file in this bucket, one per line, as a JSON-encoded - `google.rpc.Status` message. + Count of user events imported, but with catalog information not + found in the imported catalog. + joinedEventsCount: + format: int64 type: string - GoogleCloudRetailV2alphaOutputResult: - id: GoogleCloudRetailV2alphaOutputResult + description: >- + Count of user events imported with complete existing catalog + information. + type: object + id: GoogleCloudRetailV2UserEventImportSummary description: >- - Output result that stores the information about where the exported data - is stored. + A summary of import result. The UserEventImportSummary summarizes the + import status for user events. + GoogleCloudRetailV2RejoinUserEventsMetadata: + properties: {} type: object + description: Metadata for `RejoinUserEvents` method. + id: GoogleCloudRetailV2RejoinUserEventsMetadata + GoogleCloudRetailV2SearchRequestFacetSpec: properties: - bigqueryResult: - description: The BigQuery location where the result is stored. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2alphaBigQueryOutputResult' - gcsResult: - description: The Google Cloud Storage location where the result is stored. + excludedFilterKeys: type: array items: - $ref: '#/components/schemas/GoogleCloudRetailV2alphaGcsOutputResult' - GoogleCloudRetailV2alphaBigQueryOutputResult: - id: GoogleCloudRetailV2alphaBigQueryOutputResult - description: A BigQuery output result. + type: string + description: >- + List of keys to exclude when faceting. By default, FacetKey.key is + not excluded from the filter unless it is listed in this field. + Listing a facet key in this field allows its values to appear as + facet results, even when they are filtered out of search results. + Using this field does not affect what search results are returned. + For example, suppose there are 100 products with the color facet + "Red" and 200 products with the color facet "Blue". A query + containing the filter "colorFamilies:ANY("Red")" and having + "colorFamilies" as FacetKey.key would by default return only "Red" + products in the search results, and also return "Red" with count 100 + as the only color facet. Although there are also blue products + available, "Blue" would not be shown as an available facet value. If + "colorFamilies" is listed in "excludedFilterKeys", then the query + returns the facet values "Red" with count 100 and "Blue" with count + 200, because the "colorFamilies" key is now excluded from the + filter. Because this field doesn't affect search results, the search + results are still correctly filtered to return only "Red" products. + A maximum of 100 values are allowed. Otherwise, an INVALID_ARGUMENT + error is returned. + enableDynamicPosition: + description: >- + Enables dynamic position for this facet. If set to true, the + position of this facet among all facets in the response is + determined by Google Retail Search. It is ordered together with + dynamic facets if dynamic facets is enabled. If set to false, the + position of this facet in the response is the same as in the + request, and it is ranked before the facets with dynamic position + enable and all dynamic facets. For example, you may always want to + have rating facet returned in the response, but it's not necessarily + to always display the rating facet at the top. In that case, you can + set enable_dynamic_position to true so that the position of rating + facet in response is determined by Google Retail Search. Another + example, assuming you have the following facets in the request: * + "rating", enable_dynamic_position = true * "price", + enable_dynamic_position = false * "brands", enable_dynamic_position + = false And also you have a dynamic facets enable, which generates a + facet "gender". Then, the final order of the facets in the response + can be ("price", "brands", "rating", "gender") or ("price", + "brands", "gender", "rating") depends on how Google Retail Search + orders "gender" and "rating" facets. However, notice that "price" + and "brands" are always ranked at first and second position because + their enable_dynamic_position values are false. + type: boolean + limit: + description: >- + Maximum of facet values that should be returned for this facet. If + unspecified, defaults to 50. The maximum allowed value is 300. + Values above 300 will be coerced to 300. If this field is negative, + an INVALID_ARGUMENT is returned. + type: integer + format: int32 + facetKey: + $ref: >- + #/components/schemas/GoogleCloudRetailV2SearchRequestFacetSpecFacetKey + description: Required. The facet key specification. type: object + description: A facet specification to perform faceted search. + id: GoogleCloudRetailV2SearchRequestFacetSpec + GoogleCloudRetailV2ConversationalSearchResponseFollowupQuestion: properties: - datasetId: - description: The ID of a BigQuery Dataset. - type: string - tableId: - description: The ID of a BigQuery Table. + suggestedAnswers: + type: array + description: The answer options provided to client for the follow-up question. + items: + $ref: >- + #/components/schemas/GoogleCloudRetailV2ConversationalSearchResponseFollowupQuestionSuggestedAnswer + followupQuestion: + description: >- + The conversational followup question generated for Intent + refinement. type: string - GoogleCloudRetailV2alphaGcsOutputResult: - id: GoogleCloudRetailV2alphaGcsOutputResult - description: A Gcs output result. type: object - properties: - outputUri: - description: The uri of Gcs output - type: string - GoogleCloudRetailV2alphaExportMetadata: - id: GoogleCloudRetailV2alphaExportMetadata - description: >- - Metadata related to the progress of the Export operation. This is - returned by the google.longrunning.Operation.metadata field. + description: The conversational followup question generated for Intent refinement. + id: GoogleCloudRetailV2ConversationalSearchResponseFollowupQuestion + GoogleCloudRetailV2CatalogAttributeFacetConfigIgnoredFacetValues: type: object + description: >- + Facet values to ignore on facets during the specified time range for the + given SearchResponse.Facet.key attribute. properties: - createTime: - description: Operation create time. + values: + type: array + description: >- + List of facet values to ignore for the following time range. The + facet values are the same as the attribute values. There is a limit + of 10 values per instance of IgnoredFacetValues. Each value can have + at most 128 characters. + items: + type: string + endTime: type: string format: google-datetime - updateTime: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + If start time is empty and end time is not empty, then ignore these + facet values before end time. + startTime: + description: >- + Time range for the current list of facet values to ignore. If + multiple time ranges are specified for an facet value for the + current attribute, consider all of them. If both are empty, ignore + always. If start time and end time are set, then start time must be + before end time. If start time is not empty and end time is empty, + then will ignore these facet values after the start time. type: string format: google-datetime - GoogleCloudRetailV2alphaExportProductsResponse: - id: GoogleCloudRetailV2alphaExportProductsResponse - description: >- - Response of the ExportProductsRequest. If the long running operation is - done, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. - type: object + id: GoogleCloudRetailV2CatalogAttributeFacetConfigIgnoredFacetValues + GoogleCloudRetailV2IntentClassificationConfigInlineSource: properties: - errorSamples: - description: A sample of errors encountered while processing the request. + inlineForceIntents: + description: Optional. A list of inline force intent classifications. type: array items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorsConfig: - description: This field is never set. - $ref: '#/components/schemas/GoogleCloudRetailV2alphaExportErrorsConfig' - outputResult: - description: Output result indicating where the data were exported to. - $ref: '#/components/schemas/GoogleCloudRetailV2alphaOutputResult' - GoogleCloudRetailV2alphaExportUserEventsResponse: - id: GoogleCloudRetailV2alphaExportUserEventsResponse + $ref: >- + #/components/schemas/GoogleCloudRetailV2IntentClassificationConfigInlineForceIntent + description: Inline source for intent classifications. + id: GoogleCloudRetailV2IntentClassificationConfigInlineSource + type: object + GoogleCloudRetailV2ConversationalSearchRequestUserAnswerSelectedAnswer: + properties: + productAttributeValue: + description: >- + Optional. This field specifies the selected answer which is a + attribute key-value. + $ref: '#/components/schemas/GoogleCloudRetailV2ProductAttributeValue' description: >- - Response of the ExportUserEventsRequest. If the long running operation - was successful, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. + This field specifies the selected answers during the conversational + search. type: object + id: GoogleCloudRetailV2ConversationalSearchRequestUserAnswerSelectedAnswer + GoogleCloudRetailV2CustomAttribute: properties: - errorSamples: - description: A sample of errors encountered while processing the request. + numbers: + items: + type: number + format: double + description: >- + The numerical values of this custom attribute. For example, `[2.3, + 15.4]` when the key is "lengths_cm". Exactly one of text or numbers + should be set. Otherwise, an INVALID_ARGUMENT error is returned. + type: array + searchable: + description: >- + This field is normally ignored unless + AttributesConfig.attribute_config_level of the Catalog is set to the + deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information + about product-level attribute configuration, see [Configuration + modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). + If true, custom attribute values are searchable by text queries in + SearchService.Search. This field is ignored in a UserEvent. Only set + if type text is set. Otherwise, a INVALID_ARGUMENT error is + returned. + type: boolean + deprecated: true + indexable: + description: >- + This field is normally ignored unless + AttributesConfig.attribute_config_level of the Catalog is set to the + deprecated 'PRODUCT_LEVEL_ATTRIBUTE_CONFIG' mode. For information + about product-level attribute configuration, see [Configuration + modes](https://cloud.google.com/retail/docs/attribute-config#config-modes). + If true, custom attribute values are indexed, so that they can be + filtered, faceted or boosted in SearchService.Search. This field is + ignored in a UserEvent. See SearchRequest.filter, + SearchRequest.facet_specs and SearchRequest.boost_spec for more + details. + type: boolean + deprecated: true + text: type: array + description: >- + The textual values of this custom attribute. For example, + `["yellow", "green"]` when the key is "color". Empty string is not + allowed. Otherwise, an INVALID_ARGUMENT error is returned. Exactly + one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT + error is returned. items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorsConfig: - description: This field is never set. - $ref: '#/components/schemas/GoogleCloudRetailV2alphaExportErrorsConfig' - outputResult: - description: Output result indicating where the data were exported to. - $ref: '#/components/schemas/GoogleCloudRetailV2alphaOutputResult' - GoogleCloudRetailV2alphaImportCompletionDataResponse: - id: GoogleCloudRetailV2alphaImportCompletionDataResponse - description: >- - Response of the ImportCompletionDataRequest. If the long running - operation is done, this message is returned by the - google.longrunning.Operations.response field if the operation is - successful. + type: string + description: A custom attribute that is not explicitly modeled in Product. + id: GoogleCloudRetailV2CustomAttribute type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudRetailV2alphaImportErrorsConfig: - id: GoogleCloudRetailV2alphaImportErrorsConfig - description: Configuration of destination for Import related errors. + GoogleCloudRetailV2alphaPurgeMetadata: + id: GoogleCloudRetailV2alphaPurgeMetadata + description: >- + Metadata related to the progress of the Purge operation. This will be + returned by the google.longrunning.Operation.metadata field. type: object - properties: - gcsPrefix: - description: >- - Google Cloud Storage prefix for import errors. This must be an - empty, existing Cloud Storage directory. Import errors are written - to sharded files in this directory, one per line, as a JSON-encoded - `google.rpc.Status` message. - type: string + properties: {} GoogleCloudRetailV2alphaImportMetadata: - id: GoogleCloudRetailV2alphaImportMetadata + type: object description: >- Metadata related to the progress of the Import operation. This is returned by the google.longrunning.Operation.metadata field. - type: object + id: GoogleCloudRetailV2alphaImportMetadata properties: + failureCount: + format: int64 + description: Count of entries that encountered errors while processing. + type: string + transformedUserEventsMetadata: + description: Metadata related to transform user events. + $ref: >- + #/components/schemas/GoogleCloudRetailV2alphaTransformedUserEventsMetadata + successCount: + type: string + format: int64 + description: Count of entries that were processed successfully. createTime: - description: Operation create time. type: string format: google-datetime + description: Operation create time. + notificationPubsubTopic: + type: string + description: >- + Pub/Sub topic for receiving notification. If this field is set, when + the import is finished, a notification is sent to specified Pub/Sub + topic. The message data is JSON string of a Operation. Format of the + Pub/Sub topic is `projects/{project}/topics/{topic}`. updateTime: + format: google-datetime description: >- Operation last update time. If the operation is done, this is also the finish time. type: string - format: google-datetime - successCount: - description: Count of entries that were processed successfully. - type: string - format: int64 - failureCount: - description: Count of entries that encountered errors while processing. - type: string - format: int64 requestId: - description: Deprecated. This field is never set. deprecated: true type: string + description: Deprecated. This field is never set. + GoogleCloudRetailV2ConversationalSearchResponseConversationalFilteringResult: + type: object + id: >- + GoogleCloudRetailV2ConversationalSearchResponseConversationalFilteringResult + properties: + additionalFilter: + description: >- + This is the incremental additional filters implied from the current + user answer. User should add the suggested addition filters to the + previous ConversationalSearchRequest.search_params.filter and + SearchRequest.filter, and use the merged filter in the follow up + requests. + $ref: >- + #/components/schemas/GoogleCloudRetailV2ConversationalSearchResponseConversationalFilteringResultAdditionalFilter + followupQuestion: + description: The conversational filtering question. + $ref: >- + #/components/schemas/GoogleCloudRetailV2ConversationalSearchResponseFollowupQuestion + description: >- + This field specifies all related information that is needed on client + side for UI rendering of conversational filtering search. + GoogleCloudRetailV2ImportCompletionDataRequest: + type: object + id: GoogleCloudRetailV2ImportCompletionDataRequest + properties: + inputConfig: + $ref: '#/components/schemas/GoogleCloudRetailV2CompletionDataInputConfig' + description: Required. The desired input location of the data. notificationPubsubTopic: + type: string description: >- Pub/Sub topic for receiving notification. If this field is set, when the import is finished, a notification is sent to specified Pub/Sub topic. The message data is JSON string of a Operation. Format of the Pub/Sub topic is `projects/{project}/topics/{topic}`. - type: string - transformedUserEventsMetadata: - description: Metadata related to transform user events. - $ref: >- - #/components/schemas/GoogleCloudRetailV2alphaTransformedUserEventsMetadata - GoogleCloudRetailV2alphaTransformedUserEventsMetadata: - id: GoogleCloudRetailV2alphaTransformedUserEventsMetadata - description: Metadata related to transform user events operation. + description: Request message for ImportCompletionData methods. + GoogleCloudRetailV2alphaTuneModelMetadata: type: object properties: - sourceEventsCount: - description: Count of entries in the source user events BigQuery table. + model: type: string - format: int64 - transformedEventsCount: description: >- - Count of entries in the transformed user events BigQuery table, - which could be different from the actually imported number of user - events. - type: string - format: int64 - GoogleCloudRetailV2alphaImportProductsResponse: - id: GoogleCloudRetailV2alphaImportProductsResponse - description: >- - Response of the ImportProductsRequest. If the long running operation is - done, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. + The resource name of the model that this tune applies to. Format: + `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` + id: GoogleCloudRetailV2alphaTuneModelMetadata + description: Metadata associated with a tune operation. + GoogleCloudRetailV2CreateModelMetadata: type: object properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorsConfig: + model: description: >- - Echoes the destination for the complete errors in the request if - set. - $ref: '#/components/schemas/GoogleCloudRetailV2alphaImportErrorsConfig' - GoogleCloudRetailV2alphaImportUserEventsResponse: - id: GoogleCloudRetailV2alphaImportUserEventsResponse - description: >- - Response of the ImportUserEventsRequest. If the long running operation - was successful, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. + The resource name of the model that this create applies to. Format: + `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` + type: string + id: GoogleCloudRetailV2CreateModelMetadata + description: Metadata associated with a create operation. + GoogleCloudRetailV2alphaRemoveFulfillmentPlacesResponse: type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorsConfig: - description: >- - Echoes the destination for the complete errors if this field was set - in the request. - $ref: '#/components/schemas/GoogleCloudRetailV2alphaImportErrorsConfig' - importSummary: - description: Aggregated statistics of user event import status. - $ref: '#/components/schemas/GoogleCloudRetailV2alphaUserEventImportSummary' - GoogleCloudRetailV2alphaUserEventImportSummary: - id: GoogleCloudRetailV2alphaUserEventImportSummary + id: GoogleCloudRetailV2alphaRemoveFulfillmentPlacesResponse description: >- - A summary of import result. The UserEventImportSummary summarizes the - import status for user events. + Response of the RemoveFulfillmentPlacesRequest. Currently empty because + there is no meaningful response populated from the + ProductService.RemoveFulfillmentPlaces method. + properties: {} + GoogleProtobufEmpty: + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: GoogleProtobufEmpty + type: object + properties: {} + GoogleCloudRetailV2alphaGcsOutputResult: + id: GoogleCloudRetailV2alphaGcsOutputResult type: object properties: - joinedEventsCount: - description: >- - Count of user events imported with complete existing catalog - information. - type: string - format: int64 - unjoinedEventsCount: - description: >- - Count of user events imported, but with catalog information not - found in the imported catalog. + outputUri: + description: The uri of Gcs output type: string - format: int64 - GoogleCloudRetailV2alphaMerchantCenterAccountLink: - id: GoogleCloudRetailV2alphaMerchantCenterAccountLink - description: >- - Represents a link between a Merchant Center account and a branch. After - a link is established, products from the linked Merchant Center account - are streamed to the linked branch. + description: A Gcs output result. + GoogleCloudRetailLoggingImportErrorContext: type: object + id: GoogleCloudRetailLoggingImportErrorContext properties: - name: - description: >- - Output only. Immutable. Full resource name of the Merchant Center - Account Link, such as - `projects/*/locations/global/catalogs/default_catalog/merchantCenterAccountLinks/merchant_center_account_link`. - readOnly: true + userEvent: type: string - id: description: >- - Output only. Immutable. MerchantCenterAccountLink identifier, which - is the final component of name. This field is auto generated and - follows the convention: `BranchId_MerchantCenterAccountId`. - `projects/*/locations/global/catalogs/default_catalog/merchantCenterAccountLinks/id_1`. - readOnly: true - type: string - merchantCenterAccountId: + The detailed content which caused the error on importing a user + event. + gcsPath: description: >- - Required. The linked [Merchant center account - id](https://developers.google.com/shopping-content/guides/accountstatuses). - The account must be a standalone account or a sub-account of a MCA. + Cloud Storage file path of the import source. Can be set for batch + operation error. type: string - format: int64 - branchId: - description: >- - Required. The branch ID (e.g. 0/1/2) within the catalog that - products from merchant_center_account_id are streamed to. When - updating this field, an empty value will use the currently - configured default branch. However, changing the default branch - later on won't change the linked branch here. A single branch ID can - only have one linked Merchant Center account ID. + catalogItem: type: string - feedLabel: description: >- - The FeedLabel used to perform filtering. Note: this replaces - [region_id](https://developers.google.com/shopping-content/reference/rest/v2.1/products#Product.FIELDS.feed_label). - Example value: `US`. Example value: `FeedLabel1`. + The detailed content which caused the error on importing a catalog + item. + lineNumber: type: string - languageCode: description: >- - Language of the title/description and other string attributes. Use - language tags defined by [BCP - 47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). ISO 639-1. This - specifies the language of offers in Merchant Center that will be - accepted. If empty, no language filtering will be performed. Example - value: `en`. + Line number of the content in file. Should be empty for permission + or batch operation error. + operationName: + description: The operation resource name of the LRO. type: string - feedFilters: + product: + type: string + description: The detailed content which caused the error on importing a product. + description: >- + The error payload that is populated on LRO import APIs, including + "google.cloud.retail.v2.ProductService.ImportProducts" and + "google.cloud.retail.v2.EventService.ImportUserEvents". + GoogleCloudRetailV2ColorInfo: + properties: + colorFamilies: + type: array description: >- - Criteria for the Merchant Center feeds to be ingested via the link. - All offers will be ingested if the list is empty. Otherwise the - offers will be ingested from selected feeds. + The standard color families. Strongly recommended to use the + following standard color groups: "Red", "Pink", "Orange", "Yellow", + "Purple", "Green", "Cyan", "Blue", "Brown", "White", "Gray", "Black" + and "Mixed". Normally it is expected to have only 1 color family. + May consider using single "Mixed" instead of multiple values. A + maximum of 5 values are allowed. Each value must be a UTF-8 encoded + string with a length limit of 128 characters. Otherwise, an + INVALID_ARGUMENT error is returned. Google Merchant Center property + [color](https://support.google.com/merchants/answer/6324487). + Schema.org property [Product.color](https://schema.org/color). The + colorFamilies field as a system attribute is not a required field + but strongly recommended to be specified. Google Search models treat + this field as more important than a custom product attribute when + specified. + items: + type: string + colors: type: array items: - $ref: >- - #/components/schemas/GoogleCloudRetailV2alphaMerchantCenterAccountLinkMerchantCenterFeedFilter - state: - description: Output only. Represents the state of the link. - readOnly: true - type: string - enumDescriptions: - - Default value. - - Link is created and LRO is not complete. - - Link is active. - - Link creation failed. - enum: - - STATE_UNSPECIFIED - - PENDING - - ACTIVE - - FAILED - projectId: - description: Output only. Google Cloud project ID. - readOnly: true - type: string - source: + type: string description: >- - Optional. An optional arbitrary string that could be used as a tag - for tracking link source. - type: string - GoogleCloudRetailV2alphaMerchantCenterAccountLinkMerchantCenterFeedFilter: - id: >- - GoogleCloudRetailV2alphaMerchantCenterAccountLinkMerchantCenterFeedFilter - description: Merchant Center Feed filter criterion. + The color display names, which may be different from standard color + family names, such as the color aliases used in the website + frontend. Normally it is expected to have only 1 color. May consider + using single "Mixed" instead of multiple values. A maximum of 75 + colors are allowed. Each value must be a UTF-8 encoded string with a + length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error + is returned. Google Merchant Center property + [color](https://support.google.com/merchants/answer/6324487). + Schema.org property [Product.color](https://schema.org/color). + id: GoogleCloudRetailV2ColorInfo + description: The color information of a Product. + type: object + GoogleCloudRetailV2alphaCreateModelMetadata: + id: GoogleCloudRetailV2alphaCreateModelMetadata + description: Metadata associated with a create operation. type: object properties: - primaryFeedId: - description: >- - Merchant Center primary feed ID. Deprecated: use data_source_id - instead. - deprecated: true - type: string - format: int64 - dataSourceId: - description: AFM data source ID. - type: string - format: int64 - primaryFeedName: + model: description: >- - Merchant Center primary feed name. The name is used for the display - purposes only. + The resource name of the model that this create applies to. Format: + `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` type: string GoogleCloudRetailV2alphaModel: - id: GoogleCloudRetailV2alphaModel - description: >- - Metadata that describes the training and serving parameters of a Model. - A Model can be associated with a ServingConfig and then queried through - the Predict API. - type: object properties: pageOptimizationConfig: description: Optional. The page optimization config. $ref: >- #/components/schemas/GoogleCloudRetailV2alphaModelPageOptimizationConfig - name: - description: >- - Required. The fully qualified resource name of the model. Format: - `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` - catalog_id has char limit of 50. recommendation_model_id has char - limit of 40. - type: string - displayName: - description: >- - Required. The display name of the model. Should be human readable, - used to display Recommendation Models in the Retail Cloud Console - Dashboard. UTF-8 encoded string with limit of 1024 characters. - type: string - trainingState: - description: >- - Optional. The training state that the model is in (e.g. `TRAINING` - or `PAUSED`). Since part of the cost of running the service is - frequency of training - this can be used to determine when to train - model in order to control cost. If not specified: the default value - for `CreateModel` method is `TRAINING`. The default value for - `UpdateModel` method is to keep the state the same as before. - type: string - enumDescriptions: - - Unspecified training state. - - The model training is paused. - - The model is training. - enum: - - TRAINING_STATE_UNSPECIFIED - - PAUSED - - TRAINING - servingState: - description: 'Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.' - readOnly: true - type: string - enumDescriptions: - - Unspecified serving state. - - The model is not serving. - - The model is serving and can be queried. - - The model is trained on tuned hyperparameters and can be queried. - enum: - - SERVING_STATE_UNSPECIFIED - - INACTIVE - - ACTIVE - - TUNED createTime: description: Output only. Timestamp the Recommendation Model was created at. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. Timestamp the Recommendation Model was last updated. - E.g. if a Recommendation Model was paused - this would be the time - the pause was initiated. - readOnly: true - type: string - format: google-datetime - type: - description: >- - Required. The type of model e.g. `home-page`. Currently supported - values: `recommended-for-you`, `others-you-may-like`, - `frequently-bought-together`, `page-optimization`, `similar-items`, - `buy-it-again`, `on-sale-items`, and `recently-viewed`(readonly - value). This field together with optimization_objective describe - model metadata to use to control model training and serving. See - https://cloud.google.com/retail/docs/models for more details on what - the model metadata control and which combination of parameters are - valid. For invalid combinations of parameters (e.g. type = - `frequently-bought-together` and optimization_objective = `ctr`), - you receive an error 400 if you try to create/update a - recommendation with this set of knobs. - type: string - optimizationObjective: - description: >- - Optional. The optimization objective e.g. `cvr`. Currently supported - values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we - choose default based on model type. Default depends on type of - recommendation: `recommended-for-you` => `ctr` `others-you-may-like` - => `ctr` `frequently-bought-together` => `revenue_per_order` This - field together with optimization_objective describe model metadata - to use to control model training and serving. See - https://cloud.google.com/retail/docs/models for more details on what - the model metadata control and which combination of parameters are - valid. For invalid combinations of parameters (e.g. type = - `frequently-bought-together` and optimization_objective = `ctr`), - you receive an error 400 if you try to create/update a - recommendation with this set of knobs. - type: string - periodicTuningState: - description: >- - Optional. The state of periodic tuning. The period we use is 3 - months - to do a one-off tune earlier use the `TuneModel` method. - Default value is `PERIODIC_TUNING_ENABLED`. - type: string - enumDescriptions: - - Unspecified default value, should never be explicitly set. - - >- - The model has periodic tuning disabled. Tuning can be reenabled by - calling the `EnableModelPeriodicTuning` method or by calling the - `TuneModel` method. - - >- - The model cannot be tuned with periodic tuning OR the `TuneModel` - method. Hide the options in customer UI and reject any requests - through the backend self serve API. - - >- - The model has periodic tuning enabled. Tuning can be disabled by - calling the `DisableModelPeriodicTuning` method. - enum: - - PERIODIC_TUNING_STATE_UNSPECIFIED - - PERIODIC_TUNING_DISABLED - - ALL_TUNING_DISABLED - - PERIODIC_TUNING_ENABLED - lastTuneTime: - description: Output only. The timestamp when the latest successful tune finished. - readOnly: true type: string format: google-datetime - tuningOperation: - description: >- - Output only. The tune operation associated with the model. Can be - used to determine if there is an ongoing tune for this - recommendation. Empty field implies no tune is goig on. readOnly: true + name: type: string - dataState: description: >- - Output only. The state of data requirements for this model: - `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained - if the data is in `DATA_ERROR` state. Recommendation model can have - `DATA_ERROR` state even if serving state is `ACTIVE`: models were - trained successfully before, but cannot be refreshed because model - no longer has sufficient data for training. - readOnly: true - type: string - enumDescriptions: - - Unspecified default value, should never be explicitly set. - - The model has sufficient training data. - - >- - The model does not have sufficient training data. Error messages - can be queried via Stackdriver. - enum: - - DATA_STATE_UNSPECIFIED - - DATA_OK - - DATA_ERROR + Required. The fully qualified resource name of the model. Format: + `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` + catalog_id has char limit of 50. recommendation_model_id has char + limit of 40. + lastTuneTime: + description: Output only. The timestamp when the latest successful tune finished. + format: google-datetime + readOnly: true + type: string filteringOption: + enum: + - RECOMMENDATIONS_FILTERING_OPTION_UNSPECIFIED + - RECOMMENDATIONS_FILTERING_DISABLED + - RECOMMENDATIONS_FILTERING_ENABLED + type: string description: >- Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation filtering by attributes is enabled for the model. - type: string enumDescriptions: - >- Value used when unset. In this case, server behavior defaults to RECOMMENDATIONS_FILTERING_DISABLED. - Recommendation filtering is disabled. - Recommendation filtering is enabled. - enum: - - RECOMMENDATIONS_FILTERING_OPTION_UNSPECIFIED - - RECOMMENDATIONS_FILTERING_DISABLED - - RECOMMENDATIONS_FILTERING_ENABLED servingConfigLists: description: >- Output only. The list of valid serving configs associated with the PageOptimizationConfig. readOnly: true - type: array items: $ref: >- #/components/schemas/GoogleCloudRetailV2alphaModelServingConfigList + type: array modelFeaturesConfig: description: Optional. Additional model features config. $ref: >- #/components/schemas/GoogleCloudRetailV2alphaModelModelFeaturesConfig - GoogleCloudRetailV2alphaModelPageOptimizationConfig: - id: GoogleCloudRetailV2alphaModelPageOptimizationConfig - description: >- - The PageOptimizationConfig for model training. This determines how many - panels to optimize for, and which serving configs to consider for each - panel. The purpose of this model is to optimize which ServingConfig to - show on which panels in way that optimizes the visitors shopping - journey. - type: object - properties: - pageOptimizationEventType: - description: >- - Required. The type of UserEvent this page optimization is shown for. - Each page has an associated event type - this will be the - corresponding event type for the page that the page optimization - model is used on. Supported types: * `add-to-cart`: Products being - added to cart. * `detail-page-view`: Products detail page viewed. * - `home-page-view`: Homepage viewed * `category-page-view`: Homepage - viewed * `shopping-cart-page-view`: User viewing a shopping cart. - `home-page-view` only allows models with type `recommended-for-you`. - All other page_optimization_event_type allow all Model.types. + trainingState: type: string - panels: - description: Required. A list of panel configurations. Limit = 5. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRetailV2alphaModelPageOptimizationConfigPanel - restriction: + enum: + - TRAINING_STATE_UNSPECIFIED + - PAUSED + - TRAINING + enumDescriptions: + - Unspecified training state. + - The model training is paused. + - The model is training. description: >- - Optional. How to restrict results across panels e.g. can the same - ServingConfig be shown on multiple panels at once. If unspecified, - default to `UNIQUE_MODEL_RESTRICTION`. - type: string + Optional. The training state that the model is in (e.g. `TRAINING` + or `PAUSED`). Since part of the cost of running the service is + frequency of training - this can be used to determine when to train + model in order to control cost. If not specified: the default value + for `CreateModel` method is `TRAINING`. The default value for + `UpdateModel` method is to keep the state the same as before. + periodicTuningState: + description: >- + Optional. The state of periodic tuning. The period we use is 3 + months - to do a one-off tune earlier use the `TuneModel` method. + Default value is `PERIODIC_TUNING_ENABLED`. enumDescriptions: - - Unspecified value for restriction. - - >- - Allow any ServingConfig to be show on any number of panels. - Example: `Panel1 candidates`: pdp_ctr, pdp_cvr, - home_page_ctr_no_diversity `Panel2 candidates`: - home_page_ctr_no_diversity, home_page_ctr_diversity, - pdp_cvr_no_diversity `Restriction` = NO_RESTRICTION `Valid - combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * - (pdp_ctr, home_page_ctr_diversity) * (pdp_ctr, - pdp_cvr_no_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * - (pdp_cvr, home_page_ctr_diversity) * (pdp_cvr, - pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, - home_page_ctr_no_diversity) * (home_page_ctr_no_diversity, - home_page_ctr_diversity) * (home_page_ctr_no_diversity, - pdp_cvr_no_diversity) * `Invalid combinations`: [] + - Unspecified default value, should never be explicitly set. - >- - Do not allow the same ServingConfig.name to be shown on multiple - panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, - home_page_ctr_no_diversity * `Panel2 candidates`: * - home_page_ctr_no_diversity, home_page_ctr_diversity_low, - pdp_cvr_no_diversity * `Restriction` = - `UNIQUE_SERVING_CONFIG_RESTRICTION` `Valid combinations`: * * - (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, - home_page_ctr_diversity_low) * (pdp_ctr, pdp_cvr_no_diversity) * - (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, - home_page_ctr_no_diversity) * (pdp_cvr, - home_page_ctr_diversity_low) * (pdp_cvr, pdp_cvr_no_diversity) * - (home_page_ctr_no_diversity, home_page_ctr_diversity_low) * - (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid - combinations`: * * (home_page_ctr_no_diversity, - home_page_ctr_no_diversity) * + The model has periodic tuning disabled. Tuning can be reenabled by + calling the `EnableModelPeriodicTuning` method or by calling the + `TuneModel` method. - >- - Do not allow multiple ServingConfigs with same Model.name to be - show on on different panels. Example: `Panel1 candidates`: * - pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 - candidates`: * home_page_ctr_no_diversity, - home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` - = `UNIQUE_MODEL_RESTRICTION` `Valid combinations`: * * (pdp_ctr, - home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * - (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) - * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, - home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, - pdp_cvr_no_diversity) * `Invalid combinations`: * * - (home_page_ctr_no_diversity, home_page_ctr_no_diversity) * - (pdp_cvr, pdp_cvr_no_diversity) * + The model cannot be tuned with periodic tuning OR the `TuneModel` + method. Hide the options in customer UI and reject any requests + through the backend self serve API. - >- - Do not allow multiple ServingConfigs with same Model.type to be - shown on different panels. Example: `Panel1 candidates`: * - pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 - candidates`: * home_page_ctr_no_diversity, - home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` - = `UNIQUE_MODEL_RESTRICTION` `Valid combinations`: * * (pdp_ctr, - home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * - (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, - home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, - pdp_cvr_no_diversity) * `Invalid combinations`: * * (pdp_ctr, - pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * - (pdp_cvr, pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, - home_page_ctr_no_diversity) * (home_page_ctr_no_diversity, - home_page_ctr_diversity) * + The model has periodic tuning enabled. Tuning can be disabled by + calling the `DisableModelPeriodicTuning` method. enum: - - RESTRICTION_UNSPECIFIED - - NO_RESTRICTION - - UNIQUE_SERVING_CONFIG_RESTRICTION - - UNIQUE_MODEL_RESTRICTION - - UNIQUE_MODEL_TYPE_RESTRICTION - GoogleCloudRetailV2alphaModelPageOptimizationConfigPanel: - id: GoogleCloudRetailV2alphaModelPageOptimizationConfigPanel - description: An individual panel with a list of ServingConfigs to consider for it. - type: object - properties: - displayName: - description: Optional. The name to display for the panel. + - PERIODIC_TUNING_STATE_UNSPECIFIED + - PERIODIC_TUNING_DISABLED + - ALL_TUNING_DISABLED + - PERIODIC_TUNING_ENABLED type: string - candidates: - description: Required. The candidates to consider on the panel. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudRetailV2alphaModelPageOptimizationConfigCandidate - defaultCandidate: - description: >- - Required. The default candidate. If the model fails at serving time, - we fall back to the default. - $ref: >- - #/components/schemas/GoogleCloudRetailV2alphaModelPageOptimizationConfigCandidate - GoogleCloudRetailV2alphaModelPageOptimizationConfigCandidate: - id: GoogleCloudRetailV2alphaModelPageOptimizationConfigCandidate - description: >- - A candidate to consider for a given panel. Currently only ServingConfig - are valid candidates. - type: object - properties: - servingConfigId: - description: >- - This has to be a valid ServingConfig identifier. For example, for a - ServingConfig with full name: - `projects/*/locations/global/catalogs/default_catalog/servingConfigs/my_candidate_config`, - this would be `my_candidate_config`. + optimizationObjective: type: string - GoogleCloudRetailV2alphaModelServingConfigList: - id: GoogleCloudRetailV2alphaModelServingConfigList - description: >- - Represents an ordered combination of valid serving configs, which can be - used for `PAGE_OPTIMIZATION` recommendations. - type: object - properties: - servingConfigIds: - description: >- - Optional. A set of valid serving configs that may be used for - `PAGE_OPTIMIZATION`. - type: array - items: - type: string - GoogleCloudRetailV2alphaModelModelFeaturesConfig: - id: GoogleCloudRetailV2alphaModelModelFeaturesConfig - description: Additional model features config. - type: object - properties: - frequentlyBoughtTogetherConfig: - description: Additional configs for frequently-bought-together models. - $ref: >- - #/components/schemas/GoogleCloudRetailV2alphaModelFrequentlyBoughtTogetherFeaturesConfig - GoogleCloudRetailV2alphaModelFrequentlyBoughtTogetherFeaturesConfig: - id: GoogleCloudRetailV2alphaModelFrequentlyBoughtTogetherFeaturesConfig - description: Additional configs for the frequently-bought-together model type. - type: object - properties: - contextProductsType: description: >- - Optional. Specifies the context of the model when it is used in - predict requests. Can only be set for the - `frequently-bought-together` type. If it isn't specified, it - defaults to MULTIPLE_CONTEXT_PRODUCTS. - type: string - enumDescriptions: - - >- - Unspecified default value, should never be explicitly set. - Defaults to MULTIPLE_CONTEXT_PRODUCTS. - - >- - Use only a single product as context for the recommendation. - Typically used on pages like add-to-cart or product details. - - >- - Use one or multiple products as context for the recommendation. - Typically used on shopping cart pages. - enum: - - CONTEXT_PRODUCTS_TYPE_UNSPECIFIED - - SINGLE_CONTEXT_PRODUCT - - MULTIPLE_CONTEXT_PRODUCTS - GoogleCloudRetailV2alphaPurgeMetadata: - id: GoogleCloudRetailV2alphaPurgeMetadata - description: >- - Metadata related to the progress of the Purge operation. This will be - returned by the google.longrunning.Operation.metadata field. - type: object - properties: {} - GoogleCloudRetailV2alphaPurgeProductsMetadata: - id: GoogleCloudRetailV2alphaPurgeProductsMetadata - description: >- - Metadata related to the progress of the PurgeProducts operation. This - will be returned by the google.longrunning.Operation.metadata field. - type: object - properties: - createTime: - description: Operation create time. + Optional. The optimization objective e.g. `cvr`. Currently supported + values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we + choose default based on model type. Default depends on type of + recommendation: `recommended-for-you` => `ctr` `others-you-may-like` + => `ctr` `frequently-bought-together` => `revenue_per_order` This + field together with optimization_objective describe model metadata + to use to control model training and serving. See + https://cloud.google.com/retail/docs/models for more details on what + the model metadata control and which combination of parameters are + valid. For invalid combinations of parameters (e.g. type = + `frequently-bought-together` and optimization_objective = `ctr`), + you receive an error 400 if you try to create/update a + recommendation with this set of knobs. + type: type: string - format: google-datetime + description: >- + Required. The type of model e.g. `home-page`. Currently supported + values: `recommended-for-you`, `others-you-may-like`, + `frequently-bought-together`, `page-optimization`, `similar-items`, + `buy-it-again`, `on-sale-items`, and `recently-viewed`(readonly + value). This field together with optimization_objective describe + model metadata to use to control model training and serving. See + https://cloud.google.com/retail/docs/models for more details on what + the model metadata control and which combination of parameters are + valid. For invalid combinations of parameters (e.g. type = + `frequently-bought-together` and optimization_objective = `ctr`), + you receive an error 400 if you try to create/update a + recommendation with this set of knobs. updateTime: + readOnly: true description: >- - Operation last update time. If the operation is done, this is also - the finish time. - type: string + Output only. Timestamp the Recommendation Model was last updated. + E.g. if a Recommendation Model was paused - this would be the time + the pause was initiated. format: google-datetime - successCount: - description: Count of entries that were deleted successfully. type: string - format: int64 - failureCount: - description: Count of entries that encountered errors while processing. + dataState: type: string - format: int64 - GoogleCloudRetailV2alphaPurgeProductsResponse: - id: GoogleCloudRetailV2alphaPurgeProductsResponse - description: >- - Response of the PurgeProductsRequest. If the long running operation is - successfully done, then this message is returned by the - google.longrunning.Operations.response field. - type: object - properties: - purgeCount: - description: The total count of products purged as a result of the operation. + enumDescriptions: + - Unspecified default value, should never be explicitly set. + - The model has sufficient training data. + - >- + The model does not have sufficient training data. Error messages + can be queried via Stackdriver. + enum: + - DATA_STATE_UNSPECIFIED + - DATA_OK + - DATA_ERROR + description: >- + Output only. The state of data requirements for this model: + `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained + if the data is in `DATA_ERROR` state. Recommendation model can have + `DATA_ERROR` state even if serving state is `ACTIVE`: models were + trained successfully before, but cannot be refreshed because model + no longer has sufficient data for training. + readOnly: true + tuningOperation: type: string - format: int64 - purgeSample: + readOnly: true description: >- - A sample of the product names that will be deleted. Only populated - if `force` is set to false. A max of 100 names will be returned and - the names are chosen at random. - type: array - items: - type: string - GoogleCloudRetailV2alphaPurgeUserEventsResponse: - id: GoogleCloudRetailV2alphaPurgeUserEventsResponse - description: >- - Response of the PurgeUserEventsRequest. If the long running operation is - successfully done, then this message is returned by the - google.longrunning.Operations.response field. - type: object - properties: - purgedEventsCount: - description: The total count of events purged as a result of the operation. + Output only. The tune operation associated with the model. Can be + used to determine if there is an ongoing tune for this + recommendation. Empty field implies no tune is goig on. + servingState: + description: 'Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.' + readOnly: true + enumDescriptions: + - Unspecified serving state. + - The model is not serving. + - The model is serving and can be queried. + - The model is trained on tuned hyperparameters and can be queried. + enum: + - SERVING_STATE_UNSPECIFIED + - INACTIVE + - ACTIVE + - TUNED type: string - format: int64 - GoogleCloudRetailV2alphaRejoinUserEventsMetadata: - id: GoogleCloudRetailV2alphaRejoinUserEventsMetadata - description: Metadata for `RejoinUserEvents` method. - type: object - properties: {} - GoogleCloudRetailV2alphaRejoinUserEventsResponse: - id: GoogleCloudRetailV2alphaRejoinUserEventsResponse - description: Response message for `RejoinUserEvents` method. - type: object - properties: - rejoinedUserEventsCount: - description: Number of user events that were joined with latest product catalog. + displayName: + description: >- + Required. The display name of the model. Should be human readable, + used to display Recommendation Models in the Retail Cloud Console + Dashboard. UTF-8 encoded string with limit of 1024 characters. type: string - format: int64 - GoogleCloudRetailV2alphaRemoveFulfillmentPlacesMetadata: - id: GoogleCloudRetailV2alphaRemoveFulfillmentPlacesMetadata - description: >- - Metadata related to the progress of the RemoveFulfillmentPlaces - operation. Currently empty because there is no meaningful metadata - populated from the ProductService.RemoveFulfillmentPlaces method. - type: object - properties: {} - GoogleCloudRetailV2alphaRemoveFulfillmentPlacesResponse: - id: GoogleCloudRetailV2alphaRemoveFulfillmentPlacesResponse - description: >- - Response of the RemoveFulfillmentPlacesRequest. Currently empty because - there is no meaningful response populated from the - ProductService.RemoveFulfillmentPlaces method. - type: object - properties: {} - GoogleCloudRetailV2alphaRemoveLocalInventoriesMetadata: - id: GoogleCloudRetailV2alphaRemoveLocalInventoriesMetadata - description: >- - Metadata related to the progress of the RemoveLocalInventories - operation. Currently empty because there is no meaningful metadata - populated from the ProductService.RemoveLocalInventories method. - type: object - properties: {} - GoogleCloudRetailV2alphaRemoveLocalInventoriesResponse: - id: GoogleCloudRetailV2alphaRemoveLocalInventoriesResponse - description: >- - Response of the ProductService.RemoveLocalInventories API. Currently - empty because there is no meaningful response populated from the - ProductService.RemoveLocalInventories method. - type: object - properties: {} - GoogleCloudRetailV2alphaSetInventoryMetadata: - id: GoogleCloudRetailV2alphaSetInventoryMetadata - description: >- - Metadata related to the progress of the SetInventory operation. - Currently empty because there is no meaningful metadata populated from - the ProductService.SetInventory method. + id: GoogleCloudRetailV2alphaModel type: object - properties: {} - GoogleCloudRetailV2alphaSetInventoryResponse: - id: GoogleCloudRetailV2alphaSetInventoryResponse description: >- - Response of the SetInventoryRequest. Currently empty because there is no - meaningful response populated from the ProductService.SetInventory - method. - type: object - properties: {} - GoogleCloudRetailV2alphaTuneModelMetadata: - id: GoogleCloudRetailV2alphaTuneModelMetadata - description: Metadata associated with a tune operation. + Metadata that describes the training and serving parameters of a Model. + A Model can be associated with a ServingConfig and then queried through + the Predict API. + GoogleCloudRetailV2ProductInputConfig: + id: GoogleCloudRetailV2ProductInputConfig + description: The input config source for products. type: object properties: - model: - description: >- - The resource name of the model that this tune applies to. Format: - `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` - type: string + gcsSource: + description: Google Cloud Storage location for the input content. + $ref: '#/components/schemas/GoogleCloudRetailV2GcsSource' + productInlineSource: + $ref: '#/components/schemas/GoogleCloudRetailV2ProductInlineSource' + description: The Inline source for the input content for products. + bigQuerySource: + $ref: '#/components/schemas/GoogleCloudRetailV2BigQuerySource' + description: BigQuery input source. GoogleCloudRetailV2alphaTuneModelResponse: - id: GoogleCloudRetailV2alphaTuneModelResponse - description: Response associated with a tune operation. - type: object - properties: {} - GoogleCloudRetailV2betaAddFulfillmentPlacesMetadata: - id: GoogleCloudRetailV2betaAddFulfillmentPlacesMetadata - description: >- - Metadata related to the progress of the AddFulfillmentPlaces operation. - Currently empty because there is no meaningful metadata populated from - the ProductService.AddFulfillmentPlaces method. - type: object - properties: {} - GoogleCloudRetailV2betaAddFulfillmentPlacesResponse: - id: GoogleCloudRetailV2betaAddFulfillmentPlacesResponse - description: >- - Response of the AddFulfillmentPlacesRequest. Currently empty because - there is no meaningful response populated from the - ProductService.AddFulfillmentPlaces method. - type: object - properties: {} - GoogleCloudRetailV2betaAddLocalInventoriesMetadata: - id: GoogleCloudRetailV2betaAddLocalInventoriesMetadata - description: >- - Metadata related to the progress of the AddLocalInventories operation. - Currently empty because there is no meaningful metadata populated from - the ProductService.AddLocalInventories method. - type: object - properties: {} - GoogleCloudRetailV2betaAddLocalInventoriesResponse: - id: GoogleCloudRetailV2betaAddLocalInventoriesResponse - description: >- - Response of the ProductService.AddLocalInventories API. Currently empty - because there is no meaningful response populated from the - ProductService.AddLocalInventories method. type: object + id: GoogleCloudRetailV2alphaTuneModelResponse properties: {} - GoogleCloudRetailV2betaCreateModelMetadata: - id: GoogleCloudRetailV2betaCreateModelMetadata - description: Metadata associated with a create operation. - type: object + description: Response associated with a tune operation. + GoogleCloudRetailV2betaPurgeProductsResponse: properties: - model: - description: >- - The resource name of the model that this create applies to. Format: - `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` + purgeCount: type: string - GoogleCloudRetailV2betaExportAnalyticsMetricsResponse: - id: GoogleCloudRetailV2betaExportAnalyticsMetricsResponse - description: >- - Response of the ExportAnalyticsMetricsRequest. If the long running - operation was successful, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. - type: object - properties: - errorSamples: - description: A sample of errors encountered while processing the request. + format: int64 + description: The total count of products purged as a result of the operation. + purgeSample: type: array items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorsConfig: - description: This field is never set. - $ref: '#/components/schemas/GoogleCloudRetailV2betaExportErrorsConfig' - outputResult: - description: Output result indicating where the data were exported to. - $ref: '#/components/schemas/GoogleCloudRetailV2betaOutputResult' - GoogleCloudRetailV2betaExportErrorsConfig: - id: GoogleCloudRetailV2betaExportErrorsConfig - description: Configuration of destination for Export related errors. + type: string + description: >- + A sample of the product names that will be deleted. Only populated + if `force` is set to false. A max of 100 names will be returned and + the names are chosen at random. + description: >- + Response of the PurgeProductsRequest. If the long running operation is + successfully done, then this message is returned by the + google.longrunning.Operations.response field. + type: object + id: GoogleCloudRetailV2betaPurgeProductsResponse + GoogleCloudRetailV2UserEventInlineSource: + id: GoogleCloudRetailV2UserEventInlineSource + description: The inline source for the input config for ImportUserEvents method. type: object properties: - gcsPrefix: + userEvents: + items: + $ref: '#/components/schemas/GoogleCloudRetailV2UserEvent' + type: array description: >- - Google Cloud Storage path for import errors. This must be an empty, - existing Cloud Storage bucket. Export errors will be written to a - file in this bucket, one per line, as a JSON-encoded - `google.rpc.Status` message. - type: string + Required. A list of user events to import. Recommended max of 10k + items. GoogleCloudRetailV2betaOutputResult: - id: GoogleCloudRetailV2betaOutputResult description: >- Output result that stores the information about where the exported data is stored. + id: GoogleCloudRetailV2betaOutputResult type: object properties: - bigqueryResult: - description: The BigQuery location where the result is stored. + gcsResult: type: array items: - $ref: '#/components/schemas/GoogleCloudRetailV2betaBigQueryOutputResult' - gcsResult: + $ref: '#/components/schemas/GoogleCloudRetailV2betaGcsOutputResult' description: The Google Cloud Storage location where the result is stored. + bigqueryResult: type: array items: - $ref: '#/components/schemas/GoogleCloudRetailV2betaGcsOutputResult' - GoogleCloudRetailV2betaBigQueryOutputResult: - id: GoogleCloudRetailV2betaBigQueryOutputResult - description: A BigQuery output result. - type: object + $ref: '#/components/schemas/GoogleCloudRetailV2betaBigQueryOutputResult' + description: The BigQuery location where the result is stored. + GoogleCloudRetailV2ListProductsResponse: properties: - datasetId: - description: The ID of a BigQuery Dataset. - type: string - tableId: - description: The ID of a BigQuery Table. + nextPageToken: type: string - GoogleCloudRetailV2betaGcsOutputResult: - id: GoogleCloudRetailV2betaGcsOutputResult - description: A Gcs output result. + description: >- + A token that can be sent as ListProductsRequest.page_token to + retrieve the next page. If this field is omitted, there are no + subsequent pages. + products: + type: array + items: + $ref: '#/components/schemas/GoogleCloudRetailV2Product' + description: The Products. + description: Response message for ProductService.ListProducts method. type: object - properties: - outputUri: - description: The uri of Gcs output - type: string - GoogleCloudRetailV2betaExportMetadata: - id: GoogleCloudRetailV2betaExportMetadata + id: GoogleCloudRetailV2ListProductsResponse + GoogleCloudRetailV2AddLocalInventoriesMetadata: + id: GoogleCloudRetailV2AddLocalInventoriesMetadata + properties: {} description: >- - Metadata related to the progress of the Export operation. This is - returned by the google.longrunning.Operation.metadata field. + Metadata related to the progress of the AddLocalInventories operation. + Currently empty because there is no meaningful metadata populated from + the ProductService.AddLocalInventories method. type: object + GoogleCloudRetailV2alphaPurgeProductsMetadata: + description: >- + Metadata related to the progress of the PurgeProducts operation. This + will be returned by the google.longrunning.Operation.metadata field. properties: createTime: - description: Operation create time. type: string + description: Operation create time. format: google-datetime updateTime: + format: google-datetime + type: string description: >- Operation last update time. If the operation is done, this is also the finish time. + successCount: + format: int64 type: string - format: google-datetime - GoogleCloudRetailV2betaExportProductsResponse: - id: GoogleCloudRetailV2betaExportProductsResponse - description: >- - Response of the ExportProductsRequest. If the long running operation is - done, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. + description: Count of entries that were deleted successfully. + failureCount: + type: string + format: int64 + description: Count of entries that encountered errors while processing. type: object + id: GoogleCloudRetailV2alphaPurgeProductsMetadata + GoogleCloudRetailV2betaModelModelFeaturesConfig: + type: object + description: Additional model features config. properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array + frequentlyBoughtTogetherConfig: + description: Additional configs for frequently-bought-together models. + $ref: >- + #/components/schemas/GoogleCloudRetailV2betaModelFrequentlyBoughtTogetherFeaturesConfig + id: GoogleCloudRetailV2betaModelModelFeaturesConfig + GoogleCloudRetailV2betaGcsOutputResult: + type: object + properties: + outputUri: + type: string + description: The uri of Gcs output + id: GoogleCloudRetailV2betaGcsOutputResult + description: A Gcs output result. + GoogleCloudRetailV2CatalogAttributeFacetConfigMergedFacetValue: + properties: + values: + description: >- + All the facet values that are replaces by the same merged_value that + follows. The maximum number of values per MergedFacetValue is 25. + Each value can have up to 128 characters. items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorsConfig: - description: This field is never set. - $ref: '#/components/schemas/GoogleCloudRetailV2betaExportErrorsConfig' - outputResult: - description: Output result indicating where the data were exported to. - $ref: '#/components/schemas/GoogleCloudRetailV2betaOutputResult' - GoogleCloudRetailV2betaExportUserEventsResponse: - id: GoogleCloudRetailV2betaExportUserEventsResponse + type: string + type: array + mergedValue: + description: >- + All the previous values are replaced by this merged facet value. + This merged_value must be non-empty and can have up to 128 + characters. + type: string + id: GoogleCloudRetailV2CatalogAttributeFacetConfigMergedFacetValue + type: object description: >- - Response of the ExportUserEventsRequest. If the long running operation - was successful, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. + Replaces a set of textual facet values by the same (possibly different) + merged facet value. Each facet value should appear at most once as a + value per CatalogAttribute. This feature is available only for textual + custom attributes. + GoogleCloudRetailV2alphaAddFulfillmentPlacesResponse: + id: GoogleCloudRetailV2alphaAddFulfillmentPlacesResponse + properties: {} + description: >- + Response of the AddFulfillmentPlacesRequest. Currently empty because + there is no meaningful response populated from the + ProductService.AddFulfillmentPlaces method. + type: object + GoogleCloudRetailV2AddFulfillmentPlacesResponse: + description: >- + Response of the AddFulfillmentPlacesRequest. Currently empty because + there is no meaningful response populated from the + ProductService.AddFulfillmentPlaces method. + properties: {} type: object + id: GoogleCloudRetailV2AddFulfillmentPlacesResponse + GoogleCloudRetailV2ConversationalSearchRequestUserAnswer: + description: >- + This field specifies the current user answer during the conversational + filtering search. This can be either user selected from suggested + answers or user input plain text. + id: GoogleCloudRetailV2ConversationalSearchRequestUserAnswer properties: - errorSamples: - description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' - errorsConfig: - description: This field is never set. - $ref: '#/components/schemas/GoogleCloudRetailV2betaExportErrorsConfig' - outputResult: - description: Output result indicating where the data were exported to. - $ref: '#/components/schemas/GoogleCloudRetailV2betaOutputResult' - GoogleCloudRetailV2betaImportCompletionDataResponse: - id: GoogleCloudRetailV2betaImportCompletionDataResponse + textAnswer: + description: >- + This field specifies the incremental input text from the user during + the conversational search. + type: string + selectedAnswer: + $ref: >- + #/components/schemas/GoogleCloudRetailV2ConversationalSearchRequestUserAnswerSelectedAnswer + description: >- + Optional. This field specifies the selected answer during the + conversational search. This should be a subset of + ConversationalSearchResponse.followup_question.suggested_answers. + type: object + GoogleCloudRetailV2SearchRequestConversationalSearchSpecUserAnswer: + type: object + id: GoogleCloudRetailV2SearchRequestConversationalSearchSpecUserAnswer description: >- - Response of the ImportCompletionDataRequest. If the long running - operation is done, this message is returned by the - google.longrunning.Operations.response field if the operation is - successful. + This field specifies the current user answer during the conversational + search. This can be either user selected from suggested answers or user + input plain text. + properties: + textAnswer: + type: string + description: >- + This field specifies the incremental input text from the user during + the conversational search. + selectedAnswer: + $ref: >- + #/components/schemas/GoogleCloudRetailV2SearchRequestConversationalSearchSpecUserAnswerSelectedAnswer + description: >- + This field specifies the selected attributes during the + conversational search. This should be a subset of + ConversationalSearchResult.suggested_answers. + GoogleCloudRetailV2SearchRequestSpellCorrectionSpec: + id: GoogleCloudRetailV2SearchRequestSpellCorrectionSpec type: object + description: The specification for query spell correction. properties: - errorSamples: - description: A sample of errors encountered while processing the request. + mode: + type: string + enumDescriptions: + - >- + Unspecified spell correction mode. In this case, server behavior + defaults to Mode.AUTO. + - >- + Google Retail Search will try to find a spell suggestion if there + is any and put in the SearchResponse.corrected_query. The spell + suggestion will not be used as the search query. + - >- + Automatic spell correction built by Google Retail Search. Search + will be based on the corrected query if found. + description: >- + The mode under which spell correction should take effect to replace + the original search query. Default to Mode.AUTO. + enum: + - MODE_UNSPECIFIED + - SUGGESTION_ONLY + - AUTO + GoogleCloudRetailV2BatchUpdateGenerativeQuestionConfigsRequest: + properties: + requests: + items: + $ref: >- + #/components/schemas/GoogleCloudRetailV2UpdateGenerativeQuestionConfigRequest + type: array + description: Required. The updates question configs. + type: object + description: Request for BatchUpdateGenerativeQuestionConfig method. + id: GoogleCloudRetailV2BatchUpdateGenerativeQuestionConfigsRequest + GoogleCloudRetailV2alphaPurgeProductsResponse: + description: >- + Response of the PurgeProductsRequest. If the long running operation is + successfully done, then this message is returned by the + google.longrunning.Operations.response field. + id: GoogleCloudRetailV2alphaPurgeProductsResponse + properties: + purgeCount: + type: string + description: The total count of products purged as a result of the operation. + format: int64 + purgeSample: type: array items: - $ref: '#/components/schemas/GoogleRpcStatus' - GoogleCloudRetailV2betaImportErrorsConfig: - id: GoogleCloudRetailV2betaImportErrorsConfig - description: Configuration of destination for Import related errors. + type: string + description: >- + A sample of the product names that will be deleted. Only populated + if `force` is set to false. A max of 100 names will be returned and + the names are chosen at random. + type: object + GoogleCloudRetailV2SearchRequestDynamicFacetSpec: + description: The specifications of dynamically generated facets. type: object properties: - gcsPrefix: + mode: + enum: + - MODE_UNSPECIFIED + - DISABLED + - ENABLED + enumDescriptions: + - Default value. + - Disable Dynamic Facet. + - Automatic mode built by Google Retail Search. description: >- - Google Cloud Storage prefix for import errors. This must be an - empty, existing Cloud Storage directory. Import errors are written - to sharded files in this directory, one per line, as a JSON-encoded - `google.rpc.Status` message. + Mode of the DynamicFacet feature. Defaults to Mode.DISABLED if it's + unset. type: string - GoogleCloudRetailV2betaImportMetadata: - id: GoogleCloudRetailV2betaImportMetadata - description: >- - Metadata related to the progress of the Import operation. This is - returned by the google.longrunning.Operation.metadata field. + id: GoogleCloudRetailV2SearchRequestDynamicFacetSpec + GoogleCloudRetailV2SearchRequestBoostSpecConditionBoostSpec: + description: Boost applies to products which match a condition. type: object + id: GoogleCloudRetailV2SearchRequestBoostSpecConditionBoostSpec properties: - createTime: - description: Operation create time. + condition: + description: >- + An expression which specifies a boost condition. The syntax and + supported fields are the same as a filter expression. See + SearchRequest.filter for detail syntax and limitations. Examples: * + To boost products with product ID "product_1" or "product_2", and + color "Red" or "Blue": * (id: ANY("product_1", "product_2")) AND + (colorFamilies: ANY("Red","Blue")) type: string - format: google-datetime - updateTime: + boost: + format: float description: >- - Operation last update time. If the operation is done, this is also - the finish time. + Strength of the condition boost, which should be in [-1, 1]. + Negative boost means demotion. Default is 0.0. Setting to 1.0 gives + the item a big promotion. However, it does not necessarily mean that + the boosted item will be the top result at all times, nor that other + items will be excluded. Results could still be shown even when none + of them matches the condition. And results that are significantly + more relevant to the search query can still trump your heavily + favored but irrelevant items. Setting to -1.0 gives the item a big + demotion. However, results that are deeply relevant might still be + shown. The item will have an upstream battle to get a fairly high + ranking, but it is not blocked out completely. Setting to 0.0 means + no boost applied. The boosting condition is ignored. + type: number + GoogleCloudRetailV2RemoveFulfillmentPlacesRequest: + description: Request message for ProductService.RemoveFulfillmentPlaces method. + id: GoogleCloudRetailV2RemoveFulfillmentPlacesRequest + type: object + properties: + removeTime: type: string format: google-datetime - successCount: - description: Count of entries that were processed successfully. - type: string - format: int64 - failureCount: - description: Count of entries that encountered errors while processing. - type: string - format: int64 - requestId: - description: Deprecated. This field is never set. - deprecated: true - type: string - notificationPubsubTopic: description: >- - Pub/Sub topic for receiving notification. If this field is set, when - the import is finished, a notification is sent to specified Pub/Sub - topic. The message data is JSON string of a Operation. Format of the - Pub/Sub topic is `projects/{project}/topics/{topic}`. + The time when the fulfillment updates are issued, used to prevent + out-of-order updates on fulfillment information. If not provided, + the internal system time will be used. + placeIds: + items: + type: string + type: array + description: >- + Required. The IDs for this type, such as the store IDs for + "pickup-in-store" or the region IDs for "same-day-delivery", to be + removed for this type. At least 1 value is required, and a maximum + of 2000 values are allowed. Each value must be a string with a + length limit of 10 characters, matching the pattern + `[a-zA-Z0-9_-]+`, such as "store1" or "REGION-2". Otherwise, an + INVALID_ARGUMENT error is returned. + type: + description: >- + Required. The fulfillment type, including commonly used types (such + as pickup in store and same day delivery), and custom types. + Supported values: * "pickup-in-store" * "ship-to-store" * + "same-day-delivery" * "next-day-delivery" * "custom-type-1" * + "custom-type-2" * "custom-type-3" * "custom-type-4" * + "custom-type-5" If this field is set to an invalid value other than + these, an INVALID_ARGUMENT error is returned. This field directly + corresponds to Product.fulfillment_info.type. type: string - GoogleCloudRetailV2betaImportProductsResponse: - id: GoogleCloudRetailV2betaImportProductsResponse + allowMissing: + type: boolean + description: >- + If set to true, and the Product is not found, the fulfillment + information will still be processed and retained for at most 1 day + and processed once the Product is created. If set to false, a + NOT_FOUND error is returned if the Product is not found. + GoogleCloudRetailV2alphaExportProductsResponse: + id: GoogleCloudRetailV2alphaExportProductsResponse + type: object description: >- - Response of the ImportProductsRequest. If the long running operation is + Response of the ExportProductsRequest. If the long running operation is done, then this message is returned by the google.longrunning.Operations.response field if the operation was successful. - type: object properties: errorSamples: - description: A sample of errors encountered while processing the request. type: array items: $ref: '#/components/schemas/GoogleRpcStatus' - errorsConfig: - description: >- - Echoes the destination for the complete errors in the request if - set. - $ref: '#/components/schemas/GoogleCloudRetailV2betaImportErrorsConfig' - GoogleCloudRetailV2betaImportUserEventsResponse: - id: GoogleCloudRetailV2betaImportUserEventsResponse - description: >- - Response of the ImportUserEventsRequest. If the long running operation - was successful, then this message is returned by the - google.longrunning.Operations.response field if the operation was - successful. - type: object - properties: - errorSamples: description: A sample of errors encountered while processing the request. - type: array - items: - $ref: '#/components/schemas/GoogleRpcStatus' errorsConfig: - description: >- - Echoes the destination for the complete errors if this field was set - in the request. - $ref: '#/components/schemas/GoogleCloudRetailV2betaImportErrorsConfig' - importSummary: - description: Aggregated statistics of user event import status. - $ref: '#/components/schemas/GoogleCloudRetailV2betaUserEventImportSummary' - GoogleCloudRetailV2betaUserEventImportSummary: - id: GoogleCloudRetailV2betaUserEventImportSummary - description: >- - A summary of import result. The UserEventImportSummary summarizes the - import status for user events. + $ref: '#/components/schemas/GoogleCloudRetailV2alphaExportErrorsConfig' + description: This field is never set. + outputResult: + description: Output result indicating where the data were exported to. + $ref: '#/components/schemas/GoogleCloudRetailV2alphaOutputResult' + GoogleCloudRetailV2Promotion: type: object + id: GoogleCloudRetailV2Promotion properties: - joinedEventsCount: - description: >- - Count of user events imported with complete existing catalog - information. - type: string - format: int64 - unjoinedEventsCount: + promotionId: description: >- - Count of user events imported, but with catalog information not - found in the imported catalog. + Promotion identifier, which is the final component of name. For + example, this field is "free_gift", if name is + `projects/*/locations/global/catalogs/default_catalog/promotions/free_gift`. + The value must be a UTF-8 encoded string with a length limit of 128 + characters, and match the pattern: `a-zA-Z*`. For example, + id0LikeThis or ID_1_LIKE_THIS. Otherwise, an INVALID_ARGUMENT error + is returned. Corresponds to Google Merchant Center property + [promotion_id](https://support.google.com/merchants/answer/7050148). type: string - format: int64 - GoogleCloudRetailV2betaModel: - id: GoogleCloudRetailV2betaModel + description: Promotion specification. + GoogleCloudRetailV2betaPurgeProductsMetadata: + id: GoogleCloudRetailV2betaPurgeProductsMetadata description: >- - Metadata that describes the training and serving parameters of a Model. - A Model can be associated with a ServingConfig and then queried through - the Predict API. + Metadata related to the progress of the PurgeProducts operation. This + will be returned by the google.longrunning.Operation.metadata field. type: object properties: - name: - description: >- - Required. The fully qualified resource name of the model. Format: - `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` - catalog_id has char limit of 50. recommendation_model_id has char - limit of 40. - type: string - displayName: - description: >- - Required. The display name of the model. Should be human readable, - used to display Recommendation Models in the Retail Cloud Console - Dashboard. UTF-8 encoded string with limit of 1024 characters. - type: string - trainingState: - description: >- - Optional. The training state that the model is in (e.g. `TRAINING` - or `PAUSED`). Since part of the cost of running the service is - frequency of training - this can be used to determine when to train - model in order to control cost. If not specified: the default value - for `CreateModel` method is `TRAINING`. The default value for - `UpdateModel` method is to keep the state the same as before. - type: string - enumDescriptions: - - Unspecified training state. - - The model training is paused. - - The model is training. - enum: - - TRAINING_STATE_UNSPECIFIED - - PAUSED - - TRAINING - servingState: - description: 'Output only. The serving state of the model: `ACTIVE`, `NOT_ACTIVE`.' - readOnly: true - type: string - enumDescriptions: - - Unspecified serving state. - - The model is not serving. - - The model is serving and can be queried. - - The model is trained on tuned hyperparameters and can be queried. - enum: - - SERVING_STATE_UNSPECIFIED - - INACTIVE - - ACTIVE - - TUNED - createTime: - description: Output only. Timestamp the Recommendation Model was created at. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. Timestamp the Recommendation Model was last updated. - E.g. if a Recommendation Model was paused - this would be the time - the pause was initiated. - readOnly: true + createTime: + description: Operation create time. type: string format: google-datetime - type: + updateTime: description: >- - Required. The type of model e.g. `home-page`. Currently supported - values: `recommended-for-you`, `others-you-may-like`, - `frequently-bought-together`, `page-optimization`, `similar-items`, - `buy-it-again`, `on-sale-items`, and `recently-viewed`(readonly - value). This field together with optimization_objective describe - model metadata to use to control model training and serving. See - https://cloud.google.com/retail/docs/models for more details on what - the model metadata control and which combination of parameters are - valid. For invalid combinations of parameters (e.g. type = - `frequently-bought-together` and optimization_objective = `ctr`), - you receive an error 400 if you try to create/update a - recommendation with this set of knobs. + Operation last update time. If the operation is done, this is also + the finish time. + format: google-datetime type: string - optimizationObjective: - description: >- - Optional. The optimization objective e.g. `cvr`. Currently supported - values: `ctr`, `cvr`, `revenue-per-order`. If not specified, we - choose default based on model type. Default depends on type of - recommendation: `recommended-for-you` => `ctr` `others-you-may-like` - => `ctr` `frequently-bought-together` => `revenue_per_order` This - field together with optimization_objective describe model metadata - to use to control model training and serving. See - https://cloud.google.com/retail/docs/models for more details on what - the model metadata control and which combination of parameters are - valid. For invalid combinations of parameters (e.g. type = - `frequently-bought-together` and optimization_objective = `ctr`), - you receive an error 400 if you try to create/update a - recommendation with this set of knobs. + successCount: type: string - periodicTuningState: - description: >- - Optional. The state of periodic tuning. The period we use is 3 - months - to do a one-off tune earlier use the `TuneModel` method. - Default value is `PERIODIC_TUNING_ENABLED`. + description: Count of entries that were deleted successfully. + format: int64 + failureCount: + description: Count of entries that encountered errors while processing. + format: int64 + type: string + GoogleCloudRetailV2betaPurgeUserEventsResponse: + id: GoogleCloudRetailV2betaPurgeUserEventsResponse + description: >- + Response of the PurgeUserEventsRequest. If the long running operation is + successfully done, then this message is returned by the + google.longrunning.Operations.response field. + type: object + properties: + purgedEventsCount: + format: int64 + type: string + description: The total count of events purged as a result of the operation. + GoogleCloudRetailV2alphaModelPageOptimizationConfig: + description: >- + The PageOptimizationConfig for model training. This determines how many + panels to optimize for, and which serving configs to consider for each + panel. The purpose of this model is to optimize which ServingConfig to + show on which panels in way that optimizes the visitors shopping + journey. + properties: + pageOptimizationEventType: type: string + description: >- + Required. The type of UserEvent this page optimization is shown for. + Each page has an associated event type - this will be the + corresponding event type for the page that the page optimization + model is used on. Supported types: * `add-to-cart`: Products being + added to cart. * `detail-page-view`: Products detail page viewed. * + `home-page-view`: Homepage viewed * `category-page-view`: Homepage + viewed * `shopping-cart-page-view`: User viewing a shopping cart. + `home-page-view` only allows models with type `recommended-for-you`. + All other page_optimization_event_type allow all Model.types. + panels: + items: + $ref: >- + #/components/schemas/GoogleCloudRetailV2alphaModelPageOptimizationConfigPanel + type: array + description: Required. A list of panel configurations. Limit = 5. + restriction: enumDescriptions: - - Unspecified default value, should never be explicitly set. + - Unspecified value for restriction. - >- - The model has periodic tuning disabled. Tuning can be reenabled by - calling the `EnableModelPeriodicTuning` method or by calling the - `TuneModel` method. + Allow any ServingConfig to be show on any number of panels. + Example: `Panel1 candidates`: pdp_ctr, pdp_cvr, + home_page_ctr_no_diversity `Panel2 candidates`: + home_page_ctr_no_diversity, home_page_ctr_diversity, + pdp_cvr_no_diversity `Restriction` = NO_RESTRICTION `Valid + combinations`: * * (pdp_ctr, home_page_ctr_no_diversity) * + (pdp_ctr, home_page_ctr_diversity) * (pdp_ctr, + pdp_cvr_no_diversity) * (pdp_cvr, home_page_ctr_no_diversity) * + (pdp_cvr, home_page_ctr_diversity) * (pdp_cvr, + pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, + home_page_ctr_no_diversity) * (home_page_ctr_no_diversity, + home_page_ctr_diversity) * (home_page_ctr_no_diversity, + pdp_cvr_no_diversity) * `Invalid combinations`: [] - >- - The model cannot be tuned with periodic tuning OR the `TuneModel` - method. Hide the options in customer UI and reject any requests - through the backend self serve API. + Do not allow the same ServingConfig.name to be shown on multiple + panels. Example: `Panel1 candidates`: * pdp_ctr, pdp_cvr, + home_page_ctr_no_diversity * `Panel2 candidates`: * + home_page_ctr_no_diversity, home_page_ctr_diversity_low, + pdp_cvr_no_diversity * `Restriction` = + `UNIQUE_SERVING_CONFIG_RESTRICTION` `Valid combinations`: * * + (pdp_ctr, home_page_ctr_no_diversity) * (pdp_ctr, + home_page_ctr_diversity_low) * (pdp_ctr, pdp_cvr_no_diversity) * + (pdp_ctr, pdp_cvr_no_diversity) * (pdp_cvr, + home_page_ctr_no_diversity) * (pdp_cvr, + home_page_ctr_diversity_low) * (pdp_cvr, pdp_cvr_no_diversity) * + (home_page_ctr_no_diversity, home_page_ctr_diversity_low) * + (home_page_ctr_no_diversity, pdp_cvr_no_diversity) * `Invalid + combinations`: * * (home_page_ctr_no_diversity, + home_page_ctr_no_diversity) * - >- - The model has periodic tuning enabled. Tuning can be disabled by - calling the `DisableModelPeriodicTuning` method. + Do not allow multiple ServingConfigs with same Model.name to be + show on on different panels. Example: `Panel1 candidates`: * + pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 + candidates`: * home_page_ctr_no_diversity, + home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` + = `UNIQUE_MODEL_RESTRICTION` `Valid combinations`: * * (pdp_ctr, + home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * + (pdp_ctr, pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) + * (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, + home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, + pdp_cvr_no_diversity) * `Invalid combinations`: * * + (home_page_ctr_no_diversity, home_page_ctr_no_diversity) * + (pdp_cvr, pdp_cvr_no_diversity) * + - >- + Do not allow multiple ServingConfigs with same Model.type to be + shown on different panels. Example: `Panel1 candidates`: * + pdp_ctr, pdp_cvr, home_page_ctr_no_diversity * `Panel2 + candidates`: * home_page_ctr_no_diversity, + home_page_ctr_diversity_low, pdp_cvr_no_diversity * `Restriction` + = `UNIQUE_MODEL_RESTRICTION` `Valid combinations`: * * (pdp_ctr, + home_page_ctr_no_diversity) * (pdp_ctr, home_page_ctr_diversity) * + (pdp_cvr, home_page_ctr_no_diversity) * (pdp_cvr, + home_page_ctr_diversity_low) * (home_page_ctr_no_diversity, + pdp_cvr_no_diversity) * `Invalid combinations`: * * (pdp_ctr, + pdp_cvr_no_diversity) * (pdp_ctr, pdp_cvr_no_diversity) * + (pdp_cvr, pdp_cvr_no_diversity) * (home_page_ctr_no_diversity, + home_page_ctr_no_diversity) * (home_page_ctr_no_diversity, + home_page_ctr_diversity) * enum: - - PERIODIC_TUNING_STATE_UNSPECIFIED - - PERIODIC_TUNING_DISABLED - - ALL_TUNING_DISABLED - - PERIODIC_TUNING_ENABLED - lastTuneTime: - description: Output only. The timestamp when the latest successful tune finished. - readOnly: true + - RESTRICTION_UNSPECIFIED + - NO_RESTRICTION + - UNIQUE_SERVING_CONFIG_RESTRICTION + - UNIQUE_MODEL_RESTRICTION + - UNIQUE_MODEL_TYPE_RESTRICTION type: string - format: google-datetime - tuningOperation: description: >- - Output only. The tune operation associated with the model. Can be - used to determine if there is an ongoing tune for this - recommendation. Empty field implies no tune is goig on. - readOnly: true - type: string - dataState: + Optional. How to restrict results across panels e.g. can the same + ServingConfig be shown on multiple panels at once. If unspecified, + default to `UNIQUE_MODEL_RESTRICTION`. + type: object + id: GoogleCloudRetailV2alphaModelPageOptimizationConfig + GoogleCloudRetailV2alphaMerchantCenterAccountLinkMerchantCenterFeedFilter: + description: Merchant Center Feed filter criterion. + id: >- + GoogleCloudRetailV2alphaMerchantCenterAccountLinkMerchantCenterFeedFilter + type: object + properties: + primaryFeedId: + deprecated: true + format: int64 description: >- - Output only. The state of data requirements for this model: - `DATA_OK` and `DATA_ERROR`. Recommendation model cannot be trained - if the data is in `DATA_ERROR` state. Recommendation model can have - `DATA_ERROR` state even if serving state is `ACTIVE`: models were - trained successfully before, but cannot be refreshed because model - no longer has sufficient data for training. - readOnly: true + Merchant Center primary feed ID. Deprecated: use data_source_id + instead. type: string - enumDescriptions: - - Unspecified default value, should never be explicitly set. - - The model has sufficient training data. - - >- - The model does not have sufficient training data. Error messages - can be queried via Stackdriver. - enum: - - DATA_STATE_UNSPECIFIED - - DATA_OK - - DATA_ERROR - filteringOption: - description: >- - Optional. If `RECOMMENDATIONS_FILTERING_ENABLED`, recommendation - filtering by attributes is enabled for the model. + dataSourceId: + type: string + format: int64 + description: AFM data source ID. + primaryFeedName: type: string - enumDescriptions: - - >- - Value used when unset. In this case, server behavior defaults to - RECOMMENDATIONS_FILTERING_DISABLED. - - Recommendation filtering is disabled. - - Recommendation filtering is enabled. - enum: - - RECOMMENDATIONS_FILTERING_OPTION_UNSPECIFIED - - RECOMMENDATIONS_FILTERING_DISABLED - - RECOMMENDATIONS_FILTERING_ENABLED - servingConfigLists: description: >- - Output only. The list of valid serving configs associated with the - PageOptimizationConfig. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudRetailV2betaModelServingConfigList' - modelFeaturesConfig: - description: Optional. Additional model features config. - $ref: '#/components/schemas/GoogleCloudRetailV2betaModelModelFeaturesConfig' - GoogleCloudRetailV2betaModelServingConfigList: - id: GoogleCloudRetailV2betaModelServingConfigList - description: >- - Represents an ordered combination of valid serving configs, which can be - used for `PAGE_OPTIMIZATION` recommendations. + Merchant Center primary feed name. The name is used for the display + purposes only. + GoogleCloudRetailV2UserEventInputConfig: type: object + id: GoogleCloudRetailV2UserEventInputConfig + description: The input config source for user events. properties: - servingConfigIds: - description: >- - Optional. A set of valid serving configs that may be used for - `PAGE_OPTIMIZATION`. + userEventInlineSource: + description: Required. The Inline source for the input content for UserEvents. + $ref: '#/components/schemas/GoogleCloudRetailV2UserEventInlineSource' + gcsSource: + description: Required. Google Cloud Storage location for the input content. + $ref: '#/components/schemas/GoogleCloudRetailV2GcsSource' + bigQuerySource: + $ref: '#/components/schemas/GoogleCloudRetailV2BigQuerySource' + description: Required. BigQuery input source. + GoogleCloudRetailV2CompleteQueryResponseAttributeResult: + properties: + suggestions: + description: The list of suggestions for the attribute. type: array items: type: string - GoogleCloudRetailV2betaModelModelFeaturesConfig: - id: GoogleCloudRetailV2betaModelModelFeaturesConfig - description: Additional model features config. + id: GoogleCloudRetailV2CompleteQueryResponseAttributeResult type: object - properties: - frequentlyBoughtTogetherConfig: - description: Additional configs for frequently-bought-together models. - $ref: >- - #/components/schemas/GoogleCloudRetailV2betaModelFrequentlyBoughtTogetherFeaturesConfig - GoogleCloudRetailV2betaModelFrequentlyBoughtTogetherFeaturesConfig: - id: GoogleCloudRetailV2betaModelFrequentlyBoughtTogetherFeaturesConfig - description: Additional configs for the frequently-bought-together model type. + description: Resource that represents attribute results. + GoogleCloudRetailV2ConditionQueryTerm: + id: GoogleCloudRetailV2ConditionQueryTerm + description: Query terms that we want to match on. type: object properties: - contextProductsType: - description: >- - Optional. Specifies the context of the model when it is used in - predict requests. Can only be set for the - `frequently-bought-together` type. If it isn't specified, it - defaults to MULTIPLE_CONTEXT_PRODUCTS. + fullMatch: + type: boolean + description: Whether this is supposed to be a full or partial match. + value: type: string - enumDescriptions: - - >- - Unspecified default value, should never be explicitly set. - Defaults to MULTIPLE_CONTEXT_PRODUCTS. - - >- - Use only a single product as context for the recommendation. - Typically used on pages like add-to-cart or product details. - - >- - Use one or multiple products as context for the recommendation. - Typically used on shopping cart pages. - enum: - - CONTEXT_PRODUCTS_TYPE_UNSPECIFIED - - SINGLE_CONTEXT_PRODUCT - - MULTIPLE_CONTEXT_PRODUCTS - GoogleCloudRetailV2betaPurgeMetadata: - id: GoogleCloudRetailV2betaPurgeMetadata - description: >- - Metadata related to the progress of the Purge operation. This will be - returned by the google.longrunning.Operation.metadata field. - type: object - properties: {} - GoogleCloudRetailV2betaPurgeProductsMetadata: - id: GoogleCloudRetailV2betaPurgeProductsMetadata - description: >- - Metadata related to the progress of the PurgeProducts operation. This - will be returned by the google.longrunning.Operation.metadata field. + description: >- + The value of the term to match on. Value cannot be empty. Value can + have at most 3 terms if specified as a partial match. Each space + separated string is considered as one term. For example, "a b c" is + 3 terms and allowed, but " a b c d" is 4 terms and not allowed for a + partial match. + GoogleCloudRetailV2BigQuerySource: type: object properties: - createTime: - description: Operation create time. + dataSchema: type: string - format: google-datetime - updateTime: description: >- - Operation last update time. If the operation is done, this is also - the finish time. + The schema to use when parsing the data from the source. Supported + values for product imports: * `product` (default): One JSON Product + per line. Each product must have a valid Product.id. * + `product_merchant_center`: See [Importing catalog data from Merchant + Center](https://cloud.google.com/retail/recommendations-ai/docs/upload-catalog#mc). + Supported values for user events imports: * `user_event` (default): + One JSON UserEvent per line. * `user_event_ga360`: The schema is + available here: https://support.google.com/analytics/answer/3437719. + * `user_event_ga4`: The schema is available here: + https://support.google.com/analytics/answer/7029846. Supported + values for autocomplete imports: * `suggestions` (default): One JSON + completion suggestion per line. * `denylist`: One JSON deny + suggestion per line. * `allowlist`: One JSON allow suggestion per + line. + tableId: type: string - format: google-datetime - successCount: - description: Count of entries that were deleted successfully. + description: >- + Required. The BigQuery table to copy the data from with a length + limit of 1,024 characters. + datasetId: + description: >- + Required. The BigQuery data set to copy the data from with a length + limit of 1,024 characters. type: string - format: int64 - failureCount: - description: Count of entries that encountered errors while processing. + gcsStagingDir: + description: >- + Intermediate Cloud Storage directory used for the import with a + length limit of 2,000 characters. Can be specified if one wants to + have the BigQuery export to a specific Cloud Storage directory. type: string - format: int64 - GoogleCloudRetailV2betaPurgeProductsResponse: - id: GoogleCloudRetailV2betaPurgeProductsResponse + projectId: + description: >- + The project ID (can be project # or ID) that the BigQuery source is + in with a length limit of 128 characters. If not specified, inherits + the project ID from the parent request. + type: string + partitionDate: + description: >- + BigQuery time partitioned table's _PARTITIONDATE in YYYY-MM-DD + format. + $ref: '#/components/schemas/GoogleTypeDate' + description: BigQuery source import data from. + id: GoogleCloudRetailV2BigQuerySource + GoogleCloudRetailV2ListGenerativeQuestionConfigsResponse: + description: Response for ListQuestions method. + type: object + id: GoogleCloudRetailV2ListGenerativeQuestionConfigsResponse + properties: + generativeQuestionConfigs: + items: + $ref: '#/components/schemas/GoogleCloudRetailV2GenerativeQuestionConfig' + description: All the questions for a given catalog. + type: array + GoogleCloudRetailV2RuleReplacementAction: + properties: + term: + description: Will be [deprecated = true] post migration; + type: string + queryTerms: + description: >- + Terms from the search query. Will be replaced by replacement term. + Can specify up to 100 terms. + type: array + items: + type: string + replacementTerm: + type: string + description: Term that will be used for replacement. + description: >- + Replaces a term in the query. Multiple replacement candidates can be + specified. All `query_terms` will be replaced with the replacement term. + Example: Replace "gShoe" with "google shoe". + id: GoogleCloudRetailV2RuleReplacementAction + type: object + GoogleCloudRetailV2PurgeProductsResponse: description: >- Response of the PurgeProductsRequest. If the long running operation is successfully done, then this message is returned by the google.longrunning.Operations.response field. - type: object properties: purgeCount: description: The total count of products purged as a result of the operation. - type: string format: int64 + type: string purgeSample: description: >- A sample of the product names that will be deleted. Only populated @@ -7200,122 +7510,174 @@ components: type: array items: type: string - GoogleCloudRetailV2betaPurgeUserEventsResponse: - id: GoogleCloudRetailV2betaPurgeUserEventsResponse - description: >- - Response of the PurgeUserEventsRequest. If the long running operation is - successfully done, then this message is returned by the - google.longrunning.Operations.response field. + id: GoogleCloudRetailV2PurgeProductsResponse type: object + GoogleCloudRetailV2ConversationalSearchRequest: properties: - purgedEventsCount: - description: The total count of events purged as a result of the operation. + pageCategories: + type: array + items: + type: string + description: >- + Optional. The categories associated with a category page. Must be + set for category navigation queries to achieve good search quality. + The format should be the same as UserEvent.page_categories; To + represent full path of category, use '>' sign to separate different + hierarchies. If '>' is part of the category name, replace it with + other character(s). Category pages include special pages such as + sales or promotions. For instance, a special sale page may have the + category hierarchy: "pageCategories" : ["Sales > 2017 Black Friday + Deals"]. + userInfo: + description: Optional. User information. + $ref: '#/components/schemas/GoogleCloudRetailV2UserInfo' + conversationalFilteringSpec: + $ref: >- + #/components/schemas/GoogleCloudRetailV2ConversationalSearchRequestConversationalFilteringSpec + description: >- + Optional. This field specifies all conversational filtering related + parameters. + query: + description: >- + Optional. Raw search query to be searched for. If this field is + empty, the request is considered a category browsing request. type: string - format: int64 - GoogleCloudRetailV2betaRejoinUserEventsMetadata: - id: GoogleCloudRetailV2betaRejoinUserEventsMetadata - description: Metadata for `RejoinUserEvents` method. - type: object - properties: {} - GoogleCloudRetailV2betaRejoinUserEventsResponse: - id: GoogleCloudRetailV2betaRejoinUserEventsResponse - description: Response message for `RejoinUserEvents` method. - type: object - properties: - rejoinedUserEventsCount: - description: Number of user events that were joined with latest product catalog. + branch: type: string - format: int64 - GoogleCloudRetailV2betaRemoveFulfillmentPlacesMetadata: - id: GoogleCloudRetailV2betaRemoveFulfillmentPlacesMetadata - description: >- - Metadata related to the progress of the RemoveFulfillmentPlaces - operation. Currently empty because there is no meaningful metadata - populated from the ProductService.RemoveFulfillmentPlaces method. - type: object - properties: {} - GoogleCloudRetailV2betaRemoveFulfillmentPlacesResponse: - id: GoogleCloudRetailV2betaRemoveFulfillmentPlacesResponse - description: >- - Response of the RemoveFulfillmentPlacesRequest. Currently empty because - there is no meaningful response populated from the - ProductService.RemoveFulfillmentPlaces method. - type: object - properties: {} - GoogleCloudRetailV2betaRemoveLocalInventoriesMetadata: - id: GoogleCloudRetailV2betaRemoveLocalInventoriesMetadata - description: >- - Metadata related to the progress of the RemoveLocalInventories - operation. Currently empty because there is no meaningful metadata - populated from the ProductService.RemoveLocalInventories method. - type: object - properties: {} - GoogleCloudRetailV2betaRemoveLocalInventoriesResponse: - id: GoogleCloudRetailV2betaRemoveLocalInventoriesResponse - description: >- - Response of the ProductService.RemoveLocalInventories API. Currently - empty because there is no meaningful response populated from the - ProductService.RemoveLocalInventories method. - type: object - properties: {} - GoogleCloudRetailV2betaSetInventoryMetadata: - id: GoogleCloudRetailV2betaSetInventoryMetadata - description: >- - Metadata related to the progress of the SetInventory operation. - Currently empty because there is no meaningful metadata populated from - the ProductService.SetInventory method. + description: >- + Required. The branch resource name, such as + `projects/*/locations/global/catalogs/default_catalog/branches/0`. + Use "default_branch" as the branch ID or leave this field empty, to + search products under the default branch. + safetySettings: + items: + $ref: '#/components/schemas/GoogleCloudRetailV2SafetySetting' + description: >- + Optional. The safety settings to be applied to the generated + content. + type: array + searchParams: + description: Optional. Search parameters. + $ref: >- + #/components/schemas/GoogleCloudRetailV2ConversationalSearchRequestSearchParams + visitorId: + type: string + description: >- + Required. A unique identifier for tracking visitors. For example, + this could be implemented with an HTTP cookie, which should be able + to uniquely identify a visitor on a single device. This unique + identifier should not change if the visitor logs in or out of the + website. This should be the same identifier as UserEvent.visitor_id. + The field must be a UTF-8 encoded string with a length limit of 128 + characters. Otherwise, an INVALID_ARGUMENT error is returned. + conversationId: + type: string + description: >- + Optional. This field specifies the conversation id, which maintains + the state of the conversation between client side and server side. + Use the value from the previous + ConversationalSearchResponse.conversation_id. For the initial + request, this should be empty. + userLabels: + description: >- + Optional. The user labels applied to a resource must meet the + following requirements: * Each resource can have multiple labels, up + to a maximum of 64. * Each label must be a key-value pair. * Keys + have a minimum length of 1 character and a maximum length of 63 + characters and cannot be empty. Values can be empty and have a + maximum length of 63 characters. * Keys and values can contain only + lowercase letters, numeric characters, underscores, and dashes. All + characters must use UTF-8 encoding, and international characters are + allowed. * The key portion of a label must be unique. However, you + can use the same key with multiple resources. * Keys must start with + a lowercase letter or international character. See [Google Cloud + Document](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements) + for more details. + type: object + additionalProperties: + type: string + id: GoogleCloudRetailV2ConversationalSearchRequest type: object - properties: {} - GoogleCloudRetailV2betaSetInventoryResponse: - id: GoogleCloudRetailV2betaSetInventoryResponse description: >- - Response of the SetInventoryRequest. Currently empty because there is no - meaningful response populated from the ProductService.SetInventory + Request message for ConversationalSearchService.ConversationalSearch method. + GoogleCloudRetailV2SearchRequestPersonalizationSpec: + properties: + mode: + enum: + - MODE_UNSPECIFIED + - AUTO + - DISABLED + type: string + description: Defaults to Mode.AUTO. + enumDescriptions: + - >- + Default value. In this case, server behavior defaults to + Mode.AUTO. + - >- + Let CRS decide whether to use personalization based on quality of + user event data. + - Disable personalization. + id: GoogleCloudRetailV2SearchRequestPersonalizationSpec type: object - properties: {} - GoogleCloudRetailV2betaTuneModelMetadata: - id: GoogleCloudRetailV2betaTuneModelMetadata - description: Metadata associated with a tune operation. + description: The specification for personalization. + GoogleCloudRetailV2BatchUpdateGenerativeQuestionConfigsResponse: + properties: + generativeQuestionConfigs: + items: + $ref: '#/components/schemas/GoogleCloudRetailV2GenerativeQuestionConfig' + description: Optional. The updates question configs. + type: array + id: GoogleCloudRetailV2BatchUpdateGenerativeQuestionConfigsResponse + description: Aggregated response for UpdateGenerativeQuestionConfig method. + type: object + GoogleApiHttpBody: type: object + description: >- + Message that represents an arbitrary HTTP body. It should only be used + for payload formats that can't be represented as JSON, such as raw + binary or an HTML page. This message can be used both in streaming and + non-streaming API methods in the request as well as the response. It can + be used as a top-level request field, which is convenient if one wants + to extract parameters from either the URL or HTTP template into the + request fields and also want access to the raw HTTP body. Example: + message GetResourceRequest { // A unique request id. string request_id = + 1; // The raw HTTP body is bound to this field. google.api.HttpBody + http_body = 2; } service ResourceService { rpc + GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc + UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } + Example with streaming methods: service CaldavService { rpc + GetCalendar(stream google.api.HttpBody) returns (stream + google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) + returns (stream google.api.HttpBody); } Use of this type only changes + how the request and response bodies are handled, all other features will + continue to work unchanged. properties: - model: + extensions: + type: array + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - The resource name of the model that this tune applies to. Format: - `projects/{project_number}/locations/{location_id}/catalogs/{catalog_id}/models/{model_id}` + Application specific response metadata. Must be set in the first + response for streaming APIs. + contentType: + description: >- + The HTTP Content-Type header value specifying the content type of + the body. type: string - GoogleCloudRetailV2betaTuneModelResponse: - id: GoogleCloudRetailV2betaTuneModelResponse - description: Response associated with a tune operation. - type: object - properties: {} + data: + type: string + description: The HTTP request/response body as raw binary. + format: byte + id: GoogleApiHttpBody parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: fields + name: uploadType schema: type: string key: @@ -7339,6 +7701,43 @@ components: name: prettyPrint schema: type: boolean + callback: + description: JSONP + in: query + name: callback + schema: + type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string + alt: + description: Data format for response. + in: query + name: alt + schema: + type: string + enum: + - json + - media + - proto quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -7353,365 +7752,190 @@ components: in: query name: upload_protocol schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - _.xgafv: - description: V1 error format. - in: query - name: $.xgafv - schema: - type: string - enum: - - '1' - - '2' - x-stackQL-resources: - operations: - id: google.retail.operations - name: operations - title: Operations - methods: - projects_locations_operations_list: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_operations_get: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_catalogs_operations_list: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_locations_catalogs_operations_get: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_catalogs_branches_operations_get: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_operations_list: - operation: - $ref: '#/paths/~1v2~1projects~1{projectsId}~1operations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - projects_operations_get: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_catalogs_branches_operations_get - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_catalogs_operations_get - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_catalogs_operations_list - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_locations_operations_list - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_operations_get - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_operations_list - insert: [] - update: [] - replace: [] - delete: [] - catalogs: - id: google.retail.catalogs - name: catalogs - title: Catalogs - methods: - projects_locations_catalogs_export_analytics_metrics: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}:exportAnalyticsMetrics/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_catalogs_list: + type: string + x-stackQL-resources: + operations: + id: google.retail.operations + name: operations + title: Operations + methods: + projects_locations_operations_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.catalogs - projects_locations_catalogs_patch: + objectKey: $.operations + projects_locations_operations_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_set_default_branch: + projects_locations_catalogs_branches_operations_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}:setDefaultBranch/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_complete_query: + projects_locations_catalogs_operations_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}:completeQuery/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/catalogs/methods/projects_locations_catalogs_list - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/catalogs/methods/projects_locations_catalogs_patch - replace: [] - delete: [] - catalogs_default_branch: - id: google.retail.catalogs_default_branch - name: catalogs_default_branch - title: Catalogs_default_branch - methods: - projects_locations_catalogs_get_default_branch: + objectKey: $.operations + projects_locations_catalogs_operations_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}:getDefaultBranch/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/catalogs_default_branch/methods/projects_locations_catalogs_get_default_branch - insert: [] - update: [] - replace: [] - delete: [] - catalogs_completion_config: - id: google.retail.catalogs_completion_config - name: catalogs_completion_config - title: Catalogs_completion_config - methods: - projects_locations_catalogs_get_completion_config: + projects_operations_list: operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1completionConfig/get + $ref: '#/paths/~1v2~1projects~1{projectsId}~1operations/get' response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_update_completion_config: + objectKey: $.operations + projects_operations_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1completionConfig/patch + #/paths/~1v2~1projects~1{projectsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/catalogs_completion_config/methods/projects_locations_catalogs_get_completion_config - insert: [] - update: + #/components/x-stackQL-resources/operations/methods/projects_locations_catalogs_branches_operations_get - $ref: >- - #/components/x-stackQL-resources/catalogs_completion_config/methods/projects_locations_catalogs_update_completion_config - replace: [] - delete: [] - catalogs_attributes_config: - id: google.retail.catalogs_attributes_config - name: catalogs_attributes_config - title: Catalogs_attributes_config - methods: - projects_locations_catalogs_get_attributes_config: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1attributesConfig/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_catalogs_update_attributes_config: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1attributesConfig/patch - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: + #/components/x-stackQL-resources/operations/methods/projects_locations_catalogs_operations_get - $ref: >- - #/components/x-stackQL-resources/catalogs_attributes_config/methods/projects_locations_catalogs_get_attributes_config - insert: [] - update: + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_get - $ref: >- - #/components/x-stackQL-resources/catalogs_attributes_config/methods/projects_locations_catalogs_update_attributes_config - replace: [] - delete: [] - catalogs_generative_question_feature: - id: google.retail.catalogs_generative_question_feature - name: catalogs_generative_question_feature - title: Catalogs_generative_question_feature - methods: - projects_locations_catalogs_update_generative_question_feature: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1generativeQuestionFeature/patch - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_catalogs_get_generative_question_feature: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1generativeQuestionFeature/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: + #/components/x-stackQL-resources/operations/methods/projects_locations_catalogs_operations_list - $ref: >- - #/components/x-stackQL-resources/catalogs_generative_question_feature/methods/projects_locations_catalogs_get_generative_question_feature - insert: [] - update: + #/components/x-stackQL-resources/operations/methods/projects_locations_operations_list - $ref: >- - #/components/x-stackQL-resources/catalogs_generative_question_feature/methods/projects_locations_catalogs_update_generative_question_feature + #/components/x-stackQL-resources/operations/methods/projects_operations_get + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_operations_list + insert: [] + update: [] replace: [] delete: [] - catalogs_generative_question: - id: google.retail.catalogs_generative_question - name: catalogs_generative_question - title: Catalogs_generative_question + completion_data: + id: google.retail.completion_data + name: completion_data + title: Completion_data methods: - projects_locations_catalogs_update_generative_question: + projects_locations_catalogs_completion_data_import: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1generativeQuestion/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1completionData:import/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: [] insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/catalogs_generative_question/methods/projects_locations_catalogs_update_generative_question + update: [] replace: [] delete: [] - catalogs_conversational_search_customization_config: - id: google.retail.catalogs_conversational_search_customization_config - name: catalogs_conversational_search_customization_config - title: Catalogs_conversational_search_customization_config + products_local_inventories: + id: google.retail.products_local_inventories + name: products_local_inventories + title: Products_local_inventories methods: - projects_locations_catalogs_get_conversational_search_customization_config: + projects_locations_catalogs_branches_products_add_local_inventories: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1conversationalSearchCustomizationConfig/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products~1{productsId}:addLocalInventories/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_update_conversational_search_customization_config: + projects_locations_catalogs_branches_products_remove_local_inventories: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1conversationalSearchCustomizationConfig/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products~1{productsId}:removeLocalInventories/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/catalogs_conversational_search_customization_config/methods/projects_locations_catalogs_get_conversational_search_customization_config - insert: [] - update: + select: [] + insert: - $ref: >- - #/components/x-stackQL-resources/catalogs_conversational_search_customization_config/methods/projects_locations_catalogs_update_conversational_search_customization_config + #/components/x-stackQL-resources/products_local_inventories/methods/projects_locations_catalogs_branches_products_add_local_inventories + update: [] replace: [] - delete: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/products_local_inventories/methods/projects_locations_catalogs_branches_products_remove_local_inventories products: id: google.retail.products name: products title: Products methods: - projects_locations_catalogs_branches_products_create: + projects_locations_catalogs_branches_products_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_branches_products_list: + objectKey: $.products + projects_locations_catalogs_branches_products_create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.products - projects_locations_catalogs_branches_products_get: + projects_locations_catalogs_branches_products_import: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products~1{productsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products:import/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_branches_products_patch: + projects_locations_catalogs_branches_products_set_inventory: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products~1{productsId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products~1{productsId}:setInventory/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_branches_products_delete: + projects_locations_catalogs_branches_products_patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products~1{productsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products~1{productsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_branches_products_purge: + projects_locations_catalogs_branches_products_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products:purge/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products~1{productsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_branches_products_import: + projects_locations_catalogs_branches_products_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products:import/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products~1{productsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_branches_products_set_inventory: + projects_locations_catalogs_branches_products_purge: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products~1{productsId}:setInventory/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products:purge/post response: mediaType: application/json openAPIDocKey: '200' @@ -7736,17 +7960,17 @@ components: name: products_fulfillment_places title: Products_fulfillment_places methods: - projects_locations_catalogs_branches_products_add_fulfillment_places: + projects_locations_catalogs_branches_products_remove_fulfillment_places: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products~1{productsId}:addFulfillmentPlaces/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products~1{productsId}:removeFulfillmentPlaces/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_branches_products_remove_fulfillment_places: + projects_locations_catalogs_branches_products_add_fulfillment_places: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products~1{productsId}:removeFulfillmentPlaces/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products~1{productsId}:addFulfillmentPlaces/post response: mediaType: application/json openAPIDocKey: '200' @@ -7760,22 +7984,42 @@ components: delete: - $ref: >- #/components/x-stackQL-resources/products_fulfillment_places/methods/projects_locations_catalogs_branches_products_remove_fulfillment_places - products_local_inventories: - id: google.retail.products_local_inventories - name: products_local_inventories - title: Products_local_inventories + attributes_config: + id: google.retail.attributes_config + name: attributes_config + title: Attributes_config methods: - projects_locations_catalogs_branches_products_add_local_inventories: + projects_locations_catalogs_attributes_config_replace_catalog_attribute: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products~1{productsId}:addLocalInventories/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1attributesConfig:replaceCatalogAttribute/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_branches_products_remove_local_inventories: + sqlVerbs: + select: [] + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/attributes_config/methods/projects_locations_catalogs_attributes_config_replace_catalog_attribute + delete: [] + attributes_config_catalog_attribute: + id: google.retail.attributes_config_catalog_attribute + name: attributes_config_catalog_attribute + title: Attributes_config_catalog_attribute + methods: + projects_locations_catalogs_attributes_config_remove_catalog_attribute: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1attributesConfig:removeCatalogAttribute/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_catalogs_attributes_config_add_catalog_attribute: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1branches~1{branchesId}~1products~1{productsId}:removeLocalInventories/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1attributesConfig:addCatalogAttribute/post response: mediaType: application/json openAPIDocKey: '200' @@ -7783,138 +8027,152 @@ components: select: [] insert: - $ref: >- - #/components/x-stackQL-resources/products_local_inventories/methods/projects_locations_catalogs_branches_products_add_local_inventories + #/components/x-stackQL-resources/attributes_config_catalog_attribute/methods/projects_locations_catalogs_attributes_config_add_catalog_attribute update: [] replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/products_local_inventories/methods/projects_locations_catalogs_branches_products_remove_local_inventories - attributes_config_catalog_attribute: - id: google.retail.attributes_config_catalog_attribute - name: attributes_config_catalog_attribute - title: Attributes_config_catalog_attribute + #/components/x-stackQL-resources/attributes_config_catalog_attribute/methods/projects_locations_catalogs_attributes_config_remove_catalog_attribute + placements: + id: google.retail.placements + name: placements + title: Placements methods: - projects_locations_catalogs_attributes_config_add_catalog_attribute: + projects_locations_catalogs_placements_predict: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1attributesConfig:addCatalogAttribute/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1placements~1{placementsId}:predict/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_attributes_config_remove_catalog_attribute: + projects_locations_catalogs_placements_search: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1attributesConfig:removeCatalogAttribute/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1placements~1{placementsId}:search/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_catalogs_placements_conversational_search: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1placements~1{placementsId}:conversationalSearch/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: [] - insert: - - $ref: >- - #/components/x-stackQL-resources/attributes_config_catalog_attribute/methods/projects_locations_catalogs_attributes_config_add_catalog_attribute + insert: [] update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/attributes_config_catalog_attribute/methods/projects_locations_catalogs_attributes_config_remove_catalog_attribute - attributes_config: - id: google.retail.attributes_config - name: attributes_config - title: Attributes_config + delete: [] + generative_question: + id: google.retail.generative_question + name: generative_question + title: Generative_question methods: - projects_locations_catalogs_attributes_config_replace_catalog_attribute: + projects_locations_catalogs_generative_question_batch_update: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1attributesConfig:replaceCatalogAttribute/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1generativeQuestion:batchUpdate/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: [] insert: [] - update: [] - replace: + update: - $ref: >- - #/components/x-stackQL-resources/attributes_config/methods/projects_locations_catalogs_attributes_config_replace_catalog_attribute + #/components/x-stackQL-resources/generative_question/methods/projects_locations_catalogs_generative_question_batch_update + replace: [] delete: [] - placements: - id: google.retail.placements - name: placements - title: Placements + serving_configs_control: + id: google.retail.serving_configs_control + name: serving_configs_control + title: Serving_configs_control methods: - projects_locations_catalogs_placements_search: + projects_locations_catalogs_serving_configs_remove_control: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1placements~1{placementsId}:search/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs~1{servingConfigsId}:removeControl/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_placements_predict: + projects_locations_catalogs_serving_configs_add_control: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1placements~1{placementsId}:predict/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs~1{servingConfigsId}:addControl/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: [] - insert: [] + insert: + - $ref: >- + #/components/x-stackQL-resources/serving_configs_control/methods/projects_locations_catalogs_serving_configs_add_control update: [] replace: [] - delete: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/serving_configs_control/methods/projects_locations_catalogs_serving_configs_remove_control serving_configs: id: google.retail.serving_configs name: serving_configs title: Serving_configs methods: - projects_locations_catalogs_serving_configs_search: + projects_locations_catalogs_serving_configs_predict: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs~1{servingConfigsId}:search/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs~1{servingConfigsId}:predict/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_serving_configs_predict: + projects_locations_catalogs_serving_configs_delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs~1{servingConfigsId}:predict/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs~1{servingConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_serving_configs_create: + projects_locations_catalogs_serving_configs_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs~1{servingConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_serving_configs_list: + projects_locations_catalogs_serving_configs_patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs~1{servingConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.servingConfigs - projects_locations_catalogs_serving_configs_delete: + projects_locations_catalogs_serving_configs_create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs~1{servingConfigsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_serving_configs_patch: + projects_locations_catalogs_serving_configs_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs~1{servingConfigsId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_serving_configs_get: + objectKey: $.servingConfigs + projects_locations_catalogs_serving_configs_search: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs~1{servingConfigsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs~1{servingConfigsId}:search/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_catalogs_serving_configs_conversational_search: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs~1{servingConfigsId}:conversationalSearch/post response: mediaType: application/json openAPIDocKey: '200' @@ -7934,44 +8192,43 @@ components: delete: - $ref: >- #/components/x-stackQL-resources/serving_configs/methods/projects_locations_catalogs_serving_configs_delete - serving_configs_control: - id: google.retail.serving_configs_control - name: serving_configs_control - title: Serving_configs_control + user_events: + id: google.retail.user_events + name: user_events + title: User_events methods: - projects_locations_catalogs_serving_configs_add_control: + projects_locations_catalogs_user_events_import: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs~1{servingConfigsId}:addControl/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1userEvents:import/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_serving_configs_remove_control: + projects_locations_catalogs_user_events_rejoin: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1servingConfigs~1{servingConfigsId}:removeControl/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1userEvents:rejoin/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: - - $ref: >- - #/components/x-stackQL-resources/serving_configs_control/methods/projects_locations_catalogs_serving_configs_add_control - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/serving_configs_control/methods/projects_locations_catalogs_serving_configs_remove_control - completion_data: - id: google.retail.completion_data - name: completion_data - title: Completion_data - methods: - projects_locations_catalogs_completion_data_import: + projects_locations_catalogs_user_events_write: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1completionData:import/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1userEvents:write/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_catalogs_user_events_purge: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1userEvents:purge/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_catalogs_user_events_collect: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1userEvents:collect/post response: mediaType: application/json openAPIDocKey: '200' @@ -7986,10 +8243,24 @@ components: name: controls title: Controls methods: - projects_locations_catalogs_controls_create: + projects_locations_catalogs_controls_get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1controls/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1controls~1{controlsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_catalogs_controls_delete: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1controls~1{controlsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_catalogs_controls_patch: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1controls~1{controlsId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -8001,43 +8272,107 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.controls - projects_locations_catalogs_controls_delete: + projects_locations_catalogs_controls_create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1controls~1{controlsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1controls/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_controls_patch: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/controls/methods/projects_locations_catalogs_controls_get + - $ref: >- + #/components/x-stackQL-resources/controls/methods/projects_locations_catalogs_controls_list + insert: + - $ref: >- + #/components/x-stackQL-resources/controls/methods/projects_locations_catalogs_controls_create + update: + - $ref: >- + #/components/x-stackQL-resources/controls/methods/projects_locations_catalogs_controls_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/controls/methods/projects_locations_catalogs_controls_delete + models: + id: google.retail.models + name: models + title: Models + methods: + projects_locations_catalogs_models_resume: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1controls~1{controlsId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1models~1{modelsId}:resume/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_controls_get: + projects_locations_catalogs_models_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1controls~1{controlsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1models/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.models + projects_locations_catalogs_models_create: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1models/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_catalogs_models_tune: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1models~1{modelsId}:tune/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_catalogs_models_pause: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1models~1{modelsId}:pause/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_catalogs_models_delete: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1models~1{modelsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_catalogs_models_patch: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1models~1{modelsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_catalogs_models_get: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1models~1{modelsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_catalogs_controls_get + #/components/x-stackQL-resources/models/methods/projects_locations_catalogs_models_get - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_catalogs_controls_list + #/components/x-stackQL-resources/models/methods/projects_locations_catalogs_models_list insert: - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_catalogs_controls_create + #/components/x-stackQL-resources/models/methods/projects_locations_catalogs_models_create update: - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_catalogs_controls_patch + #/components/x-stackQL-resources/models/methods/projects_locations_catalogs_models_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/controls/methods/projects_locations_catalogs_controls_delete + #/components/x-stackQL-resources/models/methods/projects_locations_catalogs_models_delete generative_questions: id: google.retail.generative_questions name: generative_questions @@ -8058,164 +8393,227 @@ components: update: [] replace: [] delete: [] - generative_question: - id: google.retail.generative_question - name: generative_question - title: Generative_question + catalogs: + id: google.retail.catalogs + name: catalogs + title: Catalogs methods: - projects_locations_catalogs_generative_question_batch_update: + projects_locations_catalogs_export_analytics_metrics: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1generativeQuestion:batchUpdate/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}:exportAnalyticsMetrics/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/generative_question/methods/projects_locations_catalogs_generative_question_batch_update - replace: [] - delete: [] - models: - id: google.retail.models - name: models - title: Models - methods: - projects_locations_catalogs_models_create: + projects_locations_catalogs_patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1models/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_models_list: + projects_locations_catalogs_set_default_branch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1models/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}:setDefaultBranch/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.models - projects_locations_catalogs_models_get: + projects_locations_catalogs_list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1models~1{modelsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_models_delete: + objectKey: $.catalogs + projects_locations_catalogs_complete_query: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1models~1{modelsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}:completeQuery/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_models_patch: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/catalogs/methods/projects_locations_catalogs_list + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/catalogs/methods/projects_locations_catalogs_patch + replace: [] + delete: [] + catalogs_generative_question_feature: + id: google.retail.catalogs_generative_question_feature + name: catalogs_generative_question_feature + title: Catalogs_generative_question_feature + methods: + projects_locations_catalogs_get_generative_question_feature: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1models~1{modelsId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1generativeQuestionFeature/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_models_pause: + projects_locations_catalogs_update_generative_question_feature: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1models~1{modelsId}:pause/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1generativeQuestionFeature/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_models_resume: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/catalogs_generative_question_feature/methods/projects_locations_catalogs_get_generative_question_feature + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/catalogs_generative_question_feature/methods/projects_locations_catalogs_update_generative_question_feature + replace: [] + delete: [] + catalogs_default_branch: + id: google.retail.catalogs_default_branch + name: catalogs_default_branch + title: Catalogs_default_branch + methods: + projects_locations_catalogs_get_default_branch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1models~1{modelsId}:resume/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}:getDefaultBranch/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_models_tune: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/catalogs_default_branch/methods/projects_locations_catalogs_get_default_branch + insert: [] + update: [] + replace: [] + delete: [] + catalogs_completion_config: + id: google.retail.catalogs_completion_config + name: catalogs_completion_config + title: Catalogs_completion_config + methods: + projects_locations_catalogs_get_completion_config: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1models~1{modelsId}:tune/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1completionConfig/get + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_catalogs_update_completion_config: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1completionConfig/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/models/methods/projects_locations_catalogs_models_get - - $ref: >- - #/components/x-stackQL-resources/models/methods/projects_locations_catalogs_models_list - insert: - - $ref: >- - #/components/x-stackQL-resources/models/methods/projects_locations_catalogs_models_create + #/components/x-stackQL-resources/catalogs_completion_config/methods/projects_locations_catalogs_get_completion_config + insert: [] update: - $ref: >- - #/components/x-stackQL-resources/models/methods/projects_locations_catalogs_models_patch + #/components/x-stackQL-resources/catalogs_completion_config/methods/projects_locations_catalogs_update_completion_config replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/models/methods/projects_locations_catalogs_models_delete - user_events: - id: google.retail.user_events - name: user_events - title: User_events + delete: [] + catalogs_conversational_search_customization_config: + id: google.retail.catalogs_conversational_search_customization_config + name: catalogs_conversational_search_customization_config + title: Catalogs_conversational_search_customization_config methods: - projects_locations_catalogs_user_events_write: + projects_locations_catalogs_update_conversational_search_customization_config: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1userEvents:write/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1conversationalSearchCustomizationConfig/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_user_events_collect: + projects_locations_catalogs_get_conversational_search_customization_config: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1userEvents:collect/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1conversationalSearchCustomizationConfig/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_user_events_purge: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/catalogs_conversational_search_customization_config/methods/projects_locations_catalogs_get_conversational_search_customization_config + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/catalogs_conversational_search_customization_config/methods/projects_locations_catalogs_update_conversational_search_customization_config + replace: [] + delete: [] + catalogs_generative_question: + id: google.retail.catalogs_generative_question + name: catalogs_generative_question + title: Catalogs_generative_question + methods: + projects_locations_catalogs_update_generative_question: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1userEvents:purge/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1generativeQuestion/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_user_events_import: + sqlVerbs: + select: [] + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/catalogs_generative_question/methods/projects_locations_catalogs_update_generative_question + replace: [] + delete: [] + catalogs_attributes_config: + id: google.retail.catalogs_attributes_config + name: catalogs_attributes_config + title: Catalogs_attributes_config + methods: + projects_locations_catalogs_update_attributes_config: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1userEvents:import/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1attributesConfig/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_catalogs_user_events_rejoin: + projects_locations_catalogs_get_attributes_config: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1userEvents:rejoin/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1catalogs~1{catalogsId}~1attributesConfig/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] + select: + - $ref: >- + #/components/x-stackQL-resources/catalogs_attributes_config/methods/projects_locations_catalogs_get_attributes_config insert: [] - update: [] + update: + - $ref: >- + #/components/x-stackQL-resources/catalogs_attributes_config/methods/projects_locations_catalogs_update_attributes_config replace: [] delete: [] paths: /v2/projects/{projectsId}/locations/{locationsId}/operations: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' get: description: >- Lists operations that match the specified filter in the request. If the @@ -8244,27 +8642,76 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: retail.projects.locations.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/completionData:import: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: retail.projects.locations.operations.get + Bulk import of processed completion dataset. Request processing is + asynchronous. Partial updating is not supported. The operation is + successfully finished only after the imported suggestions are indexed + successfully and ready for serving. The process takes hours. This + feature is only available for users who have Retail Search enabled. + Enable Retail Search on Cloud Console before using this feature. + operationId: retail.projects.locations.catalogs.completionData.import + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudRetailV2ImportCompletionDataRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8289,24 +8736,35 @@ paths: schema: type: string - in: path - name: operationsId + name: catalogsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}:exportAnalyticsMetrics: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:addLocalInventories: parameters: *ref_1 post: description: >- - Exports analytics metrics. `Operation.response` is of type - `ExportAnalyticsMetricsResponse`. `Operation.metadata` is of type - `ExportMetadata`. - operationId: retail.projects.locations.catalogs.exportAnalyticsMetrics + Updates local inventory information for a Product at a list of places, + while respecting the last update timestamps of each inventory field. + This process is asynchronous and does not require the Product to exist + before updating inventory information. If the request is valid, the + update will be enqueued and processed downstream. As a consequence, when + a response is returned, updates are not immediately manifested in the + Product queried by ProductService.GetProduct or + ProductService.ListProducts. Local inventory information can only be + modified using this method. ProductService.CreateProduct and + ProductService.UpdateProduct has no effect on local inventories. The + returned Operations will be obsolete after 1 day, and GetOperation API + will return NOT_FOUND afterwards. If conflicting updates are issued, the + Operations associated with the stale updates will not be marked as done + until being obsolete. + operationId: retail.projects.locations.catalogs.branches.products.addLocalInventories requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRetailV2ExportAnalyticsMetricsRequest + #/components/schemas/GoogleCloudRetailV2AddLocalInventoriesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8335,11 +8793,21 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs: + - in: path + name: branchesId + required: true + schema: + type: string + - in: path + name: productsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products: parameters: *ref_1 get: - description: Lists all the Catalogs associated with the project. - operationId: retail.projects.locations.catalogs.list + description: Gets a list of Products. + operationId: retail.projects.locations.catalogs.branches.products.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8351,7 +8819,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2ListCatalogsResponse' + $ref: '#/components/schemas/GoogleCloudRetailV2ListProductsResponse' parameters: - in: path name: projectsId @@ -8363,6 +8831,25 @@ paths: required: true schema: type: string + - in: path + name: catalogsId + required: true + schema: + type: string + - in: path + name: branchesId + required: true + schema: + type: string + - in: query + name: readMask + schema: + type: string + format: google-fieldmask + - in: query + name: filter + schema: + type: string - in: query name: pageSize schema: @@ -8372,16 +8859,14 @@ paths: name: pageToken schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}: - parameters: *ref_1 - patch: - description: Updates the Catalogs. - operationId: retail.projects.locations.catalogs.patch + post: + description: Creates a Product. + operationId: retail.projects.locations.catalogs.branches.products.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Catalog' + $ref: '#/components/schemas/GoogleCloudRetailV2Product' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8393,7 +8878,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Catalog' + $ref: '#/components/schemas/GoogleCloudRetailV2Product' parameters: - in: path name: projectsId @@ -8410,42 +8895,28 @@ paths: required: true schema: type: string + - in: path + name: branchesId + required: true + schema: + type: string - in: query - name: updateMask + name: productId schema: type: string - format: google-fieldmask - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}:setDefaultBranch: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products:import: parameters: *ref_1 post: description: >- - Set a specified branch id as default branch. API methods such as - SearchService.Search, ProductService.GetProduct, - ProductService.ListProducts will treat requests using "default_branch" - to the actual branch id set as default. For example, if - `projects/*/locations/*/catalogs/*/branches/1` is set as default, - setting SearchRequest.branch to - `projects/*/locations/*/catalogs/*/branches/default_branch` is - equivalent to setting SearchRequest.branch to - `projects/*/locations/*/catalogs/*/branches/1`. Using multiple branches - can be useful when developers would like to have a staging branch to - test and verify for future usage. When it becomes ready, developers - switch on the staging branch using this API while keeping using - `projects/*/locations/*/catalogs/*/branches/default_branch` as - SearchRequest.branch to route the traffic to this staging branch. - CAUTION: If you have live predict/search traffic, switching the default - branch could potentially cause outages if the ID space of the new branch - is very different from the old one. More specifically: * - PredictionService will only return product IDs from branch {newBranch}. - * SearchService will only return product IDs from branch {newBranch} (if - branch is not explicitly set). * UserEventService will only join events - with products from branch {newBranch}. - operationId: retail.projects.locations.catalogs.setDefaultBranch + Bulk import of multiple Products. Request processing may be synchronous. + Non-existing items are created. Note that it is possible for a subset of + the Products to be successfully updated. + operationId: retail.projects.locations.catalogs.branches.products.import requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2SetDefaultBranchRequest' + $ref: '#/components/schemas/GoogleCloudRetailV2ImportProductsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8457,7 +8928,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -8474,13 +8945,38 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}:getDefaultBranch: + - in: path + name: branchesId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:removeFulfillmentPlaces: parameters: *ref_1 - get: + post: description: >- - Get which branch is currently default branch set by - CatalogService.SetDefaultBranch method under a specified parent catalog. - operationId: retail.projects.locations.catalogs.getDefaultBranch + We recommend that you use the ProductService.RemoveLocalInventories + method instead of the ProductService.RemoveFulfillmentPlaces method. + ProductService.RemoveLocalInventories achieves the same results but + provides more fine-grained control over ingesting local inventory data. + Incrementally removes place IDs from a + Product.fulfillment_info.place_ids. This process is asynchronous and + does not require the Product to exist before updating fulfillment + information. If the request is valid, the update will be enqueued and + processed downstream. As a consequence, when a response is returned, the + removed place IDs are not immediately manifested in the Product queried + by ProductService.GetProduct or ProductService.ListProducts. The + returned Operations will be obsolete after 1 day, and GetOperation API + will return NOT_FOUND afterwards. If conflicting updates are issued, the + Operations associated with the stale updates will not be marked as done + until being obsolete. + operationId: >- + retail.projects.locations.catalogs.branches.products.removeFulfillmentPlaces + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudRetailV2RemoveFulfillmentPlacesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8492,8 +8988,78 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRetailV2GetDefaultBranchResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: catalogsId + required: true + schema: + type: string + - in: path + name: branchesId + required: true + schema: + type: string + - in: path + name: productsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:setInventory: + parameters: *ref_1 + post: + description: >- + Updates inventory information for a Product while respecting the last + update timestamps of each inventory field. This process is asynchronous + and does not require the Product to exist before updating fulfillment + information. If the request is valid, the update is enqueued and + processed downstream. As a consequence, when a response is returned, + updates are not immediately manifested in the Product queried by + ProductService.GetProduct or ProductService.ListProducts. When inventory + is updated with ProductService.CreateProduct and + ProductService.UpdateProduct, the specified inventory field value(s) + overwrite any existing value(s) while ignoring the last update time for + this field. Furthermore, the last update times for the specified + inventory fields are overwritten by the times of the + ProductService.CreateProduct or ProductService.UpdateProduct request. If + no inventory fields are set in CreateProductRequest.product, then any + pre-existing inventory information for this product is used. If no + inventory fields are set in SetInventoryRequest.set_mask, then any + existing inventory information is preserved. Pre-existing inventory + information can only be updated with ProductService.SetInventory, + ProductService.AddFulfillmentPlaces, and + ProductService.RemoveFulfillmentPlaces. The returned Operations is + obsolete after one day, and the GetOperation API returns `NOT_FOUND` + afterwards. If conflicting updates are issued, the Operations associated + with the stale updates are not marked as done until they are obsolete. + operationId: retail.projects.locations.catalogs.branches.products.setInventory + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudRetailV2SetInventoryRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -8510,11 +9076,26 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/completionConfig: + - in: path + name: branchesId + required: true + schema: + type: string + - in: path + name: productsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}: parameters: *ref_1 - get: - description: Gets a CompletionConfig. - operationId: retail.projects.locations.catalogs.getCompletionConfig + patch: + description: Updates a Product. + operationId: retail.projects.locations.catalogs.branches.products.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudRetailV2Product' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8526,7 +9107,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2CompletionConfig' + $ref: '#/components/schemas/GoogleCloudRetailV2Product' parameters: - in: path name: projectsId @@ -8543,14 +9124,28 @@ paths: required: true schema: type: string - patch: - description: Updates the CompletionConfigs. - operationId: retail.projects.locations.catalogs.updateCompletionConfig - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRetailV2CompletionConfig' + - in: path + name: branchesId + required: true + schema: + type: string + - in: path + name: productsId + required: true + schema: + type: string + - in: query + name: allowMissing + schema: + type: boolean + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets a Product. + operationId: retail.projects.locations.catalogs.branches.products.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8562,7 +9157,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2CompletionConfig' + $ref: '#/components/schemas/GoogleCloudRetailV2Product' parameters: - in: path name: projectsId @@ -8579,16 +9174,19 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: branchesId + required: true schema: type: string - format: google-fieldmask - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/attributesConfig: - parameters: *ref_1 - get: - description: Gets an AttributesConfig. - operationId: retail.projects.locations.catalogs.getAttributesConfig + - in: path + name: productsId + required: true + schema: + type: string + delete: + description: Deletes a Product. + operationId: retail.projects.locations.catalogs.branches.products.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8600,7 +9198,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2AttributesConfig' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -8617,21 +9215,42 @@ paths: required: true schema: type: string - patch: + - in: path + name: branchesId + required: true + schema: + type: string + - in: path + name: productsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:addFulfillmentPlaces: + parameters: *ref_1 + post: description: >- - Updates the AttributesConfig. The catalog attributes in the request will - be updated in the catalog, or inserted if they do not exist. Existing - catalog attributes not included in the request will remain unchanged. - Attributes that are assigned to products, but do not exist at the - catalog level, are always included in the response. The product - attribute is assigned default values for missing catalog attribute - fields, e.g., searchable and dynamic facetable options. - operationId: retail.projects.locations.catalogs.updateAttributesConfig + We recommend that you use the ProductService.AddLocalInventories method + instead of the ProductService.AddFulfillmentPlaces method. + ProductService.AddLocalInventories achieves the same results but + provides more fine-grained control over ingesting local inventory data. + Incrementally adds place IDs to Product.fulfillment_info.place_ids. This + process is asynchronous and does not require the Product to exist before + updating fulfillment information. If the request is valid, the update + will be enqueued and processed downstream. As a consequence, when a + response is returned, the added place IDs are not immediately manifested + in the Product queried by ProductService.GetProduct or + ProductService.ListProducts. The returned Operations will be obsolete + after 1 day, and GetOperation API will return NOT_FOUND afterwards. If + conflicting updates are issued, the Operations associated with the stale + updates will not be marked as done until being obsolete. + operationId: >- + retail.projects.locations.catalogs.branches.products.addFulfillmentPlaces requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2AttributesConfig' + $ref: >- + #/components/schemas/GoogleCloudRetailV2AddFulfillmentPlacesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8643,7 +9262,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2AttributesConfig' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -8660,19 +9279,40 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: branchesId + required: true schema: type: string - format: google-fieldmask - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}:completeQuery: + - in: path + name: productsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:removeLocalInventories: parameters: *ref_1 - get: + post: description: >- - Completes the specified prefix with keyword suggestions. This feature is - only available for users who have Retail Search enabled. Enable Retail - Search on Cloud Console before using this feature. - operationId: retail.projects.locations.catalogs.completeQuery + Remove local inventory information for a Product at a list of places at + a removal timestamp. This process is asynchronous. If the request is + valid, the removal will be enqueued and processed downstream. As a + consequence, when a response is returned, removals are not immediately + manifested in the Product queried by ProductService.GetProduct or + ProductService.ListProducts. Local inventory information can only be + removed using this method. ProductService.CreateProduct and + ProductService.UpdateProduct has no effect on local inventories. The + returned Operations will be obsolete after 1 day, and GetOperation API + will return NOT_FOUND afterwards. If conflicting updates are issued, the + Operations associated with the stale updates will not be marked as done + until being obsolete. + operationId: >- + retail.projects.locations.catalogs.branches.products.removeLocalInventories + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudRetailV2RemoveLocalInventoriesRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8684,7 +9324,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2CompleteQueryResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -8701,52 +9341,34 @@ paths: required: true schema: type: string - - in: query - name: query - schema: - type: string - - in: query - name: visitorId - schema: - type: string - - in: query - name: languageCodes - schema: - type: string - - in: query - name: deviceType - schema: - type: string - - in: query - name: dataset + - in: path + name: branchesId + required: true schema: type: string - - in: query - name: maxSuggestions - schema: - type: integer - format: int32 - - in: query - name: enableAttributeSuggestions - schema: - type: boolean - - in: query - name: entity + - in: path + name: productsId + required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/generativeQuestionFeature: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products:purge: parameters: *ref_1 - patch: + post: description: >- - Manages overal generative question feature state -- enables toggling - feature on and off. - operationId: retail.projects.locations.catalogs.updateGenerativeQuestionFeature + Permanently deletes all selected Products under a branch. This process + is asynchronous. If the request is valid, the removal will be enqueued + and processed offline. Depending on the number of Products, this + operation could take hours to complete. Before the operation completes, + some Products may still be returned by ProductService.GetProduct or + ProductService.ListProducts. Depending on the number of Products, this + operation could take hours to complete. To get a sample of Products that + would be deleted, set PurgeProductsRequest.force to false. + operationId: retail.projects.locations.catalogs.branches.products.purge requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRetailV2GenerativeQuestionsFeatureConfig + $ref: '#/components/schemas/GoogleCloudRetailV2PurgeProductsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8758,8 +9380,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRetailV2GenerativeQuestionsFeatureConfig + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -8776,16 +9397,19 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: branchesId + required: true schema: type: string - format: google-fieldmask + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/operations/{operationsId}: + parameters: *ref_1 get: description: >- - Manages overal generative question feature state -- enables toggling - feature on and off. - operationId: retail.projects.locations.catalogs.getGenerativeQuestionFeature + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: retail.projects.locations.catalogs.branches.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8797,8 +9421,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRetailV2GenerativeQuestionsFeatureConfig + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -8815,16 +9438,32 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/generativeQuestion: + - in: path + name: branchesId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/attributesConfig:replaceCatalogAttribute: parameters: *ref_1 - patch: - description: Allows management of individual questions. - operationId: retail.projects.locations.catalogs.updateGenerativeQuestion + post: + description: >- + Replaces the specified CatalogAttribute in the AttributesConfig by + updating the catalog attribute with the same CatalogAttribute.key. If + the CatalogAttribute to replace does not exist, a NOT_FOUND error is + returned. + operationId: >- + retail.projects.locations.catalogs.attributesConfig.replaceCatalogAttribute requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2GenerativeQuestionConfig' + $ref: >- + #/components/schemas/GoogleCloudRetailV2ReplaceCatalogAttributeRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8836,8 +9475,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRetailV2GenerativeQuestionConfig + $ref: '#/components/schemas/GoogleCloudRetailV2AttributesConfig' parameters: - in: path name: projectsId @@ -8854,19 +9492,21 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/conversationalSearchCustomizationConfig: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/attributesConfig:removeCatalogAttribute: parameters: *ref_1 - get: + post: description: >- - Returns the conversational search customization config for a given - catalog. + Removes the specified CatalogAttribute from the AttributesConfig. If the + CatalogAttribute to remove does not exist, a NOT_FOUND error is + returned. operationId: >- - retail.projects.locations.catalogs.getConversationalSearchCustomizationConfig + retail.projects.locations.catalogs.attributesConfig.removeCatalogAttribute + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudRetailV2RemoveCatalogAttributeRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8878,8 +9518,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRetailV2ConversationalSearchCustomizationConfig + $ref: '#/components/schemas/GoogleCloudRetailV2AttributesConfig' parameters: - in: path name: projectsId @@ -8896,18 +9535,20 @@ paths: required: true schema: type: string - patch: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/attributesConfig:addCatalogAttribute: + parameters: *ref_1 + post: description: >- - Updates the conversational search customization config for a given - catalog. - operationId: >- - retail.projects.locations.catalogs.updateConversationalSearchCustomizationConfig + Adds the specified CatalogAttribute to the AttributesConfig. If the + CatalogAttribute to add already exists, an ALREADY_EXISTS error is + returned. + operationId: retail.projects.locations.catalogs.attributesConfig.addCatalogAttribute requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRetailV2ConversationalSearchCustomizationConfig + #/components/schemas/GoogleCloudRetailV2AddCatalogAttributeRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8919,8 +9560,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRetailV2ConversationalSearchCustomizationConfig + $ref: '#/components/schemas/GoogleCloudRetailV2AttributesConfig' parameters: - in: path name: projectsId @@ -8937,18 +9577,16 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/operations: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/placements/{placementsId}:predict: parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: retail.projects.locations.catalogs.operations.list + post: + description: Makes a recommendation prediction. + operationId: retail.projects.locations.catalogs.placements.predict + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudRetailV2PredictRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8960,7 +9598,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleCloudRetailV2PredictResponse' parameters: - in: path name: projectsId @@ -8977,27 +9615,24 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: placementsId + required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/operations/{operationsId}: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/placements/{placementsId}:search: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: retail.projects.locations.catalogs.operations.get + Performs a search. This feature is only available for users who have + Retail Search enabled. Enable Retail Search on Cloud Console before + using this feature. + operationId: retail.projects.locations.catalogs.placements.search + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudRetailV2SearchRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9009,7 +9644,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudRetailV2SearchResponse' parameters: - in: path name: projectsId @@ -9027,18 +9662,23 @@ paths: schema: type: string - in: path - name: operationsId + name: placementsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/operations/{operationsId}: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/placements/{placementsId}:conversationalSearch: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: retail.projects.locations.catalogs.branches.operations.get + Performs a conversational search. This feature is only available for + users who have Conversational Search enabled. + operationId: retail.projects.locations.catalogs.placements.conversationalSearch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudRetailV2ConversationalSearchRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9050,7 +9690,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudRetailV2ConversationalSearchResponse parameters: - in: path name: projectsId @@ -9068,25 +9709,21 @@ paths: schema: type: string - in: path - name: branchesId - required: true - schema: - type: string - - in: path - name: operationsId + name: placementsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/generativeQuestion:batchUpdate: parameters: *ref_1 post: - description: Creates a Product. - operationId: retail.projects.locations.catalogs.branches.products.create + description: Allows management of multiple questions. + operationId: retail.projects.locations.catalogs.generativeQuestion.batchUpdate requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Product' + $ref: >- + #/components/schemas/GoogleCloudRetailV2BatchUpdateGenerativeQuestionConfigsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9098,7 +9735,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Product' + $ref: >- + #/components/schemas/GoogleCloudRetailV2BatchUpdateGenerativeQuestionConfigsResponse parameters: - in: path name: projectsId @@ -9115,18 +9753,13 @@ paths: required: true schema: type: string - - in: path - name: branchesId - required: true - schema: - type: string - - in: query - name: productId - schema: - type: string + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/operations: + parameters: *ref_1 get: - description: Gets a list of Products. - operationId: retail.projects.locations.catalogs.branches.products.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: retail.projects.locations.catalogs.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9138,7 +9771,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2ListProductsResponse' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId @@ -9155,9 +9788,8 @@ paths: required: true schema: type: string - - in: path - name: branchesId - required: true + - in: query + name: filter schema: type: string - in: query @@ -9170,19 +9802,17 @@ paths: schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: readMask + name: returnPartialSuccess schema: - type: string - format: google-fieldmask - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}: + type: boolean + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/operations/{operationsId}: parameters: *ref_1 get: - description: Gets a Product. - operationId: retail.projects.locations.catalogs.branches.products.get + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: retail.projects.locations.catalogs.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9194,7 +9824,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Product' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -9212,73 +9842,23 @@ paths: schema: type: string - in: path - name: branchesId - required: true - schema: - type: string - - in: path - name: productsId + name: operationsId required: true schema: type: string - patch: - description: Updates a Product. - operationId: retail.projects.locations.catalogs.branches.products.patch + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}:removeControl: + parameters: *ref_1 + post: + description: >- + Disables a Control on the specified ServingConfig. The control is + removed from the ServingConfig. Returns a NOT_FOUND error if the Control + is not enabled for the ServingConfig. + operationId: retail.projects.locations.catalogs.servingConfigs.removeControl requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Product' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Product' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: catalogsId - required: true - schema: - type: string - - in: path - name: branchesId - required: true - schema: - type: string - - in: path - name: productsId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: allowMissing - schema: - type: boolean - delete: - description: Deletes a Product. - operationId: retail.projects.locations.catalogs.branches.products.delete + $ref: '#/components/schemas/GoogleCloudRetailV2RemoveControlRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9290,7 +9870,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudRetailV2ServingConfig' parameters: - in: path name: projectsId @@ -9308,33 +9888,20 @@ paths: schema: type: string - in: path - name: branchesId - required: true - schema: - type: string - - in: path - name: productsId + name: servingConfigsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products:purge: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}:predict: parameters: *ref_1 post: - description: >- - Permanently deletes all selected Products under a branch. This process - is asynchronous. If the request is valid, the removal will be enqueued - and processed offline. Depending on the number of Products, this - operation could take hours to complete. Before the operation completes, - some Products may still be returned by ProductService.GetProduct or - ProductService.ListProducts. Depending on the number of Products, this - operation could take hours to complete. To get a sample of Products that - would be deleted, set PurgeProductsRequest.force to false. - operationId: retail.projects.locations.catalogs.branches.products.purge + description: Makes a recommendation prediction. + operationId: retail.projects.locations.catalogs.servingConfigs.predict requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2PurgeProductsRequest' + $ref: '#/components/schemas/GoogleCloudRetailV2PredictRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9346,7 +9913,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudRetailV2PredictResponse' parameters: - in: path name: projectsId @@ -9364,23 +9931,17 @@ paths: schema: type: string - in: path - name: branchesId + name: servingConfigsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products:import: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}: parameters: *ref_1 - post: + delete: description: >- - Bulk import of multiple Products. Request processing may be synchronous. - Non-existing items are created. Note that it is possible for a subset of - the Products to be successfully updated. - operationId: retail.projects.locations.catalogs.branches.products.import - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRetailV2ImportProductsRequest' + Deletes a ServingConfig. Returns a NotFound error if the ServingConfig + does not exist. + operationId: retail.projects.locations.catalogs.servingConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9392,7 +9953,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -9410,43 +9971,15 @@ paths: schema: type: string - in: path - name: branchesId + name: servingConfigsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:setInventory: - parameters: *ref_1 - post: + get: description: >- - Updates inventory information for a Product while respecting the last - update timestamps of each inventory field. This process is asynchronous - and does not require the Product to exist before updating fulfillment - information. If the request is valid, the update is enqueued and - processed downstream. As a consequence, when a response is returned, - updates are not immediately manifested in the Product queried by - ProductService.GetProduct or ProductService.ListProducts. When inventory - is updated with ProductService.CreateProduct and - ProductService.UpdateProduct, the specified inventory field value(s) - overwrite any existing value(s) while ignoring the last update time for - this field. Furthermore, the last update times for the specified - inventory fields are overwritten by the times of the - ProductService.CreateProduct or ProductService.UpdateProduct request. If - no inventory fields are set in CreateProductRequest.product, then any - pre-existing inventory information for this product is used. If no - inventory fields are set in SetInventoryRequest.set_mask, then any - existing inventory information is preserved. Pre-existing inventory - information can only be updated with ProductService.SetInventory, - ProductService.AddFulfillmentPlaces, and - ProductService.RemoveFulfillmentPlaces. The returned Operations is - obsolete after one day, and the GetOperation API returns `NOT_FOUND` - afterwards. If conflicting updates are issued, the Operations associated - with the stale updates are not marked as done until they are obsolete. - operationId: retail.projects.locations.catalogs.branches.products.setInventory - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRetailV2SetInventoryRequest' + Gets a ServingConfig. Returns a NotFound error if the ServingConfig does + not exist. + operationId: retail.projects.locations.catalogs.servingConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9458,7 +9991,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudRetailV2ServingConfig' parameters: - in: path name: projectsId @@ -9476,41 +10009,18 @@ paths: schema: type: string - in: path - name: branchesId - required: true - schema: - type: string - - in: path - name: productsId + name: servingConfigsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:addFulfillmentPlaces: - parameters: *ref_1 - post: - description: >- - We recommend that you use the ProductService.AddLocalInventories method - instead of the ProductService.AddFulfillmentPlaces method. - ProductService.AddLocalInventories achieves the same results but - provides more fine-grained control over ingesting local inventory data. - Incrementally adds place IDs to Product.fulfillment_info.place_ids. This - process is asynchronous and does not require the Product to exist before - updating fulfillment information. If the request is valid, the update - will be enqueued and processed downstream. As a consequence, when a - response is returned, the added place IDs are not immediately manifested - in the Product queried by ProductService.GetProduct or - ProductService.ListProducts. The returned Operations will be obsolete - after 1 day, and GetOperation API will return NOT_FOUND afterwards. If - conflicting updates are issued, the Operations associated with the stale - updates will not be marked as done until being obsolete. - operationId: >- - retail.projects.locations.catalogs.branches.products.addFulfillmentPlaces + patch: + description: Updates a ServingConfig. + operationId: retail.projects.locations.catalogs.servingConfigs.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRetailV2AddFulfillmentPlacesRequest + $ref: '#/components/schemas/GoogleCloudRetailV2ServingConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9522,7 +10032,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudRetailV2ServingConfig' parameters: - in: path name: projectsId @@ -9540,42 +10050,27 @@ paths: schema: type: string - in: path - name: branchesId + name: servingConfigsId required: true schema: type: string - - in: path - name: productsId - required: true + - in: query + name: updateMask schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:removeFulfillmentPlaces: + format: google-fieldmask + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs: parameters: *ref_1 post: description: >- - We recommend that you use the ProductService.RemoveLocalInventories - method instead of the ProductService.RemoveFulfillmentPlaces method. - ProductService.RemoveLocalInventories achieves the same results but - provides more fine-grained control over ingesting local inventory data. - Incrementally removes place IDs from a - Product.fulfillment_info.place_ids. This process is asynchronous and - does not require the Product to exist before updating fulfillment - information. If the request is valid, the update will be enqueued and - processed downstream. As a consequence, when a response is returned, the - removed place IDs are not immediately manifested in the Product queried - by ProductService.GetProduct or ProductService.ListProducts. The - returned Operations will be obsolete after 1 day, and GetOperation API - will return NOT_FOUND afterwards. If conflicting updates are issued, the - Operations associated with the stale updates will not be marked as done - until being obsolete. - operationId: >- - retail.projects.locations.catalogs.branches.products.removeFulfillmentPlaces + Creates a ServingConfig. A maximum of 100 ServingConfigs are allowed in + a Catalog, otherwise a FAILED_PRECONDITION error is returned. + operationId: retail.projects.locations.catalogs.servingConfigs.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRetailV2RemoveFulfillmentPlacesRequest + $ref: '#/components/schemas/GoogleCloudRetailV2ServingConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9587,7 +10082,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudRetailV2ServingConfig' parameters: - in: path name: projectsId @@ -9604,41 +10099,13 @@ paths: required: true schema: type: string - - in: path - name: branchesId - required: true - schema: - type: string - - in: path - name: productsId - required: true + - in: query + name: servingConfigId schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:addLocalInventories: - parameters: *ref_1 - post: - description: >- - Updates local inventory information for a Product at a list of places, - while respecting the last update timestamps of each inventory field. - This process is asynchronous and does not require the Product to exist - before updating inventory information. If the request is valid, the - update will be enqueued and processed downstream. As a consequence, when - a response is returned, updates are not immediately manifested in the - Product queried by ProductService.GetProduct or - ProductService.ListProducts. Local inventory information can only be - modified using this method. ProductService.CreateProduct and - ProductService.UpdateProduct has no effect on local inventories. The - returned Operations will be obsolete after 1 day, and GetOperation API - will return NOT_FOUND afterwards. If conflicting updates are issued, the - Operations associated with the stale updates will not be marked as done - until being obsolete. - operationId: retail.projects.locations.catalogs.branches.products.addLocalInventories - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudRetailV2AddLocalInventoriesRequest + get: + description: Lists all ServingConfigs linked to this catalog. + operationId: retail.projects.locations.catalogs.servingConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9650,7 +10117,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudRetailV2ListServingConfigsResponse parameters: - in: path name: projectsId @@ -9667,40 +10135,28 @@ paths: required: true schema: type: string - - in: path - name: branchesId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: productsId - required: true + - in: query + name: pageSize schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/branches/{branchesId}/products/{productsId}:removeLocalInventories: + type: integer + format: int32 + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}:search: parameters: *ref_1 post: description: >- - Remove local inventory information for a Product at a list of places at - a removal timestamp. This process is asynchronous. If the request is - valid, the removal will be enqueued and processed downstream. As a - consequence, when a response is returned, removals are not immediately - manifested in the Product queried by ProductService.GetProduct or - ProductService.ListProducts. Local inventory information can only be - removed using this method. ProductService.CreateProduct and - ProductService.UpdateProduct has no effect on local inventories. The - returned Operations will be obsolete after 1 day, and GetOperation API - will return NOT_FOUND afterwards. If conflicting updates are issued, the - Operations associated with the stale updates will not be marked as done - until being obsolete. - operationId: >- - retail.projects.locations.catalogs.branches.products.removeLocalInventories + Performs a search. This feature is only available for users who have + Retail Search enabled. Enable Retail Search on Cloud Console before + using this feature. + operationId: retail.projects.locations.catalogs.servingConfigs.search requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRetailV2RemoveLocalInventoriesRequest + $ref: '#/components/schemas/GoogleCloudRetailV2SearchRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9712,7 +10168,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudRetailV2SearchResponse' parameters: - in: path name: projectsId @@ -9730,29 +10186,27 @@ paths: schema: type: string - in: path - name: branchesId - required: true - schema: - type: string - - in: path - name: productsId + name: servingConfigsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/attributesConfig:addCatalogAttribute: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}:addControl: parameters: *ref_1 post: description: >- - Adds the specified CatalogAttribute to the AttributesConfig. If the - CatalogAttribute to add already exists, an ALREADY_EXISTS error is - returned. - operationId: retail.projects.locations.catalogs.attributesConfig.addCatalogAttribute + Enables a Control on the specified ServingConfig. The control is added + in the last position of the list of controls it belongs to (e.g. if it's + a facet spec control it will be applied in the last position of + servingConfig.facetSpecIds) Returns a ALREADY_EXISTS error if the + control has already been applied. Returns a FAILED_PRECONDITION error if + the addition could exceed maximum number of control allowed for that + type of control. + operationId: retail.projects.locations.catalogs.servingConfigs.addControl requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRetailV2AddCatalogAttributeRequest + $ref: '#/components/schemas/GoogleCloudRetailV2AddControlRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9764,7 +10218,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2AttributesConfig' + $ref: '#/components/schemas/GoogleCloudRetailV2ServingConfig' parameters: - in: path name: projectsId @@ -9781,21 +10235,24 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/attributesConfig:removeCatalogAttribute: + - in: path + name: servingConfigsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}:conversationalSearch: parameters: *ref_1 post: description: >- - Removes the specified CatalogAttribute from the AttributesConfig. If the - CatalogAttribute to remove does not exist, a NOT_FOUND error is - returned. - operationId: >- - retail.projects.locations.catalogs.attributesConfig.removeCatalogAttribute + Performs a conversational search. This feature is only available for + users who have Conversational Search enabled. + operationId: retail.projects.locations.catalogs.servingConfigs.conversationalSearch requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRetailV2RemoveCatalogAttributeRequest + #/components/schemas/GoogleCloudRetailV2ConversationalSearchRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9807,7 +10264,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2AttributesConfig' + $ref: >- + #/components/schemas/GoogleCloudRetailV2ConversationalSearchResponse parameters: - in: path name: projectsId @@ -9824,22 +10282,27 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/attributesConfig:replaceCatalogAttribute: + - in: path + name: servingConfigsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/userEvents:import: parameters: *ref_1 post: description: >- - Replaces the specified CatalogAttribute in the AttributesConfig by - updating the catalog attribute with the same CatalogAttribute.key. If - the CatalogAttribute to replace does not exist, a NOT_FOUND error is - returned. - operationId: >- - retail.projects.locations.catalogs.attributesConfig.replaceCatalogAttribute + Bulk import of User events. Request processing might be synchronous. + Events that already exist are skipped. Use this method for backfilling + historical user events. `Operation.response` is of type + `ImportResponse`. Note that it is possible for a subset of the items to + be successfully inserted. `Operation.metadata` is of type + `ImportMetadata`. + operationId: retail.projects.locations.catalogs.userEvents.import requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRetailV2ReplaceCatalogAttributeRequest + $ref: '#/components/schemas/GoogleCloudRetailV2ImportUserEventsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9851,7 +10314,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2AttributesConfig' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -9868,19 +10331,24 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/placements/{placementsId}:search: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/userEvents:rejoin: parameters: *ref_1 post: description: >- - Performs a search. This feature is only available for users who have - Retail Search enabled. Enable Retail Search on Cloud Console before - using this feature. - operationId: retail.projects.locations.catalogs.placements.search + Starts a user-event rejoin operation with latest product catalog. Events + are not annotated with detailed product information for products that + are missing from the catalog when the user event is ingested. These + events are stored as unjoined events with limited usage on training and + serving. You can use this method to start a join operation on specified + events with the latest version of product catalog. You can also use this + method to correct events joined with the wrong product catalog. A rejoin + operation can take hours or days to complete. + operationId: retail.projects.locations.catalogs.userEvents.rejoin requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2SearchRequest' + $ref: '#/components/schemas/GoogleCloudRetailV2RejoinUserEventsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9892,7 +10360,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2SearchResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -9909,21 +10377,16 @@ paths: required: true schema: type: string - - in: path - name: placementsId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/placements/{placementsId}:predict: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/userEvents:write: parameters: *ref_1 post: - description: Makes a recommendation prediction. - operationId: retail.projects.locations.catalogs.placements.predict + description: Writes a single user event. + operationId: retail.projects.locations.catalogs.userEvents.write requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2PredictRequest' + $ref: '#/components/schemas/GoogleCloudRetailV2UserEvent' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9935,7 +10398,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2PredictResponse' + $ref: '#/components/schemas/GoogleCloudRetailV2UserEvent' parameters: - in: path name: projectsId @@ -9952,24 +10415,24 @@ paths: required: true schema: type: string - - in: path - name: placementsId - required: true + - in: query + name: writeAsync schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}:search: + type: boolean + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/userEvents:purge: parameters: *ref_1 post: description: >- - Performs a search. This feature is only available for users who have - Retail Search enabled. Enable Retail Search on Cloud Console before - using this feature. - operationId: retail.projects.locations.catalogs.servingConfigs.search + Deletes permanently all user events specified by the filter provided. + Depending on the number of events specified by the filter, this + operation could take hours or days to complete. To test a filter, use + the list command first. + operationId: retail.projects.locations.catalogs.userEvents.purge requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2SearchRequest' + $ref: '#/components/schemas/GoogleCloudRetailV2PurgeUserEventsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9981,7 +10444,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2SearchResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -9998,21 +10461,21 @@ paths: required: true schema: type: string - - in: path - name: servingConfigsId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}:predict: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/userEvents:collect: parameters: *ref_1 post: - description: Makes a recommendation prediction. - operationId: retail.projects.locations.catalogs.servingConfigs.predict + description: >- + Writes a single user event from the browser. For larger user event + payload over 16 KB, the POST method should be used instead, otherwise a + 400 Bad Request error is returned. This method is used only by the + Retail API JavaScript pixel and Google Tag Manager. Users should not + call this method directly. + operationId: retail.projects.locations.catalogs.userEvents.collect requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2PredictRequest' + $ref: '#/components/schemas/GoogleCloudRetailV2CollectUserEventRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10024,7 +10487,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2PredictResponse' + $ref: '#/components/schemas/GoogleApiHttpBody' parameters: - in: path name: projectsId @@ -10041,23 +10504,11 @@ paths: required: true schema: type: string - - in: path - name: servingConfigsId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/controls/{controlsId}: parameters: *ref_1 - post: - description: >- - Creates a ServingConfig. A maximum of 100 ServingConfigs are allowed in - a Catalog, otherwise a FAILED_PRECONDITION error is returned. - operationId: retail.projects.locations.catalogs.servingConfigs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRetailV2ServingConfig' + get: + description: Gets a Control. + operationId: retail.projects.locations.catalogs.controls.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10069,7 +10520,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2ServingConfig' + $ref: '#/components/schemas/GoogleCloudRetailV2Control' parameters: - in: path name: projectsId @@ -10086,13 +10537,16 @@ paths: required: true schema: type: string - - in: query - name: servingConfigId + - in: path + name: controlsId + required: true schema: type: string - get: - description: Lists all ServingConfigs linked to this catalog. - operationId: retail.projects.locations.catalogs.servingConfigs.list + delete: + description: >- + Deletes a Control. If the Control to delete does not exist, a NOT_FOUND + error is returned. + operationId: retail.projects.locations.catalogs.controls.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10104,8 +10558,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRetailV2ListServingConfigsResponse + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -10122,22 +10575,22 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: controlsId + required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}: - parameters: *ref_1 - delete: + patch: description: >- - Deletes a ServingConfig. Returns a NotFound error if the ServingConfig - does not exist. - operationId: retail.projects.locations.catalogs.servingConfigs.delete + Updates a Control. Control cannot be set to a different oneof field, if + so an INVALID_ARGUMENT is returned. If the Control to update does not + exist, a NOT_FOUND error is returned. + operationId: retail.projects.locations.catalogs.controls.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudRetailV2Control' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10149,7 +10602,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudRetailV2Control' parameters: - in: path name: projectsId @@ -10167,18 +10620,20 @@ paths: schema: type: string - in: path - name: servingConfigsId + name: controlsId required: true schema: type: string - patch: - description: Updates a ServingConfig. - operationId: retail.projects.locations.catalogs.servingConfigs.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRetailV2ServingConfig' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/controls: + parameters: *ref_1 + get: + description: Lists all Controls by their parent Catalog. + operationId: retail.projects.locations.catalogs.controls.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10190,7 +10645,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2ServingConfig' + $ref: '#/components/schemas/GoogleCloudRetailV2ListControlsResponse' parameters: - in: path name: projectsId @@ -10207,21 +10662,29 @@ paths: required: true schema: type: string - - in: path - name: servingConfigsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - in: query - name: updateMask + name: filter schema: type: string - format: google-fieldmask - get: + post: description: >- - Gets a ServingConfig. Returns a NotFound error if the ServingConfig does - not exist. - operationId: retail.projects.locations.catalogs.servingConfigs.get + Creates a Control. If the Control to create already exists, an + ALREADY_EXISTS error is returned. + operationId: retail.projects.locations.catalogs.controls.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudRetailV2Control' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10233,7 +10696,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2ServingConfig' + $ref: '#/components/schemas/GoogleCloudRetailV2Control' parameters: - in: path name: projectsId @@ -10250,28 +10713,20 @@ paths: required: true schema: type: string - - in: path - name: servingConfigsId - required: true + - in: query + name: controlId schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}:addControl: - parameters: *ref_1 - post: - description: >- - Enables a Control on the specified ServingConfig. The control is added - in the last position of the list of controls it belongs to (e.g. if it's - a facet spec control it will be applied in the last position of - servingConfig.facetSpecIds) Returns a ALREADY_EXISTS error if the - control has already been applied. Returns a FAILED_PRECONDITION error if - the addition could exceed maximum number of control allowed for that - type of control. - operationId: retail.projects.locations.catalogs.servingConfigs.addControl + type: string + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models/{modelsId}:resume: + parameters: *ref_1 + post: + description: Resumes the training of an existing model. + operationId: retail.projects.locations.catalogs.models.resume requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2AddControlRequest' + $ref: '#/components/schemas/GoogleCloudRetailV2ResumeModelRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10283,7 +10738,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2ServingConfig' + $ref: '#/components/schemas/GoogleCloudRetailV2Model' parameters: - in: path name: projectsId @@ -10301,23 +10756,15 @@ paths: schema: type: string - in: path - name: servingConfigsId + name: modelsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/servingConfigs/{servingConfigsId}:removeControl: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models: parameters: *ref_1 - post: - description: >- - Disables a Control on the specified ServingConfig. The control is - removed from the ServingConfig. Returns a NOT_FOUND error if the Control - is not enabled for the ServingConfig. - operationId: retail.projects.locations.catalogs.servingConfigs.removeControl - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRetailV2RemoveControlRequest' + get: + description: Lists all the models linked to this event store. + operationId: retail.projects.locations.catalogs.models.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10329,7 +10776,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2ServingConfig' + $ref: '#/components/schemas/GoogleCloudRetailV2ListModelsResponse' parameters: - in: path name: projectsId @@ -10346,28 +10793,23 @@ paths: required: true schema: type: string - - in: path - name: servingConfigsId - required: true + - in: query + name: pageToken schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/completionData:import: - parameters: *ref_1 + - in: query + name: pageSize + schema: + type: integer + format: int32 post: - description: >- - Bulk import of processed completion dataset. Request processing is - asynchronous. Partial updating is not supported. The operation is - successfully finished only after the imported suggestions are indexed - successfully and ready for serving. The process takes hours. This - feature is only available for users who have Retail Search enabled. - Enable Retail Search on Cloud Console before using this feature. - operationId: retail.projects.locations.catalogs.completionData.import + description: Creates a new model. + operationId: retail.projects.locations.catalogs.models.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRetailV2ImportCompletionDataRequest + $ref: '#/components/schemas/GoogleCloudRetailV2Model' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10396,18 +10838,20 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/controls: + - in: query + name: dryRun + schema: + type: boolean + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models/{modelsId}:tune: parameters: *ref_1 post: - description: >- - Creates a Control. If the Control to create already exists, an - ALREADY_EXISTS error is returned. - operationId: retail.projects.locations.catalogs.controls.create + description: Tunes an existing model. + operationId: retail.projects.locations.catalogs.models.tune requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Control' + $ref: '#/components/schemas/GoogleCloudRetailV2TuneModelRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10419,7 +10863,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Control' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -10436,13 +10880,21 @@ paths: required: true schema: type: string - - in: query - name: controlId + - in: path + name: modelsId + required: true schema: type: string - get: - description: Lists all Controls by their parent Catalog. - operationId: retail.projects.locations.catalogs.controls.list + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models/{modelsId}:pause: + parameters: *ref_1 + post: + description: Pauses the training of an existing model. + operationId: retail.projects.locations.catalogs.models.pause + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudRetailV2PauseModelRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10454,7 +10906,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2ListControlsResponse' + $ref: '#/components/schemas/GoogleCloudRetailV2Model' parameters: - in: path name: projectsId @@ -10471,26 +10923,16 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: modelsId + required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/controls/{controlsId}: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models/{modelsId}: parameters: *ref_1 delete: - description: >- - Deletes a Control. If the Control to delete does not exist, a NOT_FOUND - error is returned. - operationId: retail.projects.locations.catalogs.controls.delete + description: Deletes an existing model. + operationId: retail.projects.locations.catalogs.models.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10520,21 +10962,21 @@ paths: schema: type: string - in: path - name: controlsId + name: modelsId required: true schema: type: string patch: description: >- - Updates a Control. Control cannot be set to a different oneof field, if - so an INVALID_ARGUMENT is returned. If the Control to update does not - exist, a NOT_FOUND error is returned. - operationId: retail.projects.locations.catalogs.controls.patch + Update of model metadata. Only fields that currently can be updated are: + `filtering_option` and `periodic_tuning_state`. If other values are + provided, this API method ignores them. + operationId: retail.projects.locations.catalogs.models.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Control' + $ref: '#/components/schemas/GoogleCloudRetailV2Model' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10546,7 +10988,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Control' + $ref: '#/components/schemas/GoogleCloudRetailV2Model' parameters: - in: path name: projectsId @@ -10564,7 +11006,7 @@ paths: schema: type: string - in: path - name: controlsId + name: modelsId required: true schema: type: string @@ -10574,8 +11016,8 @@ paths: type: string format: google-fieldmask get: - description: Gets a Control. - operationId: retail.projects.locations.catalogs.controls.get + description: Gets a model. + operationId: retail.projects.locations.catalogs.models.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10587,7 +11029,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Control' + $ref: '#/components/schemas/GoogleCloudRetailV2Model' parameters: - in: path name: projectsId @@ -10605,7 +11047,7 @@ paths: schema: type: string - in: path - name: controlsId + name: modelsId required: true schema: type: string @@ -10643,17 +11085,20 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/generativeQuestion:batchUpdate: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}:exportAnalyticsMetrics: parameters: *ref_1 post: - description: Allows management of multiple questions. - operationId: retail.projects.locations.catalogs.generativeQuestion.batchUpdate + description: >- + Exports analytics metrics. `Operation.response` is of type + `ExportAnalyticsMetricsResponse`. `Operation.metadata` is of type + `ExportMetadata`. + operationId: retail.projects.locations.catalogs.exportAnalyticsMetrics requestBody: content: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudRetailV2BatchUpdateGenerativeQuestionConfigsRequest + #/components/schemas/GoogleCloudRetailV2ExportAnalyticsMetricsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10665,8 +11110,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudRetailV2BatchUpdateGenerativeQuestionConfigsResponse + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -10683,16 +11127,13 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/generativeQuestionFeature: parameters: *ref_1 - post: - description: Creates a new model. - operationId: retail.projects.locations.catalogs.models.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Model' + get: + description: >- + Manages overal generative question feature state -- enables toggling + feature on and off. + operationId: retail.projects.locations.catalogs.getGenerativeQuestionFeature security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10704,7 +11145,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: >- + #/components/schemas/GoogleCloudRetailV2GenerativeQuestionsFeatureConfig parameters: - in: path name: projectsId @@ -10721,13 +11163,17 @@ paths: required: true schema: type: string - - in: query - name: dryRun - schema: - type: boolean - get: - description: Lists all the models linked to this event store. - operationId: retail.projects.locations.catalogs.models.list + patch: + description: >- + Manages overal generative question feature state -- enables toggling + feature on and off. + operationId: retail.projects.locations.catalogs.updateGenerativeQuestionFeature + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudRetailV2GenerativeQuestionsFeatureConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10739,7 +11185,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2ListModelsResponse' + $ref: >- + #/components/schemas/GoogleCloudRetailV2GenerativeQuestionsFeatureConfig parameters: - in: path name: projectsId @@ -10757,19 +11204,17 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: updateMask schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models/{modelsId}: + format: google-fieldmask + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}:getDefaultBranch: parameters: *ref_1 get: - description: Gets a model. - operationId: retail.projects.locations.catalogs.models.get + description: >- + Get which branch is currently default branch set by + CatalogService.SetDefaultBranch method under a specified parent catalog. + operationId: retail.projects.locations.catalogs.getDefaultBranch security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10781,7 +11226,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Model' + $ref: >- + #/components/schemas/GoogleCloudRetailV2GetDefaultBranchResponse parameters: - in: path name: projectsId @@ -10798,14 +11244,47 @@ paths: required: true schema: type: string + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/completionConfig: + parameters: *ref_1 + get: + description: Gets a CompletionConfig. + operationId: retail.projects.locations.catalogs.getCompletionConfig + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudRetailV2CompletionConfig' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: modelsId + name: locationsId required: true schema: type: string - delete: - description: Deletes an existing model. - operationId: retail.projects.locations.catalogs.models.delete + - in: path + name: catalogsId + required: true + schema: + type: string + patch: + description: Updates the CompletionConfigs. + operationId: retail.projects.locations.catalogs.updateCompletionConfig + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudRetailV2CompletionConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10817,7 +11296,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleCloudRetailV2CompletionConfig' parameters: - in: path name: projectsId @@ -10834,22 +11313,25 @@ paths: required: true schema: type: string - - in: path - name: modelsId - required: true + - in: query + name: updateMask schema: type: string + format: google-fieldmask + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/conversationalSearchCustomizationConfig: + parameters: *ref_1 patch: description: >- - Update of model metadata. Only fields that currently can be updated are: - `filtering_option` and `periodic_tuning_state`. If other values are - provided, this API method ignores them. - operationId: retail.projects.locations.catalogs.models.patch + Updates the conversational search customization config for a given + catalog. + operationId: >- + retail.projects.locations.catalogs.updateConversationalSearchCustomizationConfig requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Model' + $ref: >- + #/components/schemas/GoogleCloudRetailV2ConversationalSearchCustomizationConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10861,7 +11343,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Model' + $ref: >- + #/components/schemas/GoogleCloudRetailV2ConversationalSearchCustomizationConfig parameters: - in: path name: projectsId @@ -10878,26 +11361,17 @@ paths: required: true schema: type: string - - in: path - name: modelsId - required: true - schema: - type: string - in: query name: updateMask schema: type: string format: google-fieldmask - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models/{modelsId}:pause: - parameters: *ref_1 - post: - description: Pauses the training of an existing model. - operationId: retail.projects.locations.catalogs.models.pause - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRetailV2PauseModelRequest' + get: + description: >- + Returns the conversational search customization config for a given + catalog. + operationId: >- + retail.projects.locations.catalogs.getConversationalSearchCustomizationConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10909,7 +11383,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Model' + $ref: >- + #/components/schemas/GoogleCloudRetailV2ConversationalSearchCustomizationConfig parameters: - in: path name: projectsId @@ -10926,21 +11401,16 @@ paths: required: true schema: type: string - - in: path - name: modelsId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models/{modelsId}:resume: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}: parameters: *ref_1 - post: - description: Resumes the training of an existing model. - operationId: retail.projects.locations.catalogs.models.resume + patch: + description: Updates the Catalogs. + operationId: retail.projects.locations.catalogs.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2ResumeModelRequest' + $ref: '#/components/schemas/GoogleCloudRetailV2Catalog' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10952,7 +11422,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2Model' + $ref: '#/components/schemas/GoogleCloudRetailV2Catalog' parameters: - in: path name: projectsId @@ -10969,21 +11439,42 @@ paths: required: true schema: type: string - - in: path - name: modelsId - required: true + - in: query + name: updateMask schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/models/{modelsId}:tune: + format: google-fieldmask + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}:setDefaultBranch: parameters: *ref_1 post: - description: Tunes an existing model. - operationId: retail.projects.locations.catalogs.models.tune + description: >- + Set a specified branch id as default branch. API methods such as + SearchService.Search, ProductService.GetProduct, + ProductService.ListProducts will treat requests using "default_branch" + to the actual branch id set as default. For example, if + `projects/*/locations/*/catalogs/*/branches/1` is set as default, + setting SearchRequest.branch to + `projects/*/locations/*/catalogs/*/branches/default_branch` is + equivalent to setting SearchRequest.branch to + `projects/*/locations/*/catalogs/*/branches/1`. Using multiple branches + can be useful when developers would like to have a staging branch to + test and verify for future usage. When it becomes ready, developers + switch on the staging branch using this API while keeping using + `projects/*/locations/*/catalogs/*/branches/default_branch` as + SearchRequest.branch to route the traffic to this staging branch. + CAUTION: If you have live predict/search traffic, switching the default + branch could potentially cause outages if the ID space of the new branch + is very different from the old one. More specifically: * + PredictionService will only return product IDs from branch {newBranch}. + * SearchService will only return product IDs from branch {newBranch} (if + branch is not explicitly set). * UserEventService will only join events + with products from branch {newBranch}. + operationId: retail.projects.locations.catalogs.setDefaultBranch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2TuneModelRequest' + $ref: '#/components/schemas/GoogleCloudRetailV2SetDefaultBranchRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10995,7 +11486,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -11012,21 +11503,16 @@ paths: required: true schema: type: string - - in: path - name: modelsId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/userEvents:write: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/generativeQuestion: parameters: *ref_1 - post: - description: Writes a single user event. - operationId: retail.projects.locations.catalogs.userEvents.write + patch: + description: Allows management of individual questions. + operationId: retail.projects.locations.catalogs.updateGenerativeQuestion requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2UserEvent' + $ref: '#/components/schemas/GoogleCloudRetailV2GenerativeQuestionConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11038,7 +11524,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2UserEvent' + $ref: >- + #/components/schemas/GoogleCloudRetailV2GenerativeQuestionConfig parameters: - in: path name: projectsId @@ -11056,24 +11543,15 @@ paths: schema: type: string - in: query - name: writeAsync + name: updateMask schema: - type: boolean - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/userEvents:collect: + type: string + format: google-fieldmask + /v2/projects/{projectsId}/locations/{locationsId}/catalogs: parameters: *ref_1 - post: - description: >- - Writes a single user event from the browser. For larger user event - payload over 16 KB, the POST method should be used instead, otherwise a - 400 Bad Request error is returned. This method is used only by the - Retail API JavaScript pixel and Google Tag Manager. Users should not - call this method directly. - operationId: retail.projects.locations.catalogs.userEvents.collect - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRetailV2CollectUserEventRequest' + get: + description: Lists all the Catalogs associated with the project. + operationId: retail.projects.locations.catalogs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11085,7 +11563,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleApiHttpBody' + $ref: '#/components/schemas/GoogleCloudRetailV2ListCatalogsResponse' parameters: - in: path name: projectsId @@ -11097,25 +11575,32 @@ paths: required: true schema: type: string - - in: path - name: catalogsId - required: true + - in: query + name: pageToken schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/userEvents:purge: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/attributesConfig: parameters: *ref_1 - post: + patch: description: >- - Deletes permanently all user events specified by the filter provided. - Depending on the number of events specified by the filter, this - operation could take hours or days to complete. To test a filter, use - the list command first. - operationId: retail.projects.locations.catalogs.userEvents.purge + Updates the AttributesConfig. The catalog attributes in the request will + be updated in the catalog, or inserted if they do not exist. Existing + catalog attributes not included in the request will remain unchanged. + Attributes that are assigned to products, but do not exist at the + catalog level, are always included in the response. The product + attribute is assigned default values for missing catalog attribute + fields, e.g., searchable and dynamic facetable options. + operationId: retail.projects.locations.catalogs.updateAttributesConfig requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRetailV2PurgeUserEventsRequest' + $ref: '#/components/schemas/GoogleCloudRetailV2AttributesConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11127,7 +11612,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudRetailV2AttributesConfig' parameters: - in: path name: projectsId @@ -11144,22 +11629,14 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/userEvents:import: - parameters: *ref_1 - post: - description: >- - Bulk import of User events. Request processing might be synchronous. - Events that already exist are skipped. Use this method for backfilling - historical user events. `Operation.response` is of type - `ImportResponse`. Note that it is possible for a subset of the items to - be successfully inserted. `Operation.metadata` is of type - `ImportMetadata`. - operationId: retail.projects.locations.catalogs.userEvents.import - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRetailV2ImportUserEventsRequest' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets an AttributesConfig. + operationId: retail.projects.locations.catalogs.getAttributesConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11171,7 +11648,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudRetailV2AttributesConfig' parameters: - in: path name: projectsId @@ -11188,24 +11665,14 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}/userEvents:rejoin: + /v2/projects/{projectsId}/locations/{locationsId}/catalogs/{catalogsId}:completeQuery: parameters: *ref_1 - post: + get: description: >- - Starts a user-event rejoin operation with latest product catalog. Events - are not annotated with detailed product information for products that - are missing from the catalog when the user event is ingested. These - events are stored as unjoined events with limited usage on training and - serving. You can use this method to start a join operation on specified - events with the latest version of product catalog. You can also use this - method to correct events joined with the wrong product catalog. A rejoin - operation can take hours or days to complete. - operationId: retail.projects.locations.catalogs.userEvents.rejoin - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRetailV2RejoinUserEventsRequest' + Completes the specified prefix with keyword suggestions. This feature is + only available for users who have Retail Search enabled. Enable Retail + Search on Cloud Console before using this feature. + operationId: retail.projects.locations.catalogs.completeQuery security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11217,7 +11684,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudRetailV2CompleteQueryResponse' parameters: - in: path name: projectsId @@ -11234,6 +11701,39 @@ paths: required: true schema: type: string + - in: query + name: enableAttributeSuggestions + schema: + type: boolean + - in: query + name: query + schema: + type: string + - in: query + name: visitorId + schema: + type: string + - in: query + name: deviceType + schema: + type: string + - in: query + name: languageCodes + schema: + type: string + - in: query + name: dataset + schema: + type: string + - in: query + name: maxSuggestions + schema: + type: integer + format: int32 + - in: query + name: entity + schema: + type: string /v2/projects/{projectsId}/operations: parameters: *ref_1 get: @@ -11272,6 +11772,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v2/projects/{projectsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/run.yaml b/providers/src/googleapis.com/v00.00.00000/services/run.yaml index d0e4b343..c5b87b8f 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/run.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/run.yaml @@ -11,8 +11,8 @@ info: Serving API specification, while v2 is aligned with Google Cloud AIP-based API standards, as described in https://google.aip.dev/. version: v2 - x-discovery-doc-revision: '20250822' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251202' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/run/ servers: @@ -38,314 +38,469 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - GoogleCloudRunV2Metadata: - id: GoogleCloudRunV2Metadata - description: Metadata represents the JSON encoded generated customer metadata. - type: object + GoogleCloudRunV2Container: properties: - metadata: + ports: + type: array description: >- - JSON encoded Google-generated Customer Metadata for a given - resource/project. + List of ports to expose from the container. Only a single port can + be specified. The specified ports must be listening on all + interfaces (0.0.0.0) within the container to be accessible. If + omitted, a port number will be chosen and passed to the container + through the PORT environment variable for the container to listen + on. + items: + $ref: '#/components/schemas/GoogleCloudRunV2ContainerPort' + volumeMounts: + type: array + description: Volume to mount into the container's filesystem. + items: + $ref: '#/components/schemas/GoogleCloudRunV2VolumeMount' + dependsOn: + description: Names of the containers that must start before this container. + type: array + items: + type: string + baseImageUri: + description: >- + Base image for this container. Only supported for services. If set, + it indicates that the service is enrolled into automatic base image + update. type: string - GoogleCloudRunV2ExportImageRequest: - id: GoogleCloudRunV2ExportImageRequest - description: Request message for exporting Cloud Run image. - type: object - properties: - destinationRepo: - description: Required. The export destination url (the Artifact Registry repo). + sourceCode: + description: Optional. Location of the source. + $ref: '#/components/schemas/GoogleCloudRunV2SourceCode' + env: + description: List of environment variables to set in the container. + type: array + items: + $ref: '#/components/schemas/GoogleCloudRunV2EnvVar' + name: + description: Name of the container specified as a DNS_LABEL (RFC 1123). type: string - GoogleCloudRunV2ExportImageResponse: - id: GoogleCloudRunV2ExportImageResponse - description: >- - ExportImageResponse contains an operation Id to track the image export - operation. - type: object - properties: - operationId: + args: + items: + type: string description: >- - An operation ID used to track the status of image exports tied to - the original pod ID in the request. - type: string - GoogleCloudRunV2ExportStatusResponse: - id: GoogleCloudRunV2ExportStatusResponse - description: >- - ExportStatusResponse contains the status of image export operation, with - the status of each image export job. - type: object - properties: - operationId: - description: The operation id. + Arguments to the entrypoint. The docker image's CMD is used if this + is not provided. + type: array + livenessProbe: + description: >- + Periodic probe of container liveness. Container will be restarted if + the probe fails. + $ref: '#/components/schemas/GoogleCloudRunV2Probe' + startupProbe: + $ref: '#/components/schemas/GoogleCloudRunV2Probe' + description: >- + Startup probe of application within the container. All other probes + are disabled if a startup probe is provided, until it succeeds. + Container will not be added to service endpoints if the probe fails. + workingDir: + description: >- + Container's working directory. If not specified, the container + runtime's default will be used, which might be configured in the + container image. type: string - operationState: - description: Output only. The state of the overall export operation. - readOnly: true + image: + description: >- + Required. Name of the container image in Dockerhub, Google Artifact + Registry, or Google Container Registry. If the host is not provided, + Dockerhub is assumed. type: string - enumDescriptions: - - State unspecified. - - Operation still in progress. - - Operation finished. - enum: - - OPERATION_STATE_UNSPECIFIED - - IN_PROGRESS - - FINISHED - imageExportStatuses: - description: The status of each image export job. + command: type: array items: - $ref: '#/components/schemas/GoogleCloudRunV2ImageExportStatus' - GoogleCloudRunV2ImageExportStatus: - id: GoogleCloudRunV2ImageExportStatus - description: The status of an image export job. - type: object - properties: - exportJobState: + type: string description: >- - Output only. Has the image export job finished (regardless of - successful or failure). + Entrypoint array. Not executed within a shell. The docker image's + ENTRYPOINT is used if this is not provided. + buildInfo: + $ref: '#/components/schemas/GoogleCloudRunV2BuildInfo' readOnly: true - type: string - enumDescriptions: - - State unspecified. - - Job still in progress. - - Job finished. - enum: - - EXPORT_JOB_STATE_UNSPECIFIED - - IN_PROGRESS - - FINISHED - status: - description: The status of the export task if done. - $ref: '#/components/schemas/UtilStatusProto' - exportedImageDigest: - description: The exported image ID as it will appear in Artifact Registry. - type: string - tag: - description: The image tag as it will appear in Artifact Registry. - type: string - UtilStatusProto: - id: UtilStatusProto - description: Wire-format for a Status object + description: Output only. The build info of the container image. + resources: + description: Compute Resource requirements by this container. + $ref: '#/components/schemas/GoogleCloudRunV2ResourceRequirements' type: object + id: GoogleCloudRunV2Container + description: >- + A single application container. This specifies both the container to + run, the command to run in the container and the arguments to supply to + it. Note that additional arguments can be supplied by the system to the + container at runtime. + GoogleDevtoolsCloudbuildV1ConnectedRepository: properties: - code: - description: >- - Numeric code drawn from the space specified below. Often, this is - the canonical error space, and code is drawn from - google3/util/task/codes.proto copybara:strip_begin(b/383363683) - copybara:strip_end_and_replace optional int32 code = 1; - type: integer - format: int32 - space: + revision: description: >- - copybara:strip_begin(b/383363683) Space to which this status belongs - copybara:strip_end_and_replace optional string space = 2; // Space - to which this status belongs + Required. The revision to fetch from the Git repository such as a + branch, a tag, a commit SHA, or any Git ref. type: string - message: - description: >- - Detail message copybara:strip_begin(b/383363683) - copybara:strip_end_and_replace optional string message = 3; + dir: type: string - canonicalCode: description: >- - copybara:strip_begin(b/383363683) copybara:strip_end_and_replace - optional int32 canonical_code = 6; - type: integer - format: int32 - messageSet: + Optional. Directory, relative to the source root, in which to run + the build. + repository: + type: string description: >- - message_set associates an arbitrary proto message with the status. - copybara:strip_begin(b/383363683) copybara:strip_end_and_replace - optional proto2.bridge.MessageSet message_set = 5; - $ref: '#/components/schemas/Proto2BridgeMessageSet' - Proto2BridgeMessageSet: - id: Proto2BridgeMessageSet - deprecated: true + Required. Name of the Google Cloud Build repository, formatted as + `projects/*/locations/*/connections/*/repositories/*`. + id: GoogleDevtoolsCloudbuildV1ConnectedRepository description: >- - This is proto2's version of MessageSet. DEPRECATED: DO NOT USE FOR NEW - FIELDS. If you are using editions or proto2, please make your own - extendable messages for your use case. If you are using proto3, please - use `Any` instead. MessageSet was the implementation of extensions for - proto1. When proto2 was introduced, extensions were implemented as a - first-class feature. This schema for MessageSet was meant to be a - "bridge" solution to migrate MessageSet-bearing messages from proto1 to - proto2. This schema has been open-sourced only to facilitate the - migration of Google products with MessageSet-bearing messages to - open-source environments. - type: object - properties: {} - GoogleLongrunningListOperationsResponse: - id: GoogleLongrunningListOperationsResponse - description: The response message for Operations.ListOperations. + Location of the source in a 2nd-gen Google Cloud Build repository + resource. type: object + GoogleCloudRunV2CancelExecutionRequest: properties: - operations: + validateOnly: description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/GoogleLongrunningOperation' - nextPageToken: - description: The standard List next-page token. + Indicates that the request should be validated without actually + cancelling any resources. + type: boolean + etag: + description: >- + A system-generated fingerprint for this version of the resource. + This may be used to detect modification conflict during updates. type: string - GoogleLongrunningOperation: - id: GoogleLongrunningOperation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + id: GoogleCloudRunV2CancelExecutionRequest + description: Request message for deleting an Execution. + type: object + GoogleCloudRunV2InstanceSplitStatus: + id: GoogleCloudRunV2InstanceSplitStatus + description: Represents the observed state of a single `InstanceSplit` entry. type: object properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + percent: + format: int32 + type: integer + description: Specifies percent of the instance split to this Revision. + revision: type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/GoogleRpcStatus' - response: + description: Revision to which this instance split is assigned. + type: + enum: + - INSTANCE_SPLIT_ALLOCATION_TYPE_UNSPECIFIED + - INSTANCE_SPLIT_ALLOCATION_TYPE_LATEST + - INSTANCE_SPLIT_ALLOCATION_TYPE_REVISION + enumDescriptions: + - Unspecified instance allocation type. + - Allocates instances to the Service's latest ready Revision. + - Allocates instances to a Revision by name. + description: The allocation type for this instance split. + type: string + GoogleDevtoolsCloudbuildV1GitSourceRepository: + type: object + id: GoogleDevtoolsCloudbuildV1GitSourceRepository + properties: + url: + description: Location of the Git repository. + type: string + developerConnect: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. + The Developer Connect Git repository link formatted as + `projects/*/locations/*/connections/*/gitRepositoryLink/*` + type: string + description: A repository for a git source. + GoogleDevtoolsCloudbuildV1Secret: + description: >- + Pairs a set of secret environment variables containing encrypted values + with the Cloud KMS key to use to decrypt the value. Note: Use + `kmsKeyName` with `available_secrets` instead of using `kmsKeyName` with + `secret`. For instructions see: + https://cloud.google.com/cloud-build/docs/securing-builds/use-encrypted-credentials. + properties: + secretEnv: type: object + description: >- + Map of environment variable name to its encrypted value. Secret + environment variables must be unique across all of a build's + secrets, and must be used by at least one build step. Values can be + at most 64 KB in size. There can be at most 100 secret values across + all of a build's secrets. additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleRpcStatus: - id: GoogleRpcStatus - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + format: byte + type: string + kmsKeyName: + type: string + description: Cloud KMS key name to use to decrypt these envs. + id: GoogleDevtoolsCloudbuildV1Secret type: object + GoogleDevtoolsCloudbuildV1UploadedGoModule: + id: GoogleDevtoolsCloudbuildV1UploadedGoModule + description: >- + A Go module artifact uploaded to Artifact Registry using the GoModule + directive. properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + fileHashes: + description: Hash types and values of the Go Module Artifact. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1FileHashes' + uri: type: string - details: + description: URI of the uploaded artifact. + pushTiming: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' + readOnly: true description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleProtobufEmpty: - id: GoogleProtobufEmpty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - GoogleLongrunningWaitOperationRequest: - id: GoogleLongrunningWaitOperationRequest - description: The request message for Operations.WaitOperation. + Output only. Stores timing information for pushing the specified + artifact. + artifactRegistryPackage: + description: Output only. Path to the artifact in Artifact Registry. + type: string + readOnly: true type: object + GoogleDevtoolsCloudbuildV1DeveloperConnectConfig: + id: GoogleDevtoolsCloudbuildV1DeveloperConnectConfig properties: - timeout: + dir: + type: string description: >- - The maximum duration to wait before timing out. If left blank, the - wait will be at most the time permitted by the underlying HTTP/RPC - protocol. If RPC context deadline is also specified, the shorter one - will be used. + Required. Directory, relative to the source root, in which to run + the build. + revision: type: string - format: google-duration - GoogleCloudRunV2SubmitBuildRequest: - id: GoogleCloudRunV2SubmitBuildRequest - description: Request message for submitting a Build. + description: >- + Required. The revision to fetch from the Git repository such as a + branch, a tag, a commit SHA, or any Git ref. + gitRepositoryLink: + description: >- + Required. The Developer Connect Git repository link, formatted as + `projects/*/locations/*/connections/*/gitRepositoryLink/*`. + type: string + type: object + description: This config defines the location of a source through Developer Connect. + GoogleCloudRunV2ServiceMesh: type: object + description: >- + Settings for Cloud Service Mesh. For more information see + https://cloud.google.com/service-mesh/docs/overview. properties: - storageSource: - description: Required. Source for the build. - $ref: '#/components/schemas/GoogleCloudRunV2StorageSource' - imageUri: - description: Required. Artifact Registry URI to store the built image. + mesh: type: string - buildpackBuild: - description: Build the source using Buildpacks. - $ref: '#/components/schemas/GoogleCloudRunV2BuildpacksBuild' - dockerBuild: description: >- - Build the source using Docker. This means the source has a - Dockerfile. - $ref: '#/components/schemas/GoogleCloudRunV2DockerBuild' - serviceAccount: + The Mesh resource name. Format: + `projects/{project}/locations/global/meshes/{mesh}`, where + `{project}` can be project id or number. + id: GoogleCloudRunV2ServiceMesh + GoogleCloudRunV2VolumeMount: + id: GoogleCloudRunV2VolumeMount + properties: + subPath: description: >- - Optional. The service account to use for the build. If not set, the - default Cloud Build service account for the project will be used. + Optional. Path within the volume from which the container's volume + should be mounted. Defaults to "" (volume's root). type: string - workerPool: - description: >- - Optional. Name of the Cloud Build Custom Worker Pool that should be - used to build the function. The format of this field is - `projects/{project}/locations/{region}/workerPools/{workerPool}` - where `{project}` and `{region}` are the project id and region - respectively where the worker pool is defined and `{workerPool}` is - the short name of the worker pool. + name: type: string - tags: - description: Optional. Additional tags to annotate the build. - type: array + description: Required. This must match the Name of a Volume. + mountPath: + type: string + description: >- + Required. Path within the container at which the volume should be + mounted. Must not contain ':'. For Cloud SQL volumes, it can be left + empty, or must otherwise be `/cloudsql`. All instances defined in + the Volume will be available as `/cloudsql/[instance]`. For more + information on Cloud SQL volumes, visit + https://cloud.google.com/sql/docs/mysql/connect-run + description: VolumeMount describes a mounting of a Volume within a container. + type: object + GoogleCloudRunV2SourceCode: + id: GoogleCloudRunV2SourceCode + description: Source type for the container. + type: object + properties: + cloudStorageSource: + description: The source is a Cloud Storage bucket. + $ref: '#/components/schemas/GoogleCloudRunV2CloudStorageSource' + GoogleIamV1TestIamPermissionsRequest: + description: Request message for `TestIamPermissions` method. + properties: + permissions: items: type: string - machineType: description: >- - Optional. The machine type from default pool to use for the build. - If left blank, cloudbuild will use a sensible default. Currently - only E2_HIGHCPU_8 is supported. If worker_pool is set, this field - will be ignored. + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + type: array + id: GoogleIamV1TestIamPermissionsRequest + type: object + GoogleCloudRunV2Overrides: + description: RunJob Overrides that contains Execution fields to be overridden. + properties: + taskCount: + type: integer + description: >- + Optional. The desired number of tasks the execution should run. Will + replace existing task_count value. + format: int32 + containerOverrides: + items: + $ref: '#/components/schemas/GoogleCloudRunV2ContainerOverride' + description: Per container override specification. + type: array + timeout: type: string - releaseTrack: + format: google-duration description: >- - Optional. The release track of the client that initiated the build - request. + Duration in seconds the task may be active before the system will + actively try to mark it failed and kill associated containers. Will + replace existing timeout_seconds value. + type: object + id: GoogleCloudRunV2Overrides + GoogleCloudRunV2WorkerPool: + properties: + etag: type: string - enumDescriptions: - - Do not use this default value. + description: >- + Optional. A system-generated fingerprint for this version of the + resource. May be used to detect modification conflict during + updates. + description: + description: >- + User-provided description of the WorkerPool. This field currently + has a 512-character limit. + type: string + deleteTime: + type: string + readOnly: true + format: google-datetime + description: >- + Output only. The deletion time. It is only populated as a response + to a Delete request. + uid: + description: >- + Output only. Server assigned unique identifier for the trigger. The + value is a UUID4 string and guaranteed to remain unchanged until the + resource is deleted. + readOnly: true + type: string + lastModifier: + description: Output only. Email address of the last authenticated modifier. + readOnly: true + type: string + annotations: + additionalProperties: + type: string + type: object + description: >- + Optional. Unstructured key value map that may be set by external + tools to store and arbitrary metadata. They are not queryable and + should be preserved when modifying objects. Cloud Run API v2 does + not support annotations with `run.googleapis.com`, + `cloud.googleapis.com`, `serving.knative.dev`, or + `autoscaling.knative.dev` namespaces, and they will be rejected in + new resources. All system annotations in v1 now have a corresponding + field in v2 WorkerPool. This field follows Kubernetes annotations' + namespacing, limits, and rules. + satisfiesPzs: + type: boolean + readOnly: true + description: Output only. Reserved for future use. + conditions: + description: >- + Output only. The Conditions of all other associated sub-resources. + They contain additional diagnostics information in case the + WorkerPool does not reach its Serving state. See comments in + `reconciling` for additional information on reconciliation process + in Cloud Run. + items: + $ref: '#/components/schemas/GoogleCloudRunV2Condition' + readOnly: true + type: array + threatDetectionEnabled: + type: boolean + readOnly: true + description: >- + Output only. Indicates whether Cloud Run Threat Detection monitoring + is enabled for the parent project of this worker pool. + reconciling: + readOnly: true + description: >- + Output only. Returns true if the WorkerPool is currently being acted + upon by the system to bring it into the desired state. When a new + WorkerPool is created, or an existing one is updated, Cloud Run will + asynchronously perform all necessary steps to bring the WorkerPool + to the desired serving state. This process is called reconciliation. + While reconciliation is in process, `observed_generation`, + `latest_ready_revison`, `instance_split_statuses`, and `uri` will + have transient values that might mismatch the intended state: Once + reconciliation is over (and this field is false), there are two + possible outcomes: reconciliation succeeded and the serving state + matches the WorkerPool, or there was an error, and reconciliation + failed. This state can be found in `terminal_condition.state`. If + reconciliation succeeded, the following fields will match: + `instance_splits` and `instance_split_statuses`, + `observed_generation` and `generation`, `latest_ready_revision` and + `latest_created_revision`. If reconciliation failed, + `instance_split_statuses`, `observed_generation`, and + `latest_ready_revision` will have the state of the last serving + revision, or empty for newly created WorkerPools. Additional + information on the failure can be found in `terminal_condition` and + `conditions`. + type: boolean + labels: + additionalProperties: + type: string + type: object + description: >- + Optional. Unstructured key value map that can be used to organize + and categorize objects. User-provided labels are shared with + Google's billing system, so they can be used to filter, or break + down billing charges by team, component, environment, state, etc. + For more information, visit + https://cloud.google.com/resource-manager/docs/creating-managing-labels + or https://cloud.google.com/run/docs/configuring/labels. Cloud Run + API v2 does not support labels with `run.googleapis.com`, + `cloud.googleapis.com`, `serving.knative.dev`, or + `autoscaling.knative.dev` namespaces, and they will be rejected. All + system labels in v1 now have a corresponding field in v2 WorkerPool. + terminalCondition: + readOnly: true + $ref: '#/components/schemas/GoogleCloudRunV2Condition' + description: >- + Output only. The Condition of this WorkerPool, containing its + readiness status, and detailed error information in case it did not + reach a serving state. See comments in `reconciling` for additional + information on reconciliation process in Cloud Run. + updateTime: + type: string + description: Output only. The last-modified time. + format: google-datetime + readOnly: true + clientVersion: + description: Arbitrary version identifier for the API client. + type: string + latestReadyRevision: + readOnly: true + type: string + description: >- + Output only. Name of the latest revision that is serving workloads. + See comments in `reconciling` for additional information on + reconciliation process in Cloud Run. + observedGeneration: + format: int64 + readOnly: true + description: >- + Output only. The generation of this WorkerPool currently serving + workloads. See comments in `reconciling` for additional information + on reconciliation process in Cloud Run. Please note that unlike v1, + this is an int64 value. As with most Google APIs, its JSON + representation will be a `string` instead of an `integer`. + type: string + launchStage: + description: >- + Optional. The launch stage as defined by [Google Cloud Platform + Launch Stages](https://cloud.google.com/terms/launch-stages). Cloud + Run supports `ALPHA`, `BETA`, and `GA`. If no value is specified, GA + is assumed. Set the launch stage to a preview stage on input to + allow use of preview features in that stage. On read (or output), + describes whether the resource uses preview features. For example, + if ALPHA is provided as input, but only BETA and GA-level features + are used, this field will be BETA on output. + enumDescriptions: + - Do not use this default value. - The feature is not yet implemented. Users can not use it. - >- Prelaunch features are hidden from users and are only visible @@ -391,1095 +546,382 @@ components: - BETA - GA - DEPRECATED - GoogleCloudRunV2StorageSource: - id: GoogleCloudRunV2StorageSource - description: Location of the source in an archive file in Google Cloud Storage. - type: object - properties: - bucket: - description: >- - Required. Google Cloud Storage bucket containing the source (see - [Bucket Name - Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). - type: string - object: - description: >- - Required. Google Cloud Storage object containing the source. This - object must be a gzipped archive file (`.tar.gz`) containing source - to build. type: string generation: description: >- - Optional. Google Cloud Storage generation for the object. If the - generation is omitted, the latest generation will be used. - type: string + Output only. A number that monotonically increases every time the + user modifies the desired state. Please note that unlike v1, this is + an int64 value. As with most Google APIs, its JSON representation + will be a `string` instead of an `integer`. format: int64 - GoogleCloudRunV2BuildpacksBuild: - id: GoogleCloudRunV2BuildpacksBuild - description: Build the source using Buildpacks. - type: object - properties: - runtime: - description: The runtime name, e.g. 'go113'. Leave blank for generic builds. - deprecated: true type: string - functionTarget: - description: >- - Optional. Name of the function target if the source is a function - source. Required for function builds. + readOnly: true + createTime: + readOnly: true type: string - cacheImageUri: + description: Output only. The creation time. + format: google-datetime + client: + description: Arbitrary identifier for the API client. + type: string + name: description: >- - Optional. cache_image_uri is the GCR/AR URL where the cache image - will be stored. cache_image_uri is optional and omitting it will - disable caching. This URL must be stable across builds. It is used - to derive a build-specific temporary URL by substituting the tag - with the build ID. The build will clean up the temporary image on a - best-effort basis. + The fully qualified name of this WorkerPool. In + CreateWorkerPoolRequest, this field is ignored, and instead composed + from CreateWorkerPoolRequest.parent and + CreateWorkerPoolRequest.worker_id. Format: + `projects/{project}/locations/{location}/workerPools/{worker_id}` type: string - baseImage: - description: Optional. The base image to use for the build. + template: + $ref: '#/components/schemas/GoogleCloudRunV2WorkerPoolRevisionTemplate' + description: Required. The template used to create revisions for this WorkerPool. + expireTime: + format: google-datetime + description: >- + Output only. For a deleted resource, the time after which it will be + permamently deleted. type: string - environmentVariables: - description: Optional. User-provided build-time environment variables. - type: object - additionalProperties: - type: string - enableAutomaticUpdates: + readOnly: true + instanceSplits: + items: + $ref: '#/components/schemas/GoogleCloudRunV2InstanceSplit' description: >- - Optional. Whether or not the application container will be enrolled - in automatic base image updates. When true, the application will be - built on a scratch base image, so the base layers can be appended at - run time. - type: boolean - projectDescriptor: + Optional. Specifies how to distribute instances over a collection of + Revisions belonging to the WorkerPool. If instance split is empty or + not provided, defaults to 100% instances assigned to the latest + `Ready` Revision. + type: array + scaling: + description: Optional. Specifies worker-pool-level scaling settings + $ref: '#/components/schemas/GoogleCloudRunV2WorkerPoolScaling' + latestCreatedRevision: description: >- - Optional. project_descriptor stores the path to the project - descriptor file. When empty, it means that there is no project - descriptor file in the source. + Output only. Name of the last created revision. See comments in + `reconciling` for additional information on reconciliation process + in Cloud Run. type: string - GoogleCloudRunV2DockerBuild: - id: GoogleCloudRunV2DockerBuild - description: Build the source using Docker. This means the source has a Dockerfile. - type: object - properties: {} - GoogleCloudRunV2SubmitBuildResponse: - id: GoogleCloudRunV2SubmitBuildResponse - description: Response message for submitting a Build. - type: object - properties: - buildOperation: - description: Cloud Build operation to be polled via CloudBuild API. - $ref: '#/components/schemas/GoogleLongrunningOperation' - baseImageUri: + readOnly: true + instanceSplitStatuses: + readOnly: true description: >- - URI of the base builder image in Artifact Registry being used in the - build. Used to opt into automatic base image updates. - type: string - baseImageWarning: - description: Warning message for the base image. + Output only. Detailed status information for corresponding instance + splits. See comments in `reconciling` for additional information on + reconciliation process in Cloud Run. + type: array + items: + $ref: '#/components/schemas/GoogleCloudRunV2InstanceSplitStatus' + customAudiences: + description: Not supported, and ignored by Cloud Run. + items: + type: string + type: array + creator: + description: Output only. Email address of the authenticated creator. type: string - GoogleCloudRunV2Execution: - id: GoogleCloudRunV2Execution + readOnly: true + binaryAuthorization: + description: Optional. Settings for the Binary Authorization feature. + $ref: '#/components/schemas/GoogleCloudRunV2BinaryAuthorization' + id: GoogleCloudRunV2WorkerPool description: >- - Execution represents the configuration of a single execution. A - execution an immutable resource that references a container image which - is run to completion. + WorkerPool acts as a top-level container that manages a set of + configurations and revision templates which implement a pull-based + workload. WorkerPool exists to provide a singular abstraction which can + be access controlled, reasoned about, and which encapsulates software + lifecycle decisions such as rollout policy and team resource ownership. + type: object + GoogleCloudRunV2BuildConfig: + id: GoogleCloudRunV2BuildConfig type: object properties: - name: - description: Output only. The unique name of this Execution. - readOnly: true + imageUri: type: string - uid: - description: >- - Output only. Server assigned unique identifier for the Execution. - The value is a UUID4 string and guaranteed to remain unchanged until - the resource is deleted. - readOnly: true + description: Optional. Artifact Registry URI to store the built image. + baseImage: + description: Optional. The base image used to build the function. type: string - creator: - description: Output only. Email address of the authenticated creator. - readOnly: true + functionTarget: + description: >- + Optional. The name of the function (as defined in source code) that + will be executed. Defaults to the resource name suffix, if not + specified. For backward compatibility, if function with given name + is not found, then the system will try to use function named + "function". type: string - generation: + serviceAccount: description: >- - Output only. A number that monotonically increases every time the - user modifies the desired state. - readOnly: true + Optional. Service account to be used for building the container. The + format of this field is + `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. + type: string + workerPool: type: string - format: int64 - labels: description: >- - Output only. Unstructured key value map that can be used to organize - and categorize objects. User-provided labels are shared with - Google's billing system, so they can be used to filter, or break - down billing charges by team, component, environment, state, etc. - For more information, visit - https://cloud.google.com/resource-manager/docs/creating-managing-labels - or https://cloud.google.com/run/docs/configuring/labels - readOnly: true - type: object - additionalProperties: - type: string - annotations: + Optional. Name of the Cloud Build Custom Worker Pool that should be + used to build the Cloud Run function. The format of this field is + `projects/{project}/locations/{region}/workerPools/{workerPool}` + where `{project}` and `{region}` are the project id and region + respectively where the worker pool is defined and `{workerPool}` is + the short name of the worker pool. + environmentVariables: description: >- - Output only. Unstructured key value map that may be set by external - tools to store and arbitrary metadata. They are not queryable and - should be preserved when modifying objects. - readOnly: true - type: object + Optional. User-provided build-time environment variables for the + function additionalProperties: type: string - createTime: - description: >- - Output only. Represents time when the execution was acknowledged by - the execution controller. It is not guaranteed to be set in - happens-before order across separate operations. - readOnly: true - type: string - format: google-datetime - startTime: + type: object + sourceLocation: description: >- - Output only. Represents time when the execution started to run. It - is not guaranteed to be set in happens-before order across separate - operations. - readOnly: true + The Cloud Storage bucket URI where the function source code is + located. type: string - format: google-datetime - completionTime: - description: >- - Output only. Represents time when the execution was completed. It is - not guaranteed to be set in happens-before order across separate - operations. - readOnly: true + name: type: string - format: google-datetime - updateTime: - description: Output only. The last-modified time. readOnly: true - type: string - format: google-datetime - deleteTime: description: >- - Output only. For a deleted resource, the deletion time. It is only - populated as a response to a Delete request. - readOnly: true - type: string - format: google-datetime - expireTime: + Output only. The Cloud Build name of the latest successful + deployment of the function. + enableAutomaticUpdates: description: >- - Output only. For a deleted resource, the time after which it will be - permamently deleted. It is only populated as a response to a Delete - request. - readOnly: true + Optional. Sets whether the function will receive automatic base + image updates. + type: boolean + description: >- + Describes the Build step of the function that builds a container from + the given source. + GoogleDevtoolsCloudbuildV1Volume: + description: >- + Volume describes a Docker container volume which is mounted into build + steps in order to persist files across build step execution. + type: object + properties: + name: + description: >- + Name of the volume to mount. Volume names must be unique per build + step and must be valid names for Docker volumes. Each named volume + must be used by at least two build steps. type: string - format: google-datetime - launchStage: + path: description: >- - The least stable launch stage needed to create this resource, as - defined by [Google Cloud Platform Launch - Stages](https://cloud.google.com/terms/launch-stages). Cloud Run - supports `ALPHA`, `BETA`, and `GA`. Note that this value might not - be what was used as input. For example, if ALPHA was provided as - input in the parent resource, but only BETA and GA-level features - are were, this field will be BETA. + Path at which to mount the volume. Paths must be absolute and cannot + conflict with other volume paths on the same build step or with + certain reserved volume paths. + type: string + id: GoogleDevtoolsCloudbuildV1Volume + GoogleCloudRunV2TrafficTargetStatus: + type: object + id: GoogleCloudRunV2TrafficTargetStatus + properties: + type: + description: The allocation type for this traffic target. type: string enumDescriptions: - - Do not use this default value. - - The feature is not yet implemented. Users can not use it. - - >- - Prelaunch features are hidden from users and are only visible - internally. - - >- - Early Access features are limited to a closed group of testers. To - use these features, you must sign up in advance and sign a Trusted - Tester agreement (which includes confidentiality provisions). - These features may be unstable, changed in backward-incompatible - ways, and are not guaranteed to be released. - - >- - Alpha is a limited availability test for releases before they are - cleared for widespread use. By Alpha, all significant design - issues are resolved and we are in the process of verifying - functionality. Alpha customers need to apply for access, agree to - applicable terms, and have their projects allowlisted. Alpha - releases don't have to be feature complete, no SLAs are provided, - and there are no technical support obligations, but they will be - far enough along that customers can actually use them in test - environments or for limited-use tests -- just like they would in - normal production cases. - - >- - Beta is the point at which we are ready to open a release for any - customer to use. There are no SLA or technical support obligations - in a Beta release. Products will be complete from a feature - perspective, but may have some open outstanding issues. Beta - releases are suitable for limited production use cases. - - >- - GA features are open to all developers and are considered stable - and fully qualified for production use. - - >- - Deprecated features are scheduled to be shut down and removed. For - more information, see the "Deprecation Policy" section of our - [Terms of Service](https://cloud.google.com/terms/) and the - [Google Cloud Platform Subject to the Deprecation - Policy](https://cloud.google.com/terms/deprecation) documentation. + - Unspecified instance allocation type. + - Allocates instances to the Service's latest ready Revision. + - Allocates instances to a Revision by name. enum: - - LAUNCH_STAGE_UNSPECIFIED - - UNIMPLEMENTED - - PRELAUNCH - - EARLY_ACCESS - - ALPHA - - BETA - - GA - - DEPRECATED - job: - description: Output only. The name of the parent Job. - readOnly: true + - TRAFFIC_TARGET_ALLOCATION_TYPE_UNSPECIFIED + - TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST + - TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION + uri: + description: Displays the target URI. type: string - parallelism: - description: >- - Output only. Specifies the maximum desired number of tasks the - execution should run at any given time. Must be <= task_count. The - actual number of tasks running in steady state will be less than - this number when ((.spec.task_count - .status.successful) < - .spec.parallelism), i.e. when the work left to do is less than max - parallelism. - readOnly: true - type: integer + percent: format: int32 - taskCount: - description: >- - Output only. Specifies the desired number of tasks the execution - should run. Setting to 1 means that parallelism is limited to 1 and - the success of that task signals the success of the execution. - readOnly: true + description: Specifies percent of the traffic to this Revision. type: integer - format: int32 - template: - description: Output only. The template used to create tasks for this execution. - readOnly: true - $ref: '#/components/schemas/GoogleCloudRunV2TaskTemplate' - reconciling: - description: >- - Output only. Indicates whether the resource's reconciliation is - still in progress. See comments in `Job.reconciling` for additional - information on reconciliation process in Cloud Run. - readOnly: true - type: boolean - conditions: - description: >- - Output only. The Condition of this Execution, containing its - readiness status, and detailed error information in case it did not - reach the desired state. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2Condition' - observedGeneration: - description: >- - Output only. The generation of this Execution. See comments in - `reconciling` for additional information on reconciliation process - in Cloud Run. - readOnly: true + revision: + description: Revision to which this traffic is sent. type: string - format: int64 - runningCount: - description: Output only. The number of actively running tasks. - readOnly: true - type: integer - format: int32 - succeededCount: - description: Output only. The number of tasks which reached phase Succeeded. - readOnly: true - type: integer - format: int32 - failedCount: - description: Output only. The number of tasks which reached phase Failed. - readOnly: true - type: integer - format: int32 - cancelledCount: - description: Output only. The number of tasks which reached phase Cancelled. - readOnly: true - type: integer - format: int32 - retriedCount: - description: Output only. The number of tasks which have retried at least once. - readOnly: true - type: integer - format: int32 - logUri: - description: >- - Output only. URI where logs for this execution can be found in Cloud - Console. - readOnly: true + tag: type: string - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - etag: description: >- - Output only. A system-generated fingerprint for this version of the - resource. May be used to detect modification conflict during - updates. - readOnly: true - type: string - GoogleCloudRunV2TaskTemplate: - id: GoogleCloudRunV2TaskTemplate - description: >- - TaskTemplate describes the data a task should have when created from a - template. + Indicates the string used in the URI to exclusively reference this + target. + description: Represents the observed state of a single `TrafficTarget` entry. + GoogleIamV1TestIamPermissionsResponse: type: object + description: Response message for `TestIamPermissions` method. properties: - containers: + permissions: description: >- - Holds the single container that defines the unit of execution for - this task. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2Container' - volumes: - description: Optional. A list of Volumes to make available to containers. + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. type: array items: - $ref: '#/components/schemas/GoogleCloudRunV2Volume' - maxRetries: - description: >- - Number of retries allowed per Task, before marking this Task failed. - Defaults to 3. - type: integer - format: int32 - timeout: - description: >- - Optional. Max allowed time duration the Task may be active before - the system will actively try to mark it failed and kill associated - containers. This applies per attempt of a task, meaning each retry - can run for the full timeout. Defaults to 600 seconds. + type: string + id: GoogleIamV1TestIamPermissionsResponse + GoogleCloudRunV2HTTPHeader: + description: HTTPHeader describes a custom header to be used in HTTP probes + properties: + value: + description: Optional. The header field value type: string - format: google-duration - serviceAccount: - description: >- - Optional. Email address of the IAM service account associated with - the Task of a Job. The service account represents the identity of - the running task, and determines what permissions the task has. If - not provided, the task will use the project's default service - account. + name: type: string - executionEnvironment: - description: Optional. The execution environment being used to host this Task. + description: Required. The header field name + type: object + id: GoogleCloudRunV2HTTPHeader + GoogleCloudRunV2NodeSelector: + description: Hardware constraints configuration. + type: object + properties: + accelerator: type: string - enumDescriptions: - - Unspecified - - Uses the First Generation environment. - - Uses Second Generation environment. - enum: - - EXECUTION_ENVIRONMENT_UNSPECIFIED - - EXECUTION_ENVIRONMENT_GEN1 - - EXECUTION_ENVIRONMENT_GEN2 - encryptionKey: + description: Required. GPU accelerator type to attach to an instance. + id: GoogleCloudRunV2NodeSelector + GoogleCloudRunV2BuildpacksBuild: + properties: + functionTarget: description: >- - A reference to a customer managed encryption key (CMEK) to use to - encrypt this container image. For more information, go to - https://cloud.google.com/run/docs/securing/using-cmek + Optional. Name of the function target if the source is a function + source. Required for function builds. type: string - vpcAccess: + cacheImageUri: description: >- - Optional. VPC Access configuration to use for this Task. For more - information, visit - https://cloud.google.com/run/docs/configuring/connecting-vpc. - $ref: '#/components/schemas/GoogleCloudRunV2VpcAccess' - nodeSelector: - description: Optional. The node selector for the task template. - $ref: '#/components/schemas/GoogleCloudRunV2NodeSelector' - gpuZonalRedundancyDisabled: + Optional. cache_image_uri is the GCR/AR URL where the cache image + will be stored. cache_image_uri is optional and omitting it will + disable caching. This URL must be stable across builds. It is used + to derive a build-specific temporary URL by substituting the tag + with the build ID. The build will clean up the temporary image on a + best-effort basis. + type: string + baseImage: + description: Optional. The base image to use for the build. + type: string + projectDescriptor: + type: string description: >- - Optional. True if GPU zonal redundancy is disabled on this task - template. + Optional. project_descriptor stores the path to the project + descriptor file. When empty, it means that there is no project + descriptor file in the source. + enableAutomaticUpdates: type: boolean - GoogleCloudRunV2Container: - id: GoogleCloudRunV2Container - description: >- - A single application container. This specifies both the container to - run, the command to run in the container and the arguments to supply to - it. Note that additional arguments can be supplied by the system to the - container at runtime. + description: >- + Optional. Whether or not the application container will be enrolled + in automatic base image updates. When true, the application will be + built on a scratch base image, so the base layers can be appended at + run time. + runtime: + type: string + description: The runtime name, e.g. 'go113'. Leave blank for generic builds. + deprecated: true + environmentVariables: + additionalProperties: + type: string + description: Optional. User-provided build-time environment variables. + type: object + id: GoogleCloudRunV2BuildpacksBuild + description: Build the source using Buildpacks. + type: object + GoogleCloudRunV2Condition: type: object + id: GoogleCloudRunV2Condition properties: - name: - description: Name of the container specified as a DNS_LABEL (RFC 1123). + reason: + readOnly: true + enum: + - COMMON_REASON_UNDEFINED + - UNKNOWN + - REVISION_FAILED + - PROGRESS_DEADLINE_EXCEEDED + - CONTAINER_MISSING + - CONTAINER_PERMISSION_DENIED + - CONTAINER_IMAGE_UNAUTHORIZED + - CONTAINER_IMAGE_AUTHORIZATION_CHECK_FAILED + - ENCRYPTION_KEY_PERMISSION_DENIED + - ENCRYPTION_KEY_CHECK_FAILED + - SECRETS_ACCESS_CHECK_FAILED + - WAITING_FOR_OPERATION + - IMMEDIATE_RETRY + - POSTPONED_RETRY + - INTERNAL + - VPC_NETWORK_NOT_FOUND + enumDescriptions: + - Default value. + - Reason unknown. Further details will be in message. + - Revision creation process failed. + - Timed out waiting for completion. + - The container image path is incorrect. + - Insufficient permissions on the container image. + - Container image is not authorized by policy. + - Container image policy authorization check failed. + - Insufficient permissions on encryption key. + - Permission check on encryption key failed. + - At least one Access check on secrets failed. + - Waiting for operation to complete. + - System will retry immediately. + - System will retry later; current attempt failed. + - >- + An internal error occurred. Further information may be in the + message. + - User-provided VPC network was not found. + description: Output only. A common (service-level) reason for this condition. type: string - image: - description: >- - Required. Name of the container image in Dockerhub, Google Artifact - Registry, or Google Container Registry. If the host is not provided, - Dockerhub is assumed. + message: + description: Human readable message indicating details about the current status. + type: string + type: type: string - command: - description: >- - Entrypoint array. Not executed within a shell. The docker image's - ENTRYPOINT is used if this is not provided. - type: array - items: - type: string - args: - description: >- - Arguments to the entrypoint. The docker image's CMD is used if this - is not provided. - type: array - items: - type: string - env: - description: List of environment variables to set in the container. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2EnvVar' - resources: - description: Compute Resource requirements by this container. - $ref: '#/components/schemas/GoogleCloudRunV2ResourceRequirements' - ports: - description: >- - List of ports to expose from the container. Only a single port can - be specified. The specified ports must be listening on all - interfaces (0.0.0.0) within the container to be accessible. If - omitted, a port number will be chosen and passed to the container - through the PORT environment variable for the container to listen - on. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2ContainerPort' - volumeMounts: - description: Volume to mount into the container's filesystem. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2VolumeMount' - workingDir: - description: >- - Container's working directory. If not specified, the container - runtime's default will be used, which might be configured in the - container image. - type: string - livenessProbe: - description: >- - Periodic probe of container liveness. Container will be restarted if - the probe fails. - $ref: '#/components/schemas/GoogleCloudRunV2Probe' - startupProbe: - description: >- - Startup probe of application within the container. All other probes - are disabled if a startup probe is provided, until it succeeds. - Container will not be added to service endpoints if the probe fails. - $ref: '#/components/schemas/GoogleCloudRunV2Probe' - dependsOn: - description: Names of the containers that must start before this container. - type: array - items: - type: string - baseImageUri: - description: >- - Base image for this container. Only supported for services. If set, - it indicates that the service is enrolled into automatic base image - update. - type: string - buildInfo: - description: Output only. The build info of the container image. - readOnly: true - $ref: '#/components/schemas/GoogleCloudRunV2BuildInfo' - GoogleCloudRunV2EnvVar: - id: GoogleCloudRunV2EnvVar - description: EnvVar represents an environment variable present in a Container. - type: object - properties: - name: - description: >- - Required. Name of the environment variable. Must not exceed 32768 - characters. - type: string - value: - description: >- - Literal value of the environment variable. Defaults to "", and the - maximum length is 32768 bytes. Variable references are not supported - in Cloud Run. - type: string - valueSource: - description: Source for the environment variable's value. - $ref: '#/components/schemas/GoogleCloudRunV2EnvVarSource' - GoogleCloudRunV2EnvVarSource: - id: GoogleCloudRunV2EnvVarSource - description: EnvVarSource represents a source for the value of an EnvVar. - type: object - properties: - secretKeyRef: - description: Selects a secret and a specific version from Cloud Secret Manager. - $ref: '#/components/schemas/GoogleCloudRunV2SecretKeySelector' - GoogleCloudRunV2SecretKeySelector: - id: GoogleCloudRunV2SecretKeySelector - description: SecretEnvVarSource represents a source for the value of an EnvVar. - type: object - properties: - secret: - description: >- - Required. The name of the secret in Cloud Secret Manager. Format: - {secret_name} if the secret is in the same project. - projects/{project}/secrets/{secret_name} if the secret is in a - different project. - type: string - version: - description: >- - The Cloud Secret Manager secret version. Can be 'latest' for the - latest version, an integer for a specific version, or a version - alias. - type: string - GoogleCloudRunV2ResourceRequirements: - id: GoogleCloudRunV2ResourceRequirements - description: ResourceRequirements describes the compute resource requirements. - type: object - properties: - limits: - description: >- - Only `memory` and `cpu` keys in the map are supported. Notes: * The - only supported values for CPU are '1', '2', '4', and '8'. Setting 4 - CPU requires at least 2Gi of memory. For more information, go to - https://cloud.google.com/run/docs/configuring/cpu. * For supported - 'memory' values and syntax, go to - https://cloud.google.com/run/docs/configuring/memory-limits - type: object - additionalProperties: - type: string - cpuIdle: - description: >- - Determines whether CPU is only allocated during requests (true by - default). However, if ResourceRequirements is set, the caller must - explicitly set this field to true to preserve the default behavior. - type: boolean - startupCpuBoost: - description: >- - Determines whether CPU should be boosted on startup of a new - container instance above the requested CPU threshold, this can help - reduce cold-start latency. - type: boolean - GoogleCloudRunV2ContainerPort: - id: GoogleCloudRunV2ContainerPort - description: ContainerPort represents a network port in a single container. - type: object - properties: - name: - description: >- - If specified, used to specify which protocol to use. Allowed values - are "http1" and "h2c". - type: string - containerPort: - description: >- - Port number the container listens on. This must be a valid TCP port - number, 0 < container_port < 65536. - type: integer - format: int32 - GoogleCloudRunV2VolumeMount: - id: GoogleCloudRunV2VolumeMount - description: VolumeMount describes a mounting of a Volume within a container. - type: object - properties: - name: - description: Required. This must match the Name of a Volume. - type: string - mountPath: - description: >- - Required. Path within the container at which the volume should be - mounted. Must not contain ':'. For Cloud SQL volumes, it can be left - empty, or must otherwise be `/cloudsql`. All instances defined in - the Volume will be available as `/cloudsql/[instance]`. For more - information on Cloud SQL volumes, visit - https://cloud.google.com/sql/docs/mysql/connect-run - type: string - subPath: - description: >- - Optional. Path within the volume from which the container's volume - should be mounted. Defaults to "" (volume's root). - type: string - GoogleCloudRunV2Probe: - id: GoogleCloudRunV2Probe - description: >- - Probe describes a health check to be performed against a container to - determine whether it is alive or ready to receive traffic. - type: object - properties: - initialDelaySeconds: - description: >- - Optional. Number of seconds after the container has started before - the probe is initiated. Defaults to 0 seconds. Minimum value is 0. - Maximum value for liveness probe is 3600. Maximum value for startup - probe is 240. - type: integer - format: int32 - timeoutSeconds: - description: >- - Optional. Number of seconds after which the probe times out. - Defaults to 1 second. Minimum value is 1. Maximum value is 3600. - Must be smaller than period_seconds. - type: integer - format: int32 - periodSeconds: - description: >- - Optional. How often (in seconds) to perform the probe. Default to 10 - seconds. Minimum value is 1. Maximum value for liveness probe is - 3600. Maximum value for startup probe is 240. Must be greater or - equal than timeout_seconds. - type: integer - format: int32 - failureThreshold: - description: >- - Optional. Minimum consecutive failures for the probe to be - considered failed after having succeeded. Defaults to 3. Minimum - value is 1. - type: integer - format: int32 - httpGet: - description: >- - Optional. HTTPGet specifies the http request to perform. Exactly one - of httpGet, tcpSocket, or grpc must be specified. - $ref: '#/components/schemas/GoogleCloudRunV2HTTPGetAction' - tcpSocket: - description: >- - Optional. TCPSocket specifies an action involving a TCP port. - Exactly one of httpGet, tcpSocket, or grpc must be specified. - $ref: '#/components/schemas/GoogleCloudRunV2TCPSocketAction' - grpc: - description: >- - Optional. GRPC specifies an action involving a gRPC port. Exactly - one of httpGet, tcpSocket, or grpc must be specified. - $ref: '#/components/schemas/GoogleCloudRunV2GRPCAction' - GoogleCloudRunV2HTTPGetAction: - id: GoogleCloudRunV2HTTPGetAction - description: HTTPGetAction describes an action based on HTTP Get requests. - type: object - properties: - path: - description: Optional. Path to access on the HTTP server. Defaults to '/'. - type: string - httpHeaders: - description: >- - Optional. Custom headers to set in the request. HTTP allows repeated - headers. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2HTTPHeader' - port: - description: >- - Optional. Port number to access on the container. Must be in the - range 1 to 65535. If not specified, defaults to the exposed port of - the container, which is the value of - container.ports[0].containerPort. - type: integer - format: int32 - GoogleCloudRunV2HTTPHeader: - id: GoogleCloudRunV2HTTPHeader - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - properties: - name: - description: Required. The header field name - type: string - value: - description: Optional. The header field value - type: string - GoogleCloudRunV2TCPSocketAction: - id: GoogleCloudRunV2TCPSocketAction - description: TCPSocketAction describes an action based on opening a socket - type: object - properties: - port: - description: >- - Optional. Port number to access on the container. Must be in the - range 1 to 65535. If not specified, defaults to the exposed port of - the container, which is the value of - container.ports[0].containerPort. - type: integer - format: int32 - GoogleCloudRunV2GRPCAction: - id: GoogleCloudRunV2GRPCAction - description: GRPCAction describes an action involving a GRPC port. - type: object - properties: - port: - description: >- - Optional. Port number of the gRPC service. Number must be in the - range 1 to 65535. If not specified, defaults to the exposed port of - the container, which is the value of - container.ports[0].containerPort. - type: integer - format: int32 - service: - description: >- - Optional. Service is the name of the service to place in the gRPC - HealthCheckRequest (see - https://github.com/grpc/grpc/blob/master/doc/health-checking.md ). - If this is not specified, the default behavior is defined by gRPC. - type: string - GoogleCloudRunV2BuildInfo: - id: GoogleCloudRunV2BuildInfo - description: Build information of the image. - type: object - properties: - functionTarget: - description: >- - Output only. Entry point of the function when the image is a Cloud - Run function. - readOnly: true - type: string - sourceLocation: - description: Output only. Source code location of the image. - readOnly: true - type: string - GoogleCloudRunV2Volume: - id: GoogleCloudRunV2Volume - description: Volume represents a named volume in a container. - type: object - properties: - name: - description: Required. Volume's name. - type: string - secret: - description: Secret represents a secret that should populate this volume. - $ref: '#/components/schemas/GoogleCloudRunV2SecretVolumeSource' - cloudSqlInstance: - description: >- - For Cloud SQL volumes, contains the specific instances that should - be mounted. Visit - https://cloud.google.com/sql/docs/mysql/connect-run for more - information on how to connect Cloud SQL and Cloud Run. - $ref: '#/components/schemas/GoogleCloudRunV2CloudSqlInstance' - emptyDir: - description: Ephemeral storage used as a shared volume. - $ref: '#/components/schemas/GoogleCloudRunV2EmptyDirVolumeSource' - nfs: - description: For NFS Voumes, contains the path to the nfs Volume - $ref: '#/components/schemas/GoogleCloudRunV2NFSVolumeSource' - gcs: - description: Persistent storage backed by a Google Cloud Storage bucket. - $ref: '#/components/schemas/GoogleCloudRunV2GCSVolumeSource' - GoogleCloudRunV2SecretVolumeSource: - id: GoogleCloudRunV2SecretVolumeSource - description: >- - The secret's value will be presented as the content of a file whose name - is defined in the item path. If no items are defined, the name of the - file is the secret. - type: object - properties: - secret: - description: >- - Required. The name of the secret in Cloud Secret Manager. Format: - {secret} if the secret is in the same project. - projects/{project}/secrets/{secret} if the secret is in a different - project. - type: string - items: - description: >- - If unspecified, the volume will expose a file whose name is the - secret, relative to VolumeMount.mount_path. If specified, the key - will be used as the version to fetch from Cloud Secret Manager and - the path will be the name of the file exposed in the volume. When - items are defined, they must specify a path and a version. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2VersionToPath' - defaultMode: - description: >- - Integer representation of mode bits to use on created files by - default. Must be a value between 0000 and 0777 (octal), defaulting - to 0444. Directories within the path are not affected by this - setting. Notes * Internally, a umask of 0222 will be applied to any - non-zero value. * This is an integer representation of the mode - bits. So, the octal integer value should look exactly as the chmod - numeric notation with a leading zero. Some examples: for chmod 640 - (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 - (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This - might be in conflict with other options that affect the file mode, - like fsGroup, and the result can be other mode bits set. This might - be in conflict with other options that affect the file mode, like - fsGroup, and as a result, other mode bits could be set. - type: integer - format: int32 - GoogleCloudRunV2VersionToPath: - id: GoogleCloudRunV2VersionToPath - description: >- - VersionToPath maps a specific version of a secret to a relative file to - mount to, relative to VolumeMount's mount_path. - type: object - properties: - path: - description: Required. The relative path of the secret in the container. - type: string - version: - description: >- - The Cloud Secret Manager secret version. Can be 'latest' for the - latest value, or an integer or a secret alias for a specific - version. - type: string - mode: - description: >- - Integer octal mode bits to use on this file, must be a value between - 01 and 0777 (octal). If 0 or not set, the Volume's default mode will - be used. Notes * Internally, a umask of 0222 will be applied to any - non-zero value. * This is an integer representation of the mode - bits. So, the octal integer value should look exactly as the chmod - numeric notation with a leading zero. Some examples: for chmod 640 - (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 - (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This - might be in conflict with other options that affect the file mode, - like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - GoogleCloudRunV2CloudSqlInstance: - id: GoogleCloudRunV2CloudSqlInstance - description: >- - Represents a set of Cloud SQL instances. Each one will be available - under /cloudsql/[instance]. Visit - https://cloud.google.com/sql/docs/mysql/connect-run for more information - on how to connect Cloud SQL and Cloud Run. - type: object - properties: - instances: - description: >- - The Cloud SQL instance connection names, as can be found in - https://console.cloud.google.com/sql/instances. Visit - https://cloud.google.com/sql/docs/mysql/connect-run for more - information on how to connect Cloud SQL and Cloud Run. Format: - {project}:{location}:{instance} - type: array - items: - type: string - GoogleCloudRunV2EmptyDirVolumeSource: - id: GoogleCloudRunV2EmptyDirVolumeSource - description: >- - In memory (tmpfs) ephemeral storage. It is ephemeral in the sense that - when the sandbox is taken down, the data is destroyed with it (it does - not persist across sandbox runs). - type: object - properties: - medium: - description: >- - The medium on which the data is stored. Acceptable values today is - only MEMORY or none. When none, the default will currently be backed - by memory but could change over time. +optional - type: string - enumDescriptions: - - >- - When not specified, falls back to the default implementation which - is currently in memory (this may change over time). - - Explicitly set the EmptyDir to be in memory. Uses tmpfs. - enum: - - MEDIUM_UNSPECIFIED - - MEMORY - sizeLimit: - description: >- - Limit on the storage usable by this EmptyDir volume. The size limit - is also applicable for memory medium. The maximum usage on memory - medium EmptyDir would be the minimum value between the SizeLimit - specified here and the sum of memory limits of all containers. The - default is nil which means that the limit is undefined. More info: - https://cloud.google.com/run/docs/configuring/in-memory-volumes#configure-volume. - Info in Kubernetes: - https://kubernetes.io/docs/concepts/storage/volumes/#emptydir - type: string - GoogleCloudRunV2NFSVolumeSource: - id: GoogleCloudRunV2NFSVolumeSource - description: Represents an NFS mount. - type: object - properties: - server: - description: Hostname or IP address of the NFS server - type: string - path: - description: Path that is exported by the NFS server. - type: string - readOnly: - description: If true, the volume will be mounted as read only for all mounts. - type: boolean - GoogleCloudRunV2GCSVolumeSource: - id: GoogleCloudRunV2GCSVolumeSource - description: >- - Represents a volume backed by a Cloud Storage bucket using Cloud Storage - FUSE. - type: object - properties: - bucket: - description: Cloud Storage Bucket name. - type: string - readOnly: - description: If true, the volume will be mounted as read only for all mounts. - type: boolean - mountOptions: - description: >- - A list of additional flags to pass to the gcsfuse CLI. Options - should be specified without the leading "--". - type: array - items: - type: string - GoogleCloudRunV2VpcAccess: - id: GoogleCloudRunV2VpcAccess - description: >- - VPC Access settings. For more information on sending traffic to a VPC - network, visit - https://cloud.google.com/run/docs/configuring/connecting-vpc. - type: object - properties: - connector: - description: >- - VPC Access connector name. Format: - `projects/{project}/locations/{location}/connectors/{connector}`, - where `{project}` can be project id or number. For more information - on sending traffic to a VPC network via a connector, visit - https://cloud.google.com/run/docs/configuring/vpc-connectors. - type: string - egress: - description: >- - Optional. Traffic VPC egress settings. If not provided, it defaults - to PRIVATE_RANGES_ONLY. - type: string - enumDescriptions: - - Unspecified - - All outbound traffic is routed through the VPC connector. - - Only private IP ranges are routed through the VPC connector. - enum: - - VPC_EGRESS_UNSPECIFIED - - ALL_TRAFFIC - - PRIVATE_RANGES_ONLY - networkInterfaces: - description: >- - Optional. Direct VPC egress settings. Currently only single network - interface is supported. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2NetworkInterface' - GoogleCloudRunV2NetworkInterface: - id: GoogleCloudRunV2NetworkInterface - description: Direct VPC egress settings. - type: object - properties: - network: - description: >- - Optional. The VPC network that the Cloud Run resource will be able - to send traffic to. At least one of network or subnetwork must be - specified. If both network and subnetwork are specified, the given - VPC subnetwork must belong to the given VPC network. If network is - not specified, it will be looked up from the subnetwork. - type: string - subnetwork: - description: >- - Optional. The VPC subnetwork that the Cloud Run resource will get - IPs from. At least one of network or subnetwork must be specified. - If both network and subnetwork are specified, the given VPC - subnetwork must belong to the given VPC network. If subnetwork is - not specified, the subnetwork with the same name with the network - will be used. - type: string - tags: - description: Optional. Network tags applied to this Cloud Run resource. - type: array - items: - type: string - GoogleCloudRunV2NodeSelector: - id: GoogleCloudRunV2NodeSelector - description: Hardware constraints configuration. - type: object - properties: - accelerator: - description: Required. GPU accelerator type to attach to an instance. - type: string - GoogleCloudRunV2Condition: - id: GoogleCloudRunV2Condition - description: Defines a status condition for a resource. - type: object - properties: - type: description: >- type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. - type: string - state: - description: State of the condition. - type: string - enumDescriptions: - - The default value. This value is used if the state is omitted. - - 'Transient state: Reconciliation has not started yet.' - - 'Transient state: reconciliation is still in progress.' - - 'Terminal state: Reconciliation did not succeed.' - - 'Terminal state: Reconciliation completed successfully.' - enum: - - STATE_UNSPECIFIED - - CONDITION_PENDING - - CONDITION_RECONCILING - - CONDITION_FAILED - - CONDITION_SUCCEEDED - message: - description: Human readable message indicating details about the current status. - type: string - lastTransitionTime: - description: Last time the condition transitioned from one status to another. - type: string - format: google-datetime severity: description: >- How to interpret failures of this condition, one of Error, Warning, Info - type: string enumDescriptions: - Unspecified severity - Error severity. - Warning severity. - Info severity. - enum: - - SEVERITY_UNSPECIFIED - - ERROR - - WARNING - - INFO - reason: - description: Output only. A common (service-level) reason for this condition. - readOnly: true type: string - enumDescriptions: - - Default value. - - Reason unknown. Further details will be in message. - - Revision creation process failed. - - Timed out waiting for completion. - - The container image path is incorrect. - - Insufficient permissions on the container image. - - Container image is not authorized by policy. - - Container image policy authorization check failed. - - Insufficient permissions on encryption key. - - Permission check on encryption key failed. - - At least one Access check on secrets failed. - - Waiting for operation to complete. - - System will retry immediately. - - System will retry later; current attempt failed. - - >- - An internal error occurred. Further information may be in the - message. - - User-provided VPC network was not found. enum: - - COMMON_REASON_UNDEFINED - - UNKNOWN - - REVISION_FAILED - - PROGRESS_DEADLINE_EXCEEDED - - CONTAINER_MISSING - - CONTAINER_PERMISSION_DENIED - - CONTAINER_IMAGE_UNAUTHORIZED - - CONTAINER_IMAGE_AUTHORIZATION_CHECK_FAILED - - ENCRYPTION_KEY_PERMISSION_DENIED - - ENCRYPTION_KEY_CHECK_FAILED - - SECRETS_ACCESS_CHECK_FAILED - - WAITING_FOR_OPERATION - - IMMEDIATE_RETRY - - POSTPONED_RETRY - - INTERNAL - - VPC_NETWORK_NOT_FOUND - revisionReason: - description: Output only. A reason for the revision condition. + - SEVERITY_UNSPECIFIED + - ERROR + - WARNING + - INFO + executionReason: + description: Output only. A reason for the execution condition. readOnly: true + enumDescriptions: + - Default value. + - Internal system error getting execution status. System will retry. + - >- + A task reached its retry limit and the last attempt failed due to + the user container exiting with a non-zero exit code. + - The execution was cancelled by users. + - The execution is in the process of being cancelled. + - The execution was deleted. + - A Flex priority execution is waiting for a start time. + enum: + - EXECUTION_REASON_UNDEFINED + - JOB_STATUS_SERVICE_POLLING_ERROR + - NON_ZERO_EXIT_CODE + - CANCELLED + - CANCELLING + - DELETED + - FLEX_START_PENDING type: string + revisionReason: + enum: + - REVISION_REASON_UNDEFINED + - PENDING + - RESERVE + - RETIRED + - RETIRING + - RECREATING + - HEALTH_CHECK_CONTAINER_ERROR + - CUSTOMIZED_PATH_RESPONSE_PENDING + - MIN_INSTANCES_NOT_PROVISIONED + - ACTIVE_REVISION_LIMIT_REACHED + - NO_DEPLOYMENT + - HEALTH_CHECK_SKIPPED + - MIN_INSTANCES_WARMING + readOnly: true enumDescriptions: - Default value. - Revision in Pending state. @@ -1506,928 +948,1295 @@ components: - >- A revision with min_instance_count > 0 was created and is waiting for enough instances to begin a traffic migration. + description: Output only. A reason for the revision condition. + type: string + state: enum: - - REVISION_REASON_UNDEFINED - - PENDING - - RESERVE - - RETIRED - - RETIRING - - RECREATING - - HEALTH_CHECK_CONTAINER_ERROR - - CUSTOMIZED_PATH_RESPONSE_PENDING - - MIN_INSTANCES_NOT_PROVISIONED - - ACTIVE_REVISION_LIMIT_REACHED - - NO_DEPLOYMENT - - HEALTH_CHECK_SKIPPED - - MIN_INSTANCES_WARMING - executionReason: - description: Output only. A reason for the execution condition. + - STATE_UNSPECIFIED + - CONDITION_PENDING + - CONDITION_RECONCILING + - CONDITION_FAILED + - CONDITION_SUCCEEDED + enumDescriptions: + - The default value. This value is used if the state is omitted. + - 'Transient state: Reconciliation has not started yet.' + - 'Transient state: reconciliation is still in progress.' + - 'Terminal state: Reconciliation did not succeed.' + - 'Terminal state: Reconciliation completed successfully.' + type: string + description: State of the condition. + lastTransitionTime: + type: string + format: google-datetime + description: Last time the condition transitioned from one status to another. + description: Defines a status condition for a resource. + GoogleIamV1Policy: + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + type: object + id: GoogleIamV1Policy + properties: + bindings: + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + type: array + items: + $ref: '#/components/schemas/GoogleIamV1Binding' + etag: + type: string + format: byte + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + auditConfigs: + description: Specifies cloud audit logging configuration for this policy. + type: array + items: + $ref: '#/components/schemas/GoogleIamV1AuditConfig' + version: + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + format: int32 + type: integer + GoogleDevtoolsCloudbuildV1Secrets: + properties: + inline: + type: array + description: >- + Secrets encrypted with KMS key and the associated secret environment + variable. + items: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1InlineSecret' + secretManager: + type: array + description: >- + Secrets in Secret Manager and associated secret environment + variable. + items: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1SecretManagerSecret' + type: object + description: Secrets and secret environment variables. + id: GoogleDevtoolsCloudbuildV1Secrets + GoogleCloudRunV2RevisionScalingStatus: + description: Effective settings for the current revision + type: object + properties: + desiredMinInstanceCount: + format: int32 + description: The current number of min instances provisioned for this revision. + type: integer + id: GoogleCloudRunV2RevisionScalingStatus + GoogleCloudRunV2ExportStatusResponse: + type: object + properties: + operationState: + description: Output only. The state of the overall export operation. readOnly: true + enumDescriptions: + - State unspecified. + - Operation still in progress. + - Operation finished. + enum: + - OPERATION_STATE_UNSPECIFIED + - IN_PROGRESS + - FINISHED + type: string + imageExportStatuses: + type: array + description: The status of each image export job. + items: + $ref: '#/components/schemas/GoogleCloudRunV2ImageExportStatus' + operationId: + description: The operation id. + type: string + id: GoogleCloudRunV2ExportStatusResponse + description: >- + ExportStatusResponse contains the status of image export operation, with + the status of each image export job. + GoogleDevtoolsCloudbuildV1RepoSource: + id: GoogleDevtoolsCloudbuildV1RepoSource + type: object + description: Location of the source in a Google Cloud Source Repository. + properties: + dir: + description: >- + Optional. Directory, relative to the source root, in which to run + the build. This must be a relative path. If a step's `dir` is + specified and is an absolute path, this value is ignored for that + step's execution. + type: string + branchName: + type: string + description: >- + Regex matching branches to build. The syntax of the regular + expressions accepted is the syntax accepted by RE2 and described at + https://github.com/google/re2/wiki/Syntax + projectId: + type: string + description: >- + Optional. ID of the project that owns the Cloud Source Repository. + If omitted, the project ID requesting the build is assumed. + invertRegex: + type: boolean + description: >- + Optional. Only trigger a build if the revision regex does NOT match + the revision regex. + repoName: + type: string + description: Required. Name of the Cloud Source Repository. + substitutions: + additionalProperties: + type: string + description: >- + Optional. Substitutions to use in a triggered build. Should only be + used with RunBuildTrigger + type: object + commitSha: + description: Explicit commit SHA to build. type: string - enumDescriptions: - - Default value. - - Internal system error getting execution status. System will retry. - - >- - A task reached its retry limit and the last attempt failed due to - the user container exiting with a non-zero exit code. - - The execution was cancelled by users. - - The execution is in the process of being cancelled. - - The execution was deleted. - enum: - - EXECUTION_REASON_UNDEFINED - - JOB_STATUS_SERVICE_POLLING_ERROR - - NON_ZERO_EXIT_CODE - - CANCELLED - - CANCELLING - - DELETED - GoogleCloudRunV2ListExecutionsResponse: - id: GoogleCloudRunV2ListExecutionsResponse - description: Response message containing a list of Executions. + tagName: + type: string + description: >- + Regex matching tags to build. The syntax of the regular expressions + accepted is the syntax accepted by RE2 and described at + https://github.com/google/re2/wiki/Syntax + GoogleDevtoolsCloudbuildV1TimeSpan: type: object + id: GoogleDevtoolsCloudbuildV1TimeSpan + description: Start and end times for a build execution phase. properties: - executions: - description: The resulting list of Executions. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2Execution' - nextPageToken: - description: >- - A token indicating there are more items than page_size. Use it in - the next ListExecutions request to continue. + endTime: + format: google-datetime type: string - GoogleCloudRunV2CancelExecutionRequest: - id: GoogleCloudRunV2CancelExecutionRequest - description: Request message for deleting an Execution. + description: End of time span. + startTime: + format: google-datetime + type: string + description: Start of time span. + GoogleDevtoolsCloudbuildV1GoModule: + id: GoogleDevtoolsCloudbuildV1GoModule type: object + description: >- + Go module to upload to Artifact Registry upon successful completion of + all build steps. A module refers to all dependencies in a go.mod file. properties: - validateOnly: + sourcePath: description: >- - Indicates that the request should be validated without actually - cancelling any resources. - type: boolean - etag: + Optional. Source path of the go.mod file in the build's workspace. + If not specified, this will default to the current directory. e.g. + ~/code/go/mypackage + type: string + repositoryLocation: + type: string description: >- - A system-generated fingerprint for this version of the resource. - This may be used to detect modification conflict during updates. + Optional. Location of the Artifact Registry repository. i.e. + us-east1 Defaults to the build’s location. + modulePath: + description: Optional. The Go module's "module path". e.g. example.com/foo/v2 type: string - GoogleCloudRunV2Job: - id: GoogleCloudRunV2Job + repositoryName: + type: string + description: >- + Optional. Artifact Registry repository name. Specified Go modules + will be zipped and uploaded to Artifact Registry with this location + as a prefix. e.g. my-go-repo + moduleVersion: + type: string + description: >- + Optional. The Go module's semantic version in the form vX.Y.Z. e.g. + v0.1.1 Pre-release identifiers can also be added by appending a dash + and dot separated ASCII alphanumeric characters and hyphens. e.g. + v0.2.3-alpha.x.12m.5 + repositoryProjectId: + description: >- + Optional. Project ID of the Artifact Registry repository. Defaults + to the build project. + type: string + GoogleDevtoolsCloudbuildV1Build: description: >- - Job represents the configuration of a single job, which references a - container image that is run to completion. - type: object + A build resource in the Cloud Build API. At a high level, a `Build` + describes where to find source code, how to build it (for example, the + builder image to run on the source), and where to store the built + artifacts. Fields can include the following variables, which will be + expanded when the build is created: - $PROJECT_ID: the project ID of the + build. - $PROJECT_NUMBER: the project number of the build. - $LOCATION: + the location/region of the build. - $BUILD_ID: the autogenerated ID of + the build. - $REPO_NAME: the source repository name specified by + RepoSource. - $BRANCH_NAME: the branch name specified by RepoSource. - + $TAG_NAME: the tag name specified by RepoSource. - $REVISION_ID or + $COMMIT_SHA: the commit SHA specified by RepoSource or resolved from the + specified branch or tag. - $SHORT_SHA: first 7 characters of + $REVISION_ID or $COMMIT_SHA. + id: GoogleDevtoolsCloudbuildV1Build properties: - name: + dependencies: + items: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Dependency' + type: array description: >- - The fully qualified name of this Job. Format: - projects/{project}/locations/{location}/jobs/{job} + Optional. Dependencies that the Cloud Build worker will fetch before + executing user steps. + startTime: + readOnly: true type: string - uid: - description: >- - Output only. Server assigned unique identifier for the Execution. - The value is a UUID4 string and guaranteed to remain unchanged until - the resource is deleted. + format: google-datetime + description: Output only. Time at which execution of the build was started. + tags: + description: Tags for annotation of a `Build`. These are not docker tags. + type: array + items: + type: string + createTime: readOnly: true + format: google-datetime type: string - generation: description: >- - Output only. A number that monotonically increases every time the - user modifies the desired state. + Output only. Time at which the request to create the build was + received. + logsBucket: + description: >- + Cloud Storage bucket where logs should be written (see [Bucket Name + Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). + Logs file names will be of the format + `${logs_bucket}/log-${build_id}.txt`. + type: string + name: + type: string readOnly: true + description: >- + Output only. The 'Build' name with format: + `projects/{project}/locations/{location}/builds/{build}`, where + {build} is a unique identifier generated by the service. + finishTime: + format: google-datetime + readOnly: true + description: >- + Output only. Time at which execution of the build was finished. The + difference between finish_time and start_time is the duration of the + build's execution. type: string - format: int64 - labels: + failureInfo: description: >- - Unstructured key value map that can be used to organize and - categorize objects. User-provided labels are shared with Google's - billing system, so they can be used to filter, or break down billing - charges by team, component, environment, state, etc. For more - information, visit - https://cloud.google.com/resource-manager/docs/creating-managing-labels - or https://cloud.google.com/run/docs/configuring/labels. Cloud Run - API v2 does not support labels with `run.googleapis.com`, - `cloud.googleapis.com`, `serving.knative.dev`, or - `autoscaling.knative.dev` namespaces, and they will be rejected. All - system labels in v1 now have a corresponding field in v2 Job. + Output only. Contains information about the build when + status=FAILURE. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1FailureInfo' + readOnly: true + substitutions: type: object additionalProperties: type: string - annotations: + description: Substitutions data for `Build` resource. + approval: + readOnly: true description: >- - Unstructured key value map that may be set by external tools to - store and arbitrary metadata. They are not queryable and should be - preserved when modifying objects. Cloud Run API v2 does not support - annotations with `run.googleapis.com`, `cloud.googleapis.com`, - `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and - they will be rejected on new resources. All system annotations in v1 - now have a corresponding field in v2 Job. This field follows - Kubernetes annotations' namespacing, limits, and rules. - type: object - additionalProperties: - type: string - createTime: - description: Output only. The creation time. + Output only. Describes this build's approval configuration, status, + and result. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1BuildApproval' + options: + description: Special options for this build. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1BuildOptions' + status: + enumDescriptions: + - Status of the build is unknown. + - >- + Build has been created and is pending execution and queuing. It + has not been queued. + - Build or step is queued; work has not yet begun. + - Build or step is being executed. + - Build or step finished successfully. + - Build or step failed to complete successfully. + - Build or step failed due to an internal cause. + - Build or step took longer than was allowed. + - Build or step was canceled by a user. + - Build was enqueued for longer than the value of `queue_ttl`. + type: string + enum: + - STATUS_UNKNOWN + - PENDING + - QUEUED + - WORKING + - SUCCESS + - FAILURE + - INTERNAL_ERROR + - TIMEOUT + - CANCELLED + - EXPIRED + description: Output only. Status of the build. readOnly: true + gitConfig: + description: Optional. Configuration for git operations. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1GitConfig' + serviceAccount: type: string - format: google-datetime - updateTime: - description: Output only. The last-modified time. + description: >- + IAM service account whose credentials will be used at build runtime. + Must be of the format + `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. ACCOUNT can be + email address or uniqueId of the service account. + logUrl: + type: string + readOnly: true + description: Output only. URL to logs for this build in Google Cloud Console. + warnings: readOnly: true + items: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Warning' + description: >- + Output only. Non-fatal problems encountered during the execution of + the build. + type: array + id: type: string - format: google-datetime - deleteTime: - description: >- - Output only. The deletion time. It is only populated as a response - to a Delete request. + description: Output only. Unique identifier of the build. + readOnly: true + statusDetail: readOnly: true + description: Output only. Customer-readable message about the current status. type: string - format: google-datetime - expireTime: + artifacts: description: >- - Output only. For a deleted resource, the time after which it will be - permamently deleted. + Artifacts produced by the build that should be uploaded upon + successful completion of all build steps. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Artifacts' + sourceProvenance: readOnly: true + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1SourceProvenance' + description: Output only. A permanent fixed identifier for source. + timeout: + description: >- + Amount of time that this build should be allowed to run, to second + granularity. If this amount of time elapses, work on the build will + cease and the build status will be `TIMEOUT`. `timeout` starts + ticking from `startTime`. Default time is 60 minutes. + format: google-duration type: string - format: google-datetime - creator: - description: Output only. Email address of the authenticated creator. - readOnly: true + queueTtl: + description: >- + TTL in queue for this build. If provided and the build is enqueued + longer than this value, the build will expire and the build status + will be `EXPIRED`. The TTL starts ticking from create_time. type: string - lastModifier: - description: Output only. Email address of the last authenticated modifier. + format: google-duration + timing: readOnly: true - type: string - client: - description: Arbitrary identifier for the API client. - type: string - clientVersion: - description: Arbitrary version identifier for the API client. - type: string - launchStage: + additionalProperties: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' description: >- - The launch stage as defined by [Google Cloud Platform Launch - Stages](https://cloud.google.com/terms/launch-stages). Cloud Run - supports `ALPHA`, `BETA`, and `GA`. If no value is specified, GA is - assumed. Set the launch stage to a preview stage on input to allow - use of preview features in that stage. On read (or output), - describes whether the resource uses preview features. For example, - if ALPHA is provided as input, but only BETA and GA-level features - are used, this field will be BETA on output. - type: string - enumDescriptions: - - Do not use this default value. - - The feature is not yet implemented. Users can not use it. - - >- - Prelaunch features are hidden from users and are only visible - internally. - - >- - Early Access features are limited to a closed group of testers. To - use these features, you must sign up in advance and sign a Trusted - Tester agreement (which includes confidentiality provisions). - These features may be unstable, changed in backward-incompatible - ways, and are not guaranteed to be released. - - >- - Alpha is a limited availability test for releases before they are - cleared for widespread use. By Alpha, all significant design - issues are resolved and we are in the process of verifying - functionality. Alpha customers need to apply for access, agree to - applicable terms, and have their projects allowlisted. Alpha - releases don't have to be feature complete, no SLAs are provided, - and there are no technical support obligations, but they will be - far enough along that customers can actually use them in test - environments or for limited-use tests -- just like they would in - normal production cases. - - >- - Beta is the point at which we are ready to open a release for any - customer to use. There are no SLA or technical support obligations - in a Beta release. Products will be complete from a feature - perspective, but may have some open outstanding issues. Beta - releases are suitable for limited production use cases. - - >- - GA features are open to all developers and are considered stable - and fully qualified for production use. - - >- - Deprecated features are scheduled to be shut down and removed. For - more information, see the "Deprecation Policy" section of our - [Terms of Service](https://cloud.google.com/terms/) and the - [Google Cloud Platform Subject to the Deprecation - Policy](https://cloud.google.com/terms/deprecation) documentation. - enum: - - LAUNCH_STAGE_UNSPECIFIED - - UNIMPLEMENTED - - PRELAUNCH - - EARLY_ACCESS - - ALPHA - - BETA - - GA - - DEPRECATED - binaryAuthorization: - description: Settings for the Binary Authorization feature. - $ref: '#/components/schemas/GoogleCloudRunV2BinaryAuthorization' - template: - description: Required. The template used to create executions for this Job. - $ref: '#/components/schemas/GoogleCloudRunV2ExecutionTemplate' - observedGeneration: + Output only. Stores timing information for phases of the build. + Valid keys are: * BUILD: time to execute all build steps. * PUSH: + time to push all artifacts including docker images and non docker + artifacts. * FETCHSOURCE: time to fetch source. * SETUPBUILD: time + to set up build. If the build does not specify source or images, + these keys will not be included. + type: object + buildTriggerId: description: >- - Output only. The generation of this Job. See comments in - `reconciling` for additional information on reconciliation process - in Cloud Run. + Output only. The ID of the `BuildTrigger` that triggered this build, + if it was triggered automatically. readOnly: true type: string - format: int64 - terminalCondition: + images: + type: array + items: + type: string description: >- - Output only. The Condition of this Job, containing its readiness - status, and detailed error information in case it did not reach the - desired state. - readOnly: true - $ref: '#/components/schemas/GoogleCloudRunV2Condition' - conditions: + A list of images to be pushed upon the successful completion of all + build steps. The images are pushed using the builder service + account's credentials. The digests of the pushed images will be + stored in the `Build` resource's results field. If any of the images + fail to be pushed, the build status is marked `FAILURE`. + secrets: description: >- - Output only. The Conditions of all other associated sub-resources. - They contain additional diagnostics information in case the Job does - not reach its desired state. See comments in `reconciling` for - additional information on reconciliation process in Cloud Run. - readOnly: true + Secrets to decrypt using Cloud Key Management Service. Note: Secret + Manager is the recommended technique for managing sensitive data + with Cloud Build. Use `available_secrets` to configure builds to + access secrets from Secret Manager. For instructions, see: + https://cloud.google.com/cloud-build/docs/securing-builds/use-secrets type: array items: - $ref: '#/components/schemas/GoogleCloudRunV2Condition' - executionCount: - description: Output only. Number of executions created for this job. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Secret' + projectId: readOnly: true - type: integer - format: int32 - latestCreatedExecution: - description: Output only. Name of the last created execution. + type: string + description: Output only. ID of the project. + results: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Results' + description: Output only. Results of the build. readOnly: true - $ref: '#/components/schemas/GoogleCloudRunV2ExecutionReference' - reconciling: + availableSecrets: + description: Secrets and secret environment variables. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Secrets' + source: + description: Optional. The location of the source files to build. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Source' + steps: + items: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1BuildStep' + type: array + description: Required. The operations to be performed on the workspace. + type: object + GoogleCloudRunV2ExportImageRequest: + description: Request message for exporting Cloud Run image. + type: object + properties: + destinationRepo: + description: Required. The export destination url (the Artifact Registry repo). + type: string + id: GoogleCloudRunV2ExportImageRequest + GoogleRpcStatus: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + properties: + code: + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + message: description: >- - Output only. Returns true if the Job is currently being acted upon - by the system to bring it into the desired state. When a new Job is - created, or an existing one is updated, Cloud Run will - asynchronously perform all necessary steps to bring the Job to the - desired state. This process is called reconciliation. While - reconciliation is in process, `observed_generation` and - `latest_succeeded_execution`, will have transient values that might - mismatch the intended state: Once reconciliation is over (and this - field is false), there are two possible outcomes: reconciliation - succeeded and the state matches the Job, or there was an error, and - reconciliation failed. This state can be found in - `terminal_condition.state`. If reconciliation succeeded, the - following fields will match: `observed_generation` and `generation`, - `latest_succeeded_execution` and `latest_created_execution`. If - reconciliation failed, `observed_generation` and - `latest_succeeded_execution` will have the state of the last - succeeded execution or empty for newly created Job. Additional - information on the failure can be found in `terminal_condition` and - `conditions`. - readOnly: true - type: boolean - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - startExecutionToken: + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + details: + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any description: >- - A unique string used as a suffix creating a new execution. The Job - will become ready when the execution is successfully started. The - sum of job name and token length must be fewer than 63 characters. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + type: object + id: GoogleRpcStatus + GoogleLongrunningWaitOperationRequest: + description: The request message for Operations.WaitOperation. + id: GoogleLongrunningWaitOperationRequest + type: object + properties: + timeout: type: string - runExecutionToken: + format: google-duration description: >- - A unique string used as a suffix for creating a new execution. The - Job will become ready when the execution is successfully completed. - The sum of job name and token length must be fewer than 63 + The maximum duration to wait before timing out. If left blank, the + wait will be at most the time permitted by the underlying HTTP/RPC + protocol. If RPC context deadline is also specified, the shorter one + will be used. + GoogleCloudRunV2EnvVar: + id: GoogleCloudRunV2EnvVar + properties: + name: + description: >- + Required. Name of the environment variable. Must not exceed 32768 characters. type: string - etag: - description: >- - Optional. A system-generated fingerprint for this version of the - resource. May be used to detect modification conflict during - updates. + valueSource: + description: Source for the environment variable's value. + $ref: '#/components/schemas/GoogleCloudRunV2EnvVarSource' + value: type: string - GoogleCloudRunV2BinaryAuthorization: - id: GoogleCloudRunV2BinaryAuthorization - description: Settings for Binary Authorization feature. + description: >- + Literal value of the environment variable. Defaults to "", and the + maximum length is 32768 bytes. Variable references are not supported + in Cloud Run. + description: EnvVar represents an environment variable present in a Container. + type: object + GoogleCloudRunV2NFSVolumeSource: type: object + description: Represents an NFS mount. properties: - useDefault: - description: >- - Optional. If True, indicates to use the default project's binary - authorization policy. If False, binary authorization will be - disabled. - type: boolean - policy: - description: >- - Optional. The path to a binary authorization policy. Format: - `projects/{project}/platforms/cloudRun/{policy-name}` + server: type: string - breakglassJustification: + description: Hostname or IP address of the NFS server + path: + type: string + description: Path that is exported by the NFS server. + readOnly: + description: If true, the volume will be mounted as read only for all mounts. + type: boolean + id: GoogleCloudRunV2NFSVolumeSource + GoogleDevtoolsCloudbuildV1PoolOption: + properties: + name: description: >- - Optional. If present, indicates to use Breakglass using this - justification. If use_default is False, then it must be empty. For - more information on breakglass, see - https://cloud.google.com/binary-authorization/docs/using-breakglass + The `WorkerPool` resource to execute the build on. You must have + `cloudbuild.workerpools.use` on the project hosting the WorkerPool. + Format + projects/{project}/locations/{location}/workerPools/{workerPoolId} type: string - GoogleCloudRunV2ExecutionTemplate: - id: GoogleCloudRunV2ExecutionTemplate + type: object + id: GoogleDevtoolsCloudbuildV1PoolOption description: >- - ExecutionTemplate describes the data an execution should have when - created from a template. + Details about how a build should be executed on a `WorkerPool`. See + [running builds in a private + pool](https://cloud.google.com/build/docs/private-pools/run-builds-in-private-pool) + for more information. + GoogleDevtoolsCloudbuildV1SourceProvenance: type: object + description: >- + Provenance of the source. Ways to find the original source, or verify + that some source was used for this build. properties: - labels: + resolvedStorageSource: description: >- - Unstructured key value map that can be used to organize and - categorize objects. User-provided labels are shared with Google's - billing system, so they can be used to filter, or break down billing - charges by team, component, environment, state, etc. For more - information, visit - https://cloud.google.com/resource-manager/docs/creating-managing-labels - or https://cloud.google.com/run/docs/configuring/labels. Cloud Run - API v2 does not support labels with `run.googleapis.com`, - `cloud.googleapis.com`, `serving.knative.dev`, or - `autoscaling.knative.dev` namespaces, and they will be rejected. All - system labels in v1 now have a corresponding field in v2 - ExecutionTemplate. - type: object - additionalProperties: - type: string - annotations: + A copy of the build's `source.storage_source`, if exists, with any + generations resolved. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1StorageSource' + resolvedStorageSourceManifest: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1StorageSourceManifest' description: >- - Unstructured key value map that may be set by external tools to - store and arbitrary metadata. They are not queryable and should be - preserved when modifying objects. Cloud Run API v2 does not support - annotations with `run.googleapis.com`, `cloud.googleapis.com`, - `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and - they will be rejected. All system annotations in v1 now have a - corresponding field in v2 ExecutionTemplate. This field follows - Kubernetes annotations' namespacing, limits, and rules. + A copy of the build's `source.storage_source_manifest`, if exists, + with any revisions resolved. This feature is in Preview. + fileHashes: + description: >- + Output only. Hash(es) of the build source, which can be used to + verify that the original source integrity was maintained in the + build. Note that `FileHashes` will only be populated if + `BuildOptions` has requested a `SourceProvenanceHash`. The keys to + this map are file paths used as build source and the values contain + the hash values for those files. If the build source came in a + single package such as a gzipped tarfile (`.tar.gz`), the `FileHash` + will be for the single path to that file. type: object additionalProperties: - type: string - parallelism: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1FileHashes' + readOnly: true + resolvedConnectedRepository: description: >- - Optional. Specifies the maximum desired number of tasks the - execution should run at given time. When the job is run, if this - field is 0 or unset, the maximum possible value will be used for - that execution. The actual number of tasks running in steady state - will be less than this number when there are fewer tasks waiting to - be completed remaining, i.e. when the work left to do is less than - max parallelism. + Output only. A copy of the build's `source.connected_repository`, if + exists, with any revisions resolved. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1ConnectedRepository' + readOnly: true + resolvedRepoSource: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1RepoSource' + description: >- + A copy of the build's `source.repo_source`, if exists, with any + revisions resolved. + resolvedGitSource: + description: >- + Output only. A copy of the build's `source.git_source`, if exists, + with any revisions resolved. + readOnly: true + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1GitSource' + id: GoogleDevtoolsCloudbuildV1SourceProvenance + UtilStatusProto: + id: UtilStatusProto + type: object + description: Wire-format for a Status object + properties: + message: + description: >- + Detail message copybara:strip_begin(b/383363683) + copybara:strip_end_and_replace optional string message = 3; + type: string + code: type: integer + description: >- + Numeric code drawn from the space specified below. Often, this is + the canonical error space, and code is drawn from + google3/util/task/codes.proto copybara:strip_begin(b/383363683) + copybara:strip_end_and_replace optional int32 code = 1; format: int32 - taskCount: + space: + type: string description: >- - Specifies the desired number of tasks the execution should run. - Setting to 1 means that parallelism is limited to 1 and the success - of that task signals the success of the execution. Defaults to 1. + copybara:strip_begin(b/383363683) Space to which this status belongs + copybara:strip_end_and_replace optional string space = 2; // Space + to which this status belongs + canonicalCode: + description: >- + copybara:strip_begin(b/383363683) copybara:strip_end_and_replace + optional int32 canonical_code = 6; type: integer format: int32 - template: + messageSet: description: >- - Required. Describes the task(s) that will be created when executing - an execution. - $ref: '#/components/schemas/GoogleCloudRunV2TaskTemplate' - GoogleCloudRunV2ExecutionReference: - id: GoogleCloudRunV2ExecutionReference - description: >- - Reference to an Execution. Use /Executions.GetExecution with the given - name to get full execution including the latest status. + message_set associates an arbitrary proto message with the status. + copybara:strip_begin(b/383363683) copybara:strip_end_and_replace + optional proto2.bridge.MessageSet message_set = 5; + $ref: '#/components/schemas/Proto2BridgeMessageSet' + GoogleLongrunningOperation: type: object + id: GoogleLongrunningOperation properties: name: - description: Name of the execution. - type: string - createTime: - description: Creation timestamp of the execution. - type: string - format: google-datetime - completionTime: - description: Creation timestamp of the execution. - type: string - format: google-datetime - deleteTime: description: >- - The deletion time of the execution. It is only populated as a - response to a Delete request. - type: string - format: google-datetime - completionStatus: - description: Status for the execution completion. + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string - enumDescriptions: - - The default value. This value is used if the state is omitted. - - Job execution has succeeded. - - Job execution has failed. - - Job execution is running normally. - - Waiting for backing resources to be provisioned. - - Job execution has been cancelled by the user. - enum: - - COMPLETION_STATUS_UNSPECIFIED - - EXECUTION_SUCCEEDED - - EXECUTION_FAILED - - EXECUTION_RUNNING - - EXECUTION_PENDING - - EXECUTION_CANCELLED - GoogleCloudRunV2ListJobsResponse: - id: GoogleCloudRunV2ListJobsResponse - description: Response message containing a list of Jobs. + response: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + metadata: + type: object + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/GoogleRpcStatus' + description: >- + This resource represents a long-running operation that is the result of + a network API call. + GoogleDevtoolsCloudbuildV1ArtifactObjects: + description: >- + Files in the workspace to upload to Cloud Storage upon successful + completion of all build steps. + id: GoogleDevtoolsCloudbuildV1ArtifactObjects type: object properties: - jobs: - description: The resulting list of Jobs. + paths: + description: Path globs used to match files in the build's workspace. type: array items: - $ref: '#/components/schemas/GoogleCloudRunV2Job' - nextPageToken: + type: string + location: + type: string description: >- - A token indicating there are more items than page_size. Use it in - the next ListJobs request to continue. + Cloud Storage bucket and optional object path, in the form + "gs://bucket/path/to/somewhere/". (see [Bucket Name + Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). + Files in the workspace matching any path pattern will be uploaded to + Cloud Storage with this location as a prefix. + timing: + description: >- + Output only. Stores timing information for pushing all artifact + objects. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' + readOnly: true + GoogleDevtoolsCloudbuildV1InlineSecret: + type: object + id: GoogleDevtoolsCloudbuildV1InlineSecret + description: >- + Pairs a set of secret environment variables mapped to encrypted values + with the Cloud KMS key to use to decrypt the value. + properties: + envMap: + type: object + additionalProperties: + type: string + format: byte + description: >- + Map of environment variable name to its encrypted value. Secret + environment variables must be unique across all of a build's + secrets, and must be used by at least one build step. Values can be + at most 64 KB in size. There can be at most 100 secret values across + all of a build's secrets. + kmsKeyName: + description: >- + Resource name of Cloud KMS crypto key to decrypt the encrypted + value. In format: projects/*/locations/*/keyRings/*/cryptoKeys/* type: string - GoogleCloudRunV2RunJobRequest: - id: GoogleCloudRunV2RunJobRequest - description: Request message to create a new Execution of a Job. + GoogleCloudRunV2TaskTemplate: type: object properties: - validateOnly: + vpcAccess: + $ref: '#/components/schemas/GoogleCloudRunV2VpcAccess' description: >- - Indicates that the request should be validated without actually - deleting any resources. + Optional. VPC Access configuration to use for this Task. For more + information, visit + https://cloud.google.com/run/docs/configuring/connecting-vpc. + serviceAccount: + type: string + description: >- + Optional. Email address of the IAM service account associated with + the Task of a Job. The service account represents the identity of + the running task, and determines what permissions the task has. If + not provided, the task will use the project's default service + account. + executionEnvironment: + enumDescriptions: + - Unspecified + - Uses the First Generation environment. + - Uses Second Generation environment. + type: string + enum: + - EXECUTION_ENVIRONMENT_UNSPECIFIED + - EXECUTION_ENVIRONMENT_GEN1 + - EXECUTION_ENVIRONMENT_GEN2 + description: Optional. The execution environment being used to host this Task. + gpuZonalRedundancyDisabled: type: boolean - etag: description: >- - A system-generated fingerprint for this version of the resource. May - be used to detect modification conflict during updates. + Optional. True if GPU zonal redundancy is disabled on this task + template. + timeout: + description: >- + Optional. Max allowed time duration the Task may be active before + the system will actively try to mark it failed and kill associated + containers. This applies per attempt of a task, meaning each retry + can run for the full timeout. Defaults to 600 seconds. type: string - overrides: + format: google-duration + containers: description: >- - Overrides specification for a given execution of a job. If provided, - overrides will be applied to update the execution or task spec. - $ref: '#/components/schemas/GoogleCloudRunV2Overrides' - GoogleCloudRunV2Overrides: - id: GoogleCloudRunV2Overrides - description: RunJob Overrides that contains Execution fields to be overridden. - type: object - properties: - containerOverrides: - description: Per container override specification. + Holds the single container that defines the unit of execution for + this task. type: array items: - $ref: '#/components/schemas/GoogleCloudRunV2ContainerOverride' - taskCount: + $ref: '#/components/schemas/GoogleCloudRunV2Container' + volumes: + items: + $ref: '#/components/schemas/GoogleCloudRunV2Volume' + description: Optional. A list of Volumes to make available to containers. + type: array + encryptionKey: + type: string description: >- - Optional. The desired number of tasks the execution should run. Will - replace existing task_count value. + A reference to a customer managed encryption key (CMEK) to use to + encrypt this container image. For more information, go to + https://cloud.google.com/run/docs/securing/using-cmek + maxRetries: type: integer format: int32 - timeout: description: >- - Duration in seconds the task may be active before the system will - actively try to mark it failed and kill associated containers. Will - replace existing timeout_seconds value. - type: string - format: google-duration - GoogleCloudRunV2ContainerOverride: - id: GoogleCloudRunV2ContainerOverride - description: Per-container override specification. + Number of retries allowed per Task, before marking this Task failed. + Defaults to 3. + nodeSelector: + $ref: '#/components/schemas/GoogleCloudRunV2NodeSelector' + description: Optional. The node selector for the task template. + description: >- + TaskTemplate describes the data a task should have when created from a + template. + id: GoogleCloudRunV2TaskTemplate + GoogleCloudRunV2InstanceSplit: type: object + id: GoogleCloudRunV2InstanceSplit + description: >- + Holds a single instance split entry for the Worker. Allocations can be + done to a specific Revision name, or pointing to the latest Ready + Revision. properties: - name: - description: The name of the container specified as a DNS_LABEL. + type: + enum: + - INSTANCE_SPLIT_ALLOCATION_TYPE_UNSPECIFIED + - INSTANCE_SPLIT_ALLOCATION_TYPE_LATEST + - INSTANCE_SPLIT_ALLOCATION_TYPE_REVISION type: string - args: + enumDescriptions: + - Unspecified instance allocation type. + - Allocates instances to the Service's latest ready Revision. + - Allocates instances to a Revision by name. + description: The allocation type for this instance split. + percent: + format: int32 + type: integer description: >- - Optional. Arguments to the entrypoint. Will replace existing args - for override. - type: array - items: - type: string - env: + Specifies percent of the instance split to this Revision. This + defaults to zero if unspecified. + revision: + type: string description: >- - List of environment variables to set in the container. Will be - merged with existing env for override. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2EnvVar' - clearArgs: - description: Optional. True if the intention is to clear out existing args list. - type: boolean - GoogleIamV1Policy: - id: GoogleIamV1Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). - type: object + Revision to which to assign this portion of instances, if split + allocation is by revision. + GoogleCloudRunV2TrafficTarget: properties: - version: + percent: description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + Specifies percent of the traffic to this Revision. This defaults to + zero if unspecified. type: integer format: int32 - bindings: + type: + enumDescriptions: + - Unspecified instance allocation type. + - Allocates instances to the Service's latest ready Revision. + - Allocates instances to a Revision by name. + enum: + - TRAFFIC_TARGET_ALLOCATION_TYPE_UNSPECIFIED + - TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST + - TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION + description: The allocation type for this traffic target. + type: string + tag: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/GoogleIamV1Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. - type: array - items: - $ref: '#/components/schemas/GoogleIamV1AuditConfig' - etag: + Indicates a string to be part of the URI to exclusively reference + this target. + type: string + revision: description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. + Revision to which to send this portion of traffic, if traffic + allocation is by revision. type: string - format: byte - GoogleIamV1Binding: - id: GoogleIamV1Binding - description: Associates `members`, or principals, with a `role`. type: object + id: GoogleCloudRunV2TrafficTarget + description: >- + Holds a single traffic routing entry for the Service. Allocations can be + done to a specific Revision name, or pointing to the latest Ready + Revision. + GoogleDevtoolsCloudbuildV1BuildApproval: + id: GoogleDevtoolsCloudbuildV1BuildApproval properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + state: + enum: + - STATE_UNSPECIFIED + - PENDING + - APPROVED + - REJECTED + - CANCELLED + enumDescriptions: + - Default enum type. This should not be used. + - Build approval is pending. + - Build approval has been approved. + - Build approval has been rejected. + - Build was cancelled while it was still pending approval. type: string - members: - description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/GoogleTypeExpr' - GoogleTypeExpr: - id: GoogleTypeExpr + readOnly: true + description: Output only. The state of this build's approval. + result: + description: Output only. Result of manual approval for this Build. + readOnly: true + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1ApprovalResult' + config: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1ApprovalConfig' + description: Output only. Configuration for manual approval of this build. + readOnly: true description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + BuildApproval describes a build's approval configuration, state, and + result. type: object + GoogleDevtoolsCloudbuildV1HttpConfig: + id: GoogleDevtoolsCloudbuildV1HttpConfig + description: HttpConfig is a configuration for HTTP related git operations. properties: - expression: + proxySecretVersionName: + description: >- + SecretVersion resource of the HTTP proxy URL. The Service Account + used in the build (either the default Service Account or + user-specified Service Account) should have + `secretmanager.versions.access` permissions on this secret. The + proxy URL should be in format `protocol://@]proxyhost[:port]`. + type: string + type: object + GoogleCloudRunV2Execution: + type: object + id: GoogleCloudRunV2Execution + description: >- + Execution represents the configuration of a single execution. A + execution an immutable resource that references a container image which + is run to completion. + properties: + uid: + type: string + readOnly: true + description: >- + Output only. Server assigned unique identifier for the Execution. + The value is a UUID4 string and guaranteed to remain unchanged until + the resource is deleted. + createTime: + description: >- + Output only. Represents time when the execution was acknowledged by + the execution controller. It is not guaranteed to be set in + happens-before order across separate operations. + readOnly: true + type: string + format: google-datetime + runningCount: + format: int32 + readOnly: true + type: integer + description: Output only. The number of actively running tasks. + launchStage: + enumDescriptions: + - Do not use this default value. + - The feature is not yet implemented. Users can not use it. + - >- + Prelaunch features are hidden from users and are only visible + internally. + - >- + Early Access features are limited to a closed group of testers. To + use these features, you must sign up in advance and sign a Trusted + Tester agreement (which includes confidentiality provisions). + These features may be unstable, changed in backward-incompatible + ways, and are not guaranteed to be released. + - >- + Alpha is a limited availability test for releases before they are + cleared for widespread use. By Alpha, all significant design + issues are resolved and we are in the process of verifying + functionality. Alpha customers need to apply for access, agree to + applicable terms, and have their projects allowlisted. Alpha + releases don't have to be feature complete, no SLAs are provided, + and there are no technical support obligations, but they will be + far enough along that customers can actually use them in test + environments or for limited-use tests -- just like they would in + normal production cases. + - >- + Beta is the point at which we are ready to open a release for any + customer to use. There are no SLA or technical support obligations + in a Beta release. Products will be complete from a feature + perspective, but may have some open outstanding issues. Beta + releases are suitable for limited production use cases. + - >- + GA features are open to all developers and are considered stable + and fully qualified for production use. + - >- + Deprecated features are scheduled to be shut down and removed. For + more information, see the "Deprecation Policy" section of our + [Terms of Service](https://cloud.google.com/terms/) and the + [Google Cloud Platform Subject to the Deprecation + Policy](https://cloud.google.com/terms/deprecation) documentation. description: >- - Textual representation of an expression in Common Expression - Language syntax. + The least stable launch stage needed to create this resource, as + defined by [Google Cloud Platform Launch + Stages](https://cloud.google.com/terms/launch-stages). Cloud Run + supports `ALPHA`, `BETA`, and `GA`. Note that this value might not + be what was used as input. For example, if ALPHA was provided as + input in the parent resource, but only BETA and GA-level features + are were, this field will be BETA. type: string - title: + enum: + - LAUNCH_STAGE_UNSPECIFIED + - UNIMPLEMENTED + - PRELAUNCH + - EARLY_ACCESS + - ALPHA + - BETA + - GA + - DEPRECATED + retriedCount: + readOnly: true + format: int32 + description: Output only. The number of tasks which have retried at least once. + type: integer + parallelism: + type: integer + readOnly: true + format: int32 description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + Output only. Specifies the maximum desired number of tasks the + execution should run at any given time. Must be <= task_count. The + actual number of tasks running in steady state will be less than + this number when ((.spec.task_count - .status.successful) < + .spec.parallelism), i.e. when the work left to do is less than max + parallelism. + expireTime: + format: google-datetime type: string - description: description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: + Output only. For a deleted resource, the time after which it will be + permamently deleted. It is only populated as a response to a Delete + request. + readOnly: true + succeededCount: + readOnly: true + description: Output only. The number of tasks which reached phase Succeeded. + format: int32 + type: integer + taskCount: + type: integer + format: int32 description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + Output only. Specifies the desired number of tasks the execution + should run. Setting to 1 means that parallelism is limited to 1 and + the success of that task signals the success of the execution. + readOnly: true + deleteTime: type: string - GoogleIamV1AuditConfig: - id: GoogleIamV1AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. - type: object - properties: - service: + readOnly: true + format: google-datetime description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/GoogleIamV1AuditLogConfig' - GoogleIamV1AuditLogConfig: - id: GoogleIamV1AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - type: object - properties: - logType: - description: The log type that this config enables. - type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: + Output only. For a deleted resource, the deletion time. It is only + populated as a response to a Delete request. + labels: + readOnly: true description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: + Output only. Unstructured key value map that can be used to organize + and categorize objects. User-provided labels are shared with + Google's billing system, so they can be used to filter, or break + down billing charges by team, component, environment, state, etc. + For more information, visit + https://cloud.google.com/resource-manager/docs/creating-managing-labels + or https://cloud.google.com/run/docs/configuring/labels + additionalProperties: type: string - GoogleIamV1SetIamPolicyRequest: - id: GoogleIamV1SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: + type: object + cancelledCount: + type: integer + readOnly: true + format: int32 + description: Output only. The number of tasks which reached phase Cancelled. + annotations: description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/GoogleIamV1Policy' - updateMask: + Output only. Unstructured key value map that may be set by external + tools to store and arbitrary metadata. They are not queryable and + should be preserved when modifying objects. + type: object + additionalProperties: + type: string + readOnly: true + etag: + type: string description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` + Output only. A system-generated fingerprint for this version of the + resource. May be used to detect modification conflict during + updates. + readOnly: true + job: + description: Output only. The name of the parent Job. type: string - format: google-fieldmask - GoogleIamV1TestIamPermissionsRequest: - id: GoogleIamV1TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: + readOnly: true + startTime: + type: string + format: google-datetime + readOnly: true description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - GoogleIamV1TestIamPermissionsResponse: - id: GoogleIamV1TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object - properties: - permissions: + Output only. Represents time when the execution started to run. It + is not guaranteed to be set in happens-before order across separate + operations. + logUri: + type: string description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - GoogleCloudRunV2Revision: - id: GoogleCloudRunV2Revision - description: >- - A Revision is an immutable snapshot of code and configuration. A - Revision references a container image. Revisions are only created by - updates to its parent Service. - type: object - properties: - name: - description: Output only. The unique name of this Revision. + Output only. URI where logs for this execution can be found in Cloud + Console. + readOnly: true + reconciling: + type: boolean + readOnly: true + description: >- + Output only. Indicates whether the resource's reconciliation is + still in progress. See comments in `Job.reconciling` for additional + information on reconciliation process in Cloud Run. + failedCount: + type: integer + format: int32 + description: Output only. The number of tasks which reached phase Failed. + readOnly: true + observedGeneration: readOnly: true type: string - uid: + format: int64 description: >- - Output only. Server assigned unique identifier for the Revision. The - value is a UUID4 string and guaranteed to remain unchanged until the - resource is deleted. + Output only. The generation of this Execution. See comments in + `reconciling` for additional information on reconciliation process + in Cloud Run. + template: + description: Output only. The template used to create tasks for this execution. readOnly: true + $ref: '#/components/schemas/GoogleCloudRunV2TaskTemplate' + name: type: string + readOnly: true + description: Output only. The unique name of this Execution. generation: + format: int64 description: >- Output only. A number that monotonically increases every time the user modifies the desired state. readOnly: true type: string - format: int64 - labels: + conditions: + items: + $ref: '#/components/schemas/GoogleCloudRunV2Condition' description: >- - Output only. Unstructured key value map that can be used to organize - and categorize objects. User-provided labels are shared with - Google's billing system, so they can be used to filter, or break - down billing charges by team, component, environment, state, etc. - For more information, visit - https://cloud.google.com/resource-manager/docs/creating-managing-labels - or https://cloud.google.com/run/docs/configuring/labels. + Output only. The Condition of this Execution, containing its + readiness status, and detailed error information in case it did not + reach the desired state. readOnly: true - type: object - additionalProperties: - type: string - annotations: + type: array + completionTime: description: >- - Output only. Unstructured key value map that may be set by external - tools to store and arbitrary metadata. They are not queryable and - should be preserved when modifying objects. - readOnly: true - type: object - additionalProperties: - type: string - createTime: - description: Output only. The creation time. - readOnly: true + Output only. Represents time when the execution was completed. It is + not guaranteed to be set in happens-before order across separate + operations. type: string format: google-datetime + readOnly: true + satisfiesPzs: + description: Output only. Reserved for future use. + type: boolean + readOnly: true updateTime: + readOnly: true description: Output only. The last-modified time. + format: google-datetime + type: string + creator: + description: Output only. Email address of the authenticated creator. readOnly: true type: string - format: google-datetime - deleteTime: + GoogleDevtoolsCloudbuildV1BuildOperationMetadata: + description: Metadata for build operations. + type: object + properties: + build: + description: The build that the operation is tracking. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Build' + id: GoogleDevtoolsCloudbuildV1BuildOperationMetadata + GoogleCloudRunV2ListRevisionsResponse: + type: object + id: GoogleCloudRunV2ListRevisionsResponse + description: Response message containing a list of Revisions. + properties: + nextPageToken: description: >- - Output only. For a deleted resource, the deletion time. It is only - populated as a response to a Delete request. - readOnly: true + A token indicating there are more items than page_size. Use it in + the next ListRevisions request to continue. type: string - format: google-datetime - expireTime: + revisions: + type: array + description: The resulting list of Revisions. + items: + $ref: '#/components/schemas/GoogleCloudRunV2Revision' + GoogleDevtoolsCloudbuildV1Warning: + type: object + properties: + text: + description: Explanation of the warning generated. + type: string + priority: + enumDescriptions: + - Should not be used. + - e.g. deprecation warnings and alternative feature highlights. + - e.g. automated detection of possible issues with the build. + - e.g. alerts that a feature used in the build is pending removal + description: The priority for this warning. + enum: + - PRIORITY_UNSPECIFIED + - INFO + - WARNING + - ALERT + type: string + id: GoogleDevtoolsCloudbuildV1Warning + description: A non-fatal problem encountered during the execution of the build. + GoogleCloudRunV2ContainerPort: + properties: + containerPort: + type: integer description: >- - Output only. For a deleted resource, the time after which it will be - permamently deleted. It is only populated as a response to a Delete - request. - readOnly: true + Port number the container listens on. This must be a valid TCP port + number, 0 < container_port < 65536. + format: int32 + name: + description: >- + If specified, used to specify which protocol to use. Allowed values + are "http1" and "h2c". type: string - format: google-datetime - launchStage: + description: ContainerPort represents a network port in a single container. + id: GoogleCloudRunV2ContainerPort + type: object + GoogleCloudRunV2SubmitBuildRequest: + description: Request message for submitting a Build. + properties: + workerPool: description: >- - The least stable launch stage needed to create this resource, as - defined by [Google Cloud Platform Launch - Stages](https://cloud.google.com/terms/launch-stages). Cloud Run - supports `ALPHA`, `BETA`, and `GA`. Note that this value might not - be what was used as input. For example, if ALPHA was provided as - input in the parent resource, but only BETA and GA-level features - are were, this field will be BETA. + Optional. Name of the Cloud Build Custom Worker Pool that should be + used to build the function. The format of this field is + `projects/{project}/locations/{region}/workerPools/{workerPool}` + where `{project}` and `{region}` are the project id and region + respectively where the worker pool is defined and `{workerPool}` is + the short name of the worker pool. + type: string + releaseTrack: + enum: + - LAUNCH_STAGE_UNSPECIFIED + - UNIMPLEMENTED + - PRELAUNCH + - EARLY_ACCESS + - ALPHA + - BETA + - GA + - DEPRECATED + description: >- + Optional. The release track of the client that initiated the build + request. type: string enumDescriptions: - Do not use this default value. @@ -2467,79 +2276,214 @@ components: [Terms of Service](https://cloud.google.com/terms/) and the [Google Cloud Platform Subject to the Deprecation Policy](https://cloud.google.com/terms/deprecation) documentation. - enum: - - LAUNCH_STAGE_UNSPECIFIED - - UNIMPLEMENTED - - PRELAUNCH - - EARLY_ACCESS - - ALPHA - - BETA - - GA - - DEPRECATED - service: - description: Output only. The name of the parent service. - readOnly: true + serviceAccount: + description: >- + Optional. The service account to use for the build. If not set, the + default Cloud Build service account for the project will be used. type: string - scaling: - description: Scaling settings for this revision. - $ref: '#/components/schemas/GoogleCloudRunV2RevisionScaling' - vpcAccess: + dockerBuild: description: >- - VPC Access configuration for this Revision. For more information, - visit https://cloud.google.com/run/docs/configuring/connecting-vpc. - $ref: '#/components/schemas/GoogleCloudRunV2VpcAccess' - maxInstanceRequestConcurrency: + Build the source using Docker. This means the source has a + Dockerfile. + $ref: '#/components/schemas/GoogleCloudRunV2DockerBuild' + client: + description: Optional. The client that initiated the build request. + type: string + imageUri: + type: string + description: Required. Artifact Registry URI to store the built image. + machineType: + description: >- + Optional. The machine type from default pool to use for the build. + If left blank, cloudbuild will use a sensible default. Currently + only E2_HIGHCPU_8 is supported. If worker_pool is set, this field + will be ignored. + type: string + buildpackBuild: + $ref: '#/components/schemas/GoogleCloudRunV2BuildpacksBuild' + description: Build the source using Buildpacks. + tags: + description: Optional. Additional tags to annotate the build. + type: array + items: + type: string + storageSource: + description: Required. Source for the build. + $ref: '#/components/schemas/GoogleCloudRunV2StorageSource' + id: GoogleCloudRunV2SubmitBuildRequest + type: object + GoogleDevtoolsCloudbuildV1GitConfig: + type: object + properties: + http: + description: Configuration for HTTP related git operations. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1HttpConfig' + description: GitConfig is a configuration for git operations. + id: GoogleDevtoolsCloudbuildV1GitConfig + GoogleDevtoolsCloudbuildV1FileHashes: + description: >- + Container message for hashes of byte content of files, used in + SourceProvenance messages to verify integrity of source input to the + build. + properties: + fileHash: + items: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Hash' + description: Collection of file hashes. + type: array + type: object + id: GoogleDevtoolsCloudbuildV1FileHashes + GoogleDevtoolsCloudbuildV1Source: + type: object + id: GoogleDevtoolsCloudbuildV1Source + description: Location of the source in a supported storage service. + properties: + storageSourceManifest: + description: >- + If provided, get the source from this manifest in Cloud Storage. + This feature is in Preview; see description + [here](https://github.com/GoogleCloudPlatform/cloud-builders/tree/master/gcs-fetcher). + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1StorageSourceManifest' + gitSource: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1GitSource' + description: If provided, get the source from this Git repository. + repoSource: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1RepoSource' + description: >- + If provided, get the source from this location in a Cloud Source + Repository. + connectedRepository: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1ConnectedRepository' + description: >- + Optional. If provided, get the source from this 2nd-gen Google Cloud + Build repository resource. + developerConnectConfig: + description: If provided, get the source from this Developer Connect config. + $ref: >- + #/components/schemas/GoogleDevtoolsCloudbuildV1DeveloperConnectConfig + storageSource: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1StorageSource' + description: If provided, get the source from this location in Cloud Storage. + GoogleCloudRunV2Metadata: + description: Metadata represents the JSON encoded generated customer metadata. + id: GoogleCloudRunV2Metadata + properties: + metadata: description: >- - Sets the maximum number of requests that each serving instance can - receive. + JSON encoded Google-generated Customer Metadata for a given + resource/project. + type: string + type: object + GoogleCloudRunV2TCPSocketAction: + description: TCPSocketAction describes an action based on opening a socket + id: GoogleCloudRunV2TCPSocketAction + type: object + properties: + port: type: integer format: int32 - timeout: - description: Max allowed time for an instance to respond to a request. - type: string - format: google-duration - serviceAccount: description: >- - Email address of the IAM service account associated with the - revision of the service. The service account represents the identity - of the running revision, and determines what permissions the - revision has. + Optional. Port number to access on the container. Must be in the + range 1 to 65535. If not specified, defaults to the exposed port of + the container, which is the value of + container.ports[0].containerPort. + GoogleCloudRunV2Volume: + type: object + id: GoogleCloudRunV2Volume + description: Volume represents a named volume in a container. + properties: + gcs: + description: Persistent storage backed by a Google Cloud Storage bucket. + $ref: '#/components/schemas/GoogleCloudRunV2GCSVolumeSource' + cloudSqlInstance: + description: >- + For Cloud SQL volumes, contains the specific instances that should + be mounted. Visit + https://cloud.google.com/sql/docs/mysql/connect-run for more + information on how to connect Cloud SQL and Cloud Run. + $ref: '#/components/schemas/GoogleCloudRunV2CloudSqlInstance' + emptyDir: + description: Ephemeral storage used as a shared volume. + $ref: '#/components/schemas/GoogleCloudRunV2EmptyDirVolumeSource' + nfs: + $ref: '#/components/schemas/GoogleCloudRunV2NFSVolumeSource' + description: For NFS Voumes, contains the path to the nfs Volume + name: + description: Required. Volume's name. type: string - containers: + secret: + $ref: '#/components/schemas/GoogleCloudRunV2SecretVolumeSource' + description: Secret represents a secret that should populate this volume. + GoogleCloudRunV2StorageSource: + type: object + id: GoogleCloudRunV2StorageSource + description: Location of the source in an archive file in Google Cloud Storage. + properties: + generation: + type: string + format: int64 description: >- - Holds the single container that defines the unit of execution for - this Revision. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2Container' - volumes: - description: A list of Volumes to make available to containers. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2Volume' - executionEnvironment: - description: The execution environment being used to host this Revision. + Optional. Google Cloud Storage generation for the object. If the + generation is omitted, the latest generation will be used. + bucket: + description: >- + Required. Google Cloud Storage bucket containing the source (see + [Bucket Name + Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). type: string - enumDescriptions: - - Unspecified - - Uses the First Generation environment. - - Uses Second Generation environment. - enum: - - EXECUTION_ENVIRONMENT_UNSPECIFIED - - EXECUTION_ENVIRONMENT_GEN1 - - EXECUTION_ENVIRONMENT_GEN2 + object: + type: string + description: >- + Required. Google Cloud Storage object containing the source. This + object must be a gzipped archive file (`.tar.gz`) containing source + to build. + GoogleCloudRunV2WorkerPoolRevisionTemplate: + properties: encryptionKey: + type: string description: >- A reference to a customer managed encryption key (CMEK) to use to encrypt this container image. For more information, go to https://cloud.google.com/run/docs/securing/using-cmek - type: string serviceMesh: - description: Enables service mesh connectivity. + description: Optional. Enables service mesh connectivity. $ref: '#/components/schemas/GoogleCloudRunV2ServiceMesh' + nodeSelector: + $ref: '#/components/schemas/GoogleCloudRunV2NodeSelector' + description: Optional. The node selector for the revision template. + annotations: + type: object + description: >- + Optional. Unstructured key value map that may be set by external + tools to store and arbitrary metadata. They are not queryable and + should be preserved when modifying objects. Cloud Run API v2 does + not support annotations with `run.googleapis.com`, + `cloud.googleapis.com`, `serving.knative.dev`, or + `autoscaling.knative.dev` namespaces, and they will be rejected. All + system annotations in v1 now have a corresponding field in v2 + WorkerPoolRevisionTemplate. This field follows Kubernetes + annotations' namespacing, limits, and rules. + additionalProperties: + type: string + volumes: + description: Optional. A list of Volumes to make available to containers. + items: + $ref: '#/components/schemas/GoogleCloudRunV2Volume' + type: array + gpuZonalRedundancyDisabled: + description: >- + Optional. True if GPU zonal redundancy is disabled on this worker + pool. + type: boolean + containers: + description: >- + Holds list of the containers that defines the unit of execution for + this Revision. + type: array + items: + $ref: '#/components/schemas/GoogleCloudRunV2Container' encryptionKeyRevocationAction: - description: The action to take if the encryption key is revoked. - type: string + description: Optional. The action to take if the encryption key is revoked. enumDescriptions: - Unspecified - Prevents the creation of new instances. @@ -2548,264 +2492,161 @@ components: - ENCRYPTION_KEY_REVOCATION_ACTION_UNSPECIFIED - PREVENT_NEW - SHUTDOWN - encryptionKeyShutdownDuration: - description: >- - If encryption_key_revocation_action is SHUTDOWN, the duration before - shutting down all instances. The minimum increment is 1 hour. - type: string - format: google-duration - reconciling: - description: >- - Output only. Indicates whether the resource's reconciliation is - still in progress. See comments in `Service.reconciling` for - additional information on reconciliation process in Cloud Run. - readOnly: true - type: boolean - conditions: - description: >- - Output only. The Condition of this Revision, containing its - readiness status, and detailed error information in case it did not - reach a serving state. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2Condition' - observedGeneration: - description: >- - Output only. The generation of this Revision currently serving - traffic. See comments in `reconciling` for additional information on - reconciliation process in Cloud Run. - readOnly: true - type: string - format: int64 - logUri: - description: Output only. The Google Console URI to obtain logs for the Revision. - readOnly: true type: string - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - sessionAffinity: - description: Enable session affinity. - type: boolean - scalingStatus: - description: >- - Output only. The current effective scaling settings for the - revision. - readOnly: true - $ref: '#/components/schemas/GoogleCloudRunV2RevisionScalingStatus' - nodeSelector: - description: The node selector for the revision. - $ref: '#/components/schemas/GoogleCloudRunV2NodeSelector' - gpuZonalRedundancyDisabled: + labels: description: >- - Optional. Output only. True if GPU zonal redundancy is disabled on - this revision. - readOnly: true - type: boolean - creator: - description: Output only. Email address of the authenticated creator. - readOnly: true - type: string - etag: + Optional. Unstructured key value map that can be used to organize + and categorize objects. User-provided labels are shared with + Google's billing system, so they can be used to filter, or break + down billing charges by team, component, environment, state, etc. + For more information, visit + https://cloud.google.com/resource-manager/docs/creating-managing-labels + or https://cloud.google.com/run/docs/configuring/labels. Cloud Run + API v2 does not support labels with `run.googleapis.com`, + `cloud.googleapis.com`, `serving.knative.dev`, or + `autoscaling.knative.dev` namespaces, and they will be rejected. All + system labels in v1 now have a corresponding field in v2 + WorkerPoolRevisionTemplate. + additionalProperties: + type: string + type: object + serviceAccount: description: >- - Output only. A system-generated fingerprint for this version of the - resource. May be used to detect modification conflict during - updates. - readOnly: true + Optional. Email address of the IAM service account associated with + the revision of the service. The service account represents the + identity of the running revision, and determines what permissions + the revision has. If not provided, the revision will use the + project's default service account. type: string - GoogleCloudRunV2RevisionScaling: - id: GoogleCloudRunV2RevisionScaling - description: Settings for revision-level scaling settings. - type: object - properties: - minInstanceCount: - description: >- - Optional. Minimum number of serving instances that this resource - should have. - type: integer - format: int32 - maxInstanceCount: + vpcAccess: + $ref: '#/components/schemas/GoogleCloudRunV2VpcAccess' description: >- - Optional. Maximum number of serving instances that this resource - should have. When unspecified, the field is set to the server - default value of 100. For more information see - https://cloud.google.com/run/docs/configuring/max-instances - type: integer - format: int32 - GoogleCloudRunV2ServiceMesh: - id: GoogleCloudRunV2ServiceMesh - description: >- - Settings for Cloud Service Mesh. For more information see - https://cloud.google.com/service-mesh/docs/overview. - type: object - properties: - mesh: + Optional. VPC Access configuration to use for this Revision. For + more information, visit + https://cloud.google.com/run/docs/configuring/connecting-vpc. + revision: + type: string description: >- - The Mesh resource name. Format: - `projects/{project}/locations/global/meshes/{mesh}`, where - `{project}` can be project id or number. + Optional. The unique name for the revision. If this field is + omitted, it will be automatically generated based on the WorkerPool + name. + encryptionKeyShutdownDuration: + description: >- + Optional. If encryption_key_revocation_action is SHUTDOWN, the + duration before shutting down all instances. The minimum increment + is 1 hour. type: string - GoogleCloudRunV2RevisionScalingStatus: - id: GoogleCloudRunV2RevisionScalingStatus - description: Effective settings for the current revision + format: google-duration + description: >- + WorkerPoolRevisionTemplate describes the data a worker pool revision + should have when created from a template. type: object - properties: - desiredMinInstanceCount: - description: The current number of min instances provisioned for this revision. - type: integer - format: int32 - GoogleCloudRunV2ListRevisionsResponse: - id: GoogleCloudRunV2ListRevisionsResponse - description: Response message containing a list of Revisions. + id: GoogleCloudRunV2WorkerPoolRevisionTemplate + GoogleCloudRunV2ExportImageResponse: + id: GoogleCloudRunV2ExportImageResponse type: object properties: - revisions: - description: The resulting list of Revisions. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2Revision' - nextPageToken: + operationId: description: >- - A token indicating there are more items than page_size. Use it in - the next ListRevisions request to continue. + An operation ID used to track the status of image exports tied to + the original pod ID in the request. type: string - GoogleCloudRunV2Service: - id: GoogleCloudRunV2Service description: >- - Service acts as a top-level container that manages a set of - configurations and revision templates which implement a network service. - Service exists to provide a singular abstraction which can be access - controlled, reasoned about, and which encapsulates software lifecycle - decisions such as rollout policy and team resource ownership. + ExportImageResponse contains an operation Id to track the image export + operation. + GoogleCloudRunV2Job: + description: >- + Job represents the configuration of a single job, which references a + container image that is run to completion. + id: GoogleCloudRunV2Job type: object properties: - name: - description: >- - The fully qualified name of this Service. In CreateServiceRequest, - this field is ignored, and instead composed from - CreateServiceRequest.parent and CreateServiceRequest.service_id. - Format: - projects/{project}/locations/{location}/services/{service_id} - type: string - description: - description: >- - User-provided description of the Service. This field currently has a - 512-character limit. - type: string - uid: - description: >- - Output only. Server assigned unique identifier for the trigger. The - value is a UUID4 string and guaranteed to remain unchanged until the - resource is deleted. - readOnly: true + observedGeneration: + format: int64 type: string - generation: description: >- - Output only. A number that monotonically increases every time the - user modifies the desired state. Please note that unlike v1, this is - an int64 value. As with most Google APIs, its JSON representation - will be a `string` instead of an `integer`. + Output only. The generation of this Job. See comments in + `reconciling` for additional information on reconciliation process + in Cloud Run. readOnly: true - type: string - format: int64 labels: + type: object + additionalProperties: + type: string description: >- - Optional. Unstructured key value map that can be used to organize - and categorize objects. User-provided labels are shared with - Google's billing system, so they can be used to filter, or break - down billing charges by team, component, environment, state, etc. - For more information, visit + Unstructured key value map that can be used to organize and + categorize objects. User-provided labels are shared with Google's + billing system, so they can be used to filter, or break down billing + charges by team, component, environment, state, etc. For more + information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels. Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected. All - system labels in v1 now have a corresponding field in v2 Service. - type: object - additionalProperties: - type: string - annotations: + system labels in v1 now have a corresponding field in v2 Job. + etag: + type: string description: >- - Optional. Unstructured key value map that may be set by external - tools to store and arbitrary metadata. They are not queryable and - should be preserved when modifying objects. Cloud Run API v2 does - not support annotations with `run.googleapis.com`, - `cloud.googleapis.com`, `serving.knative.dev`, or - `autoscaling.knative.dev` namespaces, and they will be rejected in - new resources. All system annotations in v1 now have a corresponding - field in v2 Service. This field follows Kubernetes annotations' - namespacing, limits, and rules. - type: object - additionalProperties: - type: string - createTime: - description: Output only. The creation time. - readOnly: true + Optional. A system-generated fingerprint for this version of the + resource. May be used to detect modification conflict during + updates. + runExecutionToken: + description: >- + A unique string used as a suffix for creating a new execution. The + Job will become ready when the execution is successfully completed. + The sum of job name and token length must be fewer than 63 + characters. type: string - format: google-datetime - updateTime: - description: Output only. The last-modified time. + expireTime: readOnly: true - type: string format: google-datetime - deleteTime: - description: >- - Output only. The deletion time. It is only populated as a response - to a Delete request. - readOnly: true type: string - format: google-datetime - expireTime: description: >- Output only. For a deleted resource, the time after which it will be - permanently deleted. - readOnly: true + permamently deleted. + binaryAuthorization: + description: Settings for the Binary Authorization feature. + $ref: '#/components/schemas/GoogleCloudRunV2BinaryAuthorization' + startExecutionToken: + description: >- + A unique string used as a suffix creating a new execution. The Job + will become ready when the execution is successfully started. The + sum of job name and token length must be fewer than 63 characters. type: string - format: google-datetime - creator: - description: Output only. Email address of the authenticated creator. + latestCreatedExecution: + description: Output only. Name of the last created execution. readOnly: true + $ref: '#/components/schemas/GoogleCloudRunV2ExecutionReference' + uid: type: string - lastModifier: - description: Output only. Email address of the last authenticated modifier. + description: >- + Output only. Server assigned unique identifier for the Execution. + The value is a UUID4 string and guaranteed to remain unchanged until + the resource is deleted. + readOnly: true + terminalCondition: + $ref: '#/components/schemas/GoogleCloudRunV2Condition' readOnly: true - type: string - client: - description: Arbitrary identifier for the API client. - type: string - clientVersion: - description: Arbitrary version identifier for the API client. - type: string - ingress: description: >- - Optional. Provides the ingress settings for this Service. On output, - returns the currently observed ingress settings, or - INGRESS_TRAFFIC_UNSPECIFIED if no revision is active. - type: string - enumDescriptions: - - Unspecified - - All inbound traffic is allowed. - - Only internal traffic is allowed. - - Both internal and Google Cloud Load Balancer traffic is allowed. - - No ingress traffic is allowed. - enum: - - INGRESS_TRAFFIC_UNSPECIFIED - - INGRESS_TRAFFIC_ALL - - INGRESS_TRAFFIC_INTERNAL_ONLY - - INGRESS_TRAFFIC_INTERNAL_LOAD_BALANCER - - INGRESS_TRAFFIC_NONE + Output only. The Condition of this Job, containing its readiness + status, and detailed error information in case it did not reach the + desired state. + executionCount: + format: int32 + readOnly: true + type: integer + description: Output only. Number of executions created for this job. launchStage: - description: >- - Optional. The launch stage as defined by [Google Cloud Platform - Launch Stages](https://cloud.google.com/terms/launch-stages). Cloud - Run supports `ALPHA`, `BETA`, and `GA`. If no value is specified, GA - is assumed. Set the launch stage to a preview stage on input to - allow use of preview features in that stage. On read (or output), - describes whether the resource uses preview features. For example, - if ALPHA is provided as input, but only BETA and GA-level features - are used, this field will be BETA on output. + enum: + - LAUNCH_STAGE_UNSPECIFIED + - UNIMPLEMENTED + - PRELAUNCH + - EARLY_ACCESS + - ALPHA + - BETA + - GA + - DEPRECATED type: string enumDescriptions: - Do not use this default value. @@ -2844,355 +2685,213 @@ components: more information, see the "Deprecation Policy" section of our [Terms of Service](https://cloud.google.com/terms/) and the [Google Cloud Platform Subject to the Deprecation - Policy](https://cloud.google.com/terms/deprecation) documentation. - enum: - - LAUNCH_STAGE_UNSPECIFIED - - UNIMPLEMENTED - - PRELAUNCH - - EARLY_ACCESS - - ALPHA - - BETA - - GA - - DEPRECATED - binaryAuthorization: - description: Optional. Settings for the Binary Authorization feature. - $ref: '#/components/schemas/GoogleCloudRunV2BinaryAuthorization' - template: - description: Required. The template used to create revisions for this Service. - $ref: '#/components/schemas/GoogleCloudRunV2RevisionTemplate' - traffic: - description: >- - Optional. Specifies how to distribute traffic over a collection of - Revisions belonging to the Service. If traffic is empty or not - provided, defaults to 100% traffic to the latest `Ready` Revision. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2TrafficTarget' - scaling: - description: Optional. Specifies service-level scaling settings - $ref: '#/components/schemas/GoogleCloudRunV2ServiceScaling' - invokerIamDisabled: - description: >- - Optional. Disables IAM permission check for run.routes.invoke for - callers of this service. For more information, visit - https://cloud.google.com/run/docs/securing/managing-access#invoker_check. - type: boolean - defaultUriDisabled: - description: >- - Optional. Disables public resolution of the default URI of this - service. - type: boolean - urls: - description: Output only. All URLs serving traffic for this Service. + Policy](https://cloud.google.com/terms/deprecation) documentation. + description: >- + The launch stage as defined by [Google Cloud Platform Launch + Stages](https://cloud.google.com/terms/launch-stages). Cloud Run + supports `ALPHA`, `BETA`, and `GA`. If no value is specified, GA is + assumed. Set the launch stage to a preview stage on input to allow + use of preview features in that stage. On read (or output), + describes whether the resource uses preview features. For example, + if ALPHA is provided as input, but only BETA and GA-level features + are used, this field will be BETA on output. + creator: + description: Output only. Email address of the authenticated creator. readOnly: true - type: array - items: - type: string - iapEnabled: - description: Optional. IAP settings on the Service. + type: string + reconciling: type: boolean - multiRegionSettings: - description: Optional. Settings for multi-region deployment. - $ref: '#/components/schemas/GoogleCloudRunV2MultiRegionSettings' - customAudiences: - description: >- - One or more custom audiences that you want this service to support. - Specify each custom audience as the full URL in a string. The custom - audiences are encoded in the token and used to authenticate - requests. For more information, see - https://cloud.google.com/run/docs/configuring/custom-audiences. - type: array - items: - type: string - observedGeneration: description: >- - Output only. The generation of this Service currently serving - traffic. See comments in `reconciling` for additional information on - reconciliation process in Cloud Run. Please note that unlike v1, - this is an int64 value. As with most Google APIs, its JSON - representation will be a `string` instead of an `integer`. + Output only. Returns true if the Job is currently being acted upon + by the system to bring it into the desired state. When a new Job is + created, or an existing one is updated, Cloud Run will + asynchronously perform all necessary steps to bring the Job to the + desired state. This process is called reconciliation. While + reconciliation is in process, `observed_generation` and + `latest_succeeded_execution`, will have transient values that might + mismatch the intended state: Once reconciliation is over (and this + field is false), there are two possible outcomes: reconciliation + succeeded and the state matches the Job, or there was an error, and + reconciliation failed. This state can be found in + `terminal_condition.state`. If reconciliation succeeded, the + following fields will match: `observed_generation` and `generation`, + `latest_succeeded_execution` and `latest_created_execution`. If + reconciliation failed, `observed_generation` and + `latest_succeeded_execution` will have the state of the last + succeeded execution or empty for newly created Job. Additional + information on the failure can be found in `terminal_condition` and + `conditions`. readOnly: true + clientVersion: + description: Arbitrary version identifier for the API client. type: string + generation: format: int64 - terminalCondition: - description: >- - Output only. The Condition of this Service, containing its readiness - status, and detailed error information in case it did not reach a - serving state. See comments in `reconciling` for additional - information on reconciliation process in Cloud Run. readOnly: true - $ref: '#/components/schemas/GoogleCloudRunV2Condition' - conditions: + type: string description: >- - Output only. The Conditions of all other associated sub-resources. - They contain additional diagnostics information in case the Service - does not reach its Serving state. See comments in `reconciling` for - additional information on reconciliation process in Cloud Run. + Output only. A number that monotonically increases every time the + user modifies the desired state. + conditions: readOnly: true - type: array items: $ref: '#/components/schemas/GoogleCloudRunV2Condition' - latestReadyRevision: - description: >- - Output only. Name of the latest revision that is serving traffic. - See comments in `reconciling` for additional information on - reconciliation process in Cloud Run. - readOnly: true - type: string - latestCreatedRevision: + type: array description: >- - Output only. Name of the last created revision. See comments in - `reconciling` for additional information on reconciliation process - in Cloud Run. + Output only. The Conditions of all other associated sub-resources. + They contain additional diagnostics information in case the Job does + not reach its desired state. See comments in `reconciling` for + additional information on reconciliation process in Cloud Run. + satisfiesPzs: + type: boolean + description: Output only. Reserved for future use. readOnly: true + lastModifier: + description: Output only. Email address of the last authenticated modifier. type: string - trafficStatuses: - description: >- - Output only. Detailed status information for corresponding traffic - targets. See comments in `reconciling` for additional information on - reconciliation process in Cloud Run. readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2TrafficTargetStatus' - uri: - description: Output only. The main URI in which this Service is serving traffic. + createTime: readOnly: true type: string - satisfiesPzs: - description: Output only. Reserved for future use. + format: google-datetime + description: Output only. The creation time. + client: + type: string + description: Arbitrary identifier for the API client. + updateTime: + format: google-datetime + type: string + description: Output only. The last-modified time. readOnly: true - type: boolean - threatDetectionEnabled: + name: + type: string description: >- - Output only. True if Cloud Run Threat Detection monitoring is - enabled for the parent project of this Service. - readOnly: true - type: boolean - buildConfig: - description: Optional. Configuration for building a Cloud Run function. - $ref: '#/components/schemas/GoogleCloudRunV2BuildConfig' - reconciling: + The fully qualified name of this Job. Format: + projects/{project}/locations/{location}/jobs/{job} + template: + description: Required. The template used to create executions for this Job. + $ref: '#/components/schemas/GoogleCloudRunV2ExecutionTemplate' + deleteTime: description: >- - Output only. Returns true if the Service is currently being acted - upon by the system to bring it into the desired state. When a new - Service is created, or an existing one is updated, Cloud Run will - asynchronously perform all necessary steps to bring the Service to - the desired serving state. This process is called reconciliation. - While reconciliation is in process, `observed_generation`, - `latest_ready_revision`, `traffic_statuses`, and `uri` will have - transient values that might mismatch the intended state: Once - reconciliation is over (and this field is false), there are two - possible outcomes: reconciliation succeeded and the serving state - matches the Service, or there was an error, and reconciliation - failed. This state can be found in `terminal_condition.state`. If - reconciliation succeeded, the following fields will match: `traffic` - and `traffic_statuses`, `observed_generation` and `generation`, - `latest_ready_revision` and `latest_created_revision`. If - reconciliation failed, `traffic_statuses`, `observed_generation`, - and `latest_ready_revision` will have the state of the last serving - revision, or empty for newly created Services. Additional - information on the failure can be found in `terminal_condition` and - `conditions`. + Output only. The deletion time. It is only populated as a response + to a Delete request. readOnly: true - type: boolean - etag: - description: >- - Optional. A system-generated fingerprint for this version of the - resource. May be used to detect modification conflict during - updates. - type: string - GoogleCloudRunV2RevisionTemplate: - id: GoogleCloudRunV2RevisionTemplate - description: >- - RevisionTemplate describes the data a revision should have when created - from a template. - type: object - properties: - revision: - description: >- - Optional. The unique name for the revision. If this field is - omitted, it will be automatically generated based on the Service - name. type: string - labels: - description: >- - Optional. Unstructured key value map that can be used to organize - and categorize objects. User-provided labels are shared with - Google's billing system, so they can be used to filter, or break - down billing charges by team, component, environment, state, etc. - For more information, visit - https://cloud.google.com/resource-manager/docs/creating-managing-labels - or https://cloud.google.com/run/docs/configuring/labels. Cloud Run - API v2 does not support labels with `run.googleapis.com`, - `cloud.googleapis.com`, `serving.knative.dev`, or - `autoscaling.knative.dev` namespaces, and they will be rejected. All - system labels in v1 now have a corresponding field in v2 - RevisionTemplate. - type: object - additionalProperties: - type: string + format: google-datetime annotations: - description: >- - Optional. Unstructured key value map that may be set by external - tools to store and arbitrary metadata. They are not queryable and - should be preserved when modifying objects. Cloud Run API v2 does - not support annotations with `run.googleapis.com`, - `cloud.googleapis.com`, `serving.knative.dev`, or - `autoscaling.knative.dev` namespaces, and they will be rejected. All - system annotations in v1 now have a corresponding field in v2 - RevisionTemplate. This field follows Kubernetes annotations' - namespacing, limits, and rules. type: object additionalProperties: type: string - scaling: - description: Optional. Scaling settings for this Revision. - $ref: '#/components/schemas/GoogleCloudRunV2RevisionScaling' - vpcAccess: - description: >- - Optional. VPC Access configuration to use for this Revision. For - more information, visit - https://cloud.google.com/run/docs/configuring/connecting-vpc. - $ref: '#/components/schemas/GoogleCloudRunV2VpcAccess' - timeout: - description: Optional. Max allowed time for an instance to respond to a request. - type: string - format: google-duration - serviceAccount: description: >- - Optional. Email address of the IAM service account associated with - the revision of the service. The service account represents the - identity of the running revision, and determines what permissions - the revision has. If not provided, the revision will use the - project's default service account. + Unstructured key value map that may be set by external tools to + store and arbitrary metadata. They are not queryable and should be + preserved when modifying objects. Cloud Run API v2 does not support + annotations with `run.googleapis.com`, `cloud.googleapis.com`, + `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and + they will be rejected on new resources. All system annotations in v1 + now have a corresponding field in v2 Job. This field follows + Kubernetes annotations' namespacing, limits, and rules. + GoogleIamV1AuditConfig: + id: GoogleIamV1AuditConfig + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + type: object + properties: + service: type: string - containers: description: >- - Holds the single container that defines the unit of execution for - this Revision. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2Container' - volumes: - description: Optional. A list of Volumes to make available to containers. + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + auditLogConfigs: + description: The configuration for logging of each type of permission. type: array items: - $ref: '#/components/schemas/GoogleCloudRunV2Volume' - executionEnvironment: - description: Optional. The sandbox environment to host this Revision. - type: string - enumDescriptions: - - Unspecified - - Uses the First Generation environment. - - Uses Second Generation environment. - enum: - - EXECUTION_ENVIRONMENT_UNSPECIFIED - - EXECUTION_ENVIRONMENT_GEN1 - - EXECUTION_ENVIRONMENT_GEN2 - encryptionKey: + $ref: '#/components/schemas/GoogleIamV1AuditLogConfig' + GoogleDevtoolsCloudbuildV1MavenArtifact: + id: GoogleDevtoolsCloudbuildV1MavenArtifact + description: >- + A Maven artifact to upload to Artifact Registry upon successful + completion of all build steps. + properties: + artifactId: description: >- - A reference to a customer managed encryption key (CMEK) to use to - encrypt this container image. For more information, go to - https://cloud.google.com/run/docs/securing/using-cmek + Maven `artifactId` value used when uploading the artifact to + Artifact Registry. type: string - maxInstanceRequestConcurrency: - description: >- - Optional. Sets the maximum number of requests that each serving - instance can receive. If not specified or 0, concurrency defaults to - 80 when requested `CPU >= 1` and defaults to 1 when requested `CPU < - 1`. - type: integer - format: int32 - serviceMesh: - description: Optional. Enables service mesh connectivity. - $ref: '#/components/schemas/GoogleCloudRunV2ServiceMesh' - encryptionKeyRevocationAction: - description: Optional. The action to take if the encryption key is revoked. + deployFolder: type: string - enumDescriptions: - - Unspecified - - Prevents the creation of new instances. - - Shuts down existing instances, and prevents creation of new ones. - enum: - - ENCRYPTION_KEY_REVOCATION_ACTION_UNSPECIFIED - - PREVENT_NEW - - SHUTDOWN - encryptionKeyShutdownDuration: description: >- - Optional. If encryption_key_revocation_action is SHUTDOWN, the - duration before shutting down all instances. The minimum increment - is 1 hour. - type: string - format: google-duration - sessionAffinity: - description: Optional. Enable session affinity. - type: boolean - healthCheckDisabled: - description: Optional. Disables health checking containers during deployment. - type: boolean - nodeSelector: - description: Optional. The node selector for the revision template. - $ref: '#/components/schemas/GoogleCloudRunV2NodeSelector' - gpuZonalRedundancyDisabled: - description: Optional. True if GPU zonal redundancy is disabled on this revision. - type: boolean - GoogleCloudRunV2TrafficTarget: - id: GoogleCloudRunV2TrafficTarget - description: >- - Holds a single traffic routing entry for the Service. Allocations can be - done to a specific Revision name, or pointing to the latest Ready - Revision. - type: object - properties: - type: - description: The allocation type for this traffic target. + Optional. Path to a folder containing the files to upload to + Artifact Registry. This can be either an absolute path, e.g. + `/workspace/my-app/target/`, or a relative path from /workspace, + e.g. `my-app/target/`. This field is mutually exclusive with the + `path` field. + path: type: string - enumDescriptions: - - Unspecified instance allocation type. - - Allocates instances to the Service's latest ready Revision. - - Allocates instances to a Revision by name. - enum: - - TRAFFIC_TARGET_ALLOCATION_TYPE_UNSPECIFIED - - TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST - - TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION - revision: description: >- - Revision to which to send this portion of traffic, if traffic - allocation is by revision. + Optional. Path to an artifact in the build's workspace to be + uploaded to Artifact Registry. This can be either an absolute path, + e.g. /workspace/my-app/target/my-app-1.0.SNAPSHOT.jar or a relative + path from /workspace, e.g. my-app/target/my-app-1.0.SNAPSHOT.jar. + version: type: string - percent: description: >- - Specifies percent of the traffic to this Revision. This defaults to - zero if unspecified. - type: integer - format: int32 - tag: + Maven `version` value used when uploading the artifact to Artifact + Registry. + repository: description: >- - Indicates a string to be part of the URI to exclusively reference - this target. + Artifact Registry repository, in the form + "https://$REGION-maven.pkg.dev/$PROJECT/$REPOSITORY" Artifact in the + workspace specified by path will be uploaded to Artifact Registry + with this location as a prefix. + type: string + groupId: + description: >- + Maven `groupId` value used when uploading the artifact to Artifact + Registry. type: string - GoogleCloudRunV2ServiceScaling: - id: GoogleCloudRunV2ServiceScaling - description: >- - Scaling settings applied at the service level rather than at the - revision level. type: object + GoogleCloudRunV2ServiceScaling: properties: + manualInstanceCount: + format: int32 + description: >- + Optional. total instance count for the service in manual scaling + mode. This number of instances is divided among all revisions with + specified traffic based on the percent of traffic they are + receiving. + type: integer minInstanceCount: + type: integer + format: int32 description: >- Optional. total min instances for the service. This number of instances is divided among all revisions with specified traffic based on the percent of traffic they are receiving. - type: integer - format: int32 scalingMode: - description: Optional. The scaling mode for the service. - type: string enumDescriptions: - Unspecified. - Scale based on traffic between min and max instances. - Scale to exactly min instances and ignore max instances. + description: Optional. The scaling mode for the service. + type: string enum: - SCALING_MODE_UNSPECIFIED - AUTOMATIC @@ -3202,263 +2901,331 @@ components: Optional. total max instances for the service. This number of instances is divided among all revisions with specified traffic based on the percent of traffic they are receiving. + format: int32 + type: integer + type: object + description: >- + Scaling settings applied at the service level rather than at the + revision level. + id: GoogleCloudRunV2ServiceScaling + GoogleDevtoolsCloudbuildV1StorageSource: + id: GoogleDevtoolsCloudbuildV1StorageSource + description: Location of the source in an archive file in Cloud Storage. + properties: + bucket: + description: >- + Cloud Storage bucket containing the source (see [Bucket Name + Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). + type: string + generation: + type: string + description: >- + Optional. Cloud Storage generation for the object. If the generation + is omitted, the latest generation will be used. + format: int64 + sourceFetcher: + enum: + - SOURCE_FETCHER_UNSPECIFIED + - GSUTIL + - GCS_FETCHER + description: >- + Optional. Option to specify the tool to fetch the source file for + the build. + type: string + enumDescriptions: + - Unspecified defaults to GSUTIL. + - Use the "gsutil" tool to download the source file. + - Use the Cloud Storage Fetcher tool to download the source file. + object: + description: >- + Required. Cloud Storage object containing the source. This object + must be a zipped (`.zip`) or gzipped archive file (`.tar.gz`) + containing source to build. + type: string + type: object + GoogleDevtoolsCloudbuildV1Dependency: + properties: + empty: + description: >- + If set to true disable all dependency fetching (ignoring the default + source as well). + type: boolean + gitSource: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1GitSourceDependency' + description: Represents a git repository as a build dependency. + description: >- + A dependency that the Cloud Build worker will fetch before executing + user steps. + type: object + id: GoogleDevtoolsCloudbuildV1Dependency + GoogleCloudRunV2ExecutionTemplate: + type: object + description: >- + ExecutionTemplate describes the data an execution should have when + created from a template. + properties: + template: + description: >- + Required. Describes the task(s) that will be created when executing + an execution. + $ref: '#/components/schemas/GoogleCloudRunV2TaskTemplate' + labels: + description: >- + Unstructured key value map that can be used to organize and + categorize objects. User-provided labels are shared with Google's + billing system, so they can be used to filter, or break down billing + charges by team, component, environment, state, etc. For more + information, visit + https://cloud.google.com/resource-manager/docs/creating-managing-labels + or https://cloud.google.com/run/docs/configuring/labels. Cloud Run + API v2 does not support labels with `run.googleapis.com`, + `cloud.googleapis.com`, `serving.knative.dev`, or + `autoscaling.knative.dev` namespaces, and they will be rejected. All + system labels in v1 now have a corresponding field in v2 + ExecutionTemplate. + additionalProperties: + type: string + type: object + parallelism: + description: >- + Optional. Specifies the maximum desired number of tasks the + execution should run at given time. When the job is run, if this + field is 0 or unset, the maximum possible value will be used for + that execution. The actual number of tasks running in steady state + will be less than this number when there are fewer tasks waiting to + be completed remaining, i.e. when the work left to do is less than + max parallelism. type: integer format: int32 - manualInstanceCount: + taskCount: description: >- - Optional. total instance count for the service in manual scaling - mode. This number of instances is divided among all revisions with - specified traffic based on the percent of traffic they are - receiving. + Specifies the desired number of tasks the execution should run. + Setting to 1 means that parallelism is limited to 1 and the success + of that task signals the success of the execution. Defaults to 1. type: integer format: int32 + annotations: + type: object + description: >- + Unstructured key value map that may be set by external tools to + store and arbitrary metadata. They are not queryable and should be + preserved when modifying objects. Cloud Run API v2 does not support + annotations with `run.googleapis.com`, `cloud.googleapis.com`, + `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and + they will be rejected. All system annotations in v1 now have a + corresponding field in v2 ExecutionTemplate. This field follows + Kubernetes annotations' namespacing, limits, and rules. + additionalProperties: + type: string + id: GoogleCloudRunV2ExecutionTemplate GoogleCloudRunV2MultiRegionSettings: id: GoogleCloudRunV2MultiRegionSettings - description: Settings for multi-region deployment. - type: object properties: regions: - description: Required. List of regions to deploy to, including primary region. - type: array items: type: string + type: array + description: Required. List of regions to deploy to, including primary region. multiRegionId: - description: Optional. System-generated unique id for the multi-region Service. type: string - GoogleCloudRunV2TrafficTargetStatus: - id: GoogleCloudRunV2TrafficTargetStatus - description: Represents the observed state of a single `TrafficTarget` entry. + description: Optional. System-generated unique id for the multi-region Service. type: object + description: Settings for multi-region deployment. + GoogleCloudRunV2CloudStorageSource: properties: - type: - description: The allocation type for this traffic target. - type: string - enumDescriptions: - - Unspecified instance allocation type. - - Allocates instances to the Service's latest ready Revision. - - Allocates instances to a Revision by name. - enum: - - TRAFFIC_TARGET_ALLOCATION_TYPE_UNSPECIFIED - - TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST - - TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION - revision: - description: Revision to which this traffic is sent. + object: type: string - percent: - description: Specifies percent of the traffic to this Revision. - type: integer - format: int32 - tag: - description: >- - Indicates the string used in the URI to exclusively reference this - target. + description: Required. The Cloud Storage object name. + bucket: + description: Required. The Cloud Storage bucket name. type: string - uri: - description: Displays the target URI. + generation: + description: Optional. The Cloud Storage object generation. type: string - GoogleCloudRunV2BuildConfig: - id: GoogleCloudRunV2BuildConfig + format: int64 + description: Cloud Storage source. + type: object + id: GoogleCloudRunV2CloudStorageSource + GoogleCloudRunV2SecretVolumeSource: description: >- - Describes the Build step of the function that builds a container from - the given source. + The secret's value will be presented as the content of a file whose name + is defined in the item path. If no items are defined, the name of the + file is the secret. type: object properties: - name: + defaultMode: + type: integer description: >- - Output only. The Cloud Build name of the latest successful - deployment of the function. - readOnly: true - type: string - sourceLocation: + Integer representation of mode bits to use on created files by + default. Must be a value between 0000 and 0777 (octal), defaulting + to 0444. Directories within the path are not affected by this + setting. Notes * Internally, a umask of 0222 will be applied to any + non-zero value. * This is an integer representation of the mode + bits. So, the octal integer value should look exactly as the chmod + numeric notation with a leading zero. Some examples: for chmod 640 + (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 + (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This + might be in conflict with other options that affect the file mode, + like fsGroup, and the result can be other mode bits set. This might + be in conflict with other options that affect the file mode, like + fsGroup, and as a result, other mode bits could be set. + format: int32 + secret: description: >- - The Cloud Storage bucket URI where the function source code is - located. + Required. The name of the secret in Cloud Secret Manager. Format: + {secret} if the secret is in the same project. + projects/{project}/secrets/{secret} if the secret is in a different + project. type: string - functionTarget: + items: + type: array + items: + $ref: '#/components/schemas/GoogleCloudRunV2VersionToPath' description: >- - Optional. The name of the function (as defined in source code) that - will be executed. Defaults to the resource name suffix, if not - specified. For backward compatibility, if function with given name - is not found, then the system will try to use function named - "function". - type: string - imageUri: - description: Optional. Artifact Registry URI to store the built image. - type: string - baseImage: - description: Optional. The base image used to build the function. + If unspecified, the volume will expose a file whose name is the + secret, relative to VolumeMount.mount_path + VolumeMount.sub_path. + If specified, the key will be used as the version to fetch from + Cloud Secret Manager and the path will be the name of the file + exposed in the volume. When items are defined, they must specify a + path and a version. + id: GoogleCloudRunV2SecretVolumeSource + GoogleCloudRunV2HTTPGetAction: + properties: + path: + description: Optional. Path to access on the HTTP server. Defaults to '/'. type: string - enableAutomaticUpdates: + port: description: >- - Optional. Sets whether the function will receive automatic base - image updates. - type: boolean - workerPool: + Optional. Port number to access on the container. Must be in the + range 1 to 65535. If not specified, defaults to the exposed port of + the container, which is the value of + container.ports[0].containerPort. + format: int32 + type: integer + httpHeaders: + items: + $ref: '#/components/schemas/GoogleCloudRunV2HTTPHeader' + type: array description: >- - Optional. Name of the Cloud Build Custom Worker Pool that should be - used to build the Cloud Run function. The format of this field is - `projects/{project}/locations/{region}/workerPools/{workerPool}` - where `{project}` and `{region}` are the project id and region - respectively where the worker pool is defined and `{workerPool}` is - the short name of the worker pool. - type: string - environmentVariables: + Optional. Custom headers to set in the request. HTTP allows repeated + headers. + id: GoogleCloudRunV2HTTPGetAction + type: object + description: HTTPGetAction describes an action based on HTTP Get requests. + GoogleCloudRunV2ResourceRequirements: + properties: + cpuIdle: description: >- - Optional. User-provided build-time environment variables for the - function + Determines whether CPU is only allocated during requests (true by + default). However, if ResourceRequirements is set, the caller must + explicitly set this field to true to preserve the default behavior. + type: boolean + startupCpuBoost: + type: boolean + description: >- + Determines whether CPU should be boosted on startup of a new + container instance above the requested CPU threshold, this can help + reduce cold-start latency. + limits: type: object additionalProperties: type: string - serviceAccount: description: >- - Optional. Service account to be used for building the container. The - format of this field is - `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. - type: string - GoogleCloudRunV2ListServicesResponse: - id: GoogleCloudRunV2ListServicesResponse - description: Response message containing a list of Services. + Only `memory`, `cpu` and `nvidia.com/gpu` keys in the map are + supported. Notes: * The only supported values for CPU are '1', '2', + '4', and '8'. Setting 4 CPU requires at least 2Gi of memory. For + more information, go to + https://cloud.google.com/run/docs/configuring/cpu. * For supported + 'memory' values and syntax, go to + https://cloud.google.com/run/docs/configuring/memory-limits * The + only supported 'nvidia.com/gpu' value is '1'. + id: GoogleCloudRunV2ResourceRequirements type: object - properties: - services: - description: The resulting list of Services. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2Service' - nextPageToken: - description: >- - A token indicating there are more items than page_size. Use it in - the next ListServices request to continue. - type: string - GoogleCloudRunV2Task: - id: GoogleCloudRunV2Task - description: Task represents a single run of a container to completion. + description: ResourceRequirements describes the compute resource requirements. + GoogleDevtoolsCloudbuildV1UploadedNpmPackage: type: object + description: >- + An npm package uploaded to Artifact Registry using the NpmPackage + directive. properties: - name: - description: Output only. The unique name of this Task. - readOnly: true + uri: type: string - uid: - description: >- - Output only. Server assigned unique identifier for the Task. The - value is a UUID4 string and guaranteed to remain unchanged until the - resource is deleted. + description: URI of the uploaded npm package. + pushTiming: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' readOnly: true - type: string - generation: description: >- - Output only. A number that monotonically increases every time the - user modifies the desired state. - readOnly: true + Output only. Stores timing information for pushing the specified + artifact. + fileHashes: + description: Hash types and values of the npm package. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1FileHashes' + artifactRegistryPackage: + description: Output only. Path to the artifact in Artifact Registry. type: string - format: int64 - labels: - description: >- - Output only. Unstructured key value map that can be used to organize - and categorize objects. User-provided labels are shared with - Google's billing system, so they can be used to filter, or break - down billing charges by team, component, environment, state, etc. - For more information, visit - https://cloud.google.com/resource-manager/docs/creating-managing-labels - or https://cloud.google.com/run/docs/configuring/labels - readOnly: true - type: object - additionalProperties: - type: string - annotations: - description: >- - Output only. Unstructured key value map that may be set by external - tools to store and arbitrary metadata. They are not queryable and - should be preserved when modifying objects. readOnly: true - type: object - additionalProperties: - type: string - createTime: - description: >- - Output only. Represents time when the task was created by the - system. It is not guaranteed to be set in happens-before order - across separate operations. + id: GoogleDevtoolsCloudbuildV1UploadedNpmPackage + GoogleCloudRunV2Task: + properties: + updateTime: readOnly: true - type: string format: google-datetime + type: string + description: Output only. The last-modified time. scheduledTime: + readOnly: true + type: string description: >- Output only. Represents time when the task was scheduled to run by the system. It is not guaranteed to be set in happens-before order across separate operations. + format: google-datetime + job: + type: string + description: Output only. The name of the parent Job. + readOnly: true + observedGeneration: + description: >- + Output only. The generation of this Task. See comments in + `Job.reconciling` for additional information on reconciliation + process in Cloud Run. readOnly: true + format: int64 type: string - format: google-datetime - startTime: + gpuZonalRedundancyDisabled: + type: boolean description: >- - Output only. Represents time when the task started to run. It is not - guaranteed to be set in happens-before order across separate - operations. + Optional. Output only. True if GPU zonal redundancy is disabled on + this task. readOnly: true - type: string - format: google-datetime completionTime: description: >- Output only. Represents time when the Task was completed. It is not guaranteed to be set in happens-before order across separate operations. readOnly: true - type: string format: google-datetime - updateTime: - description: Output only. The last-modified time. - readOnly: true type: string + createTime: format: google-datetime - deleteTime: - description: >- - Output only. For a deleted resource, the deletion time. It is only - populated as a response to a Delete request. - readOnly: true type: string - format: google-datetime - expireTime: description: >- - Output only. For a deleted resource, the time after which it will be - permamently deleted. It is only populated as a response to a Delete - request. - readOnly: true - type: string - format: google-datetime - job: - description: Output only. The name of the parent Job. - readOnly: true - type: string - execution: - description: Output only. The name of the parent Execution. + Output only. Represents time when the task was created by the + system. It is not guaranteed to be set in happens-before order + across separate operations. readOnly: true - type: string - containers: - description: >- - Holds the single container that defines the unit of execution for - this task. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2Container' - volumes: - description: A list of Volumes to make available to containers. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2Volume' maxRetries: - description: Number of retries allowed per Task, before marking this Task failed. - type: integer format: int32 - timeout: - description: >- - Max allowed time duration the Task may be active before the system - will actively try to mark it failed and kill associated containers. - This applies per attempt of a task, meaning each retry can run for - the full timeout. + type: integer + description: Number of retries allowed per Task, before marking this Task failed. + nodeSelector: + readOnly: true + description: Output only. The node selector for the task. + $ref: '#/components/schemas/GoogleCloudRunV2NodeSelector' + name: + readOnly: true + description: Output only. The unique name of this Task. type: string - format: google-duration serviceAccount: description: >- Email address of the IAM service account associated with the Task of @@ -3466,66 +3233,26 @@ components: task, and determines what permissions the task has. If not provided, the task will use the project's default service account. type: string - executionEnvironment: - description: The execution environment being used to host this Task. - type: string - enumDescriptions: - - Unspecified - - Uses the First Generation environment. - - Uses Second Generation environment. - enum: - - EXECUTION_ENVIRONMENT_UNSPECIFIED - - EXECUTION_ENVIRONMENT_GEN1 - - EXECUTION_ENVIRONMENT_GEN2 - reconciling: - description: >- - Output only. Indicates whether the resource's reconciliation is - still in progress. See comments in `Job.reconciling` for additional - information on reconciliation process in Cloud Run. - readOnly: true - type: boolean - conditions: - description: >- - Output only. The Condition of this Task, containing its readiness - status, and detailed error information in case it did not reach the - desired state. + annotations: + additionalProperties: + type: string readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2Condition' - observedGeneration: description: >- - Output only. The generation of this Task. See comments in - `Job.reconciling` for additional information on reconciliation - process in Cloud Run. - readOnly: true - type: string + Output only. Unstructured key value map that may be set by external + tools to store and arbitrary metadata. They are not queryable and + should be preserved when modifying objects. + type: object + generation: format: int64 - index: - description: >- - Output only. Index of the Task, unique per execution, and beginning - at 0. - readOnly: true - type: integer - format: int32 - retried: - description: >- - Output only. The number of times this Task was retried. Tasks are - retried when they fail up to the maxRetries limit. - readOnly: true - type: integer - format: int32 - lastAttemptResult: - description: Output only. Result of the last attempt of this Task. readOnly: true - $ref: '#/components/schemas/GoogleCloudRunV2TaskAttemptResult' - encryptionKey: + type: string description: >- - Output only. A reference to a customer managed encryption key (CMEK) - to use to encrypt this container image. For more information, go to - https://cloud.google.com/run/docs/securing/using-cmek - readOnly: true + Output only. A number that monotonically increases every time the + user modifies the desired state. + execution: type: string + readOnly: true + description: Output only. The name of the parent Execution. vpcAccess: description: >- Output only. VPC Access configuration to use for this Task. For more @@ -3537,1002 +3264,1257 @@ components: description: >- Output only. URI where logs for this execution can be found in Cloud Console. + type: string readOnly: true + deleteTime: type: string - satisfiesPzs: - description: Output only. Reserved for future use. + description: >- + Output only. For a deleted resource, the deletion time. It is only + populated as a response to a Delete request. readOnly: true - type: boolean - nodeSelector: - description: Output only. The node selector for the task. + format: google-datetime + index: + format: int32 + type: integer readOnly: true - $ref: '#/components/schemas/GoogleCloudRunV2NodeSelector' - gpuZonalRedundancyDisabled: description: >- - Optional. Output only. True if GPU zonal redundancy is disabled on - this task. + Output only. Index of the Task, unique per execution, and beginning + at 0. + lastAttemptResult: + description: Output only. Result of the last attempt of this Task. readOnly: true - type: boolean + $ref: '#/components/schemas/GoogleCloudRunV2TaskAttemptResult' + volumes: + items: + $ref: '#/components/schemas/GoogleCloudRunV2Volume' + type: array + description: A list of Volumes to make available to containers. etag: + readOnly: true + type: string description: >- Output only. A system-generated fingerprint for this version of the resource. May be used to detect modification conflict during updates. + reconciling: readOnly: true - type: string - GoogleCloudRunV2TaskAttemptResult: - id: GoogleCloudRunV2TaskAttemptResult - description: Result of a task attempt. - type: object - properties: - status: - description: >- - Output only. The status of this attempt. If the status code is OK, - then the attempt succeeded. - readOnly: true - $ref: '#/components/schemas/GoogleRpcStatus' - exitCode: - description: >- - Output only. The exit code of this attempt. This may be unset if the - container was unable to exit cleanly with a code due to some other - failure. See status field for possible failure details. At most one - of exit_code or term_signal will be set. - readOnly: true - type: integer - format: int32 - termSignal: - description: >- - Output only. Termination signal of the container. This is set to - non-zero if the container is terminated by the system. At most one - of exit_code or term_signal will be set. - readOnly: true - type: integer - format: int32 - GoogleCloudRunV2ListTasksResponse: - id: GoogleCloudRunV2ListTasksResponse - description: Response message containing a list of Tasks. - type: object - properties: - tasks: - description: The resulting list of Tasks. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2Task' - nextPageToken: - description: >- - A token indicating there are more items than page_size. Use it in - the next ListTasks request to continue. - type: string - GoogleCloudRunV2WorkerPool: - id: GoogleCloudRunV2WorkerPool - description: >- - WorkerPool acts as a top-level container that manages a set of - configurations and revision templates which implement a pull-based - workload. WorkerPool exists to provide a singular abstraction which can - be access controlled, reasoned about, and which encapsulates software - lifecycle decisions such as rollout policy and team resource ownership. - type: object - properties: - name: - description: >- - The fully qualified name of this WorkerPool. In - CreateWorkerPoolRequest, this field is ignored, and instead composed - from CreateWorkerPoolRequest.parent and - CreateWorkerPoolRequest.worker_id. Format: - `projects/{project}/locations/{location}/workerPools/{worker_id}` - type: string - description: - description: >- - User-provided description of the WorkerPool. This field currently - has a 512-character limit. - type: string - uid: description: >- - Output only. Server assigned unique identifier for the trigger. The - value is a UUID4 string and guaranteed to remain unchanged until the - resource is deleted. - readOnly: true - type: string - generation: + Output only. Indicates whether the resource's reconciliation is + still in progress. See comments in `Job.reconciling` for additional + information on reconciliation process in Cloud Run. + type: boolean + expireTime: description: >- - Output only. A number that monotonically increases every time the - user modifies the desired state. Please note that unlike v1, this is - an int64 value. As with most Google APIs, its JSON representation - will be a `string` instead of an `integer`. + Output only. For a deleted resource, the time after which it will be + permamently deleted. It is only populated as a response to a Delete + request. readOnly: true + format: google-datetime type: string - format: int64 labels: + additionalProperties: + type: string + type: object + readOnly: true description: >- - Optional. Unstructured key value map that can be used to organize + Output only. Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels - or https://cloud.google.com/run/docs/configuring/labels. Cloud Run - API v2 does not support labels with `run.googleapis.com`, - `cloud.googleapis.com`, `serving.knative.dev`, or - `autoscaling.knative.dev` namespaces, and they will be rejected. All - system labels in v1 now have a corresponding field in v2 WorkerPool. - type: object - additionalProperties: - type: string - annotations: + or https://cloud.google.com/run/docs/configuring/labels + retried: + type: integer + readOnly: true + format: int32 description: >- - Optional. Unstructured key value map that may be set by external - tools to store and arbitrary metadata. They are not queryable and - should be preserved when modifying objects. Cloud Run API v2 does - not support annotations with `run.googleapis.com`, - `cloud.googleapis.com`, `serving.knative.dev`, or - `autoscaling.knative.dev` namespaces, and they will be rejected in - new resources. All system annotations in v1 now have a corresponding - field in v2 WorkerPool. This field follows Kubernetes annotations' - namespacing, limits, and rules. - type: object - additionalProperties: - type: string - createTime: - description: Output only. The creation time. + Output only. The number of times this Task was retried. Tasks are + retried when they fail up to the maxRetries limit. + executionEnvironment: + enum: + - EXECUTION_ENVIRONMENT_UNSPECIFIED + - EXECUTION_ENVIRONMENT_GEN1 + - EXECUTION_ENVIRONMENT_GEN2 + description: The execution environment being used to host this Task. + type: string + enumDescriptions: + - Unspecified + - Uses the First Generation environment. + - Uses Second Generation environment. + encryptionKey: + description: >- + Output only. A reference to a customer managed encryption key (CMEK) + to use to encrypt this container image. For more information, go to + https://cloud.google.com/run/docs/securing/using-cmek readOnly: true type: string - format: google-datetime - updateTime: - description: Output only. The last-modified time. + satisfiesPzs: + type: boolean readOnly: true + description: Output only. Reserved for future use. + timeout: + format: google-duration type: string - format: google-datetime - deleteTime: description: >- - Output only. The deletion time. It is only populated as a response - to a Delete request. + Max allowed time duration the Task may be active before the system + will actively try to mark it failed and kill associated containers. + This applies per attempt of a task, meaning each retry can run for + the full timeout. + conditions: readOnly: true - type: string + items: + $ref: '#/components/schemas/GoogleCloudRunV2Condition' + type: array + description: >- + Output only. The Condition of this Task, containing its readiness + status, and detailed error information in case it did not reach the + desired state. + startTime: format: google-datetime - expireTime: description: >- - Output only. For a deleted resource, the time after which it will be - permamently deleted. + Output only. Represents time when the task started to run. It is not + guaranteed to be set in happens-before order across separate + operations. readOnly: true type: string - format: google-datetime - creator: - description: Output only. Email address of the authenticated creator. + containers: + type: array + items: + $ref: '#/components/schemas/GoogleCloudRunV2Container' + description: >- + Holds the single container that defines the unit of execution for + this task. + uid: readOnly: true type: string - lastModifier: - description: Output only. Email address of the last authenticated modifier. - readOnly: true + description: >- + Output only. Server assigned unique identifier for the Task. The + value is a UUID4 string and guaranteed to remain unchanged until the + resource is deleted. + description: Task represents a single run of a container to completion. + type: object + id: GoogleCloudRunV2Task + GoogleCloudRunV2ListJobsResponse: + id: GoogleCloudRunV2ListJobsResponse + type: object + properties: + nextPageToken: type: string - client: - description: Arbitrary identifier for the API client. + description: >- + A token indicating there are more items than page_size. Use it in + the next ListJobs request to continue. + jobs: + type: array + items: + $ref: '#/components/schemas/GoogleCloudRunV2Job' + description: The resulting list of Jobs. + description: Response message containing a list of Jobs. + GoogleLongrunningListOperationsResponse: + description: The response message for Operations.ListOperations. + type: object + id: GoogleLongrunningListOperationsResponse + properties: + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + items: + type: string + type: array + operations: + items: + $ref: '#/components/schemas/GoogleLongrunningOperation' + type: array + description: >- + A list of operations that matches the specified filter in the + request. + nextPageToken: + description: The standard List next-page token. type: string - clientVersion: - description: Arbitrary version identifier for the API client. + GoogleCloudRunV2SubmitBuildResponse: + description: Response message for submitting a Build. + properties: + baseImageUri: + description: >- + URI of the base builder image in Artifact Registry being used in the + build. Used to opt into automatic base image updates. type: string - launchStage: + buildOperation: + $ref: '#/components/schemas/GoogleLongrunningOperation' + description: Cloud Build operation to be polled via CloudBuild API. + baseImageWarning: + type: string + description: Warning message for the base image. + id: GoogleCloudRunV2SubmitBuildResponse + type: object + GoogleDevtoolsCloudbuildV1FailureInfo: + properties: + detail: + description: Explains the failure issue in more detail using hard-coded text. + type: string + type: + description: The name of the failure. + type: string + enumDescriptions: + - Type unspecified + - Unable to push the image to the repository. + - Final image not found. + - Unauthorized push of the final image. + - Backend logging failures. Should retry. + - A build step has failed. + - The source fetching has failed. + enum: + - FAILURE_TYPE_UNSPECIFIED + - PUSH_FAILED + - PUSH_IMAGE_NOT_FOUND + - PUSH_NOT_AUTHORIZED + - LOGGING_FAILURE + - USER_BUILD_STEP + - FETCH_SOURCE_FAILED + description: A fatal problem encountered during the execution of the build. + type: object + id: GoogleDevtoolsCloudbuildV1FailureInfo + GoogleDevtoolsCloudbuildV1BuildOptions: + type: object + description: Optional arguments to enable specific features of builds. + id: GoogleDevtoolsCloudbuildV1BuildOptions + properties: + enableStructuredLogging: + type: boolean description: >- - Optional. The launch stage as defined by [Google Cloud Platform - Launch Stages](https://cloud.google.com/terms/launch-stages). Cloud - Run supports `ALPHA`, `BETA`, and `GA`. If no value is specified, GA - is assumed. Set the launch stage to a preview stage on input to - allow use of preview features in that stage. On read (or output), - describes whether the resource uses preview features. For example, - if ALPHA is provided as input, but only BETA and GA-level features - are used, this field will be BETA on output. + Optional. Option to specify whether structured logging is enabled. + If true, JSON-formatted logs are parsed as structured logs. + logStreamingOption: + enum: + - STREAM_DEFAULT + - STREAM_ON + - STREAM_OFF type: string + description: Option to define build log streaming behavior to Cloud Storage. enumDescriptions: - - Do not use this default value. - - The feature is not yet implemented. Users can not use it. - - >- - Prelaunch features are hidden from users and are only visible - internally. - - >- - Early Access features are limited to a closed group of testers. To - use these features, you must sign up in advance and sign a Trusted - Tester agreement (which includes confidentiality provisions). - These features may be unstable, changed in backward-incompatible - ways, and are not guaranteed to be released. - - >- - Alpha is a limited availability test for releases before they are - cleared for widespread use. By Alpha, all significant design - issues are resolved and we are in the process of verifying - functionality. Alpha customers need to apply for access, agree to - applicable terms, and have their projects allowlisted. Alpha - releases don't have to be feature complete, no SLAs are provided, - and there are no technical support obligations, but they will be - far enough along that customers can actually use them in test - environments or for limited-use tests -- just like they would in - normal production cases. + - Service may automatically determine build log streaming behavior. + - Build logs should be streamed to Cloud Storage. - >- - Beta is the point at which we are ready to open a release for any - customer to use. There are no SLA or technical support obligations - in a Beta release. Products will be complete from a feature - perspective, but may have some open outstanding issues. Beta - releases are suitable for limited production use cases. + Build logs should not be streamed to Cloud Storage; they will be + written when the build is completed. + machineType: + type: string + enumDeprecated: + - false + - true + - true + - false + - false + - false + description: Compute Engine machine type on which to run the build. + enumDescriptions: + - Standard machine type. + - Highcpu machine with 8 CPUs. + - Highcpu machine with 32 CPUs. + - Highcpu e2 machine with 8 CPUs. + - Highcpu e2 machine with 32 CPUs. + - E2 machine with 1 CPU. + enum: + - UNSPECIFIED + - N1_HIGHCPU_8 + - N1_HIGHCPU_32 + - E2_HIGHCPU_8 + - E2_HIGHCPU_32 + - E2_MEDIUM + defaultLogsBucketBehavior: + description: Optional. Option to specify how default logs buckets are setup. + type: string + enumDescriptions: + - Unspecified. - >- - GA features are open to all developers and are considered stable - and fully qualified for production use. + Bucket is located in user-owned project in the same region as the + build. The builder service account must have access to create and + write to Cloud Storage buckets in the build project. - >- - Deprecated features are scheduled to be shut down and removed. For - more information, see the "Deprecation Policy" section of our - [Terms of Service](https://cloud.google.com/terms/) and the - [Google Cloud Platform Subject to the Deprecation - Policy](https://cloud.google.com/terms/deprecation) documentation. + Bucket is located in a Google-owned project and is not + regionalized. enum: - - LAUNCH_STAGE_UNSPECIFIED - - UNIMPLEMENTED - - PRELAUNCH - - EARLY_ACCESS - - ALPHA - - BETA - - GA - - DEPRECATED - binaryAuthorization: - description: Optional. Settings for the Binary Authorization feature. - $ref: '#/components/schemas/GoogleCloudRunV2BinaryAuthorization' - template: - description: Required. The template used to create revisions for this WorkerPool. - $ref: '#/components/schemas/GoogleCloudRunV2WorkerPoolRevisionTemplate' - instanceSplits: - description: >- - Optional. Specifies how to distribute instances over a collection of - Revisions belonging to the WorkerPool. If instance split is empty or - not provided, defaults to 100% instances assigned to the latest - `Ready` Revision. + - DEFAULT_LOGS_BUCKET_BEHAVIOR_UNSPECIFIED + - REGIONAL_USER_OWNED_BUCKET + - LEGACY_BUCKET + sourceProvenanceHash: type: array + description: Requested hash for SourceProvenance. items: - $ref: '#/components/schemas/GoogleCloudRunV2InstanceSplit' - scaling: - description: Optional. Specifies worker-pool-level scaling settings - $ref: '#/components/schemas/GoogleCloudRunV2WorkerPoolScaling' - observedGeneration: - description: >- - Output only. The generation of this WorkerPool currently serving - workloads. See comments in `reconciling` for additional information - on reconciliation process in Cloud Run. Please note that unlike v1, - this is an int64 value. As with most Google APIs, its JSON - representation will be a `string` instead of an `integer`. - readOnly: true + type: string + enum: + - NONE + - SHA256 + - MD5 + - GO_MODULE_H1 + - SHA512 + enumDescriptions: + - No hash requested. + - Use a sha256 hash. + - Use a md5 hash. + - Dirhash of a Go module's source code which is then hex-encoded. + - Use a sha512 hash. + diskSizeGb: type: string format: int64 - terminalCondition: description: >- - Output only. The Condition of this WorkerPool, containing its - readiness status, and detailed error information in case it did not - reach a serving state. See comments in `reconciling` for additional - information on reconciliation process in Cloud Run. - readOnly: true - $ref: '#/components/schemas/GoogleCloudRunV2Condition' - conditions: + Requested disk size for the VM that runs the build. Note that this + is *NOT* "disk free"; some of the space will be used by the + operating system and build utilities. Also note that this is the + minimum disk size that will be allocated for the build -- the build + may run with a larger disk than requested. At present, the maximum + disk size is 4000GB; builds that request more than the maximum are + rejected with an error. + dynamicSubstitutions: description: >- - Output only. The Conditions of all other associated sub-resources. - They contain additional diagnostics information in case the - WorkerPool does not reach its Serving state. See comments in - `reconciling` for additional information on reconciliation process - in Cloud Run. - readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2Condition' - latestReadyRevision: + Option to specify whether or not to apply bash style string + operations to the substitutions. NOTE: this is always enabled for + triggered builds and cannot be overridden in the build configuration + file. + type: boolean + pool: description: >- - Output only. Name of the latest revision that is serving workloads. - See comments in `reconciling` for additional information on - reconciliation process in Cloud Run. - readOnly: true - type: string - latestCreatedRevision: + Optional. Specification for execution on a `WorkerPool`. See + [running builds in a private + pool](https://cloud.google.com/build/docs/private-pools/run-builds-in-private-pool) + for more information. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1PoolOption' + pubsubTopic: description: >- - Output only. Name of the last created revision. See comments in - `reconciling` for additional information on reconciliation process - in Cloud Run. - readOnly: true + Optional. Option to specify the Pub/Sub topic to receive build + status updates. type: string - instanceSplitStatuses: - description: >- - Output only. Detailed status information for corresponding instance - splits. See comments in `reconciling` for additional information on - reconciliation process in Cloud Run. - readOnly: true - type: array + volumes: items: - $ref: '#/components/schemas/GoogleCloudRunV2InstanceSplitStatus' - customAudiences: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Volume' description: >- - One or more custom audiences that you want this worker pool to - support. Specify each custom audience as the full URL in a string. - The custom audiences are encoded in the token and used to - authenticate requests. For more information, see - https://cloud.google.com/run/docs/configuring/custom-audiences. + Global list of volumes to mount for ALL build steps Each volume is + created as an empty volume prior to starting the build process. Upon + completion of the build, volumes and their contents are discarded. + Global volume names and paths cannot conflict with the volumes + defined a build step. Using a global volume in a build with only one + step is not valid as it is indicative of a build request with an + incorrect configuration. type: array + secretEnv: + description: >- + A list of global environment variables, which are encrypted using a + Cloud Key Management Service crypto key. These values must be + specified in the build's `Secret`. These variables will be available + to all build steps in this build. items: type: string - satisfiesPzs: - description: Output only. Reserved for future use. - readOnly: true - type: boolean - reconciling: - description: >- - Output only. Returns true if the WorkerPool is currently being acted - upon by the system to bring it into the desired state. When a new - WorkerPool is created, or an existing one is updated, Cloud Run will - asynchronously perform all necessary steps to bring the WorkerPool - to the desired serving state. This process is called reconciliation. - While reconciliation is in process, `observed_generation`, - `latest_ready_revison`, `instance_split_statuses`, and `uri` will - have transient values that might mismatch the intended state: Once - reconciliation is over (and this field is false), there are two - possible outcomes: reconciliation succeeded and the serving state - matches the WorkerPool, or there was an error, and reconciliation - failed. This state can be found in `terminal_condition.state`. If - reconciliation succeeded, the following fields will match: - `instance_splits` and `instance_split_statuses`, - `observed_generation` and `generation`, `latest_ready_revision` and - `latest_created_revision`. If reconciliation failed, - `instance_split_statuses`, `observed_generation`, and - `latest_ready_revision` will have the state of the last serving - revision, or empty for newly created WorkerPools. Additional - information on the failure can be found in `terminal_condition` and - `conditions`. - readOnly: true - type: boolean - etag: - description: >- - Optional. A system-generated fingerprint for this version of the - resource. May be used to detect modification conflict during - updates. - type: string - GoogleCloudRunV2WorkerPoolRevisionTemplate: - id: GoogleCloudRunV2WorkerPoolRevisionTemplate - description: >- - WorkerPoolRevisionTemplate describes the data a worker pool revision - should have when created from a template. - type: object - properties: - revision: - description: >- - Optional. The unique name for the revision. If this field is - omitted, it will be automatically generated based on the WorkerPool - name. + type: array + logging: + enumDeprecated: + - false + - false + - false + - true + - false + - false type: string - labels: - description: >- - Optional. Unstructured key value map that can be used to organize - and categorize objects. User-provided labels are shared with - Google's billing system, so they can be used to filter, or break - down billing charges by team, component, environment, state, etc. - For more information, visit - https://cloud.google.com/resource-manager/docs/creating-managing-labels - or https://cloud.google.com/run/docs/configuring/labels. Cloud Run - API v2 does not support labels with `run.googleapis.com`, - `cloud.googleapis.com`, `serving.knative.dev`, or - `autoscaling.knative.dev` namespaces, and they will be rejected. All - system labels in v1 now have a corresponding field in v2 - WorkerPoolRevisionTemplate. - type: object - additionalProperties: - type: string - annotations: - description: >- - Optional. Unstructured key value map that may be set by external - tools to store and arbitrary metadata. They are not queryable and - should be preserved when modifying objects. Cloud Run API v2 does - not support annotations with `run.googleapis.com`, - `cloud.googleapis.com`, `serving.knative.dev`, or - `autoscaling.knative.dev` namespaces, and they will be rejected. All - system annotations in v1 now have a corresponding field in v2 - WorkerPoolRevisionTemplate. This field follows Kubernetes - annotations' namespacing, limits, and rules. - type: object - additionalProperties: - type: string - vpcAccess: - description: >- - Optional. VPC Access configuration to use for this Revision. For - more information, visit - https://cloud.google.com/run/docs/configuring/connecting-vpc. - $ref: '#/components/schemas/GoogleCloudRunV2VpcAccess' - serviceAccount: + enum: + - LOGGING_UNSPECIFIED + - LEGACY + - GCS_ONLY + - STACKDRIVER_ONLY + - CLOUD_LOGGING_ONLY + - NONE + enumDescriptions: + - >- + The service determines the logging mode. The default is `LEGACY`. + Do not rely on the default logging behavior as it may change in + the future. + - Build logs are stored in Cloud Logging and Cloud Storage. + - Build logs are stored in Cloud Storage. + - This option is the same as CLOUD_LOGGING_ONLY. + - >- + Build logs are stored in Cloud Logging. Selecting this option will + not allow [logs + streaming](https://cloud.google.com/sdk/gcloud/reference/builds/log). + - Turn off all logging. No build logs will be captured. description: >- - Optional. Email address of the IAM service account associated with - the revision of the service. The service account represents the - identity of the running revision, and determines what permissions - the revision has. If not provided, the revision will use the - project's default service account. + Option to specify the logging mode, which determines if and where + build logs are stored. + requestedVerifyOption: type: string - containers: + enum: + - NOT_VERIFIED + - VERIFIED + enumDescriptions: + - Not a verifiable build (the default). + - Build must be verified. + description: Requested verifiability options. + substitutionOption: + enum: + - MUST_MATCH + - ALLOW_LOOSE + type: string + enumDescriptions: + - >- + Fails the build if error in substitutions checks, like missing a + substitution in the template or in the map. + - Do not fail the build if error in substitutions checks. description: >- - Holds list of the containers that defines the unit of execution for - this Revision. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2Container' - volumes: - description: Optional. A list of Volumes to make available to containers. - type: array + Option to specify behavior when there is an error in the + substitution checks. NOTE: this is always set to ALLOW_LOOSE for + triggered builds and cannot be overridden in the build configuration + file. + env: items: - $ref: '#/components/schemas/GoogleCloudRunV2Volume' - encryptionKey: + type: string description: >- - A reference to a customer managed encryption key (CMEK) to use to - encrypt this container image. For more information, go to - https://cloud.google.com/run/docs/securing/using-cmek - type: string - serviceMesh: - description: Optional. Enables service mesh connectivity. - $ref: '#/components/schemas/GoogleCloudRunV2ServiceMesh' - encryptionKeyRevocationAction: - description: Optional. The action to take if the encryption key is revoked. - type: string - enumDescriptions: - - Unspecified - - Prevents the creation of new instances. - - Shuts down existing instances, and prevents creation of new ones. - enum: - - ENCRYPTION_KEY_REVOCATION_ACTION_UNSPECIFIED - - PREVENT_NEW - - SHUTDOWN - encryptionKeyShutdownDuration: + A list of global environment variable definitions that will exist + for all build steps in this build. If a variable is defined in both + globally and in a build step, the variable will use the build step + value. The elements are of the form "KEY=VALUE" for the environment + variable "KEY" being given the value "VALUE". + type: array + automapSubstitutions: + type: boolean description: >- - Optional. If encryption_key_revocation_action is SHUTDOWN, the - duration before shutting down all instances. The minimum increment - is 1 hour. + Option to include built-in and custom substitutions as env variables + for all build steps. + workerPool: type: string - format: google-duration - nodeSelector: - description: Optional. The node selector for the revision template. - $ref: '#/components/schemas/GoogleCloudRunV2NodeSelector' - gpuZonalRedundancyDisabled: + description: This field deprecated; please use `pool.name` instead. + deprecated: true + GoogleCloudRunV2CloudSqlInstance: + properties: + instances: + items: + type: string description: >- - Optional. True if GPU zonal redundancy is disabled on this worker - pool. - type: boolean - GoogleCloudRunV2InstanceSplit: - id: GoogleCloudRunV2InstanceSplit + The Cloud SQL instance connection names, as can be found in + https://console.cloud.google.com/sql/instances. Visit + https://cloud.google.com/sql/docs/mysql/connect-run for more + information on how to connect Cloud SQL and Cloud Run. Format: + {project}:{location}:{instance} + type: array description: >- - Holds a single instance split entry for the Worker. Allocations can be - done to a specific Revision name, or pointing to the latest Ready - Revision. + Represents a set of Cloud SQL instances. Each one will be available + under /cloudsql/[instance]. Visit + https://cloud.google.com/sql/docs/mysql/connect-run for more information + on how to connect Cloud SQL and Cloud Run. + id: GoogleCloudRunV2CloudSqlInstance + type: object + GoogleCloudRunV2Service: + id: GoogleCloudRunV2Service type: object properties: - type: - description: The allocation type for this instance split. + createTime: type: string - enumDescriptions: - - Unspecified instance allocation type. - - Allocates instances to the Service's latest ready Revision. - - Allocates instances to a Revision by name. - enum: - - INSTANCE_SPLIT_ALLOCATION_TYPE_UNSPECIFIED - - INSTANCE_SPLIT_ALLOCATION_TYPE_LATEST - - INSTANCE_SPLIT_ALLOCATION_TYPE_REVISION - revision: + readOnly: true + format: google-datetime + description: Output only. The creation time. + customAudiences: description: >- - Revision to which to assign this portion of instances, if split - allocation is by revision. - type: string - percent: + One or more custom audiences that you want this service to support. + Specify each custom audience as the full URL in a string. The custom + audiences are encoded in the token and used to authenticate + requests. For more information, see + https://cloud.google.com/run/docs/configuring/custom-audiences. + type: array + items: + type: string + ingress: description: >- - Specifies percent of the instance split to this Revision. This - defaults to zero if unspecified. - type: integer - format: int32 - GoogleCloudRunV2WorkerPoolScaling: - id: GoogleCloudRunV2WorkerPoolScaling - description: Worker pool scaling settings. - type: object - properties: - manualInstanceCount: - description: Optional. The total number of instances in manual scaling mode. - type: integer - format: int32 - GoogleCloudRunV2InstanceSplitStatus: - id: GoogleCloudRunV2InstanceSplitStatus - description: Represents the observed state of a single `InstanceSplit` entry. - type: object - properties: - type: - description: The allocation type for this instance split. + Optional. Provides the ingress settings for this Service. On output, + returns the currently observed ingress settings, or + INGRESS_TRAFFIC_UNSPECIFIED if no revision is active. type: string enumDescriptions: - - Unspecified instance allocation type. - - Allocates instances to the Service's latest ready Revision. - - Allocates instances to a Revision by name. + - Unspecified + - All inbound traffic is allowed. + - Only internal traffic is allowed. + - Both internal and Google Cloud Load Balancer traffic is allowed. + - No ingress traffic is allowed. enum: - - INSTANCE_SPLIT_ALLOCATION_TYPE_UNSPECIFIED - - INSTANCE_SPLIT_ALLOCATION_TYPE_LATEST - - INSTANCE_SPLIT_ALLOCATION_TYPE_REVISION - revision: - description: Revision to which this instance split is assigned. + - INGRESS_TRAFFIC_UNSPECIFIED + - INGRESS_TRAFFIC_ALL + - INGRESS_TRAFFIC_INTERNAL_ONLY + - INGRESS_TRAFFIC_INTERNAL_LOAD_BALANCER + - INGRESS_TRAFFIC_NONE + binaryAuthorization: + description: Optional. Settings for the Binary Authorization feature. + $ref: '#/components/schemas/GoogleCloudRunV2BinaryAuthorization' + updateTime: type: string - percent: - description: Specifies percent of the instance split to this Revision. - type: integer - format: int32 - GoogleCloudRunV2ListWorkerPoolsResponse: - id: GoogleCloudRunV2ListWorkerPoolsResponse - description: Response message containing a list of WorkerPools. - type: object - properties: - workerPools: - description: The resulting list of WorkerPools. - type: array - items: - $ref: '#/components/schemas/GoogleCloudRunV2WorkerPool' - nextPageToken: + format: google-datetime + description: Output only. The last-modified time. + readOnly: true + generation: + format: int64 description: >- - A token indicating there are more items than page_size. Use it in - the next ListWorkerPools request to continue. + Output only. A number that monotonically increases every time the + user modifies the desired state. Please note that unlike v1, this is + an int64 value. As with most Google APIs, its JSON representation + will be a `string` instead of an `integer`. + readOnly: true type: string - GoogleDevtoolsCloudbuildV1BuildOperationMetadata: - id: GoogleDevtoolsCloudbuildV1BuildOperationMetadata - description: Metadata for build operations. - type: object - properties: - build: - description: The build that the operation is tracking. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Build' - GoogleDevtoolsCloudbuildV1Build: - id: GoogleDevtoolsCloudbuildV1Build - description: >- - A build resource in the Cloud Build API. At a high level, a `Build` - describes where to find source code, how to build it (for example, the - builder image to run on the source), and where to store the built - artifacts. Fields can include the following variables, which will be - expanded when the build is created: - $PROJECT_ID: the project ID of the - build. - $PROJECT_NUMBER: the project number of the build. - $LOCATION: - the location/region of the build. - $BUILD_ID: the autogenerated ID of - the build. - $REPO_NAME: the source repository name specified by - RepoSource. - $BRANCH_NAME: the branch name specified by RepoSource. - - $TAG_NAME: the tag name specified by RepoSource. - $REVISION_ID or - $COMMIT_SHA: the commit SHA specified by RepoSource or resolved from the - specified branch or tag. - $SHORT_SHA: first 7 characters of - $REVISION_ID or $COMMIT_SHA. - type: object - properties: - name: + scaling: + $ref: '#/components/schemas/GoogleCloudRunV2ServiceScaling' + description: Optional. Specifies service-level scaling settings + terminalCondition: + description: >- + Output only. The Condition of this Service, containing its readiness + status, and detailed error information in case it did not reach a + serving state. See comments in `reconciling` for additional + information on reconciliation process in Cloud Run. + $ref: '#/components/schemas/GoogleCloudRunV2Condition' + readOnly: true + multiRegionSettings: + $ref: '#/components/schemas/GoogleCloudRunV2MultiRegionSettings' + description: Optional. Settings for multi-region deployment. + labels: + type: object + additionalProperties: + type: string description: >- - Output only. The 'Build' name with format: - `projects/{project}/locations/{location}/builds/{build}`, where - {build} is a unique identifier generated by the service. - readOnly: true + Optional. Unstructured key value map that can be used to organize + and categorize objects. User-provided labels are shared with + Google's billing system, so they can be used to filter, or break + down billing charges by team, component, environment, state, etc. + For more information, visit + https://cloud.google.com/resource-manager/docs/creating-managing-labels + or https://cloud.google.com/run/docs/configuring/labels. Cloud Run + API v2 does not support labels with `run.googleapis.com`, + `cloud.googleapis.com`, `serving.knative.dev`, or + `autoscaling.knative.dev` namespaces, and they will be rejected. All + system labels in v1 now have a corresponding field in v2 Service. + uri: type: string - id: - description: Output only. Unique identifier of the build. + description: Output only. The main URI in which this Service is serving traffic. readOnly: true - type: string - projectId: - description: Output only. ID of the project. + conditions: + description: >- + Output only. The Conditions of all other associated sub-resources. + They contain additional diagnostics information in case the Service + does not reach its Serving state. See comments in `reconciling` for + additional information on reconciliation process in Cloud Run. + items: + $ref: '#/components/schemas/GoogleCloudRunV2Condition' readOnly: true - type: string - status: - description: Output only. Status of the build. + type: array + trafficStatuses: + type: array readOnly: true + description: >- + Output only. Detailed status information for corresponding traffic + targets. See comments in `reconciling` for additional information on + reconciliation process in Cloud Run. + items: + $ref: '#/components/schemas/GoogleCloudRunV2TrafficTargetStatus' + etag: + description: >- + Optional. A system-generated fingerprint for this version of the + resource. May be used to detect modification conflict during + updates. type: string - enumDescriptions: - - Status of the build is unknown. - - >- - Build has been created and is pending execution and queuing. It - has not been queued. - - Build or step is queued; work has not yet begun. - - Build or step is being executed. - - Build or step finished successfully. - - Build or step failed to complete successfully. - - Build or step failed due to an internal cause. - - Build or step took longer than was allowed. - - Build or step was canceled by a user. - - Build was enqueued for longer than the value of `queue_ttl`. - enum: - - STATUS_UNKNOWN - - PENDING - - QUEUED - - WORKING - - SUCCESS - - FAILURE - - INTERNAL_ERROR - - TIMEOUT - - CANCELLED - - EXPIRED - statusDetail: - description: Output only. Customer-readable message about the current status. + urls: + items: + type: string readOnly: true - type: string - source: - description: Optional. The location of the source files to build. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Source' - steps: - description: Required. The operations to be performed on the workspace. type: array - items: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1BuildStep' - results: - description: Output only. Results of the build. + description: Output only. All URLs serving traffic for this Service. + latestReadyRevision: readOnly: true - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Results' - createTime: description: >- - Output only. Time at which the request to create the build was - received. - readOnly: true + Output only. Name of the latest revision that is serving traffic. + See comments in `reconciling` for additional information on + reconciliation process in Cloud Run. type: string - format: google-datetime - startTime: - description: Output only. Time at which execution of the build was started. - readOnly: true + name: type: string - format: google-datetime - finishTime: description: >- - Output only. Time at which execution of the build was finished. The - difference between finish_time and start_time is the duration of the - build's execution. + Identifier. The fully qualified name of this Service. In + CreateServiceRequest, this field is ignored, and instead composed + from CreateServiceRequest.parent and + CreateServiceRequest.service_id. Format: + projects/{project}/locations/{location}/services/{service_id} + creator: readOnly: true type: string - format: google-datetime - timeout: + description: Output only. Email address of the authenticated creator. + threatDetectionEnabled: + type: boolean + readOnly: true description: >- - Amount of time that this build should be allowed to run, to second - granularity. If this amount of time elapses, work on the build will - cease and the build status will be `TIMEOUT`. `timeout` starts - ticking from `startTime`. Default time is 60 minutes. + Output only. True if Cloud Run Threat Detection monitoring is + enabled for the parent project of this Service. + buildConfig: + description: Optional. Configuration for building a Cloud Run function. + $ref: '#/components/schemas/GoogleCloudRunV2BuildConfig' + iapEnabled: + description: Optional. IAP settings on the Service. + type: boolean + lastModifier: + readOnly: true + description: Output only. Email address of the last authenticated modifier. + type: string + clientVersion: + type: string + description: Arbitrary version identifier for the API client. + uid: type: string - format: google-duration - images: description: >- - A list of images to be pushed upon the successful completion of all - build steps. The images are pushed using the builder service - account's credentials. The digests of the pushed images will be - stored in the `Build` resource's results field. If any of the images - fail to be pushed, the build status is marked `FAILURE`. - type: array - items: - type: string - queueTtl: + Output only. Server assigned unique identifier for the trigger. The + value is a UUID4 string and guaranteed to remain unchanged until the + resource is deleted. + readOnly: true + template: + $ref: '#/components/schemas/GoogleCloudRunV2RevisionTemplate' + description: Required. The template used to create revisions for this Service. + client: + type: string + description: Arbitrary identifier for the API client. + description: description: >- - TTL in queue for this build. If provided and the build is enqueued - longer than this value, the build will expire and the build status - will be `EXPIRED`. The TTL starts ticking from create_time. + User-provided description of the Service. This field currently has a + 512-character limit. type: string - format: google-duration - artifacts: + traffic: description: >- - Artifacts produced by the build that should be uploaded upon - successful completion of all build steps. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Artifacts' - logsBucket: + Optional. Specifies how to distribute traffic over a collection of + Revisions belonging to the Service. If traffic is empty or not + provided, defaults to 100% traffic to the latest `Ready` Revision. + items: + $ref: '#/components/schemas/GoogleCloudRunV2TrafficTarget' + type: array + annotations: + type: object description: >- - Cloud Storage bucket where logs should be written (see [Bucket Name - Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). - Logs file names will be of the format - `${logs_bucket}/log-${build_id}.txt`. + Optional. Unstructured key value map that may be set by external + tools to store and arbitrary metadata. They are not queryable and + should be preserved when modifying objects. Cloud Run API v2 does + not support annotations with `run.googleapis.com`, + `cloud.googleapis.com`, `serving.knative.dev`, or + `autoscaling.knative.dev` namespaces, and they will be rejected in + new resources. All system annotations in v1 now have a corresponding + field in v2 Service. This field follows Kubernetes annotations' + namespacing, limits, and rules. + additionalProperties: + type: string + launchStage: type: string - sourceProvenance: - description: Output only. A permanent fixed identifier for source. - readOnly: true - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1SourceProvenance' - buildTriggerId: description: >- - Output only. The ID of the `BuildTrigger` that triggered this build, - if it was triggered automatically. - readOnly: true - type: string - options: - description: Special options for this build. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1BuildOptions' - logUrl: - description: Output only. URL to logs for this build in Google Cloud Console. + Optional. The launch stage as defined by [Google Cloud Platform + Launch Stages](https://cloud.google.com/terms/launch-stages). Cloud + Run supports `ALPHA`, `BETA`, and `GA`. If no value is specified, GA + is assumed. Set the launch stage to a preview stage on input to + allow use of preview features in that stage. On read (or output), + describes whether the resource uses preview features. For example, + if ALPHA is provided as input, but only BETA and GA-level features + are used, this field will be BETA on output. + enum: + - LAUNCH_STAGE_UNSPECIFIED + - UNIMPLEMENTED + - PRELAUNCH + - EARLY_ACCESS + - ALPHA + - BETA + - GA + - DEPRECATED + enumDescriptions: + - Do not use this default value. + - The feature is not yet implemented. Users can not use it. + - >- + Prelaunch features are hidden from users and are only visible + internally. + - >- + Early Access features are limited to a closed group of testers. To + use these features, you must sign up in advance and sign a Trusted + Tester agreement (which includes confidentiality provisions). + These features may be unstable, changed in backward-incompatible + ways, and are not guaranteed to be released. + - >- + Alpha is a limited availability test for releases before they are + cleared for widespread use. By Alpha, all significant design + issues are resolved and we are in the process of verifying + functionality. Alpha customers need to apply for access, agree to + applicable terms, and have their projects allowlisted. Alpha + releases don't have to be feature complete, no SLAs are provided, + and there are no technical support obligations, but they will be + far enough along that customers can actually use them in test + environments or for limited-use tests -- just like they would in + normal production cases. + - >- + Beta is the point at which we are ready to open a release for any + customer to use. There are no SLA or technical support obligations + in a Beta release. Products will be complete from a feature + perspective, but may have some open outstanding issues. Beta + releases are suitable for limited production use cases. + - >- + GA features are open to all developers and are considered stable + and fully qualified for production use. + - >- + Deprecated features are scheduled to be shut down and removed. For + more information, see the "Deprecation Policy" section of our + [Terms of Service](https://cloud.google.com/terms/) and the + [Google Cloud Platform Subject to the Deprecation + Policy](https://cloud.google.com/terms/deprecation) documentation. + deleteTime: readOnly: true type: string - substitutions: - description: Substitutions data for `Build` resource. - type: object - additionalProperties: - type: string - tags: - description: Tags for annotation of a `Build`. These are not docker tags. - type: array - items: - type: string - secrets: description: >- - Secrets to decrypt using Cloud Key Management Service. Note: Secret - Manager is the recommended technique for managing sensitive data - with Cloud Build. Use `available_secrets` to configure builds to - access secrets from Secret Manager. For instructions, see: - https://cloud.google.com/cloud-build/docs/securing-builds/use-secrets - type: array - items: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Secret' - timing: + Output only. The deletion time. It is only populated as a response + to a Delete request. + format: google-datetime + observedGeneration: description: >- - Output only. Stores timing information for phases of the build. - Valid keys are: * BUILD: time to execute all build steps. * PUSH: - time to push all artifacts including docker images and non docker - artifacts. * FETCHSOURCE: time to fetch source. * SETUPBUILD: time - to set up build. If the build does not specify source or images, - these keys will not be included. + Output only. The generation of this Service currently serving + traffic. See comments in `reconciling` for additional information on + reconciliation process in Cloud Run. Please note that unlike v1, + this is an int64 value. As with most Google APIs, its JSON + representation will be a `string` instead of an `integer`. + format: int64 + type: string readOnly: true - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' - approval: + expireTime: description: >- - Output only. Describes this build's approval configuration, status, - and result. + Output only. For a deleted resource, the time after which it will be + permanently deleted. + type: string + format: google-datetime readOnly: true - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1BuildApproval' - serviceAccount: + latestCreatedRevision: description: >- - IAM service account whose credentials will be used at build runtime. - Must be of the format - `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. ACCOUNT can be - email address or uniqueId of the service account. + Output only. Name of the last created revision. See comments in + `reconciling` for additional information on reconciliation process + in Cloud Run. type: string - availableSecrets: - description: Secrets and secret environment variables. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Secrets' - warnings: - description: >- - Output only. Non-fatal problems encountered during the execution of - the build. readOnly: true - type: array - items: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Warning' - gitConfig: - description: Optional. Configuration for git operations. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1GitConfig' - failureInfo: - description: >- - Output only. Contains information about the build when - status=FAILURE. + reconciling: readOnly: true - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1FailureInfo' - dependencies: - description: >- - Optional. Dependencies that the Cloud Build worker will fetch before - executing user steps. - type: array - items: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Dependency' - GoogleDevtoolsCloudbuildV1Source: - id: GoogleDevtoolsCloudbuildV1Source - description: Location of the source in a supported storage service. - type: object - properties: - storageSource: - description: If provided, get the source from this location in Cloud Storage. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1StorageSource' - repoSource: description: >- - If provided, get the source from this location in a Cloud Source - Repository. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1RepoSource' - gitSource: - description: If provided, get the source from this Git repository. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1GitSource' - storageSourceManifest: + Output only. Returns true if the Service is currently being acted + upon by the system to bring it into the desired state. When a new + Service is created, or an existing one is updated, Cloud Run will + asynchronously perform all necessary steps to bring the Service to + the desired serving state. This process is called reconciliation. + While reconciliation is in process, `observed_generation`, + `latest_ready_revision`, `traffic_statuses`, and `uri` will have + transient values that might mismatch the intended state: Once + reconciliation is over (and this field is false), there are two + possible outcomes: reconciliation succeeded and the serving state + matches the Service, or there was an error, and reconciliation + failed. This state can be found in `terminal_condition.state`. If + reconciliation succeeded, the following fields will match: `traffic` + and `traffic_statuses`, `observed_generation` and `generation`, + `latest_ready_revision` and `latest_created_revision`. If + reconciliation failed, `traffic_statuses`, `observed_generation`, + and `latest_ready_revision` will have the state of the last serving + revision, or empty for newly created Services. Additional + information on the failure can be found in `terminal_condition` and + `conditions`. + type: boolean + invokerIamDisabled: description: >- - If provided, get the source from this manifest in Cloud Storage. - This feature is in Preview; see description - [here](https://github.com/GoogleCloudPlatform/cloud-builders/tree/master/gcs-fetcher). - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1StorageSourceManifest' - connectedRepository: + Optional. Disables IAM permission check for run.routes.invoke for + callers of this service. For more information, visit + https://cloud.google.com/run/docs/securing/managing-access#invoker_check. + type: boolean + defaultUriDisabled: + type: boolean description: >- - Optional. If provided, get the source from this 2nd-gen Google Cloud - Build repository resource. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1ConnectedRepository' - developerConnectConfig: - description: If provided, get the source from this Developer Connect config. - $ref: >- - #/components/schemas/GoogleDevtoolsCloudbuildV1DeveloperConnectConfig - GoogleDevtoolsCloudbuildV1StorageSource: - id: GoogleDevtoolsCloudbuildV1StorageSource - description: Location of the source in an archive file in Cloud Storage. + Optional. Disables public resolution of the default URI of this + service. + satisfiesPzs: + type: boolean + readOnly: true + description: Output only. Reserved for future use. + description: >- + Service acts as a top-level container that manages a set of + configurations and revision templates which implement a network service. + Service exists to provide a singular abstraction which can be access + controlled, reasoned about, and which encapsulates software lifecycle + decisions such as rollout policy and team resource ownership. + GoogleDevtoolsCloudbuildV1SecretManagerSecret: type: object + id: GoogleDevtoolsCloudbuildV1SecretManagerSecret properties: - bucket: + versionName: + type: string description: >- - Cloud Storage bucket containing the source (see [Bucket Name - Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). + Resource name of the SecretVersion. In format: + projects/*/secrets/*/versions/* + env: + description: >- + Environment variable name to associate with the secret. Secret + environment variables must be unique across all of a build's + secrets, and must be used by at least one build step. + type: string + description: >- + Pairs a secret environment variable with a SecretVersion in Secret + Manager. + GoogleCloudRunV2SecretKeySelector: + properties: + version: type: string - object: description: >- - Required. Cloud Storage object containing the source. This object - must be a zipped (`.zip`) or gzipped archive file (`.tar.gz`) - containing source to build. + The Cloud Secret Manager secret version. Can be 'latest' for the + latest version, an integer for a specific version, or a version + alias. + secret: type: string - generation: description: >- - Optional. Cloud Storage generation for the object. If the generation - is omitted, the latest generation will be used. + Required. The name of the secret in Cloud Secret Manager. Format: + {secret_name} if the secret is in the same project. + projects/{project}/secrets/{secret_name} if the secret is in a + different project. + id: GoogleCloudRunV2SecretKeySelector + type: object + description: SecretEnvVarSource represents a source for the value of an EnvVar. + GoogleCloudRunV2NetworkInterface: + description: Direct VPC egress settings. + properties: + tags: + type: array + items: + type: string + description: Optional. Network tags applied to this Cloud Run resource. + subnetwork: type: string - format: int64 - sourceFetcher: description: >- - Optional. Option to specify the tool to fetch the source file for - the build. + Optional. The VPC subnetwork that the Cloud Run resource will get + IPs from. At least one of network or subnetwork must be specified. + If both network and subnetwork are specified, the given VPC + subnetwork must belong to the given VPC network. If subnetwork is + not specified, the subnetwork with the same name with the network + will be used. + network: + description: >- + Optional. The VPC network that the Cloud Run resource will be able + to send traffic to. At least one of network or subnetwork must be + specified. If both network and subnetwork are specified, the given + VPC subnetwork must belong to the given VPC network. If network is + not specified, it will be looked up from the subnetwork. type: string - enumDescriptions: - - Unspecified defaults to GSUTIL. - - Use the "gsutil" tool to download the source file. - - Use the Cloud Storage Fetcher tool to download the source file. - enum: - - SOURCE_FETCHER_UNSPECIFIED - - GSUTIL - - GCS_FETCHER - GoogleDevtoolsCloudbuildV1RepoSource: - id: GoogleDevtoolsCloudbuildV1RepoSource - description: Location of the source in a Google Cloud Source Repository. + id: GoogleCloudRunV2NetworkInterface + type: object + GoogleCloudRunV2RevisionScaling: + id: GoogleCloudRunV2RevisionScaling + type: object + description: Settings for revision-level scaling settings. + properties: + minInstanceCount: + description: >- + Optional. Minimum number of serving instances that this resource + should have. + format: int32 + type: integer + maxInstanceCount: + type: integer + format: int32 + description: >- + Optional. Maximum number of serving instances that this resource + should have. When unspecified, the field is set to the server + default value of 100. For more information see + https://cloud.google.com/run/docs/configuring/max-instances + GoogleCloudRunV2Revision: type: object properties: - projectId: + labels: + additionalProperties: + type: string + readOnly: true description: >- - Optional. ID of the project that owns the Cloud Source Repository. - If omitted, the project ID requesting the build is assumed. + Output only. Unstructured key value map that can be used to organize + and categorize objects. User-provided labels are shared with + Google's billing system, so they can be used to filter, or break + down billing charges by team, component, environment, state, etc. + For more information, visit + https://cloud.google.com/resource-manager/docs/creating-managing-labels + or https://cloud.google.com/run/docs/configuring/labels. + type: object + generation: + description: >- + Output only. A number that monotonically increases every time the + user modifies the desired state. + readOnly: true + format: int64 type: string - repoName: - description: Required. Name of the Cloud Source Repository. + service: type: string - branchName: + readOnly: true + description: Output only. The name of the parent service. + gpuZonalRedundancyDisabled: description: >- - Regex matching branches to build. The syntax of the regular - expressions accepted is the syntax accepted by RE2 and described at - https://github.com/google/re2/wiki/Syntax - type: string - tagName: + Optional. Output only. True if GPU zonal redundancy is disabled on + this revision. + type: boolean + readOnly: true + conditions: description: >- - Regex matching tags to build. The syntax of the regular expressions - accepted is the syntax accepted by RE2 and described at - https://github.com/google/re2/wiki/Syntax - type: string - commitSha: - description: Explicit commit SHA to build. + Output only. The Condition of this Revision, containing its + readiness status, and detailed error information in case it did not + reach a serving state. + items: + $ref: '#/components/schemas/GoogleCloudRunV2Condition' + readOnly: true + type: array + serviceMesh: + description: Enables service mesh connectivity. + $ref: '#/components/schemas/GoogleCloudRunV2ServiceMesh' + etag: + readOnly: true type: string - dir: description: >- - Optional. Directory, relative to the source root, in which to run - the build. This must be a relative path. If a step's `dir` is - specified and is an absolute path, this value is ignored for that - step's execution. - type: string - invertRegex: + Output only. A system-generated fingerprint for this version of the + resource. May be used to detect modification conflict during + updates. + containers: description: >- - Optional. Only trigger a build if the revision regex does NOT match - the revision regex. - type: boolean - substitutions: + Holds the single container that defines the unit of execution for + this Revision. + type: array + items: + $ref: '#/components/schemas/GoogleCloudRunV2Container' + vpcAccess: description: >- - Optional. Substitutions to use in a triggered build. Should only be - used with RunBuildTrigger + VPC Access configuration for this Revision. For more information, + visit https://cloud.google.com/run/docs/configuring/connecting-vpc. + $ref: '#/components/schemas/GoogleCloudRunV2VpcAccess' + updateTime: + type: string + description: Output only. The last-modified time. + format: google-datetime + readOnly: true + annotations: + description: >- + Output only. Unstructured key value map that may be set by external + tools to store and arbitrary metadata. They are not queryable and + should be preserved when modifying objects. type: object additionalProperties: type: string - GoogleDevtoolsCloudbuildV1GitSource: - id: GoogleDevtoolsCloudbuildV1GitSource - description: Location of the source in any accessible Git repository. - type: object - properties: - url: + readOnly: true + encryptionKey: description: >- - Required. Location of the Git repo to build. This will be used as a - `git remote`, see https://git-scm.com/docs/git-remote. + A reference to a customer managed encryption key (CMEK) to use to + encrypt this container image. For more information, go to + https://cloud.google.com/run/docs/securing/using-cmek type: string - dir: + executionEnvironment: + type: string + description: The execution environment being used to host this Revision. + enum: + - EXECUTION_ENVIRONMENT_UNSPECIFIED + - EXECUTION_ENVIRONMENT_GEN1 + - EXECUTION_ENVIRONMENT_GEN2 + enumDescriptions: + - Unspecified + - Uses the First Generation environment. + - Uses Second Generation environment. + serviceAccount: description: >- - Optional. Directory, relative to the source root, in which to run - the build. This must be a relative path. If a step's `dir` is - specified and is an absolute path, this value is ignored for that - step's execution. + Email address of the IAM service account associated with the + revision of the service. The service account represents the identity + of the running revision, and determines what permissions the + revision has. type: string - revision: + scaling: + $ref: '#/components/schemas/GoogleCloudRunV2RevisionScaling' + description: Scaling settings for this revision. + expireTime: description: >- - Optional. The revision to fetch from the Git repository such as a - branch, a tag, a commit SHA, or any Git ref. Cloud Build uses `git - fetch` to fetch the revision from the Git repository; therefore make - sure that the string you provide for `revision` is parsable by the - command. For information on string values accepted by `git fetch`, - see https://git-scm.com/docs/gitrevisions#_specifying_revisions. For - information on `git fetch`, see https://git-scm.com/docs/git-fetch. + Output only. For a deleted resource, the time after which it will be + permamently deleted. It is only populated as a response to a Delete + request. + readOnly: true + format: google-datetime type: string - GoogleDevtoolsCloudbuildV1StorageSourceManifest: - id: GoogleDevtoolsCloudbuildV1StorageSourceManifest - description: >- - Location of the source manifest in Cloud Storage. This feature is in - Preview; see description - [here](https://github.com/GoogleCloudPlatform/cloud-builders/tree/master/gcs-fetcher). - type: object - properties: - bucket: + creator: + readOnly: true + description: Output only. Email address of the authenticated creator. + type: string + maxInstanceRequestConcurrency: description: >- - Required. Cloud Storage bucket containing the source manifest (see - [Bucket Name - Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). + Sets the maximum number of requests that each serving instance can + receive. + format: int32 + type: integer + sessionAffinity: + description: Enable session affinity. + type: boolean + scalingStatus: + readOnly: true + $ref: '#/components/schemas/GoogleCloudRunV2RevisionScalingStatus' + description: >- + Output only. The current effective scaling settings for the + revision. + volumes: + items: + $ref: '#/components/schemas/GoogleCloudRunV2Volume' + type: array + description: A list of Volumes to make available to containers. + launchStage: + description: >- + The least stable launch stage needed to create this resource, as + defined by [Google Cloud Platform Launch + Stages](https://cloud.google.com/terms/launch-stages). Cloud Run + supports `ALPHA`, `BETA`, and `GA`. Note that this value might not + be what was used as input. For example, if ALPHA was provided as + input in the parent resource, but only BETA and GA-level features + are were, this field will be BETA. + enum: + - LAUNCH_STAGE_UNSPECIFIED + - UNIMPLEMENTED + - PRELAUNCH + - EARLY_ACCESS + - ALPHA + - BETA + - GA + - DEPRECATED type: string - object: + enumDescriptions: + - Do not use this default value. + - The feature is not yet implemented. Users can not use it. + - >- + Prelaunch features are hidden from users and are only visible + internally. + - >- + Early Access features are limited to a closed group of testers. To + use these features, you must sign up in advance and sign a Trusted + Tester agreement (which includes confidentiality provisions). + These features may be unstable, changed in backward-incompatible + ways, and are not guaranteed to be released. + - >- + Alpha is a limited availability test for releases before they are + cleared for widespread use. By Alpha, all significant design + issues are resolved and we are in the process of verifying + functionality. Alpha customers need to apply for access, agree to + applicable terms, and have their projects allowlisted. Alpha + releases don't have to be feature complete, no SLAs are provided, + and there are no technical support obligations, but they will be + far enough along that customers can actually use them in test + environments or for limited-use tests -- just like they would in + normal production cases. + - >- + Beta is the point at which we are ready to open a release for any + customer to use. There are no SLA or technical support obligations + in a Beta release. Products will be complete from a feature + perspective, but may have some open outstanding issues. Beta + releases are suitable for limited production use cases. + - >- + GA features are open to all developers and are considered stable + and fully qualified for production use. + - >- + Deprecated features are scheduled to be shut down and removed. For + more information, see the "Deprecation Policy" section of our + [Terms of Service](https://cloud.google.com/terms/) and the + [Google Cloud Platform Subject to the Deprecation + Policy](https://cloud.google.com/terms/deprecation) documentation. + timeout: + type: string + format: google-duration + description: Max allowed time for an instance to respond to a request. + createTime: + type: string + format: google-datetime + description: Output only. The creation time. + readOnly: true + satisfiesPzs: + type: boolean + readOnly: true + description: Output only. Reserved for future use. + observedGeneration: + type: string + format: int64 description: >- - Required. Cloud Storage object containing the source manifest. This - object must be a JSON file. + Output only. The generation of this Revision currently serving + traffic. See comments in `reconciling` for additional information on + reconciliation process in Cloud Run. + readOnly: true + encryptionKeyRevocationAction: + enum: + - ENCRYPTION_KEY_REVOCATION_ACTION_UNSPECIFIED + - PREVENT_NEW + - SHUTDOWN type: string - generation: + description: The action to take if the encryption key is revoked. + enumDescriptions: + - Unspecified + - Prevents the creation of new instances. + - Shuts down existing instances, and prevents creation of new ones. + reconciling: + readOnly: true description: >- - Cloud Storage generation for the object. If the generation is - omitted, the latest generation will be used. + Output only. Indicates whether the resource's reconciliation is + still in progress. See comments in `Service.reconciling` for + additional information on reconciliation process in Cloud Run. + type: boolean + uid: type: string - format: int64 - GoogleDevtoolsCloudbuildV1ConnectedRepository: - id: GoogleDevtoolsCloudbuildV1ConnectedRepository - description: >- - Location of the source in a 2nd-gen Google Cloud Build repository - resource. - type: object - properties: - repository: description: >- - Required. Name of the Google Cloud Build repository, formatted as - `projects/*/locations/*/connections/*/repositories/*`. + Output only. Server assigned unique identifier for the Revision. The + value is a UUID4 string and guaranteed to remain unchanged until the + resource is deleted. + readOnly: true + nodeSelector: + $ref: '#/components/schemas/GoogleCloudRunV2NodeSelector' + description: The node selector for the revision. + deleteTime: + format: google-datetime type: string - dir: description: >- - Optional. Directory, relative to the source root, in which to run - the build. + Output only. For a deleted resource, the deletion time. It is only + populated as a response to a Delete request. + readOnly: true + logUri: type: string - revision: + description: Output only. The Google Console URI to obtain logs for the Revision. + readOnly: true + encryptionKeyShutdownDuration: description: >- - Required. The revision to fetch from the Git repository such as a - branch, a tag, a commit SHA, or any Git ref. + If encryption_key_revocation_action is SHUTDOWN, the duration before + shutting down all instances. The minimum increment is 1 hour. type: string - GoogleDevtoolsCloudbuildV1DeveloperConnectConfig: - id: GoogleDevtoolsCloudbuildV1DeveloperConnectConfig - description: This config defines the location of a source through Developer Connect. + format: google-duration + name: + description: Output only. The unique name of this Revision. + type: string + readOnly: true + id: GoogleCloudRunV2Revision + description: >- + A Revision is an immutable snapshot of code and configuration. A + Revision references a container image. Revisions are only created by + updates to its parent Service. + Proto2BridgeMessageSet: + description: >- + This is proto2's version of MessageSet. DEPRECATED: DO NOT USE FOR NEW + FIELDS. If you are using editions or proto2, please make your own + extendable messages for your use case. If you are using proto3, please + use `Any` instead. MessageSet was the implementation of extensions for + proto1. When proto2 was introduced, extensions were implemented as a + first-class feature. This schema for MessageSet was meant to be a + "bridge" solution to migrate MessageSet-bearing messages from proto1 to + proto2. This schema has been open-sourced only to facilitate the + migration of Google products with MessageSet-bearing messages to + open-source environments. + properties: {} + deprecated: true + type: object + id: Proto2BridgeMessageSet + GoogleIamV1Binding: type: object + description: Associates `members`, or principals, with a `role`. + id: GoogleIamV1Binding properties: - gitRepositoryLink: + condition: description: >- - Required. The Developer Connect Git repository link, formatted as - `projects/*/locations/*/connections/*/gitRepositoryLink/*`. - type: string - dir: + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/GoogleTypeExpr' + role: description: >- - Required. Directory, relative to the source root, in which to run - the build. + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). type: string - revision: + members: + items: + type: string + type: array description: >- - Required. The revision to fetch from the Git repository such as a - branch, a tag, a commit SHA, or any Git ref. - type: string + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. GoogleDevtoolsCloudbuildV1BuildStep: - id: GoogleDevtoolsCloudbuildV1BuildStep - description: A step in the build pipeline. type: object + description: A step in the build pipeline. + id: GoogleDevtoolsCloudbuildV1BuildStep properties: - name: + exitCode: + type: integer + readOnly: true + description: Output only. Return code from running the step. + format: int32 + timing: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' + readOnly: true description: >- - Required. The name of the container image that will run this - particular build step. If the image is available in the host's - Docker daemon's cache, it will be run directly. If not, the host - will attempt to pull the image first, using the builder service - account's credentials if necessary. The Docker daemon's cache will - already have the latest versions of all of the officially supported - build steps - ([https://github.com/GoogleCloudPlatform/cloud-builders](https://github.com/GoogleCloudPlatform/cloud-builders)). - The Docker daemon will also have cached many of the layers for some - popular images, like "ubuntu", "debian", but they will be refreshed - at the time you attempt to use them. If you built an image in a - previous build step, it will be stored in the host's Docker daemon's - cache and is available to use as the name for a later build step. - type: string - env: + Output only. Stores timing information for executing this build + step. + allowFailure: description: >- - A list of environment variable definitions to be used when running a - step. The elements are of the form "KEY=VALUE" for the environment - variable "KEY" being given the value "VALUE". - type: array + Allow this build step to fail without failing the entire build. If + false, the entire build will fail if this step fails. Otherwise, the + build will succeed, but this step will still have a failure status. + Error information will be reported in the failure_detail field. + type: boolean + args: items: type: string - args: + type: array description: >- A list of arguments that will be presented to the step when it is started. If the image used to run the step's container has an @@ -4540,26 +4522,27 @@ components: the image does not define an entrypoint, the first element in args is used as the entrypoint, and the remainder will be used as arguments. - type: array - items: - type: string - dir: + script: description: >- - Working directory to use when running this step's container. If this - value is a relative path, it is relative to the build's working - directory. If this value is absolute, it may be outside the build's - working directory, in which case the contents of the path may not be - persisted across build step executions, unless a `volume` for that - path is specified. If the build specifies a `RepoSource` with `dir` - and a step with a `dir`, which specifies an absolute path, the - `RepoSource` `dir` is ignored for the step's execution. + A shell script to be executed in the step. When script is provided, + the user cannot specify the entrypoint or args. type: string - id: + entrypoint: description: >- - Unique identifier for this build step, used in `wait_for` to - reference this build step as a dependency. + Entrypoint to be used instead of the build step image's default + entrypoint. If unset, the image's default entrypoint is used. type: string + env: + description: >- + A list of environment variable definitions to be used when running a + step. The elements are of the form "KEY=VALUE" for the environment + variable "KEY" being given the value "VALUE". + items: + type: string + type: array waitFor: + items: + type: string description: >- The ID(s) of the step(s) that this build step depends on. This build step will not start until all the build steps in `wait_for` have @@ -4567,21 +4550,14 @@ components: start when all previous build steps in the `Build.Steps` list have completed successfully. type: array - items: - type: string - entrypoint: - description: >- - Entrypoint to be used instead of the build step image's default - entrypoint. If unset, the image's default entrypoint is used. - type: string secretEnv: description: >- A list of environment variables which are encrypted using a Cloud Key Management Service crypto key. These values must be specified in the build's `Secret`. - type: array items: type: string + type: array volumes: description: >- List of volumes to mount into the build step. Each volume is created @@ -4592,32 +4568,71 @@ components: type: array items: $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Volume' - timing: + timeout: + type: string description: >- - Output only. Stores timing information for executing this build - step. + Time limit for executing this build step. If not defined, the step + has no time limit and will be allowed to continue to run until + either it completes or the build itself times out. + format: google-duration + pullTiming: readOnly: true $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' - pullTiming: description: >- Output only. Stores timing information for pulling this build step's builder image only. - readOnly: true - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' - timeout: + allowExitCodes: description: >- - Time limit for executing this build step. If not defined, the step - has no time limit and will be allowed to continue to run until - either it completes or the build itself times out. + Allow this build step to fail without failing the entire build if + and only if the exit code is one of the specified codes. If + allow_failure is also specified, this field will take precedence. + items: + format: int32 + type: integer + type: array + dir: + type: string + description: >- + Working directory to use when running this step's container. If this + value is a relative path, it is relative to the build's working + directory. If this value is absolute, it may be outside the build's + working directory, in which case the contents of the path may not be + persisted across build step executions, unless a `volume` for that + path is specified. If the build specifies a `RepoSource` with `dir` + and a step with a `dir`, which specifies an absolute path, the + `RepoSource` `dir` is ignored for the step's execution. + automapSubstitutions: + description: >- + Option to include built-in and custom substitutions as env variables + for this build step. This option will override the global option in + BuildOption. + type: boolean + id: + description: >- + Unique identifier for this build step, used in `wait_for` to + reference this build step as a dependency. + type: string + name: + description: >- + Required. The name of the container image that will run this + particular build step. If the image is available in the host's + Docker daemon's cache, it will be run directly. If not, the host + will attempt to pull the image first, using the builder service + account's credentials if necessary. The Docker daemon's cache will + already have the latest versions of all of the officially supported + build steps + ([https://github.com/GoogleCloudPlatform/cloud-builders](https://github.com/GoogleCloudPlatform/cloud-builders)). + The Docker daemon will also have cached many of the layers for some + popular images, like "ubuntu", "debian", but they will be refreshed + at the time you attempt to use them. If you built an image in a + previous build step, it will be stored in the host's Docker daemon's + cache and is available to use as the name for a later build step. type: string - format: google-duration status: description: >- Output only. Status of the build step. At this time, build step status is only updated on build completion; step status is not updated in real-time as the build progresses. - readOnly: true - type: string enumDescriptions: - Status of the build is unknown. - >- @@ -4642,1038 +4657,1108 @@ components: - TIMEOUT - CANCELLED - EXPIRED - allowFailure: - description: >- - Allow this build step to fail without failing the entire build. If - false, the entire build will fail if this step fails. Otherwise, the - build will succeed, but this step will still have a failure status. - Error information will be reported in the failure_detail field. - type: boolean - exitCode: - description: Output only. Return code from running the step. readOnly: true - type: integer - format: int32 - allowExitCodes: + type: string + GoogleCloudRunV2RunJobRequest: + type: object + properties: + validateOnly: + type: boolean description: >- - Allow this build step to fail without failing the entire build if - and only if the exit code is one of the specified codes. If - allow_failure is also specified, this field will take precedence. + Indicates that the request should be validated without actually + deleting any resources. + etag: + description: >- + A system-generated fingerprint for this version of the resource. May + be used to detect modification conflict during updates. + type: string + overrides: + description: >- + Overrides specification for a given execution of a job. If provided, + overrides will be applied to update the execution or task spec. + $ref: '#/components/schemas/GoogleCloudRunV2Overrides' + description: Request message to create a new Execution of a Job. + id: GoogleCloudRunV2RunJobRequest + GoogleDevtoolsCloudbuildV1Artifacts: + properties: + objects: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1ArtifactObjects' + description: >- + A list of objects to be uploaded to Cloud Storage upon successful + completion of all build steps. Files in the workspace matching + specified paths globs will be uploaded to the specified Cloud + Storage location using the builder service account's credentials. + The location and generation of the uploaded objects will be stored + in the Build resource's results field. If any objects fail to be + pushed, the build is marked FAILURE. + pythonPackages: + items: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1PythonPackage' + type: array + description: >- + A list of Python packages to be uploaded to Artifact Registry upon + successful completion of all build steps. The build service account + credentials will be used to perform the upload. If any objects fail + to be pushed, the build is marked FAILURE. + npmPackages: + items: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1NpmPackage' + description: >- + A list of npm packages to be uploaded to Artifact Registry upon + successful completion of all build steps. Npm packages in the + specified paths will be uploaded to the specified Artifact Registry + repository using the builder service account's credentials. If any + packages fail to be pushed, the build is marked FAILURE. type: array + images: + description: >- + A list of images to be pushed upon the successful completion of all + build steps. The images will be pushed using the builder service + account's credentials. The digests of the pushed images will be + stored in the Build resource's results field. If any of the images + fail to be pushed, the build is marked FAILURE. items: - type: integer - format: int32 - script: + type: string + type: array + mavenArtifacts: description: >- - A shell script to be executed in the step. When script is provided, - the user cannot specify the entrypoint or args. + A list of Maven artifacts to be uploaded to Artifact Registry upon + successful completion of all build steps. Artifacts in the workspace + matching specified paths globs will be uploaded to the specified + Artifact Registry repository using the builder service account's + credentials. If any artifacts fail to be pushed, the build is marked + FAILURE. + items: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1MavenArtifact' + type: array + goModules: + type: array + items: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1GoModule' + description: >- + Optional. A list of Go modules to be uploaded to Artifact Registry + upon successful completion of all build steps. If any objects fail + to be pushed, the build is marked FAILURE. + type: object + id: GoogleDevtoolsCloudbuildV1Artifacts + description: >- + Artifacts produced by a build that should be uploaded upon successful + completion of all build steps. + GoogleIamV1SetIamPolicyRequest: + type: object + id: GoogleIamV1SetIamPolicyRequest + description: Request message for `SetIamPolicy` method. + properties: + policy: + $ref: '#/components/schemas/GoogleIamV1Policy' + description: >- + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + updateMask: + format: google-fieldmask + description: >- + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` type: string - automapSubstitutions: + GoogleCloudRunV2ListWorkerPoolsResponse: + properties: + nextPageToken: description: >- - Option to include built-in and custom substitutions as env variables - for this build step. This option will override the global option in - BuildOption. - type: boolean - GoogleDevtoolsCloudbuildV1Volume: - id: GoogleDevtoolsCloudbuildV1Volume + A token indicating there are more items than page_size. Use it in + the next ListWorkerPools request to continue. + type: string + workerPools: + items: + $ref: '#/components/schemas/GoogleCloudRunV2WorkerPool' + type: array + description: The resulting list of WorkerPools. + description: Response message containing a list of WorkerPools. + id: GoogleCloudRunV2ListWorkerPoolsResponse + type: object + GoogleDevtoolsCloudbuildV1ApprovalResult: + id: GoogleDevtoolsCloudbuildV1ApprovalResult + properties: + approverAccount: + type: string + readOnly: true + description: >- + Output only. Email of the user that called the ApproveBuild API to + approve or reject a build at the time that the API was called. + decision: + enum: + - DECISION_UNSPECIFIED + - APPROVED + - REJECTED + description: Required. The decision of this manual approval. + enumDescriptions: + - Default enum type. This should not be used. + - Build is approved. + - Build is rejected. + type: string + url: + description: >- + Optional. An optional URL tied to this manual approval result. This + field is essentially the same as comment, except that it will be + rendered by the UI differently. An example use case is a link to an + external job that approved this Build. + type: string + comment: + description: Optional. An optional comment for this manual approval result. + type: string + approvalTime: + type: string + description: Output only. The time when the approval decision was made. + format: google-datetime + readOnly: true description: >- - Volume describes a Docker container volume which is mounted into build - steps in order to persist files across build step execution. + ApprovalResult describes the decision and associated metadata of a + manual approval of a build. type: object + GoogleDevtoolsCloudbuildV1NpmPackage: + id: GoogleDevtoolsCloudbuildV1NpmPackage properties: - name: + repository: description: >- - Name of the volume to mount. Volume names must be unique per build - step and must be valid names for Docker volumes. Each named volume - must be used by at least two build steps. + Artifact Registry repository, in the form + "https://$REGION-npm.pkg.dev/$PROJECT/$REPOSITORY" Npm package in + the workspace specified by path will be zipped and uploaded to + Artifact Registry with this location as a prefix. type: string - path: + packagePath: description: >- - Path at which to mount the volume. Paths must be absolute and cannot - conflict with other volume paths on the same build step or with - certain reserved volume paths. + Optional. Path to the package.json. e.g. workspace/path/to/package + Only one of `archive` or `package_path` can be specified. type: string - GoogleDevtoolsCloudbuildV1TimeSpan: - id: GoogleDevtoolsCloudbuildV1TimeSpan - description: Start and end times for a build execution phase. type: object - properties: - startTime: - description: Start of time span. - type: string - format: google-datetime - endTime: - description: End of time span. - type: string - format: google-datetime - GoogleDevtoolsCloudbuildV1Results: - id: GoogleDevtoolsCloudbuildV1Results - description: Artifacts created by the build pipeline. + description: >- + Npm package to upload to Artifact Registry upon successful completion of + all build steps. + GoogleCloudRunV2GCSVolumeSource: type: object + id: GoogleCloudRunV2GCSVolumeSource properties: - images: - description: Container images that were built as a part of the build. - type: array + readOnly: + description: If true, the volume will be mounted as read only for all mounts. + type: boolean + bucket: + description: Cloud Storage Bucket name. + type: string + mountOptions: items: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1BuiltImage' - buildStepImages: + type: string description: >- - List of build step digests, in the order corresponding to build step - indices. + A list of additional flags to pass to the gcsfuse CLI. Options + should be specified without the leading "--". type: array - items: - type: string - artifactManifest: + description: >- + Represents a volume backed by a Cloud Storage bucket using Cloud Storage + FUSE. + GoogleCloudRunV2DockerBuild: + description: Build the source using Docker. This means the source has a Dockerfile. + properties: {} + type: object + id: GoogleCloudRunV2DockerBuild + GoogleCloudRunV2Probe: + type: object + properties: + timeoutSeconds: + format: int32 description: >- - Path to the artifact manifest for non-container artifacts uploaded - to Cloud Storage. Only populated when artifacts are uploaded to - Cloud Storage. - type: string - numArtifacts: + Optional. Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. Maximum value is 3600. + Must be smaller than period_seconds. + type: integer + tcpSocket: + $ref: '#/components/schemas/GoogleCloudRunV2TCPSocketAction' description: >- - Number of non-container artifacts uploaded to Cloud Storage. Only - populated when artifacts are uploaded to Cloud Storage. - type: string - format: int64 - buildStepOutputs: + Optional. TCPSocket specifies an action involving a TCP port. + Exactly one of httpGet, tcpSocket, or grpc must be specified. + grpc: description: >- - List of build step outputs, produced by builder images, in the order - corresponding to build step indices. [Cloud - Builders](https://cloud.google.com/cloud-build/docs/cloud-builders) - can produce this output by writing to `$BUILDER_OUTPUT/output`. Only - the first 50KB of data is stored. Note that the `$BUILDER_OUTPUT` - variable is read-only and can't be substituted. - type: array - items: - type: string - format: byte - artifactTiming: - description: Time to push all non-container artifacts to Cloud Storage. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' - pythonPackages: + Optional. GRPC specifies an action involving a gRPC port. Exactly + one of httpGet, tcpSocket, or grpc must be specified. + $ref: '#/components/schemas/GoogleCloudRunV2GRPCAction' + httpGet: description: >- - Python artifacts uploaded to Artifact Registry at the end of the - build. - type: array - items: - $ref: >- - #/components/schemas/GoogleDevtoolsCloudbuildV1UploadedPythonPackage - mavenArtifacts: + Optional. HTTPGet specifies the http request to perform. Exactly one + of httpGet, tcpSocket, or grpc must be specified. + $ref: '#/components/schemas/GoogleCloudRunV2HTTPGetAction' + initialDelaySeconds: + format: int32 description: >- - Maven artifacts uploaded to Artifact Registry at the end of the - build. - type: array - items: - $ref: >- - #/components/schemas/GoogleDevtoolsCloudbuildV1UploadedMavenArtifact - goModules: + Optional. Number of seconds after the container has started before + the probe is initiated. Defaults to 0 seconds. Minimum value is 0. + Maximum value for liveness probe is 3600. Maximum value for startup + probe is 240. + type: integer + failureThreshold: + format: int32 + type: integer description: >- - Optional. Go module artifacts uploaded to Artifact Registry at the - end of the build. - type: array - items: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1UploadedGoModule' - npmPackages: - description: Npm packages uploaded to Artifact Registry at the end of the build. - type: array - items: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1UploadedNpmPackage' - GoogleDevtoolsCloudbuildV1BuiltImage: - id: GoogleDevtoolsCloudbuildV1BuiltImage - description: An image built by the pipeline. + Optional. Minimum consecutive failures for the probe to be + considered failed after having succeeded. Defaults to 3. Minimum + value is 1. + periodSeconds: + description: >- + Optional. How often (in seconds) to perform the probe. Default to 10 + seconds. Minimum value is 1. Maximum value for liveness probe is + 3600. Maximum value for startup probe is 240. Must be greater or + equal than timeout_seconds. + type: integer + format: int32 + description: >- + Probe describes a health check to be performed against a container to + determine whether it is alive or ready to receive traffic. + id: GoogleCloudRunV2Probe + GoogleCloudRunV2GRPCAction: + id: GoogleCloudRunV2GRPCAction type: object + description: GRPCAction describes an action involving a GRPC port. properties: - name: + service: description: >- - Name used to push the container image to Google Container Registry, - as presented to `docker push`. - type: string - digest: - description: Docker Registry 2.0 digest. + Optional. Service is the name of the service to place in the gRPC + HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md ). + If this is not specified, the default behavior is defined by gRPC. type: string - pushTiming: + port: description: >- - Output only. Stores timing information for pushing the specified - image. - readOnly: true - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' - GoogleDevtoolsCloudbuildV1UploadedPythonPackage: - id: GoogleDevtoolsCloudbuildV1UploadedPythonPackage - description: Artifact uploaded using the PythonPackage directive. + Optional. Port number of the gRPC service. Number must be in the + range 1 to 65535. If not specified, defaults to the exposed port of + the container, which is the value of + container.ports[0].containerPort. + format: int32 + type: integer + GoogleDevtoolsCloudbuildV1ApprovalConfig: + properties: + approvalRequired: + description: >- + Whether or not approval is needed. If this is set on a build, it + will become pending when created, and will need to be explicitly + approved to start. + type: boolean + description: ApprovalConfig describes configuration for manual approval of a build. + id: GoogleDevtoolsCloudbuildV1ApprovalConfig + type: object + GoogleCloudRunV2TaskAttemptResult: type: object + id: GoogleCloudRunV2TaskAttemptResult + description: Result of a task attempt. properties: - uri: - description: URI of the uploaded artifact. - type: string - fileHashes: - description: Hash types and values of the Python Artifact. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1FileHashes' - pushTiming: + termSignal: + format: int32 + type: integer + readOnly: true description: >- - Output only. Stores timing information for pushing the specified - artifact. + Output only. Termination signal of the container. This is set to + non-zero if the container is terminated by the system. At most one + of exit_code or term_signal will be set. + status: readOnly: true - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' - GoogleDevtoolsCloudbuildV1FileHashes: - id: GoogleDevtoolsCloudbuildV1FileHashes + description: >- + Output only. The status of this attempt. If the status code is OK, + then the attempt succeeded. + $ref: '#/components/schemas/GoogleRpcStatus' + exitCode: + format: int32 + readOnly: true + type: integer + description: >- + Output only. The exit code of this attempt. This may be unset if the + container was unable to exit cleanly with a code due to some other + failure. See status field for possible failure details. At most one + of exit_code or term_signal will be set. + GoogleProtobufEmpty: + properties: {} description: >- - Container message for hashes of byte content of files, used in - SourceProvenance messages to verify integrity of source input to the - build. - type: object - properties: - fileHash: - description: Collection of file hashes. - type: array - items: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Hash' - GoogleDevtoolsCloudbuildV1Hash: - id: GoogleDevtoolsCloudbuildV1Hash - description: Container message for hash values. + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: GoogleProtobufEmpty type: object - properties: - type: - description: The type of hash that was performed. - type: string - enumDescriptions: - - No hash requested. - - Use a sha256 hash. - - Use a md5 hash. - - Dirhash of a Go module's source code which is then hex-encoded. - - Use a sha512 hash. - enum: - - NONE - - SHA256 - - MD5 - - GO_MODULE_H1 - - SHA512 - value: - description: The hash value. - type: string - format: byte - GoogleDevtoolsCloudbuildV1UploadedMavenArtifact: - id: GoogleDevtoolsCloudbuildV1UploadedMavenArtifact - description: A Maven artifact uploaded using the MavenArtifact directive. + GoogleCloudRunV2VersionToPath: type: object properties: - uri: - description: URI of the uploaded artifact. + path: type: string - fileHashes: - description: Hash types and values of the Maven Artifact. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1FileHashes' - pushTiming: + description: Required. The relative path of the secret in the container. + version: description: >- - Output only. Stores timing information for pushing the specified - artifact. - readOnly: true - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' - GoogleDevtoolsCloudbuildV1UploadedGoModule: - id: GoogleDevtoolsCloudbuildV1UploadedGoModule + The Cloud Secret Manager secret version. Can be 'latest' for the + latest value, or an integer or a secret alias for a specific + version. + type: string + mode: + type: integer + format: int32 + description: >- + Integer octal mode bits to use on this file, must be a value between + 01 and 0777 (octal). If 0 or not set, the Volume's default mode will + be used. Notes * Internally, a umask of 0222 will be applied to any + non-zero value. * This is an integer representation of the mode + bits. So, the octal integer value should look exactly as the chmod + numeric notation with a leading zero. Some examples: for chmod 640 + (u=rw,g=r), set to 0640 (octal) or 416 (base-10). For chmod 755 + (u=rwx,g=rx,o=rx), set to 0755 (octal) or 493 (base-10). * This + might be in conflict with other options that affect the file mode, + like fsGroup, and the result can be other mode bits set. description: >- - A Go module artifact uploaded to Artifact Registry using the GoModule - directive. - type: object + VersionToPath maps a specific version of a secret to a relative file to + mount to, relative to VolumeMount's mount_path. + id: GoogleCloudRunV2VersionToPath + GoogleIamV1AuditLogConfig: + id: GoogleIamV1AuditLogConfig properties: - uri: - description: URI of the uploaded artifact. - type: string - fileHashes: - description: Hash types and values of the Go Module Artifact. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1FileHashes' - pushTiming: + exemptedMembers: description: >- - Output only. Stores timing information for pushing the specified - artifact. - readOnly: true - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' - GoogleDevtoolsCloudbuildV1UploadedNpmPackage: - id: GoogleDevtoolsCloudbuildV1UploadedNpmPackage + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + items: + type: string + type: array + logType: + description: The log type that this config enables. + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + type: string + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ description: >- - An npm package uploaded to Artifact Registry using the NpmPackage - directive. + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. type: object + GoogleDevtoolsCloudbuildV1GitSourceDependency: + id: GoogleDevtoolsCloudbuildV1GitSourceDependency properties: - uri: - description: URI of the uploaded npm package. + revision: type: string - fileHashes: - description: Hash types and values of the npm package. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1FileHashes' - pushTiming: + description: Required. The revision that we will fetch the repo at. + repository: + description: Required. The kind of repo (url or dev connect). + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1GitSourceRepository' + recurseSubmodules: + description: Optional. True if submodules should be fetched too (default false). + type: boolean + depth: description: >- - Output only. Stores timing information for pushing the specified - artifact. - readOnly: true - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' - GoogleDevtoolsCloudbuildV1Artifacts: - id: GoogleDevtoolsCloudbuildV1Artifacts - description: >- - Artifacts produced by a build that should be uploaded upon successful - completion of all build steps. + Optional. How much history should be fetched for the build (default + 1, -1 for all history). + format: int64 + type: string + destPath: + type: string + description: Required. Where should the files be placed on the worker. type: object + description: Represents a git repository as a build dependency. + GoogleDevtoolsCloudbuildV1Results: properties: + artifactTiming: + description: Time to push all non-container artifacts to Cloud Storage. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' images: - description: >- - A list of images to be pushed upon the successful completion of all - build steps. The images will be pushed using the builder service - account's credentials. The digests of the pushed images will be - stored in the Build resource's results field. If any of the images - fail to be pushed, the build is marked FAILURE. + description: Container images that were built as a part of the build. type: array items: - type: string - objects: - description: >- - A list of objects to be uploaded to Cloud Storage upon successful - completion of all build steps. Files in the workspace matching - specified paths globs will be uploaded to the specified Cloud - Storage location using the builder service account's credentials. - The location and generation of the uploaded objects will be stored - in the Build resource's results field. If any objects fail to be - pushed, the build is marked FAILURE. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1ArtifactObjects' + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1BuiltImage' mavenArtifacts: - description: >- - A list of Maven artifacts to be uploaded to Artifact Registry upon - successful completion of all build steps. Artifacts in the workspace - matching specified paths globs will be uploaded to the specified - Artifact Registry repository using the builder service account's - credentials. If any artifacts fail to be pushed, the build is marked - FAILURE. - type: array items: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1MavenArtifact' - goModules: - description: >- - Optional. A list of Go modules to be uploaded to Artifact Registry - upon successful completion of all build steps. If any objects fail - to be pushed, the build is marked FAILURE. + $ref: >- + #/components/schemas/GoogleDevtoolsCloudbuildV1UploadedMavenArtifact type: array + description: >- + Maven artifacts uploaded to Artifact Registry at the end of the + build. + npmPackages: items: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1GoModule' + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1UploadedNpmPackage' + description: Npm packages uploaded to Artifact Registry at the end of the build. + type: array + numArtifacts: + format: int64 + description: >- + Number of non-container artifacts uploaded to Cloud Storage. Only + populated when artifacts are uploaded to Cloud Storage. + type: string pythonPackages: description: >- - A list of Python packages to be uploaded to Artifact Registry upon - successful completion of all build steps. The build service account - credentials will be used to perform the upload. If any objects fail - to be pushed, the build is marked FAILURE. + Python artifacts uploaded to Artifact Registry at the end of the + build. + items: + $ref: >- + #/components/schemas/GoogleDevtoolsCloudbuildV1UploadedPythonPackage type: array + goModules: items: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1PythonPackage' - npmPackages: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1UploadedGoModule' + type: array description: >- - A list of npm packages to be uploaded to Artifact Registry upon - successful completion of all build steps. Npm packages in the - specified paths will be uploaded to the specified Artifact Registry - repository using the builder service account's credentials. If any - packages fail to be pushed, the build is marked FAILURE. + Optional. Go module artifacts uploaded to Artifact Registry at the + end of the build. + buildStepOutputs: + items: + type: string + format: byte type: array + description: >- + List of build step outputs, produced by builder images, in the order + corresponding to build step indices. [Cloud + Builders](https://cloud.google.com/cloud-build/docs/cloud-builders) + can produce this output by writing to `$BUILDER_OUTPUT/output`. Only + the first 50KB of data is stored. Note that the `$BUILDER_OUTPUT` + variable is read-only and can't be substituted. + artifactManifest: + description: >- + Path to the artifact manifest for non-container artifacts uploaded + to Cloud Storage. Only populated when artifacts are uploaded to + Cloud Storage. + type: string + buildStepImages: items: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1NpmPackage' - GoogleDevtoolsCloudbuildV1ArtifactObjects: - id: GoogleDevtoolsCloudbuildV1ArtifactObjects - description: >- - Files in the workspace to upload to Cloud Storage upon successful - completion of all build steps. + type: string + type: array + description: >- + List of build step digests, in the order corresponding to build step + indices. + description: Artifacts created by the build pipeline. + type: object + id: GoogleDevtoolsCloudbuildV1Results + GoogleDevtoolsCloudbuildV1UploadedMavenArtifact: + description: A Maven artifact uploaded using the MavenArtifact directive. type: object properties: - location: - description: >- - Cloud Storage bucket and optional object path, in the form - "gs://bucket/path/to/somewhere/". (see [Bucket Name - Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). - Files in the workspace matching any path pattern will be uploaded to - Cloud Storage with this location as a prefix. + uri: + description: URI of the uploaded artifact. type: string - paths: - description: Path globs used to match files in the build's workspace. - type: array - items: - type: string - timing: - description: >- - Output only. Stores timing information for pushing all artifact - objects. + fileHashes: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1FileHashes' + description: Hash types and values of the Maven Artifact. + pushTiming: readOnly: true + description: >- + Output only. Stores timing information for pushing the specified + artifact. $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' - GoogleDevtoolsCloudbuildV1MavenArtifact: - id: GoogleDevtoolsCloudbuildV1MavenArtifact - description: >- - A Maven artifact to upload to Artifact Registry upon successful - completion of all build steps. + artifactRegistryPackage: + type: string + readOnly: true + description: Output only. Path to the artifact in Artifact Registry. + id: GoogleDevtoolsCloudbuildV1UploadedMavenArtifact + GoogleDevtoolsCloudbuildV1UploadedPythonPackage: type: object + description: Artifact uploaded using the PythonPackage directive. + id: GoogleDevtoolsCloudbuildV1UploadedPythonPackage properties: - repository: - description: >- - Artifact Registry repository, in the form - "https://$REGION-maven.pkg.dev/$PROJECT/$REPOSITORY" Artifact in the - workspace specified by path will be uploaded to Artifact Registry - with this location as a prefix. + artifactRegistryPackage: + description: Output only. Path to the artifact in Artifact Registry. type: string - path: - description: >- - Optional. Path to an artifact in the build's workspace to be - uploaded to Artifact Registry. This can be either an absolute path, - e.g. /workspace/my-app/target/my-app-1.0.SNAPSHOT.jar or a relative - path from /workspace, e.g. my-app/target/my-app-1.0.SNAPSHOT.jar. + readOnly: true + fileHashes: + description: Hash types and values of the Python Artifact. + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1FileHashes' + uri: type: string - artifactId: + description: URI of the uploaded artifact. + pushTiming: + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' description: >- - Maven `artifactId` value used when uploading the artifact to - Artifact Registry. + Output only. Stores timing information for pushing the specified + artifact. + readOnly: true + GoogleDevtoolsCloudbuildV1GitSource: + type: object + id: GoogleDevtoolsCloudbuildV1GitSource + description: Location of the source in any accessible Git repository. + properties: + url: type: string - groupId: description: >- - Maven `groupId` value used when uploading the artifact to Artifact - Registry. + Required. Location of the Git repo to build. This will be used as a + `git remote`, see https://git-scm.com/docs/git-remote. + dir: type: string - version: description: >- - Maven `version` value used when uploading the artifact to Artifact - Registry. + Optional. Directory, relative to the source root, in which to run + the build. This must be a relative path. If a step's `dir` is + specified and is an absolute path, this value is ignored for that + step's execution. + revision: + description: >- + Optional. The revision to fetch from the Git repository such as a + branch, a tag, a commit SHA, or any Git ref. Cloud Build uses `git + fetch` to fetch the revision from the Git repository; therefore make + sure that the string you provide for `revision` is parsable by the + command. For information on string values accepted by `git fetch`, + see https://git-scm.com/docs/gitrevisions#_specifying_revisions. For + information on `git fetch`, see https://git-scm.com/docs/git-fetch. type: string - GoogleDevtoolsCloudbuildV1GoModule: - id: GoogleDevtoolsCloudbuildV1GoModule - description: >- - Go module to upload to Artifact Registry upon successful completion of - all build steps. A module refers to all dependencies in a go.mod file. + GoogleTypeExpr: type: object properties: - repositoryName: - description: >- - Optional. Artifact Registry repository name. Specified Go modules - will be zipped and uploaded to Artifact Registry with this location - as a prefix. e.g. my-go-repo - type: string - repositoryLocation: + location: description: >- - Optional. Location of the Artifact Registry repository. i.e. - us-east1 Defaults to the build’s location. + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. type: string - repositoryProjectId: + expression: description: >- - Optional. Project ID of the Artifact Registry repository. Defaults - to the build project. + Textual representation of an expression in Common Expression + Language syntax. type: string - sourcePath: + title: description: >- - Optional. Source path of the go.mod file in the build's workspace. - If not specified, this will default to the current directory. e.g. - ~/code/go/mypackage + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. type: string - modulePath: - description: Optional. The Go module's "module path". e.g. example.com/foo/v2 + description: type: string - moduleVersion: description: >- - Optional. The Go module's semantic version in the form vX.Y.Z. e.g. - v0.1.1 Pre-release identifiers can also be added by appending a dash - and dot separated ASCII alphanumeric characters and hyphens. e.g. - v0.2.3-alpha.x.12m.5 - type: string - GoogleDevtoolsCloudbuildV1PythonPackage: - id: GoogleDevtoolsCloudbuildV1PythonPackage + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. description: >- - Python package to upload to Artifact Registry upon successful completion - of all build steps. A package can encapsulate multiple objects to be - uploaded to a single repository. + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + id: GoogleTypeExpr + GoogleDevtoolsCloudbuildV1Hash: + description: Container message for hash values. + properties: + type: + enumDescriptions: + - No hash requested. + - Use a sha256 hash. + - Use a md5 hash. + - Dirhash of a Go module's source code which is then hex-encoded. + - Use a sha512 hash. + description: The type of hash that was performed. + type: string + enum: + - NONE + - SHA256 + - MD5 + - GO_MODULE_H1 + - SHA512 + value: + description: The hash value. + type: string + format: byte + type: object + id: GoogleDevtoolsCloudbuildV1Hash + GoogleCloudRunV2ListExecutionsResponse: type: object + description: Response message containing a list of Executions. + id: GoogleCloudRunV2ListExecutionsResponse properties: - repository: + executions: + description: The resulting list of Executions. + type: array + items: + $ref: '#/components/schemas/GoogleCloudRunV2Execution' + nextPageToken: + type: string description: >- - Artifact Registry repository, in the form - "https://$REGION-python.pkg.dev/$PROJECT/$REPOSITORY" Files in the - workspace matching any path pattern will be uploaded to Artifact - Registry with this location as a prefix. + A token indicating there are more items than page_size. Use it in + the next ListExecutions request to continue. + GoogleCloudRunV2ContainerOverride: + id: GoogleCloudRunV2ContainerOverride + properties: + name: type: string - paths: + description: The name of the container specified as a DNS_LABEL. + env: description: >- - Path globs used to match files in the build's workspace. For Python/ - Twine, this is usually `dist/*`, and sometimes additionally an - `.asc` file. + List of environment variables to set in the container. Will be + merged with existing env for override. type: array + items: + $ref: '#/components/schemas/GoogleCloudRunV2EnvVar' + clearArgs: + description: Optional. True if the intention is to clear out existing args list. + type: boolean + args: items: type: string - GoogleDevtoolsCloudbuildV1NpmPackage: - id: GoogleDevtoolsCloudbuildV1NpmPackage - description: >- - Npm package to upload to Artifact Registry upon successful completion of - all build steps. - type: object - properties: - repository: - description: >- - Artifact Registry repository, in the form - "https://$REGION-npm.pkg.dev/$PROJECT/$REPOSITORY" Npm package in - the workspace specified by path will be zipped and uploaded to - Artifact Registry with this location as a prefix. - type: string - packagePath: - description: Path to the package.json. e.g. workspace/path/to/package - type: string - GoogleDevtoolsCloudbuildV1SourceProvenance: - id: GoogleDevtoolsCloudbuildV1SourceProvenance - description: >- - Provenance of the source. Ways to find the original source, or verify - that some source was used for this build. - type: object - properties: - resolvedStorageSource: - description: >- - A copy of the build's `source.storage_source`, if exists, with any - generations resolved. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1StorageSource' - resolvedRepoSource: - description: >- - A copy of the build's `source.repo_source`, if exists, with any - revisions resolved. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1RepoSource' - resolvedStorageSourceManifest: - description: >- - A copy of the build's `source.storage_source_manifest`, if exists, - with any revisions resolved. This feature is in Preview. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1StorageSourceManifest' - resolvedConnectedRepository: - description: >- - Output only. A copy of the build's `source.connected_repository`, if - exists, with any revisions resolved. - readOnly: true - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1ConnectedRepository' - resolvedGitSource: + type: array description: >- - Output only. A copy of the build's `source.git_source`, if exists, - with any revisions resolved. + Optional. Arguments to the entrypoint. Will replace existing args + for override. + description: Per-container override specification. + type: object + GoogleCloudRunV2BuildInfo: + type: object + id: GoogleCloudRunV2BuildInfo + description: Build information of the image. + properties: + functionTarget: + type: string readOnly: true - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1GitSource' - fileHashes: description: >- - Output only. Hash(es) of the build source, which can be used to - verify that the original source integrity was maintained in the - build. Note that `FileHashes` will only be populated if - `BuildOptions` has requested a `SourceProvenanceHash`. The keys to - this map are file paths used as build source and the values contain - the hash values for those files. If the build source came in a - single package such as a gzipped tarfile (`.tar.gz`), the `FileHash` - will be for the single path to that file. + Output only. Entry point of the function when the image is a Cloud + Run function. + sourceLocation: + description: Output only. Source code location of the image. + type: string readOnly: true - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1FileHashes' - GoogleDevtoolsCloudbuildV1BuildOptions: - id: GoogleDevtoolsCloudbuildV1BuildOptions - description: Optional arguments to enable specific features of builds. + GoogleCloudRunV2ListServicesResponse: + id: GoogleCloudRunV2ListServicesResponse type: object properties: - sourceProvenanceHash: - description: Requested hash for SourceProvenance. + services: + description: The resulting list of Services. + items: + $ref: '#/components/schemas/GoogleCloudRunV2Service' type: array + unreachable: + description: >- + Output only. For global requests, returns the list of regions that + could not be reached within the deadline. items: type: string - enumDescriptions: - - No hash requested. - - Use a sha256 hash. - - Use a md5 hash. - - Dirhash of a Go module's source code which is then hex-encoded. - - Use a sha512 hash. - enum: - - NONE - - SHA256 - - MD5 - - GO_MODULE_H1 - - SHA512 - requestedVerifyOption: - description: Requested verifiability options. - type: string - enumDescriptions: - - Not a verifiable build (the default). - - Build must be verified. - enum: - - NOT_VERIFIED - - VERIFIED - machineType: - description: Compute Engine machine type on which to run the build. + type: array + readOnly: true + nextPageToken: type: string - enumDescriptions: - - Standard machine type. - - Highcpu machine with 8 CPUs. - - Highcpu machine with 32 CPUs. - - Highcpu e2 machine with 8 CPUs. - - Highcpu e2 machine with 32 CPUs. - - E2 machine with 1 CPU. - enumDeprecated: - - false - - true - - true - - false - - false - - false - enum: - - UNSPECIFIED - - N1_HIGHCPU_8 - - N1_HIGHCPU_32 - - E2_HIGHCPU_8 - - E2_HIGHCPU_32 - - E2_MEDIUM - diskSizeGb: description: >- - Requested disk size for the VM that runs the build. Note that this - is *NOT* "disk free"; some of the space will be used by the - operating system and build utilities. Also note that this is the - minimum disk size that will be allocated for the build -- the build - may run with a larger disk than requested. At present, the maximum - disk size is 4000GB; builds that request more than the maximum are - rejected with an error. + A token indicating there are more items than page_size. Use it in + the next ListServices request to continue. + description: Response message containing a list of Services. + GoogleCloudRunV2ListTasksResponse: + description: Response message containing a list of Tasks. + id: GoogleCloudRunV2ListTasksResponse + properties: + nextPageToken: + description: >- + A token indicating there are more items than page_size. Use it in + the next ListTasks request to continue. type: string - format: int64 - substitutionOption: + tasks: + type: array + items: + $ref: '#/components/schemas/GoogleCloudRunV2Task' + description: The resulting list of Tasks. + type: object + GoogleCloudRunV2RevisionTemplate: + description: >- + RevisionTemplate describes the data a revision should have when created + from a template. + id: GoogleCloudRunV2RevisionTemplate + type: object + properties: + encryptionKey: description: >- - Option to specify behavior when there is an error in the - substitution checks. NOTE: this is always set to ALLOW_LOOSE for - triggered builds and cannot be overridden in the build configuration - file. + A reference to a customer managed encryption key (CMEK) to use to + encrypt this container image. For more information, go to + https://cloud.google.com/run/docs/securing/using-cmek type: string + executionEnvironment: enumDescriptions: - - >- - Fails the build if error in substitutions checks, like missing a - substitution in the template or in the map. - - Do not fail the build if error in substitutions checks. + - Unspecified + - Uses the First Generation environment. + - Uses Second Generation environment. enum: - - MUST_MATCH - - ALLOW_LOOSE - dynamicSubstitutions: - description: >- - Option to specify whether or not to apply bash style string - operations to the substitutions. NOTE: this is always enabled for - triggered builds and cannot be overridden in the build configuration - file. + - EXECUTION_ENVIRONMENT_UNSPECIFIED + - EXECUTION_ENVIRONMENT_GEN1 + - EXECUTION_ENVIRONMENT_GEN2 + type: string + description: Optional. The sandbox environment to host this Revision. + gpuZonalRedundancyDisabled: + description: Optional. True if GPU zonal redundancy is disabled on this revision. type: boolean - automapSubstitutions: + timeout: + type: string + format: google-duration + description: Optional. Max allowed time for an instance to respond to a request. + serviceMesh: + $ref: '#/components/schemas/GoogleCloudRunV2ServiceMesh' + description: Optional. Enables service mesh connectivity. + containers: description: >- - Option to include built-in and custom substitutions as env variables - for all build steps. + Holds the single container that defines the unit of execution for + this Revision. + items: + $ref: '#/components/schemas/GoogleCloudRunV2Container' + type: array + healthCheckDisabled: + description: Optional. Disables health checking containers during deployment. type: boolean - logStreamingOption: - description: Option to define build log streaming behavior to Cloud Storage. - type: string - enumDescriptions: - - Service may automatically determine build log streaming behavior. - - Build logs should be streamed to Cloud Storage. - - >- - Build logs should not be streamed to Cloud Storage; they will be - written when the build is completed. - enum: - - STREAM_DEFAULT - - STREAM_ON - - STREAM_OFF - workerPool: - description: This field deprecated; please use `pool.name` instead. - deprecated: true + volumes: + items: + $ref: '#/components/schemas/GoogleCloudRunV2Volume' + type: array + description: Optional. A list of Volumes to make available to containers. + encryptionKeyShutdownDuration: type: string - pool: description: >- - Optional. Specification for execution on a `WorkerPool`. See - [running builds in a private - pool](https://cloud.google.com/build/docs/private-pools/run-builds-in-private-pool) - for more information. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1PoolOption' - logging: + Optional. If encryption_key_revocation_action is SHUTDOWN, the + duration before shutting down all instances. The minimum increment + is 1 hour. + format: google-duration + revision: description: >- - Option to specify the logging mode, which determines if and where - build logs are stored. + Optional. The unique name for the revision. If this field is + omitted, it will be automatically generated based on the Service + name. + type: string + encryptionKeyRevocationAction: type: string - enumDescriptions: - - >- - The service determines the logging mode. The default is `LEGACY`. - Do not rely on the default logging behavior as it may change in - the future. - - Build logs are stored in Cloud Logging and Cloud Storage. - - Build logs are stored in Cloud Storage. - - This option is the same as CLOUD_LOGGING_ONLY. - - >- - Build logs are stored in Cloud Logging. Selecting this option will - not allow [logs - streaming](https://cloud.google.com/sdk/gcloud/reference/builds/log). - - Turn off all logging. No build logs will be captured. - enumDeprecated: - - false - - false - - false - - true - - false - - false enum: - - LOGGING_UNSPECIFIED - - LEGACY - - GCS_ONLY - - STACKDRIVER_ONLY - - CLOUD_LOGGING_ONLY - - NONE - env: - description: >- - A list of global environment variable definitions that will exist - for all build steps in this build. If a variable is defined in both - globally and in a build step, the variable will use the build step - value. The elements are of the form "KEY=VALUE" for the environment - variable "KEY" being given the value "VALUE". - type: array - items: + - ENCRYPTION_KEY_REVOCATION_ACTION_UNSPECIFIED + - PREVENT_NEW + - SHUTDOWN + description: Optional. The action to take if the encryption key is revoked. + enumDescriptions: + - Unspecified + - Prevents the creation of new instances. + - Shuts down existing instances, and prevents creation of new ones. + labels: + additionalProperties: type: string - secretEnv: description: >- - A list of global environment variables, which are encrypted using a - Cloud Key Management Service crypto key. These values must be - specified in the build's `Secret`. These variables will be available - to all build steps in this build. - type: array - items: + Optional. Unstructured key value map that can be used to organize + and categorize objects. User-provided labels are shared with + Google's billing system, so they can be used to filter, or break + down billing charges by team, component, environment, state, etc. + For more information, visit + https://cloud.google.com/resource-manager/docs/creating-managing-labels + or https://cloud.google.com/run/docs/configuring/labels. Cloud Run + API v2 does not support labels with `run.googleapis.com`, + `cloud.googleapis.com`, `serving.knative.dev`, or + `autoscaling.knative.dev` namespaces, and they will be rejected. All + system labels in v1 now have a corresponding field in v2 + RevisionTemplate. + type: object + nodeSelector: + description: Optional. The node selector for the revision template. + $ref: '#/components/schemas/GoogleCloudRunV2NodeSelector' + annotations: + type: object + additionalProperties: type: string - volumes: description: >- - Global list of volumes to mount for ALL build steps Each volume is - created as an empty volume prior to starting the build process. Upon - completion of the build, volumes and their contents are discarded. - Global volume names and paths cannot conflict with the volumes - defined a build step. Using a global volume in a build with only one - step is not valid as it is indicative of a build request with an - incorrect configuration. - type: array - items: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1Volume' - defaultLogsBucketBehavior: - description: Optional. Option to specify how default logs buckets are setup. - type: string - enumDescriptions: - - Unspecified. - - >- - Bucket is located in user-owned project in the same region as the - build. The builder service account must have access to create and - write to Cloud Storage buckets in the build project. - - >- - Bucket is located in a Google-owned project and is not - regionalized. - enum: - - DEFAULT_LOGS_BUCKET_BEHAVIOR_UNSPECIFIED - - REGIONAL_USER_OWNED_BUCKET - - LEGACY_BUCKET - enableStructuredLogging: + Optional. Unstructured key value map that may be set by external + tools to store and arbitrary metadata. They are not queryable and + should be preserved when modifying objects. Cloud Run API v2 does + not support annotations with `run.googleapis.com`, + `cloud.googleapis.com`, `serving.knative.dev`, or + `autoscaling.knative.dev` namespaces, and they will be rejected. All + system annotations in v1 now have a corresponding field in v2 + RevisionTemplate. This field follows Kubernetes annotations' + namespacing, limits, and rules. + maxInstanceRequestConcurrency: + type: integer + format: int32 description: >- - Optional. Option to specify whether structured logging is enabled. - If true, JSON-formatted logs are parsed as structured logs. - type: boolean - pubsubTopic: + Optional. Sets the maximum number of requests that each serving + instance can receive. If not specified or 0, concurrency defaults to + 80 when requested `CPU >= 1` and defaults to 1 when requested `CPU < + 1`. + serviceAccount: description: >- - Optional. Option to specify the Pub/Sub topic to receive build - status updates. + Optional. Email address of the IAM service account associated with + the revision of the service. The service account represents the + identity of the running revision, and determines what permissions + the revision has. If not provided, the revision will use the + project's default service account. type: string - GoogleDevtoolsCloudbuildV1PoolOption: - id: GoogleDevtoolsCloudbuildV1PoolOption - description: >- - Details about how a build should be executed on a `WorkerPool`. See - [running builds in a private - pool](https://cloud.google.com/build/docs/private-pools/run-builds-in-private-pool) - for more information. + sessionAffinity: + description: Optional. Enable session affinity. + type: boolean + scaling: + $ref: '#/components/schemas/GoogleCloudRunV2RevisionScaling' + description: Optional. Scaling settings for this Revision. + vpcAccess: + description: >- + Optional. VPC Access configuration to use for this Revision. For + more information, visit + https://cloud.google.com/run/docs/configuring/connecting-vpc. + $ref: '#/components/schemas/GoogleCloudRunV2VpcAccess' + GoogleDevtoolsCloudbuildV1BuiltImage: + description: An image built by the pipeline. type: object + id: GoogleDevtoolsCloudbuildV1BuiltImage properties: name: description: >- - The `WorkerPool` resource to execute the build on. You must have - `cloudbuild.workerpools.use` on the project hosting the WorkerPool. - Format - projects/{project}/locations/{location}/workerPools/{workerPoolId} + Name used to push the container image to Google Container Registry, + as presented to `docker push`. type: string - GoogleDevtoolsCloudbuildV1Secret: - id: GoogleDevtoolsCloudbuildV1Secret - description: >- - Pairs a set of secret environment variables containing encrypted values - with the Cloud KMS key to use to decrypt the value. Note: Use - `kmsKeyName` with `available_secrets` instead of using `kmsKeyName` with - `secret`. For instructions see: - https://cloud.google.com/cloud-build/docs/securing-builds/use-encrypted-credentials. - type: object - properties: - kmsKeyName: - description: Cloud KMS key name to use to decrypt these envs. + digest: type: string - secretEnv: + description: Docker Registry 2.0 digest. + pushTiming: description: >- - Map of environment variable name to its encrypted value. Secret - environment variables must be unique across all of a build's - secrets, and must be used by at least one build step. Values can be - at most 64 KB in size. There can be at most 100 secret values across - all of a build's secrets. - type: object - additionalProperties: - type: string - format: byte - GoogleDevtoolsCloudbuildV1BuildApproval: - id: GoogleDevtoolsCloudbuildV1BuildApproval - description: >- - BuildApproval describes a build's approval configuration, state, and - result. - type: object + Output only. Stores timing information for pushing the specified + image. + readOnly: true + $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1TimeSpan' + artifactRegistryPackage: + readOnly: true + description: Output only. Path to the artifact in Artifact Registry. + type: string + GoogleCloudRunV2ImageExportStatus: properties: - state: - description: Output only. The state of this build's approval. + status: + description: The status of the export task if done. + $ref: '#/components/schemas/UtilStatusProto' + tag: + description: The image tag as it will appear in Artifact Registry. + type: string + exportJobState: readOnly: true type: string - enumDescriptions: - - Default enum type. This should not be used. - - Build approval is pending. - - Build approval has been approved. - - Build approval has been rejected. - - Build was cancelled while it was still pending approval. + description: >- + Output only. Has the image export job finished (regardless of + successful or failure). enum: - - STATE_UNSPECIFIED - - PENDING - - APPROVED - - REJECTED - - CANCELLED - config: - description: Output only. Configuration for manual approval of this build. - readOnly: true - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1ApprovalConfig' - result: - description: Output only. Result of manual approval for this Build. - readOnly: true - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1ApprovalResult' - GoogleDevtoolsCloudbuildV1ApprovalConfig: - id: GoogleDevtoolsCloudbuildV1ApprovalConfig - description: ApprovalConfig describes configuration for manual approval of a build. + - EXPORT_JOB_STATE_UNSPECIFIED + - IN_PROGRESS + - FINISHED + enumDescriptions: + - State unspecified. + - Job still in progress. + - Job finished. + exportedImageDigest: + description: The exported image ID as it will appear in Artifact Registry. + type: string type: object - properties: - approvalRequired: - description: >- - Whether or not approval is needed. If this is set on a build, it - will become pending when created, and will need to be explicitly - approved to start. - type: boolean - GoogleDevtoolsCloudbuildV1ApprovalResult: - id: GoogleDevtoolsCloudbuildV1ApprovalResult - description: >- - ApprovalResult describes the decision and associated metadata of a - manual approval of a build. + description: The status of an image export job. + id: GoogleCloudRunV2ImageExportStatus + GoogleCloudRunV2EmptyDirVolumeSource: type: object + id: GoogleCloudRunV2EmptyDirVolumeSource properties: - approverAccount: + medium: description: >- - Output only. Email of the user that called the ApproveBuild API to - approve or reject a build at the time that the API was called. - readOnly: true - type: string - approvalTime: - description: Output only. The time when the approval decision was made. - readOnly: true - type: string - format: google-datetime - decision: - description: Required. The decision of this manual approval. - type: string + The medium on which the data is stored. Acceptable values today is + only MEMORY or none. When none, the default will currently be backed + by memory but could change over time. +optional enumDescriptions: - - Default enum type. This should not be used. - - Build is approved. - - Build is rejected. + - >- + When not specified, falls back to the default implementation which + is currently in memory (this may change over time). + - Explicitly set the EmptyDir to be in memory. Uses tmpfs. enum: - - DECISION_UNSPECIFIED - - APPROVED - - REJECTED - comment: - description: Optional. An optional comment for this manual approval result. + - MEDIUM_UNSPECIFIED + - MEMORY type: string - url: + sizeLimit: description: >- - Optional. An optional URL tied to this manual approval result. This - field is essentially the same as comment, except that it will be - rendered by the UI differently. An example use case is a link to an - external job that approved this Build. + Limit on the storage usable by this EmptyDir volume. The size limit + is also applicable for memory medium. The maximum usage on memory + medium EmptyDir would be the minimum value between the SizeLimit + specified here and the sum of memory limits of all containers. The + default is nil which means that the limit is undefined. More info: + https://cloud.google.com/run/docs/configuring/in-memory-volumes#configure-volume. + Info in Kubernetes: + https://kubernetes.io/docs/concepts/storage/volumes/#emptydir type: string - GoogleDevtoolsCloudbuildV1Secrets: - id: GoogleDevtoolsCloudbuildV1Secrets - description: Secrets and secret environment variables. + description: >- + In memory (tmpfs) ephemeral storage. It is ephemeral in the sense that + when the sandbox is taken down, the data is destroyed with it (it does + not persist across sandbox runs). + GoogleCloudRunV2VpcAccess: type: object + description: >- + VPC Access settings. For more information on sending traffic to a VPC + network, visit + https://cloud.google.com/run/docs/configuring/connecting-vpc. properties: - secretManager: + connector: description: >- - Secrets in Secret Manager and associated secret environment - variable. - type: array - items: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1SecretManagerSecret' - inline: + VPC Access connector name. Format: + `projects/{project}/locations/{location}/connectors/{connector}`, + where `{project}` can be project id or number. For more information + on sending traffic to a VPC network via a connector, visit + https://cloud.google.com/run/docs/configuring/vpc-connectors. + type: string + networkInterfaces: description: >- - Secrets encrypted with KMS key and the associated secret environment - variable. - type: array + Optional. Direct VPC egress settings. Currently only single network + interface is supported. items: - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1InlineSecret' - GoogleDevtoolsCloudbuildV1SecretManagerSecret: - id: GoogleDevtoolsCloudbuildV1SecretManagerSecret - description: >- - Pairs a secret environment variable with a SecretVersion in Secret - Manager. + $ref: '#/components/schemas/GoogleCloudRunV2NetworkInterface' + type: array + egress: + enumDescriptions: + - Unspecified + - All outbound traffic is routed through the VPC connector. + - Only private IP ranges are routed through the VPC connector. + description: >- + Optional. Traffic VPC egress settings. If not provided, it defaults + to PRIVATE_RANGES_ONLY. + type: string + enum: + - VPC_EGRESS_UNSPECIFIED + - ALL_TRAFFIC + - PRIVATE_RANGES_ONLY + id: GoogleCloudRunV2VpcAccess + GoogleDevtoolsCloudbuildV1StorageSourceManifest: type: object + description: >- + Location of the source manifest in Cloud Storage. This feature is in + Preview; see description + [here](https://github.com/GoogleCloudPlatform/cloud-builders/tree/master/gcs-fetcher). + id: GoogleDevtoolsCloudbuildV1StorageSourceManifest properties: - versionName: + generation: description: >- - Resource name of the SecretVersion. In format: - projects/*/secrets/*/versions/* + Cloud Storage generation for the object. If the generation is + omitted, the latest generation will be used. + format: int64 type: string - env: + bucket: description: >- - Environment variable name to associate with the secret. Secret - environment variables must be unique across all of a build's - secrets, and must be used by at least one build step. + Required. Cloud Storage bucket containing the source manifest (see + [Bucket Name + Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). type: string - GoogleDevtoolsCloudbuildV1InlineSecret: - id: GoogleDevtoolsCloudbuildV1InlineSecret - description: >- - Pairs a set of secret environment variables mapped to encrypted values - with the Cloud KMS key to use to decrypt the value. - type: object - properties: - kmsKeyName: - description: >- - Resource name of Cloud KMS crypto key to decrypt the encrypted - value. In format: projects/*/locations/*/keyRings/*/cryptoKeys/* + object: type: string - envMap: description: >- - Map of environment variable name to its encrypted value. Secret - environment variables must be unique across all of a build's - secrets, and must be used by at least one build step. Values can be - at most 64 KB in size. There can be at most 100 secret values across - all of a build's secrets. - type: object - additionalProperties: - type: string - format: byte - GoogleDevtoolsCloudbuildV1Warning: - id: GoogleDevtoolsCloudbuildV1Warning - description: A non-fatal problem encountered during the execution of the build. - type: object + Required. Cloud Storage object containing the source manifest. This + object must be a JSON file. + GoogleCloudRunV2BinaryAuthorization: properties: - text: - description: Explanation of the warning generated. + useDefault: + description: >- + Optional. If True, indicates to use the default project's binary + authorization policy. If False, binary authorization will be + disabled. + type: boolean + policy: type: string - priority: - description: The priority for this warning. + description: >- + Optional. The path to a binary authorization policy. Format: + `projects/{project}/platforms/cloudRun/{policy-name}` + breakglassJustification: type: string - enumDescriptions: - - Should not be used. - - e.g. deprecation warnings and alternative feature highlights. - - e.g. automated detection of possible issues with the build. - - e.g. alerts that a feature used in the build is pending removal - enum: - - PRIORITY_UNSPECIFIED - - INFO - - WARNING - - ALERT - GoogleDevtoolsCloudbuildV1GitConfig: - id: GoogleDevtoolsCloudbuildV1GitConfig - description: GitConfig is a configuration for git operations. + description: >- + Optional. If present, indicates to use Breakglass using this + justification. If use_default is False, then it must be empty. For + more information on breakglass, see + https://cloud.google.com/binary-authorization/docs/using-breakglass + description: Settings for Binary Authorization feature. + id: GoogleCloudRunV2BinaryAuthorization type: object - properties: - http: - description: Configuration for HTTP related git operations. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1HttpConfig' - GoogleDevtoolsCloudbuildV1HttpConfig: - id: GoogleDevtoolsCloudbuildV1HttpConfig - description: HttpConfig is a configuration for HTTP related git operations. + GoogleCloudRunV2ExecutionReference: type: object properties: - proxySecretVersionName: - description: >- - SecretVersion resource of the HTTP proxy URL. The Service Account - used in the build (either the default Service Account or - user-specified Service Account) should have - `secretmanager.versions.access` permissions on this secret. The - proxy URL should be in format `protocol://@]proxyhost[:port]`. + completionTime: type: string - GoogleDevtoolsCloudbuildV1FailureInfo: - id: GoogleDevtoolsCloudbuildV1FailureInfo - description: A fatal problem encountered during the execution of the build. - type: object - properties: - type: - description: The name of the failure. + format: google-datetime + description: Creation timestamp of the execution. + name: + type: string + description: Name of the execution. + completionStatus: type: string enumDescriptions: - - Type unspecified - - Unable to push the image to the repository. - - Final image not found. - - Unauthorized push of the final image. - - Backend logging failures. Should retry. - - A build step has failed. - - The source fetching has failed. + - The default value. This value is used if the state is omitted. + - Job execution has succeeded. + - Job execution has failed. + - Job execution is running normally. + - Waiting for backing resources to be provisioned. + - Job execution has been cancelled by the user. + description: Status for the execution completion. enum: - - FAILURE_TYPE_UNSPECIFIED - - PUSH_FAILED - - PUSH_IMAGE_NOT_FOUND - - PUSH_NOT_AUTHORIZED - - LOGGING_FAILURE - - USER_BUILD_STEP - - FETCH_SOURCE_FAILED - detail: - description: Explains the failure issue in more detail using hard-coded text. + - COMPLETION_STATUS_UNSPECIFIED + - EXECUTION_SUCCEEDED + - EXECUTION_FAILED + - EXECUTION_RUNNING + - EXECUTION_PENDING + - EXECUTION_CANCELLED + createTime: type: string - GoogleDevtoolsCloudbuildV1Dependency: - id: GoogleDevtoolsCloudbuildV1Dependency - description: >- - A dependency that the Cloud Build worker will fetch before executing - user steps. - type: object - properties: - empty: + description: Creation timestamp of the execution. + format: google-datetime + deleteTime: + type: string + format: google-datetime description: >- - If set to true disable all dependency fetching (ignoring the default - source as well). - type: boolean - gitSource: - description: Represents a git repository as a build dependency. - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1GitSourceDependency' - GoogleDevtoolsCloudbuildV1GitSourceDependency: - id: GoogleDevtoolsCloudbuildV1GitSourceDependency - description: Represents a git repository as a build dependency. + The deletion time of the execution. It is only populated as a + response to a Delete request. + description: >- + Reference to an Execution. Use /Executions.GetExecution with the given + name to get full execution including the latest status. + id: GoogleCloudRunV2ExecutionReference + GoogleDevtoolsCloudbuildV1PythonPackage: + description: >- + Python package to upload to Artifact Registry upon successful completion + of all build steps. A package can encapsulate multiple objects to be + uploaded to a single repository. type: object properties: repository: - description: Required. The kind of repo (url or dev connect). - $ref: '#/components/schemas/GoogleDevtoolsCloudbuildV1GitSourceRepository' - revision: - description: Required. The revision that we will fetch the repo at. type: string - recurseSubmodules: - description: Optional. True if submodules should be fetched too (default false). - type: boolean - depth: description: >- - Optional. How much history should be fetched for the build (default - 1, -1 for all history). - type: string - format: int64 - destPath: - description: Required. Where should the files be placed on the worker. - type: string - GoogleDevtoolsCloudbuildV1GitSourceRepository: - id: GoogleDevtoolsCloudbuildV1GitSourceRepository - description: A repository for a git source. + Artifact Registry repository, in the form + "https://$REGION-python.pkg.dev/$PROJECT/$REPOSITORY" Files in the + workspace matching any path pattern will be uploaded to Artifact + Registry with this location as a prefix. + paths: + description: >- + Path globs used to match files in the build's workspace. For Python/ + Twine, this is usually `dist/*`, and sometimes additionally an + `.asc` file. + type: array + items: + type: string + id: GoogleDevtoolsCloudbuildV1PythonPackage + GoogleCloudRunV2WorkerPoolScaling: + id: GoogleCloudRunV2WorkerPoolScaling type: object + description: Worker pool scaling settings. properties: - url: - description: Location of the Git repository. - type: string - developerConnect: - description: >- - The Developer Connect Git repository link formatted as - `projects/*/locations/*/connections/*/gitRepositoryLink/*` - type: string + manualInstanceCount: + description: Optional. The total number of instances in manual scaling mode. + format: int32 + type: integer + GoogleCloudRunV2EnvVarSource: + properties: + secretKeyRef: + $ref: '#/components/schemas/GoogleCloudRunV2SecretKeySelector' + description: Selects a secret and a specific version from Cloud Secret Manager. + description: EnvVarSource represents a source for the value of an EnvVar. + type: object + id: GoogleCloudRunV2EnvVarSource parameters: - access_token: - description: OAuth access token. + _.xgafv: + description: V1 error format. in: query - name: access_token + name: $.xgafv schema: type: string + enum: + - '1' + - '2' alt: description: Data format for response. in: query @@ -5684,16 +5769,25 @@ components: - json - media - proto + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string callback: description: JSONP in: query name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: fields + name: upload_protocol schema: type: string key: @@ -5711,59 +5805,47 @@ components: name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: quotaUser + name: uploadType schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: upload_protocol + name: fields schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: uploadType + name: prettyPrint schema: - type: string - _.xgafv: - description: V1 error format. + type: boolean + access_token: + description: OAuth access token. in: query - name: $.xgafv + name: access_token schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: locations: id: google.run.locations name: locations title: Locations methods: - export_project_metadata: + export_metadata: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}:exportProjectMetadata/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1{locationsId1}:exportMetadata/get response: mediaType: application/json openAPIDocKey: '200' - export_metadata: + export_image: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1{locationsId1}:exportMetadata/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1{locationsId1}:exportImage/post response: mediaType: application/json openAPIDocKey: '200' @@ -5774,10 +5856,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - export_image: + export_project_metadata: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1{locationsId1}:exportImage/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}:exportProjectMetadata/get response: mediaType: application/json openAPIDocKey: '200' @@ -5792,21 +5874,21 @@ components: name: operations title: Operations methods: - list: + wait: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:wait/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - get: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable delete: operation: $ref: >- @@ -5814,10 +5896,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - wait: + get: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:wait/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -5830,44 +5912,157 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - builds: - id: google.run.builds - name: builds - title: Builds + worker_pools_iam_policies: + id: google.run.worker_pools_iam_policies + name: worker_pools_iam_policies + title: Worker_pools_iam_policies methods: - submit: + set_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1builds:submit/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools~1{workerPoolsId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + get_iam_policy: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools~1{workerPoolsId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + test_iam_permissions: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools~1{workerPoolsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] + select: + - $ref: >- + #/components/x-stackQL-resources/worker_pools_iam_policies/methods/get_iam_policy insert: [] update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/worker_pools_iam_policies/methods/set_iam_policy delete: [] + worker_pools: + id: google.run.worker_pools + name: worker_pools + title: Worker_pools + methods: + list: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.workerPools + create: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools/post + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools~1{workerPoolsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools~1{workerPoolsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools~1{workerPoolsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/worker_pools/methods/get' + - $ref: '#/components/x-stackQL-resources/worker_pools/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/worker_pools/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/worker_pools/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/worker_pools/methods/delete' + revisions: + id: google.run.revisions + name: revisions + title: Revisions + methods: + list: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1services~1{servicesId}~1revisions/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.revisions + delete: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1services~1{servicesId}~1revisions~1{revisionsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1services~1{servicesId}~1revisions~1{revisionsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + export_status: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1services~1{servicesId}~1revisions~1{revisionsId}~1{revisionsId1}:exportStatus/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/revisions/methods/get' + - $ref: '#/components/x-stackQL-resources/revisions/methods/list' + insert: [] + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/revisions/methods/delete' jobs: id: google.run.jobs name: jobs title: Jobs methods: - create: + delete: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobs/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}/delete response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobs/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.jobs get: operation: $ref: >- @@ -5875,17 +6070,18 @@ components: response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}/patch + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobs/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.jobs + create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}/delete + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobs/post response: mediaType: application/json openAPIDocKey: '200' @@ -5912,14 +6108,13 @@ components: name: jobs_iam_policies title: Jobs_iam_policies methods: - get_iam_policy: + test_iam_permissions: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}:getIamPolicy/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings set_iam_policy: operation: $ref: >- @@ -5927,13 +6122,14 @@ components: response: mediaType: application/json openAPIDocKey: '200' - test_iam_permissions: + get_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}:testIamPermissions/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- @@ -5956,6 +6152,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + cancel: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}~1executions~1{executionsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' get: operation: $ref: >- @@ -5978,13 +6181,6 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.executions - cancel: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1jobs~1{jobsId}~1executions~1{executionsId}:cancel/post - response: - mediaType: application/json - openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/executions/methods/get' @@ -6022,18 +6218,29 @@ components: update: [] replace: [] delete: [] - services: - id: google.run.services - name: services - title: Services + builds: + id: google.run.builds + name: builds + title: Builds methods: - create: + submit: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1services/post + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1builds:submit/post response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + services: + id: google.run.services + name: services + title: Services + methods: list: operation: $ref: >- @@ -6042,10 +6249,10 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.services - get: + create: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1services~1{servicesId}/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1services/post response: mediaType: application/json openAPIDocKey: '200' @@ -6063,6 +6270,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1services~1{servicesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/services/methods/get' @@ -6079,14 +6293,6 @@ components: name: services_iam_policies title: Services_iam_policies methods: - get_iam_policy: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1services~1{servicesId}:getIamPolicy/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings set_iam_policy: operation: $ref: >- @@ -6101,165 +6307,41 @@ components: response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/services_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/services_iam_policies/methods/set_iam_policy - delete: [] - revisions: - id: google.run.revisions - name: revisions - title: Revisions - methods: - export_status: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1services~1{servicesId}~1revisions~1{revisionsId}~1{revisionsId1}:exportStatus/get - response: - mediaType: application/json - openAPIDocKey: '200' - get: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools~1{workerPoolsId}~1revisions~1{revisionsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools~1{workerPoolsId}~1revisions~1{revisionsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools~1{workerPoolsId}~1revisions/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.revisions - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/revisions/methods/get' - - $ref: '#/components/x-stackQL-resources/revisions/methods/list' - insert: [] - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/revisions/methods/delete' - worker_pools: - id: google.run.worker_pools - name: worker_pools - title: Worker_pools - methods: - create: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.workerPools - get: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools~1{workerPoolsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools~1{workerPoolsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools~1{workerPoolsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/worker_pools/methods/get' - - $ref: '#/components/x-stackQL-resources/worker_pools/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/worker_pools/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/worker_pools/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/worker_pools/methods/delete' - worker_pools_iam_policies: - id: google.run.worker_pools_iam_policies - name: worker_pools_iam_policies - title: Worker_pools_iam_policies - methods: get_iam_policy: operation: $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools~1{workerPoolsId}:getIamPolicy/get + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1services~1{servicesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - set_iam_policy: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools~1{workerPoolsId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - test_iam_permissions: - operation: - $ref: >- - #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1workerPools~1{workerPoolsId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/worker_pools_iam_policies/methods/get_iam_policy + #/components/x-stackQL-resources/services_iam_policies/methods/get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/worker_pools_iam_policies/methods/set_iam_policy + #/components/x-stackQL-resources/services_iam_policies/methods/set_iam_policy delete: [] paths: - /v2/projects/{projectsId}/locations/{locationsId}:exportProjectMetadata: + /v2/projects/{projectsId}/locations/{locationsId}/{locationsId1}:exportMetadata: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/access_token' get: - description: Export generated customer metadata for a given project. - operationId: run.projects.locations.exportProjectMetadata + description: Export generated customer metadata for a given resource. + operationId: run.projects.locations.exportMetadata security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6283,11 +6365,54 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/{locationsId1}:exportMetadata: + - in: path + name: locationsId1 + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/{locationsId1}:exportImage: + parameters: *ref_1 + post: + description: Export image for a given resource. + operationId: run.projects.locations.exportImage + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudRunV2ExportImageRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudRunV2ExportImageResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: locationsId1 + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/{locationsId1}:exportImageMetadata: parameters: *ref_1 get: - description: Export generated customer metadata for a given resource. - operationId: run.projects.locations.exportMetadata + description: Export image metadata for a given resource. + operationId: run.projects.locations.exportImageMetadata security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6316,11 +6441,11 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/{locationsId1}:exportImageMetadata: + /v2/projects/{projectsId}/locations/{locationsId}:exportProjectMetadata: parameters: *ref_1 get: - description: Export image metadata for a given resource. - operationId: run.projects.locations.exportImageMetadata + description: Export generated customer metadata for a given project. + operationId: run.projects.locations.exportProjectMetadata security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6344,21 +6469,25 @@ paths: required: true schema: type: string - - in: path - name: locationsId1 - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/{locationsId1}:exportImage: + /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:wait: parameters: *ref_1 post: - description: Export image for a given resource. - operationId: run.projects.locations.exportImage + description: >- + Waits until the specified long-running operation is done or reaches at + most a specified timeout, returning the latest state. If the operation + is already done, the latest state is immediately returned. If the + timeout specified is greater than the default HTTP/RPC timeout, the + HTTP/RPC timeout is used. If the server does not support this method, it + returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a + best-effort basis. It may return the latest state before the specified + timeout (including immediately), meaning even an immediate response is + no guarantee that the operation is done. + operationId: run.projects.locations.operations.wait requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2ExportImageRequest' + $ref: '#/components/schemas/GoogleLongrunningWaitOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6370,7 +6499,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2ExportImageResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -6383,7 +6512,7 @@ paths: schema: type: string - in: path - name: locationsId1 + name: operationsId required: true schema: type: string @@ -6417,27 +6546,32 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string - in: query name: pageToken schema: type: string /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - get: + delete: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: run.projects.locations.operations.get + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: run.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6449,7 +6583,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -6466,13 +6600,12 @@ paths: required: true schema: type: string - delete: + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: run.projects.locations.operations.delete + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: run.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6484,7 +6617,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -6501,25 +6634,18 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:wait: + /v2/projects/{projectsId}/locations/{locationsId}/workerPools/{workerPoolsId}:setIamPolicy: parameters: *ref_1 post: description: >- - Waits until the specified long-running operation is done or reaches at - most a specified timeout, returning the latest state. If the operation - is already done, the latest state is immediately returned. If the - timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns `google.rpc.Code.UNIMPLEMENTED`. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. - operationId: run.projects.locations.operations.wait + Sets the IAM Access control policy for the specified WorkerPool. + Overwrites any existing policy. + operationId: run.projects.locations.workerPools.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningWaitOperationRequest' + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6531,7 +6657,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -6544,20 +6670,59 @@ paths: schema: type: string - in: path - name: operationsId + name: workerPoolsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/builds:submit: + /v2/projects/{projectsId}/locations/{locationsId}/workerPools: parameters: *ref_1 + get: + description: Lists WorkerPools. Results are sorted by creation time, descending. + operationId: run.projects.locations.workerPools.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudRunV2ListWorkerPoolsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: showDeleted + schema: + type: boolean post: - description: Submits a build in a given project. - operationId: run.projects.locations.builds.submit + description: Creates a new WorkerPool in a given project and location. + operationId: run.projects.locations.workerPools.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2SubmitBuildRequest' + $ref: '#/components/schemas/GoogleCloudRunV2WorkerPool' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6569,7 +6734,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2SubmitBuildResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -6581,16 +6746,55 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/jobs: + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: workerPoolId + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/workerPools/{workerPoolsId}: parameters: *ref_1 - post: - description: Creates a Job. - operationId: run.projects.locations.jobs.create + get: + description: Gets information about a WorkerPool. + operationId: run.projects.locations.workerPools.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudRunV2WorkerPool' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: workerPoolsId + required: true + schema: + type: string + patch: + description: Updates a WorkerPool. + operationId: run.projects.locations.workerPools.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2Job' + $ref: '#/components/schemas/GoogleCloudRunV2WorkerPool' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6614,17 +6818,75 @@ paths: required: true schema: type: string + - in: path + name: workerPoolsId + required: true + schema: + type: string - in: query - name: jobId + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: allowMissing + schema: + type: boolean + - in: query + name: forceNewRevision + schema: + type: boolean + - in: query + name: validateOnly + schema: + type: boolean + delete: + description: Deletes a WorkerPool. + operationId: run.projects.locations.workerPools.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningOperation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: workerPoolsId + required: true schema: type: string - in: query name: validateOnly schema: type: boolean + - in: query + name: etag + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/workerPools/{workerPoolsId}:getIamPolicy: + parameters: *ref_1 get: - description: Lists Jobs. Results are sorted by creation time, descending. - operationId: run.projects.locations.jobs.list + description: >- + Gets the IAM Access Control policy currently in effect for the given + Cloud Run WorkerPool. This result does not include any inherited + policies. + operationId: run.projects.locations.workerPools.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6636,7 +6898,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2ListJobsResponse' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -6648,24 +6910,28 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: workerPoolsId + required: true schema: type: string - in: query - name: showDeleted + name: options.requestedPolicyVersion schema: - type: boolean - /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}: + type: integer + format: int32 + /v2/projects/{projectsId}/locations/{locationsId}/workerPools/{workerPoolsId}:testIamPermissions: parameters: *ref_1 - get: - description: Gets information about a Job. - operationId: run.projects.locations.jobs.get + post: + description: >- + Returns permissions that a caller has on the specified Project. There + are no permissions required for making this API call. + operationId: run.projects.locations.workerPools.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6677,7 +6943,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2Job' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -6690,18 +6956,17 @@ paths: schema: type: string - in: path - name: jobsId + name: workerPoolsId required: true schema: type: string - patch: - description: Updates a Job. - operationId: run.projects.locations.jobs.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRunV2Job' + /v2/projects/{projectsId}/locations/{locationsId}/workerPools/{workerPoolsId}/revisions: + parameters: *ref_1 + get: + description: >- + Lists Revisions from a given Service, or from a given location. Results + are sorted by creation time, descending. + operationId: run.projects.locations.workerPools.revisions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6713,7 +6978,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudRunV2ListRevisionsResponse' parameters: - in: path name: projectsId @@ -6726,21 +6991,28 @@ paths: schema: type: string - in: path - name: jobsId + name: workerPoolsId required: true schema: type: string - in: query - name: validateOnly + name: pageSize schema: - type: boolean + type: integer + format: int32 - in: query - name: allowMissing + name: pageToken + schema: + type: string + - in: query + name: showDeleted schema: type: boolean + /v2/projects/{projectsId}/locations/{locationsId}/workerPools/{workerPoolsId}/revisions/{revisionsId}: + parameters: *ref_1 delete: - description: Deletes a Job. - operationId: run.projects.locations.jobs.delete + description: Deletes a Revision. + operationId: run.projects.locations.workerPools.revisions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6765,7 +7037,12 @@ paths: schema: type: string - in: path - name: jobsId + name: workerPoolsId + required: true + schema: + type: string + - in: path + name: revisionsId required: true schema: type: string @@ -6777,16 +7054,9 @@ paths: name: etag schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}:run: - parameters: *ref_1 - post: - description: Triggers creation of a new Execution of this Job. - operationId: run.projects.locations.jobs.run - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRunV2RunJobRequest' + get: + description: Gets information about a Revision. + operationId: run.projects.locations.workerPools.revisions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6798,7 +7068,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudRunV2Revision' parameters: - in: path name: projectsId @@ -6811,17 +7081,20 @@ paths: schema: type: string - in: path - name: jobsId + name: workerPoolsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}:getIamPolicy: + - in: path + name: revisionsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}: parameters: *ref_1 - get: - description: >- - Gets the IAM Access Control policy currently in effect for the given - Job. This result does not include any inherited policies. - operationId: run.projects.locations.jobs.getIamPolicy + delete: + description: Deletes a Job. + operationId: run.projects.locations.jobs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6833,7 +7106,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -6851,22 +7124,21 @@ paths: schema: type: string - in: query - name: options.requestedPolicyVersion + name: etag schema: - type: integer - format: int32 - /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}:setIamPolicy: - parameters: *ref_1 - post: - description: >- - Sets the IAM Access control policy for the specified Job. Overwrites any - existing policy. - operationId: run.projects.locations.jobs.setIamPolicy + type: string + - in: query + name: validateOnly + schema: + type: boolean + patch: + description: Updates a Job. + operationId: run.projects.locations.jobs.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + $ref: '#/components/schemas/GoogleCloudRunV2Job' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6878,7 +7150,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -6895,18 +7167,17 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified Project. There - are no permissions required for making this API call. - operationId: run.projects.locations.jobs.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' + - in: query + name: allowMissing + schema: + type: boolean + - in: query + name: validateOnly + schema: + type: boolean + get: + description: Gets information about a Job. + operationId: run.projects.locations.jobs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6918,7 +7189,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: '#/components/schemas/GoogleCloudRunV2Job' parameters: - in: path name: projectsId @@ -6935,11 +7206,18 @@ paths: required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}/executions/{executionsId}/{executionsId1}:exportStatus: + /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}:testIamPermissions: parameters: *ref_1 - get: - description: Read the status of an image export operation. - operationId: run.projects.locations.jobs.executions.exportStatus + post: + description: >- + Returns permissions that a caller has on the specified Project. There + are no permissions required for making this API call. + operationId: run.projects.locations.jobs.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6951,7 +7229,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2ExportStatusResponse' + $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -6968,21 +7246,18 @@ paths: required: true schema: type: string - - in: path - name: executionsId - required: true - schema: - type: string - - in: path - name: executionsId1 - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}/executions/{executionsId}: + /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}:setIamPolicy: parameters: *ref_1 - get: - description: Gets information about an Execution. - operationId: run.projects.locations.jobs.executions.get + post: + description: >- + Sets the IAM Access control policy for the specified Job. Overwrites any + existing policy. + operationId: run.projects.locations.jobs.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6994,7 +7269,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2Execution' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -7011,14 +7286,11 @@ paths: required: true schema: type: string - - in: path - name: executionsId - required: true - schema: - type: string - delete: - description: Deletes an Execution. - operationId: run.projects.locations.jobs.executions.delete + /v2/projects/{projectsId}/locations/{locationsId}/jobs: + parameters: *ref_1 + get: + description: Lists Jobs. Results are sorted by creation time, descending. + operationId: run.projects.locations.jobs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7030,7 +7302,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudRunV2ListJobsResponse' parameters: - in: path name: projectsId @@ -7042,31 +7314,27 @@ paths: required: true schema: type: string - - in: path - name: jobsId - required: true - schema: - type: string - - in: path - name: executionsId - required: true - schema: - type: string - in: query - name: validateOnly + name: showDeleted schema: type: boolean - in: query - name: etag + name: pageToken schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}/executions: - parameters: *ref_1 - get: - description: >- - Lists Executions from a Job. Results are sorted by creation time, - descending. - operationId: run.projects.locations.jobs.executions.list + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a Job. + operationId: run.projects.locations.jobs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudRunV2Job' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7078,7 +7346,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2ListExecutionsResponse' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -7090,34 +7358,24 @@ paths: required: true schema: type: string - - in: path - name: jobsId - required: true - schema: - type: string - in: query - name: pageSize + name: validateOnly schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: jobId schema: type: string - - in: query - name: showDeleted - schema: - type: boolean - /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}/executions/{executionsId}:cancel: + /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}:run: parameters: *ref_1 post: - description: Cancels an Execution. - operationId: run.projects.locations.jobs.executions.cancel + description: Triggers creation of a new Execution of this Job. + operationId: run.projects.locations.jobs.run requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2CancelExecutionRequest' + $ref: '#/components/schemas/GoogleCloudRunV2RunJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7146,16 +7404,13 @@ paths: required: true schema: type: string - - in: path - name: executionsId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}/executions/{executionsId}/tasks/{tasksId}: + /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}:getIamPolicy: parameters: *ref_1 get: - description: Gets information about a Task. - operationId: run.projects.locations.jobs.executions.tasks.get + description: >- + Gets the IAM Access Control policy currently in effect for the given + Job. This result does not include any inherited policies. + operationId: run.projects.locations.jobs.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7167,7 +7422,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2Task' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -7184,21 +7439,16 @@ paths: required: true schema: type: string - - in: path - name: executionsId - required: true - schema: - type: string - - in: path - name: tasksId - required: true + - in: query + name: options.requestedPolicyVersion schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}/executions/{executionsId}/tasks: + type: integer + format: int32 + /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}/executions/{executionsId}/{executionsId1}:exportStatus: parameters: *ref_1 get: - description: Lists Tasks from an Execution of a Job. - operationId: run.projects.locations.jobs.executions.tasks.list + description: Read the status of an image export operation. + operationId: run.projects.locations.jobs.executions.exportStatus security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7210,7 +7460,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2ListTasksResponse' + $ref: '#/components/schemas/GoogleCloudRunV2ExportStatusResponse' parameters: - in: path name: projectsId @@ -7232,29 +7482,21 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: executionsId1 + required: true schema: type: string - - in: query - name: showDeleted - schema: - type: boolean - /v2/projects/{projectsId}/locations/{locationsId}/services: + /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}/executions/{executionsId}:cancel: parameters: *ref_1 post: - description: Creates a new Service in a given project and location. - operationId: run.projects.locations.services.create + description: Cancels an Execution. + operationId: run.projects.locations.jobs.executions.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2Service' + $ref: '#/components/schemas/GoogleCloudRunV2CancelExecutionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7278,58 +7520,21 @@ paths: required: true schema: type: string - - in: query - name: serviceId - schema: - type: string - - in: query - name: validateOnly - schema: - type: boolean - get: - description: Lists Services. Results are sorted by creation time, descending. - operationId: run.projects.locations.services.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRunV2ListServicesResponse' - parameters: - in: path - name: projectsId + name: jobsId required: true schema: type: string - in: path - name: locationsId + name: executionsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: showDeleted - schema: - type: boolean - /v2/projects/{projectsId}/locations/{locationsId}/services/{servicesId}: + /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}/executions/{executionsId}: parameters: *ref_1 get: - description: Gets information about a Service. - operationId: run.projects.locations.services.get + description: Gets information about an Execution. + operationId: run.projects.locations.jobs.executions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7341,7 +7546,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2Service' + $ref: '#/components/schemas/GoogleCloudRunV2Execution' parameters: - in: path name: projectsId @@ -7354,18 +7559,18 @@ paths: schema: type: string - in: path - name: servicesId + name: jobsId required: true schema: type: string - patch: - description: Updates a Service. - operationId: run.projects.locations.services.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRunV2Service' + - in: path + name: executionsId + required: true + schema: + type: string + delete: + description: Deletes an Execution. + operationId: run.projects.locations.jobs.executions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7390,28 +7595,30 @@ paths: schema: type: string - in: path - name: servicesId + name: jobsId required: true schema: type: string - - in: query - name: updateMask + - in: path + name: executionsId + required: true schema: type: string - format: google-fieldmask - in: query name: validateOnly schema: type: boolean - in: query - name: allowMissing + name: etag schema: - type: boolean - delete: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}/executions: + parameters: *ref_1 + get: description: >- - Deletes a Service. This will cause the Service to stop serving traffic - and will delete all revisions. - operationId: run.projects.locations.services.delete + Lists Executions from a Job. Results are sorted by creation time, + descending. + operationId: run.projects.locations.jobs.executions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7423,7 +7630,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' + $ref: '#/components/schemas/GoogleCloudRunV2ListExecutionsResponse' parameters: - in: path name: projectsId @@ -7436,25 +7643,28 @@ paths: schema: type: string - in: path - name: servicesId + name: jobsId required: true schema: type: string - in: query - name: validateOnly + name: showDeleted schema: type: boolean - in: query - name: etag + name: pageToken schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/services/{servicesId}:getIamPolicy: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}/executions/{executionsId}/tasks/{tasksId}: parameters: *ref_1 get: - description: >- - Gets the IAM Access Control policy currently in effect for the given - Cloud Run Service. This result does not include any inherited policies. - operationId: run.projects.locations.services.getIamPolicy + description: Gets information about a Task. + operationId: run.projects.locations.jobs.executions.tasks.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7466,7 +7676,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleCloudRunV2Task' parameters: - in: path name: projectsId @@ -7479,27 +7689,25 @@ paths: schema: type: string - in: path - name: servicesId + name: jobsId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion + - in: path + name: executionsId + required: true schema: - type: integer - format: int32 - /v2/projects/{projectsId}/locations/{locationsId}/services/{servicesId}:setIamPolicy: + type: string + - in: path + name: tasksId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/jobs/{jobsId}/executions/{executionsId}/tasks: parameters: *ref_1 - post: - description: >- - Sets the IAM Access control policy for the specified Service. Overwrites - any existing policy. - operationId: run.projects.locations.services.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleIamV1SetIamPolicyRequest' + get: + description: Lists Tasks from an Execution of a Job. + operationId: run.projects.locations.jobs.executions.tasks.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7511,7 +7719,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleCloudRunV2ListTasksResponse' parameters: - in: path name: projectsId @@ -7524,22 +7732,38 @@ paths: schema: type: string - in: path - name: servicesId + name: jobsId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/services/{servicesId}:testIamPermissions: + - in: path + name: executionsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: showDeleted + schema: + type: boolean + /v2/projects/{projectsId}/locations/{locationsId}/builds:submit: parameters: *ref_1 post: - description: >- - Returns permissions that a caller has on the specified Project. There - are no permissions required for making this API call. - operationId: run.projects.locations.services.testIamPermissions + description: Submits a build in a given project. + operationId: run.projects.locations.builds.submit requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsRequest' + $ref: '#/components/schemas/GoogleCloudRunV2SubmitBuildRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7551,7 +7775,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1TestIamPermissionsResponse' + $ref: '#/components/schemas/GoogleCloudRunV2SubmitBuildResponse' parameters: - in: path name: projectsId @@ -7563,11 +7787,6 @@ paths: required: true schema: type: string - - in: path - name: servicesId - required: true - schema: - type: string /v2/projects/{projectsId}/locations/{locationsId}/services/{servicesId}/revisions/{revisionsId}/{revisionsId1}:exportStatus: parameters: *ref_1 get: @@ -7728,63 +7947,24 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - in: query name: showDeleted schema: type: boolean - /v2/projects/{projectsId}/locations/{locationsId}/workerPools: + /v2/projects/{projectsId}/locations/{locationsId}/services: parameters: *ref_1 - post: - description: Creates a new WorkerPool in a given project and location. - operationId: run.projects.locations.workerPools.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRunV2WorkerPool' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: workerPoolId - schema: - type: string - - in: query - name: validateOnly - schema: - type: boolean get: - description: Lists WorkerPools. Results are sorted by creation time, descending. - operationId: run.projects.locations.workerPools.list + description: Lists Services. Results are sorted by creation time, descending. + operationId: run.projects.locations.services.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7796,7 +7976,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2ListWorkerPoolsResponse' + $ref: '#/components/schemas/GoogleCloudRunV2ListServicesResponse' parameters: - in: path name: projectsId @@ -7821,11 +8001,14 @@ paths: name: showDeleted schema: type: boolean - /v2/projects/{projectsId}/locations/{locationsId}/workerPools/{workerPoolsId}: - parameters: *ref_1 - get: - description: Gets information about a WorkerPool. - operationId: run.projects.locations.workerPools.get + post: + description: Creates a new Service in a given project and location. + operationId: run.projects.locations.services.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudRunV2Service' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7837,7 +8020,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2WorkerPool' + $ref: '#/components/schemas/GoogleLongrunningOperation' parameters: - in: path name: projectsId @@ -7849,19 +8032,24 @@ paths: required: true schema: type: string - - in: path - name: workerPoolsId - required: true + - in: query + name: serviceId schema: type: string + - in: query + name: validateOnly + schema: + type: boolean + /v2/projects/{projectsId}/locations/{locationsId}/services/{servicesId}: + parameters: *ref_1 patch: - description: Updates a WorkerPool. - operationId: run.projects.locations.workerPools.patch + description: Updates a Service. + operationId: run.projects.locations.services.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2WorkerPool' + $ref: '#/components/schemas/GoogleCloudRunV2Service' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7886,7 +8074,7 @@ paths: schema: type: string - in: path - name: workerPoolsId + name: servicesId required: true schema: type: string @@ -7895,21 +8083,19 @@ paths: schema: type: string format: google-fieldmask - - in: query - name: validateOnly - schema: - type: boolean - in: query name: allowMissing schema: type: boolean - in: query - name: forceNewRevision + name: validateOnly schema: type: boolean delete: - description: Deletes a WorkerPool. - operationId: run.projects.locations.workerPools.delete + description: >- + Deletes a Service. This will cause the Service to stop serving traffic + and will delete all revisions. + operationId: run.projects.locations.services.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7934,26 +8120,21 @@ paths: schema: type: string - in: path - name: workerPoolsId + name: servicesId required: true schema: type: string - - in: query - name: validateOnly - schema: - type: boolean - in: query name: etag schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/workerPools/{workerPoolsId}:getIamPolicy: - parameters: *ref_1 + - in: query + name: validateOnly + schema: + type: boolean get: - description: >- - Gets the IAM Access Control policy currently in effect for the given - Cloud Run WorkerPool. This result does not include any inherited - policies. - operationId: run.projects.locations.workerPools.getIamPolicy + description: Gets information about a Service. + operationId: run.projects.locations.services.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7965,7 +8146,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleIamV1Policy' + $ref: '#/components/schemas/GoogleCloudRunV2Service' parameters: - in: path name: projectsId @@ -7978,22 +8159,17 @@ paths: schema: type: string - in: path - name: workerPoolsId + name: servicesId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v2/projects/{projectsId}/locations/{locationsId}/workerPools/{workerPoolsId}:setIamPolicy: + /v2/projects/{projectsId}/locations/{locationsId}/services/{servicesId}:setIamPolicy: parameters: *ref_1 post: description: >- - Sets the IAM Access control policy for the specified WorkerPool. - Overwrites any existing policy. - operationId: run.projects.locations.workerPools.setIamPolicy + Sets the IAM Access control policy for the specified Service. Overwrites + any existing policy. + operationId: run.projects.locations.services.setIamPolicy requestBody: content: application/json: @@ -8023,17 +8199,17 @@ paths: schema: type: string - in: path - name: workerPoolsId + name: servicesId required: true schema: type: string - /v2/projects/{projectsId}/locations/{locationsId}/workerPools/{workerPoolsId}:testIamPermissions: + /v2/projects/{projectsId}/locations/{locationsId}/services/{servicesId}:testIamPermissions: parameters: *ref_1 post: description: >- Returns permissions that a caller has on the specified Project. There are no permissions required for making this API call. - operationId: run.projects.locations.workerPools.testIamPermissions + operationId: run.projects.locations.services.testIamPermissions requestBody: content: application/json: @@ -8063,99 +8239,17 @@ paths: schema: type: string - in: path - name: workerPoolsId - required: true - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/workerPools/{workerPoolsId}/revisions/{revisionsId}: - parameters: *ref_1 - get: - description: Gets information about a Revision. - operationId: run.projects.locations.workerPools.revisions.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudRunV2Revision' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: workerPoolsId - required: true - schema: - type: string - - in: path - name: revisionsId - required: true - schema: - type: string - delete: - description: Deletes a Revision. - operationId: run.projects.locations.workerPools.revisions.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningOperation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: workerPoolsId - required: true - schema: - type: string - - in: path - name: revisionsId + name: servicesId required: true schema: type: string - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: etag - schema: - type: string - /v2/projects/{projectsId}/locations/{locationsId}/workerPools/{workerPoolsId}/revisions: + /v2/projects/{projectsId}/locations/{locationsId}/services/{servicesId}:getIamPolicy: parameters: *ref_1 get: description: >- - Lists Revisions from a given Service, or from a given location. Results - are sorted by creation time, descending. - operationId: run.projects.locations.workerPools.revisions.list + Gets the IAM Access Control policy currently in effect for the given + Cloud Run Service. This result does not include any inherited policies. + operationId: run.projects.locations.services.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8167,7 +8261,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudRunV2ListRevisionsResponse' + $ref: '#/components/schemas/GoogleIamV1Policy' parameters: - in: path name: projectsId @@ -8180,20 +8274,12 @@ paths: schema: type: string - in: path - name: workerPoolsId + name: servicesId required: true schema: type: string - in: query - name: pageSize + name: options.requestedPolicyVersion schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: showDeleted - schema: - type: boolean diff --git a/providers/src/googleapis.com/v00.00.00000/services/runtimeconfig.yaml b/providers/src/googleapis.com/v00.00.00000/services/runtimeconfig.yaml index 4b49ccfd..5221110a 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/runtimeconfig.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/runtimeconfig.yaml @@ -11,8 +11,8 @@ info: Watchers and Waiters that will watch for changes to your data and return based on certain conditions. version: v1 - x-discovery-doc-revision: '20250805' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251201' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/deployment-manager/runtime-configurator/ servers: @@ -39,58 +39,95 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: + Status: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + type: object + id: Status + properties: + code: + type: integer + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + details: + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + Empty: + properties: {} + type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: Empty ListOperationsResponse: - id: ListOperationsResponse description: The response message for Operations.ListOperations. type: object + id: ListOperationsResponse properties: + nextPageToken: + description: The standard List next-page token. + type: string operations: description: >- A list of operations that matches the specified filter in the request. - type: array items: $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + type: array + unreachable: + type: array + items: + type: string + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + CancelOperationRequest: + id: CancelOperationRequest type: object + description: The request message for Operations.CancelOperation. + properties: {} + Operation: properties: name: + type: string description: >- The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean error: + $ref: '#/components/schemas/Status' description: >- The error result of the operation in case of failure or cancellation. - $ref: '#/components/schemas/Status' response: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object description: >- The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is @@ -100,61 +137,33 @@ components: where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. - type: object + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + metadata: + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. additionalProperties: - type: any description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + type: any + type: object type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} + This resource represents a long-running operation that is the result of + a network API call. + id: Operation parameters: - access_token: - description: OAuth access token. + callback: + description: JSONP in: query - name: access_token + name: callback schema: type: string alt: @@ -167,10 +176,10 @@ components: - json - media - proto - callback: - description: JSONP + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: callback + name: uploadType schema: type: string fields: @@ -179,6 +188,15 @@ components: name: fields schema: type: string + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string key: description: >- API key. Your API key identifies your project and provides you with API @@ -194,31 +212,10 @@ components: name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + access_token: + description: OAuth access token. in: query - name: uploadType + name: access_token schema: type: string _.xgafv: @@ -230,31 +227,43 @@ components: enum: - '1' - '2' + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string x-stackQL-resources: operations: id: google.runtimeconfig.operations name: operations title: Operations methods: - list: + cancel: operation: - $ref: '#/paths/~1v1~1operations/get' + $ref: '#/paths/~1v1~1operations~1{operationsId}:cancel/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations delete: operation: $ref: '#/paths/~1v1~1operations~1{operationsId}/delete' response: mediaType: application/json openAPIDocKey: '200' - cancel: + list: operation: - $ref: '#/paths/~1v1~1operations~1{operationsId}:cancel/post' + $ref: '#/paths/~1v1~1operations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.operations sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/operations/methods/list' @@ -264,24 +273,36 @@ components: delete: - $ref: '#/components/x-stackQL-resources/operations/methods/delete' paths: - /v1/operations: + /v1/operations/{operationsId}:cancel: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: runtimeconfig.operations.list + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: runtimeconfig.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -297,19 +318,11 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Empty' parameters: - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string /v1/operations/{operationsId}: @@ -343,25 +356,13 @@ paths: required: true schema: type: string - /v1/operations/{operationsId}:cancel: + /v1/operations: parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: runtimeconfig.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: runtimeconfig.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -377,10 +378,22 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - - in: path - name: operationsId - required: true + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/saasservicemgmt.yaml b/providers/src/googleapis.com/v00.00.00000/services/saasservicemgmt.yaml index 97033a02..99b1c20c 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/saasservicemgmt.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/saasservicemgmt.yaml @@ -7,8 +7,8 @@ info: title: SaaS Runtime API description: 'Model, deploy, and operate your SaaS at scale. ' version: v1beta1 - x-discovery-doc-revision: '20250806' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251105' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/saas-runtime/docs servers: @@ -34,179 +34,124 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListSaasResponse: - id: ListSaasResponse - description: The response structure for the ListSaas method. + RolloutStats: + id: RolloutStats type: object properties: - saas: - description: The resulting saas. - type: array - items: - $ref: '#/components/schemas/Saas' - nextPageToken: + operationsByState: description: >- - If present, the next page token can be provided to a subsequent - ListSaas call to list the next page. If empty, there are no more - pages. - type: string - unreachable: - description: Locations that could not be reached. + Output only. A breakdown of the progress of operations triggered by + the rollout. Provides a count of Operations by their state. This can + be used to determine the number of units which have been updated, or + are scheduled to be updated. There will be at most one entry per + group. Possible values for operation groups are: - "SCHEDULED" - + "PENDING" - "RUNNING" - "SUCCEEDED" - "FAILED" - "CANCELLED" type: array items: - type: string - Saas: - id: Saas - description: Saas is a representation of a SaaS service managed by the Producer. - type: object + $ref: '#/components/schemas/Aggregate' + readOnly: true + description: RolloutStats contains information about the progress of a rollout. + Schedule: properties: - name: + startTime: description: >- - Identifier. The resource name (full URI of the resource) following - the standard naming scheme: - "projects/{project}/locations/{location}/saas/{saas}" + Optional. Start of operation. If not set, will be set to the start + of the next window. (optional) + format: google-datetime type: string - locations: - description: >- - Optional. List of locations that the service is available in. - Rollout refers to the list to generate a rollout plan. - type: array - items: - $ref: '#/components/schemas/Location' - labels: - description: >- - Optional. The labels on the resource, which can be used for - categorization. similar to Kubernetes resource labels. - type: object - additionalProperties: - type: string - annotations: - description: >- - Optional. Annotations is an unstructured key-value map stored with a - resource that may be set by external tools to store and retrieve - arbitrary metadata. They are not queryable and should be preserved - when modifying objects. More info: - https://kubernetes.io/docs/user-guide/annotations - type: object - additionalProperties: - type: string - uid: + description: A time specification to schedule the maintenance. + type: object + id: Schedule + Unit: + type: object + properties: + state: + enumDescriptions: + - Unspecified state. + - Unit is not provisioned. + - Unit is being provisioned. + - >- + Unit is being updated. This is typically when a unit is being + upgraded to a new release or some of the input variables on the + Unit is being changed. Certain kinds of updates may cause the Unit + to become unusable while the update is in progress. + - Unit is being deleted. + - Unit has been provisioned and is ready for use + - Unit has error, when it is not ready and some error operation + enum: + - UNIT_STATE_UNSPECIFIED + - UNIT_STATE_NOT_PROVISIONED + - UNIT_STATE_PROVISIONING + - UNIT_STATE_UPDATING + - UNIT_STATE_DEPROVISIONING + - UNIT_STATE_READY + - UNIT_STATE_ERROR description: >- - Output only. The unique identifier of the resource. UID is unique in - the time and space for this resource within the scope of the - service. It is typically generated by the server on successful - creation of a resource and must not be changed. UID is used to - uniquely identify resources with resource name reuses. This should - be a UUID4. - readOnly: true + Optional. Output only. Current lifecycle state of the resource (e.g. + if it's being created or ready to use). type: string - etag: - description: >- - Output only. An opaque value that uniquely identifies a version or - generation of a resource. It can be used to confirm that the client - and server agree on the ordering of a resource being written. readOnly: true + systemCleanupAt: type: string - createTime: - description: Output only. The timestamp when the resource was created. readOnly: true - type: string + description: >- + Optional. Output only. If set, indicates the time when the system + will start removing the unit. format: google-datetime updateTime: + type: string + format: google-datetime description: >- Output only. The timestamp when the resource was last updated. Any change to the resource made by users must refresh this value. Changes to a resource made by the service should refresh this value. readOnly: true - type: string - format: google-datetime - Location: - id: Location - description: Location information that the service is available in. - type: object - properties: - name: - description: Optional. Name of location. - type: string - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - ListTenantsResponse: - id: ListTenantsResponse - description: The response structure for the ListTenants method. - type: object - properties: - tenants: - description: The resulting tenants. - type: array - items: - $ref: '#/components/schemas/Tenant' - nextPageToken: + systemManagedState: description: >- - If present, the next page token can be provided to a subsequent - ListTenants call to list the next page. If empty, there are no more - pages. + Optional. Output only. Indicates the system managed state of the + unit. + enumDescriptions: + - '' + - Unit has dependents attached. + - Unit has no dependencies attached, but attachment is allowed. + - Unit has no dependencies attached, and attachment is not allowed. type: string - unreachable: - description: Locations that could not be reached. + readOnly: true + enum: + - SYSTEM_MANAGED_STATE_UNSPECIFIED + - SYSTEM_MANAGED_STATE_ACTIVE + - SYSTEM_MANAGED_STATE_INACTIVE + - SYSTEM_MANAGED_STATE_DECOMMISSIONED + ongoingOperations: type: array items: type: string - Tenant: - id: Tenant - description: >- - Tenant represents the service producer side of an instance of the - service created based on a request from a consumer. In a typical - scenario a Tenant has a one-to-one mapping with a resource given out to - a service consumer. Example: tenant: name: - "projects/svc1/locations/loc/tenants/inst-068afff8" consumer_resource: - "projects/gshoe/locations/loc/shoes/black-shoe" - type: object - properties: - name: - description: >- - Identifier. The resource name (full URI of the resource) following - the standard naming scheme: - "projects/{project}/locations/{location}/tenants/{tenant}" - type: string - consumerResource: - description: >- - Optional. Immutable. A reference to the consumer resource this SaaS - Tenant is representing. The relationship with a consumer resource - can be used by SaaS Runtime for retrieving consumer-defined settings - and policies such as maintenance policies (using Unified Maintenance - Policy API). - type: string - saas: description: >- - Required. Immutable. A reference to the Saas that defines the - product (managed service) that the producer wants to manage with - SaaS Runtime. Part of the SaaS Runtime common data model. - type: string - labels: + Optional. Output only. List of concurrent UnitOperations that are + operating on this Unit. + readOnly: true + conditions: description: >- - Optional. The labels on the resource, which can be used for - categorization. similar to Kubernetes resource labels. - type: object - additionalProperties: - type: string - annotations: + Optional. Output only. A set of conditions which indicate the + various conditions this resource can have. + readOnly: true + type: array + items: + $ref: '#/components/schemas/UnitCondition' + outputVariables: + readOnly: true + items: + $ref: '#/components/schemas/UnitVariable' + type: array description: >- - Optional. Annotations is an unstructured key-value map stored with a - resource that may be set by external tools to store and retrieve - arbitrary metadata. They are not queryable and should be preserved - when modifying objects. More info: - https://kubernetes.io/docs/user-guide/annotations - type: object - additionalProperties: - type: string + Optional. Output only. Set of key/value pairs corresponding to + output variables from execution of actuation templates. The + variables are declared in actuation configs (e.g in helm chart or + terraform) and the values are fetched and returned by the actuation + engine upon completion of execution. uid: + type: string + readOnly: true description: >- Output only. The unique identifier of the resource. UID is unique in the time and space for this resource within the scope of the @@ -214,412 +159,594 @@ components: creation of a resource and must not be changed. UID is used to uniquely identify resources with resource name reuses. This should be a UUID4. - readOnly: true - type: string - etag: + labels: + type: object description: >- - Output only. An opaque value that uniquely identifies a version or - generation of a resource. It can be used to confirm that the client - and server agree on the ordering of a resource being written. - readOnly: true - type: string - createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true + Optional. The labels on the resource, which can be used for + categorization. similar to Kubernetes resource labels. + additionalProperties: + type: string + tenant: type: string - format: google-datetime - updateTime: description: >- - Output only. The timestamp when the resource was last updated. Any - change to the resource made by users must refresh this value. - Changes to a resource made by the service should refresh this value. + Optional. Reference to the Saas Tenant resource this unit belongs + to. This for example informs the maintenance policies to use for + scheduling future updates on a unit. (optional and immutable once + created) + dependencies: readOnly: true - type: string - format: google-datetime - ListUnitKindsResponse: - id: ListUnitKindsResponse - description: The response structure for the ListUnitKinds method. - type: object - properties: - unitKinds: - description: The resulting unit kinds. - type: array - items: - $ref: '#/components/schemas/UnitKind' - nextPageToken: description: >- - If present, the next page token can be provided to a subsequent - ListUnitKinds call to list the next page. If empty, there are no - more pages. - type: string - unreachable: - description: Locations that could not be reached. - type: array + Optional. Output only. Set of dependencies for this unit. Maximum + 10. items: - type: string - UnitKind: - id: UnitKind - description: >- - Definition of a Unit. Units belonging to the same UnitKind are managed - together; for example they follow the same release model (blueprints, - versions etc.) and are typically rolled out together. - type: object - properties: + $ref: '#/components/schemas/UnitDependency' + type: array + managementMode: + type: string + description: >- + Optional. Immutable. Indicates whether the Unit life cycle is + controlled by the user or by the system. Immutable once created. + enum: + - MANAGEMENT_MODE_UNSPECIFIED + - MANAGEMENT_MODE_USER + - MANAGEMENT_MODE_SYSTEM + enumDescriptions: + - '' + - Unit's lifecycle is managed by the user. + - >- + The system will decide when to deprovision and delete the unit. + User still can deprovision or delete the unit manually. name: + type: string description: >- Identifier. The resource name (full URI of the resource) following the standard naming scheme: - "projects/{project}/locations/{location}/unitKinds/{unitKind}" - type: string - defaultRelease: + "projects/{project}/locations/{location}/units/{unit}" + unitKind: description: >- - Optional. A reference to the Release object to use as default for - creating new units of this UnitKind (optional). If not specified, a - new unit must explicitly reference which release to use for its - creation. + Optional. Reference to the UnitKind this Unit belongs to. Immutable + once set. type: string - dependencies: - description: >- - Optional. Immutable. List of other unit kinds that this release will - depend on. Dependencies will be automatically provisioned if not - found. Maximum 10. - type: array + scheduledOperations: items: - $ref: '#/components/schemas/Dependency' - inputVariableMappings: + type: string + readOnly: true + type: array description: >- - Optional. List of inputVariables for this release that will either - be retrieved from a dependency’s outputVariables, or will be passed - on to a dependency’s inputVariables. Maximum 100. + Optional. Output only. List of scheduled UnitOperations for this + unit. + inputVariables: + description: >- + Optional. Output only. Indicates the current input variables + deployed by the unit type: array + readOnly: true items: - $ref: '#/components/schemas/VariableMapping' - outputVariableMappings: - description: >- - Optional. List of outputVariables for this unit kind will be passed - to this unit's outputVariables. Maximum 100. + $ref: '#/components/schemas/UnitVariable' + dependents: type: array + description: >- + Optional. Output only. List of Units that depend on this unit. Unit + can only be deprovisioned if this list is empty. Maximum 1000. + readOnly: true items: - $ref: '#/components/schemas/VariableMapping' - saas: + $ref: '#/components/schemas/UnitDependency' + pendingOperations: description: >- - Required. Immutable. A reference to the Saas that defines the - product (managed service) that the producer wants to manage with - SaaS Runtime. Part of the SaaS Runtime common data model. Immutable - once set. + Optional. Output only. List of pending (wait to be executed) + UnitOperations for this unit. + items: + type: string + readOnly: true + type: array + release: + type: string + readOnly: true + description: Optional. Output only. The current Release object for this Unit. + etag: type: string - labels: description: >- - Optional. The labels on the resource, which can be used for - categorization. similar to Kubernetes resource labels. - type: object + Output only. An opaque value that uniquely identifies a version or + generation of a resource. It can be used to confirm that the client + and server agree on the ordering of a resource being written. + readOnly: true + annotations: additionalProperties: type: string - annotations: + type: object description: >- Optional. Annotations is an unstructured key-value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations - type: object - additionalProperties: - type: string - uid: - description: >- - Output only. The unique identifier of the resource. UID is unique in - the time and space for this resource within the scope of the - service. It is typically generated by the server on successful - creation of a resource and must not be changed. UID is used to - uniquely identify resources with resource name reuses. This should - be a UUID4. - readOnly: true - type: string - etag: + maintenance: description: >- - Output only. An opaque value that uniquely identifies a version or - generation of a resource. It can be used to confirm that the client - and server agree on the ordering of a resource being written. - readOnly: true - type: string + Optional. Captures requested directives for performing future + maintenance on the unit. This includes a request for the unit to + skip maintenance for a period of time and remain pinned to its + current release as well as controls for postponing maintenance + scheduled in future. + $ref: '#/components/schemas/MaintenanceSettings' createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true type: string format: google-datetime - updateTime: - description: >- - Output only. The timestamp when the resource was last updated. Any - change to the resource made by users must refresh this value. - Changes to a resource made by the service should refresh this value. + description: Output only. The timestamp when the resource was created. readOnly: true - type: string - format: google-datetime - Dependency: - id: Dependency + id: Unit description: >- - Dependency represent a single dependency with another unit kind by - alias. - type: object - properties: - unitKind: - description: Required. Immutable. The unit kind of the dependency. - type: string - alias: - description: >- - Required. An alias for the dependency. Used for input variable - mapping. - type: string - VariableMapping: - id: VariableMapping + A unit of deployment that has its lifecycle via a CRUD API using an + actuation engine under the hood (e.g. based on Terraform, Helm or a + custom implementation provided by a service producer). A building block + of a SaaS Tenant. + Aggregate: description: >- - Mapping of input variables to their respective output variable for - depedenencies - type: object + Represents the aggregation of a set of population of like records by a + certain group. For example, a collection of unit counts can be + aggregated and grouped by their state. properties: - from: - description: >- - Optional. Output variables which will get their values from - dependencies - $ref: '#/components/schemas/FromMapping' - to: - description: >- - Optional. Input variables whose values will be passed on to - dependencies. - $ref: '#/components/schemas/ToMapping' - variable: - description: Required. name of the variable + count: + description: Required. Number of records in the group. + type: integer + format: int32 + group: type: string - FromMapping: - id: FromMapping - description: Output variables whose values will be passed on to dependencies + description: Required. Group by which to aggregate. + id: Aggregate + type: object + ListRolloutsResponse: type: object + description: The response structure for the ListRollouts method. properties: - dependency: + rollouts: + type: array + description: The resulting rollouts. + items: + $ref: '#/components/schemas/Rollout' + unreachable: + description: Locations that could not be reached. + items: + type: string + type: array + nextPageToken: description: >- - Required. Alias of the dependency that the outputVariable will pass - its value to - type: string - outputVariable: - description: Required. Name of the outputVariable on the dependency + If present, the next page token can be provided to a subsequent + ListRollouts call to list the next page. If empty, there are no more + pages. type: string - ToMapping: - id: ToMapping - description: Input variables whose values will be passed on to dependencies + id: ListRolloutsResponse + ReleaseRequirements: + id: ReleaseRequirements + description: Set of requirements to be fulfilled on the Unit when using this Release. type: object properties: - dependency: - description: >- - Required. Alias of the dependency that the inputVariable will pass - its value to - type: string - inputVariable: - description: Required. Name of the inputVariable on the dependency - type: string - ignoreForLookup: + upgradeableFromReleases: + type: array description: >- - Optional. Tells SaaS Runtime if this mapping should be used during - lookup or not - type: boolean - ListUnitsResponse: - id: ListUnitsResponse - description: The response structure for the ListUnits method. + Optional. A list of releases from which a unit can be upgraded to + this one (optional). If left empty no constraints will be applied. + When provided, unit upgrade requests to this release will check and + enforce this constraint. + items: + type: string + Blueprint: type: object + id: Blueprint + description: >- + Blueprints are OCI Images that contain all of the artifacts needed to + provision a unit. Metadata such as, type of the engine used to actuate + the blueprint (e.g. terraform, helm etc) and version will come from the + image manifest. If the hostname is omitted, it will be assumed to be the + regional path to Artifact Registry (eg. us-east1-docker.pkg.dev). properties: - units: - description: The resulting units. - type: array - items: - $ref: '#/components/schemas/Unit' - nextPageToken: + version: + type: string + description: Output only. Version metadata if present on the blueprint. + readOnly: true + engine: description: >- - If present, the next page token can be provided to a subsequent - ListUnits call to list the next page. If empty, there are no more - pages. + Output only. Type of the engine used to actuate the blueprint. e.g. + terraform, helm etc. + readOnly: true type: string - unreachable: - description: Locations that could not be reached. + package: + description: >- + Optional. Immutable. URI to a blueprint used by the Unit (required + unless unitKind or release is set). + type: string + ListLocationsResponse: + description: The response message for Locations.ListLocations. + properties: + nextPageToken: + description: The standard List next-page token. + type: string + locations: type: array + description: >- + A list of locations that matches the specified filter in the + request. items: - type: string - Unit: - id: Unit + $ref: '#/components/schemas/GoogleCloudLocationLocation' + id: ListLocationsResponse + type: object + Provision: + type: object + properties: + inputVariables: + items: + $ref: '#/components/schemas/UnitVariable' + type: array + description: Optional. Set of input variables. Maximum 100. (optional) + release: + type: string + description: >- + Optional. Reference to the Release object to use for the Unit. + (optional). description: >- - A unit of deployment that has its lifecycle via a CRUD API using an - actuation engine under the hood (e.g. based on Terraform, Helm or a - custom implementation provided by a service producer). A building block - of a SaaS Tenant. + Provision is the unit operation that provision the underlying resources + represented by a Unit. Can only execute if the Unit is not currently + provisioned. + id: Provision + UnitVariable: type: object + id: UnitVariable properties: + variable: + description: Required. Immutable. Name of the variable from actuation configs. + type: string + value: + type: string + description: Optional. String encoded value for the variable. + type: + enum: + - TYPE_UNSPECIFIED + - STRING + - INT + - BOOL + type: string + description: >- + Optional. Immutable. Name of a supported variable type. Supported + types are string, int, bool. + enumDescriptions: + - Variable type is unspecified. + - Variable type is string. + - Variable type is int. + - Variable type is bool. + description: UnitVariable describes a parameter for a Unit. + Tenant: + properties: + saas: + description: >- + Required. Immutable. A reference to the Saas that defines the + product (managed service) that the producer wants to manage with + SaaS Runtime. Part of the SaaS Runtime common data model. + type: string + updateTime: + readOnly: true + description: >- + Output only. The timestamp when the resource was last updated. Any + change to the resource made by users must refresh this value. + Changes to a resource made by the service should refresh this value. + type: string + format: google-datetime name: description: >- Identifier. The resource name (full URI of the resource) following the standard naming scheme: - "projects/{project}/locations/{location}/units/{unit}" + "projects/{project}/locations/{location}/tenants/{tenant}" type: string - unitKind: + uid: description: >- - Optional. Reference to the UnitKind this Unit belongs to. Immutable - once set. + Output only. The unique identifier of the resource. UID is unique in + the time and space for this resource within the scope of the + service. It is typically generated by the server on successful + creation of a resource and must not be changed. UID is used to + uniquely identify resources with resource name reuses. This should + be a UUID4. type: string - release: - description: Optional. Output only. The current Release object for this Unit. readOnly: true - type: string - tenant: + annotations: + additionalProperties: + type: string + type: object description: >- - Optional. Reference to the Saas Tenant resource this unit belongs - to. This for example informs the maintenance policies to use for - scheduling future updates on a unit. (optional and immutable once - created) - type: string - ongoingOperations: + Optional. Annotations is an unstructured key-value map stored with a + resource that may be set by external tools to store and retrieve + arbitrary metadata. They are not queryable and should be preserved + when modifying objects. More info: + https://kubernetes.io/docs/user-guide/annotations + labels: description: >- - Optional. Output only. List of concurrent UnitOperations that are - operating on this Unit. - readOnly: true - type: array - items: + Optional. The labels on the resource, which can be used for + categorization. similar to Kubernetes resource labels. + type: object + additionalProperties: type: string - pendingOperations: + consumerResource: description: >- - Optional. Output only. List of pending (wait to be executed) - UnitOperations for this unit. + Optional. Immutable. A reference to the consumer resource this SaaS + Tenant is representing. The relationship with a consumer resource + can be used by SaaS Runtime for retrieving consumer-defined settings + and policies such as maintenance policies (using Unified Maintenance + Policy API). + type: string + createTime: + description: Output only. The timestamp when the resource was created. readOnly: true - type: array - items: - type: string - scheduledOperations: + type: string + format: google-datetime + etag: + type: string description: >- - Optional. Output only. List of scheduled UnitOperations for this - unit. + Output only. An opaque value that uniquely identifies a version or + generation of a resource. It can be used to confirm that the client + and server agree on the ordering of a resource being written. readOnly: true + id: Tenant + description: >- + Tenant represents the service producer side of an instance of the + service created based on a request from a consumer. In a typical + scenario a Tenant has a one-to-one mapping with a resource given out to + a service consumer. Example: tenant: name: + "projects/svc1/locations/loc/tenants/inst-068afff8" consumer_resource: + "projects/gshoe/locations/loc/shoes/black-shoe" + type: object + Upgrade: + properties: + release: + type: string + description: >- + Optional. Reference to the Release object to use for the Unit. + (optional). + inputVariables: type: array items: - type: string - dependents: + $ref: '#/components/schemas/UnitVariable' + description: Optional. Set of input variables. Maximum 100. (optional) + description: >- + Upgrade is the unit operation that upgrades a provisioned unit, which + may also include the underlying resources represented by a Unit. Can + only execute if the Unit is currently provisioned. + type: object + id: Upgrade + UnitOperation: + properties: + engineState: description: >- - Optional. Output only. List of Units that depend on this unit. Unit - can only be deprovisioned if this list is empty. Maximum 1000. + Optional. Output only. The engine state for on-going deployment + engine operation(s). This field is opaque for external usage. readOnly: true - type: array - items: - $ref: '#/components/schemas/UnitDependency' - dependencies: + type: string + state: description: >- - Optional. Output only. Set of dependencies for this unit. Maximum - 10. + Optional. Output only. UnitOperationState describes the current + state of the unit operation. + enumDescriptions: + - '' + - Unit operation is accepted but not ready to run. + - Unit operation is accepted and scheduled. + - Unit operation is running. + - Unit operation has completed successfully. + - Unit operation has failed. + - Unit operation was cancelled. + enum: + - UNIT_OPERATION_STATE_UNKNOWN + - UNIT_OPERATION_STATE_PENDING + - UNIT_OPERATION_STATE_SCHEDULED + - UNIT_OPERATION_STATE_RUNNING + - UNIT_OPERATION_STATE_SUCCEEDED + - UNIT_OPERATION_STATE_FAILED + - UNIT_OPERATION_STATE_CANCELLED + type: string readOnly: true - type: array - items: - $ref: '#/components/schemas/UnitDependency' - inputVariables: + errorCategory: description: >- - Optional. Output only. Indicates the current input variables - deployed by the unit + Optional. Output only. UnitOperationErrorCategory describe the error + category. + enum: + - UNIT_OPERATION_ERROR_CATEGORY_UNSPECIFIED + - NOT_APPLICABLE + - FATAL + - RETRIABLE + - IGNORABLE + - STANDARD + enumDescriptions: + - Unit operation error category is unspecified + - >- + Unit operation error category is not applicable, or it is not an + error + - Unit operation error category is fatal + - Unit operation error category is retriable + - Unit operation error category is ignorable + - >- + Unit operation error category is standard, counts towards Rollout + error budget readOnly: true - type: array - items: - $ref: '#/components/schemas/UnitVariable' - outputVariables: + type: string + unit: + description: Required. Immutable. The Unit a given UnitOperation will act upon. + type: string + labels: + additionalProperties: + type: string description: >- - Optional. Output only. Set of key/value pairs corresponding to - output variables from execution of actuation templates. The - variables are declared in actuation configs (e.g in helm chart or - terraform) and the values are fetched and returned by the actuation - engine upon completion of execution. + Optional. The labels on the resource, which can be used for + categorization. similar to Kubernetes resource labels. + type: object + deprovision: + $ref: '#/components/schemas/Deprovision' + parentUnitOperation: + description: >- + Optional. Reference to parent resource: UnitOperation. If an + operation needs to create other operations as part of its workflow, + each of the child operations should have this field set to the + parent. This can be used for tracing. (Optional) + type: string + schedule: + $ref: '#/components/schemas/Schedule' + description: Optional. When to schedule this operation. + annotations: + description: >- + Optional. Annotations is an unstructured key-value map stored with a + resource that may be set by external tools to store and retrieve + arbitrary metadata. They are not queryable and should be preserved + when modifying objects. More info: + https://kubernetes.io/docs/user-guide/annotations + type: object + additionalProperties: + type: string + createTime: + readOnly: true + type: string + format: google-datetime + description: Output only. The timestamp when the resource was created. + uid: readOnly: true - type: array - items: - $ref: '#/components/schemas/UnitVariable' - maintenance: description: >- - Optional. Captures requested directives for performing future - maintenance on the unit. This includes a request for the unit to - skip maintenance for a period of time and remain pinned to its - current release as well as controls for postponing maintenance - scheduled in future. - $ref: '#/components/schemas/MaintenanceSettings' - state: + Output only. The unique identifier of the resource. UID is unique in + the time and space for this resource within the scope of the + service. It is typically generated by the server on successful + creation of a resource and must not be changed. UID is used to + uniquely identify resources with resource name reuses. This should + be a UUID4. + type: string + updateTime: + readOnly: true description: >- - Optional. Output only. Current lifecycle state of the resource (e.g. - if it's being created or ready to use). + Output only. The timestamp when the resource was last updated. Any + change to the resource made by users must refresh this value. + Changes to a resource made by the service should refresh this value. + type: string + format: google-datetime + upgrade: + $ref: '#/components/schemas/Upgrade' + rollout: + type: string + description: >- + Optional. Specifies which rollout created this Unit Operation. This + cannot be modified and is used for filtering purposes only. If a + dependent unit and unit operation are created as part of another + unit operation, they will use the same rolloutId. + etag: readOnly: true type: string - enumDescriptions: - - Unspecified state. - - Unit is not provisioned. - - Unit is being provisioned. - - >- - Unit is being updated. This is typically when a unit is being - upgraded to a new release or some of the input variables on the - Unit is being changed. Certain kinds of updates may cause the Unit - to become unusable while the update is in progress. - - Unit is being deleted. - - Unit has been provisioned and is ready for use - - Unit has error, when it is not ready and some error operation - enum: - - UNIT_STATE_UNSPECIFIED - - UNIT_STATE_NOT_PROVISIONED - - UNIT_STATE_PROVISIONING - - UNIT_STATE_UPDATING - - UNIT_STATE_DEPROVISIONING - - UNIT_STATE_READY - - UNIT_STATE_ERROR + description: >- + Output only. An opaque value that uniquely identifies a version or + generation of a resource. It can be used to confirm that the client + and server agree on the ordering of a resource being written. + provision: + $ref: '#/components/schemas/Provision' + name: + description: >- + Identifier. The resource name (full URI of the resource) following + the standard naming scheme: + "projects/{project}/locations/{location}/unitOperations/{unitOperation}" + type: string conditions: description: >- Optional. Output only. A set of conditions which indicate the various conditions this resource can have. + items: + $ref: '#/components/schemas/UnitOperationCondition' readOnly: true type: array - items: - $ref: '#/components/schemas/UnitCondition' - managementMode: + cancel: + type: boolean description: >- - Optional. Immutable. Indicates whether the Unit life cycle is - controlled by the user or by the system. Immutable once created. + Optional. When true, attempt to cancel the operation. Cancellation + may fail if the operation is already executing. (Optional) + type: object + description: >- + UnitOperation encapsulates the intent of changing/interacting with the + service component represented by the specific Unit. Multiple + UnitOperations can be created (requested) and scheduled in the future, + however only one will be allowed to execute at a time (that can change + in the future for non-mutating operations). UnitOperations allow + different actors interacting with the same unit to focus only on the + change they have requested. This is a base object that contains the + common fields in all unit operations. Next: 19 + id: UnitOperation + MaintenanceSettings: + description: >- + Captures requested directives for performing future maintenance on the + unit. This includes a request for the unit to skip maintenance for a + period of time and remain pinned to its current release as well as + controls for postponing maintenance scheduled in future. + type: object + id: MaintenanceSettings + properties: + pinnedUntilTime: + description: >- + Optional. If present, it fixes the release on the unit until the + given time; i.e. changes to the release field will be rejected. + Rollouts should and will also respect this by not requesting an + upgrade in the first place. + format: google-datetime type: string + RolloutControl: + properties: + runParams: + description: >- + Optional. Parameters for the RUN action. It is an error to specify + this if the RolloutAction is not set to RUN. By default, the rollout + will retry failed operations when resumed. + $ref: '#/components/schemas/RunRolloutActionParams' + action: + description: >- + Required. Action to be performed on the Rollout. The default + behavior is to run the rollout until it naturally reaches a terminal + state. enumDescriptions: - - '' - - Unit's lifecycle is managed by the user. + - Unspecified action, will be treated as RUN by default. - >- - The system will decide when to deprovision and delete the unit. - User still can deprovision or delete the unit manually. + Run the Rollout until it naturally reaches a terminal state. A + rollout requested to run will progress through all natural Rollout + States (such as RUNNING -> SUCCEEDED or RUNNING -> FAILED). If + retriable errors are encountered during the rollout, the rollout + will paused by default and can be resumed by re-requesting this + RUN action. + - Pause the Rollout until it is resumed (i.e. RUN is requested). + - Cancel the Rollout permanently. enum: - - MANAGEMENT_MODE_UNSPECIFIED - - MANAGEMENT_MODE_USER - - MANAGEMENT_MODE_SYSTEM - systemManagedState: - description: >- - Optional. Output only. Indicates the system managed state of the - unit. - readOnly: true + - ROLLOUT_ACTION_UNSPECIFIED + - ROLLOUT_ACTION_RUN + - ROLLOUT_ACTION_PAUSE + - ROLLOUT_ACTION_CANCEL type: string - enumDescriptions: - - '' - - Unit has dependents attached. - - Unit has no dependencies attached, but attachment is allowed. - - Unit has no dependencies attached, and attachment is not allowed. - enum: - - SYSTEM_MANAGED_STATE_UNSPECIFIED - - SYSTEM_MANAGED_STATE_ACTIVE - - SYSTEM_MANAGED_STATE_INACTIVE - - SYSTEM_MANAGED_STATE_DECOMMISSIONED - systemCleanupAt: + id: RolloutControl + type: object + description: >- + RolloutControl provides a way to request a change to the execution of a + Rollout by pausing or canceling it. + RunRolloutActionParams: + description: >- + Parameters for the RUN action controlling the behavior of the rollout + when it is resumed from a PAUSED state. + id: RunRolloutActionParams + type: object + properties: + retryFailedOperations: description: >- - Optional. Output only. If set, indicates the time when the system - will start removing the unit. - readOnly: true + Required. If true, the rollout will retry failed operations when + resumed. This is applicable only the current state of the Rollout is + PAUSED and the requested action is RUN. + type: boolean + Saas: + type: object + description: Saas is a representation of a SaaS service managed by the Producer. + id: Saas + properties: + updateTime: type: string - format: google-datetime - labels: + readOnly: true description: >- - Optional. The labels on the resource, which can be used for - categorization. similar to Kubernetes resource labels. - type: object + Output only. The timestamp when the resource was last updated. Any + change to the resource made by users must refresh this value. + Changes to a resource made by the service should refresh this value. + format: google-datetime + annotations: additionalProperties: type: string - annotations: description: >- Optional. Annotations is an unstructured key-value map stored with a resource that may be set by external tools to store and retrieve @@ -627,9 +754,16 @@ components: when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations type: object + labels: + type: object + description: >- + Optional. The labels on the resource, which can be used for + categorization. similar to Kubernetes resource labels. additionalProperties: type: string uid: + readOnly: true + type: string description: >- Output only. The unique identifier of the resource. UID is unique in the time and space for this resource within the scope of the @@ -637,284 +771,217 @@ components: creation of a resource and must not be changed. UID is used to uniquely identify resources with resource name reuses. This should be a UUID4. - readOnly: true + name: + description: >- + Identifier. The resource name (full URI of the resource) following + the standard naming scheme: + "projects/{project}/locations/{location}/saas/{saas}" type: string etag: + readOnly: true + type: string description: >- Output only. An opaque value that uniquely identifies a version or generation of a resource. It can be used to confirm that the client and server agree on the ordering of a resource being written. - readOnly: true - type: string - createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true - type: string - format: google-datetime - updateTime: + locations: + items: + $ref: '#/components/schemas/Location' description: >- - Output only. The timestamp when the resource was last updated. Any - change to the resource made by users must refresh this value. - Changes to a resource made by the service should refresh this value. - readOnly: true - type: string + Optional. List of locations that the service is available in. + Rollout refers to the list to generate a rollout plan. + type: array + createTime: format: google-datetime - UnitDependency: - id: UnitDependency - description: Set of dependencies for this unit. Maximum 10. - type: object - properties: - alias: - description: Output only. Alias for the name of the dependency. - readOnly: true type: string - unit: - description: Output only. A reference to the Unit object. + description: Output only. The timestamp when the resource was created. readOnly: true - type: string - UnitVariable: - id: UnitVariable - description: UnitVariable describes a parameter for a Unit. - type: object - properties: - variable: - description: Required. Immutable. Name of the variable from actuation configs. - type: string - type: - description: >- - Optional. Immutable. Name of a supported variable type. Supported - types are string, int, bool. - type: string - enumDescriptions: - - Variable type is unspecified. - - Variable type is string. - - Variable type is int. - - Variable type is bool. - enum: - - TYPE_UNSPECIFIED - - STRING - - INT - - BOOL - value: - description: Optional. String encoded value for the variable. - type: string - MaintenanceSettings: - id: MaintenanceSettings + Empty: description: >- - Captures requested directives for performing future maintenance on the - unit. This includes a request for the unit to skip maintenance for a - period of time and remain pinned to its current release as well as - controls for postponing maintenance scheduled in future. + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: Empty + properties: {} type: object - properties: - pinnedUntilTime: - description: >- - Optional. If present, it fixes the release on the unit until the - given time; i.e. changes to the release field will be rejected. - Rollouts should and will also respect this by not requesting an - upgrade in the first place. - type: string - format: google-datetime - UnitCondition: - id: UnitCondition - description: >- - UnitCondition describes the status of an Unit. UnitCondition is - individual components that contribute to an overall state. + Deprovision: type: object + description: >- + Deprovision is the unit operation that deprovision the underlying + resources represented by a Unit. Can only execute if the Unit is + currently provisioned. + id: Deprovision + properties: {} + Dependency: + id: Dependency + description: >- + Dependency represent a single dependency with another unit kind by + alias. properties: - status: - description: Required. Status of the condition. - type: string - enumDescriptions: - - Condition status is unspecified. - - Condition is unknown. - - Condition is true. - - Condition is false. - enum: - - STATUS_UNSPECIFIED - - STATUS_UNKNOWN - - STATUS_TRUE - - STATUS_FALSE - type: - description: Required. Type of the condition. - type: string - enumDescriptions: - - Condition type is unspecified. - - Condition type is ready. - - Condition type is updating. - - Condition type is provisioned. - - >- - Condition type is operationError. True when the last unit - operation fails with a non-ignorable error. - enum: - - TYPE_UNSPECIFIED - - TYPE_READY - - TYPE_UPDATING - - TYPE_PROVISIONED - - TYPE_OPERATION_ERROR - lastTransitionTime: - description: >- - Required. Last time the condition transited from one status to - another. + unitKind: type: string - format: google-datetime - message: + description: Required. Immutable. The unit kind of the dependency. + alias: description: >- - Required. Human readable message indicating details about the last - transition. - type: string - reason: - description: Required. Brief reason for the condition's last transition. + Required. An alias for the dependency. Used for input variable + mapping. type: string - ListUnitOperationsResponse: - id: ListUnitOperationsResponse - description: The response structure for the ListUnitOperations method. type: object + ListUnitKindsResponse: + id: ListUnitKindsResponse + description: The response structure for the ListUnitKinds method. properties: - unitOperations: - description: The resulting unit operations. - type: array + unitKinds: items: - $ref: '#/components/schemas/UnitOperation' + $ref: '#/components/schemas/UnitKind' + description: The resulting unit kinds. + type: array nextPageToken: description: >- If present, the next page token can be provided to a subsequent - ListUnitOperations call to list the next page. If empty, there are - no more pages. + ListUnitKinds call to list the next page. If empty, there are no + more pages. type: string unreachable: - description: Locations that could not be reached. - type: array items: type: string - UnitOperation: - id: UnitOperation - description: >- - UnitOperation encapsulates the intent of changing/interacting with the - service component represented by the specific Unit. Multiple - UnitOperations can be created (requested) and scheduled in the future, - however only one will be allowed to execute at a time (that can change - in the future for non-mutating operations). UnitOperations allow - different actors interacting with the same unit to focus only on the - change they have requested. This is a base object that contains the - common fields in all unit operations. Next: 19 + description: Locations that could not be reached. + type: array type: object + ListReleasesResponse: properties: - provision: - $ref: '#/components/schemas/Provision' - upgrade: - $ref: '#/components/schemas/Upgrade' - deprovision: - $ref: '#/components/schemas/Deprovision' - name: - description: >- - Identifier. The resource name (full URI of the resource) following - the standard naming scheme: - "projects/{project}/locations/{location}/unitOperations/{unitOperation}" - type: string - unit: - description: Required. Immutable. The Unit a given UnitOperation will act upon. - type: string - parentUnitOperation: - description: >- - Optional. Reference to parent resource: UnitOperation. If an - operation needs to create other operations as part of its workflow, - each of the child operations should have this field set to the - parent. This can be used for tracing. (Optional) - type: string - rollout: + unreachable: + items: + type: string + type: array + description: Locations that could not be reached. + releases: + items: + $ref: '#/components/schemas/Release' + description: The resulting releases. + type: array + nextPageToken: description: >- - Optional. Specifies which rollout created this Unit Operation. This - cannot be modified and is used for filtering purposes only. If a - dependent unit and unit operation are created as part of another - unit operation, they will use the same rolloutId. + If present, the next page token can be provided to a subsequent + ListReleases call to list the next page. If empty, there are no more + pages. type: string - cancel: + id: ListReleasesResponse + type: object + description: The response structure for the ListReleases method. + Status: + properties: + details: description: >- - Optional. When true, attempt to cancel the operation. Cancellation - may fail if the operation is already executing. (Optional) - type: boolean - state: + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + type: array + code: + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + format: int32 + message: description: >- - Optional. Output only. UnitOperationState describes the current - state of the unit operation. - readOnly: true + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - enumDescriptions: - - '' - - Unit operation is accepted but not ready to run. - - Unit operation is accepted and scheduled. - - Unit operation is running. - - Unit operation has completed successfully. - - Unit operation has failed. - - Unit operation was cancelled. - enum: - - UNIT_OPERATION_STATE_UNKNOWN - - UNIT_OPERATION_STATE_PENDING - - UNIT_OPERATION_STATE_SCHEDULED - - UNIT_OPERATION_STATE_RUNNING - - UNIT_OPERATION_STATE_SUCCEEDED - - UNIT_OPERATION_STATE_FAILED - - UNIT_OPERATION_STATE_CANCELLED - conditions: + id: Status + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + type: object + Rollout: + type: object + properties: + control: description: >- - Optional. Output only. A set of conditions which indicate the - various conditions this resource can have. - readOnly: true - type: array - items: - $ref: '#/components/schemas/UnitOperationCondition' - schedule: - description: Optional. When to schedule this operation. - $ref: '#/components/schemas/Schedule' - engineState: + Optional. Requested change to the execution of this rollout. Default + RolloutControl.action is ROLLOUT_ACTION_RUN meaning the rollout will + be executed to completion while progressing through all natural + Rollout States (such as RUNNING -> SUCCEEDED or RUNNING -> FAILED). + Requests can only be made when the Rollout is in a non-terminal + state. + $ref: '#/components/schemas/RolloutControl' + endTime: + format: google-datetime description: >- - Optional. Output only. The engine state for on-going deployment - engine operation(s). This field is opaque for external usage. + Optional. Output only. The time when the rollout finished execution + (regardless of success, failure, or cancellation). Will be empty if + the rollout hasn't finished yet. Once set, the rollout is in + terminal state and all the results are final. readOnly: true type: string - errorCategory: + parentRollout: + readOnly: true description: >- - Optional. Output only. UnitOperationErrorCategory describe the error - category. + Optional. Output only. The direct parent rollout that this rollout + is stemming from. The resource name (full URI of the resource) + following the standard naming scheme: + "projects/{project}/locations/{location}/rollouts/{rollout_id}" + type: string + startTime: + type: string + format: google-datetime readOnly: true + description: >- + Optional. Output only. The time when the rollout started executing. + Will be empty if the rollout hasn't started yet. + release: + description: >- + Optional. Immutable. Name of the Release that gets rolled out to + target Units. Required if no other type of release is specified. type: string - enumDescriptions: - - Unit operation error category is unspecified - - >- - Unit operation error category is not applicable, or it is not an - error - - Unit operation error category is fatal - - Unit operation error category is retriable - - Unit operation error category is ignorable - - >- - Unit operation error category is standard, counts towards Rollout - error budget - enum: - - UNIT_OPERATION_ERROR_CATEGORY_UNSPECIFIED - - NOT_APPLICABLE - - FATAL - - RETRIABLE - - IGNORABLE - - STANDARD - labels: + etag: description: >- - Optional. The labels on the resource, which can be used for - categorization. similar to Kubernetes resource labels. - type: object - additionalProperties: - type: string + Output only. An opaque value that uniquely identifies a version or + generation of a resource. It can be used to confirm that the client + and server agree on the ordering of a resource being written. + type: string + readOnly: true annotations: + type: object description: >- Optional. Annotations is an unstructured key-value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations - type: object additionalProperties: type: string + effectiveUnitFilter: + readOnly: true + description: >- + Optional. Output only. Output only snapshot of the effective unit + filter at Rollout start time. Contains a + CEL(https://github.com/google/cel-spec) expression consisting of a + conjunction of Rollout.unit_filter and RolloutKind.unit_filter. This + field captures the filter applied by the Rollout to determine the + Unit population. If the associated RolloutKind's unit_filter is + modified after the rollout is started, it will not be updated here. + type: string + unitFilter: + description: >- + Optional. CEL(https://github.com/google/cel-spec) formatted filter + string against Unit. The filter will be applied to determine the + eligible unit population. This filter can only reduce, but not + expand the scope of the rollout. If not provided, the unit_filter + from the RolloutKind will be used. + type: string uid: + readOnly: true + type: string description: >- Output only. The unique identifier of the resource. UID is unique in the time and space for this resource within the scope of the @@ -922,453 +989,479 @@ components: creation of a resource and must not be changed. UID is used to uniquely identify resources with resource name reuses. This should be a UUID4. - readOnly: true - type: string - etag: + stateMessage: description: >- - Output only. An opaque value that uniquely identifies a version or - generation of a resource. It can be used to confirm that the client - and server agree on the ordering of a resource being written. - readOnly: true + Output only. Human readable message indicating details about the + last state transition. type: string - createTime: - description: Output only. The timestamp when the resource was created. + readOnly: true + stateTransitionTime: readOnly: true type: string + description: >- + Optional. Output only. The time when the rollout transitioned into + its current state. format: google-datetime updateTime: description: >- Output only. The timestamp when the resource was last updated. Any change to the resource made by users must refresh this value. Changes to a resource made by the service should refresh this value. - readOnly: true - type: string format: google-datetime - Provision: - id: Provision - description: >- - Provision is the unit operation that provision the underlying resources - represented by a Unit. Can only execute if the Unit is not currently - provisioned. - type: object - properties: - release: - description: >- - Optional. Reference to the Release object to use for the Unit. - (optional). type: string - inputVariables: - description: Optional. Set of input variables. Maximum 100. (optional) - type: array - items: - $ref: '#/components/schemas/UnitVariable' - Upgrade: - id: Upgrade - description: >- - Upgrade is the unit operation that upgrades a provisioned unit, which - may also include the underlying resources represented by a Unit. Can - only execute if the Unit is currently provisioned. - type: object - properties: - release: + readOnly: true + rolloutOrchestrationStrategy: description: >- - Optional. Reference to the Release object to use for the Unit. - (optional). - type: string - inputVariables: - description: Optional. Set of input variables. Maximum 100. (optional) - type: array - items: - $ref: '#/components/schemas/UnitVariable' - Deprovision: - id: Deprovision - description: >- - Deprovision is the unit operation that deprovision the underlying - resources represented by a Unit. Can only execute if the Unit is - currently provisioned. - type: object - properties: {} - UnitOperationCondition: - id: UnitOperationCondition - description: >- - UnitOperationCondition describes the status of an Unit Operation. - UnitOperationCondition is individual components that contribute to an - overall state. - type: object - properties: - status: - description: Required. Status of the condition. + Optional. The strategy used for executing this Rollout. This + strategy will override whatever strategy is specified in the + RolloutKind. If not specified on creation, the strategy from + RolloutKind will be used. There are two supported values strategies + which are used to control - "Google.Cloud.Simple.AllAtOnce" - + "Google.Cloud.Simple.OneLocationAtATime" A rollout with one of these + simple strategies will rollout across all locations defined in the + targeted UnitKind's Saas Locations. type: string - enumDescriptions: - - Condition status is unspecified. - - Condition is unknown. - - Condition is true. - - Condition is false. - enum: - - STATUS_UNSPECIFIED - - STATUS_UNKNOWN - - STATUS_TRUE - - STATUS_FALSE - type: - description: Required. Type of the condition. + rootRollout: + description: >- + Optional. Output only. The root rollout that this rollout is + stemming from. The resource name (full URI of the resource) + following the standard naming scheme: + "projects/{project}/locations/{location}/rollouts/{rollout_id}" + readOnly: true type: string + state: + description: Output only. Current state of the rollout. enumDescriptions: - - Condition type is unspecified. - - Condition type is scheduled. - - Condition type is running. - - Condition type is succeeded. - - Condition type is cancelled. + - Unspecified state. + - Rollout is in progress. + - Rollout has been paused. + - Rollout completed successfully. + - Rollout has failed. + - Rollout has been canceled. + - Rollout is waiting for some condition to be met before starting. + - Rollout is being canceled. + - Rollout is being resumed. + - Rollout is being paused. + readOnly: true enum: - - TYPE_UNSPECIFIED - - TYPE_SCHEDULED - - TYPE_RUNNING - - TYPE_SUCCEEDED - - TYPE_CANCELLED - lastTransitionTime: - description: >- - Required. Last time the condition transited from one status to - another. - type: string - format: google-datetime - message: + - ROLLOUT_STATE_UNSPECIFIED + - ROLLOUT_STATE_RUNNING + - ROLLOUT_STATE_PAUSED + - ROLLOUT_STATE_SUCCEEDED + - ROLLOUT_STATE_FAILED + - ROLLOUT_STATE_CANCELLED + - ROLLOUT_STATE_WAITING + - ROLLOUT_STATE_CANCELLING + - ROLLOUT_STATE_RESUMING + - ROLLOUT_STATE_PAUSING + type: string + rolloutKind: description: >- - Required. Human readable message indicating details about the last - transition. + Optional. Immutable. Name of the RolloutKind this rollout is + stemming from and adhering to. type: string - reason: - description: Required. Brief reason for the condition's last transition. + createTime: + readOnly: true + format: google-datetime + description: Output only. The timestamp when the resource was created. type: string - Schedule: - id: Schedule - description: A time specification to schedule the maintenance. - type: object - properties: - startTime: + name: description: >- - Optional. Start of operation. If not set, will be set to the start - of the next window. (optional) + Identifier. The resource name (full URI of the resource) following + the standard naming scheme: + "projects/{project}/locations/{location}/rollout/{rollout_id}" type: string - format: google-datetime - ListReleasesResponse: - id: ListReleasesResponse - description: The response structure for the ListReleases method. + labels: + additionalProperties: + type: string + description: >- + Optional. The labels on the resource, which can be used for + categorization. similar to Kubernetes resource labels. + type: object + stats: + description: Optional. Output only. Details about the progress of the rollout. + readOnly: true + $ref: '#/components/schemas/RolloutStats' + description: Represents a single rollout execution and its results + id: Rollout + ListReplicationsInternalResponse: + id: ListReplicationsInternalResponse type: object properties: - releases: - description: The resulting releases. + unreachable: type: array + description: Locations that could not be reached. items: - $ref: '#/components/schemas/Release' + type: string + replicationsInternal: + type: array + items: + $ref: '#/components/schemas/ReplicationInternal' + description: The resulting replication internals. nextPageToken: + type: string description: >- If present, the next page token can be provided to a subsequent - ListReleases call to list the next page. If empty, there are no more - pages. - type: string + ListReplicationsInternal call to list the next page. If empty, there + are no more pages. + description: The response structure for the ListReplicationsInternal method. + ListSaasResponse: + properties: + saas: + items: + $ref: '#/components/schemas/Saas' + type: array + description: The resulting saas. unreachable: - description: Locations that could not be reached. type: array items: type: string - Release: - id: Release - description: >- - A new version to be propagated and deployed to units. This includes - pointers to packaged blueprints for actuation (e.g Helm or Terraform - configuration packages) via artifact registry. - type: object - properties: - name: - description: >- - Identifier. The resource name (full URI of the resource) following - the standard naming scheme: - "projects/{project}/locations/{location}/releases/{release}" - type: string - unitKind: + description: Locations that could not be reached. + nextPageToken: description: >- - Required. Immutable. Reference to the UnitKind this Release - corresponds to (required and immutable once created). + If present, the next page token can be provided to a subsequent + ListSaas call to list the next page. If empty, there are no more + pages. type: string - blueprint: - description: >- - Optional. Blueprints are OCI Images that contain all of the - artifacts needed to provision a unit. - $ref: '#/components/schemas/Blueprint' - releaseRequirements: - description: >- - Optional. Set of requirements to be fulfilled on the Unit when using - this Release. - $ref: '#/components/schemas/ReleaseRequirements' - inputVariables: - description: >- - Optional. Output only. List of input variables declared on the - blueprint and can be present with their values on the unit spec - readOnly: true + id: ListSaasResponse + description: The response structure for the ListSaas method. + type: object + ReplicationStats: + type: object + id: ReplicationStats + properties: + failedResources: + description: The resources that are failed replication. + items: + type: string type: array + finishedResources: items: - $ref: '#/components/schemas/UnitVariable' - outputVariables: - description: >- - Optional. Output only. List of output variables declared on the - blueprint and can be present with their values on the unit status - readOnly: true + type: string + description: The resources that are finished replication. type: array + errors: + type: array + description: >- + The errors that occurred during replication, one error for each + failed resource. items: - $ref: '#/components/schemas/UnitVariable' - inputVariableDefaults: - description: Optional. Mapping of input variables to default values. Maximum 100 + $ref: '#/components/schemas/Status' + pendingResources: type: array items: - $ref: '#/components/schemas/UnitVariable' + type: string + description: The resources that are pending replication. + retryCount: + description: The number of retries for the failed resources. + items: + format: int32 + type: integer + type: array + description: >- + ReplicationStats contains the stats of the replication. It contains the + resources that are pending, finished, failed, and the errors if any. + Location: + description: Location information that the service is available in. + id: Location + type: object + properties: + name: + type: string + description: Optional. Name of location. + RolloutKind: + properties: labels: + additionalProperties: + type: string description: >- Optional. The labels on the resource, which can be used for categorization. similar to Kubernetes resource labels. type: object + rolloutOrchestrationStrategy: + type: string + description: >- + Optional. The strategy used for executing a Rollout. This is a + required field. There are two supported values strategies which are + used to control - "Google.Cloud.Simple.AllAtOnce" - + "Google.Cloud.Simple.OneLocationAtATime" A rollout with one of these + simple strategies will rollout across all locations defined in the + associated UnitKind's Saas Locations. + annotations: additionalProperties: type: string - annotations: + type: object description: >- Optional. Annotations is an unstructured key-value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations - type: object - additionalProperties: - type: string - uid: + unitFilter: description: >- - Output only. The unique identifier of the resource. UID is unique in - the time and space for this resource within the scope of the - service. It is typically generated by the server on successful - creation of a resource and must not be changed. UID is used to - uniquely identify resources with resource name reuses. This should - be a UUID4. + Optional. CEL(https://github.com/google/cel-spec) formatted filter + string against Unit. The filter will be applied to determine the + eligible unit population. This filter can only reduce, but not + expand the scope of the rollout. + type: string + errorBudget: + $ref: '#/components/schemas/ErrorBudget' + description: >- + Optional. The configuration for error budget. If the number of + failed units exceeds max(allowed_count, allowed_ratio * + total_units), the rollout will be paused. If not set, all units will + be attempted to be updated regardless of the number of failures + encountered. + updateTime: + type: string + format: google-datetime + description: >- + Output only. The timestamp when the resource was last updated. Any + change to the resource made by users must refresh this value. + Changes to a resource made by the service should refresh this value. readOnly: true + updateUnitKindStrategy: + enum: + - UPDATE_UNIT_KIND_STRATEGY_UNSPECIFIED + - UPDATE_UNIT_KIND_STRATEGY_ON_START + - UPDATE_UNIT_KIND_STRATEGY_NEVER + enumDescriptions: + - Strategy unspecified. + - Update the unit kind strategy on the rollout start. + - Never update the unit kind. + description: >- + Optional. The config for updating the unit kind. By default, the + unit kind will be updated on the rollout start. type: string etag: + type: string description: >- Output only. An opaque value that uniquely identifies a version or generation of a resource. It can be used to confirm that the client and server agree on the ordering of a resource being written. readOnly: true + name: type: string + description: >- + Identifier. The resource name (full URI of the resource) following + the standard naming scheme: + "projects/{project}/locations/{location}/rolloutKinds/{rollout_kind_id}" createTime: + readOnly: true description: Output only. The timestamp when the resource was created. + format: google-datetime + type: string + uid: + type: string + description: >- + Output only. The unique identifier of the resource. UID is unique in + the time and space for this resource within the scope of the + service. It is typically generated by the server on successful + creation of a resource and must not be changed. UID is used to + uniquely identify resources with resource name reuses. This should + be a UUID4. + readOnly: true + unitKind: + type: string + description: >- + Required. Immutable. UnitKind that this rollout kind corresponds to. + Rollouts stemming from this rollout kind will target the units of + this unit kind. In other words, this defines the population of + target units to be upgraded by rollouts. + description: >- + An object that describes various settings of Rollout execution. Includes + built-in policies across GCP and GDC, and customizable policies. + id: RolloutKind + type: object + VariableMapping: + id: VariableMapping + type: object + properties: + from: + description: >- + Optional. Output variables which will get their values from + dependencies + $ref: '#/components/schemas/FromMapping' + to: + $ref: '#/components/schemas/ToMapping' + description: >- + Optional. Input variables whose values will be passed on to + dependencies. + variable: + description: Required. name of the variable + type: string + description: >- + Mapping of input variables to their respective output variable for + depedenencies + ErrorBudget: + id: ErrorBudget + properties: + allowedPercentage: + type: integer + description: >- + Optional. The maximum percentage of units allowed to fail (0, 100] + within a location without pausing the rollout. + format: int32 + allowedCount: + description: >- + Optional. The maximum number of failed units allowed in a location + without pausing the rollout. + format: int32 + type: integer + type: object + description: >- + The configuration for error budget. If the number of failed units + exceeds max(allowed_count, allowed_ratio * total_units), the rollout + will be paused. + UnitDependency: + description: Set of dependencies for this unit. Maximum 10. + properties: + alias: + description: Output only. Alias for the name of the dependency. readOnly: true type: string - format: google-datetime - updateTime: - description: >- - Output only. The timestamp when the resource was last updated. Any - change to the resource made by users must refresh this value. - Changes to a resource made by the service should refresh this value. + unit: + description: Output only. A reference to the Unit object. readOnly: true type: string - format: google-datetime - Blueprint: - id: Blueprint - description: >- - Blueprints are OCI Images that contain all of the artifacts needed to - provision a unit. Metadata such as, type of the engine used to actuate - the blueprint (e.g. terraform, helm etc) and version will come from the - image manifest. If the hostname is omitted, it will be assumed to be the - regional path to Artifact Registry (eg. us-east1-docker.pkg.dev). type: object + id: UnitDependency + ListUnitOperationsResponse: + description: The response structure for the ListUnitOperations method. + type: object + id: ListUnitOperationsResponse properties: - package: + unitOperations: + items: + $ref: '#/components/schemas/UnitOperation' + type: array + description: The resulting unit operations. + unreachable: + type: array + description: Locations that could not be reached. + items: + type: string + nextPageToken: description: >- - Optional. Immutable. URI to a blueprint used by the Unit (required - unless unitKind or release is set). + If present, the next page token can be provided to a subsequent + ListUnitOperations call to list the next page. If empty, there are + no more pages. type: string - engine: + ToMapping: + description: Input variables whose values will be passed on to dependencies + type: object + properties: + ignoreForLookup: + type: boolean description: >- - Output only. Type of the engine used to actuate the blueprint. e.g. - terraform, helm etc. - readOnly: true + Optional. Tells SaaS Runtime if this mapping should be used during + lookup or not + inputVariable: + description: Required. Name of the inputVariable on the dependency type: string - version: - description: Output only. Version metadata if present on the blueprint. - readOnly: true + dependency: type: string - ReleaseRequirements: - id: ReleaseRequirements - description: Set of requirements to be fulfilled on the Unit when using this Release. - type: object + description: >- + Required. Alias of the dependency that the inputVariable will pass + its value to + id: ToMapping + ListRolloutKindsResponse: + id: ListRolloutKindsResponse + description: The response structure for the ListRolloutKinds method. properties: - upgradeableFromReleases: + unreachable: + items: + type: string + type: array + description: Locations that could not be reached. + nextPageToken: + type: string description: >- - Optional. A list of releases from which a unit can be upgraded to - this one (optional). If left empty no constraints will be applied. - When provided, unit upgrade requests to this release will check and - enforce this constraint. + If present, the next page token can be provided to a subsequent + ListRolloutKinds call to list the next page. If empty, there are no + more pages. + rolloutKinds: type: array items: - type: string - ListRolloutsResponse: - id: ListRolloutsResponse - description: The response structure for the ListRollouts method. + $ref: '#/components/schemas/RolloutKind' + description: The resulting rollout kinds. + type: object + ListUnitsResponse: + id: ListUnitsResponse type: object properties: - rollouts: - description: The resulting rollouts. + units: type: array + description: The resulting units. items: - $ref: '#/components/schemas/Rollout' + $ref: '#/components/schemas/Unit' nextPageToken: + type: string description: >- If present, the next page token can be provided to a subsequent - ListRollouts call to list the next page. If empty, there are no more + ListUnits call to list the next page. If empty, there are no more pages. - type: string unreachable: description: Locations that could not be reached. type: array items: type: string - Rollout: - id: Rollout - description: Represents a single rollout execution and its results + description: The response structure for the ListUnits method. + UnitKind: + id: UnitKind type: object + description: >- + Definition of a Unit. Units belonging to the same UnitKind are managed + together; for example they follow the same release model (blueprints, + versions etc.) and are typically rolled out together. properties: - name: - description: >- - Identifier. The resource name (full URI of the resource) following - the standard naming scheme: - "projects/{project}/locations/{location}/rollout/{rollout_id}" - type: string - release: - description: >- - Optional. Immutable. Name of the Release that gets rolled out to - target Units. Required if no other type of release is specified. - type: string - startTime: - description: >- - Optional. Output only. The time when the rollout started executing. - Will be empty if the rollout hasn't started yet. - readOnly: true - type: string - format: google-datetime - endTime: - description: >- - Optional. Output only. The time when the rollout finished execution - (regardless of success, failure, or cancellation). Will be empty if - the rollout hasn't finished yet. Once set, the rollout is in - terminal state and all the results are final. - readOnly: true - type: string - format: google-datetime - state: - description: Output only. Current state of the rollout. - readOnly: true - type: string - enumDescriptions: - - Unspecified state. - - Rollout is in progress. - - Rollout has been paused. - - Rollout completed successfully. - - Rollout has failed. - - Rollout has been canceled. - - Rollout is waiting for some condition to be met before starting. - - Rollout is being canceled. - - Rollout is being resumed. - - Rollout is being paused. - enum: - - ROLLOUT_STATE_UNSPECIFIED - - ROLLOUT_STATE_RUNNING - - ROLLOUT_STATE_PAUSED - - ROLLOUT_STATE_SUCCEEDED - - ROLLOUT_STATE_FAILED - - ROLLOUT_STATE_CANCELLED - - ROLLOUT_STATE_WAITING - - ROLLOUT_STATE_CANCELLING - - ROLLOUT_STATE_RESUMING - - ROLLOUT_STATE_PAUSING - stateMessage: - description: >- - Output only. Human readable message indicating details about the - last state transition. - readOnly: true - type: string - stateTransitionTime: + annotations: + type: object description: >- - Optional. Output only. The time when the rollout transitioned into - its current state. - readOnly: true + Optional. Annotations is an unstructured key-value map stored with a + resource that may be set by external tools to store and retrieve + arbitrary metadata. They are not queryable and should be preserved + when modifying objects. More info: + https://kubernetes.io/docs/user-guide/annotations + additionalProperties: + type: string + defaultRelease: type: string - format: google-datetime - rootRollout: description: >- - Optional. Output only. The root rollout that this rollout is - stemming from. The resource name (full URI of the resource) - following the standard naming scheme: - "projects/{project}/locations/{location}/rollouts/{rollout_id}" - readOnly: true - type: string - parentRollout: + Optional. A reference to the Release object to use as default for + creating new units of this UnitKind (optional). If not specified, a + new unit must explicitly reference which release to use for its + creation. + outputVariableMappings: + type: array + items: + $ref: '#/components/schemas/VariableMapping' description: >- - Optional. Output only. The direct parent rollout that this rollout - is stemming from. The resource name (full URI of the resource) - following the standard naming scheme: - "projects/{project}/locations/{location}/rollouts/{rollout_id}" + Optional. List of outputVariables for this unit kind will be passed + to this unit's outputVariables. Maximum 100. + etag: readOnly: true type: string - rolloutOrchestrationStrategy: - description: >- - Optional. The strategy used for executing this Rollout. This - strategy will override whatever strategy is specified in the - RolloutType. If not specified on creation, the strategy from - RolloutType will be used. There are two supported values strategies - which are used to control - "Google.Cloud.Simple.AllAtOnce" - - "Google.Cloud.Simple.OneLocationAtATime" A rollout with one of these - simple strategies will rollout across all locations defined in the - targeted UnitKind's Saas Locations. - type: string - unitFilter: - description: >- - Optional. CEL(https://github.com/google/cel-spec) formatted filter - string against Unit. The filter will be applied to determine the - eligible unit population. This filter can only reduce, but not - expand the scope of the rollout. If not provided, the unit_filter - from the RolloutType will be used. - type: string - rolloutKind: - description: >- - Optional. Immutable. Name of the RolloutKind this rollout is - stemming from and adhering to. - type: string - stats: - description: Optional. Output only. Details about the progress of the rollout. - readOnly: true - $ref: '#/components/schemas/RolloutStats' - control: description: >- - Optional. Requested change to the execution of this rollout. Default - RolloutControl.action is ROLLOUT_ACTION_RUN meaning the rollout will - be executed to completion while progressing through all natural - Rollout States (such as RUNNING -> SUCCEEDED or RUNNING -> FAILED). - Requests can only be made when the Rollout is in a non-terminal - state. - $ref: '#/components/schemas/RolloutControl' + Output only. An opaque value that uniquely identifies a version or + generation of a resource. It can be used to confirm that the client + and server agree on the ordering of a resource being written. + name: + type: string + description: >- + Identifier. The resource name (full URI of the resource) following + the standard naming scheme: + "projects/{project}/locations/{location}/unitKinds/{unitKind}" labels: description: >- Optional. The labels on the resource, which can be used for categorization. similar to Kubernetes resource labels. - type: object additionalProperties: type: string - annotations: - description: >- - Optional. Annotations is an unstructured key-value map stored with a - resource that may be set by external tools to store and retrieve - arbitrary metadata. They are not queryable and should be preserved - when modifying objects. More info: - https://kubernetes.io/docs/user-guide/annotations type: object - additionalProperties: - type: string uid: + readOnly: true + type: string description: >- Output only. The unique identifier of the resource. UID is unique in the time and space for this resource within the scope of the @@ -1376,204 +1469,280 @@ components: creation of a resource and must not be changed. UID is used to uniquely identify resources with resource name reuses. This should be a UUID4. - readOnly: true + saas: type: string - etag: description: >- - Output only. An opaque value that uniquely identifies a version or - generation of a resource. It can be used to confirm that the client - and server agree on the ordering of a resource being written. - readOnly: true - type: string - createTime: - description: Output only. The timestamp when the resource was created. + Required. Immutable. A reference to the Saas that defines the + product (managed service) that the producer wants to manage with + SaaS Runtime. Part of the SaaS Runtime common data model. Immutable + once set. + dependencies: + type: array + items: + $ref: '#/components/schemas/Dependency' + description: >- + Optional. Immutable. List of other unit kinds that this release will + depend on. Dependencies will be automatically provisioned if not + found. Maximum 10. + updateTime: + format: google-datetime readOnly: true type: string - format: google-datetime - updateTime: description: >- Output only. The timestamp when the resource was last updated. Any change to the resource made by users must refresh this value. Changes to a resource made by the service should refresh this value. - readOnly: true - type: string - format: google-datetime - RolloutStats: - id: RolloutStats - description: RolloutStats contains information about the progress of a rollout. - type: object - properties: - operationsByState: + inputVariableMappings: description: >- - Output only. A breakdown of the progress of operations triggered by - the rollout. Provides a count of Operations by their state. This can - be used to determine the number of units which have been updated, or - are scheduled to be updated. There will be at most one entry per - group. Possible values for operation groups are: - "SCHEDULED" - - "PENDING" - "RUNNING" - "SUCCEEDED" - "FAILED" - "CANCELLED" - readOnly: true - type: array + Optional. List of inputVariables for this release that will either + be retrieved from a dependency’s outputVariables, or will be passed + on to a dependency’s inputVariables. Maximum 100. items: - $ref: '#/components/schemas/Aggregate' - Aggregate: - id: Aggregate - description: >- - Represents the aggregation of a set of population of like records by a - certain group. For example, a collection of unit counts can be - aggregated and grouped by their state. + $ref: '#/components/schemas/VariableMapping' + type: array + createTime: + format: google-datetime + type: string + description: Output only. The timestamp when the resource was created. + readOnly: true + GoogleCloudLocationLocation: type: object + description: A resource that represents a Google Cloud location. + id: GoogleCloudLocationLocation properties: - group: - description: Required. Group by which to aggregate. + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". type: string - count: - description: Required. Number of records in the group. - type: integer - format: int32 - RolloutControl: - id: RolloutControl - description: >- - RolloutControl provides a way to request a change to the execution of a - Rollout by pausing or canceling it. + labels: + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + type: object + additionalProperties: + type: string + locationId: + type: string + description: 'The canonical id for this location. For example: `"us-east1"`.' + metadata: + description: >- + Service-specific metadata. For example the available capacity at the + given location. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + type: string + UnitOperationCondition: type: object properties: - runParams: - description: >- - Optional. Parameters for the RUN action. It is an error to specify - this if the RolloutAction is not set to RUN. By default, the rollout - will retry failed operations when resumed. - $ref: '#/components/schemas/RunRolloutActionParams' - action: + reason: + description: Required. Brief reason for the condition's last transition. + type: string + message: + type: string description: >- - Required. Action to be performed on the Rollout. The default - behavior is to run the rollout until it naturally reaches a terminal - state. + Required. Human readable message indicating details about the last + transition. + status: + enumDescriptions: + - Condition status is unspecified. + - Condition is unknown. + - Condition is true. + - Condition is false. + description: Required. Status of the condition. + type: string + enum: + - STATUS_UNSPECIFIED + - STATUS_UNKNOWN + - STATUS_TRUE + - STATUS_FALSE + lastTransitionTime: + format: google-datetime type: string + description: >- + Required. Last time the condition transited from one status to + another. + type: + description: Required. Type of the condition. enumDescriptions: - - Unspecified action, will be treated as RUN by default. - - >- - Run the Rollout until it naturally reaches a terminal state. A - rollout requested to run will progress through all natural Rollout - States (such as RUNNING -> SUCCEEDED or RUNNING -> FAILED). If - retriable errors are encountered during the rollout, the rollout - will paused by default and can be resumed by re-requesting this - RUN action. - - Pause the Rollout until it is resumed (i.e. RUN is requested). - - Cancel the Rollout permanently. + - Condition type is unspecified. + - Condition type is scheduled. + - Condition type is running. + - Condition type is succeeded. + - Condition type is cancelled. enum: - - ROLLOUT_ACTION_UNSPECIFIED - - ROLLOUT_ACTION_RUN - - ROLLOUT_ACTION_PAUSE - - ROLLOUT_ACTION_CANCEL - RunRolloutActionParams: - id: RunRolloutActionParams + - TYPE_UNSPECIFIED + - TYPE_SCHEDULED + - TYPE_RUNNING + - TYPE_SUCCEEDED + - TYPE_CANCELLED + type: string + id: UnitOperationCondition description: >- - Parameters for the RUN action controlling the behavior of the rollout - when it is resumed from a PAUSED state. + UnitOperationCondition describes the status of an Unit Operation. + UnitOperationCondition is individual components that contribute to an + overall state. + FromMapping: + properties: + outputVariable: + description: Required. Name of the outputVariable on the dependency + type: string + dependency: + description: >- + Required. Alias of the dependency that the outputVariable will pass + its value to + type: string + description: Output variables whose values will be passed on to dependencies + id: FromMapping type: object + UnitCondition: properties: - retryFailedOperations: + reason: + type: string + description: Required. Brief reason for the condition's last transition. + lastTransitionTime: + type: string + format: google-datetime description: >- - Required. If true, the rollout will retry failed operations when - resumed. This is applicable only the current state of the Rollout is - PAUSED and the requested action is RUN. - type: boolean - ListRolloutKindsResponse: - id: ListRolloutKindsResponse - description: The response structure for the ListRolloutKinds method. + Required. Last time the condition transited from one status to + another. + status: + enum: + - STATUS_UNSPECIFIED + - STATUS_UNKNOWN + - STATUS_TRUE + - STATUS_FALSE + type: string + enumDescriptions: + - Condition status is unspecified. + - Condition is unknown. + - Condition is true. + - Condition is false. + description: Required. Status of the condition. + message: + type: string + description: >- + Required. Human readable message indicating details about the last + transition. + type: + type: string + enum: + - TYPE_UNSPECIFIED + - TYPE_READY + - TYPE_UPDATING + - TYPE_PROVISIONED + - TYPE_OPERATION_ERROR + enumDescriptions: + - Condition type is unspecified. + - Condition type is ready. + - Condition type is updating. + - Condition type is provisioned. + - >- + Condition type is operationError. True when the last unit + operation fails with a non-ignorable error. + description: Required. Type of the condition. type: object - properties: - rolloutKinds: - description: The resulting rollout kinds. - type: array - items: - $ref: '#/components/schemas/RolloutKind' - nextPageToken: - description: >- - If present, the next page token can be provided to a subsequent - ListRolloutKinds call to list the next page. If empty, there are no - more pages. - type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - RolloutKind: - id: RolloutKind + id: UnitCondition description: >- - An object that describes various settings of Rollout execution. Includes - built-in policies across GCP and GDC, and customizable policies. + UnitCondition describes the status of an Unit. UnitCondition is + individual components that contribute to an overall state. + Release: + description: >- + A new version to be propagated and deployed to units. This includes + pointers to packaged blueprints for actuation (e.g Helm or Terraform + configuration packages) via artifact registry. type: object + id: Release properties: + createTime: + readOnly: true + format: google-datetime + description: Output only. The timestamp when the resource was created. + type: string name: + type: string description: >- Identifier. The resource name (full URI of the resource) following the standard naming scheme: - "projects/{project}/locations/{location}/rolloutKinds/{rollout_kind_id}" - type: string + "projects/{project}/locations/{location}/releases/{release}" unitKind: - description: >- - Required. Immutable. UnitKind that this rollout kind corresponds to. - Rollouts stemming from this rollout kind will target the units of - this unit kind. In other words, this defines the population of - target units to be upgraded by rollouts. - type: string - rolloutOrchestrationStrategy: - description: >- - Optional. The strategy used for executing a Rollout. This is a - required field. There are two supported values strategies which are - used to control - "Google.Cloud.Simple.AllAtOnce" - - "Google.Cloud.Simple.OneLocationAtATime" A rollout with one of these - simple strategies will rollout across all locations defined in the - associated UnitKind's Saas Locations. type: string - unitFilter: description: >- - Optional. CEL(https://github.com/google/cel-spec) formatted filter - string against Unit. The filter will be applied to determine the - eligible unit population. This filter can only reduce, but not - expand the scope of the rollout. - type: string - updateUnitKindStrategy: + Required. Immutable. Reference to the UnitKind this Release + corresponds to (required and immutable once created). + etag: description: >- - Optional. The config for updating the unit kind. By default, the - unit kind will be updated on the rollout start. + Output only. An opaque value that uniquely identifies a version or + generation of a resource. It can be used to confirm that the client + and server agree on the ordering of a resource being written. + readOnly: true type: string - enumDescriptions: - - Strategy unspecified. - - Update the unit kind strategy on the rollout start. - - Never update the unit kind. - enum: - - UPDATE_UNIT_KIND_STRATEGY_UNSPECIFIED - - UPDATE_UNIT_KIND_STRATEGY_ON_START - - UPDATE_UNIT_KIND_STRATEGY_NEVER - errorBudget: - description: >- - Optional. The configuration for error budget. If the number of - failed units exceeds max(allowed_count, allowed_ratio * - total_units), the rollout will be paused. If not set, all units will - be attempted to be updated regardless of the number of failures - encountered. - $ref: '#/components/schemas/ErrorBudget' labels: + additionalProperties: + type: string description: >- Optional. The labels on the resource, which can be used for categorization. similar to Kubernetes resource labels. type: object + releaseRequirements: + description: >- + Optional. Set of requirements to be fulfilled on the Unit when using + this Release. + $ref: '#/components/schemas/ReleaseRequirements' + outputVariables: + type: array + readOnly: true + description: >- + Optional. Output only. List of output variables declared on the + blueprint and can be present with their values on the unit status + items: + $ref: '#/components/schemas/UnitVariable' + annotations: + type: object additionalProperties: type: string - annotations: description: >- Optional. Annotations is an unstructured key-value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/user-guide/annotations - type: object - additionalProperties: - type: string + inputVariables: + type: array + description: >- + Optional. Output only. List of input variables declared on the + blueprint and can be present with their values on the unit spec + readOnly: true + items: + $ref: '#/components/schemas/UnitVariable' + updateTime: + format: google-datetime + readOnly: true + type: string + description: >- + Output only. The timestamp when the resource was last updated. Any + change to the resource made by users must refresh this value. + Changes to a resource made by the service should refresh this value. + inputVariableDefaults: + items: + $ref: '#/components/schemas/UnitVariable' + description: Optional. Mapping of input variables to default values. Maximum 100 + type: array + blueprint: + description: >- + Optional. Blueprints are OCI Images that contain all of the + artifacts needed to provision a unit. + $ref: '#/components/schemas/Blueprint' uid: + readOnly: true + type: string description: >- Output only. The unique identifier of the resource. UID is unique in the time and space for this resource within the scope of the @@ -1581,124 +1750,139 @@ components: creation of a resource and must not be changed. UID is used to uniquely identify resources with resource name reuses. This should be a UUID4. + ReplicationInternal: + id: ReplicationInternal + type: object + description: >- + ReplicationInternal is a resource that represents the replication of a + resource to multiple locations. This is an internal resource to achieve + replication before GA and will not expose to the public API. + properties: + updateTime: + type: string + description: >- + Output only. The timestamp when the resource was last updated. Any + change to the resource made by users must refresh this value. + Changes to a resource made by the service should refresh this value. + format: google-datetime + readOnly: true + createTime: readOnly: true + description: Output only. The timestamp when the resource was created. + format: google-datetime type: string + stats: + readOnly: true + description: >- + Output only. The stats of the replication. One key for each location + in target_locations + additionalProperties: + $ref: '#/components/schemas/ReplicationStats' + type: object etag: + readOnly: true description: >- Output only. An opaque value that uniquely identifies a version or generation of a resource. It can be used to confirm that the client and server agree on the ordering of a resource being written. - readOnly: true type: string - createTime: - description: Output only. The timestamp when the resource was created. - readOnly: true + name: type: string - format: google-datetime - updateTime: description: >- - Output only. The timestamp when the resource was last updated. Any - change to the resource made by users must refresh this value. - Changes to a resource made by the service should refresh this value. + Identifier. The resource name (full URI of the resource) following + the standard naming scheme: + "projects/{project}/locations/{location}/replicationInternal/{replication_internal_id}" + labels: + description: >- + Optional. The labels on the resource, which can be used for + categorization. similar to Kubernetes resource labels. + additionalProperties: + type: string + type: object + annotations: + additionalProperties: + type: string + type: object + description: >- + Optional. Annotations is an unstructured key-value map stored with a + resource that may be set by external tools to store and retrieve + arbitrary metadata. They are not queryable and should be preserved + when modifying objects. More info: + https://kubernetes.io/docs/user-guide/annotations + state: + enum: + - REPLICATION_STATE_UNSPECIFIED + - REPLICATION_STATE_PENDING + - REPLICATION_STATE_RUNNING + - REPLICATION_STATE_FAILED + - REPLICATION_STATE_SUCCEEDED + enumDescriptions: + - Unspecified state. + - Replication is pending. + - Replication is running. + - Replication has failed. + - Replication has succeeded. readOnly: true type: string - format: google-datetime - ErrorBudget: - id: ErrorBudget - description: >- - The configuration for error budget. If the number of failed units - exceeds max(allowed_count, allowed_ratio * total_units), the rollout - will be paused. - type: object - properties: - allowedCount: + description: Output only. The state of the replication. + payload: + type: object description: >- - Optional. The maximum number of failed units allowed in a location - without pausing the rollout. - type: integer + Required. The payload of the request for replication. It could be + any request type that is supported by the replication service. e.g. + CreateUnitKindRequest, UpdateUnitKindRequest, DeleteReleaseRequest, + etc. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + targetLocations: + description: Optional. The target locations to replicate the resource to. + items: + type: string + type: array + maxRetryCount: format: int32 - allowedPercentage: - description: >- - Optional. The maximum percentage of units allowed to fail (0, 100] - within a location without pausing the rollout. type: integer - format: int32 - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object - properties: - locations: description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/GoogleCloudLocationLocation' - nextPageToken: - description: The standard List next-page token. - type: string - GoogleCloudLocationLocation: - id: GoogleCloudLocationLocation - description: A resource that represents a Google Cloud location. - type: object - properties: - name: + Optional. The maximum number of retries for the replication. If the + replication fails from a retryable error, it will be retried for + this number of times. + uid: + readOnly: true description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + Output only. The unique identifier of the resource. UID is unique in + the time and space for this resource within the scope of the + service. It is typically generated by the server on successful + creation of a resource and must not be changed. UID is used to + uniquely identify resources with resource name reuses. This should + be a UUID4. type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + ListTenantsResponse: + id: ListTenantsResponse + properties: + nextPageToken: type: string - labels: description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: + If present, the next page token can be provided to a subsequent + ListTenants call to list the next page. If empty, there are no more + pages. + tenants: + type: array + description: The resulting tenants. + items: + $ref: '#/components/schemas/Tenant' + unreachable: + items: type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + type: array + description: Locations that could not be reached. + description: The response structure for the ListTenants method. + type: object parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: fields + name: upload_protocol schema: type: string key: @@ -1710,10 +1894,10 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: oauth_token + name: uploadType schema: type: string prettyPrint: @@ -1722,6 +1906,21 @@ components: name: prettyPrint schema: type: boolean + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -1731,75 +1930,163 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + alt: + description: Data format for response. in: query - name: upload_protocol + name: alt schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + enum: + - json + - media + - proto + callback: + description: JSONP in: query - name: uploadType + name: callback schema: type: string - _.xgafv: - description: V1 error format. + access_token: + description: OAuth access token. in: query - name: $.xgafv + name: access_token + schema: + type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: - locations: - id: google.saasservicemgmt.locations - name: locations - title: Locations + unit_kinds: + id: google.saasservicemgmt.unit_kinds + name: unit_kinds + title: Unit_kinds + methods: + get: + operation: + $ref: >- + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1unitKinds~1{unitKindsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1unitKinds~1{unitKindsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1unitKinds~1{unitKindsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1unitKinds/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unitKinds + create: + operation: + $ref: >- + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1unitKinds/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/unit_kinds/methods/get' + - $ref: '#/components/x-stackQL-resources/unit_kinds/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/unit_kinds/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/unit_kinds/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/unit_kinds/methods/delete' + replications_internal: + id: google.saasservicemgmt.replications_internal + name: replications_internal + title: Replications_internal methods: + create: + operation: + $ref: >- + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1replicationsInternal/post + response: + mediaType: application/json + openAPIDocKey: '200' list: operation: - $ref: '#/paths/~1v1beta1~1projects~1{projectsId}~1locations/get' + $ref: >- + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1replicationsInternal/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.locations + objectKey: $.unreachable get: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1replicationsInternal~1{replicationsInternalId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1replicationsInternal~1{replicationsInternalId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1replicationsInternal~1{replicationsInternalId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/replications_internal/methods/get' + - $ref: >- + #/components/x-stackQL-resources/replications_internal/methods/list + insert: + - $ref: >- + #/components/x-stackQL-resources/replications_internal/methods/create + update: + - $ref: >- + #/components/x-stackQL-resources/replications_internal/methods/patch replace: [] - delete: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/replications_internal/methods/delete saas: id: google.saasservicemgmt.saas name: saas title: Saas methods: - list: + create: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1saas/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1saas/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.saas - create: + list: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1saas/post + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1saas/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.saas get: operation: $ref: >- @@ -1832,162 +2119,162 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/saas/methods/delete' - tenants: - id: google.saasservicemgmt.tenants - name: tenants - title: Tenants + rollout_kinds: + id: google.saasservicemgmt.rollout_kinds + name: rollout_kinds + title: Rollout_kinds methods: - list: + delete: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1tenants/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rolloutKinds~1{rolloutKindsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tenants - create: + patch: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1tenants/post + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rolloutKinds~1{rolloutKindsId}/patch response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1tenants~1{tenantsId}/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rolloutKinds~1{rolloutKindsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1tenants~1{tenantsId}/patch + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rolloutKinds/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1tenants~1{tenantsId}/delete + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rolloutKinds/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/tenants/methods/get' - - $ref: '#/components/x-stackQL-resources/tenants/methods/list' + - $ref: '#/components/x-stackQL-resources/rollout_kinds/methods/get' + - $ref: '#/components/x-stackQL-resources/rollout_kinds/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/tenants/methods/create' + - $ref: '#/components/x-stackQL-resources/rollout_kinds/methods/create' update: - - $ref: '#/components/x-stackQL-resources/tenants/methods/patch' + - $ref: '#/components/x-stackQL-resources/rollout_kinds/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/tenants/methods/delete' - unit_kinds: - id: google.saasservicemgmt.unit_kinds - name: unit_kinds - title: Unit_kinds + - $ref: '#/components/x-stackQL-resources/rollout_kinds/methods/delete' + tenants: + id: google.saasservicemgmt.tenants + name: tenants + title: Tenants methods: - list: + delete: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1unitKinds/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1tenants~1{tenantsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.unitKinds - create: + patch: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1unitKinds/post + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1tenants~1{tenantsId}/patch response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1unitKinds~1{unitKindsId}/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1tenants~1{tenantsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1unitKinds~1{unitKindsId}/patch + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1tenants/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1unitKinds~1{unitKindsId}/delete + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1tenants/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.tenants sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/unit_kinds/methods/get' - - $ref: '#/components/x-stackQL-resources/unit_kinds/methods/list' + - $ref: '#/components/x-stackQL-resources/tenants/methods/get' + - $ref: '#/components/x-stackQL-resources/tenants/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/unit_kinds/methods/create' + - $ref: '#/components/x-stackQL-resources/tenants/methods/create' update: - - $ref: '#/components/x-stackQL-resources/unit_kinds/methods/patch' + - $ref: '#/components/x-stackQL-resources/tenants/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/unit_kinds/methods/delete' - units: - id: google.saasservicemgmt.units - name: units - title: Units + - $ref: '#/components/x-stackQL-resources/tenants/methods/delete' + releases: + id: google.saasservicemgmt.releases + name: releases + title: Releases methods: - list: + patch: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1units/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1releases~1{releasesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.units - create: + delete: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1units/post + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1releases~1{releasesId}/delete response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1units~1{unitsId}/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1releases~1{releasesId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1units~1{unitsId}/patch + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1releases/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.unreachable + create: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1units~1{unitsId}/delete + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1releases/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/units/methods/get' - - $ref: '#/components/x-stackQL-resources/units/methods/list' + - $ref: '#/components/x-stackQL-resources/releases/methods/get' + - $ref: '#/components/x-stackQL-resources/releases/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/units/methods/create' + - $ref: '#/components/x-stackQL-resources/releases/methods/create' update: - - $ref: '#/components/x-stackQL-resources/units/methods/patch' + - $ref: '#/components/x-stackQL-resources/releases/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/units/methods/delete' + - $ref: '#/components/x-stackQL-resources/releases/methods/delete' unit_operations: id: google.saasservicemgmt.unit_operations name: unit_operations @@ -2008,24 +2295,24 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get: + delete: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1unitOperations~1{unitOperationsId}/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1unitOperations~1{unitOperationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + get: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1unitOperations~1{unitOperationsId}/patch + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1unitOperations~1{unitOperationsId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1unitOperations~1{unitOperationsId}/delete + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1unitOperations~1{unitOperationsId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -2040,75 +2327,74 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/unit_operations/methods/delete' - releases: - id: google.saasservicemgmt.releases - name: releases - title: Releases + units: + id: google.saasservicemgmt.units + name: units + title: Units methods: - list: + delete: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1releases/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1units~1{unitsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.releases - create: + patch: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1releases/post + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1units~1{unitsId}/patch response: mediaType: application/json openAPIDocKey: '200' get: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1releases~1{releasesId}/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1units~1{unitsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + create: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1releases~1{releasesId}/patch + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1units/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1releases~1{releasesId}/delete + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1units/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.units sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/releases/methods/get' - - $ref: '#/components/x-stackQL-resources/releases/methods/list' + - $ref: '#/components/x-stackQL-resources/units/methods/get' + - $ref: '#/components/x-stackQL-resources/units/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/releases/methods/create' + - $ref: '#/components/x-stackQL-resources/units/methods/create' update: - - $ref: '#/components/x-stackQL-resources/releases/methods/patch' + - $ref: '#/components/x-stackQL-resources/units/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/releases/methods/delete' + - $ref: '#/components/x-stackQL-resources/units/methods/delete' rollouts: id: google.saasservicemgmt.rollouts name: rollouts title: Rollouts methods: - list: + patch: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rollouts/get + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rollouts~1{rolloutsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.rollouts - create: + delete: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rollouts/post + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rollouts~1{rolloutsId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -2119,17 +2405,18 @@ components: response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rollouts~1{rolloutsId}/patch + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rollouts/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.rollouts + create: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rollouts~1{rolloutsId}/delete + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rollouts/post response: mediaType: application/json openAPIDocKey: '200' @@ -2144,75 +2431,129 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/rollouts/methods/delete' - rollout_kinds: - id: google.saasservicemgmt.rollout_kinds - name: rollout_kinds - title: Rollout_kinds + locations: + id: google.saasservicemgmt.locations + name: locations + title: Locations methods: list: operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rolloutKinds/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.rolloutKinds - create: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rolloutKinds/post + $ref: '#/paths/~1v1beta1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.locations get: operation: $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rolloutKinds~1{rolloutKindsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rolloutKinds~1{rolloutKindsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}~1rolloutKinds~1{rolloutKindsId}/delete + #/paths/~1v1beta1~1projects~1{projectsId}~1locations~1{locationsId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/rollout_kinds/methods/get' - - $ref: '#/components/x-stackQL-resources/rollout_kinds/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/rollout_kinds/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/rollout_kinds/methods/patch' + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' + insert: [] + update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/rollout_kinds/methods/delete' + delete: [] paths: - /v1beta1/projects/{projectsId}/locations: + /v1beta1/projects/{projectsId}/locations/{locationsId}/unitKinds/{unitKindsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/fields' get: - description: Lists information about the supported locations for this service. - operationId: saasservicemgmt.projects.locations.list + description: Retrieve a single unit kind. + operationId: saasservicemgmt.projects.locations.unitKinds.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/UnitKind' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: unitKindsId + required: true + schema: + type: string + delete: + description: Delete a single unit kind. + operationId: saasservicemgmt.projects.locations.unitKinds.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: unitKindsId + required: true + schema: + type: string + - in: query + name: requestId + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: etag + schema: + type: string + patch: + description: Update a single unit kind. + operationId: saasservicemgmt.projects.locations.unitKinds.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UnitKind' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2224,35 +2565,41 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/UnitKind' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: unitKindsId + required: true schema: type: string - in: query - name: pageSize + name: validateOnly schema: - type: integer - format: int32 + type: boolean - in: query - name: pageToken + name: requestId schema: type: string - in: query - name: extraLocationTypes + name: updateMask schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}: + format: google-fieldmask + /v1beta1/projects/{projectsId}/locations/{locationsId}/unitKinds: parameters: *ref_1 get: - description: Gets information about a location. - operationId: saasservicemgmt.projects.locations.get + description: Retrieve a collection of unit kinds. + operationId: saasservicemgmt.projects.locations.unitKinds.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2264,7 +2611,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudLocationLocation' + $ref: '#/components/schemas/ListUnitKindsResponse' parameters: - in: path name: projectsId @@ -2276,11 +2623,31 @@ paths: required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/saas: - parameters: *ref_1 - get: - description: Retrieve a collection of saas. - operationId: saasservicemgmt.projects.locations.saas.list + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + post: + description: Create a new unit kind. + operationId: saasservicemgmt.projects.locations.unitKinds.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UnitKind' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2292,7 +2659,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSaasResponse' + $ref: '#/components/schemas/UnitKind' parameters: - in: path name: projectsId @@ -2305,30 +2672,27 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: requestId schema: type: string - in: query - name: filter + name: validateOnly schema: - type: string + type: boolean - in: query - name: orderBy + name: unitKindId schema: type: string + /v1beta1/projects/{projectsId}/locations/{locationsId}/replicationsInternal: + parameters: *ref_1 post: - description: Create a new saas. - operationId: saasservicemgmt.projects.locations.saas.create + description: Create a new replication internal. + operationId: saasservicemgmt.projects.locations.replicationsInternal.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Saas' + $ref: '#/components/schemas/ReplicationInternal' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2340,7 +2704,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Saas' + $ref: '#/components/schemas/ReplicationInternal' parameters: - in: path name: projectsId @@ -2352,23 +2716,66 @@ paths: required: true schema: type: string - - in: query - name: saasId - schema: - type: string - in: query name: validateOnly schema: type: boolean + - in: query + name: replicationInternalId + schema: + type: string - in: query name: requestId schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/saas/{saasId}: + get: + description: Retrieve a collection of replication internals. + operationId: saasservicemgmt.projects.locations.replicationsInternal.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListReplicationsInternalResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1beta1/projects/{projectsId}/locations/{locationsId}/replicationsInternal/{replicationsInternalId}: parameters: *ref_1 get: - description: Retrieve a single saas. - operationId: saasservicemgmt.projects.locations.saas.get + description: Retrieve a single replication internal. + operationId: saasservicemgmt.projects.locations.replicationsInternal.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2380,7 +2787,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Saas' + $ref: '#/components/schemas/ReplicationInternal' parameters: - in: path name: projectsId @@ -2393,18 +2800,18 @@ paths: schema: type: string - in: path - name: saasId + name: replicationsInternalId required: true schema: type: string patch: - description: Update a single saas. - operationId: saasservicemgmt.projects.locations.saas.patch + description: Update a single replication internal. + operationId: saasservicemgmt.projects.locations.replicationsInternal.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Saas' + $ref: '#/components/schemas/ReplicationInternal' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2416,7 +2823,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Saas' + $ref: '#/components/schemas/ReplicationInternal' parameters: - in: path name: projectsId @@ -2429,16 +2836,12 @@ paths: schema: type: string - in: path - name: saasId + name: replicationsInternalId required: true schema: type: string - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: requestId + name: etag schema: type: string - in: query @@ -2446,9 +2849,17 @@ paths: schema: type: string format: google-fieldmask + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: requestId + schema: + type: string delete: - description: Delete a single saas. - operationId: saasservicemgmt.projects.locations.saas.delete + description: Delete a single replication internal. + operationId: saasservicemgmt.projects.locations.replicationsInternal.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2473,10 +2884,14 @@ paths: schema: type: string - in: path - name: saasId + name: replicationsInternalId required: true schema: type: string + - in: query + name: requestId + schema: + type: string - in: query name: etag schema: @@ -2485,15 +2900,54 @@ paths: name: validateOnly schema: type: boolean + /v1beta1/projects/{projectsId}/locations/{locationsId}/saas: + parameters: *ref_1 + post: + description: Create a new saas. + operationId: saasservicemgmt.projects.locations.saas.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Saas' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Saas' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string - in: query name: requestId schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/tenants: - parameters: *ref_1 + - in: query + name: saasId + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean get: - description: Retrieve a collection of tenants. - operationId: saasservicemgmt.projects.locations.tenants.list + description: Retrieve a collection of saas. + operationId: saasservicemgmt.projects.locations.saas.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2505,7 +2959,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTenantsResponse' + $ref: '#/components/schemas/ListSaasResponse' parameters: - in: path name: projectsId @@ -2522,6 +2976,10 @@ paths: schema: type: integer format: int32 + - in: query + name: orderBy + schema: + type: string - in: query name: pageToken schema: @@ -2530,18 +2988,47 @@ paths: name: filter schema: type: string - - in: query - name: orderBy + /v1beta1/projects/{projectsId}/locations/{locationsId}/saas/{saasId}: + parameters: *ref_1 + get: + description: Retrieve a single saas. + operationId: saasservicemgmt.projects.locations.saas.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Saas' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: saasId + required: true schema: type: string - post: - description: Create a new tenant. - operationId: saasservicemgmt.projects.locations.tenants.create + patch: + description: Update a single saas. + operationId: saasservicemgmt.projects.locations.saas.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Tenant' + $ref: '#/components/schemas/Saas' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2553,7 +3040,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Tenant' + $ref: '#/components/schemas/Saas' parameters: - in: path name: projectsId @@ -2565,8 +3052,13 @@ paths: required: true schema: type: string + - in: path + name: saasId + required: true + schema: + type: string - in: query - name: tenantId + name: requestId schema: type: string - in: query @@ -2574,14 +3066,13 @@ paths: schema: type: boolean - in: query - name: requestId + name: updateMask schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/tenants/{tenantsId}: - parameters: *ref_1 - get: - description: Retrieve a single tenant. - operationId: saasservicemgmt.projects.locations.tenants.get + format: google-fieldmask + delete: + description: Delete a single saas. + operationId: saasservicemgmt.projects.locations.saas.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2593,7 +3084,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Tenant' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2606,18 +3097,27 @@ paths: schema: type: string - in: path - name: tenantsId + name: saasId required: true schema: type: string - patch: - description: Update a single tenant. - operationId: saasservicemgmt.projects.locations.tenants.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Tenant' + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: etag + schema: + type: string + - in: query + name: requestId + schema: + type: string + /v1beta1/projects/{projectsId}/locations/{locationsId}/rolloutKinds/{rolloutKindsId}: + parameters: *ref_1 + delete: + description: Delete a single rollout kind. + operationId: saasservicemgmt.projects.locations.rolloutKinds.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2629,7 +3129,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Tenant' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2642,7 +3142,7 @@ paths: schema: type: string - in: path - name: tenantsId + name: rolloutKindsId required: true schema: type: string @@ -2655,13 +3155,17 @@ paths: schema: type: string - in: query - name: updateMask + name: etag schema: type: string - format: google-fieldmask - delete: - description: Delete a single tenant. - operationId: saasservicemgmt.projects.locations.tenants.delete + patch: + description: Update a single rollout kind. + operationId: saasservicemgmt.projects.locations.rolloutKinds.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RolloutKind' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2673,7 +3177,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/RolloutKind' parameters: - in: path name: projectsId @@ -2686,27 +3190,26 @@ paths: schema: type: string - in: path - name: tenantsId + name: rolloutKindsId required: true schema: type: string - in: query - name: etag + name: updateMask schema: type: string - - in: query - name: validateOnly - schema: - type: boolean + format: google-fieldmask - in: query name: requestId schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/unitKinds: - parameters: *ref_1 + - in: query + name: validateOnly + schema: + type: boolean get: - description: Retrieve a collection of unit kinds. - operationId: saasservicemgmt.projects.locations.unitKinds.list + description: Retrieve a single rollout kind. + operationId: saasservicemgmt.projects.locations.rolloutKinds.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2718,7 +3221,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListUnitKindsResponse' + $ref: '#/components/schemas/RolloutKind' parameters: - in: path name: projectsId @@ -2730,31 +3233,21 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: rolloutKindsId + required: true schema: type: string + /v1beta1/projects/{projectsId}/locations/{locationsId}/rolloutKinds: + parameters: *ref_1 post: - description: Create a new unit kind. - operationId: saasservicemgmt.projects.locations.unitKinds.create + description: Create a new rollout kind. + operationId: saasservicemgmt.projects.locations.rolloutKinds.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/UnitKind' + $ref: '#/components/schemas/RolloutKind' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2766,7 +3259,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UnitKind' + $ref: '#/components/schemas/RolloutKind' parameters: - in: path name: projectsId @@ -2778,23 +3271,21 @@ paths: required: true schema: type: string - - in: query - name: unitKindId - schema: - type: string - in: query name: validateOnly schema: type: boolean + - in: query + name: rolloutKindId + schema: + type: string - in: query name: requestId schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/unitKinds/{unitKindsId}: - parameters: *ref_1 get: - description: Retrieve a single unit kind. - operationId: saasservicemgmt.projects.locations.unitKinds.get + description: Retrieve a collection of rollout kinds. + operationId: saasservicemgmt.projects.locations.rolloutKinds.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2806,7 +3297,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UnitKind' + $ref: '#/components/schemas/ListRolloutKindsResponse' parameters: - in: path name: projectsId @@ -2818,19 +3309,28 @@ paths: required: true schema: type: string - - in: path - name: unitKindsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy schema: type: string - patch: - description: Update a single unit kind. - operationId: saasservicemgmt.projects.locations.unitKinds.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UnitKind' + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1beta1/projects/{projectsId}/locations/{locationsId}/tenants/{tenantsId}: + parameters: *ref_1 + delete: + description: Delete a single tenant. + operationId: saasservicemgmt.projects.locations.tenants.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2842,7 +3342,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UnitKind' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2855,7 +3355,7 @@ paths: schema: type: string - in: path - name: unitKindsId + name: tenantsId required: true schema: type: string @@ -2868,13 +3368,17 @@ paths: schema: type: string - in: query - name: updateMask + name: etag schema: type: string - format: google-fieldmask - delete: - description: Delete a single unit kind. - operationId: saasservicemgmt.projects.locations.unitKinds.delete + patch: + description: Update a single tenant. + operationId: saasservicemgmt.projects.locations.tenants.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Tenant' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2886,7 +3390,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Tenant' parameters: - in: path name: projectsId @@ -2899,14 +3403,15 @@ paths: schema: type: string - in: path - name: unitKindsId + name: tenantsId required: true schema: type: string - in: query - name: etag + name: updateMask schema: type: string + format: google-fieldmask - in: query name: validateOnly schema: @@ -2915,11 +3420,9 @@ paths: name: requestId schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/units: - parameters: *ref_1 get: - description: Retrieve a collection of units. - operationId: saasservicemgmt.projects.locations.units.list + description: Retrieve a single tenant. + operationId: saasservicemgmt.projects.locations.tenants.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2931,7 +3434,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListUnitsResponse' + $ref: '#/components/schemas/Tenant' parameters: - in: path name: projectsId @@ -2943,31 +3446,21 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: tenantsId + required: true schema: type: string + /v1beta1/projects/{projectsId}/locations/{locationsId}/tenants: + parameters: *ref_1 post: - description: Create a new unit. - operationId: saasservicemgmt.projects.locations.units.create + description: Create a new tenant. + operationId: saasservicemgmt.projects.locations.tenants.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Unit' + $ref: '#/components/schemas/Tenant' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2979,7 +3472,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Unit' + $ref: '#/components/schemas/Tenant' parameters: - in: path name: projectsId @@ -2992,22 +3485,20 @@ paths: schema: type: string - in: query - name: unitId + name: requestId schema: type: string - in: query - name: validateOnly + name: tenantId schema: - type: boolean + type: string - in: query - name: requestId + name: validateOnly schema: - type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/units/{unitsId}: - parameters: *ref_1 + type: boolean get: - description: Retrieve a single unit. - operationId: saasservicemgmt.projects.locations.units.get + description: Retrieve a collection of tenants. + operationId: saasservicemgmt.projects.locations.tenants.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3019,7 +3510,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Unit' + $ref: '#/components/schemas/ListTenantsResponse' parameters: - in: path name: projectsId @@ -3031,19 +3522,33 @@ paths: required: true schema: type: string - - in: path - name: unitsId - required: true + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string + /v1beta1/projects/{projectsId}/locations/{locationsId}/releases/{releasesId}: + parameters: *ref_1 patch: - description: Update a single unit. - operationId: saasservicemgmt.projects.locations.units.patch + description: Update a single release. + operationId: saasservicemgmt.projects.locations.releases.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Unit' + $ref: '#/components/schemas/Release' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3055,7 +3560,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Unit' + $ref: '#/components/schemas/Release' parameters: - in: path name: projectsId @@ -3068,10 +3573,15 @@ paths: schema: type: string - in: path - name: unitsId + name: releasesId required: true schema: type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask - in: query name: validateOnly schema: @@ -3080,14 +3590,9 @@ paths: name: requestId schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask delete: - description: Delete a single unit. - operationId: saasservicemgmt.projects.locations.units.delete + description: Delete a single release. + operationId: saasservicemgmt.projects.locations.releases.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3112,7 +3617,7 @@ paths: schema: type: string - in: path - name: unitsId + name: releasesId required: true schema: type: string @@ -3128,11 +3633,9 @@ paths: name: requestId schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/unitOperations: - parameters: *ref_1 get: - description: Retrieve a collection of unit operations. - operationId: saasservicemgmt.projects.locations.unitOperations.list + description: Retrieve a single release. + operationId: saasservicemgmt.projects.locations.releases.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3144,7 +3647,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListUnitOperationsResponse' + $ref: '#/components/schemas/Release' parameters: - in: path name: projectsId @@ -3156,11 +3659,39 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: releasesId + required: true schema: - type: integer - format: int32 + type: string + /v1beta1/projects/{projectsId}/locations/{locationsId}/releases: + parameters: *ref_1 + get: + description: Retrieve a collection of releases. + operationId: saasservicemgmt.projects.locations.releases.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListReleasesResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string - in: query name: pageToken schema: @@ -3169,18 +3700,23 @@ paths: name: filter schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 - in: query name: orderBy schema: type: string post: - description: Create a new unit operation. - operationId: saasservicemgmt.projects.locations.unitOperations.create + description: Create a new release. + operationId: saasservicemgmt.projects.locations.releases.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/UnitOperation' + $ref: '#/components/schemas/Release' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3192,7 +3728,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UnitOperation' + $ref: '#/components/schemas/Release' parameters: - in: path name: projectsId @@ -3205,7 +3741,7 @@ paths: schema: type: string - in: query - name: unitOperationId + name: requestId schema: type: string - in: query @@ -3213,14 +3749,14 @@ paths: schema: type: boolean - in: query - name: requestId + name: releaseId schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/unitOperations/{unitOperationsId}: + /v1beta1/projects/{projectsId}/locations/{locationsId}/unitOperations: parameters: *ref_1 get: - description: Retrieve a single unit operation. - operationId: saasservicemgmt.projects.locations.unitOperations.get + description: Retrieve a collection of unit operations. + operationId: saasservicemgmt.projects.locations.unitOperations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3232,7 +3768,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UnitOperation' + $ref: '#/components/schemas/ListUnitOperationsResponse' parameters: - in: path name: projectsId @@ -3244,14 +3780,26 @@ paths: required: true schema: type: string - - in: path - name: unitOperationsId - required: true + - in: query + name: orderBy schema: type: string - patch: - description: Update a single unit operation. - operationId: saasservicemgmt.projects.locations.unitOperations.patch + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + post: + description: Create a new unit operation. + operationId: saasservicemgmt.projects.locations.unitOperations.create requestBody: content: application/json: @@ -3280,9 +3828,8 @@ paths: required: true schema: type: string - - in: path - name: unitOperationsId - required: true + - in: query + name: unitOperationId schema: type: string - in: query @@ -3293,11 +3840,8 @@ paths: name: requestId schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask + /v1beta1/projects/{projectsId}/locations/{locationsId}/unitOperations/{unitOperationsId}: + parameters: *ref_1 delete: description: Delete a single unit operation. operationId: saasservicemgmt.projects.locations.unitOperations.delete @@ -3330,7 +3874,7 @@ paths: schema: type: string - in: query - name: etag + name: requestId schema: type: string - in: query @@ -3338,14 +3882,12 @@ paths: schema: type: boolean - in: query - name: requestId + name: etag schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/releases: - parameters: *ref_1 get: - description: Retrieve a collection of releases. - operationId: saasservicemgmt.projects.locations.releases.list + description: Retrieve a single unit operation. + operationId: saasservicemgmt.projects.locations.unitOperations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3357,7 +3899,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListReleasesResponse' + $ref: '#/components/schemas/UnitOperation' parameters: - in: path name: projectsId @@ -3369,31 +3911,19 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: unitOperationsId + required: true schema: type: string - post: - description: Create a new release. - operationId: saasservicemgmt.projects.locations.releases.create + patch: + description: Update a single unit operation. + operationId: saasservicemgmt.projects.locations.unitOperations.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Release' + $ref: '#/components/schemas/UnitOperation' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3405,7 +3935,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Release' + $ref: '#/components/schemas/UnitOperation' parameters: - in: path name: projectsId @@ -3417,59 +3947,29 @@ paths: required: true schema: type: string - - in: query - name: releaseId + - in: path + name: unitOperationsId + required: true schema: type: string - - in: query - name: validateOnly - schema: - type: boolean - in: query name: requestId schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/releases/{releasesId}: - parameters: *ref_1 - get: - description: Retrieve a single release. - operationId: saasservicemgmt.projects.locations.releases.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Release' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true + - in: query + name: updateMask schema: type: string - - in: path - name: releasesId - required: true + format: google-fieldmask + - in: query + name: validateOnly schema: - type: string - patch: - description: Update a single release. - operationId: saasservicemgmt.projects.locations.releases.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Release' + type: boolean + /v1beta1/projects/{projectsId}/locations/{locationsId}/units/{unitsId}: + parameters: *ref_1 + delete: + description: Delete a single unit. + operationId: saasservicemgmt.projects.locations.units.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3481,7 +3981,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Release' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -3494,26 +3994,30 @@ paths: schema: type: string - in: path - name: releasesId + name: unitsId required: true schema: type: string - in: query - name: validateOnly + name: etag schema: - type: boolean + type: string - in: query name: requestId schema: type: string - in: query - name: updateMask + name: validateOnly schema: - type: string - format: google-fieldmask - delete: - description: Delete a single release. - operationId: saasservicemgmt.projects.locations.releases.delete + type: boolean + patch: + description: Update a single unit. + operationId: saasservicemgmt.projects.locations.units.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Unit' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3525,7 +4029,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Unit' parameters: - in: path name: projectsId @@ -3538,14 +4042,15 @@ paths: schema: type: string - in: path - name: releasesId + name: unitsId required: true schema: type: string - in: query - name: etag + name: updateMask schema: type: string + format: google-fieldmask - in: query name: validateOnly schema: @@ -3554,11 +4059,9 @@ paths: name: requestId schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/rollouts: - parameters: *ref_1 get: - description: Retrieve a collection of rollouts. - operationId: saasservicemgmt.projects.locations.rollouts.list + description: Retrieve a single unit. + operationId: saasservicemgmt.projects.locations.units.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3570,7 +4073,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRolloutsResponse' + $ref: '#/components/schemas/Unit' parameters: - in: path name: projectsId @@ -3582,31 +4085,21 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: unitsId + required: true schema: type: string + /v1beta1/projects/{projectsId}/locations/{locationsId}/units: + parameters: *ref_1 post: - description: Create a new rollout. - operationId: saasservicemgmt.projects.locations.rollouts.create + description: Create a new unit. + operationId: saasservicemgmt.projects.locations.units.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Rollout' + $ref: '#/components/schemas/Unit' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3618,7 +4111,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Rollout' + $ref: '#/components/schemas/Unit' parameters: - in: path name: projectsId @@ -3630,23 +4123,21 @@ paths: required: true schema: type: string - - in: query - name: rolloutId - schema: - type: string - in: query name: validateOnly schema: type: boolean + - in: query + name: unitId + schema: + type: string - in: query name: requestId schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/rollouts/{rolloutsId}: - parameters: *ref_1 get: - description: Retrieve a single rollout. - operationId: saasservicemgmt.projects.locations.rollouts.get + description: Retrieve a collection of units. + operationId: saasservicemgmt.projects.locations.units.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3658,7 +4149,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Rollout' + $ref: '#/components/schemas/ListUnitsResponse' parameters: - in: path name: projectsId @@ -3670,11 +4161,25 @@ paths: required: true schema: type: string - - in: path - name: rolloutsId - required: true + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy schema: type: string + /v1beta1/projects/{projectsId}/locations/{locationsId}/rollouts/{rolloutsId}: + parameters: *ref_1 patch: description: Update a single rollout. operationId: saasservicemgmt.projects.locations.rollouts.patch @@ -3716,14 +4221,14 @@ paths: schema: type: boolean - in: query - name: requestId + name: updateMask schema: type: string + format: google-fieldmask - in: query - name: updateMask + name: requestId schema: type: string - format: google-fieldmask delete: description: Delete a single rollout. operationId: saasservicemgmt.projects.locations.rollouts.delete @@ -3759,19 +4264,50 @@ paths: name: etag schema: type: string + - in: query + name: requestId + schema: + type: string - in: query name: validateOnly schema: type: boolean - - in: query - name: requestId + get: + description: Retrieve a single rollout. + operationId: saasservicemgmt.projects.locations.rollouts.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Rollout' + parameters: + - in: path + name: projectsId + required: true schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/rolloutKinds: + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: rolloutsId + required: true + schema: + type: string + /v1beta1/projects/{projectsId}/locations/{locationsId}/rollouts: parameters: *ref_1 get: - description: Retrieve a collection of rollout kinds. - operationId: saasservicemgmt.projects.locations.rolloutKinds.list + description: Retrieve a collection of rollouts. + operationId: saasservicemgmt.projects.locations.rollouts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3783,7 +4319,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRolloutKindsResponse' + $ref: '#/components/schemas/ListRolloutsResponse' parameters: - in: path name: projectsId @@ -3801,25 +4337,25 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query - name: filter + name: orderBy schema: type: string - in: query - name: orderBy + name: pageToken schema: type: string post: - description: Create a new rollout kind. - operationId: saasservicemgmt.projects.locations.rolloutKinds.create + description: Create a new rollout. + operationId: saasservicemgmt.projects.locations.rollouts.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/RolloutKind' + $ref: '#/components/schemas/Rollout' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3831,7 +4367,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RolloutKind' + $ref: '#/components/schemas/Rollout' parameters: - in: path name: projectsId @@ -3844,7 +4380,7 @@ paths: schema: type: string - in: query - name: rolloutKindId + name: rolloutId schema: type: string - in: query @@ -3855,47 +4391,11 @@ paths: name: requestId schema: type: string - /v1beta1/projects/{projectsId}/locations/{locationsId}/rolloutKinds/{rolloutKindsId}: + /v1beta1/projects/{projectsId}/locations: parameters: *ref_1 get: - description: Retrieve a single rollout kind. - operationId: saasservicemgmt.projects.locations.rolloutKinds.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/RolloutKind' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: rolloutKindsId - required: true - schema: - type: string - patch: - description: Update a single rollout kind. - operationId: saasservicemgmt.projects.locations.rolloutKinds.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RolloutKind' + description: Lists information about the supported locations for this service. + operationId: saasservicemgmt.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3907,39 +4407,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RolloutKind' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: rolloutKindsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: validateOnly + name: pageToken schema: - type: boolean + type: string - in: query - name: requestId + name: filter schema: type: string - in: query - name: updateMask + name: extraLocationTypes schema: type: string - format: google-fieldmask - delete: - description: Delete a single rollout kind. - operationId: saasservicemgmt.projects.locations.rolloutKinds.delete + /v1beta1/projects/{projectsId}/locations/{locationsId}: + parameters: *ref_1 + get: + description: Gets information about a location. + operationId: saasservicemgmt.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3951,7 +4447,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/GoogleCloudLocationLocation' parameters: - in: path name: projectsId @@ -3963,20 +4459,3 @@ paths: required: true schema: type: string - - in: path - name: rolloutKindsId - required: true - schema: - type: string - - in: query - name: etag - schema: - type: string - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: requestId - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/sasportal.yaml b/providers/src/googleapis.com/v00.00.00000/services/sasportal.yaml index c3623887..6dcfa1ac 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/sasportal.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/sasportal.yaml @@ -7,8 +7,8 @@ info: title: SAS Portal API description: '' version: v1alpha1 - x-discovery-doc-revision: '20250824' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251207' + x-generated-date: '2025-12-10' externalDocs: url: https://developers.google.com/spectrum-access-system/ servers: @@ -22,10 +22,10 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 + https://www.googleapis.com/auth/sasportal: Read, create, update, and delete your SAS Portal data. https://www.googleapis.com/auth/cloud-platform: >- See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account. - https://www.googleapis.com/auth/sasportal: Read, create, update, and delete your SAS Portal data. Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -35,204 +35,194 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - SasPortalCustomer: - id: SasPortalCustomer - description: Entity representing a SAS customer. - type: object + SasPortalPolicy: properties: - name: - description: Output only. Resource name of the customer. + assignments: + items: + $ref: '#/components/schemas/SasPortalAssignment' + description: List of assignments + type: array + etag: type: string - displayName: description: >- - Required. Name of the organization that the customer entity - represents. - type: string - sasUserIds: - description: User IDs used by the devices belonging to this customer. - type: array - items: - type: string - SasPortalListCustomersResponse: - id: SasPortalListCustomersResponse - description: Response for `ListCustomers`. + The etag is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the etag in + the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An etag is returned in the response to + GetPolicy, and systems are expected to put that etag in the request + to SetPolicy to ensure that their change will be applied to the same + version of the policy. If no etag is provided in the call to + GetPolicy, then the existing policy is overwritten blindly. + format: byte + description: Defines an access control policy to the resources. + type: object + id: SasPortalPolicy + SasPortalGetPolicyRequest: type: object properties: - customers: - description: The list of customers that match the request. - type: array - items: - $ref: '#/components/schemas/SasPortalCustomer' - nextPageToken: - description: >- - A pagination token returned from a previous call to ListCustomers - that indicates from where listing should continue. If the field is - missing or empty, it means there are no more customers. + resource: type: string - SasPortalListGcpProjectDeploymentsResponse: - id: SasPortalListGcpProjectDeploymentsResponse - description: Response for [ListGcpProjectDeployments]. - type: object + description: Required. The resource for which the policy is being requested. + id: SasPortalGetPolicyRequest + description: Request message for `GetPolicy` method. + SasPortalProvisionDeploymentResponse: + id: SasPortalProvisionDeploymentResponse properties: - deployments: - description: Optional. Deployments associated with the GCP project - type: array - items: - $ref: '#/components/schemas/SasPortalGcpProjectDeployment' - SasPortalGcpProjectDeployment: - id: SasPortalGcpProjectDeployment + errorMessage: + type: string + description: >- + Optional. Optional error message if the provisioning request is not + successful. description: >- - Deployment associated with the GCP project. Includes whether SAS - analytics has been enabled or not. + Response for [ProvisionDeployment]. + [spectrum.sas.portal.v1alpha1.Provisioning.ProvisionDeployment]. type: object - properties: - hasEnabledAnalytics: - description: Whether SAS analytics has been enabled. - type: boolean - deployment: - description: Deployment associated with the GCP project. - $ref: '#/components/schemas/SasPortalDeployment' - SasPortalDeployment: - id: SasPortalDeployment - description: The Deployment. + SasPortalCreateSignedDeviceRequest: type: object properties: - name: - description: Output only. Resource name. - readOnly: true + installerId: type: string - displayName: - description: The deployment's display name. + description: >- + Required. Unique installer id (CPI ID) from the Certified + Professional Installers database. + encodedDevice: type: string - sasUserIds: + format: byte description: >- - User ID used by the devices belonging to this deployment. Each - deployment should be associated with one unique user ID. - type: array - items: - type: string - frns: + Required. JSON Web Token signed using a CPI private key. Payload + must be the JSON encoding of the device. The user_id field must be + set. + description: Request for CreateSignedDevice. + id: SasPortalCreateSignedDeviceRequest + SasPortalDeploymentAssociation: + type: object + id: SasPortalDeploymentAssociation + description: Association between a gcp project and a SAS user id. + properties: + userId: + description: User id of the deployment. + type: string + gcpProjectId: + description: GCP project id of the associated project. + type: string + SasPortalSignDeviceRequest: + properties: + device: + $ref: '#/components/schemas/SasPortalDevice' description: >- - Output only. The FCC Registration Numbers (FRNs) copied from its - direct parent. - readOnly: true - type: array - items: - type: string - SasPortalProvisionDeploymentRequest: - id: SasPortalProvisionDeploymentRequest - description: >- - Request for [ProvisionDeployment]. - [spectrum.sas.portal.v1alpha1.Provisioning.ProvisionDeployment]. GCP - Project, Organization Info, and caller’s GAIA ID should be retrieved - from the RPC handler, and used as inputs to create a new SAS - organization (if not exists) and a new SAS deployment. + Required. The device to sign. The device fields name, fcc_id and + serial_number must be set. The user_id field must be set. + description: Request for SignDevice. + id: SasPortalSignDeviceRequest + type: object + SasPortalSetupSasAnalyticsRequest: type: object properties: - newOrganizationDisplayName: + userId: description: >- - Optional. If this field is set, and a new SAS Portal Organization - needs to be created, its display name will be set to the value of - this field. + Optional. User id to setup analytics for, if not provided the user + id associated with the project is used. optional type: string - newDeploymentDisplayName: + description: Request for the SetupSasAnalytics rpc. + id: SasPortalSetupSasAnalyticsRequest + SasPortalUpdateSignedDeviceRequest: + description: Request for UpdateSignedDevice. + id: SasPortalUpdateSignedDeviceRequest + properties: + installerId: description: >- - Optional. If this field is set, and a new SAS Portal Deployment - needs to be created, its display name will be set to the value of - this field. + Required. Unique installer ID (CPI ID) from the Certified + Professional Installers database. type: string - organizationId: - description: >- - Optional. If this field is set then a new deployment will be created - under the organization specified by this id. + encodedDevice: + format: byte type: string - format: int64 - SasPortalProvisionDeploymentResponse: - id: SasPortalProvisionDeploymentResponse - description: >- - Response for [ProvisionDeployment]. - [spectrum.sas.portal.v1alpha1.Provisioning.ProvisionDeployment]. + description: >- + Required. The JSON Web Token signed using a CPI private key. Payload + must be the JSON encoding of the device. The user_id field must be + set. type: object + SasPortalMoveDeviceRequest: + id: SasPortalMoveDeviceRequest + description: Request for MoveDevice. properties: - errorMessage: - description: >- - Optional. Optional error message if the provisioning request is not - successful. + destination: type: string - SasPortalListLegacyOrganizationsResponse: - id: SasPortalListLegacyOrganizationsResponse - description: >- - Response for [ListLegacyOrganizations]. - [spectrum.sas.portal.v1alpha1.Provisioning.ListLegacyOrganizations]. + description: >- + Required. The name of the new parent resource node or customer to + reparent the device under. + type: object + SasPortalValidateInstallerResponse: type: object + id: SasPortalValidateInstallerResponse + properties: {} + description: Response for ValidateInstaller. + SasPortalGcpProjectDeployment: + type: object + description: >- + Deployment associated with the GCP project. Includes whether SAS + analytics has been enabled or not. properties: - organizations: - description: Optional. Legacy SAS organizations. - type: array - items: - $ref: '#/components/schemas/SasPortalOrganization' + hasEnabledAnalytics: + type: boolean + description: Whether SAS analytics has been enabled. + deployment: + $ref: '#/components/schemas/SasPortalDeployment' + description: Deployment associated with the GCP project. + id: SasPortalGcpProjectDeployment + SasPortalEmpty: + properties: {} + id: SasPortalEmpty + type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } SasPortalOrganization: id: SasPortalOrganization - description: Organization details. - type: object properties: + displayName: + description: Name of organization + type: string id: description: Id of organization - type: string format: int64 - displayName: - description: Name of organization type: string - SasPortalMigrateOrganizationRequest: - id: SasPortalMigrateOrganizationRequest - description: >- - Request for [MigrateOrganization]. - [spectrum.sas.portal.v1alpha1.Provisioning.MigrateOrganization]. GCP - Project, Organization Info, and caller's GAIA ID should be retrieved - from the RPC handler, and used to check authorization on SAS Portal - organization and to create GCP Projects. + description: Organization details. type: object - properties: - organizationId: - description: Required. Id of the SAS organization to be migrated. - type: string - format: int64 SasPortalOperation: - id: SasPortalOperation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object properties: name: + type: string description: >- The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`. - type: string metadata: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. done: + type: boolean description: >- If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available. - type: boolean error: + $ref: '#/components/schemas/SasPortalStatus' description: >- The error result of the operation in case of failure or cancellation. - $ref: '#/components/schemas/SasPortalStatus' response: description: >- The normal, successful response of the operation. If the original @@ -247,874 +237,889 @@ components: additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - SasPortalStatus: - id: SasPortalStatus - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - SasPortalSetupSasAnalyticsRequest: - id: SasPortalSetupSasAnalyticsRequest - description: Request for the SetupSasAnalytics rpc. type: object - properties: - userId: - description: >- - Optional. User id to setup analytics for, if not provided the user - id associated with the project is used. optional - type: string - SasPortalDevice: - id: SasPortalDevice + description: >- + This resource represents a long-running operation that is the result of + a network API call. + id: SasPortalOperation + SasPortalNrqzValidation: type: object + description: Information about National Radio Quiet Zone validation. + id: SasPortalNrqzValidation properties: - name: - description: Output only. The resource path name. - type: string - fccId: - description: >- - The FCC identifier of the device. Refer to - https://www.fcc.gov/oet/ea/fccid for FccID format. Accept - underscores and periods because some test-SAS customers use them. - type: string - serialNumber: - description: A serial number assigned to the device by the device manufacturer. + caseId: + description: Validation case ID. type: string - preloadedConfig: - description: Configuration of the device, as specified via SAS Portal API. - $ref: '#/components/schemas/SasPortalDeviceConfig' - activeConfig: - description: >- - Output only. Current configuration of the device as registered to - the SAS. - $ref: '#/components/schemas/SasPortalDeviceConfig' state: - description: Output only. Device state. type: string enumDescriptions: - Unspecified state. - - >- - Device created in the SAS Portal, however, not yet registered with - SAS. - - Device registered with SAS. - - Device de-registered with SAS. + - Draft state. + - Final state. enum: - - DEVICE_STATE_UNSPECIFIED - - RESERVED - - REGISTERED - - DEREGISTERED - grants: - description: Output only. Grants held by the device. - type: array + - STATE_UNSPECIFIED + - DRAFT + - FINAL + description: State of the NRQZ validation info. + cpiId: + type: string + description: CPI who signed the validation. + latitude: + format: double + type: number + description: Device latitude that's associated with the validation. + longitude: + format: double + type: number + description: Device longitude that's associated with the validation. + SasPortalNode: + properties: + name: + description: Output only. Resource name. + type: string + sasUserIds: items: - $ref: '#/components/schemas/SasPortalDeviceGrant' + type: string + type: array + description: User ids used by the devices belonging to this node. displayName: - description: Device display name. + description: The node's display name. type: string - deviceMetadata: - description: >- - Device parameters that can be overridden by both SAS Portal and SAS - registration requests. - $ref: '#/components/schemas/SasPortalDeviceMetadata' - currentChannels: - description: Output only. Current channels with scores. - readOnly: true - deprecated: true + description: The Node. + type: object + id: SasPortalNode + SasPortalListGcpProjectDeploymentsResponse: + type: object + properties: + deployments: + description: Optional. Deployments associated with the GCP project type: array items: - $ref: '#/components/schemas/SasPortalChannelWithScore' - grantRangeAllowlists: - description: >- - Only ranges that are within the allowlists are available for new - grants. + $ref: '#/components/schemas/SasPortalGcpProjectDeployment' + id: SasPortalListGcpProjectDeploymentsResponse + description: Response for [ListGcpProjectDeployments]. + SasPortalDeviceGrant: + properties: + moveList: type: array + description: The DPA move lists on which this grant appears. items: - $ref: '#/components/schemas/SasPortalFrequencyRange' - SasPortalDeviceConfig: - id: SasPortalDeviceConfig - description: Information about the device configuration. - type: object - properties: - category: - description: FCC category of the device. - type: string - enumDescriptions: - - Unspecified device category. - - Category A. - - Category B. - enum: - - DEVICE_CATEGORY_UNSPECIFIED - - DEVICE_CATEGORY_A - - DEVICE_CATEGORY_B - model: - description: Information about this device model. - $ref: '#/components/schemas/SasPortalDeviceModel' - airInterface: - description: Information about this device's air interface. - $ref: '#/components/schemas/SasPortalDeviceAirInterface' - installationParams: - description: Installation parameters for the device. - $ref: '#/components/schemas/SasPortalInstallationParams' - measurementCapabilities: - description: Measurement reporting capabilities of the device. + $ref: '#/components/schemas/SasPortalDpaMoveList' + suspensionReason: + description: If the grant is suspended, the reason(s) for suspension. type: array items: type: string - enumDescriptions: - - '' - - '' - - '' - enum: - - MEASUREMENT_CAPABILITY_UNSPECIFIED - - MEASUREMENT_CAPABILITY_RECEIVED_POWER_WITH_GRANT - - MEASUREMENT_CAPABILITY_RECEIVED_POWER_WITHOUT_GRANT - userId: - description: The identifier of a device user. + state: + enum: + - GRANT_STATE_UNSPECIFIED + - GRANT_STATE_GRANTED + - GRANT_STATE_TERMINATED + - GRANT_STATE_SUSPENDED + - GRANT_STATE_AUTHORIZED + - GRANT_STATE_EXPIRED type: string - callSign: - description: The call sign of the device operator. + enumDescriptions: + - '' + - >- + The grant has been granted but the device is not heartbeating on + it. + - The grant has been terminated by the SAS. + - The grant has been suspended by the SAS. + - The device is currently transmitting. + - The grant has expired. + description: State of the grant. + expireTime: type: string - state: - description: State of the configuration. + format: google-datetime + description: The expiration time of the grant. + frequencyRange: + $ref: '#/components/schemas/SasPortalFrequencyRange' + description: The transmission frequency range. + maxEirp: + format: double + description: >- + Maximum Equivalent Isotropically Radiated Power (EIRP) permitted by + the grant. The maximum EIRP is in units of dBm/MHz. The value of + `maxEirp` represents the average (RMS) EIRP that would be measured + by the procedure defined in FCC part 96.41(e)(3). + type: number + grantId: + description: Grant Id. + type: string + lastHeartbeatTransmitExpireTime: type: string + format: google-datetime + description: The transmit expiration time of the last heartbeat. + channelType: enumDescriptions: - '' - '' - '' enum: - - DEVICE_CONFIG_STATE_UNSPECIFIED - - DRAFT - - FINAL - isSigned: - description: Output only. Whether the configuration has been signed by a CPI. - type: boolean - updateTime: - description: Output only. The last time the device configuration was edited. + - CHANNEL_TYPE_UNSPECIFIED + - CHANNEL_TYPE_GAA + - CHANNEL_TYPE_PAL + description: Type of channel used. type: string - format: google-datetime - SasPortalDeviceModel: - id: SasPortalDeviceModel - description: Information about the model of the device. - type: object - properties: - vendor: - description: The name of the device vendor. - type: string - name: - description: The name of the device model. - type: string - softwareVersion: - description: The software version of the device. - type: string - hardwareVersion: - description: The hardware version of the device. - type: string - firmwareVersion: - description: The firmware version of the device. - type: string - SasPortalDeviceAirInterface: - id: SasPortalDeviceAirInterface - description: Information about the device's air interface. + id: SasPortalDeviceGrant + description: >- + Device grant. It is an authorization provided by the Spectrum Access + System to a device to transmit using specified operating parameters + after a successful heartbeat by the device. type: object - properties: - radioTechnology: - description: >- - Conditional. This field specifies the radio access technology that - is used for the CBSD. - type: string - enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - - '' - enum: - - RADIO_TECHNOLOGY_UNSPECIFIED - - E_UTRA - - CAMBIUM_NETWORKS - - FOUR_G_BBW_SAA_1 - - NR - - DOODLE_CBRS - - CW - - REDLINE - - TARANA_WIRELESS - - FAROS - supportedSpec: - description: >- - Optional. This field is related to the `radioTechnology` and - provides the air interface specification that the CBSD is compliant - with at the time of registration. - type: string - SasPortalInstallationParams: - id: SasPortalInstallationParams - description: Information about the device installation parameters. + SasPortalSetPolicyRequest: + description: Request message for `SetPolicy` method. type: object + id: SasPortalSetPolicyRequest properties: - latitude: - description: >- - Latitude of the device antenna location in degrees relative to the - WGS 84 datum. The allowed range is from -90.000000 to +90.000000. - Positive values represent latitudes north of the equator; negative - values south of the equator. - type: number - format: double - longitude: - description: >- - Longitude of the device antenna location in degrees relative to the - WGS 84 datum. The allowed range is from -180.000000 to +180.000000. - Positive values represent longitudes east of the prime meridian; - negative values west of the prime meridian. - type: number - format: double - height: - description: >- - Device antenna height in meters. When the `heightType` parameter - value is "AGL", the antenna height should be given relative to - ground level. When the `heightType` parameter value is "AMSL", it is - given with respect to WGS84 datum. - type: number - format: double - heightType: - description: Specifies how the height is measured. - type: string - enumDescriptions: - - Unspecified height type. - - AGL height is measured relative to the ground level. - - AMSL height is measured relative to the mean sea level. - enum: - - HEIGHT_TYPE_UNSPECIFIED - - HEIGHT_TYPE_AGL - - HEIGHT_TYPE_AMSL - horizontalAccuracy: - description: >- - A positive number in meters to indicate accuracy of the device - antenna horizontal location. This optional parameter should only be - present if its value is less than the FCC requirement of 50 meters. - type: number - format: double - verticalAccuracy: - description: >- - A positive number in meters to indicate accuracy of the device - antenna vertical location. This optional parameter should only be - present if its value is less than the FCC requirement of 3 meters. - type: number - format: double - indoorDeployment: + policy: + $ref: '#/components/schemas/SasPortalPolicy' + description: Required. The policy to be applied to the `resource`. + disableNotification: description: >- - Whether the device antenna is indoor or not. `true`: indoor. - `false`: outdoor. + Optional. Set the field as `true` to disable the onboarding + notification. type: boolean - antennaAzimuth: - description: >- - Boresight direction of the horizontal plane of the antenna in - degrees with respect to true north. The value of this parameter is - an integer with a value between 0 and 359 inclusive. A value of 0 - degrees means true north; a value of 90 degrees means east. This - parameter is optional for Category A devices and conditional for - Category B devices. - type: integer - format: int32 - antennaDowntilt: - description: >- - Antenna downtilt in degrees and is an integer with a value between - -90 and +90 inclusive; a negative value means the antenna is tilted - up (above horizontal). This parameter is optional for Category A - devices and conditional for Category B devices. - type: integer - format: int32 - antennaGain: - description: >- - Peak antenna gain in dBi. This parameter is a double with a value - between -127 and +128 (dBi) inclusive. Part of Release 2 to support - floating-point value - type: number - format: double - eirpCapability: - description: >- - This parameter is the maximum device EIRP in units of dBm/10MHz and - is an integer with a value between -127 and +47 (dBm/10 MHz) - inclusive. If not included, SAS interprets it as maximum allowable - EIRP in units of dBm/10MHz for device category. - type: integer - format: int32 - antennaBeamwidth: - description: >- - 3-dB antenna beamwidth of the antenna in the horizontal-plane in - degrees. This parameter is an unsigned integer having a value - between 0 and 360 (degrees) inclusive; it is optional for Category A - devices and conditional for Category B devices. - type: integer - format: int32 - antennaModel: + resource: description: >- - If an external antenna is used, the antenna model is optionally - provided in this field. The string has a maximum length of 128 - octets. + Required. The resource for which the policy is being specified. This + policy replaces any existing policy. type: string - cpeCbsdIndication: - description: >- - If present, this parameter specifies whether the CBSD is a CPE-CBSD - or not. - type: boolean - SasPortalDeviceGrant: - id: SasPortalDeviceGrant - description: >- - Device grant. It is an authorization provided by the Spectrum Access - System to a device to transmit using specified operating parameters - after a successful heartbeat by the device. + SasPortalChannelWithScore: + id: SasPortalChannelWithScore + description: The channel with score. type: object properties: - maxEirp: - description: >- - Maximum Equivalent Isotropically Radiated Power (EIRP) permitted by - the grant. The maximum EIRP is in units of dBm/MHz. The value of - `maxEirp` represents the average (RMS) EIRP that would be measured - by the procedure defined in FCC part 96.41(e)(3). - type: number + score: format: double + description: The channel score, normalized to be in the range [0,100]. + type: number frequencyRange: - description: The transmission frequency range. $ref: '#/components/schemas/SasPortalFrequencyRange' - state: - description: State of the grant. - type: string - enumDescriptions: - - '' - - >- - The grant has been granted but the device is not heartbeating on - it. - - The grant has been terminated by the SAS. - - The grant has been suspended by the SAS. - - The device is currently transmitting. - - The grant has expired. - enum: - - GRANT_STATE_UNSPECIFIED - - GRANT_STATE_GRANTED - - GRANT_STATE_TERMINATED - - GRANT_STATE_SUSPENDED - - GRANT_STATE_AUTHORIZED - - GRANT_STATE_EXPIRED - channelType: - description: Type of channel used. - type: string - enumDescriptions: - - '' - - '' - - '' - enum: - - CHANNEL_TYPE_UNSPECIFIED - - CHANNEL_TYPE_GAA - - CHANNEL_TYPE_PAL - moveList: - description: The DPA move lists on which this grant appears. - type: array + description: The frequency range of the channel. + SasPortalGenerateSecretRequest: + id: SasPortalGenerateSecretRequest + type: object + properties: {} + description: Request for GenerateSecret. + SasPortalListLegacyOrganizationsResponse: + id: SasPortalListLegacyOrganizationsResponse + description: >- + Response for [ListLegacyOrganizations]. + [spectrum.sas.portal.v1alpha1.Provisioning.ListLegacyOrganizations]. + properties: + organizations: + description: Optional. Legacy SAS organizations. items: - $ref: '#/components/schemas/SasPortalDpaMoveList' - expireTime: - description: The expiration time of the grant. - type: string - format: google-datetime - suspensionReason: - description: If the grant is suspended, the reason(s) for suspension. + $ref: '#/components/schemas/SasPortalOrganization' type: array + type: object + SasPortalTestPermissionsRequest: + properties: + resource: + type: string + description: >- + Required. The resource for which the permissions are being + requested. + permissions: items: type: string - grantId: - description: Grant Id. - type: string - lastHeartbeatTransmitExpireTime: - description: The transmit expiration time of the last heartbeat. - type: string - format: google-datetime - SasPortalFrequencyRange: - id: SasPortalFrequencyRange - description: Frequency range from `low_frequency` to `high_frequency`. + type: array + description: The set of permissions to check for the `resource`. + description: Request message for `TestPermissions` method. type: object + id: SasPortalTestPermissionsRequest + SasPortalTestPermissionsResponse: properties: - lowFrequencyMhz: - description: The lowest frequency of the frequency range in MHz. - type: number - format: double - highFrequencyMhz: - description: The highest frequency of the frequency range in MHz. - type: number - format: double - SasPortalDpaMoveList: - id: SasPortalDpaMoveList - description: An entry in a DPA's move list. + permissions: + type: array + description: A set of permissions that the caller is allowed. + items: + type: string type: object - properties: - dpaId: - description: The ID of the DPA. - type: string - frequencyRange: - description: The frequency range that the move list affects. - $ref: '#/components/schemas/SasPortalFrequencyRange' - SasPortalDeviceMetadata: - id: SasPortalDeviceMetadata - description: Device data overridable by both SAS Portal and registration requests. + description: Response message for `TestPermissions` method. + id: SasPortalTestPermissionsResponse + SasPortalDeployment: type: object + description: The Deployment. + id: SasPortalDeployment properties: - interferenceCoordinationGroup: - description: >- - Interference Coordination Group (ICG). A group of CBSDs that manage - their own interference with the group. For more details, see - [CBRSA-TS-2001 - V3.0.0](https://ongoalliance.org/wp-content/uploads/2020/02/CBRSA-TS-2001-V3.0.0_Approved-for-publication.pdf). - type: string - commonChannelGroup: - description: >- - Common Channel Group (CCG). A group of CBSDs in the same ICG - requesting a common primary channel assignment. For more details, - see [CBRSA-TS-2001 - V3.0.0](https://ongoalliance.org/wp-content/uploads/2020/02/CBRSA-TS-2001-V3.0.0_Approved-for-publication.pdf). + displayName: + description: The deployment's display name. type: string - antennaModel: - description: >- - If populated, the Antenna Model Pattern to use. Format is: - `RecordCreatorId:PatternId` + name: + description: Output only. Resource name. type: string - nrqzValidated: - description: >- - Output only. Set to `true` if a CPI has validated that they have - coordinated with the National Quiet Zone office. readOnly: true - deprecated: true - type: boolean - nrqzValidation: - description: Output only. National Radio Quiet Zone validation info. + frns: + description: >- + Output only. The FCC Registration Numbers (FRNs) copied from its + direct parent. + items: + type: string + type: array readOnly: true - $ref: '#/components/schemas/SasPortalNrqzValidation' - SasPortalNrqzValidation: - id: SasPortalNrqzValidation - description: Information about National Radio Quiet Zone validation. + sasUserIds: + items: + type: string + type: array + description: >- + User ID used by the devices belonging to this deployment. Each + deployment should be associated with one unique user ID. + SasPortalSetupSasAnalyticsMetadata: type: object + description: >- + Metadata returned by the long running operation for the + SetupSasAnalytics rpc. + properties: {} + id: SasPortalSetupSasAnalyticsMetadata + SasPortalDeviceModel: properties: - caseId: - description: Validation case ID. + firmwareVersion: + description: The firmware version of the device. type: string - latitude: - description: Device latitude that's associated with the validation. - type: number - format: double - longitude: - description: Device longitude that's associated with the validation. - type: number - format: double - cpiId: - description: CPI who signed the validation. + hardwareVersion: type: string - state: - description: State of the NRQZ validation info. + description: The hardware version of the device. + vendor: + description: The name of the device vendor. type: string - enumDescriptions: - - Unspecified state. - - Draft state. - - Final state. - enum: - - STATE_UNSPECIFIED - - DRAFT - - FINAL - SasPortalChannelWithScore: - id: SasPortalChannelWithScore - description: The channel with score. + name: + description: The name of the device model. + type: string + softwareVersion: + description: The software version of the device. + type: string + id: SasPortalDeviceModel type: object + description: Information about the model of the device. + SasPortalSetupSasAnalyticsResponse: + type: object + properties: {} + description: >- + Response returned by the long running operation for the + SetupSasAnalytics rpc. + id: SasPortalSetupSasAnalyticsResponse + SasPortalDpaMoveList: + id: SasPortalDpaMoveList properties: frequencyRange: - description: The frequency range of the channel. + description: The frequency range that the move list affects. $ref: '#/components/schemas/SasPortalFrequencyRange' - score: - description: The channel score, normalized to be in the range [0,100]. - type: number - format: double - SasPortalCreateSignedDeviceRequest: - id: SasPortalCreateSignedDeviceRequest - description: Request for CreateSignedDevice. - type: object - properties: - encodedDevice: - description: >- - Required. JSON Web Token signed using a CPI private key. Payload - must be the JSON encoding of the device. The user_id field must be - set. - type: string - format: byte - installerId: - description: >- - Required. Unique installer id (CPI ID) from the Certified - Professional Installers database. + dpaId: + description: The ID of the DPA. type: string - SasPortalEmpty: - id: SasPortalEmpty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } type: object - properties: {} - SasPortalListDevicesResponse: - id: SasPortalListDevicesResponse - description: Response for ListDevices. + description: An entry in a DPA's move list. + SasPortalMigrateOrganizationResponse: + description: >- + Response for [MigrateOrganization]. + [spectrum.sas.portal.v1alpha1.Provisioning.MigrateOrganization]. + id: SasPortalMigrateOrganizationResponse type: object properties: - devices: - description: The devices that match the request. + deploymentAssociation: + description: >- + Optional. A list of deployment association that were created for the + migration, or current associations if they already exist. type: array items: - $ref: '#/components/schemas/SasPortalDevice' - nextPageToken: - description: >- - A pagination token returned from a previous call to ListDevices that - indicates from where listing should continue. If the field is - missing or empty, it means there is no more devices. - type: string - SasPortalMoveDeviceRequest: - id: SasPortalMoveDeviceRequest - description: Request for MoveDevice. + $ref: '#/components/schemas/SasPortalDeploymentAssociation' + SasPortalAssignment: type: object properties: - destination: + members: + type: array + items: + type: string description: >- - Required. The name of the new parent resource node or customer to - reparent the device under. + The identities the role is assigned to. It can have the following + values: * `{user_email}`: An email address that represents a + specific Google account. For example: `alice@gmail.com`. * + `{group_email}`: An email address that represents a Google group. + For example, `viewers@gmail.com`. + role: type: string - SasPortalUpdateSignedDeviceRequest: - id: SasPortalUpdateSignedDeviceRequest - description: Request for UpdateSignedDevice. - type: object + description: Required. Role that is assigned to `members`. + description: Associates `members` with a `role`. + id: SasPortalAssignment + SasPortalDevice: properties: - encodedDevice: + activeConfig: description: >- - Required. The JSON Web Token signed using a CPI private key. Payload - must be the JSON encoding of the device. The user_id field must be - set. + Output only. Current configuration of the device as registered to + the SAS. + $ref: '#/components/schemas/SasPortalDeviceConfig' + name: type: string - format: byte - installerId: - description: >- - Required. Unique installer ID (CPI ID) from the Certified - Professional Installers database. + description: Output only. The resource path name. + preloadedConfig: + $ref: '#/components/schemas/SasPortalDeviceConfig' + description: Configuration of the device, as specified via SAS Portal API. + serialNumber: + type: string + description: A serial number assigned to the device by the device manufacturer. + grants: + type: array + description: Output only. Grants held by the device. + items: + $ref: '#/components/schemas/SasPortalDeviceGrant' + state: + type: string + enumDescriptions: + - Unspecified state. + - >- + Device created in the SAS Portal, however, not yet registered with + SAS. + - Device registered with SAS. + - Device de-registered with SAS. + description: Output only. Device state. + enum: + - DEVICE_STATE_UNSPECIFIED + - RESERVED + - REGISTERED + - DEREGISTERED + fccId: + type: string + description: >- + The FCC identifier of the device. Refer to + https://www.fcc.gov/oet/ea/fccid for FccID format. Accept + underscores and periods because some test-SAS customers use them. + grantRangeAllowlists: + description: >- + Only ranges that are within the allowlists are available for new + grants. + type: array + items: + $ref: '#/components/schemas/SasPortalFrequencyRange' + currentChannels: + type: array + items: + $ref: '#/components/schemas/SasPortalChannelWithScore' + deprecated: true + description: Output only. Current channels with scores. + readOnly: true + deviceMetadata: + $ref: '#/components/schemas/SasPortalDeviceMetadata' + description: >- + Device parameters that can be overridden by both SAS Portal and SAS + registration requests. + displayName: + description: Device display name. type: string - SasPortalSignDeviceRequest: - id: SasPortalSignDeviceRequest - description: Request for SignDevice. type: object + id: SasPortalDevice + SasPortalGenerateSecretResponse: properties: - device: - description: >- - Required. The device to sign. The device fields name, fcc_id and - serial_number must be set. The user_id field must be set. - $ref: '#/components/schemas/SasPortalDevice' - SasPortalNode: - id: SasPortalNode - description: The Node. + secret: + type: string + description: The secret generated by the string and used by ValidateInstaller. + id: SasPortalGenerateSecretResponse + type: object + description: Response for GenerateSecret. + SasPortalCustomer: type: object properties: name: - description: Output only. Resource name. + description: Output only. Resource name of the customer. type: string displayName: - description: The node's display name. + description: >- + Required. Name of the organization that the customer entity + represents. type: string sasUserIds: - description: User ids used by the devices belonging to this node. - type: array items: type: string - SasPortalListNodesResponse: - id: SasPortalListNodesResponse - description: Response for ListNodes. - type: object + type: array + description: User IDs used by the devices belonging to this customer. + description: Entity representing a SAS customer. + id: SasPortalCustomer + SasPortalListDevicesResponse: + id: SasPortalListDevicesResponse + description: Response for ListDevices. properties: - nodes: - description: The nodes that match the request. + nextPageToken: + description: >- + A pagination token returned from a previous call to ListDevices that + indicates from where listing should continue. If the field is + missing or empty, it means there is no more devices. + type: string + devices: type: array + description: The devices that match the request. items: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalDevice' + type: object + SasPortalListNodesResponse: + description: Response for ListNodes. + id: SasPortalListNodesResponse + properties: nextPageToken: description: >- A pagination token returned from a previous call to ListNodes that indicates from where listing should continue. If the field is missing or empty, it means there is no more nodes. type: string + nodes: + description: The nodes that match the request. + items: + $ref: '#/components/schemas/SasPortalNode' + type: array + type: object SasPortalMoveNodeRequest: - id: SasPortalMoveNodeRequest description: Request for MoveNode. - type: object + id: SasPortalMoveNodeRequest properties: destination: + type: string description: >- Required. The name of the new parent resource node or customer to reparent the node under. - type: string - SasPortalGenerateSecretRequest: - id: SasPortalGenerateSecretRequest - description: Request for GenerateSecret. - type: object - properties: {} - SasPortalGenerateSecretResponse: - id: SasPortalGenerateSecretResponse - description: Response for GenerateSecret. type: object - properties: - secret: - description: The secret generated by the string and used by ValidateInstaller. - type: string SasPortalValidateInstallerRequest: - id: SasPortalValidateInstallerRequest description: Request for ValidateInstaller. type: object + id: SasPortalValidateInstallerRequest properties: - installerId: - description: >- - Required. Unique installer id (CPI ID) from the Certified - Professional Installers database. - type: string - secret: - description: Required. Secret returned by the GenerateSecret. - type: string encodedSecret: + type: string description: >- Required. JSON Web Token signed using a CPI private key. Payload must include a "secret" claim whose value is the secret. + installerId: type: string - SasPortalValidateInstallerResponse: - id: SasPortalValidateInstallerResponse - description: Response for ValidateInstaller. - type: object - properties: {} - SasPortalListDeploymentsResponse: - id: SasPortalListDeploymentsResponse - description: Response for ListDeployments. - type: object - properties: - deployments: - description: The deployments that match the request. - type: array - items: - $ref: '#/components/schemas/SasPortalDeployment' - nextPageToken: description: >- - A pagination token returned from a previous call to ListDeployments - that indicates from where listing should continue. If the field is - missing or empty, it means there are no more deployments. + Required. Unique installer id (CPI ID) from the Certified + Professional Installers database. + secret: type: string - SasPortalMoveDeploymentRequest: - id: SasPortalMoveDeploymentRequest - description: Request for MoveDeployment. - type: object + description: Required. Secret returned by the GenerateSecret. + SasPortalDeviceAirInterface: properties: - destination: + radioTechnology: description: >- - Required. The name of the new parent resource node or customer to - reparent the deployment under. + Conditional. This field specifies the radio access technology that + is used for the CBSD. + enum: + - RADIO_TECHNOLOGY_UNSPECIFIED + - E_UTRA + - CAMBIUM_NETWORKS + - FOUR_G_BBW_SAA_1 + - NR + - DOODLE_CBRS + - CW + - REDLINE + - TARANA_WIRELESS + - FAROS type: string - SasPortalSetPolicyRequest: - id: SasPortalSetPolicyRequest - description: Request message for `SetPolicy` method. - type: object - properties: - resource: - description: >- - Required. The resource for which the policy is being specified. This - policy replaces any existing policy. + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + - '' + supportedSpec: type: string - policy: - description: Required. The policy to be applied to the `resource`. - $ref: '#/components/schemas/SasPortalPolicy' - disableNotification: description: >- - Optional. Set the field as `true` to disable the onboarding - notification. - type: boolean - SasPortalPolicy: - id: SasPortalPolicy - description: Defines an access control policy to the resources. + Optional. This field is related to the `radioTechnology` and + provides the air interface specification that the CBSD is compliant + with at the time of registration. + description: Information about the device's air interface. + id: SasPortalDeviceAirInterface + type: object + SasPortalDeviceConfig: type: object properties: - assignments: - description: List of assignments - type: array + userId: + type: string + description: The identifier of a device user. + airInterface: + $ref: '#/components/schemas/SasPortalDeviceAirInterface' + description: Information about this device's air interface. + callSign: + description: The call sign of the device operator. + type: string + category: + enum: + - DEVICE_CATEGORY_UNSPECIFIED + - DEVICE_CATEGORY_A + - DEVICE_CATEGORY_B + description: FCC category of the device. + type: string + enumDescriptions: + - Unspecified device category. + - Category A. + - Category B. + updateTime: + description: Output only. The last time the device configuration was edited. + format: google-datetime + type: string + installationParams: + $ref: '#/components/schemas/SasPortalInstallationParams' + description: Installation parameters for the device. + model: + description: Information about this device model. + $ref: '#/components/schemas/SasPortalDeviceModel' + measurementCapabilities: items: - $ref: '#/components/schemas/SasPortalAssignment' - etag: - description: >- - The etag is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the etag in - the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An etag is returned in the response to - GetPolicy, and systems are expected to put that etag in the request - to SetPolicy to ensure that their change will be applied to the same - version of the policy. If no etag is provided in the call to - GetPolicy, then the existing policy is overwritten blindly. + enumDescriptions: + - '' + - '' + - '' + type: string + enum: + - MEASUREMENT_CAPABILITY_UNSPECIFIED + - MEASUREMENT_CAPABILITY_RECEIVED_POWER_WITH_GRANT + - MEASUREMENT_CAPABILITY_RECEIVED_POWER_WITHOUT_GRANT + description: Measurement reporting capabilities of the device. + type: array + state: type: string - format: byte - SasPortalAssignment: - id: SasPortalAssignment - description: Associates `members` with a `role`. + enum: + - DEVICE_CONFIG_STATE_UNSPECIFIED + - DRAFT + - FINAL + enumDescriptions: + - '' + - '' + - '' + description: State of the configuration. + isSigned: + description: Output only. Whether the configuration has been signed by a CPI. + type: boolean + description: Information about the device configuration. + id: SasPortalDeviceConfig + SasPortalProvisionDeploymentRequest: + id: SasPortalProvisionDeploymentRequest type: object + description: >- + Request for [ProvisionDeployment]. + [spectrum.sas.portal.v1alpha1.Provisioning.ProvisionDeployment]. GCP + Project, Organization Info, and caller’s GAIA ID should be retrieved + from the RPC handler, and used as inputs to create a new SAS + organization (if not exists) and a new SAS deployment. properties: - role: - description: Required. Role that is assigned to `members`. + newDeploymentDisplayName: type: string - members: description: >- - The identities the role is assigned to. It can have the following - values: * `{user_email}`: An email address that represents a - specific Google account. For example: `alice@gmail.com`. * - `{group_email}`: An email address that represents a Google group. - For example, `viewers@gmail.com`. - type: array - items: - type: string - SasPortalGetPolicyRequest: - id: SasPortalGetPolicyRequest - description: Request message for `GetPolicy` method. - type: object - properties: - resource: - description: Required. The resource for which the policy is being requested. + Optional. If this field is set, and a new SAS Portal Deployment + needs to be created, its display name will be set to the value of + this field. + newOrganizationDisplayName: type: string - SasPortalTestPermissionsRequest: - id: SasPortalTestPermissionsRequest - description: Request message for `TestPermissions` method. + description: >- + Optional. If this field is set, and a new SAS Portal Organization + needs to be created, its display name will be set to the value of + this field. + organizationId: + type: string + format: int64 + description: >- + Optional. If this field is set then a new deployment will be created + under the organization specified by this id. + SasPortalFrequencyRange: + properties: + highFrequencyMhz: + type: number + format: double + description: The highest frequency of the frequency range in MHz. + lowFrequencyMhz: + type: number + format: double + description: The lowest frequency of the frequency range in MHz. + description: Frequency range from `low_frequency` to `high_frequency`. + id: SasPortalFrequencyRange type: object + SasPortalMoveDeploymentRequest: + description: Request for MoveDeployment. properties: - resource: - description: >- - Required. The resource for which the permissions are being - requested. + destination: type: string - permissions: - description: The set of permissions to check for the `resource`. - type: array - items: - type: string - SasPortalTestPermissionsResponse: - id: SasPortalTestPermissionsResponse - description: Response message for `TestPermissions` method. + description: >- + Required. The name of the new parent resource node or customer to + reparent the deployment under. + id: SasPortalMoveDeploymentRequest + type: object + SasPortalMigrateOrganizationRequest: type: object + description: >- + Request for [MigrateOrganization]. + [spectrum.sas.portal.v1alpha1.Provisioning.MigrateOrganization]. GCP + Project, Organization Info, and caller's GAIA ID should be retrieved + from the RPC handler, and used to check authorization on SAS Portal + organization and to create GCP Projects. properties: - permissions: - description: A set of permissions that the caller is allowed. - type: array - items: - type: string + organizationId: + format: int64 + type: string + description: Required. Id of the SAS organization to be migrated. + id: SasPortalMigrateOrganizationRequest SasPortalMigrateOrganizationMetadata: id: SasPortalMigrateOrganizationMetadata + type: object description: >- Long-running operation metadata message returned by the MigrateOrganization. - type: object properties: operationState: - description: Output only. Current operation state - readOnly: true - type: string + enum: + - OPERATION_STATE_UNSPECIFIED + - OPERATION_STATE_PENDING + - OPERATION_STATE_RUNNING + - OPERATION_STATE_SUCCEEDED + - OPERATION_STATE_FAILED enumDescriptions: - Unspecified. - Pending (Not started). - In-progress. - Done successfully. - Done with errors. + type: string + description: Output only. Current operation state + readOnly: true + SasPortalDeviceMetadata: + type: object + description: Device data overridable by both SAS Portal and registration requests. + id: SasPortalDeviceMetadata + properties: + antennaModel: + description: >- + If populated, the Antenna Model Pattern to use. Format is: + `RecordCreatorId:PatternId` + type: string + nrqzValidated: + type: boolean + readOnly: true + deprecated: true + description: >- + Output only. Set to `true` if a CPI has validated that they have + coordinated with the National Quiet Zone office. + interferenceCoordinationGroup: + type: string + description: >- + Interference Coordination Group (ICG). A group of CBSDs that manage + their own interference with the group. For more details, see + [CBRSA-TS-2001 + V3.0.0](https://ongoalliance.org/wp-content/uploads/2020/02/CBRSA-TS-2001-V3.0.0_Approved-for-publication.pdf). + nrqzValidation: + description: Output only. National Radio Quiet Zone validation info. + $ref: '#/components/schemas/SasPortalNrqzValidation' + readOnly: true + commonChannelGroup: + type: string + description: >- + Common Channel Group (CCG). A group of CBSDs in the same ICG + requesting a common primary channel assignment. For more details, + see [CBRSA-TS-2001 + V3.0.0](https://ongoalliance.org/wp-content/uploads/2020/02/CBRSA-TS-2001-V3.0.0_Approved-for-publication.pdf). + SasPortalInstallationParams: + type: object + description: Information about the device installation parameters. + properties: + antennaGain: + type: number + format: double + description: >- + Peak antenna gain in dBi. This parameter is a double with a value + between -127 and +128 (dBi) inclusive. Part of Release 2 to support + floating-point value + antennaBeamwidth: + format: int32 + type: integer + description: >- + 3-dB antenna beamwidth of the antenna in the horizontal-plane in + degrees. This parameter is an unsigned integer having a value + between 0 and 360 (degrees) inclusive; it is optional for Category A + devices and conditional for Category B devices. + antennaDowntilt: + format: int32 + description: >- + Antenna downtilt in degrees and is an integer with a value between + -90 and +90 inclusive; a negative value means the antenna is tilted + up (above horizontal). This parameter is optional for Category A + devices and conditional for Category B devices. + type: integer + longitude: + format: double + description: >- + Longitude of the device antenna location in degrees relative to the + WGS 84 datum. The allowed range is from -180.000000 to +180.000000. + Positive values represent longitudes east of the prime meridian; + negative values west of the prime meridian. + type: number + height: + format: double + description: >- + Device antenna height in meters. When the `heightType` parameter + value is "AGL", the antenna height should be given relative to + ground level. When the `heightType` parameter value is "AMSL", it is + given with respect to WGS84 datum. + type: number + cpeCbsdIndication: + description: >- + If present, this parameter specifies whether the CBSD is a CPE-CBSD + or not. + type: boolean + heightType: + enumDescriptions: + - Unspecified height type. + - AGL height is measured relative to the ground level. + - AMSL height is measured relative to the mean sea level. enum: - - OPERATION_STATE_UNSPECIFIED - - OPERATION_STATE_PENDING - - OPERATION_STATE_RUNNING - - OPERATION_STATE_SUCCEEDED - - OPERATION_STATE_FAILED - SasPortalMigrateOrganizationResponse: - id: SasPortalMigrateOrganizationResponse - description: >- - Response for [MigrateOrganization]. - [spectrum.sas.portal.v1alpha1.Provisioning.MigrateOrganization]. + - HEIGHT_TYPE_UNSPECIFIED + - HEIGHT_TYPE_AGL + - HEIGHT_TYPE_AMSL + description: Specifies how the height is measured. + type: string + antennaModel: + description: >- + If an external antenna is used, the antenna model is optionally + provided in this field. The string has a maximum length of 128 + octets. + type: string + latitude: + description: >- + Latitude of the device antenna location in degrees relative to the + WGS 84 datum. The allowed range is from -90.000000 to +90.000000. + Positive values represent latitudes north of the equator; negative + values south of the equator. + type: number + format: double + horizontalAccuracy: + format: double + description: >- + A positive number in meters to indicate accuracy of the device + antenna horizontal location. This optional parameter should only be + present if its value is less than the FCC requirement of 50 meters. + type: number + verticalAccuracy: + type: number + format: double + description: >- + A positive number in meters to indicate accuracy of the device + antenna vertical location. This optional parameter should only be + present if its value is less than the FCC requirement of 3 meters. + eirpCapability: + description: >- + This parameter is the maximum device EIRP in units of dBm/10MHz and + is an integer with a value between -127 and +47 (dBm/10 MHz) + inclusive. If not included, SAS interprets it as maximum allowable + EIRP in units of dBm/10MHz for device category. + type: integer + format: int32 + indoorDeployment: + type: boolean + description: >- + Whether the device antenna is indoor or not. `true`: indoor. + `false`: outdoor. + antennaAzimuth: + type: integer + description: >- + Boresight direction of the horizontal plane of the antenna in + degrees with respect to true north. The value of this parameter is + an integer with a value between 0 and 359 inclusive. A value of 0 + degrees means true north; a value of 90 degrees means east. This + parameter is optional for Category A devices and conditional for + Category B devices. + format: int32 + id: SasPortalInstallationParams + SasPortalStatus: + id: SasPortalStatus + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). type: object properties: - deploymentAssociation: + code: + type: integer + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + message: description: >- - Optional. A list of deployment association that were created for the - migration, or current associations if they already exist. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + details: type: array items: - $ref: '#/components/schemas/SasPortalDeploymentAssociation' - SasPortalDeploymentAssociation: - id: SasPortalDeploymentAssociation - description: Association between a gcp project and a SAS user id. - type: object + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + SasPortalListCustomersResponse: properties: - userId: - description: User id of the deployment. - type: string - gcpProjectId: - description: GCP project id of the associated project. + customers: + description: The list of customers that match the request. + type: array + items: + $ref: '#/components/schemas/SasPortalCustomer' + nextPageToken: + description: >- + A pagination token returned from a previous call to ListCustomers + that indicates from where listing should continue. If the field is + missing or empty, it means there are no more customers. type: string - SasPortalSetupSasAnalyticsMetadata: - id: SasPortalSetupSasAnalyticsMetadata - description: >- - Metadata returned by the long running operation for the - SetupSasAnalytics rpc. + description: Response for `ListCustomers`. type: object - properties: {} - SasPortalSetupSasAnalyticsResponse: - id: SasPortalSetupSasAnalyticsResponse - description: >- - Response returned by the long running operation for the - SetupSasAnalytics rpc. + id: SasPortalListCustomersResponse + SasPortalListDeploymentsResponse: + id: SasPortalListDeploymentsResponse + properties: + deployments: + description: The deployments that match the request. + type: array + items: + $ref: '#/components/schemas/SasPortalDeployment' + nextPageToken: + description: >- + A pagination token returned from a previous call to ListDeployments + that indicates from where listing should continue. If the field is + missing or empty, it means there are no more deployments. + type: string type: object - properties: {} + description: Response for ListDeployments. parameters: - access_token: - description: OAuth access token. + _.xgafv: + description: V1 error format. in: query - name: access_token + name: $.xgafv schema: type: string - alt: - description: Data format for response. + enum: + - '1' + - '2' + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: alt + name: prettyPrint + schema: + type: boolean + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol schema: type: string - enum: - - json - - media - - proto - callback: - description: JSONP + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: callback + name: oauth_token schema: type: string fields: @@ -1132,31 +1137,16 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + callback: + description: JSONP in: query - name: quotaUser + name: callback schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + access_token: + description: OAuth access token. in: query - name: upload_protocol + name: access_token schema: type: string uploadType: @@ -1165,24 +1155,64 @@ components: name: uploadType schema: type: string - _.xgafv: - description: V1 error format. + alt: + description: Data format for response. in: query - name: $.xgafv + name: alt schema: type: string enum: - - '1' - - '2' + - json + - media + - proto + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string x-stackQL-resources: + policies: + id: google.sasportal.policies + name: policies + title: Policies + methods: + policies_get: + operation: + $ref: '#/paths/~1v1alpha1~1policies:get/post' + response: + mediaType: application/json + openAPIDocKey: '200' + policies_test: + operation: + $ref: '#/paths/~1v1alpha1~1policies:test/post' + response: + mediaType: application/json + openAPIDocKey: '200' + policies_set: + operation: + $ref: '#/paths/~1v1alpha1~1policies:set/post' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/policies/methods/policies_get' + insert: [] + update: [] + replace: [] + delete: [] customers: id: google.sasportal.customers name: customers title: Customers methods: - customers_get: + customers_setup_sas_analytics: operation: - $ref: '#/paths/~1v1alpha1~1customers~1{customersId}/get' + $ref: '#/paths/~1v1alpha1~1customers:setupSasAnalytics/post' response: mediaType: application/json openAPIDocKey: '200' @@ -1192,28 +1222,28 @@ components: response: mediaType: application/json openAPIDocKey: '200' - customers_list: + customers_get: operation: - $ref: '#/paths/~1v1alpha1~1customers/get' + $ref: '#/paths/~1v1alpha1~1customers~1{customersId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.customers customers_provision_deployment: operation: $ref: '#/paths/~1v1alpha1~1customers:provisionDeployment/post' response: mediaType: application/json openAPIDocKey: '200' - customers_migrate_organization: + customers_list: operation: - $ref: '#/paths/~1v1alpha1~1customers:migrateOrganization/post' + $ref: '#/paths/~1v1alpha1~1customers/get' response: mediaType: application/json openAPIDocKey: '200' - customers_setup_sas_analytics: + objectKey: $.customers + customers_migrate_organization: operation: - $ref: '#/paths/~1v1alpha1~1customers:setupSasAnalytics/post' + $ref: '#/paths/~1v1alpha1~1customers:migrateOrganization/post' response: mediaType: application/json openAPIDocKey: '200' @@ -1226,6 +1256,25 @@ components: - $ref: '#/components/x-stackQL-resources/customers/methods/customers_patch' replace: [] delete: [] + customers_legacy_organizations: + id: google.sasportal.customers_legacy_organizations + name: customers_legacy_organizations + title: Customers_legacy_organizations + methods: + customers_list_legacy_organizations: + operation: + $ref: '#/paths/~1v1alpha1~1customers:listLegacyOrganizations/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/customers_legacy_organizations/methods/customers_list_legacy_organizations + insert: [] + update: [] + replace: [] + delete: [] customers_gcp_project_deployments: id: google.sasportal.customers_gcp_project_deployments name: customers_gcp_project_deployments @@ -1245,685 +1294,641 @@ components: update: [] replace: [] delete: [] - customers_legacy_organizations: - id: google.sasportal.customers_legacy_organizations - name: customers_legacy_organizations - title: Customers_legacy_organizations + customer_nodes: + id: google.sasportal.customer_nodes + name: customer_nodes + title: Customer_nodes methods: - customers_list_legacy_organizations: + customers_nodes_create: + operation: + $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1nodes/post' + response: + mediaType: application/json + openAPIDocKey: '200' + customers_nodes_list: + operation: + $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1nodes/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.nodes + customers_nodes_delete: + operation: + $ref: >- + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + customers_nodes_nodes_list: + operation: + $ref: >- + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1nodes/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.nodes + customers_nodes_nodes_create: operation: - $ref: '#/paths/~1v1alpha1~1customers:listLegacyOrganizations/get' + $ref: >- + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1nodes/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/customers_legacy_organizations/methods/customers_list_legacy_organizations - insert: [] + #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_nodes_list + - $ref: >- + #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_list + insert: + - $ref: >- + #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_nodes_create + - $ref: >- + #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_create update: [] replace: [] - delete: [] - devices: - id: google.sasportal.devices - name: devices - title: Devices + delete: + - $ref: >- + #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_delete + nodes: + id: google.sasportal.nodes + name: nodes + title: Nodes methods: - customers_devices_create: - operation: - $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1devices/post' - response: - mediaType: application/json - openAPIDocKey: '200' - customers_devices_list: + customers_nodes_move: operation: - $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1devices/get' + $ref: >- + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}:move/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.devices - customers_devices_delete: + customers_nodes_patch: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}/delete + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}/patch response: mediaType: application/json openAPIDocKey: '200' - customers_devices_get: + nodes_nodes_patch: operation: - $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}/get + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}/patch' response: mediaType: application/json openAPIDocKey: '200' - customers_devices_patch: + nodes_nodes_delete: operation: - $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}/patch + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}/delete' response: mediaType: application/json openAPIDocKey: '200' - customers_devices_move: + nodes_nodes_move: operation: - $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}:move/post + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}:move/post' response: mediaType: application/json openAPIDocKey: '200' - customers_devices_sign_device: + nodes_nodes_create: operation: - $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}:signDevice/post + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes/post' response: mediaType: application/json openAPIDocKey: '200' - customers_nodes_devices_create: + nodes_nodes_list: operation: - $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1devices/post + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes/get' response: mediaType: application/json openAPIDocKey: '200' - customers_nodes_devices_list: + objectKey: $.nodes + nodes_nodes_nodes_create: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1devices/get + #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1nodes/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.devices - customers_deployments_devices_create: + nodes_nodes_nodes_list: operation: - $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}~1devices/post + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1nodes/get' response: mediaType: application/json openAPIDocKey: '200' - customers_deployments_devices_list: + objectKey: $.nodes + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/nodes/methods/nodes_nodes_nodes_list + - $ref: '#/components/x-stackQL-resources/nodes/methods/nodes_nodes_list' + insert: + - $ref: >- + #/components/x-stackQL-resources/nodes/methods/nodes_nodes_nodes_create + - $ref: '#/components/x-stackQL-resources/nodes/methods/nodes_nodes_create' + update: + - $ref: >- + #/components/x-stackQL-resources/nodes/methods/customers_nodes_patch + - $ref: '#/components/x-stackQL-resources/nodes/methods/nodes_nodes_patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/nodes/methods/nodes_nodes_delete' + customer_node: + id: google.sasportal.customer_node + name: customer_node + title: Customer_node + methods: + customers_nodes_get: operation: - $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}~1devices/get + $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.devices - nodes_devices_create: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/customer_node/methods/customers_nodes_get + insert: [] + update: [] + replace: [] + delete: [] + deployments: + id: google.sasportal.deployments + name: deployments + title: Deployments + methods: + customers_nodes_deployments_create: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices/post' + $ref: >- + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1deployments/post response: mediaType: application/json openAPIDocKey: '200' - nodes_devices_list: + customers_nodes_deployments_list: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices/get' + $ref: >- + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1deployments/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.devices - nodes_devices_delete: + objectKey: $.deployments + customers_deployments_create: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}/delete' + $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1deployments/post' response: mediaType: application/json openAPIDocKey: '200' - nodes_devices_get: + customers_deployments_list: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}/get' + $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1deployments/get' response: mediaType: application/json openAPIDocKey: '200' - nodes_devices_patch: + objectKey: $.deployments + customers_deployments_delete: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}/patch' + $ref: >- + #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - nodes_devices_move: + customers_deployments_patch: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}:move/post + #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}/patch response: mediaType: application/json openAPIDocKey: '200' - nodes_devices_sign_device: + customers_deployments_get: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}:signDevice/post + #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}/get response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_devices_create: + customers_deployments_move: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1devices/post + #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}:move/post response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_devices_list: + deployments_get: operation: - $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1devices/get + $ref: '#/paths/~1v1alpha1~1deployments~1{deploymentsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.devices - nodes_deployments_devices_create: + nodes_nodes_deployments_create: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}~1devices/post + #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1deployments/post response: mediaType: application/json openAPIDocKey: '200' - nodes_deployments_devices_list: + nodes_nodes_deployments_list: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}~1devices/get + #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1deployments/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.devices - deployments_devices_delete: + objectKey: $.deployments + nodes_deployments_patch: operation: $ref: >- - #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}/delete + #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}/patch response: mediaType: application/json openAPIDocKey: '200' - deployments_devices_get: + nodes_deployments_delete: operation: $ref: >- - #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}/get + #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - deployments_devices_patch: + nodes_deployments_get: operation: $ref: >- - #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}/patch + #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}/get response: mediaType: application/json openAPIDocKey: '200' - deployments_devices_move: + nodes_deployments_list: operation: - $ref: >- - #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}:move/post + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments/get' response: mediaType: application/json openAPIDocKey: '200' - deployments_devices_sign_device: + objectKey: $.deployments + nodes_deployments_move: operation: $ref: >- - #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}:signDevice/post + #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}:move/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_devices_get - - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_nodes_devices_list + #/components/x-stackQL-resources/deployments/methods/customers_nodes_deployments_list - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_deployments_devices_list - - $ref: '#/components/x-stackQL-resources/devices/methods/nodes_devices_get' + #/components/x-stackQL-resources/deployments/methods/customers_deployments_get - $ref: >- - #/components/x-stackQL-resources/devices/methods/nodes_nodes_devices_list + #/components/x-stackQL-resources/deployments/methods/nodes_nodes_deployments_list - $ref: >- - #/components/x-stackQL-resources/devices/methods/nodes_deployments_devices_list + #/components/x-stackQL-resources/deployments/methods/nodes_deployments_get - $ref: >- - #/components/x-stackQL-resources/devices/methods/deployments_devices_get + #/components/x-stackQL-resources/deployments/methods/customers_deployments_list - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_devices_list + #/components/x-stackQL-resources/deployments/methods/deployments_get - $ref: >- - #/components/x-stackQL-resources/devices/methods/nodes_devices_list + #/components/x-stackQL-resources/deployments/methods/nodes_deployments_list insert: - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_nodes_devices_create - - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_deployments_devices_create - - $ref: >- - #/components/x-stackQL-resources/devices/methods/nodes_nodes_devices_create - - $ref: >- - #/components/x-stackQL-resources/devices/methods/nodes_deployments_devices_create + #/components/x-stackQL-resources/deployments/methods/customers_nodes_deployments_create - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_devices_create + #/components/x-stackQL-resources/deployments/methods/nodes_nodes_deployments_create - $ref: >- - #/components/x-stackQL-resources/devices/methods/nodes_devices_create + #/components/x-stackQL-resources/deployments/methods/customers_deployments_create update: - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_devices_patch - - $ref: >- - #/components/x-stackQL-resources/devices/methods/nodes_devices_patch + #/components/x-stackQL-resources/deployments/methods/customers_deployments_patch - $ref: >- - #/components/x-stackQL-resources/devices/methods/deployments_devices_patch + #/components/x-stackQL-resources/deployments/methods/nodes_deployments_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/devices/methods/customers_devices_delete - - $ref: >- - #/components/x-stackQL-resources/devices/methods/nodes_devices_delete + #/components/x-stackQL-resources/deployments/methods/customers_deployments_delete - $ref: >- - #/components/x-stackQL-resources/devices/methods/deployments_devices_delete - devices_signed: - id: google.sasportal.devices_signed - name: devices_signed - title: Devices_signed + #/components/x-stackQL-resources/deployments/methods/nodes_deployments_delete + devices: + id: google.sasportal.devices + name: devices + title: Devices methods: - customers_devices_create_signed: - operation: - $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1devices:createSigned/post - response: - mediaType: application/json - openAPIDocKey: '200' - customers_devices_update_signed: + customers_nodes_devices_create: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}:updateSigned/patch + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1devices/post response: mediaType: application/json openAPIDocKey: '200' - customers_nodes_devices_create_signed: + customers_nodes_devices_list: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1devices:createSigned/post + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1devices/get response: mediaType: application/json openAPIDocKey: '200' - customers_deployments_devices_create_signed: + objectKey: $.devices + customers_devices_sign_device: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}~1devices:createSigned/post - response: - mediaType: application/json - openAPIDocKey: '200' - nodes_devices_create_signed: - operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices:createSigned/post' + #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}:signDevice/post response: mediaType: application/json openAPIDocKey: '200' - nodes_devices_update_signed: + customers_devices_patch: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}:updateSigned/patch + #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}/patch response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_devices_create_signed: + customers_devices_delete: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1devices:createSigned/post + #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}/delete response: mediaType: application/json openAPIDocKey: '200' - nodes_deployments_devices_create_signed: + customers_devices_get: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}~1devices:createSigned/post + #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}/get response: mediaType: application/json openAPIDocKey: '200' - deployments_devices_update_signed: + customers_devices_move: operation: $ref: >- - #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}:updateSigned/patch + #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}:move/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/customers_nodes_devices_create_signed - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/customers_deployments_devices_create_signed - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/nodes_nodes_devices_create_signed - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/nodes_deployments_devices_create_signed - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/customers_devices_create_signed - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/nodes_devices_create_signed - update: - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/customers_devices_update_signed - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/nodes_devices_update_signed - - $ref: >- - #/components/x-stackQL-resources/devices_signed/methods/deployments_devices_update_signed - replace: [] - delete: [] - customer_nodes: - id: google.sasportal.customer_nodes - name: customer_nodes - title: Customer_nodes - methods: - customers_nodes_create: + customers_devices_list: operation: - $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1nodes/post' + $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1devices/get' response: mediaType: application/json openAPIDocKey: '200' - customers_nodes_list: + objectKey: $.devices + customers_devices_create: operation: - $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1nodes/get' + $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1devices/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.nodes - customers_nodes_delete: + customers_deployments_devices_create: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}/delete + #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}~1devices/post response: mediaType: application/json openAPIDocKey: '200' - customers_nodes_nodes_create: + customers_deployments_devices_list: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1nodes/post + #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}~1devices/get response: mediaType: application/json openAPIDocKey: '200' - customers_nodes_nodes_list: + objectKey: $.devices + deployments_devices_move: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1nodes/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.nodes - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_nodes_list - - $ref: >- - #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_list - insert: - - $ref: >- - #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_nodes_create - - $ref: >- - #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_create - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/customer_nodes/methods/customers_nodes_delete - customer_node: - id: google.sasportal.customer_node - name: customer_node - title: Customer_node - methods: - customers_nodes_get: - operation: - $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}/get' + #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}:move/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/customer_node/methods/customers_nodes_get - insert: [] - update: [] - replace: [] - delete: [] - nodes: - id: google.sasportal.nodes - name: nodes - title: Nodes - methods: - customers_nodes_patch: + deployments_devices_delete: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}/patch + #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}/delete response: mediaType: application/json openAPIDocKey: '200' - customers_nodes_move: + deployments_devices_patch: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}:move/post + #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}/patch response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_create: + deployments_devices_get: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes/post' + $ref: >- + #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}/get response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_list: + deployments_devices_sign_device: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes/get' + $ref: >- + #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}:signDevice/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.nodes - nodes_nodes_delete: + nodes_nodes_devices_list: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}/delete' + $ref: >- + #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1devices/get response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_patch: + objectKey: $.devices + nodes_nodes_devices_create: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}/patch' + $ref: >- + #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1devices/post response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_move: + nodes_deployments_devices_list: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}:move/post' + $ref: >- + #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}~1devices/get response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_nodes_create: + objectKey: $.devices + nodes_deployments_devices_create: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1nodes/post + #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}~1devices/post response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_nodes_list: + nodes_devices_delete: operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1nodes/get' + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}/delete' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.nodes - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/nodes/methods/nodes_nodes_nodes_list - - $ref: '#/components/x-stackQL-resources/nodes/methods/nodes_nodes_list' - insert: - - $ref: >- - #/components/x-stackQL-resources/nodes/methods/nodes_nodes_nodes_create - - $ref: '#/components/x-stackQL-resources/nodes/methods/nodes_nodes_create' - update: - - $ref: >- - #/components/x-stackQL-resources/nodes/methods/customers_nodes_patch - - $ref: '#/components/x-stackQL-resources/nodes/methods/nodes_nodes_patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/nodes/methods/nodes_nodes_delete' - deployments: - id: google.sasportal.deployments - name: deployments - title: Deployments - methods: - customers_nodes_deployments_create: + nodes_devices_get: operation: - $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1deployments/post + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}/get' response: mediaType: application/json openAPIDocKey: '200' - customers_nodes_deployments_list: + nodes_devices_patch: operation: - $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1deployments/get + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}/patch' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.deployments - customers_deployments_create: + nodes_devices_list: operation: - $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1deployments/post' + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices/get' response: mediaType: application/json openAPIDocKey: '200' - customers_deployments_list: + objectKey: $.devices + nodes_devices_create: operation: - $ref: '#/paths/~1v1alpha1~1customers~1{customersId}~1deployments/get' + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.deployments - customers_deployments_delete: + nodes_devices_move: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}/delete + #/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}:move/post response: mediaType: application/json openAPIDocKey: '200' - customers_deployments_get: + nodes_devices_sign_device: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}/get + #/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}:signDevice/post response: mediaType: application/json openAPIDocKey: '200' - customers_deployments_patch: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/devices/methods/customers_nodes_devices_list + - $ref: >- + #/components/x-stackQL-resources/devices/methods/customers_devices_get + - $ref: >- + #/components/x-stackQL-resources/devices/methods/customers_deployments_devices_list + - $ref: >- + #/components/x-stackQL-resources/devices/methods/deployments_devices_get + - $ref: >- + #/components/x-stackQL-resources/devices/methods/nodes_nodes_devices_list + - $ref: >- + #/components/x-stackQL-resources/devices/methods/nodes_deployments_devices_list + - $ref: '#/components/x-stackQL-resources/devices/methods/nodes_devices_get' + - $ref: >- + #/components/x-stackQL-resources/devices/methods/customers_devices_list + - $ref: >- + #/components/x-stackQL-resources/devices/methods/nodes_devices_list + insert: + - $ref: >- + #/components/x-stackQL-resources/devices/methods/customers_nodes_devices_create + - $ref: >- + #/components/x-stackQL-resources/devices/methods/customers_deployments_devices_create + - $ref: >- + #/components/x-stackQL-resources/devices/methods/nodes_nodes_devices_create + - $ref: >- + #/components/x-stackQL-resources/devices/methods/nodes_deployments_devices_create + - $ref: >- + #/components/x-stackQL-resources/devices/methods/customers_devices_create + - $ref: >- + #/components/x-stackQL-resources/devices/methods/nodes_devices_create + update: + - $ref: >- + #/components/x-stackQL-resources/devices/methods/customers_devices_patch + - $ref: >- + #/components/x-stackQL-resources/devices/methods/deployments_devices_patch + - $ref: >- + #/components/x-stackQL-resources/devices/methods/nodes_devices_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/devices/methods/customers_devices_delete + - $ref: >- + #/components/x-stackQL-resources/devices/methods/deployments_devices_delete + - $ref: >- + #/components/x-stackQL-resources/devices/methods/nodes_devices_delete + devices_signed: + id: google.sasportal.devices_signed + name: devices_signed + title: Devices_signed + methods: + customers_nodes_devices_create_signed: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}/patch + #/paths/~1v1alpha1~1customers~1{customersId}~1nodes~1{nodesId}~1devices:createSigned/post response: mediaType: application/json openAPIDocKey: '200' - customers_deployments_move: + customers_devices_update_signed: operation: $ref: >- - #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}:move/post + #/paths/~1v1alpha1~1customers~1{customersId}~1devices~1{devicesId}:updateSigned/patch response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_deployments_create: + customers_devices_create_signed: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1deployments/post + #/paths/~1v1alpha1~1customers~1{customersId}~1devices:createSigned/post response: mediaType: application/json openAPIDocKey: '200' - nodes_nodes_deployments_list: + customers_deployments_devices_create_signed: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1deployments/get + #/paths/~1v1alpha1~1customers~1{customersId}~1deployments~1{deploymentsId}~1devices:createSigned/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.deployments - nodes_deployments_delete: + deployments_devices_update_signed: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}/delete + #/paths/~1v1alpha1~1deployments~1{deploymentsId}~1devices~1{devicesId}:updateSigned/patch response: mediaType: application/json openAPIDocKey: '200' - nodes_deployments_get: + nodes_nodes_devices_create_signed: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}/get + #/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}~1devices:createSigned/post response: mediaType: application/json openAPIDocKey: '200' - nodes_deployments_patch: + nodes_deployments_devices_create_signed: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - nodes_deployments_list: - operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments/get' + #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}~1devices:createSigned/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.deployments - nodes_deployments_move: + nodes_devices_update_signed: operation: $ref: >- - #/paths/~1v1alpha1~1nodes~1{nodesId}~1deployments~1{deploymentsId}:move/post + #/paths/~1v1alpha1~1nodes~1{nodesId}~1devices~1{devicesId}:updateSigned/patch response: mediaType: application/json openAPIDocKey: '200' - deployments_get: + nodes_devices_create_signed: operation: - $ref: '#/paths/~1v1alpha1~1deployments~1{deploymentsId}/get' + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1devices:createSigned/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/customers_nodes_deployments_list - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/customers_deployments_get - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/nodes_nodes_deployments_list - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/nodes_deployments_get + select: [] + insert: - $ref: >- - #/components/x-stackQL-resources/deployments/methods/customers_deployments_list + #/components/x-stackQL-resources/devices_signed/methods/customers_nodes_devices_create_signed - $ref: >- - #/components/x-stackQL-resources/deployments/methods/nodes_deployments_list + #/components/x-stackQL-resources/devices_signed/methods/customers_deployments_devices_create_signed - $ref: >- - #/components/x-stackQL-resources/deployments/methods/deployments_get - insert: + #/components/x-stackQL-resources/devices_signed/methods/nodes_nodes_devices_create_signed - $ref: >- - #/components/x-stackQL-resources/deployments/methods/customers_nodes_deployments_create + #/components/x-stackQL-resources/devices_signed/methods/nodes_deployments_devices_create_signed - $ref: >- - #/components/x-stackQL-resources/deployments/methods/nodes_nodes_deployments_create + #/components/x-stackQL-resources/devices_signed/methods/customers_devices_create_signed - $ref: >- - #/components/x-stackQL-resources/deployments/methods/customers_deployments_create + #/components/x-stackQL-resources/devices_signed/methods/nodes_devices_create_signed update: - $ref: >- - #/components/x-stackQL-resources/deployments/methods/customers_deployments_patch - - $ref: >- - #/components/x-stackQL-resources/deployments/methods/nodes_deployments_patch - replace: [] - delete: + #/components/x-stackQL-resources/devices_signed/methods/customers_devices_update_signed - $ref: >- - #/components/x-stackQL-resources/deployments/methods/customers_deployments_delete + #/components/x-stackQL-resources/devices_signed/methods/deployments_devices_update_signed - $ref: >- - #/components/x-stackQL-resources/deployments/methods/nodes_deployments_delete - node: - id: google.sasportal.node - name: node - title: Node - methods: - nodes_get: - operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - nodes_nodes_get: - operation: - $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/node/methods/nodes_nodes_get' - - $ref: '#/components/x-stackQL-resources/node/methods/nodes_get' - insert: [] - update: [] + #/components/x-stackQL-resources/devices_signed/methods/nodes_devices_update_signed replace: [] delete: [] installer: @@ -1949,53 +1954,141 @@ components: update: [] replace: [] delete: [] - policies: - id: google.sasportal.policies - name: policies - title: Policies + node: + id: google.sasportal.node + name: node + title: Node methods: - policies_set: - operation: - $ref: '#/paths/~1v1alpha1~1policies:set/post' - response: - mediaType: application/json - openAPIDocKey: '200' - policies_get: + nodes_get: operation: - $ref: '#/paths/~1v1alpha1~1policies:get/post' + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}/get' response: mediaType: application/json openAPIDocKey: '200' - policies_test: + nodes_nodes_get: operation: - $ref: '#/paths/~1v1alpha1~1policies:test/post' + $ref: '#/paths/~1v1alpha1~1nodes~1{nodesId}~1nodes~1{nodesId1}/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/policies/methods/policies_get' + - $ref: '#/components/x-stackQL-resources/node/methods/nodes_nodes_get' + - $ref: '#/components/x-stackQL-resources/node/methods/nodes_get' insert: [] update: [] replace: [] delete: [] paths: - /v1alpha1/customers/{customersId}: + /v1alpha1/policies:get: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - get: - description: Returns a requested customer. - operationId: sasportal.customers.get + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/quotaUser' + post: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: sasportal.policies.get + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalGetPolicyRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sasportal + Oauth2c: + - https://www.googleapis.com/auth/sasportal + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalPolicy' + parameters: [] + /v1alpha1/policies:test: + parameters: *ref_1 + post: + description: Returns permissions that a caller has on the specified resource. + operationId: sasportal.policies.test + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalTestPermissionsRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sasportal + Oauth2c: + - https://www.googleapis.com/auth/sasportal + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalTestPermissionsResponse' + parameters: [] + /v1alpha1/policies:set: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. + operationId: sasportal.policies.set + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalSetPolicyRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sasportal + Oauth2c: + - https://www.googleapis.com/auth/sasportal + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalPolicy' + parameters: [] + /v1alpha1/customers:setupSasAnalytics: + parameters: *ref_1 + post: + description: >- + Setups the a GCP Project to receive SAS Analytics messages via GCP + Pub/Sub with a subscription to BigQuery. All the Pub/Sub topics and + BigQuery tables are created automatically as part of this service. + operationId: sasportal.customers.setupSasAnalytics + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalSetupSasAnalyticsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2011,13 +2104,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalCustomer' - parameters: - - in: path - name: customersId - required: true - schema: - type: string + $ref: '#/components/schemas/SasPortalOperation' + parameters: [] + /v1alpha1/customers/{customersId}: + parameters: *ref_1 patch: description: Updates an existing customer. operationId: sasportal.customers.patch @@ -2053,11 +2143,9 @@ paths: schema: type: string format: google-fieldmask - /v1alpha1/customers: - parameters: *ref_1 get: - description: Returns a list of requested customers. - operationId: sasportal.customers.list + description: Returns a requested customer. + operationId: sasportal.customers.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2073,24 +2161,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListCustomersResponse' + $ref: '#/components/schemas/SasPortalCustomer' parameters: - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: customersId + required: true schema: type: string - /v1alpha1/customers:listGcpProjectDeployments: + /v1alpha1/customers:provisionDeployment: parameters: *ref_1 - get: + post: description: >- - Returns a list of SAS deployments associated with current GCP project. - Includes whether SAS analytics has been enabled or not. - operationId: sasportal.customers.listGcpProjectDeployments + Creates a new SAS deployment through the GCP workflow. Creates a SAS + organization if an organization match is not found. + operationId: sasportal.customers.provisionDeployment + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalProvisionDeploymentRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2106,21 +2195,13 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/SasPortalListGcpProjectDeploymentsResponse + $ref: '#/components/schemas/SasPortalProvisionDeploymentResponse' parameters: [] - /v1alpha1/customers:provisionDeployment: + /v1alpha1/customers:listLegacyOrganizations: parameters: *ref_1 - post: - description: >- - Creates a new SAS deployment through the GCP workflow. Creates a SAS - organization if an organization match is not found. - operationId: sasportal.customers.provisionDeployment - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalProvisionDeploymentRequest' + get: + description: Returns a list of legacy organizations. + operationId: sasportal.customers.listLegacyOrganizations security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2136,13 +2217,13 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalProvisionDeploymentResponse' + $ref: '#/components/schemas/SasPortalListLegacyOrganizationsResponse' parameters: [] - /v1alpha1/customers:listLegacyOrganizations: + /v1alpha1/customers: parameters: *ref_1 get: - description: Returns a list of legacy organizations. - operationId: sasportal.customers.listLegacyOrganizations + description: Returns a list of requested customers. + operationId: sasportal.customers.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2158,8 +2239,17 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListLegacyOrganizationsResponse' - parameters: [] + $ref: '#/components/schemas/SasPortalListCustomersResponse' + parameters: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string /v1alpha1/customers:migrateOrganization: parameters: *ref_1 post: @@ -2191,19 +2281,13 @@ paths: schema: $ref: '#/components/schemas/SasPortalOperation' parameters: [] - /v1alpha1/customers:setupSasAnalytics: + /v1alpha1/customers:listGcpProjectDeployments: parameters: *ref_1 - post: + get: description: >- - Setups the a GCP Project to receive SAS Analytics messages via GCP - Pub/Sub with a subscription to BigQuery. All the Pub/Sub topics and - BigQuery tables are created automatically as part of this service. - operationId: sasportal.customers.setupSasAnalytics - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalSetupSasAnalyticsRequest' + Returns a list of SAS deployments associated with current GCP project. + Includes whether SAS analytics has been enabled or not. + operationId: sasportal.customers.listGcpProjectDeployments security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2219,18 +2303,19 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalOperation' + $ref: >- + #/components/schemas/SasPortalListGcpProjectDeploymentsResponse parameters: [] - /v1alpha1/customers/{customersId}/devices: + /v1alpha1/customers/{customersId}/nodes: parameters: *ref_1 post: - description: Creates a device under a node or customer. - operationId: sasportal.customers.devices.create + description: Creates a new node. + operationId: sasportal.customers.nodes.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalNode' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2246,7 +2331,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalNode' parameters: - in: path name: customersId @@ -2254,8 +2339,8 @@ paths: schema: type: string get: - description: Lists devices under a node or customer. - operationId: sasportal.customers.devices.list + description: Lists nodes. + operationId: sasportal.customers.nodes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2271,18 +2356,13 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListDevicesResponse' + $ref: '#/components/schemas/SasPortalListNodesResponse' parameters: - in: path name: customersId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: @@ -2291,16 +2371,21 @@ paths: name: filter schema: type: string - /v1alpha1/customers/{customersId}/devices:createSigned: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1alpha1/customers/{customersId}/nodes/{nodesId}:move: parameters: *ref_1 post: - description: Creates a signed device under a node or customer. - operationId: sasportal.customers.devices.createSigned + description: Moves a node under another node or customer. + operationId: sasportal.customers.nodes.move requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' + $ref: '#/components/schemas/SasPortalMoveNodeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2316,18 +2401,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalOperation' parameters: - in: path name: customersId required: true schema: type: string - /v1alpha1/customers/{customersId}/devices/{devicesId}: + - in: path + name: nodesId + required: true + schema: + type: string + /v1alpha1/customers/{customersId}/nodes/{nodesId}: parameters: *ref_1 - delete: - description: Deletes a device. - operationId: sasportal.customers.devices.delete + get: + description: Returns a requested node. + operationId: sasportal.customers.nodes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2343,7 +2433,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalEmpty' + $ref: '#/components/schemas/SasPortalNode' parameters: - in: path name: customersId @@ -2351,13 +2441,18 @@ paths: schema: type: string - in: path - name: devicesId + name: nodesId required: true schema: type: string - get: - description: Gets details about a device. - operationId: sasportal.customers.devices.get + patch: + description: Updates an existing node. + operationId: sasportal.customers.nodes.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalNode' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2373,7 +2468,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalNode' parameters: - in: path name: customersId @@ -2381,18 +2476,18 @@ paths: schema: type: string - in: path - name: devicesId + name: nodesId required: true schema: type: string - patch: - description: Updates a device. - operationId: sasportal.customers.devices.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalDevice' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a node. + operationId: sasportal.customers.nodes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2408,7 +2503,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalEmpty' parameters: - in: path name: customersId @@ -2416,25 +2511,20 @@ paths: schema: type: string - in: path - name: devicesId + name: nodesId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1alpha1/customers/{customersId}/devices/{devicesId}:move: + /v1alpha1/customers/{customersId}/nodes/{nodesId}/deployments: parameters: *ref_1 post: - description: Moves a device under another node or customer. - operationId: sasportal.customers.devices.move + description: Creates a new deployment. + operationId: sasportal.customers.nodes.deployments.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalMoveDeviceRequest' + $ref: '#/components/schemas/SasPortalDeployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2450,7 +2540,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalOperation' + $ref: '#/components/schemas/SasPortalDeployment' parameters: - in: path name: customersId @@ -2458,20 +2548,58 @@ paths: schema: type: string - in: path - name: devicesId + name: nodesId required: true schema: type: string - /v1alpha1/customers/{customersId}/devices/{devicesId}:updateSigned: + get: + description: Lists deployments. + operationId: sasportal.customers.nodes.deployments.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sasportal + Oauth2c: + - https://www.googleapis.com/auth/sasportal + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalListDeploymentsResponse' + parameters: + - in: path + name: customersId + required: true + schema: + type: string + - in: path + name: nodesId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1alpha1/customers/{customersId}/nodes/{nodesId}/nodes: parameters: *ref_1 - patch: - description: Updates a signed device. - operationId: sasportal.customers.devices.updateSigned - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalUpdateSignedDeviceRequest' + get: + description: Lists nodes. + operationId: sasportal.customers.nodes.nodes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2487,7 +2615,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalListNodesResponse' parameters: - in: path name: customersId @@ -2495,20 +2623,31 @@ paths: schema: type: string - in: path - name: devicesId + name: nodesId required: true schema: type: string - /v1alpha1/customers/{customersId}/devices/{devicesId}:signDevice: - parameters: *ref_1 + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string post: - description: Signs a device. - operationId: sasportal.customers.devices.signDevice + description: Creates a new node. + operationId: sasportal.customers.nodes.nodes.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalSignDeviceRequest' + $ref: '#/components/schemas/SasPortalNode' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2524,7 +2663,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalEmpty' + $ref: '#/components/schemas/SasPortalNode' parameters: - in: path name: customersId @@ -2532,20 +2671,20 @@ paths: schema: type: string - in: path - name: devicesId + name: nodesId required: true schema: type: string - /v1alpha1/customers/{customersId}/nodes: + /v1alpha1/customers/{customersId}/nodes/{nodesId}/devices: parameters: *ref_1 post: - description: Creates a new node. - operationId: sasportal.customers.nodes.create + description: Creates a device under a node or customer. + operationId: sasportal.customers.nodes.devices.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalDevice' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2561,16 +2700,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path name: customersId required: true schema: type: string + - in: path + name: nodesId + required: true + schema: + type: string get: - description: Lists nodes. - operationId: sasportal.customers.nodes.list + description: Lists devices under a node or customer. + operationId: sasportal.customers.nodes.devices.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2586,13 +2730,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListNodesResponse' + $ref: '#/components/schemas/SasPortalListDevicesResponse' parameters: - in: path name: customersId required: true schema: type: string + - in: path + name: nodesId + required: true + schema: + type: string - in: query name: pageSize schema: @@ -2606,11 +2755,16 @@ paths: name: filter schema: type: string - /v1alpha1/customers/{customersId}/nodes/{nodesId}: + /v1alpha1/customers/{customersId}/nodes/{nodesId}/devices:createSigned: parameters: *ref_1 - delete: - description: Deletes a node. - operationId: sasportal.customers.nodes.delete + post: + description: Creates a signed device under a node or customer. + operationId: sasportal.customers.nodes.devices.createSigned + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2626,7 +2780,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalEmpty' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path name: customersId @@ -2638,9 +2792,16 @@ paths: required: true schema: type: string - get: - description: Returns a requested node. - operationId: sasportal.customers.nodes.get + /v1alpha1/customers/{customersId}/devices/{devicesId}:signDevice: + parameters: *ref_1 + post: + description: Signs a device. + operationId: sasportal.customers.devices.signDevice + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalSignDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2656,7 +2817,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalEmpty' parameters: - in: path name: customersId @@ -2664,18 +2825,20 @@ paths: schema: type: string - in: path - name: nodesId + name: devicesId required: true schema: type: string + /v1alpha1/customers/{customersId}/devices/{devicesId}: + parameters: *ref_1 patch: - description: Updates an existing node. - operationId: sasportal.customers.nodes.patch + description: Updates a device. + operationId: sasportal.customers.devices.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalDevice' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2691,7 +2854,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path name: customersId @@ -2699,7 +2862,7 @@ paths: schema: type: string - in: path - name: nodesId + name: devicesId required: true schema: type: string @@ -2708,16 +2871,9 @@ paths: schema: type: string format: google-fieldmask - /v1alpha1/customers/{customersId}/nodes/{nodesId}:move: - parameters: *ref_1 - post: - description: Moves a node under another node or customer. - operationId: sasportal.customers.nodes.move - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalMoveNodeRequest' + delete: + description: Deletes a device. + operationId: sasportal.customers.devices.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2733,7 +2889,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalOperation' + $ref: '#/components/schemas/SasPortalEmpty' parameters: - in: path name: customersId @@ -2741,20 +2897,13 @@ paths: schema: type: string - in: path - name: nodesId + name: devicesId required: true schema: type: string - /v1alpha1/customers/{customersId}/nodes/{nodesId}/devices: - parameters: *ref_1 - post: - description: Creates a device under a node or customer. - operationId: sasportal.customers.nodes.devices.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalDevice' + get: + description: Gets details about a device. + operationId: sasportal.customers.devices.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2778,13 +2927,20 @@ paths: schema: type: string - in: path - name: nodesId + name: devicesId required: true schema: type: string - get: - description: Lists devices under a node or customer. - operationId: sasportal.customers.nodes.devices.list + /v1alpha1/customers/{customersId}/devices/{devicesId}:move: + parameters: *ref_1 + post: + description: Moves a device under another node or customer. + operationId: sasportal.customers.devices.move + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalMoveDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2800,7 +2956,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListDevicesResponse' + $ref: '#/components/schemas/SasPortalOperation' parameters: - in: path name: customersId @@ -2808,33 +2964,20 @@ paths: schema: type: string - in: path - name: nodesId + name: devicesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - /v1alpha1/customers/{customersId}/nodes/{nodesId}/devices:createSigned: + /v1alpha1/customers/{customersId}/devices/{devicesId}:updateSigned: parameters: *ref_1 - post: - description: Creates a signed device under a node or customer. - operationId: sasportal.customers.nodes.devices.createSigned + patch: + description: Updates a signed device. + operationId: sasportal.customers.devices.updateSigned requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' + $ref: '#/components/schemas/SasPortalUpdateSignedDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2858,50 +3001,20 @@ paths: schema: type: string - in: path - name: nodesId + name: devicesId required: true schema: type: string - /v1alpha1/customers/{customersId}/nodes/{nodesId}/nodes: + /v1alpha1/customers/{customersId}/devices:createSigned: parameters: *ref_1 post: - description: Creates a new node. - operationId: sasportal.customers.nodes.nodes.create + description: Creates a signed device under a node or customer. + operationId: sasportal.customers.devices.createSigned requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/sasportal - Oauth2c: - - https://www.googleapis.com/auth/sasportal - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalNode' - parameters: - - in: path - name: customersId - required: true - schema: - type: string - - in: path - name: nodesId - required: true - schema: - type: string - get: - description: Lists nodes. - operationId: sasportal.customers.nodes.nodes.list + $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2917,41 +3030,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListNodesResponse' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path name: customersId required: true schema: type: string - - in: path - name: nodesId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - /v1alpha1/customers/{customersId}/nodes/{nodesId}/deployments: + /v1alpha1/customers/{customersId}/devices: parameters: *ref_1 - post: - description: Creates a new deployment. - operationId: sasportal.customers.nodes.deployments.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalDeployment' + get: + description: Lists devices under a node or customer. + operationId: sasportal.customers.devices.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2967,21 +3057,34 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDeployment' + $ref: '#/components/schemas/SasPortalListDevicesResponse' parameters: - in: path name: customersId required: true schema: type: string - - in: path - name: nodesId - required: true + - in: query + name: filter schema: type: string - get: - description: Lists deployments. - operationId: sasportal.customers.nodes.deployments.list + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a device under a node or customer. + operationId: sasportal.customers.devices.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalDevice' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2997,31 +3100,13 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListDeploymentsResponse' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path name: customersId required: true schema: type: string - - in: path - name: nodesId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string /v1alpha1/customers/{customersId}/deployments: parameters: *ref_1 post: @@ -3079,11 +3164,6 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: @@ -3092,6 +3172,11 @@ paths: name: filter schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 /v1alpha1/customers/{customersId}/deployments/{deploymentsId}: parameters: *ref_1 delete: @@ -3124,9 +3209,14 @@ paths: required: true schema: type: string - get: - description: Returns a requested deployment. - operationId: sasportal.customers.deployments.get + patch: + description: Updates an existing deployment. + operationId: sasportal.customers.deployments.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalDeployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3154,14 +3244,14 @@ paths: required: true schema: type: string - patch: - description: Updates an existing deployment. - operationId: sasportal.customers.deployments.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalDeployment' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Returns a requested deployment. + operationId: sasportal.customers.deployments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3189,11 +3279,6 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask /v1alpha1/customers/{customersId}/deployments/{deploymentsId}:move: parameters: *ref_1 post: @@ -3298,6 +3383,10 @@ paths: required: true schema: type: string + - in: query + name: filter + schema: + type: string - in: query name: pageSize schema: @@ -3307,10 +3396,6 @@ paths: name: pageToken schema: type: string - - in: query - name: filter - schema: - type: string /v1alpha1/customers/{customersId}/deployments/{deploymentsId}/devices:createSigned: parameters: *ref_1 post: @@ -3348,11 +3433,16 @@ paths: required: true schema: type: string - /v1alpha1/nodes/{nodesId}: + /v1alpha1/installer:generateSecret: parameters: *ref_1 - get: - description: Returns a requested node. - operationId: sasportal.nodes.get + post: + description: Generates a secret to be used with the ValidateInstaller. + operationId: sasportal.installer.generateSecret + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalGenerateSecretRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3368,23 +3458,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' - parameters: - - in: path - name: nodesId - required: true - schema: - type: string - /v1alpha1/nodes/{nodesId}/devices: + $ref: '#/components/schemas/SasPortalGenerateSecretResponse' + parameters: [] + /v1alpha1/installer:validate: parameters: *ref_1 post: - description: Creates a device under a node or customer. - operationId: sasportal.nodes.devices.create + description: Validates the identity of a Certified Professional Installer (CPI). + operationId: sasportal.installer.validate requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalValidateInstallerRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3400,16 +3485,13 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' - parameters: - - in: path - name: nodesId - required: true - schema: - type: string + $ref: '#/components/schemas/SasPortalValidateInstallerResponse' + parameters: [] + /v1alpha1/deployments/{deploymentsId}: + parameters: *ref_1 get: - description: Lists devices under a node or customer. - operationId: sasportal.nodes.devices.list + description: Returns a requested deployment. + operationId: sasportal.deployments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3425,93 +3507,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListDevicesResponse' + $ref: '#/components/schemas/SasPortalDeployment' parameters: - in: path - name: nodesId + name: deploymentsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - /v1alpha1/nodes/{nodesId}/devices:createSigned: + /v1alpha1/deployments/{deploymentsId}/devices/{devicesId}:move: parameters: *ref_1 post: - description: Creates a signed device under a node or customer. - operationId: sasportal.nodes.devices.createSigned + description: Moves a device under another node or customer. + operationId: sasportal.deployments.devices.move requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/sasportal - Oauth2c: - - https://www.googleapis.com/auth/sasportal - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalDevice' - parameters: - - in: path - name: nodesId - required: true - schema: - type: string - /v1alpha1/nodes/{nodesId}/devices/{devicesId}: - parameters: *ref_1 - delete: - description: Deletes a device. - operationId: sasportal.nodes.devices.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/sasportal - Oauth2c: - - https://www.googleapis.com/auth/sasportal - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalEmpty' - parameters: - - in: path - name: nodesId - required: true - schema: - type: string - - in: path - name: devicesId - required: true - schema: - type: string - get: - description: Gets details about a device. - operationId: sasportal.nodes.devices.get + $ref: '#/components/schemas/SasPortalMoveDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3527,10 +3539,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalOperation' parameters: - in: path - name: nodesId + name: deploymentsId required: true schema: type: string @@ -3539,14 +3551,11 @@ paths: required: true schema: type: string - patch: - description: Updates a device. - operationId: sasportal.nodes.devices.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalDevice' + /v1alpha1/deployments/{deploymentsId}/devices/{devicesId}: + parameters: *ref_1 + delete: + description: Deletes a device. + operationId: sasportal.deployments.devices.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3562,10 +3571,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalEmpty' parameters: - in: path - name: nodesId + name: deploymentsId required: true schema: type: string @@ -3573,22 +3582,15 @@ paths: name: devicesId required: true schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1alpha1/nodes/{nodesId}/devices/{devicesId}:move: - parameters: *ref_1 - post: - description: Moves a device under another node or customer. - operationId: sasportal.nodes.devices.move + type: string + patch: + description: Updates a device. + operationId: sasportal.deployments.devices.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalMoveDeviceRequest' + $ref: '#/components/schemas/SasPortalDevice' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3604,10 +3606,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalOperation' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path - name: nodesId + name: deploymentsId required: true schema: type: string @@ -3616,16 +3618,14 @@ paths: required: true schema: type: string - /v1alpha1/nodes/{nodesId}/devices/{devicesId}:updateSigned: - parameters: *ref_1 - patch: - description: Updates a signed device. - operationId: sasportal.nodes.devices.updateSigned - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalUpdateSignedDeviceRequest' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets details about a device. + operationId: sasportal.deployments.devices.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3644,7 +3644,7 @@ paths: $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path - name: nodesId + name: deploymentsId required: true schema: type: string @@ -3653,11 +3653,11 @@ paths: required: true schema: type: string - /v1alpha1/nodes/{nodesId}/devices/{devicesId}:signDevice: + /v1alpha1/deployments/{deploymentsId}/devices/{devicesId}:signDevice: parameters: *ref_1 post: description: Signs a device. - operationId: sasportal.nodes.devices.signDevice + operationId: sasportal.deployments.devices.signDevice requestBody: content: application/json: @@ -3681,7 +3681,7 @@ paths: $ref: '#/components/schemas/SasPortalEmpty' parameters: - in: path - name: nodesId + name: deploymentsId required: true schema: type: string @@ -3690,16 +3690,16 @@ paths: required: true schema: type: string - /v1alpha1/nodes/{nodesId}/nodes: + /v1alpha1/deployments/{deploymentsId}/devices/{devicesId}:updateSigned: parameters: *ref_1 - post: - description: Creates a new node. - operationId: sasportal.nodes.nodes.create + patch: + description: Updates a signed device. + operationId: sasportal.deployments.devices.updateSigned requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalUpdateSignedDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3715,16 +3715,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path - name: nodesId + name: deploymentsId + required: true + schema: + type: string + - in: path + name: devicesId required: true schema: type: string + /v1alpha1/nodes/{nodesId}: + parameters: *ref_1 get: - description: Lists nodes. - operationId: sasportal.nodes.nodes.list + description: Returns a requested node. + operationId: sasportal.nodes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3740,31 +3747,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalListNodesResponse' + $ref: '#/components/schemas/SasPortalNode' parameters: - in: path name: nodesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}: parameters: *ref_1 - delete: - description: Deletes a node. - operationId: sasportal.nodes.nodes.delete + patch: + description: Updates an existing node. + operationId: sasportal.nodes.nodes.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalNode' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3780,7 +3779,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalEmpty' + $ref: '#/components/schemas/SasPortalNode' parameters: - in: path name: nodesId @@ -3792,6 +3791,11 @@ paths: required: true schema: type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: description: Returns a requested node. operationId: sasportal.nodes.nodes.get @@ -3822,14 +3826,9 @@ paths: required: true schema: type: string - patch: - description: Updates an existing node. - operationId: sasportal.nodes.nodes.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalNode' + delete: + description: Deletes a node. + operationId: sasportal.nodes.nodes.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3845,7 +3844,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalNode' + $ref: '#/components/schemas/SasPortalEmpty' parameters: - in: path name: nodesId @@ -3857,11 +3856,6 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}:move: parameters: *ref_1 post: @@ -3899,16 +3893,16 @@ paths: required: true schema: type: string - /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}/devices: + /v1alpha1/nodes/{nodesId}/nodes: parameters: *ref_1 post: - description: Creates a device under a node or customer. - operationId: sasportal.nodes.nodes.devices.create + description: Creates a new node. + operationId: sasportal.nodes.nodes.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalNode' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3924,18 +3918,53 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalNode' parameters: - in: path name: nodesId required: true schema: type: string + get: + description: Lists nodes. + operationId: sasportal.nodes.nodes.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sasportal + Oauth2c: + - https://www.googleapis.com/auth/sasportal + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalListNodesResponse' + parameters: - in: path - name: nodesId1 + name: nodesId required: true schema: type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}/devices: + parameters: *ref_1 get: description: Lists devices under a node or customer. operationId: sasportal.nodes.nodes.devices.list @@ -3972,11 +4001,46 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query - name: filter + name: pageToken + schema: + type: string + post: + description: Creates a device under a node or customer. + operationId: sasportal.nodes.nodes.devices.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalDevice' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sasportal + Oauth2c: + - https://www.googleapis.com/auth/sasportal + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalDevice' + parameters: + - in: path + name: nodesId + required: true + schema: + type: string + - in: path + name: nodesId1 + required: true schema: type: string /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}/devices:createSigned: @@ -4089,11 +4153,11 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query - name: filter + name: pageToken schema: type: string /v1alpha1/nodes/{nodesId}/nodes/{nodesId1}/deployments: @@ -4163,11 +4227,6 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: @@ -4176,11 +4235,21 @@ paths: name: filter schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 /v1alpha1/nodes/{nodesId}/deployments/{deploymentsId}: parameters: *ref_1 - delete: - description: Deletes a deployment. - operationId: sasportal.nodes.deployments.delete + patch: + description: Updates an existing deployment. + operationId: sasportal.nodes.deployments.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SasPortalDeployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4196,7 +4265,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalEmpty' + $ref: '#/components/schemas/SasPortalDeployment' parameters: - in: path name: nodesId @@ -4208,9 +4277,14 @@ paths: required: true schema: type: string - get: - description: Returns a requested deployment. - operationId: sasportal.nodes.deployments.get + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a deployment. + operationId: sasportal.nodes.deployments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4226,7 +4300,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDeployment' + $ref: '#/components/schemas/SasPortalEmpty' parameters: - in: path name: nodesId @@ -4238,14 +4312,9 @@ paths: required: true schema: type: string - patch: - description: Updates an existing deployment. - operationId: sasportal.nodes.deployments.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalDeployment' + get: + description: Returns a requested deployment. + operationId: sasportal.nodes.deployments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4268,16 +4337,11 @@ paths: required: true schema: type: string - - in: path - name: deploymentsId - required: true - schema: - type: string - - in: query - name: updateMask + - in: path + name: deploymentsId + required: true schema: type: string - format: google-fieldmask /v1alpha1/nodes/{nodesId}/deployments: parameters: *ref_1 get: @@ -4311,11 +4375,11 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query - name: filter + name: pageToken schema: type: string /v1alpha1/nodes/{nodesId}/deployments/{deploymentsId}:move: @@ -4355,16 +4419,16 @@ paths: required: true schema: type: string - /v1alpha1/nodes/{nodesId}/deployments/{deploymentsId}/devices: + /v1alpha1/nodes/{nodesId}/deployments/{deploymentsId}/devices:createSigned: parameters: *ref_1 post: - description: Creates a device under a node or customer. - operationId: sasportal.nodes.deployments.devices.create + description: Creates a signed device under a node or customer. + operationId: sasportal.nodes.deployments.devices.createSigned requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalDevice' + $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4392,6 +4456,8 @@ paths: required: true schema: type: string + /v1alpha1/nodes/{nodesId}/deployments/{deploymentsId}/devices: + parameters: *ref_1 get: description: Lists devices under a node or customer. operationId: sasportal.nodes.deployments.devices.list @@ -4422,29 +4488,27 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - in: query name: filter schema: type: string - /v1alpha1/nodes/{nodesId}/deployments/{deploymentsId}/devices:createSigned: - parameters: *ref_1 post: - description: Creates a signed device under a node or customer. - operationId: sasportal.nodes.deployments.devices.createSigned + description: Creates a device under a node or customer. + operationId: sasportal.nodes.deployments.devices.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' + $ref: '#/components/schemas/SasPortalDevice' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4472,92 +4536,11 @@ paths: required: true schema: type: string - /v1alpha1/installer:generateSecret: - parameters: *ref_1 - post: - description: Generates a secret to be used with the ValidateInstaller. - operationId: sasportal.installer.generateSecret - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalGenerateSecretRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/sasportal - Oauth2c: - - https://www.googleapis.com/auth/sasportal - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalGenerateSecretResponse' - parameters: [] - /v1alpha1/installer:validate: - parameters: *ref_1 - post: - description: Validates the identity of a Certified Professional Installer (CPI). - operationId: sasportal.installer.validate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalValidateInstallerRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/sasportal - Oauth2c: - - https://www.googleapis.com/auth/sasportal - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalValidateInstallerResponse' - parameters: [] - /v1alpha1/deployments/{deploymentsId}: - parameters: *ref_1 - get: - description: Returns a requested deployment. - operationId: sasportal.deployments.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/sasportal - Oauth2c: - - https://www.googleapis.com/auth/sasportal - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalDeployment' - parameters: - - in: path - name: deploymentsId - required: true - schema: - type: string - /v1alpha1/deployments/{deploymentsId}/devices/{devicesId}: + /v1alpha1/nodes/{nodesId}/devices/{devicesId}: parameters: *ref_1 delete: description: Deletes a device. - operationId: sasportal.deployments.devices.delete + operationId: sasportal.nodes.devices.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4576,7 +4559,7 @@ paths: $ref: '#/components/schemas/SasPortalEmpty' parameters: - in: path - name: deploymentsId + name: nodesId required: true schema: type: string @@ -4587,7 +4570,7 @@ paths: type: string get: description: Gets details about a device. - operationId: sasportal.deployments.devices.get + operationId: sasportal.nodes.devices.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4606,7 +4589,7 @@ paths: $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path - name: deploymentsId + name: nodesId required: true schema: type: string @@ -4617,7 +4600,7 @@ paths: type: string patch: description: Updates a device. - operationId: sasportal.deployments.devices.patch + operationId: sasportal.nodes.devices.patch requestBody: content: application/json: @@ -4641,7 +4624,7 @@ paths: $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path - name: deploymentsId + name: nodesId required: true schema: type: string @@ -4655,16 +4638,16 @@ paths: schema: type: string format: google-fieldmask - /v1alpha1/deployments/{deploymentsId}/devices/{devicesId}:move: + /v1alpha1/nodes/{nodesId}/devices/{devicesId}:updateSigned: parameters: *ref_1 - post: - description: Moves a device under another node or customer. - operationId: sasportal.deployments.devices.move + patch: + description: Updates a signed device. + operationId: sasportal.nodes.devices.updateSigned requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalMoveDeviceRequest' + $ref: '#/components/schemas/SasPortalUpdateSignedDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4680,10 +4663,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalOperation' + $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path - name: deploymentsId + name: nodesId required: true schema: type: string @@ -4692,16 +4675,16 @@ paths: required: true schema: type: string - /v1alpha1/deployments/{deploymentsId}/devices/{devicesId}:updateSigned: + /v1alpha1/nodes/{nodesId}/devices:createSigned: parameters: *ref_1 - patch: - description: Updates a signed device. - operationId: sasportal.deployments.devices.updateSigned + post: + description: Creates a signed device under a node or customer. + operationId: sasportal.nodes.devices.createSigned requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalUpdateSignedDeviceRequest' + $ref: '#/components/schemas/SasPortalCreateSignedDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4720,25 +4703,15 @@ paths: $ref: '#/components/schemas/SasPortalDevice' parameters: - in: path - name: deploymentsId - required: true - schema: - type: string - - in: path - name: devicesId + name: nodesId required: true schema: type: string - /v1alpha1/deployments/{deploymentsId}/devices/{devicesId}:signDevice: + /v1alpha1/nodes/{nodesId}/devices: parameters: *ref_1 - post: - description: Signs a device. - operationId: sasportal.deployments.devices.signDevice - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SasPortalSignDeviceRequest' + get: + description: Lists devices under a node or customer. + operationId: sasportal.nodes.devices.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4754,30 +4727,34 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalEmpty' + $ref: '#/components/schemas/SasPortalListDevicesResponse' parameters: - in: path - name: deploymentsId + name: nodesId required: true schema: type: string - - in: path - name: devicesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken schema: type: string - /v1alpha1/policies:set: - parameters: *ref_1 post: - description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. - operationId: sasportal.policies.set + description: Creates a device under a node or customer. + operationId: sasportal.nodes.devices.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalSetPolicyRequest' + $ref: '#/components/schemas/SasPortalDevice' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4793,20 +4770,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalPolicy' - parameters: [] - /v1alpha1/policies:get: + $ref: '#/components/schemas/SasPortalDevice' + parameters: + - in: path + name: nodesId + required: true + schema: + type: string + /v1alpha1/nodes/{nodesId}/devices/{devicesId}:move: parameters: *ref_1 post: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: sasportal.policies.get + description: Moves a device under another node or customer. + operationId: sasportal.nodes.devices.move requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalGetPolicyRequest' + $ref: '#/components/schemas/SasPortalMoveDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4822,18 +4802,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalPolicy' - parameters: [] - /v1alpha1/policies:test: + $ref: '#/components/schemas/SasPortalOperation' + parameters: + - in: path + name: nodesId + required: true + schema: + type: string + - in: path + name: devicesId + required: true + schema: + type: string + /v1alpha1/nodes/{nodesId}/devices/{devicesId}:signDevice: parameters: *ref_1 post: - description: Returns permissions that a caller has on the specified resource. - operationId: sasportal.policies.test + description: Signs a device. + operationId: sasportal.nodes.devices.signDevice requestBody: content: application/json: schema: - $ref: '#/components/schemas/SasPortalTestPermissionsRequest' + $ref: '#/components/schemas/SasPortalSignDeviceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4849,5 +4839,15 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SasPortalTestPermissionsResponse' - parameters: [] + $ref: '#/components/schemas/SasPortalEmpty' + parameters: + - in: path + name: nodesId + required: true + schema: + type: string + - in: path + name: devicesId + required: true + schema: + type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/secretmanager.yaml b/providers/src/googleapis.com/v00.00.00000/services/secretmanager.yaml index b014dc1f..0a1054a9 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/secretmanager.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/secretmanager.yaml @@ -9,8 +9,8 @@ info: Stores sensitive data such as API keys, passwords, and certificates. Provides convenience while improving security. version: v1 - x-discovery-doc-revision: '20250711' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251105' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/secret-manager/ servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/securesourcemanager.yaml b/providers/src/googleapis.com/v00.00.00000/services/securesourcemanager.yaml index 4ff336a3..5e117a96 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/securesourcemanager.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/securesourcemanager.yaml @@ -10,7 +10,7 @@ info: Google Cloud. version: v1 x-discovery-doc-revision: '0' - x-generated-date: '2025-08-28' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/secure-source-manager servers: @@ -36,184 +36,367 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object + AuditLogConfig: properties: - locations: + logType: + description: The log type that this config enables. + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + type: string + exemptedMembers: description: >- - A list of locations that matches the specified filter in the - request. + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. type: array items: - $ref: '#/components/schemas/Location' + type: string + id: AuditLogConfig + type: object + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + FetchTreeResponse: + properties: + treeEntries: + description: The list of TreeEntry objects. + items: + $ref: '#/components/schemas/TreeEntry' + type: array nextPageToken: - description: The standard List next-page token. + description: A token identifying a page of results the server should return. type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + description: Response message containing a list of TreeEntry objects. + id: FetchTreeResponse + type: object + WorkforceIdentityFederationConfig: + description: >- + WorkforceIdentityFederationConfig allows this instance to support users + from external identity providers. type: object properties: - name: + enabled: description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: + Optional. Immutable. Whether Workforce Identity Federation is + enabled. + type: boolean + id: WorkforceIdentityFederationConfig + Status: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + properties: + code: + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + details: + type: array description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + message: description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + type: object + id: Status + ListLocationsResponse: + description: The response message for Locations.ListLocations. + id: ListLocationsResponse + properties: + locations: + items: + $ref: '#/components/schemas/Location' + type: array description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + A list of locations that matches the specified filter in the + request. + nextPageToken: + type: string + description: The standard List next-page token. + type: object SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. type: object properties: policy: + $ref: '#/components/schemas/Policy' description: >- REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Google Cloud services (such as Projects) might reject them. - $ref: '#/components/schemas/Policy' updateMask: + type: string + format: google-fieldmask description: >- OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"` - type: string - format: google-fieldmask - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + id: SetIamPolicyRequest + description: Request message for `SetIamPolicy` method. + UnresolvePullRequestCommentsRequest: + id: UnresolvePullRequestCommentsRequest + description: The request to unresolve multiple pull request comments. type: object properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + names: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array + Required. The names of the pull request comments to unresolve. + Format: + `projects/{project_number}/locations/{location_id}/repositories/{repository_id}/pullRequests/{pull_request_id}/pullRequestComments/{comment_id}` + Only comments from the same threads are allowed in the same request. items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. + type: string type: array - items: - $ref: '#/components/schemas/AuditConfig' - etag: + autoFill: description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + Optional. If set, at least one comment in a thread is required, rest + of the comments in the same thread will be automatically updated to + unresolved. If unset, all comments in the same thread need be + present. + type: boolean + ResolvePullRequestCommentsResponse: + description: The response to resolve multiple pull request comments. + id: ResolvePullRequestCommentsResponse type: object properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string - members: - description: >- + pullRequestComments: + type: array + description: The list of pull request comments resolved. + items: + $ref: '#/components/schemas/PullRequestComment' + Expr: + id: Expr + type: object + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + properties: + title: + type: string + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + location: + type: string + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + description: + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + expression: + description: >- + Textual representation of an expression in Common Expression + Language syntax. + type: string + ListHooksResponse: + id: ListHooksResponse + description: ListHooksResponse is response to list hooks. + type: object + properties: + hooks: + type: array + description: The list of hooks. + items: + $ref: '#/components/schemas/Hook' + nextPageToken: + type: string + description: A token identifying a page of results the server should return. + ResolvePullRequestCommentsRequest: + type: object + properties: + names: + description: >- + Required. The names of the pull request comments to resolve. Format: + `projects/{project_number}/locations/{location_id}/repositories/{repository_id}/pullRequests/{pull_request_id}/pullRequestComments/{comment_id}` + Only comments from the same threads are allowed in the same request. + type: array + items: + type: string + autoFill: + type: boolean + description: >- + Optional. If set, at least one comment in a thread is required, rest + of the comments in the same thread will be automatically updated to + resolved. If unset, all comments in the same thread need be present. + id: ResolvePullRequestCommentsRequest + description: The request to resolve multiple pull request comments. + ListPullRequestFileDiffsResponse: + type: object + properties: + nextPageToken: + description: A token identifying a page of results the server should return. + type: string + fileDiffs: + description: The list of pull request file diffs. + type: array + items: + $ref: '#/components/schemas/FileDiff' + description: >- + ListPullRequestFileDiffsResponse is the response containing file diffs + returned from ListPullRequestFileDiffs. + id: ListPullRequestFileDiffsResponse + Empty: + type: object + properties: {} + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + Instance: + id: Instance + properties: + privateConfig: + description: Optional. Private settings for private instance. + $ref: '#/components/schemas/PrivateConfig' + updateTime: + description: Output only. Update timestamp. + readOnly: true + type: string + format: google-datetime + workforceIdentityFederationConfig: + description: >- + Optional. Configuration for Workforce Identity Federation to support + third party identity provider. If unset, defaults to the Google OIDC + IdP. + $ref: '#/components/schemas/WorkforceIdentityFederationConfig' + createTime: + type: string + format: google-datetime + readOnly: true + description: Output only. Create timestamp. + labels: + additionalProperties: + type: string + type: object + description: >- + Optional. Labels as key value pairs. Keys and values can contain + only lowercase letters, numeric characters, underscores, and dashes. + For more information, see [Requirements for + labels](https://cloud.google.com/resource-manager/docs/best-practices-labels#label_encoding). + hostConfig: + description: Output only. A list of hostnames for this instance. + readOnly: true + $ref: '#/components/schemas/HostConfig' + name: + description: >- + Optional. A unique identifier for an instance. The name should be of + the format: + `projects/{project_number}/locations/{location_id}/instances/{instance_id}` + `project_number`: Maps to a unique int64 id assigned to each + project. `location_id`: Refers to the region where the instance will + be deployed. Since Secure Source Manager is a regional service, it + must be one of the valid GCP regions. `instance_id`: User provided + name for the instance, must be unique for a project_number and + location_id combination. + type: string + kmsKey: + description: >- + Optional. Immutable. Customer-managed encryption key name, in the + format projects/*/locations/*/keyRings/*/cryptoKeys/*. + type: string + state: + type: string + enumDescriptions: + - Not set. This should only be the case for incoming requests. + - Instance is being created. + - Instance is ready. + - Instance is being deleted. + - Instance is paused. + - Instance is unknown, we are not sure if it's functioning. + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + - PAUSED + - UNKNOWN + readOnly: true + description: Output only. Current state of the instance. + stateNote: + enumDescriptions: + - STATE_NOTE_UNSPECIFIED as the first value of State. + - CMEK access is unavailable. + - >- + INSTANCE_RESUMING indicates that the instance was previously + paused and is under the process of being brought back. + type: string + readOnly: true + description: >- + Output only. An optional field providing information about the + current instance state. + enum: + - STATE_NOTE_UNSPECIFIED + - PAUSED_CMEK_UNAVAILABLE + - INSTANCE_RESUMING + enumDeprecated: + - false + - false + - true + type: object + description: A resource that represents a Secure Source Manager instance. + FetchBlobResponse: + id: FetchBlobResponse + properties: + sha: + description: The SHA-1 hash of the blob. + type: string + content: + description: The content of the blob, encoded as base64. + type: string + type: object + description: Response message containing the content of a blob. + Binding: + type: object + description: Associates `members`, or principals, with a `role`. + properties: + members: + type: array + description: >- Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; @@ -272,10 +455,19 @@ components: `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array items: type: string + role: + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + type: string condition: + $ref: '#/components/schemas/Expr' description: >- The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current @@ -285,51 +477,50 @@ components: in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - type: object + id: Binding + OperationMetadata: + id: OperationMetadata + description: Represents the metadata of the long-running operation. properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. + apiVersion: + description: Output only. API version used to start the operation. type: string - title: - description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + readOnly: true + statusMessage: type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + readOnly: true + description: Output only. Human-readable status of the operation, if any. + createTime: + description: Output only. The time the operation was created. + format: google-datetime type: string - location: + readOnly: true + requestedCancellation: + type: boolean + readOnly: true description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have successfully been cancelled + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. + target: + description: >- + Output only. Server-defined resource path for the target of the + operation. + type: string + readOnly: true + endTime: + type: string + readOnly: true + format: google-datetime + description: Output only. The time the operation finished running. + verb: type: string + readOnly: true + description: Output only. Name of the verb executed by the operation. + type: object AuditConfig: - id: AuditConfig + type: object description: >- Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if @@ -348,127 +539,112 @@ components: enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging. - type: object properties: + auditLogConfigs: + description: The configuration for logging of each type of permission. + items: + $ref: '#/components/schemas/AuditLogConfig' + type: array service: description: >- Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services. type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. + id: AuditConfig + Check: + description: Check is a type for status check. type: object properties: - logType: - description: The log type that this config enables. + context: + description: Required. The context of the check. type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: + id: Check + Code: + properties: + resolved: + type: boolean + readOnly: true + description: Output only. Boolean indicator if the comment is resolved. + body: + type: string + description: Required. The comment body. + reply: description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: - type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. + Optional. Input only. The PullRequestComment resource name that this + comment is replying to. + type: string + position: + $ref: '#/components/schemas/Position' + description: Optional. The position of the comment. + effectiveCommitSha: + description: >- + Output only. The effective commit sha this code comment is pointing + to. + type: string + readOnly: true + effectiveRootComment: + description: >- + Output only. The root comment of the conversation, derived from the + reply field. + readOnly: true + type: string + description: The comment on a code line. + id: Code + type: object + CloseIssueRequest: + description: The request to close an issue. type: object properties: - permissions: + etag: + type: string description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. + Optional. The current etag of the issue. If the etag is provided and + does not match the current etag of the issue, closing will be + blocked and an ABORTED error will be returned. + id: CloseIssueRequest + ListPullRequestsResponse: type: object + description: ListPullRequestsResponse is the response to list pull requests. properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array + pullRequests: items: - type: string - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + $ref: '#/components/schemas/PullRequest' + type: array + description: The list of pull requests. + nextPageToken: + description: A token identifying a page of results the server should return. + type: string + id: ListPullRequestsResponse + Comment: + id: Comment + description: The general pull request comment. type: object properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. + body: + description: Required. The comment body. + type: string + UnresolvePullRequestCommentsResponse: + id: UnresolvePullRequestCommentsResponse + description: The response to unresolve multiple pull request comments. + properties: + pullRequestComments: type: array items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. - type: string + $ref: '#/components/schemas/PullRequestComment' + description: The list of pull request comments unresolved. + type: object Operation: id: Operation description: >- This resource represents a long-running operation that is the result of a network API call. - type: object properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. + response: type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: description: >- The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is @@ -478,321 +654,574 @@ components: where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. + metadata: type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string - details: + error: + $ref: '#/components/schemas/Status' description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array + The error result of the operation in case of failure or + cancellation. + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + type: object + BatchCreatePullRequestCommentsResponse: + description: The response to batch create pull request comments. + type: object + properties: + pullRequestComments: items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - ListInstancesResponse: - id: ListInstancesResponse - type: object - properties: - instances: - description: The list of instances. + $ref: '#/components/schemas/PullRequestComment' type: array + description: The list of pull request comments created. + id: BatchCreatePullRequestCommentsResponse + ListBranchRulesResponse: + description: ListBranchRulesResponse is the response to listing branchRules. + properties: + branchRules: + description: The list of branch rules. items: - $ref: '#/components/schemas/Instance' + $ref: '#/components/schemas/BranchRule' + type: array nextPageToken: - description: A token identifying a page of results the server should return. type: string - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - Instance: - id: Instance - description: A resource that represents a Secure Source Manager instance. + description: A token identifying a page of results the server should return. type: object + id: ListBranchRulesResponse + PushOption: properties: - name: + branchFilter: description: >- - Optional. A unique identifier for an instance. The name should be of - the format: - `projects/{project_number}/locations/{location_id}/instances/{instance_id}` - `project_number`: Maps to a unique int64 id assigned to each - project. `location_id`: Refers to the region where the instance will - be deployed. Since Secure Source Manager is a regional service, it - must be one of the valid GCP regions. `instance_id`: User provided - name for the instance, must be unique for a project_number and - location_id combination. + Optional. Trigger hook for matching branches only. Specified as glob + pattern. If empty or *, events for all branches are reported. + Examples: main, {main,release*}. See + https://pkg.go.dev/github.com/gobwas/glob documentation. type: string - createTime: - description: Output only. Create timestamp. - readOnly: true + id: PushOption + type: object + CreatePullRequestCommentRequest: + type: object + description: The request to create a pull request comment. + id: CreatePullRequestCommentRequest + properties: + pullRequestComment: + $ref: '#/components/schemas/PullRequestComment' + description: Required. The pull request comment to create. + parent: type: string - format: google-datetime - updateTime: - description: Output only. Update timestamp. - readOnly: true + description: >- + Required. The pull request in which to create the pull request + comment. Format: + `projects/{project_number}/locations/{location_id}/repositories/{repository_id}/pullRequests/{pull_request_id}` + ListPullRequestCommentsResponse: + id: ListPullRequestCommentsResponse + description: The response to list pull request comments. + properties: + nextPageToken: type: string - format: google-datetime - labels: - description: Optional. Labels as key value pairs. - type: object - additionalProperties: + description: >- + A token to set as page_token to retrieve the next page. If this + field is omitted, there are no subsequent pages. + pullRequestComments: + description: The list of pull request comments. + type: array + items: + $ref: '#/components/schemas/PullRequestComment' + type: object + TestIamPermissionsResponse: + type: object + properties: + permissions: + items: type: string - privateConfig: - description: Optional. Private settings for private instance. - $ref: '#/components/schemas/PrivateConfig' - state: - description: Output only. Current state of the instance. + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + type: array + id: TestIamPermissionsResponse + description: Response message for `TestIamPermissions` method. + FileDiff: + id: FileDiff + type: object + properties: + action: readOnly: true type: string + description: >- + Output only. The action taken on the file (eg. added, modified, + deleted). enumDescriptions: - - Not set. This should only be the case for incoming requests. - - Instance is being created. - - Instance is ready. - - Instance is being deleted. - - Instance is paused. - - Instance is unknown, we are not sure if it's functioning. + - Unspecified. + - The file was added. + - The file was modified. + - The file was deleted. enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - - PAUSED - - UNKNOWN - stateNote: - description: >- - Output only. An optional field providing information about the - current instance state. + - ACTION_UNSPECIFIED + - ADDED + - MODIFIED + - DELETED + name: + type: string + readOnly: true + description: Output only. The name of the file. + sha: + description: Output only. The commit pointing to the file changes. readOnly: true type: string - enumDescriptions: - - STATE_NOTE_UNSPECIFIED as the first value of State. - - CMEK access is unavailable. - - >- - INSTANCE_RESUMING indicates that the instance was previously - paused and is under the process of being brought back. - enumDeprecated: - - false - - false - - true - enum: - - STATE_NOTE_UNSPECIFIED - - PAUSED_CMEK_UNAVAILABLE - - INSTANCE_RESUMING - kmsKey: - description: >- - Optional. Immutable. Customer-managed encryption key name, in the - format projects/*/locations/*/keyRings/*/cryptoKeys/*. + patch: + description: Output only. The git patch containing the file changes. type: string - hostConfig: - description: Output only. A list of hostnames for this instance. readOnly: true - $ref: '#/components/schemas/HostConfig' - workforceIdentityFederationConfig: - description: >- - Optional. Configuration for Workforce Identity Federation to support - third party identity provider. If unset, defaults to the Google OIDC - IdP. - $ref: '#/components/schemas/WorkforceIdentityFederationConfig' - PrivateConfig: - id: PrivateConfig - description: PrivateConfig includes settings for private instance. - type: object + description: >- + Metadata of a FileDiff. FileDiff represents a single file diff in a pull + request. + Location: + description: A resource that represents a Google Cloud location. + id: Location properties: - isPrivate: - description: Required. Immutable. Indicate if it's private instance. - type: boolean - caPool: + displayName: description: >- - Optional. Immutable. CA pool resource, resource must in the format - of `projects/{project}/locations/{location}/caPools/{ca_pool}`. + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". type: string - httpServiceAttachment: + name: description: >- - Output only. Service Attachment for HTTP, resource is in the format - of - `projects/{project}/regions/{region}/serviceAttachments/{service_attachment}`. - readOnly: true + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` type: string - sshServiceAttachment: + metadata: description: >- - Output only. Service Attachment for SSH, resource is in the format - of - `projects/{project}/regions/{region}/serviceAttachments/{service_attachment}`. - readOnly: true + Service-specific metadata. For example the available capacity at the + given location. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' type: string - pscAllowedProjects: + labels: + additionalProperties: + type: string description: >- - Optional. Additional allowed projects for setting up PSC - connections. Instance host project is automatically allowed and does - not need to be included in this list. - type: array + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + type: object + type: object + ListRepositoriesResponse: + id: ListRepositoriesResponse + type: object + properties: + repositories: items: - type: string + $ref: '#/components/schemas/Repository' + description: The list of repositories. + type: array + nextPageToken: + description: A token identifying a page of results the server should return. + type: string HostConfig: - id: HostConfig - description: HostConfig has different instance endpoints. type: object + description: HostConfig has different instance endpoints. properties: - html: - description: Output only. HTML hostname. - readOnly: true - type: string - api: - description: Output only. API hostname. - readOnly: true - type: string gitHttp: description: Output only. Git HTTP hostname. - readOnly: true type: string + readOnly: true gitSsh: + readOnly: true description: Output only. Git SSH hostname. + type: string + html: readOnly: true type: string - WorkforceIdentityFederationConfig: - id: WorkforceIdentityFederationConfig - description: >- - WorkforceIdentityFederationConfig allows this instance to support users - from external identity providers. + description: Output only. HTML hostname. + api: + readOnly: true + description: Output only. API hostname. + type: string + id: HostConfig + Policy: type: object + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + id: Policy properties: - enabled: + version: description: >- - Optional. Immutable. Whether Workforce Identity Federation is - enabled. - type: boolean - ListRepositoriesResponse: - id: ListRepositoriesResponse - type: object - properties: - repositories: - description: The list of repositories. + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + format: int32 + type: integer + bindings: + items: + $ref: '#/components/schemas/Binding' + type: array + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + etag: + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + type: string + format: byte + auditConfigs: type: array items: - $ref: '#/components/schemas/Repository' + $ref: '#/components/schemas/AuditConfig' + description: Specifies cloud audit logging configuration for this policy. + ListIssuesResponse: + properties: + issues: + description: The list of issues. + items: + $ref: '#/components/schemas/Issue' + type: array nextPageToken: description: A token identifying a page of results the server should return. type: string - Repository: - id: Repository - description: Metadata of a Secure Source Manager repository. type: object + description: The response to list issues. + id: ListIssuesResponse + BatchCreatePullRequestCommentsRequest: properties: - name: + requests: + type: array description: >- - Optional. A unique identifier for a repository. The name should be - of the format: - `projects/{project}/locations/{location_id}/repositories/{repository_id}` + Required. The request message specifying the resources to create. + There should be exactly one CreatePullRequestCommentRequest with + CommentDetail being REVIEW in the list, and no more than 100 + CreatePullRequestCommentRequests with CommentDetail being CODE in + the list + items: + $ref: '#/components/schemas/CreatePullRequestCommentRequest' + type: object + description: The request to batch create pull request comments. + id: BatchCreatePullRequestCommentsRequest + CancelOperationRequest: + properties: {} + type: object + id: CancelOperationRequest + description: The request message for Operations.CancelOperation. + PullRequest: + properties: + createTime: + description: Output only. Creation timestamp. type: string - description: + readOnly: true + format: google-datetime + updateTime: + description: Output only. Last updated timestamp. + type: string + readOnly: true + format: google-datetime + title: + description: Required. The pull request title. + type: string + base: + $ref: '#/components/schemas/Branch' + description: Required. The branch to merge changes in. + body: description: >- - Optional. Description of the repository, which cannot exceed 500 - characters. + Optional. The pull request body. Provides a detailed description of + the changes. + type: string + name: type: string - instance: description: >- - Optional. The name of the instance in which the repository is - hosted, formatted as - `projects/{project_number}/locations/{location_id}/instances/{instance_id}` - When creating repository via securesourcemanager.googleapis.com, - this field is used as input. When creating repository via - *.sourcemanager.dev, this field is output only. + Output only. A unique identifier for a PullRequest. The number + appended at the end is generated by the server. Format: + `projects/{project}/locations/{location}/repositories/{repository}/pullRequests/{pull_request_id}` + readOnly: true + closeTime: type: string - uid: - description: Output only. Unique identifier of the repository. + description: >- + Output only. Close timestamp (if closed or merged). Cleared when + pull request is re-opened. + format: google-datetime + readOnly: true + state: + enumDescriptions: + - Unspecified. + - An open pull request. + - A closed pull request. + - A merged pull request. readOnly: true type: string + enum: + - STATE_UNSPECIFIED + - OPEN + - CLOSED + - MERGED + description: Output only. State of the pull request (open, closed or merged). + head: + $ref: '#/components/schemas/Branch' + description: Immutable. The branch containing the changes to be merged. + id: PullRequest + type: object + description: >- + Metadata of a PullRequest. PullRequest is the request from a user to + merge a branch (head) into another branch (base). + Issue: + id: Issue + type: object + properties: createTime: - description: Output only. Create timestamp. + description: Output only. Creation timestamp. + format: google-datetime + type: string + readOnly: true + body: + description: Optional. Issue body. Provides a detailed description of the issue. + type: string + state: readOnly: true + description: Output only. State of the issue. + enum: + - STATE_UNSPECIFIED + - OPEN + - CLOSED + enumDescriptions: + - Unspecified. + - An open issue. + - A closed issue. + type: string + title: + description: Required. Issue title. type: string + closeTime: + description: Output only. Close timestamp (if closed). Cleared when is re-opened. + readOnly: true format: google-datetime + type: string updateTime: - description: Output only. Update timestamp. readOnly: true - type: string + description: Output only. Last updated timestamp. format: google-datetime + type: string etag: description: >- Optional. This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. type: string - uris: - description: Output only. URIs for the repository. - readOnly: true - $ref: '#/components/schemas/URIs' - initialConfig: - description: Input only. Initial configurations for the repository. - $ref: '#/components/schemas/InitialConfig' - URIs: - id: URIs - description: URIs for the repository. + name: + type: string + description: >- + Identifier. Unique identifier for an issue. The issue id is + generated by the server. Format: + `projects/{project}/locations/{location}/repositories/{repository}/issues/{issue_id}` + description: Metadata of an Issue. + Position: type: object + id: Position properties: - html: + line: description: >- - Output only. HTML is the URI for user to view the repository in a - browser. + Required. The line number of the comment. Positive value means it's + on the new side of the diff, negative value means it's on the old + side. + format: int64 + type: string + path: + description: Required. The path of the file. + type: string + description: The position of the code comment. + IssueComment: + description: IssueComment represents a comment on an issue. + properties: + body: + type: string + description: Required. The comment body. + updateTime: + type: string readOnly: true + format: google-datetime + description: Output only. Last updated timestamp. + name: + description: >- + Identifier. Unique identifier for an issue comment. The comment id + is generated by the server. Format: + `projects/{project}/locations/{location}/repositories/{repository}/issues/{issue}/issueComments/{comment_id}` type: string - gitHttps: - description: Output only. git_https is the git HTTPS URI for git operations. + createTime: + type: string + format: google-datetime readOnly: true + description: Output only. Creation timestamp. + id: IssueComment + type: object + TestIamPermissionsRequest: + id: TestIamPermissionsRequest + properties: + permissions: + items: + type: string + type: array + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + type: object + description: Request message for `TestIamPermissions` method. + Hook: + description: Metadata of a Secure Source Manager Hook. + id: Hook + type: object + properties: + sensitiveQueryString: type: string - api: - description: Output only. API is the URI for API access. + description: >- + Optional. The sensitive query string to be appended to the target + URI. + updateTime: + readOnly: true + description: Output only. Update timestamp. + type: string + format: google-datetime + createTime: + type: string + description: Output only. Create timestamp. + format: google-datetime + readOnly: true + pushOption: + description: Optional. The trigger option for push events. + $ref: '#/components/schemas/PushOption' + disabled: + type: boolean + description: >- + Optional. Determines if the hook disabled or not. Set to true to + stop sending traffic. + name: + description: >- + Identifier. A unique identifier for a Hook. The name should be of + the format: + `projects/{project}/locations/{location_id}/repositories/{repository_id}/hooks/{hook_id}` + type: string + targetUri: + type: string + description: Required. The target URI to which the payloads will be delivered. + events: + type: array + description: Optional. The events that trigger hook on. + items: + enum: + - UNSPECIFIED + - PUSH + - PULL_REQUEST + type: string + enumDescriptions: + - Unspecified. + - Push events are triggered when pushing to the repository. + - >- + Pull request events are triggered when a pull request is opened, + closed, reopened, or edited. + uid: readOnly: true + description: Output only. Unique identifier of the hook. type: string + OpenPullRequestRequest: + id: OpenPullRequestRequest + properties: {} + description: OpenPullRequestRequest is the request to open a pull request. + type: object InitialConfig: - id: InitialConfig description: Repository initialization configuration. - type: object properties: defaultBranch: description: Default branch name of the repository. type: string + readme: + description: 'README template name. Valid template name(s) are: default.' + type: string gitignores: + items: + type: string description: >- List of gitignore template names user can choose from. Valid values: actionscript, ada, agda, android, anjuta, ansible, @@ -830,8 +1259,6 @@ components: web-methods, windows, word-press, xcode, xilinx, xilinx-ise, xojo, yeoman, yii, zend-framework, zephir. type: array - items: - type: string license: description: >- License template name user can choose from. Valid values: @@ -935,826 +1362,396 @@ components: xskat, ypl-1-0, ypl-1-1, zed, zend-2-0, zimbra-1-3, zimbra-1-4, zlib, zlib-acknowledgement, zpl-1-1, zpl-2-0, zpl-2-1. type: string - readme: - description: 'README template name. Valid template name(s) are: default.' - type: string - ListHooksResponse: - id: ListHooksResponse - description: ListHooksResponse is response to list hooks. + id: InitialConfig type: object - properties: - hooks: - description: The list of hooks. - type: array - items: - $ref: '#/components/schemas/Hook' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - Hook: - id: Hook - description: Metadata of a Secure Source Manager Hook. + ListInstancesResponse: + id: ListInstancesResponse type: object properties: - name: - description: >- - Identifier. A unique identifier for a Hook. The name should be of - the format: - `projects/{project}/locations/{location_id}/repositories/{repository_id}/hooks/{hook_id}` - type: string - targetUri: - description: Required. The target URI to which the payloads will be delivered. - type: string - disabled: - description: >- - Optional. Determines if the hook disabled or not. Set to true to - stop sending traffic. - type: boolean - events: - description: Optional. The events that trigger hook on. + unreachable: type: array + description: Locations that could not be reached. items: type: string - enumDescriptions: - - Unspecified. - - Push events are triggered when pushing to the repository. - - >- - Pull request events are triggered when a pull request is opened, - closed, reopened, or edited. - enum: - - UNSPECIFIED - - PUSH - - PULL_REQUEST - createTime: - description: Output only. Create timestamp. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Update timestamp. - readOnly: true - type: string - format: google-datetime - uid: - description: Output only. Unique identifier of the hook. - readOnly: true - type: string - pushOption: - description: Optional. The trigger option for push events. - $ref: '#/components/schemas/PushOption' - sensitiveQueryString: - description: >- - Optional. The sensitive query string to be appended to the target - URI. - type: string - PushOption: - id: PushOption - type: object - properties: - branchFilter: - description: >- - Optional. Trigger hook for matching branches only. Specified as glob - pattern. If empty or *, events for all branches are reported. - Examples: main, {main,release*}. See - https://pkg.go.dev/github.com/gobwas/glob documentation. - type: string - BranchRule: - id: BranchRule - description: >- - Metadata of a BranchRule. BranchRule is the protection rule to enforce - pre-defined rules on designated branches within a repository. - type: object - properties: - name: - description: >- - Optional. A unique identifier for a BranchRule. The name should be - of the format: - `projects/{project}/locations/{location}/repositories/{repository}/branchRules/{branch_rule}` - type: string - uid: - description: Output only. Unique identifier of the repository. - readOnly: true - type: string - createTime: - description: Output only. Create timestamp. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Update timestamp. - readOnly: true - type: string - format: google-datetime - annotations: - description: >- - Optional. User annotations. These attributes can only be set and - used by the user. See https://google.aip.dev/128#annotations for - more details such as format and size limitations. - type: object - additionalProperties: - type: string - etag: - description: >- - Optional. This checksum is computed by the server based on the value - of other fields, and may be sent on update and delete requests to - ensure the client has an up-to-date value before proceeding. - type: string - includePattern: - description: >- - Optional. The pattern of the branch that can match to this - BranchRule. Specified as regex. .* for all branches. Examples: main, - (main|release.*). Current MVP phase only support `.*` for wildcard. + nextPageToken: + description: A token identifying a page of results the server should return. type: string - disabled: - description: Optional. Determines if the branch rule is disabled or not. - type: boolean - requirePullRequest: - description: >- - Optional. Determines if the branch rule requires a pull request or - not. - type: boolean - minimumReviewsCount: - description: >- - Optional. The minimum number of reviews required for the branch rule - to be matched. - type: integer - format: int32 - minimumApprovalsCount: - description: >- - Optional. The minimum number of approvals required for the branch - rule to be matched. - type: integer - format: int32 - requireCommentsResolved: - description: >- - Optional. Determines if require comments resolved before merging to - the branch. - type: boolean - allowStaleReviews: - description: >- - Optional. Determines if allow stale reviews or approvals before - merging to the branch. - type: boolean - requireLinearHistory: - description: >- - Optional. Determines if require linear history before merging to the - branch. - type: boolean - requiredStatusChecks: - description: >- - Optional. List of required status checks before merging to the - branch. + instances: type: array + description: The list of instances. items: - $ref: '#/components/schemas/Check' - Check: - id: Check - description: Check is a type for status check. - type: object - properties: - context: - description: Required. The context of the check. - type: string - ListBranchRulesResponse: - id: ListBranchRulesResponse - description: ListBranchRulesResponse is the response to listing branchRules. + $ref: '#/components/schemas/Instance' + ListIssueCommentsResponse: + id: ListIssueCommentsResponse type: object properties: - branchRules: - description: The list of branch rules. + issueComments: + description: The list of issue comments. type: array items: - $ref: '#/components/schemas/BranchRule' + $ref: '#/components/schemas/IssueComment' nextPageToken: description: A token identifying a page of results the server should return. type: string - PullRequest: - id: PullRequest - description: >- - Metadata of a PullRequest. PullRequest is the request from a user to - merge a branch (head) into another branch (base). - type: object + description: The response to list issue comments. + PullRequestComment: properties: - name: - description: >- - Output only. A unique identifier for a PullRequest. The number - appended at the end is generated by the server. Format: - `projects/{project}/locations/{location}/repositories/{repository}/pullRequests/{pull_request_id}` - readOnly: true - type: string - title: - description: Required. The pull request title. - type: string - body: - description: >- - Optional. The pull request body. Provides a detailed description of - the changes. - type: string - base: - description: Required. The branch to merge changes in. - $ref: '#/components/schemas/Branch' - head: - description: Immutable. The branch containing the changes to be merged. - $ref: '#/components/schemas/Branch' - state: - description: Output only. State of the pull request (open, closed or merged). - readOnly: true - type: string - enumDescriptions: - - Unspecified. - - An open pull request. - - A closed pull request. - - A merged pull request. - enum: - - STATE_UNSPECIFIED - - OPEN - - CLOSED - - MERGED - createTime: - description: Output only. Creation timestamp. - readOnly: true - type: string - format: google-datetime + review: + description: Optional. The review summary comment. + $ref: '#/components/schemas/Review' updateTime: description: Output only. Last updated timestamp. readOnly: true - type: string format: google-datetime - closeTime: + type: string + name: description: >- - Output only. Close timestamp (if closed or merged). Cleared when - pull request is re-opened. - readOnly: true + Identifier. Unique identifier for the pull request comment. The + comment id is generated by the server. Format: + `projects/{project}/locations/{location}/repositories/{repository}/pullRequests/{pull_request}/pullRequestComments/{comment_id}` type: string + code: + description: Optional. The comment on a code line. + $ref: '#/components/schemas/Code' + comment: + description: Optional. The general pull request comment. + $ref: '#/components/schemas/Comment' + createTime: format: google-datetime - Branch: - id: Branch - description: Branch represents a branch involved in a pull request. - type: object - properties: - ref: - description: Required. Name of the branch. - type: string - sha: - description: Output only. The commit at the tip of the branch. + description: Output only. Creation timestamp. readOnly: true type: string - ListPullRequestsResponse: - id: ListPullRequestsResponse - description: ListPullRequestsResponse is the response to list pull requests. - type: object - properties: - pullRequests: - description: The list of pull requests. - type: array - items: - $ref: '#/components/schemas/PullRequest' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - MergePullRequestRequest: - id: MergePullRequestRequest - description: MergePullRequestRequest is the request to merge a pull request. - type: object - properties: {} - OpenPullRequestRequest: - id: OpenPullRequestRequest - description: OpenPullRequestRequest is the request to open a pull request. - type: object - properties: {} - ClosePullRequestRequest: - id: ClosePullRequestRequest - description: ClosePullRequestRequest is the request to close a pull request. - type: object - properties: {} - ListPullRequestFileDiffsResponse: - id: ListPullRequestFileDiffsResponse - description: >- - ListPullRequestFileDiffsResponse is the response containing file diffs - returned from ListPullRequestFileDiffs. + id: PullRequestComment + description: PullRequestComment represents a comment on a pull request. type: object - properties: - fileDiffs: - description: The list of pull request file diffs. - type: array - items: - $ref: '#/components/schemas/FileDiff' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - FileDiff: - id: FileDiff - description: >- - Metadata of a FileDiff. FileDiff represents a single file diff in a pull - request. + PrivateConfig: + description: PrivateConfig includes settings for private instance. type: object + id: PrivateConfig properties: - name: - description: Output only. The name of the file. - readOnly: true - type: string - action: + isPrivate: + type: boolean + description: Required. Immutable. Indicate if it's private instance. + sshServiceAttachment: description: >- - Output only. The action taken on the file (eg. added, modified, - deleted). - readOnly: true - type: string - enumDescriptions: - - Unspecified. - - The file was added. - - The file was modified. - - The file was deleted. - enum: - - ACTION_UNSPECIFIED - - ADDED - - MODIFIED - - DELETED - sha: - description: Output only. The commit pointing to the file changes. - readOnly: true - type: string - patch: - description: Output only. The git patch containing the file changes. + Output only. Service Attachment for SSH, resource is in the format + of + `projects/{project}/regions/{region}/serviceAttachments/{service_attachment}`. readOnly: true type: string - FetchTreeResponse: - id: FetchTreeResponse - description: Response message containing a list of TreeEntry objects. - type: object - properties: - treeEntries: - description: The list of TreeEntry objects. + httpServiceAttachment: + type: string + description: >- + Output only. Service Attachment for HTTP, resource is in the format + of + `projects/{project}/regions/{region}/serviceAttachments/{service_attachment}`. + readOnly: true + pscAllowedProjects: type: array + description: >- + Optional. Additional allowed projects for setting up PSC + connections. Instance host project is automatically allowed and does + not need to be included in this list. items: - $ref: '#/components/schemas/TreeEntry' - nextPageToken: - description: A token identifying a page of results the server should return. + type: string + caPool: type: string + description: >- + Optional. Immutable. CA pool resource, resource must in the format + of `projects/{project}/locations/{location}/caPools/{ca_pool}`. TreeEntry: - id: TreeEntry - description: Represents an entry within a tree structure (like a Git tree). - type: object properties: - type: + size: + readOnly: true + format: int64 + type: string description: >- - Output only. The type of the object (TREE, BLOB, COMMIT). + Output only. The size of the object in bytes (only for blobs). + Output-only. + sha: + type: string + readOnly: true + description: >- + Output only. The SHA-1 hash of the object (unique identifier). Output-only. + path: readOnly: true type: string + description: >- + Output only. The path of the file or directory within the tree + (e.g., "src/main/java/MyClass.java"). Output-only. + type: enumDescriptions: - Default value, indicating the object type is unspecified. - Represents a directory (folder). - Represents a file (contains file data). - Represents a pointer to another repository (submodule). + readOnly: true + description: >- + Output only. The type of the object (TREE, BLOB, COMMIT). + Output-only. + type: string enum: - OBJECT_TYPE_UNSPECIFIED - TREE - BLOB - COMMIT - sha: - description: >- - Output only. The SHA-1 hash of the object (unique identifier). - Output-only. - readOnly: true - type: string - path: - description: >- - Output only. The path of the file or directory within the tree - (e.g., "src/main/java/MyClass.java"). Output-only. - readOnly: true - type: string mode: + type: string description: >- Output only. The file mode as a string (e.g., "100644"). Indicates file type. Output-only. readOnly: true - type: string - size: - description: >- - Output only. The size of the object in bytes (only for blobs). - Output-only. - readOnly: true - type: string - format: int64 - FetchBlobResponse: - id: FetchBlobResponse - description: Response message containing the content of a blob. + description: Represents an entry within a tree structure (like a Git tree). type: object - properties: - sha: - description: The SHA-1 hash of the blob. - type: string - content: - description: The content of the blob, encoded as base64. - type: string - Issue: - id: Issue - description: Metadata of an Issue. + id: TreeEntry + BranchRule: + description: >- + Metadata of a BranchRule. BranchRule is the protection rule to enforce + pre-defined rules on designated branches within a repository. + id: BranchRule type: object properties: - name: + annotations: + type: object description: >- - Identifier. Unique identifier for an issue. The issue id is - generated by the server. Format: - `projects/{project}/locations/{location}/repositories/{repository}/issues/{issue_id}` - type: string - title: - description: Required. Issue title. - type: string - body: - description: Optional. Issue body. Provides a detailed description of the issue. - type: string - state: - description: Output only. State of the issue. - readOnly: true - type: string - enumDescriptions: - - Unspecified. - - An open issue. - - A closed issue. - enum: - - STATE_UNSPECIFIED - - OPEN - - CLOSED - createTime: - description: Output only. Creation timestamp. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Last updated timestamp. - readOnly: true - type: string - format: google-datetime - closeTime: - description: Output only. Close timestamp (if closed). Cleared when is re-opened. - readOnly: true - type: string - format: google-datetime + Optional. User annotations. These attributes can only be set and + used by the user. See https://google.aip.dev/128#annotations for + more details such as format and size limitations. + additionalProperties: + type: string + requireLinearHistory: + description: >- + Optional. Determines if require linear history before merging to the + branch. + type: boolean etag: + type: string description: >- Optional. This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. - type: string - ListIssuesResponse: - id: ListIssuesResponse - description: The response to list issues. - type: object - properties: - issues: - description: The list of issues. + requiredStatusChecks: type: array items: - $ref: '#/components/schemas/Issue' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - OpenIssueRequest: - id: OpenIssueRequest - description: The request to open an issue. - type: object - properties: - etag: - description: >- - Optional. The current etag of the issue. If the etag is provided and - does not match the current etag of the issue, opening will be - blocked and an ABORTED error will be returned. - type: string - CloseIssueRequest: - id: CloseIssueRequest - description: The request to close an issue. - type: object - properties: - etag: + $ref: '#/components/schemas/Check' description: >- - Optional. The current etag of the issue. If the etag is provided and - does not match the current etag of the issue, closing will be - blocked and an ABORTED error will be returned. - type: string - PullRequestComment: - id: PullRequestComment - description: PullRequestComment represents a comment on a pull request. - type: object - properties: - name: + Optional. List of required status checks before merging to the + branch. + minimumReviewsCount: description: >- - Identifier. Unique identifier for the pull request comment. The - comment id is generated by the server. Format: - `projects/{project}/locations/{location}/repositories/{repository}/pullRequests/{pull_request}/pullRequestComments/{comment_id}` - type: string + Optional. The minimum number of reviews required for the branch rule + to be matched. + type: integer + format: int32 createTime: - description: Output only. Creation timestamp. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Last updated timestamp. readOnly: true - type: string format: google-datetime - review: - description: Optional. The review summary comment. - $ref: '#/components/schemas/Review' - comment: - description: Optional. The general pull request comment. - $ref: '#/components/schemas/Comment' - code: - description: Optional. The comment on a code line. - $ref: '#/components/schemas/Code' - Review: - id: Review - description: The review summary comment. - type: object - properties: - actionType: - description: Required. The review action type. - type: string - enumDescriptions: - - Unspecified. - - A general review comment. - - Change required from this review. - - Change approved from this review. - enum: - - ACTION_TYPE_UNSPECIFIED - - COMMENT - - CHANGE_REQUESTED - - APPROVED - body: - description: Optional. The comment body. - type: string - effectiveCommitSha: - description: Output only. The effective commit sha this review is pointing to. - readOnly: true - type: string - Comment: - id: Comment - description: The general pull request comment. - type: object - properties: - body: - description: Required. The comment body. - type: string - Code: - id: Code - description: The comment on a code line. - type: object - properties: - body: - description: Required. The comment body. - type: string - reply: - description: >- - Optional. Input only. The PullRequestComment resource name that this - comment is replying to. + description: Output only. Create timestamp. type: string - position: - description: Optional. The position of the comment. - $ref: '#/components/schemas/Position' - effectiveRootComment: + minimumApprovalsCount: + format: int32 + type: integer description: >- - Output only. The root comment of the conversation, derived from the - reply field. - readOnly: true + Optional. The minimum number of approvals required for the branch + rule to be matched. + includePattern: type: string - resolved: - description: Output only. Boolean indicator if the comment is resolved. - readOnly: true + description: >- + Optional. The pattern of the branch that can match to this + BranchRule. Specified as regex. .* for all branches. Examples: main, + (main|release.*). Current MVP phase only support `.*` for wildcard. + requireCommentsResolved: type: boolean - effectiveCommitSha: description: >- - Output only. The effective commit sha this code comment is pointing - to. + Optional. Determines if require comments resolved before merging to + the branch. + disabled: + description: Optional. Determines if the branch rule is disabled or not. + type: boolean + allowStaleReviews: + description: >- + Optional. Determines if allow stale reviews or approvals before + merging to the branch. + type: boolean + updateTime: + format: google-datetime readOnly: true + description: Output only. Update timestamp. type: string - Position: - id: Position - description: The position of the code comment. - type: object - properties: - path: - description: Required. The path of the file. - type: string - line: + name: description: >- - Required. The line number of the comment. Positive value means it's - on the new side of the diff, negative value means it's on the old - side. + Optional. A unique identifier for a BranchRule. The name should be + of the format: + `projects/{project}/locations/{location}/repositories/{repository}/branchRules/{branch_rule}` type: string - format: int64 - ListPullRequestCommentsResponse: - id: ListPullRequestCommentsResponse - description: The response to list pull request comments. - type: object - properties: - pullRequestComments: - description: The list of pull request comments. - type: array - items: - $ref: '#/components/schemas/PullRequestComment' - nextPageToken: - description: >- - A token to set as page_token to retrieve the next page. If this - field is omitted, there are no subsequent pages. + uid: + readOnly: true + description: Output only. Unique identifier of the repository. type: string - BatchCreatePullRequestCommentsRequest: - id: BatchCreatePullRequestCommentsRequest - description: The request to batch create pull request comments. - type: object - properties: - requests: + requirePullRequest: + type: boolean description: >- - Required. The request message specifying the resources to create. - There should be exactly one CreatePullRequestCommentRequest with - CommentDetail being REVIEW in the list, and no more than 100 - CreatePullRequestCommentRequests with CommentDetail being CODE in - the list - type: array - items: - $ref: '#/components/schemas/CreatePullRequestCommentRequest' - CreatePullRequestCommentRequest: - id: CreatePullRequestCommentRequest - description: The request to create a pull request comment. - type: object + Optional. Determines if the branch rule requires a pull request or + not. + ListOperationsResponse: + id: ListOperationsResponse properties: - parent: - description: >- - Required. The pull request in which to create the pull request - comment. Format: - `projects/{project_number}/locations/{location_id}/repositories/{repository_id}/pullRequests/{pull_request_id}` + nextPageToken: + description: The standard List next-page token. type: string - pullRequestComment: - description: Required. The pull request comment to create. - $ref: '#/components/schemas/PullRequestComment' - ResolvePullRequestCommentsRequest: - id: ResolvePullRequestCommentsRequest - description: The request to resolve multiple pull request comments. - type: object - properties: - names: - description: >- - Required. The names of the pull request comments to resolve. Format: - `projects/{project_number}/locations/{location_id}/repositories/{repository_id}/pullRequests/{pull_request_id}/pullRequestComments/{comment_id}` - Only comments from the same threads are allowed in the same request. - type: array + operations: items: - type: string - autoFill: - description: >- - Optional. If set, at least one comment in a thread is required, rest - of the comments in the same thread will be automatically updated to - resolved. If unset, all comments in the same thread need be present. - type: boolean - UnresolvePullRequestCommentsRequest: - id: UnresolvePullRequestCommentsRequest - description: The request to unresolve multiple pull request comments. - type: object - properties: - names: + $ref: '#/components/schemas/Operation' description: >- - Required. The names of the pull request comments to unresolve. - Format: - `projects/{project_number}/locations/{location_id}/repositories/{repository_id}/pullRequests/{pull_request_id}/pullRequestComments/{comment_id}` - Only comments from the same threads are allowed in the same request. + A list of operations that matches the specified filter in the + request. type: array + unreachable: items: type: string - autoFill: + type: array description: >- - Optional. If set, at least one comment in a thread is required, rest - of the comments in the same thread will be automatically updated to - unresolved. If unset, all comments in the same thread need be - present. - type: boolean - IssueComment: - id: IssueComment - description: IssueComment represents a comment on an issue. + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: object + description: The response message for Operations.ListOperations. + Repository: type: object + id: Repository + description: Metadata of a Secure Source Manager repository. properties: - name: + uid: + description: Output only. Unique identifier of the repository. + type: string + readOnly: true + createTime: + type: string + description: Output only. Create timestamp. + format: google-datetime + readOnly: true + initialConfig: + description: Input only. Initial configurations for the repository. + $ref: '#/components/schemas/InitialConfig' + etag: description: >- - Identifier. Unique identifier for an issue comment. The comment id - is generated by the server. Format: - `projects/{project}/locations/{location}/repositories/{repository}/issues/{issue}/issueComments/{comment_id}` + Optional. This checksum is computed by the server based on the value + of other fields, and may be sent on update and delete requests to + ensure the client has an up-to-date value before proceeding. type: string - body: - description: Required. The comment body. + name: + description: >- + Optional. A unique identifier for a repository. The name should be + of the format: + `projects/{project}/locations/{location_id}/repositories/{repository_id}` type: string - createTime: - description: Output only. Creation timestamp. + uris: + description: Output only. URIs for the repository. + $ref: '#/components/schemas/URIs' readOnly: true + instance: type: string - format: google-datetime + description: >- + Optional. The name of the instance in which the repository is + hosted, formatted as + `projects/{project_number}/locations/{location_id}/instances/{instance_id}` + When creating repository via securesourcemanager.googleapis.com, + this field is used as input. When creating repository via + *.sourcemanager.dev, this field is output only. + description: + type: string + description: >- + Optional. Description of the repository, which cannot exceed 500 + characters. updateTime: - description: Output only. Last updated timestamp. readOnly: true - type: string format: google-datetime - ListIssueCommentsResponse: - id: ListIssueCommentsResponse - description: The response to list issue comments. + type: string + description: Output only. Update timestamp. + ClosePullRequestRequest: + type: object + description: ClosePullRequestRequest is the request to close a pull request. + properties: {} + id: ClosePullRequestRequest + OpenIssueRequest: + description: The request to open an issue. + id: OpenIssueRequest type: object properties: - issueComments: - description: The list of issue comments. - type: array - items: - $ref: '#/components/schemas/IssueComment' - nextPageToken: - description: A token identifying a page of results the server should return. + etag: + description: >- + Optional. The current etag of the issue. If the etag is provided and + does not match the current etag of the issue, opening will be + blocked and an ABORTED error will be returned. type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. + MergePullRequestRequest: type: object + properties: {} + id: MergePullRequestRequest + description: MergePullRequestRequest is the request to merge a pull request. + Review: + description: The review summary comment. properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true + body: + description: Optional. The comment body. type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. + actionType: + enumDescriptions: + - Unspecified. + - A general review comment. + - Change required from this review. + - Change approved from this review. + enum: + - ACTION_TYPE_UNSPECIFIED + - COMMENT + - CHANGE_REQUESTED + - APPROVED + type: string + description: Required. The review action type. + effectiveCommitSha: readOnly: true + description: Output only. The effective commit sha this review is pointing to. type: string - format: google-datetime - target: + id: Review + type: object + URIs: + id: URIs + type: object + properties: + html: description: >- - Output only. Server-defined resource path for the target of the - operation. + Output only. HTML is the URI for user to view the repository in a + browser. readOnly: true type: string - verb: - description: Output only. Name of the verb executed by the operation. + api: + description: Output only. API is the URI for API access. readOnly: true type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. + gitHttps: readOnly: true type: string - requestedCancellation: - description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have successfully been cancelled - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. + description: Output only. git_https is the git HTTPS URI for git operations. + description: URIs for the repository. + Branch: + id: Branch + properties: + ref: + description: Required. Name of the branch. + type: string + sha: readOnly: true + description: Output only. The commit at the tip of the branch. type: string - BatchCreatePullRequestCommentsResponse: - id: BatchCreatePullRequestCommentsResponse - description: The response to batch create pull request comments. - type: object - properties: - pullRequestComments: - description: The list of pull request comments created. - type: array - items: - $ref: '#/components/schemas/PullRequestComment' - ResolvePullRequestCommentsResponse: - id: ResolvePullRequestCommentsResponse - description: The response to resolve multiple pull request comments. - type: object - properties: - pullRequestComments: - description: The list of pull request comments resolved. - type: array - items: - $ref: '#/components/schemas/PullRequestComment' - UnresolvePullRequestCommentsResponse: - id: UnresolvePullRequestCommentsResponse - description: The response to unresolve multiple pull request comments. type: object - properties: - pullRequestComments: - description: The list of pull request comments unresolved. - type: array - items: - $ref: '#/components/schemas/PullRequestComment' + description: Branch represents a branch involved in a pull request. parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: callback + name: upload_protocol schema: type: string fields: @@ -1763,19 +1760,10 @@ components: name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string - oauth_token: - description: OAuth 2.0 token for the current user. + access_token: + description: OAuth access token. in: query - name: oauth_token + name: access_token schema: type: string prettyPrint: @@ -1784,6 +1772,12 @@ components: name: prettyPrint schema: type: boolean + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -1793,303 +1787,208 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + _.xgafv: + description: V1 error format. in: query - name: upload_protocol + name: $.xgafv schema: type: string + enum: + - '1' + - '2' uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query name: uploadType schema: type: string - _.xgafv: - description: V1 error format. + callback: + description: JSONP in: query - name: $.xgafv + name: callback + schema: + type: string + alt: + description: Data format for response. + in: query + name: alt schema: type: string enum: - - '1' - - '2' + - json + - media + - proto + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string x-stackQL-resources: - locations: - id: google.securesourcemanager.locations - name: locations - title: Locations - methods: - list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations - get: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - instances_iam_policies: - id: google.securesourcemanager.instances_iam_policies - name: instances_iam_policies - title: Instances_iam_policies - methods: - set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - get_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:getIamPolicy/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/instances_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/instances_iam_policies/methods/set_iam_policy - delete: [] - instances: - id: google.securesourcemanager.instances - name: instances - title: Instances + pull_request_comments: + id: google.securesourcemanager.pull_request_comments + name: pull_request_comments + title: Pull_request_comments methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.instances create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances/post - response: - mediaType: application/json - openAPIDocKey: '200' - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}~1pullRequestComments/post response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}~1pullRequestComments/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/instances/methods/get' - - $ref: '#/components/x-stackQL-resources/instances/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/instances/methods/create' - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/instances/methods/delete' - operations: - id: google.securesourcemanager.operations - name: operations - title: Operations - methods: - list: + objectKey: $.pullRequestComments + resolve: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}~1pullRequestComments:resolve/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - get: + batch_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}~1pullRequestComments:batchCreate/post response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}~1pullRequestComments~1{pullRequestCommentsId}/patch response: mediaType: application/json openAPIDocKey: '200' - cancel: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}~1pullRequestComments~1{pullRequestCommentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' - insert: [] - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - repositories: - id: google.securesourcemanager.repositories - name: repositories - title: Repositories - methods: - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}~1pullRequestComments~1{pullRequestCommentsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.repositories - create: + unresolve: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}~1pullRequestComments:unresolve/post response: mediaType: application/json openAPIDocKey: '200' - get: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/pull_request_comments/methods/get' + - $ref: >- + #/components/x-stackQL-resources/pull_request_comments/methods/list + insert: + - $ref: >- + #/components/x-stackQL-resources/pull_request_comments/methods/create + - $ref: >- + #/components/x-stackQL-resources/pull_request_comments/methods/batch_create + update: + - $ref: >- + #/components/x-stackQL-resources/pull_request_comments/methods/patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/pull_request_comments/methods/delete + pull_requests: + id: google.securesourcemanager.pull_requests + name: pull_requests + title: Pull_requests + methods: + close: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}:close/post response: mediaType: application/json openAPIDocKey: '200' - patch: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}/patch response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/repositories/methods/get' - - $ref: '#/components/x-stackQL-resources/repositories/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/repositories/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/repositories/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/repositories/methods/delete' - repositories_iam_policies: - id: google.securesourcemanager.repositories_iam_policies - name: repositories_iam_policies - title: Repositories_iam_policies - methods: - get_iam_policy: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - set_iam_policy: + objectKey: $.pullRequests + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests/post response: mediaType: application/json openAPIDocKey: '200' - test_iam_permissions: + merge: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}:merge/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/repositories_iam_policies/methods/get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/repositories_iam_policies/methods/set_iam_policy - delete: [] - repositories_tree: - id: google.securesourcemanager.repositories_tree - name: repositories_tree - title: Repositories_tree - methods: - fetch_tree: + open: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:fetchTree/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}:open/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/repositories_tree/methods/fetch_tree - insert: [] - update: [] + - $ref: '#/components/x-stackQL-resources/pull_requests/methods/get' + - $ref: '#/components/x-stackQL-resources/pull_requests/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/pull_requests/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/pull_requests/methods/patch' replace: [] delete: [] - repositories_blob: - id: google.securesourcemanager.repositories_blob - name: repositories_blob - title: Repositories_blob + pull_requests_file_diffs: + id: google.securesourcemanager.pull_requests_file_diffs + name: pull_requests_file_diffs + title: Pull_requests_file_diffs methods: - fetch_blob: + list_file_diffs: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:fetchBlob/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}:listFileDiffs/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.fileDiffs sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/repositories_blob/methods/fetch_blob + #/components/x-stackQL-resources/pull_requests_file_diffs/methods/list_file_diffs insert: [] update: [] replace: [] @@ -2121,17 +2020,17 @@ components: response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1hooks~1{hooksId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1hooks~1{hooksId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1hooks~1{hooksId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1hooks~1{hooksId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -2146,434 +2045,483 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/hooks/methods/delete' - branch_rules: - id: google.securesourcemanager.branch_rules - name: branch_rules - title: Branch_rules + issues: + id: google.securesourcemanager.issues + name: issues + title: Issues methods: - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1branchRules/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues/get response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.issues + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1branchRules/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.branchRules get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1branchRules~1{branchRulesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}/delete response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1branchRules~1{branchRulesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + close: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1branchRules~1{branchRulesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}:close/post + response: + mediaType: application/json + openAPIDocKey: '200' + open: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}:open/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/branch_rules/methods/get' - - $ref: '#/components/x-stackQL-resources/branch_rules/methods/list' + - $ref: '#/components/x-stackQL-resources/issues/methods/get' + - $ref: '#/components/x-stackQL-resources/issues/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/branch_rules/methods/create' + - $ref: '#/components/x-stackQL-resources/issues/methods/create' update: - - $ref: '#/components/x-stackQL-resources/branch_rules/methods/patch' + - $ref: '#/components/x-stackQL-resources/issues/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/branch_rules/methods/delete' - pull_requests: - id: google.securesourcemanager.pull_requests - name: pull_requests - title: Pull_requests + - $ref: '#/components/x-stackQL-resources/issues/methods/delete' + issue_comments: + id: google.securesourcemanager.issue_comments + name: issue_comments + title: Issue_comments methods: + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}~1issueComments~1{issueCommentsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}~1issueComments~1{issueCommentsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}~1issueComments~1{issueCommentsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}~1issueComments/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}~1issueComments/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.pullRequests - get: + objectKey: $.issueComments + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/issue_comments/methods/get' + - $ref: '#/components/x-stackQL-resources/issue_comments/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/issue_comments/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/issue_comments/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/issue_comments/methods/delete' + branch_rules: + id: google.securesourcemanager.branch_rules + name: branch_rules + title: Branch_rules + methods: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1branchRules/post response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1branchRules/get response: mediaType: application/json openAPIDocKey: '200' - merge: + objectKey: $.branchRules + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}:merge/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1branchRules~1{branchRulesId}/patch response: mediaType: application/json openAPIDocKey: '200' - open: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}:open/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1branchRules~1{branchRulesId}/get response: mediaType: application/json openAPIDocKey: '200' - close: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}:close/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1branchRules~1{branchRulesId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/pull_requests/methods/get' - - $ref: '#/components/x-stackQL-resources/pull_requests/methods/list' + - $ref: '#/components/x-stackQL-resources/branch_rules/methods/get' + - $ref: '#/components/x-stackQL-resources/branch_rules/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/pull_requests/methods/create' + - $ref: '#/components/x-stackQL-resources/branch_rules/methods/create' update: - - $ref: '#/components/x-stackQL-resources/pull_requests/methods/patch' + - $ref: '#/components/x-stackQL-resources/branch_rules/methods/patch' replace: [] - delete: [] - pull_requests_file_diffs: - id: google.securesourcemanager.pull_requests_file_diffs - name: pull_requests_file_diffs - title: Pull_requests_file_diffs + delete: + - $ref: '#/components/x-stackQL-resources/branch_rules/methods/delete' + repositories: + id: google.securesourcemanager.repositories + name: repositories + title: Repositories methods: - list_file_diffs: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}:listFileDiffs/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.fileDiffs - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/pull_requests_file_diffs/methods/list_file_diffs - insert: [] - update: [] - replace: [] - delete: [] - pull_request_comments: - id: google.securesourcemanager.pull_request_comments - name: pull_request_comments - title: Pull_request_comments - methods: get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}~1pullRequestComments~1{pullRequestCommentsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}~1pullRequestComments~1{pullRequestCommentsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}~1pullRequestComments~1{pullRequestCommentsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories/post response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}~1pullRequestComments/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.pullRequestComments - create: + objectKey: $.repositories + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/repositories/methods/get' + - $ref: '#/components/x-stackQL-resources/repositories/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/repositories/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/repositories/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/repositories/methods/delete' + repositories_iam_policies: + id: google.securesourcemanager.repositories_iam_policies + name: repositories_iam_policies + title: Repositories_iam_policies + methods: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}~1pullRequestComments/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - batch_create: + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}~1pullRequestComments:batchCreate/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - resolve: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}~1pullRequestComments:resolve/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - unresolve: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/repositories_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/repositories_iam_policies/methods/set_iam_policy + delete: [] + repositories_tree: + id: google.securesourcemanager.repositories_tree + name: repositories_tree + title: Repositories_tree + methods: + fetch_tree: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1pullRequests~1{pullRequestsId}~1pullRequestComments:unresolve/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:fetchTree/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/pull_request_comments/methods/get' - - $ref: >- - #/components/x-stackQL-resources/pull_request_comments/methods/list - insert: - - $ref: >- - #/components/x-stackQL-resources/pull_request_comments/methods/create - - $ref: >- - #/components/x-stackQL-resources/pull_request_comments/methods/batch_create - update: - $ref: >- - #/components/x-stackQL-resources/pull_request_comments/methods/patch + #/components/x-stackQL-resources/repositories_tree/methods/fetch_tree + insert: [] + update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/pull_request_comments/methods/delete - issues: - id: google.securesourcemanager.issues - name: issues - title: Issues + delete: [] + repositories_blob: + id: google.securesourcemanager.repositories_blob + name: repositories_blob + title: Repositories_blob methods: - create: + fetch_blob: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}:fetchBlob/get response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/repositories_blob/methods/fetch_blob + insert: [] + update: [] + replace: [] + delete: [] + operations: + id: google.securesourcemanager.operations + name: operations + title: Operations + methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.issues + objectKey: $.operations get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' + insert: [] + update: [] + replace: [] delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + instances: + id: google.securesourcemanager.instances + name: instances + title: Instances + methods: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances/get response: mediaType: application/json openAPIDocKey: '200' - open: + objectKey: $.unreachable + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}:open/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances/post response: mediaType: application/json openAPIDocKey: '200' - close: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}:close/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/issues/methods/get' - - $ref: '#/components/x-stackQL-resources/issues/methods/list' + - $ref: '#/components/x-stackQL-resources/instances/methods/get' + - $ref: '#/components/x-stackQL-resources/instances/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/issues/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/issues/methods/patch' + - $ref: '#/components/x-stackQL-resources/instances/methods/create' + update: [] replace: [] delete: - - $ref: '#/components/x-stackQL-resources/issues/methods/delete' - issue_comments: - id: google.securesourcemanager.issue_comments - name: issue_comments - title: Issue_comments + - $ref: '#/components/x-stackQL-resources/instances/methods/delete' + instances_iam_policies: + id: google.securesourcemanager.instances_iam_policies + name: instances_iam_policies + title: Instances_iam_policies methods: - create: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}~1issueComments/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - list: + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}~1issueComments/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.issueComments - get: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}~1issueComments~1{issueCommentsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1instances~1{instancesId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - patch: + objectKey: $.bindings + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/instances_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/instances_iam_policies/methods/set_iam_policy + delete: [] + locations: + id: google.securesourcemanager.locations + name: locations + title: Locations + methods: + list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}~1issueComments~1{issueCommentsId}/patch + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.locations + get: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1repositories~1{repositoriesId}~1issues~1{issuesId}~1issueComments~1{issueCommentsId}/delete + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/issue_comments/methods/get' - - $ref: '#/components/x-stackQL-resources/issue_comments/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/issue_comments/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/issue_comments/methods/patch' + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' + insert: [] + update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/issue_comments/methods/delete' + delete: [] paths: - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}/pullRequestComments: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' - get: - description: Lists information about the supported locations for this service. - operationId: securesourcemanager.projects.locations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListLocationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 - get: - description: Gets information about a location. - operationId: securesourcemanager.projects.locations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Location' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:setIamPolicy: - parameters: *ref_1 + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/key' post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: securesourcemanager.projects.locations.instances.setIamPolicy + Creates a pull request comment. This function is used to create a single + PullRequestComment of type Comment, or a single PullRequestComment of + type Code that's replying to another PullRequestComment of type Code. + Use BatchCreatePullRequestComments to create multiple + PullRequestComments for code reviews. + operationId: >- + securesourcemanager.projects.locations.repositories.pullRequests.pullRequestComments.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/PullRequestComment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2585,7 +2533,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2598,17 +2546,19 @@ paths: schema: type: string - in: path - name: instancesId + name: repositoriesId + required: true + schema: + type: string + - in: path + name: pullRequestsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:getIamPolicy: - parameters: *ref_1 get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: securesourcemanager.projects.locations.instances.getIamPolicy + description: Lists pull request comments. + operationId: >- + securesourcemanager.projects.locations.repositories.pullRequests.pullRequestComments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2620,7 +2570,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListPullRequestCommentsResponse' parameters: - in: path name: projectsId @@ -2633,30 +2583,39 @@ paths: schema: type: string - in: path - name: instancesId + name: repositoriesId + required: true + schema: + type: string + - in: path + name: pullRequestsId required: true schema: type: string - in: query - name: options.requestedPolicyVersion + name: pageToken + schema: + type: string + - in: query + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:testIamPermissions: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}/pullRequestComments:resolve: parameters: *ref_1 post: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: securesourcemanager.projects.locations.instances.testIamPermissions + Resolves pull request comments. A list of PullRequestComment names must + be provided. The PullRequestComment names must be in the same + conversation thread. If auto_fill is set, all comments in the + conversation thread will be resolved. + operationId: >- + securesourcemanager.projects.locations.repositories.pullRequests.pullRequestComments.resolve requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/ResolvePullRequestCommentsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2668,7 +2627,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2681,15 +2640,31 @@ paths: schema: type: string - in: path - name: instancesId + name: repositoriesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances: + - in: path + name: pullRequestsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}/pullRequestComments:batchCreate: parameters: *ref_1 - get: - description: Lists Instances in a given project and location. - operationId: securesourcemanager.projects.locations.instances.list + post: + description: >- + Batch creates pull request comments. This function is used to create + multiple PullRequestComments for code review. There needs to be exactly + one PullRequestComment of type Review, and at most 100 + PullRequestComments of type Code per request. The Position of the code + comments must be unique within the request. + operationId: >- + securesourcemanager.projects.locations.repositories.pullRequests.pullRequestComments.batchCreate + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BatchCreatePullRequestCommentsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2701,7 +2676,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInstancesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2713,31 +2688,27 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: repositoriesId + required: true schema: type: string - - in: query - name: orderBy + - in: path + name: pullRequestsId + required: true schema: type: string - post: - description: Creates a new instance in a given project and location. - operationId: securesourcemanager.projects.locations.instances.create + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}/pullRequestComments/{pullRequestCommentsId}: + parameters: *ref_1 + patch: + description: Updates a pull request comment. + operationId: >- + securesourcemanager.projects.locations.repositories.pullRequests.pullRequestComments.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Instance' + $ref: '#/components/schemas/PullRequestComment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2761,19 +2732,30 @@ paths: required: true schema: type: string - - in: query - name: instanceId + - in: path + name: repositoriesId + required: true + schema: + type: string + - in: path + name: pullRequestsId + required: true + schema: + type: string + - in: path + name: pullRequestCommentsId + required: true schema: type: string - in: query - name: requestId + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}: - parameters: *ref_1 - get: - description: Gets details of a single instance. - operationId: securesourcemanager.projects.locations.instances.get + format: google-fieldmask + delete: + description: Deletes a pull request comment. + operationId: >- + securesourcemanager.projects.locations.repositories.pullRequests.pullRequestComments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2785,7 +2767,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Instance' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2798,13 +2780,24 @@ paths: schema: type: string - in: path - name: instancesId + name: repositoriesId required: true schema: type: string - delete: - description: Deletes a single instance. - operationId: securesourcemanager.projects.locations.instances.delete + - in: path + name: pullRequestsId + required: true + schema: + type: string + - in: path + name: pullRequestCommentsId + required: true + schema: + type: string + get: + description: Gets a pull request comment. + operationId: >- + securesourcemanager.projects.locations.repositories.pullRequests.pullRequestComments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2816,7 +2809,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/PullRequestComment' parameters: - in: path name: projectsId @@ -2829,21 +2822,35 @@ paths: schema: type: string - in: path - name: instancesId + name: repositoriesId required: true schema: type: string - - in: query - name: requestId + - in: path + name: pullRequestsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + - in: path + name: pullRequestCommentsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}/pullRequestComments:unresolve: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: securesourcemanager.projects.locations.operations.list + Unresolves pull request comments. A list of PullRequestComment names + must be provided. The PullRequestComment names must be in the same + conversation thread. If auto_fill is set, all comments in the + conversation thread will be unresolved. + operationId: >- + securesourcemanager.projects.locations.repositories.pullRequests.pullRequestComments.unresolve + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UnresolvePullRequestCommentsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2855,7 +2862,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2867,27 +2874,26 @@ paths: required: true schema: type: string - - in: query - name: filter + - in: path + name: repositoriesId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: pullRequestsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}:close: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: securesourcemanager.projects.locations.operations.get + post: + description: Closes a pull request without merging. + operationId: securesourcemanager.projects.locations.repositories.pullRequests.close + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ClosePullRequestRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2912,17 +2918,20 @@ paths: schema: type: string - in: path - name: operationsId + name: repositoriesId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: securesourcemanager.projects.locations.operations.delete + - in: path + name: pullRequestsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}: + parameters: *ref_1 + get: + description: Gets a pull request. + operationId: securesourcemanager.projects.locations.repositories.pullRequests.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2934,7 +2943,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/PullRequest' parameters: - in: path name: projectsId @@ -2947,29 +2956,23 @@ paths: schema: type: string - in: path - name: operationsId + name: repositoriesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: securesourcemanager.projects.locations.operations.cancel + - in: path + name: pullRequestsId + required: true + schema: + type: string + patch: + description: Updates a pull request. + operationId: securesourcemanager.projects.locations.repositories.pullRequests.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/PullRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2981,7 +2984,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2994,18 +2997,25 @@ paths: schema: type: string - in: path - name: operationsId + name: repositoriesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories: + - in: path + name: pullRequestsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests: parameters: *ref_1 get: - description: >- - Lists Repositories in a given project and location. The instance field - is required in the query parameter for requests using the - securesourcemanager.googleapis.com endpoint. - operationId: securesourcemanager.projects.locations.repositories.list + description: Lists pull requests in a repository. + operationId: securesourcemanager.projects.locations.repositories.pullRequests.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3017,7 +3027,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRepositoriesResponse' + $ref: '#/components/schemas/ListPullRequestsResponse' parameters: - in: path name: projectsId @@ -3029,6 +3039,11 @@ paths: required: true schema: type: string + - in: path + name: repositoriesId + required: true + schema: + type: string - in: query name: pageSize schema: @@ -3038,25 +3053,14 @@ paths: name: pageToken schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: instance - schema: - type: string post: - description: >- - Creates a new repository in a given project and location. The - Repository.Instance field is required in the request body for requests - using the securesourcemanager.googleapis.com endpoint. - operationId: securesourcemanager.projects.locations.repositories.create + description: Creates a pull request. + operationId: securesourcemanager.projects.locations.repositories.pullRequests.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Repository' + $ref: '#/components/schemas/PullRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3080,15 +3084,17 @@ paths: required: true schema: type: string - - in: query - name: repositoryId + - in: path + name: repositoriesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}:listFileDiffs: parameters: *ref_1 get: - description: Gets metadata of a repository. - operationId: securesourcemanager.projects.locations.repositories.get + description: Lists a pull request's file diffs. + operationId: >- + securesourcemanager.projects.locations.repositories.pullRequests.listFileDiffs security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3100,7 +3106,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Repository' + $ref: '#/components/schemas/ListPullRequestFileDiffsResponse' parameters: - in: path name: projectsId @@ -3117,14 +3123,30 @@ paths: required: true schema: type: string - patch: - description: Updates the metadata of a repository. - operationId: securesourcemanager.projects.locations.repositories.patch + - in: path + name: pullRequestsId + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}:merge: + parameters: *ref_1 + post: + description: Merges a pull request. + operationId: securesourcemanager.projects.locations.repositories.pullRequests.merge requestBody: content: application/json: schema: - $ref: '#/components/schemas/Repository' + $ref: '#/components/schemas/MergePullRequestRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3153,18 +3175,21 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: pullRequestsId + required: true schema: type: string - format: google-fieldmask - - in: query - name: validateOnly - schema: - type: boolean - delete: - description: Deletes a Repository. - operationId: securesourcemanager.projects.locations.repositories.delete + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}:open: + parameters: *ref_1 + post: + description: Opens a pull request. + operationId: securesourcemanager.projects.locations.repositories.pullRequests.open + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OpenPullRequestRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3193,15 +3218,16 @@ paths: required: true schema: type: string - - in: query - name: allowMissing + - in: path + name: pullRequestsId + required: true schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:getIamPolicy: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/hooks: parameters: *ref_1 get: - description: Get IAM policy for a repository. - operationId: securesourcemanager.projects.locations.repositories.getIamPolicy + description: Lists hooks in a given repository. + operationId: securesourcemanager.projects.locations.repositories.hooks.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3213,7 +3239,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListHooksResponse' parameters: - in: path name: projectsId @@ -3231,20 +3257,22 @@ paths: schema: type: string - in: query - name: options.requestedPolicyVersion + name: pageToken + schema: + type: string + - in: query + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:setIamPolicy: - parameters: *ref_1 post: - description: Set IAM policy on a repository. - operationId: securesourcemanager.projects.locations.repositories.setIamPolicy + description: Creates a new hook in a given repository. + operationId: securesourcemanager.projects.locations.repositories.hooks.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/Hook' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3256,7 +3284,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3273,18 +3301,15 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:testIamPermissions: + - in: query + name: hookId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/hooks/{hooksId}: parameters: *ref_1 - post: - description: >- - Test IAM permissions on a repository. IAM permission checks are not - required on this method. - operationId: securesourcemanager.projects.locations.repositories.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + get: + description: Gets metadata of a hook. + operationId: securesourcemanager.projects.locations.repositories.hooks.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3296,7 +3321,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Hook' parameters: - in: path name: projectsId @@ -3313,11 +3338,14 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:fetchTree: - parameters: *ref_1 - get: - description: Fetches a tree from a repository. - operationId: securesourcemanager.projects.locations.repositories.fetchTree + - in: path + name: hooksId + required: true + schema: + type: string + delete: + description: Deletes a Hook. + operationId: securesourcemanager.projects.locations.repositories.hooks.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3329,7 +3357,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchTreeResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3346,28 +3374,19 @@ paths: required: true schema: type: string - - in: query - name: ref - schema: - type: string - - in: query - name: recursive - schema: - type: boolean - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: hooksId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:fetchBlob: - parameters: *ref_1 - get: - description: Fetches a blob from a repository. - operationId: securesourcemanager.projects.locations.repositories.fetchBlob + patch: + description: Updates the metadata of a hook. + operationId: securesourcemanager.projects.locations.repositories.hooks.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Hook' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3379,7 +3398,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FetchBlobResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3396,15 +3415,21 @@ paths: required: true schema: type: string + - in: path + name: hooksId + required: true + schema: + type: string - in: query - name: sha + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/hooks: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/issues: parameters: *ref_1 get: - description: Lists hooks in a given repository. - operationId: securesourcemanager.projects.locations.repositories.hooks.list + description: Lists issues in a repository. + operationId: securesourcemanager.projects.locations.repositories.issues.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3416,7 +3441,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListHooksResponse' + $ref: '#/components/schemas/ListIssuesResponse' parameters: - in: path name: projectsId @@ -3434,22 +3459,26 @@ paths: schema: type: string - in: query - name: pageSize + name: filter schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 post: - description: Creates a new hook in a given repository. - operationId: securesourcemanager.projects.locations.repositories.hooks.create + description: Creates an issue. + operationId: securesourcemanager.projects.locations.repositories.issues.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Hook' + $ref: '#/components/schemas/Issue' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3478,15 +3507,11 @@ paths: required: true schema: type: string - - in: query - name: hookId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/hooks/{hooksId}: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/issues/{issuesId}: parameters: *ref_1 get: - description: Gets metadata of a hook. - operationId: securesourcemanager.projects.locations.repositories.hooks.get + description: Gets an issue. + operationId: securesourcemanager.projects.locations.repositories.issues.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3498,7 +3523,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Hook' + $ref: '#/components/schemas/Issue' parameters: - in: path name: projectsId @@ -3516,18 +3541,13 @@ paths: schema: type: string - in: path - name: hooksId + name: issuesId required: true schema: type: string - patch: - description: Updates the metadata of a hook. - operationId: securesourcemanager.projects.locations.repositories.hooks.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Hook' + delete: + description: Deletes an issue. + operationId: securesourcemanager.projects.locations.repositories.issues.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3557,18 +3577,22 @@ paths: schema: type: string - in: path - name: hooksId + name: issuesId required: true schema: type: string - in: query - name: updateMask + name: etag schema: type: string - format: google-fieldmask - delete: - description: Deletes a Hook. - operationId: securesourcemanager.projects.locations.repositories.hooks.delete + patch: + description: Updates a issue. + operationId: securesourcemanager.projects.locations.repositories.issues.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Issue' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3598,20 +3622,25 @@ paths: schema: type: string - in: path - name: hooksId + name: issuesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/branchRules: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/issues/{issuesId}:close: parameters: *ref_1 post: - description: CreateBranchRule creates a branch rule in a given repository. - operationId: securesourcemanager.projects.locations.repositories.branchRules.create + description: Closes an issue. + operationId: securesourcemanager.projects.locations.repositories.issues.close requestBody: content: application/json: schema: - $ref: '#/components/schemas/BranchRule' + $ref: '#/components/schemas/CloseIssueRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3640,55 +3669,21 @@ paths: required: true schema: type: string - - in: query - name: branchRuleId - schema: - type: string - get: - description: ListBranchRules lists branch rules in a given repository. - operationId: securesourcemanager.projects.locations.repositories.branchRules.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListBranchRulesResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - in: path - name: repositoriesId + name: issuesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/branchRules/{branchRulesId}: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/issues/{issuesId}:open: parameters: *ref_1 - get: - description: GetBranchRule gets a branch rule. - operationId: securesourcemanager.projects.locations.repositories.branchRules.get + post: + description: Opens an issue. + operationId: securesourcemanager.projects.locations.repositories.issues.open + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OpenIssueRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3700,7 +3695,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BranchRule' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3718,18 +3713,16 @@ paths: schema: type: string - in: path - name: branchRulesId + name: issuesId required: true schema: type: string - patch: - description: UpdateBranchRule updates a branch rule. - operationId: securesourcemanager.projects.locations.repositories.branchRules.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BranchRule' + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/issues/{issuesId}/issueComments/{issueCommentsId}: + parameters: *ref_1 + get: + description: Gets an issue comment. + operationId: >- + securesourcemanager.projects.locations.repositories.issues.issueComments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3741,7 +3734,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/IssueComment' parameters: - in: path name: projectsId @@ -3759,22 +3752,19 @@ paths: schema: type: string - in: path - name: branchRulesId + name: issuesId required: true schema: type: string - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: updateMask + - in: path + name: issueCommentsId + required: true schema: type: string - format: google-fieldmask delete: - description: DeleteBranchRule deletes a branch rule. - operationId: securesourcemanager.projects.locations.repositories.branchRules.delete + description: Deletes an issue comment. + operationId: >- + securesourcemanager.projects.locations.repositories.issues.issueComments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3804,24 +3794,24 @@ paths: schema: type: string - in: path - name: branchRulesId + name: issuesId required: true schema: type: string - - in: query - name: allowMissing + - in: path + name: issueCommentsId + required: true schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests: - parameters: *ref_1 - post: - description: Creates a pull request. - operationId: securesourcemanager.projects.locations.repositories.pullRequests.create + type: string + patch: + description: Updates an issue comment. + operationId: >- + securesourcemanager.projects.locations.repositories.issues.issueComments.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/PullRequest' + $ref: '#/components/schemas/IssueComment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3850,51 +3840,32 @@ paths: required: true schema: type: string - get: - description: Lists pull requests in a repository. - operationId: securesourcemanager.projects.locations.repositories.pullRequests.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListPullRequestsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - in: path - name: locationsId + name: issuesId required: true schema: type: string - in: path - name: repositoriesId + name: issueCommentsId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}: + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/issues/{issuesId}/issueComments: parameters: *ref_1 - get: - description: Gets a pull request. - operationId: securesourcemanager.projects.locations.repositories.pullRequests.get + post: + description: Creates an issue comment. + operationId: >- + securesourcemanager.projects.locations.repositories.issues.issueComments.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IssueComment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3906,7 +3877,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PullRequest' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3924,18 +3895,14 @@ paths: schema: type: string - in: path - name: pullRequestsId + name: issuesId required: true schema: type: string - patch: - description: Updates a pull request. - operationId: securesourcemanager.projects.locations.repositories.pullRequests.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PullRequest' + get: + description: Lists comments in an issue. + operationId: >- + securesourcemanager.projects.locations.repositories.issues.issueComments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3947,7 +3914,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListIssueCommentsResponse' parameters: - in: path name: projectsId @@ -3965,25 +3932,29 @@ paths: schema: type: string - in: path - name: pullRequestsId + name: issuesId required: true schema: type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}:merge: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/branchRules: parameters: *ref_1 post: - description: Merges a pull request. - operationId: securesourcemanager.projects.locations.repositories.pullRequests.merge + description: CreateBranchRule creates a branch rule in a given repository. + operationId: securesourcemanager.projects.locations.repositories.branchRules.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/MergePullRequestRequest' + $ref: '#/components/schemas/BranchRule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4012,21 +3983,13 @@ paths: required: true schema: type: string - - in: path - name: pullRequestsId - required: true + - in: query + name: branchRuleId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}:open: - parameters: *ref_1 - post: - description: Opens a pull request. - operationId: securesourcemanager.projects.locations.repositories.pullRequests.open - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/OpenPullRequestRequest' + get: + description: ListBranchRules lists branch rules in a given repository. + operationId: securesourcemanager.projects.locations.repositories.branchRules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4038,7 +4001,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListBranchRulesResponse' parameters: - in: path name: projectsId @@ -4055,21 +4018,25 @@ paths: required: true schema: type: string - - in: path - name: pullRequestsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}:close: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/branchRules/{branchRulesId}: parameters: *ref_1 - post: - description: Closes a pull request without merging. - operationId: securesourcemanager.projects.locations.repositories.pullRequests.close + patch: + description: UpdateBranchRule updates a branch rule. + operationId: securesourcemanager.projects.locations.repositories.branchRules.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/ClosePullRequestRequest' + $ref: '#/components/schemas/BranchRule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4099,16 +4066,22 @@ paths: schema: type: string - in: path - name: pullRequestsId + name: branchRulesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}:listFileDiffs: - parameters: *ref_1 + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: Lists a pull request's file diffs. - operationId: >- - securesourcemanager.projects.locations.repositories.pullRequests.listFileDiffs + description: GetBranchRule gets a branch rule. + operationId: securesourcemanager.projects.locations.repositories.branchRules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4120,7 +4093,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListPullRequestFileDiffsResponse' + $ref: '#/components/schemas/BranchRule' parameters: - in: path name: projectsId @@ -4138,25 +4111,13 @@ paths: schema: type: string - in: path - name: pullRequestsId + name: branchRulesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}/pullRequestComments/{pullRequestCommentsId}: - parameters: *ref_1 - get: - description: Gets a pull request comment. - operationId: >- - securesourcemanager.projects.locations.repositories.pullRequests.pullRequestComments.get + delete: + description: DeleteBranchRule deletes a branch rule. + operationId: securesourcemanager.projects.locations.repositories.branchRules.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4168,7 +4129,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PullRequestComment' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4186,24 +4147,24 @@ paths: schema: type: string - in: path - name: pullRequestsId + name: branchRulesId required: true schema: type: string - - in: path - name: pullRequestCommentsId - required: true + - in: query + name: allowMissing schema: - type: string + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}: + parameters: *ref_1 patch: - description: Updates a pull request comment. - operationId: >- - securesourcemanager.projects.locations.repositories.pullRequests.pullRequestComments.patch + description: Updates the metadata of a repository. + operationId: securesourcemanager.projects.locations.repositories.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/PullRequestComment' + $ref: '#/components/schemas/Repository' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4232,25 +4193,18 @@ paths: required: true schema: type: string - - in: path - name: pullRequestsId - required: true - schema: - type: string - - in: path - name: pullRequestCommentsId - required: true - schema: - type: string - in: query name: updateMask schema: type: string format: google-fieldmask - delete: - description: Deletes a pull request comment. - operationId: >- - securesourcemanager.projects.locations.repositories.pullRequests.pullRequestComments.delete + - in: query + name: validateOnly + schema: + type: boolean + get: + description: Gets metadata of a repository. + operationId: securesourcemanager.projects.locations.repositories.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4262,7 +4216,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Repository' parameters: - in: path name: projectsId @@ -4279,22 +4233,46 @@ paths: required: true schema: type: string + delete: + description: Deletes a Repository. + operationId: securesourcemanager.projects.locations.repositories.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: pullRequestsId + name: locationsId required: true schema: type: string - in: path - name: pullRequestCommentsId + name: repositoriesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}/pullRequestComments: + - in: query + name: allowMissing + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:getIamPolicy: parameters: *ref_1 get: - description: Lists pull request comments. - operationId: >- - securesourcemanager.projects.locations.repositories.pullRequests.pullRequestComments.list + description: Get IAM policy for a repository. + operationId: securesourcemanager.projects.locations.repositories.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4306,7 +4284,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListPullRequestCommentsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -4323,34 +4301,21 @@ paths: required: true schema: type: string - - in: path - name: pullRequestsId - required: true - schema: - type: string - in: query - name: pageSize + name: options.requestedPolicyVersion schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:setIamPolicy: + parameters: *ref_1 post: - description: >- - Creates a pull request comment. This function is used to create a single - PullRequestComment of type Comment, or a single PullRequestComment of - type Code that's replying to another PullRequestComment of type Code. - Use BatchCreatePullRequestComments to create multiple - PullRequestComments for code reviews. - operationId: >- - securesourcemanager.projects.locations.repositories.pullRequests.pullRequestComments.create + description: Set IAM policy on a repository. + operationId: securesourcemanager.projects.locations.repositories.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/PullRequestComment' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4362,7 +4327,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -4379,27 +4344,19 @@ paths: required: true schema: type: string - - in: path - name: pullRequestsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}/pullRequestComments:batchCreate: + /v1/projects/{projectsId}/locations/{locationsId}/repositories: parameters: *ref_1 post: description: >- - Batch creates pull request comments. This function is used to create - multiple PullRequestComments for code review. There needs to be exactly - one PullRequestComment of type Review, and at most 100 - PullRequestComments of type Code per request. The Position of the code - comments must be unique within the request. - operationId: >- - securesourcemanager.projects.locations.repositories.pullRequests.pullRequestComments.batchCreate + Creates a new repository in a given project and location. The + Repository.Instance field is required in the request body for requests + using the securesourcemanager.googleapis.com endpoint. + operationId: securesourcemanager.projects.locations.repositories.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/BatchCreatePullRequestCommentsRequest' + $ref: '#/components/schemas/Repository' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4423,31 +4380,68 @@ paths: required: true schema: type: string + - in: query + name: repositoryId + schema: + type: string + get: + description: >- + Lists Repositories in a given project and location. The instance field + is required in the query parameter for requests using the + securesourcemanager.googleapis.com endpoint. + operationId: securesourcemanager.projects.locations.repositories.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListRepositoriesResponse' + parameters: - in: path - name: repositoriesId + name: projectsId required: true schema: type: string - in: path - name: pullRequestsId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}/pullRequestComments:resolve: + - in: query + name: instance + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:testIamPermissions: parameters: *ref_1 post: description: >- - Resolves pull request comments. A list of PullRequestComment names must - be provided. The PullRequestComment names must be in the same - conversation thread. If auto_fill is set, all comments in the - conversation thread will be resolved. - operationId: >- - securesourcemanager.projects.locations.repositories.pullRequests.pullRequestComments.resolve + Test IAM permissions on a repository. IAM permission checks are not + required on this method. + operationId: securesourcemanager.projects.locations.repositories.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/ResolvePullRequestCommentsRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4459,7 +4453,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -4476,26 +4470,11 @@ paths: required: true schema: type: string - - in: path - name: pullRequestsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/pullRequests/{pullRequestsId}/pullRequestComments:unresolve: + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:fetchTree: parameters: *ref_1 - post: - description: >- - Unresolves pull request comments. A list of PullRequestComment names - must be provided. The PullRequestComment names must be in the same - conversation thread. If auto_fill is set, all comments in the - conversation thread will be unresolved. - operationId: >- - securesourcemanager.projects.locations.repositories.pullRequests.pullRequestComments.unresolve - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UnresolvePullRequestCommentsRequest' + get: + description: Fetches a tree from a repository. + operationId: securesourcemanager.projects.locations.repositories.fetchTree security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4507,7 +4486,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/FetchTreeResponse' parameters: - in: path name: projectsId @@ -4524,21 +4503,28 @@ paths: required: true schema: type: string - - in: path - name: pullRequestsId - required: true + - in: query + name: ref schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/issues: + - in: query + name: pageToken + schema: + type: string + - in: query + name: recursive + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}:fetchBlob: parameters: *ref_1 - post: - description: Creates an issue. - operationId: securesourcemanager.projects.locations.repositories.issues.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Issue' + get: + description: Fetches a blob from a repository. + operationId: securesourcemanager.projects.locations.repositories.fetchBlob security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4550,7 +4536,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/FetchBlobResponse' parameters: - in: path name: projectsId @@ -4567,9 +4553,17 @@ paths: required: true schema: type: string + - in: query + name: sha + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations: + parameters: *ref_1 get: - description: Lists issues in a repository. - operationId: securesourcemanager.projects.locations.repositories.issues.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: securesourcemanager.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4581,7 +4575,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListIssuesResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -4593,11 +4587,6 @@ paths: required: true schema: type: string - - in: path - name: repositoriesId - required: true - schema: - type: string - in: query name: pageSize schema: @@ -4607,15 +4596,22 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/issues/{issuesId}: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: - description: Gets an issue. - operationId: securesourcemanager.projects.locations.repositories.issues.get + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: securesourcemanager.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4627,7 +4623,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Issue' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4640,23 +4636,64 @@ paths: schema: type: string - in: path - name: repositoriesId + name: operationsId + required: true + schema: + type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: securesourcemanager.projects.locations.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: projectsId required: true schema: type: string - in: path - name: issuesId + name: locationsId required: true schema: type: string - patch: - description: Updates a issue. - operationId: securesourcemanager.projects.locations.repositories.issues.patch + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: securesourcemanager.projects.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/Issue' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4668,7 +4705,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -4681,23 +4718,15 @@ paths: schema: type: string - in: path - name: repositoriesId - required: true - schema: - type: string - - in: path - name: issuesId + name: operationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes an issue. - operationId: securesourcemanager.projects.locations.repositories.issues.delete + /v1/projects/{projectsId}/locations/{locationsId}/instances: + parameters: *ref_1 + get: + description: Lists Instances in a given project and location. + operationId: securesourcemanager.projects.locations.instances.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4709,7 +4738,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListInstancesResponse' parameters: - in: path name: projectsId @@ -4721,30 +4750,31 @@ paths: required: true schema: type: string - - in: path - name: repositoriesId - required: true + - in: query + name: orderBy schema: type: string - - in: path - name: issuesId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: etag + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/issues/{issuesId}:open: - parameters: *ref_1 post: - description: Opens an issue. - operationId: securesourcemanager.projects.locations.repositories.issues.open + description: Creates a new instance in a given project and location. + operationId: securesourcemanager.projects.locations.instances.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/OpenIssueRequest' + $ref: '#/components/schemas/Instance' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4768,26 +4798,29 @@ paths: required: true schema: type: string - - in: path - name: repositoriesId - required: true + - in: query + name: instanceId schema: type: string - - in: path - name: issuesId - required: true + - in: query + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/issues/{issuesId}:close: + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:testIamPermissions: parameters: *ref_1 post: - description: Closes an issue. - operationId: securesourcemanager.projects.locations.repositories.issues.close + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: securesourcemanager.projects.locations.instances.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/CloseIssueRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4799,7 +4832,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -4812,26 +4845,15 @@ paths: schema: type: string - in: path - name: repositoriesId - required: true - schema: - type: string - - in: path - name: issuesId + name: instancesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/issues/{issuesId}/issueComments: + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}: parameters: *ref_1 - post: - description: Creates an issue comment. - operationId: >- - securesourcemanager.projects.locations.repositories.issues.issueComments.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/IssueComment' + get: + description: Gets details of a single instance. + operationId: securesourcemanager.projects.locations.instances.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4843,7 +4865,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Instance' parameters: - in: path name: projectsId @@ -4856,19 +4878,13 @@ paths: schema: type: string - in: path - name: repositoriesId - required: true - schema: - type: string - - in: path - name: issuesId + name: instancesId required: true schema: type: string - get: - description: Lists comments in an issue. - operationId: >- - securesourcemanager.projects.locations.repositories.issues.issueComments.list + delete: + description: Deletes a single instance. + operationId: securesourcemanager.projects.locations.instances.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4880,7 +4896,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListIssueCommentsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4893,30 +4909,27 @@ paths: schema: type: string - in: path - name: repositoriesId - required: true - schema: - type: string - - in: path - name: issuesId + name: instancesId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/repositories/{repositoriesId}/issues/{issuesId}/issueComments/{issueCommentsId}: + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:setIamPolicy: parameters: *ref_1 - get: - description: Gets an issue comment. - operationId: >- - securesourcemanager.projects.locations.repositories.issues.issueComments.get + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: securesourcemanager.projects.locations.instances.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4928,7 +4941,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/IssueComment' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -4941,29 +4954,17 @@ paths: schema: type: string - in: path - name: repositoriesId - required: true - schema: - type: string - - in: path - name: issuesId - required: true - schema: - type: string - - in: path - name: issueCommentsId + name: instancesId required: true schema: type: string - patch: - description: Updates an issue comment. - operationId: >- - securesourcemanager.projects.locations.repositories.issues.issueComments.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/IssueComment' + /v1/projects/{projectsId}/locations/{locationsId}/instances/{instancesId}:getIamPolicy: + parameters: *ref_1 + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: securesourcemanager.projects.locations.instances.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4975,7 +4976,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -4988,29 +4989,20 @@ paths: schema: type: string - in: path - name: repositoriesId - required: true - schema: - type: string - - in: path - name: issuesId - required: true - schema: - type: string - - in: path - name: issueCommentsId + name: instancesId required: true schema: type: string - in: query - name: updateMask + name: options.requestedPolicyVersion schema: - type: string - format: google-fieldmask - delete: - description: Deletes an issue comment. - operationId: >- - securesourcemanager.projects.locations.repositories.issues.issueComments.delete + type: integer + format: int32 + /v1/projects/{projectsId}/locations: + parameters: *ref_1 + get: + description: Lists information about the supported locations for this service. + operationId: securesourcemanager.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5022,30 +5014,55 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: filter schema: type: string - - in: path - name: repositoriesId - required: true + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: extraLocationTypes schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}: + parameters: *ref_1 + get: + description: Gets information about a location. + operationId: securesourcemanager.projects.locations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Location' + parameters: - in: path - name: issuesId + name: projectsId required: true schema: type: string - in: path - name: issueCommentsId + name: locationsId required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/securitycenter.yaml b/providers/src/googleapis.com/v00.00.00000/services/securitycenter.yaml index 1cd73e24..9b564e03 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/securitycenter.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/securitycenter.yaml @@ -9,8 +9,8 @@ info: Security Command Center API provides access to temporal views of assets and findings within an organization. version: v1 - x-discovery-doc-revision: '20250822' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251205' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/security-command-center servers: @@ -36,8028 +36,112 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object - properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object + SetIamPolicyRequest: + description: Request message for `SetIamPolicy` method. properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + updateMask: type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + format: google-fieldmask description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + policy: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - BulkMuteFindingsRequest: - id: BulkMuteFindingsRequest - description: >- - Request message for bulk findings update. Note: 1. If multiple bulk - update requests match the same resource, the order in which they get - executed is not defined. 2. Once a bulk operation is started, there is - no way to stop it. + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' + id: SetIamPolicyRequest type: object - properties: - filter: - description: >- - Expression that identifies findings that should be updated. The - expression is a list of zero or more restrictions combined via - logical operators `AND` and `OR`. Parentheses are supported, and - `OR` has higher precedence than `AND`. Restrictions have the form ` - ` and may have a `-` character in front of them to indicate - negation. The fields map to those defined in the corresponding - resource. The supported operators are: * `=` for all value types. * - `>`, `<`, `>=`, `<=` for integer values. * `:`, meaning substring - matching, for strings. The supported value types are: * string - literals in quotes. * integer literals without quotes. * boolean - literals `true` and `false` without quotes. - type: string - muteAnnotation: - description: >- - This can be a mute configuration name or any identifier for - mute/unmute of findings based on the filter. - deprecated: true - type: string - muteState: - description: >- - Optional. All findings matching the given filter will have their - mute state set to this value. The default value is `MUTED`. Setting - this to `UNDEFINED` will clear the mute state on all matching - findings. - type: string - enumDescriptions: - - Unused. - - Matching findings will be muted (default). - - Matching findings will have their mute state cleared. - enum: - - MUTE_STATE_UNSPECIFIED - - MUTED - - UNDEFINED - GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule: - id: GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule + MitreAttack: description: >- - Represents an instance of a Security Health Analytics custom module, - including its full module name, display name, enablement state, and last - updated time. You can create a custom module at the organization, - folder, or project level. Custom modules that you create at the - organization or folder level are inherited by the child folders and - projects. - type: object + MITRE ATT&CK tactics and techniques related to this finding. See: + https://attack.mitre.org + id: MitreAttack properties: - name: - description: >- - Immutable. The resource name of the custom module. Its format is - "organizations/{organization}/securityHealthAnalyticsSettings/customModules/{customModule}", - or - "folders/{folder}/securityHealthAnalyticsSettings/customModules/{customModule}", - or - "projects/{project}/securityHealthAnalyticsSettings/customModules/{customModule}" - The id {customModule} is server-generated and is not user settable. - It will be a numeric id containing 1-20 digits. - type: string - displayName: - description: >- - The display name of the Security Health Analytics custom module. - This display name becomes the finding category for all findings that - are returned by this custom module. The display name must be between - 1 and 128 characters, start with a lowercase letter, and contain - alphanumeric characters or underscores only. - type: string - enablementState: - description: The enablement state of the custom module. - type: string + primaryTactic: enumDescriptions: - - Unspecified enablement state. - - The module is enabled at the given CRM resource. - - The module is disabled at the given CRM resource. - - >- - State is inherited from an ancestor module. The module will either - be effectively ENABLED or DISABLED based on its closest - non-inherited ancestor module in the CRM hierarchy. + - Unspecified value. + - TA0043 + - TA0042 + - TA0001 + - TA0002 + - TA0003 + - TA0004 + - TA0005 + - TA0006 + - TA0007 + - TA0008 + - TA0009 + - TA0011 + - TA0010 + - TA0040 enum: - - ENABLEMENT_STATE_UNSPECIFIED - - ENABLED - - DISABLED - - INHERITED - updateTime: - description: Output only. The time at which the custom module was last updated. - readOnly: true - type: string - format: google-datetime - lastEditor: - description: Output only. The editor that last updated the custom module. - readOnly: true + - TACTIC_UNSPECIFIED + - RECONNAISSANCE + - RESOURCE_DEVELOPMENT + - INITIAL_ACCESS + - EXECUTION + - PERSISTENCE + - PRIVILEGE_ESCALATION + - DEFENSE_EVASION + - CREDENTIAL_ACCESS + - DISCOVERY + - LATERAL_MOVEMENT + - COLLECTION + - COMMAND_AND_CONTROL + - EXFILTRATION + - IMPACT type: string - ancestorModule: description: >- - Output only. If empty, indicates that the custom module was created - in the organization, folder, or project in which you are viewing the - custom module. Otherwise, `ancestor_module` specifies the - organization or folder from which the custom module is inherited. - readOnly: true - type: string - customConfig: - description: The user specified custom configuration for the module. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1CustomConfig' - cloudProvider: - description: The cloud provider of the custom module. - type: string - enumDescriptions: - - Unspecified cloud provider. - - Google Cloud. - - Amazon Web Services (AWS). - - Microsoft Azure. - enum: - - CLOUD_PROVIDER_UNSPECIFIED - - GOOGLE_CLOUD_PLATFORM - - AMAZON_WEB_SERVICES - - MICROSOFT_AZURE - GoogleCloudSecuritycenterV1CustomConfig: - id: GoogleCloudSecuritycenterV1CustomConfig - description: >- - Defines the properties in a custom module configuration for Security - Health Analytics. Use the custom module configuration to create custom - detectors that generate custom findings for resources that you specify. - type: object - properties: - predicate: - description: >- - The CEL expression to evaluate to produce findings. When the - expression evaluates to true against a resource, a finding is - generated. - $ref: '#/components/schemas/Expr' - customOutput: - description: Custom output properties. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1CustomOutputSpec' - resourceSelector: - description: >- - The resource types that the custom module operates on. Each custom - module can specify up to 5 resource types. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ResourceSelector' - severity: - description: The severity to assign to findings generated by the module. - type: string - enumDescriptions: - - Unspecified severity. - - Critical severity. - - High severity. - - Medium severity. - - Low severity. - enum: - - SEVERITY_UNSPECIFIED - - CRITICAL - - HIGH - - MEDIUM - - LOW - description: - description: >- - Text that describes the vulnerability or misconfiguration that the - custom module detects. This explanation is returned with each - finding instance to help investigators understand the detected - issue. The text must be enclosed in quotation marks. - type: string - recommendation: - description: >- - An explanation of the recommended steps that security teams can take - to resolve the detected issue. This explanation is returned with - each finding generated by this module in the `nextSteps` property of - the finding JSON. - type: string - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - type: object - properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string - title: - description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. - type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: - description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - GoogleCloudSecuritycenterV1CustomOutputSpec: - id: GoogleCloudSecuritycenterV1CustomOutputSpec - description: >- - A set of optional name-value pairs that define custom source properties - to return with each finding that is generated by the custom module. The - custom source properties that are defined here are included in the - finding JSON under `sourceProperties`. - type: object - properties: - properties: - description: A list of custom output properties to add to the finding. - type: array + The MITRE ATT&CK tactic most closely represented by this finding, if + any. + additionalTactics: items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1Property' - GoogleCloudSecuritycenterV1Property: - id: GoogleCloudSecuritycenterV1Property - description: An individual name-value pair that defines a custom source property. - type: object - properties: - name: - description: Name of the property for the custom output. - type: string - valueExpression: - description: >- - The CEL expression for the custom output. A resource property can be - specified to return the value of the property or a text string - enclosed in quotation marks. - $ref: '#/components/schemas/Expr' - GoogleCloudSecuritycenterV1ResourceSelector: - id: GoogleCloudSecuritycenterV1ResourceSelector - description: Resource for selecting resource type. - type: object - properties: - resourceTypes: - description: The resource types to run the detector on. + type: string + enum: + - TACTIC_UNSPECIFIED + - RECONNAISSANCE + - RESOURCE_DEVELOPMENT + - INITIAL_ACCESS + - EXECUTION + - PERSISTENCE + - PRIVILEGE_ESCALATION + - DEFENSE_EVASION + - CREDENTIAL_ACCESS + - DISCOVERY + - LATERAL_MOVEMENT + - COLLECTION + - COMMAND_AND_CONTROL + - EXFILTRATION + - IMPACT + enumDescriptions: + - Unspecified value. + - TA0043 + - TA0042 + - TA0001 + - TA0002 + - TA0003 + - TA0004 + - TA0005 + - TA0006 + - TA0007 + - TA0008 + - TA0009 + - TA0011 + - TA0010 + - TA0040 + description: Additional MITRE ATT&CK tactics related to this finding, if any. type: array + version: + description: The MITRE ATT&CK version referenced by the above fields. E.g. "8". + type: string + additionalTechniques: items: type: string - Source: - id: Source - description: >- - Security Command Center finding source. A finding source is an entity or - a mechanism that can produce a finding. A source is like a container of - findings that come from the same scanner, logger, monitor, and other - tools. - type: object - properties: - name: - description: >- - The relative resource name of this source. See: - https://cloud.google.com/apis/design/resource_names#relative_resource_name - Example: "organizations/{organization_id}/sources/{source_id}" - type: string - displayName: - description: >- - The source's display name. A source's display name must be unique - amongst its siblings, for example, two sources with the same parent - can't share the same display name. The display name must have a - length between 1 and 64 characters (inclusive). - type: string - description: - description: >- - The description of the source (max of 1024 characters). Example: - "Web Security Scanner is a web security scanner for common - vulnerabilities in App Engine applications. It can automatically - scan and detect four common vulnerabilities, including - cross-site-scripting (XSS), Flash injection, mixed content (HTTP in - HTTPS), and outdated or insecure libraries." - type: string - canonicalName: - description: >- - The canonical name of the finding source. It's either - "organizations/{organization_id}/sources/{source_id}", - "folders/{folder_id}/sources/{source_id}", or - "projects/{project_number}/sources/{source_id}", depending on the - closest CRM ancestor of the resource associated with the finding. - type: string - Finding: - id: Finding - description: >- - Security Command Center finding. A finding is a record of assessment - data like security, risk, health, or privacy, that is ingested into - Security Command Center for presentation, notification, analysis, policy - testing, and enforcement. For example, a cross-site scripting (XSS) - vulnerability in an App Engine application is a finding. - type: object - properties: - name: - description: >- - The [relative resource - name](https://cloud.google.com/apis/design/resource_names#relative_resource_name) - of the finding. Example: - "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", - "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", - "projects/{project_id}/sources/{source_id}/findings/{finding_id}". - type: string - parent: - description: >- - The relative resource name of the source the finding belongs to. - See: - https://cloud.google.com/apis/design/resource_names#relative_resource_name - This field is immutable after creation time. For example: - "organizations/{organization_id}/sources/{source_id}" - type: string - resourceName: - description: >- - For findings on Google Cloud resources, the full resource name of - the Google Cloud resource this finding is for. See: - https://cloud.google.com/apis/design/resource_names#full_resource_name - When the finding is for a non-Google Cloud resource, the - resourceName can be a customer or partner defined string. This field - is immutable after creation time. - type: string - state: - description: The state of the finding. - type: string - enumDescriptions: - - Unspecified state. - - The finding requires attention and has not been addressed yet. - - >- - The finding has been fixed, triaged as a non-issue or otherwise - addressed and is no longer active. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - INACTIVE - category: - description: >- - The additional taxonomy group within findings from a given source. - This field is immutable after creation time. Example: - "XSS_FLASH_INJECTION" - type: string - externalUri: - description: >- - The URI that, if available, points to a web page outside of Security - Command Center where additional information about the finding can be - found. This field is guaranteed to be either empty or a well formed - URL. - type: string - sourceProperties: - description: >- - Source specific properties. These properties are managed by the - source that writes the finding. The key names in the - source_properties map must be between 1 and 255 characters, and must - start with a letter and contain alphanumeric characters or - underscores only. - type: object - additionalProperties: - type: any - securityMarks: - description: >- - Output only. User specified security marks. These marks are entirely - managed by the user and come from the SecurityMarks resource that - belongs to the finding. - readOnly: true - $ref: '#/components/schemas/SecurityMarks' - eventTime: - description: >- - The time the finding was first detected. If an existing finding is - updated, then this is the time the update occurred. For example, if - the finding represents an open firewall, this property captures the - time the detector believes the firewall became open. The accuracy is - determined by the detector. If the finding is later resolved, then - this time reflects when the finding was resolved. This must not be - set to a value greater than the current timestamp. - type: string - format: google-datetime - createTime: - description: >- - The time at which the finding was created in Security Command - Center. - type: string - format: google-datetime - severity: - description: >- - The severity of the finding. This field is managed by the source - that writes the finding. - type: string - enumDescriptions: - - >- - This value is used for findings when a source doesn't write a - severity value. - - >- - Vulnerability: A critical vulnerability is easily discoverable by - an external actor, exploitable, and results in the direct ability - to execute arbitrary code, exfiltrate data, and otherwise gain - additional access and privileges to cloud resources and workloads. - Examples include publicly accessible unprotected user data and - public SSH access with weak or no passwords. Threat: Indicates a - threat that is able to access, modify, or delete data or execute - unauthorized code within existing resources. - - >- - Vulnerability: A high risk vulnerability can be easily discovered - and exploited in combination with other vulnerabilities in order - to gain direct access and the ability to execute arbitrary code, - exfiltrate data, and otherwise gain additional access and - privileges to cloud resources and workloads. An example is a - database with weak or no passwords that is only accessible - internally. This database could easily be compromised by an actor - that had access to the internal network. Threat: Indicates a - threat that is able to create new computational resources in an - environment but not able to access data or execute code in - existing resources. - - >- - Vulnerability: A medium risk vulnerability could be used by an - actor to gain access to resources or privileges that enable them - to eventually (through multiple steps or a complex exploit) gain - access and the ability to execute arbitrary code or exfiltrate - data. An example is a service account with access to more projects - than it should have. If an actor gains access to the service - account, they could potentially use that access to manipulate a - project the service account was not intended to. Threat: Indicates - a threat that is able to cause operational impact but may not - access data or execute unauthorized code. - - >- - Vulnerability: A low risk vulnerability hampers a security - organization's ability to detect vulnerabilities or active threats - in their deployment, or prevents the root cause investigation of - security issues. An example is monitoring and logs being disabled - for resource configurations and access. Threat: Indicates a threat - that has obtained minimal access to an environment but is not able - to access data, execute code, or create resources. - enum: - - SEVERITY_UNSPECIFIED - - CRITICAL - - HIGH - - MEDIUM - - LOW - canonicalName: - description: >- - The canonical name of the finding. It's either - "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", - "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or - "projects/{project_number}/sources/{source_id}/findings/{finding_id}", - depending on the closest CRM ancestor of the resource associated - with the finding. - type: string - mute: - description: >- - Indicates the mute state of a finding (either muted, unmuted or - undefined). Unlike other attributes of a finding, a finding provider - shouldn't set the value of mute. - type: string - enumDescriptions: - - Unspecified. - - Finding has been muted. - - Finding has been unmuted. - - Finding has never been muted/unmuted. - enum: - - MUTE_UNSPECIFIED - - MUTED - - UNMUTED - - UNDEFINED - findingClass: - description: The class of the finding. - type: string - enumDescriptions: - - Unspecified finding class. - - Describes unwanted or malicious activity. - - >- - Describes a potential weakness in software that increases risk to - Confidentiality & Integrity & Availability. - - >- - Describes a potential weakness in cloud resource/asset - configuration that increases risk. - - >- - Describes a security observation that is for informational - purposes. - - Describes an error that prevents some SCC functionality. - - >- - Describes a potential security risk due to a change in the - security posture. - - >- - Describes a group of security issues that, when the issues occur - together, represent a greater risk than when the issues occur - independently. A group of such issues is referred to as a toxic - combination. - - >- - Describes a potential security risk to data assets that contain - sensitive data. - - >- - Describes a resource or resource group where high risk attack - paths converge, based on attack path simulations (APS). - enum: - - FINDING_CLASS_UNSPECIFIED - - THREAT - - VULNERABILITY - - MISCONFIGURATION - - OBSERVATION - - SCC_ERROR - - POSTURE_VIOLATION - - TOXIC_COMBINATION - - SENSITIVE_DATA_RISK - - CHOKEPOINT - indicator: - description: >- - Represents what's commonly known as an *indicator of compromise* - (IoC) in computer forensics. This is an artifact observed on a - network or in an operating system that, with high confidence, - indicates a computer intrusion. For more information, see [Indicator - of - compromise](https://en.wikipedia.org/wiki/Indicator_of_compromise). - $ref: '#/components/schemas/Indicator' - vulnerability: - description: >- - Represents vulnerability-specific fields like CVE and CVSS scores. - CVE stands for Common Vulnerabilities and Exposures - (https://cve.mitre.org/about/) - $ref: '#/components/schemas/Vulnerability' - muteUpdateTime: - description: Output only. The most recent time this finding was muted or unmuted. - readOnly: true - type: string - format: google-datetime - externalSystems: - description: >- - Output only. Third party SIEM/SOAR fields within SCC, contains - external system information and external system finding fields. - readOnly: true - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ExternalSystem' - mitreAttack: - description: >- - MITRE ATT&CK tactics and techniques related to this finding. See: - https://attack.mitre.org - $ref: '#/components/schemas/MitreAttack' - access: - description: >- - Access details associated with the finding, such as more information - on the caller, which method was accessed, and from where. - $ref: '#/components/schemas/Access' - connections: - description: >- - Contains information about the IP connection associated with the - finding. - type: array - items: - $ref: '#/components/schemas/Connection' - muteInitiator: - description: >- - Records additional information about the mute operation, for - example, the [mute - configuration](/security-command-center/docs/how-to-mute-findings) - that muted the finding and the user who muted the finding. - type: string - muteInfo: - description: Output only. The mute information regarding this finding. - readOnly: true - $ref: '#/components/schemas/MuteInfo' - processes: - description: Represents operating system processes associated with the Finding. - type: array - items: - $ref: '#/components/schemas/Process' - contacts: - description: >- - Output only. Map containing the points of contact for the given - finding. The key represents the type of contact, while the value - contains a list of all the contacts that pertain. Please refer to: - https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories - { "security": { "contacts": [ { "email": "person1@company.com" }, { - "email": "person2@company.com" } ] } } - readOnly: true - type: object - additionalProperties: - $ref: '#/components/schemas/ContactDetails' - compliances: - description: >- - Contains compliance information for security standards associated to - the finding. - type: array - items: - $ref: '#/components/schemas/Compliance' - parentDisplayName: - description: >- - Output only. The human readable display name of the finding source - such as "Event Threat Detection" or "Security Health Analytics". - readOnly: true - type: string - description: - description: Contains more details about the finding. - type: string - exfiltration: - description: Represents exfiltrations associated with the finding. - $ref: '#/components/schemas/Exfiltration' - iamBindings: - description: Represents IAM bindings associated with the finding. - type: array - items: - $ref: '#/components/schemas/IamBinding' - nextSteps: - description: Steps to address the finding. - type: string - moduleName: - description: >- - Unique identifier of the module which generated the finding. - Example: - folders/598186756061/securityHealthAnalyticsSettings/customModules/56799441161885 - type: string - containers: - description: >- - Containers associated with the finding. This field provides - information for both Kubernetes and non-Kubernetes containers. - type: array - items: - $ref: '#/components/schemas/Container' - kubernetes: - description: Kubernetes resources associated with the finding. - $ref: '#/components/schemas/Kubernetes' - database: - description: Database associated with the finding. - $ref: '#/components/schemas/Database' - attackExposure: - description: The results of an attack path simulation relevant to this finding. - $ref: '#/components/schemas/AttackExposure' - files: - description: File associated with the finding. - type: array - items: - $ref: '#/components/schemas/File' - cloudDlpInspection: - description: >- - Cloud Data Loss Prevention (Cloud DLP) inspection results that are - associated with the finding. - $ref: '#/components/schemas/CloudDlpInspection' - cloudDlpDataProfile: - description: Cloud DLP data profile that is associated with the finding. - $ref: '#/components/schemas/CloudDlpDataProfile' - kernelRootkit: - description: Signature of the kernel rootkit. - $ref: '#/components/schemas/KernelRootkit' - orgPolicies: - description: >- - Contains information about the org policies associated with the - finding. - type: array - items: - $ref: '#/components/schemas/OrgPolicy' - job: - description: Job associated with the finding. - $ref: '#/components/schemas/Job' - application: - description: Represents an application associated with the finding. - $ref: '#/components/schemas/Application' - ipRules: - description: IP rules associated with the finding. - $ref: '#/components/schemas/IpRules' - backupDisasterRecovery: - description: Fields related to Backup and DR findings. - $ref: '#/components/schemas/BackupDisasterRecovery' - securityPosture: - description: The security posture associated with the finding. - $ref: '#/components/schemas/SecurityPosture' - logEntries: - description: Log entries that are relevant to the finding. - type: array - items: - $ref: '#/components/schemas/LogEntry' - loadBalancers: - description: The load balancers associated with the finding. - type: array - items: - $ref: '#/components/schemas/LoadBalancer' - cloudArmor: - description: Fields related to Cloud Armor findings. - $ref: '#/components/schemas/CloudArmor' - notebook: - description: Notebook associated with the finding. - $ref: '#/components/schemas/Notebook' - toxicCombination: - description: >- - Contains details about a group of security issues that, when the - issues occur together, represent a greater risk than when the issues - occur independently. A group of such issues is referred to as a - toxic combination. This field cannot be updated. Its value is - ignored in all update requests. - $ref: '#/components/schemas/ToxicCombination' - groupMemberships: - description: >- - Contains details about groups of which this finding is a member. A - group is a collection of findings that are related in some way. This - field cannot be updated. Its value is ignored in all update - requests. - type: array - items: - $ref: '#/components/schemas/GroupMembership' - disk: - description: Disk associated with the finding. - $ref: '#/components/schemas/Disk' - dataAccessEvents: - description: Data access events associated with the finding. - type: array - items: - $ref: '#/components/schemas/DataAccessEvent' - dataFlowEvents: - description: Data flow events associated with the finding. - type: array - items: - $ref: '#/components/schemas/DataFlowEvent' - networks: - description: Represents the VPC networks that the resource is attached to. - type: array - items: - $ref: '#/components/schemas/Network' - dataRetentionDeletionEvents: - description: Data retention deletion events associated with the finding. - type: array - items: - $ref: '#/components/schemas/DataRetentionDeletionEvent' - affectedResources: - description: AffectedResources associated with the finding. - $ref: '#/components/schemas/AffectedResources' - aiModel: - description: The AI model associated with the finding. - $ref: '#/components/schemas/AiModel' - chokepoint: - description: >- - Contains details about a chokepoint, which is a resource or resource - group where high-risk attack paths converge, based on [attack path - simulations] - (https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_path_simulations). - This field cannot be updated. Its value is ignored in all update - requests. - $ref: '#/components/schemas/Chokepoint' - complianceDetails: - description: Details about the compliance implications of the finding. - $ref: '#/components/schemas/ComplianceDetails' - vertexAi: - description: VertexAi associated with the finding. - $ref: '#/components/schemas/VertexAi' - SecurityMarks: - id: SecurityMarks - description: >- - User specified security marks that are attached to the parent Security - Command Center resource. Security marks are scoped within a Security - Command Center organization -- they can be modified and viewed by all - users who have proper permissions on the organization. - type: object - properties: - name: - description: >- - The relative resource name of the SecurityMarks. See: - https://cloud.google.com/apis/design/resource_names#relative_resource_name - Examples: - "organizations/{organization_id}/assets/{asset_id}/securityMarks" - "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks". - type: string - marks: - description: >- - Mutable user specified security marks belonging to the parent - resource. Constraints are as follows: * Keys and values are treated - as case insensitive * Keys must be between 1 - 256 characters - (inclusive) * Keys must be letters, numbers, underscores, or dashes - * Values have leading and trailing whitespace trimmed, remaining - characters must be between 1 - 4096 characters (inclusive) - type: object - additionalProperties: - type: string - canonicalName: - description: >- - The canonical name of the marks. Examples: - "organizations/{organization_id}/assets/{asset_id}/securityMarks" - "folders/{folder_id}/assets/{asset_id}/securityMarks" - "projects/{project_number}/assets/{asset_id}/securityMarks" - "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks" - "folders/{folder_id}/sources/{source_id}/findings/{finding_id}/securityMarks" - "projects/{project_number}/sources/{source_id}/findings/{finding_id}/securityMarks" - type: string - Indicator: - id: Indicator - description: >- - Represents what's commonly known as an _indicator of compromise_ (IoC) - in computer forensics. This is an artifact observed on a network or in - an operating system that, with high confidence, indicates a computer - intrusion. For more information, see [Indicator of - compromise](https://en.wikipedia.org/wiki/Indicator_of_compromise). - type: object - properties: - ipAddresses: - description: The list of IP addresses that are associated with the finding. - type: array - items: - type: string - domains: - description: List of domains associated to the Finding. - type: array - items: - type: string - signatures: - description: >- - The list of matched signatures indicating that the given process is - present in the environment. - type: array - items: - $ref: '#/components/schemas/ProcessSignature' - uris: - description: The list of URIs associated to the Findings. - type: array - items: - type: string - ProcessSignature: - id: ProcessSignature - description: Indicates what signature matched this process. - type: object - properties: - memoryHashSignature: - description: Signature indicating that a binary family was matched. - $ref: '#/components/schemas/MemoryHashSignature' - yaraRuleSignature: - description: Signature indicating that a YARA rule was matched. - $ref: '#/components/schemas/YaraRuleSignature' - signatureType: - description: Describes the type of resource associated with the signature. - type: string - enumDescriptions: - - The default signature type. - - Used for signatures concerning processes. - - Used for signatures concerning disks. - enum: - - SIGNATURE_TYPE_UNSPECIFIED - - SIGNATURE_TYPE_PROCESS - - SIGNATURE_TYPE_FILE - MemoryHashSignature: - id: MemoryHashSignature - description: A signature corresponding to memory page hashes. - type: object - properties: - binaryFamily: - description: The binary family. - type: string - detections: - description: >- - The list of memory hash detections contributing to the binary family - match. - type: array - items: - $ref: '#/components/schemas/Detection' - Detection: - id: Detection - description: Memory hash detection contributing to the binary family match. - type: object - properties: - binary: - description: >- - The name of the binary associated with the memory hash signature - detection. - type: string - percentPagesMatched: - description: >- - The percentage of memory page hashes in the signature that were - matched. - type: number - format: double - YaraRuleSignature: - id: YaraRuleSignature - description: A signature corresponding to a YARA rule. - type: object - properties: - yaraRule: - description: The name of the YARA rule. - type: string - Vulnerability: - id: Vulnerability - description: Refers to common vulnerability fields e.g. cve, cvss, cwe etc. - type: object - properties: - cve: - description: >- - CVE stands for Common Vulnerabilities and Exposures - (https://cve.mitre.org/about/) - $ref: '#/components/schemas/Cve' - offendingPackage: - description: The offending package is relevant to the finding. - $ref: '#/components/schemas/Package' - fixedPackage: - description: The fixed package is relevant to the finding. - $ref: '#/components/schemas/Package' - securityBulletin: - description: The security bulletin is relevant to this finding. - $ref: '#/components/schemas/SecurityBulletin' - providerRiskScore: - description: >- - Provider provided risk_score based on multiple factors. The higher - the risk score, the more risky the vulnerability is. - type: string - format: int64 - reachable: - description: >- - Represents whether the vulnerability is reachable (detected via - static analysis) - type: boolean - cwes: - description: >- - Represents one or more Common Weakness Enumeration (CWE) information - on this vulnerability. - type: array - items: - $ref: '#/components/schemas/Cwe' - Cve: - id: Cve - description: >- - CVE stands for Common Vulnerabilities and Exposures. Information from - the [CVE record](https://www.cve.org/ResourcesSupport/Glossary) that - describes this vulnerability. - type: object - properties: - id: - description: The unique identifier for the vulnerability. e.g. CVE-2021-34527 - type: string - references: - description: >- - Additional information about the CVE. e.g. - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527 - type: array - items: - $ref: '#/components/schemas/Reference' - cvssv3: - description: >- - Describe Common Vulnerability Scoring System specified at - https://www.first.org/cvss/v3.1/specification-document - $ref: '#/components/schemas/Cvssv3' - upstreamFixAvailable: - description: Whether upstream fix is available for the CVE. - type: boolean - impact: - description: The potential impact of the vulnerability if it was to be exploited. - type: string - enumDescriptions: - - Invalid or empty value. - - Exploitation would have little to no security impact. - - >- - Exploitation would enable attackers to perform activities, or - could allow attackers to have a direct impact, but would require - additional steps. - - >- - Exploitation would enable attackers to have a notable direct - impact without needing to overcome any major mitigating factors. - - >- - Exploitation would fundamentally undermine the security of - affected systems, enable actors to perform significant attacks - with minimal effort, with little to no mitigating factors to - overcome. - enum: - - RISK_RATING_UNSPECIFIED - - LOW - - MEDIUM - - HIGH - - CRITICAL - exploitationActivity: - description: The exploitation activity of the vulnerability in the wild. - type: string - enumDescriptions: - - Invalid or empty value. - - Exploitation has been reported or confirmed to widely occur. - - Limited reported or confirmed exploitation activities. - - Exploit is publicly available. - - >- - No known exploitation activity, but has a high potential for - exploitation. - - No known exploitation activity. - enum: - - EXPLOITATION_ACTIVITY_UNSPECIFIED - - WIDE - - CONFIRMED - - AVAILABLE - - ANTICIPATED - - NO_KNOWN - observedInTheWild: - description: Whether or not the vulnerability has been observed in the wild. - type: boolean - zeroDay: - description: >- - Whether or not the vulnerability was zero day when the finding was - published. - type: boolean - exploitReleaseDate: - description: Date the first publicly available exploit or PoC was released. - type: string - format: google-datetime - firstExploitationDate: - description: Date of the earliest known exploitation. - type: string - format: google-datetime - Reference: - id: Reference - description: Additional Links - type: object - properties: - source: - description: Source of the reference e.g. NVD - type: string - uri: - description: >- - Uri for the mentioned source e.g. - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527. - type: string - Cvssv3: - id: Cvssv3 - description: Common Vulnerability Scoring System version 3. - type: object - properties: - baseScore: - description: The base score is a function of the base metric scores. - type: number - format: double - attackVector: - description: >- - Base Metrics Represents the intrinsic characteristics of a - vulnerability that are constant over time and across user - environments. This metric reflects the context by which - vulnerability exploitation is possible. - type: string - enumDescriptions: - - Invalid value. - - >- - The vulnerable component is bound to the network stack and the set - of possible attackers extends beyond the other options listed - below, up to and including the entire Internet. - - >- - The vulnerable component is bound to the network stack, but the - attack is limited at the protocol level to a logically adjacent - topology. - - >- - The vulnerable component is not bound to the network stack and the - attacker's path is via read/write/execute capabilities. - - >- - The attack requires the attacker to physically touch or manipulate - the vulnerable component. - enum: - - ATTACK_VECTOR_UNSPECIFIED - - ATTACK_VECTOR_NETWORK - - ATTACK_VECTOR_ADJACENT - - ATTACK_VECTOR_LOCAL - - ATTACK_VECTOR_PHYSICAL - attackComplexity: - description: >- - This metric describes the conditions beyond the attacker's control - that must exist in order to exploit the vulnerability. - type: string - enumDescriptions: - - Invalid value. - - >- - Specialized access conditions or extenuating circumstances do not - exist. An attacker can expect repeatable success when attacking - the vulnerable component. - - >- - A successful attack depends on conditions beyond the attacker's - control. That is, a successful attack cannot be accomplished at - will, but requires the attacker to invest in some measurable - amount of effort in preparation or execution against the - vulnerable component before a successful attack can be expected. - enum: - - ATTACK_COMPLEXITY_UNSPECIFIED - - ATTACK_COMPLEXITY_LOW - - ATTACK_COMPLEXITY_HIGH - privilegesRequired: - description: >- - This metric describes the level of privileges an attacker must - possess before successfully exploiting the vulnerability. - type: string - enumDescriptions: - - Invalid value. - - >- - The attacker is unauthorized prior to attack, and therefore does - not require any access to settings or files of the vulnerable - system to carry out an attack. - - >- - The attacker requires privileges that provide basic user - capabilities that could normally affect only settings and files - owned by a user. Alternatively, an attacker with Low privileges - has the ability to access only non-sensitive resources. - - >- - The attacker requires privileges that provide significant (e.g., - administrative) control over the vulnerable component allowing - access to component-wide settings and files. - enum: - - PRIVILEGES_REQUIRED_UNSPECIFIED - - PRIVILEGES_REQUIRED_NONE - - PRIVILEGES_REQUIRED_LOW - - PRIVILEGES_REQUIRED_HIGH - userInteraction: - description: >- - This metric captures the requirement for a human user, other than - the attacker, to participate in the successful compromise of the - vulnerable component. - type: string - enumDescriptions: - - Invalid value. - - >- - The vulnerable system can be exploited without interaction from - any user. - - >- - Successful exploitation of this vulnerability requires a user to - take some action before the vulnerability can be exploited. - enum: - - USER_INTERACTION_UNSPECIFIED - - USER_INTERACTION_NONE - - USER_INTERACTION_REQUIRED - scope: - description: >- - The Scope metric captures whether a vulnerability in one vulnerable - component impacts resources in components beyond its security scope. - type: string - enumDescriptions: - - Invalid value. - - >- - An exploited vulnerability can only affect resources managed by - the same security authority. - - >- - An exploited vulnerability can affect resources beyond the - security scope managed by the security authority of the vulnerable - component. - enum: - - SCOPE_UNSPECIFIED - - SCOPE_UNCHANGED - - SCOPE_CHANGED - confidentialityImpact: - description: >- - This metric measures the impact to the confidentiality of the - information resources managed by a software component due to a - successfully exploited vulnerability. - type: string - enumDescriptions: - - Invalid value. - - High impact. - - Low impact. - - No impact. - enum: - - IMPACT_UNSPECIFIED - - IMPACT_HIGH - - IMPACT_LOW - - IMPACT_NONE - integrityImpact: - description: >- - This metric measures the impact to integrity of a successfully - exploited vulnerability. - type: string - enumDescriptions: - - Invalid value. - - High impact. - - Low impact. - - No impact. - enum: - - IMPACT_UNSPECIFIED - - IMPACT_HIGH - - IMPACT_LOW - - IMPACT_NONE - availabilityImpact: - description: >- - This metric measures the impact to the availability of the impacted - component resulting from a successfully exploited vulnerability. - type: string - enumDescriptions: - - Invalid value. - - High impact. - - Low impact. - - No impact. - enum: - - IMPACT_UNSPECIFIED - - IMPACT_HIGH - - IMPACT_LOW - - IMPACT_NONE - Package: - id: Package - description: Package is a generic definition of a package. - type: object - properties: - packageName: - description: The name of the package where the vulnerability was detected. - type: string - cpeUri: - description: The CPE URI where the vulnerability was detected. - type: string - packageType: - description: Type of package, for example, os, maven, or go. - type: string - packageVersion: - description: The version of the package. - type: string - SecurityBulletin: - id: SecurityBulletin - description: >- - SecurityBulletin are notifications of vulnerabilities of Google - products. - type: object - properties: - bulletinId: - description: ID of the bulletin corresponding to the vulnerability. - type: string - submissionTime: - description: Submission time of this Security Bulletin. - type: string - format: google-datetime - suggestedUpgradeVersion: - description: >- - This represents a version that the cluster receiving this - notification should be upgraded to, based on its current version. - For example, 1.15.0 - type: string - Cwe: - id: Cwe - description: >- - CWE stands for Common Weakness Enumeration. Information about this - weakness, as described by [CWE](https://cwe.mitre.org/). - type: object - properties: - id: - description: The CWE identifier, e.g. CWE-94 - type: string - references: - description: >- - Any reference to the details on the CWE, for example, - https://cwe.mitre.org/data/definitions/94.html - type: array - items: - $ref: '#/components/schemas/Reference' - GoogleCloudSecuritycenterV1ExternalSystem: - id: GoogleCloudSecuritycenterV1ExternalSystem - description: Representation of third party SIEM/SOAR fields within SCC. - type: object - properties: - name: - description: >- - Full resource name of the external system, for example: - "organizations/1234/sources/5678/findings/123456/externalSystems/jira", - "folders/1234/sources/5678/findings/123456/externalSystems/jira", - "projects/1234/sources/5678/findings/123456/externalSystems/jira" - type: string - assignees: - description: References primary/secondary etc assignees in the external system. - type: array - items: - type: string - externalUid: - description: >- - The identifier that's used to track the finding's corresponding case - in the external system. - type: string - status: - description: >- - The most recent status of the finding's corresponding case, as - reported by the external system. - type: string - externalSystemUpdateTime: - description: >- - The time when the case was last updated, as reported by the external - system. - type: string - format: google-datetime - caseUri: - description: The link to the finding's corresponding case in the external system. - type: string - casePriority: - description: >- - The priority of the finding's corresponding case in the external - system. - type: string - caseSla: - description: The SLA of the finding's corresponding case in the external system. - type: string - format: google-datetime - caseCreateTime: - description: >- - The time when the case was created, as reported by the external - system. - type: string - format: google-datetime - caseCloseTime: - description: >- - The time when the case was closed, as reported by the external - system. - type: string - format: google-datetime - ticketInfo: - description: >- - Information about the ticket, if any, that is being used to track - the resolution of the issue that is identified by this finding. - $ref: '#/components/schemas/TicketInfo' - TicketInfo: - id: TicketInfo - description: >- - Information about the ticket, if any, that is being used to track the - resolution of the issue that is identified by this finding. - type: object - properties: - id: - description: The identifier of the ticket in the ticket system. - type: string - assignee: - description: The assignee of the ticket in the ticket system. - type: string - description: - description: The description of the ticket in the ticket system. - type: string - uri: - description: The link to the ticket in the ticket system. - type: string - status: - description: The latest status of the ticket, as reported by the ticket system. - type: string - updateTime: - description: >- - The time when the ticket was last updated, as reported by the ticket - system. - type: string - format: google-datetime - MitreAttack: - id: MitreAttack - description: >- - MITRE ATT&CK tactics and techniques related to this finding. See: - https://attack.mitre.org - type: object - properties: - primaryTactic: - description: >- - The MITRE ATT&CK tactic most closely represented by this finding, if - any. - type: string - enumDescriptions: - - Unspecified value. - - TA0043 - - TA0042 - - TA0001 - - TA0002 - - TA0003 - - TA0004 - - TA0005 - - TA0006 - - TA0007 - - TA0008 - - TA0009 - - TA0011 - - TA0010 - - TA0040 - enum: - - TACTIC_UNSPECIFIED - - RECONNAISSANCE - - RESOURCE_DEVELOPMENT - - INITIAL_ACCESS - - EXECUTION - - PERSISTENCE - - PRIVILEGE_ESCALATION - - DEFENSE_EVASION - - CREDENTIAL_ACCESS - - DISCOVERY - - LATERAL_MOVEMENT - - COLLECTION - - COMMAND_AND_CONTROL - - EXFILTRATION - - IMPACT - primaryTechniques: - description: >- - The MITRE ATT&CK technique most closely represented by this finding, - if any. primary_techniques is a repeated field because there are - multiple levels of MITRE ATT&CK techniques. If the technique most - closely represented by this finding is a sub-technique (e.g. - `SCANNING_IP_BLOCKS`), both the sub-technique and its parent - technique(s) will be listed (e.g. `SCANNING_IP_BLOCKS`, - `ACTIVE_SCANNING`). - type: array - items: - type: string - enumDescriptions: - - Unspecified value. - - T1001 - - T1001.002 - - T1003 - - T1003.007 - - T1003.008 - - T1005 - - T1020 - - T1027 - - T1027.003 - - T1027.004 - - T1027.010 - - T1029 - - T1033 - - T1036 - - T1036.005 - - T1037 - - T1037.005 - - T1046 - - T1053 - - T1053.003 - - T1053.007 - - T1055 - - T1056 - - T1056.001 - - T1057 - - T1059 - - T1059.004 - - T1059.006 - - T1068 - - T1069 - - T1069.003 - - T1070 - - T1070.002 - - T1070.003 - - T1070.004 - - T1070.006 - - T1070.008 - - T1071 - - T1071.004 - - T1072 - - T1078 - - T1078.001 - - T1078.003 - - T1078.004 - - T1083 - - T1087.001 - - T1090 - - T1090.002 - - T1090.003 - - T1098 - - T1098.001 - - T1098.003 - - T1098.004 - - T1098.006 - - T1104 - - T1105 - - T1106 - - T1110 - - T1119 - - T1129 - - T1132 - - T1132.001 - - T1134 - - T1134.001 - - T1136 - - T1136.001 - - T1140 - - T1190 - - T1195 - - T1195.001 - - T1203 - - T1204 - - T1222.002 - - T1484 - - T1485 - - T1486 - - T1489 - - T1490 - - T1495 - - T1496 - - T1498 - - T1526 - - T1528 - - T1531 - - T1537 - - T1539 - - T1543 - - T1546 - - T1547 - - T1547.006 - - T1547.009 - - T1548 - - T1548.001 - - T1548.003 - - T1552 - - T1552.001 - - T1552.003 - - T1552.004 - - T1553 - - T1553.004 - - T1554 - - T1555 - - T1556 - - T1556.003 - - T1556.006 - - T1562 - - T1562.001 - - T1562.006 - - T1562.012 - - T1564 - - T1564.001 - - T1564.002 - - T1567 - - T1567.002 - - T1568 - - T1570 - - T1574 - - T1574.006 - - T1578 - - T1578.001 - - T1580 - - T1587 - - T1587.001 - - T1588 - - T1588.001 - - T1588.006 - - T1595 - - T1595.001 - - T1608 - - T1608.001 - - T1609 - - T1610 - - T1611 - - T1613 - - T1620 - - T1649 - - T1657 - enum: - - TECHNIQUE_UNSPECIFIED - - DATA_OBFUSCATION - - DATA_OBFUSCATION_STEGANOGRAPHY - - OS_CREDENTIAL_DUMPING - - OS_CREDENTIAL_DUMPING_PROC_FILESYSTEM - - OS_CREDENTIAL_DUMPING_ETC_PASSWORD_AND_ETC_SHADOW - - DATA_FROM_LOCAL_SYSTEM - - AUTOMATED_EXFILTRATION - - OBFUSCATED_FILES_OR_INFO - - STEGANOGRAPHY - - COMPILE_AFTER_DELIVERY - - COMMAND_OBFUSCATION - - SCHEDULED_TRANSFER - - SYSTEM_OWNER_USER_DISCOVERY - - MASQUERADING - - MATCH_LEGITIMATE_NAME_OR_LOCATION - - BOOT_OR_LOGON_INITIALIZATION_SCRIPTS - - STARTUP_ITEMS - - NETWORK_SERVICE_DISCOVERY - - SCHEDULED_TASK_JOB - - SCHEDULED_TASK_JOB_CRON - - CONTAINER_ORCHESTRATION_JOB - - PROCESS_INJECTION - - INPUT_CAPTURE - - INPUT_CAPTURE_KEYLOGGING - - PROCESS_DISCOVERY - - COMMAND_AND_SCRIPTING_INTERPRETER - - UNIX_SHELL - - PYTHON - - EXPLOITATION_FOR_PRIVILEGE_ESCALATION - - PERMISSION_GROUPS_DISCOVERY - - CLOUD_GROUPS - - INDICATOR_REMOVAL - - INDICATOR_REMOVAL_CLEAR_LINUX_OR_MAC_SYSTEM_LOGS - - INDICATOR_REMOVAL_CLEAR_COMMAND_HISTORY - - INDICATOR_REMOVAL_FILE_DELETION - - INDICATOR_REMOVAL_TIMESTOMP - - INDICATOR_REMOVAL_CLEAR_MAILBOX_DATA - - APPLICATION_LAYER_PROTOCOL - - DNS - - SOFTWARE_DEPLOYMENT_TOOLS - - VALID_ACCOUNTS - - DEFAULT_ACCOUNTS - - LOCAL_ACCOUNTS - - CLOUD_ACCOUNTS - - FILE_AND_DIRECTORY_DISCOVERY - - ACCOUNT_DISCOVERY_LOCAL_ACCOUNT - - PROXY - - EXTERNAL_PROXY - - MULTI_HOP_PROXY - - ACCOUNT_MANIPULATION - - ADDITIONAL_CLOUD_CREDENTIALS - - ADDITIONAL_CLOUD_ROLES - - SSH_AUTHORIZED_KEYS - - ADDITIONAL_CONTAINER_CLUSTER_ROLES - - MULTI_STAGE_CHANNELS - - INGRESS_TOOL_TRANSFER - - NATIVE_API - - BRUTE_FORCE - - AUTOMATED_COLLECTION - - SHARED_MODULES - - DATA_ENCODING - - STANDARD_ENCODING - - ACCESS_TOKEN_MANIPULATION - - TOKEN_IMPERSONATION_OR_THEFT - - CREATE_ACCOUNT - - LOCAL_ACCOUNT - - DEOBFUSCATE_DECODE_FILES_OR_INFO - - EXPLOIT_PUBLIC_FACING_APPLICATION - - SUPPLY_CHAIN_COMPROMISE - - COMPROMISE_SOFTWARE_DEPENDENCIES_AND_DEVELOPMENT_TOOLS - - EXPLOITATION_FOR_CLIENT_EXECUTION - - USER_EXECUTION - - LINUX_AND_MAC_FILE_AND_DIRECTORY_PERMISSIONS_MODIFICATION - - DOMAIN_POLICY_MODIFICATION - - DATA_DESTRUCTION - - DATA_ENCRYPTED_FOR_IMPACT - - SERVICE_STOP - - INHIBIT_SYSTEM_RECOVERY - - FIRMWARE_CORRUPTION - - RESOURCE_HIJACKING - - NETWORK_DENIAL_OF_SERVICE - - CLOUD_SERVICE_DISCOVERY - - STEAL_APPLICATION_ACCESS_TOKEN - - ACCOUNT_ACCESS_REMOVAL - - TRANSFER_DATA_TO_CLOUD_ACCOUNT - - STEAL_WEB_SESSION_COOKIE - - CREATE_OR_MODIFY_SYSTEM_PROCESS - - EVENT_TRIGGERED_EXECUTION - - BOOT_OR_LOGON_AUTOSTART_EXECUTION - - KERNEL_MODULES_AND_EXTENSIONS - - SHORTCUT_MODIFICATION - - ABUSE_ELEVATION_CONTROL_MECHANISM - - ABUSE_ELEVATION_CONTROL_MECHANISM_SETUID_AND_SETGID - - ABUSE_ELEVATION_CONTROL_MECHANISM_SUDO_AND_SUDO_CACHING - - UNSECURED_CREDENTIALS - - CREDENTIALS_IN_FILES - - BASH_HISTORY - - PRIVATE_KEYS - - SUBVERT_TRUST_CONTROL - - INSTALL_ROOT_CERTIFICATE - - COMPROMISE_HOST_SOFTWARE_BINARY - - CREDENTIALS_FROM_PASSWORD_STORES - - MODIFY_AUTHENTICATION_PROCESS - - PLUGGABLE_AUTHENTICATION_MODULES - - MULTI_FACTOR_AUTHENTICATION - - IMPAIR_DEFENSES - - DISABLE_OR_MODIFY_TOOLS - - INDICATOR_BLOCKING - - DISABLE_OR_MODIFY_LINUX_AUDIT_SYSTEM - - HIDE_ARTIFACTS - - HIDDEN_FILES_AND_DIRECTORIES - - HIDDEN_USERS - - EXFILTRATION_OVER_WEB_SERVICE - - EXFILTRATION_TO_CLOUD_STORAGE - - DYNAMIC_RESOLUTION - - LATERAL_TOOL_TRANSFER - - HIJACK_EXECUTION_FLOW - - HIJACK_EXECUTION_FLOW_DYNAMIC_LINKER_HIJACKING - - MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE - - CREATE_SNAPSHOT - - CLOUD_INFRASTRUCTURE_DISCOVERY - - DEVELOP_CAPABILITIES - - DEVELOP_CAPABILITIES_MALWARE - - OBTAIN_CAPABILITIES - - OBTAIN_CAPABILITIES_MALWARE - - OBTAIN_CAPABILITIES_VULNERABILITIES - - ACTIVE_SCANNING - - SCANNING_IP_BLOCKS - - STAGE_CAPABILITIES - - UPLOAD_MALWARE - - CONTAINER_ADMINISTRATION_COMMAND - - DEPLOY_CONTAINER - - ESCAPE_TO_HOST - - CONTAINER_AND_RESOURCE_DISCOVERY - - REFLECTIVE_CODE_LOADING - - STEAL_OR_FORGE_AUTHENTICATION_CERTIFICATES - - FINANCIAL_THEFT - additionalTactics: - description: Additional MITRE ATT&CK tactics related to this finding, if any. - type: array - items: - type: string - enumDescriptions: - - Unspecified value. - - TA0043 - - TA0042 - - TA0001 - - TA0002 - - TA0003 - - TA0004 - - TA0005 - - TA0006 - - TA0007 - - TA0008 - - TA0009 - - TA0011 - - TA0010 - - TA0040 - enum: - - TACTIC_UNSPECIFIED - - RECONNAISSANCE - - RESOURCE_DEVELOPMENT - - INITIAL_ACCESS - - EXECUTION - - PERSISTENCE - - PRIVILEGE_ESCALATION - - DEFENSE_EVASION - - CREDENTIAL_ACCESS - - DISCOVERY - - LATERAL_MOVEMENT - - COLLECTION - - COMMAND_AND_CONTROL - - EXFILTRATION - - IMPACT - additionalTechniques: - description: >- - Additional MITRE ATT&CK techniques related to this finding, if any, - along with any of their respective parent techniques. - type: array - items: - type: string - enumDescriptions: - - Unspecified value. - - T1001 - - T1001.002 - - T1003 - - T1003.007 - - T1003.008 - - T1005 - - T1020 - - T1027 - - T1027.003 - - T1027.004 - - T1027.010 - - T1029 - - T1033 - - T1036 - - T1036.005 - - T1037 - - T1037.005 - - T1046 - - T1053 - - T1053.003 - - T1053.007 - - T1055 - - T1056 - - T1056.001 - - T1057 - - T1059 - - T1059.004 - - T1059.006 - - T1068 - - T1069 - - T1069.003 - - T1070 - - T1070.002 - - T1070.003 - - T1070.004 - - T1070.006 - - T1070.008 - - T1071 - - T1071.004 - - T1072 - - T1078 - - T1078.001 - - T1078.003 - - T1078.004 - - T1083 - - T1087.001 - - T1090 - - T1090.002 - - T1090.003 - - T1098 - - T1098.001 - - T1098.003 - - T1098.004 - - T1098.006 - - T1104 - - T1105 - - T1106 - - T1110 - - T1119 - - T1129 - - T1132 - - T1132.001 - - T1134 - - T1134.001 - - T1136 - - T1136.001 - - T1140 - - T1190 - - T1195 - - T1195.001 - - T1203 - - T1204 - - T1222.002 - - T1484 - - T1485 - - T1486 - - T1489 - - T1490 - - T1495 - - T1496 - - T1498 - - T1526 - - T1528 - - T1531 - - T1537 - - T1539 - - T1543 - - T1546 - - T1547 - - T1547.006 - - T1547.009 - - T1548 - - T1548.001 - - T1548.003 - - T1552 - - T1552.001 - - T1552.003 - - T1552.004 - - T1553 - - T1553.004 - - T1554 - - T1555 - - T1556 - - T1556.003 - - T1556.006 - - T1562 - - T1562.001 - - T1562.006 - - T1562.012 - - T1564 - - T1564.001 - - T1564.002 - - T1567 - - T1567.002 - - T1568 - - T1570 - - T1574 - - T1574.006 - - T1578 - - T1578.001 - - T1580 - - T1587 - - T1587.001 - - T1588 - - T1588.001 - - T1588.006 - - T1595 - - T1595.001 - - T1608 - - T1608.001 - - T1609 - - T1610 - - T1611 - - T1613 - - T1620 - - T1649 - - T1657 - enum: - - TECHNIQUE_UNSPECIFIED - - DATA_OBFUSCATION - - DATA_OBFUSCATION_STEGANOGRAPHY - - OS_CREDENTIAL_DUMPING - - OS_CREDENTIAL_DUMPING_PROC_FILESYSTEM - - OS_CREDENTIAL_DUMPING_ETC_PASSWORD_AND_ETC_SHADOW - - DATA_FROM_LOCAL_SYSTEM - - AUTOMATED_EXFILTRATION - - OBFUSCATED_FILES_OR_INFO - - STEGANOGRAPHY - - COMPILE_AFTER_DELIVERY - - COMMAND_OBFUSCATION - - SCHEDULED_TRANSFER - - SYSTEM_OWNER_USER_DISCOVERY - - MASQUERADING - - MATCH_LEGITIMATE_NAME_OR_LOCATION - - BOOT_OR_LOGON_INITIALIZATION_SCRIPTS - - STARTUP_ITEMS - - NETWORK_SERVICE_DISCOVERY - - SCHEDULED_TASK_JOB - - SCHEDULED_TASK_JOB_CRON - - CONTAINER_ORCHESTRATION_JOB - - PROCESS_INJECTION - - INPUT_CAPTURE - - INPUT_CAPTURE_KEYLOGGING - - PROCESS_DISCOVERY - - COMMAND_AND_SCRIPTING_INTERPRETER - - UNIX_SHELL - - PYTHON - - EXPLOITATION_FOR_PRIVILEGE_ESCALATION - - PERMISSION_GROUPS_DISCOVERY - - CLOUD_GROUPS - - INDICATOR_REMOVAL - - INDICATOR_REMOVAL_CLEAR_LINUX_OR_MAC_SYSTEM_LOGS - - INDICATOR_REMOVAL_CLEAR_COMMAND_HISTORY - - INDICATOR_REMOVAL_FILE_DELETION - - INDICATOR_REMOVAL_TIMESTOMP - - INDICATOR_REMOVAL_CLEAR_MAILBOX_DATA - - APPLICATION_LAYER_PROTOCOL - - DNS - - SOFTWARE_DEPLOYMENT_TOOLS - - VALID_ACCOUNTS - - DEFAULT_ACCOUNTS - - LOCAL_ACCOUNTS - - CLOUD_ACCOUNTS - - FILE_AND_DIRECTORY_DISCOVERY - - ACCOUNT_DISCOVERY_LOCAL_ACCOUNT - - PROXY - - EXTERNAL_PROXY - - MULTI_HOP_PROXY - - ACCOUNT_MANIPULATION - - ADDITIONAL_CLOUD_CREDENTIALS - - ADDITIONAL_CLOUD_ROLES - - SSH_AUTHORIZED_KEYS - - ADDITIONAL_CONTAINER_CLUSTER_ROLES - - MULTI_STAGE_CHANNELS - - INGRESS_TOOL_TRANSFER - - NATIVE_API - - BRUTE_FORCE - - AUTOMATED_COLLECTION - - SHARED_MODULES - - DATA_ENCODING - - STANDARD_ENCODING - - ACCESS_TOKEN_MANIPULATION - - TOKEN_IMPERSONATION_OR_THEFT - - CREATE_ACCOUNT - - LOCAL_ACCOUNT - - DEOBFUSCATE_DECODE_FILES_OR_INFO - - EXPLOIT_PUBLIC_FACING_APPLICATION - - SUPPLY_CHAIN_COMPROMISE - - COMPROMISE_SOFTWARE_DEPENDENCIES_AND_DEVELOPMENT_TOOLS - - EXPLOITATION_FOR_CLIENT_EXECUTION - - USER_EXECUTION - - LINUX_AND_MAC_FILE_AND_DIRECTORY_PERMISSIONS_MODIFICATION - - DOMAIN_POLICY_MODIFICATION - - DATA_DESTRUCTION - - DATA_ENCRYPTED_FOR_IMPACT - - SERVICE_STOP - - INHIBIT_SYSTEM_RECOVERY - - FIRMWARE_CORRUPTION - - RESOURCE_HIJACKING - - NETWORK_DENIAL_OF_SERVICE - - CLOUD_SERVICE_DISCOVERY - - STEAL_APPLICATION_ACCESS_TOKEN - - ACCOUNT_ACCESS_REMOVAL - - TRANSFER_DATA_TO_CLOUD_ACCOUNT - - STEAL_WEB_SESSION_COOKIE - - CREATE_OR_MODIFY_SYSTEM_PROCESS - - EVENT_TRIGGERED_EXECUTION - - BOOT_OR_LOGON_AUTOSTART_EXECUTION - - KERNEL_MODULES_AND_EXTENSIONS - - SHORTCUT_MODIFICATION - - ABUSE_ELEVATION_CONTROL_MECHANISM - - ABUSE_ELEVATION_CONTROL_MECHANISM_SETUID_AND_SETGID - - ABUSE_ELEVATION_CONTROL_MECHANISM_SUDO_AND_SUDO_CACHING - - UNSECURED_CREDENTIALS - - CREDENTIALS_IN_FILES - - BASH_HISTORY - - PRIVATE_KEYS - - SUBVERT_TRUST_CONTROL - - INSTALL_ROOT_CERTIFICATE - - COMPROMISE_HOST_SOFTWARE_BINARY - - CREDENTIALS_FROM_PASSWORD_STORES - - MODIFY_AUTHENTICATION_PROCESS - - PLUGGABLE_AUTHENTICATION_MODULES - - MULTI_FACTOR_AUTHENTICATION - - IMPAIR_DEFENSES - - DISABLE_OR_MODIFY_TOOLS - - INDICATOR_BLOCKING - - DISABLE_OR_MODIFY_LINUX_AUDIT_SYSTEM - - HIDE_ARTIFACTS - - HIDDEN_FILES_AND_DIRECTORIES - - HIDDEN_USERS - - EXFILTRATION_OVER_WEB_SERVICE - - EXFILTRATION_TO_CLOUD_STORAGE - - DYNAMIC_RESOLUTION - - LATERAL_TOOL_TRANSFER - - HIJACK_EXECUTION_FLOW - - HIJACK_EXECUTION_FLOW_DYNAMIC_LINKER_HIJACKING - - MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE - - CREATE_SNAPSHOT - - CLOUD_INFRASTRUCTURE_DISCOVERY - - DEVELOP_CAPABILITIES - - DEVELOP_CAPABILITIES_MALWARE - - OBTAIN_CAPABILITIES - - OBTAIN_CAPABILITIES_MALWARE - - OBTAIN_CAPABILITIES_VULNERABILITIES - - ACTIVE_SCANNING - - SCANNING_IP_BLOCKS - - STAGE_CAPABILITIES - - UPLOAD_MALWARE - - CONTAINER_ADMINISTRATION_COMMAND - - DEPLOY_CONTAINER - - ESCAPE_TO_HOST - - CONTAINER_AND_RESOURCE_DISCOVERY - - REFLECTIVE_CODE_LOADING - - STEAL_OR_FORGE_AUTHENTICATION_CERTIFICATES - - FINANCIAL_THEFT - version: - description: The MITRE ATT&CK version referenced by the above fields. E.g. "8". - type: string - Access: - id: Access - description: Represents an access event. - type: object - properties: - principalEmail: - description: >- - Associated email, such as "foo@google.com". The email address of the - authenticated user or a service account acting on behalf of a third - party principal making the request. For third party identity - callers, the `principal_subject` field is populated instead of this - field. For privacy reasons, the principal email address is sometimes - redacted. For more information, see [Caller identities in audit - logs](https://cloud.google.com/logging/docs/audit#user-id). - type: string - callerIp: - description: Caller's IP address, such as "1.1.1.1". - type: string - callerIpGeo: - description: >- - The caller IP's geolocation, which identifies where the call came - from. - $ref: '#/components/schemas/Geolocation' - userAgentFamily: - description: >- - Type of user agent associated with the finding. For example, an - operating system shell or an embedded or standalone application. - type: string - userAgent: - description: The caller's user agent string associated with the finding. - type: string - serviceName: - description: >- - This is the API service that the service account made a call to, - e.g. "iam.googleapis.com" - type: string - methodName: - description: The method that the service account called, e.g. "SetIamPolicy". - type: string - principalSubject: - description: >- - A string that represents the principal_subject that is associated - with the identity. Unlike `principal_email`, `principal_subject` - supports principals that aren't associated with email addresses, - such as third party principals. For most identities, the format is - `principal://iam.googleapis.com/{identity pool - name}/subject/{subject}`. Some GKE identities, such as GKE_WORKLOAD, - FREEFORM, and GKE_HUB_WORKLOAD, still use the legacy format - `serviceAccount:{identity pool name}[{subject}]`. - type: string - serviceAccountKeyName: - description: >- - The name of the service account key that was used to create or - exchange credentials when authenticating the service account that - made the request. This is a scheme-less URI full resource name. For - example: - "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}". - type: string - serviceAccountDelegationInfo: - description: >- - The identity delegation history of an authenticated service account - that made the request. The `serviceAccountDelegationInfo[]` object - contains information about the real authorities that try to access - Google Cloud resources by delegating on a service account. When - multiple authorities are present, they are guaranteed to be sorted - based on the original ordering of the identity delegation events. - type: array - items: - $ref: '#/components/schemas/ServiceAccountDelegationInfo' - userName: - description: >- - A string that represents a username. The username provided depends - on the type of the finding and is likely not an IAM principal. For - example, this can be a system username if the finding is related to - a virtual machine, or it can be an application login username. - type: string - Geolocation: - id: Geolocation - description: Represents a geographical location for a given access. - type: object - properties: - regionCode: - description: A CLDR. - type: string - ServiceAccountDelegationInfo: - id: ServiceAccountDelegationInfo - description: Identity delegation history of an authenticated service account. - type: object - properties: - principalEmail: - description: The email address of a Google account. - type: string - principalSubject: - description: >- - A string representing the principal_subject associated with the - identity. As compared to `principal_email`, supports principals that - aren't associated with email addresses, such as third party - principals. For most identities, the format will be - `principal://iam.googleapis.com/{identity pool - name}/subjects/{subject}` except for some GKE identities - (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the - legacy format `serviceAccount:{identity pool name}[{subject}]` - type: string - Connection: - id: Connection - description: >- - Contains information about the IP connection associated with the - finding. - type: object - properties: - destinationIp: - description: >- - Destination IP address. Not present for sockets that are listening - and not connected. - type: string - destinationPort: - description: >- - Destination port. Not present for sockets that are listening and not - connected. - type: integer - format: int32 - sourceIp: - description: Source IP address. - type: string - sourcePort: - description: Source port. - type: integer - format: int32 - protocol: - description: IANA Internet Protocol Number such as TCP(6) and UDP(17). - type: string - enumDescriptions: - - Unspecified protocol (not HOPOPT). - - Internet Control Message Protocol. - - Transmission Control Protocol. - - User Datagram Protocol. - - Generic Routing Encapsulation. - - Encap Security Payload. - enum: - - PROTOCOL_UNSPECIFIED - - ICMP - - TCP - - UDP - - GRE - - ESP - MuteInfo: - id: MuteInfo - description: >- - Mute information about the finding, including whether the finding has a - static mute or any matching dynamic mute rules. - type: object - properties: - staticMute: - description: >- - If set, the static mute applied to this finding. Static mutes - override dynamic mutes. If unset, there is no static mute. - $ref: '#/components/schemas/StaticMute' - dynamicMuteRecords: - description: The list of dynamic mute rules that currently match the finding. - type: array - items: - $ref: '#/components/schemas/DynamicMuteRecord' - StaticMute: - id: StaticMute - description: >- - Information about the static mute state. A static mute state overrides - any dynamic mute rules that apply to this finding. The static mute state - can be set by a static mute rule or by muting the finding directly. - type: object - properties: - state: - description: >- - The static mute state. If the value is `MUTED` or `UNMUTED`, then - the finding's overall mute state will have the same value. - type: string - enumDescriptions: - - Unspecified. - - Finding has been muted. - - Finding has been unmuted. - - Finding has never been muted/unmuted. - enum: - - MUTE_UNSPECIFIED - - MUTED - - UNMUTED - - UNDEFINED - applyTime: - description: When the static mute was applied. - type: string - format: google-datetime - DynamicMuteRecord: - id: DynamicMuteRecord - description: The record of a dynamic mute rule that matches the finding. - type: object - properties: - muteConfig: - description: >- - The relative resource name of the mute rule, represented by a mute - config, that created this record, for example - `organizations/123/muteConfigs/mymuteconfig` or - `organizations/123/locations/global/muteConfigs/mymuteconfig`. - type: string - matchTime: - description: When the dynamic mute rule first matched the finding. - type: string - format: google-datetime - Process: - id: Process - description: Represents an operating system process. - type: object - properties: - name: - description: >- - The process name, as displayed in utilities like `top` and `ps`. - This name can be accessed through `/proc/[pid]/comm` and changed - with `prctl(PR_SET_NAME)`. - type: string - binary: - description: File information for the process executable. - $ref: '#/components/schemas/File' - libraries: - description: File information for libraries loaded by the process. - type: array - items: - $ref: '#/components/schemas/File' - script: - description: >- - When the process represents the invocation of a script, `binary` - provides information about the interpreter, while `script` provides - information about the script file provided to the interpreter. - $ref: '#/components/schemas/File' - args: - description: Process arguments as JSON encoded strings. - type: array - items: - type: string - argumentsTruncated: - description: True if `args` is incomplete. - type: boolean - envVariables: - description: Process environment variables. - type: array - items: - $ref: '#/components/schemas/EnvironmentVariable' - envVariablesTruncated: - description: True if `env_variables` is incomplete. - type: boolean - pid: - description: The process ID. - type: string - format: int64 - parentPid: - description: The parent process ID. - type: string - format: int64 - userId: - description: >- - The ID of the user that executed the process. E.g. If this is the - root user this will always be 0. - type: string - format: int64 - File: - id: File - description: >- - File information about the related binary/library used by an executable, - or the script used by a script interpreter - type: object - properties: - path: - description: Absolute path of the file as a JSON encoded string. - type: string - size: - description: Size of the file in bytes. - type: string - format: int64 - sha256: - description: >- - SHA256 hash of the first hashed_size bytes of the file encoded as a - hex string. If hashed_size == size, sha256 represents the SHA256 - hash of the entire file. - type: string - hashedSize: - description: >- - The length in bytes of the file prefix that was hashed. If - hashed_size == size, any hashes reported represent the entire file. - type: string - format: int64 - partiallyHashed: - description: True when the hash covers only a prefix of the file. - type: boolean - contents: - description: Prefix of the file contents as a JSON-encoded string. - type: string - diskPath: - description: Path of the file in terms of underlying disk/partition identifiers. - $ref: '#/components/schemas/DiskPath' - operations: - description: Operation(s) performed on a file. - type: array - items: - $ref: '#/components/schemas/FileOperation' - DiskPath: - id: DiskPath - description: Path of the file in terms of underlying disk/partition identifiers. - type: object - properties: - partitionUuid: - description: >- - UUID of the partition (format - https://wiki.archlinux.org/title/persistent_block_device_naming#by-uuid) - type: string - relativePath: - description: >- - Relative path of the file in the partition as a JSON encoded string. - Example: /home/user1/executable_file.sh - type: string - FileOperation: - id: FileOperation - description: Operation(s) performed on a file. - type: object - properties: - type: - description: The type of the operation - type: string - enumDescriptions: - - The operation is unspecified. - - Represents an open operation. - - Represents a read operation. - - Represents a rename operation. - - Represents a write operation. - - Represents an execute operation. - enum: - - OPERATION_TYPE_UNSPECIFIED - - OPEN - - READ - - RENAME - - WRITE - - EXECUTE - EnvironmentVariable: - id: EnvironmentVariable - description: >- - A name-value pair representing an environment variable used in an - operating system process. - type: object - properties: - name: - description: Environment variable name as a JSON encoded string. - type: string - val: - description: Environment variable value as a JSON encoded string. - type: string - ContactDetails: - id: ContactDetails - description: Details about specific contacts - type: object - properties: - contacts: - description: A list of contacts - type: array - items: - $ref: '#/components/schemas/Contact' - Contact: - id: Contact - description: The email address of a contact. - type: object - properties: - email: - description: An email address. For example, "`person123@company.com`". - type: string - Compliance: - id: Compliance - description: >- - Contains compliance information about a security standard indicating - unmet recommendations. - type: object - properties: - standard: - description: >- - Industry-wide compliance standards or benchmarks, such as CIS, PCI, - and OWASP. - type: string - version: - description: Version of the standard or benchmark, for example, 1.1 - type: string - ids: - description: Policies within the standard or benchmark, for example, A.12.4.1 - type: array - items: - type: string - Exfiltration: - id: Exfiltration - description: >- - Exfiltration represents a data exfiltration attempt from one or more - sources to one or more targets. The `sources` attribute lists the - sources of the exfiltrated data. The `targets` attribute lists the - destinations the data was copied to. - type: object - properties: - sources: - description: >- - If there are multiple sources, then the data is considered "joined" - between them. For instance, BigQuery can join multiple tables, and - each table would be considered a source. - type: array - items: - $ref: '#/components/schemas/ExfilResource' - targets: - description: >- - If there are multiple targets, each target would get a complete copy - of the "joined" source data. - type: array - items: - $ref: '#/components/schemas/ExfilResource' - totalExfiltratedBytes: - description: Total exfiltrated bytes processed for the entire job. - type: string - format: int64 - ExfilResource: - id: ExfilResource - description: Resource where data was exfiltrated from or exfiltrated to. - type: object - properties: - name: - description: >- - The resource's [full resource - name](https://cloud.google.com/apis/design/resource_names#full_resource_name). - type: string - components: - description: >- - Subcomponents of the asset that was exfiltrated, like URIs used - during exfiltration, table names, databases, and filenames. For - example, multiple tables might have been exfiltrated from the same - Cloud SQL instance, or multiple files might have been exfiltrated - from the same Cloud Storage bucket. - type: array - items: - type: string - IamBinding: - id: IamBinding - description: >- - Represents a particular IAM binding, which captures a member's role - addition, removal, or state. - type: object - properties: - action: - description: The action that was performed on a Binding. - type: string - enumDescriptions: - - Unspecified. - - Addition of a Binding. - - Removal of a Binding. - enum: - - ACTION_UNSPECIFIED - - ADD - - REMOVE - role: - description: >- - Role that is assigned to "members". For example, "roles/viewer", - "roles/editor", or "roles/owner". - type: string - member: - description: >- - A single identity requesting access for a Cloud Platform resource, - for example, "foo@google.com". - type: string - Container: - id: Container - description: Container associated with the finding. - type: object - properties: - name: - description: Name of the container. - type: string - uri: - description: >- - Container image URI provided when configuring a pod or container. - This string can identify a container image version using mutable - tags. - type: string - imageId: - description: >- - Optional container image ID, if provided by the container runtime. - Uniquely identifies the container image launched using a container - image digest. - type: string - labels: - description: Container labels, as provided by the container runtime. - type: array - items: - $ref: '#/components/schemas/Label' - createTime: - description: The time that the container was created. - type: string - format: google-datetime - Label: - id: Label - description: >- - Represents a generic name-value label. A label has separate name and - value fields to support filtering with the `contains()` function. For - more information, see [Filtering on array-type - fields](https://cloud.google.com/security-command-center/docs/how-to-api-list-findings#array-contains-filtering). - type: object - properties: - name: - description: Name of the label. - type: string - value: - description: Value that corresponds to the label's name. - type: string - Kubernetes: - id: Kubernetes - description: Kubernetes-related attributes. - type: object - properties: - pods: - description: >- - Kubernetes - [Pods](https://cloud.google.com/kubernetes-engine/docs/concepts/pod) - associated with the finding. This field contains Pod records for - each container that is owned by a Pod. - type: array - items: - $ref: '#/components/schemas/Pod' - nodes: - description: >- - Provides Kubernetes - [node](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture#nodes) - information. - type: array - items: - $ref: '#/components/schemas/Node' - nodePools: - description: >- - GKE [node - pools](https://cloud.google.com/kubernetes-engine/docs/concepts/node-pools) - associated with the finding. This field contains node pool - information for each node, when it is available. - type: array - items: - $ref: '#/components/schemas/NodePool' - roles: - description: >- - Provides Kubernetes role information for findings that involve - [Roles or - ClusterRoles](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control). - type: array - items: - $ref: '#/components/schemas/Role' - bindings: - description: >- - Provides Kubernetes role binding information for findings that - involve [RoleBindings or - ClusterRoleBindings](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control). - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1Binding' - accessReviews: - description: >- - Provides information on any Kubernetes access reviews (privilege - checks) relevant to the finding. - type: array - items: - $ref: '#/components/schemas/AccessReview' - objects: - description: Kubernetes objects related to the finding. - type: array - items: - $ref: '#/components/schemas/Object' - Pod: - id: Pod - description: A Kubernetes Pod. - type: object - properties: - ns: - description: Kubernetes Pod namespace. - type: string - name: - description: Kubernetes Pod name. - type: string - labels: - description: >- - Pod labels. For Kubernetes containers, these are applied to the - container. - type: array - items: - $ref: '#/components/schemas/Label' - containers: - description: Pod containers associated with this finding, if any. - type: array - items: - $ref: '#/components/schemas/Container' - Node: - id: Node - description: Kubernetes nodes associated with the finding. - type: object - properties: - name: - description: >- - [Full resource name](https://google.aip.dev/122#full-resource-names) - of the Compute Engine VM running the cluster node. - type: string - NodePool: - id: NodePool - description: Provides GKE node pool information. - type: object - properties: - name: - description: Kubernetes node pool name. - type: string - nodes: - description: Nodes associated with the finding. - type: array - items: - $ref: '#/components/schemas/Node' - Role: - id: Role - description: Kubernetes Role or ClusterRole. - type: object - properties: - kind: - description: Role type. - type: string - enumDescriptions: - - Role type is not specified. - - Kubernetes Role. - - Kubernetes ClusterRole. - enum: - - KIND_UNSPECIFIED - - ROLE - - CLUSTER_ROLE - ns: - description: Role namespace. - type: string - name: - description: Role name. - type: string - GoogleCloudSecuritycenterV1Binding: - id: GoogleCloudSecuritycenterV1Binding - description: Represents a Kubernetes RoleBinding or ClusterRoleBinding. - type: object - properties: - ns: - description: Namespace for the binding. - type: string - name: - description: Name for the binding. - type: string - role: - description: The Role or ClusterRole referenced by the binding. - $ref: '#/components/schemas/Role' - subjects: - description: >- - Represents one or more subjects that are bound to the role. Not - always available for PATCH requests. - type: array - items: - $ref: '#/components/schemas/Subject' - Subject: - id: Subject - description: Represents a Kubernetes subject. - type: object - properties: - kind: - description: Authentication type for the subject. - type: string - enumDescriptions: - - Authentication is not specified. - - User with valid certificate. - - >- - Users managed by Kubernetes API with credentials stored as - secrets. - - Collection of users. - enum: - - AUTH_TYPE_UNSPECIFIED - - USER - - SERVICEACCOUNT - - GROUP - ns: - description: Namespace for the subject. - type: string - name: - description: Name for the subject. - type: string - AccessReview: - id: AccessReview - description: >- - Conveys information about a Kubernetes access review (such as one - returned by a [`kubectl auth - can-i`](https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access) - command) that was involved in a finding. - type: object - properties: - group: - description: The API group of the resource. "*" means all. - type: string - ns: - description: >- - Namespace of the action being requested. Currently, there is no - distinction between no namespace and all namespaces. Both are - represented by "" (empty). - type: string - name: - description: The name of the resource being requested. Empty means all. - type: string - resource: - description: The optional resource type requested. "*" means all. - type: string - subresource: - description: The optional subresource type. - type: string - verb: - description: >- - A Kubernetes resource API verb, like get, list, watch, create, - update, delete, proxy. "*" means all. - type: string - version: - description: The API version of the resource. "*" means all. - type: string - Object: - id: Object - description: >- - Kubernetes object related to the finding, uniquely identified by GKNN. - Used if the object Kind is not one of Pod, Node, NodePool, Binding, or - AccessReview. - type: object - properties: - group: - description: Kubernetes object group, such as "policy.k8s.io/v1". - type: string - kind: - description: Kubernetes object kind, such as "Namespace". - type: string - ns: - description: >- - Kubernetes object namespace. Must be a valid DNS label. Named "ns" - to avoid collision with C++ namespace keyword. For details see - https://kubernetes.io/docs/tasks/administer-cluster/namespaces/. - type: string - name: - description: >- - Kubernetes object name. For details see - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/. - type: string - containers: - description: Pod containers associated with this finding, if any. - type: array - items: - $ref: '#/components/schemas/Container' - Database: - id: Database - description: >- - Represents database access information, such as queries. A database may - be a sub-resource of an instance (as in the case of Cloud SQL instances - or Cloud Spanner instances), or the database instance itself. Some - database resources might not have the [full resource - name](https://google.aip.dev/122#full-resource-names) populated because - these resource types, such as Cloud SQL databases, are not yet supported - by Cloud Asset Inventory. In these cases only the display name is - provided. - type: object - properties: - name: - description: >- - Some database resources may not have the [full resource - name](https://google.aip.dev/122#full-resource-names) populated - because these resource types are not yet supported by Cloud Asset - Inventory (e.g. Cloud SQL databases). In these cases only the - display name will be provided. The [full resource - name](https://google.aip.dev/122#full-resource-names) of the - database that the user connected to, if it is supported by Cloud - Asset Inventory. - type: string - displayName: - description: The human-readable name of the database that the user connected to. - type: string - userName: - description: >- - The username used to connect to the database. The username might not - be an IAM principal and does not have a set format. - type: string - query: - description: The SQL statement that is associated with the database access. - type: string - grantees: - description: >- - The target usernames, roles, or groups of an SQL privilege grant, - which is not an IAM policy change. - type: array - items: - type: string - version: - description: >- - The version of the database, for example, POSTGRES_14. See [the - complete - list](https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1/SqlDatabaseVersion). - type: string - AttackExposure: - id: AttackExposure - description: >- - An attack exposure contains the results of an attack path simulation - run. - type: object - properties: - score: - description: >- - A number between 0 (inclusive) and infinity that represents how - important this finding is to remediate. The higher the score, the - more important it is to remediate. - type: number - format: double - latestCalculationTime: - description: >- - The most recent time the attack exposure was updated on this - finding. - type: string - format: google-datetime - attackExposureResult: - description: >- - The resource name of the attack path simulation result that contains - the details regarding this attack exposure score. Example: - `organizations/123/simulations/456/attackExposureResults/789` - type: string - state: - description: >- - What state this AttackExposure is in. This captures whether or not - an attack exposure has been calculated or not. - type: string - enumDescriptions: - - The state is not specified. - - The attack exposure has been calculated. - - The attack exposure has not been calculated. - enum: - - STATE_UNSPECIFIED - - CALCULATED - - NOT_CALCULATED - exposedHighValueResourcesCount: - description: >- - The number of high value resources that are exposed as a result of - this finding. - type: integer - format: int32 - exposedMediumValueResourcesCount: - description: >- - The number of medium value resources that are exposed as a result of - this finding. - type: integer - format: int32 - exposedLowValueResourcesCount: - description: >- - The number of high value resources that are exposed as a result of - this finding. - type: integer - format: int32 - CloudDlpInspection: - id: CloudDlpInspection - description: >- - Details about the Cloud Data Loss Prevention (Cloud DLP) [inspection - job](https://cloud.google.com/dlp/docs/concepts-job-triggers) that - produced the finding. - type: object - properties: - inspectJob: - description: >- - Name of the inspection job, for example, - `projects/123/locations/europe/dlpJobs/i-8383929`. - type: string - infoType: - description: >- - The type of information (or - *[infoType](https://cloud.google.com/dlp/docs/infotypes-reference)*) - found, for example, `EMAIL_ADDRESS` or `STREET_ADDRESS`. - type: string - infoTypeCount: - description: >- - The number of times Cloud DLP found this infoType within this job - and resource. - type: string - format: int64 - fullScan: - description: Whether Cloud DLP scanned the complete resource or a sampled subset. - type: boolean - CloudDlpDataProfile: - id: CloudDlpDataProfile - description: >- - The [data profile](https://cloud.google.com/dlp/docs/data-profiles) - associated with the finding. - type: object - properties: - dataProfile: - description: >- - Name of the data profile, for example, - `projects/123/locations/europe/tableProfiles/8383929`. - type: string - parentType: - description: >- - The resource hierarchy level at which the data profile was - generated. - type: string - enumDescriptions: - - Unspecified parent type. - - Organization-level configurations. - - Project-level configurations. - enum: - - PARENT_TYPE_UNSPECIFIED - - ORGANIZATION - - PROJECT - KernelRootkit: - id: KernelRootkit - description: Kernel mode rootkit signatures. - type: object - properties: - name: - description: Rootkit name, when available. - type: string - unexpectedCodeModification: - description: True if unexpected modifications of kernel code memory are present. - type: boolean - unexpectedReadOnlyDataModification: - description: >- - True if unexpected modifications of kernel read-only data memory are - present. - type: boolean - unexpectedFtraceHandler: - description: >- - True if `ftrace` points are present with callbacks pointing to - regions that are not in the expected kernel or module code range. - type: boolean - unexpectedKprobeHandler: - description: >- - True if `kprobe` points are present with callbacks pointing to - regions that are not in the expected kernel or module code range. - type: boolean - unexpectedKernelCodePages: - description: >- - True if kernel code pages that are not in the expected kernel or - module code regions are present. - type: boolean - unexpectedSystemCallHandler: - description: >- - True if system call handlers that are are not in the expected kernel - or module code regions are present. - type: boolean - unexpectedInterruptHandler: - description: >- - True if interrupt handlers that are are not in the expected kernel - or module code regions are present. - type: boolean - unexpectedProcessesInRunqueue: - description: >- - True if unexpected processes in the scheduler run queue are present. - Such processes are in the run queue, but not in the process task - list. - type: boolean - OrgPolicy: - id: OrgPolicy - description: Contains information about the org policies associated with the finding. - type: object - properties: - name: - description: >- - The resource name of the org policy. Example: - "organizations/{organization_id}/policies/{constraint_name}" - type: string - Job: - id: Job - description: Describes a job - type: object - properties: - name: - description: The fully-qualified name for a job. e.g. `projects//jobs/` - type: string - state: - description: Output only. State of the job, such as `RUNNING` or `PENDING`. - readOnly: true - type: string - enumDescriptions: - - Unspecified represents an unknown state and should not be used. - - Job is scheduled and pending for run - - Job in progress - - Job has completed with success - - Job has completed but with failure - enum: - - JOB_STATE_UNSPECIFIED - - PENDING - - RUNNING - - SUCCEEDED - - FAILED - errorCode: - description: >- - Optional. If the job did not complete successfully, this field - describes why. - type: integer - format: int32 - location: - description: >- - Optional. Gives the location where the job ran, such as `US` or - `europe-west1` - type: string - Application: - id: Application - description: Represents an application associated with a finding. - type: object - properties: - baseUri: - description: >- - The base URI that identifies the network location of the application - in which the vulnerability was detected. For example, - `http://example.com`. - type: string - fullUri: - description: >- - The full URI with payload that can be used to reproduce the - vulnerability. For example, `http://example.com?p=aMmYgI6H`. - type: string - IpRules: - id: IpRules - description: IP rules associated with the finding. - type: object - properties: - direction: - description: >- - The direction that the rule is applicable to, one of ingress or - egress. - type: string - enumDescriptions: - - Unspecified direction value. - - Ingress direction value. - - Egress direction value. - enum: - - DIRECTION_UNSPECIFIED - - INGRESS - - EGRESS - allowed: - description: Tuple with allowed rules. - $ref: '#/components/schemas/Allowed' - denied: - description: Tuple with denied rules. - $ref: '#/components/schemas/Denied' - sourceIpRanges: - description: >- - If source IP ranges are specified, the firewall rule applies only to - traffic that has a source IP address in these ranges. These ranges - must be expressed in CIDR format. Only supports IPv4. - type: array - items: - type: string - destinationIpRanges: - description: >- - If destination IP ranges are specified, the firewall rule applies - only to traffic that has a destination IP address in these ranges. - These ranges must be expressed in CIDR format. Only supports IPv4. - type: array - items: - type: string - exposedServices: - description: >- - Name of the network protocol service, such as FTP, that is exposed - by the open port. Follows the naming convention available at: - https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml. - type: array - items: - type: string - Allowed: - id: Allowed - description: Allowed IP rule. - type: object - properties: - ipRules: - description: Optional. Optional list of allowed IP rules. - type: array - items: - $ref: '#/components/schemas/IpRule' - IpRule: - id: IpRule - description: IP rule information. - type: object - properties: - protocol: - description: >- - The IP protocol this rule applies to. This value can either be one - of the following well known protocol strings (TCP, UDP, ICMP, ESP, - AH, IPIP, SCTP) or a string representation of the integer value. - type: string - portRanges: - description: >- - Optional. An optional list of ports to which this rule applies. This - field is only applicable for the UDP or (S)TCP protocols. Each entry - must be either an integer or a range including a min and max port - number. - type: array - items: - $ref: '#/components/schemas/PortRange' - PortRange: - id: PortRange - description: >- - A port range which is inclusive of the min and max values. Values are - between 0 and 2^16-1. The max can be equal / must be not smaller than - the min value. If min and max are equal this indicates that it is a - single port. - type: object - properties: - min: - description: Minimum port value. - type: string - format: int64 - max: - description: Maximum port value. - type: string - format: int64 - Denied: - id: Denied - description: Denied IP rule. - type: object - properties: - ipRules: - description: Optional. Optional list of denied IP rules. - type: array - items: - $ref: '#/components/schemas/IpRule' - BackupDisasterRecovery: - id: BackupDisasterRecovery - description: Information related to Google Cloud Backup and DR Service findings. - type: object - properties: - backupTemplate: - description: >- - The name of a Backup and DR template which comprises one or more - backup policies. See the [Backup and DR - documentation](https://cloud.google.com/backup-disaster-recovery/docs/concepts/backup-plan#temp) - for more information. For example, `snap-ov`. - type: string - policies: - description: >- - The names of Backup and DR policies that are associated with a - template and that define when to run a backup, how frequently to run - a backup, and how long to retain the backup image. For example, - `onvaults`. - type: array - items: - type: string - host: - description: >- - The name of a Backup and DR host, which is managed by the backup and - recovery appliance and known to the management console. The host can - be of type Generic (for example, Compute Engine, SQL Server, Oracle - DB, SMB file system, etc.), vCenter, or an ESX server. See the - [Backup and DR documentation on - hosts](https://cloud.google.com/backup-disaster-recovery/docs/configuration/manage-hosts-and-their-applications) - for more information. For example, `centos7-01`. - type: string - applications: - description: >- - The names of Backup and DR applications. An application is a VM, - database, or file system on a managed host monitored by a backup and - recovery appliance. For example, `centos7-01-vol00`, - `centos7-01-vol01`, `centos7-01-vol02`. - type: array - items: - type: string - storagePool: - description: >- - The name of the Backup and DR storage pool that the backup and - recovery appliance is storing data in. The storage pool could be of - type Cloud, Primary, Snapshot, or OnVault. See the [Backup and DR - documentation on storage - pools](https://cloud.google.com/backup-disaster-recovery/docs/concepts/storage-pools). - For example, `DiskPoolOne`. - type: string - policyOptions: - description: >- - The names of Backup and DR advanced policy options of a policy - applying to an application. See the [Backup and DR documentation on - policy - options](https://cloud.google.com/backup-disaster-recovery/docs/create-plan/policy-settings). - For example, `skipofflineappsincongrp, nounmap`. - type: array - items: - type: string - profile: - description: >- - The name of the Backup and DR resource profile that specifies the - storage media for backups of application and VM data. See the - [Backup and DR documentation on - profiles](https://cloud.google.com/backup-disaster-recovery/docs/concepts/backup-plan#profile). - For example, `GCP`. - type: string - appliance: - description: >- - The name of the Backup and DR appliance that captures, moves, and - manages the lifecycle of backup data. For example, - `backup-server-57137`. - type: string - backupType: - description: >- - The backup type of the Backup and DR image. For example, `Snapshot`, - `Remote Snapshot`, `OnVault`. - type: string - backupCreateTime: - description: The timestamp at which the Backup and DR backup was created. - type: string - format: google-datetime - SecurityPosture: - id: SecurityPosture - description: >- - Represents a posture that is deployed on Google Cloud by the Security - Command Center Posture Management service. A posture contains one or - more policy sets. A policy set is a group of policies that enforce a set - of security rules on Google Cloud. - type: object - properties: - name: - description: Name of the posture, for example, `CIS-Posture`. - type: string - revisionId: - description: The version of the posture, for example, `c7cfa2a8`. - type: string - postureDeploymentResource: - description: >- - The project, folder, or organization on which the posture is - deployed, for example, `projects/{project_number}`. - type: string - postureDeployment: - description: >- - The name of the posture deployment, for example, - `organizations/{org_id}/posturedeployments/{posture_deployment_id}`. - type: string - changedPolicy: - description: >- - The name of the updated policy, for example, - `projects/{project_id}/policies/{constraint_name}`. - type: string - policySet: - description: The name of the updated policyset, for example, `cis-policyset`. - type: string - policy: - description: The ID of the updated policy, for example, `compute-policy-1`. - type: string - policyDriftDetails: - description: >- - The details about a change in an updated policy that violates the - deployed posture. - type: array - items: - $ref: '#/components/schemas/PolicyDriftDetails' - PolicyDriftDetails: - id: PolicyDriftDetails - description: >- - The policy field that violates the deployed posture and its expected and - detected values. - type: object - properties: - field: - description: >- - The name of the updated field, for example - constraint.implementation.policy_rules[0].enforce - type: string - expectedValue: - description: >- - The value of this field that was configured in a posture, for - example, `true` or `allowed_values={"projects/29831892"}`. - type: string - detectedValue: - description: >- - The detected value that violates the deployed posture, for example, - `false` or `allowed_values={"projects/22831892"}`. - type: string - LogEntry: - id: LogEntry - description: An individual entry in a log. - type: object - properties: - cloudLoggingEntry: - description: An individual entry in a log stored in Cloud Logging. - $ref: '#/components/schemas/CloudLoggingEntry' - CloudLoggingEntry: - id: CloudLoggingEntry - description: >- - Metadata taken from a [Cloud Logging - LogEntry](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) - type: object - properties: - insertId: - description: A unique identifier for the log entry. - type: string - logId: - description: >- - The type of the log (part of `log_name`. `log_name` is the resource - name of the log to which this log entry belongs). For example: - `cloudresourcemanager.googleapis.com/activity`. Note that this field - is not URL-encoded, unlike the `LOG_ID` field in `LogEntry`. - type: string - resourceContainer: - description: >- - The organization, folder, or project of the monitored resource that - produced this log entry. - type: string - timestamp: - description: The time the event described by the log entry occurred. - type: string - format: google-datetime - LoadBalancer: - id: LoadBalancer - description: >- - Contains information related to the load balancer associated with the - finding. - type: object - properties: - name: - description: The name of the load balancer associated with the finding. - type: string - CloudArmor: - id: CloudArmor - description: Fields related to Google Cloud Armor findings. - type: object - properties: - securityPolicy: - description: >- - Information about the [Google Cloud Armor security - policy](https://cloud.google.com/armor/docs/security-policy-overview) - relevant to the finding. - $ref: '#/components/schemas/SecurityPolicy' - requests: - description: >- - Information about incoming requests evaluated by [Google Cloud Armor - security - policies](https://cloud.google.com/armor/docs/security-policy-overview). - $ref: '#/components/schemas/Requests' - adaptiveProtection: - description: >- - Information about potential Layer 7 DDoS attacks identified by - [Google Cloud Armor Adaptive - Protection](https://cloud.google.com/armor/docs/adaptive-protection-overview). - $ref: '#/components/schemas/AdaptiveProtection' - attack: - description: Information about DDoS attack volume and classification. - $ref: '#/components/schemas/Attack' - threatVector: - description: >- - Distinguish between volumetric & protocol DDoS attack and - application layer attacks. For example, "L3_4" for Layer 3 and Layer - 4 DDoS attacks, or "L_7" for Layer 7 DDoS attacks. - type: string - duration: - description: >- - Duration of attack from the start until the current moment (updated - every 5 minutes). - type: string - format: google-duration - SecurityPolicy: - id: SecurityPolicy - description: >- - Information about the [Google Cloud Armor security - policy](https://cloud.google.com/armor/docs/security-policy-overview) - relevant to the finding. - type: object - properties: - name: - description: >- - The name of the Google Cloud Armor security policy, for example, - "my-security-policy". - type: string - type: - description: >- - The type of Google Cloud Armor security policy for example, 'backend - security policy', 'edge security policy', 'network edge security - policy', or 'always-on DDoS protection'. - type: string - preview: - description: Whether or not the associated rule or policy is in preview mode. - type: boolean - Requests: - id: Requests - description: Information about the requests relevant to the finding. - type: object - properties: - ratio: - description: >- - For 'Increasing deny ratio', the ratio is the denied traffic divided - by the allowed traffic. For 'Allowed traffic spike', the ratio is - the allowed traffic in the short term divided by allowed traffic in - the long term. - type: number - format: double - shortTermAllowed: - description: Allowed RPS (requests per second) in the short term. - type: integer - format: int32 - longTermAllowed: - description: Allowed RPS (requests per second) over the long term. - type: integer - format: int32 - longTermDenied: - description: Denied RPS (requests per second) over the long term. - type: integer - format: int32 - AdaptiveProtection: - id: AdaptiveProtection - description: >- - Information about [Google Cloud Armor Adaptive - Protection](https://cloud.google.com/armor/docs/cloud-armor-overview#google-cloud-armor-adaptive-protection). - type: object - properties: - confidence: - description: >- - A score of 0 means that there is low confidence that the detected - event is an actual attack. A score of 1 means that there is high - confidence that the detected event is an attack. See the [Adaptive - Protection - documentation](https://cloud.google.com/armor/docs/adaptive-protection-overview#configure-alert-tuning) - for further explanation. - type: number - format: double - Attack: - id: Attack - description: Information about DDoS attack volume and classification. - type: object - properties: - volumePpsLong: - description: Total PPS (packets per second) volume of attack. - type: string - format: int64 - volumeBpsLong: - description: Total BPS (bytes per second) volume of attack. - type: string - format: int64 - classification: - description: >- - Type of attack, for example, 'SYN-flood', 'NTP-udp', or - 'CHARGEN-udp'. - type: string - volumePps: - description: >- - Total PPS (packets per second) volume of attack. Deprecated - refer - to volume_pps_long instead. - deprecated: true - type: integer - format: int32 - volumeBps: - description: >- - Total BPS (bytes per second) volume of attack. Deprecated - refer to - volume_bps_long instead. - deprecated: true - type: integer - format: int32 - Notebook: - id: Notebook - description: >- - Represents a Jupyter notebook IPYNB file, such as a [Colab Enterprise - notebook](https://cloud.google.com/colab/docs/introduction) file, that - is associated with a finding. - type: object - properties: - name: - description: The name of the notebook. - type: string - service: - description: The source notebook service, for example, "Colab Enterprise". - type: string - lastAuthor: - description: The user ID of the latest author to modify the notebook. - type: string - notebookUpdateTime: - description: The most recent time the notebook was updated. - type: string - format: google-datetime - ToxicCombination: - id: ToxicCombination - description: >- - Contains details about a group of security issues that, when the issues - occur together, represent a greater risk than when the issues occur - independently. A group of such issues is referred to as a toxic - combination. - type: object - properties: - attackExposureScore: - description: >- - The [Attack exposure - score](https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_exposure_scores) - of this toxic combination. The score is a measure of how much this - toxic combination exposes one or more high-value resources to - potential attack. - type: number - format: double - relatedFindings: - description: >- - List of resource names of findings associated with this toxic - combination. For example, - `organizations/123/sources/456/findings/789`. - type: array - items: - type: string - GroupMembership: - id: GroupMembership - description: >- - Contains details about groups of which this finding is a member. A group - is a collection of findings that are related in some way. - type: object - properties: - groupType: - description: Type of group. - type: string - enumDescriptions: - - Default value. - - Group represents a toxic combination. - - Group represents a chokepoint. - enum: - - GROUP_TYPE_UNSPECIFIED - - GROUP_TYPE_TOXIC_COMBINATION - - GROUP_TYPE_CHOKEPOINT - groupId: - description: ID of the group. - type: string - Disk: - id: Disk - description: Contains information about the disk associated with the finding. - type: object - properties: - name: - description: >- - The name of the disk, for example, - "https://www.googleapis.com/compute/v1/projects/{project-id}/zones/{zone-id}/disks/{disk-id}". - type: string - DataAccessEvent: - id: DataAccessEvent - description: >- - Details about a data access attempt made by a principal not authorized - under applicable data security policy. - type: object - properties: - eventId: - description: Unique identifier for data access event. - type: string - principalEmail: - description: >- - The email address of the principal that accessed the data. The - principal could be a user account, service account, Google group, or - other. - type: string - operation: - description: The operation performed by the principal to access the data. - type: string - enumDescriptions: - - The operation is unspecified. - - Represents a read operation. - - Represents a move operation. - - Represents a copy operation. - enum: - - OPERATION_UNSPECIFIED - - READ - - MOVE - - COPY - eventTime: - description: Timestamp of data access event. - type: string - format: google-datetime - DataFlowEvent: - id: DataFlowEvent - description: >- - Details about a data flow event, in which either the data is moved to or - is accessed from a non-compliant geo-location, as defined in the - applicable data security policy. - type: object - properties: - eventId: - description: Unique identifier for data flow event. - type: string - principalEmail: - description: >- - The email address of the principal that initiated the data flow - event. The principal could be a user account, service account, - Google group, or other. - type: string - operation: - description: The operation performed by the principal for the data flow event. - type: string - enumDescriptions: - - The operation is unspecified. - - Represents a read operation. - - Represents a move operation. - - Represents a copy operation. - enum: - - OPERATION_UNSPECIFIED - - READ - - MOVE - - COPY - violatedLocation: - description: Non-compliant location of the principal or the data destination. - type: string - eventTime: - description: Timestamp of data flow event. - type: string - format: google-datetime - Network: - id: Network - description: Contains information about a VPC network associated with the finding. - type: object - properties: - name: - description: >- - The name of the VPC network resource, for example, - `//compute.googleapis.com/projects/my-project/global/networks/my-network`. - type: string - DataRetentionDeletionEvent: - id: DataRetentionDeletionEvent - description: >- - Details about data retention deletion violations, in which the data is - non-compliant based on their retention or deletion time, as defined in - the applicable data security policy. The Data Retention Deletion (DRD) - control is a control of the DSPM (Data Security Posture Management) - suite that enables organizations to manage data retention and deletion - policies in compliance with regulations, such as GDPR and CRPA. DRD - supports two primary policy types: maximum storage length (max TTL) and - minimum storage length (min TTL). Both are aimed at helping - organizations meet regulatory and data management commitments. - type: object - properties: - eventDetectionTime: - description: Timestamp indicating when the event was detected. - type: string - format: google-datetime - dataObjectCount: - description: >- - Number of objects that violated the policy for this resource. If the - number is less than 1,000, then the value of this field is the exact - number. If the number of objects that violated the policy is greater - than or equal to 1,000, then the value of this field is 1000. - type: string - format: int64 - maxRetentionAllowed: - description: >- - Maximum duration of retention allowed from the DRD control. This - comes from the DRD control where users set a max TTL for their data. - For example, suppose that a user sets the max TTL for a Cloud - Storage bucket to 90 days. However, an object in that bucket is 100 - days old. In this case, a DataRetentionDeletionEvent will be - generated for that Cloud Storage bucket, and the - max_retention_allowed is 90 days. - type: string - format: google-duration - eventType: - description: Type of the DRD event. - type: string - enumDescriptions: - - Unspecified event type. - - The maximum retention time has been exceeded. - enum: - - EVENT_TYPE_UNSPECIFIED - - EVENT_TYPE_MAX_TTL_EXCEEDED - AffectedResources: - id: AffectedResources - description: Details about resources affected by this finding. - type: object - properties: - count: - description: The count of resources affected by the finding. - type: string - format: int64 - AiModel: - id: AiModel - description: Contains information about the AI model associated with the finding. - type: object - properties: - name: - description: The name of the AI model, for example, "gemini:1.0.0". - type: string - domain: - description: The domain of the model, for example, “image-classification”. - type: string - library: - description: The name of the model library, for example, “transformers”. - type: string - location: - description: The region in which the model is used, for example, “us-central1”. - type: string - publisher: - description: The publisher of the model, for example, “google” or “nvidia”. - type: string - deploymentPlatform: - description: The platform on which the model is deployed. - type: string - enumDescriptions: - - Unspecified deployment platform. - - Vertex AI. - - Google Kubernetes Engine. - enum: - - DEPLOYMENT_PLATFORM_UNSPECIFIED - - VERTEX_AI - - GKE - displayName: - description: >- - The user defined display name of model. Ex. - baseline-classification-model - type: string - Chokepoint: - id: Chokepoint - description: >- - Contains details about a chokepoint, which is a resource or resource - group where high-risk attack paths converge, based on [attack path - simulations] - (https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_path_simulations). - type: object - properties: - relatedFindings: - description: >- - List of resource names of findings associated with this chokepoint. - For example, organizations/123/sources/456/findings/789. This list - will have at most 100 findings. - type: array - items: - type: string - ComplianceDetails: - id: ComplianceDetails - description: Compliance Details associated with the finding. - type: object - properties: - frameworks: - description: Details of Frameworks associated with the finding - type: array - items: - $ref: '#/components/schemas/Framework' - cloudControl: - description: CloudControl associated with the finding - $ref: '#/components/schemas/CloudControl' - cloudControlDeploymentNames: - description: >- - Cloud Control Deployments associated with the finding. For example, - organizations/123/locations/global/cloudControlDeployments/deploymentIdentifier - type: array - items: - type: string - Framework: - id: Framework - description: Compliance framework associated with the finding. - type: object - properties: - name: - description: Name of the framework associated with the finding - type: string - displayName: - description: >- - Display name of the framework. For a standard framework, this will - look like e.g. PCI DSS 3.2.1, whereas for a custom framework it can - be a user defined string like MyFramework - type: string - category: - description: >- - Category of the framework associated with the finding. E.g. Security - Benchmark, or Assured Workloads - type: array - items: - type: string - enumDescriptions: - - Default value. This value is unused. - - Security Benchmarks framework - - Assured Workloads framework - - Data Security framework - - Google Best Practices framework - enum: - - FRAMEWORK_CATEGORY_UNSPECIFIED - - SECURITY_BENCHMARKS - - ASSURED_WORKLOADS - - DATA_SECURITY - - GOOGLE_BEST_PRACTICES - type: - description: >- - Type of the framework associated with the finding, to specify - whether the framework is built-in (pre-defined and immutable) or a - custom framework defined by the customer (equivalent to security - posture) - type: string - enumDescriptions: - - Default value. This value is unused. - - >- - The framework is a built-in framework if it is created and managed - by GCP. - - >- - The framework is a custom framework if it is created and managed - by the user. - enum: - - FRAMEWORK_TYPE_UNSPECIFIED - - FRAMEWORK_TYPE_BUILT_IN - - FRAMEWORK_TYPE_CUSTOM - controls: - description: The controls associated with the framework. - type: array - items: - $ref: '#/components/schemas/Control' - Control: - id: Control - description: Compliance control associated with the finding. - type: object - properties: - controlName: - description: Name of the Control - type: string - displayName: - description: Display name of the control. For example, AU-02. - type: string - CloudControl: - id: CloudControl - description: CloudControl associated with the finding. - type: object - properties: - cloudControlName: - description: Name of the CloudControl associated with the finding. - type: string - type: - description: Type of cloud control. - type: string - enumDescriptions: - - Unspecified. - - Built in Cloud Control. - - Custom Cloud Control. - enum: - - CLOUD_CONTROL_TYPE_UNSPECIFIED - - BUILT_IN - - CUSTOM - policyType: - description: Policy type of the CloudControl - type: string - version: - description: Version of the Cloud Control - type: integer - format: int32 - VertexAi: - id: VertexAi - description: Vertex AI-related information associated with the finding. - type: object - properties: - datasets: - description: Datasets associated with the finding. - type: array - items: - $ref: '#/components/schemas/Dataset' - pipelines: - description: Pipelines associated with the finding. - type: array - items: - $ref: '#/components/schemas/Pipeline' - Dataset: - id: Dataset - description: Vertex AI dataset associated with the finding. - type: object - properties: - name: - description: >- - Resource name of the dataset, e.g. - projects/{project}/locations/{location}/datasets/2094040236064505856 - type: string - displayName: - description: The user defined display name of dataset, e.g. plants-dataset - type: string - source: - description: >- - Data source, such as BigQuery source URI, e.g. - bq://scc-nexus-test.AIPPtest.gsod - type: string - Pipeline: - id: Pipeline - description: Vertex AI training pipeline associated with the finding. - type: object - properties: - name: - description: >- - Resource name of the pipeline, e.g. - projects/{project}/locations/{location}/trainingPipelines/5253428229225578496 - type: string - displayName: - description: >- - The user defined display name of pipeline, e.g. - plants-classification - type: string - GoogleCloudSecuritycenterV1MuteConfig: - id: GoogleCloudSecuritycenterV1MuteConfig - description: >- - A mute config is a Cloud SCC resource that contains the configuration to - mute create/update events of findings. - type: object - properties: - name: - description: >- - This field will be ignored if provided on config creation. Format - `organizations/{organization}/muteConfigs/{mute_config}` - `folders/{folder}/muteConfigs/{mute_config}` - `projects/{project}/muteConfigs/{mute_config}` - `organizations/{organization}/locations/global/muteConfigs/{mute_config}` - `folders/{folder}/locations/global/muteConfigs/{mute_config}` - `projects/{project}/locations/global/muteConfigs/{mute_config}` - type: string - displayName: - description: The human readable name to be displayed for the mute config. - deprecated: true - type: string - description: - description: A description of the mute config. - type: string - filter: - description: >- - Required. An expression that defines the filter to apply across - create/update events of findings. While creating a filter string, be - mindful of the scope in which the mute configuration is being - created. E.g., If a filter contains project = X but is created under - the project = Y scope, it might not match any findings. The - following field and operator combinations are supported: * severity: - `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * - resource.project_name: `=`, `:` * resource.project_display_name: - `=`, `:` * resource.folders.resource_folder: `=`, `:` * - resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, - `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * - indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:` - type: string - createTime: - description: >- - Output only. The time at which the mute config was created. This - field is set by the server and will be ignored if provided on config - creation. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. The most recent time at which the mute config was - updated. This field is set by the server and will be ignored if - provided on config creation or update. - readOnly: true - type: string - format: google-datetime - mostRecentEditor: - description: >- - Output only. Email address of the user who last edited the mute - config. This field is set by the server and will be ignored if - provided on config creation or update. - readOnly: true - type: string - type: - description: >- - Optional. The type of the mute config, which determines what type of - mute state the config affects. The static mute state takes - precedence over the dynamic mute state. Immutable after creation. - STATIC by default if not set during creation. - type: string - enumDescriptions: - - Unused. - - >- - A static mute config, which sets the static mute state of future - matching findings to muted. Once the static mute state has been - set, finding or config modifications will not affect the state. - - >- - A dynamic mute config, which is applied to existing and future - matching findings, setting their dynamic mute state to "muted". If - the config is updated or deleted, or a matching finding is - updated, such that the finding doesn't match the config, the - config will be removed from the finding, and the finding's dynamic - mute state may become "unmuted" (unless other configs still - match). - enum: - - MUTE_CONFIG_TYPE_UNSPECIFIED - - STATIC - - DYNAMIC - expiryTime: - description: >- - Optional. The expiry of the mute config. Only applicable for dynamic - configs. If the expiry is set, when the config expires, it is - removed from all findings. - type: string - format: google-datetime - NotificationConfig: - id: NotificationConfig - description: >- - Cloud Security Command Center (Cloud SCC) notification configs. A - notification config is a Cloud SCC resource that contains the - configuration to send notifications for create/update events of - findings, assets and etc. - type: object - properties: - name: - description: >- - The relative resource name of this notification config. See: - https://cloud.google.com/apis/design/resource_names#relative_resource_name - Example: - "organizations/{organization_id}/notificationConfigs/notify_public_bucket", - "folders/{folder_id}/notificationConfigs/notify_public_bucket", or - "projects/{project_id}/notificationConfigs/notify_public_bucket". - type: string - description: - description: The description of the notification config (max of 1024 characters). - type: string - pubsubTopic: - description: >- - The Pub/Sub topic to send notifications to. Its format is - "projects/[project_id]/topics/[topic]". - type: string - serviceAccount: - description: >- - Output only. The service account that needs "pubsub.topics.publish" - permission to publish to the Pub/Sub topic. - readOnly: true - type: string - streamingConfig: - description: The config for triggering streaming-based notifications. - $ref: '#/components/schemas/StreamingConfig' - StreamingConfig: - id: StreamingConfig - description: >- - The config for streaming-based notifications, which send each event as - soon as it is detected. - type: object - properties: - filter: - description: >- - Expression that defines the filter to apply across create/update - events of assets or findings as specified by the event type. The - expression is a list of zero or more restrictions combined via - logical operators `AND` and `OR`. Parentheses are supported, and - `OR` has higher precedence than `AND`. Restrictions have the form ` - ` and may have a `-` character in front of them to indicate - negation. The fields map to those defined in the corresponding - resource. The supported operators are: * `=` for all value types. * - `>`, `<`, `>=`, `<=` for integer values. * `:`, meaning substring - matching, for strings. The supported value types are: * string - literals in quotes. * integer literals without quotes. * boolean - literals `true` and `false` without quotes. - type: string - Simulation: - id: Simulation - description: Attack path simulation - type: object - properties: - name: - description: >- - Full resource name of the Simulation: - `organizations/123/simulations/456` - type: string - createTime: - description: Output only. Time simulation was created - readOnly: true - type: string - format: google-datetime - resourceValueConfigsMetadata: - description: >- - Resource value configurations' metadata used in this simulation. - Maximum of 100. - type: array - items: - $ref: '#/components/schemas/ResourceValueConfigMetadata' - cloudProvider: - description: Indicates which cloud provider was used in this simulation. - type: string - enumDescriptions: - - The cloud provider is unspecified. - - The cloud provider is Google Cloud. - - The cloud provider is Amazon Web Services. - - The cloud provider is Microsoft Azure. - enum: - - CLOUD_PROVIDER_UNSPECIFIED - - GOOGLE_CLOUD_PLATFORM - - AMAZON_WEB_SERVICES - - MICROSOFT_AZURE - ResourceValueConfigMetadata: - id: ResourceValueConfigMetadata - description: Metadata about a ResourceValueConfig. For example, id and name. - type: object - properties: - name: - description: Resource value config name - type: string - ValuedResource: - id: ValuedResource - description: A resource that is determined to have value to a user's system - type: object - properties: - name: - description: >- - Valued resource name, for example, e.g.: - `organizations/123/simulations/456/valuedResources/789` - type: string - resource: - description: >- - The [full resource - name](https://cloud.google.com/apis/design/resource_names#full_resource_name) - of the valued resource. - type: string - resourceType: - description: >- - The [resource - type](https://cloud.google.com/asset-inventory/docs/supported-asset-types) - of the valued resource. - type: string - displayName: - description: Human-readable name of the valued resource. - type: string - resourceValue: - description: How valuable this resource is. - type: string - enumDescriptions: - - The resource value isn't specified. - - This is a low-value resource. - - This is a medium-value resource. - - This is a high-value resource. - enum: - - RESOURCE_VALUE_UNSPECIFIED - - RESOURCE_VALUE_LOW - - RESOURCE_VALUE_MEDIUM - - RESOURCE_VALUE_HIGH - exposedScore: - description: >- - Exposed score for this valued resource. A value of 0 means no - exposure was detected exposure. - type: number - format: double - resourceValueConfigsUsed: - description: >- - List of resource value configurations' metadata used to determine - the value of this resource. Maximum of 100. - type: array - items: - $ref: '#/components/schemas/ResourceValueConfigMetadata' - GoogleCloudSecuritycenterV1BigQueryExport: - id: GoogleCloudSecuritycenterV1BigQueryExport - description: Configures how to deliver Findings to BigQuery Instance. - type: object - properties: - name: - description: >- - The relative resource name of this export. See: - https://cloud.google.com/apis/design/resource_names#relative_resource_name. - Example format: - "organizations/{organization_id}/bigQueryExports/{export_id}" - Example format: "folders/{folder_id}/bigQueryExports/{export_id}" - Example format: "projects/{project_id}/bigQueryExports/{export_id}" - This field is provided in responses, and is ignored when provided in - create requests. - type: string - description: - description: The description of the export (max of 1024 characters). - type: string - filter: - description: >- - Expression that defines the filter to apply across create/update - events of findings. The expression is a list of zero or more - restrictions combined via logical operators `AND` and `OR`. - Parentheses are supported, and `OR` has higher precedence than - `AND`. Restrictions have the form ` ` and may have a `-` character - in front of them to indicate negation. The fields map to those - defined in the corresponding resource. The supported operators are: - * `=` for all value types. * `>`, `<`, `>=`, `<=` for integer - values. * `:`, meaning substring matching, for strings. The - supported value types are: * string literals in quotes. * integer - literals without quotes. * boolean literals `true` and `false` - without quotes. - type: string - dataset: - description: >- - The dataset to write findings' updates to. Its format is - "projects/[project_id]/datasets/[bigquery_dataset_id]". BigQuery - Dataset unique ID must contain only letters (a-z, A-Z), numbers - (0-9), or underscores (_). - type: string - createTime: - description: >- - Output only. The time at which the BigQuery export was created. This - field is set by the server and will be ignored if provided on export - on creation. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. The most recent time at which the BigQuery export was - updated. This field is set by the server and will be ignored if - provided on export creation or update. - readOnly: true - type: string - format: google-datetime - mostRecentEditor: - description: >- - Output only. Email address of the user who last edited the BigQuery - export. This field is set by the server and will be ignored if - provided on export creation or update. - readOnly: true - type: string - principal: - description: >- - Output only. The service account that needs permission to create - table and upload data to the BigQuery dataset. - readOnly: true - type: string - GetIamPolicyRequest: - id: GetIamPolicyRequest - description: Request message for `GetIamPolicy` method. - type: object - properties: - options: - description: >- - OPTIONAL: A `GetPolicyOptions` object for specifying options to - `GetIamPolicy`. - $ref: '#/components/schemas/GetPolicyOptions' - GetPolicyOptions: - id: GetPolicyOptions - description: Encapsulates settings provided to GetIamPolicy. - type: object - properties: - requestedPolicyVersion: - description: >- - Optional. The maximum policy version that will be used to format the - policy. Valid values are 0, 1, and 3. Requests specifying an invalid - value will be rejected. Requests for policies with any conditional - role bindings must specify version 3. Policies with no conditional - role bindings may specify any valid value or leave the field unset. - The policy in the response might use the policy version that you - specified, or it might use a lower policy version. For example, if - you specify version 3, but the policy has no conditional role - bindings, the response uses version 1. To learn which resources - support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). - type: object - properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: - description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. - type: array - items: - $ref: '#/components/schemas/AuditConfig' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. - type: object - properties: - role: - description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string - members: - description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: - description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - AuditConfig: - id: AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. - type: object - properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - type: object - properties: - logType: - description: The log type that this config enables. - type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: - description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: - type: string - OrganizationSettings: - id: OrganizationSettings - description: >- - User specified settings that are attached to the Security Command Center - organization. - type: object - properties: - name: - description: >- - The relative resource name of the settings. See: - https://cloud.google.com/apis/design/resource_names#relative_resource_name - Example: "organizations/{organization_id}/organizationSettings". - type: string - enableAssetDiscovery: - description: >- - A flag that indicates if Asset Discovery should be enabled. If the - flag is set to `true`, then discovery of assets will occur. If it is - set to `false`, all historical assets will remain, but discovery of - future assets will not occur. - type: boolean - assetDiscoveryConfig: - description: The configuration used for Asset Discovery runs. - $ref: '#/components/schemas/AssetDiscoveryConfig' - AssetDiscoveryConfig: - id: AssetDiscoveryConfig - description: The configuration used for Asset Discovery runs. - type: object - properties: - projectIds: - description: The project ids to use for filtering asset discovery. - type: array - items: - type: string - inclusionMode: - description: The mode to use for filtering asset discovery. - type: string - enumDescriptions: - - >- - Unspecified. Setting the mode with this value will disable - inclusion/exclusion filtering for Asset Discovery. - - >- - Asset Discovery will capture only the resources within the - projects specified. All other resources will be ignored. - - >- - Asset Discovery will ignore all resources under the projects - specified. All other resources will be retrieved. - enum: - - INCLUSION_MODE_UNSPECIFIED - - INCLUDE_ONLY - - EXCLUDE - folderIds: - description: >- - The folder ids to use for filtering asset discovery. It consists of - only digits, e.g., 756619654966. - type: array - items: - type: string - GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule: - id: GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule - description: >- - An EffectiveSecurityHealthAnalyticsCustomModule is the representation of - a Security Health Analytics custom module at a specified level of the - resource hierarchy: organization, folder, or project. If a custom module - is inherited from a parent organization or folder, the value of the - `enablementState` property in - EffectiveSecurityHealthAnalyticsCustomModule is set to the value that is - effective in the parent, instead of `INHERITED`. For example, if the - module is enabled in a parent organization or folder, the effective - enablement_state for the module in all child folders or projects is also - `enabled`. EffectiveSecurityHealthAnalyticsCustomModule is read-only. - type: object - properties: - name: - description: >- - Output only. The resource name of the custom module. Its format is - "organizations/{organization}/securityHealthAnalyticsSettings/effectiveCustomModules/{customModule}", - or - "folders/{folder}/securityHealthAnalyticsSettings/effectiveCustomModules/{customModule}", - or - "projects/{project}/securityHealthAnalyticsSettings/effectiveCustomModules/{customModule}" - readOnly: true - type: string - customConfig: - description: Output only. The user-specified configuration for the module. - readOnly: true - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1CustomConfig' - enablementState: - description: >- - Output only. The effective state of enablement for the module at the - given level of the hierarchy. - readOnly: true - type: string - enumDescriptions: - - Unspecified enablement state. - - The module is enabled at the given level. - - The module is disabled at the given level. - enum: - - ENABLEMENT_STATE_UNSPECIFIED - - ENABLED - - DISABLED - displayName: - description: >- - Output only. The display name for the custom module. The name must - be between 1 and 128 characters, start with a lowercase letter, and - contain alphanumeric characters or underscores only. - readOnly: true - type: string - cloudProvider: - description: The cloud provider of the custom module. - type: string - enumDescriptions: - - Unspecified cloud provider. - - Google Cloud. - - Amazon Web Services. - - Microsoft Azure. - enum: - - CLOUD_PROVIDER_UNSPECIFIED - - GOOGLE_CLOUD_PLATFORM - - AMAZON_WEB_SERVICES - - MICROSOFT_AZURE - GroupAssetsRequest: - id: GroupAssetsRequest - description: Request message for grouping by assets. - type: object - properties: - filter: - description: >- - Expression that defines the filter to apply across assets. The - expression is a list of zero or more restrictions combined via - logical operators `AND` and `OR`. Parentheses are supported, and - `OR` has higher precedence than `AND`. Restrictions have the form ` - ` and may have a `-` character in front of them to indicate - negation. The fields map to those defined in the Asset resource. - Examples include: * name * security_center_properties.resource_name - * resource_properties.a_property * security_marks.marks.marka The - supported operators are: * `=` for all value types. * `>`, `<`, - `>=`, `<=` for integer values. * `:`, meaning substring matching, - for strings. The supported value types are: * string literals in - quotes. * integer literals without quotes. * boolean literals `true` - and `false` without quotes. The following field and operator - combinations are supported: * name: `=` * update_time: `=`, `>`, - `<`, `>=`, `<=` Usage: This should be milliseconds since epoch or an - RFC3339 string. Examples: `update_time = - "2019-06-10T16:07:18-07:00"` `update_time = 1560208038000` * - create_time: `=`, `>`, `<`, `>=`, `<=` Usage: This should be - milliseconds since epoch or an RFC3339 string. Examples: - `create_time = "2019-06-10T16:07:18-07:00"` `create_time = - 1560208038000` * iam_policy.policy_blob: `=`, `:` * - resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=` * - security_marks.marks: `=`, `:` * - security_center_properties.resource_name: `=`, `:` * - security_center_properties.resource_display_name: `=`, `:` * - security_center_properties.resource_type: `=`, `:` * - security_center_properties.resource_parent: `=`, `:` * - security_center_properties.resource_parent_display_name: `=`, `:` * - security_center_properties.resource_project: `=`, `:` * - security_center_properties.resource_project_display_name: `=`, `:` * - security_center_properties.resource_owners: `=`, `:` For example, - `resource_properties.size = 100` is a valid filter string. Use a - partial match on the empty string to filter based on a property - existing: `resource_properties.my_property : ""` Use a negated - partial match on the empty string to filter based on a property not - existing: `-resource_properties.my_property : ""` - type: string - groupBy: - description: >- - Required. Expression that defines what assets fields to use for - grouping. The string value should follow SQL syntax: comma separated - list of fields. For example: - "security_center_properties.resource_project,security_center_properties.project". - The following fields are supported when compare_duration is not set: - * security_center_properties.resource_project * - security_center_properties.resource_project_display_name * - security_center_properties.resource_type * - security_center_properties.resource_parent * - security_center_properties.resource_parent_display_name The - following fields are supported when compare_duration is set: * - security_center_properties.resource_type * - security_center_properties.resource_project_display_name * - security_center_properties.resource_parent_display_name - type: string - compareDuration: - description: >- - When compare_duration is set, the GroupResult's "state_change" - property is updated to indicate whether the asset was added, - removed, or remained present during the compare_duration period of - time that precedes the read_time. This is the time between - (read_time - compare_duration) and read_time. The state change value - is derived based on the presence of the asset at the two points in - time. Intermediate state changes between the two times don't affect - the result. For example, the results aren't affected if the asset is - removed and re-created again. Possible "state_change" values when - compare_duration is specified: * "ADDED": indicates that the asset - was not present at the start of compare_duration, but present at - reference_time. * "REMOVED": indicates that the asset was present at - the start of compare_duration, but not present at reference_time. * - "ACTIVE": indicates that the asset was present at both the start and - the end of the time period defined by compare_duration and - reference_time. If compare_duration is not specified, then the only - possible state_change is "UNUSED", which will be the state_change - set for all assets present at read_time. If this field is set then - `state_change` must be a specified field in `group_by`. - type: string - format: google-duration - readTime: - description: >- - Time used as a reference point when filtering assets. The filter is - limited to assets existing at the supplied time and their values are - those at that specific time. Absence of this field will default to - the API's version of NOW. - type: string - format: google-datetime - pageToken: - description: >- - The value returned by the last `GroupAssetsResponse`; indicates that - this is a continuation of a prior `GroupAssets` call, and that the - system should return the next page of data. - type: string - pageSize: - description: >- - The maximum number of results to return in a single response. - Default is 10, minimum is 1, maximum is 1000. - type: integer - format: int32 - GroupAssetsResponse: - id: GroupAssetsResponse - description: Response message for grouping by assets. - type: object - properties: - groupByResults: - description: >- - Group results. There exists an element for each existing unique - combination of property/values. The element contains a count for the - number of times those specific property/values appear. - type: array - items: - $ref: '#/components/schemas/GroupResult' - readTime: - description: Time used for executing the groupBy request. - type: string - format: google-datetime - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results. - type: string - totalSize: - description: The total number of results matching the query. - type: integer - format: int32 - GroupResult: - id: GroupResult - description: Result containing the properties and count of a groupBy request. - type: object - properties: - properties: - description: Properties matching the groupBy fields in the request. - type: object - additionalProperties: - type: any - count: - description: Total count of resources for the given properties. - type: string - format: int64 - GroupFindingsRequest: - id: GroupFindingsRequest - description: Request message for grouping by findings. - type: object - properties: - filter: - description: >- - Expression that defines the filter to apply across findings. The - expression is a list of one or more restrictions combined via - logical operators `AND` and `OR`. Parentheses are supported, and - `OR` has higher precedence than `AND`. Restrictions have the form ` - ` and may have a `-` character in front of them to indicate - negation. Examples include: * name * source_properties.a_property * - security_marks.marks.marka The supported operators are: * `=` for - all value types. * `>`, `<`, `>=`, `<=` for integer values. * `:`, - meaning substring matching, for strings. The supported value types - are: * string literals in quotes. * integer literals without quotes. - * boolean literals `true` and `false` without quotes. The following - field and operator combinations are supported: * name: `=` * parent: - `=`, `:` * resource_name: `=`, `:` * state: `=`, `:` * category: - `=`, `:` * external_uri: `=`, `:` * event_time: `=`, `>`, `<`, `>=`, - `<=` Usage: This should be milliseconds since epoch or an RFC3339 - string. Examples: `event_time = "2019-06-10T16:07:18-07:00"` - `event_time = 1560208038000` * severity: `=`, `:` * workflow_state: - `=`, `:` * security_marks.marks: `=`, `:` * source_properties: `=`, - `:`, `>`, `<`, `>=`, `<=` For example, `source_properties.size = - 100` is a valid filter string. Use a partial match on the empty - string to filter based on a property existing: - `source_properties.my_property : ""` Use a negated partial match on - the empty string to filter based on a property not existing: - `-source_properties.my_property : ""` * resource: * resource.name: - `=`, `:` * resource.parent_name: `=`, `:` * - resource.parent_display_name: `=`, `:` * resource.project_name: `=`, - `:` * resource.project_display_name: `=`, `:` * resource.type: `=`, - `:` - type: string - groupBy: - description: >- - Required. Expression that defines what assets fields to use for - grouping (including `state_change`). The string value should follow - SQL syntax: comma separated list of fields. For example: - "parent,resource_name". The following fields are supported when - compare_duration is set: * state_change - type: string - readTime: - description: >- - Time used as a reference point when filtering findings. The filter - is limited to findings existing at the supplied time and their - values are those at that specific time. Absence of this field will - default to the API's version of NOW. - deprecated: true - type: string - format: google-datetime - compareDuration: - description: >- - When compare_duration is set, the GroupResult's "state_change" - attribute is updated to indicate whether the finding had its state - changed, the finding's state remained unchanged, or if the finding - was added during the compare_duration period of time that precedes - the read_time. This is the time between (read_time - - compare_duration) and read_time. The state_change value is derived - based on the presence and state of the finding at the two points in - time. Intermediate state changes between the two times don't affect - the result. For example, the results aren't affected if the finding - is made inactive and then active again. Possible "state_change" - values when compare_duration is specified: * "CHANGED": indicates - that the finding was present and matched the given filter at the - start of compare_duration, but changed its state at read_time. * - "UNCHANGED": indicates that the finding was present and matched the - given filter at the start of compare_duration and did not change - state at read_time. * "ADDED": indicates that the finding did not - match the given filter or was not present at the start of - compare_duration, but was present at read_time. * "REMOVED": - indicates that the finding was present and matched the filter at the - start of compare_duration, but did not match the filter at - read_time. If compare_duration is not specified, then the only - possible state_change is "UNUSED", which will be the state_change - set for all findings present at read_time. If this field is set then - `state_change` must be a specified field in `group_by`. - deprecated: true - type: string - format: google-duration - pageToken: - description: >- - The value returned by the last `GroupFindingsResponse`; indicates - that this is a continuation of a prior `GroupFindings` call, and - that the system should return the next page of data. - type: string - pageSize: - description: >- - The maximum number of results to return in a single response. - Default is 10, minimum is 1, maximum is 1000. - type: integer - format: int32 - GroupFindingsResponse: - id: GroupFindingsResponse - description: Response message for group by findings. - type: object - properties: - groupByResults: - description: >- - Group results. There exists an element for each existing unique - combination of property/values. The element contains a count for the - number of times those specific property/values appear. - type: array - items: - $ref: '#/components/schemas/GroupResult' - readTime: - description: Time used for executing the groupBy request. - type: string - format: google-datetime - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results. - type: string - totalSize: - description: The total number of results matching the query. - type: integer - format: int32 - ListAssetsResponse: - id: ListAssetsResponse - description: Response message for listing assets. - type: object - properties: - listAssetsResults: - description: Assets matching the list request. - type: array - items: - $ref: '#/components/schemas/ListAssetsResult' - readTime: - description: Time used for executing the list request. - type: string - format: google-datetime - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results. - type: string - totalSize: - description: The total number of assets matching the query. - type: integer - format: int32 - ListAssetsResult: - id: ListAssetsResult - description: Result containing the Asset and its State. - type: object - properties: - asset: - description: Asset matching the search request. - $ref: '#/components/schemas/Asset' - stateChange: - description: State change of the asset between the points in time. - type: string - enumDescriptions: - - >- - State change is unused, this is the canonical default for this - enum. - - Asset was added between the points in time. - - Asset was removed between the points in time. - - Asset was present at both point(s) in time. - enum: - - UNUSED - - ADDED - - REMOVED - - ACTIVE - Asset: - id: Asset - description: >- - Security Command Center representation of a Google Cloud resource. The - Asset is a Security Command Center resource that captures information - about a single Google Cloud resource. All modifications to an Asset are - only within the context of Security Command Center and don't affect the - referenced Google Cloud resource. - type: object - properties: - name: - description: >- - The relative resource name of this asset. See: - https://cloud.google.com/apis/design/resource_names#relative_resource_name - Example: "organizations/{organization_id}/assets/{asset_id}". - type: string - securityCenterProperties: - description: >- - Security Command Center managed properties. These properties are - managed by Security Command Center and cannot be modified by the - user. - $ref: '#/components/schemas/SecurityCenterProperties' - resourceProperties: - description: >- - Resource managed properties. These properties are managed and - defined by the Google Cloud resource and cannot be modified by the - user. - type: object - additionalProperties: - type: any - securityMarks: - description: >- - User specified security marks. These marks are entirely managed by - the user and come from the SecurityMarks resource that belongs to - the asset. - $ref: '#/components/schemas/SecurityMarks' - createTime: - description: The time at which the asset was created in Security Command Center. - type: string - format: google-datetime - updateTime: - description: The time at which the asset was last updated or added in Cloud SCC. - type: string - format: google-datetime - iamPolicy: - description: >- - Cloud IAM Policy information associated with the Google Cloud - resource described by the Security Command Center asset. This - information is managed and defined by the Google Cloud resource and - cannot be modified by the user. - $ref: '#/components/schemas/IamPolicy' - canonicalName: - description: >- - The canonical name of the resource. It's either - "organizations/{organization_id}/assets/{asset_id}", - "folders/{folder_id}/assets/{asset_id}" or - "projects/{project_number}/assets/{asset_id}", depending on the - closest CRM ancestor of the resource. - type: string - SecurityCenterProperties: - id: SecurityCenterProperties - description: >- - Security Command Center managed properties. These properties are managed - by Security Command Center and cannot be modified by the user. - type: object - properties: - resourceName: - description: >- - The full resource name of the Google Cloud resource this asset - represents. This field is immutable after create time. See: - https://cloud.google.com/apis/design/resource_names#full_resource_name - type: string - resourceType: - description: >- - The type of the Google Cloud resource. Examples include: - APPLICATION, PROJECT, and ORGANIZATION. This is a case insensitive - field defined by Security Command Center and/or the producer of the - resource and is immutable after create time. - type: string - resourceParent: - description: >- - The full resource name of the immediate parent of the resource. See: - https://cloud.google.com/apis/design/resource_names#full_resource_name - type: string - resourceProject: - description: >- - The full resource name of the project the resource belongs to. See: - https://cloud.google.com/apis/design/resource_names#full_resource_name - type: string - resourceOwners: - description: Owners of the Google Cloud resource. - type: array - items: - type: string - resourceDisplayName: - description: The user defined display name for this resource. - type: string - resourceParentDisplayName: - description: The user defined display name for the parent of this resource. - type: string - resourceProjectDisplayName: - description: The user defined display name for the project of this resource. - type: string - folders: - description: >- - Contains a Folder message for each folder in the assets ancestry. - The first folder is the deepest nested folder, and the last folder - is the folder directly under the Organization. - type: array - items: - $ref: '#/components/schemas/Folder' - Folder: - id: Folder - description: >- - Message that contains the resource name and display name of a folder - resource. - type: object - properties: - resourceFolder: - description: >- - Full resource name of this folder. See: - https://cloud.google.com/apis/design/resource_names#full_resource_name - type: string - resourceFolderDisplayName: - description: The user defined display name for this folder. - type: string - IamPolicy: - id: IamPolicy - description: >- - Cloud IAM Policy information associated with the Google Cloud resource - described by the Security Command Center asset. This information is - managed and defined by the Google Cloud resource and cannot be modified - by the user. - type: object - properties: - policyBlob: - description: >- - The JSON representation of the Policy associated with the asset. See - https://cloud.google.com/iam/reference/rest/v1/Policy for format - details. - type: string - ListDescendantSecurityHealthAnalyticsCustomModulesResponse: - id: ListDescendantSecurityHealthAnalyticsCustomModulesResponse - description: >- - Response message for listing descendant Security Health Analytics custom - modules. - type: object - properties: - securityHealthAnalyticsCustomModules: - description: >- - Custom modules belonging to the requested parent and its - descendants. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule - nextPageToken: - description: >- - If not empty, indicates that there may be more custom modules to be - returned. - type: string - ListFindingsResponse: - id: ListFindingsResponse - description: Response message for listing findings. - type: object - properties: - listFindingsResults: - description: Findings matching the list request. - type: array - items: - $ref: '#/components/schemas/ListFindingsResult' - readTime: - description: Time used for executing the list request. - type: string - format: google-datetime - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results. - type: string - totalSize: - description: The total number of findings matching the query. - type: integer - format: int32 - ListFindingsResult: - id: ListFindingsResult - description: Result containing the Finding and its StateChange. - type: object - properties: - finding: - description: Finding matching the search request. - $ref: '#/components/schemas/Finding' - stateChange: - description: State change of the finding between the points in time. - type: string - enumDescriptions: - - >- - State change is unused, this is the canonical default for this - enum. - - >- - The finding has changed state in some way between the points in - time and existed at both points. - - >- - The finding has not changed state between the points in time and - existed at both points. - - The finding was created between the points in time. - - >- - The finding at timestamp does not match the filter specified, but - it did at timestamp - compare_duration. - enum: - - UNUSED - - CHANGED - - UNCHANGED - - ADDED - - REMOVED - resource: - description: Output only. Resource that is associated with this finding. - readOnly: true - $ref: '#/components/schemas/Resource' - Resource: - id: Resource - description: >- - Information related to the Google Cloud resource that is associated with - this finding. - type: object - properties: - name: - description: >- - The full resource name of the resource. See: - https://cloud.google.com/apis/design/resource_names#full_resource_name - type: string - displayName: - description: The human readable name of the resource. - type: string - type: - description: The full resource type of the resource. - type: string - projectName: - description: The full resource name of project that the resource belongs to. - type: string - projectDisplayName: - description: The project ID that the resource belongs to. - type: string - parentName: - description: The full resource name of resource's parent. - type: string - parentDisplayName: - description: The human readable name of resource's parent. - type: string - folders: - description: >- - Contains a Folder message for each folder in the assets ancestry. - The first folder is the deepest nested folder, and the last folder - is the folder directly under the Organization. - type: array - items: - $ref: '#/components/schemas/Folder' - cloudProvider: - description: Indicates which cloud provider the finding is from. - type: string - enumDescriptions: - - The cloud provider is unspecified. - - The cloud provider is Google Cloud. - - The cloud provider is Amazon Web Services. - - The cloud provider is Microsoft Azure. - enum: - - CLOUD_PROVIDER_UNSPECIFIED - - GOOGLE_CLOUD_PLATFORM - - AMAZON_WEB_SERVICES - - MICROSOFT_AZURE - organization: - description: Indicates which organization / tenant the finding is for. - type: string - service: - description: The service or resource provider associated with the resource. - type: string - location: - description: The region or location of the service (if applicable). - type: string - awsMetadata: - description: The AWS metadata associated with the finding. - $ref: '#/components/schemas/AwsMetadata' - azureMetadata: - description: The Azure metadata associated with the finding. - $ref: '#/components/schemas/AzureMetadata' - resourcePath: - description: Provides the path to the resource within the resource hierarchy. - $ref: '#/components/schemas/ResourcePath' - resourcePathString: - description: >- - A string representation of the resource path. For Google Cloud, it - has the format of - `org/{organization_id}/folder/{folder_id}/folder/{folder_id}/project/{project_id}` - where there can be any number of folders. For AWS, it has the format - of - `org/{organization_id}/ou/{organizational_unit_id}/ou/{organizational_unit_id}/account/{account_id}` - where there can be any number of organizational units. For Azure, it - has the format of - `mg/{management_group_id}/mg/{management_group_id}/subscription/{subscription_id}/rg/{resource_group_name}` - where there can be any number of management groups. - type: string - AwsMetadata: - id: AwsMetadata - description: >- - AWS metadata associated with the resource, only applicable if the - finding's cloud provider is Amazon Web Services. - type: object - properties: - organization: - description: The AWS organization associated with the resource. - $ref: '#/components/schemas/AwsOrganization' - organizationalUnits: - description: >- - A list of AWS organizational units associated with the resource, - ordered from lowest level (closest to the account) to highest level. - type: array - items: - $ref: '#/components/schemas/AwsOrganizationalUnit' - account: - description: The AWS account associated with the resource. - $ref: '#/components/schemas/AwsAccount' - AwsOrganization: - id: AwsOrganization - description: >- - An organization is a collection of accounts that are centrally managed - together using consolidated billing, organized hierarchically with - organizational units (OUs), and controlled with policies. - type: object - properties: - id: - description: >- - The unique identifier (ID) for the organization. The regex pattern - for an organization ID string requires "o-" followed by from 10 to - 32 lowercase letters or digits. - type: string - AwsOrganizationalUnit: - id: AwsOrganizationalUnit - description: >- - An Organizational Unit (OU) is a container of AWS accounts within a root - of an organization. Policies that are attached to an OU apply to all - accounts contained in that OU and in any child OUs. - type: object - properties: - id: - description: >- - The unique identifier (ID) associated with this OU. The regex - pattern for an organizational unit ID string requires "ou-" followed - by from 4 to 32 lowercase letters or digits (the ID of the root that - contains the OU). This string is followed by a second "-" dash and - from 8 to 32 additional lowercase letters or digits. For example, - "ou-ab12-cd34ef56". - type: string - name: - description: The friendly name of the OU. - type: string - AwsAccount: - id: AwsAccount - description: An AWS account that is a member of an organization. - type: object - properties: - id: - description: >- - The unique identifier (ID) of the account, containing exactly 12 - digits. - type: string - name: - description: The friendly name of this account. - type: string - AzureMetadata: - id: AzureMetadata - description: >- - Azure metadata associated with the resource, only applicable if the - finding's cloud provider is Microsoft Azure. - type: object - properties: - managementGroups: - description: >- - A list of Azure management groups associated with the resource, - ordered from lowest level (closest to the subscription) to highest - level. - type: array - items: - $ref: '#/components/schemas/AzureManagementGroup' - subscription: - description: The Azure subscription associated with the resource. - $ref: '#/components/schemas/AzureSubscription' - resourceGroup: - description: The Azure resource group associated with the resource. - $ref: '#/components/schemas/AzureResourceGroup' - tenant: - description: The Azure Entra tenant associated with the resource. - $ref: '#/components/schemas/AzureTenant' - AzureManagementGroup: - id: AzureManagementGroup - description: Represents an Azure management group. - type: object - properties: - id: - description: >- - The UUID of the Azure management group, for example, - `20000000-0001-0000-0000-000000000000`. - type: string - displayName: - description: The display name of the Azure management group. - type: string - AzureSubscription: - id: AzureSubscription - description: Represents an Azure subscription. - type: object - properties: - id: - description: >- - The UUID of the Azure subscription, for example, - `291bba3f-e0a5-47bc-a099-3bdcb2a50a05`. - type: string - displayName: - description: The display name of the Azure subscription. - type: string - AzureResourceGroup: - id: AzureResourceGroup - description: Represents an Azure resource group. - type: object - properties: - id: - description: The ID of the Azure resource group. - type: string - name: - description: The name of the Azure resource group. This is not a UUID. - type: string - AzureTenant: - id: AzureTenant - description: Represents a Microsoft Entra tenant. - type: object - properties: - id: - description: >- - The ID of the Microsoft Entra tenant, for example, - "a11aaa11-aa11-1aa1-11aa-1aaa11a". - type: string - displayName: - description: The display name of the Azure tenant. - type: string - ResourcePath: - id: ResourcePath - description: >- - Represents the path of resources leading up to the resource this finding - is about. - type: object - properties: - nodes: - description: >- - The list of nodes that make the up resource path, ordered from - lowest level to highest level. - type: array - items: - $ref: '#/components/schemas/ResourcePathNode' - ResourcePathNode: - id: ResourcePathNode - description: >- - A node within the resource path. Each node represents a resource within - the resource hierarchy. - type: object - properties: - nodeType: - description: The type of resource this node represents. - type: string - enumDescriptions: - - Node type is unspecified. - - The node represents a Google Cloud organization. - - The node represents a Google Cloud folder. - - The node represents a Google Cloud project. - - The node represents an AWS organization. - - The node represents an AWS organizational unit. - - The node represents an AWS account. - - The node represents an Azure management group. - - The node represents an Azure subscription. - - The node represents an Azure resource group. - enum: - - RESOURCE_PATH_NODE_TYPE_UNSPECIFIED - - GCP_ORGANIZATION - - GCP_FOLDER - - GCP_PROJECT - - AWS_ORGANIZATION - - AWS_ORGANIZATIONAL_UNIT - - AWS_ACCOUNT - - AZURE_MANAGEMENT_GROUP - - AZURE_SUBSCRIPTION - - AZURE_RESOURCE_GROUP - id: - description: The ID of the resource this node represents. - type: string - displayName: - description: The display name of the resource this node represents. - type: string - ListMuteConfigsResponse: - id: ListMuteConfigsResponse - description: Response message for listing mute configs. - type: object - properties: - muteConfigs: - description: The mute configs from the specified parent. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - ListNotificationConfigsResponse: - id: ListNotificationConfigsResponse - description: Response message for listing notification configs. - type: object - properties: - notificationConfigs: - description: Notification configs belonging to the requested parent. - type: array - items: - $ref: '#/components/schemas/NotificationConfig' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results. - type: string - ListEffectiveSecurityHealthAnalyticsCustomModulesResponse: - id: ListEffectiveSecurityHealthAnalyticsCustomModulesResponse - description: >- - Response message for listing effective Security Health Analytics custom - modules. - type: object - properties: - effectiveSecurityHealthAnalyticsCustomModules: - description: Effective custom modules belonging to the requested parent. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule - nextPageToken: - description: >- - If not empty, indicates that there may be more effective custom - modules to be returned. - type: string - ListSecurityHealthAnalyticsCustomModulesResponse: - id: ListSecurityHealthAnalyticsCustomModulesResponse - description: Response message for listing Security Health Analytics custom modules. - type: object - properties: - securityHealthAnalyticsCustomModules: - description: Custom modules belonging to the requested parent. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule - nextPageToken: - description: >- - If not empty, indicates that there may be more custom modules to be - returned. - type: string - ListSourcesResponse: - id: ListSourcesResponse - description: Response message for listing sources. - type: object - properties: - sources: - description: Sources belonging to the requested parent. - type: array - items: - $ref: '#/components/schemas/Source' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results. - type: string - RunAssetDiscoveryRequest: - id: RunAssetDiscoveryRequest - description: Request message for running asset discovery for an organization. - type: object - properties: {} - SetFindingStateRequest: - id: SetFindingStateRequest - description: Request message for updating a finding's state. - type: object - properties: - state: - description: Required. The desired State of the finding. - type: string - enumDescriptions: - - Unspecified state. - - The finding requires attention and has not been addressed yet. - - >- - The finding has been fixed, triaged as a non-issue or otherwise - addressed and is no longer active. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - INACTIVE - startTime: - description: >- - Optional. The time at which the updated state takes effect. If - unset, defaults to the request time. - deprecated: true - type: string - format: google-datetime - SetMuteRequest: - id: SetMuteRequest - description: Request message for updating a finding's mute status. - type: object - properties: - mute: - description: Required. The desired state of the Mute. - type: string - enumDescriptions: - - Unspecified. - - Finding has been muted. - - Finding has been unmuted. - - Finding has never been muted/unmuted. - enum: - - MUTE_UNSPECIFIED - - MUTED - - UNMUTED - - UNDEFINED - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: - description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: - description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` - type: string - format: google-fieldmask - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: - description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object - properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - SimulateSecurityHealthAnalyticsCustomModuleRequest: - id: SimulateSecurityHealthAnalyticsCustomModuleRequest - description: >- - Request message to simulate a CustomConfig against a given test - resource. Maximum size of the request is 4 MB by default. - type: object - properties: - customConfig: - description: Required. The custom configuration that you need to test. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1CustomConfig' - resource: - description: Required. Resource data to simulate custom module against. - $ref: '#/components/schemas/SimulatedResource' - SimulatedResource: - id: SimulatedResource - description: >- - Manually constructed resource name. If the custom module evaluates - against only the resource data, you can omit the `iam_policy_data` - field. If it evaluates only the `iam_policy_data` field, you can omit - the resource data. - type: object - properties: - resourceType: - description: >- - Required. The type of the resource, for example, - `compute.googleapis.com/Disk`. - type: string - resourceData: - description: >- - Optional. A representation of the Google Cloud resource. Should - match the Google Cloud resource JSON format. - type: object - additionalProperties: - type: any - description: Properties of the object. - iamPolicyData: - description: Optional. A representation of the IAM policy. - $ref: '#/components/schemas/Policy' - SimulateSecurityHealthAnalyticsCustomModuleResponse: - id: SimulateSecurityHealthAnalyticsCustomModuleResponse - description: >- - Response message for simulating a `SecurityHealthAnalyticsCustomModule` - against a given resource. - type: object - properties: - result: - description: Result for test case in the corresponding request. - $ref: '#/components/schemas/SimulatedResult' - SimulatedResult: - id: SimulatedResult - description: Possible test result. - type: object - properties: - finding: - description: >- - Finding that would be published for the test case, if a violation is - detected. - $ref: '#/components/schemas/Finding' - noViolation: - description: Indicates that the test case does not trigger any violation. - $ref: '#/components/schemas/Empty' - error: - description: Error encountered during the test. - $ref: '#/components/schemas/Status' - ListBigQueryExportsResponse: - id: ListBigQueryExportsResponse - description: Response message for listing BigQuery exports. - type: object - properties: - bigQueryExports: - description: The BigQuery exports from the specified parent. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - EventThreatDetectionCustomModule: - id: EventThreatDetectionCustomModule - description: >- - Represents an instance of an Event Threat Detection custom module, - including its full module name, display name, enablement state, and last - updated time. You can create a custom module at the organization, - folder, or project level. Custom modules that you create at the - organization or folder level are inherited by child folders and - projects. - type: object - properties: - name: - description: >- - Immutable. The resource name of the Event Threat Detection custom - module. Its format is: * - `organizations/{organization}/eventThreatDetectionSettings/customModules/{module}`. - * - `folders/{folder}/eventThreatDetectionSettings/customModules/{module}`. - * - `projects/{project}/eventThreatDetectionSettings/customModules/{module}`. - type: string - config: - description: >- - Config for the module. For the resident module, its config value is - defined at this level. For the inherited module, its config value is - inherited from the ancestor module. - type: object - additionalProperties: - type: any - description: Properties of the object. - ancestorModule: - description: >- - Output only. The closest ancestor module that this module inherits - the enablement state from. The format is the same as the - EventThreatDetectionCustomModule resource name. - readOnly: true - type: string - enablementState: - description: >- - The state of enablement for the module at the given level of the - hierarchy. - type: string - enumDescriptions: - - Unspecified enablement state. - - The module is enabled at the given level. - - The module is disabled at the given level. - - When the enablement state is inherited. - enum: - - ENABLEMENT_STATE_UNSPECIFIED - - ENABLED - - DISABLED - - INHERITED - type: - description: Type for the module. e.g. CONFIGURABLE_BAD_IP. - type: string - displayName: - description: The human readable name to be displayed for the module. - type: string - description: - description: The description for the module. - type: string - updateTime: - description: Output only. The time the module was last updated. - readOnly: true - type: string - format: google-datetime - lastEditor: - description: Output only. The editor the module was last updated by. - readOnly: true - type: string - cloudProvider: - description: The cloud provider of the custom module. - type: string - enumDescriptions: - - Unspecified cloud provider. - - Google Cloud. - - Amazon Web Services (AWS). - - Microsoft Azure. - enum: - - CLOUD_PROVIDER_UNSPECIFIED - - GOOGLE_CLOUD_PLATFORM - - AMAZON_WEB_SERVICES - - MICROSOFT_AZURE - ListDescendantEventThreatDetectionCustomModulesResponse: - id: ListDescendantEventThreatDetectionCustomModulesResponse - description: >- - Response for listing current and descendant resident Event Threat - Detection custom modules. - type: object - properties: - eventThreatDetectionCustomModules: - description: Custom modules belonging to the requested parent. - type: array - items: - $ref: '#/components/schemas/EventThreatDetectionCustomModule' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - ListEventThreatDetectionCustomModulesResponse: - id: ListEventThreatDetectionCustomModulesResponse - description: Response for listing Event Threat Detection custom modules. - type: object - properties: - eventThreatDetectionCustomModules: - description: Custom modules belonging to the requested parent. - type: array - items: - $ref: '#/components/schemas/EventThreatDetectionCustomModule' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - ValidateEventThreatDetectionCustomModuleRequest: - id: ValidateEventThreatDetectionCustomModuleRequest - description: Request to validate an Event Threat Detection custom module. - type: object - properties: - rawText: - description: >- - Required. The raw text of the module's contents. Used to generate - error messages. - type: string - type: - description: Required. The type of the module (e.g. CONFIGURABLE_BAD_IP). - type: string - ValidateEventThreatDetectionCustomModuleResponse: - id: ValidateEventThreatDetectionCustomModuleResponse - description: Response to validating an Event Threat Detection custom module. - type: object - properties: - errors: - description: >- - A list of errors returned by the validator. If the list is empty, - there were no errors. - $ref: '#/components/schemas/CustomModuleValidationErrors' - CustomModuleValidationErrors: - id: CustomModuleValidationErrors - description: >- - A list of zero or more errors encountered while validating the uploaded - configuration of an Event Threat Detection Custom Module. - type: object - properties: - errors: - description: The list of errors. - type: array - items: - $ref: '#/components/schemas/CustomModuleValidationError' - CustomModuleValidationError: - id: CustomModuleValidationError - description: >- - An error encountered while validating the uploaded configuration of an - Event Threat Detection Custom Module. - type: object - properties: - description: - description: >- - A description of the error, suitable for human consumption. - Required. - type: string - fieldPath: - description: >- - The path, in RFC 8901 JSON Pointer format, to the field that failed - validation. This may be left empty if no specific field is affected. - type: string - start: - description: >- - The initial position of the error in the uploaded text version of - the module. This field may be omitted if no specific position - applies, or if one could not be computed. - $ref: '#/components/schemas/Position' - end: - description: >- - The end position of the error in the uploaded text version of the - module. This field may be omitted if no specific position applies, - or if one could not be computed. - $ref: '#/components/schemas/Position' - Position: - id: Position - description: A position in the uploaded text version of a module. - type: object - properties: - lineNumber: - description: The line number. - type: integer - format: int32 - columnNumber: - description: The column number. - type: integer - format: int32 - EffectiveEventThreatDetectionCustomModule: - id: EffectiveEventThreatDetectionCustomModule - description: >- - An EffectiveEventThreatDetectionCustomModule is the representation of an - Event Threat Detection custom module at a specified level of the - resource hierarchy: organization, folder, or project. If a custom module - is inherited from a parent organization or folder, the value of the - `enablement_state` property in EffectiveEventThreatDetectionCustomModule - is set to the value that is effective in the parent, instead of - `INHERITED`. For example, if the module is enabled in a parent - organization or folder, the effective `enablement_state` for the module - in all child folders or projects is also `enabled`. - EffectiveEventThreatDetectionCustomModule is read-only. - type: object - properties: - name: - description: >- - Output only. The resource name of the effective ETD custom module. - Its format is: * - `organizations/{organization}/eventThreatDetectionSettings/effectiveCustomModules/{module}`. - * - `folders/{folder}/eventThreatDetectionSettings/effectiveCustomModules/{module}`. - * - `projects/{project}/eventThreatDetectionSettings/effectiveCustomModules/{module}`. - readOnly: true - type: string - config: - description: Output only. Config for the effective module. - readOnly: true - type: object - additionalProperties: - type: any - description: Properties of the object. - enablementState: - description: >- - Output only. The effective state of enablement for the module at the - given level of the hierarchy. - readOnly: true - type: string - enumDescriptions: - - Unspecified enablement state. - - The module is enabled at the given level. - - The module is disabled at the given level. - enum: - - ENABLEMENT_STATE_UNSPECIFIED - - ENABLED - - DISABLED - type: - description: Output only. Type for the module. e.g. CONFIGURABLE_BAD_IP. - readOnly: true - type: string - displayName: - description: Output only. The human readable name to be displayed for the module. - readOnly: true - type: string - description: - description: Output only. The description for the module. - readOnly: true - type: string - cloudProvider: - description: The cloud provider of the custom module. - type: string - enumDescriptions: - - Unspecified cloud provider. - - Google Cloud. - - Amazon Web Services. - - Microsoft Azure. - enum: - - CLOUD_PROVIDER_UNSPECIFIED - - GOOGLE_CLOUD_PLATFORM - - AMAZON_WEB_SERVICES - - MICROSOFT_AZURE - ListEffectiveEventThreatDetectionCustomModulesResponse: - id: ListEffectiveEventThreatDetectionCustomModulesResponse - description: Response for listing EffectiveEventThreatDetectionCustomModules. - type: object - properties: - effectiveEventThreatDetectionCustomModules: - description: Effective custom modules belonging to the requested parent. - type: array - items: - $ref: '#/components/schemas/EffectiveEventThreatDetectionCustomModule' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - BatchCreateResourceValueConfigsRequest: - id: BatchCreateResourceValueConfigsRequest - description: Request message to create multiple resource value configs - type: object - properties: - requests: - description: Required. The resource value configs to be created. - type: array - items: - $ref: '#/components/schemas/CreateResourceValueConfigRequest' - CreateResourceValueConfigRequest: - id: CreateResourceValueConfigRequest - description: Request message to create single resource value config - type: object - properties: - parent: - description: Required. Resource name of the new ResourceValueConfig's parent. - type: string - resourceValueConfig: - description: Required. The resource value config being created. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ResourceValueConfig' - GoogleCloudSecuritycenterV1ResourceValueConfig: - id: GoogleCloudSecuritycenterV1ResourceValueConfig - description: >- - A resource value configuration (RVC) is a mapping configuration of - user's resources to resource values. Used in Attack path simulations. - type: object - properties: - name: - description: Name for the resource value configuration - type: string - resourceValue: - description: Required. Resource value level this expression represents - type: string - enumDescriptions: - - Unspecific value - - High resource value - - Medium resource value - - Low resource value - - No resource value, e.g. ignore these resources - enum: - - RESOURCE_VALUE_UNSPECIFIED - - HIGH - - MEDIUM - - LOW - - NONE - tagValues: - description: >- - Required. Tag values combined with `AND` to check against. For - Google Cloud resources, they are tag value IDs in the form of - "tagValues/123". Example: `[ "tagValues/123", "tagValues/456", - "tagValues/789" ]` - https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing - type: array - items: - type: string - resourceType: - description: >- - Apply resource_value only to resources that match resource_type. - resource_type will be checked with `AND` of other resources. For - example, "storage.googleapis.com/Bucket" with resource_value "HIGH" - will apply "HIGH" value only to "storage.googleapis.com/Bucket" - resources. - type: string - scope: - description: >- - Project or folder to scope this configuration to. For example, - "project/456" would apply this configuration only to resources in - "project/456" scope will be checked with `AND` of other resources. - type: string - resourceLabelsSelector: - description: >- - List of resource labels to search for, evaluated with `AND`. For - example, `"resource_labels_selector": {"key": "value", "env": - "prod"}` will match resources with labels "key": "value" `AND` - "env": "prod" - https://cloud.google.com/resource-manager/docs/creating-managing-labels - type: object - additionalProperties: - type: string - description: - description: Description of the resource value configuration. - type: string - createTime: - description: >- - Output only. Timestamp this resource value configuration was - created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. Timestamp this resource value configuration was last - updated. - readOnly: true - type: string - format: google-datetime - cloudProvider: - description: Cloud provider this configuration applies to - type: string - enumDescriptions: - - The cloud provider is unspecified. - - The cloud provider is Google Cloud. - - The cloud provider is Amazon Web Services. - - The cloud provider is Microsoft Azure. - enum: - - CLOUD_PROVIDER_UNSPECIFIED - - GOOGLE_CLOUD_PLATFORM - - AMAZON_WEB_SERVICES - - MICROSOFT_AZURE - sensitiveDataProtectionMapping: - description: >- - A mapping of the sensitivity on Sensitive Data Protection finding to - resource values. This mapping can only be used in combination with a - resource_type that is related to BigQuery, e.g. - "bigquery.googleapis.com/Dataset". - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1SensitiveDataProtectionMapping - GoogleCloudSecuritycenterV1SensitiveDataProtectionMapping: - id: GoogleCloudSecuritycenterV1SensitiveDataProtectionMapping - description: >- - Resource value mapping for Sensitive Data Protection findings. If any of - these mappings have a resource value that is not unspecified, the - resource_value field will be ignored when reading this configuration. - type: object - properties: - highSensitivityMapping: - description: >- - Resource value mapping for high-sensitivity Sensitive Data - Protection findings - type: string - enumDescriptions: - - Unspecific value - - High resource value - - Medium resource value - - Low resource value - - No resource value, e.g. ignore these resources - enum: - - RESOURCE_VALUE_UNSPECIFIED - - HIGH - - MEDIUM - - LOW - - NONE - mediumSensitivityMapping: - description: >- - Resource value mapping for medium-sensitivity Sensitive Data - Protection findings - type: string - enumDescriptions: - - Unspecific value - - High resource value - - Medium resource value - - Low resource value - - No resource value, e.g. ignore these resources - enum: - - RESOURCE_VALUE_UNSPECIFIED - - HIGH - - MEDIUM - - LOW - - NONE - BatchCreateResourceValueConfigsResponse: - id: BatchCreateResourceValueConfigsResponse - description: Response message for BatchCreateResourceValueConfigs - type: object - properties: - resourceValueConfigs: - description: The resource value configs created - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1ResourceValueConfig - ListResourceValueConfigsResponse: - id: ListResourceValueConfigsResponse - description: Response message to list resource value configs - type: object - properties: - resourceValueConfigs: - description: The resource value configs from the specified parent. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1ResourceValueConfig - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is empty, there are no subsequent pages. - type: string - ListValuedResourcesResponse: - id: ListValuedResourcesResponse - description: >- - Response message for listing the valued resources for a given - simulation. - type: object - properties: - valuedResources: - description: The valued resources that the attack path simulation identified. - type: array - items: - $ref: '#/components/schemas/ValuedResource' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results. - type: string - totalSize: - description: The estimated total number of results matching the query. - type: integer - format: int32 - ListAttackPathsResponse: - id: ListAttackPathsResponse - description: >- - Response message for listing the attack paths for a given simulation or - valued resource. - type: object - properties: - attackPaths: - description: The attack paths that the attack path simulation identified. - type: array - items: - $ref: '#/components/schemas/AttackPath' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results. - type: string - AttackPath: - id: AttackPath - description: A path that an attacker could take to reach an exposed resource. - type: object - properties: - name: - description: >- - The attack path name, for example, - `organizations/12/simulation/34/valuedResources/56/attackPaths/78` - type: string - pathNodes: - description: A list of nodes that exist in this attack path. - type: array - items: - $ref: '#/components/schemas/AttackPathNode' - edges: - description: A list of the edges between nodes in this attack path. - type: array - items: - $ref: '#/components/schemas/AttackPathEdge' - AttackPathNode: - id: AttackPathNode - description: >- - Represents one point that an attacker passes through in this attack - path. - type: object - properties: - resource: - description: >- - The name of the resource at this point in the attack path. The - format of the name follows the Cloud Asset Inventory [resource name - format](https://cloud.google.com/asset-inventory/docs/resource-name-format) - type: string - resourceType: - description: >- - The [supported resource - type](https://cloud.google.com/asset-inventory/docs/supported-asset-types) - type: string - displayName: - description: Human-readable name of this resource. - type: string - associatedFindings: - description: The findings associated with this node in the attack path. - type: array - items: - $ref: '#/components/schemas/PathNodeAssociatedFinding' - uuid: - description: Unique id of the attack path node. - type: string - attackSteps: - description: A list of attack step nodes that exist in this attack path node. - type: array - items: - $ref: '#/components/schemas/AttackStepNode' - PathNodeAssociatedFinding: - id: PathNodeAssociatedFinding - description: A finding that is associated with this node in the attack path. - type: object - properties: - canonicalFinding: - description: >- - Canonical name of the associated findings. Example: - `organizations/123/sources/456/findings/789` - type: string - findingCategory: - description: The additional taxonomy group within findings from a given source. - type: string - name: - description: Full resource name of the finding. - type: string - AttackStepNode: - id: AttackStepNode - description: Detailed steps the attack can take between path nodes. - type: object - properties: - uuid: - description: Unique ID for one Node - type: string - type: - description: Attack step type. Can be either AND, OR or DEFENSE - type: string - enumDescriptions: - - Type not specified - - Incoming edge joined with AND - - Incoming edge joined with OR - - Incoming edge is defense - - Incoming edge is attacker - enum: - - NODE_TYPE_UNSPECIFIED - - NODE_TYPE_AND - - NODE_TYPE_OR - - NODE_TYPE_DEFENSE - - NODE_TYPE_ATTACKER - displayName: - description: User friendly name of the attack step - type: string - labels: - description: Attack step labels for metadata - type: object - additionalProperties: - type: string - description: - description: Attack step description - type: string - AttackPathEdge: - id: AttackPathEdge - description: >- - Represents a connection between a source node and a destination node in - this attack path. - type: object - properties: - source: - description: The attack node uuid of the source node. - type: string - destination: - description: The attack node uuid of the destination node. - type: string - GoogleCloudSecuritycenterV1beta1RunAssetDiscoveryResponse: - id: GoogleCloudSecuritycenterV1beta1RunAssetDiscoveryResponse - description: Response of asset discovery run - type: object - properties: - state: - description: The state of an asset discovery run. - type: string - enumDescriptions: - - Asset discovery run state was unspecified. - - Asset discovery run completed successfully. - - >- - Asset discovery run was cancelled with tasks still pending, as - another run for the same organization was started with a higher - priority. - - Asset discovery run was killed and terminated. - enum: - - STATE_UNSPECIFIED - - COMPLETED - - SUPERSEDED - - TERMINATED - duration: - description: The duration between asset discovery run start and end - type: string - format: google-duration - GoogleCloudSecuritycenterV1BulkMuteFindingsResponse: - id: GoogleCloudSecuritycenterV1BulkMuteFindingsResponse - description: The response to a BulkMute request. Contains the LRO information. - type: object - properties: {} - GoogleCloudSecuritycenterV1NotificationMessage: - id: GoogleCloudSecuritycenterV1NotificationMessage - description: Cloud SCC's Notification - type: object - properties: - notificationConfigName: - description: Name of the notification config that generated current notification. - type: string - finding: - description: >- - If it's a Finding based notification config, this field will be - populated. - $ref: '#/components/schemas/Finding' - resource: - description: The Cloud resource tied to this notification's Finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1Resource' - GoogleCloudSecuritycenterV1Resource: - id: GoogleCloudSecuritycenterV1Resource - description: Information related to the Google Cloud resource. - type: object - properties: - name: - description: >- - The full resource name of the resource. See: - https://cloud.google.com/apis/design/resource_names#full_resource_name - type: string - displayName: - description: The human readable name of the resource. - type: string - type: - description: The full resource type of the resource. - type: string - project: - description: The full resource name of project that the resource belongs to. - type: string - projectDisplayName: - description: The project ID that the resource belongs to. - type: string - parent: - description: The full resource name of resource's parent. - type: string - parentDisplayName: - description: The human readable name of resource's parent. - type: string - folders: - description: >- - Output only. Contains a Folder message for each folder in the assets - ancestry. The first folder is the deepest nested folder, and the - last folder is the folder directly under the Organization. - readOnly: true - type: array - items: - $ref: '#/components/schemas/Folder' - cloudProvider: - description: Indicates which cloud provider the resource resides in. - type: string - enumDescriptions: - - The cloud provider is unspecified. - - The cloud provider is Google Cloud. - - The cloud provider is Amazon Web Services. - - The cloud provider is Microsoft Azure. - enum: - - CLOUD_PROVIDER_UNSPECIFIED - - GOOGLE_CLOUD_PLATFORM - - AMAZON_WEB_SERVICES - - MICROSOFT_AZURE - organization: - description: >- - Indicates which organization or tenant in the cloud provider the - finding applies to. - type: string - service: - description: >- - The parent service or product from which the resource is provided, - for example, GKE or SNS. - type: string - location: - description: The region or location of the service (if applicable). - type: string - awsMetadata: - description: The AWS metadata associated with the finding. - $ref: '#/components/schemas/AwsMetadata' - azureMetadata: - description: The Azure metadata associated with the finding. - $ref: '#/components/schemas/AzureMetadata' - resourcePath: - description: Provides the path to the resource within the resource hierarchy. - $ref: '#/components/schemas/ResourcePath' - resourcePathString: - description: >- - A string representation of the resource path. For Google Cloud, it - has the format of - `organizations/{organization_id}/folders/{folder_id}/folders/{folder_id}/projects/{project_id}` - where there can be any number of folders. For AWS, it has the format - of - `org/{organization_id}/ou/{organizational_unit_id}/ou/{organizational_unit_id}/account/{account_id}` - where there can be any number of organizational units. For Azure, it - has the format of - `mg/{management_group_id}/mg/{management_group_id}/subscription/{subscription_id}/rg/{resource_group_name}` - where there can be any number of management groups. - type: string - GoogleCloudSecuritycenterV1RunAssetDiscoveryResponse: - id: GoogleCloudSecuritycenterV1RunAssetDiscoveryResponse - description: Response of asset discovery run - type: object - properties: - state: - description: The state of an asset discovery run. - type: string - enumDescriptions: - - Asset discovery run state was unspecified. - - Asset discovery run completed successfully. - - >- - Asset discovery run was cancelled with tasks still pending, as - another run for the same organization was started with a higher - priority. - - Asset discovery run was killed and terminated. - enum: - - STATE_UNSPECIFIED - - COMPLETED - - SUPERSEDED - - TERMINATED - duration: - description: The duration between asset discovery run start and end - type: string - format: google-duration - GoogleCloudSecuritycenterV2BulkMuteFindingsResponse: - id: GoogleCloudSecuritycenterV2BulkMuteFindingsResponse - description: The response to a BulkMute request. Contains the LRO information. - type: object - properties: {} - GoogleCloudSecuritycenterV2ExternalSystem: - id: GoogleCloudSecuritycenterV2ExternalSystem - description: Representation of third party SIEM/SOAR fields within SCC. - type: object - properties: - name: - description: >- - Full resource name of the external system. The following list shows - some examples: + - `organizations/1234/sources/5678/findings/123456/externalSystems/jira` - + - `organizations/1234/sources/5678/locations/us/findings/123456/externalSystems/jira` - + `folders/1234/sources/5678/findings/123456/externalSystems/jira` + - `folders/1234/sources/5678/locations/us/findings/123456/externalSystems/jira` - + `projects/1234/sources/5678/findings/123456/externalSystems/jira` - + - `projects/1234/sources/5678/locations/us/findings/123456/externalSystems/jira` - type: string - assignees: - description: References primary/secondary etc assignees in the external system. - type: array - items: - type: string - externalUid: - description: >- - The identifier that's used to track the finding's corresponding case - in the external system. - type: string - status: - description: >- - The most recent status of the finding's corresponding case, as - reported by the external system. - type: string - externalSystemUpdateTime: - description: >- - The time when the case was last updated, as reported by the external - system. - type: string - format: google-datetime - caseUri: - description: The link to the finding's corresponding case in the external system. - type: string - casePriority: - description: >- - The priority of the finding's corresponding case in the external - system. - type: string - caseSla: - description: The SLA of the finding's corresponding case in the external system. - type: string - format: google-datetime - caseCreateTime: - description: >- - The time when the case was created, as reported by the external - system. - type: string - format: google-datetime - caseCloseTime: - description: >- - The time when the case was closed, as reported by the external - system. - type: string - format: google-datetime - ticketInfo: - description: >- - Information about the ticket, if any, that is being used to track - the resolution of the issue that is identified by this finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2TicketInfo' - GoogleCloudSecuritycenterV2TicketInfo: - id: GoogleCloudSecuritycenterV2TicketInfo - description: >- - Information about the ticket, if any, that is being used to track the - resolution of the issue that is identified by this finding. - type: object - properties: - id: - description: The identifier of the ticket in the ticket system. - type: string - assignee: - description: The assignee of the ticket in the ticket system. - type: string - description: - description: The description of the ticket in the ticket system. - type: string - uri: - description: The link to the ticket in the ticket system. - type: string - status: - description: The latest status of the ticket, as reported by the ticket system. - type: string - updateTime: - description: >- - The time when the ticket was last updated, as reported by the ticket - system. - type: string - format: google-datetime - GoogleCloudSecuritycenterV2MuteConfig: - id: GoogleCloudSecuritycenterV2MuteConfig - description: >- - A mute config is a Cloud SCC resource that contains the configuration to - mute create/update events of findings. - type: object - properties: - name: - description: >- - Identifier. This field will be ignored if provided on config - creation. The following list shows some examples of the format: + - `organizations/{organization}/muteConfigs/{mute_config}` + - `organizations/{organization}locations/{location}//muteConfigs/{mute_config}` - + `folders/{folder}/muteConfigs/{mute_config}` + - `folders/{folder}/locations/{location}/muteConfigs/{mute_config}` + - `projects/{project}/muteConfigs/{mute_config}` + - `projects/{project}/locations/{location}/muteConfigs/{mute_config}` - type: string - description: - description: A description of the mute config. - type: string - filter: - description: >- - Required. An expression that defines the filter to apply across - create/update events of findings. While creating a filter string, be - mindful of the scope in which the mute configuration is being - created. E.g., If a filter contains project = X but is created under - the project = Y scope, it might not match any findings. The - following field and operator combinations are supported: * severity: - `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * - resource.project_name: `=`, `:` * resource.project_display_name: - `=`, `:` * resource.folders.resource_folder: `=`, `:` * - resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, - `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * - indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:` - type: string - createTime: - description: >- - Output only. The time at which the mute config was created. This - field is set by the server and will be ignored if provided on config - creation. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. The most recent time at which the mute config was - updated. This field is set by the server and will be ignored if - provided on config creation or update. - readOnly: true - type: string - format: google-datetime - mostRecentEditor: - description: >- - Output only. Email address of the user who last edited the mute - config. This field is set by the server and will be ignored if - provided on config creation or update. - readOnly: true - type: string - type: - description: >- - Required. The type of the mute config, which determines what type of - mute state the config affects. Immutable after creation. - type: string - enumDescriptions: - - Unused. - - >- - A static mute config, which sets the static mute state of future - matching findings to muted. Once the static mute state has been - set, finding or config modifications will not affect the state. - - >- - A dynamic mute config, which is applied to existing and future - matching findings, setting their dynamic mute state to "muted". If - the config is updated or deleted, or a matching finding is - updated, such that the finding doesn't match the config, the - config will be removed from the finding, and the finding's dynamic - mute state may become "unmuted" (unless other configs still - match). - enum: - - MUTE_CONFIG_TYPE_UNSPECIFIED - - STATIC - - DYNAMIC - expiryTime: - description: >- - Optional. The expiry of the mute config. Only applicable for dynamic - configs. If the expiry is set, when the config expires, it is - removed from all findings. - type: string - format: google-datetime - cryptoKeyName: - description: >- - Output only. The resource name of the Cloud KMS `CryptoKey` used to - encrypt this configuration data, if CMEK was enabled during Security - Command Center activation. - readOnly: true - type: string - GoogleCloudSecuritycenterV2BigQueryExport: - id: GoogleCloudSecuritycenterV2BigQueryExport - description: Configures how to deliver Findings to BigQuery Instance. - type: object - properties: - name: - description: >- - Identifier. The relative resource name of this export. See: - https://cloud.google.com/apis/design/resource_names#relative_resource_name. - The following list shows some examples: + - `organizations/{organization_id}/locations/{location_id}/bigQueryExports/{export_id}` - + - `folders/{folder_id}/locations/{location_id}/bigQueryExports/{export_id}` - + - `projects/{project_id}/locations/{location_id}/bigQueryExports/{export_id}` - This field is provided in responses, and is ignored when provided in - create requests. - type: string - description: - description: The description of the export (max of 1024 characters). - type: string - filter: - description: >- - Expression that defines the filter to apply across create/update - events of findings. The expression is a list of zero or more - restrictions combined via logical operators `AND` and `OR`. - Parentheses are supported, and `OR` has higher precedence than - `AND`. Restrictions have the form ` ` and may have a `-` character - in front of them to indicate negation. The fields map to those - defined in the corresponding resource. The supported operators are: - * `=` for all value types. * `>`, `<`, `>=`, `<=` for integer - values. * `:`, meaning substring matching, for strings. The - supported value types are: * string literals in quotes. * integer - literals without quotes. * boolean literals `true` and `false` - without quotes. - type: string - dataset: - description: >- - The dataset to write findings' updates to. Its format is - "projects/[project_id]/datasets/[bigquery_dataset_id]". BigQuery - dataset unique ID must contain only letters (a-z, A-Z), numbers - (0-9), or underscores (_). - type: string - createTime: - description: >- - Output only. The time at which the BigQuery export was created. This - field is set by the server and will be ignored if provided on export - on creation. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. The most recent time at which the BigQuery export was - updated. This field is set by the server and will be ignored if - provided on export creation or update. - readOnly: true - type: string - format: google-datetime - mostRecentEditor: - description: >- - Output only. Email address of the user who last edited the BigQuery - export. This field is set by the server and will be ignored if - provided on export creation or update. - readOnly: true - type: string - principal: - description: >- - Output only. The service account that needs permission to create - table and upload data to the BigQuery dataset. - readOnly: true - type: string - cryptoKeyName: - description: >- - Output only. The resource name of the Cloud KMS `CryptoKey` used to - protect this configuration's data, if configured during Security - Command Center activation. - readOnly: true - type: string - GoogleCloudSecuritycenterV2NotificationMessage: - id: GoogleCloudSecuritycenterV2NotificationMessage - description: Cloud SCC's Notification - type: object - properties: - notificationConfigName: - description: Name of the notification config that generated current notification. - type: string - finding: - description: >- - If it's a Finding based notification config, this field will be - populated. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Finding' - resource: - description: The Cloud resource tied to this notification's Finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Resource' - GoogleCloudSecuritycenterV2Finding: - id: GoogleCloudSecuritycenterV2Finding - description: >- - Security Command Center finding. A finding is a record of assessment - data like security, risk, health, or privacy, that is ingested into - Security Command Center for presentation, notification, analysis, policy - testing, and enforcement. For example, a cross-site scripting (XSS) - vulnerability in an App Engine application is a finding. - type: object - properties: - name: - description: >- - Identifier. The [relative resource - name](https://cloud.google.com/apis/design/resource_names#relative_resource_name) - of the finding. The following list shows some examples: + - `organizations/{organization_id}/sources/{source_id}/findings/{finding_id}` - + - `organizations/{organization_id}/sources/{source_id}/locations/{location_id}/findings/{finding_id}` - + `folders/{folder_id}/sources/{source_id}/findings/{finding_id}` + - `folders/{folder_id}/sources/{source_id}/locations/{location_id}/findings/{finding_id}` - + `projects/{project_id}/sources/{source_id}/findings/{finding_id}` - + - `projects/{project_id}/sources/{source_id}/locations/{location_id}/findings/{finding_id}` - type: string - canonicalName: - description: >- - Output only. The canonical name of the finding. The following list - shows some examples: + - `organizations/{organization_id}/sources/{source_id}/findings/{finding_id}` - + - `organizations/{organization_id}/sources/{source_id}/locations/{location_id}/findings/{finding_id}` - + `folders/{folder_id}/sources/{source_id}/findings/{finding_id}` + - `folders/{folder_id}/sources/{source_id}/locations/{location_id}/findings/{finding_id}` - + `projects/{project_id}/sources/{source_id}/findings/{finding_id}` - + - `projects/{project_id}/sources/{source_id}/locations/{location_id}/findings/{finding_id}` - The prefix is the closest CRM ancestor of the resource associated - with the finding. - readOnly: true - type: string - parent: - description: >- - The relative resource name of the source and location the finding - belongs to. See: - https://cloud.google.com/apis/design/resource_names#relative_resource_name - This field is immutable after creation time. The following list - shows some examples: + - `organizations/{organization_id}/sources/{source_id}` + - `folders/{folders_id}/sources/{source_id}` + - `projects/{projects_id}/sources/{source_id}` + - `organizations/{organization_id}/sources/{source_id}/locations/{location_id}` - + `folders/{folders_id}/sources/{source_id}/locations/{location_id}` - + - `projects/{projects_id}/sources/{source_id}/locations/{location_id}` - type: string - resourceName: - description: >- - Immutable. For findings on Google Cloud resources, the full resource - name of the Google Cloud resource this finding is for. See: - https://cloud.google.com/apis/design/resource_names#full_resource_name - When the finding is for a non-Google Cloud resource, the - resourceName can be a customer or partner defined string. - type: string - state: - description: Output only. The state of the finding. - readOnly: true - type: string - enumDescriptions: - - Unspecified state. - - The finding requires attention and has not been addressed yet. - - >- - The finding has been fixed, triaged as a non-issue or otherwise - addressed and is no longer active. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - INACTIVE - category: - description: >- - Immutable. The additional taxonomy group within findings from a - given source. Example: "XSS_FLASH_INJECTION" - type: string - externalUri: - description: >- - The URI that, if available, points to a web page outside of Security - Command Center where additional information about the finding can be - found. This field is guaranteed to be either empty or a well formed - URL. - type: string - sourceProperties: - description: >- - Source specific properties. These properties are managed by the - source that writes the finding. The key names in the - source_properties map must be between 1 and 255 characters, and must - start with a letter and contain alphanumeric characters or - underscores only. - type: object - additionalProperties: - type: any - securityMarks: - description: >- - Output only. User specified security marks. These marks are entirely - managed by the user and come from the SecurityMarks resource that - belongs to the finding. - readOnly: true - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2SecurityMarks' - eventTime: - description: >- - The time the finding was first detected. If an existing finding is - updated, then this is the time the update occurred. For example, if - the finding represents an open firewall, this property captures the - time the detector believes the firewall became open. The accuracy is - determined by the detector. If the finding is later resolved, then - this time reflects when the finding was resolved. This must not be - set to a value greater than the current timestamp. - type: string - format: google-datetime - createTime: - description: >- - Output only. The time at which the finding was created in Security - Command Center. - readOnly: true - type: string - format: google-datetime - severity: - description: >- - The severity of the finding. This field is managed by the source - that writes the finding. - type: string - enumDescriptions: - - >- - This value is used for findings when a source doesn't write a - severity value. - - >- - Vulnerability: A critical vulnerability is easily discoverable by - an external actor, exploitable, and results in the direct ability - to execute arbitrary code, exfiltrate data, and otherwise gain - additional access and privileges to cloud resources and workloads. - Examples include publicly accessible unprotected user data and - public SSH access with weak or no passwords. Threat: Indicates a - threat that is able to access, modify, or delete data or execute - unauthorized code within existing resources. - - >- - Vulnerability: A high risk vulnerability can be easily discovered - and exploited in combination with other vulnerabilities in order - to gain direct access and the ability to execute arbitrary code, - exfiltrate data, and otherwise gain additional access and - privileges to cloud resources and workloads. An example is a - database with weak or no passwords that is only accessible - internally. This database could easily be compromised by an actor - that had access to the internal network. Threat: Indicates a - threat that is able to create new computational resources in an - environment but not able to access data or execute code in - existing resources. - - >- - Vulnerability: A medium risk vulnerability could be used by an - actor to gain access to resources or privileges that enable them - to eventually (through multiple steps or a complex exploit) gain - access and the ability to execute arbitrary code or exfiltrate - data. An example is a service account with access to more projects - than it should have. If an actor gains access to the service - account, they could potentially use that access to manipulate a - project the service account was not intended to. Threat: Indicates - a threat that is able to cause operational impact but may not - access data or execute unauthorized code. - - >- - Vulnerability: A low risk vulnerability hampers a security - organization's ability to detect vulnerabilities or active threats - in their deployment, or prevents the root cause investigation of - security issues. An example is monitoring and logs being disabled - for resource configurations and access. Threat: Indicates a threat - that has obtained minimal access to an environment but is not able - to access data, execute code, or create resources. - enum: - - SEVERITY_UNSPECIFIED - - CRITICAL - - HIGH - - MEDIUM - - LOW - mute: - description: >- - Indicates the mute state of a finding (either muted, unmuted or - undefined). Unlike other attributes of a finding, a finding provider - shouldn't set the value of mute. - type: string - enumDescriptions: - - Unspecified. - - Finding has been muted. - - Finding has been unmuted. - - Finding has never been muted/unmuted. - enum: - - MUTE_UNSPECIFIED - - MUTED - - UNMUTED - - UNDEFINED - muteInfo: - description: Output only. The mute information regarding this finding. - readOnly: true - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2MuteInfo' - findingClass: - description: The class of the finding. - type: string - enumDescriptions: - - Unspecified finding class. - - Describes unwanted or malicious activity. - - >- - Describes a potential weakness in software that increases risk to - Confidentiality & Integrity & Availability. - - >- - Describes a potential weakness in cloud resource/asset - configuration that increases risk. - - >- - Describes a security observation that is for informational - purposes. - - Describes an error that prevents some SCC functionality. - - >- - Describes a potential security risk due to a change in the - security posture. - - >- - Describes a combination of security issues that represent a more - severe security problem when taken together. - - >- - Describes a potential security risk to data assets that contain - sensitive data. - - >- - Describes a resource or resource group where high risk attack - paths converge, based on attack path simulations (APS). - enum: - - FINDING_CLASS_UNSPECIFIED - - THREAT - - VULNERABILITY - - MISCONFIGURATION - - OBSERVATION - - SCC_ERROR - - POSTURE_VIOLATION - - TOXIC_COMBINATION - - SENSITIVE_DATA_RISK - - CHOKEPOINT - indicator: - description: >- - Represents what's commonly known as an *indicator of compromise* - (IoC) in computer forensics. This is an artifact observed on a - network or in an operating system that, with high confidence, - indicates a computer intrusion. For more information, see [Indicator - of - compromise](https://en.wikipedia.org/wiki/Indicator_of_compromise). - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Indicator' - vulnerability: - description: >- - Represents vulnerability-specific fields like CVE and CVSS scores. - CVE stands for Common Vulnerabilities and Exposures - (https://cve.mitre.org/about/) - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Vulnerability' - muteUpdateTime: - description: Output only. The most recent time this finding was muted or unmuted. - readOnly: true - type: string - format: google-datetime - externalSystems: - description: >- - Output only. Third party SIEM/SOAR fields within SCC, contains - external system information and external system finding fields. - readOnly: true - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ExternalSystem' - mitreAttack: - description: >- - MITRE ATT&CK tactics and techniques related to this finding. See: - https://attack.mitre.org - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2MitreAttack' - access: - description: >- - Access details associated with the finding, such as more information - on the caller, which method was accessed, and from where. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Access' - connections: - description: >- - Contains information about the IP connection associated with the - finding. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Connection' - muteInitiator: - description: >- - Records additional information about the mute operation, for - example, the [mute - configuration](https://cloud.google.com/security-command-center/docs/how-to-mute-findings) - that muted the finding and the user who muted the finding. - type: string - processes: - description: Represents operating system processes associated with the Finding. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Process' - contacts: - description: >- - Output only. Map containing the points of contact for the given - finding. The key represents the type of contact, while the value - contains a list of all the contacts that pertain. Please refer to: - https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories - { "security": { "contacts": [ { "email": "person1@company.com" }, { - "email": "person2@company.com" } ] } } - readOnly: true - type: object - additionalProperties: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ContactDetails' - compliances: - description: >- - Contains compliance information for security standards associated to - the finding. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Compliance' - parentDisplayName: - description: >- - Output only. The human readable display name of the finding source - such as "Event Threat Detection" or "Security Health Analytics". - readOnly: true - type: string - description: - description: Contains more details about the finding. - type: string - exfiltration: - description: Represents exfiltrations associated with the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Exfiltration' - iamBindings: - description: Represents IAM bindings associated with the finding. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IamBinding' - nextSteps: - description: Steps to address the finding. - type: string - moduleName: - description: >- - Unique identifier of the module which generated the finding. - Example: - folders/598186756061/securityHealthAnalyticsSettings/customModules/56799441161885 - type: string - containers: - description: >- - Containers associated with the finding. This field provides - information for both Kubernetes and non-Kubernetes containers. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Container' - kubernetes: - description: Kubernetes resources associated with the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Kubernetes' - database: - description: Database associated with the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Database' - attackExposure: - description: The results of an attack path simulation relevant to this finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AttackExposure' - files: - description: File associated with the finding. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2File' - cloudDlpInspection: - description: >- - Cloud Data Loss Prevention (Cloud DLP) inspection results that are - associated with the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2CloudDlpInspection' - cloudDlpDataProfile: - description: Cloud DLP data profile that is associated with the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2CloudDlpDataProfile' - kernelRootkit: - description: Signature of the kernel rootkit. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2KernelRootkit' - orgPolicies: - description: >- - Contains information about the org policies associated with the - finding. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2OrgPolicy' - job: - description: Job associated with the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Job' - application: - description: Represents an application associated with the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Application' - ipRules: - description: IP rules associated with the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IpRules' - backupDisasterRecovery: - description: Fields related to Backup and DR findings. - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV2BackupDisasterRecovery - securityPosture: - description: The security posture associated with the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2SecurityPosture' - logEntries: - description: Log entries that are relevant to the finding. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2LogEntry' - loadBalancers: - description: The load balancers associated with the finding. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2LoadBalancer' - cloudArmor: - description: Fields related to Cloud Armor findings. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2CloudArmor' - notebook: - description: Notebook associated with the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Notebook' - toxicCombination: - description: >- - Contains details about a group of security issues that, when the - issues occur together, represent a greater risk than when the issues - occur independently. A group of such issues is referred to as a - toxic combination. This field cannot be updated. Its value is - ignored in all update requests. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ToxicCombination' - groupMemberships: - description: >- - Contains details about groups of which this finding is a member. A - group is a collection of findings that are related in some way. This - field cannot be updated. Its value is ignored in all update - requests. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2GroupMembership' - disk: - description: Disk associated with the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Disk' - dataAccessEvents: - description: Data access events associated with the finding. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2DataAccessEvent' - dataFlowEvents: - description: Data flow events associated with the finding. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2DataFlowEvent' - networks: - description: Represents the VPC networks that the resource is attached to. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Network' - dataRetentionDeletionEvents: - description: Data retention deletion events associated with the finding. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV2DataRetentionDeletionEvent - affectedResources: - description: AffectedResources associated with the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AffectedResources' - aiModel: - description: The AI model associated with the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AiModel' - chokepoint: - description: >- - Contains details about a chokepoint, which is a resource or resource - group where high-risk attack paths converge, based on [attack path - simulations] - (https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_path_simulations). - This field cannot be updated. Its value is ignored in all update - requests. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Chokepoint' - complianceDetails: - description: Details about the compliance implications of the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ComplianceDetails' - vertexAi: - description: VertexAi associated with the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2VertexAi' - cryptoKeyName: - description: >- - Output only. The name of the Cloud KMS key used to encrypt this - finding, if any. - readOnly: true - type: string - GoogleCloudSecuritycenterV2SecurityMarks: - id: GoogleCloudSecuritycenterV2SecurityMarks - description: >- - User specified security marks that are attached to the parent Security - Command Center resource. Security marks are scoped within a Security - Command Center organization -- they can be modified and viewed by all - users who have proper permissions on the organization. - type: object - properties: - name: - description: >- - The relative resource name of the SecurityMarks. See: - https://cloud.google.com/apis/design/resource_names#relative_resource_name - The following list shows some examples: + - `organizations/{organization_id}/assets/{asset_id}/securityMarks` + - `organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks` - + - `organizations/{organization_id}/sources/{source_id}/locations/{location}/findings/{finding_id}/securityMarks` - type: string - marks: - description: >- - Mutable user specified security marks belonging to the parent - resource. Constraints are as follows: * Keys and values are treated - as case insensitive * Keys must be between 1 - 256 characters - (inclusive) * Keys must be letters, numbers, underscores, or dashes - * Values have leading and trailing whitespace trimmed, remaining - characters must be between 1 - 4096 characters (inclusive) - type: object - additionalProperties: - type: string - canonicalName: - description: >- - The canonical name of the marks. The following list shows some - examples: + - `organizations/{organization_id}/assets/{asset_id}/securityMarks` + - `organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks` - + - `organizations/{organization_id}/sources/{source_id}/locations/{location}/findings/{finding_id}/securityMarks` - + `folders/{folder_id}/assets/{asset_id}/securityMarks` + - `folders/{folder_id}/sources/{source_id}/findings/{finding_id}/securityMarks` - + - `folders/{folder_id}/sources/{source_id}/locations/{location}/findings/{finding_id}/securityMarks` - + `projects/{project_number}/assets/{asset_id}/securityMarks` + - `projects/{project_number}/sources/{source_id}/findings/{finding_id}/securityMarks` - + - `projects/{project_number}/sources/{source_id}/locations/{location}/findings/{finding_id}/securityMarks` - type: string - GoogleCloudSecuritycenterV2MuteInfo: - id: GoogleCloudSecuritycenterV2MuteInfo - description: >- - Mute information about the finding, including whether the finding has a - static mute or any matching dynamic mute rules. - type: object - properties: - staticMute: - description: >- - If set, the static mute applied to this finding. Static mutes - override dynamic mutes. If unset, there is no static mute. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2StaticMute' - dynamicMuteRecords: - description: The list of dynamic mute rules that currently match the finding. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2DynamicMuteRecord' - GoogleCloudSecuritycenterV2StaticMute: - id: GoogleCloudSecuritycenterV2StaticMute - description: >- - Information about the static mute state. A static mute state overrides - any dynamic mute rules that apply to this finding. The static mute state - can be set by a static mute rule or by muting the finding directly. - type: object - properties: - state: - description: >- - The static mute state. If the value is `MUTED` or `UNMUTED`, then - the finding's overall mute state will have the same value. - type: string - enumDescriptions: - - Unspecified. - - Finding has been muted. - - Finding has been unmuted. - - Finding has never been muted/unmuted. - enum: - - MUTE_UNSPECIFIED - - MUTED - - UNMUTED - - UNDEFINED - applyTime: - description: When the static mute was applied. - type: string - format: google-datetime - GoogleCloudSecuritycenterV2DynamicMuteRecord: - id: GoogleCloudSecuritycenterV2DynamicMuteRecord - description: The record of a dynamic mute rule that matches the finding. - type: object - properties: - muteConfig: - description: >- - The relative resource name of the mute rule, represented by a mute - config, that created this record, for example - `organizations/123/muteConfigs/mymuteconfig` or - `organizations/123/locations/global/muteConfigs/mymuteconfig`. - type: string - matchTime: - description: When the dynamic mute rule first matched the finding. - type: string - format: google-datetime - GoogleCloudSecuritycenterV2Indicator: - id: GoogleCloudSecuritycenterV2Indicator - description: >- - Represents what's commonly known as an _indicator of compromise_ (IoC) - in computer forensics. This is an artifact observed on a network or in - an operating system that, with high confidence, indicates a computer - intrusion. For more information, see [Indicator of - compromise](https://en.wikipedia.org/wiki/Indicator_of_compromise). - type: object - properties: - ipAddresses: - description: The list of IP addresses that are associated with the finding. - type: array - items: - type: string - domains: - description: List of domains associated to the Finding. - type: array - items: - type: string - signatures: - description: >- - The list of matched signatures indicating that the given process is - present in the environment. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ProcessSignature' - uris: - description: The list of URIs associated to the Findings. - type: array - items: - type: string - GoogleCloudSecuritycenterV2ProcessSignature: - id: GoogleCloudSecuritycenterV2ProcessSignature - description: Indicates what signature matched this process. - type: object - properties: - memoryHashSignature: - description: Signature indicating that a binary family was matched. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2MemoryHashSignature' - yaraRuleSignature: - description: Signature indicating that a YARA rule was matched. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2YaraRuleSignature' - signatureType: - description: Describes the type of resource associated with the signature. - type: string - enumDescriptions: - - The default signature type. - - Used for signatures concerning processes. - - Used for signatures concerning disks. - enum: - - SIGNATURE_TYPE_UNSPECIFIED - - SIGNATURE_TYPE_PROCESS - - SIGNATURE_TYPE_FILE - GoogleCloudSecuritycenterV2MemoryHashSignature: - id: GoogleCloudSecuritycenterV2MemoryHashSignature - description: A signature corresponding to memory page hashes. - type: object - properties: - binaryFamily: - description: The binary family. - type: string - detections: - description: >- - The list of memory hash detections contributing to the binary family - match. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Detection' - GoogleCloudSecuritycenterV2Detection: - id: GoogleCloudSecuritycenterV2Detection - description: Memory hash detection contributing to the binary family match. - type: object - properties: - binary: - description: >- - The name of the binary associated with the memory hash signature - detection. - type: string - percentPagesMatched: - description: >- - The percentage of memory page hashes in the signature that were - matched. - type: number - format: double - GoogleCloudSecuritycenterV2YaraRuleSignature: - id: GoogleCloudSecuritycenterV2YaraRuleSignature - description: A signature corresponding to a YARA rule. - type: object - properties: - yaraRule: - description: The name of the YARA rule. - type: string - GoogleCloudSecuritycenterV2Vulnerability: - id: GoogleCloudSecuritycenterV2Vulnerability - description: Refers to common vulnerability fields e.g. cve, cvss, cwe etc. - type: object - properties: - cve: - description: >- - CVE stands for Common Vulnerabilities and Exposures - (https://cve.mitre.org/about/) - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Cve' - offendingPackage: - description: The offending package is relevant to the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Package' - fixedPackage: - description: The fixed package is relevant to the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Package' - securityBulletin: - description: The security bulletin is relevant to this finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2SecurityBulletin' - providerRiskScore: - description: >- - Provider provided risk_score based on multiple factors. The higher - the risk score, the more risky the vulnerability is. - type: string - format: int64 - reachable: - description: >- - Represents whether the vulnerability is reachable (detected via - static analysis) - type: boolean - cwes: - description: >- - Represents one or more Common Weakness Enumeration (CWE) information - on this vulnerability. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Cwe' - GoogleCloudSecuritycenterV2Cve: - id: GoogleCloudSecuritycenterV2Cve - description: >- - CVE stands for Common Vulnerabilities and Exposures. Information from - the [CVE record](https://www.cve.org/ResourcesSupport/Glossary) that - describes this vulnerability. - type: object - properties: - id: - description: The unique identifier for the vulnerability. e.g. CVE-2021-34527 - type: string - references: - description: >- - Additional information about the CVE. e.g. - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527 - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Reference' - cvssv3: - description: >- - Describe Common Vulnerability Scoring System specified at - https://www.first.org/cvss/v3.1/specification-document - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Cvssv3' - upstreamFixAvailable: - description: Whether upstream fix is available for the CVE. - type: boolean - impact: - description: The potential impact of the vulnerability if it was to be exploited. - type: string - enumDescriptions: - - Invalid or empty value. - - Exploitation would have little to no security impact. - - >- - Exploitation would enable attackers to perform activities, or - could allow attackers to have a direct impact, but would require - additional steps. - - >- - Exploitation would enable attackers to have a notable direct - impact without needing to overcome any major mitigating factors. - - >- - Exploitation would fundamentally undermine the security of - affected systems, enable actors to perform significant attacks - with minimal effort, with little to no mitigating factors to - overcome. - enum: - - RISK_RATING_UNSPECIFIED - - LOW - - MEDIUM - - HIGH - - CRITICAL - exploitationActivity: - description: The exploitation activity of the vulnerability in the wild. - type: string - enumDescriptions: - - Invalid or empty value. - - Exploitation has been reported or confirmed to widely occur. - - Limited reported or confirmed exploitation activities. - - Exploit is publicly available. - - >- - No known exploitation activity, but has a high potential for - exploitation. - - No known exploitation activity. - enum: - - EXPLOITATION_ACTIVITY_UNSPECIFIED - - WIDE - - CONFIRMED - - AVAILABLE - - ANTICIPATED - - NO_KNOWN - observedInTheWild: - description: Whether or not the vulnerability has been observed in the wild. - type: boolean - zeroDay: - description: >- - Whether or not the vulnerability was zero day when the finding was - published. - type: boolean - exploitReleaseDate: - description: Date the first publicly available exploit or PoC was released. - type: string - format: google-datetime - firstExploitationDate: - description: Date of the earliest known exploitation. - type: string - format: google-datetime - GoogleCloudSecuritycenterV2Reference: - id: GoogleCloudSecuritycenterV2Reference - description: Additional Links - type: object - properties: - source: - description: Source of the reference e.g. NVD - type: string - uri: - description: >- - Uri for the mentioned source e.g. - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527. - type: string - GoogleCloudSecuritycenterV2Cvssv3: - id: GoogleCloudSecuritycenterV2Cvssv3 - description: Common Vulnerability Scoring System version 3. - type: object - properties: - baseScore: - description: The base score is a function of the base metric scores. - type: number - format: double - attackVector: - description: >- - Base Metrics Represents the intrinsic characteristics of a - vulnerability that are constant over time and across user - environments. This metric reflects the context by which - vulnerability exploitation is possible. - type: string - enumDescriptions: - - Invalid value. - - >- - The vulnerable component is bound to the network stack and the set - of possible attackers extends beyond the other options listed - below, up to and including the entire Internet. - - >- - The vulnerable component is bound to the network stack, but the - attack is limited at the protocol level to a logically adjacent - topology. - - >- - The vulnerable component is not bound to the network stack and the - attacker's path is via read/write/execute capabilities. - - >- - The attack requires the attacker to physically touch or manipulate - the vulnerable component. - enum: - - ATTACK_VECTOR_UNSPECIFIED - - ATTACK_VECTOR_NETWORK - - ATTACK_VECTOR_ADJACENT - - ATTACK_VECTOR_LOCAL - - ATTACK_VECTOR_PHYSICAL - attackComplexity: - description: >- - This metric describes the conditions beyond the attacker's control - that must exist in order to exploit the vulnerability. - type: string - enumDescriptions: - - Invalid value. - - >- - Specialized access conditions or extenuating circumstances do not - exist. An attacker can expect repeatable success when attacking - the vulnerable component. - - >- - A successful attack depends on conditions beyond the attacker's - control. That is, a successful attack cannot be accomplished at - will, but requires the attacker to invest in some measurable - amount of effort in preparation or execution against the - vulnerable component before a successful attack can be expected. - enum: - - ATTACK_COMPLEXITY_UNSPECIFIED - - ATTACK_COMPLEXITY_LOW - - ATTACK_COMPLEXITY_HIGH - privilegesRequired: - description: >- - This metric describes the level of privileges an attacker must - possess before successfully exploiting the vulnerability. - type: string - enumDescriptions: - - Invalid value. - - >- - The attacker is unauthorized prior to attack, and therefore does - not require any access to settings or files of the vulnerable - system to carry out an attack. - - >- - The attacker requires privileges that provide basic user - capabilities that could normally affect only settings and files - owned by a user. Alternatively, an attacker with Low privileges - has the ability to access only non-sensitive resources. - - >- - The attacker requires privileges that provide significant (e.g., - administrative) control over the vulnerable component allowing - access to component-wide settings and files. - enum: - - PRIVILEGES_REQUIRED_UNSPECIFIED - - PRIVILEGES_REQUIRED_NONE - - PRIVILEGES_REQUIRED_LOW - - PRIVILEGES_REQUIRED_HIGH - userInteraction: - description: >- - This metric captures the requirement for a human user, other than - the attacker, to participate in the successful compromise of the - vulnerable component. - type: string - enumDescriptions: - - Invalid value. - - >- - The vulnerable system can be exploited without interaction from - any user. - - >- - Successful exploitation of this vulnerability requires a user to - take some action before the vulnerability can be exploited. - enum: - - USER_INTERACTION_UNSPECIFIED - - USER_INTERACTION_NONE - - USER_INTERACTION_REQUIRED - scope: - description: >- - The Scope metric captures whether a vulnerability in one vulnerable - component impacts resources in components beyond its security scope. - type: string - enumDescriptions: - - Invalid value. - - >- - An exploited vulnerability can only affect resources managed by - the same security authority. - - >- - An exploited vulnerability can affect resources beyond the - security scope managed by the security authority of the vulnerable - component. - enum: - - SCOPE_UNSPECIFIED - - SCOPE_UNCHANGED - - SCOPE_CHANGED - confidentialityImpact: - description: >- - This metric measures the impact to the confidentiality of the - information resources managed by a software component due to a - successfully exploited vulnerability. - type: string - enumDescriptions: - - Invalid value. - - High impact. - - Low impact. - - No impact. - enum: - - IMPACT_UNSPECIFIED - - IMPACT_HIGH - - IMPACT_LOW - - IMPACT_NONE - integrityImpact: - description: >- - This metric measures the impact to integrity of a successfully - exploited vulnerability. - type: string - enumDescriptions: - - Invalid value. - - High impact. - - Low impact. - - No impact. - enum: - - IMPACT_UNSPECIFIED - - IMPACT_HIGH - - IMPACT_LOW - - IMPACT_NONE - availabilityImpact: - description: >- - This metric measures the impact to the availability of the impacted - component resulting from a successfully exploited vulnerability. - type: string - enumDescriptions: - - Invalid value. - - High impact. - - Low impact. - - No impact. - enum: - - IMPACT_UNSPECIFIED - - IMPACT_HIGH - - IMPACT_LOW - - IMPACT_NONE - GoogleCloudSecuritycenterV2Package: - id: GoogleCloudSecuritycenterV2Package - description: Package is a generic definition of a package. - type: object - properties: - packageName: - description: The name of the package where the vulnerability was detected. - type: string - cpeUri: - description: The CPE URI where the vulnerability was detected. - type: string - packageType: - description: Type of package, for example, os, maven, or go. - type: string - packageVersion: - description: The version of the package. - type: string - GoogleCloudSecuritycenterV2SecurityBulletin: - id: GoogleCloudSecuritycenterV2SecurityBulletin - description: >- - SecurityBulletin are notifications of vulnerabilities of Google - products. - type: object - properties: - bulletinId: - description: ID of the bulletin corresponding to the vulnerability. - type: string - submissionTime: - description: Submission time of this Security Bulletin. - type: string - format: google-datetime - suggestedUpgradeVersion: - description: >- - This represents a version that the cluster receiving this - notification should be upgraded to, based on its current version. - For example, 1.15.0 - type: string - GoogleCloudSecuritycenterV2Cwe: - id: GoogleCloudSecuritycenterV2Cwe - description: >- - CWE stands for Common Weakness Enumeration. Information about this - weakness, as described by [CWE](https://cwe.mitre.org/). - type: object - properties: - id: - description: The CWE identifier, e.g. CWE-94 - type: string - references: - description: >- - Any reference to the details on the CWE, for example, - https://cwe.mitre.org/data/definitions/94.html - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Reference' - GoogleCloudSecuritycenterV2MitreAttack: - id: GoogleCloudSecuritycenterV2MitreAttack - description: >- - MITRE ATT&CK tactics and techniques related to this finding. See: - https://attack.mitre.org - type: object - properties: - primaryTactic: - description: >- - The MITRE ATT&CK tactic most closely represented by this finding, if - any. - type: string - enumDescriptions: - - Unspecified value. - - TA0043 - - TA0042 - - TA0001 - - TA0002 - - TA0003 - - TA0004 - - TA0005 - - TA0006 - - TA0007 - - TA0008 - - TA0009 - - TA0011 - - TA0010 - - TA0040 - enum: - - TACTIC_UNSPECIFIED - - RECONNAISSANCE - - RESOURCE_DEVELOPMENT - - INITIAL_ACCESS - - EXECUTION - - PERSISTENCE - - PRIVILEGE_ESCALATION - - DEFENSE_EVASION - - CREDENTIAL_ACCESS - - DISCOVERY - - LATERAL_MOVEMENT - - COLLECTION - - COMMAND_AND_CONTROL - - EXFILTRATION - - IMPACT - primaryTechniques: - description: >- - The MITRE ATT&CK technique most closely represented by this finding, - if any. primary_techniques is a repeated field because there are - multiple levels of MITRE ATT&CK techniques. If the technique most - closely represented by this finding is a sub-technique (e.g. - `SCANNING_IP_BLOCKS`), both the sub-technique and its parent - technique(s) will be listed (e.g. `SCANNING_IP_BLOCKS`, - `ACTIVE_SCANNING`). - type: array - items: - type: string - enumDescriptions: - - Unspecified value. - - T1001 - - T1001.002 - - T1003 - - T1003.007 - - T1003.008 - - T1005 - - T1020 - - T1027 - - T1027.003 - - T1027.004 - - T1027.010 - - T1029 - - T1033 - - T1036 - - T1036.005 - - T1037 - - T1037.005 - - T1046 - - T1053 - - T1053.003 - - T1053.007 - - T1055 - - T1056 - - T1056.001 - - T1057 - - T1059 - - T1059.004 - - T1059.006 - - T1068 - - T1069 - - T1069.003 - - T1070 - - T1070.002 - - T1070.003 - - T1070.004 - - T1070.006 - - T1070.008 - - T1071 - - T1071.004 - - T1072 - - T1078 - - T1078.001 - - T1078.003 - - T1078.004 - - T1083 - - T1087.001 - - T1090 - - T1090.002 - - T1090.003 - - T1098 - - T1098.001 - - T1098.003 - - T1098.004 - - T1098.006 - - T1104 - - T1105 - - T1106 - - T1110 - - T1119 - - T1129 - - T1132 - - T1132.001 - - T1134 - - T1134.001 - - T1136 - - T1136.001 - - T1140 - - T1190 - - T1195 - - T1195.001 - - T1203 - - T1204 - - T1222.002 - - T1484 - - T1485 - - T1486 - - T1489 - - T1490 - - T1495 - - T1496 - - T1498 - - T1526 - - T1528 - - T1531 - - T1537 - - T1539 - - T1543 - - T1546 - - T1547 - - T1547.006 - - T1547.009 - - T1548 - - T1548.001 - - T1548.003 - - T1552 - - T1552.001 - - T1552.003 - - T1552.004 - - T1553 - - T1553.004 - - T1554 - - T1555 - - T1556 - - T1556.003 - - T1556.006 - - T1562 - - T1562.001 - - T1562.006 - - T1562.012 - - T1564 - - T1564.001 - - T1564.002 - - T1567 - - T1567.002 - - T1568 - - T1570 - - T1574 - - T1574.006 - - T1578 - - T1578.001 - - T1580 - - T1587 - - T1587.001 - - T1588 - - T1588.001 - - T1588.006 - - T1595 - - T1595.001 - - T1608 - - T1608.001 - - T1609 - - T1610 - - T1611 - - T1613 - - T1620 - - T1649 - - T1657 enum: - TECHNIQUE_UNSPECIFIED - DATA_OBFUSCATION @@ -8132,6 +216,7 @@ components: - COMPROMISE_SOFTWARE_DEPENDENCIES_AND_DEVELOPMENT_TOOLS - EXPLOITATION_FOR_CLIENT_EXECUTION - USER_EXECUTION + - EXPLOITATION_FOR_CREDENTIAL_ACCESS - LINUX_AND_MAC_FILE_AND_DIRECTORY_PERMISSIONS_MODIFICATION - DOMAIN_POLICY_MODIFICATION - DATA_DESTRUCTION @@ -8197,50 +282,6 @@ components: - REFLECTIVE_CODE_LOADING - STEAL_OR_FORGE_AUTHENTICATION_CERTIFICATES - FINANCIAL_THEFT - additionalTactics: - description: Additional MITRE ATT&CK tactics related to this finding, if any. - type: array - items: - type: string - enumDescriptions: - - Unspecified value. - - TA0043 - - TA0042 - - TA0001 - - TA0002 - - TA0003 - - TA0004 - - TA0005 - - TA0006 - - TA0007 - - TA0008 - - TA0009 - - TA0011 - - TA0010 - - TA0040 - enum: - - TACTIC_UNSPECIFIED - - RECONNAISSANCE - - RESOURCE_DEVELOPMENT - - INITIAL_ACCESS - - EXECUTION - - PERSISTENCE - - PRIVILEGE_ESCALATION - - DEFENSE_EVASION - - CREDENTIAL_ACCESS - - DISCOVERY - - LATERAL_MOVEMENT - - COLLECTION - - COMMAND_AND_CONTROL - - EXFILTRATION - - IMPACT - additionalTechniques: - description: >- - Additional MITRE ATT&CK techniques related to this finding, if any, - along with any of their respective parent techniques. - type: array - items: - type: string enumDescriptions: - Unspecified value. - T1001 @@ -8315,6 +356,7 @@ components: - T1195.001 - T1203 - T1204 + - T1212 - T1222.002 - T1484 - T1485 @@ -8380,6 +422,13 @@ components: - T1620 - T1649 - T1657 + type: array + description: >- + Additional MITRE ATT&CK techniques related to this finding, if any, + along with any of their respective parent techniques. + primaryTechniques: + items: + type: string enum: - TECHNIQUE_UNSPECIFIED - DATA_OBFUSCATION @@ -8454,6 +503,7 @@ components: - COMPROMISE_SOFTWARE_DEPENDENCIES_AND_DEVELOPMENT_TOOLS - EXPLOITATION_FOR_CLIENT_EXECUTION - USER_EXECUTION + - EXPLOITATION_FOR_CREDENTIAL_ACCESS - LINUX_AND_MAC_FILE_AND_DIRECTORY_PERMISSIONS_MODIFICATION - DOMAIN_POLICY_MODIFICATION - DATA_DESTRUCTION @@ -8519,452 +569,8495 @@ components: - REFLECTIVE_CODE_LOADING - STEAL_OR_FORGE_AUTHENTICATION_CERTIFICATES - FINANCIAL_THEFT + enumDescriptions: + - Unspecified value. + - T1001 + - T1001.002 + - T1003 + - T1003.007 + - T1003.008 + - T1005 + - T1020 + - T1027 + - T1027.003 + - T1027.004 + - T1027.010 + - T1029 + - T1033 + - T1036 + - T1036.005 + - T1037 + - T1037.005 + - T1046 + - T1053 + - T1053.003 + - T1053.007 + - T1055 + - T1056 + - T1056.001 + - T1057 + - T1059 + - T1059.004 + - T1059.006 + - T1068 + - T1069 + - T1069.003 + - T1070 + - T1070.002 + - T1070.003 + - T1070.004 + - T1070.006 + - T1070.008 + - T1071 + - T1071.004 + - T1072 + - T1078 + - T1078.001 + - T1078.003 + - T1078.004 + - T1083 + - T1087.001 + - T1090 + - T1090.002 + - T1090.003 + - T1098 + - T1098.001 + - T1098.003 + - T1098.004 + - T1098.006 + - T1104 + - T1105 + - T1106 + - T1110 + - T1119 + - T1129 + - T1132 + - T1132.001 + - T1134 + - T1134.001 + - T1136 + - T1136.001 + - T1140 + - T1190 + - T1195 + - T1195.001 + - T1203 + - T1204 + - T1212 + - T1222.002 + - T1484 + - T1485 + - T1486 + - T1489 + - T1490 + - T1495 + - T1496 + - T1498 + - T1526 + - T1528 + - T1531 + - T1537 + - T1539 + - T1543 + - T1546 + - T1547 + - T1547.006 + - T1547.009 + - T1548 + - T1548.001 + - T1548.003 + - T1552 + - T1552.001 + - T1552.003 + - T1552.004 + - T1553 + - T1553.004 + - T1554 + - T1555 + - T1556 + - T1556.003 + - T1556.006 + - T1562 + - T1562.001 + - T1562.006 + - T1562.012 + - T1564 + - T1564.001 + - T1564.002 + - T1567 + - T1567.002 + - T1568 + - T1570 + - T1574 + - T1574.006 + - T1578 + - T1578.001 + - T1580 + - T1587 + - T1587.001 + - T1588 + - T1588.001 + - T1588.006 + - T1595 + - T1595.001 + - T1608 + - T1608.001 + - T1609 + - T1610 + - T1611 + - T1613 + - T1620 + - T1649 + - T1657 + type: array + description: >- + The MITRE ATT&CK technique most closely represented by this finding, + if any. primary_techniques is a repeated field because there are + multiple levels of MITRE ATT&CK techniques. If the technique most + closely represented by this finding is a sub-technique (e.g. + `SCANNING_IP_BLOCKS`), both the sub-technique and its parent + technique(s) will be listed (e.g. `SCANNING_IP_BLOCKS`, + `ACTIVE_SCANNING`). + type: object + GoogleCloudSecuritycenterV2Reference: + description: Additional Links + properties: + source: + type: string + description: Source of the reference e.g. NVD + uri: + description: >- + Uri for the mentioned source e.g. + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527. + type: string + type: object + id: GoogleCloudSecuritycenterV2Reference + GoogleCloudSecuritycenterV2AzureResourceGroup: + id: GoogleCloudSecuritycenterV2AzureResourceGroup + properties: + id: + type: string + description: The ID of the Azure resource group. + name: + type: string + description: The name of the Azure resource group. This is not a UUID. + description: Represents an Azure resource group. + type: object + SetFindingStateRequest: + type: object + properties: + startTime: + description: >- + Optional. The time at which the updated state takes effect. If + unset, defaults to the request time. + type: string + deprecated: true + format: google-datetime + state: + type: string + enum: + - STATE_UNSPECIFIED + - ACTIVE + - INACTIVE + description: Required. The desired State of the finding. + enumDescriptions: + - Unspecified state. + - The finding requires attention and has not been addressed yet. + - >- + The finding has been fixed, triaged as a non-issue or otherwise + addressed and is no longer active. + id: SetFindingStateRequest + description: Request message for updating a finding's state. + GoogleCloudSecuritycenterV1p1beta1Resource: + type: object + properties: + project: + description: The full resource name of project that the resource belongs to. + type: string + parentDisplayName: + description: The human readable name of resource's parent. + type: string + parent: + type: string + description: The full resource name of resource's parent. + folders: + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1p1beta1Folder' + readOnly: true + type: array + description: >- + Output only. Contains a Folder message for each folder in the assets + ancestry. The first folder is the deepest nested folder, and the + last folder is the folder directly under the Organization. + name: + description: >- + The full resource name of the resource. See: + https://cloud.google.com/apis/design/resource_names#full_resource_name + type: string + projectDisplayName: + description: The project id that the resource belongs to. + type: string + id: GoogleCloudSecuritycenterV1p1beta1Resource + description: Information related to the Google Cloud resource. + GoogleCloudSecuritycenterV2Allowed: + description: Allowed IP rule. + id: GoogleCloudSecuritycenterV2Allowed + type: object + properties: + ipRules: + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IpRule' + description: Optional. Optional list of allowed IP rules. + type: array + Cwe: + description: >- + CWE stands for Common Weakness Enumeration. Information about this + weakness, as described by [CWE](https://cwe.mitre.org/). + id: Cwe + type: object + properties: + id: + description: The CWE identifier, e.g. CWE-94 + type: string + references: + items: + $ref: '#/components/schemas/Reference' + description: >- + Any reference to the details on the CWE, for example, + https://cwe.mitre.org/data/definitions/94.html + type: array + GoogleCloudSecuritycenterV2IssueFindingSecurityBulletin: + properties: + name: + type: string + description: The security bulletin name. + description: The security bulletin of the finding. + id: GoogleCloudSecuritycenterV2IssueFindingSecurityBulletin + type: object + GoogleCloudSecuritycenterV2ResourceApplication: + properties: + name: + description: >- + The resource name of an Application. Format: + `projects/{host-project-id}/locations/{location}/applications/{application-id}` + type: string + attributes: + description: Consumer provided attributes for the application + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2ResourceApplicationAttributes + type: object + id: GoogleCloudSecuritycenterV2ResourceApplication + description: The App Hub Application associated with the finding's resource. + AttackExposure: + description: >- + An attack exposure contains the results of an attack path simulation + run. + properties: + score: + description: >- + A number between 0 (inclusive) and infinity that represents how + important this finding is to remediate. The higher the score, the + more important it is to remediate. + format: double + type: number + state: + description: >- + What state this AttackExposure is in. This captures whether or not + an attack exposure has been calculated or not. + enum: + - STATE_UNSPECIFIED + - CALCULATED + - NOT_CALCULATED + enumDescriptions: + - The state is not specified. + - The attack exposure has been calculated. + - The attack exposure has not been calculated. + type: string + attackExposureResult: + type: string + description: >- + The resource name of the attack path simulation result that contains + the details regarding this attack exposure score. Example: + `organizations/123/simulations/456/attackExposureResults/789` + exposedLowValueResourcesCount: + format: int32 + description: >- + The number of high value resources that are exposed as a result of + this finding. + type: integer + latestCalculationTime: + format: google-datetime + description: >- + The most recent time the attack exposure was updated on this + finding. + type: string + exposedHighValueResourcesCount: + type: integer + description: >- + The number of high value resources that are exposed as a result of + this finding. + format: int32 + exposedMediumValueResourcesCount: + format: int32 + description: >- + The number of medium value resources that are exposed as a result of + this finding. + type: integer + id: AttackExposure + type: object + GoogleCloudSecuritycenterV2Cvssv3: + description: Common Vulnerability Scoring System version 3. + id: GoogleCloudSecuritycenterV2Cvssv3 + properties: + scope: + description: >- + The Scope metric captures whether a vulnerability in one vulnerable + component impacts resources in components beyond its security scope. + enumDescriptions: + - Invalid value. + - >- + An exploited vulnerability can only affect resources managed by + the same security authority. + - >- + An exploited vulnerability can affect resources beyond the + security scope managed by the security authority of the vulnerable + component. + type: string + enum: + - SCOPE_UNSPECIFIED + - SCOPE_UNCHANGED + - SCOPE_CHANGED + confidentialityImpact: + enum: + - IMPACT_UNSPECIFIED + - IMPACT_HIGH + - IMPACT_LOW + - IMPACT_NONE + description: >- + This metric measures the impact to the confidentiality of the + information resources managed by a software component due to a + successfully exploited vulnerability. + type: string + enumDescriptions: + - Invalid value. + - High impact. + - Low impact. + - No impact. + privilegesRequired: + type: string + description: >- + This metric describes the level of privileges an attacker must + possess before successfully exploiting the vulnerability. + enum: + - PRIVILEGES_REQUIRED_UNSPECIFIED + - PRIVILEGES_REQUIRED_NONE + - PRIVILEGES_REQUIRED_LOW + - PRIVILEGES_REQUIRED_HIGH + enumDescriptions: + - Invalid value. + - >- + The attacker is unauthorized prior to attack, and therefore does + not require any access to settings or files of the vulnerable + system to carry out an attack. + - >- + The attacker requires privileges that provide basic user + capabilities that could normally affect only settings and files + owned by a user. Alternatively, an attacker with Low privileges + has the ability to access only non-sensitive resources. + - >- + The attacker requires privileges that provide significant (e.g., + administrative) control over the vulnerable component allowing + access to component-wide settings and files. + attackComplexity: + enum: + - ATTACK_COMPLEXITY_UNSPECIFIED + - ATTACK_COMPLEXITY_LOW + - ATTACK_COMPLEXITY_HIGH + enumDescriptions: + - Invalid value. + - >- + Specialized access conditions or extenuating circumstances do not + exist. An attacker can expect repeatable success when attacking + the vulnerable component. + - >- + A successful attack depends on conditions beyond the attacker's + control. That is, a successful attack cannot be accomplished at + will, but requires the attacker to invest in some measurable + amount of effort in preparation or execution against the + vulnerable component before a successful attack can be expected. + description: >- + This metric describes the conditions beyond the attacker's control + that must exist in order to exploit the vulnerability. + type: string + integrityImpact: + type: string + enum: + - IMPACT_UNSPECIFIED + - IMPACT_HIGH + - IMPACT_LOW + - IMPACT_NONE + enumDescriptions: + - Invalid value. + - High impact. + - Low impact. + - No impact. + description: >- + This metric measures the impact to integrity of a successfully + exploited vulnerability. + userInteraction: + enum: + - USER_INTERACTION_UNSPECIFIED + - USER_INTERACTION_NONE + - USER_INTERACTION_REQUIRED + enumDescriptions: + - Invalid value. + - >- + The vulnerable system can be exploited without interaction from + any user. + - >- + Successful exploitation of this vulnerability requires a user to + take some action before the vulnerability can be exploited. + type: string + description: >- + This metric captures the requirement for a human user, other than + the attacker, to participate in the successful compromise of the + vulnerable component. + attackVector: + type: string + enum: + - ATTACK_VECTOR_UNSPECIFIED + - ATTACK_VECTOR_NETWORK + - ATTACK_VECTOR_ADJACENT + - ATTACK_VECTOR_LOCAL + - ATTACK_VECTOR_PHYSICAL + enumDescriptions: + - Invalid value. + - >- + The vulnerable component is bound to the network stack and the set + of possible attackers extends beyond the other options listed + below, up to and including the entire Internet. + - >- + The vulnerable component is bound to the network stack, but the + attack is limited at the protocol level to a logically adjacent + topology. + - >- + The vulnerable component is not bound to the network stack and the + attacker's path is via read/write/execute capabilities. + - >- + The attack requires the attacker to physically touch or manipulate + the vulnerable component. + description: >- + Base Metrics Represents the intrinsic characteristics of a + vulnerability that are constant over time and across user + environments. This metric reflects the context by which + vulnerability exploitation is possible. + availabilityImpact: + enum: + - IMPACT_UNSPECIFIED + - IMPACT_HIGH + - IMPACT_LOW + - IMPACT_NONE + enumDescriptions: + - Invalid value. + - High impact. + - Low impact. + - No impact. + description: >- + This metric measures the impact to the availability of the impacted + component resulting from a successfully exploited vulnerability. + type: string + baseScore: + format: double + description: The base score is a function of the base metric scores. + type: number + type: object + GoogleCloudSecuritycenterV2Dataset: + type: object + properties: + displayName: + description: The user defined display name of dataset, e.g. plants-dataset + type: string + name: + description: >- + Resource name of the dataset, e.g. + projects/{project}/locations/{location}/datasets/2094040236064505856 + type: string + source: + description: >- + Data source, such as a BigQuery source URI, e.g. + bq://scc-nexus-test.AIPPtest.gsod + type: string + description: Vertex AI dataset associated with the finding. + id: GoogleCloudSecuritycenterV2Dataset + GoogleCloudSecuritycenterV2MemoryHashSignature: + type: object + description: A signature corresponding to memory page hashes. + id: GoogleCloudSecuritycenterV2MemoryHashSignature + properties: + binaryFamily: + description: The binary family. + type: string + detections: + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Detection' + description: >- + The list of memory hash detections contributing to the binary family + match. + type: array + GoogleCloudSecuritycenterV1ResourceSelector: + type: object + properties: + resourceTypes: + type: array + items: + type: string + description: The resource types to run the detector on. + description: Resource for selecting resource type. + id: GoogleCloudSecuritycenterV1ResourceSelector + GoogleCloudSecuritycenterV1RunAssetDiscoveryResponse: + type: object + description: Response of asset discovery run + properties: + duration: + type: string + description: The duration between asset discovery run start and end + format: google-duration + state: + enumDescriptions: + - Asset discovery run state was unspecified. + - Asset discovery run completed successfully. + - >- + Asset discovery run was cancelled with tasks still pending, as + another run for the same organization was started with a higher + priority. + - Asset discovery run was killed and terminated. + enum: + - STATE_UNSPECIFIED + - COMPLETED + - SUPERSEDED + - TERMINATED + type: string + description: The state of an asset discovery run. + id: GoogleCloudSecuritycenterV1RunAssetDiscoveryResponse + GoogleCloudSecuritycenterV2ResourcePathNode: + description: >- + A node within the resource path. Each node represents a resource within + the resource hierarchy. + properties: + nodeType: + type: string + enumDescriptions: + - Node type is unspecified. + - The node represents a Google Cloud organization. + - The node represents a Google Cloud folder. + - The node represents a Google Cloud project. + - The node represents an AWS organization. + - The node represents an AWS organizational unit. + - The node represents an AWS account. + - The node represents an Azure management group. + - The node represents an Azure subscription. + - The node represents an Azure resource group. + enum: + - RESOURCE_PATH_NODE_TYPE_UNSPECIFIED + - GCP_ORGANIZATION + - GCP_FOLDER + - GCP_PROJECT + - AWS_ORGANIZATION + - AWS_ORGANIZATIONAL_UNIT + - AWS_ACCOUNT + - AZURE_MANAGEMENT_GROUP + - AZURE_SUBSCRIPTION + - AZURE_RESOURCE_GROUP + description: The type of resource this node represents. + id: + type: string + description: The ID of the resource this node represents. + displayName: + description: The display name of the resource this node represents. + type: string + id: GoogleCloudSecuritycenterV2ResourcePathNode + type: object + ListAssetsResponse: + id: ListAssetsResponse + description: Response message for listing assets. + properties: + totalSize: + format: int32 + description: The total number of assets matching the query. + type: integer + listAssetsResults: + items: + $ref: '#/components/schemas/ListAssetsResult' + description: Assets matching the list request. + type: array + readTime: + description: Time used for executing the list request. + format: google-datetime + type: string + nextPageToken: + description: >- + Token to retrieve the next page of results, or empty if there are no + more results. + type: string + type: object + GoogleCloudSecuritycenterV2PolicyDriftDetails: + type: object + description: >- + The policy field that violates the deployed posture and its expected and + detected values. + properties: + detectedValue: + description: >- + The detected value that violates the deployed posture, for example, + `false` or `allowed_values={"projects/22831892"}`. + type: string + expectedValue: + type: string + description: >- + The value of this field that was configured in a posture, for + example, `true` or `allowed_values={"projects/29831892"}`. + field: + type: string + description: >- + The name of the updated field, for example + constraint.implementation.policy_rules[0].enforce + id: GoogleCloudSecuritycenterV2PolicyDriftDetails + GoogleCloudSecuritycenterV2Pod: + properties: + labels: + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Label' + description: >- + Pod labels. For Kubernetes containers, these are applied to the + container. + type: array + containers: + type: array + description: Pod containers associated with this finding, if any. + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Container' + name: + description: Kubernetes Pod name. + type: string + ns: + type: string + description: Kubernetes Pod namespace. + type: object + id: GoogleCloudSecuritycenterV2Pod + description: A Kubernetes Pod. + Expr: + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + id: Expr + type: object + properties: + location: + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + type: string + description: + type: string + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + expression: + description: >- + Textual representation of an expression in Common Expression + Language syntax. + type: string + title: + type: string + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + GoogleCloudSecuritycenterV2AccessReview: + id: GoogleCloudSecuritycenterV2AccessReview + description: >- + Conveys information about a Kubernetes access review (such as one + returned by a [`kubectl auth + can-i`](https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access) + command) that was involved in a finding. + type: object + properties: + resource: + description: The optional resource type requested. "*" means all. + type: string + group: + type: string + description: The API group of the resource. "*" means all. + verb: + description: >- + A Kubernetes resource API verb, like get, list, watch, create, + update, delete, proxy. "*" means all. + type: string + version: + description: The API version of the resource. "*" means all. + type: string + ns: + description: >- + Namespace of the action being requested. Currently, there is no + distinction between no namespace and all namespaces. Both are + represented by "" (empty). + type: string + name: + description: The name of the resource being requested. Empty means all. + type: string + subresource: + description: The optional subresource type. + type: string + GroupAssetsRequest: + properties: + pageSize: + description: >- + The maximum number of results to return in a single response. + Default is 10, minimum is 1, maximum is 1000. + format: int32 + type: integer + readTime: + type: string + description: >- + Time used as a reference point when filtering assets. The filter is + limited to assets existing at the supplied time and their values are + those at that specific time. Absence of this field will default to + the API's version of NOW. + format: google-datetime + groupBy: + description: >- + Required. Expression that defines what assets fields to use for + grouping. The string value should follow SQL syntax: comma separated + list of fields. For example: + "security_center_properties.resource_project,security_center_properties.project". + The following fields are supported when compare_duration is not set: + * security_center_properties.resource_project * + security_center_properties.resource_project_display_name * + security_center_properties.resource_type * + security_center_properties.resource_parent * + security_center_properties.resource_parent_display_name The + following fields are supported when compare_duration is set: * + security_center_properties.resource_type * + security_center_properties.resource_project_display_name * + security_center_properties.resource_parent_display_name + type: string + pageToken: + description: >- + The value returned by the last `GroupAssetsResponse`; indicates that + this is a continuation of a prior `GroupAssets` call, and that the + system should return the next page of data. + type: string + filter: + description: >- + Expression that defines the filter to apply across assets. The + expression is a list of zero or more restrictions combined via + logical operators `AND` and `OR`. Parentheses are supported, and + `OR` has higher precedence than `AND`. Restrictions have the form ` + ` and may have a `-` character in front of them to indicate + negation. The fields map to those defined in the Asset resource. + Examples include: * name * security_center_properties.resource_name + * resource_properties.a_property * security_marks.marks.marka The + supported operators are: * `=` for all value types. * `>`, `<`, + `>=`, `<=` for integer values. * `:`, meaning substring matching, + for strings. The supported value types are: * string literals in + quotes. * integer literals without quotes. * boolean literals `true` + and `false` without quotes. The following field and operator + combinations are supported: * name: `=` * update_time: `=`, `>`, + `<`, `>=`, `<=` Usage: This should be milliseconds since epoch or an + RFC3339 string. Examples: `update_time = + "2019-06-10T16:07:18-07:00"` `update_time = 1560208038000` * + create_time: `=`, `>`, `<`, `>=`, `<=` Usage: This should be + milliseconds since epoch or an RFC3339 string. Examples: + `create_time = "2019-06-10T16:07:18-07:00"` `create_time = + 1560208038000` * iam_policy.policy_blob: `=`, `:` * + resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=` * + security_marks.marks: `=`, `:` * + security_center_properties.resource_name: `=`, `:` * + security_center_properties.resource_display_name: `=`, `:` * + security_center_properties.resource_type: `=`, `:` * + security_center_properties.resource_parent: `=`, `:` * + security_center_properties.resource_parent_display_name: `=`, `:` * + security_center_properties.resource_project: `=`, `:` * + security_center_properties.resource_project_display_name: `=`, `:` * + security_center_properties.resource_owners: `=`, `:` For example, + `resource_properties.size = 100` is a valid filter string. Use a + partial match on the empty string to filter based on a property + existing: `resource_properties.my_property : ""` Use a negated + partial match on the empty string to filter based on a property not + existing: `-resource_properties.my_property : ""` + type: string + compareDuration: + description: >- + When compare_duration is set, the GroupResult's "state_change" + property is updated to indicate whether the asset was added, + removed, or remained present during the compare_duration period of + time that precedes the read_time. This is the time between + (read_time - compare_duration) and read_time. The state change value + is derived based on the presence of the asset at the two points in + time. Intermediate state changes between the two times don't affect + the result. For example, the results aren't affected if the asset is + removed and re-created again. Possible "state_change" values when + compare_duration is specified: * "ADDED": indicates that the asset + was not present at the start of compare_duration, but present at + reference_time. * "REMOVED": indicates that the asset was present at + the start of compare_duration, but not present at reference_time. * + "ACTIVE": indicates that the asset was present at both the start and + the end of the time period defined by compare_duration and + reference_time. If compare_duration is not specified, then the only + possible state_change is "UNUSED", which will be the state_change + set for all assets present at read_time. If this field is set then + `state_change` must be a specified field in `group_by`. + format: google-duration + type: string + id: GroupAssetsRequest + description: Request message for grouping by assets. + type: object + Job: + description: Describes a job + properties: + state: + description: Output only. State of the job, such as `RUNNING` or `PENDING`. + enum: + - JOB_STATE_UNSPECIFIED + - PENDING + - RUNNING + - SUCCEEDED + - FAILED + readOnly: true + type: string + enumDescriptions: + - Unspecified represents an unknown state and should not be used. + - Job is scheduled and pending for run + - Job in progress + - Job has completed with success + - Job has completed but with failure + name: + description: The fully-qualified name for a job. e.g. `projects//jobs/` + type: string + location: + type: string + description: >- + Optional. Gives the location where the job ran, such as `US` or + `europe-west1` + errorCode: + format: int32 + description: >- + Optional. If the job did not complete successfully, this field + describes why. + type: integer + type: object + id: Job + GoogleCloudSecuritycenterV2YaraRuleSignature: + description: A signature corresponding to a YARA rule. + properties: + yaraRule: + description: The name of the YARA rule. + type: string + type: object + id: GoogleCloudSecuritycenterV2YaraRuleSignature + ListFindingsResponse: + type: object + properties: + nextPageToken: + description: >- + Token to retrieve the next page of results, or empty if there are no + more results. + type: string + totalSize: + type: integer + format: int32 + description: The total number of findings matching the query. + readTime: + format: google-datetime + type: string + description: Time used for executing the list request. + listFindingsResults: + items: + $ref: '#/components/schemas/ListFindingsResult' + description: Findings matching the list request. + type: array + id: ListFindingsResponse + description: Response message for listing findings. + GoogleCloudSecuritycenterV1BulkMuteFindingsResponse: + type: object + properties: {} + description: The response to a BulkMute request. Contains the LRO information. + id: GoogleCloudSecuritycenterV1BulkMuteFindingsResponse + DataAccessEvent: + type: object + properties: + eventTime: + type: string + format: google-datetime + description: Timestamp of data access event. + principalEmail: + description: >- + The email address of the principal that accessed the data. The + principal could be a user account, service account, Google group, or + other. + type: string + operation: + enum: + - OPERATION_UNSPECIFIED + - READ + - MOVE + - COPY + description: The operation performed by the principal to access the data. + enumDescriptions: + - The operation is unspecified. + - Represents a read operation. + - Represents a move operation. + - Represents a copy operation. + type: string + eventId: + description: Unique identifier for data access event. + type: string + id: DataAccessEvent + description: >- + Details about a data access attempt made by a principal not authorized + under applicable data security policy. + GoogleCloudSecuritycenterV2SecurityPosture: + description: >- + Represents a posture that is deployed on Google Cloud by the Security + Command Center Posture Management service. A posture contains one or + more policy sets. A policy set is a group of policies that enforce a set + of security rules on Google Cloud. + id: GoogleCloudSecuritycenterV2SecurityPosture + type: object + properties: + revisionId: + type: string + description: The version of the posture, for example, `c7cfa2a8`. + postureDeploymentResource: + type: string + description: >- + The project, folder, or organization on which the posture is + deployed, for example, `projects/{project_number}`. + postureDeployment: + description: >- + The name of the posture deployment, for example, + `organizations/{org_id}/posturedeployments/{posture_deployment_id}`. + type: string + name: + description: Name of the posture, for example, `CIS-Posture`. + type: string + policy: + description: The ID of the updated policy, for example, `compute-policy-1`. + type: string + policyDriftDetails: + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2PolicyDriftDetails' + type: array + description: >- + The details about a change in an updated policy that violates the + deployed posture. + changedPolicy: + description: >- + The name of the updated policy, for example, + `projects/{project_id}/policies/{constraint_name}`. + type: string + policySet: + description: The name of the updated policy set, for example, `cis-policyset`. + type: string + SimulatedResult: + description: Possible test result. + properties: + noViolation: + $ref: '#/components/schemas/Empty' + description: Indicates that the test case does not trigger any violation. + error: + description: Error encountered during the test. + $ref: '#/components/schemas/Status' + finding: + description: >- + Finding that would be published for the test case, if a violation is + detected. + $ref: '#/components/schemas/Finding' + type: object + id: SimulatedResult + GoogleCloudSecuritycenterV1ResourceApplicationAttributesEnvironment: + description: Environment of the Application, Service, or Workload + id: GoogleCloudSecuritycenterV1ResourceApplicationAttributesEnvironment + type: object + properties: + type: + description: Environment Type. + type: string + enumDescriptions: + - Unspecified type. + - Production environment. + - Staging environment. + - Test environment. + - Development environment. + enum: + - ENVIRONMENT_TYPE_UNSPECIFIED + - PRODUCTION + - STAGING + - TEST + - DEVELOPMENT + Resource: + id: Resource + properties: + folders: + items: + $ref: '#/components/schemas/Folder' + type: array + description: >- + Contains a Folder message for each folder in the assets ancestry. + The first folder is the deepest nested folder, and the last folder + is the folder directly under the Organization. + organization: + type: string + description: Indicates which organization / tenant the finding is for. + name: + type: string + description: >- + The full resource name of the resource. See: + https://cloud.google.com/apis/design/resource_names#full_resource_name + service: + description: The service or resource provider associated with the resource. + type: string + projectName: + description: The full resource name of project that the resource belongs to. + type: string + resourcePathString: + description: >- + A string representation of the resource path. For Google Cloud, it + has the format of + `org/{organization_id}/folder/{folder_id}/folder/{folder_id}/project/{project_id}` + where there can be any number of folders. For AWS, it has the format + of + `org/{organization_id}/ou/{organizational_unit_id}/ou/{organizational_unit_id}/account/{account_id}` + where there can be any number of organizational units. For Azure, it + has the format of + `mg/{management_group_id}/mg/{management_group_id}/subscription/{subscription_id}/rg/{resource_group_name}` + where there can be any number of management groups. + type: string + location: + description: The region or location of the service (if applicable). + type: string + parentDisplayName: + description: The human readable name of resource's parent. + type: string + parentName: + type: string + description: The full resource name of resource's parent. + projectDisplayName: + description: The project ID that the resource belongs to. + type: string + cloudProvider: + type: string + enum: + - CLOUD_PROVIDER_UNSPECIFIED + - GOOGLE_CLOUD_PLATFORM + - AMAZON_WEB_SERVICES + - MICROSOFT_AZURE + enumDescriptions: + - The cloud provider is unspecified. + - The cloud provider is Google Cloud. + - The cloud provider is Amazon Web Services. + - The cloud provider is Microsoft Azure. + description: Indicates which cloud provider the finding is from. + type: + type: string + description: The full resource type of the resource. + displayName: + description: The human readable name of the resource. + type: string + resourcePath: + $ref: '#/components/schemas/ResourcePath' + description: Provides the path to the resource within the resource hierarchy. + azureMetadata: + description: The Azure metadata associated with the finding. + $ref: '#/components/schemas/AzureMetadata' + awsMetadata: + $ref: '#/components/schemas/AwsMetadata' + description: The AWS metadata associated with the finding. + application: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ResourceApplication' + description: The App Hub application this resource belongs to. + description: >- + Information related to the Google Cloud resource that is associated with + this finding. + type: object + GoogleCloudSecuritycenterV2AzureTenant: + id: GoogleCloudSecuritycenterV2AzureTenant + description: Represents a Microsoft Entra tenant. + properties: + displayName: + description: The display name of the Azure tenant. + type: string + id: + type: string + description: >- + The ID of the Microsoft Entra tenant, for example, + "a11aaa11-aa11-1aa1-11aa-1aaa11a". + type: object + GoogleCloudSecuritycenterV2Control: + id: GoogleCloudSecuritycenterV2Control + type: object + properties: + displayName: + type: string + description: Display name of the control. For example, AU-02. + controlName: + description: Name of the Control + type: string + description: Compliance control associated with the finding. + GoogleCloudSecuritycenterV2AiModel: + properties: + library: + description: The name of the model library, for example, “transformers”. + type: string + publisher: + description: The publisher of the model, for example, “google” or “nvidia”. + type: string + domain: + type: string + description: The domain of the model, for example, “image-classification”. + deploymentPlatform: + description: The platform on which the model is deployed. + enumDescriptions: + - Unspecified deployment platform. + - Vertex AI. + - Google Kubernetes Engine. + - Google Compute Engine. + - Fine tuned model. + enum: + - DEPLOYMENT_PLATFORM_UNSPECIFIED + - VERTEX_AI + - GKE + - GCE + - FINE_TUNED_MODEL + type: string + location: + type: string + description: The region in which the model is used, for example, “us-central1”. + name: + type: string + description: The name of the AI model, for example, "gemini:1.0.0". + displayName: + description: >- + The user defined display name of model. Ex. + baseline-classification-model + type: string + usageCategory: + type: string + description: The purpose of the model, for example, "Inteference" or "Training". + type: object + description: Contains information about the AI model associated with the finding. + id: GoogleCloudSecuritycenterV2AiModel + CloudControl: + type: object + id: CloudControl + properties: + type: + description: Type of cloud control. + type: string + enumDescriptions: + - Unspecified. + - Built in Cloud Control. + - Custom Cloud Control. + enum: + - CLOUD_CONTROL_TYPE_UNSPECIFIED + - BUILT_IN + - CUSTOM + cloudControlName: + description: Name of the CloudControl associated with the finding. + type: string + version: + type: integer + description: Version of the Cloud Control + format: int32 + policyType: + type: string + description: Policy type of the CloudControl + description: CloudControl associated with the finding. + CloudDlpInspection: + properties: + inspectJob: + type: string + description: >- + Name of the inspection job, for example, + `projects/123/locations/europe/dlpJobs/i-8383929`. + infoTypeCount: + type: string + description: >- + The number of times Cloud DLP found this infoType within this job + and resource. + format: int64 + infoType: + description: >- + The type of information (or + *[infoType](https://cloud.google.com/dlp/docs/infotypes-reference)*) + found, for example, `EMAIL_ADDRESS` or `STREET_ADDRESS`. + type: string + fullScan: + description: Whether Cloud DLP scanned the complete resource or a sampled subset. + type: boolean + type: object + description: >- + Details about the Cloud Data Loss Prevention (Cloud DLP) [inspection + job](https://cloud.google.com/dlp/docs/concepts-job-triggers) that + produced the finding. + id: CloudDlpInspection + GoogleCloudSecuritycenterV2Kubernetes: + description: Kubernetes-related attributes. + type: object + properties: + objects: + type: array + description: Kubernetes objects related to the finding. + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Object' + bindings: + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Binding' + description: >- + Provides Kubernetes role binding information for findings that + involve [RoleBindings or + ClusterRoleBindings](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control). + type: array + roles: + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Role' + description: >- + Provides Kubernetes role information for findings that involve + [Roles or + ClusterRoles](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control). + pods: + description: >- + Kubernetes + [Pods](https://cloud.google.com/kubernetes-engine/docs/concepts/pod) + associated with the finding. This field contains Pod records for + each container that is owned by a Pod. + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Pod' + type: array + nodePools: + description: >- + GKE [node + pools](https://cloud.google.com/kubernetes-engine/docs/concepts/node-pools) + associated with the finding. This field contains node pool + information for each node, when it is available. + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2NodePool' + type: array + accessReviews: + description: >- + Provides information on any Kubernetes access reviews (privilege + checks) relevant to the finding. + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AccessReview' + type: array + nodes: + type: array + description: >- + Provides Kubernetes + [node](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture#nodes) + information. + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Node' + id: GoogleCloudSecuritycenterV2Kubernetes + DataRetentionDeletionEvent: + id: DataRetentionDeletionEvent + description: >- + Details about data retention deletion violations, in which the data is + non-compliant based on their retention or deletion time, as defined in + the applicable data security policy. The Data Retention Deletion (DRD) + control is a control of the DSPM (Data Security Posture Management) + suite that enables organizations to manage data retention and deletion + policies in compliance with regulations, such as GDPR and CRPA. DRD + supports two primary policy types: maximum storage length (max TTL) and + minimum storage length (min TTL). Both are aimed at helping + organizations meet regulatory and data management commitments. + properties: + eventDetectionTime: + type: string + description: Timestamp indicating when the event was detected. + format: google-datetime + dataObjectCount: + format: int64 + type: string + description: >- + Number of objects that violated the policy for this resource. If the + number is less than 1,000, then the value of this field is the exact + number. If the number of objects that violated the policy is greater + than or equal to 1,000, then the value of this field is 1000. + eventType: + type: string + enumDescriptions: + - Unspecified event type. + - The maximum retention time has been exceeded. + - Max TTL from the asset's creation time. + - Max TTL from the asset's last modification time. + description: Type of the DRD event. + enum: + - EVENT_TYPE_UNSPECIFIED + - EVENT_TYPE_MAX_TTL_EXCEEDED + - EVENT_TYPE_MAX_TTL_FROM_CREATION + - EVENT_TYPE_MAX_TTL_FROM_LAST_MODIFICATION + maxRetentionAllowed: + format: google-duration + type: string + description: >- + Maximum duration of retention allowed from the DRD control. This + comes from the DRD control where users set a max TTL for their data. + For example, suppose that a user sets the max TTL for a Cloud + Storage bucket to 90 days. However, an object in that bucket is 100 + days old. In this case, a DataRetentionDeletionEvent will be + generated for that Cloud Storage bucket, and the + max_retention_allowed is 90 days. + type: object + GoogleCloudSecuritycenterV2Issue: + type: object + properties: + description: + type: string + description: The description of the issue in Markdown format. + updateTime: + type: string + description: Output only. The time the issue was last updated. + format: google-datetime + readOnly: true + relatedFindings: + description: The findings related to the issue. + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IssueFinding' + severity: + enumDescriptions: + - Unspecified severity. + - Critical severity. + - High severity. + - Medium severity. + - Low severity. + enum: + - SEVERITY_UNSPECIFIED + - CRITICAL + - HIGH + - MEDIUM + - LOW + description: The severity of the issue. + type: string + issueType: + enumDescriptions: + - Unspecified issue type. + - Chokepoint issue type. + - Toxic combination issue type. + - Insight issue type. + enum: + - ISSUE_TYPE_UNSPECIFIED + - CHOKEPOINT + - TOXIC_COMBINATION + - INSIGHT + type: string + description: The type of the issue. + lastObservationTime: + format: google-datetime + description: The time the issue was last observed. + type: string + exposureScore: + description: The exposure score of the issue. + format: double + type: number + detection: + description: The finding category or rule name that generated the issue. + type: string + mute: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IssueMute' + description: The mute information of the issue. + securityContexts: + description: The security context of the issue. + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2IssueSecurityContext + type: array + state: + enumDescriptions: + - Unspecified state. + - Active state. + - Inactive state. + type: string + readOnly: true + enum: + - STATE_UNSPECIFIED + - ACTIVE + - INACTIVE + description: Output only. The state of the issue. + secondaryResources: + description: Additional resources associated with the issue. + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IssueResource' + createTime: + readOnly: true + type: string + format: google-datetime + description: Output only. The time the issue was created. + domains: + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IssueDomain' + description: The domains of the issue. + primaryResource: + description: The primary resource associated with the issue. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IssueResource' + remediations: + description: Approaches to remediate the issue in Markdown format. + items: + type: string + type: array + name: + type: string + description: >- + Identifier. The name of the issue. Format: + organizations/{organization}/locations/{location}/issues/{issue} + description: Security Command Center Issue. + id: GoogleCloudSecuritycenterV2Issue + GoogleCloudSecuritycenterV2DataRetentionDeletionEvent: + properties: + maxRetentionAllowed: + format: google-duration + type: string + description: >- + Maximum duration of retention allowed from the DRD control. This + comes from the DRD control where users set a max TTL for their data. + For example, suppose that a user sets the max TTL for a Cloud + Storage bucket to 90 days. However, an object in that bucket is 100 + days old. In this case, a DataRetentionDeletionEvent will be + generated for that Cloud Storage bucket, and the + max_retention_allowed is 90 days. + eventType: + description: Type of the DRD event. + enumDescriptions: + - Unspecified event type. + - The maximum retention time has been exceeded. + - Max TTL from the asset's creation time. + - Max TTL from the asset's last modification time. + type: string + enum: + - EVENT_TYPE_UNSPECIFIED + - EVENT_TYPE_MAX_TTL_EXCEEDED + - EVENT_TYPE_MAX_TTL_FROM_CREATION + - EVENT_TYPE_MAX_TTL_FROM_LAST_MODIFICATION + eventDetectionTime: + format: google-datetime + type: string + description: Timestamp indicating when the event was detected. + dataObjectCount: + description: >- + Number of objects that violated the policy for this resource. If the + number is less than 1,000, then the value of this field is the exact + number. If the number of objects that violated the policy is greater + than or equal to 1,000, then the value of this field is 1000. + type: string + format: int64 + description: >- + Details about data retention deletion violations, in which the data is + non-compliant based on their retention or deletion time, as defined in + the applicable data security policy. The Data Retention Deletion (DRD) + control is a control of the DSPM (Data Security Posture Management) + suite that enables organizations to manage data retention and deletion + policies in compliance with regulations, such as GDPR and CRPA. DRD + supports two primary policy types: maximum storage length (max TTL) and + minimum storage length (min TTL). Both are aimed at helping + organizations meet regulatory and data management commitments. + type: object + id: GoogleCloudSecuritycenterV2DataRetentionDeletionEvent + BatchCreateResourceValueConfigsResponse: + type: object + description: Response message for BatchCreateResourceValueConfigs + id: BatchCreateResourceValueConfigsResponse + properties: + resourceValueConfigs: + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1ResourceValueConfig + description: The resource value configs created + type: array + SecurityPosture: + description: >- + Represents a posture that is deployed on Google Cloud by the Security + Command Center Posture Management service. A posture contains one or + more policy sets. A policy set is a group of policies that enforce a set + of security rules on Google Cloud. + type: object + properties: + postureDeploymentResource: + type: string + description: >- + The project, folder, or organization on which the posture is + deployed, for example, `projects/{project_number}`. + changedPolicy: + type: string + description: >- + The name of the updated policy, for example, + `projects/{project_id}/policies/{constraint_name}`. + revisionId: + description: The version of the posture, for example, `c7cfa2a8`. + type: string + postureDeployment: + type: string + description: >- + The name of the posture deployment, for example, + `organizations/{org_id}/posturedeployments/{posture_deployment_id}`. + policyDriftDetails: + description: >- + The details about a change in an updated policy that violates the + deployed posture. + items: + $ref: '#/components/schemas/PolicyDriftDetails' + type: array + policySet: + description: The name of the updated policyset, for example, `cis-policyset`. + type: string + name: + type: string + description: Name of the posture, for example, `CIS-Posture`. + policy: + type: string + description: The ID of the updated policy, for example, `compute-policy-1`. + id: SecurityPosture + GoogleCloudSecuritycenterV2Subject: + description: Represents a Kubernetes subject. + type: object + properties: + name: + type: string + description: Name for the subject. + ns: + description: Namespace for the subject. + type: string + kind: + type: string + enumDescriptions: + - Authentication is not specified. + - User with valid certificate. + - >- + Users managed by Kubernetes API with credentials stored as + secrets. + - Collection of users. + description: Authentication type for the subject. + enum: + - AUTH_TYPE_UNSPECIFIED + - USER + - SERVICEACCOUNT + - GROUP + id: GoogleCloudSecuritycenterV2Subject + GoogleCloudSecuritycenterV1p1beta1NotificationMessage: + type: object + properties: + notificationConfigName: + type: string + description: Name of the notification config that generated current notification. + resource: + description: The Cloud resource tied to the notification. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1p1beta1Resource' + finding: + description: >- + If it's a Finding based notification config, this field will be + populated. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1p1beta1Finding' + id: GoogleCloudSecuritycenterV1p1beta1NotificationMessage + description: Security Command Center's Notification + ProcessSignature: + type: object + id: ProcessSignature + description: Indicates what signature matched this process. + properties: + memoryHashSignature: + $ref: '#/components/schemas/MemoryHashSignature' + description: Signature indicating that a binary family was matched. + yaraRuleSignature: + $ref: '#/components/schemas/YaraRuleSignature' + description: Signature indicating that a YARA rule was matched. + signatureType: + description: Describes the type of resource associated with the signature. + type: string + enumDescriptions: + - The default signature type. + - Used for signatures concerning processes. + - Used for signatures concerning disks. + enum: + - SIGNATURE_TYPE_UNSPECIFIED + - SIGNATURE_TYPE_PROCESS + - SIGNATURE_TYPE_FILE + GoogleCloudSecuritycenterV2AwsOrganizationalUnit: + id: GoogleCloudSecuritycenterV2AwsOrganizationalUnit + description: >- + An Organizational Unit (OU) is a container of AWS accounts within a root + of an organization. Policies that are attached to an OU apply to all + accounts contained in that OU and in any child OUs. + properties: + id: + description: >- + The unique identifier (ID) associated with this OU. The regex + pattern for an organizational unit ID string requires "ou-" followed + by from 4 to 32 lowercase letters or digits (the ID of the root that + contains the OU). This string is followed by a second "-" dash and + from 8 to 32 additional lowercase letters or digits. For example, + "ou-ab12-cd34ef56". + type: string + name: + description: The friendly name of the OU. + type: string + type: object + GoogleCloudSecuritycenterV1ResourceApplicationAttributes: + description: Consumer provided attributes for the application + properties: + developerOwners: + description: Developer team that owns development and coding. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1ResourceApplicationAttributesContactInfo + criticality: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1ResourceApplicationAttributesCriticality + description: User-defined criticality information. + businessOwners: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1ResourceApplicationAttributesContactInfo + description: Business team that ensures user needs are met and value is delivered + operatorOwners: + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1ResourceApplicationAttributesContactInfo + type: array + description: Operator team that ensures runtime and operations. + environment: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1ResourceApplicationAttributesEnvironment + description: User-defined environment information. + type: object + id: GoogleCloudSecuritycenterV1ResourceApplicationAttributes + SimulateSecurityHealthAnalyticsCustomModuleResponse: + properties: + result: + description: Result for test case in the corresponding request. + $ref: '#/components/schemas/SimulatedResult' + description: >- + Response message for simulating a `SecurityHealthAnalyticsCustomModule` + against a given resource. + id: SimulateSecurityHealthAnalyticsCustomModuleResponse + type: object + GoogleCloudSecuritycenterV2CloudArmor: + properties: + attack: + description: Information about DDoS attack volume and classification. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Attack' + requests: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Requests' + description: >- + Information about incoming requests evaluated by [Google Cloud Armor + security + policies](https://cloud.google.com/armor/docs/security-policy-overview). + securityPolicy: + description: >- + Information about the [Google Cloud Armor security + policy](https://cloud.google.com/armor/docs/security-policy-overview) + relevant to the finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2SecurityPolicy' + threatVector: + description: >- + Distinguish between volumetric & protocol DDoS attack and + application layer attacks. For example, "L3_4" for Layer 3 and Layer + 4 DDoS attacks, or "L_7" for Layer 7 DDoS attacks. + type: string + adaptiveProtection: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AdaptiveProtection' + description: >- + Information about potential Layer 7 DDoS attacks identified by + [Google Cloud Armor Adaptive + Protection](https://cloud.google.com/armor/docs/adaptive-protection-overview). + duration: + type: string + description: >- + Duration of attack from the start until the current moment (updated + every 5 minutes). + format: google-duration + type: object + description: Fields related to Google Cloud Armor findings. + id: GoogleCloudSecuritycenterV2CloudArmor + GoogleCloudSecuritycenterV2SensitivityScore: + properties: + score: + enumDescriptions: + - Unused. + - >- + No sensitive information detected. The resource isn't publicly + accessible. + - Unable to determine sensitivity. + - >- + Medium risk. Contains personally identifiable information (PII), + potentially sensitive data, or fields with free-text data that are + at a higher risk of having intermittent sensitive data. Consider + limiting access. + - >- + High risk. Sensitive personally identifiable information (SPII) + can be present. Exfiltration of data can lead to user data loss. + Re-identification of users might be possible. Consider limiting + usage and or removing SPII. + enum: + - SENSITIVITY_SCORE_LEVEL_UNSPECIFIED + - SENSITIVITY_LOW + - SENSITIVITY_UNKNOWN + - SENSITIVITY_MODERATE + - SENSITIVITY_HIGH + description: The sensitivity score applied to the resource. + type: string + type: object + id: GoogleCloudSecuritycenterV2SensitivityScore + description: >- + Score is calculated from of all elements in the data profile. A higher + level means the data is more sensitive. + GoogleCloudSecuritycenterV2IssueResourceGoogleCloudMetadata: + properties: + projectId: + description: >- + The project ID that the resource associated with the issue belongs + to. + type: string + description: Google Cloud metadata of a resource associated with an issue. + id: GoogleCloudSecuritycenterV2IssueResourceGoogleCloudMetadata + type: object + GoogleCloudSecuritycenterV2MuteConfig: + properties: + description: + type: string + description: A description of the mute config. + updateTime: + readOnly: true + format: google-datetime + type: string + description: >- + Output only. The most recent time at which the mute config was + updated. This field is set by the server and will be ignored if + provided on config creation or update. + expiryTime: + format: google-datetime + type: string + description: >- + Optional. The expiry of the mute config. Only applicable for dynamic + configs. If the expiry is set, when the config expires, it is + removed from all findings. + cryptoKeyName: + readOnly: true + type: string + description: >- + Output only. The resource name of the Cloud KMS `CryptoKey` used to + encrypt this configuration data, if CMEK was enabled during Security + Command Center activation. + createTime: + readOnly: true + description: >- + Output only. The time at which the mute config was created. This + field is set by the server and will be ignored if provided on config + creation. + format: google-datetime + type: string + name: + type: string + description: >- + Identifier. This field will be ignored if provided on config + creation. The following list shows some examples of the format: + + `organizations/{organization}/muteConfigs/{mute_config}` + + `organizations/{organization}locations/{location}//muteConfigs/{mute_config}` + + `folders/{folder}/muteConfigs/{mute_config}` + + `folders/{folder}/locations/{location}/muteConfigs/{mute_config}` + + `projects/{project}/muteConfigs/{mute_config}` + + `projects/{project}/locations/{location}/muteConfigs/{mute_config}` + mostRecentEditor: + readOnly: true + type: string + description: >- + Output only. Email address of the user who last edited the mute + config. This field is set by the server and will be ignored if + provided on config creation or update. + filter: + description: >- + Required. An expression that defines the filter to apply across + create/update events of findings. While creating a filter string, be + mindful of the scope in which the mute configuration is being + created. E.g., If a filter contains project = X but is created under + the project = Y scope, it might not match any findings. The + following field and operator combinations are supported: * severity: + `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * + resource.project_name: `=`, `:` * resource.project_display_name: + `=`, `:` * resource.folders.resource_folder: `=`, `:` * + resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, + `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * + indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:` + type: string + type: + type: string + description: >- + Required. The type of the mute config, which determines what type of + mute state the config affects. Immutable after creation. + enumDescriptions: + - Unused. + - >- + A static mute config, which sets the static mute state of future + matching findings to muted. Once the static mute state has been + set, finding or config modifications will not affect the state. + - >- + A dynamic mute config, which is applied to existing and future + matching findings, setting their dynamic mute state to "muted". If + the config is updated or deleted, or a matching finding is + updated, such that the finding doesn't match the config, the + config will be removed from the finding, and the finding's dynamic + mute state may become "unmuted" (unless other configs still + match). + enum: + - MUTE_CONFIG_TYPE_UNSPECIFIED + - STATIC + - DYNAMIC + id: GoogleCloudSecuritycenterV2MuteConfig + type: object + description: >- + A mute config is a Cloud SCC resource that contains the configuration to + mute create/update events of findings. + GoogleCloudSecuritycenterV2IssueSecurityContextAggregatedCount: + id: GoogleCloudSecuritycenterV2IssueSecurityContextAggregatedCount + properties: + value: + description: Aggregation value. + type: integer + format: int32 + key: + description: Aggregation key. + type: string + description: Aggregated count of a security context. + type: object + ResourcePath: + id: ResourcePath + description: >- + Represents the path of resources leading up to the resource this finding + is about. + type: object + properties: + nodes: + items: + $ref: '#/components/schemas/ResourcePathNode' + type: array + description: >- + The list of nodes that make the up resource path, ordered from + lowest level to highest level. + TestIamPermissionsRequest: + description: Request message for `TestIamPermissions` method. + type: object + id: TestIamPermissionsRequest + properties: + permissions: + type: array + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + items: + type: string + Package: + type: object + properties: + cpeUri: + description: The CPE URI where the vulnerability was detected. + type: string + packageVersion: + description: The version of the package. + type: string + packageType: + description: Type of package, for example, os, maven, or go. + type: string + packageName: + description: The name of the package where the vulnerability was detected. + type: string + description: Package is a generic definition of a package. + id: Package + SimulateSecurityHealthAnalyticsCustomModuleRequest: + properties: + resource: + description: Required. Resource data to simulate custom module against. + $ref: '#/components/schemas/SimulatedResource' + customConfig: + description: Required. The custom configuration that you need to test. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1CustomConfig' + id: SimulateSecurityHealthAnalyticsCustomModuleRequest + description: >- + Request message to simulate a CustomConfig against a given test + resource. Maximum size of the request is 4 MB by default. + type: object + NodePool: + id: NodePool + properties: + nodes: + items: + $ref: '#/components/schemas/Node' + description: Nodes associated with the finding. + type: array + name: + type: string + description: Kubernetes node pool name. + description: Provides GKE node pool information. + type: object + DiskPath: + properties: + relativePath: + type: string + description: >- + Relative path of the file in the partition as a JSON encoded string. + Example: /home/user1/executable_file.sh + partitionUuid: + type: string + description: >- + UUID of the partition (format + https://wiki.archlinux.org/title/persistent_block_device_naming#by-uuid) + id: DiskPath + type: object + description: Path of the file in terms of underlying disk/partition identifiers. + Notebook: + description: >- + Represents a Jupyter notebook IPYNB file, such as a [Colab Enterprise + notebook](https://cloud.google.com/colab/docs/introduction) file, that + is associated with a finding. + properties: + name: + description: The name of the notebook. + type: string + notebookUpdateTime: + format: google-datetime + description: The most recent time the notebook was updated. + type: string + service: + description: The source notebook service, for example, "Colab Enterprise". + type: string + lastAuthor: + type: string + description: The user ID of the latest author to modify the notebook. + type: object + id: Notebook + LogEntry: + id: LogEntry + properties: + cloudLoggingEntry: + description: An individual entry in a log stored in Cloud Logging. + $ref: '#/components/schemas/CloudLoggingEntry' + description: An individual entry in a log. + type: object + GoogleCloudSecuritycenterV1ResourceApplicationAttributesCriticality: + id: GoogleCloudSecuritycenterV1ResourceApplicationAttributesCriticality + type: object + description: Criticality of the Application, Service, or Workload + properties: + type: + enumDescriptions: + - Unspecified type. + - Mission critical service, application or workload. + - High impact. + - Medium impact. + - Low impact. + enum: + - CRITICALITY_TYPE_UNSPECIFIED + - MISSION_CRITICAL + - HIGH + - MEDIUM + - LOW + description: Criticality Type. + type: string + GoogleCloudSecuritycenterV1Resource: + description: Information related to the Google Cloud resource. + type: object + id: GoogleCloudSecuritycenterV1Resource + properties: + parentDisplayName: + description: The human readable name of resource's parent. + type: string + parent: + type: string + description: The full resource name of resource's parent. + application: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ResourceApplication' + description: The App Hub application this resource belongs to. + location: + type: string + description: The region or location of the service (if applicable). + project: + description: The full resource name of project that the resource belongs to. + type: string + resourcePathString: + type: string + description: >- + A string representation of the resource path. For Google Cloud, it + has the format of + `organizations/{organization_id}/folders/{folder_id}/folders/{folder_id}/projects/{project_id}` + where there can be any number of folders. For AWS, it has the format + of + `org/{organization_id}/ou/{organizational_unit_id}/ou/{organizational_unit_id}/account/{account_id}` + where there can be any number of organizational units. For Azure, it + has the format of + `mg/{management_group_id}/mg/{management_group_id}/subscription/{subscription_id}/rg/{resource_group_name}` + where there can be any number of management groups. + azureMetadata: + description: The Azure metadata associated with the finding. + $ref: '#/components/schemas/AzureMetadata' + resourcePath: + description: Provides the path to the resource within the resource hierarchy. + $ref: '#/components/schemas/ResourcePath' + awsMetadata: + description: The AWS metadata associated with the finding. + $ref: '#/components/schemas/AwsMetadata' + cloudProvider: + enumDescriptions: + - The cloud provider is unspecified. + - The cloud provider is Google Cloud. + - The cloud provider is Amazon Web Services. + - The cloud provider is Microsoft Azure. + enum: + - CLOUD_PROVIDER_UNSPECIFIED + - GOOGLE_CLOUD_PLATFORM + - AMAZON_WEB_SERVICES + - MICROSOFT_AZURE + description: Indicates which cloud provider the resource resides in. + type: string + service: + description: >- + The parent service or product from which the resource is provided, + for example, GKE or SNS. + type: string + projectDisplayName: + description: The project ID that the resource belongs to. + type: string + name: + type: string + description: >- + The full resource name of the resource. See: + https://cloud.google.com/apis/design/resource_names#full_resource_name + organization: + description: >- + Indicates which organization or tenant in the cloud provider the + finding applies to. + type: string + displayName: + type: string + description: The human readable name of the resource. + folders: + readOnly: true + items: + $ref: '#/components/schemas/Folder' + type: array + description: >- + Output only. Contains a Folder message for each folder in the assets + ancestry. The first folder is the deepest nested folder, and the + last folder is the folder directly under the Organization. + type: + type: string + description: The full resource type of the resource. + IamBinding: + description: >- + Represents a particular IAM binding, which captures a member's role + addition, removal, or state. + id: IamBinding + properties: + member: + description: >- + A single identity requesting access for a Cloud Platform resource, + for example, "foo@google.com". + type: string + role: + description: >- + Role that is assigned to "members". For example, "roles/viewer", + "roles/editor", or "roles/owner". + type: string + action: + enum: + - ACTION_UNSPECIFIED + - ADD + - REMOVE + description: The action that was performed on a Binding. + type: string + enumDescriptions: + - Unspecified. + - Addition of a Binding. + - Removal of a Binding. + type: object + GoogleCloudSecuritycenterV2Cve: + type: object + id: GoogleCloudSecuritycenterV2Cve + description: >- + CVE stands for Common Vulnerabilities and Exposures. Information from + the [CVE record](https://www.cve.org/ResourcesSupport/Glossary) that + describes this vulnerability. + properties: + zeroDay: + description: >- + Whether or not the vulnerability was zero day when the finding was + published. + type: boolean + firstExploitationDate: + description: Date of the earliest known exploitation. + format: google-datetime + type: string + exploitReleaseDate: + format: google-datetime + description: Date the first publicly available exploit or PoC was released. + type: string + references: + description: >- + Additional information about the CVE. e.g. + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527 + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Reference' + upstreamFixAvailable: + type: boolean + description: Whether upstream fix is available for the CVE. + exploitationActivity: + description: The exploitation activity of the vulnerability in the wild. + enum: + - EXPLOITATION_ACTIVITY_UNSPECIFIED + - WIDE + - CONFIRMED + - AVAILABLE + - ANTICIPATED + - NO_KNOWN + enumDescriptions: + - Invalid or empty value. + - Exploitation has been reported or confirmed to widely occur. + - Limited reported or confirmed exploitation activities. + - Exploit is publicly available. + - >- + No known exploitation activity, but has a high potential for + exploitation. + - No known exploitation activity. + type: string + cvssv3: + description: >- + Describe Common Vulnerability Scoring System specified at + https://www.first.org/cvss/v3.1/specification-document + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Cvssv3' + observedInTheWild: + description: Whether or not the vulnerability has been observed in the wild. + type: boolean + impact: + enumDescriptions: + - Invalid or empty value. + - Exploitation would have little to no security impact. + - >- + Exploitation would enable attackers to perform activities, or + could allow attackers to have a direct impact, but would require + additional steps. + - >- + Exploitation would enable attackers to have a notable direct + impact without needing to overcome any major mitigating factors. + - >- + Exploitation would fundamentally undermine the security of + affected systems, enable actors to perform significant attacks + with minimal effort, with little to no mitigating factors to + overcome. + description: The potential impact of the vulnerability if it was to be exploited. + type: string + enum: + - RISK_RATING_UNSPECIFIED + - LOW + - MEDIUM + - HIGH + - CRITICAL + id: + type: string + description: The unique identifier for the vulnerability. e.g. CVE-2021-34527 + TicketInfo: + id: TicketInfo + properties: + description: + description: The description of the ticket in the ticket system. + type: string + uri: + description: The link to the ticket in the ticket system. + type: string + id: + type: string + description: The identifier of the ticket in the ticket system. + updateTime: + description: >- + The time when the ticket was last updated, as reported by the ticket + system. + type: string + format: google-datetime + assignee: + description: The assignee of the ticket in the ticket system. + type: string + status: + type: string + description: The latest status of the ticket, as reported by the ticket system. + type: object + description: >- + Information about the ticket, if any, that is being used to track the + resolution of the issue that is identified by this finding. + AiModel: + id: AiModel + description: Contains information about the AI model associated with the finding. + type: object + properties: + name: + type: string + description: The name of the AI model, for example, "gemini:1.0.0". + location: + description: The region in which the model is used, for example, “us-central1”. + type: string + domain: + type: string + description: The domain of the model, for example, “image-classification”. + usageCategory: + type: string + description: The purpose of the model, for example, "Inteference" or "Training". + publisher: + description: The publisher of the model, for example, “google” or “nvidia”. + type: string + library: + type: string + description: The name of the model library, for example, “transformers”. + displayName: + description: >- + The user defined display name of model. Ex. + baseline-classification-model + type: string + deploymentPlatform: + type: string + description: The platform on which the model is deployed. + enumDescriptions: + - Unspecified deployment platform. + - Vertex AI. + - Google Kubernetes Engine. + - Google Compute Engine. + - Fine tuned model. + enum: + - DEPLOYMENT_PLATFORM_UNSPECIFIED + - VERTEX_AI + - GKE + - GCE + - FINE_TUNED_MODEL + Chokepoint: + description: >- + Contains details about a chokepoint, which is a resource or resource + group where high-risk attack paths converge, based on [attack path + simulations] + (https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_path_simulations). + type: object + id: Chokepoint + properties: + relatedFindings: + items: + type: string + type: array + description: >- + List of resource names of findings associated with this chokepoint. + For example, organizations/123/sources/456/findings/789. This list + will have at most 100 findings. + Database: + type: object + properties: + version: + description: >- + The version of the database, for example, POSTGRES_14. See [the + complete + list](https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1/SqlDatabaseVersion). + type: string + grantees: + items: + type: string + description: >- + The target usernames, roles, or groups of an SQL privilege grant, + which is not an IAM policy change. + type: array + name: + description: >- + Some database resources may not have the [full resource + name](https://google.aip.dev/122#full-resource-names) populated + because these resource types are not yet supported by Cloud Asset + Inventory (e.g. Cloud SQL databases). In these cases only the + display name will be provided. The [full resource + name](https://google.aip.dev/122#full-resource-names) of the + database that the user connected to, if it is supported by Cloud + Asset Inventory. + type: string + displayName: + type: string + description: The human-readable name of the database that the user connected to. + userName: + description: >- + The username used to connect to the database. The username might not + be an IAM principal and does not have a set format. + type: string + query: + description: The SQL statement that is associated with the database access. + type: string + id: Database + description: >- + Represents database access information, such as queries. A database may + be a sub-resource of an instance (as in the case of Cloud SQL instances + or Cloud Spanner instances), or the database instance itself. Some + database resources might not have the [full resource + name](https://google.aip.dev/122#full-resource-names) populated because + these resource types, such as Cloud SQL databases, are not yet supported + by Cloud Asset Inventory. In these cases only the display name is + provided. + GoogleCloudSecuritycenterV2Finding: + id: GoogleCloudSecuritycenterV2Finding + description: >- + Security Command Center finding. A finding is a record of assessment + data like security, risk, health, or privacy, that is ingested into + Security Command Center for presentation, notification, analysis, policy + testing, and enforcement. For example, a cross-site scripting (XSS) + vulnerability in an App Engine application is a finding. + properties: + cloudDlpDataProfile: + description: Cloud DLP data profile that is associated with the finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2CloudDlpDataProfile' + processes: + description: Represents operating system processes associated with the Finding. + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Process' + type: array + logEntries: + description: Log entries that are relevant to the finding. + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2LogEntry' + backupDisasterRecovery: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2BackupDisasterRecovery + description: Fields related to Backup and DR findings. + ipRules: + description: IP rules associated with the finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IpRules' + cryptoKeyName: + description: >- + Output only. The name of the Cloud KMS key used to encrypt this + finding, if any. + type: string + readOnly: true + createTime: + readOnly: true + description: >- + Output only. The time at which the finding was created in Security + Command Center. + format: google-datetime + type: string + loadBalancers: + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2LoadBalancer' + description: The load balancers associated with the finding. + cloudDlpInspection: + description: >- + Cloud Data Loss Prevention (Cloud DLP) inspection results that are + associated with the finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2CloudDlpInspection' + sourceProperties: + description: >- + Source specific properties. These properties are managed by the + source that writes the finding. The key names in the + source_properties map must be between 1 and 255 characters, and must + start with a letter and contain alphanumeric characters or + underscores only. + type: object + additionalProperties: + type: any + name: + type: string + description: >- + Identifier. The [relative resource + name](https://cloud.google.com/apis/design/resource_names#relative_resource_name) + of the finding. The following list shows some examples: + + `organizations/{organization_id}/sources/{source_id}/findings/{finding_id}` + + + `organizations/{organization_id}/sources/{source_id}/locations/{location_id}/findings/{finding_id}` + + `folders/{folder_id}/sources/{source_id}/findings/{finding_id}` + + `folders/{folder_id}/sources/{source_id}/locations/{location_id}/findings/{finding_id}` + + `projects/{project_id}/sources/{source_id}/findings/{finding_id}` + + + `projects/{project_id}/sources/{source_id}/locations/{location_id}/findings/{finding_id}` + muteInfo: + readOnly: true + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2MuteInfo' + description: Output only. The mute information regarding this finding. + groupMemberships: + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2GroupMembership' + description: >- + Contains details about groups of which this finding is a member. A + group is a collection of findings that are related in some way. This + field cannot be updated. Its value is ignored in all update + requests. + orgPolicies: + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2OrgPolicy' + description: >- + Contains information about the org policies associated with the + finding. + type: array + mitreAttack: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2MitreAttack' + description: >- + MITRE ATT&CK tactics and techniques related to this finding. See: + https://attack.mitre.org + vertexAi: + description: VertexAi associated with the finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2VertexAi' + access: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Access' + description: >- + Access details associated with the finding, such as more information + on the caller, which method was accessed, and from where. + externalSystems: + additionalProperties: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ExternalSystem' + type: object + description: >- + Output only. Third party SIEM/SOAR fields within SCC, contains + external system information and external system finding fields. + readOnly: true + canonicalName: + description: >- + Output only. The canonical name of the finding. The following list + shows some examples: + + `organizations/{organization_id}/sources/{source_id}/locations/{location_id}/findings/{finding_id}` + + + `folders/{folder_id}/sources/{source_id}/locations/{location_id}/findings/{finding_id}` + + + `projects/{project_id}/sources/{source_id}/locations/{location_id}/findings/{finding_id}` + The prefix is the closest CRM ancestor of the resource associated + with the finding. + readOnly: true + type: string + application: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Application' + description: Represents an application associated with the finding. + database: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Database' + description: Database associated with the finding. + cloudArmor: + description: Fields related to Cloud Armor findings. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2CloudArmor' + job: + description: Job associated with the finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Job' + complianceDetails: + description: Details about the compliance implications of the finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ComplianceDetails' + externalUri: + description: >- + The URI that, if available, points to a web page outside of Security + Command Center where additional information about the finding can be + found. This field is guaranteed to be either empty or a well formed + URL. + type: string + nextSteps: + description: Steps to address the finding. + type: string + parentDisplayName: + readOnly: true + type: string + description: >- + Output only. The human readable display name of the finding source + such as "Event Threat Detection" or "Security Health Analytics". + containers: + description: >- + Containers associated with the finding. This field provides + information for both Kubernetes and non-Kubernetes containers. + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Container' + exfiltration: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Exfiltration' + description: Represents exfiltrations associated with the finding. + description: + description: Contains more details about the finding. + type: string + kubernetes: + description: Kubernetes resources associated with the finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Kubernetes' + compliances: + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Compliance' + type: array + description: >- + Contains compliance information for security standards associated to + the finding. + toxicCombination: + description: >- + Contains details about a group of security issues that, when the + issues occur together, represent a greater risk than when the issues + occur independently. A group of such issues is referred to as a + toxic combination. This field cannot be updated. Its value is + ignored in all update requests. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ToxicCombination' + networks: + type: array + description: Represents the VPC networks that the resource is attached to. + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Network' + severity: + enum: + - SEVERITY_UNSPECIFIED + - CRITICAL + - HIGH + - MEDIUM + - LOW + enumDescriptions: + - >- + This value is used for findings when a source doesn't write a + severity value. + - >- + Vulnerability: A critical vulnerability is easily discoverable by + an external actor, exploitable, and results in the direct ability + to execute arbitrary code, exfiltrate data, and otherwise gain + additional access and privileges to cloud resources and workloads. + Examples include publicly accessible unprotected user data and + public SSH access with weak or no passwords. Threat: Indicates a + threat that is able to access, modify, or delete data or execute + unauthorized code within existing resources. + - >- + Vulnerability: A high risk vulnerability can be easily discovered + and exploited in combination with other vulnerabilities in order + to gain direct access and the ability to execute arbitrary code, + exfiltrate data, and otherwise gain additional access and + privileges to cloud resources and workloads. An example is a + database with weak or no passwords that is only accessible + internally. This database could easily be compromised by an actor + that had access to the internal network. Threat: Indicates a + threat that is able to create new computational resources in an + environment but not able to access data or execute code in + existing resources. + - >- + Vulnerability: A medium risk vulnerability could be used by an + actor to gain access to resources or privileges that enable them + to eventually (through multiple steps or a complex exploit) gain + access and the ability to execute arbitrary code or exfiltrate + data. An example is a service account with access to more projects + than it should have. If an actor gains access to the service + account, they could potentially use that access to manipulate a + project the service account was not intended to. Threat: Indicates + a threat that is able to cause operational impact but may not + access data or execute unauthorized code. + - >- + Vulnerability: A low risk vulnerability hampers a security + organization's ability to detect vulnerabilities or active threats + in their deployment, or prevents the root cause investigation of + security issues. An example is monitoring and logs being disabled + for resource configurations and access. Threat: Indicates a threat + that has obtained minimal access to an environment but is not able + to access data, execute code, or create resources. + type: string + description: >- + The severity of the finding. This field is managed by the source + that writes the finding. + moduleName: + type: string + description: >- + Unique identifier of the module which generated the finding. + Example: + folders/598186756061/securityHealthAnalyticsSettings/customModules/56799441161885 + mute: + enumDescriptions: + - Unspecified. + - Finding has been muted. + - Finding has been unmuted. + - Finding has never been muted/unmuted. + description: >- + Indicates the mute state of a finding (either muted, unmuted or + undefined). Unlike other attributes of a finding, a finding provider + shouldn't set the value of mute. + type: string + enum: + - MUTE_UNSPECIFIED + - MUTED + - UNMUTED + - UNDEFINED + category: + description: >- + Immutable. The additional taxonomy group within findings from a + given source. Example: "XSS_FLASH_INJECTION" + type: string + muteUpdateTime: + description: Output only. The most recent time this finding was muted or unmuted. + format: google-datetime + type: string + readOnly: true + securityMarks: + readOnly: true + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2SecurityMarks' + description: >- + Output only. User specified security marks. These marks are entirely + managed by the user and come from the SecurityMarks resource that + belongs to the finding. + indicator: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Indicator' + description: >- + Represents what's commonly known as an *indicator of compromise* + (IoC) in computer forensics. This is an artifact observed on a + network or in an operating system that, with high confidence, + indicates a computer intrusion. For more information, see [Indicator + of + compromise](https://en.wikipedia.org/wiki/Indicator_of_compromise). + notebook: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Notebook' + description: Notebook associated with the finding. + vulnerability: + description: >- + Represents vulnerability-specific fields like CVE and CVSS scores. + CVE stands for Common Vulnerabilities and Exposures + (https://cve.mitre.org/about/) + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Vulnerability' + files: + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2File' + description: File associated with the finding. + type: array + dataRetentionDeletionEvents: + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2DataRetentionDeletionEvent + description: Data retention deletion events associated with the finding. + type: array + iamBindings: + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IamBinding' + description: Represents IAM bindings associated with the finding. + affectedResources: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AffectedResources' + description: AffectedResources associated with the finding. + aiModel: + description: The AI model associated with the finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AiModel' + state: + readOnly: true + description: Output only. The state of the finding. + type: string + enumDescriptions: + - Unspecified state. + - The finding requires attention and has not been addressed yet. + - >- + The finding has been fixed, triaged as a non-issue or otherwise + addressed and is no longer active. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - INACTIVE + connections: + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Connection' + description: >- + Contains information about the IP connection associated with the + finding. + kernelRootkit: + description: Signature of the kernel rootkit. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2KernelRootkit' + securityPosture: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2SecurityPosture' + description: The security posture associated with the finding. + dataAccessEvents: + description: Data access events associated with the finding. + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2DataAccessEvent' + parent: + description: >- + The relative resource name of the source and location the finding + belongs to. See: + https://cloud.google.com/apis/design/resource_names#relative_resource_name + This field is immutable after creation time. The following list + shows some examples: + + `organizations/{organization_id}/sources/{source_id}` + + `folders/{folders_id}/sources/{source_id}` + + `projects/{projects_id}/sources/{source_id}` + + `organizations/{organization_id}/sources/{source_id}/locations/{location_id}` + + `folders/{folders_id}/sources/{source_id}/locations/{location_id}` + + + `projects/{projects_id}/sources/{source_id}/locations/{location_id}` + type: string + dataFlowEvents: + description: Data flow events associated with the finding. + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2DataFlowEvent' + type: array + eventTime: + format: google-datetime + type: string + description: >- + The time the finding was first detected. If an existing finding is + updated, then this is the time the update occurred. For example, if + the finding represents an open firewall, this property captures the + time the detector believes the firewall became open. The accuracy is + determined by the detector. If the finding is later resolved, then + this time reflects when the finding was resolved. This must not be + set to a value greater than the current timestamp. + resourceName: + description: >- + Immutable. For findings on Google Cloud resources, the full resource + name of the Google Cloud resource this finding is for. See: + https://cloud.google.com/apis/design/resource_names#full_resource_name + When the finding is for a non-Google Cloud resource, the + resourceName can be a customer or partner defined string. + type: string + findingClass: + enumDescriptions: + - Unspecified finding class. + - Describes unwanted or malicious activity. + - >- + Describes a potential weakness in software that increases risk to + Confidentiality & Integrity & Availability. + - >- + Describes a potential weakness in cloud resource/asset + configuration that increases risk. + - >- + Describes a security observation that is for informational + purposes. + - Describes an error that prevents some SCC functionality. + - >- + Describes a potential security risk due to a change in the + security posture. + - >- + Describes a combination of security issues that represent a more + severe security problem when taken together. + - >- + Describes a potential security risk to data assets that contain + sensitive data. + - >- + Describes a resource or resource group where high risk attack + paths converge, based on attack path simulations (APS). + description: The class of the finding. + type: string + enum: + - FINDING_CLASS_UNSPECIFIED + - THREAT + - VULNERABILITY + - MISCONFIGURATION + - OBSERVATION + - SCC_ERROR + - POSTURE_VIOLATION + - TOXIC_COMBINATION + - SENSITIVE_DATA_RISK + - CHOKEPOINT + muteInitiator: + type: string + description: >- + Records additional information about the mute operation, for + example, the [mute + configuration](https://cloud.google.com/security-command-center/docs/how-to-mute-findings) + that muted the finding and the user who muted the finding. + disk: + description: Disk associated with the finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Disk' + attackExposure: + description: The results of an attack path simulation relevant to this finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AttackExposure' + contacts: + additionalProperties: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ContactDetails' + readOnly: true + type: object + description: >- + Output only. Map containing the points of contact for the given + finding. The key represents the type of contact, while the value + contains a list of all the contacts that pertain. Please refer to: + https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories + { "security": { "contacts": [ { "email": "person1@company.com" }, { + "email": "person2@company.com" } ] } } + chokepoint: + description: >- + Contains details about a chokepoint, which is a resource or resource + group where high-risk attack paths converge, based on [attack path + simulations] + (https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_path_simulations). + This field cannot be updated. Its value is ignored in all update + requests. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Chokepoint' + type: object + GoogleCloudSecuritycenterV1ExternalSystem: + id: GoogleCloudSecuritycenterV1ExternalSystem + description: Representation of third party SIEM/SOAR fields within SCC. + properties: + externalSystemUpdateTime: + type: string + format: google-datetime + description: >- + The time when the case was last updated, as reported by the external + system. + caseUri: + type: string + description: The link to the finding's corresponding case in the external system. + caseSla: + format: google-datetime + type: string + description: The SLA of the finding's corresponding case in the external system. + ticketInfo: + description: >- + Information about the ticket, if any, that is being used to track + the resolution of the issue that is identified by this finding. + $ref: '#/components/schemas/TicketInfo' + externalUid: + description: >- + The identifier that's used to track the finding's corresponding case + in the external system. + type: string + status: + type: string + description: >- + The most recent status of the finding's corresponding case, as + reported by the external system. + name: + description: >- + Full resource name of the external system, for example: + "organizations/1234/sources/5678/findings/123456/externalSystems/jira", + "folders/1234/sources/5678/findings/123456/externalSystems/jira", + "projects/1234/sources/5678/findings/123456/externalSystems/jira" + type: string + casePriority: + description: >- + The priority of the finding's corresponding case in the external + system. + type: string + caseCloseTime: + format: google-datetime + type: string + description: >- + The time when the case was closed, as reported by the external + system. + assignees: + description: References primary/secondary etc assignees in the external system. + items: + type: string + type: array + caseCreateTime: + description: >- + The time when the case was created, as reported by the external + system. + type: string + format: google-datetime + type: object + GoogleCloudSecuritycenterV2AwsMetadata: + id: GoogleCloudSecuritycenterV2AwsMetadata + description: >- + AWS metadata associated with the resource, only applicable if the + finding's cloud provider is Amazon Web Services. + type: object + properties: + organization: + description: The AWS organization associated with the resource. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AwsOrganization' + account: + description: The AWS account associated with the resource. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AwsAccount' + organizationalUnits: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2AwsOrganizationalUnit + description: >- + A list of AWS organizational units associated with the resource, + ordered from lowest level (closest to the account) to highest level. + GoogleCloudSecuritycenterV2Object: + id: GoogleCloudSecuritycenterV2Object + description: >- + Kubernetes object related to the finding, uniquely identified by GKNN. + Used if the object Kind is not one of Pod, Node, NodePool, Binding, or + AccessReview. + type: object + properties: + containers: + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Container' + type: array + description: Pod containers associated with this finding, if any. + group: + type: string + description: Kubernetes object group, such as "policy.k8s.io/v1". + name: + type: string + description: >- + Kubernetes object name. For details see + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/. + kind: + type: string + description: Kubernetes object kind, such as "Namespace". + ns: + description: >- + Kubernetes object namespace. Must be a valid DNS label. Named "ns" + to avoid collision with C++ namespace keyword. For details see + https://kubernetes.io/docs/tasks/administer-cluster/namespaces/. + type: string + EffectiveEventThreatDetectionCustomModule: + type: object + properties: + type: + readOnly: true + type: string + description: Output only. Type for the module. e.g. CONFIGURABLE_BAD_IP. + enablementState: + enum: + - ENABLEMENT_STATE_UNSPECIFIED + - ENABLED + - DISABLED + type: string + enumDescriptions: + - Unspecified enablement state. + - The module is enabled at the given level. + - The module is disabled at the given level. + readOnly: true + description: >- + Output only. The effective state of enablement for the module at the + given level of the hierarchy. + description: + readOnly: true + description: Output only. The description for the module. + type: string + cloudProvider: + type: string + enum: + - CLOUD_PROVIDER_UNSPECIFIED + - GOOGLE_CLOUD_PLATFORM + - AMAZON_WEB_SERVICES + - MICROSOFT_AZURE + enumDescriptions: + - Unspecified cloud provider. + - Google Cloud. + - Amazon Web Services. + - Microsoft Azure. + description: The cloud provider of the custom module. + displayName: + type: string + readOnly: true + description: Output only. The human readable name to be displayed for the module. + name: + readOnly: true + type: string + description: >- + Output only. The resource name of the effective ETD custom module. + Its format is: * + `organizations/{organization}/eventThreatDetectionSettings/effectiveCustomModules/{module}`. + * + `folders/{folder}/eventThreatDetectionSettings/effectiveCustomModules/{module}`. + * + `projects/{project}/eventThreatDetectionSettings/effectiveCustomModules/{module}`. + config: + type: object + description: Output only. Config for the effective module. + readOnly: true + additionalProperties: + description: Properties of the object. + type: any + description: >- + An EffectiveEventThreatDetectionCustomModule is the representation of an + Event Threat Detection custom module at a specified level of the + resource hierarchy: organization, folder, or project. If a custom module + is inherited from a parent organization or folder, the value of the + `enablement_state` property in EffectiveEventThreatDetectionCustomModule + is set to the value that is effective in the parent, instead of + `INHERITED`. For example, if the module is enabled in a parent + organization or folder, the effective `enablement_state` for the module + in all child folders or projects is also `enabled`. + EffectiveEventThreatDetectionCustomModule is read-only. + id: EffectiveEventThreatDetectionCustomModule + GoogleCloudSecuritycenterV2Cwe: + type: object + id: GoogleCloudSecuritycenterV2Cwe + properties: + id: + type: string + description: The CWE identifier, e.g. CWE-94 + references: + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Reference' + type: array + description: >- + Any reference to the details on the CWE, for example, + https://cwe.mitre.org/data/definitions/94.html + description: >- + CWE stands for Common Weakness Enumeration. Information about this + weakness, as described by [CWE](https://cwe.mitre.org/). + GoogleCloudSecuritycenterV2NodePool: + type: object + description: Provides GKE node pool information. + id: GoogleCloudSecuritycenterV2NodePool + properties: + name: + description: Kubernetes node pool name. + type: string + nodes: + description: Nodes associated with the finding. + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Node' + GoogleCloudSecuritycenterV1ResourceApplicationAttributesContactInfo: + properties: + email: + type: string + description: Email address of the contacts. + type: object + id: GoogleCloudSecuritycenterV1ResourceApplicationAttributesContactInfo + description: Contact information of stakeholders. + DynamicMuteRecord: + description: The record of a dynamic mute rule that matches the finding. + properties: + muteConfig: + description: >- + The relative resource name of the mute rule, represented by a mute + config, that created this record, for example + `organizations/123/muteConfigs/mymuteconfig` or + `organizations/123/locations/global/muteConfigs/mymuteconfig`. + type: string + matchTime: + description: When the dynamic mute rule first matched the finding. + format: google-datetime + type: string + id: DynamicMuteRecord + type: object + ListAssetsResult: + id: ListAssetsResult + description: Result containing the Asset and its State. + properties: + asset: + description: Asset matching the search request. + $ref: '#/components/schemas/Asset' + stateChange: + enumDescriptions: + - >- + State change is unused, this is the canonical default for this + enum. + - Asset was added between the points in time. + - Asset was removed between the points in time. + - Asset was present at both point(s) in time. + enum: + - UNUSED + - ADDED + - REMOVED + - ACTIVE + type: string + description: State change of the asset between the points in time. + type: object + ResourcePathNode: + type: object + properties: + nodeType: + type: string + enum: + - RESOURCE_PATH_NODE_TYPE_UNSPECIFIED + - GCP_ORGANIZATION + - GCP_FOLDER + - GCP_PROJECT + - AWS_ORGANIZATION + - AWS_ORGANIZATIONAL_UNIT + - AWS_ACCOUNT + - AZURE_MANAGEMENT_GROUP + - AZURE_SUBSCRIPTION + - AZURE_RESOURCE_GROUP + description: The type of resource this node represents. + enumDescriptions: + - Node type is unspecified. + - The node represents a Google Cloud organization. + - The node represents a Google Cloud folder. + - The node represents a Google Cloud project. + - The node represents an AWS organization. + - The node represents an AWS organizational unit. + - The node represents an AWS account. + - The node represents an Azure management group. + - The node represents an Azure subscription. + - The node represents an Azure resource group. + displayName: + description: The display name of the resource this node represents. + type: string + id: + type: string + description: The ID of the resource this node represents. + description: >- + A node within the resource path. Each node represents a resource within + the resource hierarchy. + id: ResourcePathNode + OrganizationSettings: + properties: + enableAssetDiscovery: + description: >- + A flag that indicates if Asset Discovery should be enabled. If the + flag is set to `true`, then discovery of assets will occur. If it is + set to `false`, all historical assets will remain, but discovery of + future assets will not occur. + type: boolean + assetDiscoveryConfig: + $ref: '#/components/schemas/AssetDiscoveryConfig' + description: The configuration used for Asset Discovery runs. + name: + description: >- + The relative resource name of the settings. See: + https://cloud.google.com/apis/design/resource_names#relative_resource_name + Example: "organizations/{organization_id}/organizationSettings". + type: string + description: >- + User specified settings that are attached to the Security Command Center + organization. + id: OrganizationSettings + type: object + DataFlowEvent: + id: DataFlowEvent + properties: + eventTime: + format: google-datetime + type: string + description: Timestamp of data flow event. + principalEmail: + type: string + description: >- + The email address of the principal that initiated the data flow + event. The principal could be a user account, service account, + Google group, or other. + operation: + type: string + enumDescriptions: + - The operation is unspecified. + - Represents a read operation. + - Represents a move operation. + - Represents a copy operation. + description: The operation performed by the principal for the data flow event. + enum: + - OPERATION_UNSPECIFIED + - READ + - MOVE + - COPY + violatedLocation: + description: Non-compliant location of the principal or the data destination. + type: string + eventId: + description: Unique identifier for data flow event. + type: string + type: object + description: >- + Details about a data flow event, in which either the data is moved to or + is accessed from a non-compliant geo-location, as defined in the + applicable data security policy. + GoogleCloudSecuritycenterV2ServiceAccountDelegationInfo: + description: Identity delegation history of an authenticated service account. + type: object + properties: + principalEmail: + type: string + description: The email address of a Google account. + principalSubject: + description: >- + A string representing the principal_subject associated with the + identity. As compared to `principal_email`, supports principals that + aren't associated with email addresses, such as third party + principals. For most identities, the format will be + `principal://iam.googleapis.com/{identity pool + name}/subjects/{subject}` except for some GKE identities + (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the + legacy format `serviceAccount:{identity pool name}[{subject}]` + type: string + id: GoogleCloudSecuritycenterV2ServiceAccountDelegationInfo + GoogleCloudSecuritycenterV2IssueDomain: + properties: + domainCategory: + enumDescriptions: + - Unspecified domain category. + - Issues in the AI domain. + - Issues in the code domain. + - Issues in the container domain. + - Issues in the data domain. + - Issues in the identity and access domain. + - Issues in the vulnerability domain. + - Issues in the threat domain. + type: string + enum: + - DOMAIN_CATEGORY_UNSPECIFIED + - AI + - CODE + - CONTAINER + - DATA + - IDENTITY_AND_ACCESS + - VULNERABILITY + - THREAT + description: The domain category of the issue. + id: GoogleCloudSecuritycenterV2IssueDomain + type: object + description: The domains of an issue. + Denied: + type: object + description: Denied IP rule. + id: Denied + properties: + ipRules: + items: + $ref: '#/components/schemas/IpRule' + type: array + description: Optional. Optional list of denied IP rules. + AzureSubscription: + properties: + displayName: + description: The display name of the Azure subscription. + type: string + id: + description: >- + The UUID of the Azure subscription, for example, + `291bba3f-e0a5-47bc-a099-3bdcb2a50a05`. + type: string + description: Represents an Azure subscription. + type: object + id: AzureSubscription + ServiceAccountDelegationInfo: + type: object + id: ServiceAccountDelegationInfo + properties: + principalSubject: + type: string + description: >- + A string representing the principal_subject associated with the + identity. As compared to `principal_email`, supports principals that + aren't associated with email addresses, such as third party + principals. For most identities, the format will be + `principal://iam.googleapis.com/{identity pool + name}/subjects/{subject}` except for some GKE identities + (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the + legacy format `serviceAccount:{identity pool name}[{subject}]` + principalEmail: + description: The email address of a Google account. + type: string + description: Identity delegation history of an authenticated service account. + GoogleCloudSecuritycenterV2GroupMembership: + description: >- + Contains details about groups of which this finding is a member. A group + is a collection of findings that are related in some way. + properties: + groupId: + type: string + description: ID of the group. + groupType: + enum: + - GROUP_TYPE_UNSPECIFIED + - GROUP_TYPE_TOXIC_COMBINATION + - GROUP_TYPE_CHOKEPOINT + enumDescriptions: + - Default value. + - Group represents a toxic combination. + - Group represents a chokepoint. + description: Type of group. + type: string + type: object + id: GoogleCloudSecuritycenterV2GroupMembership + BulkMuteFindingsRequest: + description: >- + Request message for bulk findings update. Note: 1. If multiple bulk + update requests match the same resource, the order in which they get + executed is not defined. 2. Once a bulk operation is started, there is + no way to stop it. + properties: + filter: + description: >- + Expression that identifies findings that should be updated. The + expression is a list of zero or more restrictions combined via + logical operators `AND` and `OR`. Parentheses are supported, and + `OR` has higher precedence than `AND`. Restrictions have the form ` + ` and may have a `-` character in front of them to indicate + negation. The fields map to those defined in the corresponding + resource. The supported operators are: * `=` for all value types. * + `>`, `<`, `>=`, `<=` for integer values. * `:`, meaning substring + matching, for strings. The supported value types are: * string + literals in quotes. * integer literals without quotes. * boolean + literals `true` and `false` without quotes. + type: string + muteAnnotation: + type: string + deprecated: true + description: >- + This can be a mute configuration name or any identifier for + mute/unmute of findings based on the filter. + muteState: + enumDescriptions: + - Unused. + - Matching findings will be muted (default). + - Matching findings will have their mute state cleared. + type: string + enum: + - MUTE_STATE_UNSPECIFIED + - MUTED + - UNDEFINED + description: >- + Optional. All findings matching the given filter will have their + mute state set to this value. The default value is `MUTED`. Setting + this to `UNDEFINED` will clear the mute state on all matching + findings. + id: BulkMuteFindingsRequest + type: object + GoogleCloudSecuritycenterV2AdaptiveProtection: + type: object + properties: + confidence: + description: >- + A score of 0 means that there is low confidence that the detected + event is an actual attack. A score of 1 means that there is high + confidence that the detected event is an attack. See the [Adaptive + Protection + documentation](https://cloud.google.com/armor/docs/adaptive-protection-overview#configure-alert-tuning) + for further explanation. + format: double + type: number + description: >- + Information about [Google Cloud Armor Adaptive + Protection](https://cloud.google.com/armor/docs/cloud-armor-overview#google-cloud-armor-adaptive-protection). + id: GoogleCloudSecuritycenterV2AdaptiveProtection + GoogleCloudSecuritycenterV2DataFlowEvent: + properties: + eventId: + description: Unique identifier for data flow event. + type: string + principalEmail: + type: string + description: >- + The email address of the principal that initiated the data flow + event. The principal could be a user account, service account, + Google group, or other. + violatedLocation: + description: Non-compliant location of the principal or the data destination. + type: string + eventTime: + description: Timestamp of data flow event. + type: string + format: google-datetime + operation: + description: The operation performed by the principal for the data flow event. + enum: + - OPERATION_UNSPECIFIED + - READ + - MOVE + - COPY + enumDescriptions: + - The operation is unspecified. + - Represents a read operation. + - Represents a move operation. + - Represents a copy operation. + type: string + id: GoogleCloudSecuritycenterV2DataFlowEvent + description: >- + Details about a data flow event, in which either the data is moved to or + is accessed from a non-compliant geo-location, as defined in the + applicable data security policy. + type: object + ContactDetails: + properties: + contacts: + description: A list of contacts + items: + $ref: '#/components/schemas/Contact' + type: array + id: ContactDetails + description: Details about specific contacts + type: object + GoogleCloudSecuritycenterV2IamBinding: + type: object + description: >- + Represents a particular IAM binding, which captures a member's role + addition, removal, or state. + properties: + role: + description: >- + Role that is assigned to "members". For example, "roles/viewer", + "roles/editor", or "roles/owner". + type: string + member: + description: >- + A single identity requesting access for a Cloud Platform resource, + for example, "foo@google.com". + type: string + action: + type: string + description: The action that was performed on a Binding. + enumDescriptions: + - Unspecified. + - Addition of a Binding. + - Removal of a Binding. + enum: + - ACTION_UNSPECIFIED + - ADD + - REMOVE + id: GoogleCloudSecuritycenterV2IamBinding + GoogleCloudSecuritycenterV1beta1RunAssetDiscoveryResponse: + description: Response of asset discovery run + type: object + id: GoogleCloudSecuritycenterV1beta1RunAssetDiscoveryResponse + properties: + state: + enum: + - STATE_UNSPECIFIED + - COMPLETED + - SUPERSEDED + - TERMINATED + enumDescriptions: + - Asset discovery run state was unspecified. + - Asset discovery run completed successfully. + - >- + Asset discovery run was cancelled with tasks still pending, as + another run for the same organization was started with a higher + priority. + - Asset discovery run was killed and terminated. + description: The state of an asset discovery run. + type: string + duration: + format: google-duration + type: string + description: The duration between asset discovery run start and end + GoogleCloudSecuritycenterV2Node: + type: object + properties: + name: + description: >- + [Full resource name](https://google.aip.dev/122#full-resource-names) + of the Compute Engine VM running the cluster node. + type: string + id: GoogleCloudSecuritycenterV2Node + description: Kubernetes nodes associated with the finding. + AccessReview: + id: AccessReview + description: >- + Conveys information about a Kubernetes access review (such as one + returned by a [`kubectl auth + can-i`](https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access) + command) that was involved in a finding. + properties: + name: + description: The name of the resource being requested. Empty means all. + type: string + ns: + type: string + description: >- + Namespace of the action being requested. Currently, there is no + distinction between no namespace and all namespaces. Both are + represented by "" (empty). + version: + description: The API version of the resource. "*" means all. + type: string + verb: + description: >- + A Kubernetes resource API verb, like get, list, watch, create, + update, delete, proxy. "*" means all. + type: string + group: + description: The API group of the resource. "*" means all. + type: string + resource: + description: The optional resource type requested. "*" means all. + type: string + subresource: + description: The optional subresource type. + type: string + type: object + GoogleCloudSecuritycenterV2Contact: + id: GoogleCloudSecuritycenterV2Contact + properties: + email: + type: string + description: An email address. For example, "`person123@company.com`". + type: object + description: The email address of a contact. + Node: + description: Kubernetes nodes associated with the finding. + properties: + name: + description: >- + [Full resource name](https://google.aip.dev/122#full-resource-names) + of the Compute Engine VM running the cluster node. + type: string + type: object + id: Node + GoogleCloudSecuritycenterV2VertexAi: + id: GoogleCloudSecuritycenterV2VertexAi + description: Vertex AI-related information associated with the finding. + type: object + properties: + datasets: + description: Datasets associated with the finding. + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Dataset' + type: array + pipelines: + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Pipeline' + type: array + description: Pipelines associated with the finding. + GoogleCloudSecuritycenterV2Vulnerability: + type: object + description: Refers to common vulnerability fields e.g. cve, cvss, cwe etc. + id: GoogleCloudSecuritycenterV2Vulnerability + properties: + reachable: + type: boolean + description: >- + Represents whether the vulnerability is reachable (detected via + static analysis) + cwes: + type: array + description: >- + Represents one or more Common Weakness Enumeration (CWE) information + on this vulnerability. + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Cwe' + offendingPackage: + description: The offending package is relevant to the finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Package' + fixedPackage: + description: The fixed package is relevant to the finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Package' + securityBulletin: + description: The security bulletin is relevant to this finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2SecurityBulletin' + cve: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Cve' + description: >- + CVE stands for Common Vulnerabilities and Exposures + (https://cve.mitre.org/about/) + providerRiskScore: + type: string + format: int64 + description: >- + Provider provided risk_score based on multiple factors. The higher + the risk score, the more risky the vulnerability is. + GoogleCloudSecuritycenterV1p1beta1Finding: + properties: + parent: + type: string + description: >- + The relative resource name of the source the finding belongs to. + See: + https://cloud.google.com/apis/design/resource_names#relative_resource_name + This field is immutable after creation time. For example: + "organizations/{organization_id}/sources/{source_id}" + state: + type: string + description: The state of the finding. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - INACTIVE + enumDescriptions: + - Unspecified state. + - The finding requires attention and has not been addressed yet. + - >- + The finding has been fixed, triaged as a non-issue or otherwise + addressed and is no longer active. + securityMarks: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1p1beta1SecurityMarks' + description: >- + Output only. User specified security marks. These marks are entirely + managed by the user and come from the SecurityMarks resource that + belongs to the finding. + readOnly: true + name: + description: >- + The relative resource name of this finding. See: + https://cloud.google.com/apis/design/resource_names#relative_resource_name + Example: + "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}" + type: string + canonicalName: + description: >- + The canonical name of the finding. It's either + "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", + "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or + "projects/{project_number}/sources/{source_id}/findings/{finding_id}", + depending on the closest CRM ancestor of the resource associated + with the finding. + type: string + category: + description: >- + The additional taxonomy group within findings from a given source. + This field is immutable after creation time. Example: + "XSS_FLASH_INJECTION" + type: string + severity: + enum: + - SEVERITY_UNSPECIFIED + - CRITICAL + - HIGH + - MEDIUM + - LOW + enumDescriptions: + - No severity specified. The default value. + - Critical severity. + - High severity. + - Medium severity. + - Low severity. + type: string + description: >- + The severity of the finding. This field is managed by the source + that writes the finding. + createTime: + description: >- + The time at which the finding was created in Security Command + Center. + format: google-datetime + type: string + externalUri: + description: >- + The URI that, if available, points to a web page outside of Security + Command Center where additional information about the finding can be + found. This field is guaranteed to be either empty or a well formed + URL. + type: string + resourceName: + type: string + description: >- + For findings on Google Cloud resources, the full resource name of + the Google Cloud resource this finding is for. See: + https://cloud.google.com/apis/design/resource_names#full_resource_name + When the finding is for a non-Google Cloud resource, the + resourceName can be a customer or partner defined string. This field + is immutable after creation time. + eventTime: + format: google-datetime + description: >- + The time at which the event took place, or when an update to the + finding occurred. For example, if the finding represents an open + firewall it would capture the time the detector believes the + firewall became open. The accuracy is determined by the detector. If + the finding were to be resolved afterward, this time would reflect + when the finding was resolved. Must not be set to a value greater + than the current timestamp. + type: string + sourceProperties: + type: object + description: >- + Source specific properties. These properties are managed by the + source that writes the finding. The key names in the + source_properties map must be between 1 and 255 characters, and must + start with a letter and contain alphanumeric characters or + underscores only. + additionalProperties: + type: any + id: GoogleCloudSecuritycenterV1p1beta1Finding + type: object + description: >- + Security Command Center finding. A finding is a record of assessment + data (security, risk, health or privacy) ingested into Security Command + Center for presentation, notification, analysis, policy testing, and + enforcement. For example, an XSS vulnerability in an App Engine + application is a finding. + SecurityCenterProperties: + type: object + properties: + resourceDisplayName: + description: The user defined display name for this resource. + type: string + folders: + items: + $ref: '#/components/schemas/Folder' + description: >- + Contains a Folder message for each folder in the assets ancestry. + The first folder is the deepest nested folder, and the last folder + is the folder directly under the Organization. + type: array + resourceType: + type: string + description: >- + The type of the Google Cloud resource. Examples include: + APPLICATION, PROJECT, and ORGANIZATION. This is a case insensitive + field defined by Security Command Center and/or the producer of the + resource and is immutable after create time. + resourceName: + type: string + description: >- + The full resource name of the Google Cloud resource this asset + represents. This field is immutable after create time. See: + https://cloud.google.com/apis/design/resource_names#full_resource_name + resourceProjectDisplayName: + type: string + description: The user defined display name for the project of this resource. + resourceOwners: + items: + type: string + description: Owners of the Google Cloud resource. + type: array + resourceProject: + type: string + description: >- + The full resource name of the project the resource belongs to. See: + https://cloud.google.com/apis/design/resource_names#full_resource_name + resourceParent: + type: string + description: >- + The full resource name of the immediate parent of the resource. See: + https://cloud.google.com/apis/design/resource_names#full_resource_name + resourceParentDisplayName: + description: The user defined display name for the parent of this resource. + type: string + description: >- + Security Command Center managed properties. These properties are managed + by Security Command Center and cannot be modified by the user. + id: SecurityCenterProperties + Control: + properties: + controlName: + type: string + description: Name of the Control + displayName: + description: Display name of the control. For example, AU-02. + type: string + description: Compliance control associated with the finding. + id: Control + type: object + GoogleCloudSecuritycenterV1SensitiveDataProtectionMapping: + properties: + mediumSensitivityMapping: + enumDescriptions: + - Unspecific value + - High resource value + - Medium resource value + - Low resource value + - No resource value, e.g. ignore these resources + description: >- + Resource value mapping for medium-sensitivity Sensitive Data + Protection findings + type: string + enum: + - RESOURCE_VALUE_UNSPECIFIED + - HIGH + - MEDIUM + - LOW + - NONE + highSensitivityMapping: + enum: + - RESOURCE_VALUE_UNSPECIFIED + - HIGH + - MEDIUM + - LOW + - NONE + enumDescriptions: + - Unspecific value + - High resource value + - Medium resource value + - Low resource value + - No resource value, e.g. ignore these resources + type: string + description: >- + Resource value mapping for high-sensitivity Sensitive Data + Protection findings + id: GoogleCloudSecuritycenterV1SensitiveDataProtectionMapping + type: object + description: >- + Resource value mapping for Sensitive Data Protection findings. If any of + these mappings have a resource value that is not unspecified, the + resource_value field will be ignored when reading this configuration. + Network: + type: object + id: Network + properties: + name: + type: string + description: >- + The name of the VPC network resource, for example, + `//compute.googleapis.com/projects/my-project/global/networks/my-network`. + description: Contains information about a VPC network associated with the finding. + AzureManagementGroup: + id: AzureManagementGroup + type: object + description: Represents an Azure management group. + properties: + id: + description: >- + The UUID of the Azure management group, for example, + `20000000-0001-0000-0000-000000000000`. + type: string + displayName: + type: string + description: The display name of the Azure management group. + GoogleCloudSecuritycenterV2Disk: + properties: + name: + type: string + description: >- + The name of the disk, for example, + "https://www.googleapis.com/compute/v1/projects/{project-id}/zones/{zone-id}/disks/{disk-id}". + description: Contains information about the disk associated with the finding. + id: GoogleCloudSecuritycenterV2Disk + type: object + BigQueryDestination: + properties: + dataset: + type: string + description: >- + Required. The relative resource name of the destination dataset, in + the form projects/{projectId}/datasets/{datasetId}. + description: The destination BigQuery dataset to export findings to. + id: BigQueryDestination + type: object + GoogleCloudSecuritycenterV2LogEntry: + type: object + properties: + cloudLoggingEntry: + description: An individual entry in a log stored in Cloud Logging. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2CloudLoggingEntry' + id: GoogleCloudSecuritycenterV2LogEntry + description: An individual entry in a log. + GoogleCloudSecuritycenterV2IssueResource: + id: GoogleCloudSecuritycenterV2IssueResource + properties: + application: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2IssueResourceApplication + description: >- + The AppHub application associated with the resource, if any. Only + populated for the primary resource. + type: + description: The type of the resource associated with the issue. + type: string + name: + type: string + description: The full resource name of the resource associated with the issue. + azureMetadata: + description: >- + The Azure metadata of the resource associated with the issue. Only + populated for Azure resources. + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2IssueResourceAzureMetadata + googleCloudMetadata: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2IssueResourceGoogleCloudMetadata + description: >- + The Google Cloud metadata of the resource associated with the issue. + Only populated for Google Cloud resources. + cloudProvider: + enum: + - CLOUD_PROVIDER_UNSPECIFIED + - GOOGLE_CLOUD + - AMAZON_WEB_SERVICES + - MICROSOFT_AZURE + type: string + description: The cloud provider of the resource associated with the issue. + enumDescriptions: + - Unspecified cloud provider. + - Google Cloud. + - Amazon Web Services. + - Microsoft Azure. + awsMetadata: + description: >- + The AWS metadata of the resource associated with the issue. Only + populated for AWS resources. + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2IssueResourceAwsMetadata + displayName: + type: string + description: >- + The resource-type specific display name of the resource associated + with the issue. + description: A resource associated with the an issue. + type: object + MuteInfo: + id: MuteInfo + description: >- + Mute information about the finding, including whether the finding has a + static mute or any matching dynamic mute rules. + properties: + dynamicMuteRecords: + type: array + items: + $ref: '#/components/schemas/DynamicMuteRecord' + description: The list of dynamic mute rules that currently match the finding. + staticMute: + description: >- + If set, the static mute applied to this finding. Static mutes + override dynamic mutes. If unset, there is no static mute. + $ref: '#/components/schemas/StaticMute' + type: object + GoogleCloudSecuritycenterV2ResourcePath: + type: object + properties: + nodes: + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ResourcePathNode' + type: array + description: >- + The list of nodes that make the up resource path, ordered from + lowest level to highest level. + description: >- + Represents the path of resources leading up to the resource this finding + is about. + id: GoogleCloudSecuritycenterV2ResourcePath + GoogleCloudSecuritycenterV2Detection: + type: object + description: Memory hash detection contributing to the binary family match. + properties: + binary: + description: >- + The name of the binary associated with the memory hash signature + detection. + type: string + percentPagesMatched: + type: number + format: double + description: >- + The percentage of memory page hashes in the signature that were + matched. + id: GoogleCloudSecuritycenterV2Detection + GoogleCloudSecuritycenterV2MuteInfo: + description: >- + Mute information about the finding, including whether the finding has a + static mute or any matching dynamic mute rules. + id: GoogleCloudSecuritycenterV2MuteInfo + properties: + staticMute: + description: >- + If set, the static mute applied to this finding. Static mutes + override dynamic mutes. If unset, there is no static mute. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2StaticMute' + dynamicMuteRecords: + type: array + description: The list of dynamic mute rules that currently match the finding. + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2DynamicMuteRecord' + type: object + Label: + description: >- + Represents a generic name-value label. A label has separate name and + value fields to support filtering with the `contains()` function. For + more information, see [Filtering on array-type + fields](https://cloud.google.com/security-command-center/docs/how-to-api-list-findings#array-contains-filtering). + type: object + id: Label + properties: + value: + description: Value that corresponds to the label's name. + type: string + name: + description: Name of the label. + type: string + Simulation: + description: Attack path simulation + id: Simulation + type: object + properties: + resourceValueConfigsMetadata: + items: + $ref: '#/components/schemas/ResourceValueConfigMetadata' + description: >- + Resource value configurations' metadata used in this simulation. + Maximum of 100. + type: array + cloudProvider: + enumDescriptions: + - The cloud provider is unspecified. + - The cloud provider is Google Cloud. + - The cloud provider is Amazon Web Services. + - The cloud provider is Microsoft Azure. + description: Indicates which cloud provider was used in this simulation. + type: string + enum: + - CLOUD_PROVIDER_UNSPECIFIED + - GOOGLE_CLOUD_PLATFORM + - AMAZON_WEB_SERVICES + - MICROSOFT_AZURE + createTime: + format: google-datetime + description: Output only. Time simulation was created + type: string + readOnly: true + name: + type: string + description: >- + Full resource name of the Simulation: + `organizations/123/simulations/456` + AttackPathEdge: + id: AttackPathEdge + properties: + source: + description: The attack node uuid of the source node. + type: string + destination: + description: The attack node uuid of the destination node. + type: string + description: >- + Represents a connection between a source node and a destination node in + this attack path. + type: object + ListAttackPathsResponse: + description: >- + Response message for listing the attack paths for a given simulation or + valued resource. + type: object + properties: + attackPaths: + description: The attack paths that the attack path simulation identified. + type: array + items: + $ref: '#/components/schemas/AttackPath' + nextPageToken: + type: string + description: >- + Token to retrieve the next page of results, or empty if there are no + more results. + id: ListAttackPathsResponse + Connection: + properties: + protocol: + description: IANA Internet Protocol Number such as TCP(6) and UDP(17). + enumDescriptions: + - Unspecified protocol (not HOPOPT). + - Internet Control Message Protocol. + - Transmission Control Protocol. + - User Datagram Protocol. + - Generic Routing Encapsulation. + - Encap Security Payload. + enum: + - PROTOCOL_UNSPECIFIED + - ICMP + - TCP + - UDP + - GRE + - ESP + type: string + destinationPort: + description: >- + Destination port. Not present for sockets that are listening and not + connected. + type: integer + format: int32 + sourceIp: + type: string + description: Source IP address. + destinationIp: + type: string + description: >- + Destination IP address. Not present for sockets that are listening + and not connected. + sourcePort: + format: int32 + description: Source port. + type: integer + id: Connection + description: >- + Contains information about the IP connection associated with the + finding. + type: object + AzureTenant: + properties: + id: + type: string + description: >- + The ID of the Microsoft Entra tenant, for example, + "a11aaa11-aa11-1aa1-11aa-1aaa11a". + displayName: + type: string + description: The display name of the Azure tenant. + type: object + id: AzureTenant + description: Represents a Microsoft Entra tenant. + GoogleCloudSecuritycenterV2Chokepoint: + id: GoogleCloudSecuritycenterV2Chokepoint + type: object + description: >- + Contains details about a chokepoint, which is a resource or resource + group where high-risk attack paths converge, based on [attack path + simulations] + (https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_path_simulations). + properties: + relatedFindings: + description: >- + List of resource names of findings associated with this chokepoint. + For example, organizations/123/sources/456/findings/789. This list + will have at most 100 findings. + items: + type: string + type: array + ListValuedResourcesResponse: + description: >- + Response message for listing the valued resources for a given + simulation. + properties: + valuedResources: + type: array + description: The valued resources that the attack path simulation identified. + items: + $ref: '#/components/schemas/ValuedResource' + totalSize: + description: The estimated total number of results matching the query. + format: int32 + type: integer + nextPageToken: + type: string + description: >- + Token to retrieve the next page of results, or empty if there are no + more results. + id: ListValuedResourcesResponse + type: object + GoogleCloudSecuritycenterV2Connection: + description: >- + Contains information about the IP connection associated with the + finding. + id: GoogleCloudSecuritycenterV2Connection + type: object + properties: + sourcePort: + type: integer + description: Source port. + format: int32 + destinationPort: + description: >- + Destination port. Not present for sockets that are listening and not + connected. + format: int32 + type: integer + protocol: + enumDescriptions: + - Unspecified protocol (not HOPOPT). + - Internet Control Message Protocol. + - Transmission Control Protocol. + - User Datagram Protocol. + - Generic Routing Encapsulation. + - Encap Security Payload. + type: string + enum: + - PROTOCOL_UNSPECIFIED + - ICMP + - TCP + - UDP + - GRE + - ESP + description: IANA Internet Protocol Number such as TCP(6) and UDP(17). + destinationIp: + type: string + description: >- + Destination IP address. Not present for sockets that are listening + and not connected. + sourceIp: + description: Source IP address. + type: string + GoogleCloudSecuritycenterV2AffectedResources: + id: GoogleCloudSecuritycenterV2AffectedResources + properties: + count: + type: string + description: The count of resources affected by the finding. + format: int64 + description: Details about resources affected by this finding. + type: object + Allowed: + description: Allowed IP rule. + type: object + id: Allowed + properties: + ipRules: + description: Optional. Optional list of allowed IP rules. + type: array + items: + $ref: '#/components/schemas/IpRule' + GoogleCloudSecuritycenterV2Indicator: + id: GoogleCloudSecuritycenterV2Indicator + properties: + ipAddresses: + items: + type: string + type: array + description: The list of IP addresses that are associated with the finding. + uris: + type: array + items: + type: string + description: The list of URIs associated to the Findings. + domains: + items: + type: string + type: array + description: List of domains associated to the Finding. + signatures: + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ProcessSignature' + type: array + description: >- + The list of matched signatures indicating that the given process is + present in the environment. + description: >- + Represents what's commonly known as an _indicator of compromise_ (IoC) + in computer forensics. This is an artifact observed on a network or in + an operating system that, with high confidence, indicates a computer + intrusion. For more information, see [Indicator of + compromise](https://en.wikipedia.org/wiki/Indicator_of_compromise). + type: object + GoogleCloudSecuritycenterV2Network: + properties: + name: + type: string + description: >- + The name of the VPC network resource, for example, + `//compute.googleapis.com/projects/my-project/global/networks/my-network`. + description: Contains information about a VPC network associated with the finding. + type: object + id: GoogleCloudSecuritycenterV2Network + GoogleCloudSecuritycenterV2AwsAccount: + type: object + description: An AWS account that is a member of an organization. + id: GoogleCloudSecuritycenterV2AwsAccount + properties: + id: + description: >- + The unique identifier (ID) of the account, containing exactly 12 + digits. + type: string + name: + type: string + description: The friendly name of this account. + Exfiltration: + properties: + totalExfiltratedBytes: + type: string + format: int64 + description: Total exfiltrated bytes processed for the entire job. + targets: + type: array + items: + $ref: '#/components/schemas/ExfilResource' + description: >- + If there are multiple targets, each target would get a complete copy + of the "joined" source data. + sources: + items: + $ref: '#/components/schemas/ExfilResource' + type: array + description: >- + If there are multiple sources, then the data is considered "joined" + between them. For instance, BigQuery can join multiple tables, and + each table would be considered a source. + description: >- + Exfiltration represents a data exfiltration attempt from one or more + sources to one or more targets. The `sources` attribute lists the + sources of the exfiltrated data. The `targets` attribute lists the + destinations the data was copied to. + id: Exfiltration + type: object + EventThreatDetectionCustomModule: + id: EventThreatDetectionCustomModule + description: >- + Represents an instance of an Event Threat Detection custom module, + including its full module name, display name, enablement state, and last + updated time. You can create a custom module at the organization, + folder, or project level. Custom modules that you create at the + organization or folder level are inherited by child folders and + projects. + type: object + properties: + enablementState: + enumDescriptions: + - Unspecified enablement state. + - The module is enabled at the given level. + - The module is disabled at the given level. + - When the enablement state is inherited. + description: >- + The state of enablement for the module at the given level of the + hierarchy. + enum: + - ENABLEMENT_STATE_UNSPECIFIED + - ENABLED + - DISABLED + - INHERITED + type: string + description: + type: string + description: The description for the module. + cloudProvider: + enumDescriptions: + - Unspecified cloud provider. + - Google Cloud. + - Amazon Web Services (AWS). + - Microsoft Azure. + type: string + enum: + - CLOUD_PROVIDER_UNSPECIFIED + - GOOGLE_CLOUD_PLATFORM + - AMAZON_WEB_SERVICES + - MICROSOFT_AZURE + description: The cloud provider of the custom module. + displayName: + type: string + description: The human readable name to be displayed for the module. + lastEditor: + type: string + description: Output only. The editor the module was last updated by. + readOnly: true + name: + description: >- + Immutable. The resource name of the Event Threat Detection custom + module. Its format is: * + `organizations/{organization}/eventThreatDetectionSettings/customModules/{module}`. + * + `folders/{folder}/eventThreatDetectionSettings/customModules/{module}`. + * + `projects/{project}/eventThreatDetectionSettings/customModules/{module}`. + type: string + updateTime: + format: google-datetime + type: string + description: Output only. The time the module was last updated. + readOnly: true + ancestorModule: + type: string + description: >- + Output only. The closest ancestor module that this module inherits + the enablement state from. The format is the same as the + EventThreatDetectionCustomModule resource name. + readOnly: true + type: + type: string + description: Type for the module. e.g. CONFIGURABLE_BAD_IP. + config: + type: object + description: >- + Config for the module. For the resident module, its config value is + defined at this level. For the inherited module, its config value is + inherited from the ancestor module. + additionalProperties: + type: any + description: Properties of the object. + GoogleCloudSecuritycenterV2DataAccessEvent: + type: object + id: GoogleCloudSecuritycenterV2DataAccessEvent + description: >- + Details about a data access attempt made by a principal not authorized + under applicable data security policy. + properties: + operation: + enumDescriptions: + - The operation is unspecified. + - Represents a read operation. + - Represents a move operation. + - Represents a copy operation. + description: The operation performed by the principal to access the data. + enum: + - OPERATION_UNSPECIFIED + - READ + - MOVE + - COPY + type: string + eventTime: + description: Timestamp of data access event. + type: string + format: google-datetime + principalEmail: + description: >- + The email address of the principal that accessed the data. The + principal could be a user account, service account, Google group, or + other. + type: string + eventId: + type: string + description: Unique identifier for data access event. + GoogleCloudSecuritycenterV2ResourceApplicationAttributesEnvironment: + description: Environment of the Application, Service, or Workload + properties: + type: + enumDescriptions: + - Unspecified type. + - Production environment. + - Staging environment. + - Test environment. + - Development environment. + type: string + enum: + - ENVIRONMENT_TYPE_UNSPECIFIED + - PRODUCTION + - STAGING + - TEST + - DEVELOPMENT + description: Environment Type. + type: object + id: GoogleCloudSecuritycenterV2ResourceApplicationAttributesEnvironment + Attack: + id: Attack + properties: + volumePps: + type: integer + deprecated: true + format: int32 + description: >- + Total PPS (packets per second) volume of attack. Deprecated - refer + to volume_pps_long instead. + volumePpsLong: + description: Total PPS (packets per second) volume of attack. + format: int64 + type: string + volumeBps: + deprecated: true + type: integer + description: >- + Total BPS (bytes per second) volume of attack. Deprecated - refer to + volume_bps_long instead. + format: int32 + classification: + description: >- + Type of attack, for example, 'SYN-flood', 'NTP-udp', or + 'CHARGEN-udp'. + type: string + volumeBpsLong: + type: string + description: Total BPS (bytes per second) volume of attack. + format: int64 + description: Information about DDoS attack volume and classification. + type: object + GoogleCloudSecuritycenterV2TicketInfo: + description: >- + Information about the ticket, if any, that is being used to track the + resolution of the issue that is identified by this finding. + type: object + properties: + assignee: + type: string + description: The assignee of the ticket in the ticket system. + status: + description: The latest status of the ticket, as reported by the ticket system. + type: string + uri: + type: string + description: The link to the ticket in the ticket system. + id: + description: The identifier of the ticket in the ticket system. + type: string + description: + description: The description of the ticket in the ticket system. + type: string + updateTime: + description: >- + The time when the ticket was last updated, as reported by the ticket + system. + type: string + format: google-datetime + id: GoogleCloudSecuritycenterV2TicketInfo + GoogleCloudSecuritycenterV2AwsOrganization: + id: GoogleCloudSecuritycenterV2AwsOrganization + properties: + id: + description: >- + The unique identifier (ID) for the organization. The regex pattern + for an organization ID string requires "o-" followed by from 10 to + 32 lowercase letters or digits. + type: string + description: >- + An organization is a collection of accounts that are centrally managed + together using consolidated billing, organized hierarchically with + organizational units (OUs), and controlled with policies. + type: object + Asset: + id: Asset + description: >- + Security Command Center representation of a Google Cloud resource. The + Asset is a Security Command Center resource that captures information + about a single Google Cloud resource. All modifications to an Asset are + only within the context of Security Command Center and don't affect the + referenced Google Cloud resource. + type: object + properties: + name: + description: >- + The relative resource name of this asset. See: + https://cloud.google.com/apis/design/resource_names#relative_resource_name + Example: "organizations/{organization_id}/assets/{asset_id}". + type: string + resourceProperties: + type: object + description: >- + Resource managed properties. These properties are managed and + defined by the Google Cloud resource and cannot be modified by the + user. + additionalProperties: + type: any + canonicalName: + description: >- + The canonical name of the resource. It's either + "organizations/{organization_id}/assets/{asset_id}", + "folders/{folder_id}/assets/{asset_id}" or + "projects/{project_number}/assets/{asset_id}", depending on the + closest CRM ancestor of the resource. + type: string + securityMarks: + description: >- + User specified security marks. These marks are entirely managed by + the user and come from the SecurityMarks resource that belongs to + the asset. + $ref: '#/components/schemas/SecurityMarks' + iamPolicy: + description: >- + Cloud IAM Policy information associated with the Google Cloud + resource described by the Security Command Center asset. This + information is managed and defined by the Google Cloud resource and + cannot be modified by the user. + $ref: '#/components/schemas/IamPolicy' + securityCenterProperties: + description: >- + Security Command Center managed properties. These properties are + managed by Security Command Center and cannot be modified by the + user. + $ref: '#/components/schemas/SecurityCenterProperties' + createTime: + description: The time at which the asset was created in Security Command Center. + type: string + format: google-datetime + updateTime: + description: The time at which the asset was last updated or added in Cloud SCC. + format: google-datetime + type: string + Vulnerability: + description: Refers to common vulnerability fields e.g. cve, cvss, cwe etc. + properties: + cwes: + items: + $ref: '#/components/schemas/Cwe' + type: array + description: >- + Represents one or more Common Weakness Enumeration (CWE) information + on this vulnerability. + providerRiskScore: + format: int64 + type: string + description: >- + Provider provided risk_score based on multiple factors. The higher + the risk score, the more risky the vulnerability is. + cve: + description: >- + CVE stands for Common Vulnerabilities and Exposures + (https://cve.mitre.org/about/) + $ref: '#/components/schemas/Cve' + fixedPackage: + description: The fixed package is relevant to the finding. + $ref: '#/components/schemas/Package' + reachable: + description: >- + Represents whether the vulnerability is reachable (detected via + static analysis) + type: boolean + offendingPackage: + description: The offending package is relevant to the finding. + $ref: '#/components/schemas/Package' + securityBulletin: + $ref: '#/components/schemas/SecurityBulletin' + description: The security bulletin is relevant to this finding. + id: Vulnerability + type: object + GoogleCloudSecuritycenterV2IssueResourceApplicationAttributesContactInfo: + description: Contact information of stakeholders. + properties: + email: + description: Email address of the contacts. + type: string + id: GoogleCloudSecuritycenterV2IssueResourceApplicationAttributesContactInfo + type: object + ExportFindingsMetadata: + type: object + description: The LRO metadata for a ExportFindings request. + properties: + exportStartTime: + type: string + format: google-datetime + description: Optional. Timestamp at which export was started + bigQueryDestination: + $ref: '#/components/schemas/BigQueryDestination' + description: Required. The destination BigQuery dataset to export findings to. + id: ExportFindingsMetadata + SecurityMarks: + id: SecurityMarks + properties: + name: + description: >- + The relative resource name of the SecurityMarks. See: + https://cloud.google.com/apis/design/resource_names#relative_resource_name + Examples: + "organizations/{organization_id}/assets/{asset_id}/securityMarks" + "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks". + type: string + canonicalName: + description: >- + The canonical name of the marks. Examples: + "organizations/{organization_id}/assets/{asset_id}/securityMarks" + "folders/{folder_id}/assets/{asset_id}/securityMarks" + "projects/{project_number}/assets/{asset_id}/securityMarks" + "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks" + "folders/{folder_id}/sources/{source_id}/findings/{finding_id}/securityMarks" + "projects/{project_number}/sources/{source_id}/findings/{finding_id}/securityMarks" + type: string + marks: + description: >- + Mutable user specified security marks belonging to the parent + resource. Constraints are as follows: * Keys and values are treated + as case insensitive * Keys must be between 1 - 256 characters + (inclusive) * Keys must be letters, numbers, underscores, or dashes + * Values have leading and trailing whitespace trimmed, remaining + characters must be between 1 - 4096 characters (inclusive) + type: object + additionalProperties: + type: string + type: object + description: >- + User specified security marks that are attached to the parent Security + Command Center resource. Security marks are scoped within a Security + Command Center organization -- they can be modified and viewed by all + users who have proper permissions on the organization. + Binding: + properties: + members: + type: array + items: + type: string + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + condition: + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + role: + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + type: string + description: Associates `members`, or principals, with a `role`. + type: object + id: Binding + Requests: + description: Information about the requests relevant to the finding. + properties: + shortTermAllowed: + description: Allowed RPS (requests per second) in the short term. + type: integer + format: int32 + longTermAllowed: + format: int32 + description: Allowed RPS (requests per second) over the long term. + type: integer + longTermDenied: + description: Denied RPS (requests per second) over the long term. + format: int32 + type: integer + ratio: + format: double + description: >- + For 'Increasing deny ratio', the ratio is the denied traffic divided + by the allowed traffic. For 'Allowed traffic spike', the ratio is + the allowed traffic in the short term divided by allowed traffic in + the long term. + type: number + id: Requests + type: object + GoogleCloudSecuritycenterV2InfoType: + properties: + sensitivityScore: + description: >- + Optional custom sensitivity for this InfoType. This only applies to + data profiling. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2SensitivityScore' + name: + description: >- + Name of the information type. Either a name of your choosing when + creating a CustomInfoType, or one of the names listed at + https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference + when specifying a built-in type. When sending Cloud DLP results to + Data Catalog, infoType names should conform to the pattern + `[A-Za-z0-9$_-]{1,64}`. + type: string + version: + description: Optional version name for this InfoType. + type: string + type: object + description: Type of information detected by the API. + id: GoogleCloudSecuritycenterV2InfoType + GoogleCloudSecuritycenterV2SecurityBulletin: + type: object + description: >- + SecurityBulletin are notifications of vulnerabilities of Google + products. + id: GoogleCloudSecuritycenterV2SecurityBulletin + properties: + bulletinId: + description: ID of the bulletin corresponding to the vulnerability. + type: string + suggestedUpgradeVersion: + type: string + description: >- + This represents a version that the cluster receiving this + notification should be upgraded to, based on its current version. + For example, 1.15.0 + submissionTime: + format: google-datetime + description: Submission time of this Security Bulletin. + type: string + Finding: + id: Finding + properties: + vertexAi: + $ref: '#/components/schemas/VertexAi' + description: VertexAi associated with the finding. + application: + $ref: '#/components/schemas/Application' + description: Represents an application associated with the finding. + attackExposure: + description: The results of an attack path simulation relevant to this finding. + $ref: '#/components/schemas/AttackExposure' + findingClass: + enumDescriptions: + - Unspecified finding class. + - Describes unwanted or malicious activity. + - >- + Describes a potential weakness in software that increases risk to + Confidentiality & Integrity & Availability. + - >- + Describes a potential weakness in cloud resource/asset + configuration that increases risk. + - >- + Describes a security observation that is for informational + purposes. + - Describes an error that prevents some SCC functionality. + - >- + Describes a potential security risk due to a change in the + security posture. + - >- + Describes a group of security issues that, when the issues occur + together, represent a greater risk than when the issues occur + independently. A group of such issues is referred to as a toxic + combination. + - >- + Describes a potential security risk to data assets that contain + sensitive data. + - >- + Describes a resource or resource group where high risk attack + paths converge, based on attack path simulations (APS). + enum: + - FINDING_CLASS_UNSPECIFIED + - THREAT + - VULNERABILITY + - MISCONFIGURATION + - OBSERVATION + - SCC_ERROR + - POSTURE_VIOLATION + - TOXIC_COMBINATION + - SENSITIVE_DATA_RISK + - CHOKEPOINT + description: The class of the finding. + type: string + compliances: + description: >- + Contains compliance information for security standards associated to + the finding. + items: + $ref: '#/components/schemas/Compliance' + type: array + securityMarks: + readOnly: true + description: >- + Output only. User specified security marks. These marks are entirely + managed by the user and come from the SecurityMarks resource that + belongs to the finding. + $ref: '#/components/schemas/SecurityMarks' + sourceProperties: + description: >- + Source specific properties. These properties are managed by the + source that writes the finding. The key names in the + source_properties map must be between 1 and 255 characters, and must + start with a letter and contain alphanumeric characters or + underscores only. + additionalProperties: + type: any + type: object + parent: + description: >- + The relative resource name of the source the finding belongs to. + See: + https://cloud.google.com/apis/design/resource_names#relative_resource_name + This field is immutable after creation time. For example: + "organizations/{organization_id}/sources/{source_id}" + type: string + groupMemberships: + type: array + description: >- + Contains details about groups of which this finding is a member. A + group is a collection of findings that are related in some way. This + field cannot be updated. Its value is ignored in all update + requests. + items: + $ref: '#/components/schemas/GroupMembership' + createTime: + format: google-datetime + description: >- + The time at which the finding was created in Security Command + Center. + type: string + kernelRootkit: + $ref: '#/components/schemas/KernelRootkit' + description: Signature of the kernel rootkit. + logEntries: + items: + $ref: '#/components/schemas/LogEntry' + type: array + description: Log entries that are relevant to the finding. + eventTime: + type: string + description: >- + The time the finding was first detected. If an existing finding is + updated, then this is the time the update occurred. For example, if + the finding represents an open firewall, this property captures the + time the detector believes the firewall became open. The accuracy is + determined by the detector. If the finding is later resolved, then + this time reflects when the finding was resolved. This must not be + set to a value greater than the current timestamp. + format: google-datetime + cloudArmor: + $ref: '#/components/schemas/CloudArmor' + description: Fields related to Cloud Armor findings. + complianceDetails: + description: Details about the compliance implications of the finding. + $ref: '#/components/schemas/ComplianceDetails' + indicator: + description: >- + Represents what's commonly known as an *indicator of compromise* + (IoC) in computer forensics. This is an artifact observed on a + network or in an operating system that, with high confidence, + indicates a computer intrusion. For more information, see [Indicator + of + compromise](https://en.wikipedia.org/wiki/Indicator_of_compromise). + $ref: '#/components/schemas/Indicator' + muteInitiator: + description: >- + Records additional information about the mute operation, for + example, the [mute + configuration](/security-command-center/docs/how-to-mute-findings) + that muted the finding and the user who muted the finding. + type: string + toxicCombination: + description: >- + Contains details about a group of security issues that, when the + issues occur together, represent a greater risk than when the issues + occur independently. A group of such issues is referred to as a + toxic combination. This field cannot be updated. Its value is + ignored in all update requests. + $ref: '#/components/schemas/ToxicCombination' + parentDisplayName: + type: string + readOnly: true + description: >- + Output only. The human readable display name of the finding source + such as "Event Threat Detection" or "Security Health Analytics". + exfiltration: + description: Represents exfiltrations associated with the finding. + $ref: '#/components/schemas/Exfiltration' + canonicalName: + description: >- + The canonical name of the finding. It's either + "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", + "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or + "projects/{project_number}/sources/{source_id}/findings/{finding_id}", + depending on the closest CRM ancestor of the resource associated + with the finding. + type: string + severity: + type: string + enumDescriptions: + - >- + This value is used for findings when a source doesn't write a + severity value. + - >- + Vulnerability: A critical vulnerability is easily discoverable by + an external actor, exploitable, and results in the direct ability + to execute arbitrary code, exfiltrate data, and otherwise gain + additional access and privileges to cloud resources and workloads. + Examples include publicly accessible unprotected user data and + public SSH access with weak or no passwords. Threat: Indicates a + threat that is able to access, modify, or delete data or execute + unauthorized code within existing resources. + - >- + Vulnerability: A high risk vulnerability can be easily discovered + and exploited in combination with other vulnerabilities in order + to gain direct access and the ability to execute arbitrary code, + exfiltrate data, and otherwise gain additional access and + privileges to cloud resources and workloads. An example is a + database with weak or no passwords that is only accessible + internally. This database could easily be compromised by an actor + that had access to the internal network. Threat: Indicates a + threat that is able to create new computational resources in an + environment but not able to access data or execute code in + existing resources. + - >- + Vulnerability: A medium risk vulnerability could be used by an + actor to gain access to resources or privileges that enable them + to eventually (through multiple steps or a complex exploit) gain + access and the ability to execute arbitrary code or exfiltrate + data. An example is a service account with access to more projects + than it should have. If an actor gains access to the service + account, they could potentially use that access to manipulate a + project the service account was not intended to. Threat: Indicates + a threat that is able to cause operational impact but may not + access data or execute unauthorized code. + - >- + Vulnerability: A low risk vulnerability hampers a security + organization's ability to detect vulnerabilities or active threats + in their deployment, or prevents the root cause investigation of + security issues. An example is monitoring and logs being disabled + for resource configurations and access. Threat: Indicates a threat + that has obtained minimal access to an environment but is not able + to access data, execute code, or create resources. + description: >- + The severity of the finding. This field is managed by the source + that writes the finding. + enum: + - SEVERITY_UNSPECIFIED + - CRITICAL + - HIGH + - MEDIUM + - LOW + loadBalancers: + items: + $ref: '#/components/schemas/LoadBalancer' + description: The load balancers associated with the finding. + type: array + resourceName: + description: >- + For findings on Google Cloud resources, the full resource name of + the Google Cloud resource this finding is for. See: + https://cloud.google.com/apis/design/resource_names#full_resource_name + When the finding is for a non-Google Cloud resource, the + resourceName can be a customer or partner defined string. This field + is immutable after creation time. + type: string + dataFlowEvents: + items: + $ref: '#/components/schemas/DataFlowEvent' + type: array + description: Data flow events associated with the finding. + processes: + description: Represents operating system processes associated with the Finding. + type: array + items: + $ref: '#/components/schemas/Process' + contacts: + additionalProperties: + $ref: '#/components/schemas/ContactDetails' + description: >- + Output only. Map containing the points of contact for the given + finding. The key represents the type of contact, while the value + contains a list of all the contacts that pertain. Please refer to: + https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories + { "security": { "contacts": [ { "email": "person1@company.com" }, { + "email": "person2@company.com" } ] } } + readOnly: true + type: object + ipRules: + description: IP rules associated with the finding. + $ref: '#/components/schemas/IpRules' + affectedResources: + description: AffectedResources associated with the finding. + $ref: '#/components/schemas/AffectedResources' + muteUpdateTime: + format: google-datetime + description: Output only. The most recent time this finding was muted or unmuted. + readOnly: true + type: string + cloudDlpInspection: + $ref: '#/components/schemas/CloudDlpInspection' + description: >- + Cloud Data Loss Prevention (Cloud DLP) inspection results that are + associated with the finding. + cloudDlpDataProfile: + description: Cloud DLP data profile that is associated with the finding. + $ref: '#/components/schemas/CloudDlpDataProfile' + aiModel: + $ref: '#/components/schemas/AiModel' + description: The AI model associated with the finding. + mitreAttack: + description: >- + MITRE ATT&CK tactics and techniques related to this finding. See: + https://attack.mitre.org + $ref: '#/components/schemas/MitreAttack' + backupDisasterRecovery: + description: Fields related to Backup and DR findings. + $ref: '#/components/schemas/BackupDisasterRecovery' + iamBindings: + items: + $ref: '#/components/schemas/IamBinding' + type: array + description: Represents IAM bindings associated with the finding. + muteInfo: + $ref: '#/components/schemas/MuteInfo' + description: Output only. The mute information regarding this finding. + readOnly: true + mute: + enumDescriptions: + - Unspecified. + - Finding has been muted. + - Finding has been unmuted. + - Finding has never been muted/unmuted. + enum: + - MUTE_UNSPECIFIED + - MUTED + - UNMUTED + - UNDEFINED + description: >- + Indicates the mute state of a finding (either muted, unmuted or + undefined). Unlike other attributes of a finding, a finding provider + shouldn't set the value of mute. + type: string + vulnerability: + $ref: '#/components/schemas/Vulnerability' + description: >- + Represents vulnerability-specific fields like CVE and CVSS scores. + CVE stands for Common Vulnerabilities and Exposures + (https://cve.mitre.org/about/) + connections: + items: + $ref: '#/components/schemas/Connection' + description: >- + Contains information about the IP connection associated with the + finding. + type: array + notebook: + $ref: '#/components/schemas/Notebook' + description: Notebook associated with the finding. + orgPolicies: + items: + $ref: '#/components/schemas/OrgPolicy' + description: >- + Contains information about the org policies associated with the + finding. + type: array + category: + description: >- + The additional taxonomy group within findings from a given source. + This field is immutable after creation time. Example: + "XSS_FLASH_INJECTION" + type: string + access: + $ref: '#/components/schemas/Access' + description: >- + Access details associated with the finding, such as more information + on the caller, which method was accessed, and from where. + moduleName: + description: >- + Unique identifier of the module which generated the finding. + Example: + folders/598186756061/securityHealthAnalyticsSettings/customModules/56799441161885 + type: string + dataRetentionDeletionEvents: + description: Data retention deletion events associated with the finding. + type: array + items: + $ref: '#/components/schemas/DataRetentionDeletionEvent' + files: + type: array + items: + $ref: '#/components/schemas/File' + description: File associated with the finding. + nextSteps: + description: Steps to address the finding. + type: string + disk: + description: Disk associated with the finding. + $ref: '#/components/schemas/Disk' + externalUri: + type: string + description: >- + The URI that, if available, points to a web page outside of Security + Command Center where additional information about the finding can be + found. This field is guaranteed to be either empty or a well formed + URL. + database: + description: Database associated with the finding. + $ref: '#/components/schemas/Database' + description: + type: string + description: Contains more details about the finding. + securityPosture: + description: The security posture associated with the finding. + $ref: '#/components/schemas/SecurityPosture' + kubernetes: + $ref: '#/components/schemas/Kubernetes' + description: Kubernetes resources associated with the finding. + dataAccessEvents: + type: array + description: Data access events associated with the finding. + items: + $ref: '#/components/schemas/DataAccessEvent' + state: + description: The state of the finding. + enumDescriptions: + - Unspecified state. + - The finding requires attention and has not been addressed yet. + - >- + The finding has been fixed, triaged as a non-issue or otherwise + addressed and is no longer active. + type: string + enum: + - STATE_UNSPECIFIED + - ACTIVE + - INACTIVE + name: + description: >- + The [relative resource + name](https://cloud.google.com/apis/design/resource_names#relative_resource_name) + of the finding. Example: + "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", + "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", + "projects/{project_id}/sources/{source_id}/findings/{finding_id}". + type: string + networks: + description: Represents the VPC networks that the resource is attached to. + items: + $ref: '#/components/schemas/Network' + type: array + chokepoint: + description: >- + Contains details about a chokepoint, which is a resource or resource + group where high-risk attack paths converge, based on [attack path + simulations] + (https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_path_simulations). + This field cannot be updated. Its value is ignored in all update + requests. + $ref: '#/components/schemas/Chokepoint' + externalSystems: + description: >- + Output only. Third party SIEM/SOAR fields within SCC, contains + external system information and external system finding fields. + type: object + additionalProperties: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ExternalSystem' + readOnly: true + job: + description: Job associated with the finding. + $ref: '#/components/schemas/Job' + containers: + description: >- + Containers associated with the finding. This field provides + information for both Kubernetes and non-Kubernetes containers. + items: + $ref: '#/components/schemas/Container' + type: array + description: >- + Security Command Center finding. A finding is a record of assessment + data like security, risk, health, or privacy, that is ingested into + Security Command Center for presentation, notification, analysis, policy + testing, and enforcement. For example, a cross-site scripting (XSS) + vulnerability in an App Engine application is a finding. + type: object + CreateResourceValueConfigRequest: + id: CreateResourceValueConfigRequest + description: Request message to create single resource value config + properties: + resourceValueConfig: + description: Required. The resource value config being created. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ResourceValueConfig' + parent: + description: Required. Resource name of the new ResourceValueConfig's parent. + type: string + type: object + OrgPolicy: + id: OrgPolicy + properties: + name: + description: >- + The resource name of the org policy. Example: + "organizations/{organization_id}/policies/{constraint_name}" + type: string + type: object + description: Contains information about the org policies associated with the finding. + GoogleCloudSecuritycenterV2AttackExposure: + description: >- + An attack exposure contains the results of an attack path simulation + run. + properties: + attackExposureResult: + description: >- + The resource name of the attack path simulation result that contains + the details regarding this attack exposure score. Example: + `organizations/123/simulations/456/attackExposureResults/789` + type: string + score: + description: >- + A number between 0 (inclusive) and infinity that represents how + important this finding is to remediate. The higher the score, the + more important it is to remediate. + type: number + format: double + exposedMediumValueResourcesCount: + description: >- + The number of medium value resources that are exposed as a result of + this finding. + format: int32 + type: integer + state: + description: >- + Output only. What state this AttackExposure is in. This captures + whether or not an attack exposure has been calculated or not. + enum: + - STATE_UNSPECIFIED + - CALCULATED + - NOT_CALCULATED + enumDescriptions: + - The state is not specified. + - The attack exposure has been calculated. + - The attack exposure has not been calculated. + type: string + readOnly: true + exposedHighValueResourcesCount: + type: integer + description: >- + The number of high value resources that are exposed as a result of + this finding. + format: int32 + exposedLowValueResourcesCount: + format: int32 + description: >- + The number of high value resources that are exposed as a result of + this finding. + type: integer + latestCalculationTime: + format: google-datetime + type: string + description: >- + The most recent time the attack exposure was updated on this + finding. + id: GoogleCloudSecuritycenterV2AttackExposure + type: object + GoogleCloudSecuritycenterV2Access: + id: GoogleCloudSecuritycenterV2Access + description: Represents an access event. + type: object + properties: + principalSubject: + type: string + description: >- + A string that represents the principal_subject that is associated + with the identity. Unlike `principal_email`, `principal_subject` + supports principals that aren't associated with email addresses, + such as third party principals. For most identities, the format is + `principal://iam.googleapis.com/{identity pool + name}/subject/{subject}`. Some GKE identities, such as GKE_WORKLOAD, + FREEFORM, and GKE_HUB_WORKLOAD, still use the legacy format + `serviceAccount:{identity pool name}[{subject}]`. + callerIpGeo: + description: >- + The caller IP's geolocation, which identifies where the call came + from. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Geolocation' + userName: + description: >- + A string that represents a username. The username provided depends + on the type of the finding and is likely not an IAM principal. For + example, this can be a system username if the finding is related to + a virtual machine, or it can be an application login username. + type: string + serviceAccountKeyName: + description: >- + The name of the service account key that was used to create or + exchange credentials when authenticating the service account that + made the request. This is a scheme-less URI full resource name. For + example: + "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}". + type: string + principalEmail: + type: string + description: >- + Associated email, such as "foo@google.com". The email address of the + authenticated user or a service account acting on behalf of a third + party principal making the request. For third party identity + callers, the `principal_subject` field is populated instead of this + field. For privacy reasons, the principal email address is sometimes + redacted. For more information, see [Caller identities in audit + logs](https://cloud.google.com/logging/docs/audit#user-id). + userAgent: + type: string + description: The caller's user agent string associated with the finding. + userAgentFamily: + description: >- + Type of user agent associated with the finding. For example, an + operating system shell or an embedded or standalone application. + type: string + methodName: + type: string + description: The method that the service account called, e.g. "SetIamPolicy". + callerIp: + description: Caller's IP address, such as "1.1.1.1". + type: string + serviceName: + type: string + description: >- + This is the API service that the service account made a call to, + e.g. "iam.googleapis.com" + serviceAccountDelegationInfo: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2ServiceAccountDelegationInfo + description: >- + The identity delegation history of an authenticated service account + that made the request. The `serviceAccountDelegationInfo[]` object + contains information about the real authorities that try to access + Google Cloud resources by delegating on a service account. When + multiple authorities are present, they are guaranteed to be sorted + based on the original ordering of the identity delegation events. + AttackPathNode: + type: object + id: AttackPathNode + description: >- + Represents one point that an attacker passes through in this attack + path. + properties: + attackSteps: + description: A list of attack step nodes that exist in this attack path node. + type: array + items: + $ref: '#/components/schemas/AttackStepNode' + uuid: + description: Unique id of the attack path node. + type: string + resource: + type: string + description: >- + The name of the resource at this point in the attack path. The + format of the name follows the Cloud Asset Inventory [resource name + format](https://cloud.google.com/asset-inventory/docs/resource-name-format) + displayName: + type: string + description: Human-readable name of this resource. + resourceType: + description: >- + The [supported resource + type](https://cloud.google.com/asset-inventory/docs/supported-asset-types) + type: string + associatedFindings: + description: The findings associated with this node in the attack path. + items: + $ref: '#/components/schemas/PathNodeAssociatedFinding' + type: array + VulnerabilitySnapshot: + type: object + properties: + cloudProvider: + enumDescriptions: + - The cloud provider is unspecified. + - The cloud provider is Google Cloud. + - The cloud provider is Amazon Web Services. + - The cloud provider is Microsoft Azure. + enum: + - CLOUD_PROVIDER_UNSPECIFIED + - GOOGLE_CLOUD_PLATFORM + - AMAZON_WEB_SERVICES + - MICROSOFT_AZURE + type: string + description: The cloud provider for the vulnerability snapshot. + snapshotTime: + type: string + description: The time that the snapshot was taken. + format: google-datetime + name: + type: string + description: >- + Identifier. The vulnerability snapshot name. Format: + //locations//vulnerabilitySnapshots/ + findingCount: + description: The vulnerability count by severity. + $ref: '#/components/schemas/VulnerabilityCountBySeverity' + id: VulnerabilitySnapshot + description: >- + Result containing the properties and count of a VulnerabilitySnapshot + request. + GoogleCloudSecuritycenterV2CloudLoggingEntry: + description: >- + Metadata taken from a [Cloud Logging + LogEntry](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) + type: object + properties: + insertId: + description: A unique identifier for the log entry. + type: string + logId: + description: >- + The type of the log (part of `log_name`. `log_name` is the resource + name of the log to which this log entry belongs). For example: + `cloudresourcemanager.googleapis.com/activity` Note that this field + is not URL-encoded, unlike in `LogEntry`. + type: string + timestamp: + description: The time the event described by the log entry occurred. + type: string + format: google-datetime + resourceContainer: + type: string + description: >- + The organization, folder, or project of the monitored resource that + produced this log entry. + id: GoogleCloudSecuritycenterV2CloudLoggingEntry + Operation: + properties: + error: + $ref: '#/components/schemas/Status' + description: >- + The error result of the operation in case of failure or + cancellation. + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + response: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + id: Operation + description: >- + This resource represents a long-running operation that is the result of + a network API call. + GroupFindingsRequest: + id: GroupFindingsRequest + description: Request message for grouping by findings. + properties: + groupBy: + type: string + description: >- + Required. Expression that defines what assets fields to use for + grouping (including `state_change`). The string value should follow + SQL syntax: comma separated list of fields. For example: + "parent,resource_name". The following fields are supported when + compare_duration is set: * state_change + pageToken: + description: >- + The value returned by the last `GroupFindingsResponse`; indicates + that this is a continuation of a prior `GroupFindings` call, and + that the system should return the next page of data. + type: string + filter: + type: string + description: >- + Expression that defines the filter to apply across findings. The + expression is a list of one or more restrictions combined via + logical operators `AND` and `OR`. Parentheses are supported, and + `OR` has higher precedence than `AND`. Restrictions have the form ` + ` and may have a `-` character in front of them to indicate + negation. Examples include: * name * source_properties.a_property * + security_marks.marks.marka The supported operators are: * `=` for + all value types. * `>`, `<`, `>=`, `<=` for integer values. * `:`, + meaning substring matching, for strings. The supported value types + are: * string literals in quotes. * integer literals without quotes. + * boolean literals `true` and `false` without quotes. The following + field and operator combinations are supported: * name: `=` * parent: + `=`, `:` * resource_name: `=`, `:` * state: `=`, `:` * category: + `=`, `:` * external_uri: `=`, `:` * event_time: `=`, `>`, `<`, `>=`, + `<=` Usage: This should be milliseconds since epoch or an RFC3339 + string. Examples: `event_time = "2019-06-10T16:07:18-07:00"` + `event_time = 1560208038000` * severity: `=`, `:` * workflow_state: + `=`, `:` * security_marks.marks: `=`, `:` * source_properties: `=`, + `:`, `>`, `<`, `>=`, `<=` For example, `source_properties.size = + 100` is a valid filter string. Use a partial match on the empty + string to filter based on a property existing: + `source_properties.my_property : ""` Use a negated partial match on + the empty string to filter based on a property not existing: + `-source_properties.my_property : ""` * resource: * resource.name: + `=`, `:` * resource.parent_name: `=`, `:` * + resource.parent_display_name: `=`, `:` * resource.project_name: `=`, + `:` * resource.project_display_name: `=`, `:` * resource.type: `=`, + `:` + readTime: + description: >- + Time used as a reference point when filtering findings. The filter + is limited to findings existing at the supplied time and their + values are those at that specific time. Absence of this field will + default to the API's version of NOW. + type: string + format: google-datetime + deprecated: true + pageSize: + description: >- + The maximum number of results to return in a single response. + Default is 10, minimum is 1, maximum is 1000. + format: int32 + type: integer + compareDuration: + description: >- + When compare_duration is set, the GroupResult's "state_change" + attribute is updated to indicate whether the finding had its state + changed, the finding's state remained unchanged, or if the finding + was added during the compare_duration period of time that precedes + the read_time. This is the time between (read_time - + compare_duration) and read_time. The state_change value is derived + based on the presence and state of the finding at the two points in + time. Intermediate state changes between the two times don't affect + the result. For example, the results aren't affected if the finding + is made inactive and then active again. Possible "state_change" + values when compare_duration is specified: * "CHANGED": indicates + that the finding was present and matched the given filter at the + start of compare_duration, but changed its state at read_time. * + "UNCHANGED": indicates that the finding was present and matched the + given filter at the start of compare_duration and did not change + state at read_time. * "ADDED": indicates that the finding did not + match the given filter or was not present at the start of + compare_duration, but was present at read_time. * "REMOVED": + indicates that the finding was present and matched the filter at the + start of compare_duration, but did not match the filter at + read_time. If compare_duration is not specified, then the only + possible state_change is "UNUSED", which will be the state_change + set for all findings present at read_time. If this field is set then + `state_change` must be a specified field in `group_by`. + type: string + format: google-duration + deprecated: true + type: object + AzureResourceGroup: + type: object + properties: + name: + description: The name of the Azure resource group. This is not a UUID. + type: string + id: + type: string + description: The ID of the Azure resource group. + id: AzureResourceGroup + description: Represents an Azure resource group. + GoogleCloudSecuritycenterV1Property: + type: object + description: An individual name-value pair that defines a custom source property. + id: GoogleCloudSecuritycenterV1Property + properties: + name: + description: Name of the property for the custom output. + type: string + valueExpression: + description: >- + The CEL expression for the custom output. A resource property can be + specified to return the value of the property or a text string + enclosed in quotation marks. + $ref: '#/components/schemas/Expr' + GroupMembership: + properties: + groupId: + description: ID of the group. + type: string + groupType: + description: Type of group. + enum: + - GROUP_TYPE_UNSPECIFIED + - GROUP_TYPE_TOXIC_COMBINATION + - GROUP_TYPE_CHOKEPOINT + type: string + enumDescriptions: + - Default value. + - Group represents a toxic combination. + - Group represents a chokepoint. + description: >- + Contains details about groups of which this finding is a member. A group + is a collection of findings that are related in some way. + id: GroupMembership + type: object + PolicyDriftDetails: + id: PolicyDriftDetails + properties: + detectedValue: + type: string + description: >- + The detected value that violates the deployed posture, for example, + `false` or `allowed_values={"projects/22831892"}`. + field: + type: string + description: >- + The name of the updated field, for example + constraint.implementation.policy_rules[0].enforce + expectedValue: + description: >- + The value of this field that was configured in a posture, for + example, `true` or `allowed_values={"projects/29831892"}`. + type: string + description: >- + The policy field that violates the deployed posture and its expected and + detected values. + type: object + Pipeline: + type: object + properties: + displayName: + description: >- + The user defined display name of pipeline, e.g. + plants-classification + type: string + name: + description: >- + Resource name of the pipeline, e.g. + projects/{project}/locations/{location}/trainingPipelines/5253428229225578496 + type: string + description: Vertex AI training pipeline associated with the finding. + id: Pipeline + Status: + properties: + code: + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + format: int32 + message: + type: string + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + details: + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + id: Status + type: object + GoogleCloudSecuritycenterV2Process: + description: Represents an operating system process. + type: object + id: GoogleCloudSecuritycenterV2Process + properties: + libraries: + description: File information for libraries loaded by the process. + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2File' + type: array + envVariables: + type: array + description: Process environment variables. + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2EnvironmentVariable + envVariablesTruncated: + description: True if `env_variables` is incomplete. + type: boolean + binary: + description: File information for the process executable. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2File' + pid: + type: string + description: The process ID. + format: int64 + userId: + description: >- + The ID of the user that executed the process. E.g. If this is the + root user this will always be 0. + format: int64 + type: string + name: + type: string + description: >- + The process name, as displayed in utilities like `top` and `ps`. + This name can be accessed through `/proc/[pid]/comm` and changed + with `prctl(PR_SET_NAME)`. + args: + type: array + description: Process arguments as JSON encoded strings. + items: + type: string + parentPid: + description: The parent process ID. + type: string + format: int64 + script: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2File' + description: >- + When the process represents the invocation of a script, `binary` + provides information about the interpreter, while `script` provides + information about the script file provided to the interpreter. + argumentsTruncated: + description: True if `args` is incomplete. + type: boolean + KernelRootkit: + properties: + name: + type: string + description: Rootkit name, when available. + unexpectedKernelCodePages: + description: >- + True if kernel code pages that are not in the expected kernel or + module code regions are present. + type: boolean + unexpectedReadOnlyDataModification: + description: >- + True if unexpected modifications of kernel read-only data memory are + present. + type: boolean + unexpectedProcessesInRunqueue: + description: >- + True if unexpected processes in the scheduler run queue are present. + Such processes are in the run queue, but not in the process task + list. + type: boolean + unexpectedCodeModification: + type: boolean + description: True if unexpected modifications of kernel code memory are present. + unexpectedInterruptHandler: + description: >- + True if interrupt handlers that are are not in the expected kernel + or module code regions are present. + type: boolean + unexpectedKprobeHandler: + description: >- + True if `kprobe` points are present with callbacks pointing to + regions that are not in the expected kernel or module code range. + type: boolean + unexpectedFtraceHandler: + description: >- + True if `ftrace` points are present with callbacks pointing to + regions that are not in the expected kernel or module code range. + type: boolean + unexpectedSystemCallHandler: + description: >- + True if system call handlers that are are not in the expected kernel + or module code regions are present. + type: boolean + type: object + description: Kernel mode rootkit signatures. + id: KernelRootkit + ValidateEventThreatDetectionCustomModuleRequest: + id: ValidateEventThreatDetectionCustomModuleRequest + type: object + properties: + type: + description: Required. The type of the module (e.g. CONFIGURABLE_BAD_IP). + type: string + rawText: + description: >- + Required. The raw text of the module's contents. Used to generate + error messages. + type: string + description: Request to validate an Event Threat Detection custom module. + MemoryHashSignature: + type: object + description: A signature corresponding to memory page hashes. + properties: + binaryFamily: + type: string + description: The binary family. + detections: + type: array + items: + $ref: '#/components/schemas/Detection' + description: >- + The list of memory hash detections contributing to the binary family + match. + id: MemoryHashSignature + GoogleCloudSecuritycenterV2ResourceApplicationAttributes: + properties: + operatorOwners: + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2ResourceApplicationAttributesContactInfo + description: Operator team that ensures runtime and operations. + type: array + environment: + description: User-defined environment information. + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2ResourceApplicationAttributesEnvironment + businessOwners: + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2ResourceApplicationAttributesContactInfo + type: array + description: Business team that ensures user needs are met and value is delivered + criticality: + description: User-defined criticality information. + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2ResourceApplicationAttributesCriticality + developerOwners: + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2ResourceApplicationAttributesContactInfo + description: Developer team that owns development and coding. + type: array + type: object + description: Consumer provided attributes for the application + id: GoogleCloudSecuritycenterV2ResourceApplicationAttributes + Detection: + id: Detection + properties: + binary: + description: >- + The name of the binary associated with the memory hash signature + detection. + type: string + percentPagesMatched: + description: >- + The percentage of memory page hashes in the signature that were + matched. + type: number + format: double + description: Memory hash detection contributing to the binary family match. + type: object + VulnerabilityCountBySeverity: + description: Vulnerability count by severity. + id: VulnerabilityCountBySeverity + type: object + properties: + severityToFindingCount: + description: Key is the Severity enum. + additionalProperties: + format: int64 + type: string + type: object + GoogleCloudSecuritycenterV2IssueSecurityContextContext: + type: object + description: Context of a security context. + properties: + values: + type: array + description: Context values. + items: + type: string + type: + description: Context type. + type: string + id: GoogleCloudSecuritycenterV2IssueSecurityContextContext + GoogleCloudSecuritycenterV2Notebook: + description: >- + Represents a Jupyter notebook IPYNB file, such as a [Colab Enterprise + notebook](https://cloud.google.com/colab/docs/introduction) file, that + is associated with a finding. + properties: + service: + type: string + description: The source notebook service, for example, "Colab Enterprise". + lastAuthor: + type: string + description: The user ID of the latest author to modify the notebook. + name: + description: The name of the notebook. + type: string + notebookUpdateTime: + format: google-datetime + description: The most recent time the notebook was updated. + type: string + type: object + id: GoogleCloudSecuritycenterV2Notebook + RunAssetDiscoveryRequest: + description: Request message for running asset discovery for an organization. + id: RunAssetDiscoveryRequest + properties: {} + type: object + Disk: + type: object + properties: + name: + type: string + description: >- + The name of the disk, for example, + "https://www.googleapis.com/compute/v1/projects/{project-id}/zones/{zone-id}/disks/{disk-id}". + description: Contains information about the disk associated with the finding. + id: Disk + ListSourcesResponse: + type: object + id: ListSourcesResponse + properties: + sources: + description: Sources belonging to the requested parent. + type: array + items: + $ref: '#/components/schemas/Source' + nextPageToken: + description: >- + Token to retrieve the next page of results, or empty if there are no + more results. + type: string + description: Response message for listing sources. + GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule: + description: >- + Represents an instance of a Security Health Analytics custom module, + including its full module name, display name, enablement state, and last + updated time. You can create a custom module at the organization, + folder, or project level. Custom modules that you create at the + organization or folder level are inherited by the child folders and + projects. + properties: + updateTime: + type: string + description: Output only. The time at which the custom module was last updated. + format: google-datetime + readOnly: true + name: + type: string + description: >- + Immutable. The resource name of the custom module. Its format is + "organizations/{organization}/securityHealthAnalyticsSettings/customModules/{customModule}", + or + "folders/{folder}/securityHealthAnalyticsSettings/customModules/{customModule}", + or + "projects/{project}/securityHealthAnalyticsSettings/customModules/{customModule}" + The id {customModule} is server-generated and is not user settable. + It will be a numeric id containing 1-20 digits. + lastEditor: + type: string + readOnly: true + description: Output only. The editor that last updated the custom module. + customConfig: + description: The user specified custom configuration for the module. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1CustomConfig' + cloudProvider: + type: string + enumDescriptions: + - Unspecified cloud provider. + - Google Cloud. + - Amazon Web Services (AWS). + - Microsoft Azure. + description: The cloud provider of the custom module. + enum: + - CLOUD_PROVIDER_UNSPECIFIED + - GOOGLE_CLOUD_PLATFORM + - AMAZON_WEB_SERVICES + - MICROSOFT_AZURE + enablementState: + enum: + - ENABLEMENT_STATE_UNSPECIFIED + - ENABLED + - DISABLED + - INHERITED + type: string + description: The enablement state of the custom module. + enumDescriptions: + - Unspecified enablement state. + - The module is enabled at the given CRM resource. + - The module is disabled at the given CRM resource. + - >- + State is inherited from an ancestor module. The module will either + be effectively ENABLED or DISABLED based on its closest + non-inherited ancestor module in the CRM hierarchy. + displayName: + type: string + description: >- + The display name of the Security Health Analytics custom module. + This display name becomes the finding category for all findings that + are returned by this custom module. The display name must be between + 1 and 128 characters, start with a lowercase letter, and contain + alphanumeric characters or underscores only. + ancestorModule: + readOnly: true + type: string + description: >- + Output only. If empty, indicates that the custom module was created + in the organization, folder, or project in which you are viewing the + custom module. Otherwise, `ancestor_module` specifies the + organization or folder from which the custom module is inherited. + type: object + id: GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule + CloudLoggingEntry: + properties: + insertId: + type: string + description: A unique identifier for the log entry. + logId: + description: >- + The type of the log (part of `log_name`. `log_name` is the resource + name of the log to which this log entry belongs). For example: + `cloudresourcemanager.googleapis.com/activity`. Note that this field + is not URL-encoded, unlike the `LOG_ID` field in `LogEntry`. + type: string + resourceContainer: + description: >- + The organization, folder, or project of the monitored resource that + produced this log entry. + type: string + timestamp: + description: The time the event described by the log entry occurred. + type: string + format: google-datetime + type: object + description: >- + Metadata taken from a [Cloud Logging + LogEntry](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) + id: CloudLoggingEntry + ListMuteConfigsResponse: + description: Response message for listing mute configs. + id: ListMuteConfigsResponse + properties: + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + muteConfigs: + description: The mute configs from the specified parent. + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + type: object + FileOperation: + id: FileOperation + type: object + properties: + type: + type: string + enum: + - OPERATION_TYPE_UNSPECIFIED + - OPEN + - READ + - RENAME + - WRITE + - EXECUTE + description: The type of the operation + enumDescriptions: + - The operation is unspecified. + - Represents an open operation. + - Represents a read operation. + - Represents a rename operation. + - Represents a write operation. + - Represents an execute operation. + description: Operation(s) performed on a file. + AuditConfig: + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + properties: + service: + description: >- + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + type: string + auditLogConfigs: + description: The configuration for logging of each type of permission. + items: + $ref: '#/components/schemas/AuditLogConfig' + type: array + type: object + id: AuditConfig + GoogleCloudSecuritycenterV2IssueFinding: + description: Finding related to an issue. + properties: + securityBulletin: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2IssueFindingSecurityBulletin + description: The security bulletin of the finding. + name: + type: string + description: The name of the finding. + cve: + description: The CVE of the finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IssueFindingCve' + type: object + id: GoogleCloudSecuritycenterV2IssueFinding + GoogleCloudSecuritycenterV2IssueResourceAzureMetadata: + id: GoogleCloudSecuritycenterV2IssueResourceAzureMetadata + properties: + subscription: + description: The Azure subscription of the resource associated with the issue. + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2IssueResourceAzureMetadataAzureSubscription + type: object + description: The Azure metadata of a resource associated with an issue. + GoogleCloudSecuritycenterV2AzureManagementGroup: + type: object + description: Represents an Azure management group. + properties: + id: + type: string + description: >- + The UUID of the Azure management group, for example, + `20000000-0001-0000-0000-000000000000`. + displayName: + type: string + description: The display name of the Azure management group. + id: GoogleCloudSecuritycenterV2AzureManagementGroup + GoogleCloudSecuritycenterV2CloudDlpDataProfile: + type: object + id: GoogleCloudSecuritycenterV2CloudDlpDataProfile + description: >- + The [data profile](https://cloud.google.com/dlp/docs/data-profiles) + associated with the finding. + properties: + parentType: + enumDescriptions: + - Unspecified parent type. + - Organization-level configurations. + - Project-level configurations. + description: >- + The resource hierarchy level at which the data profile was + generated. + type: string + enum: + - PARENT_TYPE_UNSPECIFIED + - ORGANIZATION + - PROJECT + infoTypes: + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2InfoType' + description: >- + Type of information detected by SDP. Info type includes name, + version and sensitivity of the detected information type. + type: array + dataProfile: + description: >- + Name of the data profile, for example, + `projects/123/locations/europe/tableProfiles/8383929`. + type: string + SimulatedResource: + id: SimulatedResource + description: >- + Manually constructed resource name. If the custom module evaluates + against only the resource data, you can omit the `iam_policy_data` + field. If it evaluates only the `iam_policy_data` field, you can omit + the resource data. + type: object + properties: + resourceData: + additionalProperties: + description: Properties of the object. + type: any + type: object + description: >- + Optional. A representation of the Google Cloud resource. Should + match the Google Cloud resource JSON format. + iamPolicyData: + $ref: '#/components/schemas/Policy' + description: Optional. A representation of the IAM policy. + resourceType: + description: >- + Required. The type of the resource, for example, + `compute.googleapis.com/Disk`. + type: string + ListEffectiveEventThreatDetectionCustomModulesResponse: + type: object + description: Response for listing EffectiveEventThreatDetectionCustomModules. + id: ListEffectiveEventThreatDetectionCustomModulesResponse + properties: + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + effectiveEventThreatDetectionCustomModules: + items: + $ref: '#/components/schemas/EffectiveEventThreatDetectionCustomModule' + type: array + description: Effective custom modules belonging to the requested parent. + GoogleCloudSecuritycenterV2Application: + id: GoogleCloudSecuritycenterV2Application + type: object + properties: + baseUri: + description: >- + The base URI that identifies the network location of the application + in which the vulnerability was detected. For example, + `http://example.com`. + type: string + fullUri: + description: >- + The full URI with payload that could be used to reproduce the + vulnerability. For example, `http://example.com?p=aMmYgI6H`. + type: string + description: Represents an application associated with a finding. + ResourceValueConfigMetadata: + type: object + properties: + name: + type: string + description: Resource value config name + id: ResourceValueConfigMetadata + description: Metadata about a ResourceValueConfig. For example, id and name. + ListFindingsResult: + id: ListFindingsResult + type: object + properties: + stateChange: + type: string + enumDescriptions: + - >- + State change is unused, this is the canonical default for this + enum. + - >- + The finding has changed state in some way between the points in + time and existed at both points. + - >- + The finding has not changed state between the points in time and + existed at both points. + - The finding was created between the points in time. + - >- + The finding at timestamp does not match the filter specified, but + it did at timestamp - compare_duration. + enum: + - UNUSED + - CHANGED + - UNCHANGED + - ADDED + - REMOVED + description: State change of the finding between the points in time. + finding: + description: Finding matching the search request. + $ref: '#/components/schemas/Finding' + resource: + description: Output only. Resource that is associated with this finding. + $ref: '#/components/schemas/Resource' + readOnly: true + description: Result containing the Finding and its StateChange. + CloudDlpDataProfile: + type: object + id: CloudDlpDataProfile + properties: + dataProfile: + description: >- + Name of the data profile, for example, + `projects/123/locations/europe/tableProfiles/8383929`. + type: string + infoTypes: + items: + $ref: '#/components/schemas/InfoType' + description: >- + Type of information detected by SDP. Info type includes name, + version and sensitivity of the detected information type. + type: array + parentType: + description: >- + The resource hierarchy level at which the data profile was + generated. + enumDescriptions: + - Unspecified parent type. + - Organization-level configurations. + - Project-level configurations. + enum: + - PARENT_TYPE_UNSPECIFIED + - ORGANIZATION + - PROJECT + type: string + description: >- + The [data profile](https://cloud.google.com/dlp/docs/data-profiles) + associated with the finding. + GoogleCloudSecuritycenterV2Container: + id: GoogleCloudSecuritycenterV2Container + description: Container associated with the finding. + type: object + properties: + uri: + type: string + description: >- + Container image URI provided when configuring a pod or container. + This string can identify a container image version using mutable + tags. + name: + description: Name of the container. + type: string + createTime: + description: The time that the container was created. + format: google-datetime + type: string + imageId: + type: string + description: >- + Optional container image ID, if provided by the container runtime. + Uniquely identifies the container image launched using a container + image digest. + labels: + description: Container labels, as provided by the container runtime. + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Label' + TestIamPermissionsResponse: + description: Response message for `TestIamPermissions` method. + properties: + permissions: + type: array + items: + type: string + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + type: object + id: TestIamPermissionsResponse + Role: + type: object + description: Kubernetes Role or ClusterRole. + id: Role + properties: + name: + description: Role name. + type: string + ns: + description: Role namespace. + type: string + kind: + description: Role type. + enumDescriptions: + - Role type is not specified. + - Kubernetes Role. + - Kubernetes ClusterRole. + enum: + - KIND_UNSPECIFIED + - ROLE + - CLUSTER_ROLE + type: string + AwsOrganization: + type: object + id: AwsOrganization + description: >- + An organization is a collection of accounts that are centrally managed + together using consolidated billing, organized hierarchically with + organizational units (OUs), and controlled with policies. + properties: + id: + description: >- + The unique identifier (ID) for the organization. The regex pattern + for an organization ID string requires "o-" followed by from 10 to + 32 lowercase letters or digits. + type: string + GoogleCloudSecuritycenterV2Folder: + properties: + resourceFolder: + description: >- + Full resource name of this folder. See: + https://cloud.google.com/apis/design/resource_names#full_resource_name + type: string + resourceFolderDisplayName: + description: The user defined display name for this folder. + type: string + description: >- + Message that contains the resource name and display name of a folder + resource. + type: object + id: GoogleCloudSecuritycenterV2Folder + GoogleCloudSecuritycenterV1p1beta1RunAssetDiscoveryResponse: + description: Response of asset discovery run + type: object + properties: + state: + enum: + - STATE_UNSPECIFIED + - COMPLETED + - SUPERSEDED + - TERMINATED + type: string + description: The state of an asset discovery run. + enumDescriptions: + - Asset discovery run state was unspecified. + - Asset discovery run completed successfully. + - >- + Asset discovery run was cancelled with tasks still pending, as + another run for the same organization was started with a higher + priority. + - Asset discovery run was killed and terminated. + duration: + format: google-duration + type: string + description: The duration between asset discovery run start and end + id: GoogleCloudSecuritycenterV1p1beta1RunAssetDiscoveryResponse + Kubernetes: + description: Kubernetes-related attributes. + id: Kubernetes + properties: + pods: + items: + $ref: '#/components/schemas/Pod' + description: >- + Kubernetes + [Pods](https://cloud.google.com/kubernetes-engine/docs/concepts/pod) + associated with the finding. This field contains Pod records for + each container that is owned by a Pod. + type: array + objects: + description: Kubernetes objects related to the finding. + items: + $ref: '#/components/schemas/Object' + type: array + nodePools: + items: + $ref: '#/components/schemas/NodePool' + description: >- + GKE [node + pools](https://cloud.google.com/kubernetes-engine/docs/concepts/node-pools) + associated with the finding. This field contains node pool + information for each node, when it is available. + type: array + accessReviews: + type: array + description: >- + Provides information on any Kubernetes access reviews (privilege + checks) relevant to the finding. + items: + $ref: '#/components/schemas/AccessReview' + bindings: + type: array + description: >- + Provides Kubernetes role binding information for findings that + involve [RoleBindings or + ClusterRoleBindings](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control). + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1Binding' + nodes: + items: + $ref: '#/components/schemas/Node' + type: array + description: >- + Provides Kubernetes + [node](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture#nodes) + information. + roles: + items: + $ref: '#/components/schemas/Role' + description: >- + Provides Kubernetes role information for findings that involve + [Roles or + ClusterRoles](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control). + type: array + type: object + GoogleCloudSecuritycenterV2AzureMetadata: + description: >- + Azure metadata associated with the resource, only applicable if the + finding's cloud provider is Microsoft Azure. + id: GoogleCloudSecuritycenterV2AzureMetadata + type: object + properties: + subscription: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AzureSubscription' + description: The Azure subscription associated with the resource. + resourceGroup: + description: The Azure resource group associated with the resource. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AzureResourceGroup' + managementGroups: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2AzureManagementGroup + description: >- + A list of Azure management groups associated with the resource, + ordered from lowest level (closest to the subscription) to highest + level. + tenant: + description: The Azure Entra tenant associated with the resource. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AzureTenant' + PortRange: + id: PortRange + type: object + properties: + max: + type: string + format: int64 + description: Maximum port value. + min: + description: Minimum port value. + format: int64 + type: string + description: >- + A port range which is inclusive of the min and max values. Values are + between 0 and 2^16-1. The max can be equal / must be not smaller than + the min value. If min and max are equal this indicates that it is a + single port. + Contact: + id: Contact + description: The email address of a contact. + type: object + properties: + email: + description: An email address. For example, "`person123@company.com`". + type: string + GoogleCloudSecuritycenterV2ToxicCombination: + id: GoogleCloudSecuritycenterV2ToxicCombination + type: object + description: >- + Contains details about a group of security issues that, when the issues + occur together, represent a greater risk than when the issues occur + independently. A group of such issues is referred to as a toxic + combination. + properties: + relatedFindings: + type: array + items: + type: string + description: >- + List of resource names of findings associated with this toxic + combination. For example, + `organizations/123/sources/456/findings/789`. + attackExposureScore: + description: >- + The [Attack exposure + score](https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_exposure_scores) + of this toxic combination. The score is a measure of how much this + toxic combination exposes one or more high-value resources to + potential attack. + type: number + format: double + GroupAssetsResponse: + id: GroupAssetsResponse + description: Response message for grouping by assets. + properties: + groupByResults: + items: + $ref: '#/components/schemas/GroupResult' + type: array + description: >- + Group results. There exists an element for each existing unique + combination of property/values. The element contains a count for the + number of times those specific property/values appear. + readTime: + description: Time used for executing the groupBy request. + format: google-datetime + type: string + totalSize: + type: integer + format: int32 + description: The total number of results matching the query. + nextPageToken: + description: >- + Token to retrieve the next page of results, or empty if there are no + more results. + type: string + type: object + GoogleCloudSecuritycenterV2OrgPolicy: + type: object + description: Contains information about the org policies associated with the finding. + id: GoogleCloudSecuritycenterV2OrgPolicy + properties: + name: + description: >- + Identifier. The resource name of the org policy. Example: + "organizations/{organization_id}/policies/{constraint_name}" + type: string + StaticMute: + id: StaticMute + properties: + applyTime: + type: string + description: When the static mute was applied. + format: google-datetime + state: + enumDescriptions: + - Unspecified. + - Finding has been muted. + - Finding has been unmuted. + - Finding has never been muted/unmuted. + type: string + description: >- + The static mute state. If the value is `MUTED` or `UNMUTED`, then + the finding's overall mute state will have the same value. + enum: + - MUTE_UNSPECIFIED + - MUTED + - UNMUTED + - UNDEFINED + type: object + description: >- + Information about the static mute state. A static mute state overrides + any dynamic mute rules that apply to this finding. The static mute state + can be set by a static mute rule or by muting the finding directly. + ListDescendantEventThreatDetectionCustomModulesResponse: + id: ListDescendantEventThreatDetectionCustomModulesResponse + description: >- + Response for listing current and descendant resident Event Threat + Detection custom modules. + type: object + properties: + nextPageToken: + type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + eventThreatDetectionCustomModules: + description: Custom modules belonging to the requested parent. + type: array + items: + $ref: '#/components/schemas/EventThreatDetectionCustomModule' + Pod: + type: object + properties: + name: + type: string + description: Kubernetes Pod name. + ns: + type: string + description: Kubernetes Pod namespace. + labels: + items: + $ref: '#/components/schemas/Label' + description: >- + Pod labels. For Kubernetes containers, these are applied to the + container. + type: array + containers: + items: + $ref: '#/components/schemas/Container' + type: array + description: Pod containers associated with this finding, if any. + id: Pod + description: A Kubernetes Pod. + GoogleCloudSecuritycenterV2ResourceApplicationAttributesContactInfo: + id: GoogleCloudSecuritycenterV2ResourceApplicationAttributesContactInfo + properties: + email: + description: Email address of the contacts. + type: string + type: object + description: Contact information of stakeholders. + ListEventThreatDetectionCustomModulesResponse: + properties: + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + eventThreatDetectionCustomModules: + description: Custom modules belonging to the requested parent. + type: array + items: + $ref: '#/components/schemas/EventThreatDetectionCustomModule' + id: ListEventThreatDetectionCustomModulesResponse + description: Response for listing Event Threat Detection custom modules. + type: object + EnvironmentVariable: + description: >- + A name-value pair representing an environment variable used in an + operating system process. + type: object + properties: + val: + description: Environment variable value as a JSON encoded string. + type: string + name: + description: Environment variable name as a JSON encoded string. + type: string + id: EnvironmentVariable + AttackPath: + type: object + properties: + name: + description: >- + The attack path name, for example, + `organizations/12/simulation/34/valuedResources/56/attackPaths/78` + type: string + pathNodes: + items: + $ref: '#/components/schemas/AttackPathNode' + type: array + description: A list of nodes that exist in this attack path. + edges: + items: + $ref: '#/components/schemas/AttackPathEdge' + description: A list of the edges between nodes in this attack path. + type: array + description: A path that an attacker could take to reach an exposed resource. + id: AttackPath + BackupDisasterRecovery: + id: BackupDisasterRecovery + description: Information related to Google Cloud Backup and DR Service findings. + type: object + properties: + host: + type: string + description: >- + The name of a Backup and DR host, which is managed by the backup and + recovery appliance and known to the management console. The host can + be of type Generic (for example, Compute Engine, SQL Server, Oracle + DB, SMB file system, etc.), vCenter, or an ESX server. See the + [Backup and DR documentation on + hosts](https://cloud.google.com/backup-disaster-recovery/docs/configuration/manage-hosts-and-their-applications) + for more information. For example, `centos7-01`. + backupType: + description: >- + The backup type of the Backup and DR image. For example, `Snapshot`, + `Remote Snapshot`, `OnVault`. + type: string + backupCreateTime: + description: The timestamp at which the Backup and DR backup was created. + format: google-datetime + type: string + profile: + description: >- + The name of the Backup and DR resource profile that specifies the + storage media for backups of application and VM data. See the + [Backup and DR documentation on + profiles](https://cloud.google.com/backup-disaster-recovery/docs/concepts/backup-plan#profile). + For example, `GCP`. + type: string + storagePool: + description: >- + The name of the Backup and DR storage pool that the backup and + recovery appliance is storing data in. The storage pool could be of + type Cloud, Primary, Snapshot, or OnVault. See the [Backup and DR + documentation on storage + pools](https://cloud.google.com/backup-disaster-recovery/docs/concepts/storage-pools). + For example, `DiskPoolOne`. + type: string + backupTemplate: + description: >- + The name of a Backup and DR template which comprises one or more + backup policies. See the [Backup and DR + documentation](https://cloud.google.com/backup-disaster-recovery/docs/concepts/backup-plan#temp) + for more information. For example, `snap-ov`. + type: string + policies: + items: + type: string + description: >- + The names of Backup and DR policies that are associated with a + template and that define when to run a backup, how frequently to run + a backup, and how long to retain the backup image. For example, + `onvaults`. + type: array + policyOptions: + items: + type: string + type: array + description: >- + The names of Backup and DR advanced policy options of a policy + applying to an application. See the [Backup and DR documentation on + policy + options](https://cloud.google.com/backup-disaster-recovery/docs/create-plan/policy-settings). + For example, `skipofflineappsincongrp, nounmap`. + appliance: + description: >- + The name of the Backup and DR appliance that captures, moves, and + manages the lifecycle of backup data. For example, + `backup-server-57137`. + type: string + applications: + type: array + description: >- + The names of Backup and DR applications. An application is a VM, + database, or file system on a managed host monitored by a backup and + recovery appliance. For example, `centos7-01-vol00`, + `centos7-01-vol01`, `centos7-01-vol02`. + items: + type: string + GoogleCloudSecuritycenterV2Compliance: + id: GoogleCloudSecuritycenterV2Compliance + type: object + properties: + ids: + description: Policies within the standard or benchmark, for example, A.12.4.1 + items: + type: string + type: array + standard: + description: >- + Industry-wide compliance standards or benchmarks, such as CIS, PCI, + and OWASP. + type: string + version: + description: Version of the standard or benchmark, for example, 1.1 + type: string + description: >- + Contains compliance information about a security standard indicating + unmet recommendations. + GoogleCloudSecuritycenterV1p1beta1Folder: + properties: + resourceFolderDisplayName: + description: The user defined display name for this folder. + type: string + resourceFolder: + type: string + description: >- + Full resource name of this folder. See: + https://cloud.google.com/apis/design/resource_names#full_resource_name + type: object + id: GoogleCloudSecuritycenterV1p1beta1Folder + description: >- + Message that contains the resource name and display name of a folder + resource. + VertexAi: + description: Vertex AI-related information associated with the finding. + id: VertexAi + type: object + properties: + pipelines: + type: array + items: + $ref: '#/components/schemas/Pipeline' + description: Pipelines associated with the finding. + datasets: + type: array + items: + $ref: '#/components/schemas/Dataset' + description: Datasets associated with the finding. + CloudArmor: + description: Fields related to Google Cloud Armor findings. + id: CloudArmor + type: object + properties: + requests: + description: >- + Information about incoming requests evaluated by [Google Cloud Armor + security + policies](https://cloud.google.com/armor/docs/security-policy-overview). + $ref: '#/components/schemas/Requests' + securityPolicy: + $ref: '#/components/schemas/SecurityPolicy' + description: >- + Information about the [Google Cloud Armor security + policy](https://cloud.google.com/armor/docs/security-policy-overview) + relevant to the finding. + threatVector: + description: >- + Distinguish between volumetric & protocol DDoS attack and + application layer attacks. For example, "L3_4" for Layer 3 and Layer + 4 DDoS attacks, or "L_7" for Layer 7 DDoS attacks. + type: string + attack: + description: Information about DDoS attack volume and classification. + $ref: '#/components/schemas/Attack' + duration: + type: string + format: google-duration + description: >- + Duration of attack from the start until the current moment (updated + every 5 minutes). + adaptiveProtection: + description: >- + Information about potential Layer 7 DDoS attacks identified by + [Google Cloud Armor Adaptive + Protection](https://cloud.google.com/armor/docs/adaptive-protection-overview). + $ref: '#/components/schemas/AdaptiveProtection' + GoogleCloudSecuritycenterV2ProcessSignature: + type: object + id: GoogleCloudSecuritycenterV2ProcessSignature + description: Indicates what signature matched this process. + properties: + memoryHashSignature: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2MemoryHashSignature' + description: Signature indicating that a binary family was matched. + signatureType: + description: Describes the type of resource associated with the signature. + enumDescriptions: + - The default signature type. + - Used for signatures concerning processes. + - Used for signatures concerning disks. + enum: + - SIGNATURE_TYPE_UNSPECIFIED + - SIGNATURE_TYPE_PROCESS + - SIGNATURE_TYPE_FILE + type: string + yaraRuleSignature: + description: Signature indicating that a YARA rule was matched. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2YaraRuleSignature' + GoogleCloudSecuritycenterV2Database: + description: >- + Represents database access information, such as queries. A database may + be a sub-resource of an instance (as in the case of Cloud SQL instances + or Cloud Spanner instances), or the database instance itself. Some + database resources might not have the [full resource + name](https://google.aip.dev/122#full-resource-names) populated because + these resource types, such as Cloud SQL databases, are not yet supported + by Cloud Asset Inventory. In these cases only the display name is + provided. + type: object + properties: + version: + type: string + description: >- + The version of the database, for example, POSTGRES_14. See [the + complete + list](https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1/SqlDatabaseVersion). + userName: + type: string + description: >- + The username used to connect to the database. The username might not + be an IAM principal and does not have a set format. + query: + type: string + description: The SQL statement that is associated with the database access. + grantees: + items: + type: string + type: array + description: >- + The target usernames, roles, or groups of an SQL privilege grant, + which is not an IAM policy change. + displayName: + description: The human-readable name of the database that the user connected to. + type: string + name: + type: string + description: >- + Some database resources may not have the [full resource + name](https://google.aip.dev/122#full-resource-names) populated + because these resource types are not yet supported by Cloud Asset + Inventory (e.g. Cloud SQL databases). In these cases only the + display name will be provided. The [full resource + name](https://google.aip.dev/122#full-resource-names) of the + database that the user connected to, if it is supported by Cloud + Asset Inventory. + id: GoogleCloudSecuritycenterV2Database + GetPolicyOptions: + properties: + requestedPolicyVersion: + type: integer + description: >- + Optional. The maximum policy version that will be used to format the + policy. Valid values are 0, 1, and 3. Requests specifying an invalid + value will be rejected. Requests for policies with any conditional + role bindings must specify version 3. Policies with no conditional + role bindings may specify any valid value or leave the field unset. + The policy in the response might use the policy version that you + specified, or it might use a lower policy version. For example, if + you specify version 3, but the policy has no conditional role + bindings, the response uses version 1. To learn which resources + support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + format: int32 + description: Encapsulates settings provided to GetIamPolicy. + id: GetPolicyOptions + type: object + GoogleCloudSecuritycenterV2FileOperation: + properties: + type: + description: The type of the operation + type: string + enum: + - OPERATION_TYPE_UNSPECIFIED + - OPEN + - READ + - RENAME + - WRITE + - EXECUTE + enumDescriptions: + - The operation is unspecified. + - Represents an open operation. + - Represents a read operation. + - Represents a rename operation. + - Represents a write operation. + - Represents an execute operation. + description: Operation(s) performed on a file. + id: GoogleCloudSecuritycenterV2FileOperation + type: object + ListResourceValueConfigsResponse: + description: Response message to list resource value configs + properties: + nextPageToken: + type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is empty, there are no subsequent pages. + resourceValueConfigs: + description: The resource value configs from the specified parent. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1ResourceValueConfig + type: object + id: ListResourceValueConfigsResponse + ListBigQueryExportsResponse: + id: ListBigQueryExportsResponse + properties: + nextPageToken: + type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + bigQueryExports: + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + description: The BigQuery exports from the specified parent. + type: array + description: Response message for listing BigQuery exports. + type: object + Container: + description: Container associated with the finding. + id: Container + properties: + name: + description: Name of the container. + type: string + imageId: + description: >- + Optional container image ID, if provided by the container runtime. + Uniquely identifies the container image launched using a container + image digest. + type: string + labels: + items: + $ref: '#/components/schemas/Label' + description: Container labels, as provided by the container runtime. + type: array + createTime: + format: google-datetime + description: The time that the container was created. + type: string + uri: + type: string + description: >- + Container image URI provided when configuring a pod or container. + This string can identify a container image version using mutable + tags. + type: object + GoogleCloudSecuritycenterV2Requests: + id: GoogleCloudSecuritycenterV2Requests + type: object + properties: + longTermAllowed: + type: integer + format: int32 + description: Allowed RPS (requests per second) over the long term. + ratio: + format: double + type: number + description: >- + For 'Increasing deny ratio', the ratio is the denied traffic divided + by the allowed traffic. For 'Allowed traffic spike', the ratio is + the allowed traffic in the short term divided by allowed traffic in + the long term. + shortTermAllowed: + description: Allowed RPS (requests per second) in the short term. + type: integer + format: int32 + longTermDenied: + format: int32 + type: integer + description: Denied RPS (requests per second) over the long term. + description: Information about the requests relevant to the finding. + GoogleCloudSecuritycenterV2EnvironmentVariable: + description: >- + A name-value pair representing an environment variable used in an + operating system process. + type: object + id: GoogleCloudSecuritycenterV2EnvironmentVariable + properties: + val: + type: string + description: Environment variable value as a JSON encoded string. + name: + description: Environment variable name as a JSON encoded string. + type: string + GoogleCloudSecuritycenterV2LoadBalancer: + description: >- + Contains information related to the load balancer associated with the + finding. + id: GoogleCloudSecuritycenterV2LoadBalancer + type: object + properties: + name: + type: string + description: The name of the load balancer associated with the finding. + AuditLogConfig: + type: object + id: AuditLogConfig + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + properties: + logType: + description: The log type that this config enables. + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + type: string + exemptedMembers: + type: array + items: + type: string + description: >- + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + GoogleCloudSecuritycenterV2SensitiveDataProtectionMapping: + type: object + id: GoogleCloudSecuritycenterV2SensitiveDataProtectionMapping + properties: + mediumSensitivityMapping: + type: string + enumDescriptions: + - Unspecific value + - High resource value + - Medium resource value + - Low resource value + - No resource value, e.g. ignore these resources + enum: + - RESOURCE_VALUE_UNSPECIFIED + - HIGH + - MEDIUM + - LOW + - NONE + description: >- + Resource value mapping for medium-sensitivity Sensitive Data + Protection findings + highSensitivityMapping: + enum: + - RESOURCE_VALUE_UNSPECIFIED + - HIGH + - MEDIUM + - LOW + - NONE + description: >- + Resource value mapping for high-sensitivity Sensitive Data + Protection findings + enumDescriptions: + - Unspecific value + - High resource value + - Medium resource value + - Low resource value + - No resource value, e.g. ignore these resources + type: string + description: >- + Resource value mapping for Sensitive Data Protection findings If any of + these mappings have a resource value that is not unspecified, the + resource_value field will be ignored when reading this configuration. + GoogleCloudSecuritycenterV2ResourceValueConfig: + id: GoogleCloudSecuritycenterV2ResourceValueConfig + type: object + properties: + cloudProvider: + enum: + - CLOUD_PROVIDER_UNSPECIFIED + - GOOGLE_CLOUD_PLATFORM + - AMAZON_WEB_SERVICES + - MICROSOFT_AZURE + type: string + description: Cloud provider this configuration applies to + enumDescriptions: + - The cloud provider is unspecified. + - The cloud provider is Google Cloud. + - The cloud provider is Amazon Web Services. + - The cloud provider is Microsoft Azure. + updateTime: + type: string + format: google-datetime + readOnly: true + description: >- + Output only. Timestamp this resource value configuration was last + updated. + scope: + description: >- + Project or folder to scope this configuration to. For example, + "project/456" would apply this configuration only to resources in + "project/456" scope and will be checked with `AND` of other + resources. + type: string + tagValues: + description: >- + Tag values combined with `AND` to check against. For Google Cloud + resources, they are tag value IDs in the form of "tagValues/123". + Example: `[ "tagValues/123", "tagValues/456", "tagValues/789" ]` + https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing + type: array + items: + type: string + createTime: + readOnly: true + type: string + format: google-datetime + description: >- + Output only. Timestamp this resource value configuration was + created. + name: + type: string + description: Identifier. Name for the resource value configuration + sensitiveDataProtectionMapping: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2SensitiveDataProtectionMapping + description: >- + A mapping of the sensitivity on Sensitive Data Protection finding to + resource values. This mapping can only be used in combination with a + resource_type that is related to BigQuery, e.g. + "bigquery.googleapis.com/Dataset". + resourceLabelsSelector: + description: >- + List of resource labels to search for, evaluated with `AND`. For + example, "resource_labels_selector": {"key": "value", "env": "prod"} + will match resources with labels "key": "value" `AND` "env": "prod" + https://cloud.google.com/resource-manager/docs/creating-managing-labels + additionalProperties: + type: string + type: object + resourceType: + type: string + description: >- + Apply resource_value only to resources that match resource_type. + resource_type will be checked with `AND` of other resources. For + example, "storage.googleapis.com/Bucket" with resource_value "HIGH" + will apply "HIGH" value only to "storage.googleapis.com/Bucket" + resources. + description: + description: Description of the resource value configuration. + type: string + resourceValue: + description: >- + Resource value level this expression represents Only required when + there is no Sensitive Data Protection mapping in the request + enum: + - RESOURCE_VALUE_UNSPECIFIED + - HIGH + - MEDIUM + - LOW + - NONE + type: string + enumDescriptions: + - Unspecific value + - High resource value + - Medium resource value + - Low resource value + - No resource value, e.g. ignore these resources + description: >- + A resource value configuration (RVC) is a mapping configuration of + user's resources to resource values. Used in Attack path simulations. + GoogleCloudSecuritycenterV2Pipeline: + id: GoogleCloudSecuritycenterV2Pipeline + description: Vertex AI training pipeline associated with the finding. + type: object + properties: + name: + description: >- + Resource name of the pipeline, e.g. + projects/{project}/locations/{location}/trainingPipelines/5253428229225578496 + type: string + displayName: + description: >- + The user-defined display name of pipeline, e.g. + plants-classification + type: string + GoogleCloudSecuritycenterV2DiskPath: + properties: + relativePath: + type: string + description: >- + Relative path of the file in the partition as a JSON encoded string. + Example: /home/user1/executable_file.sh + partitionUuid: + type: string + description: >- + UUID of the partition (format + https://wiki.archlinux.org/title/persistent_block_device_naming#by-uuid) + id: GoogleCloudSecuritycenterV2DiskPath + type: object + description: Path of the file in terms of underlying disk/partition identifiers. + SetMuteRequest: + type: object + description: Request message for updating a finding's mute status. + properties: + mute: + type: string + enum: + - MUTE_UNSPECIFIED + - MUTED + - UNMUTED + - UNDEFINED + enumDescriptions: + - Unspecified. + - Finding has been muted. + - Finding has been unmuted. + - Finding has never been muted/unmuted. + description: Required. The desired state of the Mute. + id: SetMuteRequest + GoogleCloudSecuritycenterV2Role: + properties: + kind: + type: string + enum: + - KIND_UNSPECIFIED + - ROLE + - CLUSTER_ROLE + enumDescriptions: + - Role type is not specified. + - Kubernetes Role. + - Kubernetes ClusterRole. + description: Role type. + name: + type: string + description: Role name. + ns: + type: string + description: Role namespace. + type: object + id: GoogleCloudSecuritycenterV2Role + description: Kubernetes Role or ClusterRole. + Empty: + properties: {} + id: Empty + type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + NotificationConfig: + type: object + properties: + name: + description: >- + The relative resource name of this notification config. See: + https://cloud.google.com/apis/design/resource_names#relative_resource_name + Example: + "organizations/{organization_id}/notificationConfigs/notify_public_bucket", + "folders/{folder_id}/notificationConfigs/notify_public_bucket", or + "projects/{project_id}/notificationConfigs/notify_public_bucket". + type: string + pubsubTopic: + type: string + description: >- + The Pub/Sub topic to send notifications to. Its format is + "projects/[project_id]/topics/[topic]". + description: + type: string + description: The description of the notification config (max of 1024 characters). + serviceAccount: + readOnly: true + type: string + description: >- + Output only. The service account that needs "pubsub.topics.publish" + permission to publish to the Pub/Sub topic. + streamingConfig: + description: The config for triggering streaming-based notifications. + $ref: '#/components/schemas/StreamingConfig' + id: NotificationConfig + description: >- + Cloud Security Command Center (Cloud SCC) notification configs. A + notification config is a Cloud SCC resource that contains the + configuration to send notifications for create/update events of + findings, assets and etc. + GoogleCloudSecuritycenterV2NotificationMessage: + description: Cloud SCC's Notification + properties: + finding: + description: >- + If it's a Finding based notification config, this field will be + populated. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Finding' + resource: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Resource' + description: The Cloud resource tied to this notification's Finding. + notificationConfigName: + description: Name of the notification config that generated current notification. + type: string + id: GoogleCloudSecuritycenterV2NotificationMessage + type: object + GoogleCloudSecuritycenterV2ResourceApplicationAttributesCriticality: + id: GoogleCloudSecuritycenterV2ResourceApplicationAttributesCriticality + properties: + type: + type: string + enum: + - CRITICALITY_TYPE_UNSPECIFIED + - MISSION_CRITICAL + - HIGH + - MEDIUM + - LOW + enumDescriptions: + - Unspecified type. + - Mission critical service, application or workload. + - High impact. + - Medium impact. + - Low impact. + description: Criticality Type. + description: Criticality of the Application, Service, or Workload + type: object + GoogleCloudSecuritycenterV2IssueResourceApplicationAttributes: + description: Consumer provided attributes for the application + properties: + businessOwners: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2IssueResourceApplicationAttributesContactInfo + description: Business team that ensures user needs are met and value is delivered + environment: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2IssueResourceApplicationAttributesEnvironment + description: User-defined environment information. + developerOwners: + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2IssueResourceApplicationAttributesContactInfo + description: Developer team that owns development and coding. + type: array + criticality: + description: User-defined criticality information. + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2IssueResourceApplicationAttributesCriticality + operatorOwners: + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2IssueResourceApplicationAttributesContactInfo + type: array + description: Operator team that ensures runtime and operations. + type: object + id: GoogleCloudSecuritycenterV2IssueResourceApplicationAttributes + ListDescendantSecurityHealthAnalyticsCustomModulesResponse: + type: object + properties: + securityHealthAnalyticsCustomModules: + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule + description: >- + Custom modules belonging to the requested parent and its + descendants. + type: array + nextPageToken: + description: >- + If not empty, indicates that there may be more custom modules to be + returned. + type: string + id: ListDescendantSecurityHealthAnalyticsCustomModulesResponse + description: >- + Response message for listing descendant Security Health Analytics custom + modules. + Process: + properties: + argumentsTruncated: + type: boolean + description: True if `args` is incomplete. + binary: + description: File information for the process executable. + $ref: '#/components/schemas/File' + name: + description: >- + The process name, as displayed in utilities like `top` and `ps`. + This name can be accessed through `/proc/[pid]/comm` and changed + with `prctl(PR_SET_NAME)`. + type: string + userId: + type: string + format: int64 + description: >- + The ID of the user that executed the process. E.g. If this is the + root user this will always be 0. + envVariables: + description: Process environment variables. + type: array + items: + $ref: '#/components/schemas/EnvironmentVariable' + libraries: + items: + $ref: '#/components/schemas/File' + description: File information for libraries loaded by the process. + type: array + args: + type: array + items: + type: string + description: Process arguments as JSON encoded strings. + envVariablesTruncated: + description: True if `env_variables` is incomplete. + type: boolean + script: + description: >- + When the process represents the invocation of a script, `binary` + provides information about the interpreter, while `script` provides + information about the script file provided to the interpreter. + $ref: '#/components/schemas/File' + parentPid: + format: int64 + description: The parent process ID. + type: string + pid: + format: int64 + type: string + description: The process ID. + description: Represents an operating system process. + type: object + id: Process + ToxicCombination: + description: >- + Contains details about a group of security issues that, when the issues + occur together, represent a greater risk than when the issues occur + independently. A group of such issues is referred to as a toxic + combination. + type: object + id: ToxicCombination + properties: + attackExposureScore: + format: double + description: >- + The [Attack exposure + score](https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_exposure_scores) + of this toxic combination. The score is a measure of how much this + toxic combination exposes one or more high-value resources to + potential attack. + type: number + relatedFindings: + description: >- + List of resource names of findings associated with this toxic + combination. For example, + `organizations/123/sources/456/findings/789`. + type: array + items: + type: string + Subject: + type: object + id: Subject + properties: + name: + type: string + description: Name for the subject. + kind: + enum: + - AUTH_TYPE_UNSPECIFIED + - USER + - SERVICEACCOUNT + - GROUP + type: string + enumDescriptions: + - Authentication is not specified. + - User with valid certificate. + - >- + Users managed by Kubernetes API with credentials stored as + secrets. + - Collection of users. + description: Authentication type for the subject. + ns: + description: Namespace for the subject. + type: string + description: Represents a Kubernetes subject. + Access: + type: object + properties: + callerIp: + type: string + description: Caller's IP address, such as "1.1.1.1". + userAgentFamily: + type: string + description: >- + Type of user agent associated with the finding. For example, an + operating system shell or an embedded or standalone application. + principalSubject: + type: string + description: >- + A string that represents the principal_subject that is associated + with the identity. Unlike `principal_email`, `principal_subject` + supports principals that aren't associated with email addresses, + such as third party principals. For most identities, the format is + `principal://iam.googleapis.com/{identity pool + name}/subject/{subject}`. Some GKE identities, such as GKE_WORKLOAD, + FREEFORM, and GKE_HUB_WORKLOAD, still use the legacy format + `serviceAccount:{identity pool name}[{subject}]`. + methodName: + type: string + description: The method that the service account called, e.g. "SetIamPolicy". + callerIpGeo: + description: >- + The caller IP's geolocation, which identifies where the call came + from. + $ref: '#/components/schemas/Geolocation' + serviceAccountDelegationInfo: + description: >- + The identity delegation history of an authenticated service account + that made the request. The `serviceAccountDelegationInfo[]` object + contains information about the real authorities that try to access + Google Cloud resources by delegating on a service account. When + multiple authorities are present, they are guaranteed to be sorted + based on the original ordering of the identity delegation events. + items: + $ref: '#/components/schemas/ServiceAccountDelegationInfo' + type: array + userName: + type: string + description: >- + A string that represents a username. The username provided depends + on the type of the finding and is likely not an IAM principal. For + example, this can be a system username if the finding is related to + a virtual machine, or it can be an application login username. + serviceName: + type: string + description: >- + This is the API service that the service account made a call to, + e.g. "iam.googleapis.com" + serviceAccountKeyName: + type: string + description: >- + The name of the service account key that was used to create or + exchange credentials when authenticating the service account that + made the request. This is a scheme-less URI full resource name. For + example: + "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}". + principalEmail: + description: >- + Associated email, such as "foo@google.com". The email address of the + authenticated user or a service account acting on behalf of a third + party principal making the request. For third party identity + callers, the `principal_subject` field is populated instead of this + field. For privacy reasons, the principal email address is sometimes + redacted. For more information, see [Caller identities in audit + logs](https://cloud.google.com/logging/docs/audit#user-id). + type: string + userAgent: + description: The caller's user agent string associated with the finding. + type: string + id: Access + description: Represents an access event. + GoogleCloudSecuritycenterV2IssueResourceApplicationAttributesEnvironment: + properties: + type: + type: string + enumDescriptions: + - Unspecified type. + - Production environment. + - Staging environment. + - Test environment. + - Development environment. + description: Environment Type. + enum: + - ENVIRONMENT_TYPE_UNSPECIFIED + - PRODUCTION + - STAGING + - TEST + - DEVELOPMENT + type: object + description: Environment of the Application, Service, or Workload + id: GoogleCloudSecuritycenterV2IssueResourceApplicationAttributesEnvironment + StreamingConfig: + type: object + id: StreamingConfig + description: >- + The config for streaming-based notifications, which send each event as + soon as it is detected. + properties: + filter: + type: string + description: >- + Expression that defines the filter to apply across create/update + events of assets or findings as specified by the event type. The + expression is a list of zero or more restrictions combined via + logical operators `AND` and `OR`. Parentheses are supported, and + `OR` has higher precedence than `AND`. Restrictions have the form ` + ` and may have a `-` character in front of them to indicate + negation. The fields map to those defined in the corresponding + resource. The supported operators are: * `=` for all value types. * + `>`, `<`, `>=`, `<=` for integer values. * `:`, meaning substring + matching, for strings. The supported value types are: * string + literals in quotes. * integer literals without quotes. * boolean + literals `true` and `false` without quotes. + GoogleCloudSecuritycenterV2IssueMute: + id: GoogleCloudSecuritycenterV2IssueMute + properties: + muteInitiator: + description: >- + The email address of the user who last changed the mute state of the + issue. + type: string + muteState: + readOnly: true + enum: + - MUTE_STATE_UNSPECIFIED + - NOT_MUTED + - MUTED + type: string + description: Output only. The mute state of the issue. + enumDescriptions: + - Unspecified mute state. + - Not muted. + - Muted. + muteUpdateTime: + format: google-datetime + type: string + description: The time the issue was muted. + muteReason: + description: The user-provided reason for muting the issue. + type: string + type: object + description: The mute information of the issue. + GoogleCloudSecuritycenterV2CloudControl: + properties: version: - description: The MITRE ATT&CK version referenced by the above fields. E.g. "8". + description: Version of the Cloud Control + format: int32 + type: integer + cloudControlName: + type: string + description: Name of the CloudControl associated with the finding. + policyType: + type: string + description: Policy type of the CloudControl + type: + enum: + - CLOUD_CONTROL_TYPE_UNSPECIFIED + - BUILT_IN + - CUSTOM + type: string + description: Type of cloud control. + enumDescriptions: + - Unspecified. + - Built in Cloud Control. + - Custom Cloud Control. + id: GoogleCloudSecuritycenterV2CloudControl + type: object + description: CloudControl associated with the finding. + AwsMetadata: + description: >- + AWS metadata associated with the resource, only applicable if the + finding's cloud provider is Amazon Web Services. + type: object + id: AwsMetadata + properties: + organizationalUnits: + description: >- + A list of AWS organizational units associated with the resource, + ordered from lowest level (closest to the account) to highest level. + items: + $ref: '#/components/schemas/AwsOrganizationalUnit' + type: array + account: + $ref: '#/components/schemas/AwsAccount' + description: The AWS account associated with the resource. + organization: + description: The AWS organization associated with the resource. + $ref: '#/components/schemas/AwsOrganization' + GoogleCloudSecuritycenterV2File: + id: GoogleCloudSecuritycenterV2File + properties: + hashedSize: + description: >- + The length in bytes of the file prefix that was hashed. If + hashed_size == size, any hashes reported represent the entire file. + format: int64 + type: string + partiallyHashed: + description: True when the hash covers only a prefix of the file. + type: boolean + operations: + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2FileOperation' + description: Operation(s) performed on a file. + contents: + description: Prefix of the file contents as a JSON-encoded string. + type: string + size: + description: Size of the file in bytes. + format: int64 + type: string + sha256: + description: >- + SHA256 hash of the first hashed_size bytes of the file encoded as a + hex string. If hashed_size == size, sha256 represents the SHA256 + hash of the entire file. type: string - GoogleCloudSecuritycenterV2Access: - id: GoogleCloudSecuritycenterV2Access - description: Represents an access event. + path: + type: string + description: Absolute path of the file as a JSON encoded string. + diskPath: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2DiskPath' + description: Path of the file in terms of underlying disk/partition identifiers. + type: object + description: >- + File information about the related binary/library used by an executable, + or the script used by a script interpreter + AwsAccount: type: object properties: - principalEmail: + id: description: >- - Associated email, such as "foo@google.com". The email address of the - authenticated user or a service account acting on behalf of a third - party principal making the request. For third party identity - callers, the `principal_subject` field is populated instead of this - field. For privacy reasons, the principal email address is sometimes - redacted. For more information, see [Caller identities in audit - logs](https://cloud.google.com/logging/docs/audit#user-id). + The unique identifier (ID) of the account, containing exactly 12 + digits. type: string - callerIp: - description: Caller's IP address, such as "1.1.1.1". + name: + description: The friendly name of this account. type: string - callerIpGeo: + id: AwsAccount + description: An AWS account that is a member of an organization. + GoogleCloudSecuritycenterV2IssueResourceAwsMetadata: + properties: + account: + description: The AWS account of the resource associated with the issue. + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2IssueResourceAwsMetadataAwsAccount + type: object + id: GoogleCloudSecuritycenterV2IssueResourceAwsMetadata + description: The AWS metadata of a resource associated with an issue. + GoogleCloudSecuritycenterV2IpRule: + properties: + portRanges: description: >- - The caller IP's geolocation, which identifies where the call came - from. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Geolocation' - userAgentFamily: + Optional. An optional list of ports to which this rule applies. This + field is only applicable for the UDP or (S)TCP protocols. Each entry + must be either an integer or a range including a min and max port + number. + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2PortRange' + protocol: description: >- - Type of user agent associated with the finding. For example, an - operating system shell or an embedded or standalone application. + The IP protocol this rule applies to. This value can either be one + of the following well known protocol strings (TCP, UDP, ICMP, ESP, + AH, IPIP, SCTP) or a string representation of the integer value. type: string - userAgent: - description: The caller's user agent string associated with the finding. + id: GoogleCloudSecuritycenterV2IpRule + description: IP rule information. + type: object + IpRules: + type: object + properties: + destinationIpRanges: + type: array + items: + type: string + description: >- + If destination IP ranges are specified, the firewall rule applies + only to traffic that has a destination IP address in these ranges. + These ranges must be expressed in CIDR format. Only supports IPv4. + exposedServices: + type: array + description: >- + Name of the network protocol service, such as FTP, that is exposed + by the open port. Follows the naming convention available at: + https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml. + items: + type: string + direction: type: string - serviceName: description: >- - This is the API service that the service account made a call to, - e.g. "iam.googleapis.com" + The direction that the rule is applicable to, one of ingress or + egress. + enum: + - DIRECTION_UNSPECIFIED + - INGRESS + - EGRESS + enumDescriptions: + - Unspecified direction value. + - Ingress direction value. + - Egress direction value. + allowed: + description: Tuple with allowed rules. + $ref: '#/components/schemas/Allowed' + denied: + $ref: '#/components/schemas/Denied' + description: Tuple with denied rules. + sourceIpRanges: + items: + type: string + type: array + description: >- + If source IP ranges are specified, the firewall rule applies only to + traffic that has a source IP address in these ranges. These ranges + must be expressed in CIDR format. Only supports IPv4. + description: IP rules associated with the finding. + id: IpRules + GoogleCloudSecuritycenterV2KernelRootkit: + properties: + unexpectedSystemCallHandler: + description: >- + True if system call handlers that are are not in the expected kernel + or module code regions are present. + type: boolean + unexpectedKernelCodePages: + type: boolean + description: >- + True if kernel code pages that are not in the expected kernel or + module code regions are present. + unexpectedReadOnlyDataModification: + type: boolean + description: >- + True if unexpected modifications of kernel read-only data memory are + present. + unexpectedInterruptHandler: + type: boolean + description: >- + True if interrupt handlers that are are not in the expected kernel + or module code regions are present. + unexpectedFtraceHandler: + type: boolean + description: >- + True if `ftrace` points are present with callbacks pointing to + regions that are not in the expected kernel or module code range. + unexpectedKprobeHandler: + description: >- + True if `kprobe` points are present with callbacks pointing to + regions that are not in the expected kernel or module code range. + type: boolean + unexpectedProcessesInRunqueue: + description: >- + True if unexpected processes in the scheduler run queue are present. + Such processes are in the run queue, but not in the process task + list. + type: boolean + unexpectedCodeModification: + type: boolean + description: True if unexpected modifications of kernel code memory are present. + name: + description: Rootkit name, when available. type: string - methodName: - description: The method that the service account called, e.g. "SetIamPolicy". + description: Kernel mode rootkit signatures. + type: object + id: GoogleCloudSecuritycenterV2KernelRootkit + GoogleCloudSecuritycenterV1BigQueryExport: + type: object + properties: + dataset: + description: >- + The dataset to write findings' updates to. Its format is + "projects/[project_id]/datasets/[bigquery_dataset_id]". BigQuery + Dataset unique ID must contain only letters (a-z, A-Z), numbers + (0-9), or underscores (_). + type: string + name: type: string - principalSubject: description: >- - A string that represents the principal_subject that is associated - with the identity. Unlike `principal_email`, `principal_subject` - supports principals that aren't associated with email addresses, - such as third party principals. For most identities, the format is - `principal://iam.googleapis.com/{identity pool - name}/subject/{subject}`. Some GKE identities, such as GKE_WORKLOAD, - FREEFORM, and GKE_HUB_WORKLOAD, still use the legacy format - `serviceAccount:{identity pool name}[{subject}]`. + The relative resource name of this export. See: + https://cloud.google.com/apis/design/resource_names#relative_resource_name. + Example format: + "organizations/{organization_id}/bigQueryExports/{export_id}" + Example format: "folders/{folder_id}/bigQueryExports/{export_id}" + Example format: "projects/{project_id}/bigQueryExports/{export_id}" + This field is provided in responses, and is ignored when provided in + create requests. + updateTime: + format: google-datetime + description: >- + Output only. The most recent time at which the BigQuery export was + updated. This field is set by the server and will be ignored if + provided on export creation or update. + type: string + readOnly: true + filter: type: string - serviceAccountKeyName: description: >- - The name of the service account key that was used to create or - exchange credentials when authenticating the service account that - made the request. This is a scheme-less URI full resource name. For - example: - "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}". + Expression that defines the filter to apply across create/update + events of findings. The expression is a list of zero or more + restrictions combined via logical operators `AND` and `OR`. + Parentheses are supported, and `OR` has higher precedence than + `AND`. Restrictions have the form ` ` and may have a `-` character + in front of them to indicate negation. The fields map to those + defined in the corresponding resource. The supported operators are: + * `=` for all value types. * `>`, `<`, `>=`, `<=` for integer + values. * `:`, meaning substring matching, for strings. The + supported value types are: * string literals in quotes. * integer + literals without quotes. * boolean literals `true` and `false` + without quotes. + description: + description: The description of the export (max of 1024 characters). + type: string + principal: + readOnly: true type: string - serviceAccountDelegationInfo: description: >- - The identity delegation history of an authenticated service account - that made the request. The `serviceAccountDelegationInfo[]` object - contains information about the real authorities that try to access - Google Cloud resources by delegating on a service account. When - multiple authorities are present, they are guaranteed to be sorted - based on the original ordering of the identity delegation events. + Output only. The service account that needs permission to create + table and upload data to the BigQuery dataset. + createTime: + format: google-datetime + type: string + readOnly: true + description: >- + Output only. The time at which the BigQuery export was created. This + field is set by the server and will be ignored if provided on export + on creation. + mostRecentEditor: + type: string + readOnly: true + description: >- + Output only. Email address of the user who last edited the BigQuery + export. This field is set by the server and will be ignored if + provided on export creation or update. + id: GoogleCloudSecuritycenterV1BigQueryExport + description: Configures how to deliver Findings to BigQuery Instance. + GoogleCloudSecuritycenterV2ComplianceDetails: + type: object + properties: + cloudControl: + description: CloudControl associated with the finding + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2CloudControl' + frameworks: + description: Details of Frameworks associated with the finding + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Framework' type: array + cloudControlDeploymentNames: items: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV2ServiceAccountDelegationInfo - userName: + type: string description: >- - A string that represents a username. The username provided depends - on the type of the finding and is likely not an IAM principal. For - example, this can be a system username if the finding is related to - a virtual machine, or it can be an application login username. - type: string - GoogleCloudSecuritycenterV2Geolocation: - id: GoogleCloudSecuritycenterV2Geolocation - description: Represents a geographical location for a given access. - type: object - properties: - regionCode: - description: A CLDR. - type: string - GoogleCloudSecuritycenterV2ServiceAccountDelegationInfo: - id: GoogleCloudSecuritycenterV2ServiceAccountDelegationInfo - description: Identity delegation history of an authenticated service account. - type: object + Cloud Control Deployments associated with the finding. For example, + organizations/123/locations/global/cloudControlDeployments/deploymentIdentifier + type: array + description: Compliance Details associated with the finding. + id: GoogleCloudSecuritycenterV2ComplianceDetails + SecurityPolicy: properties: - principalEmail: - description: The email address of a Google account. + type: type: string - principalSubject: description: >- - A string representing the principal_subject associated with the - identity. As compared to `principal_email`, supports principals that - aren't associated with email addresses, such as third party - principals. For most identities, the format will be - `principal://iam.googleapis.com/{identity pool - name}/subjects/{subject}` except for some GKE identities - (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the - legacy format `serviceAccount:{identity pool name}[{subject}]` + The type of Google Cloud Armor security policy for example, 'backend + security policy', 'edge security policy', 'network edge security + policy', or 'always-on DDoS protection'. + name: + description: >- + The name of the Google Cloud Armor security policy, for example, + "my-security-policy". type: string - GoogleCloudSecuritycenterV2Connection: - id: GoogleCloudSecuritycenterV2Connection + preview: + description: Whether or not the associated rule or policy is in preview mode. + type: boolean + type: object + id: SecurityPolicy description: >- - Contains information about the IP connection associated with the - finding. + Information about the [Google Cloud Armor security + policy](https://cloud.google.com/armor/docs/security-policy-overview) + relevant to the finding. + GoogleCloudSecuritycenterV2ContactDetails: + properties: + contacts: + description: A list of contacts + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Contact' + type: array + type: object + id: GoogleCloudSecuritycenterV2ContactDetails + description: Details about specific contacts + GcpMetadata: + id: GcpMetadata type: object + description: >- + Google Cloud metadata associated with the resource. Only applicable if + the finding's cloud provider is Google Cloud. properties: - destinationIp: - description: >- - Destination IP address. Not present for sockets that are listening - and not connected. + project: type: string - destinationPort: + description: The full resource name of project that the resource belongs to. + folders: + type: array description: >- - Destination port. Not present for sockets that are listening and not - connected. - type: integer - format: int32 - sourceIp: - description: Source IP address. + Output only. Contains a Folder message for each folder in the assets + ancestry. The first folder is the deepest nested folder, and the + last folder is the folder directly under the Organization. + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Folder' + readOnly: true + projectDisplayName: type: string - sourcePort: - description: Source port. - type: integer - format: int32 - protocol: - description: IANA Internet Protocol Number such as TCP(6) and UDP(17). + description: The project ID that the resource belongs to. + organization: type: string - enumDescriptions: - - Unspecified protocol (not HOPOPT). - - Internet Control Message Protocol. - - Transmission Control Protocol. - - User Datagram Protocol. - - Generic Routing Encapsulation. - - Encap Security Payload. - enum: - - PROTOCOL_UNSPECIFIED - - ICMP - - TCP - - UDP - - GRE - - ESP - GoogleCloudSecuritycenterV2Process: - id: GoogleCloudSecuritycenterV2Process - description: Represents an operating system process. + description: The name of the organization that the resource belongs to. + parentDisplayName: + type: string + description: The human readable name of resource's parent. + parent: + description: The full resource name of resource's parent. + type: string + Cvssv3: + id: Cvssv3 type: object + description: Common Vulnerability Scoring System version 3. properties: - name: - description: >- - The process name, as displayed in utilities like `top` and `ps`. - This name can be accessed through `/proc/[pid]/comm` and changed - with `prctl(PR_SET_NAME)`. + availabilityImpact: + enum: + - IMPACT_UNSPECIFIED + - IMPACT_HIGH + - IMPACT_LOW + - IMPACT_NONE + enumDescriptions: + - Invalid value. + - High impact. + - Low impact. + - No impact. type: string - binary: - description: File information for the process executable. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2File' - libraries: - description: File information for libraries loaded by the process. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2File' - script: description: >- - When the process represents the invocation of a script, `binary` - provides information about the interpreter, while `script` provides - information about the script file provided to the interpreter. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2File' - args: - description: Process arguments as JSON encoded strings. - type: array - items: - type: string - argumentsTruncated: - description: True if `args` is incomplete. - type: boolean - envVariables: - description: Process environment variables. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV2EnvironmentVariable - envVariablesTruncated: - description: True if `env_variables` is incomplete. - type: boolean - pid: - description: The process ID. + This metric measures the impact to the availability of the impacted + component resulting from a successfully exploited vulnerability. + integrityImpact: + enum: + - IMPACT_UNSPECIFIED + - IMPACT_HIGH + - IMPACT_LOW + - IMPACT_NONE + description: >- + This metric measures the impact to integrity of a successfully + exploited vulnerability. type: string - format: int64 - parentPid: - description: The parent process ID. + enumDescriptions: + - Invalid value. + - High impact. + - Low impact. + - No impact. + scope: type: string - format: int64 - userId: description: >- - The ID of the user that executed the process. E.g. If this is the - root user this will always be 0. - type: string - format: int64 - GoogleCloudSecuritycenterV2File: - id: GoogleCloudSecuritycenterV2File - description: >- - File information about the related binary/library used by an executable, - or the script used by a script interpreter - type: object - properties: - path: - description: Absolute path of the file as a JSON encoded string. + The Scope metric captures whether a vulnerability in one vulnerable + component impacts resources in components beyond its security scope. + enumDescriptions: + - Invalid value. + - >- + An exploited vulnerability can only affect resources managed by + the same security authority. + - >- + An exploited vulnerability can affect resources beyond the + security scope managed by the security authority of the vulnerable + component. + enum: + - SCOPE_UNSPECIFIED + - SCOPE_UNCHANGED + - SCOPE_CHANGED + attackComplexity: + enum: + - ATTACK_COMPLEXITY_UNSPECIFIED + - ATTACK_COMPLEXITY_LOW + - ATTACK_COMPLEXITY_HIGH + enumDescriptions: + - Invalid value. + - >- + Specialized access conditions or extenuating circumstances do not + exist. An attacker can expect repeatable success when attacking + the vulnerable component. + - >- + A successful attack depends on conditions beyond the attacker's + control. That is, a successful attack cannot be accomplished at + will, but requires the attacker to invest in some measurable + amount of effort in preparation or execution against the + vulnerable component before a successful attack can be expected. + description: >- + This metric describes the conditions beyond the attacker's control + that must exist in order to exploit the vulnerability. type: string - size: - description: Size of the file in bytes. + privilegesRequired: type: string - format: int64 - sha256: + enumDescriptions: + - Invalid value. + - >- + The attacker is unauthorized prior to attack, and therefore does + not require any access to settings or files of the vulnerable + system to carry out an attack. + - >- + The attacker requires privileges that provide basic user + capabilities that could normally affect only settings and files + owned by a user. Alternatively, an attacker with Low privileges + has the ability to access only non-sensitive resources. + - >- + The attacker requires privileges that provide significant (e.g., + administrative) control over the vulnerable component allowing + access to component-wide settings and files. description: >- - SHA256 hash of the first hashed_size bytes of the file encoded as a - hex string. If hashed_size == size, sha256 represents the SHA256 - hash of the entire file. - type: string - hashedSize: + This metric describes the level of privileges an attacker must + possess before successfully exploiting the vulnerability. + enum: + - PRIVILEGES_REQUIRED_UNSPECIFIED + - PRIVILEGES_REQUIRED_NONE + - PRIVILEGES_REQUIRED_LOW + - PRIVILEGES_REQUIRED_HIGH + baseScore: + description: The base score is a function of the base metric scores. + format: double + type: number + userInteraction: + enum: + - USER_INTERACTION_UNSPECIFIED + - USER_INTERACTION_NONE + - USER_INTERACTION_REQUIRED description: >- - The length in bytes of the file prefix that was hashed. If - hashed_size == size, any hashes reported represent the entire file. + This metric captures the requirement for a human user, other than + the attacker, to participate in the successful compromise of the + vulnerable component. type: string - format: int64 - partiallyHashed: - description: True when the hash covers only a prefix of the file. - type: boolean - contents: - description: Prefix of the file contents as a JSON-encoded string. + enumDescriptions: + - Invalid value. + - >- + The vulnerable system can be exploited without interaction from + any user. + - >- + Successful exploitation of this vulnerability requires a user to + take some action before the vulnerability can be exploited. + confidentialityImpact: + enumDescriptions: + - Invalid value. + - High impact. + - Low impact. + - No impact. + enum: + - IMPACT_UNSPECIFIED + - IMPACT_HIGH + - IMPACT_LOW + - IMPACT_NONE type: string - diskPath: - description: Path of the file in terms of underlying disk/partition identifiers. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2DiskPath' - operations: - description: Operation(s) performed on a file. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2FileOperation' - GoogleCloudSecuritycenterV2DiskPath: - id: GoogleCloudSecuritycenterV2DiskPath - description: Path of the file in terms of underlying disk/partition identifiers. - type: object - properties: - partitionUuid: description: >- - UUID of the partition (format - https://wiki.archlinux.org/title/persistent_block_device_naming#by-uuid) - type: string - relativePath: + This metric measures the impact to the confidentiality of the + information resources managed by a software component due to a + successfully exploited vulnerability. + attackVector: + enum: + - ATTACK_VECTOR_UNSPECIFIED + - ATTACK_VECTOR_NETWORK + - ATTACK_VECTOR_ADJACENT + - ATTACK_VECTOR_LOCAL + - ATTACK_VECTOR_PHYSICAL description: >- - Relative path of the file in the partition as a JSON encoded string. - Example: /home/user1/executable_file.sh - type: string - GoogleCloudSecuritycenterV2FileOperation: - id: GoogleCloudSecuritycenterV2FileOperation - description: Operation(s) performed on a file. - type: object - properties: - type: - description: The type of the operation + Base Metrics Represents the intrinsic characteristics of a + vulnerability that are constant over time and across user + environments. This metric reflects the context by which + vulnerability exploitation is possible. type: string enumDescriptions: - - The operation is unspecified. - - Represents an open operation. - - Represents a read operation. - - Represents a rename operation. - - Represents a write operation. - - Represents an execute operation. - enum: - - OPERATION_TYPE_UNSPECIFIED - - OPEN - - READ - - RENAME - - WRITE - - EXECUTE - GoogleCloudSecuritycenterV2EnvironmentVariable: - id: GoogleCloudSecuritycenterV2EnvironmentVariable - description: >- - A name-value pair representing an environment variable used in an - operating system process. - type: object + - Invalid value. + - >- + The vulnerable component is bound to the network stack and the set + of possible attackers extends beyond the other options listed + below, up to and including the entire Internet. + - >- + The vulnerable component is bound to the network stack, but the + attack is limited at the protocol level to a logically adjacent + topology. + - >- + The vulnerable component is not bound to the network stack and the + attacker's path is via read/write/execute capabilities. + - >- + The attack requires the attacker to physically touch or manipulate + the vulnerable component. + ValuedResource: + id: ValuedResource + description: A resource that is determined to have value to a user's system properties: - name: - description: Environment variable name as a JSON encoded string. - type: string - val: - description: Environment variable value as a JSON encoded string. + displayName: type: string - GoogleCloudSecuritycenterV2ContactDetails: - id: GoogleCloudSecuritycenterV2ContactDetails - description: Details about specific contacts - type: object - properties: - contacts: - description: A list of contacts + description: Human-readable name of the valued resource. + resourceValueConfigsUsed: + description: >- + List of resource value configurations' metadata used to determine + the value of this resource. Maximum of 100. type: array items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Contact' - GoogleCloudSecuritycenterV2Contact: - id: GoogleCloudSecuritycenterV2Contact - description: The email address of a contact. - type: object - properties: - email: - description: An email address. For example, "`person123@company.com`". + $ref: '#/components/schemas/ResourceValueConfigMetadata' + name: + description: >- + Valued resource name, for example, e.g.: + `organizations/123/simulations/456/valuedResources/789` type: string - GoogleCloudSecuritycenterV2Compliance: - id: GoogleCloudSecuritycenterV2Compliance - description: >- - Contains compliance information about a security standard indicating - unmet recommendations. - type: object - properties: - standard: + exposedScore: + type: number description: >- - Industry-wide compliance standards or benchmarks, such as CIS, PCI, - and OWASP. + Exposed score for this valued resource. A value of 0 means no + exposure was detected exposure. + format: double + resourceType: + description: >- + The [resource + type](https://cloud.google.com/asset-inventory/docs/supported-asset-types) + of the valued resource. type: string - version: - description: Version of the standard or benchmark, for example, 1.1 + resourceValue: + description: How valuable this resource is. + enum: + - RESOURCE_VALUE_UNSPECIFIED + - RESOURCE_VALUE_LOW + - RESOURCE_VALUE_MEDIUM + - RESOURCE_VALUE_HIGH type: string - ids: - description: Policies within the standard or benchmark, for example, A.12.4.1 - type: array - items: - type: string - GoogleCloudSecuritycenterV2Exfiltration: - id: GoogleCloudSecuritycenterV2Exfiltration - description: >- - Exfiltration represents a data exfiltration attempt from one or more - sources to one or more targets. The `sources` attribute lists the - sources of the exfiltrated data. The `targets` attribute lists the - destinations the data was copied to. - type: object - properties: - sources: - description: >- - If there are multiple sources, then the data is considered "joined" - between them. For instance, BigQuery can join multiple tables, and - each table would be considered a source. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ExfilResource' - targets: + enumDescriptions: + - The resource value isn't specified. + - This is a low-value resource. + - This is a medium-value resource. + - This is a high-value resource. + resource: description: >- - If there are multiple targets, each target would get a complete copy - of the "joined" source data. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ExfilResource' - totalExfiltratedBytes: - description: Total exfiltrated bytes processed for the entire job. + The [full resource + name](https://cloud.google.com/apis/design/resource_names#full_resource_name) + of the valued resource. + type: string + type: object + GoogleCloudSecuritycenterV2BulkMuteFindingsResponse: + properties: {} + description: The response to a BulkMute request. Contains the LRO information. + id: GoogleCloudSecuritycenterV2BulkMuteFindingsResponse + type: object + YaraRuleSignature: + description: A signature corresponding to a YARA rule. + type: object + id: YaraRuleSignature + properties: + yaraRule: + description: The name of the YARA rule. type: string - format: int64 - GoogleCloudSecuritycenterV2ExfilResource: - id: GoogleCloudSecuritycenterV2ExfilResource - description: Resource where data was exfiltrated from or exfiltrated to. + GoogleCloudSecuritycenterV2IssueResourceApplication: type: object properties: + attributes: + description: Consumer provided attributes for the application + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2IssueResourceApplicationAttributes name: - description: >- - The resource's [full resource - name](https://cloud.google.com/apis/design/resource_names#full_resource_name). type: string - components: description: >- - Subcomponents of the asset that was exfiltrated, like URIs used - during exfiltration, table names, databases, and filenames. For - example, multiple tables might have been exfiltrated from the same - Cloud SQL instance, or multiple files might have been exfiltrated - from the same Cloud Storage bucket. - type: array - items: - type: string - GoogleCloudSecuritycenterV2IamBinding: - id: GoogleCloudSecuritycenterV2IamBinding - description: >- - Represents a particular IAM binding, which captures a member's role - addition, removal, or state. + The resource name of an Application. Format: + `projects/{host-project-id}/locations/{location}/applications/{application-id}` + id: GoogleCloudSecuritycenterV2IssueResourceApplication + description: The AppHub application associated with the resource, if any. + GetIamPolicyRequest: + description: Request message for `GetIamPolicy` method. + id: GetIamPolicyRequest type: object properties: - action: - description: The action that was performed on a Binding. - type: string - enumDescriptions: - - Unspecified. - - Addition of a Binding. - - Removal of a Binding. - enum: - - ACTION_UNSPECIFIED - - ADD - - REMOVE - role: - description: >- - Role that is assigned to "members". For example, "roles/viewer", - "roles/editor", or "roles/owner". - type: string - member: + options: + $ref: '#/components/schemas/GetPolicyOptions' description: >- - A single identity requesting access for a Cloud Platform resource, - for example, "foo@google.com". - type: string - GoogleCloudSecuritycenterV2Container: - id: GoogleCloudSecuritycenterV2Container - description: Container associated with the finding. + OPTIONAL: A `GetPolicyOptions` object for specifying options to + `GetIamPolicy`. + GoogleCloudSecuritycenterV2CloudDlpInspection: type: object + description: >- + Details about the Cloud Data Loss Prevention (Cloud DLP) [inspection + job](https://cloud.google.com/dlp/docs/concepts-job-triggers) that + produced the finding. properties: - name: - description: Name of the container. - type: string - uri: + infoTypeCount: description: >- - Container image URI provided when configuring a pod or container. - This string can identify a container image version using mutable - tags. + The number of times Cloud DLP found this infoType within this job + and resource. + format: int64 + type: string + infoType: type: string - imageId: description: >- - Optional container image ID, if provided by the container runtime. - Uniquely identifies the container image launched using a container - image digest. + The type of information (or + *[infoType](https://cloud.google.com/dlp/docs/infotypes-reference)*) + found, for example, `EMAIL_ADDRESS` or `STREET_ADDRESS`. + inspectJob: + description: >- + Name of the inspection job, for example, + `projects/123/locations/europe/dlpJobs/i-8383929`. type: string - labels: - description: Container labels, as provided by the container runtime. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Label' - createTime: - description: The time that the container was created. + fullScan: + description: Whether Cloud DLP scanned the complete resource or a sampled subset. + type: boolean + id: GoogleCloudSecuritycenterV2CloudDlpInspection + GroupResult: + description: Result containing the properties and count of a groupBy request. + type: object + id: GroupResult + properties: + properties: + additionalProperties: + type: any + type: object + description: Properties matching the groupBy fields in the request. + count: + description: Total count of resources for the given properties. type: string - format: google-datetime + format: int64 GoogleCloudSecuritycenterV2Label: - id: GoogleCloudSecuritycenterV2Label - description: >- - Represents a generic name-value label. A label has separate name and - value fields to support filtering with the `contains()` function. For - more information, see [Filtering on array-type - fields](https://cloud.google.com/security-command-center/docs/how-to-api-list-findings#array-contains-filtering). type: object + id: GoogleCloudSecuritycenterV2Label properties: name: description: Name of the label. @@ -8972,1236 +9065,1212 @@ components: value: description: Value that corresponds to the label's name. type: string - GoogleCloudSecuritycenterV2Kubernetes: - id: GoogleCloudSecuritycenterV2Kubernetes - description: Kubernetes-related attributes. + description: >- + Represents a generic name-value label. A label has separate name and + value fields to support filtering with the `contains()` function. For + more information, see [Filtering on array-type + fields](https://cloud.google.com/security-command-center/docs/how-to-api-list-findings#array-contains-filtering). + Geolocation: + id: Geolocation + description: Represents a geographical location for a given access. type: object properties: - pods: - description: >- - Kubernetes - [Pods](https://cloud.google.com/kubernetes-engine/docs/concepts/pod) - associated with the finding. This field contains Pod records for - each container that is owned by a Pod. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Pod' - nodes: - description: >- - Provides Kubernetes - [node](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture#nodes) - information. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Node' - nodePools: - description: >- - GKE [node - pools](https://cloud.google.com/kubernetes-engine/docs/concepts/node-pools) - associated with the finding. This field contains node pool - information for each node, when it is available. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2NodePool' - roles: - description: >- - Provides Kubernetes role information for findings that involve - [Roles or - ClusterRoles](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control). - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Role' - bindings: + regionCode: + description: A CLDR. + type: string + ExfilResource: + properties: + components: description: >- - Provides Kubernetes role binding information for findings that - involve [RoleBindings or - ClusterRoleBindings](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control). + Subcomponents of the asset that was exfiltrated, like URIs used + during exfiltration, table names, databases, and filenames. For + example, multiple tables might have been exfiltrated from the same + Cloud SQL instance, or multiple files might have been exfiltrated + from the same Cloud Storage bucket. type: array items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Binding' - accessReviews: + type: string + name: + type: string description: >- - Provides information on any Kubernetes access reviews (privilege - checks) relevant to the finding. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AccessReview' - objects: - description: Kubernetes objects related to the finding. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Object' - GoogleCloudSecuritycenterV2Pod: - id: GoogleCloudSecuritycenterV2Pod - description: A Kubernetes Pod. + The resource's [full resource + name](https://cloud.google.com/apis/design/resource_names#full_resource_name). type: object + id: ExfilResource + description: Resource where data was exfiltrated from or exfiltrated to. + File: + type: object + description: >- + File information about the related binary/library used by an executable, + or the script used by a script interpreter properties: - ns: - description: Kubernetes Pod namespace. - type: string - name: - description: Kubernetes Pod name. + partiallyHashed: + description: True when the hash covers only a prefix of the file. + type: boolean + sha256: type: string - labels: description: >- - Pod labels. For Kubernetes containers, these are applied to the - container. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Label' - containers: - description: Pod containers associated with this finding, if any. + SHA256 hash of the first hashed_size bytes of the file encoded as a + hex string. If hashed_size == size, sha256 represents the SHA256 + hash of the entire file. + hashedSize: + format: int64 + description: >- + The length in bytes of the file prefix that was hashed. If + hashed_size == size, any hashes reported represent the entire file. + type: string + contents: + description: Prefix of the file contents as a JSON-encoded string. + type: string + operations: type: array items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Container' - GoogleCloudSecuritycenterV2Node: - id: GoogleCloudSecuritycenterV2Node - description: Kubernetes nodes associated with the finding. - type: object - properties: - name: - description: >- - [Full resource name](https://google.aip.dev/122#full-resource-names) - of the Compute Engine VM running the cluster node. + $ref: '#/components/schemas/FileOperation' + description: Operation(s) performed on a file. + size: + description: Size of the file in bytes. + type: string + format: int64 + diskPath: + $ref: '#/components/schemas/DiskPath' + description: Path of the file in terms of underlying disk/partition identifiers. + path: + description: Absolute path of the file as a JSON encoded string. type: string - GoogleCloudSecuritycenterV2NodePool: - id: GoogleCloudSecuritycenterV2NodePool - description: Provides GKE node pool information. - type: object + id: File + GoogleCloudSecuritycenterV2IssueResourceAwsMetadataAwsAccount: properties: name: - description: Kubernetes node pool name. + description: The AWS account name of the resource associated with the issue. type: string - nodes: - description: Nodes associated with the finding. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Node' - GoogleCloudSecuritycenterV2Role: - id: GoogleCloudSecuritycenterV2Role - description: Kubernetes Role or ClusterRole. + id: + type: string + description: The AWS account ID of the resource associated with the issue. + id: GoogleCloudSecuritycenterV2IssueResourceAwsMetadataAwsAccount type: object + description: The AWS account of the resource associated with the issue. + GoogleCloudSecuritycenterV1CustomConfig: + description: >- + Defines the properties in a custom module configuration for Security + Health Analytics. Use the custom module configuration to create custom + detectors that generate custom findings for resources that you specify. + id: GoogleCloudSecuritycenterV1CustomConfig properties: - kind: - description: Role type. + severity: type: string + description: The severity to assign to findings generated by the module. enumDescriptions: - - Role type is not specified. - - Kubernetes Role. - - Kubernetes ClusterRole. + - Unspecified severity. + - Critical severity. + - High severity. + - Medium severity. + - Low severity. enum: - - KIND_UNSPECIFIED - - ROLE - - CLUSTER_ROLE - ns: - description: Role namespace. - type: string - name: - description: Role name. - type: string - GoogleCloudSecuritycenterV2Binding: - id: GoogleCloudSecuritycenterV2Binding - description: Represents a Kubernetes RoleBinding or ClusterRoleBinding. - type: object - properties: - ns: - description: Namespace for the binding. + - SEVERITY_UNSPECIFIED + - CRITICAL + - HIGH + - MEDIUM + - LOW + resourceSelector: + description: >- + The resource types that the custom module operates on. Each custom + module can specify up to 5 resource types. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ResourceSelector' + customOutput: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1CustomOutputSpec' + description: Custom output properties. + recommendation: + description: >- + An explanation of the recommended steps that security teams can take + to resolve the detected issue. This explanation is returned with + each finding generated by this module in the `nextSteps` property of + the finding JSON. type: string - name: - description: Name for the binding. + description: + description: >- + Text that describes the vulnerability or misconfiguration that the + custom module detects. This explanation is returned with each + finding instance to help investigators understand the detected + issue. The text must be enclosed in quotation marks. type: string - role: - description: The Role or ClusterRole referenced by the binding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Role' - subjects: + predicate: description: >- - Represents one or more subjects that are bound to the role. Not - always available for PATCH requests. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Subject' - GoogleCloudSecuritycenterV2Subject: - id: GoogleCloudSecuritycenterV2Subject - description: Represents a Kubernetes subject. + The CEL expression to evaluate to produce findings. When the + expression evaluates to true against a resource, a finding is + generated. + $ref: '#/components/schemas/Expr' + type: object + GoogleCloudSecuritycenterV2SecurityPolicy: type: object properties: - kind: - description: Authentication type for the subject. - type: string - enumDescriptions: - - Authentication is not specified. - - User with valid certificate. - - >- - Users managed by Kubernetes API with credentials stored as - secrets. - - Collection of users. - enum: - - AUTH_TYPE_UNSPECIFIED - - USER - - SERVICEACCOUNT - - GROUP - ns: - description: Namespace for the subject. + type: type: string + description: >- + The type of Google Cloud Armor security policy for example, 'backend + security policy', 'edge security policy', 'network edge security + policy', or 'always-on DDoS protection'. + preview: + description: Whether or not the associated rule or policy is in preview mode. + type: boolean name: - description: Name for the subject. + description: >- + The name of the Google Cloud Armor security policy, for example, + "my-security-policy". type: string - GoogleCloudSecuritycenterV2AccessReview: - id: GoogleCloudSecuritycenterV2AccessReview + id: GoogleCloudSecuritycenterV2SecurityPolicy description: >- - Conveys information about a Kubernetes access review (such as one - returned by a [`kubectl auth - can-i`](https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access) - command) that was involved in a finding. + Information about the [Google Cloud Armor security + policy](https://cloud.google.com/armor/docs/security-policy-overview) + relevant to the finding. + GoogleCloudSecuritycenterV1p1beta1SecurityMarks: + description: >- + User specified security marks that are attached to the parent Security + Command Center resource. Security marks are scoped within a Security + Command Center organization -- they can be modified and viewed by all + users who have proper permissions on the organization. type: object properties: - group: - description: The API group of the resource. "*" means all. - type: string - ns: + marks: + type: object + additionalProperties: + type: string description: >- - Namespace of the action being requested. Currently, there is no - distinction between no namespace and all namespaces. Both are - represented by "" (empty). + Mutable user specified security marks belonging to the parent + resource. Constraints are as follows: * Keys and values are treated + as case insensitive * Keys must be between 1 - 256 characters + (inclusive) * Keys must be letters, numbers, underscores, or dashes + * Values have leading and trailing whitespace trimmed, remaining + characters must be between 1 - 4096 characters (inclusive) + canonicalName: + description: >- + The canonical name of the marks. Examples: + "organizations/{organization_id}/assets/{asset_id}/securityMarks" + "folders/{folder_id}/assets/{asset_id}/securityMarks" + "projects/{project_number}/assets/{asset_id}/securityMarks" + "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks" + "folders/{folder_id}/sources/{source_id}/findings/{finding_id}/securityMarks" + "projects/{project_number}/sources/{source_id}/findings/{finding_id}/securityMarks" type: string name: - description: The name of the resource being requested. Empty means all. type: string - resource: - description: The optional resource type requested. "*" means all. + description: >- + The relative resource name of the SecurityMarks. See: + https://cloud.google.com/apis/design/resource_names#relative_resource_name + Examples: + "organizations/{organization_id}/assets/{asset_id}/securityMarks" + "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks". + id: GoogleCloudSecuritycenterV1p1beta1SecurityMarks + GoogleCloudSecuritycenterV1ResourceValueConfig: + id: GoogleCloudSecuritycenterV1ResourceValueConfig + properties: + updateTime: type: string - subresource: - description: The optional subresource type. + readOnly: true + description: >- + Output only. Timestamp this resource value configuration was last + updated. + format: google-datetime + name: type: string - verb: + description: Name for the resource value configuration + tagValues: description: >- - A Kubernetes resource API verb, like get, list, watch, create, - update, delete, proxy. "*" means all. + Required. Tag values combined with `AND` to check against. For + Google Cloud resources, they are tag value IDs in the form of + "tagValues/123". Example: `[ "tagValues/123", "tagValues/456", + "tagValues/789" ]` + https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing + items: + type: string + type: array + resourceType: type: string - version: - description: The API version of the resource. "*" means all. + description: >- + Apply resource_value only to resources that match resource_type. + resource_type will be checked with `AND` of other resources. For + example, "storage.googleapis.com/Bucket" with resource_value "HIGH" + will apply "HIGH" value only to "storage.googleapis.com/Bucket" + resources. + cloudProvider: + description: Cloud provider this configuration applies to type: string - GoogleCloudSecuritycenterV2Object: - id: GoogleCloudSecuritycenterV2Object - description: >- - Kubernetes object related to the finding, uniquely identified by GKNN. - Used if the object Kind is not one of Pod, Node, NodePool, Binding, or - AccessReview. - type: object - properties: - group: - description: Kubernetes object group, such as "policy.k8s.io/v1". + enum: + - CLOUD_PROVIDER_UNSPECIFIED + - GOOGLE_CLOUD_PLATFORM + - AMAZON_WEB_SERVICES + - MICROSOFT_AZURE + enumDescriptions: + - The cloud provider is unspecified. + - The cloud provider is Google Cloud. + - The cloud provider is Amazon Web Services. + - The cloud provider is Microsoft Azure. + resourceValue: + description: Required. Resource value level this expression represents + enum: + - RESOURCE_VALUE_UNSPECIFIED + - HIGH + - MEDIUM + - LOW + - NONE type: string - kind: - description: Kubernetes object kind, such as "Namespace". + enumDescriptions: + - Unspecific value + - High resource value + - Medium resource value + - Low resource value + - No resource value, e.g. ignore these resources + description: type: string - ns: + description: Description of the resource value configuration. + createTime: description: >- - Kubernetes object namespace. Must be a valid DNS label. Named "ns" - to avoid collision with C++ namespace keyword. For details see - https://kubernetes.io/docs/tasks/administer-cluster/namespaces/. + Output only. Timestamp this resource value configuration was + created. + format: google-datetime + readOnly: true type: string - name: + resourceLabelsSelector: + type: object description: >- - Kubernetes object name. For details see - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/. + List of resource labels to search for, evaluated with `AND`. For + example, `"resource_labels_selector": {"key": "value", "env": + "prod"}` will match resources with labels "key": "value" `AND` + "env": "prod" + https://cloud.google.com/resource-manager/docs/creating-managing-labels + additionalProperties: + type: string + sensitiveDataProtectionMapping: + description: >- + A mapping of the sensitivity on Sensitive Data Protection finding to + resource values. This mapping can only be used in combination with a + resource_type that is related to BigQuery, e.g. + "bigquery.googleapis.com/Dataset". + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1SensitiveDataProtectionMapping + scope: + description: >- + Project or folder to scope this configuration to. For example, + "project/456" would apply this configuration only to resources in + "project/456" scope will be checked with `AND` of other resources. type: string - containers: - description: Pod containers associated with this finding, if any. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Container' - GoogleCloudSecuritycenterV2Database: - id: GoogleCloudSecuritycenterV2Database description: >- - Represents database access information, such as queries. A database may - be a sub-resource of an instance (as in the case of Cloud SQL instances - or Cloud Spanner instances), or the database instance itself. Some - database resources might not have the [full resource - name](https://google.aip.dev/122#full-resource-names) populated because - these resource types, such as Cloud SQL databases, are not yet supported - by Cloud Asset Inventory. In these cases only the display name is - provided. + A resource value configuration (RVC) is a mapping configuration of + user's resources to resource values. Used in Attack path simulations. + type: object + GoogleCloudSecuritycenterV1ResourceApplication: + id: GoogleCloudSecuritycenterV1ResourceApplication type: object properties: name: description: >- - Some database resources may not have the [full resource - name](https://google.aip.dev/122#full-resource-names) populated - because these resource types are not yet supported by Cloud Asset - Inventory (e.g. Cloud SQL databases). In these cases only the - display name will be provided. The [full resource - name](https://google.aip.dev/122#full-resource-names) of the - database that the user connected to, if it is supported by Cloud - Asset Inventory. + The resource name of an Application. Format: + `projects/{host-project-id}/locations/{location}/applications/{application-id}` + type: string + attributes: + description: Consumer provided attributes for the application + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1ResourceApplicationAttributes + description: The App Hub Application associated with the finding's resource. + AttackStepNode: + id: AttackStepNode + description: Detailed steps the attack can take between path nodes. + properties: + uuid: type: string + description: Unique ID for one Node displayName: - description: The human-readable name of the database that the user connected to. + description: User friendly name of the attack step type: string - userName: - description: >- - The username used to connect to the database. The username might not - be an IAM principal and does not have a set format. + type: type: string - query: - description: The SQL statement that is associated with the database access. + enum: + - NODE_TYPE_UNSPECIFIED + - NODE_TYPE_AND + - NODE_TYPE_OR + - NODE_TYPE_DEFENSE + - NODE_TYPE_ATTACKER + enumDescriptions: + - Type not specified + - Incoming edge joined with AND + - Incoming edge joined with OR + - Incoming edge is defense + - Incoming edge is attacker + description: Attack step type. Can be either AND, OR or DEFENSE + labels: + description: Attack step labels for metadata + type: object + additionalProperties: + type: string + description: type: string - grantees: + description: Attack step description + type: object + ListEffectiveSecurityHealthAnalyticsCustomModulesResponse: + id: ListEffectiveSecurityHealthAnalyticsCustomModulesResponse + properties: + nextPageToken: description: >- - The target usernames, roles, or groups of an SQL privilege grant, - which is not an IAM policy change. - type: array + If not empty, indicates that there may be more effective custom + modules to be returned. + type: string + effectiveSecurityHealthAnalyticsCustomModules: items: - type: string - version: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule + description: Effective custom modules belonging to the requested parent. + type: array + type: object + description: >- + Response message for listing effective Security Health Analytics custom + modules. + GoogleCloudSecuritycenterV1NotificationMessage: + properties: + finding: + $ref: '#/components/schemas/Finding' description: >- - The version of the database, for example, POSTGRES_14. See [the - complete - list](https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1/SqlDatabaseVersion). + If it's a Finding based notification config, this field will be + populated. + notificationConfigName: + description: Name of the notification config that generated current notification. type: string - GoogleCloudSecuritycenterV2AttackExposure: - id: GoogleCloudSecuritycenterV2AttackExposure - description: >- - An attack exposure contains the results of an attack path simulation - run. + resource: + description: The Cloud resource tied to this notification's Finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1Resource' + type: object + id: GoogleCloudSecuritycenterV1NotificationMessage + description: Cloud SCC's Notification + GoogleCloudSecuritycenterV1Binding: + description: Represents a Kubernetes RoleBinding or ClusterRoleBinding. type: object + id: GoogleCloudSecuritycenterV1Binding properties: - score: - description: >- - A number between 0 (inclusive) and infinity that represents how - important this finding is to remediate. The higher the score, the - more important it is to remediate. - type: number - format: double - latestCalculationTime: + role: + description: The Role or ClusterRole referenced by the binding. + $ref: '#/components/schemas/Role' + subjects: + type: array + items: + $ref: '#/components/schemas/Subject' description: >- - The most recent time the attack exposure was updated on this - finding. + Represents one or more subjects that are bound to the role. Not + always available for PATCH requests. + ns: + description: Namespace for the binding. type: string - format: google-datetime - attackExposureResult: - description: >- - The resource name of the attack path simulation result that contains - the details regarding this attack exposure score. Example: - `organizations/123/simulations/456/attackExposureResults/789` + name: + description: Name for the binding. type: string - state: - description: >- - Output only. What state this AttackExposure is in. This captures - whether or not an attack exposure has been calculated or not. - readOnly: true + GoogleCloudSecuritycenterV2AzureSubscription: + id: GoogleCloudSecuritycenterV2AzureSubscription + properties: + displayName: + description: The display name of the Azure subscription. + type: string + id: type: string - enumDescriptions: - - The state is not specified. - - The attack exposure has been calculated. - - The attack exposure has not been calculated. - enum: - - STATE_UNSPECIFIED - - CALCULATED - - NOT_CALCULATED - exposedHighValueResourcesCount: - description: >- - The number of high value resources that are exposed as a result of - this finding. - type: integer - format: int32 - exposedMediumValueResourcesCount: - description: >- - The number of medium value resources that are exposed as a result of - this finding. - type: integer - format: int32 - exposedLowValueResourcesCount: description: >- - The number of high value resources that are exposed as a result of - this finding. - type: integer - format: int32 - GoogleCloudSecuritycenterV2CloudDlpInspection: - id: GoogleCloudSecuritycenterV2CloudDlpInspection - description: >- - Details about the Cloud Data Loss Prevention (Cloud DLP) [inspection - job](https://cloud.google.com/dlp/docs/concepts-job-triggers) that - produced the finding. + The UUID of the Azure subscription, for example, + `291bba3f-e0a5-47bc-a099-3bdcb2a50a05`. + description: Represents an Azure subscription. + type: object + ValidateEventThreatDetectionCustomModuleResponse: + id: ValidateEventThreatDetectionCustomModuleResponse type: object properties: - inspectJob: - description: >- - Name of the inspection job, for example, - `projects/123/locations/europe/dlpJobs/i-8383929`. - type: string - infoType: - description: >- - The type of information (or - *[infoType](https://cloud.google.com/dlp/docs/infotypes-reference)*) - found, for example, `EMAIL_ADDRESS` or `STREET_ADDRESS`. - type: string - infoTypeCount: + errors: description: >- - The number of times Cloud DLP found this infoType within this job - and resource. - type: string - format: int64 - fullScan: - description: Whether Cloud DLP scanned the complete resource or a sampled subset. - type: boolean - GoogleCloudSecuritycenterV2CloudDlpDataProfile: - id: GoogleCloudSecuritycenterV2CloudDlpDataProfile - description: >- - The [data profile](https://cloud.google.com/dlp/docs/data-profiles) - associated with the finding. + A list of errors returned by the validator. If the list is empty, + there were no errors. + $ref: '#/components/schemas/CustomModuleValidationErrors' + description: Response to validating an Event Threat Detection custom module. + ListNotificationConfigsResponse: + description: Response message for listing notification configs. + id: ListNotificationConfigsResponse type: object properties: - dataProfile: + notificationConfigs: + items: + $ref: '#/components/schemas/NotificationConfig' + description: Notification configs belonging to the requested parent. + type: array + nextPageToken: description: >- - Name of the data profile, for example, - `projects/123/locations/europe/tableProfiles/8383929`. + Token to retrieve the next page of results, or empty if there are no + more results. type: string - parentType: + AwsOrganizationalUnit: + properties: + id: description: >- - The resource hierarchy level at which the data profile was - generated. + The unique identifier (ID) associated with this OU. The regex + pattern for an organizational unit ID string requires "ou-" followed + by from 4 to 32 lowercase letters or digits (the ID of the root that + contains the OU). This string is followed by a second "-" dash and + from 8 to 32 additional lowercase letters or digits. For example, + "ou-ab12-cd34ef56". type: string - enumDescriptions: - - Unspecified parent type. - - Organization-level configurations. - - Project-level configurations. - enum: - - PARENT_TYPE_UNSPECIFIED - - ORGANIZATION - - PROJECT - GoogleCloudSecuritycenterV2KernelRootkit: - id: GoogleCloudSecuritycenterV2KernelRootkit - description: Kernel mode rootkit signatures. - type: object - properties: name: - description: Rootkit name, when available. type: string - unexpectedCodeModification: - description: True if unexpected modifications of kernel code memory are present. - type: boolean - unexpectedReadOnlyDataModification: - description: >- - True if unexpected modifications of kernel read-only data memory are - present. - type: boolean - unexpectedFtraceHandler: - description: >- - True if `ftrace` points are present with callbacks pointing to - regions that are not in the expected kernel or module code range. - type: boolean - unexpectedKprobeHandler: - description: >- - True if `kprobe` points are present with callbacks pointing to - regions that are not in the expected kernel or module code range. - type: boolean - unexpectedKernelCodePages: - description: >- - True if kernel code pages that are not in the expected kernel or - module code regions are present. - type: boolean - unexpectedSystemCallHandler: - description: >- - True if system call handlers that are are not in the expected kernel - or module code regions are present. - type: boolean - unexpectedInterruptHandler: - description: >- - True if interrupt handlers that are are not in the expected kernel - or module code regions are present. - type: boolean - unexpectedProcessesInRunqueue: - description: >- - True if unexpected processes in the scheduler run queue are present. - Such processes are in the run queue, but not in the process task - list. - type: boolean - GoogleCloudSecuritycenterV2OrgPolicy: - id: GoogleCloudSecuritycenterV2OrgPolicy - description: Contains information about the org policies associated with the finding. + description: The friendly name of the OU. + description: >- + An Organizational Unit (OU) is a container of AWS accounts within a root + of an organization. Policies that are attached to an OU apply to all + accounts contained in that OU and in any child OUs. + id: AwsOrganizationalUnit type: object - properties: - name: - description: >- - Identifier. The resource name of the org policy. Example: - "organizations/{organization_id}/policies/{constraint_name}" - type: string - GoogleCloudSecuritycenterV2Job: - id: GoogleCloudSecuritycenterV2Job - description: Describes a job + AffectedResources: + description: Details about resources affected by this finding. type: object + id: AffectedResources properties: - name: - description: The fully-qualified name for a job. e.g. `projects//jobs/` + count: + format: int64 type: string - state: - description: Output only. State of the job, such as `RUNNING` or `PENDING`. - readOnly: true + description: The count of resources affected by the finding. + GoogleCloudSecuritycenterV2Attack: + description: Information about DDoS attack volume and classification. + properties: + volumePpsLong: type: string - enumDescriptions: - - Unspecified represents an unknown state and should not be used. - - Job is scheduled and pending for run - - Job in progress - - Job has completed with success - - Job has completed but with failure - enum: - - JOB_STATE_UNSPECIFIED - - PENDING - - RUNNING - - SUCCEEDED - - FAILED - errorCode: + format: int64 + description: Total PPS (packets per second) volume of attack. + volumePps: + deprecated: true description: >- - Optional. If the job did not complete successfully, this field - describes why. + Total PPS (packets per second) volume of attack. Deprecated - refer + to volume_pps_long instead. type: integer format: int32 - location: - description: >- - Optional. Gives the location where the job ran, such as `US` or - `europe-west1` - type: string - GoogleCloudSecuritycenterV2Application: - id: GoogleCloudSecuritycenterV2Application - description: Represents an application associated with a finding. - type: object - properties: - baseUri: + volumeBps: + format: int32 + deprecated: true description: >- - The base URI that identifies the network location of the application - in which the vulnerability was detected. For example, - `http://example.com`. + Total BPS (bytes per second) volume of attack. Deprecated - refer to + volume_bps_long instead. + type: integer + volumeBpsLong: + format: int64 type: string - fullUri: + description: Total BPS (bytes per second) volume of attack. + classification: description: >- - The full URI with payload that could be used to reproduce the - vulnerability. For example, `http://example.com?p=aMmYgI6H`. + Type of attack, for example, 'SYN-flood', 'NTP-udp', or + 'CHARGEN-udp'. type: string - GoogleCloudSecuritycenterV2IpRules: - id: GoogleCloudSecuritycenterV2IpRules - description: IP rules associated with the finding. type: object + id: GoogleCloudSecuritycenterV2Attack + CustomModuleValidationError: + id: CustomModuleValidationError + description: >- + An error encountered while validating the uploaded configuration of an + Event Threat Detection Custom Module. properties: - direction: + end: description: >- - The direction that the rule is applicable to, one of ingress or - egress. + The end position of the error in the uploaded text version of the + module. This field may be omitted if no specific position applies, + or if one could not be computed. + $ref: '#/components/schemas/Position' + fieldPath: type: string - enumDescriptions: - - Unspecified direction value. - - Ingress direction value. - - Egress direction value. - enum: - - DIRECTION_UNSPECIFIED - - INGRESS - - EGRESS - allowed: - description: Tuple with allowed rules. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Allowed' - denied: - description: Tuple with denied rules. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Denied' - sourceIpRanges: description: >- - If source IP ranges are specified, the firewall rule applies only to - traffic that has a source IP address in these ranges. These ranges - must be expressed in CIDR format. Only supports IPv4. - type: array - items: - type: string - destinationIpRanges: + The path, in RFC 8901 JSON Pointer format, to the field that failed + validation. This may be left empty if no specific field is affected. + start: + $ref: '#/components/schemas/Position' description: >- - If destination IP ranges are specified, the firewall rule applies - only to traffic that has a destination IP address in these ranges. - These ranges must be expressed in CIDR format. Only supports IPv4. - type: array - items: - type: string - exposedServices: + The initial position of the error in the uploaded text version of + the module. This field may be omitted if no specific position + applies, or if one could not be computed. + description: + type: string description: >- - Name of the network protocol service, such as FTP, that is exposed - by the open port. Follows the naming convention available at: - https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml. - type: array - items: - type: string - GoogleCloudSecuritycenterV2Allowed: - id: GoogleCloudSecuritycenterV2Allowed - description: Allowed IP rule. + A description of the error, suitable for human consumption. + Required. type: object + BatchCreateResourceValueConfigsRequest: + description: Request message to create multiple resource value configs properties: - ipRules: - description: Optional. Optional list of allowed IP rules. + requests: + description: Required. The resource value configs to be created. type: array items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IpRule' - GoogleCloudSecuritycenterV2IpRule: - id: GoogleCloudSecuritycenterV2IpRule - description: IP rule information. + $ref: '#/components/schemas/CreateResourceValueConfigRequest' type: object - properties: - protocol: - description: >- - The IP protocol this rule applies to. This value can either be one - of the following well known protocol strings (TCP, UDP, ICMP, ESP, - AH, IPIP, SCTP) or a string representation of the integer value. - type: string - portRanges: - description: >- - Optional. An optional list of ports to which this rule applies. This - field is only applicable for the UDP or (S)TCP protocols. Each entry - must be either an integer or a range including a min and max port - number. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2PortRange' + id: BatchCreateResourceValueConfigsRequest GoogleCloudSecuritycenterV2PortRange: - id: GoogleCloudSecuritycenterV2PortRange description: >- A port range which is inclusive of the min and max values. Values are between 0 and 2^16-1. The max can be equal / must be not smaller than the min value. If min and max are equal this indicates that it is a single port. type: object + id: GoogleCloudSecuritycenterV2PortRange properties: - min: - description: Minimum port value. - type: string - format: int64 max: + format: int64 description: Maximum port value. type: string + min: format: int64 - GoogleCloudSecuritycenterV2Denied: - id: GoogleCloudSecuritycenterV2Denied - description: Denied IP rule. - type: object - properties: - ipRules: - description: Optional. Optional list of denied IP rules. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IpRule' - GoogleCloudSecuritycenterV2BackupDisasterRecovery: - id: GoogleCloudSecuritycenterV2BackupDisasterRecovery - description: Information related to Google Cloud Backup and DR Service findings. - type: object - properties: - backupTemplate: - description: >- - The name of a Backup and DR template which comprises one or more - backup policies. See the [Backup and DR - documentation](https://cloud.google.com/backup-disaster-recovery/docs/concepts/backup-plan#temp) - for more information. For example, `snap-ov`. type: string - policies: - description: >- - The names of Backup and DR policies that are associated with a - template and that define when to run a backup, how frequently to run - a backup, and how long to retain the backup image. For example, - `onvaults`. + description: Minimum port value. + ListOperationsResponse: + properties: + unreachable: type: array - items: - type: string - host: - description: >- - The name of a Backup and DR host, which is managed by the backup and - recovery appliance and known to the management console. The host can - be of type Generic (for example, Compute Engine, SQL Server, Oracle - DB, SMB file system, etc.), vCenter, or an ESX server. See the - [Backup and DR documentation on - hosts](https://cloud.google.com/backup-disaster-recovery/docs/configuration/manage-hosts-and-their-applications) - for more information. For example, `centos7-01`. - type: string - applications: description: >- - The names of Backup and DR applications. An application is a VM, - database, or file system on a managed host monitored by a backup and - recovery appliance. For example, `centos7-01-vol00`, - `centos7-01-vol01`, `centos7-01-vol02`. - type: array + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. items: type: string - storagePool: - description: >- - The name of the Backup and DR storage pool that the backup and - recovery appliance is storing data in. The storage pool could be of - type Cloud, Primary, Snapshot, or OnVault. See the [Backup and DR - documentation on storage - pools](https://cloud.google.com/backup-disaster-recovery/docs/concepts/storage-pools). - For example, `DiskPoolOne`. - type: string - policyOptions: + operations: description: >- - The names of Backup and DR advanced policy options of a policy - applying to an application. See the [Backup and DR documentation on - policy - options](https://cloud.google.com/backup-disaster-recovery/docs/create-plan/policy-settings). - For example, `skipofflineappsincongrp, nounmap`. + A list of operations that matches the specified filter in the + request. type: array items: - type: string - profile: - description: >- - The name of the Backup and DR resource profile that specifies the - storage media for backups of application and VM data. See the - [Backup and DR documentation on - profiles](https://cloud.google.com/backup-disaster-recovery/docs/concepts/backup-plan#profile). - For example, `GCP`. - type: string - appliance: - description: >- - The name of the Backup and DR appliance that captures, moves, and - manages the lifecycle of backup data. For example, - `backup-server-57137`. - type: string - backupType: - description: >- - The backup type of the Backup and DR image. For example, `Snapshot`, - `Remote Snapshot`, `OnVault`. - type: string - backupCreateTime: - description: The timestamp at which the Backup and DR backup was created. + $ref: '#/components/schemas/Operation' + nextPageToken: + description: The standard List next-page token. type: string - format: google-datetime - GoogleCloudSecuritycenterV2SecurityPosture: - id: GoogleCloudSecuritycenterV2SecurityPosture - description: >- - Represents a posture that is deployed on Google Cloud by the Security - Command Center Posture Management service. A posture contains one or - more policy sets. A policy set is a group of policies that enforce a set - of security rules on Google Cloud. + id: ListOperationsResponse type: object + description: The response message for Operations.ListOperations. + GroupFindingsResponse: properties: - name: - description: Name of the posture, for example, `CIS-Posture`. - type: string - revisionId: - description: The version of the posture, for example, `c7cfa2a8`. - type: string - postureDeploymentResource: - description: >- - The project, folder, or organization on which the posture is - deployed, for example, `projects/{project_number}`. - type: string - postureDeployment: - description: >- - The name of the posture deployment, for example, - `organizations/{org_id}/posturedeployments/{posture_deployment_id}`. - type: string - changedPolicy: - description: >- - The name of the updated policy, for example, - `projects/{project_id}/policies/{constraint_name}`. - type: string - policySet: - description: The name of the updated policy set, for example, `cis-policyset`. - type: string - policy: - description: The ID of the updated policy, for example, `compute-policy-1`. - type: string - policyDriftDetails: - description: >- - The details about a change in an updated policy that violates the - deployed posture. - type: array + groupByResults: items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2PolicyDriftDetails' - GoogleCloudSecuritycenterV2PolicyDriftDetails: - id: GoogleCloudSecuritycenterV2PolicyDriftDetails - description: >- - The policy field that violates the deployed posture and its expected and - detected values. - type: object - properties: - field: + $ref: '#/components/schemas/GroupResult' + type: array description: >- - The name of the updated field, for example - constraint.implementation.policy_rules[0].enforce + Group results. There exists an element for each existing unique + combination of property/values. The element contains a count for the + number of times those specific property/values appear. + readTime: + format: google-datetime type: string - expectedValue: - description: >- - The value of this field that was configured in a posture, for - example, `true` or `allowed_values={"projects/29831892"}`. + description: Time used for executing the groupBy request. + nextPageToken: type: string - detectedValue: description: >- - The detected value that violates the deployed posture, for example, - `false` or `allowed_values={"projects/22831892"}`. - type: string - GoogleCloudSecuritycenterV2LogEntry: - id: GoogleCloudSecuritycenterV2LogEntry - description: An individual entry in a log. + Token to retrieve the next page of results, or empty if there are no + more results. + totalSize: + description: The total number of results matching the query. + type: integer + format: int32 + description: Response message for group by findings. type: object - properties: - cloudLoggingEntry: - description: An individual entry in a log stored in Cloud Logging. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2CloudLoggingEntry' - GoogleCloudSecuritycenterV2CloudLoggingEntry: - id: GoogleCloudSecuritycenterV2CloudLoggingEntry - description: >- - Metadata taken from a [Cloud Logging - LogEntry](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) + id: GroupFindingsResponse + GoogleCloudSecuritycenterV2Package: type: object + id: GoogleCloudSecuritycenterV2Package + description: Package is a generic definition of a package. properties: - insertId: - description: A unique identifier for the log entry. + packageVersion: + description: The version of the package. type: string - logId: - description: >- - The type of the log (part of `log_name`. `log_name` is the resource - name of the log to which this log entry belongs). For example: - `cloudresourcemanager.googleapis.com/activity` Note that this field - is not URL-encoded, unlike in `LogEntry`. + packageType: type: string - resourceContainer: - description: >- - The organization, folder, or project of the monitored resource that - produced this log entry. + description: Type of package, for example, os, maven, or go. + packageName: type: string - timestamp: - description: The time the event described by the log entry occurred. + description: The name of the package where the vulnerability was detected. + cpeUri: + description: The CPE URI where the vulnerability was detected. type: string - format: google-datetime - GoogleCloudSecuritycenterV2LoadBalancer: - id: GoogleCloudSecuritycenterV2LoadBalancer - description: >- - Contains information related to the load balancer associated with the - finding. + GoogleCloudSecuritycenterV2Job: + id: GoogleCloudSecuritycenterV2Job type: object properties: name: - description: The name of the load balancer associated with the finding. - type: string - GoogleCloudSecuritycenterV2CloudArmor: - id: GoogleCloudSecuritycenterV2CloudArmor - description: Fields related to Google Cloud Armor findings. - type: object - properties: - securityPolicy: - description: >- - Information about the [Google Cloud Armor security - policy](https://cloud.google.com/armor/docs/security-policy-overview) - relevant to the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2SecurityPolicy' - requests: - description: >- - Information about incoming requests evaluated by [Google Cloud Armor - security - policies](https://cloud.google.com/armor/docs/security-policy-overview). - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Requests' - adaptiveProtection: - description: >- - Information about potential Layer 7 DDoS attacks identified by - [Google Cloud Armor Adaptive - Protection](https://cloud.google.com/armor/docs/adaptive-protection-overview). - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AdaptiveProtection' - attack: - description: Information about DDoS attack volume and classification. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Attack' - threatVector: - description: >- - Distinguish between volumetric & protocol DDoS attack and - application layer attacks. For example, "L3_4" for Layer 3 and Layer - 4 DDoS attacks, or "L_7" for Layer 7 DDoS attacks. type: string - duration: + description: The fully-qualified name for a job. e.g. `projects//jobs/` + state: + readOnly: true + description: Output only. State of the job, such as `RUNNING` or `PENDING`. + enumDescriptions: + - Unspecified represents an unknown state and should not be used. + - Job is scheduled and pending for run + - Job in progress + - Job has completed with success + - Job has completed but with failure + type: string + enum: + - JOB_STATE_UNSPECIFIED + - PENDING + - RUNNING + - SUCCEEDED + - FAILED + errorCode: + type: integer description: >- - Duration of attack from the start until the current moment (updated - every 5 minutes). + Optional. If the job did not complete successfully, this field + describes why. + format: int32 + location: type: string - format: google-duration - GoogleCloudSecuritycenterV2SecurityPolicy: - id: GoogleCloudSecuritycenterV2SecurityPolicy + description: >- + Optional. Gives the location where the job ran, such as `US` or + `europe-west1` + description: Describes a job + IamPolicy: + id: IamPolicy description: >- - Information about the [Google Cloud Armor security - policy](https://cloud.google.com/armor/docs/security-policy-overview) - relevant to the finding. + Cloud IAM Policy information associated with the Google Cloud resource + described by the Security Command Center asset. This information is + managed and defined by the Google Cloud resource and cannot be modified + by the user. type: object properties: - name: - description: >- - The name of the Google Cloud Armor security policy, for example, - "my-security-policy". + policyBlob: type: string - type: description: >- - The type of Google Cloud Armor security policy for example, 'backend - security policy', 'edge security policy', 'network edge security - policy', or 'always-on DDoS protection'. - type: string - preview: - description: Whether or not the associated rule or policy is in preview mode. - type: boolean - GoogleCloudSecuritycenterV2Requests: - id: GoogleCloudSecuritycenterV2Requests - description: Information about the requests relevant to the finding. + The JSON representation of the Policy associated with the asset. See + https://cloud.google.com/iam/reference/rest/v1/Policy for format + details. + Policy: type: object + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + id: Policy properties: - ratio: + etag: + format: byte description: >- - For 'Increasing deny ratio', the ratio is the denied traffic divided - by the allowed traffic. For 'Allowed traffic spike', the ratio is - the allowed traffic in the short term divided by allowed traffic in - the long term. - type: number - format: double - shortTermAllowed: - description: Allowed RPS (requests per second) in the short term. - type: integer - format: int32 - longTermAllowed: - description: Allowed RPS (requests per second) over the long term. - type: integer - format: int32 - longTermDenied: - description: Denied RPS (requests per second) over the long term. + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + type: string + bindings: + type: array + items: + $ref: '#/components/schemas/Binding' + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + auditConfigs: + items: + $ref: '#/components/schemas/AuditConfig' + type: array + description: Specifies cloud audit logging configuration for this policy. + version: + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). type: integer format: int32 - GoogleCloudSecuritycenterV2AdaptiveProtection: - id: GoogleCloudSecuritycenterV2AdaptiveProtection + Source: description: >- - Information about [Google Cloud Armor Adaptive - Protection](https://cloud.google.com/armor/docs/cloud-armor-overview#google-cloud-armor-adaptive-protection). + Security Command Center finding source. A finding source is an entity or + a mechanism that can produce a finding. A source is like a container of + findings that come from the same scanner, logger, monitor, and other + tools. type: object properties: - confidence: + name: description: >- - A score of 0 means that there is low confidence that the detected - event is an actual attack. A score of 1 means that there is high - confidence that the detected event is an attack. See the [Adaptive - Protection - documentation](https://cloud.google.com/armor/docs/adaptive-protection-overview#configure-alert-tuning) - for further explanation. - type: number - format: double - GoogleCloudSecuritycenterV2Attack: - id: GoogleCloudSecuritycenterV2Attack - description: Information about DDoS attack volume and classification. - type: object - properties: - volumePpsLong: - description: Total PPS (packets per second) volume of attack. + The relative resource name of this source. See: + https://cloud.google.com/apis/design/resource_names#relative_resource_name + Example: "organizations/{organization_id}/sources/{source_id}" type: string - format: int64 - volumeBpsLong: - description: Total BPS (bytes per second) volume of attack. + displayName: + description: >- + The source's display name. A source's display name must be unique + amongst its siblings, for example, two sources with the same parent + can't share the same display name. The display name must have a + length between 1 and 64 characters (inclusive). type: string - format: int64 - classification: + description: description: >- - Type of attack, for example, 'SYN-flood', 'NTP-udp', or - 'CHARGEN-udp'. + The description of the source (max of 1024 characters). Example: + "Web Security Scanner is a web security scanner for common + vulnerabilities in App Engine applications. It can automatically + scan and detect four common vulnerabilities, including + cross-site-scripting (XSS), Flash injection, mixed content (HTTP in + HTTPS), and outdated or insecure libraries." type: string - volumePps: + canonicalName: description: >- - Total PPS (packets per second) volume of attack. Deprecated - refer - to volume_pps_long instead. - deprecated: true - type: integer - format: int32 - volumeBps: + The canonical name of the finding source. It's either + "organizations/{organization_id}/sources/{source_id}", + "folders/{folder_id}/sources/{source_id}", or + "projects/{project_number}/sources/{source_id}", depending on the + closest CRM ancestor of the resource associated with the finding. + type: string + id: Source + Application: + description: Represents an application associated with a finding. + properties: + fullUri: + type: string description: >- - Total BPS (bytes per second) volume of attack. Deprecated - refer to - volume_bps_long instead. - deprecated: true - type: integer - format: int32 - GoogleCloudSecuritycenterV2Notebook: - id: GoogleCloudSecuritycenterV2Notebook - description: >- - Represents a Jupyter notebook IPYNB file, such as a [Colab Enterprise - notebook](https://cloud.google.com/colab/docs/introduction) file, that - is associated with a finding. + The full URI with payload that can be used to reproduce the + vulnerability. For example, `http://example.com?p=aMmYgI6H`. + baseUri: + description: >- + The base URI that identifies the network location of the application + in which the vulnerability was detected. For example, + `http://example.com`. + type: string + id: Application + type: object + PathNodeAssociatedFinding: + description: A finding that is associated with this node in the attack path. type: object + id: PathNodeAssociatedFinding properties: name: - description: The name of the notebook. type: string - service: - description: The source notebook service, for example, "Colab Enterprise". - type: string - lastAuthor: - description: The user ID of the latest author to modify the notebook. + description: Full resource name of the finding. + canonicalFinding: + description: >- + Canonical name of the associated findings. Example: + `organizations/123/sources/456/findings/789` type: string - notebookUpdateTime: - description: The most recent time the notebook was updated. + findingCategory: type: string - format: google-datetime - GoogleCloudSecuritycenterV2ToxicCombination: - id: GoogleCloudSecuritycenterV2ToxicCombination - description: >- - Contains details about a group of security issues that, when the issues - occur together, represent a greater risk than when the issues occur - independently. A group of such issues is referred to as a toxic - combination. - type: object + description: The additional taxonomy group within findings from a given source. + GoogleCloudSecuritycenterV2BackupDisasterRecovery: + id: GoogleCloudSecuritycenterV2BackupDisasterRecovery properties: - attackExposureScore: + policyOptions: + items: + type: string + type: array description: >- - The [Attack exposure - score](https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_exposure_scores) - of this toxic combination. The score is a measure of how much this - toxic combination exposes one or more high-value resources to - potential attack. - type: number - format: double - relatedFindings: + The names of Backup and DR advanced policy options of a policy + applying to an application. See the [Backup and DR documentation on + policy + options](https://cloud.google.com/backup-disaster-recovery/docs/create-plan/policy-settings). + For example, `skipofflineappsincongrp, nounmap`. + host: + type: string description: >- - List of resource names of findings associated with this toxic - combination. For example, - `organizations/123/sources/456/findings/789`. + The name of a Backup and DR host, which is managed by the backup and + recovery appliance and known to the management console. The host can + be of type Generic (for example, Compute Engine, SQL Server, Oracle + DB, SMB file system, etc.), vCenter, or an ESX server. See the + [Backup and DR documentation on + hosts](https://cloud.google.com/backup-disaster-recovery/docs/configuration/manage-hosts-and-their-applications) + for more information. For example, `centos7-01`. + backupType: + description: >- + The backup type of the Backup and DR image. For example, `Snapshot`, + `Remote Snapshot`, `OnVault`. + type: string + appliance: + description: >- + The name of the Backup and DR appliance that captures, moves, and + manages the lifecycle of backup data. For example, + `backup-server-57137`. + type: string + profile: + type: string + description: >- + The name of the Backup and DR resource profile that specifies the + storage media for backups of application and VM data. See the + [Backup and DR documentation on + profiles](https://cloud.google.com/backup-disaster-recovery/docs/concepts/backup-plan#profile). + For example, `GCP`. + backupCreateTime: + type: string + description: The timestamp at which the Backup and DR backup was created. + format: google-datetime + applications: type: array + description: >- + The names of Backup and DR applications. An application is a VM, + database, or file system on a managed host monitored by a backup and + recovery appliance. For example, `centos7-01-vol00`, + `centos7-01-vol01`, `centos7-01-vol02`. items: type: string - GoogleCloudSecuritycenterV2GroupMembership: - id: GoogleCloudSecuritycenterV2GroupMembership - description: >- - Contains details about groups of which this finding is a member. A group - is a collection of findings that are related in some way. - type: object - properties: - groupType: - description: Type of group. + backupTemplate: + description: >- + The name of a Backup and DR template which comprises one or more + backup policies. See the [Backup and DR + documentation](https://cloud.google.com/backup-disaster-recovery/docs/concepts/backup-plan#temp) + for more information. For example, `snap-ov`. type: string - enumDescriptions: - - Default value. - - Group represents a toxic combination. - - Group represents a chokepoint. - enum: - - GROUP_TYPE_UNSPECIFIED - - GROUP_TYPE_TOXIC_COMBINATION - - GROUP_TYPE_CHOKEPOINT - groupId: - description: ID of the group. + policies: + items: + type: string + type: array + description: >- + The names of Backup and DR policies that are associated with a + template and that define when to run a backup, how frequently to run + a backup, and how long to retain the backup image. For example, + `onvaults`. + storagePool: type: string - GoogleCloudSecuritycenterV2Disk: - id: GoogleCloudSecuritycenterV2Disk - description: Contains information about the disk associated with the finding. + description: >- + The name of the Backup and DR storage pool that the backup and + recovery appliance is storing data in. The storage pool could be of + type Cloud, Primary, Snapshot, or OnVault. See the [Backup and DR + documentation on storage + pools](https://cloud.google.com/backup-disaster-recovery/docs/concepts/storage-pools). + For example, `DiskPoolOne`. + description: Information related to Google Cloud Backup and DR Service findings. + type: object + ExportFindingsResponse: + properties: {} + description: The response to a ExportFindings request. Contains the LRO information. type: object + id: ExportFindingsResponse + GoogleCloudSecuritycenterV2SecurityMarks: properties: - name: + canonicalName: + type: string description: >- - The name of the disk, for example, - "https://www.googleapis.com/compute/v1/projects/{project-id}/zones/{zone-id}/disks/{disk-id}". + The canonical name of the marks. The following list shows some + examples: + + `organizations/{organization_id}/assets/{asset_id}/securityMarks` + + `organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks` + + + `organizations/{organization_id}/sources/{source_id}/locations/{location}/findings/{finding_id}/securityMarks` + + `folders/{folder_id}/assets/{asset_id}/securityMarks` + + `folders/{folder_id}/sources/{source_id}/findings/{finding_id}/securityMarks` + + + `folders/{folder_id}/sources/{source_id}/locations/{location}/findings/{finding_id}/securityMarks` + + `projects/{project_number}/assets/{asset_id}/securityMarks` + + `projects/{project_number}/sources/{source_id}/findings/{finding_id}/securityMarks` + + + `projects/{project_number}/sources/{source_id}/locations/{location}/findings/{finding_id}/securityMarks` + marks: + type: object + description: >- + Mutable user specified security marks belonging to the parent + resource. Constraints are as follows: * Keys and values are treated + as case insensitive * Keys must be between 1 - 256 characters + (inclusive) * Keys must be letters, numbers, underscores, or dashes + * Values have leading and trailing whitespace trimmed, remaining + characters must be between 1 - 4096 characters (inclusive) + additionalProperties: + type: string + name: type: string - GoogleCloudSecuritycenterV2DataAccessEvent: - id: GoogleCloudSecuritycenterV2DataAccessEvent + description: >- + The relative resource name of the SecurityMarks. See: + https://cloud.google.com/apis/design/resource_names#relative_resource_name + The following list shows some examples: + + `organizations/{organization_id}/assets/{asset_id}/securityMarks` + + `organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks` + + + `organizations/{organization_id}/sources/{source_id}/locations/{location}/findings/{finding_id}/securityMarks` + type: object description: >- - Details about a data access attempt made by a principal not authorized - under applicable data security policy. + User specified security marks that are attached to the parent Security + Command Center resource. Security marks are scoped within a Security + Command Center organization -- they can be modified and viewed by all + users who have proper permissions on the organization. + id: GoogleCloudSecuritycenterV2SecurityMarks + Dataset: type: object + description: Vertex AI dataset associated with the finding. + id: Dataset properties: - eventId: - description: Unique identifier for data access event. + source: + description: >- + Data source, such as BigQuery source URI, e.g. + bq://scc-nexus-test.AIPPtest.gsod type: string - principalEmail: + displayName: + type: string + description: The user defined display name of dataset, e.g. plants-dataset + name: description: >- - The email address of the principal that accessed the data. The - principal could be a user account, service account, Google group, or - other. + Resource name of the dataset, e.g. + projects/{project}/locations/{location}/datasets/2094040236064505856 type: string - operation: - description: The operation performed by the principal to access the data. + GoogleCloudSecuritycenterV2IssueResourceApplicationAttributesCriticality: + description: Criticality of the Application, Service, or Workload + id: GoogleCloudSecuritycenterV2IssueResourceApplicationAttributesCriticality + type: object + properties: + type: + description: Criticality Type. type: string - enumDescriptions: - - The operation is unspecified. - - Represents a read operation. - - Represents a move operation. - - Represents a copy operation. enum: - - OPERATION_UNSPECIFIED - - READ - - MOVE - - COPY - eventTime: - description: Timestamp of data access event. + - CRITICALITY_TYPE_UNSPECIFIED + - MISSION_CRITICAL + - HIGH + - MEDIUM + - LOW + enumDescriptions: + - Unspecified type. + - Mission critical service, application or workload. + - High impact. + - Medium impact. + - Low impact. + IpRule: + description: IP rule information. + properties: + protocol: + description: >- + The IP protocol this rule applies to. This value can either be one + of the following well known protocol strings (TCP, UDP, ICMP, ESP, + AH, IPIP, SCTP) or a string representation of the integer value. type: string - format: google-datetime - GoogleCloudSecuritycenterV2DataFlowEvent: - id: GoogleCloudSecuritycenterV2DataFlowEvent - description: >- - Details about a data flow event, in which either the data is moved to or - is accessed from a non-compliant geo-location, as defined in the - applicable data security policy. + portRanges: + type: array + items: + $ref: '#/components/schemas/PortRange' + description: >- + Optional. An optional list of ports to which this rule applies. This + field is only applicable for the UDP or (S)TCP protocols. Each entry + must be either an integer or a range including a min and max port + number. + id: IpRule type: object + SecurityBulletin: properties: - eventId: - description: Unique identifier for data flow event. + bulletinId: type: string - principalEmail: + description: ID of the bulletin corresponding to the vulnerability. + suggestedUpgradeVersion: description: >- - The email address of the principal that initiated the data flow - event. The principal could be a user account, service account, - Google group, or other. - type: string - operation: - description: The operation performed by the principal for the data flow event. - type: string - enumDescriptions: - - The operation is unspecified. - - Represents a read operation. - - Represents a move operation. - - Represents a copy operation. - enum: - - OPERATION_UNSPECIFIED - - READ - - MOVE - - COPY - violatedLocation: - description: Non-compliant location of the principal or the data destination. - type: string - eventTime: - description: Timestamp of data flow event. + This represents a version that the cluster receiving this + notification should be upgraded to, based on its current version. + For example, 1.15.0 type: string + submissionTime: format: google-datetime - GoogleCloudSecuritycenterV2Network: - id: GoogleCloudSecuritycenterV2Network - description: Contains information about a VPC network associated with the finding. + type: string + description: Submission time of this Security Bulletin. + type: object + id: SecurityBulletin + description: >- + SecurityBulletin are notifications of vulnerabilities of Google + products. + AzureMetadata: type: object properties: - name: + tenant: + description: The Azure Entra tenant associated with the resource. + $ref: '#/components/schemas/AzureTenant' + managementGroups: + items: + $ref: '#/components/schemas/AzureManagementGroup' description: >- - The name of the VPC network resource, for example, - `//compute.googleapis.com/projects/my-project/global/networks/my-network`. - type: string - GoogleCloudSecuritycenterV2DataRetentionDeletionEvent: - id: GoogleCloudSecuritycenterV2DataRetentionDeletionEvent + A list of Azure management groups associated with the resource, + ordered from lowest level (closest to the subscription) to highest + level. + type: array + resourceGroup: + description: The Azure resource group associated with the resource. + $ref: '#/components/schemas/AzureResourceGroup' + subscription: + description: The Azure subscription associated with the resource. + $ref: '#/components/schemas/AzureSubscription' + id: AzureMetadata description: >- - Details about data retention deletion violations, in which the data is - non-compliant based on their retention or deletion time, as defined in - the applicable data security policy. The Data Retention Deletion (DRD) - control is a control of the DSPM (Data Security Posture Management) - suite that enables organizations to manage data retention and deletion - policies in compliance with regulations, such as GDPR and CRPA. DRD - supports two primary policy types: maximum storage length (max TTL) and - minimum storage length (min TTL). Both are aimed at helping - organizations meet regulatory and data management commitments. - type: object + Azure metadata associated with the resource, only applicable if the + finding's cloud provider is Microsoft Azure. + InfoType: properties: - eventDetectionTime: - description: Timestamp indicating when the event was detected. + name: type: string - format: google-datetime - dataObjectCount: description: >- - Number of objects that violated the policy for this resource. If the - number is less than 1,000, then the value of this field is the exact - number. If the number of objects that violated the policy is greater - than or equal to 1,000, then the value of this field is 1000. + Name of the information type. Either a name of your choosing when + creating a CustomInfoType, or one of the names listed at + https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference + when specifying a built-in type. When sending Cloud DLP results to + Data Catalog, infoType names should conform to the pattern + `[A-Za-z0-9$_-]{1,64}`. + version: + description: Optional version name for this InfoType. type: string - format: int64 - maxRetentionAllowed: + sensitivityScore: description: >- - Maximum duration of retention allowed from the DRD control. This - comes from the DRD control where users set a max TTL for their data. - For example, suppose that a user sets the max TTL for a Cloud - Storage bucket to 90 days. However, an object in that bucket is 100 - days old. In this case, a DataRetentionDeletionEvent will be - generated for that Cloud Storage bucket, and the - max_retention_allowed is 90 days. - type: string - format: google-duration - eventType: - description: Type of the DRD event. - type: string - enumDescriptions: - - Unspecified event type. - - The maximum retention time has been exceeded. - enum: - - EVENT_TYPE_UNSPECIFIED - - EVENT_TYPE_MAX_TTL_EXCEEDED - GoogleCloudSecuritycenterV2AffectedResources: - id: GoogleCloudSecuritycenterV2AffectedResources - description: Details about resources affected by this finding. - type: object - properties: - count: - description: The count of resources affected by the finding. - type: string - format: int64 - GoogleCloudSecuritycenterV2AiModel: - id: GoogleCloudSecuritycenterV2AiModel - description: Contains information about the AI model associated with the finding. + Optional custom sensitivity for this InfoType. This only applies to + data profiling. + $ref: '#/components/schemas/SensitivityScore' + description: Type of information detected by the API. + id: InfoType type: object + GoogleCloudSecuritycenterV1MuteConfig: properties: - name: - description: The name of the AI model, for example, "gemini:1.0.0". + filter: type: string - domain: - description: The domain of the model, for example, “image-classification”. + description: >- + Required. An expression that defines the filter to apply across + create/update events of findings. While creating a filter string, be + mindful of the scope in which the mute configuration is being + created. E.g., If a filter contains project = X but is created under + the project = Y scope, it might not match any findings. The + following field and operator combinations are supported: * severity: + `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * + resource.project_name: `=`, `:` * resource.project_display_name: + `=`, `:` * resource.folders.resource_folder: `=`, `:` * + resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, + `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * + indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:` + updateTime: + format: google-datetime type: string - library: - description: The name of the model library, for example, “transformers”. + readOnly: true + description: >- + Output only. The most recent time at which the mute config was + updated. This field is set by the server and will be ignored if + provided on config creation or update. + createTime: + format: google-datetime + readOnly: true type: string - location: - description: The region in which the model is used, for example, “us-central1”. + description: >- + Output only. The time at which the mute config was created. This + field is set by the server and will be ignored if provided on config + creation. + mostRecentEditor: type: string - publisher: - description: The publisher of the model, for example, “google” or “nvidia”. + readOnly: true + description: >- + Output only. Email address of the user who last edited the mute + config. This field is set by the server and will be ignored if + provided on config creation or update. + description: type: string - deploymentPlatform: - description: The platform on which the model is deployed. + description: A description of the mute config. + expiryTime: + description: >- + Optional. The expiry of the mute config. Only applicable for dynamic + configs. If the expiry is set, when the config expires, it is + removed from all findings. type: string + format: google-datetime + type: enumDescriptions: - - Unspecified deployment platform. - - Vertex AI. - - Google Kubernetes Engine. - enum: - - DEPLOYMENT_PLATFORM_UNSPECIFIED - - VERTEX_AI - - GKE - displayName: + - Unused. + - >- + A static mute config, which sets the static mute state of future + matching findings to muted. Once the static mute state has been + set, finding or config modifications will not affect the state. + - >- + A dynamic mute config, which is applied to existing and future + matching findings, setting their dynamic mute state to "muted". If + the config is updated or deleted, or a matching finding is + updated, such that the finding doesn't match the config, the + config will be removed from the finding, and the finding's dynamic + mute state may become "unmuted" (unless other configs still + match). description: >- - The user defined display name of model. Ex. - baseline-classification-model + Optional. The type of the mute config, which determines what type of + mute state the config affects. The static mute state takes + precedence over the dynamic mute state. Immutable after creation. + STATIC by default if not set during creation. + enum: + - MUTE_CONFIG_TYPE_UNSPECIFIED + - STATIC + - DYNAMIC type: string - GoogleCloudSecuritycenterV2Chokepoint: - id: GoogleCloudSecuritycenterV2Chokepoint - description: >- - Contains details about a chokepoint, which is a resource or resource - group where high-risk attack paths converge, based on [attack path - simulations] - (https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_path_simulations). - type: object - properties: - relatedFindings: - description: >- - List of resource names of findings associated with this chokepoint. - For example, organizations/123/sources/456/findings/789. This list - will have at most 100 findings. - type: array - items: - type: string - GoogleCloudSecuritycenterV2ComplianceDetails: - id: GoogleCloudSecuritycenterV2ComplianceDetails - description: Compliance Details associated with the finding. - type: object - properties: - frameworks: - description: Details of Frameworks associated with the finding - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Framework' - cloudControl: - description: CloudControl associated with the finding - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2CloudControl' - cloudControlDeploymentNames: + name: description: >- - Cloud Control Deployments associated with the finding. For example, - organizations/123/locations/global/cloudControlDeployments/deploymentIdentifier - type: array - items: - type: string + This field will be ignored if provided on config creation. Format + `organizations/{organization}/muteConfigs/{mute_config}` + `folders/{folder}/muteConfigs/{mute_config}` + `projects/{project}/muteConfigs/{mute_config}` + `organizations/{organization}/locations/global/muteConfigs/{mute_config}` + `folders/{folder}/locations/global/muteConfigs/{mute_config}` + `projects/{project}/locations/global/muteConfigs/{mute_config}` + type: string + displayName: + deprecated: true + description: The human readable name to be displayed for the mute config. + type: string + type: object + id: GoogleCloudSecuritycenterV1MuteConfig + description: >- + A mute config is a Cloud SCC resource that contains the configuration to + mute create/update events of findings. GoogleCloudSecuritycenterV2Framework: - id: GoogleCloudSecuritycenterV2Framework description: Compliance framework associated with the finding. - type: object + id: GoogleCloudSecuritycenterV2Framework properties: - name: - description: Name of the framework associated with the finding + type: + enum: + - FRAMEWORK_TYPE_UNSPECIFIED + - FRAMEWORK_TYPE_BUILT_IN + - FRAMEWORK_TYPE_CUSTOM type: string + enumDescriptions: + - Default value. This value is unused. + - >- + The framework is a built-in framework if it is created and managed + by GCP. + - >- + The framework is a custom framework if it is created and managed + by the user. + description: >- + Type of the framework associated with the finding, to specify + whether the framework is built-in (pre-defined and immutable) or a + custom framework defined by the customer (equivalent to security + posture) displayName: description: >- Display name of the framework. For a standard framework, this will @@ -10214,1240 +10283,1617 @@ components: Benchmark, or Assured Workloads type: array items: - type: string - enumDescriptions: - - Default value. This value is unused. - - Security Benchmarks framework - - Assured Workloads framework - - Data Security framework - - Google Best Practices framework enum: - FRAMEWORK_CATEGORY_UNSPECIFIED - SECURITY_BENCHMARKS - ASSURED_WORKLOADS - DATA_SECURITY - GOOGLE_BEST_PRACTICES - type: - description: >- - Type of the framework associated with the finding, to specify - whether the framework is built-in (pre-defined and immutable) or a - custom framework defined by the customer (equivalent to security - posture) - type: string - enumDescriptions: - - Default value. This value is unused. - - >- - The framework is a built-in framework if it is created and managed - by GCP. - - >- - The framework is a custom framework if it is created and managed - by the user. - enum: - - FRAMEWORK_TYPE_UNSPECIFIED - - FRAMEWORK_TYPE_BUILT_IN - - FRAMEWORK_TYPE_CUSTOM + - CUSTOM_FRAMEWORK + enumDescriptions: + - Default value. This value is unused. + - Security Benchmarks framework + - Assured Workloads framework + - Data Security framework + - Google Best Practices framework + - A user-created framework + type: string controls: - description: The controls associated with the framework. type: array + description: The controls associated with the framework. items: $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Control' - GoogleCloudSecuritycenterV2Control: - id: GoogleCloudSecuritycenterV2Control - description: Compliance control associated with the finding. + name: + description: Name of the framework associated with the finding + type: string type: object + ComplianceDetails: + id: ComplianceDetails properties: - controlName: - description: Name of the Control + frameworks: + description: Details of Frameworks associated with the finding + type: array + items: + $ref: '#/components/schemas/Framework' + cloudControl: + description: CloudControl associated with the finding + $ref: '#/components/schemas/CloudControl' + cloudControlDeploymentNames: + items: + type: string + description: >- + Cloud Control Deployments associated with the finding. For example, + organizations/123/locations/global/cloudControlDeployments/deploymentIdentifier + type: array + description: Compliance Details associated with the finding. + type: object + GoogleCloudSecuritycenterV2DynamicMuteRecord: + properties: + matchTime: + description: When the dynamic mute rule first matched the finding. type: string - displayName: - description: Display name of the control. For example, AU-02. + format: google-datetime + muteConfig: type: string - GoogleCloudSecuritycenterV2CloudControl: - id: GoogleCloudSecuritycenterV2CloudControl - description: CloudControl associated with the finding. + description: >- + The relative resource name of the mute rule, represented by a mute + config, that created this record, for example + `organizations/123/muteConfigs/mymuteconfig` or + `organizations/123/locations/global/muteConfigs/mymuteconfig`. + id: GoogleCloudSecuritycenterV2DynamicMuteRecord + description: The record of a dynamic mute rule that matches the finding. type: object + GoogleCloudSecuritycenterV2StaticMute: + type: object + id: GoogleCloudSecuritycenterV2StaticMute + description: >- + Information about the static mute state. A static mute state overrides + any dynamic mute rules that apply to this finding. The static mute state + can be set by a static mute rule or by muting the finding directly. properties: - cloudControlName: - description: Name of the CloudControl associated with the finding. - type: string - type: - description: Type of cloud control. + state: + description: >- + The static mute state. If the value is `MUTED` or `UNMUTED`, then + the finding's overall mute state will have the same value. + enum: + - MUTE_UNSPECIFIED + - MUTED + - UNMUTED + - UNDEFINED type: string enumDescriptions: - Unspecified. - - Built in Cloud Control. - - Custom Cloud Control. - enum: - - CLOUD_CONTROL_TYPE_UNSPECIFIED - - BUILT_IN - - CUSTOM - policyType: - description: Policy type of the CloudControl + - Finding has been muted. + - Finding has been unmuted. + - Finding has never been muted/unmuted. + applyTime: + description: When the static mute was applied. + format: google-datetime + type: string + Indicator: + properties: + domains: + type: array + description: List of domains associated to the Finding. + items: + type: string + signatures: + type: array + items: + $ref: '#/components/schemas/ProcessSignature' + description: >- + The list of matched signatures indicating that the given process is + present in the environment. + ipAddresses: + description: The list of IP addresses that are associated with the finding. + type: array + items: + type: string + uris: + items: + type: string + type: array + description: The list of URIs associated to the Findings. + type: object + id: Indicator + description: >- + Represents what's commonly known as an _indicator of compromise_ (IoC) + in computer forensics. This is an artifact observed on a network or in + an operating system that, with high confidence, indicates a computer + intrusion. For more information, see [Indicator of + compromise](https://en.wikipedia.org/wiki/Indicator_of_compromise). + GoogleCloudSecuritycenterV2Exfiltration: + type: object + properties: + totalExfiltratedBytes: + description: Total exfiltrated bytes processed for the entire job. + type: string + format: int64 + sources: + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ExfilResource' + description: >- + If there are multiple sources, then the data is considered "joined" + between them. For instance, BigQuery can join multiple tables, and + each table would be considered a source. + type: array + targets: + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ExfilResource' + description: >- + If there are multiple targets, each target would get a complete copy + of the "joined" source data. + description: >- + Exfiltration represents a data exfiltration attempt from one or more + sources to one or more targets. The `sources` attribute lists the + sources of the exfiltrated data. The `targets` attribute lists the + destinations the data was copied to. + id: GoogleCloudSecuritycenterV2Exfiltration + Compliance: + properties: + standard: + description: >- + Industry-wide compliance standards or benchmarks, such as CIS, PCI, + and OWASP. type: string version: - description: Version of the Cloud Control - type: integer - format: int32 - GoogleCloudSecuritycenterV2VertexAi: - id: GoogleCloudSecuritycenterV2VertexAi - description: Vertex AI-related information associated with the finding. + type: string + description: Version of the standard or benchmark, for example, 1.1 + ids: + type: array + description: Policies within the standard or benchmark, for example, A.12.4.1 + items: + type: string + type: object + description: >- + Contains compliance information about a security standard indicating + unmet recommendations. + id: Compliance + AssetDiscoveryConfig: type: object properties: - datasets: - description: Datasets associated with the finding. + inclusionMode: + type: string + description: The mode to use for filtering asset discovery. + enumDescriptions: + - >- + Unspecified. Setting the mode with this value will disable + inclusion/exclusion filtering for Asset Discovery. + - >- + Asset Discovery will capture only the resources within the + projects specified. All other resources will be ignored. + - >- + Asset Discovery will ignore all resources under the projects + specified. All other resources will be retrieved. + enum: + - INCLUSION_MODE_UNSPECIFIED + - INCLUDE_ONLY + - EXCLUDE + projectIds: + description: The project ids to use for filtering asset discovery. type: array items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Dataset' - pipelines: - description: Pipelines associated with the finding. + type: string + folderIds: + description: >- + The folder ids to use for filtering asset discovery. It consists of + only digits, e.g., 756619654966. + items: + type: string type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Pipeline' - GoogleCloudSecuritycenterV2Dataset: - id: GoogleCloudSecuritycenterV2Dataset - description: Vertex AI dataset associated with the finding. - type: object + description: The configuration used for Asset Discovery runs. + id: AssetDiscoveryConfig + GoogleCloudSecuritycenterV2BigQueryExport: + id: GoogleCloudSecuritycenterV2BigQueryExport properties: - name: + filter: description: >- - Resource name of the dataset, e.g. - projects/{project}/locations/{location}/datasets/2094040236064505856 + Expression that defines the filter to apply across create/update + events of findings. The expression is a list of zero or more + restrictions combined via logical operators `AND` and `OR`. + Parentheses are supported, and `OR` has higher precedence than + `AND`. Restrictions have the form ` ` and may have a `-` character + in front of them to indicate negation. The fields map to those + defined in the corresponding resource. The supported operators are: + * `=` for all value types. * `>`, `<`, `>=`, `<=` for integer + values. * `:`, meaning substring matching, for strings. The + supported value types are: * string literals in quotes. * integer + literals without quotes. * boolean literals `true` and `false` + without quotes. type: string - displayName: - description: The user defined display name of dataset, e.g. plants-dataset + createTime: type: string - source: + format: google-datetime + readOnly: true description: >- - Data source, such as a BigQuery source URI, e.g. - bq://scc-nexus-test.AIPPtest.gsod + Output only. The time at which the BigQuery export was created. This + field is set by the server and will be ignored if provided on export + on creation. + updateTime: + format: google-datetime + readOnly: true type: string - GoogleCloudSecuritycenterV2Pipeline: - id: GoogleCloudSecuritycenterV2Pipeline - description: Vertex AI training pipeline associated with the finding. - type: object - properties: - name: description: >- - Resource name of the pipeline, e.g. - projects/{project}/locations/{location}/trainingPipelines/5253428229225578496 - type: string - displayName: + Output only. The most recent time at which the BigQuery export was + updated. This field is set by the server and will be ignored if + provided on export creation or update. + dataset: description: >- - The user-defined display name of pipeline, e.g. - plants-classification + The dataset to write findings' updates to. Its format is + "projects/[project_id]/datasets/[bigquery_dataset_id]". BigQuery + dataset unique ID must contain only letters (a-z, A-Z), numbers + (0-9), or underscores (_). type: string - GoogleCloudSecuritycenterV2Resource: - id: GoogleCloudSecuritycenterV2Resource - description: Information related to the Google Cloud resource. - type: object - properties: name: - description: >- - The full resource name of the resource. See: - https://cloud.google.com/apis/design/resource_names#full_resource_name type: string - displayName: - description: The human readable name of the resource. - type: string - type: - description: The full resource type of the resource. - type: string - cloudProvider: - description: Indicates which cloud provider the finding is from. + description: >- + Identifier. The relative resource name of this export. See: + https://cloud.google.com/apis/design/resource_names#relative_resource_name. + The following list shows some examples: + + `organizations/{organization_id}/locations/{location_id}/bigQueryExports/{export_id}` + + + `folders/{folder_id}/locations/{location_id}/bigQueryExports/{export_id}` + + + `projects/{project_id}/locations/{location_id}/bigQueryExports/{export_id}` + This field is provided in responses, and is ignored when provided in + create requests. + principal: type: string - enumDescriptions: - - The cloud provider is unspecified. - - The cloud provider is Google Cloud. - - The cloud provider is Amazon Web Services. - - The cloud provider is Microsoft Azure. - enum: - - CLOUD_PROVIDER_UNSPECIFIED - - GOOGLE_CLOUD_PLATFORM - - AMAZON_WEB_SERVICES - - MICROSOFT_AZURE - service: - description: The service or resource provider associated with the resource. + description: >- + Output only. The service account that needs permission to create + table and upload data to the BigQuery dataset. + readOnly: true + cryptoKeyName: + description: >- + Output only. The resource name of the Cloud KMS `CryptoKey` used to + protect this configuration's data, if configured during Security + Command Center activation. + readOnly: true type: string - location: - description: The region or location of the service (if applicable). + mostRecentEditor: type: string - gcpMetadata: - description: The Google Cloud metadata associated with the finding. - $ref: '#/components/schemas/GcpMetadata' - awsMetadata: - description: The AWS metadata associated with the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AwsMetadata' - azureMetadata: - description: The Azure metadata associated with the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AzureMetadata' - resourcePath: - description: Provides the path to the resource within the resource hierarchy. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ResourcePath' - resourcePathString: + readOnly: true description: >- - A string representation of the resource path. For Google Cloud, it - has the format of - `organizations/{organization_id}/folders/{folder_id}/folders/{folder_id}/projects/{project_id}` - where there can be any number of folders. For AWS, it has the format - of - `org/{organization_id}/ou/{organizational_unit_id}/ou/{organizational_unit_id}/account/{account_id}` - where there can be any number of organizational units. For Azure, it - has the format of - `mg/{management_group_id}/mg/{management_group_id}/subscription/{subscription_id}/rg/{resource_group_name}` - where there can be any number of management groups. + Output only. Email address of the user who last edited the BigQuery + export. This field is set by the server and will be ignored if + provided on export creation or update. + description: + description: The description of the export (max of 1024 characters). type: string - GcpMetadata: - id: GcpMetadata - description: >- - Google Cloud metadata associated with the resource. Only applicable if - the finding's cloud provider is Google Cloud. type: object + description: Configures how to deliver Findings to BigQuery Instance. + Framework: + description: Compliance framework associated with the finding. + id: Framework properties: - project: - description: The full resource name of project that the resource belongs to. - type: string - projectDisplayName: - description: The project ID that the resource belongs to. - type: string - parent: - description: The full resource name of resource's parent. - type: string - parentDisplayName: - description: The human readable name of resource's parent. + displayName: type: string - folders: description: >- - Output only. Contains a Folder message for each folder in the assets - ancestry. The first folder is the deepest nested folder, and the - last folder is the folder directly under the Organization. - readOnly: true + Display name of the framework. For a standard framework, this will + look like e.g. PCI DSS 3.2.1, whereas for a custom framework it can + be a user defined string like MyFramework + category: type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Folder' - organization: - description: The name of the organization that the resource belongs to. - type: string - GoogleCloudSecuritycenterV2Folder: - id: GoogleCloudSecuritycenterV2Folder - description: >- - Message that contains the resource name and display name of a folder - resource. - type: object - properties: - resourceFolder: description: >- - Full resource name of this folder. See: - https://cloud.google.com/apis/design/resource_names#full_resource_name - type: string - resourceFolderDisplayName: - description: The user defined display name for this folder. + Category of the framework associated with the finding. E.g. Security + Benchmark, or Assured Workloads + items: + enum: + - FRAMEWORK_CATEGORY_UNSPECIFIED + - SECURITY_BENCHMARKS + - ASSURED_WORKLOADS + - DATA_SECURITY + - GOOGLE_BEST_PRACTICES + - CUSTOM_FRAMEWORK + enumDescriptions: + - Default value. This value is unused. + - Security Benchmarks framework + - Assured Workloads framework + - Data Security framework + - Google Best Practices framework + - A user-created framework + type: string + name: + description: Name of the framework associated with the finding type: string - GoogleCloudSecuritycenterV2AwsMetadata: - id: GoogleCloudSecuritycenterV2AwsMetadata - description: >- - AWS metadata associated with the resource, only applicable if the - finding's cloud provider is Amazon Web Services. - type: object - properties: - organization: - description: The AWS organization associated with the resource. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AwsOrganization' - organizationalUnits: - description: >- - A list of AWS organizational units associated with the resource, - ordered from lowest level (closest to the account) to highest level. + controls: type: array + description: The controls associated with the framework. items: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV2AwsOrganizationalUnit - account: - description: The AWS account associated with the resource. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AwsAccount' - GoogleCloudSecuritycenterV2AwsOrganization: - id: GoogleCloudSecuritycenterV2AwsOrganization - description: >- - An organization is a collection of accounts that are centrally managed - together using consolidated billing, organized hierarchically with - organizational units (OUs), and controlled with policies. - type: object - properties: - id: - description: >- - The unique identifier (ID) for the organization. The regex pattern - for an organization ID string requires "o-" followed by from 10 to - 32 lowercase letters or digits. + $ref: '#/components/schemas/Control' + type: + enumDescriptions: + - Default value. This value is unused. + - >- + The framework is a built-in framework if it is created and managed + by GCP. + - >- + The framework is a custom framework if it is created and managed + by the user. + enum: + - FRAMEWORK_TYPE_UNSPECIFIED + - FRAMEWORK_TYPE_BUILT_IN + - FRAMEWORK_TYPE_CUSTOM type: string - GoogleCloudSecuritycenterV2AwsOrganizationalUnit: - id: GoogleCloudSecuritycenterV2AwsOrganizationalUnit - description: >- - An Organizational Unit (OU) is a container of AWS accounts within a root - of an organization. Policies that are attached to an OU apply to all - accounts contained in that OU and in any child OUs. + description: >- + Type of the framework associated with the finding, to specify + whether the framework is built-in (pre-defined and immutable) or a + custom framework defined by the customer (equivalent to security + posture) + type: object + GoogleCloudSecuritycenterV2ExternalSystem: + id: GoogleCloudSecuritycenterV2ExternalSystem type: object + description: Representation of third party SIEM/SOAR fields within SCC. properties: - id: - description: >- - The unique identifier (ID) associated with this OU. The regex - pattern for an organizational unit ID string requires "ou-" followed - by from 4 to 32 lowercase letters or digits (the ID of the root that - contains the OU). This string is followed by a second "-" dash and - from 8 to 32 additional lowercase letters or digits. For example, - "ou-ab12-cd34ef56". + caseUri: + description: The link to the finding's corresponding case in the external system. type: string - name: - description: The friendly name of the OU. + caseCreateTime: + format: google-datetime + description: >- + The time when the case was created, as reported by the external + system. type: string - GoogleCloudSecuritycenterV2AwsAccount: - id: GoogleCloudSecuritycenterV2AwsAccount - description: An AWS account that is a member of an organization. - type: object - properties: - id: + ticketInfo: description: >- - The unique identifier (ID) of the account, containing exactly 12 - digits. + Information about the ticket, if any, that is being used to track + the resolution of the issue that is identified by this finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2TicketInfo' + status: + description: >- + The most recent status of the finding's corresponding case, as + reported by the external system. type: string - name: - description: The friendly name of this account. + externalUid: + description: >- + The identifier that's used to track the finding's corresponding case + in the external system. type: string - GoogleCloudSecuritycenterV2AzureMetadata: - id: GoogleCloudSecuritycenterV2AzureMetadata - description: >- - Azure metadata associated with the resource, only applicable if the - finding's cloud provider is Microsoft Azure. - type: object - properties: - managementGroups: + externalSystemUpdateTime: description: >- - A list of Azure management groups associated with the resource, - ordered from lowest level (closest to the subscription) to highest - level. - type: array + The time when the case was last updated, as reported by the external + system. + type: string + format: google-datetime + assignees: items: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV2AzureManagementGroup - subscription: - description: The Azure subscription associated with the resource. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AzureSubscription' - resourceGroup: - description: The Azure resource group associated with the resource. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AzureResourceGroup' - tenant: - description: The Azure Entra tenant associated with the resource. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AzureTenant' - GoogleCloudSecuritycenterV2AzureManagementGroup: - id: GoogleCloudSecuritycenterV2AzureManagementGroup - description: Represents an Azure management group. - type: object - properties: - id: + type: string + type: array + description: References primary/secondary etc assignees in the external system. + caseCloseTime: description: >- - The UUID of the Azure management group, for example, - `20000000-0001-0000-0000-000000000000`. + The time when the case was closed, as reported by the external + system. type: string - displayName: - description: The display name of the Azure management group. + format: google-datetime + caseSla: type: string - GoogleCloudSecuritycenterV2AzureSubscription: - id: GoogleCloudSecuritycenterV2AzureSubscription - description: Represents an Azure subscription. - type: object - properties: - id: - description: >- - The UUID of the Azure subscription, for example, - `291bba3f-e0a5-47bc-a099-3bdcb2a50a05`. + format: google-datetime + description: The SLA of the finding's corresponding case in the external system. + casePriority: type: string - displayName: - description: The display name of the Azure subscription. + description: >- + The priority of the finding's corresponding case in the external + system. + name: + description: >- + Full resource name of the external system. The following list shows + some examples: + + `organizations/1234/sources/5678/findings/123456/externalSystems/jira` + + + `organizations/1234/sources/5678/locations/us/findings/123456/externalSystems/jira` + + `folders/1234/sources/5678/findings/123456/externalSystems/jira` + + `folders/1234/sources/5678/locations/us/findings/123456/externalSystems/jira` + + `projects/1234/sources/5678/findings/123456/externalSystems/jira` + + + `projects/1234/sources/5678/locations/us/findings/123456/externalSystems/jira` type: string - GoogleCloudSecuritycenterV2AzureResourceGroup: - id: GoogleCloudSecuritycenterV2AzureResourceGroup - description: Represents an Azure resource group. + Position: type: object + description: A position in the uploaded text version of a module. + id: Position properties: - id: - description: The ID of the Azure resource group. - type: string - name: - description: The name of the Azure resource group. This is not a UUID. - type: string - GoogleCloudSecuritycenterV2AzureTenant: - id: GoogleCloudSecuritycenterV2AzureTenant - description: Represents a Microsoft Entra tenant. + columnNumber: + description: The column number. + type: integer + format: int32 + lineNumber: + description: The line number. + format: int32 + type: integer + GoogleCloudSecuritycenterV2IssueResourceAzureMetadataAzureSubscription: + description: The Azure subscription of the resource associated with the issue. type: object properties: - id: - description: >- - The ID of the Microsoft Entra tenant, for example, - "a11aaa11-aa11-1aa1-11aa-1aaa11a". - type: string displayName: - description: The display name of the Azure tenant. type: string - GoogleCloudSecuritycenterV2ResourcePath: - id: GoogleCloudSecuritycenterV2ResourcePath - description: >- - Represents the path of resources leading up to the resource this finding - is about. - type: object - properties: - nodes: description: >- - The list of nodes that make the up resource path, ordered from - lowest level to highest level. + The Azure subscription display name of the resource associated with + the issue. + id: + description: The Azure subscription ID of the resource associated with the issue. + type: string + id: GoogleCloudSecuritycenterV2IssueResourceAzureMetadataAzureSubscription + CustomModuleValidationErrors: + properties: + errors: + description: The list of errors. type: array items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ResourcePathNode' - GoogleCloudSecuritycenterV2ResourcePathNode: - id: GoogleCloudSecuritycenterV2ResourcePathNode - description: >- - A node within the resource path. Each node represents a resource within - the resource hierarchy. + $ref: '#/components/schemas/CustomModuleValidationError' type: object - properties: - nodeType: - description: The type of resource this node represents. - type: string - enumDescriptions: - - Node type is unspecified. - - The node represents a Google Cloud organization. - - The node represents a Google Cloud folder. - - The node represents a Google Cloud project. - - The node represents an AWS organization. - - The node represents an AWS organizational unit. - - The node represents an AWS account. - - The node represents an Azure management group. - - The node represents an Azure subscription. - - The node represents an Azure resource group. - enum: - - RESOURCE_PATH_NODE_TYPE_UNSPECIFIED - - GCP_ORGANIZATION - - GCP_FOLDER - - GCP_PROJECT - - AWS_ORGANIZATION - - AWS_ORGANIZATIONAL_UNIT - - AWS_ACCOUNT - - AZURE_MANAGEMENT_GROUP - - AZURE_SUBSCRIPTION - - AZURE_RESOURCE_GROUP - id: - description: The ID of the resource this node represents. - type: string - displayName: - description: The display name of the resource this node represents. - type: string - GoogleCloudSecuritycenterV2ResourceValueConfig: - id: GoogleCloudSecuritycenterV2ResourceValueConfig description: >- - A resource value configuration (RVC) is a mapping configuration of - user's resources to resource values. Used in Attack path simulations. + A list of zero or more errors encountered while validating the uploaded + configuration of an Event Threat Detection Custom Module. + id: CustomModuleValidationErrors + GoogleCloudSecuritycenterV2MitreAttack: + id: GoogleCloudSecuritycenterV2MitreAttack type: object properties: - name: - description: Identifier. Name for the resource value configuration - type: string - resourceValue: - description: >- - Resource value level this expression represents Only required when - there is no Sensitive Data Protection mapping in the request + version: + description: The MITRE ATT&CK version referenced by the above fields. E.g. "8". type: string - enumDescriptions: - - Unspecific value - - High resource value - - Medium resource value - - Low resource value - - No resource value, e.g. ignore these resources - enum: - - RESOURCE_VALUE_UNSPECIFIED - - HIGH - - MEDIUM - - LOW - - NONE - tagValues: + primaryTechniques: + items: + enum: + - TECHNIQUE_UNSPECIFIED + - DATA_OBFUSCATION + - DATA_OBFUSCATION_STEGANOGRAPHY + - OS_CREDENTIAL_DUMPING + - OS_CREDENTIAL_DUMPING_PROC_FILESYSTEM + - OS_CREDENTIAL_DUMPING_ETC_PASSWORD_AND_ETC_SHADOW + - DATA_FROM_LOCAL_SYSTEM + - AUTOMATED_EXFILTRATION + - OBFUSCATED_FILES_OR_INFO + - STEGANOGRAPHY + - COMPILE_AFTER_DELIVERY + - COMMAND_OBFUSCATION + - SCHEDULED_TRANSFER + - SYSTEM_OWNER_USER_DISCOVERY + - MASQUERADING + - MATCH_LEGITIMATE_NAME_OR_LOCATION + - BOOT_OR_LOGON_INITIALIZATION_SCRIPTS + - STARTUP_ITEMS + - NETWORK_SERVICE_DISCOVERY + - SCHEDULED_TASK_JOB + - SCHEDULED_TASK_JOB_CRON + - CONTAINER_ORCHESTRATION_JOB + - PROCESS_INJECTION + - INPUT_CAPTURE + - INPUT_CAPTURE_KEYLOGGING + - PROCESS_DISCOVERY + - COMMAND_AND_SCRIPTING_INTERPRETER + - UNIX_SHELL + - PYTHON + - EXPLOITATION_FOR_PRIVILEGE_ESCALATION + - PERMISSION_GROUPS_DISCOVERY + - CLOUD_GROUPS + - INDICATOR_REMOVAL + - INDICATOR_REMOVAL_CLEAR_LINUX_OR_MAC_SYSTEM_LOGS + - INDICATOR_REMOVAL_CLEAR_COMMAND_HISTORY + - INDICATOR_REMOVAL_FILE_DELETION + - INDICATOR_REMOVAL_TIMESTOMP + - INDICATOR_REMOVAL_CLEAR_MAILBOX_DATA + - APPLICATION_LAYER_PROTOCOL + - DNS + - SOFTWARE_DEPLOYMENT_TOOLS + - VALID_ACCOUNTS + - DEFAULT_ACCOUNTS + - LOCAL_ACCOUNTS + - CLOUD_ACCOUNTS + - FILE_AND_DIRECTORY_DISCOVERY + - ACCOUNT_DISCOVERY_LOCAL_ACCOUNT + - PROXY + - EXTERNAL_PROXY + - MULTI_HOP_PROXY + - ACCOUNT_MANIPULATION + - ADDITIONAL_CLOUD_CREDENTIALS + - ADDITIONAL_CLOUD_ROLES + - SSH_AUTHORIZED_KEYS + - ADDITIONAL_CONTAINER_CLUSTER_ROLES + - MULTI_STAGE_CHANNELS + - INGRESS_TOOL_TRANSFER + - NATIVE_API + - BRUTE_FORCE + - AUTOMATED_COLLECTION + - SHARED_MODULES + - DATA_ENCODING + - STANDARD_ENCODING + - ACCESS_TOKEN_MANIPULATION + - TOKEN_IMPERSONATION_OR_THEFT + - CREATE_ACCOUNT + - LOCAL_ACCOUNT + - DEOBFUSCATE_DECODE_FILES_OR_INFO + - EXPLOIT_PUBLIC_FACING_APPLICATION + - SUPPLY_CHAIN_COMPROMISE + - COMPROMISE_SOFTWARE_DEPENDENCIES_AND_DEVELOPMENT_TOOLS + - EXPLOITATION_FOR_CLIENT_EXECUTION + - USER_EXECUTION + - EXPLOITATION_FOR_CREDENTIAL_ACCESS + - LINUX_AND_MAC_FILE_AND_DIRECTORY_PERMISSIONS_MODIFICATION + - DOMAIN_POLICY_MODIFICATION + - DATA_DESTRUCTION + - DATA_ENCRYPTED_FOR_IMPACT + - SERVICE_STOP + - INHIBIT_SYSTEM_RECOVERY + - FIRMWARE_CORRUPTION + - RESOURCE_HIJACKING + - NETWORK_DENIAL_OF_SERVICE + - CLOUD_SERVICE_DISCOVERY + - STEAL_APPLICATION_ACCESS_TOKEN + - ACCOUNT_ACCESS_REMOVAL + - TRANSFER_DATA_TO_CLOUD_ACCOUNT + - STEAL_WEB_SESSION_COOKIE + - CREATE_OR_MODIFY_SYSTEM_PROCESS + - EVENT_TRIGGERED_EXECUTION + - BOOT_OR_LOGON_AUTOSTART_EXECUTION + - KERNEL_MODULES_AND_EXTENSIONS + - SHORTCUT_MODIFICATION + - ABUSE_ELEVATION_CONTROL_MECHANISM + - ABUSE_ELEVATION_CONTROL_MECHANISM_SETUID_AND_SETGID + - ABUSE_ELEVATION_CONTROL_MECHANISM_SUDO_AND_SUDO_CACHING + - UNSECURED_CREDENTIALS + - CREDENTIALS_IN_FILES + - BASH_HISTORY + - PRIVATE_KEYS + - SUBVERT_TRUST_CONTROL + - INSTALL_ROOT_CERTIFICATE + - COMPROMISE_HOST_SOFTWARE_BINARY + - CREDENTIALS_FROM_PASSWORD_STORES + - MODIFY_AUTHENTICATION_PROCESS + - PLUGGABLE_AUTHENTICATION_MODULES + - MULTI_FACTOR_AUTHENTICATION + - IMPAIR_DEFENSES + - DISABLE_OR_MODIFY_TOOLS + - INDICATOR_BLOCKING + - DISABLE_OR_MODIFY_LINUX_AUDIT_SYSTEM + - HIDE_ARTIFACTS + - HIDDEN_FILES_AND_DIRECTORIES + - HIDDEN_USERS + - EXFILTRATION_OVER_WEB_SERVICE + - EXFILTRATION_TO_CLOUD_STORAGE + - DYNAMIC_RESOLUTION + - LATERAL_TOOL_TRANSFER + - HIJACK_EXECUTION_FLOW + - HIJACK_EXECUTION_FLOW_DYNAMIC_LINKER_HIJACKING + - MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE + - CREATE_SNAPSHOT + - CLOUD_INFRASTRUCTURE_DISCOVERY + - DEVELOP_CAPABILITIES + - DEVELOP_CAPABILITIES_MALWARE + - OBTAIN_CAPABILITIES + - OBTAIN_CAPABILITIES_MALWARE + - OBTAIN_CAPABILITIES_VULNERABILITIES + - ACTIVE_SCANNING + - SCANNING_IP_BLOCKS + - STAGE_CAPABILITIES + - UPLOAD_MALWARE + - CONTAINER_ADMINISTRATION_COMMAND + - DEPLOY_CONTAINER + - ESCAPE_TO_HOST + - CONTAINER_AND_RESOURCE_DISCOVERY + - REFLECTIVE_CODE_LOADING + - STEAL_OR_FORGE_AUTHENTICATION_CERTIFICATES + - FINANCIAL_THEFT + enumDescriptions: + - Unspecified value. + - T1001 + - T1001.002 + - T1003 + - T1003.007 + - T1003.008 + - T1005 + - T1020 + - T1027 + - T1027.003 + - T1027.004 + - T1027.010 + - T1029 + - T1033 + - T1036 + - T1036.005 + - T1037 + - T1037.005 + - T1046 + - T1053 + - T1053.003 + - T1053.007 + - T1055 + - T1056 + - T1056.001 + - T1057 + - T1059 + - T1059.004 + - T1059.006 + - T1068 + - T1069 + - T1069.003 + - T1070 + - T1070.002 + - T1070.003 + - T1070.004 + - T1070.006 + - T1070.008 + - T1071 + - T1071.004 + - T1072 + - T1078 + - T1078.001 + - T1078.003 + - T1078.004 + - T1083 + - T1087.001 + - T1090 + - T1090.002 + - T1090.003 + - T1098 + - T1098.001 + - T1098.003 + - T1098.004 + - T1098.006 + - T1104 + - T1105 + - T1106 + - T1110 + - T1119 + - T1129 + - T1132 + - T1132.001 + - T1134 + - T1134.001 + - T1136 + - T1136.001 + - T1140 + - T1190 + - T1195 + - T1195.001 + - T1203 + - T1204 + - T1212 + - T1222.002 + - T1484 + - T1485 + - T1486 + - T1489 + - T1490 + - T1495 + - T1496 + - T1498 + - T1526 + - T1528 + - T1531 + - T1537 + - T1539 + - T1543 + - T1546 + - T1547 + - T1547.006 + - T1547.009 + - T1548 + - T1548.001 + - T1548.003 + - T1552 + - T1552.001 + - T1552.003 + - T1552.004 + - T1553 + - T1553.004 + - T1554 + - T1555 + - T1556 + - T1556.003 + - T1556.006 + - T1562 + - T1562.001 + - T1562.006 + - T1562.012 + - T1564 + - T1564.001 + - T1564.002 + - T1567 + - T1567.002 + - T1568 + - T1570 + - T1574 + - T1574.006 + - T1578 + - T1578.001 + - T1580 + - T1587 + - T1587.001 + - T1588 + - T1588.001 + - T1588.006 + - T1595 + - T1595.001 + - T1608 + - T1608.001 + - T1609 + - T1610 + - T1611 + - T1613 + - T1620 + - T1649 + - T1657 + type: string description: >- - Tag values combined with `AND` to check against. For Google Cloud - resources, they are tag value IDs in the form of "tagValues/123". - Example: `[ "tagValues/123", "tagValues/456", "tagValues/789" ]` - https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing + The MITRE ATT&CK technique most closely represented by this finding, + if any. primary_techniques is a repeated field because there are + multiple levels of MITRE ATT&CK techniques. If the technique most + closely represented by this finding is a sub-technique (e.g. + `SCANNING_IP_BLOCKS`), both the sub-technique and its parent + technique(s) will be listed (e.g. `SCANNING_IP_BLOCKS`, + `ACTIVE_SCANNING`). + type: array + additionalTactics: + description: Additional MITRE ATT&CK tactics related to this finding, if any. type: array items: type: string - resourceType: - description: >- - Apply resource_value only to resources that match resource_type. - resource_type will be checked with `AND` of other resources. For - example, "storage.googleapis.com/Bucket" with resource_value "HIGH" - will apply "HIGH" value only to "storage.googleapis.com/Bucket" - resources. - type: string - scope: - description: >- - Project or folder to scope this configuration to. For example, - "project/456" would apply this configuration only to resources in - "project/456" scope and will be checked with `AND` of other - resources. - type: string - resourceLabelsSelector: - description: >- - List of resource labels to search for, evaluated with `AND`. For - example, "resource_labels_selector": {"key": "value", "env": "prod"} - will match resources with labels "key": "value" `AND` "env": "prod" - https://cloud.google.com/resource-manager/docs/creating-managing-labels - type: object - additionalProperties: - type: string - description: - description: Description of the resource value configuration. - type: string - createTime: - description: >- - Output only. Timestamp this resource value configuration was - created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. Timestamp this resource value configuration was last - updated. - readOnly: true - type: string - format: google-datetime - cloudProvider: - description: Cloud provider this configuration applies to - type: string - enumDescriptions: - - The cloud provider is unspecified. - - The cloud provider is Google Cloud. - - The cloud provider is Amazon Web Services. - - The cloud provider is Microsoft Azure. - enum: - - CLOUD_PROVIDER_UNSPECIFIED - - GOOGLE_CLOUD_PLATFORM - - AMAZON_WEB_SERVICES - - MICROSOFT_AZURE - sensitiveDataProtectionMapping: - description: >- - A mapping of the sensitivity on Sensitive Data Protection finding to - resource values. This mapping can only be used in combination with a - resource_type that is related to BigQuery, e.g. - "bigquery.googleapis.com/Dataset". - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV2SensitiveDataProtectionMapping - GoogleCloudSecuritycenterV2SensitiveDataProtectionMapping: - id: GoogleCloudSecuritycenterV2SensitiveDataProtectionMapping - description: >- - Resource value mapping for Sensitive Data Protection findings If any of - these mappings have a resource value that is not unspecified, the - resource_value field will be ignored when reading this configuration. - type: object - properties: - highSensitivityMapping: - description: >- - Resource value mapping for high-sensitivity Sensitive Data - Protection findings - type: string - enumDescriptions: - - Unspecific value - - High resource value - - Medium resource value - - Low resource value - - No resource value, e.g. ignore these resources - enum: - - RESOURCE_VALUE_UNSPECIFIED - - HIGH - - MEDIUM - - LOW - - NONE - mediumSensitivityMapping: - description: >- - Resource value mapping for medium-sensitivity Sensitive Data - Protection findings + enum: + - TACTIC_UNSPECIFIED + - RECONNAISSANCE + - RESOURCE_DEVELOPMENT + - INITIAL_ACCESS + - EXECUTION + - PERSISTENCE + - PRIVILEGE_ESCALATION + - DEFENSE_EVASION + - CREDENTIAL_ACCESS + - DISCOVERY + - LATERAL_MOVEMENT + - COLLECTION + - COMMAND_AND_CONTROL + - EXFILTRATION + - IMPACT + enumDescriptions: + - Unspecified value. + - TA0043 + - TA0042 + - TA0001 + - TA0002 + - TA0003 + - TA0004 + - TA0005 + - TA0006 + - TA0007 + - TA0008 + - TA0009 + - TA0011 + - TA0010 + - TA0040 + primaryTactic: type: string enumDescriptions: - - Unspecific value - - High resource value - - Medium resource value - - Low resource value - - No resource value, e.g. ignore these resources + - Unspecified value. + - TA0043 + - TA0042 + - TA0001 + - TA0002 + - TA0003 + - TA0004 + - TA0005 + - TA0006 + - TA0007 + - TA0008 + - TA0009 + - TA0011 + - TA0010 + - TA0040 enum: - - RESOURCE_VALUE_UNSPECIFIED - - HIGH - - MEDIUM - - LOW - - NONE - VulnerabilitySnapshot: - id: VulnerabilitySnapshot - description: >- - Result containing the properties and count of a VulnerabilitySnapshot - request. - type: object - properties: - name: + - TACTIC_UNSPECIFIED + - RECONNAISSANCE + - RESOURCE_DEVELOPMENT + - INITIAL_ACCESS + - EXECUTION + - PERSISTENCE + - PRIVILEGE_ESCALATION + - DEFENSE_EVASION + - CREDENTIAL_ACCESS + - DISCOVERY + - LATERAL_MOVEMENT + - COLLECTION + - COMMAND_AND_CONTROL + - EXFILTRATION + - IMPACT description: >- - Identifier. The vulnerability snapshot name. Format: - //locations//vulnerabilitySnapshots/ - type: string - cloudProvider: - description: The cloud provider for the vulnerability snapshot. - type: string - enumDescriptions: - - The cloud provider is unspecified. - - The cloud provider is Google Cloud. - - The cloud provider is Amazon Web Services. - - The cloud provider is Microsoft Azure. - enum: - - CLOUD_PROVIDER_UNSPECIFIED - - GOOGLE_CLOUD_PLATFORM - - AMAZON_WEB_SERVICES - - MICROSOFT_AZURE - snapshotTime: - description: The time that the snapshot was taken. - type: string - format: google-datetime - findingCount: - description: The vulnerability count by severity. - $ref: '#/components/schemas/VulnerabilityCountBySeverity' - VulnerabilityCountBySeverity: - id: VulnerabilityCountBySeverity - description: Vulnerability count by severity. - type: object - properties: - severityToFindingCount: - description: Key is the Severity enum. - type: object - additionalProperties: + The MITRE ATT&CK tactic most closely represented by this finding, if + any. + additionalTechniques: + items: + enumDescriptions: + - Unspecified value. + - T1001 + - T1001.002 + - T1003 + - T1003.007 + - T1003.008 + - T1005 + - T1020 + - T1027 + - T1027.003 + - T1027.004 + - T1027.010 + - T1029 + - T1033 + - T1036 + - T1036.005 + - T1037 + - T1037.005 + - T1046 + - T1053 + - T1053.003 + - T1053.007 + - T1055 + - T1056 + - T1056.001 + - T1057 + - T1059 + - T1059.004 + - T1059.006 + - T1068 + - T1069 + - T1069.003 + - T1070 + - T1070.002 + - T1070.003 + - T1070.004 + - T1070.006 + - T1070.008 + - T1071 + - T1071.004 + - T1072 + - T1078 + - T1078.001 + - T1078.003 + - T1078.004 + - T1083 + - T1087.001 + - T1090 + - T1090.002 + - T1090.003 + - T1098 + - T1098.001 + - T1098.003 + - T1098.004 + - T1098.006 + - T1104 + - T1105 + - T1106 + - T1110 + - T1119 + - T1129 + - T1132 + - T1132.001 + - T1134 + - T1134.001 + - T1136 + - T1136.001 + - T1140 + - T1190 + - T1195 + - T1195.001 + - T1203 + - T1204 + - T1212 + - T1222.002 + - T1484 + - T1485 + - T1486 + - T1489 + - T1490 + - T1495 + - T1496 + - T1498 + - T1526 + - T1528 + - T1531 + - T1537 + - T1539 + - T1543 + - T1546 + - T1547 + - T1547.006 + - T1547.009 + - T1548 + - T1548.001 + - T1548.003 + - T1552 + - T1552.001 + - T1552.003 + - T1552.004 + - T1553 + - T1553.004 + - T1554 + - T1555 + - T1556 + - T1556.003 + - T1556.006 + - T1562 + - T1562.001 + - T1562.006 + - T1562.012 + - T1564 + - T1564.001 + - T1564.002 + - T1567 + - T1567.002 + - T1568 + - T1570 + - T1574 + - T1574.006 + - T1578 + - T1578.001 + - T1580 + - T1587 + - T1587.001 + - T1588 + - T1588.001 + - T1588.006 + - T1595 + - T1595.001 + - T1608 + - T1608.001 + - T1609 + - T1610 + - T1611 + - T1613 + - T1620 + - T1649 + - T1657 + enum: + - TECHNIQUE_UNSPECIFIED + - DATA_OBFUSCATION + - DATA_OBFUSCATION_STEGANOGRAPHY + - OS_CREDENTIAL_DUMPING + - OS_CREDENTIAL_DUMPING_PROC_FILESYSTEM + - OS_CREDENTIAL_DUMPING_ETC_PASSWORD_AND_ETC_SHADOW + - DATA_FROM_LOCAL_SYSTEM + - AUTOMATED_EXFILTRATION + - OBFUSCATED_FILES_OR_INFO + - STEGANOGRAPHY + - COMPILE_AFTER_DELIVERY + - COMMAND_OBFUSCATION + - SCHEDULED_TRANSFER + - SYSTEM_OWNER_USER_DISCOVERY + - MASQUERADING + - MATCH_LEGITIMATE_NAME_OR_LOCATION + - BOOT_OR_LOGON_INITIALIZATION_SCRIPTS + - STARTUP_ITEMS + - NETWORK_SERVICE_DISCOVERY + - SCHEDULED_TASK_JOB + - SCHEDULED_TASK_JOB_CRON + - CONTAINER_ORCHESTRATION_JOB + - PROCESS_INJECTION + - INPUT_CAPTURE + - INPUT_CAPTURE_KEYLOGGING + - PROCESS_DISCOVERY + - COMMAND_AND_SCRIPTING_INTERPRETER + - UNIX_SHELL + - PYTHON + - EXPLOITATION_FOR_PRIVILEGE_ESCALATION + - PERMISSION_GROUPS_DISCOVERY + - CLOUD_GROUPS + - INDICATOR_REMOVAL + - INDICATOR_REMOVAL_CLEAR_LINUX_OR_MAC_SYSTEM_LOGS + - INDICATOR_REMOVAL_CLEAR_COMMAND_HISTORY + - INDICATOR_REMOVAL_FILE_DELETION + - INDICATOR_REMOVAL_TIMESTOMP + - INDICATOR_REMOVAL_CLEAR_MAILBOX_DATA + - APPLICATION_LAYER_PROTOCOL + - DNS + - SOFTWARE_DEPLOYMENT_TOOLS + - VALID_ACCOUNTS + - DEFAULT_ACCOUNTS + - LOCAL_ACCOUNTS + - CLOUD_ACCOUNTS + - FILE_AND_DIRECTORY_DISCOVERY + - ACCOUNT_DISCOVERY_LOCAL_ACCOUNT + - PROXY + - EXTERNAL_PROXY + - MULTI_HOP_PROXY + - ACCOUNT_MANIPULATION + - ADDITIONAL_CLOUD_CREDENTIALS + - ADDITIONAL_CLOUD_ROLES + - SSH_AUTHORIZED_KEYS + - ADDITIONAL_CONTAINER_CLUSTER_ROLES + - MULTI_STAGE_CHANNELS + - INGRESS_TOOL_TRANSFER + - NATIVE_API + - BRUTE_FORCE + - AUTOMATED_COLLECTION + - SHARED_MODULES + - DATA_ENCODING + - STANDARD_ENCODING + - ACCESS_TOKEN_MANIPULATION + - TOKEN_IMPERSONATION_OR_THEFT + - CREATE_ACCOUNT + - LOCAL_ACCOUNT + - DEOBFUSCATE_DECODE_FILES_OR_INFO + - EXPLOIT_PUBLIC_FACING_APPLICATION + - SUPPLY_CHAIN_COMPROMISE + - COMPROMISE_SOFTWARE_DEPENDENCIES_AND_DEVELOPMENT_TOOLS + - EXPLOITATION_FOR_CLIENT_EXECUTION + - USER_EXECUTION + - EXPLOITATION_FOR_CREDENTIAL_ACCESS + - LINUX_AND_MAC_FILE_AND_DIRECTORY_PERMISSIONS_MODIFICATION + - DOMAIN_POLICY_MODIFICATION + - DATA_DESTRUCTION + - DATA_ENCRYPTED_FOR_IMPACT + - SERVICE_STOP + - INHIBIT_SYSTEM_RECOVERY + - FIRMWARE_CORRUPTION + - RESOURCE_HIJACKING + - NETWORK_DENIAL_OF_SERVICE + - CLOUD_SERVICE_DISCOVERY + - STEAL_APPLICATION_ACCESS_TOKEN + - ACCOUNT_ACCESS_REMOVAL + - TRANSFER_DATA_TO_CLOUD_ACCOUNT + - STEAL_WEB_SESSION_COOKIE + - CREATE_OR_MODIFY_SYSTEM_PROCESS + - EVENT_TRIGGERED_EXECUTION + - BOOT_OR_LOGON_AUTOSTART_EXECUTION + - KERNEL_MODULES_AND_EXTENSIONS + - SHORTCUT_MODIFICATION + - ABUSE_ELEVATION_CONTROL_MECHANISM + - ABUSE_ELEVATION_CONTROL_MECHANISM_SETUID_AND_SETGID + - ABUSE_ELEVATION_CONTROL_MECHANISM_SUDO_AND_SUDO_CACHING + - UNSECURED_CREDENTIALS + - CREDENTIALS_IN_FILES + - BASH_HISTORY + - PRIVATE_KEYS + - SUBVERT_TRUST_CONTROL + - INSTALL_ROOT_CERTIFICATE + - COMPROMISE_HOST_SOFTWARE_BINARY + - CREDENTIALS_FROM_PASSWORD_STORES + - MODIFY_AUTHENTICATION_PROCESS + - PLUGGABLE_AUTHENTICATION_MODULES + - MULTI_FACTOR_AUTHENTICATION + - IMPAIR_DEFENSES + - DISABLE_OR_MODIFY_TOOLS + - INDICATOR_BLOCKING + - DISABLE_OR_MODIFY_LINUX_AUDIT_SYSTEM + - HIDE_ARTIFACTS + - HIDDEN_FILES_AND_DIRECTORIES + - HIDDEN_USERS + - EXFILTRATION_OVER_WEB_SERVICE + - EXFILTRATION_TO_CLOUD_STORAGE + - DYNAMIC_RESOLUTION + - LATERAL_TOOL_TRANSFER + - HIJACK_EXECUTION_FLOW + - HIJACK_EXECUTION_FLOW_DYNAMIC_LINKER_HIJACKING + - MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE + - CREATE_SNAPSHOT + - CLOUD_INFRASTRUCTURE_DISCOVERY + - DEVELOP_CAPABILITIES + - DEVELOP_CAPABILITIES_MALWARE + - OBTAIN_CAPABILITIES + - OBTAIN_CAPABILITIES_MALWARE + - OBTAIN_CAPABILITIES_VULNERABILITIES + - ACTIVE_SCANNING + - SCANNING_IP_BLOCKS + - STAGE_CAPABILITIES + - UPLOAD_MALWARE + - CONTAINER_ADMINISTRATION_COMMAND + - DEPLOY_CONTAINER + - ESCAPE_TO_HOST + - CONTAINER_AND_RESOURCE_DISCOVERY + - REFLECTIVE_CODE_LOADING + - STEAL_OR_FORGE_AUTHENTICATION_CERTIFICATES + - FINANCIAL_THEFT type: string - format: int64 - GoogleCloudSecuritycenterV2Issue: - id: GoogleCloudSecuritycenterV2Issue - description: Security Command Center Issue. - type: object - properties: - name: description: >- - Identifier. The name of the issue. Format: - organizations/{organization}/locations/{location}/issues/{issue} - type: string - detection: - description: The finding category or rule name that generated the issue. - type: string - description: - description: The description of the issue in Markdown format. - type: string - remediations: - description: Approaches to remediate the issue in Markdown format. + Additional MITRE ATT&CK techniques related to this finding, if any, + along with any of their respective parent techniques. type: array - items: - type: string - severity: - description: The severity of the issue. - type: string - enumDescriptions: - - Unspecified severity. - - Critical severity. - - High severity. - - Medium severity. - - Low severity. - enum: - - SEVERITY_UNSPECIFIED - - CRITICAL - - HIGH - - MEDIUM - - LOW - state: - description: Output only. The state of the issue. - readOnly: true - type: string + description: >- + MITRE ATT&CK tactics and techniques related to this finding. See: + https://attack.mitre.org + SensitivityScore: + id: SensitivityScore + properties: + score: enumDescriptions: - - Unspecified state. - - Active state. - - Inactive state. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - INACTIVE - createTime: - description: Output only. The time the issue was created. - readOnly: true - type: string - format: google-datetime - lastObservationTime: - description: The time the issue was last observed. - type: string - format: google-datetime - updateTime: - description: Output only. The time the issue was last updated. - readOnly: true - type: string - format: google-datetime - primaryResource: - description: The primary resource associated with the issue. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IssueResource' - secondaryResources: - description: Additional resources associated with the issue. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IssueResource' - issueType: - description: The type of the issue. + - Unused. + - >- + No sensitive information detected. The resource isn't publicly + accessible. + - Unable to determine sensitivity. + - >- + Medium risk. Contains personally identifiable information (PII), + potentially sensitive data, or fields with free-text data that are + at a higher risk of having intermittent sensitive data. Consider + limiting access. + - >- + High risk. Sensitive personally identifiable information (SPII) + can be present. Exfiltration of data can lead to user data loss. + Re-identification of users might be possible. Consider limiting + usage and or removing SPII. + description: The sensitivity score applied to the resource. type: string - enumDescriptions: - - Unspecified issue type. - - Chokepoint issue type. - - Toxic combination issue type. - - Insight issue type. enum: - - ISSUE_TYPE_UNSPECIFIED - - CHOKEPOINT - - TOXIC_COMBINATION - - INSIGHT - mute: - description: The mute information of the issue. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IssueMute' - exposureScore: - description: The exposure score of the issue. - type: number - format: double - domains: - description: The domains of the issue. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IssueDomain' - securityContexts: - description: The security context of the issue. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV2IssueSecurityContext - relatedFindings: - description: The findings related to the issue. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IssueFinding' - GoogleCloudSecuritycenterV2IssueResource: - id: GoogleCloudSecuritycenterV2IssueResource - description: A resource associated with the an issue. + - SENSITIVITY_SCORE_LEVEL_UNSPECIFIED + - SENSITIVITY_LOW + - SENSITIVITY_UNKNOWN + - SENSITIVITY_MODERATE + - SENSITIVITY_HIGH + description: >- + Score is calculated from of all elements in the data profile. A higher + level means the data is more sensitive. type: object - properties: - name: - description: The full resource name of the resource associated with the issue. - type: string - displayName: - description: >- - The resource-type specific display name of the resource associated - with the issue. - type: string - type: - description: The type of the resource associated with the issue. - type: string - cloudProvider: - description: The cloud provider of the resource associated with the issue. - type: string - enumDescriptions: - - Unspecified cloud provider. - - Google Cloud. - - Amazon Web Services. - - Microsoft Azure. - enum: - - CLOUD_PROVIDER_UNSPECIFIED - - GOOGLE_CLOUD - - AMAZON_WEB_SERVICES - - MICROSOFT_AZURE - googleCloudMetadata: - description: >- - The Google Cloud metadata of the resource associated with the issue. - Only populated for Google Cloud resources. - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV2IssueResourceGoogleCloudMetadata - awsMetadata: - description: >- - The AWS metadata of the resource associated with the issue. Only - populated for AWS resources. - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV2IssueResourceAwsMetadata - azureMetadata: - description: >- - The Azure metadata of the resource associated with the issue. Only - populated for Azure resources. - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV2IssueResourceAzureMetadata - GoogleCloudSecuritycenterV2IssueResourceGoogleCloudMetadata: - id: GoogleCloudSecuritycenterV2IssueResourceGoogleCloudMetadata - description: Google Cloud metadata of a resource associated with an issue. + GoogleCloudSecuritycenterV2Geolocation: type: object + description: Represents a geographical location for a given access. properties: - projectId: - description: >- - The project ID that the resource associated with the issue belongs - to. + regionCode: type: string - GoogleCloudSecuritycenterV2IssueResourceAwsMetadata: - id: GoogleCloudSecuritycenterV2IssueResourceAwsMetadata - description: The AWS metadata of a resource associated with an issue. - type: object - properties: - account: - description: The AWS account of the resource associated with the issue. - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV2IssueResourceAwsMetadataAwsAccount - GoogleCloudSecuritycenterV2IssueResourceAwsMetadataAwsAccount: - id: GoogleCloudSecuritycenterV2IssueResourceAwsMetadataAwsAccount - description: The AWS account of the resource associated with the issue. - type: object + description: A CLDR. + id: GoogleCloudSecuritycenterV2Geolocation + Folder: properties: - id: - description: The AWS account ID of the resource associated with the issue. + resourceFolderDisplayName: type: string - name: - description: The AWS account name of the resource associated with the issue. + description: The user defined display name for this folder. + resourceFolder: type: string - GoogleCloudSecuritycenterV2IssueResourceAzureMetadata: - id: GoogleCloudSecuritycenterV2IssueResourceAzureMetadata - description: The Azure metadata of a resource associated with an issue. + description: >- + Full resource name of this folder. See: + https://cloud.google.com/apis/design/resource_names#full_resource_name + description: >- + Message that contains the resource name and display name of a folder + resource. + id: Folder type: object - properties: - subscription: - description: The Azure subscription of the resource associated with the issue. - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV2IssueResourceAzureMetadataAzureSubscription - GoogleCloudSecuritycenterV2IssueResourceAzureMetadataAzureSubscription: - id: GoogleCloudSecuritycenterV2IssueResourceAzureMetadataAzureSubscription - description: The Azure subscription of the resource associated with the issue. + Cve: type: object properties: + firstExploitationDate: + type: string + format: google-datetime + description: Date of the earliest known exploitation. id: - description: The Azure subscription ID of the resource associated with the issue. type: string - displayName: + description: The unique identifier for the vulnerability. e.g. CVE-2021-34527 + impact: + type: string + description: The potential impact of the vulnerability if it was to be exploited. + enumDescriptions: + - Invalid or empty value. + - Exploitation would have little to no security impact. + - >- + Exploitation would enable attackers to perform activities, or + could allow attackers to have a direct impact, but would require + additional steps. + - >- + Exploitation would enable attackers to have a notable direct + impact without needing to overcome any major mitigating factors. + - >- + Exploitation would fundamentally undermine the security of + affected systems, enable actors to perform significant attacks + with minimal effort, with little to no mitigating factors to + overcome. + enum: + - RISK_RATING_UNSPECIFIED + - LOW + - MEDIUM + - HIGH + - CRITICAL + cvssv3: description: >- - The Azure subscription display name of the resource associated with - the issue. - type: string - GoogleCloudSecuritycenterV2IssueMute: - id: GoogleCloudSecuritycenterV2IssueMute - description: The mute information of the issue. - type: object - properties: - muteState: - description: Output only. The mute state of the issue. - readOnly: true + Describe Common Vulnerability Scoring System specified at + https://www.first.org/cvss/v3.1/specification-document + $ref: '#/components/schemas/Cvssv3' + references: + items: + $ref: '#/components/schemas/Reference' + description: >- + Additional information about the CVE. e.g. + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527 + type: array + observedInTheWild: + description: Whether or not the vulnerability has been observed in the wild. + type: boolean + exploitReleaseDate: + description: Date the first publicly available exploit or PoC was released. type: string + format: google-datetime + zeroDay: + description: >- + Whether or not the vulnerability was zero day when the finding was + published. + type: boolean + exploitationActivity: enumDescriptions: - - Unspecified mute state. - - Not muted. - - Muted. + - Invalid or empty value. + - Exploitation has been reported or confirmed to widely occur. + - Limited reported or confirmed exploitation activities. + - Exploit is publicly available. + - >- + No known exploitation activity, but has a high potential for + exploitation. + - No known exploitation activity. enum: - - MUTE_STATE_UNSPECIFIED - - NOT_MUTED - - MUTED - muteInitiator: - description: >- - The email address of the user who last changed the mute state of the - issue. - type: string - muteReason: - description: The user-provided reason for muting the issue. - type: string - muteUpdateTime: - description: The time the issue was muted. + - EXPLOITATION_ACTIVITY_UNSPECIFIED + - WIDE + - CONFIRMED + - AVAILABLE + - ANTICIPATED + - NO_KNOWN type: string - format: google-datetime - GoogleCloudSecuritycenterV2IssueDomain: - id: GoogleCloudSecuritycenterV2IssueDomain - description: The domains of an issue. + description: The exploitation activity of the vulnerability in the wild. + upstreamFixAvailable: + type: boolean + description: Whether upstream fix is available for the CVE. + description: >- + CVE stands for Common Vulnerabilities and Exposures. Information from + the [CVE record](https://www.cve.org/ResourcesSupport/Glossary) that + describes this vulnerability. + id: Cve + AdaptiveProtection: type: object properties: - domainCategory: - description: The domain category of the issue. - type: string - enumDescriptions: - - Unspecified domain category. - - Issues in the AI domain. - - Issues in the code domain. - - Issues in the container domain. - - Issues in the data domain. - - Issues in the identity and access domain. - - Issues in the vulnerability domain. - - Issues in the threat domain. - enum: - - DOMAIN_CATEGORY_UNSPECIFIED - - AI - - CODE - - CONTAINER - - DATA - - IDENTITY_AND_ACCESS - - VULNERABILITY - - THREAT + confidence: + description: >- + A score of 0 means that there is low confidence that the detected + event is an actual attack. A score of 1 means that there is high + confidence that the detected event is an attack. See the [Adaptive + Protection + documentation](https://cloud.google.com/armor/docs/adaptive-protection-overview#configure-alert-tuning) + for further explanation. + type: number + format: double + description: >- + Information about [Google Cloud Armor Adaptive + Protection](https://cloud.google.com/armor/docs/cloud-armor-overview#google-cloud-armor-adaptive-protection). + id: AdaptiveProtection GoogleCloudSecuritycenterV2IssueSecurityContext: - id: GoogleCloudSecuritycenterV2IssueSecurityContext description: Security context associated with an issue. - type: object properties: - context: - description: The context of the security context. - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV2IssueSecurityContextContext aggregatedCount: - description: The aggregated count of the security context. $ref: >- #/components/schemas/GoogleCloudSecuritycenterV2IssueSecurityContextAggregatedCount - GoogleCloudSecuritycenterV2IssueSecurityContextContext: - id: GoogleCloudSecuritycenterV2IssueSecurityContextContext - description: Context of a security context. + description: The aggregated count of the security context. + context: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV2IssueSecurityContextContext + description: The context of the security context. type: object - properties: - type: - description: Context type. - type: string - values: - description: Context values. - type: array - items: - type: string - GoogleCloudSecuritycenterV2IssueSecurityContextAggregatedCount: - id: GoogleCloudSecuritycenterV2IssueSecurityContextAggregatedCount - description: Aggregated count of a security context. + id: GoogleCloudSecuritycenterV2IssueSecurityContext + Reference: type: object + id: Reference + description: Additional Links properties: - key: - description: Aggregation key. + source: + description: Source of the reference e.g. NVD type: string - value: - description: Aggregation value. - type: integer - format: int32 - GoogleCloudSecuritycenterV2IssueFinding: - id: GoogleCloudSecuritycenterV2IssueFinding - description: Finding related to an issue. + uri: + description: >- + Uri for the mentioned source e.g. + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527. + type: string + ListSecurityHealthAnalyticsCustomModulesResponse: + description: Response message for listing Security Health Analytics custom modules. + id: ListSecurityHealthAnalyticsCustomModulesResponse type: object properties: - name: - description: The name of the finding. + nextPageToken: type: string - cve: - description: The CVE of the finding. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IssueFindingCve' - securityBulletin: - description: The security bulletin of the finding. - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV2IssueFindingSecurityBulletin - GoogleCloudSecuritycenterV2IssueFindingCve: - id: GoogleCloudSecuritycenterV2IssueFindingCve - description: The CVE of the finding. - type: object + description: >- + If not empty, indicates that there may be more custom modules to be + returned. + securityHealthAnalyticsCustomModules: + description: Custom modules belonging to the requested parent. + items: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule + type: array + GoogleCloudSecuritycenterV2IpRules: properties: - name: - description: The CVE name. + denied: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Denied' + description: Tuple with denied rules. + direction: type: string - GoogleCloudSecuritycenterV2IssueFindingSecurityBulletin: - id: GoogleCloudSecuritycenterV2IssueFindingSecurityBulletin - description: The security bulletin of the finding. + description: >- + The direction that the rule is applicable to, one of ingress or + egress. + enum: + - DIRECTION_UNSPECIFIED + - INGRESS + - EGRESS + enumDescriptions: + - Unspecified direction value. + - Ingress direction value. + - Egress direction value. + destinationIpRanges: + type: array + items: + type: string + description: >- + If destination IP ranges are specified, the firewall rule applies + only to traffic that has a destination IP address in these ranges. + These ranges must be expressed in CIDR format. Only supports IPv4. + allowed: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Allowed' + description: Tuple with allowed rules. + exposedServices: + description: >- + Name of the network protocol service, such as FTP, that is exposed + by the open port. Follows the naming convention available at: + https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml. + items: + type: string + type: array + sourceIpRanges: + description: >- + If source IP ranges are specified, the firewall rule applies only to + traffic that has a source IP address in these ranges. These ranges + must be expressed in CIDR format. Only supports IPv4. + items: + type: string + type: array + id: GoogleCloudSecuritycenterV2IpRules type: object + description: IP rules associated with the finding. + GoogleCloudSecuritycenterV2ExfilResource: + id: GoogleCloudSecuritycenterV2ExfilResource properties: + components: + items: + type: string + type: array + description: >- + Subcomponents of the asset that was exfiltrated, like URIs used + during exfiltration, table names, databases, and filenames. For + example, multiple tables might have been exfiltrated from the same + Cloud SQL instance, or multiple files might have been exfiltrated + from the same Cloud Storage bucket. name: - description: The security bulletin name. + description: >- + The resource's [full resource + name](https://cloud.google.com/apis/design/resource_names#full_resource_name). type: string - GoogleCloudSecuritycenterV1p1beta1NotificationMessage: - id: GoogleCloudSecuritycenterV1p1beta1NotificationMessage - description: Security Command Center's Notification type: object + description: Resource where data was exfiltrated from or exfiltrated to. + GoogleCloudSecuritycenterV2Denied: + type: object + description: Denied IP rule. + id: GoogleCloudSecuritycenterV2Denied properties: - notificationConfigName: - description: Name of the notification config that generated current notification. - type: string - finding: - description: >- - If it's a Finding based notification config, this field will be - populated. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1p1beta1Finding' - resource: - description: The Cloud resource tied to the notification. - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1p1beta1Resource' - GoogleCloudSecuritycenterV1p1beta1Finding: - id: GoogleCloudSecuritycenterV1p1beta1Finding + ipRules: + description: Optional. Optional list of denied IP rules. + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2IpRule' + GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule: description: >- - Security Command Center finding. A finding is a record of assessment - data (security, risk, health or privacy) ingested into Security Command - Center for presentation, notification, analysis, policy testing, and - enforcement. For example, an XSS vulnerability in an App Engine - application is a finding. + An EffectiveSecurityHealthAnalyticsCustomModule is the representation of + a Security Health Analytics custom module at a specified level of the + resource hierarchy: organization, folder, or project. If a custom module + is inherited from a parent organization or folder, the value of the + `enablementState` property in + EffectiveSecurityHealthAnalyticsCustomModule is set to the value that is + effective in the parent, instead of `INHERITED`. For example, if the + module is enabled in a parent organization or folder, the effective + enablement_state for the module in all child folders or projects is also + `enabled`. EffectiveSecurityHealthAnalyticsCustomModule is read-only. + id: GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule type: object properties: name: + readOnly: true description: >- - The relative resource name of this finding. See: - https://cloud.google.com/apis/design/resource_names#relative_resource_name - Example: - "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}" - type: string - parent: - description: >- - The relative resource name of the source the finding belongs to. - See: - https://cloud.google.com/apis/design/resource_names#relative_resource_name - This field is immutable after creation time. For example: - "organizations/{organization_id}/sources/{source_id}" - type: string - resourceName: - description: >- - For findings on Google Cloud resources, the full resource name of - the Google Cloud resource this finding is for. See: - https://cloud.google.com/apis/design/resource_names#full_resource_name - When the finding is for a non-Google Cloud resource, the - resourceName can be a customer or partner defined string. This field - is immutable after creation time. + Output only. The resource name of the custom module. Its format is + "organizations/{organization}/securityHealthAnalyticsSettings/effectiveCustomModules/{customModule}", + or + "folders/{folder}/securityHealthAnalyticsSettings/effectiveCustomModules/{customModule}", + or + "projects/{project}/securityHealthAnalyticsSettings/effectiveCustomModules/{customModule}" type: string - state: - description: The state of the finding. + customConfig: + readOnly: true + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1CustomConfig' + description: Output only. The user-specified configuration for the module. + enablementState: type: string enumDescriptions: - - Unspecified state. - - The finding requires attention and has not been addressed yet. - - >- - The finding has been fixed, triaged as a non-issue or otherwise - addressed and is no longer active. + - Unspecified enablement state. + - The module is enabled at the given level. + - The module is disabled at the given level. enum: - - STATE_UNSPECIFIED - - ACTIVE - - INACTIVE - category: - description: >- - The additional taxonomy group within findings from a given source. - This field is immutable after creation time. Example: - "XSS_FLASH_INJECTION" - type: string - externalUri: - description: >- - The URI that, if available, points to a web page outside of Security - Command Center where additional information about the finding can be - found. This field is guaranteed to be either empty or a well formed - URL. - type: string - sourceProperties: - description: >- - Source specific properties. These properties are managed by the - source that writes the finding. The key names in the - source_properties map must be between 1 and 255 characters, and must - start with a letter and contain alphanumeric characters or - underscores only. - type: object - additionalProperties: - type: any - securityMarks: - description: >- - Output only. User specified security marks. These marks are entirely - managed by the user and come from the SecurityMarks resource that - belongs to the finding. + - ENABLEMENT_STATE_UNSPECIFIED + - ENABLED + - DISABLED readOnly: true - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1p1beta1SecurityMarks' - eventTime: - description: >- - The time at which the event took place, or when an update to the - finding occurred. For example, if the finding represents an open - firewall it would capture the time the detector believes the - firewall became open. The accuracy is determined by the detector. If - the finding were to be resolved afterward, this time would reflect - when the finding was resolved. Must not be set to a value greater - than the current timestamp. - type: string - format: google-datetime - createTime: description: >- - The time at which the finding was created in Security Command - Center. + Output only. The effective state of enablement for the module at the + given level of the hierarchy. + cloudProvider: + enum: + - CLOUD_PROVIDER_UNSPECIFIED + - GOOGLE_CLOUD_PLATFORM + - AMAZON_WEB_SERVICES + - MICROSOFT_AZURE + description: The cloud provider of the custom module. + enumDescriptions: + - Unspecified cloud provider. + - Google Cloud. + - Amazon Web Services. + - Microsoft Azure. type: string - format: google-datetime - severity: - description: >- - The severity of the finding. This field is managed by the source - that writes the finding. + displayName: type: string - enumDescriptions: - - No severity specified. The default value. - - Critical severity. - - High severity. - - Medium severity. - - Low severity. - enum: - - SEVERITY_UNSPECIFIED - - CRITICAL - - HIGH - - MEDIUM - - LOW - canonicalName: + readOnly: true description: >- - The canonical name of the finding. It's either - "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", - "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or - "projects/{project_number}/sources/{source_id}/findings/{finding_id}", - depending on the closest CRM ancestor of the resource associated - with the finding. - type: string - GoogleCloudSecuritycenterV1p1beta1SecurityMarks: - id: GoogleCloudSecuritycenterV1p1beta1SecurityMarks + Output only. The display name for the custom module. The name must + be between 1 and 128 characters, start with a lowercase letter, and + contain alphanumeric characters or underscores only. + GoogleCloudSecuritycenterV1CustomOutputSpec: + properties: + properties: + description: A list of custom output properties to add to the finding. + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1Property' description: >- - User specified security marks that are attached to the parent Security - Command Center resource. Security marks are scoped within a Security - Command Center organization -- they can be modified and viewed by all - users who have proper permissions on the organization. + A set of optional name-value pairs that define custom source properties + to return with each finding that is generated by the custom module. The + custom source properties that are defined here are included in the + finding JSON under `sourceProperties`. + type: object + id: GoogleCloudSecuritycenterV1CustomOutputSpec + GoogleCloudSecuritycenterV2Binding: type: object + description: Represents a Kubernetes RoleBinding or ClusterRoleBinding. properties: - name: - description: >- - The relative resource name of the SecurityMarks. See: - https://cloud.google.com/apis/design/resource_names#relative_resource_name - Examples: - "organizations/{organization_id}/assets/{asset_id}/securityMarks" - "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks". + ns: type: string - marks: - description: >- - Mutable user specified security marks belonging to the parent - resource. Constraints are as follows: * Keys and values are treated - as case insensitive * Keys must be between 1 - 256 characters - (inclusive) * Keys must be letters, numbers, underscores, or dashes - * Values have leading and trailing whitespace trimmed, remaining - characters must be between 1 - 4096 characters (inclusive) - type: object - additionalProperties: - type: string - canonicalName: + description: Namespace for the binding. + subjects: description: >- - The canonical name of the marks. Examples: - "organizations/{organization_id}/assets/{asset_id}/securityMarks" - "folders/{folder_id}/assets/{asset_id}/securityMarks" - "projects/{project_number}/assets/{asset_id}/securityMarks" - "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks" - "folders/{folder_id}/sources/{source_id}/findings/{finding_id}/securityMarks" - "projects/{project_number}/sources/{source_id}/findings/{finding_id}/securityMarks" + Represents one or more subjects that are bound to the role. Not + always available for PATCH requests. + items: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Subject' + type: array + name: type: string - GoogleCloudSecuritycenterV1p1beta1Resource: - id: GoogleCloudSecuritycenterV1p1beta1Resource - description: Information related to the Google Cloud resource. - type: object + description: Name for the binding. + role: + description: The Role or ClusterRole referenced by the binding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2Role' + id: GoogleCloudSecuritycenterV2Binding + LoadBalancer: properties: name: - description: >- - The full resource name of the resource. See: - https://cloud.google.com/apis/design/resource_names#full_resource_name - type: string - project: - description: The full resource name of project that the resource belongs to. - type: string - projectDisplayName: - description: The project id that the resource belongs to. type: string - parent: - description: The full resource name of resource's parent. + description: The name of the load balancer associated with the finding. + id: LoadBalancer + description: >- + Contains information related to the load balancer associated with the + finding. + type: object + Object: + description: >- + Kubernetes object related to the finding, uniquely identified by GKNN. + Used if the object Kind is not one of Pod, Node, NodePool, Binding, or + AccessReview. + type: object + properties: + kind: type: string - parentDisplayName: - description: The human readable name of resource's parent. + description: Kubernetes object kind, such as "Namespace". + group: type: string - folders: - description: >- - Output only. Contains a Folder message for each folder in the assets - ancestry. The first folder is the deepest nested folder, and the - last folder is the folder directly under the Organization. - readOnly: true + description: Kubernetes object group, such as "policy.k8s.io/v1". + containers: type: array items: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1p1beta1Folder' - GoogleCloudSecuritycenterV1p1beta1Folder: - id: GoogleCloudSecuritycenterV1p1beta1Folder - description: >- - Message that contains the resource name and display name of a folder - resource. - type: object - properties: - resourceFolder: + $ref: '#/components/schemas/Container' + description: Pod containers associated with this finding, if any. + name: description: >- - Full resource name of this folder. See: - https://cloud.google.com/apis/design/resource_names#full_resource_name + Kubernetes object name. For details see + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/. type: string - resourceFolderDisplayName: - description: The user defined display name for this folder. + ns: type: string - GoogleCloudSecuritycenterV1p1beta1RunAssetDiscoveryResponse: - id: GoogleCloudSecuritycenterV1p1beta1RunAssetDiscoveryResponse - description: Response of asset discovery run + description: >- + Kubernetes object namespace. Must be a valid DNS label. Named "ns" + to avoid collision with C++ namespace keyword. For details see + https://kubernetes.io/docs/tasks/administer-cluster/namespaces/. + id: Object + GoogleCloudSecuritycenterV2IssueFindingCve: + properties: + name: + description: The CVE name. + type: string + id: GoogleCloudSecuritycenterV2IssueFindingCve type: object + description: The CVE of the finding. + GoogleCloudSecuritycenterV2Resource: + description: Information related to the Google Cloud resource. + id: GoogleCloudSecuritycenterV2Resource properties: - state: - description: The state of an asset discovery run. + awsMetadata: + description: The AWS metadata associated with the finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AwsMetadata' + location: type: string - enumDescriptions: - - Asset discovery run state was unspecified. - - Asset discovery run completed successfully. - - >- - Asset discovery run was cancelled with tasks still pending, as - another run for the same organization was started with a higher - priority. - - Asset discovery run was killed and terminated. + description: The region or location of the service (if applicable). + resourcePathString: + type: string + description: >- + A string representation of the resource path. For Google Cloud, it + has the format of + `organizations/{organization_id}/folders/{folder_id}/folders/{folder_id}/projects/{project_id}` + where there can be any number of folders. For AWS, it has the format + of + `org/{organization_id}/ou/{organizational_unit_id}/ou/{organizational_unit_id}/account/{account_id}` + where there can be any number of organizational units. For Azure, it + has the format of + `mg/{management_group_id}/mg/{management_group_id}/subscription/{subscription_id}/rg/{resource_group_name}` + where there can be any number of management groups. + service: + type: string + description: The service or resource provider associated with the resource. + gcpMetadata: + $ref: '#/components/schemas/GcpMetadata' + description: The Google Cloud metadata associated with the finding. + cloudProvider: enum: - - STATE_UNSPECIFIED - - COMPLETED - - SUPERSEDED - - TERMINATED - duration: - description: The duration between asset discovery run start and end + - CLOUD_PROVIDER_UNSPECIFIED + - GOOGLE_CLOUD_PLATFORM + - AMAZON_WEB_SERVICES + - MICROSOFT_AZURE + description: Indicates which cloud provider the finding is from. type: string - format: google-duration - ExportFindingsResponse: - id: ExportFindingsResponse - description: The response to a ExportFindings request. Contains the LRO information. - type: object - properties: {} - ExportFindingsMetadata: - id: ExportFindingsMetadata - description: The LRO metadata for a ExportFindings request. - type: object - properties: - exportStartTime: - description: Optional. Timestamp at which export was started + enumDescriptions: + - The cloud provider is unspecified. + - The cloud provider is Google Cloud. + - The cloud provider is Amazon Web Services. + - The cloud provider is Microsoft Azure. + application: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ResourceApplication' + description: The App Hub application this resource belongs to. + type: + description: The full resource type of the resource. type: string - format: google-datetime - bigQueryDestination: - description: Required. The destination BigQuery dataset to export findings to. - $ref: '#/components/schemas/BigQueryDestination' - BigQueryDestination: - id: BigQueryDestination - description: The destination BigQuery dataset to export findings to. - type: object - properties: - dataset: + resourcePath: + description: Provides the path to the resource within the resource hierarchy. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2ResourcePath' + azureMetadata: + description: The Azure metadata associated with the finding. + $ref: '#/components/schemas/GoogleCloudSecuritycenterV2AzureMetadata' + displayName: + description: The human readable name of the resource. + type: string + name: description: >- - Required. The relative resource name of the destination dataset, in - the form projects/{projectId}/datasets/{datasetId}. + The full resource name of the resource. See: + https://cloud.google.com/apis/design/resource_names#full_resource_name type: string + type: object parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: alt + name: oauth_token schema: type: string - enum: - - json - - media - - proto - callback: - description: JSONP + access_token: + description: OAuth access token. in: query - name: callback + name: access_token schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: fields + name: upload_protocol schema: type: string key: @@ -11459,18 +11905,21 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: oauth_token + name: uploadType schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + _.xgafv: + description: V1 error format. in: query - name: prettyPrint + name: $.xgafv schema: - type: boolean + type: string + enum: + - '1' + - '2' quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -11480,493 +11929,404 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: upload_protocol + name: fields schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + alt: + description: Data format for response. in: query - name: uploadType + name: alt schema: type: string - _.xgafv: - description: V1 error format. + enum: + - json + - media + - proto + callback: + description: JSONP in: query - name: $.xgafv + name: callback schema: type: string - enum: - - '1' - - '2' + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean x-stackQL-resources: - findings: - id: google.securitycenter.findings - name: findings - title: Findings - methods: - folders_findings_bulk_mute: - operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1findings:bulkMute/post' - response: - mediaType: application/json - openAPIDocKey: '200' - folders_sources_findings_group: - operation: - $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1sources~1{sourcesId}~1findings:group/post - response: - mediaType: application/json - openAPIDocKey: '200' - folders_sources_findings_list: - operation: - $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1sources~1{sourcesId}~1findings/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.listFindingsResults - folders_sources_findings_set_state: + big_query_exports: + id: google.securitycenter.big_query_exports + name: big_query_exports + title: Big_query_exports + methods: + folders_big_query_exports_create: operation: - $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1sources~1{sourcesId}~1findings~1{findingsId}:setState/post + $ref: '#/paths/~1v1~1folders~1{foldersId}~1bigQueryExports/post' response: mediaType: application/json openAPIDocKey: '200' - folders_sources_findings_set_mute: + folders_big_query_exports_list: operation: - $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1sources~1{sourcesId}~1findings~1{findingsId}:setMute/post + $ref: '#/paths/~1v1~1folders~1{foldersId}~1bigQueryExports/get' response: mediaType: application/json openAPIDocKey: '200' - folders_sources_findings_patch: + objectKey: $.bigQueryExports + folders_big_query_exports_get: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1sources~1{sourcesId}~1findings~1{findingsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - projects_findings_bulk_mute: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1findings:bulkMute/post' + #/paths/~1v1~1folders~1{foldersId}~1bigQueryExports~1{bigQueryExportsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_sources_findings_group: + folders_big_query_exports_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1sources~1{sourcesId}~1findings:group/post + #/paths/~1v1~1folders~1{foldersId}~1bigQueryExports~1{bigQueryExportsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_sources_findings_list: + folders_big_query_exports_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1sources~1{sourcesId}~1findings/get + #/paths/~1v1~1folders~1{foldersId}~1bigQueryExports~1{bigQueryExportsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.listFindingsResults - projects_sources_findings_set_state: + organizations_big_query_exports_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1sources~1{sourcesId}~1findings~1{findingsId}:setState/post + #/paths/~1v1~1organizations~1{organizationsId}~1bigQueryExports~1{bigQueryExportsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_sources_findings_set_mute: + organizations_big_query_exports_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1sources~1{sourcesId}~1findings~1{findingsId}:setMute/post + #/paths/~1v1~1organizations~1{organizationsId}~1bigQueryExports~1{bigQueryExportsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_sources_findings_patch: + organizations_big_query_exports_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1sources~1{sourcesId}~1findings~1{findingsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1bigQueryExports~1{bigQueryExportsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_findings_bulk_mute: + organizations_big_query_exports_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1findings:bulkMute/post + #/paths/~1v1~1organizations~1{organizationsId}~1bigQueryExports/get response: mediaType: application/json openAPIDocKey: '200' - organizations_sources_findings_create: + objectKey: $.bigQueryExports + organizations_big_query_exports_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}~1findings/post + #/paths/~1v1~1organizations~1{organizationsId}~1bigQueryExports/post response: mediaType: application/json openAPIDocKey: '200' - organizations_sources_findings_list: + projects_big_query_exports_create: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}~1findings/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1bigQueryExports/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.listFindingsResults - organizations_sources_findings_group: + projects_big_query_exports_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}~1findings:group/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1bigQueryExports/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_sources_findings_set_state: + objectKey: $.bigQueryExports + projects_big_query_exports_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}~1findings~1{findingsId}:setState/post + #/paths/~1v1~1projects~1{projectsId}~1bigQueryExports~1{bigQueryExportsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_sources_findings_set_mute: + projects_big_query_exports_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}~1findings~1{findingsId}:setMute/post + #/paths/~1v1~1projects~1{projectsId}~1bigQueryExports~1{bigQueryExportsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_sources_findings_patch: + projects_big_query_exports_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}~1findings~1{findingsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1bigQueryExports~1{bigQueryExportsId}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/findings/methods/folders_sources_findings_list + #/components/x-stackQL-resources/big_query_exports/methods/folders_big_query_exports_get - $ref: >- - #/components/x-stackQL-resources/findings/methods/projects_sources_findings_list + #/components/x-stackQL-resources/big_query_exports/methods/organizations_big_query_exports_get - $ref: >- - #/components/x-stackQL-resources/findings/methods/organizations_sources_findings_list + #/components/x-stackQL-resources/big_query_exports/methods/projects_big_query_exports_get + - $ref: >- + #/components/x-stackQL-resources/big_query_exports/methods/folders_big_query_exports_list + - $ref: >- + #/components/x-stackQL-resources/big_query_exports/methods/organizations_big_query_exports_list + - $ref: >- + #/components/x-stackQL-resources/big_query_exports/methods/projects_big_query_exports_list insert: - $ref: >- - #/components/x-stackQL-resources/findings/methods/organizations_sources_findings_create + #/components/x-stackQL-resources/big_query_exports/methods/folders_big_query_exports_create + - $ref: >- + #/components/x-stackQL-resources/big_query_exports/methods/organizations_big_query_exports_create + - $ref: >- + #/components/x-stackQL-resources/big_query_exports/methods/projects_big_query_exports_create update: - $ref: >- - #/components/x-stackQL-resources/findings/methods/folders_sources_findings_patch + #/components/x-stackQL-resources/big_query_exports/methods/folders_big_query_exports_patch - $ref: >- - #/components/x-stackQL-resources/findings/methods/projects_sources_findings_patch + #/components/x-stackQL-resources/big_query_exports/methods/organizations_big_query_exports_patch - $ref: >- - #/components/x-stackQL-resources/findings/methods/organizations_sources_findings_patch + #/components/x-stackQL-resources/big_query_exports/methods/projects_big_query_exports_patch replace: [] - delete: [] - security_health_analytics_modules: - id: google.securitycenter.security_health_analytics_modules - name: security_health_analytics_modules - title: Security_health_analytics_modules + delete: + - $ref: >- + #/components/x-stackQL-resources/big_query_exports/methods/folders_big_query_exports_delete + - $ref: >- + #/components/x-stackQL-resources/big_query_exports/methods/organizations_big_query_exports_delete + - $ref: >- + #/components/x-stackQL-resources/big_query_exports/methods/projects_big_query_exports_delete + mute_configs: + id: google.securitycenter.mute_configs + name: mute_configs + title: Mute_configs methods: - folders_security_health_analytics_settings_custom_modules_create: - operation: - $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1securityHealthAnalyticsSettings~1customModules/post - response: - mediaType: application/json - openAPIDocKey: '200' - folders_security_health_analytics_settings_custom_modules_list: - operation: - $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1securityHealthAnalyticsSettings~1customModules/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.securityHealthAnalyticsCustomModules - folders_security_health_analytics_settings_custom_modules_delete: - operation: - $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - folders_security_health_analytics_settings_custom_modules_get: - operation: - $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - projects_security_health_analytics_settings_custom_modules_create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1customModules/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_security_health_analytics_settings_custom_modules_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1customModules/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.securityHealthAnalyticsCustomModules - projects_security_health_analytics_settings_custom_modules_delete: + folders_locations_mute_configs_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/delete + #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_security_health_analytics_settings_custom_modules_get: + folders_locations_mute_configs_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/get + #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_security_health_analytics_settings_custom_modules_create: + folders_locations_mute_configs_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1customModules/post + #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_security_health_analytics_settings_custom_modules_list: + folders_mute_configs_create: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1customModules/get + $ref: '#/paths/~1v1~1folders~1{foldersId}~1muteConfigs/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.securityHealthAnalyticsCustomModules - organizations_security_health_analytics_settings_custom_modules_delete: + folders_mute_configs_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/delete + $ref: '#/paths/~1v1~1folders~1{foldersId}~1muteConfigs/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_security_health_analytics_settings_custom_modules_get: + objectKey: $.muteConfigs + folders_mute_configs_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/get + #/paths/~1v1~1folders~1{foldersId}~1muteConfigs~1{muteConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/security_health_analytics_modules/methods/folders_security_health_analytics_settings_custom_modules_get - - $ref: >- - #/components/x-stackQL-resources/security_health_analytics_modules/methods/projects_security_health_analytics_settings_custom_modules_get - - $ref: >- - #/components/x-stackQL-resources/security_health_analytics_modules/methods/organizations_security_health_analytics_settings_custom_modules_get - - $ref: >- - #/components/x-stackQL-resources/security_health_analytics_modules/methods/folders_security_health_analytics_settings_custom_modules_list - - $ref: >- - #/components/x-stackQL-resources/security_health_analytics_modules/methods/projects_security_health_analytics_settings_custom_modules_list - - $ref: >- - #/components/x-stackQL-resources/security_health_analytics_modules/methods/organizations_security_health_analytics_settings_custom_modules_list - insert: - - $ref: >- - #/components/x-stackQL-resources/security_health_analytics_modules/methods/folders_security_health_analytics_settings_custom_modules_create - - $ref: >- - #/components/x-stackQL-resources/security_health_analytics_modules/methods/projects_security_health_analytics_settings_custom_modules_create - - $ref: >- - #/components/x-stackQL-resources/security_health_analytics_modules/methods/organizations_security_health_analytics_settings_custom_modules_create - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/security_health_analytics_modules/methods/folders_security_health_analytics_settings_custom_modules_delete - - $ref: >- - #/components/x-stackQL-resources/security_health_analytics_modules/methods/projects_security_health_analytics_settings_custom_modules_delete - - $ref: >- - #/components/x-stackQL-resources/security_health_analytics_modules/methods/organizations_security_health_analytics_settings_custom_modules_delete - custom_modules: - id: google.securitycenter.custom_modules - name: custom_modules - title: Custom_modules - methods: - folders_security_health_analytics_settings_custom_modules_patch: + folders_mute_configs_patch: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/patch + #/paths/~1v1~1folders~1{foldersId}~1muteConfigs~1{muteConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - folders_security_health_analytics_settings_custom_modules_simulate: + folders_mute_configs_get: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1securityHealthAnalyticsSettings~1customModules:simulate/post + #/paths/~1v1~1folders~1{foldersId}~1muteConfigs~1{muteConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - folders_event_threat_detection_settings_custom_modules_get: + organizations_locations_mute_configs_patch: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - folders_event_threat_detection_settings_custom_modules_patch: + organizations_locations_mute_configs_get: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_security_health_analytics_settings_custom_modules_patch: + organizations_locations_mute_configs_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_security_health_analytics_settings_custom_modules_simulate: + organizations_mute_configs_create: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1customModules:simulate/post + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1muteConfigs/post' response: mediaType: application/json openAPIDocKey: '200' - projects_event_threat_detection_settings_custom_modules_get: + organizations_mute_configs_list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/get + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1muteConfigs/get' response: mediaType: application/json openAPIDocKey: '200' - projects_event_threat_detection_settings_custom_modules_patch: + objectKey: $.muteConfigs + organizations_mute_configs_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1muteConfigs~1{muteConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - organizations_security_health_analytics_settings_custom_modules_patch: + organizations_mute_configs_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1muteConfigs~1{muteConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_security_health_analytics_settings_custom_modules_simulate: + organizations_mute_configs_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1customModules:simulate/post + #/paths/~1v1~1organizations~1{organizationsId}~1muteConfigs~1{muteConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_event_threat_detection_settings_custom_modules_get: + projects_locations_mute_configs_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_event_threat_detection_settings_custom_modules_patch: + projects_locations_mute_configs_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/custom_modules/methods/folders_event_threat_detection_settings_custom_modules_get - - $ref: >- - #/components/x-stackQL-resources/custom_modules/methods/projects_event_threat_detection_settings_custom_modules_get - - $ref: >- - #/components/x-stackQL-resources/custom_modules/methods/organizations_event_threat_detection_settings_custom_modules_get - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/custom_modules/methods/folders_security_health_analytics_settings_custom_modules_patch - - $ref: >- - #/components/x-stackQL-resources/custom_modules/methods/folders_event_threat_detection_settings_custom_modules_patch - - $ref: >- - #/components/x-stackQL-resources/custom_modules/methods/projects_security_health_analytics_settings_custom_modules_patch - - $ref: >- - #/components/x-stackQL-resources/custom_modules/methods/projects_event_threat_detection_settings_custom_modules_patch - - $ref: >- - #/components/x-stackQL-resources/custom_modules/methods/organizations_security_health_analytics_settings_custom_modules_patch - - $ref: >- - #/components/x-stackQL-resources/custom_modules/methods/organizations_event_threat_detection_settings_custom_modules_patch - replace: [] - delete: [] - custom_modules_descendant: - id: google.securitycenter.custom_modules_descendant - name: custom_modules_descendant - title: Custom_modules_descendant - methods: - folders_security_health_analytics_settings_custom_modules_list_descendant: + projects_locations_mute_configs_get: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1securityHealthAnalyticsSettings~1customModules:listDescendant/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.securityHealthAnalyticsCustomModules - folders_event_threat_detection_settings_custom_modules_list_descendant: + projects_mute_configs_get: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1eventThreatDetectionSettings~1customModules:listDescendant/get + #/paths/~1v1~1projects~1{projectsId}~1muteConfigs~1{muteConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.eventThreatDetectionCustomModules - projects_security_health_analytics_settings_custom_modules_list_descendant: + projects_mute_configs_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1customModules:listDescendant/get + #/paths/~1v1~1projects~1{projectsId}~1muteConfigs~1{muteConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.securityHealthAnalyticsCustomModules - projects_event_threat_detection_settings_custom_modules_list_descendant: + projects_mute_configs_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings~1customModules:listDescendant/get + #/paths/~1v1~1projects~1{projectsId}~1muteConfigs~1{muteConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.eventThreatDetectionCustomModules - organizations_security_health_analytics_settings_custom_modules_list_descendant: + projects_mute_configs_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1customModules:listDescendant/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1muteConfigs/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.securityHealthAnalyticsCustomModules - organizations_event_threat_detection_settings_custom_modules_list_descendant: + objectKey: $.muteConfigs + projects_mute_configs_create: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings~1customModules:listDescendant/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1muteConfigs/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.eventThreatDetectionCustomModules sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/custom_modules_descendant/methods/folders_security_health_analytics_settings_custom_modules_list_descendant + #/components/x-stackQL-resources/mute_configs/methods/folders_locations_mute_configs_get - $ref: >- - #/components/x-stackQL-resources/custom_modules_descendant/methods/folders_event_threat_detection_settings_custom_modules_list_descendant + #/components/x-stackQL-resources/mute_configs/methods/organizations_locations_mute_configs_get - $ref: >- - #/components/x-stackQL-resources/custom_modules_descendant/methods/projects_security_health_analytics_settings_custom_modules_list_descendant + #/components/x-stackQL-resources/mute_configs/methods/projects_locations_mute_configs_get - $ref: >- - #/components/x-stackQL-resources/custom_modules_descendant/methods/projects_event_threat_detection_settings_custom_modules_list_descendant + #/components/x-stackQL-resources/mute_configs/methods/folders_mute_configs_get - $ref: >- - #/components/x-stackQL-resources/custom_modules_descendant/methods/organizations_security_health_analytics_settings_custom_modules_list_descendant + #/components/x-stackQL-resources/mute_configs/methods/organizations_mute_configs_get - $ref: >- - #/components/x-stackQL-resources/custom_modules_descendant/methods/organizations_event_threat_detection_settings_custom_modules_list_descendant - insert: [] - update: [] + #/components/x-stackQL-resources/mute_configs/methods/projects_mute_configs_get + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/folders_mute_configs_list + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/organizations_mute_configs_list + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/projects_mute_configs_list + insert: + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/folders_mute_configs_create + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/organizations_mute_configs_create + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/projects_mute_configs_create + update: + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/folders_locations_mute_configs_patch + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/organizations_locations_mute_configs_patch + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/projects_locations_mute_configs_patch + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/folders_mute_configs_patch + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/organizations_mute_configs_patch + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/projects_mute_configs_patch replace: [] - delete: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/folders_locations_mute_configs_delete + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/organizations_locations_mute_configs_delete + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/projects_locations_mute_configs_delete + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/folders_mute_configs_delete + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/organizations_mute_configs_delete + - $ref: >- + #/components/x-stackQL-resources/mute_configs/methods/projects_mute_configs_delete effective_custom_modules: id: google.securitycenter.effective_custom_modules name: effective_custom_modules @@ -12002,978 +12362,1074 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.effectiveEventThreatDetectionCustomModules - projects_security_health_analytics_settings_effective_custom_modules_get: + organizations_security_health_analytics_settings_effective_custom_modules_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1effectiveCustomModules~1{effectiveCustomModulesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1effectiveCustomModules~1{effectiveCustomModulesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_security_health_analytics_settings_effective_custom_modules_list: + organizations_security_health_analytics_settings_effective_custom_modules_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1effectiveCustomModules/get + #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1effectiveCustomModules/get response: mediaType: application/json openAPIDocKey: '200' objectKey: $.effectiveSecurityHealthAnalyticsCustomModules - projects_event_threat_detection_settings_effective_custom_modules_get: + organizations_event_threat_detection_settings_effective_custom_modules_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings~1effectiveCustomModules~1{effectiveCustomModulesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings~1effectiveCustomModules/get response: mediaType: application/json openAPIDocKey: '200' - projects_event_threat_detection_settings_effective_custom_modules_list: + objectKey: $.effectiveEventThreatDetectionCustomModules + organizations_event_threat_detection_settings_effective_custom_modules_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings~1effectiveCustomModules/get + #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings~1effectiveCustomModules~1{effectiveCustomModulesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.effectiveEventThreatDetectionCustomModules - organizations_security_health_analytics_settings_effective_custom_modules_get: + projects_event_threat_detection_settings_effective_custom_modules_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1effectiveCustomModules~1{effectiveCustomModulesId}/get + #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings~1effectiveCustomModules~1{effectiveCustomModulesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_security_health_analytics_settings_effective_custom_modules_list: + projects_event_threat_detection_settings_effective_custom_modules_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1effectiveCustomModules/get + #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings~1effectiveCustomModules/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.effectiveSecurityHealthAnalyticsCustomModules - organizations_event_threat_detection_settings_effective_custom_modules_get: + objectKey: $.effectiveEventThreatDetectionCustomModules + projects_security_health_analytics_settings_effective_custom_modules_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings~1effectiveCustomModules~1{effectiveCustomModulesId}/get + #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1effectiveCustomModules/get response: mediaType: application/json openAPIDocKey: '200' - organizations_event_threat_detection_settings_effective_custom_modules_list: + objectKey: $.effectiveSecurityHealthAnalyticsCustomModules + projects_security_health_analytics_settings_effective_custom_modules_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings~1effectiveCustomModules/get + #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1effectiveCustomModules~1{effectiveCustomModulesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.effectiveEventThreatDetectionCustomModules sqlVerbs: select: - $ref: >- #/components/x-stackQL-resources/effective_custom_modules/methods/folders_security_health_analytics_settings_effective_custom_modules_get - $ref: >- #/components/x-stackQL-resources/effective_custom_modules/methods/folders_event_threat_detection_settings_effective_custom_modules_get - - $ref: >- - #/components/x-stackQL-resources/effective_custom_modules/methods/projects_security_health_analytics_settings_effective_custom_modules_get - - $ref: >- - #/components/x-stackQL-resources/effective_custom_modules/methods/projects_event_threat_detection_settings_effective_custom_modules_get - $ref: >- #/components/x-stackQL-resources/effective_custom_modules/methods/organizations_security_health_analytics_settings_effective_custom_modules_get - $ref: >- #/components/x-stackQL-resources/effective_custom_modules/methods/organizations_event_threat_detection_settings_effective_custom_modules_get - $ref: >- - #/components/x-stackQL-resources/effective_custom_modules/methods/folders_security_health_analytics_settings_effective_custom_modules_list + #/components/x-stackQL-resources/effective_custom_modules/methods/projects_event_threat_detection_settings_effective_custom_modules_get - $ref: >- - #/components/x-stackQL-resources/effective_custom_modules/methods/folders_event_threat_detection_settings_effective_custom_modules_list + #/components/x-stackQL-resources/effective_custom_modules/methods/projects_security_health_analytics_settings_effective_custom_modules_get - $ref: >- - #/components/x-stackQL-resources/effective_custom_modules/methods/projects_security_health_analytics_settings_effective_custom_modules_list + #/components/x-stackQL-resources/effective_custom_modules/methods/folders_security_health_analytics_settings_effective_custom_modules_list - $ref: >- - #/components/x-stackQL-resources/effective_custom_modules/methods/projects_event_threat_detection_settings_effective_custom_modules_list + #/components/x-stackQL-resources/effective_custom_modules/methods/folders_event_threat_detection_settings_effective_custom_modules_list - $ref: >- #/components/x-stackQL-resources/effective_custom_modules/methods/organizations_security_health_analytics_settings_effective_custom_modules_list - $ref: >- #/components/x-stackQL-resources/effective_custom_modules/methods/organizations_event_threat_detection_settings_effective_custom_modules_list + - $ref: >- + #/components/x-stackQL-resources/effective_custom_modules/methods/projects_event_threat_detection_settings_effective_custom_modules_list + - $ref: >- + #/components/x-stackQL-resources/effective_custom_modules/methods/projects_security_health_analytics_settings_effective_custom_modules_list insert: [] update: [] replace: [] delete: [] - mute_configs: - id: google.securitycenter.mute_configs - name: mute_configs - title: Mute_configs + security_health_analytics_modules: + id: google.securitycenter.security_health_analytics_modules + name: security_health_analytics_modules + title: Security_health_analytics_modules methods: - folders_mute_configs_create: + folders_security_health_analytics_settings_custom_modules_delete: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1muteConfigs/post' + $ref: >- + #/paths/~1v1~1folders~1{foldersId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/delete response: mediaType: application/json openAPIDocKey: '200' - folders_mute_configs_list: + folders_security_health_analytics_settings_custom_modules_get: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1muteConfigs/get' + $ref: >- + #/paths/~1v1~1folders~1{foldersId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.muteConfigs - folders_mute_configs_delete: + folders_security_health_analytics_settings_custom_modules_list: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1muteConfigs~1{muteConfigsId}/delete + #/paths/~1v1~1folders~1{foldersId}~1securityHealthAnalyticsSettings~1customModules/get response: mediaType: application/json openAPIDocKey: '200' - folders_mute_configs_get: + objectKey: $.securityHealthAnalyticsCustomModules + folders_security_health_analytics_settings_custom_modules_create: + operation: + $ref: >- + #/paths/~1v1~1folders~1{foldersId}~1securityHealthAnalyticsSettings~1customModules/post + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_security_health_analytics_settings_custom_modules_delete: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_security_health_analytics_settings_custom_modules_get: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_security_health_analytics_settings_custom_modules_list: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1customModules/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.securityHealthAnalyticsCustomModules + organizations_security_health_analytics_settings_custom_modules_create: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1customModules/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_security_health_analytics_settings_custom_modules_delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_security_health_analytics_settings_custom_modules_get: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1muteConfigs~1{muteConfigsId}/get + #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/get response: mediaType: application/json openAPIDocKey: '200' - folders_mute_configs_patch: + projects_security_health_analytics_settings_custom_modules_create: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1muteConfigs~1{muteConfigsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1customModules/post response: mediaType: application/json openAPIDocKey: '200' - folders_locations_mute_configs_delete: + projects_security_health_analytics_settings_custom_modules_list: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1customModules/get response: mediaType: application/json openAPIDocKey: '200' - folders_locations_mute_configs_get: + objectKey: $.securityHealthAnalyticsCustomModules + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/security_health_analytics_modules/methods/folders_security_health_analytics_settings_custom_modules_get + - $ref: >- + #/components/x-stackQL-resources/security_health_analytics_modules/methods/organizations_security_health_analytics_settings_custom_modules_get + - $ref: >- + #/components/x-stackQL-resources/security_health_analytics_modules/methods/projects_security_health_analytics_settings_custom_modules_get + - $ref: >- + #/components/x-stackQL-resources/security_health_analytics_modules/methods/folders_security_health_analytics_settings_custom_modules_list + - $ref: >- + #/components/x-stackQL-resources/security_health_analytics_modules/methods/organizations_security_health_analytics_settings_custom_modules_list + - $ref: >- + #/components/x-stackQL-resources/security_health_analytics_modules/methods/projects_security_health_analytics_settings_custom_modules_list + insert: + - $ref: >- + #/components/x-stackQL-resources/security_health_analytics_modules/methods/folders_security_health_analytics_settings_custom_modules_create + - $ref: >- + #/components/x-stackQL-resources/security_health_analytics_modules/methods/organizations_security_health_analytics_settings_custom_modules_create + - $ref: >- + #/components/x-stackQL-resources/security_health_analytics_modules/methods/projects_security_health_analytics_settings_custom_modules_create + update: [] + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/security_health_analytics_modules/methods/folders_security_health_analytics_settings_custom_modules_delete + - $ref: >- + #/components/x-stackQL-resources/security_health_analytics_modules/methods/organizations_security_health_analytics_settings_custom_modules_delete + - $ref: >- + #/components/x-stackQL-resources/security_health_analytics_modules/methods/projects_security_health_analytics_settings_custom_modules_delete + custom_modules: + id: google.securitycenter.custom_modules + name: custom_modules + title: Custom_modules + methods: + folders_security_health_analytics_settings_custom_modules_patch: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/get + #/paths/~1v1~1folders~1{foldersId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/patch response: mediaType: application/json openAPIDocKey: '200' - folders_locations_mute_configs_patch: + folders_security_health_analytics_settings_custom_modules_simulate: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/patch + #/paths/~1v1~1folders~1{foldersId}~1securityHealthAnalyticsSettings~1customModules:simulate/post response: mediaType: application/json openAPIDocKey: '200' - projects_mute_configs_create: + folders_event_threat_detection_settings_custom_modules_patch: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1muteConfigs/post' + $ref: >- + #/paths/~1v1~1folders~1{foldersId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_mute_configs_list: + folders_event_threat_detection_settings_custom_modules_get: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1muteConfigs/get' + $ref: >- + #/paths/~1v1~1folders~1{foldersId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.muteConfigs - projects_mute_configs_delete: + organizations_security_health_analytics_settings_custom_modules_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1muteConfigs~1{muteConfigsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_mute_configs_get: + organizations_security_health_analytics_settings_custom_modules_simulate: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1muteConfigs~1{muteConfigsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1customModules:simulate/post response: mediaType: application/json openAPIDocKey: '200' - projects_mute_configs_patch: + organizations_event_threat_detection_settings_custom_modules_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1muteConfigs~1{muteConfigsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_mute_configs_delete: + organizations_event_threat_detection_settings_custom_modules_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_mute_configs_get: + projects_event_threat_detection_settings_custom_modules_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/get + #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_mute_configs_patch: + projects_event_threat_detection_settings_custom_modules_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_mute_configs_create: + projects_security_health_analytics_settings_custom_modules_simulate: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1muteConfigs/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1customModules:simulate/post response: mediaType: application/json openAPIDocKey: '200' - organizations_mute_configs_list: + projects_security_health_analytics_settings_custom_modules_patch: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1muteConfigs/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1customModules~1{customModulesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.muteConfigs - organizations_mute_configs_delete: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/custom_modules/methods/folders_event_threat_detection_settings_custom_modules_get + - $ref: >- + #/components/x-stackQL-resources/custom_modules/methods/organizations_event_threat_detection_settings_custom_modules_get + - $ref: >- + #/components/x-stackQL-resources/custom_modules/methods/projects_event_threat_detection_settings_custom_modules_get + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/custom_modules/methods/folders_security_health_analytics_settings_custom_modules_patch + - $ref: >- + #/components/x-stackQL-resources/custom_modules/methods/folders_event_threat_detection_settings_custom_modules_patch + - $ref: >- + #/components/x-stackQL-resources/custom_modules/methods/organizations_security_health_analytics_settings_custom_modules_patch + - $ref: >- + #/components/x-stackQL-resources/custom_modules/methods/organizations_event_threat_detection_settings_custom_modules_patch + - $ref: >- + #/components/x-stackQL-resources/custom_modules/methods/projects_event_threat_detection_settings_custom_modules_patch + - $ref: >- + #/components/x-stackQL-resources/custom_modules/methods/projects_security_health_analytics_settings_custom_modules_patch + replace: [] + delete: [] + custom_modules_descendant: + id: google.securitycenter.custom_modules_descendant + name: custom_modules_descendant + title: Custom_modules_descendant + methods: + folders_security_health_analytics_settings_custom_modules_list_descendant: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1muteConfigs~1{muteConfigsId}/delete + #/paths/~1v1~1folders~1{foldersId}~1securityHealthAnalyticsSettings~1customModules:listDescendant/get response: mediaType: application/json openAPIDocKey: '200' - organizations_mute_configs_get: + objectKey: $.securityHealthAnalyticsCustomModules + folders_event_threat_detection_settings_custom_modules_list_descendant: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1muteConfigs~1{muteConfigsId}/get + #/paths/~1v1~1folders~1{foldersId}~1eventThreatDetectionSettings~1customModules:listDescendant/get response: mediaType: application/json openAPIDocKey: '200' - organizations_mute_configs_patch: + objectKey: $.eventThreatDetectionCustomModules + organizations_security_health_analytics_settings_custom_modules_list_descendant: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1muteConfigs~1{muteConfigsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1securityHealthAnalyticsSettings~1customModules:listDescendant/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_mute_configs_delete: + objectKey: $.securityHealthAnalyticsCustomModules + organizations_event_threat_detection_settings_custom_modules_list_descendant: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings~1customModules:listDescendant/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_mute_configs_get: + objectKey: $.eventThreatDetectionCustomModules + projects_event_threat_detection_settings_custom_modules_list_descendant: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/get + #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings~1customModules:listDescendant/get response: mediaType: application/json openAPIDocKey: '200' - organizations_locations_mute_configs_patch: + objectKey: $.eventThreatDetectionCustomModules + projects_security_health_analytics_settings_custom_modules_list_descendant: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1muteConfigs~1{muteConfigsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1securityHealthAnalyticsSettings~1customModules:listDescendant/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.securityHealthAnalyticsCustomModules sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/folders_locations_mute_configs_get - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/projects_locations_mute_configs_get - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/organizations_locations_mute_configs_get - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/folders_mute_configs_get - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/projects_mute_configs_get - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/organizations_mute_configs_get - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/folders_mute_configs_list - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/projects_mute_configs_list - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/organizations_mute_configs_list - insert: - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/folders_mute_configs_create - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/projects_mute_configs_create - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/organizations_mute_configs_create - update: - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/folders_locations_mute_configs_patch + #/components/x-stackQL-resources/custom_modules_descendant/methods/folders_security_health_analytics_settings_custom_modules_list_descendant - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/projects_locations_mute_configs_patch + #/components/x-stackQL-resources/custom_modules_descendant/methods/folders_event_threat_detection_settings_custom_modules_list_descendant - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/organizations_locations_mute_configs_patch + #/components/x-stackQL-resources/custom_modules_descendant/methods/organizations_security_health_analytics_settings_custom_modules_list_descendant - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/folders_mute_configs_patch + #/components/x-stackQL-resources/custom_modules_descendant/methods/organizations_event_threat_detection_settings_custom_modules_list_descendant - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/projects_mute_configs_patch + #/components/x-stackQL-resources/custom_modules_descendant/methods/projects_event_threat_detection_settings_custom_modules_list_descendant - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/organizations_mute_configs_patch + #/components/x-stackQL-resources/custom_modules_descendant/methods/projects_security_health_analytics_settings_custom_modules_list_descendant + insert: [] + update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/folders_locations_mute_configs_delete - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/projects_locations_mute_configs_delete - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/organizations_locations_mute_configs_delete - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/folders_mute_configs_delete - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/projects_mute_configs_delete - - $ref: >- - #/components/x-stackQL-resources/mute_configs/methods/organizations_mute_configs_delete - notification_configs: - id: google.securitycenter.notification_configs - name: notification_configs - title: Notification_configs + delete: [] + findings: + id: google.securitycenter.findings + name: findings + title: Findings methods: - folders_notification_configs_create: + folders_findings_bulk_mute: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1notificationConfigs/post' + $ref: '#/paths/~1v1~1folders~1{foldersId}~1findings:bulkMute/post' response: mediaType: application/json openAPIDocKey: '200' - folders_notification_configs_list: + folders_sources_findings_group: + operation: + $ref: >- + #/paths/~1v1~1folders~1{foldersId}~1sources~1{sourcesId}~1findings:group/post + response: + mediaType: application/json + openAPIDocKey: '200' + folders_sources_findings_list: + operation: + $ref: >- + #/paths/~1v1~1folders~1{foldersId}~1sources~1{sourcesId}~1findings/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.listFindingsResults + folders_sources_findings_set_mute: + operation: + $ref: >- + #/paths/~1v1~1folders~1{foldersId}~1sources~1{sourcesId}~1findings~1{findingsId}:setMute/post + response: + mediaType: application/json + openAPIDocKey: '200' + folders_sources_findings_patch: + operation: + $ref: >- + #/paths/~1v1~1folders~1{foldersId}~1sources~1{sourcesId}~1findings~1{findingsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + folders_sources_findings_set_state: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1notificationConfigs/get' + $ref: >- + #/paths/~1v1~1folders~1{foldersId}~1sources~1{sourcesId}~1findings~1{findingsId}:setState/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.notificationConfigs - folders_notification_configs_delete: + organizations_sources_findings_create: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1notificationConfigs~1{notificationConfigsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}~1findings/post response: mediaType: application/json openAPIDocKey: '200' - folders_notification_configs_get: + organizations_sources_findings_list: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1notificationConfigs~1{notificationConfigsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}~1findings/get response: mediaType: application/json openAPIDocKey: '200' - folders_notification_configs_patch: + objectKey: $.listFindingsResults + organizations_sources_findings_set_state: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1notificationConfigs~1{notificationConfigsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}~1findings~1{findingsId}:setState/post response: mediaType: application/json openAPIDocKey: '200' - projects_notification_configs_create: + organizations_sources_findings_patch: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1notificationConfigs/post' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}~1findings~1{findingsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_notification_configs_list: + organizations_sources_findings_set_mute: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1notificationConfigs/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}~1findings~1{findingsId}:setMute/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.notificationConfigs - projects_notification_configs_delete: + organizations_sources_findings_group: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1notificationConfigs~1{notificationConfigsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}~1findings:group/post response: mediaType: application/json openAPIDocKey: '200' - projects_notification_configs_get: + organizations_findings_bulk_mute: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1notificationConfigs~1{notificationConfigsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1findings:bulkMute/post response: mediaType: application/json openAPIDocKey: '200' - projects_notification_configs_patch: + projects_sources_findings_set_state: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1notificationConfigs~1{notificationConfigsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1sources~1{sourcesId}~1findings~1{findingsId}:setState/post response: mediaType: application/json openAPIDocKey: '200' - organizations_notification_configs_create: + projects_sources_findings_group: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1notificationConfigs/post + #/paths/~1v1~1projects~1{projectsId}~1sources~1{sourcesId}~1findings:group/post response: mediaType: application/json openAPIDocKey: '200' - organizations_notification_configs_list: + projects_sources_findings_set_mute: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1notificationConfigs/get + #/paths/~1v1~1projects~1{projectsId}~1sources~1{sourcesId}~1findings~1{findingsId}:setMute/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.notificationConfigs - organizations_notification_configs_delete: + projects_sources_findings_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1notificationConfigs~1{notificationConfigsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1sources~1{sourcesId}~1findings~1{findingsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_notification_configs_get: + projects_sources_findings_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1notificationConfigs~1{notificationConfigsId}/get + #/paths/~1v1~1projects~1{projectsId}~1sources~1{sourcesId}~1findings/get response: mediaType: application/json openAPIDocKey: '200' - organizations_notification_configs_patch: + objectKey: $.listFindingsResults + projects_findings_bulk_mute: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1notificationConfigs~1{notificationConfigsId}/patch + $ref: '#/paths/~1v1~1projects~1{projectsId}~1findings:bulkMute/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/notification_configs/methods/folders_notification_configs_get - - $ref: >- - #/components/x-stackQL-resources/notification_configs/methods/projects_notification_configs_get - - $ref: >- - #/components/x-stackQL-resources/notification_configs/methods/organizations_notification_configs_get - - $ref: >- - #/components/x-stackQL-resources/notification_configs/methods/folders_notification_configs_list + #/components/x-stackQL-resources/findings/methods/folders_sources_findings_list - $ref: >- - #/components/x-stackQL-resources/notification_configs/methods/projects_notification_configs_list + #/components/x-stackQL-resources/findings/methods/organizations_sources_findings_list - $ref: >- - #/components/x-stackQL-resources/notification_configs/methods/organizations_notification_configs_list + #/components/x-stackQL-resources/findings/methods/projects_sources_findings_list insert: - $ref: >- - #/components/x-stackQL-resources/notification_configs/methods/folders_notification_configs_create - - $ref: >- - #/components/x-stackQL-resources/notification_configs/methods/projects_notification_configs_create - - $ref: >- - #/components/x-stackQL-resources/notification_configs/methods/organizations_notification_configs_create + #/components/x-stackQL-resources/findings/methods/organizations_sources_findings_create update: - $ref: >- - #/components/x-stackQL-resources/notification_configs/methods/folders_notification_configs_patch + #/components/x-stackQL-resources/findings/methods/folders_sources_findings_patch - $ref: >- - #/components/x-stackQL-resources/notification_configs/methods/projects_notification_configs_patch + #/components/x-stackQL-resources/findings/methods/organizations_sources_findings_patch - $ref: >- - #/components/x-stackQL-resources/notification_configs/methods/organizations_notification_configs_patch + #/components/x-stackQL-resources/findings/methods/projects_sources_findings_patch replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/notification_configs/methods/folders_notification_configs_delete - - $ref: >- - #/components/x-stackQL-resources/notification_configs/methods/projects_notification_configs_delete - - $ref: >- - #/components/x-stackQL-resources/notification_configs/methods/organizations_notification_configs_delete - big_query_exports: - id: google.securitycenter.big_query_exports - name: big_query_exports - title: Big_query_exports + delete: [] + assets: + id: google.securitycenter.assets + name: assets + title: Assets methods: - folders_big_query_exports_get: + folders_assets_list: operation: - $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1bigQueryExports~1{bigQueryExportsId}/get + $ref: '#/paths/~1v1~1folders~1{foldersId}~1assets/get' response: mediaType: application/json openAPIDocKey: '200' - folders_big_query_exports_delete: + objectKey: $.listAssetsResults + folders_assets_group: operation: - $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1bigQueryExports~1{bigQueryExportsId}/delete + $ref: '#/paths/~1v1~1folders~1{foldersId}~1assets:group/post' response: mediaType: application/json openAPIDocKey: '200' - folders_big_query_exports_patch: + organizations_assets_run_discovery: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1bigQueryExports~1{bigQueryExportsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1assets:runDiscovery/post response: mediaType: application/json openAPIDocKey: '200' - folders_big_query_exports_create: + organizations_assets_group: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1bigQueryExports/post' + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1assets:group/post' response: mediaType: application/json openAPIDocKey: '200' - folders_big_query_exports_list: + organizations_assets_list: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1bigQueryExports/get' + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1assets/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bigQueryExports - projects_big_query_exports_get: + objectKey: $.listAssetsResults + projects_assets_list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1bigQueryExports~1{bigQueryExportsId}/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1assets/get' response: mediaType: application/json openAPIDocKey: '200' - projects_big_query_exports_delete: + objectKey: $.listAssetsResults + projects_assets_group: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1bigQueryExports~1{bigQueryExportsId}/delete + $ref: '#/paths/~1v1~1projects~1{projectsId}~1assets:group/post' response: mediaType: application/json openAPIDocKey: '200' - projects_big_query_exports_patch: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/assets/methods/folders_assets_list + - $ref: >- + #/components/x-stackQL-resources/assets/methods/organizations_assets_list + - $ref: >- + #/components/x-stackQL-resources/assets/methods/projects_assets_list + insert: [] + update: [] + replace: [] + delete: [] + assets_security_marks: + id: google.securitycenter.assets_security_marks + name: assets_security_marks + title: Assets_security_marks + methods: + folders_assets_update_security_marks: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1bigQueryExports~1{bigQueryExportsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - projects_big_query_exports_create: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1bigQueryExports/post' + #/paths/~1v1~1folders~1{foldersId}~1assets~1{assetsId}~1securityMarks/patch response: mediaType: application/json openAPIDocKey: '200' - projects_big_query_exports_list: + organizations_assets_update_security_marks: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1bigQueryExports/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1assets~1{assetsId}~1securityMarks/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bigQueryExports - organizations_big_query_exports_get: + projects_assets_update_security_marks: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1bigQueryExports~1{bigQueryExportsId}/get + #/paths/~1v1~1projects~1{projectsId}~1assets~1{assetsId}~1securityMarks/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_big_query_exports_delete: + sqlVerbs: + select: [] + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/assets_security_marks/methods/folders_assets_update_security_marks + - $ref: >- + #/components/x-stackQL-resources/assets_security_marks/methods/organizations_assets_update_security_marks + - $ref: >- + #/components/x-stackQL-resources/assets_security_marks/methods/projects_assets_update_security_marks + replace: [] + delete: [] + notification_configs: + id: google.securitycenter.notification_configs + name: notification_configs + title: Notification_configs + methods: + folders_notification_configs_create: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1bigQueryExports~1{bigQueryExportsId}/delete + $ref: '#/paths/~1v1~1folders~1{foldersId}~1notificationConfigs/post' response: mediaType: application/json openAPIDocKey: '200' - organizations_big_query_exports_patch: + folders_notification_configs_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1bigQueryExports~1{bigQueryExportsId}/patch + $ref: '#/paths/~1v1~1folders~1{foldersId}~1notificationConfigs/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_big_query_exports_create: + objectKey: $.notificationConfigs + folders_notification_configs_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1bigQueryExports/post + #/paths/~1v1~1folders~1{foldersId}~1notificationConfigs~1{notificationConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_big_query_exports_list: + folders_notification_configs_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1bigQueryExports/get + #/paths/~1v1~1folders~1{foldersId}~1notificationConfigs~1{notificationConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bigQueryExports - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/big_query_exports/methods/folders_big_query_exports_get - - $ref: >- - #/components/x-stackQL-resources/big_query_exports/methods/projects_big_query_exports_get - - $ref: >- - #/components/x-stackQL-resources/big_query_exports/methods/organizations_big_query_exports_get - - $ref: >- - #/components/x-stackQL-resources/big_query_exports/methods/folders_big_query_exports_list - - $ref: >- - #/components/x-stackQL-resources/big_query_exports/methods/projects_big_query_exports_list - - $ref: >- - #/components/x-stackQL-resources/big_query_exports/methods/organizations_big_query_exports_list - insert: - - $ref: >- - #/components/x-stackQL-resources/big_query_exports/methods/folders_big_query_exports_create - - $ref: >- - #/components/x-stackQL-resources/big_query_exports/methods/projects_big_query_exports_create - - $ref: >- - #/components/x-stackQL-resources/big_query_exports/methods/organizations_big_query_exports_create - update: - - $ref: >- - #/components/x-stackQL-resources/big_query_exports/methods/folders_big_query_exports_patch - - $ref: >- - #/components/x-stackQL-resources/big_query_exports/methods/projects_big_query_exports_patch - - $ref: >- - #/components/x-stackQL-resources/big_query_exports/methods/organizations_big_query_exports_patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/big_query_exports/methods/folders_big_query_exports_delete - - $ref: >- - #/components/x-stackQL-resources/big_query_exports/methods/projects_big_query_exports_delete - - $ref: >- - #/components/x-stackQL-resources/big_query_exports/methods/organizations_big_query_exports_delete - assets: - id: google.securitycenter.assets - name: assets - title: Assets - methods: - folders_assets_group: + folders_notification_configs_get: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1assets:group/post' + $ref: >- + #/paths/~1v1~1folders~1{foldersId}~1notificationConfigs~1{notificationConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - folders_assets_list: + organizations_notification_configs_get: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1assets/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1notificationConfigs~1{notificationConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.listAssetsResults - projects_assets_group: + organizations_notification_configs_delete: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1assets:group/post' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1notificationConfigs~1{notificationConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_assets_list: + organizations_notification_configs_patch: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1assets/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1notificationConfigs~1{notificationConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.listAssetsResults - organizations_assets_group: + organizations_notification_configs_create: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1assets:group/post' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1notificationConfigs/post response: mediaType: application/json openAPIDocKey: '200' - organizations_assets_list: + organizations_notification_configs_list: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1assets/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1notificationConfigs/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.listAssetsResults - organizations_assets_run_discovery: + objectKey: $.notificationConfigs + projects_notification_configs_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1assets:runDiscovery/post + #/paths/~1v1~1projects~1{projectsId}~1notificationConfigs~1{notificationConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/assets/methods/folders_assets_list - - $ref: >- - #/components/x-stackQL-resources/assets/methods/projects_assets_list - - $ref: >- - #/components/x-stackQL-resources/assets/methods/organizations_assets_list - insert: [] - update: [] - replace: [] - delete: [] - assets_security_marks: - id: google.securitycenter.assets_security_marks - name: assets_security_marks - title: Assets_security_marks - methods: - folders_assets_update_security_marks: + projects_notification_configs_delete: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1assets~1{assetsId}~1securityMarks/patch + #/paths/~1v1~1projects~1{projectsId}~1notificationConfigs~1{notificationConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_assets_update_security_marks: + projects_notification_configs_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1assets~1{assetsId}~1securityMarks/patch + #/paths/~1v1~1projects~1{projectsId}~1notificationConfigs~1{notificationConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_assets_update_security_marks: + projects_notification_configs_create: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1assets~1{assetsId}~1securityMarks/patch + $ref: '#/paths/~1v1~1projects~1{projectsId}~1notificationConfigs/post' + response: + mediaType: application/json + openAPIDocKey: '200' + projects_notification_configs_list: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1notificationConfigs/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.notificationConfigs sqlVerbs: - select: [] - insert: [] + select: + - $ref: >- + #/components/x-stackQL-resources/notification_configs/methods/folders_notification_configs_get + - $ref: >- + #/components/x-stackQL-resources/notification_configs/methods/organizations_notification_configs_get + - $ref: >- + #/components/x-stackQL-resources/notification_configs/methods/projects_notification_configs_get + - $ref: >- + #/components/x-stackQL-resources/notification_configs/methods/folders_notification_configs_list + - $ref: >- + #/components/x-stackQL-resources/notification_configs/methods/organizations_notification_configs_list + - $ref: >- + #/components/x-stackQL-resources/notification_configs/methods/projects_notification_configs_list + insert: + - $ref: >- + #/components/x-stackQL-resources/notification_configs/methods/folders_notification_configs_create + - $ref: >- + #/components/x-stackQL-resources/notification_configs/methods/organizations_notification_configs_create + - $ref: >- + #/components/x-stackQL-resources/notification_configs/methods/projects_notification_configs_create update: - $ref: >- - #/components/x-stackQL-resources/assets_security_marks/methods/folders_assets_update_security_marks + #/components/x-stackQL-resources/notification_configs/methods/folders_notification_configs_patch - $ref: >- - #/components/x-stackQL-resources/assets_security_marks/methods/projects_assets_update_security_marks + #/components/x-stackQL-resources/notification_configs/methods/organizations_notification_configs_patch - $ref: >- - #/components/x-stackQL-resources/assets_security_marks/methods/organizations_assets_update_security_marks + #/components/x-stackQL-resources/notification_configs/methods/projects_notification_configs_patch replace: [] - delete: [] - sources: - id: google.securitycenter.sources - name: sources - title: Sources + delete: + - $ref: >- + #/components/x-stackQL-resources/notification_configs/methods/folders_notification_configs_delete + - $ref: >- + #/components/x-stackQL-resources/notification_configs/methods/organizations_notification_configs_delete + - $ref: >- + #/components/x-stackQL-resources/notification_configs/methods/projects_notification_configs_delete + event_threat_detection_settings: + id: google.securitycenter.event_threat_detection_settings + name: event_threat_detection_settings + title: Event_threat_detection_settings methods: - folders_sources_list: + folders_event_threat_detection_settings_validate_custom_module: operation: - $ref: '#/paths/~1v1~1folders~1{foldersId}~1sources/get' + $ref: >- + #/paths/~1v1~1folders~1{foldersId}~1eventThreatDetectionSettings:validateCustomModule/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sources - projects_sources_list: + organizations_event_threat_detection_settings_validate_custom_module: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1sources/get' + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings:validateCustomModule/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sources - organizations_sources_create: + projects_event_threat_detection_settings_validate_custom_module: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1sources/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings:validateCustomModule/post response: mediaType: application/json openAPIDocKey: '200' - organizations_sources_list: + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + event_threat_detection_modules: + id: google.securitycenter.event_threat_detection_modules + name: event_threat_detection_modules + title: Event_threat_detection_modules + methods: + folders_event_threat_detection_settings_custom_modules_delete: operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1sources/get' + $ref: >- + #/paths/~1v1~1folders~1{foldersId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sources - organizations_sources_get: + folders_event_threat_detection_settings_custom_modules_create: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}/get + #/paths/~1v1~1folders~1{foldersId}~1eventThreatDetectionSettings~1customModules/post response: mediaType: application/json openAPIDocKey: '200' - organizations_sources_patch: + folders_event_threat_detection_settings_custom_modules_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}/patch + #/paths/~1v1~1folders~1{foldersId}~1eventThreatDetectionSettings~1customModules/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/sources/methods/organizations_sources_get - - $ref: >- - #/components/x-stackQL-resources/sources/methods/folders_sources_list - - $ref: >- - #/components/x-stackQL-resources/sources/methods/projects_sources_list - - $ref: >- - #/components/x-stackQL-resources/sources/methods/organizations_sources_list - insert: - - $ref: >- - #/components/x-stackQL-resources/sources/methods/organizations_sources_create - update: - - $ref: >- - #/components/x-stackQL-resources/sources/methods/organizations_sources_patch - replace: [] - delete: [] - findings_security_marks: - id: google.securitycenter.findings_security_marks - name: findings_security_marks - title: Findings_security_marks - methods: - folders_sources_findings_update_security_marks: + objectKey: $.eventThreatDetectionCustomModules + organizations_event_threat_detection_settings_custom_modules_delete: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1sources~1{sourcesId}~1findings~1{findingsId}~1securityMarks/patch + #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_sources_findings_update_security_marks: + organizations_event_threat_detection_settings_custom_modules_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1sources~1{sourcesId}~1findings~1{findingsId}~1securityMarks/patch + #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings~1customModules/post response: mediaType: application/json openAPIDocKey: '200' - organizations_sources_findings_update_security_marks: + organizations_event_threat_detection_settings_custom_modules_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}~1findings~1{findingsId}~1securityMarks/patch + #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings~1customModules/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/findings_security_marks/methods/folders_sources_findings_update_security_marks - - $ref: >- - #/components/x-stackQL-resources/findings_security_marks/methods/projects_sources_findings_update_security_marks - - $ref: >- - #/components/x-stackQL-resources/findings_security_marks/methods/organizations_sources_findings_update_security_marks - replace: [] - delete: [] - external_systems: - id: google.securitycenter.external_systems - name: external_systems - title: External_systems - methods: - folders_sources_findings_external_systems_patch: + objectKey: $.eventThreatDetectionCustomModules + projects_event_threat_detection_settings_custom_modules_delete: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1sources~1{sourcesId}~1findings~1{findingsId}~1externalSystems~1{externalSystemsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_sources_findings_external_systems_patch: + projects_event_threat_detection_settings_custom_modules_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1sources~1{sourcesId}~1findings~1{findingsId}~1externalSystems~1{externalSystemsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings~1customModules/post response: mediaType: application/json openAPIDocKey: '200' - organizations_sources_findings_external_systems_patch: + projects_event_threat_detection_settings_custom_modules_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}~1findings~1{findingsId}~1externalSystems~1{externalSystemsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings~1customModules/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.eventThreatDetectionCustomModules sqlVerbs: - select: [] - insert: [] - update: + select: - $ref: >- - #/components/x-stackQL-resources/external_systems/methods/folders_sources_findings_external_systems_patch + #/components/x-stackQL-resources/event_threat_detection_modules/methods/folders_event_threat_detection_settings_custom_modules_list - $ref: >- - #/components/x-stackQL-resources/external_systems/methods/projects_sources_findings_external_systems_patch + #/components/x-stackQL-resources/event_threat_detection_modules/methods/organizations_event_threat_detection_settings_custom_modules_list - $ref: >- - #/components/x-stackQL-resources/external_systems/methods/organizations_sources_findings_external_systems_patch + #/components/x-stackQL-resources/event_threat_detection_modules/methods/projects_event_threat_detection_settings_custom_modules_list + insert: + - $ref: >- + #/components/x-stackQL-resources/event_threat_detection_modules/methods/folders_event_threat_detection_settings_custom_modules_create + - $ref: >- + #/components/x-stackQL-resources/event_threat_detection_modules/methods/organizations_event_threat_detection_settings_custom_modules_create + - $ref: >- + #/components/x-stackQL-resources/event_threat_detection_modules/methods/projects_event_threat_detection_settings_custom_modules_create + update: [] replace: [] - delete: [] - event_threat_detection_settings: - id: google.securitycenter.event_threat_detection_settings - name: event_threat_detection_settings - title: Event_threat_detection_settings + delete: + - $ref: >- + #/components/x-stackQL-resources/event_threat_detection_modules/methods/folders_event_threat_detection_settings_custom_modules_delete + - $ref: >- + #/components/x-stackQL-resources/event_threat_detection_modules/methods/organizations_event_threat_detection_settings_custom_modules_delete + - $ref: >- + #/components/x-stackQL-resources/event_threat_detection_modules/methods/projects_event_threat_detection_settings_custom_modules_delete + external_systems: + id: google.securitycenter.external_systems + name: external_systems + title: External_systems methods: - folders_event_threat_detection_settings_validate_custom_module: + folders_sources_findings_external_systems_patch: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1eventThreatDetectionSettings:validateCustomModule/post + #/paths/~1v1~1folders~1{foldersId}~1sources~1{sourcesId}~1findings~1{findingsId}~1externalSystems~1{externalSystemsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_event_threat_detection_settings_validate_custom_module: + organizations_sources_findings_external_systems_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings:validateCustomModule/post + #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}~1findings~1{findingsId}~1externalSystems~1{externalSystemsId}/patch response: mediaType: application/json openAPIDocKey: '200' - organizations_event_threat_detection_settings_validate_custom_module: + projects_sources_findings_external_systems_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings:validateCustomModule/post + #/paths/~1v1~1projects~1{projectsId}~1sources~1{sourcesId}~1findings~1{findingsId}~1externalSystems~1{externalSystemsId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: [] insert: [] - update: [] + update: + - $ref: >- + #/components/x-stackQL-resources/external_systems/methods/folders_sources_findings_external_systems_patch + - $ref: >- + #/components/x-stackQL-resources/external_systems/methods/organizations_sources_findings_external_systems_patch + - $ref: >- + #/components/x-stackQL-resources/external_systems/methods/projects_sources_findings_external_systems_patch replace: [] delete: [] - event_threat_detection_modules: - id: google.securitycenter.event_threat_detection_modules - name: event_threat_detection_modules - title: Event_threat_detection_modules + findings_security_marks: + id: google.securitycenter.findings_security_marks + name: findings_security_marks + title: Findings_security_marks methods: - folders_event_threat_detection_settings_custom_modules_create: + folders_sources_findings_update_security_marks: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1eventThreatDetectionSettings~1customModules/post + #/paths/~1v1~1folders~1{foldersId}~1sources~1{sourcesId}~1findings~1{findingsId}~1securityMarks/patch response: mediaType: application/json openAPIDocKey: '200' - folders_event_threat_detection_settings_custom_modules_list: + organizations_sources_findings_update_security_marks: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1eventThreatDetectionSettings~1customModules/get + #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}~1findings~1{findingsId}~1securityMarks/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.eventThreatDetectionCustomModules - folders_event_threat_detection_settings_custom_modules_delete: + projects_sources_findings_update_security_marks: operation: $ref: >- - #/paths/~1v1~1folders~1{foldersId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1sources~1{sourcesId}~1findings~1{findingsId}~1securityMarks/patch response: mediaType: application/json openAPIDocKey: '200' - projects_event_threat_detection_settings_custom_modules_create: + sqlVerbs: + select: [] + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/findings_security_marks/methods/folders_sources_findings_update_security_marks + - $ref: >- + #/components/x-stackQL-resources/findings_security_marks/methods/organizations_sources_findings_update_security_marks + - $ref: >- + #/components/x-stackQL-resources/findings_security_marks/methods/projects_sources_findings_update_security_marks + replace: [] + delete: [] + sources: + id: google.securitycenter.sources + name: sources + title: Sources + methods: + folders_sources_list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings~1customModules/post + $ref: '#/paths/~1v1~1folders~1{foldersId}~1sources/get' response: mediaType: application/json openAPIDocKey: '200' - projects_event_threat_detection_settings_custom_modules_list: + objectKey: $.sources + organizations_sources_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings~1customModules/get + #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.eventThreatDetectionCustomModules - projects_event_threat_detection_settings_custom_modules_delete: + organizations_sources_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}/get response: mediaType: application/json openAPIDocKey: '200' - organizations_event_threat_detection_settings_custom_modules_create: + organizations_sources_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings~1customModules/post + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1sources/get' response: mediaType: application/json openAPIDocKey: '200' - organizations_event_threat_detection_settings_custom_modules_list: + objectKey: $.sources + organizations_sources_create: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings~1customModules/get + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1sources/post' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.eventThreatDetectionCustomModules - organizations_event_threat_detection_settings_custom_modules_delete: + projects_sources_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1eventThreatDetectionSettings~1customModules~1{customModulesId}/delete + $ref: '#/paths/~1v1~1projects~1{projectsId}~1sources/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.sources sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/event_threat_detection_modules/methods/folders_event_threat_detection_settings_custom_modules_list + #/components/x-stackQL-resources/sources/methods/organizations_sources_get - $ref: >- - #/components/x-stackQL-resources/event_threat_detection_modules/methods/projects_event_threat_detection_settings_custom_modules_list + #/components/x-stackQL-resources/sources/methods/folders_sources_list - $ref: >- - #/components/x-stackQL-resources/event_threat_detection_modules/methods/organizations_event_threat_detection_settings_custom_modules_list - insert: + #/components/x-stackQL-resources/sources/methods/organizations_sources_list - $ref: >- - #/components/x-stackQL-resources/event_threat_detection_modules/methods/folders_event_threat_detection_settings_custom_modules_create + #/components/x-stackQL-resources/sources/methods/projects_sources_list + insert: - $ref: >- - #/components/x-stackQL-resources/event_threat_detection_modules/methods/projects_event_threat_detection_settings_custom_modules_create + #/components/x-stackQL-resources/sources/methods/organizations_sources_create + update: - $ref: >- - #/components/x-stackQL-resources/event_threat_detection_modules/methods/organizations_event_threat_detection_settings_custom_modules_create - update: [] + #/components/x-stackQL-resources/sources/methods/organizations_sources_patch replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/event_threat_detection_modules/methods/folders_event_threat_detection_settings_custom_modules_delete - - $ref: >- - #/components/x-stackQL-resources/event_threat_detection_modules/methods/projects_event_threat_detection_settings_custom_modules_delete - - $ref: >- - #/components/x-stackQL-resources/event_threat_detection_modules/methods/organizations_event_threat_detection_settings_custom_modules_delete + delete: [] organization_settings: id: google.securitycenter.organization_settings name: organization_settings @@ -13003,104 +13459,89 @@ components: #/components/x-stackQL-resources/organization_settings/methods/organizations_update_organization_settings replace: [] delete: [] - operations: - id: google.securitycenter.operations - name: operations - title: Operations + sources_iam_policies: + id: google.securitycenter.sources_iam_policies + name: sources_iam_policies + title: Sources_iam_policies methods: - organizations_operations_list: - operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1operations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - organizations_operations_get: + organizations_sources_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - organizations_operations_delete: + organizations_sources_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - organizations_operations_cancel: + objectKey: $.bindings + organizations_sources_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/operations/methods/organizations_operations_get - - $ref: >- - #/components/x-stackQL-resources/operations/methods/organizations_operations_list + #/components/x-stackQL-resources/sources_iam_policies/methods/organizations_sources_get_iam_policy insert: [] update: [] - replace: [] - delete: + replace: - $ref: >- - #/components/x-stackQL-resources/operations/methods/organizations_operations_delete - sources_iam_policies: - id: google.securitycenter.sources_iam_policies - name: sources_iam_policies - title: Sources_iam_policies + #/components/x-stackQL-resources/sources_iam_policies/methods/organizations_sources_set_iam_policy + delete: [] + attack_paths: + id: google.securitycenter.attack_paths + name: attack_paths + title: Attack_paths methods: - organizations_sources_get_iam_policy: + organizations_simulations_attack_paths_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}:getIamPolicy/post + #/paths/~1v1~1organizations~1{organizationsId}~1simulations~1{simulationsId}~1attackPaths/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - organizations_sources_set_iam_policy: + objectKey: $.attackPaths + organizations_simulations_valued_resources_attack_paths_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}:setIamPolicy/post + #/paths/~1v1~1organizations~1{organizationsId}~1simulations~1{simulationsId}~1valuedResources~1{valuedResourcesId}~1attackPaths/get response: mediaType: application/json openAPIDocKey: '200' - organizations_sources_test_iam_permissions: + objectKey: $.attackPaths + organizations_simulations_attack_exposure_results_attack_paths_list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1sources~1{sourcesId}:testIamPermissions/post + #/paths/~1v1~1organizations~1{organizationsId}~1simulations~1{simulationsId}~1attackExposureResults~1{attackExposureResultsId}~1attackPaths/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/sources_iam_policies/methods/organizations_sources_get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/sources_iam_policies/methods/organizations_sources_set_iam_policy - delete: [] - simulations: - id: google.securitycenter.simulations - name: simulations - title: Simulations - methods: - organizations_simulations_get: + objectKey: $.attackPaths + organizations_attack_paths_list: operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1simulations~1{simulationsId}/get + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1attackPaths/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.attackPaths sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/simulations/methods/organizations_simulations_get + #/components/x-stackQL-resources/attack_paths/methods/organizations_simulations_valued_resources_attack_paths_list + - $ref: >- + #/components/x-stackQL-resources/attack_paths/methods/organizations_simulations_attack_exposure_results_attack_paths_list + - $ref: >- + #/components/x-stackQL-resources/attack_paths/methods/organizations_simulations_attack_paths_list + - $ref: >- + #/components/x-stackQL-resources/attack_paths/methods/organizations_attack_paths_list insert: [] update: [] replace: [] @@ -13155,52 +13596,22 @@ components: update: [] replace: [] delete: [] - attack_paths: - id: google.securitycenter.attack_paths - name: attack_paths - title: Attack_paths + simulations: + id: google.securitycenter.simulations + name: simulations + title: Simulations methods: - organizations_simulations_valued_resources_attack_paths_list: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1simulations~1{simulationsId}~1valuedResources~1{valuedResourcesId}~1attackPaths/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.attackPaths - organizations_simulations_attack_exposure_results_attack_paths_list: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1simulations~1{simulationsId}~1attackExposureResults~1{attackExposureResultsId}~1attackPaths/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.attackPaths - organizations_simulations_attack_paths_list: + organizations_simulations_get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1simulations~1{simulationsId}~1attackPaths/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.attackPaths - organizations_attack_paths_list: - operation: - $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1attackPaths/get' + #/paths/~1v1~1organizations~1{organizationsId}~1simulations~1{simulationsId}/get response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.attackPaths - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/attack_paths/methods/organizations_simulations_valued_resources_attack_paths_list - - $ref: >- - #/components/x-stackQL-resources/attack_paths/methods/organizations_simulations_attack_exposure_results_attack_paths_list - - $ref: >- - #/components/x-stackQL-resources/attack_paths/methods/organizations_simulations_attack_paths_list + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: - $ref: >- - #/components/x-stackQL-resources/attack_paths/methods/organizations_attack_paths_list + #/components/x-stackQL-resources/simulations/methods/organizations_simulations_get insert: [] update: [] replace: [] @@ -13210,17 +13621,10 @@ components: name: resource_value_configs title: Resource_value_configs methods: - organizations_resource_value_configs_batch_create: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1resourceValueConfigs:batchCreate/post - response: - mediaType: application/json - openAPIDocKey: '200' - organizations_resource_value_configs_delete: + organizations_resource_value_configs_patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1resourceValueConfigs~1{resourceValueConfigsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1resourceValueConfigs~1{resourceValueConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -13231,10 +13635,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - organizations_resource_value_configs_patch: + organizations_resource_value_configs_delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1resourceValueConfigs~1{resourceValueConfigsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1resourceValueConfigs~1{resourceValueConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -13246,6 +13650,13 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.resourceValueConfigs + organizations_resource_value_configs_batch_create: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1resourceValueConfigs:batchCreate/post + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: >- @@ -13262,31 +13673,266 @@ components: delete: - $ref: >- #/components/x-stackQL-resources/resource_value_configs/methods/organizations_resource_value_configs_delete + operations: + id: google.securitycenter.operations + name: operations + title: Operations + methods: + organizations_operations_get: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_operations_delete: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1operations~1{operationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + organizations_operations_list: + operation: + $ref: '#/paths/~1v1~1organizations~1{organizationsId}~1operations/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + organizations_operations_cancel: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1operations~1{operationsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/operations/methods/organizations_operations_get + - $ref: >- + #/components/x-stackQL-resources/operations/methods/organizations_operations_list + insert: [] + update: [] + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/operations/methods/organizations_operations_delete paths: - /v1/folders/{foldersId}/findings:bulkMute: + /v1/folders/{foldersId}/bigQueryExports: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/prettyPrint' post: + description: Creates a BigQuery export. + operationId: securitycenter.folders.bigQueryExports.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + parameters: + - in: path + name: foldersId + required: true + schema: + type: string + - in: query + name: bigQueryExportId + schema: + type: string + get: description: >- - Kicks off an LRO to bulk mute findings for a parent based on a filter. - The parent can be either an organization, folder or project. The - findings matched by the filter will be muted after the LRO is done. - operationId: securitycenter.folders.findings.bulkMute + Lists BigQuery exports. Note that when requesting BigQuery exports at a + given level all exports under that level are also returned e.g. if + requesting BigQuery exports under a folder, then all BigQuery exports + immediately under the folder plus the ones created under the projects + within the folder are returned. + operationId: securitycenter.folders.bigQueryExports.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListBigQueryExportsResponse' + parameters: + - in: path + name: foldersId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/folders/{foldersId}/bigQueryExports/{bigQueryExportsId}: + parameters: *ref_1 + get: + description: Gets a BigQuery export. + operationId: securitycenter.folders.bigQueryExports.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + parameters: + - in: path + name: foldersId + required: true + schema: + type: string + - in: path + name: bigQueryExportsId + required: true + schema: + type: string + delete: + description: Deletes an existing BigQuery export. + operationId: securitycenter.folders.bigQueryExports.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: foldersId + required: true + schema: + type: string + - in: path + name: bigQueryExportsId + required: true + schema: + type: string + patch: + description: Updates a BigQuery export. + operationId: securitycenter.folders.bigQueryExports.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/BulkMuteFindingsRequest' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + parameters: + - in: path + name: foldersId + required: true + schema: + type: string + - in: path + name: bigQueryExportsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/folders/{foldersId}/locations/{locationsId}/muteConfigs/{muteConfigsId}: + parameters: *ref_1 + patch: + description: Updates a mute config. + operationId: securitycenter.folders.locations.muteConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + parameters: + - in: path + name: foldersId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: muteConfigsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes an existing mute config. + operationId: securitycenter.folders.locations.muteConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13298,29 +13944,60 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: foldersId required: true schema: type: string - /v1/folders/{foldersId}/securityHealthAnalyticsSettings/customModules: + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: muteConfigsId + required: true + schema: + type: string + get: + description: Gets a mute config. + operationId: securitycenter.folders.locations.muteConfigs.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + parameters: + - in: path + name: foldersId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: muteConfigsId + required: true + schema: + type: string + /v1/folders/{foldersId}/securityHealthAnalyticsSettings/effectiveCustomModules/{effectiveCustomModulesId}: parameters: *ref_1 - post: - description: >- - Creates a resident SecurityHealthAnalyticsCustomModule at the scope of - the given CRM parent, and also creates inherited - SecurityHealthAnalyticsCustomModules for all CRM descendants of the - given parent. These modules are enabled by default. + get: + description: Retrieves an EffectiveSecurityHealthAnalyticsCustomModule. operationId: >- - securitycenter.folders.securityHealthAnalyticsSettings.customModules.create - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule + securitycenter.folders.securityHealthAnalyticsSettings.effectiveCustomModules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13333,20 +14010,27 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule + #/components/schemas/GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule parameters: - in: path name: foldersId required: true schema: type: string + - in: path + name: effectiveCustomModulesId + required: true + schema: + type: string + /v1/folders/{foldersId}/securityHealthAnalyticsSettings/effectiveCustomModules: + parameters: *ref_1 get: description: >- - Returns a list of all SecurityHealthAnalyticsCustomModules for the given - parent. This includes resident modules defined at the scope of the - parent, and inherited modules, inherited from CRM ancestors. + Returns a list of all EffectiveSecurityHealthAnalyticsCustomModules for + the given parent. This includes resident modules defined at the scope of + the parent, and inherited modules, inherited from CRM ancestors. operationId: >- - securitycenter.folders.securityHealthAnalyticsSettings.customModules.list + securitycenter.folders.securityHealthAnalyticsSettings.effectiveCustomModules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13359,7 +14043,7 @@ paths: application/json: schema: $ref: >- - #/components/schemas/ListSecurityHealthAnalyticsCustomModulesResponse + #/components/schemas/ListEffectiveSecurityHealthAnalyticsCustomModulesResponse parameters: - in: path name: foldersId @@ -13515,18 +14199,15 @@ paths: name: pageToken schema: type: string - /v1/folders/{foldersId}/securityHealthAnalyticsSettings/customModules:simulate: + /v1/folders/{foldersId}/securityHealthAnalyticsSettings/customModules: parameters: *ref_1 - post: - description: Simulates a given SecurityHealthAnalyticsCustomModule and Resource. + get: + description: >- + Returns a list of all SecurityHealthAnalyticsCustomModules for the given + parent. This includes resident modules defined at the scope of the + parent, and inherited modules, inherited from CRM ancestors. operationId: >- - securitycenter.folders.securityHealthAnalyticsSettings.customModules.simulate - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/SimulateSecurityHealthAnalyticsCustomModuleRequest + securitycenter.folders.securityHealthAnalyticsSettings.customModules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13539,19 +14220,36 @@ paths: application/json: schema: $ref: >- - #/components/schemas/SimulateSecurityHealthAnalyticsCustomModuleResponse + #/components/schemas/ListSecurityHealthAnalyticsCustomModulesResponse parameters: - in: path name: foldersId required: true schema: type: string - /v1/folders/{foldersId}/securityHealthAnalyticsSettings/effectiveCustomModules/{effectiveCustomModulesId}: - parameters: *ref_1 - get: - description: Retrieves an EffectiveSecurityHealthAnalyticsCustomModule. + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + post: + description: >- + Creates a resident SecurityHealthAnalyticsCustomModule at the scope of + the given CRM parent, and also creates inherited + SecurityHealthAnalyticsCustomModules for all CRM descendants of the + given parent. These modules are enabled by default. operationId: >- - securitycenter.folders.securityHealthAnalyticsSettings.effectiveCustomModules.get + securitycenter.folders.securityHealthAnalyticsSettings.customModules.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13564,27 +14262,25 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule + #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule parameters: - in: path name: foldersId required: true schema: type: string - - in: path - name: effectiveCustomModulesId - required: true - schema: - type: string - /v1/folders/{foldersId}/securityHealthAnalyticsSettings/effectiveCustomModules: + /v1/folders/{foldersId}/securityHealthAnalyticsSettings/customModules:simulate: parameters: *ref_1 - get: - description: >- - Returns a list of all EffectiveSecurityHealthAnalyticsCustomModules for - the given parent. This includes resident modules defined at the scope of - the parent, and inherited modules, inherited from CRM ancestors. + post: + description: Simulates a given SecurityHealthAnalyticsCustomModule and Resource. operationId: >- - securitycenter.folders.securityHealthAnalyticsSettings.effectiveCustomModules.list + securitycenter.folders.securityHealthAnalyticsSettings.customModules.simulate + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/SimulateSecurityHealthAnalyticsCustomModuleRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13597,32 +14293,26 @@ paths: application/json: schema: $ref: >- - #/components/schemas/ListEffectiveSecurityHealthAnalyticsCustomModulesResponse + #/components/schemas/SimulateSecurityHealthAnalyticsCustomModuleResponse parameters: - in: path name: foldersId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/folders/{foldersId}/muteConfigs: + /v1/folders/{foldersId}/findings:bulkMute: parameters: *ref_1 post: - description: Creates a mute config. - operationId: securitycenter.folders.muteConfigs.create + description: >- + Kicks off an LRO to bulk mute findings for a parent based on a filter. + The parent can be either an organization, folder or project. The + findings matched by the filter will be muted after the LRO is done. + operationId: securitycenter.folders.findings.bulkMute requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/BulkMuteFindingsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13634,20 +14324,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/Operation' parameters: - in: path name: foldersId required: true schema: type: string - - in: query - name: muteConfigId - schema: - type: string + /v1/folders/{foldersId}/assets: + parameters: *ref_1 get: - description: Lists mute configs. - operationId: securitycenter.folders.muteConfigs.list + description: Lists an organization's assets. + operationId: securitycenter.folders.assets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13659,7 +14347,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListMuteConfigsResponse' + $ref: '#/components/schemas/ListAssetsResponse' parameters: - in: path name: foldersId @@ -13667,45 +14355,47 @@ paths: schema: type: string - in: query - name: pageSize + name: readTime schema: - type: integer - format: int32 + type: string + format: google-datetime - in: query - name: pageToken + name: filter schema: type: string - /v1/folders/{foldersId}/muteConfigs/{muteConfigsId}: - parameters: *ref_1 - delete: - description: Deletes an existing mute config. - operationId: securitycenter.folders.muteConfigs.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Empty' - parameters: - - in: path - name: foldersId - required: true + - in: query + name: orderBy + schema: + type: string + - in: query + name: fieldMask + schema: + type: string + format: google-fieldmask + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - - in: path - name: muteConfigsId - required: true + - in: query + name: compareDuration schema: type: string - get: - description: Gets a mute config. - operationId: securitycenter.folders.muteConfigs.get + format: google-duration + /v1/folders/{foldersId}/assets/{assetsId}/securityMarks: + parameters: *ref_1 + patch: + description: Updates security marks. + operationId: securitycenter.folders.assets.updateSecurityMarks + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMarks' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13717,7 +14407,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/SecurityMarks' parameters: - in: path name: foldersId @@ -13725,18 +14415,32 @@ paths: schema: type: string - in: path - name: muteConfigsId + name: assetsId required: true schema: type: string - patch: - description: Updates a mute config. - operationId: securitycenter.folders.muteConfigs.patch + - in: query + name: startTime + schema: + type: string + format: google-datetime + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/folders/{foldersId}/assets:group: + parameters: *ref_1 + post: + description: >- + Filters an organization's assets and groups them by their specified + properties. + operationId: securitycenter.folders.assets.group requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/GroupAssetsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13748,23 +14452,13 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/GroupAssetsResponse' parameters: - in: path name: foldersId required: true schema: type: string - - in: path - name: muteConfigsId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask /v1/folders/{foldersId}/notificationConfigs: parameters: *ref_1 post: @@ -13829,58 +14523,6 @@ paths: format: int32 /v1/folders/{foldersId}/notificationConfigs/{notificationConfigsId}: parameters: *ref_1 - delete: - description: Deletes a notification config. - operationId: securitycenter.folders.notificationConfigs.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Empty' - parameters: - - in: path - name: foldersId - required: true - schema: - type: string - - in: path - name: notificationConfigsId - required: true - schema: - type: string - get: - description: Gets a notification config. - operationId: securitycenter.folders.notificationConfigs.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationConfig' - parameters: - - in: path - name: foldersId - required: true - schema: - type: string - - in: path - name: notificationConfigsId - required: true - schema: - type: string patch: description: ' Updates a notification config. The following update fields are allowed: description, pubsub_topic, streaming_config.filter' operationId: securitycenter.folders.notificationConfigs.patch @@ -13917,11 +14559,9 @@ paths: schema: type: string format: google-fieldmask - /v1/folders/{foldersId}/locations/{locationsId}/muteConfigs/{muteConfigsId}: - parameters: *ref_1 delete: - description: Deletes an existing mute config. - operationId: securitycenter.folders.locations.muteConfigs.delete + description: Deletes a notification config. + operationId: securitycenter.folders.notificationConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13941,18 +14581,13 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: muteConfigsId + name: notificationConfigsId required: true schema: type: string get: - description: Gets a mute config. - operationId: securitycenter.folders.locations.muteConfigs.get + description: Gets a notification config. + operationId: securitycenter.folders.notificationConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -13964,7 +14599,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/NotificationConfig' parameters: - in: path name: foldersId @@ -13972,23 +14607,21 @@ paths: schema: type: string - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: muteConfigsId + name: notificationConfigsId required: true schema: type: string - patch: - description: Updates a mute config. - operationId: securitycenter.folders.locations.muteConfigs.patch + /v1/folders/{foldersId}/eventThreatDetectionSettings:validateCustomModule: + parameters: *ref_1 + post: + description: Validates the given Event Threat Detection custom module. + operationId: securitycenter.folders.eventThreatDetectionSettings.validateCustomModule requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: >- + #/components/schemas/ValidateEventThreatDetectionCustomModuleRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14000,33 +14633,54 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: >- + #/components/schemas/ValidateEventThreatDetectionCustomModuleResponse parameters: - in: path name: foldersId required: true schema: type: string + /v1/folders/{foldersId}/eventThreatDetectionSettings/effectiveCustomModules/{effectiveCustomModulesId}: + parameters: *ref_1 + get: + description: >- + Gets an effective Event Threat Detection custom module at the given + level. + operationId: >- + securitycenter.folders.eventThreatDetectionSettings.effectiveCustomModules.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/EffectiveEventThreatDetectionCustomModule' + parameters: - in: path - name: locationsId + name: foldersId required: true schema: type: string - in: path - name: muteConfigsId + name: effectiveCustomModulesId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/folders/{foldersId}/bigQueryExports/{bigQueryExportsId}: + /v1/folders/{foldersId}/eventThreatDetectionSettings/effectiveCustomModules: parameters: *ref_1 get: - description: Gets a BigQuery export. - operationId: securitycenter.folders.bigQueryExports.get + description: >- + Lists all effective Event Threat Detection custom modules for the given + parent. This includes resident modules defined at the scope of the + parent along with modules inherited from its ancestors. + operationId: >- + securitycenter.folders.eventThreatDetectionSettings.effectiveCustomModules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14038,21 +14692,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + $ref: >- + #/components/schemas/ListEffectiveEventThreatDetectionCustomModulesResponse parameters: - in: path name: foldersId required: true schema: type: string - - in: path - name: bigQueryExportsId - required: true + - in: query + name: pageToken schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/folders/{foldersId}/eventThreatDetectionSettings/customModules/{customModulesId}: + parameters: *ref_1 delete: - description: Deletes an existing BigQuery export. - operationId: securitycenter.folders.bigQueryExports.delete + description: >- + Deletes the specified Event Threat Detection custom module and all of + its descendants in the Resource Manager hierarchy. This method is only + supported for resident custom modules. + operationId: securitycenter.folders.eventThreatDetectionSettings.customModules.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14072,18 +14736,24 @@ paths: schema: type: string - in: path - name: bigQueryExportsId + name: customModulesId required: true schema: type: string patch: - description: Updates a BigQuery export. - operationId: securitycenter.folders.bigQueryExports.patch + description: >- + Updates the Event Threat Detection custom module with the given name + based on the given update mask. Updating the enablement state is + supported for both resident and inherited modules (though resident + modules cannot have an enablement state of "inherited"). Updating the + display name or configuration of a module is supported for resident + modules only. The type of a module cannot be changed. + operationId: securitycenter.folders.eventThreatDetectionSettings.customModules.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + $ref: '#/components/schemas/EventThreatDetectionCustomModule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14095,7 +14765,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + $ref: '#/components/schemas/EventThreatDetectionCustomModule' parameters: - in: path name: foldersId @@ -14103,7 +14773,7 @@ paths: schema: type: string - in: path - name: bigQueryExportsId + name: customModulesId required: true schema: type: string @@ -14112,16 +14782,9 @@ paths: schema: type: string format: google-fieldmask - /v1/folders/{foldersId}/bigQueryExports: - parameters: *ref_1 - post: - description: Creates a BigQuery export. - operationId: securitycenter.folders.bigQueryExports.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + get: + description: Gets an Event Threat Detection custom module. + operationId: securitycenter.folders.eventThreatDetectionSettings.customModules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14133,25 +14796,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + $ref: '#/components/schemas/EventThreatDetectionCustomModule' parameters: - in: path name: foldersId required: true schema: type: string - - in: query - name: bigQueryExportId - schema: - type: string + - in: path + name: customModulesId + required: true + schema: + type: string + /v1/folders/{foldersId}/eventThreatDetectionSettings/customModules:listDescendant: + parameters: *ref_1 get: description: >- - Lists BigQuery exports. Note that when requesting BigQuery exports at a - given level all exports under that level are also returned e.g. if - requesting BigQuery exports under a folder, then all BigQuery exports - immediately under the folder plus the ones created under the projects - within the folder are returned. - operationId: securitycenter.folders.bigQueryExports.list + Lists all resident Event Threat Detection custom modules under the given + Resource Manager parent and its descendants. + operationId: >- + securitycenter.folders.eventThreatDetectionSettings.customModules.listDescendant security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14163,34 +14827,37 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBigQueryExportsResponse' + $ref: >- + #/components/schemas/ListDescendantEventThreatDetectionCustomModulesResponse parameters: - in: path name: foldersId required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/folders/{foldersId}/assets:group: + /v1/folders/{foldersId}/eventThreatDetectionSettings/customModules: parameters: *ref_1 post: description: >- - Filters an organization's assets and groups them by their specified - properties. - operationId: securitycenter.folders.assets.group + Creates a resident Event Threat Detection custom module at the scope of + the given Resource Manager parent, and also creates inherited custom + modules for all descendants of the given parent. These modules are + enabled by default. + operationId: securitycenter.folders.eventThreatDetectionSettings.customModules.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GroupAssetsRequest' + $ref: '#/components/schemas/EventThreatDetectionCustomModule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14202,18 +14869,19 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GroupAssetsResponse' + $ref: '#/components/schemas/EventThreatDetectionCustomModule' parameters: - in: path name: foldersId required: true schema: type: string - /v1/folders/{foldersId}/assets: - parameters: *ref_1 get: - description: Lists an organization's assets. - operationId: securitycenter.folders.assets.list + description: >- + Lists all Event Threat Detection custom modules for the given Resource + Manager parent. This includes resident modules defined at the scope of + the parent along with modules inherited from ancestors. + operationId: securitycenter.folders.eventThreatDetectionSettings.customModules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14225,36 +14893,14 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAssetsResponse' + $ref: >- + #/components/schemas/ListEventThreatDetectionCustomModulesResponse parameters: - in: path name: foldersId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: readTime - schema: - type: string - format: google-datetime - - in: query - name: compareDuration - schema: - type: string - format: google-duration - - in: query - name: fieldMask - schema: - type: string - format: google-fieldmask - in: query name: pageToken schema: @@ -14264,16 +14910,16 @@ paths: schema: type: integer format: int32 - /v1/folders/{foldersId}/assets/{assetsId}/securityMarks: + /v1/folders/{foldersId}/sources/{sourcesId}/findings/{findingsId}/externalSystems/{externalSystemsId}: parameters: *ref_1 patch: - description: Updates security marks. - operationId: securitycenter.folders.assets.updateSecurityMarks + description: Updates external system. This is for a given finding. + operationId: securitycenter.folders.sources.findings.externalSystems.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SecurityMarks' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ExternalSystem' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14285,7 +14931,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SecurityMarks' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ExternalSystem' parameters: - in: path name: foldersId @@ -14293,52 +14939,25 @@ paths: schema: type: string - in: path - name: assetsId + name: sourcesId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: startTime + - in: path + name: findingsId + required: true schema: type: string - format: google-datetime - /v1/folders/{foldersId}/sources: - parameters: *ref_1 - get: - description: Lists all sources belonging to an organization. - operationId: securitycenter.folders.sources.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListSourcesResponse' - parameters: - in: path - name: foldersId + name: externalSystemsId required: true schema: type: string - in: query - name: pageToken + name: updateMask schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 + format: google-fieldmask /v1/folders/{foldersId}/sources/{sourcesId}/findings:group: parameters: *ref_1 post: @@ -14409,19 +15028,14 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: orderBy schema: type: string - in: query - name: readTime + name: filter schema: type: string - format: google-datetime - in: query name: compareDuration schema: @@ -14436,99 +15050,26 @@ paths: name: pageToken schema: type: string + - in: query + name: readTime + schema: + type: string + format: google-datetime - in: query name: pageSize schema: type: integer format: int32 - /v1/folders/{foldersId}/sources/{sourcesId}/findings/{findingsId}:setState: - parameters: *ref_1 - post: - description: Updates the state of a finding. - operationId: securitycenter.folders.sources.findings.setState - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetFindingStateRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Finding' - parameters: - - in: path - name: foldersId - required: true - schema: - type: string - - in: path - name: sourcesId - required: true - schema: - type: string - - in: path - name: findingsId - required: true - schema: - type: string - /v1/folders/{foldersId}/sources/{sourcesId}/findings/{findingsId}:setMute: - parameters: *ref_1 - post: - description: Updates the mute state of a finding. - operationId: securitycenter.folders.sources.findings.setMute - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetMuteRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Finding' - parameters: - - in: path - name: foldersId - required: true - schema: - type: string - - in: path - name: sourcesId - required: true - schema: - type: string - - in: path - name: findingsId - required: true - schema: - type: string - /v1/folders/{foldersId}/sources/{sourcesId}/findings/{findingsId}: + /v1/folders/{foldersId}/sources/{sourcesId}/findings/{findingsId}/securityMarks: parameters: *ref_1 patch: - description: >- - Creates or updates a finding. The corresponding source must exist for a - finding creation to succeed. - operationId: securitycenter.folders.sources.findings.patch + description: Updates security marks. + operationId: securitycenter.folders.sources.findings.updateSecurityMarks requestBody: content: application/json: schema: - $ref: '#/components/schemas/Finding' + $ref: '#/components/schemas/SecurityMarks' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14540,7 +15081,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Finding' + $ref: '#/components/schemas/SecurityMarks' parameters: - in: path name: foldersId @@ -14562,16 +15103,21 @@ paths: schema: type: string format: google-fieldmask - /v1/folders/{foldersId}/sources/{sourcesId}/findings/{findingsId}/securityMarks: + - in: query + name: startTime + schema: + type: string + format: google-datetime + /v1/folders/{foldersId}/sources/{sourcesId}/findings/{findingsId}:setMute: parameters: *ref_1 - patch: - description: Updates security marks. - operationId: securitycenter.folders.sources.findings.updateSecurityMarks + post: + description: Updates the mute state of a finding. + operationId: securitycenter.folders.sources.findings.setMute requestBody: content: application/json: schema: - $ref: '#/components/schemas/SecurityMarks' + $ref: '#/components/schemas/SetMuteRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14583,7 +15129,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SecurityMarks' + $ref: '#/components/schemas/Finding' parameters: - in: path name: foldersId @@ -14599,27 +15145,19 @@ paths: name: findingsId required: true schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: startTime - schema: - type: string - format: google-datetime - /v1/folders/{foldersId}/sources/{sourcesId}/findings/{findingsId}/externalSystems/{externalSystemsId}: + type: string + /v1/folders/{foldersId}/sources/{sourcesId}/findings/{findingsId}: parameters: *ref_1 patch: - description: Updates external system. This is for a given finding. - operationId: securitycenter.folders.sources.findings.externalSystems.patch + description: >- + Creates or updates a finding. The corresponding source must exist for a + finding creation to succeed. + operationId: securitycenter.folders.sources.findings.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ExternalSystem' + $ref: '#/components/schemas/Finding' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14631,7 +15169,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ExternalSystem' + $ref: '#/components/schemas/Finding' parameters: - in: path name: foldersId @@ -14648,27 +15186,21 @@ paths: required: true schema: type: string - - in: path - name: externalSystemsId - required: true - schema: - type: string - in: query name: updateMask schema: type: string format: google-fieldmask - /v1/folders/{foldersId}/eventThreatDetectionSettings:validateCustomModule: + /v1/folders/{foldersId}/sources/{sourcesId}/findings/{findingsId}:setState: parameters: *ref_1 post: - description: Validates the given Event Threat Detection custom module. - operationId: securitycenter.folders.eventThreatDetectionSettings.validateCustomModule + description: Updates the state of a finding. + operationId: securitycenter.folders.sources.findings.setState requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/ValidateEventThreatDetectionCustomModuleRequest + $ref: '#/components/schemas/SetFindingStateRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14680,52 +15212,28 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ValidateEventThreatDetectionCustomModuleResponse + $ref: '#/components/schemas/Finding' parameters: - in: path name: foldersId required: true schema: type: string - /v1/folders/{foldersId}/eventThreatDetectionSettings/customModules: - parameters: *ref_1 - post: - description: >- - Creates a resident Event Threat Detection custom module at the scope of - the given Resource Manager parent, and also creates inherited custom - modules for all descendants of the given parent. These modules are - enabled by default. - operationId: securitycenter.folders.eventThreatDetectionSettings.customModules.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/EventThreatDetectionCustomModule' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/EventThreatDetectionCustomModule' - parameters: - in: path - name: foldersId + name: sourcesId + required: true + schema: + type: string + - in: path + name: findingsId required: true schema: type: string + /v1/folders/{foldersId}/sources: + parameters: *ref_1 get: - description: >- - Lists all Event Threat Detection custom modules for the given Resource - Manager parent. This includes resident modules defined at the scope of - the parent along with modules inherited from ancestors. - operationId: securitycenter.folders.eventThreatDetectionSettings.customModules.list + description: Lists all sources belonging to an organization. + operationId: securitycenter.folders.sources.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14737,8 +15245,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ListEventThreatDetectionCustomModulesResponse + $ref: '#/components/schemas/ListSourcesResponse' parameters: - in: path name: foldersId @@ -14754,14 +15261,16 @@ paths: schema: type: integer format: int32 - /v1/folders/{foldersId}/eventThreatDetectionSettings/customModules/{customModulesId}: + /v1/folders/{foldersId}/muteConfigs: parameters: *ref_1 - delete: - description: >- - Deletes the specified Event Threat Detection custom module and all of - its descendants in the Resource Manager hierarchy. This method is only - supported for resident custom modules. - operationId: securitycenter.folders.eventThreatDetectionSettings.customModules.delete + post: + description: Creates a mute config. + operationId: securitycenter.folders.muteConfigs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14773,21 +15282,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' parameters: - in: path name: foldersId required: true schema: type: string - - in: path - name: customModulesId - required: true + - in: query + name: muteConfigId schema: type: string get: - description: Gets an Event Threat Detection custom module. - operationId: securitycenter.folders.eventThreatDetectionSettings.customModules.get + description: Lists mute configs. + operationId: securitycenter.folders.muteConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14799,32 +15307,27 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EventThreatDetectionCustomModule' + $ref: '#/components/schemas/ListMuteConfigsResponse' parameters: - in: path name: foldersId required: true schema: type: string - - in: path - name: customModulesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - patch: - description: >- - Updates the Event Threat Detection custom module with the given name - based on the given update mask. Updating the enablement state is - supported for both resident and inherited modules (though resident - modules cannot have an enablement state of "inherited"). Updating the - display name or configuration of a module is supported for resident - modules only. The type of a module cannot be changed. - operationId: securitycenter.folders.eventThreatDetectionSettings.customModules.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/EventThreatDetectionCustomModule' + /v1/folders/{foldersId}/muteConfigs/{muteConfigsId}: + parameters: *ref_1 + delete: + description: Deletes an existing mute config. + operationId: securitycenter.folders.muteConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14836,7 +15339,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EventThreatDetectionCustomModule' + $ref: '#/components/schemas/Empty' parameters: - in: path name: foldersId @@ -14844,23 +15347,18 @@ paths: schema: type: string - in: path - name: customModulesId + name: muteConfigsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/folders/{foldersId}/eventThreatDetectionSettings/customModules:listDescendant: - parameters: *ref_1 - get: - description: >- - Lists all resident Event Threat Detection custom modules under the given - Resource Manager parent and its descendants. - operationId: >- - securitycenter.folders.eventThreatDetectionSettings.customModules.listDescendant + patch: + description: Updates a mute config. + operationId: securitycenter.folders.muteConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14872,31 +15370,26 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ListDescendantEventThreatDetectionCustomModulesResponse + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' parameters: - in: path name: foldersId required: true schema: type: string - - in: query - name: pageToken + - in: path + name: muteConfigsId + required: true schema: type: string - in: query - name: pageSize + name: updateMask schema: - type: integer - format: int32 - /v1/folders/{foldersId}/eventThreatDetectionSettings/effectiveCustomModules/{effectiveCustomModulesId}: - parameters: *ref_1 + type: string + format: google-fieldmask get: - description: >- - Gets an effective Event Threat Detection custom module at the given - level. - operationId: >- - securitycenter.folders.eventThreatDetectionSettings.effectiveCustomModules.get + description: Gets a mute config. + operationId: securitycenter.folders.muteConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14908,7 +15401,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EffectiveEventThreatDetectionCustomModule' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' parameters: - in: path name: foldersId @@ -14916,60 +15409,15 @@ paths: schema: type: string - in: path - name: effectiveCustomModulesId + name: muteConfigsId required: true schema: type: string - /v1/folders/{foldersId}/eventThreatDetectionSettings/effectiveCustomModules: + /v1/organizations/{organizationsId}/organizationSettings: parameters: *ref_1 get: - description: >- - Lists all effective Event Threat Detection custom modules for the given - parent. This includes resident modules defined at the scope of the - parent along with modules inherited from its ancestors. - operationId: >- - securitycenter.folders.eventThreatDetectionSettings.effectiveCustomModules.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: >- - #/components/schemas/ListEffectiveEventThreatDetectionCustomModulesResponse - parameters: - - in: path - name: foldersId - required: true - schema: - type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/findings:bulkMute: - parameters: *ref_1 - post: - description: >- - Kicks off an LRO to bulk mute findings for a parent based on a filter. - The parent can be either an organization, folder or project. The - findings matched by the filter will be muted after the LRO is done. - operationId: securitycenter.projects.findings.bulkMute - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BulkMuteFindingsRequest' + description: Gets the settings for an organization. + operationId: securitycenter.organizations.getOrganizationSettings security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -14981,29 +15429,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/OrganizationSettings' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - /v1/projects/{projectsId}/securityHealthAnalyticsSettings/customModules: - parameters: *ref_1 - post: - description: >- - Creates a resident SecurityHealthAnalyticsCustomModule at the scope of - the given CRM parent, and also creates inherited - SecurityHealthAnalyticsCustomModules for all CRM descendants of the - given parent. These modules are enabled by default. - operationId: >- - securitycenter.projects.securityHealthAnalyticsSettings.customModules.create + patch: + description: Updates an organization's settings. + operationId: securitycenter.organizations.updateOrganizationSettings requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule + $ref: '#/components/schemas/OrganizationSettings' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15015,21 +15455,28 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule + $ref: '#/components/schemas/OrganizationSettings' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - get: - description: >- - Returns a list of all SecurityHealthAnalyticsCustomModules for the given - parent. This includes resident modules defined at the scope of the - parent, and inherited modules, inherited from CRM ancestors. - operationId: >- - securitycenter.projects.securityHealthAnalyticsSettings.customModules.list + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/organizations/{organizationsId}/sources/{sourcesId}: + parameters: *ref_1 + patch: + description: Updates a source. + operationId: securitycenter.organizations.sources.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Source' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15041,32 +15488,26 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ListSecurityHealthAnalyticsCustomModulesResponse + $ref: '#/components/schemas/Source' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - - in: query - name: pageSize + - in: path + name: sourcesId + required: true schema: - type: integer - format: int32 + type: string - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/securityHealthAnalyticsSettings/customModules/{customModulesId}: - parameters: *ref_1 - delete: - description: >- - Deletes the specified SecurityHealthAnalyticsCustomModule and all of its - descendants in the CRM hierarchy. This method is only supported for - resident custom modules. - operationId: >- - securitycenter.projects.securityHealthAnalyticsSettings.customModules.delete + format: google-fieldmask + get: + description: Gets a source. + operationId: securitycenter.organizations.sources.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15078,22 +15519,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Source' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: customModulesId + name: sourcesId required: true schema: type: string - get: - description: Retrieves a SecurityHealthAnalyticsCustomModule. - operationId: >- - securitycenter.projects.securityHealthAnalyticsSettings.customModules.get + /v1/organizations/{organizationsId}/sources/{sourcesId}:setIamPolicy: + parameters: *ref_1 + post: + description: Sets the access control policy on the specified Source. + operationId: securitycenter.organizations.sources.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15105,35 +15552,28 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule + $ref: '#/components/schemas/Policy' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: customModulesId + name: sourcesId required: true schema: type: string - patch: - description: >- - Updates the SecurityHealthAnalyticsCustomModule under the given name - based on the given update mask. Updating the enablement state is - supported on both resident and inherited modules (though resident - modules cannot have an enablement state of "inherited"). Updating the - display name and custom config of a module is supported on resident - modules only. - operationId: >- - securitycenter.projects.securityHealthAnalyticsSettings.customModules.patch + /v1/organizations/{organizationsId}/sources/{sourcesId}:getIamPolicy: + parameters: *ref_1 + post: + description: Gets the access control policy on the specified Source. + operationId: securitycenter.organizations.sources.getIamPolicy requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15145,32 +15585,23 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule + $ref: '#/components/schemas/Policy' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: customModulesId + name: sourcesId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/securityHealthAnalyticsSettings/customModules:listDescendant: + /v1/organizations/{organizationsId}/sources: parameters: *ref_1 get: - description: >- - Returns a list of all resident SecurityHealthAnalyticsCustomModules - under the given CRM parent and all of the parent’s CRM descendants. - operationId: >- - securitycenter.projects.securityHealthAnalyticsSettings.customModules.listDescendant + description: Lists all sources belonging to an organization. + operationId: securitycenter.organizations.sources.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15182,11 +15613,10 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ListDescendantSecurityHealthAnalyticsCustomModulesResponse + $ref: '#/components/schemas/ListSourcesResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string @@ -15199,18 +15629,14 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/securityHealthAnalyticsSettings/customModules:simulate: - parameters: *ref_1 post: - description: Simulates a given SecurityHealthAnalyticsCustomModule and Resource. - operationId: >- - securitycenter.projects.securityHealthAnalyticsSettings.customModules.simulate + description: Creates a source. + operationId: securitycenter.organizations.sources.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/SimulateSecurityHealthAnalyticsCustomModuleRequest + $ref: '#/components/schemas/Source' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15222,20 +15648,23 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/SimulateSecurityHealthAnalyticsCustomModuleResponse + $ref: '#/components/schemas/Source' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - /v1/projects/{projectsId}/securityHealthAnalyticsSettings/effectiveCustomModules/{effectiveCustomModulesId}: + /v1/organizations/{organizationsId}/sources/{sourcesId}:testIamPermissions: parameters: *ref_1 - get: - description: Retrieves an EffectiveSecurityHealthAnalyticsCustomModule. - operationId: >- - securitycenter.projects.securityHealthAnalyticsSettings.effectiveCustomModules.get + post: + description: Returns the permissions that a caller has on the specified source. + operationId: securitycenter.organizations.sources.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15247,28 +15676,28 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: effectiveCustomModulesId + name: sourcesId required: true schema: type: string - /v1/projects/{projectsId}/securityHealthAnalyticsSettings/effectiveCustomModules: + /v1/organizations/{organizationsId}/sources/{sourcesId}/findings/{findingsId}/externalSystems/{externalSystemsId}: parameters: *ref_1 - get: - description: >- - Returns a list of all EffectiveSecurityHealthAnalyticsCustomModules for - the given parent. This includes resident modules defined at the scope of - the parent, and inherited modules, inherited from CRM ancestors. - operationId: >- - securitycenter.projects.securityHealthAnalyticsSettings.effectiveCustomModules.list + patch: + description: Updates external system. This is for a given finding. + operationId: securitycenter.organizations.sources.findings.externalSystems.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ExternalSystem' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15280,33 +15709,45 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ListEffectiveSecurityHealthAnalyticsCustomModulesResponse + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ExternalSystem' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - - in: query - name: pageSize + - in: path + name: sourcesId + required: true schema: - type: integer - format: int32 + type: string + - in: path + name: findingsId + required: true + schema: + type: string + - in: path + name: externalSystemsId + required: true + schema: + type: string - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/muteConfigs: + format: google-fieldmask + /v1/organizations/{organizationsId}/sources/{sourcesId}/findings: parameters: *ref_1 post: - description: Creates a mute config. - operationId: securitycenter.projects.muteConfigs.create + description: >- + Creates a finding. The corresponding source must exist for finding + creation to succeed. + operationId: securitycenter.organizations.sources.findings.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/Finding' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15318,52 +15759,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/Finding' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - - in: query - name: muteConfigId - schema: - type: string - get: - description: Lists mute configs. - operationId: securitycenter.projects.muteConfigs.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListMuteConfigsResponse' - parameters: - in: path - name: projectsId + name: sourcesId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: findingId schema: type: string - /v1/projects/{projectsId}/muteConfigs/{muteConfigsId}: - parameters: *ref_1 - delete: - description: Deletes an existing mute config. - operationId: securitycenter.projects.muteConfigs.delete + get: + description: >- + Lists an organization or source's findings. To list across all sources + provide a `-` as the source id. Example: + /v1/organizations/{organization_id}/sources/-/findings + operationId: securitycenter.organizations.sources.findings.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15375,21 +15792,60 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListFindingsResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: muteConfigsId + name: sourcesId required: true schema: type: string - get: - description: Gets a mute config. - operationId: securitycenter.projects.muteConfigs.get + - in: query + name: filter + schema: + type: string + - in: query + name: compareDuration + schema: + type: string + format: google-duration + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: readTime + schema: + type: string + format: google-datetime + - in: query + name: fieldMask + schema: + type: string + format: google-fieldmask + /v1/organizations/{organizationsId}/sources/{sourcesId}/findings/{findingsId}:setState: + parameters: *ref_1 + post: + description: Updates the state of a finding. + operationId: securitycenter.organizations.sources.findings.setState + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetFindingStateRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15401,26 +15857,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/Finding' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: muteConfigsId + name: sourcesId + required: true + schema: + type: string + - in: path + name: findingsId required: true schema: type: string + /v1/organizations/{organizationsId}/sources/{sourcesId}/findings/{findingsId}: + parameters: *ref_1 patch: - description: Updates a mute config. - operationId: securitycenter.projects.muteConfigs.patch + description: >- + Creates or updates a finding. The corresponding source must exist for a + finding creation to succeed. + operationId: securitycenter.organizations.sources.findings.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/Finding' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15432,15 +15897,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/Finding' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: muteConfigsId + name: sourcesId + required: true + schema: + type: string + - in: path + name: findingsId required: true schema: type: string @@ -15449,16 +15919,16 @@ paths: schema: type: string format: google-fieldmask - /v1/projects/{projectsId}/notificationConfigs: + /v1/organizations/{organizationsId}/sources/{sourcesId}/findings/{findingsId}:setMute: parameters: *ref_1 post: - description: Creates a notification config. - operationId: securitycenter.projects.notificationConfigs.create + description: Updates the mute state of a finding. + operationId: securitycenter.organizations.sources.findings.setMute requestBody: content: application/json: schema: - $ref: '#/components/schemas/NotificationConfig' + $ref: '#/components/schemas/SetMuteRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15470,20 +15940,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NotificationConfig' + $ref: '#/components/schemas/Finding' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - - in: query - name: configId + - in: path + name: sourcesId + required: true schema: type: string - get: - description: Lists notification configs. - operationId: securitycenter.projects.notificationConfigs.list + - in: path + name: findingsId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/sources/{sourcesId}/findings/{findingsId}/securityMarks: + parameters: *ref_1 + patch: + description: Updates security marks. + operationId: securitycenter.organizations.sources.findings.updateSecurityMarks + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMarks' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15495,27 +15978,49 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListNotificationConfigsResponse' + $ref: '#/components/schemas/SecurityMarks' parameters: - in: path - name: projectsId + name: organizationsId + required: true + schema: + type: string + - in: path + name: sourcesId + required: true + schema: + type: string + - in: path + name: findingsId required: true schema: type: string - in: query - name: pageToken + name: startTime schema: type: string + format: google-datetime - in: query - name: pageSize + name: updateMask schema: - type: integer - format: int32 - /v1/projects/{projectsId}/notificationConfigs/{notificationConfigsId}: + type: string + format: google-fieldmask + /v1/organizations/{organizationsId}/sources/{sourcesId}/findings:group: parameters: *ref_1 - delete: - description: Deletes a notification config. - operationId: securitycenter.projects.notificationConfigs.delete + post: + description: >- + Filters an organization or source's findings and groups them by their + specified properties. To group across all sources provide a `-` as the + source id. Example: + /v1/organizations/{organization_id}/sources/-/findings, + /v1/folders/{folder_id}/sources/-/findings, + /v1/projects/{project_id}/sources/-/findings + operationId: securitycenter.organizations.sources.findings.group + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GroupFindingsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15527,21 +16032,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/GroupFindingsResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: notificationConfigsId + name: sourcesId required: true schema: type: string + /v1/organizations/{organizationsId}/simulations/{simulationsId}/attackPaths: + parameters: *ref_1 get: - description: Gets a notification config. - operationId: securitycenter.projects.notificationConfigs.get + description: >- + Lists the attack paths for a set of simulation results or valued + resources and filter. + operationId: securitycenter.organizations.simulations.attackPaths.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15553,59 +16062,39 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NotificationConfig' + $ref: '#/components/schemas/ListAttackPathsResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: notificationConfigsId + name: simulationsId required: true schema: type: string - patch: - description: ' Updates a notification config. The following update fields are allowed: description, pubsub_topic, streaming_config.filter' - operationId: securitycenter.projects.notificationConfigs.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationConfig' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationConfig' - parameters: - - in: path - name: projectsId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: notificationConfigsId - required: true + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - in: query - name: updateMask + name: filter schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/muteConfigs/{muteConfigsId}: + /v1/organizations/{organizationsId}/simulations/{simulationsId}/valuedResources/{valuedResourcesId}/attackPaths: parameters: *ref_1 - delete: - description: Deletes an existing mute config. - operationId: securitycenter.projects.locations.muteConfigs.delete + get: + description: >- + Lists the attack paths for a set of simulation results or valued + resources and filter. + operationId: >- + securitycenter.organizations.simulations.valuedResources.attackPaths.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15617,26 +16106,41 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListAttackPathsResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: locationsId + name: simulationsId required: true schema: type: string - in: path - name: muteConfigsId + name: valuedResourcesId required: true schema: type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/organizations/{organizationsId}/simulations/{simulationsId}/valuedResources/{valuedResourcesId}: + parameters: *ref_1 get: - description: Gets a mute config. - operationId: securitycenter.projects.locations.muteConfigs.get + description: Get the valued resource by name + operationId: securitycenter.organizations.simulations.valuedResources.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15648,31 +16152,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/ValuedResource' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: locationsId + name: simulationsId required: true schema: type: string - in: path - name: muteConfigsId + name: valuedResourcesId required: true schema: type: string - patch: - description: Updates a mute config. - operationId: securitycenter.projects.locations.muteConfigs.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + /v1/organizations/{organizationsId}/simulations/{simulationsId}/valuedResources: + parameters: *ref_1 + get: + description: Lists the valued resources for a set of simulation results and filter. + operationId: securitycenter.organizations.simulations.valuedResources.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15684,33 +16185,43 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/ListValuedResourcesResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: locationsId + name: simulationsId required: true schema: type: string - - in: path - name: muteConfigsId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: updateMask + name: orderBy schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/bigQueryExports/{bigQueryExportsId}: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/organizations/{organizationsId}/simulations/{simulationsId}/attackExposureResults/{attackExposureResultsId}/attackPaths: parameters: *ref_1 get: - description: Gets a BigQuery export. - operationId: securitycenter.projects.bigQueryExports.get + description: >- + Lists the attack paths for a set of simulation results or valued + resources and filter. + operationId: >- + securitycenter.organizations.simulations.attackExposureResults.attackPaths.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15722,52 +16233,42 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + $ref: '#/components/schemas/ListAttackPathsResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: bigQueryExportsId + name: simulationsId required: true schema: type: string - delete: - description: Deletes an existing BigQuery export. - operationId: securitycenter.projects.bigQueryExports.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Empty' - parameters: - in: path - name: projectsId + name: attackExposureResultsId required: true schema: type: string - - in: path - name: bigQueryExportsId - required: true + - in: query + name: filter schema: type: string - patch: - description: Updates a BigQuery export. - operationId: securitycenter.projects.bigQueryExports.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/organizations/{organizationsId}/simulations/{simulationsId}/attackExposureResults/{attackExposureResultsId}/valuedResources: + parameters: *ref_1 + get: + description: Lists the valued resources for a set of simulation results and filter. + operationId: >- + securitycenter.organizations.simulations.attackExposureResults.valuedResources.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15779,33 +16280,47 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + $ref: '#/components/schemas/ListValuedResourcesResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: bigQueryExportsId + name: simulationsId + required: true + schema: + type: string + - in: path + name: attackExposureResultsId required: true schema: type: string - in: query - name: updateMask + name: filter schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/bigQueryExports: + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/organizations/{organizationsId}/simulations/{simulationsId}: parameters: *ref_1 - post: - description: Creates a BigQuery export. - operationId: securitycenter.projects.bigQueryExports.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + get: + description: >- + Get the simulation by name or the latest simulation for the given + organization. + operationId: securitycenter.organizations.simulations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15817,25 +16332,27 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + $ref: '#/components/schemas/Simulation' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - - in: query - name: bigQueryExportId + - in: path + name: simulationsId + required: true schema: type: string - get: + /v1/organizations/{organizationsId}/securityHealthAnalyticsSettings/customModules/{customModulesId}: + parameters: *ref_1 + delete: description: >- - Lists BigQuery exports. Note that when requesting BigQuery exports at a - given level all exports under that level are also returned e.g. if - requesting BigQuery exports under a folder, then all BigQuery exports - immediately under the folder plus the ones created under the projects - within the folder are returned. - operationId: securitycenter.projects.bigQueryExports.list + Deletes the specified SecurityHealthAnalyticsCustomModule and all of its + descendants in the CRM hierarchy. This method is only supported for + resident custom modules. + operationId: >- + securitycenter.organizations.securityHealthAnalyticsSettings.customModules.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15847,34 +16364,34 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBigQueryExportsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: customModulesId + required: true schema: type: string - /v1/projects/{projectsId}/assets:group: - parameters: *ref_1 - post: + patch: description: >- - Filters an organization's assets and groups them by their specified - properties. - operationId: securitycenter.projects.assets.group + Updates the SecurityHealthAnalyticsCustomModule under the given name + based on the given update mask. Updating the enablement state is + supported on both resident and inherited modules (though resident + modules cannot have an enablement state of "inherited"). Updating the + display name and custom config of a module is supported on resident + modules only. + operationId: >- + securitycenter.organizations.securityHealthAnalyticsSettings.customModules.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GroupAssetsRequest' + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15886,18 +16403,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GroupAssetsResponse' + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - /v1/projects/{projectsId}/assets: - parameters: *ref_1 + - in: path + name: customModulesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: Lists an organization's assets. - operationId: securitycenter.projects.assets.list + description: Retrieves a SecurityHealthAnalyticsCustomModule. + operationId: >- + securitycenter.organizations.securityHealthAnalyticsSettings.customModules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15909,55 +16436,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAssetsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: readTime - schema: - type: string - format: google-datetime - - in: query - name: compareDuration - schema: - type: string - format: google-duration - - in: query - name: fieldMask + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule + parameters: + - in: path + name: organizationsId + required: true schema: type: string - format: google-fieldmask - - in: query - name: pageToken + - in: path + name: customModulesId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/assets/{assetsId}/securityMarks: + /v1/organizations/{organizationsId}/securityHealthAnalyticsSettings/customModules:simulate: parameters: *ref_1 - patch: - description: Updates security marks. - operationId: securitycenter.projects.assets.updateSecurityMarks + post: + description: Simulates a given SecurityHealthAnalyticsCustomModule and Resource. + operationId: >- + securitycenter.organizations.securityHealthAnalyticsSettings.customModules.simulate requestBody: content: application/json: schema: - $ref: '#/components/schemas/SecurityMarks' + $ref: >- + #/components/schemas/SimulateSecurityHealthAnalyticsCustomModuleRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -15969,33 +16472,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SecurityMarks' + $ref: >- + #/components/schemas/SimulateSecurityHealthAnalyticsCustomModuleResponse parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: assetsId + name: organizationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: startTime - schema: - type: string - format: google-datetime - /v1/projects/{projectsId}/sources: + /v1/organizations/{organizationsId}/securityHealthAnalyticsSettings/customModules: parameters: *ref_1 get: - description: Lists all sources belonging to an organization. - operationId: securitycenter.projects.sources.list + description: >- + Returns a list of all SecurityHealthAnalyticsCustomModules for the given + parent. This includes resident modules defined at the scope of the + parent, and inherited modules, inherited from CRM ancestors. + operationId: >- + securitycenter.organizations.securityHealthAnalyticsSettings.customModules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16007,38 +16500,37 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSourcesResponse' + $ref: >- + #/components/schemas/ListSecurityHealthAnalyticsCustomModulesResponse parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/sources/{sourcesId}/findings:group: - parameters: *ref_1 + - in: query + name: pageToken + schema: + type: string post: description: >- - Filters an organization or source's findings and groups them by their - specified properties. To group across all sources provide a `-` as the - source id. Example: - /v1/organizations/{organization_id}/sources/-/findings, - /v1/folders/{folder_id}/sources/-/findings, - /v1/projects/{project_id}/sources/-/findings - operationId: securitycenter.projects.sources.findings.group + Creates a resident SecurityHealthAnalyticsCustomModule at the scope of + the given CRM parent, and also creates inherited + SecurityHealthAnalyticsCustomModules for all CRM descendants of the + given parent. These modules are enabled by default. + operationId: >- + securitycenter.organizations.securityHealthAnalyticsSettings.customModules.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/GroupFindingsRequest' + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16050,26 +16542,22 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GroupFindingsResponse' + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: sourcesId + name: organizationsId required: true schema: type: string - /v1/projects/{projectsId}/sources/{sourcesId}/findings: + /v1/organizations/{organizationsId}/securityHealthAnalyticsSettings/customModules:listDescendant: parameters: *ref_1 get: description: >- - Lists an organization or source's findings. To list across all sources - provide a `-` as the source id. Example: - /v1/organizations/{organization_id}/sources/-/findings - operationId: securitycenter.projects.sources.findings.list + Returns a list of all resident SecurityHealthAnalyticsCustomModules + under the given CRM parent and all of the parent’s CRM descendants. + operationId: >- + securitycenter.organizations.securityHealthAnalyticsSettings.customModules.listDescendant security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16081,41 +16569,14 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListFindingsResponse' + $ref: >- + #/components/schemas/ListDescendantSecurityHealthAnalyticsCustomModulesResponse parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: sourcesId + name: organizationsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: readTime - schema: - type: string - format: google-datetime - - in: query - name: compareDuration - schema: - type: string - format: google-duration - - in: query - name: fieldMask - schema: - type: string - format: google-fieldmask - in: query name: pageToken schema: @@ -16125,16 +16586,12 @@ paths: schema: type: integer format: int32 - /v1/projects/{projectsId}/sources/{sourcesId}/findings/{findingsId}:setState: + /v1/organizations/{organizationsId}/securityHealthAnalyticsSettings/effectiveCustomModules/{effectiveCustomModulesId}: parameters: *ref_1 - post: - description: Updates the state of a finding. - operationId: securitycenter.projects.sources.findings.setState - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetFindingStateRequest' + get: + description: Retrieves an EffectiveSecurityHealthAnalyticsCustomModule. + operationId: >- + securitycenter.organizations.securityHealthAnalyticsSettings.effectiveCustomModules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16146,33 +16603,69 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Finding' + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: sourcesId + name: effectiveCustomModulesId required: true schema: type: string + /v1/organizations/{organizationsId}/securityHealthAnalyticsSettings/effectiveCustomModules: + parameters: *ref_1 + get: + description: >- + Returns a list of all EffectiveSecurityHealthAnalyticsCustomModules for + the given parent. This includes resident modules defined at the scope of + the parent, and inherited modules, inherited from CRM ancestors. + operationId: >- + securitycenter.organizations.securityHealthAnalyticsSettings.effectiveCustomModules.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/ListEffectiveSecurityHealthAnalyticsCustomModulesResponse + parameters: - in: path - name: findingsId + name: organizationsId required: true schema: type: string - /v1/projects/{projectsId}/sources/{sourcesId}/findings/{findingsId}:setMute: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/organizations/{organizationsId}/findings:bulkMute: parameters: *ref_1 post: - description: Updates the mute state of a finding. - operationId: securitycenter.projects.sources.findings.setMute + description: >- + Kicks off an LRO to bulk mute findings for a parent based on a filter. + The parent can be either an organization, folder or project. The + findings matched by the filter will be muted after the LRO is done. + operationId: securitycenter.organizations.findings.bulkMute requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetMuteRequest' + $ref: '#/components/schemas/BulkMuteFindingsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16184,35 +16677,24 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Finding' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: sourcesId - required: true - schema: - type: string - - in: path - name: findingsId + name: organizationsId required: true schema: type: string - /v1/projects/{projectsId}/sources/{sourcesId}/findings/{findingsId}: + /v1/organizations/{organizationsId}/resourceValueConfigs/{resourceValueConfigsId}: parameters: *ref_1 patch: - description: >- - Creates or updates a finding. The corresponding source must exist for a - finding creation to succeed. - operationId: securitycenter.projects.sources.findings.patch + description: Updates an existing ResourceValueConfigs with new rules. + operationId: securitycenter.organizations.resourceValueConfigs.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Finding' + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1ResourceValueConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16224,38 +16706,27 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Finding' + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1ResourceValueConfig parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: sourcesId + name: organizationsId required: true schema: type: string - in: path - name: findingsId + name: resourceValueConfigsId required: true schema: type: string - in: query name: updateMask schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/sources/{sourcesId}/findings/{findingsId}/securityMarks: - parameters: *ref_1 - patch: - description: Updates security marks. - operationId: securitycenter.projects.sources.findings.updateSecurityMarks - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SecurityMarks' + type: string + format: google-fieldmask + get: + description: Gets a ResourceValueConfig. + operationId: securitycenter.organizations.resourceValueConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16267,43 +16738,22 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SecurityMarks' + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1ResourceValueConfig parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: sourcesId + name: organizationsId required: true schema: type: string - in: path - name: findingsId + name: resourceValueConfigsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: startTime - schema: - type: string - format: google-datetime - /v1/projects/{projectsId}/sources/{sourcesId}/findings/{findingsId}/externalSystems/{externalSystemsId}: - parameters: *ref_1 - patch: - description: Updates external system. This is for a given finding. - operationId: securitycenter.projects.sources.findings.externalSystems.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ExternalSystem' + delete: + description: Deletes a ResourceValueConfig. + operationId: securitycenter.organizations.resourceValueConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16315,45 +16765,62 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ExternalSystem' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: sourcesId + name: resourceValueConfigsId required: true schema: type: string + /v1/organizations/{organizationsId}/resourceValueConfigs: + parameters: *ref_1 + get: + description: Lists all ResourceValueConfigs. + operationId: securitycenter.organizations.resourceValueConfigs.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListResourceValueConfigsResponse' + parameters: - in: path - name: findingsId + name: organizationsId required: true schema: type: string - - in: path - name: externalSystemsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/eventThreatDetectionSettings:validateCustomModule: + /v1/organizations/{organizationsId}/resourceValueConfigs:batchCreate: parameters: *ref_1 post: - description: Validates the given Event Threat Detection custom module. - operationId: >- - securitycenter.projects.eventThreatDetectionSettings.validateCustomModule + description: >- + Creates a ResourceValueConfig for an organization. Maps user's tags to + difference resource values for use by the attack path simulation. + operationId: securitycenter.organizations.resourceValueConfigs.batchCreate requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/ValidateEventThreatDetectionCustomModuleRequest + $ref: '#/components/schemas/BatchCreateResourceValueConfigsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16365,29 +16832,20 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ValidateEventThreatDetectionCustomModuleResponse + $ref: '#/components/schemas/BatchCreateResourceValueConfigsResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - /v1/projects/{projectsId}/eventThreatDetectionSettings/customModules: + /v1/organizations/{organizationsId}/attackPaths: parameters: *ref_1 - post: + get: description: >- - Creates a resident Event Threat Detection custom module at the scope of - the given Resource Manager parent, and also creates inherited custom - modules for all descendants of the given parent. These modules are - enabled by default. - operationId: >- - securitycenter.projects.eventThreatDetectionSettings.customModules.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/EventThreatDetectionCustomModule' + Lists the attack paths for a set of simulation results or valued + resources and filter. + operationId: securitycenter.organizations.attackPaths.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16399,19 +16857,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EventThreatDetectionCustomModule' + $ref: '#/components/schemas/ListAttackPathsResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1/organizations/{organizationsId}/valuedResources: + parameters: *ref_1 get: - description: >- - Lists all Event Threat Detection custom modules for the given Resource - Manager parent. This includes resident modules defined at the scope of - the parent along with modules inherited from ancestors. - operationId: securitycenter.projects.eventThreatDetectionSettings.customModules.list + description: Lists the valued resources for a set of simulation results and filter. + operationId: securitycenter.organizations.valuedResources.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16423,16 +16893,15 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ListEventThreatDetectionCustomModulesResponse + $ref: '#/components/schemas/ListValuedResourcesResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: query - name: pageToken + name: orderBy schema: type: string - in: query @@ -16440,15 +16909,45 @@ paths: schema: type: integer format: int32 - /v1/projects/{projectsId}/eventThreatDetectionSettings/customModules/{customModulesId}: + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/organizations/{organizationsId}/notificationConfigs/{notificationConfigsId}: parameters: *ref_1 + get: + description: Gets a notification config. + operationId: securitycenter.organizations.notificationConfigs.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationConfig' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + - in: path + name: notificationConfigsId + required: true + schema: + type: string delete: - description: >- - Deletes the specified Event Threat Detection custom module and all of - its descendants in the Resource Manager hierarchy. This method is only - supported for resident custom modules. - operationId: >- - securitycenter.projects.eventThreatDetectionSettings.customModules.delete + description: Deletes a notification config. + operationId: securitycenter.organizations.notificationConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16463,18 +16962,23 @@ paths: $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: customModulesId + name: notificationConfigsId required: true schema: type: string - get: - description: Gets an Event Threat Detection custom module. - operationId: securitycenter.projects.eventThreatDetectionSettings.customModules.get + patch: + description: ' Updates a notification config. The following update fields are allowed: description, pubsub_topic, streaming_config.filter' + operationId: securitycenter.organizations.notificationConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16486,32 +16990,58 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EventThreatDetectionCustomModule' + $ref: '#/components/schemas/NotificationConfig' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: customModulesId + name: notificationConfigsId required: true schema: type: string - patch: - description: >- - Updates the Event Threat Detection custom module with the given name - based on the given update mask. Updating the enablement state is - supported for both resident and inherited modules (though resident - modules cannot have an enablement state of "inherited"). Updating the - display name or configuration of a module is supported for resident - modules only. The type of a module cannot be changed. - operationId: securitycenter.projects.eventThreatDetectionSettings.customModules.patch + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/organizations/{organizationsId}/notificationConfigs: + parameters: *ref_1 + post: + description: Creates a notification config. + operationId: securitycenter.organizations.notificationConfigs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/EventThreatDetectionCustomModule' + $ref: '#/components/schemas/NotificationConfig' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationConfig' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + - in: query + name: configId + schema: + type: string + get: + description: Lists notification configs. + operationId: securitycenter.organizations.notificationConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16523,31 +17053,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EventThreatDetectionCustomModule' + $ref: '#/components/schemas/ListNotificationConfigsResponse' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - - in: path - name: customModulesId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - /v1/projects/{projectsId}/eventThreatDetectionSettings/customModules:listDescendant: + /v1/organizations/{organizationsId}/locations/{locationsId}/muteConfigs/{muteConfigsId}: parameters: *ref_1 - get: - description: >- - Lists all resident Event Threat Detection custom modules under the given - Resource Manager parent and its descendants. - operationId: >- - securitycenter.projects.eventThreatDetectionSettings.customModules.listDescendant + patch: + description: Updates a mute config. + operationId: securitycenter.organizations.locations.muteConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16559,31 +17090,31 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ListDescendantEventThreatDetectionCustomModulesResponse + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - - in: query - name: pageToken + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: muteConfigsId + required: true schema: type: string - in: query - name: pageSize + name: updateMask schema: - type: integer - format: int32 - /v1/projects/{projectsId}/eventThreatDetectionSettings/effectiveCustomModules/{effectiveCustomModulesId}: - parameters: *ref_1 + type: string + format: google-fieldmask get: - description: >- - Gets an effective Event Threat Detection custom module at the given - level. - operationId: >- - securitycenter.projects.eventThreatDetectionSettings.effectiveCustomModules.get + description: Gets a mute config. + operationId: securitycenter.organizations.locations.muteConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16595,27 +17126,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EffectiveEventThreatDetectionCustomModule' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - in: path - name: effectiveCustomModulesId + name: locationsId required: true schema: type: string - /v1/projects/{projectsId}/eventThreatDetectionSettings/effectiveCustomModules: - parameters: *ref_1 - get: - description: >- - Lists all effective Event Threat Detection custom modules for the given - parent. This includes resident modules defined at the scope of the - parent along with modules inherited from its ancestors. - operationId: >- - securitycenter.projects.eventThreatDetectionSettings.effectiveCustomModules.list + - in: path + name: muteConfigsId + required: true + schema: + type: string + delete: + description: Deletes an existing mute config. + operationId: securitycenter.organizations.locations.muteConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16627,28 +17157,37 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ListEffectiveEventThreatDetectionCustomModulesResponse + $ref: '#/components/schemas/Empty' parameters: - in: path - name: projectsId + name: organizationsId required: true schema: type: string - - in: query - name: pageToken + - in: path + name: locationsId + required: true schema: type: string - - in: query - name: pageSize + - in: path + name: muteConfigsId + required: true schema: - type: integer - format: int32 - /v1/organizations/{organizationsId}/organizationSettings: + type: string + /v1/organizations/{organizationsId}/assets:runDiscovery: parameters: *ref_1 - get: - description: Gets the settings for an organization. - operationId: securitycenter.organizations.getOrganizationSettings + post: + description: >- + Runs asset discovery. The discovery is tracked with a long-running + operation. This API can only be called with limited frequency for an + organization. If it is called too frequently the caller will receive a + TOO_MANY_REQUESTS error. + operationId: securitycenter.organizations.assets.runDiscovery + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RunAssetDiscoveryRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16660,21 +17199,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/OrganizationSettings' + $ref: '#/components/schemas/Operation' parameters: - in: path name: organizationsId required: true schema: type: string - patch: - description: Updates an organization's settings. - operationId: securitycenter.organizations.updateOrganizationSettings + /v1/organizations/{organizationsId}/assets:group: + parameters: *ref_1 + post: + description: >- + Filters an organization's assets and groups them by their specified + properties. + operationId: securitycenter.organizations.assets.group requestBody: content: application/json: schema: - $ref: '#/components/schemas/OrganizationSettings' + $ref: '#/components/schemas/GroupAssetsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16686,25 +17229,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/OrganizationSettings' + $ref: '#/components/schemas/GroupAssetsResponse' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/organizations/{organizationsId}/operations: + /v1/organizations/{organizationsId}/assets: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: securitycenter.organizations.operations.list + description: Lists an organization's assets. + operationId: securitycenter.organizations.assets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16716,17 +17252,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/ListAssetsResponse' parameters: - in: path name: organizationsId required: true schema: type: string + - in: query + name: compareDuration + schema: + type: string + format: google-duration + - in: query + name: orderBy + schema: + type: string - in: query name: filter schema: type: string + - in: query + name: readTime + schema: + type: string + format: google-datetime - in: query name: pageSize schema: @@ -16736,14 +17286,21 @@ paths: name: pageToken schema: type: string - /v1/organizations/{organizationsId}/operations/{operationsId}: + - in: query + name: fieldMask + schema: + type: string + format: google-fieldmask + /v1/organizations/{organizationsId}/assets/{assetsId}/securityMarks: parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: securitycenter.organizations.operations.get + patch: + description: Updates security marks. + operationId: securitycenter.organizations.assets.updateSecurityMarks + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMarks' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16755,7 +17312,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/SecurityMarks' parameters: - in: path name: organizationsId @@ -16763,17 +17320,32 @@ paths: schema: type: string - in: path - name: operationsId + name: assetsId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: securitycenter.organizations.operations.delete + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: startTime + schema: + type: string + format: google-datetime + /v1/organizations/{organizationsId}/eventThreatDetectionSettings:validateCustomModule: + parameters: *ref_1 + post: + description: Validates the given Event Threat Detection custom module. + operationId: >- + securitycenter.organizations.eventThreatDetectionSettings.validateCustomModule + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/ValidateEventThreatDetectionCustomModuleRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16785,32 +17357,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: >- + #/components/schemas/ValidateEventThreatDetectionCustomModuleResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/organizations/{organizationsId}/operations/{operationsId}:cancel: + /v1/organizations/{organizationsId}/eventThreatDetectionSettings/effectiveCustomModules: parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: securitycenter.organizations.operations.cancel + Lists all effective Event Threat Detection custom modules for the given + parent. This includes resident modules defined at the scope of the + parent along with modules inherited from its ancestors. + operationId: >- + securitycenter.organizations.eventThreatDetectionSettings.effectiveCustomModules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16822,31 +17385,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: >- + #/components/schemas/ListEffectiveEventThreatDetectionCustomModulesResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageToken schema: type: string - /v1/organizations/{organizationsId}/findings:bulkMute: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/organizations/{organizationsId}/eventThreatDetectionSettings/effectiveCustomModules/{effectiveCustomModulesId}: parameters: *ref_1 - post: + get: description: >- - Kicks off an LRO to bulk mute findings for a parent based on a filter. - The parent can be either an organization, folder or project. The - findings matched by the filter will be muted after the LRO is done. - operationId: securitycenter.organizations.findings.bulkMute - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BulkMuteFindingsRequest' + Gets an effective Event Threat Detection custom module at the given + level. + operationId: >- + securitycenter.organizations.eventThreatDetectionSettings.effectiveCustomModules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16858,29 +17421,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/EffectiveEventThreatDetectionCustomModule' parameters: - in: path name: organizationsId required: true schema: type: string - /v1/organizations/{organizationsId}/securityHealthAnalyticsSettings/customModules: + - in: path + name: effectiveCustomModulesId + required: true + schema: + type: string + /v1/organizations/{organizationsId}/eventThreatDetectionSettings/customModules/{customModulesId}: parameters: *ref_1 - post: + patch: description: >- - Creates a resident SecurityHealthAnalyticsCustomModule at the scope of - the given CRM parent, and also creates inherited - SecurityHealthAnalyticsCustomModules for all CRM descendants of the - given parent. These modules are enabled by default. + Updates the Event Threat Detection custom module with the given name + based on the given update mask. Updating the enablement state is + supported for both resident and inherited modules (though resident + modules cannot have an enablement state of "inherited"). Updating the + display name or configuration of a module is supported for resident + modules only. The type of a module cannot be changed. operationId: >- - securitycenter.organizations.securityHealthAnalyticsSettings.customModules.create + securitycenter.organizations.eventThreatDetectionSettings.customModules.patch requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule + $ref: '#/components/schemas/EventThreatDetectionCustomModule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16892,21 +17461,27 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule + $ref: '#/components/schemas/EventThreatDetectionCustomModule' parameters: - in: path name: organizationsId required: true schema: type: string + - in: path + name: customModulesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: >- - Returns a list of all SecurityHealthAnalyticsCustomModules for the given - parent. This includes resident modules defined at the scope of the - parent, and inherited modules, inherited from CRM ancestors. + description: Gets an Event Threat Detection custom module. operationId: >- - securitycenter.organizations.securityHealthAnalyticsSettings.customModules.list + securitycenter.organizations.eventThreatDetectionSettings.customModules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16918,32 +17493,25 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ListSecurityHealthAnalyticsCustomModulesResponse + $ref: '#/components/schemas/EventThreatDetectionCustomModule' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: customModulesId + required: true schema: type: string - /v1/organizations/{organizationsId}/securityHealthAnalyticsSettings/customModules/{customModulesId}: - parameters: *ref_1 delete: description: >- - Deletes the specified SecurityHealthAnalyticsCustomModule and all of its - descendants in the CRM hierarchy. This method is only supported for - resident custom modules. + Deletes the specified Event Threat Detection custom module and all of + its descendants in the Resource Manager hierarchy. This method is only + supported for resident custom modules. operationId: >- - securitycenter.organizations.securityHealthAnalyticsSettings.customModules.delete + securitycenter.organizations.eventThreatDetectionSettings.customModules.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16967,10 +17535,21 @@ paths: required: true schema: type: string - get: - description: Retrieves a SecurityHealthAnalyticsCustomModule. + /v1/organizations/{organizationsId}/eventThreatDetectionSettings/customModules: + parameters: *ref_1 + post: + description: >- + Creates a resident Event Threat Detection custom module at the scope of + the given Resource Manager parent, and also creates inherited custom + modules for all descendants of the given parent. These modules are + enabled by default. operationId: >- - securitycenter.organizations.securityHealthAnalyticsSettings.customModules.get + securitycenter.organizations.eventThreatDetectionSettings.customModules.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EventThreatDetectionCustomModule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -16982,35 +17561,20 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule + $ref: '#/components/schemas/EventThreatDetectionCustomModule' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: customModulesId - required: true - schema: - type: string - patch: + get: description: >- - Updates the SecurityHealthAnalyticsCustomModule under the given name - based on the given update mask. Updating the enablement state is - supported on both resident and inherited modules (though resident - modules cannot have an enablement state of "inherited"). Updating the - display name and custom config of a module is supported on resident - modules only. + Lists all Event Threat Detection custom modules for the given Resource + Manager parent. This includes resident modules defined at the scope of + the parent along with modules inherited from ancestors. operationId: >- - securitycenter.organizations.securityHealthAnalyticsSettings.customModules.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule + securitycenter.organizations.eventThreatDetectionSettings.customModules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17023,31 +17587,30 @@ paths: application/json: schema: $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule + #/components/schemas/ListEventThreatDetectionCustomModulesResponse parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: customModulesId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - /v1/organizations/{organizationsId}/securityHealthAnalyticsSettings/customModules:listDescendant: + /v1/organizations/{organizationsId}/eventThreatDetectionSettings/customModules:listDescendant: parameters: *ref_1 get: description: >- - Returns a list of all resident SecurityHealthAnalyticsCustomModules - under the given CRM parent and all of the parent’s CRM descendants. + Lists all resident Event Threat Detection custom modules under the given + Resource Manager parent and its descendants. operationId: >- - securitycenter.organizations.securityHealthAnalyticsSettings.customModules.listDescendant + securitycenter.organizations.eventThreatDetectionSettings.customModules.listDescendant security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17060,34 +17623,32 @@ paths: application/json: schema: $ref: >- - #/components/schemas/ListDescendantSecurityHealthAnalyticsCustomModulesResponse + #/components/schemas/ListDescendantEventThreatDetectionCustomModulesResponse parameters: - in: path name: organizationsId required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/organizations/{organizationsId}/securityHealthAnalyticsSettings/customModules:simulate: + /v1/organizations/{organizationsId}/muteConfigs: parameters: *ref_1 post: - description: Simulates a given SecurityHealthAnalyticsCustomModule and Resource. - operationId: >- - securitycenter.organizations.securityHealthAnalyticsSettings.customModules.simulate + description: Creates a mute config. + operationId: securitycenter.organizations.muteConfigs.create requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/SimulateSecurityHealthAnalyticsCustomModuleRequest + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17099,20 +17660,20 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/SimulateSecurityHealthAnalyticsCustomModuleResponse + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' parameters: - in: path name: organizationsId required: true schema: type: string - /v1/organizations/{organizationsId}/securityHealthAnalyticsSettings/effectiveCustomModules/{effectiveCustomModulesId}: - parameters: *ref_1 + - in: query + name: muteConfigId + schema: + type: string get: - description: Retrieves an EffectiveSecurityHealthAnalyticsCustomModule. - operationId: >- - securitycenter.organizations.securityHealthAnalyticsSettings.effectiveCustomModules.get + description: Lists mute configs. + operationId: securitycenter.organizations.muteConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17124,28 +17685,27 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule + $ref: '#/components/schemas/ListMuteConfigsResponse' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: effectiveCustomModulesId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/organizations/{organizationsId}/securityHealthAnalyticsSettings/effectiveCustomModules: + /v1/organizations/{organizationsId}/muteConfigs/{muteConfigsId}: parameters: *ref_1 - get: - description: >- - Returns a list of all EffectiveSecurityHealthAnalyticsCustomModules for - the given parent. This includes resident modules defined at the scope of - the parent, and inherited modules, inherited from CRM ancestors. - operationId: >- - securitycenter.organizations.securityHealthAnalyticsSettings.effectiveCustomModules.list + delete: + description: Deletes an existing mute config. + operationId: securitycenter.organizations.muteConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17157,33 +17717,21 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ListEffectiveSecurityHealthAnalyticsCustomModulesResponse + $ref: '#/components/schemas/Empty' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: muteConfigsId + required: true schema: type: string - /v1/organizations/{organizationsId}/sources: - parameters: *ref_1 - post: - description: Creates a source. - operationId: securitycenter.organizations.sources.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Source' + get: + description: Gets a mute config. + operationId: securitycenter.organizations.muteConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17195,16 +17743,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Source' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' parameters: - in: path name: organizationsId required: true schema: type: string - get: - description: Lists all sources belonging to an organization. - operationId: securitycenter.organizations.sources.list + - in: path + name: muteConfigsId + required: true + schema: + type: string + patch: + description: Updates a mute config. + operationId: securitycenter.organizations.muteConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17216,32 +17774,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSourcesResponse' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' parameters: - in: path name: organizationsId required: true schema: type: string - - in: query - name: pageToken + - in: path + name: muteConfigsId + required: true schema: type: string - in: query - name: pageSize + name: updateMask schema: - type: integer - format: int32 - /v1/organizations/{organizationsId}/sources/{sourcesId}:getIamPolicy: + type: string + format: google-fieldmask + /v1/organizations/{organizationsId}/bigQueryExports/{bigQueryExportsId}: parameters: *ref_1 - post: - description: Gets the access control policy on the specified Source. - operationId: securitycenter.organizations.sources.getIamPolicy + patch: + description: Updates a BigQuery export. + operationId: securitycenter.organizations.bigQueryExports.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17253,7 +17812,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' parameters: - in: path name: organizationsId @@ -17261,15 +17820,18 @@ paths: schema: type: string - in: path - name: sourcesId + name: bigQueryExportsId required: true schema: type: string - /v1/organizations/{organizationsId}/sources/{sourcesId}: - parameters: *ref_1 + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask get: - description: Gets a source. - operationId: securitycenter.organizations.sources.get + description: Gets a BigQuery export. + operationId: securitycenter.organizations.bigQueryExports.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17281,7 +17843,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Source' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' parameters: - in: path name: organizationsId @@ -17289,18 +17851,13 @@ paths: schema: type: string - in: path - name: sourcesId + name: bigQueryExportsId required: true schema: type: string - patch: - description: Updates a source. - operationId: securitycenter.organizations.sources.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Source' + delete: + description: Deletes an existing BigQuery export. + operationId: securitycenter.organizations.bigQueryExports.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17312,7 +17869,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Source' + $ref: '#/components/schemas/Empty' parameters: - in: path name: organizationsId @@ -17320,25 +17877,20 @@ paths: schema: type: string - in: path - name: sourcesId + name: bigQueryExportsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/organizations/{organizationsId}/sources/{sourcesId}:setIamPolicy: + /v1/organizations/{organizationsId}/bigQueryExports: parameters: *ref_1 - post: - description: Sets the access control policy on the specified Source. - operationId: securitycenter.organizations.sources.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + get: + description: >- + Lists BigQuery exports. Note that when requesting BigQuery exports at a + given level all exports under that level are also returned e.g. if + requesting BigQuery exports under a folder, then all BigQuery exports + immediately under the folder plus the ones created under the projects + within the folder are returned. + operationId: securitycenter.organizations.bigQueryExports.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17350,28 +17902,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListBigQueryExportsResponse' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: sourcesId - required: true + - in: query + name: pageToken schema: type: string - /v1/organizations/{organizationsId}/sources/{sourcesId}:testIamPermissions: - parameters: *ref_1 + - in: query + name: pageSize + schema: + type: integer + format: int32 post: - description: Returns the permissions that a caller has on the specified source. - operationId: securitycenter.organizations.sources.testIamPermissions + description: Creates a BigQuery export. + operationId: securitycenter.organizations.bigQueryExports.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17383,30 +17937,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: sourcesId - required: true + - in: query + name: bigQueryExportId schema: type: string - /v1/organizations/{organizationsId}/sources/{sourcesId}/findings: + /v1/organizations/{organizationsId}/operations/{operationsId}: parameters: *ref_1 - post: + get: description: >- - Creates a finding. The corresponding source must exist for finding - creation to succeed. - operationId: securitycenter.organizations.sources.findings.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Finding' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: securitycenter.organizations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17418,7 +17967,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Finding' + $ref: '#/components/schemas/Operation' parameters: - in: path name: organizationsId @@ -17426,20 +17975,17 @@ paths: schema: type: string - in: path - name: sourcesId + name: operationsId required: true schema: type: string - - in: query - name: findingId - schema: - type: string - get: + delete: description: >- - Lists an organization or source's findings. To list across all sources - provide a `-` as the source id. Example: - /v1/organizations/{organization_id}/sources/-/findings - operationId: securitycenter.organizations.sources.findings.list + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: securitycenter.organizations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17451,7 +17997,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListFindingsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: organizationsId @@ -17459,58 +18005,17 @@ paths: schema: type: string - in: path - name: sourcesId + name: operationsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: readTime - schema: - type: string - format: google-datetime - - in: query - name: compareDuration - schema: - type: string - format: google-duration - - in: query - name: fieldMask - schema: - type: string - format: google-fieldmask - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - /v1/organizations/{organizationsId}/sources/{sourcesId}/findings:group: + /v1/organizations/{organizationsId}/operations: parameters: *ref_1 - post: + get: description: >- - Filters an organization or source's findings and groups them by their - specified properties. To group across all sources provide a `-` as the - source id. Example: - /v1/organizations/{organization_id}/sources/-/findings, - /v1/folders/{folder_id}/sources/-/findings, - /v1/projects/{project_id}/sources/-/findings - operationId: securitycenter.organizations.sources.findings.group - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GroupFindingsRequest' + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: securitycenter.organizations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17522,28 +18027,44 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GroupFindingsResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: organizationsId required: true schema: type: string - - in: path - name: sourcesId - required: true + - in: query + name: pageToken schema: type: string - /v1/organizations/{organizationsId}/sources/{sourcesId}/findings/{findingsId}:setState: + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/organizations/{organizationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: - description: Updates the state of a finding. - operationId: securitycenter.organizations.sources.findings.setState - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetFindingStateRequest' + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: securitycenter.organizations.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17555,7 +18076,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Finding' + $ref: '#/components/schemas/Empty' parameters: - in: path name: organizationsId @@ -17563,25 +18084,15 @@ paths: schema: type: string - in: path - name: sourcesId - required: true - schema: - type: string - - in: path - name: findingsId - required: true - schema: - type: string - /v1/organizations/{organizationsId}/sources/{sourcesId}/findings/{findingsId}:setMute: - parameters: *ref_1 - post: - description: Updates the mute state of a finding. - operationId: securitycenter.organizations.sources.findings.setMute - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetMuteRequest' + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/assets: + parameters: *ref_1 + get: + description: Lists an organization's assets. + operationId: securitycenter.projects.assets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17593,35 +18104,57 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Finding' + $ref: '#/components/schemas/ListAssetsResponse' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: path - name: sourcesId - required: true + - in: query + name: readTime schema: type: string - - in: path - name: findingsId - required: true + format: google-datetime + - in: query + name: filter schema: type: string - /v1/organizations/{organizationsId}/sources/{sourcesId}/findings/{findingsId}: + - in: query + name: fieldMask + schema: + type: string + format: google-fieldmask + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: compareDuration + schema: + type: string + format: google-duration + - in: query + name: orderBy + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/assets:group: parameters: *ref_1 - patch: + post: description: >- - Creates or updates a finding. The corresponding source must exist for a - finding creation to succeed. - operationId: securitycenter.organizations.sources.findings.patch + Filters an organization's assets and groups them by their specified + properties. + operationId: securitycenter.projects.assets.group requestBody: content: application/json: schema: - $ref: '#/components/schemas/Finding' + $ref: '#/components/schemas/GroupAssetsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17633,33 +18166,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Finding' + $ref: '#/components/schemas/GroupAssetsResponse' parameters: - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: sourcesId - required: true - schema: - type: string - - in: path - name: findingsId + name: projectsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/organizations/{organizationsId}/sources/{sourcesId}/findings/{findingsId}/securityMarks: + /v1/projects/{projectsId}/assets/{assetsId}/securityMarks: parameters: *ref_1 patch: description: Updates security marks. - operationId: securitycenter.organizations.sources.findings.updateSecurityMarks + operationId: securitycenter.projects.assets.updateSecurityMarks requestBody: content: application/json: @@ -17679,17 +18197,12 @@ paths: $ref: '#/components/schemas/SecurityMarks' parameters: - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: sourcesId + name: projectsId required: true schema: type: string - in: path - name: findingsId + name: assetsId required: true schema: type: string @@ -17703,16 +18216,16 @@ paths: schema: type: string format: google-datetime - /v1/organizations/{organizationsId}/sources/{sourcesId}/findings/{findingsId}/externalSystems/{externalSystemsId}: + /v1/projects/{projectsId}/sources/{sourcesId}/findings/{findingsId}/securityMarks: parameters: *ref_1 patch: - description: Updates external system. This is for a given finding. - operationId: securitycenter.organizations.sources.findings.externalSystems.patch + description: Updates security marks. + operationId: securitycenter.projects.sources.findings.updateSecurityMarks requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ExternalSystem' + $ref: '#/components/schemas/SecurityMarks' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17724,10 +18237,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ExternalSystem' + $ref: '#/components/schemas/SecurityMarks' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -17741,26 +18254,26 @@ paths: required: true schema: type: string - - in: path - name: externalSystemsId - required: true - schema: - type: string - in: query name: updateMask schema: type: string format: google-fieldmask - /v1/organizations/{organizationsId}/muteConfigs: + - in: query + name: startTime + schema: + type: string + format: google-datetime + /v1/projects/{projectsId}/sources/{sourcesId}/findings/{findingsId}:setState: parameters: *ref_1 post: - description: Creates a mute config. - operationId: securitycenter.organizations.muteConfigs.create + description: Updates the state of a finding. + operationId: securitycenter.projects.sources.findings.setState requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/SetFindingStateRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17772,52 +18285,39 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/Finding' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: query - name: muteConfigId - schema: - type: string - get: - description: Lists mute configs. - operationId: securitycenter.organizations.muteConfigs.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListMuteConfigsResponse' - parameters: - in: path - name: organizationsId + name: sourcesId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: findingsId + required: true schema: type: string - /v1/organizations/{organizationsId}/muteConfigs/{muteConfigsId}: + /v1/projects/{projectsId}/sources/{sourcesId}/findings:group: parameters: *ref_1 - delete: - description: Deletes an existing mute config. - operationId: securitycenter.organizations.muteConfigs.delete + post: + description: >- + Filters an organization or source's findings and groups them by their + specified properties. To group across all sources provide a `-` as the + source id. Example: + /v1/organizations/{organization_id}/sources/-/findings, + /v1/folders/{folder_id}/sources/-/findings, + /v1/projects/{project_id}/sources/-/findings + operationId: securitycenter.projects.sources.findings.group + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GroupFindingsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17829,21 +18329,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/GroupFindingsResponse' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: path - name: muteConfigsId + name: sourcesId required: true schema: type: string - get: - description: Gets a mute config. - operationId: securitycenter.organizations.muteConfigs.get + /v1/projects/{projectsId}/sources/{sourcesId}/findings/{findingsId}:setMute: + parameters: *ref_1 + post: + description: Updates the mute state of a finding. + operationId: securitycenter.projects.sources.findings.setMute + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetMuteRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17855,26 +18362,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/Finding' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: path - name: muteConfigsId + name: sourcesId + required: true + schema: + type: string + - in: path + name: findingsId required: true schema: type: string + /v1/projects/{projectsId}/sources/{sourcesId}/findings/{findingsId}: + parameters: *ref_1 patch: - description: Updates a mute config. - operationId: securitycenter.organizations.muteConfigs.patch + description: >- + Creates or updates a finding. The corresponding source must exist for a + finding creation to succeed. + operationId: securitycenter.projects.sources.findings.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/Finding' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17886,58 +18402,36 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/Finding' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: path - name: muteConfigsId + name: sourcesId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/organizations/{organizationsId}/notificationConfigs: - parameters: *ref_1 - post: - description: Creates a notification config. - operationId: securitycenter.organizations.notificationConfigs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationConfig' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationConfig' - parameters: - in: path - name: organizationsId + name: findingsId required: true schema: type: string - in: query - name: configId + name: updateMask schema: type: string + format: google-fieldmask + /v1/projects/{projectsId}/sources/{sourcesId}/findings: + parameters: *ref_1 get: - description: Lists notification configs. - operationId: securitycenter.organizations.notificationConfigs.list + description: >- + Lists an organization or source's findings. To list across all sources + provide a `-` as the source id. Example: + /v1/organizations/{organization_id}/sources/-/findings + operationId: securitycenter.projects.sources.findings.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17949,15 +18443,16 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListNotificationConfigsResponse' + $ref: '#/components/schemas/ListFindingsResponse' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: query - name: pageToken + - in: path + name: sourcesId + required: true schema: type: string - in: query @@ -17965,11 +18460,43 @@ paths: schema: type: integer format: int32 - /v1/organizations/{organizationsId}/notificationConfigs/{notificationConfigsId}: + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: readTime + schema: + type: string + format: google-datetime + - in: query + name: compareDuration + schema: + type: string + format: google-duration + - in: query + name: fieldMask + schema: + type: string + format: google-fieldmask + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/sources/{sourcesId}/findings/{findingsId}/externalSystems/{externalSystemsId}: parameters: *ref_1 - delete: - description: Deletes a notification config. - operationId: securitycenter.organizations.notificationConfigs.delete + patch: + description: Updates external system. This is for a given finding. + operationId: securitycenter.projects.sources.findings.externalSystems.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ExternalSystem' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -17981,21 +18508,38 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1ExternalSystem' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: path - name: notificationConfigsId + name: sourcesId + required: true + schema: + type: string + - in: path + name: findingsId + required: true + schema: + type: string + - in: path + name: externalSystemsId required: true schema: type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/sources: + parameters: *ref_1 get: - description: Gets a notification config. - operationId: securitycenter.organizations.notificationConfigs.get + description: Lists all sources belonging to an organization. + operationId: securitycenter.projects.sources.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18007,26 +18551,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NotificationConfig' + $ref: '#/components/schemas/ListSourcesResponse' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: path - name: notificationConfigsId - required: true + - in: query + name: pageToken schema: type: string - patch: - description: ' Updates a notification config. The following update fields are allowed: description, pubsub_topic, streaming_config.filter' - operationId: securitycenter.organizations.notificationConfigs.patch + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/findings:bulkMute: + parameters: *ref_1 + post: + description: >- + Kicks off an LRO to bulk mute findings for a parent based on a filter. + The parent can be either an organization, folder or project. The + findings matched by the filter will be muted after the LRO is done. + operationId: securitycenter.projects.findings.bulkMute requestBody: content: application/json: schema: - $ref: '#/components/schemas/NotificationConfig' + $ref: '#/components/schemas/BulkMuteFindingsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18038,28 +18591,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NotificationConfig' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: notificationConfigsId + name: projectsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/organizations/{organizationsId}/locations/{locationsId}/muteConfigs/{muteConfigsId}: + /v1/projects/{projectsId}/locations/{locationsId}/muteConfigs/{muteConfigsId}: parameters: *ref_1 - delete: - description: Deletes an existing mute config. - operationId: securitycenter.organizations.locations.muteConfigs.delete + patch: + description: Updates a mute config. + operationId: securitycenter.projects.locations.muteConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18071,10 +18619,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -18088,9 +18636,14 @@ paths: required: true schema: type: string - get: - description: Gets a mute config. - operationId: securitycenter.organizations.locations.muteConfigs.get + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes an existing mute config. + operationId: securitycenter.projects.locations.muteConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18102,10 +18655,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -18119,14 +18672,9 @@ paths: required: true schema: type: string - patch: - description: Updates a mute config. - operationId: securitycenter.organizations.locations.muteConfigs.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' + get: + description: Gets a mute config. + operationId: securitycenter.projects.locations.muteConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18141,7 +18689,7 @@ paths: $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -18155,18 +18703,14 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/organizations/{organizationsId}/simulations/{simulationsId}: + /v1/projects/{projectsId}/eventThreatDetectionSettings/effectiveCustomModules/{effectiveCustomModulesId}: parameters: *ref_1 get: description: >- - Get the simulation by name or the latest simulation for the given - organization. - operationId: securitycenter.organizations.simulations.get + Gets an effective Event Threat Detection custom module at the given + level. + operationId: >- + securitycenter.projects.eventThreatDetectionSettings.effectiveCustomModules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18178,23 +18722,27 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Simulation' + $ref: '#/components/schemas/EffectiveEventThreatDetectionCustomModule' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: path - name: simulationsId + name: effectiveCustomModulesId required: true schema: type: string - /v1/organizations/{organizationsId}/simulations/{simulationsId}/valuedResources/{valuedResourcesId}: + /v1/projects/{projectsId}/eventThreatDetectionSettings/effectiveCustomModules: parameters: *ref_1 get: - description: Get the valued resource by name - operationId: securitycenter.organizations.simulations.valuedResources.get + description: >- + Lists all effective Event Threat Detection custom modules for the given + parent. This includes resident modules defined at the scope of the + parent along with modules inherited from its ancestors. + operationId: >- + securitycenter.projects.eventThreatDetectionSettings.effectiveCustomModules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18206,28 +18754,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ValuedResource' + $ref: >- + #/components/schemas/ListEffectiveEventThreatDetectionCustomModulesResponse parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: path - name: simulationsId - required: true + - in: query + name: pageSize schema: - type: string - - in: path - name: valuedResourcesId - required: true + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - /v1/organizations/{organizationsId}/simulations/{simulationsId}/valuedResources: + /v1/projects/{projectsId}/eventThreatDetectionSettings/customModules/{customModulesId}: parameters: *ref_1 - get: - description: Lists the valued resources for a set of simulation results and filter. - operationId: securitycenter.organizations.simulations.valuedResources.list + delete: + description: >- + Deletes the specified Event Threat Detection custom module and all of + its descendants in the Resource Manager hierarchy. This method is only + supported for resident custom modules. + operationId: >- + securitycenter.projects.eventThreatDetectionSettings.customModules.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18239,43 +18791,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListValuedResourcesResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: path - name: simulationsId + name: customModulesId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: orderBy - schema: - type: string - /v1/organizations/{organizationsId}/simulations/{simulationsId}/valuedResources/{valuedResourcesId}/attackPaths: - parameters: *ref_1 - get: + patch: description: >- - Lists the attack paths for a set of simulation results or valued - resources and filter. - operationId: >- - securitycenter.organizations.simulations.valuedResources.attackPaths.list + Updates the Event Threat Detection custom module with the given name + based on the given update mask. Updating the enablement state is + supported for both resident and inherited modules (though resident + modules cannot have an enablement state of "inherited"). Updating the + display name or configuration of a module is supported for resident + modules only. The type of a module cannot be changed. + operationId: securitycenter.projects.eventThreatDetectionSettings.customModules.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EventThreatDetectionCustomModule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18287,42 +18828,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAttackPathsResponse' + $ref: '#/components/schemas/EventThreatDetectionCustomModule' parameters: - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: simulationsId + name: projectsId required: true schema: type: string - in: path - name: valuedResourcesId + name: customModulesId required: true schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: pageToken + name: updateMask schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - /v1/organizations/{organizationsId}/simulations/{simulationsId}/attackExposureResults/{attackExposureResultsId}/valuedResources: - parameters: *ref_1 + format: google-fieldmask get: - description: Lists the valued resources for a set of simulation results and filter. - operationId: >- - securitycenter.organizations.simulations.attackExposureResults.valuedResources.list + description: Gets an Event Threat Detection custom module. + operationId: securitycenter.projects.eventThreatDetectionSettings.customModules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18334,48 +18859,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListValuedResourcesResponse' + $ref: '#/components/schemas/EventThreatDetectionCustomModule' parameters: - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: simulationsId + name: projectsId required: true schema: type: string - in: path - name: attackExposureResultsId + name: customModulesId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: orderBy - schema: - type: string - /v1/organizations/{organizationsId}/simulations/{simulationsId}/attackExposureResults/{attackExposureResultsId}/attackPaths: + /v1/projects/{projectsId}/eventThreatDetectionSettings/customModules: parameters: *ref_1 - get: + post: description: >- - Lists the attack paths for a set of simulation results or valued - resources and filter. + Creates a resident Event Threat Detection custom module at the scope of + the given Resource Manager parent, and also creates inherited custom + modules for all descendants of the given parent. These modules are + enabled by default. operationId: >- - securitycenter.organizations.simulations.attackExposureResults.attackPaths.list + securitycenter.projects.eventThreatDetectionSettings.customModules.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EventThreatDetectionCustomModule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18387,43 +18897,55 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAttackPathsResponse' + $ref: '#/components/schemas/EventThreatDetectionCustomModule' parameters: - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: simulationsId + name: projectsId required: true schema: type: string + get: + description: >- + Lists all Event Threat Detection custom modules for the given Resource + Manager parent. This includes resident modules defined at the scope of + the parent along with modules inherited from ancestors. + operationId: securitycenter.projects.eventThreatDetectionSettings.customModules.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: >- + #/components/schemas/ListEventThreatDetectionCustomModulesResponse + parameters: - in: path - name: attackExposureResultsId + name: projectsId required: true schema: type: string - in: query - name: filter + name: pageSize schema: - type: string + type: integer + format: int32 - in: query name: pageToken schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - /v1/organizations/{organizationsId}/simulations/{simulationsId}/attackPaths: + /v1/projects/{projectsId}/eventThreatDetectionSettings/customModules:listDescendant: parameters: *ref_1 get: description: >- - Lists the attack paths for a set of simulation results or valued - resources and filter. - operationId: securitycenter.organizations.simulations.attackPaths.list + Lists all resident Event Threat Detection custom modules under the given + Resource Manager parent and its descendants. + operationId: >- + securitycenter.projects.eventThreatDetectionSettings.customModules.listDescendant security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18435,36 +18957,35 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAttackPathsResponse' + $ref: >- + #/components/schemas/ListDescendantEventThreatDetectionCustomModulesResponse parameters: - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: simulationsId + name: projectsId required: true schema: type: string - in: query - name: filter + name: pageSize schema: - type: string + type: integer + format: int32 - in: query name: pageToken schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - /v1/organizations/{organizationsId}/bigQueryExports/{bigQueryExportsId}: + /v1/projects/{projectsId}/eventThreatDetectionSettings:validateCustomModule: parameters: *ref_1 - get: - description: Gets a BigQuery export. - operationId: securitycenter.organizations.bigQueryExports.get + post: + description: Validates the given Event Threat Detection custom module. + operationId: >- + securitycenter.projects.eventThreatDetectionSettings.validateCustomModule + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/ValidateEventThreatDetectionCustomModuleRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18476,21 +18997,24 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + $ref: >- + #/components/schemas/ValidateEventThreatDetectionCustomModuleResponse parameters: - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: bigQueryExportsId + name: projectsId required: true schema: type: string - delete: - description: Deletes an existing BigQuery export. - operationId: securitycenter.organizations.bigQueryExports.delete + /v1/projects/{projectsId}/bigQueryExports: + parameters: *ref_1 + post: + description: Creates a BigQuery export. + operationId: securitycenter.projects.bigQueryExports.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18502,26 +19026,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: path - name: bigQueryExportsId - required: true + - in: query + name: bigQueryExportId schema: type: string - patch: - description: Updates a BigQuery export. - operationId: securitycenter.organizations.bigQueryExports.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + get: + description: >- + Lists BigQuery exports. Note that when requesting BigQuery exports at a + given level all exports under that level are also returned e.g. if + requesting BigQuery exports under a folder, then all BigQuery exports + immediately under the folder plus the ones created under the projects + within the folder are returned. + operationId: securitycenter.projects.bigQueryExports.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18533,28 +19056,27 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' + $ref: '#/components/schemas/ListBigQueryExportsResponse' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: path - name: bigQueryExportsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - /v1/organizations/{organizationsId}/bigQueryExports: + /v1/projects/{projectsId}/bigQueryExports/{bigQueryExportsId}: parameters: *ref_1 - post: - description: Creates a BigQuery export. - operationId: securitycenter.organizations.bigQueryExports.create + patch: + description: Updates a BigQuery export. + operationId: securitycenter.projects.bigQueryExports.patch requestBody: content: application/json: @@ -18574,22 +19096,23 @@ paths: $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' parameters: - in: path - name: organizationsId + name: projectsId + required: true + schema: + type: string + - in: path + name: bigQueryExportsId required: true schema: type: string - in: query - name: bigQueryExportId + name: updateMask schema: type: string + format: google-fieldmask get: - description: >- - Lists BigQuery exports. Note that when requesting BigQuery exports at a - given level all exports under that level are also returned e.g. if - requesting BigQuery exports under a folder, then all BigQuery exports - immediately under the folder plus the ones created under the projects - within the folder are returned. - operationId: securitycenter.organizations.bigQueryExports.list + description: Gets a BigQuery export. + operationId: securitycenter.projects.bigQueryExports.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18601,34 +19124,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBigQueryExportsResponse' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1BigQueryExport' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: bigQueryExportsId + required: true schema: type: string - /v1/organizations/{organizationsId}/assets:group: - parameters: *ref_1 - post: - description: >- - Filters an organization's assets and groups them by their specified - properties. - operationId: securitycenter.organizations.assets.group - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GroupAssetsRequest' + delete: + description: Deletes an existing BigQuery export. + operationId: securitycenter.projects.bigQueryExports.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18640,18 +19150,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GroupAssetsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - /v1/organizations/{organizationsId}/assets: + - in: path + name: bigQueryExportsId + required: true + schema: + type: string + /v1/projects/{projectsId}/muteConfigs/{muteConfigsId}: parameters: *ref_1 get: - description: Lists an organization's assets. - operationId: securitycenter.organizations.assets.list + description: Gets a mute config. + operationId: securitycenter.projects.muteConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18663,59 +19178,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAssetsResponse' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - - in: query - name: readTime - schema: - type: string - format: google-datetime - - in: query - name: compareDuration - schema: - type: string - format: google-duration - - in: query - name: fieldMask - schema: - type: string - format: google-fieldmask - - in: query - name: pageToken + - in: path + name: muteConfigsId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - /v1/organizations/{organizationsId}/assets:runDiscovery: - parameters: *ref_1 - post: - description: >- - Runs asset discovery. The discovery is tracked with a long-running - operation. This API can only be called with limited frequency for an - organization. If it is called too frequently the caller will receive a - TOO_MANY_REQUESTS error. - operationId: securitycenter.organizations.assets.runDiscovery - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RunAssetDiscoveryRequest' + delete: + description: Deletes an existing mute config. + operationId: securitycenter.projects.muteConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18727,23 +19204,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: organizationsId + name: projectsId + required: true + schema: + type: string + - in: path + name: muteConfigsId required: true schema: type: string - /v1/organizations/{organizationsId}/assets/{assetsId}/securityMarks: - parameters: *ref_1 patch: - description: Updates security marks. - operationId: securitycenter.organizations.assets.updateSecurityMarks + description: Updates a mute config. + operationId: securitycenter.projects.muteConfigs.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/SecurityMarks' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18755,15 +19235,15 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SecurityMarks' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: path - name: assetsId + name: muteConfigsId required: true schema: type: string @@ -18772,23 +19252,11 @@ paths: schema: type: string format: google-fieldmask - - in: query - name: startTime - schema: - type: string - format: google-datetime - /v1/organizations/{organizationsId}/eventThreatDetectionSettings:validateCustomModule: + /v1/projects/{projectsId}/muteConfigs: parameters: *ref_1 - post: - description: Validates the given Event Threat Detection custom module. - operationId: >- - securitycenter.organizations.eventThreatDetectionSettings.validateCustomModule - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/ValidateEventThreatDetectionCustomModuleRequest + get: + description: Lists mute configs. + operationId: securitycenter.projects.muteConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18800,29 +19268,30 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ValidateEventThreatDetectionCustomModuleResponse + $ref: '#/components/schemas/ListMuteConfigsResponse' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - /v1/organizations/{organizationsId}/eventThreatDetectionSettings/customModules: - parameters: *ref_1 + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 post: - description: >- - Creates a resident Event Threat Detection custom module at the scope of - the given Resource Manager parent, and also creates inherited custom - modules for all descendants of the given parent. These modules are - enabled by default. - operationId: >- - securitycenter.organizations.eventThreatDetectionSettings.customModules.create + description: Creates a mute config. + operationId: securitycenter.projects.muteConfigs.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/EventThreatDetectionCustomModule' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18834,20 +19303,29 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EventThreatDetectionCustomModule' + $ref: '#/components/schemas/GoogleCloudSecuritycenterV1MuteConfig' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - get: - description: >- - Lists all Event Threat Detection custom modules for the given Resource - Manager parent. This includes resident modules defined at the scope of - the parent along with modules inherited from ancestors. + - in: query + name: muteConfigId + schema: + type: string + /v1/projects/{projectsId}/securityHealthAnalyticsSettings/customModules:simulate: + parameters: *ref_1 + post: + description: Simulates a given SecurityHealthAnalyticsCustomModule and Resource. operationId: >- - securitycenter.organizations.eventThreatDetectionSettings.customModules.list + securitycenter.projects.securityHealthAnalyticsSettings.customModules.simulate + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/SimulateSecurityHealthAnalyticsCustomModuleRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18860,31 +19338,31 @@ paths: application/json: schema: $ref: >- - #/components/schemas/ListEventThreatDetectionCustomModulesResponse + #/components/schemas/SimulateSecurityHealthAnalyticsCustomModuleResponse parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - /v1/organizations/{organizationsId}/eventThreatDetectionSettings/customModules/{customModulesId}: + /v1/projects/{projectsId}/securityHealthAnalyticsSettings/customModules/{customModulesId}: parameters: *ref_1 - delete: + patch: description: >- - Deletes the specified Event Threat Detection custom module and all of - its descendants in the Resource Manager hierarchy. This method is only - supported for resident custom modules. + Updates the SecurityHealthAnalyticsCustomModule under the given name + based on the given update mask. Updating the enablement state is + supported on both resident and inherited modules (though resident + modules cannot have an enablement state of "inherited"). Updating the + display name and custom config of a module is supported on resident + modules only. operationId: >- - securitycenter.organizations.eventThreatDetectionSettings.customModules.delete + securitycenter.projects.securityHealthAnalyticsSettings.customModules.patch + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18896,10 +19374,11 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -18908,10 +19387,18 @@ paths: required: true schema: type: string - get: - description: Gets an Event Threat Detection custom module. + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: >- + Deletes the specified SecurityHealthAnalyticsCustomModule and all of its + descendants in the CRM hierarchy. This method is only supported for + resident custom modules. operationId: >- - securitycenter.organizations.eventThreatDetectionSettings.customModules.get + securitycenter.projects.securityHealthAnalyticsSettings.customModules.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18923,10 +19410,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EventThreatDetectionCustomModule' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -18935,21 +19422,10 @@ paths: required: true schema: type: string - patch: - description: >- - Updates the Event Threat Detection custom module with the given name - based on the given update mask. Updating the enablement state is - supported for both resident and inherited modules (though resident - modules cannot have an enablement state of "inherited"). Updating the - display name or configuration of a module is supported for resident - modules only. The type of a module cannot be changed. + get: + description: Retrieves a SecurityHealthAnalyticsCustomModule. operationId: >- - securitycenter.organizations.eventThreatDetectionSettings.customModules.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/EventThreatDetectionCustomModule' + securitycenter.projects.securityHealthAnalyticsSettings.customModules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18961,10 +19437,11 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EventThreatDetectionCustomModule' + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -18973,19 +19450,14 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/organizations/{organizationsId}/eventThreatDetectionSettings/customModules:listDescendant: + /v1/projects/{projectsId}/securityHealthAnalyticsSettings/customModules:listDescendant: parameters: *ref_1 get: description: >- - Lists all resident Event Threat Detection custom modules under the given - Resource Manager parent and its descendants. + Returns a list of all resident SecurityHealthAnalyticsCustomModules + under the given CRM parent and all of the parent’s CRM descendants. operationId: >- - securitycenter.organizations.eventThreatDetectionSettings.customModules.listDescendant + securitycenter.projects.securityHealthAnalyticsSettings.customModules.listDescendant security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -18998,30 +19470,38 @@ paths: application/json: schema: $ref: >- - #/components/schemas/ListDescendantEventThreatDetectionCustomModulesResponse + #/components/schemas/ListDescendantSecurityHealthAnalyticsCustomModulesResponse parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: query - name: pageToken - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 - /v1/organizations/{organizationsId}/eventThreatDetectionSettings/effectiveCustomModules/{effectiveCustomModulesId}: + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/securityHealthAnalyticsSettings/customModules: parameters: *ref_1 - get: + post: description: >- - Gets an effective Event Threat Detection custom module at the given - level. + Creates a resident SecurityHealthAnalyticsCustomModule at the scope of + the given CRM parent, and also creates inherited + SecurityHealthAnalyticsCustomModules for all CRM descendants of the + given parent. These modules are enabled by default. operationId: >- - securitycenter.organizations.eventThreatDetectionSettings.effectiveCustomModules.get + securitycenter.projects.securityHealthAnalyticsSettings.customModules.create + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19033,27 +19513,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/EffectiveEventThreatDetectionCustomModule' + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule parameters: - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: effectiveCustomModulesId + name: projectsId required: true schema: type: string - /v1/organizations/{organizationsId}/eventThreatDetectionSettings/effectiveCustomModules: - parameters: *ref_1 get: description: >- - Lists all effective Event Threat Detection custom modules for the given + Returns a list of all SecurityHealthAnalyticsCustomModules for the given parent. This includes resident modules defined at the scope of the - parent along with modules inherited from its ancestors. + parent, and inherited modules, inherited from CRM ancestors. operationId: >- - securitycenter.organizations.eventThreatDetectionSettings.effectiveCustomModules.list + securitycenter.projects.securityHealthAnalyticsSettings.customModules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19066,10 +19540,10 @@ paths: application/json: schema: $ref: >- - #/components/schemas/ListEffectiveEventThreatDetectionCustomModulesResponse + #/components/schemas/ListSecurityHealthAnalyticsCustomModulesResponse parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string @@ -19082,18 +19556,15 @@ paths: schema: type: integer format: int32 - /v1/organizations/{organizationsId}/resourceValueConfigs:batchCreate: + /v1/projects/{projectsId}/securityHealthAnalyticsSettings/effectiveCustomModules: parameters: *ref_1 - post: + get: description: >- - Creates a ResourceValueConfig for an organization. Maps user's tags to - difference resource values for use by the attack path simulation. - operationId: securitycenter.organizations.resourceValueConfigs.batchCreate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BatchCreateResourceValueConfigsRequest' + Returns a list of all EffectiveSecurityHealthAnalyticsCustomModules for + the given parent. This includes resident modules defined at the scope of + the parent, and inherited modules, inherited from CRM ancestors. + operationId: >- + securitycenter.projects.securityHealthAnalyticsSettings.effectiveCustomModules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19105,18 +19576,29 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BatchCreateResourceValueConfigsResponse' + $ref: >- + #/components/schemas/ListEffectiveSecurityHealthAnalyticsCustomModulesResponse parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - /v1/organizations/{organizationsId}/resourceValueConfigs/{resourceValueConfigsId}: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/securityHealthAnalyticsSettings/effectiveCustomModules/{effectiveCustomModulesId}: parameters: *ref_1 - delete: - description: Deletes a ResourceValueConfig. - operationId: securitycenter.organizations.resourceValueConfigs.delete + get: + description: Retrieves an EffectiveSecurityHealthAnalyticsCustomModule. + operationId: >- + securitycenter.projects.securityHealthAnalyticsSettings.effectiveCustomModules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19128,21 +19610,29 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: >- + #/components/schemas/GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: path - name: resourceValueConfigsId + name: effectiveCustomModulesId required: true schema: type: string - get: - description: Gets a ResourceValueConfig. - operationId: securitycenter.organizations.resourceValueConfigs.get + /v1/projects/{projectsId}/notificationConfigs/{notificationConfigsId}: + parameters: *ref_1 + patch: + description: ' Updates a notification config. The following update fields are allowed: description, pubsub_topic, streaming_config.filter' + operationId: securitycenter.projects.notificationConfigs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19154,28 +19644,26 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1ResourceValueConfig + $ref: '#/components/schemas/NotificationConfig' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: path - name: resourceValueConfigsId + name: notificationConfigsId required: true schema: type: string - patch: - description: Updates an existing ResourceValueConfigs with new rules. - operationId: securitycenter.organizations.resourceValueConfigs.patch - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1ResourceValueConfig + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a notification config. + operationId: securitycenter.projects.notificationConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19187,29 +19675,21 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/GoogleCloudSecuritycenterV1ResourceValueConfig + $ref: '#/components/schemas/Empty' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: path - name: resourceValueConfigsId + name: notificationConfigsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/organizations/{organizationsId}/resourceValueConfigs: - parameters: *ref_1 get: - description: Lists all ResourceValueConfigs. - operationId: securitycenter.organizations.resourceValueConfigs.list + description: Gets a notification config. + operationId: securitycenter.projects.notificationConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19221,27 +19701,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListResourceValueConfigsResponse' + $ref: '#/components/schemas/NotificationConfig' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: notificationConfigsId + required: true schema: type: string - /v1/organizations/{organizationsId}/valuedResources: + /v1/projects/{projectsId}/notificationConfigs: parameters: *ref_1 - get: - description: Lists the valued resources for a set of simulation results and filter. - operationId: securitycenter.organizations.valuedResources.list + post: + description: Creates a notification config. + operationId: securitycenter.projects.notificationConfigs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19253,37 +19734,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListValuedResourcesResponse' + $ref: '#/components/schemas/NotificationConfig' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: orderBy + name: configId schema: type: string - /v1/organizations/{organizationsId}/attackPaths: - parameters: *ref_1 get: - description: >- - Lists the attack paths for a set of simulation results or valued - resources and filter. - operationId: securitycenter.organizations.attackPaths.list + description: Lists notification configs. + operationId: securitycenter.projects.notificationConfigs.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -19295,17 +19759,13 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAttackPathsResponse' + $ref: '#/components/schemas/ListNotificationConfigsResponse' parameters: - in: path - name: organizationsId + name: projectsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageToken schema: diff --git a/providers/src/googleapis.com/v00.00.00000/services/securityposture.yaml b/providers/src/googleapis.com/v00.00.00000/services/securityposture.yaml index d64ec731..4e82f87d 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/securityposture.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/securityposture.yaml @@ -11,8 +11,8 @@ info: security against defined benchmarks and help maintain the level of security that your organization requires. version: v1 - x-discovery-doc-revision: '20250819' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251028' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/security-command-center servers: @@ -38,330 +38,230 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + Location: + id: Location type: object properties: - operations: + displayName: description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: name: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` type: string metadata: description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object + Service-specific metadata. For example the available capacity at the + given location. additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. type: object + labels: additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + type: string + type: object description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + locationId: type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} + description: 'The canonical id for this location. For example: `"us-east1"`.' + description: A resource that represents a Google Cloud location. ListPosturesResponse: - id: ListPosturesResponse - description: Response message for ListPostures. - type: object properties: - postures: - description: The list of Posture resources. - type: array - items: - $ref: '#/components/schemas/Posture' nextPageToken: description: >- A pagination token. To retrieve the next page of results, call the method again with this token. type: string + postures: + description: The list of Posture resources. + type: array + items: + $ref: '#/components/schemas/Posture' unreachable: description: >- Locations that were temporarily unavailable and could not be reached. - type: array items: type: string - Posture: - id: Posture - description: The details of a posture. + type: array + description: Response message for ListPostures. type: object + id: ListPosturesResponse + OperationMetadata: + description: Metadata for an Operation. properties: - name: - description: >- - Required. Identifier. The name of the posture, in the format - `organizations/{organization}/locations/global/postures/{posture_id}`. - type: string - state: - description: Required. The state of the posture at the specified `revision_id`. + statusMessage: + readOnly: true + description: Output only. The status of the operation, if any. type: string - enumDescriptions: - - Default value. This value is unused. - - The posture is deprecated and can no longer be deployed. - - The posture is a draft and is not ready to deploy. - - The posture is complete and ready to deploy. - enum: - - STATE_UNSPECIFIED - - DEPRECATED - - DRAFT - - ACTIVE - revisionId: - description: >- - Output only. Immutable. An opaque eight-character string that - identifies the revision of the posture. A posture can have multiple - revisions; when you deploy a posture, you deploy a specific revision - of the posture. + apiVersion: readOnly: true type: string - createTime: - description: Output only. The time at which the posture was created. + description: Output only. The API version used to start the operation. + verb: + description: Output only. The name of the action executed by the operation. + type: string readOnly: true + target: type: string + description: >- + Output only. The server-defined resource path for the target of the + operation. + readOnly: true + createTime: + description: Output only. The time at which the operation was created. format: google-datetime - updateTime: - description: Output only. The time at which the posture was last updated. readOnly: true type: string - format: google-datetime - description: - description: Optional. A description of the posture. + errorMessage: type: string - policySets: - description: Required. The PolicySet resources that the posture includes. - type: array - items: - $ref: '#/components/schemas/PolicySet' - etag: + readOnly: true description: >- - Optional. An opaque identifier for the current version of the - posture at the specified `revision_id`. To prevent concurrent - updates from overwriting each other, always provide the `etag` when - you update a posture. You can also provide the `etag` when you - delete a posture, to help ensure that you're deleting the intended - version of the posture. + Output only. An error message. Returned when a PostureDeployment + enters a failure state like UPDATE_FAILED. + endTime: type: string - annotations: - description: >- - Optional. The user-specified annotations for the posture. For - details about the values you can use in an annotation, see [AIP-148: - Standard fields](https://google.aip.dev/148#annotations). - type: object - additionalProperties: - type: string - reconciling: - description: Output only. Whether the posture is in the process of being updated. + description: Output only. The time at which the operation finished running. + format: google-datetime readOnly: true - type: boolean - categories: + requestedCancellation: description: >- - Output only. The categories that the posture belongs to, as - determined by the Security Posture API. + Output only. Whether a request to cancel the operation has been + received. For operations that have been cancelled successfully, the + Operation.error field contains the error code CANCELLED. readOnly: true - type: array - items: - type: string - enumDescriptions: - - Default value. This value is unused. - - Artificial intelligence (AI). - - Amazon Web Services (AWS) policies. - - Google Cloud policies. - - Microsoft Azure policies. - enum: - - CATEGORY_UNSPECIFIED - - AI - - AWS - - GCP - - AZURE - PolicySet: - id: PolicySet - description: A group of one or more Policy resources. + type: boolean + id: OperationMetadata type: object - properties: - policySetId: - description: Required. An identifier for the policy set. - type: string - description: - description: Optional. A description of the policy set. - type: string - policies: - description: >- - Required. The Policy resources in the policy set. Each policy must - have a policy_id that's unique within the policy set. - type: array - items: - $ref: '#/components/schemas/Policy' - Policy: - id: Policy - description: The details of a policy, including the constraints that it includes. + CustomConfig: type: object + id: CustomConfig properties: - policyId: + resourceSelector: + description: Required. The resource types that the custom module operates on. + $ref: '#/components/schemas/ResourceSelector' + customOutput: description: >- - Required. A user-specified identifier for the policy. In a - PolicySet, each policy must have a unique identifier. + Optional. Definitions of custom source properties to include in + findings. + $ref: '#/components/schemas/CustomOutputSpec' + severity: + enum: + - SEVERITY_UNSPECIFIED + - CRITICAL + - HIGH + - MEDIUM + - LOW + type: string + enumDescriptions: + - Default value. This value is unused. + - Critical severity. + - High severity. + - Medium severity. + - Low severity. + description: Required. The severity of findings generated by the custom module. + predicate: + description: >- + Required. The Common Expression Language (CEL) expression to + evaluate. When the expression evaluates to `true` for a resource, a + finding is generated. + $ref: '#/components/schemas/Expr' + recommendation: + description: >- + Required. An explanation of the steps that security teams can take + to resolve the detected issue. The explanation appears in each + finding. type: string - complianceStandards: - description: Optional. The compliance standards that the policy helps enforce. - type: array - items: - $ref: '#/components/schemas/ComplianceStandard' - constraint: - description: Required. The constraints that the policy includes. - $ref: '#/components/schemas/Constraint' description: - description: Optional. A description of the policy. type: string - ComplianceStandard: - id: ComplianceStandard - description: Information about a compliance standard that the policy helps enforce. + description: >- + Optional. A description of the vulnerability or misconfiguration + that the custom module detects. The description appears in each + finding. Provide enough information to help an investigator + understand the finding. The value must be enclosed in quotation + marks. + description: >- + A custom module configuration for Security Health Analytics. Use + `CustomConfig` to create custom detectors that generate custom findings + for resources that you specify. + Operation: + description: >- + This resource represents a long-running operation that is the result of + a network API call. type: object + id: Operation properties: - standard: + response: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - Optional. The compliance standard that the policy helps enforce. For - example, `NIST SP 800-53`. - type: string - control: + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + error: + $ref: '#/components/schemas/Status' description: >- - Optional. The control in the compliance standard that the policy - helps enforce. For example, `AC-3`. - type: string - Constraint: - id: Constraint - description: Metadata for a constraint in a Policy. - type: object - properties: - securityHealthAnalyticsModule: - description: Optional. A built-in detector for Security Health Analytics. - $ref: '#/components/schemas/SecurityHealthAnalyticsModule' - securityHealthAnalyticsCustomModule: - description: Optional. A custom module for Security Health Analytics. - $ref: '#/components/schemas/SecurityHealthAnalyticsCustomModule' - orgPolicyConstraint: - description: Optional. A predefined organization policy constraint. - $ref: '#/components/schemas/OrgPolicyConstraint' - orgPolicyConstraintCustom: - description: Optional. A custom organization policy constraint. - $ref: '#/components/schemas/OrgPolicyConstraintCustom' - SecurityHealthAnalyticsModule: - id: SecurityHealthAnalyticsModule - description: A built-in detector for Security Health Analytics. - type: object - properties: - moduleName: + The error result of the operation in case of failure or + cancellation. + metadata: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any description: >- - Required. The name of the detector. For example, - `BIGQUERY_TABLE_CMEK_DISABLED`. This field is also used as the - finding category for all the asset violation findings that the - detector returns. + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + name: type: string - moduleEnablementState: description: >- - Whether the detector is enabled at a specified level of the resource - hierarchy. + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + OrgPolicyConstraint: + id: OrgPolicyConstraint + type: object + description: A predefined organization policy constraint. + properties: + policyRules: + type: array + description: Required. The rules enforced by the constraint. + items: + $ref: '#/components/schemas/GoogleCloudSecuritypostureV1PolicyRule' + cannedConstraintId: + description: Required. A unique identifier for the constraint. type: string - enumDescriptions: - - Default value. This value is unused. - - The detector or custom module is enabled. - - The detector or custom module is disabled. - enum: - - ENABLEMENT_STATE_UNSPECIFIED - - ENABLED - - DISABLED SecurityHealthAnalyticsCustomModule: - id: SecurityHealthAnalyticsCustomModule description: A custom module for Security Health Analytics. + id: SecurityHealthAnalyticsCustomModule type: object properties: + config: + description: Required. Configuration settings for the custom module. + $ref: '#/components/schemas/CustomConfig' id: description: >- Output only. Immutable. The unique identifier for the custom module. @@ -369,82 +269,478 @@ components: readOnly: true type: string displayName: + type: string description: >- Optional. The display name of the custom module. This value is used as the finding category for all the asset violation findings that the custom module returns. The display name must contain between 1 and 128 alphanumeric characters or underscores, and it must start with a lowercase letter. - type: string - config: - description: Required. Configuration settings for the custom module. - $ref: '#/components/schemas/CustomConfig' moduleEnablementState: - description: >- - Whether the custom module is enabled at a specified level of the - resource hierarchy. type: string - enumDescriptions: - - Default value. This value is unused. - - The detector or custom module is enabled. - - The detector or custom module is disabled. enum: - ENABLEMENT_STATE_UNSPECIFIED - ENABLED - DISABLED - CustomConfig: - id: CustomConfig - description: >- - A custom module configuration for Security Health Analytics. Use - `CustomConfig` to create custom detectors that generate custom findings - for resources that you specify. - type: object - properties: - predicate: + enumDescriptions: + - Default value. This value is unused. + - The detector or custom module is enabled. + - The detector or custom module is disabled. description: >- - Required. The Common Expression Language (CEL) expression to - evaluate. When the expression evaluates to `true` for a resource, a - finding is generated. - $ref: '#/components/schemas/Expr' - customOutput: + Whether the custom module is enabled at a specified level of the + resource hierarchy. + PostureTemplate: + properties: + name: description: >- - Optional. Definitions of custom source properties to include in - findings. - $ref: '#/components/schemas/CustomOutputSpec' - resourceSelector: - description: Required. The resource types that the custom module operates on. - $ref: '#/components/schemas/ResourceSelector' - severity: - description: Required. The severity of findings generated by the custom module. + Output only. Identifier. The name of the posture template, in the + format + `organizations/{organization}/locations/global/postureTemplates/{posture_template}`. + readOnly: true + type: string + state: + readOnly: true type: string + description: >- + Output only. The state of the posture template at the specified + `revision_id`. enumDescriptions: - Default value. This value is unused. - - Critical severity. - - High severity. - - Medium severity. - - Low severity. + - The posture template follows the latest controls and standards. + - >- + The posture template uses outdated controls and standards. We + recommend that you use a newer revision of the posture template. enum: - - SEVERITY_UNSPECIFIED - - CRITICAL - - HIGH - - MEDIUM - - LOW - description: + - STATE_UNSPECIFIED + - ACTIVE + - DEPRECATED + policySets: + type: array + readOnly: true description: >- - Optional. A description of the vulnerability or misconfiguration - that the custom module detects. The description appears in each - finding. Provide enough information to help an investigator - understand the finding. The value must be enclosed in quotation - marks. + Output only. The PolicySet resources that the posture template + includes. + items: + $ref: '#/components/schemas/PolicySet' + description: + readOnly: true type: string - recommendation: + description: Output only. A description of the posture template. + categories: description: >- - Required. An explanation of the steps that security teams can take - to resolve the detected issue. The explanation appears in each - finding. - type: string - Expr: + Output only. The categories that the posture template belongs to, as + determined by the Security Posture API. + readOnly: true + type: array + items: + enumDescriptions: + - Default value. This value is unused. + - Artificial intelligence (AI). + - Amazon Web Services (AWS) policies. + - Google Cloud policies. + - Microsoft Azure policies. + type: string + enum: + - CATEGORY_UNSPECIFIED + - AI + - AWS + - GCP + - AZURE + revisionId: + type: string + description: >- + Output only. A string that identifies the revision of the posture + template. + readOnly: true + id: PostureTemplate + type: object + description: The details of a posture template. + ListPostureDeploymentsResponse: + properties: + postureDeployments: + type: array + items: + $ref: '#/components/schemas/PostureDeployment' + description: The list of PostureDeployment resources. + unreachable: + type: array + items: + type: string + description: >- + Locations that were temporarily unavailable and could not be + reached. + nextPageToken: + description: >- + A pagination token. To retrieve the next page of results, call the + method again with this token. + type: string + type: object + id: ListPostureDeploymentsResponse + description: Response message for ListPostureDeployments. + Violation: + description: Details of a violation. + type: object + id: Violation + properties: + violatedPolicy: + $ref: '#/components/schemas/PolicyDetails' + description: Details of the policy that was violated. + policyId: + type: string + description: The policy that was violated. + violatedAsset: + $ref: '#/components/schemas/AssetDetails' + description: >- + Details of the Cloud Asset Inventory asset that caused the + violation. + severity: + enum: + - SEVERITY_UNSPECIFIED + - CRITICAL + - HIGH + - MEDIUM + - LOW + description: The severity of the violation. + enumDescriptions: + - Default value. This value is unused. + - Critical severity. + - High severity. + - Medium severity. + - Low severity. + type: string + nextSteps: + type: string + description: A description of the steps that you can take to fix the violation. + assetId: + type: string + description: >- + The full resource name of the asset that caused the violation. For + details about the format of the full resource name for each asset + type, see [Resource name + format](https://cloud.google.com/asset-inventory/docs/resource-name-format). + violatedPosture: + $ref: '#/components/schemas/PostureDetails' + description: >- + Details for the posture that was violated. This field is present + only if the violated policy belongs to a deployed posture. + Policy: + properties: + policyId: + type: string + description: >- + Required. A user-specified identifier for the policy. In a + PolicySet, each policy must have a unique identifier. + description: + description: Optional. A description of the policy. + type: string + complianceStandards: + type: array + items: + $ref: '#/components/schemas/ComplianceStandard' + description: Optional. The compliance standards that the policy helps enforce. + constraint: + description: Required. The constraints that the policy includes. + $ref: '#/components/schemas/Constraint' + type: object + description: The details of a policy, including the constraints that it includes. + id: Policy + Report: + id: Report + properties: + updateTime: + readOnly: true + type: string + format: google-datetime + description: Output only. The time at which the report was last updated. + name: + description: >- + Required. The name of the report, in the format + `organizations/{organization}/locations/global/reports/{report_id}`. + type: string + createTime: + description: Output only. The time at which the report was created. + readOnly: true + type: string + format: google-datetime + iacValidationReport: + $ref: '#/components/schemas/IaCValidationReport' + description: Output only. An infrastructure-as-code (IaC) validation report. + readOnly: true + type: object + description: Details of a report. + ExtractPostureRequest: + id: ExtractPostureRequest + properties: + postureId: + description: Required. An identifier for the posture. + type: string + workload: + type: string + description: >- + Required. The organization, folder, or project from which policies + are extracted. Must be within the organization defined in parent. + Use one of the following formats: * + `organization/{organization_number}` * `folder/{folder_number}` * + `project/{project_number}` + type: object + description: Request message for ExtractPosture. + PolicySet: + type: object + properties: + description: + description: Optional. A description of the policy set. + type: string + policySetId: + description: Required. An identifier for the policy set. + type: string + policies: + description: >- + Required. The Policy resources in the policy set. Each policy must + have a policy_id that's unique within the policy set. + items: + $ref: '#/components/schemas/Policy' + type: array + description: A group of one or more Policy resources. + id: PolicySet + ListOperationsResponse: + description: The response message for Operations.ListOperations. + id: ListOperationsResponse + type: object + properties: + operations: + items: + $ref: '#/components/schemas/Operation' + type: array + description: >- + A list of operations that matches the specified filter in the + request. + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string + nextPageToken: + description: The standard List next-page token. + type: string + ListPostureTemplatesResponse: + type: object + id: ListPostureTemplatesResponse + description: Response message for ListPostureTemplates. + properties: + postureTemplates: + type: array + description: The list of PostureTemplate resources. + items: + $ref: '#/components/schemas/PostureTemplate' + nextPageToken: + description: >- + A pagination token. To retrieve the next page of results, call the + method again with this token. + type: string + Property: + id: Property + description: A name-value pair used as a custom source property. + type: object + properties: + name: + type: string + description: Required. The name of the custom source property. + valueExpression: + $ref: '#/components/schemas/Expr' + description: >- + Optional. The CEL expression for the value of the custom source + property. For resource properties, you can return the value of the + property or a string enclosed in quotation marks. + ResourceTypes: + id: ResourceTypes + properties: + included: + type: array + items: + type: string + description: Optional. The resource types we currently support. + description: >- + Set multiple resource types for one policy, for example: ``` + resourceTypes: included: - compute.googleapis.com/Instance - + compute.googleapis.com/Disk ``` Constraint definition contains an empty + resource type in order to support multiple resource types in the policy. + Only supports managed constraints. Method type is `GOVERN_TAGS`. + type: object + ResourceSelector: + id: ResourceSelector + description: A selector for the resource types to run the detector on. + type: object + properties: + resourceTypes: + description: >- + Required. The resource types to run the detector on. Each custom + module can specify up to 5 resource types. + items: + type: string + type: array + Status: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + id: Status + properties: + details: + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + message: + type: string + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + type: object + OrgPolicyConstraintCustom: + id: OrgPolicyConstraintCustom + description: A custom organization policy constraint. + properties: + policyRules: + description: Required. The rules enforced by the constraint. + type: array + items: + $ref: '#/components/schemas/GoogleCloudSecuritypostureV1PolicyRule' + customConstraint: + description: Required. Metadata for the constraint. + $ref: '#/components/schemas/GoogleCloudSecuritypostureV1CustomConstraint' + type: object + CreateIaCValidationReportRequest: + properties: + iac: + description: >- + Required. The infrastructure-as-code (IaC) configuration to + validate. + $ref: '#/components/schemas/IaC' + type: object + id: CreateIaCValidationReportRequest + description: Request message for CreateIaCValidationReport. + Constraint: + description: Metadata for a constraint in a Policy. + properties: + securityHealthAnalyticsCustomModule: + description: Optional. A custom module for Security Health Analytics. + $ref: '#/components/schemas/SecurityHealthAnalyticsCustomModule' + securityHealthAnalyticsModule: + description: Optional. A built-in detector for Security Health Analytics. + $ref: '#/components/schemas/SecurityHealthAnalyticsModule' + orgPolicyConstraintCustom: + description: Optional. A custom organization policy constraint. + $ref: '#/components/schemas/OrgPolicyConstraintCustom' + orgPolicyConstraint: + $ref: '#/components/schemas/OrgPolicyConstraint' + description: Optional. A predefined organization policy constraint. + type: object + id: Constraint + GoogleCloudSecuritypostureV1CustomConstraint: + id: GoogleCloudSecuritypostureV1CustomConstraint + properties: + actionType: + description: Whether to allow or deny the action. + type: string + enum: + - ACTION_TYPE_UNSPECIFIED + - ALLOW + - DENY + enumDescriptions: + - Default value. This value is unused. + - Allow the action. + - Deny the action. + updateTime: + format: google-datetime + readOnly: true + type: string + description: >- + Output only. The last time at which the constraint was updated or + created. + condition: + type: string + description: >- + A Common Expression Language (CEL) condition expression that must + evaluate to `true` for the constraint to be enforced. The maximum + length is 1000 characters. For example: + + `resource.instanceName.matches('(production|test)_(.+_)?[\d]+')`: + Evaluates to `true` if the resource's `instanceName` attribute + contains the following: + The prefix `production` or `test` + An + underscore (`_`) + Optional: One or more characters, followed by an + underscore (`_`) + One or more digits + + `resource.management.auto_upgrade == true`: Evaluates to `true` if + the resource's `management.auto_upgrade` attribute is `true`. + name: + type: string + description: >- + Immutable. The name of the constraint, in the format + `organizations/{organization_id}/customConstraints/custom.{custom_constraint_id}`. + For example, + `organizations/123456789012/customConstraints/custom.createOnlyE2TypeVms`. + Must contain 1 to 62 characters, excluding the prefix + `organizations/{organization_id}/customConstraints/custom.`. + description: + type: string + description: >- + A description of the constraint. The maximum length is 2000 + characters. + displayName: + description: >- + A display name for the constraint. The maximum length is 200 + characters. + type: string + resourceTypes: + items: + type: string + type: array + description: >- + Immutable. The resource type that the constraint applies to, in the + format `{canonical_service_name}/{resource_type_name}`. For example, + `compute.googleapis.com/Instance`. + methodTypes: + type: array + items: + type: string + enumDescriptions: + - Default value. This value is unused. + - Constraint applied when creating the resource. + - Constraint applied when updating the resource. + - Not supported. Constraint applied when deleting the resource. + enum: + - METHOD_TYPE_UNSPECIFIED + - CREATE + - UPDATE + - DELETE + description: The types of operations that the constraint applies to. + type: object + description: >- + A custom, user-defined constraint. You can apply the constraint only to + the resource types specified in the constraint, and only within the + organization where the constraint is defined. _When you create a custom + constraint, it is not enforced automatically._ You must use an + organization policy to [enforce the + constraint](https://cloud.google.com/resource-manager/help/organization-policy/constraints/enforce). + Expr: id: Expr + type: object description: >- Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of @@ -462,12 +758,11 @@ components: string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. - type: object properties: - expression: + description: description: >- - Textual representation of an expression in Common Expression - Language syntax. + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. type: string title: description: >- @@ -475,94 +770,43 @@ components: its purpose. This can be used e.g. in UIs which allow to enter the expression. type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string location: description: >- Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. type: string - CustomOutputSpec: - id: CustomOutputSpec - description: Definitions of custom source properties that can appear in findings. - type: object - properties: - properties: - description: Optional. The custom source properties that can appear in findings. - type: array - items: - $ref: '#/components/schemas/Property' - Property: - id: Property - description: A name-value pair used as a custom source property. - type: object - properties: - name: - description: Required. The name of the custom source property. + expression: type: string - valueExpression: - description: >- - Optional. The CEL expression for the value of the custom source - property. For resource properties, you can return the value of the - property or a string enclosed in quotation marks. - $ref: '#/components/schemas/Expr' - ResourceSelector: - id: ResourceSelector - description: A selector for the resource types to run the detector on. - type: object - properties: - resourceTypes: description: >- - Required. The resource types to run the detector on. Each custom - module can specify up to 5 resource types. - type: array - items: - type: string - OrgPolicyConstraint: - id: OrgPolicyConstraint - description: A predefined organization policy constraint. - type: object - properties: - cannedConstraintId: - description: Required. A unique identifier for the constraint. - type: string - policyRules: - description: Required. The rules enforced by the constraint. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritypostureV1PolicyRule' + Textual representation of an expression in Common Expression + Language syntax. GoogleCloudSecuritypostureV1PolicyRule: id: GoogleCloudSecuritypostureV1PolicyRule - description: >- - A rule that defines the allowed and denied values for an organization - policy constraint. type: object properties: - values: + denyAll: description: >- - The allowed and denied values for a list constraint. Valid only for + Whether to deny all values for a list constraint. Valid only for list constraints. + type: boolean + values: $ref: >- #/components/schemas/GoogleCloudSecuritypostureV1PolicyRuleStringValues - allowAll: description: >- - Whether to allow any value for a list constraint. Valid only for + The allowed and denied values for a list constraint. Valid only for list constraints. - type: boolean - denyAll: + resourceTypes: + $ref: '#/components/schemas/ResourceTypes' description: >- - Whether to deny all values for a list constraint. Valid only for - list constraints. - type: boolean - enforce: + Optional. The resource types policies can support, only used for + managed constraints. Method type is `GOVERN_TAGS`. + allowAll: description: >- - Whether to enforce the constraint. Valid only for boolean - constraints. + Whether to allow any value for a list constraint. Valid only for + list constraints. type: boolean condition: + $ref: '#/components/schemas/Expr' description: >- A condition that determines whether this rule is used to evaluate the policy. When set, the google.type.Expr.expression field must @@ -580,207 +824,70 @@ components: value; for example, `tagValues/567890123456` For example: `resource.matchTagId('tagKeys/123456789012', 'tagValues/567890123456')` - $ref: '#/components/schemas/Expr' parameters: + type: object description: >- Optional. Required for managed constraints if parameters are defined. Passes parameter values when policy enforcement is enabled. Ensure that parameter value types match those defined in the constraint definition. For example: ``` { "allowedLocations": ["us-east1", "us-west1"], "allowAll": true } ``` - type: object additionalProperties: type: any description: Properties of the object. - resourceTypes: + enforce: description: >- - Optional. The resource types policies can support, only used for - managed constraints. Method type is `GOVERN_TAGS`. - $ref: '#/components/schemas/ResourceTypes' - GoogleCloudSecuritypostureV1PolicyRuleStringValues: - id: GoogleCloudSecuritypostureV1PolicyRuleStringValues - description: >- - The allowed and denied values for a list constraint. For all - constraints, these fields can contain literal values. Optionally, you - can add the `is:` prefix to these values. If the value contains a colon - (`:`), then the `is:` prefix is required. Some constraints allow you to - specify a portion of the resource hierarchy, known as a [_hierarchy - subtree_](https://cloud.google.com/resource-manager/help/organization-policy/hierarchy-subtree), - that the constraint applies to. To specify a hierarchy subtree, use the - `under:` prefix, followed by a value with one of these formats: - - `projects/{project_id}` (for example, `projects/tokyo-rain-123`) - - `folders/{folder_id}` (for example, `folders/1234567890123`) - - `organizations/{organization_id}` (for example, - `organizations/123456789012`) A constraint's `supports_under` field - indicates whether you can specify a hierarchy subtree. To learn which - predefined constraints let you specify a hierarchy subtree, see the - [constraints - reference](https://cloud.google.com/resource-manager/help/organization-policy/constraints/reference). - type: object - properties: - allowedValues: - description: The allowed values for the constraint. - type: array - items: - type: string - deniedValues: - description: The denied values for the constraint. - type: array - items: - type: string - ResourceTypes: - id: ResourceTypes - description: >- - Set multiple resource types for one policy, for example: ``` - resourceTypes: included: - compute.googleapis.com/Instance - - compute.googleapis.com/Disk ``` Constraint definition contains an empty - resource type in order to support multiple resource types in the policy. - Only supports managed constraints. Method type is `GOVERN_TAGS`. - type: object - properties: - included: - description: Optional. The resource types we currently support. - type: array - items: - type: string - OrgPolicyConstraintCustom: - id: OrgPolicyConstraintCustom - description: A custom organization policy constraint. - type: object - properties: - customConstraint: - description: Required. Metadata for the constraint. - $ref: '#/components/schemas/GoogleCloudSecuritypostureV1CustomConstraint' - policyRules: - description: Required. The rules enforced by the constraint. - type: array - items: - $ref: '#/components/schemas/GoogleCloudSecuritypostureV1PolicyRule' - GoogleCloudSecuritypostureV1CustomConstraint: - id: GoogleCloudSecuritypostureV1CustomConstraint + Whether to enforce the constraint. Valid only for boolean + constraints. + type: boolean description: >- - A custom, user-defined constraint. You can apply the constraint only to - the resource types specified in the constraint, and only within the - organization where the constraint is defined. _When you create a custom - constraint, it is not enforced automatically._ You must use an - organization policy to [enforce the - constraint](https://cloud.google.com/resource-manager/help/organization-policy/constraints/enforce). - type: object - properties: - name: - description: >- - Immutable. The name of the constraint, in the format - `organizations/{organization_id}/customConstraints/custom.{custom_constraint_id}`. - For example, - `organizations/123456789012/customConstraints/custom.createOnlyE2TypeVms`. - Must contain 1 to 62 characters, excluding the prefix - `organizations/{organization_id}/customConstraints/custom.`. - type: string - resourceTypes: - description: >- - Immutable. The resource type that the constraint applies to, in the - format `{canonical_service_name}/{resource_type_name}`. For example, - `compute.googleapis.com/Instance`. - type: array - items: - type: string - methodTypes: - description: The types of operations that the constraint applies to. - type: array - items: - type: string - enumDescriptions: - - Default value. This value is unused. - - Constraint applied when creating the resource. - - Constraint applied when updating the resource. - - Not supported. Constraint applied when deleting the resource. - enum: - - METHOD_TYPE_UNSPECIFIED - - CREATE - - UPDATE - - DELETE - condition: - description: >- - A Common Expression Language (CEL) condition expression that must - evaluate to `true` for the constraint to be enforced. The maximum - length is 1000 characters. For example: + - `resource.instanceName.matches('(production|test)_(.+_)?[\d]+')`: - Evaluates to `true` if the resource's `instanceName` attribute - contains the following: + The prefix `production` or `test` + An - underscore (`_`) + Optional: One or more characters, followed by an - underscore (`_`) + One or more digits + - `resource.management.auto_upgrade == true`: Evaluates to `true` if - the resource's `management.auto_upgrade` attribute is `true`. - type: string - actionType: - description: Whether to allow or deny the action. - type: string - enumDescriptions: - - Default value. This value is unused. - - Allow the action. - - Deny the action. - enum: - - ACTION_TYPE_UNSPECIFIED - - ALLOW - - DENY - displayName: - description: >- - A display name for the constraint. The maximum length is 200 - characters. - type: string - description: - description: >- - A description of the constraint. The maximum length is 2000 - characters. - type: string - updateTime: - description: >- - Output only. The last time at which the constraint was updated or - created. - readOnly: true - type: string - format: google-datetime - ListPostureRevisionsResponse: - id: ListPostureRevisionsResponse - description: Response message for ListPostureRevisions. + A rule that defines the allowed and denied values for an organization + policy constraint. + SecurityHealthAnalyticsModule: + id: SecurityHealthAnalyticsModule type: object + description: A built-in detector for Security Health Analytics. properties: - revisions: - description: The list of revisions for the Posture. - type: array - items: - $ref: '#/components/schemas/Posture' - nextPageToken: + moduleName: description: >- - A pagination token. To retrieve the next page of results, call the - method again with this token. + Required. The name of the detector. For example, + `BIGQUERY_TABLE_CMEK_DISABLED`. This field is also used as the + finding category for all the asset violation findings that the + detector returns. type: string - ExtractPostureRequest: - id: ExtractPostureRequest - description: Request message for ExtractPosture. - type: object + moduleEnablementState: + description: >- + Whether the detector is enabled at a specified level of the resource + hierarchy. + type: string + enum: + - ENABLEMENT_STATE_UNSPECIFIED + - ENABLED + - DISABLED + enumDescriptions: + - Default value. This value is unused. + - The detector or custom module is enabled. + - The detector or custom module is disabled. + ComplianceStandard: + id: ComplianceStandard properties: - postureId: - description: Required. An identifier for the posture. + control: + description: >- + Optional. The control in the compliance standard that the policy + helps enforce. For example, `AC-3`. type: string - workload: + standard: description: >- - Required. The organization, folder, or project from which policies - are extracted. Must be within the organization defined in parent. - Use one of the following formats: * - `organization/{organization_number}` * `folder/{folder_number}` * - `project/{project_number}` + Optional. The compliance standard that the policy helps enforce. For + example, `NIST SP 800-53`. type: string - ListPostureDeploymentsResponse: - id: ListPostureDeploymentsResponse - description: Response message for ListPostureDeployments. + description: Information about a compliance standard that the policy helps enforce. + type: object + ListReportsResponse: + id: ListReportsResponse type: object + description: Response message for ListReports. properties: - postureDeployments: - description: The list of PostureDeployment resources. - type: array - items: - $ref: '#/components/schemas/PostureDeployment' nextPageToken: description: >- A pagination token. To retrieve the next page of results, call the @@ -790,24 +897,48 @@ components: description: >- Locations that were temporarily unavailable and could not be reached. - type: array items: type: string + type: array + reports: + type: array + description: The list of Report resources. + items: + $ref: '#/components/schemas/Report' + ListLocationsResponse: + type: object + properties: + locations: + type: array + description: >- + A list of locations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Location' + nextPageToken: + description: The standard List next-page token. + type: string + description: The response message for Locations.ListLocations. + id: ListLocationsResponse + CustomOutputSpec: + id: CustomOutputSpec + description: Definitions of custom source properties that can appear in findings. + type: object + properties: + properties: + description: Optional. The custom source properties that can appear in findings. + items: + $ref: '#/components/schemas/Property' + type: array PostureDeployment: id: PostureDeployment + type: object description: >- Details for a Posture deployment on an organization, folder, or project. You can deploy at most one posture to each organization, folder, or project. The parent resource for a posture deployment is always the organization, even if the deployment applies to a folder or project. - type: object properties: - name: - description: >- - Required. Identifier. The name of the posture deployment, in the - format - `organizations/{organization}/locations/global/postureDeployments/{deployment_id}`. - type: string targetResource: description: >- Required. The organization, folder, or project where the posture is @@ -815,177 +946,36 @@ components: `organizations/{organization_number}` * `folders/{folder_number}` * `projects/{project_number}` type: string - state: - description: Output only. The state of the posture deployment. - readOnly: true - type: string - enumDescriptions: - - Default value. This value is unused. - - The posture deployment is being created. - - The posture deployment is being deleted. - - The posture deployment is being updated. - - The posture deployment is active and in use. - - The posture deployment could not be created. - - The posture deployment could not be updated. - - The posture deployment could not be deleted. - enum: - - STATE_UNSPECIFIED - - CREATING - - DELETING - - UPDATING - - ACTIVE - - CREATE_FAILED - - UPDATE_FAILED - - DELETE_FAILED - postureId: + failureMessage: description: >- - Required. The posture used in the deployment, in the format - `organizations/{organization}/locations/global/postures/{posture_id}`. - type: string - postureRevisionId: - description: Required. The revision ID of the posture used in the deployment. + Output only. A description of why the posture deployment failed. + Present only if the deployment is in a failed state. type: string - createTime: - description: Output only. The time at which the posture deployment was created. readOnly: true + name: type: string - format: google-datetime - updateTime: description: >- - Output only. The time at which the posture deployment was last - updated. - readOnly: true - type: string - format: google-datetime - description: - description: Optional. A description of the posture deployment. - type: string + Required. Identifier. The name of the posture deployment, in the + format + `organizations/{organization}/locations/global/postureDeployments/{deployment_id}`. etag: + type: string description: >- Optional. An opaque identifier for the current version of the posture deployment. To prevent concurrent updates from overwriting each other, always provide the `etag` when you update a posture deployment. You can also provide the `etag` when you delete a posture deployment, to help ensure that you're deleting the intended - posture deployment. - type: string - annotations: - description: >- - Optional. The user-specified annotations for the posture deployment. - For details about the values you can use in an annotation, see - [AIP-148: Standard fields](https://google.aip.dev/148#annotations). - type: object - additionalProperties: - type: string - reconciling: - description: >- - Output only. Whether the posture deployment is in the process of - being updated. - readOnly: true - type: boolean - desiredPostureId: - description: >- - Output only. The posture ID that was specified for the deployment. - Present only if the posture deployment is in a failed state. - readOnly: true - type: string - desiredPostureRevisionId: - description: >- - Output only. The revision ID of the posture that was specified for - the deployment. Present only if the deployment is in a failed state. - readOnly: true - type: string - failureMessage: - description: >- - Output only. A description of why the posture deployment failed. - Present only if the deployment is in a failed state. - readOnly: true - type: string - categories: - description: >- - Output only. The categories that the posture deployment belongs to, - as determined by the Security Posture API. - readOnly: true - type: array - items: - type: string - enumDescriptions: - - Default value. This value is unused. - - Artificial intelligence (AI). - - Amazon Web Services (AWS) policies. - - Google Cloud policies. - - Microsoft Azure policies. - enum: - - CATEGORY_UNSPECIFIED - - AI - - AWS - - GCP - - AZURE - ListPostureTemplatesResponse: - id: ListPostureTemplatesResponse - description: Response message for ListPostureTemplates. - type: object - properties: - postureTemplates: - description: The list of PostureTemplate resources. - type: array - items: - $ref: '#/components/schemas/PostureTemplate' - nextPageToken: - description: >- - A pagination token. To retrieve the next page of results, call the - method again with this token. - type: string - PostureTemplate: - id: PostureTemplate - description: The details of a posture template. - type: object - properties: - name: - description: >- - Output only. Identifier. The name of the posture template, in the - format - `organizations/{organization}/locations/global/postureTemplates/{posture_template}`. - readOnly: true - type: string - revisionId: - description: >- - Output only. A string that identifies the revision of the posture - template. - readOnly: true - type: string - description: - description: Output only. A description of the posture template. - readOnly: true - type: string - state: - description: >- - Output only. The state of the posture template at the specified - `revision_id`. - readOnly: true - type: string - enumDescriptions: - - Default value. This value is unused. - - The posture template follows the latest controls and standards. - - >- - The posture template uses outdated controls and standards. We - recommend that you use a newer revision of the posture template. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - DEPRECATED - policySets: + posture deployment. + postureId: + type: string description: >- - Output only. The PolicySet resources that the posture template - includes. - readOnly: true - type: array - items: - $ref: '#/components/schemas/PolicySet' + Required. The posture used in the deployment, in the format + `organizations/{organization}/locations/global/postures/{posture_id}`. + postureRevisionId: + type: string + description: Required. The revision ID of the posture used in the deployment. categories: - description: >- - Output only. The categories that the posture template belongs to, as - determined by the Security Posture API. readOnly: true type: array items: @@ -1002,164 +992,104 @@ components: - AWS - GCP - AZURE - ListReportsResponse: - id: ListReportsResponse - description: Response message for ListReports. - type: object - properties: - reports: - description: The list of Report resources. - type: array - items: - $ref: '#/components/schemas/Report' - nextPageToken: - description: >- - A pagination token. To retrieve the next page of results, call the - method again with this token. - type: string - unreachable: description: >- - Locations that were temporarily unavailable and could not be - reached. - type: array - items: - type: string - Report: - id: Report - description: Details of a report. - type: object - properties: - iacValidationReport: - description: Output only. An infrastructure-as-code (IaC) validation report. - readOnly: true - $ref: '#/components/schemas/IaCValidationReport' - name: + Output only. The categories that the posture deployment belongs to, + as determined by the Security Posture API. + desiredPostureRevisionId: description: >- - Required. The name of the report, in the format - `organizations/{organization}/locations/global/reports/{report_id}`. + Output only. The revision ID of the posture that was specified for + the deployment. Present only if the deployment is in a failed state. type: string - createTime: - description: Output only. The time at which the report was created. readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. The time at which the report was last updated. + reconciling: readOnly: true - type: string + type: boolean + description: >- + Output only. Whether the posture deployment is in the process of + being updated. + updateTime: format: google-datetime - IaCValidationReport: - id: IaCValidationReport - description: Details of an infrastructure-as-code (IaC) validation report. - type: object - properties: - violations: - description: A list of every Violation found in the IaC configuration. - type: array - items: - $ref: '#/components/schemas/Violation' - note: - description: Additional information about the report. type: string - Violation: - id: Violation - description: Details of a violation. - type: object - properties: - assetId: description: >- - The full resource name of the asset that caused the violation. For - details about the format of the full resource name for each asset - type, see [Resource name - format](https://cloud.google.com/asset-inventory/docs/resource-name-format). - type: string - policyId: - description: The policy that was violated. + Output only. The time at which the posture deployment was last + updated. + readOnly: true + createTime: + format: google-datetime type: string - violatedPosture: + description: Output only. The time at which the posture deployment was created. + readOnly: true + annotations: + type: object + additionalProperties: + type: string description: >- - Details for the posture that was violated. This field is present - only if the violated policy belongs to a deployed posture. - $ref: '#/components/schemas/PostureDetails' - severity: - description: The severity of the violation. + Optional. The user-specified annotations for the posture deployment. + For details about the values you can use in an annotation, see + [AIP-148: Standard fields](https://google.aip.dev/148#annotations). + description: + description: Optional. A description of the posture deployment. + type: string + state: + enum: + - STATE_UNSPECIFIED + - CREATING + - DELETING + - UPDATING + - ACTIVE + - CREATE_FAILED + - UPDATE_FAILED + - DELETE_FAILED + readOnly: true + description: Output only. The state of the posture deployment. type: string enumDescriptions: - Default value. This value is unused. - - Critical severity. - - High severity. - - Medium severity. - - Low severity. - enum: - - SEVERITY_UNSPECIFIED - - CRITICAL - - HIGH - - MEDIUM - - LOW - nextSteps: - description: A description of the steps that you can take to fix the violation. + - The posture deployment is being created. + - The posture deployment is being deleted. + - The posture deployment is being updated. + - The posture deployment is active and in use. + - The posture deployment could not be created. + - The posture deployment could not be updated. + - The posture deployment could not be deleted. + desiredPostureId: type: string - violatedAsset: + readOnly: true description: >- - Details of the Cloud Asset Inventory asset that caused the - violation. - $ref: '#/components/schemas/AssetDetails' - violatedPolicy: - description: Details of the policy that was violated. - $ref: '#/components/schemas/PolicyDetails' - PostureDetails: - id: PostureDetails - description: Details of a posture deployment. - type: object + Output only. The posture ID that was specified for the deployment. + Present only if the posture deployment is in a failed state. + ListPostureRevisionsResponse: properties: - postureDeployment: - description: >- - The name of the posture deployment, in the format - `organizations/{organization}/locations/global/postureDeployments/{deployment_id}`. - type: string - postureDeploymentTargetResource: - description: >- - The organization, folder, or project where the posture is deployed. - Uses one of the following formats: * - `organizations/{organization_number}` * `folders/{folder_number}` * - `projects/{project_number}` - type: string - posture: - description: >- - The posture used in the deployment, in the format - `organizations/{organization}/locations/global/postures/{posture_id}`. - type: string - postureRevisionId: - description: The revision ID of the posture used in the deployment. - type: string - policySet: + revisions: + type: array + items: + $ref: '#/components/schemas/Posture' + description: The list of revisions for the Posture. + nextPageToken: description: >- - The identifier for the PolicySet that the relevant policy belongs - to. + A pagination token. To retrieve the next page of results, call the + method again with this token. type: string - AssetDetails: - id: AssetDetails - description: Details of a Cloud Asset Inventory asset that caused a violation. + id: ListPostureRevisionsResponse type: object - properties: - asset: - description: >- - Information about the Cloud Asset Inventory asset that violated a - policy. The format of this information can change at any time - without prior notice. Your application must not depend on this - information in any way. - type: string - assetType: - description: >- - The type of Cloud Asset Inventory asset. For a list of asset types, - see [Supported asset - types](https://cloud.google.com/asset-inventory/docs/supported-asset-types). - type: string + description: Response message for ListPostureRevisions. + CancelOperationRequest: + type: object + id: CancelOperationRequest + properties: {} + description: The request message for Operations.CancelOperation. PolicyDetails: - id: PolicyDetails description: Details of a policy that was violated. + id: PolicyDetails type: object properties: + complianceStandards: + type: array + description: >- + The compliance standards that the policy maps to. For example, + `CIS-2.0 1.15`. + items: + type: string constraint: description: >- Information about the constraint that was violated. The format of @@ -1167,15 +1097,6 @@ components: application must not depend on this information in any way. type: string constraintType: - description: The type of constraint that was violated. - type: string - enumDescriptions: - - Default value. This value is unused. - - A custom module for Security Health Analytics. - - A custom organization policy constraint. - - A built-in detector for Security Health Analytics. - - A predefined organization policy constraint. - - A custom rego policy constraint. enum: - CONSTRAINT_TYPE_UNSPECIFIED - SECURITY_HEALTH_ANALYTICS_CUSTOM_MODULE @@ -1183,158 +1104,242 @@ components: - SECURITY_HEALTH_ANALYTICS_MODULE - ORG_POLICY - REGO_POLICY - complianceStandards: - description: >- - The compliance standards that the policy maps to. For example, - `CIS-2.0 1.15`. - type: array - items: - type: string + enumDescriptions: + - Default value. This value is unused. + - A custom module for Security Health Analytics. + - A custom organization policy constraint. + - A built-in detector for Security Health Analytics. + - A predefined organization policy constraint. + - A custom rego policy constraint. + description: The type of constraint that was violated. + type: string description: description: A description of the policy. type: string - CreateIaCValidationReportRequest: - id: CreateIaCValidationReportRequest - description: Request message for CreateIaCValidationReport. + Empty: type: object - properties: - iac: - description: >- - Required. The infrastructure-as-code (IaC) configuration to - validate. - $ref: '#/components/schemas/IaC' + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + properties: {} + id: Empty IaC: - id: IaC - description: Details of an infrastructure-as-code (IaC) configuration. type: object properties: tfPlan: + type: string description: >- Optional. A Terraform plan file, formatted as a stringified JSON object. To learn how to generate a Terraform plan file in JSON format, see [JSON output format](https://developer.hashicorp.com/terraform/internals/json-format) in the Terraform documentation. - type: string format: byte - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object + id: IaC + description: Details of an infrastructure-as-code (IaC) configuration. + PostureDetails: + id: PostureDetails properties: - locations: + policySet: description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. + The identifier for the PolicySet that the relevant policy belongs + to. + type: string + posture: type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: - name: description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + The posture used in the deployment, in the format + `organizations/{organization}/locations/global/postures/{posture_id}`. + postureRevisionId: type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + description: The revision ID of the posture used in the deployment. + postureDeployment: type: string - displayName: description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + The name of the posture deployment, in the format + `organizations/{organization}/locations/global/postureDeployments/{deployment_id}`. + postureDeploymentTargetResource: type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - OperationMetadata: - id: OperationMetadata - description: Metadata for an Operation. + The organization, folder, or project where the posture is deployed. + Uses one of the following formats: * + `organizations/{organization_number}` * `folders/{folder_number}` * + `projects/{project_number}` type: object + description: Details of a posture deployment. + Posture: properties: - createTime: - description: Output only. The time at which the operation was created. + description: + description: Optional. A description of the posture. + type: string + reconciling: + readOnly: true + type: boolean + description: Output only. Whether the posture is in the process of being updated. + categories: + description: >- + Output only. The categories that the posture belongs to, as + determined by the Security Posture API. + readOnly: true + items: + enum: + - CATEGORY_UNSPECIFIED + - AI + - AWS + - GCP + - AZURE + type: string + enumDescriptions: + - Default value. This value is unused. + - Artificial intelligence (AI). + - Amazon Web Services (AWS) policies. + - Google Cloud policies. + - Microsoft Azure policies. + type: array + updateTime: + description: Output only. The time at which the posture was last updated. readOnly: true type: string format: google-datetime - endTime: - description: Output only. The time at which the operation finished running. - readOnly: true + createTime: type: string + description: Output only. The time at which the posture was created. format: google-datetime - target: - description: >- - Output only. The server-defined resource path for the target of the - operation. readOnly: true + policySets: + items: + $ref: '#/components/schemas/PolicySet' + type: array + description: Required. The PolicySet resources that the posture includes. + name: type: string - verb: - description: Output only. The name of the action executed by the operation. - readOnly: true + description: >- + Required. Identifier. The name of the posture, in the format + `organizations/{organization}/locations/global/postures/{posture_id}`. + etag: + description: >- + Optional. An opaque identifier for the current version of the + posture at the specified `revision_id`. To prevent concurrent + updates from overwriting each other, always provide the `etag` when + you update a posture. You can also provide the `etag` when you + delete a posture, to help ensure that you're deleting the intended + version of the posture. type: string - statusMessage: - description: Output only. The status of the operation, if any. + revisionId: readOnly: true type: string - requestedCancellation: description: >- - Output only. Whether a request to cancel the operation has been - received. For operations that have been cancelled successfully, the - Operation.error field contains the error code CANCELLED. - readOnly: true - type: boolean - apiVersion: - description: Output only. The API version used to start the operation. - readOnly: true + Output only. Immutable. An opaque eight-character string that + identifies the revision of the posture. A posture can have multiple + revisions; when you deploy a posture, you deploy a specific revision + of the posture. + annotations: + description: >- + Optional. The user-specified annotations for the posture. For + details about the values you can use in an annotation, see [AIP-148: + Standard fields](https://google.aip.dev/148#annotations). + additionalProperties: + type: string + type: object + state: + enumDescriptions: + - Default value. This value is unused. + - The posture is deprecated and can no longer be deployed. + - The posture is a draft and is not ready to deploy. + - The posture is complete and ready to deploy. + description: Required. The state of the posture at the specified `revision_id`. type: string - errorMessage: + enum: + - STATE_UNSPECIFIED + - DEPRECATED + - DRAFT + - ACTIVE + id: Posture + description: The details of a posture. + type: object + GoogleCloudSecuritypostureV1PolicyRuleStringValues: + id: GoogleCloudSecuritypostureV1PolicyRuleStringValues + description: >- + The allowed and denied values for a list constraint. For all + constraints, these fields can contain literal values. Optionally, you + can add the `is:` prefix to these values. If the value contains a colon + (`:`), then the `is:` prefix is required. Some constraints allow you to + specify a portion of the resource hierarchy, known as a [_hierarchy + subtree_](https://cloud.google.com/resource-manager/help/organization-policy/hierarchy-subtree), + that the constraint applies to. To specify a hierarchy subtree, use the + `under:` prefix, followed by a value with one of these formats: - + `projects/{project_id}` (for example, `projects/tokyo-rain-123`) - + `folders/{folder_id}` (for example, `folders/1234567890123`) - + `organizations/{organization_id}` (for example, + `organizations/123456789012`) A constraint's `supports_under` field + indicates whether you can specify a hierarchy subtree. To learn which + predefined constraints let you specify a hierarchy subtree, see the + [constraints + reference](https://cloud.google.com/resource-manager/help/organization-policy/constraints/reference). + type: object + properties: + allowedValues: + type: array + items: + type: string + description: The allowed values for the constraint. + deniedValues: + type: array + items: + type: string + description: The denied values for the constraint. + IaCValidationReport: + description: Details of an infrastructure-as-code (IaC) validation report. + type: object + id: IaCValidationReport + properties: + violations: + type: array + description: A list of every Violation found in the IaC configuration. + items: + $ref: '#/components/schemas/Violation' + note: + description: Additional information about the report. + type: string + AssetDetails: + properties: + asset: description: >- - Output only. An error message. Returned when a PostureDeployment - enters a failure state like UPDATE_FAILED. - readOnly: true + Information about the Cloud Asset Inventory asset that violated a + policy. The format of this information can change at any time + without prior notice. Your application must not depend on this + information in any way. + type: string + assetType: type: string + description: >- + The type of Cloud Asset Inventory asset. For a list of asset types, + see [Supported asset + types](https://cloud.google.com/asset-inventory/docs/supported-asset-types). + description: Details of a Cloud Asset Inventory asset that caused a violation. + type: object + id: AssetDetails parameters: - access_token: - description: OAuth access token. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: access_token + name: uploadType schema: type: string - alt: - description: Data format for response. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: alt + name: oauth_token schema: type: string - enum: - - json - - media - - proto - callback: - description: JSONP + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: callback + name: prettyPrint schema: - type: string + type: boolean fields: description: Selector specifying which fields to include in a partial response. in: query @@ -1350,18 +1355,18 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: oauth_token + name: upload_protocol schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + callback: + description: JSONP in: query - name: prettyPrint + name: callback schema: - type: boolean + type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -1371,18 +1376,22 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + access_token: + description: OAuth access token. in: query - name: upload_protocol + name: access_token schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + alt: + description: Data format for response. in: query - name: uploadType + name: alt schema: type: string + enum: + - json + - media + - proto _.xgafv: description: V1 error format. in: query @@ -1393,49 +1402,34 @@ components: - '1' - '2' x-stackQL-resources: - operations: - id: google.securityposture.operations - name: operations - title: Operations + posture_templates: + id: google.securityposture.posture_templates + name: posture_templates + title: Posture_templates methods: - list: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postureTemplates~1{postureTemplatesId}/get response: mediaType: application/json openAPIDocKey: '200' - cancel: + list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postureTemplates/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.postureTemplates sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' + - $ref: '#/components/x-stackQL-resources/posture_templates/methods/get' + - $ref: '#/components/x-stackQL-resources/posture_templates/methods/list' insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + delete: [] postures: id: google.securityposture.postures name: postures @@ -1456,10 +1450,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get: + extract: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postures~1{posturesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postures:extract/post response: mediaType: application/json openAPIDocKey: '200' @@ -1477,10 +1471,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - extract: + get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postures:extract/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postures~1{posturesId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -1516,136 +1510,151 @@ components: update: [] replace: [] delete: [] - posture_deployments: - id: google.securityposture.posture_deployments - name: posture_deployments - title: Posture_deployments + reports: + id: google.securityposture.reports + name: reports + title: Reports methods: list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postureDeployments/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1reports/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.postureDeployments - create: + objectKey: $.unreachable + get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postureDeployments/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1reports~1{reportsId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/reports/methods/get' + - $ref: '#/components/x-stackQL-resources/reports/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + reports_ia_cvalidation_report: + id: google.securityposture.reports_ia_cvalidation_report + name: reports_ia_cvalidation_report + title: Reports_ia_cvalidation_report + methods: + create_ia_cvalidation_report: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postureDeployments~1{postureDeploymentsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1reports:createIaCValidationReport/post response: mediaType: application/json openAPIDocKey: '200' - patch: + sqlVerbs: + select: [] + insert: + - $ref: >- + #/components/x-stackQL-resources/reports_ia_cvalidation_report/methods/create_ia_cvalidation_report + update: [] + replace: [] + delete: [] + operations: + id: google.securityposture.operations + name: operations + title: Operations + methods: + get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postureDeployments~1{postureDeploymentsId}/patch + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postureDeployments~1{postureDeploymentsId}/delete + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/posture_deployments/methods/get' - - $ref: '#/components/x-stackQL-resources/posture_deployments/methods/list' - insert: - - $ref: >- - #/components/x-stackQL-resources/posture_deployments/methods/create - update: - - $ref: '#/components/x-stackQL-resources/posture_deployments/methods/patch' - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/posture_deployments/methods/delete - posture_templates: - id: google.securityposture.posture_templates - name: posture_templates - title: Posture_templates - methods: list: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postureTemplates/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.postureTemplates - get: + objectKey: $.operations + cancel: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postureTemplates~1{postureTemplatesId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/posture_templates/methods/get' - - $ref: '#/components/x-stackQL-resources/posture_templates/methods/list' + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' insert: [] update: [] replace: [] - delete: [] - reports: - id: google.securityposture.reports - name: reports - title: Reports + delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + posture_deployments: + id: google.securityposture.posture_deployments + name: posture_deployments + title: Posture_deployments methods: - list: + get: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1reports/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postureDeployments~1{postureDeploymentsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.reports - get: + delete: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1reports~1{reportsId}/get + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postureDeployments~1{postureDeploymentsId}/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/reports/methods/get' - - $ref: '#/components/x-stackQL-resources/reports/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - reports_ia_cvalidation_report: - id: google.securityposture.reports_ia_cvalidation_report - name: reports_ia_cvalidation_report - title: Reports_ia_cvalidation_report - methods: - create_ia_cvalidation_report: + patch: operation: $ref: >- - #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1reports:createIaCValidationReport/post + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postureDeployments~1{postureDeploymentsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postureDeployments/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.postureDeployments + create: + operation: + $ref: >- + #/paths/~1v1~1organizations~1{organizationsId}~1locations~1{locationsId}~1postureDeployments/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] + select: + - $ref: '#/components/x-stackQL-resources/posture_deployments/methods/get' + - $ref: '#/components/x-stackQL-resources/posture_deployments/methods/list' insert: - $ref: >- - #/components/x-stackQL-resources/reports_ia_cvalidation_report/methods/create_ia_cvalidation_report - update: [] + #/components/x-stackQL-resources/posture_deployments/methods/create + update: + - $ref: '#/components/x-stackQL-resources/posture_deployments/methods/patch' replace: [] - delete: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/posture_deployments/methods/delete locations: id: google.securityposture.locations name: locations @@ -1673,24 +1682,59 @@ components: replace: [] delete: [] paths: - /v1/organizations/{organizationsId}/locations/{locationsId}/operations: + /v1/organizations/{organizationsId}/locations/{locationsId}/postureTemplates/{postureTemplatesId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/_.xgafv' get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: securityposture.organizations.locations.operations.list + description: Gets a single revision of a PostureTemplate. + operationId: securityposture.organizations.locations.postureTemplates.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/PostureTemplate' + parameters: + - in: path + name: organizationsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: postureTemplatesId + required: true + schema: + type: string + - in: query + name: revisionId + schema: + type: string + /v1/organizations/{organizationsId}/locations/{locationsId}/postureTemplates: + parameters: *ref_1 + get: + description: Lists every PostureTemplate in a given organization and location. + operationId: securityposture.organizations.locations.postureTemplates.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1702,7 +1746,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/ListPostureTemplatesResponse' parameters: - in: path name: organizationsId @@ -1727,14 +1771,13 @@ paths: name: pageToken schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}: + /v1/organizations/{organizationsId}/locations/{locationsId}/postures: parameters: *ref_1 get: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: securityposture.organizations.locations.operations.get + Lists the most recent revisions of all Posture resources in a specified + organization and location. + operationId: securityposture.organizations.locations.postures.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1746,7 +1789,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListPosturesResponse' parameters: - in: path name: organizationsId @@ -1758,18 +1801,27 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: securityposture.organizations.locations.operations.delete + - in: query + name: filter + schema: + type: string + post: + description: Creates a new Posture. + operationId: securityposture.organizations.locations.postures.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Posture' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1781,7 +1833,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: organizationsId @@ -1793,30 +1845,25 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: postureId schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}:cancel: + /v1/organizations/{organizationsId}/locations/{locationsId}/postures:extract: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: securityposture.organizations.locations.operations.cancel + Extracts existing policies from an organization, folder, or project, and + applies them to another organization, folder, or project as a Posture. + If the other organization, folder, or project already has a posture, + then the result of the long-running operation is an ALREADY_EXISTS + error. + operationId: securityposture.organizations.locations.postures.extract requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/ExtractPostureRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1828,7 +1875,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: organizationsId @@ -1840,18 +1887,11 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/postures: + /v1/organizations/{organizationsId}/locations/{locationsId}/postures/{posturesId}:listRevisions: parameters: *ref_1 get: - description: >- - Lists the most recent revisions of all Posture resources in a specified - organization and location. - operationId: securityposture.organizations.locations.postures.list + description: Lists all revisions of a single Posture. + operationId: securityposture.organizations.locations.postures.listRevisions security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1863,7 +1903,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListPosturesResponse' + $ref: '#/components/schemas/ListPostureRevisionsResponse' parameters: - in: path name: organizationsId @@ -1875,22 +1915,35 @@ paths: required: true schema: type: string - - in: query - name: pageSize + - in: path + name: posturesId + required: true schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - in: query - name: filter + name: pageSize schema: - type: string - post: - description: Creates a new Posture. - operationId: securityposture.organizations.locations.postures.create + type: integer + format: int32 + /v1/organizations/{organizationsId}/locations/{locationsId}/postures/{posturesId}: + parameters: *ref_1 + patch: + description: >- + Updates a revision of an existing Posture. If the posture revision that + you update is currently deployed, then a new revision of the posture is + created. To prevent concurrent updates from overwriting each other, + always follow the read-modify-write pattern when you update a posture: + 1. Call GetPosture to get the current version of the posture. 2. Update + the fields in the posture as needed. 3. Call UpdatePosture to update the + posture. Ensure that your request includes the `etag` value from the + GetPosture response. **Important:** If you omit the `etag` when you call + UpdatePosture, then the updated posture unconditionally overwrites the + existing posture. + operationId: securityposture.organizations.locations.postures.patch requestBody: content: application/json: @@ -1919,15 +1972,25 @@ paths: required: true schema: type: string + - in: path + name: posturesId + required: true + schema: + type: string - in: query - name: postureId + name: updateMask schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/postures/{posturesId}:listRevisions: - parameters: *ref_1 - get: - description: Lists all revisions of a single Posture. - operationId: securityposture.organizations.locations.postures.listRevisions + format: google-fieldmask + - in: query + name: revisionId + schema: + type: string + delete: + description: >- + Deletes all revisions of a Posture. You can only delete a posture if + none of its revisions are deployed. + operationId: securityposture.organizations.locations.postures.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1939,7 +2002,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListPostureRevisionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: organizationsId @@ -1957,16 +2020,9 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: etag schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/postures/{posturesId}: - parameters: *ref_1 get: description: Gets a single revision of a Posture. operationId: securityposture.organizations.locations.postures.get @@ -2002,24 +2058,11 @@ paths: name: revisionId schema: type: string - patch: - description: >- - Updates a revision of an existing Posture. If the posture revision that - you update is currently deployed, then a new revision of the posture is - created. To prevent concurrent updates from overwriting each other, - always follow the read-modify-write pattern when you update a posture: - 1. Call GetPosture to get the current version of the posture. 2. Update - the fields in the posture as needed. 3. Call UpdatePosture to update the - posture. Ensure that your request includes the `etag` value from the - GetPosture response. **Important:** If you omit the `etag` when you call - UpdatePosture, then the updated posture unconditionally overwrites the - existing posture. - operationId: securityposture.organizations.locations.postures.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Posture' + /v1/organizations/{organizationsId}/locations/{locationsId}/reports: + parameters: *ref_1 + get: + description: Lists every Report in a given organization and location. + operationId: securityposture.organizations.locations.reports.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2031,7 +2074,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListReportsResponse' parameters: - in: path name: organizationsId @@ -2043,25 +2086,24 @@ paths: required: true schema: type: string - - in: path - name: posturesId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: updateMask + name: pageSize schema: - type: string - format: google-fieldmask + type: integer + format: int32 - in: query - name: revisionId + name: filter schema: type: string - delete: - description: >- - Deletes all revisions of a Posture. You can only delete a posture if - none of its revisions are deployed. - operationId: securityposture.organizations.locations.postures.delete + /v1/organizations/{organizationsId}/locations/{locationsId}/reports/{reportsId}: + parameters: *ref_1 + get: + description: Gets details for a Report. + operationId: securityposture.organizations.locations.reports.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2073,7 +2115,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Report' parameters: - in: path name: organizationsId @@ -2086,29 +2128,24 @@ paths: schema: type: string - in: path - name: posturesId + name: reportsId required: true schema: type: string - - in: query - name: etag - schema: - type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/postures:extract: + /v1/organizations/{organizationsId}/locations/{locationsId}/reports:createIaCValidationReport: parameters: *ref_1 post: description: >- - Extracts existing policies from an organization, folder, or project, and - applies them to another organization, folder, or project as a Posture. - If the other organization, folder, or project already has a posture, - then the result of the long-running operation is an ALREADY_EXISTS - error. - operationId: securityposture.organizations.locations.postures.extract + Validates a specified infrastructure-as-code (IaC) configuration, and + creates a Report with the validation results. Only Terraform + configurations are supported. Only modified assets are validated. + operationId: >- + securityposture.organizations.locations.reports.createIaCValidationReport requestBody: content: application/json: schema: - $ref: '#/components/schemas/ExtractPostureRequest' + $ref: '#/components/schemas/CreateIaCValidationReportRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2132,11 +2169,14 @@ paths: required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/postureDeployments: + /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: - description: Lists every PostureDeployment in a project and location. - operationId: securityposture.organizations.locations.postureDeployments.list + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: securityposture.organizations.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2148,7 +2188,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListPostureDeploymentsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: organizationsId @@ -2160,27 +2200,18 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: operationsId + required: true schema: type: string - post: - description: Creates a new PostureDeployment in a given project and location. - operationId: securityposture.organizations.locations.postureDeployments.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PostureDeployment' + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: securityposture.organizations.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2192,7 +2223,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: organizationsId @@ -2204,15 +2235,18 @@ paths: required: true schema: type: string - - in: query - name: postureDeploymentId + - in: path + name: operationsId + required: true schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/postureDeployments/{postureDeploymentsId}: + /v1/organizations/{organizationsId}/locations/{locationsId}/operations: parameters: *ref_1 get: - description: Gets details for a PostureDeployment. - operationId: securityposture.organizations.locations.postureDeployments.get + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: securityposture.organizations.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2224,7 +2258,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PostureDeployment' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: organizationsId @@ -2236,28 +2270,42 @@ paths: required: true schema: type: string - - in: path - name: postureDeploymentsId - required: true + - in: query + name: pageToken schema: type: string - patch: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/organizations/{organizationsId}/locations/{locationsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: description: >- - Updates an existing PostureDeployment. To prevent concurrent updates - from overwriting each other, always follow the read-modify-write pattern - when you update a posture deployment: 1. Call GetPostureDeployment to - get the current version of the deployment. 2. Update the fields in the - deployment as needed. 3. Call UpdatePostureDeployment to update the - deployment. Ensure that your request includes the `etag` value from the - GetPostureDeployment response. **Important:** If you omit the `etag` - when you call UpdatePostureDeployment, then the updated deployment - unconditionally overwrites the existing deployment. - operationId: securityposture.organizations.locations.postureDeployments.patch + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: securityposture.organizations.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/PostureDeployment' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2269,7 +2317,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: organizationsId @@ -2282,18 +2330,15 @@ paths: schema: type: string - in: path - name: postureDeploymentsId + name: operationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes a PostureDeployment. - operationId: securityposture.organizations.locations.postureDeployments.delete + /v1/organizations/{organizationsId}/locations/{locationsId}/postureDeployments/{postureDeploymentsId}: + parameters: *ref_1 + get: + description: Gets details for a PostureDeployment. + operationId: securityposture.organizations.locations.postureDeployments.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2305,7 +2350,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/PostureDeployment' parameters: - in: path name: organizationsId @@ -2322,15 +2367,9 @@ paths: required: true schema: type: string - - in: query - name: etag - schema: - type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/postureTemplates: - parameters: *ref_1 - get: - description: Lists every PostureTemplate in a given organization and location. - operationId: securityposture.organizations.locations.postureTemplates.list + delete: + description: Deletes a PostureDeployment. + operationId: securityposture.organizations.locations.postureDeployments.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2342,7 +2381,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListPostureTemplatesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: organizationsId @@ -2354,24 +2393,32 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: postureDeploymentsId + required: true schema: type: string - in: query - name: filter + name: etag schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/postureTemplates/{postureTemplatesId}: - parameters: *ref_1 - get: - description: Gets a single revision of a PostureTemplate. - operationId: securityposture.organizations.locations.postureTemplates.get + patch: + description: >- + Updates an existing PostureDeployment. To prevent concurrent updates + from overwriting each other, always follow the read-modify-write pattern + when you update a posture deployment: 1. Call GetPostureDeployment to + get the current version of the deployment. 2. Update the fields in the + deployment as needed. 3. Call UpdatePostureDeployment to update the + deployment. Ensure that your request includes the `etag` value from the + GetPostureDeployment response. **Important:** If you omit the `etag` + when you call UpdatePostureDeployment, then the updated deployment + unconditionally overwrites the existing deployment. + operationId: securityposture.organizations.locations.postureDeployments.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PostureDeployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2383,7 +2430,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PostureTemplate' + $ref: '#/components/schemas/Operation' parameters: - in: path name: organizationsId @@ -2396,19 +2443,20 @@ paths: schema: type: string - in: path - name: postureTemplatesId + name: postureDeploymentsId required: true schema: type: string - in: query - name: revisionId + name: updateMask schema: type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/reports: + format: google-fieldmask + /v1/organizations/{organizationsId}/locations/{locationsId}/postureDeployments: parameters: *ref_1 get: - description: Lists every Report in a given organization and location. - operationId: securityposture.organizations.locations.reports.list + description: Lists every PostureDeployment in a project and location. + operationId: securityposture.organizations.locations.postureDeployments.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2420,7 +2468,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListReportsResponse' + $ref: '#/components/schemas/ListPostureDeploymentsResponse' parameters: - in: path name: organizationsId @@ -2433,65 +2481,26 @@ paths: schema: type: string - in: query - name: pageSize + name: filter schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - in: query - name: filter - schema: - type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/reports/{reportsId}: - parameters: *ref_1 - get: - description: Gets details for a Report. - operationId: securityposture.organizations.locations.reports.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Report' - parameters: - - in: path - name: organizationsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: reportsId - required: true + name: pageSize schema: - type: string - /v1/organizations/{organizationsId}/locations/{locationsId}/reports:createIaCValidationReport: - parameters: *ref_1 + type: integer + format: int32 post: - description: >- - Validates a specified infrastructure-as-code (IaC) configuration, and - creates a Report with the validation results. Only Terraform - configurations are supported. Only modified assets are validated. - operationId: >- - securityposture.organizations.locations.reports.createIaCValidationReport + description: Creates a new PostureDeployment in a given project and location. + operationId: securityposture.organizations.locations.postureDeployments.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/CreateIaCValidationReportRequest' + $ref: '#/components/schemas/PostureDeployment' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2515,6 +2524,10 @@ paths: required: true schema: type: string + - in: query + name: postureDeploymentId + schema: + type: string /v1/projects/{projectsId}/locations: parameters: *ref_1 get: @@ -2539,22 +2552,22 @@ paths: schema: type: string - in: query - name: filter + name: extraLocationTypes schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: type: string - in: query - name: extraLocationTypes + name: filter schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 /v1/projects/{projectsId}/locations/{locationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/serviceconsumermanagement.yaml b/providers/src/googleapis.com/v00.00.00000/services/serviceconsumermanagement.yaml index 50485668..5881330c 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/serviceconsumermanagement.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/serviceconsumermanagement.yaml @@ -7,8 +7,8 @@ info: title: Service Consumer Management API description: Manages the service consumers of a Service Infrastructure service. version: v1 - x-discovery-doc-revision: '20250619' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251202' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/service-consumer-management/docs/overview servers: @@ -34,308 +34,209 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - MonitoredResourceDescriptor: + Endpoint: + description: >- + `Endpoint` describes a network address of a service that serves a set of + APIs. It is commonly known as a service endpoint. A service may expose + any number of service endpoints, and all service endpoints share the + same service definition, such as quota limits and monitoring metrics. + Example: type: google.api.Service name: library-example.googleapis.com + endpoints: # Declares network address + `https://library-example.googleapis.com` # for service + `library-example.googleapis.com`. The `https` scheme # is implicit for + all service endpoints. Other schemes may be # supported in the future. - + name: library-example.googleapis.com allow_cors: false - name: + content-staging-library-example.googleapis.com # Allows HTTP OPTIONS + calls to be passed to the API frontend, for it # to decide whether the + subsequent cross-origin request is allowed # to proceed. allow_cors: + true + id: Endpoint properties: - displayName: - description: >- - Optional. A concise name for the monitored resource type that might - be displayed in user interfaces. It should be a Title Cased Noun - Phrase, without any article or other determiners. For example, - `"Google Cloud SQL Database"`. - type: string - labels: + aliases: type: array + description: >- + Aliases for this endpoint, these will be served by the same UrlMap + as the parent endpoint, and will be provisioned in the GCP stack for + the Regional Endpoints. items: - $ref: '#/components/schemas/LabelDescriptor' + type: string + allowCors: description: >- - Required. A set of labels used to describe instances of this - monitored resource type. For example, an individual Google Cloud SQL - database is identified by values for the labels `"database_id"` and - `"zone"`. - launchStage: - description: Optional. The launch stage of the monitored resource definition. - enumDescriptions: - - Do not use this default value. - - The feature is not yet implemented. Users can not use it. - - >- - Prelaunch features are hidden from users and are only visible - internally. - - >- - Early Access features are limited to a closed group of testers. To - use these features, you must sign up in advance and sign a Trusted - Tester agreement (which includes confidentiality provisions). - These features may be unstable, changed in backward-incompatible - ways, and are not guaranteed to be released. - - >- - Alpha is a limited availability test for releases before they are - cleared for widespread use. By Alpha, all significant design - issues are resolved and we are in the process of verifying - functionality. Alpha customers need to apply for access, agree to - applicable terms, and have their projects allowlisted. Alpha - releases don't have to be feature complete, no SLAs are provided, - and there are no technical support obligations, but they will be - far enough along that customers can actually use them in test - environments or for limited-use tests -- just like they would in - normal production cases. - - >- - Beta is the point at which we are ready to open a release for any - customer to use. There are no SLA or technical support obligations - in a Beta release. Products will be complete from a feature - perspective, but may have some open outstanding issues. Beta - releases are suitable for limited production use cases. - - >- - GA features are open to all developers and are considered stable - and fully qualified for production use. - - >- - Deprecated features are scheduled to be shut down and removed. For - more information, see the "Deprecation Policy" section of our - [Terms of Service](https://cloud.google.com/terms/) and the - [Google Cloud Platform Subject to the Deprecation - Policy](https://cloud.google.com/terms/deprecation) documentation. - enum: - - LAUNCH_STAGE_UNSPECIFIED - - UNIMPLEMENTED - - PRELAUNCH - - EARLY_ACCESS - - ALPHA - - BETA - - GA - - DEPRECATED + Allowing + [CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing), + aka cross-domain traffic, would allow the backends served from this + endpoint to receive and respond to HTTP OPTIONS requests. The + response will be used by the browser to determine whether the + subsequent cross-origin request is allowed to proceed. + type: boolean + target: type: string + description: >- + The specification of an Internet routable address of API frontend + that will handle requests to this [API + Endpoint](https://cloud.google.com/apis/design/glossary). It should + be either a valid IPv4 address or a fully-qualified domain name. For + example, "8.8.8.8" or "myservice.appspot.com". name: + description: The canonical name of this endpoint. type: string + type: object + DotnetSettings: + type: object + description: Settings for Dotnet client libraries. + id: DotnetSettings + properties: + common: + $ref: '#/components/schemas/CommonLanguageSettings' + description: Some settings. + renamedServices: + additionalProperties: + type: string description: >- - Optional. The resource name of the monitored resource descriptor: - `"projects/{project_id}/monitoredResourceDescriptors/{type}"` where - {type} is the value of the `type` field in this object and - {project_id} is a project ID that provides API-specific context for - accessing the type. APIs that do not use project information can use - the resource name format `"monitoredResourceDescriptors/{type}"`. - description: + Map from original service names to renamed versions. This is used + when the default generated types would cause a naming conflict. + (Neither name is fully-qualified.) Example: Subscriber to + SubscriberServiceApi. + type: object + ignoredResources: + items: + type: string description: >- - Optional. A detailed description of the monitored resource type that - might be used in documentation. + List of full resource types to ignore during generation. This is + typically used for API-specific Location resources, which should be + handled by the generator as if they were actually the common + Location resources. Example entry: + "documentai.googleapis.com/Location" + type: array + forcedNamespaceAliases: + description: >- + Namespaces which must be aliased in snippets due to a known (but + non-generator-predictable) naming collision + type: array + items: + type: string + handwrittenSignatures: + items: + type: string + type: array + description: >- + Method signatures (in the form "service.method(signature)") which + are provided separately, so shouldn't be generated. Snippets + *calling* these methods are still generated, however. + renamedResources: + additionalProperties: + type: string + type: object + description: >- + Map from full resource types to the effective short name for the + resource. This is used when otherwise resource named from different + services would cause naming collisions. Example entry: + "datalabeling.googleapis.com/Dataset": "DataLabelingDataset" + Usage: + properties: + requirements: + type: array + items: + type: string + description: >- + Requirements that must be satisfied before a consumer project can + use the service. Each requirement is of the form /; for example + 'serviceusage.googleapis.com/billing-enabled'. For Google APIs, a + Terms of Service requirement must be included here. Google Cloud + APIs must include "serviceusage.googleapis.com/tos/cloud". Other + Google APIs should include + "serviceusage.googleapis.com/tos/universal". Additional ToS can be + included based on the business needs. + producerNotificationChannel: + description: >- + The full resource name of a channel used for sending notifications + to the service producer. Google Service Management currently only + supports [Google Cloud Pub/Sub](https://cloud.google.com/pubsub) as + a notification channel. To use Google Cloud Pub/Sub as the channel, + this must be the name of a Cloud Pub/Sub topic that uses the Cloud + Pub/Sub topic name format documented in + https://cloud.google.com/pubsub/docs/overview. type: string - type: + rules: + type: array description: >- - Required. The monitored resource type. For example, the type - `"cloudsql_database"` represents databases in Google Cloud SQL. For - a list of types, see [Monitored resource - types](https://cloud.google.com/monitoring/api/resources) and - [Logging resource - types](https://cloud.google.com/logging/docs/api/v2/resource-list). + A list of usage rules that apply to individual API methods. + **NOTE:** All service configuration rules follow "last one wins" + order. + items: + $ref: '#/components/schemas/UsageRule' + type: object + description: Configuration controlling usage of a service. + id: Usage + PolicyBinding: + properties: + role: + description: >- + Role. (https://cloud.google.com/iam/docs/understanding-roles) For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. type: string - id: MonitoredResourceDescriptor - description: >- - An object that describes the schema of a MonitoredResource object using - a type name and a set of labels. For example, the monitored resource - descriptor for Google Compute Engine VM instances has a type of - `"gce_instance"` and specifies the use of the labels `"instance_id"` and - `"zone"` to identify particular VM instances. Different APIs can support - different monitored resource types. APIs generally provide a `list` - method that returns the monitored resource descriptors used by the API. + members: + items: + type: string + description: >- + Uses the same format as in IAM policy. `member` must include both a + prefix and ID. For example, `user:{emailId}`, + `serviceAccount:{emailId}`, `group:{emailId}`. + type: array type: object - CppSettings: - id: CppSettings + id: PolicyBinding + description: Translates to IAM Policy bindings (without auditing at this level) + V1GenerateServiceAccountResponse: properties: - common: - $ref: '#/components/schemas/CommonLanguageSettings' - description: Some settings. - description: Settings for C++ client libraries. + account: + $ref: '#/components/schemas/V1ServiceAccount' + description: ServiceAccount that was created or retrieved. + id: V1GenerateServiceAccountResponse + description: >- + Response message for the `GenerateServiceAccount` method. This response + message is assigned to the `response` field of the returned Operation + when that operation is done. type: object - CustomHttpPattern: + V1Beta1DisableConsumerResponse: + description: >- + Response message for the `DisableConsumer` method. This response message + is assigned to the `response` field of the returned Operation when that + operation is done. type: object + id: V1Beta1DisableConsumerResponse + properties: {} + ContextRule: + description: >- + A context rule provides information about the context for an individual + API element. properties: - path: - description: The path matched by this custom verb. - type: string - kind: - description: The name of this custom HTTP verb. - type: string - id: CustomHttpPattern - description: A custom pattern is used for defining custom HTTP verb. - LabelDescriptor: - properties: - description: - description: A human-readable description for the label. - type: string - valueType: - enum: - - STRING - - BOOL - - INT64 - enumDescriptions: - - A variable-length string. This is the default. - - Boolean; true or false. - - A 64-bit signed integer. - type: string - description: The type of data that can be assigned to the label. - key: - type: string - description: The label key. - id: LabelDescriptor - type: object - description: A description of a label. - ClientLibrarySettings: - properties: - launchStage: - enum: - - LAUNCH_STAGE_UNSPECIFIED - - UNIMPLEMENTED - - PRELAUNCH - - EARLY_ACCESS - - ALPHA - - BETA - - GA - - DEPRECATED - description: Launch stage of this version of the API. - type: string - enumDescriptions: - - Do not use this default value. - - The feature is not yet implemented. Users can not use it. - - >- - Prelaunch features are hidden from users and are only visible - internally. - - >- - Early Access features are limited to a closed group of testers. To - use these features, you must sign up in advance and sign a Trusted - Tester agreement (which includes confidentiality provisions). - These features may be unstable, changed in backward-incompatible - ways, and are not guaranteed to be released. - - >- - Alpha is a limited availability test for releases before they are - cleared for widespread use. By Alpha, all significant design - issues are resolved and we are in the process of verifying - functionality. Alpha customers need to apply for access, agree to - applicable terms, and have their projects allowlisted. Alpha - releases don't have to be feature complete, no SLAs are provided, - and there are no technical support obligations, but they will be - far enough along that customers can actually use them in test - environments or for limited-use tests -- just like they would in - normal production cases. - - >- - Beta is the point at which we are ready to open a release for any - customer to use. There are no SLA or technical support obligations - in a Beta release. Products will be complete from a feature - perspective, but may have some open outstanding issues. Beta - releases are suitable for limited production use cases. - - >- - GA features are open to all developers and are considered stable - and fully qualified for production use. - - >- - Deprecated features are scheduled to be shut down and removed. For - more information, see the "Deprecation Policy" section of our - [Terms of Service](https://cloud.google.com/terms/) and the - [Google Cloud Platform Subject to the Deprecation - Policy](https://cloud.google.com/terms/deprecation) documentation. - phpSettings: - $ref: '#/components/schemas/PhpSettings' - description: Settings for PHP client libraries. - version: - type: string - description: >- - Version of the API to apply these settings to. This is the full - protobuf package for the API, ending in the version element. - Examples: "google.cloud.speech.v1" and - "google.spanner.admin.database.v1". - dotnetSettings: - description: Settings for .NET client libraries. - $ref: '#/components/schemas/DotnetSettings' - cppSettings: - $ref: '#/components/schemas/CppSettings' - description: Settings for C++ client libraries. - rubySettings: - description: Settings for Ruby client libraries. - $ref: '#/components/schemas/RubySettings' - javaSettings: - $ref: '#/components/schemas/JavaSettings' - description: Settings for legacy Java features, supported in the Service YAML. - goSettings: - description: Settings for Go client libraries. - $ref: '#/components/schemas/GoSettings' - nodeSettings: - description: Settings for Node client libraries. - $ref: '#/components/schemas/NodeSettings' - restNumericEnums: - type: boolean - description: >- - When using transport=rest, the client request will encode enums as - numbers rather than strings. - pythonSettings: - description: Settings for Python client libraries. - $ref: '#/components/schemas/PythonSettings' - type: object - id: ClientLibrarySettings - description: Details about how and where to publish client libraries. - Quota: - properties: - limits: - items: - $ref: '#/components/schemas/QuotaLimit' - description: List of QuotaLimit definitions for the service. - type: array - metricRules: - items: - $ref: '#/components/schemas/MetricRule' - description: >- - List of MetricRule definitions, each one mapping a selected method - to one or more metrics. - type: array - id: Quota - type: object - description: >- - Quota configuration helps to achieve fairness and budgeting in service - usage. The metric based quota configuration works this way: - The - service configuration defines a set of metrics. - For API calls, the - quota.metric_rules maps methods to metrics with corresponding costs. - - The quota.limits defines limits on the metrics, which will be used for - quota checks at runtime. An example quota configuration in yaml format: - quota: limits: - name: apiWriteQpsPerProject metric: - library.googleapis.com/write_calls unit: "1/min/{project}" # rate limit - for consumer projects values: STANDARD: 10000 (The metric rules bind all - methods to the read_calls metric, except for the UpdateBook and - DeleteBook methods. These two methods are mapped to the write_calls - metric, with the UpdateBook method consuming at twice rate as the - DeleteBook method.) metric_rules: - selector: "*" metric_costs: - library.googleapis.com/read_calls: 1 - selector: - google.example.library.v1.LibraryService.UpdateBook metric_costs: - library.googleapis.com/write_calls: 2 - selector: - google.example.library.v1.LibraryService.DeleteBook metric_costs: - library.googleapis.com/write_calls: 1 Corresponding Metric definition: - metrics: - name: library.googleapis.com/read_calls display_name: Read - requests metric_kind: DELTA value_type: INT64 - name: - library.googleapis.com/write_calls display_name: Write requests - metric_kind: DELTA value_type: INT64 - ContextRule: - type: object - properties: - requested: + selector: description: >- - A list of full type names of requested contexts, only the requested - context will be made available to the backend. - items: - type: string - type: array + Selects the methods to which this rule applies. Refer to selector + for syntax details. + type: string provided: - items: - type: string description: >- A list of full type names of provided contexts. It is used to support propagating HTTP headers and ETags from the response extension. + items: + type: string type: array - selector: - type: string - description: >- - Selects the methods to which this rule applies. Refer to selector - for syntax details. allowedRequestExtensions: - type: array description: >- A list of full type names or extension IDs of extensions allowed in grpc side channel from client to backend. items: type: string + type: array + requested: + items: + type: string + description: >- + A list of full type names of requested contexts, only the requested + context will be made available to the backend. + type: array allowedResponseExtensions: items: type: string @@ -343,579 +244,756 @@ components: description: >- A list of full type names or extension IDs of extensions allowed in grpc side channel from backend to client. + type: object id: ContextRule - description: >- - A context rule provides information about the context for an individual - API element. - BatchingDescriptorProto: - id: BatchingDescriptorProto + DeleteTenantProjectRequest: + id: DeleteTenantProjectRequest properties: - subresponseField: + tag: + description: Required. Tag of the resource within the tenancy unit. type: string - description: >- - Optional. When present, indicates the field in the response message - to be used to demultiplex the response into multiple response - messages, in correspondence with the multiple request messages - originally batched together. - batchedField: + description: Request message to delete tenant project resource from the tenancy unit. + type: object + UndeleteTenantProjectRequest: + description: >- + Request message to undelete tenant project resource previously deleted + from the tenancy unit. + type: object + properties: + tag: type: string - description: >- - The repeated field in the request message to be aggregated by - batching. - discriminatorFields: + description: Required. Tag of the resource within the tenancy unit. + id: UndeleteTenantProjectRequest + SelectiveGapicGeneration: + id: SelectiveGapicGeneration + properties: + methods: type: array + description: >- + An allowlist of the fully qualified names of RPCs that should be + included on public client surfaces. items: type: string + generateOmittedAsInternal: + type: boolean description: >- - A list of the fields in the request message. Two requests will be - batched together only if the values of every field specified in - `request_discriminator_fields` is equal between the two requests. - type: object + Setting this to true indicates to the client generators that methods + that would be excluded from the generation should instead be + generated in a way that indicates these methods should not be + consumed by end users. How this is expressed is up to individual + language implementations to decide. Some examples may be: added + annotations, obfuscated identifiers, or other language idiomatic + patterns. description: >- - `BatchingDescriptorProto` specifies the fields of the request message to - be used for batching, and, optionally, the fields of the response - message to be used for demultiplexing. - PhpSettings: - id: PhpSettings - description: Settings for Php client libraries. + This message is used to configure the generation of a subset of the RPCs + in a service for client libraries. type: object + V1Beta1ImportProducerQuotaPoliciesResponse: properties: - libraryPackage: - description: >- - The package name to use in Php. Clobbers the php_namespace option - set in the protobuf. This should be used **only** by APIs who have - already set the language_settings.php.package_name" field in - gapic.yaml. API teams should use the protobuf php_namespace option - where possible. Example of a YAML configuration:: publishing: - library_settings: php_settings: library_package: - Google\Cloud\PubSub\V1 - type: string - common: - $ref: '#/components/schemas/CommonLanguageSettings' - description: Some settings. - Empty: - properties: {} - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - TenantProjectPolicy: - description: >- - Describes policy settings that can be applied to a newly created tenant - project. - type: object - id: TenantProjectPolicy - properties: - policyBindings: - description: >- - Policy bindings to be applied to the tenant project, in addition to - the 'roles/owner' role granted to the Service Consumer Management - service account. + policies: + description: The policies that were created from the imported data. type: array items: - $ref: '#/components/schemas/PolicyBinding' - AuthRequirement: + $ref: '#/components/schemas/V1Beta1ProducerQuotaPolicy' + type: object + id: V1Beta1ImportProducerQuotaPoliciesResponse + description: Response message for ImportProducerQuotaPolicies + FieldPolicy: properties: - providerId: + resourcePermission: type: string description: >- - id from authentication provider. Example: provider_id: - bookstore_auth - audiences: + Specifies the required permission(s) for the resource referred to by + the field. It requires the field contains a valid resource + reference, and the request must pass the permission checks to + proceed. For example, "resourcemanager.projects.get". + resourceType: + type: string description: >- - NOTE: This will be deprecated soon, once AuthProvider.audiences is - implemented and accepted in all the runtime components. The list of - JWT - [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3). - that are allowed to access. A JWT containing any of these audiences - will be accepted. When this setting is absent, only JWTs with - audience "https://Service_name/API_name" will be accepted. For - example, if no audiences are in the setting, LibraryService API will - only accept JWTs with the following audience - "https://library-example.googleapis.com/google.example.library.v1.LibraryService". - Example: audiences: bookstore_android.apps.googleusercontent.com, - bookstore_web.apps.googleusercontent.com + Specifies the resource type for the resource referred to by the + field. + selector: type: string + description: >- + Selects one or more request or response message fields to apply this + `FieldPolicy`. When a `FieldPolicy` is used in proto annotation, the + selector must be left as empty. The service config generator will + automatically fill the correct value. When a `FieldPolicy` is used + in service config, the selector must be a comma-separated string + with valid request or response field paths, such as "foo.bar" or + "foo.bar,foo.baz". type: object + id: FieldPolicy description: >- - User-defined authentication requirements, including support for [JSON - Web Token - (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32). - id: AuthRequirement - V1ServiceAccount: - description: A service account in the Identity and Access Management API. + Google API Policy Annotation This message defines a simple API policy + annotation that can be used to annotate API request and response message + fields with applicable policies. One field may have multiple applicable + policies that must all be satisfied before a request can be processed. + This policy annotation is used to generate the overall policy that will + be used for automatic runtime policy enforcement and documentation + generation. + CustomHttpPattern: + description: A custom pattern is used for defining custom HTTP verb. + type: object properties: - iamAccountName: - deprecated: true - description: Deprecated. See b/136209818. + kind: + description: The name of this custom HTTP verb. type: string - tag: - description: >- - The P4 SA configuration tag. This must be defined in - activation_grants. If not specified when creating the account, the - tag is set to "default". + path: type: string - uniqueId: - description: The unique and stable id of the service account. + description: The path matched by this custom verb. + id: CustomHttpPattern + V1EnableConsumerResponse: + type: object + id: V1EnableConsumerResponse + properties: {} + description: >- + Response message for the `EnableConsumer` method. This response message + is assigned to the `response` field of the returned Operation when that + operation is done. + LongRunning: + id: LongRunning + properties: + initialPollDelay: + description: >- + Initial delay after which the first poll request will be made. + Default value: 5 seconds. + format: google-duration type: string - email: + totalPollTimeout: + format: google-duration + description: 'Total polling timeout. Default value: 5 minutes.' type: string - description: The email address of the service account. - name: + maxPollDelay: + format: google-duration type: string description: >- - P4 SA resource name. An example name would be: - `services/serviceconsumermanagement.googleapis.com/projects/123/serviceAccounts/default` - id: V1ServiceAccount + Maximum time between two subsequent poll requests. Default value: 45 + seconds. + pollDelayMultiplier: + description: >- + Multiplier to gradually increase delay between subsequent polls + until it reaches max_poll_delay. Default value: 1.5. + type: number + format: float type: object - Monitoring: + description: >- + Describes settings to use when generating API methods that use the + long-running operation pattern. All default values below are from those + used in the client library generators (e.g. + [Java](https://github.com/googleapis/gapic-generator-java/blob/04c2faa191a9b5a10b92392fe8482279c4404803/src/main/java/com/google/api/generator/gapic/composer/common/RetrySettingsComposer.java)). + CommonLanguageSettings: properties: - producerDestinations: + selectiveGapicGeneration: description: >- - Monitoring configurations for sending metrics to the producer - project. There can be multiple producer destinations. A monitored - resource type may appear in multiple monitoring destinations if - different aggregations are needed for different sets of metrics - associated with that monitored resource type. A monitored resource - and metric pair may only be used once in the Monitoring - configuration. - type: array - items: - $ref: '#/components/schemas/MonitoringDestination' - consumerDestinations: + Configuration for which RPCs should be generated in the GAPIC + client. + $ref: '#/components/schemas/SelectiveGapicGeneration' + destinations: items: - $ref: '#/components/schemas/MonitoringDestination' + enum: + - CLIENT_LIBRARY_DESTINATION_UNSPECIFIED + - GITHUB + - PACKAGE_MANAGER + enumDescriptions: + - >- + Client libraries will neither be generated nor published to + package managers. + - >- + Generate the client library in a repo under + github.com/googleapis, but don't publish it to package managers. + - >- + Publish the library to package managers like nuget.org and + npmjs.com. + type: string description: >- - Monitoring configurations for sending metrics to the consumer - project. There can be multiple consumer destinations. A monitored - resource type may appear in multiple monitoring destinations if - different aggregations are needed for different sets of metrics - associated with that monitored resource type. A monitored resource - and metric pair may only be used once in the Monitoring - configuration. + The destination where API teams want this client library to be + published. type: array - description: >- - Monitoring configuration of the service. The example below shows how to - configure monitored resources and metrics for monitoring. In the - example, a monitored resource and two metrics are defined. The - `library.googleapis.com/book/returned_count` metric is sent to both - producer and consumer projects, whereas the - `library.googleapis.com/book/num_overdue` metric is only sent to the - consumer project. monitored_resources: - type: - library.googleapis.com/Branch display_name: "Library Branch" - description: "A branch of a library." launch_stage: GA labels: - key: - resource_container description: "The Cloud container (ie. project id) - for the Branch." - key: location description: "The location of the - library branch." - key: branch_id description: "The id of the branch." - metrics: - name: library.googleapis.com/book/returned_count - display_name: "Books Returned" description: "The count of books that - have been returned." launch_stage: GA metric_kind: DELTA value_type: - INT64 unit: "1" labels: - key: customer_id description: "The id of the - customer." - name: library.googleapis.com/book/num_overdue display_name: - "Books Overdue" description: "The current number of overdue books." - launch_stage: GA metric_kind: GAUGE value_type: INT64 unit: "1" labels: - - key: customer_id description: "The id of the customer." monitoring: - producer_destinations: - monitored_resource: - library.googleapis.com/Branch metrics: - - library.googleapis.com/book/returned_count consumer_destinations: - - monitored_resource: library.googleapis.com/Branch metrics: - - library.googleapis.com/book/returned_count - - library.googleapis.com/book/num_overdue - id: Monitoring + referenceDocsUri: + deprecated: true + description: >- + Link to automatically generated reference documentation. Example: + https://cloud.google.com/nodejs/docs/reference/asset/latest + type: string + id: CommonLanguageSettings + description: Required information for every language. type: object - V1Beta1ServiceIdentity: + EnumValue: properties: - email: - description: The email address of the service identity. - type: string + number: + type: integer + description: Enum value number. + format: int32 name: + description: Enum value name. type: string + options: + description: Protocol buffer options. + items: + $ref: '#/components/schemas/Option' + type: array + description: >- + Enum value definition. New usages of this message as an alternative to + EnumValueDescriptorProto are strongly discouraged. This message does not + reliability preserve all information necessary to model the schema and + preserve semantics. Instead make use of FileDescriptorSet which + preserves the necessary information. + type: object + id: EnumValue + ServiceAccountConfig: + description: Describes the service account configuration for the tenant project. + properties: + accountId: description: >- - P4 service identity resource name. An example name would be: - `services/serviceconsumermanagement.googleapis.com/projects/123/serviceIdentities/default` - tag: + ID of the IAM service account to be created in tenant project. The + email format of the service account is "@.iam.gserviceaccount.com". + This account ID must be unique within tenant project and service + producers have to guarantee it. The ID must be 6-30 characters long, + and match the following regular expression: + `[a-z]([-a-z0-9]*[a-z0-9])`. type: string - description: >- - The P4 service identity configuration tag. This must be defined in - activation_grants. If not specified when creating the account, the - tag is set to "default". - uniqueId: + tenantProjectRoles: + type: array + description: Roles for the associated service account for the tenant project. + items: + type: string + type: object + id: ServiceAccountConfig + ClientLibrarySettings: + properties: + phpSettings: + $ref: '#/components/schemas/PhpSettings' + description: Settings for PHP client libraries. + rubySettings: + $ref: '#/components/schemas/RubySettings' + description: Settings for Ruby client libraries. + version: type: string - description: The unique and stable id of the service identity. + description: >- + Version of the API to apply these settings to. This is the full + protobuf package for the API, ending in the version element. + Examples: "google.cloud.speech.v1" and + "google.spanner.admin.database.v1". + dotnetSettings: + description: Settings for .NET client libraries. + $ref: '#/components/schemas/DotnetSettings' + javaSettings: + description: Settings for legacy Java features, supported in the Service YAML. + $ref: '#/components/schemas/JavaSettings' + launchStage: + description: Launch stage of this version of the API. + enum: + - LAUNCH_STAGE_UNSPECIFIED + - UNIMPLEMENTED + - PRELAUNCH + - EARLY_ACCESS + - ALPHA + - BETA + - GA + - DEPRECATED + type: string + enumDescriptions: + - Do not use this default value. + - The feature is not yet implemented. Users can not use it. + - >- + Prelaunch features are hidden from users and are only visible + internally. + - >- + Early Access features are limited to a closed group of testers. To + use these features, you must sign up in advance and sign a Trusted + Tester agreement (which includes confidentiality provisions). + These features may be unstable, changed in backward-incompatible + ways, and are not guaranteed to be released. + - >- + Alpha is a limited availability test for releases before they are + cleared for widespread use. By Alpha, all significant design + issues are resolved and we are in the process of verifying + functionality. Alpha customers need to apply for access, agree to + applicable terms, and have their projects allowlisted. Alpha + releases don't have to be feature complete, no SLAs are provided, + and there are no technical support obligations, but they will be + far enough along that customers can actually use them in test + environments or for limited-use tests -- just like they would in + normal production cases. + - >- + Beta is the point at which we are ready to open a release for any + customer to use. There are no SLA or technical support obligations + in a Beta release. Products will be complete from a feature + perspective, but may have some open outstanding issues. Beta + releases are suitable for limited production use cases. + - >- + GA features are open to all developers and are considered stable + and fully qualified for production use. + - >- + Deprecated features are scheduled to be shut down and removed. For + more information, see the "Deprecation Policy" section of our + [Terms of Service](https://cloud.google.com/terms/) and the + [Google Cloud Platform Subject to the Deprecation + Policy](https://cloud.google.com/terms/deprecation) documentation. + nodeSettings: + description: Settings for Node client libraries. + $ref: '#/components/schemas/NodeSettings' + goSettings: + description: Settings for Go client libraries. + $ref: '#/components/schemas/GoSettings' + pythonSettings: + description: Settings for Python client libraries. + $ref: '#/components/schemas/PythonSettings' + restNumericEnums: + type: boolean + description: >- + When using transport=rest, the client request will encode enums as + numbers rather than strings. + cppSettings: + $ref: '#/components/schemas/CppSettings' + description: Settings for C++ client libraries. type: object - description: A service identity in the Identity and Access Management API. - id: V1Beta1ServiceIdentity - MetricRule: + id: ClientLibrarySettings + description: Details about how and where to publish client libraries. + Operation: properties: - metricCosts: + done: + type: boolean description: >- - Metrics to update when the selected methods are called, and the - associated cost applied to each metric. The key of the map is the - metric name, and the values are the amount increased for the metric - against which the quota limits are defined. The value must not be - negative. + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + error: + $ref: '#/components/schemas/Status' + description: >- + The error result of the operation in case of failure or + cancellation. + response: type: object + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. additionalProperties: - format: int64 - type: string - selector: + type: any + description: Properties of the object. Contains field @type with type URL. + name: description: >- - Selects the methods to which this rule applies. Refer to selector - for syntax details. + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string + metadata: + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + id: Operation description: >- - Bind API methods to metrics. Binding a method to a metric causes that - metric's configured quota behaviors to apply to the method call. - id: MetricRule - type: object - Documentation: + This resource represents a long-running operation that is the result of + a network API call. type: object + Aspect: properties: - documentationRootUrl: + kind: + description: The type of this aspect configuration. type: string - description: The URL to the root of documentation. - overview: + spec: description: >- - Declares a single overview page. For example: documentation: - summary: ... overview: (== include overview.md ==) This is a - shortcut for the following declaration (using pages style): - documentation: summary: ... pages: - name: Overview content: (== - include overview.md ==) Note: you cannot specify both `overview` - field and `pages` field. - type: string - serviceRootUrl: - type: string + Content of the configuration. The underlying schema should be + defined by Aspect owners as protobuf message under + `google/api/configaspects/proto`. + type: object + additionalProperties: + type: any + description: Properties of the object. + type: object + description: >- + Aspect represents Generic aspect. It is used to configure an aspect + without making direct changes to service.proto + id: Aspect + Field: + description: >- + A single field of a message type. New usages of this message as an + alternative to FieldDescriptorProto are strongly discouraged. This + message does not reliability preserve all information necessary to model + the schema and preserve semantics. Instead make use of FileDescriptorSet + which preserves the necessary information. + id: Field + properties: + oneofIndex: + format: int32 description: >- - Specifies the service root url if the default one (the service name - from the yaml file) is not suitable. This can be seen in any fully - specified service urls as well as sections that show a base that - other urls are relative to. - additionalIamInfo: + The index of the field type in `Type.oneofs`, for message or + enumeration types. The first type has index 1; zero means the type + is not in the list. + type: integer + kind: + enumDescriptions: + - Field type unknown. + - Field type double. + - Field type float. + - Field type int64. + - Field type uint64. + - Field type int32. + - Field type fixed64. + - Field type fixed32. + - Field type bool. + - Field type string. + - Field type group. Proto2 syntax only, and deprecated. + - Field type message. + - Field type bytes. + - Field type uint32. + - Field type enum. + - Field type sfixed32. + - Field type sfixed64. + - Field type sint32. + - Field type sint64. + description: The field type. + enum: + - TYPE_UNKNOWN + - TYPE_DOUBLE + - TYPE_FLOAT + - TYPE_INT64 + - TYPE_UINT64 + - TYPE_INT32 + - TYPE_FIXED64 + - TYPE_FIXED32 + - TYPE_BOOL + - TYPE_STRING + - TYPE_GROUP + - TYPE_MESSAGE + - TYPE_BYTES + - TYPE_UINT32 + - TYPE_ENUM + - TYPE_SFIXED32 + - TYPE_SFIXED64 + - TYPE_SINT32 + - TYPE_SINT64 type: string - description: >- - Optional information about the IAM configuration. This is typically - used to link to documentation about a product's IAM roles and - permissions. - sectionOverrides: - type: array - description: >- - Specifies section and content to override the boilerplate content. - Currently overrides following sections: 1. - rest.service.client_libraries - items: - $ref: '#/components/schemas/Page' - pages: - description: The top level pages for the documentation set. - items: - $ref: '#/components/schemas/Page' - type: array - rules: - description: >- - A list of documentation rules that apply to individual API elements. - **NOTE:** All service configuration rules follow "last one wins" - order. + packed: + type: boolean + description: Whether to use alternative packed wire representation. + options: + description: The protocol buffer options. type: array items: - $ref: '#/components/schemas/DocumentationRule' - summary: + $ref: '#/components/schemas/Option' + cardinality: + enum: + - CARDINALITY_UNKNOWN + - CARDINALITY_OPTIONAL + - CARDINALITY_REQUIRED + - CARDINALITY_REPEATED + description: The field cardinality. + type: string + enumDescriptions: + - For fields with unknown cardinality. + - For optional fields. + - For required fields. Proto2 syntax only. + - For repeated fields. + jsonName: + description: The field JSON name. + type: string + name: + type: string + description: The field name. + number: + type: integer + description: The field number. + format: int32 + typeUrl: description: >- - A short description of what the service does. The summary must be - plain text. It becomes the overview of the service displayed in - Google Cloud Console. NOTE: This field is equivalent to the standard - field `description`. + The field type URL, without the scheme, for message or enumeration + types. Example: `"type.googleapis.com/google.protobuf.Timestamp"`. + type: string + defaultValue: type: string - description: >- - `Documentation` provides the information for describing a service. - Example: documentation: summary: > The Google Calendar API gives access - to most calendar features. pages: - name: Overview content: (== include - google/foo/overview.md ==) - name: Tutorial content: (== include - google/foo/tutorial.md ==) subpages: - name: Java content: (== include - google/foo/tutorial_java.md ==) rules: - selector: - google.calendar.Calendar.Get description: > ... - selector: - google.calendar.Calendar.Put description: > ... Documentation is - provided in markdown syntax. In addition to standard markdown features, - definition lists, tables and fenced code blocks are supported. Section - headers can be provided and are interpreted relative to the section - nesting of the context where a documentation fragment is embedded. - Documentation from the IDL is merged with documentation defined via the - config at normalization time, where documentation provided by config - rules overrides IDL provided. A number of constructs specific to the API - platform are supported in documentation text. In order to reference a - proto element, the following notation can be used: - [fully.qualified.proto.name][] To override the display text used for the - link, this can be used: [display text][fully.qualified.proto.name] Text - can be excluded from doc using the following notation: (-- internal - comment --) A few directives are available in documentation. Note that - directives must appear on a single line to be properly identified. The - `include` directive includes a markdown file from an external source: - (== include path/to/file ==) The `resource_for` directive marks a - message to be the resource of a collection in REST view. If it is not - specified, tools attempt to infer the resource from the operations in a - collection: (== resource_for v1.shelves.books ==) The directive - `suppress_warning` does not directly affect documentation and is - documented together with service config validation. - id: Documentation - Authentication: - properties: - rules: - type: array description: >- - A list of authentication rules that apply to individual API methods. - **NOTE:** All service configuration rules follow "last one wins" - order. - items: - $ref: '#/components/schemas/AuthenticationRule' - providers: - description: Defines a set of authentication providers that a service supports. - type: array - items: - $ref: '#/components/schemas/AuthProvider' - id: Authentication - description: >- - `Authentication` defines the authentication configuration for API - methods provided by an API service. Example: name: - calendar.googleapis.com authentication: providers: - id: - google_calendar_auth jwks_uri: - https://www.googleapis.com/oauth2/v1/certs issuer: - https://securetoken.google.com rules: - selector: "*" requirements: - provider_id: google_calendar_auth - selector: google.calendar.Delegate - oauth: canonical_scopes: https://www.googleapis.com/auth/calendar.read - type: object - UndeleteTenantProjectRequest: - description: >- - Request message to undelete tenant project resource previously deleted - from the tenancy unit. + The string value of the default value of this field. Proto2 syntax + only. type: object - properties: - tag: - description: Required. Tag of the resource within the tenancy unit. - type: string - id: UndeleteTenantProjectRequest CustomErrorRule: - id: CustomErrorRule - type: object - description: A custom error rule. properties: - selector: - type: string - description: >- - Selects messages to which this rule applies. Refer to selector for - syntax details. isErrorType: type: boolean description: >- Mark this message as possible payload in error response. Otherwise, objects of this type will be filtered when they appear in error payload. - UsageRule: - properties: - allowUnregisteredCalls: - type: boolean - description: ' Use this rule to configure unregistered calls for the service. Unregistered calls are calls that do not contain consumer project identity. (Example: calls that do not contain an API key). WARNING: By default, API methods do not allow unregistered calls, and each method call must be identified by a consumer project identity.' - skipServiceControl: - description: >- - If true, the selected method should skip service control and the - control plane features, such as quota and billing, will not be - available. This flag is used by Google Cloud Endpoints to bypass - checks for internal methods, such as service health check methods. - type: boolean selector: type: string description: >- - Selects the methods to which this rule applies. Use '*' to indicate - all methods in all APIs. Refer to selector for syntax details. + Selects messages to which this rule applies. Refer to selector for + syntax details. + description: A custom error rule. type: object - description: Usage configuration rules for the service. - id: UsageRule - V1Beta1BatchCreateProducerOverridesResponse: - description: Response message for BatchCreateProducerOverrides + id: CustomErrorRule + CppSettings: + description: Settings for C++ client libraries. type: object - id: V1Beta1BatchCreateProducerOverridesResponse properties: - overrides: - items: - $ref: '#/components/schemas/V1Beta1QuotaOverride' - description: The overrides that were created. - type: array - CustomError: + common: + description: Some settings. + $ref: '#/components/schemas/CommonLanguageSettings' + id: CppSettings + Option: + type: object description: >- - Customize service error responses. For example, list any service - specific protobuf types that can appear in error detail lists of error - responses. Example: custom_error: types: - google.foo.v1.CustomError - - google.foo.v1.AnotherError + A protocol buffer option, which can be attached to a message, field, + enumeration, etc. New usages of this message as an alternative to + FileOptions, MessageOptions, FieldOptions, EnumOptions, + EnumValueOptions, ServiceOptions, or MethodOptions are strongly + discouraged. properties: - rules: - items: - $ref: '#/components/schemas/CustomErrorRule' - type: array + value: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any description: >- - The list of custom error rules that apply to individual API - messages. **NOTE:** All service configuration rules follow "last one - wins" order. - types: - items: - type: string + The option's value packed in an Any message. If the value is a + primitive, the corresponding wrapper type defined in + google/protobuf/wrappers.proto should be used. If the value is an + enum, it should be stored as an int32 value using the + google.protobuf.Int32Value type. + name: description: >- - The list of custom error detail types, e.g. - 'google.foo.v1.CustomError'. - type: array - id: CustomError + The option's name. For protobuf built-in options (options defined in + descriptor.proto), this is the short name. For example, + `"map_entry"`. For custom options, it should be the fully-qualified + name. For example, `"google.api.http"`. + type: string + id: Option + TenantProjectConfig: type: object - LongRunning: + id: TenantProjectConfig description: >- - Describes settings to use when generating API methods that use the - long-running operation pattern. All default values below are from those - used in the client library generators (e.g. - [Java](https://github.com/googleapis/gapic-generator-java/blob/04c2faa191a9b5a10b92392fe8482279c4404803/src/main/java/com/google/api/generator/gapic/composer/common/RetrySettingsComposer.java)). - id: LongRunning + This structure defines a tenant project to be added to the specified + tenancy unit and its initial configuration and properties. A project + lien is created for the tenant project to prevent the tenant project + from being deleted accidentally. The lien is deleted as part of tenant + project removal. properties: - totalPollTimeout: - description: 'Total polling timeout. Default value: 5 minutes.' - format: google-duration - type: string - maxPollDelay: + labels: + type: object + additionalProperties: + type: string + description: Labels that are applied to this project. + billingConfig: + $ref: '#/components/schemas/BillingConfig' + description: Billing account properties. The billing account must be specified. + folder: type: string description: >- - Maximum time between two subsequent poll requests. Default value: 45 - seconds. - format: google-duration - pollDelayMultiplier: - type: number - format: float - description: >- - Multiplier to gradually increase delay between subsequent polls - until it reaches max_poll_delay. Default value: 1.5. - initialPollDelay: - description: >- - Initial delay after which the first poll request will be made. - Default value: 5 seconds. - type: string - format: google-duration - type: object - V1Beta1ImportProducerQuotaPoliciesResponse: - properties: - policies: + Folder where project in this tenancy unit must be located This + folder must have been previously created with the required + permissions for the caller to create and configure a project in it. + Valid folder resource names have the format + `folders/{folder_number}` (for example, `folders/123456`). + services: type: array - description: The policies that were created from the imported data. items: - $ref: '#/components/schemas/V1Beta1ProducerQuotaPolicy' - type: object - description: Response message for ImportProducerQuotaPolicies - id: V1Beta1ImportProducerQuotaPoliciesResponse - DocumentationRule: - id: DocumentationRule - type: object - description: A documentation rule provides information about individual API elements. + type: string + description: >- + Google Cloud API names of services that are activated on this + project during provisioning. If any of these services can't be + activated, the request fails. For example: + 'compute.googleapis.com','cloudfunctions.googleapis.com' + serviceAccountConfig: + description: Configuration for the IAM service account on the tenant project. + $ref: '#/components/schemas/ServiceAccountConfig' + tenantProjectPolicy: + description: Describes ownership and policies for the new tenant project. + $ref: '#/components/schemas/TenantProjectPolicy' + TenancyUnit: properties: - disableReplacementWords: + name: + description: >- + Globally unique identifier of this tenancy unit + "services/{service}/{collection id}/{resource + id}/tenancyUnits/{unit}" type: string + tenantResources: + items: + $ref: '#/components/schemas/TenantResource' + type: array description: >- - String of comma or space separated case-sensitive words for which - method/field name replacement will be disabled. - description: + Resources constituting the tenancy unit. There can be at most 512 + tenant resources in a tenancy unit. + consumer: + type: string + readOnly: true description: >- - Description of the selected proto element (e.g. a message, a method, - a 'service' definition, or a field). Defaults to leading & trailing - comments taken from the proto source definition of the proto - element. + Output only. @OutputOnly Cloud resource name of the consumer of this + service. For example 'projects/123456'. + service: + readOnly: true + description: >- + Output only. Google Cloud API name of the managed service owning + this tenancy unit. For example + 'serviceconsumermanagement.googleapis.com'. type: string - selector: + createTime: type: string - description: >- - The selector is a comma-separated list of patterns for any element - such as a method, a field, an enum value. Each pattern is a - qualified name of the element which may end in "*", indicating a - wildcard. Wildcards are only allowed at the end and for a whole - component of the qualified name, i.e. "foo.*" is ok, but not - "foo.b*" or "foo.*.bar". A wildcard will match one or more - components. To specify a default for all applicable elements, the - whole pattern "*" is used. - deprecationDescription: + description: Output only. @OutputOnly The time this tenancy unit was created. + format: google-datetime + readOnly: true + id: TenancyUnit + type: object + description: Representation of a tenancy unit. + ApplyTenantProjectConfigRequest: + description: Request to apply configuration to an existing tenant project. + id: ApplyTenantProjectConfigRequest + properties: + tag: type: string description: >- - Deprecation description of the selected element(s). It can be - provided if an element is marked as `deprecated`. - Usage: - description: Configuration controlling usage of a service. + Required. Tag of the project. Must be less than 128 characters. + Required. + projectConfig: + $ref: '#/components/schemas/TenantProjectConfig' + description: Configuration that should be applied to the existing tenant project. + type: object + BatchingDescriptorProto: + description: >- + `BatchingDescriptorProto` specifies the fields of the request message to + be used for batching, and, optionally, the fields of the response + message to be used for demultiplexing. + id: BatchingDescriptorProto properties: - rules: - items: - $ref: '#/components/schemas/UsageRule' - type: array + subresponseField: description: >- - A list of usage rules that apply to individual API methods. - **NOTE:** All service configuration rules follow "last one wins" - order. - producerNotificationChannel: + Optional. When present, indicates the field in the response message + to be used to demultiplex the response into multiple response + messages, in correspondence with the multiple request messages + originally batched together. type: string + batchedField: description: >- - The full resource name of a channel used for sending notifications - to the service producer. Google Service Management currently only - supports [Google Cloud Pub/Sub](https://cloud.google.com/pubsub) as - a notification channel. To use Google Cloud Pub/Sub as the channel, - this must be the name of a Cloud Pub/Sub topic that uses the Cloud - Pub/Sub topic name format documented in - https://cloud.google.com/pubsub/docs/overview. - requirements: + The repeated field in the request message to be aggregated by + batching. + type: string + discriminatorFields: description: >- - Requirements that must be satisfied before a consumer project can - use the service. Each requirement is of the form /; for example - 'serviceusage.googleapis.com/billing-enabled'. For Google APIs, a - Terms of Service requirement must be included here. Google Cloud - APIs must include "serviceusage.googleapis.com/tos/cloud". Other - Google APIs should include - "serviceusage.googleapis.com/tos/universal". Additional ToS can be - included based on the business needs. + A list of the fields in the request message. Two requests will be + batched together only if the values of every field specified in + `request_discriminator_fields` is equal between the two requests. type: array items: type: string - id: Usage type: object - V1DisableConsumerResponse: - id: V1DisableConsumerResponse - properties: {} + V1Beta1ServiceIdentity: + description: A service identity in the Identity and Access Management API. type: object - description: >- - Response message for the `DisableConsumer` method. This response message - is assigned to the `response` field of the returned Operation when that - operation is done. - MethodSettings: - id: MethodSettings + properties: + uniqueId: + type: string + description: The unique and stable id of the service identity. + email: + description: The email address of the service identity. + type: string + name: + description: >- + P4 service identity resource name. An example name would be: + `services/serviceconsumermanagement.googleapis.com/projects/123/serviceIdentities/default` + type: string + projectRole: + type: string + description: >- + The project-level IAM role defined in the service agent's grant + configuration. This is the standard role intended for this service + agent. This field is populated regardless of the `skip_role_attach` + option in the request. If `skip_role_attach` is true, the caller can + use this value to know which role they are responsible for granting. + tag: + type: string + description: >- + The P4 service identity configuration tag. This must be defined in + activation_grants. If not specified when creating the account, the + tag is set to "default". + id: V1Beta1ServiceIdentity + TenantResource: + id: TenantResource + properties: + tag: + type: string + description: Unique per single tenancy unit. + resource: + type: string + readOnly: true + description: >- + Output only. @OutputOnly Identifier of the tenant resource. For + cloud projects, it is in the form 'projects/{number}'. For example + 'projects/123456'. + status: + enumDescriptions: + - Unspecified status is the default unset value. + - Creation of the tenant resource is ongoing. + - Active resource. + - Deletion of the resource is ongoing. + - Tenant resource creation or deletion has failed. + - Tenant resource has been deleted. + enum: + - STATUS_UNSPECIFIED + - PENDING_CREATE + - ACTIVE + - PENDING_DELETE + - FAILED + - DELETED + type: string + description: Status of tenant resource. + description: Resource constituting the TenancyUnit. type: object + V1Beta1ProducerQuotaPolicy: + id: V1Beta1ProducerQuotaPolicy + description: Quota policy created by service producer. properties: - selector: + dimensions: + description: ' If this map is nonempty, then this policy applies only to specific values for dimensions defined in the limit unit. For example, a policy on a limit with the unit 1/{project}/{region} could contain an entry with the key "region" and the value "us-east-1"; the policy is only applied to quota consumed in that region. This map has the following restrictions: * Keys that are not defined in the limit''s unit are not valid keys. Any string appearing in {brackets} in the unit (besides {project} or {user}) is a defined key. * "project" is not a valid key; the project is already specified in the parent resource name. * "user" is not a valid key; the API does not support quota polcies that apply only to a specific user. * If "region" appears as a key, its value must be a valid Cloud region. * If "zone" appears as a key, its value must be a valid Cloud zone. * If any valid key other than "region" or "zone" appears in the map, then all valid keys other than "region" or "zone" must also appear in the map.' + type: object + additionalProperties: + type: string + name: + type: string description: >- - The fully qualified name of the method, for which the options below - apply. This is used to find the method to apply the options. - Example: publishing: method_settings: - selector: - google.storage.control.v2.StorageControl.CreateFolder # method - settings for CreateFolder... + The resource name of the producer policy. An example name would be: + `services/compute.googleapis.com/organizations/123/consumerQuotaMetrics/compute.googleapis.com%2Fcpus/limits/%2Fproject%2Fregion/producerQuotaPolicies/4a3f2c1d` + container: + description: >- + The cloud resource container at which the quota policy is created. + The format is {container_type}/{container_number} type: string - longRunning: + policyValue: description: >- - Describes settings to use for long-running operations when - generating API methods for RPCs. Complements RPCs that use the - annotations in google/longrunning/operations.proto. Example of a - YAML configuration:: publishing: method_settings: - selector: - google.cloud.speech.v2.Speech.BatchRecognize long_running: - initial_poll_delay: 60s # 1 minute poll_delay_multiplier: 1.5 - max_poll_delay: 360s # 6 minutes total_poll_timeout: 54000s # 90 - minutes - $ref: '#/components/schemas/LongRunning' - batching: + The quota policy value. Can be any nonnegative integer, or -1 + (unlimited quota). + format: int64 + type: string + metric: description: >- - Batching configuration for an API method in client libraries. - Example of a YAML configuration: publishing: method_settings: - - selector: google.example.v1.ExampleService.BatchCreateExample - batching: element_count_threshold: 1000 request_byte_threshold: - 100000000 delay_threshold_millis: 10 - $ref: '#/components/schemas/BatchingConfigProto' + The name of the metric to which this policy applies. An example name + would be: `compute.googleapis.com/cpus` + type: string + unit: + description: >- + The limit unit of the limit to which this policy applies. An example + unit would be: `1/{project}/{region}` Note that `{project}` and + `{region}` are not placeholders in this example; the literal + characters `{` and `}` occur in the string. + type: string + type: object + MethodSettings: + properties: autoPopulatedFields: - items: - type: string description: >- List of top-level fields of the request message, that should be automatically populated by the client libraries based on their @@ -924,2259 +1002,1789 @@ components: selector: google.example.v1.ExampleService.CreateExample auto_populated_fields: - request_id type: array - description: Describes the generator configuration for a method. - V1Beta1ImportProducerOverridesResponse: - properties: - overrides: - items: - $ref: '#/components/schemas/V1Beta1QuotaOverride' - description: The overrides that were created from the imported data. - type: array - type: object - description: Response message for ImportProducerOverrides - id: V1Beta1ImportProducerOverridesResponse - V1RemoveVisibilityLabelsResponse: - description: >- - Response message for the `RemoveVisibilityLabels` method. This response - message is assigned to the `response` field of the returned Operation - when that operation is done. - properties: - labels: items: type: string - type: array + batching: + $ref: '#/components/schemas/BatchingConfigProto' description: >- - The updated set of visibility labels for this consumer on this - service. - id: V1RemoveVisibilityLabelsResponse + Batching configuration for an API method in client libraries. + Example of a YAML configuration: publishing: method_settings: - + selector: google.example.v1.ExampleService.BatchCreateExample + batching: element_count_threshold: 1000 request_byte_threshold: + 100000000 delay_threshold_millis: 10 + longRunning: + description: >- + Describes settings to use for long-running operations when + generating API methods for RPCs. Complements RPCs that use the + annotations in google/longrunning/operations.proto. Example of a + YAML configuration:: publishing: method_settings: - selector: + google.cloud.speech.v2.Speech.BatchRecognize long_running: + initial_poll_delay: 60s # 1 minute poll_delay_multiplier: 1.5 + max_poll_delay: 360s # 6 minutes total_poll_timeout: 54000s # 90 + minutes + $ref: '#/components/schemas/LongRunning' + selector: + description: >- + The fully qualified name of the method, for which the options below + apply. This is used to find the method to apply the options. + Example: publishing: method_settings: - selector: + google.storage.control.v2.StorageControl.CreateFolder # method + settings for CreateFolder... + type: string + description: Describes the generator configuration for a method. + id: MethodSettings type: object - AddTenantProjectRequest: + PhpSettings: properties: - tag: - description: >- - Required. Tag of the added project. Must be less than 128 - characters. Required. + common: + description: Some settings. + $ref: '#/components/schemas/CommonLanguageSettings' + libraryPackage: type: string - projectConfig: description: >- - Configuration of the new tenant project to be added to tenancy unit - resources. - $ref: '#/components/schemas/TenantProjectConfig' - description: >- - Request to add a newly created and configured tenant project to a - tenancy unit. + The package name to use in Php. Clobbers the php_namespace option + set in the protobuf. This should be used **only** by APIs who have + already set the language_settings.php.package_name" field in + gapic.yaml. API teams should use the protobuf php_namespace option + where possible. Example of a YAML configuration:: publishing: + library_settings: php_settings: library_package: + Google\Cloud\PubSub\V1 + description: Settings for Php client libraries. + id: PhpSettings + type: object + V1Beta1QuotaOverride: + description: A quota override type: object - id: AddTenantProjectRequest - Method: properties: - options: - description: Any metadata attached to the method. - type: array - items: - $ref: '#/components/schemas/Option' - requestTypeUrl: + dimensions: + type: object + description: ' If this map is nonempty, then this override applies only to specific values for dimensions defined in the limit unit. For example, an override on a limit with the unit 1/{project}/{region} could contain an entry with the key "region" and the value "us-east-1"; the override is only applied to quota consumed in that region. This map has the following restrictions: * Keys that are not defined in the limit''s unit are not valid keys. Any string appearing in {brackets} in the unit (besides {project} or {user}) is a defined key. * "project" is not a valid key; the project is already specified in the parent resource name. * "user" is not a valid key; the API does not support quota overrides that apply only to a specific user. * If "region" appears as a key, its value must be a valid Cloud region. * If "zone" appears as a key, its value must be a valid Cloud zone. * If any valid key other than "region" or "zone" appears in the map, then all valid keys other than "region" or "zone" must also appear in the map.' + additionalProperties: + type: string + metric: type: string - description: A URL of the input message type. - responseTypeUrl: + description: >- + The name of the metric to which this override applies. An example + name would be: `compute.googleapis.com/cpus` + adminOverrideAncestor: + description: >- + The resource name of the ancestor that requested the override. For + example: "organizations/12345" or "folders/67890". Used by admin + overrides only. type: string - description: The URL of the output message type. + unit: + type: string + description: >- + The limit unit of the limit to which this override applies. An + example unit would be: `1/{project}/{region}` Note that `{project}` + and `{region}` are not placeholders in this example; the literal + characters `{` and `}` occur in the string. name: - description: The simple name of this method. + description: >- + The resource name of the producer override. An example name would + be: + `services/compute.googleapis.com/projects/123/consumerQuotaMetrics/compute.googleapis.com%2Fcpus/limits/%2Fproject%2Fregion/producerOverrides/4a3f2c1d` type: string - responseStreaming: - type: boolean - description: If true, the response is streamed. - syntax: - enum: - - SYNTAX_PROTO2 - - SYNTAX_PROTO3 - - SYNTAX_EDITIONS - enumDescriptions: - - Syntax `proto2`. - - Syntax `proto3`. - - Syntax `editions`. - description: The source syntax of this method. + overrideValue: type: string - requestStreaming: - type: boolean - description: If true, the request is streamed. - description: Method represents a method of an API interface. - id: Method - type: object - SourceInfo: - properties: - sourceFiles: - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - type: array - description: All files used during config generation. - id: SourceInfo - type: object - description: Source information used to create a Service Config - BillingConfig: - properties: - billingAccount: + format: int64 description: >- - Name of the billing account. For example - `billingAccounts/012345-567890-ABCDEF`. - type: string - description: Describes the billing configuration for a new tenant project. - id: BillingConfig + The overriding quota limit value. Can be any nonnegative integer, or + -1 (unlimited quota). + id: V1Beta1QuotaOverride + V1Beta1RefreshConsumerResponse: type: object - V1EnableConsumerResponse: - id: V1EnableConsumerResponse description: >- - Response message for the `EnableConsumer` method. This response message + Response message for the `RefreshConsumer` method. This response message is assigned to the `response` field of the returned Operation when that operation is done. + id: V1Beta1RefreshConsumerResponse properties: {} - type: object - MonitoringDestination: + Context: description: >- - Configuration of a specific monitoring destination (the producer project - or the consumer project). + `Context` defines which contexts an API requests. Example: context: + rules: - selector: "*" requested: - google.rpc.context.ProjectContext - + google.rpc.context.OriginContext The above specifies that all methods in + the API request `google.rpc.context.ProjectContext` and + `google.rpc.context.OriginContext`. Available context types are defined + in package `google.rpc.context`. This also provides mechanism to + allowlist any protobuf message extension that can be sent in grpc + metadata using “x-goog-ext--bin” and “x-goog-ext--jspb” format. For + example, list any service specific protobuf types that can appear in + grpc metadata as follows in your yaml file: Example: context: rules: - + selector: "google.example.library.v1.LibraryService.CreateBook" + allowed_request_extensions: - google.foo.v1.NewExtension + allowed_response_extensions: - google.foo.v1.NewExtension You can also + specify extension ID instead of fully qualified extension name here. properties: - monitoredResource: - type: string + rules: description: >- - The monitored resource type. The type must be defined in - Service.monitored_resources section. - metrics: + A list of RPC context rules that apply to individual API methods. + **NOTE:** All service configuration rules follow "last one wins" + order. items: - type: string + $ref: '#/components/schemas/ContextRule' type: array - description: >- - Types of the metrics to report to this monitoring destination. Each - type must be defined in Service.metrics section. + id: Context type: object - id: MonitoringDestination - Service: + BatchingSettingsProto: type: object + id: BatchingSettingsProto properties: - publishing: - description: >- - Settings for [Google Cloud Client - libraries](https://cloud.google.com/apis/docs/cloud-client-libraries) - generated from APIs defined as protocol buffers. - $ref: '#/components/schemas/Publishing' - context: - description: Context configuration. - $ref: '#/components/schemas/Context' - producerProjectId: - description: The Google project that owns this service. - type: string - types: + elementCountLimit: + type: integer + format: int32 description: >- - A list of all proto message types included in this API service. - Types referenced directly or indirectly by the `apis` are - automatically included. Messages which are not referenced but shall - be included, such as types used by the `google.protobuf.Any` type, - should be listed here by name by the configuration author. Example: - types: - name: google.protobuf.Int32 - type: array - items: - $ref: '#/components/schemas/Type' - systemParameters: - description: System parameter configuration. - $ref: '#/components/schemas/SystemParameters' - id: + The maximum number of elements collected in a batch that could be + accepted by server. + flowControlElementLimit: + format: int32 + type: integer + description: The maximum number of elements allowed by flow control. + elementCountThreshold: + type: integer + format: int32 description: >- - A unique ID for a specific instance of this message, typically - assigned by the client for tracking purpose. Must be no longer than - 63 characters and only lower case letters, digits, '.', '_' and '-' - are allowed. If empty, the server may choose to generate one - instead. + The number of elements of a field collected into a batch which, if + exceeded, causes the batch to be sent. + flowControlLimitExceededBehavior: + enumDescriptions: + - Default behavior, system-defined. + - Stop operation, raise error. + - Pause operation until limit clears. + - Continue operation, disregard limit. + description: The behavior to take when the flow control limit is exceeded. + enum: + - UNSET_BEHAVIOR + - THROW_EXCEPTION + - BLOCK + - IGNORE + type: string + requestByteLimit: + type: integer + format: int32 + description: The maximum size of the request that could be accepted by server. + requestByteThreshold: + format: int64 type: string - endpoints: - items: - $ref: '#/components/schemas/Endpoint' - type: array description: >- - Configuration for network endpoints. If this is empty, then an - endpoint with the same name as the service is automatically - generated to service all defined APIs. - billing: - description: Billing configuration. - $ref: '#/components/schemas/Billing' - http: - $ref: '#/components/schemas/Http' - description: HTTP configuration. - sourceInfo: + The aggregated size of the batched field which, if exceeded, causes + the batch to be sent. This size is computed by aggregating the sizes + of the request field to be batched, not of the entire request + message. + flowControlByteLimit: + type: integer + format: int32 + description: The maximum size of data allowed by flow control. + delayThreshold: + format: google-duration + type: string description: >- - Output only. The source information for this configuration if - available. - $ref: '#/components/schemas/SourceInfo' - aspects: + The duration after which a batch should be sent, starting from the + addition of the first message to that batch. + description: >- + `BatchingSettingsProto` specifies a set of batching thresholds, each of + which acts as a trigger to send a batch of messages as a request. At + least one threshold must be positive nonzero. + V1Beta1ImportProducerOverridesResponse: + description: Response message for ImportProducerOverrides + id: V1Beta1ImportProducerOverridesResponse + type: object + properties: + overrides: items: - $ref: '#/components/schemas/Aspect' - description: >- - Configuration aspects. This is a repeated field to allow multiple - aspects to be configured. The kind field in each ConfigAspect - specifies the type of aspect. The spec field contains the - configuration for that aspect. The schema for the spec field is - defined by the backend service owners. + $ref: '#/components/schemas/V1Beta1QuotaOverride' type: array - configVersion: - type: integer + description: The overrides that were created from the imported data. + Publishing: + id: Publishing + properties: + apiShortName: description: >- - Obsolete. Do not use. This field has no semantic meaning. The - service config compiler always sets this field to `3`. - format: uint32 - title: + Used as a tracking tag when collecting data about the APIs developer + relations artifacts like docs, packages delivered to package + managers, etc. Example: "speech". + type: string + restReferenceDocumentationUri: description: >- - The product title for this service, it is the name displayed in - Google Cloud Console. + Optional link to REST reference documentation. Example: + https://cloud.google.com/pubsub/lite/docs/reference/rest type: string - metrics: - description: Defines the metrics used by this service. - items: - $ref: '#/components/schemas/MetricDescriptor' - type: array - monitoredResources: - type: array + documentationUri: description: >- - Defines the monitored resources used by this service. This is - required by the Service.monitoring and Service.logging - configurations. - items: - $ref: '#/components/schemas/MonitoredResourceDescriptor' - name: + Link to product home page. Example: + https://cloud.google.com/asset-inventory/docs/overview type: string + methodSettings: description: >- - The service name, which is a DNS-like logical identifier for the - service, such as `calendar.googleapis.com`. The service name - typically goes through DNS verification to make sure the owner of - the service also owns the DNS name. - customError: - $ref: '#/components/schemas/CustomError' - description: Custom error configuration. - monitoring: - description: Monitoring configuration. - $ref: '#/components/schemas/Monitoring' - usage: - $ref: '#/components/schemas/Usage' - description: Configuration controlling usage of this service. - documentation: - description: Additional API documentation. - $ref: '#/components/schemas/Documentation' - systemTypes: - items: - $ref: '#/components/schemas/Type' + A list of API method settings, e.g. the behavior for methods that + use the long-running operation pattern. type: array - description: >- - A list of all proto message types included in this API service. It - serves similar purpose as [google.api.Service.types], except that - these types are not needed by user-defined APIs. Therefore, they - will not show up in the generated discovery doc. This field should - only be used to define system APIs in ESF. - control: - $ref: '#/components/schemas/Control' - description: Configuration for the service control plane. - authentication: - description: Auth configuration. - $ref: '#/components/schemas/Authentication' - logging: - $ref: '#/components/schemas/Logging' - description: Logging configuration. - backend: - description: API backend configuration. - $ref: '#/components/schemas/Backend' - enums: items: - $ref: '#/components/schemas/Enum' - type: array + $ref: '#/components/schemas/MethodSettings' + docTagPrefix: description: >- - A list of all enum types included in this API service. Enums - referenced directly or indirectly by the `apis` are automatically - included. Enums which are not referenced but shall be included - should be listed here by name by the configuration author. Example: - enums: - name: google.someapi.v1.SomeEnum - apis: + A prefix used in sample code when demarking regions to be included + in documentation. + type: string + codeownerGithubTeams: + items: + type: string description: >- - A list of API interfaces exported by this service. Only the `name` - field of the google.protobuf.Api needs to be provided by the - configuration author, as the remaining fields will be derived from - the IDL during the normalization process. It is an error to specify - an API interface here which cannot be resolved against the - associated IDL files. + GitHub teams to be added to CODEOWNERS in the directory in GitHub + containing source code for the client libraries for this API. type: array + protoReferenceDocumentationUri: + description: >- + Optional link to proto reference documentation. Example: + https://cloud.google.com/pubsub/lite/docs/reference/rpc + type: string + librarySettings: items: - $ref: '#/components/schemas/Api' - logs: - items: - $ref: '#/components/schemas/LogDescriptor' - description: Defines the logs used by this service. + $ref: '#/components/schemas/ClientLibrarySettings' type: array - quota: - description: Quota configuration. - $ref: '#/components/schemas/Quota' - id: Service - description: >- - `Service` is the root object of Google API service configuration - (service config). It describes the basic information about a logical - service, such as the service name and the user-facing title, and - delegates other aspects to sub-sections. Each sub-section is either a - proto message or a repeated proto message that configures a specific - aspect, such as auth. For more information, see each proto message - definition. Example: type: google.api.Service name: - calendar.googleapis.com title: Google Calendar API apis: - name: - google.calendar.v3.Calendar visibility: rules: - selector: - "google.calendar.v3.*" restriction: PREVIEW backend: rules: - selector: - "google.calendar.v3.*" address: calendar.example.com authentication: - providers: - id: google_calendar_auth jwks_uri: - https://www.googleapis.com/oauth2/v1/certs issuer: - https://securetoken.google.com rules: - selector: "*" requirements: - provider_id: google_calendar_auth - SystemParameter: - type: object - description: >- - Define a parameter's name and location. The parameter may be passed as - either an HTTP header or a URL query parameter, and if both are passed - the behavior is implementation-dependent. - properties: - urlQueryParameter: description: >- - Define the URL query parameter name to use for the parameter. It is - case sensitive. - type: string - name: + Client library settings. If the same version string appears multiple + times in this list, then the last one wins. Settings from earlier + settings with the same version string are discarded. + githubLabel: type: string description: >- - Define the name of the parameter, such as "api_key" . It is case - sensitive. - httpHeader: + GitHub label to apply to issues and pull requests opened for this + API. + newIssueUri: type: string description: >- - Define the HTTP header name to use for the parameter. It is case - insensitive. - id: SystemParameter - V1Beta1EnableConsumerResponse: - id: V1Beta1EnableConsumerResponse + Link to a *public* URI where users can report issues. Example: + https://issuetracker.google.com/issues/new?component=190865&template=1161103 + organization: + enum: + - CLIENT_LIBRARY_ORGANIZATION_UNSPECIFIED + - CLOUD + - ADS + - PHOTOS + - STREET_VIEW + - SHOPPING + - GEO + - GENERATIVE_AI + type: string + enumDescriptions: + - Not useful. + - Google Cloud Platform Org. + - Ads (Advertising) Org. + - Photos Org. + - Street View Org. + - Shopping Org. + - Geo Org. + - Generative AI - https://developers.generativeai.google + description: For whom the client library is being published. type: object description: >- - Response message for the `EnableConsumer` method. This response message - is assigned to the `response` field of the returned Operation when that - operation is done. - properties: {} - Control: + This message configures the settings for publishing [Google Cloud Client + libraries](https://cloud.google.com/apis/docs/cloud-client-libraries) + generated from the service config. + Api: properties: - methodPolicies: - type: array - description: Defines policies applying to the API methods of the service. - items: - $ref: '#/components/schemas/MethodPolicy' - environment: - type: string + sourceContext: description: >- - The service controller environment to use. If empty, no control - plane feature (like quota and billing) will be enabled. The - recommended value for most services is servicecontrol.googleapis.com - description: >- - Selects and configures the service controller used by the service. - Example: control: environment: servicecontrol.googleapis.com - id: Control - type: object - SourceContext: - id: SourceContext - type: object - description: >- - `SourceContext` represents information about the source of a protobuf - element, like the file in which it is defined. - properties: - fileName: - description: >- - The path-qualified name of the .proto file that contained the - associated protobuf element. For example: - `"google/protobuf/source_context.proto"`. - type: string - HttpRule: - type: object - id: HttpRule - description: >- - gRPC Transcoding gRPC Transcoding is a feature for mapping between a - gRPC method and one or more HTTP REST endpoints. It allows developers to - build a single API service that supports both gRPC APIs and REST APIs. - Many systems, including [Google - APIs](https://github.com/googleapis/googleapis), [Cloud - Endpoints](https://cloud.google.com/endpoints), [gRPC - Gateway](https://github.com/grpc-ecosystem/grpc-gateway), and - [Envoy](https://github.com/envoyproxy/envoy) proxy support this feature - and use it for large scale production services. `HttpRule` defines the - schema of the gRPC/REST mapping. The mapping specifies how different - portions of the gRPC request message are mapped to the URL path, URL - query parameters, and HTTP request body. It also controls how the gRPC - response message is mapped to the HTTP response body. `HttpRule` is - typically specified as an `google.api.http` annotation on the gRPC - method. Each mapping specifies a URL path template and an HTTP method. - The path template may refer to one or more fields in the gRPC request - message, as long as each field is a non-repeated field with a primitive - (non-message) type. The path template controls how fields of the request - message are mapped to the URL path. Example: service Messaging { rpc - GetMessage(GetMessageRequest) returns (Message) { option - (google.api.http) = { get: "/v1/{name=messages/*}" }; } } message - GetMessageRequest { string name = 1; // Mapped to URL path. } message - Message { string text = 1; // The resource content. } This enables an - HTTP REST to gRPC mapping as below: - HTTP: `GET /v1/messages/123456` - - gRPC: `GetMessage(name: "messages/123456")` Any fields in the request - message which are not bound by the path template automatically become - HTTP query parameters if there is no HTTP request body. For example: - service Messaging { rpc GetMessage(GetMessageRequest) returns (Message) - { option (google.api.http) = { get:"/v1/messages/{message_id}" }; } } - message GetMessageRequest { message SubMessage { string subfield = 1; } - string message_id = 1; // Mapped to URL path. int64 revision = 2; // - Mapped to URL query parameter `revision`. SubMessage sub = 3; // Mapped - to URL query parameter `sub.subfield`. } This enables a HTTP JSON to RPC - mapping as below: - HTTP: `GET - /v1/messages/123456?revision=2&sub.subfield=foo` - gRPC: - `GetMessage(message_id: "123456" revision: 2 sub: SubMessage(subfield: - "foo"))` Note that fields which are mapped to URL query parameters must - have a primitive type or a repeated primitive type or a non-repeated - message type. In the case of a repeated type, the parameter can be - repeated in the URL as `...?param=A¶m=B`. In the case of a message - type, each field of the message is mapped to a separate parameter, such - as `...?foo.a=A&foo.b=B&foo.c=C`. For HTTP methods that allow a request - body, the `body` field specifies the mapping. Consider a REST update - method on the message resource collection: service Messaging { rpc - UpdateMessage(UpdateMessageRequest) returns (Message) { option - (google.api.http) = { patch: "/v1/messages/{message_id}" body: "message" - }; } } message UpdateMessageRequest { string message_id = 1; // mapped - to the URL Message message = 2; // mapped to the body } The following - HTTP JSON to RPC mapping is enabled, where the representation of the - JSON in the request body is determined by protos JSON encoding: - HTTP: - `PATCH /v1/messages/123456 { "text": "Hi!" }` - gRPC: - `UpdateMessage(message_id: "123456" message { text: "Hi!" })` The - special name `*` can be used in the body mapping to define that every - field not bound by the path template should be mapped to the request - body. This enables the following alternative definition of the update - method: service Messaging { rpc UpdateMessage(Message) returns (Message) - { option (google.api.http) = { patch: "/v1/messages/{message_id}" body: - "*" }; } } message Message { string message_id = 1; string text = 2; } - The following HTTP JSON to RPC mapping is enabled: - HTTP: `PATCH - /v1/messages/123456 { "text": "Hi!" }` - gRPC: - `UpdateMessage(message_id: "123456" text: "Hi!")` Note that when using - `*` in the body mapping, it is not possible to have HTTP parameters, as - all fields not bound by the path end in the body. This makes this option - more rarely used in practice when defining REST APIs. The common usage - of `*` is in custom methods which don't use the URL at all for - transferring data. It is possible to define multiple HTTP methods for - one RPC by using the `additional_bindings` option. Example: service - Messaging { rpc GetMessage(GetMessageRequest) returns (Message) { option - (google.api.http) = { get: "/v1/messages/{message_id}" - additional_bindings { get: "/v1/users/{user_id}/messages/{message_id}" } - }; } } message GetMessageRequest { string message_id = 1; string user_id - = 2; } This enables the following two alternative HTTP JSON to RPC - mappings: - HTTP: `GET /v1/messages/123456` - gRPC: - `GetMessage(message_id: "123456")` - HTTP: `GET - /v1/users/me/messages/123456` - gRPC: `GetMessage(user_id: "me" - message_id: "123456")` Rules for HTTP mapping 1. Leaf request fields - (recursive expansion nested messages in the request message) are - classified into three categories: - Fields referred by the path - template. They are passed via the URL path. - Fields referred by the - HttpRule.body. They are passed via the HTTP request body. - All other - fields are passed via the URL query parameters, and the parameter name - is the field path in the request message. A repeated field can be - represented as multiple query parameters under the same name. 2. If - HttpRule.body is "*", there is no URL query parameter, all fields are - passed via URL path and HTTP request body. 3. If HttpRule.body is - omitted, there is no HTTP request body, all fields are passed via URL - path and URL query parameters. Path template syntax Template = "/" - Segments [ Verb ] ; Segments = Segment { "/" Segment } ; Segment = "*" | - "**" | LITERAL | Variable ; Variable = "{" FieldPath [ "=" Segments ] - "}" ; FieldPath = IDENT { "." IDENT } ; Verb = ":" LITERAL ; The syntax - `*` matches a single URL path segment. The syntax `**` matches zero or - more URL path segments, which must be the last part of the URL path - except the `Verb`. The syntax `Variable` matches part of the URL path as - specified by its template. A variable template must not contain other - variables. If a variable matches a single path segment, its template may - be omitted, e.g. `{var}` is equivalent to `{var=*}`. The syntax - `LITERAL` matches literal text in the URL path. If the `LITERAL` - contains any reserved character, such characters should be - percent-encoded before the matching. If a variable contains exactly one - path segment, such as `"{var}"` or `"{var=*}"`, when such a variable is - expanded into a URL path on the client side, all characters except - `[-_.~0-9a-zA-Z]` are percent-encoded. The server side does the reverse - decoding. Such variables show up in the [Discovery - Document](https://developers.google.com/discovery/v1/reference/apis) as - `{var}`. If a variable contains multiple path segments, such as - `"{var=foo/*}"` or `"{var=**}"`, when such a variable is expanded into a - URL path on the client side, all characters except `[-_.~/0-9a-zA-Z]` - are percent-encoded. The server side does the reverse decoding, except - "%2F" and "%2f" are left unchanged. Such variables show up in the - [Discovery - Document](https://developers.google.com/discovery/v1/reference/apis) as - `{+var}`. Using gRPC API Service Configuration gRPC API Service - Configuration (service config) is a configuration language for - configuring a gRPC service to become a user-facing product. The service - config is simply the YAML representation of the `google.api.Service` - proto message. As an alternative to annotating your proto file, you can - configure gRPC transcoding in your service config YAML files. You do - this by specifying a `HttpRule` that maps the gRPC method to a REST - endpoint, achieving the same effect as the proto annotation. This can be - particularly useful if you have a proto that is reused in multiple - services. Note that any transcoding specified in the service config will - override any matching transcoding configuration in the proto. The - following example selects a gRPC method and applies an `HttpRule` to it: - http: rules: - selector: example.v1.Messaging.GetMessage get: - /v1/messages/{message_id}/{sub.subfield} Special notes When gRPC - Transcoding is used to map a gRPC to JSON REST endpoints, the proto to - JSON conversion must follow the [proto3 - specification](https://developers.google.com/protocol-buffers/docs/proto3#json). - While the single segment variable follows the semantics of [RFC - 6570](https://tools.ietf.org/html/rfc6570) Section 3.2.2 Simple String - Expansion, the multi segment variable **does not** follow RFC 6570 - Section 3.2.3 Reserved Expansion. The reason is that the Reserved - Expansion does not expand special characters like `?` and `#`, which - would lead to invalid URLs. As the result, gRPC Transcoding uses a - custom encoding for multi segment variables. The path variables **must - not** refer to any repeated or mapped field, because client libraries - are not capable of handling such variable expansion. The path variables - **must not** capture the leading "/" character. The reason is that the - most common use case "{var}" does not capture the leading "/" character. - For consistency, all path variables must share the same behavior. - Repeated message fields must not be mapped to URL query parameters, - because no client library can support such complicated mapping. If an - API needs to use a JSON array for request or response body, it can map - the request or response body to a repeated field. However, some gRPC - Transcoding implementations may not support this feature. - properties: - post: - type: string - description: >- - Maps to HTTP POST. Used for creating a resource or performing an - action. - body: - type: string - description: >- - The name of the request field whose value is mapped to the HTTP - request body, or `*` for mapping all request fields not captured by - the path pattern to the HTTP body, or omitted for not having any - HTTP request body. NOTE: the referred field must be present at the - top-level of the request message type. - get: - type: string - description: >- - Maps to HTTP GET. Used for listing and getting information about - resources. - additionalBindings: - items: - $ref: '#/components/schemas/HttpRule' - description: >- - Additional HTTP bindings for the selector. Nested bindings must not - contain an `additional_bindings` field themselves (that is, the - nesting may only be one level deep). - type: array - patch: - description: Maps to HTTP PATCH. Used for updating a resource. - type: string - selector: - description: >- - Selects a method to which this rule applies. Refer to selector for - syntax details. - type: string - responseBody: - type: string - description: >- - Optional. The name of the response field whose value is mapped to - the HTTP response body. When omitted, the entire response message - will be used as the HTTP response body. NOTE: The referred field - must be present at the top-level of the response message type. - put: - type: string - description: Maps to HTTP PUT. Used for replacing a resource. - delete: - description: Maps to HTTP DELETE. Used for deleting a resource. - type: string - custom: - description: >- - The custom pattern is used for specifying an HTTP method that is not - included in the `pattern` field, such as HEAD, or "*" to leave the - HTTP method unspecified for this rule. The wild-card rule is useful - for services that provide content to Web (HTML) clients. - $ref: '#/components/schemas/CustomHttpPattern' - Context: - properties: - rules: - description: >- - A list of RPC context rules that apply to individual API methods. - **NOTE:** All service configuration rules follow "last one wins" - order. - type: array - items: - $ref: '#/components/schemas/ContextRule' - description: >- - `Context` defines which contexts an API requests. Example: context: - rules: - selector: "*" requested: - google.rpc.context.ProjectContext - - google.rpc.context.OriginContext The above specifies that all methods in - the API request `google.rpc.context.ProjectContext` and - `google.rpc.context.OriginContext`. Available context types are defined - in package `google.rpc.context`. This also provides mechanism to - allowlist any protobuf message extension that can be sent in grpc - metadata using “x-goog-ext--bin” and “x-goog-ext--jspb” format. For - example, list any service specific protobuf types that can appear in - grpc metadata as follows in your yaml file: Example: context: rules: - - selector: "google.example.library.v1.LibraryService.CreateBook" - allowed_request_extensions: - google.foo.v1.NewExtension - allowed_response_extensions: - google.foo.v1.NewExtension You can also - specify extension ID instead of fully qualified extension name here. - type: object - id: Context - AuthProvider: - properties: - issuer: - description: >- - Identifies the principal that issued the JWT. See - https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 - Usually a URL or an email address. Example: - https://securetoken.google.com Example: - 1234567-compute@developer.gserviceaccount.com - type: string - jwksUri: - description: >- - URL of the provider's public key set to validate signature of the - JWT. See [OpenID - Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata). - Optional if the key set document: - can be retrieved from [OpenID - Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html) - of the issuer. - can be inferred from the email domain of the issuer - (e.g. a Google service account). Example: - https://www.googleapis.com/oauth2/v1/certs - type: string - audiences: - type: string - description: >- - The list of JWT - [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3). - that are allowed to access. A JWT containing any of these audiences - will be accepted. When this setting is absent, JWTs with audiences: - - "https://[service.name]/[google.protobuf.Api.name]" - - "https://[service.name]/" will be accepted. For example, if no - audiences are in the setting, LibraryService API will accept JWTs - with the following audiences: - - https://library-example.googleapis.com/google.example.library.v1.LibraryService - - https://library-example.googleapis.com/ Example: audiences: - bookstore_android.apps.googleusercontent.com, - bookstore_web.apps.googleusercontent.com - jwtLocations: + Source context for the protocol buffer service represented by this + message. + $ref: '#/components/schemas/SourceContext' + mixins: items: - $ref: '#/components/schemas/JwtLocation' + $ref: '#/components/schemas/Mixin' type: array - description: >- - Defines the locations to extract the JWT. For now it is only used by - the Cloud Endpoints to store the OpenAPI extension - [x-google-jwt-locations] - (https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations) - JWT locations can be one of HTTP headers, URL query parameters or - cookies. The rule is that the first match wins. If not specified, - default to use following 3 locations: 1) Authorization: Bearer 2) - x-goog-iap-jwt-assertion 3) access_token query parameter Default - locations can be specified as followings: jwt_locations: - header: - Authorization value_prefix: "Bearer " - header: - x-goog-iap-jwt-assertion - query: access_token - id: - description: >- - The unique identifier of the auth provider. It will be referred to - by `AuthRequirement.provider_id`. Example: "bookstore_auth". - type: string - authorizationUrl: + description: Included interfaces. See Mixin. + name: type: string description: >- - Redirect URL if JWT token is required but not present or is expired. - Implement authorizationUrl of securityDefinitions in OpenAPI spec. - id: AuthProvider - description: >- - Configuration for an authentication provider, including support for - [JSON Web Token - (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32). - type: object - CreateTenancyUnitRequest: - properties: - tenancyUnitId: - type: string + The fully qualified name of this interface, including package name + followed by the interface's simple name. + version: description: >- - Optional. Optional service producer-provided identifier of the - tenancy unit. Must be no longer than 40 characters and preferably - URI friendly. If it isn't provided, a UID for the tenancy unit is - automatically generated. The identifier must be unique across a - managed service. If the tenancy unit already exists for the managed - service and service consumer pair, calling `CreateTenancyUnit` - returns the existing tenancy unit if the provided identifier is - identical or empty, otherwise the call fails. - type: object - id: CreateTenancyUnitRequest - description: >- - Request to create a tenancy unit for a service consumer of a managed - service. - PolicyBinding: - id: PolicyBinding - type: object - description: Translates to IAM Policy bindings (without auditing at this level) - properties: - role: + A version string for this interface. If specified, must have the + form `major-version.minor-version`, as in `1.10`. If the minor + version is omitted, it defaults to zero. If the entire version field + is empty, the major version is derived from the package name, as + outlined below. If the field is not empty, the version in the + package name will be verified to be consistent with what is provided + here. The versioning schema uses [semantic + versioning](http://semver.org) where the major version number + indicates a breaking change and the minor version an additive, + non-breaking change. Both version numbers are signals to users what + to expect from different versions, and should be carefully chosen + based on the product plan. The major version is also reflected in + the package name of the interface, which must end in `v`, as in + `google.feature.v1`. For major versions 0 and 1, the suffix can be + omitted. Zero major versions must only be used for experimental, + non-GA interfaces. type: string - description: >- - Role. (https://cloud.google.com/iam/docs/understanding-roles) For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. - members: - type: array - items: - type: string - description: >- - Uses the same format as in IAM policy. `member` must include both a - prefix and ID. For example, `user:{emailId}`, - `serviceAccount:{emailId}`, `group:{emailId}`. - Type: - id: Type - properties: - fields: - items: - $ref: '#/components/schemas/Field' - type: array - description: The list of fields. options: - description: The protocol buffer options. + description: Any metadata attached to the interface. + type: array items: $ref: '#/components/schemas/Option' - type: array - name: - type: string - description: The fully qualified message name. syntax: enumDescriptions: - Syntax `proto2`. - Syntax `proto3`. - Syntax `editions`. + description: The source syntax of the service. + type: string enum: - SYNTAX_PROTO2 - SYNTAX_PROTO3 - SYNTAX_EDITIONS - description: The source syntax. - type: string + methods: + type: array + description: The methods of this interface, in unspecified order. + items: + $ref: '#/components/schemas/Method' edition: - type: string description: >- The source edition string, only valid when syntax is SYNTAX_EDITIONS. - oneofs: - items: - type: string - type: array - description: The list of types appearing in `oneof` definitions in this type. - sourceContext: - description: The source context. - $ref: '#/components/schemas/SourceContext' - description: A protocol buffer message type. - type: object - BatchingConfigProto: - id: BatchingConfigProto - description: >- - `BatchingConfigProto` defines the batching configuration for an API - method. - type: object - properties: - thresholds: - description: The thresholds which trigger a batched request to be sent. - $ref: '#/components/schemas/BatchingSettingsProto' - batchDescriptor: - $ref: '#/components/schemas/BatchingDescriptorProto' - description: The request and response fields used in batching. - V1DefaultIdentity: - type: object - properties: - name: - type: string - description: >- - Default identity resource name. An example name would be: - `services/serviceconsumermanagement.googleapis.com/projects/123/defaultIdentity` - uniqueId: - description: The unique and stable id of the default identity. - type: string - email: - description: >- - The email address of the default identity. Calling - GenerateDefaultIdentity with a deleted or purged default identity - should expect does_not_exist@invalid-project.iam.gserviceaccount.com - placeholder email. - type: string - tag: - type: string - description: >- - The Default Identity tag. If specified when creating the account, - the tag must be present in activation_grants. If not specified when - creating the account, the tag is set to the tag specified in - activation_grants. - description: A default identity in the Identity and Access Management API. - id: V1DefaultIdentity - MetricDescriptorMetadata: - description: Additional annotations that can be used to guide the usage of a metric. - properties: - ingestDelay: - description: >- - The delay of data points caused by ingestion. Data points older than - this age are guaranteed to be ingested and available to be read, - excluding data loss due to errors. - format: google-duration - type: string - launchStage: - enum: - - LAUNCH_STAGE_UNSPECIFIED - - UNIMPLEMENTED - - PRELAUNCH - - EARLY_ACCESS - - ALPHA - - BETA - - GA - - DEPRECATED - description: Deprecated. Must use the MetricDescriptor.launch_stage instead. - enumDescriptions: - - Do not use this default value. - - The feature is not yet implemented. Users can not use it. - - >- - Prelaunch features are hidden from users and are only visible - internally. - - >- - Early Access features are limited to a closed group of testers. To - use these features, you must sign up in advance and sign a Trusted - Tester agreement (which includes confidentiality provisions). - These features may be unstable, changed in backward-incompatible - ways, and are not guaranteed to be released. - - >- - Alpha is a limited availability test for releases before they are - cleared for widespread use. By Alpha, all significant design - issues are resolved and we are in the process of verifying - functionality. Alpha customers need to apply for access, agree to - applicable terms, and have their projects allowlisted. Alpha - releases don't have to be feature complete, no SLAs are provided, - and there are no technical support obligations, but they will be - far enough along that customers can actually use them in test - environments or for limited-use tests -- just like they would in - normal production cases. - - >- - Beta is the point at which we are ready to open a release for any - customer to use. There are no SLA or technical support obligations - in a Beta release. Products will be complete from a feature - perspective, but may have some open outstanding issues. Beta - releases are suitable for limited production use cases. - - >- - GA features are open to all developers and are considered stable - and fully qualified for production use. - - >- - Deprecated features are scheduled to be shut down and removed. For - more information, see the "Deprecation Policy" section of our - [Terms of Service](https://cloud.google.com/terms/) and the - [Google Cloud Platform Subject to the Deprecation - Policy](https://cloud.google.com/terms/deprecation) documentation. - type: string - deprecated: true - timeSeriesResourceHierarchyLevel: - items: - enumDescriptions: - - Do not use this default value. - - Scopes a metric to a project. - - Scopes a metric to an organization. - - Scopes a metric to a folder. - enum: - - TIME_SERIES_RESOURCE_HIERARCHY_LEVEL_UNSPECIFIED - - PROJECT - - ORGANIZATION - - FOLDER - type: string - description: The scope of the timeseries data of the metric. - type: array - samplePeriod: type: string - description: >- - The sampling period of metric data points. For metrics which are - written periodically, consecutive data points are stored at this - time interval, excluding data loss due to errors. Metrics with a - higher granularity have a smaller sampling period. - format: google-duration - type: object - id: MetricDescriptorMetadata - V1Beta1RefreshConsumerResponse: - properties: {} - description: >- - Response message for the `RefreshConsumer` method. This response message - is assigned to the `response` field of the returned Operation when that - operation is done. - id: V1Beta1RefreshConsumerResponse - type: object - SystemParameters: + id: Api type: object description: >- - ### System parameter configuration A system parameter is a special kind - of parameter defined by the API system, not by an individual API. It is - typically mapped to an HTTP header and/or a URL query parameter. This - configuration specifies which methods change the names of the system - parameters. - id: SystemParameters - properties: - rules: - type: array - description: >- - Define system parameters. The parameters defined here will override - the default parameters implemented by the system. If this field is - missing from the service config, default system parameters will be - used. Default system parameters and names is - implementation-dependent. Example: define api key for all methods - system_parameters rules: - selector: "*" parameters: - name: api_key - url_query_parameter: api_key Example: define 2 api key names for a - specific method. system_parameters rules: - selector: "/ListShelves" - parameters: - name: api_key http_header: Api-Key1 - name: api_key - http_header: Api-Key2 **NOTE:** All service configuration rules - follow "last one wins" order. - items: - $ref: '#/components/schemas/SystemParameterRule' - SearchTenancyUnitsResponse: + Api is a light-weight descriptor for an API Interface. Interfaces are + also described as "protocol buffer services" in some contexts, such as + by the "service" keyword in a .proto file, but they are different from + API Services, which represent a concrete implementation of an interface + as opposed to simply a description of methods and bindings. They are + also sometimes simply referred to as "APIs" in other contexts, such as + the name of this message itself. See + https://cloud.google.com/apis/design/glossary for detailed terminology. + New usages of this message as an alternative to ServiceDescriptorProto + are strongly discouraged. This message does not reliability preserve all + information necessary to model the schema and preserve semantics. + Instead make use of FileDescriptorSet which preserves the necessary + information. + BillingConfig: + description: Describes the billing configuration for a new tenant project. + id: BillingConfig properties: - tenancyUnits: - type: array - description: Tenancy Units matching the request. - items: - $ref: '#/components/schemas/TenancyUnit' - nextPageToken: + billingAccount: type: string - description: Pagination token for large results. - id: SearchTenancyUnitsResponse - description: Response for the search query. + description: >- + Name of the billing account. For example + `billingAccounts/012345-567890-ABCDEF`. type: object - TenantProjectConfig: + Mixin: type: object + id: Mixin properties: - folder: - type: string - description: >- - Folder where project in this tenancy unit must be located This - folder must have been previously created with the required - permissions for the caller to create and configure a project in it. - Valid folder resource names have the format - `folders/{folder_number}` (for example, `folders/123456`). - serviceAccountConfig: - $ref: '#/components/schemas/ServiceAccountConfig' - description: Configuration for the IAM service account on the tenant project. - billingConfig: - $ref: '#/components/schemas/BillingConfig' - description: Billing account properties. The billing account must be specified. - tenantProjectPolicy: - $ref: '#/components/schemas/TenantProjectPolicy' - description: Describes ownership and policies for the new tenant project. - labels: - additionalProperties: - type: string - description: Labels that are applied to this project. - type: object - services: + root: description: >- - Google Cloud API names of services that are activated on this - project during provisioning. If any of these services can't be - activated, the request fails. For example: - 'compute.googleapis.com','cloudfunctions.googleapis.com' - type: array - items: - type: string - description: >- - This structure defines a tenant project to be added to the specified - tenancy unit and its initial configuration and properties. A project - lien is created for the tenant project to prevent the tenant project - from being deleted accidentally. The lien is deleted as part of tenant - project removal. - id: TenantProjectConfig - RubySettings: - properties: - common: - $ref: '#/components/schemas/CommonLanguageSettings' - description: Some settings. + If non-empty specifies a path under which inherited HTTP paths are + rooted. + type: string + name: + description: The fully qualified name of the interface which is included. + type: string + description: >- + Declares an API Interface to be included in this interface. The + including interface must redeclare all the methods from the included + interface, but documentation and options are inherited as follows: - If + after comment and whitespace stripping, the documentation string of the + redeclared method is empty, it will be inherited from the original + method. - Each annotation belonging to the service config (http, + visibility) which is not set in the redeclared method will be inherited. + - If an http annotation is inherited, the path pattern will be modified + as follows. Any version prefix will be replaced by the version of the + including interface plus the root path if specified. Example of a simple + mixin: package google.acl.v1; service AccessControl { // Get the + underlying ACL object. rpc GetAcl(GetAclRequest) returns (Acl) { option + (google.api.http).get = "/v1/{resource=**}:getAcl"; } } package + google.storage.v2; service Storage { // rpc GetAcl(GetAclRequest) + returns (Acl); // Get a data record. rpc GetData(GetDataRequest) returns + (Data) { option (google.api.http).get = "/v2/{resource=**}"; } } Example + of a mixin configuration: apis: - name: google.storage.v2.Storage + mixins: - name: google.acl.v1.AccessControl The mixin construct implies + that all methods in `AccessControl` are also declared with same name and + request/response types in `Storage`. A documentation generator or + annotation processor will see the effective `Storage.GetAcl` method + after inheriting documentation and annotations as follows: service + Storage { // Get the underlying ACL object. rpc GetAcl(GetAclRequest) + returns (Acl) { option (google.api.http).get = + "/v2/{resource=**}:getAcl"; } ... } Note how the version in the path + pattern changed from `v1` to `v2`. If the `root` field in the mixin is + specified, it should be a relative path under which inherited HTTP paths + are placed. Example: apis: - name: google.storage.v2.Storage mixins: - + name: google.acl.v1.AccessControl root: acls This implies the following + inherited HTTP annotation: service Storage { // Get the underlying ACL + object. rpc GetAcl(GetAclRequest) returns (Acl) { option + (google.api.http).get = "/v2/acls/{resource=**}:getAcl"; } ... } + BackendRule: type: object - id: RubySettings - description: Settings for Ruby client libraries. - BillingDestination: + description: A backend rule provides configuration for an individual API element. properties: - monitoredResource: + address: description: >- - The monitored resource type. The type must be defined in - Service.monitored_resources section. + The address of the API backend. The scheme is used to determine the + backend protocol and security. The following schemes are accepted: + SCHEME PROTOCOL SECURITY http:// HTTP None https:// HTTP TLS grpc:// + gRPC None grpcs:// gRPC TLS It is recommended to explicitly include + a scheme. Leaving out the scheme may cause constrasting behaviors + across platforms. If the port is unspecified, the default is: - 80 + for schemes without TLS - 443 for schemes with TLS For HTTP + backends, use protocol to specify the protocol version. + type: string + loadBalancingPolicy: type: string - metrics: - items: - type: string - type: array description: >- - Names of the metrics to report to this billing destination. Each - name must be defined in Service.metrics section. - id: BillingDestination - type: object - description: >- - Configuration of a specific billing destination (Currently only support - bill against consumer project). - LogDescriptor: - description: >- - A description of a log type. Example in YAML format: - name: - library.googleapis.com/activity_history description: The history of - borrowing and returning library items. display_name: Activity labels: - - key: /customer_id description: Identifier of a library customer - properties: - name: + The load balancing policy used for connection to the application + backend. Defined as an arbitrary string to accomondate custom load + balancing policies supported by the underlying channel, but suggest + most users use one of the standard policies, such as the default, + "RoundRobin". + jwtAudience: description: >- - The name of the log. It must be less than 512 characters long and - can include the following characters: upper- and lower-case - alphanumeric characters [A-Za-z0-9], and punctuation characters - including slash, underscore, hyphen, period [/_-.]. + The JWT audience is used when generating a JWT ID token for the + backend. This ID token will be added in the HTTP "authorization" + header, and sent to the backend. type: string - labels: - items: - $ref: '#/components/schemas/LabelDescriptor' - type: array + deadline: description: >- - The set of labels that are available to describe a specific log - entry. Runtime requests that contain labels not specified here are - considered invalid. - description: + The number of seconds to wait for a response from a request. The + default varies based on the request protocol and deployment + environment. + type: number + format: double + selector: + description: >- + Selects the methods to which this rule applies. Refer to selector + for syntax details. type: string + operationDeadline: + type: number + format: double description: >- - A human-readable description of this log. This information appears - in the documentation and can contain details. - displayName: + The number of seconds to wait for the completion of a long running + operation. The default is no deadline. + pathTranslation: + enumDescriptions: + - '' + - >- + Use the backend address as-is, with no modification to the path. + If the URL pattern contains variables, the variable names and + values will be appended to the query string. If a query string + parameter and a URL pattern variable have the same name, this may + result in duplicate keys in the query string. # Examples Given the + following operation config: Method path: + /api/company/{cid}/user/{uid} Backend address: + https://example.cloudfunctions.net/getUser Requests to the + following request paths will call the backend at the translated + path: Request path: /api/company/widgetworks/user/johndoe + Translated: + https://example.cloudfunctions.net/getUser?cid=widgetworks&uid=johndoe + Request path: /api/company/widgetworks/user/johndoe?timezone=EST + Translated: + https://example.cloudfunctions.net/getUser?timezone=EST&cid=widgetworks&uid=johndoe + - >- + The request path will be appended to the backend address. # + Examples Given the following operation config: Method path: + /api/company/{cid}/user/{uid} Backend address: + https://example.appspot.com Requests to the following request + paths will call the backend at the translated path: Request path: + /api/company/widgetworks/user/johndoe Translated: + https://example.appspot.com/api/company/widgetworks/user/johndoe + Request path: /api/company/widgetworks/user/johndoe?timezone=EST + Translated: + https://example.appspot.com/api/company/widgetworks/user/johndoe?timezone=EST + enum: + - PATH_TRANSLATION_UNSPECIFIED + - CONSTANT_ADDRESS + - APPEND_PATH_TO_ADDRESS + type: string + description: no-lint + protocol: type: string description: >- - The human-readable name for this log. This information appears on - the user interface and should be concise. - type: object - id: LogDescriptor - Field: - id: Field - description: A single field of a message type. + The protocol used for sending a request to the backend. The + supported values are "http/1.1" and "h2". The default value is + inferred from the scheme in the address field: SCHEME PROTOCOL + http:// http/1.1 https:// http/1.1 grpc:// h2 grpcs:// h2 For secure + HTTP backends (https://) that support HTTP/2, set this field to "h2" + for improved performance. Configuring this field to non-default + values is only supported for secure HTTP backends. This field will + be ignored for all other backends. See + https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids + for more details on the supported values. + minDeadline: + description: Deprecated, do not use. + format: double + type: number + deprecated: true + overridesByRequestProtocol: + type: object + additionalProperties: + $ref: '#/components/schemas/BackendRule' + description: The map between request protocol and the backend address. + disableAuth: + description: >- + When disable_auth is true, a JWT ID token won't be generated and the + original "Authorization" HTTP header will be preserved. If the + header is used to carry the original token and is expected by the + backend, this field must be set to true to preserve the header. + type: boolean + id: BackendRule + UsageRule: + id: UsageRule + description: Usage configuration rules for the service. type: object properties: - name: - description: The field name. - type: string - typeUrl: - type: string + selector: description: >- - The field type URL, without the scheme, for message or enumeration - types. Example: `"type.googleapis.com/google.protobuf.Timestamp"`. - options: - description: The protocol buffer options. - items: - $ref: '#/components/schemas/Option' - type: array - kind: - enum: - - TYPE_UNKNOWN - - TYPE_DOUBLE - - TYPE_FLOAT - - TYPE_INT64 - - TYPE_UINT64 - - TYPE_INT32 - - TYPE_FIXED64 - - TYPE_FIXED32 - - TYPE_BOOL - - TYPE_STRING - - TYPE_GROUP - - TYPE_MESSAGE - - TYPE_BYTES - - TYPE_UINT32 - - TYPE_ENUM - - TYPE_SFIXED32 - - TYPE_SFIXED64 - - TYPE_SINT32 - - TYPE_SINT64 - type: string - enumDescriptions: - - Field type unknown. - - Field type double. - - Field type float. - - Field type int64. - - Field type uint64. - - Field type int32. - - Field type fixed64. - - Field type fixed32. - - Field type bool. - - Field type string. - - Field type group. Proto2 syntax only, and deprecated. - - Field type message. - - Field type bytes. - - Field type uint32. - - Field type enum. - - Field type sfixed32. - - Field type sfixed64. - - Field type sint32. - - Field type sint64. - description: The field type. - number: - format: int32 - description: The field number. - type: integer - defaultValue: + Selects the methods to which this rule applies. Use '*' to indicate + all methods in all APIs. Refer to selector for syntax details. type: string + skipServiceControl: + description: >- + If true, the selected method should skip service control and the + control plane features, such as quota and billing, will not be + available. This flag is used by Google Cloud Endpoints to bypass + checks for internal methods, such as service health check methods. + type: boolean + allowUnregisteredCalls: + type: boolean + description: ' Use this rule to configure unregistered calls for the service. Unregistered calls are calls that do not contain consumer project identity. (Example: calls that do not contain an API key). WARNING: By default, API methods do not allow unregistered calls, and each method call must be identified by a consumer project identity.' + TenantProjectPolicy: + properties: + policyBindings: + type: array description: >- - The string value of the default value of this field. Proto2 syntax - only. - oneofIndex: - type: integer + Policy bindings to be applied to the tenant project, in addition to + the 'roles/owner' role granted to the Service Consumer Management + service account. + items: + $ref: '#/components/schemas/PolicyBinding' + id: TenantProjectPolicy + description: >- + Describes policy settings that can be applied to a newly created tenant + project. + type: object + Enum: + properties: + name: + description: Enum type name. + type: string + enumvalue: + type: array + description: Enum value definitions. + items: + $ref: '#/components/schemas/EnumValue' + edition: + type: string description: >- - The index of the field type in `Type.oneofs`, for message or - enumeration types. The first type has index 1; zero means the type - is not in the list. - format: int32 - cardinality: + The source edition string, only valid when syntax is + SYNTAX_EDITIONS. + options: + description: Protocol buffer options. + type: array + items: + $ref: '#/components/schemas/Option' + syntax: + type: string + description: The source syntax. enum: - - CARDINALITY_UNKNOWN - - CARDINALITY_OPTIONAL - - CARDINALITY_REQUIRED - - CARDINALITY_REPEATED + - SYNTAX_PROTO2 + - SYNTAX_PROTO3 + - SYNTAX_EDITIONS enumDescriptions: - - For fields with unknown cardinality. - - For optional fields. - - For required fields. Proto2 syntax only. - - For repeated fields. - type: string - description: The field cardinality. - packed: - description: Whether to use alternative packed wire representation. - type: boolean - jsonName: - type: string - description: The field JSON name. - V1AddVisibilityLabelsResponse: + - Syntax `proto2`. + - Syntax `proto3`. + - Syntax `editions`. + sourceContext: + description: The source context. + $ref: '#/components/schemas/SourceContext' + type: object + id: Enum description: >- - Response message for the `AddVisibilityLabels` method. This response - message is assigned to the `response` field of the returned Operation - when that operation is done. - id: V1AddVisibilityLabelsResponse + Enum type definition. New usages of this message as an alternative to + EnumDescriptorProto are strongly discouraged. This message does not + reliability preserve all information necessary to model the schema and + preserve semantics. Instead make use of FileDescriptorSet which + preserves the necessary information. + Billing: + description: >- + Billing related configuration of the service. The following example + shows how to configure monitored resources and metrics for billing, + `consumer_destinations` is the only supported destination and the + monitored resources need at least one label key + `cloud.googleapis.com/location` to indicate the location of the billing + usage, using different monitored resources between monitoring and + billing is recommended so they can be evolved independently: + monitored_resources: - type: library.googleapis.com/billing_branch + labels: - key: cloud.googleapis.com/location description: | Predefined + label to support billing location restriction. - key: city description: + | Custom label to define the city where the library branch is located + in. - key: name description: Custom label to define the name of the + library branch. metrics: - name: + library.googleapis.com/book/borrowed_count metric_kind: DELTA + value_type: INT64 unit: "1" billing: consumer_destinations: - + monitored_resource: library.googleapis.com/billing_branch metrics: - + library.googleapis.com/book/borrowed_count + id: Billing properties: - labels: + consumerDestinations: items: - type: string + $ref: '#/components/schemas/BillingDestination' + description: >- + Billing configurations for sending metrics to the consumer project. + There can be multiple consumer destinations per service, each one + must have a different monitored resource type. A metric can be used + in at most one consumer destination. type: array + type: object + V1DisableConsumerResponse: + id: V1DisableConsumerResponse + type: object + properties: {} + description: >- + Response message for the `DisableConsumer` method. This response message + is assigned to the `response` field of the returned Operation when that + operation is done. + PythonSettings: + id: PythonSettings + description: Settings for Python client libraries. + type: object + properties: + common: + description: Some settings. + $ref: '#/components/schemas/CommonLanguageSettings' + experimentalFeatures: + $ref: '#/components/schemas/ExperimentalFeatures' description: >- - The updated set of visibility labels for this consumer on this - service. + Experimental features to be included during client library + generation. + OAuthRequirements: + type: object + properties: + canonicalScopes: + description: >- + The list of publicly documented OAuth scopes that are allowed + access. An OAuth token containing any of these scopes will be + accepted. Example: canonical_scopes: + https://www.googleapis.com/auth/calendar, + https://www.googleapis.com/auth/calendar.read + type: string + description: >- + OAuth scopes are a way to define data and permissions on data. For + example, there are scopes defined for "Read-only access to Google + Calendar" and "Access to Cloud Platform". Users can consent to a scope + for an application, giving it permission to access that data on their + behalf. OAuth scope specifications should be fairly coarse grained; a + user will need to see and understand the text description of what your + scope means. In most cases: use one or at most two OAuth scopes for an + entire family of products. If your product has multiple APIs, you should + probably be sharing the OAuth scope across all of those APIs. When you + need finer grained OAuth consent screens: talk with your product + management about how developers will use them in practice. Please note + that even though each of the canonical scopes is enough for a request to + be accepted and passed to the backend, a request can still fail due to + the backend requiring additional scopes or permissions. + id: OAuthRequirements + HttpRule: + description: >- + gRPC Transcoding gRPC Transcoding is a feature for mapping between a + gRPC method and one or more HTTP REST endpoints. It allows developers to + build a single API service that supports both gRPC APIs and REST APIs. + Many systems, including [Google + APIs](https://github.com/googleapis/googleapis), [Cloud + Endpoints](https://cloud.google.com/endpoints), [gRPC + Gateway](https://github.com/grpc-ecosystem/grpc-gateway), and + [Envoy](https://github.com/envoyproxy/envoy) proxy support this feature + and use it for large scale production services. `HttpRule` defines the + schema of the gRPC/REST mapping. The mapping specifies how different + portions of the gRPC request message are mapped to the URL path, URL + query parameters, and HTTP request body. It also controls how the gRPC + response message is mapped to the HTTP response body. `HttpRule` is + typically specified as an `google.api.http` annotation on the gRPC + method. Each mapping specifies a URL path template and an HTTP method. + The path template may refer to one or more fields in the gRPC request + message, as long as each field is a non-repeated field with a primitive + (non-message) type. The path template controls how fields of the request + message are mapped to the URL path. Example: service Messaging { rpc + GetMessage(GetMessageRequest) returns (Message) { option + (google.api.http) = { get: "/v1/{name=messages/*}" }; } } message + GetMessageRequest { string name = 1; // Mapped to URL path. } message + Message { string text = 1; // The resource content. } This enables an + HTTP REST to gRPC mapping as below: - HTTP: `GET /v1/messages/123456` - + gRPC: `GetMessage(name: "messages/123456")` Any fields in the request + message which are not bound by the path template automatically become + HTTP query parameters if there is no HTTP request body. For example: + service Messaging { rpc GetMessage(GetMessageRequest) returns (Message) + { option (google.api.http) = { get:"/v1/messages/{message_id}" }; } } + message GetMessageRequest { message SubMessage { string subfield = 1; } + string message_id = 1; // Mapped to URL path. int64 revision = 2; // + Mapped to URL query parameter `revision`. SubMessage sub = 3; // Mapped + to URL query parameter `sub.subfield`. } This enables a HTTP JSON to RPC + mapping as below: - HTTP: `GET + /v1/messages/123456?revision=2&sub.subfield=foo` - gRPC: + `GetMessage(message_id: "123456" revision: 2 sub: SubMessage(subfield: + "foo"))` Note that fields which are mapped to URL query parameters must + have a primitive type or a repeated primitive type or a non-repeated + message type. In the case of a repeated type, the parameter can be + repeated in the URL as `...?param=A¶m=B`. In the case of a message + type, each field of the message is mapped to a separate parameter, such + as `...?foo.a=A&foo.b=B&foo.c=C`. For HTTP methods that allow a request + body, the `body` field specifies the mapping. Consider a REST update + method on the message resource collection: service Messaging { rpc + UpdateMessage(UpdateMessageRequest) returns (Message) { option + (google.api.http) = { patch: "/v1/messages/{message_id}" body: "message" + }; } } message UpdateMessageRequest { string message_id = 1; // mapped + to the URL Message message = 2; // mapped to the body } The following + HTTP JSON to RPC mapping is enabled, where the representation of the + JSON in the request body is determined by protos JSON encoding: - HTTP: + `PATCH /v1/messages/123456 { "text": "Hi!" }` - gRPC: + `UpdateMessage(message_id: "123456" message { text: "Hi!" })` The + special name `*` can be used in the body mapping to define that every + field not bound by the path template should be mapped to the request + body. This enables the following alternative definition of the update + method: service Messaging { rpc UpdateMessage(Message) returns (Message) + { option (google.api.http) = { patch: "/v1/messages/{message_id}" body: + "*" }; } } message Message { string message_id = 1; string text = 2; } + The following HTTP JSON to RPC mapping is enabled: - HTTP: `PATCH + /v1/messages/123456 { "text": "Hi!" }` - gRPC: + `UpdateMessage(message_id: "123456" text: "Hi!")` Note that when using + `*` in the body mapping, it is not possible to have HTTP parameters, as + all fields not bound by the path end in the body. This makes this option + more rarely used in practice when defining REST APIs. The common usage + of `*` is in custom methods which don't use the URL at all for + transferring data. It is possible to define multiple HTTP methods for + one RPC by using the `additional_bindings` option. Example: service + Messaging { rpc GetMessage(GetMessageRequest) returns (Message) { option + (google.api.http) = { get: "/v1/messages/{message_id}" + additional_bindings { get: "/v1/users/{user_id}/messages/{message_id}" } + }; } } message GetMessageRequest { string message_id = 1; string user_id + = 2; } This enables the following two alternative HTTP JSON to RPC + mappings: - HTTP: `GET /v1/messages/123456` - gRPC: + `GetMessage(message_id: "123456")` - HTTP: `GET + /v1/users/me/messages/123456` - gRPC: `GetMessage(user_id: "me" + message_id: "123456")` Rules for HTTP mapping 1. Leaf request fields + (recursive expansion nested messages in the request message) are + classified into three categories: - Fields referred by the path + template. They are passed via the URL path. - Fields referred by the + HttpRule.body. They are passed via the HTTP request body. - All other + fields are passed via the URL query parameters, and the parameter name + is the field path in the request message. A repeated field can be + represented as multiple query parameters under the same name. 2. If + HttpRule.body is "*", there is no URL query parameter, all fields are + passed via URL path and HTTP request body. 3. If HttpRule.body is + omitted, there is no HTTP request body, all fields are passed via URL + path and URL query parameters. Path template syntax Template = "/" + Segments [ Verb ] ; Segments = Segment { "/" Segment } ; Segment = "*" | + "**" | LITERAL | Variable ; Variable = "{" FieldPath [ "=" Segments ] + "}" ; FieldPath = IDENT { "." IDENT } ; Verb = ":" LITERAL ; The syntax + `*` matches a single URL path segment. The syntax `**` matches zero or + more URL path segments, which must be the last part of the URL path + except the `Verb`. The syntax `Variable` matches part of the URL path as + specified by its template. A variable template must not contain other + variables. If a variable matches a single path segment, its template may + be omitted, e.g. `{var}` is equivalent to `{var=*}`. The syntax + `LITERAL` matches literal text in the URL path. If the `LITERAL` + contains any reserved character, such characters should be + percent-encoded before the matching. If a variable contains exactly one + path segment, such as `"{var}"` or `"{var=*}"`, when such a variable is + expanded into a URL path on the client side, all characters except + `[-_.~0-9a-zA-Z]` are percent-encoded. The server side does the reverse + decoding. Such variables show up in the [Discovery + Document](https://developers.google.com/discovery/v1/reference/apis) as + `{var}`. If a variable contains multiple path segments, such as + `"{var=foo/*}"` or `"{var=**}"`, when such a variable is expanded into a + URL path on the client side, all characters except `[-_.~/0-9a-zA-Z]` + are percent-encoded. The server side does the reverse decoding, except + "%2F" and "%2f" are left unchanged. Such variables show up in the + [Discovery + Document](https://developers.google.com/discovery/v1/reference/apis) as + `{+var}`. Using gRPC API Service Configuration gRPC API Service + Configuration (service config) is a configuration language for + configuring a gRPC service to become a user-facing product. The service + config is simply the YAML representation of the `google.api.Service` + proto message. As an alternative to annotating your proto file, you can + configure gRPC transcoding in your service config YAML files. You do + this by specifying a `HttpRule` that maps the gRPC method to a REST + endpoint, achieving the same effect as the proto annotation. This can be + particularly useful if you have a proto that is reused in multiple + services. Note that any transcoding specified in the service config will + override any matching transcoding configuration in the proto. The + following example selects a gRPC method and applies an `HttpRule` to it: + http: rules: - selector: example.v1.Messaging.GetMessage get: + /v1/messages/{message_id}/{sub.subfield} Special notes When gRPC + Transcoding is used to map a gRPC to JSON REST endpoints, the proto to + JSON conversion must follow the [proto3 + specification](https://developers.google.com/protocol-buffers/docs/proto3#json). + While the single segment variable follows the semantics of [RFC + 6570](https://tools.ietf.org/html/rfc6570) Section 3.2.2 Simple String + Expansion, the multi segment variable **does not** follow RFC 6570 + Section 3.2.3 Reserved Expansion. The reason is that the Reserved + Expansion does not expand special characters like `?` and `#`, which + would lead to invalid URLs. As the result, gRPC Transcoding uses a + custom encoding for multi segment variables. The path variables **must + not** refer to any repeated or mapped field, because client libraries + are not capable of handling such variable expansion. The path variables + **must not** capture the leading "/" character. The reason is that the + most common use case "{var}" does not capture the leading "/" character. + For consistency, all path variables must share the same behavior. + Repeated message fields must not be mapped to URL query parameters, + because no client library can support such complicated mapping. If an + API needs to use a JSON array for request or response body, it can map + the request or response body to a repeated field. However, some gRPC + Transcoding implementations may not support this feature. type: object - V1Beta1ProducerQuotaPolicy: - description: Quota policy created by service producer. - id: V1Beta1ProducerQuotaPolicy properties: - name: + get: description: >- - The resource name of the producer policy. An example name would be: - `services/compute.googleapis.com/organizations/123/consumerQuotaMetrics/compute.googleapis.com%2Fcpus/limits/%2Fproject%2Fregion/producerQuotaPolicies/4a3f2c1d` - type: string - unit: + Maps to HTTP GET. Used for listing and getting information about + resources. type: string - description: >- - The limit unit of the limit to which this policy applies. An example - unit would be: `1/{project}/{region}` Note that `{project}` and - `{region}` are not placeholders in this example; the literal - characters `{` and `}` occur in the string. - dimensions: - type: object - description: ' If this map is nonempty, then this policy applies only to specific values for dimensions defined in the limit unit. For example, a policy on a limit with the unit 1/{project}/{region} could contain an entry with the key "region" and the value "us-east-1"; the policy is only applied to quota consumed in that region. This map has the following restrictions: * Keys that are not defined in the limit''s unit are not valid keys. Any string appearing in {brackets} in the unit (besides {project} or {user}) is a defined key. * "project" is not a valid key; the project is already specified in the parent resource name. * "user" is not a valid key; the API does not support quota polcies that apply only to a specific user. * If "region" appears as a key, its value must be a valid Cloud region. * If "zone" appears as a key, its value must be a valid Cloud zone. * If any valid key other than "region" or "zone" appears in the map, then all valid keys other than "region" or "zone" must also appear in the map.' - additionalProperties: - type: string - metric: + patch: type: string + description: Maps to HTTP PATCH. Used for updating a resource. + additionalBindings: description: >- - The name of the metric to which this policy applies. An example name - would be: `compute.googleapis.com/cpus` - container: - description: >- - The cloud resource container at which the quota policy is created. - The format is {container_type}/{container_number} - type: string - policyValue: - format: int64 + Additional HTTP bindings for the selector. Nested bindings must not + contain an `additional_bindings` field themselves (that is, the + nesting may only be one level deep). + type: array + items: + $ref: '#/components/schemas/HttpRule' + post: description: >- - The quota policy value. Can be any nonnegative integer, or -1 - (unlimited quota). + Maps to HTTP POST. Used for creating a resource or performing an + action. type: string - type: object - V1Beta1QuotaOverride: - properties: - unit: + delete: + description: Maps to HTTP DELETE. Used for deleting a resource. type: string + custom: + $ref: '#/components/schemas/CustomHttpPattern' description: >- - The limit unit of the limit to which this override applies. An - example unit would be: `1/{project}/{region}` Note that `{project}` - and `{region}` are not placeholders in this example; the literal - characters `{` and `}` occur in the string. - adminOverrideAncestor: - description: >- - The resource name of the ancestor that requested the override. For - example: "organizations/12345" or "folders/67890". Used by admin - overrides only. - type: string - name: + The custom pattern is used for specifying an HTTP method that is not + included in the `pattern` field, such as HEAD, or "*" to leave the + HTTP method unspecified for this rule. The wild-card rule is useful + for services that provide content to Web (HTML) clients. + selector: type: string description: >- - The resource name of the producer override. An example name would - be: - `services/compute.googleapis.com/projects/123/consumerQuotaMetrics/compute.googleapis.com%2Fcpus/limits/%2Fproject%2Fregion/producerOverrides/4a3f2c1d` - metric: + Selects a method to which this rule applies. Refer to selector for + syntax details. + responseBody: description: >- - The name of the metric to which this override applies. An example - name would be: `compute.googleapis.com/cpus` + Optional. The name of the response field whose value is mapped to + the HTTP response body. When omitted, the entire response message + will be used as the HTTP response body. NOTE: The referred field + must be present at the top-level of the response message type. type: string - overrideValue: - format: int64 - description: >- - The overriding quota limit value. Can be any nonnegative integer, or - -1 (unlimited quota). + put: + description: Maps to HTTP PUT. Used for replacing a resource. type: string - dimensions: - description: ' If this map is nonempty, then this override applies only to specific values for dimensions defined in the limit unit. For example, an override on a limit with the unit 1/{project}/{region} could contain an entry with the key "region" and the value "us-east-1"; the override is only applied to quota consumed in that region. This map has the following restrictions: * Keys that are not defined in the limit''s unit are not valid keys. Any string appearing in {brackets} in the unit (besides {project} or {user}) is a defined key. * "project" is not a valid key; the project is already specified in the parent resource name. * "user" is not a valid key; the API does not support quota overrides that apply only to a specific user. * If "region" appears as a key, its value must be a valid Cloud region. * If "zone" appears as a key, its value must be a valid Cloud zone. * If any valid key other than "region" or "zone" appears in the map, then all valid keys other than "region" or "zone" must also appear in the map.' - type: object - additionalProperties: - type: string - id: V1Beta1QuotaOverride - description: A quota override - type: object - TenantResource: - properties: - resource: + body: description: >- - Output only. @OutputOnly Identifier of the tenant resource. For - cloud projects, it is in the form 'projects/{number}'. For example - 'projects/123456'. - readOnly: true - type: string - status: - enum: - - STATUS_UNSPECIFIED - - PENDING_CREATE - - ACTIVE - - PENDING_DELETE - - FAILED - - DELETED - type: string - enumDescriptions: - - Unspecified status is the default unset value. - - Creation of the tenant resource is ongoing. - - Active resource. - - Deletion of the resource is ongoing. - - Tenant resource creation or deletion has failed. - - Tenant resource has been deleted. - description: Status of tenant resource. - tag: - description: Unique per single tenancy unit. + The name of the request field whose value is mapped to the HTTP + request body, or `*` for mapping all request fields not captured by + the path pattern to the HTTP body, or omitted for not having any + HTTP request body. NOTE: the referred field must be present at the + top-level of the request message type. type: string + id: HttpRule + Control: type: object - id: TenantResource - description: Resource constituting the TenancyUnit. - ServiceAccountConfig: - description: Describes the service account configuration for the tenant project. - type: object - id: ServiceAccountConfig + description: >- + Selects and configures the service controller used by the service. + Example: control: environment: servicecontrol.googleapis.com + id: Control properties: - tenantProjectRoles: - items: - type: string + methodPolicies: type: array - description: Roles for the associated service account for the tenant project. - accountId: - description: >- - ID of the IAM service account to be created in tenant project. The - email format of the service account is "@.iam.gserviceaccount.com". - This account ID must be unique within tenant project and service - producers have to guarantee it. The ID must be 6-30 characters long, - and match the following regular expression: - `[a-z]([-a-z0-9]*[a-z0-9])`. - type: string - Endpoint: - type: object - properties: - aliases: - description: >- - Aliases for this endpoint, these will be served by the same UrlMap - as the parent endpoint, and will be provisioned in the GCP stack for - the Regional Endpoints. items: - type: string - type: array - name: - type: string - description: The canonical name of this endpoint. - allowCors: - type: boolean - description: >- - Allowing - [CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing), - aka cross-domain traffic, would allow the backends served from this - endpoint to receive and respond to HTTP OPTIONS requests. The - response will be used by the browser to determine whether the - subsequent cross-origin request is allowed to proceed. - target: - description: >- - The specification of an Internet routable address of API frontend - that will handle requests to this [API - Endpoint](https://cloud.google.com/apis/design/glossary). It should - be either a valid IPv4 address or a fully-qualified domain name. For - example, "8.8.8.8" or "myservice.appspot.com". - type: string - id: Endpoint - description: >- - `Endpoint` describes a network address of a service that serves a set of - APIs. It is commonly known as a service endpoint. A service may expose - any number of service endpoints, and all service endpoints share the - same service definition, such as quota limits and monitoring metrics. - Example: type: google.api.Service name: library-example.googleapis.com - endpoints: # Declares network address - `https://library-example.googleapis.com` # for service - `library-example.googleapis.com`. The `https` scheme # is implicit for - all service endpoints. Other schemes may be # supported in the future. - - name: library-example.googleapis.com allow_cors: false - name: - content-staging-library-example.googleapis.com # Allows HTTP OPTIONS - calls to be passed to the API frontend, for it # to decide whether the - subsequent cross-origin request is allowed # to proceed. allow_cors: - true - MethodPolicy: - id: MethodPolicy + $ref: '#/components/schemas/MethodPolicy' + description: Defines policies applying to the API methods of the service. + environment: + description: >- + The service controller environment to use. If empty, no control + plane feature (like quota and billing) will be enabled. The + recommended value for most services is servicecontrol.googleapis.com + type: string + Type: properties: - requestPolicies: + sourceContext: + $ref: '#/components/schemas/SourceContext' + description: The source context. + syntax: + enum: + - SYNTAX_PROTO2 + - SYNTAX_PROTO3 + - SYNTAX_EDITIONS + enumDescriptions: + - Syntax `proto2`. + - Syntax `proto3`. + - Syntax `editions`. + description: The source syntax. + type: string + oneofs: + description: The list of types appearing in `oneof` definitions in this type. type: array items: - $ref: '#/components/schemas/FieldPolicy' - description: Policies that are applicable to the request message. - selector: + type: string + edition: description: >- - Selects a method to which these policies should be enforced, for - example, "google.pubsub.v1.Subscriber.CreateSubscription". Refer to - selector for syntax details. NOTE: This field must not be set in the - proto annotation. It will be automatically filled by the service - config compiler . + The source edition string, only valid when syntax is + SYNTAX_EDITIONS. type: string - type: object - description: Defines policies applying to an RPC method. - EnumValue: - properties: - number: - description: Enum value number. - type: integer - format: int32 options: type: array + description: The protocol buffer options. items: $ref: '#/components/schemas/Option' - description: Protocol buffer options. name: + description: The fully qualified message name. type: string - description: Enum value name. - description: Enum value definition. - id: EnumValue + fields: + type: array + items: + $ref: '#/components/schemas/Field' + description: The list of fields. + id: Type + description: >- + A protocol buffer message type. New usages of this message as an + alternative to DescriptorProto are strongly discouraged. This message + does not reliability preserve all information necessary to model the + schema and preserve semantics. Instead make use of FileDescriptorSet + which preserves the necessary information. type: object - ExperimentalFeatures: + SourceInfo: type: object - description: >- - Experimental features to be included during client library generation. - These fields will be deprecated once the feature graduates and is - enabled by default. - properties: - protobufPythonicTypesEnabled: - description: >- - Enables generation of protobuf code using new types that are more - Pythonic which are included in `protobuf>=5.29.x`. This feature will - be enabled by default 1 month after launching the feature in preview - packages. - type: boolean - unversionedPackageDisabled: - description: >- - Disables generation of an unversioned Python package for this client - library. This means that the module names will need to be versioned - in import statements. For example `import google.cloud.library_v2` - instead of `import google.cloud.library`. - type: boolean - restAsyncIoEnabled: - description: >- - Enables generation of asynchronous REST clients if `rest` transport - is enabled. By default, asynchronous REST clients will not be - generated. This feature will be enabled by default 1 month after - launching the feature in preview packages. - type: boolean - id: ExperimentalFeatures - JwtLocation: properties: - valuePrefix: - description: >- - The value prefix. The value format is "value_prefix{token}" Only - applies to "in" header type. Must be empty for "in" query type. If - not empty, the header value has to match (case sensitive) this - prefix. If not matched, JWT will not be extracted. If matched, JWT - will be extracted after the prefix is removed. For example, for - "Authorization: Bearer {JWT}", value_prefix="Bearer " with a space - at the end. - type: string - header: - description: Specifies HTTP header name to extract JWT token. - type: string - query: - type: string - description: Specifies URL query parameter name to extract JWT token. - cookie: - description: Specifies cookie name to extract JWT token. - type: string - id: JwtLocation - description: Specifies a location to extract JWT from an API request. - type: object - AuthenticationRule: + sourceFiles: + type: array + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: All files used during config generation. + id: SourceInfo + description: Source information used to create a Service Config + V1AddVisibilityLabelsResponse: + id: V1AddVisibilityLabelsResponse description: >- - Authentication rules for the service. By default, if a method has any - authentication requirements, every request must include a valid - credential matching one of the requirements. It's an error to include - more than one kind of credential in a single request. If a method - doesn't have any auth requirements, request credentials will be ignored. - id: AuthenticationRule + Response message for the `AddVisibilityLabels` method. This response + message is assigned to the `response` field of the returned Operation + when that operation is done. properties: - selector: - type: string - description: >- - Selects the methods to which this rule applies. Refer to selector - for syntax details. - oauth: - $ref: '#/components/schemas/OAuthRequirements' - description: The requirements for OAuth credentials. - allowWithoutCredential: - type: boolean + labels: description: >- - If true, the service accepts API keys without any other credential. - This flag only applies to HTTP and gRPC requests. - requirements: + The updated set of visibility labels for this consumer on this + service. type: array items: - $ref: '#/components/schemas/AuthRequirement' - description: Requirements for additional authentication providers. + type: string type: object - SelectiveGapicGeneration: - description: >- - This message is used to configure the generation of a subset of the RPCs - in a service for client libraries. - id: SelectiveGapicGeneration + V1Beta1BatchCreateProducerOverridesResponse: + type: object + id: V1Beta1BatchCreateProducerOverridesResponse + description: Response message for BatchCreateProducerOverrides properties: - generateOmittedAsInternal: - type: boolean + overrides: + items: + $ref: '#/components/schemas/V1Beta1QuotaOverride' + type: array + description: The overrides that were created. + ListOperationsResponse: + type: object + id: ListOperationsResponse + properties: + operations: + type: array + items: + $ref: '#/components/schemas/Operation' description: >- - Setting this to true indicates to the client generators that methods - that would be excluded from the generation should instead be - generated in a way that indicates these methods should not be - consumed by end users. How this is expressed is up to individual - language implementations to decide. Some examples may be: added - annotations, obfuscated identifiers, or other language idiomatic - patterns. - methods: + A list of operations that matches the specified filter in the + request. + unreachable: description: >- - An allowlist of the fully qualified names of RPCs that should be - included on public client surfaces. + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. type: array items: type: string + nextPageToken: + description: The standard List next-page token. + type: string + description: The response message for Operations.ListOperations. + BillingDestination: type: object - Publishing: + id: BillingDestination properties: - docTagPrefix: - description: >- - A prefix used in sample code when demarking regions to be included - in documentation. - type: string - githubLabel: + monitoredResource: type: string description: >- - GitHub label to apply to issues and pull requests opened for this - API. - codeownerGithubTeams: + The monitored resource type. The type must be defined in + Service.monitored_resources section. + metrics: + description: >- + Names of the metrics to report to this billing destination. Each + name must be defined in Service.metrics section. items: type: string + type: array + description: >- + Configuration of a specific billing destination (Currently only support + bill against consumer project). + Backend: + type: object + id: Backend + properties: + rules: description: >- - GitHub teams to be added to CODEOWNERS in the directory in GitHub - containing source code for the client libraries for this API. + A list of API backend rules that apply to individual API methods. + **NOTE:** All service configuration rules follow "last one wins" + order. + items: + $ref: '#/components/schemas/BackendRule' type: array - methodSettings: + description: '`Backend` defines the backend configuration for a service.' + ListTenancyUnitsResponse: + type: object + id: ListTenancyUnitsResponse + properties: + tenancyUnits: type: array + description: Tenancy units matching the request. items: - $ref: '#/components/schemas/MethodSettings' - description: >- - A list of API method settings, e.g. the behavior for methods that - use the long-running operation pattern. - newIssueUri: - type: string - description: >- - Link to a *public* URI where users can report issues. Example: - https://issuetracker.google.com/issues/new?component=190865&template=1161103 - apiShortName: + $ref: '#/components/schemas/TenancyUnit' + nextPageToken: + description: Pagination token for large results. type: string + description: Response for the list request. + MetricRule: + type: object + properties: + selector: description: >- - Used as a tracking tag when collecting data about the APIs developer - relations artifacts like docs, packages delivered to package - managers, etc. Example: "speech". - documentationUri: - description: >- - Link to product home page. Example: - https://cloud.google.com/asset-inventory/docs/overview + Selects the methods to which this rule applies. Refer to selector + for syntax details. type: string - protoReferenceDocumentationUri: + metricCosts: + type: object + additionalProperties: + type: string + format: int64 description: >- - Optional link to proto reference documentation. Example: - https://cloud.google.com/pubsub/lite/docs/reference/rpc - type: string - librarySettings: - type: array + Metrics to update when the selected methods are called, and the + associated cost applied to each metric. The key of the map is the + metric name, and the values are the amount increased for the metric + against which the quota limits are defined. The value must not be + negative. + description: >- + Bind API methods to metrics. Binding a method to a metric causes that + metric's configured quota behaviors to apply to the method call. + id: MetricRule + V1ServiceAccount: + description: A service account in the Identity and Access Management API. + properties: + tag: description: >- - Client library settings. If the same version string appears multiple - times in this list, then the last one wins. Settings from earlier - settings with the same version string are discarded. - items: - $ref: '#/components/schemas/ClientLibrarySettings' - restReferenceDocumentationUri: + The P4 SA configuration tag. This must be defined in + activation_grants. If not specified when creating the account, the + tag is set to "default". + type: string + email: + type: string + description: The email address of the service account. + uniqueId: + description: The unique and stable id of the service account. + type: string + name: type: string description: >- - Optional link to REST reference documentation. Example: - https://cloud.google.com/pubsub/lite/docs/reference/rest - organization: - enumDescriptions: - - Not useful. - - Google Cloud Platform Org. - - Ads (Advertising) Org. - - Photos Org. - - Street View Org. - - Shopping Org. - - Geo Org. - - Generative AI - https://developers.generativeai.google - enum: - - CLIENT_LIBRARY_ORGANIZATION_UNSPECIFIED - - CLOUD - - ADS - - PHOTOS - - STREET_VIEW - - SHOPPING - - GEO - - GENERATIVE_AI - description: For whom the client library is being published. + P4 SA resource name. An example name would be: + `services/serviceconsumermanagement.googleapis.com/projects/123/serviceAccounts/default` + iamAccountName: + deprecated: true type: string + description: Deprecated. See b/136209818. + id: V1ServiceAccount type: object - id: Publishing - description: >- - This message configures the settings for publishing [Google Cloud Client - libraries](https://cloud.google.com/apis/docs/cloud-client-libraries) - generated from the service config. - RemoveTenantProjectRequest: + V1Beta1GenerateServiceIdentityResponse: description: >- - Request message to remove a tenant project resource from the tenancy - unit. - id: RemoveTenantProjectRequest + Response message for the `GenerateServiceIdentity` method. This response + message is assigned to the `response` field of the returned Operation + when that operation is done. type: object + id: V1Beta1GenerateServiceIdentityResponse properties: - tag: - type: string - description: Required. Tag of the resource within the tenancy unit. - BackendRule: - description: A backend rule provides configuration for an individual API element. - id: BackendRule + identity: + description: ServiceIdentity that was created or retrieved. + $ref: '#/components/schemas/V1Beta1ServiceIdentity' + ExperimentalFeatures: + id: ExperimentalFeatures type: object properties: - minDeadline: - type: number - format: double - description: Deprecated, do not use. - deprecated: true - loadBalancingPolicy: + protobufPythonicTypesEnabled: description: >- - The load balancing policy used for connection to the application - backend. Defined as an arbitrary string to accomondate custom load - balancing policies supported by the underlying channel, but suggest - most users use one of the standard policies, such as the default, - "RoundRobin". - type: string - disableAuth: + Enables generation of protobuf code using new types that are more + Pythonic which are included in `protobuf>=5.29.x`. This feature will + be enabled by default 1 month after launching the feature in preview + packages. + type: boolean + unversionedPackageDisabled: type: boolean description: >- - When disable_auth is true, a JWT ID token won't be generated and the - original "Authorization" HTTP header will be preserved. If the - header is used to carry the original token and is expected by the - backend, this field must be set to true to preserve the header. - pathTranslation: - type: string - enum: - - PATH_TRANSLATION_UNSPECIFIED - - CONSTANT_ADDRESS - - APPEND_PATH_TO_ADDRESS - enumDescriptions: - - '' - - >- - Use the backend address as-is, with no modification to the path. - If the URL pattern contains variables, the variable names and - values will be appended to the query string. If a query string - parameter and a URL pattern variable have the same name, this may - result in duplicate keys in the query string. # Examples Given the - following operation config: Method path: - /api/company/{cid}/user/{uid} Backend address: - https://example.cloudfunctions.net/getUser Requests to the - following request paths will call the backend at the translated - path: Request path: /api/company/widgetworks/user/johndoe - Translated: - https://example.cloudfunctions.net/getUser?cid=widgetworks&uid=johndoe - Request path: /api/company/widgetworks/user/johndoe?timezone=EST - Translated: - https://example.cloudfunctions.net/getUser?timezone=EST&cid=widgetworks&uid=johndoe - - >- - The request path will be appended to the backend address. # - Examples Given the following operation config: Method path: - /api/company/{cid}/user/{uid} Backend address: - https://example.appspot.com Requests to the following request - paths will call the backend at the translated path: Request path: - /api/company/widgetworks/user/johndoe Translated: - https://example.appspot.com/api/company/widgetworks/user/johndoe - Request path: /api/company/widgetworks/user/johndoe?timezone=EST - Translated: - https://example.appspot.com/api/company/widgetworks/user/johndoe?timezone=EST - address: - type: string + Disables generation of an unversioned Python package for this client + library. This means that the module names will need to be versioned + in import statements. For example `import google.cloud.library_v2` + instead of `import google.cloud.library`. + restAsyncIoEnabled: + type: boolean description: >- - The address of the API backend. The scheme is used to determine the - backend protocol and security. The following schemes are accepted: - SCHEME PROTOCOL SECURITY http:// HTTP None https:// HTTP TLS grpc:// - gRPC None grpcs:// gRPC TLS It is recommended to explicitly include - a scheme. Leaving out the scheme may cause constrasting behaviors - across platforms. If the port is unspecified, the default is: - 80 - for schemes without TLS - 443 for schemes with TLS For HTTP - backends, use protocol to specify the protocol version. - overridesByRequestProtocol: - type: object - additionalProperties: - $ref: '#/components/schemas/BackendRule' - description: The map between request protocol and the backend address. - deadline: - format: double - type: number + Enables generation of asynchronous REST clients if `rest` transport + is enabled. By default, asynchronous REST clients will not be + generated. This feature will be enabled by default 1 month after + launching the feature in preview packages. + description: >- + Experimental features to be included during client library generation. + These fields will be deprecated once the feature graduates and is + enabled by default. + SourceContext: + description: >- + `SourceContext` represents information about the source of a protobuf + element, like the file in which it is defined. + properties: + fileName: description: >- - The number of seconds to wait for a response from a request. The - default varies based on the request protocol and deployment - environment. - jwtAudience: + The path-qualified name of the .proto file that contained the + associated protobuf element. For example: + `"google/protobuf/source_context.proto"`. + type: string + type: object + id: SourceContext + NodeSettings: + properties: + common: + description: Some settings. + $ref: '#/components/schemas/CommonLanguageSettings' + id: NodeSettings + type: object + description: Settings for Node client libraries. + V1DefaultIdentity: + type: object + description: A default identity in the Identity and Access Management API. + id: V1DefaultIdentity + properties: + name: type: string description: >- - The JWT audience is used when generating a JWT ID token for the - backend. This ID token will be added in the HTTP "authorization" - header, and sent to the backend. - protocol: + Default identity resource name. An example name would be: + `services/serviceconsumermanagement.googleapis.com/projects/123/defaultIdentity` + tag: + type: string description: >- - The protocol used for sending a request to the backend. The - supported values are "http/1.1" and "h2". The default value is - inferred from the scheme in the address field: SCHEME PROTOCOL - http:// http/1.1 https:// http/1.1 grpc:// h2 grpcs:// h2 For secure - HTTP backends (https://) that support HTTP/2, set this field to "h2" - for improved performance. Configuring this field to non-default - values is only supported for secure HTTP backends. This field will - be ignored for all other backends. See - https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids - for more details on the supported values. + The Default Identity tag. If specified when creating the account, + the tag must be present in activation_grants. If not specified when + creating the account, the tag is set to the tag specified in + activation_grants. + uniqueId: + description: The unique and stable id of the default identity. type: string - operationDeadline: - type: number - format: double + email: description: >- - The number of seconds to wait for the completion of a long running - operation. The default is no deadline. - selector: + The email address of the default identity. Calling + GenerateDefaultIdentity with a deleted or purged default identity + should expect does_not_exist@invalid-project.iam.gserviceaccount.com + placeholder email. + type: string + V1GenerateDefaultIdentityResponse: + properties: + attachStatus: type: string description: >- - Selects the methods to which this rule applies. Refer to selector - for syntax details. - PythonSettings: - properties: - common: - description: Some settings. - $ref: '#/components/schemas/CommonLanguageSettings' - experimentalFeatures: + Status of the role attachment. Under development + (go/si-attach-role), currently always return + ATTACH_STATUS_UNSPECIFIED) + enumDescriptions: + - Indicates that the AttachStatus was not set. + - >- + The default identity was attached to a role successfully in this + request. + - >- + The request specified that no attempt should be made to attach the + role. + - >- + Role was attached to the consumer project at some point in time. + Tenant manager doesn't make assertion about the current state of + the identity with respect to the consumer. Role attachment should + happen only once after activation and cannot be reattached after + customer removes it. (go/si-attach-role) + - >- + Role attachment was denied in this request by customer set org + policy. (go/si-attach-role) + enum: + - ATTACH_STATUS_UNSPECIFIED + - ATTACHED + - ATTACH_SKIPPED + - PREVIOUSLY_ATTACHED + - ATTACH_DENIED_BY_ORG_POLICY + role: + type: string description: >- - Experimental features to be included during client library - generation. - $ref: '#/components/schemas/ExperimentalFeatures' - id: PythonSettings - type: object - description: Settings for Python client libraries. - V1GenerateServiceAccountResponse: - id: V1GenerateServiceAccountResponse - properties: - account: - $ref: '#/components/schemas/V1ServiceAccount' - description: ServiceAccount that was created or retrieved. - type: object + Role attached to consumer project. Empty if not attached in this + request. (Under development, currently always return empty.) + identity: + description: DefaultIdentity that was created or retrieved. + $ref: '#/components/schemas/V1DefaultIdentity' + id: V1GenerateDefaultIdentityResponse description: >- - Response message for the `GenerateServiceAccount` method. This response + Response message for the `GenerateDefaultIdentity` method. This response message is assigned to the `response` field of the returned Operation when that operation is done. - FieldPolicy: type: object - id: FieldPolicy + AttachTenantProjectRequest: + description: >- + Request to attach an existing project to the tenancy unit as a new + tenant resource. properties: - resourceType: + tag: + description: >- + Required. Tag of the tenant resource after attachment. Must be less + than 128 characters. Required. + type: string + externalResource: type: string description: >- - Specifies the resource type for the resource referred to by the - field. - resourcePermission: + When attaching an external project, this is in the format of + `projects/{project_number}`. + reservedResource: description: >- - Specifies the required permission(s) for the resource referred to by - the field. It requires the field contains a valid resource - reference, and the request must pass the permission checks to - proceed. For example, "resourcemanager.projects.get". + When attaching a reserved project already in tenancy units, this is + the tag of a tenant resource under the tenancy unit for the managed + service's service producer project. The reserved tenant resource + must be in an active state. type: string + id: AttachTenantProjectRequest + type: object + AuthenticationRule: + properties: + allowWithoutCredential: + description: >- + If true, the service accepts API keys without any other credential. + This flag only applies to HTTP and gRPC requests. + type: boolean + requirements: + description: Requirements for additional authentication providers. + items: + $ref: '#/components/schemas/AuthRequirement' + type: array + oauth: + $ref: '#/components/schemas/OAuthRequirements' + description: The requirements for OAuth credentials. selector: description: >- - Selects one or more request or response message fields to apply this - `FieldPolicy`. When a `FieldPolicy` is used in proto annotation, the - selector must be left as empty. The service config generator will - automatically fill the correct value. When a `FieldPolicy` is used - in service config, the selector must be a comma-separated string - with valid request or response field paths, such as "foo.bar" or - "foo.bar,foo.baz". + Selects the methods to which this rule applies. Refer to selector + for syntax details. type: string description: >- - Google API Policy Annotation This message defines a simple API policy - annotation that can be used to annotate API request and response message - fields with applicable policies. One field may have multiple applicable - policies that must all be satisfied before a request can be processed. - This policy annotation is used to generate the overall policy that will - be used for automatic runtime policy enforcement and documentation - generation. - BatchingSettingsProto: - description: >- - `BatchingSettingsProto` specifies a set of batching thresholds, each of - which acts as a trigger to send a batch of messages as a request. At - least one threshold must be positive nonzero. + Authentication rules for the service. By default, if a method has any + authentication requirements, every request must include a valid + credential matching one of the requirements. It's an error to include + more than one kind of credential in a single request. If a method + doesn't have any auth requirements, request credentials will be ignored. + id: AuthenticationRule type: object + V1RemoveVisibilityLabelsResponse: + description: >- + Response message for the `RemoveVisibilityLabels` method. This response + message is assigned to the `response` field of the returned Operation + when that operation is done. properties: - elementCountLimit: - type: integer - format: int32 - description: >- - The maximum number of elements collected in a batch that could be - accepted by server. - delayThreshold: - description: >- - The duration after which a batch should be sent, starting from the - addition of the first message to that batch. - type: string - format: google-duration - elementCountThreshold: - format: int32 - type: integer - description: >- - The number of elements of a field collected into a batch which, if - exceeded, causes the batch to be sent. - requestByteLimit: - format: int32 - type: integer - description: The maximum size of the request that could be accepted by server. - requestByteThreshold: - format: int64 - type: string + labels: description: >- - The aggregated size of the batched field which, if exceeded, causes - the batch to be sent. This size is computed by aggregating the sizes - of the request field to be batched, not of the entire request - message. - flowControlByteLimit: - type: integer - description: The maximum size of data allowed by flow control. - format: int32 - flowControlLimitExceededBehavior: - type: string - enumDescriptions: - - Default behavior, system-defined. - - Stop operation, raise error. - - Pause operation until limit clears. - - Continue operation, disregard limit. - description: The behavior to take when the flow control limit is exceeded. - enum: - - UNSET_BEHAVIOR - - THROW_EXCEPTION - - BLOCK - - IGNORE - flowControlElementLimit: - description: The maximum number of elements allowed by flow control. - type: integer - format: int32 - id: BatchingSettingsProto - JavaSettings: + The updated set of visibility labels for this consumer on this + service. + type: array + items: + type: string + id: V1RemoveVisibilityLabelsResponse + type: object + GoSettings: + type: object properties: - libraryPackage: - description: >- - The package name to use in Java. Clobbers the java_package option - set in the protobuf. This should be used **only** by APIs who have - already set the language_settings.java.package_name" field in - gapic.yaml. API teams should use the protobuf java_package option - where possible. Example of a YAML configuration:: publishing: - library_settings: java_settings: library_package: - com.google.cloud.pubsub.v1 - type: string common: description: Some settings. $ref: '#/components/schemas/CommonLanguageSettings' - serviceClassNames: + renamedServices: + description: >- + Map of service names to renamed services. Keys are the package + relative service names and values are the name to be used for the + service client and call options. Example: publishing: go_settings: + renamed_services: Publisher: TopicAdmin + type: object additionalProperties: type: string - type: object - description: >- - Configure the Java class name to use instead of the service's for - its corresponding generated GAPIC client. Keys are fully-qualified - service names as they appear in the protobuf (including the full the - language_settings.java.interface_names" field in gapic.yaml. API - teams should otherwise use the service name as it appears in the - protobuf. Example of a YAML configuration:: publishing: - java_settings: service_class_names: - google.pubsub.v1.Publisher: - TopicAdmin - google.pubsub.v1.Subscriber: SubscriptionAdmin - id: JavaSettings - description: Settings for Java client libraries. - type: object - ApplyTenantProjectConfigRequest: + id: GoSettings + description: Settings for Go client libraries. + Quota: + description: >- + Quota configuration helps to achieve fairness and budgeting in service + usage. The metric based quota configuration works this way: - The + service configuration defines a set of metrics. - For API calls, the + quota.metric_rules maps methods to metrics with corresponding costs. - + The quota.limits defines limits on the metrics, which will be used for + quota checks at runtime. An example quota configuration in yaml format: + quota: limits: - name: apiWriteQpsPerProject metric: + library.googleapis.com/write_calls unit: "1/min/{project}" # rate limit + for consumer projects values: STANDARD: 10000 (The metric rules bind all + methods to the read_calls metric, except for the UpdateBook and + DeleteBook methods. These two methods are mapped to the write_calls + metric, with the UpdateBook method consuming at twice rate as the + DeleteBook method.) metric_rules: - selector: "*" metric_costs: + library.googleapis.com/read_calls: 1 - selector: + google.example.library.v1.LibraryService.UpdateBook metric_costs: + library.googleapis.com/write_calls: 2 - selector: + google.example.library.v1.LibraryService.DeleteBook metric_costs: + library.googleapis.com/write_calls: 1 Corresponding Metric definition: + metrics: - name: library.googleapis.com/read_calls display_name: Read + requests metric_kind: DELTA value_type: INT64 - name: + library.googleapis.com/write_calls display_name: Write requests + metric_kind: DELTA value_type: INT64 + properties: + limits: + description: List of QuotaLimit definitions for the service. + items: + $ref: '#/components/schemas/QuotaLimit' + type: array + metricRules: + items: + $ref: '#/components/schemas/MetricRule' + description: >- + List of MetricRule definitions, each one mapping a selected method + to one or more metrics. + type: array type: object + id: Quota + RemoveTenantProjectRequest: properties: - projectConfig: - $ref: '#/components/schemas/TenantProjectConfig' - description: Configuration that should be applied to the existing tenant project. tag: - description: >- - Required. Tag of the project. Must be less than 128 characters. - Required. type: string - description: Request to apply configuration to an existing tenant project. - id: ApplyTenantProjectConfigRequest - Http: + description: Required. Tag of the resource within the tenancy unit. type: object + id: RemoveTenantProjectRequest description: >- - Defines the HTTP configuration for an API service. It contains a list of - HttpRule, each specifying the mapping of an RPC method to one or more - HTTP REST API methods. - id: Http + Request message to remove a tenant project resource from the tenancy + unit. + LogDescriptor: + type: object + description: >- + A description of a log type. Example in YAML format: - name: + library.googleapis.com/activity_history description: The history of + borrowing and returning library items. display_name: Activity labels: - + key: /customer_id description: Identifier of a library customer properties: - fullyDecodeReservedExpansion: + name: description: >- - When set to true, URL path parameters will be fully URI-decoded - except in cases of single segment matches in reserved expansion, - where "%2F" will be left encoded. The default behavior is to not - decode RFC 6570 reserved characters in multi segment matches. - type: boolean - rules: - items: - $ref: '#/components/schemas/HttpRule' + The name of the log. It must be less than 512 characters long and + can include the following characters: upper- and lower-case + alphanumeric characters [A-Za-z0-9], and punctuation characters + including slash, underscore, hyphen, period [/_-.]. + type: string + description: description: >- - A list of HTTP configuration rules that apply to individual API - methods. **NOTE:** All service configuration rules follow "last one - wins" order. + A human-readable description of this log. This information appears + in the documentation and can contain details. + type: string + displayName: + type: string + description: >- + The human-readable name for this log. This information appears on + the user interface and should be concise. + labels: + items: + $ref: '#/components/schemas/LabelDescriptor' type: array - GoSettings: - type: object + description: >- + The set of labels that are available to describe a specific log + entry. Runtime requests that contain labels not specified here are + considered invalid. + id: LogDescriptor + CreateTenancyUnitRequest: + description: >- + Request to create a tenancy unit for a service consumer of a managed + service. properties: - renamedServices: - type: object + tenancyUnitId: description: >- - Map of service names to renamed services. Keys are the package - relative service names and values are the name to be used for the - service client and call options. publishing: go_settings: - renamed_services: Publisher: TopicAdmin - additionalProperties: - type: string - common: - $ref: '#/components/schemas/CommonLanguageSettings' - description: Some settings. - description: Settings for Go client libraries. - id: GoSettings - Logging: - id: Logging + Optional. Optional service producer-provided identifier of the + tenancy unit. Must be no longer than 40 characters and preferably + URI friendly. If it isn't provided, a UID for the tenancy unit is + automatically generated. The identifier must be unique across a + managed service. If the tenancy unit already exists for the managed + service and service consumer pair, calling `CreateTenancyUnit` + returns the existing tenancy unit if the provided identifier is + identical or empty, otherwise the call fails. + type: string type: object + id: CreateTenancyUnitRequest + BatchingConfigProto: properties: - consumerDestinations: - items: - $ref: '#/components/schemas/LoggingDestination' - type: array + batchDescriptor: + description: The request and response fields used in batching. + $ref: '#/components/schemas/BatchingDescriptorProto' + thresholds: + $ref: '#/components/schemas/BatchingSettingsProto' + description: The thresholds which trigger a batched request to be sent. + description: >- + `BatchingConfigProto` defines the batching configuration for an API + method. + id: BatchingConfigProto + type: object + MetricDescriptorMetadata: + id: MetricDescriptorMetadata + description: Additional annotations that can be used to guide the usage of a metric. + type: object + properties: + samplePeriod: + format: google-duration + type: string description: >- - Logging configurations for sending logs to the consumer project. - There can be multiple consumer destinations, each one must have a - different monitored resource type. A log can be used in at most one - consumer destination. - producerDestinations: + The sampling period of metric data points. For metrics which are + written periodically, consecutive data points are stored at this + time interval, excluding data loss due to errors. Metrics with a + higher granularity have a smaller sampling period. + launchStage: + enumDescriptions: + - Do not use this default value. + - The feature is not yet implemented. Users can not use it. + - >- + Prelaunch features are hidden from users and are only visible + internally. + - >- + Early Access features are limited to a closed group of testers. To + use these features, you must sign up in advance and sign a Trusted + Tester agreement (which includes confidentiality provisions). + These features may be unstable, changed in backward-incompatible + ways, and are not guaranteed to be released. + - >- + Alpha is a limited availability test for releases before they are + cleared for widespread use. By Alpha, all significant design + issues are resolved and we are in the process of verifying + functionality. Alpha customers need to apply for access, agree to + applicable terms, and have their projects allowlisted. Alpha + releases don't have to be feature complete, no SLAs are provided, + and there are no technical support obligations, but they will be + far enough along that customers can actually use them in test + environments or for limited-use tests -- just like they would in + normal production cases. + - >- + Beta is the point at which we are ready to open a release for any + customer to use. There are no SLA or technical support obligations + in a Beta release. Products will be complete from a feature + perspective, but may have some open outstanding issues. Beta + releases are suitable for limited production use cases. + - >- + GA features are open to all developers and are considered stable + and fully qualified for production use. + - >- + Deprecated features are scheduled to be shut down and removed. For + more information, see the "Deprecation Policy" section of our + [Terms of Service](https://cloud.google.com/terms/) and the + [Google Cloud Platform Subject to the Deprecation + Policy](https://cloud.google.com/terms/deprecation) documentation. + enum: + - LAUNCH_STAGE_UNSPECIFIED + - UNIMPLEMENTED + - PRELAUNCH + - EARLY_ACCESS + - ALPHA + - BETA + - GA + - DEPRECATED + deprecated: true + type: string + description: Deprecated. Must use the MetricDescriptor.launch_stage instead. + timeSeriesResourceHierarchyLevel: items: - $ref: '#/components/schemas/LoggingDestination' - description: >- - Logging configurations for sending logs to the producer project. - There can be multiple producer destinations, each one must have a - different monitored resource type. A log can be used in at most one - producer destination. + enum: + - TIME_SERIES_RESOURCE_HIERARCHY_LEVEL_UNSPECIFIED + - PROJECT + - ORGANIZATION + - FOLDER + enumDescriptions: + - Do not use this default value. + - Scopes a metric to a project. + - Scopes a metric to an organization. + - Scopes a metric to a folder. + type: string + description: The scope of the timeseries data of the metric. type: array + ingestDelay: + format: google-duration + description: >- + The delay of data points caused by ingestion. Data points older than + this age are guaranteed to be ingested and available to be read, + excluding data loss due to errors. + type: string + Empty: + properties: {} + type: object description: >- - Logging configuration of the service. The following example shows how to - configure logs to be sent to the producer and consumer projects. In the - example, the `activity_history` log is sent to both the producer and - consumer projects, whereas the `purchase_history` log is only sent to - the producer project. monitored_resources: - type: - library.googleapis.com/branch labels: - key: /city description: The city - where the library branch is located in. - key: /name description: The - name of the branch. logs: - name: activity_history labels: - key: - /customer_id - name: purchase_history logging: producer_destinations: - - monitored_resource: library.googleapis.com/branch logs: - - activity_history - purchase_history consumer_destinations: - - monitored_resource: library.googleapis.com/branch logs: - - activity_history - Backend: + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: Empty + Authentication: + description: >- + `Authentication` defines the authentication configuration for API + methods provided by an API service. Example: name: + calendar.googleapis.com authentication: providers: - id: + google_calendar_auth jwks_uri: + https://www.googleapis.com/oauth2/v1/certs issuer: + https://securetoken.google.com rules: - selector: "*" requirements: + provider_id: google_calendar_auth - selector: google.calendar.Delegate + oauth: canonical_scopes: https://www.googleapis.com/auth/calendar.read + id: Authentication + type: object properties: + providers: + items: + $ref: '#/components/schemas/AuthProvider' + type: array + description: Defines a set of authentication providers that a service supports. rules: type: array + items: + $ref: '#/components/schemas/AuthenticationRule' description: >- - A list of API backend rules that apply to individual API methods. + A list of authentication rules that apply to individual API methods. **NOTE:** All service configuration rules follow "last one wins" order. - items: - $ref: '#/components/schemas/BackendRule' - id: Backend - description: '`Backend` defines the backend configuration for a service.' - type: object - ListOperationsResponse: + JwtLocation: properties: - nextPageToken: + cookie: + description: Specifies cookie name to extract JWT token. type: string - description: The standard List next-page token. - operations: - description: >- - A list of operations that matches the specified filter in the - request. - items: - $ref: '#/components/schemas/Operation' - type: array - description: The response message for Operations.ListOperations. - type: object - id: ListOperationsResponse - Mixin: - description: >- - Declares an API Interface to be included in this interface. The - including interface must redeclare all the methods from the included - interface, but documentation and options are inherited as follows: - If - after comment and whitespace stripping, the documentation string of the - redeclared method is empty, it will be inherited from the original - method. - Each annotation belonging to the service config (http, - visibility) which is not set in the redeclared method will be inherited. - - If an http annotation is inherited, the path pattern will be modified - as follows. Any version prefix will be replaced by the version of the - including interface plus the root path if specified. Example of a simple - mixin: package google.acl.v1; service AccessControl { // Get the - underlying ACL object. rpc GetAcl(GetAclRequest) returns (Acl) { option - (google.api.http).get = "/v1/{resource=**}:getAcl"; } } package - google.storage.v2; service Storage { // rpc GetAcl(GetAclRequest) - returns (Acl); // Get a data record. rpc GetData(GetDataRequest) returns - (Data) { option (google.api.http).get = "/v2/{resource=**}"; } } Example - of a mixin configuration: apis: - name: google.storage.v2.Storage - mixins: - name: google.acl.v1.AccessControl The mixin construct implies - that all methods in `AccessControl` are also declared with same name and - request/response types in `Storage`. A documentation generator or - annotation processor will see the effective `Storage.GetAcl` method - after inheriting documentation and annotations as follows: service - Storage { // Get the underlying ACL object. rpc GetAcl(GetAclRequest) - returns (Acl) { option (google.api.http).get = - "/v2/{resource=**}:getAcl"; } ... } Note how the version in the path - pattern changed from `v1` to `v2`. If the `root` field in the mixin is - specified, it should be a relative path under which inherited HTTP paths - are placed. Example: apis: - name: google.storage.v2.Storage mixins: - - name: google.acl.v1.AccessControl root: acls This implies the following - inherited HTTP annotation: service Storage { // Get the underlying ACL - object. rpc GetAcl(GetAclRequest) returns (Acl) { option - (google.api.http).get = "/v2/acls/{resource=**}:getAcl"; } ... } - id: Mixin - type: object - properties: - root: + query: + description: Specifies URL query parameter name to extract JWT token. type: string - description: >- - If non-empty specifies a path under which inherited HTTP paths are - rooted. - name: + header: type: string - description: The fully qualified name of the interface which is included. - OAuthRequirements: - properties: - canonicalScopes: + description: Specifies HTTP header name to extract JWT token. + valuePrefix: type: string description: >- - The list of publicly documented OAuth scopes that are allowed - access. An OAuth token containing any of these scopes will be - accepted. Example: canonical_scopes: - https://www.googleapis.com/auth/calendar, - https://www.googleapis.com/auth/calendar.read - id: OAuthRequirements - description: >- - OAuth scopes are a way to define data and permissions on data. For - example, there are scopes defined for "Read-only access to Google - Calendar" and "Access to Cloud Platform". Users can consent to a scope - for an application, giving it permission to access that data on their - behalf. OAuth scope specifications should be fairly coarse grained; a - user will need to see and understand the text description of what your - scope means. In most cases: use one or at most two OAuth scopes for an - entire family of products. If your product has multiple APIs, you should - probably be sharing the OAuth scope across all of those APIs. When you - need finer grained OAuth consent screens: talk with your product - management about how developers will use them in practice. Please note - that even though each of the canonical scopes is enough for a request to - be accepted and passed to the backend, a request can still fail due to - the backend requiring additional scopes or permissions. - type: object - V1RefreshConsumerResponse: + The value prefix. The value format is "value_prefix{token}" Only + applies to "in" header type. Must be empty for "in" query type. If + not empty, the header value has to match (case sensitive) this + prefix. If not matched, JWT will not be extracted. If matched, JWT + will be extracted after the prefix is removed. For example, for + "Authorization: Bearer {JWT}", value_prefix="Bearer " with a space + at the end. type: object - properties: {} - id: V1RefreshConsumerResponse + description: Specifies a location to extract JWT from an API request. + id: JwtLocation + Status: description: >- - Response message for the `RefreshConsumer` method. This response message - is assigned to the `response` field of the returned Operation when that - operation is done. - CancelOperationRequest: - properties: {} - id: CancelOperationRequest - type: object - description: The request message for Operations.CancelOperation. - Api: - id: Api + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). type: object properties: - syntax: - enum: - - SYNTAX_PROTO2 - - SYNTAX_PROTO3 - - SYNTAX_EDITIONS - description: The source syntax of the service. - enumDescriptions: - - Syntax `proto2`. - - Syntax `proto3`. - - Syntax `editions`. + code: + format: int32 + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + message: type: string - name: description: >- - The fully qualified name of this interface, including package name - followed by the interface's simple name. - type: string - options: - type: array - items: - $ref: '#/components/schemas/Option' - description: Any metadata attached to the interface. - methods: - items: - $ref: '#/components/schemas/Method' + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + details: type: array - description: The methods of this interface, in unspecified order. - sourceContext: - $ref: '#/components/schemas/SourceContext' - description: >- - Source context for the protocol buffer service represented by this - message. - version: description: >- - A version string for this interface. If specified, must have the - form `major-version.minor-version`, as in `1.10`. If the minor - version is omitted, it defaults to zero. If the entire version field - is empty, the major version is derived from the package name, as - outlined below. If the field is not empty, the version in the - package name will be verified to be consistent with what is provided - here. The versioning schema uses [semantic - versioning](http://semver.org) where the major version number - indicates a breaking change and the minor version an additive, - non-breaking change. Both version numbers are signals to users what - to expect from different versions, and should be carefully chosen - based on the product plan. The major version is also reflected in - the package name of the interface, which must end in `v`, as in - `google.feature.v1`. For major versions 0 and 1, the suffix can be - omitted. Zero major versions must only be used for experimental, - non-GA interfaces. - type: string - mixins: - description: Included interfaces. See Mixin. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. items: - $ref: '#/components/schemas/Mixin' - type: array - description: >- - Api is a light-weight descriptor for an API Interface. Interfaces are - also described as "protocol buffer services" in some contexts, such as - by the "service" keyword in a .proto file, but they are different from - API Services, which represent a concrete implementation of an interface - as opposed to simply a description of methods and bindings. They are - also sometimes simply referred to as "APIs" in other contexts, such as - the name of this message itself. See - https://cloud.google.com/apis/design/glossary for detailed terminology. - Aspect: - id: Aspect + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + id: Status + MonitoringDestination: properties: - spec: + metrics: description: >- - Content of the configuration. The underlying schema should be - defined by Aspect owners as protobuf message under - `google/api/configaspects/proto`. - additionalProperties: - type: any - description: Properties of the object. - type: object - kind: + Types of the metrics to report to this monitoring destination. Each + type must be defined in Service.metrics section. + type: array + items: + type: string + monitoredResource: + description: >- + The monitored resource type. The type must be defined in + Service.monitored_resources section. type: string - description: The type of this aspect configuration. - type: object + id: MonitoringDestination description: >- - Aspect represents Generic aspect. It is used to configure an aspect - without making direct changes to service.proto - Operation: + Configuration of a specific monitoring destination (the producer project + or the consumer project). type: object - description: >- - This resource represents a long-running operation that is the result of - a network API call. - properties: - error: - $ref: '#/components/schemas/Status' - description: >- - The error result of the operation in case of failure or - cancellation. - response: - type: object - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - metadata: - additionalProperties: - description: Properties of the object. Contains field @type with type URL. - type: any + SystemParameter: + description: >- + Define a parameter's name and location. The parameter may be passed as + either an HTTP header or a URL query parameter, and if both are passed + the behavior is implementation-dependent. + properties: + urlQueryParameter: + type: string description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object + Define the URL query parameter name to use for the parameter. It is + case sensitive. name: type: string description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - done: - type: boolean + Define the name of the parameter, such as "api_key" . It is case + sensitive. + httpHeader: description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - id: Operation - TenancyUnit: - id: TenancyUnit + Define the HTTP header name to use for the parameter. It is case + insensitive. + type: string + id: SystemParameter + type: object + V1RefreshConsumerResponse: + type: object + properties: {} + id: V1RefreshConsumerResponse + description: >- + Response message for the `RefreshConsumer` method. This response message + is assigned to the `response` field of the returned Operation when that + operation is done. + LoggingDestination: + description: >- + Configuration of a specific logging destination (the producer project or + the consumer project). type: object + id: LoggingDestination properties: - tenantResources: - type: array + monitoredResource: + type: string description: >- - Resources constituting the tenancy unit. There can be at most 512 - tenant resources in a tenancy unit. + The monitored resource type. The type must be defined in the + Service.monitored_resources section. + logs: items: - $ref: '#/components/schemas/TenantResource' - consumer: - type: string + type: string description: >- - Output only. @OutputOnly Cloud resource name of the consumer of this - service. For example 'projects/123456'. - readOnly: true - service: + Names of the logs to be sent to this destination. Each name must be + defined in the Service.logs section. If the log name is not a domain + scoped name, it will be automatically prefixed with the service name + followed by "/". + type: array + AuthRequirement: + description: >- + User-defined authentication requirements, including support for [JSON + Web Token + (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32). + id: AuthRequirement + properties: + providerId: type: string - readOnly: true description: >- - Output only. Google Cloud API name of the managed service owning - this tenancy unit. For example - 'serviceconsumermanagement.googleapis.com'. - createTime: + id from authentication provider. Example: provider_id: + bookstore_auth + audiences: + description: >- + NOTE: This will be deprecated soon, once AuthProvider.audiences is + implemented and accepted in all the runtime components. The list of + JWT + [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3). + that are allowed to access. A JWT containing any of these audiences + will be accepted. When this setting is absent, only JWTs with + audience "https://Service_name/API_name" will be accepted. For + example, if no audiences are in the setting, LibraryService API will + only accept JWTs with the following audience + "https://library-example.googleapis.com/google.example.library.v1.LibraryService". + Example: audiences: bookstore_android.apps.googleusercontent.com, + bookstore_web.apps.googleusercontent.com type: string - readOnly: true - description: Output only. @OutputOnly The time this tenancy unit was created. - format: google-datetime - name: + type: object + SearchTenancyUnitsResponse: + id: SearchTenancyUnitsResponse + description: Response for the search query. + properties: + nextPageToken: + description: Pagination token for large results. + type: string + tenancyUnits: + items: + $ref: '#/components/schemas/TenancyUnit' + type: array + description: Tenancy Units matching the request. + type: object + AddTenantProjectRequest: + type: object + id: AddTenantProjectRequest + properties: + projectConfig: description: >- - Globally unique identifier of this tenancy unit - "services/{service}/{collection id}/{resource - id}/tenancyUnits/{unit}" + Configuration of the new tenant project to be added to tenancy unit + resources. + $ref: '#/components/schemas/TenantProjectConfig' + tag: + description: >- + Required. Tag of the added project. Must be less than 128 + characters. Required. type: string - description: Representation of a tenancy unit. + description: >- + Request to add a newly created and configured tenant project to a + tenancy unit. MetricDescriptor: type: object + id: MetricDescriptor + description: >- + Defines a metric type and its schema. Once a metric descriptor is + created, deleting or altering it stops data collection and makes the + metric type's existing data unusable. properties: - launchStage: + name: + description: The resource name of the metric descriptor. type: string - enumDescriptions: - - Do not use this default value. - - The feature is not yet implemented. Users can not use it. - - >- - Prelaunch features are hidden from users and are only visible - internally. - - >- - Early Access features are limited to a closed group of testers. To - use these features, you must sign up in advance and sign a Trusted - Tester agreement (which includes confidentiality provisions). - These features may be unstable, changed in backward-incompatible - ways, and are not guaranteed to be released. - - >- - Alpha is a limited availability test for releases before they are - cleared for widespread use. By Alpha, all significant design - issues are resolved and we are in the process of verifying - functionality. Alpha customers need to apply for access, agree to - applicable terms, and have their projects allowlisted. Alpha - releases don't have to be feature complete, no SLAs are provided, - and there are no technical support obligations, but they will be - far enough along that customers can actually use them in test - environments or for limited-use tests -- just like they would in - normal production cases. - - >- - Beta is the point at which we are ready to open a release for any - customer to use. There are no SLA or technical support obligations - in a Beta release. Products will be complete from a feature - perspective, but may have some open outstanding issues. Beta - releases are suitable for limited production use cases. - - >- - GA features are open to all developers and are considered stable - and fully qualified for production use. - - >- - Deprecated features are scheduled to be shut down and removed. For - more information, see the "Deprecation Policy" section of our - [Terms of Service](https://cloud.google.com/terms/) and the - [Google Cloud Platform Subject to the Deprecation - Policy](https://cloud.google.com/terms/deprecation) documentation. - enum: - - LAUNCH_STAGE_UNSPECIFIED - - UNIMPLEMENTED - - PRELAUNCH - - EARLY_ACCESS - - ALPHA - - BETA - - GA - - DEPRECATED - description: Optional. The launch stage of the metric definition. - metricKind: + valueType: enum: - - METRIC_KIND_UNSPECIFIED - - GAUGE - - DELTA - - CUMULATIVE + - VALUE_TYPE_UNSPECIFIED + - BOOL + - INT64 + - DOUBLE + - STRING + - DISTRIBUTION + - MONEY + description: >- + Whether the measurement is an integer, a floating-point number, etc. + Some combinations of `metric_kind` and `value_type` might not be + supported. type: string enumDescriptions: - Do not use this default value. - - An instantaneous measurement of a value. - - The change in a value during a time interval. - >- - A value accumulated over a time interval. Cumulative measurements - in a time series should have the same start time and increasing - end times, until an event resets the cumulative value to zero and - sets a new start time for the following points. - description: >- - Whether the metric records instantaneous values, changes to a value, - etc. Some combinations of `metric_kind` and `value_type` might not - be supported. + The value is a boolean. This value type can be used only if the + metric kind is `GAUGE`. + - The value is a signed 64-bit integer. + - The value is a double precision floating point number. + - >- + The value is a text string. This value type can be used only if + the metric kind is `GAUGE`. + - The value is a `Distribution`. + - The value is money. unit: description: >- The units in which the metric value is reported. It is only @@ -3234,9 +2842,65 @@ components: that will be multiplied by 100 and displayed as a percentage (so a metric value `0.03` means "3 percent"). type: string - name: - description: The resource name of the metric descriptor. + launchStage: + enum: + - LAUNCH_STAGE_UNSPECIFIED + - UNIMPLEMENTED + - PRELAUNCH + - EARLY_ACCESS + - ALPHA + - BETA + - GA + - DEPRECATED type: string + description: Optional. The launch stage of the metric definition. + enumDescriptions: + - Do not use this default value. + - The feature is not yet implemented. Users can not use it. + - >- + Prelaunch features are hidden from users and are only visible + internally. + - >- + Early Access features are limited to a closed group of testers. To + use these features, you must sign up in advance and sign a Trusted + Tester agreement (which includes confidentiality provisions). + These features may be unstable, changed in backward-incompatible + ways, and are not guaranteed to be released. + - >- + Alpha is a limited availability test for releases before they are + cleared for widespread use. By Alpha, all significant design + issues are resolved and we are in the process of verifying + functionality. Alpha customers need to apply for access, agree to + applicable terms, and have their projects allowlisted. Alpha + releases don't have to be feature complete, no SLAs are provided, + and there are no technical support obligations, but they will be + far enough along that customers can actually use them in test + environments or for limited-use tests -- just like they would in + normal production cases. + - >- + Beta is the point at which we are ready to open a release for any + customer to use. There are no SLA or technical support obligations + in a Beta release. Products will be complete from a feature + perspective, but may have some open outstanding issues. Beta + releases are suitable for limited production use cases. + - >- + GA features are open to all developers and are considered stable + and fully qualified for production use. + - >- + Deprecated features are scheduled to be shut down and removed. For + more information, see the "Deprecation Policy" section of our + [Terms of Service](https://cloud.google.com/terms/) and the + [Google Cloud Platform Subject to the Deprecation + Policy](https://cloud.google.com/terms/deprecation) documentation. + monitoredResourceTypes: + description: >- + Read-only. If present, then a time series, which is identified + partially by a metric type and a MonitoredResourceDescriptor, that + is associated with this metric type can only be associated with one + of the monitored resource types listed here. + items: + type: string + type: array labels: description: >- The set of labels that can be used to describe a specific instance @@ -3248,595 +2912,977 @@ components: items: $ref: '#/components/schemas/LabelDescriptor' type: array - valueType: - enum: - - VALUE_TYPE_UNSPECIFIED - - BOOL - - INT64 - - DOUBLE - - STRING - - DISTRIBUTION - - MONEY + displayName: description: >- - Whether the measurement is an integer, a floating-point number, etc. - Some combinations of `metric_kind` and `value_type` might not be - supported. + A concise name for the metric, which can be displayed in user + interfaces. Use sentence case without an ending period, for example + "Request count". This field is optional but it is recommended to be + set for any metrics associated with user-visible concepts, such as + Quota. type: string - enumDescriptions: - - Do not use this default value. - - >- - The value is a boolean. This value type can be used only if the - metric kind is `GAUGE`. - - The value is a signed 64-bit integer. - - The value is a double precision floating point number. - - >- - The value is a text string. This value type can be used only if - the metric kind is `GAUGE`. - - The value is a `Distribution`. - - The value is money. metadata: description: Optional. Metadata which can be used to guide usage of the metric. $ref: '#/components/schemas/MetricDescriptorMetadata' + description: + type: string + description: >- + A detailed description of the metric, which can be used in + documentation. + metricKind: + type: string + enumDescriptions: + - Do not use this default value. + - An instantaneous measurement of a value. + - The change in a value during a time interval. + - >- + A value accumulated over a time interval. Cumulative measurements + in a time series should have the same start time and increasing + end times, until an event resets the cumulative value to zero and + sets a new start time for the following points. + enum: + - METRIC_KIND_UNSPECIFIED + - GAUGE + - DELTA + - CUMULATIVE + description: >- + Whether the metric records instantaneous values, changes to a value, + etc. Some combinations of `metric_kind` and `value_type` might not + be supported. + type: + description: >- + The metric type, including its DNS name prefix. The type is not + URL-encoded. All user-defined metric types have the DNS name + `custom.googleapis.com` or `external.googleapis.com`. Metric types + should use a natural hierarchical grouping. For example: + "custom.googleapis.com/invoice/paid/amount" + "external.googleapis.com/prometheus/up" + "appengine.googleapis.com/http/server/response_latencies" + type: string + QuotaLimit: + id: QuotaLimit + properties: + metric: + description: >- + The name of the metric this quota limit applies to. The quota limits + with the same metric will be checked together during runtime. The + metric must be defined within the service config. + type: string + maxLimit: + type: string + format: int64 + description: >- + Maximum number of tokens that can be consumed during the specified + duration. Client application developers can override the default + limit up to this maximum. If specified, this value cannot be set to + a value less than the default limit. If not specified, it is set to + the default limit. To allow clients to apply overrides with no upper + bound, set this to -1, indicating unlimited maximum quota. Used by + group-based quotas only. displayName: + description: >- + User-visible display name for this limit. Optional. If not set, the + UI will provide a default display name based on the quota + configuration. This field can be used to override the default + display name generated from the configuration. + type: string + values: + additionalProperties: + type: string + format: int64 + type: object + description: >- + Tiered limit values. You must specify this as a key:value pair, with + an integer value that is the maximum number of requests allowed for + the specified unit. Currently only STANDARD is supported. + name: + type: string + description: >- + Name of the quota limit. The name must be provided, and it must be + unique within the service. The name can only include alphanumeric + characters as well as '-'. The maximum length of the limit name is + 64 characters. + duration: + description: >- + Duration of this limit in textual notation. Must be "100s" or "1d". + Used by group-based quotas only. + type: string + defaultLimit: + description: >- + Default number of tokens that can be consumed during the specified + duration. This is the number of tokens assigned when a client + application developer activates the service for his/her project. + Specifying a value of 0 will block all requests. This can be used if + you are provisioning quota to selected consumers and blocking + others. Similarly, a value of -1 will indicate an unlimited quota. + No other negative values are allowed. Used by group-based quotas + only. + format: int64 + type: string + unit: + description: >- + Specify the unit of the quota limit. It uses the same syntax as + MetricDescriptor.unit. The supported unit kinds are determined by + the quota backend system. Here are some examples: * + "1/min/{project}" for quota per minute per project. Note: the order + of unit components is insignificant. The "1" at the beginning is + required to follow the metric unit syntax. + type: string + freeTier: + format: int64 + description: >- + Free tier value displayed in the Developers Console for this limit. + The free tier is the number of tokens that will be subtracted from + the billed amount when billing is enabled. This field can only be + set on a limit with duration "1d", in a billable group; it is + invalid on any other limit. If this field is not set, it defaults to + 0, indicating that there is no free tier for this service. Used by + group-based quotas only. + type: string + description: + description: >- + Optional. User-visible, extended description for this quota limit. + Should be used only when more context is needed to understand this + limit than provided by the limit's display name (see: + `display_name`). + type: string + type: object + description: >- + `QuotaLimit` defines a specific limit that applies over a specified + duration for a limit type. There can be at most one limit for a duration + and limit type combination defined within a `QuotaGroup`. + Documentation: + type: object + id: Documentation + properties: + overview: + description: >- + Declares a single overview page. For example: documentation: + summary: ... overview: (== include overview.md ==) This is a + shortcut for the following declaration (using pages style): + documentation: summary: ... pages: - name: Overview content: (== + include overview.md ==) Note: you cannot specify both `overview` + field and `pages` field. + type: string + summary: + description: >- + A short description of what the service does. The summary must be + plain text. It becomes the overview of the service displayed in + Google Cloud Console. NOTE: This field is equivalent to the standard + field `description`. + type: string + sectionOverrides: + items: + $ref: '#/components/schemas/Page' + type: array + description: >- + Specifies section and content to override the boilerplate content. + Currently overrides following sections: 1. + rest.service.client_libraries + documentationRootUrl: + type: string + description: The URL to the root of documentation. + additionalIamInfo: + type: string + description: >- + Optional information about the IAM configuration. This is typically + used to link to documentation about a product's IAM roles and + permissions. + pages: + items: + $ref: '#/components/schemas/Page' + description: The top level pages for the documentation set. + type: array + rules: + description: >- + A list of documentation rules that apply to individual API elements. + **NOTE:** All service configuration rules follow "last one wins" + order. + items: + $ref: '#/components/schemas/DocumentationRule' + type: array + serviceRootUrl: + description: >- + Specifies the service root url if the default one (the service name + from the yaml file) is not suitable. This can be seen in any fully + specified service urls as well as sections that show a base that + other urls are relative to. + type: string + description: >- + `Documentation` provides the information for describing a service. + Example: documentation: summary: > The Google Calendar API gives access + to most calendar features. pages: - name: Overview content: (== include + google/foo/overview.md ==) - name: Tutorial content: (== include + google/foo/tutorial.md ==) subpages: - name: Java content: (== include + google/foo/tutorial_java.md ==) rules: - selector: + google.calendar.Calendar.Get description: > ... - selector: + google.calendar.Calendar.Put description: > ... Documentation is + provided in markdown syntax. In addition to standard markdown features, + definition lists, tables and fenced code blocks are supported. Section + headers can be provided and are interpreted relative to the section + nesting of the context where a documentation fragment is embedded. + Documentation from the IDL is merged with documentation defined via the + config at normalization time, where documentation provided by config + rules overrides IDL provided. A number of constructs specific to the API + platform are supported in documentation text. In order to reference a + proto element, the following notation can be used: + [fully.qualified.proto.name][] To override the display text used for the + link, this can be used: [display text][fully.qualified.proto.name] Text + can be excluded from doc using the following notation: (-- internal + comment --) A few directives are available in documentation. Note that + directives must appear on a single line to be properly identified. The + `include` directive includes a markdown file from an external source: + (== include path/to/file ==) The `resource_for` directive marks a + message to be the resource of a collection in REST view. If it is not + specified, tools attempt to infer the resource from the operations in a + collection: (== resource_for v1.shelves.books ==) The directive + `suppress_warning` does not directly affect documentation and is + documented together with service config validation. + SystemParameterRule: + id: SystemParameterRule + properties: + selector: type: string description: >- - A concise name for the metric, which can be displayed in user - interfaces. Use sentence case without an ending period, for example - "Request count". This field is optional but it is recommended to be - set for any metrics associated with user-visible concepts, such as - Quota. - monitoredResourceTypes: + Selects the methods to which this rule applies. Use '*' to indicate + all methods in all APIs. Refer to selector for syntax details. + parameters: description: >- - Read-only. If present, then a time series, which is identified - partially by a metric type and a MonitoredResourceDescriptor, that - is associated with this metric type can only be associated with one - of the monitored resource types listed here. + Define parameters. Multiple names may be defined for a parameter. + For a given method call, only one of them should be used. If + multiple names are used the behavior is implementation-dependent. If + none of the specified names are present the behavior is + parameter-dependent. type: array items: - type: string - description: - type: string - description: >- - A detailed description of the metric, which can be used in - documentation. - type: - description: >- - The metric type, including its DNS name prefix. The type is not - URL-encoded. All user-defined metric types have the DNS name - `custom.googleapis.com` or `external.googleapis.com`. Metric types - should use a natural hierarchical grouping. For example: - "custom.googleapis.com/invoice/paid/amount" - "external.googleapis.com/prometheus/up" - "appengine.googleapis.com/http/server/response_latencies" - type: string - description: >- - Defines a metric type and its schema. Once a metric descriptor is - created, deleting or altering it stops data collection and makes the - metric type's existing data unusable. - id: MetricDescriptor - DotnetSettings: + $ref: '#/components/schemas/SystemParameter' type: object - description: Settings for Dotnet client libraries. - id: DotnetSettings + description: >- + Define a system parameter rule mapping system parameter definitions to + methods. + Service: properties: - common: - description: Some settings. - $ref: '#/components/schemas/CommonLanguageSettings' - ignoredResources: + systemTypes: + description: >- + A list of all proto message types included in this API service. It + serves similar purpose as [google.api.Service.types], except that + these types are not needed by user-defined APIs. Therefore, they + will not show up in the generated discovery doc. This field should + only be used to define system APIs in ESF. + items: + $ref: '#/components/schemas/Type' type: array + sourceInfo: + $ref: '#/components/schemas/SourceInfo' + description: >- + Output only. The source information for this configuration if + available. + publishing: + description: >- + Settings for [Google Cloud Client + libraries](https://cloud.google.com/apis/docs/cloud-client-libraries) + generated from APIs defined as protocol buffers. + $ref: '#/components/schemas/Publishing' + usage: + description: Configuration controlling usage of this service. + $ref: '#/components/schemas/Usage' + types: + description: >- + A list of all proto message types included in this API service. + Types referenced directly or indirectly by the `apis` are + automatically included. Messages which are not referenced but shall + be included, such as types used by the `google.protobuf.Any` type, + should be listed here by name by the configuration author. Example: + types: - name: google.protobuf.Int32 items: - type: string + $ref: '#/components/schemas/Type' + type: array + monitoring: + description: Monitoring configuration. + $ref: '#/components/schemas/Monitoring' + logging: + description: Logging configuration. + $ref: '#/components/schemas/Logging' + systemParameters: + description: System parameter configuration. + $ref: '#/components/schemas/SystemParameters' + id: description: >- - List of full resource types to ignore during generation. This is - typically used for API-specific Location resources, which should be - handled by the generator as if they were actually the common - Location resources. Example entry: - "documentai.googleapis.com/Location" - renamedResources: - additionalProperties: - type: string - type: object + A unique ID for a specific instance of this message, typically + assigned by the client for tracking purpose. Must be no longer than + 63 characters and only lower case letters, digits, '.', '_' and '-' + are allowed. If empty, the server may choose to generate one + instead. + type: string + apis: + items: + $ref: '#/components/schemas/Api' + type: array description: >- - Map from full resource types to the effective short name for the - resource. This is used when otherwise resource named from different - services would cause naming collisions. Example entry: - "datalabeling.googleapis.com/Dataset": "DataLabelingDataset" - handwrittenSignatures: + A list of API interfaces exported by this service. Only the `name` + field of the google.protobuf.Api needs to be provided by the + configuration author, as the remaining fields will be derived from + the IDL during the normalization process. It is an error to specify + an API interface here which cannot be resolved against the + associated IDL files. + context: + description: Context configuration. + $ref: '#/components/schemas/Context' + title: + type: string description: >- - Method signatures (in the form "service.method(signature)") which - are provided separately, so shouldn't be generated. Snippets - *calling* these methods are still generated, however. + The product title for this service, it is the name displayed in + Google Cloud Console. + authentication: + description: Auth configuration. + $ref: '#/components/schemas/Authentication' + metrics: items: - type: string + $ref: '#/components/schemas/MetricDescriptor' type: array - forcedNamespaceAliases: + description: Defines the metrics used by this service. + billing: + description: Billing configuration. + $ref: '#/components/schemas/Billing' + monitoredResources: type: array + description: >- + Defines the monitored resources used by this service. This is + required by the Service.monitoring and Service.logging + configurations. items: - type: string + $ref: '#/components/schemas/MonitoredResourceDescriptor' + name: description: >- - Namespaces which must be aliased in snippets due to a known (but - non-generator-predictable) naming collision - renamedServices: - type: object - additionalProperties: - type: string + The service name, which is a DNS-like logical identifier for the + service, such as `calendar.googleapis.com`. The service name + typically goes through DNS verification to make sure the owner of + the service also owns the DNS name. + type: string + configVersion: description: >- - Map from original service names to renamed versions. This is used - when the default generated types would cause a naming conflict. - (Neither name is fully-qualified.) Example: Subscriber to - SubscriberServiceApi. - Page: - description: >- - Represents a documentation page. A page can contain subpages to - represent nested documentation set structure. - type: object - id: Page - properties: - name: + Obsolete. Do not use. This field has no semantic meaning. The + service config compiler always sets this field to `3`. + format: uint32 + type: integer + customError: + description: Custom error configuration. + $ref: '#/components/schemas/CustomError' + producerProjectId: + description: The Google project that owns this service. type: string + aspects: + type: array + items: + $ref: '#/components/schemas/Aspect' description: >- - The name of the page. It will be used as an identity of the page to - generate URI of the page, text of the link to this page in - navigation, etc. The full page name (start from the root page name - to this page concatenated with `.`) can be used as reference to the - page in your documentation. For example: pages: - name: Tutorial - content: (== include tutorial.md ==) subpages: - name: Java content: - (== include tutorial_java.md ==) You can reference `Java` page using - Markdown reference link syntax: `Java`. - content: + Configuration aspects. This is a repeated field to allow multiple + aspects to be configured. The kind field in each ConfigAspect + specifies the type of aspect. The spec field contains the + configuration for that aspect. The schema for the spec field is + defined by the backend service owners. + control: + description: Configuration for the service control plane. + $ref: '#/components/schemas/Control' + documentation: + $ref: '#/components/schemas/Documentation' + description: Additional API documentation. + enums: + items: + $ref: '#/components/schemas/Enum' + type: array description: >- - The Markdown content of the page. You can use ```(== include {path} - ==)``` to include content from a Markdown file. The content can be - used to produce the documentation page such as HTML format page. - type: string - subpages: + A list of all enum types included in this API service. Enums + referenced directly or indirectly by the `apis` are automatically + included. Enums which are not referenced but shall be included + should be listed here by name by the configuration author. Example: + enums: - name: google.someapi.v1.SomeEnum + quota: + description: Quota configuration. + $ref: '#/components/schemas/Quota' + http: + description: HTTP configuration. + $ref: '#/components/schemas/Http' + backend: + description: API backend configuration. + $ref: '#/components/schemas/Backend' + endpoints: + description: >- + Configuration for network endpoints. If this is empty, then an + endpoint with the same name as the service is automatically + generated to service all defined APIs. type: array items: - $ref: '#/components/schemas/Page' - description: >- - Subpages of this page. The order of subpages specified here will be - honored in the generated docset. - Billing: - id: Billing - type: object - description: >- - Billing related configuration of the service. The following example - shows how to configure monitored resources and metrics for billing, - `consumer_destinations` is the only supported destination and the - monitored resources need at least one label key - `cloud.googleapis.com/location` to indicate the location of the billing - usage, using different monitored resources between monitoring and - billing is recommended so they can be evolved independently: - monitored_resources: - type: library.googleapis.com/billing_branch - labels: - key: cloud.googleapis.com/location description: | Predefined - label to support billing location restriction. - key: city description: - | Custom label to define the city where the library branch is located - in. - key: name description: Custom label to define the name of the - library branch. metrics: - name: - library.googleapis.com/book/borrowed_count metric_kind: DELTA - value_type: INT64 unit: "1" billing: consumer_destinations: - - monitored_resource: library.googleapis.com/billing_branch metrics: - - library.googleapis.com/book/borrowed_count - properties: - consumerDestinations: + $ref: '#/components/schemas/Endpoint' + logs: items: - $ref: '#/components/schemas/BillingDestination' - description: >- - Billing configurations for sending metrics to the consumer project. - There can be multiple consumer destinations per service, each one - must have a different monitored resource type. A metric can be used - in at most one consumer destination. + $ref: '#/components/schemas/LogDescriptor' + description: Defines the logs used by this service. type: array - V1Beta1DisableConsumerResponse: - description: >- - Response message for the `DisableConsumer` method. This response message - is assigned to the `response` field of the returned Operation when that - operation is done. + id: Service type: object - id: V1Beta1DisableConsumerResponse - properties: {} - LoggingDestination: + description: >- + `Service` is the root object of Google API service configuration + (service config). It describes the basic information about a logical + service, such as the service name and the user-facing title, and + delegates other aspects to sub-sections. Each sub-section is either a + proto message or a repeated proto message that configures a specific + aspect, such as auth. For more information, see each proto message + definition. Example: type: google.api.Service name: + calendar.googleapis.com title: Google Calendar API apis: - name: + google.calendar.v3.Calendar visibility: rules: - selector: + "google.calendar.v3.*" restriction: PREVIEW backend: rules: - selector: + "google.calendar.v3.*" address: calendar.example.com authentication: + providers: - id: google_calendar_auth jwks_uri: + https://www.googleapis.com/oauth2/v1/certs issuer: + https://securetoken.google.com rules: - selector: "*" requirements: + provider_id: google_calendar_auth + CustomError: properties: - monitoredResource: - type: string - description: >- - The monitored resource type. The type must be defined in the - Service.monitored_resources section. - logs: + types: type: array description: >- - Names of the logs to be sent to this destination. Each name must be - defined in the Service.logs section. If the log name is not a domain - scoped name, it will be automatically prefixed with the service name - followed by "/". + The list of custom error detail types, e.g. + 'google.foo.v1.CustomError'. items: type: string - description: >- - Configuration of a specific logging destination (the producer project or - the consumer project). - id: LoggingDestination - type: object - CommonLanguageSettings: - type: object - properties: - destinations: - description: >- - The destination where API teams want this client library to be - published. + rules: type: array - items: - enum: - - CLIENT_LIBRARY_DESTINATION_UNSPECIFIED - - GITHUB - - PACKAGE_MANAGER - enumDescriptions: - - >- - Client libraries will neither be generated nor published to - package managers. - - >- - Generate the client library in a repo under - github.com/googleapis, but don't publish it to package managers. - - >- - Publish the library to package managers like nuget.org and - npmjs.com. - type: string - selectiveGapicGeneration: - description: >- - Configuration for which RPCs should be generated in the GAPIC - client. - $ref: '#/components/schemas/SelectiveGapicGeneration' - referenceDocsUri: description: >- - Link to automatically generated reference documentation. Example: - https://cloud.google.com/nodejs/docs/reference/asset/latest - deprecated: true - type: string - description: Required information for every language. - id: CommonLanguageSettings - V1Beta1GenerateServiceIdentityResponse: - type: object - id: V1Beta1GenerateServiceIdentityResponse - properties: - identity: - description: ServiceIdentity that was created or retrieved. - $ref: '#/components/schemas/V1Beta1ServiceIdentity' + The list of custom error rules that apply to individual API + messages. **NOTE:** All service configuration rules follow "last one + wins" order. + items: + $ref: '#/components/schemas/CustomErrorRule' description: >- - Response message for the `GenerateServiceIdentity` method. This response - message is assigned to the `response` field of the returned Operation - when that operation is done. - DeleteTenantProjectRequest: - id: DeleteTenantProjectRequest + Customize service error responses. For example, list any service + specific protobuf types that can appear in error detail lists of error + responses. Example: custom_error: types: - google.foo.v1.CustomError - + google.foo.v1.AnotherError type: object + id: CustomError + MethodPolicy: properties: - tag: - type: string - description: Required. Tag of the resource within the tenancy unit. - description: Request message to delete tenant project resource from the tenancy unit. - V1GenerateDefaultIdentityResponse: - id: V1GenerateDefaultIdentityResponse - description: >- - Response message for the `GenerateDefaultIdentity` method. This response - message is assigned to the `response` field of the returned Operation - when that operation is done. - properties: - role: - type: string - description: >- - Role attached to consumer project. Empty if not attached in this - request. (Under development, currently always return empty.) - identity: - $ref: '#/components/schemas/V1DefaultIdentity' - description: DefaultIdentity that was created or retrieved. - attachStatus: + requestPolicies: + type: array + items: + $ref: '#/components/schemas/FieldPolicy' + description: Policies that are applicable to the request message. + selector: type: string - enumDescriptions: - - Indicates that the AttachStatus was not set. - - >- - The default identity was attached to a role successfully in this - request. - - >- - The request specified that no attempt should be made to attach the - role. - - >- - Role was attached to the consumer project at some point in time. - Tenant manager doesn't make assertion about the current state of - the identity with respect to the consumer. Role attachment should - happen only once after activation and cannot be reattached after - customer removes it. (go/si-attach-role) - - >- - Role attachment was denied in this request by customer set org - policy. (go/si-attach-role) description: >- - Status of the role attachment. Under development - (go/si-attach-role), currently always return - ATTACH_STATUS_UNSPECIFIED) - enum: - - ATTACH_STATUS_UNSPECIFIED - - ATTACHED - - ATTACH_SKIPPED - - PREVIOUSLY_ATTACHED - - ATTACH_DENIED_BY_ORG_POLICY - type: object - NodeSettings: - description: Settings for Node client libraries. + Selects a method to which these policies should be enforced, for + example, "google.pubsub.v1.Subscriber.CreateSubscription". Refer to + selector for syntax details. NOTE: This field must not be set in the + proto annotation. It will be automatically filled by the service + config compiler . + id: MethodPolicy type: object - id: NodeSettings + description: Defines policies applying to an RPC method. + RubySettings: + id: RubySettings properties: common: - $ref: '#/components/schemas/CommonLanguageSettings' description: Some settings. - Option: - id: Option - description: >- - A protocol buffer option, which can be attached to a message, field, - enumeration, etc. + $ref: '#/components/schemas/CommonLanguageSettings' + type: object + description: Settings for Ruby client libraries. + DocumentationRule: + id: DocumentationRule type: object + description: A documentation rule provides information about individual API elements. properties: - value: - type: object + selector: description: >- - The option's value packed in an Any message. If the value is a - primitive, the corresponding wrapper type defined in - google/protobuf/wrappers.proto should be used. If the value is an - enum, it should be stored as an int32 value using the - google.protobuf.Int32Value type. - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - name: + The selector is a comma-separated list of patterns for any element + such as a method, a field, an enum value. Each pattern is a + qualified name of the element which may end in "*", indicating a + wildcard. Wildcards are only allowed at the end and for a whole + component of the qualified name, i.e. "foo.*" is ok, but not + "foo.b*" or "foo.*.bar". A wildcard will match one or more + components. To specify a default for all applicable elements, the + whole pattern "*" is used. + type: string + description: + description: >- + Description of the selected proto element (e.g. a message, a method, + a 'service' definition, or a field). Defaults to leading & trailing + comments taken from the proto source definition of the proto + element. + type: string + disableReplacementWords: type: string description: >- - The option's name. For protobuf built-in options (options defined in - descriptor.proto), this is the short name. For example, - `"map_entry"`. For custom options, it should be the fully-qualified - name. For example, `"google.api.http"`. - Status: + String of comma or space separated case-sensitive words for which + method/field name replacement will be disabled. + deprecationDescription: + description: >- + Deprecation description of the selected element(s). It can be + provided if an element is marked as `deprecated`. + type: string + CancelOperationRequest: + properties: {} + id: CancelOperationRequest type: object - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + description: The request message for Operations.CancelOperation. + LabelDescriptor: + id: LabelDescriptor + description: A description of a label. properties: - message: + key: + description: The label key. type: string + valueType: + type: string + description: The type of data that can be assigned to the label. + enum: + - STRING + - BOOL + - INT64 + enumDescriptions: + - A variable-length string. This is the default. + - Boolean; true or false. + - A 64-bit signed integer. + description: + description: A human-readable description for the label. + type: string + type: object + SystemParameters: + properties: + rules: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array + Define system parameters. The parameters defined here will override + the default parameters implemented by the system. If this field is + missing from the service config, default system parameters will be + used. Default system parameters and names is + implementation-dependent. Example: define api key for all methods + system_parameters rules: - selector: "*" parameters: - name: api_key + url_query_parameter: api_key Example: define 2 api key names for a + specific method. system_parameters rules: - selector: "/ListShelves" + parameters: - name: api_key http_header: Api-Key1 - name: api_key + http_header: Api-Key2 **NOTE:** All service configuration rules + follow "last one wins" order. items: - type: object - additionalProperties: - description: Properties of the object. Contains field @type with type URL. - type: any - SystemParameterRule: + $ref: '#/components/schemas/SystemParameterRule' + type: array + id: SystemParameters type: object description: >- - Define a system parameter rule mapping system parameter definitions to - methods. - id: SystemParameterRule + ### System parameter configuration A system parameter is a special kind + of parameter defined by the API system, not by an individual API. It is + typically mapped to an HTTP header and/or a URL query parameter. This + configuration specifies which methods change the names of the system + parameters. + Logging: + id: Logging properties: - selector: + producerDestinations: description: >- - Selects the methods to which this rule applies. Use '*' to indicate - all methods in all APIs. Refer to selector for syntax details. - type: string - parameters: + Logging configurations for sending logs to the producer project. + There can be multiple producer destinations, each one must have a + different monitored resource type. A log can be used in at most one + producer destination. items: - $ref: '#/components/schemas/SystemParameter' + $ref: '#/components/schemas/LoggingDestination' + type: array + consumerDestinations: description: >- - Define parameters. Multiple names may be defined for a parameter. - For a given method call, only one of them should be used. If - multiple names are used the behavior is implementation-dependent. If - none of the specified names are present the behavior is - parameter-dependent. + Logging configurations for sending logs to the consumer project. + There can be multiple consumer destinations, each one must have a + different monitored resource type. A log can be used in at most one + consumer destination. + items: + $ref: '#/components/schemas/LoggingDestination' type: array - Enum: - id: Enum - description: Enum type definition. + description: >- + Logging configuration of the service. The following example shows how to + configure logs to be sent to the producer and consumer projects. In the + example, the `activity_history` log is sent to both the producer and + consumer projects, whereas the `purchase_history` log is only sent to + the producer project. monitored_resources: - type: + library.googleapis.com/branch labels: - key: /city description: The city + where the library branch is located in. - key: /name description: The + name of the branch. logs: - name: activity_history labels: - key: + /customer_id - name: purchase_history logging: producer_destinations: - + monitored_resource: library.googleapis.com/branch logs: - + activity_history - purchase_history consumer_destinations: - + monitored_resource: library.googleapis.com/branch logs: - + activity_history + type: object + Method: properties: + edition: + type: string + deprecated: true + description: >- + The source edition string, only valid when syntax is + SYNTAX_EDITIONS. This field should be ignored, instead the edition + should be inherited from Api. This is similar to Field and + EnumValue. + name: + type: string + description: The simple name of this method. + responseStreaming: + type: boolean + description: If true, the response is streamed. + requestStreaming: + type: boolean + description: If true, the request is streamed. + options: + type: array + items: + $ref: '#/components/schemas/Option' + description: Any metadata attached to the method. syntax: + deprecated: true type: string + description: >- + The source syntax of this method. This field should be ignored, + instead the syntax should be inherited from Api. This is similar to + Field and EnumValue. enumDescriptions: - Syntax `proto2`. - Syntax `proto3`. - Syntax `editions`. - description: The source syntax. enum: - SYNTAX_PROTO2 - SYNTAX_PROTO3 - SYNTAX_EDITIONS - options: - description: Protocol buffer options. - type: array - items: - $ref: '#/components/schemas/Option' - name: - description: Enum type name. + requestTypeUrl: type: string - sourceContext: - description: The source context. - $ref: '#/components/schemas/SourceContext' - edition: + description: A URL of the input message type. + responseTypeUrl: + description: The URL of the output message type. type: string - description: >- - The source edition string, only valid when syntax is - SYNTAX_EDITIONS. - enumvalue: - description: Enum value definitions. - type: array - items: - $ref: '#/components/schemas/EnumValue' + description: >- + Method represents a method of an API interface. New usages of this + message as an alternative to MethodDescriptorProto are strongly + discouraged. This message does not reliability preserve all information + necessary to model the schema and preserve semantics. Instead make use + of FileDescriptorSet which preserves the necessary information. + id: Method type: object - ListTenancyUnitsResponse: - description: Response for the list request. - id: ListTenancyUnitsResponse + AuthProvider: + id: AuthProvider type: object properties: - tenancyUnits: - description: Tenancy units matching the request. + jwksUri: + description: >- + URL of the provider's public key set to validate signature of the + JWT. See [OpenID + Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata). + Optional if the key set document: - can be retrieved from [OpenID + Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html) + of the issuer. - can be inferred from the email domain of the issuer + (e.g. a Google service account). Example: + https://www.googleapis.com/oauth2/v1/certs + type: string + id: + type: string + description: >- + The unique identifier of the auth provider. It will be referred to + by `AuthRequirement.provider_id`. Example: "bookstore_auth". + jwtLocations: type: array + description: >- + Defines the locations to extract the JWT. For now it is only used by + the Cloud Endpoints to store the OpenAPI extension + [x-google-jwt-locations] + (https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations) + JWT locations can be one of HTTP headers, URL query parameters or + cookies. The rule is that the first match wins. If not specified, + default to use following 3 locations: 1) Authorization: Bearer 2) + x-goog-iap-jwt-assertion 3) access_token query parameter Default + locations can be specified as followings: jwt_locations: - header: + Authorization value_prefix: "Bearer " - header: + x-goog-iap-jwt-assertion - query: access_token items: - $ref: '#/components/schemas/TenancyUnit' - nextPageToken: + $ref: '#/components/schemas/JwtLocation' + authorizationUrl: + description: >- + Redirect URL if JWT token is required but not present or is expired. + Implement authorizationUrl of securityDefinitions in OpenAPI spec. type: string - description: Pagination token for large results. - AttachTenantProjectRequest: - description: >- - Request to attach an existing project to the tenancy unit as a new - tenant resource. - type: object - id: AttachTenantProjectRequest - properties: - reservedResource: + issuer: description: >- - When attaching a reserved project already in tenancy units, this is - the tag of a tenant resource under the tenancy unit for the managed - service's service producer project. The reserved tenant resource - must be in an active state. + Identifies the principal that issued the JWT. See + https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 + Usually a URL or an email address. Example: + https://securetoken.google.com Example: + 1234567-compute@developer.gserviceaccount.com type: string - externalResource: + audiences: + type: string + description: >- + The list of JWT + [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3). + that are allowed to access. A JWT containing any of these audiences + will be accepted. When this setting is absent, JWTs with audiences: + - "https://[service.name]/[google.protobuf.Api.name]" - + "https://[service.name]/" will be accepted. For example, if no + audiences are in the setting, LibraryService API will accept JWTs + with the following audiences: - + https://library-example.googleapis.com/google.example.library.v1.LibraryService + - https://library-example.googleapis.com/ Example: audiences: + bookstore_android.apps.googleusercontent.com, + bookstore_web.apps.googleusercontent.com + description: >- + Configuration for an authentication provider, including support for + [JSON Web Token + (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32). + JavaSettings: + id: JavaSettings + description: Settings for Java client libraries. + type: object + properties: + libraryPackage: description: >- - When attaching an external project, this is in the format of - `projects/{project_number}`. - type: string - tag: + The package name to use in Java. Clobbers the java_package option + set in the protobuf. This should be used **only** by APIs who have + already set the language_settings.java.package_name" field in + gapic.yaml. API teams should use the protobuf java_package option + where possible. Example of a YAML configuration:: publishing: + library_settings: java_settings: library_package: + com.google.cloud.pubsub.v1 type: string + serviceClassNames: + additionalProperties: + type: string + type: object description: >- - Required. Tag of the tenant resource after attachment. Must be less - than 128 characters. Required. - QuotaLimit: + Configure the Java class name to use instead of the service's for + its corresponding generated GAPIC client. Keys are fully-qualified + service names as they appear in the protobuf (including the full the + language_settings.java.interface_names" field in gapic.yaml. API + teams should otherwise use the service name as it appears in the + protobuf. Example of a YAML configuration:: publishing: + java_settings: service_class_names: - google.pubsub.v1.Publisher: + TopicAdmin - google.pubsub.v1.Subscriber: SubscriptionAdmin + common: + $ref: '#/components/schemas/CommonLanguageSettings' + description: Some settings. + MonitoredResourceDescriptor: description: >- - `QuotaLimit` defines a specific limit that applies over a specified - duration for a limit type. There can be at most one limit for a duration - and limit type combination defined within a `QuotaGroup`. + An object that describes the schema of a MonitoredResource object using + a type name and a set of labels. For example, the monitored resource + descriptor for Google Compute Engine VM instances has a type of + `"gce_instance"` and specifies the use of the labels `"instance_id"` and + `"zone"` to identify particular VM instances. Different APIs can support + different monitored resource types. APIs generally provide a `list` + method that returns the monitored resource descriptors used by the API. type: object + id: MonitoredResourceDescriptor properties: - defaultLimit: - format: int64 + displayName: type: string description: >- - Default number of tokens that can be consumed during the specified - duration. This is the number of tokens assigned when a client - application developer activates the service for his/her project. - Specifying a value of 0 will block all requests. This can be used if - you are provisioning quota to selected consumers and blocking - others. Similarly, a value of -1 will indicate an unlimited quota. - No other negative values are allowed. Used by group-based quotas - only. - duration: + Optional. A concise name for the monitored resource type that might + be displayed in user interfaces. It should be a Title Cased Noun + Phrase, without any article or other determiners. For example, + `"Google Cloud SQL Database"`. + name: type: string description: >- - Duration of this limit in textual notation. Must be "100s" or "1d". - Used by group-based quotas only. - freeTier: - format: int64 + Optional. The resource name of the monitored resource descriptor: + `"projects/{project_id}/monitoredResourceDescriptors/{type}"` where + {type} is the value of the `type` field in this object and + {project_id} is a project ID that provides API-specific context for + accessing the type. APIs that do not use project information can use + the resource name format `"monitoredResourceDescriptors/{type}"`. + description: type: string description: >- - Free tier value displayed in the Developers Console for this limit. - The free tier is the number of tokens that will be subtracted from - the billed amount when billing is enabled. This field can only be - set on a limit with duration "1d", in a billable group; it is - invalid on any other limit. If this field is not set, it defaults to - 0, indicating that there is no free tier for this service. Used by - group-based quotas only. - unit: - description: >- - Specify the unit of the quota limit. It uses the same syntax as - MetricDescriptor.unit. The supported unit kinds are determined by - the quota backend system. Here are some examples: * - "1/min/{project}" for quota per minute per project. Note: the order - of unit components is insignificant. The "1" at the beginning is - required to follow the metric unit syntax. - type: string - values: - additionalProperties: - type: string - format: int64 - type: object + Optional. A detailed description of the monitored resource type that + might be used in documentation. + labels: + items: + $ref: '#/components/schemas/LabelDescriptor' + type: array description: >- - Tiered limit values. You must specify this as a key:value pair, with - an integer value that is the maximum number of requests allowed for - the specified unit. Currently only STANDARD is supported. - description: + Required. A set of labels used to describe instances of this + monitored resource type. For example, an individual Google Cloud SQL + database is identified by values for the labels `"database_id"` and + `"zone"`. + launchStage: type: string + enum: + - LAUNCH_STAGE_UNSPECIFIED + - UNIMPLEMENTED + - PRELAUNCH + - EARLY_ACCESS + - ALPHA + - BETA + - GA + - DEPRECATED + description: Optional. The launch stage of the monitored resource definition. + enumDescriptions: + - Do not use this default value. + - The feature is not yet implemented. Users can not use it. + - >- + Prelaunch features are hidden from users and are only visible + internally. + - >- + Early Access features are limited to a closed group of testers. To + use these features, you must sign up in advance and sign a Trusted + Tester agreement (which includes confidentiality provisions). + These features may be unstable, changed in backward-incompatible + ways, and are not guaranteed to be released. + - >- + Alpha is a limited availability test for releases before they are + cleared for widespread use. By Alpha, all significant design + issues are resolved and we are in the process of verifying + functionality. Alpha customers need to apply for access, agree to + applicable terms, and have their projects allowlisted. Alpha + releases don't have to be feature complete, no SLAs are provided, + and there are no technical support obligations, but they will be + far enough along that customers can actually use them in test + environments or for limited-use tests -- just like they would in + normal production cases. + - >- + Beta is the point at which we are ready to open a release for any + customer to use. There are no SLA or technical support obligations + in a Beta release. Products will be complete from a feature + perspective, but may have some open outstanding issues. Beta + releases are suitable for limited production use cases. + - >- + GA features are open to all developers and are considered stable + and fully qualified for production use. + - >- + Deprecated features are scheduled to be shut down and removed. For + more information, see the "Deprecation Policy" section of our + [Terms of Service](https://cloud.google.com/terms/) and the + [Google Cloud Platform Subject to the Deprecation + Policy](https://cloud.google.com/terms/deprecation) documentation. + type: description: >- - Optional. User-visible, extended description for this quota limit. - Should be used only when more context is needed to understand this - limit than provided by the limit's display name (see: - `display_name`). - metric: - description: >- - The name of the metric this quota limit applies to. The quota limits - with the same metric will be checked together during runtime. The - metric must be defined within the service config. + Required. The monitored resource type. For example, the type + `"cloudsql_database"` represents databases in Google Cloud SQL. For + a list of types, see [Monitored resource + types](https://cloud.google.com/monitoring/api/resources) and + [Logging resource + types](https://cloud.google.com/logging/docs/api/v2/resource-list). type: string + Page: + type: object + description: >- + Represents a documentation page. A page can contain subpages to + represent nested documentation set structure. + properties: name: description: >- - Name of the quota limit. The name must be provided, and it must be - unique within the service. The name can only include alphanumeric - characters as well as '-'. The maximum length of the limit name is - 64 characters. + The name of the page. It will be used as an identity of the page to + generate URI of the page, text of the link to this page in + navigation, etc. The full page name (start from the root page name + to this page concatenated with `.`) can be used as reference to the + page in your documentation. For example: pages: - name: Tutorial + content: (== include tutorial.md ==) subpages: - name: Java content: + (== include tutorial_java.md ==) You can reference `Java` page using + Markdown reference link syntax: `Java`. type: string - displayName: + content: + type: string + description: >- + The Markdown content of the page. You can use ```(== include {path} + ==)``` to include content from a Markdown file. The content can be + used to produce the documentation page such as HTML format page. + subpages: + items: + $ref: '#/components/schemas/Page' + description: >- + Subpages of this page. The order of subpages specified here will be + honored in the generated docset. + type: array + id: Page + Monitoring: + id: Monitoring + description: >- + Monitoring configuration of the service. The example below shows how to + configure monitored resources and metrics for monitoring. In the + example, a monitored resource and two metrics are defined. The + `library.googleapis.com/book/returned_count` metric is sent to both + producer and consumer projects, whereas the + `library.googleapis.com/book/num_overdue` metric is only sent to the + consumer project. monitored_resources: - type: + library.googleapis.com/Branch display_name: "Library Branch" + description: "A branch of a library." launch_stage: GA labels: - key: + resource_container description: "The Cloud container (ie. project id) + for the Branch." - key: location description: "The location of the + library branch." - key: branch_id description: "The id of the branch." + metrics: - name: library.googleapis.com/book/returned_count + display_name: "Books Returned" description: "The count of books that + have been returned." launch_stage: GA metric_kind: DELTA value_type: + INT64 unit: "1" labels: - key: customer_id description: "The id of the + customer." - name: library.googleapis.com/book/num_overdue display_name: + "Books Overdue" description: "The current number of overdue books." + launch_stage: GA metric_kind: GAUGE value_type: INT64 unit: "1" labels: + - key: customer_id description: "The id of the customer." monitoring: + producer_destinations: - monitored_resource: + library.googleapis.com/Branch metrics: - + library.googleapis.com/book/returned_count consumer_destinations: - + monitored_resource: library.googleapis.com/Branch metrics: - + library.googleapis.com/book/returned_count - + library.googleapis.com/book/num_overdue + properties: + producerDestinations: + description: >- + Monitoring configurations for sending metrics to the producer + project. There can be multiple producer destinations. A monitored + resource type may appear in multiple monitoring destinations if + different aggregations are needed for different sets of metrics + associated with that monitored resource type. A monitored resource + and metric pair may only be used once in the Monitoring + configuration. + type: array + items: + $ref: '#/components/schemas/MonitoringDestination' + consumerDestinations: + items: + $ref: '#/components/schemas/MonitoringDestination' + description: >- + Monitoring configurations for sending metrics to the consumer + project. There can be multiple consumer destinations. A monitored + resource type may appear in multiple monitoring destinations if + different aggregations are needed for different sets of metrics + associated with that monitored resource type. A monitored resource + and metric pair may only be used once in the Monitoring + configuration. + type: array + type: object + Http: + description: >- + Defines the HTTP configuration for an API service. It contains a list of + HttpRule, each specifying the mapping of an RPC method to one or more + HTTP REST API methods. + type: object + id: Http + properties: + rules: + items: + $ref: '#/components/schemas/HttpRule' + type: array description: >- - User-visible display name for this limit. Optional. If not set, the - UI will provide a default display name based on the quota - configuration. This field can be used to override the default - display name generated from the configuration. - type: string - maxLimit: + A list of HTTP configuration rules that apply to individual API + methods. **NOTE:** All service configuration rules follow "last one + wins" order. + fullyDecodeReservedExpansion: + type: boolean description: >- - Maximum number of tokens that can be consumed during the specified - duration. Client application developers can override the default - limit up to this maximum. If specified, this value cannot be set to - a value less than the default limit. If not specified, it is set to - the default limit. To allow clients to apply overrides with no upper - bound, set this to -1, indicating unlimited maximum quota. Used by - group-based quotas only. - type: string - format: int64 - id: QuotaLimit + When set to true, URL path parameters will be fully URI-decoded + except in cases of single segment matches in reserved expansion, + where "%2F" will be left encoded. The default behavior is to not + decode RFC 6570 reserved characters in multi segment matches. + V1Beta1EnableConsumerResponse: + description: >- + Response message for the `EnableConsumer` method. This response message + is assigned to the `response` field of the returned Operation when that + operation is done. + type: object + properties: {} + id: V1Beta1EnableConsumerResponse parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string - oauth_token: - description: OAuth 2.0 token for the current user. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: oauth_token + name: upload_protocol schema: type: string key: @@ -3848,12 +3894,6 @@ components: name: key schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -3863,24 +3903,18 @@ components: name: quotaUser schema: type: string - callback: - description: JSONP - in: query - name: callback - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string _.xgafv: description: V1 error format. in: query @@ -3890,83 +3924,98 @@ components: enum: - '1' - '2' + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string + alt: + description: Data format for response. + in: query + name: alt + schema: + type: string + enum: + - json + - media + - proto + callback: + description: JSONP + in: query + name: callback + schema: + type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string x-stackQL-resources: - operations: - id: google.serviceconsumermanagement.operations - name: operations - title: Operations + tenancy_units_project: + id: google.serviceconsumermanagement.tenancy_units_project + name: tenancy_units_project + title: Tenancy_units_project methods: - get: - operation: - $ref: '#/paths/~1v1~1operations~1{operationsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: '#/paths/~1v1~1operations~1{operationsId}/delete' - response: - mediaType: application/json - openAPIDocKey: '200' - cancel: + add_project: operation: - $ref: '#/paths/~1v1~1operations~1{operationsId}:cancel/post' + $ref: >- + #/paths/~1v1~1services~1{servicesId}~1{servicesId1}~1{servicesId2}~1tenancyUnits~1{tenancyUnitsId}:addProject/post response: mediaType: application/json openAPIDocKey: '200' - list: + remove_project: operation: - $ref: '#/paths/~1v1~1operations/get' + $ref: >- + #/paths/~1v1~1services~1{servicesId}~1{servicesId1}~1{servicesId2}~1tenancyUnits~1{tenancyUnitsId}:removeProject/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' - insert: [] - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - services: - id: google.serviceconsumermanagement.services - name: services - title: Services - methods: - search: + delete_project: operation: - $ref: '#/paths/~1v1~1services~1{servicesId}:search/get' + $ref: >- + #/paths/~1v1~1services~1{servicesId}~1{servicesId1}~1{servicesId2}~1tenancyUnits~1{tenancyUnitsId}:deleteProject/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: [] - insert: [] + insert: + - $ref: >- + #/components/x-stackQL-resources/tenancy_units_project/methods/add_project update: [] replace: [] - delete: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/tenancy_units_project/methods/remove_project + - $ref: >- + #/components/x-stackQL-resources/tenancy_units_project/methods/delete_project tenancy_units: id: google.serviceconsumermanagement.tenancy_units name: tenancy_units title: Tenancy_units methods: - delete: + apply_project_config: operation: $ref: >- - #/paths/~1v1~1services~1{servicesId}~1{servicesId1}~1{servicesId2}~1tenancyUnits~1{tenancyUnitsId}/delete + #/paths/~1v1~1services~1{servicesId}~1{servicesId1}~1{servicesId2}~1tenancyUnits~1{tenancyUnitsId}:applyProjectConfig/post response: mediaType: application/json openAPIDocKey: '200' - list: + attach_project: operation: $ref: >- - #/paths/~1v1~1services~1{servicesId}~1{servicesId1}~1{servicesId2}~1tenancyUnits/get + #/paths/~1v1~1services~1{servicesId}~1{servicesId1}~1{servicesId2}~1tenancyUnits~1{tenancyUnitsId}:attachProject/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.tenancyUnits create: operation: $ref: >- @@ -3974,94 +4023,120 @@ components: response: mediaType: application/json openAPIDocKey: '200' - apply_project_config: + list: operation: $ref: >- - #/paths/~1v1~1services~1{servicesId}~1{servicesId1}~1{servicesId2}~1tenancyUnits~1{tenancyUnitsId}:applyProjectConfig/post + #/paths/~1v1~1services~1{servicesId}~1{servicesId1}~1{servicesId2}~1tenancyUnits/get response: mediaType: application/json openAPIDocKey: '200' - attach_project: + objectKey: $.tenancyUnits + delete: operation: $ref: >- - #/paths/~1v1~1services~1{servicesId}~1{servicesId1}~1{servicesId2}~1tenancyUnits~1{tenancyUnitsId}:attachProject/post + #/paths/~1v1~1services~1{servicesId}~1{servicesId1}~1{servicesId2}~1tenancyUnits~1{tenancyUnitsId}/delete response: mediaType: application/json openAPIDocKey: '200' undelete_project: operation: - $ref: >- - #/paths/~1v1~1services~1{servicesId}~1{servicesId1}~1{servicesId2}~1tenancyUnits~1{tenancyUnitsId}:undeleteProject/post + $ref: >- + #/paths/~1v1~1services~1{servicesId}~1{servicesId1}~1{servicesId2}~1tenancyUnits~1{tenancyUnitsId}:undeleteProject/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/tenancy_units/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/tenancy_units/methods/create' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/tenancy_units/methods/delete' + services: + id: google.serviceconsumermanagement.services + name: services + title: Services + methods: + search: + operation: + $ref: '#/paths/~1v1~1services~1{servicesId}:search/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + operations: + id: google.serviceconsumermanagement.operations + name: operations + title: Operations + methods: + get: + operation: + $ref: '#/paths/~1v1~1operations~1{operationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/tenancy_units/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/tenancy_units/methods/create' - update: [] - replace: [] delete: - - $ref: '#/components/x-stackQL-resources/tenancy_units/methods/delete' - tenancy_units_project: - id: google.serviceconsumermanagement.tenancy_units_project - name: tenancy_units_project - title: Tenancy_units_project - methods: - remove_project: operation: - $ref: >- - #/paths/~1v1~1services~1{servicesId}~1{servicesId1}~1{servicesId2}~1tenancyUnits~1{tenancyUnitsId}:removeProject/post + $ref: '#/paths/~1v1~1operations~1{operationsId}/delete' response: mediaType: application/json openAPIDocKey: '200' - add_project: + cancel: operation: - $ref: >- - #/paths/~1v1~1services~1{servicesId}~1{servicesId1}~1{servicesId2}~1tenancyUnits~1{tenancyUnitsId}:addProject/post + $ref: '#/paths/~1v1~1operations~1{operationsId}:cancel/post' response: mediaType: application/json openAPIDocKey: '200' - delete_project: + list: operation: - $ref: >- - #/paths/~1v1~1services~1{servicesId}~1{servicesId1}~1{servicesId2}~1tenancyUnits~1{tenancyUnitsId}:deleteProject/post + $ref: '#/paths/~1v1~1operations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.operations sqlVerbs: - select: [] - insert: - - $ref: >- - #/components/x-stackQL-resources/tenancy_units_project/methods/add_project + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' + insert: [] update: [] replace: [] delete: - - $ref: >- - #/components/x-stackQL-resources/tenancy_units_project/methods/remove_project - - $ref: >- - #/components/x-stackQL-resources/tenancy_units_project/methods/delete_project + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' paths: - /v1/operations/{operationsId}: + /v1/services/{servicesId}/{servicesId1}/{servicesId2}/tenancyUnits/{tenancyUnitsId}:addProject: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/_.xgafv' - get: + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/uploadType' + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: serviceconsumermanagement.operations.get + Add a new tenant project to the tenancy unit. There can be a maximum of + 1024 tenant projects in a tenancy unit. If there are previously failed + `AddTenantProject` calls, you might need to call `RemoveTenantProject` + first to resolve them before you can make another call to + `AddTenantProject` with the same tag. Operation. + operationId: serviceconsumermanagement.services.tenancyUnits.addProject + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AddTenantProjectRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4076,54 +4151,49 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: operationsId + name: servicesId required: true schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: serviceconsumermanagement.operations.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Empty' - parameters: - in: path - name: operationsId + name: servicesId1 required: true schema: type: string - /v1/operations/{operationsId}:cancel: + - in: path + name: servicesId2 + required: true + schema: + type: string + - in: path + name: tenancyUnitsId + required: true + schema: + type: string + /v1/services/{servicesId}/{servicesId1}/{servicesId2}/tenancyUnits/{tenancyUnitsId}:applyProjectConfig: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: serviceconsumermanagement.operations.cancel + Apply a configuration to an existing tenant project. This project must + exist in an active state and have the original owner account. The caller + must have permission to add a project to the given tenancy unit. The + configuration is applied, but any existing settings on the project + aren't modified. Specified policy bindings are applied. Existing + bindings aren't modified. Specified services are activated. No service + is deactivated. If specified, new billing configuration is applied. Omit + a billing configuration to keep the existing one. A service account in + the project is created if previously non existed. Specified labels will + be appended to tenant project, note that the value of existing label key + will be updated if the same label key is requested. The specified folder + is ignored, as moving a tenant project to a different folder isn't + supported. The operation fails if any of the steps fail, but no rollback + of already applied configuration changes is attempted. Operation. + operationId: serviceconsumermanagement.services.tenancyUnits.applyProjectConfig requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/ApplyTenantProjectConfigRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4135,89 +4205,48 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: operationsId + name: servicesId required: true schema: type: string - /v1/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: serviceconsumermanagement.operations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListOperationsResponse' - parameters: - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - /v1/services/{servicesId}:search: - parameters: *ref_1 - get: - description: Search tenancy units for a managed service. - operationId: serviceconsumermanagement.services.search - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/SearchTenancyUnitsResponse' - parameters: - in: path - name: servicesId + name: servicesId1 required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: query + - in: path + name: servicesId2 + required: true schema: type: string - - in: query - name: pageToken + - in: path + name: tenancyUnitsId + required: true schema: type: string - /v1/services/{servicesId}/{servicesId1}/{servicesId2}/tenancyUnits/{tenancyUnitsId}: + /v1/services/{servicesId}/{servicesId1}/{servicesId2}/tenancyUnits/{tenancyUnitsId}:attachProject: parameters: *ref_1 - delete: + post: description: >- - Delete a tenancy unit. Before you delete the tenancy unit, there should - be no tenant resources in it that aren't in a DELETED state. Operation. - operationId: serviceconsumermanagement.services.tenancyUnits.delete + Attach an existing project to the tenancy unit as a new tenant resource. + The project could either be the tenant project reserved by calling + `AddTenantProject` under a tenancy unit of a service producer's project + of a managed service, or from a separate project. The caller is checked + against a set of permissions as if calling `AddTenantProject` on the + same service consumer. To trigger the attachment, the targeted tenant + project must be in a folder. Make sure the ServiceConsumerManagement + service account is the owner of that project. These two requirements are + already met if the project is reserved by calling `AddTenantProject`. + Operation. + operationId: serviceconsumermanagement.services.tenancyUnits.attachProject + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AttachTenantProjectRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4251,16 +4280,23 @@ paths: required: true schema: type: string - /v1/services/{servicesId}/{servicesId1}/{servicesId2}/tenancyUnits: + /v1/services/{servicesId}/{servicesId1}/{servicesId2}/tenancyUnits/{tenancyUnitsId}:removeProject: parameters: *ref_1 - get: + post: description: >- - Find the tenancy unit for a managed service and service consumer. This - method shouldn't be used in a service producer's runtime path, for - example to find the tenant project number when creating VMs. Service - producers must persist the tenant project's information after the - project is created. - operationId: serviceconsumermanagement.services.tenancyUnits.list + Removes the specified project resource identified by a tenant resource + tag. The method removes the project lien with 'TenantManager' origin if + that was added. It then attempts to delete the project. If that + operation fails, this method also fails. Calls to remove already removed + or non-existent tenant project succeed. After the project has been + deleted, or if was already in a DELETED state, resource metadata is + permanently removed from the tenancy unit. Operation. + operationId: serviceconsumermanagement.services.tenancyUnits.removeProject + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RemoveTenantProjectRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4272,7 +4308,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTenancyUnitsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: servicesId @@ -4289,19 +4325,13 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: tenancyUnitsId + required: true schema: type: string + /v1/services/{servicesId}/{servicesId1}/{servicesId2}/tenancyUnits: + parameters: *ref_1 post: description: >- Creates a tenancy unit with no tenant resources. If tenancy unit already @@ -4342,30 +4372,14 @@ paths: required: true schema: type: string - /v1/services/{servicesId}/{servicesId1}/{servicesId2}/tenancyUnits/{tenancyUnitsId}:applyProjectConfig: - parameters: *ref_1 - post: + get: description: >- - Apply a configuration to an existing tenant project. This project must - exist in an active state and have the original owner account. The caller - must have permission to add a project to the given tenancy unit. The - configuration is applied, but any existing settings on the project - aren't modified. Specified policy bindings are applied. Existing - bindings aren't modified. Specified services are activated. No service - is deactivated. If specified, new billing configuration is applied. Omit - a billing configuration to keep the existing one. A service account in - the project is created if previously non existed. Specified labels will - be appended to tenant project, note that the value of existing label key - will be updated if the same label key is requested. The specified folder - is ignored, as moving a tenant project to a different folder isn't - supported. The operation fails if any of the steps fail, but no rollback - of already applied configuration changes is attempted. Operation. - operationId: serviceconsumermanagement.services.tenancyUnits.applyProjectConfig - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ApplyTenantProjectConfigRequest' + Find the tenancy unit for a managed service and service consumer. This + method shouldn't be used in a service producer's runtime path, for + example to find the tenant project number when creating VMs. Service + producers must persist the tenant project's information after the + project is created. + operationId: serviceconsumermanagement.services.tenancyUnits.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4377,7 +4391,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListTenancyUnitsResponse' parameters: - in: path name: servicesId @@ -4394,31 +4408,26 @@ paths: required: true schema: type: string - - in: path - name: tenancyUnitsId - required: true + - in: query + name: pageToken schema: type: string - /v1/services/{servicesId}/{servicesId1}/{servicesId2}/tenancyUnits/{tenancyUnitsId}:attachProject: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/services/{servicesId}/{servicesId1}/{servicesId2}/tenancyUnits/{tenancyUnitsId}: parameters: *ref_1 - post: + delete: description: >- - Attach an existing project to the tenancy unit as a new tenant resource. - The project could either be the tenant project reserved by calling - `AddTenantProject` under a tenancy unit of a service producer's project - of a managed service, or from a separate project. The caller is checked - against a set of permissions as if calling `AddTenantProject` on the - same service consumer. To trigger the attachment, the targeted tenant - project must be in a folder. Make sure the ServiceConsumerManagement - service account is the owner of that project. These two requirements are - already met if the project is reserved by calling `AddTenantProject`. - Operation. - operationId: serviceconsumermanagement.services.tenancyUnits.attachProject - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AttachTenantProjectRequest' + Delete a tenancy unit. Before you delete the tenancy unit, there should + be no tenant resources in it that aren't in a DELETED state. Operation. + operationId: serviceconsumermanagement.services.tenancyUnits.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4452,23 +4461,24 @@ paths: required: true schema: type: string - /v1/services/{servicesId}/{servicesId1}/{servicesId2}/tenancyUnits/{tenancyUnitsId}:removeProject: + /v1/services/{servicesId}/{servicesId1}/{servicesId2}/tenancyUnits/{tenancyUnitsId}:deleteProject: parameters: *ref_1 post: description: >- - Removes the specified project resource identified by a tenant resource - tag. The method removes the project lien with 'TenantManager' origin if - that was added. It then attempts to delete the project. If that - operation fails, this method also fails. Calls to remove already removed - or non-existent tenant project succeed. After the project has been - deleted, or if was already in a DELETED state, resource metadata is - permanently removed from the tenancy unit. Operation. - operationId: serviceconsumermanagement.services.tenancyUnits.removeProject + Deletes the specified project resource identified by a tenant resource + tag. The mothod removes a project lien with a 'TenantManager' origin if + that was added. It will then attempt to delete the project. If that + operation fails, this method also fails. After the project has been + deleted, the tenant resource state is set to DELETED. To permanently + remove resource metadata, call the `RemoveTenantProject` method. New + resources with the same tag can't be added if there are existing + resources in a DELETED state. Operation. + operationId: serviceconsumermanagement.services.tenancyUnits.deleteProject requestBody: content: application/json: schema: - $ref: '#/components/schemas/RemoveTenantProjectRequest' + $ref: '#/components/schemas/DeleteTenantProjectRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4550,21 +4560,11 @@ paths: required: true schema: type: string - /v1/services/{servicesId}/{servicesId1}/{servicesId2}/tenancyUnits/{tenancyUnitsId}:addProject: + /v1/services/{servicesId}:search: parameters: *ref_1 - post: - description: >- - Add a new tenant project to the tenancy unit. There can be a maximum of - 1024 tenant projects in a tenancy unit. If there are previously failed - `AddTenantProject` calls, you might need to call `RemoveTenantProject` - first to resolve them before you can make another call to - `AddTenantProject` with the same tag. Operation. - operationId: serviceconsumermanagement.services.tenancyUnits.addProject - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AddTenantProjectRequest' + get: + description: Search tenancy units for a managed service. + operationId: serviceconsumermanagement.services.search security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4576,46 +4576,96 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/SearchTenancyUnitsResponse' parameters: - in: path name: servicesId required: true schema: type: string - - in: path - name: servicesId1 - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: query schema: type: string + /v1/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: serviceconsumermanagement.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: - in: path - name: servicesId2 + name: operationsId required: true schema: type: string + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: serviceconsumermanagement.operations.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Empty' + parameters: - in: path - name: tenancyUnitsId + name: operationsId required: true schema: type: string - /v1/services/{servicesId}/{servicesId1}/{servicesId2}/tenancyUnits/{tenancyUnitsId}:deleteProject: + /v1/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Deletes the specified project resource identified by a tenant resource - tag. The mothod removes a project lien with a 'TenantManager' origin if - that was added. It will then attempt to delete the project. If that - operation fails, this method also fails. After the project has been - deleted, the tenant resource state is set to DELETED. To permanently - remove resource metadata, call the `RemoveTenantProject` method. New - resources with the same tag can't be added if there are existing - resources in a DELETED state. Operation. - operationId: serviceconsumermanagement.services.tenancyUnits.deleteProject + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: serviceconsumermanagement.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/DeleteTenantProjectRequest' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4627,25 +4677,47 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: servicesId + name: operationsId required: true schema: type: string - - in: path - name: servicesId1 - required: true + /v1/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: serviceconsumermanagement.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListOperationsResponse' + parameters: + - in: query + name: pageToken schema: type: string - - in: path - name: servicesId2 - required: true + - in: query + name: returnPartialSuccess schema: - type: string - - in: path - name: tenancyUnitsId - required: true + type: boolean + - in: query + name: filter schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 diff --git a/providers/src/googleapis.com/v00.00.00000/services/servicecontrol.yaml b/providers/src/googleapis.com/v00.00.00000/services/servicecontrol.yaml index 44158944..e093e7d3 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/servicecontrol.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/servicecontrol.yaml @@ -9,8 +9,8 @@ info: Provides admission control and telemetry reporting for services integrated with Service Infrastructure. version: v2 - x-discovery-doc-revision: '20250711' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251027' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/service-control/ servers: @@ -24,10 +24,10 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 + https://www.googleapis.com/auth/servicecontrol: Manage your Google Service Control data https://www.googleapis.com/auth/cloud-platform: >- See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account. - https://www.googleapis.com/auth/servicecontrol: Manage your Google Service Control data Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -37,11 +37,135 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: + Oauth: + type: object + properties: + clientId: + type: string + description: >- + The optional OAuth client ID. This is the unique public identifier + issued by an authorization server to a registered client + application. Empty string is equivalent to no oauth client id. + WARNING: This is for MCP tools/call and tools/list authorization and + not for general use. + description: This message defines attributes associated with OAuth credentials. + id: Oauth + AuditLog: + properties: + status: + description: The status of the overall operation. + $ref: '#/components/schemas/Status' + request: + description: >- + The operation request. This may not include all request parameters, + such as those that are too large, privacy-sensitive, or duplicated + elsewhere in the log record. It should never include user-generated + data, such as file contents. When the JSON object represented here + has a proto equivalent, the proto name will be indicated in the + `@type` property. + additionalProperties: + type: any + description: Properties of the object. + type: object + serviceName: + description: >- + The name of the API service performing the operation. For example, + `"compute.googleapis.com"`. + type: string + requestMetadata: + $ref: '#/components/schemas/RequestMetadata' + description: Metadata about the operation. + resourceLocation: + $ref: '#/components/schemas/ResourceLocation' + description: The resource location information. + policyViolationInfo: + $ref: '#/components/schemas/PolicyViolationInfo' + description: >- + Indicates the policy violations for this request. If the request is + denied by the policy, violation information will be logged here. + numResponseItems: + description: >- + The number of items returned from a List or Query API method, if + applicable. + type: string + format: int64 + response: + type: object + additionalProperties: + type: any + description: Properties of the object. + description: >- + The operation response. This may not include all response elements, + such as those that are too large, privacy-sensitive, or duplicated + elsewhere in the log record. It should never include user-generated + data, such as file contents. When the JSON object represented here + has a proto equivalent, the proto name will be indicated in the + `@type` property. + metadata: + type: object + description: >- + Other service-specific data about the request, response, and other + information associated with the current audited event. + additionalProperties: + type: any + description: Properties of the object. + methodName: + description: >- + The name of the service method or operation. For API calls, this + should be the name of the API method. For example, + "google.cloud.bigquery.v2.TableService.InsertTable" + "google.logging.v2.ConfigServiceV2.CreateSink" + type: string + authorizationInfo: + items: + $ref: '#/components/schemas/AuthorizationInfo' + type: array + description: >- + Authorization information. If there are multiple resources or + permissions involved, then there is one AuthorizationInfo element + for each {resource, permission} tuple. + resourceName: + description: >- + The resource or collection that is the target of the operation. The + name is a scheme-less URI, not including the API service name. For + example: "projects/PROJECT_ID/zones/us-central1-a/instances" + "projects/PROJECT_ID/datasets/DATASET_ID" + type: string + serviceData: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + Deprecated. Use the `metadata` field instead. Other service-specific + data about the request, response, and other activities. + type: object + deprecated: true + resourceOriginalState: + description: >- + The resource's original state before mutation. Present only for + operations which have successfully modified the targeted + resource(s). In general, this field should contain all changed + fields, except those that are already been included in `request`, + `response`, `metadata` or `service_data` fields. When the JSON + object represented here has a proto equivalent, the proto name will + be indicated in the `@type` property. + additionalProperties: + type: any + description: Properties of the object. + type: object + authenticationInfo: + description: Authentication information. + $ref: '#/components/schemas/AuthenticationInfo' + description: 'Common audit log format for Google Cloud Platform API operations. ' + type: object + id: AuditLog CheckRequest: - id: CheckRequest description: Request message for the Check method. - type: object + id: CheckRequest properties: + flags: + type: string + description: Optional. Contains a comma-separated list of flags. serviceConfigId: description: >- Specifies the version of the service configuration that should be @@ -54,197 +178,118 @@ components: service. $ref: '#/components/schemas/AttributeContext' resources: - description: Describes the resources and the policies applied to each resource. type: array items: $ref: '#/components/schemas/ResourceInfo' - flags: - description: Optional. Contains a comma-separated list of flags. - type: string - AttributeContext: - id: AttributeContext - description: >- - This message defines the standard attribute vocabulary for Google APIs. - An attribute is a piece of metadata that describes an activity on a - network service. For example, the size of an HTTP request, or the status - code of an HTTP response. Each attribute has a type and a name, which is - logically defined as a proto message field in `AttributeContext`. The - field type becomes the attribute type, and the field path becomes the - attribute name. For example, the attribute `source.ip` maps to field - `AttributeContext.source.ip`. This message definition is guaranteed not - to have any wire breaking change. So you can use it directly for passing - attributes across different systems. NOTE: Different system may generate - different subset of attributes. Please verify the system specification - before relying on an attribute generated a system. + description: Describes the resources and the policies applied to each resource. + type: object + OrgPolicyViolationInfo: + description: Represents OrgPolicy Violation information. + id: OrgPolicyViolationInfo type: object properties: - origin: - description: >- - The origin of a network activity. In a multi hop network activity, - the origin represents the sender of the first hop. For the first - hop, the `source` and the `origin` must have the same content. - $ref: '#/components/schemas/Peer' - source: + resourceTags: + additionalProperties: + type: string + deprecated: true description: >- - The source of a network activity, such as starting a TCP connection. - In a multi hop network activity, the source represents the sender of - the last hop. - $ref: '#/components/schemas/Peer' - destination: + Optional. Deprecated. Tags referenced on the resource at the time of + evaluation. + type: object + payload: + additionalProperties: + description: Properties of the object. + type: any + type: object description: >- - The destination of a network activity, such as accepting a TCP - connection. In a multi hop network activity, the destination - represents the receiver of the last hop. - $ref: '#/components/schemas/Peer' - request: - description: Represents a network request, such as an HTTP request. - $ref: '#/components/schemas/Request' - response: - description: Represents a network response, such as an HTTP response. - $ref: '#/components/schemas/Response' - resource: + Optional. Deprecated. Resource payload that is currently in scope + and is subjected to orgpolicy conditions. This payload may be the + subset of the actual Resource that may come in the request. + deprecated: true + resourceType: + type: string description: >- - Represents a target resource that is involved with a network - activity. If multiple resources are involved with an activity, this - must be the primary one. - $ref: '#/components/schemas/Resource' - api: - description: Represents an API operation that is involved to a network activity. - $ref: '#/components/schemas/Api' - extensions: + Optional. Resource type that the orgpolicy is checked against. + Example: compute.googleapis.com/Instance, + store.googleapis.com/bucket + violationInfo: + type: array + description: Optional. Policy violations + items: + $ref: '#/components/schemas/ViolationInfo' + ResourceLocation: + properties: + originalLocations: description: >- - Supports extensions for advanced use cases, such as logs and - metrics. + The locations of a resource prior to the execution of the operation. + Requests that mutate the resource's location must populate both the + 'original_locations' as well as the 'current_locations' fields. For + example: "europe-west1-a" "us-east1" "nam3" type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Peer: - id: Peer - description: >- - This message defines attributes for a node that handles a network - request. The node can be either a service or an application that sends, - forwards, or receives the request. Service peers should fill in - `principal` and `labels` as appropriate. + type: string + currentLocations: + description: >- + The locations of a resource after the execution of the operation. + Requests to create or delete a location based resource must populate + the 'current_locations' field and not the 'original_locations' + field. For example: "europe-west1-a" "us-east1" "nam3" + items: + type: string + type: array type: object + description: Location information about a resource. + id: ResourceLocation + ServiceMetadata: properties: - ip: - description: The IP address of the peer. - type: string - port: - description: The network port of the peer. - type: string - format: int64 - labels: - description: The labels associated with the peer. + jobMetadata: type: object additionalProperties: - type: string - principal: + type: any + description: Properties of the object. description: >- - The identity of this peer. Similar to `Request.auth.principal`, but - relative to the peer instead of the request. For example, the - identity associated with a load balancer that forwarded the request. + Additional metadata provided by service teams to describe service + specific job information that was triggered by the original + principal. + principalSubject: type: string - regionCode: - description: >- - The CLDR country/region code associated with the above IP address. - If the IP address is private, the `region_code` should reflect the - physical location where this peer is running. - type: string - Request: - id: Request - description: >- - This message defines attributes for an HTTP request. If the actual - request is not an HTTP request, the runtime system should try to map the - actual request to an equivalent HTTP request. - type: object - properties: - id: - description: >- - The unique ID for a request, which can be propagated to downstream - systems. The ID should have low probability of collision within a - single day for a specific service. - type: string - method: - description: The HTTP request method, such as `GET`, `POST`. - type: string - headers: - description: >- - The HTTP request headers. If multiple headers share the same key, - they must be merged according to the HTTP spec. All header keys must - be lowercased, because HTTP header keys are case-insensitive. - type: object - additionalProperties: - type: string - path: - description: The HTTP URL path, excluding the query parameters. - type: string - host: - description: The HTTP request `Host` header value. - type: string - scheme: - description: The HTTP URL scheme, such as `http` and `https`. - type: string - query: - description: >- - The HTTP URL query in the format of `name1=value1&name2=value2`, as - it appears in the first line of the HTTP request. No decoding is - performed. - type: string - time: - description: >- - The timestamp when the `destination` service receives the last byte - of the request. - type: string - format: google-datetime - size: - description: The HTTP request size in bytes. If unknown, it must be -1. - type: string - format: int64 - protocol: - description: >- - The network protocol used with the request, such as "http/1.1", - "spdy/3", "h2", "h2c", "webrtc", "tcp", "udp", "quic". See - https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids - for details. - type: string - reason: description: >- - A special parameter for request reason. It is used by security - systems to associate auditing information with a request. + A string representing the principal_subject associated with the + identity. For most identities, the format will be + `principal://iam.googleapis.com/{identity pool + name}/subject/{subject)` except for some GKE identities + (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the + legacy format `serviceAccount:{identity pool name}[{subject}]` If + the identity is a Google account (e.g. workspace user account or + service account), this will be the email of the prefixed by + `serviceAccount:`. For example: + `serviceAccount:my-service-account@project-1.iam.gserviceaccount.com`. + If the identity is an individual user, the identity will be + formatted as: `user:user_ABC@email.com`. + serviceDomain: type: string - auth: description: >- - The request authentication. May be absent for unauthenticated - requests. Derived from the HTTP request `Authorization` header or - equivalent. - $ref: '#/components/schemas/Auth' - origin: - description: >- - The values from Origin header from the HTTP request, such as - "https://console.cloud.google.com". Modern browsers can only have - one origin. Special browsers and/or HTTP clients may require - multiple origins. - type: string - Auth: - id: Auth - description: >- - This message defines request authentication attributes. Terminology is - based on the JSON Web Token (JWT) standard, but the terms also correlate - to concepts in other standards. + The service's fully qualified domain name, e.g. + "dataproc.googleapis.com". type: object + id: ServiceMetadata + description: >- + Metadata describing the service and additional service specific + information used to identify the job or unit of work at hand. + Auth: properties: - principal: + accessLevels: + type: array description: >- - The authenticated principal. Reflects the issuer (`iss`) and subject - (`sub`) claims within a JWT. The issuer and subject should be `/` - delimited, with `/` percent-encoded within the subject fragment. For - Google accounts, the principal format is: - "https://accounts.google.com/{id}" - type: string + A list of access level resource names that allow resources to be + accessed by authenticated requester. It is part of Secure GCP + processing for the incoming request. An access level string has the + format: + "//{api_service_name}/accessPolicies/{policy_id}/accessLevels/{short_name}" + Example: + "//accesscontextmanager.googleapis.com/accessPolicies/MY_POLICY_ID/accessLevels/MY_LEVEL" + items: + type: string audiences: description: >- The intended audience(s) for this authentication information. @@ -258,9 +303,9 @@ components: The client id of an app, such as the Firebase project id for JWTs from Firebase Auth. Consult the documentation for the credential issuer to determine the information provided. - type: array items: type: string + type: array presenter: description: >- The authorized presenter of the credential. Reflects the optional @@ -268,7 +313,19 @@ components: id. For example, a Google Cloud Platform client id looks as follows: "123456789012.apps.googleusercontent.com". type: string + oauth: + $ref: '#/components/schemas/Oauth' + description: Attributes of the OAuth token associated with the request. + principal: + type: string + description: >- + The authenticated principal. Reflects the issuer (`iss`) and subject + (`sub`) claims within a JWT. The issuer and subject should be `/` + delimited, with `/` percent-encoded within the subject fragment. For + Google accounts, the principal format is: + "https://accounts.google.com/{id}" claims: + type: object description: >- Structured claims presented with the credential. JWTs include `{key: value}` pairs for standard and private claims. The following is a @@ -280,188 +337,223 @@ components: 'jsmith@example.com', 'iat': 1353601026, 'exp': 1353604926} SAML assertions are similarly specified, but with an identity provider dependent structure. - type: object additionalProperties: - type: any description: Properties of the object. - accessLevels: + type: any + id: Auth + type: object + description: >- + This message defines request authentication attributes. Terminology is + based on the JSON Web Token (JWT) standard, but the terms also correlate + to concepts in other standards. + ServiceDelegationHistory: + id: ServiceDelegationHistory + description: >- + The history of delegation across multiple services as the result of the + original user's action. Such as "service A uses its own account to do + something for user B". This differs from ServiceAccountDelegationInfo, + which only tracks the history of direct token exchanges (impersonation). + type: object + properties: + serviceMetadata: description: >- - A list of access level resource names that allow resources to be - accessed by authenticated requester. It is part of Secure GCP - processing for the incoming request. An access level string has the - format: - "//{api_service_name}/accessPolicies/{policy_id}/accessLevels/{short_name}" - Example: - "//accesscontextmanager.googleapis.com/accessPolicies/MY_POLICY_ID/accessLevels/MY_LEVEL" + Data identifying the service specific jobs or units of work that + were involved in a chain of service calls. type: array items: - type: string - Response: - id: Response - description: >- - This message defines attributes for a typical network response. It - generally models semantics of an HTTP response. - type: object + $ref: '#/components/schemas/ServiceMetadata' + originalPrincipal: + description: The original end user who initiated the request to GCP. + type: string + Request: properties: - code: - description: The HTTP response status code, such as `200` and `404`. + scheme: + description: The HTTP URL scheme, such as `http` and `https`. type: string - format: int64 - size: - description: The HTTP response size in bytes. If unknown, it must be -1. + auth: + description: >- + The request authentication. May be absent for unauthenticated + requests. Derived from the HTTP request `Authorization` header or + equivalent. + $ref: '#/components/schemas/Auth' + query: + description: >- + The HTTP URL query in the format of `name1=value1&name2=value2`, as + it appears in the first line of the HTTP request. No decoding is + performed. type: string - format: int64 + protocol: + type: string + description: >- + The network protocol used with the request, such as "http/1.1", + "spdy/3", "h2", "h2c", "webrtc", "tcp", "udp", "quic". See + https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids + for details. + origin: + type: string + description: >- + The values from Origin header from the HTTP request, such as + "https://console.cloud.google.com". Modern browsers can only have + one origin. Special browsers and/or HTTP clients may require + multiple origins. + host: + description: The HTTP request `Host` header value. + type: string + id: + type: string + description: >- + The unique ID for a request, which can be propagated to downstream + systems. The ID should have low probability of collision within a + single day for a specific service. headers: description: >- - The HTTP response headers. If multiple headers share the same key, - they must be merged according to HTTP spec. All header keys must be - lowercased, because HTTP header keys are case-insensitive. - type: object + The HTTP request headers. If multiple headers share the same key, + they must be merged according to the HTTP spec. All header keys must + be lowercased, because HTTP header keys are case-insensitive. additionalProperties: type: string + type: object + path: + description: The HTTP URL path, excluding the query parameters. + type: string time: description: >- - The timestamp when the `destination` service sends the last byte of - the response. - type: string + The timestamp when the `destination` service receives the last byte + of the request. format: google-datetime - backendLatency: + type: string + size: + format: int64 + type: string + description: The HTTP request size in bytes. If unknown, it must be -1. + reason: + type: string description: >- - The amount of time it takes the backend service to fully respond to - a request. Measured from when the destination service starts to send - the request to the backend until when the destination service - receives the complete response from the backend. + A special parameter for request reason. It is used by security + systems to associate auditing information with a request. + method: + description: The HTTP request method, such as `GET`, `POST`. type: string - format: google-duration - Resource: - id: Resource description: >- - This message defines core attributes for a resource. A resource is an - addressable (named) entity provided by the destination service. For - example, a file stored on a network storage service. - type: object - properties: - service: - description: >- - The name of the service that this resource belongs to, such as - `pubsub.googleapis.com`. The service may be different from the DNS - hostname that actually serves the request. - type: string - name: + This message defines attributes for an HTTP request. If the actual + request is not an HTTP request, the runtime system should try to map the + actual request to an equivalent HTTP request. + type: object + id: Request + V2LogEntryOperation: + properties: + first: description: >- - The stable identifier (name) of a resource on the `service`. A - resource can be logically identified as - "//{resource.service}/{resource.name}". The differences between a - resource name and a URI are: * Resource name is a logical - identifier, independent of network protocol and API version. For - example, `//pubsub.googleapis.com/projects/123/topics/news-feed`. * - URI often includes protocol and version information, so it can be - used directly by applications. For example, - `https://pubsub.googleapis.com/v1/projects/123/topics/news-feed`. - See https://cloud.google.com/apis/design/resource_names for details. - type: string - type: + Optional. Set this to True if this is the first log entry in the + operation. + type: boolean + producer: description: >- - The type of the resource. The syntax is platform-specific because - different platforms define their resources differently. For Google - APIs, the type format must be "{service}/{kind}", such as - "pubsub.googleapis.com/Topic". + Optional. An arbitrary producer identifier. The combination of `id` + and `producer` must be globally unique. Examples for `producer`: + `"MyDivision.MyBigCompany.com"`, + `"github.com/MyProject/MyApplication"`. type: string - labels: + last: description: >- - The labels or tags on the resource, such as AWS resource tags and - Kubernetes resource labels. - type: object - additionalProperties: - type: string - uid: + Optional. Set this to True if this is the last log entry in the + operation. + type: boolean + id: description: >- - The unique identifier of the resource. UID is unique in the time and - space for this resource within the scope of the service. It is - typically generated by the server on successful creation of a - resource and must not be changed. UID is used to uniquely identify - resources with resource name reuses. This should be a UUID4. + Optional. An arbitrary operation identifier. Log entries with the + same identifier are assumed to be part of the same operation. type: string - annotations: + id: V2LogEntryOperation + description: >- + Additional information about a potentially long-running operation with + which a log entry is associated. + type: object + AuthenticationInfo: + description: Authentication information for the operation. + type: object + id: AuthenticationInfo + properties: + authoritySelector: description: >- - Annotations is an unstructured key-value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. They are not queryable and should be preserved when - modifying objects. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ - type: object - additionalProperties: - type: string - displayName: - description: Mutable. The display name set by clients. Must be <= 63 characters. + The authority selector specified by the requestor, if any. It is not + guaranteed that the principal was allowed to use this authority. type: string - createTime: + serviceDelegationHistory: + $ref: '#/components/schemas/ServiceDelegationHistory' description: >- - Output only. The timestamp when the resource was created. This may - be either the time creation was initiated or when it was completed. - type: string - format: google-datetime - updateTime: + Records the history of delegated resource access across Google + services. + serviceAccountDelegationInfo: description: >- - Output only. The timestamp when the resource was last updated. Any - change to the resource made by users must refresh this value. - Changes to a resource made by the service should refresh this value. - type: string - format: google-datetime - deleteTime: + Identity delegation history of an authenticated service account that + makes the request. It contains information on the real authorities + that try to access GCP resources by delegating on a service account. + When multiple authorities present, they are guaranteed to be sorted + based on the original ordering of the identity delegation events. + items: + $ref: '#/components/schemas/ServiceAccountDelegationInfo' + type: array + principalSubject: description: >- - Output only. The timestamp when the resource was deleted. If the - resource is not deleted, this must be empty. + String representation of identity of requesting party. Populated for + both first and third party identities. type: string - format: google-datetime - etag: - description: >- - Output only. An opaque value that uniquely identifies a version or - generation of a resource. It can be used to confirm that the client - and server agree on the ordering of a resource being written. + principalEmail: type: string - location: description: >- - Immutable. The location of the resource. The location encoding is - specific to the service provider, and new encoding may be introduced - as the service evolves. For Google Cloud products, the encoding is - what is used by Google Cloud APIs, such as `us-east1`, - `aws-us-east-1`, and `azure-eastus2`. The semantics of `location` is - identical to the `cloud.googleapis.com/location` label used by some - Google Cloud APIs. - type: string - Api: - id: Api - description: >- - This message defines attributes associated with API operations, such as - a network API request. The terminology is based on the conventions used - by Google APIs, Istio, and OpenAPI. - type: object - properties: - service: + The email address of the authenticated user (or service account on + behalf of third party principal) making the request. For third party + identity callers, the `principal_subject` field is populated instead + of this field. For privacy reasons, the principal email address is + sometimes redacted. For more information, see [Caller identities in + audit logs](https://cloud.google.com/logging/docs/audit#user-id). + serviceAccountKeyName: description: >- - The API service name. It is a logical identifier for a networked - API, such as "pubsub.googleapis.com". The naming syntax depends on - the API management system being used for handling the request. + The name of the service account key used to create or exchange + credentials for authenticating the service account making the + request. This is a scheme-less URI full resource name. For example: + "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}" type: string - operation: + loggableShortLivedCredential: description: >- - The API operation name. For gRPC requests, it is the fully qualified - API method name, such as "google.pubsub.v1.Publisher.Publish". For - OpenAPI requests, it is the `operationId`, such as "getPet". - type: string - protocol: + Converted from + "identity_cloudgaia.AuditLoggableShortLivedCredential" proto. This + message will be used by security, detection and response team. For + context please refer to go/cg:short-lived-credential-logging. When + the JSON object represented here has a proto equivalent, the proto + name will be indicated in the `@type` property. + type: object + additionalProperties: + type: any + description: Properties of the object. + oauthInfo: + description: OAuth authentication information such as the OAuth client ID. + $ref: '#/components/schemas/OAuthInfo' + thirdPartyPrincipal: + additionalProperties: + type: any + description: Properties of the object. + type: object description: >- - The API protocol used for sending the request, such as "http", - "https", "grpc", or "internal". - type: string - version: + The third party identification (if any) of the authenticated user + making the request. When the JSON object represented here has a + proto equivalent, the proto name will be indicated in the `@type` + property. + ReportResponse: + description: Response message for the Report method. + type: object + id: ReportResponse + properties: + extensions: description: >- - The API version associated with the API operation above, such as - "v1" or "v1alpha1". - type: string + The extension field to store serialized OTel responses. e.g. + ExportLogsServiceResponse, ExportMetricsServiceResponse. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object ResourceInfo: - id: ResourceInfo description: Describes a resource referenced in the request. type: object properties: @@ -477,537 +569,442 @@ components: "{service}/{plural}.{verb}". type: string container: + type: string description: >- Optional. The identifier of the container of this resource. For Google Cloud APIs, the resource container must be one of the following formats: - `projects/` - `folders/` - `organizations/` Required for the policy enforcement on the container level (e.g. VPCSC, Location Policy check, Org Policy check). - type: string location: description: >- Optional. The location of the resource, it must be a valid zone, region or multiregion, for example: "europe-west4", "northamerica-northeast1-a". Required for location policy check. type: string - CheckResponse: - id: CheckResponse - description: Response message for the Check method. + id: ResourceInfo + FirstPartyPrincipal: + id: FirstPartyPrincipal type: object + description: First party identity principal. properties: - status: - description: >- - Operation is allowed when this field is not set. Any non-'OK' status - indicates a denial; google.rpc.Status.details would contain - additional details about the denial. - $ref: '#/components/schemas/Status' - headers: - description: Returns a set of request contexts generated from the `CheckRequest`. - type: object - additionalProperties: - type: string - dynamicMetadata: - description: >- - Optional response metadata that will be emitted as dynamic metadata - to be consumed by the caller of ServiceController. For compatibility - with the ext_authz interface. - type: object + serviceMetadata: additionalProperties: type: any description: Properties of the object. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object + description: Metadata about the service that uses the service account. . + type: object + principalEmail: + description: The email address of a Google account. . + type: string + V2HttpRequest: properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + responseSize: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + The size of the HTTP response message sent back to the client, in + bytes, including the response headers and the response body. + type: string + format: int64 + requestMethod: + description: 'The request method. Examples: `"GET"`, `"HEAD"`, `"PUT"`, `"POST"`.' + type: string + userAgent: type: string - details: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ReportRequest: - id: ReportRequest - description: Request message for the Report method. - type: object - properties: - serviceConfigId: + The user agent sent by the client. Example: `"Mozilla/4.0 + (compatible; MSIE 6.0; Windows 98; Q312461; .NET CLR 1.0.3705)"`. + status: description: >- - Specifies the version of the service configuration that should be - used to process the request. Must not be empty. Set this field to - 'latest' to specify using the latest configuration. - type: string - operations: + The response code indicating the status of the response. Examples: + 200, 404. + type: integer + format: int32 + cacheLookup: + type: boolean + description: Whether or not a cache lookup was attempted. + protocol: description: >- - Describes the list of operations to be reported. Each operation is - represented as an AttributeContext, and contains all attributes - around an API access. - type: array - items: - $ref: '#/components/schemas/AttributeContext' - ReportResponse: - id: ReportResponse - description: Response message for the Report method. - type: object - properties: - extensions: + Protocol used for the request. Examples: "HTTP/1.1", "HTTP/2", + "websocket" + type: string + latency: + type: string description: >- - The extension field to store serialized OTel responses. e.g. - ExportLogsServiceResponse, ExportMetricsServiceResponse. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - AuditLog: - id: AuditLog - description: 'Common audit log format for Google Cloud Platform API operations. ' - type: object - properties: - serviceName: + The request processing latency on the server, from the time the + request was received until the response was sent. + format: google-duration + serverIp: description: >- - The name of the API service performing the operation. For example, - `"compute.googleapis.com"`. + The IP address (IPv4 or IPv6) of the origin server that the request + was sent to. type: string - methodName: + requestSize: description: >- - The name of the service method or operation. For API calls, this - should be the name of the API method. For example, - "google.cloud.bigquery.v2.TableService.InsertTable" - "google.logging.v2.ConfigServiceV2.CreateSink" + The size of the HTTP request message in bytes, including the request + headers and the request body. type: string - resourceName: + format: int64 + cacheHit: + type: boolean description: >- - The resource or collection that is the target of the operation. The - name is a scheme-less URI, not including the API service name. For - example: "projects/PROJECT_ID/zones/us-central1-a/instances" - "projects/PROJECT_ID/datasets/DATASET_ID" + Whether or not an entity was served from cache (with or without + validation). + cacheFillBytes: + description: >- + The number of HTTP response bytes inserted into cache. Set only when + a cache fill was attempted. type: string - resourceLocation: - description: The resource location information. - $ref: '#/components/schemas/ResourceLocation' - resourceOriginalState: + format: int64 + remoteIp: description: >- - The resource's original state before mutation. Present only for - operations which have successfully modified the targeted - resource(s). In general, this field should contain all changed - fields, except those that are already been included in `request`, - `response`, `metadata` or `service_data` fields. When the JSON - object represented here has a proto equivalent, the proto name will - be indicated in the `@type` property. - type: object - additionalProperties: - type: any - description: Properties of the object. - numResponseItems: + The IP address (IPv4 or IPv6) of the client that issued the HTTP + request. Examples: `"192.168.1.1"`, `"FE80::0202:B3FF:FE1E:8329"`. + type: string + requestUrl: description: >- - The number of items returned from a List or Query API method, if - applicable. + The scheme (http, https), the host name, the path, and the query + portion of the URL that was requested. Example: + `"http://example.com/some/info?color=red"`. type: string - format: int64 - status: - description: The status of the overall operation. - $ref: '#/components/schemas/Status' - authenticationInfo: - description: Authentication information. - $ref: '#/components/schemas/AuthenticationInfo' - authorizationInfo: + referer: description: >- - Authorization information. If there are multiple resources or - permissions involved, then there is one AuthorizationInfo element - for each {resource, permission} tuple. - type: array - items: - $ref: '#/components/schemas/AuthorizationInfo' - policyViolationInfo: + The referer URL of the request, as defined in [HTTP/1.1 Header Field + Definitions](https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html). + type: string + cacheValidatedWithOriginServer: description: >- - Indicates the policy violations for this request. If the request is - denied by the policy, violation information will be logged here. - $ref: '#/components/schemas/PolicyViolationInfo' - requestMetadata: - description: Metadata about the operation. - $ref: '#/components/schemas/RequestMetadata' - request: + Whether or not the response was validated with the origin server + before being served from cache. This field is only meaningful if + `cache_hit` is True. + type: boolean + description: >- + A common proto for logging HTTP requests. Only contains semantics + defined by the HTTP specification. Product-specific logging information + MUST be defined in a separate message. + type: object + id: V2HttpRequest + V2LogEntry: + description: An individual log entry. + type: object + id: V2LogEntry + properties: + textPayload: + description: The log entry payload, represented as a Unicode string (UTF-8). + type: string + labels: description: >- - The operation request. This may not include all request parameters, - such as those that are too large, privacy-sensitive, or duplicated - elsewhere in the log record. It should never include user-generated - data, such as file contents. When the JSON object represented here - has a proto equivalent, the proto name will be indicated in the - `@type` property. - type: object + A set of user-defined (key, value) data that provides additional + information about the log entry. additionalProperties: - type: any - description: Properties of the object. - response: - description: >- - The operation response. This may not include all response elements, - such as those that are too large, privacy-sensitive, or duplicated - elsewhere in the log record. It should never include user-generated - data, such as file contents. When the JSON object represented here - has a proto equivalent, the proto name will be indicated in the - `@type` property. + type: string type: object - additionalProperties: - type: any - description: Properties of the object. - metadata: + sourceLocation: description: >- - Other service-specific data about the request, response, and other - information associated with the current audited event. + Optional. Source code location information associated with the log + entry, if any. + $ref: '#/components/schemas/V2LogEntrySourceLocation' + timestamp: + format: google-datetime + description: >- + The time the event described by the log entry occurred. If omitted, + defaults to operation start time. + type: string + structPayload: type: object + description: >- + The log entry payload, represented as a structure that is expressed + as a JSON object. additionalProperties: - type: any description: Properties of the object. - serviceData: + type: any + operation: description: >- - Deprecated. Use the `metadata` field instead. Other service-specific - data about the request, response, and other activities. - deprecated: true - type: object + Optional. Information about an operation associated with the log + entry, if applicable. + $ref: '#/components/schemas/V2LogEntryOperation' + insertId: + type: string + description: >- + A unique ID for the log entry used for deduplication. If omitted, + the implementation will generate one based on operation_id. + httpRequest: + description: >- + Optional. Information about the HTTP request associated with this + log entry, if applicable. + $ref: '#/components/schemas/V2HttpRequest' + protoPayload: additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - ResourceLocation: - id: ResourceLocation - description: Location information about a resource. - type: object - properties: - currentLocations: + type: object description: >- - The locations of a resource after the execution of the operation. - Requests to create or delete a location based resource must populate - the 'current_locations' field and not the 'original_locations' - field. For example: "europe-west1-a" "us-east1" "nam3" - type: array - items: - type: string - originalLocations: + The log entry payload, represented as a protocol buffer that is + expressed as a JSON object. The only accepted type currently is + AuditLog. + severity: description: >- - The locations of a resource prior to the execution of the operation. - Requests that mutate the resource's location must populate both the - 'original_locations' as well as the 'current_locations' fields. For - example: "europe-west1-a" "us-east1" "nam3" - type: array - items: + The severity of the log entry. The default value is + `LogSeverity.DEFAULT`. + enum: + - DEFAULT + - DEBUG + - INFO + - NOTICE + - WARNING + - ERROR + - CRITICAL + - ALERT + - EMERGENCY + type: string + enumDescriptions: + - (0) The log entry has no assigned severity level. + - (100) Debug or trace information. + - (200) Routine information, such as ongoing status or performance. + - >- + (300) Normal but significant events, such as start up, shut down, + or a configuration change. + - (400) Warning events might cause problems. + - (500) Error events are likely to cause problems. + - (600) Critical events cause more severe problems or outages. + - (700) A person must take an action immediately. + - (800) One or more systems are unusable. + monitoredResourceLabels: + description: >- + A set of user-defined (key, value) data that provides additional + information about the moniotored resource that the log entry belongs + to. + additionalProperties: type: string - AuthenticationInfo: - id: AuthenticationInfo - description: Authentication information for the operation. - type: object - properties: - principalEmail: + type: object + name: description: >- - The email address of the authenticated user (or service account on - behalf of third party principal) making the request. For third party - identity callers, the `principal_subject` field is populated instead - of this field. For privacy reasons, the principal email address is - sometimes redacted. For more information, see [Caller identities in - audit logs](https://cloud.google.com/logging/docs/audit#user-id). + Required. The log to which this log entry belongs. Examples: + `"syslog"`, `"book_log"`. type: string - authoritySelector: + trace: description: >- - The authority selector specified by the requestor, if any. It is not - guaranteed that the principal was allowed to use this authority. + Optional. Resource name of the trace associated with the log entry, + if any. If this field contains a relative resource name, you can + assume the name is relative to `//tracing.googleapis.com`. Example: + `projects/my-projectid/traces/06796866738c859f2f19b7cfb3214824` type: string - thirdPartyPrincipal: + V2ResourceEvent: + properties: + payload: description: >- - The third party identification (if any) of the authenticated user - making the request. When the JSON object represented here has a - proto equivalent, the proto name will be indicated in the `@type` - property. - type: object + The payload contains metadata associated with the resource event. A + ResourceEventPayloadStatus is provided instead if the original + payload cannot be returned due to a limitation (e.g. size limit). additionalProperties: + description: Properties of the object. Contains field @type with type URL. type: any - description: Properties of the object. - serviceAccountKeyName: - description: >- - The name of the service account key used to create or exchange - credentials for authenticating the service account making the - request. This is a scheme-less URI full resource name. For example: - "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}" + type: object + parent: + $ref: '#/components/schemas/Resource' + description: The parent resource for the resource. + resource: + $ref: '#/components/schemas/Resource' + description: The resource associated with the event. + path: + enumDescriptions: + - Default value. Do not use. + - The request path. + - The response path. type: string - serviceAccountDelegationInfo: + enum: + - API_PATH_UNSPECIFIED + - REQUEST + - RESPONSE description: >- - Identity delegation history of an authenticated service account that - makes the request. It contains information on the real authorities - that try to access GCP resources by delegating on a service account. - When multiple authorities present, they are guaranteed to be sorted - based on the original ordering of the identity delegation events. - type: array - items: - $ref: '#/components/schemas/ServiceAccountDelegationInfo' - principalSubject: + The api path the resource event was created in. This should match + the source of the `payload` field. For direct integrations with + Chemist, this should generally be the RESPONSE. + go/resource-event-pipeline-type + type: description: >- - String representation of identity of requesting party. Populated for - both first and third party identities. + The resource event type determines how the backend service should + process the event. + enumDescriptions: + - >- + The resource event type is unclear. We do not expect any events to + fall into this category. + - The resource is created/inserted. + - The resource is updated. + - The resource is deleted. + - The resource is un-deleted. + enum: + - TYPE_UNSPECIFIED + - CREATE + - UPDATE + - DELETE + - UNDELETE + type: string + contextId: type: string - serviceDelegationHistory: description: >- - Records the history of delegated resource access across Google - services. - $ref: '#/components/schemas/ServiceDelegationHistory' - ServiceAccountDelegationInfo: - id: ServiceAccountDelegationInfo - description: Identity delegation history of an authenticated service account. - type: object - properties: - principalSubject: + The ESF unique context id of the api request, from which this + resource event originated. This field is only needed for CAIS + integration via api annotation. See go/cais-lro-delete for more + details. + format: int64 + destinations: description: >- - A string representing the principal_subject associated with the - identity. For most identities, the format will be - `principal://iam.googleapis.com/{identity pool - name}/subject/{subject)` except for some GKE identities - (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the - legacy format `serviceAccount:{identity pool name}[{subject}]` + The destinations field determines which backend services should + handle the event. This should be specified as a comma-delimited + string. type: string - firstPartyPrincipal: - description: First party (Google) identity as the real authority. - $ref: '#/components/schemas/FirstPartyPrincipal' - thirdPartyPrincipal: - description: Third party identity as the real authority. - $ref: '#/components/schemas/ThirdPartyPrincipal' - FirstPartyPrincipal: - id: FirstPartyPrincipal - description: First party identity principal. type: object - properties: - principalEmail: - description: The email address of a Google account. . - type: string - serviceMetadata: - description: Metadata about the service that uses the service account. . - type: object - additionalProperties: - type: any - description: Properties of the object. + description: >- + Report v2 extension proto for passing the resource metadata associated + with a resource create/update/delete/undelete event from ESF to Chemist. + ResourceEvent proto should be serialized into the + ReportRequest.operations.extensions. + id: V2ResourceEvent ThirdPartyPrincipal: - id: ThirdPartyPrincipal description: Third party identity principal. type: object properties: thirdPartyClaims: - description: Metadata about third party identity. - type: object additionalProperties: type: any description: Properties of the object. - ServiceDelegationHistory: - id: ServiceDelegationHistory - description: >- - The history of delegation across multiple services as the result of the - original user's action. Such as "service A uses its own account to do - something for user B". This differs from ServiceAccountDelegationInfo, - which only tracks the history of direct token exchanges (impersonation). + description: Metadata about third party identity. + type: object + id: ThirdPartyPrincipal + Api: type: object + id: Api properties: - originalPrincipal: - description: The original end user who initiated the request to GCP. + version: + description: >- + The API version associated with the API operation above, such as + "v1" or "v1alpha1". + type: string + protocol: type: string - serviceMetadata: description: >- - Data identifying the service specific jobs or units of work that - were involved in a chain of service calls. - type: array - items: - $ref: '#/components/schemas/ServiceMetadata' - ServiceMetadata: - id: ServiceMetadata - description: >- - Metadata describing the service and additional service specific - information used to identify the job or unit of work at hand. - type: object - properties: - principalSubject: + The API protocol used for sending the request, such as "http", + "https", "grpc", or "internal". + operation: description: >- - A string representing the principal_subject associated with the - identity. For most identities, the format will be - `principal://iam.googleapis.com/{identity pool - name}/subject/{subject)` except for some GKE identities - (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the - legacy format `serviceAccount:{identity pool name}[{subject}]` If - the identity is a Google account (e.g. workspace user account or - service account), this will be the email of the prefixed by - `serviceAccount:`. For example: - `serviceAccount:my-service-account@project-1.iam.gserviceaccount.com`. - If the identity is an individual user, the identity will be - formatted as: `user:user_ABC@email.com`. + The API operation name. For gRPC requests, it is the fully qualified + API method name, such as "google.pubsub.v1.Publisher.Publish". For + OpenAPI requests, it is the `operationId`, such as "getPet". type: string - serviceDomain: + service: description: >- - The service's fully qualified domain name, e.g. - "dataproc.googleapis.com". + The API service name. It is a logical identifier for a networked + API, such as "pubsub.googleapis.com". The naming syntax depends on + the API management system being used for handling the request. type: string - jobMetadata: - description: >- - Additional metadata provided by service teams to describe service - specific job information that was triggered by the original - principal. - type: object - additionalProperties: - type: any - description: Properties of the object. - AuthorizationInfo: - id: AuthorizationInfo - description: Authorization information for the operation. + description: >- + This message defines attributes associated with API operations, such as + a network API request. The terminology is based on the conventions used + by Google APIs, Istio, and OpenAPI. + OAuthInfo: type: object + description: OAuth related information about the request. + id: OAuthInfo properties: - resource: + oauthClientId: description: >- - The resource being accessed, as a REST-style or cloud resource - string. For example: - bigquery.googleapis.com/projects/PROJECTID/datasets/DATASETID or - projects/PROJECTID/datasets/DATASETID - type: string - permission: - description: The required IAM permission. + The OAuth client ID of the 1P or 3P application acting on behalf of + the user. type: string - granted: - description: >- - Whether or not authorization for `resource` and `permission` was - granted. - type: boolean - resourceAttributes: + ReportRequest: + type: object + id: ReportRequest + properties: + operations: description: >- - Resource attributes used in IAM condition evaluation. This field - contains resource attributes like resource type and resource name. - To get the whole view of the attributes used in IAM condition - evaluation, the user must also look into - `AuditLog.request_metadata.request_attributes`. - $ref: '#/components/schemas/Resource' - permissionType: + Describes the list of operations to be reported. Each operation is + represented as an AttributeContext, and contains all attributes + around an API access. + items: + $ref: '#/components/schemas/AttributeContext' + type: array + serviceConfigId: description: >- - The type of the permission that was checked. For data access audit - logs this corresponds with the permission type that must be enabled - in the project/folder/organization IAM policy in order for the log - to be written. + Specifies the version of the service configuration that should be + used to process the request. Must not be empty. Set this field to + 'latest' to specify using the latest configuration. type: string - enumDescriptions: - - Default. Should not be used. - - Permissions that gate reading resource configuration or metadata. - - >- - Permissions that gate modification of resource configuration or - metadata. - - Permissions that gate reading user-provided data. - - Permissions that gate writing user-provided data. - enum: - - PERMISSION_TYPE_UNSPECIFIED - - ADMIN_READ - - ADMIN_WRITE - - DATA_READ - - DATA_WRITE + description: Request message for the Report method. PolicyViolationInfo: - id: PolicyViolationInfo description: Information related to policy violations for this request. type: object + id: PolicyViolationInfo properties: orgPolicyViolationInfo: description: Indicates the orgpolicy violations for this resource. - $ref: '#/components/schemas/OrgPolicyViolationInfo' - OrgPolicyViolationInfo: - id: OrgPolicyViolationInfo - description: Represents OrgPolicy Violation information. - type: object - properties: - payload: - description: >- - Optional. Deprecated. Resource payload that is currently in scope - and is subjected to orgpolicy conditions. This payload may be the - subset of the actual Resource that may come in the request. - deprecated: true - type: object - additionalProperties: - type: any - description: Properties of the object. - resourceType: - description: >- - Optional. Resource type that the orgpolicy is checked against. - Example: compute.googleapis.com/Instance, - store.googleapis.com/bucket - type: string - resourceTags: + $ref: '#/components/schemas/OrgPolicyViolationInfo' + AttributeContext: + id: AttributeContext + properties: + api: + $ref: '#/components/schemas/Api' + description: Represents an API operation that is involved to a network activity. + request: + description: Represents a network request, such as an HTTP request. + $ref: '#/components/schemas/Request' + resource: + $ref: '#/components/schemas/Resource' description: >- - Optional. Deprecated. Tags referenced on the resource at the time of - evaluation. - deprecated: true - type: object - additionalProperties: - type: string - violationInfo: - description: Optional. Policy violations + Represents a target resource that is involved with a network + activity. If multiple resources are involved with an activity, this + must be the primary one. + response: + $ref: '#/components/schemas/Response' + description: Represents a network response, such as an HTTP response. + extensions: type: array + description: >- + Supports extensions for advanced use cases, such as logs and + metrics. items: - $ref: '#/components/schemas/ViolationInfo' - ViolationInfo: - id: ViolationInfo - description: Provides information about the Policy violation info for this request. - type: object - properties: - constraint: - description: Optional. Constraint name - type: string - errorMessage: - description: Optional. Error message that policy is indicating. - type: string - checkedValue: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + source: + $ref: '#/components/schemas/Peer' description: >- - Optional. Value that is being checked for the policy. This could be - in encrypted form (if pii sensitive). This field will only be - emitted in LIST_POLICY types - type: string - policyType: - description: Optional. Indicates the type of the policy. - type: string - enumDescriptions: - - Default value. This value should not be used. - - Indicates boolean policy constraint - - Indicates list policy constraint - - Indicates custom policy constraint - enum: - - POLICY_TYPE_UNSPECIFIED - - BOOLEAN_CONSTRAINT - - LIST_CONSTRAINT - - CUSTOM_CONSTRAINT + The source of a network activity, such as starting a TCP connection. + In a multi hop network activity, the source represents the sender of + the last hop. + origin: + description: >- + The origin of a network activity. In a multi hop network activity, + the origin represents the sender of the first hop. For the first + hop, the `source` and the `origin` must have the same content. + $ref: '#/components/schemas/Peer' + destination: + description: >- + The destination of a network activity, such as accepting a TCP + connection. In a multi hop network activity, the destination + represents the receiver of the last hop. + $ref: '#/components/schemas/Peer' + description: >- + This message defines the standard attribute vocabulary for Google APIs. + An attribute is a piece of metadata that describes an activity on a + network service. For example, the size of an HTTP request, or the status + code of an HTTP response. Each attribute has a type and a name, which is + logically defined as a proto message field in `AttributeContext`. The + field type becomes the attribute type, and the field path becomes the + attribute name. For example, the attribute `source.ip` maps to field + `AttributeContext.source.ip`. This message definition is guaranteed not + to have any wire breaking change. So you can use it directly for passing + attributes across different systems. NOTE: Different system may generate + different subset of attributes. Please verify the system specification + before relying on an attribute generated a system. + type: object RequestMetadata: + type: object id: RequestMetadata description: Metadata about the request. - type: object properties: - callerIp: - description: >- - The IP address of the caller. For a caller from the internet, this - will be the public IPv4 or IPv6 address. For calls made from inside - Google's internal production network from one GCP service to - another, `caller_ip` will be redacted to "private". For a caller - from a Compute Engine VM with a external IP address, `caller_ip` - will be the VM's external IP address. For a caller from a Compute - Engine VM without a external IP address, if the VM is in the same - organization (or project) as the accessed resource, `caller_ip` will - be the VM's internal IPv4 address, otherwise `caller_ip` will be - redacted to "gce-internal-ip". See - https://cloud.google.com/compute/docs/vpc/ for more information. - type: string callerSuppliedUserAgent: + type: string description: >- The user agent of the caller. This information is not authenticated and should be treated accordingly. For example: + @@ -1017,7 +1014,6 @@ components: Google Cloud SDK CLI (gcloud). + `AppEngine-Google; (+http://code.google.com/appengine; appid: s~my-project`: The request was made from the `my-project` App Engine app. - type: string callerNetwork: description: >- The network of the caller. Set only if the network host project is @@ -1027,14 +1023,6 @@ components: example: "//compute.googleapis.com/projects/PROJECT_ID/global/networks/NETWORK_ID" type: string - requestAttributes: - description: >- - Request attributes used in IAM condition evaluation. This field - contains request attributes like request time and access levels - associated with the request. To get the whole view of the attributes - used in IAM condition evaluation, the user must also look into - `AuditLog.authentication_info.resource_attributes`. - $ref: '#/components/schemas/Request' destinationAttributes: description: >- The destination of a network activity, such as accepting a TCP @@ -1043,261 +1031,300 @@ components: this message, Peer.port and Peer.ip. These fields are optionally populated by those services utilizing the IAM condition feature. $ref: '#/components/schemas/Peer' - SpanContext: - id: SpanContext - description: >- - The context of a span. This is attached to an Exemplar in Distribution - values during aggregation. It contains the name of a span with format: - projects/[PROJECT_ID_OR_NUMBER]/traces/[TRACE_ID]/spans/[SPAN_ID] - type: object - properties: - spanName: - description: >- - The resource name of the span. The format is: - projects/[PROJECT_ID_OR_NUMBER]/traces/[TRACE_ID]/spans/[SPAN_ID] - `[TRACE_ID]` is a unique identifier for a trace within a project; it - is a 32-character hexadecimal encoding of a 16-byte array. - `[SPAN_ID]` is a unique identifier for a span within a trace; it is - a 16-character hexadecimal encoding of an 8-byte array. - type: string - V2LogEntry: - id: V2LogEntry - description: An individual log entry. - type: object - properties: - name: + requestAttributes: description: >- - Required. The log to which this log entry belongs. Examples: - `"syslog"`, `"book_log"`. + Request attributes used in IAM condition evaluation. This field + contains request attributes like request time and access levels + associated with the request. To get the whole view of the attributes + used in IAM condition evaluation, the user must also look into + `AuditLog.authentication_info.resource_attributes`. + $ref: '#/components/schemas/Request' + callerIp: type: string - timestamp: description: >- - The time the event described by the log entry occurred. If omitted, - defaults to operation start time. - type: string - format: google-datetime - severity: + The IP address of the caller. For a caller from the internet, this + will be the public IPv4 or IPv6 address. For calls made from inside + Google's internal production network from one GCP service to + another, `caller_ip` will be redacted to "private". For a caller + from a Compute Engine VM with a external IP address, `caller_ip` + will be the VM's external IP address. For a caller from a Compute + Engine VM without a external IP address, if the VM is in the same + organization (or project) as the accessed resource, `caller_ip` will + be the VM's internal IPv4 address, otherwise `caller_ip` will be + redacted to "gce-internal-ip". See + https://cloud.google.com/compute/docs/vpc/ for more information. + Status: + id: Status + properties: + message: description: >- - The severity of the log entry. The default value is - `LogSeverity.DEFAULT`. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - enumDescriptions: - - (0) The log entry has no assigned severity level. - - (100) Debug or trace information. - - (200) Routine information, such as ongoing status or performance. - - >- - (300) Normal but significant events, such as start up, shut down, - or a configuration change. - - (400) Warning events might cause problems. - - (500) Error events are likely to cause problems. - - (600) Critical events cause more severe problems or outages. - - (700) A person must take an action immediately. - - (800) One or more systems are unusable. - enum: - - DEFAULT - - DEBUG - - INFO - - NOTICE - - WARNING - - ERROR - - CRITICAL - - ALERT - - EMERGENCY - httpRequest: + details: + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object description: >- - Optional. Information about the HTTP request associated with this - log entry, if applicable. - $ref: '#/components/schemas/V2HttpRequest' - trace: + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + code: + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + type: object + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + ServiceAccountDelegationInfo: + id: ServiceAccountDelegationInfo + properties: + firstPartyPrincipal: + $ref: '#/components/schemas/FirstPartyPrincipal' + description: First party (Google) identity as the real authority. + thirdPartyPrincipal: + $ref: '#/components/schemas/ThirdPartyPrincipal' + description: Third party identity as the real authority. + principalSubject: description: >- - Optional. Resource name of the trace associated with the log entry, - if any. If this field contains a relative resource name, you can - assume the name is relative to `//tracing.googleapis.com`. Example: - `projects/my-projectid/traces/06796866738c859f2f19b7cfb3214824` + A string representing the principal_subject associated with the + identity. For most identities, the format will be + `principal://iam.googleapis.com/{identity pool + name}/subject/{subject)` except for some GKE identities + (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the + legacy format `serviceAccount:{identity pool name}[{subject}]` type: string - insertId: - description: >- - A unique ID for the log entry used for deduplication. If omitted, - the implementation will generate one based on operation_id. + type: object + description: Identity delegation history of an authenticated service account. + Peer: + properties: + port: type: string + format: int64 + description: The network port of the peer. labels: - description: >- - A set of user-defined (key, value) data that provides additional - information about the log entry. - type: object additionalProperties: type: string - monitoredResourceLabels: - description: >- - A set of user-defined (key, value) data that provides additional - information about the moniotored resource that the log entry belongs - to. + description: The labels associated with the peer. type: object - additionalProperties: - type: string - protoPayload: + ip: + type: string + description: The IP address of the peer. + regionCode: description: >- - The log entry payload, represented as a protocol buffer that is - expressed as a JSON object. The only accepted type currently is - AuditLog. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - textPayload: - description: The log entry payload, represented as a Unicode string (UTF-8). + The CLDR country/region code associated with the above IP address. + If the IP address is private, the `region_code` should reflect the + physical location where this peer is running. type: string - structPayload: + principal: description: >- - The log entry payload, represented as a structure that is expressed - as a JSON object. + The identity of this peer. Similar to `Request.auth.principal`, but + relative to the peer instead of the request. For example, the + identity associated with a load balancer that forwarded the request. + type: string + type: object + id: Peer + description: >- + This message defines attributes for a node that handles a network + request. The node can be either a service or an application that sends, + forwards, or receives the request. Service peers should fill in + `principal` and `labels` as appropriate. + Resource: + properties: + location: + description: >- + Immutable. The location of the resource. The location encoding is + specific to the service provider, and new encoding may be introduced + as the service evolves. For Google Cloud products, the encoding is + what is used by Google Cloud APIs, such as `us-east1`, + `aws-us-east-1`, and `azure-eastus2`. The semantics of `location` is + identical to the `cloud.googleapis.com/location` label used by some + Google Cloud APIs. + type: string + labels: type: object additionalProperties: - type: any - description: Properties of the object. - operation: - description: >- - Optional. Information about an operation associated with the log - entry, if applicable. - $ref: '#/components/schemas/V2LogEntryOperation' - sourceLocation: + type: string description: >- - Optional. Source code location information associated with the log - entry, if any. - $ref: '#/components/schemas/V2LogEntrySourceLocation' - V2HttpRequest: - id: V2HttpRequest - description: >- - A common proto for logging HTTP requests. Only contains semantics - defined by the HTTP specification. Product-specific logging information - MUST be defined in a separate message. - type: object - properties: - requestMethod: - description: 'The request method. Examples: `"GET"`, `"HEAD"`, `"PUT"`, `"POST"`.' + The labels or tags on the resource, such as AWS resource tags and + Kubernetes resource labels. + etag: type: string - requestUrl: description: >- - The scheme (http, https), the host name, the path, and the query - portion of the URL that was requested. Example: - `"http://example.com/some/info?color=red"`. + Output only. An opaque value that uniquely identifies a version or + generation of a resource. It can be used to confirm that the client + and server agree on the ordering of a resource being written. + displayName: + description: Mutable. The display name set by clients. Must be <= 63 characters. type: string - requestSize: + createTime: + format: google-datetime description: >- - The size of the HTTP request message in bytes, including the request - headers and the request body. + Output only. The timestamp when the resource was created. This may + be either the time creation was initiated or when it was completed. type: string - format: int64 - status: + annotations: + type: object + additionalProperties: + type: string description: >- - The response code indicating the status of the response. Examples: - 200, 404. - type: integer - format: int32 - responseSize: + Annotations is an unstructured key-value map stored with a resource + that may be set by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be preserved when + modifying objects. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: description: >- - The size of the HTTP response message sent back to the client, in - bytes, including the response headers and the response body. + The type of the resource. The syntax is platform-specific because + different platforms define their resources differently. For Google + APIs, the type format must be "{service}/{kind}", such as + "pubsub.googleapis.com/Topic". type: string - format: int64 - userAgent: + updateTime: description: >- - The user agent sent by the client. Example: `"Mozilla/4.0 - (compatible; MSIE 6.0; Windows 98; Q312461; .NET CLR 1.0.3705)"`. + Output only. The timestamp when the resource was last updated. Any + change to the resource made by users must refresh this value. + Changes to a resource made by the service should refresh this value. + format: google-datetime type: string - remoteIp: + deleteTime: description: >- - The IP address (IPv4 or IPv6) of the client that issued the HTTP - request. Examples: `"192.168.1.1"`, `"FE80::0202:B3FF:FE1E:8329"`. + Output only. The timestamp when the resource was deleted. If the + resource is not deleted, this must be empty. + format: google-datetime type: string - serverIp: - description: >- - The IP address (IPv4 or IPv6) of the origin server that the request - was sent to. + name: type: string - referer: description: >- - The referer URL of the request, as defined in [HTTP/1.1 Header Field - Definitions](https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html). - type: string - latency: + The stable identifier (name) of a resource on the `service`. A + resource can be logically identified as + "//{resource.service}/{resource.name}". The differences between a + resource name and a URI are: * Resource name is a logical + identifier, independent of network protocol and API version. For + example, `//pubsub.googleapis.com/projects/123/topics/news-feed`. * + URI often includes protocol and version information, so it can be + used directly by applications. For example, + `https://pubsub.googleapis.com/v1/projects/123/topics/news-feed`. + See https://cloud.google.com/apis/design/resource_names for details. + service: description: >- - The request processing latency on the server, from the time the - request was received until the response was sent. + The name of the service that this resource belongs to, such as + `pubsub.googleapis.com`. The service may be different from the DNS + hostname that actually serves the request. type: string - format: google-duration - cacheLookup: - description: Whether or not a cache lookup was attempted. - type: boolean - cacheHit: + uid: description: >- - Whether or not an entity was served from cache (with or without - validation). - type: boolean - cacheValidatedWithOriginServer: + The unique identifier of the resource. UID is unique in the time and + space for this resource within the scope of the service. It is + typically generated by the server on successful creation of a + resource and must not be changed. UID is used to uniquely identify + resources with resource name reuses. This should be a UUID4. + type: string + type: object + description: >- + This message defines core attributes for a resource. A resource is an + addressable (named) entity provided by the destination service. For + example, a file stored on a network storage service. + id: Resource + CheckResponse: + description: Response message for the Check method. + id: CheckResponse + properties: + status: description: >- - Whether or not the response was validated with the origin server - before being served from cache. This field is only meaningful if - `cache_hit` is True. - type: boolean - cacheFillBytes: + Operation is allowed when this field is not set. Any non-'OK' status + indicates a denial; google.rpc.Status.details would contain + additional details about the denial. + $ref: '#/components/schemas/Status' + dynamicMetadata: + type: object + additionalProperties: + type: any + description: Properties of the object. description: >- - The number of HTTP response bytes inserted into cache. Set only when - a cache fill was attempted. - type: string - format: int64 - protocol: + Optional response metadata that will be emitted as dynamic metadata + to be consumed by the caller of ServiceController. For compatibility + with the ext_authz interface. + headers: + additionalProperties: + type: string + description: Returns a set of request contexts generated from the `CheckRequest`. + type: object + type: object + SpanContext: + id: SpanContext + properties: + spanName: description: >- - Protocol used for the request. Examples: "HTTP/1.1", "HTTP/2", - "websocket" + The resource name of the span. The format is: + projects/[PROJECT_ID_OR_NUMBER]/traces/[TRACE_ID]/spans/[SPAN_ID] + `[TRACE_ID]` is a unique identifier for a trace within a project; it + is a 32-character hexadecimal encoding of a 16-byte array. + `[SPAN_ID]` is a unique identifier for a span within a trace; it is + a 16-character hexadecimal encoding of an 8-byte array. type: string - V2LogEntryOperation: - id: V2LogEntryOperation description: >- - Additional information about a potentially long-running operation with - which a log entry is associated. + The context of a span. This is attached to an Exemplar in Distribution + values during aggregation. It contains the name of a span with format: + projects/[PROJECT_ID_OR_NUMBER]/traces/[TRACE_ID]/spans/[SPAN_ID] type: object + ViolationInfo: + id: ViolationInfo + description: Provides information about the Policy violation info for this request. properties: - id: + checkedValue: + type: string description: >- - Optional. An arbitrary operation identifier. Log entries with the - same identifier are assumed to be part of the same operation. + Optional. Value that is being checked for the policy. This could be + in encrypted form (if pii sensitive). This field will only be + emitted in LIST_POLICY types + policyType: + description: Optional. Indicates the type of the policy. + enumDescriptions: + - Default value. This value should not be used. + - Indicates boolean policy constraint + - Indicates list policy constraint + - Indicates custom policy constraint type: string - producer: - description: >- - Optional. An arbitrary producer identifier. The combination of `id` - and `producer` must be globally unique. Examples for `producer`: - `"MyDivision.MyBigCompany.com"`, - `"github.com/MyProject/MyApplication"`. + enum: + - POLICY_TYPE_UNSPECIFIED + - BOOLEAN_CONSTRAINT + - LIST_CONSTRAINT + - CUSTOM_CONSTRAINT + errorMessage: + description: Optional. Error message that policy is indicating. type: string - first: - description: >- - Optional. Set this to True if this is the first log entry in the - operation. - type: boolean - last: - description: >- - Optional. Set this to True if this is the last log entry in the - operation. - type: boolean + constraint: + description: Optional. Constraint name + type: string + type: object V2LogEntrySourceLocation: id: V2LogEntrySourceLocation + type: object description: >- Additional information about the source code location that produced the log entry. - type: object properties: - file: - description: >- - Optional. Source file name. Depending on the runtime environment, - this might be a simple name or a fully-qualified name. - type: string line: description: >- Optional. Line within the source file. 1-based; 0 indicates no line number available. type: string format: int64 + file: + type: string + description: >- + Optional. Source file name. Depending on the runtime environment, + this might be a simple name or a fully-qualified name. function: description: >- Optional. Human-readable name of the function or method being @@ -1307,105 +1334,136 @@ components: vary by language. For example: `qual.if.ied.Class.method` (Java), `dir/package.func` (Go), `function` (Python). type: string - V2ResourceEvent: - id: V2ResourceEvent - description: >- - Report v2 extension proto for passing the resource metadata associated - with a resource create/update/delete/undelete event from ESF to Chemist. - ResourceEvent proto should be serialized into the - ReportRequest.operations.extensions. + AuthorizationInfo: + id: AuthorizationInfo + description: Authorization information for the operation. type: object properties: - payload: - description: >- - The payload contains metadata associated with the resource event. A - ResourceEventPayloadStatus is provided instead if the original - payload cannot be returned due to a limitation (e.g. size limit). - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - type: + resourceAttributes: description: >- - The resource event type determines how the backend service should - process the event. + Resource attributes used in IAM condition evaluation. This field + contains resource attributes like resource type and resource name. + To get the whole view of the attributes used in IAM condition + evaluation, the user must also look into + `AuditLog.request_metadata.request_attributes`. + $ref: '#/components/schemas/Resource' + permission: + type: string + description: The required IAM permission. + permissionType: type: string enumDescriptions: + - Default. Should not be used. + - Permissions that gate reading resource configuration or metadata. - >- - The resource event type is unclear. We do not expect any events to - fall into this category. - - The resource is created/inserted. - - The resource is updated. - - The resource is deleted. - - The resource is un-deleted. + Permissions that gate modification of resource configuration or + metadata. + - Permissions that gate reading user-provided data. + - Permissions that gate writing user-provided data. + description: >- + The type of the permission that was checked. For data access audit + logs this corresponds with the permission type that must be enabled + in the project/folder/organization IAM policy in order for the log + to be written. enum: - - TYPE_UNSPECIFIED - - CREATE - - UPDATE - - DELETE - - UNDELETE - destinations: + - PERMISSION_TYPE_UNSPECIFIED + - ADMIN_READ + - ADMIN_WRITE + - DATA_READ + - DATA_WRITE + resource: + type: string description: >- - The destinations field determines which backend services should - handle the event. This should be specified as a comma-delimited - string. + The resource being accessed, as a REST-style or cloud resource + string. For example: + bigquery.googleapis.com/projects/PROJECTID/datasets/DATASETID or + projects/PROJECTID/datasets/DATASETID + granted: + description: >- + Whether or not authorization for `resource` and `permission` was + granted. + type: boolean + Response: + description: >- + This message defines attributes for a typical network response. It + generally models semantics of an HTTP response. + id: Response + properties: + code: type: string - resource: - description: The resource associated with the event. - $ref: '#/components/schemas/Resource' - parent: - description: The parent resource for the resource. - $ref: '#/components/schemas/Resource' - path: + description: The HTTP response status code, such as `200` and `404`. + format: int64 + time: description: >- - The api path the resource event was created in. This should match - the source of the `payload` field. For direct integrations with - Chemist, this should generally be the RESPONSE. - go/resource-event-pipeline-type + The timestamp when the `destination` service sends the last byte of + the response. type: string - enumDescriptions: - - Default value. Do not use. - - The request path. - - The response path. - enum: - - API_PATH_UNSPECIFIED - - REQUEST - - RESPONSE - contextId: + format: google-datetime + headers: + additionalProperties: + type: string description: >- - The ESF unique context id of the api request, from which this - resource event originated. This field is only needed for CAIS - integration via api annotation. See go/cais-lro-delete for more - details. + The HTTP response headers. If multiple headers share the same key, + they must be merged according to HTTP spec. All header keys must be + lowercased, because HTTP header keys are case-insensitive. + type: object + size: type: string + description: The HTTP response size in bytes. If unknown, it must be -1. format: int64 + backendLatency: + type: string + description: >- + The amount of time it takes the backend service to fully respond to + a request. Measured from when the destination service starts to send + the request to the backend until when the destination service + receives the complete response from the backend. + format: google-duration + type: object parameters: - access_token: - description: OAuth access token. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: access_token + name: prettyPrint + schema: + type: boolean + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields schema: type: string - alt: - description: Data format for response. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: alt + name: oauth_token + schema: + type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv schema: type: string enum: - - json - - media - - proto + - '1' + - '2' callback: description: JSONP in: query name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + access_token: + description: OAuth access token. in: query - name: fields + name: access_token + schema: + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol schema: type: string key: @@ -1417,18 +1475,6 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -1438,27 +1484,22 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query name: uploadType schema: type: string - _.xgafv: - description: V1 error format. + alt: + description: Data format for response. in: query - name: $.xgafv + name: alt schema: type: string enum: - - '1' - - '2' + - json + - media + - proto x-stackQL-resources: services: id: google.servicecontrol.services @@ -1486,17 +1527,17 @@ components: paths: /v2/services/{serviceName}:check: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/alt' post: description: >- This method provides admission control for services that are integrated @@ -1553,9 +1594,8 @@ paths: called after the operations have been executed. For more information, see [Telemetry Reporting](https://cloud.google.com/service-infrastructure/docs/telemetry-reporting). - NOTE: The telemetry reporting has a hard limit of 1000 operations and - 1MB per Report call. It is recommended to have no more than 100 - operations per call. This method requires the + NOTE: The telemetry reporting has a hard limit of 100 operations and 1MB + per Report call. This method requires the `servicemanagement.services.report` permission on the specified service. For more information, see [Service Control API Access Control](https://cloud.google.com/service-infrastructure/docs/service-control/access-control). diff --git a/providers/src/googleapis.com/v00.00.00000/services/servicedirectory.yaml b/providers/src/googleapis.com/v00.00.00000/services/servicedirectory.yaml index e1e2c741..f5f4487c 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/servicedirectory.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/servicedirectory.yaml @@ -9,8 +9,8 @@ info: Service Directory is a platform for discovering, publishing, and connecting services. version: v1 - x-discovery-doc-revision: '20250811' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251117' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/service-directory servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/servicemanagement.yaml b/providers/src/googleapis.com/v00.00.00000/services/servicemanagement.yaml index da7de044..754e3050 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/servicemanagement.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/servicemanagement.yaml @@ -10,8 +10,8 @@ info: on Google Cloud Platform so that they can be discovered and used by service consumers. version: v1 - x-discovery-doc-revision: '20250617' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251110' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/service-management/ servers: @@ -57,6 +57,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -371,6 +380,11 @@ components: also sometimes simply referred to as "APIs" in other contexts, such as the name of this message itself. See https://cloud.google.com/apis/design/glossary for detailed terminology. + New usages of this message as an alternative to ServiceDescriptorProto + are strongly discouraged. This message does not reliability preserve all + information necessary to model the schema and preserve semantics. + Instead make use of FileDescriptorSet which preserves the necessary + information. type: object properties: name: @@ -428,9 +442,19 @@ components: - SYNTAX_PROTO2 - SYNTAX_PROTO3 - SYNTAX_EDITIONS + edition: + description: >- + The source edition string, only valid when syntax is + SYNTAX_EDITIONS. + type: string Method: id: Method - description: Method represents a method of an API interface. + description: >- + Method represents a method of an API interface. New usages of this + message as an alternative to MethodDescriptorProto are strongly + discouraged. This message does not reliability preserve all information + necessary to model the schema and preserve semantics. Instead make use + of FileDescriptorSet which preserves the necessary information. type: object properties: name: @@ -454,7 +478,11 @@ components: items: $ref: '#/components/schemas/Option' syntax: - description: The source syntax of this method. + description: >- + The source syntax of this method. This field should be ignored, + instead the syntax should be inherited from Api. This is similar to + Field and EnumValue. + deprecated: true type: string enumDescriptions: - Syntax `proto2`. @@ -464,11 +492,22 @@ components: - SYNTAX_PROTO2 - SYNTAX_PROTO3 - SYNTAX_EDITIONS + edition: + description: >- + The source edition string, only valid when syntax is + SYNTAX_EDITIONS. This field should be ignored, instead the edition + should be inherited from Api. This is similar to Field and + EnumValue. + deprecated: true + type: string Option: id: Option description: >- A protocol buffer option, which can be attached to a message, field, - enumeration, etc. + enumeration, etc. New usages of this message as an alternative to + FileOptions, MessageOptions, FieldOptions, EnumOptions, + EnumValueOptions, ServiceOptions, or MethodOptions are strongly + discouraged. type: object properties: name: @@ -549,7 +588,12 @@ components: type: string Type: id: Type - description: A protocol buffer message type. + description: >- + A protocol buffer message type. New usages of this message as an + alternative to DescriptorProto are strongly discouraged. This message + does not reliability preserve all information necessary to model the + schema and preserve semantics. Instead make use of FileDescriptorSet + which preserves the necessary information. type: object properties: name: @@ -591,7 +635,12 @@ components: type: string Field: id: Field - description: A single field of a message type. + description: >- + A single field of a message type. New usages of this message as an + alternative to FieldDescriptorProto are strongly discouraged. This + message does not reliability preserve all information necessary to model + the schema and preserve semantics. Instead make use of FileDescriptorSet + which preserves the necessary information. type: object properties: kind: @@ -687,7 +736,12 @@ components: type: string Enum: id: Enum - description: Enum type definition. + description: >- + Enum type definition. New usages of this message as an alternative to + EnumDescriptorProto are strongly discouraged. This message does not + reliability preserve all information necessary to model the schema and + preserve semantics. Instead make use of FileDescriptorSet which + preserves the necessary information. type: object properties: name: @@ -724,7 +778,12 @@ components: type: string EnumValue: id: EnumValue - description: Enum value definition. + description: >- + Enum value definition. New usages of this message as an alternative to + EnumValueDescriptorProto are strongly discouraged. This message does not + reliability preserve all information necessary to model the schema and + preserve semantics. Instead make use of FileDescriptorSet which + preserves the necessary information. type: object properties: name: @@ -943,6 +1002,7 @@ components: type: number format: double pathTranslation: + description: no-lint type: string enumDescriptions: - '' @@ -1830,8 +1890,9 @@ components: environment: description: >- The service controller environment to use. If empty, no control - plane feature (like quota and billing) will be enabled. The - recommended value for most services is servicecontrol.googleapis.com + plane features (like quota and billing) will be enabled. The + recommended value for most services is + servicecontrol.googleapis.com. type: string methodPolicies: description: Defines policies applying to the API methods of the service. @@ -3068,6 +3129,16 @@ components: common: description: Some settings. $ref: '#/components/schemas/CommonLanguageSettings' + libraryPackage: + description: >- + The package name to use in Php. Clobbers the php_namespace option + set in the protobuf. This should be used **only** by APIs who have + already set the language_settings.php.package_name" field in + gapic.yaml. API teams should use the protobuf php_namespace option + where possible. Example of a YAML configuration:: publishing: + library_settings: php_settings: library_package: + Google\Cloud\PubSub\V1 + type: string PythonSettings: id: PythonSettings description: Settings for Python client libraries. @@ -3189,7 +3260,7 @@ components: description: >- Map of service names to renamed services. Keys are the package relative service names and values are the name to be used for the - service client and call options. publishing: go_settings: + service client and call options. Example: publishing: go_settings: renamed_services: Publisher: TopicAdmin type: object additionalProperties: @@ -3367,9 +3438,6 @@ components: serviceName: description: The name of the service associated with this Rollout. type: string - universe: - description: The TPC universe which the rollout will be rolled out to. - type: string TrafficPercentStrategy: id: TrafficPercentStrategy description: >- @@ -4004,7 +4072,7 @@ components: description: The status code. type: string enumDescriptions: - - Unspecifed code. + - Unspecified code. - The operation or step has completed without errors. - The operation or step has not started yet. - The operation or step is in progress. @@ -4447,6 +4515,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/servicenetworking.yaml b/providers/src/googleapis.com/v00.00.00000/services/servicenetworking.yaml index 76dc006a..9f76477b 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/servicenetworking.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/servicenetworking.yaml @@ -9,8 +9,8 @@ info: Provides automatic management of network configurations necessary for certain services. version: v1 - x-discovery-doc-revision: '20250818' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251113' + x-generated-date: '2025-12-10' externalDocs: url: >- https://cloud.google.com/service-infrastructure/docs/service-networking/getting-started @@ -53,6 +53,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -2786,8 +2795,9 @@ components: environment: description: >- The service controller environment to use. If empty, no control - plane feature (like quota and billing) will be enabled. The - recommended value for most services is servicecontrol.googleapis.com + plane features (like quota and billing) will be enabled. The + recommended value for most services is + servicecontrol.googleapis.com. type: string methodPolicies: description: Defines policies applying to the API methods of the service. @@ -4888,6 +4898,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/serviceusage.yaml b/providers/src/googleapis.com/v00.00.00000/services/serviceusage.yaml index 31595e52..9fbf53b2 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/serviceusage.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/serviceusage.yaml @@ -10,8 +10,8 @@ info: Platform, lists the available or enabled services, or disables services that service consumers no longer use. version: v1 - x-discovery-doc-revision: '20250619' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251202' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/service-usage/ servers: @@ -25,13 +25,13 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 - https://www.googleapis.com/auth/service.management: Manage your Google API service configuration https://www.googleapis.com/auth/cloud-platform: >- See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account. https://www.googleapis.com/auth/cloud-platform.read-only: >- View your data across Google Cloud services and see the email address of your Google Account + https://www.googleapis.com/auth/service.management: Manage your Google API service configuration Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -41,326 +41,262 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - BatchEnableServicesResponse: + RubySettings: + type: object + id: RubySettings properties: - services: - items: - $ref: '#/components/schemas/GoogleApiServiceusageV1Service' - description: The new state of the services after enabling. - type: array - failures: - description: >- - If allow_partial_success is true, and one or more services could not - be enabled, this field contains the details about each failure. - type: array - items: - $ref: '#/components/schemas/EnableFailure' + common: + description: Some settings. + $ref: '#/components/schemas/CommonLanguageSettings' + description: Settings for Ruby client libraries. + UpdateMcpPolicyMetadata: + id: UpdateMcpPolicyMetadata + type: object + properties: {} + description: Metadata for the `UpdateMcpPolicy` method. + BatchEnableServicesResponse: + type: object + id: BatchEnableServicesResponse description: >- Response message for the `BatchEnableServices` method. This response message is assigned to the `response` field of the returned Operation when that operation is done. - id: BatchEnableServicesResponse - type: object - GoogleApiServiceusageV1ServiceConfig: - id: GoogleApiServiceusageV1ServiceConfig - description: The configuration of the service. properties: - quota: - description: Quota configuration. - $ref: '#/components/schemas/Quota' - name: - description: >- - The DNS address at which this service is available. An example DNS - address would be: `calendar.googleapis.com`. - type: string - usage: - $ref: '#/components/schemas/Usage' - description: Configuration controlling usage of this service. - title: - description: The product title for this service. - type: string - authentication: - description: Auth configuration. Contains only the OAuth rules. - $ref: '#/components/schemas/Authentication' - apis: - items: - $ref: '#/components/schemas/Api' + failures: description: >- - A list of API interfaces exported by this service. Contains only the - names, versions, and method names of the interfaces. + If allow_partial_success is true, and one or more services could not + be enabled, this field contains the details about each failure. type: array - endpoints: items: - $ref: '#/components/schemas/Endpoint' - description: >- - Configuration for network endpoints. Contains only the names and - aliases of the endpoints. - type: array - monitoredResources: + $ref: '#/components/schemas/EnableFailure' + services: + description: The new state of the services after enabling. items: - $ref: '#/components/schemas/MonitoredResourceDescriptor' + $ref: '#/components/schemas/GoogleApiServiceusageV1Service' type: array - description: >- - Defines the monitored resources used by this service. This is - required by the Service.monitoring and Service.logging - configurations. - monitoring: - $ref: '#/components/schemas/Monitoring' - description: >- - Monitoring configuration. This should not include the - 'producer_destinations' field. - documentation: - description: >- - Additional API documentation. Contains only the summary and the - documentation URL. - $ref: '#/components/schemas/Documentation' - type: object - RemoveEnableRulesMetadata: - id: RemoveEnableRulesMetadata - properties: {} - description: Metadata for the `RemoveEnableRules` method. - type: object - Publishing: - description: >- - This message configures the settings for publishing [Google Cloud Client - libraries](https://cloud.google.com/apis/docs/cloud-client-libraries) - generated from the service config. + QuotaLimit: properties: - codeownerGithubTeams: - description: >- - GitHub teams to be added to CODEOWNERS in the directory in GitHub - containing source code for the client libraries for this API. - items: - type: string - type: array - documentationUri: + unit: description: >- - Link to product home page. Example: - https://cloud.google.com/asset-inventory/docs/overview + Specify the unit of the quota limit. It uses the same syntax as + MetricDescriptor.unit. The supported unit kinds are determined by + the quota backend system. Here are some examples: * + "1/min/{project}" for quota per minute per project. Note: the order + of unit components is insignificant. The "1" at the beginning is + required to follow the metric unit syntax. type: string - restReferenceDocumentationUri: + values: description: >- - Optional link to REST reference documentation. Example: - https://cloud.google.com/pubsub/lite/docs/reference/rest + Tiered limit values. You must specify this as a key:value pair, with + an integer value that is the maximum number of requests allowed for + the specified unit. Currently only STANDARD is supported. + type: object + additionalProperties: + type: string + format: int64 + maxLimit: + format: int64 type: string - librarySettings: - items: - $ref: '#/components/schemas/ClientLibrarySettings' - type: array - description: >- - Client library settings. If the same version string appears multiple - times in this list, then the last one wins. Settings from earlier - settings with the same version string are discarded. - methodSettings: - items: - $ref: '#/components/schemas/MethodSettings' description: >- - A list of API method settings, e.g. the behavior for methods that - use the long-running operation pattern. - type: array - docTagPrefix: + Maximum number of tokens that can be consumed during the specified + duration. Client application developers can override the default + limit up to this maximum. If specified, this value cannot be set to + a value less than the default limit. If not specified, it is set to + the default limit. To allow clients to apply overrides with no upper + bound, set this to -1, indicating unlimited maximum quota. Used by + group-based quotas only. + freeTier: + format: int64 type: string description: >- - A prefix used in sample code when demarking regions to be included - in documentation. - protoReferenceDocumentationUri: + Free tier value displayed in the Developers Console for this limit. + The free tier is the number of tokens that will be subtracted from + the billed amount when billing is enabled. This field can only be + set on a limit with duration "1d", in a billable group; it is + invalid on any other limit. If this field is not set, it defaults to + 0, indicating that there is no free tier for this service. Used by + group-based quotas only. + defaultLimit: type: string description: >- - Optional link to proto reference documentation. Example: - https://cloud.google.com/pubsub/lite/docs/reference/rpc - apiShortName: + Default number of tokens that can be consumed during the specified + duration. This is the number of tokens assigned when a client + application developer activates the service for his/her project. + Specifying a value of 0 will block all requests. This can be used if + you are provisioning quota to selected consumers and blocking + others. Similarly, a value of -1 will indicate an unlimited quota. + No other negative values are allowed. Used by group-based quotas + only. + format: int64 + description: description: >- - Used as a tracking tag when collecting data about the APIs developer - relations artifacts like docs, packages delivered to package - managers, etc. Example: "speech". + Optional. User-visible, extended description for this quota limit. + Should be used only when more context is needed to understand this + limit than provided by the limit's display name (see: + `display_name`). type: string - newIssueUri: + name: description: >- - Link to a *public* URI where users can report issues. Example: - https://issuetracker.google.com/issues/new?component=190865&template=1161103 + Name of the quota limit. The name must be provided, and it must be + unique within the service. The name can only include alphanumeric + characters as well as '-'. The maximum length of the limit name is + 64 characters. type: string - githubLabel: + displayName: + description: >- + User-visible display name for this limit. Optional. If not set, the + UI will provide a default display name based on the quota + configuration. This field can be used to override the default + display name generated from the configuration. + type: string + metric: type: string description: >- - GitHub label to apply to issues and pull requests opened for this - API. - organization: - enum: - - CLIENT_LIBRARY_ORGANIZATION_UNSPECIFIED - - CLOUD - - ADS - - PHOTOS - - STREET_VIEW - - SHOPPING - - GEO - - GENERATIVE_AI - description: For whom the client library is being published. + The name of the metric this quota limit applies to. The quota limits + with the same metric will be checked together during runtime. The + metric must be defined within the service config. + duration: + description: >- + Duration of this limit in textual notation. Must be "100s" or "1d". + Used by group-based quotas only. type: string - enumDescriptions: - - Not useful. - - Google Cloud Platform Org. - - Ads (Advertising) Org. - - Photos Org. - - Street View Org. - - Shopping Org. - - Geo Org. - - Generative AI - https://developers.generativeai.google - id: Publishing - type: object - Usage: + description: >- + `QuotaLimit` defines a specific limit that applies over a specified + duration for a limit type. There can be at most one limit for a duration + and limit type combination defined within a `QuotaGroup`. + id: QuotaLimit type: object - id: Usage - description: Configuration controlling usage of a service. + GoogleApiServiceusageV1Service: properties: - rules: - items: - $ref: '#/components/schemas/UsageRule' - description: >- - A list of usage rules that apply to individual API methods. - **NOTE:** All service configuration rules follow "last one wins" - order. - type: array - producerNotificationChannel: + parent: type: string description: >- - The full resource name of a channel used for sending notifications - to the service producer. Google Service Management currently only - supports [Google Cloud Pub/Sub](https://cloud.google.com/pubsub) as - a notification channel. To use Google Cloud Pub/Sub as the channel, - this must be the name of a Cloud Pub/Sub topic that uses the Cloud - Pub/Sub topic name format documented in - https://cloud.google.com/pubsub/docs/overview. - requirements: - type: array - description: >- - Requirements that must be satisfied before a consumer project can - use the service. Each requirement is of the form /; for example - 'serviceusage.googleapis.com/billing-enabled'. For Google APIs, a - Terms of Service requirement must be included here. Google Cloud - APIs must include "serviceusage.googleapis.com/tos/cloud". Other - Google APIs should include - "serviceusage.googleapis.com/tos/universal". Additional ToS can be - included based on the business needs. - items: - type: string - DisableServiceRequest: - type: object - id: DisableServiceRequest - properties: - checkIfServiceHasUsage: + The resource name of the consumer. A valid name would be: - + projects/123 + state: + type: string enum: - - CHECK_IF_SERVICE_HAS_USAGE_UNSPECIFIED - - SKIP - - CHECK + - STATE_UNSPECIFIED + - DISABLED + - ENABLED enumDescriptions: - - When unset, the default behavior is used, which is SKIP. - - If set, skip checking service usage when disabling a service. - >- - If set, service usage is checked when disabling the service. If a - service, or its dependents, has usage in the last 30 days, the - request returns a FAILED_PRECONDITION error. - type: string + The default value, which indicates that the enabled state of the + service is unspecified or not meaningful. Currently, all consumers + other than projects (such as folders and organizations) are always + in this state. + - >- + The service cannot be used by this consumer. It has either been + explicitly disabled, or has never been enabled. + - The service has been explicitly enabled for use by this consumer. + description: Whether or not the service has been enabled for use by the consumer. + name: description: >- - Defines the behavior for checking service usage when disabling a - service. - disableDependentServices: + The resource name of the consumer and service. A valid name would + be: - projects/123/services/serviceusage.googleapis.com + type: string + config: description: >- - Indicates if services that are enabled and which depend on this - service should also be disabled. If not set, an error will be - generated if any enabled services depend on the service to be - disabled. When set, the service, and any enabled services that - depend on it, will be disabled together. - type: boolean - description: Request message for the `DisableService` method. - ImportAdminQuotaPoliciesMetadata: - description: >- - Metadata message that provides information such as progress, partial - failures, and similar information on each GetOperation call of LRO - returned by ImportAdminQuotaPolicies. + The service configuration of the available service. Some fields may + be filtered out of the configuration in responses to the + `ListServices` method. These fields are present only in responses to + the `GetService` method. + $ref: '#/components/schemas/GoogleApiServiceusageV1ServiceConfig' + id: GoogleApiServiceusageV1Service + description: A service that is available for use by the consumer. type: object - id: ImportAdminQuotaPoliciesMetadata - properties: {} - BatchingSettingsProto: + DotnetSettings: + id: DotnetSettings properties: - delayThreshold: - format: google-duration - type: string + handwrittenSignatures: description: >- - The duration after which a batch should be sent, starting from the - addition of the first message to that batch. - elementCountThreshold: + Method signatures (in the form "service.method(signature)") which + are provided separately, so shouldn't be generated. Snippets + *calling* these methods are still generated, however. + items: + type: string + type: array + renamedResources: + additionalProperties: + type: string + type: object description: >- - The number of elements of a field collected into a batch which, if - exceeded, causes the batch to be sent. - format: int32 - type: integer - requestByteLimit: - description: The maximum size of the request that could be accepted by server. - type: integer - format: int32 - requestByteThreshold: - type: string - format: int64 + Map from full resource types to the effective short name for the + resource. This is used when otherwise resource named from different + services would cause naming collisions. Example entry: + "datalabeling.googleapis.com/Dataset": "DataLabelingDataset" + common: + description: Some settings. + $ref: '#/components/schemas/CommonLanguageSettings' + forcedNamespaceAliases: + items: + type: string description: >- - The aggregated size of the batched field which, if exceeded, causes - the batch to be sent. This size is computed by aggregating the sizes - of the request field to be batched, not of the entire request - message. - flowControlByteLimit: - format: int32 - type: integer - description: The maximum size of data allowed by flow control. - flowControlElementLimit: - type: integer - format: int32 - description: The maximum number of elements allowed by flow control. - flowControlLimitExceededBehavior: - enum: - - UNSET_BEHAVIOR - - THROW_EXCEPTION - - BLOCK - - IGNORE - type: string - enumDescriptions: - - Default behavior, system-defined. - - Stop operation, raise error. - - Pause operation until limit clears. - - Continue operation, disregard limit. - description: The behavior to take when the flow control limit is exceeded. - elementCountLimit: - format: int32 + Namespaces which must be aliased in snippets due to a known (but + non-generator-predictable) naming collision + type: array + renamedServices: description: >- - The maximum number of elements collected in a batch that could be - accepted by server. - type: integer - description: >- - `BatchingSettingsProto` specifies a set of batching thresholds, each of - which acts as a trigger to send a batch of messages as a request. At - least one threshold must be positive nonzero. + Map from original service names to renamed versions. This is used + when the default generated types would cause a naming conflict. + (Neither name is fully-qualified.) Example: Subscriber to + SubscriberServiceApi. + type: object + additionalProperties: + type: string + ignoredResources: + description: >- + List of full resource types to ignore during generation. This is + typically used for API-specific Location resources, which should be + handled by the generator as if they were actually the common + Location resources. Example entry: + "documentai.googleapis.com/Location" + type: array + items: + type: string type: object - id: BatchingSettingsProto - MethodPolicy: + description: Settings for Dotnet client libraries. + AddEnableRulesMetadata: + type: object + id: AddEnableRulesMetadata + description: Metadata for the `AddEnableRules` method. + properties: {} + GoogleApiServiceusageV2betaAnalysis: + id: GoogleApiServiceusageV2betaAnalysis + type: object + description: A message to group the analysis information. properties: - requestPolicies: - items: - $ref: '#/components/schemas/FieldPolicy' - type: array - description: Policies that are applicable to the request message. - selector: + displayName: + readOnly: true type: string description: >- - Selects a method to which these policies should be enforced, for - example, "google.pubsub.v1.Subscriber.CreateSubscription". Refer to - selector for syntax details. NOTE: This field must not be set in the - proto annotation. It will be automatically filled by the service - config compiler . - id: MethodPolicy - description: Defines policies applying to an RPC method. - type: object + Output only. The user friendly display name of the analysis type. + E.g. service dependency analysis, service resource usage analysis, + etc. + analysisResult: + $ref: '#/components/schemas/GoogleApiServiceusageV2betaAnalysisResult' + readOnly: true + description: Output only. Analysis result of updating a policy. + service: + description: >- + The names of the service that has analysis result of warnings or + blockers. Example: `services/storage.googleapis.com`. + type: string + analysisType: + type: string + enumDescriptions: + - Unspecified analysis type. Do not use. + - The analysis of service dependencies. + - The analysis of service resource usage. + readOnly: true + description: Output only. The type of analysis. + enum: + - ANALYSIS_TYPE_UNSPECIFIED + - ANALYSIS_TYPE_DEPENDENCY + - ANALYSIS_TYPE_RESOURCE_USAGE GoogleApiServiceusageV2betaEnableRule: - description: >- - The consumer policy rule that defines enabled services, groups, and - categories. + type: object + id: GoogleApiServiceusageV2betaEnableRule properties: services: type: array @@ -369,1986 +305,1998 @@ components: description: >- The names of the services that are enabled. Example: `services/storage.googleapis.com`. - id: GoogleApiServiceusageV2betaEnableRule + description: >- + The consumer policy rule that defines enabled services, groups, and + categories. + Empty: + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: Empty + type: object + properties: {} + ExperimentalFeatures: + description: >- + Experimental features to be included during client library generation. + These fields will be deprecated once the feature graduates and is + enabled by default. type: object - AuthProvider: - id: AuthProvider properties: - jwtLocations: + protobufPythonicTypesEnabled: + type: boolean description: >- - Defines the locations to extract the JWT. For now it is only used by - the Cloud Endpoints to store the OpenAPI extension - [x-google-jwt-locations] - (https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations) - JWT locations can be one of HTTP headers, URL query parameters or - cookies. The rule is that the first match wins. If not specified, - default to use following 3 locations: 1) Authorization: Bearer 2) - x-goog-iap-jwt-assertion 3) access_token query parameter Default - locations can be specified as followings: jwt_locations: - header: - Authorization value_prefix: "Bearer " - header: - x-goog-iap-jwt-assertion - query: access_token - items: - $ref: '#/components/schemas/JwtLocation' - type: array - id: - description: >- - The unique identifier of the auth provider. It will be referred to - by `AuthRequirement.provider_id`. Example: "bookstore_auth". - type: string - jwksUri: - type: string - description: >- - URL of the provider's public key set to validate signature of the - JWT. See [OpenID - Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata). - Optional if the key set document: - can be retrieved from [OpenID - Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html) - of the issuer. - can be inferred from the email domain of the issuer - (e.g. a Google service account). Example: - https://www.googleapis.com/oauth2/v1/certs - authorizationUrl: - description: >- - Redirect URL if JWT token is required but not present or is expired. - Implement authorizationUrl of securityDefinitions in OpenAPI spec. - type: string - audiences: - description: >- - The list of JWT - [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3). - that are allowed to access. A JWT containing any of these audiences - will be accepted. When this setting is absent, JWTs with audiences: - - "https://[service.name]/[google.protobuf.Api.name]" - - "https://[service.name]/" will be accepted. For example, if no - audiences are in the setting, LibraryService API will accept JWTs - with the following audiences: - - https://library-example.googleapis.com/google.example.library.v1.LibraryService - - https://library-example.googleapis.com/ Example: audiences: - bookstore_android.apps.googleusercontent.com, - bookstore_web.apps.googleusercontent.com - type: string - issuer: - type: string + Enables generation of protobuf code using new types that are more + Pythonic which are included in `protobuf>=5.29.x`. This feature will + be enabled by default 1 month after launching the feature in preview + packages. + unversionedPackageDisabled: + type: boolean description: >- - Identifies the principal that issued the JWT. See - https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 - Usually a URL or an email address. Example: - https://securetoken.google.com Example: - 1234567-compute@developer.gserviceaccount.com - description: >- - Configuration for an authentication provider, including support for - [JSON Web Token - (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32). - type: object - Context: - id: Context - properties: - rules: - type: array + Disables generation of an unversioned Python package for this client + library. This means that the module names will need to be versioned + in import statements. For example `import google.cloud.library_v2` + instead of `import google.cloud.library`. + restAsyncIoEnabled: + type: boolean description: >- - A list of RPC context rules that apply to individual API methods. - **NOTE:** All service configuration rules follow "last one wins" - order. - items: - $ref: '#/components/schemas/ContextRule' - description: >- - `Context` defines which contexts an API requests. Example: context: - rules: - selector: "*" requested: - google.rpc.context.ProjectContext - - google.rpc.context.OriginContext The above specifies that all methods in - the API request `google.rpc.context.ProjectContext` and - `google.rpc.context.OriginContext`. Available context types are defined - in package `google.rpc.context`. This also provides mechanism to - allowlist any protobuf message extension that can be sent in grpc - metadata using “x-goog-ext--bin” and “x-goog-ext--jspb” format. For - example, list any service specific protobuf types that can appear in - grpc metadata as follows in your yaml file: Example: context: rules: - - selector: "google.example.library.v1.LibraryService.CreateBook" - allowed_request_extensions: - google.foo.v1.NewExtension - allowed_response_extensions: - google.foo.v1.NewExtension You can also - specify extension ID instead of fully qualified extension name here. + Enables generation of asynchronous REST clients if `rest` transport + is enabled. By default, asynchronous REST clients will not be + generated. This feature will be enabled by default 1 month after + launching the feature in preview packages. + id: ExperimentalFeatures + BillingDestination: type: object - EnableServiceResponse: - properties: - service: - $ref: '#/components/schemas/GoogleApiServiceusageV1Service' - description: The new state of the service after enabling. description: >- - Response message for the `EnableService` method. This response message - is assigned to the `response` field of the returned Operation when that - operation is done. - type: object - id: EnableServiceResponse - Http: + Configuration of a specific billing destination (Currently only support + bill against consumer project). + id: BillingDestination properties: - fullyDecodeReservedExpansion: + monitoredResource: + type: string description: >- - When set to true, URL path parameters will be fully URI-decoded - except in cases of single segment matches in reserved expansion, - where "%2F" will be left encoded. The default behavior is to not - decode RFC 6570 reserved characters in multi segment matches. - type: boolean - rules: + The monitored resource type. The type must be defined in + Service.monitored_resources section. + metrics: description: >- - A list of HTTP configuration rules that apply to individual API - methods. **NOTE:** All service configuration rules follow "last one - wins" order. + Names of the metrics to report to this billing destination. Each + name must be defined in Service.metrics section. type: array - items: - $ref: '#/components/schemas/HttpRule' - type: object - description: >- - Defines the HTTP configuration for an API service. It contains a list of - HttpRule, each specifying the mapping of an RPC method to one or more - HTTP REST API methods. - id: Http - BatchingConfigProto: - properties: - batchDescriptor: - $ref: '#/components/schemas/BatchingDescriptorProto' - description: The request and response fields used in batching. - thresholds: - description: The thresholds which trigger a batched request to be sent. - $ref: '#/components/schemas/BatchingSettingsProto' - type: object - id: BatchingConfigProto - description: >- - `BatchingConfigProto` defines the batching configuration for an API - method. - OperationMetadata: - type: object - description: The operation metadata returned for the batchend services operation. - id: OperationMetadata - properties: - resourceNames: items: type: string - type: array - description: >- - The full name of the resources that this operation is directly - associated with. - GoogleApiServiceusageV2alphaEnableRule: + Operation: + id: Operation properties: - services: - type: array + response: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any description: >- - The names of the services that are enabled. Example: - `services/storage.googleapis.com`. - items: - type: string + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean type: object description: >- - The consumer policy rule that defines enabled services, groups, and - categories. - id: GoogleApiServiceusageV2alphaEnableRule - Impact: - id: Impact - description: A message to group impacts of updating a policy. - type: object + This resource represents a long-running operation that is the result of + a network API call. + MetricDescriptorMetadata: properties: - detail: - type: string - description: Output only. User friendly impact detail in a free form message. - readOnly: true - parent: + samplePeriod: + format: google-duration description: >- - The parent resource that the analysis is based on and the service - name that the analysis is for. Example: - `projects/100/services/compute.googleapis.com`, - folders/101/services/compute.googleapis.com` and - `organizations/102/services/compute.googleapis.com`. Usually, the - parent resource here is same as the parent resource of the analyzed - policy. However, for some analysis types, the parent can be - different. For example, for resource existence analysis, if the - parent resource of the analyzed policy is a folder or an - organization, the parent resource here can still be the project that - contains the resources. + The sampling period of metric data points. For metrics which are + written periodically, consecutive data points are stored at this + time interval, excluding data loss due to errors. Metrics with a + higher granularity have a smaller sampling period. type: string - impactType: + ingestDelay: type: string - enumDescriptions: - - >- - Reserved Blocks (Block n contains codes from 100n to 100(n+1) -1 - Block 0 - Special/Admin codes Block 1 - Impact Type of - ANALYSIS_TYPE_DEPENDENCY Block 2 - Impact Type of - ANALYSIS_TYPE_RESOURCE_USAGE Block 3 - Impact Type of - ANALYSIS_TYPE_RESOURCE_EXISTENCE ... - - Block 1 - Impact Type of ANALYSIS_TYPE_DEPENDENCY - - Block 3 - Impact Type of ANALYSIS_TYPE_RESOURCE_EXISTENCE - readOnly: true - enum: - - IMPACT_TYPE_UNSPECIFIED - - DEPENDENCY_MISSING_DEPENDENCIES - - RESOURCE_EXISTENCE_PROJECT - description: Output only. The type of impact. - DisableServiceResponse: - properties: - service: - $ref: '#/components/schemas/GoogleApiServiceusageV1Service' - description: The new state of the service after disabling. - type: object - description: >- - Response message for the `DisableService` method. This response message - is assigned to the `response` field of the returned Operation when that - operation is done. - id: DisableServiceResponse - BatchingDescriptorProto: - properties: - discriminatorFields: + format: google-duration + description: >- + The delay of data points caused by ingestion. Data points older than + this age are guaranteed to be ingested and available to be read, + excluding data loss due to errors. + timeSeriesResourceHierarchyLevel: + description: The scope of the timeseries data of the metric. type: array items: + enumDescriptions: + - Do not use this default value. + - Scopes a metric to a project. + - Scopes a metric to an organization. + - Scopes a metric to a folder. type: string - description: >- - A list of the fields in the request message. Two requests will be - batched together only if the values of every field specified in - `request_discriminator_fields` is equal between the two requests. - batchedField: + enum: + - TIME_SERIES_RESOURCE_HIERARCHY_LEVEL_UNSPECIFIED + - PROJECT + - ORGANIZATION + - FOLDER + launchStage: + enumDescriptions: + - Do not use this default value. + - The feature is not yet implemented. Users can not use it. + - >- + Prelaunch features are hidden from users and are only visible + internally. + - >- + Early Access features are limited to a closed group of testers. To + use these features, you must sign up in advance and sign a Trusted + Tester agreement (which includes confidentiality provisions). + These features may be unstable, changed in backward-incompatible + ways, and are not guaranteed to be released. + - >- + Alpha is a limited availability test for releases before they are + cleared for widespread use. By Alpha, all significant design + issues are resolved and we are in the process of verifying + functionality. Alpha customers need to apply for access, agree to + applicable terms, and have their projects allowlisted. Alpha + releases don't have to be feature complete, no SLAs are provided, + and there are no technical support obligations, but they will be + far enough along that customers can actually use them in test + environments or for limited-use tests -- just like they would in + normal production cases. + - >- + Beta is the point at which we are ready to open a release for any + customer to use. There are no SLA or technical support obligations + in a Beta release. Products will be complete from a feature + perspective, but may have some open outstanding issues. Beta + releases are suitable for limited production use cases. + - >- + GA features are open to all developers and are considered stable + and fully qualified for production use. + - >- + Deprecated features are scheduled to be shut down and removed. For + more information, see the "Deprecation Policy" section of our + [Terms of Service](https://cloud.google.com/terms/) and the + [Google Cloud Platform Subject to the Deprecation + Policy](https://cloud.google.com/terms/deprecation) documentation. + deprecated: true + enum: + - LAUNCH_STAGE_UNSPECIFIED + - UNIMPLEMENTED + - PRELAUNCH + - EARLY_ACCESS + - ALPHA + - BETA + - GA + - DEPRECATED + description: Deprecated. Must use the MetricDescriptor.launch_stage instead. type: string - description: >- - The repeated field in the request message to be aggregated by - batching. - subresponseField: - description: >- - Optional. When present, indicates the field in the response message - to be used to demultiplex the response into multiple response - messages, in correspondence with the multiple request messages - originally batched together. + description: Additional annotations that can be used to guide the usage of a metric. + id: MetricDescriptorMetadata + type: object + LabelDescriptor: + description: A description of a label. + properties: + key: + description: The label key. + type: string + valueType: + type: string + enum: + - STRING + - BOOL + - INT64 + enumDescriptions: + - A variable-length string. This is the default. + - Boolean; true or false. + - A 64-bit signed integer. + description: The type of data that can be assigned to the label. + description: type: string + description: A human-readable description for the label. type: object - id: BatchingDescriptorProto - description: >- - `BatchingDescriptorProto` specifies the fields of the request message to - be used for batching, and, optionally, the fields of the response - message to be used for demultiplexing. - MetricRule: + id: LabelDescriptor + QuotaOverride: + id: QuotaOverride type: object - id: MetricRule + description: A quota override properties: - selector: - description: >- - Selects the methods to which this rule applies. Refer to selector - for syntax details. + adminOverrideAncestor: type: string - metricCosts: - type: object + description: >- + The resource name of the ancestor that requested the override. For + example: `organizations/12345` or `folders/67890`. Used by admin + overrides only. + dimensions: additionalProperties: type: string - format: int64 - description: >- - Metrics to update when the selected methods are called, and the - associated cost applied to each metric. The key of the map is the - metric name, and the values are the amount increased for the metric - against which the quota limits are defined. The value must not be - negative. - description: >- - Bind API methods to metrics. Binding a method to a metric causes that - metric's configured quota behaviors to apply to the method call. - ImportAdminOverridesResponse: - id: ImportAdminOverridesResponse - type: object - description: Response message for ImportAdminOverrides - properties: - overrides: - items: - $ref: '#/components/schemas/QuotaOverride' - type: array - description: The overrides that were created from the imported data. - Logging: - id: Logging - description: >- - Logging configuration of the service. The following example shows how to - configure logs to be sent to the producer and consumer projects. In the - example, the `activity_history` log is sent to both the producer and - consumer projects, whereas the `purchase_history` log is only sent to - the producer project. monitored_resources: - type: - library.googleapis.com/branch labels: - key: /city description: The city - where the library branch is located in. - key: /name description: The - name of the branch. logs: - name: activity_history labels: - key: - /customer_id - name: purchase_history logging: producer_destinations: - - monitored_resource: library.googleapis.com/branch logs: - - activity_history - purchase_history consumer_destinations: - - monitored_resource: library.googleapis.com/branch logs: - - activity_history - type: object - properties: - consumerDestinations: - type: array - items: - $ref: '#/components/schemas/LoggingDestination' description: >- - Logging configurations for sending logs to the consumer project. - There can be multiple consumer destinations, each one must have a - different monitored resource type. A log can be used in at most one - consumer destination. - producerDestinations: - type: array - items: - $ref: '#/components/schemas/LoggingDestination' + If this map is nonempty, then this override applies only to specific + values for dimensions defined in the limit unit. For example, an + override on a limit with the unit `1/{project}/{region}` could + contain an entry with the key `region` and the value `us-east-1`; + the override is only applied to quota consumed in that region. This + map has the following restrictions: * Keys that are not defined in + the limit's unit are not valid keys. Any string appearing in + `{brackets}` in the unit (besides `{project}` or `{user}`) is a + defined key. * `project` is not a valid key; the project is already + specified in the parent resource name. * `user` is not a valid key; + the API does not support quota overrides that apply only to a + specific user. * If `region` appears as a key, its value must be a + valid Cloud region. * If `zone` appears as a key, its value must be + a valid Cloud zone. * If any valid key other than `region` or `zone` + appears in the map, then all valid keys other than `region` or + `zone` must also appear in the map. + type: object + metric: description: >- - Logging configurations for sending logs to the producer project. - There can be multiple producer destinations, each one must have a - different monitored resource type. A log can be used in at most one - producer destination. - GoogleApiServiceusageV2betaAnalyzeConsumerPolicyMetadata: - properties: {} - id: GoogleApiServiceusageV2betaAnalyzeConsumerPolicyMetadata - description: Metadata for the `AnalyzeConsumerPolicy` method. - type: object - Type: - type: object - id: Type - description: A protocol buffer message type. - properties: + The name of the metric to which this override applies. An example + name would be: `compute.googleapis.com/cpus` + type: string name: - description: The fully qualified message name. + description: >- + The resource name of the override. This name is generated by the + server when the override is created. Example names would be: + `projects/123/services/compute.googleapis.com/consumerQuotaMetrics/compute.googleapis.com%2Fcpus/limits/%2Fproject%2Fregion/adminOverrides/4a3f2c1d` + `projects/123/services/compute.googleapis.com/consumerQuotaMetrics/compute.googleapis.com%2Fcpus/limits/%2Fproject%2Fregion/consumerOverrides/4a3f2c1d` + The resource name is intended to be opaque and should not be parsed + for its component strings, since its representation could change in + the future. type: string - syntax: - enumDescriptions: - - Syntax `proto2`. - - Syntax `proto3`. - - Syntax `editions`. - description: The source syntax. - enum: - - SYNTAX_PROTO2 - - SYNTAX_PROTO3 - - SYNTAX_EDITIONS + overrideValue: + format: int64 type: string - sourceContext: - $ref: '#/components/schemas/SourceContext' - description: The source context. - oneofs: - items: - type: string - type: array - description: The list of types appearing in `oneof` definitions in this type. - fields: - description: The list of fields. - type: array - items: - $ref: '#/components/schemas/Field' - options: - type: array - items: - $ref: '#/components/schemas/Option' - description: The protocol buffer options. - edition: description: >- - The source edition string, only valid when syntax is - SYNTAX_EDITIONS. + The overriding quota limit value. Can be any nonnegative integer, or + -1 (unlimited quota). + unit: + description: >- + The limit unit of the limit to which this override applies. An + example unit would be: `1/{project}/{region}` Note that `{project}` + and `{region}` are not placeholders in this example; the literal + characters `{` and `}` occur in the string. type: string - DeleteAdminQuotaPolicyMetadata: - type: object - id: DeleteAdminQuotaPolicyMetadata - description: >- - Metadata message that provides information such as progress, partial - failures, and similar information on each GetOperation call of LRO - returned by DeleteAdminQuotaPolicy. - properties: {} - Analysis: + AuthProvider: properties: - analysisType: - type: string - readOnly: true - description: Output only. The type of analysis. - enumDescriptions: - - Unspecified analysis type. Do not use. - - The analysis of service dependencies. - - The analysis of service resource usage. - - The analysis of service resource existence. - enum: - - ANALYSIS_TYPE_UNSPECIFIED - - ANALYSIS_TYPE_DEPENDENCY - - ANALYSIS_TYPE_RESOURCE_USAGE - - ANALYSIS_TYPE_RESOURCE_EXISTENCE - service: + issuer: type: string description: >- - The names of the service that has analysis result of warnings or - blockers. Example: `services/storage.googleapis.com`. - analysis: - $ref: '#/components/schemas/AnalysisResult' - description: Output only. Analysis result of updating a policy. - readOnly: true - displayName: + Identifies the principal that issued the JWT. See + https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 + Usually a URL or an email address. Example: + https://securetoken.google.com Example: + 1234567-compute@developer.gserviceaccount.com + jwksUri: description: >- - Output only. The user friendly display name of the analysis type. - E.g. service dependency analysis, service resource usage analysis, - etc. + URL of the provider's public key set to validate signature of the + JWT. See [OpenID + Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata). + Optional if the key set document: - can be retrieved from [OpenID + Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html) + of the issuer. - can be inferred from the email domain of the issuer + (e.g. a Google service account). Example: + https://www.googleapis.com/oauth2/v1/certs type: string - readOnly: true - description: A message to group the analysis information. - id: Analysis - type: object - Empty: - type: object - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - id: Empty - properties: {} - MetricDescriptor: - id: MetricDescriptor - properties: - valueType: - enum: - - VALUE_TYPE_UNSPECIFIED - - BOOL - - INT64 - - DOUBLE - - STRING - - DISTRIBUTION - - MONEY - enumDescriptions: - - Do not use this default value. - - >- - The value is a boolean. This value type can be used only if the - metric kind is `GAUGE`. - - The value is a signed 64-bit integer. - - The value is a double precision floating point number. - - >- - The value is a text string. This value type can be used only if - the metric kind is `GAUGE`. - - The value is a `Distribution`. - - The value is money. + audiences: description: >- - Whether the measurement is an integer, a floating-point number, etc. - Some combinations of `metric_kind` and `value_type` might not be - supported. - type: string - metricKind: - enum: - - METRIC_KIND_UNSPECIFIED - - GAUGE - - DELTA - - CUMULATIVE - enumDescriptions: - - Do not use this default value. - - An instantaneous measurement of a value. - - The change in a value during a time interval. - - >- - A value accumulated over a time interval. Cumulative measurements - in a time series should have the same start time and increasing - end times, until an event resets the cumulative value to zero and - sets a new start time for the following points. + The list of JWT + [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3). + that are allowed to access. A JWT containing any of these audiences + will be accepted. When this setting is absent, JWTs with audiences: + - "https://[service.name]/[google.protobuf.Api.name]" - + "https://[service.name]/" will be accepted. For example, if no + audiences are in the setting, LibraryService API will accept JWTs + with the following audiences: - + https://library-example.googleapis.com/google.example.library.v1.LibraryService + - https://library-example.googleapis.com/ Example: audiences: + bookstore_android.apps.googleusercontent.com, + bookstore_web.apps.googleusercontent.com type: string + jwtLocations: + type: array description: >- - Whether the metric records instantaneous values, changes to a value, - etc. Some combinations of `metric_kind` and `value_type` might not - be supported. - displayName: + Defines the locations to extract the JWT. For now it is only used by + the Cloud Endpoints to store the OpenAPI extension + [x-google-jwt-locations] + (https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations) + JWT locations can be one of HTTP headers, URL query parameters or + cookies. The rule is that the first match wins. If not specified, + default to use following 3 locations: 1) Authorization: Bearer 2) + x-goog-iap-jwt-assertion 3) access_token query parameter Default + locations can be specified as followings: jwt_locations: - header: + Authorization value_prefix: "Bearer " - header: + x-goog-iap-jwt-assertion - query: access_token + items: + $ref: '#/components/schemas/JwtLocation' + authorizationUrl: description: >- - A concise name for the metric, which can be displayed in user - interfaces. Use sentence case without an ending period, for example - "Request count". This field is optional but it is recommended to be - set for any metrics associated with user-visible concepts, such as - Quota. + Redirect URL if JWT token is required but not present or is expired. + Implement authorizationUrl of securityDefinitions in OpenAPI spec. type: string - launchStage: - enumDescriptions: - - Do not use this default value. - - The feature is not yet implemented. Users can not use it. - - >- - Prelaunch features are hidden from users and are only visible - internally. - - >- - Early Access features are limited to a closed group of testers. To - use these features, you must sign up in advance and sign a Trusted - Tester agreement (which includes confidentiality provisions). - These features may be unstable, changed in backward-incompatible - ways, and are not guaranteed to be released. - - >- - Alpha is a limited availability test for releases before they are - cleared for widespread use. By Alpha, all significant design - issues are resolved and we are in the process of verifying - functionality. Alpha customers need to apply for access, agree to - applicable terms, and have their projects allowlisted. Alpha - releases don't have to be feature complete, no SLAs are provided, - and there are no technical support obligations, but they will be - far enough along that customers can actually use them in test - environments or for limited-use tests -- just like they would in - normal production cases. - - >- - Beta is the point at which we are ready to open a release for any - customer to use. There are no SLA or technical support obligations - in a Beta release. Products will be complete from a feature - perspective, but may have some open outstanding issues. Beta - releases are suitable for limited production use cases. - - >- - GA features are open to all developers and are considered stable - and fully qualified for production use. - - >- - Deprecated features are scheduled to be shut down and removed. For - more information, see the "Deprecation Policy" section of our - [Terms of Service](https://cloud.google.com/terms/) and the - [Google Cloud Platform Subject to the Deprecation - Policy](https://cloud.google.com/terms/deprecation) documentation. - enum: - - LAUNCH_STAGE_UNSPECIFIED - - UNIMPLEMENTED - - PRELAUNCH - - EARLY_ACCESS - - ALPHA - - BETA - - GA - - DEPRECATED - description: Optional. The launch stage of the metric definition. + id: + description: >- + The unique identifier of the auth provider. It will be referred to + by `AuthRequirement.provider_id`. Example: "bookstore_auth". type: string - description: + description: >- + Configuration for an authentication provider, including support for + [JSON Web Token + (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32). + type: object + id: AuthProvider + AdminQuotaPolicy: + description: Quota policy created by quota administrator. + id: AdminQuotaPolicy + properties: + container: type: string description: >- - A detailed description of the metric, which can be used in - documentation. + The cloud resource container at which the quota policy is created. + The format is `{container_type}/{container_number}` name: type: string - description: The resource name of the metric descriptor. + description: >- + The resource name of the policy. This name is generated by the + server when the policy is created. Example names would be: + `organizations/123/services/compute.googleapis.com/consumerQuotaMetrics/compute.googleapis.com%2Fcpus/limits/%2Fproject%2Fregion/adminQuotaPolicies/4a3f2c1d` + dimensions: + type: object + additionalProperties: + type: string + description: ' If this map is nonempty, then this policy applies only to specific values for dimensions defined in the limit unit. For example, a policy on a limit with the unit `1/{project}/{region}` could contain an entry with the key `region` and the value `us-east-1`; the policy is only applied to quota consumed in that region. This map has the following restrictions: * If `region` appears as a key, its value must be a valid Cloud region. * If `zone` appears as a key, its value must be a valid Cloud zone. * Keys other than `region` or `zone` are not valid.' + policyValue: + format: int64 + description: >- + The quota policy value. Can be any nonnegative integer, or -1 + (unlimited quota). + type: string unit: description: >- - The units in which the metric value is reported. It is only - applicable if the `value_type` is `INT64`, `DOUBLE`, or - `DISTRIBUTION`. The `unit` defines the representation of the stored - metric values. Different systems might scale the values to be more - easily displayed (so a value of `0.02kBy` _might_ be displayed as - `20By`, and a value of `3523kBy` _might_ be displayed as `3.5MBy`). - However, if the `unit` is `kBy`, then the value of the metric is - always in thousands of bytes, no matter how it might be displayed. - If you want a custom metric to record the exact number of - CPU-seconds used by a job, you can create an `INT64 CUMULATIVE` - metric whose `unit` is `s{CPU}` (or equivalently `1s{CPU}` or just - `s`). If the job uses 12,005 CPU-seconds, then the value is written - as `12005`. Alternatively, if you want a custom metric to record - data in a more granular way, you can create a `DOUBLE CUMULATIVE` - metric whose `unit` is `ks{CPU}`, and then write the value `12.005` - (which is `12005/1000`), or use `Kis{CPU}` and write `11.723` (which - is `12005/1024`). The supported units are a subset of [The Unified - Code for Units of Measure](https://unitsofmeasure.org/ucum.html) - standard: **Basic units (UNIT)** * `bit` bit * `By` byte * `s` - second * `min` minute * `h` hour * `d` day * `1` dimensionless - **Prefixes (PREFIX)** * `k` kilo (10^3) * `M` mega (10^6) * `G` giga - (10^9) * `T` tera (10^12) * `P` peta (10^15) * `E` exa (10^18) * `Z` - zetta (10^21) * `Y` yotta (10^24) * `m` milli (10^-3) * `u` micro - (10^-6) * `n` nano (10^-9) * `p` pico (10^-12) * `f` femto (10^-15) - * `a` atto (10^-18) * `z` zepto (10^-21) * `y` yocto (10^-24) * `Ki` - kibi (2^10) * `Mi` mebi (2^20) * `Gi` gibi (2^30) * `Ti` tebi (2^40) - * `Pi` pebi (2^50) **Grammar** The grammar also includes these - connectors: * `/` division or ratio (as an infix operator). For - examples, `kBy/{email}` or `MiBy/10ms` (although you should almost - never have `/s` in a metric `unit`; rates should always be computed - at query time from the underlying cumulative or delta value). * `.` - multiplication or composition (as an infix operator). For examples, - `GBy.d` or `k{watt}.h`. The grammar for a unit is as follows: - Expression = Component { "." Component } { "/" Component } ; - Component = ( [ PREFIX ] UNIT | "%" ) [ Annotation ] | Annotation | - "1" ; Annotation = "{" NAME "}" ; Notes: * `Annotation` is just a - comment if it follows a `UNIT`. If the annotation is used alone, - then the unit is equivalent to `1`. For examples, `{request}/s == - 1/s`, `By{transmitted}/s == By/s`. * `NAME` is a sequence of - non-blank printable ASCII characters not containing `{` or `}`. * - `1` represents a unitary [dimensionless - unit](https://en.wikipedia.org/wiki/Dimensionless_quantity) of 1, - such as in `1/s`. It is typically used when none of the basic units - are appropriate. For example, "new users per day" can be represented - as `1/d` or `{new-users}/d` (and a metric value `5` would mean "5 - new users). Alternatively, "thousands of page views per day" would - be represented as `1000/d` or `k1/d` or `k{page_views}/d` (and a - metric value of `5.3` would mean "5300 page views per day"). * `%` - represents dimensionless value of 1/100, and annotates values giving - a percentage (so the metric values are typically in the range of - 0..100, and a metric value `3` means "3 percent"). * `10^2.%` - indicates a metric contains a ratio, typically in the range 0..1, - that will be multiplied by 100 and displayed as a percentage (so a - metric value `0.03` means "3 percent"). + The limit unit of the limit to which this policy applies. An example + unit would be: `1/{project}/{region}` Note that `{project}` and + `{region}` are not placeholders in this example; the literal + characters `{` and `}` occur in the string. type: string - type: - description: >- - The metric type, including its DNS name prefix. The type is not - URL-encoded. All user-defined metric types have the DNS name - `custom.googleapis.com` or `external.googleapis.com`. Metric types - should use a natural hierarchical grouping. For example: - "custom.googleapis.com/invoice/paid/amount" - "external.googleapis.com/prometheus/up" - "appengine.googleapis.com/http/server/response_latencies" + metric: type: string - monitoredResourceTypes: - items: - type: string - type: array - description: >- - Read-only. If present, then a time series, which is identified - partially by a metric type and a MonitoredResourceDescriptor, that - is associated with this metric type can only be associated with one - of the monitored resource types listed here. - labels: - items: - $ref: '#/components/schemas/LabelDescriptor' description: >- - The set of labels that can be used to describe a specific instance - of this metric type. For example, the - `appengine.googleapis.com/http/server/response_latencies` metric - type has a label for the HTTP response code, `response_code`, so you - can look at latencies for successful responses or just for responses - that failed. - type: array - metadata: - description: Optional. Metadata which can be used to guide usage of the metric. - $ref: '#/components/schemas/MetricDescriptorMetadata' - description: >- - Defines a metric type and its schema. Once a metric descriptor is - created, deleting or altering it stops data collection and makes the - metric type's existing data unusable. + The name of the metric to which this policy applies. An example name + would be: `compute.googleapis.com/cpus` type: object - GoogleApiServiceusageV2betaAnalysisResult: - id: GoogleApiServiceusageV2betaAnalysisResult - description: An analysis result including blockers and warnings. + MethodSettings: type: object + description: Describes the generator configuration for a method. + id: MethodSettings properties: - blockers: + longRunning: + $ref: '#/components/schemas/LongRunning' description: >- - Blocking information that would prevent the policy changes at - runtime. - items: - $ref: '#/components/schemas/GoogleApiServiceusageV2betaImpact' - type: array - warnings: + Describes settings to use for long-running operations when + generating API methods for RPCs. Complements RPCs that use the + annotations in google/longrunning/operations.proto. Example of a + YAML configuration:: publishing: method_settings: - selector: + google.cloud.speech.v2.Speech.BatchRecognize long_running: + initial_poll_delay: 60s # 1 minute poll_delay_multiplier: 1.5 + max_poll_delay: 360s # 6 minutes total_poll_timeout: 54000s # 90 + minutes + selector: + type: string description: >- - Warning information indicating that the policy changes might be - unsafe, but will not block the changes at runtime. - items: - $ref: '#/components/schemas/GoogleApiServiceusageV2betaImpact' + The fully qualified name of the method, for which the options below + apply. This is used to find the method to apply the options. + Example: publishing: method_settings: - selector: + google.storage.control.v2.StorageControl.CreateFolder # method + settings for CreateFolder... + autoPopulatedFields: type: array - Enum: - id: Enum - description: Enum type definition. + items: + type: string + description: >- + List of top-level fields of the request message, that should be + automatically populated by the client libraries based on their + (google.api.field_info).format. Currently supported format: UUID4. + Example of a YAML configuration: publishing: method_settings: - + selector: google.example.v1.ExampleService.CreateExample + auto_populated_fields: - request_id + batching: + $ref: '#/components/schemas/BatchingConfigProto' + description: >- + Batching configuration for an API method in client libraries. + Example of a YAML configuration: publishing: method_settings: - + selector: google.example.v1.ExampleService.BatchCreateExample + batching: element_count_threshold: 1000 request_byte_threshold: + 100000000 delay_threshold_millis: 10 + GoogleApiServiceusageV1ServiceConfig: + description: The configuration of the service. + id: GoogleApiServiceusageV1ServiceConfig properties: - edition: + monitoring: + $ref: '#/components/schemas/Monitoring' description: >- - The source edition string, only valid when syntax is - SYNTAX_EDITIONS. + Monitoring configuration. This should not include the + 'producer_destinations' field. + usage: + $ref: '#/components/schemas/Usage' + description: Configuration controlling usage of this service. + authentication: + $ref: '#/components/schemas/Authentication' + description: Auth configuration. Contains only the OAuth rules. + title: + description: The product title for this service. type: string - options: + endpoints: + description: >- + Configuration for network endpoints. Contains only the names and + aliases of the endpoints. items: - $ref: '#/components/schemas/Option' - type: array - description: Protocol buffer options. - syntax: - enum: - - SYNTAX_PROTO2 - - SYNTAX_PROTO3 - - SYNTAX_EDITIONS - description: The source syntax. - enumDescriptions: - - Syntax `proto2`. - - Syntax `proto3`. - - Syntax `editions`. - type: string - sourceContext: - $ref: '#/components/schemas/SourceContext' - description: The source context. - enumvalue: + $ref: '#/components/schemas/Endpoint' type: array - description: Enum value definitions. - items: - $ref: '#/components/schemas/EnumValue' name: - description: Enum type name. - type: string - type: object - DotnetSettings: - description: Settings for Dotnet client libraries. - type: object - properties: - common: - $ref: '#/components/schemas/CommonLanguageSettings' - description: Some settings. - renamedServices: - type: object description: >- - Map from original service names to renamed versions. This is used - when the default generated types would cause a naming conflict. - (Neither name is fully-qualified.) Example: Subscriber to - SubscriberServiceApi. - additionalProperties: - type: string - renamedResources: + The DNS address at which this service is available. An example DNS + address would be: `calendar.googleapis.com`. + type: string + documentation: + $ref: '#/components/schemas/Documentation' description: >- - Map from full resource types to the effective short name for the - resource. This is used when otherwise resource named from different - services would cause naming collisions. Example entry: - "datalabeling.googleapis.com/Dataset": "DataLabelingDataset" - additionalProperties: - type: string - type: object - ignoredResources: + Additional API documentation. Contains only the summary and the + documentation URL. + apis: items: - type: string + $ref: '#/components/schemas/Api' description: >- - List of full resource types to ignore during generation. This is - typically used for API-specific Location resources, which should be - handled by the generator as if they were actually the common - Location resources. Example entry: - "documentai.googleapis.com/Location" - type: array - forcedNamespaceAliases: + A list of API interfaces exported by this service. Contains only the + names, versions, and method names of the interfaces. type: array + monitoredResources: items: - type: string - description: >- - Namespaces which must be aliased in snippets due to a known (but - non-generator-predictable) naming collision - handwrittenSignatures: - items: - type: string + $ref: '#/components/schemas/MonitoredResourceDescriptor' description: >- - Method signatures (in the form "service.method(signature)") which - are provided separately, so shouldn't be generated. Snippets - *calling* these methods are still generated, however. + Defines the monitored resources used by this service. This is + required by the Service.monitoring and Service.logging + configurations. type: array - id: DotnetSettings - SourceInfo: - id: SourceInfo + quota: + description: Quota configuration. + $ref: '#/components/schemas/Quota' + type: object + EnableServiceRequest: + description: Request message for the `EnableService` method. + properties: {} + type: object + id: EnableServiceRequest + McpService: + description: McpService contains the service names that are enabled for MCP. type: object - description: Source information used to create a Service Config properties: - sourceFiles: - items: - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - type: object - description: All files used during config generation. - type: array - GoogleApiServiceusageV2betaImpact: + service: + description: >- + The names of the services that are enabled for MCP. Example: + `services/library-example.googleapis.com` + type: string + id: McpService + GoogleApiServiceusageV1beta1ServiceIdentity: type: object - description: A message to group impacts of updating a policy. - id: GoogleApiServiceusageV2betaImpact properties: - detail: - description: Output only. User friendly impact detail in a free form message. - readOnly: true + email: type: string - impactType: - enum: - - IMPACT_TYPE_UNSPECIFIED - - DEPENDENCY_MISSING_DEPENDENCIES - readOnly: true + description: >- + The email address of the service account that a service producer + would use to access consumer resources. + uniqueId: + description: >- + The unique and stable id of the service account. + https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts#ServiceAccount type: string - enumDescriptions: - - >- - Reserved Blocks (Block n contains codes from 100n to 100(n+1) -1 - Block 0 - Special/Admin codes Block 1 - Impact Type of - ANALYSIS_TYPE_DEPENDENCY Block 2 - Impact Type of - ANALYSIS_TYPE_RESOURCE_USAGE ... - - Block 1 - Impact Type of ANALYSIS_TYPE_DEPENDENCY - description: Output only. The type of impact. - MethodSettings: - id: MethodSettings + id: GoogleApiServiceusageV1beta1ServiceIdentity + description: >- + Service identity for a service. This is the identity that service + producer should use to access consumer resources. + RemoveEnableRulesMetadata: + properties: {} + type: object + id: RemoveEnableRulesMetadata + description: Metadata for the `RemoveEnableRules` method. + Mixin: + description: >- + Declares an API Interface to be included in this interface. The + including interface must redeclare all the methods from the included + interface, but documentation and options are inherited as follows: - If + after comment and whitespace stripping, the documentation string of the + redeclared method is empty, it will be inherited from the original + method. - Each annotation belonging to the service config (http, + visibility) which is not set in the redeclared method will be inherited. + - If an http annotation is inherited, the path pattern will be modified + as follows. Any version prefix will be replaced by the version of the + including interface plus the root path if specified. Example of a simple + mixin: package google.acl.v1; service AccessControl { // Get the + underlying ACL object. rpc GetAcl(GetAclRequest) returns (Acl) { option + (google.api.http).get = "/v1/{resource=**}:getAcl"; } } package + google.storage.v2; service Storage { // rpc GetAcl(GetAclRequest) + returns (Acl); // Get a data record. rpc GetData(GetDataRequest) returns + (Data) { option (google.api.http).get = "/v2/{resource=**}"; } } Example + of a mixin configuration: apis: - name: google.storage.v2.Storage + mixins: - name: google.acl.v1.AccessControl The mixin construct implies + that all methods in `AccessControl` are also declared with same name and + request/response types in `Storage`. A documentation generator or + annotation processor will see the effective `Storage.GetAcl` method + after inheriting documentation and annotations as follows: service + Storage { // Get the underlying ACL object. rpc GetAcl(GetAclRequest) + returns (Acl) { option (google.api.http).get = + "/v2/{resource=**}:getAcl"; } ... } Note how the version in the path + pattern changed from `v1` to `v2`. If the `root` field in the mixin is + specified, it should be a relative path under which inherited HTTP paths + are placed. Example: apis: - name: google.storage.v2.Storage mixins: - + name: google.acl.v1.AccessControl root: acls This implies the following + inherited HTTP annotation: service Storage { // Get the underlying ACL + object. rpc GetAcl(GetAclRequest) returns (Acl) { option + (google.api.http).get = "/v2/acls/{resource=**}:getAcl"; } ... } type: object + id: Mixin properties: - autoPopulatedFields: + root: + description: >- + If non-empty specifies a path under which inherited HTTP paths are + rooted. + type: string + name: + description: The fully qualified name of the interface which is included. + type: string + CommonLanguageSettings: + id: CommonLanguageSettings + type: object + description: Required information for every language. + properties: + destinations: + description: >- + The destination where API teams want this client library to be + published. items: type: string + enumDescriptions: + - >- + Client libraries will neither be generated nor published to + package managers. + - >- + Generate the client library in a repo under + github.com/googleapis, but don't publish it to package managers. + - >- + Publish the library to package managers like nuget.org and + npmjs.com. + enum: + - CLIENT_LIBRARY_DESTINATION_UNSPECIFIED + - GITHUB + - PACKAGE_MANAGER type: array + selectiveGapicGeneration: description: >- - List of top-level fields of the request message, that should be - automatically populated by the client libraries based on their - (google.api.field_info).format. Currently supported format: UUID4. - Example of a YAML configuration: publishing: method_settings: - - selector: google.example.v1.ExampleService.CreateExample - auto_populated_fields: - request_id - selector: + Configuration for which RPCs should be generated in the GAPIC + client. + $ref: '#/components/schemas/SelectiveGapicGeneration' + referenceDocsUri: description: >- - The fully qualified name of the method, for which the options below - apply. This is used to find the method to apply the options. - Example: publishing: method_settings: - selector: - google.storage.control.v2.StorageControl.CreateFolder # method - settings for CreateFolder... + Link to automatically generated reference documentation. Example: + https://cloud.google.com/nodejs/docs/reference/asset/latest + deprecated: true type: string - batching: - description: >- - Batching configuration for an API method in client libraries. - Example of a YAML configuration: publishing: method_settings: - - selector: google.example.v1.ExampleService.BatchCreateExample - batching: element_count_threshold: 1000 request_byte_threshold: - 100000000 delay_threshold_millis: 10 - $ref: '#/components/schemas/BatchingConfigProto' - longRunning: - $ref: '#/components/schemas/LongRunning' - description: >- - Describes settings to use for long-running operations when - generating API methods for RPCs. Complements RPCs that use the - annotations in google/longrunning/operations.proto. Example of a - YAML configuration:: publishing: method_settings: - selector: - google.cloud.speech.v2.Speech.BatchRecognize long_running: - initial_poll_delay: 60s # 1 minute poll_delay_multiplier: 1.5 - max_poll_delay: 360s # 6 minutes total_poll_timeout: 54000s # 90 - minutes - description: Describes the generator configuration for a method. - BackendRule: + MonitoringDestination: + description: >- + Configuration of a specific monitoring destination (the producer project + or the consumer project). type: object - id: BackendRule properties: - operationDeadline: + metrics: description: >- - The number of seconds to wait for the completion of a long running - operation. The default is no deadline. - format: double - type: number - protocol: - type: string + Types of the metrics to report to this monitoring destination. Each + type must be defined in Service.metrics section. + items: + type: string + type: array + monitoredResource: description: >- - The protocol used for sending a request to the backend. The - supported values are "http/1.1" and "h2". The default value is - inferred from the scheme in the address field: SCHEME PROTOCOL - http:// http/1.1 https:// http/1.1 grpc:// h2 grpcs:// h2 For secure - HTTP backends (https://) that support HTTP/2, set this field to "h2" - for improved performance. Configuring this field to non-default - values is only supported for secure HTTP backends. This field will - be ignored for all other backends. See - https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids - for more details on the supported values. - minDeadline: - description: Deprecated, do not use. - type: number - format: double - deprecated: true - pathTranslation: + The monitored resource type. The type must be defined in + Service.monitored_resources section. type: string - enumDescriptions: - - '' - - >- - Use the backend address as-is, with no modification to the path. - If the URL pattern contains variables, the variable names and - values will be appended to the query string. If a query string - parameter and a URL pattern variable have the same name, this may - result in duplicate keys in the query string. # Examples Given the - following operation config: Method path: - /api/company/{cid}/user/{uid} Backend address: - https://example.cloudfunctions.net/getUser Requests to the - following request paths will call the backend at the translated - path: Request path: /api/company/widgetworks/user/johndoe - Translated: - https://example.cloudfunctions.net/getUser?cid=widgetworks&uid=johndoe - Request path: /api/company/widgetworks/user/johndoe?timezone=EST - Translated: - https://example.cloudfunctions.net/getUser?timezone=EST&cid=widgetworks&uid=johndoe - - >- - The request path will be appended to the backend address. # - Examples Given the following operation config: Method path: - /api/company/{cid}/user/{uid} Backend address: - https://example.appspot.com Requests to the following request - paths will call the backend at the translated path: Request path: - /api/company/widgetworks/user/johndoe Translated: - https://example.appspot.com/api/company/widgetworks/user/johndoe - Request path: /api/company/widgetworks/user/johndoe?timezone=EST - Translated: - https://example.appspot.com/api/company/widgetworks/user/johndoe?timezone=EST - enum: - - PATH_TRANSLATION_UNSPECIFIED - - CONSTANT_ADDRESS - - APPEND_PATH_TO_ADDRESS - selector: + id: MonitoringDestination + GoogleApiServiceusageV2alphaConsumerPolicy: + description: >- + Consumer Policy is a set of rules that define what services or service + groups can be used for a cloud resource hierarchy. + properties: + etag: description: >- - Selects the methods to which this rule applies. Refer to selector - for syntax details. - type: string - address: + Output only. An opaque tag indicating the current version of the + policy, used for concurrency control. type: string + readOnly: true + createTime: + format: google-datetime + readOnly: true description: >- - The address of the API backend. The scheme is used to determine the - backend protocol and security. The following schemes are accepted: - SCHEME PROTOCOL SECURITY http:// HTTP None https:// HTTP TLS grpc:// - gRPC None grpcs:// gRPC TLS It is recommended to explicitly include - a scheme. Leaving out the scheme may cause constrasting behaviors - across platforms. If the port is unspecified, the default is: - 80 - for schemes without TLS - 443 for schemes with TLS For HTTP - backends, use protocol to specify the protocol version. - deadline: - description: >- - The number of seconds to wait for a response from a request. The - default varies based on the request protocol and deployment - environment. - type: number - format: double - jwtAudience: - description: >- - The JWT audience is used when generating a JWT ID token for the - backend. This ID token will be added in the HTTP "authorization" - header, and sent to the backend. + Output only. The time the policy was created. For singleton + policies, this is the first touch of the policy. type: string - loadBalancingPolicy: + enableRules: + items: + $ref: '#/components/schemas/GoogleApiServiceusageV2alphaEnableRule' + type: array description: >- - The load balancing policy used for connection to the application - backend. Defined as an arbitrary string to accomondate custom load - balancing policies supported by the underlying channel, but suggest - most users use one of the standard policies, such as the default, - "RoundRobin". + Enable rules define usable services, groups, and categories. There + can currently be at most one `EnableRule`. This restriction will be + lifted in later releases. + updateTime: + format: google-datetime + description: Output only. The time the policy was last updated. type: string - overridesByRequestProtocol: + readOnly: true + annotations: + description: >- + Optional. Annotations is an unstructured key-value map stored with a + policy that may be set by external tools to store and retrieve + arbitrary metadata. They are not queryable and should be preserved + when modifying objects. + [AIP-128](https://google.aip.dev/128#annotations) additionalProperties: - $ref: '#/components/schemas/BackendRule' - description: The map between request protocol and the backend address. + type: string type: object - disableAuth: + name: + readOnly: true description: >- - When disable_auth is true, a JWT ID token won't be generated and the - original "Authorization" HTTP header will be preserved. If the - header is used to carry the original token and is expected by the - backend, this field must be set to true to preserve the header. - type: boolean - description: A backend rule provides configuration for an individual API element. - Field: - id: Field - properties: - jsonName: + Output only. The resource name of the policy. Only the `default` + policy is supported: `projects/12345/consumerPolicies/default`, + `folders/12345/consumerPolicies/default`, + `organizations/12345/consumerPolicies/default`. type: string - description: The field JSON name. - packed: + type: object + id: GoogleApiServiceusageV2alphaConsumerPolicy + Method: + description: >- + Method represents a method of an API interface. New usages of this + message as an alternative to MethodDescriptorProto are strongly + discouraged. This message does not reliability preserve all information + necessary to model the schema and preserve semantics. Instead make use + of FileDescriptorSet which preserves the necessary information. + properties: + requestStreaming: type: boolean - description: Whether to use alternative packed wire representation. - number: - type: integer - description: The field number. - format: int32 - defaultValue: + description: If true, the request is streamed. + name: + description: The simple name of this method. type: string + edition: description: >- - The string value of the default value of this field. Proto2 syntax - only. - typeUrl: - description: >- - The field type URL, without the scheme, for message or enumeration - types. Example: `"type.googleapis.com/google.protobuf.Timestamp"`. + The source edition string, only valid when syntax is + SYNTAX_EDITIONS. This field should be ignored, instead the edition + should be inherited from Api. This is similar to Field and + EnumValue. + deprecated: true type: string - kind: - enum: - - TYPE_UNKNOWN - - TYPE_DOUBLE - - TYPE_FLOAT - - TYPE_INT64 - - TYPE_UINT64 - - TYPE_INT32 - - TYPE_FIXED64 - - TYPE_FIXED32 - - TYPE_BOOL - - TYPE_STRING - - TYPE_GROUP - - TYPE_MESSAGE - - TYPE_BYTES - - TYPE_UINT32 - - TYPE_ENUM - - TYPE_SFIXED32 - - TYPE_SFIXED64 - - TYPE_SINT32 - - TYPE_SINT64 + responseTypeUrl: + description: The URL of the output message type. type: string - enumDescriptions: - - Field type unknown. - - Field type double. - - Field type float. - - Field type int64. - - Field type uint64. - - Field type int32. - - Field type fixed64. - - Field type fixed32. - - Field type bool. - - Field type string. - - Field type group. Proto2 syntax only, and deprecated. - - Field type message. - - Field type bytes. - - Field type uint32. - - Field type enum. - - Field type sfixed32. - - Field type sfixed64. - - Field type sint32. - - Field type sint64. - description: The field type. + responseStreaming: + description: If true, the response is streamed. + type: boolean options: type: array - description: The protocol buffer options. items: $ref: '#/components/schemas/Option' - name: - type: string - description: The field name. - oneofIndex: - description: >- - The index of the field type in `Type.oneofs`, for message or - enumeration types. The first type has index 1; zero means the type - is not in the list. - type: integer - format: int32 - cardinality: - description: The field cardinality. + description: Any metadata attached to the method. + syntax: enumDescriptions: - - For fields with unknown cardinality. - - For optional fields. - - For required fields. Proto2 syntax only. - - For repeated fields. + - Syntax `proto2`. + - Syntax `proto3`. + - Syntax `editions`. + deprecated: true type: string + description: >- + The source syntax of this method. This field should be ignored, + instead the syntax should be inherited from Api. This is similar to + Field and EnumValue. enum: - - CARDINALITY_UNKNOWN - - CARDINALITY_OPTIONAL - - CARDINALITY_REQUIRED - - CARDINALITY_REPEATED - description: A single field of a message type. - type: object - AddEnableRulesMetadata: - id: AddEnableRulesMetadata - type: object - description: Metadata for the `AddEnableRules` method. - properties: {} - SourceContext: + - SYNTAX_PROTO2 + - SYNTAX_PROTO3 + - SYNTAX_EDITIONS + requestTypeUrl: + description: A URL of the input message type. + type: string type: object - id: SourceContext - description: >- - `SourceContext` represents information about the source of a protobuf - element, like the file in which it is defined. + id: Method + GoSettings: properties: - fileName: - type: string + common: + description: Some settings. + $ref: '#/components/schemas/CommonLanguageSettings' + renamedServices: + type: object description: >- - The path-qualified name of the .proto file that contained the - associated protobuf element. For example: - `"google/protobuf/source_context.proto"`. - GoogleApiService: - description: >- - `Service` is the root object of Google API service configuration - (service config). It describes the basic information about a logical - service, such as the service name and the user-facing title, and - delegates other aspects to sub-sections. Each sub-section is either a - proto message or a repeated proto message that configures a specific - aspect, such as auth. For more information, see each proto message - definition. Example: type: google.api.Service name: - calendar.googleapis.com title: Google Calendar API apis: - name: - google.calendar.v3.Calendar visibility: rules: - selector: - "google.calendar.v3.*" restriction: PREVIEW backend: rules: - selector: - "google.calendar.v3.*" address: calendar.example.com authentication: - providers: - id: google_calendar_auth jwks_uri: - https://www.googleapis.com/oauth2/v1/certs issuer: - https://securetoken.google.com rules: - selector: "*" requirements: - provider_id: google_calendar_auth + Map of service names to renamed services. Keys are the package + relative service names and values are the name to be used for the + service client and call options. Example: publishing: go_settings: + renamed_services: Publisher: TopicAdmin + additionalProperties: + type: string + id: GoSettings + type: object + description: Settings for Go client libraries. + Billing: + type: object + id: Billing properties: - aspects: + consumerDestinations: items: - $ref: '#/components/schemas/Aspect' - description: >- - Configuration aspects. This is a repeated field to allow multiple - aspects to be configured. The kind field in each ConfigAspect - specifies the type of aspect. The spec field contains the - configuration for that aspect. The schema for the spec field is - defined by the backend service owners. - type: array - control: - description: Configuration for the service control plane. - $ref: '#/components/schemas/Control' - monitoring: - description: Monitoring configuration. - $ref: '#/components/schemas/Monitoring' - billing: - description: Billing configuration. - $ref: '#/components/schemas/Billing' - documentation: - $ref: '#/components/schemas/Documentation' - description: Additional API documentation. - types: + $ref: '#/components/schemas/BillingDestination' description: >- - A list of all proto message types included in this API service. - Types referenced directly or indirectly by the `apis` are - automatically included. Messages which are not referenced but shall - be included, such as types used by the `google.protobuf.Any` type, - should be listed here by name by the configuration author. Example: - types: - name: google.protobuf.Int32 + Billing configurations for sending metrics to the consumer project. + There can be multiple consumer destinations per service, each one + must have a different monitored resource type. A metric can be used + in at most one consumer destination. type: array - items: - $ref: '#/components/schemas/Type' - name: - description: >- - The service name, which is a DNS-like logical identifier for the - service, such as `calendar.googleapis.com`. The service name - typically goes through DNS verification to make sure the owner of - the service also owns the DNS name. + description: >- + Billing related configuration of the service. The following example + shows how to configure monitored resources and metrics for billing, + `consumer_destinations` is the only supported destination and the + monitored resources need at least one label key + `cloud.googleapis.com/location` to indicate the location of the billing + usage, using different monitored resources between monitoring and + billing is recommended so they can be evolved independently: + monitored_resources: - type: library.googleapis.com/billing_branch + labels: - key: cloud.googleapis.com/location description: | Predefined + label to support billing location restriction. - key: city description: + | Custom label to define the city where the library branch is located + in. - key: name description: Custom label to define the name of the + library branch. metrics: - name: + library.googleapis.com/book/borrowed_count metric_kind: DELTA + value_type: INT64 unit: "1" billing: consumer_destinations: - + monitored_resource: library.googleapis.com/billing_branch metrics: - + library.googleapis.com/book/borrowed_count + LongRunning: + description: >- + Describes settings to use when generating API methods that use the + long-running operation pattern. All default values below are from those + used in the client library generators (e.g. + [Java](https://github.com/googleapis/gapic-generator-java/blob/04c2faa191a9b5a10b92392fe8482279c4404803/src/main/java/com/google/api/generator/gapic/composer/common/RetrySettingsComposer.java)). + properties: + totalPollTimeout: + description: 'Total polling timeout. Default value: 5 minutes.' + type: string + format: google-duration + maxPollDelay: + format: google-duration type: string - monitoredResources: description: >- - Defines the monitored resources used by this service. This is - required by the Service.monitoring and Service.logging - configurations. - items: - $ref: '#/components/schemas/MonitoredResourceDescriptor' - type: array - customError: - $ref: '#/components/schemas/CustomError' - description: Custom error configuration. - context: - description: Context configuration. - $ref: '#/components/schemas/Context' - http: - $ref: '#/components/schemas/Http' - description: HTTP configuration. - producerProjectId: - description: The Google project that owns this service. + Maximum time between two subsequent poll requests. Default value: 45 + seconds. + initialPollDelay: type: string - endpoints: - items: - $ref: '#/components/schemas/Endpoint' description: >- - Configuration for network endpoints. If this is empty, then an - endpoint with the same name as the service is automatically - generated to service all defined APIs. - type: array - systemParameters: - $ref: '#/components/schemas/SystemParameters' - description: System parameter configuration. - title: + Initial delay after which the first poll request will be made. + Default value: 5 seconds. + format: google-duration + pollDelayMultiplier: + type: number + format: float description: >- - The product title for this service, it is the name displayed in - Google Cloud Console. + Multiplier to gradually increase delay between subsequent polls + until it reaches max_poll_delay. Default value: 1.5. + id: LongRunning + type: object + Api: + properties: + version: + description: >- + A version string for this interface. If specified, must have the + form `major-version.minor-version`, as in `1.10`. If the minor + version is omitted, it defaults to zero. If the entire version field + is empty, the major version is derived from the package name, as + outlined below. If the field is not empty, the version in the + package name will be verified to be consistent with what is provided + here. The versioning schema uses [semantic + versioning](http://semver.org) where the major version number + indicates a breaking change and the minor version an additive, + non-breaking change. Both version numbers are signals to users what + to expect from different versions, and should be carefully chosen + based on the product plan. The major version is also reflected in + the package name of the interface, which must end in `v`, as in + `google.feature.v1`. For major versions 0 and 1, the suffix can be + omitted. Zero major versions must only be used for experimental, + non-GA interfaces. type: string - metrics: - type: array - description: Defines the metrics used by this service. - items: - $ref: '#/components/schemas/MetricDescriptor' - logging: - $ref: '#/components/schemas/Logging' - description: Logging configuration. - publishing: - $ref: '#/components/schemas/Publishing' + sourceContext: + $ref: '#/components/schemas/SourceContext' description: >- - Settings for [Google Cloud Client - libraries](https://cloud.google.com/apis/docs/cloud-client-libraries) - generated from APIs defined as protocol buffers. - logs: - description: Defines the logs used by this service. - type: array - items: - $ref: '#/components/schemas/LogDescriptor' - id: + Source context for the protocol buffer service represented by this + message. + edition: type: string description: >- - A unique ID for a specific instance of this message, typically - assigned by the client for tracking purpose. Must be no longer than - 63 characters and only lower case letters, digits, '.', '_' and '-' - are allowed. If empty, the server may choose to generate one - instead. - enums: + The source edition string, only valid when syntax is + SYNTAX_EDITIONS. + name: description: >- - A list of all enum types included in this API service. Enums - referenced directly or indirectly by the `apis` are automatically - included. Enums which are not referenced but shall be included - should be listed here by name by the configuration author. Example: - enums: - name: google.someapi.v1.SomeEnum + The fully qualified name of this interface, including package name + followed by the interface's simple name. + type: string + syntax: + enumDescriptions: + - Syntax `proto2`. + - Syntax `proto3`. + - Syntax `editions`. + enum: + - SYNTAX_PROTO2 + - SYNTAX_PROTO3 + - SYNTAX_EDITIONS + type: string + description: The source syntax of the service. + methods: + description: The methods of this interface, in unspecified order. type: array items: - $ref: '#/components/schemas/Enum' - usage: - $ref: '#/components/schemas/Usage' - description: Configuration controlling usage of this service. - quota: - description: Quota configuration. - $ref: '#/components/schemas/Quota' - systemTypes: - description: >- - A list of all proto message types included in this API service. It - serves similar purpose as [google.api.Service.types], except that - these types are not needed by user-defined APIs. Therefore, they - will not show up in the generated discovery doc. This field should - only be used to define system APIs in ESF. + $ref: '#/components/schemas/Method' + options: type: array items: - $ref: '#/components/schemas/Type' - backend: - description: API backend configuration. - $ref: '#/components/schemas/Backend' - sourceInfo: - $ref: '#/components/schemas/SourceInfo' - description: >- - Output only. The source information for this configuration if - available. - apis: - description: >- - A list of API interfaces exported by this service. Only the `name` - field of the google.protobuf.Api needs to be provided by the - configuration author, as the remaining fields will be derived from - the IDL during the normalization process. It is an error to specify - an API interface here which cannot be resolved against the - associated IDL files. + $ref: '#/components/schemas/Option' + description: Any metadata attached to the interface. + mixins: + description: Included interfaces. See Mixin. type: array items: - $ref: '#/components/schemas/Api' - configVersion: - description: >- - Obsolete. Do not use. This field has no semantic meaning. The - service config compiler always sets this field to `3`. - format: uint32 - type: integer - authentication: - $ref: '#/components/schemas/Authentication' - description: Auth configuration. + $ref: '#/components/schemas/Mixin' + description: >- + Api is a light-weight descriptor for an API Interface. Interfaces are + also described as "protocol buffer services" in some contexts, such as + by the "service" keyword in a .proto file, but they are different from + API Services, which represent a concrete implementation of an interface + as opposed to simply a description of methods and bindings. They are + also sometimes simply referred to as "APIs" in other contexts, such as + the name of this message itself. See + https://cloud.google.com/apis/design/glossary for detailed terminology. + New usages of this message as an alternative to ServiceDescriptorProto + are strongly discouraged. This message does not reliability preserve all + information necessary to model the schema and preserve semantics. + Instead make use of FileDescriptorSet which preserves the necessary + information. type: object - id: GoogleApiService - GoSettings: - properties: - common: - $ref: '#/components/schemas/CommonLanguageSettings' - description: Some settings. - renamedServices: - description: >- - Map of service names to renamed services. Keys are the package - relative service names and values are the name to be used for the - service client and call options. publishing: go_settings: - renamed_services: Publisher: TopicAdmin - additionalProperties: - type: string - type: object - description: Settings for Go client libraries. + id: Api + GoogleApiServiceusageV2betaAnalyzeConsumerPolicyMetadata: type: object - id: GoSettings - ContextRule: - description: >- - A context rule provides information about the context for an individual - API element. + description: Metadata for the `AnalyzeConsumerPolicy` method. + properties: {} + id: GoogleApiServiceusageV2betaAnalyzeConsumerPolicyMetadata + Endpoint: + id: Endpoint type: object - id: ContextRule properties: - allowedResponseExtensions: - type: array - description: >- - A list of full type names or extension IDs of extensions allowed in - grpc side channel from backend to client. - items: - type: string - allowedRequestExtensions: + aliases: description: >- - A list of full type names or extension IDs of extensions allowed in - grpc side channel from client to backend. - type: array - items: - type: string - provided: + Aliases for this endpoint, these will be served by the same UrlMap + as the parent endpoint, and will be provisioned in the GCP stack for + the Regional Endpoints. type: array items: type: string + name: + type: string + description: The canonical name of this endpoint. + allowCors: description: >- - A list of full type names of provided contexts. It is used to - support propagating HTTP headers and ETags from the response - extension. - selector: + Allowing + [CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing), + aka cross-domain traffic, would allow the backends served from this + endpoint to receive and respond to HTTP OPTIONS requests. The + response will be used by the browser to determine whether the + subsequent cross-origin request is allowed to proceed. + type: boolean + target: description: >- - Selects the methods to which this rule applies. Refer to selector - for syntax details. + The specification of an Internet routable address of API frontend + that will handle requests to this [API + Endpoint](https://cloud.google.com/apis/design/glossary). It should + be either a valid IPv4 address or a fully-qualified domain name. For + example, "8.8.8.8" or "myservice.appspot.com". type: string - requested: + description: >- + `Endpoint` describes a network address of a service that serves a set of + APIs. It is commonly known as a service endpoint. A service may expose + any number of service endpoints, and all service endpoints share the + same service definition, such as quota limits and monitoring metrics. + Example: type: google.api.Service name: library-example.googleapis.com + endpoints: # Declares network address + `https://library-example.googleapis.com` # for service + `library-example.googleapis.com`. The `https` scheme # is implicit for + all service endpoints. Other schemes may be # supported in the future. - + name: library-example.googleapis.com allow_cors: false - name: + content-staging-library-example.googleapis.com # Allows HTTP OPTIONS + calls to be passed to the API frontend, for it # to decide whether the + subsequent cross-origin request is allowed # to proceed. allow_cors: + true + LoggingDestination: + type: object + id: LoggingDestination + description: >- + Configuration of a specific logging destination (the producer project or + the consumer project). + properties: + monitoredResource: description: >- - A list of full type names of requested contexts, only the requested - context will be made available to the backend. + The monitored resource type. The type must be defined in the + Service.monitored_resources section. + type: string + logs: + description: >- + Names of the logs to be sent to this destination. Each name must be + defined in the Service.logs section. If the log name is not a domain + scoped name, it will be automatically prefixed with the service name + followed by "/". items: type: string type: array - EnableRule: - description: >- - The consumer policy rule that defines usable services and service - groups. + PhpSettings: + type: object properties: - groups: - type: array - items: - type: string - deprecated: true + common: + description: Some settings. + $ref: '#/components/schemas/CommonLanguageSettings' + libraryPackage: description: >- - DEPRECATED: Please use field `values`. Service group should have - prefix `groups/`. The names of the service groups that are enabled - (Not Implemented). Example: `groups/googleServices`. - values: - items: - type: string + The package name to use in Php. Clobbers the php_namespace option + set in the protobuf. This should be used **only** by APIs who have + already set the language_settings.php.package_name" field in + gapic.yaml. API teams should use the protobuf php_namespace option + where possible. Example of a YAML configuration:: publishing: + library_settings: php_settings: library_package: + Google\Cloud\PubSub\V1 + type: string + id: PhpSettings + description: Settings for Php client libraries. + CppSettings: + properties: + common: + $ref: '#/components/schemas/CommonLanguageSettings' + description: Some settings. + description: Settings for C++ client libraries. + type: object + id: CppSettings + FieldPolicy: + properties: + resourceType: description: >- - The names of the services or service groups that are enabled. - Example: `services/storage.googleapis.com`, `groups/googleServices`, - `groups/allServices`. - type: array + Specifies the resource type for the resource referred to by the + field. + type: string + resourcePermission: + description: >- + Specifies the required permission(s) for the resource referred to by + the field. It requires the field contains a valid resource + reference, and the request must pass the permission checks to + proceed. For example, "resourcemanager.projects.get". + type: string + selector: + description: >- + Selects one or more request or response message fields to apply this + `FieldPolicy`. When a `FieldPolicy` is used in proto annotation, the + selector must be left as empty. The service config generator will + automatically fill the correct value. When a `FieldPolicy` is used + in service config, the selector must be a comma-separated string + with valid request or response field paths, such as "foo.bar" or + "foo.bar,foo.baz". + type: string + description: >- + Google API Policy Annotation This message defines a simple API policy + annotation that can be used to annotate API request and response message + fields with applicable policies. One field may have multiple applicable + policies that must all be satisfied before a request can be processed. + This policy annotation is used to generate the overall policy that will + be used for automatic runtime policy enforcement and documentation + generation. + id: FieldPolicy + type: object + JwtLocation: + properties: + query: + description: Specifies URL query parameter name to extract JWT token. + type: string + header: + description: Specifies HTTP header name to extract JWT token. + type: string + valuePrefix: + description: >- + The value prefix. The value format is "value_prefix{token}" Only + applies to "in" header type. Must be empty for "in" query type. If + not empty, the header value has to match (case sensitive) this + prefix. If not matched, JWT will not be extracted. If matched, JWT + will be extracted after the prefix is removed. For example, for + "Authorization: Bearer {JWT}", value_prefix="Bearer " with a space + at the end. + type: string + cookie: + description: Specifies cookie name to extract JWT token. + type: string + id: JwtLocation + type: object + description: Specifies a location to extract JWT from an API request. + GoogleApiServiceusageV2alphaEnableRule: + properties: services: items: type: string - description: >- - DEPRECATED: Please use field `values`. Service should have prefix - `services/`. The names of the services that are enabled. Example: - `storage.googleapis.com`. type: array - deprecated: true - enableType: - type: string - enum: - - ENABLE_TYPE_UNSPECIFIED - - CLIENT - - RESOURCE - - V1_COMPATIBLE - description: Client and resource project enable type. - enumDescriptions: - - >- - Unspecified enable type, which means enabled as both client and - resource project. - - >- - Enable all clients under the CRM node specified by - `ConsumerPolicy.name` to use the listed services. A client can be - an API key, an OAuth client, or a service account. - - >- - Enable resources in the list services to be created and used under - the CRM node specified by the `ConsumerPolicy.name`. - - >- - Activation made by Service Usage v1 API. This will be how - consumers differentiate between policy changes made by v1 and v2 - clients and understand what is actually possible based on those - different policies. - type: object - id: EnableRule - MonitoredResourceDescriptor: - id: MonitoredResourceDescriptor + description: >- + The names of the services that are enabled. Example: + `services/storage.googleapis.com`. + id: GoogleApiServiceusageV2alphaEnableRule description: >- - An object that describes the schema of a MonitoredResource object using - a type name and a set of labels. For example, the monitored resource - descriptor for Google Compute Engine VM instances has a type of - `"gce_instance"` and specifies the use of the labels `"instance_id"` and - `"zone"` to identify particular VM instances. Different APIs can support - different monitored resource types. APIs generally provide a `list` - method that returns the monitored resource descriptors used by the API. + The consumer policy rule that defines enabled services, groups, and + categories. type: object + Documentation: properties: - type: + serviceRootUrl: type: string description: >- - Required. The monitored resource type. For example, the type - `"cloudsql_database"` represents databases in Google Cloud SQL. For - a list of types, see [Monitored resource - types](https://cloud.google.com/monitoring/api/resources) and - [Logging resource - types](https://cloud.google.com/logging/docs/api/v2/resource-list). - description: + Specifies the service root url if the default one (the service name + from the yaml file) is not suitable. This can be seen in any fully + specified service urls as well as sections that show a base that + other urls are relative to. + overview: type: string description: >- - Optional. A detailed description of the monitored resource type that - might be used in documentation. - displayName: + Declares a single overview page. For example: documentation: + summary: ... overview: (== include overview.md ==) This is a + shortcut for the following declaration (using pages style): + documentation: summary: ... pages: - name: Overview content: (== + include overview.md ==) Note: you cannot specify both `overview` + field and `pages` field. + sectionOverrides: + items: + $ref: '#/components/schemas/Page' + type: array description: >- - Optional. A concise name for the monitored resource type that might - be displayed in user interfaces. It should be a Title Cased Noun - Phrase, without any article or other determiners. For example, - `"Google Cloud SQL Database"`. + Specifies section and content to override the boilerplate content. + Currently overrides following sections: 1. + rest.service.client_libraries + additionalIamInfo: + description: >- + Optional information about the IAM configuration. This is typically + used to link to documentation about a product's IAM roles and + permissions. type: string - launchStage: - enum: - - LAUNCH_STAGE_UNSPECIFIED - - UNIMPLEMENTED - - PRELAUNCH - - EARLY_ACCESS - - ALPHA - - BETA - - GA - - DEPRECATED - description: Optional. The launch stage of the monitored resource definition. + summary: + description: >- + A short description of what the service does. The summary must be + plain text. It becomes the overview of the service displayed in + Google Cloud Console. NOTE: This field is equivalent to the standard + field `description`. type: string - enumDescriptions: - - Do not use this default value. - - The feature is not yet implemented. Users can not use it. - - >- - Prelaunch features are hidden from users and are only visible - internally. - - >- - Early Access features are limited to a closed group of testers. To - use these features, you must sign up in advance and sign a Trusted - Tester agreement (which includes confidentiality provisions). - These features may be unstable, changed in backward-incompatible - ways, and are not guaranteed to be released. - - >- - Alpha is a limited availability test for releases before they are - cleared for widespread use. By Alpha, all significant design - issues are resolved and we are in the process of verifying - functionality. Alpha customers need to apply for access, agree to - applicable terms, and have their projects allowlisted. Alpha - releases don't have to be feature complete, no SLAs are provided, - and there are no technical support obligations, but they will be - far enough along that customers can actually use them in test - environments or for limited-use tests -- just like they would in - normal production cases. - - >- - Beta is the point at which we are ready to open a release for any - customer to use. There are no SLA or technical support obligations - in a Beta release. Products will be complete from a feature - perspective, but may have some open outstanding issues. Beta - releases are suitable for limited production use cases. - - >- - GA features are open to all developers and are considered stable - and fully qualified for production use. - - >- - Deprecated features are scheduled to be shut down and removed. For - more information, see the "Deprecation Policy" section of our - [Terms of Service](https://cloud.google.com/terms/) and the - [Google Cloud Platform Subject to the Deprecation - Policy](https://cloud.google.com/terms/deprecation) documentation. - labels: + rules: + type: array + description: >- + A list of documentation rules that apply to individual API elements. + **NOTE:** All service configuration rules follow "last one wins" + order. items: - $ref: '#/components/schemas/LabelDescriptor' + $ref: '#/components/schemas/DocumentationRule' + documentationRootUrl: + type: string + description: The URL to the root of documentation. + pages: + items: + $ref: '#/components/schemas/Page' type: array + description: The top level pages for the documentation set. + id: Documentation + description: >- + `Documentation` provides the information for describing a service. + Example: documentation: summary: > The Google Calendar API gives access + to most calendar features. pages: - name: Overview content: (== include + google/foo/overview.md ==) - name: Tutorial content: (== include + google/foo/tutorial.md ==) subpages: - name: Java content: (== include + google/foo/tutorial_java.md ==) rules: - selector: + google.calendar.Calendar.Get description: > ... - selector: + google.calendar.Calendar.Put description: > ... Documentation is + provided in markdown syntax. In addition to standard markdown features, + definition lists, tables and fenced code blocks are supported. Section + headers can be provided and are interpreted relative to the section + nesting of the context where a documentation fragment is embedded. + Documentation from the IDL is merged with documentation defined via the + config at normalization time, where documentation provided by config + rules overrides IDL provided. A number of constructs specific to the API + platform are supported in documentation text. In order to reference a + proto element, the following notation can be used: + [fully.qualified.proto.name][] To override the display text used for the + link, this can be used: [display text][fully.qualified.proto.name] Text + can be excluded from doc using the following notation: (-- internal + comment --) A few directives are available in documentation. Note that + directives must appear on a single line to be properly identified. The + `include` directive includes a markdown file from an external source: + (== include path/to/file ==) The `resource_for` directive marks a + message to be the resource of a collection in REST view. If it is not + specified, tools attempt to infer the resource from the operations in a + collection: (== resource_for v1.shelves.books ==) The directive + `suppress_warning` does not directly affect documentation and is + documented together with service config validation. + type: object + MethodPolicy: + properties: + selector: description: >- - Required. A set of labels used to describe instances of this - monitored resource type. For example, an individual Google Cloud SQL - database is identified by values for the labels `"database_id"` and - `"zone"`. - name: + Selects a method to which these policies should be enforced, for + example, "google.pubsub.v1.Subscriber.CreateSubscription". Refer to + selector for syntax details. NOTE: This field must not be set in the + proto annotation. It will be automatically filled by the service + config compiler . + type: string + requestPolicies: + type: array + items: + $ref: '#/components/schemas/FieldPolicy' + description: Policies that are applicable to the request message. + id: MethodPolicy + description: Defines policies applying to an RPC method. + type: object + Context: + type: object + properties: + rules: + items: + $ref: '#/components/schemas/ContextRule' + type: array description: >- - Optional. The resource name of the monitored resource descriptor: - `"projects/{project_id}/monitoredResourceDescriptors/{type}"` where - {type} is the value of the `type` field in this object and - {project_id} is a project ID that provides API-specific context for - accessing the type. APIs that do not use project information can use - the resource name format `"monitoredResourceDescriptors/{type}"`. + A list of RPC context rules that apply to individual API methods. + **NOTE:** All service configuration rules follow "last one wins" + order. + id: Context + description: >- + `Context` defines which contexts an API requests. Example: context: + rules: - selector: "*" requested: - google.rpc.context.ProjectContext - + google.rpc.context.OriginContext The above specifies that all methods in + the API request `google.rpc.context.ProjectContext` and + `google.rpc.context.OriginContext`. Available context types are defined + in package `google.rpc.context`. This also provides mechanism to + allowlist any protobuf message extension that can be sent in grpc + metadata using “x-goog-ext--bin” and “x-goog-ext--jspb” format. For + example, list any service specific protobuf types that can appear in + grpc metadata as follows in your yaml file: Example: context: rules: - + selector: "google.example.library.v1.LibraryService.CreateBook" + allowed_request_extensions: - google.foo.v1.NewExtension + allowed_response_extensions: - google.foo.v1.NewExtension You can also + specify extension ID instead of fully qualified extension name here. + AuthRequirement: + properties: + providerId: type: string - HttpRule: + description: >- + id from authentication provider. Example: provider_id: + bookstore_auth + audiences: + description: >- + NOTE: This will be deprecated soon, once AuthProvider.audiences is + implemented and accepted in all the runtime components. The list of + JWT + [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3). + that are allowed to access. A JWT containing any of these audiences + will be accepted. When this setting is absent, only JWTs with + audience "https://Service_name/API_name" will be accepted. For + example, if no audiences are in the setting, LibraryService API will + only accept JWTs with the following audience + "https://library-example.googleapis.com/google.example.library.v1.LibraryService". + Example: audiences: bookstore_android.apps.googleusercontent.com, + bookstore_web.apps.googleusercontent.com + type: string + description: >- + User-defined authentication requirements, including support for [JSON + Web Token + (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32). + type: object + id: AuthRequirement + DocumentationRule: + description: A documentation rule provides information about individual API elements. + id: DocumentationRule + properties: + description: + description: >- + Description of the selected proto element (e.g. a message, a method, + a 'service' definition, or a field). Defaults to leading & trailing + comments taken from the proto source definition of the proto + element. + type: string + disableReplacementWords: + type: string + description: >- + String of comma or space separated case-sensitive words for which + method/field name replacement will be disabled. + deprecationDescription: + type: string + description: >- + Deprecation description of the selected element(s). It can be + provided if an element is marked as `deprecated`. + selector: + description: >- + The selector is a comma-separated list of patterns for any element + such as a method, a field, an enum value. Each pattern is a + qualified name of the element which may end in "*", indicating a + wildcard. Wildcards are only allowed at the end and for a whole + component of the qualified name, i.e. "foo.*" is ok, but not + "foo.b*" or "foo.*.bar". A wildcard will match one or more + components. To specify a default for all applicable elements, the + whole pattern "*" is used. + type: string + type: object + AddEnableRulesResponse: + id: AddEnableRulesResponse + type: object + description: The response message of `AddEnableRules` method. + properties: + parent: + description: >- + The parent consumer policy. It can be + `projects/12345/consumerPolicies/default`, or + `folders/12345/consumerPolicies/default`, or + `organizations/12345/consumerPolicies/default`. + type: string + addedValues: + type: array + items: + type: string + description: The values added to the parent consumer policy. + GetServiceIdentityMetadata: + type: object + id: GetServiceIdentityMetadata + properties: {} + description: Metadata for the `GetServiceIdentity` method. + Aspect: + id: Aspect type: object description: >- - gRPC Transcoding gRPC Transcoding is a feature for mapping between a - gRPC method and one or more HTTP REST endpoints. It allows developers to - build a single API service that supports both gRPC APIs and REST APIs. - Many systems, including [Google - APIs](https://github.com/googleapis/googleapis), [Cloud - Endpoints](https://cloud.google.com/endpoints), [gRPC - Gateway](https://github.com/grpc-ecosystem/grpc-gateway), and - [Envoy](https://github.com/envoyproxy/envoy) proxy support this feature - and use it for large scale production services. `HttpRule` defines the - schema of the gRPC/REST mapping. The mapping specifies how different - portions of the gRPC request message are mapped to the URL path, URL - query parameters, and HTTP request body. It also controls how the gRPC - response message is mapped to the HTTP response body. `HttpRule` is - typically specified as an `google.api.http` annotation on the gRPC - method. Each mapping specifies a URL path template and an HTTP method. - The path template may refer to one or more fields in the gRPC request - message, as long as each field is a non-repeated field with a primitive - (non-message) type. The path template controls how fields of the request - message are mapped to the URL path. Example: service Messaging { rpc - GetMessage(GetMessageRequest) returns (Message) { option - (google.api.http) = { get: "/v1/{name=messages/*}" }; } } message - GetMessageRequest { string name = 1; // Mapped to URL path. } message - Message { string text = 1; // The resource content. } This enables an - HTTP REST to gRPC mapping as below: - HTTP: `GET /v1/messages/123456` - - gRPC: `GetMessage(name: "messages/123456")` Any fields in the request - message which are not bound by the path template automatically become - HTTP query parameters if there is no HTTP request body. For example: - service Messaging { rpc GetMessage(GetMessageRequest) returns (Message) - { option (google.api.http) = { get:"/v1/messages/{message_id}" }; } } - message GetMessageRequest { message SubMessage { string subfield = 1; } - string message_id = 1; // Mapped to URL path. int64 revision = 2; // - Mapped to URL query parameter `revision`. SubMessage sub = 3; // Mapped - to URL query parameter `sub.subfield`. } This enables a HTTP JSON to RPC - mapping as below: - HTTP: `GET - /v1/messages/123456?revision=2&sub.subfield=foo` - gRPC: - `GetMessage(message_id: "123456" revision: 2 sub: SubMessage(subfield: - "foo"))` Note that fields which are mapped to URL query parameters must - have a primitive type or a repeated primitive type or a non-repeated - message type. In the case of a repeated type, the parameter can be - repeated in the URL as `...?param=A¶m=B`. In the case of a message - type, each field of the message is mapped to a separate parameter, such - as `...?foo.a=A&foo.b=B&foo.c=C`. For HTTP methods that allow a request - body, the `body` field specifies the mapping. Consider a REST update - method on the message resource collection: service Messaging { rpc - UpdateMessage(UpdateMessageRequest) returns (Message) { option - (google.api.http) = { patch: "/v1/messages/{message_id}" body: "message" - }; } } message UpdateMessageRequest { string message_id = 1; // mapped - to the URL Message message = 2; // mapped to the body } The following - HTTP JSON to RPC mapping is enabled, where the representation of the - JSON in the request body is determined by protos JSON encoding: - HTTP: - `PATCH /v1/messages/123456 { "text": "Hi!" }` - gRPC: - `UpdateMessage(message_id: "123456" message { text: "Hi!" })` The - special name `*` can be used in the body mapping to define that every - field not bound by the path template should be mapped to the request - body. This enables the following alternative definition of the update - method: service Messaging { rpc UpdateMessage(Message) returns (Message) - { option (google.api.http) = { patch: "/v1/messages/{message_id}" body: - "*" }; } } message Message { string message_id = 1; string text = 2; } - The following HTTP JSON to RPC mapping is enabled: - HTTP: `PATCH - /v1/messages/123456 { "text": "Hi!" }` - gRPC: - `UpdateMessage(message_id: "123456" text: "Hi!")` Note that when using - `*` in the body mapping, it is not possible to have HTTP parameters, as - all fields not bound by the path end in the body. This makes this option - more rarely used in practice when defining REST APIs. The common usage - of `*` is in custom methods which don't use the URL at all for - transferring data. It is possible to define multiple HTTP methods for - one RPC by using the `additional_bindings` option. Example: service - Messaging { rpc GetMessage(GetMessageRequest) returns (Message) { option - (google.api.http) = { get: "/v1/messages/{message_id}" - additional_bindings { get: "/v1/users/{user_id}/messages/{message_id}" } - }; } } message GetMessageRequest { string message_id = 1; string user_id - = 2; } This enables the following two alternative HTTP JSON to RPC - mappings: - HTTP: `GET /v1/messages/123456` - gRPC: - `GetMessage(message_id: "123456")` - HTTP: `GET - /v1/users/me/messages/123456` - gRPC: `GetMessage(user_id: "me" - message_id: "123456")` Rules for HTTP mapping 1. Leaf request fields - (recursive expansion nested messages in the request message) are - classified into three categories: - Fields referred by the path - template. They are passed via the URL path. - Fields referred by the - HttpRule.body. They are passed via the HTTP request body. - All other - fields are passed via the URL query parameters, and the parameter name - is the field path in the request message. A repeated field can be - represented as multiple query parameters under the same name. 2. If - HttpRule.body is "*", there is no URL query parameter, all fields are - passed via URL path and HTTP request body. 3. If HttpRule.body is - omitted, there is no HTTP request body, all fields are passed via URL - path and URL query parameters. Path template syntax Template = "/" - Segments [ Verb ] ; Segments = Segment { "/" Segment } ; Segment = "*" | - "**" | LITERAL | Variable ; Variable = "{" FieldPath [ "=" Segments ] - "}" ; FieldPath = IDENT { "." IDENT } ; Verb = ":" LITERAL ; The syntax - `*` matches a single URL path segment. The syntax `**` matches zero or - more URL path segments, which must be the last part of the URL path - except the `Verb`. The syntax `Variable` matches part of the URL path as - specified by its template. A variable template must not contain other - variables. If a variable matches a single path segment, its template may - be omitted, e.g. `{var}` is equivalent to `{var=*}`. The syntax - `LITERAL` matches literal text in the URL path. If the `LITERAL` - contains any reserved character, such characters should be - percent-encoded before the matching. If a variable contains exactly one - path segment, such as `"{var}"` or `"{var=*}"`, when such a variable is - expanded into a URL path on the client side, all characters except - `[-_.~0-9a-zA-Z]` are percent-encoded. The server side does the reverse - decoding. Such variables show up in the [Discovery - Document](https://developers.google.com/discovery/v1/reference/apis) as - `{var}`. If a variable contains multiple path segments, such as - `"{var=foo/*}"` or `"{var=**}"`, when such a variable is expanded into a - URL path on the client side, all characters except `[-_.~/0-9a-zA-Z]` - are percent-encoded. The server side does the reverse decoding, except - "%2F" and "%2f" are left unchanged. Such variables show up in the - [Discovery - Document](https://developers.google.com/discovery/v1/reference/apis) as - `{+var}`. Using gRPC API Service Configuration gRPC API Service - Configuration (service config) is a configuration language for - configuring a gRPC service to become a user-facing product. The service - config is simply the YAML representation of the `google.api.Service` - proto message. As an alternative to annotating your proto file, you can - configure gRPC transcoding in your service config YAML files. You do - this by specifying a `HttpRule` that maps the gRPC method to a REST - endpoint, achieving the same effect as the proto annotation. This can be - particularly useful if you have a proto that is reused in multiple - services. Note that any transcoding specified in the service config will - override any matching transcoding configuration in the proto. The - following example selects a gRPC method and applies an `HttpRule` to it: - http: rules: - selector: example.v1.Messaging.GetMessage get: - /v1/messages/{message_id}/{sub.subfield} Special notes When gRPC - Transcoding is used to map a gRPC to JSON REST endpoints, the proto to - JSON conversion must follow the [proto3 - specification](https://developers.google.com/protocol-buffers/docs/proto3#json). - While the single segment variable follows the semantics of [RFC - 6570](https://tools.ietf.org/html/rfc6570) Section 3.2.2 Simple String - Expansion, the multi segment variable **does not** follow RFC 6570 - Section 3.2.3 Reserved Expansion. The reason is that the Reserved - Expansion does not expand special characters like `?` and `#`, which - would lead to invalid URLs. As the result, gRPC Transcoding uses a - custom encoding for multi segment variables. The path variables **must - not** refer to any repeated or mapped field, because client libraries - are not capable of handling such variable expansion. The path variables - **must not** capture the leading "/" character. The reason is that the - most common use case "{var}" does not capture the leading "/" character. - For consistency, all path variables must share the same behavior. - Repeated message fields must not be mapped to URL query parameters, - because no client library can support such complicated mapping. If an - API needs to use a JSON array for request or response body, it can map - the request or response body to a repeated field. However, some gRPC - Transcoding implementations may not support this feature. - id: HttpRule + Aspect represents Generic aspect. It is used to configure an aspect + without making direct changes to service.proto properties: - post: + spec: + type: object + description: >- + Content of the configuration. The underlying schema should be + defined by Aspect owners as protobuf message under + `google/api/configaspects/proto`. + additionalProperties: + type: any + description: Properties of the object. + kind: + description: The type of this aspect configuration. + type: string + CancelOperationRequest: + description: The request message for Operations.CancelOperation. + properties: {} + type: object + id: CancelOperationRequest + EnumValue: + type: object + description: >- + Enum value definition. New usages of this message as an alternative to + EnumValueDescriptorProto are strongly discouraged. This message does not + reliability preserve all information necessary to model the schema and + preserve semantics. Instead make use of FileDescriptorSet which + preserves the necessary information. + properties: + options: + description: Protocol buffer options. + items: + $ref: '#/components/schemas/Option' + type: array + number: + description: Enum value number. + type: integer + format: int32 + name: + description: Enum value name. type: string + id: EnumValue + BatchEnableServicesRequest: + id: BatchEnableServicesRequest + type: object + properties: + serviceIds: description: >- - Maps to HTTP POST. Used for creating a resource or performing an - action. - additionalBindings: + The identifiers of the services to enable on the project. A valid + identifier would be: serviceusage.googleapis.com Enabling services + requires that each service is public or is shared with the user + enabling the service. A single request can enable a maximum of 20 + services at a time. If more than 20 services are specified, the + request will fail, and no state changes will occur. + items: + type: string + type: array + description: Request message for the `BatchEnableServices` method. + GoogleApiServiceusageV2betaImpact: + properties: + detail: + readOnly: true + type: string + description: Output only. User friendly impact detail in a free form message. + missingDependency: + readOnly: true + type: string description: >- - Additional HTTP bindings for the selector. Nested bindings must not - contain an `additional_bindings` field themselves (that is, the - nesting may only be one level deep). + Output only. This field will be populated only for the + `DEPENDENCY_MISSING_DEPENDENCIES` impact type. Example: + `services/compute.googleapis.com`. Impact.detail will be in format : + `missing service dependency: {missing_dependency}.` + impactType: + enum: + - IMPACT_TYPE_UNSPECIFIED + - DEPENDENCY_MISSING_DEPENDENCIES + readOnly: true + description: Output only. The type of impact. + enumDescriptions: + - >- + Reserved Blocks (Block n contains codes from 100n to 100(n+1) -1 + Block 0 - Special/Admin codes Block 1 - Impact Type of + ANALYSIS_TYPE_DEPENDENCY Block 2 - Impact Type of + ANALYSIS_TYPE_RESOURCE_USAGE ... + - Block 1 - Impact Type of ANALYSIS_TYPE_DEPENDENCY + type: string + description: A message to group impacts of updating a policy. + id: GoogleApiServiceusageV2betaImpact + type: object + Impact: + id: Impact + properties: + impactType: + enumDescriptions: + - >- + Reserved Blocks (Block n contains codes from 100n to 100(n+1) -1 + Block 0 - Special/Admin codes Block 1 - Impact Type of + ANALYSIS_TYPE_DEPENDENCY Block 2 - Impact Type of + ANALYSIS_TYPE_RESOURCE_USAGE Block 3 - Impact Type of + ANALYSIS_TYPE_RESOURCE_EXISTENCE ... + - Block 1 - Impact Type of ANALYSIS_TYPE_DEPENDENCY + - Block 3 - Impact Type of ANALYSIS_TYPE_RESOURCE_EXISTENCE + description: Output only. The type of impact. + type: string + readOnly: true + enum: + - IMPACT_TYPE_UNSPECIFIED + - DEPENDENCY_MISSING_DEPENDENCIES + - RESOURCE_EXISTENCE_PROJECT + detail: + type: string + description: Output only. User friendly impact detail in a free form message. + readOnly: true + parent: + type: string + description: >- + The parent resource that the analysis is based on and the service + name that the analysis is for. Example: + `projects/100/services/compute.googleapis.com`, + folders/101/services/compute.googleapis.com` and + `organizations/102/services/compute.googleapis.com`. Usually, the + parent resource here is same as the parent resource of the analyzed + policy. However, for some analysis types, the parent can be + different. For example, for resource existence analysis, if the + parent resource of the analyzed policy is a folder or an + organization, the parent resource here can still be the project that + contains the resources. + description: A message to group impacts of updating a policy. + type: object + AuthenticationRule: + description: >- + Authentication rules for the service. By default, if a method has any + authentication requirements, every request must include a valid + credential matching one of the requirements. It's an error to include + more than one kind of credential in a single request. If a method + doesn't have any auth requirements, request credentials will be ignored. + properties: + oauth: + $ref: '#/components/schemas/OAuthRequirements' + description: The requirements for OAuth credentials. + requirements: + type: array + items: + $ref: '#/components/schemas/AuthRequirement' + description: Requirements for additional authentication providers. + selector: + type: string + description: >- + Selects the methods to which this rule applies. Refer to selector + for syntax details. + allowWithoutCredential: + description: >- + If true, the service accepts API keys without any other credential. + This flag only applies to HTTP and gRPC requests. + type: boolean + type: object + id: AuthenticationRule + ServiceIdentity: + type: object + id: ServiceIdentity + description: >- + Service identity for a service. This is the identity that service + producer should use to access consumer resources. + properties: + uniqueId: + type: string + description: >- + The unique and stable id of the service account. + https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts#ServiceAccount + email: + type: string + description: >- + The email address of the service account that a service producer + would use to access consumer resources. + Monitoring: + type: object + description: >- + Monitoring configuration of the service. The example below shows how to + configure monitored resources and metrics for monitoring. In the + example, a monitored resource and two metrics are defined. The + `library.googleapis.com/book/returned_count` metric is sent to both + producer and consumer projects, whereas the + `library.googleapis.com/book/num_overdue` metric is only sent to the + consumer project. monitored_resources: - type: + library.googleapis.com/Branch display_name: "Library Branch" + description: "A branch of a library." launch_stage: GA labels: - key: + resource_container description: "The Cloud container (ie. project id) + for the Branch." - key: location description: "The location of the + library branch." - key: branch_id description: "The id of the branch." + metrics: - name: library.googleapis.com/book/returned_count + display_name: "Books Returned" description: "The count of books that + have been returned." launch_stage: GA metric_kind: DELTA value_type: + INT64 unit: "1" labels: - key: customer_id description: "The id of the + customer." - name: library.googleapis.com/book/num_overdue display_name: + "Books Overdue" description: "The current number of overdue books." + launch_stage: GA metric_kind: GAUGE value_type: INT64 unit: "1" labels: + - key: customer_id description: "The id of the customer." monitoring: + producer_destinations: - monitored_resource: + library.googleapis.com/Branch metrics: - + library.googleapis.com/book/returned_count consumer_destinations: - + monitored_resource: library.googleapis.com/Branch metrics: - + library.googleapis.com/book/returned_count - + library.googleapis.com/book/num_overdue + properties: + producerDestinations: + items: + $ref: '#/components/schemas/MonitoringDestination' + description: >- + Monitoring configurations for sending metrics to the producer + project. There can be multiple producer destinations. A monitored + resource type may appear in multiple monitoring destinations if + different aggregations are needed for different sets of metrics + associated with that monitored resource type. A monitored resource + and metric pair may only be used once in the Monitoring + configuration. + type: array + consumerDestinations: + description: >- + Monitoring configurations for sending metrics to the consumer + project. There can be multiple consumer destinations. A monitored + resource type may appear in multiple monitoring destinations if + different aggregations are needed for different sets of metrics + associated with that monitored resource type. A monitored resource + and metric pair may only be used once in the Monitoring + configuration. + items: + $ref: '#/components/schemas/MonitoringDestination' + type: array + id: Monitoring + Http: + id: Http + type: object + properties: + rules: + type: array + items: + $ref: '#/components/schemas/HttpRule' + description: >- + A list of HTTP configuration rules that apply to individual API + methods. **NOTE:** All service configuration rules follow "last one + wins" order. + fullyDecodeReservedExpansion: + type: boolean + description: >- + When set to true, URL path parameters will be fully URI-decoded + except in cases of single segment matches in reserved expansion, + where "%2F" will be left encoded. The default behavior is to not + decode RFC 6570 reserved characters in multi segment matches. + description: >- + Defines the HTTP configuration for an API service. It contains a list of + HttpRule, each specifying the mapping of an RPC method to one or more + HTTP REST API methods. + Status: + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + type: object + id: Status + properties: + code: + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + format: int32 + details: items: - $ref: '#/components/schemas/HttpRule' + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. type: array - body: - type: string + message: description: >- - The name of the request field whose value is mapped to the HTTP - request body, or `*` for mapping all request fields not captured by - the path pattern to the HTTP body, or omitted for not having any - HTTP request body. NOTE: the referred field must be present at the - top-level of the request message type. - put: - description: Maps to HTTP PUT. Used for replacing a resource. - type: string - patch: - description: Maps to HTTP PATCH. Used for updating a resource. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - selector: + Page: + id: Page + properties: + name: description: >- - Selects a method to which this rule applies. Refer to selector for - syntax details. - type: string - get: + The name of the page. It will be used as an identity of the page to + generate URI of the page, text of the link to this page in + navigation, etc. The full page name (start from the root page name + to this page concatenated with `.`) can be used as reference to the + page in your documentation. For example: pages: - name: Tutorial + content: (== include tutorial.md ==) subpages: - name: Java content: + (== include tutorial_java.md ==) You can reference `Java` page using + Markdown reference link syntax: `Java`. type: string + subpages: + type: array + items: + $ref: '#/components/schemas/Page' description: >- - Maps to HTTP GET. Used for listing and getting information about - resources. - custom: - description: >- - The custom pattern is used for specifying an HTTP method that is not - included in the `pattern` field, such as HEAD, or "*" to leave the - HTTP method unspecified for this rule. The wild-card rule is useful - for services that provide content to Web (HTML) clients. - $ref: '#/components/schemas/CustomHttpPattern' - responseBody: + Subpages of this page. The order of subpages specified here will be + honored in the generated docset. + content: type: string description: >- - Optional. The name of the response field whose value is mapped to - the HTTP response body. When omitted, the entire response message - will be used as the HTTP response body. NOTE: The referred field - must be present at the top-level of the response message type. - delete: - description: Maps to HTTP DELETE. Used for deleting a resource. - type: string + The Markdown content of the page. You can use ```(== include {path} + ==)``` to include content from a Markdown file. The content can be + used to produce the documentation page such as HTML format page. + description: >- + Represents a documentation page. A page can contain subpages to + represent nested documentation set structure. + type: object + EnableServiceResponse: + description: >- + Response message for the `EnableService` method. This response message + is assigned to the `response` field of the returned Operation when that + operation is done. + type: object + id: EnableServiceResponse + properties: + service: + $ref: '#/components/schemas/GoogleApiServiceusageV1Service' + description: The new state of the service after enabling. ListOperationsResponse: - description: The response message for Operations.ListOperations. type: object - id: ListOperationsResponse + description: The response message for Operations.ListOperations. properties: + nextPageToken: + type: string + description: The standard List next-page token. + unreachable: + items: + type: string + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array operations: + type: array items: $ref: '#/components/schemas/Operation' description: >- A list of operations that matches the specified filter in the request. - type: array - nextPageToken: - type: string - description: The standard List next-page token. - AnalyzeConsumerPolicyResponse: - type: object - id: AnalyzeConsumerPolicyResponse - description: The response of analyzing a consumer policy update. - properties: - analysis: - description: >- - The list of analyses returned from performing the intended policy - update analysis. The analysis is grouped by service name and - different analysis types. The empty analysis list means that the - consumer policy can be updated without any warnings or blockers. - items: - $ref: '#/components/schemas/Analysis' - type: array - LoggingDestination: + id: ListOperationsResponse + DisableServiceResponse: description: >- - Configuration of a specific logging destination (the producer project or - the consumer project). - type: object + Response message for the `DisableService` method. This response message + is assigned to the `response` field of the returned Operation when that + operation is done. properties: - monitoredResource: - description: >- - The monitored resource type. The type must be defined in the - Service.monitored_resources section. - type: string - logs: - items: - type: string - description: >- - Names of the logs to be sent to this destination. Each name must be - defined in the Service.logs section. If the log name is not a domain - scoped name, it will be automatically prefixed with the service name - followed by "/". - type: array - id: LoggingDestination - AdminQuotaPolicy: - id: AdminQuotaPolicy + service: + description: The new state of the service after disabling. + $ref: '#/components/schemas/GoogleApiServiceusageV1Service' + id: DisableServiceResponse + type: object + ClientLibrarySettings: + description: Details about how and where to publish client libraries. + id: ClientLibrarySettings properties: - name: + nodeSettings: + description: Settings for Node client libraries. + $ref: '#/components/schemas/NodeSettings' + cppSettings: + description: Settings for C++ client libraries. + $ref: '#/components/schemas/CppSettings' + dotnetSettings: + $ref: '#/components/schemas/DotnetSettings' + description: Settings for .NET client libraries. + pythonSettings: + description: Settings for Python client libraries. + $ref: '#/components/schemas/PythonSettings' + restNumericEnums: description: >- - The resource name of the policy. This name is generated by the - server when the policy is created. Example names would be: - `organizations/123/services/compute.googleapis.com/consumerQuotaMetrics/compute.googleapis.com%2Fcpus/limits/%2Fproject%2Fregion/adminQuotaPolicies/4a3f2c1d` - type: string - metric: + When using transport=rest, the client request will encode enums as + numbers rather than strings. + type: boolean + goSettings: + description: Settings for Go client libraries. + $ref: '#/components/schemas/GoSettings' + rubySettings: + $ref: '#/components/schemas/RubySettings' + description: Settings for Ruby client libraries. + version: description: >- - The name of the metric to which this policy applies. An example name - would be: `compute.googleapis.com/cpus` - type: string - unit: + Version of the API to apply these settings to. This is the full + protobuf package for the API, ending in the version element. + Examples: "google.cloud.speech.v1" and + "google.spanner.admin.database.v1". type: string - description: >- - The limit unit of the limit to which this policy applies. An example - unit would be: `1/{project}/{region}` Note that `{project}` and - `{region}` are not placeholders in this example; the literal - characters `{` and `}` occur in the string. - policyValue: - format: int64 + javaSettings: + description: Settings for legacy Java features, supported in the Service YAML. + $ref: '#/components/schemas/JavaSettings' + phpSettings: + description: Settings for PHP client libraries. + $ref: '#/components/schemas/PhpSettings' + launchStage: + enum: + - LAUNCH_STAGE_UNSPECIFIED + - UNIMPLEMENTED + - PRELAUNCH + - EARLY_ACCESS + - ALPHA + - BETA + - GA + - DEPRECATED + description: Launch stage of this version of the API. + enumDescriptions: + - Do not use this default value. + - The feature is not yet implemented. Users can not use it. + - >- + Prelaunch features are hidden from users and are only visible + internally. + - >- + Early Access features are limited to a closed group of testers. To + use these features, you must sign up in advance and sign a Trusted + Tester agreement (which includes confidentiality provisions). + These features may be unstable, changed in backward-incompatible + ways, and are not guaranteed to be released. + - >- + Alpha is a limited availability test for releases before they are + cleared for widespread use. By Alpha, all significant design + issues are resolved and we are in the process of verifying + functionality. Alpha customers need to apply for access, agree to + applicable terms, and have their projects allowlisted. Alpha + releases don't have to be feature complete, no SLAs are provided, + and there are no technical support obligations, but they will be + far enough along that customers can actually use them in test + environments or for limited-use tests -- just like they would in + normal production cases. + - >- + Beta is the point at which we are ready to open a release for any + customer to use. There are no SLA or technical support obligations + in a Beta release. Products will be complete from a feature + perspective, but may have some open outstanding issues. Beta + releases are suitable for limited production use cases. + - >- + GA features are open to all developers and are considered stable + and fully qualified for production use. + - >- + Deprecated features are scheduled to be shut down and removed. For + more information, see the "Deprecation Policy" section of our + [Terms of Service](https://cloud.google.com/terms/) and the + [Google Cloud Platform Subject to the Deprecation + Policy](https://cloud.google.com/terms/deprecation) documentation. type: string + type: object + MetricRule: + properties: + selector: description: >- - The quota policy value. Can be any nonnegative integer, or -1 - (unlimited quota). - container: + Selects the methods to which this rule applies. Refer to selector + for syntax details. type: string + metricCosts: description: >- - The cloud resource container at which the quota policy is created. - The format is `{container_type}/{container_number}` - dimensions: + Metrics to update when the selected methods are called, and the + associated cost applied to each metric. The key of the map is the + metric name, and the values are the amount increased for the metric + against which the quota limits are defined. The value must not be + negative. type: object additionalProperties: type: string - description: ' If this map is nonempty, then this policy applies only to specific values for dimensions defined in the limit unit. For example, a policy on a limit with the unit `1/{project}/{region}` could contain an entry with the key `region` and the value `us-east-1`; the policy is only applied to quota consumed in that region. This map has the following restrictions: * If `region` appears as a key, its value must be a valid Cloud region. * If `zone` appears as a key, its value must be a valid Cloud zone. * Keys other than `region` or `zone` are not valid.' + format: int64 + id: MetricRule + description: >- + Bind API methods to metrics. Binding a method to a metric causes that + metric's configured quota behaviors to apply to the method call. type: object - description: Quota policy created by quota administrator. - AnalyzeConsumerPolicyMetadata: + UpdateConsumerPolicyMetadata: + description: Metadata for the `UpdateConsumerPolicy` method. properties: {} - id: AnalyzeConsumerPolicyMetadata type: object - description: Metadata for the `AnalyzeConsumerPolicy` method. - Operation: - description: >- - This resource represents a long-running operation that is the result of - a network API call. - id: Operation + id: UpdateConsumerPolicyMetadata + BatchCreateAdminOverridesResponse: type: object + id: BatchCreateAdminOverridesResponse properties: - response: - type: object - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - additionalProperties: - description: Properties of the object. Contains field @type with type URL. - type: any - error: - $ref: '#/components/schemas/Status' - description: >- - The error result of the operation in case of failure or - cancellation. - metadata: - type: object + overrides: + type: array + items: + $ref: '#/components/schemas/QuotaOverride' + description: The overrides that were created. + description: Response message for BatchCreateAdminOverrides + EnableRule: + id: EnableRule + properties: + groups: description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - name: - type: string + DEPRECATED: Please use field `values`. Service group should have + prefix `groups/`. The names of the service groups that are enabled + (Not Implemented). Example: `groups/googleServices`. + deprecated: true + type: array + items: + type: string + values: + type: array description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - done: + The names of the services or service groups that are enabled. + Example: `services/storage.googleapis.com`, `groups/googleServices`, + `groups/allServices`. + items: + type: string + services: + items: + type: string + deprecated: true description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - LabelDescriptor: - description: A description of a label. - properties: - valueType: - description: The type of data that can be assigned to the label. + DEPRECATED: Please use field `values`. Service should have prefix + `services/`. The names of the services that are enabled. Example: + `storage.googleapis.com`. + type: array + enableType: enum: - - STRING - - BOOL - - INT64 - enumDescriptions: - - A variable-length string. This is the default. - - Boolean; true or false. - - A 64-bit signed integer. - type: string - description: - description: A human-readable description for the label. - type: string - key: + - ENABLE_TYPE_UNSPECIFIED + - CLIENT + - RESOURCE + - V1_COMPATIBLE + description: Client and resource project enable type. type: string - description: The label key. + enumDescriptions: + - >- + Unspecified enable type, which means enabled as both client and + resource project. + - >- + Enable all clients under the CRM node specified by + `ConsumerPolicy.name` to use the listed services. A client can be + an API key, an OAuth client, or a service account. + - >- + Enable resources in the list services to be created and used under + the CRM node specified by the `ConsumerPolicy.name`. + - >- + Activation made by Service Usage v1 API. This will be how + consumers differentiate between policy changes made by v1 and v2 + clients and understand what is actually possible based on those + different policies. + description: >- + The consumer policy rule that defines usable services and service + groups. type: object - id: LabelDescriptor - BatchGetServicesResponse: - id: BatchGetServicesResponse + Control: + properties: + methodPolicies: + items: + $ref: '#/components/schemas/MethodPolicy' + description: Defines policies applying to the API methods of the service. + type: array + environment: + description: >- + The service controller environment to use. If empty, no control + plane feature (like quota and billing) will be enabled. The + recommended value for most services is servicecontrol.googleapis.com + type: string + id: Control type: object - description: Response message for the `BatchGetServices` method. + description: >- + Selects and configures the service controller used by the service. + Example: control: environment: servicecontrol.googleapis.com + ListServicesResponse: properties: services: + description: The available services for the requested project. items: $ref: '#/components/schemas/GoogleApiServiceusageV1Service' - description: The requested Service states. type: array - SystemParameterRule: - description: >- - Define a system parameter rule mapping system parameter definitions to - methods. - properties: - selector: - description: >- - Selects the methods to which this rule applies. Use '*' to indicate - all methods in all APIs. Refer to selector for syntax details. + nextPageToken: type: string - parameters: - type: array description: >- - Define parameters. Multiple names may be defined for a parameter. - For a given method call, only one of them should be used. If - multiple names are used the behavior is implementation-dependent. If - none of the specified names are present the behavior is - parameter-dependent. - items: - $ref: '#/components/schemas/SystemParameter' + Token that can be passed to `ListServices` to resume a paginated + query. type: object - id: SystemParameterRule - BatchCreateConsumerOverridesResponse: - properties: - overrides: - type: array - description: The overrides that were created. - items: - $ref: '#/components/schemas/QuotaOverride' - description: Response message for BatchCreateConsumerOverrides - id: BatchCreateConsumerOverridesResponse + description: Response message for the `ListServices` method. + id: ListServicesResponse + BatchingSettingsProto: type: object - GoogleApiServiceusageV1beta1ServiceIdentity: + properties: + flowControlByteLimit: + description: The maximum size of data allowed by flow control. + type: integer + format: int32 + delayThreshold: + description: >- + The duration after which a batch should be sent, starting from the + addition of the first message to that batch. + type: string + format: google-duration + flowControlLimitExceededBehavior: + description: The behavior to take when the flow control limit is exceeded. + enum: + - UNSET_BEHAVIOR + - THROW_EXCEPTION + - BLOCK + - IGNORE + type: string + enumDescriptions: + - Default behavior, system-defined. + - Stop operation, raise error. + - Pause operation until limit clears. + - Continue operation, disregard limit. + elementCountLimit: + type: integer + description: >- + The maximum number of elements collected in a batch that could be + accepted by server. + format: int32 + requestByteLimit: + type: integer + description: The maximum size of the request that could be accepted by server. + format: int32 + elementCountThreshold: + type: integer + format: int32 + description: >- + The number of elements of a field collected into a batch which, if + exceeded, causes the batch to be sent. + requestByteThreshold: + type: string + description: >- + The aggregated size of the batched field which, if exceeded, causes + the batch to be sent. This size is computed by aggregating the sizes + of the request field to be batched, not of the entire request + message. + format: int64 + flowControlElementLimit: + description: The maximum number of elements allowed by flow control. + type: integer + format: int32 + id: BatchingSettingsProto description: >- - Service identity for a service. This is the identity that service - producer should use to access consumer resources. + `BatchingSettingsProto` specifies a set of batching thresholds, each of + which acts as a trigger to send a batch of messages as a request. At + least one threshold must be positive nonzero. + SystemParameter: + description: >- + Define a parameter's name and location. The parameter may be passed as + either an HTTP header or a URL query parameter, and if both are passed + the behavior is implementation-dependent. type: object - id: GoogleApiServiceusageV1beta1ServiceIdentity properties: - uniqueId: + httpHeader: description: >- - The unique and stable id of the service account. - https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts#ServiceAccount - type: string - email: + Define the HTTP header name to use for the parameter. It is case + insensitive. type: string + urlQueryParameter: description: >- - The email address of the service account that a service producer - would use to access consumer resources. - ServiceIdentity: - description: >- - Service identity for a service. This is the identity that service - producer should use to access consumer resources. - properties: - uniqueId: + Define the URL query parameter name to use for the parameter. It is + case sensitive. type: string - description: >- - The unique and stable id of the service account. - https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts#ServiceAccount - email: + name: type: string description: >- - The email address of the service account that a service producer - would use to access consumer resources. - type: object - id: ServiceIdentity - EnableServiceRequest: - properties: {} - description: Request message for the `EnableService` method. - id: EnableServiceRequest - type: object - PhpSettings: - id: PhpSettings - description: Settings for Php client libraries. - type: object - properties: - common: - $ref: '#/components/schemas/CommonLanguageSettings' - description: Some settings. - libraryPackage: - description: >- - The package name to use in Php. Clobbers the php_namespace option - set in the protobuf. This should be used **only** by APIs who have - already set the language_settings.php.package_name" field in - gapic.yaml. API teams should use the protobuf php_namespace option - where possible. Example of a YAML configuration:: publishing: - library_settings: php_settings: library_package: - Google\Cloud\PubSub\V1 - type: string - CancelOperationRequest: - id: CancelOperationRequest - type: object - description: The request message for Operations.CancelOperation. - properties: {} - MonitoringDestination: - type: object - id: MonitoringDestination + Define the name of the parameter, such as "api_key" . It is case + sensitive. + id: SystemParameter + Authentication: description: >- - Configuration of a specific monitoring destination (the producer project - or the consumer project). + `Authentication` defines the authentication configuration for API + methods provided by an API service. Example: name: + calendar.googleapis.com authentication: providers: - id: + google_calendar_auth jwks_uri: + https://www.googleapis.com/oauth2/v1/certs issuer: + https://securetoken.google.com rules: - selector: "*" requirements: + provider_id: google_calendar_auth - selector: google.calendar.Delegate + oauth: canonical_scopes: https://www.googleapis.com/auth/calendar.read + type: object properties: - metrics: + rules: + items: + $ref: '#/components/schemas/AuthenticationRule' description: >- - Types of the metrics to report to this monitoring destination. Each - type must be defined in Service.metrics section. + A list of authentication rules that apply to individual API methods. + **NOTE:** All service configuration rules follow "last one wins" + order. + type: array + providers: + description: Defines a set of authentication providers that a service supports. type: array items: - type: string - monitoredResource: - type: string - description: >- - The monitored resource type. The type must be defined in - Service.monitored_resources section. - CommonLanguageSettings: - id: CommonLanguageSettings + $ref: '#/components/schemas/AuthProvider' + id: Authentication + MonitoredResourceDescriptor: + description: >- + An object that describes the schema of a MonitoredResource object using + a type name and a set of labels. For example, the monitored resource + descriptor for Google Compute Engine VM instances has a type of + `"gce_instance"` and specifies the use of the labels `"instance_id"` and + `"zone"` to identify particular VM instances. Different APIs can support + different monitored resource types. APIs generally provide a `list` + method that returns the monitored resource descriptors used by the API. + id: MonitoredResourceDescriptor type: object - description: Required information for every language. properties: - selectiveGapicGeneration: + labels: description: >- - Configuration for which RPCs should be generated in the GAPIC - client. - $ref: '#/components/schemas/SelectiveGapicGeneration' - destinations: - items: - type: string - enumDescriptions: - - >- - Client libraries will neither be generated nor published to - package managers. - - >- - Generate the client library in a repo under - github.com/googleapis, but don't publish it to package managers. - - >- - Publish the library to package managers like nuget.org and - npmjs.com. - enum: - - CLIENT_LIBRARY_DESTINATION_UNSPECIFIED - - GITHUB - - PACKAGE_MANAGER + Required. A set of labels used to describe instances of this + monitored resource type. For example, an individual Google Cloud SQL + database is identified by values for the labels `"database_id"` and + `"zone"`. type: array + items: + $ref: '#/components/schemas/LabelDescriptor' + description: + type: string description: >- - The destination where API teams want this client library to be - published. - referenceDocsUri: + Optional. A detailed description of the monitored resource type that + might be used in documentation. + displayName: type: string description: >- - Link to automatically generated reference documentation. Example: - https://cloud.google.com/nodejs/docs/reference/asset/latest - deprecated: true - ClientLibrarySettings: - id: ClientLibrarySettings - description: Details about how and where to publish client libraries. - type: object - properties: - pythonSettings: - description: Settings for Python client libraries. - $ref: '#/components/schemas/PythonSettings' - goSettings: - $ref: '#/components/schemas/GoSettings' - description: Settings for Go client libraries. - dotnetSettings: - description: Settings for .NET client libraries. - $ref: '#/components/schemas/DotnetSettings' - rubySettings: - $ref: '#/components/schemas/RubySettings' - description: Settings for Ruby client libraries. + Optional. A concise name for the monitored resource type that might + be displayed in user interfaces. It should be a Title Cased Noun + Phrase, without any article or other determiners. For example, + `"Google Cloud SQL Database"`. launchStage: enumDescriptions: - Do not use this default value. @@ -2388,6 +2336,8 @@ components: [Terms of Service](https://cloud.google.com/terms/) and the [Google Cloud Platform Subject to the Deprecation Policy](https://cloud.google.com/terms/deprecation) documentation. + description: Optional. The launch stage of the monitored resource definition. + type: string enum: - LAUNCH_STAGE_UNSPECIFIED - UNIMPLEMENTED @@ -2397,475 +2347,657 @@ components: - BETA - GA - DEPRECATED + name: + description: >- + Optional. The resource name of the monitored resource descriptor: + `"projects/{project_id}/monitoredResourceDescriptors/{type}"` where + {type} is the value of the `type` field in this object and + {project_id} is a project ID that provides API-specific context for + accessing the type. APIs that do not use project information can use + the resource name format `"monitoredResourceDescriptors/{type}"`. type: string - description: Launch stage of this version of the API. - version: + type: + description: >- + Required. The monitored resource type. For example, the type + `"cloudsql_database"` represents databases in Google Cloud SQL. For + a list of types, see [Monitored resource + types](https://cloud.google.com/monitoring/api/resources) and + [Logging resource + types](https://cloud.google.com/logging/docs/api/v2/resource-list). type: string + AnalyzeConsumerPolicyResponse: + description: The response of analyzing a consumer policy update. + id: AnalyzeConsumerPolicyResponse + properties: + analysis: + type: array + items: + $ref: '#/components/schemas/Analysis' description: >- - Version of the API to apply these settings to. This is the full - protobuf package for the API, ending in the version element. - Examples: "google.cloud.speech.v1" and - "google.spanner.admin.database.v1". - cppSettings: - description: Settings for C++ client libraries. - $ref: '#/components/schemas/CppSettings' - javaSettings: - description: Settings for legacy Java features, supported in the Service YAML. - $ref: '#/components/schemas/JavaSettings' - nodeSettings: - description: Settings for Node client libraries. - $ref: '#/components/schemas/NodeSettings' - phpSettings: - description: Settings for PHP client libraries. - $ref: '#/components/schemas/PhpSettings' - restNumericEnums: - type: boolean + The list of analyses returned from performing the intended policy + update analysis. The analysis is grouped by service name and + different analysis types. The empty analysis list means that the + consumer policy can be updated without any warnings or blockers. + type: object + ContentSecurityPolicy: + description: >- + Content Security Policy contains the content security related policy of + a resource. + properties: + mcpContentSecurity: + description: >- + mcp_content_security contains the content security related settings + at resource level for MCP traffic. + $ref: '#/components/schemas/ContentSecurity' + name: + type: string + readOnly: true + description: >- + Output only. The resource name of the policy. Only the `default` + policy is supported. We allow the following formats: + `projects/{PROJECT_NUMBER}/contentSecurityPolicies/default`, + `projects/{PROJECT_ID}/contentSecurityPolicies/default`, We only + support project level content security policy for now. + type: object + id: ContentSecurityPolicy + JavaSettings: + properties: + common: + description: Some settings. + $ref: '#/components/schemas/CommonLanguageSettings' + serviceClassNames: + description: >- + Configure the Java class name to use instead of the service's for + its corresponding generated GAPIC client. Keys are fully-qualified + service names as they appear in the protobuf (including the full the + language_settings.java.interface_names" field in gapic.yaml. API + teams should otherwise use the service name as it appears in the + protobuf. Example of a YAML configuration:: publishing: + java_settings: service_class_names: - google.pubsub.v1.Publisher: + TopicAdmin - google.pubsub.v1.Subscriber: SubscriptionAdmin + type: object + additionalProperties: + type: string + libraryPackage: + type: string description: >- - When using transport=rest, the client request will encode enums as - numbers rather than strings. - ExperimentalFeatures: + The package name to use in Java. Clobbers the java_package option + set in the protobuf. This should be used **only** by APIs who have + already set the language_settings.java.package_name" field in + gapic.yaml. API teams should use the protobuf java_package option + where possible. Example of a YAML configuration:: publishing: + library_settings: java_settings: library_package: + com.google.cloud.pubsub.v1 + type: object + id: JavaSettings + description: Settings for Java client libraries. + McpEnableRule: + description: McpEnableRule contains MCP enablement related rules. properties: - protobufPythonicTypesEnabled: - description: >- - Enables generation of protobuf code using new types that are more - Pythonic which are included in `protobuf>=5.29.x`. This feature will - be enabled by default 1 month after launching the feature in preview - packages. - type: boolean - restAsyncIoEnabled: - description: >- - Enables generation of asynchronous REST clients if `rest` transport - is enabled. By default, asynchronous REST clients will not be - generated. This feature will be enabled by default 1 month after - launching the feature in preview packages. - type: boolean - unversionedPackageDisabled: + mcpServices: + type: array + items: + $ref: '#/components/schemas/McpService' + description: List of enabled MCP services. + id: McpEnableRule + type: object + Quota: + properties: + limits: + items: + $ref: '#/components/schemas/QuotaLimit' + description: List of QuotaLimit definitions for the service. + type: array + metricRules: description: >- - Disables generation of an unversioned Python package for this client - library. This means that the module names will need to be versioned - in import statements. For example `import google.cloud.library_v2` - instead of `import google.cloud.library`. - type: boolean - id: ExperimentalFeatures + List of MetricRule definitions, each one mapping a selected method + to one or more metrics. + type: array + items: + $ref: '#/components/schemas/MetricRule' + id: Quota description: >- - Experimental features to be included during client library generation. - These fields will be deprecated once the feature graduates and is - enabled by default. + Quota configuration helps to achieve fairness and budgeting in service + usage. The metric based quota configuration works this way: - The + service configuration defines a set of metrics. - For API calls, the + quota.metric_rules maps methods to metrics with corresponding costs. - + The quota.limits defines limits on the metrics, which will be used for + quota checks at runtime. An example quota configuration in yaml format: + quota: limits: - name: apiWriteQpsPerProject metric: + library.googleapis.com/write_calls unit: "1/min/{project}" # rate limit + for consumer projects values: STANDARD: 10000 (The metric rules bind all + methods to the read_calls metric, except for the UpdateBook and + DeleteBook methods. These two methods are mapped to the write_calls + metric, with the UpdateBook method consuming at twice rate as the + DeleteBook method.) metric_rules: - selector: "*" metric_costs: + library.googleapis.com/read_calls: 1 - selector: + google.example.library.v1.LibraryService.UpdateBook metric_costs: + library.googleapis.com/write_calls: 2 - selector: + google.example.library.v1.LibraryService.DeleteBook metric_costs: + library.googleapis.com/write_calls: 1 Corresponding Metric definition: + metrics: - name: library.googleapis.com/read_calls display_name: Read + requests metric_kind: DELTA value_type: INT64 - name: + library.googleapis.com/write_calls display_name: Write requests + metric_kind: DELTA value_type: INT64 type: object - SystemParameter: + ImportAdminOverridesResponse: + id: ImportAdminOverridesResponse + description: Response message for ImportAdminOverrides + type: object + properties: + overrides: + type: array + description: The overrides that were created from the imported data. + items: + $ref: '#/components/schemas/QuotaOverride' + BatchingConfigProto: + id: BatchingConfigProto + type: object + properties: + thresholds: + $ref: '#/components/schemas/BatchingSettingsProto' + description: The thresholds which trigger a batched request to be sent. + batchDescriptor: + description: The request and response fields used in batching. + $ref: '#/components/schemas/BatchingDescriptorProto' description: >- - Define a parameter's name and location. The parameter may be passed as - either an HTTP header or a URL query parameter, and if both are passed - the behavior is implementation-dependent. - id: SystemParameter + `BatchingConfigProto` defines the batching configuration for an API + method. + GoogleApiServiceusageV2betaConsumerPolicy: + description: >- + Consumer Policy is a set of rules that define what services or service + groups can be used for a cloud resource hierarchy. type: object + id: GoogleApiServiceusageV2betaConsumerPolicy properties: + updateTime: + format: google-datetime + type: string + readOnly: true + description: Output only. The time the policy was last updated. name: + type: string description: >- - Define the name of the parameter, such as "api_key" . It is case - sensitive. + Output only. The resource name of the policy. Only the `default` + policy is supported: `projects/12345/consumerPolicies/default`, + `folders/12345/consumerPolicies/default`, + `organizations/12345/consumerPolicies/default`. + readOnly: true + etag: + description: >- + An opaque tag indicating the current version of the policy, used for + concurrency control. type: string - urlQueryParameter: + enableRules: + type: array + items: + $ref: '#/components/schemas/GoogleApiServiceusageV2betaEnableRule' description: >- - Define the URL query parameter name to use for the parameter. It is - case sensitive. + Enable rules define usable services, groups, and categories. There + can currently be at most one `EnableRule`. This restriction will be + lifted in later releases. + createTime: + description: >- + Output only. The time the policy was created. For singleton + policies, this is the first touch of the policy. + readOnly: true + format: google-datetime type: string - httpHeader: + Option: + properties: + value: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + description: >- + The option's value packed in an Any message. If the value is a + primitive, the corresponding wrapper type defined in + google/protobuf/wrappers.proto should be used. If the value is an + enum, it should be stored as an int32 value using the + google.protobuf.Int32Value type. + name: + description: >- + The option's name. For protobuf built-in options (options defined in + descriptor.proto), this is the short name. For example, + `"map_entry"`. For custom options, it should be the fully-qualified + name. For example, `"google.api.http"`. type: string + id: Option + type: object + description: >- + A protocol buffer option, which can be attached to a message, field, + enumeration, etc. New usages of this message as an alternative to + FileOptions, MessageOptions, FieldOptions, EnumOptions, + EnumValueOptions, ServiceOptions, or MethodOptions are strongly + discouraged. + GoogleApiServiceusageV2betaAnalysisResult: + description: An analysis result including blockers and warnings. + type: object + properties: + blockers: description: >- - Define the HTTP header name to use for the parameter. It is case - insensitive. - GoogleApiServiceusageV1beta1GetServiceIdentityResponse: + Blocking information that would prevent the policy changes at + runtime. + items: + $ref: '#/components/schemas/GoogleApiServiceusageV2betaImpact' + type: array + warnings: + items: + $ref: '#/components/schemas/GoogleApiServiceusageV2betaImpact' + description: >- + Warning information indicating that the policy changes might be + unsafe, but will not block the changes at runtime. + type: array + id: GoogleApiServiceusageV2betaAnalysisResult + Field: + type: object + id: Field properties: - state: + cardinality: + type: string + enum: + - CARDINALITY_UNKNOWN + - CARDINALITY_OPTIONAL + - CARDINALITY_REQUIRED + - CARDINALITY_REPEATED + description: The field cardinality. enumDescriptions: - - >- - Default service identity state. This value is used if the state is - omitted. - - Service identity has been created and can be used. + - For fields with unknown cardinality. + - For optional fields. + - For required fields. Proto2 syntax only. + - For repeated fields. + kind: + enumDescriptions: + - Field type unknown. + - Field type double. + - Field type float. + - Field type int64. + - Field type uint64. + - Field type int32. + - Field type fixed64. + - Field type fixed32. + - Field type bool. + - Field type string. + - Field type group. Proto2 syntax only, and deprecated. + - Field type message. + - Field type bytes. + - Field type uint32. + - Field type enum. + - Field type sfixed32. + - Field type sfixed64. + - Field type sint32. + - Field type sint64. + description: The field type. + type: string enum: - - IDENTITY_STATE_UNSPECIFIED - - ACTIVE - description: Service identity state. + - TYPE_UNKNOWN + - TYPE_DOUBLE + - TYPE_FLOAT + - TYPE_INT64 + - TYPE_UINT64 + - TYPE_INT32 + - TYPE_FIXED64 + - TYPE_FIXED32 + - TYPE_BOOL + - TYPE_STRING + - TYPE_GROUP + - TYPE_MESSAGE + - TYPE_BYTES + - TYPE_UINT32 + - TYPE_ENUM + - TYPE_SFIXED32 + - TYPE_SFIXED64 + - TYPE_SINT32 + - TYPE_SINT64 + typeUrl: + description: >- + The field type URL, without the scheme, for message or enumeration + types. Example: `"type.googleapis.com/google.protobuf.Timestamp"`. type: string - identity: + jsonName: + type: string + description: The field JSON name. + options: + type: array + description: The protocol buffer options. + items: + $ref: '#/components/schemas/Option' + oneofIndex: description: >- - Service identity that service producer can use to access consumer - resources. If exists is true, it contains email and unique_id. If - exists is false, it contains pre-constructed email and empty - unique_id. - $ref: '#/components/schemas/GoogleApiServiceusageV1beta1ServiceIdentity' - description: Response message for getting service identity. - id: GoogleApiServiceusageV1beta1GetServiceIdentityResponse - type: object - RemoveEnableRulesResponse: - id: RemoveEnableRulesResponse - properties: - parent: + The index of the field type in `Type.oneofs`, for message or + enumeration types. The first type has index 1; zero means the type + is not in the list. + type: integer + format: int32 + number: + type: integer + format: int32 + description: The field number. + defaultValue: type: string description: >- - The parent consumer policy. It can be - `projects/12345/consumerPolicies/default`, or - `folders/12345/consumerPolicies/default`, or - `organizations/12345/consumerPolicies/default`. - removedValues: - items: - type: string - description: The values removed from the parent consumer policy. - deprecated: true - type: array - description: The response message of `RemoveEnableRules` method. + The string value of the default value of this field. Proto2 syntax + only. + name: + description: The field name. + type: string + packed: + description: Whether to use alternative packed wire representation. + type: boolean + description: >- + A single field of a message type. New usages of this message as an + alternative to FieldDescriptorProto are strongly discouraged. This + message does not reliability preserve all information necessary to model + the schema and preserve semantics. Instead make use of FileDescriptorSet + which preserves the necessary information. + ImportConsumerOverridesMetadata: + properties: {} type: object - Control: + id: ImportConsumerOverridesMetadata + description: >- + Metadata message that provides information such as progress, partial + failures, and similar information on each GetOperation call of LRO + returned by ImportConsumerOverrides. + ImportConsumerOverridesResponse: + id: ImportConsumerOverridesResponse properties: - environment: - type: string - description: >- - The service controller environment to use. If empty, no control - plane feature (like quota and billing) will be enabled. The - recommended value for most services is servicecontrol.googleapis.com - methodPolicies: - items: - $ref: '#/components/schemas/MethodPolicy' - description: Defines policies applying to the API methods of the service. + overrides: type: array + items: + $ref: '#/components/schemas/QuotaOverride' + description: The overrides that were created from the imported data. + description: Response message for ImportConsumerOverrides type: object + ImportAdminOverridesMetadata: + properties: {} description: >- - Selects and configures the service controller used by the service. - Example: control: environment: servicecontrol.googleapis.com - id: Control - GoogleApiServiceusageV2betaAnalysis: + Metadata message that provides information such as progress, partial + failures, and similar information on each GetOperation call of LRO + returned by ImportAdminOverrides. type: object - id: GoogleApiServiceusageV2betaAnalysis - description: A message to group the analysis information. - properties: - displayName: - type: string - description: >- - Output only. The user friendly display name of the analysis type. - E.g. service dependency analysis, service resource usage analysis, - etc. - readOnly: true - analysisType: - enum: - - ANALYSIS_TYPE_UNSPECIFIED - - ANALYSIS_TYPE_DEPENDENCY - - ANALYSIS_TYPE_RESOURCE_USAGE - type: string - description: Output only. The type of analysis. - enumDescriptions: - - Unspecified analysis type. Do not use. - - The analysis of service dependencies. - - The analysis of service resource usage. - readOnly: true - service: - description: >- - The names of the service that has analysis result of warnings or - blockers. Example: `services/storage.googleapis.com`. - type: string - analysisResult: - $ref: '#/components/schemas/GoogleApiServiceusageV2betaAnalysisResult' - description: Output only. Analysis result of updating a policy. - readOnly: true - GoogleApiServiceusageV2alphaUpdateConsumerPolicyMetadata: + id: ImportAdminOverridesMetadata + RemoveEnableRulesResponse: type: object - properties: {} - description: Metadata for the `UpdateConsumerPolicy` method. - id: GoogleApiServiceusageV2alphaUpdateConsumerPolicyMetadata - AddEnableRulesResponse: properties: + removedValues: + items: + type: string + deprecated: true + description: The values removed from the parent consumer policy. + type: array parent: - type: string description: >- The parent consumer policy. It can be `projects/12345/consumerPolicies/default`, or `folders/12345/consumerPolicies/default`, or `organizations/12345/consumerPolicies/default`. - addedValues: - items: - type: string - description: The values added to the parent consumer policy. - type: array - type: object - id: AddEnableRulesResponse - description: The response message of `AddEnableRules` method. - OAuthRequirements: - id: OAuthRequirements + type: string + description: The response message of `RemoveEnableRules` method. + id: RemoveEnableRulesResponse + SourceContext: + description: >- + `SourceContext` represents information about the source of a protobuf + element, like the file in which it is defined. properties: - canonicalScopes: + fileName: description: >- - The list of publicly documented OAuth scopes that are allowed - access. An OAuth token containing any of these scopes will be - accepted. Example: canonical_scopes: - https://www.googleapis.com/auth/calendar, - https://www.googleapis.com/auth/calendar.read + The path-qualified name of the .proto file that contained the + associated protobuf element. For example: + `"google/protobuf/source_context.proto"`. type: string - description: >- - OAuth scopes are a way to define data and permissions on data. For - example, there are scopes defined for "Read-only access to Google - Calendar" and "Access to Cloud Platform". Users can consent to a scope - for an application, giving it permission to access that data on their - behalf. OAuth scope specifications should be fairly coarse grained; a - user will need to see and understand the text description of what your - scope means. In most cases: use one or at most two OAuth scopes for an - entire family of products. If your product has multiple APIs, you should - probably be sharing the OAuth scope across all of those APIs. When you - need finer grained OAuth consent screens: talk with your product - management about how developers will use them in practice. Please note - that even though each of the canonical scopes is enough for a request to - be accepted and passed to the backend, a request can still fail due to - the backend requiring additional scopes or permissions. type: object - Status: - type: object - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + id: SourceContext + GoogleApiServiceusageV2betaAnalyzeConsumerPolicyResponse: + description: The response of analyzing a consumer policy update. + id: GoogleApiServiceusageV2betaAnalyzeConsumerPolicyResponse properties: - details: + analysis: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + The list of analyses returned from performing the intended policy + update analysis. The analysis is grouped by service name and + different analysis types. The empty analysis list means that the + consumer policy can be updated without any warnings or blockers. items: - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - type: object + $ref: '#/components/schemas/GoogleApiServiceusageV2betaAnalysis' type: array - message: - type: string - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - code: - description: The status code, which should be an enum value of google.rpc.Code. - format: int32 - type: integer - PythonSettings: type: object - id: PythonSettings + BatchGetServicesResponse: + type: object + description: Response message for the `BatchGetServices` method. properties: - experimentalFeatures: - description: >- - Experimental features to be included during client library - generation. - $ref: '#/components/schemas/ExperimentalFeatures' - common: - description: Some settings. - $ref: '#/components/schemas/CommonLanguageSettings' - description: Settings for Python client libraries. - QuotaLimit: - description: >- - `QuotaLimit` defines a specific limit that applies over a specified - duration for a limit type. There can be at most one limit for a duration - and limit type combination defined within a `QuotaGroup`. + services: + description: The requested Service states. + type: array + items: + $ref: '#/components/schemas/GoogleApiServiceusageV1Service' + id: BatchGetServicesResponse + ImportAdminQuotaPoliciesResponse: + type: object properties: - freeTier: - type: string - description: >- - Free tier value displayed in the Developers Console for this limit. - The free tier is the number of tokens that will be subtracted from - the billed amount when billing is enabled. This field can only be - set on a limit with duration "1d", in a billable group; it is - invalid on any other limit. If this field is not set, it defaults to - 0, indicating that there is no free tier for this service. Used by - group-based quotas only. - format: int64 - maxLimit: - format: int64 + policies: + description: The policies that were created from the imported data. + type: array + items: + $ref: '#/components/schemas/AdminQuotaPolicy' + description: Response message for ImportAdminQuotaPolicies + id: ImportAdminQuotaPoliciesResponse + MetricDescriptor: + description: >- + Defines a metric type and its schema. Once a metric descriptor is + created, deleting or altering it stops data collection and makes the + metric type's existing data unusable. + type: object + properties: + launchStage: type: string + description: Optional. The launch stage of the metric definition. + enum: + - LAUNCH_STAGE_UNSPECIFIED + - UNIMPLEMENTED + - PRELAUNCH + - EARLY_ACCESS + - ALPHA + - BETA + - GA + - DEPRECATED + enumDescriptions: + - Do not use this default value. + - The feature is not yet implemented. Users can not use it. + - >- + Prelaunch features are hidden from users and are only visible + internally. + - >- + Early Access features are limited to a closed group of testers. To + use these features, you must sign up in advance and sign a Trusted + Tester agreement (which includes confidentiality provisions). + These features may be unstable, changed in backward-incompatible + ways, and are not guaranteed to be released. + - >- + Alpha is a limited availability test for releases before they are + cleared for widespread use. By Alpha, all significant design + issues are resolved and we are in the process of verifying + functionality. Alpha customers need to apply for access, agree to + applicable terms, and have their projects allowlisted. Alpha + releases don't have to be feature complete, no SLAs are provided, + and there are no technical support obligations, but they will be + far enough along that customers can actually use them in test + environments or for limited-use tests -- just like they would in + normal production cases. + - >- + Beta is the point at which we are ready to open a release for any + customer to use. There are no SLA or technical support obligations + in a Beta release. Products will be complete from a feature + perspective, but may have some open outstanding issues. Beta + releases are suitable for limited production use cases. + - >- + GA features are open to all developers and are considered stable + and fully qualified for production use. + - >- + Deprecated features are scheduled to be shut down and removed. For + more information, see the "Deprecation Policy" section of our + [Terms of Service](https://cloud.google.com/terms/) and the + [Google Cloud Platform Subject to the Deprecation + Policy](https://cloud.google.com/terms/deprecation) documentation. + metricKind: + enum: + - METRIC_KIND_UNSPECIFIED + - GAUGE + - DELTA + - CUMULATIVE + enumDescriptions: + - Do not use this default value. + - An instantaneous measurement of a value. + - The change in a value during a time interval. + - >- + A value accumulated over a time interval. Cumulative measurements + in a time series should have the same start time and increasing + end times, until an event resets the cumulative value to zero and + sets a new start time for the following points. description: >- - Maximum number of tokens that can be consumed during the specified - duration. Client application developers can override the default - limit up to this maximum. If specified, this value cannot be set to - a value less than the default limit. If not specified, it is set to - the default limit. To allow clients to apply overrides with no upper - bound, set this to -1, indicating unlimited maximum quota. Used by - group-based quotas only. - duration: + Whether the metric records instantaneous values, changes to a value, + etc. Some combinations of `metric_kind` and `value_type` might not + be supported. type: string - description: >- - Duration of this limit in textual notation. Must be "100s" or "1d". - Used by group-based quotas only. + metadata: + description: Optional. Metadata which can be used to guide usage of the metric. + $ref: '#/components/schemas/MetricDescriptorMetadata' description: - description: >- - Optional. User-visible, extended description for this quota limit. - Should be used only when more context is needed to understand this - limit than provided by the limit's display name (see: - `display_name`). - type: string - displayName: - type: string - description: >- - User-visible display name for this limit. Optional. If not set, the - UI will provide a default display name based on the quota - configuration. This field can be used to override the default - display name generated from the configuration. - metric: type: string description: >- - The name of the metric this quota limit applies to. The quota limits - with the same metric will be checked together during runtime. The - metric must be defined within the service config. + A detailed description of the metric, which can be used in + documentation. unit: - type: string - description: >- - Specify the unit of the quota limit. It uses the same syntax as - MetricDescriptor.unit. The supported unit kinds are determined by - the quota backend system. Here are some examples: * - "1/min/{project}" for quota per minute per project. Note: the order - of unit components is insignificant. The "1" at the beginning is - required to follow the metric unit syntax. - values: - type: object - additionalProperties: - format: int64 - type: string - description: >- - Tiered limit values. You must specify this as a key:value pair, with - an integer value that is the maximum number of requests allowed for - the specified unit. Currently only STANDARD is supported. - name: description: >- - Name of the quota limit. The name must be provided, and it must be - unique within the service. The name can only include alphanumeric - characters as well as '-'. The maximum length of the limit name is - 64 characters. + The units in which the metric value is reported. It is only + applicable if the `value_type` is `INT64`, `DOUBLE`, or + `DISTRIBUTION`. The `unit` defines the representation of the stored + metric values. Different systems might scale the values to be more + easily displayed (so a value of `0.02kBy` _might_ be displayed as + `20By`, and a value of `3523kBy` _might_ be displayed as `3.5MBy`). + However, if the `unit` is `kBy`, then the value of the metric is + always in thousands of bytes, no matter how it might be displayed. + If you want a custom metric to record the exact number of + CPU-seconds used by a job, you can create an `INT64 CUMULATIVE` + metric whose `unit` is `s{CPU}` (or equivalently `1s{CPU}` or just + `s`). If the job uses 12,005 CPU-seconds, then the value is written + as `12005`. Alternatively, if you want a custom metric to record + data in a more granular way, you can create a `DOUBLE CUMULATIVE` + metric whose `unit` is `ks{CPU}`, and then write the value `12.005` + (which is `12005/1000`), or use `Kis{CPU}` and write `11.723` (which + is `12005/1024`). The supported units are a subset of [The Unified + Code for Units of Measure](https://unitsofmeasure.org/ucum.html) + standard: **Basic units (UNIT)** * `bit` bit * `By` byte * `s` + second * `min` minute * `h` hour * `d` day * `1` dimensionless + **Prefixes (PREFIX)** * `k` kilo (10^3) * `M` mega (10^6) * `G` giga + (10^9) * `T` tera (10^12) * `P` peta (10^15) * `E` exa (10^18) * `Z` + zetta (10^21) * `Y` yotta (10^24) * `m` milli (10^-3) * `u` micro + (10^-6) * `n` nano (10^-9) * `p` pico (10^-12) * `f` femto (10^-15) + * `a` atto (10^-18) * `z` zepto (10^-21) * `y` yocto (10^-24) * `Ki` + kibi (2^10) * `Mi` mebi (2^20) * `Gi` gibi (2^30) * `Ti` tebi (2^40) + * `Pi` pebi (2^50) **Grammar** The grammar also includes these + connectors: * `/` division or ratio (as an infix operator). For + examples, `kBy/{email}` or `MiBy/10ms` (although you should almost + never have `/s` in a metric `unit`; rates should always be computed + at query time from the underlying cumulative or delta value). * `.` + multiplication or composition (as an infix operator). For examples, + `GBy.d` or `k{watt}.h`. The grammar for a unit is as follows: + Expression = Component { "." Component } { "/" Component } ; + Component = ( [ PREFIX ] UNIT | "%" ) [ Annotation ] | Annotation | + "1" ; Annotation = "{" NAME "}" ; Notes: * `Annotation` is just a + comment if it follows a `UNIT`. If the annotation is used alone, + then the unit is equivalent to `1`. For examples, `{request}/s == + 1/s`, `By{transmitted}/s == By/s`. * `NAME` is a sequence of + non-blank printable ASCII characters not containing `{` or `}`. * + `1` represents a unitary [dimensionless + unit](https://en.wikipedia.org/wiki/Dimensionless_quantity) of 1, + such as in `1/s`. It is typically used when none of the basic units + are appropriate. For example, "new users per day" can be represented + as `1/d` or `{new-users}/d` (and a metric value `5` would mean "5 + new users). Alternatively, "thousands of page views per day" would + be represented as `1000/d` or `k1/d` or `k{page_views}/d` (and a + metric value of `5.3` would mean "5300 page views per day"). * `%` + represents dimensionless value of 1/100, and annotates values giving + a percentage (so the metric values are typically in the range of + 0..100, and a metric value `3` means "3 percent"). * `10^2.%` + indicates a metric contains a ratio, typically in the range 0..1, + that will be multiplied by 100 and displayed as a percentage (so a + metric value `0.03` means "3 percent"). type: string - defaultLimit: - format: int64 + displayName: type: string description: >- - Default number of tokens that can be consumed during the specified - duration. This is the number of tokens assigned when a client - application developer activates the service for his/her project. - Specifying a value of 0 will block all requests. This can be used if - you are provisioning quota to selected consumers and blocking - others. Similarly, a value of -1 will indicate an unlimited quota. - No other negative values are allowed. Used by group-based quotas - only. - type: object - id: QuotaLimit - EnableFailure: - properties: - errorMessage: - description: An error message describing why the service could not be enabled. - type: string - serviceId: - description: The service id of a service that could not be enabled. + A concise name for the metric, which can be displayed in user + interfaces. Use sentence case without an ending period, for example + "Request count". This field is optional but it is recommended to be + set for any metrics associated with user-visible concepts, such as + Quota. + type: type: string - id: EnableFailure - type: object - description: Provides error messages for the failing services. - GoogleApiServiceusageV1Service: - type: object - properties: - name: description: >- - The resource name of the consumer and service. A valid name would - be: - projects/123/services/serviceusage.googleapis.com + The metric type, including its DNS name prefix. The type is not + URL-encoded. All user-defined metric types have the DNS name + `custom.googleapis.com` or `external.googleapis.com`. Metric types + should use a natural hierarchical grouping. For example: + "custom.googleapis.com/invoice/paid/amount" + "external.googleapis.com/prometheus/up" + "appengine.googleapis.com/http/server/response_latencies" + name: + description: The resource name of the metric descriptor. type: string - config: + monitoredResourceTypes: description: >- - The service configuration of the available service. Some fields may - be filtered out of the configuration in responses to the - `ListServices` method. These fields are present only in responses to - the `GetService` method. - $ref: '#/components/schemas/GoogleApiServiceusageV1ServiceConfig' - parent: + Read-only. If present, then a time series, which is identified + partially by a metric type and a MonitoredResourceDescriptor, that + is associated with this metric type can only be associated with one + of the monitored resource types listed here. + type: array + items: + type: string + valueType: description: >- - The resource name of the consumer. A valid name would be: - - projects/123 - type: string - state: - description: Whether or not the service has been enabled for use by the consumer. + Whether the measurement is an integer, a floating-point number, etc. + Some combinations of `metric_kind` and `value_type` might not be + supported. + type: string enum: - - STATE_UNSPECIFIED - - DISABLED - - ENABLED + - VALUE_TYPE_UNSPECIFIED + - BOOL + - INT64 + - DOUBLE + - STRING + - DISTRIBUTION + - MONEY enumDescriptions: + - Do not use this default value. - >- - The default value, which indicates that the enabled state of the - service is unspecified or not meaningful. Currently, all consumers - other than projects (such as folders and organizations) are always - in this state. + The value is a boolean. This value type can be used only if the + metric kind is `GAUGE`. + - The value is a signed 64-bit integer. + - The value is a double precision floating point number. - >- - The service cannot be used by this consumer. It has either been - explicitly disabled, or has never been enabled. - - The service has been explicitly enabled for use by this consumer. - type: string - id: GoogleApiServiceusageV1Service - description: A service that is available for use by the consumer. - ImportAdminQuotaPoliciesResponse: - id: ImportAdminQuotaPoliciesResponse - properties: - policies: + The value is a text string. This value type can be used only if + the metric kind is `GAUGE`. + - The value is a `Distribution`. + - The value is money. + labels: items: - $ref: '#/components/schemas/AdminQuotaPolicy' - type: array - description: The policies that were created from the imported data. - type: object - description: Response message for ImportAdminQuotaPolicies - Option: - type: object - id: Option - description: >- - A protocol buffer option, which can be attached to a message, field, - enumeration, etc. - properties: - value: - additionalProperties: - description: Properties of the object. Contains field @type with type URL. - type: any - description: >- - The option's value packed in an Any message. If the value is a - primitive, the corresponding wrapper type defined in - google/protobuf/wrappers.proto should be used. If the value is an - enum, it should be stored as an int32 value using the - google.protobuf.Int32Value type. - type: object - name: - type: string + $ref: '#/components/schemas/LabelDescriptor' description: >- - The option's name. For protobuf built-in options (options defined in - descriptor.proto), this is the short name. For example, - `"map_entry"`. For custom options, it should be the fully-qualified - name. For example, `"google.api.http"`. - ImportConsumerOverridesMetadata: - properties: {} - type: object - description: >- - Metadata message that provides information such as progress, partial - failures, and similar information on each GetOperation call of LRO - returned by ImportConsumerOverrides. - id: ImportConsumerOverridesMetadata - NodeSettings: - type: object - description: Settings for Node client libraries. - id: NodeSettings - properties: - common: - description: Some settings. - $ref: '#/components/schemas/CommonLanguageSettings' + The set of labels that can be used to describe a specific instance + of this metric type. For example, the + `appengine.googleapis.com/http/server/response_latencies` metric + type has a label for the HTTP response code, `response_code`, so you + can look at latencies for successful responses or just for responses + that failed. + type: array + id: MetricDescriptor ConsumerPolicy: - type: object properties: - enableRules: - type: array - description: Enable rules define usable services and service groups. - items: - $ref: '#/components/schemas/EnableRule' annotations: + type: object additionalProperties: type: string - type: object description: >- Optional. Annotations is an unstructured key-value map stored with a policy that may be set by external tools to store and retrieve @@ -2873,1245 +3005,1352 @@ components: when modifying objects. [AIP-128](https://google.aip.dev/128#annotations) updateTime: - type: string - format: google-datetime description: The last-modified time. - etag: type: string - description: >- - An opaque tag indicating the current version of the policy, used for - concurrency control. + format: google-datetime name: - readOnly: true - type: string description: >- Output only. The resource name of the policy. We only allow consumer policy name as `default` for now: `projects/12345/consumerPolicies/default`, - `folders/12345/consumerPolicies/default`, - `organizations/12345/consumerPolicies/default`. - id: ConsumerPolicy - description: >- - Consumer Policy is a set of rules that define what services or service - groups can be used for a cloud resource hierarchy. - Endpoint: - type: object - properties: - target: - type: string - description: >- - The specification of an Internet routable address of API frontend - that will handle requests to this [API - Endpoint](https://cloud.google.com/apis/design/glossary). It should - be either a valid IPv4 address or a fully-qualified domain name. For - example, "8.8.8.8" or "myservice.appspot.com". - allowCors: - type: boolean - description: >- - Allowing - [CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing), - aka cross-domain traffic, would allow the backends served from this - endpoint to receive and respond to HTTP OPTIONS requests. The - response will be used by the browser to determine whether the - subsequent cross-origin request is allowed to proceed. - name: - type: string - description: The canonical name of this endpoint. - aliases: - type: array - description: >- - Aliases for this endpoint, these will be served by the same UrlMap - as the parent endpoint, and will be provisioned in the GCP stack for - the Regional Endpoints. - items: - type: string - id: Endpoint - description: >- - `Endpoint` describes a network address of a service that serves a set of - APIs. It is commonly known as a service endpoint. A service may expose - any number of service endpoints, and all service endpoints share the - same service definition, such as quota limits and monitoring metrics. - Example: type: google.api.Service name: library-example.googleapis.com - endpoints: # Declares network address - `https://library-example.googleapis.com` # for service - `library-example.googleapis.com`. The `https` scheme # is implicit for - all service endpoints. Other schemes may be # supported in the future. - - name: library-example.googleapis.com allow_cors: false - name: - content-staging-library-example.googleapis.com # Allows HTTP OPTIONS - calls to be passed to the API frontend, for it # to decide whether the - subsequent cross-origin request is allowed # to proceed. allow_cors: - true - BillingDestination: - properties: - monitoredResource: - description: >- - The monitored resource type. The type must be defined in - Service.monitored_resources section. - type: string - metrics: - items: - type: string - type: array - description: >- - Names of the metrics to report to this billing destination. Each - name must be defined in Service.metrics section. - description: >- - Configuration of a specific billing destination (Currently only support - bill against consumer project). - type: object - id: BillingDestination - CustomError: - id: CustomError - type: object - description: >- - Customize service error responses. For example, list any service - specific protobuf types that can appear in error detail lists of error - responses. Example: custom_error: types: - google.foo.v1.CustomError - - google.foo.v1.AnotherError - properties: - rules: - type: array - description: >- - The list of custom error rules that apply to individual API - messages. **NOTE:** All service configuration rules follow "last one - wins" order. - items: - $ref: '#/components/schemas/CustomErrorRule' - types: - description: >- - The list of custom error detail types, e.g. - 'google.foo.v1.CustomError'. - items: - type: string - type: array - GoogleApiServiceusageV1OperationMetadata: - type: object - properties: - resourceNames: - type: array - description: >- - The full name of the resources that this operation is directly - associated with. - items: - type: string - id: GoogleApiServiceusageV1OperationMetadata - description: The operation metadata returned for the batchend services operation. - ListServicesResponse: - id: ListServicesResponse - properties: - services: - items: - $ref: '#/components/schemas/GoogleApiServiceusageV1Service' - type: array - description: The available services for the requested project. - nextPageToken: - type: string - description: >- - Token that can be passed to `ListServices` to resume a paginated - query. - type: object - description: Response message for the `ListServices` method. - CppSettings: - id: CppSettings - type: object - properties: - common: - $ref: '#/components/schemas/CommonLanguageSettings' - description: Some settings. - description: Settings for C++ client libraries. - LongRunning: - properties: - pollDelayMultiplier: - format: float - type: number - description: >- - Multiplier to gradually increase delay between subsequent polls - until it reaches max_poll_delay. Default value: 1.5. - totalPollTimeout: - type: string - format: google-duration - description: 'Total polling timeout. Default value: 5 minutes.' - maxPollDelay: - type: string - format: google-duration - description: >- - Maximum time between two subsequent poll requests. Default value: 45 - seconds. - initialPollDelay: - format: google-duration + `folders/12345/consumerPolicies/default`, + `organizations/12345/consumerPolicies/default`. + readOnly: true type: string + etag: description: >- - Initial delay after which the first poll request will be made. - Default value: 5 seconds. - id: LongRunning - type: object - description: >- - Describes settings to use when generating API methods that use the - long-running operation pattern. All default values below are from those - used in the client library generators (e.g. - [Java](https://github.com/googleapis/gapic-generator-java/blob/04c2faa191a9b5a10b92392fe8482279c4404803/src/main/java/com/google/api/generator/gapic/composer/common/RetrySettingsComposer.java)). - Method: - id: Method - properties: - responseStreaming: - type: boolean - description: If true, the response is streamed. - syntax: - description: The source syntax of this method. + An opaque tag indicating the current version of the policy, used for + concurrency control. type: string - enumDescriptions: - - Syntax `proto2`. - - Syntax `proto3`. - - Syntax `editions`. - enum: - - SYNTAX_PROTO2 - - SYNTAX_PROTO3 - - SYNTAX_EDITIONS - options: - description: Any metadata attached to the method. + enableRules: + description: Enable rules define usable services and service groups. type: array items: - $ref: '#/components/schemas/Option' - name: - type: string - description: The simple name of this method. - requestTypeUrl: - type: string - description: A URL of the input message type. - responseTypeUrl: - description: The URL of the output message type. - type: string - requestStreaming: - type: boolean - description: If true, the request is streamed. + $ref: '#/components/schemas/EnableRule' + id: ConsumerPolicy + description: >- + Consumer Policy is a set of rules that define what services or service + groups can be used for a cloud resource hierarchy. type: object - description: Method represents a method of an API interface. - Page: + DeleteAdminQuotaPolicyMetadata: + type: object + id: DeleteAdminQuotaPolicyMetadata + properties: {} + description: >- + Metadata message that provides information such as progress, partial + failures, and similar information on each GetOperation call of LRO + returned by DeleteAdminQuotaPolicy. + LogDescriptor: + id: LogDescriptor + description: >- + A description of a log type. Example in YAML format: - name: + library.googleapis.com/activity_history description: The history of + borrowing and returning library items. display_name: Activity labels: - + key: /customer_id description: Identifier of a library customer type: object - id: Page properties: - content: - type: string + labels: description: >- - The Markdown content of the page. You can use ```(== include {path} - ==)``` to include content from a Markdown file. The content can be - used to produce the documentation page such as HTML format page. - subpages: - type: array + The set of labels that are available to describe a specific log + entry. Runtime requests that contain labels not specified here are + considered invalid. items: - $ref: '#/components/schemas/Page' + $ref: '#/components/schemas/LabelDescriptor' + type: array + displayName: + type: string description: >- - Subpages of this page. The order of subpages specified here will be - honored in the generated docset. - name: + The human-readable name for this log. This information appears on + the user interface and should be concise. + description: + description: >- + A human-readable description of this log. This information appears + in the documentation and can contain details. type: string + name: description: >- - The name of the page. It will be used as an identity of the page to - generate URI of the page, text of the link to this page in - navigation, etc. The full page name (start from the root page name - to this page concatenated with `.`) can be used as reference to the - page in your documentation. For example: pages: - name: Tutorial - content: (== include tutorial.md ==) subpages: - name: Java content: - (== include tutorial_java.md ==) You can reference `Java` page using - Markdown reference link syntax: `Java`. - description: >- - Represents a documentation page. A page can contain subpages to - represent nested documentation set structure. - Api: - id: Api + The name of the log. It must be less than 512 characters long and + can include the following characters: upper- and lower-case + alphanumeric characters [A-Za-z0-9], and punctuation characters + including slash, underscore, hyphen, period [/_-.]. + type: string + Publishing: description: >- - Api is a light-weight descriptor for an API Interface. Interfaces are - also described as "protocol buffer services" in some contexts, such as - by the "service" keyword in a .proto file, but they are different from - API Services, which represent a concrete implementation of an interface - as opposed to simply a description of methods and bindings. They are - also sometimes simply referred to as "APIs" in other contexts, such as - the name of this message itself. See - https://cloud.google.com/apis/design/glossary for detailed terminology. - type: object + This message configures the settings for publishing [Google Cloud Client + libraries](https://cloud.google.com/apis/docs/cloud-client-libraries) + generated from the service config. properties: - sourceContext: - description: >- - Source context for the protocol buffer service represented by this - message. - $ref: '#/components/schemas/SourceContext' - mixins: - type: array + librarySettings: items: - $ref: '#/components/schemas/Mixin' - description: Included interfaces. See Mixin. - name: + $ref: '#/components/schemas/ClientLibrarySettings' + type: array + description: >- + Client library settings. If the same version string appears multiple + times in this list, then the last one wins. Settings from earlier + settings with the same version string are discarded. + newIssueUri: type: string description: >- - The fully qualified name of this interface, including package name - followed by the interface's simple name. - syntax: + Link to a *public* URI where users can report issues. Example: + https://issuetracker.google.com/issues/new?component=190865&template=1161103 + protoReferenceDocumentationUri: + description: >- + Optional link to proto reference documentation. Example: + https://cloud.google.com/pubsub/lite/docs/reference/rpc type: string - description: The source syntax of the service. - enumDescriptions: - - Syntax `proto2`. - - Syntax `proto3`. - - Syntax `editions`. - enum: - - SYNTAX_PROTO2 - - SYNTAX_PROTO3 - - SYNTAX_EDITIONS - methods: - description: The methods of this interface, in unspecified order. - type: array + apiShortName: + description: >- + Used as a tracking tag when collecting data about the APIs developer + relations artifacts like docs, packages delivered to package + managers, etc. Example: "speech". + type: string + restReferenceDocumentationUri: + description: >- + Optional link to REST reference documentation. Example: + https://cloud.google.com/pubsub/lite/docs/reference/rest + type: string + documentationUri: + type: string + description: >- + Link to product home page. Example: + https://cloud.google.com/asset-inventory/docs/overview + codeownerGithubTeams: items: - $ref: '#/components/schemas/Method' - version: + type: string + type: array description: >- - A version string for this interface. If specified, must have the - form `major-version.minor-version`, as in `1.10`. If the minor - version is omitted, it defaults to zero. If the entire version field - is empty, the major version is derived from the package name, as - outlined below. If the field is not empty, the version in the - package name will be verified to be consistent with what is provided - here. The versioning schema uses [semantic - versioning](http://semver.org) where the major version number - indicates a breaking change and the minor version an additive, - non-breaking change. Both version numbers are signals to users what - to expect from different versions, and should be carefully chosen - based on the product plan. The major version is also reflected in - the package name of the interface, which must end in `v`, as in - `google.feature.v1`. For major versions 0 and 1, the suffix can be - omitted. Zero major versions must only be used for experimental, - non-GA interfaces. + GitHub teams to be added to CODEOWNERS in the directory in GitHub + containing source code for the client libraries for this API. + githubLabel: + description: >- + GitHub label to apply to issues and pull requests opened for this + API. type: string - options: + methodSettings: type: array items: - $ref: '#/components/schemas/Option' - description: Any metadata attached to the interface. - GetServiceIdentityMetadata: - id: GetServiceIdentityMetadata - type: object - description: Metadata for the `GetServiceIdentity` method. - properties: {} - GetServiceIdentityResponse: + $ref: '#/components/schemas/MethodSettings' + description: >- + A list of API method settings, e.g. the behavior for methods that + use the long-running operation pattern. + organization: + enum: + - CLIENT_LIBRARY_ORGANIZATION_UNSPECIFIED + - CLOUD + - ADS + - PHOTOS + - STREET_VIEW + - SHOPPING + - GEO + - GENERATIVE_AI + enumDescriptions: + - Not useful. + - Google Cloud Platform Org. + - Ads (Advertising) Org. + - Photos Org. + - Street View Org. + - Shopping Org. + - Geo Org. + - Generative AI - https://developers.generativeai.google + type: string + description: For whom the client library is being published. + docTagPrefix: + type: string + description: >- + A prefix used in sample code when demarking regions to be included + in documentation. + id: Publishing type: object - description: Response message for getting service identity. - id: GetServiceIdentityResponse + GoogleApiServiceusageV1beta1GetServiceIdentityResponse: properties: + identity: + $ref: '#/components/schemas/GoogleApiServiceusageV1beta1ServiceIdentity' + description: >- + Service identity that service producer can use to access consumer + resources. If exists is true, it contains email and unique_id. If + exists is false, it contains pre-constructed email and empty + unique_id. state: - description: Service identity state. type: string enum: - IDENTITY_STATE_UNSPECIFIED - ACTIVE + description: Service identity state. enumDescriptions: - >- Default service identity state. This value is used if the state is omitted. - Service identity has been created and can be used. - identity: - description: >- - Service identity that service producer can use to access consumer - resources. If exists is true, it contains email and unique_id. If - exists is false, it contains pre-constructed email and empty - unique_id. - $ref: '#/components/schemas/ServiceIdentity' - EnumValue: - description: Enum value definition. + id: GoogleApiServiceusageV1beta1GetServiceIdentityResponse + description: Response message for getting service identity. + type: object + BatchCreateConsumerOverridesResponse: + id: BatchCreateConsumerOverridesResponse type: object + description: Response message for BatchCreateConsumerOverrides properties: - number: - type: integer - format: int32 - description: Enum value number. + overrides: + type: array + items: + $ref: '#/components/schemas/QuotaOverride' + description: The overrides that were created. + Enum: + id: Enum + description: >- + Enum type definition. New usages of this message as an alternative to + EnumDescriptorProto are strongly discouraged. This message does not + reliability preserve all information necessary to model the schema and + preserve semantics. Instead make use of FileDescriptorSet which + preserves the necessary information. + type: object + properties: + name: + type: string + description: Enum type name. + syntax: + enumDescriptions: + - Syntax `proto2`. + - Syntax `proto3`. + - Syntax `editions`. + enum: + - SYNTAX_PROTO2 + - SYNTAX_PROTO3 + - SYNTAX_EDITIONS + type: string + description: The source syntax. options: type: array - description: Protocol buffer options. items: $ref: '#/components/schemas/Option' - name: + description: Protocol buffer options. + enumvalue: + description: Enum value definitions. + items: + $ref: '#/components/schemas/EnumValue' + type: array + sourceContext: + description: The source context. + $ref: '#/components/schemas/SourceContext' + edition: type: string - description: Enum value name. - id: EnumValue - RubySettings: + description: >- + The source edition string, only valid when syntax is + SYNTAX_EDITIONS. + Logging: type: object - id: RubySettings - description: Settings for Ruby client libraries. - properties: - common: - $ref: '#/components/schemas/CommonLanguageSettings' - description: Some settings. - LogDescriptor: - id: LogDescriptor description: >- - A description of a log type. Example in YAML format: - name: - library.googleapis.com/activity_history description: The history of - borrowing and returning library items. display_name: Activity labels: - - key: /customer_id description: Identifier of a library customer - type: object + Logging configuration of the service. The following example shows how to + configure logs to be sent to the producer and consumer projects. In the + example, the `activity_history` log is sent to both the producer and + consumer projects, whereas the `purchase_history` log is only sent to + the producer project. monitored_resources: - type: + library.googleapis.com/branch labels: - key: /city description: The city + where the library branch is located in. - key: /name description: The + name of the branch. logs: - name: activity_history labels: - key: + /customer_id - name: purchase_history logging: producer_destinations: - + monitored_resource: library.googleapis.com/branch logs: - + activity_history - purchase_history consumer_destinations: - + monitored_resource: library.googleapis.com/branch logs: - + activity_history properties: - labels: + consumerDestinations: type: array - description: >- - The set of labels that are available to describe a specific log - entry. Runtime requests that contain labels not specified here are - considered invalid. items: - $ref: '#/components/schemas/LabelDescriptor' - name: - description: >- - The name of the log. It must be less than 512 characters long and - can include the following characters: upper- and lower-case - alphanumeric characters [A-Za-z0-9], and punctuation characters - including slash, underscore, hyphen, period [/_-.]. - type: string - displayName: + $ref: '#/components/schemas/LoggingDestination' description: >- - The human-readable name for this log. This information appears on - the user interface and should be concise. - type: string - description: - type: string + Logging configurations for sending logs to the consumer project. + There can be multiple consumer destinations, each one must have a + different monitored resource type. A log can be used in at most one + consumer destination. + producerDestinations: description: >- - A human-readable description of this log. This information appears - in the documentation and can contain details. - Documentation: + Logging configurations for sending logs to the producer project. + There can be multiple producer destinations, each one must have a + different monitored resource type. A log can be used in at most one + producer destination. + type: array + items: + $ref: '#/components/schemas/LoggingDestination' + id: Logging + PythonSettings: + id: PythonSettings + type: object + description: Settings for Python client libraries. properties: - overview: - type: string - description: >- - Declares a single overview page. For example: documentation: - summary: ... overview: (== include overview.md ==) This is a - shortcut for the following declaration (using pages style): - documentation: summary: ... pages: - name: Overview content: (== - include overview.md ==) Note: you cannot specify both `overview` - field and `pages` field. - serviceRootUrl: + experimentalFeatures: description: >- - Specifies the service root url if the default one (the service name - from the yaml file) is not suitable. This can be seen in any fully - specified service urls as well as sections that show a base that - other urls are relative to. - type: string - sectionOverrides: + Experimental features to be included during client library + generation. + $ref: '#/components/schemas/ExperimentalFeatures' + common: + $ref: '#/components/schemas/CommonLanguageSettings' + description: Some settings. + ContextRule: + description: >- + A context rule provides information about the context for an individual + API element. + id: ContextRule + properties: + allowedRequestExtensions: items: - $ref: '#/components/schemas/Page' + type: string + type: array description: >- - Specifies section and content to override the boilerplate content. - Currently overrides following sections: 1. - rest.service.client_libraries + A list of full type names or extension IDs of extensions allowed in + grpc side channel from client to backend. + requested: + description: >- + A list of full type names of requested contexts, only the requested + context will be made available to the backend. type: array - rules: + items: + type: string + allowedResponseExtensions: type: array description: >- - A list of documentation rules that apply to individual API elements. - **NOTE:** All service configuration rules follow "last one wins" - order. + A list of full type names or extension IDs of extensions allowed in + grpc side channel from backend to client. items: - $ref: '#/components/schemas/DocumentationRule' - pages: - description: The top level pages for the documentation set. + type: string + provided: + description: >- + A list of full type names of provided contexts. It is used to + support propagating HTTP headers and ETags from the response + extension. type: array items: - $ref: '#/components/schemas/Page' - additionalIamInfo: - description: >- - Optional information about the IAM configuration. This is typically - used to link to documentation about a product's IAM roles and - permissions. + type: string + selector: type: string - summary: description: >- - A short description of what the service does. The summary must be - plain text. It becomes the overview of the service displayed in - Google Cloud Console. NOTE: This field is equivalent to the standard - field `description`. - type: string - documentationRootUrl: - description: The URL to the root of documentation. - type: string + Selects the methods to which this rule applies. Refer to selector + for syntax details. + type: object + GoogleApiServiceusageV2alphaUpdateConsumerPolicyMetadata: + description: Metadata for the `UpdateConsumerPolicy` method. + type: object + properties: {} + id: GoogleApiServiceusageV2alphaUpdateConsumerPolicyMetadata + CustomError: type: object description: >- - `Documentation` provides the information for describing a service. - Example: documentation: summary: > The Google Calendar API gives access - to most calendar features. pages: - name: Overview content: (== include - google/foo/overview.md ==) - name: Tutorial content: (== include - google/foo/tutorial.md ==) subpages: - name: Java content: (== include - google/foo/tutorial_java.md ==) rules: - selector: - google.calendar.Calendar.Get description: > ... - selector: - google.calendar.Calendar.Put description: > ... Documentation is - provided in markdown syntax. In addition to standard markdown features, - definition lists, tables and fenced code blocks are supported. Section - headers can be provided and are interpreted relative to the section - nesting of the context where a documentation fragment is embedded. - Documentation from the IDL is merged with documentation defined via the - config at normalization time, where documentation provided by config - rules overrides IDL provided. A number of constructs specific to the API - platform are supported in documentation text. In order to reference a - proto element, the following notation can be used: - [fully.qualified.proto.name][] To override the display text used for the - link, this can be used: [display text][fully.qualified.proto.name] Text - can be excluded from doc using the following notation: (-- internal - comment --) A few directives are available in documentation. Note that - directives must appear on a single line to be properly identified. The - `include` directive includes a markdown file from an external source: - (== include path/to/file ==) The `resource_for` directive marks a - message to be the resource of a collection in REST view. If it is not - specified, tools attempt to infer the resource from the operations in a - collection: (== resource_for v1.shelves.books ==) The directive - `suppress_warning` does not directly affect documentation and is - documented together with service config validation. - id: Documentation - Quota: + Customize service error responses. For example, list any service + specific protobuf types that can appear in error detail lists of error + responses. Example: custom_error: types: - google.foo.v1.CustomError - + google.foo.v1.AnotherError + id: CustomError properties: - limits: + rules: + description: >- + The list of custom error rules that apply to individual API + messages. **NOTE:** All service configuration rules follow "last one + wins" order. type: array items: - $ref: '#/components/schemas/QuotaLimit' - description: List of QuotaLimit definitions for the service. - metricRules: + $ref: '#/components/schemas/CustomErrorRule' + types: type: array - items: - $ref: '#/components/schemas/MetricRule' description: >- - List of MetricRule definitions, each one mapping a selected method - to one or more metrics. - id: Quota - description: >- - Quota configuration helps to achieve fairness and budgeting in service - usage. The metric based quota configuration works this way: - The - service configuration defines a set of metrics. - For API calls, the - quota.metric_rules maps methods to metrics with corresponding costs. - - The quota.limits defines limits on the metrics, which will be used for - quota checks at runtime. An example quota configuration in yaml format: - quota: limits: - name: apiWriteQpsPerProject metric: - library.googleapis.com/write_calls unit: "1/min/{project}" # rate limit - for consumer projects values: STANDARD: 10000 (The metric rules bind all - methods to the read_calls metric, except for the UpdateBook and - DeleteBook methods. These two methods are mapped to the write_calls - metric, with the UpdateBook method consuming at twice rate as the - DeleteBook method.) metric_rules: - selector: "*" metric_costs: - library.googleapis.com/read_calls: 1 - selector: - google.example.library.v1.LibraryService.UpdateBook metric_costs: - library.googleapis.com/write_calls: 2 - selector: - google.example.library.v1.LibraryService.DeleteBook metric_costs: - library.googleapis.com/write_calls: 1 Corresponding Metric definition: - metrics: - name: library.googleapis.com/read_calls display_name: Read - requests metric_kind: DELTA value_type: INT64 - name: - library.googleapis.com/write_calls display_name: Write requests - metric_kind: DELTA value_type: INT64 + The list of custom error detail types, e.g. + 'google.foo.v1.CustomError'. + items: + type: string + EnableFailure: + id: EnableFailure + properties: + errorMessage: + type: string + description: An error message describing why the service could not be enabled. + serviceId: + type: string + description: The service id of a service that could not be enabled. + description: Provides error messages for the failing services. type: object - JavaSettings: - description: Settings for Java client libraries. + BackendRule: + type: object + description: A backend rule provides configuration for an individual API element. + id: BackendRule properties: - serviceClassNames: + deadline: + description: >- + The number of seconds to wait for a response from a request. The + default varies based on the request protocol and deployment + environment. + format: double + type: number + operationDeadline: + description: >- + The number of seconds to wait for the completion of a long running + operation. The default is no deadline. + type: number + format: double + overridesByRequestProtocol: type: object + description: The map between request protocol and the backend address. additionalProperties: - type: string + $ref: '#/components/schemas/BackendRule' + pathTranslation: + type: string + enumDescriptions: + - '' + - >- + Use the backend address as-is, with no modification to the path. + If the URL pattern contains variables, the variable names and + values will be appended to the query string. If a query string + parameter and a URL pattern variable have the same name, this may + result in duplicate keys in the query string. # Examples Given the + following operation config: Method path: + /api/company/{cid}/user/{uid} Backend address: + https://example.cloudfunctions.net/getUser Requests to the + following request paths will call the backend at the translated + path: Request path: /api/company/widgetworks/user/johndoe + Translated: + https://example.cloudfunctions.net/getUser?cid=widgetworks&uid=johndoe + Request path: /api/company/widgetworks/user/johndoe?timezone=EST + Translated: + https://example.cloudfunctions.net/getUser?timezone=EST&cid=widgetworks&uid=johndoe + - >- + The request path will be appended to the backend address. # + Examples Given the following operation config: Method path: + /api/company/{cid}/user/{uid} Backend address: + https://example.appspot.com Requests to the following request + paths will call the backend at the translated path: Request path: + /api/company/widgetworks/user/johndoe Translated: + https://example.appspot.com/api/company/widgetworks/user/johndoe + Request path: /api/company/widgetworks/user/johndoe?timezone=EST + Translated: + https://example.appspot.com/api/company/widgetworks/user/johndoe?timezone=EST + description: no-lint + enum: + - PATH_TRANSLATION_UNSPECIFIED + - CONSTANT_ADDRESS + - APPEND_PATH_TO_ADDRESS + selector: description: >- - Configure the Java class name to use instead of the service's for - its corresponding generated GAPIC client. Keys are fully-qualified - service names as they appear in the protobuf (including the full the - language_settings.java.interface_names" field in gapic.yaml. API - teams should otherwise use the service name as it appears in the - protobuf. Example of a YAML configuration:: publishing: - java_settings: service_class_names: - google.pubsub.v1.Publisher: - TopicAdmin - google.pubsub.v1.Subscriber: SubscriptionAdmin - common: - $ref: '#/components/schemas/CommonLanguageSettings' - description: Some settings. - libraryPackage: + Selects the methods to which this rule applies. Refer to selector + for syntax details. + type: string + jwtAudience: description: >- - The package name to use in Java. Clobbers the java_package option - set in the protobuf. This should be used **only** by APIs who have - already set the language_settings.java.package_name" field in - gapic.yaml. API teams should use the protobuf java_package option - where possible. Example of a YAML configuration:: publishing: - library_settings: java_settings: library_package: - com.google.cloud.pubsub.v1 + The JWT audience is used when generating a JWT ID token for the + backend. This ID token will be added in the HTTP "authorization" + header, and sent to the backend. type: string - id: JavaSettings - type: object - CustomHttpPattern: - id: CustomHttpPattern - description: A custom pattern is used for defining custom HTTP verb. - properties: - kind: - description: The name of this custom HTTP verb. + loadBalancingPolicy: + description: >- + The load balancing policy used for connection to the application + backend. Defined as an arbitrary string to accomondate custom load + balancing policies supported by the underlying channel, but suggest + most users use one of the standard policies, such as the default, + "RoundRobin". type: string - path: - description: The path matched by this custom verb. + address: + description: >- + The address of the API backend. The scheme is used to determine the + backend protocol and security. The following schemes are accepted: + SCHEME PROTOCOL SECURITY http:// HTTP None https:// HTTP TLS grpc:// + gRPC None grpcs:// gRPC TLS It is recommended to explicitly include + a scheme. Leaving out the scheme may cause constrasting behaviors + across platforms. If the port is unspecified, the default is: - 80 + for schemes without TLS - 443 for schemes with TLS For HTTP + backends, use protocol to specify the protocol version. type: string - type: object - CreateAdminQuotaPolicyMetadata: - properties: {} - type: object + protocol: + type: string + description: >- + The protocol used for sending a request to the backend. The + supported values are "http/1.1" and "h2". The default value is + inferred from the scheme in the address field: SCHEME PROTOCOL + http:// http/1.1 https:// http/1.1 grpc:// h2 grpcs:// h2 For secure + HTTP backends (https://) that support HTTP/2, set this field to "h2" + for improved performance. Configuring this field to non-default + values is only supported for secure HTTP backends. This field will + be ignored for all other backends. See + https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids + for more details on the supported values. + disableAuth: + description: >- + When disable_auth is true, a JWT ID token won't be generated and the + original "Authorization" HTTP header will be preserved. If the + header is used to carry the original token and is expected by the + backend, this field must be set to true to preserve the header. + type: boolean + minDeadline: + format: double + description: Deprecated, do not use. + type: number + deprecated: true + UpdateAdminQuotaPolicyMetadata: description: >- Metadata message that provides information such as progress, partial failures, and similar information on each GetOperation call of LRO - returned by CreateAdminQuotaPolicy. - id: CreateAdminQuotaPolicyMetadata - UpdateConsumerPolicyMetadata: - id: UpdateConsumerPolicyMetadata - type: object - description: Metadata for the `UpdateConsumerPolicy` method. + returned by UpdateAdminQuotaPolicy. + id: UpdateAdminQuotaPolicyMetadata properties: {} - Mixin: type: object - description: >- - Declares an API Interface to be included in this interface. The - including interface must redeclare all the methods from the included - interface, but documentation and options are inherited as follows: - If - after comment and whitespace stripping, the documentation string of the - redeclared method is empty, it will be inherited from the original - method. - Each annotation belonging to the service config (http, - visibility) which is not set in the redeclared method will be inherited. - - If an http annotation is inherited, the path pattern will be modified - as follows. Any version prefix will be replaced by the version of the - including interface plus the root path if specified. Example of a simple - mixin: package google.acl.v1; service AccessControl { // Get the - underlying ACL object. rpc GetAcl(GetAclRequest) returns (Acl) { option - (google.api.http).get = "/v1/{resource=**}:getAcl"; } } package - google.storage.v2; service Storage { // rpc GetAcl(GetAclRequest) - returns (Acl); // Get a data record. rpc GetData(GetDataRequest) returns - (Data) { option (google.api.http).get = "/v2/{resource=**}"; } } Example - of a mixin configuration: apis: - name: google.storage.v2.Storage - mixins: - name: google.acl.v1.AccessControl The mixin construct implies - that all methods in `AccessControl` are also declared with same name and - request/response types in `Storage`. A documentation generator or - annotation processor will see the effective `Storage.GetAcl` method - after inheriting documentation and annotations as follows: service - Storage { // Get the underlying ACL object. rpc GetAcl(GetAclRequest) - returns (Acl) { option (google.api.http).get = - "/v2/{resource=**}:getAcl"; } ... } Note how the version in the path - pattern changed from `v1` to `v2`. If the `root` field in the mixin is - specified, it should be a relative path under which inherited HTTP paths - are placed. Example: apis: - name: google.storage.v2.Storage mixins: - - name: google.acl.v1.AccessControl root: acls This implies the following - inherited HTTP annotation: service Storage { // Get the underlying ACL - object. rpc GetAcl(GetAclRequest) returns (Acl) { option - (google.api.http).get = "/v2/acls/{resource=**}:getAcl"; } ... } + GoogleApiServiceusageV1OperationMetadata: + id: GoogleApiServiceusageV1OperationMetadata + type: object + description: The operation metadata returned for the batchend services operation. properties: - name: - description: The fully qualified name of the interface which is included. - type: string - root: + resourceNames: + items: + type: string + type: array description: >- - If non-empty specifies a path under which inherited HTTP paths are - rooted. - type: string - id: Mixin - UsageRule: - description: Usage configuration rules for the service. - type: object + The full name of the resources that this operation is directly + associated with. + SystemParameterRule: properties: - skipServiceControl: - type: boolean + parameters: description: >- - If true, the selected method should skip service control and the - control plane features, such as quota and billing, will not be - available. This flag is used by Google Cloud Endpoints to bypass - checks for internal methods, such as service health check methods. + Define parameters. Multiple names may be defined for a parameter. + For a given method call, only one of them should be used. If + multiple names are used the behavior is implementation-dependent. If + none of the specified names are present the behavior is + parameter-dependent. + items: + $ref: '#/components/schemas/SystemParameter' + type: array selector: + type: string description: >- Selects the methods to which this rule applies. Use '*' to indicate all methods in all APIs. Refer to selector for syntax details. - type: string - allowUnregisteredCalls: - description: ' Use this rule to configure unregistered calls for the service. Unregistered calls are calls that do not contain consumer project identity. (Example: calls that do not contain an API key). WARNING: By default, API methods do not allow unregistered calls, and each method call must be identified by a consumer project identity.' - type: boolean - id: UsageRule - AuthRequirement: - properties: - audiences: - type: string - description: >- - NOTE: This will be deprecated soon, once AuthProvider.audiences is - implemented and accepted in all the runtime components. The list of - JWT - [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3). - that are allowed to access. A JWT containing any of these audiences - will be accepted. When this setting is absent, only JWTs with - audience "https://Service_name/API_name" will be accepted. For - example, if no audiences are in the setting, LibraryService API will - only accept JWTs with the following audience - "https://library-example.googleapis.com/google.example.library.v1.LibraryService". - Example: audiences: bookstore_android.apps.googleusercontent.com, - bookstore_web.apps.googleusercontent.com - providerId: - description: >- - id from authentication provider. Example: provider_id: - bookstore_auth - type: string - description: >- - User-defined authentication requirements, including support for [JSON - Web Token - (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32). - id: AuthRequirement - type: object - GoogleApiServiceusageV2betaUpdateConsumerPolicyMetadata: type: object - properties: {} - id: GoogleApiServiceusageV2betaUpdateConsumerPolicyMetadata - description: Metadata for the `UpdateConsumerPolicy` method. - AnalysisResult: + id: SystemParameterRule + description: >- + Define a system parameter rule mapping system parameter definitions to + methods. + NodeSettings: + description: Settings for Node client libraries. + id: NodeSettings type: object - id: AnalysisResult - description: An analysis result including blockers and warnings. properties: - warnings: + common: + description: Some settings. + $ref: '#/components/schemas/CommonLanguageSettings' + GoogleApiService: + properties: + logs: items: - $ref: '#/components/schemas/Impact' + $ref: '#/components/schemas/LogDescriptor' + type: array + description: Defines the logs used by this service. + systemParameters: + description: System parameter configuration. + $ref: '#/components/schemas/SystemParameters' + metrics: + type: array + items: + $ref: '#/components/schemas/MetricDescriptor' + description: Defines the metrics used by this service. + documentation: + description: Additional API documentation. + $ref: '#/components/schemas/Documentation' + configVersion: + format: uint32 + type: integer description: >- - Warning information indicating that the policy changes might be - unsafe, but will not block the changes at runtime. + Obsolete. Do not use. This field has no semantic meaning. The + service config compiler always sets this field to `3`. + types: + items: + $ref: '#/components/schemas/Type' + description: >- + A list of all proto message types included in this API service. + Types referenced directly or indirectly by the `apis` are + automatically included. Messages which are not referenced but shall + be included, such as types used by the `google.protobuf.Any` type, + should be listed here by name by the configuration author. Example: + types: - name: google.protobuf.Int32 type: array - blockers: + billing: + description: Billing configuration. + $ref: '#/components/schemas/Billing' + systemTypes: + type: array + items: + $ref: '#/components/schemas/Type' description: >- - Blocking information that would prevent the policy changes at - runtime. + A list of all proto message types included in this API service. It + serves similar purpose as [google.api.Service.types], except that + these types are not needed by user-defined APIs. Therefore, they + will not show up in the generated discovery doc. This field should + only be used to define system APIs in ESF. + id: + description: >- + A unique ID for a specific instance of this message, typically + assigned by the client for tracking purpose. Must be no longer than + 63 characters and only lower case letters, digits, '.', '_' and '-' + are allowed. If empty, the server may choose to generate one + instead. + type: string + usage: + description: Configuration controlling usage of this service. + $ref: '#/components/schemas/Usage' + authentication: + $ref: '#/components/schemas/Authentication' + description: Auth configuration. + backend: + description: API backend configuration. + $ref: '#/components/schemas/Backend' + context: + description: Context configuration. + $ref: '#/components/schemas/Context' + customError: + description: Custom error configuration. + $ref: '#/components/schemas/CustomError' + enums: + description: >- + A list of all enum types included in this API service. Enums + referenced directly or indirectly by the `apis` are automatically + included. Enums which are not referenced but shall be included + should be listed here by name by the configuration author. Example: + enums: - name: google.someapi.v1.SomeEnum type: array items: - $ref: '#/components/schemas/Impact' - UpdateAdminQuotaPolicyMetadata: - properties: {} - description: >- - Metadata message that provides information such as progress, partial - failures, and similar information on each GetOperation call of LRO - returned by UpdateAdminQuotaPolicy. - type: object - id: UpdateAdminQuotaPolicyMetadata - BatchEnableServicesRequest: - id: BatchEnableServicesRequest - type: object - description: Request message for the `BatchEnableServices` method. - properties: - serviceIds: + $ref: '#/components/schemas/Enum' + monitoring: + description: Monitoring configuration. + $ref: '#/components/schemas/Monitoring' + endpoints: + type: array + description: >- + Configuration for network endpoints. If this is empty, then an + endpoint with the same name as the service is automatically + generated to service all defined APIs. items: - type: string + $ref: '#/components/schemas/Endpoint' + sourceInfo: + $ref: '#/components/schemas/SourceInfo' description: >- - The identifiers of the services to enable on the project. A valid - identifier would be: serviceusage.googleapis.com Enabling services - requires that each service is public or is shared with the user - enabling the service. A single request can enable a maximum of 20 - services at a time. If more than 20 services are specified, the - request will fail, and no state changes will occur. + Output only. The source information for this configuration if + available. + control: + $ref: '#/components/schemas/Control' + description: Configuration for the service control plane. + name: + description: >- + The service name, which is a DNS-like logical identifier for the + service, such as `calendar.googleapis.com`. The service name + typically goes through DNS verification to make sure the owner of + the service also owns the DNS name. + type: string + apis: + items: + $ref: '#/components/schemas/Api' type: array - Billing: - id: Billing + description: >- + A list of API interfaces exported by this service. Only the `name` + field of the google.protobuf.Api needs to be provided by the + configuration author, as the remaining fields will be derived from + the IDL during the normalization process. It is an error to specify + an API interface here which cannot be resolved against the + associated IDL files. + monitoredResources: + description: >- + Defines the monitored resources used by this service. This is + required by the Service.monitoring and Service.logging + configurations. + type: array + items: + $ref: '#/components/schemas/MonitoredResourceDescriptor' + producerProjectId: + type: string + description: The Google project that owns this service. + title: + type: string + description: >- + The product title for this service, it is the name displayed in + Google Cloud Console. + quota: + $ref: '#/components/schemas/Quota' + description: Quota configuration. + logging: + description: Logging configuration. + $ref: '#/components/schemas/Logging' + http: + $ref: '#/components/schemas/Http' + description: HTTP configuration. + publishing: + description: >- + Settings for [Google Cloud Client + libraries](https://cloud.google.com/apis/docs/cloud-client-libraries) + generated from APIs defined as protocol buffers. + $ref: '#/components/schemas/Publishing' + aspects: + description: >- + Configuration aspects. This is a repeated field to allow multiple + aspects to be configured. The kind field in each ConfigAspect + specifies the type of aspect. The spec field contains the + configuration for that aspect. The schema for the spec field is + defined by the backend service owners. + type: array + items: + $ref: '#/components/schemas/Aspect' + id: GoogleApiService + type: object + description: >- + `Service` is the root object of Google API service configuration + (service config). It describes the basic information about a logical + service, such as the service name and the user-facing title, and + delegates other aspects to sub-sections. Each sub-section is either a + proto message or a repeated proto message that configures a specific + aspect, such as auth. For more information, see each proto message + definition. Example: type: google.api.Service name: + calendar.googleapis.com title: Google Calendar API apis: - name: + google.calendar.v3.Calendar visibility: rules: - selector: + "google.calendar.v3.*" restriction: PREVIEW backend: rules: - selector: + "google.calendar.v3.*" address: calendar.example.com authentication: + providers: - id: google_calendar_auth jwks_uri: + https://www.googleapis.com/oauth2/v1/certs issuer: + https://securetoken.google.com rules: - selector: "*" requirements: + provider_id: google_calendar_auth + OperationMetadata: type: object + id: OperationMetadata properties: - consumerDestinations: - items: - $ref: '#/components/schemas/BillingDestination' + resourceNames: type: array description: >- - Billing configurations for sending metrics to the consumer project. - There can be multiple consumer destinations per service, each one - must have a different monitored resource type. A metric can be used - in at most one consumer destination. - description: >- - Billing related configuration of the service. The following example - shows how to configure monitored resources and metrics for billing, - `consumer_destinations` is the only supported destination and the - monitored resources need at least one label key - `cloud.googleapis.com/location` to indicate the location of the billing - usage, using different monitored resources between monitoring and - billing is recommended so they can be evolved independently: - monitored_resources: - type: library.googleapis.com/billing_branch - labels: - key: cloud.googleapis.com/location description: | Predefined - label to support billing location restriction. - key: city description: - | Custom label to define the city where the library branch is located - in. - key: name description: Custom label to define the name of the - library branch. metrics: - name: - library.googleapis.com/book/borrowed_count metric_kind: DELTA - value_type: INT64 unit: "1" billing: consumer_destinations: - - monitored_resource: library.googleapis.com/billing_branch metrics: - - library.googleapis.com/book/borrowed_count - GoogleApiServiceusageV2betaConsumerPolicy: + The full name of the resources that this operation is directly + associated with. + items: + type: string + description: The operation metadata returned for the batchend services operation. + CustomHttpPattern: + type: object + description: A custom pattern is used for defining custom HTTP verb. + id: CustomHttpPattern properties: - createTime: - format: google-datetime - readOnly: true + kind: + description: The name of this custom HTTP verb. + type: string + path: + description: The path matched by this custom verb. type: string + UsageRule: + properties: + allowUnregisteredCalls: + description: ' Use this rule to configure unregistered calls for the service. Unregistered calls are calls that do not contain consumer project identity. (Example: calls that do not contain an API key). WARNING: By default, API methods do not allow unregistered calls, and each method call must be identified by a consumer project identity.' + type: boolean + skipServiceControl: + type: boolean description: >- - Output only. The time the policy was created. For singleton - policies, this is the first touch of the policy. - annotations: - type: object + If true, the selected method should skip service control and the + control plane features, such as quota and billing, will not be + available. This flag is used by Google Cloud Endpoints to bypass + checks for internal methods, such as service health check methods. + selector: + type: string description: >- - Optional. Annotations is an unstructured key-value map stored with a - policy that may be set by external tools to store and retrieve - arbitrary metadata. They are not queryable and should be preserved - when modifying objects. - [AIP-128](https://google.aip.dev/128#annotations) - additionalProperties: - type: string - enableRules: + Selects the methods to which this rule applies. Use '*' to indicate + all methods in all APIs. Refer to selector for syntax details. + id: UsageRule + type: object + description: Usage configuration rules for the service. + McpPolicy: + description: >- + MCP Consumer Policy is a set of rules that define MCP related policy for + a cloud resource hierarchy. + id: McpPolicy + type: object + properties: + mcpEnableRules: items: - $ref: '#/components/schemas/GoogleApiServiceusageV2betaEnableRule' + $ref: '#/components/schemas/McpEnableRule' type: array - description: >- - Enable rules define usable services, groups, and categories. There - can currently be at most one `EnableRule`. This restriction will be - lifted in later releases. + description: McpEnableRules contains MCP enablement related rules. updateTime: + format: google-datetime readOnly: true description: Output only. The time the policy was last updated. type: string - format: google-datetime + name: + readOnly: true + type: string + description: >- + Output only. The resource name of the policy. Only the `default` + policy is supported. We allow the following formats: + `projects/{PROJECT_NUMBER}/mcpPolicies/default`, + `projects/{PROJECT_ID}/mcpPolicies/default`, + `folders/{FOLDER_ID}/mcpPolicies/default`, + `organizations/{ORG_ID}/mcpPolicies/default`. etag: description: >- - Output only. An opaque tag indicating the current version of the - policy, used for concurrency control. + An opaque tag indicating the current version of the policy, used for + concurrency control. type: string - readOnly: true - name: + createTime: type: string description: >- - Output only. The resource name of the policy. Only the `default` - policy is supported: `projects/12345/consumerPolicies/default`, - `folders/12345/consumerPolicies/default`, - `organizations/12345/consumerPolicies/default`. + Output only. The time the policy was created. For singleton policies + (such as the `default` policy), this is the first touch of the + policy. readOnly: true - description: >- - Consumer Policy is a set of rules that define what services or service - groups can be used for a cloud resource hierarchy. - id: GoogleApiServiceusageV2betaConsumerPolicy + format: google-datetime + GetServiceIdentityResponse: type: object - MetricDescriptorMetadata: - id: MetricDescriptorMetadata - description: Additional annotations that can be used to guide the usage of a metric. + id: GetServiceIdentityResponse + description: Response message for getting service identity. properties: - timeSeriesResourceHierarchyLevel: - description: The scope of the timeseries data of the metric. - items: - enumDescriptions: - - Do not use this default value. - - Scopes a metric to a project. - - Scopes a metric to an organization. - - Scopes a metric to a folder. - type: string - enum: - - TIME_SERIES_RESOURCE_HIERARCHY_LEVEL_UNSPECIFIED - - PROJECT - - ORGANIZATION - - FOLDER - type: array - ingestDelay: - type: string - description: >- - The delay of data points caused by ingestion. Data points older than - this age are guaranteed to be ingested and available to be read, - excluding data loss due to errors. - format: google-duration - samplePeriod: - type: string - format: google-duration + identity: + $ref: '#/components/schemas/ServiceIdentity' description: >- - The sampling period of metric data points. For metrics which are - written periodically, consecutive data points are stored at this - time interval, excluding data loss due to errors. Metrics with a - higher granularity have a smaller sampling period. - launchStage: - description: Deprecated. Must use the MetricDescriptor.launch_stage instead. + Service identity that service producer can use to access consumer + resources. If exists is true, it contains email and unique_id. If + exists is false, it contains pre-constructed email and empty + unique_id. + state: type: string - deprecated: true + enum: + - IDENTITY_STATE_UNSPECIFIED + - ACTIVE + description: Service identity state. enumDescriptions: - - Do not use this default value. - - The feature is not yet implemented. Users can not use it. - - >- - Prelaunch features are hidden from users and are only visible - internally. - - >- - Early Access features are limited to a closed group of testers. To - use these features, you must sign up in advance and sign a Trusted - Tester agreement (which includes confidentiality provisions). - These features may be unstable, changed in backward-incompatible - ways, and are not guaranteed to be released. - - >- - Alpha is a limited availability test for releases before they are - cleared for widespread use. By Alpha, all significant design - issues are resolved and we are in the process of verifying - functionality. Alpha customers need to apply for access, agree to - applicable terms, and have their projects allowlisted. Alpha - releases don't have to be feature complete, no SLAs are provided, - and there are no technical support obligations, but they will be - far enough along that customers can actually use them in test - environments or for limited-use tests -- just like they would in - normal production cases. - - >- - Beta is the point at which we are ready to open a release for any - customer to use. There are no SLA or technical support obligations - in a Beta release. Products will be complete from a feature - perspective, but may have some open outstanding issues. Beta - releases are suitable for limited production use cases. - >- - GA features are open to all developers and are considered stable - and fully qualified for production use. - - >- - Deprecated features are scheduled to be shut down and removed. For - more information, see the "Deprecation Policy" section of our - [Terms of Service](https://cloud.google.com/terms/) and the - [Google Cloud Platform Subject to the Deprecation - Policy](https://cloud.google.com/terms/deprecation) documentation. - enum: - - LAUNCH_STAGE_UNSPECIFIED - - UNIMPLEMENTED - - PRELAUNCH - - EARLY_ACCESS - - ALPHA - - BETA - - GA - - DEPRECATED + Default service identity state. This value is used if the state is + omitted. + - Service identity has been created and can be used. + Usage: + type: object + description: Configuration controlling usage of a service. + properties: + producerNotificationChannel: + type: string + description: >- + The full resource name of a channel used for sending notifications + to the service producer. Google Service Management currently only + supports [Google Cloud Pub/Sub](https://cloud.google.com/pubsub) as + a notification channel. To use Google Cloud Pub/Sub as the channel, + this must be the name of a Cloud Pub/Sub topic that uses the Cloud + Pub/Sub topic name format documented in + https://cloud.google.com/pubsub/docs/overview. + requirements: + items: + type: string + description: >- + Requirements that must be satisfied before a consumer project can + use the service. Each requirement is of the form /; for example + 'serviceusage.googleapis.com/billing-enabled'. For Google APIs, a + Terms of Service requirement must be included here. Google Cloud + APIs must include "serviceusage.googleapis.com/tos/cloud". Other + Google APIs should include + "serviceusage.googleapis.com/tos/universal". Additional ToS can be + included based on the business needs. + type: array + rules: + type: array + description: >- + A list of usage rules that apply to individual API methods. + **NOTE:** All service configuration rules follow "last one wins" + order. + items: + $ref: '#/components/schemas/UsageRule' + id: Usage + ImportAdminQuotaPoliciesMetadata: + type: object + description: >- + Metadata message that provides information such as progress, partial + failures, and similar information on each GetOperation call of LRO + returned by ImportAdminQuotaPolicies. + properties: {} + id: ImportAdminQuotaPoliciesMetadata + SourceInfo: type: object - SystemParameters: - id: SystemParameters + id: SourceInfo + description: Source information used to create a Service Config + properties: + sourceFiles: + description: All files used during config generation. + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: array + CreateAdminQuotaPolicyMetadata: + properties: {} description: >- - ### System parameter configuration A system parameter is a special kind - of parameter defined by the API system, not by an individual API. It is - typically mapped to an HTTP header and/or a URL query parameter. This - configuration specifies which methods change the names of the system - parameters. + Metadata message that provides information such as progress, partial + failures, and similar information on each GetOperation call of LRO + returned by CreateAdminQuotaPolicy. + id: CreateAdminQuotaPolicyMetadata type: object + OAuthRequirements: + description: >- + OAuth scopes are a way to define data and permissions on data. For + example, there are scopes defined for "Read-only access to Google + Calendar" and "Access to Cloud Platform". Users can consent to a scope + for an application, giving it permission to access that data on their + behalf. OAuth scope specifications should be fairly coarse grained; a + user will need to see and understand the text description of what your + scope means. In most cases: use one or at most two OAuth scopes for an + entire family of products. If your product has multiple APIs, you should + probably be sharing the OAuth scope across all of those APIs. When you + need finer grained OAuth consent screens: talk with your product + management about how developers will use them in practice. Please note + that even though each of the canonical scopes is enough for a request to + be accepted and passed to the backend, a request can still fail due to + the backend requiring additional scopes or permissions. + id: OAuthRequirements properties: - rules: + canonicalScopes: description: >- - Define system parameters. The parameters defined here will override - the default parameters implemented by the system. If this field is - missing from the service config, default system parameters will be - used. Default system parameters and names is - implementation-dependent. Example: define api key for all methods - system_parameters rules: - selector: "*" parameters: - name: api_key - url_query_parameter: api_key Example: define 2 api key names for a - specific method. system_parameters rules: - selector: "/ListShelves" - parameters: - name: api_key http_header: Api-Key1 - name: api_key - http_header: Api-Key2 **NOTE:** All service configuration rules - follow "last one wins" order. + The list of publicly documented OAuth scopes that are allowed + access. An OAuth token containing any of these scopes will be + accepted. Example: canonical_scopes: + https://www.googleapis.com/auth/calendar, + https://www.googleapis.com/auth/calendar.read + type: string + type: object + AnalyzeConsumerPolicyMetadata: + id: AnalyzeConsumerPolicyMetadata + type: object + properties: {} + description: Metadata for the `AnalyzeConsumerPolicy` method. + HttpRule: + properties: + delete: + description: Maps to HTTP DELETE. Used for deleting a resource. + type: string + additionalBindings: type: array items: - $ref: '#/components/schemas/SystemParameterRule' - GoogleApiServiceusageV2alphaConsumerPolicy: + $ref: '#/components/schemas/HttpRule' + description: >- + Additional HTTP bindings for the selector. Nested bindings must not + contain an `additional_bindings` field themselves (that is, the + nesting may only be one level deep). + selector: + description: >- + Selects a method to which this rule applies. Refer to selector for + syntax details. + type: string + post: + type: string + description: >- + Maps to HTTP POST. Used for creating a resource or performing an + action. + patch: + type: string + description: Maps to HTTP PATCH. Used for updating a resource. + responseBody: + description: >- + Optional. The name of the response field whose value is mapped to + the HTTP response body. When omitted, the entire response message + will be used as the HTTP response body. NOTE: The referred field + must be present at the top-level of the response message type. + type: string + custom: + $ref: '#/components/schemas/CustomHttpPattern' + description: >- + The custom pattern is used for specifying an HTTP method that is not + included in the `pattern` field, such as HEAD, or "*" to leave the + HTTP method unspecified for this rule. The wild-card rule is useful + for services that provide content to Web (HTML) clients. + body: + description: >- + The name of the request field whose value is mapped to the HTTP + request body, or `*` for mapping all request fields not captured by + the path pattern to the HTTP body, or omitted for not having any + HTTP request body. NOTE: the referred field must be present at the + top-level of the request message type. + type: string + get: + type: string + description: >- + Maps to HTTP GET. Used for listing and getting information about + resources. + put: + type: string + description: Maps to HTTP PUT. Used for replacing a resource. + id: HttpRule description: >- - Consumer Policy is a set of rules that define what services or service - groups can be used for a cloud resource hierarchy. + gRPC Transcoding gRPC Transcoding is a feature for mapping between a + gRPC method and one or more HTTP REST endpoints. It allows developers to + build a single API service that supports both gRPC APIs and REST APIs. + Many systems, including [Google + APIs](https://github.com/googleapis/googleapis), [Cloud + Endpoints](https://cloud.google.com/endpoints), [gRPC + Gateway](https://github.com/grpc-ecosystem/grpc-gateway), and + [Envoy](https://github.com/envoyproxy/envoy) proxy support this feature + and use it for large scale production services. `HttpRule` defines the + schema of the gRPC/REST mapping. The mapping specifies how different + portions of the gRPC request message are mapped to the URL path, URL + query parameters, and HTTP request body. It also controls how the gRPC + response message is mapped to the HTTP response body. `HttpRule` is + typically specified as an `google.api.http` annotation on the gRPC + method. Each mapping specifies a URL path template and an HTTP method. + The path template may refer to one or more fields in the gRPC request + message, as long as each field is a non-repeated field with a primitive + (non-message) type. The path template controls how fields of the request + message are mapped to the URL path. Example: service Messaging { rpc + GetMessage(GetMessageRequest) returns (Message) { option + (google.api.http) = { get: "/v1/{name=messages/*}" }; } } message + GetMessageRequest { string name = 1; // Mapped to URL path. } message + Message { string text = 1; // The resource content. } This enables an + HTTP REST to gRPC mapping as below: - HTTP: `GET /v1/messages/123456` - + gRPC: `GetMessage(name: "messages/123456")` Any fields in the request + message which are not bound by the path template automatically become + HTTP query parameters if there is no HTTP request body. For example: + service Messaging { rpc GetMessage(GetMessageRequest) returns (Message) + { option (google.api.http) = { get:"/v1/messages/{message_id}" }; } } + message GetMessageRequest { message SubMessage { string subfield = 1; } + string message_id = 1; // Mapped to URL path. int64 revision = 2; // + Mapped to URL query parameter `revision`. SubMessage sub = 3; // Mapped + to URL query parameter `sub.subfield`. } This enables a HTTP JSON to RPC + mapping as below: - HTTP: `GET + /v1/messages/123456?revision=2&sub.subfield=foo` - gRPC: + `GetMessage(message_id: "123456" revision: 2 sub: SubMessage(subfield: + "foo"))` Note that fields which are mapped to URL query parameters must + have a primitive type or a repeated primitive type or a non-repeated + message type. In the case of a repeated type, the parameter can be + repeated in the URL as `...?param=A¶m=B`. In the case of a message + type, each field of the message is mapped to a separate parameter, such + as `...?foo.a=A&foo.b=B&foo.c=C`. For HTTP methods that allow a request + body, the `body` field specifies the mapping. Consider a REST update + method on the message resource collection: service Messaging { rpc + UpdateMessage(UpdateMessageRequest) returns (Message) { option + (google.api.http) = { patch: "/v1/messages/{message_id}" body: "message" + }; } } message UpdateMessageRequest { string message_id = 1; // mapped + to the URL Message message = 2; // mapped to the body } The following + HTTP JSON to RPC mapping is enabled, where the representation of the + JSON in the request body is determined by protos JSON encoding: - HTTP: + `PATCH /v1/messages/123456 { "text": "Hi!" }` - gRPC: + `UpdateMessage(message_id: "123456" message { text: "Hi!" })` The + special name `*` can be used in the body mapping to define that every + field not bound by the path template should be mapped to the request + body. This enables the following alternative definition of the update + method: service Messaging { rpc UpdateMessage(Message) returns (Message) + { option (google.api.http) = { patch: "/v1/messages/{message_id}" body: + "*" }; } } message Message { string message_id = 1; string text = 2; } + The following HTTP JSON to RPC mapping is enabled: - HTTP: `PATCH + /v1/messages/123456 { "text": "Hi!" }` - gRPC: + `UpdateMessage(message_id: "123456" text: "Hi!")` Note that when using + `*` in the body mapping, it is not possible to have HTTP parameters, as + all fields not bound by the path end in the body. This makes this option + more rarely used in practice when defining REST APIs. The common usage + of `*` is in custom methods which don't use the URL at all for + transferring data. It is possible to define multiple HTTP methods for + one RPC by using the `additional_bindings` option. Example: service + Messaging { rpc GetMessage(GetMessageRequest) returns (Message) { option + (google.api.http) = { get: "/v1/messages/{message_id}" + additional_bindings { get: "/v1/users/{user_id}/messages/{message_id}" } + }; } } message GetMessageRequest { string message_id = 1; string user_id + = 2; } This enables the following two alternative HTTP JSON to RPC + mappings: - HTTP: `GET /v1/messages/123456` - gRPC: + `GetMessage(message_id: "123456")` - HTTP: `GET + /v1/users/me/messages/123456` - gRPC: `GetMessage(user_id: "me" + message_id: "123456")` Rules for HTTP mapping 1. Leaf request fields + (recursive expansion nested messages in the request message) are + classified into three categories: - Fields referred by the path + template. They are passed via the URL path. - Fields referred by the + HttpRule.body. They are passed via the HTTP request body. - All other + fields are passed via the URL query parameters, and the parameter name + is the field path in the request message. A repeated field can be + represented as multiple query parameters under the same name. 2. If + HttpRule.body is "*", there is no URL query parameter, all fields are + passed via URL path and HTTP request body. 3. If HttpRule.body is + omitted, there is no HTTP request body, all fields are passed via URL + path and URL query parameters. Path template syntax Template = "/" + Segments [ Verb ] ; Segments = Segment { "/" Segment } ; Segment = "*" | + "**" | LITERAL | Variable ; Variable = "{" FieldPath [ "=" Segments ] + "}" ; FieldPath = IDENT { "." IDENT } ; Verb = ":" LITERAL ; The syntax + `*` matches a single URL path segment. The syntax `**` matches zero or + more URL path segments, which must be the last part of the URL path + except the `Verb`. The syntax `Variable` matches part of the URL path as + specified by its template. A variable template must not contain other + variables. If a variable matches a single path segment, its template may + be omitted, e.g. `{var}` is equivalent to `{var=*}`. The syntax + `LITERAL` matches literal text in the URL path. If the `LITERAL` + contains any reserved character, such characters should be + percent-encoded before the matching. If a variable contains exactly one + path segment, such as `"{var}"` or `"{var=*}"`, when such a variable is + expanded into a URL path on the client side, all characters except + `[-_.~0-9a-zA-Z]` are percent-encoded. The server side does the reverse + decoding. Such variables show up in the [Discovery + Document](https://developers.google.com/discovery/v1/reference/apis) as + `{var}`. If a variable contains multiple path segments, such as + `"{var=foo/*}"` or `"{var=**}"`, when such a variable is expanded into a + URL path on the client side, all characters except `[-_.~/0-9a-zA-Z]` + are percent-encoded. The server side does the reverse decoding, except + "%2F" and "%2f" are left unchanged. Such variables show up in the + [Discovery + Document](https://developers.google.com/discovery/v1/reference/apis) as + `{+var}`. Using gRPC API Service Configuration gRPC API Service + Configuration (service config) is a configuration language for + configuring a gRPC service to become a user-facing product. The service + config is simply the YAML representation of the `google.api.Service` + proto message. As an alternative to annotating your proto file, you can + configure gRPC transcoding in your service config YAML files. You do + this by specifying a `HttpRule` that maps the gRPC method to a REST + endpoint, achieving the same effect as the proto annotation. This can be + particularly useful if you have a proto that is reused in multiple + services. Note that any transcoding specified in the service config will + override any matching transcoding configuration in the proto. The + following example selects a gRPC method and applies an `HttpRule` to it: + http: rules: - selector: example.v1.Messaging.GetMessage get: + /v1/messages/{message_id}/{sub.subfield} Special notes When gRPC + Transcoding is used to map a gRPC to JSON REST endpoints, the proto to + JSON conversion must follow the [proto3 + specification](https://developers.google.com/protocol-buffers/docs/proto3#json). + While the single segment variable follows the semantics of [RFC + 6570](https://tools.ietf.org/html/rfc6570) Section 3.2.2 Simple String + Expansion, the multi segment variable **does not** follow RFC 6570 + Section 3.2.3 Reserved Expansion. The reason is that the Reserved + Expansion does not expand special characters like `?` and `#`, which + would lead to invalid URLs. As the result, gRPC Transcoding uses a + custom encoding for multi segment variables. The path variables **must + not** refer to any repeated or mapped field, because client libraries + are not capable of handling such variable expansion. The path variables + **must not** capture the leading "/" character. The reason is that the + most common use case "{var}" does not capture the leading "/" character. + For consistency, all path variables must share the same behavior. + Repeated message fields must not be mapped to URL query parameters, + because no client library can support such complicated mapping. If an + API needs to use a JSON array for request or response body, it can map + the request or response body to a repeated field. However, some gRPC + Transcoding implementations may not support this feature. + type: object + DisableServiceRequest: properties: - updateTime: - description: Output only. The time the policy was last updated. - format: google-datetime - type: string - readOnly: true - annotations: - type: object - additionalProperties: - type: string - description: >- - Optional. Annotations is an unstructured key-value map stored with a - policy that may be set by external tools to store and retrieve - arbitrary metadata. They are not queryable and should be preserved - when modifying objects. - [AIP-128](https://google.aip.dev/128#annotations) - enableRules: - description: >- - Enable rules define usable services, groups, and categories. There - can currently be at most one `EnableRule`. This restriction will be - lifted in later releases. - items: - $ref: '#/components/schemas/GoogleApiServiceusageV2alphaEnableRule' - type: array - etag: - description: >- - Output only. An opaque tag indicating the current version of the - policy, used for concurrency control. - type: string - readOnly: true - name: + checkIfServiceHasUsage: description: >- - Output only. The resource name of the policy. Only the `default` - policy is supported: `projects/12345/consumerPolicies/default`, - `folders/12345/consumerPolicies/default`, - `organizations/12345/consumerPolicies/default`. - readOnly: true - type: string - createTime: - format: google-datetime + Defines the behavior for checking service usage when disabling a + service. type: string - readOnly: true + enumDescriptions: + - When unset, the default behavior is used, which is SKIP. + - If set, skip checking service usage when disabling a service. + - >- + If set, service usage is checked when disabling the service. If a + service, or its dependents, has usage in the last 30 days, the + request returns a FAILED_PRECONDITION error. + enum: + - CHECK_IF_SERVICE_HAS_USAGE_UNSPECIFIED + - SKIP + - CHECK + disableDependentServices: description: >- - Output only. The time the policy was created. For singleton - policies, this is the first touch of the policy. - id: GoogleApiServiceusageV2alphaConsumerPolicy + Indicates if services that are enabled and which depend on this + service should also be disabled. If not set, an error will be + generated if any enabled services depend on the service to be + disabled. When set, the service, and any enabled services that + depend on it, will be disabled together. + type: boolean type: object + description: Request message for the `DisableService` method. + id: DisableServiceRequest CustomErrorRule: + id: CustomErrorRule + type: object properties: - selector: - type: string - description: >- - Selects messages to which this rule applies. Refer to selector for - syntax details. isErrorType: + type: boolean description: >- Mark this message as possible payload in error response. Otherwise, objects of this type will be filtered when they appear in error payload. - type: boolean - type: object - id: CustomErrorRule - description: A custom error rule. - AuthenticationRule: - id: AuthenticationRule - description: >- - Authentication rules for the service. By default, if a method has any - authentication requirements, every request must include a valid - credential matching one of the requirements. It's an error to include - more than one kind of credential in a single request. If a method - doesn't have any auth requirements, request credentials will be ignored. - properties: - requirements: - type: array - description: Requirements for additional authentication providers. - items: - $ref: '#/components/schemas/AuthRequirement' - allowWithoutCredential: - description: >- - If true, the service accepts API keys without any other credential. - This flag only applies to HTTP and gRPC requests. - type: boolean - oauth: - $ref: '#/components/schemas/OAuthRequirements' - description: The requirements for OAuth credentials. selector: - type: string - description: >- - Selects the methods to which this rule applies. Refer to selector - for syntax details. - type: object - Aspect: - description: >- - Aspect represents Generic aspect. It is used to configure an aspect - without making direct changes to service.proto - id: Aspect - properties: - kind: - description: The type of this aspect configuration. - type: string - spec: - type: object description: >- - Content of the configuration. The underlying schema should be - defined by Aspect owners as protobuf message under - `google/api/configaspects/proto`. - additionalProperties: - description: Properties of the object. - type: any - type: object - JwtLocation: - description: Specifies a location to extract JWT from an API request. - properties: - query: - description: Specifies URL query parameter name to extract JWT token. - type: string - cookie: - description: Specifies cookie name to extract JWT token. - type: string - header: - description: Specifies HTTP header name to extract JWT token. - type: string - valuePrefix: + Selects messages to which this rule applies. Refer to selector for + syntax details. type: string - description: >- - The value prefix. The value format is "value_prefix{token}" Only - applies to "in" header type. Must be empty for "in" query type. If - not empty, the header value has to match (case sensitive) this - prefix. If not matched, JWT will not be extracted. If matched, JWT - will be extracted after the prefix is removed. For example, for - "Authorization: Bearer {JWT}", value_prefix="Bearer " with a space - at the end. - type: object - id: JwtLocation - ImportConsumerOverridesResponse: - properties: - overrides: - type: array - description: The overrides that were created from the imported data. - items: - $ref: '#/components/schemas/QuotaOverride' - id: ImportConsumerOverridesResponse - type: object - description: Response message for ImportConsumerOverrides - BatchCreateAdminOverridesResponse: - id: BatchCreateAdminOverridesResponse + description: A custom error rule. + GoogleApiServiceusageV2betaUpdateConsumerPolicyMetadata: + description: Metadata for the `UpdateConsumerPolicy` method. + id: GoogleApiServiceusageV2betaUpdateConsumerPolicyMetadata + properties: {} type: object + Type: + id: Type properties: - overrides: - description: The overrides that were created. + options: + description: The protocol buffer options. items: - $ref: '#/components/schemas/QuotaOverride' - type: array - description: Response message for BatchCreateAdminOverrides - Authentication: - description: >- - `Authentication` defines the authentication configuration for API - methods provided by an API service. Example: name: - calendar.googleapis.com authentication: providers: - id: - google_calendar_auth jwks_uri: - https://www.googleapis.com/oauth2/v1/certs issuer: - https://securetoken.google.com rules: - selector: "*" requirements: - provider_id: google_calendar_auth - selector: google.calendar.Delegate - oauth: canonical_scopes: https://www.googleapis.com/auth/calendar.read - id: Authentication - type: object - properties: - rules: + $ref: '#/components/schemas/Option' type: array - items: - $ref: '#/components/schemas/AuthenticationRule' + edition: description: >- - A list of authentication rules that apply to individual API methods. - **NOTE:** All service configuration rules follow "last one wins" - order. - providers: + The source edition string, only valid when syntax is + SYNTAX_EDITIONS. + type: string + sourceContext: + description: The source context. + $ref: '#/components/schemas/SourceContext' + fields: + description: The list of fields. + items: + $ref: '#/components/schemas/Field' type: array - description: Defines a set of authentication providers that a service supports. + name: + description: The fully qualified message name. + type: string + oneofs: + type: array + description: The list of types appearing in `oneof` definitions in this type. items: - $ref: '#/components/schemas/AuthProvider' - ImportAdminOverridesMetadata: - id: ImportAdminOverridesMetadata - properties: {} - type: object - description: >- - Metadata message that provides information such as progress, partial - failures, and similar information on each GetOperation call of LRO - returned by ImportAdminOverrides. - QuotaOverride: - id: QuotaOverride - description: A quota override + type: string + syntax: + enumDescriptions: + - Syntax `proto2`. + - Syntax `proto3`. + - Syntax `editions`. + type: string + enum: + - SYNTAX_PROTO2 + - SYNTAX_PROTO3 + - SYNTAX_EDITIONS + description: The source syntax. + description: >- + A protocol buffer message type. New usages of this message as an + alternative to DescriptorProto are strongly discouraged. This message + does not reliability preserve all information necessary to model the + schema and preserve semantics. Instead make use of FileDescriptorSet + which preserves the necessary information. + type: object + AnalysisResult: + id: AnalysisResult + description: An analysis result including blockers and warnings. type: object properties: - dimensions: - additionalProperties: - type: string - type: object + warnings: + type: array description: >- - If this map is nonempty, then this override applies only to specific - values for dimensions defined in the limit unit. For example, an - override on a limit with the unit `1/{project}/{region}` could - contain an entry with the key `region` and the value `us-east-1`; - the override is only applied to quota consumed in that region. This - map has the following restrictions: * Keys that are not defined in - the limit's unit are not valid keys. Any string appearing in - `{brackets}` in the unit (besides `{project}` or `{user}`) is a - defined key. * `project` is not a valid key; the project is already - specified in the parent resource name. * `user` is not a valid key; - the API does not support quota overrides that apply only to a - specific user. * If `region` appears as a key, its value must be a - valid Cloud region. * If `zone` appears as a key, its value must be - a valid Cloud zone. * If any valid key other than `region` or `zone` - appears in the map, then all valid keys other than `region` or - `zone` must also appear in the map. - name: - type: string + Warning information indicating that the policy changes might be + unsafe, but will not block the changes at runtime. + items: + $ref: '#/components/schemas/Impact' + blockers: + items: + $ref: '#/components/schemas/Impact' + type: array description: >- - The resource name of the override. This name is generated by the - server when the override is created. Example names would be: - `projects/123/services/compute.googleapis.com/consumerQuotaMetrics/compute.googleapis.com%2Fcpus/limits/%2Fproject%2Fregion/adminOverrides/4a3f2c1d` - `projects/123/services/compute.googleapis.com/consumerQuotaMetrics/compute.googleapis.com%2Fcpus/limits/%2Fproject%2Fregion/consumerOverrides/4a3f2c1d` - The resource name is intended to be opaque and should not be parsed - for its component strings, since its representation could change in - the future. - adminOverrideAncestor: + Blocking information that would prevent the policy changes at + runtime. + Analysis: + id: Analysis + description: A message to group the analysis information. + type: object + properties: + displayName: description: >- - The resource name of the ancestor that requested the override. For - example: `organizations/12345` or `folders/67890`. Used by admin - overrides only. + Output only. The user friendly display name of the analysis type. + E.g. service dependency analysis, service resource usage analysis, + etc. + readOnly: true type: string - unit: - description: >- - The limit unit of the limit to which this override applies. An - example unit would be: `1/{project}/{region}` Note that `{project}` - and `{region}` are not placeholders in this example; the literal - characters `{` and `}` occur in the string. + analysisType: + description: Output only. The type of analysis. type: string - metric: - description: >- - The name of the metric to which this override applies. An example - name would be: `compute.googleapis.com/cpus` + enumDescriptions: + - Unspecified analysis type. Do not use. + - The analysis of service dependencies. + - The analysis of service resource usage. + - The analysis of service resource existence. + enum: + - ANALYSIS_TYPE_UNSPECIFIED + - ANALYSIS_TYPE_DEPENDENCY + - ANALYSIS_TYPE_RESOURCE_USAGE + - ANALYSIS_TYPE_RESOURCE_EXISTENCE + readOnly: true + service: type: string - overrideValue: description: >- - The overriding quota limit value. Can be any nonnegative integer, or - -1 (unlimited quota). - format: int64 + The names of the service that has analysis result of warnings or + blockers. Example: `services/storage.googleapis.com`. + analysis: + description: Output only. Analysis result of updating a policy. + readOnly: true + $ref: '#/components/schemas/AnalysisResult' + ContentSecurityProvider: + type: object + description: ContentSecurityProvider contains the name of content security provider. + id: ContentSecurityProvider + properties: + name: type: string - GoogleApiServiceusageV2betaAnalyzeConsumerPolicyResponse: - id: GoogleApiServiceusageV2betaAnalyzeConsumerPolicyResponse - description: The response of analyzing a consumer policy update. + description: >- + Name of security service for content scanning, such as Google Cloud + Model Armor or supported third-party ISV solutions. If it is Google + 1P service, the name should be prefixed with `services/`. If it is a + 3P service, the format needs to be documented. The currently + supported values are: - `services/modelarmor.googleapis.com` for + Google Cloud Model Armor. + ContentSecurity: type: object properties: - analysis: + contentSecurityProviders: description: >- - The list of analyses returned from performing the intended policy - update analysis. The analysis is grouped by service name and - different analysis types. The empty analysis list means that the - consumer policy can be updated without any warnings or blockers. - type: array + List of content security providers that are enabled for content + scanning. items: - $ref: '#/components/schemas/GoogleApiServiceusageV2betaAnalysis' + $ref: '#/components/schemas/ContentSecurityProvider' + type: array + description: >- + ContentSecurity defines the content security related fields of a MCP + policy. + id: ContentSecurity Backend: - description: '`Backend` defines the backend configuration for a service.' + id: Backend + type: object properties: rules: - type: array - items: - $ref: '#/components/schemas/BackendRule' description: >- A list of API backend rules that apply to individual API methods. **NOTE:** All service configuration rules follow "last one wins" order. - type: object - id: Backend - FieldPolicy: - id: FieldPolicy + items: + $ref: '#/components/schemas/BackendRule' + type: array + description: '`Backend` defines the backend configuration for a service.' + BatchingDescriptorProto: + id: BatchingDescriptorProto properties: - resourcePermission: + discriminatorFields: + type: array + items: + type: string description: >- - Specifies the required permission(s) for the resource referred to by - the field. It requires the field contains a valid resource - reference, and the request must pass the permission checks to - proceed. For example, "resourcemanager.projects.get". - type: string - selector: + A list of the fields in the request message. Two requests will be + batched together only if the values of every field specified in + `request_discriminator_fields` is equal between the two requests. + batchedField: type: string description: >- - Selects one or more request or response message fields to apply this - `FieldPolicy`. When a `FieldPolicy` is used in proto annotation, the - selector must be left as empty. The service config generator will - automatically fill the correct value. When a `FieldPolicy` is used - in service config, the selector must be a comma-separated string - with valid request or response field paths, such as "foo.bar" or - "foo.bar,foo.baz". - resourceType: + The repeated field in the request message to be aggregated by + batching. + subresponseField: description: >- - Specifies the resource type for the resource referred to by the - field. + Optional. When present, indicates the field in the response message + to be used to demultiplex the response into multiple response + messages, in correspondence with the multiple request messages + originally batched together. type: string type: object description: >- - Google API Policy Annotation This message defines a simple API policy - annotation that can be used to annotate API request and response message - fields with applicable policies. One field may have multiple applicable - policies that must all be satisfied before a request can be processed. - This policy annotation is used to generate the overall policy that will - be used for automatic runtime policy enforcement and documentation - generation. - SelectiveGapicGeneration: + `BatchingDescriptorProto` specifies the fields of the request message to + be used for batching, and, optionally, the fields of the response + message to be used for demultiplexing. + UpdateContentSecurityPolicyMetadata: type: object + description: Metadata for the `UpdateContentSecurityPolicy` method. + properties: {} + id: UpdateContentSecurityPolicyMetadata + SelectiveGapicGeneration: + id: SelectiveGapicGeneration properties: methods: - type: array description: >- An allowlist of the fully qualified names of RPCs that should be included on public client surfaces. + type: array items: type: string generateOmittedAsInternal: + type: boolean description: >- Setting this to true indicates to the client generators that methods that would be excluded from the generation should instead be @@ -4120,119 +4359,47 @@ components: language implementations to decide. Some examples may be: added annotations, obfuscated identifiers, or other language idiomatic patterns. - type: boolean - id: SelectiveGapicGeneration + type: object description: >- This message is used to configure the generation of a subset of the RPCs in a service for client libraries. - Monitoring: - properties: - producerDestinations: - description: >- - Monitoring configurations for sending metrics to the producer - project. There can be multiple producer destinations. A monitored - resource type may appear in multiple monitoring destinations if - different aggregations are needed for different sets of metrics - associated with that monitored resource type. A monitored resource - and metric pair may only be used once in the Monitoring - configuration. - type: array - items: - $ref: '#/components/schemas/MonitoringDestination' - consumerDestinations: - description: >- - Monitoring configurations for sending metrics to the consumer - project. There can be multiple consumer destinations. A monitored - resource type may appear in multiple monitoring destinations if - different aggregations are needed for different sets of metrics - associated with that monitored resource type. A monitored resource - and metric pair may only be used once in the Monitoring - configuration. - type: array - items: - $ref: '#/components/schemas/MonitoringDestination' - type: object - description: >- - Monitoring configuration of the service. The example below shows how to - configure monitored resources and metrics for monitoring. In the - example, a monitored resource and two metrics are defined. The - `library.googleapis.com/book/returned_count` metric is sent to both - producer and consumer projects, whereas the - `library.googleapis.com/book/num_overdue` metric is only sent to the - consumer project. monitored_resources: - type: - library.googleapis.com/Branch display_name: "Library Branch" - description: "A branch of a library." launch_stage: GA labels: - key: - resource_container description: "The Cloud container (ie. project id) - for the Branch." - key: location description: "The location of the - library branch." - key: branch_id description: "The id of the branch." - metrics: - name: library.googleapis.com/book/returned_count - display_name: "Books Returned" description: "The count of books that - have been returned." launch_stage: GA metric_kind: DELTA value_type: - INT64 unit: "1" labels: - key: customer_id description: "The id of the - customer." - name: library.googleapis.com/book/num_overdue display_name: - "Books Overdue" description: "The current number of overdue books." - launch_stage: GA metric_kind: GAUGE value_type: INT64 unit: "1" labels: - - key: customer_id description: "The id of the customer." monitoring: - producer_destinations: - monitored_resource: - library.googleapis.com/Branch metrics: - - library.googleapis.com/book/returned_count consumer_destinations: - - monitored_resource: library.googleapis.com/Branch metrics: - - library.googleapis.com/book/returned_count - - library.googleapis.com/book/num_overdue - id: Monitoring - DocumentationRule: - type: object - properties: - disableReplacementWords: - description: >- - String of comma or space separated case-sensitive words for which - method/field name replacement will be disabled. - type: string - deprecationDescription: - type: string - description: >- - Deprecation description of the selected element(s). It can be - provided if an element is marked as `deprecated`. - description: - type: string - description: >- - Description of the selected proto element (e.g. a message, a method, - a 'service' definition, or a field). Defaults to leading & trailing - comments taken from the proto source definition of the proto - element. - selector: - type: string + SystemParameters: + properties: + rules: + items: + $ref: '#/components/schemas/SystemParameterRule' + type: array description: >- - The selector is a comma-separated list of patterns for any element - such as a method, a field, an enum value. Each pattern is a - qualified name of the element which may end in "*", indicating a - wildcard. Wildcards are only allowed at the end and for a whole - component of the qualified name, i.e. "foo.*" is ok, but not - "foo.b*" or "foo.*.bar". A wildcard will match one or more - components. To specify a default for all applicable elements, the - whole pattern "*" is used. - description: A documentation rule provides information about individual API elements. - id: DocumentationRule - parameters: - key: + Define system parameters. The parameters defined here will override + the default parameters implemented by the system. If this field is + missing from the service config, default system parameters will be + used. Default system parameters and names is + implementation-dependent. Example: define api key for all methods + system_parameters rules: - selector: "*" parameters: - name: api_key + url_query_parameter: api_key Example: define 2 api key names for a + specific method. system_parameters rules: - selector: "/ListShelves" + parameters: - name: api_key http_header: Api-Key1 - name: api_key + http_header: Api-Key2 **NOTE:** All service configuration rules + follow "last one wins" order. description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string - access_token: - description: OAuth access token. + ### System parameter configuration A system parameter is a special kind + of parameter defined by the API system, not by an individual API. It is + typically mapped to an HTTP header and/or a URL query parameter. This + configuration specifies which methods change the names of the system + parameters. + id: SystemParameters + type: object + parameters: + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: access_token + name: fields schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: upload_protocol + name: uploadType schema: type: string _.xgafv: @@ -4250,22 +4417,28 @@ components: name: callback schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: uploadType + name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: prettyPrint + name: quotaUser schema: - type: boolean - fields: - description: Selector specifying which fields to include in a partial response. + type: string + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: fields + name: key schema: type: string alt: @@ -4278,19 +4451,22 @@ components: - json - media - proto - oauth_token: - description: OAuth 2.0 token for the current user. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: oauth_token + name: prettyPrint + schema: + type: boolean + access_token: + description: OAuth access token. + in: query + name: access_token schema: type: string - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: quotaUser + name: upload_protocol schema: type: string x-stackQL-resources: @@ -4299,31 +4475,31 @@ components: name: operations title: Operations methods: - get: + cancel: operation: - $ref: '#/paths/~1v1~1operations~1{operationsId}/get' + $ref: '#/paths/~1v1~1operations~1{operationsId}:cancel/post' response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: - $ref: '#/paths/~1v1~1operations~1{operationsId}/delete' + $ref: '#/paths/~1v1~1operations/get' response: mediaType: application/json openAPIDocKey: '200' - cancel: + objectKey: $.unreachable + delete: operation: - $ref: '#/paths/~1v1~1operations~1{operationsId}:cancel/post' + $ref: '#/paths/~1v1~1operations~1{operationsId}/delete' response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: - $ref: '#/paths/~1v1~1operations/get' + $ref: '#/paths/~1v1~1operations~1{operationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/operations/methods/get' @@ -4350,12 +4526,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' - batch_get: + list: operation: $ref: '#/paths/~1v1~1{parentType}~1{parent}~1services/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.services batch_enable: operation: $ref: '#/paths/~1v1~1{parentType}~1{parent}~1services/post' @@ -4364,32 +4541,43 @@ components: openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/services/methods/batch_get' + - $ref: '#/components/x-stackQL-resources/services/methods/list' - $ref: '#/components/x-stackQL-resources/services/methods/get' insert: [] update: [] replace: [] delete: [] paths: - /v1/operations/{operationsId}: + /v1/operations/{operationsId}:cancel: parameters: &ref_1 - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/quotaUser' - get: + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/upload_protocol' + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: serviceusage.operations.get + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: serviceusage.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4405,20 +4593,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: operationsId required: true schema: type: string - delete: + /v1/operations: + parameters: *ref_1 + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: serviceusage.operations.delete + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: serviceusage.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4434,32 +4622,38 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - - in: path - name: operationsId - required: true + - in: query + name: pageToken schema: type: string - /v1/operations/{operationsId}:cancel: + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: name + schema: + type: string + /v1/operations/{operationsId}: parameters: *ref_1 - post: + delete: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: serviceusage.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: serviceusage.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4482,13 +4676,12 @@ paths: required: true schema: type: string - /v1/operations: - parameters: *ref_1 get: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: serviceusage.operations.list + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: serviceusage.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4504,23 +4697,11 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Operation' parameters: - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: filter - schema: - type: string - - in: query - name: pageToken - schema: - type: string - - in: query - name: name + - in: path + name: operationsId + required: true schema: type: string /v1/{name}: @@ -4590,9 +4771,18 @@ paths: parameters: *ref_1 get: description: >- - Returns the service configurations and enabled states for a given list - of services. - operationId: serviceusage.services.batchGet + List all services available to the specified project, and the current + state of those services with respect to the project. The list includes + all public services, all services for which the calling user has the + `servicemanagement.services.bind` permission, and all services that have + already been enabled on the project. The list can be filtered to only + include services in a specific state, for example to only include + services enabled on the project. WARNING: If you need to query enabled + services frequently or across an organization, you should use [Cloud + Asset Inventory + API](https://cloud.google.com/asset-inventory/docs/apis), which provides + higher throughput and richer filtering capability. + operationId: serviceusage.services.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4608,7 +4798,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BatchGetServicesResponse' + $ref: '#/components/schemas/ListServicesResponse' parameters: - in: path name: parentType @@ -4621,7 +4811,16 @@ paths: schema: type: string - in: query - name: names + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter schema: type: string post: diff --git a/providers/src/googleapis.com/v00.00.00000/services/solar.yaml b/providers/src/googleapis.com/v00.00.00000/services/solar.yaml index d99e3b98..7affa5c7 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/solar.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/solar.yaml @@ -7,8 +7,8 @@ info: title: Solar API description: Solar API. version: v1 - x-discovery-doc-revision: '20250826' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251208' + x-generated-date: '2025-12-10' externalDocs: url: https://developers.google.com/maps/documentation/solar servers: @@ -34,53 +34,181 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - BuildingInsights: - id: BuildingInsights + FinancedPurchaseSavings: + id: FinancedPurchaseSavings + properties: + loanInterestRate: + type: number + description: The interest rate on loans assumed in this set of calculations. + format: float + savings: + $ref: '#/components/schemas/SavingsOverTime' + description: How much is saved (or not) over the lifetime period. + annualLoanPayment: + $ref: '#/components/schemas/Money' + description: Annual loan payments. + rebateValue: + description: >- + The value of all tax rebates (including Federal Investment Tax + Credit (ITC)). + $ref: '#/components/schemas/Money' description: >- - Response message for `Solar.FindClosestBuildingInsights`. Information - about the location, dimensions, and solar potential of a building. + Cost and benefit of using a loan to buy a particular configuration of + solar panels with a particular electricity usage. type: object + FinancialDetails: + description: >- + Details of a financial analysis. Some of these details are already + stored at higher levels (e.g., out of pocket cost). Total money amounts + are over a lifetime period defined by the panel_lifetime_years field in + SolarPotential. Note: The out of pocket cost of purchasing the panels is + given in the out_of_pocket_cost field in CashPurchaseSavings. + id: FinancialDetails properties: - name: + percentageExportedToGrid: + format: float description: >- - The resource name for the building, of the format - `buildings/{place_id}`. - type: string - center: - description: A point near the center of the building. + The percentage (0-100) of solar electricity production we assumed + was exported to the grid, based on the first quarter of production. + This affects the calculations if net metering is not allowed. + type: number + stateIncentive: + description: >- + Amount of money available from state incentives; this applies if the + user buys (with or without a loan) the panels. + $ref: '#/components/schemas/Money' + initialAcKwhPerYear: + type: number + description: >- + How many AC kWh we think the solar panels will generate in their + first year. + format: float + utilityIncentive: + $ref: '#/components/schemas/Money' + description: >- + Amount of money available from utility incentives; this applies if + the user buys (with or without a loan) the panels. + remainingLifetimeUtilityBill: + $ref: '#/components/schemas/Money' + description: >- + Utility bill for electricity not produced by solar, for the lifetime + of the panels. + costOfElectricityWithoutSolar: + description: >- + Total cost of electricity the user would have paid over the lifetime + period if they didn't install solar. + $ref: '#/components/schemas/Money' + netMeteringAllowed: + description: Whether net metering is allowed. + type: boolean + federalIncentive: + $ref: '#/components/schemas/Money' + description: >- + Amount of money available from federal incentives; this applies if + the user buys (with or without a loan) the panels. + lifetimeSrecTotal: + description: >- + Amount of money the user will receive from Solar Renewable Energy + Credits over the panel lifetime; this applies if the user buys (with + or without a loan) the panels. + $ref: '#/components/schemas/Money' + solarPercentage: + type: number + description: >- + Percentage (0-100) of the user's power supplied by solar. Valid for + the first year but approximately correct for future years. + format: float + type: object + CashPurchaseSavings: + id: CashPurchaseSavings + description: >- + Cost and benefit of an outright purchase of a particular configuration + of solar panels with a particular electricity usage. + type: object + properties: + rebateValue: + description: The value of all tax rebates. + $ref: '#/components/schemas/Money' + upfrontCost: + description: >- + Initial cost after tax incentives: it's the amount that must be paid + during first year. Contrast with `out_of_pocket_cost`, which is + before tax incentives. + $ref: '#/components/schemas/Money' + paybackYears: + type: number + description: >- + Number of years until payback occurs. A negative value means payback + never occurs within the lifetime period. + format: float + savings: + $ref: '#/components/schemas/SavingsOverTime' + description: How much is saved (or not) over the lifetime period. + outOfPocketCost: + $ref: '#/components/schemas/Money' + description: >- + Initial cost before tax incentives: the amount that must be paid + out-of-pocket. Contrast with `upfront_cost`, which is after tax + incentives. + LatLngBox: + properties: + ne: $ref: '#/components/schemas/LatLng' - boundingBox: - description: The bounding box of the building. - $ref: '#/components/schemas/LatLngBox' - imageryDate: - description: Date that the underlying imagery was acquired. This is approximate. - $ref: '#/components/schemas/Date' - imageryProcessedDate: - description: When processing was completed on this imagery. - $ref: '#/components/schemas/Date' - postalCode: - description: Postal code (e.g., US zip code) this building is contained by. + description: The northeast corner of the box. + sw: + description: The southwest corner of the box. + $ref: '#/components/schemas/LatLng' + id: LatLngBox + description: A bounding box in lat/lng coordinates. + type: object + Money: + properties: + units: type: string - administrativeArea: + format: int64 description: >- - Administrative area 1 (e.g., in the US, the state) that contains - this building. For example, in the US, the abbreviation might be - "MA" or "CA." - type: string - statisticalArea: - description: Statistical area (e.g., US census tract) this building is in. - type: string - regionCode: - description: Region code for the country (or region) this building is in. + The whole units of the amount. For example if `currencyCode` is + `"USD"`, then 1 unit is one US dollar. + currencyCode: type: string - solarPotential: - description: Solar potential of the building. - $ref: '#/components/schemas/SolarPotential' - imageryQuality: + description: The three-letter currency code defined in ISO 4217. + nanos: + type: integer + format: int32 description: >- - The quality of the imagery used to compute the data for this - building. + Number of nano (10^-9) units of the amount. The value must be + between -999,999,999 and +999,999,999 inclusive. If `units` is + positive, `nanos` must be positive or zero. If `units` is zero, + `nanos` can be positive, zero, or negative. If `units` is negative, + `nanos` must be negative or zero. For example $-1.75 is represented + as `units`=-1 and `nanos`=-750,000,000. + description: Represents an amount of money with its currency type. + id: Money + type: object + DataLayers: + id: DataLayers + description: >- + Information about the solar potential of a region. The actual data are + contained in a number of GeoTIFF files covering the requested region, + for which this message contains URLs: Each string in the `DataLayers` + message contains a URL from which the corresponding GeoTIFF can be + fetched. These URLs are valid for a few hours after they've been + generated. Most of the GeoTIFF files are at a resolution of 0.1m/pixel, + but the monthly flux file is at 0.5m/pixel, and the hourly shade files + are at 1m/pixel. If a `pixel_size_meters` value was specified in the + `GetDataLayersRequest`, then the minimum resolution in the GeoTIFF files + will be that value. + type: object + properties: + imageryQuality: + description: The quality of the result's imagery. type: string + enum: + - IMAGERY_QUALITY_UNSPECIFIED + - HIGH + - MEDIUM + - LOW + - BASE enumDescriptions: - No quality is known. - >- @@ -95,743 +223,609 @@ components: - >- Solar data is derived from enhanced satellite imagery processed at 0.25 m/pixel. - enum: - - IMAGERY_QUALITY_UNSPECIFIED - - HIGH - - MEDIUM - - LOW - - BASE - LatLng: - id: LatLng - description: >- - An object that represents a latitude/longitude pair. This is expressed - as a pair of doubles to represent degrees latitude and degrees - longitude. Unless specified otherwise, this object must conform to the - WGS84 standard. Values must be within normalized ranges. - type: object - properties: - latitude: - description: The latitude in degrees. It must be in the range [-90.0, +90.0]. - type: number - format: double - longitude: - description: The longitude in degrees. It must be in the range [-180.0, +180.0]. - type: number - format: double - LatLngBox: - id: LatLngBox - description: A bounding box in lat/lng coordinates. - type: object - properties: - sw: - description: The southwest corner of the box. - $ref: '#/components/schemas/LatLng' - ne: - description: The northeast corner of the box. - $ref: '#/components/schemas/LatLng' - Date: - id: Date - description: >- - Represents a whole or partial calendar date, such as a birthday. The - time of day and time zone are either specified elsewhere or are - insignificant. The date is relative to the Gregorian Calendar. This can - represent one of the following: * A full date, with non-zero year, - month, and day values. * A month and day, with a zero year (for example, - an anniversary). * A year on its own, with a zero month and a zero day. - * A year and month, with a zero day (for example, a credit card - expiration date). Related types: * google.type.TimeOfDay * - google.type.DateTime * google.protobuf.Timestamp - type: object - properties: - year: + annualFluxUrl: + type: string description: >- - Year of the date. Must be from 1 to 9999, or 0 to specify a date - without a year. - type: integer - format: int32 - month: + The URL for the annual flux map (annual sunlight on roofs) of the + region. Values are kWh/kW/year. This is *unmasked flux*: flux is + computed for every location, not just building rooftops. Invalid + locations are stored as -9999: locations outside our coverage area + will be invalid, and a few locations inside the coverage area, where + we were unable to calculate flux, will also be invalid. + monthlyFluxUrl: description: >- - Month of a year. Must be from 1 to 12, or 0 to specify a year - without a month and day. - type: integer - format: int32 - day: + The URL for the monthly flux map (sunlight on roofs, broken down by + month) of the region. Values are kWh/kW/year. The GeoTIFF pointed to + by this URL will contain twelve bands, corresponding to + January...December, in order. + type: string + hourlyShadeUrls: + type: array description: >- - Day of a month. Must be from 1 to 31 and valid for the year and - month, or 0 to specify a year by itself or a year and month where - the day isn't significant. - type: integer - format: int32 - SolarPotential: - id: SolarPotential + Twelve URLs for hourly shade, corresponding to January...December, + in order. Each GeoTIFF will contain 24 bands, corresponding to the + 24 hours of the day. Each pixel is a 32 bit integer, corresponding + to the (up to) 31 days of that month; a 1 bit means that the + corresponding location is able to see the sun at that day, of that + hour, of that month. Invalid locations are stored as -9999 (since + this is negative, it has bit 31 set, and no valid value could have + bit 31 set as that would correspond to the 32nd day of the month). + An example may be useful. If you want to know whether a point (at + pixel location (x, y)) saw sun at 4pm on the 22nd of June you would: + 1. fetch the sixth URL in this list (corresponding to June). 1. look + up the 17th channel (corresponding to 4pm). 1. read the 32-bit value + at (x, y). 1. read bit 21 of the value (corresponding to the 22nd of + the month). 1. if that bit is a 1, then that spot saw the sun at 4pm + 22 June. More formally: Given `month` (1-12), `day` (1...month max; + February has 28 days) and `hour` (0-23), the shade/sun for that + month/day/hour at a position `(x, y)` is the bit ``` + (hourly_shade[month - 1])(x, y)[hour] & (1 << (day - 1)) ``` where + `(x, y)` is spatial indexing, `[month - 1]` refers to fetching the + `month - 1`st URL (indexing from zero), `[hour]` is indexing into + the channels, and a final non-zero result means "sunny". There are + no leap days, and DST doesn't exist (all days are 24 hours long; + noon is always "standard time" noon). + items: + type: string + imageryDate: + description: >- + When the source imagery (from which all the other data are derived) + in this region was taken. It is necessarily somewhat approximate, as + the images may have been taken over more than one day. + $ref: '#/components/schemas/Date' + maskUrl: + type: string + description: >- + The URL for the building mask image: one bit per pixel saying + whether that pixel is considered to be part of a rooftop or not. + rgbUrl: + type: string + description: The URL for an image of RGB data (aerial photo) of the region. + imageryProcessedDate: + $ref: '#/components/schemas/Date' + description: When processing was completed on this imagery. + dsmUrl: + description: >- + The URL for an image of the DSM (Digital Surface Model) of the + region. Values are in meters above EGM96 geoid (i.e., sea level). + Invalid locations (where we don't have data) are stored as -9999. + type: string + LeasingSavings: description: >- - Information about the solar potential of a building. A number of fields - in this are defined in terms of "panels". The fields - panel_capacity_watts, panel_height_meters, and panel_width_meters - describe the parameters of the model of panel used in these - calculations. - type: object + Cost and benefit of leasing a particular configuration of solar panels + with a particular electricity usage. properties: - maxArrayPanelsCount: + savings: + $ref: '#/components/schemas/SavingsOverTime' + description: How much is saved (or not) over the lifetime period. + annualLeasingCost: + description: Estimated annual leasing cost. + $ref: '#/components/schemas/Money' + leasesSupported: description: >- - Size of the maximum array - that is, the maximum number of panels - that can fit on the roof. + Whether leases are supported in this juristiction by the financial + calculation engine. If this field is false, then the values in this + message should probably be ignored. This is independent of + `leases_allowed`: in some areas leases are allowed, but under + conditions that aren't handled by the financial models. + type: boolean + leasesAllowed: + description: >- + Whether leases are allowed in this juristiction (leases are not + allowed in some states). If this field is false, then the values in + this message should probably be ignored. + type: boolean + id: LeasingSavings + type: object + SolarPanel: + properties: + segmentIndex: type: integer format: int32 - panelCapacityWatts: - description: Capacity, in watts, of the panel used in the calculations. - type: number - format: float - panelHeightMeters: description: >- - Height, in meters in portrait orientation, of the panel used in the - calculations. + Index in roof_segment_stats of the `RoofSegmentSizeAndSunshineStats` + which corresponds to the roof segment that this panel is placed on. + yearlyEnergyDcKwh: type: number - format: float - panelWidthMeters: description: >- - Width, in meters in portrait orientation, of the panel used in the - calculations. - type: number + How much sunlight energy this layout captures over the course of a + year, in DC kWh. format: float - panelLifetimeYears: + center: + description: The centre of the panel. + $ref: '#/components/schemas/LatLng' + orientation: + enum: + - SOLAR_PANEL_ORIENTATION_UNSPECIFIED + - LANDSCAPE + - PORTRAIT + description: The orientation of the panel. + enumDescriptions: + - No panel orientation is known. + - >- + A `LANDSCAPE` panel has its long edge perpendicular to the azimuth + direction of the roof segment that it is placed on. + - >- + A `PORTRAIT` panel has its long edge parallel to the azimuth + direction of the roof segment that it is placed on. + type: string + id: SolarPanel + description: >- + SolarPanel describes the position, orientation, and production of a + single solar panel. See the panel_height_meters, panel_width_meters, and + panel_capacity_watts fields in SolarPotential for information on the + parameters of the panel. + type: object + SolarPanelConfig: + type: object + description: >- + SolarPanelConfig describes a particular placement of solar panels on the + roof. + properties: + roofSegmentSummaries: description: >- - The expected lifetime, in years, of the solar panels. This is used - in the financial calculations. - type: integer - format: int32 - maxArrayAreaMeters2: - description: Size, in square meters, of the maximum array. - type: number - format: float - maxSunshineHoursPerYear: + Information about the production of each roof segment that is + carrying at least one panel in this layout. + `roof_segment_summaries[i]` describes the i-th roof segment, + including its size, expected production and orientation. + type: array + items: + $ref: '#/components/schemas/RoofSegmentSummary' + yearlyEnergyDcKwh: description: >- - Maximum number of sunshine hours received per year, by any point on - the roof. Sunshine hours are a measure of the total amount of - insolation (energy) received per year. 1 sunshine hour = 1 kWh per - kW (where kW refers to kW of capacity under Standard Testing - Conditions). - type: number + How much sunlight energy this layout captures over the course of a + year, in DC kWh, assuming the panels described above. format: float - carbonOffsetFactorKgPerMwh: - description: >- - Equivalent amount of CO2 produced per MWh of grid electricity. This - is a measure of the carbon intensity of grid electricity displaced - by solar electricity. type: number - format: float - wholeRoofStats: - description: >- - Total size and sunlight quantiles for the part of the roof that was - assigned to some roof segment. Despite the name, this may not - include the entire building. See building_stats. - $ref: '#/components/schemas/SizeAndSunshineStats' - buildingStats: + panelsCount: + format: int32 description: >- - Size and sunlight quantiles for the entire building, including parts - of the roof that were not assigned to some roof segment. Because the - orientations of these parts are not well characterised, the roof - area estimate is unreliable, but the ground area estimate is - reliable. It may be that a more reliable whole building roof area - can be obtained by scaling the roof area from whole_roof_stats by - the ratio of the ground areas of `building_stats` and - `whole_roof_stats`. - $ref: '#/components/schemas/SizeAndSunshineStats' - roofSegmentStats: - description: Size and sunlight quantiles for each roof segment. + Total number of panels. Note that this is redundant to (the sum of) + the corresponding fields in roof_segment_summaries. + type: integer + id: SolarPanelConfig + LatLng: + id: LatLng + type: object + properties: + latitude: + type: number + description: The latitude in degrees. It must be in the range [-90.0, +90.0]. + format: double + longitude: + format: double + description: The longitude in degrees. It must be in the range [-180.0, +180.0]. + type: number + description: >- + An object that represents a latitude/longitude pair. This is expressed + as a pair of doubles to represent degrees latitude and degrees + longitude. Unless specified otherwise, this object must conform to the + WGS84 standard. Values must be within normalized ranges. + HttpBody: + type: object + id: HttpBody + properties: + extensions: type: array - items: - $ref: '#/components/schemas/RoofSegmentSizeAndSunshineStats' - solarPanels: description: >- - Each SolarPanel describes a single solar panel. They are listed in - the order that the panel layout algorithm placed this. This is - usually, though not always, in decreasing order of annual energy - production. - type: array + Application specific response metadata. Must be set in the first + response for streaming APIs. items: - $ref: '#/components/schemas/SolarPanel' - solarPanelConfigs: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + contentType: description: >- - Each SolarPanelConfig describes a different arrangement of solar - panels on the roof. They are in order of increasing number of - panels. The `SolarPanelConfig` with panels_count=N is based on the - first N panels in the `solar_panels` list. This field is only - populated if at least 4 panels can fit on a roof. - type: array - items: - $ref: '#/components/schemas/SolarPanelConfig' - financialAnalyses: - description: >- - A FinancialAnalysis gives the savings from going solar assuming a - given monthly bill and a given electricity provider. They are in - order of increasing order of monthly bill amount. This field will be - empty for buildings in areas for which the Solar API does not have - enough information to perform financial computations. - type: array - items: - $ref: '#/components/schemas/FinancialAnalysis' + The HTTP Content-Type header value specifying the content type of + the body. + type: string + data: + description: The HTTP request/response body as raw binary. + type: string + format: byte + description: >- + Message that represents an arbitrary HTTP body. It should only be used + for payload formats that can't be represented as JSON, such as raw + binary or an HTML page. This message can be used both in streaming and + non-streaming API methods in the request as well as the response. It can + be used as a top-level request field, which is convenient if one wants + to extract parameters from either the URL or HTTP template into the + request fields and also want access to the raw HTTP body. Example: + message GetResourceRequest { // A unique request id. string request_id = + 1; // The raw HTTP body is bound to this field. google.api.HttpBody + http_body = 2; } service ResourceService { rpc + GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc + UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } + Example with streaming methods: service CaldavService { rpc + GetCalendar(stream google.api.HttpBody) returns (stream + google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) + returns (stream google.api.HttpBody); } Use of this type only changes + how the request and response bodies are handled, all other features will + continue to work unchanged. SizeAndSunshineStats: - id: SizeAndSunshineStats description: Size and sunniness quantiles of a roof, or part of a roof. type: object + id: SizeAndSunshineStats properties: - areaMeters2: - description: >- - The area of the roof or roof segment, in m^2. This is the roof area - (accounting for tilt), not the ground footprint area. - type: number - format: float sunshineQuantiles: + type: array description: >- Quantiles of the pointwise sunniness across the area. If there are N values here, this represents the (N-1)-iles. For example, if there are 5 values, then they would be the quartiles (min, 25%, 50%, 75%, max). Values are in annual kWh/kW like max_sunshine_hours_per_year. - type: array items: type: number format: float - groundAreaMeters2: - description: >- - The ground footprint area covered by the roof or roof segment, in - m^2. - type: number - format: float - RoofSegmentSizeAndSunshineStats: - id: RoofSegmentSizeAndSunshineStats - description: Information about the size and sunniness quantiles of a roof segment. - type: object - properties: - pitchDegrees: - description: >- - Angle of the roof segment relative to the theoretical ground plane. - 0 = parallel to the ground, 90 = perpendicular to the ground. - type: number - format: float - azimuthDegrees: - description: >- - Compass direction the roof segment is pointing in. 0 = North, 90 = - East, 180 = South. For a "flat" roof segment (`pitch_degrees` very - near 0), azimuth is not well defined, so for consistency, we define - it arbitrarily to be 0 (North). - type: number + areaMeters2: format: float - stats: - description: Total size and sunlight quantiles for the roof segment. - $ref: '#/components/schemas/SizeAndSunshineStats' - center: - description: A point near the center of the roof segment. - $ref: '#/components/schemas/LatLng' - boundingBox: - description: The bounding box of the roof segment. - $ref: '#/components/schemas/LatLngBox' - planeHeightAtCenterMeters: - description: >- - The height of the roof segment plane, in meters above sea level, at - the point designated by `center`. Together with the pitch, azimuth, - and center location, this fully defines the roof segment plane. type: number - format: float - SolarPanel: - id: SolarPanel - description: >- - SolarPanel describes the position, orientation, and production of a - single solar panel. See the panel_height_meters, panel_width_meters, and - panel_capacity_watts fields in SolarPotential for information on the - parameters of the panel. - type: object - properties: - center: - description: The centre of the panel. - $ref: '#/components/schemas/LatLng' - orientation: - description: The orientation of the panel. - type: string - enumDescriptions: - - No panel orientation is known. - - >- - A `LANDSCAPE` panel has its long edge perpendicular to the azimuth - direction of the roof segment that it is placed on. - - >- - A `PORTRAIT` panel has its long edge parallel to the azimuth - direction of the roof segment that it is placed on. - enum: - - SOLAR_PANEL_ORIENTATION_UNSPECIFIED - - LANDSCAPE - - PORTRAIT - yearlyEnergyDcKwh: description: >- - How much sunlight energy this layout captures over the course of a - year, in DC kWh. + The area of the roof or roof segment, in m^2. This is the roof area + (accounting for tilt), not the ground footprint area. + groundAreaMeters2: type: number format: float - segmentIndex: description: >- - Index in roof_segment_stats of the `RoofSegmentSizeAndSunshineStats` - which corresponds to the roof segment that this panel is placed on. - type: integer - format: int32 - SolarPanelConfig: - id: SolarPanelConfig - description: >- - SolarPanelConfig describes a particular placement of solar panels on the - roof. - type: object + The ground footprint area covered by the roof or roof segment, in + m^2. + SavingsOverTime: properties: - panelsCount: + presentValueOfSavingsLifetime: description: >- - Total number of panels. Note that this is redundant to (the sum of) - the corresponding fields in roof_segment_summaries. - type: integer - format: int32 - yearlyEnergyDcKwh: + Using the assumed discount rate, what is the present value of the + cumulative lifetime savings? + $ref: '#/components/schemas/Money' + financiallyViable: description: >- - How much sunlight energy this layout captures over the course of a - year, in DC kWh, assuming the panels described above. - type: number - format: float - roofSegmentSummaries: + Indicates whether this scenario is financially viable. Will be false + for scenarios with poor financial viability (e.g., money-losing). + type: boolean + savingsYear20: + $ref: '#/components/schemas/Money' + description: Savings in the first twenty years after panel installation. + presentValueOfSavingsYear20: + $ref: '#/components/schemas/Money' description: >- - Information about the production of each roof segment that is - carrying at least one panel in this layout. - `roof_segment_summaries[i]` describes the i-th roof segment, - including its size, expected production and orientation. - type: array - items: - $ref: '#/components/schemas/RoofSegmentSummary' - RoofSegmentSummary: - id: RoofSegmentSummary + Using the assumed discount rate, what is the present value of the + cumulative 20-year savings? + savingsLifetime: + description: Savings in the entire panel lifetime. + $ref: '#/components/schemas/Money' + savingsYear1: + description: Savings in the first year after panel installation. + $ref: '#/components/schemas/Money' + id: SavingsOverTime + description: Financial information that's shared between different financing methods. + type: object + Date: description: >- - Information about a roof segment on the building, with some number of - panels placed on it. + Represents a whole or partial calendar date, such as a birthday. The + time of day and time zone are either specified elsewhere or are + insignificant. The date is relative to the Gregorian Calendar. This can + represent one of the following: * A full date, with non-zero year, + month, and day values. * A month and day, with a zero year (for example, + an anniversary). * A year on its own, with a zero month and a zero day. + * A year and month, with a zero day (for example, a credit card + expiration date). Related types: * google.type.TimeOfDay * + google.type.DateTime * google.protobuf.Timestamp + id: Date type: object properties: - pitchDegrees: - description: >- - Angle of the roof segment relative to the theoretical ground plane. - 0 = parallel to the ground, 90 = perpendicular to the ground. - type: number - format: float - azimuthDegrees: - description: >- - Compass direction the roof segment is pointing in. 0 = North, 90 = - East, 180 = South. For a "flat" roof segment (`pitch_degrees` very - near 0), azimuth is not well defined, so for consistency, we define - it arbitrarily to be 0 (North). - type: number - format: float - panelsCount: - description: The total number of panels on this segment. + year: type: integer - format: int32 - yearlyEnergyDcKwh: description: >- - How much sunlight energy this part of the layout captures over the - course of a year, in DC kWh, assuming the panels described above. - type: number - format: float - segmentIndex: + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. + format: int32 + day: + format: int32 description: >- - Index in roof_segment_stats of the corresponding - `RoofSegmentSizeAndSunshineStats`. + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. type: integer + month: + description: >- + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. format: int32 + type: integer FinancialAnalysis: id: FinancialAnalysis + type: object description: >- Analysis of the cost and benefits of the optimum solar layout for a particular electric bill size. - type: object properties: - monthlyBill: - description: The monthly electric bill this analysis assumes. - $ref: '#/components/schemas/Money' defaultBill: description: >- Whether this is the bill size selected to be the default bill for the area this building is in. Exactly one `FinancialAnalysis` in `BuildingSolarPotential` should have `default_bill` set. type: boolean - averageKwhPerMonth: + monthlyBill: + $ref: '#/components/schemas/Money' + description: The monthly electric bill this analysis assumes. + leasingSavings: + description: Cost and benefit of leasing the solar panels. + $ref: '#/components/schemas/LeasingSavings' + financedPurchaseSavings: + $ref: '#/components/schemas/FinancedPurchaseSavings' description: >- - How much electricity the house uses in an average month, based on - the bill size and the local electricity rates. - type: number - format: float - panelConfigIndex: - description: >- - Index in solar_panel_configs of the optimum solar layout for this - bill size. This can be -1 indicating that there is no layout. In - this case, the remaining submessages will be omitted. - type: integer - format: int32 + Cost and benefit of buying the solar panels by financing the + purchase. financialDetails: description: >- Financial information that applies regardless of the financing method used. $ref: '#/components/schemas/FinancialDetails' - leasingSavings: - description: Cost and benefit of leasing the solar panels. - $ref: '#/components/schemas/LeasingSavings' + panelConfigIndex: + type: integer + format: int32 + description: >- + Index in solar_panel_configs of the optimum solar layout for this + bill size. This can be -1 indicating that there is no layout. In + this case, the remaining submessages will be omitted. cashPurchaseSavings: description: Cost and benefit of buying the solar panels with cash. $ref: '#/components/schemas/CashPurchaseSavings' - financedPurchaseSavings: + averageKwhPerMonth: description: >- - Cost and benefit of buying the solar panels by financing the - purchase. - $ref: '#/components/schemas/FinancedPurchaseSavings' - Money: - id: Money - description: Represents an amount of money with its currency type. - type: object + How much electricity the house uses in an average month, based on + the bill size and the local electricity rates. + type: number + format: float + BuildingInsights: properties: - currencyCode: - description: The three-letter currency code defined in ISO 4217. + name: + description: >- + The resource name for the building, of the format + `buildings/{place_id}`. type: string - units: + imageryProcessedDate: + description: When processing was completed on this imagery. + $ref: '#/components/schemas/Date' + solarPotential: + $ref: '#/components/schemas/SolarPotential' + description: Solar potential of the building. + administrativeArea: description: >- - The whole units of the amount. For example if `currencyCode` is - `"USD"`, then 1 unit is one US dollar. + Administrative area 1 (e.g., in the US, the state) that contains + this building. For example, in the US, the abbreviation might be + "MA" or "CA." type: string - format: int64 - nanos: + imageryQuality: + enum: + - IMAGERY_QUALITY_UNSPECIFIED + - HIGH + - MEDIUM + - LOW + - BASE + type: string + enumDescriptions: + - No quality is known. + - >- + Solar data is derived from aerial imagery captured at low-altitude + and processed at 0.1 m/pixel. + - >- + Solar data is derived from enhanced aerial imagery captured at + high-altitude and processed at 0.25 m/pixel. + - >- + Solar data is derived from enhanced satellite imagery processed at + 0.25 m/pixel. + - >- + Solar data is derived from enhanced satellite imagery processed at + 0.25 m/pixel. description: >- - Number of nano (10^-9) units of the amount. The value must be - between -999,999,999 and +999,999,999 inclusive. If `units` is - positive, `nanos` must be positive or zero. If `units` is zero, - `nanos` can be positive, zero, or negative. If `units` is negative, - `nanos` must be negative or zero. For example $-1.75 is represented - as `units`=-1 and `nanos`=-750,000,000. - type: integer - format: int32 - FinancialDetails: - id: FinancialDetails - description: >- - Details of a financial analysis. Some of these details are already - stored at higher levels (e.g., out of pocket cost). Total money amounts - are over a lifetime period defined by the panel_lifetime_years field in - SolarPotential. Note: The out of pocket cost of purchasing the panels is - given in the out_of_pocket_cost field in CashPurchaseSavings. + The quality of the imagery used to compute the data for this + building. + statisticalArea: + description: Statistical area (e.g., US census tract) this building is in. + type: string + imageryDate: + description: Date that the underlying imagery was acquired. This is approximate. + $ref: '#/components/schemas/Date' + center: + description: A point near the center of the building. + $ref: '#/components/schemas/LatLng' + regionCode: + description: Region code for the country (or region) this building is in. + type: string + postalCode: + type: string + description: Postal code (e.g., US zip code) this building is contained by. + boundingBox: + description: The bounding box of the building. + $ref: '#/components/schemas/LatLngBox' type: object + description: >- + Response message for `Solar.FindClosestBuildingInsights`. Information + about the location, dimensions, and solar potential of a building. + id: BuildingInsights + RoofSegmentSizeAndSunshineStats: + description: Information about the size and sunniness quantiles of a roof segment. properties: - initialAcKwhPerYear: - description: >- - How many AC kWh we think the solar panels will generate in their - first year. - type: number + center: + description: A point near the center of the roof segment. + $ref: '#/components/schemas/LatLng' + planeHeightAtCenterMeters: format: float - remainingLifetimeUtilityBill: - description: >- - Utility bill for electricity not produced by solar, for the lifetime - of the panels. - $ref: '#/components/schemas/Money' - federalIncentive: - description: >- - Amount of money available from federal incentives; this applies if - the user buys (with or without a loan) the panels. - $ref: '#/components/schemas/Money' - stateIncentive: - description: >- - Amount of money available from state incentives; this applies if the - user buys (with or without a loan) the panels. - $ref: '#/components/schemas/Money' - utilityIncentive: - description: >- - Amount of money available from utility incentives; this applies if - the user buys (with or without a loan) the panels. - $ref: '#/components/schemas/Money' - lifetimeSrecTotal: - description: >- - Amount of money the user will receive from Solar Renewable Energy - Credits over the panel lifetime; this applies if the user buys (with - or without a loan) the panels. - $ref: '#/components/schemas/Money' - costOfElectricityWithoutSolar: - description: >- - Total cost of electricity the user would have paid over the lifetime - period if they didn't install solar. - $ref: '#/components/schemas/Money' - netMeteringAllowed: - description: Whether net metering is allowed. - type: boolean - solarPercentage: - description: >- - Percentage (0-100) of the user's power supplied by solar. Valid for - the first year but approximately correct for future years. type: number - format: float - percentageExportedToGrid: description: >- - The percentage (0-100) of solar electricity production we assumed - was exported to the grid, based on the first quarter of production. - This affects the calculations if net metering is not allowed. + The height of the roof segment plane, in meters above sea level, at + the point designated by `center`. Together with the pitch, azimuth, + and center location, this fully defines the roof segment plane. + boundingBox: + $ref: '#/components/schemas/LatLngBox' + description: The bounding box of the roof segment. + azimuthDegrees: type: number - format: float - LeasingSavings: - id: LeasingSavings - description: >- - Cost and benefit of leasing a particular configuration of solar panels - with a particular electricity usage. - type: object - properties: - leasesAllowed: description: >- - Whether leases are allowed in this juristiction (leases are not - allowed in some states). If this field is false, then the values in - this message should probably be ignored. - type: boolean - leasesSupported: + Compass direction the roof segment is pointing in. 0 = North, 90 = + East, 180 = South. For a "flat" roof segment (`pitch_degrees` very + near 0), azimuth is not well defined, so for consistency, we define + it arbitrarily to be 0 (North). + format: float + pitchDegrees: + format: float description: >- - Whether leases are supported in this juristiction by the financial - calculation engine. If this field is false, then the values in this - message should probably be ignored. This is independent of - `leases_allowed`: in some areas leases are allowed, but under - conditions that aren't handled by the financial models. - type: boolean - annualLeasingCost: - description: Estimated annual leasing cost. - $ref: '#/components/schemas/Money' - savings: - description: How much is saved (or not) over the lifetime period. - $ref: '#/components/schemas/SavingsOverTime' - SavingsOverTime: - id: SavingsOverTime - description: Financial information that's shared between different financing methods. + Angle of the roof segment relative to the theoretical ground plane. + 0 = parallel to the ground, 90 = perpendicular to the ground. + type: number + stats: + description: Total size and sunlight quantiles for the roof segment. + $ref: '#/components/schemas/SizeAndSunshineStats' type: object - properties: - savingsYear1: - description: Savings in the first year after panel installation. - $ref: '#/components/schemas/Money' - savingsYear20: - description: Savings in the first twenty years after panel installation. - $ref: '#/components/schemas/Money' - presentValueOfSavingsYear20: - description: >- - Using the assumed discount rate, what is the present value of the - cumulative 20-year savings? - $ref: '#/components/schemas/Money' - savingsLifetime: - description: Savings in the entire panel lifetime. - $ref: '#/components/schemas/Money' - presentValueOfSavingsLifetime: - description: >- - Using the assumed discount rate, what is the present value of the - cumulative lifetime savings? - $ref: '#/components/schemas/Money' - financiallyViable: - description: >- - Indicates whether this scenario is financially viable. Will be false - for scenarios with poor financial viability (e.g., money-losing). - type: boolean - CashPurchaseSavings: - id: CashPurchaseSavings + id: RoofSegmentSizeAndSunshineStats + SolarPotential: + id: SolarPotential description: >- - Cost and benefit of an outright purchase of a particular configuration - of solar panels with a particular electricity usage. - type: object + Information about the solar potential of a building. A number of fields + in this are defined in terms of "panels". The fields + panel_capacity_watts, panel_height_meters, and panel_width_meters + describe the parameters of the model of panel used in these + calculations. properties: - outOfPocketCost: - description: >- - Initial cost before tax incentives: the amount that must be paid - out-of-pocket. Contrast with `upfront_cost`, which is after tax - incentives. - $ref: '#/components/schemas/Money' - upfrontCost: - description: >- - Initial cost after tax incentives: it's the amount that must be paid - during first year. Contrast with `out_of_pocket_cost`, which is - before tax incentives. - $ref: '#/components/schemas/Money' - rebateValue: - description: The value of all tax rebates. - $ref: '#/components/schemas/Money' - paybackYears: - description: >- - Number of years until payback occurs. A negative value means payback - never occurs within the lifetime period. + panelCapacityWatts: + format: float + description: Capacity, in watts, of the panel used in the calculations. type: number + maxArrayAreaMeters2: format: float - savings: - description: How much is saved (or not) over the lifetime period. - $ref: '#/components/schemas/SavingsOverTime' - FinancedPurchaseSavings: - id: FinancedPurchaseSavings - description: >- - Cost and benefit of using a loan to buy a particular configuration of - solar panels with a particular electricity usage. - type: object - properties: - annualLoanPayment: - description: Annual loan payments. - $ref: '#/components/schemas/Money' - rebateValue: - description: >- - The value of all tax rebates (including Federal Investment Tax - Credit (ITC)). - $ref: '#/components/schemas/Money' - loanInterestRate: - description: The interest rate on loans assumed in this set of calculations. type: number + description: Size, in square meters, of the maximum array. + wholeRoofStats: + description: >- + Total size and sunlight quantiles for the part of the roof that was + assigned to some roof segment. Despite the name, this may not + include the entire building. See building_stats. + $ref: '#/components/schemas/SizeAndSunshineStats' + panelWidthMeters: format: float - savings: - description: How much is saved (or not) over the lifetime period. - $ref: '#/components/schemas/SavingsOverTime' - DataLayers: - id: DataLayers - description: >- - Information about the solar potential of a region. The actual data are - contained in a number of GeoTIFF files covering the requested region, - for which this message contains URLs: Each string in the `DataLayers` - message contains a URL from which the corresponding GeoTIFF can be - fetched. These URLs are valid for a few hours after they've been - generated. Most of the GeoTIFF files are at a resolution of 0.1m/pixel, - but the monthly flux file is at 0.5m/pixel, and the hourly shade files - are at 1m/pixel. If a `pixel_size_meters` value was specified in the - `GetDataLayersRequest`, then the minimum resolution in the GeoTIFF files - will be that value. - type: object - properties: - imageryDate: description: >- - When the source imagery (from which all the other data are derived) - in this region was taken. It is necessarily somewhat approximate, as - the images may have been taken over more than one day. - $ref: '#/components/schemas/Date' - imageryProcessedDate: - description: When processing was completed on this imagery. - $ref: '#/components/schemas/Date' - dsmUrl: + Width, in meters in portrait orientation, of the panel used in the + calculations. + type: number + solarPanelConfigs: + items: + $ref: '#/components/schemas/SolarPanelConfig' description: >- - The URL for an image of the DSM (Digital Surface Model) of the - region. Values are in meters above EGM96 geoid (i.e., sea level). - Invalid locations (where we don't have data) are stored as -9999. - type: string - rgbUrl: - description: The URL for an image of RGB data (aerial photo) of the region. - type: string - maskUrl: + Each SolarPanelConfig describes a different arrangement of solar + panels on the roof. They are in order of increasing number of + panels. The `SolarPanelConfig` with panels_count=N is based on the + first N panels in the `solar_panels` list. This field is only + populated if at least 4 panels can fit on a roof. + type: array + roofSegmentStats: + description: Size and sunlight quantiles for each roof segment. + type: array + items: + $ref: '#/components/schemas/RoofSegmentSizeAndSunshineStats' + carbonOffsetFactorKgPerMwh: + type: number description: >- - The URL for the building mask image: one bit per pixel saying - whether that pixel is considered to be part of a rooftop or not. - type: string - annualFluxUrl: + Equivalent amount of CO2 produced per MWh of grid electricity. This + is a measure of the carbon intensity of grid electricity displaced + by solar electricity. + format: float + maxArrayPanelsCount: + format: int32 description: >- - The URL for the annual flux map (annual sunlight on roofs) of the - region. Values are kWh/kW/year. This is *unmasked flux*: flux is - computed for every location, not just building rooftops. Invalid - locations are stored as -9999: locations outside our coverage area - will be invalid, and a few locations inside the coverage area, where - we were unable to calculate flux, will also be invalid. - type: string - monthlyFluxUrl: + Size of the maximum array - that is, the maximum number of panels + that can fit on the roof. + type: integer + panelHeightMeters: + format: float description: >- - The URL for the monthly flux map (sunlight on roofs, broken down by - month) of the region. Values are kWh/kW/year. The GeoTIFF pointed to - by this URL will contain twelve bands, corresponding to - January...December, in order. - type: string - hourlyShadeUrls: + Height, in meters in portrait orientation, of the panel used in the + calculations. + type: number + maxSunshineHoursPerYear: + format: float + type: number description: >- - Twelve URLs for hourly shade, corresponding to January...December, - in order. Each GeoTIFF will contain 24 bands, corresponding to the - 24 hours of the day. Each pixel is a 32 bit integer, corresponding - to the (up to) 31 days of that month; a 1 bit means that the - corresponding location is able to see the sun at that day, of that - hour, of that month. Invalid locations are stored as -9999 (since - this is negative, it has bit 31 set, and no valid value could have - bit 31 set as that would correspond to the 32nd day of the month). - An example may be useful. If you want to know whether a point (at - pixel location (x, y)) saw sun at 4pm on the 22nd of June you would: - 1. fetch the sixth URL in this list (corresponding to June). 1. look - up the 17th channel (corresponding to 4pm). 1. read the 32-bit value - at (x, y). 1. read bit 21 of the value (corresponding to the 22nd of - the month). 1. if that bit is a 1, then that spot saw the sun at 4pm - 22 June. More formally: Given `month` (1-12), `day` (1...month max; - February has 28 days) and `hour` (0-23), the shade/sun for that - month/day/hour at a position `(x, y)` is the bit ``` - (hourly_shade[month - 1])(x, y)[hour] & (1 << (day - 1)) ``` where - `(x, y)` is spatial indexing, `[month - 1]` refers to fetching the - `month - 1`st URL (indexing from zero), `[hour]` is indexing into - the channels, and a final non-zero result means "sunny". There are - no leap days, and DST doesn't exist (all days are 24 hours long; - noon is always "standard time" noon). + Maximum number of sunshine hours received per year, by any point on + the roof. Sunshine hours are a measure of the total amount of + insolation (energy) received per year. 1 sunshine hour = 1 kWh per + kW (where kW refers to kW of capacity under Standard Testing + Conditions). + solarPanels: type: array items: - type: string - imageryQuality: - description: The quality of the result's imagery. - type: string - enumDescriptions: - - No quality is known. - - >- - Solar data is derived from aerial imagery captured at low-altitude - and processed at 0.1 m/pixel. - - >- - Solar data is derived from enhanced aerial imagery captured at - high-altitude and processed at 0.25 m/pixel. - - >- - Solar data is derived from enhanced satellite imagery processed at - 0.25 m/pixel. - - >- - Solar data is derived from enhanced satellite imagery processed at - 0.25 m/pixel. - enum: - - IMAGERY_QUALITY_UNSPECIFIED - - HIGH - - MEDIUM - - LOW - - BASE - HttpBody: - id: HttpBody - description: >- - Message that represents an arbitrary HTTP body. It should only be used - for payload formats that can't be represented as JSON, such as raw - binary or an HTML page. This message can be used both in streaming and - non-streaming API methods in the request as well as the response. It can - be used as a top-level request field, which is convenient if one wants - to extract parameters from either the URL or HTTP template into the - request fields and also want access to the raw HTTP body. Example: - message GetResourceRequest { // A unique request id. string request_id = - 1; // The raw HTTP body is bound to this field. google.api.HttpBody - http_body = 2; } service ResourceService { rpc - GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc - UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } - Example with streaming methods: service CaldavService { rpc - GetCalendar(stream google.api.HttpBody) returns (stream - google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) - returns (stream google.api.HttpBody); } Use of this type only changes - how the request and response bodies are handled, all other features will - continue to work unchanged. + $ref: '#/components/schemas/SolarPanel' + description: >- + Each SolarPanel describes a single solar panel. They are listed in + the order that the panel layout algorithm placed this. This is + usually, though not always, in decreasing order of annual energy + production. + financialAnalyses: + type: array + description: >- + A FinancialAnalysis gives the savings from going solar assuming a + given monthly bill and a given electricity provider. They are in + order of increasing order of monthly bill amount. This field will be + empty for buildings in areas for which the Solar API does not have + enough information to perform financial computations. + items: + $ref: '#/components/schemas/FinancialAnalysis' + panelLifetimeYears: + description: >- + The expected lifetime, in years, of the solar panels. This is used + in the financial calculations. + format: int32 + type: integer + buildingStats: + description: >- + Size and sunlight quantiles for the entire building, including parts + of the roof that were not assigned to some roof segment. Because the + orientations of these parts are not well characterised, the roof + area estimate is unreliable, but the ground area estimate is + reliable. It may be that a more reliable whole building roof area + can be obtained by scaling the roof area from whole_roof_stats by + the ratio of the ground areas of `building_stats` and + `whole_roof_stats`. + $ref: '#/components/schemas/SizeAndSunshineStats' type: object + RoofSegmentSummary: + id: RoofSegmentSummary properties: - contentType: + panelsCount: + description: The total number of panels on this segment. + format: int32 + type: integer + segmentIndex: + format: int32 + type: integer description: >- - The HTTP Content-Type header value specifying the content type of - the body. - type: string - data: - description: The HTTP request/response body as raw binary. - type: string - format: byte - extensions: + Index in roof_segment_stats of the corresponding + `RoofSegmentSizeAndSunshineStats`. + yearlyEnergyDcKwh: + type: number + format: float description: >- - Application specific response metadata. Must be set in the first - response for streaming APIs. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + How much sunlight energy this part of the layout captures over the + course of a year, in DC kWh, assuming the panels described above. + pitchDegrees: + description: >- + Angle of the roof segment relative to the theoretical ground plane. + 0 = parallel to the ground, 90 = perpendicular to the ground. + format: float + type: number + azimuthDegrees: + description: >- + Compass direction the roof segment is pointing in. 0 = North, 90 = + East, 180 = South. For a "flat" roof segment (`pitch_degrees` very + near 0), azimuth is not well defined, so for consistency, we define + it arbitrarily to be 0 (North). + type: number + format: float + type: object + description: >- + Information about a roof segment on the building, with some number of + panels placed on it. parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string alt: description: Data format for response. in: query @@ -848,54 +842,36 @@ components: name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string upload_protocol: description: Upload protocol for media (e.g. "raw", "multipart"). in: query name: upload_protocol schema: type: string + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query name: uploadType schema: type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string _.xgafv: description: V1 error format. in: query @@ -905,6 +881,30 @@ components: enum: - '1' - '2' + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean x-stackQL-resources: building_insights: id: google.solar.building_insights @@ -962,17 +962,17 @@ components: paths: /v1/buildingInsights:findClosest: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/prettyPrint' get: description: >- Locates the building whose centroid is closest to a query point. Returns @@ -992,6 +992,18 @@ paths: schema: $ref: '#/components/schemas/BuildingInsights' parameters: + - in: query + name: requiredQuality + schema: + type: string + - in: query + name: exactQualityRequired + schema: + type: boolean + - in: query + name: experiments + schema: + type: string - in: query name: location.latitude schema: @@ -1002,14 +1014,6 @@ paths: schema: type: number format: double - - in: query - name: requiredQuality - schema: - type: string - - in: query - name: experiments - schema: - type: string /v1/dataLayers:get: parameters: *ref_1 get: @@ -1042,31 +1046,31 @@ paths: type: number format: double - in: query - name: radiusMeters + name: view schema: - type: number - format: float + type: string - in: query - name: view + name: experiments schema: type: string - in: query name: requiredQuality schema: type: string + - in: query + name: exactQualityRequired + schema: + type: boolean - in: query name: pixelSizeMeters schema: type: number format: float - in: query - name: exactQualityRequired - schema: - type: boolean - - in: query - name: experiments + name: radiusMeters schema: - type: string + type: number + format: float /v1/geoTiff:get: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/spanner.yaml b/providers/src/googleapis.com/v00.00.00000/services/spanner.yaml index 7c4ebbc3..28551865 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/spanner.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/spanner.yaml @@ -9,8 +9,8 @@ info: Cloud Spanner is a managed, mission-critical, globally consistent and scalable relational database service. version: v1 - x-discovery-doc-revision: '20250730' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251121' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/spanner/ servers: @@ -27,8 +27,8 @@ components: https://www.googleapis.com/auth/cloud-platform: >- See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account. - https://www.googleapis.com/auth/spanner.admin: Administer your Spanner databases https://www.googleapis.com/auth/spanner.data: View and manage the contents of your Spanner databases + https://www.googleapis.com/auth/spanner.admin: Administer your Spanner databases Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -38,228 +38,40 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListScansResponse: - id: ListScansResponse - description: Response method from the ListScans method. - type: object - properties: - scans: - description: Available scans based on the list query parameters. - type: array - items: - $ref: '#/components/schemas/Scan' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string - Scan: - id: Scan - description: >- - Scan is a structure which describes Cloud Key Visualizer scan - information. - type: object - properties: - name: - description: >- - The unique name of the scan, specific to the Database service - implementing this interface. - type: string - details: - description: Additional information provided by the implementer. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - startTime: - description: >- - A range of time (inclusive) for when the scan is defined. The lower - bound for when the scan is defined. - type: string - format: google-datetime - endTime: - description: The upper bound for when the scan is defined. - type: string - format: google-datetime - scanData: - description: >- - Output only. Cloud Key Visualizer scan data. Note, this field is not - available to the ListScans method. - readOnly: true - $ref: '#/components/schemas/ScanData' - ScanData: - id: ScanData - description: >- - ScanData contains Cloud Key Visualizer scan data used by the caller to - construct a visualization. - type: object - properties: - startTime: - description: >- - A range of time (inclusive) for when the contained data is defined. - The lower bound for when the contained data is defined. - type: string - format: google-datetime - endTime: - description: The upper bound for when the contained data is defined. - type: string - format: google-datetime - data: - description: >- - Cloud Key Visualizer scan data. The range of time this information - covers is captured via the above time range fields. Note, this field - is not available to the ListScans method. - $ref: '#/components/schemas/VisualizationData' - VisualizationData: - id: VisualizationData - type: object - properties: - dataSourceSeparatorToken: - description: >- - The token delimiting a datasource name from the rest of a key in a - data_source. - type: string - dataSourceEndToken: - description: The token signifying the end of a data_source. - type: string - endKeyStrings: - description: >- - We discretize the entire keyspace into buckets. Assuming each bucket - has an inclusive keyrange and covers keys from k(i) ... k(n). In - this case k(n) would be an end key for a given range. end_key_string - is the collection of all such end keys - type: array - items: - type: string - indexedKeys: - description: >- - Keys of key ranges that contribute significantly to a given metric - Can be thought of as heavy hitters. - type: array - items: - type: string - prefixNodes: - description: >- - The list of extracted key prefix nodes used in the key prefix - hierarchy. - type: array - items: - $ref: '#/components/schemas/PrefixNode' - metrics: - description: The list of data objects for each metric. - type: array - items: - $ref: '#/components/schemas/Metric' - diagnosticMessages: - description: The list of messages (info, alerts, ...) - type: array - items: - $ref: '#/components/schemas/DiagnosticMessage' - keySeparator: - description: The token delimiting the key prefixes. - type: string - keyUnit: - description: 'The unit for the key: e.g. ''key'' or ''chunk''.' - type: string - enumDescriptions: - - Required default value - - Each entry corresponds to one key - - Each entry corresponds to a chunk of keys - enum: - - KEY_UNIT_UNSPECIFIED - - KEY - - CHUNK - hasPii: - description: Whether this scan contains PII. - type: boolean - PrefixNode: - id: PrefixNode - description: >- - A message representing a key prefix node in the key prefix hierarchy. - for eg. Bigtable keyspaces are lexicographically ordered mappings of - keys to values. Keys often have a shared prefix structure where users - use the keys to organize data. Eg ///employee In this case Keysight will - possibly use one node for a company and reuse it for all employees that - fall under the company. Doing so improves legibility in the UI. - type: object - properties: - word: - description: The string represented by the prefix node. - type: string - startIndex: - description: The index of the start key bucket of the range that this node spans. - type: integer - format: int32 - endIndex: - description: The index of the end key bucket of the range that this node spans. - type: integer - format: int32 - depth: - description: The depth in the prefix hierarchy. - type: integer - format: int32 - dataSourceNode: - description: Whether this corresponds to a data_source name. - type: boolean Metric: - id: Metric description: >- A message representing the actual monitoring data, values for each key bucket over time, of a metric. + id: Metric type: object properties: - visible: - description: Whether the metric is visible to the end user. - type: boolean displayLabel: description: The displayed label of the metric. $ref: '#/components/schemas/LocalizedString' - unit: - description: The unit of the metric. + visible: + type: boolean + description: Whether the metric is visible to the end user. + hasNonzeroData: + type: boolean + description: Whether the metric has any non-zero data. + indexedHotKeys: + type: object + additionalProperties: + $ref: '#/components/schemas/IndexedHotKey' + description: >- + The (sparse) mapping from time index to an IndexedHotKey message, + representing those time intervals for which there are hot keys. + category: + description: The category of the metric, e.g. "Activity", "Alerts", "Reads", etc. $ref: '#/components/schemas/LocalizedString' info: description: Information about the metric. $ref: '#/components/schemas/LocalizedString' - category: - description: The category of the metric, e.g. "Activity", "Alerts", "Reads", etc. - $ref: '#/components/schemas/LocalizedString' - hasNonzeroData: - description: Whether the metric has any non-zero data. - type: boolean - hotValue: - description: >- - The value that is considered hot for the metric. On a per metric - basis hotness signals high utilization and something that might - potentially be a cause for concern by the end user. hot_value is - used to calibrate and scale visual color scales. - type: number - format: float - aggregation: - description: The aggregation function used to aggregate each key bucket - type: string - enumDescriptions: - - Required default value. - - Use the maximum of all values. - - Use the sum of all values. - enum: - - AGGREGATION_UNSPECIFIED - - MAX - - SUM - matrix: - description: The data for the metric as a matrix. - $ref: '#/components/schemas/MetricMatrix' derived: description: >- The references to numerator and denominator metrics for a derived metric. $ref: '#/components/schemas/DerivedMetric' - indexedHotKeys: - description: >- - The (sparse) mapping from time index to an IndexedHotKey message, - representing those time intervals for which there are hot keys. - type: object - additionalProperties: - $ref: '#/components/schemas/IndexedHotKey' indexedKeyRangeInfos: description: >- The (sparse) mapping from time interval index to an @@ -268,1272 +80,565 @@ components: type: object additionalProperties: $ref: '#/components/schemas/IndexedKeyRangeInfos' - LocalizedString: - id: LocalizedString - description: >- - A message representing a user-facing string whose value may need to be - translated before being displayed. - type: object - properties: - token: - description: >- - The token identifying the message, e.g. 'METRIC_READ_CPU'. This - should be unique within the service. - type: string - message: - description: >- - The canonical English version of this message. If no token is - provided or the front-end has no message associated with the token, - this text will be displayed as-is. + aggregation: + enum: + - AGGREGATION_UNSPECIFIED + - MAX + - SUM type: string - args: + description: The aggregation function used to aggregate each key bucket + enumDescriptions: + - Required default value. + - Use the maximum of all values. + - Use the sum of all values. + matrix: + description: The data for the metric as a matrix. + $ref: '#/components/schemas/MetricMatrix' + hotValue: + type: number + format: float description: >- - A map of arguments used when creating the localized message. Keys - represent parameter names which may be used by the localized version - when substituting dynamic values. - type: object - additionalProperties: - type: string - MetricMatrix: - id: MetricMatrix - description: A message representing a matrix of floats. - type: object - properties: - rows: - description: The rows of the matrix. - type: array - items: - $ref: '#/components/schemas/MetricMatrixRow' - MetricMatrixRow: - id: MetricMatrixRow - description: A message representing a row of a matrix of floats. - type: object + The value that is considered hot for the metric. On a per metric + basis hotness signals high utilization and something that might + potentially be a cause for concern by the end user. hot_value is + used to calibrate and scale visual color scales. + unit: + $ref: '#/components/schemas/LocalizedString' + description: The unit of the metric. + CopyBackupMetadata: properties: - cols: - description: The columns of the row. - type: array - items: - type: number - format: float - DerivedMetric: - id: DerivedMetric - description: A message representing a derived metric. + sourceBackup: + description: >- + The name of the source backup that is being copied. Values are of + the form `projects//instances//backups/`. + type: string + progress: + $ref: '#/components/schemas/OperationProgress' + description: The progress of the CopyBackup operation. + name: + description: >- + The name of the backup being created through the copy operation. + Values are of the form `projects//instances//backups/`. + type: string + cancelTime: + description: >- + The time at which cancellation of CopyBackup operation was received. + Operations.CancelOperation starts asynchronous cancellation on a + long-running operation. The server makes a best effort to cancel the + operation, but success is not guaranteed. Clients can use + Operations.GetOperation or other methods to check whether the + cancellation succeeded or whether the operation completed despite + cancellation. On successful cancellation, the operation is not + deleted; instead, it becomes an operation with an Operation.error + value with a google.rpc.Status.code of 1, corresponding to + `Code.CANCELLED`. + format: google-datetime + type: string + id: CopyBackupMetadata type: object - properties: - numerator: - description: The name of the numerator metric. e.g. "latency". - $ref: '#/components/schemas/LocalizedString' - denominator: - description: The name of the denominator metric. e.g. "rows". - $ref: '#/components/schemas/LocalizedString' - IndexedHotKey: - id: IndexedHotKey - description: >- - A message representing a (sparse) collection of hot keys for specific - key buckets. + description: Metadata type for the operation returned by CopyBackup. + DatabaseRole: type: object + description: A Cloud Spanner database role. properties: - sparseHotKeys: + name: + type: string description: >- - A (sparse) mapping from key bucket index to the index of the - specific hot row key for that key bucket. The index of the hot row - key can be translated to the actual row key via the - ScanData.VisualizationData.indexed_keys repeated field. - type: object - additionalProperties: - type: integer - format: int32 - IndexedKeyRangeInfos: - id: IndexedKeyRangeInfos - description: >- - A message representing a (sparse) collection of KeyRangeInfos for - specific key buckets. + Required. The name of the database role. Values are of the form + `projects//instances//databases//databaseRoles/` where `` is as + specified in the `CREATE ROLE` DDL statement. + id: DatabaseRole + HeartbeatRecord: type: object properties: - keyRangeInfos: + timestamp: + type: string + format: google-datetime description: >- - A (sparse) mapping from key bucket index to the KeyRangeInfos for - that key bucket. - type: object - additionalProperties: - $ref: '#/components/schemas/KeyRangeInfos' - KeyRangeInfos: - id: KeyRangeInfos + Indicates the timestamp at which the query has returned all the + records in the change stream partition with timestamp <= heartbeat + timestamp. The heartbeat timestamp will not be the same as the + timestamps of other record types in the same partition. + id: HeartbeatRecord description: >- - A message representing a list of specific information for multiple key - ranges. + A heartbeat record is returned as a progress indicator, when there are + no data changes or any other partition record types in the change stream + partition. + Backup: type: object + description: A backup of a Cloud Spanner database. properties: - infos: - description: The list individual KeyRangeInfos. - type: array - items: - $ref: '#/components/schemas/KeyRangeInfo' - totalSize: + state: + description: Output only. The current state of the backup. + enumDescriptions: + - Not specified. + - >- + The pending backup is still being created. Operations on the + backup may fail with `FAILED_PRECONDITION` in this state. + - The backup is complete and ready for use. + enum: + - STATE_UNSPECIFIED + - CREATING + - READY + type: string + readOnly: true + database: description: >- - The total size of the list of all KeyRangeInfos. This may be larger - than the number of repeated messages above. If that is the case, - this number may be used to determine how many are not being shown. - type: integer - format: int32 - KeyRangeInfo: - id: KeyRangeInfo - description: A message representing information for a key range (possibly one key). - type: object - properties: - startKeyIndex: - description: The index of the start key in indexed_keys. - type: integer - format: int32 - endKeyIndex: - description: The index of the end key in indexed_keys. - type: integer - format: int32 - keysCount: - description: The number of keys this range covers. + Required for the CreateBackup operation. Name of the database from + which this backup was created. This needs to be in the same instance + as the backup. Values are of the form + `projects//instances//databases/`. type: string + exclusiveSizeBytes: format: int64 - metric: - description: The name of the metric. e.g. "latency". - $ref: '#/components/schemas/LocalizedString' - value: - description: The value of the metric. - type: number - format: float - unit: description: >- - The unit of the metric. This is an unstructured field and will be - mapped as is to the user. - $ref: '#/components/schemas/LocalizedString' - info: - description: Information about this key range, for all metrics. - $ref: '#/components/schemas/LocalizedString' - contextValues: - description: The list of context values for this key range. - type: array + Output only. For a backup in an incremental backup chain, this is + the storage space needed to keep the data that has changed since the + previous backup. For all other backups, this is always the size of + the backup. This value may change if backups on the same chain get + deleted or expired. This field can be used to calculate the total + storage space used by a set of backups. For example, the total space + used by all backups of a database can be computed by summing up this + field. + readOnly: true + type: string + oldestVersionTime: + type: string + readOnly: true + description: >- + Output only. Data deleted at a time older than this is guaranteed + not to be retained in order to support this backup. For a backup in + an incremental backup chain, this is the version time of the oldest + backup that exists or ever existed in the chain. For all other + backups, this is the version time of the backup. This field can be + used to understand what data is being retained by the backup system. + format: google-datetime + referencingDatabases: + readOnly: true items: - $ref: '#/components/schemas/ContextValue' - timeOffset: + type: string description: >- - The time offset. This is the time since the start of the time - interval. - type: string - format: google-duration - ContextValue: - id: ContextValue - description: >- - A message representing context for a KeyRangeInfo, including a label, - value, unit, and severity. - type: object - properties: - label: - description: The label for the context value. e.g. "latency". - $ref: '#/components/schemas/LocalizedString' - value: - description: The value for the context. - type: number - format: float - unit: - description: The unit of the context value. + Output only. The names of the restored databases that reference the + backup. The database names are of the form + `projects//instances//databases/`. Referencing databases may exist + in different instances. The existence of any referencing database + prevents the backup from being deleted. When a restored database + from the backup enters the `READY` state, the reference to the + backup is removed. + type: array + sizeBytes: + format: int64 type: string - severity: - description: The severity of this context. + readOnly: true + description: >- + Output only. Size of the backup in bytes. For a backup in an + incremental backup chain, this is the sum of the + `exclusive_size_bytes` of itself and all older backups in the chain. + maxExpireTime: + format: google-datetime type: string - enumDescriptions: - - Required default value. - - Lowest severity level "Info". - - Middle severity level "Warning". - - Severity level signaling an error "Error" - - Severity level signaling a non recoverable error "Fatal" - enum: - - SEVERITY_UNSPECIFIED - - INFO - - WARNING - - ERROR - - FATAL - DiagnosticMessage: - id: DiagnosticMessage - description: A message representing the key visualizer diagnostic messages. - type: object - properties: - severity: - description: The severity of the diagnostic message. + description: >- + Output only. The max allowed expiration time of the backup, with + microseconds granularity. A backup's expiration time can be + configured in multiple APIs: CreateBackup, UpdateBackup, CopyBackup. + When updating or copying an existing backup, the expiration time + specified must be less than `Backup.max_expire_time`. + readOnly: true + versionTime: + format: google-datetime type: string - enumDescriptions: - - Required default value. - - Lowest severity level "Info". - - Middle severity level "Warning". - - Severity level signaling an error "Error" - - Severity level signaling a non recoverable error "Fatal" - enum: - - SEVERITY_UNSPECIFIED - - INFO - - WARNING - - ERROR - - FATAL - metric: - description: The metric. - $ref: '#/components/schemas/LocalizedString' - shortMessage: - description: The short message. - $ref: '#/components/schemas/LocalizedString' - info: - description: Information about this diagnostic information. - $ref: '#/components/schemas/LocalizedString' - metricSpecific: description: >- - Whether this message is specific only for the current metric. By - default Diagnostics are shown for all metrics, regardless which - metric is the currently selected metric in the UI. However - occasionally a metric will generate so many messages that the - resulting visual clutter becomes overwhelming. In this case setting - this to true, will show the diagnostic messages for that metric only - if it is the currently selected metric. - type: boolean - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object - properties: - operations: + The backup will contain an externally consistent copy of the + database at the timestamp specified by `version_time`. If + `version_time` is not specified, the system will set `version_time` + to the `create_time` of the backup. + referencingBackups: + items: + type: string description: >- - A list of operations that matches the specified filter in the - request. + Output only. The names of the destination backups being created by + copying this source backup. The backup names are of the form + `projects//instances//backups/`. Referencing backups may exist in + different instances. The existence of any referencing backup + prevents the backup from being deleted. When the copy operation is + done (either successfully completed or cancelled or the destination + backup is deleted), the reference to the backup is removed. + type: array + readOnly: true + encryptionInfo: + $ref: '#/components/schemas/EncryptionInfo' + readOnly: true + description: Output only. The encryption information for the backup. + instancePartitions: + readOnly: true type: array items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + $ref: '#/components/schemas/BackupInstancePartition' + description: >- + Output only. The instance partition storing the backup. This is the + same as the list of the instance partitions that the database + recorded at the backup's `version_time`. + freeableSizeBytes: + readOnly: true + description: >- + Output only. The number of bytes that will be freed by deleting this + backup. This value will be zero if, for example, this backup is part + of an incremental backup chain and younger backups in the chain + require that we keep its data. For backups not in an incremental + backup chain, this is always the size of the backup. This value may + change if backups on the same chain get created, deleted or expired. type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: + format: int64 + encryptionInformation: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + Output only. The encryption information for the backup, whether it + is protected by one or more KMS keys. The information includes all + Cloud KMS key versions used to encrypt the backup. The + `encryption_status` field inside of each `EncryptionInfo` is not + populated. At least one of the key versions must be available for + the backup to be restored. If a key version is revoked in the middle + of a restore, the restore behavior is undefined. + readOnly: true + type: array + items: + $ref: '#/components/schemas/EncryptionInfo' + backupSchedules: + items: + type: string + description: >- + Output only. List of backup schedule URIs that are associated with + creating this backup. This is only applicable for scheduled backups, + and is empty for on-demand backups. To optimize for storage, + whenever possible, multiple schedules are collapsed together to + create one backup. In such cases, this field captures the list of + all backup schedule URIs that are associated with creating this + backup. If collapsing is not done, then this field captures the + single backup schedule URI associated with creating this backup. + type: array + readOnly: true + databaseDialect: + enumDescriptions: + - >- + Default value. This value will create a database with the + GOOGLE_STANDARD_SQL dialect. + - GoogleSQL supported SQL. + - PostgreSQL supported SQL. + description: Output only. The database dialect information for the backup. + enum: + - DATABASE_DIALECT_UNSPECIFIED + - GOOGLE_STANDARD_SQL + - POSTGRESQL + readOnly: true type: string - metadata: + expireTime: description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + Required for the CreateBackup operation. The expiration time of the + backup, with microseconds granularity that must be at least 6 hours + and at most 366 days from the time the CreateBackup request is + processed. Once the `expire_time` has passed, the backup is eligible + to be automatically deleted by Cloud Spanner to free the resources + used by the backup. + type: string + format: google-datetime + incrementalBackupChainId: + readOnly: true description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + Output only. Populated only for backups in an incremental backup + chain. Backups share the same chain id if and only if they belong to + the same incremental backup chain. Use this field to determine which + backups are part of the same incremental backup chain. The ordering + of backups in the chain can be determined by ordering the backup + `version_time`. + type: string + createTime: + type: string + format: google-datetime + readOnly: true description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + Output only. The time the CreateBackup request is received. If the + request does not specify `version_time`, the `version_time` of the + backup will be equivalent to the `create_time`. + name: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status + Output only for the CreateBackup operation. Required for the + UpdateBackup operation. A globally unique identifier for the backup + which cannot be changed. Values are of the form + `projects//instances//backups/a-z*[a-z0-9]` The final segment of the + name must be between 2 and 60 characters in length. The backup is + stored in the location(s) specified in the instance configuration of + the instance containing the backup, identified by the prefix of the + backup name of the form `projects//instances/`. + type: string + id: Backup + ModValue: + id: ModValue description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + Returns the value and associated metadata for a particular field of the + Mod. type: object properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. + value: + type: any + description: The value of the column. + columnMetadataIndex: + description: >- + Index within the repeated column_metadata field, to obtain the + column metadata for the column that was modified. type: integer format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: + ResultSetMetadata: + type: object + description: Metadata about a ResultSet or PartialResultSet. + id: ResultSetMetadata + properties: + undeclaredParameters: + $ref: '#/components/schemas/StructType' description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - AdapterSession: - id: AdapterSession - description: A session in the Cloud Spanner Adapter API. + A SQL query can be parameterized. In PLAN mode, these parameters can + be undeclared. This indicates the field names and types for those + undeclared parameters in the SQL query. For example, a SQL query + like `"SELECT * FROM Users where UserId = @userId and UserName = + @userName "` could return a `undeclared_parameters` value like: + "fields": [ { "name": "UserId", "type": { "code": "INT64" } }, { + "name": "UserName", "type": { "code": "STRING" } }, ] + rowType: + description: >- + Indicates the field names and types for the rows in the result set. + For example, a SQL query like `"SELECT UserId, UserName FROM Users"` + could return a `row_type` value like: "fields": [ { "name": + "UserId", "type": { "code": "INT64" } }, { "name": "UserName", + "type": { "code": "STRING" } }, ] + $ref: '#/components/schemas/StructType' + transaction: + $ref: '#/components/schemas/Transaction' + description: >- + If the read or SQL query began a transaction as a side-effect, the + information about the new transaction is yielded here. + SplitPoints: type: object properties: - name: - description: Identifier. The name of the session. This is always system-assigned. + keys: + description: Required. The list of split keys. In essence, the split boundaries. + items: + $ref: '#/components/schemas/Key' + type: array + table: + description: The table to split. type: string - AdaptMessageRequest: - id: AdaptMessageRequest - description: Message sent by the client to the adapter. - type: object - properties: - protocol: - description: Required. Identifier for the underlying wire protocol. + index: type: string - payload: - description: Optional. Uninterpreted bytes from the underlying wire protocol. + description: >- + The index to split. If specified, the `table` field must refer to + the index's base table. + expireTime: + description: >- + Optional. The expiration timestamp of the split points. A timestamp + in the past means immediate expiration. The maximum value can be 30 + days in the future. Defaults to 10 days in the future if not + specified. + format: google-datetime type: string - format: byte - attachments: - description: Optional. Opaque request state passed by the client to the server. - type: object - additionalProperties: - type: string - AdaptMessageResponse: - id: AdaptMessageResponse - description: Message sent by the adapter to the client. + description: The split points of a table or an index. + id: SplitPoints + BatchWriteResponse: + description: The result of applying a batch of mutations. + id: BatchWriteResponse type: object properties: - payload: - description: Optional. Uninterpreted bytes from the underlying wire protocol. + indexes: + type: array + description: >- + The mutation groups applied in this batch. The values index into the + `mutation_groups` field in the corresponding `BatchWriteRequest`. + items: + format: int32 + type: integer + commitTimestamp: type: string - format: byte - stateUpdates: - description: Optional. Opaque state updates to be applied by the client. - type: object - additionalProperties: - type: string - ListInstanceConfigsResponse: - id: ListInstanceConfigsResponse - description: The response for ListInstanceConfigs. - type: object + format: google-datetime + description: >- + The commit timestamp of the transaction that applied this batch. + Present if `status` is `OK`, absent otherwise. + status: + $ref: '#/components/schemas/Status' + description: >- + An `OK` status indicates success. Any other status indicates a + failure. + ListBackupSchedulesResponse: properties: - instanceConfigs: - description: The list of requested instance configurations. - type: array + backupSchedules: items: - $ref: '#/components/schemas/InstanceConfig' + $ref: '#/components/schemas/BackupSchedule' + type: array + description: The list of backup schedules for a database. nextPageToken: - description: >- - `next_page_token` can be sent in a subsequent ListInstanceConfigs - call to fetch more of the matching instance configurations. type: string - InstanceConfig: - id: InstanceConfig - description: >- - A possible configuration for a Cloud Spanner instance. Configurations - define the geographic placement of nodes and their replication. + description: >- + `next_page_token` can be sent in a subsequent ListBackupSchedules + call to fetch more of the schedules. + description: The response for ListBackupSchedules. + id: ListBackupSchedulesResponse type: object + GetIamPolicyRequest: properties: - name: + options: + $ref: '#/components/schemas/GetPolicyOptions' description: >- - A unique identifier for the instance configuration. Values are of - the form `projects//instanceConfigs/a-z*`. User instance - configuration must start with `custom-`. - type: string - displayName: - description: The name of this instance configuration as it appears in UIs. - type: string - configType: + OPTIONAL: A `GetPolicyOptions` object for specifying options to + `GetIamPolicy`. + id: GetIamPolicyRequest + description: Request message for `GetIamPolicy` method. + type: object + PartitionReadRequest: + description: The request for PartitionRead + id: PartitionReadRequest + properties: + transaction: + $ref: '#/components/schemas/TransactionSelector' description: >- - Output only. Whether this instance configuration is a Google-managed - or user-managed configuration. - readOnly: true + Read only snapshot transactions are supported, read/write and single + use transactions are not. + index: + description: >- + If non-empty, the name of an index on table. This index is used + instead of the table primary key when interpreting key_set and + sorting result rows. See key_set for further information. type: string - enumDescriptions: - - Unspecified. - - Google-managed configuration. - - User-managed configuration. - enum: - - TYPE_UNSPECIFIED - - GOOGLE_MANAGED - - USER_MANAGED - replicas: + partitionOptions: + $ref: '#/components/schemas/PartitionOptions' + description: Additional options that affect how many partitions are created. + table: + description: Required. The name of the table in the database to be read. + type: string + columns: description: >- - The geographic placement of nodes in this instance configuration and - their replication properties. To create user-managed configurations, - input `replicas` must include all replicas in `replicas` of the - `base_config` and include one or more replicas in the - `optional_replicas` of the `base_config`. + The columns of table to be returned for each row matching this + request. type: array items: - $ref: '#/components/schemas/ReplicaInfo' - optionalReplicas: + type: string + keySet: + $ref: '#/components/schemas/KeySet' description: >- - Output only. The available optional replicas to choose from for - user-managed configurations. Populated for Google-managed - configurations. - readOnly: true + Required. `key_set` identifies the rows to be yielded. `key_set` + names the primary keys of the rows in table to be yielded, unless + index is present. If index is present, then key_set instead names + index keys in index. It isn't an error for the `key_set` to name + rows that don't exist in the database. Read yields nothing for + nonexistent rows. + type: object + MetricMatrixRow: + type: object + id: MetricMatrixRow + properties: + cols: + description: The columns of the row. type: array items: - $ref: '#/components/schemas/ReplicaInfo' - baseConfig: + format: float + type: number + description: A message representing a row of a matrix of floats. + CreateInstanceConfigMetadata: + description: Metadata type for the operation returned by CreateInstanceConfig. + id: CreateInstanceConfigMetadata + type: object + properties: + progress: + description: The progress of the CreateInstanceConfig operation. + $ref: '#/components/schemas/InstanceOperationProgress' + cancelTime: + description: The time at which this operation was cancelled. + type: string + format: google-datetime + instanceConfig: + description: The target instance configuration end state. + $ref: '#/components/schemas/InstanceConfig' + DatabaseMoveConfig: + properties: + databaseId: description: >- - Base configuration name, e.g. projects//instanceConfigs/nam3, based - on which this configuration is created. Only set for user-managed - configurations. `base_config` must refer to a configuration of type - `GOOGLE_MANAGED` in the same project as this configuration. + Required. The unique identifier of the database resource in the + Instance. For example, if the database uri is + `projects/foo/instances/bar/databases/baz`, then the id to supply + here is baz. type: string - labels: + encryptionConfig: description: >- - Cloud Labels are a flexible and lightweight mechanism for organizing - cloud resources into groups that reflect a customer's organizational - needs and deployment strategies. Cloud Labels can be used to filter - collections of resources. They can be used to control how resource - metrics are aggregated. And they can be used as arguments to policy - management rules (e.g. route, firewall, load balancing, etc.). * - Label keys must be between 1 and 63 characters long and must conform - to the following regular expression: `a-z{0,62}`. * Label values - must be between 0 and 63 characters long and must conform to the - regular expression `[a-z0-9_-]{0,63}`. * No more than 64 labels can - be associated with a given resource. See https://goo.gl/xmQnxf for - more information on and examples of labels. If you plan to use - labels in your own code, please note that additional characters may - be allowed in the future. Therefore, you are advised to use an - internal label representation, such as JSON, which doesn't rely upon - specific characters being disallowed. For example, representing - labels as the string: name + "_" + value would prove problematic if - we were to allow "_" in a future release. - type: object - additionalProperties: - type: string - etag: - description: >- - etag is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a instance configuration from - overwriting each other. It is strongly suggested that systems make - use of the etag in the read-modify-write cycle to perform instance - configuration updates in order to avoid race conditions: An etag is - returned in the response which contains instance configurations, and - systems are expected to put that etag in the request to update - instance configuration to ensure that their change is applied to the - same version of the instance configuration. If no etag is provided - in the call to update the instance configuration, then the existing - instance configuration is overwritten blindly. - type: string - leaderOptions: - description: >- - Allowed values of the "default_leader" schema option for databases - in instances that use this instance configuration. - type: array - items: - type: string - reconciling: - description: >- - Output only. If true, the instance configuration is being created or - updated. If false, there are no ongoing operations for the instance - configuration. - readOnly: true - type: boolean - state: - description: >- - Output only. The current instance configuration state. Applicable - only for `USER_MANAGED` configurations. - readOnly: true - type: string - enumDescriptions: - - Not specified. - - The instance configuration is still being created. - - >- - The instance configuration is fully created and ready to be used - to create instances. - enum: - - STATE_UNSPECIFIED - - CREATING - - READY - freeInstanceAvailability: - description: >- - Output only. Describes whether free instances are available to be - created in this instance configuration. - readOnly: true - type: string - enumDescriptions: - - Not specified. - - >- - Indicates that free instances are available to be created in this - instance configuration. - - >- - Indicates that free instances are not supported in this instance - configuration. - - >- - Indicates that free instances are currently not available to be - created in this instance configuration. - - >- - Indicates that additional free instances cannot be created in this - instance configuration because the project has reached its limit - of free instances. - enum: - - FREE_INSTANCE_AVAILABILITY_UNSPECIFIED - - AVAILABLE - - UNSUPPORTED - - DISABLED - - QUOTA_EXCEEDED - quorumType: - description: Output only. The `QuorumType` of the instance configuration. - readOnly: true - type: string - enumDescriptions: - - Quorum type not specified. - - >- - An instance configuration tagged with `REGION` quorum type forms a - write quorum in a single region. - - >- - An instance configuration tagged with the `DUAL_REGION` quorum - type forms a write quorum with exactly two read-write regions in a - multi-region configuration. This instance configuration requires - failover in the event of regional failures. - - >- - An instance configuration tagged with the `MULTI_REGION` quorum - type forms a write quorum from replicas that are spread across - more than one region in a multi-region configuration. - enum: - - QUORUM_TYPE_UNSPECIFIED - - REGION - - DUAL_REGION - - MULTI_REGION - storageLimitPerProcessingUnit: - description: Output only. The storage limit in bytes per processing unit. - readOnly: true - type: string - format: int64 - ReplicaInfo: - id: ReplicaInfo - type: object - properties: - location: - description: The location of the serving resources, e.g., "us-central1". - type: string - type: - description: The type of replica. - type: string - enumDescriptions: - - Not specified. - - >- - Read-write replicas support both reads and writes. These replicas: - * Maintain a full copy of your data. * Serve reads. * Can vote - whether to commit a write. * Participate in leadership election. * - Are eligible to become a leader. - - >- - Read-only replicas only support reads (not writes). Read-only - replicas: * Maintain a full copy of your data. * Serve reads. * Do - not participate in voting to commit writes. * Are not eligible to - become a leader. - - >- - Witness replicas don't support reads but do participate in voting - to commit writes. Witness replicas: * Do not maintain a full copy - of data. * Do not serve reads. * Vote whether to commit writes. * - Participate in leader election but are not eligible to become - leader. - enum: - - TYPE_UNSPECIFIED - - READ_WRITE - - READ_ONLY - - WITNESS - defaultLeaderLocation: - description: >- - If true, this location is designated as the default leader location - where leader replicas are placed. See the [region types - documentation](https://cloud.google.com/spanner/docs/instances#region_types) - for more details. - type: boolean - CreateInstanceConfigRequest: - id: CreateInstanceConfigRequest - description: The request for CreateInstanceConfig. - type: object - properties: - instanceConfigId: - description: >- - Required. The ID of the instance configuration to create. Valid - identifiers are of the form `custom-[-a-z0-9]*[a-z0-9]` and must be - between 2 and 64 characters in length. The `custom-` prefix is - required to avoid name conflicts with Google-managed configurations. - type: string - instanceConfig: - description: >- - Required. The `InstanceConfig` proto of the configuration to create. - `instance_config.name` must be `/instanceConfigs/`. - `instance_config.base_config` must be a Google-managed configuration - name, e.g. /instanceConfigs/us-east1, /instanceConfigs/nam3. - $ref: '#/components/schemas/InstanceConfig' - validateOnly: - description: >- - An option to validate, but not actually execute, a request, and - provide the same response. - type: boolean - UpdateInstanceConfigRequest: - id: UpdateInstanceConfigRequest - description: The request for UpdateInstanceConfig. - type: object - properties: - instanceConfig: - description: >- - Required. The user instance configuration to update, which must - always include the instance configuration name. Otherwise, only - fields mentioned in update_mask need be included. To prevent - conflicts of concurrent updates, etag can be used. - $ref: '#/components/schemas/InstanceConfig' - updateMask: - description: >- - Required. A mask specifying which fields in InstanceConfig should be - updated. The field mask must always be specified; this prevents any - future fields in InstanceConfig from being erased accidentally by - clients that do not know about them. Only display_name and labels - can be updated. - type: string - format: google-fieldmask - validateOnly: - description: >- - An option to validate, but not actually execute, a request, and - provide the same response. - type: boolean - ListInstanceConfigOperationsResponse: - id: ListInstanceConfigOperationsResponse - description: The response for ListInstanceConfigOperations. - type: object - properties: - operations: - description: >- - The list of matching instance configuration long-running operations. - Each operation's name will be prefixed by the name of the instance - configuration. The operation's metadata field type - `metadata.type_url` describes the type of the metadata. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: >- - `next_page_token` can be sent in a subsequent - ListInstanceConfigOperations call to fetch more of the matching - metadata. - type: string - ListInstancesResponse: - id: ListInstancesResponse - description: The response for ListInstances. - type: object - properties: - instances: - description: The list of requested instances. - type: array - items: - $ref: '#/components/schemas/Instance' - nextPageToken: - description: >- - `next_page_token` can be sent in a subsequent ListInstances call to - fetch more of the matching instances. - type: string - unreachable: - description: >- - The list of unreachable instances. It includes the names of - instances whose metadata could not be retrieved within - instance_deadline. - type: array - items: - type: string - Instance: - id: Instance - description: >- - An isolated set of Cloud Spanner resources on which databases can be - hosted. - type: object - properties: - name: - description: >- - Required. A unique identifier for the instance, which cannot be - changed after the instance is created. Values are of the form - `projects//instances/a-z*[a-z0-9]`. The final segment of the name - must be between 2 and 64 characters in length. - type: string - config: - description: >- - Required. The name of the instance's configuration. Values are of - the form `projects//instanceConfigs/`. See also InstanceConfig and - ListInstanceConfigs. - type: string - displayName: - description: >- - Required. The descriptive name for this instance as it appears in - UIs. Must be unique per project and between 4 and 30 characters in - length. - type: string - nodeCount: - description: >- - The number of nodes allocated to this instance. At most, one of - either `node_count` or `processing_units` should be present in the - message. Users can set the `node_count` field to specify the target - number of nodes allocated to the instance. If autoscaling is - enabled, `node_count` is treated as an `OUTPUT_ONLY` field and - reflects the current number of nodes allocated to the instance. This - might be zero in API responses for instances that are not yet in the - `READY` state. If the instance has varying node count across - replicas (achieved by setting `asymmetric_autoscaling_options` in - the autoscaling configuration), the `node_count` set here is the - maximum node count across all replicas. For more information, see - [Compute capacity, nodes, and processing - units](https://cloud.google.com/spanner/docs/compute-capacity). - type: integer - format: int32 - processingUnits: - description: >- - The number of processing units allocated to this instance. At most, - one of either `processing_units` or `node_count` should be present - in the message. Users can set the `processing_units` field to - specify the target number of processing units allocated to the - instance. If autoscaling is enabled, `processing_units` is treated - as an `OUTPUT_ONLY` field and reflects the current number of - processing units allocated to the instance. This might be zero in - API responses for instances that are not yet in the `READY` state. - If the instance has varying processing units per replica (achieved - by setting `asymmetric_autoscaling_options` in the autoscaling - configuration), the `processing_units` set here is the maximum - processing units across all replicas. For more information, see - [Compute capacity, nodes and processing - units](https://cloud.google.com/spanner/docs/compute-capacity). - type: integer - format: int32 - replicaComputeCapacity: - description: >- - Output only. Lists the compute capacity per ReplicaSelection. A - replica selection identifies a set of replicas with common - properties. Replicas identified by a ReplicaSelection are scaled - with the same compute capacity. - readOnly: true - type: array - items: - $ref: '#/components/schemas/ReplicaComputeCapacity' - autoscalingConfig: - description: >- - Optional. The autoscaling configuration. Autoscaling is enabled if - this field is set. When autoscaling is enabled, node_count and - processing_units are treated as OUTPUT_ONLY fields and reflect the - current compute capacity allocated to the instance. - $ref: '#/components/schemas/AutoscalingConfig' - state: - description: >- - Output only. The current instance state. For CreateInstance, the - state must be either omitted or set to `CREATING`. For - UpdateInstance, the state must be either omitted or set to `READY`. - readOnly: true - type: string - enumDescriptions: - - Not specified. - - >- - The instance is still being created. Resources may not be - available yet, and operations such as database creation may not - work. - - >- - The instance is fully created and ready to do work such as - creating databases. - enum: - - STATE_UNSPECIFIED - - CREATING - - READY - labels: - description: >- - Cloud Labels are a flexible and lightweight mechanism for organizing - cloud resources into groups that reflect a customer's organizational - needs and deployment strategies. Cloud Labels can be used to filter - collections of resources. They can be used to control how resource - metrics are aggregated. And they can be used as arguments to policy - management rules (e.g. route, firewall, load balancing, etc.). * - Label keys must be between 1 and 63 characters long and must conform - to the following regular expression: `a-z{0,62}`. * Label values - must be between 0 and 63 characters long and must conform to the - regular expression `[a-z0-9_-]{0,63}`. * No more than 64 labels can - be associated with a given resource. See https://goo.gl/xmQnxf for - more information on and examples of labels. If you plan to use - labels in your own code, please note that additional characters may - be allowed in the future. And so you are advised to use an internal - label representation, such as JSON, which doesn't rely upon specific - characters being disallowed. For example, representing labels as the - string: name + "_" + value would prove problematic if we were to - allow "_" in a future release. - type: object - additionalProperties: - type: string - instanceType: - description: The `InstanceType` of the current instance. - type: string - enumDescriptions: - - Not specified. - - >- - Provisioned instances have dedicated resources, standard usage - limits and support. - - >- - Free instances provide no guarantee for dedicated resources, - [node_count, processing_units] should be 0. They come with - stricter usage limits and limited support. - enum: - - INSTANCE_TYPE_UNSPECIFIED - - PROVISIONED - - FREE_INSTANCE - endpointUris: - description: Deprecated. This field is not populated. - type: array - items: - type: string - createTime: - description: Output only. The time at which the instance was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. The time at which the instance was most recently - updated. - readOnly: true - type: string - format: google-datetime - freeInstanceMetadata: - description: Free instance metadata. Only populated for free instances. - $ref: '#/components/schemas/FreeInstanceMetadata' - edition: - description: Optional. The `Edition` of the current instance. - type: string - enumDescriptions: - - Edition not specified. - - Standard edition. - - Enterprise edition. - - Enterprise Plus edition. - enum: - - EDITION_UNSPECIFIED - - STANDARD - - ENTERPRISE - - ENTERPRISE_PLUS - defaultBackupScheduleType: - description: >- - Optional. Controls the default backup schedule behavior for new - databases within the instance. By default, a backup schedule is - created automatically when a new database is created in a new - instance. Note that the `AUTOMATIC` value isn't permitted for free - instances, as backups and backup schedules aren't supported for free - instances. In the `GetInstance` or `ListInstances` response, if the - value of `default_backup_schedule_type` isn't set, or set to `NONE`, - Spanner doesn't create a default backup schedule for new databases - in the instance. - type: string - enumDescriptions: - - Not specified. - - >- - A default backup schedule isn't created automatically when a new - database is created in the instance. - - >- - A default backup schedule is created automatically when a new - database is created in the instance. The default backup schedule - creates a full backup every 24 hours. These full backups are - retained for 7 days. You can edit or delete the default backup - schedule once it's created. - enum: - - DEFAULT_BACKUP_SCHEDULE_TYPE_UNSPECIFIED - - NONE - - AUTOMATIC - ReplicaComputeCapacity: - id: ReplicaComputeCapacity - description: >- - ReplicaComputeCapacity describes the amount of server resources that are - allocated to each replica identified by the replica selection. - type: object - properties: - replicaSelection: - description: >- - Required. Identifies replicas by specified properties. All replicas - in the selection have the same amount of compute capacity. - $ref: '#/components/schemas/InstanceReplicaSelection' - nodeCount: - description: >- - The number of nodes allocated to each replica. This may be zero in - API responses for instances that are not yet in state `READY`. - type: integer - format: int32 - processingUnits: - description: >- - The number of processing units allocated to each replica. This may - be zero in API responses for instances that are not yet in state - `READY`. - type: integer - format: int32 - InstanceReplicaSelection: - id: InstanceReplicaSelection - description: ReplicaSelection identifies replicas with common properties. - type: object - properties: - location: - description: >- - Required. Name of the location of the replicas (e.g., - "us-central1"). - type: string - AutoscalingConfig: - id: AutoscalingConfig - description: Autoscaling configuration for an instance. - type: object - properties: - autoscalingLimits: - description: Required. Autoscaling limits for an instance. - $ref: '#/components/schemas/AutoscalingLimits' - autoscalingTargets: - description: Required. The autoscaling targets for an instance. - $ref: '#/components/schemas/AutoscalingTargets' - asymmetricAutoscalingOptions: - description: >- - Optional. Optional asymmetric autoscaling options. Replicas matching - the replica selection criteria will be autoscaled independently from - other replicas. The autoscaler will scale the replicas based on the - utilization of replicas identified by the replica selection. Replica - selections should not overlap with each other. Other replicas (those - do not match any replica selection) will be autoscaled together and - will have the same compute capacity allocated to them. - type: array - items: - $ref: '#/components/schemas/AsymmetricAutoscalingOption' - AutoscalingLimits: - id: AutoscalingLimits - description: >- - The autoscaling limits for the instance. Users can define the minimum - and maximum compute capacity allocated to the instance, and the - autoscaler will only scale within that range. Users can either use nodes - or processing units to specify the limits, but should use the same unit - to set both the min_limit and max_limit. - type: object - properties: - minNodes: - description: >- - Minimum number of nodes allocated to the instance. If set, this - number should be greater than or equal to 1. - type: integer - format: int32 - minProcessingUnits: - description: >- - Minimum number of processing units allocated to the instance. If - set, this number should be multiples of 1000. - type: integer - format: int32 - maxNodes: - description: >- - Maximum number of nodes allocated to the instance. If set, this - number should be greater than or equal to min_nodes. - type: integer - format: int32 - maxProcessingUnits: - description: >- - Maximum number of processing units allocated to the instance. If - set, this number should be multiples of 1000 and be greater than or - equal to min_processing_units. - type: integer - format: int32 - AutoscalingTargets: - id: AutoscalingTargets - description: The autoscaling targets for an instance. - type: object - properties: - highPriorityCpuUtilizationPercent: - description: >- - Required. The target high priority cpu utilization percentage that - the autoscaler should be trying to achieve for the instance. This - number is on a scale from 0 (no utilization) to 100 (full - utilization). The valid range is [10, 90] inclusive. - type: integer - format: int32 - storageUtilizationPercent: - description: >- - Required. The target storage utilization percentage that the - autoscaler should be trying to achieve for the instance. This number - is on a scale from 0 (no utilization) to 100 (full utilization). The - valid range is [10, 99] inclusive. - type: integer - format: int32 - AsymmetricAutoscalingOption: - id: AsymmetricAutoscalingOption - description: >- - AsymmetricAutoscalingOption specifies the scaling of replicas identified - by the given selection. - type: object - properties: - replicaSelection: - description: >- - Required. Selects the replicas to which this - AsymmetricAutoscalingOption applies. Only read-only replicas are - supported. - $ref: '#/components/schemas/InstanceReplicaSelection' - overrides: - description: >- - Optional. Overrides applied to the top-level autoscaling - configuration for the selected replicas. - $ref: '#/components/schemas/AutoscalingConfigOverrides' - AutoscalingConfigOverrides: - id: AutoscalingConfigOverrides - description: >- - Overrides the top-level autoscaling configuration for the replicas - identified by `replica_selection`. All fields in this message are - optional. Any unspecified fields will use the corresponding values from - the top-level autoscaling configuration. - type: object - properties: - autoscalingLimits: - description: >- - Optional. If specified, overrides the min/max limit in the top-level - autoscaling configuration for the selected replicas. - $ref: '#/components/schemas/AutoscalingLimits' - autoscalingTargetHighPriorityCpuUtilizationPercent: - description: >- - Optional. If specified, overrides the autoscaling target - high_priority_cpu_utilization_percent in the top-level autoscaling - configuration for the selected replicas. - type: integer - format: int32 - FreeInstanceMetadata: - id: FreeInstanceMetadata - description: >- - Free instance specific metadata that is kept even after an instance has - been upgraded for tracking purposes. - type: object - properties: - expireTime: - description: >- - Output only. Timestamp after which the instance will either be - upgraded or scheduled for deletion after a grace period. - ExpireBehavior is used to choose between upgrading or scheduling the - free instance for deletion. This timestamp is set during the - creation of a free instance. - readOnly: true - type: string - format: google-datetime - upgradeTime: - description: >- - Output only. If present, the timestamp at which the free instance - was upgraded to a provisioned instance. - readOnly: true - type: string - format: google-datetime - expireBehavior: - description: >- - Specifies the expiration behavior of a free instance. The default of - ExpireBehavior is `REMOVE_AFTER_GRACE_PERIOD`. This can be modified - during or after creation, and before expiration. - type: string - enumDescriptions: - - Not specified. - - >- - When the free instance expires, upgrade the instance to a - provisioned instance. - - >- - When the free instance expires, disable the instance, and delete - it after the grace period passes if it has not been upgraded. - enum: - - EXPIRE_BEHAVIOR_UNSPECIFIED - - FREE_TO_PROVISIONED - - REMOVE_AFTER_GRACE_PERIOD - ListInstancePartitionsResponse: - id: ListInstancePartitionsResponse - description: The response for ListInstancePartitions. - type: object - properties: - instancePartitions: - description: The list of requested instancePartitions. - type: array - items: - $ref: '#/components/schemas/InstancePartition' - nextPageToken: - description: >- - `next_page_token` can be sent in a subsequent ListInstancePartitions - call to fetch more of the matching instance partitions. - type: string - unreachable: - description: >- - The list of unreachable instances or instance partitions. It - includes the names of instances or instance partitions whose - metadata could not be retrieved within instance_partition_deadline. - type: array - items: - type: string - InstancePartition: - id: InstancePartition - description: >- - An isolated set of Cloud Spanner resources that databases can define - placements on. - type: object - properties: - name: - description: >- - Required. A unique identifier for the instance partition. Values are - of the form `projects//instances//instancePartitions/a-z*[a-z0-9]`. - The final segment of the name must be between 2 and 64 characters in - length. An instance partition's name cannot be changed after the - instance partition is created. - type: string - config: - description: >- - Required. The name of the instance partition's configuration. Values - are of the form `projects//instanceConfigs/`. See also - InstanceConfig and ListInstanceConfigs. - type: string - displayName: - description: >- - Required. The descriptive name for this instance partition as it - appears in UIs. Must be unique per project and between 4 and 30 - characters in length. - type: string - nodeCount: - description: >- - The number of nodes allocated to this instance partition. Users can - set the `node_count` field to specify the target number of nodes - allocated to the instance partition. This may be zero in API - responses for instance partitions that are not yet in state `READY`. - type: integer - format: int32 - processingUnits: - description: >- - The number of processing units allocated to this instance partition. - Users can set the `processing_units` field to specify the target - number of processing units allocated to the instance partition. This - might be zero in API responses for instance partitions that are not - yet in the `READY` state. - type: integer - format: int32 - state: - description: Output only. The current instance partition state. - readOnly: true - type: string - enumDescriptions: - - Not specified. - - >- - The instance partition is still being created. Resources may not - be available yet, and operations such as creating placements using - this instance partition may not work. - - >- - The instance partition is fully created and ready to do work such - as creating placements and using in databases. - enum: - - STATE_UNSPECIFIED - - CREATING - - READY - createTime: - description: Output only. The time at which the instance partition was created. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. The time at which the instance partition was most - recently updated. - readOnly: true - type: string - format: google-datetime - referencingDatabases: - description: >- - Output only. The names of the databases that reference this instance - partition. Referencing databases should share the parent instance. - The existence of any referencing database prevents the instance - partition from being deleted. - readOnly: true - type: array - items: - type: string - referencingBackups: - description: >- - Output only. Deprecated: This field is not populated. Output only. - The names of the backups that reference this instance partition. - Referencing backups should share the parent instance. The existence - of any referencing backup prevents the instance partition from being - deleted. - readOnly: true - deprecated: true - type: array - items: - type: string - etag: - description: >- - Used for optimistic concurrency control as a way to help prevent - simultaneous updates of a instance partition from overwriting each - other. It is strongly suggested that systems make use of the etag in - the read-modify-write cycle to perform instance partition updates in - order to avoid race conditions: An etag is returned in the response - which contains instance partitions, and systems are expected to put - that etag in the request to update instance partitions to ensure - that their change will be applied to the same version of the - instance partition. If no etag is provided in the call to update - instance partition, then the existing instance partition is - overwritten blindly. - type: string - CreateInstanceRequest: - id: CreateInstanceRequest - description: The request for CreateInstance. + Optional. Encryption configuration to be used for the database in + the target configuration. The encryption configuration must be + specified for every database which currently uses CMEK encryption. + If a database currently uses Google-managed encryption and a target + encryption configuration is not specified, then the database + defaults to Google-managed encryption. If a database currently uses + Google-managed encryption and a target CMEK encryption is specified, + the request is rejected. If a database currently uses CMEK + encryption, then a target encryption configuration must be + specified. You can't move a CMEK database to a Google-managed + encryption database using the MoveInstance API. + $ref: '#/components/schemas/InstanceEncryptionConfig' + id: DatabaseMoveConfig type: object - properties: - instanceId: - description: >- - Required. The ID of the instance to create. Valid identifiers are of - the form `a-z*[a-z0-9]` and must be between 2 and 64 characters in - length. - type: string - instance: - description: >- - Required. The instance to create. The name may be omitted, but if - specified must be `/instances/`. - $ref: '#/components/schemas/Instance' - UpdateInstanceRequest: - id: UpdateInstanceRequest - description: The request for UpdateInstance. + description: >- + The configuration for each database in the target instance + configuration. + CopyBackupEncryptionConfig: type: object properties: - instance: - description: >- - Required. The instance to update, which must always include the - instance name. Otherwise, only fields mentioned in field_mask need - be included. - $ref: '#/components/schemas/Instance' - fieldMask: + kmsKeyName: description: >- - Required. A mask specifying which fields in Instance should be - updated. The field mask must always be specified; this prevents any - future fields in Instance from being erased accidentally by clients - that do not know about them. + Optional. This field is maintained for backwards compatibility. For + new callers, we recommend using `kms_key_names` to specify the KMS + key. Only use `kms_key_name` if the location of the KMS key matches + the database instance's configuration (location) exactly. For + example, if the KMS location is in `us-central1` or `nam3`, then the + database instance must also be in `us-central1` or `nam3`. The Cloud + KMS key that is used to encrypt and decrypt the restored database. + Set this field only when encryption_type is + `CUSTOMER_MANAGED_ENCRYPTION`. Values are of the form + `projects//locations//keyRings//cryptoKeys/`. type: string - format: google-fieldmask - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: + kmsKeyNames: + type: array description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' + Optional. Specifies the KMS configuration for the one or more keys + used to protect the backup. Values are of the form + `projects//locations//keyRings//cryptoKeys/`. KMS keys specified can + be in any order. The keys referenced by `kms_key_names` must fully + cover all regions of the backup's instance configuration. Some + examples: * For regional (single-region) instance configurations, + specify a regional location KMS key. * For multi-region instance + configurations of type `GOOGLE_MANAGED`, either specify a + multi-region location KMS key or multiple regional location KMS keys + that cover all regions in the instance configuration. * For an + instance configuration of type `USER_MANAGED`, specify only regional + location KMS keys to cover each region in the instance + configuration. Multi-region location KMS keys aren't supported for + `USER_MANAGED` type instance configurations. + items: + type: string + encryptionType: + description: Required. The encryption type of the backup. + enum: + - ENCRYPTION_TYPE_UNSPECIFIED + - USE_CONFIG_DEFAULT_OR_BACKUP_ENCRYPTION + - GOOGLE_DEFAULT_ENCRYPTION + - CUSTOMER_MANAGED_ENCRYPTION + type: string + enumDescriptions: + - Unspecified. Do not use. + - >- + This is the default option for CopyBackup when encryption_config + is not specified. For example, if the source backup is using + `Customer_Managed_Encryption`, the backup will be using the same + Cloud KMS key as the source backup. + - Use Google default encryption. + - >- + Use customer managed encryption. If specified, either + `kms_key_name` or `kms_key_names` must contain valid Cloud KMS + keys. + id: CopyBackupEncryptionConfig + description: Encryption configuration for the copied backup. Policy: - id: Policy description: >- An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of @@ -1568,28 +673,8 @@ components: timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). - type: object + id: Policy properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 bindings: description: >- Associates a list of `members`, or principals, with a `role`. @@ -1605,6 +690,8 @@ components: items: $ref: '#/components/schemas/Binding' etag: + type: string + format: byte description: >- `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each @@ -1618,221 +705,198 @@ components: `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. - type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + version: + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + type: integer + format: int32 + type: object + UpdateInstanceConfigRequest: type: object + id: UpdateInstanceConfigRequest + description: The request for UpdateInstanceConfig. properties: - role: + validateOnly: description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). - type: string - members: + An option to validate, but not actually execute, a request, and + provide the same response. + type: boolean + updateMask: description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. - type: array - items: - type: string - condition: + Required. A mask specifying which fields in InstanceConfig should be + updated. The field mask must always be specified; this prevents any + future fields in InstanceConfig from being erased accidentally by + clients that do not know about them. Only display_name and labels + can be updated. + type: string + format: google-fieldmask + instanceConfig: description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. + Required. The user instance configuration to update, which must + always include the instance configuration name. Otherwise, only + fields mentioned in update_mask need be included. To prevent + conflicts of concurrent updates, etag can be used. + $ref: '#/components/schemas/InstanceConfig' + CopyBackupRequest: + description: The request for CopyBackup. type: object + id: CopyBackupRequest properties: - expression: + backupId: description: >- - Textual representation of an expression in Common Expression - Language syntax. + Required. The id of the backup copy. The `backup_id` appended to + `parent` forms the full backup_uri of the form + `projects//instances//backups/`. type: string - title: - description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + sourceBackup: type: string - description: description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string - location: + Required. The source backup to be copied. The source backup needs to + be in READY state for it to be copied. Once CopyBackup is in + progress, the source backup cannot be deleted or cleaned up on + expiration until CopyBackup is finished. Values are of the form: + `projects//instances//backups/`. + encryptionConfig: + $ref: '#/components/schemas/CopyBackupEncryptionConfig' description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. - type: string - GetIamPolicyRequest: - id: GetIamPolicyRequest - description: Request message for `GetIamPolicy` method. - type: object - properties: - options: + Optional. The encryption configuration used to encrypt the backup. + If this field is not specified, the backup will use the same + encryption configuration as the source backup by default, namely + encryption_type = `USE_CONFIG_DEFAULT_OR_BACKUP_ENCRYPTION`. + expireTime: + format: google-datetime description: >- - OPTIONAL: A `GetPolicyOptions` object for specifying options to - `GetIamPolicy`. - $ref: '#/components/schemas/GetPolicyOptions' - GetPolicyOptions: - id: GetPolicyOptions - description: Encapsulates settings provided to GetIamPolicy. + Required. The expiration time of the backup in microsecond + granularity. The expiration time must be at least 6 hours and at + most 366 days from the `create_time` of the source backup. Once the + `expire_time` has passed, the backup is eligible to be automatically + deleted by Cloud Spanner to free the resources used by the backup. + type: string + Key: type: object + id: Key + description: A split key. properties: - requestedPolicyVersion: - description: >- - Optional. The maximum policy version that will be used to format the - policy. Valid values are 0, 1, and 3. Requests specifying an invalid - value will be rejected. Requests for policies with any conditional - role bindings must specify version 3. Policies with no conditional - role bindings may specify any valid value or leave the field unset. - The policy in the response might use the policy version that you - specified, or it might use a lower policy version. For example, if - you specify version 3, but the policy has no conditional role - bindings, the response uses version 1. To learn which resources - support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object + keyParts: + items: + type: any + type: array + description: Required. The column values making up the split key. + ListDatabaseRolesResponse: + id: ListDatabaseRolesResponse + description: The response for ListDatabaseRoles. properties: - permissions: - description: >- - REQUIRED: The set of permissions to check for 'resource'. - Permissions with wildcards (such as '*', 'spanner.*', - 'spanner.instances.*') are not allowed. + databaseRoles: type: array + description: Database roles that matched the request. items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. + $ref: '#/components/schemas/DatabaseRole' + nextPageToken: + type: string + description: >- + `next_page_token` can be sent in a subsequent ListDatabaseRoles call + to fetch more of the matching roles. type: object + UpdateInstanceRequest: + id: UpdateInstanceRequest properties: - permissions: + instance: description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - CreateInstancePartitionRequest: - id: CreateInstancePartitionRequest - description: The request for CreateInstancePartition. + Required. The instance to update, which must always include the + instance name. Otherwise, only fields mentioned in field_mask need + be included. + $ref: '#/components/schemas/Instance' + fieldMask: + description: >- + Required. A mask specifying which fields in Instance should be + updated. The field mask must always be specified; this prevents any + future fields in Instance from being erased accidentally by clients + that do not know about them. + type: string + format: google-fieldmask + description: The request for UpdateInstance. + type: object + ReadOnly: type: object properties: - instancePartitionId: + maxStaleness: + type: string + format: google-duration description: >- - Required. The ID of the instance partition to create. Valid - identifiers are of the form `a-z*[a-z0-9]` and must be between 2 and - 64 characters in length. + Read data at a timestamp >= `NOW - max_staleness` seconds. + Guarantees that all writes that have committed more than the + specified number of seconds ago are visible. Because Cloud Spanner + chooses the exact timestamp, this mode works even if the client's + local clock is substantially skewed from Cloud Spanner commit + timestamps. Useful for reading the freshest data available at a + nearby replica, while bounding the possible staleness if the local + replica has fallen behind. Note that this option can only be used in + single-use transactions. + readTimestamp: + format: google-datetime + description: >- + Executes all reads at the given timestamp. Unlike other modes, reads + at a specific timestamp are repeatable; the same read at the same + timestamp always returns the same data. If the timestamp is in the + future, the read is blocked until the specified timestamp, modulo + the read's deadline. Useful for large scale consistent reads such as + mapreduces, or for coordinating many reads against a consistent + snapshot of the data. A timestamp in RFC3339 UTC \"Zulu\" format, + accurate to nanoseconds. Example: + `"2014-10-02T15:01:23.045123456Z"`. type: string - instancePartition: + exactStaleness: + type: string + format: google-duration description: >- - Required. The instance partition to create. The - instance_partition.name may be omitted, but if specified must be - `/instancePartitions/`. - $ref: '#/components/schemas/InstancePartition' + Executes all reads at a timestamp that is `exact_staleness` old. The + timestamp is chosen soon after the read is started. Guarantees that + all writes that have committed more than the specified number of + seconds ago are visible. Because Cloud Spanner chooses the exact + timestamp, this mode works even if the client's local clock is + substantially skewed from Cloud Spanner commit timestamps. Useful + for reading at nearby replicas without the distributed timestamp + negotiation overhead of `max_staleness`. + returnReadTimestamp: + description: >- + If true, the Cloud Spanner-selected read timestamp is included in + the Transaction message that describes the transaction. + type: boolean + minReadTimestamp: + description: >- + Executes all reads at a timestamp >= `min_read_timestamp`. This is + useful for requesting fresher data than some previous read, or data + that is fresh enough to observe the effects of some previously + committed transaction whose timestamp is known. Note that this + option can only be used in single-use transactions. A timestamp in + RFC3339 UTC \"Zulu\" format, accurate to nanoseconds. Example: + `"2014-10-02T15:01:23.045123456Z"`. + type: string + format: google-datetime + strong: + type: boolean + description: >- + Read at a timestamp where all previously committed transactions are + visible. + id: ReadOnly + description: Message type to initiate a read-only transaction. UpdateInstancePartitionRequest: - id: UpdateInstancePartitionRequest - description: The request for UpdateInstancePartition. - type: object properties: - instancePartition: - description: >- - Required. The instance partition to update, which must always - include the instance partition name. Otherwise, only fields - mentioned in field_mask need be included. - $ref: '#/components/schemas/InstancePartition' fieldMask: description: >- Required. A mask specifying which fields in InstancePartition should @@ -1841,101 +905,187 @@ components: accidentally by clients that do not know about them. type: string format: google-fieldmask - ListInstancePartitionOperationsResponse: - id: ListInstancePartitionOperationsResponse - description: The response for ListInstancePartitionOperations. + instancePartition: + description: >- + Required. The instance partition to update, which must always + include the instance partition name. Otherwise, only fields + mentioned in field_mask need be included. + $ref: '#/components/schemas/InstancePartition' + id: UpdateInstancePartitionRequest + description: The request for UpdateInstancePartition. + type: object + QuorumInfo: + description: Information about the dual-region quorum. + id: QuorumInfo + type: object + properties: + startTime: + type: string + format: google-datetime + description: Output only. The timestamp when the request was triggered. + readOnly: true + etag: + readOnly: true + type: string + description: >- + Output only. The etag is used for optimistic concurrency control as + a way to help prevent simultaneous `ChangeQuorum` requests that + might create a race condition. + quorumType: + description: >- + Output only. The type of this quorum. See QuorumType for more + information about quorum type specifications. + readOnly: true + $ref: '#/components/schemas/QuorumType' + initiator: + readOnly: true + description: >- + Output only. Whether this `ChangeQuorum` is Google or User + initiated. + enumDescriptions: + - Unspecified. + - '`ChangeQuorum` initiated by Google.' + - '`ChangeQuorum` initiated by User.' + enum: + - INITIATOR_UNSPECIFIED + - GOOGLE + - USER + type: string + IncrementalBackupSpec: + description: >- + The specification for incremental backup chains. An incremental backup + stores the delta of changes between a previous backup and the database + contents at a given version time. An incremental backup chain consists + of a full backup and zero or more successive incremental backups. The + first backup created for an incremental backup chain is always a full + backup. + id: IncrementalBackupSpec + properties: {} type: object + BatchCreateSessionsResponse: properties: - operations: - description: >- - The list of matching instance partition long-running operations. - Each operation's name will be prefixed by the instance partition's - name. The operation's metadata field type `metadata.type_url` - describes the type of the metadata. - type: array + session: + description: The freshly created sessions. items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: >- - `next_page_token` can be sent in a subsequent - ListInstancePartitionOperations call to fetch more of the matching - metadata. - type: string - unreachableInstancePartitions: - description: >- - The list of unreachable instance partitions. It includes the names - of instance partitions whose operation metadata could not be - retrieved within instance_partition_deadline. + $ref: '#/components/schemas/Session' type: array - items: - type: string - MoveInstanceRequest: - id: MoveInstanceRequest - description: The request for MoveInstance. + description: The response for BatchCreateSessions. type: object + id: BatchCreateSessionsResponse + PartitionEventRecord: + id: PartitionEventRecord properties: - targetConfig: + commitTimestamp: description: >- - Required. The target instance configuration where to move the - instance. Values are of the form `projects//instanceConfigs/`. + Indicates the commit timestamp at which the key range change + occurred. DataChangeRecord.commit_timestamps, + PartitionStartRecord.start_timestamps, + PartitionEventRecord.commit_timestamps, and + PartitionEndRecord.end_timestamps can have the same value in the + same partition. + format: google-datetime type: string - targetDatabaseMoveConfigs: + recordSequence: description: >- - Optional. The configuration for each database in the target instance - configuration. - type: array + Record sequence numbers are unique and monotonically increasing (but + not necessarily contiguous) for a specific timestamp across record + types in the same partition. To guarantee ordered processing, the + reader should process records (of potentially different types) in + record_sequence order for a specific timestamp in the same + partition. + type: string + partitionToken: + type: string + description: >- + Unique partition identifier describing the partition this event + occurred on. partition_token is equal to the partition token of the + change stream partition currently queried to return this + PartitionEventRecord. + moveOutEvents: items: - $ref: '#/components/schemas/DatabaseMoveConfig' - DatabaseMoveConfig: - id: DatabaseMoveConfig - description: >- - The configuration for each database in the target instance - configuration. - type: object - properties: - databaseId: + $ref: '#/components/schemas/MoveOutEvent' + type: array description: >- - Required. The unique identifier of the database resource in the - Instance. For example, if the database uri is - `projects/foo/instances/bar/databases/baz`, then the id to supply - here is baz. - type: string - encryptionConfig: + Set when one or more key ranges are moved out of the change stream + partition identified by partition_token. Example: Two key ranges are + moved out of partition (P1) to partition (P2) and partition (P3) in + a single transaction at timestamp T. The PartitionEventRecord + returned in P1 will reflect the move as: PartitionEventRecord { + commit_timestamp: T partition_token: "P1" move_out_events { + destination_partition_token: "P2" } move_out_events { + destination_partition_token: "P3" } } The PartitionEventRecord + returned in P2 will reflect the move as: PartitionEventRecord { + commit_timestamp: T partition_token: "P2" move_in_events { + source_partition_token: "P1" } } The PartitionEventRecord returned + in P3 will reflect the move as: PartitionEventRecord { + commit_timestamp: T partition_token: "P3" move_in_events { + source_partition_token: "P1" } } + moveInEvents: description: >- - Optional. Encryption configuration to be used for the database in - the target configuration. The encryption configuration must be - specified for every database which currently uses CMEK encryption. - If a database currently uses Google-managed encryption and a target - encryption configuration is not specified, then the database - defaults to Google-managed encryption. If a database currently uses - Google-managed encryption and a target CMEK encryption is specified, - the request is rejected. If a database currently uses CMEK - encryption, then a target encryption configuration must be - specified. You can't move a CMEK database to a Google-managed - encryption database using the MoveInstance API. - $ref: '#/components/schemas/InstanceEncryptionConfig' - InstanceEncryptionConfig: - id: InstanceEncryptionConfig - description: Encryption configuration for a Cloud Spanner database. + Set when one or more key ranges are moved into the change stream + partition identified by partition_token. Example: Two key ranges are + moved into partition (P1) from partition (P2) and partition (P3) in + a single transaction at timestamp T. The PartitionEventRecord + returned in P1 will reflect the move as: PartitionEventRecord { + commit_timestamp: T partition_token: "P1" move_in_events { + source_partition_token: "P2" } move_in_events { + source_partition_token: "P3" } } The PartitionEventRecord returned + in P2 will reflect the move as: PartitionEventRecord { + commit_timestamp: T partition_token: "P2" move_out_events { + destination_partition_token: "P1" } } The PartitionEventRecord + returned in P3 will reflect the move as: PartitionEventRecord { + commit_timestamp: T partition_token: "P3" move_out_events { + destination_partition_token: "P1" } } + items: + $ref: '#/components/schemas/MoveInEvent' + type: array type: object + description: >- + A partition event record describes key range changes for a change stream + partition. The changes to a row defined by its primary key can be + captured in one change stream partition for a specific time range, and + then be captured in a different change stream partition for a different + time range. This movement of key ranges across change stream partitions + is a reflection of activities, such as Spanner's dynamic splitting and + load balancing, etc. Processing this event is needed if users want to + guarantee processing of the changes for any key in timestamp order. If + time ordered processing of changes for a primary key is not needed, this + event can be ignored. To guarantee time ordered processing for each + primary key, if the event describes move-ins, the reader of this + partition needs to wait until the readers of the source partitions have + processed all records with timestamps <= this + PartitionEventRecord.commit_timestamp, before advancing beyond this + PartitionEventRecord. If the event describes move-outs, the reader can + notify the readers of the destination partitions that they can continue + processing. + CreateBackupEncryptionConfig: properties: - kmsKeyName: - description: >- - Optional. This field is maintained for backwards compatibility. For - new callers, we recommend using `kms_key_names` to specify the KMS - key. `kms_key_name` should only be used if the location of the KMS - key matches the database instance’s configuration (location) - exactly. E.g. The KMS location is in us-central1 or nam3 and the - database instance is also in us-central1 or nam3. The Cloud KMS key - to be used for encrypting and decrypting the database. Values are of - the form `projects//locations//keyRings//cryptoKeys/`. + encryptionType: + description: Required. The encryption type of the backup. + enumDescriptions: + - Unspecified. Do not use. + - >- + Use the same encryption configuration as the database. This is the + default option when encryption_config is empty. For example, if + the database is using `Customer_Managed_Encryption`, the backup + will be using the same Cloud KMS key as the database. + - Use Google default encryption. + - >- + Use customer managed encryption. If specified, `kms_key_name` must + contain a valid Cloud KMS key. + enum: + - ENCRYPTION_TYPE_UNSPECIFIED + - USE_DATABASE_ENCRYPTION + - GOOGLE_DEFAULT_ENCRYPTION + - CUSTOMER_MANAGED_ENCRYPTION type: string kmsKeyNames: + type: array description: >- - Optional. Specifies the KMS configuration for one or more keys used - to encrypt the database. Values are of the form + Optional. Specifies the KMS configuration for the one or more keys + used to protect the backup. Values are of the form `projects//locations//keyRings//cryptoKeys/`. The keys referenced by - `kms_key_names` must fully cover all regions of the database's + `kms_key_names` must fully cover all regions of the backup's instance configuration. Some examples: * For regional (single-region) instance configurations, specify a regional location KMS key. * For multi-region instance configurations of type @@ -1946,72 +1096,85 @@ components: each region in the instance configuration. Multi-region location KMS keys aren't supported for `USER_MANAGED` type instance configurations. - type: array items: type: string - ListDatabasesResponse: - id: ListDatabasesResponse - description: The response for ListDatabases. + kmsKeyName: + description: >- + Optional. This field is maintained for backwards compatibility. For + new callers, we recommend using `kms_key_names` to specify the KMS + key. Only use `kms_key_name` if the location of the KMS key matches + the database instance's configuration (location) exactly. For + example, if the KMS location is in `us-central1` or `nam3`, then the + database instance must also be in `us-central1` or `nam3`. The Cloud + KMS key that is used to encrypt and decrypt the restored database. + Set this field only when encryption_type is + `CUSTOMER_MANAGED_ENCRYPTION`. Values are of the form + `projects//locations//keyRings//cryptoKeys/`. + type: string + type: object + description: Encryption configuration for the backup to create. + id: CreateBackupEncryptionConfig + BatchCreateSessionsRequest: type: object + id: BatchCreateSessionsRequest properties: - databases: - description: Databases that matched the request. - type: array - items: - $ref: '#/components/schemas/Database' - nextPageToken: + sessionCount: + format: int32 + type: integer description: >- - `next_page_token` can be sent in a subsequent ListDatabases call to - fetch more of the matching databases. - type: string + Required. The number of sessions to be created in this batch call. + At least one session is created. The API can return fewer than the + requested number of sessions. If a specific number of sessions are + desired, the client can make additional calls to + `BatchCreateSessions` (adjusting session_count as necessary). + sessionTemplate: + description: Parameters to apply to each created session. + $ref: '#/components/schemas/Session' + description: The request for BatchCreateSessions. Database: + type: object id: Database description: A Cloud Spanner database. - type: object properties: - name: + quorumInfo: description: >- - Required. The name of the database. Values are of the form - `projects//instances//databases/`, where `` is as specified in the - `CREATE DATABASE` statement. This name can be passed to other API - methods to identify the database. - type: string - state: - description: Output only. The current database state. + Output only. Applicable only for databases that use dual-region + instance configurations. Contains information about the quorum. + readOnly: true + $ref: '#/components/schemas/QuorumInfo' + databaseDialect: readOnly: true - type: string enumDescriptions: - - Not specified. - - >- - The database is still being created. Operations on the database - may fail with `FAILED_PRECONDITION` in this state. - - The database is fully created and ready for use. - >- - The database is fully created and ready for use, but is still - being optimized for performance and cannot handle full load. In - this state, the database still references the backup it was - restore from, preventing the backup from being deleted. When - optimizations are complete, the full performance of the database - will be restored, and the database will transition to `READY` - state. + Default value. This value will create a database with the + GOOGLE_STANDARD_SQL dialect. + - GoogleSQL supported SQL. + - PostgreSQL supported SQL. enum: - - STATE_UNSPECIFIED - - CREATING - - READY - - READY_OPTIMIZING - createTime: + - DATABASE_DIALECT_UNSPECIFIED + - GOOGLE_STANDARD_SQL + - POSTGRESQL + type: string + description: Output only. The dialect of the Cloud Spanner Database. + name: description: >- - Output only. If exists, the time at which the database creation - started. - readOnly: true + Required. The name of the database. Values are of the form + `projects//instances//databases/`, where `` is as specified in the + `CREATE DATABASE` statement. This name can be passed to other API + methods to identify the database. type: string - format: google-datetime restoreInfo: description: >- Output only. Applicable only for restored databases. Contains information about the restore source. - readOnly: true $ref: '#/components/schemas/RestoreInfo' + readOnly: true + reconciling: + readOnly: true + description: >- + Output only. If true, the database is being updated. If false, there + are no ongoing update operations for the database. + type: boolean encryptionConfig: description: >- Output only. For databases that are using customer managed @@ -2020,7 +1183,28 @@ components: of encryption, this field is empty. readOnly: true $ref: '#/components/schemas/EncryptionConfig' + versionRetentionPeriod: + type: string + description: >- + Output only. The period in which Cloud Spanner retains all versions + of data for the database. This is the same as the value of + version_retention_period database option set using + UpdateDatabaseDdl. Defaults to 1 hour, if not set. + readOnly: true + defaultLeader: + readOnly: true + type: string + description: >- + Output only. The read-write region which contains the database's + leader replicas. This is the same as the value of default_leader + database option set using DatabaseAdmin.CreateDatabase or + DatabaseAdmin.UpdateDatabaseDdl. If not explicitly set, this is + empty. encryptionInfo: + readOnly: true + items: + $ref: '#/components/schemas/EncryptionInfo' + type: array description: >- Output only. For databases that are using customer managed encryption, this field contains the encryption information for the @@ -2030,19 +1214,9 @@ components: types of encryption, this field is empty. This field is propagated lazily from the backend. There might be a delay from when a key version is being used and when it appears in this field. - readOnly: true - type: array - items: - $ref: '#/components/schemas/EncryptionInfo' - versionRetentionPeriod: - description: >- - Output only. The period in which Cloud Spanner retains all versions - of data for the database. This is the same as the value of - version_retention_period database option set using - UpdateDatabaseDdl. Defaults to 1 hour, if not set. - readOnly: true - type: string earliestVersionTime: + format: google-datetime + type: string description: >- Output only. Earliest timestamp at which older versions of the data can be read. This value is continuously updated by Cloud Spanner and @@ -2051,31 +1225,13 @@ components: when the value is queried to the moment when you initiate the recovery. readOnly: true - type: string - format: google-datetime - defaultLeader: + createTime: description: >- - Output only. The read-write region which contains the database's - leader replicas. This is the same as the value of default_leader - database option set using DatabaseAdmin.CreateDatabase or - DatabaseAdmin.UpdateDatabaseDdl. If not explicitly set, this is - empty. - readOnly: true + Output only. If exists, the time at which the database creation + started. type: string - databaseDialect: - description: Output only. The dialect of the Cloud Spanner Database. + format: google-datetime readOnly: true - type: string - enumDescriptions: - - >- - Default value. This value will create a database with the - GOOGLE_STANDARD_SQL dialect. - - GoogleSQL supported SQL. - - PostgreSQL supported SQL. - enum: - - DATABASE_DIALECT_UNSPECIFIED - - GOOGLE_STANDARD_SQL - - POSTGRESQL enableDropProtection: description: >- Optional. Whether drop protection is enabled for this database. @@ -2083,1329 +1239,1378 @@ components: [prevent accidental database deletion](https://cloud.google.com/spanner/docs/prevent-database-deletion). type: boolean - reconciling: - description: >- - Output only. If true, the database is being updated. If false, there - are no ongoing update operations for the database. + state: + enum: + - STATE_UNSPECIFIED + - CREATING + - READY + - READY_OPTIMIZING + description: Output only. The current database state. + type: string + enumDescriptions: + - Not specified. + - >- + The database is still being created. Operations on the database + may fail with `FAILED_PRECONDITION` in this state. + - The database is fully created and ready for use. + - >- + The database is fully created and ready for use, but is still + being optimized for performance and cannot handle full load. In + this state, the database still references the backup it was + restore from, preventing the backup from being deleted. When + optimizations are complete, the full performance of the database + will be restored, and the database will transition to `READY` + state. readOnly: true - type: boolean - quorumInfo: + SingleRegionQuorum: + properties: + servingLocation: description: >- - Output only. Applicable only for databases that use dual-region - instance configurations. Contains information about the quorum. - readOnly: true - $ref: '#/components/schemas/QuorumInfo' - RestoreInfo: - id: RestoreInfo - description: Information about the database restore. + Required. The location of the serving region, for example, + "us-central1". The location must be one of the regions within the + dual-region instance configuration of your database. The list of + valid locations is available using the GetInstanceConfig API. This + should only be used if you plan to change quorum to the + single-region quorum type. + type: string + description: Message type for a single-region quorum. + type: object + id: SingleRegionQuorum + ResultSet: type: object properties: - sourceType: - description: The type of the restore source. + rows: + description: >- + Each element in `rows` is a row whose format is defined by + metadata.row_type. The ith element in each row matches the ith field + in metadata.row_type. Elements are encoded based on type as + described here. + items: + type: array + items: + type: any + type: array + metadata: + description: Metadata about the result set, such as row type information. + $ref: '#/components/schemas/ResultSetMetadata' + stats: + description: >- + Query plan and execution statistics for the SQL statement that + produced this result set. These can be requested by setting + ExecuteSqlRequest.query_mode. DML statements always produce stats + containing the number of rows modified, unless executed using the + ExecuteSqlRequest.QueryMode.PLAN ExecuteSqlRequest.query_mode. Other + fields might or might not be populated, based on the + ExecuteSqlRequest.query_mode. + $ref: '#/components/schemas/ResultSetStats' + precommitToken: + $ref: '#/components/schemas/MultiplexedSessionPrecommitToken' + description: >- + Optional. A precommit token is included if the read-write + transaction is on a multiplexed session. Pass the precommit token + with the highest sequence number from this transaction attempt to + the Commit request for this transaction. + id: ResultSet + description: Results from Read or ExecuteSql. + VisualizationData: + type: object + id: VisualizationData + properties: + dataSourceEndToken: + type: string + description: The token signifying the end of a data_source. + dataSourceSeparatorToken: + description: >- + The token delimiting a datasource name from the rest of a key in a + data_source. + type: string + diagnosticMessages: + items: + $ref: '#/components/schemas/DiagnosticMessage' + type: array + description: The list of messages (info, alerts, ...) + indexedKeys: + description: >- + Keys of key ranges that contribute significantly to a given metric + Can be thought of as heavy hitters. + items: + type: string + type: array + metrics: + type: array + description: The list of data objects for each metric. + items: + $ref: '#/components/schemas/Metric' + keySeparator: type: string + description: The token delimiting the key prefixes. + prefixNodes: + description: >- + The list of extracted key prefix nodes used in the key prefix + hierarchy. + items: + $ref: '#/components/schemas/PrefixNode' + type: array + keyUnit: enumDescriptions: - - No restore associated. - - A backup was used as the source of the restore. + - Required default value + - Each entry corresponds to one key + - Each entry corresponds to a chunk of keys enum: - - TYPE_UNSPECIFIED - - BACKUP - backupInfo: + - KEY_UNIT_UNSPECIFIED + - KEY + - CHUNK + type: string + description: 'The unit for the key: e.g. ''key'' or ''chunk''.' + hasPii: + description: Whether this scan contains PII. + type: boolean + endKeyStrings: + type: array + items: + type: string + description: >- + We discretize the entire keyspace into buckets. Assuming each bucket + has an inclusive keyrange and covers keys from k(i) ... k(n). In + this case k(n) would be an end key for a given range. end_key_string + is the collection of all such end keys + TransactionSelector: + properties: + singleUse: + description: >- + Execute the read or SQL query in a temporary transaction. This is + the most efficient way to execute a transaction that consists of a + single SQL query. + $ref: '#/components/schemas/TransactionOptions' + id: + description: Execute the read or SQL query in a previously-started transaction. + format: byte + type: string + begin: + description: >- + Begin a new transaction and execute this read or SQL query in it. + The transaction ID of the new transaction is returned in + ResultSetMetadata.transaction, which is a Transaction. + $ref: '#/components/schemas/TransactionOptions' + type: object + id: TransactionSelector + description: >- + This message is used to select the transaction in which a Read or + ExecuteSql call runs. See TransactionOptions for more information about + transactions. + IndexedKeyRangeInfos: + description: >- + A message representing a (sparse) collection of KeyRangeInfos for + specific key buckets. + properties: + keyRangeInfos: + type: object description: >- - Information about the backup used to restore the database. The - backup may no longer exist. - $ref: '#/components/schemas/BackupInfo' - BackupInfo: - id: BackupInfo - description: Information about a backup. + A (sparse) mapping from key bucket index to the KeyRangeInfos for + that key bucket. + additionalProperties: + $ref: '#/components/schemas/KeyRangeInfos' + id: IndexedKeyRangeInfos type: object + IndexedHotKey: properties: - backup: - description: Name of the backup. - type: string - versionTime: + sparseHotKeys: description: >- - The backup contains an externally consistent copy of - `source_database` at the timestamp specified by `version_time`. If - the CreateBackup request did not specify `version_time`, the - `version_time` of the backup is equivalent to the `create_time`. - type: string - format: google-datetime - createTime: - description: The time the CreateBackup request was received. - type: string - format: google-datetime - sourceDatabase: - description: Name of the database the backup was created from. - type: string - EncryptionConfig: - id: EncryptionConfig - description: Encryption configuration for a Cloud Spanner database. + A (sparse) mapping from key bucket index to the index of the + specific hot row key for that key bucket. The index of the hot row + key can be translated to the actual row key via the + ScanData.VisualizationData.indexed_keys repeated field. + type: object + additionalProperties: + type: integer + format: int32 + description: >- + A message representing a (sparse) collection of hot keys for specific + key buckets. + id: IndexedHotKey + type: object + BatchWriteRequest: + description: The request for BatchWrite. + id: BatchWriteRequest type: object properties: - kmsKeyName: - description: >- - The Cloud KMS key to be used for encrypting and decrypting the - database. Values are of the form - `projects//locations//keyRings//cryptoKeys/`. - type: string - kmsKeyNames: + excludeTxnFromChangeStreams: description: >- - Specifies the KMS configuration for one or more keys used to encrypt - the database. Values are of the form - `projects//locations//keyRings//cryptoKeys/`. The keys referenced by - `kms_key_names` must fully cover all regions of the database's - instance configuration. Some examples: * For regional - (single-region) instance configurations, specify a regional location - KMS key. * For multi-region instance configurations of type - `GOOGLE_MANAGED`, either specify a multi-region location KMS key or - multiple regional location KMS keys that cover all regions in the - instance configuration. * For an instance configuration of type - `USER_MANAGED`, specify only regional location KMS keys to cover - each region in the instance configuration. Multi-region location KMS - keys aren't supported for `USER_MANAGED` type instance - configurations. + Optional. If you don't set the `exclude_txn_from_change_streams` + option or if it's set to `false`, then any change streams monitoring + columns modified by transactions will capture the updates made + within that transaction. + type: boolean + mutationGroups: + description: Required. The groups of mutations to be applied. type: array items: - type: string - EncryptionInfo: - id: EncryptionInfo - description: Encryption information for a Cloud Spanner database or backup. - type: object + $ref: '#/components/schemas/MutationGroup' + requestOptions: + description: Common options for this request. + $ref: '#/components/schemas/RequestOptions' + Operation: properties: - encryptionType: - description: Output only. The type of encryption. - readOnly: true - type: string - enumDescriptions: - - >- - Encryption type was not specified, though data at rest remains - encrypted. - - >- - The data is encrypted at rest with a key that is fully managed by - Google. No key version or status will be populated. This is the - default state. - - >- - The data is encrypted at rest with a key that is managed by the - customer. The active version of the key. `kms_key_version` will be - populated, and `encryption_status` may be populated. - enum: - - TYPE_UNSPECIFIED - - GOOGLE_DEFAULT_ENCRYPTION - - CUSTOMER_MANAGED_ENCRYPTION - encryptionStatus: + done: description: >- - Output only. If present, the status of a recent encrypt/decrypt call - on underlying data for this database or backup. Regardless of - status, data is always encrypted at rest. - readOnly: true + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + error: $ref: '#/components/schemas/Status' - kmsKeyVersion: description: >- - Output only. A Cloud KMS key version that is being used to protect - the database or backup. - readOnly: true - type: string - QuorumInfo: - id: QuorumInfo - description: Information about the dual-region quorum. - type: object - properties: - quorumType: + The error result of the operation in case of failure or + cancellation. + metadata: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object description: >- - Output only. The type of this quorum. See QuorumType for more - information about quorum type specifications. - readOnly: true - $ref: '#/components/schemas/QuorumType' - initiator: + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + response: + type: object description: >- - Output only. Whether this `ChangeQuorum` is Google or User - initiated. - readOnly: true - type: string - enumDescriptions: - - Unspecified. - - '`ChangeQuorum` initiated by Google.' - - '`ChangeQuorum` initiated by User.' - enum: - - INITIATOR_UNSPECIFIED - - GOOGLE - - USER - startTime: - description: Output only. The timestamp when the request was triggered. - readOnly: true + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + name: type: string - format: google-datetime - etag: description: >- - Output only. The etag is used for optimistic concurrency control as - a way to help prevent simultaneous `ChangeQuorum` requests that - might create a race condition. - readOnly: true - type: string - QuorumType: - id: QuorumType + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: object + id: Operation description: >- - Information about the database quorum type. This only applies to - dual-region instance configs. + This resource represents a long-running operation that is the result of + a network API call. + TestIamPermissionsResponse: type: object + description: Response message for `TestIamPermissions` method. properties: - singleRegion: - description: Single-region quorum type. - $ref: '#/components/schemas/SingleRegionQuorum' - dualRegion: - description: Dual-region quorum type. - $ref: '#/components/schemas/DualRegionQuorum' - SingleRegionQuorum: - id: SingleRegionQuorum - description: Message type for a single-region quorum. + permissions: + items: + type: string + type: array + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + id: TestIamPermissionsResponse + KeyRangeInfos: type: object + id: KeyRangeInfos properties: - servingLocation: + totalSize: description: >- - Required. The location of the serving region, e.g. "us-central1". - The location must be one of the regions within the dual-region - instance configuration of your database. The list of valid locations - is available using the GetInstanceConfig API. This should only be - used if you plan to change quorum to the single-region quorum type. - type: string - DualRegionQuorum: - id: DualRegionQuorum + The total size of the list of all KeyRangeInfos. This may be larger + than the number of repeated messages above. If that is the case, + this number may be used to determine how many are not being shown. + format: int32 + type: integer + infos: + description: The list individual KeyRangeInfos. + type: array + items: + $ref: '#/components/schemas/KeyRangeInfo' description: >- - Message type for a dual-region quorum. Currently this type has no - options. - type: object - properties: {} - CreateDatabaseRequest: - id: CreateDatabaseRequest - description: The request for CreateDatabase. - type: object + A message representing a list of specific information for multiple key + ranges. + KeySet: properties: - createStatement: + all: + type: boolean description: >- - Required. A `CREATE DATABASE` statement, which specifies the ID of - the new database. The database ID must conform to the regular - expression `a-z*[a-z0-9]` and be between 2 and 30 characters in - length. If the database ID is a reserved word or if it contains a - hyphen, the database ID must be enclosed in backticks (`` ` ``). - type: string - extraStatements: + For convenience `all` can be set to `true` to indicate that this + `KeySet` matches all keys in the table or index. Note that any keys + specified in `keys` or `ranges` are only yielded once. + keys: description: >- - Optional. A list of DDL statements to run inside the newly created - database. Statements can create tables, indexes, etc. These - statements execute atomically with the creation of the database: if - there is an error in any statement, the database is not created. + A list of specific keys. Entries in `keys` should have exactly as + many elements as there are columns in the primary or index key with + which this `KeySet` is used. Individual key values are encoded as + described here. type: array items: - type: string - encryptionConfig: - description: >- - Optional. The encryption configuration for the database. If this - field is not specified, Cloud Spanner will encrypt/decrypt all data - at rest using Google default encryption. - $ref: '#/components/schemas/EncryptionConfig' - databaseDialect: - description: Optional. The dialect of the Cloud Spanner Database. - type: string - enumDescriptions: - - >- - Default value. This value will create a database with the - GOOGLE_STANDARD_SQL dialect. - - GoogleSQL supported SQL. - - PostgreSQL supported SQL. - enum: - - DATABASE_DIALECT_UNSPECIFIED - - GOOGLE_STANDARD_SQL - - POSTGRESQL - protoDescriptors: + type: array + items: + type: any + ranges: + items: + $ref: '#/components/schemas/KeyRange' + type: array description: >- - Optional. Proto descriptors used by `CREATE/ALTER PROTO BUNDLE` - statements in 'extra_statements'. Contains a protobuf-serialized - [`google.protobuf.FileDescriptorSet`](https://github.com/protocolbuffers/protobuf/blob/main/src/google/protobuf/descriptor.proto) - descriptor set. To generate it, - [install](https://grpc.io/docs/protoc-installation/) and run - `protoc` with --include_imports and --descriptor_set_out. For - example, to generate for moon/shot/app.proto, run ``` $protoc - --proto_path=/app_path --proto_path=/lib_path \ --include_imports \ - --descriptor_set_out=descriptors.data \ moon/shot/app.proto ``` For - more details, see protobuffer [self - description](https://developers.google.com/protocol-buffers/docs/techniques#self-description). - type: string - format: byte - UpdateDatabaseDdlRequest: - id: UpdateDatabaseDdlRequest + A list of key ranges. See KeyRange for more information about key + range specifications. + id: KeySet description: >- - Enqueues the given DDL statements to be applied, in order but not - necessarily all at once, to the database schema at some point (or - points) in the future. The server checks that the statements are - executable (syntactically valid, name tables that exist, etc.) before - enqueueing them, but they may still fail upon later execution (e.g., if - a statement from another batch of statements is applied first and it - conflicts in some way, or if there is some data-related problem like a - `NULL` value in a column to which `NOT NULL` would be added). If a - statement fails, all subsequent statements in the batch are - automatically cancelled. Each batch of statements is assigned a name - which can be used with the Operations API to monitor progress. See the - operation_id field for more details. + `KeySet` defines a collection of Cloud Spanner keys and/or key ranges. + All the keys are expected to be in the same table or index. The keys + need not be sorted in any particular way. If the same key is specified + multiple times in the set (for example if two ranges, two keys, or a key + and a range overlap), Cloud Spanner behaves as if the key were only + specified once. + type: object + ListBackupsResponse: type: object + id: ListBackupsResponse + description: The response for ListBackups. properties: - statements: - description: Required. DDL statements to be applied to the database. + backups: type: array - items: - type: string - operationId: description: >- - If empty, the new update request is assigned an - automatically-generated operation ID. Otherwise, `operation_id` is - used to construct the name of the resulting Operation. Specifying an - explicit operation ID simplifies determining whether the statements - were executed in the event that the UpdateDatabaseDdl call is - replayed, or the return value is otherwise lost: the database and - `operation_id` fields can be combined to form the `name` of the - resulting longrunning.Operation: `/operations/`. `operation_id` - should be unique within the database, and must be a valid - identifier: `a-z*`. Note that automatically-generated operation IDs - always begin with an underscore. If the named operation already - exists, UpdateDatabaseDdl returns `ALREADY_EXISTS`. - type: string - protoDescriptors: + The list of matching backups. Backups returned are ordered by + `create_time` in descending order, starting from the most recent + `create_time`. + items: + $ref: '#/components/schemas/Backup' + nextPageToken: description: >- - Optional. Proto descriptors used by CREATE/ALTER PROTO BUNDLE - statements. Contains a protobuf-serialized - [google.protobuf.FileDescriptorSet](https://github.com/protocolbuffers/protobuf/blob/main/src/google/protobuf/descriptor.proto). - To generate it, [install](https://grpc.io/docs/protoc-installation/) - and run `protoc` with --include_imports and --descriptor_set_out. - For example, to generate for moon/shot/app.proto, run ``` $protoc - --proto_path=/app_path --proto_path=/lib_path \ --include_imports \ - --descriptor_set_out=descriptors.data \ moon/shot/app.proto ``` For - more details, see protobuffer [self - description](https://developers.google.com/protocol-buffers/docs/techniques#self-description). + `next_page_token` can be sent in a subsequent ListBackups call to + fetch more of the matching backups. type: string - format: byte - GetDatabaseDdlResponse: - id: GetDatabaseDdlResponse - description: The response for GetDatabaseDdl. + MoveInstanceRequest: + description: The request for MoveInstance. type: object properties: - statements: + targetConfig: description: >- - A list of formatted DDL statements defining the schema of the - database specified in the request. + Required. The target instance configuration where to move the + instance. Values are of the form `projects//instanceConfigs/`. + type: string + targetDatabaseMoveConfigs: type: array - items: - type: string - protoDescriptors: description: >- - Proto descriptors stored in the database. Contains a - protobuf-serialized - [google.protobuf.FileDescriptorSet](https://github.com/protocolbuffers/protobuf/blob/main/src/google/protobuf/descriptor.proto). - For more details, see protobuffer [self - description](https://developers.google.com/protocol-buffers/docs/techniques#self-description). - type: string - format: byte - ChangeQuorumRequest: - id: ChangeQuorumRequest - description: The request for ChangeQuorum. + Optional. The configuration for each database in the target instance + configuration. + items: + $ref: '#/components/schemas/DatabaseMoveConfig' + id: MoveInstanceRequest + ReadRequest: type: object properties: - name: + resumeToken: + format: byte description: >- - Required. Name of the database in which to apply `ChangeQuorum`. - Values are of the form `projects//instances//databases/`. + If this request is resuming a previously interrupted read, + `resume_token` should be copied from the last PartialResultSet + yielded before the interruption. Doing this enables the new read to + resume where the last read left off. The rest of the request + parameters must exactly match the request that yielded this token. type: string - quorumType: - description: Required. The type of this quorum. - $ref: '#/components/schemas/QuorumType' - etag: + orderBy: + enumDescriptions: + - >- + Default value. `ORDER_BY_UNSPECIFIED` is equivalent to + `ORDER_BY_PRIMARY_KEY`. + - >- + Read rows are returned in primary key order. In the event that + this option is used in conjunction with the `partition_token` + field, the API returns an `INVALID_ARGUMENT` error. + - Read rows are returned in any order. description: >- - Optional. The etag is the hash of the `QuorumInfo`. The - `ChangeQuorum` operation is only performed if the etag matches that - of the `QuorumInfo` in the current database resource. Otherwise the - API returns an `ABORTED` error. The etag is used for optimistic - concurrency control as a way to help prevent simultaneous change - quorum requests that could create a race condition. + Optional. Order for the returned rows. By default, Spanner returns + result rows in primary key order except for PartitionRead requests. + For applications that don't require rows to be returned in primary + key (`ORDER_BY_PRIMARY_KEY`) order, setting `ORDER_BY_NO_ORDER` + option allows Spanner to optimize row retrieval, resulting in lower + latencies in certain cases (for example, bulk point lookups). + enum: + - ORDER_BY_UNSPECIFIED + - ORDER_BY_PRIMARY_KEY + - ORDER_BY_NO_ORDER type: string - Backup: - id: Backup - description: A backup of a Cloud Spanner database. - type: object - properties: - database: + columns: + type: array description: >- - Required for the CreateBackup operation. Name of the database from - which this backup was created. This needs to be in the same instance - as the backup. Values are of the form - `projects//instances//databases/`. + Required. The columns of table to be returned for each row matching + this request. + items: + type: string + dataBoostEnabled: + type: boolean + description: >- + If this is for a partitioned read and this field is set to `true`, + the request is executed with Spanner Data Boost independent compute + resources. If the field is set to `true` but the request doesn't set + `partition_token`, the API returns an `INVALID_ARGUMENT` error. + transaction: + description: >- + The transaction to use. If none is provided, the default is a + temporary read-only transaction with strong concurrency. + $ref: '#/components/schemas/TransactionSelector' + lockHint: + enum: + - LOCK_HINT_UNSPECIFIED + - LOCK_HINT_SHARED + - LOCK_HINT_EXCLUSIVE type: string - versionTime: description: >- - The backup will contain an externally consistent copy of the - database at the timestamp specified by `version_time`. If - `version_time` is not specified, the system will set `version_time` - to the `create_time` of the backup. + Optional. Lock Hint for the request, it can only be used with + read-write transactions. + enumDescriptions: + - >- + Default value. `LOCK_HINT_UNSPECIFIED` is equivalent to + `LOCK_HINT_SHARED`. + - >- + Acquire shared locks. By default when you perform a read as part + of a read-write transaction, Spanner acquires shared read locks, + which allows other reads to still access the data until your + transaction is ready to commit. When your transaction is + committing and writes are being applied, the transaction attempts + to upgrade to an exclusive lock for any data you are writing. For + more information about locks, see [Lock + modes](https://cloud.google.com/spanner/docs/introspection/lock-statistics#explain-lock-modes). + - >- + Acquire exclusive locks. Requesting exclusive locks is beneficial + if you observe high write contention, which means you notice that + multiple transactions are concurrently trying to read and write to + the same data, resulting in a large number of aborts. This problem + occurs when two transactions initially acquire shared locks and + then both try to upgrade to exclusive locks at the same time. In + this situation both transactions are waiting for the other to give + up their lock, resulting in a deadlocked situation. Spanner is + able to detect this occurring and force one of the transactions to + abort. However, this is a slow and expensive operation and results + in lower performance. In this case it makes sense to acquire + exclusive locks at the start of the transaction because then when + multiple transactions try to act on the same data, they + automatically get serialized. Each transaction waits its turn to + acquire the lock and avoids getting into deadlock situations. + Because the exclusive lock hint is just a hint, it shouldn't be + considered equivalent to a mutex. In other words, you shouldn't + use Spanner exclusive locks as a mutual exclusion mechanism for + the execution of code outside of Spanner. **Note:** Request + exclusive locks judiciously because they block others from reading + that data for the entire transaction, rather than just when the + writes are being performed. Unless you observe high write + contention, you should use the default of shared read locks so you + don't prematurely block other clients from reading the data that + you're writing to. + table: type: string - format: google-datetime - expireTime: + description: Required. The name of the table in the database to be read. + directedReadOptions: + description: Directed read options for this request. + $ref: '#/components/schemas/DirectedReadOptions' + index: description: >- - Required for the CreateBackup operation. The expiration time of the - backup, with microseconds granularity that must be at least 6 hours - and at most 366 days from the time the CreateBackup request is - processed. Once the `expire_time` has passed, the backup is eligible - to be automatically deleted by Cloud Spanner to free the resources - used by the backup. + If non-empty, the name of an index on table. This index is used + instead of the table primary key when interpreting key_set and + sorting result rows. See key_set for further information. type: string - format: google-datetime - name: + partitionToken: + format: byte description: >- - Output only for the CreateBackup operation. Required for the - UpdateBackup operation. A globally unique identifier for the backup - which cannot be changed. Values are of the form - `projects//instances//backups/a-z*[a-z0-9]` The final segment of the - name must be between 2 and 60 characters in length. The backup is - stored in the location(s) specified in the instance configuration of - the instance containing the backup, identified by the prefix of the - backup name of the form `projects//instances/`. + If present, results are restricted to the specified partition + previously created using `PartitionRead`. There must be an exact + match for the values of fields common to this message and the + PartitionReadRequest message used to create this partition_token. type: string - createTime: + keySet: description: >- - Output only. The time the CreateBackup request is received. If the - request does not specify `version_time`, the `version_time` of the - backup will be equivalent to the `create_time`. - readOnly: true + Required. `key_set` identifies the rows to be yielded. `key_set` + names the primary keys of the rows in table to be yielded, unless + index is present. If index is present, then key_set instead names + index keys in index. If the partition_token field is empty, rows are + yielded in table primary key order (if index is empty) or index key + order (if index is non-empty). If the partition_token field isn't + empty, rows are yielded in an unspecified order. It isn't an error + for the `key_set` to name rows that don't exist in the database. + Read yields nothing for nonexistent rows. + $ref: '#/components/schemas/KeySet' + limit: type: string - format: google-datetime - sizeBytes: description: >- - Output only. Size of the backup in bytes. For a backup in an - incremental backup chain, this is the sum of the - `exclusive_size_bytes` of itself and all older backups in the chain. - readOnly: true - type: string + If greater than zero, only the first `limit` rows are yielded. If + `limit` is zero, the default is no limit. A limit can't be specified + if `partition_token` is set. format: int64 - freeableSizeBytes: + requestOptions: + $ref: '#/components/schemas/RequestOptions' + description: Common options for this request. + description: The request for Read and StreamingRead. + id: ReadRequest + AutoscalingLimits: + type: object + description: >- + The autoscaling limits for the instance. Users can define the minimum + and maximum compute capacity allocated to the instance, and the + autoscaler will only scale within that range. Users can either use nodes + or processing units to specify the limits, but should use the same unit + to set both the min_limit and max_limit. + id: AutoscalingLimits + properties: + maxNodes: + type: integer description: >- - Output only. The number of bytes that will be freed by deleting this - backup. This value will be zero if, for example, this backup is part - of an incremental backup chain and younger backups in the chain - require that we keep its data. For backups not in an incremental - backup chain, this is always the size of the backup. This value may - change if backups on the same chain get created, deleted or expired. - readOnly: true - type: string - format: int64 - exclusiveSizeBytes: + Maximum number of nodes allocated to the instance. If set, this + number should be greater than or equal to min_nodes. + format: int32 + minNodes: description: >- - Output only. For a backup in an incremental backup chain, this is - the storage space needed to keep the data that has changed since the - previous backup. For all other backups, this is always the size of - the backup. This value may change if backups on the same chain get - deleted or expired. This field can be used to calculate the total - storage space used by a set of backups. For example, the total space - used by all backups of a database can be computed by summing up this - field. - readOnly: true - type: string - format: int64 - state: - description: Output only. The current state of the backup. - readOnly: true - type: string - enumDescriptions: - - Not specified. - - >- - The pending backup is still being created. Operations on the - backup may fail with `FAILED_PRECONDITION` in this state. - - The backup is complete and ready for use. - enum: - - STATE_UNSPECIFIED - - CREATING - - READY - referencingDatabases: + Minimum number of nodes allocated to the instance. If set, this + number should be greater than or equal to 1. + type: integer + format: int32 + maxProcessingUnits: + format: int32 description: >- - Output only. The names of the restored databases that reference the - backup. The database names are of the form - `projects//instances//databases/`. Referencing databases may exist - in different instances. The existence of any referencing database - prevents the backup from being deleted. When a restored database - from the backup enters the `READY` state, the reference to the - backup is removed. - readOnly: true - type: array - items: - type: string - encryptionInfo: - description: Output only. The encryption information for the backup. - readOnly: true - $ref: '#/components/schemas/EncryptionInfo' - encryptionInformation: + Maximum number of processing units allocated to the instance. If + set, this number should be multiples of 1000 and be greater than or + equal to min_processing_units. + type: integer + minProcessingUnits: description: >- - Output only. The encryption information for the backup, whether it - is protected by one or more KMS keys. The information includes all - Cloud KMS key versions used to encrypt the backup. The - `encryption_status` field inside of each `EncryptionInfo` is not - populated. At least one of the key versions must be available for - the backup to be restored. If a key version is revoked in the middle - of a restore, the restore behavior is undefined. - readOnly: true - type: array - items: - $ref: '#/components/schemas/EncryptionInfo' - databaseDialect: - description: Output only. The database dialect information for the backup. - readOnly: true - type: string - enumDescriptions: - - >- - Default value. This value will create a database with the - GOOGLE_STANDARD_SQL dialect. - - GoogleSQL supported SQL. - - PostgreSQL supported SQL. - enum: - - DATABASE_DIALECT_UNSPECIFIED - - GOOGLE_STANDARD_SQL - - POSTGRESQL - referencingBackups: + Minimum number of processing units allocated to the instance. If + set, this number should be multiples of 1000. + format: int32 + type: integer + ChangeStreamRecord: + id: ChangeStreamRecord + type: object + description: >- + Spanner Change Streams enable customers to capture and stream out + changes to their Spanner databases in real-time. A change stream can be + created with option partition_mode='IMMUTABLE_KEY_RANGE' or + partition_mode='MUTABLE_KEY_RANGE'. This message is only used in Change + Streams created with the option partition_mode='MUTABLE_KEY_RANGE'. + Spanner automatically creates a special Table-Valued Function (TVF) + along with each Change Streams. The function provides access to the + change stream's records. The function is named READ_ (where is the name + of the change stream), and it returns a table with only one column + called ChangeRecord. + properties: + partitionEventRecord: description: >- - Output only. The names of the destination backups being created by - copying this source backup. The backup names are of the form - `projects//instances//backups/`. Referencing backups may exist in - different instances. The existence of any referencing backup - prevents the backup from being deleted. When the copy operation is - done (either successfully completed or cancelled or the destination - backup is deleted), the reference to the backup is removed. - readOnly: true - type: array - items: - type: string - maxExpireTime: + Partition event record describing key range changes for a change + stream partition. + $ref: '#/components/schemas/PartitionEventRecord' + heartbeatRecord: + $ref: '#/components/schemas/HeartbeatRecord' description: >- - Output only. The max allowed expiration time of the backup, with - microseconds granularity. A backup's expiration time can be - configured in multiple APIs: CreateBackup, UpdateBackup, CopyBackup. - When updating or copying an existing backup, the expiration time - specified must be less than `Backup.max_expire_time`. - readOnly: true + Heartbeat record describing a heartbeat for a change stream + partition. + partitionStartRecord: + description: Partition start record describing a new change stream partition. + $ref: '#/components/schemas/PartitionStartRecord' + partitionEndRecord: + description: >- + Partition end record describing a terminated change stream + partition. + $ref: '#/components/schemas/PartitionEndRecord' + dataChangeRecord: + description: >- + Data change record describing a data change for a change stream + partition. + $ref: '#/components/schemas/DataChangeRecord' + CreateBackupMetadata: + id: CreateBackupMetadata + description: Metadata type for the operation returned by CreateBackup. + properties: + progress: + description: The progress of the CreateBackup operation. + $ref: '#/components/schemas/OperationProgress' + name: + description: The name of the backup being created. + type: string + cancelTime: + description: >- + The time at which cancellation of this operation was received. + Operations.CancelOperation starts asynchronous cancellation on a + long-running operation. The server makes a best effort to cancel the + operation, but success is not guaranteed. Clients can use + Operations.GetOperation or other methods to check whether the + cancellation succeeded or whether the operation completed despite + cancellation. On successful cancellation, the operation is not + deleted; instead, it becomes an operation with an Operation.error + value with a google.rpc.Status.code of 1, corresponding to + `Code.CANCELLED`. type: string format: google-datetime - backupSchedules: - description: >- - Output only. List of backup schedule URIs that are associated with - creating this backup. This is only applicable for scheduled backups, - and is empty for on-demand backups. To optimize for storage, - whenever possible, multiple schedules are collapsed together to - create one backup. In such cases, this field captures the list of - all backup schedule URIs that are associated with creating this - backup. If collapsing is not done, then this field captures the - single backup schedule URI associated with creating this backup. - readOnly: true - type: array - items: - type: string - incrementalBackupChainId: - description: >- - Output only. Populated only for backups in an incremental backup - chain. Backups share the same chain id if and only if they belong to - the same incremental backup chain. Use this field to determine which - backups are part of the same incremental backup chain. The ordering - of backups in the chain can be determined by ordering the backup - `version_time`. - readOnly: true + database: + description: The name of the database the backup is created from. type: string - oldestVersionTime: + type: object + ResultSetStats: + type: object + description: Additional statistics about a ResultSet or PartialResultSet. + properties: + rowCountExact: + format: int64 + type: string + description: Standard DML returns an exact count of rows that were modified. + queryPlan: + description: QueryPlan for the query associated with this result. + $ref: '#/components/schemas/QueryPlan' + queryStats: + additionalProperties: + type: any + description: Properties of the object. description: >- - Output only. Data deleted at a time older than this is guaranteed - not to be retained in order to support this backup. For a backup in - an incremental backup chain, this is the version time of the oldest - backup that exists or ever existed in the chain. For all other - backups, this is the version time of the backup. This field can be - used to understand what data is being retained by the backup system. - readOnly: true + Aggregated statistics from the execution of the query. Only present + when the query is profiled. For example, a query could return the + statistics as follows: { "rows_returned": "3", "elapsed_time": "1.22 + secs", "cpu_time": "1.19 secs" } + type: object + rowCountLowerBound: + format: int64 type: string - format: google-datetime - instancePartitions: description: >- - Output only. The instance partition(s) storing the backup. This is - the same as the list of the instance partition(s) that the database - had footprint in at the backup's `version_time`. - readOnly: true - type: array - items: - $ref: '#/components/schemas/BackupInstancePartition' - BackupInstancePartition: - id: BackupInstancePartition - description: Instance partition information for the backup. + Partitioned DML doesn't offer exactly-once semantics, so it returns + a lower bound of the rows modified. + id: ResultSetStats + CreateDatabaseMetadata: + id: CreateDatabaseMetadata + description: Metadata type for the operation returned by CreateDatabase. + properties: + database: + type: string + description: The database being created. + type: object + ChildLink: + id: ChildLink type: object + description: >- + Metadata associated with a parent-child relationship appearing in a + PlanNode. properties: - instancePartition: + type: description: >- - A unique identifier for the instance partition. Values are of the - form `projects//instances//instancePartitions/` + The type of the link. For example, in Hash Joins this could be used + to distinguish between the build child and the probe child, or in + the case of the child being an output variable, to represent the tag + associated with the output variable. type: string - CopyBackupRequest: - id: CopyBackupRequest - description: The request for CopyBackup. + childIndex: + description: The node to which the link points. + format: int32 + type: integer + variable: + type: string + description: >- + Only present if the child node is SCALAR and corresponds to an + output variable of the parent node. The field carries the name of + the output variable. For example, a `TableScan` operator that reads + rows from a table will have child links to the `SCALAR` nodes + representing the output variables created for each column that is + read by the operator. The corresponding `variable` fields will be + set to the variable names assigned to the columns. + ExecuteSqlRequest: + description: The request for ExecuteSql and ExecuteStreamingSql. + id: ExecuteSqlRequest type: object properties: - backupId: + dataBoostEnabled: description: >- - Required. The id of the backup copy. The `backup_id` appended to - `parent` forms the full backup_uri of the form - `projects//instances//backups/`. - type: string - sourceBackup: + If this is for a partitioned query and this field is set to `true`, + the request is executed with Spanner Data Boost independent compute + resources. If the field is set to `true` but the request doesn't set + `partition_token`, the API returns an `INVALID_ARGUMENT` error. + type: boolean + paramTypes: + type: object description: >- - Required. The source backup to be copied. The source backup needs to - be in READY state for it to be copied. Once CopyBackup is in - progress, the source backup cannot be deleted or cleaned up on - expiration until CopyBackup is finished. Values are of the form: - `projects//instances//backups/`. - type: string - expireTime: + It isn't always possible for Cloud Spanner to infer the right SQL + type from a JSON value. For example, values of type `BYTES` and + values of type `STRING` both appear in params as JSON strings. In + these cases, you can use `param_types` to specify the exact SQL type + for some or all of the SQL statement parameters. See the definition + of Type for more information about SQL types. + additionalProperties: + $ref: '#/components/schemas/Type' + seqno: description: >- - Required. The expiration time of the backup in microsecond - granularity. The expiration time must be at least 6 hours and at - most 366 days from the `create_time` of the source backup. Once the - `expire_time` has passed, the backup is eligible to be automatically - deleted by Cloud Spanner to free the resources used by the backup. + A per-transaction sequence number used to identify this request. + This field makes each request idempotent such that if the request is + received multiple times, at most one succeeds. The sequence number + must be monotonically increasing within the transaction. If a + request arrives for the first time with an out-of-order sequence + number, the transaction can be aborted. Replays of previously + handled requests yield the same response as the first execution. + Required for DML statements. Ignored for queries. + format: int64 type: string - format: google-datetime - encryptionConfig: + requestOptions: + description: Common options for this request. + $ref: '#/components/schemas/RequestOptions' + queryOptions: + $ref: '#/components/schemas/QueryOptions' + description: Query optimizer configuration to use for the given query. + lastStatement: description: >- - Optional. The encryption configuration used to encrypt the backup. - If this field is not specified, the backup will use the same - encryption configuration as the source backup by default, namely - encryption_type = `USE_CONFIG_DEFAULT_OR_BACKUP_ENCRYPTION`. - $ref: '#/components/schemas/CopyBackupEncryptionConfig' - CopyBackupEncryptionConfig: - id: CopyBackupEncryptionConfig - description: Encryption configuration for the copied backup. - type: object - properties: - encryptionType: - description: Required. The encryption type of the backup. + Optional. If set to `true`, this statement marks the end of the + transaction. After this statement executes, you must commit or abort + the transaction. Attempts to execute any other requests against this + transaction (including reads and queries) are rejected. For DML + statements, setting this option might cause some error reporting to + be deferred until commit time (for example, validation of unique + constraints). Given this, successful execution of a DML statement + shouldn't be assumed until a subsequent `Commit` call completes + successfully. + type: boolean + sql: type: string + description: Required. The SQL string. + params: + additionalProperties: + type: any + description: Properties of the object. + description: >- + Parameter names and values that bind to placeholders in the SQL + string. A parameter placeholder consists of the `@` character + followed by the parameter name (for example, `@firstName`). + Parameter names must conform to the naming requirements of + identifiers as specified at + https://cloud.google.com/spanner/docs/lexical#identifiers. + Parameters can appear anywhere that a literal value is expected. The + same parameter name can be used more than once, for example: `"WHERE + id > @msg_id AND id < @msg_id + 100"` It's an error to execute a SQL + statement with unbound parameters. + type: object + queryMode: + enum: + - NORMAL + - PLAN + - PROFILE + - WITH_STATS + - WITH_PLAN_AND_STATS enumDescriptions: - - Unspecified. Do not use. + - The default mode. Only the statement results are returned. - >- - This is the default option for CopyBackup when encryption_config - is not specified. For example, if the source backup is using - `Customer_Managed_Encryption`, the backup will be using the same - Cloud KMS key as the source backup. - - Use Google default encryption. + This mode returns only the query plan, without any results or + execution statistics information. - >- - Use customer managed encryption. If specified, either - `kms_key_name` or `kms_key_names` must contain valid Cloud KMS - key(s). - enum: - - ENCRYPTION_TYPE_UNSPECIFIED - - USE_CONFIG_DEFAULT_OR_BACKUP_ENCRYPTION - - GOOGLE_DEFAULT_ENCRYPTION - - CUSTOMER_MANAGED_ENCRYPTION - kmsKeyName: + This mode returns the query plan, overall execution statistics, + operator level execution statistics along with the results. This + has a performance overhead compared to the other modes. It isn't + recommended to use this mode for production traffic. + - >- + This mode returns the overall (but not operator-level) execution + statistics along with the results. + - >- + This mode returns the query plan, overall (but not operator-level) + execution statistics along with the results. + type: string + description: >- + Used to control the amount of debugging information returned in + ResultSetStats. If partition_token is set, query_mode can only be + set to QueryMode.NORMAL. + partitionToken: + format: byte + description: >- + If present, results are restricted to the specified partition + previously created using `PartitionQuery`. There must be an exact + match for the values of fields common to this message and the + `PartitionQueryRequest` message used to create this + `partition_token`. + type: string + transaction: + $ref: '#/components/schemas/TransactionSelector' + description: >- + The transaction to use. For queries, if none is provided, the + default is a temporary read-only transaction with strong + concurrency. Standard DML statements require a read-write + transaction. To protect against replays, single-use transactions are + not supported. The caller must either supply an existing transaction + ID or begin a new transaction. Partitioned DML requires an existing + Partitioned DML transaction ID. + directedReadOptions: + $ref: '#/components/schemas/DirectedReadOptions' + description: Directed read options for this request. + resumeToken: + format: byte description: >- - Optional. The Cloud KMS key that will be used to protect the backup. - This field should be set only when encryption_type is - `CUSTOMER_MANAGED_ENCRYPTION`. Values are of the form - `projects//locations//keyRings//cryptoKeys/`. + If this request is resuming a previously interrupted SQL statement + execution, `resume_token` should be copied from the last + PartialResultSet yielded before the interruption. Doing this enables + the new SQL statement execution to resume where the last one left + off. The rest of the request parameters must exactly match the + request that yielded this token. type: string - kmsKeyNames: + BackupInstancePartition: + properties: + instancePartition: description: >- - Optional. Specifies the KMS configuration for the one or more keys - used to protect the backup. Values are of the form - `projects//locations//keyRings//cryptoKeys/`. KMS keys specified can - be in any order. The keys referenced by `kms_key_names` must fully - cover all regions of the backup's instance configuration. Some - examples: * For regional (single-region) instance configurations, - specify a regional location KMS key. * For multi-region instance - configurations of type `GOOGLE_MANAGED`, either specify a - multi-region location KMS key or multiple regional location KMS keys - that cover all regions in the instance configuration. * For an - instance configuration of type `USER_MANAGED`, specify only regional - location KMS keys to cover each region in the instance - configuration. Multi-region location KMS keys aren't supported for - `USER_MANAGED` type instance configurations. - type: array - items: - type: string - ListBackupsResponse: - id: ListBackupsResponse - description: The response for ListBackups. + A unique identifier for the instance partition. Values are of the + form `projects//instances//instancePartitions/` + type: string + type: object + description: Instance partition information for the backup. + id: BackupInstancePartition + ExecuteBatchDmlResponse: + description: >- + The response for ExecuteBatchDml. Contains a list of ResultSet messages, + one for each DML statement that has successfully executed, in the same + order as the statements in the request. If a statement fails, the status + in the response body identifies the cause of the failure. To check for + DML statements that failed, use the following approach: 1. Check the + status in the response message. The google.rpc.Code enum value `OK` + indicates that all statements were executed successfully. 2. If the + status was not `OK`, check the number of result sets in the response. If + the response contains `N` ResultSet messages, then statement `N+1` in + the request failed. Example 1: * Request: 5 DML statements, all executed + successfully. * Response: 5 ResultSet messages, with the status `OK`. + Example 2: * Request: 5 DML statements. The third statement has a syntax + error. * Response: 2 ResultSet messages, and a syntax error + (`INVALID_ARGUMENT`) status. The number of ResultSet messages indicates + that the third statement failed, and the fourth and fifth statements + were not executed. + id: ExecuteBatchDmlResponse type: object properties: - backups: + precommitToken: description: >- - The list of matching backups. Backups returned are ordered by - `create_time` in descending order, starting from the most recent - `create_time`. + Optional. A precommit token is included if the read-write + transaction is on a multiplexed session. Pass the precommit token + with the highest sequence number from this transaction attempt + should be passed to the Commit request for this transaction. + $ref: '#/components/schemas/MultiplexedSessionPrecommitToken' + status: + description: >- + If all DML statements are executed successfully, the status is `OK`. + Otherwise, the error status of the first failed statement. + $ref: '#/components/schemas/Status' + resultSets: type: array - items: - $ref: '#/components/schemas/Backup' - nextPageToken: description: >- - `next_page_token` can be sent in a subsequent ListBackups call to - fetch more of the matching backups. - type: string - RestoreDatabaseRequest: - id: RestoreDatabaseRequest - description: The request for RestoreDatabase. + One ResultSet for each statement in the request that ran + successfully, in the same order as the statements in the request. + Each ResultSet does not contain any rows. The ResultSetStats in each + ResultSet contain the number of rows modified by the statement. Only + the first ResultSet in the response contains valid + ResultSetMetadata. + items: + $ref: '#/components/schemas/ResultSet' + UpdateDatabaseMetadata: type: object + description: Metadata type for the operation returned by UpdateDatabase. properties: - databaseId: - description: >- - Required. The id of the database to create and restore to. This - database must not already exist. The `database_id` appended to - `parent` forms the full database name of the form - `projects//instances//databases/`. - type: string - backup: + cancelTime: + format: google-datetime description: >- - Name of the backup from which to restore. Values are of the form - `projects//instances//backups/`. + The time at which this operation was cancelled. If set, this + operation is in the process of undoing itself (which is + best-effort). type: string - encryptionConfig: - description: >- - Optional. An encryption configuration describing the encryption type - and key resources in Cloud KMS used to encrypt/decrypt the database - to restore to. If this field is not specified, the restored database - will use the same encryption configuration as the backup by default, - namely encryption_type = `USE_CONFIG_DEFAULT_OR_BACKUP_ENCRYPTION`. - $ref: '#/components/schemas/RestoreDatabaseEncryptionConfig' - RestoreDatabaseEncryptionConfig: - id: RestoreDatabaseEncryptionConfig - description: Encryption configuration for the restored database. + request: + $ref: '#/components/schemas/UpdateDatabaseRequest' + description: The request for UpdateDatabase. + progress: + $ref: '#/components/schemas/OperationProgress' + description: The progress of the UpdateDatabase operation. + id: UpdateDatabaseMetadata + AdaptMessageRequest: type: object + description: Message sent by the client to the adapter. + id: AdaptMessageRequest properties: - encryptionType: - description: Required. The encryption type of the restored database. + attachments: + description: Optional. Opaque request state passed by the client to the server. + type: object + additionalProperties: + type: string + protocol: + description: Required. Identifier for the underlying wire protocol. type: string - enumDescriptions: - - Unspecified. Do not use. - - >- - This is the default option when encryption_config is not - specified. - - Use Google default encryption. - - >- - Use customer managed encryption. If specified, `kms_key_name` must - must contain a valid Cloud KMS key. - enum: - - ENCRYPTION_TYPE_UNSPECIFIED - - USE_CONFIG_DEFAULT_OR_BACKUP_ENCRYPTION - - GOOGLE_DEFAULT_ENCRYPTION - - CUSTOMER_MANAGED_ENCRYPTION - kmsKeyName: - description: >- - Optional. The Cloud KMS key that will be used to encrypt/decrypt the - restored database. This field should be set only when - encryption_type is `CUSTOMER_MANAGED_ENCRYPTION`. Values are of the - form `projects//locations//keyRings//cryptoKeys/`. + payload: type: string - kmsKeyNames: - description: >- - Optional. Specifies the KMS configuration for one or more keys used - to encrypt the database. Values have the form - `projects//locations//keyRings//cryptoKeys/`. The keys referenced by - `kms_key_names` must fully cover all regions of the database's - instance configuration. Some examples: * For regional - (single-region) instance configurations, specify a regional location - KMS key. * For multi-region instance configurations of type - `GOOGLE_MANAGED`, either specify a multi-region location KMS key or - multiple regional location KMS keys that cover all regions in the - instance configuration. * For an instance configuration of type - `USER_MANAGED`, specify only regional location KMS keys to cover - each region in the instance configuration. Multi-region location KMS - keys aren't supported for `USER_MANAGED` type instance - configurations. - type: array - items: - type: string - ListDatabaseOperationsResponse: - id: ListDatabaseOperationsResponse - description: The response for ListDatabaseOperations. + description: Optional. Uninterpreted bytes from the underlying wire protocol. + format: byte + ClientContext: type: object + properties: {} + id: ClientContext + description: >- + Container for various pieces of client-owned context attached to a + request. + ListOperationsResponse: + description: The response message for Operations.ListOperations. properties: - operations: + unreachable: description: >- - The list of matching database long-running operations. Each - operation's name will be prefixed by the database's name. The - operation's metadata field type `metadata.type_url` describes the - type of the metadata. - type: array + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. items: - $ref: '#/components/schemas/Operation' + type: string + type: array nextPageToken: - description: >- - `next_page_token` can be sent in a subsequent ListDatabaseOperations - call to fetch more of the matching metadata. + description: The standard List next-page token. type: string - ListBackupOperationsResponse: - id: ListBackupOperationsResponse - description: The response for ListBackupOperations. - type: object - properties: operations: - description: >- - The list of matching backup long-running operations. Each - operation's name will be prefixed by the backup's name. The - operation's metadata field type `metadata.type_url` describes the - type of the metadata. Operations returned include those that are - pending or have completed/failed/canceled within the last 7 days. - Operations returned are ordered by - `operation.metadata.value.progress.start_time` in descending order - starting from the most recently started operation. type: array + description: >- + A list of operations that matches the specified filter in the + request. items: $ref: '#/components/schemas/Operation' - nextPageToken: - description: >- - `next_page_token` can be sent in a subsequent ListBackupOperations - call to fetch more of the matching metadata. + id: ListOperationsResponse + type: object + MoveOutEvent: + type: object + description: >- + Describes move-out of the key ranges out of the change stream partition + identified by partition_token. To maintain processing the changes for a + particular key in timestamp order, the query processing the MoveOutEvent + in the partition identified by partition_token should inform the queries + processing the destination partitions that they can unblock and proceed + processing records past the commit_timestamp. + id: MoveOutEvent + properties: + destinationPartitionToken: type: string - ListDatabaseRolesResponse: - id: ListDatabaseRolesResponse - description: The response for ListDatabaseRoles. + description: >- + An unique partition identifier describing the destination change + stream partition that will record changes for the key range that is + moving out of this partition. + ColumnMetadata: + description: Metadata for a column. type: object properties: - databaseRoles: - description: Database roles that matched the request. - type: array - items: - $ref: '#/components/schemas/DatabaseRole' - nextPageToken: + ordinalPosition: description: >- - `next_page_token` can be sent in a subsequent ListDatabaseRoles call - to fetch more of the matching roles. + Ordinal position of the column based on the original table + definition in the schema starting with a value of 1. + format: int64 type: string - DatabaseRole: - id: DatabaseRole - description: A Cloud Spanner database role. + isPrimaryKey: + type: boolean + description: Indicates whether the column is a primary key column. + name: + type: string + description: Name of the column. + type: + $ref: '#/components/schemas/Type' + description: Type of the column. + id: ColumnMetadata + Field: type: object + id: Field + description: Message representing a single field of a struct. properties: name: - description: >- - Required. The name of the database role. Values are of the form - `projects//instances//databases//databaseRoles/` where `` is as - specified in the `CREATE ROLE` DDL statement. type: string - AddSplitPointsRequest: - id: AddSplitPointsRequest - description: The request for AddSplitPoints. - type: object + description: >- + The name of the field. For reads, this is the column name. For SQL + queries, it is the column alias (e.g., `"Word"` in the query + `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` + in the query `"SELECT ColName FROM Table"`). Some columns might have + an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query + result can contain multiple fields with the same name. + type: + description: The type of the field. + $ref: '#/components/schemas/Type' + DataChangeRecord: + description: >- + A data change record contains a set of changes to a table with the same + modification type (insert, update, or delete) committed at the same + commit timestamp in one change stream partition for the same + transaction. Multiple data change records can be returned for the same + transaction across multiple change stream partitions. properties: - splitPoints: - description: Required. The split points to add. + columnMetadata: type: array + description: >- + Provides metadata describing the columns associated with the mods + listed below. items: - $ref: '#/components/schemas/SplitPoints' - initiator: + $ref: '#/components/schemas/ColumnMetadata' + mods: + description: Describes the changes that were made. + type: array + items: + $ref: '#/components/schemas/Mod' + numberOfRecordsInTransaction: + type: integer + format: int32 description: >- - Optional. A user-supplied tag associated with the split points. For - example, "initial_data_load", "special_event_1". Defaults to - "CloudAddSplitPointsAPI" if not specified. The length of the tag - must not exceed 50 characters, or else it is trimmed. Only valid - UTF8 characters are allowed. + Indicates the number of data change records that are part of this + transaction across all change stream partitions. This value can be + used to assemble all the records associated with a particular + transaction. + transactionTag: + description: Indicates the transaction tag associated with this transaction. type: string - SplitPoints: - id: SplitPoints - description: The split points of a table or an index. - type: object - properties: - table: - description: The table to split. + valueCaptureType: type: string - index: + enum: + - VALUE_CAPTURE_TYPE_UNSPECIFIED + - OLD_AND_NEW_VALUES + - NEW_VALUES + - NEW_ROW + - NEW_ROW_AND_OLD_VALUES + enumDescriptions: + - Not specified. + - Records both old and new values of the modified watched columns. + - Records only new values of the modified watched columns. + - >- + Records new values of all watched columns, including modified and + unmodified columns. + - >- + Records the new values of all watched columns, including modified + and unmodified columns. Also records the old values of the + modified columns. description: >- - The index to split. If specified, the `table` field must refer to - the index's base table. - type: string - keys: - description: Required. The list of split keys. In essence, the split boundaries. - type: array - items: - $ref: '#/components/schemas/Key' - expireTime: + Describes the value capture type that was specified in the change + stream configuration when this change was captured. + commitTimestamp: description: >- - Optional. The expiration timestamp of the split points. A timestamp - in the past means immediate expiration. The maximum value can be 30 - days in the future. Defaults to 10 days in the future if not - specified. + Indicates the timestamp in which the change was committed. + DataChangeRecord.commit_timestamps, + PartitionStartRecord.start_timestamps, + PartitionEventRecord.commit_timestamps, and + PartitionEndRecord.end_timestamps can have the same value in the + same partition. type: string format: google-datetime - Key: - id: Key - description: A split key. - type: object - properties: - keyParts: - description: Required. The column values making up the split key. - type: array - items: - type: any - AddSplitPointsResponse: - id: AddSplitPointsResponse - description: The response for AddSplitPoints. - type: object - properties: {} - BackupSchedule: - id: BackupSchedule - description: >- - BackupSchedule expresses the automated backup creation specification for - a Spanner database. - type: object - properties: - name: - description: >- - Identifier. Output only for the CreateBackupSchedule operation. - Required for the UpdateBackupSchedule operation. A globally unique - identifier for the backup schedule which cannot be changed. Values - are of the form - `projects//instances//databases//backupSchedules/a-z*[a-z0-9]` The - final segment of the name must be between 2 and 60 characters in - length. + recordSequence: type: string - spec: description: >- - Optional. The schedule specification based on which the backup - creations are triggered. - $ref: '#/components/schemas/BackupScheduleSpec' - retentionDuration: + Record sequence numbers are unique and monotonically increasing (but + not necessarily contiguous) for a specific timestamp across record + types in the same partition. To guarantee ordered processing, the + reader should process records (of potentially different types) in + record_sequence order for a specific timestamp in the same + partition. The record sequence number ordering across partitions is + only meaningful in the context of a specific transaction. Record + sequence numbers are unique across partitions for a specific + transaction. Sort the DataChangeRecords for the same + server_transaction_id by record_sequence to reconstruct the ordering + of the changes within the transaction. + table: + description: Name of the table affected by the change. + type: string + modType: + type: string + description: Describes the type of change. + enumDescriptions: + - Not specified. + - Indicates data was inserted. + - Indicates existing data was updated. + - Indicates existing data was deleted. + enum: + - MOD_TYPE_UNSPECIFIED + - INSERT + - UPDATE + - DELETE + serverTransactionId: description: >- - Optional. The retention duration of a backup that must be at least 6 - hours and at most 366 days. The backup is eligible to be - automatically deleted once the retention period has elapsed. + Provides a globally unique string that represents the transaction in + which the change was committed. Multiple transactions can have the + same commit timestamp, but each transaction has a unique + server_transaction_id. type: string - format: google-duration - encryptionConfig: + numberOfPartitionsInTransaction: + type: integer description: >- - Optional. The encryption configuration that is used to encrypt the - backup. If this field is not specified, the backup uses the same - encryption configuration as the database. - $ref: '#/components/schemas/CreateBackupEncryptionConfig' - fullBackupSpec: - description: The schedule creates only full backups. - $ref: '#/components/schemas/FullBackupSpec' - incrementalBackupSpec: - description: The schedule creates incremental backup chains. - $ref: '#/components/schemas/IncrementalBackupSpec' - updateTime: + Indicates the number of partitions that return data change records + for this transaction. This value can be helpful in assembling all + records associated with a particular transaction. + format: int32 + isSystemTransaction: + type: boolean description: >- - Output only. The timestamp at which the schedule was last updated. - If the schedule has never been updated, this field contains the - timestamp when the schedule was first created. - readOnly: true - type: string - format: google-datetime - BackupScheduleSpec: - id: BackupScheduleSpec - description: Defines specifications of the backup schedule. + Indicates whether the transaction is a system transaction. System + transactions include those issued by time-to-live (TTL), column + backfill, etc. + isLastRecordInTransactionInPartition: + description: >- + Indicates whether this is the last record for a transaction in the + current partition. Clients can use this field to determine when all + records for a transaction in the current partition have been + received. + type: boolean + id: DataChangeRecord type: object - properties: - cronSpec: - description: Cron style schedule specification. - $ref: '#/components/schemas/CrontabSpec' - CrontabSpec: - id: CrontabSpec - description: >- - CrontabSpec can be used to specify the version time and frequency at - which the backup is created. + MutationGroup: + id: MutationGroup type: object + description: >- + A group of mutations to be committed together. Related mutations should + be placed in a group. For example, two mutations inserting rows with the + same primary key prefix in both parent and child tables are related. + properties: + mutations: + items: + $ref: '#/components/schemas/Mutation' + description: Required. The mutations in this group. + type: array + Partition: + description: Information returned for each partition returned in a PartitionResponse. + id: Partition properties: - text: + partitionToken: description: >- - Required. Textual representation of the crontab. User can customize - the backup frequency and the backup version time using the cron - expression. The version time must be in UTC timezone. The backup - will contain an externally consistent copy of the database at the - version time. Full backups must be scheduled a minimum of 12 hours - apart and incremental backups must be scheduled a minimum of 4 hours - apart. Examples of valid cron specifications: * `0 2/12 * * *` : - every 12 hours at (2, 14) hours past midnight in UTC. * `0 2,14 * * - *` : every 12 hours at (2, 14) hours past midnight in UTC. * `0 */4 - * * *` : (incremental backups only) every 4 hours at (0, 4, 8, 12, - 16, 20) hours past midnight in UTC. * `0 2 * * *` : once a day at 2 - past midnight in UTC. * `0 2 * * 0` : once a week every Sunday at 2 - past midnight in UTC. * `0 2 8 * *` : once a month on 8th day at 2 - past midnight in UTC. + This token can be passed to `Read`, `StreamingRead`, `ExecuteSql`, + or `ExecuteStreamingSql` requests to restrict the results to those + identified by this partition token. type: string - timeZone: + format: byte + type: object + DirectedReadOptions: + id: DirectedReadOptions + type: object + description: >- + The `DirectedReadOptions` can be used to indicate which replicas or + regions should be used for non-transactional reads or queries. + `DirectedReadOptions` can only be specified for a read-only transaction, + otherwise the API returns an `INVALID_ARGUMENT` error. + properties: + includeReplicas: description: >- - Output only. The time zone of the times in `CrontabSpec.text`. - Currently, only UTC is supported. - readOnly: true - type: string - creationWindow: + `Include_replicas` indicates the order of replicas (as they appear + in this list) to process the request. If `auto_failover_disabled` is + set to `true` and all replicas are exhausted without finding a + healthy replica, Spanner waits for a replica in the list to become + available, requests might fail due to `DEADLINE_EXCEEDED` errors. + $ref: '#/components/schemas/IncludeReplicas' + excludeReplicas: description: >- - Output only. Scheduled backups contain an externally consistent copy - of the database at the version time specified in - `schedule_spec.cron_spec`. However, Spanner might not initiate the - creation of the scheduled backups at that version time. Spanner - initiates the creation of scheduled backups within the time window - bounded by the version_time specified in `schedule_spec.cron_spec` - and version_time + `creation_window`. - readOnly: true - type: string - format: google-duration - CreateBackupEncryptionConfig: - id: CreateBackupEncryptionConfig - description: Encryption configuration for the backup to create. + `Exclude_replicas` indicates that specified replicas should be + excluded from serving requests. Spanner doesn't route requests to + the replicas in this list. + $ref: '#/components/schemas/ExcludeReplicas' + PartitionedDml: + description: Message type to initiate a Partitioned DML transaction. + id: PartitionedDml type: object + properties: {} + UpdateDatabaseDdlMetadata: properties: - encryptionType: - description: Required. The encryption type of the backup. - type: string - enumDescriptions: - - Unspecified. Do not use. - - >- - Use the same encryption configuration as the database. This is the - default option when encryption_config is empty. For example, if - the database is using `Customer_Managed_Encryption`, the backup - will be using the same Cloud KMS key as the database. - - Use Google default encryption. - - >- - Use customer managed encryption. If specified, `kms_key_name` must - contain a valid Cloud KMS key. - enum: - - ENCRYPTION_TYPE_UNSPECIFIED - - USE_DATABASE_ENCRYPTION - - GOOGLE_DEFAULT_ENCRYPTION - - CUSTOMER_MANAGED_ENCRYPTION - kmsKeyName: + progress: description: >- - Optional. The Cloud KMS key that will be used to protect the backup. - This field should be set only when encryption_type is - `CUSTOMER_MANAGED_ENCRYPTION`. Values are of the form - `projects//locations//keyRings//cryptoKeys/`. + The progress of the UpdateDatabaseDdl operations. All DDL statements + will have continuously updating progress, and `progress[i]` is the + operation progress for `statements[i]`. Also, `progress[i]` will + have start time and end time populated with commit timestamp of + operation, as well as a progress of 100% once the operation has + completed. + type: array + items: + $ref: '#/components/schemas/OperationProgress' + statements: + type: array + description: >- + For an update this list contains all the statements. For an + individual statement, this list contains only that statement. + items: + type: string + database: + description: The database being modified. type: string - kmsKeyNames: + throttled: + type: boolean + readOnly: true description: >- - Optional. Specifies the KMS configuration for the one or more keys - used to protect the backup. Values are of the form - `projects//locations//keyRings//cryptoKeys/`. The keys referenced by - `kms_key_names` must fully cover all regions of the backup's - instance configuration. Some examples: * For regional - (single-region) instance configurations, specify a regional location - KMS key. * For multi-region instance configurations of type - `GOOGLE_MANAGED`, either specify a multi-region location KMS key or - multiple regional location KMS keys that cover all regions in the - instance configuration. * For an instance configuration of type - `USER_MANAGED`, specify only regional location KMS keys to cover - each region in the instance configuration. Multi-region location KMS - keys aren't supported for `USER_MANAGED` type instance - configurations. + Output only. When true, indicates that the operation is throttled, + for example, due to resource constraints. When resources become + available the operation will resume and this field will be false + again. + commitTimestamps: type: array items: + format: google-datetime type: string - FullBackupSpec: - id: FullBackupSpec - description: >- - The specification for full backups. A full backup stores the entire - contents of the database at a given version time. - type: object - properties: {} - IncrementalBackupSpec: - id: IncrementalBackupSpec - description: >- - The specification for incremental backup chains. An incremental backup - stores the delta of changes between a previous backup and the database - contents at a given version time. An incremental backup chain consists - of a full backup and zero or more successive incremental backups. The - first backup created for an incremental backup chain is always a full - backup. - type: object - properties: {} - ListBackupSchedulesResponse: - id: ListBackupSchedulesResponse - description: The response for ListBackupSchedules. + description: >- + Reports the commit timestamps of all statements that have succeeded + so far, where `commit_timestamps[i]` is the commit timestamp for the + statement `statements[i]`. + actions: + items: + $ref: '#/components/schemas/DdlStatementActionInfo' + description: >- + The brief action info for the DDL statements. `actions[i]` is the + brief info for `statements[i]`. + type: array + id: UpdateDatabaseDdlMetadata + description: Metadata type for the operation returned by UpdateDatabaseDdl. type: object + AddSplitPointsRequest: properties: - backupSchedules: - description: The list of backup schedules for a database. + splitPoints: type: array + description: Required. The split points to add. items: - $ref: '#/components/schemas/BackupSchedule' - nextPageToken: + $ref: '#/components/schemas/SplitPoints' + initiator: description: >- - `next_page_token` can be sent in a subsequent ListBackupSchedules - call to fetch more of the schedules. + Optional. A user-supplied tag associated with the split points. For + example, "initial_data_load", "special_event_1". Defaults to + "CloudAddSplitPointsAPI" if not specified. The length of the tag + must not exceed 50 characters, or else it is trimmed. Only valid + UTF8 characters are allowed. type: string - CreateSessionRequest: - id: CreateSessionRequest - description: The request for CreateSession. - type: object - properties: - session: - description: Required. The session to create. - $ref: '#/components/schemas/Session' - Session: - id: Session - description: A session in the Cloud Spanner API. + description: The request for AddSplitPoints. type: object + id: AddSplitPointsRequest + IndexAdvice: + id: IndexAdvice properties: - name: - description: >- - Output only. The name of the session. This is always - system-assigned. - readOnly: true - type: string - labels: + improvementFactor: + format: double + type: number description: >- - The labels for the session. * Label keys must be between 1 and 63 - characters long and must conform to the following regular - expression: `[a-z]([-a-z0-9]*[a-z0-9])?`. * Label values must be - between 0 and 63 characters long and must conform to the regular - expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`. * No more than 64 labels - can be associated with a given session. See https://goo.gl/xmQnxf - for more information on and examples of labels. - type: object - additionalProperties: + Optional. Estimated latency improvement factor. For example if the + query currently takes 500 ms to run and the estimated latency with + new indexes is 100 ms this field will be 5. + ddl: + items: type: string - createTime: - description: Output only. The timestamp when the session is created. - readOnly: true - type: string - format: google-datetime - approximateLastUseTime: - description: >- - Output only. The approximate timestamp when the session is last - used. It's typically earlier than the actual last use time. - readOnly: true - type: string - format: google-datetime - creatorRole: - description: The database role which created this session. - type: string - multiplexed: + type: array description: >- - Optional. If `true`, specifies a multiplexed session. Use a - multiplexed session for multiple, concurrent read-only operations. - Don't use them for read-write transactions, partitioned reads, or - partitioned queries. Use `sessions.create` to create multiplexed - sessions. Don't use BatchCreateSessions to create a multiplexed - session. You can't delete or list multiplexed sessions. - type: boolean - BatchCreateSessionsRequest: - id: BatchCreateSessionsRequest - description: The request for BatchCreateSessions. + Optional. DDL statements to add new indexes that will improve the + query. + description: Recommendation to add new indexes to run queries more efficiently. + type: object + MetricMatrix: + description: A message representing a matrix of floats. + id: MetricMatrix + properties: + rows: + type: array + items: + $ref: '#/components/schemas/MetricMatrixRow' + description: The rows of the matrix. type: object + GetPolicyOptions: + id: GetPolicyOptions properties: - sessionTemplate: - description: Parameters to apply to each created session. - $ref: '#/components/schemas/Session' - sessionCount: + requestedPolicyVersion: description: >- - Required. The number of sessions to be created in this batch call. - The API can return fewer than the requested number of sessions. If a - specific number of sessions are desired, the client can make - additional calls to `BatchCreateSessions` (adjusting session_count - as necessary). + Optional. The maximum policy version that will be used to format the + policy. Valid values are 0, 1, and 3. Requests specifying an invalid + value will be rejected. Requests for policies with any conditional + role bindings must specify version 3. Policies with no conditional + role bindings may specify any valid value or leave the field unset. + The policy in the response might use the policy version that you + specified, or it might use a lower policy version. For example, if + you specify version 3, but the policy has no conditional role + bindings, the response uses version 1. To learn which resources + support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). type: integer format: int32 - BatchCreateSessionsResponse: - id: BatchCreateSessionsResponse - description: The response for BatchCreateSessions. type: object + description: Encapsulates settings provided to GetIamPolicy. + AdapterSession: + id: AdapterSession properties: - session: - description: The freshly created sessions. - type: array - items: - $ref: '#/components/schemas/Session' - ListSessionsResponse: - id: ListSessionsResponse - description: The response for ListSessions. + name: + description: Identifier. The name of the session. This is always system-assigned. + type: string + description: A session in the Cloud Spanner Adapter API. + type: object + CommitStats: + description: Additional statistics about a commit. type: object properties: - sessions: - description: The list of requested sessions. - type: array - items: - $ref: '#/components/schemas/Session' - nextPageToken: + mutationCount: description: >- - `next_page_token` can be sent in a subsequent ListSessions call to - fetch more of the matching sessions. + The total number of mutations for the transaction. Knowing the + `mutation_count` value can help you maximize the number of mutations + in a transaction and minimize the number of API round trips. You can + also monitor this value to prevent transactions from exceeding the + system + [limit](https://cloud.google.com/spanner/quotas#limits_for_creating_reading_updating_and_deleting_data). + If the number of mutations exceeds the limit, the server returns + [INVALID_ARGUMENT](https://cloud.google.com/spanner/docs/reference/rest/v1/Code#ENUM_VALUES.INVALID_ARGUMENT). type: string - ExecuteSqlRequest: - id: ExecuteSqlRequest - description: The request for ExecuteSql and ExecuteStreamingSql. - type: object + format: int64 + id: CommitStats + BackupSchedule: properties: - transaction: - description: >- - The transaction to use. For queries, if none is provided, the - default is a temporary read-only transaction with strong - concurrency. Standard DML statements require a read-write - transaction. To protect against replays, single-use transactions are - not supported. The caller must either supply an existing transaction - ID or begin a new transaction. Partitioned DML requires an existing - Partitioned DML transaction ID. - $ref: '#/components/schemas/TransactionSelector' - sql: - description: Required. The SQL string. + updateTime: + format: google-datetime + readOnly: true type: string - params: - description: >- - Parameter names and values that bind to placeholders in the SQL - string. A parameter placeholder consists of the `@` character - followed by the parameter name (for example, `@firstName`). - Parameter names must conform to the naming requirements of - identifiers as specified at - https://cloud.google.com/spanner/docs/lexical#identifiers. - Parameters can appear anywhere that a literal value is expected. The - same parameter name can be used more than once, for example: `"WHERE - id > @msg_id AND id < @msg_id + 100"` It's an error to execute a SQL - statement with unbound parameters. - type: object - additionalProperties: - type: any - description: Properties of the object. - paramTypes: - description: >- - It isn't always possible for Cloud Spanner to infer the right SQL - type from a JSON value. For example, values of type `BYTES` and - values of type `STRING` both appear in params as JSON strings. In - these cases, you can use `param_types` to specify the exact SQL type - for some or all of the SQL statement parameters. See the definition - of Type for more information about SQL types. - type: object - additionalProperties: - $ref: '#/components/schemas/Type' - resumeToken: description: >- - If this request is resuming a previously interrupted SQL statement - execution, `resume_token` should be copied from the last - PartialResultSet yielded before the interruption. Doing this enables - the new SQL statement execution to resume where the last one left - off. The rest of the request parameters must exactly match the - request that yielded this token. - type: string - format: byte - queryMode: + Output only. The timestamp at which the schedule was last updated. + If the schedule has never been updated, this field contains the + timestamp when the schedule was first created. + retentionDuration: description: >- - Used to control the amount of debugging information returned in - ResultSetStats. If partition_token is set, query_mode can only be - set to QueryMode.NORMAL. + Optional. The retention duration of a backup that must be at least 6 + hours and at most 366 days. The backup is eligible to be + automatically deleted once the retention period has elapsed. type: string - enumDescriptions: - - The default mode. Only the statement results are returned. - - >- - This mode returns only the query plan, without any results or - execution statistics information. - - >- - This mode returns the query plan, overall execution statistics, - operator level execution statistics along with the results. This - has a performance overhead compared to the other modes. It isn't - recommended to use this mode for production traffic. - - >- - This mode returns the overall (but not operator-level) execution - statistics along with the results. - - >- - This mode returns the query plan, overall (but not operator-level) - execution statistics along with the results. - enum: - - NORMAL - - PLAN - - PROFILE - - WITH_STATS - - WITH_PLAN_AND_STATS - partitionToken: + format: google-duration + fullBackupSpec: + $ref: '#/components/schemas/FullBackupSpec' + description: The schedule creates only full backups. + spec: description: >- - If present, results are restricted to the specified partition - previously created using `PartitionQuery`. There must be an exact - match for the values of fields common to this message and the - `PartitionQueryRequest` message used to create this - `partition_token`. - type: string - format: byte - seqno: + Optional. The schedule specification based on which the backup + creations are triggered. + $ref: '#/components/schemas/BackupScheduleSpec' + name: description: >- - A per-transaction sequence number used to identify this request. - This field makes each request idempotent such that if the request is - received multiple times, at most one succeeds. The sequence number - must be monotonically increasing within the transaction. If a - request arrives for the first time with an out-of-order sequence - number, the transaction can be aborted. Replays of previously - handled requests yield the same response as the first execution. - Required for DML statements. Ignored for queries. + Identifier. Output only for the CreateBackupSchedule operation. + Required for the UpdateBackupSchedule operation. A globally unique + identifier for the backup schedule which cannot be changed. Values + are of the form + `projects//instances//databases//backupSchedules/a-z*[a-z0-9]` The + final segment of the name must be between 2 and 60 characters in + length. type: string - format: int64 - queryOptions: - description: Query optimizer configuration to use for the given query. - $ref: '#/components/schemas/QueryOptions' - requestOptions: - description: Common options for this request. - $ref: '#/components/schemas/RequestOptions' - directedReadOptions: - description: Directed read options for this request. - $ref: '#/components/schemas/DirectedReadOptions' - dataBoostEnabled: - description: >- - If this is for a partitioned query and this field is set to `true`, - the request is executed with Spanner Data Boost independent compute - resources. If the field is set to `true` but the request doesn't set - `partition_token`, the API returns an `INVALID_ARGUMENT` error. - type: boolean - lastStatement: + encryptionConfig: description: >- - Optional. If set to `true`, this statement marks the end of the - transaction. After this statement executes, you must commit or abort - the transaction. Attempts to execute any other requests against this - transaction (including reads and queries) are rejected. For DML - statements, setting this option might cause some error reporting to - be deferred until commit time (for example, validation of unique - constraints). Given this, successful execution of a DML statement - shouldn't be assumed until a subsequent `Commit` call completes - successfully. - type: boolean - TransactionSelector: - id: TransactionSelector - description: >- - This message is used to select the transaction in which a Read or - ExecuteSql call runs. See TransactionOptions for more information about - transactions. + Optional. The encryption configuration that is used to encrypt the + backup. If this field is not specified, the backup uses the same + encryption configuration as the database. + $ref: '#/components/schemas/CreateBackupEncryptionConfig' + incrementalBackupSpec: + description: The schedule creates incremental backup chains. + $ref: '#/components/schemas/IncrementalBackupSpec' type: object + id: BackupSchedule + description: >- + BackupSchedule expresses the automated backup creation specification for + a Spanner database. + MoveInEvent: properties: - singleUse: + sourcePartitionToken: description: >- - Execute the read or SQL query in a temporary transaction. This is - the most efficient way to execute a transaction that consists of a - single SQL query. - $ref: '#/components/schemas/TransactionOptions' - id: - description: Execute the read or SQL query in a previously-started transaction. + An unique partition identifier describing the source change stream + partition that recorded changes for the key range that is moving + into this partition. type: string - format: byte - begin: - description: >- - Begin a new transaction and execute this read or SQL query in it. - The transaction ID of the new transaction is returned in - ResultSetMetadata.transaction, which is a Transaction. - $ref: '#/components/schemas/TransactionOptions' - TransactionOptions: - id: TransactionOptions - description: Options to use for transactions. + id: MoveInEvent + description: >- + Describes move-in of the key ranges into the change stream partition + identified by partition_token. To maintain processing the changes for a + particular key in timestamp order, the query processing the change + stream partition identified by partition_token should not advance beyond + the partition event record commit timestamp until the queries processing + the source change stream partitions have processed all change stream + records with timestamps <= the partition event record commit timestamp. type: object + TransactionOptions: properties: - readWrite: - description: >- - Transaction may write. Authorization to begin a read-write - transaction requires - `spanner.databases.beginOrRollbackReadWriteTransaction` permission - on the `session` resource. - $ref: '#/components/schemas/ReadWrite' partitionedDml: + $ref: '#/components/schemas/PartitionedDml' description: >- Partitioned DML transaction. Authorization to begin a Partitioned DML transaction requires `spanner.databases.beginPartitionedDmlTransaction` permission on the `session` resource. - $ref: '#/components/schemas/PartitionedDml' - readOnly: - description: >- - Transaction does not write. Authorization to begin a read-only - transaction requires `spanner.databases.beginReadOnlyTransaction` - permission on the `session` resource. - $ref: '#/components/schemas/ReadOnly' excludeTxnFromChangeStreams: + type: boolean description: >- When `exclude_txn_from_change_streams` is set to `true`, it prevents read or write transactions from being tracked in change streams. * @@ -3420,10 +2625,20 @@ components: The `exclude_txn_from_change_streams` option can only be specified for read-write or partitioned DML transactions, otherwise the API returns an `INVALID_ARGUMENT` error. - type: boolean + readWrite: + $ref: '#/components/schemas/ReadWrite' + description: >- + Transaction may write. Authorization to begin a read-write + transaction requires + `spanner.databases.beginOrRollbackReadWriteTransaction` permission + on the `session` resource. + readOnly: + description: >- + Transaction does not write. Authorization to begin a read-only + transaction requires `spanner.databases.beginReadOnlyTransaction` + permission on the `session` resource. + $ref: '#/components/schemas/ReadOnly' isolationLevel: - description: Isolation level for the transaction. - type: string enumDescriptions: - >- Default value. If the value is not specified, the `SERIALIZABLE` @@ -3435,8 +2650,8 @@ components: assigns commit timestamps that reflect the order of committed transactions to implement this property. Spanner offers a stronger guarantee than serializability called external consistency. For - further details, please refer to - https://cloud.google.com/spanner/docs/true-time-external-consistency#serializability. + more information, see [TrueTime and external + consistency](https://cloud.google.com/spanner/docs/true-time-external-consistency#serializability). - >- All reads performed during the transaction observe a consistent snapshot of the database, and the transaction is only successfully @@ -3444,1164 +2659,1333 @@ components: concurrent updates that have occurred since that snapshot. Consequently, in contrast to `SERIALIZABLE` transactions, only write-write conflicts are detected in snapshot transactions. This - isolation level does not support Read-only and Partitioned DML + isolation level does not support read-only and partitioned DML transactions. When `REPEATABLE_READ` is specified on a read-write transaction, the locking semantics default to `OPTIMISTIC`. + description: Isolation level for the transaction. enum: - ISOLATION_LEVEL_UNSPECIFIED - SERIALIZABLE - REPEATABLE_READ - ReadWrite: - id: ReadWrite + type: string + type: object + description: Options to use for transactions. + id: TransactionOptions + LocalizedString: + properties: + message: + type: string + description: >- + The canonical English version of this message. If no token is + provided or the front-end has no message associated with the token, + this text will be displayed as-is. + args: + description: >- + A map of arguments used when creating the localized message. Keys + represent parameter names which may be used by the localized version + when substituting dynamic values. + additionalProperties: + type: string + type: object + token: + description: >- + The token identifying the message, e.g. 'METRIC_READ_CPU'. This + should be unique within the service. + type: string + type: object description: >- - Message type to initiate a read-write transaction. Currently this - transaction type has no options. + A message representing a user-facing string whose value may need to be + translated before being displayed. + id: LocalizedString + CreateInstanceMetadata: + id: CreateInstanceMetadata + properties: + startTime: + type: string + format: google-datetime + description: The time at which the CreateInstance request was received. + instance: + description: The instance being created. + $ref: '#/components/schemas/Instance' + cancelTime: + type: string + format: google-datetime + description: >- + The time at which this operation was cancelled. If set, this + operation is in the process of undoing itself (which is guaranteed + to succeed) and cannot be cancelled again. + expectedFulfillmentPeriod: + description: The expected fulfillment period of this create operation. + enum: + - FULFILLMENT_PERIOD_UNSPECIFIED + - FULFILLMENT_PERIOD_NORMAL + - FULFILLMENT_PERIOD_EXTENDED + enumDescriptions: + - Not specified. + - >- + Normal fulfillment period. The operation is expected to complete + within minutes. + - >- + Extended fulfillment period. It can take up to an hour for the + operation to complete. + type: string + endTime: + type: string + description: >- + The time at which this operation failed or was completed + successfully. + format: google-datetime + type: object + description: Metadata type for the operation returned by CreateInstance. + InstanceReplicaSelection: + properties: + location: + description: >- + Required. Name of the location of the replicas (for example, + "us-central1"). + type: string + id: InstanceReplicaSelection + type: object + description: ReplicaSelection identifies replicas with common properties. + ChangeQuorumRequest: + description: The request for ChangeQuorum. + id: ChangeQuorumRequest + properties: + quorumType: + $ref: '#/components/schemas/QuorumType' + description: Required. The type of this quorum. + etag: + type: string + description: >- + Optional. The etag is the hash of the `QuorumInfo`. The + `ChangeQuorum` operation is only performed if the etag matches that + of the `QuorumInfo` in the current database resource. Otherwise the + API returns an `ABORTED` error. The etag is used for optimistic + concurrency control as a way to help prevent simultaneous change + quorum requests that could create a race condition. + name: + type: string + description: >- + Required. Name of the database in which to apply `ChangeQuorum`. + Values are of the form `projects//instances//databases/`. + type: object + CrontabSpec: + id: CrontabSpec + description: >- + CrontabSpec can be used to specify the version time and frequency at + which the backup is created. + type: object + properties: + creationWindow: + readOnly: true + description: >- + Output only. Scheduled backups contain an externally consistent copy + of the database at the version time specified in + `schedule_spec.cron_spec`. However, Spanner might not initiate the + creation of the scheduled backups at that version time. Spanner + initiates the creation of scheduled backups within the time window + bounded by the version_time specified in `schedule_spec.cron_spec` + and version_time + `creation_window`. + format: google-duration + type: string + timeZone: + description: >- + Output only. The time zone of the times in `CrontabSpec.text`. + Currently, only UTC is supported. + type: string + readOnly: true + text: + description: >- + Required. Textual representation of the crontab. User can customize + the backup frequency and the backup version time using the cron + expression. The version time must be in UTC timezone. The backup + will contain an externally consistent copy of the database at the + version time. Full backups must be scheduled a minimum of 12 hours + apart and incremental backups must be scheduled a minimum of 4 hours + apart. Examples of valid cron specifications: * `0 2/12 * * *` : + every 12 hours at (2, 14) hours past midnight in UTC. * `0 2,14 * * + *` : every 12 hours at (2, 14) hours past midnight in UTC. * `0 */4 + * * *` : (incremental backups only) every 4 hours at (0, 4, 8, 12, + 16, 20) hours past midnight in UTC. * `0 2 * * *` : once a day at 2 + past midnight in UTC. * `0 2 * * 0` : once a week every Sunday at 2 + past midnight in UTC. * `0 2 8 * *` : once a month on 8th day at 2 + past midnight in UTC. + type: string + Write: + id: Write + description: Arguments to insert, update, insert_or_update, and replace operations. + type: object + properties: + table: + description: Required. The table whose rows will be written. + type: string + values: + type: array + items: + type: array + items: + type: any + description: >- + The values to be written. `values` can contain more than one list of + values. If it does, then multiple rows are written, one for each + entry in `values`. Each list in `values` must have exactly as many + entries as there are entries in columns above. Sending multiple + lists is equivalent to sending multiple `Mutation`s, each containing + one `values` entry and repeating table and columns. Individual + values in each list are encoded as described here. + columns: + type: array + description: >- + The names of the columns in table to be written. The list of columns + must contain enough columns to allow Cloud Spanner to derive values + for all primary key columns in the row(s) to be modified. + items: + type: string + ReplicaComputeCapacity: + description: >- + ReplicaComputeCapacity describes the amount of server resources that are + allocated to each replica identified by the replica selection. + type: object + properties: + nodeCount: + format: int32 + description: >- + The number of nodes allocated to each replica. This may be zero in + API responses for instances that are not yet in state `READY`. + type: integer + processingUnits: + format: int32 + description: >- + The number of processing units allocated to each replica. This may + be zero in API responses for instances that are not yet in state + `READY`. + type: integer + replicaSelection: + $ref: '#/components/schemas/InstanceReplicaSelection' + description: >- + Required. Identifies replicas by specified properties. All replicas + in the selection have the same amount of compute capacity. + id: ReplicaComputeCapacity + CreateSessionRequest: + properties: + session: + $ref: '#/components/schemas/Session' + description: Required. The session to create. + description: The request for CreateSession. + id: CreateSessionRequest + type: object + ListInstancePartitionsResponse: + properties: + instancePartitions: + type: array + description: The list of requested instancePartitions. + items: + $ref: '#/components/schemas/InstancePartition' + nextPageToken: + type: string + description: >- + `next_page_token` can be sent in a subsequent ListInstancePartitions + call to fetch more of the matching instance partitions. + unreachable: + description: >- + The list of unreachable instances or instance partitions. It + includes the names of instances or instance partitions whose + metadata could not be retrieved within instance_partition_deadline. + items: + type: string + type: array + description: The response for ListInstancePartitions. + id: ListInstancePartitionsResponse + type: object + CommitResponse: type: object properties: - readLockMode: - description: Read lock mode for the transaction. + commitStats: + description: >- + The statistics about this `Commit`. Not returned by default. For + more information, see CommitRequest.return_commit_stats. + $ref: '#/components/schemas/CommitStats' + commitTimestamp: + format: google-datetime type: string - enumDescriptions: - - >- - Default value. * If isolation level is REPEATABLE_READ, then it is - an error to specify `read_lock_mode`. Locking semantics default to - `OPTIMISTIC`. No validation checks are done for reads, except to - validate that the data that was served at the snapshot time is - unchanged at commit time in the following cases: 1. reads done as - part of queries that use `SELECT FOR UPDATE` 2. reads done as part - of statements with a `LOCK_SCANNED_RANGES` hint 3. reads done as - part of DML statements * At all other isolation levels, if - `read_lock_mode` is the default value, then pessimistic read locks - are used. - - >- - Pessimistic lock mode. Read locks are acquired immediately on - read. Semantics described only applies to SERIALIZABLE isolation. - - >- - Optimistic lock mode. Locks for reads within the transaction are - not acquired on read. Instead the locks are acquired on a commit - to validate that read/queried data has not changed since the - transaction started. Semantics described only applies to - SERIALIZABLE isolation. - enum: - - READ_LOCK_MODE_UNSPECIFIED - - PESSIMISTIC - - OPTIMISTIC - multiplexedSessionPreviousTransactionId: + description: The Cloud Spanner timestamp at which the transaction committed. + snapshotTimestamp: description: >- - Optional. Clients should pass the transaction ID of the previous - transaction attempt that was aborted if this transaction is being - executed on a multiplexed session. + If `TransactionOptions.isolation_level` is set to + `IsolationLevel.REPEATABLE_READ`, then the snapshot timestamp is the + timestamp at which all reads in the transaction ran. This timestamp + is never returned. + format: google-datetime type: string - format: byte - PartitionedDml: - id: PartitionedDml - description: Message type to initiate a Partitioned DML transaction. + precommitToken: + $ref: '#/components/schemas/MultiplexedSessionPrecommitToken' + description: >- + If specified, transaction has not committed yet. You must retry the + commit with the new precommit token. + id: CommitResponse + description: The response for Commit. + ListInstancePartitionOperationsResponse: + description: The response for ListInstancePartitionOperations. + properties: + nextPageToken: + type: string + description: >- + `next_page_token` can be sent in a subsequent + ListInstancePartitionOperations call to fetch more of the matching + metadata. + unreachableInstancePartitions: + description: >- + The list of unreachable instance partitions. It includes the names + of instance partitions whose operation metadata could not be + retrieved within instance_partition_deadline. + items: + type: string + type: array + operations: + type: array + description: >- + The list of matching instance partition long-running operations. + Each operation's name will be prefixed by the instance partition's + name. The operation's metadata field type `metadata.type_url` + describes the type of the metadata. + items: + $ref: '#/components/schemas/Operation' type: object - properties: {} - ReadOnly: - id: ReadOnly - description: Message type to initiate a read-only transaction. + id: ListInstancePartitionOperationsResponse + PartitionStartRecord: type: object + description: >- + A partition start record serves as a notification that the client should + schedule the partitions to be queried. PartitionStartRecord returns + information about one or more partitions. properties: - strong: + startTimestamp: + format: google-datetime + type: string description: >- - Read at a timestamp where all previously committed transactions are - visible. - type: boolean - minReadTimestamp: + Start timestamp at which the partitions should be queried to return + change stream records with timestamps >= start_timestamp. + DataChangeRecord.commit_timestamps, + PartitionStartRecord.start_timestamps, + PartitionEventRecord.commit_timestamps, and + PartitionEndRecord.end_timestamps can have the same value in the + same partition. + recordSequence: description: >- - Executes all reads at a timestamp >= `min_read_timestamp`. This is - useful for requesting fresher data than some previous read, or data - that is fresh enough to observe the effects of some previously - committed transaction whose timestamp is known. Note that this - option can only be used in single-use transactions. A timestamp in - RFC3339 UTC \"Zulu\" format, accurate to nanoseconds. Example: - `"2014-10-02T15:01:23.045123456Z"`. + Record sequence numbers are unique and monotonically increasing (but + not necessarily contiguous) for a specific timestamp across record + types in the same partition. To guarantee ordered processing, the + reader should process records (of potentially different types) in + record_sequence order for a specific timestamp in the same + partition. type: string - format: google-datetime - maxStaleness: + partitionTokens: + items: + type: string + type: array + description: Unique partition identifiers to be used in queries. + id: PartitionStartRecord + Binding: + type: object + properties: + members: + type: array + items: + type: string description: >- - Read data at a timestamp >= `NOW - max_staleness` seconds. - Guarantees that all writes that have committed more than the - specified number of seconds ago are visible. Because Cloud Spanner - chooses the exact timestamp, this mode works even if the client's - local clock is substantially skewed from Cloud Spanner commit - timestamps. Useful for reading the freshest data available at a - nearby replica, while bounding the possible staleness if the local - replica has fallen behind. Note that this option can only be used in - single-use transactions. + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + condition: + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + role: + description: >- + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). type: string - format: google-duration - readTimestamp: + id: Binding + description: Associates `members`, or principals, with a `role`. + AutoscalingConfig: + id: AutoscalingConfig + properties: + asymmetricAutoscalingOptions: + items: + $ref: '#/components/schemas/AsymmetricAutoscalingOption' + type: array + description: >- + Optional. Optional asymmetric autoscaling options. Replicas matching + the replica selection criteria will be autoscaled independently from + other replicas. The autoscaler will scale the replicas based on the + utilization of replicas identified by the replica selection. Replica + selections should not overlap with each other. Other replicas (those + do not match any replica selection) will be autoscaled together and + will have the same compute capacity allocated to them. + autoscalingLimits: + $ref: '#/components/schemas/AutoscalingLimits' + description: Required. Autoscaling limits for an instance. + autoscalingTargets: + $ref: '#/components/schemas/AutoscalingTargets' + description: Required. The autoscaling targets for an instance. + description: Autoscaling configuration for an instance. + type: object + DdlStatementActionInfo: + id: DdlStatementActionInfo + description: >- + Action information extracted from a DDL statement. This proto is used to + display the brief info of the DDL statement for the operation + UpdateDatabaseDdl. + properties: + entityType: description: >- - Executes all reads at the given timestamp. Unlike other modes, reads - at a specific timestamp are repeatable; the same read at the same - timestamp always returns the same data. If the timestamp is in the - future, the read is blocked until the specified timestamp, modulo - the read's deadline. Useful for large scale consistent reads such as - mapreduces, or for coordinating many reads against a consistent - snapshot of the data. A timestamp in RFC3339 UTC \"Zulu\" format, - accurate to nanoseconds. Example: - `"2014-10-02T15:01:23.045123456Z"`. + The entity type for the DDL statement, for example, TABLE, INDEX, + VIEW, etc. This field can be empty string for some DDL statement, + for example, for statement "ANALYZE", `entity_type` = "". type: string - format: google-datetime - exactStaleness: + entityNames: + items: + type: string + type: array description: >- - Executes all reads at a timestamp that is `exact_staleness` old. The - timestamp is chosen soon after the read is started. Guarantees that - all writes that have committed more than the specified number of - seconds ago are visible. Because Cloud Spanner chooses the exact - timestamp, this mode works even if the client's local clock is - substantially skewed from Cloud Spanner commit timestamps. Useful - for reading at nearby replicas without the distributed timestamp - negotiation overhead of `max_staleness`. + The entity names being operated on the DDL statement. For example, + 1. For statement "CREATE TABLE t1(...)", `entity_names` = ["t1"]. 2. + For statement "GRANT ROLE r1, r2 ...", `entity_names` = ["r1", + "r2"]. 3. For statement "ANALYZE", `entity_names` = []. + action: + description: >- + The action for the DDL statement, for example, CREATE, ALTER, DROP, + GRANT, etc. This field is a non-empty string. type: string - format: google-duration - returnReadTimestamp: + type: object + IncludeReplicas: + properties: + replicaSelections: + type: array + items: + $ref: '#/components/schemas/ReplicaSelection' + description: The directed read replica selector. + autoFailoverDisabled: description: >- - If true, the Cloud Spanner-selected read timestamp is included in - the Transaction message that describes the transaction. + If `true`, Spanner doesn't route requests to a replica outside the + <`include_replicas` list when all of the specified replicas are + unavailable or unhealthy. Default value is `false`. type: boolean - Type: - id: Type description: >- - `Type` indicates the type of a Cloud Spanner value, as might be stored - in a table cell or returned from an SQL query. + An `IncludeReplicas` contains a repeated set of `ReplicaSelection` which + indicates the order in which replicas should be considered. type: object + id: IncludeReplicas + ListDatabasesResponse: properties: - code: - description: Required. The TypeCode for this type. - type: string - enumDescriptions: - - Not specified. - - Encoded as JSON `true` or `false`. - - Encoded as `string`, in decimal format. - - >- - Encoded as `number`, or the strings `"NaN"`, `"Infinity"`, or - `"-Infinity"`. - - >- - Encoded as `number`, or the strings `"NaN"`, `"Infinity"`, or - `"-Infinity"`. - - >- - Encoded as `string` in RFC 3339 timestamp format. The time zone - must be present, and must be `"Z"`. If the schema has the column - option `allow_commit_timestamp=true`, the placeholder string - `"spanner.commit_timestamp()"` can be used to instruct the system - to insert the commit timestamp associated with the transaction - commit. - - Encoded as `string` in RFC 3339 date format. - - Encoded as `string`. - - >- - Encoded as a base64-encoded `string`, as described in RFC 4648, - section 4. - - >- - Encoded as `list`, where the list elements are represented - according to array_element_type. - - >- - Encoded as `list`, where list element `i` is represented according - to [struct_type.fields[i]][google.spanner.v1.StructType.fields]. - - >- - Encoded as `string`, in decimal format or scientific notation - format. Decimal format: `[+-]Digits[.[Digits]]` or `+-.Digits` - Scientific notation: - `[+-]Digits[.[Digits]][ExponentIndicator[+-]Digits]` or - `+-.Digits[ExponentIndicator[+-]Digits]` (ExponentIndicator is - `"e"` or `"E"`) - - >- - Encoded as a JSON-formatted `string` as described in RFC 7159. The - following rules are applied when parsing JSON input: - Whitespace - characters are not preserved. - If a JSON object has duplicate - keys, only the first key is preserved. - Members of a JSON object - are not guaranteed to have their order preserved. - JSON array - elements will have their order preserved. - - >- - Encoded as a base64-encoded `string`, as described in RFC 4648, - section 4. - - Encoded as `string`, in decimal format. - - >- - Encoded as `string`, in `ISO8601` duration format - - `P[n]Y[n]M[n]DT[n]H[n]M[n[.fraction]]S` where `n` is an integer. - For example, `P1Y2M3DT4H5M6.5S` represents time duration of 1 - year, 2 months, 3 days, 4 hours, 5 minutes, and 6.5 seconds. - enum: - - TYPE_CODE_UNSPECIFIED - - BOOL - - INT64 - - FLOAT64 - - FLOAT32 - - TIMESTAMP - - DATE - - STRING - - BYTES - - ARRAY - - STRUCT - - NUMERIC - - JSON - - PROTO - - ENUM - - INTERVAL - arrayElementType: - description: >- - If code == ARRAY, then `array_element_type` is the type of the array - elements. - $ref: '#/components/schemas/Type' - structType: - description: >- - If code == STRUCT, then `struct_type` provides type information for - the struct's fields. - $ref: '#/components/schemas/StructType' - typeAnnotation: + nextPageToken: description: >- - The TypeAnnotationCode that disambiguates SQL type that Spanner will - use to represent values of this type during query processing. This - is necessary for some type codes because a single TypeCode can be - mapped to different SQL types depending on the SQL dialect. - type_annotation typically is not needed to process the content of a - value (it doesn't affect serialization) and clients can ignore it on - the read path. + `next_page_token` can be sent in a subsequent ListDatabases call to + fetch more of the matching databases. type: string - enumDescriptions: - - Not specified. - - >- - PostgreSQL compatible NUMERIC type. This annotation needs to be - applied to Type instances having NUMERIC type code to specify that - values of this type should be treated as PostgreSQL NUMERIC - values. Currently this annotation is always needed for NUMERIC - when a client interacts with PostgreSQL-enabled Spanner databases. - - >- - PostgreSQL compatible JSONB type. This annotation needs to be - applied to Type instances having JSON type code to specify that - values of this type should be treated as PostgreSQL JSONB values. - Currently this annotation is always needed for JSON when a client - interacts with PostgreSQL-enabled Spanner databases. - - >- - PostgreSQL compatible OID type. This annotation can be used by a - client interacting with PostgreSQL-enabled Spanner database to - specify that a value should be treated using the semantics of the - OID type. - enum: - - TYPE_ANNOTATION_CODE_UNSPECIFIED - - PG_NUMERIC - - PG_JSONB - - PG_OID - protoTypeFqn: + databases: + items: + $ref: '#/components/schemas/Database' + description: Databases that matched the request. + type: array + type: object + id: ListDatabasesResponse + description: The response for ListDatabases. + AutoscalingConfigOverrides: + description: >- + Overrides the top-level autoscaling configuration for the replicas + identified by `replica_selection`. All fields in this message are + optional. Any unspecified fields will use the corresponding values from + the top-level autoscaling configuration. + properties: + autoscalingTargetHighPriorityCpuUtilizationPercent: description: >- - If code == PROTO or code == ENUM, then `proto_type_fqn` is the fully - qualified name of the proto type representing the proto/enum - definition. - type: string - StructType: - id: StructType - description: '`StructType` defines the fields of a STRUCT type.' + Optional. If specified, overrides the autoscaling target + high_priority_cpu_utilization_percent in the top-level autoscaling + configuration for the selected replicas. + type: integer + format: int32 + autoscalingLimits: + $ref: '#/components/schemas/AutoscalingLimits' + description: >- + Optional. If specified, overrides the min/max limit in the top-level + autoscaling configuration for the selected replicas. + type: object + id: AutoscalingConfigOverrides + Status: + id: Status type: object properties: - fields: + code: + type: integer + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + message: + type: string description: >- - The list of fields that make up this struct. Order is significant, - because values of this struct type are represented as lists, where - the order of field values matches the order of fields in the - StructType. In turn, the order of fields matches the order of - columns in a read request, or the order of fields in the `SELECT` - clause of a query. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + details: type: array items: - $ref: '#/components/schemas/Field' - Field: - id: Field - description: Message representing a single field of a struct. - type: object - properties: - name: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object description: >- - The name of the field. For reads, this is the column name. For SQL - queries, it is the column alias (e.g., `"Word"` in the query - `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` - in the query `"SELECT ColName FROM Table"`). Some columns might have - an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query - result can contain multiple fields with the same name. - type: string - type: - description: The type of the field. - $ref: '#/components/schemas/Type' - QueryOptions: - id: QueryOptions - description: Query optimizer configuration. + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + UpdateDatabaseRequest: + id: UpdateDatabaseRequest + description: The request for UpdateDatabase. type: object properties: - optimizerVersion: + updateMask: description: >- - An option to control the selection of optimizer version. This - parameter allows individual queries to pick different query - optimizer versions. Specifying `latest` as a value instructs Cloud - Spanner to use the latest supported query optimizer version. If not - specified, Cloud Spanner uses the optimizer version set at the - database level options. Any other positive integer (from the list of - supported optimizer versions) overrides the default optimizer - version for query execution. The list of supported optimizer - versions can be queried from - `SPANNER_SYS.SUPPORTED_OPTIMIZER_VERSIONS`. Executing a SQL - statement with an invalid optimizer version fails with an - `INVALID_ARGUMENT` error. See - https://cloud.google.com/spanner/docs/query-optimizer/manage-query-optimizer - for more information on managing the query optimizer. The - `optimizer_version` statement hint has precedence over this setting. + Required. The list of fields to update. Currently, only + `enable_drop_protection` field can be updated. type: string - optimizerStatisticsPackage: + format: google-fieldmask + database: + $ref: '#/components/schemas/Database' description: >- - An option to control the selection of optimizer statistics package. - This parameter allows individual queries to use a different query - optimizer statistics package. Specifying `latest` as a value - instructs Cloud Spanner to use the latest generated statistics - package. If not specified, Cloud Spanner uses the statistics package - set at the database level options, or the latest package if the - database option isn't set. The statistics package requested by the - query has to be exempt from garbage collection. This can be achieved - with the following DDL statement: ```sql ALTER STATISTICS SET - OPTIONS (allow_gc=false) ``` The list of available statistics - packages can be queried from - `INFORMATION_SCHEMA.SPANNER_STATISTICS`. Executing a SQL statement - with an invalid optimizer statistics package or with a statistics - package that allows garbage collection fails with an - `INVALID_ARGUMENT` error. - type: string - RequestOptions: - id: RequestOptions - description: Common request options for various APIs. - type: object + Required. The database to update. The `name` field of the database + is of the form `projects//instances//databases/`. + Expr: + id: Expr properties: - priority: - description: Priority for the request. + location: + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. type: string - enumDescriptions: - - '`PRIORITY_UNSPECIFIED` is equivalent to `PRIORITY_HIGH`.' - - This specifies that the request is low priority. - - This specifies that the request is medium priority. - - This specifies that the request is high priority. - enum: - - PRIORITY_UNSPECIFIED - - PRIORITY_LOW - - PRIORITY_MEDIUM - - PRIORITY_HIGH - requestTag: + title: description: >- - A per-request tag which can be applied to queries or reads, used for - statistics collection. Both `request_tag` and `transaction_tag` can - be specified for a read or query that belongs to a transaction. This - field is ignored for requests where it's not applicable (for - example, `CommitRequest`). Legal characters for `request_tag` values - are all printable characters (ASCII 32 - 126) and the length of a - request_tag is limited to 50 characters. Values that exceed this - limit are truncated. Any leading underscore (_) characters are - removed from the string. + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. type: string - transactionTag: + description: description: >- - A tag used for statistics collection about this transaction. Both - `request_tag` and `transaction_tag` can be specified for a read or - query that belongs to a transaction. The value of transaction_tag - should be the same for all requests belonging to the same - transaction. If this request doesn't belong to any transaction, - `transaction_tag` is ignored. Legal characters for `transaction_tag` - values are all printable characters (ASCII 32 - 126) and the length - of a `transaction_tag` is limited to 50 characters. Values that - exceed this limit are truncated. Any leading underscore (_) - characters are removed from the string. + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. type: string - DirectedReadOptions: - id: DirectedReadOptions + expression: + description: >- + Textual representation of an expression in Common Expression + Language syntax. + type: string + type: object description: >- - The `DirectedReadOptions` can be used to indicate which replicas or - regions should be used for non-transactional reads or queries. - `DirectedReadOptions` can only be specified for a read-only transaction, - otherwise the API returns an `INVALID_ARGUMENT` error. + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + ScanData: type: object properties: - includeReplicas: + startTime: + format: google-datetime description: >- - `Include_replicas` indicates the order of replicas (as they appear - in this list) to process the request. If `auto_failover_disabled` is - set to `true` and all replicas are exhausted without finding a - healthy replica, Spanner waits for a replica in the list to become - available, requests might fail due to `DEADLINE_EXCEEDED` errors. - $ref: '#/components/schemas/IncludeReplicas' - excludeReplicas: + A range of time (inclusive) for when the contained data is defined. + The lower bound for when the contained data is defined. + type: string + endTime: + type: string + format: google-datetime + description: The upper bound for when the contained data is defined. + data: + $ref: '#/components/schemas/VisualizationData' description: >- - `Exclude_replicas` indicates that specified replicas should be - excluded from serving requests. Spanner doesn't route requests to - the replicas in this list. - $ref: '#/components/schemas/ExcludeReplicas' - IncludeReplicas: - id: IncludeReplicas + Cloud Key Visualizer scan data. The range of time this information + covers is captured via the above time range fields. Note, this field + is not available to the ListScans method. + id: ScanData description: >- - An `IncludeReplicas` contains a repeated set of `ReplicaSelection` which - indicates the order in which replicas should be considered. + ScanData contains Cloud Key Visualizer scan data used by the caller to + construct a visualization. + CreateDatabaseRequest: + id: CreateDatabaseRequest + description: The request for CreateDatabase. type: object properties: - replicaSelections: - description: The directed read replica selector. - type: array + databaseDialect: + enum: + - DATABASE_DIALECT_UNSPECIFIED + - GOOGLE_STANDARD_SQL + - POSTGRESQL + type: string + enumDescriptions: + - >- + Default value. This value will create a database with the + GOOGLE_STANDARD_SQL dialect. + - GoogleSQL supported SQL. + - PostgreSQL supported SQL. + description: Optional. The dialect of the Cloud Spanner Database. + protoDescriptors: + format: byte + type: string + description: >- + Optional. Proto descriptors used by `CREATE/ALTER PROTO BUNDLE` + statements in 'extra_statements'. Contains a protobuf-serialized + [`google.protobuf.FileDescriptorSet`](https://github.com/protocolbuffers/protobuf/blob/main/src/google/protobuf/descriptor.proto) + descriptor set. To generate it, + [install](https://grpc.io/docs/protoc-installation/) and run + `protoc` with --include_imports and --descriptor_set_out. For + example, to generate for moon/shot/app.proto, run ``` $protoc + --proto_path=/app_path --proto_path=/lib_path \ --include_imports \ + --descriptor_set_out=descriptors.data \ moon/shot/app.proto ``` For + more details, see protobuffer [self + description](https://developers.google.com/protocol-buffers/docs/techniques#self-description). + encryptionConfig: + description: >- + Optional. The encryption configuration for the database. If this + field is not specified, Cloud Spanner will encrypt/decrypt all data + at rest using Google default encryption. + $ref: '#/components/schemas/EncryptionConfig' + extraStatements: + description: >- + Optional. A list of DDL statements to run inside the newly created + database. Statements can create tables, indexes, etc. These + statements execute atomically with the creation of the database: if + there is an error in any statement, the database is not created. items: - $ref: '#/components/schemas/ReplicaSelection' - autoFailoverDisabled: + type: string + type: array + createStatement: + type: string description: >- - If `true`, Spanner doesn't route requests to a replica outside the - <`include_replicas` list when all of the specified replicas are - unavailable or unhealthy. Default value is `false`. - type: boolean - ReplicaSelection: - id: ReplicaSelection - description: >- - The directed read replica selector. Callers must provide one or more of - the following fields for replica selection: * `location` - The location - must be one of the regions within the multi-region configuration of your - database. * `type` - The type of the replica. Some examples of using - replica_selectors are: * `location:us-east1` --> The "us-east1" - replica(s) of any available type is used to process the request. * - `type:READ_ONLY` --> The "READ_ONLY" type replica(s) in the nearest - available location are used to process the request. * `location:us-east1 - type:READ_ONLY` --> The "READ_ONLY" type replica(s) in location - "us-east1" is used to process the request. + Required. A `CREATE DATABASE` statement, which specifies the ID of + the new database. The database ID must conform to the regular + expression `a-z*[a-z0-9]` and be between 2 and 30 characters in + length. If the database ID is a reserved word or if it contains a + hyphen, the database ID must be enclosed in backticks (`` ` ``). + ContextValue: type: object properties: - location: - description: >- - The location or region of the serving requests, for example, - "us-east1". - type: string - type: - description: The type of replica. + label: + description: The label for the context value. e.g. "latency". + $ref: '#/components/schemas/LocalizedString' + unit: + description: The unit of the context value. type: string + value: + type: number + description: The value for the context. + format: float + severity: enumDescriptions: - - Not specified. - - Read-write replicas support both reads and writes. - - Read-only replicas only support reads (not writes). + - Required default value. + - Lowest severity level "Info". + - Middle severity level "Warning". + - Severity level signaling an error "Error" + - Severity level signaling a non recoverable error "Fatal" enum: - - TYPE_UNSPECIFIED - - READ_WRITE - - READ_ONLY - ExcludeReplicas: - id: ExcludeReplicas + - SEVERITY_UNSPECIFIED + - INFO + - WARNING + - ERROR + - FATAL + description: The severity of this context. + type: string + id: ContextValue description: >- - An ExcludeReplicas contains a repeated set of ReplicaSelection that - should be excluded from serving requests. - type: object - properties: - replicaSelections: - description: The directed read replica selector. - type: array - items: - $ref: '#/components/schemas/ReplicaSelection' - ResultSet: - id: ResultSet - description: Results from Read or ExecuteSql. - type: object + A message representing context for a KeyRangeInfo, including a label, + value, unit, and severity. + Mutation: properties: - metadata: - description: Metadata about the result set, such as row type information. - $ref: '#/components/schemas/ResultSetMetadata' - rows: - description: >- - Each element in `rows` is a row whose format is defined by - metadata.row_type. The ith element in each row matches the ith field - in metadata.row_type. Elements are encoded based on type as - described here. - type: array - items: - type: array - items: - type: any - stats: + replace: description: >- - Query plan and execution statistics for the SQL statement that - produced this result set. These can be requested by setting - ExecuteSqlRequest.query_mode. DML statements always produce stats - containing the number of rows modified, unless executed using the - ExecuteSqlRequest.QueryMode.PLAN ExecuteSqlRequest.query_mode. Other - fields might or might not be populated, based on the - ExecuteSqlRequest.query_mode. - $ref: '#/components/schemas/ResultSetStats' - precommitToken: + Like insert, except that if the row already exists, it is deleted, + and the column values provided are inserted instead. Unlike + insert_or_update, this means any values not explicitly written + become `NULL`. In an interleaved table, if you create the child + table with the `ON DELETE CASCADE` annotation, then replacing a + parent row also deletes the child rows. Otherwise, you must delete + the child rows before you replace the parent row. + $ref: '#/components/schemas/Write' + insertOrUpdate: description: >- - Optional. A precommit token is included if the read-write - transaction is on a multiplexed session. Pass the precommit token - with the highest sequence number from this transaction attempt to - the Commit request for this transaction. - $ref: '#/components/schemas/MultiplexedSessionPrecommitToken' - ResultSetMetadata: - id: ResultSetMetadata - description: Metadata about a ResultSet or PartialResultSet. - type: object - properties: - rowType: + Like insert, except that if the row already exists, then its column + values are overwritten with the ones provided. Any column values not + explicitly written are preserved. When using insert_or_update, just + as when using insert, all `NOT NULL` columns in the table must be + given a value. This holds true even when the row already exists and + will therefore actually be updated. + $ref: '#/components/schemas/Write' + delete: description: >- - Indicates the field names and types for the rows in the result set. - For example, a SQL query like `"SELECT UserId, UserName FROM Users"` - could return a `row_type` value like: "fields": [ { "name": - "UserId", "type": { "code": "INT64" } }, { "name": "UserName", - "type": { "code": "STRING" } }, ] - $ref: '#/components/schemas/StructType' - transaction: + Delete rows from a table. Succeeds whether or not the named rows + were present. + $ref: '#/components/schemas/Delete' + insert: + $ref: '#/components/schemas/Write' description: >- - If the read or SQL query began a transaction as a side-effect, the - information about the new transaction is yielded here. - $ref: '#/components/schemas/Transaction' - undeclaredParameters: + Insert new rows in a table. If any of the rows already exist, the + write or transaction fails with error `ALREADY_EXISTS`. + update: + $ref: '#/components/schemas/Write' description: >- - A SQL query can be parameterized. In PLAN mode, these parameters can - be undeclared. This indicates the field names and types for those - undeclared parameters in the SQL query. For example, a SQL query - like `"SELECT * FROM Users where UserId = @userId and UserName = - @userName "` could return a `undeclared_parameters` value like: - "fields": [ { "name": "UserId", "type": { "code": "INT64" } }, { - "name": "UserName", "type": { "code": "STRING" } }, ] - $ref: '#/components/schemas/StructType' - Transaction: - id: Transaction - description: A transaction. + Update existing rows in a table. If any of the rows does not already + exist, the transaction fails with error `NOT_FOUND`. type: object + id: Mutation + description: >- + A modification to one or more Cloud Spanner rows. Mutations can be + applied to a Cloud Spanner database by sending them in a Commit call. + CreateInstancePartitionMetadata: + id: CreateInstancePartitionMetadata properties: - id: + cancelTime: description: >- - `id` may be used to identify the transaction in subsequent Read, - ExecuteSql, Commit, or Rollback calls. Single-use read-only - transactions do not have IDs, because single-use transactions do not - support multiple requests. + The time at which this operation was cancelled. If set, this + operation is in the process of undoing itself (which is guaranteed + to succeed) and cannot be cancelled again. type: string - format: byte - readTimestamp: + format: google-datetime + instancePartition: + $ref: '#/components/schemas/InstancePartition' + description: The instance partition being created. + endTime: description: >- - For snapshot read-only transactions, the read timestamp chosen for - the transaction. Not returned by default: see - TransactionOptions.ReadOnly.return_read_timestamp. A timestamp in - RFC3339 UTC \"Zulu\" format, accurate to nanoseconds. Example: - `"2014-10-02T15:01:23.045123456Z"`. + The time at which this operation failed or was completed + successfully. type: string format: google-datetime - precommitToken: - description: >- - A precommit token is included in the response of a BeginTransaction - request if the read-write transaction is on a multiplexed session - and a mutation_key was specified in the BeginTransaction. The - precommit token with the highest sequence number from this - transaction attempt should be passed to the Commit request for this - transaction. - $ref: '#/components/schemas/MultiplexedSessionPrecommitToken' - MultiplexedSessionPrecommitToken: - id: MultiplexedSessionPrecommitToken - description: >- - When a read-write transaction is executed on a multiplexed session, this - precommit token is sent back to the client as a part of the Transaction - message in the BeginTransaction response and also as a part of the - ResultSet and PartialResultSet responses. + startTime: + format: google-datetime + type: string + description: The time at which the CreateInstancePartition request was received. type: object + description: Metadata type for the operation returned by CreateInstancePartition. + RestoreInfo: properties: - precommitToken: - description: Opaque precommit token. + sourceType: type: string - format: byte - seqNum: + description: The type of the restore source. + enumDescriptions: + - No restore associated. + - A backup was used as the source of the restore. + enum: + - TYPE_UNSPECIFIED + - BACKUP + backupInfo: description: >- - An incrementing seq number is generated on every precommit token - that is returned. Clients should remember the precommit token with - the highest sequence number from the current transaction attempt. - type: integer - format: int32 - ResultSetStats: - id: ResultSetStats - description: Additional statistics about a ResultSet or PartialResultSet. + Information about the backup used to restore the database. The + backup may no longer exist. + $ref: '#/components/schemas/BackupInfo' type: object + description: Information about the database restore. + id: RestoreInfo + PartitionOptions: properties: - queryPlan: - description: QueryPlan for the query associated with this result. - $ref: '#/components/schemas/QueryPlan' - queryStats: - description: >- - Aggregated statistics from the execution of the query. Only present - when the query is profiled. For example, a query could return the - statistics as follows: { "rows_returned": "3", "elapsed_time": "1.22 - secs", "cpu_time": "1.19 secs" } - type: object - additionalProperties: - type: any - description: Properties of the object. - rowCountExact: - description: Standard DML returns an exact count of rows that were modified. + maxPartitions: type: string format: int64 - rowCountLowerBound: description: >- - Partitioned DML doesn't offer exactly-once semantics, so it returns - a lower bound of the rows modified. - type: string + **Note:** This hint is currently ignored by `PartitionQuery` and + `PartitionRead` requests. The desired maximum number of partitions + to return. For example, this might be set to the number of workers + available. The default for this option is currently 10,000. The + maximum value is currently 200,000. This is only a hint. The actual + number of partitions returned can be smaller or larger than this + maximum count request. + partitionSizeBytes: format: int64 - QueryPlan: - id: QueryPlan - description: Contains an ordered list of nodes appearing in the query plan. - type: object - properties: - planNodes: - description: >- - The nodes in the query plan. Plan nodes are returned in pre-order - starting with the plan root. Each PlanNode's `id` corresponds to its - index in `plan_nodes`. - type: array - items: - $ref: '#/components/schemas/PlanNode' - queryAdvice: description: >- - Optional. The advise/recommendations for a query. Currently this - field will be serving index recommendations for a query. - $ref: '#/components/schemas/QueryAdvisorResult' - PlanNode: - id: PlanNode - description: Node information for nodes appearing in a QueryPlan.plan_nodes. + **Note:** This hint is currently ignored by `PartitionQuery` and + `PartitionRead` requests. The desired data size for each partition + generated. The default for this option is currently 1 GiB. This is + only a hint. The actual size of each partition can be smaller or + larger than this size request. + type: string type: object + id: PartitionOptions + description: Options for a `PartitionQueryRequest` and `PartitionReadRequest`. + UpdateInstanceMetadata: + description: Metadata type for the operation returned by UpdateInstance. properties: - index: - description: The `PlanNode`'s index in node list. - type: integer - format: int32 - kind: - description: >- - Used to determine the type of node. May be needed for visualizing - different kinds of nodes differently. For example, If the node is a - SCALAR node, it will have a condensed representation which can be - used to directly embed a description of the node in its parent. + startTime: type: string + description: The time at which UpdateInstance request was received. + format: google-datetime + expectedFulfillmentPeriod: enumDescriptions: - Not specified. - >- - Denotes a Relational operator node in the expression tree. - Relational operators represent iterative processing of rows during - query execution. For example, a `TableScan` operation that reads - rows from a table. + Normal fulfillment period. The operation is expected to complete + within minutes. - >- - Denotes a Scalar node in the expression tree. Scalar nodes - represent non-iterable entities in the query plan. For example, - constants or arithmetic operators appearing inside predicate - expressions or references to column names. + Extended fulfillment period. It can take up to an hour for the + operation to complete. + type: string enum: - - KIND_UNSPECIFIED - - RELATIONAL - - SCALAR - displayName: - description: The display name for the node. + - FULFILLMENT_PERIOD_UNSPECIFIED + - FULFILLMENT_PERIOD_NORMAL + - FULFILLMENT_PERIOD_EXTENDED + description: The expected fulfillment period of this update operation. + instance: + description: The desired end state of the update. + $ref: '#/components/schemas/Instance' + cancelTime: type: string - childLinks: - description: List of child node `index`es and their relationship to this parent. - type: array - items: - $ref: '#/components/schemas/ChildLink' - shortRepresentation: - description: Condensed representation for SCALAR nodes. - $ref: '#/components/schemas/ShortRepresentation' - metadata: + format: google-datetime description: >- - Attributes relevant to the node contained in a group of key-value - pairs. For example, a Parameter Reference node could have the - following information in its metadata: { "parameter_reference": - "param1", "parameter_type": "array" } - type: object - additionalProperties: - type: any - description: Properties of the object. - executionStats: + The time at which this operation was cancelled. If set, this + operation is in the process of undoing itself (which is guaranteed + to succeed) and cannot be cancelled again. + endTime: + type: string + format: google-datetime description: >- - The execution statistics associated with the node, contained in a - group of key-value pairs. Only present if the plan was returned as a - result of a profile query. For example, number of executions, number - of rows/time per execution etc. - type: object - additionalProperties: - type: any - description: Properties of the object. - ChildLink: - id: ChildLink - description: >- - Metadata associated with a parent-child relationship appearing in a - PlanNode. + The time at which this operation failed or was completed + successfully. + id: UpdateInstanceMetadata + type: object + AdaptMessageResponse: + description: Message sent by the adapter to the client. type: object properties: - childIndex: - description: The node to which the link points. - type: integer - format: int32 - type: - description: >- - The type of the link. For example, in Hash Joins this could be used - to distinguish between the build child and the probe child, or in - the case of the child being an output variable, to represent the tag - associated with the output variable. + stateUpdates: + description: Optional. Opaque state updates to be applied by the client. + additionalProperties: + type: string + type: object + payload: + description: Optional. Uninterpreted bytes from the underlying wire protocol. type: string - variable: + format: byte + last: description: >- - Only present if the child node is SCALAR and corresponds to an - output variable of the parent node. The field carries the name of - the output variable. For example, a `TableScan` operator that reads - rows from a table will have child links to the `SCALAR` nodes - representing the output variables created for each column that is - read by the operator. The corresponding `variable` fields will be - set to the variable names assigned to the columns. - type: string - ShortRepresentation: - id: ShortRepresentation - description: >- - Condensed representation of a node and its subtree. Only present for - `SCALAR` PlanNode(s). + Optional. Indicates whether this is the last AdaptMessageResponse in + the stream. This field may be optionally set by the server. Clients + should not rely on this field being set in all cases. + type: boolean + id: AdaptMessageResponse + OperationProgress: + id: OperationProgress type: object + description: >- + Encapsulates progress related information for a Cloud Spanner long + running operation. properties: - description: + progressPercent: + type: integer + format: int32 description: >- - A string representation of the expression subtree rooted at this - node. + Percent completion of the operation. Values are between 0 and 100 + inclusive. + startTime: type: string - subqueries: - description: >- - A mapping of (subquery variable name) -> (subquery node id) for - cases where the `description` string of this node references a - `SCALAR` subquery contained in the expression subtree rooted at this - node. The referenced `SCALAR` subquery may not necessarily be a - direct child of this node. - type: object - additionalProperties: - type: integer - format: int32 - QueryAdvisorResult: - id: QueryAdvisorResult - description: Output of query advisor analysis. - type: object - properties: - indexAdvice: + format: google-datetime + description: Time the request was received. + endTime: description: >- - Optional. Index Recommendation for a query. This is an optional - field and the recommendation will only be available when the - recommendation guarantees significant improvement in query - performance. - type: array - items: - $ref: '#/components/schemas/IndexAdvice' - IndexAdvice: - id: IndexAdvice - description: Recommendation to add new indexes to run queries more efficiently. + If set, the time at which this operation failed or was completed + successfully. + format: google-datetime + type: string + AsymmetricAutoscalingOption: type: object + id: AsymmetricAutoscalingOption properties: - ddl: + replicaSelection: description: >- - Optional. DDL statements to add new indexes that will improve the - query. - type: array - items: - type: string - improvementFactor: + Required. Selects the replicas to which this + AsymmetricAutoscalingOption applies. Only read-only replicas are + supported. + $ref: '#/components/schemas/InstanceReplicaSelection' + overrides: + $ref: '#/components/schemas/AutoscalingConfigOverrides' description: >- - Optional. Estimated latency improvement factor. For example if the - query currently takes 500 ms to run and the estimated latency with - new indexes is 100 ms this field will be 5. - type: number - format: double - PartialResultSet: - id: PartialResultSet + Optional. Overrides applied to the top-level autoscaling + configuration for the selected replicas. description: >- - Partial results from a streaming read or SQL query. Streaming reads and - SQL queries better tolerate large result sets, large rows, and large - values, but are a little trickier to consume. + AsymmetricAutoscalingOption specifies the scaling of replicas identified + by the given selection. + CommitRequest: type: object properties: - metadata: - description: >- - Metadata about the result set, such as row type information. Only - present in the first response. - $ref: '#/components/schemas/ResultSetMetadata' - values: - description: >- - A streamed result set consists of a stream of values, which might be - split into many `PartialResultSet` messages to accommodate large - rows and/or large values. Every N complete values defines a row, - where N is equal to the number of entries in - metadata.row_type.fields. Most values are encoded based on type as - described here. It's possible that the last value in values is - "chunked", meaning that the rest of the value is sent in subsequent - `PartialResultSet`(s). This is denoted by the chunked_value field. - Two or more chunked values can be merged to form a complete value as - follows: * `bool/number/null`: can't be chunked * `string`: - concatenate the strings * `list`: concatenate the lists. If the last - element in a list is a `string`, `list`, or `object`, merge it with - the first element in the next list by applying these rules - recursively. * `object`: concatenate the (field name, field value) - pairs. If a field name is duplicated, then apply these rules - recursively to merge the field values. Some examples of merging: - Strings are concatenated. "foo", "bar" => "foobar" Lists of - non-strings are concatenated. [2, 3], [4] => [2, 3, 4] Lists are - concatenated, but the last and first elements are merged because - they are strings. ["a", "b"], ["c", "d"] => ["a", "bc", "d"] Lists - are concatenated, but the last and first elements are merged because - they are lists. Recursively, the last and first elements of the - inner lists are merged because they are strings. ["a", ["b", "c"]], - [["d"], "e"] => ["a", ["b", "cd"], "e"] Non-overlapping object - fields are combined. {"a": "1"}, {"b": "2"} => {"a": "1", "b": 2"} - Overlapping object fields are merged. {"a": "1"}, {"a": "2"} => - {"a": "12"} Examples of merging objects containing lists of strings. - {"a": ["1"]}, {"a": ["2"]} => {"a": ["12"]} For a more complete - example, suppose a streaming SQL query is yielding a result set - whose rows contain a single string field. The following - `PartialResultSet`s might be yielded: { "metadata": { ... } - "values": ["Hello", "W"] "chunked_value": true "resume_token": - "Af65..." } { "values": ["orl"] "chunked_value": true } { "values": - ["d"] "resume_token": "Zx1B..." } This sequence of - `PartialResultSet`s encodes two rows, one containing the field value - `"Hello"`, and a second containing the field value `"World" = "W" + - "orl" + "d"`. Not all `PartialResultSet`s contain a `resume_token`. - Execution can only be resumed from a previously yielded - `resume_token`. For the above sequence of `PartialResultSet`s, - resuming the query with `"resume_token": "Af65..."` yields results - from the `PartialResultSet` with value "orl". - type: array + mutations: items: - type: any - chunkedValue: - description: >- - If true, then the final value in values is chunked, and must be - combined with more values from subsequent `PartialResultSet`s to - obtain a complete field value. - type: boolean - resumeToken: + $ref: '#/components/schemas/Mutation' description: >- - Streaming calls might be interrupted for a variety of reasons, such - as TCP connection loss. If this occurs, the stream of results can be - resumed by re-sending the original request and including - `resume_token`. Note that executing any other transaction in the - same session invalidates the token. + The mutations to be executed when this transaction commits. All + mutations are applied atomically, in the order they appear in this + list. + type: array + maxCommitDelay: + description: >- + Optional. The amount of latency this request is configured to incur + in order to improve throughput. If this field isn't set, Spanner + assumes requests are relatively latency sensitive and automatically + determines an appropriate delay time. You can specify a commit delay + value between 0 and 500 ms. + type: string + format: google-duration + transactionId: type: string format: byte - stats: + description: Commit a previously-started transaction. + singleUseTransaction: + $ref: '#/components/schemas/TransactionOptions' description: >- - Query plan and execution statistics for the statement that produced - this streaming result set. These can be requested by setting - ExecuteSqlRequest.query_mode and are sent only once with the last - response in the stream. This field is also present in the last - response for DML statements. - $ref: '#/components/schemas/ResultSetStats' + Execute mutations in a temporary transaction. Note that unlike + commit of a previously-started transaction, commit with a temporary + transaction is non-idempotent. That is, if the `CommitRequest` is + sent to Cloud Spanner more than once (for instance, due to retries + in the application, or in the transport library), it's possible that + the mutations are executed more than once. If this is undesirable, + use BeginTransaction and Commit instead. + requestOptions: + description: Common options for this request. + $ref: '#/components/schemas/RequestOptions' precommitToken: - description: >- - Optional. A precommit token is included if the read-write - transaction has multiplexed sessions enabled. Pass the precommit - token with the highest sequence number from this transaction attempt - to the Commit request for this transaction. $ref: '#/components/schemas/MultiplexedSessionPrecommitToken' - last: description: >- - Optional. Indicates whether this is the last `PartialResultSet` in - the stream. The server might optionally set this field. Clients - shouldn't rely on this field being set in all cases. + Optional. If the read-write transaction was executed on a + multiplexed session, then you must include the precommit token with + the highest sequence number received in this transaction attempt. + Failing to do so results in a `FailedPrecondition` error. + returnCommitStats: type: boolean - ExecuteBatchDmlRequest: - id: ExecuteBatchDmlRequest - description: The request for ExecuteBatchDml. - type: object + description: >- + If `true`, then statistics related to the transaction is included in + the CommitResponse. Default value is `false`. + id: CommitRequest + description: The request for Commit. + FreeInstanceMetadata: + description: >- + Free instance specific metadata that is kept even after an instance has + been upgraded for tracking purposes. + id: FreeInstanceMetadata properties: - transaction: + upgradeTime: + format: google-datetime + readOnly: true + type: string description: >- - Required. The transaction to use. Must be a read-write transaction. - To protect against replays, single-use transactions are not - supported. The caller must either supply an existing transaction ID - or begin a new transaction. - $ref: '#/components/schemas/TransactionSelector' - statements: + Output only. If present, the timestamp at which the free instance + was upgraded to a provisioned instance. + expireTime: + readOnly: true + type: string description: >- - Required. The list of statements to execute in this batch. - Statements are executed serially, such that the effects of statement - `i` are visible to statement `i+1`. Each statement must be a DML - statement. Execution stops at the first failed statement; the - remaining statements are not executed. Callers must provide at least - one statement. - type: array - items: - $ref: '#/components/schemas/Statement' - seqno: + Output only. Timestamp after which the instance will either be + upgraded or scheduled for deletion after a grace period. + ExpireBehavior is used to choose between upgrading or scheduling the + free instance for deletion. This timestamp is set during the + creation of a free instance. + format: google-datetime + expireBehavior: + enumDescriptions: + - Not specified. + - >- + When the free instance expires, upgrade the instance to a + provisioned instance. + - >- + When the free instance expires, disable the instance, and delete + it after the grace period passes if it has not been upgraded. description: >- - Required. A per-transaction sequence number used to identify this - request. This field makes each request idempotent such that if the - request is received multiple times, at most one succeeds. The - sequence number must be monotonically increasing within the - transaction. If a request arrives for the first time with an - out-of-order sequence number, the transaction might be aborted. - Replays of previously handled requests yield the same response as - the first execution. + Specifies the expiration behavior of a free instance. The default of + ExpireBehavior is `REMOVE_AFTER_GRACE_PERIOD`. This can be modified + during or after creation, and before expiration. type: string - format: int64 - requestOptions: - description: Common options for this request. - $ref: '#/components/schemas/RequestOptions' - lastStatements: - description: >- - Optional. If set to `true`, this request marks the end of the - transaction. After these statements execute, you must commit or - abort the transaction. Attempts to execute any other requests - against this transaction (including reads and queries) are rejected. - Setting this option might cause some error reporting to be deferred - until commit time (for example, validation of unique constraints). - Given this, successful execution of statements shouldn't be assumed - until a subsequent `Commit` call completes successfully. - type: boolean - Statement: - id: Statement - description: A single DML statement. + enum: + - EXPIRE_BEHAVIOR_UNSPECIFIED + - FREE_TO_PROVISIONED + - REMOVE_AFTER_GRACE_PERIOD + type: object + ListInstancesResponse: + id: ListInstancesResponse type: object + description: The response for ListInstances. properties: - sql: - description: Required. The DML string. + nextPageToken: type: string - params: description: >- - Parameter names and values that bind to placeholders in the DML - string. A parameter placeholder consists of the `@` character - followed by the parameter name (for example, `@firstName`). - Parameter names can contain letters, numbers, and underscores. - Parameters can appear anywhere that a literal value is expected. The - same parameter name can be used more than once, for example: `"WHERE - id > @msg_id AND id < @msg_id + 100"` It's an error to execute a SQL - statement with unbound parameters. - type: object - additionalProperties: - type: any - description: Properties of the object. - paramTypes: + `next_page_token` can be sent in a subsequent ListInstances call to + fetch more of the matching instances. + instances: + description: The list of requested instances. + items: + $ref: '#/components/schemas/Instance' + type: array + unreachable: + items: + type: string description: >- - It isn't always possible for Cloud Spanner to infer the right SQL - type from a JSON value. For example, values of type `BYTES` and - values of type `STRING` both appear in params as JSON strings. In - these cases, `param_types` can be used to specify the exact SQL type - for some or all of the SQL statement parameters. See the definition - of Type for more information about SQL types. - type: object - additionalProperties: - $ref: '#/components/schemas/Type' - ExecuteBatchDmlResponse: - id: ExecuteBatchDmlResponse - description: >- - The response for ExecuteBatchDml. Contains a list of ResultSet messages, - one for each DML statement that has successfully executed, in the same - order as the statements in the request. If a statement fails, the status - in the response body identifies the cause of the failure. To check for - DML statements that failed, use the following approach: 1. Check the - status in the response message. The google.rpc.Code enum value `OK` - indicates that all statements were executed successfully. 2. If the - status was not `OK`, check the number of result sets in the response. If - the response contains `N` ResultSet messages, then statement `N+1` in - the request failed. Example 1: * Request: 5 DML statements, all executed - successfully. * Response: 5 ResultSet messages, with the status `OK`. - Example 2: * Request: 5 DML statements. The third statement has a syntax - error. * Response: 2 ResultSet messages, and a syntax error - (`INVALID_ARGUMENT`) status. The number of ResultSet messages indicates - that the third statement failed, and the fourth and fifth statements - were not executed. + The list of unreachable instances. It includes the names of + instances whose metadata could not be retrieved within + instance_deadline. + type: array + DiagnosticMessage: + description: A message representing the key visualizer diagnostic messages. + type: object + id: DiagnosticMessage + properties: + metric: + $ref: '#/components/schemas/LocalizedString' + description: The metric. + metricSpecific: + type: boolean + description: >- + Whether this message is specific only for the current metric. By + default Diagnostics are shown for all metrics, regardless which + metric is the currently selected metric in the UI. However + occasionally a metric will generate so many messages that the + resulting visual clutter becomes overwhelming. In this case setting + this to true, will show the diagnostic messages for that metric only + if it is the currently selected metric. + info: + description: Information about this diagnostic information. + $ref: '#/components/schemas/LocalizedString' + severity: + enum: + - SEVERITY_UNSPECIFIED + - INFO + - WARNING + - ERROR + - FATAL + enumDescriptions: + - Required default value. + - Lowest severity level "Info". + - Middle severity level "Warning". + - Severity level signaling an error "Error" + - Severity level signaling a non recoverable error "Fatal" + type: string + description: The severity of the diagnostic message. + shortMessage: + description: The short message. + $ref: '#/components/schemas/LocalizedString' + MultiplexedSessionPrecommitToken: + id: MultiplexedSessionPrecommitToken + type: object + properties: + seqNum: + type: integer + format: int32 + description: >- + An incrementing seq number is generated on every precommit token + that is returned. Clients should remember the precommit token with + the highest sequence number from the current transaction attempt. + precommitToken: + description: Opaque precommit token. + format: byte + type: string + description: >- + When a read-write transaction is executed on a multiplexed session, this + precommit token is sent back to the client as a part of the Transaction + message in the BeginTransaction response and also as a part of the + ResultSet and PartialResultSet responses. + ChangeQuorumMetadata: + id: ChangeQuorumMetadata type: object + description: Metadata type for the long-running operation returned by ChangeQuorum. properties: - resultSets: + endTime: + format: google-datetime description: >- - One ResultSet for each statement in the request that ran - successfully, in the same order as the statements in the request. - Each ResultSet does not contain any rows. The ResultSetStats in each - ResultSet contain the number of rows modified by the statement. Only - the first ResultSet in the response contains valid - ResultSetMetadata. - type: array - items: - $ref: '#/components/schemas/ResultSet' - status: + If set, the time at which this operation failed or was completed + successfully. + type: string + request: + $ref: '#/components/schemas/ChangeQuorumRequest' + description: The request for ChangeQuorum. + startTime: + type: string + format: google-datetime + description: Time the request was received. + AutoscalingTargets: + id: AutoscalingTargets + type: object + description: The autoscaling targets for an instance. + properties: + storageUtilizationPercent: description: >- - If all DML statements are executed successfully, the status is `OK`. - Otherwise, the error status of the first failed statement. - $ref: '#/components/schemas/Status' - precommitToken: + Required. The target storage utilization percentage that the + autoscaler should be trying to achieve for the instance. This number + is on a scale from 0 (no utilization) to 100 (full utilization). The + valid range is [10, 99] inclusive. + type: integer + format: int32 + highPriorityCpuUtilizationPercent: + type: integer + format: int32 description: >- - Optional. A precommit token is included if the read-write - transaction is on a multiplexed session. Pass the precommit token - with the highest sequence number from this transaction attempt - should be passed to the Commit request for this transaction. - $ref: '#/components/schemas/MultiplexedSessionPrecommitToken' - ReadRequest: - id: ReadRequest - description: The request for Read and StreamingRead. + Required. The target high priority cpu utilization percentage that + the autoscaler should be trying to achieve for the instance. This + number is on a scale from 0 (no utilization) to 100 (full + utilization). The valid range is [10, 90] inclusive. + UpdateDatabaseDdlRequest: + id: UpdateDatabaseDdlRequest + description: >- + Enqueues the given DDL statements to be applied, in order but not + necessarily all at once, to the database schema at some point (or + points) in the future. The server checks that the statements are + executable (syntactically valid, name tables that exist, etc.) before + enqueueing them, but they may still fail upon later execution (for + example, if a statement from another batch of statements is applied + first and it conflicts in some way, or if there is some data-related + problem like a `NULL` value in a column to which `NOT NULL` would be + added). If a statement fails, all subsequent statements in the batch are + automatically cancelled. Each batch of statements is assigned a name + which can be used with the Operations API to monitor progress. See the + operation_id field for more details. type: object properties: - transaction: - description: >- - The transaction to use. If none is provided, the default is a - temporary read-only transaction with strong concurrency. - $ref: '#/components/schemas/TransactionSelector' - table: - description: Required. The name of the table in the database to be read. - type: string - index: + operationId: description: >- - If non-empty, the name of an index on table. This index is used - instead of the table primary key when interpreting key_set and - sorting result rows. See key_set for further information. + If empty, the new update request is assigned an + automatically-generated operation ID. Otherwise, `operation_id` is + used to construct the name of the resulting Operation. Specifying an + explicit operation ID simplifies determining whether the statements + were executed in the event that the UpdateDatabaseDdl call is + replayed, or the return value is otherwise lost: the database and + `operation_id` fields can be combined to form the `name` of the + resulting longrunning.Operation: `/operations/`. `operation_id` + should be unique within the database, and must be a valid + identifier: `a-z*`. Note that automatically-generated operation IDs + always begin with an underscore. If the named operation already + exists, UpdateDatabaseDdl returns `ALREADY_EXISTS`. type: string - columns: - description: >- - Required. The columns of table to be returned for each row matching - this request. + statements: type: array items: type: string - keySet: - description: >- - Required. `key_set` identifies the rows to be yielded. `key_set` - names the primary keys of the rows in table to be yielded, unless - index is present. If index is present, then key_set instead names - index keys in index. If the partition_token field is empty, rows are - yielded in table primary key order (if index is empty) or index key - order (if index is non-empty). If the partition_token field isn't - empty, rows are yielded in an unspecified order. It isn't an error - for the `key_set` to name rows that don't exist in the database. - Read yields nothing for nonexistent rows. - $ref: '#/components/schemas/KeySet' - limit: - description: >- - If greater than zero, only the first `limit` rows are yielded. If - `limit` is zero, the default is no limit. A limit can't be specified - if `partition_token` is set. - type: string - format: int64 - resumeToken: - description: >- - If this request is resuming a previously interrupted read, - `resume_token` should be copied from the last PartialResultSet - yielded before the interruption. Doing this enables the new read to - resume where the last read left off. The rest of the request - parameters must exactly match the request that yielded this token. - type: string - format: byte - partitionToken: + description: Required. DDL statements to be applied to the database. + protoDescriptors: description: >- - If present, results are restricted to the specified partition - previously created using `PartitionRead`. There must be an exact - match for the values of fields common to this message and the - PartitionReadRequest message used to create this partition_token. - type: string + Optional. Proto descriptors used by CREATE/ALTER PROTO BUNDLE + statements. Contains a protobuf-serialized + [google.protobuf.FileDescriptorSet](https://github.com/protocolbuffers/protobuf/blob/main/src/google/protobuf/descriptor.proto). + To generate it, [install](https://grpc.io/docs/protoc-installation/) + and run `protoc` with --include_imports and --descriptor_set_out. + For example, to generate for moon/shot/app.proto, run ``` $protoc + --proto_path=/app_path --proto_path=/lib_path \ --include_imports \ + --descriptor_set_out=descriptors.data \ moon/shot/app.proto ``` For + more details, see protobuffer [self + description](https://developers.google.com/protocol-buffers/docs/techniques#self-description). format: byte - requestOptions: - description: Common options for this request. - $ref: '#/components/schemas/RequestOptions' - directedReadOptions: - description: Directed read options for this request. - $ref: '#/components/schemas/DirectedReadOptions' - dataBoostEnabled: - description: >- - If this is for a partitioned read and this field is set to `true`, - the request is executed with Spanner Data Boost independent compute - resources. If the field is set to `true` but the request doesn't set - `partition_token`, the API returns an `INVALID_ARGUMENT` error. - type: boolean - orderBy: - description: >- - Optional. Order for the returned rows. By default, Spanner returns - result rows in primary key order except for PartitionRead requests. - For applications that don't require rows to be returned in primary - key (`ORDER_BY_PRIMARY_KEY`) order, setting `ORDER_BY_NO_ORDER` - option allows Spanner to optimize row retrieval, resulting in lower - latencies in certain cases (for example, bulk point lookups). type: string - enumDescriptions: - - >- - Default value. `ORDER_BY_UNSPECIFIED` is equivalent to - `ORDER_BY_PRIMARY_KEY`. - - >- - Read rows are returned in primary key order. In the event that - this option is used in conjunction with the `partition_token` - field, the API returns an `INVALID_ARGUMENT` error. - - Read rows are returned in any order. - enum: - - ORDER_BY_UNSPECIFIED - - ORDER_BY_PRIMARY_KEY - - ORDER_BY_NO_ORDER - lockHint: + ListBackupOperationsResponse: + id: ListBackupOperationsResponse + properties: + operations: + type: array description: >- - Optional. Lock Hint for the request, it can only be used with - read-write transactions. - type: string - enumDescriptions: - - >- - Default value. `LOCK_HINT_UNSPECIFIED` is equivalent to - `LOCK_HINT_SHARED`. - - >- - Acquire shared locks. By default when you perform a read as part - of a read-write transaction, Spanner acquires shared read locks, - which allows other reads to still access the data until your - transaction is ready to commit. When your transaction is - committing and writes are being applied, the transaction attempts - to upgrade to an exclusive lock for any data you are writing. For - more information about locks, see [Lock - modes](https://cloud.google.com/spanner/docs/introspection/lock-statistics#explain-lock-modes). - - >- - Acquire exclusive locks. Requesting exclusive locks is beneficial - if you observe high write contention, which means you notice that - multiple transactions are concurrently trying to read and write to - the same data, resulting in a large number of aborts. This problem - occurs when two transactions initially acquire shared locks and - then both try to upgrade to exclusive locks at the same time. In - this situation both transactions are waiting for the other to give - up their lock, resulting in a deadlocked situation. Spanner is - able to detect this occurring and force one of the transactions to - abort. However, this is a slow and expensive operation and results - in lower performance. In this case it makes sense to acquire - exclusive locks at the start of the transaction because then when - multiple transactions try to act on the same data, they - automatically get serialized. Each transaction waits its turn to - acquire the lock and avoids getting into deadlock situations. - Because the exclusive lock hint is just a hint, it shouldn't be - considered equivalent to a mutex. In other words, you shouldn't - use Spanner exclusive locks as a mutual exclusion mechanism for - the execution of code outside of Spanner. **Note:** Request - exclusive locks judiciously because they block others from reading - that data for the entire transaction, rather than just when the - writes are being performed. Unless you observe high write - contention, you should use the default of shared read locks so you - don't prematurely block other clients from reading the data that - you're writing to. - enum: - - LOCK_HINT_UNSPECIFIED - - LOCK_HINT_SHARED - - LOCK_HINT_EXCLUSIVE - KeySet: - id: KeySet - description: >- - `KeySet` defines a collection of Cloud Spanner keys and/or key ranges. - All the keys are expected to be in the same table or index. The keys - need not be sorted in any particular way. If the same key is specified - multiple times in the set (for example if two ranges, two keys, or a key - and a range overlap), Cloud Spanner behaves as if the key were only - specified once. + The list of matching backup long-running operations. Each + operation's name will be prefixed by the backup's name. The + operation's metadata field type `metadata.type_url` describes the + type of the metadata. Operations returned include those that are + pending or have completed/failed/canceled within the last 7 days. + Operations returned are ordered by + `operation.metadata.value.progress.start_time` in descending order + starting from the most recently started operation. + items: + $ref: '#/components/schemas/Operation' + nextPageToken: + description: >- + `next_page_token` can be sent in a subsequent ListBackupOperations + call to fetch more of the matching metadata. + type: string + description: The response for ListBackupOperations. type: object + RestoreDatabaseEncryptionConfig: + id: RestoreDatabaseEncryptionConfig properties: - keys: + kmsKeyName: description: >- - A list of specific keys. Entries in `keys` should have exactly as - many elements as there are columns in the primary or index key with - which this `KeySet` is used. Individual key values are encoded as - described here. - type: array - items: - type: array - items: - type: any - ranges: + Optional. This field is maintained for backwards compatibility. For + new callers, we recommend using `kms_key_names` to specify the KMS + key. Only use `kms_key_name` if the location of the KMS key matches + the database instance's configuration (location) exactly. For + example, if the KMS location is in `us-central1` or `nam3`, then the + database instance must also be in `us-central1` or `nam3`. The Cloud + KMS key that is used to encrypt and decrypt the restored database. + Set this field only when encryption_type is + `CUSTOMER_MANAGED_ENCRYPTION`. Values are of the form + `projects//locations//keyRings//cryptoKeys/`. + type: string + encryptionType: + type: string + enumDescriptions: + - Unspecified. Do not use. + - >- + This is the default option when encryption_config is not + specified. + - Use Google default encryption. + - >- + Use customer managed encryption. If specified, `kms_key_name` must + must contain a valid Cloud KMS key. + enum: + - ENCRYPTION_TYPE_UNSPECIFIED + - USE_CONFIG_DEFAULT_OR_BACKUP_ENCRYPTION + - GOOGLE_DEFAULT_ENCRYPTION + - CUSTOMER_MANAGED_ENCRYPTION + description: Required. The encryption type of the restored database. + kmsKeyNames: description: >- - A list of key ranges. See KeyRange for more information about key - range specifications. - type: array + Optional. Specifies the KMS configuration for one or more keys used + to encrypt the database. Values have the form + `projects//locations//keyRings//cryptoKeys/`. The keys referenced by + `kms_key_names` must fully cover all regions of the database's + instance configuration. Some examples: * For regional + (single-region) instance configurations, specify a regional location + KMS key. * For multi-region instance configurations of type + `GOOGLE_MANAGED`, either specify a multi-region location KMS key or + multiple regional location KMS keys that cover all regions in the + instance configuration. * For an instance configuration of type + `USER_MANAGED`, specify only regional location KMS keys to cover + each region in the instance configuration. Multi-region location KMS + keys aren't supported for `USER_MANAGED` type instance + configurations. items: - $ref: '#/components/schemas/KeyRange' - all: + type: string + type: array + description: Encryption configuration for the restored database. + type: object + RestoreDatabaseMetadata: + properties: + sourceType: + description: The type of the restore source. + enum: + - TYPE_UNSPECIFIED + - BACKUP + type: string + enumDescriptions: + - No restore associated. + - A backup was used as the source of the restore. + cancelTime: + type: string description: >- - For convenience `all` can be set to `true` to indicate that this - `KeySet` matches all keys in the table or index. Note that any keys - specified in `keys` or `ranges` are only yielded once. - type: boolean + The time at which cancellation of this operation was received. + Operations.CancelOperation starts asynchronous cancellation on a + long-running operation. The server makes a best effort to cancel the + operation, but success is not guaranteed. Clients can use + Operations.GetOperation or other methods to check whether the + cancellation succeeded or whether the operation completed despite + cancellation. On successful cancellation, the operation is not + deleted; instead, it becomes an operation with an Operation.error + value with a google.rpc.Status.code of 1, corresponding to + `Code.CANCELLED`. + format: google-datetime + optimizeDatabaseOperationName: + description: >- + If exists, the name of the long-running operation that will be used + to track the post-restore optimization process to optimize the + performance of the restored database, and remove the dependency on + the restore source. The name is of the form + `projects//instances//databases//operations/` where the is the name + of database being created and restored to. The metadata type of the + long-running operation is OptimizeRestoredDatabaseMetadata. This + long-running operation will be automatically created by the system + after the RestoreDatabase long-running operation completes + successfully. This operation will not be created if the restore was + not successful. + type: string + progress: + description: The progress of the RestoreDatabase operation. + $ref: '#/components/schemas/OperationProgress' + backupInfo: + description: Information about the backup used to restore the database. + $ref: '#/components/schemas/BackupInfo' + name: + type: string + description: Name of the database being created and restored to. + description: >- + Metadata type for the long-running operation returned by + RestoreDatabase. + type: object + id: RestoreDatabaseMetadata KeyRange: - id: KeyRange description: >- KeyRange represents a range of rows in a table or index. A range has a start key and an end key. These keys can be open or closed, indicating @@ -4639,251 +4023,391 @@ components: inclusive: "start_closed": ["100"] "end_closed": ["1"] Note that 100 is passed as the start, and 1 is passed as the end, because `Key` is a descending column in the schema. - type: object + id: KeyRange properties: + endClosed: + items: + type: any + type: array + description: >- + If the end is closed, then the range includes all rows whose first + `len(end_closed)` key columns exactly match `end_closed`. + startOpen: + items: + type: any + type: array + description: >- + If the start is open, then the range excludes rows whose first + `len(start_open)` key columns exactly match `start_open`. + endOpen: + items: + type: any + type: array + description: >- + If the end is open, then the range excludes rows whose first + `len(end_open)` key columns exactly match `end_open`. startClosed: description: >- If the start is closed, then the range includes all rows whose first `len(start_closed)` key columns exactly match `start_closed`. + items: + type: any + type: array + type: object + ListScansResponse: + id: ListScansResponse + description: Response method from the ListScans method. + properties: + scans: type: array items: + $ref: '#/components/schemas/Scan' + description: Available scans based on the list query parameters. + nextPageToken: + type: string + description: >- + Token to retrieve the next page of results, or empty if there are no + more results in the list. + type: object + PlanNode: + type: object + id: PlanNode + properties: + displayName: + type: string + description: The display name for the node. + shortRepresentation: + description: Condensed representation for SCALAR nodes. + $ref: '#/components/schemas/ShortRepresentation' + kind: + enumDescriptions: + - Not specified. + - >- + Denotes a Relational operator node in the expression tree. + Relational operators represent iterative processing of rows during + query execution. For example, a `TableScan` operation that reads + rows from a table. + - >- + Denotes a Scalar node in the expression tree. Scalar nodes + represent non-iterable entities in the query plan. For example, + constants or arithmetic operators appearing inside predicate + expressions or references to column names. + enum: + - KIND_UNSPECIFIED + - RELATIONAL + - SCALAR + description: >- + Used to determine the type of node. May be needed for visualizing + different kinds of nodes differently. For example, If the node is a + SCALAR node, it will have a condensed representation which can be + used to directly embed a description of the node in its parent. + type: string + index: + type: integer + description: The `PlanNode`'s index in node list. + format: int32 + metadata: + additionalProperties: type: any - startOpen: + description: Properties of the object. description: >- - If the start is open, then the range excludes rows whose first - `len(start_open)` key columns exactly match `start_open`. + Attributes relevant to the node contained in a group of key-value + pairs. For example, a Parameter Reference node could have the + following information in its metadata: { "parameter_reference": + "param1", "parameter_type": "array" } + type: object + childLinks: type: array items: + $ref: '#/components/schemas/ChildLink' + description: List of child node `index`es and their relationship to this parent. + executionStats: + additionalProperties: + description: Properties of the object. type: any - endClosed: + type: object + description: >- + The execution statistics associated with the node, contained in a + group of key-value pairs. Only present if the plan was returned as a + result of a profile query. For example, number of executions, number + of rows/time per execution etc. + description: Node information for nodes appearing in a QueryPlan.plan_nodes. + ListDatabaseOperationsResponse: + description: The response for ListDatabaseOperations. + type: object + id: ListDatabaseOperationsResponse + properties: + operations: + items: + $ref: '#/components/schemas/Operation' + type: array + description: >- + The list of matching database long-running operations. Each + operation's name will be prefixed by the database's name. The + operation's metadata field type `metadata.type_url` describes the + type of the metadata. + nextPageToken: + description: >- + `next_page_token` can be sent in a subsequent ListDatabaseOperations + call to fetch more of the matching metadata. + type: string + CreateInstanceConfigRequest: + description: The request for CreateInstanceConfig. + properties: + instanceConfigId: + description: >- + Required. The ID of the instance configuration to create. Valid + identifiers are of the form `custom-[-a-z0-9]*[a-z0-9]` and must be + between 2 and 64 characters in length. The `custom-` prefix is + required to avoid name conflicts with Google-managed configurations. + type: string + instanceConfig: + description: >- + Required. The `InstanceConfig` proto of the configuration to create. + `instance_config.name` must be `/instanceConfigs/`. + `instance_config.base_config` must be a Google-managed configuration + name, e.g. /instanceConfigs/us-east1, /instanceConfigs/nam3. + $ref: '#/components/schemas/InstanceConfig' + validateOnly: description: >- - If the end is closed, then the range includes all rows whose first - `len(end_closed)` key columns exactly match `end_closed`. - type: array + An option to validate, but not actually execute, a request, and + provide the same response. + type: boolean + type: object + id: CreateInstanceConfigRequest + ExcludeReplicas: + description: >- + An ExcludeReplicas contains a repeated set of ReplicaSelection that + should be excluded from serving requests. + properties: + replicaSelections: + description: The directed read replica selector. items: - type: any - endOpen: - description: >- - If the end is open, then the range excludes rows whose first - `len(end_open)` key columns exactly match `end_open`. + $ref: '#/components/schemas/ReplicaSelection' type: array - items: - type: any + id: ExcludeReplicas + type: object BeginTransactionRequest: - id: BeginTransactionRequest description: The request for BeginTransaction. - type: object + id: BeginTransactionRequest properties: options: - description: Required. Options for the new transaction. $ref: '#/components/schemas/TransactionOptions' + description: Required. Options for the new transaction. requestOptions: + $ref: '#/components/schemas/RequestOptions' description: >- Common options for this request. Priority is ignored for this request. Setting the priority in this `request_options` struct doesn't do anything. To set the priority for a transaction, set it on the reads and writes that are part of this transaction instead. - $ref: '#/components/schemas/RequestOptions' mutationKey: + $ref: '#/components/schemas/Mutation' description: >- Optional. Required for read-write transactions on a multiplexed session that commit mutations but don't perform any reads or queries. You must randomly select one of the mutations from the mutation set and send it as a part of this request. - $ref: '#/components/schemas/Mutation' - Mutation: - id: Mutation - description: >- - A modification to one or more Cloud Spanner rows. Mutations can be - applied to a Cloud Spanner database by sending them in a Commit call. type: object + Instance: + description: >- + An isolated set of Cloud Spanner resources on which databases can be + hosted. + id: Instance properties: - insert: - description: >- - Insert new rows in a table. If any of the rows already exist, the - write or transaction fails with error `ALREADY_EXISTS`. - $ref: '#/components/schemas/Write' - update: - description: >- - Update existing rows in a table. If any of the rows does not already - exist, the transaction fails with error `NOT_FOUND`. - $ref: '#/components/schemas/Write' - insertOrUpdate: + edition: + enumDescriptions: + - Edition not specified. + - Standard edition. + - Enterprise edition. + - Enterprise Plus edition. + enum: + - EDITION_UNSPECIFIED + - STANDARD + - ENTERPRISE + - ENTERPRISE_PLUS + description: Optional. The `Edition` of the current instance. + type: string + autoscalingConfig: + $ref: '#/components/schemas/AutoscalingConfig' description: >- - Like insert, except that if the row already exists, then its column - values are overwritten with the ones provided. Any column values not - explicitly written are preserved. When using insert_or_update, just - as when using insert, all `NOT NULL` columns in the table must be - given a value. This holds true even when the row already exists and - will therefore actually be updated. - $ref: '#/components/schemas/Write' - replace: + Optional. The autoscaling configuration. Autoscaling is enabled if + this field is set. When autoscaling is enabled, node_count and + processing_units are treated as OUTPUT_ONLY fields and reflect the + current compute capacity allocated to the instance. + nodeCount: + type: integer description: >- - Like insert, except that if the row already exists, it is deleted, - and the column values provided are inserted instead. Unlike - insert_or_update, this means any values not explicitly written - become `NULL`. In an interleaved table, if you create the child - table with the `ON DELETE CASCADE` annotation, then replacing a - parent row also deletes the child rows. Otherwise, you must delete - the child rows before you replace the parent row. - $ref: '#/components/schemas/Write' - delete: + The number of nodes allocated to this instance. At most, one of + either `node_count` or `processing_units` should be present in the + message. Users can set the `node_count` field to specify the target + number of nodes allocated to the instance. If autoscaling is + enabled, `node_count` is treated as an `OUTPUT_ONLY` field and + reflects the current number of nodes allocated to the instance. This + might be zero in API responses for instances that are not yet in the + `READY` state. If the instance has varying node count across + replicas (achieved by setting `asymmetric_autoscaling_options` in + the autoscaling configuration), the `node_count` set here is the + maximum node count across all replicas. For more information, see + [Compute capacity, nodes, and processing + units](https://cloud.google.com/spanner/docs/compute-capacity). + format: int32 + freeInstanceMetadata: + $ref: '#/components/schemas/FreeInstanceMetadata' + description: Free instance metadata. Only populated for free instances. + processingUnits: + format: int32 description: >- - Delete rows from a table. Succeeds whether or not the named rows - were present. - $ref: '#/components/schemas/Delete' - Write: - id: Write - description: Arguments to insert, update, insert_or_update, and replace operations. - type: object - properties: - table: - description: Required. The table whose rows will be written. + The number of processing units allocated to this instance. At most, + one of either `processing_units` or `node_count` should be present + in the message. Users can set the `processing_units` field to + specify the target number of processing units allocated to the + instance. If autoscaling is enabled, `processing_units` is treated + as an `OUTPUT_ONLY` field and reflects the current number of + processing units allocated to the instance. This might be zero in + API responses for instances that are not yet in the `READY` state. + If the instance has varying processing units per replica (achieved + by setting `asymmetric_autoscaling_options` in the autoscaling + configuration), the `processing_units` set here is the maximum + processing units across all replicas. For more information, see + [Compute capacity, nodes and processing + units](https://cloud.google.com/spanner/docs/compute-capacity). + type: integer + displayName: type: string - columns: - description: >- - The names of the columns in table to be written. The list of columns - must contain enough columns to allow Cloud Spanner to derive values - for all primary key columns in the row(s) to be modified. - type: array - items: - type: string - values: description: >- - The values to be written. `values` can contain more than one list of - values. If it does, then multiple rows are written, one for each - entry in `values`. Each list in `values` must have exactly as many - entries as there are entries in columns above. Sending multiple - lists is equivalent to sending multiple `Mutation`s, each containing - one `values` entry and repeating table and columns. Individual - values in each list are encoded as described here. - type: array - items: - type: array - items: - type: any - Delete: - id: Delete - description: Arguments to delete operations. - type: object - properties: - table: - description: Required. The table whose rows will be deleted. + Required. The descriptive name for this instance as it appears in + UIs. Must be unique per project and between 4 and 30 characters in + length. + name: type: string - keySet: description: >- - Required. The primary keys of the rows within table to delete. The - primary keys must be specified in the order in which they appear in - the `PRIMARY KEY()` clause of the table's equivalent DDL statement - (the DDL statement used to create the table). Delete is idempotent. - The transaction will succeed even if some or all rows do not exist. - $ref: '#/components/schemas/KeySet' - CommitRequest: - id: CommitRequest - description: The request for Commit. - type: object - properties: - transactionId: - description: Commit a previously-started transaction. + Required. A unique identifier for the instance, which cannot be + changed after the instance is created. Values are of the form + `projects//instances/a-z*[a-z0-9]`. The final segment of the name + must be between 2 and 64 characters in length. + state: type: string - format: byte - singleUseTransaction: - description: >- - Execute mutations in a temporary transaction. Note that unlike - commit of a previously-started transaction, commit with a temporary - transaction is non-idempotent. That is, if the `CommitRequest` is - sent to Cloud Spanner more than once (for instance, due to retries - in the application, or in the transport library), it's possible that - the mutations are executed more than once. If this is undesirable, - use BeginTransaction and Commit instead. - $ref: '#/components/schemas/TransactionOptions' - mutations: - description: >- - The mutations to be executed when this transaction commits. All - mutations are applied atomically, in the order they appear in this - list. - type: array - items: - $ref: '#/components/schemas/Mutation' - returnCommitStats: - description: >- - If `true`, then statistics related to the transaction is included in - the CommitResponse. Default value is `false`. - type: boolean - maxCommitDelay: description: >- - Optional. The amount of latency this request is configured to incur - in order to improve throughput. If this field isn't set, Spanner - assumes requests are relatively latency sensitive and automatically - determines an appropriate delay time. You can specify a commit delay - value between 0 and 500 ms. + Output only. The current instance state. For CreateInstance, the + state must be either omitted or set to `CREATING`. For + UpdateInstance, the state must be either omitted or set to `READY`. + readOnly: true + enum: + - STATE_UNSPECIFIED + - CREATING + - READY + enumDescriptions: + - Not specified. + - >- + The instance is still being created. Resources may not be + available yet, and operations such as database creation may not + work. + - >- + The instance is fully created and ready to do work such as + creating databases. + defaultBackupScheduleType: + enum: + - DEFAULT_BACKUP_SCHEDULE_TYPE_UNSPECIFIED + - NONE + - AUTOMATIC + enumDescriptions: + - Not specified. + - >- + A default backup schedule isn't created automatically when a new + database is created in the instance. + - >- + A default backup schedule is created automatically when a new + database is created in the instance. The default backup schedule + creates a full backup every 24 hours. These full backups are + retained for 7 days. You can edit or delete the default backup + schedule once it's created. type: string - format: google-duration - requestOptions: - description: Common options for this request. - $ref: '#/components/schemas/RequestOptions' - precommitToken: description: >- - Optional. If the read-write transaction was executed on a - multiplexed session, then you must include the precommit token with - the highest sequence number received in this transaction attempt. - Failing to do so results in a `FailedPrecondition` error. - $ref: '#/components/schemas/MultiplexedSessionPrecommitToken' - CommitResponse: - id: CommitResponse - description: The response for Commit. - type: object - properties: - commitTimestamp: - description: The Cloud Spanner timestamp at which the transaction committed. + Optional. Controls the default backup schedule behavior for new + databases within the instance. By default, a backup schedule is + created automatically when a new database is created in a new + instance. Note that the `AUTOMATIC` value isn't permitted for free + instances, as backups and backup schedules aren't supported for free + instances. In the `GetInstance` or `ListInstances` response, if the + value of `default_backup_schedule_type` isn't set, or set to `NONE`, + Spanner doesn't create a default backup schedule for new databases + in the instance. + labels: + type: object + additionalProperties: + type: string + description: >- + Cloud Labels are a flexible and lightweight mechanism for organizing + cloud resources into groups that reflect a customer's organizational + needs and deployment strategies. Cloud Labels can be used to filter + collections of resources. They can be used to control how resource + metrics are aggregated. And they can be used as arguments to policy + management rules (e.g. route, firewall, load balancing, etc.). * + Label keys must be between 1 and 63 characters long and must conform + to the following regular expression: `a-z{0,62}`. * Label values + must be between 0 and 63 characters long and must conform to the + regular expression `[a-z0-9_-]{0,63}`. * No more than 64 labels can + be associated with a given resource. See https://goo.gl/xmQnxf for + more information on and examples of labels. If you plan to use + labels in your own code, please note that additional characters may + be allowed in the future. And so you are advised to use an internal + label representation, such as JSON, which doesn't rely upon specific + characters being disallowed. For example, representing labels as the + string: name + "_" + value would prove problematic if we were to + allow "_" in a future release. + updateTime: + readOnly: true type: string format: google-datetime - commitStats: description: >- - The statistics about this `Commit`. Not returned by default. For - more information, see CommitRequest.return_commit_stats. - $ref: '#/components/schemas/CommitStats' - precommitToken: + Output only. The time at which the instance was most recently + updated. + replicaComputeCapacity: + type: array description: >- - If specified, transaction has not committed yet. You must retry the - commit with the new precommit token. - $ref: '#/components/schemas/MultiplexedSessionPrecommitToken' - CommitStats: - id: CommitStats - description: Additional statistics about a commit. - type: object - properties: - mutationCount: + Output only. Lists the compute capacity per ReplicaSelection. A + replica selection identifies a set of replicas with common + properties. Replicas identified by a ReplicaSelection are scaled + with the same compute capacity. + items: + $ref: '#/components/schemas/ReplicaComputeCapacity' + readOnly: true + config: description: >- - The total number of mutations for the transaction. Knowing the - `mutation_count` value can help you maximize the number of mutations - in a transaction and minimize the number of API round trips. You can - also monitor this value to prevent transactions from exceeding the - system - [limit](https://cloud.google.com/spanner/quotas#limits_for_creating_reading_updating_and_deleting_data). - If the number of mutations exceeds the limit, the server returns - [INVALID_ARGUMENT](https://cloud.google.com/spanner/docs/reference/rest/v1/Code#ENUM_VALUES.INVALID_ARGUMENT). + Required. The name of the instance's configuration. Values are of + the form `projects//instanceConfigs/`. See also InstanceConfig and + ListInstanceConfigs. type: string - format: int64 - RollbackRequest: - id: RollbackRequest - description: The request for Rollback. - type: object - properties: - transactionId: - description: Required. The transaction to roll back. + createTime: + format: google-datetime + description: Output only. The time at which the instance was created. type: string - format: byte - PartitionQueryRequest: - id: PartitionQueryRequest - description: The request for PartitionQuery + readOnly: true + endpointUris: + items: + type: string + type: array + description: Deprecated. This field is not populated. + instanceType: + type: string + enum: + - INSTANCE_TYPE_UNSPECIFIED + - PROVISIONED + - FREE_INSTANCE + enumDescriptions: + - Not specified. + - >- + Provisioned instances have dedicated resources, standard usage + limits and support. + - >- + Free instances provide no guarantee for dedicated resources, + [node_count, processing_units] should be 0. They come with + stricter usage limits and limited support. + description: The `InstanceType` of the current instance. type: object + PartitionQueryRequest: properties: - transaction: - description: >- - Read-only snapshot transactions are supported, read and write and - single-use transactions are not. - $ref: '#/components/schemas/TransactionSelector' sql: description: >- Required. The query request to generate partitions for. The request @@ -4898,7 +4422,16 @@ components: `PartitionedDml` transaction for large, partition-friendly DML operations. type: string + transaction: + $ref: '#/components/schemas/TransactionSelector' + description: >- + Read-only snapshot transactions are supported, read and write and + single-use transactions are not. params: + type: object + additionalProperties: + description: Properties of the object. + type: any description: >- Parameter names and values that bind to placeholders in the SQL string. A parameter placeholder consists of the `@` character @@ -4908,11 +4441,13 @@ components: same parameter name can be used more than once, for example: `"WHERE id > @msg_id AND id < @msg_id + 100"` It's an error to execute a SQL statement with unbound parameters. - type: object - additionalProperties: - type: any - description: Properties of the object. + partitionOptions: + description: Additional options that affect how many partitions are created. + $ref: '#/components/schemas/PartitionOptions' paramTypes: + additionalProperties: + $ref: '#/components/schemas/Type' + type: object description: >- It isn't always possible for Cloud Spanner to infer the right SQL type from a JSON value. For example, values of type `BYTES` and @@ -4920,1076 +4455,1595 @@ components: these cases, `param_types` can be used to specify the exact SQL type for some or all of the SQL query parameters. See the definition of Type for more information about SQL types. - type: object - additionalProperties: - $ref: '#/components/schemas/Type' - partitionOptions: - description: Additional options that affect how many partitions are created. - $ref: '#/components/schemas/PartitionOptions' - PartitionOptions: - id: PartitionOptions - description: Options for a `PartitionQueryRequest` and `PartitionReadRequest`. type: object + id: PartitionQueryRequest + description: The request for PartitionQuery + ReplicaInfo: properties: - partitionSizeBytes: - description: >- - **Note:** This hint is currently ignored by `PartitionQuery` and - `PartitionRead` requests. The desired data size for each partition - generated. The default for this option is currently 1 GiB. This is - only a hint. The actual size of each partition can be smaller or - larger than this size request. + location: type: string - format: int64 - maxPartitions: + description: The location of the serving resources, e.g., "us-central1". + type: + description: The type of replica. + type: string + enum: + - TYPE_UNSPECIFIED + - READ_WRITE + - READ_ONLY + - WITNESS + enumDescriptions: + - Not specified. + - >- + Read-write replicas support both reads and writes. These replicas: + * Maintain a full copy of your data. * Serve reads. * Can vote + whether to commit a write. * Participate in leadership election. * + Are eligible to become a leader. + - >- + Read-only replicas only support reads (not writes). Read-only + replicas: * Maintain a full copy of your data. * Serve reads. * Do + not participate in voting to commit writes. * Are not eligible to + become a leader. + - >- + Witness replicas don't support reads but do participate in voting + to commit writes. Witness replicas: * Do not maintain a full copy + of data. * Do not serve reads. * Vote whether to commit writes. * + Participate in leader election but are not eligible to become + leader. + defaultLeaderLocation: + type: boolean description: >- - **Note:** This hint is currently ignored by `PartitionQuery` and - `PartitionRead` requests. The desired maximum number of partitions - to return. For example, this might be set to the number of workers - available. The default for this option is currently 10,000. The - maximum value is currently 200,000. This is only a hint. The actual - number of partitions returned can be smaller or larger than this - maximum count request. + If true, this location is designated as the default leader location + where leader replicas are placed. See the [region types + documentation](https://cloud.google.com/spanner/docs/instances#region_types) + for more details. + type: object + id: ReplicaInfo + BackupScheduleSpec: + description: Defines specifications of the backup schedule. + properties: + cronSpec: + description: Cron style schedule specification. + $ref: '#/components/schemas/CrontabSpec' + type: object + id: BackupScheduleSpec + Statement: + type: object + properties: + sql: + description: Required. The DML string. type: string - format: int64 - PartitionResponse: - id: PartitionResponse - description: The response for PartitionQuery or PartitionRead + params: + description: >- + Parameter names and values that bind to placeholders in the DML + string. A parameter placeholder consists of the `@` character + followed by the parameter name (for example, `@firstName`). + Parameter names can contain letters, numbers, and underscores. + Parameters can appear anywhere that a literal value is expected. The + same parameter name can be used more than once, for example: `"WHERE + id > @msg_id AND id < @msg_id + 100"` It's an error to execute a SQL + statement with unbound parameters. + additionalProperties: + description: Properties of the object. + type: any + type: object + paramTypes: + type: object + description: >- + It isn't always possible for Cloud Spanner to infer the right SQL + type from a JSON value. For example, values of type `BYTES` and + values of type `STRING` both appear in params as JSON strings. In + these cases, `param_types` can be used to specify the exact SQL type + for some or all of the SQL statement parameters. See the definition + of Type for more information about SQL types. + additionalProperties: + $ref: '#/components/schemas/Type' + id: Statement + description: A single DML statement. + EncryptionConfig: + id: EncryptionConfig + description: Encryption configuration for a Cloud Spanner database. type: object properties: - partitions: - description: Partitions created by this request. + kmsKeyNames: + description: >- + Specifies the KMS configuration for one or more keys used to encrypt + the database. Values are of the form + `projects//locations//keyRings//cryptoKeys/`. The keys referenced by + `kms_key_names` must fully cover all regions of the database's + instance configuration. Some examples: * For regional + (single-region) instance configurations, specify a regional location + KMS key. * For multi-region instance configurations of type + `GOOGLE_MANAGED`, either specify a multi-region location KMS key or + multiple regional location KMS keys that cover all regions in the + instance configuration. * For an instance configuration of type + `USER_MANAGED`, specify only regional location KMS keys to cover + each region in the instance configuration. Multi-region location KMS + keys aren't supported for `USER_MANAGED` type instance + configurations. type: array items: - $ref: '#/components/schemas/Partition' - transaction: - description: Transaction created by this request. - $ref: '#/components/schemas/Transaction' - Partition: - id: Partition - description: Information returned for each partition returned in a PartitionResponse. - type: object - properties: - partitionToken: + type: string + kmsKeyName: description: >- - This token can be passed to `Read`, `StreamingRead`, `ExecuteSql`, - or `ExecuteStreamingSql` requests to restrict the results to those - identified by this partition token. + The Cloud KMS key to be used for encrypting and decrypting the + database. Values are of the form + `projects//locations//keyRings//cryptoKeys/`. type: string - format: byte - PartitionReadRequest: - id: PartitionReadRequest - description: The request for PartitionRead + Scan: type: object + description: >- + Scan is a structure which describes Cloud Key Visualizer scan + information. properties: - transaction: + details: + type: object + description: Additional information provided by the implementer. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + scanData: + $ref: '#/components/schemas/ScanData' description: >- - Read only snapshot transactions are supported, read/write and single - use transactions are not. - $ref: '#/components/schemas/TransactionSelector' - table: - description: Required. The name of the table in the database to be read. + Output only. Cloud Key Visualizer scan data. Note, this field is not + available to the ListScans method. + readOnly: true + name: type: string - index: description: >- - If non-empty, the name of an index on table. This index is used - instead of the table primary key when interpreting key_set and - sorting result rows. See key_set for further information. + The unique name of the scan, specific to the Database service + implementing this interface. + startTime: + description: >- + A range of time (inclusive) for when the scan is defined. The lower + bound for when the scan is defined. + format: google-datetime type: string - columns: + endTime: + type: string + description: The upper bound for when the scan is defined. + format: google-datetime + id: Scan + GetDatabaseDdlResponse: + description: The response for GetDatabaseDdl. + properties: + statements: description: >- - The columns of table to be returned for each row matching this - request. - type: array + A list of formatted DDL statements defining the schema of the + database specified in the request. items: type: string - keySet: - description: >- - Required. `key_set` identifies the rows to be yielded. `key_set` - names the primary keys of the rows in table to be yielded, unless - index is present. If index is present, then key_set instead names - index keys in index. It isn't an error for the `key_set` to name - rows that don't exist in the database. Read yields nothing for - nonexistent rows. - $ref: '#/components/schemas/KeySet' - partitionOptions: - description: Additional options that affect how many partitions are created. - $ref: '#/components/schemas/PartitionOptions' - BatchWriteRequest: - id: BatchWriteRequest - description: The request for BatchWrite. - type: object - properties: - requestOptions: - description: Common options for this request. - $ref: '#/components/schemas/RequestOptions' - mutationGroups: - description: Required. The groups of mutations to be applied. type: array - items: - $ref: '#/components/schemas/MutationGroup' - excludeTxnFromChangeStreams: + protoDescriptors: + format: byte + type: string description: >- - Optional. If you don't set the `exclude_txn_from_change_streams` - option or if it's set to `false`, then any change streams monitoring - columns modified by transactions will capture the updates made - within that transaction. - type: boolean - MutationGroup: - id: MutationGroup + Proto descriptors stored in the database. Contains a + protobuf-serialized + [google.protobuf.FileDescriptorSet](https://github.com/protocolbuffers/protobuf/blob/main/src/google/protobuf/descriptor.proto). + For more details, see protobuffer [self + description](https://developers.google.com/protocol-buffers/docs/techniques#self-description). + id: GetDatabaseDdlResponse + type: object + PartitionEndRecord: + id: PartitionEndRecord description: >- - A group of mutations to be committed together. Related mutations should - be placed in a group. For example, two mutations inserting rows with the - same primary key prefix in both parent and child tables are related. + A partition end record serves as a notification that the client should + stop reading the partition. No further records are expected to be + retrieved on it. type: object properties: - mutations: - description: Required. The mutations in this group. - type: array - items: - $ref: '#/components/schemas/Mutation' - BatchWriteResponse: - id: BatchWriteResponse - description: The result of applying a batch of mutations. - type: object + endTimestamp: + description: >- + End timestamp at which the change stream partition is terminated. + All changes generated by this partition will have timestamps <= + end_timestamp. DataChangeRecord.commit_timestamps, + PartitionStartRecord.start_timestamps, + PartitionEventRecord.commit_timestamps, and + PartitionEndRecord.end_timestamps can have the same value in the + same partition. PartitionEndRecord is the last record returned for a + partition. + format: google-datetime + type: string + recordSequence: + type: string + description: >- + Record sequence numbers are unique and monotonically increasing (but + not necessarily contiguous) for a specific timestamp across record + types in the same partition. To guarantee ordered processing, the + reader should process records (of potentially different types) in + record_sequence order for a specific timestamp in the same + partition. + partitionToken: + type: string + description: >- + Unique partition identifier describing the terminated change stream + partition. partition_token is equal to the partition token of the + change stream partition currently queried to return this + PartitionEndRecord. + InstanceConfig: properties: - indexes: + leaderOptions: + items: + type: string description: >- - The mutation groups applied in this batch. The values index into the - `mutation_groups` field in the corresponding `BatchWriteRequest`. + Allowed values of the "default_leader" schema option for databases + in instances that use this instance configuration. + type: array + reconciling: + readOnly: true + type: boolean + description: >- + Output only. If true, the instance configuration is being created or + updated. If false, there are no ongoing operations for the instance + configuration. + freeInstanceAvailability: + enumDescriptions: + - Not specified. + - >- + Indicates that free instances are available to be created in this + instance configuration. + - >- + Indicates that free instances are not supported in this instance + configuration. + - >- + Indicates that free instances are currently not available to be + created in this instance configuration. + - >- + Indicates that additional free instances cannot be created in this + instance configuration because the project has reached its limit + of free instances. + readOnly: true + enum: + - FREE_INSTANCE_AVAILABILITY_UNSPECIFIED + - AVAILABLE + - UNSUPPORTED + - DISABLED + - QUOTA_EXCEEDED + type: string + description: >- + Output only. Describes whether free instances are available to be + created in this instance configuration. + etag: + description: >- + etag is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a instance configuration from + overwriting each other. It is strongly suggested that systems make + use of the etag in the read-modify-write cycle to perform instance + configuration updates in order to avoid race conditions: An etag is + returned in the response which contains instance configurations, and + systems are expected to put that etag in the request to update + instance configuration to ensure that their change is applied to the + same version of the instance configuration. If no etag is provided + in the call to update the instance configuration, then the existing + instance configuration is overwritten blindly. + type: string + state: + enumDescriptions: + - Not specified. + - The instance configuration is still being created. + - >- + The instance configuration is fully created and ready to be used + to create instances. + type: string + readOnly: true + description: >- + Output only. The current instance configuration state. Applicable + only for `USER_MANAGED` configurations. + enum: + - STATE_UNSPECIFIED + - CREATING + - READY + replicas: type: array items: - type: integer - format: int32 - status: + $ref: '#/components/schemas/ReplicaInfo' description: >- - An `OK` status indicates success. Any other status indicates a - failure. - $ref: '#/components/schemas/Status' - commitTimestamp: + The geographic placement of nodes in this instance configuration and + their replication properties. To create user-managed configurations, + input `replicas` must include all replicas in `replicas` of the + `base_config` and include one or more replicas in the + `optional_replicas` of the `base_config`. + optionalReplicas: + items: + $ref: '#/components/schemas/ReplicaInfo' description: >- - The commit timestamp of the transaction that applied this batch. - Present if `status` is `OK`, absent otherwise. + Output only. The available optional replicas to choose from for + user-managed configurations. Populated for Google-managed + configurations. + readOnly: true + type: array + baseConfig: type: string - format: google-datetime - CopyBackupMetadata: - id: CopyBackupMetadata - description: Metadata type for the operation returned by CopyBackup. - type: object - properties: - name: description: >- - The name of the backup being created through the copy operation. - Values are of the form `projects//instances//backups/`. + Base configuration name, e.g. projects//instanceConfigs/nam3, based + on which this configuration is created. Only set for user-managed + configurations. `base_config` must refer to a configuration of type + `GOOGLE_MANAGED` in the same project as this configuration. + displayName: type: string - sourceBackup: + description: The name of this instance configuration as it appears in UIs. + labels: description: >- - The name of the source backup that is being copied. Values are of - the form `projects//instances//backups/`. + Cloud Labels are a flexible and lightweight mechanism for organizing + cloud resources into groups that reflect a customer's organizational + needs and deployment strategies. Cloud Labels can be used to filter + collections of resources. They can be used to control how resource + metrics are aggregated. And they can be used as arguments to policy + management rules (e.g. route, firewall, load balancing, etc.). * + Label keys must be between 1 and 63 characters long and must conform + to the following regular expression: `a-z{0,62}`. * Label values + must be between 0 and 63 characters long and must conform to the + regular expression `[a-z0-9_-]{0,63}`. * No more than 64 labels can + be associated with a given resource. See https://goo.gl/xmQnxf for + more information on and examples of labels. If you plan to use + labels in your own code, please note that additional characters may + be allowed in the future. Therefore, you are advised to use an + internal label representation, such as JSON, which doesn't rely upon + specific characters being disallowed. For example, representing + labels as the string: name + "_" + value would prove problematic if + we were to allow "_" in a future release. + additionalProperties: + type: string + type: object + storageLimitPerProcessingUnit: + readOnly: true type: string - progress: - description: The progress of the CopyBackup operation. - $ref: '#/components/schemas/OperationProgress' - cancelTime: + format: int64 + description: Output only. The storage limit in bytes per processing unit. + configType: + enum: + - TYPE_UNSPECIFIED + - GOOGLE_MANAGED + - USER_MANAGED + type: string + enumDescriptions: + - Unspecified. + - Google-managed configuration. + - User-managed configuration. + readOnly: true description: >- - The time at which cancellation of CopyBackup operation was received. - Operations.CancelOperation starts asynchronous cancellation on a - long-running operation. The server makes a best effort to cancel the - operation, but success is not guaranteed. Clients can use - Operations.GetOperation or other methods to check whether the - cancellation succeeded or whether the operation completed despite - cancellation. On successful cancellation, the operation is not - deleted; instead, it becomes an operation with an Operation.error - value with a google.rpc.Status.code of 1, corresponding to - `Code.CANCELLED`. + Output only. Whether this instance configuration is a Google-managed + or user-managed configuration. + quorumType: + type: string + enumDescriptions: + - Quorum type not specified. + - >- + An instance configuration tagged with `REGION` quorum type forms a + write quorum in a single region. + - >- + An instance configuration tagged with the `DUAL_REGION` quorum + type forms a write quorum with exactly two read-write regions in a + multi-region configuration. This instance configuration requires + failover in the event of regional failures. + - >- + An instance configuration tagged with the `MULTI_REGION` quorum + type forms a write quorum from replicas that are spread across + more than one region in a multi-region configuration. + readOnly: true + description: Output only. The `QuorumType` of the instance configuration. + enum: + - QUORUM_TYPE_UNSPECIFIED + - REGION + - DUAL_REGION + - MULTI_REGION + name: + description: >- + A unique identifier for the instance configuration. Values are of + the form `projects//instanceConfigs/a-z*`. User instance + configuration must start with `custom-`. type: string - format: google-datetime - OperationProgress: - id: OperationProgress description: >- - Encapsulates progress related information for a Cloud Spanner long - running operation. + A possible configuration for a Cloud Spanner instance. Configurations + define the geographic placement of nodes and their replication. type: object + id: InstanceConfig + ShortRepresentation: + description: >- + Condensed representation of a node and its subtree. Only present for + `SCALAR` PlanNode(s). properties: - progressPercent: + description: description: >- - Percent completion of the operation. Values are between 0 and 100 - inclusive. - type: integer - format: int32 - startTime: - description: Time the request was received. + A string representation of the expression subtree rooted at this + node. type: string - format: google-datetime - endTime: + subqueries: description: >- - If set, the time at which this operation failed or was completed - successfully. - type: string - format: google-datetime - CreateBackupMetadata: - id: CreateBackupMetadata - description: Metadata type for the operation returned by CreateBackup. + A mapping of (subquery variable name) -> (subquery node id) for + cases where the `description` string of this node references a + `SCALAR` subquery contained in the expression subtree rooted at this + node. The referenced `SCALAR` subquery may not necessarily be a + direct child of this node. + type: object + additionalProperties: + format: int32 + type: integer + id: ShortRepresentation + type: object + QuorumType: type: object + description: >- + Information about the database quorum type. This only applies to + dual-region instance configs. properties: - name: - description: The name of the backup being created. - type: string - database: - description: The name of the database the backup is created from. - type: string - progress: - description: The progress of the CreateBackup operation. - $ref: '#/components/schemas/OperationProgress' - cancelTime: + singleRegion: + description: Single-region quorum type. + $ref: '#/components/schemas/SingleRegionQuorum' + dualRegion: + description: Dual-region quorum type. + $ref: '#/components/schemas/DualRegionQuorum' + id: QuorumType + PartialResultSet: + properties: + chunkedValue: + type: boolean + description: >- + If true, then the final value in values is chunked, and must be + combined with more values from subsequent `PartialResultSet`s to + obtain a complete field value. + values: + description: >- + A streamed result set consists of a stream of values, which might be + split into many `PartialResultSet` messages to accommodate large + rows and/or large values. Every N complete values defines a row, + where N is equal to the number of entries in + metadata.row_type.fields. Most values are encoded based on type as + described here. It's possible that the last value in values is + "chunked", meaning that the rest of the value is sent in subsequent + `PartialResultSet`(s). This is denoted by the chunked_value field. + Two or more chunked values can be merged to form a complete value as + follows: * `bool/number/null`: can't be chunked * `string`: + concatenate the strings * `list`: concatenate the lists. If the last + element in a list is a `string`, `list`, or `object`, merge it with + the first element in the next list by applying these rules + recursively. * `object`: concatenate the (field name, field value) + pairs. If a field name is duplicated, then apply these rules + recursively to merge the field values. Some examples of merging: + Strings are concatenated. "foo", "bar" => "foobar" Lists of + non-strings are concatenated. [2, 3], [4] => [2, 3, 4] Lists are + concatenated, but the last and first elements are merged because + they are strings. ["a", "b"], ["c", "d"] => ["a", "bc", "d"] Lists + are concatenated, but the last and first elements are merged because + they are lists. Recursively, the last and first elements of the + inner lists are merged because they are strings. ["a", ["b", "c"]], + [["d"], "e"] => ["a", ["b", "cd"], "e"] Non-overlapping object + fields are combined. {"a": "1"}, {"b": "2"} => {"a": "1", "b": 2"} + Overlapping object fields are merged. {"a": "1"}, {"a": "2"} => + {"a": "12"} Examples of merging objects containing lists of strings. + {"a": ["1"]}, {"a": ["2"]} => {"a": ["12"]} For a more complete + example, suppose a streaming SQL query is yielding a result set + whose rows contain a single string field. The following + `PartialResultSet`s might be yielded: { "metadata": { ... } + "values": ["Hello", "W"] "chunked_value": true "resume_token": + "Af65..." } { "values": ["orl"] "chunked_value": true } { "values": + ["d"] "resume_token": "Zx1B..." } This sequence of + `PartialResultSet`s encodes two rows, one containing the field value + `"Hello"`, and a second containing the field value `"World" = "W" + + "orl" + "d"`. Not all `PartialResultSet`s contain a `resume_token`. + Execution can only be resumed from a previously yielded + `resume_token`. For the above sequence of `PartialResultSet`s, + resuming the query with `"resume_token": "Af65..."` yields results + from the `PartialResultSet` with value "orl". + items: + type: any + type: array + precommitToken: + description: >- + Optional. A precommit token is included if the read-write + transaction has multiplexed sessions enabled. Pass the precommit + token with the highest sequence number from this transaction attempt + to the Commit request for this transaction. + $ref: '#/components/schemas/MultiplexedSessionPrecommitToken' + stats: + description: >- + Query plan and execution statistics for the statement that produced + this streaming result set. These can be requested by setting + ExecuteSqlRequest.query_mode and are sent only once with the last + response in the stream. This field is also present in the last + response for DML statements. + $ref: '#/components/schemas/ResultSetStats' + metadata: + $ref: '#/components/schemas/ResultSetMetadata' description: >- - The time at which cancellation of this operation was received. - Operations.CancelOperation starts asynchronous cancellation on a - long-running operation. The server makes a best effort to cancel the - operation, but success is not guaranteed. Clients can use - Operations.GetOperation or other methods to check whether the - cancellation succeeded or whether the operation completed despite - cancellation. On successful cancellation, the operation is not - deleted; instead, it becomes an operation with an Operation.error - value with a google.rpc.Status.code of 1, corresponding to - `Code.CANCELLED`. - type: string - format: google-datetime - CreateDatabaseMetadata: - id: CreateDatabaseMetadata - description: Metadata type for the operation returned by CreateDatabase. - type: object - properties: - database: - description: The database being created. - type: string - CreateInstanceMetadata: - id: CreateInstanceMetadata - description: Metadata type for the operation returned by CreateInstance. - type: object - properties: - instance: - description: The instance being created. - $ref: '#/components/schemas/Instance' - startTime: - description: The time at which the CreateInstance request was received. + Metadata about the result set, such as row type information. Only + present in the first response. + resumeToken: + format: byte type: string - format: google-datetime - cancelTime: description: >- - The time at which this operation was cancelled. If set, this - operation is in the process of undoing itself (which is guaranteed - to succeed) and cannot be cancelled again. - type: string - format: google-datetime - endTime: + Streaming calls might be interrupted for a variety of reasons, such + as TCP connection loss. If this occurs, the stream of results can be + resumed by re-sending the original request and including + `resume_token`. Note that executing any other transaction in the + same session invalidates the token. + last: + type: boolean description: >- - The time at which this operation failed or was completed - successfully. - type: string - format: google-datetime - expectedFulfillmentPeriod: - description: The expected fulfillment period of this create operation. - type: string - enumDescriptions: - - Not specified. - - >- - Normal fulfillment period. The operation is expected to complete - within minutes. - - >- - Extended fulfillment period. It can take up to an hour for the - operation to complete. - enum: - - FULFILLMENT_PERIOD_UNSPECIFIED - - FULFILLMENT_PERIOD_NORMAL - - FULFILLMENT_PERIOD_EXTENDED - CreateInstanceConfigMetadata: - id: CreateInstanceConfigMetadata - description: Metadata type for the operation returned by CreateInstanceConfig. - type: object - properties: - instanceConfig: - description: The target instance configuration end state. - $ref: '#/components/schemas/InstanceConfig' - progress: - description: The progress of the CreateInstanceConfig operation. - $ref: '#/components/schemas/InstanceOperationProgress' - cancelTime: - description: The time at which this operation was cancelled. - type: string - format: google-datetime - InstanceOperationProgress: - id: InstanceOperationProgress + Optional. Indicates whether this is the last `PartialResultSet` in + the stream. The server might optionally set this field. Clients + shouldn't rely on this field being set in all cases. description: >- - Encapsulates progress related information for a Cloud Spanner long - running instance operations. + Partial results from a streaming read or SQL query. Streaming reads and + SQL queries better tolerate large result sets, large rows, and large + values, but are a little trickier to consume. type: object + id: PartialResultSet + Mod: + id: Mod properties: - progressPercent: + oldValues: + items: + $ref: '#/components/schemas/ModValue' + type: array description: >- - Percent completion of the operation. Values are between 0 and 100 - inclusive. - type: integer - format: int32 - startTime: - description: Time the request was received. - type: string - format: google-datetime - endTime: + Returns the old values before the change for the modified columns. + Always empty for INSERT, or if old values are not being captured + specified by value_capture_type. + newValues: + type: array description: >- - If set, the time at which this operation failed or was completed - successfully. - type: string - format: google-datetime - CreateInstancePartitionMetadata: - id: CreateInstancePartitionMetadata - description: Metadata type for the operation returned by CreateInstancePartition. + Returns the new values after the change for the modified columns. + Always empty for DELETE. + items: + $ref: '#/components/schemas/ModValue' + keys: + items: + $ref: '#/components/schemas/ModValue' + description: Returns the value of the primary key of the modified row. + type: array + type: object + description: A mod describes all data changes in a watched table row. + StructType: + description: '`StructType` defines the fields of a STRUCT type.' type: object + id: StructType + properties: + fields: + description: >- + The list of fields that make up this struct. Order is significant, + because values of this struct type are represented as lists, where + the order of field values matches the order of fields in the + StructType. In turn, the order of fields matches the order of + columns in a read request, or the order of fields in the `SELECT` + clause of a query. + items: + $ref: '#/components/schemas/Field' + type: array + CreateInstancePartitionRequest: + description: The request for CreateInstancePartition. properties: instancePartition: - description: The instance partition being created. $ref: '#/components/schemas/InstancePartition' - startTime: - description: The time at which the CreateInstancePartition request was received. - type: string - format: google-datetime - cancelTime: - description: >- - The time at which this operation was cancelled. If set, this - operation is in the process of undoing itself (which is guaranteed - to succeed) and cannot be cancelled again. - type: string - format: google-datetime - endTime: description: >- - The time at which this operation failed or was completed - successfully. - type: string - format: google-datetime - OptimizeRestoredDatabaseMetadata: - id: OptimizeRestoredDatabaseMetadata - description: >- - Metadata type for the long-running operation used to track the progress - of optimizations performed on a newly restored database. This - long-running operation is automatically created by the system after the - successful completion of a database restore, and cannot be cancelled. - type: object - properties: - name: - description: Name of the restored database being optimized. - type: string - progress: - description: The progress of the post-restore optimizations. - $ref: '#/components/schemas/OperationProgress' - ChangeQuorumMetadata: - id: ChangeQuorumMetadata - description: Metadata type for the long-running operation returned by ChangeQuorum. - type: object - properties: - request: - description: The request for ChangeQuorum. - $ref: '#/components/schemas/ChangeQuorumRequest' - startTime: - description: Time the request was received. + Required. The instance partition to create. The + instance_partition.name may be omitted, but if specified must be + `/instancePartitions/`. + instancePartitionId: type: string - format: google-datetime - endTime: description: >- - If set, the time at which this operation failed or was completed - successfully. - type: string - format: google-datetime - RestoreDatabaseMetadata: - id: RestoreDatabaseMetadata - description: >- - Metadata type for the long-running operation returned by - RestoreDatabase. + Required. The ID of the instance partition to create. Valid + identifiers are of the form `a-z*[a-z0-9]` and must be between 2 and + 64 characters in length. type: object + id: CreateInstancePartitionRequest + ListInstanceConfigOperationsResponse: + id: ListInstanceConfigOperationsResponse properties: - name: - description: Name of the database being created and restored to. - type: string - sourceType: - description: The type of the restore source. - type: string - enumDescriptions: - - No restore associated. - - A backup was used as the source of the restore. - enum: - - TYPE_UNSPECIFIED - - BACKUP - backupInfo: - description: Information about the backup used to restore the database. - $ref: '#/components/schemas/BackupInfo' - progress: - description: The progress of the RestoreDatabase operation. - $ref: '#/components/schemas/OperationProgress' - cancelTime: + operations: + type: array description: >- - The time at which cancellation of this operation was received. - Operations.CancelOperation starts asynchronous cancellation on a - long-running operation. The server makes a best effort to cancel the - operation, but success is not guaranteed. Clients can use - Operations.GetOperation or other methods to check whether the - cancellation succeeded or whether the operation completed despite - cancellation. On successful cancellation, the operation is not - deleted; instead, it becomes an operation with an Operation.error - value with a google.rpc.Status.code of 1, corresponding to - `Code.CANCELLED`. - type: string - format: google-datetime - optimizeDatabaseOperationName: + The list of matching instance configuration long-running operations. + Each operation's name will be prefixed by the name of the instance + configuration. The operation's metadata field type + `metadata.type_url` describes the type of the metadata. + items: + $ref: '#/components/schemas/Operation' + nextPageToken: description: >- - If exists, the name of the long-running operation that will be used - to track the post-restore optimization process to optimize the - performance of the restored database, and remove the dependency on - the restore source. The name is of the form - `projects//instances//databases//operations/` where the is the name - of database being created and restored to. The metadata type of the - long-running operation is OptimizeRestoredDatabaseMetadata. This - long-running operation will be automatically created by the system - after the RestoreDatabase long-running operation completes - successfully. This operation will not be created if the restore was - not successful. + `next_page_token` can be sent in a subsequent + ListInstanceConfigOperations call to fetch more of the matching + metadata. type: string - UpdateDatabaseDdlMetadata: - id: UpdateDatabaseDdlMetadata - description: Metadata type for the operation returned by UpdateDatabaseDdl. + description: The response for ListInstanceConfigOperations. + type: object + InstancePartition: type: object + description: >- + An isolated set of Cloud Spanner resources that databases can define + placements on. properties: - database: - description: The database being modified. + nodeCount: + description: >- + The number of nodes allocated to this instance partition. Users can + set the `node_count` field to specify the target number of nodes + allocated to the instance partition. This may be zero in API + responses for instance partitions that are not yet in state `READY`. + format: int32 + type: integer + etag: type: string - statements: description: >- - For an update this list contains all the statements. For an - individual statement, this list contains only that statement. - type: array + Used for optimistic concurrency control as a way to help prevent + simultaneous updates of a instance partition from overwriting each + other. It is strongly suggested that systems make use of the etag in + the read-modify-write cycle to perform instance partition updates in + order to avoid race conditions: An etag is returned in the response + which contains instance partitions, and systems are expected to put + that etag in the request to update instance partitions to ensure + that their change will be applied to the same version of the + instance partition. If no etag is provided in the call to update + instance partition, then the existing instance partition is + overwritten blindly. + createTime: + format: google-datetime + description: Output only. The time at which the instance partition was created. + type: string + readOnly: true + updateTime: + readOnly: true + description: >- + Output only. The time at which the instance partition was most + recently updated. + type: string + format: google-datetime + config: + description: >- + Required. The name of the instance partition's configuration. Values + are of the form `projects//instanceConfigs/`. See also + InstanceConfig and ListInstanceConfigs. + type: string + referencingDatabases: items: type: string - commitTimestamps: + readOnly: true description: >- - Reports the commit timestamps of all statements that have succeeded - so far, where `commit_timestamps[i]` is the commit timestamp for the - statement `statements[i]`. + Output only. The names of the databases that reference this instance + partition. Referencing databases should share the parent instance. + The existence of any referencing database prevents the instance + partition from being deleted. + type: array + referencingBackups: + deprecated: true type: array + readOnly: true + description: >- + Output only. Deprecated: This field is not populated. Output only. + The names of the backups that reference this instance partition. + Referencing backups should share the parent instance. The existence + of any referencing backup prevents the instance partition from being + deleted. items: type: string - format: google-datetime - throttled: + displayName: + description: >- + Required. The descriptive name for this instance partition as it + appears in UIs. Must be unique per project and between 4 and 30 + characters in length. + type: string + autoscalingConfig: + description: >- + Optional. The autoscaling configuration. Autoscaling is enabled if + this field is set. When autoscaling is enabled, fields in + compute_capacity are treated as OUTPUT_ONLY fields and reflect the + current compute capacity allocated to the instance partition. + $ref: '#/components/schemas/AutoscalingConfig' + processingUnits: description: >- - Output only. When true, indicates that the operation is throttled - e.g. due to resource constraints. When resources become available - the operation will resume and this field will be false again. + The number of processing units allocated to this instance partition. + Users can set the `processing_units` field to specify the target + number of processing units allocated to the instance partition. This + might be zero in API responses for instance partitions that are not + yet in the `READY` state. + format: int32 + type: integer + state: readOnly: true - type: boolean - progress: + description: Output only. The current instance partition state. + type: string + enum: + - STATE_UNSPECIFIED + - CREATING + - READY + enumDescriptions: + - Not specified. + - >- + The instance partition is still being created. Resources may not + be available yet, and operations such as creating placements using + this instance partition may not work. + - >- + The instance partition is fully created and ready to do work such + as creating placements and using in databases. + name: description: >- - The progress of the UpdateDatabaseDdl operations. All DDL statements - will have continuously updating progress, and `progress[i]` is the - operation progress for `statements[i]`. Also, `progress[i]` will - have start time and end time populated with commit timestamp of - operation, as well as a progress of 100% once the operation has - completed. - type: array - items: - $ref: '#/components/schemas/OperationProgress' - actions: + Required. A unique identifier for the instance partition. Values are + of the form `projects//instances//instancePartitions/a-z*[a-z0-9]`. + The final segment of the name must be between 2 and 64 characters in + length. An instance partition's name cannot be changed after the + instance partition is created. + type: string + id: InstancePartition + RollbackRequest: + properties: + transactionId: + description: Required. The transaction to roll back. + type: string + format: byte + description: The request for Rollback. + id: RollbackRequest + type: object + DualRegionQuorum: + id: DualRegionQuorum + type: object + properties: {} + description: >- + Message type for a dual-region quorum. Currently this type has no + options. + Type: + description: >- + `Type` indicates the type of a Cloud Spanner value, as might be stored + in a table cell or returned from an SQL query. + type: object + properties: + code: + enumDescriptions: + - Not specified. + - Encoded as JSON `true` or `false`. + - Encoded as `string`, in decimal format. + - >- + Encoded as `number`, or the strings `"NaN"`, `"Infinity"`, or + `"-Infinity"`. + - >- + Encoded as `number`, or the strings `"NaN"`, `"Infinity"`, or + `"-Infinity"`. + - >- + Encoded as `string` in RFC 3339 timestamp format. The time zone + must be present, and must be `"Z"`. If the schema has the column + option `allow_commit_timestamp=true`, the placeholder string + `"spanner.commit_timestamp()"` can be used to instruct the system + to insert the commit timestamp associated with the transaction + commit. + - Encoded as `string` in RFC 3339 date format. + - Encoded as `string`. + - >- + Encoded as a base64-encoded `string`, as described in RFC 4648, + section 4. + - >- + Encoded as `list`, where the list elements are represented + according to array_element_type. + - >- + Encoded as `list`, where list element `i` is represented according + to [struct_type.fields[i]][google.spanner.v1.StructType.fields]. + - >- + Encoded as `string`, in decimal format or scientific notation + format. Decimal format: `[+-]Digits[.[Digits]]` or `+-.Digits` + Scientific notation: + `[+-]Digits[.[Digits]][ExponentIndicator[+-]Digits]` or + `+-.Digits[ExponentIndicator[+-]Digits]` (ExponentIndicator is + `"e"` or `"E"`) + - >- + Encoded as a JSON-formatted `string` as described in RFC 7159. The + following rules are applied when parsing JSON input: - Whitespace + characters are not preserved. - If a JSON object has duplicate + keys, only the first key is preserved. - Members of a JSON object + are not guaranteed to have their order preserved. - JSON array + elements will have their order preserved. + - >- + Encoded as a base64-encoded `string`, as described in RFC 4648, + section 4. + - Encoded as `string`, in decimal format. + - >- + Encoded as `string`, in `ISO8601` duration format - + `P[n]Y[n]M[n]DT[n]H[n]M[n[.fraction]]S` where `n` is an integer. + For example, `P1Y2M3DT4H5M6.5S` represents time duration of 1 + year, 2 months, 3 days, 4 hours, 5 minutes, and 6.5 seconds. + - >- + Encoded as `string`, in lower-case hexa-decimal format, as + described in RFC 9562, section 4. + type: string + enum: + - TYPE_CODE_UNSPECIFIED + - BOOL + - INT64 + - FLOAT64 + - FLOAT32 + - TIMESTAMP + - DATE + - STRING + - BYTES + - ARRAY + - STRUCT + - NUMERIC + - JSON + - PROTO + - ENUM + - INTERVAL + - UUID + description: Required. The TypeCode for this type. + typeAnnotation: + type: string + enumDescriptions: + - Not specified. + - >- + PostgreSQL compatible NUMERIC type. This annotation needs to be + applied to Type instances having NUMERIC type code to specify that + values of this type should be treated as PostgreSQL NUMERIC + values. Currently this annotation is always needed for NUMERIC + when a client interacts with PostgreSQL-enabled Spanner databases. + - >- + PostgreSQL compatible JSONB type. This annotation needs to be + applied to Type instances having JSON type code to specify that + values of this type should be treated as PostgreSQL JSONB values. + Currently this annotation is always needed for JSON when a client + interacts with PostgreSQL-enabled Spanner databases. + - >- + PostgreSQL compatible OID type. This annotation can be used by a + client interacting with PostgreSQL-enabled Spanner database to + specify that a value should be treated using the semantics of the + OID type. description: >- - The brief action info for the DDL statements. `actions[i]` is the - brief info for `statements[i]`. - type: array - items: - $ref: '#/components/schemas/DdlStatementActionInfo' - DdlStatementActionInfo: - id: DdlStatementActionInfo - description: >- - Action information extracted from a DDL statement. This proto is used to - display the brief info of the DDL statement for the operation - UpdateDatabaseDdl. - type: object - properties: - action: + The TypeAnnotationCode that disambiguates SQL type that Spanner will + use to represent values of this type during query processing. This + is necessary for some type codes because a single TypeCode can be + mapped to different SQL types depending on the SQL dialect. + type_annotation typically is not needed to process the content of a + value (it doesn't affect serialization) and clients can ignore it on + the read path. + enum: + - TYPE_ANNOTATION_CODE_UNSPECIFIED + - PG_NUMERIC + - PG_JSONB + - PG_OID + arrayElementType: + $ref: '#/components/schemas/Type' description: >- - The action for the DDL statement, e.g. CREATE, ALTER, DROP, GRANT, - etc. This field is a non-empty string. - type: string - entityType: + If code == ARRAY, then `array_element_type` is the type of the array + elements. + structType: description: >- - The entity type for the DDL statement, e.g. TABLE, INDEX, VIEW, etc. - This field can be empty string for some DDL statement, e.g. for - statement "ANALYZE", `entity_type` = "". + If code == STRUCT, then `struct_type` provides type information for + the struct's fields. + $ref: '#/components/schemas/StructType' + protoTypeFqn: type: string - entityNames: description: >- - The entity name(s) being operated on the DDL statement. E.g. 1. For - statement "CREATE TABLE t1(...)", `entity_names` = ["t1"]. 2. For - statement "GRANT ROLE r1, r2 ...", `entity_names` = ["r1", "r2"]. 3. - For statement "ANALYZE", `entity_names` = []. - type: array - items: - type: string - UpdateDatabaseMetadata: - id: UpdateDatabaseMetadata - description: Metadata type for the operation returned by UpdateDatabase. + If code == PROTO or code == ENUM, then `proto_type_fqn` is the fully + qualified name of the proto type representing the proto/enum + definition. + id: Type + DerivedMetric: type: object + id: DerivedMetric properties: - request: - description: The request for UpdateDatabase. - $ref: '#/components/schemas/UpdateDatabaseRequest' - progress: - description: The progress of the UpdateDatabase operation. - $ref: '#/components/schemas/OperationProgress' - cancelTime: - description: >- - The time at which this operation was cancelled. If set, this - operation is in the process of undoing itself (which is - best-effort). - type: string - format: google-datetime - UpdateDatabaseRequest: - id: UpdateDatabaseRequest - description: The request for UpdateDatabase. + denominator: + description: The name of the denominator metric. e.g. "rows". + $ref: '#/components/schemas/LocalizedString' + numerator: + description: The name of the numerator metric. e.g. "latency". + $ref: '#/components/schemas/LocalizedString' + description: A message representing a derived metric. + AddSplitPointsResponse: + description: The response for AddSplitPoints. type: object + properties: {} + id: AddSplitPointsResponse + SetIamPolicyRequest: properties: - database: - description: >- - Required. The database to update. The `name` field of the database - is of the form `projects//instances//databases/`. - $ref: '#/components/schemas/Database' - updateMask: + policy: description: >- - Required. The list of fields to update. Currently, only - `enable_drop_protection` field can be updated. - type: string - format: google-fieldmask - UpdateInstanceMetadata: - id: UpdateInstanceMetadata - description: Metadata type for the operation returned by UpdateInstance. + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' + id: SetIamPolicyRequest + description: Request message for `SetIamPolicy` method. type: object + KeyRangeInfo: + id: KeyRangeInfo + description: A message representing information for a key range (possibly one key). properties: - instance: - description: The desired end state of the update. - $ref: '#/components/schemas/Instance' - startTime: - description: The time at which UpdateInstance request was received. - type: string - format: google-datetime - cancelTime: + unit: description: >- - The time at which this operation was cancelled. If set, this - operation is in the process of undoing itself (which is guaranteed - to succeed) and cannot be cancelled again. + The unit of the metric. This is an unstructured field and will be + mapped as is to the user. + $ref: '#/components/schemas/LocalizedString' + contextValues: + items: + $ref: '#/components/schemas/ContextValue' + description: The list of context values for this key range. + type: array + endKeyIndex: + type: integer + format: int32 + description: The index of the end key in indexed_keys. + startKeyIndex: + description: The index of the start key in indexed_keys. + format: int32 + type: integer + timeOffset: type: string - format: google-datetime - endTime: description: >- - The time at which this operation failed or was completed - successfully. - type: string - format: google-datetime - expectedFulfillmentPeriod: - description: The expected fulfillment period of this update operation. + The time offset. This is the time since the start of the time + interval. + format: google-duration + value: + type: number + description: The value of the metric. + format: float + metric: + description: The name of the metric. e.g. "latency". + $ref: '#/components/schemas/LocalizedString' + info: + $ref: '#/components/schemas/LocalizedString' + description: Information about this key range, for all metrics. + keysCount: type: string - enumDescriptions: - - Not specified. - - >- - Normal fulfillment period. The operation is expected to complete - within minutes. - - >- - Extended fulfillment period. It can take up to an hour for the - operation to complete. - enum: - - FULFILLMENT_PERIOD_UNSPECIFIED - - FULFILLMENT_PERIOD_NORMAL - - FULFILLMENT_PERIOD_EXTENDED - UpdateInstanceConfigMetadata: - id: UpdateInstanceConfigMetadata - description: Metadata type for the operation returned by UpdateInstanceConfig. + description: The number of keys this range covers. + format: int64 type: object + ReplicaSelection: + id: ReplicaSelection properties: - instanceConfig: - description: The desired instance configuration after updating. - $ref: '#/components/schemas/InstanceConfig' - progress: - description: The progress of the UpdateInstanceConfig operation. - $ref: '#/components/schemas/InstanceOperationProgress' - cancelTime: - description: The time at which this operation was cancelled. + type: + description: The type of replica. + enum: + - TYPE_UNSPECIFIED + - READ_WRITE + - READ_ONLY + enumDescriptions: + - Not specified. + - Read-write replicas support both reads and writes. + - Read-only replicas only support reads (not writes). type: string - format: google-datetime - UpdateInstancePartitionMetadata: - id: UpdateInstancePartitionMetadata - description: Metadata type for the operation returned by UpdateInstancePartition. + location: + type: string + description: >- + The location or region of the serving requests, for example, + "us-east1". + description: >- + The directed read replica selector. Callers must provide one or more of + the following fields for replica selection: * `location` - The location + must be one of the regions within the multi-region configuration of your + database. * `type` - The type of the replica. Some examples of using + replica_selectors are: * `location:us-east1` --> The "us-east1" + replica(s) of any available type is used to process the request. * + `type:READ_ONLY` --> The "READ_ONLY" type replica(s) in the nearest + available location are used to process the request. * `location:us-east1 + type:READ_ONLY` --> The "READ_ONLY" type replica(s) in location + "us-east1" is used to process the request. + type: object + Empty: + id: Empty + type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + properties: {} + Session: + description: A session in the Cloud Spanner API. + id: Session type: object properties: - instancePartition: - description: The desired end state of the update. - $ref: '#/components/schemas/InstancePartition' - startTime: - description: The time at which UpdateInstancePartition request was received. - type: string - format: google-datetime - cancelTime: + labels: description: >- - The time at which this operation was cancelled. If set, this - operation is in the process of undoing itself (which is guaranteed - to succeed) and cannot be cancelled again. + The labels for the session. * Label keys must be between 1 and 63 + characters long and must conform to the following regular + expression: `[a-z]([-a-z0-9]*[a-z0-9])?`. * Label values must be + between 0 and 63 characters long and must conform to the regular + expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`. * No more than 64 labels + can be associated with a given session. See https://goo.gl/xmQnxf + for more information on and examples of labels. + additionalProperties: + type: string + type: object + multiplexed: + type: boolean + description: >- + Optional. If `true`, specifies a multiplexed session. Use a + multiplexed session for multiple, concurrent operations including + any combination of read-only and read-write transactions. Use + `sessions.create` to create multiplexed sessions. Don't use + BatchCreateSessions to create a multiplexed session. You can't + delete or list multiplexed sessions. + createTime: + readOnly: true + format: google-datetime + description: Output only. The timestamp when the session is created. type: string + approximateLastUseTime: + type: string + readOnly: true + description: >- + Output only. The approximate timestamp when the session is last + used. It's typically earlier than the actual last use time. format: google-datetime - endTime: + creatorRole: + type: string + description: The database role which created this session. + name: description: >- - The time at which this operation failed or was completed - successfully. + Output only. The name of the session. This is always + system-assigned. type: string - format: google-datetime - ChangeStreamRecord: - id: ChangeStreamRecord - description: >- - Spanner Change Streams enable customers to capture and stream out - changes to their Spanner databases in real-time. A change stream can be - created with option partition_mode='IMMUTABLE_KEY_RANGE' or - partition_mode='MUTABLE_KEY_RANGE'. This message is only used in Change - Streams created with the option partition_mode='MUTABLE_KEY_RANGE'. - Spanner automatically creates a special Table-Valued Function (TVF) - along with each Change Streams. The function provides access to the - change stream's records. The function is named READ_ (where is the name - of the change stream), and it returns a table with only one column - called ChangeRecord. + readOnly: true + ListSessionsResponse: type: object properties: - dataChangeRecord: - description: >- - Data change record describing a data change for a change stream - partition. - $ref: '#/components/schemas/DataChangeRecord' - heartbeatRecord: - description: >- - Heartbeat record describing a heartbeat for a change stream - partition. - $ref: '#/components/schemas/HeartbeatRecord' - partitionStartRecord: - description: Partition start record describing a new change stream partition. - $ref: '#/components/schemas/PartitionStartRecord' - partitionEndRecord: - description: >- - Partition end record describing a terminated change stream - partition. - $ref: '#/components/schemas/PartitionEndRecord' - partitionEventRecord: + nextPageToken: description: >- - Partition event record describing key range changes for a change - stream partition. - $ref: '#/components/schemas/PartitionEventRecord' - DataChangeRecord: - id: DataChangeRecord - description: >- - A data change record contains a set of changes to a table with the same - modification type (insert, update, or delete) committed at the same - commit timestamp in one change stream partition for the same - transaction. Multiple data change records can be returned for the same - transaction across multiple change stream partitions. + `next_page_token` can be sent in a subsequent ListSessions call to + fetch more of the matching sessions. + type: string + sessions: + description: The list of requested sessions. + items: + $ref: '#/components/schemas/Session' + type: array + description: The response for ListSessions. + id: ListSessionsResponse + FullBackupSpec: type: object + description: >- + The specification for full backups. A full backup stores the entire + contents of the database at a given version time. + properties: {} + id: FullBackupSpec + Transaction: properties: - commitTimestamp: + id: description: >- - Indicates the timestamp in which the change was committed. - DataChangeRecord.commit_timestamps, - PartitionStartRecord.start_timestamps, - PartitionEventRecord.commit_timestamps, and - PartitionEndRecord.end_timestamps can have the same value in the - same partition. + `id` may be used to identify the transaction in subsequent Read, + ExecuteSql, Commit, or Rollback calls. Single-use read-only + transactions do not have IDs, because single-use transactions do not + support multiple requests. + format: byte type: string + readTimestamp: format: google-datetime - recordSequence: description: >- - Record sequence numbers are unique and monotonically increasing (but - not necessarily contiguous) for a specific timestamp across record - types in the same partition. To guarantee ordered processing, the - reader should process records (of potentially different types) in - record_sequence order for a specific timestamp in the same - partition. The record sequence number ordering across partitions is - only meaningful in the context of a specific transaction. Record - sequence numbers are unique across partitions for a specific - transaction. Sort the DataChangeRecords for the same - server_transaction_id by record_sequence to reconstruct the ordering - of the changes within the transaction. + For snapshot read-only transactions, the read timestamp chosen for + the transaction. Not returned by default: see + TransactionOptions.ReadOnly.return_read_timestamp. A timestamp in + RFC3339 UTC \"Zulu\" format, accurate to nanoseconds. Example: + `"2014-10-02T15:01:23.045123456Z"`. type: string - serverTransactionId: + precommitToken: description: >- - Provides a globally unique string that represents the transaction in - which the change was committed. Multiple transactions can have the - same commit timestamp, but each transaction has a unique - server_transaction_id. + A precommit token is included in the response of a BeginTransaction + request if the read-write transaction is on a multiplexed session + and a mutation_key was specified in the BeginTransaction. The + precommit token with the highest sequence number from this + transaction attempt should be passed to the Commit request for this + transaction. + $ref: '#/components/schemas/MultiplexedSessionPrecommitToken' + description: A transaction. + type: object + id: Transaction + EncryptionInfo: + type: object + description: Encryption information for a Cloud Spanner database or backup. + id: EncryptionInfo + properties: + encryptionStatus: + description: >- + Output only. If present, the status of a recent encrypt/decrypt call + on underlying data for this database or backup. Regardless of + status, data is always encrypted at rest. + readOnly: true + $ref: '#/components/schemas/Status' + encryptionType: + enum: + - TYPE_UNSPECIFIED + - GOOGLE_DEFAULT_ENCRYPTION + - CUSTOMER_MANAGED_ENCRYPTION + readOnly: true + description: Output only. The type of encryption. + enumDescriptions: + - >- + Encryption type was not specified, though data at rest remains + encrypted. + - >- + The data is encrypted at rest with a key that is fully managed by + Google. No key version or status will be populated. This is the + default state. + - >- + The data is encrypted at rest with a key that is managed by the + customer. The active version of the key. `kms_key_version` will be + populated, and `encryption_status` may be populated. type: string - isLastRecordInTransactionInPartition: + kmsKeyVersion: description: >- - Indicates whether this is the last record for a transaction in the - current partition. Clients can use this field to determine when all - records for a transaction in the current partition have been - received. - type: boolean - table: - description: Name of the table affected by the change. + Output only. A Cloud KMS key version that is being used to protect + the database or backup. + readOnly: true type: string - columnMetadata: + BackupInfo: + id: BackupInfo + type: object + properties: + sourceDatabase: + description: Name of the database the backup was created from. + type: string + backup: + type: string + description: Name of the backup. + createTime: + format: google-datetime + type: string + description: The time the CreateBackup request was received. + versionTime: description: >- - Provides metadata describing the columns associated with the mods - listed below. - type: array + The backup contains an externally consistent copy of + `source_database` at the timestamp specified by `version_time`. If + the CreateBackup request did not specify `version_time`, the + `version_time` of the backup is equivalent to the `create_time`. + format: google-datetime + type: string + description: Information about a backup. + TestIamPermissionsRequest: + id: TestIamPermissionsRequest + properties: + permissions: items: - $ref: '#/components/schemas/ColumnMetadata' - mods: - description: Describes the changes that were made. + type: string type: array - items: - $ref: '#/components/schemas/Mod' - modType: - description: Describes the type of change. - type: string - enumDescriptions: - - Not specified. - - Indicates data was inserted. - - Indicates existing data was updated. - - Indicates existing data was deleted. - enum: - - MOD_TYPE_UNSPECIFIED - - INSERT - - UPDATE - - DELETE - valueCaptureType: description: >- - Describes the value capture type that was specified in the change - stream configuration when this change was captured. + REQUIRED: The set of permissions to check for 'resource'. + Permissions with wildcards (such as '*', 'spanner.*', + 'spanner.instances.*') are not allowed. + description: Request message for `TestIamPermissions` method. + type: object + CreateInstanceRequest: + type: object + id: CreateInstanceRequest + description: The request for CreateInstance. + properties: + instanceId: + description: >- + Required. The ID of the instance to create. Valid identifiers are of + the form `a-z*[a-z0-9]` and must be between 2 and 64 characters in + length. type: string - enumDescriptions: - - Not specified. - - Records both old and new values of the modified watched columns. - - Records only new values of the modified watched columns. - - >- - Records new values of all watched columns, including modified and - unmodified columns. - - >- - Records the new values of all watched columns, including modified - and unmodified columns. Also records the old values of the - modified columns. - enum: - - VALUE_CAPTURE_TYPE_UNSPECIFIED - - OLD_AND_NEW_VALUES - - NEW_VALUES - - NEW_ROW - - NEW_ROW_AND_OLD_VALUES - numberOfRecordsInTransaction: + instance: + $ref: '#/components/schemas/Instance' description: >- - Indicates the number of data change records that are part of this - transaction across all change stream partitions. This value can be - used to assemble all the records associated with a particular - transaction. + Required. The instance to create. The name may be omitted, but if + specified must be `/instances/`. + PrefixNode: + type: object + properties: + word: + type: string + description: The string represented by the prefix node. + depth: + format: int32 + description: The depth in the prefix hierarchy. type: integer + endIndex: + description: The index of the end key bucket of the range that this node spans. format: int32 - numberOfPartitionsInTransaction: - description: >- - Indicates the number of partitions that return data change records - for this transaction. This value can be helpful in assembling all - records associated with a particular transaction. type: integer + startIndex: + description: The index of the start key bucket of the range that this node spans. format: int32 - transactionTag: - description: Indicates the transaction tag associated with this transaction. - type: string - isSystemTransaction: - description: >- - Indicates whether the transaction is a system transaction. System - transactions include those issued by time-to-live (TTL), column - backfill, etc. + type: integer + dataSourceNode: + description: Whether this corresponds to a data_source name. type: boolean - ColumnMetadata: - id: ColumnMetadata - description: Metadata for a column. + id: PrefixNode + description: >- + A message representing a key prefix node in the key prefix hierarchy. + for eg. Bigtable keyspaces are lexicographically ordered mappings of + keys to values. Keys often have a shared prefix structure where users + use the keys to organize data. Eg ///employee In this case Keysight will + possibly use one node for a company and reuse it for all employees that + fall under the company. Doing so improves legibility in the UI. + InstanceOperationProgress: + description: >- + Encapsulates progress related information for a Cloud Spanner long + running instance operations. type: object properties: - name: - description: Name of the column. + endTime: type: string - type: - description: Type of the column. - $ref: '#/components/schemas/Type' - isPrimaryKey: - description: Indicates whether the column is a primary key column. - type: boolean - ordinalPosition: + format: google-datetime description: >- - Ordinal position of the column based on the original table - definition in the schema starting with a value of 1. + If set, the time at which this operation failed or was completed + successfully. + startTime: + format: google-datetime + description: Time the request was received. type: string - format: int64 - Mod: - id: Mod - description: A mod describes all data changes in a watched table row. - type: object + progressPercent: + description: >- + Percent completion of the operation. Values are between 0 and 100 + inclusive. + format: int32 + type: integer + id: InstanceOperationProgress + PartitionResponse: properties: - keys: - description: Returns the value of the primary key of the modified row. + transaction: + description: Transaction created by this request. + $ref: '#/components/schemas/Transaction' + partitions: type: array items: - $ref: '#/components/schemas/ModValue' - oldValues: + $ref: '#/components/schemas/Partition' + description: Partitions created by this request. + type: object + description: The response for PartitionQuery or PartitionRead + id: PartitionResponse + QueryOptions: + type: object + id: QueryOptions + description: Query optimizer configuration. + properties: + optimizerVersion: description: >- - Returns the old values before the change for the modified columns. - Always empty for INSERT, or if old values are not being captured - specified by value_capture_type. - type: array - items: - $ref: '#/components/schemas/ModValue' - newValues: + An option to control the selection of optimizer version. This + parameter allows individual queries to pick different query + optimizer versions. Specifying `latest` as a value instructs Cloud + Spanner to use the latest supported query optimizer version. If not + specified, Cloud Spanner uses the optimizer version set at the + database level options. Any other positive integer (from the list of + supported optimizer versions) overrides the default optimizer + version for query execution. The list of supported optimizer + versions can be queried from + `SPANNER_SYS.SUPPORTED_OPTIMIZER_VERSIONS`. Executing a SQL + statement with an invalid optimizer version fails with an + `INVALID_ARGUMENT` error. See + https://cloud.google.com/spanner/docs/query-optimizer/manage-query-optimizer + for more information on managing the query optimizer. The + `optimizer_version` statement hint has precedence over this setting. + type: string + optimizerStatisticsPackage: + type: string description: >- - Returns the new values after the change for the modified columns. - Always empty for DELETE. + An option to control the selection of optimizer statistics package. + This parameter allows individual queries to use a different query + optimizer statistics package. Specifying `latest` as a value + instructs Cloud Spanner to use the latest generated statistics + package. If not specified, Cloud Spanner uses the statistics package + set at the database level options, or the latest package if the + database option isn't set. The statistics package requested by the + query has to be exempt from garbage collection. This can be achieved + with the following DDL statement: ```sql ALTER STATISTICS SET + OPTIONS (allow_gc=false) ``` The list of available statistics + packages can be queried from + `INFORMATION_SCHEMA.SPANNER_STATISTICS`. Executing a SQL statement + with an invalid optimizer statistics package or with a statistics + package that allows garbage collection fails with an + `INVALID_ARGUMENT` error. + ListInstanceConfigsResponse: + properties: + instanceConfigs: + items: + $ref: '#/components/schemas/InstanceConfig' + description: The list of requested instance configurations. type: array + nextPageToken: + description: >- + `next_page_token` can be sent in a subsequent ListInstanceConfigs + call to fetch more of the matching instance configurations. + type: string + type: object + description: The response for ListInstanceConfigs. + id: ListInstanceConfigsResponse + ExecuteBatchDmlRequest: + description: The request for ExecuteBatchDml. + type: object + id: ExecuteBatchDmlRequest + properties: + statements: items: - $ref: '#/components/schemas/ModValue' - ModValue: - id: ModValue - description: >- - Returns the value and associated metadata for a particular field of the - Mod. + $ref: '#/components/schemas/Statement' + type: array + description: >- + Required. The list of statements to execute in this batch. + Statements are executed serially, such that the effects of statement + `i` are visible to statement `i+1`. Each statement must be a DML + statement. Execution stops at the first failed statement; the + remaining statements are not executed. Callers must provide at least + one statement. + requestOptions: + $ref: '#/components/schemas/RequestOptions' + description: Common options for this request. + transaction: + $ref: '#/components/schemas/TransactionSelector' + description: >- + Required. The transaction to use. Must be a read-write transaction. + To protect against replays, single-use transactions are not + supported. The caller must either supply an existing transaction ID + or begin a new transaction. + lastStatements: + description: >- + Optional. If set to `true`, this request marks the end of the + transaction. After these statements execute, you must commit or + abort the transaction. Attempts to execute any other requests + against this transaction (including reads and queries) are rejected. + Setting this option might cause some error reporting to be deferred + until commit time (for example, validation of unique constraints). + Given this, successful execution of statements shouldn't be assumed + until a subsequent `Commit` call completes successfully. + type: boolean + seqno: + description: >- + Required. A per-transaction sequence number used to identify this + request. This field makes each request idempotent such that if the + request is received multiple times, at most one succeeds. The + sequence number must be monotonically increasing within the + transaction. If a request arrives for the first time with an + out-of-order sequence number, the transaction might be aborted. + Replays of previously handled requests yield the same response as + the first execution. + format: int64 + type: string + RequestOptions: + description: Common request options for various APIs. type: object + id: RequestOptions properties: - columnMetadataIndex: + priority: + description: Priority for the request. + type: string + enum: + - PRIORITY_UNSPECIFIED + - PRIORITY_LOW + - PRIORITY_MEDIUM + - PRIORITY_HIGH + enumDescriptions: + - '`PRIORITY_UNSPECIFIED` is equivalent to `PRIORITY_HIGH`.' + - This specifies that the request is low priority. + - This specifies that the request is medium priority. + - This specifies that the request is high priority. + transactionTag: description: >- - Index within the repeated column_metadata field, to obtain the - column metadata for the column that was modified. - type: integer - format: int32 - value: - description: The value of the column. - type: any - HeartbeatRecord: - id: HeartbeatRecord - description: >- - A heartbeat record is returned as a progress indicator, when there are - no data changes or any other partition record types in the change stream - partition. + A tag used for statistics collection about this transaction. Both + `request_tag` and `transaction_tag` can be specified for a read or + query that belongs to a transaction. The value of transaction_tag + should be the same for all requests belonging to the same + transaction. If this request doesn't belong to any transaction, + `transaction_tag` is ignored. Legal characters for `transaction_tag` + values are all printable characters (ASCII 32 - 126) and the length + of a `transaction_tag` is limited to 50 characters. Values that + exceed this limit are truncated. Any leading underscore (_) + characters are removed from the string. + type: string + clientContext: + $ref: '#/components/schemas/ClientContext' + description: Optional. Optional context that may be needed for some requests. + requestTag: + type: string + description: >- + A per-request tag which can be applied to queries or reads, used for + statistics collection. Both `request_tag` and `transaction_tag` can + be specified for a read or query that belongs to a transaction. This + field is ignored for requests where it's not applicable (for + example, `CommitRequest`). Legal characters for `request_tag` values + are all printable characters (ASCII 32 - 126) and the length of a + request_tag is limited to 50 characters. Values that exceed this + limit are truncated. Any leading underscore (_) characters are + removed from the string. + QueryPlan: type: object + description: Contains an ordered list of nodes appearing in the query plan. properties: - timestamp: + queryAdvice: description: >- - Indicates the timestamp at which the query has returned all the - records in the change stream partition with timestamp <= heartbeat - timestamp. The heartbeat timestamp will not be the same as the - timestamps of other record types in the same partition. - type: string - format: google-datetime - PartitionStartRecord: - id: PartitionStartRecord - description: >- - A partition start record serves as a notification that the client should - schedule the partitions to be queried. PartitionStartRecord returns - information about one or more partitions. - type: object + Optional. The advise/recommendations for a query. Currently this + field will be serving index recommendations for a query. + $ref: '#/components/schemas/QueryAdvisorResult' + planNodes: + items: + $ref: '#/components/schemas/PlanNode' + type: array + description: >- + The nodes in the query plan. Plan nodes are returned in pre-order + starting with the plan root. Each PlanNode's `id` corresponds to its + index in `plan_nodes`. + id: QueryPlan + ReadWrite: properties: - startTimestamp: + multiplexedSessionPreviousTransactionId: description: >- - Start timestamp at which the partitions should be queried to return - change stream records with timestamps >= start_timestamp. - DataChangeRecord.commit_timestamps, - PartitionStartRecord.start_timestamps, - PartitionEventRecord.commit_timestamps, and - PartitionEndRecord.end_timestamps can have the same value in the - same partition. + Optional. Clients should pass the transaction ID of the previous + transaction attempt that was aborted if this transaction is being + executed on a multiplexed session. type: string - format: google-datetime - recordSequence: - description: >- - Record sequence numbers are unique and monotonically increasing (but - not necessarily contiguous) for a specific timestamp across record - types in the same partition. To guarantee ordered processing, the - reader should process records (of potentially different types) in - record_sequence order for a specific timestamp in the same - partition. + format: byte + readLockMode: type: string - partitionTokens: - description: Unique partition identifiers to be used in queries. - type: array - items: - type: string - PartitionEndRecord: - id: PartitionEndRecord - description: >- - A partition end record serves as a notification that the client should - stop reading the partition. No further records are expected to be - retrieved on it. + description: Read lock mode for the transaction. + enumDescriptions: + - >- + Default value. * If isolation level is REPEATABLE_READ, then it is + an error to specify `read_lock_mode`. Locking semantics default to + `OPTIMISTIC`. No validation checks are done for reads, except to + validate that the data that was served at the snapshot time is + unchanged at commit time in the following cases: 1. reads done as + part of queries that use `SELECT FOR UPDATE` 2. reads done as part + of statements with a `LOCK_SCANNED_RANGES` hint 3. reads done as + part of DML statements * At all other isolation levels, if + `read_lock_mode` is the default value, then pessimistic read locks + are used. + - >- + Pessimistic lock mode. Read locks are acquired immediately on + read. Semantics described only applies to SERIALIZABLE isolation. + - >- + Optimistic lock mode. Locks for reads within the transaction are + not acquired on read. Instead the locks are acquired on a commit + to validate that read/queried data has not changed since the + transaction started. Semantics described only applies to + SERIALIZABLE isolation. + enum: + - READ_LOCK_MODE_UNSPECIFIED + - PESSIMISTIC + - OPTIMISTIC type: object + id: ReadWrite + description: >- + Message type to initiate a read-write transaction. Currently this + transaction type has no options. + UpdateInstanceConfigMetadata: + description: Metadata type for the operation returned by UpdateInstanceConfig. properties: - endTimestamp: - description: >- - End timestamp at which the change stream partition is terminated. - All changes generated by this partition will have timestamps <= - end_timestamp. DataChangeRecord.commit_timestamps, - PartitionStartRecord.start_timestamps, - PartitionEventRecord.commit_timestamps, and - PartitionEndRecord.end_timestamps can have the same value in the - same partition. PartitionEndRecord is the last record returned for a - partition. + cancelTime: type: string format: google-datetime - recordSequence: - description: >- - Record sequence numbers are unique and monotonically increasing (but - not necessarily contiguous) for a specific timestamp across record - types in the same partition. To guarantee ordered processing, the - reader should process records (of potentially different types) in - record_sequence order for a specific timestamp in the same - partition. - type: string - partitionToken: - description: >- - Unique partition identifier describing the terminated change stream - partition. partition_token is equal to the partition token of the - change stream partition currently queried to return this - PartitionEndRecord. - type: string - PartitionEventRecord: - id: PartitionEventRecord - description: >- - A partition event record describes key range changes for a change stream - partition. The changes to a row defined by its primary key can be - captured in one change stream partition for a specific time range, and - then be captured in a different change stream partition for a different - time range. This movement of key ranges across change stream partitions - is a reflection of activities, such as Spanner's dynamic splitting and - load balancing, etc. Processing this event is needed if users want to - guarantee processing of the changes for any key in timestamp order. If - time ordered processing of changes for a primary key is not needed, this - event can be ignored. To guarantee time ordered processing for each - primary key, if the event describes move-ins, the reader of this - partition needs to wait until the readers of the source partitions have - processed all records with timestamps <= this - PartitionEventRecord.commit_timestamp, before advancing beyond this - PartitionEventRecord. If the event describes move-outs, the reader can - notify the readers of the destination partitions that they can continue - processing. + description: The time at which this operation was cancelled. + instanceConfig: + description: The desired instance configuration after updating. + $ref: '#/components/schemas/InstanceConfig' + progress: + description: The progress of the UpdateInstanceConfig operation. + $ref: '#/components/schemas/InstanceOperationProgress' + id: UpdateInstanceConfigMetadata type: object + RestoreDatabaseRequest: + description: The request for RestoreDatabase. properties: - commitTimestamp: - description: >- - Indicates the commit timestamp at which the key range change - occurred. DataChangeRecord.commit_timestamps, - PartitionStartRecord.start_timestamps, - PartitionEventRecord.commit_timestamps, and - PartitionEndRecord.end_timestamps can have the same value in the - same partition. + backup: type: string - format: google-datetime - recordSequence: description: >- - Record sequence numbers are unique and monotonically increasing (but - not necessarily contiguous) for a specific timestamp across record - types in the same partition. To guarantee ordered processing, the - reader should process records (of potentially different types) in - record_sequence order for a specific timestamp in the same - partition. + Name of the backup from which to restore. Values are of the form + `projects//instances//backups/`. + encryptionConfig: + description: >- + Optional. An encryption configuration describing the encryption type + and key resources in Cloud KMS used to encrypt/decrypt the database + to restore to. If this field is not specified, the restored database + will use the same encryption configuration as the backup by default, + namely encryption_type = `USE_CONFIG_DEFAULT_OR_BACKUP_ENCRYPTION`. + $ref: '#/components/schemas/RestoreDatabaseEncryptionConfig' + databaseId: type: string - partitionToken: description: >- - Unique partition identifier describing the partition this event - occurred on. partition_token is equal to the partition token of the - change stream partition currently queried to return this - PartitionEventRecord. + Required. The id of the database to create and restore to. This + database must not already exist. The `database_id` appended to + `parent` forms the full database name of the form + `projects//instances//databases/`. + id: RestoreDatabaseRequest + type: object + InstanceEncryptionConfig: + properties: + kmsKeyName: type: string - moveInEvents: description: >- - Set when one or more key ranges are moved into the change stream - partition identified by partition_token. Example: Two key ranges are - moved into partition (P1) from partition (P2) and partition (P3) in - a single transaction at timestamp T. The PartitionEventRecord - returned in P1 will reflect the move as: PartitionEventRecord { - commit_timestamp: T partition_token: "P1" move_in_events { - source_partition_token: "P2" } move_in_events { - source_partition_token: "P3" } } The PartitionEventRecord returned - in P2 will reflect the move as: PartitionEventRecord { - commit_timestamp: T partition_token: "P2" move_out_events { - destination_partition_token: "P1" } } The PartitionEventRecord - returned in P3 will reflect the move as: PartitionEventRecord { - commit_timestamp: T partition_token: "P3" move_out_events { - destination_partition_token: "P1" } } + Optional. This field is maintained for backwards compatibility. For + new callers, we recommend using `kms_key_names` to specify the KMS + key. Only use `kms_key_name` if the location of the KMS key matches + the database instance's configuration (location) exactly. For + example, if the KMS location is in `us-central1` or `nam3`, then the + database instance must also be in `us-central1` or `nam3`. The Cloud + KMS key that is used to encrypt and decrypt the restored database. + Values are of the form `projects//locations//keyRings//cryptoKeys/`. + kmsKeyNames: type: array items: - $ref: '#/components/schemas/MoveInEvent' - moveOutEvents: + type: string + description: >- + Optional. Specifies the KMS configuration for one or more keys used + to encrypt the database. Values are of the form + `projects//locations//keyRings//cryptoKeys/`. The keys referenced by + `kms_key_names` must fully cover all regions of the database's + instance configuration. Some examples: * For regional + (single-region) instance configurations, specify a regional location + KMS key. * For multi-region instance configurations of type + `GOOGLE_MANAGED`, either specify a multi-region location KMS key or + multiple regional location KMS keys that cover all regions in the + instance configuration. * For an instance configuration of type + `USER_MANAGED`, specify only regional location KMS keys to cover + each region in the instance configuration. Multi-region location KMS + keys aren't supported for `USER_MANAGED` type instance + configurations. + type: object + description: Encryption configuration for a Cloud Spanner database. + id: InstanceEncryptionConfig + OptimizeRestoredDatabaseMetadata: + description: >- + Metadata type for the long-running operation used to track the progress + of optimizations performed on a newly restored database. This + long-running operation is automatically created by the system after the + successful completion of a database restore, and cannot be cancelled. + type: object + id: OptimizeRestoredDatabaseMetadata + properties: + progress: + $ref: '#/components/schemas/OperationProgress' + description: The progress of the post-restore optimizations. + name: + type: string + description: Name of the restored database being optimized. + QueryAdvisorResult: + description: Output of query advisor analysis. + id: QueryAdvisorResult + properties: + indexAdvice: + items: + $ref: '#/components/schemas/IndexAdvice' description: >- - Set when one or more key ranges are moved out of the change stream - partition identified by partition_token. Example: Two key ranges are - moved out of partition (P1) to partition (P2) and partition (P3) in - a single transaction at timestamp T. The PartitionEventRecord - returned in P1 will reflect the move as: PartitionEventRecord { - commit_timestamp: T partition_token: "P1" move_out_events { - destination_partition_token: "P2" } move_out_events { - destination_partition_token: "P3" } } The PartitionEventRecord - returned in P2 will reflect the move as: PartitionEventRecord { - commit_timestamp: T partition_token: "P2" move_in_events { - source_partition_token: "P1" } } The PartitionEventRecord returned - in P3 will reflect the move as: PartitionEventRecord { - commit_timestamp: T partition_token: "P3" move_in_events { - source_partition_token: "P1" } } + Optional. Index Recommendation for a query. This is an optional + field and the recommendation will only be available when the + recommendation guarantees significant improvement in query + performance. type: array - items: - $ref: '#/components/schemas/MoveOutEvent' - MoveInEvent: - id: MoveInEvent - description: >- - Describes move-in of the key ranges into the change stream partition - identified by partition_token. To maintain processing the changes for a - particular key in timestamp order, the query processing the change - stream partition identified by partition_token should not advance beyond - the partition event record commit timestamp until the queries processing - the source change stream partitions have processed all change stream - records with timestamps <= the partition event record commit timestamp. + type: object + Delete: type: object properties: - sourcePartitionToken: + keySet: + $ref: '#/components/schemas/KeySet' description: >- - An unique partition identifier describing the source change stream - partition that recorded changes for the key range that is moving - into this partition. + Required. The primary keys of the rows within table to delete. The + primary keys must be specified in the order in which they appear in + the `PRIMARY KEY()` clause of the table's equivalent DDL statement + (the DDL statement used to create the table). Delete is idempotent. + The transaction will succeed even if some or all rows do not exist. + table: + description: Required. The table whose rows will be deleted. type: string - MoveOutEvent: - id: MoveOutEvent - description: >- - Describes move-out of the key ranges out of the change stream partition - identified by partition_token. To maintain processing the changes for a - particular key in timestamp order, the query processing the MoveOutEvent - in the partition identified by partition_token should inform the queries - processing the destination partitions that they can unblock and proceed - processing records past the commit_timestamp. + description: Arguments to delete operations. + id: Delete + UpdateInstancePartitionMetadata: type: object + id: UpdateInstancePartitionMetadata properties: - destinationPartitionToken: + endTime: description: >- - An unique partition identifier describing the destination change - stream partition that will record changes for the key range that is - moving out of this partition. + The time at which this operation failed or was completed + successfully. + type: string + format: google-datetime + cancelTime: + description: >- + The time at which this operation was cancelled. If set, this + operation is in the process of undoing itself (which is guaranteed + to succeed) and cannot be cancelled again. + format: google-datetime + type: string + instancePartition: + description: The desired end state of the update. + $ref: '#/components/schemas/InstancePartition' + startTime: type: string + description: The time at which UpdateInstancePartition request was received. + format: google-datetime + description: Metadata type for the operation returned by UpdateInstancePartition. parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: alt + name: prettyPrint schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP + type: boolean + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: callback + name: upload_protocol schema: type: string fields: @@ -6007,18 +6061,18 @@ components: name: key schema: type: string + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -6028,18 +6082,28 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + alt: + description: Data format for response. in: query - name: upload_protocol + name: alt schema: type: string + enum: + - json + - media + - proto uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query name: uploadType schema: type: string + callback: + description: JSONP + in: query + name: callback + schema: + type: string _.xgafv: description: V1 error format. in: query @@ -6069,45 +6133,65 @@ components: update: [] replace: [] delete: [] + instance_config_operations: + id: google.spanner.instance_config_operations + name: instance_config_operations + title: Instance_config_operations + methods: + projects_instance_config_operations_list: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1instanceConfigOperations/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.operations + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/instance_config_operations/methods/projects_instance_config_operations_list + insert: [] + update: [] + replace: [] + delete: [] instance_configs: id: google.spanner.instance_configs name: instance_configs title: Instance_configs methods: - projects_instance_configs_list: + projects_instance_configs_get: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1instanceConfigs/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1instanceConfigs~1{instanceConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.instanceConfigs - projects_instance_configs_create: + projects_instance_configs_delete: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1instanceConfigs/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1instanceConfigs~1{instanceConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_instance_configs_get: + projects_instance_configs_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instanceConfigs~1{instanceConfigsId}/get + #/paths/~1v1~1projects~1{projectsId}~1instanceConfigs~1{instanceConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_instance_configs_patch: + projects_instance_configs_create: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instanceConfigs~1{instanceConfigsId}/patch + $ref: '#/paths/~1v1~1projects~1{projectsId}~1instanceConfigs/post' response: mediaType: application/json openAPIDocKey: '200' - projects_instance_configs_delete: + projects_instance_configs_list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instanceConfigs~1{instanceConfigsId}/delete + $ref: '#/paths/~1v1~1projects~1{projectsId}~1instanceConfigs/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.instanceConfigs sqlVerbs: select: - $ref: >- @@ -6129,6 +6213,13 @@ components: name: operations title: Operations methods: + projects_instance_configs_operations_cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1instanceConfigs~1{instanceConfigsId}~1operations~1{operationsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' projects_instance_configs_operations_list: operation: $ref: >- @@ -6136,7 +6227,7 @@ components: response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations + objectKey: $.unreachable projects_instance_configs_operations_get: operation: $ref: >- @@ -6151,21 +6242,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_instance_configs_operations_cancel: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instanceConfigs~1{instanceConfigsId}~1operations~1{operationsId}:cancel/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_instance_configs_ssd_caches_operations_list: + projects_instance_configs_ssd_caches_operations_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instanceConfigs~1{instanceConfigsId}~1ssdCaches~1{ssdCachesId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1instanceConfigs~1{instanceConfigsId}~1ssdCaches~1{ssdCachesId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations projects_instance_configs_ssd_caches_operations_get: operation: $ref: >- @@ -6173,13 +6256,14 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_instance_configs_ssd_caches_operations_delete: + projects_instance_configs_ssd_caches_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instanceConfigs~1{instanceConfigsId}~1ssdCaches~1{ssdCachesId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1instanceConfigs~1{instanceConfigsId}~1ssdCaches~1{ssdCachesId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable projects_instance_configs_ssd_caches_operations_cancel: operation: $ref: >- @@ -6187,144 +6271,144 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_operations_list: + projects_instances_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_instances_databases_operations_get: + projects_instances_operations_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_operations_delete: + projects_instances_operations_cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_operations_cancel: + projects_instances_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - projects_instances_operations_list: + objectKey: $.unreachable + projects_instances_databases_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_instances_operations_get: + objectKey: $.unreachable + projects_instances_databases_operations_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_instances_operations_delete: + projects_instances_databases_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_instances_operations_cancel: + projects_instances_databases_operations_cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_instance_partitions_operations_list: + projects_instances_backups_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1instancePartitions~1{instancePartitionsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_instances_instance_partitions_operations_get: + objectKey: $.unreachable + projects_instances_backups_operations_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1instancePartitions~1{instancePartitionsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_instances_instance_partitions_operations_delete: + projects_instances_backups_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1instancePartitions~1{instancePartitionsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_instances_instance_partitions_operations_cancel: + projects_instances_backups_operations_cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1instancePartitions~1{instancePartitionsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_backups_operations_list: + projects_instances_instance_partitions_operations_cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1instancePartitions~1{instancePartitionsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - projects_instances_backups_operations_get: + projects_instances_instance_partitions_operations_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1instancePartitions~1{instancePartitionsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_instances_backups_operations_delete: + projects_instances_instance_partitions_operations_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1instancePartitions~1{instancePartitionsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_instances_backups_operations_cancel: + projects_instances_instance_partitions_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1instancePartitions~1{instancePartitionsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_instance_configs_ssd_caches_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_instances_databases_operations_get - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_instances_instance_partitions_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_instances_backups_operations_get + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_instances_instance_partitions_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_instance_configs_operations_get - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_instance_configs_ssd_caches_operations_list - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_instances_databases_operations_list - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_instances_operations_get - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_instances_instance_partitions_operations_list + #/components/x-stackQL-resources/operations/methods/projects_instances_databases_operations_list - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_instances_backups_operations_list + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_instances_instance_partitions_operations_list - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_instance_configs_operations_list - $ref: >- @@ -6337,22 +6421,23 @@ components: #/components/x-stackQL-resources/operations/methods/projects_instance_configs_ssd_caches_operations_delete - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_instances_databases_operations_delete - - $ref: >- - #/components/x-stackQL-resources/operations/methods/projects_instances_instance_partitions_operations_delete - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_instances_backups_operations_delete + - $ref: >- + #/components/x-stackQL-resources/operations/methods/projects_instances_instance_partitions_operations_delete - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_instance_configs_operations_delete - $ref: >- #/components/x-stackQL-resources/operations/methods/projects_instances_operations_delete - instance_config_operations: - id: google.spanner.instance_config_operations - name: instance_config_operations - title: Instance_config_operations + backup_operations: + id: google.spanner.backup_operations + name: backup_operations + title: Backup_operations methods: - projects_instance_config_operations_list: + projects_instances_backup_operations_list: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1instanceConfigOperations/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backupOperations/get response: mediaType: application/json openAPIDocKey: '200' @@ -6360,584 +6445,607 @@ components: sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/instance_config_operations/methods/projects_instance_config_operations_list + #/components/x-stackQL-resources/backup_operations/methods/projects_instances_backup_operations_list insert: [] update: [] replace: [] delete: [] - instances: - id: google.spanner.instances - name: instances - title: Instances + sessions: + id: google.spanner.sessions + name: sessions + title: Sessions methods: - projects_instances_list: + projects_instances_databases_sessions_partition_read: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1instances/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:partitionRead/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.instances - projects_instances_create: + projects_instances_databases_sessions_execute_streaming_sql: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1instances/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:executeStreamingSql/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_get: + projects_instances_databases_sessions_rollback: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:rollback/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_patch: + projects_instances_databases_sessions_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions/get response: mediaType: application/json openAPIDocKey: '200' - projects_instances_delete: + objectKey: $.sessions + projects_instances_databases_sessions_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_move: + projects_instances_databases_sessions_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}:move/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/instances/methods/projects_instances_get - - $ref: >- - #/components/x-stackQL-resources/instances/methods/projects_instances_list - insert: - - $ref: >- - #/components/x-stackQL-resources/instances/methods/projects_instances_create - update: - - $ref: >- - #/components/x-stackQL-resources/instances/methods/projects_instances_patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/instances/methods/projects_instances_delete - instances_iam_policies: - id: google.spanner.instances_iam_policies - name: instances_iam_policies - title: Instances_iam_policies - methods: - projects_instances_set_iam_policy: + projects_instances_databases_sessions_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_instances_get_iam_policy: + projects_instances_databases_sessions_streaming_read: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:streamingRead/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_instances_test_iam_permissions: + projects_instances_databases_sessions_adapt_message: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:adaptMessage/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/instances_iam_policies/methods/projects_instances_get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/instances_iam_policies/methods/projects_instances_set_iam_policy - delete: [] - databases_scans: - id: google.spanner.databases_scans - name: databases_scans - title: Databases_scans - methods: - projects_instances_databases_get_scans: + projects_instances_databases_sessions_begin_transaction: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1scans/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:beginTransaction/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/databases_scans/methods/projects_instances_databases_get_scans - insert: [] - update: [] - replace: [] - delete: [] - databases: - id: google.spanner.databases - name: databases - title: Databases - methods: - projects_instances_databases_list: + projects_instances_databases_sessions_execute_sql: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:executeSql/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.databases - projects_instances_databases_create: + projects_instances_databases_sessions_batch_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions:batchCreate/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_get: + projects_instances_databases_sessions_read: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:read/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_patch: + projects_instances_databases_sessions_batch_write: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:batchWrite/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_drop_database: + projects_instances_databases_sessions_partition_query: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:partitionQuery/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_changequorum: + projects_instances_databases_sessions_commit: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}:changequorum/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:commit/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_restore: + projects_instances_databases_sessions_adapter: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases:restore/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions:adapter/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_instances_databases_sessions_execute_batch_dml: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:executeBatchDml/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/databases/methods/projects_instances_databases_get + #/components/x-stackQL-resources/sessions/methods/projects_instances_databases_sessions_get - $ref: >- - #/components/x-stackQL-resources/databases/methods/projects_instances_databases_list + #/components/x-stackQL-resources/sessions/methods/projects_instances_databases_sessions_list insert: - $ref: >- - #/components/x-stackQL-resources/databases/methods/projects_instances_databases_create - update: + #/components/x-stackQL-resources/sessions/methods/projects_instances_databases_sessions_create - $ref: >- - #/components/x-stackQL-resources/databases/methods/projects_instances_databases_patch + #/components/x-stackQL-resources/sessions/methods/projects_instances_databases_sessions_batch_create + update: [] replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/databases/methods/projects_instances_databases_drop_database - databases_ddl: - id: google.spanner.databases_ddl - name: databases_ddl - title: Databases_ddl + #/components/x-stackQL-resources/sessions/methods/projects_instances_databases_sessions_delete + backup_schedules: + id: google.spanner.backup_schedules + name: backup_schedules + title: Backup_schedules methods: - projects_instances_databases_update_ddl: + projects_instances_databases_backup_schedules_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1ddl/patch + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1backupSchedules/get response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_get_ddl: + objectKey: $.backupSchedules + projects_instances_databases_backup_schedules_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1ddl/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1backupSchedules/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_instances_databases_backup_schedules_patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1backupSchedules~1{backupSchedulesId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + projects_instances_databases_backup_schedules_delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1backupSchedules~1{backupSchedulesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + projects_instances_databases_backup_schedules_get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1backupSchedules~1{backupSchedulesId}/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/databases_ddl/methods/projects_instances_databases_get_ddl - insert: [] + #/components/x-stackQL-resources/backup_schedules/methods/projects_instances_databases_backup_schedules_get + - $ref: >- + #/components/x-stackQL-resources/backup_schedules/methods/projects_instances_databases_backup_schedules_list + insert: + - $ref: >- + #/components/x-stackQL-resources/backup_schedules/methods/projects_instances_databases_backup_schedules_create update: - $ref: >- - #/components/x-stackQL-resources/databases_ddl/methods/projects_instances_databases_update_ddl - replace: [] - delete: [] - databases_iam_policies: - id: google.spanner.databases_iam_policies - name: databases_iam_policies - title: Databases_iam_policies + #/components/x-stackQL-resources/backup_schedules/methods/projects_instances_databases_backup_schedules_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/backup_schedules/methods/projects_instances_databases_backup_schedules_delete + backup_schedules_iam_policies: + id: google.spanner.backup_schedules_iam_policies + name: backup_schedules_iam_policies + title: Backup_schedules_iam_policies methods: - projects_instances_databases_set_iam_policy: + projects_instances_databases_backup_schedules_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1backupSchedules~1{backupSchedulesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_get_iam_policy: + projects_instances_databases_backup_schedules_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1backupSchedules~1{backupSchedulesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - projects_instances_databases_test_iam_permissions: + projects_instances_databases_backup_schedules_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1backupSchedules~1{backupSchedulesId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/databases_iam_policies/methods/projects_instances_databases_get_iam_policy + #/components/x-stackQL-resources/backup_schedules_iam_policies/methods/projects_instances_databases_backup_schedules_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/databases_iam_policies/methods/projects_instances_databases_set_iam_policy + #/components/x-stackQL-resources/backup_schedules_iam_policies/methods/projects_instances_databases_backup_schedules_set_iam_policy delete: [] - databases_split_points: - id: google.spanner.databases_split_points - name: databases_split_points - title: Databases_split_points + database_roles: + id: google.spanner.database_roles + name: database_roles + title: Database_roles methods: - projects_instances_databases_add_split_points: + projects_instances_databases_database_roles_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}:addSplitPoints/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1databaseRoles/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.databaseRoles sqlVerbs: - select: [] - insert: + select: - $ref: >- - #/components/x-stackQL-resources/databases_split_points/methods/projects_instances_databases_add_split_points + #/components/x-stackQL-resources/database_roles/methods/projects_instances_databases_database_roles_list + insert: [] update: [] replace: [] delete: [] - sessions: - id: google.spanner.sessions - name: sessions - title: Sessions + database_roles_iam_policies: + id: google.spanner.database_roles_iam_policies + name: database_roles_iam_policies + title: Database_roles_iam_policies methods: - projects_instances_databases_sessions_adapter: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions:adapter/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_instances_databases_sessions_adapt_message: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:adaptMessage/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_instances_databases_sessions_create: + projects_instances_databases_database_roles_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1databaseRoles~1{databaseRolesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_sessions_list: + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] + databases: + id: google.spanner.databases + name: databases + title: Databases + methods: + projects_instances_databases_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.sessions - projects_instances_databases_sessions_batch_create: + projects_instances_databases_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions:batchCreate/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases/get response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_sessions_get: + objectKey: $.databases + projects_instances_databases_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_sessions_delete: + projects_instances_databases_drop_database: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_sessions_execute_sql: + projects_instances_databases_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:executeSql/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_sessions_execute_streaming_sql: + projects_instances_databases_restore: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:executeStreamingSql/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases:restore/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_sessions_execute_batch_dml: + projects_instances_databases_changequorum: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:executeBatchDml/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}:changequorum/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_sessions_read: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/databases/methods/projects_instances_databases_get + - $ref: >- + #/components/x-stackQL-resources/databases/methods/projects_instances_databases_list + insert: + - $ref: >- + #/components/x-stackQL-resources/databases/methods/projects_instances_databases_create + update: + - $ref: >- + #/components/x-stackQL-resources/databases/methods/projects_instances_databases_patch + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/databases/methods/projects_instances_databases_drop_database + databases_scans: + id: google.spanner.databases_scans + name: databases_scans + title: Databases_scans + methods: + projects_instances_databases_get_scans: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:read/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1scans/get response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_sessions_streaming_read: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/databases_scans/methods/projects_instances_databases_get_scans + insert: [] + update: [] + replace: [] + delete: [] + databases_split_points: + id: google.spanner.databases_split_points + name: databases_split_points + title: Databases_split_points + methods: + projects_instances_databases_add_split_points: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:streamingRead/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}:addSplitPoints/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_sessions_begin_transaction: + sqlVerbs: + select: [] + insert: + - $ref: >- + #/components/x-stackQL-resources/databases_split_points/methods/projects_instances_databases_add_split_points + update: [] + replace: [] + delete: [] + databases_iam_policies: + id: google.spanner.databases_iam_policies + name: databases_iam_policies + title: Databases_iam_policies + methods: + projects_instances_databases_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:beginTransaction/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_sessions_commit: + projects_instances_databases_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:commit/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_sessions_rollback: + projects_instances_databases_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:rollback/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_sessions_partition_query: + objectKey: $.bindings + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/databases_iam_policies/methods/projects_instances_databases_get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/databases_iam_policies/methods/projects_instances_databases_set_iam_policy + delete: [] + databases_ddl: + id: google.spanner.databases_ddl + name: databases_ddl + title: Databases_ddl + methods: + projects_instances_databases_get_ddl: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:partitionQuery/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1ddl/get response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_sessions_partition_read: + projects_instances_databases_update_ddl: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:partitionRead/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1ddl/patch response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_sessions_batch_write: + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/databases_ddl/methods/projects_instances_databases_get_ddl + insert: [] + update: + - $ref: >- + #/components/x-stackQL-resources/databases_ddl/methods/projects_instances_databases_update_ddl + replace: [] + delete: [] + database_operations: + id: google.spanner.database_operations + name: database_operations + title: Database_operations + methods: + projects_instances_database_operations_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1sessions~1{sessionsId}:batchWrite/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databaseOperations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.operations sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_instances_databases_sessions_get - - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_instances_databases_sessions_list - insert: - - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_instances_databases_sessions_create - - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_instances_databases_sessions_batch_create + #/components/x-stackQL-resources/database_operations/methods/projects_instances_database_operations_list + insert: [] update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/sessions/methods/projects_instances_databases_sessions_delete - backup_schedules_iam_policies: - id: google.spanner.backup_schedules_iam_policies - name: backup_schedules_iam_policies - title: Backup_schedules_iam_policies + delete: [] + backups_iam_policies: + id: google.spanner.backups_iam_policies + name: backups_iam_policies + title: Backups_iam_policies methods: - projects_instances_databases_backup_schedules_set_iam_policy: + projects_instances_backups_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1backupSchedules~1{backupSchedulesId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_backup_schedules_get_iam_policy: + projects_instances_backups_get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1backupSchedules~1{backupSchedulesId}:getIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}:getIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' objectKey: $.bindings - projects_instances_databases_backup_schedules_test_iam_permissions: + projects_instances_backups_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1backupSchedules~1{backupSchedulesId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/backup_schedules_iam_policies/methods/projects_instances_databases_backup_schedules_get_iam_policy + #/components/x-stackQL-resources/backups_iam_policies/methods/projects_instances_backups_get_iam_policy insert: [] update: [] replace: - $ref: >- - #/components/x-stackQL-resources/backup_schedules_iam_policies/methods/projects_instances_databases_backup_schedules_set_iam_policy + #/components/x-stackQL-resources/backups_iam_policies/methods/projects_instances_backups_set_iam_policy delete: [] - backup_schedules: - id: google.spanner.backup_schedules - name: backup_schedules - title: Backup_schedules + backups: + id: google.spanner.backups + name: backups + title: Backups methods: - projects_instances_databases_backup_schedules_create: + projects_instances_backups_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1backupSchedules/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_backup_schedules_list: + projects_instances_backups_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1backupSchedules/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.backupSchedules - projects_instances_databases_backup_schedules_get: + projects_instances_backups_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1backupSchedules~1{backupSchedulesId}/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_backup_schedules_patch: + projects_instances_backups_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1backupSchedules~1{backupSchedulesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_databases_backup_schedules_delete: + projects_instances_backups_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1backupSchedules~1{backupSchedulesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.backups + projects_instances_backups_copy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups:copy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/backup_schedules/methods/projects_instances_databases_backup_schedules_get + #/components/x-stackQL-resources/backups/methods/projects_instances_backups_get - $ref: >- - #/components/x-stackQL-resources/backup_schedules/methods/projects_instances_databases_backup_schedules_list + #/components/x-stackQL-resources/backups/methods/projects_instances_backups_list insert: - $ref: >- - #/components/x-stackQL-resources/backup_schedules/methods/projects_instances_databases_backup_schedules_create + #/components/x-stackQL-resources/backups/methods/projects_instances_backups_create update: - $ref: >- - #/components/x-stackQL-resources/backup_schedules/methods/projects_instances_databases_backup_schedules_patch + #/components/x-stackQL-resources/backups/methods/projects_instances_backups_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/backup_schedules/methods/projects_instances_databases_backup_schedules_delete - database_roles_iam_policies: - id: google.spanner.database_roles_iam_policies - name: database_roles_iam_policies - title: Database_roles_iam_policies - methods: - projects_instances_databases_database_roles_test_iam_permissions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1databaseRoles~1{databaseRolesId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - database_roles: - id: google.spanner.database_roles - name: database_roles - title: Database_roles - methods: - projects_instances_databases_database_roles_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databases~1{databasesId}~1databaseRoles/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.databaseRoles - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/database_roles/methods/projects_instances_databases_database_roles_list - insert: [] - update: [] - replace: [] - delete: [] + #/components/x-stackQL-resources/backups/methods/projects_instances_backups_delete instance_partitions: id: google.spanner.instance_partitions name: instance_partitions title: Instance_partitions methods: - projects_instances_instance_partitions_list: + projects_instances_instance_partitions_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1instancePartitions/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1instancePartitions~1{instancePartitionsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.instancePartitions - projects_instances_instance_partitions_create: + projects_instances_instance_partitions_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1instancePartitions/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1instancePartitions~1{instancePartitionsId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -6948,20 +7056,21 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_instances_instance_partitions_delete: + projects_instances_instance_partitions_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1instancePartitions~1{instancePartitionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1instancePartitions/post response: mediaType: application/json openAPIDocKey: '200' - projects_instances_instance_partitions_patch: + projects_instances_instance_partitions_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1instancePartitions~1{instancePartitionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1instancePartitions/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.instancePartitions sqlVerbs: select: - $ref: >- @@ -6990,7 +7099,7 @@ components: response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations + objectKey: $.unreachableInstancePartitions sqlVerbs: select: - $ref: >- @@ -6999,162 +7108,117 @@ components: update: [] replace: [] delete: [] - backups_iam_policies: - id: google.spanner.backups_iam_policies - name: backups_iam_policies - title: Backups_iam_policies - methods: - projects_instances_backups_set_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}:setIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_instances_backups_get_iam_policy: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}:getIamPolicy/post - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.bindings - projects_instances_backups_test_iam_permissions: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}:testIamPermissions/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/backups_iam_policies/methods/projects_instances_backups_get_iam_policy - insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/backups_iam_policies/methods/projects_instances_backups_set_iam_policy - delete: [] - backups: - id: google.spanner.backups - name: backups - title: Backups + instances: + id: google.spanner.instances + name: instances + title: Instances methods: - projects_instances_backups_create: + projects_instances_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups/post + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}/delete response: mediaType: application/json openAPIDocKey: '200' - projects_instances_backups_list: + projects_instances_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.backups - projects_instances_backups_copy: + projects_instances_get: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups:copy/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}/get' response: mediaType: application/json openAPIDocKey: '200' - projects_instances_backups_get: + projects_instances_list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1instances/get' response: mediaType: application/json openAPIDocKey: '200' - projects_instances_backups_patch: + objectKey: $.instances + projects_instances_create: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}/patch + $ref: '#/paths/~1v1~1projects~1{projectsId}~1instances/post' response: mediaType: application/json openAPIDocKey: '200' - projects_instances_backups_delete: + projects_instances_move: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backups~1{backupsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}:move/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/backups/methods/projects_instances_backups_get + #/components/x-stackQL-resources/instances/methods/projects_instances_get - $ref: >- - #/components/x-stackQL-resources/backups/methods/projects_instances_backups_list + #/components/x-stackQL-resources/instances/methods/projects_instances_list insert: - $ref: >- - #/components/x-stackQL-resources/backups/methods/projects_instances_backups_create + #/components/x-stackQL-resources/instances/methods/projects_instances_create update: - $ref: >- - #/components/x-stackQL-resources/backups/methods/projects_instances_backups_patch + #/components/x-stackQL-resources/instances/methods/projects_instances_patch replace: [] delete: - $ref: >- - #/components/x-stackQL-resources/backups/methods/projects_instances_backups_delete - database_operations: - id: google.spanner.database_operations - name: database_operations - title: Database_operations + #/components/x-stackQL-resources/instances/methods/projects_instances_delete + instances_iam_policies: + id: google.spanner.instances_iam_policies + name: instances_iam_policies + title: Instances_iam_policies methods: - projects_instances_database_operations_list: + projects_instances_test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1databaseOperations/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/database_operations/methods/projects_instances_database_operations_list - insert: [] - update: [] - replace: [] - delete: [] - backup_operations: - id: google.spanner.backup_operations - name: backup_operations - title: Backup_operations - methods: - projects_instances_backup_operations_list: + projects_instances_set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}~1backupOperations/get + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations + projects_instances_get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1instances~1{instancesId}:getIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- - #/components/x-stackQL-resources/backup_operations/methods/projects_instances_backup_operations_list + #/components/x-stackQL-resources/instances_iam_policies/methods/projects_instances_get_iam_policy insert: [] update: [] - replace: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/instances_iam_policies/methods/projects_instances_set_iam_policy delete: [] paths: /v1/scans: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/_.xgafv' get: description: Return available scans given a Database-specific resource name. @@ -7177,29 +7241,36 @@ paths: $ref: '#/components/schemas/ListScansResponse' parameters: - in: query - name: view + name: pageSize schema: - type: string + type: integer + format: int32 - in: query name: filter schema: type: string - in: query - name: pageSize + name: view schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - /v1/projects/{projectsId}/instanceConfigs: + /v1/projects/{projectsId}/instanceConfigOperations: parameters: *ref_1 get: description: >- - Lists the supported instance configurations for a given project. Returns - both Google-managed configurations and user-managed configurations. - operationId: spanner.projects.instanceConfigs.list + Lists the user-managed instance configuration long-running operations in + the given project. An instance configuration operation has a name of the + form `projects//instanceConfigs//operations/`. The long-running + operation metadata field type `metadata.type_url` describes the type of + the metadata. Operations returned include those that have + completed/failed/canceled within the last 7 days, and pending + operations. Operations returned are ordered by + `operation.metadata.value.start_time` in descending order starting from + the most recently started operation. + operationId: spanner.projects.instanceConfigOperations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7215,13 +7286,17 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInstanceConfigsResponse' + $ref: '#/components/schemas/ListInstanceConfigOperationsResponse' parameters: - in: path name: projectsId required: true schema: type: string + - in: query + name: filter + schema: + type: string - in: query name: pageSize schema: @@ -7231,34 +7306,11 @@ paths: name: pageToken schema: type: string - post: - description: >- - Creates an instance configuration and begins preparing it to be used. - The returned long-running operation can be used to track the progress of - preparing the new instance configuration. The instance configuration - name is assigned by the caller. If the named instance configuration - already exists, `CreateInstanceConfig` returns `ALREADY_EXISTS`. - Immediately after the request returns: * The instance configuration is - readable via the API, with all requested attributes. The instance - configuration's reconciling field is set to true. Its state is - `CREATING`. While the operation is pending: * Cancelling the operation - renders the instance configuration immediately unreadable via the API. * - Except for deleting the creating resource, all other attempts to modify - the instance configuration are rejected. Upon completion of the returned - operation: * Instances can be created using the instance configuration. - * The instance configuration's reconciling field becomes false. Its - state becomes `READY`. The returned long-running operation will have a - name of the format `/operations/` and can be used to track creation of - the instance configuration. The metadata field type is - CreateInstanceConfigMetadata. The response field type is InstanceConfig, - if successful. Authorization requires `spanner.instanceConfigs.create` - permission on the resource parent. - operationId: spanner.projects.instanceConfigs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CreateInstanceConfigRequest' + /v1/projects/{projectsId}/instanceConfigs/{instanceConfigsId}: + parameters: *ref_1 + get: + description: Gets information about a particular instance configuration. + operationId: spanner.projects.instanceConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7274,18 +7326,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/InstanceConfig' parameters: - in: path name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/instanceConfigs/{instanceConfigsId}: - parameters: *ref_1 - get: - description: Gets information about a particular instance configuration. - operationId: spanner.projects.instanceConfigs.get + - in: path + name: instanceConfigsId + required: true + schema: + type: string + delete: + description: >- + Deletes the instance configuration. Deletion is only allowed when no + instances are using the configuration. If any instances are using the + configuration, returns `FAILED_PRECONDITION`. Only user-managed + configurations can be deleted. Authorization requires + `spanner.instanceConfigs.delete` permission on the resource name. + operationId: spanner.projects.instanceConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7301,7 +7361,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/InstanceConfig' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -7313,6 +7373,14 @@ paths: required: true schema: type: string + - in: query + name: etag + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean patch: description: >- Updates an instance configuration. The returned long-running operation @@ -7368,14 +7436,36 @@ paths: required: true schema: type: string - delete: + /v1/projects/{projectsId}/instanceConfigs: + parameters: *ref_1 + post: description: >- - Deletes the instance configuration. Deletion is only allowed when no - instances are using the configuration. If any instances are using the - configuration, returns `FAILED_PRECONDITION`. Only user-managed - configurations can be deleted. Authorization requires - `spanner.instanceConfigs.delete` permission on the resource name. - operationId: spanner.projects.instanceConfigs.delete + Creates an instance configuration and begins preparing it to be used. + The returned long-running operation can be used to track the progress of + preparing the new instance configuration. The instance configuration + name is assigned by the caller. If the named instance configuration + already exists, `CreateInstanceConfig` returns `ALREADY_EXISTS`. + Immediately after the request returns: * The instance configuration is + readable via the API, with all requested attributes. The instance + configuration's reconciling field is set to true. Its state is + `CREATING`. While the operation is pending: * Cancelling the operation + renders the instance configuration immediately unreadable via the API. * + Except for deleting the creating resource, all other attempts to modify + the instance configuration are rejected. Upon completion of the returned + operation: * Instances can be created using the instance configuration. + * The instance configuration's reconciling field becomes false. Its + state becomes `READY`. The returned long-running operation will have a + name of the format `/operations/` and can be used to track creation of + the instance configuration. The metadata field type is + CreateInstanceConfigMetadata. The response field type is InstanceConfig, + if successful. Authorization requires `spanner.instanceConfigs.create` + permission on the resource parent. + operationId: spanner.projects.instanceConfigs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CreateInstanceConfigRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7391,33 +7481,63 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId required: true schema: type: string + get: + description: >- + Lists the supported instance configurations for a given project. Returns + both Google-managed configurations and user-managed configurations. + operationId: spanner.projects.instanceConfigs.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/spanner.admin + Oauth2c: + - https://www.googleapis.com/auth/spanner.admin + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListInstanceConfigsResponse' + parameters: - in: path - name: instanceConfigsId + name: projectsId required: true schema: type: string - in: query - name: etag + name: pageToken schema: type: string - in: query - name: validateOnly + name: pageSize schema: - type: boolean - /v1/projects/{projectsId}/instanceConfigs/{instanceConfigsId}/operations: + type: integer + format: int32 + /v1/projects/{projectsId}/instanceConfigs/{instanceConfigsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: spanner.projects.instanceConfigs.operations.list + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: spanner.projects.instanceConfigs.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7433,7 +7553,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -7445,27 +7565,18 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/instanceConfigs/{instanceConfigsId}/operations/{operationsId}: + /v1/projects/{projectsId}/instanceConfigs/{instanceConfigsId}/operations: parameters: *ref_1 get: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: spanner.projects.instanceConfigs.operations.get + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: spanner.projects.instanceConfigs.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7481,7 +7592,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -7493,18 +7604,31 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - delete: + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/instanceConfigs/{instanceConfigsId}/operations/{operationsId}: + parameters: *ref_1 + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: spanner.projects.instanceConfigs.operations.delete + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: spanner.projects.instanceConfigs.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7520,7 +7644,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7537,20 +7661,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instanceConfigs/{instanceConfigsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: + delete: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: spanner.projects.instanceConfigs.operations.cancel + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: spanner.projects.instanceConfigs.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7583,13 +7700,15 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instanceConfigs/{instanceConfigsId}/ssdCaches/{ssdCachesId}/operations: + /v1/projects/{projectsId}/instanceConfigs/{instanceConfigsId}/ssdCaches/{ssdCachesId}/operations/{operationsId}: parameters: *ref_1 - get: + delete: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: spanner.projects.instanceConfigs.ssdCaches.operations.list + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: spanner.projects.instanceConfigs.ssdCaches.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7605,7 +7724,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -7622,21 +7741,11 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/instanceConfigs/{instanceConfigsId}/ssdCaches/{ssdCachesId}/operations/{operationsId}: - parameters: *ref_1 get: description: >- Gets the latest state of a long-running operation. Clients can use this @@ -7680,13 +7789,13 @@ paths: required: true schema: type: string - delete: + /v1/projects/{projectsId}/instanceConfigs/{instanceConfigsId}/ssdCaches/{ssdCachesId}/operations: + parameters: *ref_1 + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: spanner.projects.instanceConfigs.ssdCaches.operations.delete + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: spanner.projects.instanceConfigs.ssdCaches.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7702,7 +7811,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -7719,11 +7828,23 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: filter + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 /v1/projects/{projectsId}/instanceConfigs/{instanceConfigsId}/ssdCaches/{ssdCachesId}/operations/{operationsId}:cancel: parameters: *ref_1 post: @@ -7775,20 +7896,14 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instanceConfigOperations: + /v1/projects/{projectsId}/instances/{instancesId}/operations/{operationsId}: parameters: *ref_1 get: description: >- - Lists the user-managed instance configuration long-running operations in - the given project. An instance configuration operation has a name of the - form `projects//instanceConfigs//operations/`. The long-running - operation metadata field type `metadata.type_url` describes the type of - the metadata. Operations returned include those that have - completed/failed/canceled within the last 7 days, and pending - operations. Operations returned are ordered by - `operation.metadata.value.start_time` in descending order starting from - the most recently started operation. - operationId: spanner.projects.instanceConfigOperations.list + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: spanner.projects.instances.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7804,31 +7919,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInstanceConfigOperationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter + - in: path + name: instancesId + required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/instances: - parameters: *ref_1 - get: - description: Lists all instances in the given project. - operationId: spanner.projects.instances.list + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: spanner.projects.instances.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7844,84 +7958,37 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInstancesResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: instanceDeadline + - in: path + name: instancesId + required: true schema: type: string - format: google-datetime - post: - description: >- - Creates an instance and begins preparing it to begin serving. The - returned long-running operation can be used to track the progress of - preparing the new instance. The instance name is assigned by the caller. - If the named instance already exists, `CreateInstance` returns - `ALREADY_EXISTS`. Immediately upon completion of this request: * The - instance is readable via the API, with all requested attributes but no - allocated resources. Its state is `CREATING`. Until completion of the - returned operation: * Cancelling the operation renders the instance - immediately unreadable via the API. * The instance can be deleted. * All - other attempts to modify the instance are rejected. Upon completion of - the returned operation: * Billing for all successfully-allocated - resources begins (some types may have lower than the requested levels). - * Databases can be created in the instance. * The instance's allocated - resource levels are readable via the API. * The instance's state becomes - `READY`. The returned long-running operation will have a name of the - format `/operations/` and can be used to track creation of the instance. - The metadata field type is CreateInstanceMetadata. The response field - type is Instance, if successful. - operationId: spanner.projects.instances.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CreateInstanceRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/spanner.admin - Oauth2c: - - https://www.googleapis.com/auth/spanner.admin - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - in: path - name: projectsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}: + /v1/projects/{projectsId}/instances/{instancesId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: - description: Gets information about a particular instance. - operationId: spanner.projects.instances.get + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: spanner.projects.instances.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7937,7 +8004,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Instance' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -7949,41 +8016,18 @@ paths: required: true schema: type: string - - in: query - name: fieldMask + - in: path + name: operationsId + required: true schema: type: string - format: google-fieldmask - patch: + /v1/projects/{projectsId}/instances/{instancesId}/operations: + parameters: *ref_1 + get: description: >- - Updates an instance, and begins allocating or releasing resources as - requested. The returned long-running operation can be used to track the - progress of updating the instance. If the named instance does not exist, - returns `NOT_FOUND`. Immediately upon completion of this request: * For - resource types for which a decrease in the instance's allocation has - been requested, billing is based on the newly-requested level. Until - completion of the returned operation: * Cancelling the operation sets - its metadata's cancel_time, and begins restoring resources to their - pre-request values. The operation is guaranteed to succeed at undoing - all resource changes, after which point it terminates with a `CANCELLED` - status. * All other attempts to modify the instance are rejected. * - Reading the instance via the API continues to give the pre-request - resource levels. Upon completion of the returned operation: * Billing - begins for all successfully-allocated resources (some types may have - lower than the requested levels). * All newly-reserved resources are - available for serving the instance's tables. * The instance's new - resource levels are readable via the API. The returned long-running - operation will have a name of the format `/operations/` and can be used - to track the instance modification. The metadata field type is - UpdateInstanceMetadata. The response field type is Instance, if - successful. Authorization requires `spanner.instances.update` permission - on the resource name. - operationId: spanner.projects.instances.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UpdateInstanceRequest' + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: spanner.projects.instances.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7999,7 +8043,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -8011,14 +8055,37 @@ paths: required: true schema: type: string - delete: - description: >- - Deletes an instance. Immediately upon completion of the request: * - Billing ceases for all of the instance's reserved resources. Soon - afterward: * The instance and *all of its databases* immediately and - irrevocably disappear from the API. All data in the databases is - permanently deleted. - operationId: spanner.projects.instances.delete + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/backupOperations: + parameters: *ref_1 + get: + description: >- + Lists the backup long-running operations in the given instance. A backup + operation has a name of the form + `projects//instances//backups//operations/`. The long-running operation + metadata field type `metadata.type_url` describes the type of the + metadata. Operations returned include those that have + completed/failed/canceled within the last 7 days, and pending + operations. Operations returned are ordered by + `operation.metadata.value.progress.start_time` in descending order + starting from the most recently started operation. + operationId: spanner.projects.instances.backupOperations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8034,7 +8101,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListBackupOperationsResponse' parameters: - in: path name: projectsId @@ -8046,35 +8113,58 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}:setIamPolicy: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:partitionRead: parameters: *ref_1 post: description: >- - Sets the access control policy on an instance resource. Replaces any - existing policy. Authorization requires `spanner.instances.setIamPolicy` - on resource. - operationId: spanner.projects.instances.setIamPolicy + Creates a set of partition tokens that can be used to execute a read + operation in parallel. Each of the returned partition tokens can be used + by StreamingRead to specify a subset of the read result to read. The + same session and read-only transaction must be used by the + `PartitionReadRequest` used to create the partition tokens and the + `ReadRequests` that use the partition tokens. There are no ordering + guarantees on rows returned among the returned partition tokens, or even + within each individual `StreamingRead` call issued with a + `partition_token`. Partition tokens become invalid when the session used + to create them is deleted, is idle for too long, begins a new + transaction, or becomes too old. When any of these happen, it isn't + possible to resume the read, and the whole operation must be restarted + from the beginning. + operationId: spanner.projects.instances.databases.sessions.partitionRead requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/PartitionReadRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data Oauth2c: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/PartitionResponse' parameters: - in: path name: projectsId @@ -8086,77 +8176,48 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}:getIamPolicy: - parameters: *ref_1 - post: - description: >- - Gets the access control policy for an instance resource. Returns an - empty policy if an instance exists but does not have a policy set. - Authorization requires `spanner.instances.getIamPolicy` on resource. - operationId: spanner.projects.instances.getIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GetIamPolicyRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/spanner.admin - Oauth2c: - - https://www.googleapis.com/auth/spanner.admin - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Policy' - parameters: - in: path - name: projectsId + name: databasesId required: true schema: type: string - in: path - name: instancesId + name: sessionsId required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}:testIamPermissions: + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:executeStreamingSql: parameters: *ref_1 post: description: >- - Returns permissions that the caller has on the specified instance - resource. Attempting this RPC on a non-existent Cloud Spanner instance - resource will result in a NOT_FOUND error if the user has - `spanner.instances.list` permission on the containing Google Cloud - Project. Otherwise returns an empty set of permissions. - operationId: spanner.projects.instances.testIamPermissions + Like ExecuteSql, except returns the result set as a stream. Unlike + ExecuteSql, there is no limit on the size of the returned result set. + However, no individual row in the result set can exceed 100 MiB, and no + column value can exceed 10 MiB. The query string can be SQL or [Graph + Query Language + (GQL)](https://cloud.google.com/spanner/docs/reference/standard-sql/graph-intro). + operationId: spanner.projects.instances.databases.sessions.executeStreamingSql requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/ExecuteSqlRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data Oauth2c: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/PartialResultSet' parameters: - in: path name: projectsId @@ -8168,63 +8229,48 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}:move: + - in: path + name: databasesId + required: true + schema: + type: string + - in: path + name: sessionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:rollback: parameters: *ref_1 post: description: >- - Moves an instance to the target instance configuration. You can use the - returned long-running operation to track the progress of moving the - instance. `MoveInstance` returns `FAILED_PRECONDITION` if the instance - meets any of the following criteria: * Is undergoing a move to a - different instance configuration * Has backups * Has an ongoing update * - Contains any CMEK-enabled databases * Is a free trial instance While the - operation is pending: * All other attempts to modify the instance, - including changes to its compute capacity, are rejected. * The following - database and backup admin operations are rejected: * - `DatabaseAdmin.CreateDatabase` * `DatabaseAdmin.UpdateDatabaseDdl` - (disabled if default_leader is specified in the request.) * - `DatabaseAdmin.RestoreDatabase` * `DatabaseAdmin.CreateBackup` * - `DatabaseAdmin.CopyBackup` * Both the source and target instance - configurations are subject to hourly compute and storage charges. * The - instance might experience higher read-write latencies and a higher - transaction abort rate. However, moving an instance doesn't cause any - downtime. The returned long-running operation has a name of the format - `/operations/` and can be used to track the move instance operation. The - metadata field type is MoveInstanceMetadata. The response field type is - Instance, if successful. Cancelling the operation sets its metadata's - cancel_time. Cancellation is not immediate because it involves moving - any data previously moved to the target instance configuration back to - the original instance configuration. You can use this operation to track - the progress of the cancellation. Upon successful completion of the - cancellation, the operation terminates with `CANCELLED` status. If not - cancelled, upon completion of the returned operation: * The instance - successfully moves to the target instance configuration. * You are - billed for compute and storage in target instance configuration. - Authorization requires the `spanner.instances.update` permission on the - resource instance. For more details, see [Move an - instance](https://cloud.google.com/spanner/docs/move-instance). - operationId: spanner.projects.instances.move + Rolls back a transaction, releasing any locks it holds. It's a good idea + to call this for any transaction that includes one or more Read or + ExecuteSql requests and ultimately decides not to commit. `Rollback` + returns `OK` if it successfully aborts the transaction, the transaction + was already aborted, or the transaction isn't found. `Rollback` never + returns `ABORTED`. + operationId: spanner.projects.instances.databases.sessions.rollback requestBody: content: application/json: schema: - $ref: '#/components/schemas/MoveInstanceRequest' + $ref: '#/components/schemas/RollbackRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data Oauth2c: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -8236,13 +8282,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/scans: + - in: path + name: databasesId + required: true + schema: + type: string + - in: path + name: sessionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions: parameters: *ref_1 get: - description: >- - Request a specific scan with Database-specific data for Cloud Key - Visualizer. - operationId: spanner.projects.instances.databases.getScans + description: Lists all sessions in a given database. + operationId: spanner.projects.instances.databases.sessions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8258,7 +8312,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Scan' + $ref: '#/components/schemas/ListSessionsResponse' parameters: - in: path name: projectsId @@ -8276,40 +8330,54 @@ paths: schema: type: string - in: query - name: view + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: startTime + name: filter schema: type: string - format: google-datetime - in: query - name: endTime + name: pageToken schema: type: string - format: google-datetime - /v1/projects/{projectsId}/instances/{instancesId}/databases: - parameters: *ref_1 - get: - description: Lists Cloud Spanner databases. - operationId: spanner.projects.instances.databases.list + post: + description: >- + Creates a new session. A session can be used to perform transactions + that read and/or modify data in a Cloud Spanner database. Sessions are + meant to be reused for many consecutive transactions. Sessions can only + execute one transaction at a time. To execute multiple concurrent + read-write/write-only transactions, create multiple sessions. Note that + standalone reads and queries use a transaction internally, and count + toward the one transaction limit. Active sessions use additional server + resources, so it's a good idea to delete idle and unneeded sessions. + Aside from explicit deletes, Cloud Spanner can delete sessions when no + operations are sent for more than an hour. If a session is deleted, + requests to it return `NOT_FOUND`. Idle sessions can be kept alive by + sending a trivial SQL query periodically, for example, `"SELECT 1"`. + operationId: spanner.projects.instances.databases.sessions.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CreateSessionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data Oauth2c: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListDatabasesResponse' + $ref: '#/components/schemas/Session' parameters: - in: path name: projectsId @@ -8321,44 +8389,34 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: databasesId + required: true schema: type: string - post: - description: >- - Creates a new Spanner database and starts to prepare it for serving. The - returned long-running operation will have a name of the format - `/operations/` and can be used to track preparation of the database. The - metadata field type is CreateDatabaseMetadata. The response field type - is Database, if successful. - operationId: spanner.projects.instances.databases.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CreateDatabaseRequest' + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}: + parameters: *ref_1 + get: + description: >- + Gets a session. Returns `NOT_FOUND` if the session doesn't exist. This + is mainly useful for determining whether a session is still alive. + operationId: spanner.projects.instances.databases.sessions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data Oauth2c: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Session' parameters: - in: path name: projectsId @@ -8370,27 +8428,38 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}: - parameters: *ref_1 - get: - description: Gets the state of a Cloud Spanner database. - operationId: spanner.projects.instances.databases.get + - in: path + name: databasesId + required: true + schema: + type: string + - in: path + name: sessionsId + required: true + schema: + type: string + delete: + description: >- + Ends a session, releasing server resources associated with it. This + asynchronously triggers the cancellation of any operations that are + running with this session. + operationId: spanner.projects.instances.databases.sessions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data Oauth2c: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Database' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -8407,47 +8476,41 @@ paths: required: true schema: type: string - patch: + - in: path + name: sessionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:streamingRead: + parameters: *ref_1 + post: description: >- - Updates a Cloud Spanner database. The returned long-running operation - can be used to track the progress of updating the database. If the named - database does not exist, returns `NOT_FOUND`. While the operation is - pending: * The database's reconciling field is set to true. * Cancelling - the operation is best-effort. If the cancellation succeeds, the - operation metadata's cancel_time is set, the updates are reverted, and - the operation terminates with a `CANCELLED` status. * New UpdateDatabase - requests will return a `FAILED_PRECONDITION` error until the pending - operation is done (returns successfully or with error). * Reading the - database via the API continues to give the pre-request values. Upon - completion of the returned operation: * The new values are in effect and - readable via the API. * The database's reconciling field becomes false. - The returned long-running operation will have a name of the format - `projects//instances//databases//operations/` and can be used to track - the database modification. The metadata field type is - UpdateDatabaseMetadata. The response field type is Database, if - successful. - operationId: spanner.projects.instances.databases.patch + Like Read, except returns the result set as a stream. Unlike Read, there + is no limit on the size of the returned result set. However, no + individual row in the result set can exceed 100 MiB, and no column value + can exceed 10 MiB. + operationId: spanner.projects.instances.databases.sessions.streamingRead requestBody: content: application/json: schema: - $ref: '#/components/schemas/Database' + $ref: '#/components/schemas/ReadRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data Oauth2c: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/PartialResultSet' parameters: - in: path name: projectsId @@ -8464,34 +8527,40 @@ paths: required: true schema: type: string - - in: query - name: updateMask + - in: path + name: sessionsId + required: true schema: type: string - format: google-fieldmask - delete: + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:adaptMessage: + parameters: *ref_1 + post: description: >- - Drops (aka deletes) a Cloud Spanner database. Completed backups for the - database will be retained according to their `expire_time`. Note: Cloud - Spanner might continue to accept requests for a few seconds after the - database has been deleted. - operationId: spanner.projects.instances.databases.dropDatabase + Handles a single message from the client and returns the result as a + stream. The server will interpret the message frame and respond with + message frames to the client. + operationId: spanner.projects.instances.databases.sessions.adaptMessage + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AdaptMessageRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data Oauth2c: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/AdaptMessageResponse' parameters: - in: path name: projectsId @@ -8508,37 +8577,39 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/ddl: + - in: path + name: sessionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:beginTransaction: parameters: *ref_1 - patch: + post: description: >- - Updates the schema of a Cloud Spanner database by - creating/altering/dropping tables, columns, indexes, etc. The returned - long-running operation will have a name of the format `/operations/` and - can be used to track execution of the schema change(s). The metadata - field type is UpdateDatabaseDdlMetadata. The operation has no response. - operationId: spanner.projects.instances.databases.updateDdl + Begins a new transaction. This step can often be skipped: Read, + ExecuteSql and Commit can begin a new transaction as a side-effect. + operationId: spanner.projects.instances.databases.sessions.beginTransaction requestBody: content: application/json: schema: - $ref: '#/components/schemas/UpdateDatabaseDdlRequest' + $ref: '#/components/schemas/BeginTransactionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data Oauth2c: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Transaction' parameters: - in: path name: projectsId @@ -8555,28 +8626,47 @@ paths: required: true schema: type: string - get: + - in: path + name: sessionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:executeSql: + parameters: *ref_1 + post: description: >- - Returns the schema of a Cloud Spanner database as a list of formatted - DDL statements. This method does not show pending schema updates, those - may be queried using the Operations API. - operationId: spanner.projects.instances.databases.getDdl + Executes an SQL statement, returning all results in a single reply. This + method can't be used to return a result set larger than 10 MiB; if the + query yields more data than that, the query fails with a + `FAILED_PRECONDITION` error. Operations inside read-write transactions + might return `ABORTED`. If this occurs, the application should restart + the transaction from the beginning. See Transaction for more details. + Larger result sets can be fetched in streaming fashion by calling + ExecuteStreamingSql instead. The query string can be SQL or [Graph Query + Language + (GQL)](https://cloud.google.com/spanner/docs/reference/standard-sql/graph-intro). + operationId: spanner.projects.instances.databases.sessions.executeSql + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ExecuteSqlRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data Oauth2c: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GetDatabaseDdlResponse' + $ref: '#/components/schemas/ResultSet' parameters: - in: path name: projectsId @@ -8593,40 +8683,40 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}:changequorum: + - in: path + name: sessionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions:batchCreate: parameters: *ref_1 post: description: >- - `ChangeQuorum` is strictly restricted to databases that use dual-region - instance configurations. Initiates a background operation to change the - quorum of a database from dual-region mode to single-region mode or vice - versa. The returned long-running operation has a name of the format - `projects//instances//databases//operations/` and can be used to track - execution of the `ChangeQuorum`. The metadata field type is - ChangeQuorumMetadata. Authorization requires - `spanner.databases.changequorum` permission on the resource database. - operationId: spanner.projects.instances.databases.changequorum + Creates multiple new sessions. This API can be used to initialize a + session cache on the clients. See https://goo.gl/TgSFN2 for best + practices on session cache management. + operationId: spanner.projects.instances.databases.sessions.batchCreate requestBody: content: application/json: schema: - $ref: '#/components/schemas/ChangeQuorumRequest' + $ref: '#/components/schemas/BatchCreateSessionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data Oauth2c: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/BatchCreateSessionsResponse' parameters: - in: path name: projectsId @@ -8643,38 +8733,40 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}:setIamPolicy: + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:read: parameters: *ref_1 post: description: >- - Sets the access control policy on a database or backup resource. - Replaces any existing policy. Authorization requires - `spanner.databases.setIamPolicy` permission on resource. For backups, - authorization requires `spanner.backups.setIamPolicy` permission on - resource. For backup schedules, authorization requires - `spanner.backupSchedules.setIamPolicy` permission on resource. - operationId: spanner.projects.instances.databases.setIamPolicy + Reads rows from the database using key lookups and scans, as a simple + key/value style alternative to ExecuteSql. This method can't be used to + return a result set larger than 10 MiB; if the read matches more data + than that, the read fails with a `FAILED_PRECONDITION` error. Reads + inside read-write transactions might return `ABORTED`. If this occurs, + the application should restart the transaction from the beginning. See + Transaction for more details. Larger result sets can be yielded in + streaming fashion by calling StreamingRead instead. + operationId: spanner.projects.instances.databases.sessions.read requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/ReadRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data Oauth2c: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ResultSet' parameters: - in: path name: projectsId @@ -8691,39 +8783,51 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}:getIamPolicy: + - in: path + name: sessionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:batchWrite: parameters: *ref_1 post: description: >- - Gets the access control policy for a database or backup resource. - Returns an empty policy if a database or backup exists but does not have - a policy set. Authorization requires `spanner.databases.getIamPolicy` - permission on resource. For backups, authorization requires - `spanner.backups.getIamPolicy` permission on resource. For backup - schedules, authorization requires `spanner.backupSchedules.getIamPolicy` - permission on resource. - operationId: spanner.projects.instances.databases.getIamPolicy + Batches the supplied mutation groups in a collection of efficient + transactions. All mutations in a group are committed atomically. + However, mutations across groups can be committed non-atomically in an + unspecified order and thus, they must be independent of each other. + Partial failure is possible, that is, some groups might have been + committed successfully, while some might have failed. The results of + individual batches are streamed into the response as the batches are + applied. `BatchWrite` requests are not replay protected, meaning that + each mutation group can be applied more than once. Replays of + non-idempotent mutations can have undesirable effects. For example, + replays of an insert mutation can produce an already exists error or if + you use generated or commit timestamp-based keys, it can result in + additional rows being added to the mutation's table. We recommend + structuring your mutation groups to be idempotent to avoid this issue. + operationId: spanner.projects.instances.databases.sessions.batchWrite requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/BatchWriteRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data Oauth2c: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/BatchWriteResponse' parameters: - in: path name: projectsId @@ -8740,42 +8844,47 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}:testIamPermissions: + - in: path + name: sessionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:partitionQuery: parameters: *ref_1 post: description: >- - Returns permissions that the caller has on the specified database or - backup resource. Attempting this RPC on a non-existent Cloud Spanner - database will result in a NOT_FOUND error if the user has - `spanner.databases.list` permission on the containing Cloud Spanner - instance. Otherwise returns an empty set of permissions. Calling this - method on a backup that does not exist will result in a NOT_FOUND error - if the user has `spanner.backups.list` permission on the containing - instance. Calling this method on a backup schedule that does not exist - will result in a NOT_FOUND error if the user has - `spanner.backupSchedules.list` permission on the containing database. - operationId: spanner.projects.instances.databases.testIamPermissions + Creates a set of partition tokens that can be used to execute a query + operation in parallel. Each of the returned partition tokens can be used + by ExecuteStreamingSql to specify a subset of the query result to read. + The same session and read-only transaction must be used by the + `PartitionQueryRequest` used to create the partition tokens and the + `ExecuteSqlRequests` that use the partition tokens. Partition tokens + become invalid when the session used to create them is deleted, is idle + for too long, begins a new transaction, or becomes too old. When any of + these happen, it isn't possible to resume the query, and the whole + operation must be restarted from the beginning. + operationId: spanner.projects.instances.databases.sessions.partitionQuery requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/PartitionQueryRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data Oauth2c: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/PartitionResponse' parameters: - in: path name: projectsId @@ -8792,44 +8901,48 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases:restore: + - in: path + name: sessionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:commit: parameters: *ref_1 post: description: >- - Create a new database by restoring from a completed backup. The new - database must be in the same project and in an instance with the same - instance configuration as the instance containing the backup. The - returned database long-running operation has a name of the format - `projects//instances//databases//operations/`, and can be used to track - the progress of the operation, and to cancel it. The metadata field type - is RestoreDatabaseMetadata. The response type is Database, if - successful. Cancelling the returned operation will stop the restore and - delete the database. There can be only one database being restored into - an instance at a time. Once the restore operation completes, a new - restore operation can be initiated, without waiting for the optimize - operation associated with the first restore to complete. - operationId: spanner.projects.instances.databases.restore + Commits a transaction. The request includes the mutations to be applied + to rows in the database. `Commit` might return an `ABORTED` error. This + can occur at any time; commonly, the cause is conflicts with concurrent + transactions. However, it can also happen for a variety of other + reasons. If `Commit` returns `ABORTED`, the caller should retry the + transaction from the beginning, reusing the same session. On very rare + occasions, `Commit` might return `UNKNOWN`. This can happen, for + example, if the client job experiences a 1+ hour networking failure. At + that point, Cloud Spanner has lost track of the transaction outcome and + we recommend that you perform another read from the database to see the + state of things as they are now. + operationId: spanner.projects.instances.databases.sessions.commit requestBody: content: application/json: schema: - $ref: '#/components/schemas/RestoreDatabaseRequest' + $ref: '#/components/schemas/CommitRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data Oauth2c: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/CommitResponse' parameters: - in: path name: projectsId @@ -8841,32 +8954,45 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}:addSplitPoints: + - in: path + name: databasesId + required: true + schema: + type: string + - in: path + name: sessionsId + required: true + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions:adapter: parameters: *ref_1 post: - description: Adds split points to specified tables and indexes of a database. - operationId: spanner.projects.instances.databases.addSplitPoints + description: >- + Creates a new session to be used for requests made by the adapter. A + session identifies a specific incarnation of a database resource and is + meant to be reused across many `AdaptMessage` calls. + operationId: spanner.projects.instances.databases.sessions.adapter requestBody: content: application/json: schema: - $ref: '#/components/schemas/AddSplitPointsRequest' + $ref: '#/components/schemas/AdapterSession' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data Oauth2c: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/AddSplitPointsResponse' + $ref: '#/components/schemas/AdapterSession' parameters: - in: path name: projectsId @@ -8883,29 +9009,40 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/operations: + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:executeBatchDml: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: spanner.projects.instances.databases.operations.list + Executes a batch of SQL DML statements. This method allows many + statements to be run with lower latency than submitting them + sequentially with ExecuteSql. Statements are executed in sequential + order. A request can succeed even if a statement fails. The + ExecuteBatchDmlResponse.status field in the response provides + information about the statement that failed. Clients must inspect this + field to determine whether an error occurred. Execution stops after the + first failed statement; the remaining statements are not executed. + operationId: spanner.projects.instances.databases.sessions.executeBatchDml + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ExecuteBatchDmlRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data Oauth2c: - - https://www.googleapis.com/auth/spanner.admin + - https://www.googleapis.com/auth/spanner.data responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/ExecuteBatchDmlResponse' parameters: - in: path name: projectsId @@ -8922,27 +9059,16 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: sessionsId + required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/operations/{operationsId}: + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/backupSchedules: parameters: *ref_1 get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: spanner.projects.instances.databases.operations.get + description: Lists all the backup schedules for the database. + operationId: spanner.projects.instances.databases.backupSchedules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8958,7 +9084,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListBackupSchedulesResponse' parameters: - in: path name: projectsId @@ -8975,18 +9101,23 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: pageToken schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: spanner.projects.instances.databases.operations.delete + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a new backup schedule. + operationId: spanner.projects.instances.databases.backupSchedules.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BackupSchedule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9002,7 +9133,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/BackupSchedule' parameters: - in: path name: projectsId @@ -9019,25 +9150,26 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: backupScheduleId schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/backupSchedules/{backupSchedulesId}:setIamPolicy: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: spanner.projects.instances.databases.operations.cancel + Sets the access control policy on a database or backup resource. + Replaces any existing policy. Authorization requires + `spanner.databases.setIamPolicy` permission on resource. For backups, + authorization requires `spanner.backups.setIamPolicy` permission on + resource. For backup schedules, authorization requires + `spanner.backupSchedules.setIamPolicy` permission on resource. + operationId: spanner.projects.instances.databases.backupSchedules.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9053,7 +9185,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -9071,39 +9203,36 @@ paths: schema: type: string - in: path - name: operationsId + name: backupSchedulesId required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions:adapter: + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/backupSchedules/{backupSchedulesId}: parameters: *ref_1 - post: - description: >- - Creates a new session to be used for requests made by the adapter. A - session identifies a specific incarnation of a database resource and is - meant to be reused across many `AdaptMessage` calls. - operationId: spanner.projects.instances.databases.sessions.adapter + patch: + description: Updates a backup schedule. + operationId: spanner.projects.instances.databases.backupSchedules.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/AdapterSession' + $ref: '#/components/schemas/BackupSchedule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin Oauth2c: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/AdapterSession' + $ref: '#/components/schemas/BackupSchedule' parameters: - in: path name: projectsId @@ -9120,35 +9249,35 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:adaptMessage: - parameters: *ref_1 - post: - description: >- - Handles a single message from the client and returns the result as a - stream. The server will interpret the message frame and respond with - message frames to the client. - operationId: spanner.projects.instances.databases.sessions.adaptMessage - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AdaptMessageRequest' + - in: path + name: backupSchedulesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: Deletes a backup schedule. + operationId: spanner.projects.instances.databases.backupSchedules.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin Oauth2c: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/AdaptMessageResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -9166,48 +9295,29 @@ paths: schema: type: string - in: path - name: sessionsId + name: backupSchedulesId required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions: - parameters: *ref_1 - post: - description: >- - Creates a new session. A session can be used to perform transactions - that read and/or modify data in a Cloud Spanner database. Sessions are - meant to be reused for many consecutive transactions. Sessions can only - execute one transaction at a time. To execute multiple concurrent - read-write/write-only transactions, create multiple sessions. Note that - standalone reads and queries use a transaction internally, and count - toward the one transaction limit. Active sessions use additional server - resources, so it's a good idea to delete idle and unneeded sessions. - Aside from explicit deletes, Cloud Spanner can delete sessions when no - operations are sent for more than an hour. If a session is deleted, - requests to it return `NOT_FOUND`. Idle sessions can be kept alive by - sending a trivial SQL query periodically, for example, `"SELECT 1"`. - operationId: spanner.projects.instances.databases.sessions.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CreateSessionRequest' + get: + description: Gets backup schedule for the input schedule name. + operationId: spanner.projects.instances.databases.backupSchedules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin Oauth2c: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Session' + $ref: '#/components/schemas/BackupSchedule' parameters: - in: path name: projectsId @@ -9224,25 +9334,47 @@ paths: required: true schema: type: string - get: - description: Lists all sessions in a given database. - operationId: spanner.projects.instances.databases.sessions.list + - in: path + name: backupSchedulesId + required: true + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/backupSchedules/{backupSchedulesId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that the caller has on the specified database or + backup resource. Attempting this RPC on a non-existent Cloud Spanner + database will result in a NOT_FOUND error if the user has + `spanner.databases.list` permission on the containing Cloud Spanner + instance. Otherwise returns an empty set of permissions. Calling this + method on a backup that does not exist will result in a NOT_FOUND error + if the user has `spanner.backups.list` permission on the containing + instance. Calling this method on a backup schedule that does not exist + will result in a NOT_FOUND error if the user has + `spanner.backupSchedules.list` permission on the containing database. + operationId: spanner.projects.instances.databases.backupSchedules.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin Oauth2c: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ListSessionsResponse' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -9259,48 +9391,44 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: backupSchedulesId + required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions:batchCreate: + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/backupSchedules/{backupSchedulesId}:getIamPolicy: parameters: *ref_1 post: description: >- - Creates multiple new sessions. This API can be used to initialize a - session cache on the clients. See https://goo.gl/TgSFN2 for best - practices on session cache management. - operationId: spanner.projects.instances.databases.sessions.batchCreate + Gets the access control policy for a database or backup resource. + Returns an empty policy if a database or backup exists but does not have + a policy set. Authorization requires `spanner.databases.getIamPolicy` + permission on resource. For backups, authorization requires + `spanner.backups.getIamPolicy` permission on resource. For backup + schedules, authorization requires `spanner.backupSchedules.getIamPolicy` + permission on resource. + operationId: spanner.projects.instances.databases.backupSchedules.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/BatchCreateSessionsRequest' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin Oauth2c: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/BatchCreateSessionsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -9317,29 +9445,34 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}: + - in: path + name: backupSchedulesId + required: true + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/operations: parameters: *ref_1 get: description: >- - Gets a session. Returns `NOT_FOUND` if the session doesn't exist. This - is mainly useful for determining whether a session is still alive. - operationId: spanner.projects.instances.databases.sessions.get + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: spanner.projects.instances.databases.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin Oauth2c: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Session' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -9356,26 +9489,41 @@ paths: required: true schema: type: string - - in: path - name: sessionsId - required: true + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/operations/{operationsId}: + parameters: *ref_1 delete: description: >- - Ends a session, releasing server resources associated with it. This - asynchronously triggers the cancellation of any operations that are - running with this session. - operationId: spanner.projects.instances.databases.sessions.delete + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: spanner.projects.instances.databases.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin Oauth2c: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin responses: '200': description: Successful response @@ -9400,46 +9548,32 @@ paths: schema: type: string - in: path - name: sessionsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:executeSql: - parameters: *ref_1 - post: + get: description: >- - Executes an SQL statement, returning all results in a single reply. This - method can't be used to return a result set larger than 10 MiB; if the - query yields more data than that, the query fails with a - `FAILED_PRECONDITION` error. Operations inside read-write transactions - might return `ABORTED`. If this occurs, the application should restart - the transaction from the beginning. See Transaction for more details. - Larger result sets can be fetched in streaming fashion by calling - ExecuteStreamingSql instead. The query string can be SQL or [Graph Query - Language - (GQL)](https://cloud.google.com/spanner/docs/reference/standard-sql/graph-intro). - operationId: spanner.projects.instances.databases.sessions.executeSql - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ExecuteSqlRequest' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: spanner.projects.instances.databases.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin Oauth2c: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ResultSet' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9457,42 +9591,40 @@ paths: schema: type: string - in: path - name: sessionsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:executeStreamingSql: + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Like ExecuteSql, except returns the result set as a stream. Unlike - ExecuteSql, there is no limit on the size of the returned result set. - However, no individual row in the result set can exceed 100 MiB, and no - column value can exceed 10 MiB. The query string can be SQL or [Graph - Query Language - (GQL)](https://cloud.google.com/spanner/docs/reference/standard-sql/graph-intro). - operationId: spanner.projects.instances.databases.sessions.executeStreamingSql - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ExecuteSqlRequest' + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: spanner.projects.instances.databases.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin Oauth2c: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/PartialResultSet' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -9510,44 +9642,31 @@ paths: schema: type: string - in: path - name: sessionsId - required: true - schema: - type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:executeBatchDml: - parameters: *ref_1 - post: - description: >- - Executes a batch of SQL DML statements. This method allows many - statements to be run with lower latency than submitting them - sequentially with ExecuteSql. Statements are executed in sequential - order. A request can succeed even if a statement fails. The - ExecuteBatchDmlResponse.status field in the response provides - information about the statement that failed. Clients must inspect this - field to determine whether an error occurred. Execution stops after the - first failed statement; the remaining statements are not executed. - operationId: spanner.projects.instances.databases.sessions.executeBatchDml - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ExecuteBatchDmlRequest' + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/databaseRoles: + parameters: *ref_1 + get: + description: Lists Cloud Spanner database roles. + operationId: spanner.projects.instances.databases.databaseRoles.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin Oauth2c: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ExecuteBatchDmlResponse' + $ref: '#/components/schemas/ListDatabaseRolesResponse' parameters: - in: path name: projectsId @@ -9564,45 +9683,51 @@ paths: required: true schema: type: string - - in: path - name: sessionsId - required: true + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:read: + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/databaseRoles/{databaseRolesId}:testIamPermissions: parameters: *ref_1 post: description: >- - Reads rows from the database using key lookups and scans, as a simple - key/value style alternative to ExecuteSql. This method can't be used to - return a result set larger than 10 MiB; if the read matches more data - than that, the read fails with a `FAILED_PRECONDITION` error. Reads - inside read-write transactions might return `ABORTED`. If this occurs, - the application should restart the transaction from the beginning. See - Transaction for more details. Larger result sets can be yielded in - streaming fashion by calling StreamingRead instead. - operationId: spanner.projects.instances.databases.sessions.read + Returns permissions that the caller has on the specified database or + backup resource. Attempting this RPC on a non-existent Cloud Spanner + database will result in a NOT_FOUND error if the user has + `spanner.databases.list` permission on the containing Cloud Spanner + instance. Otherwise returns an empty set of permissions. Calling this + method on a backup that does not exist will result in a NOT_FOUND error + if the user has `spanner.backups.list` permission on the containing + instance. Calling this method on a backup schedule that does not exist + will result in a NOT_FOUND error if the user has + `spanner.backupSchedules.list` permission on the containing database. + operationId: spanner.projects.instances.databases.databaseRoles.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/ReadRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin Oauth2c: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/ResultSet' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -9620,40 +9745,41 @@ paths: schema: type: string - in: path - name: sessionsId + name: databaseRolesId required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:streamingRead: + /v1/projects/{projectsId}/instances/{instancesId}/databases: parameters: *ref_1 post: description: >- - Like Read, except returns the result set as a stream. Unlike Read, there - is no limit on the size of the returned result set. However, no - individual row in the result set can exceed 100 MiB, and no column value - can exceed 10 MiB. - operationId: spanner.projects.instances.databases.sessions.streamingRead + Creates a new Spanner database and starts to prepare it for serving. The + returned long-running operation will have a name of the format + `/operations/` and can be used to track preparation of the database. The + metadata field type is CreateDatabaseMetadata. The response field type + is Database, if successful. + operationId: spanner.projects.instances.databases.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/ReadRequest' + $ref: '#/components/schemas/CreateDatabaseRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin Oauth2c: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/PartialResultSet' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9665,44 +9791,88 @@ paths: required: true schema: type: string + get: + description: Lists Cloud Spanner databases. + operationId: spanner.projects.instances.databases.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/spanner.admin + Oauth2c: + - https://www.googleapis.com/auth/spanner.admin + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListDatabasesResponse' + parameters: - in: path - name: databasesId + name: projectsId required: true schema: type: string - in: path - name: sessionsId + name: instancesId required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:beginTransaction: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}: parameters: *ref_1 - post: + patch: description: >- - Begins a new transaction. This step can often be skipped: Read, - ExecuteSql and Commit can begin a new transaction as a side-effect. - operationId: spanner.projects.instances.databases.sessions.beginTransaction + Updates a Cloud Spanner database. The returned long-running operation + can be used to track the progress of updating the database. If the named + database does not exist, returns `NOT_FOUND`. While the operation is + pending: * The database's reconciling field is set to true. * Cancelling + the operation is best-effort. If the cancellation succeeds, the + operation metadata's cancel_time is set, the updates are reverted, and + the operation terminates with a `CANCELLED` status. * New UpdateDatabase + requests will return a `FAILED_PRECONDITION` error until the pending + operation is done (returns successfully or with error). * Reading the + database via the API continues to give the pre-request values. Upon + completion of the returned operation: * The new values are in effect and + readable via the API. * The database's reconciling field becomes false. + The returned long-running operation will have a name of the format + `projects//instances//databases//operations/` and can be used to track + the database modification. The metadata field type is + UpdateDatabaseMetadata. The response field type is Database, if + successful. + operationId: spanner.projects.instances.databases.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/BeginTransactionRequest' + $ref: '#/components/schemas/Database' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin Oauth2c: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Transaction' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9719,48 +9889,34 @@ paths: required: true schema: type: string - - in: path - name: sessionsId - required: true + - in: query + name: updateMask schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:commit: - parameters: *ref_1 - post: + format: google-fieldmask + delete: description: >- - Commits a transaction. The request includes the mutations to be applied - to rows in the database. `Commit` might return an `ABORTED` error. This - can occur at any time; commonly, the cause is conflicts with concurrent - transactions. However, it can also happen for a variety of other - reasons. If `Commit` returns `ABORTED`, the caller should retry the - transaction from the beginning, reusing the same session. On very rare - occasions, `Commit` might return `UNKNOWN`. This can happen, for - example, if the client job experiences a 1+ hour networking failure. At - that point, Cloud Spanner has lost track of the transaction outcome and - we recommend that you perform another read from the database to see the - state of things as they are now. - operationId: spanner.projects.instances.databases.sessions.commit - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CommitRequest' + Drops (aka deletes) a Cloud Spanner database. Completed backups for the + database will be retained according to their `expire_time`. Note: Cloud + Spanner might continue to accept requests for a few seconds after the + database has been deleted. + operationId: spanner.projects.instances.databases.dropDatabase security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin Oauth2c: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/CommitResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -9777,43 +9933,25 @@ paths: required: true schema: type: string - - in: path - name: sessionsId - required: true - schema: - type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:rollback: - parameters: *ref_1 - post: - description: >- - Rolls back a transaction, releasing any locks it holds. It's a good idea - to call this for any transaction that includes one or more Read or - ExecuteSql requests and ultimately decides not to commit. `Rollback` - returns `OK` if it successfully aborts the transaction, the transaction - was already aborted, or the transaction isn't found. `Rollback` never - returns `ABORTED`. - operationId: spanner.projects.instances.databases.sessions.rollback - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RollbackRequest' + get: + description: Gets the state of a Cloud Spanner database. + operationId: spanner.projects.instances.databases.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin Oauth2c: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Database' parameters: - in: path name: projectsId @@ -9830,31 +9968,13 @@ paths: required: true schema: type: string - - in: path - name: sessionsId - required: true - schema: - type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:partitionQuery: + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/scans: parameters: *ref_1 - post: + get: description: >- - Creates a set of partition tokens that can be used to execute a query - operation in parallel. Each of the returned partition tokens can be used - by ExecuteStreamingSql to specify a subset of the query result to read. - The same session and read-only transaction must be used by the - `PartitionQueryRequest` used to create the partition tokens and the - `ExecuteSqlRequests` that use the partition tokens. Partition tokens - become invalid when the session used to create them is deleted, is idle - for too long, begins a new transaction, or becomes too old. When any of - these happen, it isn't possible to resume the query, and the whole - operation must be restarted from the beginning. - operationId: spanner.projects.instances.databases.sessions.partitionQuery - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PartitionQueryRequest' + Request a specific scan with Database-specific data for Cloud Key + Visualizer. + operationId: spanner.projects.instances.databases.getScans security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9870,7 +9990,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PartitionResponse' + $ref: '#/components/schemas/Scan' parameters: - in: path name: projectsId @@ -9887,50 +10007,46 @@ paths: required: true schema: type: string - - in: path - name: sessionsId - required: true + - in: query + name: view + schema: + type: string + - in: query + name: startTime + schema: + type: string + format: google-datetime + - in: query + name: endTime schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:partitionRead: + format: google-datetime + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}:addSplitPoints: parameters: *ref_1 post: - description: >- - Creates a set of partition tokens that can be used to execute a read - operation in parallel. Each of the returned partition tokens can be used - by StreamingRead to specify a subset of the read result to read. The - same session and read-only transaction must be used by the - `PartitionReadRequest` used to create the partition tokens and the - `ReadRequests` that use the partition tokens. There are no ordering - guarantees on rows returned among the returned partition tokens, or even - within each individual `StreamingRead` call issued with a - `partition_token`. Partition tokens become invalid when the session used - to create them is deleted, is idle for too long, begins a new - transaction, or becomes too old. When any of these happen, it isn't - possible to resume the read, and the whole operation must be restarted - from the beginning. - operationId: spanner.projects.instances.databases.sessions.partitionRead + description: Adds split points to specified tables and indexes of a database. + operationId: spanner.projects.instances.databases.addSplitPoints requestBody: content: application/json: schema: - $ref: '#/components/schemas/PartitionReadRequest' + $ref: '#/components/schemas/AddSplitPointsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin Oauth2c: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/PartitionResponse' + $ref: '#/components/schemas/AddSplitPointsResponse' parameters: - in: path name: projectsId @@ -9947,51 +10063,44 @@ paths: required: true schema: type: string - - in: path - name: sessionsId - required: true - schema: - type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/sessions/{sessionsId}:batchWrite: + /v1/projects/{projectsId}/instances/{instancesId}/databases:restore: parameters: *ref_1 post: description: >- - Batches the supplied mutation groups in a collection of efficient - transactions. All mutations in a group are committed atomically. - However, mutations across groups can be committed non-atomically in an - unspecified order and thus, they must be independent of each other. - Partial failure is possible, that is, some groups might have been - committed successfully, while some might have failed. The results of - individual batches are streamed into the response as the batches are - applied. `BatchWrite` requests are not replay protected, meaning that - each mutation group can be applied more than once. Replays of - non-idempotent mutations can have undesirable effects. For example, - replays of an insert mutation can produce an already exists error or if - you use generated or commit timestamp-based keys, it can result in - additional rows being added to the mutation's table. We recommend - structuring your mutation groups to be idempotent to avoid this issue. - operationId: spanner.projects.instances.databases.sessions.batchWrite + Create a new database by restoring from a completed backup. The new + database must be in the same project and in an instance with the same + instance configuration as the instance containing the backup. The + returned database long-running operation has a name of the format + `projects//instances//databases//operations/`, and can be used to track + the progress of the operation, and to cancel it. The metadata field type + is RestoreDatabaseMetadata. The response type is Database, if + successful. Cancelling the returned operation will stop the restore and + delete the database. There can be only one database being restored into + an instance at a time. Once the restore operation completes, a new + restore operation can be initiated, without waiting for the optimize + operation associated with the first restore to complete. + operationId: spanner.projects.instances.databases.restore requestBody: content: application/json: schema: - $ref: '#/components/schemas/BatchWriteRequest' + $ref: '#/components/schemas/RestoreDatabaseRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - Oauth2: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin Oauth2c: - - https://www.googleapis.com/auth/spanner.data + - https://www.googleapis.com/auth/spanner.admin responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/BatchWriteResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -10003,32 +10112,24 @@ paths: required: true schema: type: string - - in: path - name: databasesId - required: true - schema: - type: string - - in: path - name: sessionsId - required: true - schema: - type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/backupSchedules/{backupSchedulesId}:setIamPolicy: + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}:changequorum: parameters: *ref_1 post: description: >- - Sets the access control policy on a database or backup resource. - Replaces any existing policy. Authorization requires - `spanner.databases.setIamPolicy` permission on resource. For backups, - authorization requires `spanner.backups.setIamPolicy` permission on - resource. For backup schedules, authorization requires - `spanner.backupSchedules.setIamPolicy` permission on resource. - operationId: spanner.projects.instances.databases.backupSchedules.setIamPolicy + `ChangeQuorum` is strictly restricted to databases that use dual-region + instance configurations. Initiates a background operation to change the + quorum of a database from dual-region mode to single-region mode or vice + versa. The returned long-running operation has a name of the format + `projects//instances//databases//operations/` and can be used to track + execution of the `ChangeQuorum`. The metadata field type is + ChangeQuorumMetadata. Authorization requires + `spanner.databases.changequorum` permission on the resource database. + operationId: spanner.projects.instances.databases.changequorum requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/ChangeQuorumRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10044,7 +10145,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -10061,28 +10162,22 @@ paths: required: true schema: type: string - - in: path - name: backupSchedulesId - required: true - schema: - type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/backupSchedules/{backupSchedulesId}:getIamPolicy: + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}:setIamPolicy: parameters: *ref_1 post: description: >- - Gets the access control policy for a database or backup resource. - Returns an empty policy if a database or backup exists but does not have - a policy set. Authorization requires `spanner.databases.getIamPolicy` - permission on resource. For backups, authorization requires - `spanner.backups.getIamPolicy` permission on resource. For backup - schedules, authorization requires `spanner.backupSchedules.getIamPolicy` - permission on resource. - operationId: spanner.projects.instances.databases.backupSchedules.getIamPolicy + Sets the access control policy on a database or backup resource. + Replaces any existing policy. Authorization requires + `spanner.databases.setIamPolicy` permission on resource. For backups, + authorization requires `spanner.backups.setIamPolicy` permission on + resource. For backup schedules, authorization requires + `spanner.backupSchedules.setIamPolicy` permission on resource. + operationId: spanner.projects.instances.databases.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10115,12 +10210,7 @@ paths: required: true schema: type: string - - in: path - name: backupSchedulesId - required: true - schema: - type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/backupSchedules/{backupSchedulesId}:testIamPermissions: + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}:testIamPermissions: parameters: *ref_1 post: description: >- @@ -10134,7 +10224,7 @@ paths: instance. Calling this method on a backup schedule that does not exist will result in a NOT_FOUND error if the user has `spanner.backupSchedules.list` permission on the containing database. - operationId: spanner.projects.instances.databases.backupSchedules.testIamPermissions + operationId: spanner.projects.instances.databases.testIamPermissions requestBody: content: application/json: @@ -10172,21 +10262,23 @@ paths: required: true schema: type: string - - in: path - name: backupSchedulesId - required: true - schema: - type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/backupSchedules: + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}:getIamPolicy: parameters: *ref_1 post: - description: Creates a new backup schedule. - operationId: spanner.projects.instances.databases.backupSchedules.create + description: >- + Gets the access control policy for a database or backup resource. + Returns an empty policy if a database or backup exists but does not have + a policy set. Authorization requires `spanner.databases.getIamPolicy` + permission on resource. For backups, authorization requires + `spanner.backups.getIamPolicy` permission on resource. For backup + schedules, authorization requires `spanner.backupSchedules.getIamPolicy` + permission on resource. + operationId: spanner.projects.instances.databases.getIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/BackupSchedule' + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10202,7 +10294,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BackupSchedule' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -10219,13 +10311,14 @@ paths: required: true schema: type: string - - in: query - name: backupScheduleId - schema: - type: string + /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/ddl: + parameters: *ref_1 get: - description: Lists all the backup schedules for the database. - operationId: spanner.projects.instances.databases.backupSchedules.list + description: >- + Returns the schema of a Cloud Spanner database as a list of formatted + DDL statements. This method does not show pending schema updates, those + may be queried using the Operations API. + operationId: spanner.projects.instances.databases.getDdl security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10241,7 +10334,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBackupSchedulesResponse' + $ref: '#/components/schemas/GetDatabaseDdlResponse' parameters: - in: path name: projectsId @@ -10258,20 +10351,19 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/backupSchedules/{backupSchedulesId}: - parameters: *ref_1 - get: - description: Gets backup schedule for the input schedule name. - operationId: spanner.projects.instances.databases.backupSchedules.get + patch: + description: >- + Updates the schema of a Cloud Spanner database by + creating/altering/dropping tables, columns, indexes, etc. The returned + long-running operation will have a name of the format `/operations/` and + can be used to track execution of the schema changes. The metadata field + type is UpdateDatabaseDdlMetadata. The operation has no response. + operationId: spanner.projects.instances.databases.updateDdl + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UpdateDatabaseDdlRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10287,7 +10379,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BackupSchedule' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -10304,19 +10396,17 @@ paths: required: true schema: type: string - - in: path - name: backupSchedulesId - required: true - schema: - type: string - patch: - description: Updates a backup schedule. - operationId: spanner.projects.instances.databases.backupSchedules.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BackupSchedule' + /v1/projects/{projectsId}/instances/{instancesId}/databaseOperations: + parameters: *ref_1 + get: + description: >- + Lists database longrunning-operations. A database operation has a name + of the form `projects//instances//databases//operations/`. The + long-running operation metadata field type `metadata.type_url` describes + the type of the metadata. Operations returned include those that have + completed/failed/canceled within the last 7 days, and pending + operations. + operationId: spanner.projects.instances.databaseOperations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10332,7 +10422,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BackupSchedule' + $ref: '#/components/schemas/ListDatabaseOperationsResponse' parameters: - in: path name: projectsId @@ -10344,24 +10434,35 @@ paths: required: true schema: type: string - - in: path - name: databasesId - required: true + - in: query + name: pageToken schema: type: string - - in: path - name: backupSchedulesId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: updateMask + name: filter schema: type: string - format: google-fieldmask - delete: - description: Deletes a backup schedule. - operationId: spanner.projects.instances.databases.backupSchedules.delete + /v1/projects/{projectsId}/instances/{instancesId}/backups/{backupsId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on a database or backup resource. + Replaces any existing policy. Authorization requires + `spanner.databases.setIamPolicy` permission on resource. For backups, + authorization requires `spanner.backups.setIamPolicy` permission on + resource. For backup schedules, authorization requires + `spanner.backupSchedules.setIamPolicy` permission on resource. + operationId: spanner.projects.instances.backups.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10377,7 +10478,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -10390,35 +10491,15 @@ paths: schema: type: string - in: path - name: databasesId - required: true - schema: - type: string - - in: path - name: backupSchedulesId + name: backupsId required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/databaseRoles/{databaseRolesId}:testIamPermissions: + /v1/projects/{projectsId}/instances/{instancesId}/backups/{backupsId}: parameters: *ref_1 - post: - description: >- - Returns permissions that the caller has on the specified database or - backup resource. Attempting this RPC on a non-existent Cloud Spanner - database will result in a NOT_FOUND error if the user has - `spanner.databases.list` permission on the containing Cloud Spanner - instance. Otherwise returns an empty set of permissions. Calling this - method on a backup that does not exist will result in a NOT_FOUND error - if the user has `spanner.backups.list` permission on the containing - instance. Calling this method on a backup schedule that does not exist - will result in a NOT_FOUND error if the user has - `spanner.backupSchedules.list` permission on the containing database. - operationId: spanner.projects.instances.databases.databaseRoles.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + get: + description: Gets metadata on a pending or completed Backup. + operationId: spanner.projects.instances.backups.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10434,7 +10515,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Backup' parameters: - in: path name: projectsId @@ -10447,20 +10528,18 @@ paths: schema: type: string - in: path - name: databasesId - required: true - schema: - type: string - - in: path - name: databaseRolesId + name: backupsId required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/databases/{databasesId}/databaseRoles: - parameters: *ref_1 - get: - description: Lists Cloud Spanner database roles. - operationId: spanner.projects.instances.databases.databaseRoles.list + patch: + description: Updates a pending or completed Backup. + operationId: spanner.projects.instances.backups.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Backup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10476,7 +10555,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDatabaseRolesResponse' + $ref: '#/components/schemas/Backup' parameters: - in: path name: projectsId @@ -10489,26 +10568,18 @@ paths: schema: type: string - in: path - name: databasesId + name: backupsId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: updateMask schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: spanner.projects.instances.operations.list + format: google-fieldmask + delete: + description: Deletes a pending or completed Backup. + operationId: spanner.projects.instances.backups.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10524,7 +10595,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -10536,27 +10607,29 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: backupsId + required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/operations/{operationsId}: + /v1/projects/{projectsId}/instances/{instancesId}/backups: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: spanner.projects.instances.operations.get + Starts creating a new Cloud Spanner Backup. The returned backup + long-running operation will have a name of the format + `projects//instances//backups//operations/` and can be used to track + creation of the backup. The metadata field type is CreateBackupMetadata. + The response field type is Backup, if successful. Cancelling the + returned operation will stop the creation and delete the backup. There + can be only one pending backup creation per database. Backup creation of + different databases can run concurrently. + operationId: spanner.projects.instances.backups.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Backup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10584,18 +10657,28 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: backupId schema: type: string - delete: + - in: query + name: encryptionConfig.kmsKeyName + schema: + type: string + - in: query + name: encryptionConfig.kmsKeyNames + schema: + type: string + - in: query + name: encryptionConfig.encryptionType + schema: + type: string + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: spanner.projects.instances.operations.delete + Lists completed and pending backups. Backups returned are ordered by + `create_time` in descending order, starting from the most recent + `create_time`. + operationId: spanner.projects.instances.backups.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10611,7 +10694,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListBackupsResponse' parameters: - in: path name: projectsId @@ -10623,25 +10706,37 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: filter schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/operations/{operationsId}:cancel: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/instances/{instancesId}/backups:copy: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: spanner.projects.instances.operations.cancel + Starts copying a Cloud Spanner Backup. The returned backup long-running + operation will have a name of the format + `projects//instances//backups//operations/` and can be used to track + copying of the backup. The operation is associated with the destination + backup. The metadata field type is CopyBackupMetadata. The response + field type is Backup, if successful. Cancelling the returned operation + will stop the copying and delete the destination backup. Concurrent + CopyBackup requests can run on the same source backup. + operationId: spanner.projects.instances.backups.copy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CopyBackupRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10657,7 +10752,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -10669,16 +10764,23 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/instances/{instancesId}/instancePartitions: + /v1/projects/{projectsId}/instances/{instancesId}/backups/{backupsId}:getIamPolicy: parameters: *ref_1 - get: - description: Lists all instance partitions for the given instance. - operationId: spanner.projects.instances.instancePartitions.list + post: + description: >- + Gets the access control policy for a database or backup resource. + Returns an empty policy if a database or backup exists but does not have + a policy set. Authorization requires `spanner.databases.getIamPolicy` + permission on resource. For backups, authorization requires + `spanner.backups.getIamPolicy` permission on resource. For backup + schedules, authorization requires `spanner.backupSchedules.getIamPolicy` + permission on resource. + operationId: spanner.projects.instances.backups.getIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10694,7 +10796,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInstancePartitionsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -10706,48 +10808,31 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: instancePartitionDeadline + - in: path + name: backupsId + required: true schema: type: string - format: google-datetime + /v1/projects/{projectsId}/instances/{instancesId}/backups/{backupsId}:testIamPermissions: + parameters: *ref_1 post: description: >- - Creates an instance partition and begins preparing it to be used. The - returned long-running operation can be used to track the progress of - preparing the new instance partition. The instance partition name is - assigned by the caller. If the named instance partition already exists, - `CreateInstancePartition` returns `ALREADY_EXISTS`. Immediately upon - completion of this request: * The instance partition is readable via the - API, with all requested attributes but no allocated resources. Its state - is `CREATING`. Until completion of the returned operation: * Cancelling - the operation renders the instance partition immediately unreadable via - the API. * The instance partition can be deleted. * All other attempts - to modify the instance partition are rejected. Upon completion of the - returned operation: * Billing for all successfully-allocated resources - begins (some types may have lower than the requested levels). * - Databases can start using this instance partition. * The instance - partition's allocated resource levels are readable via the API. * The - instance partition's state becomes `READY`. The returned long-running - operation will have a name of the format `/operations/` and can be used - to track creation of the instance partition. The metadata field type is - CreateInstancePartitionMetadata. The response field type is - InstancePartition, if successful. - operationId: spanner.projects.instances.instancePartitions.create + Returns permissions that the caller has on the specified database or + backup resource. Attempting this RPC on a non-existent Cloud Spanner + database will result in a NOT_FOUND error if the user has + `spanner.databases.list` permission on the containing Cloud Spanner + instance. Otherwise returns an empty set of permissions. Calling this + method on a backup that does not exist will result in a NOT_FOUND error + if the user has `spanner.backups.list` permission on the containing + instance. Calling this method on a backup schedule that does not exist + will result in a NOT_FOUND error if the user has + `spanner.backupSchedules.list` permission on the containing database. + operationId: spanner.projects.instances.backups.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/CreateInstancePartitionRequest' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10763,7 +10848,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -10775,11 +10860,18 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/instancePartitions/{instancePartitionsId}: + - in: path + name: backupsId + required: true + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/backups/{backupsId}/operations: parameters: *ref_1 get: - description: Gets information about a particular instance partition. - operationId: spanner.projects.instances.instancePartitions.get + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: spanner.projects.instances.backups.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10795,7 +10887,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/InstancePartition' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -10808,17 +10900,36 @@ paths: schema: type: string - in: path - name: instancePartitionsId + name: backupsId required: true schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/instances/{instancesId}/backups/{backupsId}/operations/{operationsId}: + parameters: *ref_1 delete: description: >- - Deletes an existing instance partition. Requires that the instance - partition is not used by any database or backup and is not the default - instance partition of an instance. Authorization requires - `spanner.instancePartitions.delete` permission on the resource name. - operationId: spanner.projects.instances.instancePartitions.delete + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: spanner.projects.instances.backups.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10847,45 +10958,21 @@ paths: schema: type: string - in: path - name: instancePartitionsId + name: backupsId required: true schema: type: string - - in: query - name: etag + - in: path + name: operationsId + required: true schema: type: string - patch: + get: description: >- - Updates an instance partition, and begins allocating or releasing - resources as requested. The returned long-running operation can be used - to track the progress of updating the instance partition. If the named - instance partition does not exist, returns `NOT_FOUND`. Immediately upon - completion of this request: * For resource types for which a decrease in - the instance partition's allocation has been requested, billing is based - on the newly-requested level. Until completion of the returned - operation: * Cancelling the operation sets its metadata's cancel_time, - and begins restoring resources to their pre-request values. The - operation is guaranteed to succeed at undoing all resource changes, - after which point it terminates with a `CANCELLED` status. * All other - attempts to modify the instance partition are rejected. * Reading the - instance partition via the API continues to give the pre-request - resource levels. Upon completion of the returned operation: * Billing - begins for all successfully-allocated resources (some types may have - lower than the requested levels). * All newly-reserved resources are - available for serving the instance partition's tables. * The instance - partition's new resource levels are readable via the API. The returned - long-running operation will have a name of the format `/operations/` and - can be used to track the instance partition modification. The metadata - field type is UpdateInstancePartitionMetadata. The response field type - is InstancePartition, if successful. Authorization requires - `spanner.instancePartitions.update` permission on the resource name. - operationId: spanner.projects.instances.instancePartitions.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UpdateInstancePartitionRequest' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: spanner.projects.instances.backups.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10914,17 +11001,29 @@ paths: schema: type: string - in: path - name: instancePartitionsId + name: backupsId required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/instancePartitions/{instancePartitionsId}/operations: + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}/backups/{backupsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: spanner.projects.instances.instancePartitions.operations.list + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: spanner.projects.instances.backups.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10940,7 +11039,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -10953,31 +11052,29 @@ paths: schema: type: string - in: path - name: instancePartitionsId + name: backupsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/instancePartitions/{instancePartitionsId}/operations/{operationsId}: + /v1/projects/{projectsId}/instances/{instancesId}/instancePartitions/{instancePartitionsId}/operations/{operationsId}:cancel: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: spanner.projects.instances.instancePartitions.operations.get + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: spanner.projects.instances.instancePartitions.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10993,7 +11090,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -11015,13 +11112,14 @@ paths: required: true schema: type: string - delete: + /v1/projects/{projectsId}/instances/{instancesId}/instancePartitions/{instancePartitionsId}/operations/{operationsId}: + parameters: *ref_1 + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: spanner.projects.instances.instancePartitions.operations.delete + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: spanner.projects.instances.instancePartitions.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11037,7 +11135,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -11059,20 +11157,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/instancePartitions/{instancePartitionsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: + delete: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: spanner.projects.instances.instancePartitions.operations.cancel + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: spanner.projects.instances.instancePartitions.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11110,22 +11201,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/instancePartitionOperations: + /v1/projects/{projectsId}/instances/{instancesId}/instancePartitions/{instancePartitionsId}/operations: parameters: *ref_1 get: description: >- - Lists instance partition long-running operations in the given instance. - An instance partition operation has a name of the form - `projects//instances//instancePartitions//operations/`. The long-running - operation metadata field type `metadata.type_url` describes the type of - the metadata. Operations returned include those that have - completed/failed/canceled within the last 7 days, and pending - operations. Operations returned are ordered by - `operation.metadata.value.start_time` in descending order starting from - the most recently started operation. Authorization requires - `spanner.instancePartitionOperations.list` permission on the resource - parent. - operationId: spanner.projects.instances.instancePartitionOperations.list + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: spanner.projects.instances.instancePartitions.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11141,7 +11223,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListInstancePartitionOperationsResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -11153,40 +11235,37 @@ paths: required: true schema: type: string + - in: path + name: instancePartitionsId + required: true + schema: + type: string - in: query - name: filter + name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - - in: query - name: instancePartitionDeadline + name: filter schema: type: string - format: google-datetime - /v1/projects/{projectsId}/instances/{instancesId}/backups/{backupsId}:setIamPolicy: + /v1/projects/{projectsId}/instances/{instancesId}/instancePartitions/{instancePartitionsId}: parameters: *ref_1 - post: + delete: description: >- - Sets the access control policy on a database or backup resource. - Replaces any existing policy. Authorization requires - `spanner.databases.setIamPolicy` permission on resource. For backups, - authorization requires `spanner.backups.setIamPolicy` permission on - resource. For backup schedules, authorization requires - `spanner.backupSchedules.setIamPolicy` permission on resource. - operationId: spanner.projects.instances.backups.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + Deletes an existing instance partition. Requires that the instance + partition is not used by any database or backup and is not the default + instance partition of an instance. Authorization requires + `spanner.instancePartitions.delete` permission on the resource name. + operationId: spanner.projects.instances.instancePartitions.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11202,7 +11281,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -11215,27 +11294,45 @@ paths: schema: type: string - in: path - name: backupsId + name: instancePartitionsId required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/backups/{backupsId}:getIamPolicy: - parameters: *ref_1 - post: + - in: query + name: etag + schema: + type: string + patch: description: >- - Gets the access control policy for a database or backup resource. - Returns an empty policy if a database or backup exists but does not have - a policy set. Authorization requires `spanner.databases.getIamPolicy` - permission on resource. For backups, authorization requires - `spanner.backups.getIamPolicy` permission on resource. For backup - schedules, authorization requires `spanner.backupSchedules.getIamPolicy` - permission on resource. - operationId: spanner.projects.instances.backups.getIamPolicy + Updates an instance partition, and begins allocating or releasing + resources as requested. The returned long-running operation can be used + to track the progress of updating the instance partition. If the named + instance partition does not exist, returns `NOT_FOUND`. Immediately upon + completion of this request: * For resource types for which a decrease in + the instance partition's allocation has been requested, billing is based + on the newly-requested level. Until completion of the returned + operation: * Cancelling the operation sets its metadata's cancel_time, + and begins restoring resources to their pre-request values. The + operation is guaranteed to succeed at undoing all resource changes, + after which point it terminates with a `CANCELLED` status. * All other + attempts to modify the instance partition are rejected. * Reading the + instance partition via the API continues to give the pre-request + resource levels. Upon completion of the returned operation: * Billing + begins for all successfully-allocated resources (some types may have + lower than the requested levels). * All newly-reserved resources are + available for serving the instance partition's tables. * The instance + partition's new resource levels are readable via the API. The returned + long-running operation will have a name of the format `/operations/` and + can be used to track the instance partition modification. The metadata + field type is UpdateInstancePartitionMetadata. The response field type + is InstancePartition, if successful. Authorization requires + `spanner.instancePartitions.update` permission on the resource name. + operationId: spanner.projects.instances.instancePartitions.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/GetIamPolicyRequest' + $ref: '#/components/schemas/UpdateInstancePartitionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11251,7 +11348,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -11264,30 +11361,13 @@ paths: schema: type: string - in: path - name: backupsId + name: instancePartitionsId required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/backups/{backupsId}:testIamPermissions: - parameters: *ref_1 - post: - description: >- - Returns permissions that the caller has on the specified database or - backup resource. Attempting this RPC on a non-existent Cloud Spanner - database will result in a NOT_FOUND error if the user has - `spanner.databases.list` permission on the containing Cloud Spanner - instance. Otherwise returns an empty set of permissions. Calling this - method on a backup that does not exist will result in a NOT_FOUND error - if the user has `spanner.backups.list` permission on the containing - instance. Calling this method on a backup schedule that does not exist - will result in a NOT_FOUND error if the user has - `spanner.backupSchedules.list` permission on the containing database. - operationId: spanner.projects.instances.backups.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + get: + description: Gets information about a particular instance partition. + operationId: spanner.projects.instances.instancePartitions.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11303,7 +11383,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/InstancePartition' parameters: - in: path name: projectsId @@ -11316,28 +11396,40 @@ paths: schema: type: string - in: path - name: backupsId + name: instancePartitionsId required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/backups: + /v1/projects/{projectsId}/instances/{instancesId}/instancePartitions: parameters: *ref_1 post: description: >- - Starts creating a new Cloud Spanner Backup. The returned backup - long-running operation will have a name of the format - `projects//instances//backups//operations/` and can be used to track - creation of the backup. The metadata field type is CreateBackupMetadata. - The response field type is Backup, if successful. Cancelling the - returned operation will stop the creation and delete the backup. There - can be only one pending backup creation per database. Backup creation of - different databases can run concurrently. - operationId: spanner.projects.instances.backups.create + Creates an instance partition and begins preparing it to be used. The + returned long-running operation can be used to track the progress of + preparing the new instance partition. The instance partition name is + assigned by the caller. If the named instance partition already exists, + `CreateInstancePartition` returns `ALREADY_EXISTS`. Immediately upon + completion of this request: * The instance partition is readable via the + API, with all requested attributes but no allocated resources. Its state + is `CREATING`. Until completion of the returned operation: * Cancelling + the operation renders the instance partition immediately unreadable via + the API. * The instance partition can be deleted. * All other attempts + to modify the instance partition are rejected. Upon completion of the + returned operation: * Billing for all successfully-allocated resources + begins (some types may have lower than the requested levels). * + Databases can start using this instance partition. * The instance + partition's allocated resource levels are readable via the API. * The + instance partition's state becomes `READY`. The returned long-running + operation will have a name of the format `/operations/` and can be used + to track creation of the instance partition. The metadata field type is + CreateInstancePartitionMetadata. The response field type is + InstancePartition, if successful. + operationId: spanner.projects.instances.instancePartitions.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Backup' + $ref: '#/components/schemas/CreateInstancePartitionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11365,28 +11457,9 @@ paths: required: true schema: type: string - - in: query - name: backupId - schema: - type: string - - in: query - name: encryptionConfig.encryptionType - schema: - type: string - - in: query - name: encryptionConfig.kmsKeyName - schema: - type: string - - in: query - name: encryptionConfig.kmsKeyNames - schema: - type: string get: - description: >- - Lists completed and pending backups. Backups returned are ordered by - `create_time` in descending order, starting from the most recent - `create_time`. - operationId: spanner.projects.instances.backups.list + description: Lists all instance partitions for the given instance. + operationId: spanner.projects.instances.instancePartitions.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11402,7 +11475,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBackupsResponse' + $ref: '#/components/schemas/ListInstancePartitionsResponse' parameters: - in: path name: projectsId @@ -11414,10 +11487,6 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: @@ -11427,24 +11496,27 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/backups:copy: + - in: query + name: instancePartitionDeadline + schema: + type: string + format: google-datetime + /v1/projects/{projectsId}/instances/{instancesId}/instancePartitionOperations: parameters: *ref_1 - post: + get: description: >- - Starts copying a Cloud Spanner Backup. The returned backup long-running - operation will have a name of the format - `projects//instances//backups//operations/` and can be used to track - copying of the backup. The operation is associated with the destination - backup. The metadata field type is CopyBackupMetadata. The response - field type is Backup, if successful. Cancelling the returned operation - will stop the copying and delete the destination backup. Concurrent - CopyBackup requests can run on the same source backup. - operationId: spanner.projects.instances.backups.copy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CopyBackupRequest' + Lists instance partition long-running operations in the given instance. + An instance partition operation has a name of the form + `projects//instances//instancePartitions//operations/`. The long-running + operation metadata field type `metadata.type_url` describes the type of + the metadata. Operations returned include those that have + completed/failed/canceled within the last 7 days, and pending + operations. Operations returned are ordered by + `operation.metadata.value.start_time` in descending order starting from + the most recently started operation. Authorization requires + `spanner.instancePartitionOperations.list` permission on the resource + parent. + operationId: spanner.projects.instances.instancePartitionOperations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11460,7 +11532,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListInstancePartitionOperationsResponse' parameters: - in: path name: projectsId @@ -11472,11 +11544,34 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/backups/{backupsId}: + - in: query + name: instancePartitionDeadline + schema: + type: string + format: google-datetime + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/instances/{instancesId}: parameters: *ref_1 - get: - description: Gets metadata on a pending or completed Backup. - operationId: spanner.projects.instances.backups.get + delete: + description: >- + Deletes an instance. Immediately upon completion of the request: * + Billing ceases for all of the instance's reserved resources. Soon + afterward: * The instance and *all of its databases* immediately and + irrevocably disappear from the API. All data in the databases is + permanently deleted. + operationId: spanner.projects.instances.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11492,7 +11587,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Backup' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -11504,19 +11599,36 @@ paths: required: true schema: type: string - - in: path - name: backupsId - required: true - schema: - type: string patch: - description: Updates a pending or completed Backup. - operationId: spanner.projects.instances.backups.patch + description: >- + Updates an instance, and begins allocating or releasing resources as + requested. The returned long-running operation can be used to track the + progress of updating the instance. If the named instance does not exist, + returns `NOT_FOUND`. Immediately upon completion of this request: * For + resource types for which a decrease in the instance's allocation has + been requested, billing is based on the newly-requested level. Until + completion of the returned operation: * Cancelling the operation sets + its metadata's cancel_time, and begins restoring resources to their + pre-request values. The operation is guaranteed to succeed at undoing + all resource changes, after which point it terminates with a `CANCELLED` + status. * All other attempts to modify the instance are rejected. * + Reading the instance via the API continues to give the pre-request + resource levels. Upon completion of the returned operation: * Billing + begins for all successfully-allocated resources (some types may have + lower than the requested levels). * All newly-reserved resources are + available for serving the instance's tables. * The instance's new + resource levels are readable via the API. The returned long-running + operation will have a name of the format `/operations/` and can be used + to track the instance modification. The metadata field type is + UpdateInstanceMetadata. The response field type is Instance, if + successful. Authorization requires `spanner.instances.update` permission + on the resource name. + operationId: spanner.projects.instances.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/Backup' + $ref: '#/components/schemas/UpdateInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11532,31 +11644,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Backup' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: instancesId - required: true - schema: - type: string - - in: path - name: backupsId - required: true - schema: - type: string - - in: query - name: updateMask + - in: path + name: instancesId + required: true schema: type: string - format: google-fieldmask - delete: - description: Deletes a pending or completed Backup. - operationId: spanner.projects.instances.backups.delete + get: + description: Gets information about a particular instance. + operationId: spanner.projects.instances.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11572,7 +11674,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Instance' parameters: - in: path name: projectsId @@ -11584,18 +11686,16 @@ paths: required: true schema: type: string - - in: path - name: backupsId - required: true + - in: query + name: fieldMask schema: type: string - /v1/projects/{projectsId}/instances/{instancesId}/backups/{backupsId}/operations: + format: google-fieldmask + /v1/projects/{projectsId}/instances: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: spanner.projects.instances.backups.operations.list + description: Lists all instances in the given project. + operationId: spanner.projects.instances.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11611,21 +11711,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/ListInstancesResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: instancesId - required: true + - in: query + name: instanceDeadline schema: type: string - - in: path - name: backupsId - required: true + format: google-datetime + - in: query + name: pageToken schema: type: string - in: query @@ -11637,18 +11736,32 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/instances/{instancesId}/backups/{backupsId}/operations/{operationsId}: - parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: spanner.projects.instances.backups.operations.get + Creates an instance and begins preparing it to begin serving. The + returned long-running operation can be used to track the progress of + preparing the new instance. The instance name is assigned by the caller. + If the named instance already exists, `CreateInstance` returns + `ALREADY_EXISTS`. Immediately upon completion of this request: * The + instance is readable via the API, with all requested attributes but no + allocated resources. Its state is `CREATING`. Until completion of the + returned operation: * Cancelling the operation renders the instance + immediately unreadable via the API. * The instance can be deleted. * All + other attempts to modify the instance are rejected. Upon completion of + the returned operation: * Billing for all successfully-allocated + resources begins (some types may have lower than the requested levels). + * Databases can be created in the instance. * The instance's allocated + resource levels are readable via the API. * The instance's state becomes + `READY`. The returned long-running operation will have a name of the + format `/operations/` and can be used to track creation of the instance. + The metadata field type is CreateInstanceMetadata. The response field + type is Instance, if successful. + operationId: spanner.projects.instances.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CreateInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11671,28 +11784,21 @@ paths: required: true schema: type: string - - in: path - name: instancesId - required: true - schema: - type: string - - in: path - name: backupsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - delete: + /v1/projects/{projectsId}/instances/{instancesId}:testIamPermissions: + parameters: *ref_1 + post: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: spanner.projects.instances.backups.operations.delete + Returns permissions that the caller has on the specified instance + resource. Attempting this RPC on a non-existent Cloud Spanner instance + resource will result in a NOT_FOUND error if the user has + `spanner.instances.list` permission on the containing Google Cloud + Project. Otherwise returns an empty set of permissions. + operationId: spanner.projects.instances.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11708,7 +11814,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -11720,30 +11826,19 @@ paths: required: true schema: type: string - - in: path - name: backupsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/instances/{instancesId}/backups/{backupsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/instances/{instancesId}:setIamPolicy: parameters: *ref_1 post: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: spanner.projects.instances.backups.operations.cancel + Sets the access control policy on an instance resource. Replaces any + existing policy. Authorization requires `spanner.instances.setIamPolicy` + on resource. + operationId: spanner.projects.instances.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11759,7 +11854,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -11771,27 +11866,47 @@ paths: required: true schema: type: string - - in: path - name: backupsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/instances/{instancesId}/databaseOperations: + /v1/projects/{projectsId}/instances/{instancesId}:move: parameters: *ref_1 - get: + post: description: >- - Lists database longrunning-operations. A database operation has a name - of the form `projects//instances//databases//operations/`. The - long-running operation metadata field type `metadata.type_url` describes - the type of the metadata. Operations returned include those that have - completed/failed/canceled within the last 7 days, and pending - operations. - operationId: spanner.projects.instances.databaseOperations.list + Moves an instance to the target instance configuration. You can use the + returned long-running operation to track the progress of moving the + instance. `MoveInstance` returns `FAILED_PRECONDITION` if the instance + meets any of the following criteria: * Is undergoing a move to a + different instance configuration * Has backups * Has an ongoing update * + Contains any CMEK-enabled databases * Is a free trial instance While the + operation is pending: * All other attempts to modify the instance, + including changes to its compute capacity, are rejected. * The following + database and backup admin operations are rejected: * + `DatabaseAdmin.CreateDatabase` * `DatabaseAdmin.UpdateDatabaseDdl` + (disabled if default_leader is specified in the request.) * + `DatabaseAdmin.RestoreDatabase` * `DatabaseAdmin.CreateBackup` * + `DatabaseAdmin.CopyBackup` * Both the source and target instance + configurations are subject to hourly compute and storage charges. * The + instance might experience higher read-write latencies and a higher + transaction abort rate. However, moving an instance doesn't cause any + downtime. The returned long-running operation has a name of the format + `/operations/` and can be used to track the move instance operation. The + metadata field type is MoveInstanceMetadata. The response field type is + Instance, if successful. Cancelling the operation sets its metadata's + cancel_time. Cancellation is not immediate because it involves moving + any data previously moved to the target instance configuration back to + the original instance configuration. You can use this operation to track + the progress of the cancellation. Upon successful completion of the + cancellation, the operation terminates with `CANCELLED` status. If not + cancelled, upon completion of the returned operation: * The instance + successfully moves to the target instance configuration. * You are + billed for compute and storage in target instance configuration. + Authorization requires the `spanner.instances.update` permission on the + resource instance. For more details, see [Move an + instance](https://cloud.google.com/spanner/docs/move-instance). + operationId: spanner.projects.instances.move + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/MoveInstanceRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11807,7 +11922,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListDatabaseOperationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -11819,33 +11934,19 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/instances/{instancesId}/backupOperations: + /v1/projects/{projectsId}/instances/{instancesId}:getIamPolicy: parameters: *ref_1 - get: + post: description: >- - Lists the backup long-running operations in the given instance. A backup - operation has a name of the form - `projects//instances//backups//operations/`. The long-running operation - metadata field type `metadata.type_url` describes the type of the - metadata. Operations returned include those that have - completed/failed/canceled within the last 7 days, and pending - operations. Operations returned are ordered by - `operation.metadata.value.progress.start_time` in descending order - starting from the most recently started operation. - operationId: spanner.projects.instances.backupOperations.list + Gets the access control policy for an instance resource. Returns an + empty policy if an instance exists but does not have a policy set. + Authorization requires `spanner.instances.getIamPolicy` on resource. + operationId: spanner.projects.instances.getIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -11861,7 +11962,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBackupOperationsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -11873,16 +11974,3 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/speech.yaml b/providers/src/googleapis.com/v00.00.00000/services/speech.yaml index 753b6b2f..06dfe009 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/speech.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/speech.yaml @@ -7,8 +7,8 @@ info: title: Cloud Speech-to-Text API description: Converts audio to text by applying powerful neural network models. version: v1 - x-discovery-doc-revision: '20250814' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251106' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/speech-to-text/docs/quickstart-protocol servers: @@ -389,6 +389,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -1934,6 +1943,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/speechv2.yaml b/providers/src/googleapis.com/v00.00.00000/services/speechv2.yaml new file mode 100644 index 00000000..fdbde29c --- /dev/null +++ b/providers/src/googleapis.com/v00.00.00000/services/speechv2.yaml @@ -0,0 +1,3355 @@ +openapi: 3.1.0 +info: + contact: + name: StackQL Studios + url: https://github.com/stackql/google-discovery-to-openapi + email: info@stackql.io + title: Cloud Speech-to-Text API + description: Converts audio to text by applying powerful neural network models. + version: v2 + x-discovery-doc-revision: '20251106' + x-generated-date: '2025-12-10' +externalDocs: + url: https://cloud.google.com/speech-to-text/docs/quickstart-protocol +servers: + - url: https://speech.googleapis.com +components: + securitySchemes: + Oauth2: + type: oauth2 + description: Oauth 2.0 implicit authentication + flows: + implicit: + authorizationUrl: https://accounts.google.com/o/oauth2/auth + scopes: &ref_0 + https://www.googleapis.com/auth/cloud-platform: >- + See, edit, configure, and delete your Google Cloud data and see + the email address for your Google Account. + Oauth2c: + type: oauth2 + description: Oauth 2.0 authorization code authentication + flows: + authorizationCode: + authorizationUrl: https://accounts.google.com/o/oauth2/auth + tokenUrl: https://accounts.google.com/o/oauth2/token + scopes: *ref_0 + schemas: + ListOperationsResponse: + id: ListOperationsResponse + description: The response message for Operations.ListOperations. + type: object + properties: + operations: + description: >- + A list of operations that matches the specified filter in the + request. + type: array + items: + $ref: '#/components/schemas/Operation' + nextPageToken: + description: The standard List next-page token. + type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string + Operation: + id: Operation + description: >- + This resource represents a long-running operation that is the result of + a network API call. + type: object + properties: + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string + metadata: + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + response: + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + Status: + id: Status + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + type: object + properties: + code: + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + format: int32 + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + details: + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + ListLocationsResponse: + id: ListLocationsResponse + description: The response message for Locations.ListLocations. + type: object + properties: + locations: + description: >- + A list of locations that matches the specified filter in the + request. + type: array + items: + $ref: '#/components/schemas/Location' + nextPageToken: + description: The standard List next-page token. + type: string + Location: + id: Location + description: A resource that represents a Google Cloud location. + type: object + properties: + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + type: string + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + labels: + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + type: object + additionalProperties: + type: string + metadata: + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + Recognizer: + id: Recognizer + description: A Recognizer message. Stores recognition configuration and metadata. + type: object + properties: + name: + description: >- + Output only. Identifier. The resource name of the Recognizer. + Format: + `projects/{project}/locations/{location}/recognizers/{recognizer}`. + readOnly: true + type: string + uid: + description: Output only. System-assigned unique identifier for the Recognizer. + readOnly: true + type: string + displayName: + description: >- + User-settable, human-readable name for the Recognizer. Must be 63 + characters or less. + type: string + model: + description: >- + Optional. This field is now deprecated. Prefer the `model` field in + the `RecognitionConfig` message. Which model to use for recognition + requests. Select the model best suited to your domain to get best + results. Guidance for choosing which model to use can be found in + the [Transcription Models + Documentation](https://cloud.google.com/speech-to-text/v2/docs/transcription-model) + and the models supported in each region can be found in the [Table + Of Supported + Models](https://cloud.google.com/speech-to-text/v2/docs/speech-to-text-supported-languages). + deprecated: true + type: string + languageCodes: + description: >- + Optional. This field is now deprecated. Prefer the `language_codes` + field in the `RecognitionConfig` message. The language of the + supplied audio as a + [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. + Supported languages for each model are listed in the [Table of + Supported + Models](https://cloud.google.com/speech-to-text/v2/docs/speech-to-text-supported-languages). + If additional languages are provided, recognition result will + contain recognition in the most likely language detected. The + recognition result will include the language tag of the language + detected in the audio. When you create or update a Recognizer, these + values are stored in normalized BCP-47 form. For example, "en-us" is + stored as "en-US". + deprecated: true + type: array + items: + type: string + defaultRecognitionConfig: + description: >- + Default configuration to use for requests with this Recognizer. This + can be overwritten by inline configuration in the + RecognizeRequest.config field. + $ref: '#/components/schemas/RecognitionConfig' + annotations: + description: >- + Allows users to store small amounts of arbitrary data. Both the key + and the value must be 63 characters or less each. At most 100 + annotations. + type: object + additionalProperties: + type: string + state: + description: Output only. The Recognizer lifecycle state. + readOnly: true + type: string + enumDescriptions: + - The default value. This value is used if the state is omitted. + - The Recognizer is active and ready for use. + - This Recognizer has been deleted. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - DELETED + createTime: + description: Output only. Creation time. + readOnly: true + type: string + format: google-datetime + updateTime: + description: Output only. The most recent time this Recognizer was modified. + readOnly: true + type: string + format: google-datetime + deleteTime: + description: >- + Output only. The time at which this Recognizer was requested for + deletion. + readOnly: true + type: string + format: google-datetime + expireTime: + description: Output only. The time at which this Recognizer will be purged. + readOnly: true + type: string + format: google-datetime + etag: + description: >- + Output only. This checksum is computed by the server based on the + value of other fields. This may be sent on update, undelete, and + delete requests to ensure the client has an up-to-date value before + proceeding. + readOnly: true + type: string + reconciling: + description: >- + Output only. Whether or not this Recognizer is in the process of + being updated. + readOnly: true + type: boolean + kmsKeyName: + description: >- + Output only. The [KMS key + name](https://cloud.google.com/kms/docs/resource-hierarchy#keys) + with which the Recognizer is encrypted. The expected format is + `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. + readOnly: true + type: string + kmsKeyVersionName: + description: >- + Output only. The [KMS key version + name](https://cloud.google.com/kms/docs/resource-hierarchy#key_versions) + with which the Recognizer is encrypted. The expected format is + `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}`. + readOnly: true + type: string + RecognitionConfig: + id: RecognitionConfig + description: >- + Provides information to the Recognizer that specifies how to process the + recognition request. + type: object + properties: + autoDecodingConfig: + description: >- + Automatically detect decoding parameters. Preferred for supported + formats. + $ref: '#/components/schemas/AutoDetectDecodingConfig' + explicitDecodingConfig: + description: >- + Explicitly specified decoding parameters. Required if using + headerless PCM audio (linear16, mulaw, alaw). + $ref: '#/components/schemas/ExplicitDecodingConfig' + model: + description: >- + Optional. Which model to use for recognition requests. Select the + model best suited to your domain to get best results. Guidance for + choosing which model to use can be found in the [Transcription + Models + Documentation](https://cloud.google.com/speech-to-text/v2/docs/transcription-model) + and the models supported in each region can be found in the [Table + Of Supported + Models](https://cloud.google.com/speech-to-text/v2/docs/speech-to-text-supported-languages). + type: string + languageCodes: + description: >- + Optional. The language of the supplied audio as a + [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. + Language tags are normalized to BCP-47 before they are used eg + "en-us" becomes "en-US". Supported languages for each model are + listed in the [Table of Supported + Models](https://cloud.google.com/speech-to-text/v2/docs/speech-to-text-supported-languages). + If additional languages are provided, recognition result will + contain recognition in the most likely language detected. The + recognition result will include the language tag of the language + detected in the audio. + type: array + items: + type: string + features: + description: Speech recognition features to enable. + $ref: '#/components/schemas/RecognitionFeatures' + adaptation: + description: >- + Speech adaptation context that weights recognizer predictions for + specific words and phrases. + $ref: '#/components/schemas/SpeechAdaptation' + transcriptNormalization: + description: >- + Optional. Use transcription normalization to automatically replace + parts of the transcript with phrases of your choosing. For + StreamingRecognize, this normalization only applies to stable + partial transcripts (stability > 0.8) and final transcripts. + $ref: '#/components/schemas/TranscriptNormalization' + translationConfig: + description: >- + Optional. Optional configuration used to automatically run + translation on the given audio to the desired language for supported + models. + $ref: '#/components/schemas/TranslationConfig' + denoiserConfig: + description: >- + Optional. Optional denoiser config. May not be supported for all + models and may have no effect. + $ref: '#/components/schemas/DenoiserConfig' + AutoDetectDecodingConfig: + id: AutoDetectDecodingConfig + description: >- + Automatically detected decoding parameters. Supported for the following + encodings: * WAV_LINEAR16: 16-bit signed little-endian PCM samples in a + WAV container. * WAV_MULAW: 8-bit companded mulaw samples in a WAV + container. * WAV_ALAW: 8-bit companded alaw samples in a WAV container. + * RFC4867_5_AMR: AMR frames with an rfc4867.5 header. * RFC4867_5_AMRWB: + AMR-WB frames with an rfc4867.5 header. * FLAC: FLAC frames in the + "native FLAC" container format. * MP3: MPEG audio frames with optional + (ignored) ID3 metadata. * OGG_OPUS: Opus audio frames in an Ogg + container. * WEBM_OPUS: Opus audio frames in a WebM container. * + MP4_AAC: AAC audio frames in an MP4 container. * M4A_AAC: AAC audio + frames in an M4A container. * MOV_AAC: AAC audio frames in an MOV + container. + type: object + properties: {} + ExplicitDecodingConfig: + id: ExplicitDecodingConfig + description: Explicitly specified decoding parameters. + type: object + properties: + encoding: + description: Required. Encoding of the audio data sent for recognition. + type: string + enumDescriptions: + - Default value. This value is unused. + - Headerless 16-bit signed little-endian PCM samples. + - Headerless 8-bit companded mulaw samples. + - Headerless 8-bit companded alaw samples. + - AMR frames with an rfc4867.5 header. + - AMR-WB frames with an rfc4867.5 header. + - FLAC frames in the "native FLAC" container format. + - MPEG audio frames with optional (ignored) ID3 metadata. + - Opus audio frames in an Ogg container. + - Opus audio frames in a WebM container. + - AAC audio frames in an MP4 container. + - AAC audio frames in an M4A container. + - AAC audio frames in an MOV container. + enum: + - AUDIO_ENCODING_UNSPECIFIED + - LINEAR16 + - MULAW + - ALAW + - AMR + - AMR_WB + - FLAC + - MP3 + - OGG_OPUS + - WEBM_OPUS + - MP4_AAC + - M4A_AAC + - MOV_AAC + sampleRateHertz: + description: >- + Optional. Sample rate in Hertz of the audio data sent for + recognition. Valid values are: 8000-48000, and 16000 is optimal. For + best results, set the sampling rate of the audio source to 16000 Hz. + If that's not possible, use the native sample rate of the audio + source (instead of resampling). Note that this field is marked as + OPTIONAL for backward compatibility reasons. It is (and has always + been) effectively REQUIRED. + type: integer + format: int32 + audioChannelCount: + description: >- + Optional. Number of channels present in the audio data sent for + recognition. Note that this field is marked as OPTIONAL for backward + compatibility reasons. It is (and has always been) effectively + REQUIRED. The maximum allowed value is 8. + type: integer + format: int32 + RecognitionFeatures: + id: RecognitionFeatures + description: Available recognition features. + type: object + properties: + profanityFilter: + description: >- + If set to `true`, the server will attempt to filter out profanities, + replacing all but the initial character in each filtered word with + asterisks, for instance, "f***". If set to `false` or omitted, + profanities won't be filtered out. + type: boolean + enableWordTimeOffsets: + description: >- + If `true`, the top result includes a list of words and the start and + end time offsets (timestamps) for those words. If `false`, no + word-level time offset information is returned. The default is + `false`. + type: boolean + enableWordConfidence: + description: >- + If `true`, the top result includes a list of words and the + confidence for those words. If `false`, no word-level confidence + information is returned. The default is `false`. + type: boolean + enableAutomaticPunctuation: + description: >- + If `true`, adds punctuation to recognition result hypotheses. This + feature is only available in select languages. The default `false` + value does not add punctuation to result hypotheses. + type: boolean + enableSpokenPunctuation: + description: >- + The spoken punctuation behavior for the call. If `true`, replaces + spoken punctuation with the corresponding symbols in the request. + For example, "how are you question mark" becomes "how are you?". See + https://cloud.google.com/speech-to-text/docs/spoken-punctuation for + support. If `false`, spoken punctuation is not replaced. + type: boolean + enableSpokenEmojis: + description: >- + The spoken emoji behavior for the call. If `true`, adds spoken emoji + formatting for the request. This will replace spoken emojis with the + corresponding Unicode symbols in the final transcript. If `false`, + spoken emojis are not replaced. + type: boolean + multiChannelMode: + description: Mode for recognizing multi-channel audio. + type: string + enumDescriptions: + - >- + Default value for the multi-channel mode. If the audio contains + multiple channels, only the first channel will be transcribed; + other channels will be ignored. + - >- + If selected, each channel in the provided audio is transcribed + independently. This cannot be selected if the selected model is + `latest_short`. + enum: + - MULTI_CHANNEL_MODE_UNSPECIFIED + - SEPARATE_RECOGNITION_PER_CHANNEL + diarizationConfig: + description: >- + Configuration to enable speaker diarization. To enable diarization, + set this field to an empty SpeakerDiarizationConfig message. + $ref: '#/components/schemas/SpeakerDiarizationConfig' + maxAlternatives: + description: >- + Maximum number of recognition hypotheses to be returned. The server + may return fewer than `max_alternatives`. Valid values are `0`-`30`. + A value of `0` or `1` will return a maximum of one. If omitted, will + return a maximum of one. + type: integer + format: int32 + SpeakerDiarizationConfig: + id: SpeakerDiarizationConfig + description: Configuration to enable speaker diarization. + type: object + properties: + minSpeakerCount: + description: >- + Optional. The system automatically determines the number of + speakers. This value is not currently used. + type: integer + format: int32 + maxSpeakerCount: + description: >- + Optional. The system automatically determines the number of + speakers. This value is not currently used. + type: integer + format: int32 + SpeechAdaptation: + id: SpeechAdaptation + description: >- + Provides "hints" to the speech recognizer to favor specific words and + phrases in the results. PhraseSets can be specified as an inline + resource, or a reference to an existing PhraseSet resource. + type: object + properties: + phraseSets: + description: A list of inline or referenced PhraseSets. + type: array + items: + $ref: '#/components/schemas/AdaptationPhraseSet' + customClasses: + description: >- + A list of inline CustomClasses. Existing CustomClass resources can + be referenced directly in a PhraseSet. + type: array + items: + $ref: '#/components/schemas/CustomClass' + AdaptationPhraseSet: + id: AdaptationPhraseSet + description: >- + A biasing PhraseSet, which can be either a string referencing the name + of an existing PhraseSets resource, or an inline definition of a + PhraseSet. + type: object + properties: + phraseSet: + description: >- + The name of an existing PhraseSet resource. The user must have read + access to the resource and it must not be deleted. + type: string + inlinePhraseSet: + description: An inline defined PhraseSet. + $ref: '#/components/schemas/PhraseSet' + PhraseSet: + id: PhraseSet + description: >- + PhraseSet for biasing in speech recognition. A PhraseSet is used to + provide "hints" to the speech recognizer to favor specific words and + phrases in the results. + type: object + properties: + name: + description: >- + Output only. Identifier. The resource name of the PhraseSet. Format: + `projects/{project}/locations/{location}/phraseSets/{phrase_set}`. + readOnly: true + type: string + uid: + description: Output only. System-assigned unique identifier for the PhraseSet. + readOnly: true + type: string + phrases: + description: A list of word and phrases. + type: array + items: + $ref: '#/components/schemas/Phrase' + boost: + description: >- + Hint Boost. Positive value will increase the probability that a + specific phrase will be recognized over other similar sounding + phrases. The higher the boost, the higher the chance of false + positive recognition as well. Valid `boost` values are between 0 + (exclusive) and 20. We recommend using a binary search approach to + finding the optimal value for your use case as well as adding + phrases both with and without boost to your requests. + type: number + format: float + displayName: + description: >- + User-settable, human-readable name for the PhraseSet. Must be 63 + characters or less. + type: string + state: + description: Output only. The PhraseSet lifecycle state. + readOnly: true + type: string + enumDescriptions: + - >- + Unspecified state. This is only used/useful for distinguishing + unset values. + - The normal and active state. + - This PhraseSet has been deleted. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - DELETED + createTime: + description: Output only. Creation time. + readOnly: true + type: string + format: google-datetime + updateTime: + description: Output only. The most recent time this resource was modified. + readOnly: true + type: string + format: google-datetime + deleteTime: + description: >- + Output only. The time at which this resource was requested for + deletion. + readOnly: true + type: string + format: google-datetime + expireTime: + description: Output only. The time at which this resource will be purged. + readOnly: true + type: string + format: google-datetime + annotations: + description: >- + Allows users to store small amounts of arbitrary data. Both the key + and the value must be 63 characters or less each. At most 100 + annotations. + type: object + additionalProperties: + type: string + etag: + description: >- + Output only. This checksum is computed by the server based on the + value of other fields. This may be sent on update, undelete, and + delete requests to ensure the client has an up-to-date value before + proceeding. + readOnly: true + type: string + reconciling: + description: >- + Output only. Whether or not this PhraseSet is in the process of + being updated. + readOnly: true + type: boolean + kmsKeyName: + description: >- + Output only. The [KMS key + name](https://cloud.google.com/kms/docs/resource-hierarchy#keys) + with which the PhraseSet is encrypted. The expected format is + `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. + readOnly: true + type: string + kmsKeyVersionName: + description: >- + Output only. The [KMS key version + name](https://cloud.google.com/kms/docs/resource-hierarchy#key_versions) + with which the PhraseSet is encrypted. The expected format is + `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}`. + readOnly: true + type: string + Phrase: + id: Phrase + description: >- + A Phrase contains words and phrase "hints" so that the speech + recognition is more likely to recognize them. This can be used to + improve the accuracy for specific words and phrases, for example, if + specific commands are typically spoken by the user. This can also be + used to add additional words to the vocabulary of the recognizer. List + items can also include CustomClass references containing groups of words + that represent common concepts that occur in natural language. + type: object + properties: + value: + description: The phrase itself. + type: string + boost: + description: >- + Hint Boost. Overrides the boost set at the phrase set level. + Positive value will increase the probability that a specific phrase + will be recognized over other similar sounding phrases. The higher + the boost, the higher the chance of false positive recognition as + well. Negative boost values would correspond to anti-biasing. + Anti-biasing is not enabled, so negative boost values will return an + error. Boost values must be between 0 and 20. Any values outside + that range will return an error. We recommend using a binary search + approach to finding the optimal value for your use case as well as + adding phrases both with and without boost to your requests. + type: number + format: float + CustomClass: + id: CustomClass + description: >- + CustomClass for biasing in speech recognition. Used to define a set of + words or phrases that represents a common concept or theme likely to + appear in your audio, for example a list of passenger ship names. + type: object + properties: + name: + description: >- + Output only. Identifier. The resource name of the CustomClass. + Format: + `projects/{project}/locations/{location}/customClasses/{custom_class}`. + readOnly: true + type: string + uid: + description: Output only. System-assigned unique identifier for the CustomClass. + readOnly: true + type: string + displayName: + description: >- + Optional. User-settable, human-readable name for the CustomClass. + Must be 63 characters or less. + type: string + items: + description: A collection of class items. + type: array + items: + $ref: '#/components/schemas/ClassItem' + state: + description: Output only. The CustomClass lifecycle state. + readOnly: true + type: string + enumDescriptions: + - >- + Unspecified state. This is only used/useful for distinguishing + unset values. + - The normal and active state. + - This CustomClass has been deleted. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - DELETED + createTime: + description: Output only. Creation time. + readOnly: true + type: string + format: google-datetime + updateTime: + description: Output only. The most recent time this resource was modified. + readOnly: true + type: string + format: google-datetime + deleteTime: + description: >- + Output only. The time at which this resource was requested for + deletion. + readOnly: true + type: string + format: google-datetime + expireTime: + description: Output only. The time at which this resource will be purged. + readOnly: true + type: string + format: google-datetime + annotations: + description: >- + Optional. Allows users to store small amounts of arbitrary data. + Both the key and the value must be 63 characters or less each. At + most 100 annotations. + type: object + additionalProperties: + type: string + etag: + description: >- + Output only. This checksum is computed by the server based on the + value of other fields. This may be sent on update, undelete, and + delete requests to ensure the client has an up-to-date value before + proceeding. + readOnly: true + type: string + reconciling: + description: >- + Output only. Whether or not this CustomClass is in the process of + being updated. + readOnly: true + type: boolean + kmsKeyName: + description: >- + Output only. The [KMS key + name](https://cloud.google.com/kms/docs/resource-hierarchy#keys) + with which the CustomClass is encrypted. The expected format is + `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. + readOnly: true + type: string + kmsKeyVersionName: + description: >- + Output only. The [KMS key version + name](https://cloud.google.com/kms/docs/resource-hierarchy#key_versions) + with which the CustomClass is encrypted. The expected format is + `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}`. + readOnly: true + type: string + ClassItem: + id: ClassItem + description: An item of the class. + type: object + properties: + value: + description: The class item's value. + type: string + TranscriptNormalization: + id: TranscriptNormalization + description: >- + Transcription normalization configuration. Use transcription + normalization to automatically replace parts of the transcript with + phrases of your choosing. For StreamingRecognize, this normalization + only applies to stable partial transcripts (stability > 0.8) and final + transcripts. + type: object + properties: + entries: + description: >- + A list of replacement entries. We will perform replacement with one + entry at a time. For example, the second entry in ["cat" => "dog", + "mountain cat" => "mountain dog"] will never be applied because we + will always process the first entry before it. At most 100 entries. + type: array + items: + $ref: '#/components/schemas/Entry' + Entry: + id: Entry + description: A single replacement configuration. + type: object + properties: + search: + description: What to replace. Max length is 100 characters. + type: string + replace: + description: What to replace with. Max length is 100 characters. + type: string + caseSensitive: + description: Whether the search is case sensitive. + type: boolean + TranslationConfig: + id: TranslationConfig + description: >- + Translation configuration. Use to translate the given audio into text + for the desired language. + type: object + properties: + targetLanguage: + description: Required. The language code to translate to. + type: string + DenoiserConfig: + id: DenoiserConfig + description: >- + Denoiser config. May not be supported for all models and may have no + effect. + type: object + properties: + denoiseAudio: + description: Denoise audio before sending to the transcription model. + type: boolean + snrThreshold: + description: >- + Signal-to-Noise Ratio (SNR) threshold for the denoiser. Here SNR + means the loudness of the speech signal. Audio with an SNR below + this threshold, meaning the speech is too quiet, will be prevented + from being sent to the transcription model. If snr_threshold=0, no + filtering will be applied. + type: number + format: float + ListRecognizersResponse: + id: ListRecognizersResponse + description: Response message for the ListRecognizers method. + type: object + properties: + recognizers: + description: The list of requested Recognizers. + type: array + items: + $ref: '#/components/schemas/Recognizer' + nextPageToken: + description: >- + A token, which can be sent as page_token to retrieve the next page. + If this field is omitted, there are no subsequent pages. This token + expires after 72 hours. + type: string + UndeleteRecognizerRequest: + id: UndeleteRecognizerRequest + description: Request message for the UndeleteRecognizer method. + type: object + properties: + name: + description: >- + Required. The name of the Recognizer to undelete. Format: + `projects/{project}/locations/{location}/recognizers/{recognizer}` + type: string + validateOnly: + description: >- + If set, validate the request and preview the undeleted Recognizer, + but do not actually undelete it. + type: boolean + etag: + description: >- + This checksum is computed by the server based on the value of other + fields. This may be sent on update, undelete, and delete requests to + ensure the client has an up-to-date value before proceeding. + type: string + RecognizeRequest: + id: RecognizeRequest + description: >- + Request message for the Recognize method. Either `content` or `uri` must + be supplied. Supplying both or neither returns INVALID_ARGUMENT. See + [content + limits](https://cloud.google.com/speech-to-text/quotas#content). + type: object + properties: + config: + description: >- + Features and audio metadata to use for the Automatic Speech + Recognition. This field in combination with the config_mask field + can be used to override parts of the default_recognition_config of + the Recognizer resource. + $ref: '#/components/schemas/RecognitionConfig' + configMask: + description: >- + The list of fields in config that override the values in the + default_recognition_config of the recognizer during this recognition + request. If no mask is provided, all non-default valued fields in + config override the values in the recognizer for this recognition + request. If a mask is provided, only the fields listed in the mask + override the config in the recognizer for this recognition request. + If a wildcard (`*`) is provided, config completely overrides and + replaces the config in the recognizer for this recognition request. + type: string + format: google-fieldmask + content: + description: >- + The audio data bytes encoded as specified in RecognitionConfig. As + with all bytes fields, proto buffers use a pure binary + representation, whereas JSON representations use base64. + type: string + format: byte + uri: + description: >- + URI that points to a file that contains audio data bytes as + specified in RecognitionConfig. The file must not be compressed (for + example, gzip). Currently, only Google Cloud Storage URIs are + supported, which must be specified in the following format: + `gs://bucket_name/object_name` (other URI formats return + INVALID_ARGUMENT). For more information, see [Request + URIs](https://cloud.google.com/storage/docs/reference-uris). + type: string + RecognizeResponse: + id: RecognizeResponse + description: Response message for the Recognize method. + type: object + properties: + results: + description: >- + Sequential list of transcription results corresponding to sequential + portions of audio. + type: array + items: + $ref: '#/components/schemas/SpeechRecognitionResult' + metadata: + description: Metadata about the recognition. + $ref: '#/components/schemas/RecognitionResponseMetadata' + SpeechRecognitionResult: + id: SpeechRecognitionResult + description: A speech recognition result corresponding to a portion of the audio. + type: object + properties: + alternatives: + description: >- + May contain one or more recognition hypotheses. These alternatives + are ordered in terms of accuracy, with the top (first) alternative + being the most probable, as ranked by the recognizer. + type: array + items: + $ref: '#/components/schemas/SpeechRecognitionAlternative' + channelTag: + description: >- + For multi-channel audio, this is the channel number corresponding to + the recognized result for the audio from that channel. For + `audio_channel_count` = `N`, its output values can range from `1` to + `N`. + type: integer + format: int32 + resultEndOffset: + description: >- + Time offset of the end of this result relative to the beginning of + the audio. + type: string + format: google-duration + languageCode: + description: >- + Output only. The + [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag + of the language in this result. This language code was detected to + have the most likelihood of being spoken in the audio. + readOnly: true + type: string + SpeechRecognitionAlternative: + id: SpeechRecognitionAlternative + description: Alternative hypotheses (a.k.a. n-best list). + type: object + properties: + transcript: + description: Transcript text representing the words that the user spoke. + type: string + confidence: + description: >- + The confidence estimate between 0.0 and 1.0. A higher number + indicates an estimated greater likelihood that the recognized words + are correct. This field is set only for the top alternative of a + non-streaming result or, of a streaming result where is_final is set + to `true`. This field is not guaranteed to be accurate and users + should not rely on it to be always provided. The default of 0.0 is a + sentinel value indicating `confidence` was not set. + type: number + format: float + words: + description: >- + A list of word-specific information for each recognized word. When + the SpeakerDiarizationConfig is set, you will see all the words from + the beginning of the audio. + type: array + items: + $ref: '#/components/schemas/WordInfo' + WordInfo: + id: WordInfo + description: Word-specific information for recognized words. + type: object + properties: + startOffset: + description: >- + Time offset relative to the beginning of the audio, and + corresponding to the start of the spoken word. This field is only + set if enable_word_time_offsets is `true` and only in the top + hypothesis. This is an experimental feature and the accuracy of the + time offset can vary. + type: string + format: google-duration + endOffset: + description: >- + Time offset relative to the beginning of the audio, and + corresponding to the end of the spoken word. This field is only set + if enable_word_time_offsets is `true` and only in the top + hypothesis. This is an experimental feature and the accuracy of the + time offset can vary. + type: string + format: google-duration + word: + description: The word corresponding to this set of information. + type: string + confidence: + description: >- + The confidence estimate between 0.0 and 1.0. A higher number + indicates an estimated greater likelihood that the recognized words + are correct. This field is set only for the top alternative of a + non-streaming result or, of a streaming result where is_final is set + to `true`. This field is not guaranteed to be accurate and users + should not rely on it to be always provided. The default of 0.0 is a + sentinel value indicating `confidence` was not set. + type: number + format: float + speakerLabel: + description: >- + A distinct label is assigned for every speaker within the audio. + This field specifies which one of those speakers was detected to + have spoken this word. `speaker_label` is set if + SpeakerDiarizationConfig is given and only in the top alternative. + type: string + RecognitionResponseMetadata: + id: RecognitionResponseMetadata + description: Metadata about the recognition request and response. + type: object + properties: + requestId: + description: Global request identifier auto-generated by the API. + type: string + totalBilledDuration: + description: When available, billed audio seconds for the corresponding request. + type: string + format: google-duration + BatchRecognizeRequest: + id: BatchRecognizeRequest + description: Request message for the BatchRecognize method. + type: object + properties: + recognizer: + description: >- + Required. The name of the Recognizer to use during recognition. The + expected format is + `projects/{project}/locations/{location}/recognizers/{recognizer}`. + The {recognizer} segment may be set to `_` to use an empty implicit + Recognizer. + type: string + config: + description: >- + Features and audio metadata to use for the Automatic Speech + Recognition. This field in combination with the config_mask field + can be used to override parts of the default_recognition_config of + the Recognizer resource. + $ref: '#/components/schemas/RecognitionConfig' + configMask: + description: >- + The list of fields in config that override the values in the + default_recognition_config of the recognizer during this recognition + request. If no mask is provided, all given fields in config override + the values in the recognizer for this recognition request. If a mask + is provided, only the fields listed in the mask override the config + in the recognizer for this recognition request. If a wildcard (`*`) + is provided, config completely overrides and replaces the config in + the recognizer for this recognition request. + type: string + format: google-fieldmask + files: + description: >- + Audio files with file metadata for ASR. The maximum number of files + allowed to be specified is 15. + type: array + items: + $ref: '#/components/schemas/BatchRecognizeFileMetadata' + recognitionOutputConfig: + description: >- + Configuration options for where to output the transcripts of each + file. + $ref: '#/components/schemas/RecognitionOutputConfig' + processingStrategy: + description: Processing strategy to use for this request. + type: string + enumDescriptions: + - >- + Default value for the processing strategy. The request is + processed as soon as its received. + - >- + If selected, processes the request during lower utilization + periods for a price discount. The request is fulfilled within 24 + hours. + enum: + - PROCESSING_STRATEGY_UNSPECIFIED + - DYNAMIC_BATCHING + BatchRecognizeFileMetadata: + id: BatchRecognizeFileMetadata + description: Metadata about a single file in a batch for BatchRecognize. + type: object + properties: + uri: + description: Cloud Storage URI for the audio file. + type: string + config: + description: >- + Features and audio metadata to use for the Automatic Speech + Recognition. This field in combination with the config_mask field + can be used to override parts of the default_recognition_config of + the Recognizer resource as well as the config at the request level. + $ref: '#/components/schemas/RecognitionConfig' + configMask: + description: >- + The list of fields in config that override the values in the + default_recognition_config of the recognizer during this recognition + request. If no mask is provided, all non-default valued fields in + config override the values in the recognizer for this recognition + request. If a mask is provided, only the fields listed in the mask + override the config in the recognizer for this recognition request. + If a wildcard (`*`) is provided, config completely overrides and + replaces the config in the recognizer for this recognition request. + type: string + format: google-fieldmask + RecognitionOutputConfig: + id: RecognitionOutputConfig + description: Configuration options for the output(s) of recognition. + type: object + properties: + gcsOutputConfig: + description: >- + If this message is populated, recognition results are written to the + provided Google Cloud Storage URI. + $ref: '#/components/schemas/GcsOutputConfig' + inlineResponseConfig: + description: >- + If this message is populated, recognition results are provided in + the BatchRecognizeResponse message of the Operation when completed. + This is only supported when calling BatchRecognize with just one + audio file. + $ref: '#/components/schemas/InlineOutputConfig' + outputFormatConfig: + description: >- + Optional. Configuration for the format of the results stored to + `output`. If unspecified transcripts will be written in the `NATIVE` + format only. + $ref: '#/components/schemas/OutputFormatConfig' + GcsOutputConfig: + id: GcsOutputConfig + description: Output configurations for Cloud Storage. + type: object + properties: + uri: + description: >- + The Cloud Storage URI prefix with which recognition results will be + written. + type: string + InlineOutputConfig: + id: InlineOutputConfig + description: Output configurations for inline response. + type: object + properties: {} + OutputFormatConfig: + id: OutputFormatConfig + description: Configuration for the format of the results stored to `output`. + type: object + properties: + native: + description: >- + Configuration for the native output format. If this field is set or + if no other output format field is set, then transcripts will be + written to the sink in the native format. + $ref: '#/components/schemas/NativeOutputFileFormatConfig' + vtt: + description: >- + Configuration for the VTT output format. If this field is set, then + transcripts will be written to the sink in the VTT format. + $ref: '#/components/schemas/VttOutputFileFormatConfig' + srt: + description: >- + Configuration for the SRT output format. If this field is set, then + transcripts will be written to the sink in the SRT format. + $ref: '#/components/schemas/SrtOutputFileFormatConfig' + NativeOutputFileFormatConfig: + id: NativeOutputFileFormatConfig + description: Output configurations for serialized `BatchRecognizeResults` protos. + type: object + properties: {} + VttOutputFileFormatConfig: + id: VttOutputFileFormatConfig + description: >- + Output configurations for [WebVTT](https://www.w3.org/TR/webvtt1/) + formatted subtitle file. + type: object + properties: {} + SrtOutputFileFormatConfig: + id: SrtOutputFileFormatConfig + description: >- + Output configurations [SubRip + Text](https://www.matroska.org/technical/subtitles.html#srt-subtitles) + formatted subtitle file. + type: object + properties: {} + Config: + id: Config + description: >- + Message representing the config for the Speech-to-Text API. This + includes an optional [KMS + key](https://cloud.google.com/kms/docs/resource-hierarchy#keys) with + which incoming data will be encrypted. + type: object + properties: + name: + description: >- + Output only. Identifier. The name of the config resource. There is + exactly one config resource per project per location. The expected + format is `projects/{project}/locations/{location}/config`. + readOnly: true + type: string + kmsKeyName: + description: >- + Optional. An optional [KMS key + name](https://cloud.google.com/kms/docs/resource-hierarchy#keys) + that if present, will be used to encrypt Speech-to-Text resources + at-rest. Updating this key will not encrypt existing resources using + this key; only new resources will be encrypted using this key. The + expected format is + `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. + type: string + updateTime: + description: Output only. The most recent time this resource was modified. + readOnly: true + type: string + format: google-datetime + ListCustomClassesResponse: + id: ListCustomClassesResponse + description: Response message for the ListCustomClasses method. + type: object + properties: + customClasses: + description: The list of requested CustomClasses. + type: array + items: + $ref: '#/components/schemas/CustomClass' + nextPageToken: + description: >- + A token, which can be sent as page_token to retrieve the next page. + If this field is omitted, there are no subsequent pages. This token + expires after 72 hours. + type: string + UndeleteCustomClassRequest: + id: UndeleteCustomClassRequest + description: Request message for the UndeleteCustomClass method. + type: object + properties: + name: + description: >- + Required. The name of the CustomClass to undelete. Format: + `projects/{project}/locations/{location}/customClasses/{custom_class}` + type: string + validateOnly: + description: >- + If set, validate the request and preview the undeleted CustomClass, + but do not actually undelete it. + type: boolean + etag: + description: >- + This checksum is computed by the server based on the value of other + fields. This may be sent on update, undelete, and delete requests to + ensure the client has an up-to-date value before proceeding. + type: string + ListPhraseSetsResponse: + id: ListPhraseSetsResponse + description: Response message for the ListPhraseSets method. + type: object + properties: + phraseSets: + description: The list of requested PhraseSets. + type: array + items: + $ref: '#/components/schemas/PhraseSet' + nextPageToken: + description: >- + A token, which can be sent as page_token to retrieve the next page. + If this field is omitted, there are no subsequent pages. This token + expires after 72 hours. + type: string + UndeletePhraseSetRequest: + id: UndeletePhraseSetRequest + description: Request message for the UndeletePhraseSet method. + type: object + properties: + name: + description: >- + Required. The name of the PhraseSet to undelete. Format: + `projects/{project}/locations/{location}/phraseSets/{phrase_set}` + type: string + validateOnly: + description: >- + If set, validate the request and preview the undeleted PhraseSet, + but do not actually undelete it. + type: boolean + etag: + description: >- + This checksum is computed by the server based on the value of other + fields. This may be sent on update, undelete, and delete requests to + ensure the client has an up-to-date value before proceeding. + type: string + OperationMetadata: + id: OperationMetadata + description: Represents the metadata of a long-running operation. + type: object + properties: + createTime: + description: The time the operation was created. + type: string + format: google-datetime + updateTime: + description: The time the operation was last updated. + type: string + format: google-datetime + resource: + description: The resource path for the target of the operation. + type: string + method: + description: The method that triggered the operation. + type: string + kmsKeyName: + description: >- + The [KMS key + name](https://cloud.google.com/kms/docs/resource-hierarchy#keys) + with which the content of the Operation is encrypted. The expected + format is + `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. + type: string + kmsKeyVersionName: + description: >- + The [KMS key version + name](https://cloud.google.com/kms/docs/resource-hierarchy#key_versions) + with which content of the Operation is encrypted. The expected + format is + `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}`. + type: string + batchRecognizeRequest: + description: The BatchRecognizeRequest that spawned the Operation. + $ref: '#/components/schemas/BatchRecognizeRequest' + createRecognizerRequest: + description: The CreateRecognizerRequest that spawned the Operation. + $ref: '#/components/schemas/CreateRecognizerRequest' + updateRecognizerRequest: + description: The UpdateRecognizerRequest that spawned the Operation. + $ref: '#/components/schemas/UpdateRecognizerRequest' + deleteRecognizerRequest: + description: The DeleteRecognizerRequest that spawned the Operation. + $ref: '#/components/schemas/DeleteRecognizerRequest' + undeleteRecognizerRequest: + description: The UndeleteRecognizerRequest that spawned the Operation. + $ref: '#/components/schemas/UndeleteRecognizerRequest' + createCustomClassRequest: + description: The CreateCustomClassRequest that spawned the Operation. + $ref: '#/components/schemas/CreateCustomClassRequest' + updateCustomClassRequest: + description: The UpdateCustomClassRequest that spawned the Operation. + $ref: '#/components/schemas/UpdateCustomClassRequest' + deleteCustomClassRequest: + description: The DeleteCustomClassRequest that spawned the Operation. + $ref: '#/components/schemas/DeleteCustomClassRequest' + undeleteCustomClassRequest: + description: The UndeleteCustomClassRequest that spawned the Operation. + $ref: '#/components/schemas/UndeleteCustomClassRequest' + createPhraseSetRequest: + description: The CreatePhraseSetRequest that spawned the Operation. + $ref: '#/components/schemas/CreatePhraseSetRequest' + updatePhraseSetRequest: + description: The UpdatePhraseSetRequest that spawned the Operation. + $ref: '#/components/schemas/UpdatePhraseSetRequest' + deletePhraseSetRequest: + description: The DeletePhraseSetRequest that spawned the Operation. + $ref: '#/components/schemas/DeletePhraseSetRequest' + undeletePhraseSetRequest: + description: The UndeletePhraseSetRequest that spawned the Operation. + $ref: '#/components/schemas/UndeletePhraseSetRequest' + updateConfigRequest: + description: The UpdateConfigRequest that spawned the Operation. + deprecated: true + $ref: '#/components/schemas/UpdateConfigRequest' + progressPercent: + description: >- + The percent progress of the Operation. Values can range from 0-100. + If the value is 100, then the operation is finished. + type: integer + format: int32 + batchRecognizeMetadata: + description: Metadata specific to the BatchRecognize method. + $ref: '#/components/schemas/BatchRecognizeMetadata' + CreateRecognizerRequest: + id: CreateRecognizerRequest + description: Request message for the CreateRecognizer method. + type: object + properties: + recognizer: + description: Required. The Recognizer to create. + $ref: '#/components/schemas/Recognizer' + validateOnly: + description: >- + If set, validate the request and preview the Recognizer, but do not + actually create it. + type: boolean + recognizerId: + description: >- + The ID to use for the Recognizer, which will become the final + component of the Recognizer's resource name. This value should be + 4-63 characters, and valid characters are /a-z-/. + type: string + parent: + description: >- + Required. The project and location where this Recognizer will be + created. The expected format is + `projects/{project}/locations/{location}`. + type: string + UpdateRecognizerRequest: + id: UpdateRecognizerRequest + description: Request message for the UpdateRecognizer method. + type: object + properties: + recognizer: + description: >- + Required. The Recognizer to update. The Recognizer's `name` field is + used to identify the Recognizer to update. Format: + `projects/{project}/locations/{location}/recognizers/{recognizer}`. + $ref: '#/components/schemas/Recognizer' + updateMask: + description: >- + The list of fields to update. If empty, all non-default valued + fields are considered for update. Use `*` to update the entire + Recognizer resource. + type: string + format: google-fieldmask + validateOnly: + description: >- + If set, validate the request and preview the updated Recognizer, but + do not actually update it. + type: boolean + DeleteRecognizerRequest: + id: DeleteRecognizerRequest + description: Request message for the DeleteRecognizer method. + type: object + properties: + name: + description: >- + Required. The name of the Recognizer to delete. Format: + `projects/{project}/locations/{location}/recognizers/{recognizer}` + type: string + validateOnly: + description: >- + If set, validate the request and preview the deleted Recognizer, but + do not actually delete it. + type: boolean + allowMissing: + description: >- + If set to true, and the Recognizer is not found, the request will + succeed and be a no-op (no Operation is recorded in this case). + type: boolean + etag: + description: >- + This checksum is computed by the server based on the value of other + fields. This may be sent on update, undelete, and delete requests to + ensure the client has an up-to-date value before proceeding. + type: string + CreateCustomClassRequest: + id: CreateCustomClassRequest + description: Request message for the CreateCustomClass method. + type: object + properties: + customClass: + description: Required. The CustomClass to create. + $ref: '#/components/schemas/CustomClass' + validateOnly: + description: >- + If set, validate the request and preview the CustomClass, but do not + actually create it. + type: boolean + customClassId: + description: >- + The ID to use for the CustomClass, which will become the final + component of the CustomClass's resource name. This value should be + 4-63 characters, and valid characters are /a-z-/. + type: string + parent: + description: >- + Required. The project and location where this CustomClass will be + created. The expected format is + `projects/{project}/locations/{location}`. + type: string + UpdateCustomClassRequest: + id: UpdateCustomClassRequest + description: Request message for the UpdateCustomClass method. + type: object + properties: + customClass: + description: >- + Required. The CustomClass to update. The CustomClass's `name` field + is used to identify the CustomClass to update. Format: + `projects/{project}/locations/{location}/customClasses/{custom_class}`. + $ref: '#/components/schemas/CustomClass' + updateMask: + description: >- + The list of fields to be updated. If empty, all fields are + considered for update. + type: string + format: google-fieldmask + validateOnly: + description: >- + If set, validate the request and preview the updated CustomClass, + but do not actually update it. + type: boolean + DeleteCustomClassRequest: + id: DeleteCustomClassRequest + description: Request message for the DeleteCustomClass method. + type: object + properties: + name: + description: >- + Required. The name of the CustomClass to delete. Format: + `projects/{project}/locations/{location}/customClasses/{custom_class}` + type: string + validateOnly: + description: >- + If set, validate the request and preview the deleted CustomClass, + but do not actually delete it. + type: boolean + allowMissing: + description: >- + If set to true, and the CustomClass is not found, the request will + succeed and be a no-op (no Operation is recorded in this case). + type: boolean + etag: + description: >- + This checksum is computed by the server based on the value of other + fields. This may be sent on update, undelete, and delete requests to + ensure the client has an up-to-date value before proceeding. + type: string + CreatePhraseSetRequest: + id: CreatePhraseSetRequest + description: Request message for the CreatePhraseSet method. + type: object + properties: + phraseSet: + description: Required. The PhraseSet to create. + $ref: '#/components/schemas/PhraseSet' + validateOnly: + description: >- + If set, validate the request and preview the PhraseSet, but do not + actually create it. + type: boolean + phraseSetId: + description: >- + The ID to use for the PhraseSet, which will become the final + component of the PhraseSet's resource name. This value should be + 4-63 characters, and valid characters are /a-z-/. + type: string + parent: + description: >- + Required. The project and location where this PhraseSet will be + created. The expected format is + `projects/{project}/locations/{location}`. + type: string + UpdatePhraseSetRequest: + id: UpdatePhraseSetRequest + description: Request message for the UpdatePhraseSet method. + type: object + properties: + phraseSet: + description: >- + Required. The PhraseSet to update. The PhraseSet's `name` field is + used to identify the PhraseSet to update. Format: + `projects/{project}/locations/{location}/phraseSets/{phrase_set}`. + $ref: '#/components/schemas/PhraseSet' + updateMask: + description: >- + The list of fields to update. If empty, all non-default valued + fields are considered for update. Use `*` to update the entire + PhraseSet resource. + type: string + format: google-fieldmask + validateOnly: + description: >- + If set, validate the request and preview the updated PhraseSet, but + do not actually update it. + type: boolean + DeletePhraseSetRequest: + id: DeletePhraseSetRequest + description: Request message for the DeletePhraseSet method. + type: object + properties: + name: + description: >- + Required. The name of the PhraseSet to delete. Format: + `projects/{project}/locations/{location}/phraseSets/{phrase_set}` + type: string + validateOnly: + description: >- + If set, validate the request and preview the deleted PhraseSet, but + do not actually delete it. + type: boolean + allowMissing: + description: >- + If set to true, and the PhraseSet is not found, the request will + succeed and be a no-op (no Operation is recorded in this case). + type: boolean + etag: + description: >- + This checksum is computed by the server based on the value of other + fields. This may be sent on update, undelete, and delete requests to + ensure the client has an up-to-date value before proceeding. + type: string + UpdateConfigRequest: + id: UpdateConfigRequest + description: Request message for the UpdateConfig method. + type: object + properties: + config: + description: >- + Required. The config to update. The config's `name` field is used to + identify the config to be updated. The expected format is + `projects/{project}/locations/{location}/config`. + $ref: '#/components/schemas/Config' + updateMask: + description: The list of fields to be updated. + type: string + format: google-fieldmask + BatchRecognizeMetadata: + id: BatchRecognizeMetadata + description: Operation metadata for BatchRecognize. + type: object + properties: + transcriptionMetadata: + description: >- + Map from provided filename to the transcription metadata for that + file. + type: object + additionalProperties: + $ref: '#/components/schemas/BatchRecognizeTranscriptionMetadata' + BatchRecognizeTranscriptionMetadata: + id: BatchRecognizeTranscriptionMetadata + description: >- + Metadata about transcription for a single file (for example, progress + percent). + type: object + properties: + progressPercent: + description: How much of the file has been transcribed so far. + type: integer + format: int32 + error: + description: Error if one was encountered. + $ref: '#/components/schemas/Status' + uri: + description: The Cloud Storage URI to which recognition results will be written. + type: string + LocationsMetadata: + id: LocationsMetadata + description: >- + Main metadata for the Locations API for STT V2. Currently this is just + the metadata about locales, models, and features + type: object + properties: + languages: + description: >- + Information about available locales, models, and features + represented in the hierarchical structure of locales -> models -> + features + $ref: '#/components/schemas/LanguageMetadata' + accessMetadata: + description: Information about access metadata for the region and given project. + $ref: '#/components/schemas/AccessMetadata' + LanguageMetadata: + id: LanguageMetadata + description: >- + The metadata about locales available in a given region. Currently this + is just the models that are available for each locale + type: object + properties: + models: + description: Map of locale (language code) -> models + type: object + additionalProperties: + $ref: '#/components/schemas/ModelMetadata' + ModelMetadata: + id: ModelMetadata + description: >- + The metadata about the models in a given region for a specific locale. + Currently this is just the features of the model + type: object + properties: + modelFeatures: + description: Map of the model name -> features of that model + type: object + additionalProperties: + $ref: '#/components/schemas/ModelFeatures' + ModelFeatures: + id: ModelFeatures + description: Represents the collection of features belonging to a model + type: object + properties: + modelFeature: + description: Repeated field that contains all features of the model + type: array + items: + $ref: '#/components/schemas/ModelFeature' + ModelFeature: + id: ModelFeature + description: >- + Represents a singular feature of a model. If the feature is + `recognizer`, the release_state of the feature represents the + release_state of the model + type: object + properties: + feature: + description: 'The name of the feature (Note: the feature can be `recognizer`)' + type: string + releaseState: + description: The release state of the feature + type: string + AccessMetadata: + id: AccessMetadata + description: >- + The access metadata for a particular region. This can be applied if the + org policy for the given project disallows a particular region. + type: object + properties: + constraintType: + description: Describes the different types of constraints that are applied. + type: string + enumDescriptions: + - Unspecified constraint applied. + - The project's org policy disallows the given region. + enum: + - CONSTRAINT_TYPE_UNSPECIFIED + - RESOURCE_LOCATIONS_ORG_POLICY_CREATE_CONSTRAINT + StreamingRecognitionResult: + id: StreamingRecognitionResult + description: >- + A streaming speech recognition result corresponding to a portion of the + audio that is currently being processed. + type: object + properties: + alternatives: + description: >- + May contain one or more recognition hypotheses. These alternatives + are ordered in terms of accuracy, with the top (first) alternative + being the most probable, as ranked by the recognizer. + type: array + items: + $ref: '#/components/schemas/SpeechRecognitionAlternative' + isFinal: + description: >- + If `false`, this StreamingRecognitionResult represents an interim + result that may change. If `true`, this is the final time the speech + service will return this particular StreamingRecognitionResult, the + recognizer will not return any further hypotheses for this portion + of the transcript and corresponding audio. + type: boolean + stability: + description: >- + An estimate of the likelihood that the recognizer will not change + its guess about this interim result. Values range from 0.0 + (completely unstable) to 1.0 (completely stable). This field is only + provided for interim results (is_final=`false`). The default of 0.0 + is a sentinel value indicating `stability` was not set. + type: number + format: float + resultEndOffset: + description: >- + Time offset of the end of this result relative to the beginning of + the audio. + type: string + format: google-duration + channelTag: + description: >- + For multi-channel audio, this is the channel number corresponding to + the recognized result for the audio from that channel. For + `audio_channel_count` = `N`, its output values can range from `1` to + `N`. + type: integer + format: int32 + languageCode: + description: >- + Output only. The + [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag + of the language in this result. This language code was detected to + have the most likelihood of being spoken in the audio. + readOnly: true + type: string + BatchRecognizeResponse: + id: BatchRecognizeResponse + description: >- + Response message for BatchRecognize that is packaged into a longrunning + Operation. + type: object + properties: + results: + description: Map from filename to the final result for that file. + type: object + additionalProperties: + $ref: '#/components/schemas/BatchRecognizeFileResult' + totalBilledDuration: + description: When available, billed audio seconds for the corresponding request. + type: string + format: google-duration + BatchRecognizeFileResult: + id: BatchRecognizeFileResult + description: Final results for a single file. + type: object + properties: + error: + description: Error if one was encountered. + $ref: '#/components/schemas/Status' + metadata: + $ref: '#/components/schemas/RecognitionResponseMetadata' + cloudStorageResult: + description: >- + Recognition results written to Cloud Storage. This is populated only + when GcsOutputConfig is set in the RecognitionOutputConfig. + $ref: '#/components/schemas/CloudStorageResult' + inlineResult: + description: >- + Recognition results. This is populated only when InlineOutputConfig + is set in the RecognitionOutputConfig. + $ref: '#/components/schemas/InlineResult' + uri: + description: Deprecated. Use `cloud_storage_result.native_format_uri` instead. + deprecated: true + type: string + transcript: + description: Deprecated. Use `inline_result.transcript` instead. + deprecated: true + $ref: '#/components/schemas/BatchRecognizeResults' + CloudStorageResult: + id: CloudStorageResult + description: Final results written to Cloud Storage. + type: object + properties: + uri: + description: The Cloud Storage URI to which recognition results were written. + type: string + vttFormatUri: + description: >- + The Cloud Storage URI to which recognition results were written as + VTT formatted captions. This is populated only when `VTT` output is + requested. + type: string + srtFormatUri: + description: >- + The Cloud Storage URI to which recognition results were written as + SRT formatted captions. This is populated only when `SRT` output is + requested. + type: string + InlineResult: + id: InlineResult + description: Final results returned inline in the recognition response. + type: object + properties: + transcript: + description: The transcript for the audio file. + $ref: '#/components/schemas/BatchRecognizeResults' + vttCaptions: + description: >- + The transcript for the audio file as VTT formatted captions. This is + populated only when `VTT` output is requested. + type: string + srtCaptions: + description: >- + The transcript for the audio file as SRT formatted captions. This is + populated only when `SRT` output is requested. + type: string + BatchRecognizeResults: + id: BatchRecognizeResults + description: >- + Output type for Cloud Storage of BatchRecognize transcripts. Though this + proto isn't returned in this API anywhere, the Cloud Storage transcripts + will be this proto serialized and should be parsed as such. + type: object + properties: + results: + description: >- + Sequential list of transcription results corresponding to sequential + portions of audio. + type: array + items: + $ref: '#/components/schemas/SpeechRecognitionResult' + metadata: + description: Metadata about the recognition. + $ref: '#/components/schemas/RecognitionResponseMetadata' + parameters: + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string + alt: + description: Data format for response. + in: query + name: alt + schema: + type: string + enum: + - json + - media + - proto + callback: + description: JSONP + in: query + name: callback + schema: + type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' + x-stackQL-resources: + locations: + id: google.speechv2.locations + name: locations + title: Locations + methods: + list: + operation: + $ref: '#/paths/~1v2~1projects~1{projectsId}~1locations/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.locations + get: + operation: + $ref: '#/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + operations: + id: google.speechv2.operations + name: operations + title: Operations + methods: + list: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.operations + get: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + recognizers: + id: google.speechv2.recognizers + name: recognizers + title: Recognizers + methods: + create: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1recognizers/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1recognizers/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.recognizers + get: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1recognizers~1{recognizersId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1recognizers~1{recognizersId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1recognizers~1{recognizersId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + undelete: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1recognizers~1{recognizersId}:undelete/post + response: + mediaType: application/json + openAPIDocKey: '200' + recognize: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1recognizers~1{recognizersId}:recognize/post + response: + mediaType: application/json + openAPIDocKey: '200' + batch_recognize: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1recognizers~1{recognizersId}:batchRecognize/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/recognizers/methods/get' + - $ref: '#/components/x-stackQL-resources/recognizers/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/recognizers/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/recognizers/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/recognizers/methods/delete' + config: + id: google.speechv2.config + name: config + title: Config + methods: + get: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1config/get + response: + mediaType: application/json + openAPIDocKey: '200' + update: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1config/patch + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/config/methods/get' + insert: [] + update: + - $ref: '#/components/x-stackQL-resources/config/methods/update' + replace: [] + delete: [] + custom_classes: + id: google.speechv2.custom_classes + name: custom_classes + title: Custom_classes + methods: + create: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1customClasses/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1customClasses/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.customClasses + get: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1customClasses~1{customClassesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1customClasses~1{customClassesId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1customClasses~1{customClassesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + undelete: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1customClasses~1{customClassesId}:undelete/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/custom_classes/methods/get' + - $ref: '#/components/x-stackQL-resources/custom_classes/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/custom_classes/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/custom_classes/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/custom_classes/methods/delete' + phrase_sets: + id: google.speechv2.phrase_sets + name: phrase_sets + title: Phrase_sets + methods: + create: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1phraseSets/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1phraseSets/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.phraseSets + get: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1phraseSets~1{phraseSetsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1phraseSets~1{phraseSetsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1phraseSets~1{phraseSetsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + undelete: + operation: + $ref: >- + #/paths/~1v2~1projects~1{projectsId}~1locations~1{locationsId}~1phraseSets~1{phraseSetsId}:undelete/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/phrase_sets/methods/get' + - $ref: '#/components/x-stackQL-resources/phrase_sets/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/phrase_sets/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/phrase_sets/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/phrase_sets/methods/delete' +paths: + /v2/projects/{projectsId}/locations: + parameters: &ref_1 + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/_.xgafv' + get: + description: Lists information about the supported locations for this service. + operationId: speech.projects.locations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListLocationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: extraLocationTypes + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}: + parameters: *ref_1 + get: + description: Gets information about a location. + operationId: speech.projects.locations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Location' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: speech.projects.locations.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListOperationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: speech.projects.locations.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/recognizers: + parameters: *ref_1 + post: + description: Creates a Recognizer. + operationId: speech.projects.locations.recognizers.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Recognizer' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: recognizerId + schema: + type: string + get: + description: Lists Recognizers. + operationId: speech.projects.locations.recognizers.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListRecognizersResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: showDeleted + schema: + type: boolean + /v2/projects/{projectsId}/locations/{locationsId}/recognizers/{recognizersId}: + parameters: *ref_1 + get: + description: >- + Returns the requested Recognizer. Fails with NOT_FOUND if the requested + Recognizer doesn't exist. + operationId: speech.projects.locations.recognizers.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Recognizer' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: recognizersId + required: true + schema: + type: string + patch: + description: Updates the Recognizer. + operationId: speech.projects.locations.recognizers.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Recognizer' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: recognizersId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: validateOnly + schema: + type: boolean + delete: + description: Deletes the Recognizer. + operationId: speech.projects.locations.recognizers.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: recognizersId + required: true + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: allowMissing + schema: + type: boolean + - in: query + name: etag + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/recognizers/{recognizersId}:undelete: + parameters: *ref_1 + post: + description: Undeletes the Recognizer. + operationId: speech.projects.locations.recognizers.undelete + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UndeleteRecognizerRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: recognizersId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/recognizers/{recognizersId}:recognize: + parameters: *ref_1 + post: + description: >- + Performs synchronous Speech recognition: receive results after all audio + has been sent and processed. + operationId: speech.projects.locations.recognizers.recognize + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RecognizeRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/RecognizeResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: recognizersId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/recognizers/{recognizersId}:batchRecognize: + parameters: *ref_1 + post: + description: >- + Performs batch asynchronous speech recognition: send a request with N + audio files and receive a long running operation that can be polled to + see when the transcriptions are finished. + operationId: speech.projects.locations.recognizers.batchRecognize + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BatchRecognizeRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: recognizersId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/config: + parameters: *ref_1 + get: + description: Returns the requested Config. + operationId: speech.projects.locations.config.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Config' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + patch: + description: Updates the Config. + operationId: speech.projects.locations.config.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Config' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Config' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v2/projects/{projectsId}/locations/{locationsId}/customClasses: + parameters: *ref_1 + post: + description: Creates a CustomClass. + operationId: speech.projects.locations.customClasses.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CustomClass' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: customClassId + schema: + type: string + get: + description: Lists CustomClasses. + operationId: speech.projects.locations.customClasses.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListCustomClassesResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: showDeleted + schema: + type: boolean + /v2/projects/{projectsId}/locations/{locationsId}/customClasses/{customClassesId}: + parameters: *ref_1 + get: + description: Returns the requested CustomClass. + operationId: speech.projects.locations.customClasses.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/CustomClass' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: customClassesId + required: true + schema: + type: string + patch: + description: Updates the CustomClass. + operationId: speech.projects.locations.customClasses.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CustomClass' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: customClassesId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: validateOnly + schema: + type: boolean + delete: + description: Deletes the CustomClass. + operationId: speech.projects.locations.customClasses.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: customClassesId + required: true + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: allowMissing + schema: + type: boolean + - in: query + name: etag + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/customClasses/{customClassesId}:undelete: + parameters: *ref_1 + post: + description: Undeletes the CustomClass. + operationId: speech.projects.locations.customClasses.undelete + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UndeleteCustomClassRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: customClassesId + required: true + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/phraseSets: + parameters: *ref_1 + post: + description: Creates a PhraseSet. + operationId: speech.projects.locations.phraseSets.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PhraseSet' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: phraseSetId + schema: + type: string + get: + description: Lists PhraseSets. + operationId: speech.projects.locations.phraseSets.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListPhraseSetsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: showDeleted + schema: + type: boolean + /v2/projects/{projectsId}/locations/{locationsId}/phraseSets/{phraseSetsId}: + parameters: *ref_1 + get: + description: Returns the requested PhraseSet. + operationId: speech.projects.locations.phraseSets.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/PhraseSet' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: phraseSetsId + required: true + schema: + type: string + patch: + description: Updates the PhraseSet. + operationId: speech.projects.locations.phraseSets.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PhraseSet' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: phraseSetsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: validateOnly + schema: + type: boolean + delete: + description: Deletes the PhraseSet. + operationId: speech.projects.locations.phraseSets.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: phraseSetsId + required: true + schema: + type: string + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: allowMissing + schema: + type: boolean + - in: query + name: etag + schema: + type: string + /v2/projects/{projectsId}/locations/{locationsId}/phraseSets/{phraseSetsId}:undelete: + parameters: *ref_1 + post: + description: Undeletes the PhraseSet. + operationId: speech.projects.locations.phraseSets.undelete + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UndeletePhraseSetRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: phraseSetsId + required: true + schema: + type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/sqladmin.yaml b/providers/src/googleapis.com/v00.00.00000/services/sqladmin.yaml index aaf88088..9a6934e4 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/sqladmin.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/sqladmin.yaml @@ -7,10 +7,10 @@ info: title: Cloud SQL Admin API description: API for Cloud SQL database instance management version: v1 - x-discovery-doc-revision: '20250807' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251201' + x-generated-date: '2025-12-10' externalDocs: - url: https://developers.google.com/cloud-sql/ + url: https://cloud.google.com/sql/docs servers: - url: https://sqladmin.googleapis.com components: @@ -35,70 +35,63 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: + FailoverContext: + id: FailoverContext + type: object + properties: + kind: + type: string + description: This is always `sql#failoverContext`. + settingsVersion: + type: string + format: int64 + description: >- + The current settings version of this instance. Request will be + rejected if this version doesn't match the current settings version. + description: Database instance failover context. Operation: - id: Operation + type: object description: >- An Operation resource. For successful operations that return an Operation resource, only the fields relevant to the operation are populated in the resource. - type: object properties: - kind: - description: This is always `sql#operation`. - type: string - targetLink: - type: string - status: - description: The status of an operation. - type: string - enumDescriptions: - - The state of the operation is unknown. - - The operation has been queued, but has not started yet. - - The operation is running. - - The operation completed. - enum: - - SQL_OPERATION_STATUS_UNSPECIFIED - - PENDING - - RUNNING - - DONE - user: - description: The email address of the user who initiated this operation. - type: string - insertTime: + name: description: >- - The time this operation was enqueued in UTC timezone in [RFC - 3339](https://tools.ietf.org/html/rfc3339) format, for example - `2012-11-15T16:19:00.094Z`. + An identifier that uniquely identifies the operation. You can use + this identifier to retrieve the Operations resource that has + information about the operation. type: string - format: google-datetime + acquireSsrsLeaseContext: + $ref: '#/components/schemas/AcquireSsrsLeaseContext' + description: The context for acquire SSRS lease operation, if applicable. + selfLink: + type: string + description: The URI of this resource. startTime: + type: string description: >- The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example `2012-11-15T16:19:00.094Z`. - type: string format: google-datetime + apiWarning: + description: An Admin API warning message. + $ref: '#/components/schemas/ApiWarning' + kind: + type: string + description: This is always `sql#operation`. + backupContext: + $ref: '#/components/schemas/BackupContext' + description: The context for backup operation, if applicable. endTime: description: >- The time this operation finished in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example `2012-11-15T16:19:00.094Z`. - type: string format: google-datetime - error: - description: >- - If errors occurred during processing of this operation, this field - will be populated. - $ref: '#/components/schemas/OperationErrors' - apiWarning: - description: An Admin API warning message. - $ref: '#/components/schemas/ApiWarning' + type: string operationType: - description: >- - The type of the operation. Valid values are: * `CREATE` * `DELETE` * - `UPDATE` * `RESTART` * `IMPORT` * `EXPORT` * `BACKUP_VOLUME` * - `RESTORE_VOLUME` * `CREATE_USER` * `DELETE_USER` * `CREATE_DATABASE` - * `DELETE_DATABASE` type: string enumDescriptions: - Unknown operation type. @@ -295,3197 +288,2501 @@ components: - ENHANCED_BACKUP - REPAIR_READ_POOL - CREATE_READ_POOL - importContext: - description: The context for import operation, if applicable. - $ref: '#/components/schemas/ImportContext' + description: >- + The type of the operation. Valid values are: * `CREATE` * `DELETE` * + `UPDATE` * `RESTART` * `IMPORT` * `EXPORT` * `BACKUP_VOLUME` * + `RESTORE_VOLUME` * `CREATE_USER` * `DELETE_USER` * `CREATE_DATABASE` + * `DELETE_DATABASE` exportContext: - description: The context for export operation, if applicable. $ref: '#/components/schemas/ExportContext' - backupContext: - description: The context for backup operation, if applicable. - $ref: '#/components/schemas/BackupContext' - name: - description: >- - An identifier that uniquely identifies the operation. You can use - this identifier to retrieve the Operations resource that has - information about the operation. + description: The context for export operation, if applicable. + targetProject: + description: The project ID of the target instance related to this operation. type: string targetId: description: Name of the resource on which this operation runs. type: string - selfLink: - description: The URI of this resource. + targetLink: type: string - targetProject: - description: The project ID of the target instance related to this operation. + importContext: + description: The context for import operation, if applicable. + $ref: '#/components/schemas/ImportContext' + error: + description: >- + If errors occurred during processing of this operation, this field + will be populated. + $ref: '#/components/schemas/OperationErrors' + insertTime: + format: google-datetime type: string - acquireSsrsLeaseContext: - description: The context for acquire SSRS lease operation, if applicable. - $ref: '#/components/schemas/AcquireSsrsLeaseContext' + description: >- + The time this operation was enqueued in UTC timezone in [RFC + 3339](https://tools.ietf.org/html/rfc3339) format, for example + `2012-11-15T16:19:00.094Z`. + preCheckMajorVersionUpgradeContext: + description: >- + This field is only populated when the operation_type is + PRE_CHECK_MAJOR_VERSION_UPGRADE. The + PreCheckMajorVersionUpgradeContext message itself contains the + details for that pre-check, such as the target database version for + the upgrade and the results of the check (including any warnings or + errors found). + $ref: '#/components/schemas/PreCheckMajorVersionUpgradeContext' subOperationType: - description: Optional. The sub operation based on the operation type. $ref: '#/components/schemas/SqlSubOperationType' - OperationErrors: - id: OperationErrors - description: Database instance operation errors list wrapper. - type: object + description: Optional. The sub operation based on the operation type. + status: + description: The status of an operation. + enumDescriptions: + - The state of the operation is unknown. + - The operation has been queued, but has not started yet. + - The operation is running. + - The operation completed. + type: string + enum: + - SQL_OPERATION_STATUS_UNSPECIFIED + - PENDING + - RUNNING + - DONE + user: + type: string + description: The email address of the user who initiated this operation. + id: Operation + SslCertDetail: properties: - kind: - description: This is always `sql#operationErrors`. + certInfo: + description: The public information about the cert. + $ref: '#/components/schemas/SslCert' + certPrivateKey: + description: >- + The private key for the client cert, in pem format. Keep private in + order to protect your security. type: string - errors: - description: The list of errors encountered while processing this operation. - type: array - items: - $ref: '#/components/schemas/OperationError' - OperationError: - id: OperationError - description: Database instance operation error. + id: SslCertDetail + description: SslCertDetail. + type: object + InstancesDemoteMasterRequest: + description: Database demote primary instance request. + id: InstancesDemoteMasterRequest type: object properties: - kind: - description: This is always `sql#operationError`. - type: string - code: - description: Identifies the specific error that occurred. + demoteMasterContext: + description: Contains details about the demoteMaster operation. + $ref: '#/components/schemas/DemoteMasterContext' + RotateEntraIdCertificateContext: + properties: + nextVersion: + description: >- + Optional. The fingerprint of the next version to be rotated to. If + left unspecified, will be rotated to the most recently added server + certificate version. type: string - message: - description: Additional information about the error encountered. + kind: + description: Optional. This is always `sql#rotateEntraIdCertificateContext`. type: string - ApiWarning: - id: ApiWarning - description: An Admin API warning message. + id: RotateEntraIdCertificateContext type: object + description: Instance rotate Entra ID certificate context. + IpMapping: + description: Database instance IP mapping + id: IpMapping properties: - code: - description: Code to uniquely identify the warning type. + type: type: string + description: >- + The type of this IP address. A `PRIMARY` address is a public address + that can accept incoming connections. A `PRIVATE` address is a + private address that can accept incoming connections. An `OUTGOING` + address is the source address of connections originating from the + instance, if supported. enumDescriptions: - - An unknown or unset warning type from Cloud SQL API. - - >- - Warning when one or more regions are not reachable. The returned - result set may be incomplete. + - This is an unknown IP address type. - >- - Warning when user provided maxResults parameter exceeds the limit. - The returned result set may be incomplete. + IP address the customer is supposed to connect to. Usually this is + the load balancer's IP address - >- - Warning when user tries to create/update a user with credentials - that have previously been compromised by a public data breach. + Source IP address of the connection a read replica establishes to + its external primary instance. This IP address can be allowlisted + by the customer in case it has a firewall that filters incoming + connection to its on premises primary instance. + - Private IP used when using private IPs and network peering. - >- - Warning when the operation succeeds but some non-critical workflow - state failed. + V1 IP of a migrated instance. We want the user to decommission + this IP as soon as the migration is complete. Note: V1 instances + with V1 ip addresses will be counted as PRIMARY. enum: - - SQL_API_WARNING_CODE_UNSPECIFIED - - REGION_UNREACHABLE - - MAX_RESULTS_EXCEEDS_LIMIT - - COMPROMISED_CREDENTIALS - - INTERNAL_STATE_FAILURE - message: - description: The warning message. + - SQL_IP_ADDRESS_TYPE_UNSPECIFIED + - PRIMARY + - OUTGOING + - PRIVATE + - MIGRATED_1ST_GEN + ipAddress: type: string - region: - description: The region name for REGION_UNREACHABLE warning. + description: The IP address assigned. + timeToRetire: + description: >- + The due time for this IP to be retired in [RFC + 3339](https://tools.ietf.org/html/rfc3339) format, for example + `2012-11-15T16:19:00.094Z`. This field is only available when the IP + is scheduled to be retired. + format: google-datetime type: string - ImportContext: - id: ImportContext - description: Database instance import context. type: object + SqlServerEntraIdConfig: + id: SqlServerEntraIdConfig + type: object + description: SQL Server Entra ID configuration. properties: - uri: - description: >- - Path to the import file in Cloud Storage, in the form - `gs://bucketName/fileName`. Compressed gzip files (.gz) are - supported when `fileType` is `SQL`. The instance must have write - permissions to the bucket and read access to the file. - type: string - database: - description: >- - The target database for the import. If `fileType` is `SQL`, this - field is required only if the import file does not specify a - database, and is overridden by any database specification in the - import file. For entire instance parallel import operations, the - database is overridden by the database name stored in subdirectory - name. If `fileType` is `CSV`, one database must be specified. + applicationId: + description: Optional. The application ID for the Entra ID configuration. type: string kind: - description: This is always `sql#importContext`. type: string - fileType: - description: >- - The file type for the specified uri.\`SQL`: The file contains SQL - statements. \`CSV`: The file contains CSV data. + description: Output only. This is always sql#sqlServerEntraIdConfig + readOnly: true + tenantId: + description: Optional. The tenant ID for the Entra ID configuration. type: string - enumDescriptions: - - Unknown file type. - - File containing SQL statements. - - File in CSV format. - - '' - - TDE certificate. - enum: - - SQL_FILE_TYPE_UNSPECIFIED - - SQL - - CSV - - BAK - - TDE - csvImportOptions: - description: Options for importing data as CSV. - type: object - properties: - table: - description: The table to which CSV data is imported. - type: string - columns: - description: >- - The columns to which CSV data is imported. If not specified, all - columns of the database table are loaded with CSV data. - type: array - items: - type: string - escapeCharacter: - description: >- - Specifies the character that should appear before a data - character that needs to be escaped. - type: string - quoteCharacter: - description: >- - Specifies the quoting character to be used when a data value is - quoted. - type: string - fieldsTerminatedBy: - description: >- - Specifies the character that separates columns within each row - (line) of the file. - type: string - linesTerminatedBy: - description: >- - This is used to separate lines. If a line does not contain all - fields, the rest of the columns are set to their default values. - type: string - importUser: - description: >- - The PostgreSQL user for this import operation. PostgreSQL instances - only. + DiskEncryptionStatus: + properties: + kmsKeyVersionName: type: string - bakImportOptions: - description: Import parameters specific to SQL Server .BAK files - type: object - properties: - encryptionOptions: - type: object - properties: - certPath: - description: >- - Path to the Certificate (.cer) in Cloud Storage, in the form - `gs://bucketName/fileName`. The instance must have write - permissions to the bucket and read access to the file. - type: string - pvkPath: - description: >- - Path to the Certificate Private Key (.pvk) in Cloud Storage, - in the form `gs://bucketName/fileName`. The instance must - have write permissions to the bucket and read access to the - file. - type: string - pvkPassword: - description: Password that encrypts the private key - type: string - keepEncrypted: - description: Optional. Whether the imported file remains encrypted. - type: boolean - striped: - description: >- - Whether or not the backup set being restored is striped. Applies - only to Cloud SQL for SQL Server. - type: boolean - noRecovery: - description: >- - Whether or not the backup importing will restore database with - NORECOVERY option Applies only to Cloud SQL for SQL Server. - type: boolean - recoveryOnly: - description: >- - Whether or not the backup importing request will just bring - database online without downloading Bak content only one of - "no_recovery" and "recovery_only" can be true otherwise error - will return. Applies only to Cloud SQL for SQL Server. - type: boolean - bakType: - description: Type of the bak content, FULL or DIFF - type: string - enumDescriptions: - - Default type. - - Full backup. - - Differential backup. - - Transaction Log backup - enum: - - BAK_TYPE_UNSPECIFIED - - FULL - - DIFF - - TLOG - stopAt: - description: >- - Optional. The timestamp when the import should stop. This - timestamp is in the [RFC - 3339](https://tools.ietf.org/html/rfc3339) format (for example, - `2023-10-01T16:19:00.094`). This field is equivalent to the - STOPAT keyword and applies to Cloud SQL for SQL Server only. - type: string - format: google-datetime - stopAtMark: - description: >- - Optional. The marked transaction where the import should stop. - This field is equivalent to the STOPATMARK keyword and applies - to Cloud SQL for SQL Server only. - type: string - sqlImportOptions: - description: Optional. Options for importing data from SQL statements. - type: object - properties: - threads: - description: Optional. The number of threads to use for parallel import. - type: integer - format: int32 - parallel: - description: Optional. Whether or not the import should be parallel. - type: boolean - postgresImportOptions: - description: >- - Optional. Options for importing from a Cloud SQL for PostgreSQL - instance. - type: object - properties: - clean: - description: >- - Optional. The --clean flag for the pg_restore utility. This - flag applies only if you enabled Cloud SQL to import files - in parallel. - type: boolean - ifExists: - description: >- - Optional. The --if-exists flag for the pg_restore utility. - This flag applies only if you enabled Cloud SQL to import - files in parallel. - type: boolean - tdeImportOptions: - description: Optional. Import parameters specific to SQL Server TDE certificates - type: object - properties: - certificatePath: - description: >- - Required. Path to the TDE certificate public key in the form - gs://bucketName/fileName. The instance must have read access to - the file. Applicable only for SQL Server instances. - type: string - privateKeyPath: - description: >- - Required. Path to the TDE certificate private key in the form - gs://bucketName/fileName. The instance must have read access to - the file. Applicable only for SQL Server instances. - type: string - privateKeyPassword: - description: Required. Password that encrypts the private key. - type: string - name: - description: >- - Required. Certificate name. Applicable only for SQL Server - instances. - type: string - ExportContext: - id: ExportContext - description: Database instance export context. + description: KMS key version used to encrypt the Cloud SQL instance resource + kind: + description: This is always `sql#diskEncryptionStatus`. + type: string + description: Disk encryption status for an instance. + id: DiskEncryptionStatus type: object + PoolNodeConfig: properties: - uri: - description: >- - The path to the file in Google Cloud Storage where the export will - be stored. The URI is in the form `gs://bucketName/fileName`. If the - file already exists, the request succeeds, but the operation fails. - If `fileType` is `SQL` and the filename ends with .gz, the contents - are compressed. + gceZone: type: string - databases: + readOnly: true + description: Output only. The zone of the read pool node. + dnsNames: + items: + $ref: '#/components/schemas/DnsNameMapping' + readOnly: true + description: Output only. The list of DNS names used by this read pool node. + type: array + pscAutoConnections: + readOnly: true description: >- - Databases to be exported. `MySQL instances:` If `fileType` is `SQL` - and no database is specified, all databases are exported, except for - the `mysql` system database. If `fileType` is `CSV`, you can specify - one database, either by using this property or by using the - `csvExportOptions.selectQuery` property, which takes precedence over - this property. `PostgreSQL instances:` If you don't specify a - database by name, all user databases in the instance are exported. - This excludes system databases and Cloud SQL databases used to - manage internal operations. Exporting all user databases is only - available for directory-formatted parallel export. If `fileType` is - `CSV`, this database must match the one specified in the - `csvExportOptions.selectQuery` property. `SQL Server instances:` You - must specify one database to be exported, and the `fileType` must be - `BAK`. + Output only. The list of settings for requested automatically-setup + Private Service Connect (PSC) consumer endpoints that can be used to + connect to this read pool node. type: array items: - type: string - kind: - description: This is always `sql#exportContext`. - type: string - sqlExportOptions: - description: Options for exporting data as SQL statements. - type: object - properties: - tables: - description: >- - Tables to export, or that were exported, from the specified - database. If you specify tables, specify one and only one - database. For PostgreSQL instances, you can specify only one - table. - type: array - items: - type: string - schemaOnly: - description: Export only schemas. - type: boolean - mysqlExportOptions: - description: Options for exporting from MySQL. - type: object - properties: - masterData: - description: >- - Option to include SQL statement required to set up - replication. If set to `1`, the dump file includes a CHANGE - MASTER TO statement with the binary log coordinates, and - --set-gtid-purged is set to ON. If set to `2`, the CHANGE - MASTER TO statement is written as a SQL comment and has no - effect. If set to any value other than `1`, - --set-gtid-purged is set to OFF. - type: integer - format: int32 - threads: - description: Optional. The number of threads to use for parallel export. - type: integer - format: int32 - parallel: - description: Optional. Whether or not the export should be parallel. - type: boolean - postgresExportOptions: - description: Options for exporting from a Cloud SQL for PostgreSQL instance. - type: object - properties: - clean: - description: >- - Optional. Use this option to include DROP SQL - statements. Use these statements to delete database objects - before running the import operation. - type: boolean - ifExists: - description: >- - Optional. Option to include an IF EXISTS SQL statement with - each DROP statement produced by clean. - type: boolean - csvExportOptions: - description: >- - Options for exporting data as CSV. `MySQL` and `PostgreSQL` - instances only. - type: object - properties: - selectQuery: - description: The select query used to extract the data. - type: string - escapeCharacter: - description: >- - Specifies the character that should appear before a data - character that needs to be escaped. - type: string - quoteCharacter: - description: >- - Specifies the quoting character to be used when a data value is - quoted. - type: string - fieldsTerminatedBy: - description: >- - Specifies the character that separates columns within each row - (line) of the file. - type: string - linesTerminatedBy: - description: >- - This is used to separate lines. If a line does not contain all - fields, the rest of the columns are set to their default values. - type: string - fileType: - description: The file type for the specified uri. + $ref: '#/components/schemas/PscAutoConnectionConfig' + dnsName: type: string + description: Output only. The DNS name of the read pool node. + readOnly: true + state: + description: Output only. The current state of the read pool node. enumDescriptions: - - Unknown file type. - - File containing SQL statements. - - File in CSV format. - - '' - - TDE certificate. - enum: - - SQL_FILE_TYPE_UNSPECIFIED - - SQL - - CSV - - BAK - - TDE - offload: - description: Whether to perform a serverless export. - type: boolean - bakExportOptions: - description: Options for exporting BAK files (SQL Server-only) - type: object - properties: - striped: - description: Whether or not the export should be striped. - type: boolean - stripeCount: - description: >- - Option for specifying how many stripes to use for the export. If - blank, and the value of the striped field is true, the number of - stripes is automatically chosen. - type: integer - format: int32 - bakType: - description: >- - Type of this bak file will be export, FULL or DIFF, SQL Server - only - type: string - enumDescriptions: - - Default type. - - Full backup. - - Differential backup. - - Transaction Log backup - enum: - - BAK_TYPE_UNSPECIFIED - - FULL - - DIFF - - TLOG - copyOnly: - description: >- - Deprecated: copy_only is deprecated. Use differential_base - instead - deprecated: true - type: boolean - differentialBase: - description: >- - Whether or not the backup can be used as a differential base - copy_only backup can not be served as differential base - type: boolean - exportLogStartTime: - description: >- - Optional. The begin timestamp when transaction log will be - included in the export operation. [RFC - 3339](https://tools.ietf.org/html/rfc3339) format (for example, - `2023-10-01T16:19:00.094`) in UTC. When omitted, all available - logs from the beginning of retention period will be included. - Only applied to Cloud SQL for SQL Server. - type: string - format: google-datetime - exportLogEndTime: - description: >- - Optional. The end timestamp when transaction log will be - included in the export operation. [RFC - 3339](https://tools.ietf.org/html/rfc3339) format (for example, - `2023-10-01T16:19:00.094`) in UTC. When omitted, all available - logs until current time will be included. Only applied to Cloud - SQL for SQL Server. - type: string - format: google-datetime - tdeExportOptions: - description: Optional. Export parameters specific to SQL Server TDE certificates - type: object - properties: - certificatePath: - description: >- - Required. Path to the TDE certificate public key in the form - gs://bucketName/fileName. The instance must have write access to - the bucket. Applicable only for SQL Server instances. - type: string - privateKeyPath: - description: >- - Required. Path to the TDE certificate private key in the form - gs://bucketName/fileName. The instance must have write access to - the location. Applicable only for SQL Server instances. - type: string - privateKeyPassword: - description: Required. Password that encrypts the private key. - type: string - name: - description: >- - Required. Certificate name. Applicable only for SQL Server - instances. - type: string - BackupContext: - id: BackupContext - description: Backup context. - type: object - properties: - backupId: - description: The identifier of the backup. - type: string - format: int64 - kind: - description: This is always `sql#backupContext`. + - The state of the instance is unknown. + - The instance is running, or has been stopped by owner. + - >- + The instance is not available, for example due to problems with + billing. + - The instance is being deleted. + - The instance is being created. + - The instance is down for maintenance. + - >- + The creation of the instance failed or a fatal error occurred + during maintenance. + - Deprecated + - >- + (Applicable to read pool nodes only.) The read pool node needs to + be repaired. The database might be unavailable. + readOnly: true type: string + enumDeprecated: + - false + - false + - false + - false + - false + - false + - false + - true + - false + enum: + - SQL_INSTANCE_STATE_UNSPECIFIED + - RUNNABLE + - SUSPENDED + - PENDING_DELETE + - PENDING_CREATE + - MAINTENANCE + - FAILED + - ONLINE_MAINTENANCE + - REPAIRING + ipAddresses: + description: >- + Output only. Mappings containing IP addresses that can be used to + connect to the read pool node. + readOnly: true + items: + $ref: '#/components/schemas/IpMapping' + type: array name: - description: 'The name of the backup. Format: projects/{project}/backups/{backup}' - type: string - AcquireSsrsLeaseContext: - id: AcquireSsrsLeaseContext - description: Acquire SSRS lease context. - type: object - properties: - setupLogin: description: >- - The username to be used as the setup login to connect to the - database server for SSRS setup. + Output only. The name of the read pool node, to be used for + retrieving metrics and logs. + readOnly: true type: string - serviceLogin: + pscServiceAttachmentLink: + readOnly: true description: >- - The username to be used as the service login to connect to the - report database for SSRS setup. - type: string - reportDatabase: - description: The report database to be used for SSRS setup. - type: string - duration: - description: Lease duration needed for SSRS setup. + Output only. The Private Service Connect (PSC) service attachment of + the read pool node. type: string - format: google-duration - SqlSubOperationType: - id: SqlSubOperationType - description: The sub operation type based on the operation type. + description: Details of a single read pool node of a read pool. type: object + id: PoolNodeConfig + ListBackupsResponse: properties: - maintenanceType: - description: The type of maintenance to be performed on the instance. - type: string - enumDescriptions: - - Maintenance type is unspecified. - - >- - Indicates that a standalone instance is undergoing maintenance. - The instance can be either a primary instance or a replica. - - >- - Indicates that the primary instance and all of its replicas, - including cascading replicas, are undergoing maintenance. - Maintenance is performed on groups of replicas first, followed by - the primary instance. - - >- - Indicates that the standalone instance is undergoing maintenance, - initiated by self-service. The instance can be either a primary - instance or a replica. - - >- - Indicates that the primary instance and all of its replicas are - undergoing maintenance, initiated by self-service. Maintenance is - performed on groups of replicas first, followed by the primary - instance. - enum: - - SQL_MAINTENANCE_TYPE_UNSPECIFIED - - INSTANCE_MAINTENANCE - - REPLICA_INCLUDED_MAINTENANCE - - INSTANCE_SELF_SERVICE_MAINTENANCE - - REPLICA_INCLUDED_SELF_SERVICE_MAINTENANCE - InstancesCloneRequest: - id: InstancesCloneRequest - description: Database instance clone request. + warnings: + description: >- + If a region isn't unavailable or if an unknown error occurs, then a + warning message is returned. + items: + $ref: '#/components/schemas/ApiWarning' + type: array + backups: + description: A list of backups. + type: array + items: + $ref: '#/components/schemas/Backup' + nextPageToken: + type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, then there aren't subsequent pages. + id: ListBackupsResponse + description: The response payload containing a list of the backups. type: object + SqlInstancesAcquireSsrsLeaseResponse: properties: - cloneContext: - description: Contains details about the clone operation. - $ref: '#/components/schemas/CloneContext' - CloneContext: - id: CloneContext - description: Database instance clone context. + operationId: + type: string + description: The unique identifier for this operation. + description: Response for the acquire SSRS lease request. + id: SqlInstancesAcquireSsrsLeaseResponse + type: object + ExecuteSqlPayload: type: object properties: - kind: - description: This is always `sql#cloneContext`. + partialResultMode: + enum: + - PARTIAL_RESULT_MODE_UNSPECIFIED + - FAIL_PARTIAL_RESULT + - ALLOW_PARTIAL_RESULT + description: >- + Optional. Controls how the API should respond when the SQL execution + result is incomplete due to the size limit or another error. The + default mode is to throw an error. + enumDescriptions: + - Unspecified mode, effectively the same as `FAIL_PARTIAL_RESULT`. + - >- + Throw an error if the result exceeds 10 MB or if only a partial + result can be retrieved. Don't return the result. + - >- + Return a truncated result and set `partial_result` to true if the + result exceeds 10 MB or if only a partial result can be retrieved + due to error. Don't throw an error. type: string - pitrTimestampMs: - description: Reserved for future use. + rowLimit: type: string + description: Optional. The maximum number of rows returned per SQL statement. format: int64 - destinationInstanceName: - description: Name of the Cloud SQL instance to be created as a clone. - type: string - binLogCoordinates: - description: >- - Binary log coordinates, if specified, identify the position up to - which the source instance is cloned. If not specified, the source - instance is cloned up to the most recent binary log coordinates. - $ref: '#/components/schemas/BinLogCoordinates' - pointInTime: - description: >- - Timestamp, if specified, identifies the time to which the source - instance is cloned. - type: string - format: google-datetime - allocatedIpRange: - description: >- - The name of the allocated ip range for the private ip Cloud SQL - instance. For example: "google-managed-services-default". If set, - the cloned instance ip will be created in the allocated range. The - range name must comply with [RFC - 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name - must be 1-63 characters long and match the regular expression - [a-z]([-a-z0-9]*[a-z0-9])?. Reserved for future use. + user: type: string - databaseNames: description: >- - (SQL Server only) Clone only the specified databases from the source - instance. Clone all databases if empty. - type: array - items: - type: string - preferredZone: + Optional. The name of an existing database user to connect to the + database. When `auto_iam_authn` is set to true, this field is + ignored and the API caller's IAM user is used. + database: description: >- - Optional. Copy clone and point-in-time recovery clone of an instance - to the specified zone. If no zone is specified, clone to the same - primary zone as the source instance. This field applies to all DB - types. + Optional. Name of the database on which the statement will be + executed. type: string - preferredSecondaryZone: + sqlStatement: description: >- - Optional. Copy clone and point-in-time recovery clone of a regional - instance in the specified zones. If not specified, clone to the same - secondary zone as the source instance. This value cannot be the same - as the preferred_zone field. This field applies to all DB types. + Required. SQL statements to run on the database. It can be a single + statement or a sequence of statements separated by semicolons. type: string - sourceInstanceDeletionTime: + autoIamAuthn: + type: boolean description: >- - The timestamp used to identify the time when the source instance is - deleted. If this instance is deleted, then you must set the - timestamp. - type: string - format: google-datetime - BinLogCoordinates: - id: BinLogCoordinates - description: Binary log coordinates. + Optional. When set to true, the API caller identity associated with + the request is used for database authentication. The API caller must + be an IAM user in the database. + description: The request payload used to execute SQL statements. + id: ExecuteSqlPayload + FinalBackupConfig: + description: Config used to determine the final backup settings for the instance. + id: FinalBackupConfig type: object properties: - binLogFileName: - description: Name of the binary log file for a Cloud SQL instance. - type: string - binLogPosition: - description: Position (offset) within the binary log file. - type: string - format: int64 - kind: - description: This is always `sql#binLogCoordinates`. - type: string - InstancesDemoteMasterRequest: - id: InstancesDemoteMasterRequest - description: Database demote primary instance request. - type: object + enabled: + type: boolean + description: Whether the final backup is enabled for the instance. + retentionDays: + type: integer + description: >- + The number of days to retain the final backup after the instance + deletion. The final backup will be purged at + (time_of_instance_deletion + retention_days). + format: int32 + BackupReencryptionConfig: + id: BackupReencryptionConfig + description: Backup Reencryption Config properties: - demoteMasterContext: - description: Contains details about the demoteMaster operation. - $ref: '#/components/schemas/DemoteMasterContext' - DemoteMasterContext: - id: DemoteMasterContext - description: Database instance demote primary instance context. + backupType: + enumDescriptions: + - Unknown backup type, will be defaulted to AUTOMATIC backup type + - Reencrypt automatic backups + - Reencrypt on-demand backups + description: Type of backups users want to re-encrypt. + type: string + enum: + - BACKUP_TYPE_UNSPECIFIED + - AUTOMATED + - ON_DEMAND + backupLimit: + description: Backup re-encryption limit + type: integer + format: int32 type: object + Flag: properties: - kind: - description: This is always `sql#demoteMasterContext`. + name: + description: >- + This is the name of the flag. Flag names always use underscores, not + hyphens, for example: `max_allowed_packet` type: string - verifyGtidConsistency: + requiresRestart: description: >- - Verify the GTID consistency for demote operation. Default value: - `True`. Setting this flag to `false` enables you to bypass the GTID - consistency check between on-premises primary instance and Cloud SQL - instance during the demotion operation but also exposes you to the - risk of future replication failures. Change the value only if you - know the reason for the GTID divergence and are confident that doing - so will not cause any replication issues. + Indicates whether changing this flag will trigger a database + restart. Only applicable to Second Generation instances. type: boolean - masterInstanceName: - description: >- - The name of the instance which will act as on-premises primary - instance in the replication setup. + maxValue: type: string - replicaConfiguration: + description: For `INTEGER` flags, the maximum allowed value. + format: int64 + minValue: + type: string + format: int64 + description: For `INTEGER` flags, the minimum allowed value. + allowedIntValues: + items: + type: string + format: int64 + type: array description: >- - Configuration specific to read-replicas replicating from the - on-premises primary instance. - $ref: '#/components/schemas/DemoteMasterConfiguration' - skipReplicationSetup: - description: Flag to skip replication setup on the instance. + Use this field if only certain integers are accepted. Can be + combined with min_value and max_value to add additional values. + inBeta: type: boolean - DemoteMasterConfiguration: - id: DemoteMasterConfiguration - description: >- - Read-replica configuration for connecting to the on-premises primary - instance. - type: object - properties: + description: Whether or not the flag is considered in beta. + allowedStringValues: + description: For `STRING` flags, a list of strings that the value can be set to. + items: + type: string + type: array kind: - description: This is always `sql#demoteMasterConfiguration`. type: string - mysqlReplicaConfiguration: - description: >- - MySQL specific configuration when replicating from a MySQL - on-premises primary instance. Replication configuration information - such as the username, password, certificates, and keys are not - stored in the instance metadata. The configuration information is - used only to set up the replication connection and is stored by - MySQL in a file named `master.info` in the data directory. - $ref: '#/components/schemas/DemoteMasterMySqlReplicaConfiguration' - DemoteMasterMySqlReplicaConfiguration: - id: DemoteMasterMySqlReplicaConfiguration - description: Read-replica configuration specific to MySQL databases. - type: object - properties: - kind: - description: This is always `sql#demoteMasterMysqlReplicaConfiguration`. - type: string - username: - description: The username for the replication connection. - type: string - password: - description: The password for the replication connection. - type: string - clientKey: - description: >- - PEM representation of the replica's private key. The corresponding - public key is encoded in the client's certificate. The format of the - replica's private key can be either PKCS #1 or PKCS #8. - type: string - clientCertificate: - description: PEM representation of the replica's x509 certificate. - type: string - caCertificate: - description: PEM representation of the trusted CA's x509 certificate. - type: string - InstancesDemoteRequest: - id: InstancesDemoteRequest - description: >- - This request is used to demote an existing standalone instance to be a - Cloud SQL read replica for an external database server. - type: object - properties: - demoteContext: - description: Required. Contains details about the demote operation. - $ref: '#/components/schemas/DemoteContext' - DemoteContext: - id: DemoteContext - description: >- - This context is used to demote an existing standalone instance to be a - Cloud SQL read replica for an external database server. - type: object - properties: - kind: - description: This is always `sql#demoteContext`. - type: string - sourceRepresentativeInstanceName: - description: >- - Required. The name of the instance which acts as the on-premises - primary instance in the replication setup. - type: string - InstancesExportRequest: - id: InstancesExportRequest - description: Database instance export request. - type: object - properties: - exportContext: - description: Contains details about the export operation. - $ref: '#/components/schemas/ExportContext' - InstancesFailoverRequest: - id: InstancesFailoverRequest - description: Instance failover request. - type: object - properties: - failoverContext: - description: Failover Context. - $ref: '#/components/schemas/FailoverContext' - FailoverContext: - id: FailoverContext - description: Database instance failover context. - type: object - properties: - settingsVersion: - description: >- - The current settings version of this instance. Request will be - rejected if this version doesn't match the current settings version. - type: string - format: int64 - kind: - description: This is always `sql#failoverContext`. - type: string - InstancesReencryptRequest: - id: InstancesReencryptRequest - description: Database Instance reencrypt request. - type: object - properties: - backupReencryptionConfig: - description: Configuration specific to backup re-encryption - $ref: '#/components/schemas/BackupReencryptionConfig' - BackupReencryptionConfig: - id: BackupReencryptionConfig - description: Backup Reencryption Config - type: object - properties: - backupLimit: - description: Backup re-encryption limit - type: integer - format: int32 - backupType: - description: Type of backups users want to re-encrypt. + description: This is always `sql#flag`. + flagScope: type: string - enumDescriptions: - - Unknown backup type, will be defaulted to AUTOMATIC backup type - - Reencrypt automatic backups - - Reencrypt on-demand backups enum: - - BACKUP_TYPE_UNSPECIFIED - - AUTOMATED - - ON_DEMAND - DatabaseInstance: - id: DatabaseInstance - description: A Cloud SQL instance resource. - type: object - properties: - kind: - description: This is always `sql#instance`. - type: string - state: - description: The current serving state of the Cloud SQL instance. + - SQL_FLAG_SCOPE_UNSPECIFIED + - SQL_FLAG_SCOPE_DATABASE + - SQL_FLAG_SCOPE_CONNECTION_POOL + description: Scope of flag. + enumDescriptions: + - Assume database flags if unspecified + - database flags + - connection pool configuration flags + type: type: string enumDescriptions: - - The state of the instance is unknown. - - The instance is running, or has been stopped by owner. - - >- - The instance is not available, for example due to problems with - billing. - - The instance is being deleted. - - The instance is being created. - - The instance is down for maintenance. - - >- - The creation of the instance failed or a fatal error occurred - during maintenance. - - Deprecated + - This is an unknown flag type. + - Boolean type flag. + - String type flag. + - Integer type flag. + - Flag type used for a server startup option. - >- - (Applicable to read pool nodes only.) The read pool node needs to - be repaired. The database might be unavailable. - enumDeprecated: - - false - - false - - false - - false - - false - - false - - false - - true - - false - enum: - - SQL_INSTANCE_STATE_UNSPECIFIED - - RUNNABLE - - SUSPENDED - - PENDING_DELETE - - PENDING_CREATE - - MAINTENANCE - - FAILED - - ONLINE_MAINTENANCE - - REPAIRING - databaseVersion: + Type introduced specially for MySQL TimeZone offset. Accept a + string value with the format [-12:59, 13:00]. + - Float type flag. + - Comma-separated list of the strings in a SqlFlagType enum. description: >- - The database engine type and version. The `databaseVersion` field - cannot be changed after instance creation. + The type of the flag. Flags are typed to being `BOOLEAN`, `STRING`, + `INTEGER` or `NONE`. `NONE` is used for flags that do not take a + value, such as `skip_grant_tables`. + enum: + - SQL_FLAG_TYPE_UNSPECIFIED + - BOOLEAN + - STRING + - INTEGER + - NONE + - MYSQL_TIMEZONE_OFFSET + - FLOAT + - REPEATED_STRING + recommendedIntValue: + description: Recommended int value in integer format for UI display. + format: int64 type: string - enumDescriptions: - - This is an unknown database version. - - The database version is MySQL 5.1. - - The database version is MySQL 5.5. - - The database version is MySQL 5.6. - - The database version is MySQL 5.7. - - The database version is MySQL 8. - - >- - The database major version is MySQL 8.0 and the minor version is - 18. - - >- - The database major version is MySQL 8.0 and the minor version is - 26. - - >- - The database major version is MySQL 8.0 and the minor version is - 27. - - >- - The database major version is MySQL 8.0 and the minor version is - 28. - - >- - The database major version is MySQL 8.0 and the minor version is - 29. - - >- - The database major version is MySQL 8.0 and the minor version is - 30. - - >- - The database major version is MySQL 8.0 and the minor version is - 31. - - >- - The database major version is MySQL 8.0 and the minor version is - 32. - - >- - The database major version is MySQL 8.0 and the minor version is - 33. - - >- - The database major version is MySQL 8.0 and the minor version is - 34. - - >- - The database major version is MySQL 8.0 and the minor version is - 35. - - >- - The database major version is MySQL 8.0 and the minor version is - 36. - - >- - The database major version is MySQL 8.0 and the minor version is - 37. - - >- - The database major version is MySQL 8.0 and the minor version is - 39. - - >- - The database major version is MySQL 8.0 and the minor version is - 40. - - >- - The database major version is MySQL 8.0 and the minor version is - 41. - - >- - The database major version is MySQL 8.0 and the minor version is - 42. - - >- - The database major version is MySQL 8.0 and the minor version is - 43. - - >- - The database major version is MySQL 8.0 and the minor version is - 44. - - >- - The database major version is MySQL 8.0 and the minor version is - 45. - - >- - The database major version is MySQL 8.0 and the minor version is - 46. - - The database version is MySQL 8.4. - - The database version is SQL Server 2017 Standard. - - The database version is SQL Server 2017 Enterprise. - - The database version is SQL Server 2017 Express. - - The database version is SQL Server 2017 Web. - - The database version is PostgreSQL 9.6. - - The database version is PostgreSQL 10. - - The database version is PostgreSQL 11. - - The database version is PostgreSQL 12. - - The database version is PostgreSQL 13. - - The database version is PostgreSQL 14. - - The database version is PostgreSQL 15. - - The database version is PostgreSQL 16. - - The database version is PostgreSQL 17. - - The database version is SQL Server 2019 Standard. - - The database version is SQL Server 2019 Enterprise. - - The database version is SQL Server 2019 Express. - - The database version is SQL Server 2019 Web. - - The database version is SQL Server 2022 Standard. - - The database version is SQL Server 2022 Enterprise. - - The database version is SQL Server 2022 Express. - - The database version is SQL Server 2022 Web. - enumDeprecated: - - false - - true - - true - - false - - false - - false - - false - - false - - false - - false - - true - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - enum: - - SQL_DATABASE_VERSION_UNSPECIFIED - - MYSQL_5_1 - - MYSQL_5_5 - - MYSQL_5_6 - - MYSQL_5_7 - - MYSQL_8_0 - - MYSQL_8_0_18 - - MYSQL_8_0_26 - - MYSQL_8_0_27 - - MYSQL_8_0_28 - - MYSQL_8_0_29 - - MYSQL_8_0_30 - - MYSQL_8_0_31 - - MYSQL_8_0_32 - - MYSQL_8_0_33 - - MYSQL_8_0_34 - - MYSQL_8_0_35 - - MYSQL_8_0_36 - - MYSQL_8_0_37 - - MYSQL_8_0_39 - - MYSQL_8_0_40 - - MYSQL_8_0_41 - - MYSQL_8_0_42 - - MYSQL_8_0_43 - - MYSQL_8_0_44 - - MYSQL_8_0_45 - - MYSQL_8_0_46 - - MYSQL_8_4 - - SQLSERVER_2017_STANDARD - - SQLSERVER_2017_ENTERPRISE - - SQLSERVER_2017_EXPRESS - - SQLSERVER_2017_WEB - - POSTGRES_9_6 - - POSTGRES_10 - - POSTGRES_11 - - POSTGRES_12 - - POSTGRES_13 - - POSTGRES_14 - - POSTGRES_15 - - POSTGRES_16 - - POSTGRES_17 - - SQLSERVER_2019_STANDARD - - SQLSERVER_2019_ENTERPRISE - - SQLSERVER_2019_EXPRESS - - SQLSERVER_2019_WEB - - SQLSERVER_2022_STANDARD - - SQLSERVER_2022_ENTERPRISE - - SQLSERVER_2022_EXPRESS - - SQLSERVER_2022_WEB - settings: - description: The user settings. - $ref: '#/components/schemas/Settings' - etag: - description: >- - This field is deprecated and will be removed from a future version - of the API. Use the `settings.settingsVersion` field instead. - type: string - failoverReplica: - description: The name and status of the failover replica. - type: object - properties: - name: - description: >- - The name of the failover replica. If specified at instance - creation, a failover replica is created for the instance. The - name doesn't include the project ID. - type: string - available: - description: >- - The availability status of the failover replica. A false status - indicates that the failover replica is out of sync. The primary - instance can only failover to the failover replica when the - status is true. - type: boolean - masterInstanceName: - description: >- - The name of the instance which will act as primary in the - replication setup. - type: string - replicaNames: - description: The replicas of the instance. - type: array - items: - type: string - maxDiskSize: - description: The maximum disk size of the instance in bytes. - deprecated: true - type: string - format: int64 - currentDiskSize: - description: >- - The current disk usage of the instance in bytes. This property has - been deprecated. Use the - "cloudsql.googleapis.com/database/disk/bytes_used" metric in Cloud - Monitoring API instead. Please see [this - announcement](https://groups.google.com/d/msg/google-cloud-sql-announce/I_7-F9EBhT0/BtvFtdFeAgAJ) - for details. - deprecated: true - type: string - format: int64 - ipAddresses: - description: The assigned IP addresses for the instance. - type: array - items: - $ref: '#/components/schemas/IpMapping' - serverCaCert: - description: SSL configuration. - $ref: '#/components/schemas/SslCert' - instanceType: - description: The instance type. - type: string - enumDescriptions: - - This is an unknown Cloud SQL instance type. - - >- - A regular Cloud SQL instance that is not replicating from a - primary instance. - - >- - An instance running on the customer's premises that is not managed - by Cloud SQL. - - A Cloud SQL instance acting as a read-replica. - - A Cloud SQL read pool. - enum: - - SQL_INSTANCE_TYPE_UNSPECIFIED - - CLOUD_SQL_INSTANCE - - ON_PREMISES_INSTANCE - - READ_REPLICA_INSTANCE - - READ_POOL_INSTANCE - project: - description: >- - The project ID of the project containing the Cloud SQL instance. The - Google apps domain is prefixed if applicable. - type: string - ipv6Address: - description: >- - The IPv6 address assigned to the instance. (Deprecated) This - property was applicable only to First Generation instances. - deprecated: true - type: string - serviceAccountEmailAddress: - description: >- - The service account email address assigned to the instance.\This - property is read-only. - type: string - onPremisesConfiguration: - description: Configuration specific to on-premises instances. - $ref: '#/components/schemas/OnPremisesConfiguration' - replicaConfiguration: - description: Configuration specific to failover replicas and read replicas. - $ref: '#/components/schemas/ReplicaConfiguration' - backendType: - description: >- - The backend type. `SECOND_GEN`: Cloud SQL database instance. - `EXTERNAL`: A database server that is not managed by Google. This - property is read-only; use the `tier` property in the `settings` - object to determine the database type. - type: string - enumDescriptions: - - This is an unknown backend type for instance. - - V1 speckle instance. - - V2 speckle instance. - - On premises instance. - enumDeprecated: - - false - - true - - false - - false - enum: - - SQL_BACKEND_TYPE_UNSPECIFIED - - FIRST_GEN - - SECOND_GEN - - EXTERNAL - selfLink: - description: The URI of this resource. + recommendedStringValue: + description: Recommended string value in string format for UI display. type: string - suspensionReason: - description: If the instance state is SUSPENDED, the reason for the suspension. + appliesTo: type: array items: type: string enumDescriptions: - - This is an unknown suspension reason. - - >- - The instance is suspended due to billing issues (for example:, - GCP account issue) + - This is an unknown database version. + - The database version is MySQL 5.1. + - The database version is MySQL 5.5. + - The database version is MySQL 5.6. + - The database version is MySQL 5.7. + - The database version is MySQL 8. - >- - The instance is suspended due to illegal content (for example:, - child pornography, copyrighted material, etc.). + The database major version is MySQL 8.0 and the minor version is + 18. - >- - The instance is causing operational issues (for example:, - causing the database to crash). + The database major version is MySQL 8.0 and the minor version is + 26. - >- - The KMS key used by the instance is either revoked or denied - access to + The database major version is MySQL 8.0 and the minor version is + 27. + - >- + The database major version is MySQL 8.0 and the minor version is + 28. + - >- + The database major version is MySQL 8.0 and the minor version is + 29. + - >- + The database major version is MySQL 8.0 and the minor version is + 30. + - >- + The database major version is MySQL 8.0 and the minor version is + 31. + - >- + The database major version is MySQL 8.0 and the minor version is + 32. + - >- + The database major version is MySQL 8.0 and the minor version is + 33. + - >- + The database major version is MySQL 8.0 and the minor version is + 34. + - >- + The database major version is MySQL 8.0 and the minor version is + 35. + - >- + The database major version is MySQL 8.0 and the minor version is + 36. + - >- + The database major version is MySQL 8.0 and the minor version is + 37. + - >- + The database major version is MySQL 8.0 and the minor version is + 39. + - >- + The database major version is MySQL 8.0 and the minor version is + 40. + - >- + The database major version is MySQL 8.0 and the minor version is + 41. + - >- + The database major version is MySQL 8.0 and the minor version is + 42. + - >- + The database major version is MySQL 8.0 and the minor version is + 43. + - >- + The database major version is MySQL 8.0 and the minor version is + 44. + - >- + The database major version is MySQL 8.0 and the minor version is + 45. + - >- + The database major version is MySQL 8.0 and the minor version is + 46. + - The database version is MySQL 8.4. + - The database version is SQL Server 2017 Standard. + - The database version is SQL Server 2017 Enterprise. + - The database version is SQL Server 2017 Express. + - The database version is SQL Server 2017 Web. + - The database version is PostgreSQL 9.6. + - The database version is PostgreSQL 10. + - The database version is PostgreSQL 11. + - The database version is PostgreSQL 12. + - The database version is PostgreSQL 13. + - The database version is PostgreSQL 14. + - The database version is PostgreSQL 15. + - The database version is PostgreSQL 16. + - The database version is PostgreSQL 17. + - The database version is PostgreSQL 18. + - The database version is SQL Server 2019 Standard. + - The database version is SQL Server 2019 Enterprise. + - The database version is SQL Server 2019 Express. + - The database version is SQL Server 2019 Web. + - The database version is SQL Server 2022 Standard. + - The database version is SQL Server 2022 Enterprise. + - The database version is SQL Server 2022 Express. + - The database version is SQL Server 2022 Web. + enumDeprecated: + - false + - true + - true + - false + - false + - false + - false + - false + - false + - false + - true + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false enum: - - SQL_SUSPENSION_REASON_UNSPECIFIED - - BILLING_ISSUE - - LEGAL_ISSUE - - OPERATIONAL_ISSUE - - KMS_KEY_ISSUE - connectionName: + - SQL_DATABASE_VERSION_UNSPECIFIED + - MYSQL_5_1 + - MYSQL_5_5 + - MYSQL_5_6 + - MYSQL_5_7 + - MYSQL_8_0 + - MYSQL_8_0_18 + - MYSQL_8_0_26 + - MYSQL_8_0_27 + - MYSQL_8_0_28 + - MYSQL_8_0_29 + - MYSQL_8_0_30 + - MYSQL_8_0_31 + - MYSQL_8_0_32 + - MYSQL_8_0_33 + - MYSQL_8_0_34 + - MYSQL_8_0_35 + - MYSQL_8_0_36 + - MYSQL_8_0_37 + - MYSQL_8_0_39 + - MYSQL_8_0_40 + - MYSQL_8_0_41 + - MYSQL_8_0_42 + - MYSQL_8_0_43 + - MYSQL_8_0_44 + - MYSQL_8_0_45 + - MYSQL_8_0_46 + - MYSQL_8_4 + - SQLSERVER_2017_STANDARD + - SQLSERVER_2017_ENTERPRISE + - SQLSERVER_2017_EXPRESS + - SQLSERVER_2017_WEB + - POSTGRES_9_6 + - POSTGRES_10 + - POSTGRES_11 + - POSTGRES_12 + - POSTGRES_13 + - POSTGRES_14 + - POSTGRES_15 + - POSTGRES_16 + - POSTGRES_17 + - POSTGRES_18 + - SQLSERVER_2019_STANDARD + - SQLSERVER_2019_ENTERPRISE + - SQLSERVER_2019_EXPRESS + - SQLSERVER_2019_WEB + - SQLSERVER_2022_STANDARD + - SQLSERVER_2022_ENTERPRISE + - SQLSERVER_2022_EXPRESS + - SQLSERVER_2022_WEB description: >- - Connection name of the Cloud SQL instance used in connection - strings. - type: string - name: + The database version this flag applies to. Can be MySQL instances: + `MYSQL_8_0`, `MYSQL_8_0_18`, `MYSQL_8_0_26`, `MYSQL_5_7`, or + `MYSQL_5_6`. PostgreSQL instances: `POSTGRES_9_6`, `POSTGRES_10`, + `POSTGRES_11` or `POSTGRES_12`. SQL Server instances: + `SQLSERVER_2017_STANDARD`, `SQLSERVER_2017_ENTERPRISE`, + `SQLSERVER_2017_EXPRESS`, `SQLSERVER_2017_WEB`, + `SQLSERVER_2019_STANDARD`, `SQLSERVER_2019_ENTERPRISE`, + `SQLSERVER_2019_EXPRESS`, or `SQLSERVER_2019_WEB`. See [the complete + list](/sql/docs/mysql/admin-api/rest/v1/SqlDatabaseVersion). + type: object + id: Flag + description: A flag resource. + DenyMaintenancePeriod: + properties: + time: description: >- - Name of the Cloud SQL instance. This does not include the project - ID. + Time in UTC when the "deny maintenance period" starts on start_date + and ends on end_date. The time is in format: HH:mm:SS, i.e., + 00:00:00 type: string - region: - description: >- - The geographical region of the Cloud SQL instance. It can be one of - the - [regions](https://cloud.google.com/sql/docs/mysql/locations#location-r) - where Cloud SQL operates: For example, `asia-east1`, `europe-west1`, - and `us-central1`. The default value is `us-central1`. + endDate: type: string - gceZone: description: >- - The Compute Engine zone that the instance is currently serving from. - This value could be different from the zone that was specified when - the instance was created if the instance has failed over to its - secondary zone. WARNING: Changing this might restart the instance. - type: string - secondaryGceZone: + "deny maintenance period" end date. If the year of the end date is + empty, the year of the start date also must be empty. In this case, + it means the no maintenance interval recurs every year. The date is + in format yyyy-mm-dd i.e., 2020-11-01, or mm-dd, i.e., 11-01 + startDate: description: >- - The Compute Engine zone that the failover instance is currently - serving from for a regional instance. This value could be different - from the zone that was specified when the instance was created if - the instance has failed over to its secondary/failover zone. + "deny maintenance period" start date. If the year of the start date + is empty, the year of the end date also must be empty. In this case, + it means the deny maintenance period recurs every year. The date is + in format yyyy-mm-dd i.e., 2020-11-01, or mm-dd, i.e., 11-01 type: string - diskEncryptionConfiguration: - description: Disk encryption configuration specific to an instance. - $ref: '#/components/schemas/DiskEncryptionConfiguration' - diskEncryptionStatus: - description: Disk encryption status specific to an instance. - $ref: '#/components/schemas/DiskEncryptionStatus' - rootPassword: - description: >- - Initial root password. Use only on creation. You must set root - passwords before you can connect to PostgreSQL instances. - type: string - scheduledMaintenance: - description: >- - The start time of any upcoming scheduled maintenance for this - instance. - $ref: '#/components/schemas/SqlScheduledMaintenance' - satisfiesPzs: + type: object + id: DenyMaintenancePeriod + description: >- + Deny maintenance Periods. This specifies a date range during when all + CSA rollout will be denied. + SqlActiveDirectoryConfig: + properties: + dnsServers: + items: + type: string + type: array description: >- - This status indicates whether the instance satisfies PZS. The status - is reserved for future use. - type: boolean - databaseInstalledVersion: + Optional. Domain controller IPv4 addresses used to bootstrap Active + Directory. + organizationalUnit: description: >- - Output only. Stores the current database version running on the - instance including minor version such as `MYSQL_8_0_18`. - readOnly: true + Optional. The organizational unit distinguished name. This is the + full hierarchical path to the organizational unit. type: string - outOfDiskReport: - description: >- - This field represents the report generated by the proactive database - wellness job for OutOfDisk issues. * Writers: * the proactive - database wellness job for OOD. * Readers: * the proactive database - wellness job - $ref: '#/components/schemas/SqlOutOfDiskReport' - createTime: - description: >- - Output only. The time when the instance was created in [RFC - 3339](https://tools.ietf.org/html/rfc3339) format, for example - `2012-11-15T16:19:00.094Z`. - readOnly: true + kind: type: string - format: google-datetime - availableMaintenanceVersions: + description: This is always sql#activeDirectoryConfig. + adminCredentialSecretName: description: >- - Output only. List all maintenance versions applicable on the - instance - readOnly: true - type: array - items: - type: string - maintenanceVersion: - description: The current software version on the instance. + Optional. The secret manager key storing the administrator + credential. (e.g., projects/{project}/secrets/{secret}). type: string - upgradableDatabaseVersions: - description: Output only. All database versions that are available for upgrade. - readOnly: true - type: array - items: - $ref: '#/components/schemas/AvailableDatabaseVersion' - sqlNetworkArchitecture: + domain: + description: The name of the domain (e.g., mydomain.com). type: string - enumDescriptions: - - '' - - The instance uses the new network architecture. - - The instance uses the old network architecture. + mode: + enumDeprecated: + - false + - false + - true + - false enum: - - SQL_NETWORK_ARCHITECTURE_UNSPECIFIED - - NEW_NETWORK_ARCHITECTURE - - OLD_NETWORK_ARCHITECTURE - pscServiceAttachmentLink: - description: Output only. The link to service attachment of PSC instance. - readOnly: true - type: string - dnsName: - description: Output only. The dns name of the instance. - readOnly: true - type: string - primaryDnsName: - description: 'Output only. DEPRECATED: please use write_endpoint instead.' - readOnly: true - deprecated: true + - ACTIVE_DIRECTORY_MODE_UNSPECIFIED + - MANAGED_ACTIVE_DIRECTORY + - SELF_MANAGED_ACTIVE_DIRECTORY + - CUSTOMER_MANAGED_ACTIVE_DIRECTORY type: string - writeEndpoint: - description: >- - Output only. The dns name of the primary instance in a replication - group. - readOnly: true + description: Optional. The mode of the Active Directory configuration. + enumDescriptions: + - >- + Unspecified mode. Will default to MANAGED_ACTIVE_DIRECTORY if the + mode is not specified to maintain backward compatibility. + - Managed Active Directory mode. + - 'Deprecated: Use CUSTOMER_MANAGED_ACTIVE_DIRECTORY instead.' + - Customer-managed Active Directory mode. + description: >- + Active Directory configuration, relevant only for Cloud SQL for SQL + Server. + type: object + id: SqlActiveDirectoryConfig + TiersListResponse: + description: Tiers list response. + properties: + kind: type: string - replicationCluster: - description: >- - Optional. A primary instance and disaster recovery (DR) replica - pair. A DR replica is a cross-region replica that you designate for - failover in the event that the primary instance experiences regional - failure. Applicable to MySQL and PostgreSQL. - $ref: '#/components/schemas/ReplicationCluster' - geminiConfig: - description: Gemini instance configuration. - $ref: '#/components/schemas/GeminiInstanceConfig' - satisfiesPzi: - description: >- - Output only. This status indicates whether the instance satisfies - PZI. The status is reserved for future use. - readOnly: true - type: boolean - switchTransactionLogsToCloudStorageEnabled: - description: >- - Input only. Whether Cloud SQL is enabled to switch storing - point-in-time recovery log files from a data disk to Cloud Storage. - type: boolean - includeReplicasForMajorVersionUpgrade: - description: >- - Input only. Determines whether an in-place major version upgrade of - replicas happens when an in-place major version upgrade of a primary - instance is initiated. - type: boolean - tags: - description: >- - Optional. Input only. Immutable. Tag keys and tag values that are - bound to this instance. You must represent each item in the map as: - `"" : ""`. For example, a single resource can have the following - tags: ``` "123/environment": "production", "123/costCenter": - "marketing", ``` For more information on tag creation and - management, see - https://cloud.google.com/resource-manager/docs/tags/tags-overview. - type: object - additionalProperties: - type: string - nodeCount: - description: The number of read pool nodes in a read pool. - type: integer - format: int32 - nodes: - description: >- - Output only. Entries containing information about each read pool - node of the read pool. - readOnly: true - type: array - items: - $ref: '#/components/schemas/PoolNodeConfig' - dnsNames: - description: Output only. The list of DNS names used by this instance. - readOnly: true + description: This is always `sql#tiersList`. + items: type: array items: - $ref: '#/components/schemas/DnsNameMapping' - Settings: - id: Settings - description: Database instance settings. + $ref: '#/components/schemas/Tier' + description: List of tiers. + id: TiersListResponse type: object + InstancesRotateServerCertificateRequest: + id: InstancesRotateServerCertificateRequest + description: Rotate server certificate request. properties: - settingsVersion: - description: >- - The version of instance settings. This is a required field for - update method to make sure concurrent updates are handled properly. - During update, use the most recent settingsVersion value for this - instance and do not try to update this value. - type: string - format: int64 - authorizedGaeApplications: + rotateServerCertificateContext: description: >- - The App Engine app IDs that can access this instance. (Deprecated) - Applied to First Generation instances only. - deprecated: true - type: array + Optional. Contains details about the rotate server certificate + operation. + $ref: '#/components/schemas/RotateServerCertificateContext' + type: object + PreCheckMajorVersionUpgradeContext: + properties: + preCheckResponse: + readOnly: true items: - type: string - tier: - description: >- - The tier (or machine type) for this instance, for example - `db-custom-1-3840`. WARNING: Changing this restarts the instance. - type: string + $ref: '#/components/schemas/PreCheckResponse' + description: Output only. The responses from the precheck operation. + type: array kind: - description: This is always `sql#settings`. - type: string - userLabels: - description: >- - User-provided labels, represented as a dictionary where each label - is a single key value pair. - type: object - additionalProperties: - type: string - availabilityType: - description: >- - Availability type. Potential values: * `ZONAL`: The instance serves - data from only one zone. Outages in that zone affect data - accessibility. * `REGIONAL`: The instance can serve data from more - than one zone in a region (it is highly available)./ For more - information, see [Overview of the High Availability - Configuration](https://cloud.google.com/sql/docs/mysql/high-availability). + description: Optional. This is always `sql#preCheckMajorVersionUpgradeContext`. type: string - enumDescriptions: - - This is an unknown Availability type. - - Zonal available instance. - - Regional available instance. - enum: - - SQL_AVAILABILITY_TYPE_UNSPECIFIED - - ZONAL - - REGIONAL - pricingPlan: - description: >- - The pricing plan for this instance. This can be either `PER_USE` or - `PACKAGE`. Only `PER_USE` is supported for Second Generation - instances. + targetDatabaseVersion: type: string - enumDescriptions: - - This is an unknown pricing plan for this instance. - - The instance is billed at a monthly flat rate. - - The instance is billed per usage. + description: Required. The target database version to upgrade to. enum: - - SQL_PRICING_PLAN_UNSPECIFIED - - PACKAGE - - PER_USE - replicationType: - description: >- - The type of replication this instance uses. This can be either - `ASYNCHRONOUS` or `SYNCHRONOUS`. (Deprecated) This property was only - applicable to First Generation instances. - deprecated: true - type: string - enumDescriptions: - - This is an unknown replication type for a Cloud SQL instance. - - >- - The synchronous replication mode for First Generation instances. - It is the default value. - - >- - The asynchronous replication mode for First Generation instances. - It provides a slight performance gain, but if an outage occurs - while this option is set to asynchronous, you can lose up to a few - seconds of updates to your data. - enum: - - SQL_REPLICATION_TYPE_UNSPECIFIED - - SYNCHRONOUS - - ASYNCHRONOUS - storageAutoResizeLimit: - description: >- - The maximum size to which storage capacity can be automatically - increased. The default value is 0, which specifies that there is no - limit. - type: string - format: int64 - activationPolicy: - description: >- - The activation policy specifies when the instance is activated; it - is applicable only when the instance state is RUNNABLE. Valid - values: * `ALWAYS`: The instance is on, and remains so even in the - absence of connection requests. * `NEVER`: The instance is off; it - is not activated, even if a connection request arrives. - type: string - enumDescriptions: - - Unknown activation plan. - - The instance is always up and running. - - The instance never starts. - - The instance starts upon receiving requests. + - SQL_DATABASE_VERSION_UNSPECIFIED + - MYSQL_5_1 + - MYSQL_5_5 + - MYSQL_5_6 + - MYSQL_5_7 + - MYSQL_8_0 + - MYSQL_8_0_18 + - MYSQL_8_0_26 + - MYSQL_8_0_27 + - MYSQL_8_0_28 + - MYSQL_8_0_29 + - MYSQL_8_0_30 + - MYSQL_8_0_31 + - MYSQL_8_0_32 + - MYSQL_8_0_33 + - MYSQL_8_0_34 + - MYSQL_8_0_35 + - MYSQL_8_0_36 + - MYSQL_8_0_37 + - MYSQL_8_0_39 + - MYSQL_8_0_40 + - MYSQL_8_0_41 + - MYSQL_8_0_42 + - MYSQL_8_0_43 + - MYSQL_8_0_44 + - MYSQL_8_0_45 + - MYSQL_8_0_46 + - MYSQL_8_4 + - SQLSERVER_2017_STANDARD + - SQLSERVER_2017_ENTERPRISE + - SQLSERVER_2017_EXPRESS + - SQLSERVER_2017_WEB + - POSTGRES_9_6 + - POSTGRES_10 + - POSTGRES_11 + - POSTGRES_12 + - POSTGRES_13 + - POSTGRES_14 + - POSTGRES_15 + - POSTGRES_16 + - POSTGRES_17 + - POSTGRES_18 + - SQLSERVER_2019_STANDARD + - SQLSERVER_2019_ENTERPRISE + - SQLSERVER_2019_EXPRESS + - SQLSERVER_2019_WEB + - SQLSERVER_2022_STANDARD + - SQLSERVER_2022_ENTERPRISE + - SQLSERVER_2022_EXPRESS + - SQLSERVER_2022_WEB enumDeprecated: + - false + - true + - true + - false - false - false - false - - true - enum: - - SQL_ACTIVATION_POLICY_UNSPECIFIED - - ALWAYS - - NEVER - - ON_DEMAND - ipConfiguration: - description: >- - The settings for IP Management. This allows to enable or disable the - instance IP and manage which external networks can connect to the - instance. The IPv4 address cannot be disabled for Second Generation - instances. - $ref: '#/components/schemas/IpConfiguration' - storageAutoResize: - description: >- - Configuration to increase storage size automatically. The default - value is true. - type: boolean - locationPreference: - description: >- - The location preference settings. This allows the instance to be - located as near as possible to either an App Engine app or Compute - Engine zone for better performance. App Engine co-location was only - applicable to First Generation instances. - $ref: '#/components/schemas/LocationPreference' - databaseFlags: - description: The database flags passed to the instance at startup. - type: array - items: - $ref: '#/components/schemas/DatabaseFlags' - dataDiskType: - description: >- - The type of data disk: `PD_SSD` (default) or `PD_HDD`. Not used for - First Generation instances. - type: string - enumDescriptions: - - This is an unknown data disk type. - - An SSD data disk. - - An HDD data disk. - - >- - This field is deprecated and will be removed from a future version - of the API. - - A Hyperdisk Balanced data disk. - enumDeprecated: - false - false - false - true - false - enum: - - SQL_DATA_DISK_TYPE_UNSPECIFIED - - PD_SSD - - PD_HDD - - OBSOLETE_LOCAL_SSD - - HYPERDISK_BALANCED - maintenanceWindow: - description: >- - The maintenance window for this instance. This specifies when the - instance can be restarted for maintenance purposes. - $ref: '#/components/schemas/MaintenanceWindow' - backupConfiguration: - description: The daily backup configuration for the instance. - $ref: '#/components/schemas/BackupConfiguration' - databaseReplicationEnabled: - description: >- - Configuration specific to read replica instances. Indicates whether - replication is enabled or not. WARNING: Changing this restarts the - instance. - type: boolean - crashSafeReplicationEnabled: - description: >- - Configuration specific to read replica instances. Indicates whether - database flags for crash-safe replication are enabled. This property - was only applicable to First Generation instances. - deprecated: true - type: boolean - dataDiskSizeGb: - description: The size of data disk, in GB. The data disk size minimum is 10GB. - type: string - format: int64 - activeDirectoryConfig: - description: >- - Active Directory configuration, relevant only for Cloud SQL for SQL - Server. - $ref: '#/components/schemas/SqlActiveDirectoryConfig' - collation: - description: The name of server Instance collation. - type: string - denyMaintenancePeriods: - description: Deny maintenance periods - type: array - items: - $ref: '#/components/schemas/DenyMaintenancePeriod' - insightsConfig: - description: Insights configuration, for now relevant only for Postgres. - $ref: '#/components/schemas/InsightsConfig' - passwordValidationPolicy: - description: The local user password validation policy of the instance. - $ref: '#/components/schemas/PasswordValidationPolicy' - sqlServerAuditConfig: - description: SQL Server specific audit configuration. - $ref: '#/components/schemas/SqlServerAuditConfig' - edition: - description: Optional. The edition of the instance. - type: string - enumDescriptions: - - The instance did not specify the edition. - - The instance is an enterprise edition. - - The instance is an Enterprise Plus edition. - enum: - - EDITION_UNSPECIFIED - - ENTERPRISE - - ENTERPRISE_PLUS - connectorEnforcement: - description: >- - Specifies if connections must use Cloud SQL connectors. Option - values include the following: `NOT_REQUIRED` (Cloud SQL instances - can be connected without Cloud SQL Connectors) and `REQUIRED` (Only - allow connections that use Cloud SQL Connectors). Note that using - REQUIRED disables all existing authorized networks. If this field is - not specified when creating a new instance, NOT_REQUIRED is used. If - this field is not specified when patching or updating an existing - instance, it is left unchanged in the instance. - type: string + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false enumDescriptions: - - The requirement for Cloud SQL connectors is unknown. - - Do not require Cloud SQL connectors. + - This is an unknown database version. + - The database version is MySQL 5.1. + - The database version is MySQL 5.5. + - The database version is MySQL 5.6. + - The database version is MySQL 5.7. + - The database version is MySQL 8. - >- - Require all connections to use Cloud SQL connectors, including the - Cloud SQL Auth Proxy and Cloud SQL Java, Python, and Go - connectors. Note: This disables all existing authorized networks. - enum: - - CONNECTOR_ENFORCEMENT_UNSPECIFIED - - NOT_REQUIRED - - REQUIRED - deletionProtectionEnabled: - description: Configuration to protect against accidental instance deletion. - type: boolean - timeZone: - description: Server timezone, relevant only for Cloud SQL for SQL Server. + The database major version is MySQL 8.0 and the minor version is + 18. + - >- + The database major version is MySQL 8.0 and the minor version is + 26. + - >- + The database major version is MySQL 8.0 and the minor version is + 27. + - >- + The database major version is MySQL 8.0 and the minor version is + 28. + - >- + The database major version is MySQL 8.0 and the minor version is + 29. + - >- + The database major version is MySQL 8.0 and the minor version is + 30. + - >- + The database major version is MySQL 8.0 and the minor version is + 31. + - >- + The database major version is MySQL 8.0 and the minor version is + 32. + - >- + The database major version is MySQL 8.0 and the minor version is + 33. + - >- + The database major version is MySQL 8.0 and the minor version is + 34. + - >- + The database major version is MySQL 8.0 and the minor version is + 35. + - >- + The database major version is MySQL 8.0 and the minor version is + 36. + - >- + The database major version is MySQL 8.0 and the minor version is + 37. + - >- + The database major version is MySQL 8.0 and the minor version is + 39. + - >- + The database major version is MySQL 8.0 and the minor version is + 40. + - >- + The database major version is MySQL 8.0 and the minor version is + 41. + - >- + The database major version is MySQL 8.0 and the minor version is + 42. + - >- + The database major version is MySQL 8.0 and the minor version is + 43. + - >- + The database major version is MySQL 8.0 and the minor version is + 44. + - >- + The database major version is MySQL 8.0 and the minor version is + 45. + - >- + The database major version is MySQL 8.0 and the minor version is + 46. + - The database version is MySQL 8.4. + - The database version is SQL Server 2017 Standard. + - The database version is SQL Server 2017 Enterprise. + - The database version is SQL Server 2017 Express. + - The database version is SQL Server 2017 Web. + - The database version is PostgreSQL 9.6. + - The database version is PostgreSQL 10. + - The database version is PostgreSQL 11. + - The database version is PostgreSQL 12. + - The database version is PostgreSQL 13. + - The database version is PostgreSQL 14. + - The database version is PostgreSQL 15. + - The database version is PostgreSQL 16. + - The database version is PostgreSQL 17. + - The database version is PostgreSQL 18. + - The database version is SQL Server 2019 Standard. + - The database version is SQL Server 2019 Enterprise. + - The database version is SQL Server 2019 Express. + - The database version is SQL Server 2019 Web. + - The database version is SQL Server 2022 Standard. + - The database version is SQL Server 2022 Enterprise. + - The database version is SQL Server 2022 Express. + - The database version is SQL Server 2022 Web. + type: object + id: PreCheckMajorVersionUpgradeContext + description: Pre-check major version upgrade context. + DiskEncryptionConfiguration: + id: DiskEncryptionConfiguration + properties: + kmsKeyName: + description: Resource name of KMS key for disk encryption type: string - advancedMachineFeatures: - description: >- - Specifies advanced machine configuration for the instances relevant - only for SQL Server. - $ref: '#/components/schemas/AdvancedMachineFeatures' - dataCacheConfig: - description: Configuration for data cache. - $ref: '#/components/schemas/DataCacheConfig' - replicationLagMaxSeconds: - description: >- - Optional. Configuration value for recreation of replica after - certain replication lag - type: integer - format: int32 - enableGoogleMlIntegration: - description: >- - Optional. When this parameter is set to true, Cloud SQL instances - can connect to Vertex AI to pass requests for real-time predictions - and insights to the AI. The default value is false. This applies - only to Cloud SQL for MySQL and Cloud SQL for PostgreSQL instances. - type: boolean - enableDataplexIntegration: - description: >- - Optional. By default, Cloud SQL instances have schema extraction - disabled for Dataplex. When this parameter is set to true, schema - extraction for Dataplex on Cloud SQL instances is activated. - type: boolean - retainBackupsOnDelete: - description: >- - Optional. When this parameter is set to true, Cloud SQL retains - backups of the instance even after the instance is deleted. The - ON_DEMAND backup will be retained until customer deletes the backup - or the project. The AUTOMATED backup will be retained based on the - backups retention setting. - type: boolean - dataDiskProvisionedIops: - description: >- - Optional. Provisioned number of I/O operations per second for the - data disk. This field is only used for hyperdisk-balanced disk - types. + kind: + description: This is always `sql#diskEncryptionConfiguration`. type: string - format: int64 - dataDiskProvisionedThroughput: + type: object + description: Disk encryption configuration for an instance. + Metadata: + id: Metadata + properties: + sqlStatementExecutionTime: + type: string + format: google-duration + description: The time taken to execute the SQL statements. + description: >- + The additional metadata information regarding the execution of the SQL + statements. + type: object + SqlInstancesGetLatestRecoveryTimeResponse: + description: Instance get latest recovery time response. + type: object + id: SqlInstancesGetLatestRecoveryTimeResponse + properties: + latestRecoveryTime: + format: google-datetime description: >- - Optional. Provisioned throughput measured in MiB per second for the - data disk. This field is only used for hyperdisk-balanced disk - types. + Timestamp, identifies the latest recovery time of the source + instance. type: string - format: int64 - connectionPoolConfig: + earliestRecoveryTime: + format: google-datetime description: >- - Optional. The managed connection pooling configuration for the + Timestamp, identifies the earliest recovery time of the source instance. - $ref: '#/components/schemas/ConnectionPoolConfig' - finalBackupConfig: - description: Optional. The final backup configuration for the instance. - $ref: '#/components/schemas/FinalBackupConfig' - IpConfiguration: - id: IpConfiguration - description: IP Management configuration. - type: object + type: string + kind: + type: string + description: This is always `sql#getLatestRecoveryTime`. + BackupRunsListResponse: properties: - ipv4Enabled: - description: Whether the instance is assigned a public IP address or not. - type: boolean - privateNetwork: - description: >- - The resource link for the VPC network from which the Cloud SQL - instance is accessible for private IP. For example, - `/projects/myProject/global/networks/default`. This setting can be - updated, but it cannot be removed after it is set. + nextPageToken: type: string - requireSsl: description: >- - Use `ssl_mode` instead. Whether SSL/TLS connections over IP are - enforced. If set to false, then allow both non-SSL/non-TLS and - SSL/TLS connections. For SSL/TLS connections, the client certificate - won't be verified. If set to true, then only allow connections - encrypted with SSL/TLS and with valid client certificates. If you - want to enforce SSL/TLS without enforcing the requirement for valid - client certificates, then use the `ssl_mode` flag instead of the - `require_ssl` flag. - type: boolean - authorizedNetworks: + The continuation token, used to page through large result sets. + Provide this value in a subsequent request to return the next page + of results. + items: description: >- - The list of external networks that are allowed to connect to the - instance using the IP. In 'CIDR' notation, also known as 'slash' - notation (for example: `157.197.200.0/24`). - type: array + A list of backup runs in reverse chronological order of the enqueued + time. items: - $ref: '#/components/schemas/AclEntry' - allocatedIpRange: - description: >- - The name of the allocated ip range for the private ip Cloud SQL - instance. For example: "google-managed-services-default". If set, - the instance ip will be created in the allocated range. The range - name must comply with [RFC - 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name - must be 1-63 characters long and match the regular expression - `[a-z]([-a-z0-9]*[a-z0-9])?.` + $ref: '#/components/schemas/BackupRun' + type: array + kind: + description: This is always `sql#backupRunsList`. type: string - enablePrivatePathForGoogleCloudServices: - description: >- - Controls connectivity to private IP instances from Google services, - such as BigQuery. - type: boolean - sslMode: + description: Backup run list results. + type: object + id: BackupRunsListResponse + SqlServerDatabaseDetails: + type: object + id: SqlServerDatabaseDetails + description: Represents a Sql Server database on the Cloud SQL instance. + properties: + compatibilityLevel: + format: int32 description: >- - Specify how SSL/TLS is enforced in database connections. If you must - use the `require_ssl` flag for backward compatibility, then only the - following value pairs are valid: For PostgreSQL and MySQL: * - `ssl_mode=ALLOW_UNENCRYPTED_AND_ENCRYPTED` and `require_ssl=false` * - `ssl_mode=ENCRYPTED_ONLY` and `require_ssl=false` * - `ssl_mode=TRUSTED_CLIENT_CERTIFICATE_REQUIRED` and - `require_ssl=true` For SQL Server: * - `ssl_mode=ALLOW_UNENCRYPTED_AND_ENCRYPTED` and `require_ssl=false` * - `ssl_mode=ENCRYPTED_ONLY` and `require_ssl=true` The value of - `ssl_mode` has priority over the value of `require_ssl`. For - example, for the pair `ssl_mode=ENCRYPTED_ONLY` and - `require_ssl=false`, `ssl_mode=ENCRYPTED_ONLY` means accept only SSL - connections, while `require_ssl=false` means accept both non-SSL and - SSL connections. In this case, MySQL and PostgreSQL databases - respect `ssl_mode` and accepts only SSL connections. + The version of SQL Server with which the database is to be made + compatible + type: integer + recoveryModel: type: string - enumDescriptions: - - The SSL mode is unknown. - - >- - Allow non-SSL/non-TLS and SSL/TLS connections. For SSL connections - to MySQL and PostgreSQL, the client certificate isn't verified. - When this value is used, the legacy `require_ssl` flag must be - false or cleared to avoid a conflict between the values of the two - flags. - - >- - Only allow connections encrypted with SSL/TLS. For SSL connections - to MySQL and PostgreSQL, the client certificate isn't verified. - When this value is used, the legacy `require_ssl` flag must be - false or cleared to avoid a conflict between the values of the two - flags. - - >- - Only allow connections encrypted with SSL/TLS and with valid - client certificates. When this value is used, the legacy - `require_ssl` flag must be true or cleared to avoid the conflict - between values of two flags. PostgreSQL clients or users that - connect using IAM database authentication must use either the - [Cloud SQL Auth - Proxy](https://cloud.google.com/sql/docs/postgres/connect-auth-proxy) - or [Cloud SQL - Connectors](https://cloud.google.com/sql/docs/postgres/connect-connectors) - to enforce client identity verification. Only applicable to MySQL - and PostgreSQL. Not applicable to SQL Server. + description: The recovery model of a SQL Server database + BackupRetentionSettings: + description: >- + We currently only support backup retention by specifying the number of + backups we will retain. + properties: + retentionUnit: enum: - - SSL_MODE_UNSPECIFIED - - ALLOW_UNENCRYPTED_AND_ENCRYPTED - - ENCRYPTED_ONLY - - TRUSTED_CLIENT_CERTIFICATE_REQUIRED - pscConfig: - description: PSC settings for this instance. - $ref: '#/components/schemas/PscConfig' - serverCaMode: - description: Specify what type of CA is used for the server certificate. + - RETENTION_UNIT_UNSPECIFIED + - COUNT type: string + description: The unit that 'retained_backups' represents. enumDescriptions: + - Backup retention unit is unspecified, will be treated as COUNT. - >- - CA mode is unspecified. It is effectively the same as - `GOOGLE_MANAGED_INTERNAL_CA`. - - Google-managed self-signed internal CA. - - >- - Google-managed regional CA part of root CA hierarchy hosted on - Google Cloud's Certificate Authority Service (CAS). - - >- - Customer-managed CA hosted on Google Cloud's Certificate Authority - Service (CAS). - enum: - - CA_MODE_UNSPECIFIED - - GOOGLE_MANAGED_INTERNAL_CA - - GOOGLE_MANAGED_CAS_CA - - CUSTOMER_MANAGED_CAS_CA - customSubjectAlternativeNames: - description: >- - Optional. Custom Subject Alternative Name(SAN)s for a Cloud SQL - instance. - type: array - items: - type: string - serverCaPool: + Retention will be by count, eg. "retain the most recent 7 + backups". + retainedBackups: + format: int32 + type: integer description: >- - Optional. The resource name of the server CA pool for an instance - with `CUSTOMER_MANAGED_CAS_CA` as the `server_ca_mode`. Format: - projects/{PROJECT}/locations/{REGION}/caPools/{CA_POOL_ID} - type: string - AclEntry: - id: AclEntry - description: An entry for an Access Control list. + Depending on the value of retention_unit, this is used to determine + if a backup needs to be deleted. If retention_unit is 'COUNT', we + will retain this many backups. type: object - properties: - value: - description: The allowlisted value for the access control list. - type: string - expirationTime: - description: >- - The time when this access control entry expires in [RFC - 3339](https://tools.ietf.org/html/rfc3339) format, for example - `2012-11-15T16:19:00.094Z`. - type: string - format: google-datetime - name: - description: Optional. A label to identify this entry. - type: string - kind: - description: This is always `sql#aclEntry`. - type: string - PscConfig: - id: PscConfig - description: PSC settings for a Cloud SQL instance. + id: BackupRetentionSettings + SqlInstancesVerifyExternalSyncSettingsResponse: + description: Instance verify external sync settings response. + id: SqlInstancesVerifyExternalSyncSettingsResponse type: object properties: - pscEnabled: - description: Whether PSC connectivity is enabled for this instance. - type: boolean - allowedConsumerProjects: - description: >- - Optional. The list of consumer projects that are allow-listed for - PSC connections to this instance. This instance can be connected to - with PSC from any network in these projects. Each consumer project - in this list may be represented by a project number (numeric) or by - a project id (alphanumeric). + errors: + description: List of migration violations. type: array items: - type: string - pscAutoConnections: - description: >- - Optional. The list of settings for requested Private Service Connect - consumer endpoints that can be used to connect to this Cloud SQL - instance. - type: array + $ref: '#/components/schemas/SqlExternalSyncSettingError' + warnings: items: - $ref: '#/components/schemas/PscAutoConnectionConfig' - networkAttachmentUri: - description: >- - Optional. The network attachment of the consumer network that the - Private Service Connect enabled Cloud SQL instance is authorized to - connect via PSC interface. format: - projects/PROJECT/regions/REGION/networkAttachments/ID + $ref: '#/components/schemas/SqlExternalSyncSettingError' + description: List of migration warnings. + type: array + kind: + description: This is always `sql#migrationSettingErrorList`. type: string - PscAutoConnectionConfig: - id: PscAutoConnectionConfig - description: >- - Settings for an automatically-setup Private Service Connect consumer - endpoint that is used to connect to a Cloud SQL instance. - type: object + BackupRun: + description: A BackupRun resource. properties: - consumerProject: - description: >- - Optional. This is the project ID of consumer service project of this - consumer endpoint. Optional. This is only applicable if - consumer_network is a shared vpc network. + id: + format: int64 type: string - consumerNetwork: description: >- - Optional. The consumer network of this consumer endpoint. This must - be a resource path that includes both the host project and the - network name. For example, - `projects/project1/global/networks/network1`. The consumer host - project of this network might be different from the consumer service - project. - type: string - ipAddress: - description: The IP address of the consumer endpoint. - type: string - status: - description: The connection status of the consumer endpoint. + The identifier for this backup run. Unique only for a specific Cloud + SQL instance. + description: type: string - consumerNetworkStatus: - description: The connection policy status of the consumer network. + description: The description of this run, only applicable to on-demand backups. + diskEncryptionConfiguration: + description: Encryption configuration specific to a backup. + $ref: '#/components/schemas/DiskEncryptionConfiguration' + windowStartTime: type: string - LocationPreference: - id: LocationPreference - description: >- - Preferred location. This specifies where a Cloud SQL instance is - located. Note that if the preferred location is not available, the - instance will be located as close as possible within the region. Only - one location may be specified. - type: object - properties: - followGaeApplication: description: >- - The App Engine application to follow, it must be in the same region - as the Cloud SQL instance. WARNING: Changing this might restart the - instance. - deprecated: true - type: string - zone: + The start time of the backup window during which this the backup was + attempted in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, + for example `2012-11-15T16:19:00.094Z`. + format: google-datetime + error: + $ref: '#/components/schemas/OperationError' description: >- - The preferred Compute Engine zone (for example: us-central1-a, - us-central1-b, etc.). WARNING: Changing this might restart the - instance. - type: string - secondaryZone: + Information about why the backup operation failed. This is only + present if the run has the FAILED status. + timeZone: description: >- - The preferred Compute Engine zone for the secondary/failover (for - example: us-central1-a, us-central1-b, etc.). To disable this field, - set it to 'no_secondary_zone'. + Backup time zone to prevent restores to an instance with a different + time zone. Now relevant only for SQL Server. type: string - kind: - description: This is always `sql#locationPreference`. + maxChargeableBytes: type: string - DatabaseFlags: - id: DatabaseFlags - description: Database flags for Cloud SQL instances. - type: object - properties: - name: - description: >- - The name of the flag. These flags are passed at instance startup, so - include both server options and system variables. Flags are - specified with underscores, not hyphens. For more information, see - [Configuring Database - Flags](https://cloud.google.com/sql/docs/mysql/flags) in the Cloud - SQL documentation. + format: int64 + readOnly: true + description: Output only. The maximum chargeable bytes for the backup. + selfLink: + description: The URI of this resource. type: string - value: - description: >- - The value of the flag. Boolean flags are set to `on` for true and - `off` for false. This field must be omitted if the flag doesn't take - a value. + kind: + description: This is always `sql#backupRun`. type: string - MaintenanceWindow: - id: MaintenanceWindow - description: >- - Maintenance window. This specifies when a Cloud SQL instance is - restarted for system maintenance purposes. - type: object - properties: - hour: - description: Hour of day - 0 to 23. Specify in the UTC time zone. - type: integer - format: int32 - day: - description: >- - Day of week - `MONDAY`, `TUESDAY`, `WEDNESDAY`, `THURSDAY`, - `FRIDAY`, `SATURDAY`, or `SUNDAY`. Specify in the UTC time zone. - Returned in output as an integer, 1 to 7, where `1` equals Monday. - type: integer - format: int32 - updateTrack: - description: >- - Maintenance timing settings: `canary`, `stable`, or `week5`. For - more information, see [About maintenance on Cloud SQL - instances](https://cloud.google.com/sql/docs/mysql/maintenance). + status: + enum: + - SQL_BACKUP_RUN_STATUS_UNSPECIFIED + - ENQUEUED + - OVERDUE + - RUNNING + - FAILED + - SUCCESSFUL + - SKIPPED + - DELETION_PENDING + - DELETION_FAILED + - DELETED type: string enumDescriptions: - - This is an unknown maintenance timing preference. - - >- - For an instance with a scheduled maintenance window, this - maintenance timing indicates that the maintenance update is - scheduled 7 to 14 days after the notification is sent out. Also - referred to as `Week 1` (Console) and `preview` (gcloud CLI). + - The status of the run is unknown. + - The backup operation was enqueued. - >- - For an instance with a scheduled maintenance window, this - maintenance timing indicates that the maintenance update is - scheduled 15 to 21 days after the notification is sent out. Also - referred to as `Week 2` (Console) and `production` (gcloud CLI). + The backup is overdue across a given backup window. Indicates a + problem. Example: Long-running operation in progress during the + whole window. + - The backup is in progress. + - The backup failed. + - The backup was successful. - >- - For instance with a scheduled maintenance window, this maintenance - timing indicates that the maintenance update is scheduled 35 to 42 - days after the notification is sent out. - enum: - - SQL_UPDATE_TRACK_UNSPECIFIED - - canary - - stable - - week5 - kind: - description: This is always `sql#maintenanceWindow`. - type: string - BackupConfiguration: - id: BackupConfiguration - description: Database instance backup configuration. - type: object - properties: - startTime: - description: >- - Start time for the daily backup configuration in UTC timezone in the - 24 hour format - `HH:MM`. - type: string - enabled: - description: Whether this configuration is enabled. - type: boolean - kind: - description: This is always `sql#backupConfiguration`. + The backup was skipped (without problems) for a given backup + window. Example: Instance was idle. + - The backup is about to be deleted. + - The backup deletion failed. + - The backup has been deleted. + description: The status of this run. + backupKind: + description: Specifies the kind of backup, PHYSICAL or DEFAULT_SNAPSHOT. type: string - binaryLogEnabled: - description: >- - (MySQL only) Whether binary log is enabled. If backup configuration - is disabled, binarylog must be disabled as well. - type: boolean - replicationLogArchivingEnabled: - description: Reserved for future use. - type: boolean + enum: + - SQL_BACKUP_KIND_UNSPECIFIED + - SNAPSHOT + - PHYSICAL + enumDescriptions: + - This is an unknown BackupKind. + - Snapshot-based backups. + - Physical backups. location: - description: Location of the backup - type: string - pointInTimeRecoveryEnabled: - description: Whether point in time recovery is enabled. - type: boolean - backupRetentionSettings: - description: Backup retention settings. - $ref: '#/components/schemas/BackupRetentionSettings' - transactionLogRetentionDays: - description: >- - The number of days of transaction logs we retain for point in time - restore, from 1-7. - type: integer - format: int32 - transactionalLogStorageState: - description: >- - Output only. This value contains the storage location of - transactional logs used to perform point-in-time recovery (PITR) for - the database. - readOnly: true + description: Location of the backups. type: string + databaseVersion: + enum: + - SQL_DATABASE_VERSION_UNSPECIFIED + - MYSQL_5_1 + - MYSQL_5_5 + - MYSQL_5_6 + - MYSQL_5_7 + - MYSQL_8_0 + - MYSQL_8_0_18 + - MYSQL_8_0_26 + - MYSQL_8_0_27 + - MYSQL_8_0_28 + - MYSQL_8_0_29 + - MYSQL_8_0_30 + - MYSQL_8_0_31 + - MYSQL_8_0_32 + - MYSQL_8_0_33 + - MYSQL_8_0_34 + - MYSQL_8_0_35 + - MYSQL_8_0_36 + - MYSQL_8_0_37 + - MYSQL_8_0_39 + - MYSQL_8_0_40 + - MYSQL_8_0_41 + - MYSQL_8_0_42 + - MYSQL_8_0_43 + - MYSQL_8_0_44 + - MYSQL_8_0_45 + - MYSQL_8_0_46 + - MYSQL_8_4 + - SQLSERVER_2017_STANDARD + - SQLSERVER_2017_ENTERPRISE + - SQLSERVER_2017_EXPRESS + - SQLSERVER_2017_WEB + - POSTGRES_9_6 + - POSTGRES_10 + - POSTGRES_11 + - POSTGRES_12 + - POSTGRES_13 + - POSTGRES_14 + - POSTGRES_15 + - POSTGRES_16 + - POSTGRES_17 + - POSTGRES_18 + - SQLSERVER_2019_STANDARD + - SQLSERVER_2019_ENTERPRISE + - SQLSERVER_2019_EXPRESS + - SQLSERVER_2019_WEB + - SQLSERVER_2022_STANDARD + - SQLSERVER_2022_ENTERPRISE + - SQLSERVER_2022_EXPRESS + - SQLSERVER_2022_WEB enumDescriptions: - - Unspecified. - - >- - The transaction logs used for PITR for the instance are stored on - a data disk. + - This is an unknown database version. + - The database version is MySQL 5.1. + - The database version is MySQL 5.5. + - The database version is MySQL 5.6. + - The database version is MySQL 5.7. + - The database version is MySQL 8. - >- - The transaction logs used for PITR for the instance are switching - from being stored on a data disk to being stored in Cloud Storage. - Only applicable to MySQL. + The database major version is MySQL 8.0 and the minor version is + 18. - >- - The transaction logs used for PITR for the instance are now stored - in Cloud Storage. Previously, they were stored on a data disk. - Only applicable to MySQL. + The database major version is MySQL 8.0 and the minor version is + 26. - >- - The transaction logs used for PITR for the instance are stored in - Cloud Storage. Only applicable to MySQL and PostgreSQL. - enum: - - TRANSACTIONAL_LOG_STORAGE_STATE_UNSPECIFIED - - DISK - - SWITCHING_TO_CLOUD_STORAGE - - SWITCHED_TO_CLOUD_STORAGE - - CLOUD_STORAGE - backupTier: - description: Output only. Backup tier that manages the backups for the instance. - readOnly: true - type: string - enumDescriptions: - - Unspecified. - - Instance is managed by Cloud SQL. - - 'Deprecated: ADVANCED is deprecated. Please use ENHANCED instead.' - - Instance is managed by Google Cloud Backup and DR Service. - enumDeprecated: - - false - - false - - true - - false - enum: - - BACKUP_TIER_UNSPECIFIED - - STANDARD - - ADVANCED - - ENHANCED - BackupRetentionSettings: - id: BackupRetentionSettings - description: >- - We currently only support backup retention by specifying the number of - backups we will retain. - type: object - properties: - retentionUnit: - description: The unit that 'retained_backups' represents. - type: string - enumDescriptions: - - Backup retention unit is unspecified, will be treated as COUNT. + The database major version is MySQL 8.0 and the minor version is + 27. - >- - Retention will be by count, eg. "retain the most recent 7 - backups". - enum: - - RETENTION_UNIT_UNSPECIFIED - - COUNT - retainedBackups: - description: >- - Depending on the value of retention_unit, this is used to determine - if a backup needs to be deleted. If retention_unit is 'COUNT', we - will retain this many backups. - type: integer - format: int32 - SqlActiveDirectoryConfig: - id: SqlActiveDirectoryConfig - description: >- - Active Directory configuration, relevant only for Cloud SQL for SQL - Server. - type: object - properties: - kind: - description: This is always sql#activeDirectoryConfig. - type: string - domain: - description: The name of the domain (e.g., mydomain.com). - type: string - mode: - description: Optional. The mode of the Active Directory configuration. - type: string - enumDescriptions: + The database major version is MySQL 8.0 and the minor version is + 28. - >- - Unspecified mode. Will default to MANAGED_ACTIVE_DIRECTORY if the - mode is not specified to maintain backward compatibility. - - Managed Active Directory mode. - - Self-managed Active Directory mode. - enum: - - ACTIVE_DIRECTORY_MODE_UNSPECIFIED - - MANAGED_ACTIVE_DIRECTORY - - SELF_MANAGED_ACTIVE_DIRECTORY - dnsServers: - description: >- - Optional. Domain controller IPv4 addresses used to bootstrap Active - Directory. - type: array - items: - type: string - adminCredentialSecretName: + The database major version is MySQL 8.0 and the minor version is + 29. + - >- + The database major version is MySQL 8.0 and the minor version is + 30. + - >- + The database major version is MySQL 8.0 and the minor version is + 31. + - >- + The database major version is MySQL 8.0 and the minor version is + 32. + - >- + The database major version is MySQL 8.0 and the minor version is + 33. + - >- + The database major version is MySQL 8.0 and the minor version is + 34. + - >- + The database major version is MySQL 8.0 and the minor version is + 35. + - >- + The database major version is MySQL 8.0 and the minor version is + 36. + - >- + The database major version is MySQL 8.0 and the minor version is + 37. + - >- + The database major version is MySQL 8.0 and the minor version is + 39. + - >- + The database major version is MySQL 8.0 and the minor version is + 40. + - >- + The database major version is MySQL 8.0 and the minor version is + 41. + - >- + The database major version is MySQL 8.0 and the minor version is + 42. + - >- + The database major version is MySQL 8.0 and the minor version is + 43. + - >- + The database major version is MySQL 8.0 and the minor version is + 44. + - >- + The database major version is MySQL 8.0 and the minor version is + 45. + - >- + The database major version is MySQL 8.0 and the minor version is + 46. + - The database version is MySQL 8.4. + - The database version is SQL Server 2017 Standard. + - The database version is SQL Server 2017 Enterprise. + - The database version is SQL Server 2017 Express. + - The database version is SQL Server 2017 Web. + - The database version is PostgreSQL 9.6. + - The database version is PostgreSQL 10. + - The database version is PostgreSQL 11. + - The database version is PostgreSQL 12. + - The database version is PostgreSQL 13. + - The database version is PostgreSQL 14. + - The database version is PostgreSQL 15. + - The database version is PostgreSQL 16. + - The database version is PostgreSQL 17. + - The database version is PostgreSQL 18. + - The database version is SQL Server 2019 Standard. + - The database version is SQL Server 2019 Enterprise. + - The database version is SQL Server 2019 Express. + - The database version is SQL Server 2019 Web. + - The database version is SQL Server 2022 Standard. + - The database version is SQL Server 2022 Enterprise. + - The database version is SQL Server 2022 Express. + - The database version is SQL Server 2022 Web. + enumDeprecated: + - false + - true + - true + - false + - false + - false + - false + - false + - false + - false + - true + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false description: >- - Optional. The secret manager key storing the administrator - credential. (e.g., projects/{project}/secrets/{secret}). + Output only. The instance database version at the time this backup + was made. + readOnly: true type: string - organizationalUnit: + enqueuedTime: + format: google-datetime description: >- - Optional. The organizational unit distinguished name. This is the - full hierarchical path to the organizational unit. + The time the run was enqueued in UTC timezone in [RFC + 3339](https://tools.ietf.org/html/rfc3339) format, for example + `2012-11-15T16:19:00.094Z`. + type: string + endTime: type: string - DenyMaintenancePeriod: - id: DenyMaintenancePeriod - description: >- - Deny maintenance Periods. This specifies a date range during when all - CSA rollout will be denied. - type: object - properties: - startDate: description: >- - "deny maintenance period" start date. If the year of the start date - is empty, the year of the end date also must be empty. In this case, - it means the deny maintenance period recurs every year. The date is - in format yyyy-mm-dd i.e., 2020-11-01, or mm-dd, i.e., 11-01 + The time the backup operation completed in UTC timezone in [RFC + 3339](https://tools.ietf.org/html/rfc3339) format, for example + `2012-11-15T16:19:00.094Z`. + format: google-datetime + diskEncryptionStatus: + $ref: '#/components/schemas/DiskEncryptionStatus' + description: Encryption status specific to a backup. + startTime: type: string - endDate: description: >- - "deny maintenance period" end date. If the year of the end date is - empty, the year of the start date also must be empty. In this case, - it means the no maintenance interval recurs every year. The date is - in format yyyy-mm-dd i.e., 2020-11-01, or mm-dd, i.e., 11-01 + The time the backup operation actually started in UTC timezone in + [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example + `2012-11-15T16:19:00.094Z`. + format: google-datetime + type: type: string - time: + enum: + - SQL_BACKUP_RUN_TYPE_UNSPECIFIED + - AUTOMATED + - ON_DEMAND description: >- - Time in UTC when the "deny maintenance period" starts on start_date - and ends on end_date. The time is in format: HH:mm:SS, i.e., - 00:00:00 + The type of this run; can be either "AUTOMATED" or "ON_DEMAND" or + "FINAL". This field defaults to "ON_DEMAND" and is ignored, when + specified for insert requests. + enumDescriptions: + - This is an unknown BackupRun type. + - The backup schedule automatically triggers a backup. + - The user manually triggers a backup. + instance: type: string - InsightsConfig: - id: InsightsConfig - description: >- - Insights configuration. This specifies when Cloud SQL Insights feature - is enabled and optional configuration. + description: Name of the database instance. + id: BackupRun type: object + InstancesRestoreBackupRequest: properties: - queryInsightsEnabled: - description: Whether Query Insights feature is enabled. - type: boolean - recordClientAddress: - description: Whether Query Insights will record client address when enabled. - type: boolean - recordApplicationTags: - description: >- - Whether Query Insights will record application tags from query when - enabled. - type: boolean - queryStringLength: + restoreInstanceClearOverridesFieldNames: + items: + type: string + type: array description: >- - Maximum query length stored in bytes. Default value: 1024 bytes. - Range: 256-4500 bytes. Query lengths greater than this field value - will be truncated to this value. When unset, query length will be - the default value. Changing query length will restart the database. - type: integer - format: int32 - queryPlansPerMinute: + Optional. This field has the same purpose as + restore_instance_settings, changes any instance settings stored in + the backup you are restoring from. With the difference that these + fields are cleared in the settings. + backup: description: >- - Number of query execution plans captured by Insights per minute for - all queries combined. Default is 5. - type: integer - format: int32 - PasswordValidationPolicy: - id: PasswordValidationPolicy - description: Database instance local user password validation policy - type: object - properties: - minLength: - description: Minimum number of characters allowed. - type: integer - format: int32 - complexity: - description: The complexity of the password. + The name of the backup that's used to restore a Cloud SQL instance: + Format: projects/{project-id}/backups/{backup-uid}. Only one of + restore_backup_context, backup, backupdr_backup can be passed to the + input. type: string - enumDescriptions: - - Complexity check is not specified. - - >- - A combination of lowercase, uppercase, numeric, and - non-alphanumeric characters. - enum: - - COMPLEXITY_UNSPECIFIED - - COMPLEXITY_DEFAULT - reuseInterval: - description: Number of previous passwords that cannot be reused. - type: integer - format: int32 - disallowUsernameSubstring: - description: Disallow username as a part of the password. - type: boolean - passwordChangeInterval: - description: >- - Minimum interval after which the password can be changed. This flag - is only supported for PostgreSQL. + backupdrBackup: type: string - format: google-duration - enablePasswordPolicy: - description: Whether the password policy is enabled or not. - type: boolean - disallowCompromisedCredentials: description: >- - This field is deprecated and will be removed in a future version of - the API. - deprecated: true - type: boolean - SqlServerAuditConfig: - id: SqlServerAuditConfig - description: SQL Server specific audit configuration. - type: object - properties: - kind: - description: This is always sql#sqlServerAuditConfig - type: string - bucket: - description: The name of the destination bucket (e.g., gs://mybucket). - type: string - retentionInterval: - description: How long to keep generated audit files. - type: string - format: google-duration - uploadInterval: - description: How often to upload generated audit files. - type: string - format: google-duration - AdvancedMachineFeatures: - id: AdvancedMachineFeatures - description: Specifies options for controlling advanced machine features. - type: object - properties: - threadsPerCore: - description: The number of threads per physical core. - type: integer - format: int32 - DataCacheConfig: - id: DataCacheConfig - description: Data cache configurations. + The name of the backup that's used to restore a Cloud SQL instance: + Format: + "projects/{project-id}/locations/{location}/backupVaults/{backupvault}/dataSources/{datasource}/backups/{backup-uid}". + Only one of restore_backup_context, backup, backupdr_backup can be + passed to the input. + restoreBackupContext: + $ref: '#/components/schemas/RestoreBackupContext' + description: Parameters required to perform the restore backup operation. + restoreInstanceSettings: + description: >- + Optional. By using this parameter, Cloud SQL overrides any instance + settings stored in the backup you are restoring from. You can't + change the instance's major database version and you can only + increase the disk size. You can use this field to restore new + instances only. This field is not applicable for restore to existing + instances. + $ref: '#/components/schemas/DatabaseInstance' + id: InstancesRestoreBackupRequest + description: Database instance restore backup request. type: object - properties: - dataCacheEnabled: - description: Whether data cache is enabled for the instance. - type: boolean - ConnectionPoolConfig: - id: ConnectionPoolConfig - description: The managed connection pooling configuration. + InstancesAcquireSsrsLeaseRequest: + id: InstancesAcquireSsrsLeaseRequest + description: Request to acquire a lease for SSRS. type: object properties: - connectionPoolingEnabled: - description: Whether managed connection pooling is enabled. - type: boolean - flags: - description: Optional. List of connection pool configuration flags. - type: array - items: - $ref: '#/components/schemas/ConnectionPoolFlags' - poolerCount: - description: Output only. Number of connection poolers. - readOnly: true - type: integer - format: int32 - ConnectionPoolFlags: - id: ConnectionPoolFlags - description: >- - Connection pool flags for Cloud SQL instances managed connection pool - configuration. + acquireSsrsLeaseContext: + description: Contains details about the acquire SSRS lease operation. + $ref: '#/components/schemas/AcquireSsrsLeaseContext' + BackupConfiguration: type: object + id: BackupConfiguration + description: Database instance backup configuration. properties: - name: - description: Required. The name of the flag. + startTime: type: string - value: description: >- - Required. The value of the flag. Boolean flags are set to `on` for - true and `off` for false. This field must be omitted if the flag - doesn't take a value. - type: string - FinalBackupConfig: - id: FinalBackupConfig - description: Config used to determine the final backup settings for the instance. - type: object - properties: - enabled: - description: Whether the final backup is enabled for the instance. + Start time for the daily backup configuration in UTC timezone in the + 24 hour format - `HH:MM`. + replicationLogArchivingEnabled: + description: Reserved for future use. type: boolean - retentionDays: - description: >- - The number of days to retain the final backup after the instance - deletion. The final backup will be purged at - (time_of_instance_deletion + retention_days). - type: integer - format: int32 - IpMapping: - id: IpMapping - description: Database instance IP mapping - type: object - properties: - type: + transactionalLogStorageState: + readOnly: true description: >- - The type of this IP address. A `PRIMARY` address is a public address - that can accept incoming connections. A `PRIVATE` address is a - private address that can accept incoming connections. An `OUTGOING` - address is the source address of connections originating from the - instance, if supported. - type: string + Output only. This value contains the storage location of + transactional logs used to perform point-in-time recovery (PITR) for + the database. enumDescriptions: - - This is an unknown IP address type. + - Unspecified. - >- - IP address the customer is supposed to connect to. Usually this is - the load balancer's IP address + The transaction logs used for PITR for the instance are stored on + a data disk. - >- - Source IP address of the connection a read replica establishes to - its external primary instance. This IP address can be allowlisted - by the customer in case it has a firewall that filters incoming - connection to its on premises primary instance. - - Private IP used when using private IPs and network peering. + The transaction logs used for PITR for the instance are switching + from being stored on a data disk to being stored in Cloud Storage. + Only applicable to MySQL. - >- - V1 IP of a migrated instance. We want the user to decommission - this IP as soon as the migration is complete. Note: V1 instances - with V1 ip addresses will be counted as PRIMARY. - enum: - - SQL_IP_ADDRESS_TYPE_UNSPECIFIED - - PRIMARY - - OUTGOING - - PRIVATE - - MIGRATED_1ST_GEN - ipAddress: - description: The IP address assigned. + The transaction logs used for PITR for the instance are now stored + in Cloud Storage. Previously, they were stored on a data disk. + Only applicable to MySQL. + - >- + The transaction logs used for PITR for the instance are stored in + Cloud Storage. Only applicable to MySQL and PostgreSQL. type: string - timeToRetire: + enum: + - TRANSACTIONAL_LOG_STORAGE_STATE_UNSPECIFIED + - DISK + - SWITCHING_TO_CLOUD_STORAGE + - SWITCHED_TO_CLOUD_STORAGE + - CLOUD_STORAGE + backupRetentionSettings: + description: Backup retention settings. + $ref: '#/components/schemas/BackupRetentionSettings' + binaryLogEnabled: + type: boolean description: >- - The due time for this IP to be retired in [RFC - 3339](https://tools.ietf.org/html/rfc3339) format, for example - `2012-11-15T16:19:00.094Z`. This field is only available when the IP - is scheduled to be retired. - type: string - format: google-datetime - SslCert: - id: SslCert - description: SslCerts Resource - type: object - properties: - kind: - description: This is always `sql#sslCert`. - type: string - certSerialNumber: - description: Serial number, as extracted from the certificate. - type: string - cert: - description: PEM representation. + (MySQL only) Whether binary log is enabled. If backup configuration + is disabled, binarylog must be disabled as well. + backupTier: + readOnly: true + description: Output only. Backup tier that manages the backups for the instance. + enumDescriptions: + - Unspecified. + - Instance is managed by Cloud SQL. + - 'Deprecated: ADVANCED is deprecated. Please use ENHANCED instead.' + - Instance is managed by Google Cloud Backup and DR Service. + enum: + - BACKUP_TIER_UNSPECIFIED + - STANDARD + - ADVANCED + - ENHANCED + enumDeprecated: + - false + - false + - true + - false type: string - createTime: - description: >- - The time when the certificate was created in [RFC - 3339](https://tools.ietf.org/html/rfc3339) format, for example - `2012-11-15T16:19:00.094Z` + location: + description: Location of the backup type: string - format: google-datetime - commonName: - description: User supplied name. Constrained to [a-zA-Z.-_ ]+. + kind: type: string - expirationTime: + description: This is always `sql#backupConfiguration`. + transactionLogRetentionDays: + type: integer description: >- - The time when the certificate expires in [RFC - 3339](https://tools.ietf.org/html/rfc3339) format, for example - `2012-11-15T16:19:00.094Z`. - type: string - format: google-datetime - sha1Fingerprint: - description: Sha1 Fingerprint. - type: string - instance: - description: Name of the database instance. - type: string - selfLink: - description: The URI of this resource. - type: string - OnPremisesConfiguration: - id: OnPremisesConfiguration - description: On-premises instance configuration. + The number of days of transaction logs we retain for point in time + restore, from 1-7. + format: int32 + enabled: + description: Whether this configuration is enabled. + type: boolean + pointInTimeRecoveryEnabled: + type: boolean + description: Whether point in time recovery is enabled. + CloneContext: type: object + description: Database instance clone context. + id: CloneContext properties: - hostPort: - description: The host and port of the on-premises instance in host:port format + pitrTimestampMs: type: string - kind: - description: This is always `sql#onPremisesConfiguration`. + format: int64 + description: Reserved for future use. + binLogCoordinates: + description: >- + Binary log coordinates, if specified, identify the position up to + which the source instance is cloned. If not specified, the source + instance is cloned up to the most recent binary log coordinates. + $ref: '#/components/schemas/BinLogCoordinates' + sourceInstanceDeletionTime: + format: google-datetime type: string - username: - description: The username for connecting to on-premises instance. + description: >- + The timestamp used to identify the time when the source instance is + deleted. If this instance is deleted, then you must set the + timestamp. + databaseNames: + type: array + description: >- + (SQL Server only) Clone only the specified databases from the source + instance. Clone all databases if empty. + items: + type: string + preferredSecondaryZone: + description: >- + Optional. Copy clone and point-in-time recovery clone of a regional + instance in the specified zones. If not specified, clone to the same + secondary zone as the source instance. This value cannot be the same + as the preferred_zone field. This field applies to all DB types. type: string - password: - description: The password for connecting to on-premises instance. + kind: + description: This is always `sql#cloneContext`. type: string - caCertificate: - description: PEM representation of the trusted CA's x509 certificate. + destinationInstanceName: type: string - clientCertificate: - description: PEM representation of the replica's x509 certificate. + description: Required. Name of the Cloud SQL instance to be created as a clone. + pointInTime: + format: google-datetime type: string - clientKey: description: >- - PEM representation of the replica's private key. The corresponding - public key is encoded in the client's certificate. - type: string - dumpFilePath: - description: The dump file to create the Cloud SQL replica. + Timestamp, if specified, identifies the time to which the source + instance is cloned. + preferredZone: type: string - sourceInstance: - description: The reference to Cloud SQL instance if the source is Cloud SQL. - $ref: '#/components/schemas/InstanceReference' - selectedObjects: description: >- - Optional. A list of objects that the user selects for replication - from an external source instance. - type: array - items: - $ref: '#/components/schemas/SelectedObjects' - sslOption: - description: >- - Optional. SSL option for replica connection to the on-premises - source. + Optional. Copy clone and point-in-time recovery clone of an instance + to the specified zone. If no zone is specified, clone to the same + primary zone as the source instance. This field applies to all DB + types. + allocatedIpRange: type: string - enumDescriptions: - - Unknown SSL option i.e. SSL option not specified by user. - - SSL is not used for replica connection to the on-premises source. - - SSL is required for replica connection to the on-premises source. - - >- - Verify CA is required for replica connection to the on-premises - source. - enum: - - SSL_OPTION_UNSPECIFIED - - DISABLE - - REQUIRE - - VERIFY_CA - InstanceReference: - id: InstanceReference - description: Reference to another Cloud SQL instance. - type: object + description: >- + The name of the allocated ip range for the private ip Cloud SQL + instance. For example: "google-managed-services-default". If set, + the cloned instance ip will be created in the allocated range. The + range name must comply with [RFC + 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name + must be 1-63 characters long and match the regular expression + [a-z]([-a-z0-9]*[a-z0-9])?. Reserved for future use. + DatabaseInstance: + id: DatabaseInstance properties: - name: + settings: + $ref: '#/components/schemas/Settings' + description: The user settings. + dnsName: + readOnly: true + description: Output only. The dns name of the instance. + type: string + masterInstanceName: description: >- - The name of the Cloud SQL instance being referenced. This does not - include the project ID. + The name of the instance which will act as primary in the + replication setup. type: string + replicaConfiguration: + $ref: '#/components/schemas/ReplicaConfiguration' + description: Configuration specific to failover replicas and read replicas. region: - description: The region of the Cloud SQL instance being referenced. - type: string - project: description: >- - The project ID of the Cloud SQL instance being referenced. The - default is the same project ID as the instance references it. - type: string - SelectedObjects: - id: SelectedObjects - description: >- - A list of objects that the user selects for replication from an external - source instance. - type: object - properties: - database: - description: Required. The name of the database to migrate. + The geographical region of the Cloud SQL instance. It can be one of + the + [regions](https://cloud.google.com/sql/docs/mysql/locations#location-r) + where Cloud SQL operates: For example, `asia-east1`, `europe-west1`, + and `us-central1`. The default value is `us-central1`. type: string - ReplicaConfiguration: - id: ReplicaConfiguration - description: Read-replica configuration for connecting to the primary instance. - type: object - properties: - kind: - description: This is always `sql#replicaConfiguration`. + createTime: type: string - mysqlReplicaConfiguration: + readOnly: true description: >- - MySQL specific configuration when replicating from a MySQL - on-premises primary instance. Replication configuration information - such as the username, password, certificates, and keys are not - stored in the instance metadata. The configuration information is - used only to set up the replication connection and is stored by - MySQL in a file named `master.info` in the data directory. - $ref: '#/components/schemas/MySqlReplicaConfiguration' - failoverTarget: + Output only. The time when the instance was created in [RFC + 3339](https://tools.ietf.org/html/rfc3339) format, for example + `2012-11-15T16:19:00.094Z`. + format: google-datetime + satisfiesPzs: description: >- - Specifies if the replica is the failover target. If the field is set - to `true`, the replica will be designated as a failover replica. In - case the primary instance fails, the replica instance will be - promoted as the new primary instance. Only one replica can be - specified as failover target, and the replica has to be in different - zone with the primary instance. + This status indicates whether the instance satisfies PZS. The status + is reserved for future use. type: boolean - cascadableReplica: + writeEndpoint: description: >- - Optional. Specifies if a SQL Server replica is a cascadable replica. - A cascadable replica is a SQL Server cross region replica that - supports replica(s) under it. + Output only. The dns name of the primary instance in a replication + group. + type: string + readOnly: true + availableMaintenanceVersions: + description: >- + Output only. List all maintenance versions applicable on the + instance + items: + type: string + readOnly: true + type: array + includeReplicasForMajorVersionUpgrade: type: boolean - MySqlReplicaConfiguration: - id: MySqlReplicaConfiguration - description: Read-replica configuration specific to MySQL databases. - type: object - properties: - dumpFilePath: description: >- - Path to a SQL dump file in Google Cloud Storage from which the - replica instance is to be created. The URI is in the form - gs://bucketName/fileName. Compressed gzip files (.gz) are also - supported. Dumps have the binlog co-ordinates from which replication - begins. This can be accomplished by setting --master-data to 1 when - using mysqldump. - type: string - username: - description: The username for the replication connection. - type: string - password: - description: The password for the replication connection. + Input only. Determines whether an in-place major version upgrade of + replicas happens when an in-place major version upgrade of a primary + instance is initiated. + pscServiceAttachmentLink: + readOnly: true + description: Output only. The link to service attachment of PSC instance. type: string - connectRetryInterval: + replicationCluster: + $ref: '#/components/schemas/ReplicationCluster' description: >- - Seconds to wait between connect retries. MySQL's default is 60 - seconds. - type: integer - format: int32 - masterHeartbeatPeriod: - description: Interval in milliseconds between replication heartbeats. - type: string - format: int64 - caCertificate: - description: PEM representation of the trusted CA's x509 certificate. - type: string - clientCertificate: - description: PEM representation of the replica's x509 certificate. + Optional. A primary instance and disaster recovery (DR) replica + pair. A DR replica is a cross-region replica that you designate for + failover in the event that the primary instance experiences regional + failure. Applicable to MySQL and PostgreSQL. + connectionName: type: string - clientKey: description: >- - PEM representation of the replica's private key. The corresponding - public key is encoded in the client's certificate. + Connection name of the Cloud SQL instance used in connection + strings. + etag: type: string - sslCipher: - description: A list of permissible ciphers to use for SSL encryption. - type: string - verifyServerCertificate: - description: >- - Whether or not to check the primary instance's Common Name value in - the certificate that it sends during the SSL handshake. - type: boolean - kind: - description: This is always `sql#mysqlReplicaConfiguration`. - type: string - DiskEncryptionConfiguration: - id: DiskEncryptionConfiguration - description: Disk encryption configuration for an instance. - type: object - properties: - kmsKeyName: - description: Resource name of KMS key for disk encryption - type: string - kind: - description: This is always `sql#diskEncryptionConfiguration`. - type: string - DiskEncryptionStatus: - id: DiskEncryptionStatus - description: Disk encryption status for an instance. - type: object - properties: - kmsKeyVersionName: - description: KMS key version used to encrypt the Cloud SQL instance resource - type: string - kind: - description: This is always `sql#diskEncryptionStatus`. - type: string - SqlScheduledMaintenance: - id: SqlScheduledMaintenance - description: Any scheduled maintenance for this instance. - type: object - properties: - startTime: - description: >- - The start time of any upcoming scheduled maintenance for this - instance. - type: string - format: google-datetime - canDefer: - deprecated: true - type: boolean - canReschedule: - description: If the scheduled maintenance can be rescheduled. - type: boolean - scheduleDeadlineTime: - description: Maintenance cannot be rescheduled to start beyond this deadline. - type: string - format: google-datetime - SqlOutOfDiskReport: - id: SqlOutOfDiskReport - description: >- - This message wraps up the information written by out-of-disk detection - job. - type: object - properties: - sqlOutOfDiskState: description: >- - This field represents the state generated by the proactive database - wellness job for OutOfDisk issues. * Writers: * the proactive - database wellness job for OOD. * Readers: * the proactive database - wellness job + This field is deprecated and will be removed from a future version + of the API. Use the `settings.settingsVersion` field instead. + instanceType: type: string + enum: + - SQL_INSTANCE_TYPE_UNSPECIFIED + - CLOUD_SQL_INSTANCE + - ON_PREMISES_INSTANCE + - READ_REPLICA_INSTANCE + - READ_POOL_INSTANCE enumDescriptions: - - Unspecified state - - The instance has plenty space on data disk + - This is an unknown Cloud SQL instance type. - >- - Data disk is almost used up. It is shutdown to prevent data - corruption. - enum: - - SQL_OUT_OF_DISK_STATE_UNSPECIFIED - - NORMAL - - SOFT_SHUTDOWN - sqlMinRecommendedIncreaseSizeGb: - description: >- - The minimum recommended increase size in GigaBytes This field is - consumed by the frontend * Writers: * the proactive database - wellness job for OOD. * Readers: - type: integer - format: int32 - AvailableDatabaseVersion: - id: AvailableDatabaseVersion - description: An available database version. It can be a major or a minor version. - type: object - properties: - majorVersion: - description: The version's major version name. - type: string - name: - description: >- - The database version name. For MySQL 8.0, this string provides the - database major and minor version. - type: string - displayName: - description: The database version's display name. - type: string - ReplicationCluster: - id: ReplicationCluster - description: >- - A primary instance and disaster recovery (DR) replica pair. A DR replica - is a cross-region replica that you designate for failover in the event - that the primary instance experiences regional failure. Applicable to - MySQL and PostgreSQL. - type: object - properties: - psaWriteEndpoint: - description: >- - Output only. If set, this field indicates this instance has a - private service access (PSA) DNS endpoint that is pointing to the - primary instance of the cluster. If this instance is the primary, - then the DNS endpoint points to this instance. After a switchover or - replica failover operation, this DNS endpoint points to the promoted - instance. This is a read-only field, returned to the user as - information. This field can exist even if a standalone instance - doesn't have a DR replica yet or the DR replica is deleted. - readOnly: true - type: string - failoverDrReplicaName: - description: >- - Optional. If the instance is a primary instance, then this field - identifies the disaster recovery (DR) replica. A DR replica is an - optional configuration for Enterprise Plus edition instances. If the - instance is a read replica, then the field is not set. Set this - field to a replica name to designate a DR replica for a primary - instance. Remove the replica name to remove the DR replica - designation. + A regular Cloud SQL instance that is not replicating from a + primary instance. + - >- + An instance running on the customer's premises that is not managed + by Cloud SQL. + - A Cloud SQL instance acting as a read-replica. + - A Cloud SQL read pool. + description: The instance type. + ipv6Address: type: string - drReplica: - description: >- - Output only. Read-only field that indicates whether the replica is a - DR replica. This field is not set if the instance is a primary - instance. - readOnly: true - type: boolean - GeminiInstanceConfig: - id: GeminiInstanceConfig - description: Gemini instance configuration. - type: object - properties: - entitled: - description: Output only. Whether Gemini is enabled. - readOnly: true - type: boolean - googleVacuumMgmtEnabled: - description: Output only. Whether the vacuum management is enabled. - readOnly: true - type: boolean - oomSessionCancelEnabled: - description: >- - Output only. Whether canceling the out-of-memory (OOM) session is - enabled. - readOnly: true - type: boolean - activeQueryEnabled: - description: Output only. Whether the active query is enabled. - readOnly: true - type: boolean - indexAdvisorEnabled: - description: Output only. Whether the index advisor is enabled. - readOnly: true - type: boolean - flagRecommenderEnabled: - description: Output only. Whether the flag recommender is enabled. - readOnly: true - type: boolean - PoolNodeConfig: - id: PoolNodeConfig - description: Details of a single read pool node of a read pool. - type: object - properties: - name: + deprecated: true description: >- - Output only. The name of the read pool node, to be used for - retrieving metrics and logs. - readOnly: true + The IPv6 address assigned to the instance. (Deprecated) This + property was applicable only to First Generation instances. + selfLink: + description: The URI of this resource. type: string - gceZone: - description: Output only. The zone of the read pool node. - readOnly: true + rootPassword: type: string - ipAddresses: description: >- - Output only. Mappings containing IP addresses that can be used to - connect to the read pool node. - readOnly: true - type: array - items: - $ref: '#/components/schemas/IpMapping' - dnsName: - description: Output only. The DNS name of the read pool node. - readOnly: true - type: string - state: - description: Output only. The current state of the read pool node. - readOnly: true - type: string - enumDescriptions: - - The state of the instance is unknown. - - The instance is running, or has been stopped by owner. - - >- - The instance is not available, for example due to problems with - billing. - - The instance is being deleted. - - The instance is being created. - - The instance is down for maintenance. - - >- - The creation of the instance failed or a fatal error occurred - during maintenance. - - Deprecated - - >- - (Applicable to read pool nodes only.) The read pool node needs to - be repaired. The database might be unavailable. - enumDeprecated: - - false - - false - - false - - false - - false - - false - - false - - true - - false + Initial root password. Use only on creation. You must set root + passwords before you can connect to PostgreSQL instances. + databaseVersion: enum: - - SQL_INSTANCE_STATE_UNSPECIFIED - - RUNNABLE - - SUSPENDED - - PENDING_DELETE - - PENDING_CREATE - - MAINTENANCE - - FAILED - - ONLINE_MAINTENANCE - - REPAIRING - dnsNames: - description: Output only. The list of DNS names used by this read pool node. + - SQL_DATABASE_VERSION_UNSPECIFIED + - MYSQL_5_1 + - MYSQL_5_5 + - MYSQL_5_6 + - MYSQL_5_7 + - MYSQL_8_0 + - MYSQL_8_0_18 + - MYSQL_8_0_26 + - MYSQL_8_0_27 + - MYSQL_8_0_28 + - MYSQL_8_0_29 + - MYSQL_8_0_30 + - MYSQL_8_0_31 + - MYSQL_8_0_32 + - MYSQL_8_0_33 + - MYSQL_8_0_34 + - MYSQL_8_0_35 + - MYSQL_8_0_36 + - MYSQL_8_0_37 + - MYSQL_8_0_39 + - MYSQL_8_0_40 + - MYSQL_8_0_41 + - MYSQL_8_0_42 + - MYSQL_8_0_43 + - MYSQL_8_0_44 + - MYSQL_8_0_45 + - MYSQL_8_0_46 + - MYSQL_8_4 + - SQLSERVER_2017_STANDARD + - SQLSERVER_2017_ENTERPRISE + - SQLSERVER_2017_EXPRESS + - SQLSERVER_2017_WEB + - POSTGRES_9_6 + - POSTGRES_10 + - POSTGRES_11 + - POSTGRES_12 + - POSTGRES_13 + - POSTGRES_14 + - POSTGRES_15 + - POSTGRES_16 + - POSTGRES_17 + - POSTGRES_18 + - SQLSERVER_2019_STANDARD + - SQLSERVER_2019_ENTERPRISE + - SQLSERVER_2019_EXPRESS + - SQLSERVER_2019_WEB + - SQLSERVER_2022_STANDARD + - SQLSERVER_2022_ENTERPRISE + - SQLSERVER_2022_EXPRESS + - SQLSERVER_2022_WEB + enumDescriptions: + - This is an unknown database version. + - The database version is MySQL 5.1. + - The database version is MySQL 5.5. + - The database version is MySQL 5.6. + - The database version is MySQL 5.7. + - The database version is MySQL 8. + - >- + The database major version is MySQL 8.0 and the minor version is + 18. + - >- + The database major version is MySQL 8.0 and the minor version is + 26. + - >- + The database major version is MySQL 8.0 and the minor version is + 27. + - >- + The database major version is MySQL 8.0 and the minor version is + 28. + - >- + The database major version is MySQL 8.0 and the minor version is + 29. + - >- + The database major version is MySQL 8.0 and the minor version is + 30. + - >- + The database major version is MySQL 8.0 and the minor version is + 31. + - >- + The database major version is MySQL 8.0 and the minor version is + 32. + - >- + The database major version is MySQL 8.0 and the minor version is + 33. + - >- + The database major version is MySQL 8.0 and the minor version is + 34. + - >- + The database major version is MySQL 8.0 and the minor version is + 35. + - >- + The database major version is MySQL 8.0 and the minor version is + 36. + - >- + The database major version is MySQL 8.0 and the minor version is + 37. + - >- + The database major version is MySQL 8.0 and the minor version is + 39. + - >- + The database major version is MySQL 8.0 and the minor version is + 40. + - >- + The database major version is MySQL 8.0 and the minor version is + 41. + - >- + The database major version is MySQL 8.0 and the minor version is + 42. + - >- + The database major version is MySQL 8.0 and the minor version is + 43. + - >- + The database major version is MySQL 8.0 and the minor version is + 44. + - >- + The database major version is MySQL 8.0 and the minor version is + 45. + - >- + The database major version is MySQL 8.0 and the minor version is + 46. + - The database version is MySQL 8.4. + - The database version is SQL Server 2017 Standard. + - The database version is SQL Server 2017 Enterprise. + - The database version is SQL Server 2017 Express. + - The database version is SQL Server 2017 Web. + - The database version is PostgreSQL 9.6. + - The database version is PostgreSQL 10. + - The database version is PostgreSQL 11. + - The database version is PostgreSQL 12. + - The database version is PostgreSQL 13. + - The database version is PostgreSQL 14. + - The database version is PostgreSQL 15. + - The database version is PostgreSQL 16. + - The database version is PostgreSQL 17. + - The database version is PostgreSQL 18. + - The database version is SQL Server 2019 Standard. + - The database version is SQL Server 2019 Enterprise. + - The database version is SQL Server 2019 Express. + - The database version is SQL Server 2019 Web. + - The database version is SQL Server 2022 Standard. + - The database version is SQL Server 2022 Enterprise. + - The database version is SQL Server 2022 Express. + - The database version is SQL Server 2022 Web. + type: string + enumDeprecated: + - false + - true + - true + - false + - false + - false + - false + - false + - false + - false + - true + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + description: >- + The database engine type and version. The `databaseVersion` field + cannot be changed after instance creation. + maintenanceVersion: + type: string + description: The current software version on the instance. + nodeCount: + type: integer + format: int32 + description: The number of read pool nodes in a read pool. + project: + description: >- + The project ID of the project containing the Cloud SQL instance. The + Google apps domain is prefixed if applicable. + type: string + maxDiskSize: + description: The maximum disk size of the instance in bytes. + format: int64 + deprecated: true + type: string + dnsNames: readOnly: true type: array + description: Output only. The list of DNS names used by this instance. items: $ref: '#/components/schemas/DnsNameMapping' - DnsNameMapping: - id: DnsNameMapping - description: DNS metadata. - type: object - properties: - name: - description: The DNS name. + primaryDnsName: + description: 'Output only. DEPRECATED: please use write_endpoint instead.' type: string - connectionType: - description: Output only. The connection type of the DNS name. + deprecated: true readOnly: true - type: string - enumDescriptions: - - Unknown connection type. - - Public IP. - - Private services access (private IP). - - Private Service Connect. - enum: - - CONNECTION_TYPE_UNSPECIFIED - - PUBLIC - - PRIVATE_SERVICES_ACCESS - - PRIVATE_SERVICE_CONNECT - dnsScope: - description: Output only. The scope that the DNS name applies to. + upgradableDatabaseVersions: + description: Output only. All database versions that are available for upgrade. + items: + $ref: '#/components/schemas/AvailableDatabaseVersion' + type: array readOnly: true + state: type: string - enumDescriptions: - - Unknown DNS scope. - - Indicates a instance-level DNS name. enum: - - DNS_SCOPE_UNSPECIFIED - - INSTANCE - InstancesImportRequest: - id: InstancesImportRequest - description: Database instance import request. - type: object - properties: - importContext: - description: Contains details about the import operation. - $ref: '#/components/schemas/ImportContext' - InstancesListResponse: - id: InstancesListResponse - description: Database instances list response. - type: object - properties: - kind: - description: This is always `sql#instancesList`. + - SQL_INSTANCE_STATE_UNSPECIFIED + - RUNNABLE + - SUSPENDED + - PENDING_DELETE + - PENDING_CREATE + - MAINTENANCE + - FAILED + - ONLINE_MAINTENANCE + - REPAIRING + description: The current serving state of the Cloud SQL instance. + enumDescriptions: + - The state of the instance is unknown. + - The instance is running, or has been stopped by owner. + - >- + The instance is not available, for example due to problems with + billing. + - The instance is being deleted. + - The instance is being created. + - The instance is down for maintenance. + - >- + The creation of the instance failed or a fatal error occurred + during maintenance. + - Deprecated + - >- + (Applicable to read pool nodes only.) The read pool node needs to + be repaired. The database might be unavailable. + enumDeprecated: + - false + - false + - false + - false + - false + - false + - false + - true + - false + databaseInstalledVersion: type: string - warnings: - description: List of warnings that occurred while handling the request. - type: array - items: - $ref: '#/components/schemas/ApiWarning' - items: - description: List of database instance resources. - type: array - items: - $ref: '#/components/schemas/DatabaseInstance' - nextPageToken: + readOnly: true description: >- - The continuation token, used to page through large result sets. - Provide this value in a subsequent request to return the next page - of results. - type: string - InstancesListServerCasResponse: - id: InstancesListServerCasResponse - description: Instances ListServerCas response. - type: object - properties: - certs: - description: List of server CA certificates for the instance. - type: array - items: - $ref: '#/components/schemas/SslCert' - activeVersion: + Output only. Stores the current database version running on the + instance including minor version such as `MYSQL_8_0_18`. + currentDiskSize: + format: int64 + deprecated: true type: string + description: >- + The current disk usage of the instance in bytes. This property has + been deprecated. Use the + "cloudsql.googleapis.com/database/disk/bytes_used" metric in Cloud + Monitoring API instead. Please see [this + announcement](https://groups.google.com/d/msg/google-cloud-sql-announce/I_7-F9EBhT0/BtvFtdFeAgAJ) + for details. + tags: + type: object + description: >- + Optional. Input only. Immutable. Tag keys and tag values that are + bound to this instance. You must represent each item in the map as: + `"" : ""`. For example, a single resource can have the following + tags: ``` "123/environment": "production", "123/costCenter": + "marketing", ``` For more information on tag creation and + management, see + https://cloud.google.com/resource-manager/docs/tags/tags-overview. + additionalProperties: + type: string + geminiConfig: + $ref: '#/components/schemas/GeminiInstanceConfig' + description: Gemini instance configuration. + satisfiesPzi: + readOnly: true + description: >- + Output only. This status indicates whether the instance satisfies + PZI. The status is reserved for future use. + type: boolean + diskEncryptionStatus: + description: Disk encryption status specific to an instance. + $ref: '#/components/schemas/DiskEncryptionStatus' + switchTransactionLogsToCloudStorageEnabled: + type: boolean + description: >- + Input only. Whether Cloud SQL is enabled to switch storing + point-in-time recovery log files from a data disk to Cloud Storage. kind: - description: This is always `sql#instancesListServerCas`. + description: This is always `sql#instance`. type: string - InstancesListServerCertificatesResponse: - id: InstancesListServerCertificatesResponse - description: Instances ListServerCertificates response. - type: object - properties: - caCerts: - description: List of server CA certificates for the instance. + suspensionReason: type: array + description: If the instance state is SUSPENDED, the reason for the suspension. items: - $ref: '#/components/schemas/SslCert' - serverCerts: - description: >- - List of server certificates for the instance, signed by the - corresponding CA from the `ca_certs` list. + enumDescriptions: + - This is an unknown suspension reason. + - >- + The instance is suspended due to billing issues (for example:, + account issue) + - >- + The instance is suspended due to illegal content (for example:, + child pornography, copyrighted material, etc.). + - >- + The instance is causing operational issues (for example:, + causing the database to crash). + - >- + The KMS key used by the instance is either revoked or denied + access to + type: string + enum: + - SQL_SUSPENSION_REASON_UNSPECIFIED + - BILLING_ISSUE + - LEGAL_ISSUE + - OPERATIONAL_ISSUE + - KMS_KEY_ISSUE + replicaNames: type: array + description: The replicas of the instance. items: - $ref: '#/components/schemas/SslCert' - activeVersion: - description: >- - The `sha1_fingerprint` of the active certificate from - `server_certs`. - type: string - kind: - description: This is always `sql#instancesListServerCertificates`. + type: string + sqlNetworkArchitecture: + enum: + - SQL_NETWORK_ARCHITECTURE_UNSPECIFIED + - NEW_NETWORK_ARCHITECTURE + - OLD_NETWORK_ARCHITECTURE + enumDescriptions: + - '' + - The instance uses the new network architecture. + - The instance uses the old network architecture. type: string - InstancesRestoreBackupRequest: - id: InstancesRestoreBackupRequest - description: Database instance restore backup request. - type: object - properties: - restoreBackupContext: - description: Parameters required to perform the restore backup operation. - $ref: '#/components/schemas/RestoreBackupContext' - backup: + nodes: + items: + $ref: '#/components/schemas/PoolNodeConfig' + readOnly: true + type: array description: >- - The name of the backup that's used to restore a Cloud SQL instance: - Format: projects/{project-id}/backups/{backup-uid}. Only one of - restore_backup_context, backup, backupdr_backup can be passed to the - input. - type: string - backupdrBackup: + Output only. Entries containing information about each read pool + node of the read pool. + serverCaCert: + description: SSL configuration. + $ref: '#/components/schemas/SslCert' + outOfDiskReport: description: >- - The name of the backup that's used to restore a Cloud SQL instance: - Format: - "projects/{project-id}/locations/{location}/backupVaults/{backupvault}/dataSources/{datasource}/backups/{backup-uid}". - Only one of restore_backup_context, backup, backupdr_backup can be - passed to the input. + This field represents the report generated by the proactive database + wellness job for OutOfDisk issues. * Writers: * the proactive + database wellness job for OOD. * Readers: * the proactive database + wellness job + $ref: '#/components/schemas/SqlOutOfDiskReport' + diskEncryptionConfiguration: + description: Disk encryption configuration specific to an instance. + $ref: '#/components/schemas/DiskEncryptionConfiguration' + ipAddresses: + items: + $ref: '#/components/schemas/IpMapping' + type: array + description: The assigned IP addresses for the instance. + gceZone: + description: >- + The Compute Engine zone that the instance is currently serving from. + This value could be different from the zone that was specified when + the instance was created if the instance has failed over to its + secondary zone. WARNING: Changing this might restart the instance. type: string - restoreInstanceSettings: + scheduledMaintenance: description: >- - Optional. By using this parameter, Cloud SQL overrides any instance - settings stored in the backup you are restoring from. You can't - change the instance's major database version and you can only - increase the disk size. You can use this field to restore new - instances only. This field is not applicable for restore to existing - instances. - $ref: '#/components/schemas/DatabaseInstance' - restoreInstanceClearOverridesFieldNames: + The start time of any upcoming scheduled maintenance for this + instance. + $ref: '#/components/schemas/SqlScheduledMaintenance' + failoverReplica: + description: The name and status of the failover replica. + type: object + properties: + name: + type: string + description: >- + The name of the failover replica. If specified at instance + creation, a failover replica is created for the instance. The + name doesn't include the project ID. + available: + description: >- + The availability status of the failover replica. A false status + indicates that the failover replica is out of sync. The primary + instance can only failover to the failover replica when the + status is true. + type: boolean + onPremisesConfiguration: + description: Configuration specific to on-premises instances. + $ref: '#/components/schemas/OnPremisesConfiguration' + backendType: description: >- - Optional. This field has the same purpose as - restore_instance_settings, changes any instance settings stored in - the backup you are restoring from. With the difference that these - fields are cleared in the settings. - type: array - items: - type: string - RestoreBackupContext: - id: RestoreBackupContext - description: >- - Database instance restore from backup context. Backup context contains - source instance id and project id. - type: object - properties: - kind: - description: This is always `sql#restoreBackupContext`. + The backend type. `SECOND_GEN`: Cloud SQL database instance. + `EXTERNAL`: A database server that is not managed by Google. This + property is read-only; use the `tier` property in the `settings` + object to determine the database type. + enumDescriptions: + - This is an unknown backend type for instance. + - V1 speckle instance. + - V2 speckle instance. + - On premises instance. + enum: + - SQL_BACKEND_TYPE_UNSPECIFIED + - FIRST_GEN + - SECOND_GEN + - EXTERNAL + enumDeprecated: + - false + - true + - false + - false type: string - backupRunId: - description: The ID of the backup run to restore from. + serviceAccountEmailAddress: type: string - format: int64 - instanceId: - description: The ID of the instance that the backup was taken from. + description: >- + The service account email address assigned to the instance.\This + property is read-only. + name: + description: >- + Name of the Cloud SQL instance. This does not include the project + ID. type: string - project: - description: The full project ID of the source instance. + secondaryGceZone: type: string - InstancesRotateServerCaRequest: - id: InstancesRotateServerCaRequest - description: Rotate server CA request. + description: >- + The Compute Engine zone that the failover instance is currently + serving from for a regional instance. This value could be different + from the zone that was specified when the instance was created if + the instance has failed over to its secondary/failover zone. type: object + description: A Cloud SQL instance resource. + SqlInstancesReleaseSsrsLeaseResponse: properties: - rotateServerCaContext: - description: Contains details about the rotate server CA operation. - $ref: '#/components/schemas/RotateServerCaContext' - RotateServerCaContext: - id: RotateServerCaContext - description: Instance rotate server CA context. + operationId: + type: string + description: The unique identifier for this operation. + id: SqlInstancesReleaseSsrsLeaseResponse + description: Response for the release SSRS lease request. type: object + Row: + description: Contains the values for a row. properties: - kind: - description: This is always `sql#rotateServerCaContext`. - type: string - nextVersion: + values: + description: The values for the row. + items: + $ref: '#/components/schemas/Value' + type: array + id: Row + type: object + PerformanceCaptureConfig: + properties: + probingIntervalSeconds: + format: int32 + description: Optional. The time interval in seconds between any two probes. + type: integer + probeThreshold: description: >- - The fingerprint of the next version to be rotated to. If left - unspecified, will be rotated to the most recently added server CA - version. - type: string - InstancesRotateServerCertificateRequest: - id: InstancesRotateServerCertificateRequest - description: Rotate server certificate request. + Optional. The minimum number of consecutive readings above threshold + that triggers instance state capture. + format: int32 + type: integer + secondsBehindSourceThreshold: + type: integer + format: int32 + description: >- + Optional. The minimum number of seconds replica must be lagging + behind primary to trigger capture on replica. + transactionDurationThreshold: + type: integer + format: int32 + description: >- + Optional. The amount of time in seconds that a transaction needs to + have been open before the watcher starts recording it. + runningThreadsThreshold: + type: integer + format: int32 + description: >- + Optional. The minimum number of server threads running to trigger + the capture on primary. + enabled: + description: Optional. Enable or disable the Performance Capture feature. + type: boolean type: object + description: Performance Capture configuration. + id: PerformanceCaptureConfig + Message: + description: Represents a notice or warning message from the database. properties: - rotateServerCertificateContext: + message: description: >- - Optional. Contains details about the rotate server certificate - operation. - $ref: '#/components/schemas/RotateServerCertificateContext' - RotateServerCertificateContext: - id: RotateServerCertificateContext - description: Instance rotate server certificate context. + The full message string. For PostgreSQL, this is a formatted string + that may include severity, code, and the notice/warning message. For + MySQL, this contains the warning message. + type: string + severity: + type: string + description: >- + The severity of the message (e.g., "NOTICE" for PostgreSQL, + "WARNING" for MySQL). type: object + id: Message + SqlInstancesGetDiskShrinkConfigResponse: + id: SqlInstancesGetDiskShrinkConfigResponse properties: + minimalTargetSizeGb: + description: The minimum size to which a disk can be shrunk in GigaBytes. + format: int64 + type: string kind: - description: Optional. This is always `sql#rotateServerCertificateContext`. + description: This is always `sql#getDiskShrinkConfig`. type: string - nextVersion: - description: >- - The fingerprint of the next version to be rotated to. If left - unspecified, will be rotated to the most recently added server - certificate version. + message: + description: Additional message to customers. type: string - InstancesTruncateLogRequest: - id: InstancesTruncateLogRequest - description: Instance truncate log request. + description: Instance get disk shrink config response. type: object - properties: - truncateLogContext: - description: Contains details about the truncate log operation. - $ref: '#/components/schemas/TruncateLogContext' - TruncateLogContext: - id: TruncateLogContext - description: Database Instance truncate log context. + SyncFlags: type: object + description: >- + Initial sync flags for certain Cloud SQL APIs. Currently used for the + MySQL external server initial dump. + id: SyncFlags properties: - kind: - description: This is always `sql#truncateLogContext`. + name: type: string - logType: + description: The name of the flag. + value: description: >- - The type of log to truncate. Valid values are `MYSQL_GENERAL_TABLE` - and `MYSQL_SLOW_TABLE`. + The value of the flag. This field must be omitted if the flag + doesn't take a value. type: string - SslCertsCreateEphemeralRequest: - id: SslCertsCreateEphemeralRequest - description: SslCerts create ephemeral certificate request. + OperationErrors: + id: OperationErrors + description: Database instance operation errors list wrapper. type: object properties: - public_key: - description: PEM encoded public key to include in the signed certificate. - type: string - access_token: - description: Access token to include in the signed certificate. + errors: + items: + $ref: '#/components/schemas/OperationError' + description: The list of errors encountered while processing this operation. + type: array + kind: + description: This is always `sql#operationErrors`. type: string - SqlInstancesRescheduleMaintenanceRequestBody: - id: SqlInstancesRescheduleMaintenanceRequestBody - description: Reschedule options for maintenance windows. + InstancesRotateServerCaRequest: type: object properties: - reschedule: - description: Required. The type of the reschedule the user wants. - $ref: '#/components/schemas/Reschedule' - Reschedule: - id: Reschedule - type: object + rotateServerCaContext: + description: Contains details about the rotate server CA operation. + $ref: '#/components/schemas/RotateServerCaContext' + description: Rotate server CA request. + id: InstancesRotateServerCaRequest + MaintenanceWindow: + description: >- + Maintenance window. This specifies when a Cloud SQL instance is + restarted for system maintenance purposes. properties: - rescheduleType: - description: Required. The type of the reschedule. + kind: type: string - enumDescriptions: - - '' - - Reschedules maintenance to happen now (within 5 minutes). - - >- - Reschedules maintenance to occur within one week from the - originally scheduled day and time. - - Reschedules maintenance to a specific time and day. - enum: - - RESCHEDULE_TYPE_UNSPECIFIED - - IMMEDIATE - - NEXT_AVAILABLE_WINDOW - - SPECIFIC_TIME - scheduleTime: + description: This is always `sql#maintenanceWindow`. + hour: + format: int32 + description: Hour of day - 0 to 23. Specify in the UTC time zone. + type: integer + day: + type: integer + format: int32 description: >- - Optional. Timestamp when the maintenance shall be rescheduled to if - reschedule_type=SPECIFIC_TIME, in [RFC - 3339](https://tools.ietf.org/html/rfc3339) format, for example - `2012-11-15T16:19:00.094Z`. - type: string - format: google-datetime - SqlInstancesVerifyExternalSyncSettingsRequest: - id: SqlInstancesVerifyExternalSyncSettingsRequest - description: Instance verify external sync settings request. - type: object - properties: - verifyConnectionOnly: - description: Flag to enable verifying connection only - type: boolean - syncMode: - description: External sync mode + Day of week - `MONDAY`, `TUESDAY`, `WEDNESDAY`, `THURSDAY`, + `FRIDAY`, `SATURDAY`, or `SUNDAY`. Specify in the UTC time zone. + Returned in output as an integer, 1 to 7, where `1` equals Monday. + updateTrack: type: string + enum: + - SQL_UPDATE_TRACK_UNSPECIFIED + - canary + - stable + - week5 + description: >- + Maintenance timing settings: `canary`, `stable`, or `week5`. For + more information, see [About maintenance on Cloud SQL + instances](https://cloud.google.com/sql/docs/mysql/maintenance). enumDescriptions: - - Unknown external sync mode, will be defaulted to ONLINE mode - - >- - Online external sync will set up replication after initial data - external sync + - This is an unknown maintenance timing preference. - >- - Offline external sync only dumps and loads a one-time snapshot of - the primary instance's data - enum: - - EXTERNAL_SYNC_MODE_UNSPECIFIED - - ONLINE - - OFFLINE - verifyReplicationOnly: - description: Optional. Flag to verify settings required by replication setup only + For an instance with a scheduled maintenance window, this + maintenance timing indicates that the maintenance update is + scheduled 7 to 14 days after the notification is sent out. Also + referred to as `Week 1` (Console) and `preview` (gcloud CLI). + - >- + For an instance with a scheduled maintenance window, this + maintenance timing indicates that the maintenance update is + scheduled 15 to 21 days after the notification is sent out. Also + referred to as `Week 2` (Console) and `production` (gcloud CLI). + - >- + For instance with a scheduled maintenance window, this maintenance + timing indicates that the maintenance update is scheduled 35 to 42 + days after the notification is sent out. + id: MaintenanceWindow + type: object + OperationMetadata: + description: Represents the metadata of the long-running operation. + type: object + id: OperationMetadata + properties: + createTime: + readOnly: true + description: Output only. The time the operation was created. + type: string + format: google-datetime + apiVersion: + description: Output only. API version used to start the operation. + readOnly: true + type: string + endTime: + format: google-datetime + readOnly: true + type: string + description: Output only. The time the operation finished running. + target: + description: >- + Output only. Server-defined resource path for the target of the + operation. + readOnly: true + type: string + verb: + description: Output only. Name of the verb executed by the operation. + type: string + readOnly: true + cancelRequested: type: boolean - mysqlSyncConfig: - description: Optional. MySQL-specific settings for start external sync. - $ref: '#/components/schemas/MySqlSyncConfig' - migrationType: + readOnly: true description: >- - Optional. MigrationType configures the migration to use physical - files or logical dump files. If not set, then the logical dump file - configuration is used. Valid values are `LOGICAL` or `PHYSICAL`. - Only applicable to MySQL. + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have been cancelled successfully + have google.longrunning.Operation.error value with a + google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. + statusDetail: + readOnly: true + description: Output only. Human-readable status of the operation, if any. + type: string + ConnectionPoolConfig: + type: object + description: The managed connection pooling configuration. + properties: + poolerCount: + type: integer + description: Output only. Number of connection poolers. + format: int32 + readOnly: true + connectionPoolingEnabled: + description: Whether managed connection pooling is enabled. + type: boolean + flags: + type: array + description: Optional. List of connection pool configuration flags. + items: + $ref: '#/components/schemas/ConnectionPoolFlags' + id: ConnectionPoolConfig + InstancesFailoverRequest: + properties: + failoverContext: + description: Failover Context. + $ref: '#/components/schemas/FailoverContext' + description: Instance failover request. + type: object + id: InstancesFailoverRequest + InstancesDemoteRequest: + id: InstancesDemoteRequest + properties: + demoteContext: + description: Required. Contains details about the demote operation. + $ref: '#/components/schemas/DemoteContext' + type: object + description: >- + This request is used to demote an existing standalone instance to be a + Cloud SQL read replica for an external database server. + SqlInstancesStartExternalSyncRequest: + id: SqlInstancesStartExternalSyncRequest + type: object + description: Instance start external sync request. + properties: + skipVerification: + type: boolean + description: Whether to skip the verification step (VESS). + migrationType: type: string enumDescriptions: - Default value is a logical dump file-based migration - Logical dump file-based migration - Physical file-based migration + description: >- + Optional. MigrationType configures the migration to use physical + files or logical dump files. If not set, then the logical dump file + configuration is used. Valid values are `LOGICAL` or `PHYSICAL`. + Only applicable to MySQL. enum: - MIGRATION_TYPE_UNSPECIFIED - LOGICAL - PHYSICAL - syncParallelLevel: + replicaOverwriteEnabled: description: >- - Optional. Parallel level for initial data sync. Only applicable for - PostgreSQL. + Optional. MySQL only. True if end-user has confirmed that this SES + call will wipe replica databases overlapping with the proposed + selected_objects. If this field is not set and there are both + overlapping and additional databases proposed, an error will be + returned. + type: boolean + syncMode: + type: string + description: External sync mode. + enum: + - EXTERNAL_SYNC_MODE_UNSPECIFIED + - ONLINE + - OFFLINE + enumDescriptions: + - Unknown external sync mode, will be defaulted to ONLINE mode + - >- + Online external sync will set up replication after initial data + external sync + - >- + Offline external sync only dumps and loads a one-time snapshot of + the primary instance's data + syncParallelLevel: type: string enumDescriptions: - Unknown sync parallel level. Will be defaulted to OPTIMAL. @@ -3497,282 +2794,101 @@ components: - MIN - OPTIMAL - MAX - selectedObjects: description: >- - Optional. Migrate only the specified objects from the source - instance. If this field is empty, then migrate all objects. - type: array - items: - $ref: '#/components/schemas/ExternalSyncSelectedObject' - MySqlSyncConfig: - id: MySqlSyncConfig - description: MySQL-specific external server sync settings. + Optional. Parallel level for initial data sync. Currently only + applicable for MySQL. + mysqlSyncConfig: + description: MySQL-specific settings for start external sync. + $ref: '#/components/schemas/MySqlSyncConfig' + DemoteMasterConfiguration: type: object - properties: - initialSyncFlags: - description: Flags to use for the initial dump. - type: array - items: - $ref: '#/components/schemas/SyncFlags' - SyncFlags: - id: SyncFlags description: >- - Initial sync flags for certain Cloud SQL APIs. Currently used for the - MySQL external server initial dump. - type: object + Read-replica configuration for connecting to the on-premises primary + instance. + id: DemoteMasterConfiguration properties: - name: - description: The name of the flag. - type: string - value: + mysqlReplicaConfiguration: + $ref: '#/components/schemas/DemoteMasterMySqlReplicaConfiguration' description: >- - The value of the flag. This field must be omitted if the flag - doesn't take a value. + MySQL specific configuration when replicating from a MySQL + on-premises primary instance. Replication configuration information + such as the username, password, certificates, and keys are not + stored in the instance metadata. The configuration information is + used only to set up the replication connection and is stored by + MySQL in a file named `master.info` in the data directory. + kind: type: string - ExternalSyncSelectedObject: - id: ExternalSyncSelectedObject - description: The selected object that Cloud SQL migrates. - type: object + description: This is always `sql#demoteMasterConfiguration`. + GeminiInstanceConfig: properties: - database: - description: The name of the database that Cloud SQL migrates. - type: string - SqlInstancesVerifyExternalSyncSettingsResponse: - id: SqlInstancesVerifyExternalSyncSettingsResponse - description: Instance verify external sync settings response. + activeQueryEnabled: + type: boolean + description: Output only. Whether the active query is enabled. + readOnly: true + flagRecommenderEnabled: + description: Output only. Whether the flag recommender is enabled. + readOnly: true + type: boolean + indexAdvisorEnabled: + readOnly: true + type: boolean + description: Output only. Whether the index advisor is enabled. + googleVacuumMgmtEnabled: + description: Output only. Whether the vacuum management is enabled. + readOnly: true + type: boolean + oomSessionCancelEnabled: + description: >- + Output only. Whether canceling the out-of-memory (OOM) session is + enabled. + readOnly: true + type: boolean + entitled: + description: Output only. Whether Gemini is enabled. + type: boolean + readOnly: true + description: Gemini instance configuration. type: object - properties: - kind: - description: This is always `sql#migrationSettingErrorList`. - type: string - errors: - description: List of migration violations. - type: array - items: - $ref: '#/components/schemas/SqlExternalSyncSettingError' - warnings: - description: List of migration warnings. - type: array - items: - $ref: '#/components/schemas/SqlExternalSyncSettingError' - SqlExternalSyncSettingError: - id: SqlExternalSyncSettingError - description: External primary instance migration setting error/warning. + id: GeminiInstanceConfig + SqlInstancesVerifyExternalSyncSettingsRequest: type: object + description: Instance verify external sync settings request. properties: - kind: + verifyConnectionOnly: + type: boolean + description: Flag to enable verifying connection only + mysqlSyncConfig: + $ref: '#/components/schemas/MySqlSyncConfig' + description: Optional. MySQL-specific settings for start external sync. + selectedObjects: description: >- - Can be `sql#externalSyncSettingError` or - `sql#externalSyncSettingWarning`. - type: string - type: - description: Identifies the specific error that occurred. + Optional. Migrate only the specified objects from the source + instance. If this field is empty, then migrate all objects. + items: + $ref: '#/components/schemas/ExternalSyncSelectedObject' + type: array + syncParallelLevel: type: string enumDescriptions: - - '' - - '' - - '' - - '' - - '' - - The replication user is missing privileges that are required. - - Unsupported migration type. - - >- - No pglogical extension installed on databases, applicable for - postgres. - - >- - pglogical node already exists on databases, applicable for - postgres. - - The value of parameter wal_level is not set to logical. - - >- - The value of parameter shared_preload_libraries does not include - pglogical. - - The value of parameter max_replication_slots is not sufficient. - - The value of parameter max_wal_senders is not sufficient. - - The value of parameter max_worker_processes is not sufficient. - - >- - Extensions installed are either not supported or having - unsupported versions. - - The value of parameter rds.logical_replication is not set to 1. - - The primary instance logging setup doesn't allow EM sync. - - >- - The primary instance database parameter setup doesn't allow EM - sync. - - The gtid_mode is not supported, applicable for MySQL. - - SQL Server Agent is not running. - - >- - The table definition is not support due to missing primary key or - replica identity, applicable for postgres. Note that this is a - warning and won't block the migration. - - The customer has a definer that will break EM setup. - - SQL Server @@SERVERNAME does not match actual host name. - - The primary instance has been setup and will fail the setup. - - The primary instance has unsupported binary log format. - - The primary instance's binary log retention setting. - - The primary instance has tables with unsupported storage engine. - - >- - Source has tables with limited support eg: PostgreSQL tables - without primary keys. - - The replica instance contains existing data. - - The replication user is missing privileges that are optional. - - >- - Additional BACKUP_ADMIN privilege is granted to the replication - user which may lock source MySQL 8 instance for DDLs during - initial sync. - - The Cloud Storage bucket is missing necessary permissions. - - >- - The Cloud Storage bucket has an error in the file or contains - invalid file information. - - >- - The source instance has unsupported database settings for - migration. - - >- - The replication user is missing parallel import specific - privileges. (e.g. LOCK TABLES) for MySQL. - - >- - The global variable local_infile is off on external server - replica. - - >- - This code instructs customers to turn on point-in-time recovery - manually for the instance after promoting the Cloud SQL for - PostgreSQL instance. - - >- - The minor version of replica database is incompatible with the - source. - - >- - This warning message indicates that Cloud SQL uses the maximum - number of subscriptions to migrate data from the source to the - destination. - - Unable to verify definers on the source for MySQL. - - >- - If a time out occurs while the subscription counts are calculated, - then this value is set to 1. Otherwise, this value is set to 2. - - >- - Count of subscriptions needed to sync source data for PostgreSQL - database. - - Final parallel level that is used to do migration. - - >- - The disk size of the replica instance is smaller than the data - size of the source instance. - - >- - The data size of the source instance is greater than 1 TB, the - number of cores of the replica instance is less than 8, and the - memory of the replica is less than 32 GB. - - >- - The warning message indicates the unsupported extensions will not - be migrated to the destination. - - >- - The warning message indicates the pg_cron extension and settings - will not be migrated to the destination. - - >- - The error message indicates that pg_cron flags are enabled on the - destination which is not supported during the migration. - - >- - This error message indicates that the specified extensions are not - enabled on destination instance. For example, before you can - migrate data to the destination instance, you must enable the - PGAudit extension on the instance. - - >- - The source database has generated columns that can't be migrated. - Please change them to regular columns before migration. - - >- - The source database has users that aren't created in the replica. - First, create all users, which are in the pg_user_mappings table - of the source database, in the destination instance. Then, perform - the migration. - - >- - The selected objects include system objects that aren't supported - for migration. - - >- - The source database has tables with the FULL or NOTHING replica - identity. Before starting your migration, either remove the - identity or change it to DEFAULT. Note that this is an error and - will block the migration. - - The selected objects don't exist on the source instance. - - >- - PSC only destination instance does not have a network attachment - URI. - - >- - Selected objects reference unselected objects. Based on their - object type (foreign key constraint or view), selected objects - will fail during migration. - - >- - The migration will delete existing data in the replica; set - replica_overwrite_enabled in the request to acknowledge this. This - is an error. MySQL only. - - >- - The migration will delete existing data in the replica; - replica_overwrite_enabled was set in the request acknowledging - this. This is a warning rather than an error. MySQL only. + - Unknown sync parallel level. Will be defaulted to OPTIMAL. + - Minimal parallel level. + - Optimal parallel level. + - Maximum parallel level. enum: - - SQL_EXTERNAL_SYNC_SETTING_ERROR_TYPE_UNSPECIFIED - - CONNECTION_FAILURE - - BINLOG_NOT_ENABLED - - INCOMPATIBLE_DATABASE_VERSION - - REPLICA_ALREADY_SETUP - - INSUFFICIENT_PRIVILEGE - - UNSUPPORTED_MIGRATION_TYPE - - NO_PGLOGICAL_INSTALLED - - PGLOGICAL_NODE_ALREADY_EXISTS - - INVALID_WAL_LEVEL - - INVALID_SHARED_PRELOAD_LIBRARY - - INSUFFICIENT_MAX_REPLICATION_SLOTS - - INSUFFICIENT_MAX_WAL_SENDERS - - INSUFFICIENT_MAX_WORKER_PROCESSES - - UNSUPPORTED_EXTENSIONS - - INVALID_RDS_LOGICAL_REPLICATION - - INVALID_LOGGING_SETUP - - INVALID_DB_PARAM - - UNSUPPORTED_GTID_MODE - - SQLSERVER_AGENT_NOT_RUNNING - - UNSUPPORTED_TABLE_DEFINITION - - UNSUPPORTED_DEFINER - - SQLSERVER_SERVERNAME_MISMATCH - - PRIMARY_ALREADY_SETUP - - UNSUPPORTED_BINLOG_FORMAT - - BINLOG_RETENTION_SETTING - - UNSUPPORTED_STORAGE_ENGINE - - LIMITED_SUPPORT_TABLES - - EXISTING_DATA_IN_REPLICA - - MISSING_OPTIONAL_PRIVILEGES - - RISKY_BACKUP_ADMIN_PRIVILEGE - - INSUFFICIENT_GCS_PERMISSIONS - - INVALID_FILE_INFO - - UNSUPPORTED_DATABASE_SETTINGS - - MYSQL_PARALLEL_IMPORT_INSUFFICIENT_PRIVILEGE - - LOCAL_INFILE_OFF - - TURN_ON_PITR_AFTER_PROMOTE - - INCOMPATIBLE_DATABASE_MINOR_VERSION - - SOURCE_MAX_SUBSCRIPTIONS - - UNABLE_TO_VERIFY_DEFINERS - - SUBSCRIPTION_CALCULATION_STATUS - - PG_SUBSCRIPTION_COUNT - - PG_SYNC_PARALLEL_LEVEL - - INSUFFICIENT_DISK_SIZE - - INSUFFICIENT_MACHINE_TIER - - UNSUPPORTED_EXTENSIONS_NOT_MIGRATED - - EXTENSIONS_NOT_MIGRATED - - PG_CRON_FLAG_ENABLED_IN_REPLICA - - EXTENSIONS_NOT_ENABLED_IN_REPLICA - - UNSUPPORTED_COLUMNS - - USERS_NOT_CREATED_IN_REPLICA - - UNSUPPORTED_SYSTEM_OBJECTS - - UNSUPPORTED_TABLES_WITH_REPLICA_IDENTITY - - SELECTED_OBJECTS_NOT_EXIST_ON_SOURCE - - PSC_ONLY_INSTANCE_WITH_NO_NETWORK_ATTACHMENT_URI - - SELECTED_OBJECTS_REFERENCE_UNSELECTED_OBJECTS - - PROMPT_DELETE_EXISTING - - WILL_DELETE_EXISTING - detail: - description: Additional information about the error encountered. - type: string - SqlInstancesStartExternalSyncRequest: - id: SqlInstancesStartExternalSyncRequest - description: Instance start external sync request. - type: object - properties: + - EXTERNAL_SYNC_PARALLEL_LEVEL_UNSPECIFIED + - MIN + - OPTIMAL + - MAX + description: >- + Optional. Parallel level for initial data sync. Only applicable for + PostgreSQL. syncMode: - description: External sync mode. type: string + enum: + - EXTERNAL_SYNC_MODE_UNSPECIFIED + - ONLINE + - OFFLINE + description: External sync mode enumDescriptions: - Unknown external sync mode, will be defaulted to ONLINE mode - >- @@ -3781,258 +2897,158 @@ components: - >- Offline external sync only dumps and loads a one-time snapshot of the primary instance's data - enum: - - EXTERNAL_SYNC_MODE_UNSPECIFIED - - ONLINE - - OFFLINE - skipVerification: - description: Whether to skip the verification step (VESS). - type: boolean - mysqlSyncConfig: - description: MySQL-specific settings for start external sync. - $ref: '#/components/schemas/MySqlSyncConfig' - syncParallelLevel: - description: >- - Optional. Parallel level for initial data sync. Currently only - applicable for MySQL. - type: string - enumDescriptions: - - Unknown sync parallel level. Will be defaulted to OPTIMAL. - - Minimal parallel level. - - Optimal parallel level. - - Maximum parallel level. - enum: - - EXTERNAL_SYNC_PARALLEL_LEVEL_UNSPECIFIED - - MIN - - OPTIMAL - - MAX migrationType: + type: string description: >- Optional. MigrationType configures the migration to use physical files or logical dump files. If not set, then the logical dump file configuration is used. Valid values are `LOGICAL` or `PHYSICAL`. Only applicable to MySQL. - type: string - enumDescriptions: - - Default value is a logical dump file-based migration - - Logical dump file-based migration - - Physical file-based migration enum: - MIGRATION_TYPE_UNSPECIFIED - LOGICAL - PHYSICAL - replicaOverwriteEnabled: - description: >- - Optional. MySQL only. True if end-user has confirmed that this SES - call will wipe replica databases overlapping with the proposed - selected_objects. If this field is not set and there are both - overlapping and additional databases proposed, an error will be - returned. + enumDescriptions: + - Default value is a logical dump file-based migration + - Logical dump file-based migration + - Physical file-based migration + verifyReplicationOnly: type: boolean - PerformDiskShrinkContext: - id: PerformDiskShrinkContext - description: Perform disk shrink context. + description: Optional. Flag to verify settings required by replication setup only + id: SqlInstancesVerifyExternalSyncSettingsRequest + InstancesExportRequest: type: object + id: InstancesExportRequest + description: Database instance export request. properties: - targetSizeGb: - description: The target disk shrink size in GigaBytes. - type: string - format: int64 - SqlInstancesGetDiskShrinkConfigResponse: - id: SqlInstancesGetDiskShrinkConfigResponse - description: Instance get disk shrink config response. + exportContext: + description: Contains details about the export operation. + $ref: '#/components/schemas/ExportContext' + TargetMetric: type: object + id: TargetMetric properties: - kind: - description: This is always `sql#getDiskShrinkConfig`. - type: string - minimalTargetSizeGb: - description: The minimum size to which a disk can be shrunk in GigaBytes. + targetValue: + description: The target value for the metric. + type: number + format: float + metric: + description: The metric name to be used for auto scaling. + type: string + description: Target metric for read pool auto scaling. + RestoreBackupContext: + id: RestoreBackupContext + description: >- + Database instance restore from backup context. Backup context contains + source instance id and project id. + type: object + properties: + backupRunId: type: string format: int64 - message: - description: Additional message to customers. + description: The ID of the backup run to restore from. + instanceId: + description: The ID of the instance that the backup was taken from. type: string - SqlInstancesResetReplicaSizeRequest: - id: SqlInstancesResetReplicaSizeRequest - description: Instance reset replica size request. - type: object - properties: {} - SqlInstancesGetLatestRecoveryTimeResponse: - id: SqlInstancesGetLatestRecoveryTimeResponse - description: Instance get latest recovery time response. - type: object - properties: kind: - description: This is always `sql#getLatestRecoveryTime`. + description: This is always `sql#restoreBackupContext`. type: string - latestRecoveryTime: - description: >- - Timestamp, identifies the latest recovery time of the source - instance. + project: + description: The full project ID of the source instance. type: string - format: google-datetime - ExecuteSqlPayload: - id: ExecuteSqlPayload - description: The request payload used to execute SQL statements. - type: object + Tier: + description: A Google Cloud SQL service tier resource. properties: - sqlStatement: - description: >- - Required. SQL statements to run on the database. It can be a single - statement or a sequence of statements separated by semicolons. - type: string - database: - description: >- - Optional. Name of the database on which the statement will be - executed. + region: + items: + type: string + type: array + description: The applicable regions for this tier. + kind: type: string - autoIamAuthn: - description: >- - Optional. When set to true, the API caller identity associated with - the request is used for database authentication. The API caller must - be an IAM user in the database. - type: boolean - rowLimit: - description: Optional. The maximum number of rows returned per SQL statement. + description: This is always `sql#tier`. + DiskQuota: + format: int64 type: string + description: The maximum disk size of this tier in bytes. + RAM: + description: The maximum RAM usage of this tier in bytes. format: int64 - SqlInstancesExecuteSqlResponse: - id: SqlInstancesExecuteSqlResponse - description: Execute SQL statements response. - type: object - properties: - metadata: + type: string + tier: description: >- - The additional metadata information regarding the execution of the - SQL statements. - $ref: '#/components/schemas/Metadata' - results: - description: The list of results after executing all the SQL statements. - type: array - items: - $ref: '#/components/schemas/QueryResult' - Metadata: - id: Metadata - description: >- - The additional metadata information regarding the execution of the SQL - statements. - type: object - properties: - sqlStatementExecutionTime: - description: The time taken to execute the SQL statements. + An identifier for the machine type, for example, `db-custom-1-3840`. + For related information, see [Pricing](/sql/pricing). type: string - format: google-duration - QueryResult: - id: QueryResult - description: QueryResult contains the result of executing a single SQL statement. + id: Tier type: object + InstancesListResponse: properties: - columns: - description: >- - List of columns included in the result. This also includes the data - type of the column. - type: array + items: items: - $ref: '#/components/schemas/Column' - rows: - description: Rows returned by the SQL statement. + $ref: '#/components/schemas/DatabaseInstance' + description: List of database instance resources. type: array - items: - $ref: '#/components/schemas/Row' - message: - description: Message related to the SQL execution result. - type: string - partialResult: + nextPageToken: description: >- - Set to true if the SQL execution's result is truncated due to size - limits. - type: boolean - Column: - id: Column - description: Contains the name and datatype of a column. - type: object - properties: - name: - description: Name of the column. + The continuation token, used to page through large result sets. + Provide this value in a subsequent request to return the next page + of results. type: string - type: - description: Datatype of the column. + kind: type: string - Row: - id: Row - description: Contains the values for a row. - type: object - properties: - values: - description: The values for the row. - type: array + description: This is always `sql#instancesList`. + warnings: items: - $ref: '#/components/schemas/Value' - Value: - id: Value - description: The cell value of the table. - type: object - properties: - value: - description: The cell value in string format. - type: string - nullValue: - description: If cell value is null, then this flag will be set to true. - type: boolean - InstancesAcquireSsrsLeaseRequest: - id: InstancesAcquireSsrsLeaseRequest - description: Request to acquire a lease for SSRS. - type: object - properties: - acquireSsrsLeaseContext: - description: Contains details about the acquire SSRS lease operation. - $ref: '#/components/schemas/AcquireSsrsLeaseContext' - SqlInstancesAcquireSsrsLeaseResponse: - id: SqlInstancesAcquireSsrsLeaseResponse - description: Response for the acquire SSRS lease request. - type: object - properties: - operationId: - description: The unique identifier for this operation. - type: string - SqlInstancesReleaseSsrsLeaseResponse: - id: SqlInstancesReleaseSsrsLeaseResponse - description: Response for the release SSRS lease request. + $ref: '#/components/schemas/ApiWarning' + description: List of warnings that occurred while handling the request. + type: array + description: Database instances list response. type: object - properties: - operationId: - description: The unique identifier for this operation. - type: string + id: InstancesListResponse PointInTimeRestoreContext: id: PointInTimeRestoreContext description: >- The context to perform a point-in-time recovery of an instance managed - by Google Cloud Backup and Disaster Recovery. + by Backup and Disaster Recovery (DR) Service. type: object properties: - datasource: + targetInstance: + description: Target instance name. + type: string + preferredSecondaryZone: description: >- - The Google Cloud Backup and Disaster Recovery Datasource URI. - Format: - projects/{project}/locations/{region}/backupVaults/{backupvault}/dataSources/{datasource}. + Optional. Point-in-time recovery of a regional instance in the + specified zones. If not specified, clone to the same secondary zone + as the source instance. This value cannot be the same as the + preferred_zone field. type: string + privateNetwork: + type: string + description: >- + Optional. The resource link for the VPC network from which the Cloud + SQL instance is accessible for private IP. For example, + `/projects/myProject/global/networks/default`. pointInTime: + format: google-datetime description: >- Required. The date and time to which you want to restore the instance. type: string - format: google-datetime - targetInstance: - description: Target instance name. + datasource: type: string - privateNetwork: description: >- - Optional. The resource link for the VPC network from which the Cloud - SQL instance is accessible for private IP. For example, - `/projects/myProject/global/networks/default`. + The Backup and Disaster Recovery (DR) Service Datasource URI. + Format: + projects/{project}/locations/{region}/backupVaults/{backupvault}/dataSources/{datasource}. + preferredZone: + description: >- + Optional. Point-in-time recovery of an instance to the specified + zone. If no zone is specified, then clone to the same primary zone + as the source instance. type: string allocatedIpRange: + type: string description: >- Optional. The name of the allocated IP range for the internal IP Cloud SQL instance. For example: "google-managed-services-default". @@ -4042,899 +3058,716 @@ components: Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. Reserved for future use. - type: string - preferredZone: - description: >- - Optional. Point-in-time recovery of an instance to the specified - zone. If no zone is specified, then clone to the same primary zone - as the source instance. - type: string - preferredSecondaryZone: - description: >- - Optional. Point-in-time recovery of a regional instance in the - specified zones. If not specified, clone to the same secondary zone - as the source instance. This value cannot be the same as the - preferred_zone field. - type: string - BackupRun: - id: BackupRun - description: A BackupRun resource. - type: object + DatabasesListResponse: + id: DatabasesListResponse + description: Database list response. properties: kind: - description: This is always `sql#backupRun`. + description: This is always `sql#databasesList`. type: string - status: - description: The status of this run. + items: + items: + $ref: '#/components/schemas/Database' + description: List of database resources in the instance. + type: array + type: object + SslCert: + type: object + description: SslCerts Resource + properties: + createTime: + format: google-datetime type: string - enumDescriptions: - - The status of the run is unknown. - - The backup operation was enqueued. - - >- - The backup is overdue across a given backup window. Indicates a - problem. Example: Long-running operation in progress during the - whole window. - - The backup is in progress. - - The backup failed. - - The backup was successful. - - >- - The backup was skipped (without problems) for a given backup - window. Example: Instance was idle. - - The backup is about to be deleted. - - The backup deletion failed. - - The backup has been deleted. - enum: - - SQL_BACKUP_RUN_STATUS_UNSPECIFIED - - ENQUEUED - - OVERDUE - - RUNNING - - FAILED - - SUCCESSFUL - - SKIPPED - - DELETION_PENDING - - DELETION_FAILED - - DELETED - enqueuedTime: description: >- - The time the run was enqueued in UTC timezone in [RFC + The time when the certificate was created in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example - `2012-11-15T16:19:00.094Z`. + `2012-11-15T16:19:00.094Z` + kind: + description: This is always `sql#sslCert`. type: string - format: google-datetime - id: - description: >- - The identifier for this backup run. Unique only for a specific Cloud - SQL instance. + certSerialNumber: type: string - format: int64 - startTime: - description: >- - The time the backup operation actually started in UTC timezone in - [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example - `2012-11-15T16:19:00.094Z`. + description: Serial number, as extracted from the certificate. + expirationTime: type: string - format: google-datetime - endTime: description: >- - The time the backup operation completed in UTC timezone in [RFC + The time when the certificate expires in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example `2012-11-15T16:19:00.094Z`. - type: string format: google-datetime - error: - description: >- - Information about why the backup operation failed. This is only - present if the run has the FAILED status. - $ref: '#/components/schemas/OperationError' - type: - description: >- - The type of this run; can be either "AUTOMATED" or "ON_DEMAND" or - "FINAL". This field defaults to "ON_DEMAND" and is ignored, when - specified for insert requests. + selfLink: + type: string + description: The URI of this resource. + cert: + description: PEM representation. + type: string + commonName: + description: User supplied name. Constrained to [a-zA-Z.-_ ]+. + type: string + sha1Fingerprint: + description: Sha1 Fingerprint. + type: string + instance: type: string + description: Name of the database instance. + id: SslCert + Settings: + description: Database instance settings. + id: Settings + properties: + userLabels: + description: >- + User-provided labels, represented as a dictionary where each label + is a single key value pair. + type: object + additionalProperties: + type: string + replicationType: enumDescriptions: - - This is an unknown BackupRun type. - - The backup schedule automatically triggers a backup. - - The user manually triggers a backup. + - This is an unknown replication type for a Cloud SQL instance. + - >- + The synchronous replication mode for First Generation instances. + It is the default value. + - >- + The asynchronous replication mode for First Generation instances. + It provides a slight performance gain, but if an outage occurs + while this option is set to asynchronous, you can lose up to a few + seconds of updates to your data. enum: - - SQL_BACKUP_RUN_TYPE_UNSPECIFIED - - AUTOMATED - - ON_DEMAND - description: - description: The description of this run, only applicable to on-demand backups. + - SQL_REPLICATION_TYPE_UNSPECIFIED + - SYNCHRONOUS + - ASYNCHRONOUS type: string - windowStartTime: description: >- - The start time of the backup window during which this the backup was - attempted in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, - for example `2012-11-15T16:19:00.094Z`. + The type of replication this instance uses. This can be either + `ASYNCHRONOUS` or `SYNCHRONOUS`. (Deprecated) This property was only + applicable to First Generation instances. + deprecated: true + ipConfiguration: + $ref: '#/components/schemas/IpConfiguration' + description: >- + The settings for IP Management. This allows to enable or disable the + instance IP and manage which external networks can connect to the + instance. The IPv4 address cannot be disabled for Second Generation + instances. + crashSafeReplicationEnabled: + type: boolean + description: >- + Configuration specific to read replica instances. Indicates whether + database flags for crash-safe replication are enabled. This property + was only applicable to First Generation instances. + deprecated: true + dataDiskProvisionedIops: + description: >- + Optional. Provisioned number of I/O operations per second for the + data disk. This field is only used for hyperdisk-balanced disk + types. + format: int64 type: string - format: google-datetime - instance: - description: Name of the database instance. + backupConfiguration: + $ref: '#/components/schemas/BackupConfiguration' + description: The daily backup configuration for the instance. + settingsVersion: + description: >- + The version of instance settings. This is a required field for + update method to make sure concurrent updates are handled properly. + During update, use the most recent settingsVersion value for this + instance and do not try to update this value. + format: int64 type: string - selfLink: - description: The URI of this resource. + denyMaintenancePeriods: + description: Deny maintenance periods + items: + $ref: '#/components/schemas/DenyMaintenancePeriod' + type: array + dataDiskSizeGb: + format: int64 type: string - location: - description: Location of the backups. + description: The size of data disk, in GB. The data disk size minimum is 10GB. + availabilityType: + enumDescriptions: + - This is an unknown Availability type. + - Zonal available instance. + - Regional available instance. type: string - databaseVersion: + enum: + - SQL_AVAILABILITY_TYPE_UNSPECIFIED + - ZONAL + - REGIONAL description: >- - Output only. The instance database version at the time this backup - was made. - readOnly: true + Availability type. Potential values: * `ZONAL`: The instance serves + data from only one zone. Outages in that zone affect data + accessibility. * `REGIONAL`: The instance can serve data from more + than one zone in a region (it is highly available)./ For more + information, see [Overview of the High Availability + Configuration](https://cloud.google.com/sql/docs/mysql/high-availability). + dataDiskType: + description: >- + The type of data disk: `PD_SSD` (default) or `PD_HDD`. Not used for + First Generation instances. type: string + enum: + - SQL_DATA_DISK_TYPE_UNSPECIFIED + - PD_SSD + - PD_HDD + - OBSOLETE_LOCAL_SSD + - HYPERDISK_BALANCED enumDescriptions: - - This is an unknown database version. - - The database version is MySQL 5.1. - - The database version is MySQL 5.5. - - The database version is MySQL 5.6. - - The database version is MySQL 5.7. - - The database version is MySQL 8. - - >- - The database major version is MySQL 8.0 and the minor version is - 18. - - >- - The database major version is MySQL 8.0 and the minor version is - 26. - - >- - The database major version is MySQL 8.0 and the minor version is - 27. - - >- - The database major version is MySQL 8.0 and the minor version is - 28. - - >- - The database major version is MySQL 8.0 and the minor version is - 29. - - >- - The database major version is MySQL 8.0 and the minor version is - 30. + - This is an unknown data disk type. + - An SSD data disk. + - An HDD data disk. - >- - The database major version is MySQL 8.0 and the minor version is - 31. - - >- - The database major version is MySQL 8.0 and the minor version is - 32. - - >- - The database major version is MySQL 8.0 and the minor version is - 33. - - >- - The database major version is MySQL 8.0 and the minor version is - 34. - - >- - The database major version is MySQL 8.0 and the minor version is - 35. - - >- - The database major version is MySQL 8.0 and the minor version is - 36. - - >- - The database major version is MySQL 8.0 and the minor version is - 37. - - >- - The database major version is MySQL 8.0 and the minor version is - 39. - - >- - The database major version is MySQL 8.0 and the minor version is - 40. - - >- - The database major version is MySQL 8.0 and the minor version is - 41. - - >- - The database major version is MySQL 8.0 and the minor version is - 42. - - >- - The database major version is MySQL 8.0 and the minor version is - 43. - - >- - The database major version is MySQL 8.0 and the minor version is - 44. - - >- - The database major version is MySQL 8.0 and the minor version is - 45. - - >- - The database major version is MySQL 8.0 and the minor version is - 46. - - The database version is MySQL 8.4. - - The database version is SQL Server 2017 Standard. - - The database version is SQL Server 2017 Enterprise. - - The database version is SQL Server 2017 Express. - - The database version is SQL Server 2017 Web. - - The database version is PostgreSQL 9.6. - - The database version is PostgreSQL 10. - - The database version is PostgreSQL 11. - - The database version is PostgreSQL 12. - - The database version is PostgreSQL 13. - - The database version is PostgreSQL 14. - - The database version is PostgreSQL 15. - - The database version is PostgreSQL 16. - - The database version is PostgreSQL 17. - - The database version is SQL Server 2019 Standard. - - The database version is SQL Server 2019 Enterprise. - - The database version is SQL Server 2019 Express. - - The database version is SQL Server 2019 Web. - - The database version is SQL Server 2022 Standard. - - The database version is SQL Server 2022 Enterprise. - - The database version is SQL Server 2022 Express. - - The database version is SQL Server 2022 Web. + This field is deprecated and will be removed from a future version + of the API. + - A Hyperdisk Balanced data disk. enumDeprecated: - - false - - true - - true - - false - - false - - false - - false - false - false - false - true - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - enum: - - SQL_DATABASE_VERSION_UNSPECIFIED - - MYSQL_5_1 - - MYSQL_5_5 - - MYSQL_5_6 - - MYSQL_5_7 - - MYSQL_8_0 - - MYSQL_8_0_18 - - MYSQL_8_0_26 - - MYSQL_8_0_27 - - MYSQL_8_0_28 - - MYSQL_8_0_29 - - MYSQL_8_0_30 - - MYSQL_8_0_31 - - MYSQL_8_0_32 - - MYSQL_8_0_33 - - MYSQL_8_0_34 - - MYSQL_8_0_35 - - MYSQL_8_0_36 - - MYSQL_8_0_37 - - MYSQL_8_0_39 - - MYSQL_8_0_40 - - MYSQL_8_0_41 - - MYSQL_8_0_42 - - MYSQL_8_0_43 - - MYSQL_8_0_44 - - MYSQL_8_0_45 - - MYSQL_8_0_46 - - MYSQL_8_4 - - SQLSERVER_2017_STANDARD - - SQLSERVER_2017_ENTERPRISE - - SQLSERVER_2017_EXPRESS - - SQLSERVER_2017_WEB - - POSTGRES_9_6 - - POSTGRES_10 - - POSTGRES_11 - - POSTGRES_12 - - POSTGRES_13 - - POSTGRES_14 - - POSTGRES_15 - - POSTGRES_16 - - POSTGRES_17 - - SQLSERVER_2019_STANDARD - - SQLSERVER_2019_ENTERPRISE - - SQLSERVER_2019_EXPRESS - - SQLSERVER_2019_WEB - - SQLSERVER_2022_STANDARD - - SQLSERVER_2022_ENTERPRISE - - SQLSERVER_2022_EXPRESS - - SQLSERVER_2022_WEB - diskEncryptionConfiguration: - description: Encryption configuration specific to a backup. - $ref: '#/components/schemas/DiskEncryptionConfiguration' - diskEncryptionStatus: - description: Encryption status specific to a backup. - $ref: '#/components/schemas/DiskEncryptionStatus' - backupKind: - description: Specifies the kind of backup, PHYSICAL or DEFAULT_SNAPSHOT. - type: string + sqlServerAuditConfig: + $ref: '#/components/schemas/SqlServerAuditConfig' + description: SQL Server specific audit configuration. + locationPreference: + description: >- + The location preference settings. This allows the instance to be + located as near as possible to either an App Engine app or Compute + Engine zone for better performance. App Engine co-location was only + applicable to First Generation instances. + $ref: '#/components/schemas/LocationPreference' + connectorEnforcement: + description: >- + Specifies if connections must use Cloud SQL connectors. Option + values include the following: `NOT_REQUIRED` (Cloud SQL instances + can be connected without Cloud SQL Connectors) and `REQUIRED` (Only + allow connections that use Cloud SQL Connectors). Note that using + REQUIRED disables all existing authorized networks. If this field is + not specified when creating a new instance, NOT_REQUIRED is used. If + this field is not specified when patching or updating an existing + instance, it is left unchanged in the instance. enumDescriptions: - - This is an unknown BackupKind. - - Snapshot-based backups. - - Physical backups. + - The requirement for Cloud SQL connectors is unknown. + - Do not require Cloud SQL connectors. + - >- + Require all connections to use Cloud SQL connectors, including the + Cloud SQL Auth Proxy and Cloud SQL Java, Python, and Go + connectors. Note: This disables all existing authorized networks. + type: string enum: - - SQL_BACKUP_KIND_UNSPECIFIED - - SNAPSHOT - - PHYSICAL - timeZone: + - CONNECTOR_ENFORCEMENT_UNSPECIFIED + - NOT_REQUIRED + - REQUIRED + tier: description: >- - Backup time zone to prevent restores to an instance with a different - time zone. Now relevant only for SQL Server. - type: string - maxChargeableBytes: - description: Output only. The maximum chargeable bytes for the backup. - readOnly: true - type: string - format: int64 - BackupRunsListResponse: - id: BackupRunsListResponse - description: Backup run list results. - type: object - properties: - kind: - description: This is always `sql#backupRunsList`. + The tier (or machine type) for this instance, for example + `db-custom-1-3840`. WARNING: Changing this restarts the instance. type: string - items: + finalBackupConfig: + $ref: '#/components/schemas/FinalBackupConfig' + description: Optional. The final backup configuration for the instance. + authorizedGaeApplications: description: >- - A list of backup runs in reverse chronological order of the enqueued - time. - type: array + The App Engine app IDs that can access this instance. (Deprecated) + Applied to First Generation instances only. items: - $ref: '#/components/schemas/BackupRun' - nextPageToken: - description: >- - The continuation token, used to page through large result sets. - Provide this value in a subsequent request to return the next page - of results. + type: string + type: array + deprecated: true + edition: + enum: + - EDITION_UNSPECIFIED + - ENTERPRISE + - ENTERPRISE_PLUS + description: Optional. The edition of the instance. + enumDescriptions: + - The instance did not specify the edition. + - The instance is an enterprise edition. + - The instance is an Enterprise Plus edition. type: string - Backup: - id: Backup - description: 'A backup resource. Next ID: 30' - type: object - properties: - name: + activeDirectoryConfig: description: >- - Output only. The resource name of the backup. Format: - projects/{project}/backups/{backup}. - readOnly: true - type: string - kind: - description: Output only. This is always `sql#backup`. - readOnly: true - type: string - selfLink: - description: Output only. The URI of this resource. - readOnly: true + Active Directory configuration, relevant only for Cloud SQL for SQL + Server. + $ref: '#/components/schemas/SqlActiveDirectoryConfig' + collation: type: string - type: + description: The name of server Instance collation. + dataApiAccess: description: >- - Output only. The type of this backup. The type can be "AUTOMATED", - "ON_DEMAND" or “FINAL”. - readOnly: true - type: string + This parameter controls whether to allow using ExecuteSql API to + connect to the instance. Not allowed by default. enumDescriptions: - - This is an unknown backup type. - - The backup schedule triggers a backup automatically. - - The user triggers a backup manually. - - The backup created when instance is deleted. + - Unspecified, effectively the same as `DISALLOW_DATA_API`. + - Disallow using ExecuteSql API to connect to the instance. + - >- + Allow using ExecuteSql API to connect to the instance. For private + IP instances, this allows authorized users to access the instance + from the public internet using ExecuteSql API. enum: - - SQL_BACKUP_TYPE_UNSPECIFIED - - AUTOMATED - - ON_DEMAND - - FINAL - description: - description: The description of this backup. - type: string - instance: - description: The name of the source database instance. + - DATA_API_ACCESS_UNSPECIFIED + - DISALLOW_DATA_API + - ALLOW_DATA_API type: string - location: + storageAutoResize: description: >- - The storage location of the backups. The location can be - multi-regional. - type: string - backupInterval: + Configuration to increase storage size automatically. The default + value is true. + type: boolean + advancedMachineFeatures: description: >- - Output only. This output contains the following values: start_time: - All database writes up to this time are available. end_time: Any - database writes after this time aren't available. - readOnly: true - $ref: '#/components/schemas/Interval' - state: - description: Output only. The status of this backup. - readOnly: true - type: string + Specifies advanced machine configuration for the instances relevant + only for SQL Server. + $ref: '#/components/schemas/AdvancedMachineFeatures' + pricingPlan: enumDescriptions: - - The state of the backup is unknown. - - The backup that's added to a queue. - - The backup is in progress. - - The backup failed. - - The backup is successful. - - The backup is being deleted. - - Deletion of the backup failed. + - This is an unknown pricing plan for this instance. + - The instance is billed at a monthly flat rate. + - The instance is billed per usage. enum: - - SQL_BACKUP_STATE_UNSPECIFIED - - ENQUEUED - - RUNNING - - FAILED - - SUCCESSFUL - - DELETING - - DELETION_FAILED - error: + - SQL_PRICING_PLAN_UNSPECIFIED + - PACKAGE + - PER_USE description: >- - Output only. Information about why the backup operation fails (for - example, when the backup state fails). - readOnly: true - $ref: '#/components/schemas/OperationError' - kmsKey: + The pricing plan for this instance. This can be either `PER_USE` or + `PACKAGE`. Only `PER_USE` is supported for Second Generation + instances. + type: string + enableDataplexIntegration: description: >- - Output only. This output contains the encryption configuration for a - backup and the resource name of the KMS key for disk encryption. - readOnly: true + Optional. By default, Cloud SQL instances have schema extraction + disabled for Dataplex. When this parameter is set to true, schema + extraction for Dataplex on Cloud SQL instances is activated. + type: boolean + storageAutoResizeLimit: type: string - kmsKeyVersion: description: >- - Output only. This output contains the encryption status for a backup - and the version of the KMS key that's used to encrypt the Cloud SQL - instance. - readOnly: true + The maximum size to which storage capacity can be automatically + increased. The default value is 0, which specifies that there is no + limit. + format: int64 + passwordValidationPolicy: + $ref: '#/components/schemas/PasswordValidationPolicy' + description: The local user password validation policy of the instance. + dataDiskProvisionedThroughput: + format: int64 type: string - backupKind: description: >- - Output only. Specifies the kind of backup, PHYSICAL or - DEFAULT_SNAPSHOT. - readOnly: true + Optional. Provisioned throughput measured in MiB per second for the + data disk. This field is only used for hyperdisk-balanced disk + types. + insightsConfig: + description: Insights configuration, for now relevant only for Postgres. + $ref: '#/components/schemas/InsightsConfig' + databaseFlags: + type: array + description: The database flags passed to the instance at startup. + items: + $ref: '#/components/schemas/DatabaseFlags' + connectionPoolConfig: + description: >- + Optional. The managed connection pooling configuration for the + instance. + $ref: '#/components/schemas/ConnectionPoolConfig' + deletionProtectionEnabled: + description: Configuration to protect against accidental instance deletion. + type: boolean + enableGoogleMlIntegration: + description: >- + Optional. When this parameter is set to true, Cloud SQL instances + can connect to Vertex AI to pass requests for real-time predictions + and insights to the AI. The default value is false. This applies + only to Cloud SQL for MySQL and Cloud SQL for PostgreSQL instances. + type: boolean + entraidConfig: + description: >- + Optional. The Microsoft Entra ID configuration for the SQL Server + instance. + $ref: '#/components/schemas/SqlServerEntraIdConfig' + readPoolAutoScaleConfig: + description: Optional. The read pool auto-scale configuration for the instance. + $ref: '#/components/schemas/ReadPoolAutoScaleConfig' + replicationLagMaxSeconds: + description: >- + Optional. Configuration value for recreation of replica after + certain replication lag + type: integer + format: int32 + databaseReplicationEnabled: + description: >- + Configuration specific to read replica instances. Indicates whether + replication is enabled or not. WARNING: Changing this restarts the + instance. + type: boolean + dataCacheConfig: + description: Configuration for data cache. + $ref: '#/components/schemas/DataCacheConfig' + timeZone: + description: Server timezone, relevant only for Cloud SQL for SQL Server. + type: string + activationPolicy: type: string enumDescriptions: - - This is an unknown BackupKind. - - Snapshot-based backups. - - Physical backups. + - Unknown activation plan. + - The instance is always up and running. + - The instance never starts. + - The instance starts upon receiving requests. + description: >- + The activation policy specifies when the instance is activated; it + is applicable only when the instance state is RUNNABLE. Valid + values: * `ALWAYS`: The instance is on, and remains so even in the + absence of connection requests. * `NEVER`: The instance is off; it + is not activated, even if a connection request arrives. enum: - - SQL_BACKUP_KIND_UNSPECIFIED - - SNAPSHOT - - PHYSICAL - timeZone: + - SQL_ACTIVATION_POLICY_UNSPECIFIED + - ALWAYS + - NEVER + - ON_DEMAND + enumDeprecated: + - false + - false + - false + - true + performanceCaptureConfig: description: >- - Output only. This output contains a backup time zone. If a Cloud SQL - for SQL Server instance has a different time zone from the backup's - time zone, then the restore to the instance doesn't happen. - readOnly: true + Optional. Configuration for Performance Capture, provides diagnostic + metrics during high load situations. + $ref: '#/components/schemas/PerformanceCaptureConfig' + maintenanceWindow: + description: >- + The maintenance window for this instance. This specifies when the + instance can be restarted for maintenance purposes. + $ref: '#/components/schemas/MaintenanceWindow' + retainBackupsOnDelete: + type: boolean + description: >- + Optional. When this parameter is set to true, Cloud SQL retains + backups of the instance even after the instance is deleted. The + ON_DEMAND backup will be retained until customer deletes the backup + or the project. The AUTOMATED backup will be retained based on the + backups retention setting. + kind: + description: This is always `sql#settings`. type: string - ttlDays: + autoUpgradeEnabled: description: >- - Input only. The time-to-live (TTL) interval for this resource (in - days). For example: ttlDays:7, means 7 days from the current time. - The expiration time can't exceed 365 days from the time that the - backup is created. + Optional. Cloud SQL for MySQL auto-upgrade configuration. When this + parameter is set to true, auto-upgrade is enabled for MySQL 8.0 + minor versions. The MySQL version must be 8.0.35 or higher. + type: boolean + type: object + UsersListResponse: + id: UsersListResponse + type: object + properties: + kind: type: string - format: int64 - expiryTime: - description: Backup expiration time. A UTC timestamp of when this backup expired. + description: This is always `sql#usersList`. + items: + description: List of user resources in the instance. + type: array + items: + $ref: '#/components/schemas/User' + nextPageToken: + description: Unused. + deprecated: true type: string - format: google-datetime - databaseVersion: + description: User list response. + PscAutoConnectionConfig: + type: object + id: PscAutoConnectionConfig + description: >- + Settings for an automatically-setup Private Service Connect consumer + endpoint that is used to connect to a Cloud SQL instance. + properties: + consumerNetwork: description: >- - Output only. The database version of the instance of at the time - this backup was made. - readOnly: true + Optional. The consumer network of this consumer endpoint. This must + be a resource path that includes both the host project and the + network name. For example, + `projects/project1/global/networks/network1`. The consumer host + project of this network might be different from the consumer service + project. type: string - enumDescriptions: - - This is an unknown database version. - - The database version is MySQL 5.1. - - The database version is MySQL 5.5. - - The database version is MySQL 5.6. - - The database version is MySQL 5.7. - - The database version is MySQL 8. - - >- - The database major version is MySQL 8.0 and the minor version is - 18. - - >- - The database major version is MySQL 8.0 and the minor version is - 26. - - >- - The database major version is MySQL 8.0 and the minor version is - 27. - - >- - The database major version is MySQL 8.0 and the minor version is - 28. - - >- - The database major version is MySQL 8.0 and the minor version is - 29. - - >- - The database major version is MySQL 8.0 and the minor version is - 30. - - >- - The database major version is MySQL 8.0 and the minor version is - 31. - - >- - The database major version is MySQL 8.0 and the minor version is - 32. - - >- - The database major version is MySQL 8.0 and the minor version is - 33. - - >- - The database major version is MySQL 8.0 and the minor version is - 34. - - >- - The database major version is MySQL 8.0 and the minor version is - 35. - - >- - The database major version is MySQL 8.0 and the minor version is - 36. - - >- - The database major version is MySQL 8.0 and the minor version is - 37. - - >- - The database major version is MySQL 8.0 and the minor version is - 39. - - >- - The database major version is MySQL 8.0 and the minor version is - 40. - - >- - The database major version is MySQL 8.0 and the minor version is - 41. - - >- - The database major version is MySQL 8.0 and the minor version is - 42. - - >- - The database major version is MySQL 8.0 and the minor version is - 43. - - >- - The database major version is MySQL 8.0 and the minor version is - 44. - - >- - The database major version is MySQL 8.0 and the minor version is - 45. - - >- - The database major version is MySQL 8.0 and the minor version is - 46. - - The database version is MySQL 8.4. - - The database version is SQL Server 2017 Standard. - - The database version is SQL Server 2017 Enterprise. - - The database version is SQL Server 2017 Express. - - The database version is SQL Server 2017 Web. - - The database version is PostgreSQL 9.6. - - The database version is PostgreSQL 10. - - The database version is PostgreSQL 11. - - The database version is PostgreSQL 12. - - The database version is PostgreSQL 13. - - The database version is PostgreSQL 14. - - The database version is PostgreSQL 15. - - The database version is PostgreSQL 16. - - The database version is PostgreSQL 17. - - The database version is SQL Server 2019 Standard. - - The database version is SQL Server 2019 Enterprise. - - The database version is SQL Server 2019 Express. - - The database version is SQL Server 2019 Web. - - The database version is SQL Server 2022 Standard. - - The database version is SQL Server 2022 Enterprise. - - The database version is SQL Server 2022 Express. - - The database version is SQL Server 2022 Web. - enumDeprecated: - - false - - true - - true - - false - - false - - false - - false - - false - - false - - false - - true - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - enum: - - SQL_DATABASE_VERSION_UNSPECIFIED - - MYSQL_5_1 - - MYSQL_5_5 - - MYSQL_5_6 - - MYSQL_5_7 - - MYSQL_8_0 - - MYSQL_8_0_18 - - MYSQL_8_0_26 - - MYSQL_8_0_27 - - MYSQL_8_0_28 - - MYSQL_8_0_29 - - MYSQL_8_0_30 - - MYSQL_8_0_31 - - MYSQL_8_0_32 - - MYSQL_8_0_33 - - MYSQL_8_0_34 - - MYSQL_8_0_35 - - MYSQL_8_0_36 - - MYSQL_8_0_37 - - MYSQL_8_0_39 - - MYSQL_8_0_40 - - MYSQL_8_0_41 - - MYSQL_8_0_42 - - MYSQL_8_0_43 - - MYSQL_8_0_44 - - MYSQL_8_0_45 - - MYSQL_8_0_46 - - MYSQL_8_4 - - SQLSERVER_2017_STANDARD - - SQLSERVER_2017_ENTERPRISE - - SQLSERVER_2017_EXPRESS - - SQLSERVER_2017_WEB - - POSTGRES_9_6 - - POSTGRES_10 - - POSTGRES_11 - - POSTGRES_12 - - POSTGRES_13 - - POSTGRES_14 - - POSTGRES_15 - - POSTGRES_16 - - POSTGRES_17 - - SQLSERVER_2019_STANDARD - - SQLSERVER_2019_ENTERPRISE - - SQLSERVER_2019_EXPRESS - - SQLSERVER_2019_WEB - - SQLSERVER_2022_STANDARD - - SQLSERVER_2022_ENTERPRISE - - SQLSERVER_2022_EXPRESS - - SQLSERVER_2022_WEB - maxChargeableBytes: - description: Output only. The maximum chargeable bytes for the backup. - readOnly: true + consumerNetworkStatus: type: string - format: int64 - instanceDeletionTime: - description: >- - Optional. Output only. Timestamp in UTC of when the instance - associated with this backup is deleted. - readOnly: true + description: The connection policy status of the consumer network. + ipAddress: + description: The IP address of the consumer endpoint. type: string - format: google-datetime - instanceSettings: - description: >- - Optional. Output only. The instance setting of the source instance - that's associated with this backup. - readOnly: true - $ref: '#/components/schemas/DatabaseInstance' - backupRun: - description: >- - Output only. The mapping to backup run resource used for IAM - validations. - readOnly: true + consumerProject: type: string - satisfiesPzs: - description: >- - Output only. This status indicates whether the backup satisfies PZS. - The status is reserved for future use. - readOnly: true - type: boolean - satisfiesPzi: description: >- - Output only. This status indicates whether the backup satisfies PZI. - The status is reserved for future use. - readOnly: true + Optional. This is the project ID of consumer service project of this + consumer endpoint. Optional. This is only applicable if + consumer_network is a shared vpc network. + status: + description: The connection status of the consumer endpoint. + type: string + Value: + properties: + value: + type: string + description: The cell value in string format. + nullValue: type: boolean - Interval: - id: Interval - description: >- - Represents a time interval, encoded as a Timestamp start (inclusive) and - a Timestamp end (exclusive). The start must be less than or equal to the - end. When the start equals the end, the interval is empty (matches no - time). When both start and end are unspecified, the interval matches any - time. + description: If cell value is null, then this flag will be set to true. + type: object + description: The cell value of the table. + id: Value + SslCertsInsertRequest: type: object properties: - startTime: + commonName: description: >- - Optional. Inclusive start of the interval. If specified, a Timestamp - matching this interval will have to be the same or after the start. + User supplied name. Must be a distinct name from the other + certificates for this instance. type: string - format: google-datetime - endTime: + id: SslCertsInsertRequest + description: SslCerts insert request. + ConnectionPoolFlags: + type: object + description: >- + Connection pool flags for Cloud SQL instances managed connection pool + configuration. + properties: + value: description: >- - Optional. Exclusive end of the interval. If specified, a Timestamp - matching this interval will have to be before the end. + Required. The value of the flag. Boolean flags are set to `on` for + true and `off` for false. This field must be omitted if the flag + doesn't take a value. type: string - format: google-datetime - ListBackupsResponse: - id: ListBackupsResponse - description: The response payload containing a list of the backups. + name: + description: Required. The name of the flag. + type: string + id: ConnectionPoolFlags + SqlInstancesRescheduleMaintenanceRequestBody: + properties: + reschedule: + $ref: '#/components/schemas/Reschedule' + description: Required. The type of the reschedule the user wants. + description: Reschedule options for maintenance windows. + id: SqlInstancesRescheduleMaintenanceRequestBody + type: object + DnsNameMapping: + description: DNS metadata. type: object properties: - backups: - description: A list of backups. + name: + description: The DNS name. + type: string + connectionType: + enum: + - CONNECTION_TYPE_UNSPECIFIED + - PUBLIC + - PRIVATE_SERVICES_ACCESS + - PRIVATE_SERVICE_CONNECT + readOnly: true + description: Output only. The connection type of the DNS name. + enumDescriptions: + - Unknown connection type. + - Public IP. + - Private services access (private IP). + - Private Service Connect. + type: string + dnsScope: + enumDescriptions: + - Unknown DNS scope. + - Indicates a instance-level DNS name. + enum: + - DNS_SCOPE_UNSPECIFIED + - INSTANCE + readOnly: true + description: Output only. The scope that the DNS name applies to. + type: string + id: DnsNameMapping + BinLogCoordinates: + type: object + description: Binary log coordinates. + id: BinLogCoordinates + properties: + binLogFileName: + type: string + description: Name of the binary log file for a Cloud SQL instance. + kind: + type: string + description: This is always `sql#binLogCoordinates`. + binLogPosition: + format: int64 + description: Position (offset) within the binary log file. + type: string + RotateServerCaContext: + id: RotateServerCaContext + properties: + kind: + type: string + description: This is always `sql#rotateServerCaContext`. + nextVersion: + type: string + description: >- + The fingerprint of the next version to be rotated to. If left + unspecified, will be rotated to the most recently added server CA + version. + description: Instance rotate server CA context. + type: object + InstancesCloneRequest: + description: Database instance clone request. + type: object + id: InstancesCloneRequest + properties: + cloneContext: + $ref: '#/components/schemas/CloneContext' + description: Required. Contains details about the clone operation. + SslCertsListResponse: + properties: + items: + description: List of client certificates for the instance. type: array items: - $ref: '#/components/schemas/Backup' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, then there aren't subsequent pages. + $ref: '#/components/schemas/SslCert' + kind: type: string - warnings: + description: This is always `sql#sslCertsList`. + id: SslCertsListResponse + description: SslCerts list response. + type: object + PreCheckResponse: + id: PreCheckResponse + description: >- + Structured PreCheckResponse containing message, type, and required + actions. + type: object + properties: + message: + type: string + description: The message to be displayed to the user. + messageType: + enum: + - MESSAGE_TYPE_UNSPECIFIED + - INFO + - WARNING + - ERROR + description: The type of message whether it is an info, warning, or error. + type: string + enumDescriptions: + - Default unspecified value to prevent unintended behavior changes. + - General informational messages that don't require action. + - Warnings that might impact the upgrade but don't block it. + - >- + Errors that a user must resolve before proceeding with the + upgrade. + actionsRequired: + items: + type: string description: >- - If a region isn't unavailable or if an unknown error occurs, then a - warning message is returned. + The actions that the user needs to take. Use repeated for multiple + actions. type: array - items: - $ref: '#/components/schemas/ApiWarning' ConnectSettings: id: ConnectSettings description: Connect settings retrieval response. - type: object properties: - kind: - description: This is always `sql#connectSettings`. + customSubjectAlternativeNames: + type: array + items: + type: string + description: Custom subject alternative names for the server certificate. + serverCaMode: + enumDescriptions: + - CA mode is unknown. + - Google-managed self-signed internal CA. + - >- + Google-managed regional CA part of root CA hierarchy hosted on + Google Cloud's Certificate Authority Service (CAS). + - >- + Customer-managed CA hosted on Google Cloud's Certificate Authority + Service (CAS). + enum: + - CA_MODE_UNSPECIFIED + - GOOGLE_MANAGED_INTERNAL_CA + - GOOGLE_MANAGED_CAS_CA + - CUSTOMER_MANAGED_CAS_CA type: string + description: Specify what type of CA is used for the server certificate. serverCaCert: - description: SSL configuration. $ref: '#/components/schemas/SslCert' + description: SSL configuration. ipAddresses: - description: The assigned IP addresses for the instance. type: array + description: The assigned IP addresses for the instance. items: $ref: '#/components/schemas/IpMapping' + nodeCount: + format: int32 + description: The number of read pool nodes in a read pool. + type: integer + dnsNames: + items: + $ref: '#/components/schemas/DnsNameMapping' + description: Output only. The list of DNS names used by this instance. + type: array + readOnly: true + backendType: + enumDescriptions: + - This is an unknown backend type for instance. + - V1 speckle instance. + - V2 speckle instance. + - On premises instance. + enum: + - SQL_BACKEND_TYPE_UNSPECIFIED + - FIRST_GEN + - SECOND_GEN + - EXTERNAL + type: string + enumDeprecated: + - false + - true + - false + - false + description: >- + `SECOND_GEN`: Cloud SQL database instance. `EXTERNAL`: A database + server that is not managed by Google. This property is read-only; + use the `tier` property in the `settings` object to determine the + database type. + nodes: + description: >- + Output only. Entries containing information about each read pool + node of the read pool. + readOnly: true + type: array + items: + $ref: '#/components/schemas/ConnectPoolNodeConfig' + mdxProtocolSupport: + items: + enum: + - MDX_PROTOCOL_SUPPORT_UNSPECIFIED + - CLIENT_PROTOCOL_TYPE + enumDescriptions: + - Not specified. + - Client should send the client protocol type in the MDX request. + type: string + description: >- + Optional. Output only. mdx_protocol_support controls how the client + uses metadata exchange when connecting to the instance. The values + in the list representing parts of the MDX protocol that are + supported by this instance. When the list is empty, the instance + does not support MDX, so the client must not send an MDX request. + The default is empty. + type: array + readOnly: true + pscEnabled: + description: Whether PSC connectivity is enabled for this instance. + type: boolean region: + type: string description: >- The cloud region for the instance. For example, `us-central1`, `europe-west1`. The region cannot be changed after instance creation. + kind: + description: This is always `sql#connectSettings`. type: string databaseVersion: - description: >- - The database engine type and version. The `databaseVersion` field - cannot be changed after instance creation. MySQL instances: - `MYSQL_8_0`, `MYSQL_5_7` (default), or `MYSQL_5_6`. PostgreSQL - instances: `POSTGRES_9_6`, `POSTGRES_10`, `POSTGRES_11`, - `POSTGRES_12` (default), `POSTGRES_13`, or `POSTGRES_14`. SQL Server - instances: `SQLSERVER_2017_STANDARD` (default), - `SQLSERVER_2017_ENTERPRISE`, `SQLSERVER_2017_EXPRESS`, - `SQLSERVER_2017_WEB`, `SQLSERVER_2019_STANDARD`, - `SQLSERVER_2019_ENTERPRISE`, `SQLSERVER_2019_EXPRESS`, or - `SQLSERVER_2019_WEB`. - type: string - enumDescriptions: - - This is an unknown database version. - - The database version is MySQL 5.1. - - The database version is MySQL 5.5. - - The database version is MySQL 5.6. - - The database version is MySQL 5.7. - - The database version is MySQL 8. - - >- - The database major version is MySQL 8.0 and the minor version is - 18. - - >- - The database major version is MySQL 8.0 and the minor version is - 26. - - >- - The database major version is MySQL 8.0 and the minor version is - 27. - - >- - The database major version is MySQL 8.0 and the minor version is - 28. - - >- - The database major version is MySQL 8.0 and the minor version is - 29. - - >- - The database major version is MySQL 8.0 and the minor version is - 30. - - >- - The database major version is MySQL 8.0 and the minor version is - 31. - - >- - The database major version is MySQL 8.0 and the minor version is - 32. - - >- - The database major version is MySQL 8.0 and the minor version is - 33. - - >- - The database major version is MySQL 8.0 and the minor version is - 34. - - >- - The database major version is MySQL 8.0 and the minor version is - 35. - - >- - The database major version is MySQL 8.0 and the minor version is - 36. - - >- - The database major version is MySQL 8.0 and the minor version is - 37. - - >- - The database major version is MySQL 8.0 and the minor version is - 39. - - >- - The database major version is MySQL 8.0 and the minor version is - 40. - - >- - The database major version is MySQL 8.0 and the minor version is - 41. - - >- - The database major version is MySQL 8.0 and the minor version is - 42. - - >- - The database major version is MySQL 8.0 and the minor version is - 43. - - >- - The database major version is MySQL 8.0 and the minor version is - 44. - - >- - The database major version is MySQL 8.0 and the minor version is - 45. - - >- - The database major version is MySQL 8.0 and the minor version is - 46. - - The database version is MySQL 8.4. - - The database version is SQL Server 2017 Standard. - - The database version is SQL Server 2017 Enterprise. - - The database version is SQL Server 2017 Express. - - The database version is SQL Server 2017 Web. - - The database version is PostgreSQL 9.6. - - The database version is PostgreSQL 10. - - The database version is PostgreSQL 11. - - The database version is PostgreSQL 12. - - The database version is PostgreSQL 13. - - The database version is PostgreSQL 14. - - The database version is PostgreSQL 15. - - The database version is PostgreSQL 16. - - The database version is PostgreSQL 17. - - The database version is SQL Server 2019 Standard. - - The database version is SQL Server 2019 Enterprise. - - The database version is SQL Server 2019 Express. - - The database version is SQL Server 2019 Web. - - The database version is SQL Server 2022 Standard. - - The database version is SQL Server 2022 Enterprise. - - The database version is SQL Server 2022 Express. - - The database version is SQL Server 2022 Web. enumDeprecated: - false - true @@ -4985,6 +3818,8 @@ components: - false - false - false + - false + type: string enum: - SQL_DATABASE_VERSION_UNSPECIFIED - MYSQL_5_1 @@ -5027,6 +3862,7 @@ components: - POSTGRES_15 - POSTGRES_16 - POSTGRES_17 + - POSTGRES_18 - SQLSERVER_2019_STANDARD - SQLSERVER_2019_ENTERPRISE - SQLSERVER_2019_EXPRESS @@ -5035,837 +3871,2640 @@ components: - SQLSERVER_2022_ENTERPRISE - SQLSERVER_2022_EXPRESS - SQLSERVER_2022_WEB - backendType: description: >- - `SECOND_GEN`: Cloud SQL database instance. `EXTERNAL`: A database - server that is not managed by Google. This property is read-only; - use the `tier` property in the `settings` object to determine the - database type. - type: string + The database engine type and version. The `databaseVersion` field + cannot be changed after instance creation. MySQL instances: + `MYSQL_8_0`, `MYSQL_5_7` (default), or `MYSQL_5_6`. PostgreSQL + instances: `POSTGRES_9_6`, `POSTGRES_10`, `POSTGRES_11`, + `POSTGRES_12` (default), `POSTGRES_13`, or `POSTGRES_14`. SQL Server + instances: `SQLSERVER_2017_STANDARD` (default), + `SQLSERVER_2017_ENTERPRISE`, `SQLSERVER_2017_EXPRESS`, + `SQLSERVER_2017_WEB`, `SQLSERVER_2019_STANDARD`, + `SQLSERVER_2019_ENTERPRISE`, `SQLSERVER_2019_EXPRESS`, or + `SQLSERVER_2019_WEB`. enumDescriptions: - - This is an unknown backend type for instance. - - V1 speckle instance. - - V2 speckle instance. - - On premises instance. - enumDeprecated: - - false - - true - - false - - false - enum: - - SQL_BACKEND_TYPE_UNSPECIFIED - - FIRST_GEN - - SECOND_GEN - - EXTERNAL - pscEnabled: - description: Whether PSC connectivity is enabled for this instance. - type: boolean + - This is an unknown database version. + - The database version is MySQL 5.1. + - The database version is MySQL 5.5. + - The database version is MySQL 5.6. + - The database version is MySQL 5.7. + - The database version is MySQL 8. + - >- + The database major version is MySQL 8.0 and the minor version is + 18. + - >- + The database major version is MySQL 8.0 and the minor version is + 26. + - >- + The database major version is MySQL 8.0 and the minor version is + 27. + - >- + The database major version is MySQL 8.0 and the minor version is + 28. + - >- + The database major version is MySQL 8.0 and the minor version is + 29. + - >- + The database major version is MySQL 8.0 and the minor version is + 30. + - >- + The database major version is MySQL 8.0 and the minor version is + 31. + - >- + The database major version is MySQL 8.0 and the minor version is + 32. + - >- + The database major version is MySQL 8.0 and the minor version is + 33. + - >- + The database major version is MySQL 8.0 and the minor version is + 34. + - >- + The database major version is MySQL 8.0 and the minor version is + 35. + - >- + The database major version is MySQL 8.0 and the minor version is + 36. + - >- + The database major version is MySQL 8.0 and the minor version is + 37. + - >- + The database major version is MySQL 8.0 and the minor version is + 39. + - >- + The database major version is MySQL 8.0 and the minor version is + 40. + - >- + The database major version is MySQL 8.0 and the minor version is + 41. + - >- + The database major version is MySQL 8.0 and the minor version is + 42. + - >- + The database major version is MySQL 8.0 and the minor version is + 43. + - >- + The database major version is MySQL 8.0 and the minor version is + 44. + - >- + The database major version is MySQL 8.0 and the minor version is + 45. + - >- + The database major version is MySQL 8.0 and the minor version is + 46. + - The database version is MySQL 8.4. + - The database version is SQL Server 2017 Standard. + - The database version is SQL Server 2017 Enterprise. + - The database version is SQL Server 2017 Express. + - The database version is SQL Server 2017 Web. + - The database version is PostgreSQL 9.6. + - The database version is PostgreSQL 10. + - The database version is PostgreSQL 11. + - The database version is PostgreSQL 12. + - The database version is PostgreSQL 13. + - The database version is PostgreSQL 14. + - The database version is PostgreSQL 15. + - The database version is PostgreSQL 16. + - The database version is PostgreSQL 17. + - The database version is PostgreSQL 18. + - The database version is SQL Server 2019 Standard. + - The database version is SQL Server 2019 Enterprise. + - The database version is SQL Server 2019 Express. + - The database version is SQL Server 2019 Web. + - The database version is SQL Server 2022 Standard. + - The database version is SQL Server 2022 Enterprise. + - The database version is SQL Server 2022 Express. + - The database version is SQL Server 2022 Web. dnsName: description: The dns name of the instance. type: string - serverCaMode: - description: Specify what type of CA is used for the server certificate. + type: object + InstancesPreCheckMajorVersionUpgradeRequest: + id: InstancesPreCheckMajorVersionUpgradeRequest + properties: + preCheckMajorVersionUpgradeContext: + $ref: '#/components/schemas/PreCheckMajorVersionUpgradeContext' + description: >- + Required. Contains details about the pre-check major version upgrade + operation. + description: Request for Pre-checks for MVU + type: object + AcquireSsrsLeaseContext: + type: object + properties: + duration: + description: Lease duration needed for SSRS setup. + format: google-duration type: string - enumDescriptions: - - CA mode is unknown. - - Google-managed self-signed internal CA. - - >- - Google-managed regional CA part of root CA hierarchy hosted on - Google Cloud's Certificate Authority Service (CAS). - - >- - Customer-managed CA hosted on Google Cloud's Certificate Authority - Service (CAS). - enum: - - CA_MODE_UNSPECIFIED - - GOOGLE_MANAGED_INTERNAL_CA - - GOOGLE_MANAGED_CAS_CA - - CUSTOMER_MANAGED_CAS_CA - customSubjectAlternativeNames: - description: Custom subject alternative names for the server certificate. - type: array - items: - type: string - dnsNames: - description: Output only. The list of DNS names used by this instance. - readOnly: true - type: array - items: - $ref: '#/components/schemas/DnsNameMapping' - nodeCount: - description: The number of read pool nodes in a read pool. - type: integer - format: int32 - nodes: + serviceLogin: description: >- - Output only. Entries containing information about each read pool - node of the read pool. - readOnly: true - type: array - items: - $ref: '#/components/schemas/ConnectPoolNodeConfig' - mdxProtocolSupport: + The username to be used as the service login to connect to the + report database for SSRS setup. + type: string + setupLogin: description: >- - Optional. Output only. mdx_protocol_support controls how the client - uses metadata exchange when connecting to the instance. The values - in the list representing parts of the MDX protocol that are - supported by this instance. When the list is empty, the instance - does not support MDX, so the client must not send an MDX request. - The default is empty. - readOnly: true - type: array - items: - type: string - enumDescriptions: - - Not specified. - - Client should send the client protocol type in the MDX request. - enum: - - MDX_PROTOCOL_SUPPORT_UNSPECIFIED - - CLIENT_PROTOCOL_TYPE - ConnectPoolNodeConfig: - id: ConnectPoolNodeConfig - description: Details of a single read pool node of a read pool. - type: object + The username to be used as the setup login to connect to the + database server for SSRS setup. + type: string + reportDatabase: + description: The report database to be used for SSRS setup. + type: string + description: Acquire SSRS lease context. + id: AcquireSsrsLeaseContext + Backup: properties: - name: + timeZone: description: >- - Output only. The name of the read pool node. Doesn't include the - project ID. + Output only. This output contains a backup time zone. If a Cloud SQL + for SQL Server instance has a different time zone from the backup's + time zone, then the restore to the instance doesn't happen. readOnly: true type: string - ipAddresses: - description: >- - Output only. Mappings containing IP addresses that can be used to - connect to the read pool node. - readOnly: true - type: array - items: - $ref: '#/components/schemas/IpMapping' - dnsName: - description: Output only. The DNS name of the read pool node. - readOnly: true + expiryTime: type: string - dnsNames: - description: Output only. The list of DNS names used by this read pool node. + description: Backup expiration time. A UTC timestamp of when this backup expired. + format: google-datetime + error: readOnly: true - type: array - items: - $ref: '#/components/schemas/DnsNameMapping' - GenerateEphemeralCertRequest: - id: GenerateEphemeralCertRequest - description: Ephemeral certificate creation request. - type: object - properties: - public_key: - description: PEM encoded public key to include in the signed certificate. - type: string - access_token: - description: Optional. Access token to include in the signed certificate. - type: string - readTime: description: >- - Optional. Optional snapshot read timestamp to trade freshness for - performance. - type: string - format: google-datetime - validDuration: - description: Optional. If set, it will contain the cert valid duration. - type: string - format: google-duration - GenerateEphemeralCertResponse: - id: GenerateEphemeralCertResponse - description: Ephemeral certificate creation request. - type: object - properties: - ephemeralCert: - description: Generated cert - $ref: '#/components/schemas/SslCert' - Database: - id: Database - description: Represents a SQL database on the Cloud SQL instance. - type: object - properties: - kind: - description: This is always `sql#database`. - type: string - charset: - description: The Cloud SQL charset value. + Output only. Information about why the backup operation fails (for + example, when the backup state fails). + $ref: '#/components/schemas/OperationError' + state: + enumDescriptions: + - The state of the backup is unknown. + - The backup that's added to a queue. + - The backup is in progress. + - The backup failed. + - The backup is successful. + - The backup is being deleted. + - Deletion of the backup failed. + description: Output only. The status of this backup. + enum: + - SQL_BACKUP_STATE_UNSPECIFIED + - ENQUEUED + - RUNNING + - FAILED + - SUCCESSFUL + - DELETING + - DELETION_FAILED type: string - collation: - description: The Cloud SQL collation value. + readOnly: true + backupRun: type: string - etag: description: >- - This field is deprecated and will be removed from a future version - of the API. - type: string - name: + Output only. The mapping to backup run resource used for IAM + validations. + readOnly: true + satisfiesPzs: + type: boolean description: >- - The name of the database in the Cloud SQL instance. This does not - include the project ID or instance name. - type: string - instance: + Output only. This status indicates whether the backup satisfies PZS. + The status is reserved for future use. + readOnly: true + type: + enumDescriptions: + - This is an unknown backup type. + - The backup schedule triggers a backup automatically. + - The user triggers a backup manually. + - The backup created when instance is deleted. description: >- - The name of the Cloud SQL instance. This does not include the - project ID. + Output only. The type of this backup. The type can be "AUTOMATED", + "ON_DEMAND" or “FINAL”. + readOnly: true + enum: + - SQL_BACKUP_TYPE_UNSPECIFIED + - AUTOMATED + - ON_DEMAND + - FINAL type: string selfLink: - description: The URI of this resource. + description: Output only. The URI of this resource. + readOnly: true type: string - project: - description: >- - The project ID of the project containing the Cloud SQL database. The - Google apps domain is prefixed if applicable. + description: type: string - sqlserverDatabaseDetails: - $ref: '#/components/schemas/SqlServerDatabaseDetails' - SqlServerDatabaseDetails: - id: SqlServerDatabaseDetails - description: Represents a Sql Server database on the Cloud SQL instance. - type: object - properties: - compatibilityLevel: + description: The description of this backup. + instanceSettings: + readOnly: true description: >- - The version of SQL Server with which the database is to be made - compatible - type: integer - format: int32 - recoveryModel: - description: The recovery model of a SQL Server database - type: string - DatabasesListResponse: - id: DatabasesListResponse - description: Database list response. - type: object - properties: - kind: - description: This is always `sql#databasesList`. + Optional. Output only. The instance setting of the source instance + that's associated with this backup. + $ref: '#/components/schemas/DatabaseInstance' + name: + readOnly: true type: string - items: - description: List of database resources in the instance. - type: array - items: - $ref: '#/components/schemas/Database' - FlagsListResponse: - id: FlagsListResponse - description: Flags list response. - type: object - properties: - kind: - description: This is always `sql#flagsList`. + description: >- + Output only. The resource name of the backup. Format: + projects/{project}/backups/{backup}. + instanceDeletionTime: type: string - items: - description: List of flags. - type: array - items: - $ref: '#/components/schemas/Flag' - Flag: - id: Flag - description: A flag resource. - type: object - properties: - name: + format: google-datetime + readOnly: true description: >- - This is the name of the flag. Flag names always use underscores, not - hyphens, for example: `max_allowed_packet` + Optional. Output only. Timestamp in UTC of when the instance + associated with this backup is deleted. + kmsKeyVersion: + readOnly: true + description: >- + Output only. This output contains the encryption status for a backup + and the version of the KMS key that's used to encrypt the Cloud SQL + instance. type: string - type: + maxChargeableBytes: + description: Output only. The maximum chargeable bytes for the backup. + type: string + format: int64 + readOnly: true + backupInterval: description: >- - The type of the flag. Flags are typed to being `BOOLEAN`, `STRING`, - `INTEGER` or `NONE`. `NONE` is used for flags that do not take a - value, such as `skip_grant_tables`. + Output only. This output contains the following values: start_time: + All database writes up to this time are available. end_time: Any + database writes after this time aren't available. + $ref: '#/components/schemas/Interval' + readOnly: true + instance: + description: The name of the source database instance. type: string + databaseVersion: enumDescriptions: - - This is an unknown flag type. - - Boolean type flag. - - String type flag. - - Integer type flag. - - Flag type used for a server startup option. - - >- - Type introduced specially for MySQL TimeZone offset. Accept a - string value with the format [-12:59, 13:00]. - - Float type flag. - - Comma-separated list of the strings in a SqlFlagType enum. + - This is an unknown database version. + - The database version is MySQL 5.1. + - The database version is MySQL 5.5. + - The database version is MySQL 5.6. + - The database version is MySQL 5.7. + - The database version is MySQL 8. + - >- + The database major version is MySQL 8.0 and the minor version is + 18. + - >- + The database major version is MySQL 8.0 and the minor version is + 26. + - >- + The database major version is MySQL 8.0 and the minor version is + 27. + - >- + The database major version is MySQL 8.0 and the minor version is + 28. + - >- + The database major version is MySQL 8.0 and the minor version is + 29. + - >- + The database major version is MySQL 8.0 and the minor version is + 30. + - >- + The database major version is MySQL 8.0 and the minor version is + 31. + - >- + The database major version is MySQL 8.0 and the minor version is + 32. + - >- + The database major version is MySQL 8.0 and the minor version is + 33. + - >- + The database major version is MySQL 8.0 and the minor version is + 34. + - >- + The database major version is MySQL 8.0 and the minor version is + 35. + - >- + The database major version is MySQL 8.0 and the minor version is + 36. + - >- + The database major version is MySQL 8.0 and the minor version is + 37. + - >- + The database major version is MySQL 8.0 and the minor version is + 39. + - >- + The database major version is MySQL 8.0 and the minor version is + 40. + - >- + The database major version is MySQL 8.0 and the minor version is + 41. + - >- + The database major version is MySQL 8.0 and the minor version is + 42. + - >- + The database major version is MySQL 8.0 and the minor version is + 43. + - >- + The database major version is MySQL 8.0 and the minor version is + 44. + - >- + The database major version is MySQL 8.0 and the minor version is + 45. + - >- + The database major version is MySQL 8.0 and the minor version is + 46. + - The database version is MySQL 8.4. + - The database version is SQL Server 2017 Standard. + - The database version is SQL Server 2017 Enterprise. + - The database version is SQL Server 2017 Express. + - The database version is SQL Server 2017 Web. + - The database version is PostgreSQL 9.6. + - The database version is PostgreSQL 10. + - The database version is PostgreSQL 11. + - The database version is PostgreSQL 12. + - The database version is PostgreSQL 13. + - The database version is PostgreSQL 14. + - The database version is PostgreSQL 15. + - The database version is PostgreSQL 16. + - The database version is PostgreSQL 17. + - The database version is PostgreSQL 18. + - The database version is SQL Server 2019 Standard. + - The database version is SQL Server 2019 Enterprise. + - The database version is SQL Server 2019 Express. + - The database version is SQL Server 2019 Web. + - The database version is SQL Server 2022 Standard. + - The database version is SQL Server 2022 Enterprise. + - The database version is SQL Server 2022 Express. + - The database version is SQL Server 2022 Web. + readOnly: true + enum: + - SQL_DATABASE_VERSION_UNSPECIFIED + - MYSQL_5_1 + - MYSQL_5_5 + - MYSQL_5_6 + - MYSQL_5_7 + - MYSQL_8_0 + - MYSQL_8_0_18 + - MYSQL_8_0_26 + - MYSQL_8_0_27 + - MYSQL_8_0_28 + - MYSQL_8_0_29 + - MYSQL_8_0_30 + - MYSQL_8_0_31 + - MYSQL_8_0_32 + - MYSQL_8_0_33 + - MYSQL_8_0_34 + - MYSQL_8_0_35 + - MYSQL_8_0_36 + - MYSQL_8_0_37 + - MYSQL_8_0_39 + - MYSQL_8_0_40 + - MYSQL_8_0_41 + - MYSQL_8_0_42 + - MYSQL_8_0_43 + - MYSQL_8_0_44 + - MYSQL_8_0_45 + - MYSQL_8_0_46 + - MYSQL_8_4 + - SQLSERVER_2017_STANDARD + - SQLSERVER_2017_ENTERPRISE + - SQLSERVER_2017_EXPRESS + - SQLSERVER_2017_WEB + - POSTGRES_9_6 + - POSTGRES_10 + - POSTGRES_11 + - POSTGRES_12 + - POSTGRES_13 + - POSTGRES_14 + - POSTGRES_15 + - POSTGRES_16 + - POSTGRES_17 + - POSTGRES_18 + - SQLSERVER_2019_STANDARD + - SQLSERVER_2019_ENTERPRISE + - SQLSERVER_2019_EXPRESS + - SQLSERVER_2019_WEB + - SQLSERVER_2022_STANDARD + - SQLSERVER_2022_ENTERPRISE + - SQLSERVER_2022_EXPRESS + - SQLSERVER_2022_WEB + enumDeprecated: + - false + - true + - true + - false + - false + - false + - false + - false + - false + - false + - true + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + - false + description: >- + Output only. The database version of the instance of at the time + this backup was made. + type: string + kmsKey: + readOnly: true + type: string + description: >- + Output only. This output contains the encryption configuration for a + backup and the resource name of the KMS key for disk encryption. + location: + description: >- + The storage location of the backups. The location can be + multi-regional. + type: string + kind: + readOnly: true + type: string + description: Output only. This is always `sql#backup`. + satisfiesPzi: + description: >- + Output only. This status indicates whether the backup satisfies PZI. + The status is reserved for future use. + type: boolean + readOnly: true + backupKind: + type: string + enum: + - SQL_BACKUP_KIND_UNSPECIFIED + - SNAPSHOT + - PHYSICAL + enumDescriptions: + - This is an unknown BackupKind. + - Snapshot-based backups. + - Physical backups. + readOnly: true + description: >- + Output only. Specifies the kind of backup, PHYSICAL or + DEFAULT_SNAPSHOT. + ttlDays: + format: int64 + type: string + description: >- + Input only. The time-to-live (TTL) interval for this resource (in + days). For example: ttlDays:7, means 7 days from the current time. + The expiration time can't exceed 365 days from the time that the + backup is created. + description: A backup resource. + type: object + id: Backup + UserPasswordValidationPolicy: + id: UserPasswordValidationPolicy + description: User level password validation policy. + properties: + enableFailedAttemptsCheck: + description: If true, failed login attempts check will be enabled. + type: boolean + allowedFailedAttempts: + format: int32 + type: integer + description: Number of failed login attempts allowed before user get locked. + status: + $ref: '#/components/schemas/PasswordStatus' + description: Output only. Read-only password status. + readOnly: true + passwordExpirationDuration: + type: string + description: Expiration duration after password is updated. + format: google-duration + enablePasswordVerification: + description: >- + If true, the user must specify the current password before changing + the password. This flag is supported only for MySQL. + type: boolean + type: object + InstancesListServerCertificatesResponse: + properties: + serverCerts: + items: + $ref: '#/components/schemas/SslCert' + type: array + description: >- + List of server certificates for the instance, signed by the + corresponding CA from the `ca_certs` list. + kind: + description: This is always `sql#instancesListServerCertificates`. + type: string + activeVersion: + type: string + description: >- + The `sha1_fingerprint` of the active certificate from + `server_certs`. + caCerts: + type: array + items: + $ref: '#/components/schemas/SslCert' + description: List of server CA certificates for the instance. + description: Instances ListServerCertificates response. + id: InstancesListServerCertificatesResponse + type: object + PerformDiskShrinkContext: + description: Perform disk shrink context. + properties: + targetSizeGb: + format: int64 + type: string + description: The target disk shrink size in GigaBytes. + id: PerformDiskShrinkContext + type: object + GenerateEphemeralCertRequest: + type: object + properties: + readTime: + type: string + format: google-datetime + description: >- + Optional. Optional snapshot read timestamp to trade freshness for + performance. + access_token: + type: string + description: Optional. Access token to include in the signed certificate. + public_key: + description: PEM encoded public key to include in the signed certificate. + type: string + validDuration: + description: Optional. If set, it will contain the cert valid duration. + format: google-duration + type: string + description: Ephemeral certificate creation request. + id: GenerateEphemeralCertRequest + Database: + properties: + collation: + type: string + description: The Cloud SQL collation value. + etag: + description: >- + This field is deprecated and will be removed from a future version + of the API. + type: string + name: + type: string + description: >- + The name of the database in the Cloud SQL instance. This does not + include the project ID or instance name. + charset: + type: string + description: The Cloud SQL charset value. + sqlserverDatabaseDetails: + $ref: '#/components/schemas/SqlServerDatabaseDetails' + selfLink: + type: string + description: The URI of this resource. + kind: + description: This is always `sql#database`. + type: string + project: + description: >- + The project ID of the project containing the Cloud SQL database. The + Google apps domain is prefixed if applicable. + type: string + instance: + description: >- + The name of the Cloud SQL instance. This does not include the + project ID. + type: string + description: Represents a SQL database on the Cloud SQL instance. + id: Database + type: object + InstancesImportRequest: + id: InstancesImportRequest + description: Database instance import request. + properties: + importContext: + $ref: '#/components/schemas/ImportContext' + description: Contains details about the import operation. + type: object + DemoteMasterMySqlReplicaConfiguration: + description: Read-replica configuration specific to MySQL databases. + type: object + id: DemoteMasterMySqlReplicaConfiguration + properties: + password: + description: The password for the replication connection. + type: string + caCertificate: + type: string + description: PEM representation of the trusted CA's x509 certificate. + username: + description: The username for the replication connection. + type: string + kind: + type: string + description: This is always `sql#demoteMasterMysqlReplicaConfiguration`. + clientKey: + description: >- + PEM representation of the replica's private key. The corresponding + public key is encoded in the client's certificate. The format of the + replica's private key can be either PKCS #1 or PKCS #8. + type: string + clientCertificate: + description: PEM representation of the replica's x509 certificate. + type: string + RotateServerCertificateContext: + type: object + description: Instance rotate server certificate context. + id: RotateServerCertificateContext + properties: + kind: + type: string + description: Optional. This is always `sql#rotateServerCertificateContext`. + nextVersion: + description: >- + The fingerprint of the next version to be rotated to. If left + unspecified, will be rotated to the most recently added server + certificate version. + type: string + IpConfiguration: + id: IpConfiguration + type: object + properties: + sslMode: + enum: + - SSL_MODE_UNSPECIFIED + - ALLOW_UNENCRYPTED_AND_ENCRYPTED + - ENCRYPTED_ONLY + - TRUSTED_CLIENT_CERTIFICATE_REQUIRED + type: string + description: >- + Specify how SSL/TLS is enforced in database connections. If you must + use the `require_ssl` flag for backward compatibility, then only the + following value pairs are valid: For PostgreSQL and MySQL: * + `ssl_mode=ALLOW_UNENCRYPTED_AND_ENCRYPTED` and `require_ssl=false` * + `ssl_mode=ENCRYPTED_ONLY` and `require_ssl=false` * + `ssl_mode=TRUSTED_CLIENT_CERTIFICATE_REQUIRED` and + `require_ssl=true` For SQL Server: * + `ssl_mode=ALLOW_UNENCRYPTED_AND_ENCRYPTED` and `require_ssl=false` * + `ssl_mode=ENCRYPTED_ONLY` and `require_ssl=true` The value of + `ssl_mode` has priority over the value of `require_ssl`. For + example, for the pair `ssl_mode=ENCRYPTED_ONLY` and + `require_ssl=false`, `ssl_mode=ENCRYPTED_ONLY` means accept only SSL + connections, while `require_ssl=false` means accept both non-SSL and + SSL connections. In this case, MySQL and PostgreSQL databases + respect `ssl_mode` and accepts only SSL connections. + enumDescriptions: + - The SSL mode is unknown. + - >- + Allow non-SSL/non-TLS and SSL/TLS connections. For SSL connections + to MySQL and PostgreSQL, the client certificate isn't verified. + When this value is used, the legacy `require_ssl` flag must be + false or cleared to avoid a conflict between the values of the two + flags. + - >- + Only allow connections encrypted with SSL/TLS. For SSL connections + to MySQL and PostgreSQL, the client certificate isn't verified. + When this value is used, the legacy `require_ssl` flag must be + false or cleared to avoid a conflict between the values of the two + flags. + - >- + Only allow connections encrypted with SSL/TLS and with valid + client certificates. When this value is used, the legacy + `require_ssl` flag must be true or cleared to avoid the conflict + between values of two flags. PostgreSQL clients or users that + connect using IAM database authentication must use either the + [Cloud SQL Auth + Proxy](https://cloud.google.com/sql/docs/postgres/connect-auth-proxy) + or [Cloud SQL + Connectors](https://cloud.google.com/sql/docs/postgres/connect-connectors) + to enforce client identity verification. Only applicable to MySQL + and PostgreSQL. Not applicable to SQL Server. + privateNetwork: + type: string + description: >- + The resource link for the VPC network from which the Cloud SQL + instance is accessible for private IP. For example, + `/projects/myProject/global/networks/default`. This setting can be + updated, but it cannot be removed after it is set. + customSubjectAlternativeNames: + description: >- + Optional. Custom Subject Alternative Name(SAN)s for a Cloud SQL + instance. + items: + type: string + type: array + authorizedNetworks: + type: array + description: >- + The list of external networks that are allowed to connect to the + instance using the IP. In 'CIDR' notation, also known as 'slash' + notation (for example: `157.197.200.0/24`). + items: + $ref: '#/components/schemas/AclEntry' + serverCaMode: + type: string + description: Specify what type of CA is used for the server certificate. + enum: + - CA_MODE_UNSPECIFIED + - GOOGLE_MANAGED_INTERNAL_CA + - GOOGLE_MANAGED_CAS_CA + - CUSTOMER_MANAGED_CAS_CA + enumDescriptions: + - >- + CA mode is unspecified. It is effectively the same as + `GOOGLE_MANAGED_INTERNAL_CA`. + - Google-managed self-signed internal CA. + - >- + Google-managed regional CA part of root CA hierarchy hosted on + Google Cloud's Certificate Authority Service (CAS). + - >- + Customer-managed CA hosted on Google Cloud's Certificate Authority + Service (CAS). + requireSsl: + type: boolean + description: >- + Use `ssl_mode` instead. Whether SSL/TLS connections over IP are + enforced. If set to false, then allow both non-SSL/non-TLS and + SSL/TLS connections. For SSL/TLS connections, the client certificate + won't be verified. If set to true, then only allow connections + encrypted with SSL/TLS and with valid client certificates. If you + want to enforce SSL/TLS without enforcing the requirement for valid + client certificates, then use the `ssl_mode` flag instead of the + `require_ssl` flag. + pscConfig: + description: PSC settings for this instance. + $ref: '#/components/schemas/PscConfig' + ipv4Enabled: + type: boolean + description: Whether the instance is assigned a public IP address or not. + serverCaPool: + description: >- + Optional. The resource name of the server CA pool for an instance + with `CUSTOMER_MANAGED_CAS_CA` as the `server_ca_mode`. Format: + projects/{PROJECT}/locations/{REGION}/caPools/{CA_POOL_ID} + type: string + enablePrivatePathForGoogleCloudServices: + type: boolean + description: >- + Controls connectivity to private IP instances from Google services, + such as BigQuery. + serverCertificateRotationMode: + enumDescriptions: + - 'Unspecified: no automatic server certificate rotation.' + - >- + No automatic server certificate rotation. The user must [manage + server certificate + rotation](/sql/docs/mysql/manage-ssl-instance#rotate-server-certificate-cas) + on their side. + - >- + Automatic server certificate rotation during Cloud SQL scheduled + maintenance or self-service maintenance updates. Requires + `server_ca_mode` to be `GOOGLE_MANAGED_CAS_CA` or + `CUSTOMER_MANAGED_CAS_CA`. + enum: + - SERVER_CERTIFICATE_ROTATION_MODE_UNSPECIFIED + - NO_AUTOMATIC_ROTATION + - AUTOMATIC_ROTATION_DURING_MAINTENANCE + type: string + description: >- + Optional. Controls the automatic server certificate rotation + feature. This feature is disabled by default. When enabled, the + server certificate will be automatically rotated during Cloud SQL + scheduled maintenance or self-service maintenance updates up to six + months before it expires. This setting can only be set if + server_ca_mode is either GOOGLE_MANAGED_CAS_CA or + CUSTOMER_MANAGED_CAS_CA. + allocatedIpRange: + type: string + description: >- + The name of the allocated ip range for the private ip Cloud SQL + instance. For example: "google-managed-services-default". If set, + the instance ip will be created in the allocated range. The range + name must comply with [RFC + 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name + must be 1-63 characters long and match the regular expression + `[a-z]([-a-z0-9]*[a-z0-9])?.` + description: IP Management configuration. + ReplicaConfiguration: + type: object + description: Read-replica configuration for connecting to the primary instance. + id: ReplicaConfiguration + properties: + cascadableReplica: + type: boolean + description: >- + Optional. Specifies if a SQL Server replica is a cascadable replica. + A cascadable replica is a SQL Server cross region replica that + supports replica(s) under it. + failoverTarget: + description: >- + Specifies if the replica is the failover target. If the field is set + to `true`, the replica will be designated as a failover replica. In + case the primary instance fails, the replica instance will be + promoted as the new primary instance. Only one replica can be + specified as failover target, and the replica has to be in different + zone with the primary instance. + type: boolean + kind: + type: string + description: This is always `sql#replicaConfiguration`. + mysqlReplicaConfiguration: + $ref: '#/components/schemas/MySqlReplicaConfiguration' + description: >- + MySQL specific configuration when replicating from a MySQL + on-premises primary instance. Replication configuration information + such as the username, password, certificates, and keys are not + stored in the instance metadata. The configuration information is + used only to set up the replication connection and is stored by + MySQL in a file named `master.info` in the data directory. + PasswordValidationPolicy: + description: >- + Database instance local user password validation policy. This message + defines the password policy for local database users. When enabled, it + enforces constraints on password complexity, length, and reuse. Keep + this policy enabled to help prevent unauthorized access. + type: object + id: PasswordValidationPolicy + properties: + passwordChangeInterval: + format: google-duration + description: >- + Minimum interval after which the password can be changed. This flag + is only supported for PostgreSQL. + type: string + disallowUsernameSubstring: + description: Disallow username as a part of the password. + type: boolean + enablePasswordPolicy: + description: >- + Whether to enable the password policy or not. When enabled, + passwords must meet complexity requirements. Keep this policy + enabled to help prevent unauthorized access. Disabling this policy + allows weak passwords. + type: boolean + reuseInterval: + type: integer + format: int32 + description: Number of previous passwords that cannot be reused. + complexity: + enumDescriptions: + - Complexity check is not specified. + - >- + A combination of lowercase, uppercase, numeric, and + non-alphanumeric characters. + description: The complexity of the password. + enum: + - COMPLEXITY_UNSPECIFIED + - COMPLEXITY_DEFAULT + type: string + disallowCompromisedCredentials: + deprecated: true + description: >- + This field is deprecated and will be removed in a future version of + the API. + type: boolean + minLength: + type: integer + format: int32 + description: Minimum number of characters allowed. + InsightsConfig: + type: object + properties: + queryStringLength: + type: integer + format: int32 + description: >- + Maximum query length stored in bytes. Default value: 1024 bytes. + Range: 256-4500 bytes. Query lengths greater than this field value + will be truncated to this value. When unset, query length will be + the default value. Changing query length will restart the database. + queryInsightsEnabled: + description: Whether Query Insights feature is enabled. + type: boolean + queryPlansPerMinute: + format: int32 + description: >- + Number of query execution plans captured by Insights per minute for + all queries combined. Default is 5. + type: integer + recordApplicationTags: + description: >- + Whether Query Insights will record application tags from query when + enabled. + type: boolean + recordClientAddress: + description: Whether Query Insights will record client address when enabled. + type: boolean + id: InsightsConfig + description: >- + Insights configuration. This specifies when Cloud SQL Insights feature + is enabled and optional configuration. + Status: + properties: + code: + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + details: + type: array + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + type: object + id: Status + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + AvailableDatabaseVersion: + type: object + description: An available database version. It can be a major or a minor version. + id: AvailableDatabaseVersion + properties: + majorVersion: + type: string + description: The version's major version name. + displayName: + description: The database version's display name. + type: string + name: + type: string + description: >- + The database version name. For MySQL 8.0, this string provides the + database major and minor version. + AclEntry: + description: An entry for an Access Control list. + type: object + id: AclEntry + properties: + value: + description: The allowlisted value for the access control list. + type: string + kind: + description: This is always `sql#aclEntry`. + type: string + expirationTime: + format: google-datetime + description: >- + The time when this access control entry expires in [RFC + 3339](https://tools.ietf.org/html/rfc3339) format, for example + `2012-11-15T16:19:00.094Z`. + type: string + name: + type: string + description: Optional. A label to identify this entry. + SelectedObjects: + description: >- + A list of objects that the user selects for replication from an external + source instance. + properties: + database: + type: string + description: Required. The name of the database to migrate. + type: object + id: SelectedObjects + Column: + description: Contains the name and datatype of a column. + properties: + type: + description: Datatype of the column. + type: string + name: + type: string + description: Name of the column. + type: object + id: Column + InstancesListEntraIdCertificatesResponse: + properties: + certs: + description: List of Entra ID certificates for the instance. + items: + $ref: '#/components/schemas/SslCert' + type: array + kind: + description: This is always `sql#instancesListEntraIdCertificates`. + type: string + activeVersion: + type: string + description: The `sha1_fingerprint` of the active certificate from `certs`. + description: Instances ListEntraIdCertificates response. + type: object + id: InstancesListEntraIdCertificatesResponse + InstancesTruncateLogRequest: + properties: + truncateLogContext: + $ref: '#/components/schemas/TruncateLogContext' + description: Contains details about the truncate log operation. + description: Instance truncate log request. + type: object + id: InstancesTruncateLogRequest + SqlExternalSyncSettingError: + type: object + properties: + detail: + type: string + description: Additional information about the error encountered. + kind: + type: string + description: >- + Can be `sql#externalSyncSettingError` or + `sql#externalSyncSettingWarning`. + type: + enumDescriptions: + - '' + - '' + - '' + - '' + - '' + - The replication user is missing privileges that are required. + - Unsupported migration type. + - >- + No pglogical extension installed on databases, applicable for + postgres. + - >- + pglogical node already exists on databases, applicable for + postgres. + - The value of parameter wal_level is not set to logical. + - >- + The value of parameter shared_preload_libraries does not include + pglogical. + - The value of parameter max_replication_slots is not sufficient. + - The value of parameter max_wal_senders is not sufficient. + - The value of parameter max_worker_processes is not sufficient. + - >- + Extensions installed are either not supported or having + unsupported versions. + - The value of parameter rds.logical_replication is not set to 1. + - The primary instance logging setup doesn't allow EM sync. + - >- + The primary instance database parameter setup doesn't allow EM + sync. + - The gtid_mode is not supported, applicable for MySQL. + - SQL Server Agent is not running. + - >- + The table definition is not support due to missing primary key or + replica identity, applicable for postgres. Note that this is a + warning and won't block the migration. + - The customer has a definer that will break EM setup. + - SQL Server @@SERVERNAME does not match actual host name. + - The primary instance has been setup and will fail the setup. + - The primary instance has unsupported binary log format. + - The primary instance's binary log retention setting. + - The primary instance has tables with unsupported storage engine. + - >- + Source has tables with limited support eg: PostgreSQL tables + without primary keys. + - The replica instance contains existing data. + - The replication user is missing privileges that are optional. + - >- + Additional BACKUP_ADMIN privilege is granted to the replication + user which may lock source MySQL 8 instance for DDLs during + initial sync. + - The Cloud Storage bucket is missing necessary permissions. + - >- + The Cloud Storage bucket has an error in the file or contains + invalid file information. + - >- + The source instance has unsupported database settings for + migration. + - >- + The replication user is missing parallel import specific + privileges. (e.g. LOCK TABLES) for MySQL. + - >- + The global variable local_infile is off on external server + replica. + - >- + This code instructs customers to turn on point-in-time recovery + manually for the instance after promoting the Cloud SQL for + PostgreSQL instance. + - >- + The minor version of replica database is incompatible with the + source. + - >- + This warning message indicates that Cloud SQL uses the maximum + number of subscriptions to migrate data from the source to the + destination. + - Unable to verify definers on the source for MySQL. + - >- + If a time out occurs while the subscription counts are calculated, + then this value is set to 1. Otherwise, this value is set to 2. + - >- + Count of subscriptions needed to sync source data for PostgreSQL + database. + - Final parallel level that is used to do migration. + - >- + The disk size of the replica instance is smaller than the data + size of the source instance. + - >- + The data size of the source instance is greater than 1 TB, the + number of cores of the replica instance is less than 8, and the + memory of the replica is less than 32 GB. + - >- + The warning message indicates the unsupported extensions will not + be migrated to the destination. + - >- + The warning message indicates the pg_cron extension and settings + will not be migrated to the destination. + - >- + The error message indicates that pg_cron flags are enabled on the + destination which is not supported during the migration. + - >- + This error message indicates that the specified extensions are not + enabled on destination instance. For example, before you can + migrate data to the destination instance, you must enable the + PGAudit extension on the instance. + - >- + The source database has generated columns that can't be migrated. + Please change them to regular columns before migration. + - >- + The source database has users that aren't created in the replica. + First, create all users, which are in the pg_user_mappings table + of the source database, in the destination instance. Then, perform + the migration. + - >- + The selected objects include system objects that aren't supported + for migration. + - >- + The source database has tables with the FULL or NOTHING replica + identity. Before starting your migration, either remove the + identity or change it to DEFAULT. Note that this is an error and + will block the migration. + - The selected objects don't exist on the source instance. + - >- + PSC only destination instance does not have a network attachment + URI. + - >- + Selected objects reference unselected objects. Based on their + object type (foreign key constraint or view), selected objects + will fail during migration. + - >- + The migration will delete existing data in the replica; set + replica_overwrite_enabled in the request to acknowledge this. This + is an error. MySQL only. + - >- + The migration will delete existing data in the replica; + replica_overwrite_enabled was set in the request acknowledging + this. This is a warning rather than an error. MySQL only. + - >- + The replication user is missing specific privileges to setup DDL + replication. (e.g. CREATE EVENT TRIGGER, CREATE SCHEMA) for + PostgreSQL. + type: string + description: Identifies the specific error that occurred. + enum: + - SQL_EXTERNAL_SYNC_SETTING_ERROR_TYPE_UNSPECIFIED + - CONNECTION_FAILURE + - BINLOG_NOT_ENABLED + - INCOMPATIBLE_DATABASE_VERSION + - REPLICA_ALREADY_SETUP + - INSUFFICIENT_PRIVILEGE + - UNSUPPORTED_MIGRATION_TYPE + - NO_PGLOGICAL_INSTALLED + - PGLOGICAL_NODE_ALREADY_EXISTS + - INVALID_WAL_LEVEL + - INVALID_SHARED_PRELOAD_LIBRARY + - INSUFFICIENT_MAX_REPLICATION_SLOTS + - INSUFFICIENT_MAX_WAL_SENDERS + - INSUFFICIENT_MAX_WORKER_PROCESSES + - UNSUPPORTED_EXTENSIONS + - INVALID_RDS_LOGICAL_REPLICATION + - INVALID_LOGGING_SETUP + - INVALID_DB_PARAM + - UNSUPPORTED_GTID_MODE + - SQLSERVER_AGENT_NOT_RUNNING + - UNSUPPORTED_TABLE_DEFINITION + - UNSUPPORTED_DEFINER + - SQLSERVER_SERVERNAME_MISMATCH + - PRIMARY_ALREADY_SETUP + - UNSUPPORTED_BINLOG_FORMAT + - BINLOG_RETENTION_SETTING + - UNSUPPORTED_STORAGE_ENGINE + - LIMITED_SUPPORT_TABLES + - EXISTING_DATA_IN_REPLICA + - MISSING_OPTIONAL_PRIVILEGES + - RISKY_BACKUP_ADMIN_PRIVILEGE + - INSUFFICIENT_GCS_PERMISSIONS + - INVALID_FILE_INFO + - UNSUPPORTED_DATABASE_SETTINGS + - MYSQL_PARALLEL_IMPORT_INSUFFICIENT_PRIVILEGE + - LOCAL_INFILE_OFF + - TURN_ON_PITR_AFTER_PROMOTE + - INCOMPATIBLE_DATABASE_MINOR_VERSION + - SOURCE_MAX_SUBSCRIPTIONS + - UNABLE_TO_VERIFY_DEFINERS + - SUBSCRIPTION_CALCULATION_STATUS + - PG_SUBSCRIPTION_COUNT + - PG_SYNC_PARALLEL_LEVEL + - INSUFFICIENT_DISK_SIZE + - INSUFFICIENT_MACHINE_TIER + - UNSUPPORTED_EXTENSIONS_NOT_MIGRATED + - EXTENSIONS_NOT_MIGRATED + - PG_CRON_FLAG_ENABLED_IN_REPLICA + - EXTENSIONS_NOT_ENABLED_IN_REPLICA + - UNSUPPORTED_COLUMNS + - USERS_NOT_CREATED_IN_REPLICA + - UNSUPPORTED_SYSTEM_OBJECTS + - UNSUPPORTED_TABLES_WITH_REPLICA_IDENTITY + - SELECTED_OBJECTS_NOT_EXIST_ON_SOURCE + - PSC_ONLY_INSTANCE_WITH_NO_NETWORK_ATTACHMENT_URI + - SELECTED_OBJECTS_REFERENCE_UNSELECTED_OBJECTS + - PROMPT_DELETE_EXISTING + - WILL_DELETE_EXISTING + - PG_DDL_REPLICATION_INSUFFICIENT_PRIVILEGE + id: SqlExternalSyncSettingError + description: External primary instance migration setting error/warning. + OperationError: + description: Database instance operation error. + type: object + properties: + message: + description: Additional information about the error encountered. + type: string + kind: + description: This is always `sql#operationError`. + type: string + code: + description: Identifies the specific error that occurred. + type: string + id: OperationError + SqlScheduledMaintenance: + properties: + scheduleDeadlineTime: + format: google-datetime + description: Maintenance cannot be rescheduled to start beyond this deadline. + type: string + canReschedule: + description: If the scheduled maintenance can be rescheduled. + type: boolean + startTime: + type: string + format: google-datetime + description: >- + The start time of any upcoming scheduled maintenance for this + instance. + canDefer: + deprecated: true + type: boolean + description: Any scheduled maintenance for this instance. + id: SqlScheduledMaintenance + type: object + QueryResult: + properties: + rows: + items: + $ref: '#/components/schemas/Row' + type: array + description: Rows returned by the SQL statement. + columns: + items: + $ref: '#/components/schemas/Column' + type: array + description: >- + List of columns included in the result. This also includes the data + type of the column. + message: + type: string + description: Message related to the SQL execution result. + status: + description: If results were truncated due to an error, details of that error. + $ref: '#/components/schemas/Status' + partialResult: + description: >- + Set to true if the SQL execution's result is truncated due to size + limits or an error retrieving results. + type: boolean + id: QueryResult + type: object + description: QueryResult contains the result of executing a single SQL statement. + SqlInstancesResetReplicaSizeRequest: + id: SqlInstancesResetReplicaSizeRequest + type: object + properties: {} + description: Instance reset replica size request. + SslCertsInsertResponse: + properties: + operation: + description: The operation to track the ssl certs insert request. + $ref: '#/components/schemas/Operation' + clientCert: + description: The new client certificate and private key. + $ref: '#/components/schemas/SslCertDetail' + serverCaCert: + description: >- + The server Certificate Authority's certificate. If this is missing + you can force a new one to be generated by calling resetSslConfig + method on instances resource. + $ref: '#/components/schemas/SslCert' + kind: + type: string + description: This is always `sql#sslCertsInsert`. + id: SslCertsInsertResponse + description: SslCert insert response. + type: object + Interval: + id: Interval + type: object + properties: + startTime: + description: >- + Optional. Inclusive start of the interval. If specified, a Timestamp + matching this interval will have to be the same or after the start. + format: google-datetime + type: string + endTime: + type: string + format: google-datetime + description: >- + Optional. Exclusive end of the interval. If specified, a Timestamp + matching this interval will have to be before the end. + description: >- + Represents a time interval, encoded as a Timestamp start (inclusive) and + a Timestamp end (exclusive). The start must be less than or equal to the + end. When the start equals the end, the interval is empty (matches no + time). When both start and end are unspecified, the interval matches any + time. + InstanceReference: + properties: + name: + type: string + description: >- + The name of the Cloud SQL instance being referenced. This does not + include the project ID. + region: + type: string + description: The region of the Cloud SQL instance being referenced. + project: + description: >- + The project ID of the Cloud SQL instance being referenced. The + default is the same project ID as the instance references it. + type: string + type: object + id: InstanceReference + description: Reference to another Cloud SQL instance. + DataCacheConfig: + properties: + dataCacheEnabled: + type: boolean + description: Whether data cache is enabled for the instance. + type: object + description: Data cache configurations. + id: DataCacheConfig + PasswordStatus: + id: PasswordStatus + description: Read-only password status. + properties: + locked: + type: boolean + description: If true, user does not have login privileges. + passwordExpirationTime: + type: string + description: The expiration time of the current password. + format: google-datetime + type: object + User: + description: A Cloud SQL user resource. + id: User + type: object + properties: + dualPasswordType: + enumDescriptions: + - The default value. + - Do not update the user's dual password status. + - No dual password usable for connecting using this user. + - Dual password usable for connecting using this user. + type: string + enum: + - DUAL_PASSWORD_TYPE_UNSPECIFIED + - NO_MODIFY_DUAL_PASSWORD + - NO_DUAL_PASSWORD + - DUAL_PASSWORD + description: Dual password status for the user. + password: + description: The password for the user. + type: string + passwordPolicy: + description: User level password validation policy. + $ref: '#/components/schemas/UserPasswordValidationPolicy' + project: + description: >- + The project ID of the project containing the Cloud SQL database. The + Google apps domain is prefixed if applicable. Can be omitted for + `update` because it is already specified on the URL. + type: string + host: + type: string + description: >- + Optional. The host from which the user can connect. For `insert` + operations, host defaults to an empty string. For `update` + operations, host is specified as part of the request URL. The host + name cannot be updated after insertion. For a MySQL instance, it's + required; for a PostgreSQL or SQL Server instance, it's optional. + instance: + description: >- + The name of the Cloud SQL instance. This does not include the + project ID. Can be omitted for `update` because it is already + specified on the URL. + type: string + kind: + description: This is always `sql#user`. + type: string + iamStatus: + enum: + - IAM_STATUS_UNSPECIFIED + - INACTIVE + - ACTIVE + enumDescriptions: + - >- + The default value for users that are not of type CLOUD_IAM_GROUP. + Only CLOUD_IAM_GROUP users will be inactive or active. Users with + an IamStatus of IAM_STATUS_UNSPECIFIED will not display whether + they are active or inactive as that is not applicable to them. + - >- + INACTIVE indicates a group is not available for IAM database + authentication. + - >- + ACTIVE indicates a group is available for IAM database + authentication. + type: string + description: >- + Indicates if a group is active or inactive for IAM database + authentication. + iamEmail: + type: string + description: >- + Optional. The full email for an IAM user. For normal database users, + this will not be filled. Only applicable to MySQL database users. + databaseRoles: + items: + type: string + type: array + description: Optional. Role memberships of the user + sqlserverUserDetails: + $ref: '#/components/schemas/SqlServerUserDetails' + etag: + type: string + description: >- + This field is deprecated and will be removed from a future version + of the API. + name: + type: string + description: >- + The name of the user in the Cloud SQL instance. Can be omitted for + `update` because it is already specified in the URL. + type: + enum: + - BUILT_IN + - CLOUD_IAM_USER + - CLOUD_IAM_SERVICE_ACCOUNT + - CLOUD_IAM_GROUP + - CLOUD_IAM_GROUP_USER + - CLOUD_IAM_GROUP_SERVICE_ACCOUNT + - ENTRAID_USER + enumDescriptions: + - The database's built-in user type. + - Cloud IAM user. + - Cloud IAM service account. + - Cloud IAM group. Not used for login. + - Read-only. Login for a user that belongs to the Cloud IAM group. + - >- + Read-only. Login for a service account that belongs to the Cloud + IAM group. + - Microsoft Entra ID user. + type: string + description: >- + The user type. It determines the method to authenticate the user + during login. The default is the database's built-in user type. + DatabaseFlags: + id: DatabaseFlags + properties: + name: + description: >- + The name of the flag. These flags are passed at instance startup, so + include both server options and system variables. Flags are + specified with underscores, not hyphens. For more information, see + [Configuring Database + Flags](https://cloud.google.com/sql/docs/mysql/flags) in the Cloud + SQL documentation. + type: string + value: + description: >- + The value of the flag. Boolean flags are set to `on` for true and + `off` for false. This field must be omitted if the flag doesn't take + a value. + type: string + type: object + description: Database flags for Cloud SQL instances. + InstancesReencryptRequest: + type: object + properties: + backupReencryptionConfig: + $ref: '#/components/schemas/BackupReencryptionConfig' + description: Configuration specific to backup re-encryption + description: Database Instance reencrypt request. + id: InstancesReencryptRequest + DemoteContext: + description: >- + This context is used to demote an existing standalone instance to be a + Cloud SQL read replica for an external database server. + type: object + properties: + kind: + type: string + description: This is always `sql#demoteContext`. + sourceRepresentativeInstanceName: + type: string + description: >- + Required. The name of the instance which acts as the on-premises + primary instance in the replication setup. + id: DemoteContext + PscConfig: + properties: + pscAutoConnections: + description: >- + Optional. The list of settings for requested Private Service Connect + consumer endpoints that can be used to connect to this Cloud SQL + instance. + type: array + items: + $ref: '#/components/schemas/PscAutoConnectionConfig' + networkAttachmentUri: + type: string + description: >- + Optional. The network attachment of the consumer network that the + Private Service Connect enabled Cloud SQL instance is authorized to + connect via PSC interface. format: + projects/PROJECT/regions/REGION/networkAttachments/ID + pscEnabled: + description: Whether PSC connectivity is enabled for this instance. + type: boolean + allowedConsumerProjects: + items: + type: string + description: >- + Optional. The list of consumer projects that are allow-listed for + PSC connections to this instance. This instance can be connected to + with PSC from any network in these projects. Each consumer project + in this list may be represented by a project number (numeric) or by + a project id (alphanumeric). + type: array + type: object + description: PSC settings for a Cloud SQL instance. + id: PscConfig + FlagsListResponse: + id: FlagsListResponse + description: Flags list response. + type: object + properties: + kind: + description: This is always `sql#flagsList`. + type: string + items: + items: + $ref: '#/components/schemas/Flag' + description: List of flags. + type: array + MySqlReplicaConfiguration: + type: object + properties: + sslCipher: + description: A list of permissible ciphers to use for SSL encryption. + type: string + connectRetryInterval: + description: >- + Seconds to wait between connect retries. MySQL's default is 60 + seconds. + type: integer + format: int32 + clientKey: + description: >- + PEM representation of the replica's private key. The corresponding + public key is encoded in the client's certificate. + type: string + verifyServerCertificate: + description: >- + Whether or not to check the primary instance's Common Name value in + the certificate that it sends during the SSL handshake. + type: boolean + masterHeartbeatPeriod: + format: int64 + description: Interval in milliseconds between replication heartbeats. + type: string + clientCertificate: + type: string + description: PEM representation of the replica's x509 certificate. + kind: + type: string + description: This is always `sql#mysqlReplicaConfiguration`. + password: + description: The password for the replication connection. + type: string + caCertificate: + description: PEM representation of the trusted CA's x509 certificate. + type: string + username: + description: The username for the replication connection. + type: string + dumpFilePath: + description: >- + Path to a SQL dump file in Google Cloud Storage from which the + replica instance is to be created. The URI is in the form + gs://bucketName/fileName. Compressed gzip files (.gz) are also + supported. Dumps have the binlog co-ordinates from which replication + begins. This can be accomplished by setting --master-data to 1 when + using mysqldump. + type: string + id: MySqlReplicaConfiguration + description: Read-replica configuration specific to MySQL databases. + OnPremisesConfiguration: + type: object + properties: + caCertificate: + description: PEM representation of the trusted CA's x509 certificate. + type: string + password: + type: string + description: The password for connecting to on-premises instance. + selectedObjects: + description: >- + Optional. A list of objects that the user selects for replication + from an external source instance. + type: array + items: + $ref: '#/components/schemas/SelectedObjects' + clientKey: + description: >- + PEM representation of the replica's private key. The corresponding + public key is encoded in the client's certificate. + type: string + username: + type: string + description: The username for connecting to on-premises instance. + clientCertificate: + description: PEM representation of the replica's x509 certificate. + type: string + sourceInstance: + $ref: '#/components/schemas/InstanceReference' + description: The reference to Cloud SQL instance if the source is Cloud SQL. + hostPort: + type: string + description: The host and port of the on-premises instance in host:port format + kind: + type: string + description: This is always `sql#onPremisesConfiguration`. + dumpFilePath: + type: string + description: The dump file to create the Cloud SQL replica. + sslOption: + enum: + - SSL_OPTION_UNSPECIFIED + - DISABLE + - REQUIRE + - VERIFY_CA + description: >- + Optional. SSL option for replica connection to the on-premises + source. + enumDescriptions: + - Unknown SSL option i.e. SSL option not specified by user. + - SSL is not used for replica connection to the on-premises source. + - SSL is required for replica connection to the on-premises source. + - >- + Verify CA is required for replica connection to the on-premises + source. + type: string + id: OnPremisesConfiguration + description: On-premises instance configuration. + Reschedule: + properties: + rescheduleType: enum: - - SQL_FLAG_TYPE_UNSPECIFIED - - BOOLEAN - - STRING - - INTEGER - - NONE - - MYSQL_TIMEZONE_OFFSET - - FLOAT - - REPEATED_STRING - appliesTo: + - RESCHEDULE_TYPE_UNSPECIFIED + - IMMEDIATE + - NEXT_AVAILABLE_WINDOW + - SPECIFIC_TIME + enumDescriptions: + - '' + - Reschedules maintenance to happen now (within 5 minutes). + - >- + Reschedules maintenance to occur within one week from the + originally scheduled day and time. + - Reschedules maintenance to a specific time and day. + description: Required. The type of the reschedule. + type: string + scheduleTime: description: >- - The database version this flag applies to. Can be MySQL instances: - `MYSQL_8_0`, `MYSQL_8_0_18`, `MYSQL_8_0_26`, `MYSQL_5_7`, or - `MYSQL_5_6`. PostgreSQL instances: `POSTGRES_9_6`, `POSTGRES_10`, - `POSTGRES_11` or `POSTGRES_12`. SQL Server instances: - `SQLSERVER_2017_STANDARD`, `SQLSERVER_2017_ENTERPRISE`, - `SQLSERVER_2017_EXPRESS`, `SQLSERVER_2017_WEB`, - `SQLSERVER_2019_STANDARD`, `SQLSERVER_2019_ENTERPRISE`, - `SQLSERVER_2019_EXPRESS`, or `SQLSERVER_2019_WEB`. See [the complete - list](/sql/docs/mysql/admin-api/rest/v1/SqlDatabaseVersion). - type: array - items: - type: string - enumDescriptions: - - This is an unknown database version. - - The database version is MySQL 5.1. - - The database version is MySQL 5.5. - - The database version is MySQL 5.6. - - The database version is MySQL 5.7. - - The database version is MySQL 8. - - >- - The database major version is MySQL 8.0 and the minor version is - 18. - - >- - The database major version is MySQL 8.0 and the minor version is - 26. - - >- - The database major version is MySQL 8.0 and the minor version is - 27. - - >- - The database major version is MySQL 8.0 and the minor version is - 28. - - >- - The database major version is MySQL 8.0 and the minor version is - 29. - - >- - The database major version is MySQL 8.0 and the minor version is - 30. - - >- - The database major version is MySQL 8.0 and the minor version is - 31. - - >- - The database major version is MySQL 8.0 and the minor version is - 32. - - >- - The database major version is MySQL 8.0 and the minor version is - 33. - - >- - The database major version is MySQL 8.0 and the minor version is - 34. - - >- - The database major version is MySQL 8.0 and the minor version is - 35. - - >- - The database major version is MySQL 8.0 and the minor version is - 36. - - >- - The database major version is MySQL 8.0 and the minor version is - 37. - - >- - The database major version is MySQL 8.0 and the minor version is - 39. - - >- - The database major version is MySQL 8.0 and the minor version is - 40. - - >- - The database major version is MySQL 8.0 and the minor version is - 41. - - >- - The database major version is MySQL 8.0 and the minor version is - 42. - - >- - The database major version is MySQL 8.0 and the minor version is - 43. - - >- - The database major version is MySQL 8.0 and the minor version is - 44. - - >- - The database major version is MySQL 8.0 and the minor version is - 45. - - >- - The database major version is MySQL 8.0 and the minor version is - 46. - - The database version is MySQL 8.4. - - The database version is SQL Server 2017 Standard. - - The database version is SQL Server 2017 Enterprise. - - The database version is SQL Server 2017 Express. - - The database version is SQL Server 2017 Web. - - The database version is PostgreSQL 9.6. - - The database version is PostgreSQL 10. - - The database version is PostgreSQL 11. - - The database version is PostgreSQL 12. - - The database version is PostgreSQL 13. - - The database version is PostgreSQL 14. - - The database version is PostgreSQL 15. - - The database version is PostgreSQL 16. - - The database version is PostgreSQL 17. - - The database version is SQL Server 2019 Standard. - - The database version is SQL Server 2019 Enterprise. - - The database version is SQL Server 2019 Express. - - The database version is SQL Server 2019 Web. - - The database version is SQL Server 2022 Standard. - - The database version is SQL Server 2022 Enterprise. - - The database version is SQL Server 2022 Express. - - The database version is SQL Server 2022 Web. - enumDeprecated: - - false - - true - - true - - false - - false - - false - - false - - false - - false - - false - - true - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - - false - enum: - - SQL_DATABASE_VERSION_UNSPECIFIED - - MYSQL_5_1 - - MYSQL_5_5 - - MYSQL_5_6 - - MYSQL_5_7 - - MYSQL_8_0 - - MYSQL_8_0_18 - - MYSQL_8_0_26 - - MYSQL_8_0_27 - - MYSQL_8_0_28 - - MYSQL_8_0_29 - - MYSQL_8_0_30 - - MYSQL_8_0_31 - - MYSQL_8_0_32 - - MYSQL_8_0_33 - - MYSQL_8_0_34 - - MYSQL_8_0_35 - - MYSQL_8_0_36 - - MYSQL_8_0_37 - - MYSQL_8_0_39 - - MYSQL_8_0_40 - - MYSQL_8_0_41 - - MYSQL_8_0_42 - - MYSQL_8_0_43 - - MYSQL_8_0_44 - - MYSQL_8_0_45 - - MYSQL_8_0_46 - - MYSQL_8_4 - - SQLSERVER_2017_STANDARD - - SQLSERVER_2017_ENTERPRISE - - SQLSERVER_2017_EXPRESS - - SQLSERVER_2017_WEB - - POSTGRES_9_6 - - POSTGRES_10 - - POSTGRES_11 - - POSTGRES_12 - - POSTGRES_13 - - POSTGRES_14 - - POSTGRES_15 - - POSTGRES_16 - - POSTGRES_17 - - SQLSERVER_2019_STANDARD - - SQLSERVER_2019_ENTERPRISE - - SQLSERVER_2019_EXPRESS - - SQLSERVER_2019_WEB - - SQLSERVER_2022_STANDARD - - SQLSERVER_2022_ENTERPRISE - - SQLSERVER_2022_EXPRESS - - SQLSERVER_2022_WEB - allowedStringValues: - description: For `STRING` flags, a list of strings that the value can be set to. + Optional. Timestamp when the maintenance shall be rescheduled to if + reschedule_type=SPECIFIC_TIME, in [RFC + 3339](https://tools.ietf.org/html/rfc3339) format, for example + `2012-11-15T16:19:00.094Z`. + type: string + format: google-datetime + type: object + id: Reschedule + DemoteMasterContext: + type: object + description: Database instance demote primary instance context. + id: DemoteMasterContext + properties: + verifyGtidConsistency: + type: boolean + description: >- + Verify the GTID consistency for demote operation. Default value: + `True`. Setting this flag to `false` enables you to bypass the GTID + consistency check between on-premises primary instance and Cloud SQL + instance during the demotion operation but also exposes you to the + risk of future replication failures. Change the value only if you + know the reason for the GTID divergence and are confident that doing + so will not cause any replication issues. + skipReplicationSetup: + description: Flag to skip replication setup on the instance. + type: boolean + masterInstanceName: + description: >- + The name of the instance which will act as on-premises primary + instance in the replication setup. + type: string + replicaConfiguration: + $ref: '#/components/schemas/DemoteMasterConfiguration' + description: >- + Configuration specific to read-replicas replicating from the + on-premises primary instance. + kind: + description: This is always `sql#demoteMasterContext`. + type: string + InstancesRotateEntraIdCertificateRequest: + description: Rotate Entra ID certificate request. + properties: + rotateEntraIdCertificateContext: + description: >- + Optional. Contains details about the rotate server certificate + operation. + $ref: '#/components/schemas/RotateEntraIdCertificateContext' + type: object + id: InstancesRotateEntraIdCertificateRequest + GenerateEphemeralCertResponse: + type: object + id: GenerateEphemeralCertResponse + description: Ephemeral certificate creation request. + properties: + ephemeralCert: + $ref: '#/components/schemas/SslCert' + description: Generated cert + ReadPoolAutoScaleConfig: + id: ReadPoolAutoScaleConfig + properties: + scaleOutCooldownSeconds: + description: The cooldown period for scale-out operations. + type: integer + format: int32 + minNodeCount: + type: integer + description: Minimum number of read pool nodes to be maintained. + format: int32 + targetMetrics: type: array + description: Optional. Target metrics for read pool auto scaling. items: - type: string - minValue: - description: For `INTEGER` flags, the minimum allowed value. + $ref: '#/components/schemas/TargetMetric' + scaleInCooldownSeconds: + format: int32 + type: integer + description: The cooldown period for scale-in operations. + enabled: + description: Indicates whether read pool auto scaling is enabled. + type: boolean + disableScaleIn: + description: >- + Indicates whether read pool auto scaling supports scale in + operations (removing nodes). + type: boolean + maxNodeCount: + type: integer + format: int32 + description: Maximum number of read pool nodes to be maintained. + type: object + description: The read pool auto-scale configuration. + ImportContext: + id: ImportContext + type: object + properties: + kind: + description: This is always `sql#importContext`. type: string - format: int64 - maxValue: - description: For `INTEGER` flags, the maximum allowed value. + sqlImportOptions: + description: Optional. Options for importing data from SQL statements. + type: object + properties: + parallel: + type: boolean + description: Optional. Whether or not the import should be parallel. + threads: + type: integer + format: int32 + description: Optional. The number of threads to use for parallel import. + postgresImportOptions: + description: >- + Optional. Options for importing from a Cloud SQL for PostgreSQL + instance. + properties: + clean: + description: >- + Optional. The --clean flag for the pg_restore utility. This + flag applies only if you enabled Cloud SQL to import files + in parallel. + type: boolean + ifExists: + description: >- + Optional. The --if-exists flag for the pg_restore utility. + This flag applies only if you enabled Cloud SQL to import + files in parallel. + type: boolean + type: object + bakImportOptions: + type: object + properties: + noRecovery: + description: >- + Whether or not the backup importing will restore database with + NORECOVERY option. Applies only to Cloud SQL for SQL Server. + type: boolean + encryptionOptions: + type: object + properties: + pvkPath: + description: >- + Path to the Certificate Private Key (.pvk) in Cloud Storage, + in the form `gs://bucketName/fileName`. The instance must + have write permissions to the bucket and read access to the + file. + type: string + certPath: + description: >- + Path to the Certificate (.cer) in Cloud Storage, in the form + `gs://bucketName/fileName`. The instance must have write + permissions to the bucket and read access to the file. + type: string + keepEncrypted: + type: boolean + description: Optional. Whether the imported file remains encrypted. + pvkPassword: + type: string + description: Password that encrypts the private key + stopAtMark: + description: >- + Optional. The marked transaction where the import should stop. + This field is equivalent to the STOPATMARK keyword and applies + to Cloud SQL for SQL Server only. + type: string + stopAt: + type: string + format: google-datetime + description: >- + Optional. The timestamp when the import should stop. This + timestamp is in the [RFC + 3339](https://tools.ietf.org/html/rfc3339) format (for example, + `2023-10-01T16:19:00.094`). This field is equivalent to the + STOPAT keyword and applies to Cloud SQL for SQL Server only. + striped: + description: >- + Whether or not the backup set being restored is striped. Applies + only to Cloud SQL for SQL Server. + type: boolean + recoveryOnly: + type: boolean + description: >- + Whether or not the backup importing request will just bring + database online without downloading Bak content only one of + "no_recovery" and "recovery_only" can be true otherwise error + will return. Applies only to Cloud SQL for SQL Server. + bakType: + description: Type of the bak content, FULL or DIFF + type: string + enum: + - BAK_TYPE_UNSPECIFIED + - FULL + - DIFF + - TLOG + enumDescriptions: + - Default type. + - Full backup. + - Differential backup. + - Transaction Log backup + description: Import parameters specific to SQL Server .BAK files + tdeImportOptions: + properties: + privateKeyPassword: + description: Required. Password that encrypts the private key. + type: string + certificatePath: + type: string + description: >- + Required. Path to the TDE certificate public key in the form + gs://bucketName/fileName. The instance must have read access to + the file. Applicable only for SQL Server instances. + name: + description: >- + Required. Certificate name. Applicable only for SQL Server + instances. + type: string + privateKeyPath: + type: string + description: >- + Required. Path to the TDE certificate private key in the form + gs://bucketName/fileName. The instance must have read access to + the file. Applicable only for SQL Server instances. + description: Optional. Import parameters specific to SQL Server TDE certificates + type: object + fileType: + enumDescriptions: + - Unknown file type. + - File containing SQL statements. + - File in CSV format. + - '' + - TDE certificate. + description: >- + The file type for the specified uri.\`SQL`: The file contains SQL + statements. \`CSV`: The file contains CSV data. + enum: + - SQL_FILE_TYPE_UNSPECIFIED + - SQL + - CSV + - BAK + - TDE + type: string + database: + type: string + description: >- + The target database for the import. If `fileType` is `SQL`, this + field is required only if the import file does not specify a + database, and is overridden by any database specification in the + import file. For entire instance parallel import operations, the + database is overridden by the database name stored in subdirectory + name. If `fileType` is `CSV`, one database must be specified. + csvImportOptions: + description: Options for importing data as CSV. + type: object + properties: + quoteCharacter: + description: >- + Specifies the quoting character to be used when a data value is + quoted. + type: string + table: + description: The table to which CSV data is imported. + type: string + columns: + type: array + items: + type: string + description: >- + The columns to which CSV data is imported. If not specified, all + columns of the database table are loaded with CSV data. + fieldsTerminatedBy: + type: string + description: >- + Specifies the character that separates columns within each row + (line) of the file. + escapeCharacter: + description: >- + Specifies the character that should appear before a data + character that needs to be escaped. + type: string + linesTerminatedBy: + description: >- + This is used to separate lines. If a line does not contain all + fields, the rest of the columns are set to their default values. + type: string + importUser: + description: >- + The PostgreSQL user for this import operation. PostgreSQL instances + only. + type: string + uri: + description: >- + Path to the import file in Cloud Storage, in the form + `gs://bucketName/fileName`. Compressed gzip files (.gz) are + supported when `fileType` is `SQL`. The instance must have write + permissions to the bucket and read access to the file. + type: string + description: Database instance import context. + TruncateLogContext: + id: TruncateLogContext + type: object + description: Database Instance truncate log context. + properties: + logType: type: string - format: int64 - requiresRestart: description: >- - Indicates whether changing this flag will trigger a database - restart. Only applicable to Second Generation instances. - type: boolean + The type of log to truncate. Valid values are `MYSQL_GENERAL_TABLE` + and `MYSQL_SLOW_TABLE`. kind: - description: This is always `sql#flag`. + description: This is always `sql#truncateLogContext`. type: string - inBeta: - description: Whether or not the flag is considered in beta. + SqlServerAuditConfig: + description: SQL Server specific audit configuration. + type: object + properties: + kind: + type: string + description: This is always sql#sqlServerAuditConfig + bucket: + description: The name of the destination bucket (e.g., gs://mybucket). + type: string + uploadInterval: + type: string + description: How often to upload generated audit files. + format: google-duration + retentionInterval: + format: google-duration + type: string + description: How long to keep generated audit files. + id: SqlServerAuditConfig + SqlOutOfDiskReport: + type: object + id: SqlOutOfDiskReport + properties: + sqlMinRecommendedIncreaseSizeGb: + format: int32 + description: >- + The minimum recommended increase size in GigaBytes This field is + consumed by the frontend * Writers: * the proactive database + wellness job for OOD. * Readers: + type: integer + sqlOutOfDiskState: + enumDescriptions: + - Unspecified state + - The instance has plenty space on data disk + - >- + Data disk is almost used up. It is shutdown to prevent data + corruption. + enum: + - SQL_OUT_OF_DISK_STATE_UNSPECIFIED + - NORMAL + - SOFT_SHUTDOWN + type: string + description: >- + This field represents the state generated by the proactive database + wellness job for OutOfDisk issues. * Writers: * the proactive + database wellness job for OOD. * Readers: * the proactive database + wellness job + description: >- + This message wraps up the information written by out-of-disk detection + job. + MySqlSyncConfig: + type: object + description: MySQL-specific external server sync settings. + id: MySqlSyncConfig + properties: + initialSyncFlags: + description: Flags to use for the initial dump. + items: + $ref: '#/components/schemas/SyncFlags' + type: array + ExportContext: + description: Database instance export context. + type: object + properties: + csvExportOptions: + properties: + selectQuery: + description: The select query used to extract the data. + type: string + linesTerminatedBy: + description: >- + This is used to separate lines. If a line does not contain all + fields, the rest of the columns are set to their default values. + type: string + escapeCharacter: + type: string + description: >- + Specifies the character that should appear before a data + character that needs to be escaped. + quoteCharacter: + type: string + description: >- + Specifies the quoting character to be used when a data value is + quoted. + fieldsTerminatedBy: + description: >- + Specifies the character that separates columns within each row + (line) of the file. + type: string + type: object + description: >- + Options for exporting data as CSV. `MySQL` and `PostgreSQL` + instances only. + sqlExportOptions: + description: Options for exporting data as SQL statements. + properties: + threads: + type: integer + format: int32 + description: Optional. The number of threads to use for parallel export. + postgresExportOptions: + description: Options for exporting from a Cloud SQL for PostgreSQL instance. + type: object + properties: + clean: + description: >- + Optional. Use this option to include DROP SQL + statements. Use these statements to delete database objects + before running the import operation. + type: boolean + ifExists: + description: >- + Optional. Option to include an IF EXISTS SQL statement with + each DROP statement produced by clean. + type: boolean + tables: + items: + type: string + type: array + description: >- + Tables to export, or that were exported, from the specified + database. If you specify tables, specify one and only one + database. For PostgreSQL instances, you can specify only one + table. + parallel: + description: Optional. Whether or not the export should be parallel. + type: boolean + schemaOnly: + description: Export only schemas. + type: boolean + mysqlExportOptions: + type: object + description: Options for exporting from MySQL. + properties: + masterData: + type: integer + description: >- + Option to include SQL statement required to set up + replication. If set to `1`, the dump file includes a CHANGE + MASTER TO statement with the binary log coordinates, and + --set-gtid-purged is set to ON. If set to `2`, the CHANGE + MASTER TO statement is written as a SQL comment and has no + effect. If set to any value other than `1`, + --set-gtid-purged is set to OFF. + format: int32 + type: object + tdeExportOptions: + properties: + name: + type: string + description: >- + Required. Certificate name. Applicable only for SQL Server + instances. + privateKeyPath: + type: string + description: >- + Required. Path to the TDE certificate private key in the form + gs://bucketName/fileName. The instance must have write access to + the location. Applicable only for SQL Server instances. + privateKeyPassword: + description: Required. Password that encrypts the private key. + type: string + certificatePath: + description: >- + Required. Path to the TDE certificate public key in the form + gs://bucketName/fileName. The instance must have write access to + the bucket. Applicable only for SQL Server instances. + type: string + description: Optional. Export parameters specific to SQL Server TDE certificates + type: object + bakExportOptions: + type: object + description: Options for exporting BAK files (SQL Server-only) + properties: + exportLogEndTime: + type: string + description: >- + Optional. The end timestamp when transaction log will be + included in the export operation. [RFC + 3339](https://tools.ietf.org/html/rfc3339) format (for example, + `2023-10-01T16:19:00.094`) in UTC. When omitted, all available + logs until current time will be included. Only applied to Cloud + SQL for SQL Server. + format: google-datetime + striped: + type: boolean + description: Whether or not the export should be striped. + exportLogStartTime: + type: string + description: >- + Optional. The begin timestamp when transaction log will be + included in the export operation. [RFC + 3339](https://tools.ietf.org/html/rfc3339) format (for example, + `2023-10-01T16:19:00.094`) in UTC. When omitted, all available + logs from the beginning of retention period will be included. + Only applied to Cloud SQL for SQL Server. + format: google-datetime + stripeCount: + type: integer + format: int32 + description: >- + Option for specifying how many stripes to use for the export. If + blank, and the value of the striped field is true, the number of + stripes is automatically chosen. + bakType: + enumDescriptions: + - Default type. + - Full backup. + - Differential backup. + - Transaction Log backup + enum: + - BAK_TYPE_UNSPECIFIED + - FULL + - DIFF + - TLOG + type: string + description: >- + Type of this bak file will be export, FULL or DIFF, SQL Server + only + copyOnly: + deprecated: true + description: >- + Deprecated: copy_only is deprecated. Use differential_base + instead + type: boolean + differentialBase: + description: >- + Whether or not the backup can be used as a differential base + copy_only backup can not be served as differential base + type: boolean + offload: + description: Whether to perform a serverless export. type: boolean - allowedIntValues: + fileType: + type: string + enumDescriptions: + - Unknown file type. + - File containing SQL statements. + - File in CSV format. + - '' + - TDE certificate. + enum: + - SQL_FILE_TYPE_UNSPECIFIED + - SQL + - CSV + - BAK + - TDE + description: The file type for the specified uri. + databases: description: >- - Use this field if only certain integers are accepted. Can be - combined with min_value and max_value to add additional values. - type: array + Databases to be exported. `MySQL instances:` If `fileType` is `SQL` + and no database is specified, all databases are exported, except for + the `mysql` system database. If `fileType` is `CSV`, you can specify + one database, either by using this property or by using the + `csvExportOptions.selectQuery` property, which takes precedence over + this property. `PostgreSQL instances:` If you don't specify a + database by name, all user databases in the instance are exported. + This excludes system databases and Cloud SQL databases used to + manage internal operations. Exporting all user databases is only + available for directory-formatted parallel export. If `fileType` is + `CSV`, this database must match the one specified in the + `csvExportOptions.selectQuery` property. `SQL Server instances:` You + must specify one database to be exported, and the `fileType` must be + `BAK`. items: type: string - format: int64 - flagScope: - description: Scope of flag. - type: string - enumDescriptions: - - Assume database flags if unspecified - - database flags - - connection pool configuration flags - enum: - - SQL_FLAG_SCOPE_UNSPECIFIED - - SQL_FLAG_SCOPE_DATABASE - - SQL_FLAG_SCOPE_CONNECTION_POOL - recommendedStringValue: - description: Recommended string value in string format for UI display. - type: string - recommendedIntValue: - description: Recommended int value in integer format for UI display. - type: string - format: int64 - OperationsListResponse: - id: OperationsListResponse - description: Operations list response. - type: object - properties: - kind: - description: This is always `sql#operationsList`. - type: string - items: - description: List of operation resources. type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: >- - The continuation token, used to page through large result sets. - Provide this value in a subsequent request to return the next page - of results. - type: string - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - SslCertsInsertRequest: - id: SslCertsInsertRequest - description: SslCerts insert request. - type: object - properties: - commonName: - description: >- - User supplied name. Must be a distinct name from the other - certificates for this instance. - type: string - SslCertsInsertResponse: - id: SslCertsInsertResponse - description: SslCert insert response. - type: object - properties: kind: - description: This is always `sql#sslCertsInsert`. + description: This is always `sql#exportContext`. type: string - operation: - description: The operation to track the ssl certs insert request. - $ref: '#/components/schemas/Operation' - serverCaCert: - description: >- - The server Certificate Authority's certificate. If this is missing - you can force a new one to be generated by calling resetSslConfig - method on instances resource. - $ref: '#/components/schemas/SslCert' - clientCert: - description: The new client certificate and private key. - $ref: '#/components/schemas/SslCertDetail' - SslCertDetail: - id: SslCertDetail - description: SslCertDetail. - type: object - properties: - certInfo: - description: The public information about the cert. - $ref: '#/components/schemas/SslCert' - certPrivateKey: + uri: description: >- - The private key for the client cert, in pem format. Keep private in - order to protect your security. - type: string - SslCertsListResponse: - id: SslCertsListResponse - description: SslCerts list response. - type: object - properties: - kind: - description: This is always `sql#sslCertsList`. - type: string - items: - description: List of client certificates for the instance. - type: array - items: - $ref: '#/components/schemas/SslCert' - TiersListResponse: - id: TiersListResponse - description: Tiers list response. - type: object - properties: - kind: - description: This is always `sql#tiersList`. + The path to the file in Google Cloud Storage where the export will + be stored. The URI is in the form `gs://bucketName/fileName`. If the + file already exists, the request succeeds, but the operation fails. + If `fileType` is `SQL` and the filename ends with .gz, the contents + are compressed. type: string - items: - description: List of tiers. - type: array - items: - $ref: '#/components/schemas/Tier' - Tier: - id: Tier - description: A Google Cloud SQL service tier resource. - type: object + id: ExportContext + LocationPreference: + description: >- + Preferred location. This specifies where a Cloud SQL instance is + located. Note that if the preferred location is not available, the + instance will be located as close as possible within the region. Only + one location may be specified. properties: - tier: + zone: description: >- - An identifier for the machine type, for example, `db-custom-1-3840`. - For related information, see [Pricing](/sql/pricing). - type: string - RAM: - description: The maximum RAM usage of this tier in bytes. - type: string - format: int64 - kind: - description: This is always `sql#tier`. - type: string - DiskQuota: - description: The maximum disk size of this tier in bytes. + The preferred Compute Engine zone (for example: us-central1-a, + us-central1-b, etc.). WARNING: Changing this might restart the + instance. type: string - format: int64 - region: - description: The applicable regions for this tier. - type: array - items: - type: string - User: - id: User - description: A Cloud SQL user resource. - type: object - properties: kind: - description: This is always `sql#user`. - type: string - password: - description: The password for the user. - type: string - etag: - description: >- - This field is deprecated and will be removed from a future version - of the API. - type: string - name: - description: >- - The name of the user in the Cloud SQL instance. Can be omitted for - `update` because it is already specified in the URL. - type: string - host: - description: >- - Optional. The host from which the user can connect. For `insert` - operations, host defaults to an empty string. For `update` - operations, host is specified as part of the request URL. The host - name cannot be updated after insertion. For a MySQL instance, it's - required; for a PostgreSQL or SQL Server instance, it's optional. + description: This is always `sql#locationPreference`. type: string - instance: - description: >- - The name of the Cloud SQL instance. This does not include the - project ID. Can be omitted for `update` because it is already - specified on the URL. + secondaryZone: type: string - project: description: >- - The project ID of the project containing the Cloud SQL database. The - Google apps domain is prefixed if applicable. Can be omitted for - `update` because it is already specified on the URL. - type: string - type: + The preferred Compute Engine zone for the secondary/failover (for + example: us-central1-a, us-central1-b, etc.). To disable this field, + set it to 'no_secondary_zone'. + followGaeApplication: description: >- - The user type. It determines the method to authenticate the user - during login. The default is the database's built-in user type. - type: string - enumDescriptions: - - The database's built-in user type. - - Cloud IAM user. - - Cloud IAM service account. - - Cloud IAM group. Not used for login. - - Read-only. Login for a user that belongs to the Cloud IAM group. - - >- - Read-only. Login for a service account that belongs to the Cloud - IAM group. - enum: - - BUILT_IN - - CLOUD_IAM_USER - - CLOUD_IAM_SERVICE_ACCOUNT - - CLOUD_IAM_GROUP - - CLOUD_IAM_GROUP_USER - - CLOUD_IAM_GROUP_SERVICE_ACCOUNT - sqlserverUserDetails: - $ref: '#/components/schemas/SqlServerUserDetails' - passwordPolicy: - description: User level password validation policy. - $ref: '#/components/schemas/UserPasswordValidationPolicy' - dualPasswordType: - description: Dual password status for the user. - type: string - enumDescriptions: - - The default value. - - Do not update the user's dual password status. - - No dual password usable for connecting using this user. - - Dual password usable for connecting using this user. - enum: - - DUAL_PASSWORD_TYPE_UNSPECIFIED - - NO_MODIFY_DUAL_PASSWORD - - NO_DUAL_PASSWORD - - DUAL_PASSWORD + The App Engine application to follow, it must be in the same region + as the Cloud SQL instance. WARNING: Changing this might restart the + instance. + type: string + deprecated: true + type: object + id: LocationPreference SqlServerUserDetails: - id: SqlServerUserDetails description: Represents a Sql Server user on the Cloud SQL instance. - type: object + id: SqlServerUserDetails properties: disabled: description: If the user has been disabled type: boolean serverRoles: description: The server roles for this user - type: array items: type: string - UserPasswordValidationPolicy: - id: UserPasswordValidationPolicy - description: User level password validation policy. + type: array + type: object + AdvancedMachineFeatures: + id: AdvancedMachineFeatures type: object + description: Specifies options for controlling advanced machine features. properties: - allowedFailedAttempts: - description: Number of failed login attempts allowed before user get locked. + threadsPerCore: type: integer format: int32 - passwordExpirationDuration: - description: Expiration duration after password is updated. + description: The number of threads per physical core. + ApiWarning: + id: ApiWarning + description: An Admin API warning message. + type: object + properties: + code: + enum: + - SQL_API_WARNING_CODE_UNSPECIFIED + - REGION_UNREACHABLE + - MAX_RESULTS_EXCEEDS_LIMIT + - COMPROMISED_CREDENTIALS + - INTERNAL_STATE_FAILURE + description: Code to uniquely identify the warning type. type: string - format: google-duration - enableFailedAttemptsCheck: - description: If true, failed login attempts check will be enabled. - type: boolean - status: - description: Output only. Read-only password status. - readOnly: true - $ref: '#/components/schemas/PasswordStatus' - enablePasswordVerification: - description: >- - If true, the user must specify the current password before changing - the password. This flag is supported only for MySQL. - type: boolean - PasswordStatus: - id: PasswordStatus - description: Read-only password status. + enumDescriptions: + - An unknown or unset warning type from Cloud SQL API. + - >- + Warning when one or more regions are not reachable. The returned + result set may be incomplete. + - >- + Warning when user provided maxResults parameter exceeds the limit. + The returned result set may be incomplete. + - >- + Warning when user tries to create/update a user with credentials + that have previously been compromised by a public data breach. + - >- + Warning when the operation succeeds but some non-critical workflow + state failed. + message: + description: The warning message. + type: string + region: + type: string + description: The region name for REGION_UNREACHABLE warning. + ConnectPoolNodeConfig: + description: Details of a single read pool node of a read pool. + id: ConnectPoolNodeConfig type: object properties: - locked: - description: If true, user does not have login privileges. - type: boolean - passwordExpirationTime: - description: The expiration time of the current password. + ipAddresses: + readOnly: true + type: array + items: + $ref: '#/components/schemas/IpMapping' + description: >- + Output only. Mappings containing IP addresses that can be used to + connect to the read pool node. + dnsNames: + type: array + items: + $ref: '#/components/schemas/DnsNameMapping' + readOnly: true + description: Output only. The list of DNS names used by this read pool node. + name: + readOnly: true + description: >- + Output only. The name of the read pool node. Doesn't include the + project ID. type: string - format: google-datetime - UsersListResponse: - id: UsersListResponse - description: User list response. + dnsName: + type: string + readOnly: true + description: Output only. The DNS name of the read pool node. + OperationsListResponse: + description: Operations list response. type: object properties: + nextPageToken: + type: string + description: >- + The continuation token, used to page through large result sets. + Provide this value in a subsequent request to return the next page + of results. kind: - description: This is always `sql#usersList`. type: string + description: This is always `sql#operationsList`. items: - description: List of user resources in the instance. + description: List of operation resources. type: array items: - $ref: '#/components/schemas/User' - nextPageToken: - description: Unused. - deprecated: true - type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. - type: object + $ref: '#/components/schemas/Operation' + id: OperationsListResponse + ReplicationCluster: properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. + drReplica: + description: >- + Output only. Read-only field that indicates whether the replica is a + DR replica. This field is not set if the instance is a primary + instance. readOnly: true + type: boolean + failoverDrReplicaName: + description: >- + Optional. If the instance is a primary instance, then this field + identifies the disaster recovery (DR) replica. A DR replica is an + optional configuration for Enterprise Plus edition instances. If the + instance is a read replica, then the field is not set. Set this + field to a replica name to designate a DR replica for a primary + instance. Remove the replica name to remove the DR replica + designation. type: string - format: google-datetime - target: + psaWriteEndpoint: description: >- - Output only. Server-defined resource path for the target of the - operation. + Output only. If set, this field indicates this instance has a + private service access (PSA) DNS endpoint that is pointing to the + primary instance of the cluster. If this instance is the primary, + then the DNS endpoint points to this instance. After a switchover or + replica failover operation, this DNS endpoint points to the promoted + instance. This is a read-only field, returned to the user as + information. This field can exist even if a standalone instance + doesn't have a DR replica yet or the DR replica is deleted. readOnly: true type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true + type: object + description: >- + A primary instance and disaster recovery (DR) replica pair. A DR replica + is a cross-region replica that you designate for failover in the event + that the primary instance experiences regional failure. Applicable to + MySQL and PostgreSQL. + id: ReplicationCluster + ExternalSyncSelectedObject: + id: ExternalSyncSelectedObject + type: object + description: The selected object that Cloud SQL migrates. + properties: + database: + description: The name of the database that Cloud SQL migrates. type: string - statusDetail: - description: Output only. Human-readable status of the operation, if any. - readOnly: true + SslCertsCreateEphemeralRequest: + id: SslCertsCreateEphemeralRequest + description: SslCerts create ephemeral certificate request. + properties: + access_token: type: string - cancelRequested: + description: Access token to include in the signed certificate. + public_key: + type: string + description: PEM encoded public key to include in the signed certificate. + type: object + SqlInstancesExecuteSqlResponse: + type: object + id: SqlInstancesExecuteSqlResponse + properties: + results: + items: + $ref: '#/components/schemas/QueryResult' + type: array + description: The list of results after executing all the SQL statements. + metadata: description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been cancelled successfully - have google.longrunning.Operation.error value with a - google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + The additional metadata information regarding the execution of the + SQL statements. + $ref: '#/components/schemas/Metadata' + status: + $ref: '#/components/schemas/Status' + description: Contains the error from the database if the SQL execution failed. + messages: + description: >- + A list of notices and warnings generated during query execution. For + PostgreSQL, this includes all notices and warnings. For MySQL, this + includes warnings generated by the last executed statement. To + retrieve all warnings for a multi-statement query, `SHOW WARNINGS` + must be executed after each statement. + items: + $ref: '#/components/schemas/Message' + type: array + description: Execute SQL statements response. + InstancesListServerCasResponse: + properties: + certs: + type: array + items: + $ref: '#/components/schemas/SslCert' + description: List of server CA certificates for the instance. + kind: + type: string + description: This is always `sql#instancesListServerCas`. + activeVersion: + type: string + id: InstancesListServerCasResponse + type: object + description: Instances ListServerCas response. + BackupContext: + properties: + backupId: + type: string + description: The identifier of the backup. + format: int64 + name: + description: 'The name of the backup. Format: projects/{project}/backups/{backup}' + type: string + kind: + type: string + description: This is always `sql#backupContext`. + id: BackupContext + type: object + description: Backup context. + Empty: + type: object + properties: {} + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + SqlSubOperationType: + properties: + maintenanceType: + enum: + - SQL_MAINTENANCE_TYPE_UNSPECIFIED + - INSTANCE_MAINTENANCE + - REPLICA_INCLUDED_MAINTENANCE + - INSTANCE_SELF_SERVICE_MAINTENANCE + - REPLICA_INCLUDED_SELF_SERVICE_MAINTENANCE + enumDescriptions: + - Maintenance type is unspecified. + - >- + Indicates that a standalone instance is undergoing maintenance. + The instance can be either a primary instance or a replica. + - >- + Indicates that the primary instance and all of its replicas, + including cascading replicas, are undergoing maintenance. + Maintenance is performed on groups of replicas first, followed by + the primary instance. + - >- + Indicates that the standalone instance is undergoing maintenance, + initiated by self-service. The instance can be either a primary + instance or a replica. + - >- + Indicates that the primary instance and all of its replicas are + undergoing maintenance, initiated by self-service. Maintenance is + performed on groups of replicas first, followed by the primary + instance. type: string + description: The type of maintenance to be performed on the instance. + description: The sub operation type based on the operation type. + type: object + id: SqlSubOperationType parameters: - access_token: - description: OAuth access token. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: access_token + name: uploadType schema: type: string alt: @@ -5878,10 +6517,10 @@ components: - json - media - proto - callback: - description: JSONP + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: callback + name: upload_protocol schema: type: string fields: @@ -5890,6 +6529,12 @@ components: name: fields schema: type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean key: description: >- API key. Your API key identifies your project and provides you with API @@ -5899,18 +6544,27 @@ components: name: key schema: type: string + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string + _.xgafv: + description: V1 error format. + in: query + name: $.xgafv + schema: + type: string + enum: + - '1' + - '2' oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -5920,65 +6574,77 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string - _.xgafv: - description: V1 error format. + callback: + description: JSONP in: query - name: $.xgafv + name: callback schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: - instances_server_ca: - id: google.sqladmin.instances_server_ca - name: instances_server_ca - title: Instances_server_ca + connect: + id: google.sqladmin.connect + name: connect + title: Connect methods: - add_server_ca: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1addServerCa/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1connectSettings/get + response: + mediaType: application/json + openAPIDocKey: '200' + generate_ephemeral: + operation: + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}:generateEphemeralCert/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] - insert: - - $ref: >- - #/components/x-stackQL-resources/instances_server_ca/methods/add_server_ca + select: + - $ref: '#/components/x-stackQL-resources/connect/methods/get' + insert: [] update: [] replace: [] delete: [] - instances_server_certificate: - id: google.sqladmin.instances_server_certificate - name: instances_server_certificate - title: Instances_server_certificate + backups: + id: google.sqladmin.backups + name: backups + title: Backups methods: - add_server_certificate: + delete_backup: operation: - $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1addServerCertificate/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1backups~1{backupsId}/delete' + response: + mediaType: application/json + openAPIDocKey: '200' + get_backup: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1backups~1{backupsId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + update_backup: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1backups~1{backupsId}/patch' + response: + mediaType: application/json + openAPIDocKey: '200' + list_backups: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1backups/get' + response: + mediaType: application/json + openAPIDocKey: '200' + create_backup: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1backups/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: [] - insert: - - $ref: >- - #/components/x-stackQL-resources/instances_server_certificate/methods/add_server_certificate + insert: [] update: [] replace: [] delete: [] @@ -5987,10 +6653,37 @@ components: name: instances title: Instances methods: - clone: + insert: + operation: + $ref: '#/paths/~1v1~1projects~1{project}~1instances/post' + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: '#/paths/~1v1~1projects~1{project}~1instances/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.items + pre_check_major_version_upgrade: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1clone/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1preCheckMajorVersionUpgrade/post + response: + mediaType: application/json + openAPIDocKey: '200' + execute_sql: + operation: + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1executeSql/post + response: + mediaType: application/json + openAPIDocKey: '200' + list_entra_id_certificates: + operation: + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1listEntraIdCertificates/get response: mediaType: application/json openAPIDocKey: '200' @@ -6000,9 +6693,9 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get: + update: operation: - $ref: '#/paths/~1v1~1projects~1{project}~1instances~1{instance}/get' + $ref: '#/paths/~1v1~1projects~1{project}~1instances~1{instance}/put' response: mediaType: application/json openAPIDocKey: '200' @@ -6012,71 +6705,71 @@ components: response: mediaType: application/json openAPIDocKey: '200' - update: + get: operation: - $ref: '#/paths/~1v1~1projects~1{project}~1instances~1{instance}/put' + $ref: '#/paths/~1v1~1projects~1{project}~1instances~1{instance}/get' response: mediaType: application/json openAPIDocKey: '200' - demote_master: + rotate_server_ca: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1demoteMaster/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1rotateServerCa/post response: mediaType: application/json openAPIDocKey: '200' - demote: + reencrypt: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1demote/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1reencrypt/post response: mediaType: application/json openAPIDocKey: '200' - export: + clone: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1export/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1clone/post response: mediaType: application/json openAPIDocKey: '200' - failover: + export: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1failover/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1export/post response: mediaType: application/json openAPIDocKey: '200' - reencrypt: + list_server_certificates: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1reencrypt/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1listServerCertificates/get response: mediaType: application/json openAPIDocKey: '200' - import: + point_in_time_restore: operation: - $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1import/post + $ref: '#/paths/~1v1~1projects~1{projectsId}:pointInTimeRestore/post' response: mediaType: application/json openAPIDocKey: '200' - insert: + acquire_ssrs_lease: operation: - $ref: '#/paths/~1v1~1projects~1{project}~1instances/post' + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1acquireSsrsLease/post response: mediaType: application/json openAPIDocKey: '200' - list: + failover: operation: - $ref: '#/paths/~1v1~1projects~1{project}~1instances/get' + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1failover/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.warnings - list_server_certificates: + reset_ssl_config: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1listServerCertificates/get + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1resetSslConfig/post response: mediaType: application/json openAPIDocKey: '200' @@ -6087,45 +6780,52 @@ components: response: mediaType: application/json openAPIDocKey: '200' - switchover: + restart: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1switchover/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1restart/post response: mediaType: application/json openAPIDocKey: '200' - reset_ssl_config: + stop_replica: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1resetSslConfig/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1stopReplica/post response: mediaType: application/json openAPIDocKey: '200' - restart: + demote_master: + operation: + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1demoteMaster/post + response: + mediaType: application/json + openAPIDocKey: '200' + switchover: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1restart/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1switchover/post response: mediaType: application/json openAPIDocKey: '200' - restore_backup: + truncate_log: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1restoreBackup/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1truncateLog/post response: mediaType: application/json openAPIDocKey: '200' - rotate_server_ca: + demote: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1rotateServerCa/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1demote/post response: mediaType: application/json openAPIDocKey: '200' - rotate_server_certificate: + restore_backup: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1rotateServerCertificate/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1restoreBackup/post response: mediaType: application/json openAPIDocKey: '200' @@ -6136,44 +6836,45 @@ components: response: mediaType: application/json openAPIDocKey: '200' - stop_replica: + rotate_server_certificate: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1stopReplica/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1rotateServerCertificate/post response: mediaType: application/json openAPIDocKey: '200' - truncate_log: + rotate_entra_id_certificate: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1truncateLog/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1rotateEntraIdCertificate/post response: mediaType: application/json openAPIDocKey: '200' - execute_sql: + release_ssrs_lease: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1executeSql/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1releaseSsrsLease/post response: mediaType: application/json openAPIDocKey: '200' - acquire_ssrs_lease: + import: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1acquireSsrsLease/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1import/post response: mediaType: application/json openAPIDocKey: '200' - release_ssrs_lease: + start_external_sync: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1releaseSsrsLease/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1startExternalSync/post response: mediaType: application/json openAPIDocKey: '200' - point_in_time_restore: + reset_replica_size: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}:pointInTimeRestore/post' + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1resetReplicaSize/post response: mediaType: application/json openAPIDocKey: '200' @@ -6191,13 +6892,6 @@ components: response: mediaType: application/json openAPIDocKey: '200' - start_external_sync: - operation: - $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1startExternalSync/post - response: - mediaType: application/json - openAPIDocKey: '200' perform_disk_shrink: operation: $ref: >- @@ -6205,13 +6899,6 @@ components: response: mediaType: application/json openAPIDocKey: '200' - reset_replica_size: - operation: - $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1resetReplicaSize/post - response: - mediaType: application/json - openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/instances/methods/get' @@ -6224,6 +6911,26 @@ components: - $ref: '#/components/x-stackQL-resources/instances/methods/update' delete: - $ref: '#/components/x-stackQL-resources/instances/methods/delete' + instances_server_certificate: + id: google.sqladmin.instances_server_certificate + name: instances_server_certificate + title: Instances_server_certificate + methods: + add_server_certificate: + operation: + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1addServerCertificate/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: + - $ref: >- + #/components/x-stackQL-resources/instances_server_certificate/methods/add_server_certificate + update: [] + replace: [] + delete: [] instances_server_cas: id: google.sqladmin.instances_server_cas name: instances_server_cas @@ -6244,15 +6951,15 @@ components: update: [] replace: [] delete: [] - ssl_certs_ephemeral: - id: google.sqladmin.ssl_certs_ephemeral - name: ssl_certs_ephemeral - title: Ssl_certs_ephemeral + instances_server_ca: + id: google.sqladmin.instances_server_ca + name: instances_server_ca + title: Instances_server_ca methods: - create_ephemeral: + add_server_ca: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1createEphemeral/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1addServerCa/post response: mediaType: application/json openAPIDocKey: '200' @@ -6260,200 +6967,77 @@ components: select: [] insert: - $ref: >- - #/components/x-stackQL-resources/ssl_certs_ephemeral/methods/create_ephemeral + #/components/x-stackQL-resources/instances_server_ca/methods/add_server_ca update: [] replace: [] delete: [] - ssl_certs: - id: google.sqladmin.ssl_certs - name: ssl_certs - title: Ssl_certs + instances_entra_id_certificate: + id: google.sqladmin.instances_entra_id_certificate + name: instances_entra_id_certificate + title: Instances_entra_id_certificate methods: - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1sslCerts~1{sha1Fingerprint}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1sslCerts~1{sha1Fingerprint}/get - response: - mediaType: application/json - openAPIDocKey: '200' - insert: + add_entra_id_certificate: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1sslCerts/post - response: - mediaType: application/json - openAPIDocKey: '200' - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1sslCerts/get + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1addEntraIdCertificate/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/ssl_certs/methods/get' - - $ref: '#/components/x-stackQL-resources/ssl_certs/methods/list' + select: [] insert: - - $ref: '#/components/x-stackQL-resources/ssl_certs/methods/insert' - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/ssl_certs/methods/delete' - instances_disk_shrink_config: - id: google.sqladmin.instances_disk_shrink_config - name: instances_disk_shrink_config - title: Instances_disk_shrink_config - methods: - get_disk_shrink_config: - operation: - $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1getDiskShrinkConfig/get - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - $ref: >- - #/components/x-stackQL-resources/instances_disk_shrink_config/methods/get_disk_shrink_config - insert: [] + #/components/x-stackQL-resources/instances_entra_id_certificate/methods/add_entra_id_certificate update: [] replace: [] delete: [] - instances_latest_recovery_time: - id: google.sqladmin.instances_latest_recovery_time - name: instances_latest_recovery_time - title: Instances_latest_recovery_time + flags: + id: google.sqladmin.flags + name: flags + title: Flags methods: - get_latest_recovery_time: + list: operation: - $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1getLatestRecoveryTime/get + $ref: '#/paths/~1v1~1flags/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/instances_latest_recovery_time/methods/get_latest_recovery_time + - $ref: '#/components/x-stackQL-resources/flags/methods/list' insert: [] update: [] replace: [] delete: [] - backup_runs: - id: google.sqladmin.backup_runs - name: backup_runs - title: Backup_runs + operations: + id: google.sqladmin.operations + name: operations + title: Operations methods: - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1backupRuns~1{id}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1backupRuns~1{id}/get - response: - mediaType: application/json - openAPIDocKey: '200' - insert: - operation: - $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1backupRuns/post - response: - mediaType: application/json - openAPIDocKey: '200' list: operation: - $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1backupRuns/get + $ref: '#/paths/~1v1~1projects~1{project}~1operations/get' response: mediaType: application/json openAPIDocKey: '200' objectKey: $.items - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/backup_runs/methods/get' - - $ref: '#/components/x-stackQL-resources/backup_runs/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/backup_runs/methods/insert' - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/backup_runs/methods/delete' - backups: - id: google.sqladmin.backups - name: backups - title: Backups - methods: - create_backup: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1backups/post' - response: - mediaType: application/json - openAPIDocKey: '200' - list_backups: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1backups/get' - response: - mediaType: application/json - openAPIDocKey: '200' - get_backup: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1backups~1{backupsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - update_backup: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1backups~1{backupsId}/patch' - response: - mediaType: application/json - openAPIDocKey: '200' - delete_backup: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1backups~1{backupsId}/delete' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - connect: - id: google.sqladmin.connect - name: connect - title: Connect - methods: - get: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1connectSettings/get + #/paths/~1v1~1projects~1{project}~1operations~1{operation}~1cancel/post response: mediaType: application/json openAPIDocKey: '200' - generate_ephemeral: + get: operation: - $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}:generateEphemeralCert/post + $ref: '#/paths/~1v1~1projects~1{project}~1operations~1{operation}/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/connect/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' insert: [] update: [] replace: [] @@ -6470,17 +7054,17 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1databases~1{database}/get + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1databases~1{database}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1databases~1{database}/patch + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1databases~1{database}/get response: mediaType: application/json openAPIDocKey: '200' @@ -6517,54 +7101,150 @@ components: - $ref: '#/components/x-stackQL-resources/databases/methods/update' delete: - $ref: '#/components/x-stackQL-resources/databases/methods/delete' - flags: - id: google.sqladmin.flags - name: flags - title: Flags + instances_latest_recovery_time: + id: google.sqladmin.instances_latest_recovery_time + name: instances_latest_recovery_time + title: Instances_latest_recovery_time methods: - list: + get_latest_recovery_time: operation: - $ref: '#/paths/~1v1~1flags/get' + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1getLatestRecoveryTime/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/flags/methods/list' + - $ref: >- + #/components/x-stackQL-resources/instances_latest_recovery_time/methods/get_latest_recovery_time insert: [] update: [] replace: [] delete: [] - operations: - id: google.sqladmin.operations - name: operations - title: Operations + instances_disk_shrink_config: + id: google.sqladmin.instances_disk_shrink_config + name: instances_disk_shrink_config + title: Instances_disk_shrink_config methods: - get: + get_disk_shrink_config: operation: - $ref: '#/paths/~1v1~1projects~1{project}~1operations~1{operation}/get' + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1getDiskShrinkConfig/get response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/instances_disk_shrink_config/methods/get_disk_shrink_config + insert: [] + update: [] + replace: [] + delete: [] + backup_runs: + id: google.sqladmin.backup_runs + name: backup_runs + title: Backup_runs + methods: list: operation: - $ref: '#/paths/~1v1~1projects~1{project}~1operations/get' + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1backupRuns/get response: mediaType: application/json openAPIDocKey: '200' objectKey: $.items - cancel: + insert: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1operations~1{operation}~1cancel/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1backupRuns/post + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1backupRuns~1{id}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1backupRuns~1{id}/delete response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' - insert: [] + - $ref: '#/components/x-stackQL-resources/backup_runs/methods/get' + - $ref: '#/components/x-stackQL-resources/backup_runs/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/backup_runs/methods/insert' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/backup_runs/methods/delete' + ssl_certs: + id: google.sqladmin.ssl_certs + name: ssl_certs + title: Ssl_certs + methods: + insert: + operation: + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1sslCerts/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1sslCerts/get + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1sslCerts~1{sha1Fingerprint}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1sslCerts~1{sha1Fingerprint}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/ssl_certs/methods/get' + - $ref: '#/components/x-stackQL-resources/ssl_certs/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/ssl_certs/methods/insert' + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/ssl_certs/methods/delete' + ssl_certs_ephemeral: + id: google.sqladmin.ssl_certs_ephemeral + name: ssl_certs_ephemeral + title: Ssl_certs_ephemeral + methods: + create_ephemeral: + operation: + $ref: >- + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1createEphemeral/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: + - $ref: >- + #/components/x-stackQL-resources/ssl_certs_ephemeral/methods/create_ephemeral update: [] replace: [] delete: [] @@ -6591,35 +7271,35 @@ components: name: users title: Users methods: - delete: + insert: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1users/delete + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1users/post response: mediaType: application/json openAPIDocKey: '200' - insert: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1users/post + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1users/delete response: mediaType: application/json openAPIDocKey: '200' - list: + update: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1users/get + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1users/put response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.items - update: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1users/put + #/paths/~1v1~1projects~1{project}~1instances~1{instance}~1users/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.items get: operation: $ref: >- @@ -6639,29 +7319,100 @@ components: delete: - $ref: '#/components/x-stackQL-resources/users/methods/delete' paths: - /v1/projects/{project}/instances/{instance}/addServerCa: + /v1/projects/{project}/instances/{instance}/connectSettings: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/callback' + get: + description: Retrieves connect settings about a Cloud SQL instance. + operationId: sql.connect.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sqlservice.admin + Oauth2c: + - https://www.googleapis.com/auth/sqlservice.admin + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ConnectSettings' + parameters: + - in: path + name: project + required: true + schema: + type: string + - in: path + name: instance + required: true + schema: + type: string + - in: query + name: readTime + schema: + type: string + format: google-datetime + /v1/projects/{project}/instances/{instance}:generateEphemeralCert: + parameters: *ref_1 post: description: >- - Adds a new trusted Certificate Authority (CA) version for the specified - instance. Required to prepare for a certificate rotation. If a CA - version was previously added but never used in a certificate rotation, - this operation replaces that version. There cannot be more than one CA - version waiting to be rotated in. For instances that have enabled - Certificate Authority Service (CAS) based server CA, use - AddServerCertificate to add a new server certificate. - operationId: sql.instances.addServerCa + Generates a short-lived X509 certificate containing the provided public + key and signed by a private key specific to the target instance. Users + may use the certificate to authenticate as themselves when connecting to + the database. + operationId: sql.connect.generateEphemeral + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GenerateEphemeralCertRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sqlservice.admin + Oauth2c: + - https://www.googleapis.com/auth/sqlservice.admin + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GenerateEphemeralCertResponse' + parameters: + - in: path + name: project + required: true + schema: + type: string + - in: path + name: instance + required: true + schema: + type: string + /v1/projects/{projectsId}/backups/{backupsId}: + parameters: *ref_1 + delete: + description: Deletes the backup. + operationId: sql.Backups.DeleteBackup security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6680,27 +7431,18 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: project + name: projectsId required: true schema: type: string - in: path - name: instance + name: backupsId required: true schema: type: string - /v1/projects/{project}/instances/{instance}/addServerCertificate: - parameters: *ref_1 - post: - description: >- - Add a new trusted server certificate version for the specified instance - using Certificate Authority Service (CAS) server CA. Required to prepare - for a certificate rotation. If a server certificate version was - previously added but never used in a certificate rotation, this - operation replaces that version. There cannot be more than one - certificate version waiting to be rotated in. For instances not using - CAS server CA, use AddServerCa instead. - operationId: sql.instances.addServerCertificate + get: + description: Retrieves a resource containing information about a backup. + operationId: sql.Backups.GetBackup security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6716,30 +7458,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Backup' parameters: - in: path - name: project + name: projectsId required: true schema: type: string - in: path - name: instance + name: backupsId required: true schema: type: string - /v1/projects/{project}/instances/{instance}/clone: - parameters: *ref_1 - post: + patch: description: >- - Creates a Cloud SQL instance as a clone of the source instance. Using - this operation might cause your instance to restart. - operationId: sql.instances.clone + Updates the retention period and description of the backup. You can use + this API to update final backups only. + operationId: sql.Backups.UpdateBackup requestBody: content: application/json: schema: - $ref: '#/components/schemas/InstancesCloneRequest' + $ref: '#/components/schemas/Backup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6758,20 +7498,25 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: project + name: projectsId required: true schema: type: string - in: path - name: instance + name: backupsId required: true schema: type: string - /v1/projects/{project}/instances/{instance}: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/backups: parameters: *ref_1 - delete: - description: Deletes a Cloud SQL instance. - operationId: sql.instances.delete + get: + description: Lists all backups associated with the project. + operationId: sql.Backups.ListBackups security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6787,39 +7532,36 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListBackupsResponse' parameters: - in: path - name: project - required: true - schema: - type: string - - in: path - name: instance + name: projectsId required: true schema: type: string - in: query - name: enableFinalBackup - schema: - type: boolean - - in: query - name: finalBackupTtlDays + name: pageToken schema: type: string - format: int64 - in: query - name: finalBackupExpiryTime + name: filter schema: type: string - format: google-datetime - in: query - name: finalBackupDescription + name: pageSize schema: - type: string - get: - description: Retrieves a resource containing information about a Cloud SQL instance. - operationId: sql.instances.get + type: integer + format: int32 + post: + description: >- + Creates a backup for a Cloud SQL instance. This API can be used only to + create on-demand backups. + operationId: sql.Backups.CreateBackup + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Backup' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6835,24 +7577,18 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DatabaseInstance' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: project - required: true - schema: - type: string - - in: path - name: instance + name: projectsId required: true schema: type: string - patch: - description: >- - Partially updates settings of a Cloud SQL instance by merging the - request with the current configuration. This method supports patch - semantics. - operationId: sql.instances.patch + /v1/projects/{project}/instances: + parameters: *ref_1 + post: + description: Creates a new Cloud SQL instance. + operationId: sql.instances.insert requestBody: content: application/json: @@ -6880,21 +7616,54 @@ paths: required: true schema: type: string + get: + description: Lists instances under a given project. + operationId: sql.instances.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sqlservice.admin + Oauth2c: + - https://www.googleapis.com/auth/sqlservice.admin + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/InstancesListResponse' + parameters: - in: path - name: instance + name: project required: true schema: type: string - put: - description: >- - Updates settings of a Cloud SQL instance. Using this operation might - cause your instance to restart. - operationId: sql.instances.update + - in: query + name: filter + schema: + type: string + - in: query + name: maxResults + schema: + type: integer + format: uint32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{project}/instances/{instance}/preCheckMajorVersionUpgrade: + parameters: *ref_1 + post: + description: Execute MVU Pre-checks + operationId: sql.instances.preCheckMajorVersionUpgrade requestBody: content: application/json: schema: - $ref: '#/components/schemas/DatabaseInstance' + $ref: '#/components/schemas/InstancesPreCheckMajorVersionUpgradeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6922,18 +7691,16 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/demoteMaster: + /v1/projects/{project}/instances/{instance}/executeSql: parameters: *ref_1 post: - description: >- - Demotes the stand-alone instance to be a Cloud SQL read replica for an - external database server. - operationId: sql.instances.demoteMaster + description: Execute SQL statements. + operationId: sql.instances.executeSql requestBody: content: application/json: schema: - $ref: '#/components/schemas/InstancesDemoteMasterRequest' + $ref: '#/components/schemas/ExecuteSqlPayload' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6949,7 +7716,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/SqlInstancesExecuteSqlResponse' parameters: - in: path name: project @@ -6961,18 +7728,15 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/demote: + /v1/projects/{project}/instances/{instance}/listEntraIdCertificates: parameters: *ref_1 - post: + get: description: >- - Demotes an existing standalone instance to be a Cloud SQL read replica - for an external database server. - operationId: sql.instances.demote - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InstancesDemoteRequest' + Lists all versions of EntraID certificates for the specified instance. + There can be up to three sets of certificates listed: the certificate + that is currently in use, a future that has been added but not yet used + to sign a certificate, and a certificate that has been rotated out. + operationId: sql.instances.ListEntraIdCertificates security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6988,7 +7752,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/InstancesListEntraIdCertificatesResponse' parameters: - in: path name: project @@ -7000,23 +7764,75 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/export: + /v1/projects/{project}/instances/{instance}: parameters: *ref_1 - post: + delete: + description: Deletes a Cloud SQL instance. + operationId: sql.instances.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sqlservice.admin + Oauth2c: + - https://www.googleapis.com/auth/sqlservice.admin + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: project + required: true + schema: + type: string + - in: path + name: instance + required: true + schema: + type: string + - in: query + name: enableFinalBackup + schema: + type: boolean + - in: query + name: finalBackupDescription + schema: + type: string + - in: query + name: finalBackupTtlDays + schema: + type: string + format: int64 + - in: query + name: finalBackupExpiryTime + schema: + type: string + format: google-datetime + put: description: >- - Exports data from a Cloud SQL instance to a Cloud Storage bucket as a - SQL dump or CSV file. - operationId: sql.instances.export + Updates settings of a Cloud SQL instance. Using this operation might + cause your instance to restart. + operationId: sql.instances.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/InstancesExportRequest' + $ref: '#/components/schemas/DatabaseInstance' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sqlservice.admin + Oauth2c: + - https://www.googleapis.com/auth/sqlservice.admin responses: '200': description: Successful response @@ -7035,23 +7851,17 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/failover: - parameters: *ref_1 - post: - description: >- - Initiates a manual failover of a high availability (HA) primary instance - to a standby instance, which becomes the primary instance. Users are - then rerouted to the new primary. For more information, see the - [Overview of high - availability](https://cloud.google.com/sql/docs/mysql/high-availability) - page in the Cloud SQL documentation. If using Legacy HA (MySQL only), - this causes the instance to failover to its failover replica instance. - operationId: sql.instances.failover + patch: + description: >- + Partially updates settings of a Cloud SQL instance by merging the + request with the current configuration. This method supports patch + semantics. + operationId: sql.instances.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/InstancesFailoverRequest' + $ref: '#/components/schemas/DatabaseInstance' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7079,16 +7889,9 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/reencrypt: - parameters: *ref_1 - post: - description: Reencrypt CMEK instance with latest key version. - operationId: sql.instances.reencrypt - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InstancesReencryptRequest' + get: + description: Retrieves a resource containing information about a Cloud SQL instance. + operationId: sql.instances.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7104,7 +7907,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/DatabaseInstance' parameters: - in: path name: project @@ -7116,23 +7919,27 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/import: + /v1/projects/{project}/instances/{instance}/addServerCertificate: parameters: *ref_1 post: description: >- - Imports data into a Cloud SQL instance from a SQL dump or CSV file in - Cloud Storage. - operationId: sql.instances.import - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InstancesImportRequest' + Add a new trusted server certificate version for the specified instance + using Certificate Authority Service (CAS) server CA. Required to prepare + for a certificate rotation. If a server certificate version was + previously added but never used in a certificate rotation, this + operation replaces that version. There cannot be more than one + certificate version waiting to be rotated in. For instances not using + CAS server CA, use AddServerCa instead. + operationId: sql.instances.addServerCertificate security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/sqlservice.admin + Oauth2c: + - https://www.googleapis.com/auth/sqlservice.admin responses: '200': description: Successful response @@ -7151,16 +7958,20 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances: + /v1/projects/{project}/instances/{instance}/rotateServerCa: parameters: *ref_1 post: - description: Creates a new Cloud SQL instance. - operationId: sql.instances.insert + description: >- + Rotates the server certificate to one signed by the Certificate + Authority (CA) version previously added with the addServerCA method. For + instances that have enabled Certificate Authority Service (CAS) based + server CA, use RotateServerCertificate to rotate the server certificate. + operationId: sql.instances.rotateServerCa requestBody: content: application/json: schema: - $ref: '#/components/schemas/DatabaseInstance' + $ref: '#/components/schemas/InstancesRotateServerCaRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7183,9 +7994,21 @@ paths: required: true schema: type: string - get: - description: Lists instances under a given project. - operationId: sql.instances.list + - in: path + name: instance + required: true + schema: + type: string + /v1/projects/{project}/instances/{instance}/reencrypt: + parameters: *ref_1 + post: + description: Reencrypt CMEK instance with latest key version. + operationId: sql.instances.reencrypt + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InstancesReencryptRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7201,24 +8024,16 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/InstancesListResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: maxResults - schema: - type: integer - format: uint32 - - in: query - name: pageToken + - in: path + name: instance + required: true schema: type: string /v1/projects/{project}/instances/{instance}/listServerCas: @@ -7258,17 +8073,18 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/listServerCertificates: + /v1/projects/{project}/instances/{instance}/clone: parameters: *ref_1 - get: + post: description: >- - Lists all versions of server certificates and certificate authorities - (CAs) for the specified instance. There can be up to three sets of certs - listed: the certificate that is currently in use, a future that has been - added but not yet used to sign a certificate, and a certificate that has - been rotated out. For instances not using Certificate Authority Service - (CAS) server CA, use ListServerCas instead. - operationId: sql.instances.ListServerCertificates + Creates a Cloud SQL instance as a clone of the source instance. Using + this operation might cause your instance to restart. + operationId: sql.instances.clone + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InstancesCloneRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7284,7 +8100,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/InstancesListServerCertificatesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project @@ -7296,23 +8112,23 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/promoteReplica: + /v1/projects/{project}/instances/{instance}/export: parameters: *ref_1 post: description: >- - Promotes the read replica instance to be an independent Cloud SQL - primary instance. Using this operation might cause your instance to - restart. - operationId: sql.instances.promoteReplica + Exports data from a Cloud SQL instance to a Cloud Storage bucket as a + SQL dump or CSV file. + operationId: sql.instances.export + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InstancesExportRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/sqlservice.admin - Oauth2c: - - https://www.googleapis.com/auth/sqlservice.admin responses: '200': description: Successful response @@ -7331,15 +8147,17 @@ paths: required: true schema: type: string - - in: query - name: failover - schema: - type: boolean - /v1/projects/{project}/instances/{instance}/switchover: + /v1/projects/{project}/instances/{instance}/listServerCertificates: parameters: *ref_1 - post: - description: Switches over from the primary instance to the DR replica instance. - operationId: sql.instances.switchover + get: + description: >- + Lists all versions of server certificates and certificate authorities + (CAs) for the specified instance. There can be up to three sets of certs + listed: the certificate that is currently in use, a future that has been + added but not yet used to sign a certificate, and a certificate that has + been rotated out. For instances not using Certificate Authority Service + (CAS) server CA, use ListServerCas instead. + operationId: sql.instances.ListServerCertificates security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7355,7 +8173,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/InstancesListServerCertificatesResponse' parameters: - in: path name: project @@ -7367,18 +8185,18 @@ paths: required: true schema: type: string - - in: query - name: dbTimeout - schema: - type: string - format: google-duration - /v1/projects/{project}/instances/{instance}/resetSslConfig: + /v1/projects/{projectsId}:pointInTimeRestore: parameters: *ref_1 post: description: >- - Deletes all client certificates and generates a new server SSL - certificate for the instance. - operationId: sql.instances.resetSslConfig + Point in time restore for an instance managed by Google Cloud Backup and + Disaster Recovery. + operationId: sql.instances.pointInTimeRestore + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PointInTimeRestoreContext' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7397,20 +8215,20 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: project - required: true - schema: - type: string - - in: path - name: instance + name: projectsId required: true schema: type: string - /v1/projects/{project}/instances/{instance}/restart: + /v1/projects/{project}/instances/{instance}/acquireSsrsLease: parameters: *ref_1 post: - description: Restarts a Cloud SQL instance. - operationId: sql.instances.restart + description: Acquire a lease for the setup of SQL Server Reporting Services (SSRS). + operationId: sql.instances.acquireSsrsLease + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InstancesAcquireSsrsLeaseRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7426,7 +8244,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/SqlInstancesAcquireSsrsLeaseResponse' parameters: - in: path name: project @@ -7438,18 +8256,18 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/restoreBackup: + /v1/projects/{project}/instances/{instance}/addServerCa: parameters: *ref_1 post: description: >- - Restores a backup of a Cloud SQL instance. Using this operation might - cause your instance to restart. - operationId: sql.instances.restoreBackup - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InstancesRestoreBackupRequest' + Adds a new trusted Certificate Authority (CA) version for the specified + instance. Required to prepare for a certificate rotation. If a CA + version was previously added but never used in a certificate rotation, + this operation replaces that version. There cannot be more than one CA + version waiting to be rotated in. For instances that have enabled + Certificate Authority Service (CAS) based server CA, use + AddServerCertificate to add a new server certificate. + operationId: sql.instances.addServerCa security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7477,20 +8295,23 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/rotateServerCa: + /v1/projects/{project}/instances/{instance}/failover: parameters: *ref_1 post: description: >- - Rotates the server certificate to one signed by the Certificate - Authority (CA) version previously added with the addServerCA method. For - instances that have enabled Certificate Authority Service (CAS) based - server CA, use RotateServerCertificate to rotate the server certificate. - operationId: sql.instances.rotateServerCa + Initiates a manual failover of a high availability (HA) primary instance + to a standby instance, which becomes the primary instance. Users are + then rerouted to the new primary. For more information, see the + [Overview of high + availability](https://cloud.google.com/sql/docs/mysql/high-availability) + page in the Cloud SQL documentation. If using Legacy HA (MySQL only), + this causes the instance to failover to its failover replica instance. + operationId: sql.instances.failover requestBody: content: application/json: schema: - $ref: '#/components/schemas/InstancesRotateServerCaRequest' + $ref: '#/components/schemas/InstancesFailoverRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7518,19 +8339,14 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/rotateServerCertificate: + /v1/projects/{project}/instances/{instance}/addEntraIdCertificate: parameters: *ref_1 post: description: >- - Rotates the server certificate version to one previously added with the - addServerCertificate method. For instances not using Certificate - Authority Service (CAS) server CA, use RotateServerCa instead. - operationId: sql.instances.RotateServerCertificate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InstancesRotateServerCertificateRequest' + Adds a new Entra ID certificate for the specified instance. If an Entra + ID certificate was previously added but never used in a certificate + rotation, this operation replaces that version. + operationId: sql.instances.addEntraIdCertificate security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7558,11 +8374,13 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/startReplica: + /v1/projects/{project}/instances/{instance}/resetSslConfig: parameters: *ref_1 post: - description: Starts the replication in the read replica instance. - operationId: sql.instances.startReplica + description: >- + Deletes all client certificates and generates a new server SSL + certificate for the instance. + operationId: sql.instances.resetSslConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7590,11 +8408,18 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/stopReplica: + - in: query + name: mode + schema: + type: string + /v1/projects/{project}/instances/{instance}/promoteReplica: parameters: *ref_1 post: - description: Stops the replication in the read replica instance. - operationId: sql.instances.stopReplica + description: >- + Promotes the read replica instance to be an independent Cloud SQL + primary instance. Using this operation might cause your instance to + restart. + operationId: sql.instances.promoteReplica security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7621,17 +8446,16 @@ paths: name: instance required: true schema: - type: string - /v1/projects/{project}/instances/{instance}/truncateLog: + type: string + - in: query + name: failover + schema: + type: boolean + /v1/projects/{project}/instances/{instance}/restart: parameters: *ref_1 post: - description: Truncate MySQL general and slow query log tables MySQL only. - operationId: sql.instances.truncateLog - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InstancesTruncateLogRequest' + description: Restarts a Cloud SQL instance. + operationId: sql.instances.restart security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7659,16 +8483,11 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/executeSql: + /v1/projects/{project}/instances/{instance}/stopReplica: parameters: *ref_1 post: - description: Execute SQL statements. - operationId: sql.instances.executeSql - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ExecuteSqlPayload' + description: Stops the replication in the read replica instance. + operationId: sql.instances.stopReplica security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7684,7 +8503,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SqlInstancesExecuteSqlResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project @@ -7696,16 +8515,18 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/acquireSsrsLease: + /v1/projects/{project}/instances/{instance}/demoteMaster: parameters: *ref_1 post: - description: Acquire a lease for the setup of SQL Server Reporting Services (SSRS). - operationId: sql.instances.acquireSsrsLease + description: >- + Demotes the stand-alone instance to be a Cloud SQL read replica for an + external database server. + operationId: sql.instances.demoteMaster requestBody: content: application/json: schema: - $ref: '#/components/schemas/InstancesAcquireSsrsLeaseRequest' + $ref: '#/components/schemas/InstancesDemoteMasterRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7721,7 +8542,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SqlInstancesAcquireSsrsLeaseResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project @@ -7733,11 +8554,11 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/releaseSsrsLease: + /v1/projects/{project}/instances/{instance}/switchover: parameters: *ref_1 post: - description: Release a lease for the setup of SQL Server Reporting Services (SSRS). - operationId: sql.instances.releaseSsrsLease + description: Switches over from the primary instance to the DR replica instance. + operationId: sql.instances.switchover security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7753,7 +8574,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SqlInstancesReleaseSsrsLeaseResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project @@ -7765,18 +8586,21 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}:pointInTimeRestore: + - in: query + name: dbTimeout + schema: + type: string + format: google-duration + /v1/projects/{project}/instances/{instance}/truncateLog: parameters: *ref_1 post: - description: >- - Point in time restore for an instance managed by Google Cloud Backup and - Disaster Recovery. - operationId: sql.instances.pointInTimeRestore + description: Truncate MySQL general and slow query log tables MySQL only. + operationId: sql.instances.truncateLog requestBody: content: application/json: schema: - $ref: '#/components/schemas/PointInTimeRestoreContext' + $ref: '#/components/schemas/InstancesTruncateLogRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7795,24 +8619,27 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: project required: true schema: type: string - /v1/projects/{project}/instances/{instance}/createEphemeral: + - in: path + name: instance + required: true + schema: + type: string + /v1/projects/{project}/instances/{instance}/demote: parameters: *ref_1 post: description: >- - Generates a short-lived X509 certificate containing the provided public - key and signed by a private key specific to the target instance. Users - may use the certificate to authenticate as themselves when connecting to - the database. - operationId: sql.sslCerts.createEphemeral + Demotes an existing standalone instance to be a Cloud SQL read replica + for an external database server. + operationId: sql.instances.demote requestBody: content: application/json: schema: - $ref: '#/components/schemas/SslCertsCreateEphemeralRequest' + $ref: '#/components/schemas/InstancesDemoteRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7828,7 +8655,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SslCert' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project @@ -7840,13 +8667,18 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/sslCerts/{sha1Fingerprint}: + /v1/projects/{project}/instances/{instance}/restoreBackup: parameters: *ref_1 - delete: + post: description: >- - Deletes the SSL certificate. For First Generation instances, the - certificate remains valid until the instance is restarted. - operationId: sql.sslCerts.delete + Restores a backup of a Cloud SQL instance. Using this operation might + cause your instance to restart. + operationId: sql.instances.restoreBackup + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InstancesRestoreBackupRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7874,17 +8706,11 @@ paths: required: true schema: type: string - - in: path - name: sha1Fingerprint - required: true - schema: - type: string - get: - description: >- - Retrieves a particular SSL certificate. Does not include the private key - (required for usage). The private key must be saved from the response to - initial creation. - operationId: sql.sslCerts.get + /v1/projects/{project}/instances/{instance}/startReplica: + parameters: *ref_1 + post: + description: Starts the replication in the read replica instance. + operationId: sql.instances.startReplica security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7900,7 +8726,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SslCert' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project @@ -7912,24 +8738,19 @@ paths: required: true schema: type: string - - in: path - name: sha1Fingerprint - required: true - schema: - type: string - /v1/projects/{project}/instances/{instance}/sslCerts: + /v1/projects/{project}/instances/{instance}/rotateServerCertificate: parameters: *ref_1 post: description: >- - Creates an SSL certificate and returns it along with the private key and - server certificate authority. The new certificate will not be usable - until the instance is restarted. - operationId: sql.sslCerts.insert + Rotates the server certificate version to one previously added with the + addServerCertificate method. For instances not using Certificate + Authority Service (CAS) server CA, use RotateServerCa instead. + operationId: sql.instances.RotateServerCertificate requestBody: content: application/json: schema: - $ref: '#/components/schemas/SslCertsInsertRequest' + $ref: '#/components/schemas/InstancesRotateServerCertificateRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7945,7 +8766,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SslCertsInsertResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project @@ -7957,9 +8778,18 @@ paths: required: true schema: type: string - get: - description: Lists all of the current SSL certificates for the instance. - operationId: sql.sslCerts.list + /v1/projects/{project}/instances/{instance}/rotateEntraIdCertificate: + parameters: *ref_1 + post: + description: >- + Rotates the server certificate version to one previously added with the + addEntraIdCertificate method. + operationId: sql.instances.RotateEntraIdCertificate + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InstancesRotateEntraIdCertificateRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7975,7 +8805,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SslCertsListResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project @@ -7987,17 +8817,11 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/rescheduleMaintenance: + /v1/projects/{project}/instances/{instance}/releaseSsrsLease: parameters: *ref_1 post: - description: Reschedules the maintenance on the given instance. - operationId: sql.projects.instances.rescheduleMaintenance - requestBody: - content: - application/json: - schema: - $ref: >- - #/components/schemas/SqlInstancesRescheduleMaintenanceRequestBody + description: Release a lease for the setup of SQL Server Reporting Services (SSRS). + operationId: sql.instances.releaseSsrsLease security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8013,7 +8837,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/SqlInstancesReleaseSsrsLeaseResponse' parameters: - in: path name: project @@ -8025,34 +8849,30 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/verifyExternalSyncSettings: + /v1/projects/{project}/instances/{instance}/import: parameters: *ref_1 post: - description: Verify External primary instance external sync settings. - operationId: sql.projects.instances.verifyExternalSyncSettings + description: >- + Imports data into a Cloud SQL instance from a SQL dump or CSV file in + Cloud Storage. + operationId: sql.instances.import requestBody: content: application/json: schema: - $ref: >- - #/components/schemas/SqlInstancesVerifyExternalSyncSettingsRequest + $ref: '#/components/schemas/InstancesImportRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform Oauth2c: - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/sqlservice.admin - Oauth2c: - - https://www.googleapis.com/auth/sqlservice.admin responses: '200': description: Successful response content: application/json: schema: - $ref: >- - #/components/schemas/SqlInstancesVerifyExternalSyncSettingsResponse + $ref: '#/components/schemas/Operation' parameters: - in: path name: project @@ -8064,16 +8884,11 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/startExternalSync: + /v1/flags: parameters: *ref_1 - post: - description: Start External primary instance migration. - operationId: sql.projects.instances.startExternalSync - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SqlInstancesStartExternalSyncRequest' + get: + description: Lists all available database flags for Cloud SQL instances. + operationId: sql.flags.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8089,28 +8904,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/FlagsListResponse' parameters: - - in: path - name: project - required: true + - in: query + name: databaseVersion schema: type: string - - in: path - name: instance - required: true + - in: query + name: flagScope schema: type: string - /v1/projects/{project}/instances/{instance}/performDiskShrink: + /v1/projects/{project}/operations: parameters: *ref_1 - post: - description: Perform Disk Shrink on primary instance. - operationId: sql.projects.instances.performDiskShrink - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PerformDiskShrinkContext' + get: + description: >- + Lists all instance operations that have been performed on the given + Cloud SQL instance in the reverse chronological order of the start time. + operationId: sql.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8126,23 +8936,31 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/OperationsListResponse' parameters: - in: path name: project required: true schema: type: string - - in: path + - in: query name: instance - required: true schema: type: string - /v1/projects/{project}/instances/{instance}/getDiskShrinkConfig: + - in: query + name: maxResults + schema: + type: integer + format: uint32 + - in: query + name: pageToken + schema: + type: string + /v1/projects/{project}/operations/{operation}/cancel: parameters: *ref_1 - get: - description: Get Disk Shrink Config for a given instance. - operationId: sql.projects.instances.getDiskShrinkConfig + post: + description: Cancels an instance operation that has been performed on an instance. + operationId: sql.operations.cancel security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8158,7 +8976,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SqlInstancesGetDiskShrinkConfigResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: project @@ -8166,20 +8984,15 @@ paths: schema: type: string - in: path - name: instance + name: operation required: true schema: type: string - /v1/projects/{project}/instances/{instance}/resetReplicaSize: + /v1/projects/{project}/operations/{operation}: parameters: *ref_1 - post: - description: Reset Replica Size to primary instance disk size. - operationId: sql.projects.instances.resetReplicaSize - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SqlInstancesResetReplicaSizeRequest' + get: + description: Retrieves an instance operation that has been performed on an instance. + operationId: sql.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8203,15 +9016,15 @@ paths: schema: type: string - in: path - name: instance + name: operation required: true schema: type: string - /v1/projects/{project}/instances/{instance}/getLatestRecoveryTime: + /v1/projects/{project}/instances/{instance}/databases/{database}: parameters: *ref_1 - get: - description: Get Latest Recovery Time for a given instance. - operationId: sql.projects.instances.getLatestRecoveryTime + delete: + description: Deletes a database from a Cloud SQL instance. + operationId: sql.databases.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8227,7 +9040,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SqlInstancesGetLatestRecoveryTimeResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project @@ -8239,16 +9052,21 @@ paths: required: true schema: type: string - - in: query - name: sourceInstanceDeletionTime + - in: path + name: database + required: true schema: type: string - format: google-datetime - /v1/projects/{project}/instances/{instance}/backupRuns/{id}: - parameters: *ref_1 - delete: - description: Deletes the backup taken by a backup run. - operationId: sql.backupRuns.delete + patch: + description: >- + Partially updates a resource containing information about a database + inside a Cloud SQL instance. This method supports patch semantics. + operationId: sql.databases.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Database' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8277,13 +9095,15 @@ paths: schema: type: string - in: path - name: id + name: database required: true schema: type: string get: - description: Retrieves a resource containing information about a backup run. - operationId: sql.backupRuns.get + description: >- + Retrieves a resource containing information about a database inside a + Cloud SQL instance. + operationId: sql.databases.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8299,7 +9119,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BackupRun' + $ref: '#/components/schemas/Database' parameters: - in: path name: project @@ -8312,20 +9132,20 @@ paths: schema: type: string - in: path - name: id + name: database required: true schema: type: string - /v1/projects/{project}/instances/{instance}/backupRuns: - parameters: *ref_1 - post: - description: Creates a new backup run on demand. - operationId: sql.backupRuns.insert + put: + description: >- + Updates a resource containing information about a database inside a + Cloud SQL instance. + operationId: sql.databases.update requestBody: content: application/json: schema: - $ref: '#/components/schemas/BackupRun' + $ref: '#/components/schemas/Database' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8353,12 +9173,24 @@ paths: required: true schema: type: string - get: + - in: path + name: database + required: true + schema: + type: string + /v1/projects/{project}/instances/{instance}/databases: + parameters: *ref_1 + post: description: >- - Lists all backup runs associated with the project or a given instance - and configuration in the reverse chronological order of the backup - initiation time. - operationId: sql.backupRuns.list + Inserts a resource containing information about a database inside a + Cloud SQL instance. **Note:** You can't modify the default character set + and collation. + operationId: sql.databases.insert + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Database' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8374,7 +9206,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BackupRunsListResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project @@ -8386,27 +9218,9 @@ paths: required: true schema: type: string - - in: query - name: maxResults - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/backups: - parameters: *ref_1 - post: - description: >- - Creates a backup for a Cloud SQL instance. This API can be used only to - create on-demand backups. - operationId: sql.Backups.CreateBackup - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Backup' + get: + description: Lists databases in the specified Cloud SQL instance. + operationId: sql.databases.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8422,16 +9236,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/DatabasesListResponse' parameters: - in: path - name: projectsId + name: project required: true schema: type: string - get: - description: Lists all backups associated with the project. - operationId: sql.Backups.ListBackups + - in: path + name: instance + required: true + schema: + type: string + /v1/projects/{project}/instances/{instance}/startExternalSync: + parameters: *ref_1 + post: + description: Start External primary instance migration. + operationId: sql.projects.instances.startExternalSync + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SqlInstancesStartExternalSyncRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8447,31 +9273,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListBackupsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: project required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: instance + required: true schema: type: string - /v1/projects/{projectsId}/backups/{backupsId}: + /v1/projects/{project}/instances/{instance}/getLatestRecoveryTime: parameters: *ref_1 get: - description: Retrieves a resource containing information about a backup. - operationId: sql.Backups.GetBackup + description: Get Latest Recovery Time for a given instance. + operationId: sql.projects.instances.getLatestRecoveryTime security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8487,28 +9305,33 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Backup' + $ref: '#/components/schemas/SqlInstancesGetLatestRecoveryTimeResponse' parameters: - in: path - name: projectsId + name: project required: true schema: type: string - in: path - name: backupsId + name: instance required: true schema: type: string - patch: - description: >- - Updates the retention period and description of the backup. You can use - this API to update final backups only. - operationId: sql.Backups.UpdateBackup + - in: query + name: sourceInstanceDeletionTime + schema: + type: string + format: google-datetime + /v1/projects/{project}/instances/{instance}/resetReplicaSize: + parameters: *ref_1 + post: + description: Reset Replica Size to primary instance disk size. + operationId: sql.projects.instances.resetReplicaSize requestBody: content: application/json: schema: - $ref: '#/components/schemas/Backup' + $ref: '#/components/schemas/SqlInstancesResetReplicaSizeRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8527,23 +9350,20 @@ paths: $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectsId + name: project required: true schema: type: string - in: path - name: backupsId + name: instance required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - delete: - description: Deletes the backup. - operationId: sql.Backups.DeleteBackup + /v1/projects/{project}/instances/{instance}/getDiskShrinkConfig: + parameters: *ref_1 + get: + description: Get Disk Shrink Config for a given instance. + operationId: sql.projects.instances.getDiskShrinkConfig security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8559,23 +9379,29 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/SqlInstancesGetDiskShrinkConfigResponse' parameters: - in: path - name: projectsId + name: project required: true schema: type: string - in: path - name: backupsId + name: instance required: true schema: type: string - /v1/projects/{project}/instances/{instance}/connectSettings: + /v1/projects/{project}/instances/{instance}/rescheduleMaintenance: parameters: *ref_1 - get: - description: Retrieves connect settings about a Cloud SQL instance. - operationId: sql.connect.get + post: + description: Reschedules the maintenance on the given instance. + operationId: sql.projects.instances.rescheduleMaintenance + requestBody: + content: + application/json: + schema: + $ref: >- + #/components/schemas/SqlInstancesRescheduleMaintenanceRequestBody security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8591,7 +9417,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ConnectSettings' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project @@ -8603,25 +9429,17 @@ paths: required: true schema: type: string - - in: query - name: readTime - schema: - type: string - format: google-datetime - /v1/projects/{project}/instances/{instance}:generateEphemeralCert: + /v1/projects/{project}/instances/{instance}/verifyExternalSyncSettings: parameters: *ref_1 post: - description: >- - Generates a short-lived X509 certificate containing the provided public - key and signed by a private key specific to the target instance. Users - may use the certificate to authenticate as themselves when connecting to - the database. - operationId: sql.connect.generateEphemeral + description: Verify External primary instance external sync settings. + operationId: sql.projects.instances.verifyExternalSyncSettings requestBody: content: application/json: schema: - $ref: '#/components/schemas/GenerateEphemeralCertRequest' + $ref: >- + #/components/schemas/SqlInstancesVerifyExternalSyncSettingsRequest security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8637,7 +9455,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GenerateEphemeralCertResponse' + $ref: >- + #/components/schemas/SqlInstancesVerifyExternalSyncSettingsResponse parameters: - in: path name: project @@ -8649,11 +9468,16 @@ paths: required: true schema: type: string - /v1/projects/{project}/instances/{instance}/databases/{database}: + /v1/projects/{project}/instances/{instance}/performDiskShrink: parameters: *ref_1 - delete: - description: Deletes a database from a Cloud SQL instance. - operationId: sql.databases.delete + post: + description: Perform Disk Shrink on primary instance. + operationId: sql.projects.instances.performDiskShrink + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PerformDiskShrinkContext' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8681,16 +9505,14 @@ paths: required: true schema: type: string - - in: path - name: database - required: true - schema: - type: string + /v1/projects/{project}/instances/{instance}/backupRuns: + parameters: *ref_1 get: description: >- - Retrieves a resource containing information about a database inside a - Cloud SQL instance. - operationId: sql.databases.get + Lists all backup runs associated with the project or a given instance + and configuration in the reverse chronological order of the backup + initiation time. + operationId: sql.backupRuns.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8706,7 +9528,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Database' + $ref: '#/components/schemas/BackupRunsListResponse' parameters: - in: path name: project @@ -8718,21 +9540,23 @@ paths: required: true schema: type: string - - in: path - name: database - required: true + - in: query + name: pageToken schema: type: string - patch: - description: >- - Partially updates a resource containing information about a database - inside a Cloud SQL instance. This method supports patch semantics. - operationId: sql.databases.patch + - in: query + name: maxResults + schema: + type: integer + format: int32 + post: + description: Creates a new backup run on demand. + operationId: sql.backupRuns.insert requestBody: content: application/json: schema: - $ref: '#/components/schemas/Database' + $ref: '#/components/schemas/BackupRun' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8760,21 +9584,11 @@ paths: required: true schema: type: string - - in: path - name: database - required: true - schema: - type: string - put: - description: >- - Updates a resource containing information about a database inside a - Cloud SQL instance. - operationId: sql.databases.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Database' + /v1/projects/{project}/instances/{instance}/backupRuns/{id}: + parameters: *ref_1 + get: + description: Retrieves a resource containing information about a backup run. + operationId: sql.backupRuns.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8790,7 +9604,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/BackupRun' parameters: - in: path name: project @@ -8803,23 +9617,13 @@ paths: schema: type: string - in: path - name: database + name: id required: true schema: type: string - /v1/projects/{project}/instances/{instance}/databases: - parameters: *ref_1 - post: - description: >- - Inserts a resource containing information about a database inside a - Cloud SQL instance. **Note:** You can't modify the default character set - and collation. - operationId: sql.databases.insert - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Database' + delete: + description: Deletes the backup taken by a backup run. + operationId: sql.backupRuns.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8847,9 +9651,24 @@ paths: required: true schema: type: string - get: - description: Lists databases in the specified Cloud SQL instance. - operationId: sql.databases.list + - in: path + name: id + required: true + schema: + type: string + /v1/projects/{project}/instances/{instance}/sslCerts: + parameters: *ref_1 + post: + description: >- + Creates an SSL certificate and returns it along with the private key and + server certificate authority. The new certificate will not be usable + until the instance is restarted. + operationId: sql.sslCerts.insert + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SslCertsInsertRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8865,7 +9684,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DatabasesListResponse' + $ref: '#/components/schemas/SslCertsInsertResponse' parameters: - in: path name: project @@ -8877,11 +9696,9 @@ paths: required: true schema: type: string - /v1/flags: - parameters: *ref_1 get: - description: Lists all available database flags for Cloud SQL instances. - operationId: sql.flags.list + description: Lists all of the current SSL certificates for the instance. + operationId: sql.sslCerts.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8897,21 +9714,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FlagsListResponse' + $ref: '#/components/schemas/SslCertsListResponse' parameters: - - in: query - name: databaseVersion + - in: path + name: project + required: true schema: type: string - - in: query - name: flagScope + - in: path + name: instance + required: true schema: type: string - /v1/projects/{project}/operations/{operation}: + /v1/projects/{project}/instances/{instance}/sslCerts/{sha1Fingerprint}: parameters: *ref_1 get: - description: Retrieves an instance operation that has been performed on an instance. - operationId: sql.operations.get + description: >- + Retrieves a particular SSL certificate. Does not include the private key + (required for usage). The private key must be saved from the response to + initial creation. + operationId: sql.sslCerts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8927,7 +9749,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/SslCert' parameters: - in: path name: project @@ -8935,17 +9757,20 @@ paths: schema: type: string - in: path - name: operation + name: instance required: true schema: type: string - /v1/projects/{project}/operations: - parameters: *ref_1 - get: + - in: path + name: sha1Fingerprint + required: true + schema: + type: string + delete: description: >- - Lists all instance operations that have been performed on the given - Cloud SQL instance in the reverse chronological order of the start time. - operationId: sql.operations.list + Deletes the SSL certificate. For First Generation instances, the + certificate remains valid until the instance is restarted. + operationId: sql.sslCerts.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8961,31 +9786,37 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/OperationsListResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project required: true schema: type: string - - in: query + - in: path name: instance + required: true schema: type: string - - in: query - name: maxResults - schema: - type: integer - format: uint32 - - in: query - name: pageToken + - in: path + name: sha1Fingerprint + required: true schema: type: string - /v1/projects/{project}/operations/{operation}/cancel: + /v1/projects/{project}/instances/{instance}/createEphemeral: parameters: *ref_1 post: - description: Cancels an instance operation that has been performed on an instance. - operationId: sql.operations.cancel + description: >- + Generates a short-lived X509 certificate containing the provided public + key and signed by a private key specific to the target instance. Users + may use the certificate to authenticate as themselves when connecting to + the database. + operationId: sql.sslCerts.createEphemeral + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SslCertsCreateEphemeralRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9001,7 +9832,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/SslCert' parameters: - in: path name: project @@ -9009,7 +9840,7 @@ paths: schema: type: string - in: path - name: operation + name: instance required: true schema: type: string @@ -9045,9 +9876,14 @@ paths: type: string /v1/projects/{project}/instances/{instance}/users: parameters: *ref_1 - delete: - description: Deletes a user from a Cloud SQL instance. - operationId: sql.users.delete + post: + description: Creates a new user in a Cloud SQL instance. + operationId: sql.users.insert + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/User' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9075,22 +9911,9 @@ paths: required: true schema: type: string - - in: query - name: host - schema: - type: string - - in: query - name: name - schema: - type: string - post: - description: Creates a new user in a Cloud SQL instance. - operationId: sql.users.insert - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/User' + delete: + description: Deletes a user from a Cloud SQL instance. + operationId: sql.users.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9118,9 +9941,22 @@ paths: required: true schema: type: string - get: - description: Lists users in the specified Cloud SQL instance. - operationId: sql.users.list + - in: query + name: name + schema: + type: string + - in: query + name: host + schema: + type: string + put: + description: Updates an existing user in a Cloud SQL instance. + operationId: sql.users.update + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/User' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9136,7 +9972,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/UsersListResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: project @@ -9148,14 +9984,21 @@ paths: required: true schema: type: string - put: - description: Updates an existing user in a Cloud SQL instance. - operationId: sql.users.update - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/User' + - in: query + name: databaseRoles + schema: + type: string + - in: query + name: host + schema: + type: string + - in: query + name: name + schema: + type: string + get: + description: Lists users in the specified Cloud SQL instance. + operationId: sql.users.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9171,7 +10014,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/UsersListResponse' parameters: - in: path name: project @@ -9183,14 +10026,6 @@ paths: required: true schema: type: string - - in: query - name: host - schema: - type: string - - in: query - name: name - schema: - type: string /v1/projects/{project}/instances/{instance}/users/{name}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/storage.yaml b/providers/src/googleapis.com/v00.00.00000/services/storage.yaml index 45dfbf1d..d19e7775 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/storage.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/storage.yaml @@ -7,8 +7,8 @@ info: title: Cloud Storage JSON API description: Stores and retrieves potentially large, immutable data objects. version: v1 - x-discovery-doc-revision: '20250822' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251206' + x-generated-date: '2025-12-10' externalDocs: url: https://developers.google.com/storage/docs/json_api/ servers: @@ -959,6 +959,13 @@ components: The continuation token, used to page through large result sets. Provide this value in a subsequent request to return the next page of results. + unreachable: + type: array + description: >- + The list of bucket resource names that could not be reached during + the listing operation. + items: + type: string Channel: id: Channel type: object @@ -1056,6 +1063,9 @@ components: annotations: required: - storage.objects.compose + deleteSourceObjects: + type: boolean + description: If true, the source objects will be deleted. Folder: id: Folder type: object @@ -4079,6 +4089,10 @@ paths: name: userProject schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /b/{bucket}/lockRetentionPolicy: parameters: *ref_1 post: diff --git a/providers/src/googleapis.com/v00.00.00000/services/storagebatchoperations.yaml b/providers/src/googleapis.com/v00.00.00000/services/storagebatchoperations.yaml index 0769364d..e48b9729 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/storagebatchoperations.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/storagebatchoperations.yaml @@ -7,8 +7,8 @@ info: title: Storage Batch Operations API description: '' version: v1 - x-discovery-doc-revision: '20250820' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251203' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/storage/docs/batch-operations/overview servers: @@ -98,6 +98,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -294,6 +303,13 @@ components: - SUCCEEDED - CANCELED - FAILED + dryRun: + description: >- + Optional. If true, the job will run in dry run mode, returning the + total object count and, if the object configuration is a prefix + list, the bytes found from source. No transformations will be + performed. + type: boolean BucketList: id: BucketList description: Describes list of buckets and their objects to be transformed. @@ -468,6 +484,37 @@ components: type: object additionalProperties: type: string + objectRetention: + description: >- + Optional. Updates objects retention lock configuration. Unset values + will be ignored. Set empty values to clear the retention for the + object with existing `Unlocked` retention mode. Object with existing + `Locked` retention mode cannot be cleared or reduce + retain_until_time. Refer to documentation in + https://cloud.google.com/storage/docs/object-lock + $ref: '#/components/schemas/ObjectRetention' + ObjectRetention: + id: ObjectRetention + description: Describes options for object retention update. + type: object + properties: + retainUntilTime: + description: >- + Required. The time when the object will be retained until. UNSET + will clear the retention. Must be specified in RFC 3339 format e.g. + YYYY-MM-DD'T'HH:MM:SS.SS'Z' or YYYY-MM-DD'T'HH:MM:SS'Z'. + type: string + retentionMode: + description: Required. The retention mode of the object. + type: string + enumDescriptions: + - If set and retain_until_time is empty, clears the retention. + - Sets the retention mode to locked. + - Sets the retention mode to unlocked. + enum: + - RETENTION_MODE_UNSPECIFIED + - LOCKED + - UNLOCKED RewriteObject: id: RewriteObject description: Describes options for object rewrite. @@ -540,6 +587,13 @@ components: readOnly: true type: string format: int64 + totalBytesFound: + description: >- + Output only. Number of bytes found from source. This field is only + populated for jobs with a prefix list object configuration. + readOnly: true + type: string + format: int64 ErrorSummary: id: ErrorSummary description: >- @@ -1075,6 +1129,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/storagetransfer.yaml b/providers/src/googleapis.com/v00.00.00000/services/storagetransfer.yaml index 94baca0a..0894bec5 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/storagetransfer.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/storagetransfer.yaml @@ -9,8 +9,8 @@ info: Transfers data from external data sources to a Google Cloud Storage bucket or between Google Cloud Storage buckets. version: v1 - x-discovery-doc-revision: '20250801' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251128' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/storage-transfer/docs servers: @@ -36,88 +36,70 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + Empty: + properties: {} type: object + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + ListAgentPoolsResponse: + description: Response from ListAgentPools. + id: ListAgentPoolsResponse properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. + agentPools: type: array items: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/AgentPool' + description: A list of agent pools. nextPageToken: - description: The standard List next-page token. + description: The list next page token. type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. type: object + Date: properties: - name: - description: >- - The server-assigned unique name. The format of `name` is - `transferOperations/some/unique/name`. - type: string - metadata: - description: >- - Represents the transfer operation object. To request a - TransferOperation object, use transferOperations.get. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: + month: + type: integer description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + Month of a year. Must be from 1 to 12, or 0 to specify a year + without a month and day. + format: int32 + day: description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + Day of a month. Must be from 1 to 31 and valid for the year and + month, or 0 to specify a year by itself or a year and month where + the day isn't significant. + format: int32 + type: integer + year: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + Year of the date. Must be from 1 to 9999, or 0 to specify a date + without a year. + type: integer + format: int32 + type: object + id: Date + description: >- + Represents a whole or partial calendar date, such as a birthday. The + time of day and time zone are either specified elsewhere or are + insignificant. The date is relative to the Gregorian Calendar. This can + represent one of the following: * A full date, with non-zero year, + month, and day values. * A month and day, with a zero year (for example, + an anniversary). * A year on its own, with a zero month and a zero day. + * A year and month, with a zero day (for example, a credit card + expiration date). Related types: * google.type.TimeOfDay * + google.type.DateTime * google.protobuf.Timestamp Status: id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 message: + type: string description: >- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. - type: string details: description: >- A list of messages that carry the error details. There is a common @@ -126,243 +108,242 @@ components: items: type: object additionalProperties: - type: any description: Properties of the object. Contains field @type with type URL. - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - Empty: - id: Empty + type: any + code: + type: integer + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). type: object - properties: {} - GoogleServiceAccount: - id: GoogleServiceAccount - description: Google service account + TransferSpec: type: object + description: Configuration for running a transfer. + id: TransferSpec properties: - accountEmail: - description: Email address of the service account. + transferManifest: + $ref: '#/components/schemas/TransferManifest' + description: >- + A manifest file provides a list of objects to be transferred from + the data source. This field points to the location of the manifest + file. Otherwise, the entire source bucket is used. ObjectConditions + still apply. + awsS3CompatibleDataSource: + description: Optional. An AWS S3 compatible data source. + $ref: '#/components/schemas/AwsS3CompatibleData' + posixDataSink: + $ref: '#/components/schemas/PosixFilesystem' + description: Optional. A POSIX Filesystem data sink. + azureBlobStorageDataSource: + description: Optional. An Azure Blob Storage data source. + $ref: '#/components/schemas/AzureBlobStorageData' + sourceAgentPoolName: type: string - subjectId: - description: Unique identifier for the service account. + description: >- + Specifies the agent pool name associated with the posix data source. + When unspecified, the default name is used. + posixDataSource: + description: Optional. A POSIX Filesystem data source. + $ref: '#/components/schemas/PosixFilesystem' + gcsIntermediateDataLocation: + description: >- + For transfers between file systems, specifies a Cloud Storage bucket + to be used as an intermediate location through which to transfer + data. See [Transfer data between file + systems](https://cloud.google.com/storage-transfer/docs/file-to-file) + for more information. + $ref: '#/components/schemas/GcsData' + awsS3DataSource: + $ref: '#/components/schemas/AwsS3Data' + description: Optional. An AWS S3 data source. + sinkAgentPoolName: + description: >- + Specifies the agent pool name associated with the posix data sink. + When unspecified, the default name is used. type: string - TransferJob: - id: TransferJob - description: >- - This resource represents the configuration of a transfer job that runs - periodically. - type: object + httpDataSource: + $ref: '#/components/schemas/HttpData' + description: Optional. An HTTP URL data source. + hdfsDataSource: + description: Optional. An HDFS cluster data source. + $ref: '#/components/schemas/HdfsData' + gcsDataSource: + $ref: '#/components/schemas/GcsData' + description: Optional. A Cloud Storage data source. + gcsDataSink: + description: Optional. A Cloud Storage data sink. + $ref: '#/components/schemas/GcsData' + transferOptions: + description: >- + If the option delete_objects_unique_in_sink is `true` and time-based + object conditions such as 'last modification time' are specified, + the request fails with an INVALID_ARGUMENT error. + $ref: '#/components/schemas/TransferOptions' + objectConditions: + $ref: '#/components/schemas/ObjectConditions' + description: >- + Only objects that satisfy these object conditions are included in + the set of data source and data sink objects. Object conditions + based on objects' "last modification time" do not exclude objects in + a data sink. + UpdateTransferJobRequest: + description: Request passed to UpdateTransferJob. + id: UpdateTransferJobRequest properties: - name: + updateTransferJobFieldMask: description: >- - A unique name (within the transfer project) assigned when the job is - created. If this field is empty in a CreateTransferJobRequest, - Storage Transfer Service assigns a unique name. Otherwise, the - specified name is used as the unique name for this job. If the - specified name is in use by a job, the creation request fails with - an ALREADY_EXISTS error. This name must start with `"transferJobs/"` - prefix and end with a letter or a number, and should be no more than - 128 characters. For transfers involving PosixFilesystem, this name - must start with `transferJobs/OPI` specifically. For all other - transfer types, this name must not start with `transferJobs/OPI`. - Non-PosixFilesystem example: - `"transferJobs/^(?!OPI)[A-Za-z0-9-._~]*[A-Za-z0-9]$"` - PosixFilesystem example: - `"transferJobs/OPI^[A-Za-z0-9-._~]*[A-Za-z0-9]$"` Applications must - not rely on the enforcement of naming requirements involving OPI. - Invalid job names fail with an INVALID_ARGUMENT error. + The field mask of the fields in `transferJob` that are to be updated + in this request. Fields in `transferJob` that can be updated are: + description, transfer_spec, notification_config, logging_config, and + status. To update the `transfer_spec` of the job, a complete + transfer specification must be provided. An incomplete specification + missing any required fields is rejected with the error + INVALID_ARGUMENT. type: string - description: + format: google-fieldmask + transferJob: description: >- - A description provided by the user for the job. Its max length is - 1024 bytes when Unicode-encoded. - type: string + Required. The job to update. `transferJob` is expected to specify + one or more of five fields: description, transfer_spec, + notification_config, logging_config, and status. An + `UpdateTransferJobRequest` that specifies other fields are rejected + with the error INVALID_ARGUMENT. Updating a job status to DELETED + requires `storagetransfer.jobs.delete` permission. + $ref: '#/components/schemas/TransferJob' projectId: - description: The ID of the Google Cloud project that owns the job. + description: Required. The ID of the Google Cloud project that owns the job. type: string - serviceAccount: + type: object + AzureCredentials: + id: AzureCredentials + type: object + description: >- + Azure credentials For information on our data retention policy for user + credentials, see [User + credentials](/storage-transfer/docs/data-retention#user-credentials). + properties: + sasToken: description: >- - Optional. The user-managed service account to which to delegate - service agent permissions. You can grant Cloud Storage bucket - permissions to this service account instead of to the Transfer - Service service agent. Format is - `projects/-/serviceAccounts/ACCOUNT_EMAIL_OR_UNIQUEID` Either the - service account email - (`SERVICE_ACCOUNT_NAME@PROJECT_ID.iam.gserviceaccount.com`) or the - unique ID (`123456789012345678901`) are accepted in the string. The - `-` wildcard character is required; replacing it with a project ID - is invalid. See - https://cloud.google.com//storage-transfer/docs/delegate-service-agent-permissions - for required permissions. + Required. Azure shared access signature (SAS). For more information + about SAS, see [Grant limited access to Azure Storage resources + using shared access signatures + (SAS)](https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview). type: string - transferSpec: - description: Transfer specification. - $ref: '#/components/schemas/TransferSpec' - replicationSpec: - description: Replication specification. - $ref: '#/components/schemas/ReplicationSpec' - notificationConfig: - description: Notification configuration. - $ref: '#/components/schemas/NotificationConfig' - loggingConfig: - description: Logging configuration. - $ref: '#/components/schemas/LoggingConfig' - schedule: - description: >- - Specifies schedule for the transfer job. This is an optional field. - When the field is not set, the job never executes a transfer, unless - you invoke RunTransferJob or update the job to have a non-empty - schedule. - $ref: '#/components/schemas/Schedule' - eventStream: - description: >- - Specifies the event stream for the transfer job for event-driven - transfers. When EventStream is specified, the Schedule fields are - ignored. - $ref: '#/components/schemas/EventStream' - status: + S3CompatibleMetadata: + description: >- + S3CompatibleMetadata contains the metadata fields that apply to the + basic types of S3-compatible data providers. + properties: + authMethod: description: >- - Status of the job. This value MUST be specified for - `CreateTransferJobRequests`. **Note:** The effect of the new job - status takes place during a subsequent job run. For example, if you - change the job status from ENABLED to DISABLED, and an operation - spawned by the transfer is running, the status change would not - affect the current operation. - type: string + Specifies the authentication and authorization method used by the + storage service. When not specified, Transfer Service will attempt + to determine right auth method to use. enumDescriptions: - - Zero is an illegal value. - - New transfers are performed based on the schedule. - - New transfers are not scheduled. - - >- - This is a soft delete state. After a transfer job is set to this - state, the job and all the transfer executions are subject to - garbage collection. Transfer jobs become eligible for garbage - collection 30 days after their status is set to `DELETED`. - enum: - - STATUS_UNSPECIFIED - - ENABLED - - DISABLED - - DELETED - creationTime: - description: Output only. The time that the transfer job was created. - readOnly: true + - AuthMethod is not specified. + - Auth requests with AWS SigV4. + - Auth requests with AWS SigV2. type: string - format: google-datetime - lastModificationTime: - description: Output only. The time that the transfer job was last modified. - readOnly: true + enum: + - AUTH_METHOD_UNSPECIFIED + - AUTH_METHOD_AWS_SIGNATURE_V4 + - AUTH_METHOD_AWS_SIGNATURE_V2 + requestModel: + enum: + - REQUEST_MODEL_UNSPECIFIED + - REQUEST_MODEL_VIRTUAL_HOSTED_STYLE + - REQUEST_MODEL_PATH_STYLE type: string - format: google-datetime - deletionTime: - description: Output only. The time that the transfer job was deleted. - readOnly: true + enumDescriptions: + - RequestModel is not specified. + - >- + Perform requests using Virtual Hosted Style. Example: + https://bucket-name.s3.region.amazonaws.com/key-name + - >- + Perform requests using Path Style. Example: + https://s3.region.amazonaws.com/bucket-name/key-name + description: >- + Specifies the API request model used to call the storage service. + When not specified, the default value of RequestModel + REQUEST_MODEL_VIRTUAL_HOSTED_STYLE is used. + listApi: + description: >- + The Listing API to use for discovering objects. When not specified, + Transfer Service will attempt to determine the right API to use. type: string - format: google-datetime - latestOperationName: + enum: + - LIST_API_UNSPECIFIED + - LIST_OBJECTS_V2 + - LIST_OBJECTS + enumDescriptions: + - ListApi is not specified. + - Perform listing using ListObjectsV2 API. + - Legacy ListObjects API. + protocol: description: >- - The name of the most recently started TransferOperation of this - JobConfig. Present if a TransferOperation has been created for this - JobConfig. + Specifies the network protocol of the agent. When not specified, the + default value of NetworkProtocol NETWORK_PROTOCOL_HTTPS is used. type: string - TransferSpec: - id: TransferSpec - description: Configuration for running a transfer. + enum: + - NETWORK_PROTOCOL_UNSPECIFIED + - NETWORK_PROTOCOL_HTTPS + - NETWORK_PROTOCOL_HTTP + enumDescriptions: + - NetworkProtocol is not specified. + - Perform requests using HTTPS. + - >- + Not recommended: This sends data in clear-text. This is only + appropriate within a closed network or for publicly available + data. Perform requests using HTTP. + id: S3CompatibleMetadata type: object + AwsAccessKey: + type: object + id: AwsAccessKey + description: >- + AWS access key (see [AWS Security + Credentials](https://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html)). + For information on our data retention policy for user credentials, see + [User + credentials](/storage-transfer/docs/data-retention#user-credentials). properties: - gcsDataSink: - description: Optional. A Cloud Storage data sink. - $ref: '#/components/schemas/GcsData' - posixDataSink: - description: Optional. A POSIX Filesystem data sink. - $ref: '#/components/schemas/PosixFilesystem' - gcsDataSource: - description: Optional. A Cloud Storage data source. - $ref: '#/components/schemas/GcsData' - awsS3DataSource: - description: Optional. An AWS S3 data source. - $ref: '#/components/schemas/AwsS3Data' - httpDataSource: - description: Optional. An HTTP URL data source. - $ref: '#/components/schemas/HttpData' - posixDataSource: - description: Optional. A POSIX Filesystem data source. - $ref: '#/components/schemas/PosixFilesystem' - azureBlobStorageDataSource: - description: Optional. An Azure Blob Storage data source. - $ref: '#/components/schemas/AzureBlobStorageData' - awsS3CompatibleDataSource: - description: Optional. An AWS S3 compatible data source. - $ref: '#/components/schemas/AwsS3CompatibleData' - hdfsDataSource: - description: Optional. An HDFS cluster data source. - $ref: '#/components/schemas/HdfsData' - gcsIntermediateDataLocation: - description: >- - For transfers between file systems, specifies a Cloud Storage bucket - to be used as an intermediate location through which to transfer - data. See [Transfer data between file - systems](https://cloud.google.com/storage-transfer/docs/file-to-file) - for more information. - $ref: '#/components/schemas/GcsData' - objectConditions: - description: >- - Only objects that satisfy these object conditions are included in - the set of data source and data sink objects. Object conditions - based on objects' "last modification time" do not exclude objects in - a data sink. - $ref: '#/components/schemas/ObjectConditions' - transferOptions: - description: >- - If the option delete_objects_unique_in_sink is `true` and time-based - object conditions such as 'last modification time' are specified, - the request fails with an INVALID_ARGUMENT error. - $ref: '#/components/schemas/TransferOptions' - transferManifest: - description: >- - A manifest file provides a list of objects to be transferred from - the data source. This field points to the location of the manifest - file. Otherwise, the entire source bucket is used. ObjectConditions - still apply. - $ref: '#/components/schemas/TransferManifest' - sourceAgentPoolName: - description: >- - Specifies the agent pool name associated with the posix data source. - When unspecified, the default name is used. + accessKeyId: + description: Required. AWS access key ID. type: string - sinkAgentPoolName: + secretAccessKey: description: >- - Specifies the agent pool name associated with the posix data sink. - When unspecified, the default name is used. + Required. AWS secret access key. This field is not returned in RPC + responses. type: string GcsData: + type: object id: GcsData description: >- In a GcsData resource, an object's name is the Cloud Storage object's name and its "last modification time" refers to the object's `updated` property of Cloud Storage objects, which changes when the content or the metadata of the object is updated. - type: object properties: - bucketName: - description: >- - Required. Cloud Storage bucket name. Must meet [Bucket Name - Requirements](/storage/docs/naming#requirements). - type: string path: + type: string description: >- Root path to transfer objects. Must be an empty string or full path name that ends with a '/'. This field is treated as an object prefix. As such, it should generally not begin with a '/'. The root path value must meet [Object Name Requirements](/storage/docs/naming#objectnames). + bucketName: type: string + description: >- + Required. Cloud Storage bucket name. Must meet [Bucket Name + Requirements](/storage/docs/naming#requirements). managedFolderTransferEnabled: description: >- Preview. Enables the transfer of managed folders between Cloud @@ -373,364 +354,523 @@ components: [Transfer Cloud Storage managed folders](/storage-transfer/docs/managed-folders). type: boolean - PosixFilesystem: - id: PosixFilesystem - description: A POSIX filesystem resource. - type: object - properties: - rootDirectory: - description: Root directory path to the filesystem. - type: string - AwsS3Data: - id: AwsS3Data + ReplicationSpec: description: >- - An AwsS3Data resource can be a data source, but not a data sink. In an - AwsS3Data resource, an object's name is the S3 object's key name. + Specifies the configuration for a cross-bucket replication job. + Cross-bucket replication copies new or updated objects from a source + Cloud Storage bucket to a destination Cloud Storage bucket. Existing + objects in the source bucket are not copied by a new cross-bucket + replication job. + id: ReplicationSpec type: object properties: - bucketName: + gcsDataSource: + description: The Cloud Storage bucket from which to replicate objects. + $ref: '#/components/schemas/GcsData' + transferOptions: description: >- - Required. S3 Bucket name (see [Creating a - bucket](https://docs.aws.amazon.com/AmazonS3/latest/dev/create-bucket-get-location-example.html)). + Specifies the metadata options to be applied during replication. + Delete options are not supported. If a delete option is specified, + the request fails with an INVALID_ARGUMENT error. + $ref: '#/components/schemas/TransferOptions' + objectConditions: + $ref: '#/components/schemas/ObjectConditions' + description: >- + Object conditions that determine which objects are transferred. For + replication jobs, only `include_prefixes` and `exclude_prefixes` are + supported. + gcsDataSink: + $ref: '#/components/schemas/GcsData' + description: The Cloud Storage bucket to which to replicate objects. + TransferCounters: + properties: + bytesFoundOnlyFromSink: + format: int64 + description: Bytes found only in the data sink that are scheduled to be deleted. type: string - awsAccessKey: + bytesFromSourceFailed: + format: int64 description: >- - Input only. AWS access key used to sign the API requests to the AWS - S3 bucket. Permissions on the bucket must be granted to the access - ID of the AWS access key. For information on our data retention - policy for user credentials, see [User - credentials](/storage-transfer/docs/data-retention#user-credentials). - $ref: '#/components/schemas/AwsAccessKey' - path: + Bytes in the data source that failed to be transferred or that + failed to be deleted after being transferred. + type: string + directoriesSuccessfullyListedFromSource: + type: string description: >- - Root path to transfer objects. Must be an empty string or full path - name that ends with a '/'. This field is treated as an object - prefix. As such, it should generally not begin with a '/'. + For transfers involving PosixFilesystem only. Number of successful + listings for each directory found at the source. + format: int64 + objectsFailedToDeleteFromSink: + description: Objects that failed to be deleted from the data sink. + format: int64 + type: string + directoriesFailedToListFromSource: + format: int64 type: string - roleArn: description: >- - The Amazon Resource Name (ARN) of the role to support temporary - credentials via `AssumeRoleWithWebIdentity`. For more information - about ARNs, see [IAM - ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-arns). - When a role ARN is provided, Transfer Service fetches temporary - credentials for the session using a `AssumeRoleWithWebIdentity` call - for the provided role using the GoogleServiceAccount for this - project. + For transfers involving PosixFilesystem only. Number of listing + failures for each directory found at the source. Potential failures + when listing a directory include permission failure or block + failure. If listing a directory fails, no files in the directory are + transferred. + objectsDeletedFromSource: + description: Objects that are deleted from the data source. + type: string + format: int64 + objectsFoundOnlyFromSink: + format: int64 type: string - cloudfrontDomain: description: >- - Optional. The CloudFront distribution domain name pointing to this - bucket, to use when fetching. See [Transfer from S3 via - CloudFront](https://cloud.google.com/storage-transfer/docs/s3-cloudfront) - for more information. Format: `https://{id}.cloudfront.net` or any - valid custom domain. Must begin with `https://`. + Objects found only in the data sink that are scheduled to be + deleted. + objectsFromSourceFailed: + description: >- + Objects in the data source that failed to be transferred or that + failed to be deleted after being transferred. + format: int64 type: string - credentialsSecret: + intermediateObjectsFailedCleanedUp: + format: int64 + description: Number of intermediate objects failed cleaned up. + type: string + bytesFoundFromSource: description: >- - Optional. The Resource name of a secret in Secret Manager. AWS - credentials must be stored in Secret Manager in JSON format: { - "access_key_id": "ACCESS_KEY_ID", "secret_access_key": - "SECRET_ACCESS_KEY" } GoogleServiceAccount must be granted - `roles/secretmanager.secretAccessor` for the resource. See - [Configure access to a source: Amazon S3] - (https://cloud.google.com/storage-transfer/docs/source-amazon-s3#secret_manager) - for more information. If `credentials_secret` is specified, do not - specify role_arn or aws_access_key. Format: - `projects/{project_number}/secrets/{secret_name}` + Bytes found in the data source that are scheduled to be transferred, + excluding any that are filtered based on object conditions or + skipped due to sync. + format: int64 type: string - managedPrivateNetwork: + objectsFoundFromSource: + format: int64 description: >- - Egress bytes over a Google-managed private network. This network is - shared between other users of Storage Transfer Service. - type: boolean - AwsAccessKey: - id: AwsAccessKey - description: >- - AWS access key (see [AWS Security - Credentials](https://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html)). - For information on our data retention policy for user credentials, see - [User - credentials](/storage-transfer/docs/data-retention#user-credentials). - type: object - properties: - accessKeyId: - description: Required. AWS access key ID. + Objects found in the data source that are scheduled to be + transferred, excluding any that are filtered based on object + conditions or skipped due to sync. type: string - secretAccessKey: + bytesFailedToDeleteFromSink: + type: string + description: Bytes that failed to be deleted from the data sink. + format: int64 + objectsCopiedToSink: + type: string + description: Objects that are copied to the data sink. + format: int64 + intermediateObjectsCleanedUp: + format: int64 + description: Number of successfully cleaned up intermediate objects. + type: string + directoriesFoundFromSource: + format: int64 description: >- - Required. AWS secret access key. This field is not returned in RPC - responses. + For transfers involving PosixFilesystem only. Number of directories + found while listing. For example, if the root directory of the + transfer is `base/` and there are two other directories, `a/` and + `b/` under this directory, the count after listing `base/`, + `base/a/` and `base/b/` is 3. type: string - HttpData: - id: HttpData + bytesCopiedToSink: + type: string + description: Bytes that are copied to the data sink. + format: int64 + objectsDeletedFromSink: + format: int64 + description: Objects that are deleted from the data sink. + type: string + bytesDeletedFromSink: + type: string + format: int64 + description: Bytes that are deleted from the data sink. + bytesDeletedFromSource: + format: int64 + description: Bytes that are deleted from the data source. + type: string + bytesFromSourceSkippedBySync: + format: int64 + description: >- + Bytes in the data source that are not transferred because they + already exist in the data sink. + type: string + objectsFromSourceSkippedBySync: + description: >- + Objects in the data source that are not transferred because they + already exist in the data sink. + type: string + format: int64 + id: TransferCounters description: >- - An HttpData resource specifies a list of objects on the web to be - transferred over HTTP. The information of the objects to be transferred - is contained in a file referenced by a URL. The first line in the file - must be `"TsvHttpData-1.0"`, which specifies the format of the file. - Subsequent lines specify the information of the list of objects, one - object per list entry. Each entry has the following tab-delimited - fields: * **HTTP URL** — The location of the object. * **Length** — The - size of the object in bytes. * **MD5** — The base64-encoded MD5 hash of - the object. For an example of a valid TSV file, see [Transferring data - from - URLs](https://cloud.google.com/storage-transfer/docs/create-url-list). - When transferring data based on a URL list, keep the following in mind: - * When an object located at `http(s)://hostname:port/` is transferred to - a data sink, the name of the object at the data sink is `/`. * If the - specified size of an object does not match the actual size of the object - fetched, the object is not transferred. * If the specified MD5 does not - match the MD5 computed from the transferred bytes, the object transfer - fails. * Ensure that each URL you specify is publicly accessible. For - example, in Cloud Storage you can [share an object publicly] - (/storage/docs/cloud-console#_sharingdata) and get a link to it. * - Storage Transfer Service obeys `robots.txt` rules and requires the - source HTTP server to support `Range` requests and to return a - `Content-Length` header in each response. * ObjectConditions have no - effect when filtering objects to transfer. + A collection of counters that report the progress of a transfer + operation. + type: object + PauseTransferOperationRequest: + properties: {} + id: PauseTransferOperationRequest + type: object + description: Request passed to PauseTransferOperation. + ErrorLogEntry: + id: ErrorLogEntry type: object properties: - listUrl: + errorDetails: + description: Optional. A list of messages that carry the error details. + type: array + items: + type: string + url: + readOnly: true description: >- - Required. The URL that points to the file that stores the object - list entries. This file must allow public access. The URL is either - an HTTP/HTTPS address (e.g. `https://example.com/urllist.tsv`) or a - Cloud Storage path (e.g. `gs://my-bucket/urllist.tsv`). + Output only. A URL that refers to the target (a data source, a data + sink, or an object) with which the error is associated. type: string - AzureBlobStorageData: - id: AzureBlobStorageData - description: >- - An AzureBlobStorageData resource can be a data source, but not a data - sink. An AzureBlobStorageData resource represents one Azure container. - The storage account determines the [Azure - endpoint](https://docs.microsoft.com/en-us/azure/storage/common/storage-create-storage-account#storage-account-endpoints). - In an AzureBlobStorageData resource, a blobs's name is the [Azure Blob - Storage blob's key - name](https://docs.microsoft.com/en-us/rest/api/storageservices/naming-and-referencing-containers--blobs--and-metadata#blob-names). + description: LINT.IfChange An entry describing an error that has occurred. + GoogleServiceAccount: type: object + description: Google service account + id: GoogleServiceAccount properties: - storageAccount: - description: Required. The name of the Azure Storage account. + subjectId: + description: Unique identifier for the service account. type: string - azureCredentials: - description: >- - Required. Input only. Credentials used to authenticate API requests - to Azure. For information on our data retention policy for user - credentials, see [User - credentials](/storage-transfer/docs/data-retention#user-credentials). - $ref: '#/components/schemas/AzureCredentials' - container: - description: Required. The container to transfer from the Azure Storage account. + accountEmail: + description: Email address of the service account. + type: string + RunTransferJobRequest: + id: RunTransferJobRequest + properties: + projectId: type: string - path: description: >- - Root path to transfer objects. Must be an empty string or full path - name that ends with a '/'. This field is treated as an object - prefix. As such, it should generally not begin with a '/'. - type: string - credentialsSecret: + Required. The ID of the Google Cloud project that owns the transfer + job. + description: Request passed to RunTransferJob. + type: object + TransferOptions: + type: object + description: >- + TransferOptions define the actions to be performed on objects in a + transfer. + id: TransferOptions + properties: + overwriteObjectsAlreadyExistingInSink: description: >- - Optional. The Resource name of a secret in Secret Manager. The Azure - SAS token must be stored in Secret Manager in JSON format: { - "sas_token" : "SAS_TOKEN" } GoogleServiceAccount must be granted - `roles/secretmanager.secretAccessor` for the resource. See - [Configure access to a source: Microsoft Azure Blob Storage] - (https://cloud.google.com/storage-transfer/docs/source-microsoft-azure#secret_manager) - for more information. If `credentials_secret` is specified, do not - specify azure_credentials. Format: - `projects/{project_number}/secrets/{secret_name}` + When to overwrite objects that already exist in the sink. The + default is that only objects that are different from the source are + overwritten. If true, all objects in the sink whose name matches an + object in the source are overwritten with the source object. + type: boolean + deleteObjectsFromSourceAfterTransfer: + description: >- + Whether objects should be deleted from the source after they are + transferred to the sink. **Note:** This option and + delete_objects_unique_in_sink are mutually exclusive. + type: boolean + metadataOptions: + description: Represents the selected metadata options for a transfer job. + $ref: '#/components/schemas/MetadataOptions' + overwriteWhen: + enum: + - OVERWRITE_WHEN_UNSPECIFIED + - DIFFERENT + - NEVER + - ALWAYS type: string - federatedIdentityConfig: description: >- - Optional. Federated identity config of a user registered Azure - application. If `federated_identity_config` is specified, do not - specify azure_credentials or credentials_secret. - $ref: '#/components/schemas/FederatedIdentityConfig' - AzureCredentials: - id: AzureCredentials - description: >- - Azure credentials For information on our data retention policy for user - credentials, see [User - credentials](/storage-transfer/docs/data-retention#user-credentials). + When to overwrite objects that already exist in the sink. If not + set, overwrite behavior is determined by + overwrite_objects_already_existing_in_sink. + enumDescriptions: + - Overwrite behavior is unspecified. + - >- + Overwrites destination objects with the source objects, only if + the objects have the same name but different HTTP ETags or + checksum values. + - >- + Never overwrites a destination object if a source object has the + same name. In this case, the source object is not transferred. + - >- + Always overwrite the destination object with the source object, + even if the HTTP Etags or checksum values are the same. + deleteObjectsUniqueInSink: + type: boolean + description: >- + Whether objects that exist only in the sink should be deleted. + **Note:** This option and delete_objects_from_source_after_transfer + are mutually exclusive. + AgentPool: + id: AgentPool type: object + description: Represents an agent pool. properties: - sasToken: + name: + type: string description: >- - Required. Azure shared access signature (SAS). For more information - about SAS, see [Grant limited access to Azure Storage resources - using shared access signatures - (SAS)](https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview). + Required. Specifies a unique string that identifies the agent pool. + Format: `projects/{project_id}/agentPools/{agent_pool_id}` + displayName: type: string - FederatedIdentityConfig: - id: FederatedIdentityConfig - description: >- - The identity of an Azure application through which Storage Transfer - Service can authenticate requests using Azure workload identity - federation. Storage Transfer Service can issue requests to Azure Storage - through registered Azure applications, eliminating the need to pass - credentials to Storage Transfer Service directly. To configure federated - identity, see [Configure access to Microsoft Azure - Storage](https://cloud.google.com/storage-transfer/docs/source-microsoft-azure#option_3_authenticate_using_federated_identity). + description: Specifies the client-specified AgentPool description. + bandwidthLimit: + description: >- + Specifies the bandwidth limit details. If this field is unspecified, + the default value is set as 'No Limit'. + $ref: '#/components/schemas/BandwidthLimit' + state: + description: Output only. Specifies the state of the AgentPool. + enumDescriptions: + - Default value. This value is unused. + - >- + This is an initialization state. During this stage, resources are + allocated for the AgentPool. + - >- + Determines that the AgentPool is created for use. At this state, + Agents can join the AgentPool and participate in the transfer jobs + in that pool. + - >- + Determines that the AgentPool deletion has been initiated, and all + the resources are scheduled to be cleaned up and freed. + enum: + - STATE_UNSPECIFIED + - CREATING + - CREATED + - DELETING + readOnly: true + type: string + TransferManifest: + description: Specifies where the manifest is located. + properties: + location: + type: string + description: >- + Specifies the path to the manifest in Cloud Storage. The + Google-managed service account for the transfer must have + `storage.objects.get` permission for this object. An example path is + `gs://bucket_name/path/manifest.csv`. + id: TransferManifest type: object + LoggingConfig: properties: - clientId: + enableOnpremGcsTransferLogs: + type: boolean description: >- - Required. The client (application) ID of the application with - federated credentials. - type: string - tenantId: + For PosixFilesystem transfers, enables [file system transfer + logs](https://cloud.google.com/storage-transfer/docs/on-prem-transfer-log-format) + instead of, or in addition to, Cloud Logging. This option ignores + [LoggableAction] and [LoggableActionState]. If these are set, Cloud + Logging will also be enabled for this transfer. + logActionStates: + type: array description: >- - Required. The tenant (directory) ID of the application with - federated credentials. - type: string + States in which `log_actions` are logged. If empty, no logs are + generated. + items: + enum: + - LOGGABLE_ACTION_STATE_UNSPECIFIED + - SUCCEEDED + - FAILED + - SKIPPED + type: string + enumDescriptions: + - Default value. This value is unused. + - >- + `LoggableAction` completed successfully. `SUCCEEDED` actions are + logged as INFO. + - >- + `LoggableAction` terminated in an error state. `FAILED` actions + are logged as ERROR. + - >- + The `COPY` action was skipped for this file. Only supported for + agent-based transfers. `SKIPPED` actions are logged as INFO. + logActions: + description: Specifies the actions to be logged. If empty, no logs are generated. + items: + enumDescriptions: + - Default value. This value is unused. + - Listing objects in a bucket. + - Deleting objects at the source or the destination. + - Copying objects to the destination. + type: string + enum: + - LOGGABLE_ACTION_UNSPECIFIED + - FIND + - DELETE + - COPY + type: array + description: >- + Specifies the logging behavior for transfer operations. Logs can be sent + to Cloud Logging for all transfer types. See [Read transfer + logs](https://cloud.google.com/storage-transfer/docs/read-transfer-logs) + for details. + id: LoggingConfig + type: object AwsS3CompatibleData: id: AwsS3CompatibleData - description: An AwsS3CompatibleData resource. type: object properties: - bucketName: - description: Required. Specifies the name of the bucket. + region: type: string - path: description: >- - Specifies the root path to transfer objects. Must be an empty string - or full path name that ends with a '/'. This field is treated as an - object prefix. As such, it should generally not begin with a '/'. - type: string + Specifies the region to sign requests with. This can be left blank + if requests should be signed with an empty region. endpoint: + type: string description: Required. Specifies the endpoint of the storage service. + path: type: string - region: description: >- - Specifies the region to sign requests with. This can be left blank - if requests should be signed with an empty region. - type: string + Specifies the root path to transfer objects. Must be an empty string + or full path name that ends with a '/'. This field is treated as an + object prefix. As such, it should generally not begin with a '/'. s3Metadata: description: A S3 compatible metadata. $ref: '#/components/schemas/S3CompatibleMetadata' - S3CompatibleMetadata: - id: S3CompatibleMetadata - description: >- - S3CompatibleMetadata contains the metadata fields that apply to the - basic types of S3-compatible data providers. - type: object + bucketName: + type: string + description: Required. Specifies the name of the bucket. + description: An AwsS3CompatibleData resource. + ListOperationsResponse: properties: - authMethod: - description: >- - Specifies the authentication and authorization method used by the - storage service. When not specified, Transfer Service will attempt - to determine right auth method to use. + nextPageToken: + description: The standard List next-page token. type: string - enumDescriptions: - - AuthMethod is not specified. - - Auth requests with AWS SigV4. - - Auth requests with AWS SigV2. - enum: - - AUTH_METHOD_UNSPECIFIED - - AUTH_METHOD_AWS_SIGNATURE_V4 - - AUTH_METHOD_AWS_SIGNATURE_V2 - requestModel: + unreachable: description: >- - Specifies the API request model used to call the storage service. - When not specified, the default value of RequestModel - REQUEST_MODEL_VIRTUAL_HOSTED_STYLE is used. - type: string - enumDescriptions: - - RequestModel is not specified. - - >- - Perform requests using Virtual Hosted Style. Example: - https://bucket-name.s3.region.amazonaws.com/key-name - - >- - Perform requests using Path Style. Example: - https://s3.region.amazonaws.com/bucket-name/key-name - enum: - - REQUEST_MODEL_UNSPECIFIED - - REQUEST_MODEL_VIRTUAL_HOSTED_STYLE - - REQUEST_MODEL_PATH_STYLE - protocol: + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + items: + type: string + operations: + type: array description: >- - Specifies the network protocol of the agent. When not specified, the - default value of NetworkProtocol NETWORK_PROTOCOL_HTTPS is used. + A list of operations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Operation' + description: The response message for Operations.ListOperations. + id: ListOperationsResponse + type: object + TransferOperation: + id: TransferOperation + type: object + properties: + loggingConfig: + description: Cloud Logging configuration. + $ref: '#/components/schemas/LoggingConfig' + transferSpec: + $ref: '#/components/schemas/TransferSpec' + description: Transfer specification. + status: type: string + enum: + - STATUS_UNSPECIFIED + - IN_PROGRESS + - PAUSED + - SUCCESS + - FAILED + - ABORTED + - QUEUED + - SUSPENDING + description: Status of the transfer operation. enumDescriptions: - - NetworkProtocol is not specified. - - Perform requests using HTTPS. + - Zero is an illegal value. + - In progress. + - Paused. + - Completed successfully. + - Terminated due to an unrecoverable failure. + - Aborted by the user. + - Temporarily delayed by the system. No user action is required. - >- - Not recommended: This sends data in clear-text. This is only - appropriate within a closed network or for publicly available - data. Perform requests using HTTP. - enum: - - NETWORK_PROTOCOL_UNSPECIFIED - - NETWORK_PROTOCOL_HTTPS - - NETWORK_PROTOCOL_HTTP - listApi: - description: >- - The Listing API to use for discovering objects. When not specified, - Transfer Service will attempt to determine the right API to use. + The operation is suspending and draining the ongoing work to + completion. + notificationConfig: + description: Notification configuration. + $ref: '#/components/schemas/NotificationConfig' + counters: + $ref: '#/components/schemas/TransferCounters' + description: Information about the progress of the transfer operation. + endTime: + description: End time of this transfer execution. type: string - enumDescriptions: - - ListApi is not specified. - - Perform listing using ListObjectsV2 API. - - Legacy ListObjects API. - enum: - - LIST_API_UNSPECIFIED - - LIST_OBJECTS_V2 - - LIST_OBJECTS - HdfsData: - id: HdfsData - description: >- - An HdfsData resource specifies a path within an HDFS entity (e.g. a - cluster). All cluster-specific settings, such as namenodes and ports, - are configured on the transfer agents servicing requests, so HdfsData - only contains the root path to the data in our transfer. + format: google-datetime + startTime: + type: string + description: Start time of this transfer execution. + format: google-datetime + projectId: + type: string + description: The ID of the Google Cloud project that owns the operation. + transferJobName: + description: The name of the transfer job that triggers this transfer operation. + type: string + name: + type: string + description: A globally unique ID assigned by the system. + errorBreakdowns: + items: + $ref: '#/components/schemas/ErrorSummary' + type: array + description: Summarizes errors encountered with sample error log entries. + description: A description of the execution of a transfer. + BandwidthLimit: type: object + id: BandwidthLimit properties: - path: - description: Root path to transfer files. + limitMbps: + format: int64 type: string - ObjectConditions: - id: ObjectConditions - description: >- - Conditions that determine which objects are transferred. Applies only to - Cloud Data Sources such as S3, Azure, and Cloud Storage. The "last - modification time" refers to the time of the last change to the object's - content or metadata — specifically, this is the `updated` property of - Cloud Storage objects, the `LastModified` field of S3 objects, and the - `Last-Modified` header of Azure blobs. For S3 objects, the - `LastModified` value is the time the object begins uploading. If the - object meets your "last modification time" criteria, but has not - finished uploading, the object is not transferred. See [Transfer from - Amazon S3 to Cloud - Storage](https://cloud.google.com/storage-transfer/docs/create-transfers/agentless/s3#transfer_options) - for more information. Transfers with a PosixFilesystem source or - destination don't support `ObjectConditions`. + description: >- + Bandwidth rate in megabytes per second, distributed across all the + agents in the pool. + description: Specifies a bandwidth limit for an agent pool. + Operation: type: object properties: - minTimeElapsedSinceLastModification: + error: + $ref: '#/components/schemas/Status' description: >- - Ensures that objects are not transferred until a specific minimum - time has elapsed after the "last modification time". When a - TransferOperation begins, objects with a "last modification time" - are transferred only if the elapsed time between the start_time of - the `TransferOperation` and the "last modification time" of the - object is equal to or greater than the value of - min_time_elapsed_since_last_modification`. Objects that do not have - a "last modification time" are also transferred. - type: string - format: google-duration - maxTimeElapsedSinceLastModification: + The error result of the operation in case of failure or + cancellation. + metadata: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any description: >- - Ensures that objects are not transferred if a specific maximum time - has elapsed since the "last modification time". When a - TransferOperation begins, objects with a "last modification time" - are transferred only if the elapsed time between the start_time of - the `TransferOperation`and the "last modification time" of the - object is less than the value of - max_time_elapsed_since_last_modification`. Objects that do not have - a "last modification time" are also transferred. + Represents the transfer operation object. To request a + TransferOperation object, use transferOperations.get. + type: object + name: + description: >- + The server-assigned unique name. The format of `name` is + `transferOperations/some/unique/name`. type: string - format: google-duration + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + response: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + id: Operation + description: >- + This resource represents a long-running operation that is the result of + a network API call. + ObjectConditions: + id: ObjectConditions + properties: includePrefixes: description: >- If you specify `include_prefixes`, Storage Transfer Service uses the @@ -753,9 +893,26 @@ components: include-prefix. The max size of `include_prefixes` is 1000. For more information, see [Filtering objects from transfers](/storage-transfer/docs/filtering-objects-from-transfers). - type: array items: type: string + type: array + matchGlob: + type: string + description: >- + Optional. If specified, only objects matching this glob are + transferred. + maxTimeElapsedSinceLastModification: + type: string + format: google-duration + description: >- + Ensures that objects are not transferred if a specific maximum time + has elapsed since the "last modification time". When a + TransferOperation begins, objects with a "last modification time" + are transferred only if the elapsed time between the start_time of + the `TransferOperation`and the "last modification time" of the + object is less than the value of + max_time_elapsed_since_last_modification`. Objects that do not have + a "last modification time" are also transferred. excludePrefixes: description: >- If you specify `exclude_prefixes`, Storage Transfer Service uses the @@ -778,10 +935,30 @@ components: included by `include_prefixes`. The max size of `exclude_prefixes` is 1000. For more information, see [Filtering objects from transfers](/storage-transfer/docs/filtering-objects-from-transfers). - type: array items: type: string + type: array + minTimeElapsedSinceLastModification: + type: string + format: google-duration + description: >- + Ensures that objects are not transferred until a specific minimum + time has elapsed after the "last modification time". When a + TransferOperation begins, objects with a "last modification time" + are transferred only if the elapsed time between the start_time of + the `TransferOperation` and the "last modification time" of the + object is equal to or greater than the value of + min_time_elapsed_since_last_modification`. Objects that do not have + a "last modification time" are also transferred. + lastModifiedBefore: + format: google-datetime + description: >- + If specified, only objects with a "last modification time" before + this timestamp and objects that don't have a "last modification + time" are transferred. + type: string lastModifiedSince: + format: google-datetime description: >- If specified, only objects with a "last modification time" on or after this timestamp and objects that don't have a "last @@ -792,271 +969,190 @@ components: follows: * `last_modified_since` to the start of the day * `last_modified_before` to the end of the day type: string - format: google-datetime - lastModifiedBefore: - description: >- - If specified, only objects with a "last modification time" before - this timestamp and objects that don't have a "last modification - time" are transferred. - type: string - format: google-datetime - TransferOptions: - id: TransferOptions - description: >- - TransferOptions define the actions to be performed on objects in a - transfer. type: object - properties: - overwriteObjectsAlreadyExistingInSink: - description: >- - When to overwrite objects that already exist in the sink. The - default is that only objects that are different from the source are - overwritten. If true, all objects in the sink whose name matches an - object in the source are overwritten with the source object. - type: boolean - deleteObjectsUniqueInSink: + description: >- + Conditions that determine which objects are transferred. Applies only to + Cloud Data Sources such as S3, Azure, and Cloud Storage. The "last + modification time" refers to the time of the last change to the object's + content or metadata — specifically, this is the `updated` property of + Cloud Storage objects, the `LastModified` field of S3 objects, and the + `Last-Modified` header of Azure blobs. For S3 objects, the + `LastModified` value is the time the object begins uploading. If the + object meets your "last modification time" criteria, but has not + finished uploading, the object is not transferred. See [Transfer from + Amazon S3 to Cloud + Storage](https://cloud.google.com/storage-transfer/docs/create-transfers/agentless/s3#transfer_options) + for more information. Transfers with a PosixFilesystem source or + destination don't support `ObjectConditions`. + EventStream: + id: EventStream + description: >- + Specifies the Event-driven transfer options. Event-driven transfers + listen to an event stream to transfer updated files. + type: object + properties: + eventStreamExpirationTime: + type: string description: >- - Whether objects that exist only in the sink should be deleted. - **Note:** This option and delete_objects_from_source_after_transfer - are mutually exclusive. - type: boolean - deleteObjectsFromSourceAfterTransfer: + Specifies the data and time at which Storage Transfer Service stops + listening for events from this stream. After this time, any + transfers in progress will complete, but no new transfers are + initiated. + format: google-datetime + name: + type: string description: >- - Whether objects should be deleted from the source after they are - transferred to the sink. **Note:** This option and - delete_objects_unique_in_sink are mutually exclusive. - type: boolean - overwriteWhen: + Required. Specifies a unique name of the resource such as AWS SQS + ARN in the form 'arn:aws:sqs:region:account_id:queue_name', or + Pub/Sub subscription resource name in the form + 'projects/{project}/subscriptions/{sub}'. + eventStreamStartTime: + type: string + format: google-datetime description: >- - When to overwrite objects that already exist in the sink. If not - set, overwrite behavior is determined by - overwrite_objects_already_existing_in_sink. + Specifies the date and time that Storage Transfer Service starts + listening for events from this stream. If no start time is specified + or start time is in the past, Storage Transfer Service starts + listening immediately. + CancelOperationRequest: + type: object + properties: {} + description: The request message for Operations.CancelOperation. + id: CancelOperationRequest + PosixFilesystem: + type: object + description: A POSIX filesystem resource. + id: PosixFilesystem + properties: + rootDirectory: + description: Root directory path to the filesystem. type: string - enumDescriptions: - - Overwrite behavior is unspecified. - - >- - Overwrites destination objects with the source objects, only if - the objects have the same name but different HTTP ETags or - checksum values. - - >- - Never overwrites a destination object if a source object has the - same name. In this case, the source object is not transferred. - - >- - Always overwrite the destination object with the source object, - even if the HTTP Etags or checksum values are the same. - enum: - - OVERWRITE_WHEN_UNSPECIFIED - - DIFFERENT - - NEVER - - ALWAYS - metadataOptions: - description: Represents the selected metadata options for a transfer job. - $ref: '#/components/schemas/MetadataOptions' - MetadataOptions: - id: MetadataOptions - description: Specifies the metadata options for running a transfer. + AzureBlobStorageData: + id: AzureBlobStorageData type: object properties: - symlink: + azureCredentials: description: >- - Specifies how symlinks should be handled by the transfer. By - default, symlinks are not preserved. Only applicable to transfers - involving POSIX file systems, and ignored for other transfers. + Required. Input only. Credentials used to authenticate API requests + to Azure. For information on our data retention policy for user + credentials, see [User + credentials](/storage-transfer/docs/data-retention#user-credentials). + $ref: '#/components/schemas/AzureCredentials' + credentialsSecret: type: string - enumDescriptions: - - Symlink behavior is unspecified. - - Do not preserve symlinks during a transfer job. - - Preserve symlinks during a transfer job. - enum: - - SYMLINK_UNSPECIFIED - - SYMLINK_SKIP - - SYMLINK_PRESERVE - mode: description: >- - Specifies how each file's mode attribute should be handled by the - transfer. By default, mode is not preserved. Only applicable to - transfers involving POSIX file systems, and ignored for other - transfers. + Optional. The Resource name of a secret in Secret Manager. The Azure + SAS token must be stored in Secret Manager in JSON format: { + "sas_token" : "SAS_TOKEN" } GoogleServiceAccount must be granted + `roles/secretmanager.secretAccessor` for the resource. See + [Configure access to a source: Microsoft Azure Blob Storage] + (https://cloud.google.com/storage-transfer/docs/source-microsoft-azure#secret_manager) + for more information. If `credentials_secret` is specified, do not + specify azure_credentials. Format: + `projects/{project_number}/secrets/{secret_name}` + privateNetworkService: + description: >- + Service Directory Service to be used as the endpoint for transfers + from a custom VPC. Format: + `projects/{project_id}/locations/{location}/namespaces/{namespace}/services/{service}` + type: string + container: + type: string + description: Required. The container to transfer from the Azure Storage account. + storageAccount: + type: string + description: Required. The name of the Azure Storage account. + path: type: string - enumDescriptions: - - Mode behavior is unspecified. - - Do not preserve mode during a transfer job. - - Preserve mode during a transfer job. - enum: - - MODE_UNSPECIFIED - - MODE_SKIP - - MODE_PRESERVE - gid: description: >- - Specifies how each file's POSIX group ID (GID) attribute should be - handled by the transfer. By default, GID is not preserved. Only - applicable to transfers involving POSIX file systems, and ignored - for other transfers. + Root path to transfer objects. Must be an empty string or full path + name that ends with a '/'. This field is treated as an object + prefix. As such, it should generally not begin with a '/'. + federatedIdentityConfig: + description: >- + Optional. Federated identity config of a user registered Azure + application. If `federated_identity_config` is specified, do not + specify azure_credentials or credentials_secret. + $ref: '#/components/schemas/FederatedIdentityConfig' + description: >- + An AzureBlobStorageData resource can be a data source, but not a data + sink. An AzureBlobStorageData resource represents one Azure container. + The storage account determines the [Azure + endpoint](https://docs.microsoft.com/en-us/azure/storage/common/storage-create-storage-account#storage-account-endpoints). + In an AzureBlobStorageData resource, a blobs's name is the [Azure Blob + Storage blob's key + name](https://docs.microsoft.com/en-us/rest/api/storageservices/naming-and-referencing-containers--blobs--and-metadata#blob-names). + AwsS3Data: + description: >- + An AwsS3Data resource can be a data source, but not a data sink. In an + AwsS3Data resource, an object's name is the S3 object's key name. + properties: + privateNetworkService: type: string - enumDescriptions: - - GID behavior is unspecified. - - Do not preserve GID during a transfer job. - - Preserve GID during a transfer job. - enum: - - GID_UNSPECIFIED - - GID_SKIP - - GID_NUMBER - uid: description: >- - Specifies how each file's POSIX user ID (UID) attribute should be - handled by the transfer. By default, UID is not preserved. Only - applicable to transfers involving POSIX file systems, and ignored - for other transfers. + Service Directory Service to be used as the endpoint for transfers + from a custom VPC. Format: + `projects/{project_id}/locations/{location}/namespaces/{namespace}/services/{service}` + awsAccessKey: + description: >- + Input only. AWS access key used to sign the API requests to the AWS + S3 bucket. Permissions on the bucket must be granted to the access + ID of the AWS access key. For information on our data retention + policy for user credentials, see [User + credentials](/storage-transfer/docs/data-retention#user-credentials). + $ref: '#/components/schemas/AwsAccessKey' + managedPrivateNetwork: + type: boolean + description: >- + Egress bytes over a Google-managed private network. This network is + shared between other users of Storage Transfer Service. + cloudfrontDomain: type: string - enumDescriptions: - - UID behavior is unspecified. - - Do not preserve UID during a transfer job. - - Preserve UID during a transfer job. - enum: - - UID_UNSPECIFIED - - UID_SKIP - - UID_NUMBER - acl: description: >- - Specifies how each object's ACLs should be preserved for transfers - between Google Cloud Storage buckets. If unspecified, the default - behavior is the same as ACL_DESTINATION_BUCKET_DEFAULT. + Optional. The CloudFront distribution domain name pointing to this + bucket, to use when fetching. See [Transfer from S3 via + CloudFront](https://cloud.google.com/storage-transfer/docs/s3-cloudfront) + for more information. Format: `https://{id}.cloudfront.net` or any + valid custom domain. Must begin with `https://`. + credentialsSecret: + description: >- + Optional. The Resource name of a secret in Secret Manager. AWS + credentials must be stored in Secret Manager in JSON format: { + "access_key_id": "ACCESS_KEY_ID", "secret_access_key": + "SECRET_ACCESS_KEY" } GoogleServiceAccount must be granted + `roles/secretmanager.secretAccessor` for the resource. See + [Configure access to a source: Amazon S3] + (https://cloud.google.com/storage-transfer/docs/source-amazon-s3#secret_manager) + for more information. If `credentials_secret` is specified, do not + specify role_arn or aws_access_key. Format: + `projects/{project_number}/secrets/{secret_name}` type: string - enumDescriptions: - - ACL behavior is unspecified. - - Use the destination bucket's default object ACLS, if applicable. - - >- - Preserve the object's original ACLs. This requires the service - account to have `storage.objects.getIamPolicy` permission for the - source object. [Uniform bucket-level - access](https://cloud.google.com/storage/docs/uniform-bucket-level-access) - must not be enabled on either the source or destination buckets. - enum: - - ACL_UNSPECIFIED - - ACL_DESTINATION_BUCKET_DEFAULT - - ACL_PRESERVE - storageClass: + roleArn: description: >- - Specifies the storage class to set on objects being transferred to - Google Cloud Storage buckets. If unspecified, the default behavior - is the same as STORAGE_CLASS_DESTINATION_BUCKET_DEFAULT. + The Amazon Resource Name (ARN) of the role to support temporary + credentials via `AssumeRoleWithWebIdentity`. For more information + about ARNs, see [IAM + ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-arns). + When a role ARN is provided, Transfer Service fetches temporary + credentials for the session using a `AssumeRoleWithWebIdentity` call + for the provided role using the GoogleServiceAccount for this + project. type: string - enumDescriptions: - - Storage class behavior is unspecified. - - Use the destination bucket's default storage class. - - >- - Preserve the object's original storage class. This is only - supported for transfers from Google Cloud Storage buckets. - REGIONAL and MULTI_REGIONAL storage classes will be mapped to - STANDARD to ensure they can be written to the destination bucket. - - Set the storage class to STANDARD. - - Set the storage class to NEARLINE. - - Set the storage class to COLDLINE. - - Set the storage class to ARCHIVE. - enum: - - STORAGE_CLASS_UNSPECIFIED - - STORAGE_CLASS_DESTINATION_BUCKET_DEFAULT - - STORAGE_CLASS_PRESERVE - - STORAGE_CLASS_STANDARD - - STORAGE_CLASS_NEARLINE - - STORAGE_CLASS_COLDLINE - - STORAGE_CLASS_ARCHIVE - temporaryHold: - description: >- - Specifies how each object's temporary hold status should be - preserved for transfers between Google Cloud Storage buckets. If - unspecified, the default behavior is the same as - TEMPORARY_HOLD_PRESERVE. - type: string - enumDescriptions: - - Temporary hold behavior is unspecified. - - Do not set a temporary hold on the destination object. - - Preserve the object's original temporary hold status. - enum: - - TEMPORARY_HOLD_UNSPECIFIED - - TEMPORARY_HOLD_SKIP - - TEMPORARY_HOLD_PRESERVE - kmsKey: - description: >- - Specifies how each object's Cloud KMS customer-managed encryption - key (CMEK) is preserved for transfers between Google Cloud Storage - buckets. If unspecified, the default behavior is the same as - KMS_KEY_DESTINATION_BUCKET_DEFAULT. - type: string - enumDescriptions: - - KmsKey behavior is unspecified. - - Use the destination bucket's default encryption settings. - - >- - Preserve the object's original Cloud KMS customer-managed - encryption key (CMEK) if present. Objects that do not use a Cloud - KMS encryption key will be encrypted using the destination - bucket's encryption settings. - enum: - - KMS_KEY_UNSPECIFIED - - KMS_KEY_DESTINATION_BUCKET_DEFAULT - - KMS_KEY_PRESERVE - timeCreated: + path: description: >- - Specifies how each object's `timeCreated` metadata is preserved for - transfers. If unspecified, the default behavior is the same as - TIME_CREATED_SKIP. This behavior is supported for transfers to Cloud - Storage buckets from Cloud Storage, Amazon S3, S3-compatible - storage, and Azure sources. + Root path to transfer objects. Must be an empty string or full path + name that ends with a '/'. This field is treated as an object + prefix. As such, it should generally not begin with a '/'. type: string - enumDescriptions: - - TimeCreated behavior is unspecified. - - Do not preserve the `timeCreated` metadata from the source object. - - >- - Preserves the source object's `timeCreated` or `lastModified` - metadata in the `customTime` field in the destination object. Note - that any value stored in the source object's `customTime` field - will not be propagated to the destination object. - enum: - - TIME_CREATED_UNSPECIFIED - - TIME_CREATED_SKIP - - TIME_CREATED_PRESERVE_AS_CUSTOM_TIME - TransferManifest: - id: TransferManifest - description: Specifies where the manifest is located. - type: object - properties: - location: + bucketName: description: >- - Specifies the path to the manifest in Cloud Storage. The - Google-managed service account for the transfer must have - `storage.objects.get` permission for this object. An example path is - `gs://bucket_name/path/manifest.csv`. + Required. S3 Bucket name (see [Creating a + bucket](https://docs.aws.amazon.com/AmazonS3/latest/dev/create-bucket-get-location-example.html)). type: string - ReplicationSpec: - id: ReplicationSpec - description: >- - Specifies the configuration for a cross-bucket replication job. - Cross-bucket replication copies new or updated objects from a source - Cloud Storage bucket to a destination Cloud Storage bucket. Existing - objects in the source bucket are not copied by a new cross-bucket - replication job. type: object - properties: - gcsDataSource: - description: The Cloud Storage bucket from which to replicate objects. - $ref: '#/components/schemas/GcsData' - gcsDataSink: - description: The Cloud Storage bucket to which to replicate objects. - $ref: '#/components/schemas/GcsData' - objectConditions: - description: >- - Object conditions that determine which objects are transferred. For - replication jobs, only `include_prefixes` and `exclude_prefixes` are - supported. - $ref: '#/components/schemas/ObjectConditions' - transferOptions: - description: >- - Specifies the metadata options to be applied during replication. - Delete options are not supported. If a delete option is specified, - the request fails with an INVALID_ARGUMENT error. - $ref: '#/components/schemas/TransferOptions' + id: AwsS3Data NotificationConfig: - id: NotificationConfig + type: object description: >- Specification to configure notifications published to Pub/Sub. Notifications are published to the customer-provided topic using the @@ -1067,35 +1163,17 @@ components: `"transferOperationName"`: the name of the `TransferOperation` The `PubsubMessage.data` contains a TransferOperation resource formatted according to the specified `PayloadFormat`. - type: object + id: NotificationConfig properties: pubsubTopic: + type: string description: >- Required. The `Topic.name` of the Pub/Sub topic to which to publish notifications. Must be of the format: `projects/{project}/topics/{topic}`. Not matching this format results in an INVALID_ARGUMENT error. - type: string - eventTypes: - description: >- - Event types for which a notification is desired. If empty, send - notifications for all event types. - type: array - items: - type: string - enumDescriptions: - - Illegal value, to avoid allowing a default. - - '`TransferOperation` completed with status SUCCESS.' - - '`TransferOperation` completed with status FAILED.' - - '`TransferOperation` completed with status ABORTED.' - enum: - - EVENT_TYPE_UNSPECIFIED - - TRANSFER_OPERATION_SUCCESS - - TRANSFER_OPERATION_FAILED - - TRANSFER_OPERATION_ABORTED payloadFormat: description: Required. The desired format of the notification message payloads. - type: string enumDescriptions: - Illegal value, to avoid allowing a default. - No payload is included with the notification. @@ -1107,729 +1185,651 @@ components: - PAYLOAD_FORMAT_UNSPECIFIED - NONE - JSON - LoggingConfig: - id: LoggingConfig - description: >- - Specifies the logging behavior for transfer operations. Logs can be sent - to Cloud Logging for all transfer types. See [Read transfer - logs](https://cloud.google.com/storage-transfer/docs/read-transfer-logs) - for details. - type: object - properties: - logActions: - description: Specifies the actions to be logged. If empty, no logs are generated. + type: string + eventTypes: type: array items: type: string - enumDescriptions: - - Default value. This value is unused. - - Listing objects in a bucket. - - Deleting objects at the source or the destination. - - Copying objects to the destination. enum: - - LOGGABLE_ACTION_UNSPECIFIED - - FIND - - DELETE - - COPY - logActionStates: - description: >- - States in which `log_actions` are logged. If empty, no logs are - generated. - type: array - items: - type: string + - EVENT_TYPE_UNSPECIFIED + - TRANSFER_OPERATION_SUCCESS + - TRANSFER_OPERATION_FAILED + - TRANSFER_OPERATION_ABORTED enumDescriptions: - - Default value. This value is unused. - - >- - `LoggableAction` completed successfully. `SUCCEEDED` actions are - logged as INFO. - - >- - `LoggableAction` terminated in an error state. `FAILED` actions - are logged as ERROR. - - >- - The `COPY` action was skipped for this file. Only supported for - agent-based transfers. `SKIPPED` actions are logged as INFO. - enum: - - LOGGABLE_ACTION_STATE_UNSPECIFIED - - SUCCEEDED - - FAILED - - SKIPPED - enableOnpremGcsTransferLogs: + - Illegal value, to avoid allowing a default. + - '`TransferOperation` completed with status SUCCESS.' + - '`TransferOperation` completed with status FAILED.' + - '`TransferOperation` completed with status ABORTED.' description: >- - For PosixFilesystem transfers, enables [file system transfer - logs](https://cloud.google.com/storage-transfer/docs/on-prem-transfer-log-format) - instead of, or in addition to, Cloud Logging. This option ignores - [LoggableAction] and [LoggableActionState]. If these are set, Cloud - Logging will also be enabled for this transfer. - type: boolean - Schedule: - id: Schedule - description: Transfers can be scheduled to recur or to run just once. + Event types for which a notification is desired. If empty, send + notifications for all event types. + ErrorSummary: type: object + id: ErrorSummary + description: >- + A summary of errors by error code, plus a count and sample error log + entries. properties: - scheduleStartDate: - description: >- - Required. The start date of a transfer. Date boundaries are - determined relative to UTC time. If `schedule_start_date` and - start_time_of_day are in the past relative to the job's creation - time, the transfer starts the day after you schedule the transfer - request. **Note:** When starting jobs at or near midnight UTC it is - possible that a job starts later than expected. For example, if you - send an outbound request on June 1 one millisecond prior to midnight - UTC and the Storage Transfer Service server receives the request on - June 2, then it creates a TransferJob with `schedule_start_date` set - to June 2 and a `start_time_of_day` set to midnight UTC. The first - scheduled TransferOperation takes place on June 3 at midnight UTC. - $ref: '#/components/schemas/Date' - scheduleEndDate: - description: >- - The last day a transfer runs. Date boundaries are determined - relative to UTC time. A job runs once per 24 hours within the - following guidelines: * If `schedule_end_date` and - schedule_start_date are the same and in the future relative to UTC, - the transfer is executed only one time. * If `schedule_end_date` is - later than `schedule_start_date` and `schedule_end_date` is in the - future relative to UTC, the job runs each day at start_time_of_day - through `schedule_end_date`. - $ref: '#/components/schemas/Date' - startTimeOfDay: - description: >- - The time in UTC that a transfer job is scheduled to run. Transfers - may start later than this time. If `start_time_of_day` is not - specified: * One-time transfers run immediately. * Recurring - transfers run immediately, and each day at midnight UTC, through - schedule_end_date. If `start_time_of_day` is specified: * One-time - transfers run at the specified time. * Recurring transfers run at - the specified time each day, through `schedule_end_date`. - $ref: '#/components/schemas/TimeOfDay' - endTimeOfDay: - description: >- - The time in UTC that no further transfer operations are scheduled. - Combined with schedule_end_date, `end_time_of_day` specifies the end - date and time for starting new transfer operations. This field must - be greater than or equal to the timestamp corresponding to the - combination of schedule_start_date and start_time_of_day, and is - subject to the following: * If `end_time_of_day` is not set and - `schedule_end_date` is set, then a default value of `23:59:59` is - used for `end_time_of_day`. * If `end_time_of_day` is set and - `schedule_end_date` is not set, then INVALID_ARGUMENT is returned. - $ref: '#/components/schemas/TimeOfDay' - repeatInterval: - description: >- - Interval between the start of each scheduled TransferOperation. If - unspecified, the default value is 24 hours. This value may not be - less than 1 hour. + errorCode: + description: Required. + enumDescriptions: + - 'Not an error; returned on success. HTTP Mapping: 200 OK' + - >- + The operation was cancelled, typically by the caller. HTTP + Mapping: 499 Client Closed Request + - >- + Unknown error. For example, this error may be returned when a + `Status` value received from another address space belongs to an + error space that is not known in this address space. Also errors + raised by APIs that do not return enough error information may be + converted to this error. HTTP Mapping: 500 Internal Server Error + - >- + The client specified an invalid argument. Note that this differs + from `FAILED_PRECONDITION`. `INVALID_ARGUMENT` indicates arguments + that are problematic regardless of the state of the system (e.g., + a malformed file name). HTTP Mapping: 400 Bad Request + - >- + The deadline expired before the operation could complete. For + operations that change the state of the system, this error may be + returned even if the operation has completed successfully. For + example, a successful response from a server could have been + delayed long enough for the deadline to expire. HTTP Mapping: 504 + Gateway Timeout + - >- + Some requested entity (e.g., file or directory) was not found. + Note to server developers: if a request is denied for an entire + class of users, such as gradual feature rollout or undocumented + allowlist, `NOT_FOUND` may be used. If a request is denied for + some users within a class of users, such as user-based access + control, `PERMISSION_DENIED` must be used. HTTP Mapping: 404 Not + Found + - >- + The entity that a client attempted to create (e.g., file or + directory) already exists. HTTP Mapping: 409 Conflict + - >- + The caller does not have permission to execute the specified + operation. `PERMISSION_DENIED` must not be used for rejections + caused by exhausting some resource (use `RESOURCE_EXHAUSTED` + instead for those errors). `PERMISSION_DENIED` must not be used if + the caller can not be identified (use `UNAUTHENTICATED` instead + for those errors). This error code does not imply the request is + valid or the requested entity exists or satisfies other + pre-conditions. HTTP Mapping: 403 Forbidden + - >- + The request does not have valid authentication credentials for the + operation. HTTP Mapping: 401 Unauthorized + - >- + Some resource has been exhausted, perhaps a per-user quota, or + perhaps the entire file system is out of space. HTTP Mapping: 429 + Too Many Requests + - >- + The operation was rejected because the system is not in a state + required for the operation's execution. For example, the directory + to be deleted is non-empty, an rmdir operation is applied to a + non-directory, etc. Service implementors can use the following + guidelines to decide between `FAILED_PRECONDITION`, `ABORTED`, and + `UNAVAILABLE`: (a) Use `UNAVAILABLE` if the client can retry just + the failing call. (b) Use `ABORTED` if the client should retry at + a higher level. For example, when a client-specified test-and-set + fails, indicating the client should restart a read-modify-write + sequence. (c) Use `FAILED_PRECONDITION` if the client should not + retry until the system state has been explicitly fixed. For + example, if an "rmdir" fails because the directory is non-empty, + `FAILED_PRECONDITION` should be returned since the client should + not retry unless the files are deleted from the directory. HTTP + Mapping: 400 Bad Request + - >- + The operation was aborted, typically due to a concurrency issue + such as a sequencer check failure or transaction abort. See the + guidelines above for deciding between `FAILED_PRECONDITION`, + `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: 409 Conflict + - >- + The operation was attempted past the valid range. E.g., seeking or + reading past end-of-file. Unlike `INVALID_ARGUMENT`, this error + indicates a problem that may be fixed if the system state changes. + For example, a 32-bit file system will generate `INVALID_ARGUMENT` + if asked to read at an offset that is not in the range [0,2^32-1], + but it will generate `OUT_OF_RANGE` if asked to read from an + offset past the current file size. There is a fair bit of overlap + between `FAILED_PRECONDITION` and `OUT_OF_RANGE`. We recommend + using `OUT_OF_RANGE` (the more specific error) when it applies so + that callers who are iterating through a space can easily look for + an `OUT_OF_RANGE` error to detect when they are done. HTTP + Mapping: 400 Bad Request + - >- + The operation is not implemented or is not supported/enabled in + this service. HTTP Mapping: 501 Not Implemented + - >- + Internal errors. This means that some invariants expected by the + underlying system have been broken. This error code is reserved + for serious errors. HTTP Mapping: 500 Internal Server Error + - >- + The service is currently unavailable. This is most likely a + transient condition, which can be corrected by retrying with a + backoff. Note that it is not always safe to retry non-idempotent + operations. See the guidelines above for deciding between + `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: + 503 Service Unavailable + - >- + Unrecoverable data loss or corruption. HTTP Mapping: 500 Internal + Server Error type: string - format: google-duration - Date: - id: Date - description: >- - Represents a whole or partial calendar date, such as a birthday. The - time of day and time zone are either specified elsewhere or are - insignificant. The date is relative to the Gregorian Calendar. This can - represent one of the following: * A full date, with non-zero year, - month, and day values. * A month and day, with a zero year (for example, - an anniversary). * A year on its own, with a zero month and a zero day. - * A year and month, with a zero day (for example, a credit card - expiration date). Related types: * google.type.TimeOfDay * - google.type.DateTime * google.protobuf.Timestamp - type: object - properties: - year: - description: >- - Year of the date. Must be from 1 to 9999, or 0 to specify a date - without a year. - type: integer - format: int32 - month: - description: >- - Month of a year. Must be from 1 to 12, or 0 to specify a year - without a month and day. - type: integer - format: int32 - day: + enum: + - OK + - CANCELLED + - UNKNOWN + - INVALID_ARGUMENT + - DEADLINE_EXCEEDED + - NOT_FOUND + - ALREADY_EXISTS + - PERMISSION_DENIED + - UNAUTHENTICATED + - RESOURCE_EXHAUSTED + - FAILED_PRECONDITION + - ABORTED + - OUT_OF_RANGE + - UNIMPLEMENTED + - INTERNAL + - UNAVAILABLE + - DATA_LOSS + errorLogEntries: description: >- - Day of a month. Must be from 1 to 31 and valid for the year and - month, or 0 to specify a year by itself or a year and month where - the day isn't significant. - type: integer - format: int32 - TimeOfDay: - id: TimeOfDay - description: >- - Represents a time of day. The date and time zone are either not - significant or are specified elsewhere. An API may choose to allow leap - seconds. Related types are google.type.Date and - `google.protobuf.Timestamp`. + Error samples. At most 5 error log entries are recorded for a given + error code for a single transfer operation. + items: + $ref: '#/components/schemas/ErrorLogEntry' + type: array + errorCount: + format: int64 + type: string + description: Required. Count of this type of error. + MetadataOptions: + id: MetadataOptions + description: Specifies the metadata options for running a transfer. type: object properties: - hours: - description: >- - Hours of a day in 24 hour format. Must be greater than or equal to 0 - and typically must be less than or equal to 23. An API may choose to - allow the value "24:00:00" for scenarios like business closing time. - type: integer - format: int32 - minutes: - description: >- - Minutes of an hour. Must be greater than or equal to 0 and less than - or equal to 59. - type: integer - format: int32 - seconds: - description: >- - Seconds of a minute. Must be greater than or equal to 0 and - typically must be less than or equal to 59. An API may allow the - value 60 if it allows leap-seconds. - type: integer - format: int32 - nanos: + symlink: + type: string description: >- - Fractions of seconds, in nanoseconds. Must be greater than or equal - to 0 and less than or equal to 999,999,999. - type: integer - format: int32 - EventStream: - id: EventStream - description: >- - Specifies the Event-driven transfer options. Event-driven transfers - listen to an event stream to transfer updated files. - type: object - properties: - name: + Specifies how symlinks should be handled by the transfer. By + default, symlinks are not preserved. Only applicable to transfers + involving POSIX file systems, and ignored for other transfers. + enumDescriptions: + - Symlink behavior is unspecified. + - Do not preserve symlinks during a transfer job. + - Preserve symlinks during a transfer job. + enum: + - SYMLINK_UNSPECIFIED + - SYMLINK_SKIP + - SYMLINK_PRESERVE + mode: + enum: + - MODE_UNSPECIFIED + - MODE_SKIP + - MODE_PRESERVE description: >- - Required. Specifies a unique name of the resource such as AWS SQS - ARN in the form 'arn:aws:sqs:region:account_id:queue_name', or - Pub/Sub subscription resource name in the form - 'projects/{project}/subscriptions/{sub}'. + Specifies how each file's mode attribute should be handled by the + transfer. By default, mode is not preserved. Only applicable to + transfers involving POSIX file systems, and ignored for other + transfers. + enumDescriptions: + - Mode behavior is unspecified. + - Do not preserve mode during a transfer job. + - Preserve mode during a transfer job. + type: string + uid: + enumDescriptions: + - UID behavior is unspecified. + - Do not preserve UID during a transfer job. + - Preserve UID during a transfer job. + enum: + - UID_UNSPECIFIED + - UID_SKIP + - UID_NUMBER type: string - eventStreamStartTime: description: >- - Specifies the date and time that Storage Transfer Service starts - listening for events from this stream. If no start time is specified - or start time is in the past, Storage Transfer Service starts - listening immediately. + Specifies how each file's POSIX user ID (UID) attribute should be + handled by the transfer. By default, UID is not preserved. Only + applicable to transfers involving POSIX file systems, and ignored + for other transfers. + kmsKey: type: string - format: google-datetime - eventStreamExpirationTime: description: >- - Specifies the data and time at which Storage Transfer Service stops - listening for events from this stream. After this time, any - transfers in progress will complete, but no new transfers are - initiated. + Specifies how each object's Cloud KMS customer-managed encryption + key (CMEK) is preserved for transfers between Google Cloud Storage + buckets. If unspecified, the default behavior is the same as + KMS_KEY_DESTINATION_BUCKET_DEFAULT. + enum: + - KMS_KEY_UNSPECIFIED + - KMS_KEY_DESTINATION_BUCKET_DEFAULT + - KMS_KEY_PRESERVE + enumDescriptions: + - KmsKey behavior is unspecified. + - Use the destination bucket's default encryption settings. + - >- + Preserve the object's original Cloud KMS customer-managed + encryption key (CMEK) if present. Objects that do not use a Cloud + KMS encryption key will be encrypted using the destination + bucket's encryption settings. + timeCreated: type: string - format: google-datetime - UpdateTransferJobRequest: - id: UpdateTransferJobRequest - description: Request passed to UpdateTransferJob. - type: object - properties: - projectId: - description: Required. The ID of the Google Cloud project that owns the job. + enum: + - TIME_CREATED_UNSPECIFIED + - TIME_CREATED_SKIP + - TIME_CREATED_PRESERVE_AS_CUSTOM_TIME + enumDescriptions: + - TimeCreated behavior is unspecified. + - Do not preserve the `timeCreated` metadata from the source object. + - >- + Preserves the source object's `timeCreated` or `lastModified` + metadata in the `customTime` field in the destination object. Note + that any value stored in the source object's `customTime` field + will not be propagated to the destination object. + description: >- + Specifies how each object's `timeCreated` metadata is preserved for + transfers. If unspecified, the default behavior is the same as + TIME_CREATED_SKIP. This behavior is supported for transfers to Cloud + Storage buckets from Cloud Storage, Amazon S3, S3-compatible + storage, and Azure sources. + temporaryHold: + enumDescriptions: + - Temporary hold behavior is unspecified. + - Do not set a temporary hold on the destination object. + - Preserve the object's original temporary hold status. + enum: + - TEMPORARY_HOLD_UNSPECIFIED + - TEMPORARY_HOLD_SKIP + - TEMPORARY_HOLD_PRESERVE type: string - transferJob: description: >- - Required. The job to update. `transferJob` is expected to specify - one or more of five fields: description, transfer_spec, - notification_config, logging_config, and status. An - `UpdateTransferJobRequest` that specifies other fields are rejected - with the error INVALID_ARGUMENT. Updating a job status to DELETED - requires `storagetransfer.jobs.delete` permission. - $ref: '#/components/schemas/TransferJob' - updateTransferJobFieldMask: + Specifies how each object's temporary hold status should be + preserved for transfers between Google Cloud Storage buckets. If + unspecified, the default behavior is the same as + TEMPORARY_HOLD_PRESERVE. + gid: + enum: + - GID_UNSPECIFIED + - GID_SKIP + - GID_NUMBER description: >- - The field mask of the fields in `transferJob` that are to be updated - in this request. Fields in `transferJob` that can be updated are: - description, transfer_spec, notification_config, logging_config, and - status. To update the `transfer_spec` of the job, a complete - transfer specification must be provided. An incomplete specification - missing any required fields is rejected with the error - INVALID_ARGUMENT. - type: string - format: google-fieldmask - ListTransferJobsResponse: - id: ListTransferJobsResponse - description: Response from ListTransferJobs. - type: object - properties: - transferJobs: - description: A list of transfer jobs. - type: array - items: - $ref: '#/components/schemas/TransferJob' - nextPageToken: - description: The list next page token. + Specifies how each file's POSIX group ID (GID) attribute should be + handled by the transfer. By default, GID is not preserved. Only + applicable to transfers involving POSIX file systems, and ignored + for other transfers. type: string - PauseTransferOperationRequest: - id: PauseTransferOperationRequest - description: Request passed to PauseTransferOperation. - type: object - properties: {} - ResumeTransferOperationRequest: - id: ResumeTransferOperationRequest - description: Request passed to ResumeTransferOperation. - type: object - properties: {} - RunTransferJobRequest: - id: RunTransferJobRequest - description: Request passed to RunTransferJob. - type: object - properties: - projectId: + enumDescriptions: + - GID behavior is unspecified. + - Do not preserve GID during a transfer job. + - Preserve GID during a transfer job. + storageClass: description: >- - Required. The ID of the Google Cloud project that owns the transfer - job. + Specifies the storage class to set on objects being transferred to + Google Cloud Storage buckets. If unspecified, the default behavior + is the same as STORAGE_CLASS_DESTINATION_BUCKET_DEFAULT. type: string - AgentPool: - id: AgentPool - description: Represents an agent pool. - type: object + enumDescriptions: + - Storage class behavior is unspecified. + - Use the destination bucket's default storage class. + - >- + Preserve the object's original storage class. This is only + supported for transfers from Google Cloud Storage buckets. + REGIONAL and MULTI_REGIONAL storage classes will be mapped to + STANDARD to ensure they can be written to the destination bucket. + - Set the storage class to STANDARD. + - Set the storage class to NEARLINE. + - Set the storage class to COLDLINE. + - Set the storage class to ARCHIVE. + enum: + - STORAGE_CLASS_UNSPECIFIED + - STORAGE_CLASS_DESTINATION_BUCKET_DEFAULT + - STORAGE_CLASS_PRESERVE + - STORAGE_CLASS_STANDARD + - STORAGE_CLASS_NEARLINE + - STORAGE_CLASS_COLDLINE + - STORAGE_CLASS_ARCHIVE + acl: + enumDescriptions: + - ACL behavior is unspecified. + - Use the destination bucket's default object ACLS, if applicable. + - >- + Preserve the object's original ACLs. This requires the service + account to have `storage.objects.getIamPolicy` permission for the + source object. [Uniform bucket-level + access](https://cloud.google.com/storage/docs/uniform-bucket-level-access) + must not be enabled on either the source or destination buckets. + description: >- + Specifies how each object's ACLs should be preserved for transfers + between Google Cloud Storage buckets. If unspecified, the default + behavior is the same as ACL_DESTINATION_BUCKET_DEFAULT. + type: string + enum: + - ACL_UNSPECIFIED + - ACL_DESTINATION_BUCKET_DEFAULT + - ACL_PRESERVE + FederatedIdentityConfig: + description: >- + The identity of an Azure application through which Storage Transfer + Service can authenticate requests using Azure workload identity + federation. Storage Transfer Service can issue requests to Azure Storage + through registered Azure applications, eliminating the need to pass + credentials to Storage Transfer Service directly. To configure federated + identity, see [Configure access to Microsoft Azure + Storage](https://cloud.google.com/storage-transfer/docs/source-microsoft-azure#option_3_authenticate_using_federated_identity). properties: - name: + tenantId: description: >- - Required. Specifies a unique string that identifies the agent pool. - Format: `projects/{project_id}/agentPools/{agent_pool_id}` - type: string - displayName: - description: Specifies the client-specified AgentPool description. + Required. The tenant (directory) ID of the application with + federated credentials. type: string - state: - description: Output only. Specifies the state of the AgentPool. - readOnly: true + clientId: type: string - enumDescriptions: - - Default value. This value is unused. - - >- - This is an initialization state. During this stage, resources are - allocated for the AgentPool. - - >- - Determines that the AgentPool is created for use. At this state, - Agents can join the AgentPool and participate in the transfer jobs - in that pool. - - >- - Determines that the AgentPool deletion has been initiated, and all - the resources are scheduled to be cleaned up and freed. - enum: - - STATE_UNSPECIFIED - - CREATING - - CREATED - - DELETING - bandwidthLimit: description: >- - Specifies the bandwidth limit details. If this field is unspecified, - the default value is set as 'No Limit'. - $ref: '#/components/schemas/BandwidthLimit' - BandwidthLimit: - id: BandwidthLimit - description: Specifies a bandwidth limit for an agent pool. + Required. The client (application) ID of the application with + federated credentials. + type: object + id: FederatedIdentityConfig + ResumeTransferOperationRequest: + properties: {} + id: ResumeTransferOperationRequest + description: Request passed to ResumeTransferOperation. type: object + HttpData: + type: object + description: >- + An HttpData resource specifies a list of objects on the web to be + transferred over HTTP. The information of the objects to be transferred + is contained in a file referenced by a URL. The first line in the file + must be `"TsvHttpData-1.0"`, which specifies the format of the file. + Subsequent lines specify the information of the list of objects, one + object per list entry. Each entry has the following tab-delimited + fields: * **HTTP URL** — The location of the object. * **Length** — The + size of the object in bytes. * **MD5** — The base64-encoded MD5 hash of + the object. For an example of a valid TSV file, see [Transferring data + from + URLs](https://cloud.google.com/storage-transfer/docs/create-url-list). + When transferring data based on a URL list, keep the following in mind: + * When an object located at `http(s)://hostname:port/` is transferred to + a data sink, the name of the object at the data sink is `/`. * If the + specified size of an object does not match the actual size of the object + fetched, the object is not transferred. * If the specified MD5 does not + match the MD5 computed from the transferred bytes, the object transfer + fails. * Ensure that each URL you specify is publicly accessible. For + example, in Cloud Storage you can [share an object publicly] + (/storage/docs/cloud-console#_sharingdata) and get a link to it. * + Storage Transfer Service obeys `robots.txt` rules and requires the + source HTTP server to support `Range` requests and to return a + `Content-Length` header in each response. * ObjectConditions have no + effect when filtering objects to transfer. properties: - limitMbps: + listUrl: description: >- - Bandwidth rate in megabytes per second, distributed across all the - agents in the pool. + Required. The URL that points to the file that stores the object + list entries. This file must allow public access. The URL is either + an HTTP/HTTPS address (e.g. `https://example.com/urllist.tsv`) or a + Cloud Storage path (e.g. `gs://my-bucket/urllist.tsv`). type: string - format: int64 - ListAgentPoolsResponse: - id: ListAgentPoolsResponse - description: Response from ListAgentPools. - type: object + id: HttpData + ListTransferJobsResponse: properties: - agentPools: - description: A list of agent pools. + transferJobs: type: array items: - $ref: '#/components/schemas/AgentPool' + $ref: '#/components/schemas/TransferJob' + description: A list of transfer jobs. nextPageToken: description: The list next page token. type: string - TransferOperation: - id: TransferOperation - description: A description of the execution of a transfer. type: object - properties: - name: - description: A globally unique ID assigned by the system. - type: string - projectId: - description: The ID of the Google Cloud project that owns the operation. - type: string - transferSpec: - description: Transfer specification. - $ref: '#/components/schemas/TransferSpec' - notificationConfig: - description: Notification configuration. - $ref: '#/components/schemas/NotificationConfig' - loggingConfig: - description: Cloud Logging configuration. - $ref: '#/components/schemas/LoggingConfig' - startTime: - description: Start time of this transfer execution. - type: string - format: google-datetime - endTime: - description: End time of this transfer execution. - type: string - format: google-datetime - status: - description: Status of the transfer operation. - type: string - enumDescriptions: - - Zero is an illegal value. - - In progress. - - Paused. - - Completed successfully. - - Terminated due to an unrecoverable failure. - - Aborted by the user. - - Temporarily delayed by the system. No user action is required. - - >- - The operation is suspending and draining the ongoing work to - completion. - enum: - - STATUS_UNSPECIFIED - - IN_PROGRESS - - PAUSED - - SUCCESS - - FAILED - - ABORTED - - QUEUED - - SUSPENDING - counters: - description: Information about the progress of the transfer operation. - $ref: '#/components/schemas/TransferCounters' - errorBreakdowns: - description: Summarizes errors encountered with sample error log entries. - type: array - items: - $ref: '#/components/schemas/ErrorSummary' - transferJobName: - description: The name of the transfer job that triggers this transfer operation. - type: string - TransferCounters: - id: TransferCounters - description: >- - A collection of counters that report the progress of a transfer - operation. + description: Response from ListTransferJobs. + id: ListTransferJobsResponse + TransferJob: type: object + description: >- + This resource represents the configuration of a transfer job that runs + periodically. properties: - objectsFoundFromSource: - description: >- - Objects found in the data source that are scheduled to be - transferred, excluding any that are filtered based on object - conditions or skipped due to sync. - type: string - format: int64 - bytesFoundFromSource: - description: >- - Bytes found in the data source that are scheduled to be transferred, - excluding any that are filtered based on object conditions or - skipped due to sync. - type: string - format: int64 - objectsFoundOnlyFromSink: - description: >- - Objects found only in the data sink that are scheduled to be - deleted. - type: string - format: int64 - bytesFoundOnlyFromSink: - description: Bytes found only in the data sink that are scheduled to be deleted. - type: string - format: int64 - objectsFromSourceSkippedBySync: - description: >- - Objects in the data source that are not transferred because they - already exist in the data sink. - type: string - format: int64 - bytesFromSourceSkippedBySync: + name: description: >- - Bytes in the data source that are not transferred because they - already exist in the data sink. - type: string - format: int64 - objectsCopiedToSink: - description: Objects that are copied to the data sink. - type: string - format: int64 - bytesCopiedToSink: - description: Bytes that are copied to the data sink. - type: string - format: int64 - objectsDeletedFromSource: - description: Objects that are deleted from the data source. - type: string - format: int64 - bytesDeletedFromSource: - description: Bytes that are deleted from the data source. - type: string - format: int64 - objectsDeletedFromSink: - description: Objects that are deleted from the data sink. + A unique name (within the transfer project) assigned when the job is + created. If this field is empty in a CreateTransferJobRequest, + Storage Transfer Service assigns a unique name. Otherwise, the + specified name is used as the unique name for this job. If the + specified name is in use by a job, the creation request fails with + an ALREADY_EXISTS error. This name must start with `"transferJobs/"` + prefix and end with a letter or a number, and should be no more than + 128 characters. For transfers involving PosixFilesystem, this name + must start with `transferJobs/OPI` specifically. For all other + transfer types, this name must not start with `transferJobs/OPI`. + Non-PosixFilesystem example: + `"transferJobs/^(?!OPI)[A-Za-z0-9-._~]*[A-Za-z0-9]$"` + PosixFilesystem example: + `"transferJobs/OPI^[A-Za-z0-9-._~]*[A-Za-z0-9]$"` Applications must + not rely on the enforcement of naming requirements involving OPI. + Invalid job names fail with an INVALID_ARGUMENT error. type: string - format: int64 - bytesDeletedFromSink: - description: Bytes that are deleted from the data sink. + lastModificationTime: + readOnly: true + description: Output only. The time that the transfer job was last modified. type: string - format: int64 - objectsFromSourceFailed: - description: >- - Objects in the data source that failed to be transferred or that - failed to be deleted after being transferred. + format: google-datetime + replicationSpec: + description: Replication specification. + $ref: '#/components/schemas/ReplicationSpec' + status: type: string - format: int64 - bytesFromSourceFailed: description: >- - Bytes in the data source that failed to be transferred or that - failed to be deleted after being transferred. - type: string - format: int64 - objectsFailedToDeleteFromSink: - description: Objects that failed to be deleted from the data sink. + Status of the job. This value MUST be specified for + `CreateTransferJobRequests`. **Note:** The effect of the new job + status takes place during a subsequent job run. For example, if you + change the job status from ENABLED to DISABLED, and an operation + spawned by the transfer is running, the status change would not + affect the current operation. + enum: + - STATUS_UNSPECIFIED + - ENABLED + - DISABLED + - DELETED + enumDescriptions: + - Zero is an illegal value. + - New transfers are performed based on the schedule. + - New transfers are not scheduled. + - >- + This is a soft delete state. After a transfer job is set to this + state, the job and all the transfer executions are subject to + garbage collection. Transfer jobs become eligible for garbage + collection 30 days after their status is set to `DELETED`. + creationTime: type: string - format: int64 - bytesFailedToDeleteFromSink: - description: Bytes that failed to be deleted from the data sink. + description: Output only. The time that the transfer job was created. + format: google-datetime + readOnly: true + description: type: string - format: int64 - directoriesFoundFromSource: description: >- - For transfers involving PosixFilesystem only. Number of directories - found while listing. For example, if the root directory of the - transfer is `base/` and there are two other directories, `a/` and - `b/` under this directory, the count after listing `base/`, - `base/a/` and `base/b/` is 3. - type: string - format: int64 - directoriesFailedToListFromSource: + A description provided by the user for the job. Its max length is + 1024 bytes when Unicode-encoded. + notificationConfig: + $ref: '#/components/schemas/NotificationConfig' + description: Notification configuration. + transferSpec: + $ref: '#/components/schemas/TransferSpec' + description: Transfer specification. + latestOperationName: description: >- - For transfers involving PosixFilesystem only. Number of listing - failures for each directory found at the source. Potential failures - when listing a directory include permission failure or block - failure. If listing a directory fails, no files in the directory are - transferred. + The name of the most recently started TransferOperation of this + JobConfig. Present if a TransferOperation has been created for this + JobConfig. type: string - format: int64 - directoriesSuccessfullyListedFromSource: + schedule: description: >- - For transfers involving PosixFilesystem only. Number of successful - listings for each directory found at the source. - type: string - format: int64 - intermediateObjectsCleanedUp: - description: Number of successfully cleaned up intermediate objects. - type: string - format: int64 - intermediateObjectsFailedCleanedUp: - description: Number of intermediate objects failed cleaned up. + Specifies schedule for the transfer job. This is an optional field. + When the field is not set, the job never executes a transfer, unless + you invoke RunTransferJob or update the job to have a non-empty + schedule. + $ref: '#/components/schemas/Schedule' + eventStream: + $ref: '#/components/schemas/EventStream' + description: >- + Specifies the event stream for the transfer job for event-driven + transfers. When EventStream is specified, the Schedule fields are + ignored. + projectId: type: string - format: int64 - ErrorSummary: - id: ErrorSummary - description: >- - A summary of errors by error code, plus a count and sample error log - entries. - type: object - properties: - errorCode: - description: Required. + description: The ID of the Google Cloud project that owns the job. + serviceAccount: + description: >- + Optional. The user-managed service account to which to delegate + service agent permissions. You can grant Cloud Storage bucket + permissions to this service account instead of to the Transfer + Service service agent. Either the service account email + (`SERVICE_ACCOUNT_NAME@PROJECT_ID.iam.gserviceaccount.com`) or the + unique ID (`123456789012345678901`) are accepted. See + https://docs.cloud.google.com/storage-transfer/docs/delegate-service-agent-permissions + for required permissions. type: string - enumDescriptions: - - 'Not an error; returned on success. HTTP Mapping: 200 OK' - - >- - The operation was cancelled, typically by the caller. HTTP - Mapping: 499 Client Closed Request - - >- - Unknown error. For example, this error may be returned when a - `Status` value received from another address space belongs to an - error space that is not known in this address space. Also errors - raised by APIs that do not return enough error information may be - converted to this error. HTTP Mapping: 500 Internal Server Error - - >- - The client specified an invalid argument. Note that this differs - from `FAILED_PRECONDITION`. `INVALID_ARGUMENT` indicates arguments - that are problematic regardless of the state of the system (e.g., - a malformed file name). HTTP Mapping: 400 Bad Request - - >- - The deadline expired before the operation could complete. For - operations that change the state of the system, this error may be - returned even if the operation has completed successfully. For - example, a successful response from a server could have been - delayed long enough for the deadline to expire. HTTP Mapping: 504 - Gateway Timeout - - >- - Some requested entity (e.g., file or directory) was not found. - Note to server developers: if a request is denied for an entire - class of users, such as gradual feature rollout or undocumented - allowlist, `NOT_FOUND` may be used. If a request is denied for - some users within a class of users, such as user-based access - control, `PERMISSION_DENIED` must be used. HTTP Mapping: 404 Not - Found - - >- - The entity that a client attempted to create (e.g., file or - directory) already exists. HTTP Mapping: 409 Conflict - - >- - The caller does not have permission to execute the specified - operation. `PERMISSION_DENIED` must not be used for rejections - caused by exhausting some resource (use `RESOURCE_EXHAUSTED` - instead for those errors). `PERMISSION_DENIED` must not be used if - the caller can not be identified (use `UNAUTHENTICATED` instead - for those errors). This error code does not imply the request is - valid or the requested entity exists or satisfies other - pre-conditions. HTTP Mapping: 403 Forbidden - - >- - The request does not have valid authentication credentials for the - operation. HTTP Mapping: 401 Unauthorized - - >- - Some resource has been exhausted, perhaps a per-user quota, or - perhaps the entire file system is out of space. HTTP Mapping: 429 - Too Many Requests - - >- - The operation was rejected because the system is not in a state - required for the operation's execution. For example, the directory - to be deleted is non-empty, an rmdir operation is applied to a - non-directory, etc. Service implementors can use the following - guidelines to decide between `FAILED_PRECONDITION`, `ABORTED`, and - `UNAVAILABLE`: (a) Use `UNAVAILABLE` if the client can retry just - the failing call. (b) Use `ABORTED` if the client should retry at - a higher level. For example, when a client-specified test-and-set - fails, indicating the client should restart a read-modify-write - sequence. (c) Use `FAILED_PRECONDITION` if the client should not - retry until the system state has been explicitly fixed. For - example, if an "rmdir" fails because the directory is non-empty, - `FAILED_PRECONDITION` should be returned since the client should - not retry unless the files are deleted from the directory. HTTP - Mapping: 400 Bad Request - - >- - The operation was aborted, typically due to a concurrency issue - such as a sequencer check failure or transaction abort. See the - guidelines above for deciding between `FAILED_PRECONDITION`, - `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: 409 Conflict - - >- - The operation was attempted past the valid range. E.g., seeking or - reading past end-of-file. Unlike `INVALID_ARGUMENT`, this error - indicates a problem that may be fixed if the system state changes. - For example, a 32-bit file system will generate `INVALID_ARGUMENT` - if asked to read at an offset that is not in the range [0,2^32-1], - but it will generate `OUT_OF_RANGE` if asked to read from an - offset past the current file size. There is a fair bit of overlap - between `FAILED_PRECONDITION` and `OUT_OF_RANGE`. We recommend - using `OUT_OF_RANGE` (the more specific error) when it applies so - that callers who are iterating through a space can easily look for - an `OUT_OF_RANGE` error to detect when they are done. HTTP - Mapping: 400 Bad Request - - >- - The operation is not implemented or is not supported/enabled in - this service. HTTP Mapping: 501 Not Implemented - - >- - Internal errors. This means that some invariants expected by the - underlying system have been broken. This error code is reserved - for serious errors. HTTP Mapping: 500 Internal Server Error - - >- - The service is currently unavailable. This is most likely a - transient condition, which can be corrected by retrying with a - backoff. Note that it is not always safe to retry non-idempotent - operations. See the guidelines above for deciding between - `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: - 503 Service Unavailable - - >- - Unrecoverable data loss or corruption. HTTP Mapping: 500 Internal - Server Error - enum: - - OK - - CANCELLED - - UNKNOWN - - INVALID_ARGUMENT - - DEADLINE_EXCEEDED - - NOT_FOUND - - ALREADY_EXISTS - - PERMISSION_DENIED - - UNAUTHENTICATED - - RESOURCE_EXHAUSTED - - FAILED_PRECONDITION - - ABORTED - - OUT_OF_RANGE - - UNIMPLEMENTED - - INTERNAL - - UNAVAILABLE - - DATA_LOSS - errorCount: - description: Required. Count of this type of error. + deletionTime: + readOnly: true + format: google-datetime type: string - format: int64 - errorLogEntries: - description: >- - Error samples. At most 5 error log entries are recorded for a given - error code for a single transfer operation. - type: array - items: - $ref: '#/components/schemas/ErrorLogEntry' - ErrorLogEntry: - id: ErrorLogEntry - description: An entry describing an error that has occurred. + description: Output only. The time that the transfer job was deleted. + loggingConfig: + description: Logging configuration. + $ref: '#/components/schemas/LoggingConfig' + id: TransferJob + Schedule: type: object properties: - url: + repeatInterval: + format: google-duration + type: string description: >- - Output only. A URL that refers to the target (a data source, a data - sink, or an object) with which the error is associated. - readOnly: true + Interval between the start of each scheduled TransferOperation. If + unspecified, the default value is 24 hours. This value may not be + less than 1 hour. + endTimeOfDay: + description: >- + The time in UTC that no further transfer operations are scheduled. + Combined with schedule_end_date, `end_time_of_day` specifies the end + date and time for starting new transfer operations. This field must + be greater than or equal to the timestamp corresponding to the + combination of schedule_start_date and start_time_of_day, and is + subject to the following: * If `end_time_of_day` is not set and + `schedule_end_date` is set, then a default value of `23:59:59` is + used for `end_time_of_day`. * If `end_time_of_day` is set and + `schedule_end_date` is not set, then INVALID_ARGUMENT is returned. + $ref: '#/components/schemas/TimeOfDay' + scheduleStartDate: + $ref: '#/components/schemas/Date' + description: >- + Required. The start date of a transfer. Date boundaries are + determined relative to UTC time. If `schedule_start_date` and + start_time_of_day are in the past relative to the job's creation + time, the transfer starts the day after you schedule the transfer + request. **Note:** When starting jobs at or near midnight UTC it is + possible that a job starts later than expected. For example, if you + send an outbound request on June 1 one millisecond prior to midnight + UTC and the Storage Transfer Service server receives the request on + June 2, then it creates a TransferJob with `schedule_start_date` set + to June 2 and a `start_time_of_day` set to midnight UTC. The first + scheduled TransferOperation takes place on June 3 at midnight UTC. + scheduleEndDate: + $ref: '#/components/schemas/Date' + description: >- + The last day a transfer runs. Date boundaries are determined + relative to UTC time. A job runs once per 24 hours within the + following guidelines: * If `schedule_end_date` and + schedule_start_date are the same and in the future relative to UTC, + the transfer is executed only one time. * If `schedule_end_date` is + later than `schedule_start_date` and `schedule_end_date` is in the + future relative to UTC, the job runs each day at start_time_of_day + through `schedule_end_date`. + startTimeOfDay: + description: >- + The time in UTC that a transfer job is scheduled to run. Transfers + may start later than this time. If `start_time_of_day` is not + specified: * One-time transfers run immediately. * Recurring + transfers run immediately, and each day at midnight UTC, through + schedule_end_date. If `start_time_of_day` is specified: * One-time + transfers run at the specified time. * Recurring transfers run at + the specified time each day, through `schedule_end_date`. + $ref: '#/components/schemas/TimeOfDay' + id: Schedule + description: Transfers can be scheduled to recur or to run just once. + HdfsData: + id: HdfsData + description: >- + An HdfsData resource specifies a path within an HDFS entity (e.g. a + cluster). All cluster-specific settings, such as namenodes and ports, + are configured on the transfer agents servicing requests, so HdfsData + only contains the root path to the data in our transfer. + properties: + path: type: string - errorDetails: - description: Optional. A list of messages that carry the error details. - type: array - items: - type: string + description: Root path to transfer files. + type: object + TimeOfDay: + id: TimeOfDay + type: object + description: >- + Represents a time of day. The date and time zone are either not + significant or are specified elsewhere. An API may choose to allow leap + seconds. Related types are google.type.Date and + `google.protobuf.Timestamp`. + properties: + nanos: + description: >- + Fractions of seconds, in nanoseconds. Must be greater than or equal + to 0 and less than or equal to 999,999,999. + format: int32 + type: integer + minutes: + description: >- + Minutes of an hour. Must be greater than or equal to 0 and less than + or equal to 59. + type: integer + format: int32 + hours: + type: integer + format: int32 + description: >- + Hours of a day in 24 hour format. Must be greater than or equal to 0 + and typically must be less than or equal to 23. An API may choose to + allow the value "24:00:00" for scenarios like business closing time. + seconds: + description: >- + Seconds of a minute. Must be greater than or equal to 0 and + typically must be less than or equal to 59. An API may allow the + value 60 if it allows leap-seconds. + type: integer + format: int32 parameters: + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean access_token: description: OAuth access token. in: query name: access_token schema: type: string - alt: - description: Data format for response. + _.xgafv: + description: V1 error format. in: query - name: alt + name: $.xgafv schema: type: string enum: - - json - - media - - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string + - '1' + - '2' oauth_token: description: OAuth 2.0 token for the current user. in: query name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -1839,127 +1839,83 @@ components: name: quotaUser schema: type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string + alt: + description: Data format for response. + in: query + name: alt + schema: + type: string + enum: + - json + - media + - proto upload_protocol: description: Upload protocol for media (e.g. "raw", "multipart"). in: query name: upload_protocol schema: type: string + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string uploadType: description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query name: uploadType schema: type: string - _.xgafv: - description: V1 error format. + callback: + description: JSONP in: query - name: $.xgafv + name: callback schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: - transfer_operations: - id: google.storagetransfer.transfer_operations - name: transfer_operations - title: Transfer_operations - methods: - list: - operation: - $ref: '#/paths/~1v1~1transferOperations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - get: - operation: - $ref: '#/paths/~1v1~1transferOperations~1{transferOperationsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - cancel: - operation: - $ref: >- - #/paths/~1v1~1transferOperations~1{transferOperationsId}:cancel/post - response: - mediaType: application/json - openAPIDocKey: '200' - pause: - operation: - $ref: >- - #/paths/~1v1~1transferOperations~1{transferOperationsId}:pause/post - response: - mediaType: application/json - openAPIDocKey: '200' - resume: - operation: - $ref: >- - #/paths/~1v1~1transferOperations~1{transferOperationsId}:resume/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/transfer_operations/methods/get' - - $ref: '#/components/x-stackQL-resources/transfer_operations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - google_service_accounts: - id: google.storagetransfer.google_service_accounts - name: google_service_accounts - title: Google_service_accounts - methods: - get: - operation: - $ref: '#/paths/~1v1~1googleServiceAccounts~1{projectId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/google_service_accounts/methods/get - insert: [] - update: [] - replace: [] - delete: [] transfer_jobs: id: google.storagetransfer.transfer_jobs name: transfer_jobs title: Transfer_jobs methods: - create: + delete: operation: - $ref: '#/paths/~1v1~1transferJobs/post' + $ref: '#/paths/~1v1~1transferJobs~1{transferJobsId}/delete' response: mediaType: application/json openAPIDocKey: '200' - list: + get: operation: - $ref: '#/paths/~1v1~1transferJobs/get' + $ref: '#/paths/~1v1~1transferJobs~1{transferJobsId}/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.transferJobs patch: operation: $ref: '#/paths/~1v1~1transferJobs~1{transferJobsId}/patch' response: mediaType: application/json openAPIDocKey: '200' - get: + list: operation: - $ref: '#/paths/~1v1~1transferJobs~1{transferJobsId}/get' + $ref: '#/paths/~1v1~1transferJobs/get' response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.transferJobs + create: operation: - $ref: '#/paths/~1v1~1transferJobs~1{transferJobsId}/delete' + $ref: '#/paths/~1v1~1transferJobs/post' response: mediaType: application/json openAPIDocKey: '200' @@ -1980,24 +1936,58 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/transfer_jobs/methods/delete' - agent_pools: - id: google.storagetransfer.agent_pools - name: agent_pools - title: Agent_pools + transfer_operations: + id: google.storagetransfer.transfer_operations + name: transfer_operations + title: Transfer_operations methods: - create: + resume: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1agentPools/post' + $ref: >- + #/paths/~1v1~1transferOperations~1{transferOperationsId}:resume/post + response: + mediaType: application/json + openAPIDocKey: '200' + pause: + operation: + $ref: >- + #/paths/~1v1~1transferOperations~1{transferOperationsId}:pause/post + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: '#/paths/~1v1~1transferOperations~1{transferOperationsId}/get' response: mediaType: application/json openAPIDocKey: '200' list: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1agentPools/get' + $ref: '#/paths/~1v1~1transferOperations/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.agentPools + objectKey: $.unreachable + cancel: + operation: + $ref: >- + #/paths/~1v1~1transferOperations~1{transferOperationsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/transfer_operations/methods/get' + - $ref: '#/components/x-stackQL-resources/transfer_operations/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + agent_pools: + id: google.storagetransfer.agent_pools + name: agent_pools + title: Agent_pools + methods: patch: operation: $ref: >- @@ -2019,6 +2009,19 @@ components: response: mediaType: application/json openAPIDocKey: '200' + create: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1agentPools/post' + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1agentPools/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.agentPools sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/agent_pools/methods/get' @@ -2030,25 +2033,44 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/agent_pools/methods/delete' + google_service_accounts: + id: google.storagetransfer.google_service_accounts + name: google_service_accounts + title: Google_service_accounts + methods: + get: + operation: + $ref: '#/paths/~1v1~1googleServiceAccounts~1{projectId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/google_service_accounts/methods/get + insert: [] + update: [] + replace: [] + delete: [] paths: - /v1/transferOperations: + /v1/transferJobs/{transferJobsId}: parameters: &ref_1 + - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - get: + - $ref: '#/components/parameters/callback' + delete: description: >- - Lists transfer operations. Operations are ordered by their creation time - in reverse chronological order. - operationId: storagetransfer.transferOperations.list + Deletes a transfer job. Deleting a transfer job sets its status to + DELETED. + operationId: storagetransfer.transferJobs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2060,30 +2082,56 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Empty' parameters: - - in: query - name: filter + - in: path + name: transferJobsId required: true schema: type: string - in: query - name: pageSize + name: projectId + required: true schema: - type: integer - format: int32 + type: string + get: + description: Gets a transfer job. + operationId: storagetransfer.transferJobs.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/TransferJob' + parameters: + - in: path + name: transferJobsId + required: true + schema: + type: string - in: query - name: pageToken + name: projectId + required: true schema: type: string - /v1/transferOperations/{transferOperationsId}: - parameters: *ref_1 - get: + patch: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: storagetransfer.transferOperations.get + Updates a transfer job. Updating a job's transfer spec does not affect + transfer operations that are running already. **Note:** The job's status + field can be modified using this RPC (for example, to set a job's status + to DELETED, DISABLED, or ENABLED). + operationId: storagetransfer.transferJobs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UpdateTransferJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2095,41 +2143,79 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TransferJob' parameters: - in: path - name: transferOperationsId + name: transferJobsId required: true schema: type: string - /v1/transferOperations/{transferOperationsId}:cancel: + /v1/transferJobs: + parameters: *ref_1 + get: + description: Lists transfer jobs. + operationId: storagetransfer.transferJobs.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListTransferJobsResponse' + parameters: + - in: query + name: filter + required: true + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: Creates a transfer job that runs periodically. + operationId: storagetransfer.transferJobs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TransferJob' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/TransferJob' + parameters: [] + /v1/transferJobs/{transferJobsId}:run: parameters: *ref_1 post: description: >- - Cancels a transfer. Use the transferOperations.get method to check if - the cancellation succeeded or if the operation completed despite the - `cancel` request. When you cancel an operation, the currently running - transfer is interrupted. For recurring transfer jobs, the next instance - of the transfer job will still run. For example, if your job is - configured to run every day at 1pm and you cancel Monday's operation at - 1:05pm, Monday's transfer will stop. However, a transfer job will still - be attempted on Tuesday. This applies only to currently running - operations. If an operation is not currently running, `cancel` does - nothing. *Caution:* Canceling a transfer job can leave your data in an - unknown state. We recommend that you restore the state at both the - destination and the source after the `cancel` request completes so that - your data is in a consistent state. When you cancel a job, the next job - computes a delta of files and may repair any inconsistent state. For - instance, if you run a job every day, and today's job found 10 new files - and transferred five files before you canceled the job, tomorrow's - transfer operation will compute a new delta with the five files that - were not copied today plus any new files discovered tomorrow. - operationId: storagetransfer.transferOperations.cancel + Starts a new operation for the specified transfer job. A `TransferJob` + has a maximum of one active `TransferOperation`. If this method is + called while a `TransferOperation` is active, an error is returned. + operationId: storagetransfer.transferJobs.run requestBody: content: application/json: schema: - $ref: '#/components/schemas/CancelOperationRequest' + $ref: '#/components/schemas/RunTransferJobRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2141,23 +2227,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: transferOperationsId + name: transferJobsId required: true schema: type: string - /v1/transferOperations/{transferOperationsId}:pause: + /v1/transferOperations/{transferOperationsId}:resume: parameters: *ref_1 post: - description: Pauses a transfer operation. - operationId: storagetransfer.transferOperations.pause + description: Resumes a transfer operation that is paused. + operationId: storagetransfer.transferOperations.resume requestBody: content: application/json: schema: - $ref: '#/components/schemas/PauseTransferOperationRequest' + $ref: '#/components/schemas/ResumeTransferOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2176,16 +2262,16 @@ paths: required: true schema: type: string - /v1/transferOperations/{transferOperationsId}:resume: + /v1/transferOperations/{transferOperationsId}:pause: parameters: *ref_1 post: - description: Resumes a transfer operation that is paused. - operationId: storagetransfer.transferOperations.resume + description: Pauses a transfer operation. + operationId: storagetransfer.transferOperations.pause requestBody: content: application/json: schema: - $ref: '#/components/schemas/ResumeTransferOperationRequest' + $ref: '#/components/schemas/PauseTransferOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2204,18 +2290,14 @@ paths: required: true schema: type: string - /v1/googleServiceAccounts/{projectId}: + /v1/transferOperations/{transferOperationsId}: parameters: *ref_1 get: description: >- - Returns the Google service account that is used by Storage Transfer - Service to access buckets in the project where transfers run or in other - projects. Each Google service account is associated with one Google - Cloud project. Users should add this service account to the Google Cloud - Storage bucket ACLs to grant access to Storage Transfer Service. This - service account is created and owned by Storage Transfer Service and can - only be used by Storage Transfer Service. - operationId: storagetransfer.googleServiceAccounts.get + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: storagetransfer.transferOperations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2227,39 +2309,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleServiceAccount' + $ref: '#/components/schemas/Operation' parameters: - in: path - name: projectId + name: transferOperationsId required: true schema: type: string - /v1/transferJobs: + /v1/transferOperations: parameters: *ref_1 - post: - description: Creates a transfer job that runs periodically. - operationId: storagetransfer.transferJobs.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TransferJob' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/TransferJob' - parameters: [] get: - description: Lists transfer jobs. - operationId: storagetransfer.transferJobs.list + description: >- + Lists transfer operations. Operations are ordered by their creation time + in reverse chronological order. + operationId: storagetransfer.transferOperations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2271,7 +2334,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListTransferJobsResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: query name: filter @@ -2283,24 +2346,42 @@ paths: schema: type: integer format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean - in: query name: pageToken schema: type: string - /v1/transferJobs/{transferJobsId}: + /v1/transferOperations/{transferOperationsId}:cancel: parameters: *ref_1 - patch: + post: description: >- - Updates a transfer job. Updating a job's transfer spec does not affect - transfer operations that are running already. **Note:** The job's status - field can be modified using this RPC (for example, to set a job's status - to DELETED, DISABLED, or ENABLED). - operationId: storagetransfer.transferJobs.patch + Cancels a transfer. Use the transferOperations.get method to check if + the cancellation succeeded or if the operation completed despite the + `cancel` request. When you cancel an operation, the currently running + transfer is interrupted. For recurring transfer jobs, the next instance + of the transfer job will still run. For example, if your job is + configured to run every day at 1pm and you cancel Monday's operation at + 1:05pm, Monday's transfer will stop. However, a transfer job will still + be attempted on Tuesday. This applies only to currently running + operations. If an operation is not currently running, `cancel` does + nothing. *Caution:* Canceling a transfer job can leave your data in an + unknown state. We recommend that you restore the state at both the + destination and the source after the `cancel` request completes so that + your data is in a consistent state. When you cancel a job, the next job + computes a delta of files and may repair any inconsistent state. For + instance, if you run a job every day, and today's job found 10 new files + and transferred five files before you canceled the job, tomorrow's + transfer operation will compute a new delta with the five files that + were not copied today plus any new files discovered tomorrow. + operationId: storagetransfer.transferOperations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/UpdateTransferJobRequest' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2312,16 +2393,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TransferJob' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: transferJobsId + name: transferOperationsId required: true schema: type: string - get: - description: Gets a transfer job. - operationId: storagetransfer.transferJobs.get + /v1/projects/{projectsId}/agentPools/{agentPoolsId}: + parameters: *ref_1 + patch: + description: Updates an existing agent pool resource. + operationId: storagetransfer.projects.agentPools.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AgentPool' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2333,23 +2421,26 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TransferJob' + $ref: '#/components/schemas/AgentPool' parameters: - in: path - name: transferJobsId + name: projectsId required: true schema: type: string - - in: query - name: projectId + - in: path + name: agentPoolsId required: true schema: type: string - delete: - description: >- - Deletes a transfer job. Deleting a transfer job sets its status to - DELETED. - operationId: storagetransfer.transferJobs.delete + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Gets an agent pool. + operationId: storagetransfer.projects.agentPools.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2361,31 +2452,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/AgentPool' parameters: - in: path - name: transferJobsId + name: projectsId required: true schema: type: string - - in: query - name: projectId + - in: path + name: agentPoolsId required: true schema: type: string - /v1/transferJobs/{transferJobsId}:run: - parameters: *ref_1 - post: - description: >- - Starts a new operation for the specified transfer job. A `TransferJob` - has a maximum of one active `TransferOperation`. If this method is - called while a `TransferOperation` is active, an error is returned. - operationId: storagetransfer.transferJobs.run - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RunTransferJobRequest' + delete: + description: Deletes an agent pool. + operationId: storagetransfer.projects.agentPools.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2397,10 +2478,15 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path - name: transferJobsId + name: projectsId + required: true + schema: + type: string + - in: path + name: agentPoolsId required: true schema: type: string @@ -2470,73 +2556,18 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/agentPools/{agentPoolsId}: + /v1/googleServiceAccounts/{projectId}: parameters: *ref_1 - patch: - description: Updates an existing agent pool resource. - operationId: storagetransfer.projects.agentPools.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AgentPool' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/AgentPool' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: agentPoolsId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask get: - description: Gets an agent pool. - operationId: storagetransfer.projects.agentPools.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/AgentPool' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: agentPoolsId - required: true - schema: - type: string - delete: - description: Deletes an agent pool. - operationId: storagetransfer.projects.agentPools.delete + description: >- + Returns the Google service account that is used by Storage Transfer + Service to access buckets in the project where transfers run or in other + projects. Each Google service account is associated with one Google + Cloud project. Users should add this service account to the Google Cloud + Storage bucket ACLs to grant access to Storage Transfer Service. This + service account is created and owned by Storage Transfer Service and can + only be used by Storage Transfer Service. + operationId: storagetransfer.googleServiceAccounts.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2548,15 +2579,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/GoogleServiceAccount' parameters: - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: agentPoolsId + name: projectId required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/texttospeech.yaml b/providers/src/googleapis.com/v00.00.00000/services/texttospeech.yaml index baf89807..c1fb4aa2 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/texttospeech.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/texttospeech.yaml @@ -9,8 +9,8 @@ info: Synthesizes natural-sounding speech by applying powerful neural network models. version: v1 - x-discovery-doc-revision: '20250814' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251202' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/text-to-speech/ servers: @@ -36,75 +36,194 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListVoicesResponse: - id: ListVoicesResponse - description: The message returned to the client by the `ListVoices` method. - type: object + CustomPronunciations: properties: - voices: - description: The list of voices. + pronunciations: type: array items: - $ref: '#/components/schemas/Voice' - Voice: - id: Voice - description: Description of a voice supported by the TTS service. + $ref: '#/components/schemas/CustomPronunciationParams' + description: The pronunciation customizations are applied. + id: CustomPronunciations + description: A collection of pronunciation customizations. type: object + MultiSpeakerMarkup: properties: - languageCodes: + turns: + description: Required. Speaker turns. + items: + $ref: '#/components/schemas/Turn' + type: array + id: MultiSpeakerMarkup + description: A collection of turns for multi-speaker synthesis. + type: object + AudioConfig: + type: object + properties: + pitch: + format: double description: >- - The languages that this voice supports, expressed as - [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tags - (e.g. "en-US", "es-419", "cmn-tw"). + Optional. Input only. Speaking pitch, in the range [-20.0, 20.0]. 20 + means increase 20 semitones from the original pitch. -20 means + decrease 20 semitones from the original pitch. + type: number + speakingRate: + description: >- + Optional. Input only. Speaking rate/speed, in the range [0.25, 2.0]. + 1.0 is the normal native speed supported by the specific voice. 2.0 + is twice as fast, and 0.5 is half as fast. If unset(0.0), defaults + to the native 1.0 speed. Any other values < 0.25 or > 2.0 will + return an error. + format: double + type: number + effectsProfileId: type: array items: type: string - name: - description: The name of this voice. Each distinct voice has a unique name. - type: string - ssmlGender: - description: The gender of this voice. + description: >- + Optional. Input only. An identifier which selects 'audio effects' + profiles that are applied on (post synthesized) text to speech. + Effects are applied on top of each other in the order they are + given. See [audio + profiles](https://cloud.google.com/text-to-speech/docs/audio-profiles) + for current supported profile ids. + audioEncoding: + enum: + - AUDIO_ENCODING_UNSPECIFIED + - LINEAR16 + - MP3 + - OGG_OPUS + - MULAW + - ALAW + - PCM + - M4A type: string enumDescriptions: - >- - An unspecified gender. In VoiceSelectionParams, this means that - the client doesn't care which gender the selected voice will have. - In the Voice field of ListVoicesResponse, this may mean that the - voice doesn't fit any of the other categories in this enum, or - that the gender of the voice isn't known. - - A male voice. - - A female voice. - - A gender-neutral voice. This voice is not yet supported. - enum: - - SSML_VOICE_GENDER_UNSPECIFIED - - MALE - - FEMALE - - NEUTRAL - naturalSampleRateHertz: - description: The natural sample rate (in hertz) for this voice. - type: integer + Not specified. Only used by GenerateVoiceCloningKey. Otherwise, + will return result google.rpc.Code.INVALID_ARGUMENT. + - >- + Uncompressed 16-bit signed little-endian samples (Linear PCM). + Audio content returned as LINEAR16 also contains a WAV header. + - MP3 audio at 32kbps. + - >- + Opus encoded audio wrapped in an ogg container. The result is a + file which can be played natively on Android, and in browsers (at + least Chrome and Firefox). The quality of the encoding is + considerably higher than MP3 while using approximately the same + bitrate. + - >- + 8-bit samples that compand 14-bit audio samples using G.711 + PCMU/mu-law. Audio content returned as MULAW also contains a WAV + header. + - >- + 8-bit samples that compand 14-bit audio samples using G.711 + PCMU/A-law. Audio content returned as ALAW also contains a WAV + header. + - >- + Uncompressed 16-bit signed little-endian samples (Linear PCM). + Note that as opposed to LINEAR16, audio won't be wrapped in a WAV + (or any other) header. + - M4A audio. + description: Required. The format of the audio byte stream. + volumeGainDb: + description: >- + Optional. Input only. Volume gain (in dB) of the normal native + volume supported by the specific voice, in the range [-96.0, 16.0]. + If unset, or set to a value of 0.0 (dB), will play at normal native + signal amplitude. A value of -6.0 (dB) will play at approximately + half the amplitude of the normal native signal amplitude. A value of + +6.0 (dB) will play at approximately twice the amplitude of the + normal native signal amplitude. Strongly recommend not to exceed +10 + (dB) as there's usually no effective increase in loudness for any + value greater than that. + type: number + format: double + sampleRateHertz: + description: >- + Optional. The synthesis sample rate (in hertz) for this audio. When + this is specified in SynthesizeSpeechRequest, if this is different + from the voice's natural sample rate, then the synthesizer will + honor this request by converting to the desired sample rate (which + might result in worse audio quality), unless the specified sample + rate is not supported for the encoding chosen, in which case it will + fail the request and return google.rpc.Code.INVALID_ARGUMENT. format: int32 - SynthesizeSpeechRequest: - id: SynthesizeSpeechRequest + type: integer + description: Description of audio data to be synthesized. + id: AudioConfig + MultispeakerPrebuiltVoice: + properties: + speakerAlias: + description: >- + Required. The speaker alias of the voice. This is the user-chosen + speaker name that is used in the multispeaker text input, such as + "Speaker1". + type: string + speakerId: + description: >- + Required. The speaker ID of the voice. See + https://cloud.google.com/text-to-speech/docs/gemini-tts#voice_options + for available values. + type: string + type: object description: >- - The top-level message sent by the client for the `SynthesizeSpeech` - method. + Configuration for a single speaker in a Gemini TTS multi-speaker setup. + Enables dialogue between two speakers. + id: MultispeakerPrebuiltVoice + ListVoicesResponse: + description: The message returned to the client by the `ListVoices` method. + id: ListVoicesResponse type: object properties: - input: + voices: + type: array + items: + $ref: '#/components/schemas/Voice' + description: The list of voices. + Turn: + type: object + id: Turn + description: A multi-speaker turn. + properties: + text: + description: Required. The text to speak. + type: string + speaker: description: >- - Required. The Synthesizer requires either plain text or SSML as - input. - $ref: '#/components/schemas/SynthesisInput' - voice: - description: Required. The desired voice of the synthesized audio. - $ref: '#/components/schemas/VoiceSelectionParams' - audioConfig: - description: Required. The configuration of the synthesized audio. - $ref: '#/components/schemas/AudioConfig' - advancedVoiceOptions: - description: Advanced voice options. - $ref: '#/components/schemas/AdvancedVoiceOptions' + Required. The speaker of the turn, for example, 'O' or 'Q'. Please + refer to documentation for available speakers. + type: string + SynthesizeSpeechResponse: + type: object + id: SynthesizeSpeechResponse + description: The message returned to the client by the `SynthesizeSpeech` method. + properties: + audioContent: + format: byte + type: string + description: >- + The audio data bytes encoded as specified in the request, including + the header for encodings that are wrapped in containers (e.g. MP3, + OGG_OPUS). For LINEAR16 audio, we include the WAV header. Note: as + with all bytes fields, protobuffers use a pure binary + representation, whereas JSON representations use base64. + Empty: + id: Empty + properties: {} + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + VoiceCloneParams: + properties: + voiceCloningKey: + description: Required. Created by GenerateVoiceCloningKey. + type: string + type: object + description: The configuration of Voice Clone feature. + id: VoiceCloneParams SynthesisInput: id: SynthesisInput description: >- @@ -112,29 +231,34 @@ components: supplied. Supplying both or neither returns google.rpc.Code.INVALID_ARGUMENT. The input size is limited to 5000 bytes. - type: object properties: - text: - description: The raw text to be synthesized. - type: string - markup: - description: >- - Markup for HD voices specifically. This field may not be used with - any other voices. - type: string ssml: + type: string description: >- The SSML document to be synthesized. The SSML document must be valid and well-formed. Otherwise the RPC will fail and return google.rpc.Code.INVALID_ARGUMENT. For more information, see [SSML](https://cloud.google.com/text-to-speech/docs/ssml). - type: string multiSpeakerMarkup: + $ref: '#/components/schemas/MultiSpeakerMarkup' description: >- The multi-speaker input to be synthesized. Only applicable for multi-speaker synthesis. - $ref: '#/components/schemas/MultiSpeakerMarkup' + markup: + type: string + description: >- + Markup for Chirp 3: HD voices specifically. This field may not be + used with any other voices. + prompt: + type: string + description: >- + This system instruction is supported only for + controllable/promptable voice models. If this system instruction is + used, we pass the unedited text to Gemini-TTS. Otherwise, a default + system instruction is used. AI Studio calls this system instruction, + Style Instructions. customPronunciations: + $ref: '#/components/schemas/CustomPronunciations' description: >- Optional. The pronunciation customizations are applied to the input. If this is set, the input is synthesized using the given @@ -143,114 +267,133 @@ components: aren't supported. In order to customize the pronunciation of a phrase, there must be an exact match of the phrase in the input types. If using SSML, the phrase must not be inside a phoneme tag. - $ref: '#/components/schemas/CustomPronunciations' - MultiSpeakerMarkup: - id: MultiSpeakerMarkup - description: A collection of turns for multi-speaker synthesis. - type: object - properties: - turns: - description: Required. Speaker turns. - type: array - items: - $ref: '#/components/schemas/Turn' - Turn: - id: Turn - description: A multi-speaker turn. - type: object - properties: - speaker: - description: >- - Required. The speaker of the turn, for example, 'O' or 'Q'. Please - refer to documentation for available speakers. - type: string text: - description: Required. The text to speak. + description: The raw text to be synthesized. type: string - CustomPronunciations: - id: CustomPronunciations - description: A collection of pronunciation customizations. type: object + CustomVoiceParams: + description: Description of the custom voice to be synthesized. properties: - pronunciations: - description: The pronunciation customizations are applied. + model: + type: string + description: >- + Required. The name of the AutoML model that synthesizes the custom + voice. + reportedUsage: + enum: + - REPORTED_USAGE_UNSPECIFIED + - REALTIME + - OFFLINE + description: >- + Optional. Deprecated. The usage of the synthesized audio to be + reported. + deprecated: true + type: string + enumDescriptions: + - Request with reported usage unspecified will be rejected. + - >- + For scenarios where the synthesized audio is not downloadable and + can only be used once. For example, real-time request in IVR + system. + - >- + For scenarios where the synthesized audio is downloadable and can + be reused. For example, the synthesized audio is downloaded, + stored in customer service system and played repeatedly. + id: CustomVoiceParams + type: object + CancelOperationRequest: + type: object + properties: {} + description: The request message for Operations.CancelOperation. + id: CancelOperationRequest + AdvancedVoiceOptions: + properties: + relaxSafetyFilters: + description: >- + Optional. Input only. If true, relaxes safety filters for Gemini + TTS. Only supported for accounts linked to Invoiced (Offline) Cloud + billing accounts. Otherwise, will return result + google.rpc.Code.INVALID_ARGUMENT. + type: boolean + lowLatencyJourneySynthesis: + type: boolean + description: >- + Only for Journey voices. If false, the synthesis is context aware + and has a higher latency. + id: AdvancedVoiceOptions + description: Used for advanced voice options. + type: object + MultiSpeakerVoiceConfig: + id: MultiSpeakerVoiceConfig + type: object + description: >- + Configuration for a multi-speaker text-to-speech setup. Enables the use + of up to two distinct voices in a single synthesis request. + properties: + speakerVoiceConfigs: type: array + description: >- + Required. A list of configurations for the voices of the speakers. + Exactly two speaker voice configurations must be provided. items: - $ref: '#/components/schemas/CustomPronunciationParams' - CustomPronunciationParams: - id: CustomPronunciationParams - description: Pronunciation customization for a phrase. + $ref: '#/components/schemas/MultispeakerPrebuiltVoice' + GoogleCloudTexttospeechV1SynthesizeLongAudioMetadata: + description: Metadata for response returned by the `SynthesizeLongAudio` method. type: object properties: - phrase: - description: >- - The phrase to which the customization is applied. The phrase can be - multiple words, such as proper nouns, but shouldn't span the length - of the sentence. + startTime: type: string - phoneticEncoding: - description: The phonetic encoding of the phrase. + description: Time when the request was received. + format: google-datetime + lastUpdateTime: + deprecated: true + description: Deprecated. Do not use. type: string - enumDescriptions: - - Not specified. - - >- - IPA, such as apple -> ˈæpəl. - https://en.wikipedia.org/wiki/International_Phonetic_Alphabet - - >- - X-SAMPA, such as apple -> "{p@l". - https://en.wikipedia.org/wiki/X-SAMPA - - >- - For reading-to-pron conversion to work well, the `pronunciation` - field should only contain Kanji, Hiragana, and Katakana. The - pronunciation can also contain pitch accents. The start of a pitch - phrase is specified with `^` and the down-pitch position is - specified with `!`, for example: phrase:端 pronunciation:^はし - phrase:箸 pronunciation:^は!し phrase:橋 pronunciation:^はし! We - currently only support the Tokyo dialect, which allows at most one - down-pitch per phrase (i.e. at most one `!` between `^`). - - >- - Used to specify pronunciations for Mandarin words. See - https://en.wikipedia.org/wiki/Pinyin. For example: 朝阳, the - pronunciation is "chao2 yang2". The number represents the tone, - and there is a space between syllables. Neutral tones are - represented by 5, for example 孩子 "hai2 zi5". - enum: - - PHONETIC_ENCODING_UNSPECIFIED - - PHONETIC_ENCODING_IPA - - PHONETIC_ENCODING_X_SAMPA - - PHONETIC_ENCODING_JAPANESE_YOMIGANA - - PHONETIC_ENCODING_PINYIN - pronunciation: + format: google-datetime + progressPercentage: + type: number + format: double description: >- - The pronunciation of the phrase. This must be in the phonetic - encoding specified above. + The progress of the most recent processing update in percentage, ie. + 70.0%. + id: GoogleCloudTexttospeechV1SynthesizeLongAudioMetadata + SynthesizeLongAudioMetadata: + properties: + lastUpdateTime: + description: Deprecated. Do not use. type: string + format: google-datetime + deprecated: true + progressPercentage: + type: number + format: double + description: >- + The progress of the most recent processing update in percentage, ie. + 70.0%. + startTime: + description: Time when the request was received. + format: google-datetime + type: string + id: SynthesizeLongAudioMetadata + description: Metadata for response returned by the `SynthesizeLongAudio` method. + type: object VoiceSelectionParams: id: VoiceSelectionParams description: Description of which voice to use for a synthesis request. type: object properties: - languageCode: + customVoice: + $ref: '#/components/schemas/CustomVoiceParams' description: >- - Required. The language (and potentially also the region) of the - voice expressed as a - [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag, - e.g. "en-US". This should not include a script tag (e.g. use - "cmn-cn" rather than "cmn-Hant-cn"), because the script will be - inferred from the input provided in the SynthesisInput. The TTS - service will use this parameter to help choose an appropriate voice. - Note that the TTS service may choose a voice with a slightly - different language code than the one selected; it may substitute a - different region (e.g. using en-US rather than en-CA if there isn't - a Canadian voice available), or even a different language, e.g. - using "nb" (Norwegian Bokmal) instead of "no" (Norwegian)". - type: string - name: + The configuration for a custom voice. If [CustomVoiceParams.model] + is set, the service will choose the custom voice matching the + specified configuration. + voiceClone: description: >- - The name of the voice. If both the name and the gender are not set, - the service will choose a voice based on the other parameters such - as language_code. - type: string + Optional. The configuration for a voice clone. If + [VoiceCloneParams.voice_clone_key] is set, the service chooses the + voice clone matching the specified configuration. + $ref: '#/components/schemas/VoiceCloneParams' ssmlGender: description: >- The preferred gender of the voice. If not set, the service will @@ -260,6 +403,11 @@ components: should substitute a voice with a different gender rather than failing the request. type: string + enum: + - SSML_VOICE_GENDER_UNSPECIFIED + - MALE + - FEMALE + - NEUTRAL enumDescriptions: - >- An unspecified gender. In VoiceSelectionParams, this means that @@ -270,365 +418,280 @@ components: - A male voice. - A female voice. - A gender-neutral voice. This voice is not yet supported. - enum: - - SSML_VOICE_GENDER_UNSPECIFIED - - MALE - - FEMALE - - NEUTRAL - customVoice: - description: >- - The configuration for a custom voice. If [CustomVoiceParams.model] - is set, the service will choose the custom voice matching the - specified configuration. - $ref: '#/components/schemas/CustomVoiceParams' - voiceClone: + multiSpeakerVoiceConfig: description: >- - Optional. The configuration for a voice clone. If - [VoiceCloneParams.voice_clone_key] is set, the service chooses the - voice clone matching the specified configuration. - $ref: '#/components/schemas/VoiceCloneParams' + Optional. The configuration for a Gemini multi-speaker + text-to-speech setup. Enables the use of two distinct voices in a + single synthesis request. + $ref: '#/components/schemas/MultiSpeakerVoiceConfig' modelName: + type: string description: >- Optional. The name of the model. If set, the service will choose the model matching the specified configuration. + name: type: string - CustomVoiceParams: - id: CustomVoiceParams - description: Description of the custom voice to be synthesized. - type: object - properties: - model: description: >- - Required. The name of the AutoML model that synthesizes the custom - voice. + The name of the voice. If both the name and the gender are not set, + the service will choose a voice based on the other parameters such + as language_code. + languageCode: + description: >- + Required. The language (and potentially also the region) of the + voice expressed as a + [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag, + e.g. "en-US". This should not include a script tag (e.g. use + "cmn-cn" rather than "cmn-Hant-cn"), because the script will be + inferred from the input provided in the SynthesisInput. The TTS + service will use this parameter to help choose an appropriate voice. + Note that the TTS service may choose a voice with a slightly + different language code than the one selected; it may substitute a + different region (e.g. using en-US rather than en-CA if there isn't + a Canadian voice available), or even a different language, e.g. + using "nb" (Norwegian Bokmal) instead of "no" (Norwegian)". type: string - reportedUsage: + Voice: + properties: + name: + description: The name of this voice. Each distinct voice has a unique name. + type: string + languageCodes: description: >- - Optional. Deprecated. The usage of the synthesized audio to be - reported. - deprecated: true + The languages that this voice supports, expressed as + [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tags + (e.g. "en-US", "es-419", "cmn-tw"). + items: + type: string + type: array + ssmlGender: type: string + description: The gender of this voice. + enum: + - SSML_VOICE_GENDER_UNSPECIFIED + - MALE + - FEMALE + - NEUTRAL enumDescriptions: - - Request with reported usage unspecified will be rejected. - >- - For scenarios where the synthesized audio is not downloadable and - can only be used once. For example, real-time request in IVR - system. - - >- - For scenarios where the synthesized audio is downloadable and can - be reused. For example, the synthesized audio is downloaded, - stored in customer service system and played repeatedly. - enum: - - REPORTED_USAGE_UNSPECIFIED - - REALTIME - - OFFLINE - VoiceCloneParams: - id: VoiceCloneParams - description: The configuration of Voice Clone feature. + An unspecified gender. In VoiceSelectionParams, this means that + the client doesn't care which gender the selected voice will have. + In the Voice field of ListVoicesResponse, this may mean that the + voice doesn't fit any of the other categories in this enum, or + that the gender of the voice isn't known. + - A male voice. + - A female voice. + - A gender-neutral voice. This voice is not yet supported. + naturalSampleRateHertz: + description: The natural sample rate (in hertz) for this voice. + type: integer + format: int32 + description: Description of a voice supported by the TTS service. + id: Voice type: object - properties: - voiceCloningKey: - description: Required. Created by GenerateVoiceCloningKey. - type: string - AudioConfig: - id: AudioConfig - description: Description of audio data to be synthesized. + CustomPronunciationParams: + id: CustomPronunciationParams type: object properties: - audioEncoding: - description: Required. The format of the audio byte stream. + phoneticEncoding: type: string + description: The phonetic encoding of the phrase. enumDescriptions: + - Not specified. - >- - Not specified. Only used by GenerateVoiceCloningKey. Otherwise, - will return result google.rpc.Code.INVALID_ARGUMENT. - - >- - Uncompressed 16-bit signed little-endian samples (Linear PCM). - Audio content returned as LINEAR16 also contains a WAV header. - - MP3 audio at 32kbps. - - >- - Opus encoded audio wrapped in an ogg container. The result is a - file which can be played natively on Android, and in browsers (at - least Chrome and Firefox). The quality of the encoding is - considerably higher than MP3 while using approximately the same - bitrate. + IPA, such as apple -> ˈæpəl. + https://en.wikipedia.org/wiki/International_Phonetic_Alphabet - >- - 8-bit samples that compand 14-bit audio samples using G.711 - PCMU/mu-law. Audio content returned as MULAW also contains a WAV - header. + X-SAMPA, such as apple -> "{p@l". + https://en.wikipedia.org/wiki/X-SAMPA - >- - 8-bit samples that compand 14-bit audio samples using G.711 - PCMU/A-law. Audio content returned as ALAW also contains a WAV - header. + For reading-to-pron conversion to work well, the `pronunciation` + field should only contain Kanji, Hiragana, and Katakana. The + pronunciation can also contain pitch accents. The start of a pitch + phrase is specified with `^` and the down-pitch position is + specified with `!`, for example: phrase:端 pronunciation:^はし + phrase:箸 pronunciation:^は!し phrase:橋 pronunciation:^はし! We + currently only support the Tokyo dialect, which allows at most one + down-pitch per phrase (i.e. at most one `!` between `^`). - >- - Uncompressed 16-bit signed little-endian samples (Linear PCM). - Note that as opposed to LINEAR16, audio won't be wrapped in a WAV - (or any other) header. - - M4A audio. + Used to specify pronunciations for Mandarin words. See + https://en.wikipedia.org/wiki/Pinyin. For example: 朝阳, the + pronunciation is "chao2 yang2". The number represents the tone, + and there is a space between syllables. Neutral tones are + represented by 5, for example 孩子 "hai2 zi5". enum: - - AUDIO_ENCODING_UNSPECIFIED - - LINEAR16 - - MP3 - - OGG_OPUS - - MULAW - - ALAW - - PCM - - M4A - speakingRate: - description: >- - Optional. Input only. Speaking rate/speed, in the range [0.25, 2.0]. - 1.0 is the normal native speed supported by the specific voice. 2.0 - is twice as fast, and 0.5 is half as fast. If unset(0.0), defaults - to the native 1.0 speed. Any other values < 0.25 or > 2.0 will - return an error. - type: number - format: double - pitch: - description: >- - Optional. Input only. Speaking pitch, in the range [-20.0, 20.0]. 20 - means increase 20 semitones from the original pitch. -20 means - decrease 20 semitones from the original pitch. - type: number - format: double - volumeGainDb: - description: >- - Optional. Input only. Volume gain (in dB) of the normal native - volume supported by the specific voice, in the range [-96.0, 16.0]. - If unset, or set to a value of 0.0 (dB), will play at normal native - signal amplitude. A value of -6.0 (dB) will play at approximately - half the amplitude of the normal native signal amplitude. A value of - +6.0 (dB) will play at approximately twice the amplitude of the - normal native signal amplitude. Strongly recommend not to exceed +10 - (dB) as there's usually no effective increase in loudness for any - value greater than that. - type: number - format: double - sampleRateHertz: - description: >- - Optional. The synthesis sample rate (in hertz) for this audio. When - this is specified in SynthesizeSpeechRequest, if this is different - from the voice's natural sample rate, then the synthesizer will - honor this request by converting to the desired sample rate (which - might result in worse audio quality), unless the specified sample - rate is not supported for the encoding chosen, in which case it will - fail the request and return google.rpc.Code.INVALID_ARGUMENT. - type: integer - format: int32 - effectsProfileId: - description: >- - Optional. Input only. An identifier which selects 'audio effects' - profiles that are applied on (post synthesized) text to speech. - Effects are applied on top of each other in the order they are - given. See [audio - profiles](https://cloud.google.com/text-to-speech/docs/audio-profiles) - for current supported profile ids. - type: array - items: - type: string - AdvancedVoiceOptions: - id: AdvancedVoiceOptions - description: Used for advanced voice options. - type: object - properties: - lowLatencyJourneySynthesis: + - PHONETIC_ENCODING_UNSPECIFIED + - PHONETIC_ENCODING_IPA + - PHONETIC_ENCODING_X_SAMPA + - PHONETIC_ENCODING_JAPANESE_YOMIGANA + - PHONETIC_ENCODING_PINYIN + pronunciation: description: >- - Only for Journey voices. If false, the synthesis is context aware - and has a higher latency. - type: boolean - SynthesizeSpeechResponse: - id: SynthesizeSpeechResponse - description: The message returned to the client by the `SynthesizeSpeech` method. - type: object - properties: - audioContent: + The pronunciation of the phrase. This must be in the phonetic + encoding specified above. + type: string + phrase: description: >- - The audio data bytes encoded as specified in the request, including - the header for encodings that are wrapped in containers (e.g. MP3, - OGG_OPUS). For LINEAR16 audio, we include the WAV header. Note: as - with all bytes fields, protobuffers use a pure binary - representation, whereas JSON representations use base64. + The phrase to which the customization is applied. The phrase can be + multiple words, such as proper nouns, but shouldn't span the length + of the sentence. type: string - format: byte + description: Pronunciation customization for a phrase. ListOperationsResponse: id: ListOperationsResponse description: The response message for Operations.ListOperations. - type: object properties: operations: + items: + $ref: '#/components/schemas/Operation' description: >- A list of operations that matches the specified filter in the request. type: array - items: - $ref: '#/components/schemas/Operation' nextPageToken: - description: The standard List next-page token. - type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + type: string + description: The standard List next-page token. + unreachable: + type: array + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + items: + type: string type: object + Status: + id: Status properties: code: - description: The status code, which should be an enum value of google.rpc.Code. type: integer + description: The status code, which should be an enum value of google.rpc.Code. format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. type: array items: type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). type: object - properties: {} SynthesizeLongAudioRequest: id: SynthesizeLongAudioRequest - description: >- - The top-level message sent by the client for the `SynthesizeLongAudio` - method. - type: object properties: - input: - description: >- - Required. The Synthesizer requires either plain text or SSML as - input. - $ref: '#/components/schemas/SynthesisInput' - audioConfig: - description: Required. The configuration of the synthesized audio. - $ref: '#/components/schemas/AudioConfig' outputGcsUri: description: >- Required. Specifies a Cloud Storage URI for the synthesis results. Must be specified in the format: `gs://bucket_name/object_name`, and the bucket must already exist. type: string + audioConfig: + description: Required. The configuration of the synthesized audio. + $ref: '#/components/schemas/AudioConfig' + input: + $ref: '#/components/schemas/SynthesisInput' + description: >- + Required. The Synthesizer requires either plain text or SSML as + input. voice: description: Required. The desired voice of the synthesized audio. $ref: '#/components/schemas/VoiceSelectionParams' - SynthesizeLongAudioMetadata: - id: SynthesizeLongAudioMetadata - description: Metadata for response returned by the `SynthesizeLongAudio` method. type: object + description: >- + The top-level message sent by the client for the `SynthesizeLongAudio` + method. + SynthesizeSpeechRequest: + id: SynthesizeSpeechRequest + description: >- + The top-level message sent by the client for the `SynthesizeSpeech` + method. properties: - startTime: - description: Time when the request was received. - type: string - format: google-datetime - lastUpdateTime: - description: Deprecated. Do not use. - deprecated: true - type: string - format: google-datetime - progressPercentage: + voice: + $ref: '#/components/schemas/VoiceSelectionParams' + description: Required. The desired voice of the synthesized audio. + advancedVoiceOptions: + description: Advanced voice options. + $ref: '#/components/schemas/AdvancedVoiceOptions' + audioConfig: + $ref: '#/components/schemas/AudioConfig' + description: Required. The configuration of the synthesized audio. + input: + $ref: '#/components/schemas/SynthesisInput' description: >- - The progress of the most recent processing update in percentage, ie. - 70.0%. - type: number - format: double - GoogleCloudTexttospeechV1SynthesizeLongAudioMetadata: - id: GoogleCloudTexttospeechV1SynthesizeLongAudioMetadata - description: Metadata for response returned by the `SynthesizeLongAudio` method. + Required. The Synthesizer requires either plain text or SSML as + input. type: object + Operation: + description: >- + This resource represents a long-running operation that is the result of + a network API call. properties: - startTime: - description: Time when the request was received. - type: string - format: google-datetime - lastUpdateTime: - description: Deprecated. Do not use. - deprecated: true + name: type: string - format: google-datetime - progressPercentage: description: >- - The progress of the most recent processing update in percentage, ie. - 70.0%. - type: number - format: double + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + response: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + metadata: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + type: object + id: Operation parameters: - access_token: - description: OAuth access token. + callback: + description: JSONP in: query - name: access_token + name: callback schema: type: string alt: @@ -641,18 +704,6 @@ components: - json - media - proto - callback: - description: JSONP - in: query - name: callback - schema: - type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string key: description: >- API key. Your API key identifies your project and provides you with API @@ -662,18 +713,12 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + access_token: + description: OAuth access token. in: query - name: oauth_token + name: access_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -683,10 +728,10 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: upload_protocol + name: fields schema: type: string uploadType: @@ -704,42 +749,66 @@ components: enum: - '1' - '2' + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string x-stackQL-resources: - voices: - id: google.texttospeech.voices - name: voices - title: Voices + operations: + id: google.texttospeech.operations + name: operations + title: Operations methods: list: operation: - $ref: '#/paths/~1v1~1voices/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/voices/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - text: - id: google.texttospeech.text - name: text - title: Text - methods: - synthesize: + objectKey: $.operations + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + cancel: + operation: + $ref: '#/paths/~1v1~1operations~1{operationsId}:cancel/post' + response: + mediaType: application/json + openAPIDocKey: '200' + delete: operation: - $ref: '#/paths/~1v1~1text:synthesize/post' + $ref: '#/paths/~1v1~1operations~1{operationsId}/delete' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' insert: [] update: [] replace: [] - delete: [] + delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' locations: id: google.texttospeech.locations name: locations @@ -758,64 +827,60 @@ components: update: [] replace: [] delete: [] - operations: - id: google.texttospeech.operations - name: operations - title: Operations + voices: + id: google.texttospeech.voices + name: voices + title: Voices methods: list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: '#/paths/~1v1~1operations~1{operationsId}/delete' + $ref: '#/paths/~1v1~1voices/get' response: mediaType: application/json openAPIDocKey: '200' - cancel: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/voices/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + text: + id: google.texttospeech.text + name: text + title: Text + methods: + synthesize: operation: - $ref: '#/paths/~1v1~1operations~1{operationsId}:cancel/post' + $ref: '#/paths/~1v1~1text:synthesize/post' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' + select: [] insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + delete: [] paths: - /v1/voices: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/oauth_token' get: - description: Returns a list of Voice supported for synthesis. - operationId: texttospeech.voices.list + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: texttospeech.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -827,24 +892,43 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListVoicesResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string - in: query - name: languageCode + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter schema: type: string - /v1/text:synthesize: + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - post: + get: description: >- - Synthesizes speech synchronously: receive results after all text input - has been processed. - operationId: texttospeech.text.synthesize - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SynthesizeSpeechRequest' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: texttospeech.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -856,8 +940,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SynthesizeSpeechResponse' - parameters: [] + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}:synthesizeLongAudio: parameters: *ref_1 post: @@ -891,13 +990,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + /v1/voices: parameters: *ref_1 get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: texttospeech.projects.locations.operations.list + description: Returns a list of Voice supported for synthesis. + operationId: texttospeech.voices.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -909,39 +1006,24 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/ListVoicesResponse' parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query - name: pageToken + name: languageCode schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + /v1/text:synthesize: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: texttospeech.projects.locations.operations.get + Synthesizes speech synchronously: receive results after all text input + has been processed. + operationId: texttospeech.text.synthesize + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SynthesizeSpeechRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -953,32 +1035,27 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/operations/{operationsId}: + $ref: '#/components/schemas/SynthesizeSpeechResponse' + parameters: [] + /v1/operations/{operationsId}:cancel: parameters: *ref_1 - delete: + post: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: texttospeech.operations.delete + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: texttospeech.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -997,25 +1074,15 @@ paths: required: true schema: type: string - /v1/operations/{operationsId}:cancel: + /v1/operations/{operationsId}: parameters: *ref_1 - post: + delete: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: texttospeech.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: texttospeech.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform diff --git a/providers/src/googleapis.com/v00.00.00000/services/tpu.yaml b/providers/src/googleapis.com/v00.00.00000/services/tpu.yaml index a16ebd8b..509745d7 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/tpu.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/tpu.yaml @@ -7,8 +7,8 @@ info: title: Cloud TPU API description: TPU API provides customers with access to Google TPU technology. version: v2 - x-discovery-doc-revision: '20250815' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251130' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/tpu/ servers: @@ -98,6 +98,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -411,6 +420,9 @@ components: description: Output only. Whether the Node belongs to a Multislice group. readOnly: true type: boolean + bootDiskConfig: + description: Optional. Boot disk configuration. + $ref: '#/components/schemas/BootDiskConfig' upcomingMaintenance: description: Output only. Upcoming maintenance on this TPU node. readOnly: true @@ -603,6 +615,28 @@ components: topology: description: Required. Topology of TPU in chips. type: string + BootDiskConfig: + id: BootDiskConfig + description: Sets the boot disk configuration for the TPU node. + type: object + properties: + customerEncryptionKey: + description: Optional. Customer encryption key for boot disk. + $ref: '#/components/schemas/CustomerEncryptionKey' + CustomerEncryptionKey: + id: CustomerEncryptionKey + description: Defines the customer encryption key for disk encryption. + type: object + properties: + kmsKeyName: + description: >- + The name of the encryption key that is stored in Google Cloud KMS. + For example: "kmsKeyName": + "projects/KMS_PROJECT_ID/locations/REGION/keyRings/KEY_REGION/cryptoKeys/KEY + The fully-qualifed key name may be returned for resource GET + requests. For example: "kmsKeyName": + "projects/KMS_PROJECT_ID/locations/REGION/keyRings/KEY_REGION/cryptoKeys/KEY/cryptoKeyVersions/1 + type: string UpcomingMaintenance: id: UpcomingMaintenance description: Upcoming Maintenance notification information. @@ -1684,6 +1718,10 @@ paths: name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean /v2/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: diff --git a/providers/src/googleapis.com/v00.00.00000/services/trafficdirector.yaml b/providers/src/googleapis.com/v00.00.00000/services/trafficdirector.yaml index 9ee9f8e4..5048ae5f 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/trafficdirector.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/trafficdirector.yaml @@ -7,8 +7,8 @@ info: title: Traffic Director API description: '' version: v3 - x-discovery-doc-revision: '20250728' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251201' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/traffic-director servers: @@ -34,103 +34,195 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ClientStatusRequest: - id: ClientStatusRequest - description: >- - Request for client status of clients identified by a list of - NodeMatchers. - type: object + RegexMatcher: + id: RegexMatcher properties: - nodeMatchers: + googleRe2: + $ref: '#/components/schemas/GoogleRE2' + deprecated: true + description: Google's RE2 regex engine. + regex: description: >- - Management server can use these match criteria to identify clients. - The match follows OR semantics. - type: array - items: - $ref: '#/components/schemas/NodeMatcher' - node: - description: The node making the csds request. - $ref: '#/components/schemas/Node' - excludeResourceContents: + The regex match string. The string must be supported by the + configured engine. The regex is matched against the full string, not + as a partial match. + type: string + type: object + description: A regex matcher designed for safety when used with untrusted input. + ListMatcher: + description: Specifies the way to match a list value. + type: object + id: ListMatcher + properties: + oneOf: description: >- - If true, the server will not include the resource contents in the - response (i.e., the generic_xds_configs.xds_config field will not be - populated). [#not-implemented-hide:] - type: boolean - NodeMatcher: - id: NodeMatcher - description: Specifies the way to match a Node. The match follows AND semantics. + If specified, at least one of the values in the list must match the + value specified. + $ref: '#/components/schemas/ValueMatcher' + EndpointsConfigDump: type: object properties: - nodeId: - description: Specifies match criteria on the node id. - $ref: '#/components/schemas/StringMatcher' - nodeMetadatas: - description: Specifies match criteria on the node metadata. + dynamicEndpointConfigs: + description: The dynamically loaded endpoint configs. type: array items: - $ref: '#/components/schemas/StructMatcher' - StringMatcher: - id: StringMatcher - description: 'Specifies the way to match a string. [#next-free-field: 9]' + $ref: '#/components/schemas/DynamicEndpointConfig' + staticEndpointConfigs: + type: array + items: + $ref: '#/components/schemas/StaticEndpointConfig' + description: The statically loaded endpoint configs. + description: >- + Envoy's admin fill this message with all currently known endpoints. + Endpoint configuration information can be used to recreate an Envoy + configuration by populating all endpoints as static endpoints or by + returning them in an EDS response. + id: EndpointsConfigDump + SocketAddress: + description: '[#next-free-field: 8]' + id: SocketAddress type: object properties: - exact: + protocol: + enumDescriptions: + - '' + - '' + type: string + enum: + - TCP + - UDP + address: + type: string description: >- - The input string must match exactly the string specified here. - Examples: * ``abc`` only matches the value ``abc``. + The address for this socket. :ref:`Listeners ` will bind to the + address. An empty address is not allowed. Specify ``0.0.0.0`` or + ``::`` to bind to any address. [#comment:TODO(zuercher) reinstate + when implemented: It is possible to distinguish a Listener address + via the prefix/suffix matching in :ref:`FilterChainMatch `.] When + used within an upstream :ref:`BindConfig `, the address controls the + source address of outbound connections. For :ref:`clusters `, the + cluster type determines whether the address must be an IP + (``STATIC`` or ``EDS`` clusters) or a hostname resolved by DNS + (``STRICT_DNS`` or ``LOGICAL_DNS`` clusters). Address resolution can + be customized via :ref:`resolver_name `. + namedPort: type: string - prefix: description: >- - The input string must have the prefix specified here. .. note:: - Empty prefix match is not allowed, please use ``safe_regex`` - instead. Examples: * ``abc`` matches the value ``abc.xyz`` + This is only valid if :ref:`resolver_name ` is specified below and + the named resolver is capable of named port resolution. + ipv4Compat: + description: >- + When binding to an IPv6 address above, this enables `IPv4 + compatibility `_. Binding to ``::`` will allow both IPv4 and IPv6 + connections, with peer IPv4 addresses mapped into IPv6 space as + ``::FFFF:``. + type: boolean + resolverName: type: string - suffix: description: >- - The input string must have the suffix specified here. .. note:: - Empty suffix match is not allowed, please use ``safe_regex`` - instead. Examples: * ``abc`` matches the value ``xyz.abc`` + The name of the custom resolver. This must have been registered with + Envoy. If this is empty, a context dependent default applies. If the + address is a concrete IP address, no resolution will occur. If + address is a hostname this should be set for resolution other than + DNS. Specifying a custom resolver with ``STRICT_DNS`` or + ``LOGICAL_DNS`` will generate an error at runtime. + networkNamespaceFilepath: + description: >- + Filepath that specifies the Linux network namespace this socket will + be created in (see ``man 7 network_namespaces``). If this field is + set, Envoy will create the socket in the specified network + namespace. .. note:: Setting this parameter requires Envoy to run + with the ``CAP_NET_ADMIN`` capability. .. attention:: Network + namespaces are only configurable on Linux. Otherwise, this field has + no effect. type: string - safeRegex: - description: The input string must match the regular expression specified here. - $ref: '#/components/schemas/RegexMatcher' - contains: + portValue: + format: uint32 + type: integer + DynamicEndpointConfig: + properties: + versionInfo: description: >- - The input string must have the substring specified here. .. note:: - Empty contains match is not allowed, please use ``safe_regex`` - instead. Examples: * ``abc`` matches the value ``xyz.abc.def`` + [#not-implemented-hide:] This is the per-resource version + information. This version is currently taken from the + :ref:`version_info ` field at the time that the endpoint + configuration was loaded. type: string - custom: + lastUpdated: + type: string + format: google-datetime description: >- - Use an extension as the matcher type. [#extension-category: - envoy.string_matcher] - $ref: '#/components/schemas/TypedExtensionConfig' - ignoreCase: + [#not-implemented-hide:] The timestamp when the Endpoint was last + updated. + endpointConfig: + type: object + description: The endpoint config. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + errorState: + $ref: '#/components/schemas/UpdateFailureState' description: >- - If ``true``, indicates the exact/prefix/suffix/contains matching - should be case insensitive. This has no effect for the - ``safe_regex`` match. For example, the matcher ``data`` will match - both input string ``Data`` and ``data`` if this option is set to - ``true``. - type: boolean - RegexMatcher: - id: RegexMatcher - description: A regex matcher designed for safety when used with untrusted input. + Set if the last update failed, cleared after the next successful + update. The ``error_state`` field contains the rejected version of + this particular resource along with the reason and timestamp. For + successfully updated or acknowledged resource, this field should be + empty. [#not-implemented-hide:] + clientStatus: + enum: + - UNKNOWN + - REQUESTED + - DOES_NOT_EXIST + - ACKED + - NACKED + - RECEIVED_ERROR + - TIMEOUT + enumDescriptions: + - Resource status is not available/unknown. + - >- + Client requested this resource but hasn't received any update from + management server. The client will not fail requests, but will + queue them until update arrives or the client times out waiting + for the resource. + - >- + This resource has been requested by the client but has either not + been delivered by the server or was previously delivered by the + server and then subsequently removed from resources provided by + the server. For more information, please refer to the + :ref:`"Knowing When a Requested Resource Does Not Exist" ` + section. + - Client received this resource and replied with ACK. + - Client received this resource and replied with NACK. + - >- + Client received an error from the control plane. The attached + config dump is the most recent accepted one. If no config is + accepted yet, the attached config dump will be empty. + - Client timed out waiting for the resource from the control plane. + type: string + description: The client status of this resource. [#not-implemented-hide:] + description: '[#next-free-field: 6]' type: object + id: DynamicEndpointConfig + InlineScopedRouteConfigs: + id: InlineScopedRouteConfigs properties: - googleRe2: - description: Google's RE2 regex engine. - deprecated: true - $ref: '#/components/schemas/GoogleRE2' - regex: - description: >- - The regex match string. The string must be supported by the - configured engine. The regex is matched against the full string, not - as a partial match. + lastUpdated: + description: The timestamp when the scoped route config set was last updated. + type: string + format: google-datetime + scopedRouteConfigs: + description: The scoped route configurations. + type: array + items: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + name: type: string + description: The name assigned to the scoped route configurations. + type: object GoogleRE2: - id: GoogleRE2 description: >- Google's `RE2 `_ regex engine. The regex string must adhere to the documented `syntax `_. The engine is designed to complete execution in @@ -146,9 +238,11 @@ components: size of regexes: the histogram ``re2.program_size``, which records the program size, and the counter ``re2.exceeded_warn_level``, which is incremented each time the program size exceeds the warn level threshold. - type: object properties: maxProgramSize: + format: uint32 + deprecated: true + type: integer description: >- This field controls the RE2 "program size" which is a rough estimate of how complex a compiled regex is to evaluate. A regex that has a @@ -160,203 +254,263 @@ components: client. .. note:: Although this field is deprecated, the program size will still be checked against the global ``re2.max_program_size.error_level`` runtime value. - deprecated: true - type: integer - format: uint32 - TypedExtensionConfig: - id: TypedExtensionConfig - description: Message type for extension configuration. + id: GoogleRE2 type: object + StaticListener: + type: object + description: Describes a statically loaded listener. + id: StaticListener properties: - name: - description: >- - The name of an extension. This is not used to select the extension, - instead it serves the role of an opaque identifier. + lastUpdated: + description: The timestamp when the Listener was last successfully updated. + format: google-datetime type: string - typedConfig: - description: >- - The typed config for the extension. The type URL will be used to - identify the extension. In the case that the type URL is - *xds.type.v3.TypedStruct* (or, for historical reasons, - *udpa.type.v1.TypedStruct*), the inner type URL of *TypedStruct* - will be utilized. See the :ref:`extension configuration overview ` - for further details. - type: object + listener: additionalProperties: - type: any description: Properties of the object. Contains field @type with type URL. - StructMatcher: - id: StructMatcher + type: any + type: object + description: The listener config. + ClustersConfigDump: description: >- - StructMatcher provides a general interface to check if a given value is - matched in google.protobuf.Struct. It uses ``path`` to retrieve the - value from the struct and then check if it's matched to the specified - value. For example, for the following Struct: .. code-block:: yaml - fields: a: struct_value: fields: b: struct_value: fields: c: - string_value: pro t: list_value: values: - string_value: m - - string_value: n The following MetadataMatcher is matched as the path [a, - b, c] will retrieve a string value "pro" from the Metadata which is - matched to the specified prefix match. .. code-block:: yaml path: - key: - a - key: b - key: c value: string_match: prefix: pr The following - StructMatcher is matched as the code will match one of the string values - in the list at the path [a, t]. .. code-block:: yaml path: - key: a - - key: t value: list_match: one_of: string_match: exact: m An example use - of StructMatcher is to match metadata in envoy.v*.core.Node. - type: object + Envoy's cluster manager fills this message with all currently known + clusters. Cluster configuration information can be used to recreate an + Envoy configuration by populating all clusters as static clusters or by + returning them in a CDS response. properties: - path: - description: The path to retrieve the Value from the Struct. + dynamicWarmingClusters: + description: >- + The dynamically loaded warming clusters. These are clusters that are + currently undergoing warming in preparation to service data plane + traffic. Note that if attempting to recreate an Envoy configuration + from a configuration dump, the warming clusters should generally be + discarded. type: array items: - $ref: '#/components/schemas/PathSegment' - value: + $ref: '#/components/schemas/DynamicCluster' + versionInfo: description: >- - The StructMatcher is matched if the value retrieved by path is - matched to this value. - $ref: '#/components/schemas/ValueMatcher' - PathSegment: - id: PathSegment - description: Specifies the segment in a path to retrieve value from Struct. - type: object - properties: - key: - description: If specified, use the key to retrieve the value in a Struct. + This is the :ref:`version_info ` in the last processed CDS discovery + response. If there are only static bootstrap clusters, this field + will be "". type: string - ValueMatcher: - id: ValueMatcher - description: >- - Specifies the way to match a ProtobufWkt::Value. Primitive values and - ListValue are supported. StructValue is not supported and is always not - matched. [#next-free-field: 8] + staticClusters: + description: The statically loaded cluster configs. + type: array + items: + $ref: '#/components/schemas/StaticCluster' + dynamicActiveClusters: + type: array + items: + $ref: '#/components/schemas/DynamicCluster' + description: >- + The dynamically loaded active clusters. These are clusters that are + available to service data plane traffic. + id: ClustersConfigDump + type: object + DynamicRouteConfig: + description: '[#next-free-field: 6]' + id: DynamicRouteConfig type: object properties: - nullMatch: - description: >- - If specified, a match occurs if and only if the target value is a - NullValue. - $ref: '#/components/schemas/NullMatch' - doubleMatch: - description: >- - If specified, a match occurs if and only if the target value is a - double value and is matched to this field. - $ref: '#/components/schemas/DoubleMatcher' - stringMatch: - description: >- - If specified, a match occurs if and only if the target value is a - string value and is matched to this field. - $ref: '#/components/schemas/StringMatcher' - boolMatch: - description: >- - If specified, a match occurs if and only if the target value is a - bool value and is equal to this field. - type: boolean - presentMatch: - description: >- - If specified, value match will be performed based on whether the - path is referring to a valid primitive value in the metadata. If the - path is referring to a non-primitive value, the result is always not - matched. - type: boolean - listMatch: + clientStatus: + enum: + - UNKNOWN + - REQUESTED + - DOES_NOT_EXIST + - ACKED + - NACKED + - RECEIVED_ERROR + - TIMEOUT + enumDescriptions: + - Resource status is not available/unknown. + - >- + Client requested this resource but hasn't received any update from + management server. The client will not fail requests, but will + queue them until update arrives or the client times out waiting + for the resource. + - >- + This resource has been requested by the client but has either not + been delivered by the server or was previously delivered by the + server and then subsequently removed from resources provided by + the server. For more information, please refer to the + :ref:`"Knowing When a Requested Resource Does Not Exist" ` + section. + - Client received this resource and replied with ACK. + - Client received this resource and replied with NACK. + - >- + Client received an error from the control plane. The attached + config dump is the most recent accepted one. If no config is + accepted yet, the attached config dump will be empty. + - Client timed out waiting for the resource from the control plane. + type: string + description: The client status of this resource. [#not-implemented-hide:] + errorState: + $ref: '#/components/schemas/UpdateFailureState' description: >- - If specified, a match occurs if and only if the target value is a - list value and is matched to this field. - $ref: '#/components/schemas/ListMatcher' - orMatch: + Set if the last update failed, cleared after the next successful + update. The ``error_state`` field contains the rejected version of + this particular resource along with the reason and timestamp. For + successfully updated or acknowledged resource, this field should be + empty. [#not-implemented-hide:] + versionInfo: description: >- - If specified, a match occurs if and only if any of the alternatives - in the match accept the value. - $ref: '#/components/schemas/OrMatcher' - NullMatch: - id: NullMatch - description: NullMatch is an empty message to specify a null value. - type: object - properties: {} - DoubleMatcher: - id: DoubleMatcher - description: Specifies the way to match a double value. + This is the per-resource version information. This version is + currently taken from the :ref:`version_info ` field at the time that + the route configuration was loaded. + type: string + routeConfig: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + description: The route config. + lastUpdated: + format: google-datetime + type: string + description: The timestamp when the Route was last updated. + DynamicCluster: + id: DynamicCluster type: object properties: - range: + lastUpdated: + description: The timestamp when the Cluster was last updated. + type: string + format: google-datetime + errorState: description: >- - If specified, the input double value must be in the range specified - here. Note: The range is using half-open interval semantics [start, - end). - $ref: '#/components/schemas/DoubleRange' - exact: + Set if the last update failed, cleared after the next successful + update. The ``error_state`` field contains the rejected version of + this particular resource along with the reason and timestamp. For + successfully updated or acknowledged resource, this field should be + empty. [#not-implemented-hide:] + $ref: '#/components/schemas/UpdateFailureState' + clientStatus: + description: The client status of this resource. [#not-implemented-hide:] + enum: + - UNKNOWN + - REQUESTED + - DOES_NOT_EXIST + - ACKED + - NACKED + - RECEIVED_ERROR + - TIMEOUT + type: string + enumDescriptions: + - Resource status is not available/unknown. + - >- + Client requested this resource but hasn't received any update from + management server. The client will not fail requests, but will + queue them until update arrives or the client times out waiting + for the resource. + - >- + This resource has been requested by the client but has either not + been delivered by the server or was previously delivered by the + server and then subsequently removed from resources provided by + the server. For more information, please refer to the + :ref:`"Knowing When a Requested Resource Does Not Exist" ` + section. + - Client received this resource and replied with ACK. + - Client received this resource and replied with NACK. + - >- + Client received an error from the control plane. The attached + config dump is the most recent accepted one. If no config is + accepted yet, the attached config dump will be empty. + - Client timed out waiting for the resource from the control plane. + cluster: + type: object + description: The cluster config. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + versionInfo: description: >- - If specified, the input double value must be equal to the value - specified here. - type: number - format: double - DoubleRange: - id: DoubleRange + This is the per-resource version information. This version is + currently taken from the :ref:`version_info ` field at the time that + the cluster was loaded. In the future, discrete per-cluster versions + may be supported by the API. + type: string description: >- - Specifies the double start and end of the range using half-open interval - semantics [start, end). - type: object - properties: - start: - description: start of the range (inclusive) - type: number - format: double - end: - description: end of the range (exclusive) - type: number - format: double - ListMatcher: - id: ListMatcher - description: Specifies the way to match a list value. - type: object + Describes a dynamically loaded cluster via the CDS API. + [#next-free-field: 6] + PerXdsConfig: + description: 'Detailed config (per xDS) with status. [#next-free-field: 8]' + id: PerXdsConfig properties: - oneOf: + status: description: >- - If specified, at least one of the values in the list must match the - value specified. - $ref: '#/components/schemas/ValueMatcher' - OrMatcher: - id: OrMatcher - description: Specifies a list of alternatives for the match. + Config status generated by management servers. Will not be present + if the CSDS server is an xDS client. + enum: + - UNKNOWN + - SYNCED + - NOT_SENT + - STALE + - ERROR + enumDescriptions: + - Status info is not available/unknown. + - Management server has sent the config to client and received ACK. + - Config is not sent. + - >- + Management server has sent the config to client but hasn’t + received ACK/NACK. + - >- + Management server has sent the config to client but received NACK. + The attached config dump will be the latest config (the rejected + one), since it is the persisted version in the management server. + type: string + clusterConfig: + $ref: '#/components/schemas/ClustersConfigDump' + listenerConfig: + $ref: '#/components/schemas/ListenersConfigDump' + endpointConfig: + $ref: '#/components/schemas/EndpointsConfigDump' + scopedRouteConfig: + $ref: '#/components/schemas/ScopedRoutesConfigDump' + routeConfig: + $ref: '#/components/schemas/RoutesConfigDump' + clientStatus: + enumDescriptions: + - Config status is not available/unknown. + - >- + Client requested the config but hasn't received any config from + management server yet. + - Client received the config and replied with ACK. + - >- + Client received the config and replied with NACK. Notably, the + attached config dump is not the NACKed version, but the most + recent accepted one. If no config is accepted yet, the attached + config dump will be empty. + - >- + Client received an error from the control plane. The attached + config dump is the most recent accepted one. If no config is + accepted yet, the attached config dump will be empty. + enum: + - CLIENT_UNKNOWN + - CLIENT_REQUESTED + - CLIENT_ACKED + - CLIENT_NACKED + - CLIENT_RECEIVED_ERROR + type: string + deprecated: true + description: >- + Client config status is populated by xDS clients. Will not be + present if the CSDS server is an xDS server. No matter what the + client config status is, xDS clients should always dump the most + recent accepted xDS config. .. attention:: This field is deprecated. + Use :ref:`ClientResourceStatus ` for per-resource config status + instead. type: object - properties: - valueMatchers: - type: array - items: - $ref: '#/components/schemas/ValueMatcher' Node: - id: Node - description: >- - Identifies a specific Envoy instance. The node identifier is presented - to the management server, which may use this identifier to distinguish - per Envoy configuration for serving. [#next-free-field: 13] - type: object properties: - id: - description: >- - An opaque node identifier for the Envoy node. This also provides the - local service node name. It should be set if any of the following - features are used: :ref:`statsd `, :ref:`CDS `, and :ref:`HTTP - tracing `, either in this message or via :option:`--service-node`. - type: string - cluster: + userAgentName: description: >- - Defines the local service cluster name where Envoy is running. - Though optional, it should be set if any of the following features - are used: :ref:`statsd `, :ref:`health check cluster verification `, - :ref:`runtime override directory `, :ref:`user agent addition `, - :ref:`HTTP global rate limiting `, :ref:`CDS `, and :ref:`HTTP - tracing `, either in this message or via - :option:`--service-cluster`. + Free-form string that identifies the entity requesting config. E.g. + "envoy" or "grpc" type: string - metadata: - description: >- - Opaque metadata extending the node identifier. Envoy will pass this - directly to the management server. - type: object - additionalProperties: - type: any - description: Properties of the object. dynamicParameters: + additionalProperties: + $ref: '#/components/schemas/ContextParams' description: >- Map from xDS resource type URL to dynamic context parameters. These may vary at runtime (unlike other fields in this message). For @@ -365,31 +519,15 @@ components: achieved by updating the dynamic context on the Server::Instance's LocalInfo context provider. The shard ID dynamic parameter then appears in this field during future discovery requests. - type: object - additionalProperties: - $ref: '#/components/schemas/ContextParams' - locality: - description: Locality specifying where the Envoy instance is running. - $ref: '#/components/schemas/Locality' - userAgentName: - description: >- - Free-form string that identifies the entity requesting config. E.g. - "envoy" or "grpc" - type: string - userAgentVersion: + type: object + metadata: + type: object + additionalProperties: + description: Properties of the object. + type: any description: >- - Free-form string that identifies the version of the entity - requesting config. E.g. "1.12.2" or "abcd1234", or - "SpecialEnvoyBuild" - type: string - userAgentBuildVersion: - description: Structured version of the entity requesting config. - $ref: '#/components/schemas/BuildVersion' - extensions: - description: List of extensions and their versions supported by the node. - type: array - items: - $ref: '#/components/schemas/Extension' + Opaque metadata extending the node identifier. Envoy will pass this + directly to the management server. clientFeatures: description: >- Client feature support list. These are well known features described @@ -397,269 +535,176 @@ components: Client features use reverse DNS naming scheme, for example ``com.acme.feature``. See :ref:`the list of features ` that xDS client may support. - type: array items: type: string + type: array listeningAddresses: + deprecated: true + type: array description: >- Known listening ports on the node as a generic hint to the management server for filtering :ref:`listeners ` to be returned. For example, if there is a listener bound to port 80, the list can optionally contain the SocketAddress ``(0.0.0.0,80)``. The field is optional and just a hint. - deprecated: true - type: array items: $ref: '#/components/schemas/Address' - ContextParams: - id: ContextParams - description: >- - Additional parameters that can be used to select resource variants. - These include any global context parameters, per-resource type client - feature capabilities and per-resource type functional attributes. All - per-resource type attributes will be `xds.resource.` prefixed and some - of these are documented below: `xds.resource.listening_address`: The - value is "IP:port" (e.g. "10.1.1.3:8080") which is the listening address - of a Listener. Used in a Listener resource query. - type: object - properties: - params: - type: object - additionalProperties: - type: string - Locality: - id: Locality - description: >- - Identifies location of where either Envoy runs or where upstream hosts - run. - type: object - properties: - region: - description: Region this :ref:`zone ` belongs to. - type: string - zone: - description: >- - Defines the local service zone where Envoy is running. Though - optional, it should be set if discovery service routing is used and - the discovery service exposes :ref:`zone data `, either in this - message or via :option:`--service-zone`. The meaning of zone is - context dependent, e.g. `Availability Zone (AZ) `_ on AWS, `Zone `_ - on GCP, etc. - type: string - subZone: + id: description: >- - When used for locality of upstream hosts, this field further splits - zone into smaller chunks of sub-zones so they can be load balanced - independently. + An opaque node identifier for the Envoy node. This also provides the + local service node name. It should be set if any of the following + features are used: :ref:`statsd `, :ref:`CDS `, and :ref:`HTTP + tracing `, either in this message or via :option:`--service-node`. type: string - BuildVersion: - id: BuildVersion - description: >- - BuildVersion combines SemVer version of extension with free-form build - information (i.e. 'alpha', 'private-build') as a set of strings. - type: object - properties: - version: - description: SemVer version of extension. - $ref: '#/components/schemas/SemanticVersion' - metadata: - description: >- - Free-form build information. Envoy defines several well known keys - in the source/common/version/version.h file - type: object - additionalProperties: - type: any - description: Properties of the object. - SemanticVersion: - id: SemanticVersion - description: >- - Envoy uses SemVer (https://semver.org/). Major/minor versions indicate - expected behaviors and APIs, the patch version field is used only for - security fixes and can be generally ignored. - type: object - properties: - majorNumber: - type: integer - format: uint32 - minorNumber: - type: integer - format: uint32 - patch: - type: integer - format: uint32 - Extension: - id: Extension - description: 'Version and identification for an Envoy extension. [#next-free-field: 7]' - type: object - properties: - name: - description: >- - This is the name of the Envoy filter as specified in the Envoy - configuration, e.g. envoy.filters.http.router, com.acme.widget. + userAgentBuildVersion: + description: Structured version of the entity requesting config. + $ref: '#/components/schemas/BuildVersion' + cluster: type: string - category: description: >- - Category of the extension. Extension category names use reverse DNS - notation. For instance "envoy.filters.listener" for Envoy's built-in - listener filters or "com.acme.filters.http" for HTTP filters from - acme.com vendor. [#comment: - type: string - typeDescriptor: + Defines the local service cluster name where Envoy is running. + Though optional, it should be set if any of the following features + are used: :ref:`statsd `, :ref:`health check cluster verification `, + :ref:`runtime override directory `, :ref:`user agent addition `, + :ref:`HTTP global rate limiting `, :ref:`CDS `, and :ref:`HTTP + tracing `, either in this message or via + :option:`--service-cluster`. + extensions: + description: List of extensions and their versions supported by the node. + items: + $ref: '#/components/schemas/Extension' + type: array + locality: + $ref: '#/components/schemas/Locality' + description: Locality specifying where the Envoy instance is running. + userAgentVersion: description: >- - [#not-implemented-hide:] Type descriptor of extension configuration - proto. [#comment: - deprecated: true + Free-form string that identifies the version of the entity + requesting config. E.g. "1.12.2" or "abcd1234", or + "SpecialEnvoyBuild" type: string - version: - description: >- - The version is a property of the extension and maintained - independently of other extensions and the Envoy API. This field is - not set when extension did not provide version information. - $ref: '#/components/schemas/BuildVersion' - disabled: - description: >- - Indicates that the extension is present but was disabled via dynamic - configuration. - type: boolean - typeUrls: - description: Type URLs of extension configuration protos. - type: array - items: - type: string - Address: - id: Address - description: >- - Addresses specify either a logical or physical address and port, which - are used to tell Envoy where to bind/listen, connect to upstream and - find management servers. type: object + id: Node + description: >- + Identifies a specific Envoy instance. The node identifier is presented + to the management server, which may use this identifier to distinguish + per Envoy configuration for serving. [#next-free-field: 13] + DynamicScopedRouteConfigs: + description: '[#next-free-field: 7]' + id: DynamicScopedRouteConfigs properties: - socketAddress: - $ref: '#/components/schemas/SocketAddress' - pipe: - $ref: '#/components/schemas/Pipe' - envoyInternalAddress: + errorState: + $ref: '#/components/schemas/UpdateFailureState' description: >- - Specifies a user-space address handled by :ref:`internal listeners - `. - $ref: '#/components/schemas/EnvoyInternalAddress' - SocketAddress: - id: SocketAddress - description: '[#next-free-field: 8]' - type: object - properties: - protocol: + Set if the last update failed, cleared after the next successful + update. The ``error_state`` field contains the rejected version of + this particular resource along with the reason and timestamp. For + successfully updated or acknowledged resource, this field should be + empty. [#not-implemented-hide:] + lastUpdated: + format: google-datetime + description: The timestamp when the scoped route config set was last updated. type: string + scopedRouteConfigs: + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: The scoped route configurations. + type: array + clientStatus: enumDescriptions: - - '' - - '' - enum: - - TCP - - UDP - address: - description: >- - The address for this socket. :ref:`Listeners ` will bind to the - address. An empty address is not allowed. Specify ``0.0.0.0`` or - ``::`` to bind to any address. [#comment:TODO(zuercher) reinstate - when implemented: It is possible to distinguish a Listener address - via the prefix/suffix matching in :ref:`FilterChainMatch `.] When - used within an upstream :ref:`BindConfig `, the address controls the - source address of outbound connections. For :ref:`clusters `, the - cluster type determines whether the address must be an IP - (``STATIC`` or ``EDS`` clusters) or a hostname resolved by DNS - (``STRICT_DNS`` or ``LOGICAL_DNS`` clusters). Address resolution can - be customized via :ref:`resolver_name `. + - Resource status is not available/unknown. + - >- + Client requested this resource but hasn't received any update from + management server. The client will not fail requests, but will + queue them until update arrives or the client times out waiting + for the resource. + - >- + This resource has been requested by the client but has either not + been delivered by the server or was previously delivered by the + server and then subsequently removed from resources provided by + the server. For more information, please refer to the + :ref:`"Knowing When a Requested Resource Does Not Exist" ` + section. + - Client received this resource and replied with ACK. + - Client received this resource and replied with NACK. + - >- + Client received an error from the control plane. The attached + config dump is the most recent accepted one. If no config is + accepted yet, the attached config dump will be empty. + - Client timed out waiting for the resource from the control plane. type: string - portValue: - type: integer - format: uint32 - namedPort: - description: >- - This is only valid if :ref:`resolver_name ` is specified below and - the named resolver is capable of named port resolution. + enum: + - UNKNOWN + - REQUESTED + - DOES_NOT_EXIST + - ACKED + - NACKED + - RECEIVED_ERROR + - TIMEOUT + description: The client status of this resource. [#not-implemented-hide:] + name: + description: The name assigned to the scoped route configurations. type: string - resolverName: - description: >- - The name of the custom resolver. This must have been registered with - Envoy. If this is empty, a context dependent default applies. If the - address is a concrete IP address, no resolution will occur. If - address is a hostname this should be set for resolution other than - DNS. Specifying a custom resolver with ``STRICT_DNS`` or - ``LOGICAL_DNS`` will generate an error at runtime. + versionInfo: type: string - ipv4Compat: - description: >- - When binding to an IPv6 address above, this enables `IPv4 - compatibility `_. Binding to ``::`` will allow both IPv4 and IPv6 - connections, with peer IPv4 addresses mapped into IPv6 space as - ``::FFFF:``. - type: boolean - networkNamespaceFilepath: description: >- - Filepath that specifies the Linux network namespace this socket will - be created in (see ``man 7 network_namespaces``). If this field is - set, Envoy will create the socket in the specified network - namespace. .. note:: Setting this parameter requires Envoy to run - with the ``CAP_NET_ADMIN`` capability. .. note:: Currently only used - for Listener sockets. .. attention:: Network namespaces are only - configurable on Linux. Otherwise, this field has no effect. - type: string - Pipe: - id: Pipe + This is the per-resource version information. This version is + currently taken from the :ref:`version_info ` field at the time that + the scoped routes configuration was loaded. type: object - properties: - path: - description: >- - Unix Domain Socket path. On Linux, paths starting with '@' will use - the abstract namespace. The starting '@' is replaced by a null byte - by Envoy. Paths starting with '@' will result in an error in - environments other than Linux. - type: string - mode: - description: The mode for the Pipe. Not applicable for abstract sockets. - type: integer - format: uint32 - EnvoyInternalAddress: - id: EnvoyInternalAddress - description: 'The address represents an envoy internal listener. [#comment: ' + NullMatch: + type: object + properties: {} + id: NullMatch + description: NullMatch is an empty message to specify a null value. + StaticCluster: type: object properties: - serverListenerName: - description: Specifies the :ref:`name ` of the internal listener. - type: string - endpointId: - description: >- - Specifies an endpoint identifier to distinguish between multiple - endpoints for the same internal listener in a single upstream pool. - Only used in the upstream addresses for tracking changes to - individual endpoints. This, for example, may be set to the final - destination IP for the target internal listener. + cluster: + type: object + description: The cluster config. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + lastUpdated: + format: google-datetime + description: The timestamp when the Cluster was last updated. type: string - ClientStatusResponse: - id: ClientStatusResponse - type: object + description: Describes a statically loaded cluster. + id: StaticCluster + DoubleRange: properties: - config: - description: Client configs for the clients specified in the ClientStatusRequest. - type: array - items: - $ref: '#/components/schemas/ClientConfig' + start: + type: number + description: start of the range (inclusive) + format: double + end: + type: number + format: double + description: end of the range (exclusive) + type: object + description: >- + Specifies the double start and end of the range using half-open interval + semantics [start, end). + id: DoubleRange ClientConfig: - id: ClientConfig description: All xds configs for a particular client. type: object properties: node: - description: Node for a particular client. $ref: '#/components/schemas/Node' + description: Node for a particular client. xdsConfig: - description: >- - This field is deprecated in favor of generic_xds_configs which is - much simpler and uniform in structure. deprecated: true - type: array items: $ref: '#/components/schemas/PerXdsConfig' + type: array + description: >- + This field is deprecated in favor of generic_xds_configs which is + much simpler and uniform in structure. genericXdsConfigs: description: >- Represents generic xDS config and the exact config structure depends @@ -673,157 +718,36 @@ components: gRPC indicates the data plane target or that the data is associated with gRPC server(s). type: string - PerXdsConfig: - id: PerXdsConfig - description: 'Detailed config (per xDS) with status. [#next-free-field: 8]' - type: object - properties: - status: - description: >- - Config status generated by management servers. Will not be present - if the CSDS server is an xDS client. - type: string - enumDescriptions: - - Status info is not available/unknown. - - Management server has sent the config to client and received ACK. - - Config is not sent. - - >- - Management server has sent the config to client but hasn’t - received ACK/NACK. - - >- - Management server has sent the config to client but received NACK. - The attached config dump will be the latest config (the rejected - one), since it is the persisted version in the management server. - enum: - - UNKNOWN - - SYNCED - - NOT_SENT - - STALE - - ERROR - clientStatus: - description: >- - Client config status is populated by xDS clients. Will not be - present if the CSDS server is an xDS server. No matter what the - client config status is, xDS clients should always dump the most - recent accepted xDS config. .. attention:: This field is deprecated. - Use :ref:`ClientResourceStatus ` for per-resource config status - instead. - deprecated: true - type: string - enumDescriptions: - - Config status is not available/unknown. - - >- - Client requested the config but hasn't received any config from - management server yet. - - Client received the config and replied with ACK. - - >- - Client received the config and replied with NACK. Notably, the - attached config dump is not the NACKed version, but the most - recent accepted one. If no config is accepted yet, the attached - config dump will be empty. - - >- - Client received an error from the control plane. The attached - config dump is the most recent accepted one. If no config is - accepted yet, the attached config dump will be empty. - enum: - - CLIENT_UNKNOWN - - CLIENT_REQUESTED - - CLIENT_ACKED - - CLIENT_NACKED - - CLIENT_RECEIVED_ERROR - listenerConfig: - $ref: '#/components/schemas/ListenersConfigDump' - clusterConfig: - $ref: '#/components/schemas/ClustersConfigDump' - routeConfig: - $ref: '#/components/schemas/RoutesConfigDump' - scopedRouteConfig: - $ref: '#/components/schemas/ScopedRoutesConfigDump' - endpointConfig: - $ref: '#/components/schemas/EndpointsConfigDump' - ListenersConfigDump: - id: ListenersConfigDump - description: >- - Envoy's listener manager fills this message with all currently known - listeners. Listener configuration information can be used to recreate an - Envoy configuration by populating all listeners as static listeners or - by returning them in a LDS response. + id: ClientConfig + ClientStatusResponse: type: object + id: ClientStatusResponse properties: - versionInfo: - description: >- - This is the :ref:`version_info ` in the last processed LDS discovery - response. If there are only static bootstrap listeners, this field - will be "". - type: string - staticListeners: - description: The statically loaded listener configs. - type: array - items: - $ref: '#/components/schemas/StaticListener' - dynamicListeners: - description: State for any warming, active, or draining listeners. + config: + description: Client configs for the clients specified in the ClientStatusRequest. type: array items: - $ref: '#/components/schemas/DynamicListener' - StaticListener: - id: StaticListener - description: Describes a statically loaded listener. - type: object - properties: - listener: - description: The listener config. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - lastUpdated: - description: The timestamp when the Listener was last successfully updated. - type: string - format: google-datetime - DynamicListener: - id: DynamicListener - description: >- - Describes a dynamically loaded listener via the LDS API. - [#next-free-field: 7] - type: object + $ref: '#/components/schemas/ClientConfig' + GenericXdsConfig: properties: name: - description: >- - The name or unique id of this listener, pulled from the - DynamicListenerState config. type: string - activeState: - description: >- - The listener state for any active listener by this name. These are - listeners that are available to service data plane traffic. - $ref: '#/components/schemas/DynamicListenerState' - warmingState: - description: >- - The listener state for any warming listener by this name. These are - listeners that are currently undergoing warming in preparation to - service data plane traffic. Note that if attempting to recreate an - Envoy configuration from a configuration dump, the warming listeners - should generally be discarded. - $ref: '#/components/schemas/DynamicListenerState' - drainingState: + description: Name of the xDS resource + isStaticResource: + type: boolean description: >- - The listener state for any draining listener by this name. These are - listeners that are currently undergoing draining in preparation to - stop servicing data plane traffic. Note that if attempting to - recreate an Envoy configuration from a configuration dump, the - draining listeners should generally be discarded. - $ref: '#/components/schemas/DynamicListenerState' + Is static resource is true if it is specified in the config supplied + through the file at the startup. errorState: + $ref: '#/components/schemas/UpdateFailureState' description: >- Set if the last update failed, cleared after the next successful - update. The ``error_state`` field contains the rejected version of + update. The *error_state* field contains the rejected version of this particular resource along with the reason and timestamp. For successfully updated or acknowledged resource, this field should be - empty. - $ref: '#/components/schemas/UpdateFailureState' + empty. [#not-implemented-hide:] clientStatus: - description: The client status of this resource. [#not-implemented-hide:] + description: Per xDS resource status from the view of a xDS client type: string enumDescriptions: - Resource status is not available/unknown. @@ -854,267 +778,368 @@ components: - NACKED - RECEIVED_ERROR - TIMEOUT - DynamicListenerState: - id: DynamicListenerState - type: object - properties: - versionInfo: + typeUrl: description: >- - This is the per-resource version information. This version is - currently taken from the :ref:`version_info ` field at the time that - the listener was loaded. In the future, discrete per-listener - versions may be supported by the API. + Type_url represents the fully qualified name of xDS resource type + like envoy.v3.Cluster, envoy.v3.ClusterLoadAssignment etc. type: string - listener: - description: The listener config. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. lastUpdated: - description: The timestamp when the Listener was last successfully updated. - type: string format: google-datetime - UpdateFailureState: - id: UpdateFailureState - type: object - properties: - failedConfiguration: + description: Timestamp when the xDS resource was last updated + type: string + configStatus: + enumDescriptions: + - Status info is not available/unknown. + - Management server has sent the config to client and received ACK. + - Config is not sent. + - >- + Management server has sent the config to client but hasn’t + received ACK/NACK. + - >- + Management server has sent the config to client but received NACK. + The attached config dump will be the latest config (the rejected + one), since it is the persisted version in the management server. + type: string + enum: + - UNKNOWN + - SYNCED + - NOT_SENT + - STALE + - ERROR description: >- - What the component configuration would have been if the update had - succeeded. This field may not be populated by xDS clients due to - storage overhead. + Per xDS resource config status. It is generated by management + servers. It will not be present if the CSDS server is an xDS client. + xdsConfig: + description: The xDS resource config. Actual content depends on the type type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - lastUpdateAttempt: - description: Time of the latest failed update attempt. - type: string - format: google-datetime - details: - description: Details about the last failed update attempt. - type: string versionInfo: description: >- - This is the version of the rejected resource. - [#not-implemented-hide:] + This is the :ref:`version_info ` in the last processed xDS discovery + response. If there are only static bootstrap listeners, this field + will be "" type: string - ClustersConfigDump: - id: ClustersConfigDump + id: GenericXdsConfig + type: object description: >- - Envoy's cluster manager fills this message with all currently known - clusters. Cluster configuration information can be used to recreate an - Envoy configuration by populating all clusters as static clusters or by - returning them in a CDS response. + GenericXdsConfig is used to specify the config status and the dump of + any xDS resource identified by their type URL. It is the generalized + version of the now deprecated ListenersConfigDump, ClustersConfigDump + etc [#next-free-field: 10] + ValueMatcher: + properties: + orMatch: + description: >- + If specified, a match occurs if and only if any of the alternatives + in the match accept the value. + $ref: '#/components/schemas/OrMatcher' + doubleMatch: + description: >- + If specified, a match occurs if and only if the target value is a + double value and is matched to this field. + $ref: '#/components/schemas/DoubleMatcher' + nullMatch: + description: >- + If specified, a match occurs if and only if the target value is a + NullValue. + $ref: '#/components/schemas/NullMatch' + stringMatch: + $ref: '#/components/schemas/StringMatcher' + description: >- + If specified, a match occurs if and only if the target value is a + string value and is matched to this field. + boolMatch: + description: >- + If specified, a match occurs if and only if the target value is a + bool value and is equal to this field. + type: boolean + presentMatch: + description: >- + If specified, value match will be performed based on whether the + path is referring to a valid primitive value in the metadata. If the + path is referring to a non-primitive value, the result is always not + matched. + type: boolean + listMatch: + description: >- + If specified, a match occurs if and only if the target value is a + list value and is matched to this field. + $ref: '#/components/schemas/ListMatcher' + id: ValueMatcher + description: >- + Specifies the way to match a Protobuf::Value. Primitive values and + ListValue are supported. StructValue is not supported and is always not + matched. [#next-free-field: 8] + type: object + RoutesConfigDump: + type: object + description: >- + Envoy's RDS implementation fills this message with all currently loaded + routes, as described by their RouteConfiguration objects. Static routes + that are either defined in the bootstrap configuration or defined inline + while configuring listeners are separated from those configured + dynamically via RDS. Route configuration information can be used to + recreate an Envoy configuration by populating all routes as static + routes or by returning them in RDS responses. + id: RoutesConfigDump + properties: + dynamicRouteConfigs: + type: array + description: The dynamically loaded route configs. + items: + $ref: '#/components/schemas/DynamicRouteConfig' + staticRouteConfigs: + items: + $ref: '#/components/schemas/StaticRouteConfig' + description: The statically loaded route configs. + type: array + ListenersConfigDump: + id: ListenersConfigDump type: object + description: >- + Envoy's listener manager fills this message with all currently known + listeners. Listener configuration information can be used to recreate an + Envoy configuration by populating all listeners as static listeners or + by returning them in a LDS response. properties: + staticListeners: + items: + $ref: '#/components/schemas/StaticListener' + description: The statically loaded listener configs. + type: array versionInfo: description: >- - This is the :ref:`version_info ` in the last processed CDS discovery - response. If there are only static bootstrap clusters, this field + This is the :ref:`version_info ` in the last processed LDS discovery + response. If there are only static bootstrap listeners, this field will be "". type: string - staticClusters: - description: The statically loaded cluster configs. - type: array + dynamicListeners: items: - $ref: '#/components/schemas/StaticCluster' - dynamicActiveClusters: - description: >- - The dynamically loaded active clusters. These are clusters that are - available to service data plane traffic. + $ref: '#/components/schemas/DynamicListener' type: array - items: - $ref: '#/components/schemas/DynamicCluster' - dynamicWarmingClusters: - description: >- - The dynamically loaded warming clusters. These are clusters that are - currently undergoing warming in preparation to service data plane - traffic. Note that if attempting to recreate an Envoy configuration - from a configuration dump, the warming clusters should generally be - discarded. + description: State for any warming, active, or draining listeners. + OrMatcher: + id: OrMatcher + type: object + description: Specifies a list of alternatives for the match. + properties: + valueMatchers: type: array items: - $ref: '#/components/schemas/DynamicCluster' - StaticCluster: - id: StaticCluster - description: Describes a statically loaded cluster. + $ref: '#/components/schemas/ValueMatcher' + StringMatcher: + type: object + properties: + safeRegex: + $ref: '#/components/schemas/RegexMatcher' + description: The input string must match the regular expression specified here. + custom: + $ref: '#/components/schemas/TypedExtensionConfig' + description: >- + Use an extension as the matcher type. [#extension-category: + envoy.string_matcher] + prefix: + type: string + description: >- + The input string must have the prefix specified here. .. note:: + Empty prefix match is not allowed, please use ``safe_regex`` + instead. Examples: * ``abc`` matches the value ``abc.xyz`` + ignoreCase: + description: >- + If ``true``, indicates the exact/prefix/suffix/contains matching + should be case insensitive. This has no effect for the + ``safe_regex`` match. For example, the matcher ``data`` will match + both input string ``Data`` and ``data`` if this option is set to + ``true``. + type: boolean + exact: + type: string + description: >- + The input string must match exactly the string specified here. + Examples: * ``abc`` only matches the value ``abc``. + suffix: + description: >- + The input string must have the suffix specified here. .. note:: + Empty suffix match is not allowed, please use ``safe_regex`` + instead. Examples: * ``abc`` matches the value ``xyz.abc`` + type: string + contains: + description: >- + The input string must have the substring specified here. .. note:: + Empty contains match is not allowed, please use ``safe_regex`` + instead. Examples: * ``abc`` matches the value ``xyz.abc.def`` + type: string + description: 'Specifies the way to match a string. [#next-free-field: 9]' + id: StringMatcher + EnvoyInternalAddress: + description: 'The address represents an envoy internal listener. [#comment: ' + id: EnvoyInternalAddress + properties: + endpointId: + type: string + description: >- + Specifies an endpoint identifier to distinguish between multiple + endpoints for the same internal listener in a single upstream pool. + Only used in the upstream addresses for tracking changes to + individual endpoints. This, for example, may be set to the final + destination IP for the target internal listener. + serverListenerName: + description: Specifies the :ref:`name ` of the internal listener. + type: string + type: object + StaticEndpointConfig: type: object properties: - cluster: - description: The cluster config. + endpointConfig: type: object + description: The endpoint config. additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. lastUpdated: - description: The timestamp when the Cluster was last updated. type: string format: google-datetime - DynamicCluster: - id: DynamicCluster - description: >- - Describes a dynamically loaded cluster via the CDS API. - [#next-free-field: 6] + description: >- + [#not-implemented-hide:] The timestamp when the Endpoint was last + updated. + id: StaticEndpointConfig + BuildVersion: + id: BuildVersion type: object + description: >- + BuildVersion combines SemVer version of extension with free-form build + information (i.e. 'alpha', 'private-build') as a set of strings. properties: - versionInfo: + metadata: description: >- - This is the per-resource version information. This version is - currently taken from the :ref:`version_info ` field at the time that - the cluster was loaded. In the future, discrete per-cluster versions - may be supported by the API. - type: string - cluster: - description: The cluster config. + Free-form build information. Envoy defines several well known keys + in the source/common/version/version.h file type: object additionalProperties: + description: Properties of the object. type: any - description: Properties of the object. Contains field @type with type URL. + version: + description: SemVer version of extension. + $ref: '#/components/schemas/SemanticVersion' + StaticRouteConfig: + type: object + properties: lastUpdated: - description: The timestamp when the Cluster was last updated. - type: string format: google-datetime - errorState: - description: >- - Set if the last update failed, cleared after the next successful - update. The ``error_state`` field contains the rejected version of - this particular resource along with the reason and timestamp. For - successfully updated or acknowledged resource, this field should be - empty. [#not-implemented-hide:] - $ref: '#/components/schemas/UpdateFailureState' - clientStatus: - description: The client status of this resource. [#not-implemented-hide:] + description: The timestamp when the Route was last updated. type: string - enumDescriptions: - - Resource status is not available/unknown. - - >- - Client requested this resource but hasn't received any update from - management server. The client will not fail requests, but will - queue them until update arrives or the client times out waiting - for the resource. - - >- - This resource has been requested by the client but has either not - been delivered by the server or was previously delivered by the - server and then subsequently removed from resources provided by - the server. For more information, please refer to the - :ref:`"Knowing When a Requested Resource Does Not Exist" ` - section. - - Client received this resource and replied with ACK. - - Client received this resource and replied with NACK. - - >- - Client received an error from the control plane. The attached - config dump is the most recent accepted one. If no config is - accepted yet, the attached config dump will be empty. - - Client timed out waiting for the resource from the control plane. - enum: - - UNKNOWN - - REQUESTED - - DOES_NOT_EXIST - - ACKED - - NACKED - - RECEIVED_ERROR - - TIMEOUT - RoutesConfigDump: - id: RoutesConfigDump - description: >- - Envoy's RDS implementation fills this message with all currently loaded - routes, as described by their RouteConfiguration objects. Static routes - that are either defined in the bootstrap configuration or defined inline - while configuring listeners are separated from those configured - dynamically via RDS. Route configuration information can be used to - recreate an Envoy configuration by populating all routes as static - routes or by returning them in RDS responses. + routeConfig: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: The route config. + id: StaticRouteConfig + ClientStatusRequest: type: object + id: ClientStatusRequest + description: >- + Request for client status of clients identified by a list of + NodeMatchers. properties: - staticRouteConfigs: - description: The statically loaded route configs. - type: array + nodeMatchers: items: - $ref: '#/components/schemas/StaticRouteConfig' - dynamicRouteConfigs: - description: The dynamically loaded route configs. + $ref: '#/components/schemas/NodeMatcher' + description: >- + Management server can use these match criteria to identify clients. + The match follows OR semantics. type: array - items: - $ref: '#/components/schemas/DynamicRouteConfig' - StaticRouteConfig: - id: StaticRouteConfig + excludeResourceContents: + description: >- + If true, the server will not include the resource contents in the + response (i.e., the generic_xds_configs.xds_config field will not be + populated). [#not-implemented-hide:] + type: boolean + node: + description: The node making the csds request. + $ref: '#/components/schemas/Node' + Pipe: + properties: + path: + type: string + description: >- + Unix Domain Socket path. On Linux, paths starting with '@' will use + the abstract namespace. The starting '@' is replaced by a null byte + by Envoy. Paths starting with '@' will result in an error in + environments other than Linux. + mode: + type: integer + format: uint32 + description: The mode for the Pipe. Not applicable for abstract sockets. + id: Pipe type: object + TypedExtensionConfig: properties: - routeConfig: - description: The route config. + name: + type: string + description: >- + The name of an extension. This is not used to select the extension, + instead it serves the role of an opaque identifier. + typedConfig: type: object + description: >- + The typed config for the extension. The type URL will be used to + identify the extension. In the case that the type URL is + *xds.type.v3.TypedStruct* (or, for historical reasons, + *udpa.type.v1.TypedStruct*), the inner type URL of *TypedStruct* + will be utilized. See the :ref:`extension configuration overview ` + for further details. additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - lastUpdated: - description: The timestamp when the Route was last updated. - type: string - format: google-datetime - DynamicRouteConfig: - id: DynamicRouteConfig - description: '[#next-free-field: 6]' + id: TypedExtensionConfig + description: Message type for extension configuration. type: object + Address: + id: Address + description: >- + Addresses specify either a logical or physical address and port, which + are used to tell Envoy where to bind/listen, connect to upstream and + find management servers. properties: - versionInfo: + socketAddress: + $ref: '#/components/schemas/SocketAddress' + pipe: + $ref: '#/components/schemas/Pipe' + envoyInternalAddress: description: >- - This is the per-resource version information. This version is - currently taken from the :ref:`version_info ` field at the time that - the route configuration was loaded. + Specifies a user-space address handled by :ref:`internal listeners + `. + $ref: '#/components/schemas/EnvoyInternalAddress' + type: object + Locality: + description: >- + Identifies location of where either Envoy runs or where upstream hosts + run. + type: object + properties: + subZone: + description: >- + When used for locality of upstream hosts, this field further splits + zone into smaller chunks of sub-zones so they can be load balanced + independently. type: string - routeConfig: - description: The route config. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - lastUpdated: - description: The timestamp when the Route was last updated. + region: + description: Region this :ref:`zone ` belongs to. type: string - format: google-datetime - errorState: + zone: description: >- - Set if the last update failed, cleared after the next successful - update. The ``error_state`` field contains the rejected version of - this particular resource along with the reason and timestamp. For - successfully updated or acknowledged resource, this field should be - empty. [#not-implemented-hide:] - $ref: '#/components/schemas/UpdateFailureState' - clientStatus: - description: The client status of this resource. [#not-implemented-hide:] - type: string - enumDescriptions: - - Resource status is not available/unknown. - - >- - Client requested this resource but hasn't received any update from - management server. The client will not fail requests, but will - queue them until update arrives or the client times out waiting - for the resource. - - >- - This resource has been requested by the client but has either not - been delivered by the server or was previously delivered by the - server and then subsequently removed from resources provided by - the server. For more information, please refer to the - :ref:`"Knowing When a Requested Resource Does Not Exist" ` - section. - - Client received this resource and replied with ACK. - - Client received this resource and replied with NACK. - - >- - Client received an error from the control plane. The attached - config dump is the most recent accepted one. If no config is - accepted yet, the attached config dump will be empty. - - Client timed out waiting for the resource from the control plane. - enum: - - UNKNOWN - - REQUESTED - - DOES_NOT_EXIST - - ACKED - - NACKED - - RECEIVED_ERROR - - TIMEOUT + Defines the local service zone where Envoy is running. Though + optional, it should be set if discovery service routing is used and + the discovery service exposes :ref:`zone data `, either in this + message or via :option:`--service-zone`. The meaning of zone is + context dependent, e.g. `Availability Zone (AZ) `_ on AWS, `Zone `_ + on GCP, etc. + type: string + id: Locality ScopedRoutesConfigDump: - id: ScopedRoutesConfigDump description: >- Envoy's scoped RDS implementation fills this message with all currently loaded route configuration scopes (defined via @@ -1123,258 +1148,119 @@ components: HttpConnectionManager) and the dynamically obtained scopes via the SRDS API. type: object + id: ScopedRoutesConfigDump properties: - inlineScopedRouteConfigs: - description: The statically loaded scoped route configs. - type: array - items: - $ref: '#/components/schemas/InlineScopedRouteConfigs' dynamicScopedRouteConfigs: - description: The dynamically loaded scoped route configs. type: array items: $ref: '#/components/schemas/DynamicScopedRouteConfigs' - InlineScopedRouteConfigs: - id: InlineScopedRouteConfigs - type: object - properties: - name: - description: The name assigned to the scoped route configurations. - type: string - scopedRouteConfigs: - description: The scoped route configurations. + description: The dynamically loaded scoped route configs. + inlineScopedRouteConfigs: + description: The statically loaded scoped route configs. type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - lastUpdated: - description: The timestamp when the scoped route config set was last updated. - type: string - format: google-datetime - DynamicScopedRouteConfigs: - id: DynamicScopedRouteConfigs - description: '[#next-free-field: 7]' + $ref: '#/components/schemas/InlineScopedRouteConfigs' + DynamicListenerState: + id: DynamicListenerState type: object properties: - name: - description: The name assigned to the scoped route configurations. - type: string versionInfo: description: >- This is the per-resource version information. This version is currently taken from the :ref:`version_info ` field at the time that - the scoped routes configuration was loaded. - type: string - scopedRouteConfigs: - description: The scoped route configurations. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - lastUpdated: - description: The timestamp when the scoped route config set was last updated. - type: string - format: google-datetime - errorState: - description: >- - Set if the last update failed, cleared after the next successful - update. The ``error_state`` field contains the rejected version of - this particular resource along with the reason and timestamp. For - successfully updated or acknowledged resource, this field should be - empty. [#not-implemented-hide:] - $ref: '#/components/schemas/UpdateFailureState' - clientStatus: - description: The client status of this resource. [#not-implemented-hide:] + the listener was loaded. In the future, discrete per-listener + versions may be supported by the API. type: string - enumDescriptions: - - Resource status is not available/unknown. - - >- - Client requested this resource but hasn't received any update from - management server. The client will not fail requests, but will - queue them until update arrives or the client times out waiting - for the resource. - - >- - This resource has been requested by the client but has either not - been delivered by the server or was previously delivered by the - server and then subsequently removed from resources provided by - the server. For more information, please refer to the - :ref:`"Knowing When a Requested Resource Does Not Exist" ` - section. - - Client received this resource and replied with ACK. - - Client received this resource and replied with NACK. - - >- - Client received an error from the control plane. The attached - config dump is the most recent accepted one. If no config is - accepted yet, the attached config dump will be empty. - - Client timed out waiting for the resource from the control plane. - enum: - - UNKNOWN - - REQUESTED - - DOES_NOT_EXIST - - ACKED - - NACKED - - RECEIVED_ERROR - - TIMEOUT - EndpointsConfigDump: - id: EndpointsConfigDump - description: >- - Envoy's admin fill this message with all currently known endpoints. - Endpoint configuration information can be used to recreate an Envoy - configuration by populating all endpoints as static endpoints or by - returning them in an EDS response. - type: object - properties: - staticEndpointConfigs: - description: The statically loaded endpoint configs. - type: array - items: - $ref: '#/components/schemas/StaticEndpointConfig' - dynamicEndpointConfigs: - description: The dynamically loaded endpoint configs. - type: array - items: - $ref: '#/components/schemas/DynamicEndpointConfig' - StaticEndpointConfig: - id: StaticEndpointConfig - type: object - properties: - endpointConfig: - description: The endpoint config. + listener: type: object + description: The listener config. additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. lastUpdated: - description: >- - [#not-implemented-hide:] The timestamp when the Endpoint was last - updated. - type: string + description: The timestamp when the Listener was last successfully updated. format: google-datetime - DynamicEndpointConfig: - id: DynamicEndpointConfig - description: '[#next-free-field: 6]' - type: object - properties: - versionInfo: - description: >- - [#not-implemented-hide:] This is the per-resource version - information. This version is currently taken from the - :ref:`version_info ` field at the time that the endpoint - configuration was loaded. type: string - endpointConfig: - description: The endpoint config. + ContextParams: + id: ContextParams + properties: + params: type: object additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - lastUpdated: - description: >- - [#not-implemented-hide:] The timestamp when the Endpoint was last - updated. - type: string - format: google-datetime - errorState: - description: >- - Set if the last update failed, cleared after the next successful - update. The ``error_state`` field contains the rejected version of - this particular resource along with the reason and timestamp. For - successfully updated or acknowledged resource, this field should be - empty. [#not-implemented-hide:] - $ref: '#/components/schemas/UpdateFailureState' - clientStatus: - description: The client status of this resource. [#not-implemented-hide:] - type: string - enumDescriptions: - - Resource status is not available/unknown. - - >- - Client requested this resource but hasn't received any update from - management server. The client will not fail requests, but will - queue them until update arrives or the client times out waiting - for the resource. - - >- - This resource has been requested by the client but has either not - been delivered by the server or was previously delivered by the - server and then subsequently removed from resources provided by - the server. For more information, please refer to the - :ref:`"Knowing When a Requested Resource Does Not Exist" ` - section. - - Client received this resource and replied with ACK. - - Client received this resource and replied with NACK. - - >- - Client received an error from the control plane. The attached - config dump is the most recent accepted one. If no config is - accepted yet, the attached config dump will be empty. - - Client timed out waiting for the resource from the control plane. - enum: - - UNKNOWN - - REQUESTED - - DOES_NOT_EXIST - - ACKED - - NACKED - - RECEIVED_ERROR - - TIMEOUT - GenericXdsConfig: - id: GenericXdsConfig + type: string + type: object description: >- - GenericXdsConfig is used to specify the config status and the dump of - any xDS resource identified by their type URL. It is the generalized - version of the now deprecated ListenersConfigDump, ClustersConfigDump - etc [#next-free-field: 10] + Additional parameters that can be used to select resource variants. + These include any global context parameters, per-resource type client + feature capabilities and per-resource type functional attributes. All + per-resource type attributes will be `xds.resource.` prefixed and some + of these are documented below: `xds.resource.listening_address`: The + value is "IP:port" (e.g. "10.1.1.3:8080") which is the listening address + of a Listener. Used in a Listener resource query. + DoubleMatcher: + description: Specifies the way to match a double value. type: object + id: DoubleMatcher properties: - typeUrl: + range: description: >- - Type_url represents the fully qualified name of xDS resource type - like envoy.v3.Cluster, envoy.v3.ClusterLoadAssignment etc. - type: string - name: - description: Name of the xDS resource - type: string - versionInfo: + If specified, the input double value must be in the range specified + here. Note: The range is using half-open interval semantics [start, + end). + $ref: '#/components/schemas/DoubleRange' + exact: + type: number + format: double description: >- - This is the :ref:`version_info ` in the last processed xDS discovery - response. If there are only static bootstrap listeners, this field - will be "" - type: string - xdsConfig: - description: The xDS resource config. Actual content depends on the type - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - lastUpdated: - description: Timestamp when the xDS resource was last updated - type: string - format: google-datetime - configStatus: + If specified, the input double value must be equal to the value + specified here. + NodeMatcher: + description: Specifies the way to match a Node. The match follows AND semantics. + properties: + nodeId: + $ref: '#/components/schemas/StringMatcher' + description: Specifies match criteria on the node id. + nodeMetadatas: + description: Specifies match criteria on the node metadata. + items: + $ref: '#/components/schemas/StructMatcher' + type: array + id: NodeMatcher + type: object + DynamicListener: + type: object + properties: + name: description: >- - Per xDS resource config status. It is generated by management - servers. It will not be present if the CSDS server is an xDS client. + The name or unique id of this listener, pulled from the + DynamicListenerState config. type: string - enumDescriptions: - - Status info is not available/unknown. - - Management server has sent the config to client and received ACK. - - Config is not sent. - - >- - Management server has sent the config to client but hasn’t - received ACK/NACK. - - >- - Management server has sent the config to client but received NACK. - The attached config dump will be the latest config (the rejected - one), since it is the persisted version in the management server. + warmingState: + description: >- + The listener state for any warming listener by this name. These are + listeners that are currently undergoing warming in preparation to + service data plane traffic. Note that if attempting to recreate an + Envoy configuration from a configuration dump, the warming listeners + should generally be discarded. + $ref: '#/components/schemas/DynamicListenerState' + drainingState: + description: >- + The listener state for any draining listener by this name. These are + listeners that are currently undergoing draining in preparation to + stop servicing data plane traffic. Note that if attempting to + recreate an Envoy configuration from a configuration dump, the + draining listeners should generally be discarded. + $ref: '#/components/schemas/DynamicListenerState' + clientStatus: enum: - UNKNOWN - - SYNCED - - NOT_SENT - - STALE - - ERROR - clientStatus: - description: Per xDS resource status from the view of a xDS client + - REQUESTED + - DOES_NOT_EXIST + - ACKED + - NACKED + - RECEIVED_ERROR + - TIMEOUT + description: The client status of this resource. [#not-implemented-hide:] type: string enumDescriptions: - Resource status is not available/unknown. @@ -1397,34 +1283,142 @@ components: config dump is the most recent accepted one. If no config is accepted yet, the attached config dump will be empty. - Client timed out waiting for the resource from the control plane. - enum: - - UNKNOWN - - REQUESTED - - DOES_NOT_EXIST - - ACKED - - NACKED - - RECEIVED_ERROR - - TIMEOUT + activeState: + description: >- + The listener state for any active listener by this name. These are + listeners that are available to service data plane traffic. + $ref: '#/components/schemas/DynamicListenerState' errorState: + $ref: '#/components/schemas/UpdateFailureState' description: >- Set if the last update failed, cleared after the next successful - update. The *error_state* field contains the rejected version of + update. The ``error_state`` field contains the rejected version of this particular resource along with the reason and timestamp. For successfully updated or acknowledged resource, this field should be - empty. [#not-implemented-hide:] - $ref: '#/components/schemas/UpdateFailureState' - isStaticResource: + empty. + description: >- + Describes a dynamically loaded listener via the LDS API. + [#next-free-field: 7] + id: DynamicListener + PathSegment: + description: Specifies the segment in a path to retrieve value from Struct. + type: object + properties: + key: + description: If specified, use the key to retrieve the value in a Struct. + type: string + id: PathSegment + Extension: + type: object + id: Extension + properties: + name: + type: string description: >- - Is static resource is true if it is specified in the config supplied - through the file at the startup. + This is the name of the Envoy filter as specified in the Envoy + configuration, e.g. envoy.filters.http.router, com.acme.widget. + version: + $ref: '#/components/schemas/BuildVersion' + description: >- + The version is a property of the extension and maintained + independently of other extensions and the Envoy API. This field is + not set when extension did not provide version information. + category: + description: >- + Category of the extension. Extension category names use reverse DNS + notation. For instance "envoy.filters.listener" for Envoy's built-in + listener filters or "com.acme.filters.http" for HTTP filters from + acme.com vendor. [#comment: + type: string + typeUrls: + type: array + description: Type URLs of extension configuration protos. + items: + type: string + disabled: + description: >- + Indicates that the extension is present but was disabled via dynamic + configuration. type: boolean + typeDescriptor: + type: string + description: >- + [#not-implemented-hide:] Type descriptor of extension configuration + proto. [#comment: + deprecated: true + description: 'Version and identification for an Envoy extension. [#next-free-field: 7]' + StructMatcher: + type: object + properties: + path: + type: array + description: The path to retrieve the Value from the Struct. + items: + $ref: '#/components/schemas/PathSegment' + value: + $ref: '#/components/schemas/ValueMatcher' + description: >- + The StructMatcher is matched if the value retrieved by path is + matched to this value. + id: StructMatcher + description: >- + StructMatcher provides a general interface to check if a given value is + matched in google.protobuf.Struct. It uses ``path`` to retrieve the + value from the struct and then check if it's matched to the specified + value. For example, for the following Struct: .. code-block:: yaml + fields: a: struct_value: fields: b: struct_value: fields: c: + string_value: pro t: list_value: values: - string_value: m - + string_value: n The following MetadataMatcher is matched as the path [a, + b, c] will retrieve a string value "pro" from the Metadata which is + matched to the specified prefix match. .. code-block:: yaml path: - key: + a - key: b - key: c value: string_match: prefix: pr The following + StructMatcher is matched as the code will match one of the string values + in the list at the path [a, t]. .. code-block:: yaml path: - key: a - + key: t value: list_match: one_of: string_match: exact: m An example use + of StructMatcher is to match metadata in envoy.v*.core.Node. + UpdateFailureState: + type: object + properties: + lastUpdateAttempt: + type: string + description: Time of the latest failed update attempt. + format: google-datetime + failedConfiguration: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + What the component configuration would have been if the update had + succeeded. This field may not be populated by xDS clients due to + storage overhead. + versionInfo: + description: >- + This is the version of the rejected resource. + [#not-implemented-hide:] + type: string + details: + description: Details about the last failed update attempt. + type: string + id: UpdateFailureState + SemanticVersion: + description: >- + Envoy uses SemVer (https://semver.org/). Major/minor versions indicate + expected behaviors and APIs, the patch version field is used only for + security fixes and can be generally ignored. + properties: + minorNumber: + type: integer + format: uint32 + patch: + type: integer + format: uint32 + majorNumber: + type: integer + format: uint32 + type: object + id: SemanticVersion parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string alt: description: Data format for response. in: query @@ -1435,10 +1429,10 @@ components: - json - media - proto - callback: - description: JSONP + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: callback + name: uploadType schema: type: string fields: @@ -1456,18 +1450,15 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + _.xgafv: + description: V1 error format. in: query - name: oauth_token + name: $.xgafv schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean + enum: + - '1' + - '2' quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -1483,21 +1474,30 @@ components: name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: uploadType + name: prettyPrint + schema: + type: boolean + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token schema: type: string - _.xgafv: - description: V1 error format. + access_token: + description: OAuth access token. in: query - name: $.xgafv + name: access_token + schema: + type: string + callback: + description: JSONP + in: query + name: callback schema: type: string - enum: - - '1' - - '2' x-stackQL-resources: discovery: id: google.trafficdirector.discovery @@ -1519,17 +1519,17 @@ components: paths: /v3/discovery:client_status: parameters: - - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/_.xgafv' - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/callback' post: description: '' operationId: trafficdirector.discovery.client_status diff --git a/providers/src/googleapis.com/v00.00.00000/services/transcoder.yaml b/providers/src/googleapis.com/v00.00.00000/services/transcoder.yaml index 4a74f98c..84969cc6 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/transcoder.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/transcoder.yaml @@ -9,8 +9,8 @@ info: This API converts video files into formats suitable for consumer distribution. For more information, see the Transcoder API overview. version: v1 - x-discovery-doc-revision: '20250813' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251112' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/transcoder/docs/ servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/translate.yaml b/providers/src/googleapis.com/v00.00.00000/services/translate.yaml index 878137b3..ddb75b2d 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/translate.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/translate.yaml @@ -8,7 +8,7 @@ info: description: Integrates text translation into your website or application. version: v3 x-discovery-doc-revision: '20250424' - x-generated-date: '2025-08-28' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/translate/docs/quickstarts servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/videointelligence.yaml b/providers/src/googleapis.com/v00.00.00000/services/videointelligence.yaml index 98ada7a5..7f7f9915 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/videointelligence.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/videointelligence.yaml @@ -11,7 +11,7 @@ info: both asynchronous API and streaming API. version: v1 x-discovery-doc-revision: '20250724' - x-generated-date: '2025-08-28' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/video-intelligence/docs/ servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/vision.yaml b/providers/src/googleapis.com/v00.00.00000/services/vision.yaml index 598d2a27..9c8249a3 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/vision.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/vision.yaml @@ -10,8 +10,8 @@ info: landmark detection, optical character recognition (OCR), and detection of explicit content, into applications. version: v1 - x-discovery-doc-revision: '20250815' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251203' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/vision/ servers: @@ -25,10 +25,10 @@ components: implicit: authorizationUrl: https://accounts.google.com/o/oauth2/auth scopes: &ref_0 + https://www.googleapis.com/auth/cloud-vision: Apply machine learning models to understand and label images https://www.googleapis.com/auth/cloud-platform: >- See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account. - https://www.googleapis.com/auth/cloud-vision: Apply machine learning models to understand and label images Oauth2c: type: oauth2 description: Oauth 2.0 authorization code authentication @@ -38,631 +38,534 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object + GoogleCloudVisionV1p1beta1SafeSearchAnnotation: + id: GoogleCloudVisionV1p1beta1SafeSearchAnnotation properties: - operations: + adult: + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + Represents the adult content likelihood for the image. Adult content + may contain elements such as nudity, pornographic images or + cartoons, or sexual activities. type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: + spoof: + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + Spoof likelihood. The likelihood that an modification was made to + the image's canonical version to make it appear funny or offensive. type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: + racy: + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + Likelihood that the request image contains racy content. Racy + content may include (but is not limited to) skimpy or sheer + clothing, strategically covered nudity, lewd or provocative poses, + or close-ups of sensitive body areas. + type: string + medical: + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + description: Likelihood that this is a medical image. + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + type: string + violence: + type: string + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status + Likelihood that this image contains violent content. Violent content + may include death, serious harm, or injury to individuals or groups + of individuals. description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + Set of features pertaining to the image, computed by computer vision + methods over safe-search verticals (for example, adult, spoof, medical, + violence). type: object + GoogleCloudVisionV1p4beta1WebDetectionWebImage: properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + score: + type: number + description: (Deprecated) Overall relevancy score for the image. + format: float + url: type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + description: The result image URL. type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. + description: Metadata for online images. + id: GoogleCloudVisionV1p4beta1WebDetectionWebImage + GoogleCloudVisionV1p4beta1FaceAnnotationLandmark: type: object - properties: {} - ProductSet: - id: ProductSet description: >- - A ProductSet contains Products. A ProductSet can contain a maximum of 1 - million reference images. If the limit is exceeded, periodic indexing - will fail. - type: object - properties: - name: - description: >- - The resource name of the ProductSet. Format is: - `projects/PROJECT_ID/locations/LOC_ID/productSets/PRODUCT_SET_ID`. - This field is ignored when creating a ProductSet. - type: string - displayName: - description: >- - The user-provided name for this ProductSet. Must not be empty. Must - be at most 4096 characters long. - type: string - indexTime: - description: >- - Output only. The time at which this ProductSet was last indexed. - Query results will reflect all updates before this time. If this - ProductSet has never been indexed, this timestamp is the default - value "1970-01-01T00:00:00Z". This field is ignored when creating a - ProductSet. - readOnly: true - type: string - format: google-datetime - indexError: - description: >- - Output only. If there was an error with indexing the product set, - the field is populated. This field is ignored when creating a - ProductSet. - readOnly: true - $ref: '#/components/schemas/Status' - ListProductSetsResponse: - id: ListProductSetsResponse - description: Response message for the `ListProductSets` method. - type: object + A face-specific landmark (for example, a face feature). Landmark + positions may fall outside the bounds of the image if the face is near + one or more edges of the image. Therefore it is NOT guaranteed that `0 + <= x < width` or `0 <= y < height`. + id: GoogleCloudVisionV1p4beta1FaceAnnotationLandmark properties: - productSets: - description: List of ProductSets. - type: array - items: - $ref: '#/components/schemas/ProductSet' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. + type: + enum: + - UNKNOWN_LANDMARK + - LEFT_EYE + - RIGHT_EYE + - LEFT_OF_LEFT_EYEBROW + - RIGHT_OF_LEFT_EYEBROW + - LEFT_OF_RIGHT_EYEBROW + - RIGHT_OF_RIGHT_EYEBROW + - MIDPOINT_BETWEEN_EYES + - NOSE_TIP + - UPPER_LIP + - LOWER_LIP + - MOUTH_LEFT + - MOUTH_RIGHT + - MOUTH_CENTER + - NOSE_BOTTOM_RIGHT + - NOSE_BOTTOM_LEFT + - NOSE_BOTTOM_CENTER + - LEFT_EYE_TOP_BOUNDARY + - LEFT_EYE_RIGHT_CORNER + - LEFT_EYE_BOTTOM_BOUNDARY + - LEFT_EYE_LEFT_CORNER + - RIGHT_EYE_TOP_BOUNDARY + - RIGHT_EYE_RIGHT_CORNER + - RIGHT_EYE_BOTTOM_BOUNDARY + - RIGHT_EYE_LEFT_CORNER + - LEFT_EYEBROW_UPPER_MIDPOINT + - RIGHT_EYEBROW_UPPER_MIDPOINT + - LEFT_EAR_TRAGION + - RIGHT_EAR_TRAGION + - LEFT_EYE_PUPIL + - RIGHT_EYE_PUPIL + - FOREHEAD_GLABELLA + - CHIN_GNATHION + - CHIN_LEFT_GONION + - CHIN_RIGHT_GONION + - LEFT_CHEEK_CENTER + - RIGHT_CHEEK_CENTER type: string - Product: - id: Product - description: A Product contains ReferenceImages. - type: object + enumDescriptions: + - Unknown face landmark detected. Should not be filled. + - Left eye. + - Right eye. + - Left of left eyebrow. + - Right of left eyebrow. + - Left of right eyebrow. + - Right of right eyebrow. + - Midpoint between eyes. + - Nose tip. + - Upper lip. + - Lower lip. + - Mouth left. + - Mouth right. + - Mouth center. + - Nose, bottom right. + - Nose, bottom left. + - Nose, bottom center. + - Left eye, top boundary. + - Left eye, right corner. + - Left eye, bottom boundary. + - Left eye, left corner. + - Right eye, top boundary. + - Right eye, right corner. + - Right eye, bottom boundary. + - Right eye, left corner. + - Left eyebrow, upper midpoint. + - Right eyebrow, upper midpoint. + - Left ear tragion. + - Right ear tragion. + - Left eye pupil. + - Right eye pupil. + - Forehead glabella. + - Chin gnathion. + - Chin left gonion. + - Chin right gonion. + - Left cheek center. + - Right cheek center. + description: Face landmark type. + position: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Position' + description: Face landmark position. + GoogleCloudVisionV1p2beta1WebDetectionWebLabel: + description: Label to provide extra metadata for the web detection. properties: - name: - description: >- - The resource name of the product. Format is: - `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID`. This - field is ignored when creating a product. - type: string - displayName: - description: >- - The user-provided name for this Product. Must not be empty. Must be - at most 4096 characters long. - type: string - description: - description: >- - User-provided metadata to be stored with this product. Must be at - most 4096 characters long. + languageCode: type: string - productCategory: description: >- - Immutable. The category for the product identified by the reference - image. This should be one of "homegoods-v2", "apparel-v2", - "toys-v2", "packagedgoods-v1" or "general-v1". The legacy categories - "homegoods", "apparel", and "toys" are still supported, but these - should not be used for new products. + The BCP-47 language code for `label`, such as "en-US" or "sr-Latn". + For more information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + label: + description: Label for extra metadata. type: string - productLabels: - description: >- - Key-value pairs that can be attached to a product. At query time, - constraints can be specified based on the product_labels. Note that - integer values can be provided as strings, e.g. "1199". Only strings - with integer values can match a range-based restriction which is to - be supported soon. Multiple values can be assigned to the same key. - One product may have up to 500 product_labels. Notice that the total - number of distinct product_labels over all products in one - ProductSet cannot exceed 1M, otherwise the product search pipeline - will refuse to work for that ProductSet. - type: array - items: - $ref: '#/components/schemas/KeyValue' - KeyValue: - id: KeyValue - description: A product label represented as a key-value pair. + type: object + id: GoogleCloudVisionV1p2beta1WebDetectionWebLabel + GoogleCloudVisionV1p4beta1TextAnnotationDetectedBreak: + description: Detected start or end of a structural component. + id: GoogleCloudVisionV1p4beta1TextAnnotationDetectedBreak type: object properties: - key: - description: >- - The key of the label attached to the product. Cannot be empty and - cannot exceed 128 bytes. - type: string - value: - description: >- - The value of the label attached to the product. Cannot be empty and - cannot exceed 128 bytes. + isPrefix: + description: True if break prepends the element. + type: boolean + type: + enum: + - UNKNOWN + - SPACE + - SURE_SPACE + - EOL_SURE_SPACE + - HYPHEN + - LINE_BREAK + enumDescriptions: + - Unknown break label type. + - Regular space. + - Sure space (very wide). + - Line-wrapping break. + - >- + End-line hyphen that is not present in text; does not co-occur + with `SPACE`, `LEADER_SPACE`, or `LINE_BREAK`. + - Line break that ends a paragraph. type: string - ListProductsResponse: - id: ListProductsResponse - description: Response message for the `ListProducts` method. + description: Detected break type. + WebImage: + id: WebImage type: object + description: Metadata for online images. properties: - products: - description: List of products. - type: array - items: - $ref: '#/components/schemas/Product' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. + score: + description: (Deprecated) Overall relevancy score for the image. + format: float + type: number + url: type: string - ReferenceImage: - id: ReferenceImage + description: The result image URL. + ProductSet: description: >- - A `ReferenceImage` represents a product image and its associated - metadata, such as bounding boxes. - type: object + A ProductSet contains Products. A ProductSet can contain a maximum of 1 + million reference images. If the limit is exceeded, periodic indexing + will fail. + id: ProductSet properties: - name: + indexTime: description: >- - The resource name of the reference image. Format is: - `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID/referenceImages/IMAGE_ID`. - This field is ignored when creating a reference image. + Output only. The time at which this ProductSet was last indexed. + Query results will reflect all updates before this time. If this + ProductSet has never been indexed, this timestamp is the default + value "1970-01-01T00:00:00Z". This field is ignored when creating a + ProductSet. + readOnly: true type: string - uri: + format: google-datetime + displayName: description: >- - Required. The Google Cloud Storage URI of the reference image. The - URI must start with `gs://`. + The user-provided name for this ProductSet. Must not be empty. Must + be at most 4096 characters long. type: string - boundingPolys: + name: description: >- - Optional. Bounding polygons around the areas of interest in the - reference image. If this field is empty, the system will try to - detect regions of interest. At most 10 bounding polygons will be - used. The provided shape is converted into a non-rotated rectangle. - Once converted, the small edge of the rectangle must be greater than - or equal to 300 pixels. The aspect ratio must be 1:4 or less (i.e. - 1:3 is ok; 1:5 is not). - type: array - items: - $ref: '#/components/schemas/BoundingPoly' - BoundingPoly: - id: BoundingPoly - description: A bounding polygon for the detected image annotation. + The resource name of the ProductSet. Format is: + `projects/PROJECT_ID/locations/LOC_ID/productSets/PRODUCT_SET_ID`. + This field is ignored when creating a ProductSet. + type: string + indexError: + readOnly: true + $ref: '#/components/schemas/Status' + description: >- + Output only. If there was an error with indexing the product set, + the field is populated. This field is ignored when creating a + ProductSet. + type: object + GoogleCloudVisionV1p3beta1OutputConfig: + id: GoogleCloudVisionV1p3beta1OutputConfig + description: The desired output location and metadata. type: object properties: - vertices: - description: The bounding polygon vertices. - type: array - items: - $ref: '#/components/schemas/Vertex' - normalizedVertices: - description: The bounding polygon normalized vertices. - type: array - items: - $ref: '#/components/schemas/NormalizedVertex' - Vertex: - id: Vertex - description: >- - A vertex represents a 2D point in the image. NOTE: the vertex - coordinates are in the same scale as the original image. - type: object - properties: - x: - description: X coordinate. - type: integer + batchSize: + description: >- + The max number of response protos to put into each output JSON file + on Google Cloud Storage. The valid range is [1, 100]. If not + specified, the default value is 20. For example, for one pdf file + with 100 pages, 100 response protos will be generated. If + `batch_size` = 20, then 5 json files each containing 20 response + protos will be written under the prefix `gcs_destination`.`uri`. + Currently, batch_size only applies to GcsDestination, with potential + future support for other output configurations. format: int32 - 'y': - description: Y coordinate. type: integer - format: int32 - NormalizedVertex: - id: NormalizedVertex + gcsDestination: + description: The Google Cloud Storage location to write the output(s) to. + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1GcsDestination' + TextAnnotation: + id: TextAnnotation description: >- - A vertex represents a 2D point in the image. NOTE: the normalized vertex - coordinates are relative to the original image and range from 0 to 1. - type: object - properties: - x: - description: X coordinate. - type: number - format: float - 'y': - description: Y coordinate. - type: number - format: float - ListReferenceImagesResponse: - id: ListReferenceImagesResponse - description: Response message for the `ListReferenceImages` method. + TextAnnotation contains a structured representation of OCR extracted + text. The hierarchy of an OCR extracted text structure is like this: + TextAnnotation -> Page -> Block -> Paragraph -> Word -> Symbol Each + structural component, starting from Page, may further have their own + properties. Properties describe detected languages, breaks etc.. Please + refer to the TextAnnotation.TextProperty message definition below for + more detail. type: object properties: - referenceImages: - description: The list of reference images. - type: array + pages: items: - $ref: '#/components/schemas/ReferenceImage' - pageSize: - description: The maximum number of items to return. Default 10, maximum 100. - type: integer - format: int32 - nextPageToken: - description: The next_page_token returned from a previous List request, if any. - type: string - AddProductToProductSetRequest: - id: AddProductToProductSetRequest - description: Request message for the `AddProductToProductSet` method. - type: object - properties: - product: - description: >- - Required. The resource name for the Product to be added to this - ProductSet. Format is: - `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID` - type: string - RemoveProductFromProductSetRequest: - id: RemoveProductFromProductSetRequest - description: Request message for the `RemoveProductFromProductSet` method. - type: object - properties: - product: - description: >- - Required. The resource name for the Product to be removed from this - ProductSet. Format is: - `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID` - type: string - ListProductsInProductSetResponse: - id: ListProductsInProductSetResponse - description: Response message for the `ListProductsInProductSet` method. - type: object - properties: - products: - description: The list of Products. + $ref: '#/components/schemas/Page' + description: List of pages detected by OCR. type: array - items: - $ref: '#/components/schemas/Product' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string - ImportProductSetsRequest: - id: ImportProductSetsRequest - description: Request message for the `ImportProductSets` method. - type: object - properties: - inputConfig: - description: Required. The input content for the list of requests. - $ref: '#/components/schemas/ImportProductSetsInputConfig' - ImportProductSetsInputConfig: - id: ImportProductSetsInputConfig - description: The input content for the `ImportProductSets` method. - type: object - properties: - gcsSource: - description: >- - The Google Cloud Storage location for a csv file which preserves a - list of ImportProductSetRequests in each line. - $ref: '#/components/schemas/ImportProductSetsGcsSource' - ImportProductSetsGcsSource: - id: ImportProductSetsGcsSource - description: >- - The Google Cloud Storage location for a csv file which preserves a list - of ImportProductSetRequests in each line. - type: object - properties: - csvFileUri: - description: >- - The Google Cloud Storage URI of the input csv file. The URI must - start with `gs://`. The format of the input csv file should be one - image per line. In each line, there are 8 columns. 1. image-uri 2. - image-id 3. product-set-id 4. product-id 5. product-category 6. - product-display-name 7. labels 8. bounding-poly The `image-uri`, - `product-set-id`, `product-id`, and `product-category` columns are - required. All other columns are optional. If the `ProductSet` or - `Product` specified by the `product-set-id` and `product-id` values - does not exist, then the system will create a new `ProductSet` or - `Product` for the image. In this case, the `product-display-name` - column refers to display_name, the `product-category` column refers - to product_category, and the `labels` column refers to - product_labels. The `image-id` column is optional but must be unique - if provided. If it is empty, the system will automatically assign a - unique id to the image. The `product-display-name` column is - optional. If it is empty, the system sets the display_name field for - the product to a space (" "). You can update the `display_name` - later by using the API. If a `Product` with the specified - `product-id` already exists, then the system ignores the - `product-display-name`, `product-category`, and `labels` columns. - The `labels` column (optional) is a line containing a list of - comma-separated key-value pairs, in the following format: - "key_1=value_1,key_2=value_2,...,key_n=value_n" The `bounding-poly` - column (optional) identifies one region of interest from the image - in the same manner as `CreateReferenceImage`. If you do not specify - the `bounding-poly` column, then the system will try to detect - regions of interest automatically. At most one `bounding-poly` - column is allowed per line. If the image contains multiple regions - of interest, add a line to the CSV file that includes the same - product information, and the `bounding-poly` values for each region - of interest. The `bounding-poly` column must contain an even number - of comma-separated numbers, in the format - "p1_x,p1_y,p2_x,p2_y,...,pn_x,pn_y". Use non-negative integers for - absolute bounding polygons, and float values in [0, 1] for - normalized bounding polygons. The system will resize the image if - the image resolution is too large to process (larger than 20MP). + text: + description: UTF-8 text detected on the pages. type: string PurgeProductsRequest: - id: PurgeProductsRequest description: Request message for the `PurgeProducts` method. type: object properties: + force: + type: boolean + description: >- + The default value is false. Override this value to true to actually + perform the purge. productSetPurgeConfig: - description: Specify which ProductSet contains the Products to be deleted. $ref: '#/components/schemas/ProductSetPurgeConfig' + description: Specify which ProductSet contains the Products to be deleted. deleteOrphanProducts: description: >- If delete_orphan_products is true, all Products that are not in any ProductSet will be deleted. type: boolean - force: - description: >- - The default value is false. Override this value to true to actually - perform the purge. - type: boolean - ProductSetPurgeConfig: - id: ProductSetPurgeConfig - description: Config to control which ProductSet contains the Products to be deleted. + id: PurgeProductsRequest + GoogleCloudVisionV1p1beta1WebDetectionWebPage: + id: GoogleCloudVisionV1p1beta1WebDetectionWebPage type: object + description: Metadata for web pages. properties: - productSetId: + fullMatchingImages: description: >- - The ProductSet that contains the Products to delete. If a Product is - a member of product_set_id in addition to other ProductSets, the - Product will still be deleted. + Fully matching images on the page. Can include resized copies of the + query image. + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1WebDetectionWebImage + type: array + url: type: string - BatchAnnotateImagesRequest: - id: BatchAnnotateImagesRequest - description: >- - Multiple image annotation requests are batched into a single service - call. - type: object - properties: - requests: - description: Required. Individual image annotation requests for this batch. + description: The result web page URL. + score: + type: number + description: (Deprecated) Overall relevancy score for the web page. + format: float + partialMatchingImages: type: array items: - $ref: '#/components/schemas/AnnotateImageRequest' - parent: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1WebDetectionWebImage description: >- - Optional. Target project and location to make a call. Format: - `projects/{project-id}/locations/{location-id}`. If no parent is - specified, a region will be chosen automatically. Supported - location-ids: `us`: USA country only, `asia`: East asia areas, like - Japan, Taiwan, `eu`: The European Union. Example: - `projects/project-A/locations/eu`. + Partial matching images on the page. Those images are similar enough + to share some key-point features. For example an original image will + likely have partial matching for its crops. + pageTitle: + description: Title for the web page, may contain HTML markups. type: string - labels: - description: >- - Optional. The labels with user-defined metadata for the request. - Label keys and values can be no longer than 63 characters (Unicode - codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. Label - values are optional. Label keys must start with a letter. - type: object - additionalProperties: - type: string - AnnotateImageRequest: - id: AnnotateImageRequest - description: >- - Request for performing Google Cloud Vision API tasks over a - user-provided image, with user-requested features, and with context - information. + GoogleCloudVisionV1p1beta1Symbol: type: object + id: GoogleCloudVisionV1p1beta1Symbol + description: A single symbol representation. properties: - image: - description: The image to be processed. - $ref: '#/components/schemas/Image' - features: - description: Requested features. - type: array - items: - $ref: '#/components/schemas/Feature' - imageContext: - description: Additional context that may accompany the image. - $ref: '#/components/schemas/ImageContext' - Image: - id: Image - description: Client image to perform Google Cloud Vision API tasks over. - type: object - properties: - content: - description: >- - Image content, represented as a stream of bytes. Note: As with all - `bytes` fields, protobuffers use a pure binary representation, - whereas JSON representations use base64. Currently, this field only - works for BatchAnnotateImages requests. It does not work for - AsyncBatchAnnotateImages requests. + confidence: + type: number + description: Confidence of the OCR results for the symbol. Range [0, 1]. + format: float + text: + description: The actual UTF-8 representation of the symbol. type: string - format: byte - source: + boundingBox: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' description: >- - Google Cloud Storage image location, or publicly-accessible image - URL. If both `content` and `source` are provided for an image, - `content` takes precedence and is used to perform the image - annotation request. - $ref: '#/components/schemas/ImageSource' - ImageSource: - id: ImageSource - description: External image source (Google Cloud Storage or web URL image location). - type: object + The bounding box for the symbol. The vertices are in the order of + top-left, top-right, bottom-right, bottom-left. When a rotation of + the bounding box is detected the rotation is represented as around + the top-left corner as defined when the text is read in the + 'natural' orientation. For example: * when the text is horizontal it + might look like: 0----1 | | 3----2 * when it's rotated 180 degrees + around the top-left corner it becomes: 2----3 | | 1----0 and the + vertex order will still be (0, 1, 2, 3). + property: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1TextAnnotationTextProperty + description: Additional information detected for the symbol. + Result: properties: - gcsImageUri: + score: description: >- - **Use `image_uri` instead.** The Google Cloud Storage URI of the - form `gs://bucket_name/object_name`. Object versioning is not - supported. See [Google Cloud Storage Request - URIs](https://cloud.google.com/storage/docs/reference-uris) for more - info. - type: string - imageUri: + A confidence level on the match, ranging from 0 (no confidence) to 1 + (full confidence). + format: float + type: number + product: + $ref: '#/components/schemas/Product' + description: The Product. + image: description: >- - The URI of the source image. Can be either: 1. A Google Cloud - Storage URI of the form `gs://bucket_name/object_name`. Object - versioning is not supported. See [Google Cloud Storage Request - URIs](https://cloud.google.com/storage/docs/reference-uris) for more - info. 2. A publicly-accessible image HTTP/HTTPS URL. When fetching - images from HTTP/HTTPS URLs, Google cannot guarantee that the - request will be completed. Your request may fail if the specified - host denies the request (e.g. due to request throttling or DOS - prevention), or if Google throttles requests to the site for abuse - prevention. You should not depend on externally-hosted images for - production applications. When both `gcs_image_uri` and `image_uri` - are specified, `image_uri` takes precedence. + The resource name of the image from the product that is the closest + match to the query. type: string - Feature: - id: Feature - description: >- - The type of Google Cloud Vision API detection to perform, and the - maximum number of results to return for that type. Multiple `Feature` - objects can be specified in the `features` list. type: object + description: Information about a product. + id: Result + GoogleCloudVisionV1p1beta1Paragraph: + id: GoogleCloudVisionV1p1beta1Paragraph properties: - type: - description: The feature type. - type: string - enumDescriptions: - - Unspecified feature type. - - Run face detection. - - Run landmark detection. - - Run logo detection. - - Run label detection. - - >- - Run text detection / optical character recognition (OCR). Text - detection is optimized for areas of text within a larger image; if - the image is a document, use `DOCUMENT_TEXT_DETECTION` instead. - - >- - Run dense text document OCR. Takes precedence when both - `DOCUMENT_TEXT_DETECTION` and `TEXT_DETECTION` are present. - - >- - Run Safe Search to detect potentially unsafe or undesirable - content. - - >- - Compute a set of image properties, such as the image's dominant - colors. - - Run crop hints. - - Run web detection. - - Run Product Search. - - Run localizer for object detection. - enum: - - TYPE_UNSPECIFIED - - FACE_DETECTION - - LANDMARK_DETECTION - - LOGO_DETECTION - - LABEL_DETECTION - - TEXT_DETECTION - - DOCUMENT_TEXT_DETECTION - - SAFE_SEARCH_DETECTION - - IMAGE_PROPERTIES - - CROP_HINTS - - WEB_DETECTION - - PRODUCT_SEARCH - - OBJECT_LOCALIZATION - maxResults: + confidence: + format: float + type: number + description: Confidence of the OCR results for the paragraph. Range [0, 1]. + property: + description: Additional information detected for the paragraph. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1TextAnnotationTextProperty + boundingBox: description: >- - Maximum number of results of this type. Does not apply to - `TEXT_DETECTION`, `DOCUMENT_TEXT_DETECTION`, or `CROP_HINTS`. - type: integer + The bounding box for the paragraph. The vertices are in the order of + top-left, top-right, bottom-right, bottom-left. When a rotation of + the bounding box is detected the rotation is represented as around + the top-left corner as defined when the text is read in the + 'natural' orientation. For example: * when the text is horizontal it + might look like: 0----1 | | 3----2 * when it's rotated 180 degrees + around the top-left corner it becomes: 2----3 | | 1----0 and the + vertex order will still be (0, 1, 2, 3). + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' + words: + description: List of all words in this paragraph. + type: array + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Word' + type: object + description: Structural unit of text representing a number of words in certain order. + GoogleCloudVisionV1p1beta1AsyncAnnotateFileResponse: + properties: + outputConfig: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1OutputConfig' + description: The output location and metadata from AsyncAnnotateFileRequest. + description: The response for a single offline file annotation request. + id: GoogleCloudVisionV1p1beta1AsyncAnnotateFileResponse + type: object + GoogleCloudVisionV1p1beta1Page: + id: GoogleCloudVisionV1p1beta1Page + properties: + width: format: int32 - model: + type: integer description: >- - Model to use for the feature. Supported values: "builtin/stable" - (the default if unset) and "builtin/latest". - `DOCUMENT_TEXT_DETECTION` and `TEXT_DETECTION` also support - "builtin/rc" for the latest release candidate. - type: string + Page width. For PDFs the unit is points. For images (including + TIFFs) the unit is pixels. + height: + description: >- + Page height. For PDFs the unit is points. For images (including + TIFFs) the unit is pixels. + type: integer + format: int32 + property: + description: Additional information detected on the page. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1TextAnnotationTextProperty + confidence: + type: number + description: Confidence of the OCR results on the page. Range [0, 1]. + format: float + blocks: + type: array + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Block' + description: List of blocks of text, images etc on this page. + type: object + description: Detected page from OCR. + GoogleCloudVisionV1p4beta1DominantColorsAnnotation: + id: GoogleCloudVisionV1p4beta1DominantColorsAnnotation + type: object + description: Set of dominant colors and their corresponding scores. + properties: + colors: + type: array + description: RGB color values with their score and pixel fraction. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1ColorInfo' ImageContext: id: ImageContext - description: Image context and/or feature-specific parameters. - type: object properties: + textDetectionParams: + description: Parameters for text detection and document text detection. + $ref: '#/components/schemas/TextDetectionParams' + webDetectionParams: + description: Parameters for web detection. + $ref: '#/components/schemas/WebDetectionParams' latLongRect: description: Not used. $ref: '#/components/schemas/LatLongRect' + productSearchParams: + description: Parameters for product search. + $ref: '#/components/schemas/ProductSearchParams' + cropHintsParams: + $ref: '#/components/schemas/CropHintsParams' + description: Parameters for crop hints annotation request. languageHints: description: >- List of languages to use for TEXT_DETECTION. In most cases, an empty @@ -674,405 +577,471 @@ components: wrong). Text detection returns an error if one or more of the specified languages is not one of the [supported languages](https://cloud.google.com/vision/docs/languages). - type: array items: type: string - cropHintsParams: - description: Parameters for crop hints annotation request. - $ref: '#/components/schemas/CropHintsParams' - productSearchParams: - description: Parameters for product search. - $ref: '#/components/schemas/ProductSearchParams' - webDetectionParams: - description: Parameters for web detection. - $ref: '#/components/schemas/WebDetectionParams' - textDetectionParams: - description: Parameters for text detection and document text detection. - $ref: '#/components/schemas/TextDetectionParams' - LatLongRect: - id: LatLongRect - description: Rectangle determined by min and max `LatLng` pairs. + type: array + description: Image context and/or feature-specific parameters. + type: object + GoogleCloudVisionV1p3beta1TextAnnotationTextProperty: + description: Additional information detected on the structural component. type: object + id: GoogleCloudVisionV1p3beta1TextAnnotationTextProperty properties: - minLatLng: - description: Min lat/long pair. - $ref: '#/components/schemas/LatLng' - maxLatLng: - description: Max lat/long pair. - $ref: '#/components/schemas/LatLng' - LatLng: - id: LatLng - description: >- - An object that represents a latitude/longitude pair. This is expressed - as a pair of doubles to represent degrees latitude and degrees - longitude. Unless specified otherwise, this object must conform to the - WGS84 standard. Values must be within normalized ranges. - type: object + detectedLanguages: + type: array + description: A list of detected languages together with confidence. + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p3beta1TextAnnotationDetectedLanguage + detectedBreak: + description: Detected start or end of a text segment. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p3beta1TextAnnotationDetectedBreak + GoogleCloudVisionV1p2beta1Word: + description: A word representation. properties: - latitude: - description: The latitude in degrees. It must be in the range [-90.0, +90.0]. - type: number - format: double - longitude: - description: The longitude in degrees. It must be in the range [-180.0, +180.0]. + boundingBox: + description: >- + The bounding box for the word. The vertices are in the order of + top-left, top-right, bottom-right, bottom-left. When a rotation of + the bounding box is detected the rotation is represented as around + the top-left corner as defined when the text is read in the + 'natural' orientation. For example: * when the text is horizontal it + might look like: 0----1 | | 3----2 * when it's rotated 180 degrees + around the top-left corner it becomes: 2----3 | | 1----0 and the + vertex order will still be (0, 1, 2, 3). + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' + confidence: + description: Confidence of the OCR results for the word. Range [0, 1]. type: number - format: double - CropHintsParams: - id: CropHintsParams - description: Parameters for crop hints annotation request. + format: float + property: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1TextAnnotationTextProperty + description: Additional information detected for the word. + symbols: + description: >- + List of symbols in the word. The order of the symbols follows the + natural reading order. + type: array + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Symbol' + id: GoogleCloudVisionV1p2beta1Word type: object + GoogleCloudVisionV1p3beta1AsyncBatchAnnotateFilesResponse: properties: - aspectRatios: - description: >- - Aspect ratios in floats, representing the ratio of the width to the - height of the image. For example, if the desired aspect ratio is - 4/3, the corresponding float value should be 1.33333. If not - specified, the best possible crop is returned. The number of - provided aspect ratios is limited to a maximum of 16; any aspect - ratios provided after the 16th are ignored. + responses: type: array items: - type: number - format: float - ProductSearchParams: - id: ProductSearchParams - description: Parameters for a product search request. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p3beta1AsyncAnnotateFileResponse + description: >- + The list of file annotation responses, one for each request in + AsyncBatchAnnotateFilesRequest. type: object + id: GoogleCloudVisionV1p3beta1AsyncBatchAnnotateFilesResponse + description: Response to an async batch file annotation request. + Symbol: + description: A single symbol representation. properties: - boundingPoly: + confidence: + description: Confidence of the OCR results for the symbol. Range [0, 1]. + type: number + format: float + boundingBox: description: >- - The bounding polygon around the area of interest in the image. If it - is not specified, system discretion will be applied. + The bounding box for the symbol. The vertices are in the order of + top-left, top-right, bottom-right, bottom-left. When a rotation of + the bounding box is detected the rotation is represented as around + the top-left corner as defined when the text is read in the + 'natural' orientation. For example: * when the text is horizontal it + might look like: 0----1 | | 3----2 * when it's rotated 180 degrees + around the top-left corner it becomes: 2----3 | | 1----0 and the + vertex order will still be (0, 1, 2, 3). $ref: '#/components/schemas/BoundingPoly' - productSet: + property: + $ref: '#/components/schemas/TextProperty' + description: Additional information detected for the symbol. + text: + type: string + description: The actual UTF-8 representation of the symbol. + type: object + id: Symbol + AnnotateImageRequest: + type: object + description: >- + Request for performing Google Cloud Vision API tasks over a + user-provided image, with user-requested features, and with context + information. + properties: + imageContext: + description: Additional context that may accompany the image. + $ref: '#/components/schemas/ImageContext' + features: + items: + $ref: '#/components/schemas/Feature' + type: array + description: Requested features. + image: + description: The image to be processed. + $ref: '#/components/schemas/Image' + id: AnnotateImageRequest + GoogleCloudVisionV1p3beta1Product: + properties: + description: description: >- - The resource name of a ProductSet to be searched for similar images. - Format is: - `projects/PROJECT_ID/locations/LOC_ID/productSets/PRODUCT_SET_ID`. + User-provided metadata to be stored with this product. Must be at + most 4096 characters long. + type: string + name: type: string - productCategories: description: >- - The list of product categories to search in. Currently, we only - consider the first category, and either "homegoods-v2", - "apparel-v2", "toys-v2", "packagedgoods-v1", or "general-v1" should - be specified. The legacy categories "homegoods", "apparel", and - "toys" are still supported but will be deprecated. For new products, - please use "homegoods-v2", "apparel-v2", or "toys-v2" for better - product search accuracy. It is recommended to migrate existing - products to these categories as well. + The resource name of the product. Format is: + `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID`. This + field is ignored when creating a product. + displayName: + description: >- + The user-provided name for this Product. Must not be empty. Must be + at most 4096 characters long. + type: string + productLabels: type: array - items: - type: string - filter: description: >- - The filtering expression. This can be used to restrict search - results based on Product labels. We currently support an AND of OR - of key-value expressions, where each expression within an OR must - have the same key. An '=' should be used to connect the key and - value. For example, "(color = red OR color = blue) AND brand = - Google" is acceptable, but "(color = red OR brand = Google)" is not - acceptable. "color: red" is not acceptable because it uses a ':' - instead of an '='. + Key-value pairs that can be attached to a product. At query time, + constraints can be specified based on the product_labels. Note that + integer values can be provided as strings, e.g. "1199". Only strings + with integer values can match a range-based restriction which is to + be supported soon. Multiple values can be assigned to the same key. + One product may have up to 500 product_labels. Notice that the total + number of distinct product_labels over all products in one + ProductSet cannot exceed 1M, otherwise the product search pipeline + will refuse to work for that ProductSet. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1ProductKeyValue' + productCategory: type: string - WebDetectionParams: - id: WebDetectionParams - description: Parameters for web detection request. + description: >- + Immutable. The category for the product identified by the reference + image. This should be one of "homegoods-v2", "apparel-v2", + "toys-v2", "packagedgoods-v1" or "general-v1". The legacy categories + "homegoods", "apparel", and "toys" are still supported, but these + should not be used for new products. type: object - properties: - includeGeoResults: - description: This field has no effect on results. - deprecated: true - type: boolean - TextDetectionParams: - id: TextDetectionParams - description: >- - Parameters for text detections. This is used to control TEXT_DETECTION - and DOCUMENT_TEXT_DETECTION features. + description: A Product contains ReferenceImages. + id: GoogleCloudVisionV1p3beta1Product + GoogleCloudVisionV1p2beta1TextAnnotationDetectedLanguage: + id: GoogleCloudVisionV1p2beta1TextAnnotationDetectedLanguage type: object properties: - enableTextDetectionConfidenceScore: - description: >- - By default, Cloud Vision API only includes confidence score for - DOCUMENT_TEXT_DETECTION result. Set the flag to true to include - confidence score for TEXT_DETECTION as well. - type: boolean - advancedOcrOptions: + confidence: + description: Confidence of detected language. Range [0, 1]. + format: float + type: number + languageCode: + type: string description: >- - A list of advanced OCR options to further fine-tune OCR behavior. - Current valid values are: - `legacy_layout`: a heuristics layout - detection algorithm, which serves as an alternative to the current - ML-based layout detection algorithm. Customers can choose the best - suitable layout algorithm based on their situation. - type: array - items: - type: string - BatchAnnotateImagesResponse: - id: BatchAnnotateImagesResponse - description: Response to a batch image annotation request. + The BCP-47 language code, such as "en-US" or "sr-Latn". For more + information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + description: Detected language for a structural component. + GoogleCloudVisionV1p1beta1NormalizedVertex: type: object + description: >- + A vertex represents a 2D point in the image. NOTE: the normalized vertex + coordinates are relative to the original image and range from 0 to 1. + properties: + 'y': + format: float + type: number + description: Y coordinate. + x: + type: number + description: X coordinate. + format: float + id: GoogleCloudVisionV1p1beta1NormalizedVertex + AnnotateFileResponse: + description: >- + Response to a single file annotation request. A file may contain one or + more images, which individually have their own responses. properties: + inputConfig: + description: Information about the file for which this response is generated. + $ref: '#/components/schemas/InputConfig' responses: - description: Individual responses to image annotation requests within the batch. + description: >- + Individual responses to images found within the file. This field + will be empty if the `error` field is set. type: array items: $ref: '#/components/schemas/AnnotateImageResponse' - AnnotateImageResponse: - id: AnnotateImageResponse - description: Response to an image annotation request. - type: object - properties: - faceAnnotations: - description: If present, face detection has completed successfully. - type: array - items: - $ref: '#/components/schemas/FaceAnnotation' - landmarkAnnotations: - description: If present, landmark detection has completed successfully. + error: + description: >- + If set, represents the error message for the failed request. The + `responses` field will not be set in this case. + $ref: '#/components/schemas/Status' + totalPages: + format: int32 + type: integer + description: This field gives the total number of pages in the file. + id: AnnotateFileResponse + type: object + ListProductsInProductSetResponse: + type: object + properties: + products: type: array + description: The list of Products. items: - $ref: '#/components/schemas/EntityAnnotation' - logoAnnotations: - description: If present, logo detection has completed successfully. + $ref: '#/components/schemas/Product' + nextPageToken: + description: >- + Token to retrieve the next page of results, or empty if there are no + more results in the list. + type: string + id: ListProductsInProductSetResponse + description: Response message for the `ListProductsInProductSet` method. + GoogleCloudVisionV1p2beta1ProductSearchResultsGroupedResult: + id: GoogleCloudVisionV1p2beta1ProductSearchResultsGroupedResult + type: object + properties: + boundingPoly: + description: The bounding polygon around the product detected in the query image. + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' + objectAnnotations: + description: List of generic predictions for the object in the bounding box. type: array items: - $ref: '#/components/schemas/EntityAnnotation' - labelAnnotations: - description: If present, label detection has completed successfully. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1ProductSearchResultsObjectAnnotation + results: + description: List of results, one for each product match. type: array items: - $ref: '#/components/schemas/EntityAnnotation' - localizedObjectAnnotations: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1ProductSearchResultsResult + description: >- + Information about the products similar to a single product in a query + image. + ListProductsResponse: + id: ListProductsResponse + description: Response message for the `ListProducts` method. + properties: + nextPageToken: + type: string description: >- - If present, localized object detection has completed successfully. - This will be sorted descending by confidence score. - type: array - items: - $ref: '#/components/schemas/LocalizedObjectAnnotation' - textAnnotations: - description: If present, text (OCR) detection has completed successfully. + Token to retrieve the next page of results, or empty if there are no + more results in the list. + products: type: array + description: List of products. items: - $ref: '#/components/schemas/EntityAnnotation' - fullTextAnnotation: + $ref: '#/components/schemas/Product' + type: object + GoogleCloudVisionV1p4beta1Celebrity: + properties: + description: + description: The Celebrity's description. + type: string + displayName: + description: The Celebrity's display name. + type: string + name: description: >- - If present, text (OCR) detection or document (OCR) text detection - has completed successfully. This annotation provides the structural - hierarchy for the OCR detected text. - $ref: '#/components/schemas/TextAnnotation' - safeSearchAnnotation: - description: If present, safe-search annotation has completed successfully. - $ref: '#/components/schemas/SafeSearchAnnotation' - imagePropertiesAnnotation: - description: If present, image properties were extracted successfully. - $ref: '#/components/schemas/ImageProperties' - cropHintsAnnotation: - description: If present, crop hints have completed successfully. - $ref: '#/components/schemas/CropHintsAnnotation' - webDetection: - description: If present, web detection has completed successfully. - $ref: '#/components/schemas/WebDetection' - productSearchResults: - description: If present, product search has completed successfully. - $ref: '#/components/schemas/ProductSearchResults' - error: + The resource name of the preloaded Celebrity. Has the format + `builtin/{mid}`. + type: string + description: A Celebrity is a group of Faces with an identity. + id: GoogleCloudVisionV1p4beta1Celebrity + type: object + GoogleCloudVisionV1p3beta1ProductSearchResultsResult: + description: Information about a product. + id: GoogleCloudVisionV1p3beta1ProductSearchResultsResult + type: object + properties: + score: + format: float description: >- - If set, represents the error message for the operation. Note that - filled-in image annotations are guaranteed to be correct, even when - `error` is set. - $ref: '#/components/schemas/Status' - context: + A confidence level on the match, ranging from 0 (no confidence) to 1 + (full confidence). + type: number + image: description: >- - If present, contextual information is needed to understand where - this image comes from. - $ref: '#/components/schemas/ImageAnnotationContext' - FaceAnnotation: - id: FaceAnnotation - description: A face annotation object contains the results of face detection. - type: object + The resource name of the image from the product that is the closest + match to the query. + type: string + product: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Product' + description: The Product. + GoogleCloudVisionV1p2beta1Product: + description: A Product contains ReferenceImages. + id: GoogleCloudVisionV1p2beta1Product properties: - boundingPoly: + displayName: description: >- - The bounding polygon around the face. The coordinates of the - bounding box are in the original image's scale. The bounding box is - computed to "frame" the face in accordance with human expectations. - It is based on the landmarker results. Note that one or more x - and/or y coordinates may not be generated in the `BoundingPoly` (the - polygon will be unbounded) if only a partial face appears in the - image to be annotated. - $ref: '#/components/schemas/BoundingPoly' - fdBoundingPoly: + The user-provided name for this Product. Must not be empty. Must be + at most 4096 characters long. + type: string + name: + type: string description: >- - The `fd_bounding_poly` bounding polygon is tighter than the - `boundingPoly`, and encloses only the skin part of the face. - Typically, it is used to eliminate the face from any image analysis - that detects the "amount of skin" visible in an image. It is not - based on the landmarker results, only on the initial face detection, - hence the fd (face detection) prefix. - $ref: '#/components/schemas/BoundingPoly' - landmarks: - description: Detected face landmarks. - type: array + The resource name of the product. Format is: + `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID`. This + field is ignored when creating a product. + productLabels: items: - $ref: '#/components/schemas/Landmark' - rollAngle: - description: >- - Roll angle, which indicates the amount of clockwise/anti-clockwise - rotation of the face relative to the image vertical about the axis - perpendicular to the face. Range [-180,180]. - type: number - format: float - panAngle: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1ProductKeyValue' description: >- - Yaw angle, which indicates the leftward/rightward angle that the - face is pointing relative to the vertical plane perpendicular to the - image. Range [-180,180]. - type: number - format: float - tiltAngle: + Key-value pairs that can be attached to a product. At query time, + constraints can be specified based on the product_labels. Note that + integer values can be provided as strings, e.g. "1199". Only strings + with integer values can match a range-based restriction which is to + be supported soon. Multiple values can be assigned to the same key. + One product may have up to 500 product_labels. Notice that the total + number of distinct product_labels over all products in one + ProductSet cannot exceed 1M, otherwise the product search pipeline + will refuse to work for that ProductSet. + type: array + productCategory: description: >- - Pitch angle, which indicates the upwards/downwards angle that the - face is pointing relative to the image's horizontal plane. Range - [-180,180]. - type: number - format: float - detectionConfidence: - description: Detection confidence. Range [0, 1]. - type: number - format: float - landmarkingConfidence: - description: Face landmarking confidence. Range [0, 1]. - type: number - format: float - joyLikelihood: - description: Joy likelihood. - type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - sorrowLikelihood: - description: Sorrow likelihood. + Immutable. The category for the product identified by the reference + image. This should be one of "homegoods-v2", "apparel-v2", + "toys-v2", "packagedgoods-v1" or "general-v1". The legacy categories + "homegoods", "apparel", and "toys" are still supported, but these + should not be used for new products. type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - angerLikelihood: - description: Anger likelihood. + description: type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - surpriseLikelihood: - description: Surprise likelihood. + description: >- + User-provided metadata to be stored with this product. Must be at + most 4096 characters long. + type: object + GoogleCloudVisionV1p2beta1AnnotateFileResponse: + type: object + description: >- + Response to a single file annotation request. A file may contain one or + more images, which individually have their own responses. + properties: + totalPages: + type: integer + format: int32 + description: This field gives the total number of pages in the file. + inputConfig: + description: Information about the file for which this response is generated. + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1InputConfig' + responses: + type: array + description: >- + Individual responses to images found within the file. This field + will be empty if the `error` field is set. + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1AnnotateImageResponse + error: + $ref: '#/components/schemas/Status' + description: >- + If set, represents the error message for the failed request. The + `responses` field will not be set in this case. + id: GoogleCloudVisionV1p2beta1AnnotateFileResponse + GoogleCloudVisionV1p2beta1OutputConfig: + id: GoogleCloudVisionV1p2beta1OutputConfig + description: The desired output location and metadata. + properties: + gcsDestination: + description: The Google Cloud Storage location to write the output(s) to. + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1GcsDestination' + batchSize: + format: int32 + description: >- + The max number of response protos to put into each output JSON file + on Google Cloud Storage. The valid range is [1, 100]. If not + specified, the default value is 20. For example, for one pdf file + with 100 pages, 100 response protos will be generated. If + `batch_size` = 20, then 5 json files each containing 20 response + protos will be written under the prefix `gcs_destination`.`uri`. + Currently, batch_size only applies to GcsDestination, with potential + future support for other output configurations. + type: integer + type: object + GoogleCloudVisionV1p4beta1InputConfig: + description: The desired input location and metadata. + properties: + mimeType: + description: >- + The type of the file. Currently only "application/pdf", "image/tiff" + and "image/gif" are supported. Wildcards are not supported. type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - underExposedLikelihood: - description: Under-exposed likelihood. + gcsSource: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1GcsSource' + description: The Google Cloud Storage location to read the input from. + content: + format: byte type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - blurredLikelihood: - description: Blurred likelihood. + description: >- + File content, represented as a stream of bytes. Note: As with all + `bytes` fields, protobuffers use a pure binary representation, + whereas JSON representations use base64. Currently, this field only + works for BatchAnnotateFiles requests. It does not work for + AsyncBatchAnnotateFiles requests. + id: GoogleCloudVisionV1p4beta1InputConfig + type: object + GoogleCloudVisionV1p1beta1TextAnnotationTextProperty: + properties: + detectedLanguages: + type: array + description: A list of detected languages together with confidence. + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1TextAnnotationDetectedLanguage + detectedBreak: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1TextAnnotationDetectedBreak + description: Detected start or end of a text segment. + id: GoogleCloudVisionV1p1beta1TextAnnotationTextProperty + type: object + description: Additional information detected on the structural component. + GoogleCloudVisionV1p4beta1OutputConfig: + type: object + properties: + gcsDestination: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1GcsDestination' + description: The Google Cloud Storage location to write the output(s) to. + batchSize: + description: >- + The max number of response protos to put into each output JSON file + on Google Cloud Storage. The valid range is [1, 100]. If not + specified, the default value is 20. For example, for one pdf file + with 100 pages, 100 response protos will be generated. If + `batch_size` = 20, then 5 json files each containing 20 response + protos will be written under the prefix `gcs_destination`.`uri`. + Currently, batch_size only applies to GcsDestination, with potential + future support for other output configurations. + format: int32 + type: integer + id: GoogleCloudVisionV1p4beta1OutputConfig + description: The desired output location and metadata. + GoogleCloudVisionV1p4beta1ProductKeyValue: + properties: + value: type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - headwearLikelihood: - description: Headwear likelihood. + description: >- + The value of the label attached to the product. Cannot be empty and + cannot exceed 128 bytes. + key: + description: >- + The key of the label attached to the product. Cannot be empty and + cannot exceed 128 bytes. type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY + id: GoogleCloudVisionV1p4beta1ProductKeyValue + type: object + description: A product label represented as a key-value pair. Landmark: - id: Landmark description: >- A face-specific landmark (for example, a face feature). Landmark positions may fall outside the bounds of the image if the face is near one or more edges of the image. Therefore it is NOT guaranteed that `0 <= x < width` or `0 <= y < height`. - type: object properties: type: - description: Face landmark type. type: string enumDescriptions: - Unknown face landmark detected. Should not be filled. @@ -1112,6 +1081,7 @@ components: - Chin right gonion. - Left cheek center. - Right cheek center. + description: Face landmark type. enum: - UNKNOWN_LANDMARK - LEFT_EYE @@ -1153,391 +1123,131 @@ components: position: description: Face landmark position. $ref: '#/components/schemas/Position' - Position: - id: Position - description: >- - A 3D position in the image, used primarily for Face detection landmarks. - A valid Position must have both x and y coordinates. The position - coordinates are in the same scale as the original image. + id: Landmark type: object - properties: - x: - description: X coordinate. - type: number - format: float - 'y': - description: Y coordinate. - type: number - format: float - z: - description: Z coordinate (or depth). - type: number - format: float - EntityAnnotation: - id: EntityAnnotation - description: Set of detected entity features. + GoogleCloudVisionV1p1beta1WebDetectionWebLabel: + description: Label to provide extra metadata for the web detection. type: object + id: GoogleCloudVisionV1p1beta1WebDetectionWebLabel properties: - mid: + languageCode: description: >- - Opaque entity ID. Some IDs may be available in [Google Knowledge - Graph Search API](https://developers.google.com/knowledge-graph/). + The BCP-47 language code for `label`, such as "en-US" or "sr-Latn". + For more information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. type: string - locale: - description: >- - The language code for the locale in which the entity textual - `description` is expressed. + label: + description: Label for extra metadata. type: string - description: - description: Entity textual description, expressed in its `locale` language. + RemoveProductFromProductSetRequest: + properties: + product: type: string - score: - description: Overall score of the result. Range [0, 1]. - type: number - format: float - confidence: - description: >- - **Deprecated. Use `score` instead.** The accuracy of the entity - detection in an image. For example, for an image in which the - "Eiffel Tower" entity is detected, this field represents the - confidence that there is a tower in the query image. Range [0, 1]. - deprecated: true - type: number - format: float - topicality: description: >- - The relevancy of the ICA (Image Content Annotation) label to the - image. For example, the relevancy of "tower" is likely higher to an - image containing the detected "Eiffel Tower" than to an image - containing a detected distant towering building, even though the - confidence that there is a tower in each image may be the same. - Range [0, 1]. - type: number - format: float - boundingPoly: - description: >- - Image region to which this entity belongs. Not produced for - `LABEL_DETECTION` features. - $ref: '#/components/schemas/BoundingPoly' - locations: - description: >- - The location information for the detected entity. Multiple - `LocationInfo` elements can be present because one location may - indicate the location of the scene in the image, and another - location may indicate the location of the place where the image was - taken. Location information is usually present for landmarks. + Required. The resource name for the Product to be removed from this + ProductSet. Format is: + `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID` + id: RemoveProductFromProductSetRequest + type: object + description: Request message for the `RemoveProductFromProductSet` method. + GoogleCloudVisionV1p4beta1AnnotateImageResponse: + properties: + cropHintsAnnotation: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1CropHintsAnnotation' + description: If present, crop hints have completed successfully. + productSearchResults: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1ProductSearchResults' + description: If present, product search has completed successfully. + textAnnotations: type: array + description: If present, text (OCR) detection has completed successfully. items: - $ref: '#/components/schemas/LocationInfo' - properties: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1EntityAnnotation' + imagePropertiesAnnotation: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1ImageProperties' + description: If present, image properties were extracted successfully. + fullTextAnnotation: description: >- - Some entities may have optional user-supplied `Property` - (name/value) fields, such a score or string that qualifies the - entity. + If present, text (OCR) detection or document (OCR) text detection + has completed successfully. This annotation provides the structural + hierarchy for the OCR detected text. + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1TextAnnotation' + safeSearchAnnotation: + description: If present, safe-search annotation has completed successfully. + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1SafeSearchAnnotation' + landmarkAnnotations: type: array items: - $ref: '#/components/schemas/Property' - LocationInfo: - id: LocationInfo - description: Detected entity location information. - type: object - properties: - latLng: - description: lat/long location coordinates. - $ref: '#/components/schemas/LatLng' - Property: - id: Property - description: A `Property` consists of a user-supplied name/value pair. - type: object - properties: - name: - description: Name of the property. - type: string - value: - description: Value of the property. - type: string - uint64Value: - description: Value of numeric properties. - type: string - format: uint64 - LocalizedObjectAnnotation: - id: LocalizedObjectAnnotation - description: Set of detected objects with bounding boxes. - type: object - properties: - mid: - description: Object ID that should align with EntityAnnotation mid. - type: string - languageCode: - description: >- - The BCP-47 language code, such as "en-US" or "sr-Latn". For more - information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. - type: string - name: - description: Object name, expressed in its `language_code` language. - type: string - score: - description: Score of the result. Range [0, 1]. - type: number - format: float - boundingPoly: - description: Image region to which this object belongs. This must be populated. - $ref: '#/components/schemas/BoundingPoly' - TextAnnotation: - id: TextAnnotation - description: >- - TextAnnotation contains a structured representation of OCR extracted - text. The hierarchy of an OCR extracted text structure is like this: - TextAnnotation -> Page -> Block -> Paragraph -> Word -> Symbol Each - structural component, starting from Page, may further have their own - properties. Properties describe detected languages, breaks etc.. Please - refer to the TextAnnotation.TextProperty message definition below for - more detail. - type: object - properties: - pages: - description: List of pages detected by OCR. - type: array + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1EntityAnnotation' + description: If present, landmark detection has completed successfully. + labelAnnotations: items: - $ref: '#/components/schemas/Page' - text: - description: UTF-8 text detected on the pages. - type: string - Page: - id: Page - description: Detected page from OCR. - type: object - properties: - property: - description: Additional information detected on the page. - $ref: '#/components/schemas/TextProperty' - width: - description: >- - Page width. For PDFs the unit is points. For images (including - TIFFs) the unit is pixels. - type: integer - format: int32 - height: - description: >- - Page height. For PDFs the unit is points. For images (including - TIFFs) the unit is pixels. - type: integer - format: int32 - blocks: - description: List of blocks of text, images etc on this page. + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1EntityAnnotation' type: array + description: If present, label detection has completed successfully. + error: + description: >- + If set, represents the error message for the operation. Note that + filled-in image annotations are guaranteed to be correct, even when + `error` is set. + $ref: '#/components/schemas/Status' + faceAnnotations: + description: If present, face detection has completed successfully. items: - $ref: '#/components/schemas/Block' - confidence: - description: Confidence of the OCR results on the page. Range [0, 1]. - type: number - format: float - TextProperty: - id: TextProperty - description: Additional information detected on the structural component. - type: object - properties: - detectedLanguages: - description: A list of detected languages together with confidence. + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1FaceAnnotation' + type: array + webDetection: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1WebDetection' + description: If present, web detection has completed successfully. + context: + description: >- + If present, contextual information is needed to understand where + this image comes from. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1ImageAnnotationContext + logoAnnotations: + description: If present, logo detection has completed successfully. type: array items: - $ref: '#/components/schemas/DetectedLanguage' - detectedBreak: - description: Detected start or end of a text segment. - $ref: '#/components/schemas/DetectedBreak' - DetectedLanguage: - id: DetectedLanguage - description: Detected language for a structural component. - type: object - properties: - languageCode: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1EntityAnnotation' + localizedObjectAnnotations: description: >- - The BCP-47 language code, such as "en-US" or "sr-Latn". For more - information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. - type: string - confidence: - description: Confidence of detected language. Range [0, 1]. - type: number - format: float - DetectedBreak: - id: DetectedBreak - description: Detected start or end of a structural component. + If present, localized object detection has completed successfully. + This will be sorted descending by confidence score. + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1LocalizedObjectAnnotation + type: array + description: Response to an image annotation request. + id: GoogleCloudVisionV1p4beta1AnnotateImageResponse type: object + GoogleCloudVisionV1p3beta1FaceAnnotation: properties: - type: - description: Detected break type. + surpriseLikelihood: + description: Surprise likelihood. type: string enumDescriptions: - - Unknown break label type. - - Regular space. - - Sure space (very wide). - - Line-wrapping break. - - >- - End-line hyphen that is not present in text; does not co-occur - with `SPACE`, `LEADER_SPACE`, or `LINE_BREAK`. - - Line break that ends a paragraph. + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. enum: - UNKNOWN - - SPACE - - SURE_SPACE - - EOL_SURE_SPACE - - HYPHEN - - LINE_BREAK - isPrefix: - description: True if break prepends the element. - type: boolean - Block: - id: Block - description: Logical element on the page. - type: object - properties: - property: - description: Additional information detected for the block. - $ref: '#/components/schemas/TextProperty' - boundingBox: + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + tiltAngle: description: >- - The bounding box for the block. The vertices are in the order of - top-left, top-right, bottom-right, bottom-left. When a rotation of - the bounding box is detected the rotation is represented as around - the top-left corner as defined when the text is read in the - 'natural' orientation. For example: * when the text is horizontal it - might look like: 0----1 | | 3----2 * when it's rotated 180 degrees - around the top-left corner it becomes: 2----3 | | 1----0 and the - vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/BoundingPoly' - paragraphs: - description: List of paragraphs in this block (if this blocks is of type text). - type: array - items: - $ref: '#/components/schemas/Paragraph' - blockType: - description: Detected block type (text, image etc) for this block. - type: string - enumDescriptions: - - Unknown block type. - - Regular text block. - - Table block. - - Image block. - - Horizontal/vertical line box. - - Barcode block. - enum: - - UNKNOWN - - TEXT - - TABLE - - PICTURE - - RULER - - BARCODE - confidence: - description: Confidence of the OCR results on the block. Range [0, 1]. - type: number - format: float - Paragraph: - id: Paragraph - description: Structural unit of text representing a number of words in certain order. - type: object - properties: - property: - description: Additional information detected for the paragraph. - $ref: '#/components/schemas/TextProperty' - boundingBox: - description: >- - The bounding box for the paragraph. The vertices are in the order of - top-left, top-right, bottom-right, bottom-left. When a rotation of - the bounding box is detected the rotation is represented as around - the top-left corner as defined when the text is read in the - 'natural' orientation. For example: * when the text is horizontal it - might look like: 0----1 | | 3----2 * when it's rotated 180 degrees - around the top-left corner it becomes: 2----3 | | 1----0 and the - vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/BoundingPoly' - words: - description: List of all words in this paragraph. - type: array - items: - $ref: '#/components/schemas/Word' - confidence: - description: Confidence of the OCR results for the paragraph. Range [0, 1]. - type: number - format: float - Word: - id: Word - description: A word representation. - type: object - properties: - property: - description: Additional information detected for the word. - $ref: '#/components/schemas/TextProperty' - boundingBox: - description: >- - The bounding box for the word. The vertices are in the order of - top-left, top-right, bottom-right, bottom-left. When a rotation of - the bounding box is detected the rotation is represented as around - the top-left corner as defined when the text is read in the - 'natural' orientation. For example: * when the text is horizontal it - might look like: 0----1 | | 3----2 * when it's rotated 180 degrees - around the top-left corner it becomes: 2----3 | | 1----0 and the - vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/BoundingPoly' - symbols: - description: >- - List of symbols in the word. The order of the symbols follows the - natural reading order. - type: array - items: - $ref: '#/components/schemas/Symbol' - confidence: - description: Confidence of the OCR results for the word. Range [0, 1]. - type: number - format: float - Symbol: - id: Symbol - description: A single symbol representation. - type: object - properties: - property: - description: Additional information detected for the symbol. - $ref: '#/components/schemas/TextProperty' - boundingBox: - description: >- - The bounding box for the symbol. The vertices are in the order of - top-left, top-right, bottom-right, bottom-left. When a rotation of - the bounding box is detected the rotation is represented as around - the top-left corner as defined when the text is read in the - 'natural' orientation. For example: * when the text is horizontal it - might look like: 0----1 | | 3----2 * when it's rotated 180 degrees - around the top-left corner it becomes: 2----3 | | 1----0 and the - vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/BoundingPoly' - text: - description: The actual UTF-8 representation of the symbol. - type: string - confidence: - description: Confidence of the OCR results for the symbol. Range [0, 1]. + Pitch angle, which indicates the upwards/downwards angle that the + face is pointing relative to the image's horizontal plane. Range + [-180,180]. type: number format: float - SafeSearchAnnotation: - id: SafeSearchAnnotation - description: >- - Set of features pertaining to the image, computed by computer vision - methods over safe-search verticals (for example, adult, spoof, medical, - violence). - type: object - properties: - adult: - description: >- - Represents the adult content likelihood for the image. Adult content - may contain elements such as nudity, pornographic images or - cartoons, or sexual activities. - type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. + blurredLikelihood: enum: - UNKNOWN - VERY_UNLIKELY @@ -1545,10 +1255,7 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - spoof: - description: >- - Spoof likelihood. The likelihood that an modification was made to - the image's canonical version to make it appear funny or offensive. + description: Blurred likelihood. type: string enumDescriptions: - Unknown likelihood. @@ -1557,6 +1264,7 @@ components: - It is possible. - It is likely. - It is very likely. + headwearLikelihood: enum: - UNKNOWN - VERY_UNLIKELY @@ -1564,9 +1272,38 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - medical: - description: Likelihood that this is a medical image. + description: Headwear likelihood. + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. type: string + panAngle: + format: float + description: >- + Yaw angle, which indicates the leftward/rightward angle that the + face is pointing relative to the vertical plane perpendicular to the + image. Range [-180,180]. + type: number + landmarks: + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p3beta1FaceAnnotationLandmark + description: Detected face landmarks. + type: array + fdBoundingPoly: + description: >- + The `fd_bounding_poly` bounding polygon is tighter than the + `boundingPoly`, and encloses only the skin part of the face. + Typically, it is used to eliminate the face from any image analysis + that detects the "amount of skin" visible in an image. It is not + based on the landmarker results, only on the initial face detection, + hence the fd (face detection) prefix. + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' + joyLikelihood: enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -1574,6 +1311,8 @@ components: - It is possible. - It is likely. - It is very likely. + description: Joy likelihood. + type: string enum: - UNKNOWN - VERY_UNLIKELY @@ -1581,12 +1320,15 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - violence: + rollAngle: + type: number + format: float description: >- - Likelihood that this image contains violent content. Violent content - may include death, serious harm, or injury to individuals or groups - of individuals. - type: string + Roll angle, which indicates the amount of clockwise/anti-clockwise + rotation of the face relative to the image vertical about the axis + perpendicular to the face. Range [-180,180]. + sorrowLikelihood: + description: Sorrow likelihood. enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -1601,13 +1343,40 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - racy: + type: string + landmarkingConfidence: + description: Face landmarking confidence. Range [0, 1]. + format: float + type: number + boundingPoly: description: >- - Likelihood that the request image contains racy content. Racy - content may include (but is not limited to) skimpy or sheer - clothing, strategically covered nudity, lewd or provocative poses, - or close-ups of sensitive body areas. + The bounding polygon around the face. The coordinates of the + bounding box are in the original image's scale. The bounding box is + computed to "frame" the face in accordance with human expectations. + It is based on the landmarker results. Note that one or more x + and/or y coordinates may not be generated in the `BoundingPoly` (the + polygon will be unbounded) if only a partial face appears in the + image to be annotated. + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' + underExposedLikelihood: + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. type: string + description: Under-exposed likelihood. + angerLikelihood: + description: Anger likelihood. enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -1615,6 +1384,7 @@ components: - It is possible. - It is likely. - It is very likely. + type: string enum: - UNKNOWN - VERY_UNLIKELY @@ -1622,176 +1392,125 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - ImageProperties: - id: ImageProperties - description: Stores image properties, such as dominant colors. + detectionConfidence: + description: Detection confidence. Range [0, 1]. + format: float + type: number type: object - properties: - dominantColors: - description: If present, dominant colors completed successfully. - $ref: '#/components/schemas/DominantColorsAnnotation' - DominantColorsAnnotation: - id: DominantColorsAnnotation - description: Set of dominant colors and their corresponding scores. + id: GoogleCloudVisionV1p3beta1FaceAnnotation + description: A face annotation object contains the results of face detection. + AsyncAnnotateFileResponse: type: object + id: AsyncAnnotateFileResponse + description: The response for a single offline file annotation request. properties: - colors: - description: RGB color values with their score and pixel fraction. - type: array - items: - $ref: '#/components/schemas/ColorInfo' - ColorInfo: - id: ColorInfo - description: >- - Color information consists of RGB channels, score, and the fraction of - the image that the color occupies in the image. + outputConfig: + description: The output location and metadata from AsyncAnnotateFileRequest. + $ref: '#/components/schemas/OutputConfig' + GoogleCloudVisionV1p1beta1TextAnnotationDetectedLanguage: + description: Detected language for a structural component. type: object + id: GoogleCloudVisionV1p1beta1TextAnnotationDetectedLanguage properties: - color: - description: RGB components of the color. - $ref: '#/components/schemas/Color' - score: - description: Image-specific score for this color. Value in range [0, 1]. - type: number - format: float - pixelFraction: + languageCode: description: >- - The fraction of pixels the color occupies in the image. Value in - range [0, 1]. + The BCP-47 language code, such as "en-US" or "sr-Latn". For more + information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + type: string + confidence: type: number + description: Confidence of detected language. Range [0, 1]. format: float - Color: - id: Color - description: >- - Represents a color in the RGBA color space. This representation is - designed for simplicity of conversion to and from color representations - in various languages over compactness. For example, the fields of this - representation can be trivially provided to the constructor of - `java.awt.Color` in Java; it can also be trivially provided to UIColor's - `+colorWithRed:green:blue:alpha` method in iOS; and, with just a little - work, it can be easily formatted into a CSS `rgba()` string in - JavaScript. This reference page doesn't have information about the - absolute color space that should be used to interpret the RGB value—for - example, sRGB, Adobe RGB, DCI-P3, and BT.2020. By default, applications - should assume the sRGB color space. When color equality needs to be - decided, implementations, unless documented otherwise, treat two colors - as equal if all their red, green, blue, and alpha values each differ by - at most `1e-5`. Example (Java): import com.google.type.Color; // ... - public static java.awt.Color fromProto(Color protocolor) { float alpha = - protocolor.hasAlpha() ? protocolor.getAlpha().getValue() : 1.0; return - new java.awt.Color( protocolor.getRed(), protocolor.getGreen(), - protocolor.getBlue(), alpha); } public static Color - toProto(java.awt.Color color) { float red = (float) color.getRed(); - float green = (float) color.getGreen(); float blue = (float) - color.getBlue(); float denominator = 255.0; Color.Builder resultBuilder - = Color .newBuilder() .setRed(red / denominator) .setGreen(green / - denominator) .setBlue(blue / denominator); int alpha = color.getAlpha(); - if (alpha != 255) { result.setAlpha( FloatValue .newBuilder() - .setValue(((float) alpha) / denominator) .build()); } return - resultBuilder.build(); } // ... Example (iOS / Obj-C): // ... static - UIColor* fromProto(Color* protocolor) { float red = [protocolor red]; - float green = [protocolor green]; float blue = [protocolor blue]; - FloatValue* alpha_wrapper = [protocolor alpha]; float alpha = 1.0; if - (alpha_wrapper != nil) { alpha = [alpha_wrapper value]; } return - [UIColor colorWithRed:red green:green blue:blue alpha:alpha]; } static - Color* toProto(UIColor* color) { CGFloat red, green, blue, alpha; if - (![color getRed:&red green:&green blue:&blue alpha:&alpha]) { return - nil; } Color* result = [[Color alloc] init]; [result setRed:red]; - [result setGreen:green]; [result setBlue:blue]; if (alpha <= 0.9999) { - [result setAlpha:floatWrapperWithValue(alpha)]; } [result autorelease]; - return result; } // ... Example (JavaScript): // ... var protoToCssColor - = function(rgb_color) { var redFrac = rgb_color.red || 0.0; var - greenFrac = rgb_color.green || 0.0; var blueFrac = rgb_color.blue || - 0.0; var red = Math.floor(redFrac * 255); var green = - Math.floor(greenFrac * 255); var blue = Math.floor(blueFrac * 255); if - (!('alpha' in rgb_color)) { return rgbToCssColor(red, green, blue); } - var alphaFrac = rgb_color.alpha.value || 0.0; var rgbParams = [red, - green, blue].join(','); return ['rgba(', rgbParams, ',', alphaFrac, - ')'].join(''); }; var rgbToCssColor = function(red, green, blue) { var - rgbNumber = new Number((red << 16) | (green << 8) | blue); var hexString - = rgbNumber.toString(16); var missingZeros = 6 - hexString.length; var - resultBuilder = ['#']; for (var i = 0; i < missingZeros; i++) { - resultBuilder.push('0'); } resultBuilder.push(hexString); return - resultBuilder.join(''); }; // ... - type: object + GoogleCloudVisionV1p4beta1ProductSearchResultsObjectAnnotation: properties: - red: - description: The amount of red in the color as a value in the interval [0, 1]. - type: number - format: float - green: - description: The amount of green in the color as a value in the interval [0, 1]. - type: number - format: float - blue: - description: The amount of blue in the color as a value in the interval [0, 1]. + score: type: number + description: Score of the result. Range [0, 1]. format: float - alpha: + name: + type: string + description: Object name, expressed in its `language_code` language. + languageCode: + type: string description: >- - The fraction of this color that should be applied to the pixel. That - is, the final pixel color is defined by the equation: `pixel color = - alpha * (this color) + (1.0 - alpha) * (background color)` This - means that a value of 1.0 corresponds to a solid color, whereas a - value of 0.0 corresponds to a completely transparent color. This - uses a wrapper message rather than a simple float scalar so that it - is possible to distinguish between a default value and the value - being unset. If omitted, this color object is rendered as a solid - color (as if the alpha value had been explicitly given a value of - 1.0). - type: number + The BCP-47 language code, such as "en-US" or "sr-Latn". For more + information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + mid: + description: Object ID that should align with EntityAnnotation mid. + type: string + id: GoogleCloudVisionV1p4beta1ProductSearchResultsObjectAnnotation + type: object + description: Prediction for what the object in the bounding box is. + GoogleCloudVisionV1p3beta1WebDetectionWebImage: + id: GoogleCloudVisionV1p3beta1WebDetectionWebImage + description: Metadata for online images. + type: object + properties: + url: + description: The result image URL. + type: string + score: format: float - CropHintsAnnotation: - id: CropHintsAnnotation - description: >- - Set of crop hints that are used to generate new crops when serving - images. + description: (Deprecated) Overall relevancy score for the image. + type: number + GcsDestination: type: object + id: GcsDestination + properties: + uri: + type: string + description: >- + Google Cloud Storage URI prefix where the results will be stored. + Results will be in JSON format and preceded by its corresponding + input URI prefix. This field can either represent a gcs file prefix + or gcs directory. In either case, the uri should be unique because + in order to get all of the output files, you will need to do a + wildcard gcs search on the uri prefix you provide. Examples: * File + Prefix: gs://bucket-name/here/filenameprefix The output files will + be created in gs://bucket-name/here/ and the names of the output + files will begin with "filenameprefix". * Directory Prefix: + gs://bucket-name/some/location/ The output files will be created in + gs://bucket-name/some/location/ and the names of the output files + could be anything because there was no filename prefix specified. If + multiple outputs, each response is still AnnotateFileResponse, each + of which contains some subset of the full list of + AnnotateImageResponse. Multiple outputs can happen if, for example, + the output JSON is too large and overflows into multiple sharded + files. + description: The Google Cloud Storage location where the output will be written to. + GoogleCloudVisionV1p2beta1CropHintsAnnotation: properties: cropHints: description: Crop hint results. type: array items: - $ref: '#/components/schemas/CropHint' - CropHint: - id: CropHint + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1CropHint' description: >- - Single crop hint that is used to generate a new crop when serving an - image. + Set of crop hints that are used to generate new crops when serving + images. + id: GoogleCloudVisionV1p2beta1CropHintsAnnotation type: object + GoogleCloudVisionV1p4beta1TextAnnotationDetectedLanguage: properties: - boundingPoly: + languageCode: description: >- - The bounding polygon for the crop region. The coordinates of the - bounding box are in the original image's scale. - $ref: '#/components/schemas/BoundingPoly' + The BCP-47 language code, such as "en-US" or "sr-Latn". For more + information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + type: string confidence: - description: Confidence of this being a salient region. Range [0, 1]. - type: number + description: Confidence of detected language. Range [0, 1]. format: float - importanceFraction: - description: >- - Fraction of importance of this salient region with respect to the - original image. type: number - format: float - WebDetection: - id: WebDetection - description: Relevant information for the image from the Internet. + id: GoogleCloudVisionV1p4beta1TextAnnotationDetectedLanguage + description: Detected language for a structural component. + type: object + GoogleCloudVisionV1p4beta1WebDetection: type: object + id: GoogleCloudVisionV1p4beta1WebDetection properties: - webEntities: - description: Deduced entities from similar images on the Internet. - type: array - items: - $ref: '#/components/schemas/WebEntity' - fullMatchingImages: - description: >- - Fully matching images from the Internet. Can include resized copies - of the query image. - type: array - items: - $ref: '#/components/schemas/WebImage' partialMatchingImages: description: >- Partial matching images from the Internet. Those images are similar @@ -1799,171 +1518,107 @@ components: image will likely have partial matching for its crops. type: array items: - $ref: '#/components/schemas/WebImage' - pagesWithMatchingImages: - description: Web pages containing the matching images from the Internet. - type: array + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1WebDetectionWebImage + fullMatchingImages: items: - $ref: '#/components/schemas/WebPage' + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1WebDetectionWebImage + description: >- + Fully matching images from the Internet. Can include resized copies + of the query image. + type: array visuallySimilarImages: - description: The visually similar image results. type: array items: - $ref: '#/components/schemas/WebImage' + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1WebDetectionWebImage + description: The visually similar image results. bestGuessLabels: description: >- The service's best guess as to the topic of the request image. Inferred from similar images on the open web. + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1WebDetectionWebLabel type: array + webEntities: + description: Deduced entities from similar images on the Internet. items: - $ref: '#/components/schemas/WebLabel' - WebEntity: - id: WebEntity - description: Entity deduced from similar images on the Internet. - type: object + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1WebDetectionWebEntity + type: array + pagesWithMatchingImages: + type: array + description: Web pages containing the matching images from the Internet. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1WebDetectionWebPage' + description: Relevant information for the image from the Internet. + InputConfig: properties: - entityId: - description: Opaque entity ID. - type: string - score: + content: description: >- - Overall relevancy score for the entity. Not normalized and not - comparable across different image queries. - type: number - format: float - description: - description: Canonical description of the entity, in English. - type: string - WebImage: - id: WebImage - description: Metadata for online images. - type: object - properties: - url: - description: The result image URL. - type: string - score: - description: (Deprecated) Overall relevancy score for the image. - type: number - format: float - WebPage: - id: WebPage - description: Metadata for web pages. - type: object - properties: - url: - description: The result web page URL. - type: string - score: - description: (Deprecated) Overall relevancy score for the web page. - type: number - format: float - pageTitle: - description: Title for the web page, may contain HTML markups. - type: string - fullMatchingImages: - description: >- - Fully matching images on the page. Can include resized copies of the - query image. - type: array - items: - $ref: '#/components/schemas/WebImage' - partialMatchingImages: - description: >- - Partial matching images on the page. Those images are similar enough - to share some key-point features. For example an original image will - likely have partial matching for its crops. - type: array - items: - $ref: '#/components/schemas/WebImage' - WebLabel: - id: WebLabel - description: Label to provide extra metadata for the web detection. - type: object - properties: - label: - description: Label for extra metadata. + File content, represented as a stream of bytes. Note: As with all + `bytes` fields, protobuffers use a pure binary representation, + whereas JSON representations use base64. Currently, this field only + works for BatchAnnotateFiles requests. It does not work for + AsyncBatchAnnotateFiles requests. + format: byte type: string - languageCode: + mimeType: description: >- - The BCP-47 language code for `label`, such as "en-US" or "sr-Latn". - For more information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + The type of the file. Currently only "application/pdf", "image/tiff" + and "image/gif" are supported. Wildcards are not supported. type: string - ProductSearchResults: - id: ProductSearchResults - description: Results for a product search request. + gcsSource: + $ref: '#/components/schemas/GcsSource' + description: The Google Cloud Storage location to read the input from. + type: object + id: InputConfig + description: The desired input location and metadata. + GoogleCloudVisionV1p3beta1CropHintsAnnotation: + id: GoogleCloudVisionV1p3beta1CropHintsAnnotation type: object properties: - indexTime: - description: >- - Timestamp of the index which provided these results. Products added - to the product set and products removed from the product set after - this time are not reflected in the current results. - type: string - format: google-datetime - results: - description: List of results, one for each product match. - type: array - items: - $ref: '#/components/schemas/Result' - productGroupedResults: - description: >- - List of results grouped by products detected in the query image. - Each entry corresponds to one bounding polygon in the query image, - and contains the matching products specific to that region. There - may be duplicate product matches in the union of all the per-product - results. + cropHints: type: array items: - $ref: '#/components/schemas/GroupedResult' - Result: - id: Result - description: Information about a product. - type: object - properties: - product: - description: The Product. - $ref: '#/components/schemas/Product' - score: - description: >- - A confidence level on the match, ranging from 0 (no confidence) to 1 - (full confidence). - type: number - format: float - image: - description: >- - The resource name of the image from the product that is the closest - match to the query. - type: string - GroupedResult: - id: GroupedResult + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1CropHint' + description: Crop hint results. description: >- - Information about the products similar to a single product in a query - image. + Set of crop hints that are used to generate new crops when serving + images. + GoogleCloudVisionV1p1beta1AnnotateFileResponse: type: object + description: >- + Response to a single file annotation request. A file may contain one or + more images, which individually have their own responses. + id: GoogleCloudVisionV1p1beta1AnnotateFileResponse properties: - boundingPoly: - description: The bounding polygon around the product detected in the query image. - $ref: '#/components/schemas/BoundingPoly' - results: - description: List of results, one for each product match. - type: array + error: + description: >- + If set, represents the error message for the failed request. The + `responses` field will not be set in this case. + $ref: '#/components/schemas/Status' + responses: items: - $ref: '#/components/schemas/Result' - objectAnnotations: - description: List of generic predictions for the object in the bounding box. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1AnnotateImageResponse + description: >- + Individual responses to images found within the file. This field + will be empty if the `error` field is set. type: array - items: - $ref: '#/components/schemas/ObjectAnnotation' - ObjectAnnotation: - id: ObjectAnnotation - description: Prediction for what the object in the bounding box is. + inputConfig: + description: Information about the file for which this response is generated. + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1InputConfig' + totalPages: + description: This field gives the total number of pages in the file. + type: integer + format: int32 + GoogleCloudVisionV1p4beta1LocalizedObjectAnnotation: type: object + id: GoogleCloudVisionV1p4beta1LocalizedObjectAnnotation properties: - mid: - description: Object ID that should align with EntityAnnotation mid. - type: string languageCode: description: >- The BCP-47 language code, such as "en-US" or "sr-Latn". For more @@ -1973,595 +1628,396 @@ components: name: description: Object name, expressed in its `language_code` language. type: string + boundingPoly: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' + description: Image region to which this object belongs. This must be populated. score: description: Score of the result. Range [0, 1]. - type: number format: float - ImageAnnotationContext: - id: ImageAnnotationContext + type: number + mid: + type: string + description: Object ID that should align with EntityAnnotation mid. + description: Set of detected objects with bounding boxes. + GoogleCloudVisionV1p4beta1ImageAnnotationContext: + id: GoogleCloudVisionV1p4beta1ImageAnnotationContext description: >- If an image was produced from a file (e.g. a PDF), this message gives information about the source of that image. type: object properties: - uri: - description: The URI of the file used to produce the image. - type: string pageNumber: description: >- If the file was a PDF or TIFF, this field gives the page number within the file used to produce the image. type: integer format: int32 - BatchAnnotateFilesRequest: - id: BatchAnnotateFilesRequest - description: A list of requests to annotate files using the BatchAnnotateFiles API. - type: object - properties: - requests: - description: >- - Required. The list of file annotation requests. Right now we support - only one AnnotateFileRequest in BatchAnnotateFilesRequest. - type: array - items: - $ref: '#/components/schemas/AnnotateFileRequest' - parent: - description: >- - Optional. Target project and location to make a call. Format: - `projects/{project-id}/locations/{location-id}`. If no parent is - specified, a region will be chosen automatically. Supported - location-ids: `us`: USA country only, `asia`: East asia areas, like - Japan, Taiwan, `eu`: The European Union. Example: - `projects/project-A/locations/eu`. + uri: type: string - labels: - description: >- - Optional. The labels with user-defined metadata for the request. - Label keys and values can be no longer than 63 characters (Unicode - codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. Label - values are optional. Label keys must start with a letter. - type: object - additionalProperties: - type: string - AnnotateFileRequest: - id: AnnotateFileRequest - description: A request to annotate one single file, e.g. a PDF, TIFF or GIF file. - type: object + description: The URI of the file used to produce the image. + GoogleCloudVisionV1p4beta1BoundingPoly: properties: - inputConfig: - description: Required. Information about the input file. - $ref: '#/components/schemas/InputConfig' - features: - description: Required. Requested features. - type: array + normalizedVertices: + description: The bounding polygon normalized vertices. items: - $ref: '#/components/schemas/Feature' - imageContext: - description: Additional context that may accompany the image(s) in the file. - $ref: '#/components/schemas/ImageContext' - pages: - description: >- - Pages of the file to perform image annotation. Pages starts from 1, - we assume the first page of the file is page 1. At most 5 pages are - supported per request. Pages can be negative. Page 1 means the first - page. Page 2 means the second page. Page -1 means the last page. - Page -2 means the second to the last page. If the file is GIF - instead of PDF or TIFF, page refers to GIF frames. If this field is - empty, by default the service performs image annotation for the - first 5 pages of the file. + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1NormalizedVertex' + type: array + vertices: type: array + description: The bounding polygon vertices. items: - type: integer - format: int32 - InputConfig: - id: InputConfig - description: The desired input location and metadata. + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Vertex' + id: GoogleCloudVisionV1p4beta1BoundingPoly type: object + description: A bounding polygon for the detected image annotation. + GoogleCloudVisionV1p4beta1LocationInfo: + description: Detected entity location information. properties: - gcsSource: - description: The Google Cloud Storage location to read the input from. - $ref: '#/components/schemas/GcsSource' - content: + latLng: + $ref: '#/components/schemas/LatLng' + description: lat/long location coordinates. + type: object + id: GoogleCloudVisionV1p4beta1LocationInfo + GoogleCloudVisionV1p3beta1Vertex: + id: GoogleCloudVisionV1p3beta1Vertex + type: object + properties: + x: + type: integer + format: int32 + description: X coordinate. + 'y': + type: integer + format: int32 + description: Y coordinate. + description: >- + A vertex represents a 2D point in the image. NOTE: the vertex + coordinates are in the same scale as the original image. + Operation: + id: Operation + description: >- + This resource represents a long-running operation that is the result of + a network API call. + type: object + properties: + response: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object description: >- - File content, represented as a stream of bytes. Note: As with all - `bytes` fields, protobuffers use a pure binary representation, - whereas JSON representations use base64. Currently, this field only - works for BatchAnnotateFiles requests. It does not work for - AsyncBatchAnnotateFiles requests. + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + name: type: string - format: byte - mimeType: description: >- - The type of the file. Currently only "application/pdf", "image/tiff" - and "image/gif" are supported. Wildcards are not supported. - type: string - GcsSource: - id: GcsSource - description: The Google Cloud Storage location where the input will be read from. + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + error: + $ref: '#/components/schemas/Status' + description: >- + The error result of the operation in case of failure or + cancellation. + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + ImportProductSetsInputConfig: + type: object + properties: + gcsSource: + $ref: '#/components/schemas/ImportProductSetsGcsSource' + description: >- + The Google Cloud Storage location for a csv file which preserves a + list of ImportProductSetRequests in each line. + id: ImportProductSetsInputConfig + description: The input content for the `ImportProductSets` method. + GoogleCloudVisionV1p2beta1Position: type: object + properties: + x: + format: float + type: number + description: X coordinate. + 'y': + format: float + description: Y coordinate. + type: number + z: + description: Z coordinate (or depth). + type: number + format: float + id: GoogleCloudVisionV1p2beta1Position + description: >- + A 3D position in the image, used primarily for Face detection landmarks. + A valid Position must have both x and y coordinates. The position + coordinates are in the same scale as the original image. + GoogleCloudVisionV1p4beta1GcsSource: properties: uri: description: >- Google Cloud Storage URI for the input file. This must only be a Google Cloud Storage object. Wildcards are not currently supported. type: string - BatchAnnotateFilesResponse: - id: BatchAnnotateFilesResponse - description: A list of file annotation responses. + description: The Google Cloud Storage location where the input will be read from. type: object + id: GoogleCloudVisionV1p4beta1GcsSource + Status: + id: Status + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). properties: - responses: + code: + type: integer + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + message: + type: string description: >- - The list of file annotation responses, each response corresponding - to each AnnotateFileRequest in BatchAnnotateFilesRequest. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + details: type: array items: - $ref: '#/components/schemas/AnnotateFileResponse' - AnnotateFileResponse: - id: AnnotateFileResponse + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: object + GoogleCloudVisionV1p4beta1ImportProductSetsResponse: description: >- - Response to a single file annotation request. A file may contain one or - more images, which individually have their own responses. + Response message for the `ImportProductSets` method. This message is + returned by the google.longrunning.Operations.GetOperation method in the + returned google.longrunning.Operation.response field. + id: GoogleCloudVisionV1p4beta1ImportProductSetsResponse + properties: + statuses: + description: >- + The rpc status for each ImportProductSet request, including both + successes and errors. The number of statuses here matches the number + of lines in the csv file, and statuses[i] stores the success or + failure status of processing the i-th line of the csv, starting from + line 0. + items: + $ref: '#/components/schemas/Status' + type: array + referenceImages: + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1ReferenceImage' + description: The list of reference_images that are imported successfully. + type: array type: object + GoogleCloudVisionV1p3beta1AnnotateFileResponse: properties: + totalPages: + type: integer + description: This field gives the total number of pages in the file. + format: int32 inputConfig: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1InputConfig' description: Information about the file for which this response is generated. - $ref: '#/components/schemas/InputConfig' responses: description: >- Individual responses to images found within the file. This field will be empty if the `error` field is set. - type: array items: - $ref: '#/components/schemas/AnnotateImageResponse' - totalPages: - description: This field gives the total number of pages in the file. - type: integer - format: int32 + $ref: >- + #/components/schemas/GoogleCloudVisionV1p3beta1AnnotateImageResponse + type: array error: description: >- If set, represents the error message for the failed request. The `responses` field will not be set in this case. $ref: '#/components/schemas/Status' - AsyncBatchAnnotateImagesRequest: - id: AsyncBatchAnnotateImagesRequest - description: Request for async image annotation for a list of images. + description: >- + Response to a single file annotation request. A file may contain one or + more images, which individually have their own responses. + id: GoogleCloudVisionV1p3beta1AnnotateFileResponse type: object - properties: - requests: - description: Required. Individual image annotation requests for this batch. - type: array - items: - $ref: '#/components/schemas/AnnotateImageRequest' - outputConfig: - description: Required. The desired output location and metadata (e.g. format). - $ref: '#/components/schemas/OutputConfig' - parent: - description: >- - Optional. Target project and location to make a call. Format: - `projects/{project-id}/locations/{location-id}`. If no parent is - specified, a region will be chosen automatically. Supported - location-ids: `us`: USA country only, `asia`: East asia areas, like - Japan, Taiwan, `eu`: The European Union. Example: - `projects/project-A/locations/eu`. - type: string - labels: - description: >- - Optional. The labels with user-defined metadata for the request. - Label keys and values can be no longer than 63 characters (Unicode - codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. Label - values are optional. Label keys must start with a letter. - type: object - additionalProperties: - type: string - OutputConfig: - id: OutputConfig - description: The desired output location and metadata. + ImportProductSetsGcsSource: + description: >- + The Google Cloud Storage location for a csv file which preserves a list + of ImportProductSetRequests in each line. + id: ImportProductSetsGcsSource type: object properties: - gcsDestination: - description: The Google Cloud Storage location to write the output(s) to. - $ref: '#/components/schemas/GcsDestination' - batchSize: + csvFileUri: + type: string description: >- - The max number of response protos to put into each output JSON file - on Google Cloud Storage. The valid range is [1, 100]. If not - specified, the default value is 20. For example, for one pdf file - with 100 pages, 100 response protos will be generated. If - `batch_size` = 20, then 5 json files each containing 20 response - protos will be written under the prefix `gcs_destination`.`uri`. - Currently, batch_size only applies to GcsDestination, with potential - future support for other output configurations. - type: integer - format: int32 - GcsDestination: - id: GcsDestination - description: The Google Cloud Storage location where the output will be written to. - type: object - properties: - uri: - description: >- - Google Cloud Storage URI prefix where the results will be stored. - Results will be in JSON format and preceded by its corresponding - input URI prefix. This field can either represent a gcs file prefix - or gcs directory. In either case, the uri should be unique because - in order to get all of the output files, you will need to do a - wildcard gcs search on the uri prefix you provide. Examples: * File - Prefix: gs://bucket-name/here/filenameprefix The output files will - be created in gs://bucket-name/here/ and the names of the output - files will begin with "filenameprefix". * Directory Prefix: - gs://bucket-name/some/location/ The output files will be created in - gs://bucket-name/some/location/ and the names of the output files - could be anything because there was no filename prefix specified. If - multiple outputs, each response is still AnnotateFileResponse, each - of which contains some subset of the full list of - AnnotateImageResponse. Multiple outputs can happen if, for example, - the output JSON is too large and overflows into multiple sharded - files. - type: string - AsyncBatchAnnotateFilesRequest: - id: AsyncBatchAnnotateFilesRequest - description: >- - Multiple async file annotation requests are batched into a single - service call. + The Google Cloud Storage URI of the input csv file. The URI must + start with `gs://`. The format of the input csv file should be one + image per line. In each line, there are 8 columns. 1. image-uri 2. + image-id 3. product-set-id 4. product-id 5. product-category 6. + product-display-name 7. labels 8. bounding-poly The `image-uri`, + `product-set-id`, `product-id`, and `product-category` columns are + required. All other columns are optional. If the `ProductSet` or + `Product` specified by the `product-set-id` and `product-id` values + does not exist, then the system will create a new `ProductSet` or + `Product` for the image. In this case, the `product-display-name` + column refers to display_name, the `product-category` column refers + to product_category, and the `labels` column refers to + product_labels. The `image-id` column is optional but must be unique + if provided. If it is empty, the system will automatically assign a + unique id to the image. The `product-display-name` column is + optional. If it is empty, the system sets the display_name field for + the product to a space (" "). You can update the `display_name` + later by using the API. If a `Product` with the specified + `product-id` already exists, then the system ignores the + `product-display-name`, `product-category`, and `labels` columns. + The `labels` column (optional) is a line containing a list of + comma-separated key-value pairs, in the following format: + "key_1=value_1,key_2=value_2,...,key_n=value_n" The `bounding-poly` + column (optional) identifies one region of interest from the image + in the same manner as `CreateReferenceImage`. If you do not specify + the `bounding-poly` column, then the system will try to detect + regions of interest automatically. At most one `bounding-poly` + column is allowed per line. If the image contains multiple regions + of interest, add a line to the CSV file that includes the same + product information, and the `bounding-poly` values for each region + of interest. The `bounding-poly` column must contain an even number + of comma-separated numbers, in the format + "p1_x,p1_y,p2_x,p2_y,...,pn_x,pn_y". Use non-negative integers for + absolute bounding polygons, and float values in [0, 1] for + normalized bounding polygons. The system will resize the image if + the image resolution is too large to process (larger than 20MP). + GoogleCloudVisionV1p1beta1Property: type: object properties: - requests: - description: Required. Individual async file annotation requests for this batch. - type: array - items: - $ref: '#/components/schemas/AsyncAnnotateFileRequest' - parent: - description: >- - Optional. Target project and location to make a call. Format: - `projects/{project-id}/locations/{location-id}`. If no parent is - specified, a region will be chosen automatically. Supported - location-ids: `us`: USA country only, `asia`: East asia areas, like - Japan, Taiwan, `eu`: The European Union. Example: - `projects/project-A/locations/eu`. + name: type: string - labels: - description: >- - Optional. The labels with user-defined metadata for the request. - Label keys and values can be no longer than 63 characters (Unicode - codepoints), can only contain lowercase letters, numeric characters, - underscores and dashes. International characters are allowed. Label - values are optional. Label keys must start with a letter. - type: object - additionalProperties: - type: string - AsyncAnnotateFileRequest: - id: AsyncAnnotateFileRequest - description: An offline file annotation request. + description: Name of the property. + uint64Value: + format: uint64 + type: string + description: Value of numeric properties. + value: + type: string + description: Value of the property. + description: A `Property` consists of a user-supplied name/value pair. + id: GoogleCloudVisionV1p1beta1Property + NormalizedVertex: + id: NormalizedVertex type: object + description: >- + A vertex represents a 2D point in the image. NOTE: the normalized vertex + coordinates are relative to the original image and range from 0 to 1. properties: - inputConfig: - description: Required. Information about the input file. - $ref: '#/components/schemas/InputConfig' - features: - description: Required. Requested features. - type: array - items: - $ref: '#/components/schemas/Feature' - imageContext: - description: Additional context that may accompany the image(s) in the file. - $ref: '#/components/schemas/ImageContext' - outputConfig: - description: Required. The desired output location and metadata (e.g. format). - $ref: '#/components/schemas/OutputConfig' - AsyncBatchAnnotateFilesResponse: - id: AsyncBatchAnnotateFilesResponse - description: Response to an async batch file annotation request. + x: + format: float + description: X coordinate. + type: number + 'y': + description: Y coordinate. + type: number + format: float + GoogleCloudVisionV1p4beta1Vertex: + id: GoogleCloudVisionV1p4beta1Vertex type: object + description: >- + A vertex represents a 2D point in the image. NOTE: the vertex + coordinates are in the same scale as the original image. properties: - responses: + 'y': + type: integer + format: int32 + description: Y coordinate. + x: + description: X coordinate. + type: integer + format: int32 + GoogleCloudVisionV1p3beta1WebDetectionWebPage: + type: object + properties: + fullMatchingImages: description: >- - The list of file annotation responses, one for each request in - AsyncBatchAnnotateFilesRequest. + Fully matching images on the page. Can include resized copies of the + query image. + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p3beta1WebDetectionWebImage type: array + pageTitle: + description: Title for the web page, may contain HTML markups. + type: string + url: + description: The result web page URL. + type: string + partialMatchingImages: items: - $ref: '#/components/schemas/AsyncAnnotateFileResponse' - AsyncAnnotateFileResponse: - id: AsyncAnnotateFileResponse - description: The response for a single offline file annotation request. - type: object - properties: - outputConfig: - description: The output location and metadata from AsyncAnnotateFileRequest. - $ref: '#/components/schemas/OutputConfig' - AsyncBatchAnnotateImagesResponse: - id: AsyncBatchAnnotateImagesResponse - description: Response to an async batch image annotation request. - type: object - properties: - outputConfig: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p3beta1WebDetectionWebImage + type: array description: >- - The output location and metadata from - AsyncBatchAnnotateImagesRequest. - $ref: '#/components/schemas/OutputConfig' - BatchOperationMetadata: - id: BatchOperationMetadata - description: >- - Metadata for the batch operations such as the current state. This is - included in the `metadata` field of the `Operation` returned by the - `GetOperation` call of the `google::longrunning::Operations` service. + Partial matching images on the page. Those images are similar enough + to share some key-point features. For example an original image will + likely have partial matching for its crops. + score: + format: float + type: number + description: (Deprecated) Overall relevancy score for the web page. + description: Metadata for web pages. + id: GoogleCloudVisionV1p3beta1WebDetectionWebPage + SafeSearchAnnotation: type: object + id: SafeSearchAnnotation + description: >- + Set of features pertaining to the image, computed by computer vision + methods over safe-search verticals (for example, adult, spoof, medical, + violence). properties: - state: - description: The current state of the batch operation. - type: string + racy: enumDescriptions: - - Invalid. - - Request is actively being processed. - - >- - The request is done and at least one item has been successfully - processed. - - The request is done and no item has been successfully processed. - - >- - The request is done after the - longrunning.Operations.CancelOperation has been called by the - user. Any records that were processed before the cancel command - are output as specified in the request. + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. enum: - - STATE_UNSPECIFIED - - PROCESSING - - SUCCESSFUL - - FAILED - - CANCELLED - submitTime: - description: The time when the batch request was submitted to the server. - type: string - format: google-datetime - endTime: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY description: >- - The time when the batch request is finished and - google.longrunning.Operation.done is set to true. + Likelihood that the request image contains racy content. Racy + content may include (but is not limited to) skimpy or sheer + clothing, strategically covered nudity, lewd or provocative poses, + or close-ups of sensitive body areas. type: string - format: google-datetime - ImportProductSetsResponse: - id: ImportProductSetsResponse - description: >- - Response message for the `ImportProductSets` method. This message is - returned by the google.longrunning.Operations.GetOperation method in the - returned google.longrunning.Operation.response field. - type: object - properties: - referenceImages: - description: The list of reference_images that are imported successfully. - type: array - items: - $ref: '#/components/schemas/ReferenceImage' - statuses: - description: >- - The rpc status for each ImportProductSet request, including both - successes and errors. The number of statuses here matches the number - of lines in the csv file, and statuses[i] stores the success or - failure status of processing the i-th line of the csv, starting from - line 0. - type: array - items: - $ref: '#/components/schemas/Status' - OperationMetadata: - id: OperationMetadata - description: Contains metadata for the BatchAnnotateImages operation. - type: object - properties: - state: - description: Current state of the batch operation. - type: string - enumDescriptions: - - Invalid. - - Request is received. - - Request is actively being processed. - - The batch processing is done. - - The batch processing was cancelled. - enum: - - STATE_UNSPECIFIED - - CREATED - - RUNNING - - DONE - - CANCELLED - createTime: - description: The time when the batch request was received. - type: string - format: google-datetime - updateTime: - description: The time when the operation result was last updated. - type: string - format: google-datetime - GoogleCloudVisionV1p1beta1AnnotateFileResponse: - id: GoogleCloudVisionV1p1beta1AnnotateFileResponse - description: >- - Response to a single file annotation request. A file may contain one or - more images, which individually have their own responses. - type: object - properties: - inputConfig: - description: Information about the file for which this response is generated. - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1InputConfig' - responses: - description: >- - Individual responses to images found within the file. This field - will be empty if the `error` field is set. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1AnnotateImageResponse - totalPages: - description: This field gives the total number of pages in the file. - type: integer - format: int32 - error: - description: >- - If set, represents the error message for the failed request. The - `responses` field will not be set in this case. - $ref: '#/components/schemas/Status' - GoogleCloudVisionV1p1beta1InputConfig: - id: GoogleCloudVisionV1p1beta1InputConfig - description: The desired input location and metadata. - type: object - properties: - gcsSource: - description: The Google Cloud Storage location to read the input from. - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1GcsSource' - content: - description: >- - File content, represented as a stream of bytes. Note: As with all - `bytes` fields, protobuffers use a pure binary representation, - whereas JSON representations use base64. Currently, this field only - works for BatchAnnotateFiles requests. It does not work for - AsyncBatchAnnotateFiles requests. - type: string - format: byte - mimeType: - description: >- - The type of the file. Currently only "application/pdf", "image/tiff" - and "image/gif" are supported. Wildcards are not supported. - type: string - GoogleCloudVisionV1p1beta1GcsSource: - id: GoogleCloudVisionV1p1beta1GcsSource - description: The Google Cloud Storage location where the input will be read from. - type: object - properties: - uri: - description: >- - Google Cloud Storage URI for the input file. This must only be a - Google Cloud Storage object. Wildcards are not currently supported. - type: string - GoogleCloudVisionV1p1beta1AnnotateImageResponse: - id: GoogleCloudVisionV1p1beta1AnnotateImageResponse - description: Response to an image annotation request. - type: object - properties: - faceAnnotations: - description: If present, face detection has completed successfully. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1FaceAnnotation' - landmarkAnnotations: - description: If present, landmark detection has completed successfully. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1EntityAnnotation' - logoAnnotations: - description: If present, logo detection has completed successfully. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1EntityAnnotation' - labelAnnotations: - description: If present, label detection has completed successfully. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1EntityAnnotation' - localizedObjectAnnotations: - description: >- - If present, localized object detection has completed successfully. - This will be sorted descending by confidence score. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1LocalizedObjectAnnotation - textAnnotations: - description: If present, text (OCR) detection has completed successfully. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1EntityAnnotation' - fullTextAnnotation: - description: >- - If present, text (OCR) detection or document (OCR) text detection - has completed successfully. This annotation provides the structural - hierarchy for the OCR detected text. - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1TextAnnotation' - safeSearchAnnotation: - description: If present, safe-search annotation has completed successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1SafeSearchAnnotation' - imagePropertiesAnnotation: - description: If present, image properties were extracted successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1ImageProperties' - cropHintsAnnotation: - description: If present, crop hints have completed successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1CropHintsAnnotation' - webDetection: - description: If present, web detection has completed successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1WebDetection' - productSearchResults: - description: If present, product search has completed successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1ProductSearchResults' - error: - description: >- - If set, represents the error message for the operation. Note that - filled-in image annotations are guaranteed to be correct, even when - `error` is set. - $ref: '#/components/schemas/Status' - context: - description: >- - If present, contextual information is needed to understand where - this image comes from. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1ImageAnnotationContext - GoogleCloudVisionV1p1beta1FaceAnnotation: - id: GoogleCloudVisionV1p1beta1FaceAnnotation - description: A face annotation object contains the results of face detection. - type: object - properties: - boundingPoly: - description: >- - The bounding polygon around the face. The coordinates of the - bounding box are in the original image's scale. The bounding box is - computed to "frame" the face in accordance with human expectations. - It is based on the landmarker results. Note that one or more x - and/or y coordinates may not be generated in the `BoundingPoly` (the - polygon will be unbounded) if only a partial face appears in the - image to be annotated. - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' - fdBoundingPoly: - description: >- - The `fd_bounding_poly` bounding polygon is tighter than the - `boundingPoly`, and encloses only the skin part of the face. - Typically, it is used to eliminate the face from any image analysis - that detects the "amount of skin" visible in an image. It is not - based on the landmarker results, only on the initial face detection, - hence the fd (face detection) prefix. - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' - landmarks: - description: Detected face landmarks. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1FaceAnnotationLandmark - rollAngle: - description: >- - Roll angle, which indicates the amount of clockwise/anti-clockwise - rotation of the face relative to the image vertical about the axis - perpendicular to the face. Range [-180,180]. - type: number - format: float - panAngle: - description: >- - Yaw angle, which indicates the leftward/rightward angle that the - face is pointing relative to the vertical plane perpendicular to the - image. Range [-180,180]. - type: number - format: float - tiltAngle: - description: >- - Pitch angle, which indicates the upwards/downwards angle that the - face is pointing relative to the image's horizontal plane. Range - [-180,180]. - type: number - format: float - detectionConfidence: - description: Detection confidence. Range [0, 1]. - type: number - format: float - landmarkingConfidence: - description: Face landmarking confidence. Range [0, 1]. - type: number - format: float - joyLikelihood: - description: Joy likelihood. + medical: type: string enumDescriptions: - Unknown likelihood. @@ -2570,6 +2026,7 @@ components: - It is possible. - It is likely. - It is very likely. + description: Likelihood that this is a medical image. enum: - UNKNOWN - VERY_UNLIKELY @@ -2577,16 +2034,8 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - sorrowLikelihood: - description: Sorrow likelihood. + spoof: type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. enum: - UNKNOWN - VERY_UNLIKELY @@ -2594,9 +2043,9 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - angerLikelihood: - description: Anger likelihood. - type: string + description: >- + Spoof likelihood. The likelihood that an modification was made to + the image's canonical version to make it appear funny or offensive. enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -2604,6 +2053,8 @@ components: - It is possible. - It is likely. - It is very likely. + adult: + type: string enum: - UNKNOWN - VERY_UNLIKELY @@ -2611,9 +2062,6 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - surpriseLikelihood: - description: Surprise likelihood. - type: string enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -2621,6 +2069,11 @@ components: - It is possible. - It is likely. - It is very likely. + description: >- + Represents the adult content likelihood for the image. Adult content + may contain elements such as nudity, pornographic images or + cartoons, or sexual activities. + violence: enum: - UNKNOWN - VERY_UNLIKELY @@ -2628,9 +2081,108 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - underExposedLikelihood: - description: Under-exposed likelihood. + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + type: string + description: >- + Likelihood that this image contains violent content. Violent content + may include death, serious harm, or injury to individuals or groups + of individuals. + GoogleCloudVisionV1p2beta1ProductSearchResultsObjectAnnotation: + description: Prediction for what the object in the bounding box is. + properties: + name: + type: string + description: Object name, expressed in its `language_code` language. + languageCode: + type: string + description: >- + The BCP-47 language code, such as "en-US" or "sr-Latn". For more + information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + score: + format: float + description: Score of the result. Range [0, 1]. + type: number + mid: + type: string + description: Object ID that should align with EntityAnnotation mid. + type: object + id: GoogleCloudVisionV1p2beta1ProductSearchResultsObjectAnnotation + AsyncAnnotateFileRequest: + properties: + inputConfig: + $ref: '#/components/schemas/InputConfig' + description: Required. Information about the input file. + imageContext: + $ref: '#/components/schemas/ImageContext' + description: Additional context that may accompany the image(s) in the file. + outputConfig: + description: Required. The desired output location and metadata (e.g. format). + $ref: '#/components/schemas/OutputConfig' + features: + description: Required. Requested features. + items: + $ref: '#/components/schemas/Feature' + type: array + type: object + id: AsyncAnnotateFileRequest + description: An offline file annotation request. + GoogleCloudVisionV1p2beta1TextAnnotationDetectedBreak: + properties: + type: + description: Detected break type. + enumDescriptions: + - Unknown break label type. + - Regular space. + - Sure space (very wide). + - Line-wrapping break. + - >- + End-line hyphen that is not present in text; does not co-occur + with `SPACE`, `LEADER_SPACE`, or `LINE_BREAK`. + - Line break that ends a paragraph. + type: string + enum: + - UNKNOWN + - SPACE + - SURE_SPACE + - EOL_SURE_SPACE + - HYPHEN + - LINE_BREAK + isPrefix: + description: True if break prepends the element. + type: boolean + type: object + id: GoogleCloudVisionV1p2beta1TextAnnotationDetectedBreak + description: Detected start or end of a structural component. + GoogleCloudVisionV1p2beta1SafeSearchAnnotation: + properties: + violence: type: string + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + description: >- + Likelihood that this image contains violent content. Violent content + may include death, serious harm, or injury to individuals or groups + of individuals. + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + adult: enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -2645,9 +2197,12 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - blurredLikelihood: - description: Blurred likelihood. + description: >- + Represents the adult content likelihood for the image. Adult content + may contain elements such as nudity, pornographic images or + cartoons, or sexual activities. type: string + racy: enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -2662,9 +2217,13 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - headwearLikelihood: - description: Headwear likelihood. type: string + description: >- + Likelihood that the request image contains racy content. Racy + content may include (but is not limited to) skimpy or sheer + clothing, strategically covered nudity, lewd or provocative poses, + or close-ups of sensitive body areas. + medical: enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -2672,6 +2231,8 @@ components: - It is possible. - It is likely. - It is very likely. + type: string + description: Likelihood that this is a medical image. enum: - UNKNOWN - VERY_UNLIKELY @@ -2679,101 +2240,148 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - GoogleCloudVisionV1p1beta1BoundingPoly: - id: GoogleCloudVisionV1p1beta1BoundingPoly - description: A bounding polygon for the detected image annotation. - type: object - properties: - vertices: - description: The bounding polygon vertices. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Vertex' - normalizedVertices: - description: The bounding polygon normalized vertices. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1NormalizedVertex' - GoogleCloudVisionV1p1beta1Vertex: - id: GoogleCloudVisionV1p1beta1Vertex + spoof: + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + description: >- + Spoof likelihood. The likelihood that an modification was made to + the image's canonical version to make it appear funny or offensive. + type: string + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + id: GoogleCloudVisionV1p2beta1SafeSearchAnnotation description: >- - A vertex represents a 2D point in the image. NOTE: the vertex - coordinates are in the same scale as the original image. + Set of features pertaining to the image, computed by computer vision + methods over safe-search verticals (for example, adult, spoof, medical, + violence). type: object - properties: - x: - description: X coordinate. - type: integer - format: int32 - 'y': - description: Y coordinate. - type: integer - format: int32 - GoogleCloudVisionV1p1beta1NormalizedVertex: - id: GoogleCloudVisionV1p1beta1NormalizedVertex - description: >- - A vertex represents a 2D point in the image. NOTE: the normalized vertex - coordinates are relative to the original image and range from 0 to 1. + GoogleCloudVisionV1p4beta1WebDetectionWebEntity: + description: Entity deduced from similar images on the Internet. type: object properties: - x: - description: X coordinate. - type: number - format: float - 'y': - description: Y coordinate. + entityId: + description: Opaque entity ID. + type: string + description: + description: Canonical description of the entity, in English. + type: string + score: type: number format: float - GoogleCloudVisionV1p1beta1FaceAnnotationLandmark: - id: GoogleCloudVisionV1p1beta1FaceAnnotationLandmark - description: >- - A face-specific landmark (for example, a face feature). Landmark - positions may fall outside the bounds of the image if the face is near - one or more edges of the image. Therefore it is NOT guaranteed that `0 - <= x < width` or `0 <= y < height`. + description: >- + Overall relevancy score for the entity. Not normalized and not + comparable across different image queries. + id: GoogleCloudVisionV1p4beta1WebDetectionWebEntity + BatchAnnotateImagesRequest: type: object + id: BatchAnnotateImagesRequest + description: >- + Multiple image annotation requests are batched into a single service + call. properties: - type: - description: Face landmark type. + requests: + description: Required. Individual image annotation requests for this batch. + type: array + items: + $ref: '#/components/schemas/AnnotateImageRequest' + parent: + description: >- + Optional. Target project and location to make a call. Format: + `projects/{project-id}/locations/{location-id}`. If no parent is + specified, a region will be chosen automatically. Supported + location-ids: `us`: USA country only, `asia`: East asia areas, like + Japan, Taiwan, `eu`: The European Union. Example: + `projects/project-A/locations/eu`. type: string - enumDescriptions: - - Unknown face landmark detected. Should not be filled. - - Left eye. - - Right eye. - - Left of left eyebrow. - - Right of left eyebrow. - - Left of right eyebrow. - - Right of right eyebrow. - - Midpoint between eyes. - - Nose tip. - - Upper lip. - - Lower lip. - - Mouth left. - - Mouth right. - - Mouth center. - - Nose, bottom right. - - Nose, bottom left. - - Nose, bottom center. - - Left eye, top boundary. - - Left eye, right corner. - - Left eye, bottom boundary. - - Left eye, left corner. - - Right eye, top boundary. - - Right eye, right corner. - - Right eye, bottom boundary. - - Right eye, left corner. - - Left eyebrow, upper midpoint. - - Right eyebrow, upper midpoint. - - Left ear tragion. - - Right ear tragion. - - Left eye pupil. - - Right eye pupil. - - Forehead glabella. - - Chin gnathion. - - Chin left gonion. - - Chin right gonion. - - Left cheek center. - - Right cheek center. + labels: + type: object + additionalProperties: + type: string + description: >- + Optional. The labels with user-defined metadata for the request. + Label keys and values can be no longer than 63 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. Label + values are optional. Label keys must start with a letter. + GoogleCloudVisionV1p2beta1LocalizedObjectAnnotation: + properties: + boundingPoly: + description: Image region to which this object belongs. This must be populated. + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' + mid: + type: string + description: Object ID that should align with EntityAnnotation mid. + name: + description: Object name, expressed in its `language_code` language. + type: string + languageCode: + description: >- + The BCP-47 language code, such as "en-US" or "sr-Latn". For more + information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + type: string + score: + format: float + description: Score of the result. Range [0, 1]. + type: number + id: GoogleCloudVisionV1p2beta1LocalizedObjectAnnotation + description: Set of detected objects with bounding boxes. + type: object + ProductSearchParams: + description: Parameters for a product search request. + properties: + productSet: + type: string + description: >- + The resource name of a ProductSet to be searched for similar images. + Format is: + `projects/PROJECT_ID/locations/LOC_ID/productSets/PRODUCT_SET_ID`. + productCategories: + type: array + description: >- + The list of product categories to search in. Currently, we only + consider the first category, and either "homegoods-v2", + "apparel-v2", "toys-v2", "packagedgoods-v1", or "general-v1" should + be specified. The legacy categories "homegoods", "apparel", and + "toys" are still supported but will be deprecated. For new products, + please use "homegoods-v2", "apparel-v2", or "toys-v2" for better + product search accuracy. It is recommended to migrate existing + products to these categories as well. + items: + type: string + boundingPoly: + description: >- + The bounding polygon around the area of interest in the image. If it + is not specified, system discretion will be applied. + $ref: '#/components/schemas/BoundingPoly' + filter: + description: >- + The filtering expression. This can be used to restrict search + results based on Product labels. We currently support an AND of OR + of key-value expressions, where each expression within an OR must + have the same key. An '=' should be used to connect the key and + value. For example, "(color = red OR color = blue) AND brand = + Google" is acceptable, but "(color = red OR brand = Google)" is not + acceptable. "color: red" is not acceptable because it uses a ':' + instead of an '='. + type: string + id: ProductSearchParams + type: object + GoogleCloudVisionV1p2beta1FaceAnnotationLandmark: + properties: + type: + type: string + description: Face landmark type. enum: - UNKNOWN_LANDMARK - LEFT_EYE @@ -2812,142 +2420,344 @@ components: - CHIN_RIGHT_GONION - LEFT_CHEEK_CENTER - RIGHT_CHEEK_CENTER + enumDescriptions: + - Unknown face landmark detected. Should not be filled. + - Left eye. + - Right eye. + - Left of left eyebrow. + - Right of left eyebrow. + - Left of right eyebrow. + - Right of right eyebrow. + - Midpoint between eyes. + - Nose tip. + - Upper lip. + - Lower lip. + - Mouth left. + - Mouth right. + - Mouth center. + - Nose, bottom right. + - Nose, bottom left. + - Nose, bottom center. + - Left eye, top boundary. + - Left eye, right corner. + - Left eye, bottom boundary. + - Left eye, left corner. + - Right eye, top boundary. + - Right eye, right corner. + - Right eye, bottom boundary. + - Right eye, left corner. + - Left eyebrow, upper midpoint. + - Right eyebrow, upper midpoint. + - Left ear tragion. + - Right ear tragion. + - Left eye pupil. + - Right eye pupil. + - Forehead glabella. + - Chin gnathion. + - Chin left gonion. + - Chin right gonion. + - Left cheek center. + - Right cheek center. position: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Position' description: Face landmark position. - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Position' - GoogleCloudVisionV1p1beta1Position: - id: GoogleCloudVisionV1p1beta1Position + type: object + id: GoogleCloudVisionV1p2beta1FaceAnnotationLandmark description: >- - A 3D position in the image, used primarily for Face detection landmarks. - A valid Position must have both x and y coordinates. The position - coordinates are in the same scale as the original image. + A face-specific landmark (for example, a face feature). Landmark + positions may fall outside the bounds of the image if the face is near + one or more edges of the image. Therefore it is NOT guaranteed that `0 + <= x < width` or `0 <= y < height`. + GoogleCloudVisionV1p4beta1Paragraph: type: object properties: - x: - description: X coordinate. - type: number - format: float - 'y': - description: Y coordinate. - type: number + property: + description: Additional information detected for the paragraph. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1TextAnnotationTextProperty + words: + description: List of all words in this paragraph. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Word' + type: array + boundingBox: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' + description: >- + The bounding box for the paragraph. The vertices are in the order of + top-left, top-right, bottom-right, bottom-left. When a rotation of + the bounding box is detected the rotation is represented as around + the top-left corner as defined when the text is read in the + 'natural' orientation. For example: * when the text is horizontal it + might look like: 0----1 | | 3----2 * when it's rotated 180 degrees + around the top-left corner it becomes: 2----3 | | 1----0 and the + vertex order will still be (0, 1, 2, 3). + confidence: format: float - z: - description: Z coordinate (or depth). type: number - format: float - GoogleCloudVisionV1p1beta1EntityAnnotation: - id: GoogleCloudVisionV1p1beta1EntityAnnotation - description: Set of detected entity features. - type: object + description: Confidence of the OCR results for the paragraph. Range [0, 1]. + id: GoogleCloudVisionV1p4beta1Paragraph + description: Structural unit of text representing a number of words in certain order. + Product: + description: A Product contains ReferenceImages. properties: - mid: - description: >- - Opaque entity ID. Some IDs may be available in [Google Knowledge - Graph Search API](https://developers.google.com/knowledge-graph/). + displayName: type: string - locale: description: >- - The language code for the locale in which the entity textual - `description` is expressed. + The user-provided name for this Product. Must not be empty. Must be + at most 4096 characters long. + productLabels: + type: array + description: >- + Key-value pairs that can be attached to a product. At query time, + constraints can be specified based on the product_labels. Note that + integer values can be provided as strings, e.g. "1199". Only strings + with integer values can match a range-based restriction which is to + be supported soon. Multiple values can be assigned to the same key. + One product may have up to 500 product_labels. Notice that the total + number of distinct product_labels over all products in one + ProductSet cannot exceed 1M, otherwise the product search pipeline + will refuse to work for that ProductSet. + items: + $ref: '#/components/schemas/KeyValue' + name: + description: >- + The resource name of the product. Format is: + `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID`. This + field is ignored when creating a product. type: string description: - description: Entity textual description, expressed in its `locale` language. + description: >- + User-provided metadata to be stored with this product. Must be at + most 4096 characters long. type: string - score: - description: Overall score of the result. Range [0, 1]. - type: number - format: float - confidence: + productCategory: description: >- - **Deprecated. Use `score` instead.** The accuracy of the entity - detection in an image. For example, for an image in which the - "Eiffel Tower" entity is detected, this field represents the - confidence that there is a tower in the query image. Range [0, 1]. - deprecated: true - type: number - format: float - topicality: + Immutable. The category for the product identified by the reference + image. This should be one of "homegoods-v2", "apparel-v2", + "toys-v2", "packagedgoods-v1" or "general-v1". The legacy categories + "homegoods", "apparel", and "toys" are still supported, but these + should not be used for new products. + type: string + type: object + id: Product + GoogleCloudVisionV1p4beta1BatchOperationMetadata: + type: object + id: GoogleCloudVisionV1p4beta1BatchOperationMetadata + description: >- + Metadata for the batch operations such as the current state. This is + included in the `metadata` field of the `Operation` returned by the + `GetOperation` call of the `google::longrunning::Operations` service. + properties: + submitTime: + format: google-datetime + type: string + description: The time when the batch request was submitted to the server. + endTime: description: >- - The relevancy of the ICA (Image Content Annotation) label to the - image. For example, the relevancy of "tower" is likely higher to an - image containing the detected "Eiffel Tower" than to an image - containing a detected distant towering building, even though the - confidence that there is a tower in each image may be the same. - Range [0, 1]. - type: number - format: float - boundingPoly: - description: >- - Image region to which this entity belongs. Not produced for - `LABEL_DETECTION` features. - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' - locations: - description: >- - The location information for the detected entity. Multiple - `LocationInfo` elements can be present because one location may - indicate the location of the scene in the image, and another - location may indicate the location of the place where the image was - taken. Location information is usually present for landmarks. - type: array + The time when the batch request is finished and + google.longrunning.Operation.done is set to true. + format: google-datetime + type: string + state: + type: string + enumDescriptions: + - Invalid. + - Request is actively being processed. + - >- + The request is done and at least one item has been successfully + processed. + - The request is done and no item has been successfully processed. + - >- + The request is done after the + longrunning.Operations.CancelOperation has been called by the + user. Any records that were processed before the cancel command + are output as specified in the request. + enum: + - STATE_UNSPECIFIED + - PROCESSING + - SUCCESSFUL + - FAILED + - CANCELLED + description: The current state of the batch operation. + ListProductSetsResponse: + description: Response message for the `ListProductSets` method. + properties: + productSets: + description: List of ProductSets. items: - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1LocationInfo' - properties: - description: >- - Some entities may have optional user-supplied `Property` - (name/value) fields, such a score or string that qualifies the - entity. + $ref: '#/components/schemas/ProductSet' type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Property' - GoogleCloudVisionV1p1beta1LocationInfo: - id: GoogleCloudVisionV1p1beta1LocationInfo - description: Detected entity location information. + nextPageToken: + description: >- + Token to retrieve the next page of results, or empty if there are no + more results in the list. + type: string type: object - properties: - latLng: - description: lat/long location coordinates. - $ref: '#/components/schemas/LatLng' - GoogleCloudVisionV1p1beta1Property: - id: GoogleCloudVisionV1p1beta1Property - description: A `Property` consists of a user-supplied name/value pair. + id: ListProductSetsResponse + GoogleCloudVisionV1p1beta1InputConfig: type: object + id: GoogleCloudVisionV1p1beta1InputConfig + description: The desired input location and metadata. properties: - name: - description: Name of the property. - type: string - value: - description: Value of the property. + content: + description: >- + File content, represented as a stream of bytes. Note: As with all + `bytes` fields, protobuffers use a pure binary representation, + whereas JSON representations use base64. Currently, this field only + works for BatchAnnotateFiles requests. It does not work for + AsyncBatchAnnotateFiles requests. type: string - uint64Value: - description: Value of numeric properties. + format: byte + mimeType: type: string - format: uint64 - GoogleCloudVisionV1p1beta1LocalizedObjectAnnotation: - id: GoogleCloudVisionV1p1beta1LocalizedObjectAnnotation - description: Set of detected objects with bounding boxes. + description: >- + The type of the file. Currently only "application/pdf", "image/tiff" + and "image/gif" are supported. Wildcards are not supported. + gcsSource: + description: The Google Cloud Storage location to read the input from. + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1GcsSource' + ColorInfo: + description: >- + Color information consists of RGB channels, score, and the fraction of + the image that the color occupies in the image. type: object properties: - mid: - description: Object ID that should align with EntityAnnotation mid. - type: string - languageCode: + pixelFraction: + format: float description: >- - The BCP-47 language code, such as "en-US" or "sr-Latn". For more - information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. - type: string - name: - description: Object name, expressed in its `language_code` language. + The fraction of pixels the color occupies in the image. Value in + range [0, 1]. + type: number + color: + $ref: '#/components/schemas/Color' + description: RGB components of the color. + score: + format: float + description: Image-specific score for this color. Value in range [0, 1]. + type: number + id: ColorInfo + GoogleCloudVisionV1p2beta1ProductSearchResultsResult: + id: GoogleCloudVisionV1p2beta1ProductSearchResultsResult + properties: + image: type: string + description: >- + The resource name of the image from the product that is the closest + match to the query. + product: + description: The Product. + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Product' score: - description: Score of the result. Range [0, 1]. type: number + description: >- + A confidence level on the match, ranging from 0 (no confidence) to 1 + (full confidence). format: float - boundingPoly: - description: Image region to which this object belongs. This must be populated. - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' + description: Information about a product. + type: object + Color: + type: object + description: >- + Represents a color in the RGBA color space. This representation is + designed for simplicity of conversion to and from color representations + in various languages over compactness. For example, the fields of this + representation can be trivially provided to the constructor of + `java.awt.Color` in Java; it can also be trivially provided to UIColor's + `+colorWithRed:green:blue:alpha` method in iOS; and, with just a little + work, it can be easily formatted into a CSS `rgba()` string in + JavaScript. This reference page doesn't have information about the + absolute color space that should be used to interpret the RGB value—for + example, sRGB, Adobe RGB, DCI-P3, and BT.2020. By default, applications + should assume the sRGB color space. When color equality needs to be + decided, implementations, unless documented otherwise, treat two colors + as equal if all their red, green, blue, and alpha values each differ by + at most `1e-5`. Example (Java): import com.google.type.Color; // ... + public static java.awt.Color fromProto(Color protocolor) { float alpha = + protocolor.hasAlpha() ? protocolor.getAlpha().getValue() : 1.0; return + new java.awt.Color( protocolor.getRed(), protocolor.getGreen(), + protocolor.getBlue(), alpha); } public static Color + toProto(java.awt.Color color) { float red = (float) color.getRed(); + float green = (float) color.getGreen(); float blue = (float) + color.getBlue(); float denominator = 255.0; Color.Builder resultBuilder + = Color .newBuilder() .setRed(red / denominator) .setGreen(green / + denominator) .setBlue(blue / denominator); int alpha = color.getAlpha(); + if (alpha != 255) { result.setAlpha( FloatValue .newBuilder() + .setValue(((float) alpha) / denominator) .build()); } return + resultBuilder.build(); } // ... Example (iOS / Obj-C): // ... static + UIColor* fromProto(Color* protocolor) { float red = [protocolor red]; + float green = [protocolor green]; float blue = [protocolor blue]; + FloatValue* alpha_wrapper = [protocolor alpha]; float alpha = 1.0; if + (alpha_wrapper != nil) { alpha = [alpha_wrapper value]; } return + [UIColor colorWithRed:red green:green blue:blue alpha:alpha]; } static + Color* toProto(UIColor* color) { CGFloat red, green, blue, alpha; if + (![color getRed:&red green:&green blue:&blue alpha:&alpha]) { return + nil; } Color* result = [[Color alloc] init]; [result setRed:red]; + [result setGreen:green]; [result setBlue:blue]; if (alpha <= 0.9999) { + [result setAlpha:floatWrapperWithValue(alpha)]; } [result autorelease]; + return result; } // ... Example (JavaScript): // ... var protoToCssColor + = function(rgb_color) { var redFrac = rgb_color.red || 0.0; var + greenFrac = rgb_color.green || 0.0; var blueFrac = rgb_color.blue || + 0.0; var red = Math.floor(redFrac * 255); var green = + Math.floor(greenFrac * 255); var blue = Math.floor(blueFrac * 255); if + (!('alpha' in rgb_color)) { return rgbToCssColor(red, green, blue); } + var alphaFrac = rgb_color.alpha.value || 0.0; var rgbParams = [red, + green, blue].join(','); return ['rgba(', rgbParams, ',', alphaFrac, + ')'].join(''); }; var rgbToCssColor = function(red, green, blue) { var + rgbNumber = new Number((red << 16) | (green << 8) | blue); var hexString + = rgbNumber.toString(16); var missingZeros = 6 - hexString.length; var + resultBuilder = ['#']; for (var i = 0; i < missingZeros; i++) { + resultBuilder.push('0'); } resultBuilder.push(hexString); return + resultBuilder.join(''); }; // ... + properties: + red: + description: The amount of red in the color as a value in the interval [0, 1]. + format: float + type: number + green: + format: float + description: The amount of green in the color as a value in the interval [0, 1]. + type: number + alpha: + description: >- + The fraction of this color that should be applied to the pixel. That + is, the final pixel color is defined by the equation: `pixel color = + alpha * (this color) + (1.0 - alpha) * (background color)` This + means that a value of 1.0 corresponds to a solid color, whereas a + value of 0.0 corresponds to a completely transparent color. This + uses a wrapper message rather than a simple float scalar so that it + is possible to distinguish between a default value and the value + being unset. If omitted, this color object is rendered as a solid + color (as if the alpha value had been explicitly given a value of + 1.0). + format: float + type: number + blue: + description: The amount of blue in the color as a value in the interval [0, 1]. + type: number + format: float + id: Color + GoogleCloudVisionV1p1beta1DominantColorsAnnotation: + description: Set of dominant colors and their corresponding scores. + type: object + properties: + colors: + description: RGB color values with their score and pixel fraction. + type: array + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1ColorInfo' + id: GoogleCloudVisionV1p1beta1DominantColorsAnnotation GoogleCloudVisionV1p1beta1TextAnnotation: id: GoogleCloudVisionV1p1beta1TextAnnotation + type: object + properties: + pages: + type: array + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Page' + description: List of pages detected by OCR. + text: + type: string + description: UTF-8 text detected on the pages. description: >- TextAnnotation contains a structured representation of OCR extracted text. The hierarchy of an OCR extracted text structure is like this: @@ -2956,257 +2766,149 @@ components: properties. Properties describe detected languages, breaks etc.. Please refer to the TextAnnotation.TextProperty message definition below for more detail. + GoogleCloudVisionV1p1beta1ColorInfo: + description: >- + Color information consists of RGB channels, score, and the fraction of + the image that the color occupies in the image. type: object properties: - pages: - description: List of pages detected by OCR. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Page' - text: - description: UTF-8 text detected on the pages. - type: string - GoogleCloudVisionV1p1beta1Page: - id: GoogleCloudVisionV1p1beta1Page - description: Detected page from OCR. + pixelFraction: + format: float + description: >- + The fraction of pixels the color occupies in the image. Value in + range [0, 1]. + type: number + score: + type: number + description: Image-specific score for this color. Value in range [0, 1]. + format: float + color: + $ref: '#/components/schemas/Color' + description: RGB components of the color. + id: GoogleCloudVisionV1p1beta1ColorInfo + GoogleCloudVisionV1p4beta1FaceRecognitionResult: + id: GoogleCloudVisionV1p4beta1FaceRecognitionResult + description: Information about a face's identity. type: object properties: - property: - description: Additional information detected on the page. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1TextAnnotationTextProperty - width: - description: >- - Page width. For PDFs the unit is points. For images (including - TIFFs) the unit is pixels. - type: integer - format: int32 - height: - description: >- - Page height. For PDFs the unit is points. For images (including - TIFFs) the unit is pixels. - type: integer - format: int32 - blocks: - description: List of blocks of text, images etc on this page. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Block' + celebrity: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Celebrity' + description: The Celebrity that this face was matched to. confidence: - description: Confidence of the OCR results on the page. Range [0, 1]. + description: Recognition confidence. Range [0, 1]. type: number format: float - GoogleCloudVisionV1p1beta1TextAnnotationTextProperty: - id: GoogleCloudVisionV1p1beta1TextAnnotationTextProperty - description: Additional information detected on the structural component. + GoogleCloudVisionV1p3beta1Property: + description: A `Property` consists of a user-supplied name/value pair. + properties: + uint64Value: + description: Value of numeric properties. + type: string + format: uint64 + name: + description: Name of the property. + type: string + value: + description: Value of the property. + type: string type: object + id: GoogleCloudVisionV1p3beta1Property + AsyncBatchAnnotateImagesResponse: properties: - detectedLanguages: - description: A list of detected languages together with confidence. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1TextAnnotationDetectedLanguage - detectedBreak: - description: Detected start or end of a text segment. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1TextAnnotationDetectedBreak - GoogleCloudVisionV1p1beta1TextAnnotationDetectedLanguage: - id: GoogleCloudVisionV1p1beta1TextAnnotationDetectedLanguage - description: Detected language for a structural component. + outputConfig: + $ref: '#/components/schemas/OutputConfig' + description: >- + The output location and metadata from + AsyncBatchAnnotateImagesRequest. + description: Response to an async batch image annotation request. + id: AsyncBatchAnnotateImagesResponse + type: object + GoogleCloudVisionV1p1beta1GcsDestination: + id: GoogleCloudVisionV1p1beta1GcsDestination type: object properties: - languageCode: + uri: description: >- - The BCP-47 language code, such as "en-US" or "sr-Latn". For more - information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + Google Cloud Storage URI prefix where the results will be stored. + Results will be in JSON format and preceded by its corresponding + input URI prefix. This field can either represent a gcs file prefix + or gcs directory. In either case, the uri should be unique because + in order to get all of the output files, you will need to do a + wildcard gcs search on the uri prefix you provide. Examples: * File + Prefix: gs://bucket-name/here/filenameprefix The output files will + be created in gs://bucket-name/here/ and the names of the output + files will begin with "filenameprefix". * Directory Prefix: + gs://bucket-name/some/location/ The output files will be created in + gs://bucket-name/some/location/ and the names of the output files + could be anything because there was no filename prefix specified. If + multiple outputs, each response is still AnnotateFileResponse, each + of which contains some subset of the full list of + AnnotateImageResponse. Multiple outputs can happen if, for example, + the output JSON is too large and overflows into multiple sharded + files. type: string - confidence: - description: Confidence of detected language. Range [0, 1]. - type: number - format: float - GoogleCloudVisionV1p1beta1TextAnnotationDetectedBreak: - id: GoogleCloudVisionV1p1beta1TextAnnotationDetectedBreak - description: Detected start or end of a structural component. + description: The Google Cloud Storage location where the output will be written to. + FaceAnnotation: type: object + description: A face annotation object contains the results of face detection. properties: - type: - description: Detected break type. - type: string - enumDescriptions: - - Unknown break label type. - - Regular space. - - Sure space (very wide). - - Line-wrapping break. - - >- - End-line hyphen that is not present in text; does not co-occur - with `SPACE`, `LEADER_SPACE`, or `LINE_BREAK`. - - Line break that ends a paragraph. + joyLikelihood: enum: - UNKNOWN - - SPACE - - SURE_SPACE - - EOL_SURE_SPACE - - HYPHEN - - LINE_BREAK - isPrefix: - description: True if break prepends the element. - type: boolean - GoogleCloudVisionV1p1beta1Block: - id: GoogleCloudVisionV1p1beta1Block - description: Logical element on the page. - type: object - properties: - property: - description: Additional information detected for the block. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1TextAnnotationTextProperty - boundingBox: - description: >- - The bounding box for the block. The vertices are in the order of - top-left, top-right, bottom-right, bottom-left. When a rotation of - the bounding box is detected the rotation is represented as around - the top-left corner as defined when the text is read in the - 'natural' orientation. For example: * when the text is horizontal it - might look like: 0----1 | | 3----2 * when it's rotated 180 degrees - around the top-left corner it becomes: 2----3 | | 1----0 and the - vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' - paragraphs: - description: List of paragraphs in this block (if this blocks is of type text). - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Paragraph' - blockType: - description: Detected block type (text, image etc) for this block. + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + description: Joy likelihood. type: string + angerLikelihood: enumDescriptions: - - Unknown block type. - - Regular text block. - - Table block. - - Image block. - - Horizontal/vertical line box. - - Barcode block. + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. enum: - UNKNOWN - - TEXT - - TABLE - - PICTURE - - RULER - - BARCODE - confidence: - description: Confidence of the OCR results on the block. Range [0, 1]. - type: number - format: float - GoogleCloudVisionV1p1beta1Paragraph: - id: GoogleCloudVisionV1p1beta1Paragraph - description: Structural unit of text representing a number of words in certain order. - type: object - properties: - property: - description: Additional information detected for the paragraph. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1TextAnnotationTextProperty - boundingBox: + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + description: Anger likelihood. + type: string + boundingPoly: + $ref: '#/components/schemas/BoundingPoly' description: >- - The bounding box for the paragraph. The vertices are in the order of - top-left, top-right, bottom-right, bottom-left. When a rotation of - the bounding box is detected the rotation is represented as around - the top-left corner as defined when the text is read in the - 'natural' orientation. For example: * when the text is horizontal it - might look like: 0----1 | | 3----2 * when it's rotated 180 degrees - around the top-left corner it becomes: 2----3 | | 1----0 and the - vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' - words: - description: List of all words in this paragraph. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Word' - confidence: - description: Confidence of the OCR results for the paragraph. Range [0, 1]. + The bounding polygon around the face. The coordinates of the + bounding box are in the original image's scale. The bounding box is + computed to "frame" the face in accordance with human expectations. + It is based on the landmarker results. Note that one or more x + and/or y coordinates may not be generated in the `BoundingPoly` (the + polygon will be unbounded) if only a partial face appears in the + image to be annotated. + panAngle: + description: >- + Yaw angle, which indicates the leftward/rightward angle that the + face is pointing relative to the vertical plane perpendicular to the + image. Range [-180,180]. + format: float type: number + landmarkingConfidence: format: float - GoogleCloudVisionV1p1beta1Word: - id: GoogleCloudVisionV1p1beta1Word - description: A word representation. - type: object - properties: - property: - description: Additional information detected for the word. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1TextAnnotationTextProperty - boundingBox: - description: >- - The bounding box for the word. The vertices are in the order of - top-left, top-right, bottom-right, bottom-left. When a rotation of - the bounding box is detected the rotation is represented as around - the top-left corner as defined when the text is read in the - 'natural' orientation. For example: * when the text is horizontal it - might look like: 0----1 | | 3----2 * when it's rotated 180 degrees - around the top-left corner it becomes: 2----3 | | 1----0 and the - vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' - symbols: - description: >- - List of symbols in the word. The order of the symbols follows the - natural reading order. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Symbol' - confidence: - description: Confidence of the OCR results for the word. Range [0, 1]. - type: number - format: float - GoogleCloudVisionV1p1beta1Symbol: - id: GoogleCloudVisionV1p1beta1Symbol - description: A single symbol representation. - type: object - properties: - property: - description: Additional information detected for the symbol. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1TextAnnotationTextProperty - boundingBox: - description: >- - The bounding box for the symbol. The vertices are in the order of - top-left, top-right, bottom-right, bottom-left. When a rotation of - the bounding box is detected the rotation is represented as around - the top-left corner as defined when the text is read in the - 'natural' orientation. For example: * when the text is horizontal it - might look like: 0----1 | | 3----2 * when it's rotated 180 degrees - around the top-left corner it becomes: 2----3 | | 1----0 and the - vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' - text: - description: The actual UTF-8 representation of the symbol. - type: string - confidence: - description: Confidence of the OCR results for the symbol. Range [0, 1]. + description: Face landmarking confidence. Range [0, 1]. type: number - format: float - GoogleCloudVisionV1p1beta1SafeSearchAnnotation: - id: GoogleCloudVisionV1p1beta1SafeSearchAnnotation - description: >- - Set of features pertaining to the image, computed by computer vision - methods over safe-search verticals (for example, adult, spoof, medical, - violence). - type: object - properties: - adult: - description: >- - Represents the adult content likelihood for the image. Adult content - may contain elements such as nudity, pornographic images or - cartoons, or sexual activities. - type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. + surpriseLikelihood: + description: Surprise likelihood. enum: - UNKNOWN - VERY_UNLIKELY @@ -3214,10 +2916,6 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - spoof: - description: >- - Spoof likelihood. The likelihood that an modification was made to - the image's canonical version to make it appear funny or offensive. type: string enumDescriptions: - Unknown likelihood. @@ -3226,6 +2924,8 @@ components: - It is possible. - It is likely. - It is very likely. + underExposedLikelihood: + description: Under-exposed likelihood. enum: - UNKNOWN - VERY_UNLIKELY @@ -3233,9 +2933,6 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - medical: - description: Likelihood that this is a medical image. - type: string enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -3243,6 +2940,9 @@ components: - It is possible. - It is likely. - It is very likely. + type: string + headwearLikelihood: + type: string enum: - UNKNOWN - VERY_UNLIKELY @@ -3250,12 +2950,7 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - violence: - description: >- - Likelihood that this image contains violent content. Violent content - may include death, serious harm, or injury to individuals or groups - of individuals. - type: string + description: Headwear likelihood. enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -3263,6 +2958,16 @@ components: - It is possible. - It is likely. - It is very likely. + rollAngle: + format: float + type: number + description: >- + Roll angle, which indicates the amount of clockwise/anti-clockwise + rotation of the face relative to the image vertical about the axis + perpendicular to the face. Range [-180,180]. + sorrowLikelihood: + description: Sorrow likelihood. + type: string enum: - UNKNOWN - VERY_UNLIKELY @@ -3270,13 +2975,35 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - racy: + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + tiltAngle: + type: number description: >- - Likelihood that the request image contains racy content. Racy - content may include (but is not limited to) skimpy or sheer - clothing, strategically covered nudity, lewd or provocative poses, - or close-ups of sensitive body areas. - type: string + Pitch angle, which indicates the upwards/downwards angle that the + face is pointing relative to the image's horizontal plane. Range + [-180,180]. + format: float + landmarks: + items: + $ref: '#/components/schemas/Landmark' + type: array + description: Detected face landmarks. + fdBoundingPoly: + $ref: '#/components/schemas/BoundingPoly' + description: >- + The `fd_bounding_poly` bounding polygon is tighter than the + `boundingPoly`, and encloses only the skin part of the face. + Typically, it is used to eliminate the face from any image analysis + that detects the "amount of skin" visible in an image. It is not + based on the landmarker results, only on the initial face detection, + hence the fd (face detection) prefix. + blurredLikelihood: enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -3291,178 +3018,93 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - GoogleCloudVisionV1p1beta1ImageProperties: - id: GoogleCloudVisionV1p1beta1ImageProperties - description: Stores image properties, such as dominant colors. - type: object - properties: - dominantColors: - description: If present, dominant colors completed successfully. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1DominantColorsAnnotation - GoogleCloudVisionV1p1beta1DominantColorsAnnotation: - id: GoogleCloudVisionV1p1beta1DominantColorsAnnotation - description: Set of dominant colors and their corresponding scores. - type: object - properties: - colors: - description: RGB color values with their score and pixel fraction. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1ColorInfo' - GoogleCloudVisionV1p1beta1ColorInfo: - id: GoogleCloudVisionV1p1beta1ColorInfo - description: >- - Color information consists of RGB channels, score, and the fraction of - the image that the color occupies in the image. - type: object - properties: - color: - description: RGB components of the color. - $ref: '#/components/schemas/Color' - score: - description: Image-specific score for this color. Value in range [0, 1]. - type: number - format: float - pixelFraction: - description: >- - The fraction of pixels the color occupies in the image. Value in - range [0, 1]. + type: string + description: Blurred likelihood. + detectionConfidence: + description: Detection confidence. Range [0, 1]. type: number format: float - GoogleCloudVisionV1p1beta1CropHintsAnnotation: - id: GoogleCloudVisionV1p1beta1CropHintsAnnotation - description: >- - Set of crop hints that are used to generate new crops when serving - images. + id: FaceAnnotation + LocationInfo: type: object + description: Detected entity location information. properties: - cropHints: - description: Crop hint results. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1CropHint' - GoogleCloudVisionV1p1beta1CropHint: - id: GoogleCloudVisionV1p1beta1CropHint + latLng: + $ref: '#/components/schemas/LatLng' + description: lat/long location coordinates. + id: LocationInfo + GoogleCloudVisionV1p3beta1CropHint: description: >- Single crop hint that is used to generate a new crop when serving an image. - type: object properties: + importanceFraction: + format: float + description: >- + Fraction of importance of this salient region with respect to the + original image. + type: number boundingPoly: description: >- The bounding polygon for the crop region. The coordinates of the bounding box are in the original image's scale. - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' confidence: description: Confidence of this being a salient region. Range [0, 1]. - type: number format: float - importanceFraction: - description: >- - Fraction of importance of this salient region with respect to the - original image. type: number - format: float - GoogleCloudVisionV1p1beta1WebDetection: - id: GoogleCloudVisionV1p1beta1WebDetection - description: Relevant information for the image from the Internet. type: object + id: GoogleCloudVisionV1p3beta1CropHint + GoogleCloudVisionV1p3beta1BoundingPoly: properties: - webEntities: - description: Deduced entities from similar images on the Internet. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1WebDetectionWebEntity - fullMatchingImages: - description: >- - Fully matching images from the Internet. Can include resized copies - of the query image. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1WebDetectionWebImage - partialMatchingImages: - description: >- - Partial matching images from the Internet. Those images are similar - enough to share some key-point features. For example an original - image will likely have partial matching for its crops. - type: array + normalizedVertices: items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1WebDetectionWebImage - pagesWithMatchingImages: - description: Web pages containing the matching images from the Internet. + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1NormalizedVertex' type: array + description: The bounding polygon normalized vertices. + vertices: + description: The bounding polygon vertices. items: - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1WebDetectionWebPage' - visuallySimilarImages: - description: The visually similar image results. + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Vertex' type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1WebDetectionWebImage - bestGuessLabels: - description: >- - The service's best guess as to the topic of the request image. - Inferred from similar images on the open web. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1WebDetectionWebLabel - GoogleCloudVisionV1p1beta1WebDetectionWebEntity: - id: GoogleCloudVisionV1p1beta1WebDetectionWebEntity - description: Entity deduced from similar images on the Internet. + description: A bounding polygon for the detected image annotation. + id: GoogleCloudVisionV1p3beta1BoundingPoly type: object + KeyValue: properties: - entityId: - description: Opaque entity ID. + key: + description: >- + The key of the label attached to the product. Cannot be empty and + cannot exceed 128 bytes. type: string - score: + value: description: >- - Overall relevancy score for the entity. Not normalized and not - comparable across different image queries. - type: number - format: float - description: - description: Canonical description of the entity, in English. + The value of the label attached to the product. Cannot be empty and + cannot exceed 128 bytes. type: string - GoogleCloudVisionV1p1beta1WebDetectionWebImage: - id: GoogleCloudVisionV1p1beta1WebDetectionWebImage - description: Metadata for online images. type: object + id: KeyValue + description: A product label represented as a key-value pair. + GoogleCloudVisionV1p2beta1WebDetectionWebPage: properties: - url: - description: The result image URL. - type: string score: - description: (Deprecated) Overall relevancy score for the image. - type: number format: float - GoogleCloudVisionV1p1beta1WebDetectionWebPage: - id: GoogleCloudVisionV1p1beta1WebDetectionWebPage - description: Metadata for web pages. - type: object - properties: - url: - description: The result web page URL. - type: string - score: - description: (Deprecated) Overall relevancy score for the web page. type: number - format: float - pageTitle: - description: Title for the web page, may contain HTML markups. - type: string + description: (Deprecated) Overall relevancy score for the web page. fullMatchingImages: + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1WebDetectionWebImage description: >- Fully matching images on the page. Can include resized copies of the query image. type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1WebDetectionWebImage + url: + description: The result web page URL. + type: string + pageTitle: + description: Title for the web page, may contain HTML markups. + type: string partialMatchingImages: description: >- Partial matching images on the page. Those images are similar enough @@ -3471,39 +3113,117 @@ components: type: array items: $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1WebDetectionWebImage - GoogleCloudVisionV1p1beta1WebDetectionWebLabel: - id: GoogleCloudVisionV1p1beta1WebDetectionWebLabel - description: Label to provide extra metadata for the web detection. + #/components/schemas/GoogleCloudVisionV1p2beta1WebDetectionWebImage + description: Metadata for web pages. type: object + id: GoogleCloudVisionV1p2beta1WebDetectionWebPage + GoogleCloudVisionV1p4beta1Symbol: properties: - label: - description: Label for extra metadata. + property: + description: Additional information detected for the symbol. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1TextAnnotationTextProperty + confidence: + type: number + description: Confidence of the OCR results for the symbol. Range [0, 1]. + format: float + boundingBox: + description: >- + The bounding box for the symbol. The vertices are in the order of + top-left, top-right, bottom-right, bottom-left. When a rotation of + the bounding box is detected the rotation is represented as around + the top-left corner as defined when the text is read in the + 'natural' orientation. For example: * when the text is horizontal it + might look like: 0----1 | | 3----2 * when it's rotated 180 degrees + around the top-left corner it becomes: 2----3 | | 1----0 and the + vertex order will still be (0, 1, 2, 3). + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' + text: type: string - languageCode: + description: The actual UTF-8 representation of the symbol. + description: A single symbol representation. + id: GoogleCloudVisionV1p4beta1Symbol + type: object + GoogleCloudVisionV1p1beta1ImageAnnotationContext: + description: >- + If an image was produced from a file (e.g. a PDF), this message gives + information about the source of that image. + type: object + properties: + uri: + description: The URI of the file used to produce the image. + type: string + pageNumber: + type: integer description: >- - The BCP-47 language code for `label`, such as "en-US" or "sr-Latn". - For more information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + If the file was a PDF or TIFF, this field gives the page number + within the file used to produce the image. + format: int32 + id: GoogleCloudVisionV1p1beta1ImageAnnotationContext + GoogleCloudVisionV1p1beta1CropHint: + type: object + id: GoogleCloudVisionV1p1beta1CropHint + properties: + importanceFraction: + description: >- + Fraction of importance of this salient region with respect to the + original image. + type: number + format: float + boundingPoly: + description: >- + The bounding polygon for the crop region. The coordinates of the + bounding box are in the original image's scale. + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' + confidence: + format: float + type: number + description: Confidence of this being a salient region. Range [0, 1]. + description: >- + Single crop hint that is used to generate a new crop when serving an + image. + GoogleCloudVisionV1p1beta1ImageProperties: + type: object + properties: + dominantColors: + description: If present, dominant colors completed successfully. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1DominantColorsAnnotation + id: GoogleCloudVisionV1p1beta1ImageProperties + description: Stores image properties, such as dominant colors. + GoogleCloudVisionV1p2beta1WebDetectionWebEntity: + description: Entity deduced from similar images on the Internet. + id: GoogleCloudVisionV1p2beta1WebDetectionWebEntity + properties: + description: + description: Canonical description of the entity, in English. + type: string + score: + type: number + description: >- + Overall relevancy score for the entity. Not normalized and not + comparable across different image queries. + format: float + entityId: + description: Opaque entity ID. type: string - GoogleCloudVisionV1p1beta1ProductSearchResults: - id: GoogleCloudVisionV1p1beta1ProductSearchResults - description: Results for a product search request. type: object + ProductSearchResults: + description: Results for a product search request. + id: ProductSearchResults properties: indexTime: description: >- Timestamp of the index which provided these results. Products added to the product set and products removed from the product set after this time are not reflected in the current results. - type: string format: google-datetime + type: string results: description: List of results, one for each product match. type: array items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1ProductSearchResultsResult + $ref: '#/components/schemas/Result' productGroupedResults: description: >- List of results grouped by products detected in the query image. @@ -3511,176 +3231,161 @@ components: and contains the matching products specific to that region. There may be duplicate product matches in the union of all the per-product results. - type: array items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1ProductSearchResultsGroupedResult - GoogleCloudVisionV1p1beta1ProductSearchResultsResult: - id: GoogleCloudVisionV1p1beta1ProductSearchResultsResult - description: Information about a product. + $ref: '#/components/schemas/GroupedResult' + type: array type: object + EntityAnnotation: + description: Set of detected entity features. + id: EntityAnnotation properties: - product: - description: The Product. - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Product' - score: + locations: + type: array description: >- - A confidence level on the match, ranging from 0 (no confidence) to 1 - (full confidence). - type: number - format: float - image: + The location information for the detected entity. Multiple + `LocationInfo` elements can be present because one location may + indicate the location of the scene in the image, and another + location may indicate the location of the place where the image was + taken. Location information is usually present for landmarks. + items: + $ref: '#/components/schemas/LocationInfo' + mid: description: >- - The resource name of the image from the product that is the closest - match to the query. + Opaque entity ID. Some IDs may be available in [Google Knowledge + Graph Search API](https://developers.google.com/knowledge-graph/). type: string - GoogleCloudVisionV1p1beta1Product: - id: GoogleCloudVisionV1p1beta1Product - description: A Product contains ReferenceImages. - type: object - properties: - name: + properties: description: >- - The resource name of the product. Format is: - `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID`. This - field is ignored when creating a product. + Some entities may have optional user-supplied `Property` + (name/value) fields, such a score or string that qualifies the + entity. + items: + $ref: '#/components/schemas/Property' + type: array + locale: type: string - displayName: description: >- - The user-provided name for this Product. Must not be empty. Must be - at most 4096 characters long. - type: string + The language code for the locale in which the entity textual + `description` is expressed. + score: + description: Overall score of the result. Range [0, 1]. + format: float + type: number description: - description: >- - User-provided metadata to be stored with this product. Must be at - most 4096 characters long. - type: string - productCategory: - description: >- - Immutable. The category for the product identified by the reference - image. This should be one of "homegoods-v2", "apparel-v2", - "toys-v2", "packagedgoods-v1" or "general-v1". The legacy categories - "homegoods", "apparel", and "toys" are still supported, but these - should not be used for new products. type: string - productLabels: + description: Entity textual description, expressed in its `locale` language. + boundingPoly: description: >- - Key-value pairs that can be attached to a product. At query time, - constraints can be specified based on the product_labels. Note that - integer values can be provided as strings, e.g. "1199". Only strings + Image region to which this entity belongs. Not produced for + `LABEL_DETECTION` features. + $ref: '#/components/schemas/BoundingPoly' + confidence: + format: float + deprecated: true + type: number + description: >- + **Deprecated. Use `score` instead.** The accuracy of the entity + detection in an image. For example, for an image in which the + "Eiffel Tower" entity is detected, this field represents the + confidence that there is a tower in the query image. Range [0, 1]. + topicality: + description: >- + The relevancy of the ICA (Image Content Annotation) label to the + image. For example, the relevancy of "tower" is likely higher to an + image containing the detected "Eiffel Tower" than to an image + containing a detected distant towering building, even though the + confidence that there is a tower in each image may be the same. + Range [0, 1]. + format: float + type: number + type: object + GoogleCloudVisionV1p3beta1GcsSource: + id: GoogleCloudVisionV1p3beta1GcsSource + properties: + uri: + type: string + description: >- + Google Cloud Storage URI for the input file. This must only be a + Google Cloud Storage object. Wildcards are not currently supported. + description: The Google Cloud Storage location where the input will be read from. + type: object + GoogleCloudVisionV1p4beta1ImageProperties: + description: Stores image properties, such as dominant colors. + properties: + dominantColors: + description: If present, dominant colors completed successfully. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1DominantColorsAnnotation + id: GoogleCloudVisionV1p4beta1ImageProperties + type: object + GoogleCloudVisionV1p1beta1Product: + id: GoogleCloudVisionV1p1beta1Product + properties: + displayName: + type: string + description: >- + The user-provided name for this Product. Must not be empty. Must be + at most 4096 characters long. + productLabels: + type: array + description: >- + Key-value pairs that can be attached to a product. At query time, + constraints can be specified based on the product_labels. Note that + integer values can be provided as strings, e.g. "1199". Only strings with integer values can match a range-based restriction which is to be supported soon. Multiple values can be assigned to the same key. One product may have up to 500 product_labels. Notice that the total number of distinct product_labels over all products in one ProductSet cannot exceed 1M, otherwise the product search pipeline will refuse to work for that ProductSet. - type: array items: $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1ProductKeyValue' - GoogleCloudVisionV1p1beta1ProductKeyValue: - id: GoogleCloudVisionV1p1beta1ProductKeyValue - description: A product label represented as a key-value pair. - type: object - properties: - key: + productCategory: description: >- - The key of the label attached to the product. Cannot be empty and - cannot exceed 128 bytes. + Immutable. The category for the product identified by the reference + image. This should be one of "homegoods-v2", "apparel-v2", + "toys-v2", "packagedgoods-v1" or "general-v1". The legacy categories + "homegoods", "apparel", and "toys" are still supported, but these + should not be used for new products. + type: string + description: type: string - value: description: >- - The value of the label attached to the product. Cannot be empty and - cannot exceed 128 bytes. + User-provided metadata to be stored with this product. Must be at + most 4096 characters long. + name: + description: >- + The resource name of the product. Format is: + `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID`. This + field is ignored when creating a product. type: string - GoogleCloudVisionV1p1beta1ProductSearchResultsGroupedResult: - id: GoogleCloudVisionV1p1beta1ProductSearchResultsGroupedResult - description: >- - Information about the products similar to a single product in a query - image. type: object - properties: - boundingPoly: - description: The bounding polygon around the product detected in the query image. - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' - results: - description: List of results, one for each product match. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1ProductSearchResultsResult - objectAnnotations: - description: List of generic predictions for the object in the bounding box. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1ProductSearchResultsObjectAnnotation - GoogleCloudVisionV1p1beta1ProductSearchResultsObjectAnnotation: - id: GoogleCloudVisionV1p1beta1ProductSearchResultsObjectAnnotation - description: Prediction for what the object in the bounding box is. + description: A Product contains ReferenceImages. + GoogleCloudVisionV1p4beta1Property: + description: A `Property` consists of a user-supplied name/value pair. type: object + id: GoogleCloudVisionV1p4beta1Property properties: - mid: - description: Object ID that should align with EntityAnnotation mid. + uint64Value: + description: Value of numeric properties. + format: uint64 type: string - languageCode: - description: >- - The BCP-47 language code, such as "en-US" or "sr-Latn". For more - information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + value: + description: Value of the property. type: string name: - description: Object name, expressed in its `language_code` language. - type: string - score: - description: Score of the result. Range [0, 1]. - type: number - format: float - GoogleCloudVisionV1p1beta1ImageAnnotationContext: - id: GoogleCloudVisionV1p1beta1ImageAnnotationContext - description: >- - If an image was produced from a file (e.g. a PDF), this message gives - information about the source of that image. - type: object - properties: - uri: - description: The URI of the file used to produce the image. + description: Name of the property. type: string - pageNumber: - description: >- - If the file was a PDF or TIFF, this field gives the page number - within the file used to produce the image. - type: integer - format: int32 - GoogleCloudVisionV1p1beta1AsyncBatchAnnotateFilesResponse: - id: GoogleCloudVisionV1p1beta1AsyncBatchAnnotateFilesResponse - description: Response to an async batch file annotation request. - type: object - properties: - responses: - description: >- - The list of file annotation responses, one for each request in - AsyncBatchAnnotateFilesRequest. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p1beta1AsyncAnnotateFileResponse - GoogleCloudVisionV1p1beta1AsyncAnnotateFileResponse: - id: GoogleCloudVisionV1p1beta1AsyncAnnotateFileResponse - description: The response for a single offline file annotation request. - type: object - properties: - outputConfig: - description: The output location and metadata from AsyncAnnotateFileRequest. - $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1OutputConfig' GoogleCloudVisionV1p1beta1OutputConfig: - id: GoogleCloudVisionV1p1beta1OutputConfig description: The desired output location and metadata. + id: GoogleCloudVisionV1p1beta1OutputConfig type: object properties: gcsDestination: description: The Google Cloud Storage location to write the output(s) to. $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1GcsDestination' batchSize: + format: int32 description: >- The max number of response protos to put into each output JSON file on Google Cloud Storage. The valid range is [1, 100]. If not @@ -3691,95 +3396,149 @@ components: Currently, batch_size only applies to GcsDestination, with potential future support for other output configurations. type: integer - format: int32 - GoogleCloudVisionV1p1beta1GcsDestination: - id: GoogleCloudVisionV1p1beta1GcsDestination - description: The Google Cloud Storage location where the output will be written to. - type: object + GoogleCloudVisionV1p3beta1WebDetectionWebEntity: properties: - uri: + score: description: >- - Google Cloud Storage URI prefix where the results will be stored. - Results will be in JSON format and preceded by its corresponding - input URI prefix. This field can either represent a gcs file prefix - or gcs directory. In either case, the uri should be unique because - in order to get all of the output files, you will need to do a - wildcard gcs search on the uri prefix you provide. Examples: * File - Prefix: gs://bucket-name/here/filenameprefix The output files will - be created in gs://bucket-name/here/ and the names of the output - files will begin with "filenameprefix". * Directory Prefix: - gs://bucket-name/some/location/ The output files will be created in - gs://bucket-name/some/location/ and the names of the output files - could be anything because there was no filename prefix specified. If - multiple outputs, each response is still AnnotateFileResponse, each - of which contains some subset of the full list of - AnnotateImageResponse. Multiple outputs can happen if, for example, - the output JSON is too large and overflows into multiple sharded - files. - type: string - GoogleCloudVisionV1p1beta1OperationMetadata: - id: GoogleCloudVisionV1p1beta1OperationMetadata - description: Contains metadata for the BatchAnnotateImages operation. - type: object - properties: - state: - description: Current state of the batch operation. - type: string - enumDescriptions: - - Invalid. - - Request is received. - - Request is actively being processed. - - The batch processing is done. - - The batch processing was cancelled. - enum: - - STATE_UNSPECIFIED - - CREATED - - RUNNING - - DONE - - CANCELLED - createTime: - description: The time when the batch request was received. + Overall relevancy score for the entity. Not normalized and not + comparable across different image queries. + format: float + type: number + entityId: + description: Opaque entity ID. type: string - format: google-datetime - updateTime: - description: The time when the operation result was last updated. + description: type: string - format: google-datetime - GoogleCloudVisionV1p2beta1AnnotateFileResponse: - id: GoogleCloudVisionV1p2beta1AnnotateFileResponse - description: >- - Response to a single file annotation request. A file may contain one or - more images, which individually have their own responses. + description: Canonical description of the entity, in English. type: object + id: GoogleCloudVisionV1p3beta1WebDetectionWebEntity + description: Entity deduced from similar images on the Internet. + BatchAnnotateFilesRequest: + description: A list of requests to annotate files using the BatchAnnotateFiles API. + id: BatchAnnotateFilesRequest properties: - inputConfig: - description: Information about the file for which this response is generated. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1InputConfig' - responses: + labels: description: >- - Individual responses to images found within the file. This field - will be empty if the `error` field is set. + Optional. The labels with user-defined metadata for the request. + Label keys and values can be no longer than 63 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. Label + values are optional. Label keys must start with a letter. + type: object + additionalProperties: + type: string + requests: type: array items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1AnnotateImageResponse - totalPages: - description: This field gives the total number of pages in the file. - type: integer - format: int32 - error: + $ref: '#/components/schemas/AnnotateFileRequest' description: >- - If set, represents the error message for the failed request. The - `responses` field will not be set in this case. - $ref: '#/components/schemas/Status' - GoogleCloudVisionV1p2beta1InputConfig: - id: GoogleCloudVisionV1p2beta1InputConfig - description: The desired input location and metadata. + Required. The list of file annotation requests. Right now we support + only one AnnotateFileRequest in BatchAnnotateFilesRequest. + parent: + description: >- + Optional. Target project and location to make a call. Format: + `projects/{project-id}/locations/{location-id}`. If no parent is + specified, a region will be chosen automatically. Supported + location-ids: `us`: USA country only, `asia`: East asia areas, like + Japan, Taiwan, `eu`: The European Union. Example: + `projects/project-A/locations/eu`. + type: string type: object + Paragraph: + properties: + words: + description: List of all words in this paragraph. + type: array + items: + $ref: '#/components/schemas/Word' + boundingBox: + $ref: '#/components/schemas/BoundingPoly' + description: >- + The bounding box for the paragraph. The vertices are in the order of + top-left, top-right, bottom-right, bottom-left. When a rotation of + the bounding box is detected the rotation is represented as around + the top-left corner as defined when the text is read in the + 'natural' orientation. For example: * when the text is horizontal it + might look like: 0----1 | | 3----2 * when it's rotated 180 degrees + around the top-left corner it becomes: 2----3 | | 1----0 and the + vertex order will still be (0, 1, 2, 3). + property: + description: Additional information detected for the paragraph. + $ref: '#/components/schemas/TextProperty' + confidence: + description: Confidence of the OCR results for the paragraph. Range [0, 1]. + type: number + format: float + id: Paragraph + description: Structural unit of text representing a number of words in certain order. + type: object + GoogleCloudVisionV1p3beta1EntityAnnotation: + type: object + properties: + boundingPoly: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' + description: >- + Image region to which this entity belongs. Not produced for + `LABEL_DETECTION` features. + topicality: + description: >- + The relevancy of the ICA (Image Content Annotation) label to the + image. For example, the relevancy of "tower" is likely higher to an + image containing the detected "Eiffel Tower" than to an image + containing a detected distant towering building, even though the + confidence that there is a tower in each image may be the same. + Range [0, 1]. + format: float + type: number + description: + type: string + description: Entity textual description, expressed in its `locale` language. + locale: + description: >- + The language code for the locale in which the entity textual + `description` is expressed. + type: string + score: + format: float + type: number + description: Overall score of the result. Range [0, 1]. + confidence: + format: float + description: >- + **Deprecated. Use `score` instead.** The accuracy of the entity + detection in an image. For example, for an image in which the + "Eiffel Tower" entity is detected, this field represents the + confidence that there is a tower in the query image. Range [0, 1]. + type: number + deprecated: true + locations: + type: array + description: >- + The location information for the detected entity. Multiple + `LocationInfo` elements can be present because one location may + indicate the location of the scene in the image, and another + location may indicate the location of the place where the image was + taken. Location information is usually present for landmarks. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1LocationInfo' + properties: + description: >- + Some entities may have optional user-supplied `Property` + (name/value) fields, such a score or string that qualifies the + entity. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Property' + type: array + mid: + description: >- + Opaque entity ID. Some IDs may be available in [Google Knowledge + Graph Search API](https://developers.google.com/knowledge-graph/). + type: string + id: GoogleCloudVisionV1p3beta1EntityAnnotation + description: Set of detected entity features. + GoogleCloudVisionV1p3beta1InputConfig: + id: GoogleCloudVisionV1p3beta1InputConfig properties: - gcsSource: - description: The Google Cloud Storage location to read the input from. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1GcsSource' content: description: >- File content, represented as a stream of bytes. Note: As with all @@ -3787,156 +3546,234 @@ components: whereas JSON representations use base64. Currently, this field only works for BatchAnnotateFiles requests. It does not work for AsyncBatchAnnotateFiles requests. - type: string format: byte + type: string mimeType: description: >- The type of the file. Currently only "application/pdf", "image/tiff" and "image/gif" are supported. Wildcards are not supported. type: string - GoogleCloudVisionV1p2beta1GcsSource: - id: GoogleCloudVisionV1p2beta1GcsSource - description: The Google Cloud Storage location where the input will be read from. + gcsSource: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1GcsSource' + description: The Google Cloud Storage location to read the input from. type: object + description: The desired input location and metadata. + GoogleCloudVisionV1p1beta1Block: + id: GoogleCloudVisionV1p1beta1Block properties: - uri: - description: >- - Google Cloud Storage URI for the input file. This must only be a - Google Cloud Storage object. Wildcards are not currently supported. + blockType: + enumDescriptions: + - Unknown block type. + - Regular text block. + - Table block. + - Image block. + - Horizontal/vertical line box. + - Barcode block. type: string - GoogleCloudVisionV1p2beta1AnnotateImageResponse: - id: GoogleCloudVisionV1p2beta1AnnotateImageResponse - description: Response to an image annotation request. + enum: + - UNKNOWN + - TEXT + - TABLE + - PICTURE + - RULER + - BARCODE + description: Detected block type (text, image etc) for this block. + confidence: + type: number + description: Confidence of the OCR results on the block. Range [0, 1]. + format: float + paragraphs: + description: List of paragraphs in this block (if this blocks is of type text). + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Paragraph' + type: array + boundingBox: + description: >- + The bounding box for the block. The vertices are in the order of + top-left, top-right, bottom-right, bottom-left. When a rotation of + the bounding box is detected the rotation is represented as around + the top-left corner as defined when the text is read in the + 'natural' orientation. For example: * when the text is horizontal it + might look like: 0----1 | | 3----2 * when it's rotated 180 degrees + around the top-left corner it becomes: 2----3 | | 1----0 and the + vertex order will still be (0, 1, 2, 3). + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' + property: + description: Additional information detected for the block. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1TextAnnotationTextProperty + type: object + description: Logical element on the page. + ImageProperties: + id: ImageProperties type: object + description: Stores image properties, such as dominant colors. properties: - faceAnnotations: - description: If present, face detection has completed successfully. - type: array + dominantColors: + $ref: '#/components/schemas/DominantColorsAnnotation' + description: If present, dominant colors completed successfully. + GoogleCloudVisionV1p1beta1WebDetection: + description: Relevant information for the image from the Internet. + id: GoogleCloudVisionV1p1beta1WebDetection + properties: + partialMatchingImages: items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1FaceAnnotation' - landmarkAnnotations: - description: If present, landmark detection has completed successfully. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1WebDetectionWebImage type: array + description: >- + Partial matching images from the Internet. Those images are similar + enough to share some key-point features. For example an original + image will likely have partial matching for its crops. + bestGuessLabels: items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1EntityAnnotation' - logoAnnotations: - description: If present, logo detection has completed successfully. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1WebDetectionWebLabel + description: >- + The service's best guess as to the topic of the request image. + Inferred from similar images on the open web. + type: array + visuallySimilarImages: + description: The visually similar image results. type: array items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1EntityAnnotation' - labelAnnotations: - description: If present, label detection has completed successfully. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1WebDetectionWebImage + webEntities: type: array items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1EntityAnnotation' - localizedObjectAnnotations: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1WebDetectionWebEntity + description: Deduced entities from similar images on the Internet. + fullMatchingImages: description: >- - If present, localized object detection has completed successfully. - This will be sorted descending by confidence score. - type: array + Fully matching images from the Internet. Can include resized copies + of the query image. items: $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1LocalizedObjectAnnotation - textAnnotations: - description: If present, text (OCR) detection has completed successfully. + #/components/schemas/GoogleCloudVisionV1p1beta1WebDetectionWebImage type: array + pagesWithMatchingImages: + description: Web pages containing the matching images from the Internet. items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1EntityAnnotation' - fullTextAnnotation: - description: >- - If present, text (OCR) detection or document (OCR) text detection - has completed successfully. This annotation provides the structural - hierarchy for the OCR detected text. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1TextAnnotation' - safeSearchAnnotation: - description: If present, safe-search annotation has completed successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1SafeSearchAnnotation' - imagePropertiesAnnotation: - description: If present, image properties were extracted successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1ImageProperties' - cropHintsAnnotation: - description: If present, crop hints have completed successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1CropHintsAnnotation' - webDetection: - description: If present, web detection has completed successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1WebDetection' - productSearchResults: - description: If present, product search has completed successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1ProductSearchResults' - error: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1WebDetectionWebPage' + type: array + type: object + Feature: + description: >- + The type of Google Cloud Vision API detection to perform, and the + maximum number of results to return for that type. Multiple `Feature` + objects can be specified in the `features` list. + id: Feature + properties: + type: + enumDescriptions: + - Unspecified feature type. + - Run face detection. + - Run landmark detection. + - Run logo detection. + - Run label detection. + - >- + Run text detection / optical character recognition (OCR). Text + detection is optimized for areas of text within a larger image; if + the image is a document, use `DOCUMENT_TEXT_DETECTION` instead. + - >- + Run dense text document OCR. Takes precedence when both + `DOCUMENT_TEXT_DETECTION` and `TEXT_DETECTION` are present. + - >- + Run Safe Search to detect potentially unsafe or undesirable + content. + - >- + Compute a set of image properties, such as the image's dominant + colors. + - Run crop hints. + - Run web detection. + - Run Product Search. + - Run localizer for object detection. + enum: + - TYPE_UNSPECIFIED + - FACE_DETECTION + - LANDMARK_DETECTION + - LOGO_DETECTION + - LABEL_DETECTION + - TEXT_DETECTION + - DOCUMENT_TEXT_DETECTION + - SAFE_SEARCH_DETECTION + - IMAGE_PROPERTIES + - CROP_HINTS + - WEB_DETECTION + - PRODUCT_SEARCH + - OBJECT_LOCALIZATION + type: string + description: The feature type. + maxResults: + format: int32 + type: integer description: >- - If set, represents the error message for the operation. Note that - filled-in image annotations are guaranteed to be correct, even when - `error` is set. - $ref: '#/components/schemas/Status' - context: + Maximum number of results of this type. Does not apply to + `TEXT_DETECTION`, `DOCUMENT_TEXT_DETECTION`, or `CROP_HINTS`. + model: description: >- - If present, contextual information is needed to understand where - this image comes from. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1ImageAnnotationContext - GoogleCloudVisionV1p2beta1FaceAnnotation: - id: GoogleCloudVisionV1p2beta1FaceAnnotation - description: A face annotation object contains the results of face detection. + Model to use for the feature. Supported values: "builtin/stable" + (the default if unset) and "builtin/latest". + `DOCUMENT_TEXT_DETECTION` and `TEXT_DETECTION` also support + "builtin/rc" for the latest release candidate. + type: string type: object + BatchAnnotateFilesResponse: properties: - boundingPoly: - description: >- - The bounding polygon around the face. The coordinates of the - bounding box are in the original image's scale. The bounding box is - computed to "frame" the face in accordance with human expectations. - It is based on the landmarker results. Note that one or more x - and/or y coordinates may not be generated in the `BoundingPoly` (the - polygon will be unbounded) if only a partial face appears in the - image to be annotated. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' - fdBoundingPoly: + responses: description: >- - The `fd_bounding_poly` bounding polygon is tighter than the - `boundingPoly`, and encloses only the skin part of the face. - Typically, it is used to eliminate the face from any image analysis - that detects the "amount of skin" visible in an image. It is not - based on the landmarker results, only on the initial face detection, - hence the fd (face detection) prefix. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' - landmarks: - description: Detected face landmarks. + The list of file annotation responses, each response corresponding + to each AnnotateFileRequest in BatchAnnotateFilesRequest. type: array + items: + $ref: '#/components/schemas/AnnotateFileResponse' + type: object + description: A list of file annotation responses. + id: BatchAnnotateFilesResponse + GoogleCloudVisionV1p3beta1ProductSearchResults: + id: GoogleCloudVisionV1p3beta1ProductSearchResults + type: object + description: Results for a product search request. + properties: + results: items: $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1FaceAnnotationLandmark - rollAngle: - description: >- - Roll angle, which indicates the amount of clockwise/anti-clockwise - rotation of the face relative to the image vertical about the axis - perpendicular to the face. Range [-180,180]. - type: number - format: float - panAngle: + #/components/schemas/GoogleCloudVisionV1p3beta1ProductSearchResultsResult + description: List of results, one for each product match. + type: array + indexTime: + type: string description: >- - Yaw angle, which indicates the leftward/rightward angle that the - face is pointing relative to the vertical plane perpendicular to the - image. Range [-180,180]. - type: number - format: float - tiltAngle: + Timestamp of the index which provided these results. Products added + to the product set and products removed from the product set after + this time are not reflected in the current results. + format: google-datetime + productGroupedResults: + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p3beta1ProductSearchResultsGroupedResult description: >- - Pitch angle, which indicates the upwards/downwards angle that the - face is pointing relative to the image's horizontal plane. Range - [-180,180]. - type: number - format: float - detectionConfidence: - description: Detection confidence. Range [0, 1]. - type: number - format: float - landmarkingConfidence: - description: Face landmarking confidence. Range [0, 1]. - type: number - format: float - joyLikelihood: - description: Joy likelihood. - type: string + List of results grouped by products detected in the query image. + Each entry corresponds to one bounding polygon in the query image, + and contains the matching products specific to that region. There + may be duplicate product matches in the union of all the per-product + results. + type: array + BatchAnnotateImagesResponse: + description: Response to a batch image annotation request. + type: object + properties: + responses: + description: Individual responses to image annotation requests within the batch. + items: + $ref: '#/components/schemas/AnnotateImageResponse' + type: array + id: BatchAnnotateImagesResponse + GoogleCloudVisionV1p3beta1SafeSearchAnnotation: + properties: + violence: enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -3944,6 +3781,10 @@ components: - It is possible. - It is likely. - It is very likely. + description: >- + Likelihood that this image contains violent content. Violent content + may include death, serious harm, or injury to individuals or groups + of individuals. enum: - UNKNOWN - VERY_UNLIKELY @@ -3951,16 +3792,9 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - sorrowLikelihood: - description: Sorrow likelihood. type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. + medical: + description: Likelihood that this is a medical image. enum: - UNKNOWN - VERY_UNLIKELY @@ -3968,9 +3802,6 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - angerLikelihood: - description: Anger likelihood. - type: string enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -3978,16 +3809,12 @@ components: - It is possible. - It is likely. - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - surpriseLikelihood: - description: Surprise likelihood. type: string + adult: + description: >- + Represents the adult content likelihood for the image. Adult content + may contain elements such as nudity, pornographic images or + cartoons, or sexual activities. enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -3995,23 +3822,7 @@ components: - It is possible. - It is likely. - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - underExposedLikelihood: - description: Under-exposed likelihood. type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. enum: - UNKNOWN - VERY_UNLIKELY @@ -4019,9 +3830,7 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - blurredLikelihood: - description: Blurred likelihood. - type: string + racy: enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -4029,6 +3838,11 @@ components: - It is possible. - It is likely. - It is very likely. + description: >- + Likelihood that the request image contains racy content. Racy + content may include (but is not limited to) skimpy or sheer + clothing, strategically covered nudity, lewd or provocative poses, + or close-ups of sensitive body areas. enum: - UNKNOWN - VERY_UNLIKELY @@ -4036,9 +3850,8 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - headwearLikelihood: - description: Headwear likelihood. type: string + spoof: enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -4046,6 +3859,9 @@ components: - It is possible. - It is likely. - It is very likely. + description: >- + Spoof likelihood. The likelihood that an modification was made to + the image's canonical version to make it appear funny or offensive. enum: - UNKNOWN - VERY_UNLIKELY @@ -4053,101 +3869,224 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - GoogleCloudVisionV1p2beta1BoundingPoly: - id: GoogleCloudVisionV1p2beta1BoundingPoly - description: A bounding polygon for the detected image annotation. + type: string + type: object + id: GoogleCloudVisionV1p3beta1SafeSearchAnnotation + description: >- + Set of features pertaining to the image, computed by computer vision + methods over safe-search verticals (for example, adult, spoof, medical, + violence). + GoogleCloudVisionV1p4beta1ReferenceImage: type: object properties: - vertices: - description: The bounding polygon vertices. + boundingPolys: type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Vertex' - normalizedVertices: - description: The bounding polygon normalized vertices. + description: >- + Optional. Bounding polygons around the areas of interest in the + reference image. If this field is empty, the system will try to + detect regions of interest. At most 10 bounding polygons will be + used. The provided shape is converted into a non-rotated rectangle. + Once converted, the small edge of the rectangle must be greater than + or equal to 300 pixels. The aspect ratio must be 1:4 or less (i.e. + 1:3 is ok; 1:5 is not). + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' + name: + description: >- + The resource name of the reference image. Format is: + `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID/referenceImages/IMAGE_ID`. + This field is ignored when creating a reference image. + type: string + uri: + description: >- + Required. The Google Cloud Storage URI of the reference image. The + URI must start with `gs://`. + type: string + id: GoogleCloudVisionV1p4beta1ReferenceImage + description: >- + A `ReferenceImage` represents a product image and its associated + metadata, such as bounding boxes. + AsyncBatchAnnotateImagesRequest: + description: Request for async image annotation for a list of images. + properties: + requests: + items: + $ref: '#/components/schemas/AnnotateImageRequest' + description: Required. Individual image annotation requests for this batch. + type: array + outputConfig: + $ref: '#/components/schemas/OutputConfig' + description: Required. The desired output location and metadata (e.g. format). + parent: + description: >- + Optional. Target project and location to make a call. Format: + `projects/{project-id}/locations/{location-id}`. If no parent is + specified, a region will be chosen automatically. Supported + location-ids: `us`: USA country only, `asia`: East asia areas, like + Japan, Taiwan, `eu`: The European Union. Example: + `projects/project-A/locations/eu`. + type: string + labels: + additionalProperties: + type: string + type: object + description: >- + Optional. The labels with user-defined metadata for the request. + Label keys and values can be no longer than 63 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. Label + values are optional. Label keys must start with a letter. + id: AsyncBatchAnnotateImagesRequest + type: object + Block: + id: Block + type: object + description: Logical element on the page. + properties: + confidence: + description: Confidence of the OCR results on the block. Range [0, 1]. + format: float + type: number + boundingBox: + description: >- + The bounding box for the block. The vertices are in the order of + top-left, top-right, bottom-right, bottom-left. When a rotation of + the bounding box is detected the rotation is represented as around + the top-left corner as defined when the text is read in the + 'natural' orientation. For example: * when the text is horizontal it + might look like: 0----1 | | 3----2 * when it's rotated 180 degrees + around the top-left corner it becomes: 2----3 | | 1----0 and the + vertex order will still be (0, 1, 2, 3). + $ref: '#/components/schemas/BoundingPoly' + paragraphs: + description: List of paragraphs in this block (if this blocks is of type text). type: array items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1NormalizedVertex' + $ref: '#/components/schemas/Paragraph' + property: + description: Additional information detected for the block. + $ref: '#/components/schemas/TextProperty' + blockType: + enumDescriptions: + - Unknown block type. + - Regular text block. + - Table block. + - Image block. + - Horizontal/vertical line box. + - Barcode block. + enum: + - UNKNOWN + - TEXT + - TABLE + - PICTURE + - RULER + - BARCODE + description: Detected block type (text, image etc) for this block. + type: string + GoogleCloudVisionV1p1beta1AnnotateImageResponse: + properties: + textAnnotations: + description: If present, text (OCR) detection has completed successfully. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1EntityAnnotation' + type: array + logoAnnotations: + description: If present, logo detection has completed successfully. + type: array + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1EntityAnnotation' + productSearchResults: + description: If present, product search has completed successfully. + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1ProductSearchResults' + labelAnnotations: + description: If present, label detection has completed successfully. + type: array + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1EntityAnnotation' + fullTextAnnotation: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1TextAnnotation' + description: >- + If present, text (OCR) detection or document (OCR) text detection + has completed successfully. This annotation provides the structural + hierarchy for the OCR detected text. + localizedObjectAnnotations: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1LocalizedObjectAnnotation + description: >- + If present, localized object detection has completed successfully. + This will be sorted descending by confidence score. + imagePropertiesAnnotation: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1ImageProperties' + description: If present, image properties were extracted successfully. + context: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1ImageAnnotationContext + description: >- + If present, contextual information is needed to understand where + this image comes from. + landmarkAnnotations: + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1EntityAnnotation' + description: If present, landmark detection has completed successfully. + type: array + error: + description: >- + If set, represents the error message for the operation. Note that + filled-in image annotations are guaranteed to be correct, even when + `error` is set. + $ref: '#/components/schemas/Status' + webDetection: + description: If present, web detection has completed successfully. + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1WebDetection' + cropHintsAnnotation: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1CropHintsAnnotation' + description: If present, crop hints have completed successfully. + faceAnnotations: + description: If present, face detection has completed successfully. + type: array + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1FaceAnnotation' + safeSearchAnnotation: + description: If present, safe-search annotation has completed successfully. + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1SafeSearchAnnotation' + id: GoogleCloudVisionV1p1beta1AnnotateImageResponse + type: object + description: Response to an image annotation request. + AddProductToProductSetRequest: + description: Request message for the `AddProductToProductSet` method. + id: AddProductToProductSetRequest + type: object + properties: + product: + type: string + description: >- + Required. The resource name for the Product to be added to this + ProductSet. Format is: + `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID` GoogleCloudVisionV1p2beta1Vertex: id: GoogleCloudVisionV1p2beta1Vertex - description: >- - A vertex represents a 2D point in the image. NOTE: the vertex - coordinates are in the same scale as the original image. type: object properties: x: + format: int32 description: X coordinate. type: integer - format: int32 'y': description: Y coordinate. - type: integer format: int32 - GoogleCloudVisionV1p2beta1NormalizedVertex: - id: GoogleCloudVisionV1p2beta1NormalizedVertex - description: >- - A vertex represents a 2D point in the image. NOTE: the normalized vertex - coordinates are relative to the original image and range from 0 to 1. - type: object - properties: - x: - description: X coordinate. - type: number - format: float - 'y': - description: Y coordinate. - type: number - format: float - GoogleCloudVisionV1p2beta1FaceAnnotationLandmark: - id: GoogleCloudVisionV1p2beta1FaceAnnotationLandmark + type: integer description: >- - A face-specific landmark (for example, a face feature). Landmark - positions may fall outside the bounds of the image if the face is near - one or more edges of the image. Therefore it is NOT guaranteed that `0 - <= x < width` or `0 <= y < height`. - type: object + A vertex represents a 2D point in the image. NOTE: the vertex + coordinates are in the same scale as the original image. + GoogleCloudVisionV1p3beta1FaceAnnotationLandmark: + id: GoogleCloudVisionV1p3beta1FaceAnnotationLandmark properties: + position: + description: Face landmark position. + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Position' type: - description: Face landmark type. - type: string - enumDescriptions: - - Unknown face landmark detected. Should not be filled. - - Left eye. - - Right eye. - - Left of left eyebrow. - - Right of left eyebrow. - - Left of right eyebrow. - - Right of right eyebrow. - - Midpoint between eyes. - - Nose tip. - - Upper lip. - - Lower lip. - - Mouth left. - - Mouth right. - - Mouth center. - - Nose, bottom right. - - Nose, bottom left. - - Nose, bottom center. - - Left eye, top boundary. - - Left eye, right corner. - - Left eye, bottom boundary. - - Left eye, left corner. - - Right eye, top boundary. - - Right eye, right corner. - - Right eye, bottom boundary. - - Right eye, left corner. - - Left eyebrow, upper midpoint. - - Right eyebrow, upper midpoint. - - Left ear tragion. - - Right ear tragion. - - Left eye pupil. - - Right eye pupil. - - Forehead glabella. - - Chin gnathion. - - Chin left gonion. - - Chin right gonion. - - Left cheek center. - - Right cheek center. enum: - UNKNOWN_LANDMARK - LEFT_EYE @@ -4186,16 +4125,70 @@ components: - CHIN_RIGHT_GONION - LEFT_CHEEK_CENTER - RIGHT_CHEEK_CENTER - position: - description: Face landmark position. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Position' - GoogleCloudVisionV1p2beta1Position: - id: GoogleCloudVisionV1p2beta1Position + description: Face landmark type. + type: string + enumDescriptions: + - Unknown face landmark detected. Should not be filled. + - Left eye. + - Right eye. + - Left of left eyebrow. + - Right of left eyebrow. + - Left of right eyebrow. + - Right of right eyebrow. + - Midpoint between eyes. + - Nose tip. + - Upper lip. + - Lower lip. + - Mouth left. + - Mouth right. + - Mouth center. + - Nose, bottom right. + - Nose, bottom left. + - Nose, bottom center. + - Left eye, top boundary. + - Left eye, right corner. + - Left eye, bottom boundary. + - Left eye, left corner. + - Right eye, top boundary. + - Right eye, right corner. + - Right eye, bottom boundary. + - Right eye, left corner. + - Left eyebrow, upper midpoint. + - Right eyebrow, upper midpoint. + - Left ear tragion. + - Right ear tragion. + - Left eye pupil. + - Right eye pupil. + - Forehead glabella. + - Chin gnathion. + - Chin left gonion. + - Chin right gonion. + - Left cheek center. + - Right cheek center. + type: object description: >- - A 3D position in the image, used primarily for Face detection landmarks. - A valid Position must have both x and y coordinates. The position - coordinates are in the same scale as the original image. + A face-specific landmark (for example, a face feature). Landmark + positions may fall outside the bounds of the image if the face is near + one or more edges of the image. Therefore it is NOT guaranteed that `0 + <= x < width` or `0 <= y < height`. + LatLng: + id: LatLng + description: >- + An object that represents a latitude/longitude pair. This is expressed + as a pair of doubles to represent degrees latitude and degrees + longitude. Unless specified otherwise, this object must conform to the + WGS84 standard. Values must be within normalized ranges. + properties: + longitude: + format: double + description: The longitude in degrees. It must be in the range [-180.0, +180.0]. + type: number + latitude: + type: number + format: double + description: The latitude in degrees. It must be in the range [-90.0, +90.0]. type: object + GoogleCloudVisionV1p3beta1NormalizedVertex: properties: x: description: X coordinate. @@ -4205,240 +4198,152 @@ components: description: Y coordinate. type: number format: float - z: - description: Z coordinate (or depth). - type: number - format: float - GoogleCloudVisionV1p2beta1EntityAnnotation: - id: GoogleCloudVisionV1p2beta1EntityAnnotation - description: Set of detected entity features. + description: >- + A vertex represents a 2D point in the image. NOTE: the normalized vertex + coordinates are relative to the original image and range from 0 to 1. type: object + id: GoogleCloudVisionV1p3beta1NormalizedVertex + GoogleCloudVisionV1p4beta1Block: + id: GoogleCloudVisionV1p4beta1Block properties: - mid: - description: >- - Opaque entity ID. Some IDs may be available in [Google Knowledge - Graph Search API](https://developers.google.com/knowledge-graph/). - type: string - locale: + boundingBox: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' description: >- - The language code for the locale in which the entity textual - `description` is expressed. - type: string - description: - description: Entity textual description, expressed in its `locale` language. + The bounding box for the block. The vertices are in the order of + top-left, top-right, bottom-right, bottom-left. When a rotation of + the bounding box is detected the rotation is represented as around + the top-left corner as defined when the text is read in the + 'natural' orientation. For example: * when the text is horizontal it + might look like: 0----1 | | 3----2 * when it's rotated 180 degrees + around the top-left corner it becomes: 2----3 | | 1----0 and the + vertex order will still be (0, 1, 2, 3). + blockType: + description: Detected block type (text, image etc) for this block. + enum: + - UNKNOWN + - TEXT + - TABLE + - PICTURE + - RULER + - BARCODE type: string - score: - description: Overall score of the result. Range [0, 1]. - type: number - format: float + enumDescriptions: + - Unknown block type. + - Regular text block. + - Table block. + - Image block. + - Horizontal/vertical line box. + - Barcode block. + property: + description: Additional information detected for the block. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1TextAnnotationTextProperty confidence: - description: >- - **Deprecated. Use `score` instead.** The accuracy of the entity - detection in an image. For example, for an image in which the - "Eiffel Tower" entity is detected, this field represents the - confidence that there is a tower in the query image. Range [0, 1]. - deprecated: true - type: number + description: Confidence of the OCR results on the block. Range [0, 1]. format: float - topicality: - description: >- - The relevancy of the ICA (Image Content Annotation) label to the - image. For example, the relevancy of "tower" is likely higher to an - image containing the detected "Eiffel Tower" than to an image - containing a detected distant towering building, even though the - confidence that there is a tower in each image may be the same. - Range [0, 1]. type: number - format: float - boundingPoly: - description: >- - Image region to which this entity belongs. Not produced for - `LABEL_DETECTION` features. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' - locations: - description: >- - The location information for the detected entity. Multiple - `LocationInfo` elements can be present because one location may - indicate the location of the scene in the image, and another - location may indicate the location of the place where the image was - taken. Location information is usually present for landmarks. + paragraphs: type: array + description: List of paragraphs in this block (if this blocks is of type text). items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1LocationInfo' - properties: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Paragraph' + type: object + description: Logical element on the page. + GoogleCloudVisionV1p2beta1NormalizedVertex: + properties: + x: + type: number + format: float + description: X coordinate. + 'y': + format: float + type: number + description: Y coordinate. + type: object + description: >- + A vertex represents a 2D point in the image. NOTE: the normalized vertex + coordinates are relative to the original image and range from 0 to 1. + id: GoogleCloudVisionV1p2beta1NormalizedVertex + GoogleCloudVisionV1p4beta1AnnotateFileResponse: + description: >- + Response to a single file annotation request. A file may contain one or + more images, which individually have their own responses. + id: GoogleCloudVisionV1p4beta1AnnotateFileResponse + properties: + error: description: >- - Some entities may have optional user-supplied `Property` - (name/value) fields, such a score or string that qualifies the - entity. - type: array + If set, represents the error message for the failed request. The + `responses` field will not be set in this case. + $ref: '#/components/schemas/Status' + responses: items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Property' - GoogleCloudVisionV1p2beta1LocationInfo: - id: GoogleCloudVisionV1p2beta1LocationInfo - description: Detected entity location information. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1AnnotateImageResponse + type: array + description: >- + Individual responses to images found within the file. This field + will be empty if the `error` field is set. + inputConfig: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1InputConfig' + description: Information about the file for which this response is generated. + totalPages: + type: integer + description: This field gives the total number of pages in the file. + format: int32 type: object + GoogleCloudVisionV1p3beta1OperationMetadata: + description: Contains metadata for the BatchAnnotateImages operation. + type: object + id: GoogleCloudVisionV1p3beta1OperationMetadata properties: - latLng: - description: lat/long location coordinates. - $ref: '#/components/schemas/LatLng' + state: + enum: + - STATE_UNSPECIFIED + - CREATED + - RUNNING + - DONE + - CANCELLED + description: Current state of the batch operation. + enumDescriptions: + - Invalid. + - Request is received. + - Request is actively being processed. + - The batch processing is done. + - The batch processing was cancelled. + type: string + updateTime: + format: google-datetime + description: The time when the operation result was last updated. + type: string + createTime: + format: google-datetime + description: The time when the batch request was received. + type: string GoogleCloudVisionV1p2beta1Property: id: GoogleCloudVisionV1p2beta1Property - description: A `Property` consists of a user-supplied name/value pair. type: object properties: + uint64Value: + description: Value of numeric properties. + type: string + format: uint64 name: description: Name of the property. type: string value: - description: Value of the property. type: string - uint64Value: - description: Value of numeric properties. - type: string - format: uint64 - GoogleCloudVisionV1p2beta1LocalizedObjectAnnotation: - id: GoogleCloudVisionV1p2beta1LocalizedObjectAnnotation - description: Set of detected objects with bounding boxes. - type: object - properties: - mid: - description: Object ID that should align with EntityAnnotation mid. - type: string - languageCode: - description: >- - The BCP-47 language code, such as "en-US" or "sr-Latn". For more - information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. - type: string - name: - description: Object name, expressed in its `language_code` language. - type: string - score: - description: Score of the result. Range [0, 1]. - type: number - format: float - boundingPoly: - description: Image region to which this object belongs. This must be populated. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' - GoogleCloudVisionV1p2beta1TextAnnotation: - id: GoogleCloudVisionV1p2beta1TextAnnotation - description: >- - TextAnnotation contains a structured representation of OCR extracted - text. The hierarchy of an OCR extracted text structure is like this: - TextAnnotation -> Page -> Block -> Paragraph -> Word -> Symbol Each - structural component, starting from Page, may further have their own - properties. Properties describe detected languages, breaks etc.. Please - refer to the TextAnnotation.TextProperty message definition below for - more detail. - type: object - properties: - pages: - description: List of pages detected by OCR. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Page' - text: - description: UTF-8 text detected on the pages. - type: string - GoogleCloudVisionV1p2beta1Page: - id: GoogleCloudVisionV1p2beta1Page - description: Detected page from OCR. - type: object + description: Value of the property. + description: A `Property` consists of a user-supplied name/value pair. + GoogleCloudVisionV1p2beta1Paragraph: properties: - property: - description: Additional information detected on the page. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1TextAnnotationTextProperty - width: - description: >- - Page width. For PDFs the unit is points. For images (including - TIFFs) the unit is pixels. - type: integer - format: int32 - height: - description: >- - Page height. For PDFs the unit is points. For images (including - TIFFs) the unit is pixels. - type: integer - format: int32 - blocks: - description: List of blocks of text, images etc on this page. - type: array + words: + description: List of all words in this paragraph. items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Block' - confidence: - description: Confidence of the OCR results on the page. Range [0, 1]. - type: number - format: float - GoogleCloudVisionV1p2beta1TextAnnotationTextProperty: - id: GoogleCloudVisionV1p2beta1TextAnnotationTextProperty - description: Additional information detected on the structural component. - type: object - properties: - detectedLanguages: - description: A list of detected languages together with confidence. + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Word' type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1TextAnnotationDetectedLanguage - detectedBreak: - description: Detected start or end of a text segment. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1TextAnnotationDetectedBreak - GoogleCloudVisionV1p2beta1TextAnnotationDetectedLanguage: - id: GoogleCloudVisionV1p2beta1TextAnnotationDetectedLanguage - description: Detected language for a structural component. - type: object - properties: - languageCode: - description: >- - The BCP-47 language code, such as "en-US" or "sr-Latn". For more - information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. - type: string - confidence: - description: Confidence of detected language. Range [0, 1]. - type: number - format: float - GoogleCloudVisionV1p2beta1TextAnnotationDetectedBreak: - id: GoogleCloudVisionV1p2beta1TextAnnotationDetectedBreak - description: Detected start or end of a structural component. - type: object - properties: - type: - description: Detected break type. - type: string - enumDescriptions: - - Unknown break label type. - - Regular space. - - Sure space (very wide). - - Line-wrapping break. - - >- - End-line hyphen that is not present in text; does not co-occur - with `SPACE`, `LEADER_SPACE`, or `LINE_BREAK`. - - Line break that ends a paragraph. - enum: - - UNKNOWN - - SPACE - - SURE_SPACE - - EOL_SURE_SPACE - - HYPHEN - - LINE_BREAK - isPrefix: - description: True if break prepends the element. - type: boolean - GoogleCloudVisionV1p2beta1Block: - id: GoogleCloudVisionV1p2beta1Block - description: Logical element on the page. - type: object - properties: - property: - description: Additional information detected for the block. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1TextAnnotationTextProperty boundingBox: description: >- - The bounding box for the block. The vertices are in the order of + The bounding box for the paragraph. The vertices are in the order of top-left, top-right, bottom-right, bottom-left. When a rotation of the bounding box is detected the rotation is represented as around the top-left corner as defined when the text is read in the @@ -4447,104 +4352,222 @@ components: around the top-left corner it becomes: 2----3 | | 1----0 and the vertex order will still be (0, 1, 2, 3). $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' - paragraphs: - description: List of paragraphs in this block (if this blocks is of type text). - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Paragraph' - blockType: - description: Detected block type (text, image etc) for this block. - type: string - enumDescriptions: - - Unknown block type. - - Regular text block. - - Table block. - - Image block. - - Horizontal/vertical line box. - - Barcode block. - enum: - - UNKNOWN - - TEXT - - TABLE - - PICTURE - - RULER - - BARCODE + property: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1TextAnnotationTextProperty + description: Additional information detected for the paragraph. confidence: - description: Confidence of the OCR results on the block. Range [0, 1]. type: number + description: Confidence of the OCR results for the paragraph. Range [0, 1]. format: float - GoogleCloudVisionV1p2beta1Paragraph: - id: GoogleCloudVisionV1p2beta1Paragraph + type: object description: Structural unit of text representing a number of words in certain order. + id: GoogleCloudVisionV1p2beta1Paragraph + GoogleCloudVisionV1p2beta1AsyncBatchAnnotateFilesResponse: type: object properties: - property: - description: Additional information detected for the paragraph. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1TextAnnotationTextProperty - boundingBox: - description: >- - The bounding box for the paragraph. The vertices are in the order of - top-left, top-right, bottom-right, bottom-left. When a rotation of - the bounding box is detected the rotation is represented as around - the top-left corner as defined when the text is read in the - 'natural' orientation. For example: * when the text is horizontal it - might look like: 0----1 | | 3----2 * when it's rotated 180 degrees - around the top-left corner it becomes: 2----3 | | 1----0 and the - vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' - words: - description: List of all words in this paragraph. + responses: type: array items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Word' - confidence: - description: Confidence of the OCR results for the paragraph. Range [0, 1]. - type: number - format: float - GoogleCloudVisionV1p2beta1Word: - id: GoogleCloudVisionV1p2beta1Word - description: A word representation. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1AsyncAnnotateFileResponse + description: >- + The list of file annotation responses, one for each request in + AsyncBatchAnnotateFilesRequest. + description: Response to an async batch file annotation request. + id: GoogleCloudVisionV1p2beta1AsyncBatchAnnotateFilesResponse + GoogleCloudVisionV1p1beta1ProductSearchResultsResult: type: object + description: Information about a product. + id: GoogleCloudVisionV1p1beta1ProductSearchResultsResult properties: - property: - description: Additional information detected for the word. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1TextAnnotationTextProperty - boundingBox: - description: >- - The bounding box for the word. The vertices are in the order of - top-left, top-right, bottom-right, bottom-left. When a rotation of - the bounding box is detected the rotation is represented as around - the top-left corner as defined when the text is read in the - 'natural' orientation. For example: * when the text is horizontal it - might look like: 0----1 | | 3----2 * when it's rotated 180 degrees - around the top-left corner it becomes: 2----3 | | 1----0 and the - vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' - symbols: + product: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Product' + description: The Product. + score: + format: float description: >- - List of symbols in the word. The order of the symbols follows the - natural reading order. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Symbol' - confidence: - description: Confidence of the OCR results for the word. Range [0, 1]. + A confidence level on the match, ranging from 0 (no confidence) to 1 + (full confidence). type: number - format: float - GoogleCloudVisionV1p2beta1Symbol: - id: GoogleCloudVisionV1p2beta1Symbol - description: A single symbol representation. + image: + type: string + description: >- + The resource name of the image from the product that is the closest + match to the query. + GoogleCloudVisionV1p4beta1OperationMetadata: + id: GoogleCloudVisionV1p4beta1OperationMetadata + type: object + description: Contains metadata for the BatchAnnotateImages operation. + properties: + state: + enum: + - STATE_UNSPECIFIED + - CREATED + - RUNNING + - DONE + - CANCELLED + type: string + enumDescriptions: + - Invalid. + - Request is received. + - Request is actively being processed. + - The batch processing is done. + - The batch processing was cancelled. + description: Current state of the batch operation. + updateTime: + format: google-datetime + description: The time when the operation result was last updated. + type: string + createTime: + format: google-datetime + type: string + description: The time when the batch request was received. + ImageAnnotationContext: + properties: + uri: + description: The URI of the file used to produce the image. + type: string + pageNumber: + type: integer + format: int32 + description: >- + If the file was a PDF or TIFF, this field gives the page number + within the file used to produce the image. + description: >- + If an image was produced from a file (e.g. a PDF), this message gives + information about the source of that image. + type: object + id: ImageAnnotationContext + ImportProductSetsRequest: + properties: + inputConfig: + $ref: '#/components/schemas/ImportProductSetsInputConfig' + description: Required. The input content for the list of requests. + description: Request message for the `ImportProductSets` method. + type: object + id: ImportProductSetsRequest + GoogleCloudVisionV1p3beta1ImageAnnotationContext: + description: >- + If an image was produced from a file (e.g. a PDF), this message gives + information about the source of that image. + id: GoogleCloudVisionV1p3beta1ImageAnnotationContext + type: object + properties: + pageNumber: + format: int32 + description: >- + If the file was a PDF or TIFF, this field gives the page number + within the file used to produce the image. + type: integer + uri: + type: string + description: The URI of the file used to produce the image. + GoogleCloudVisionV1p2beta1ImageProperties: + properties: + dominantColors: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1DominantColorsAnnotation + description: If present, dominant colors completed successfully. + description: Stores image properties, such as dominant colors. + type: object + id: GoogleCloudVisionV1p2beta1ImageProperties + GoogleCloudVisionV1p3beta1GcsDestination: + properties: + uri: + description: >- + Google Cloud Storage URI prefix where the results will be stored. + Results will be in JSON format and preceded by its corresponding + input URI prefix. This field can either represent a gcs file prefix + or gcs directory. In either case, the uri should be unique because + in order to get all of the output files, you will need to do a + wildcard gcs search on the uri prefix you provide. Examples: * File + Prefix: gs://bucket-name/here/filenameprefix The output files will + be created in gs://bucket-name/here/ and the names of the output + files will begin with "filenameprefix". * Directory Prefix: + gs://bucket-name/some/location/ The output files will be created in + gs://bucket-name/some/location/ and the names of the output files + could be anything because there was no filename prefix specified. If + multiple outputs, each response is still AnnotateFileResponse, each + of which contains some subset of the full list of + AnnotateImageResponse. Multiple outputs can happen if, for example, + the output JSON is too large and overflows into multiple sharded + files. + type: string + type: object + description: The Google Cloud Storage location where the output will be written to. + id: GoogleCloudVisionV1p3beta1GcsDestination + GoogleCloudVisionV1p2beta1ProductSearchResults: + properties: + indexTime: + description: >- + Timestamp of the index which provided these results. Products added + to the product set and products removed from the product set after + this time are not reflected in the current results. + format: google-datetime + type: string + results: + description: List of results, one for each product match. + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1ProductSearchResultsResult + type: array + productGroupedResults: + description: >- + List of results grouped by products detected in the query image. + Each entry corresponds to one bounding polygon in the query image, + and contains the matching products specific to that region. There + may be duplicate product matches in the union of all the per-product + results. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1ProductSearchResultsGroupedResult + type: object + description: Results for a product search request. + id: GoogleCloudVisionV1p2beta1ProductSearchResults + GoogleCloudVisionV1p4beta1GcsDestination: + description: The Google Cloud Storage location where the output will be written to. + properties: + uri: + type: string + description: >- + Google Cloud Storage URI prefix where the results will be stored. + Results will be in JSON format and preceded by its corresponding + input URI prefix. This field can either represent a gcs file prefix + or gcs directory. In either case, the uri should be unique because + in order to get all of the output files, you will need to do a + wildcard gcs search on the uri prefix you provide. Examples: * File + Prefix: gs://bucket-name/here/filenameprefix The output files will + be created in gs://bucket-name/here/ and the names of the output + files will begin with "filenameprefix". * Directory Prefix: + gs://bucket-name/some/location/ The output files will be created in + gs://bucket-name/some/location/ and the names of the output files + could be anything because there was no filename prefix specified. If + multiple outputs, each response is still AnnotateFileResponse, each + of which contains some subset of the full list of + AnnotateImageResponse. Multiple outputs can happen if, for example, + the output JSON is too large and overflows into multiple sharded + files. + id: GoogleCloudVisionV1p4beta1GcsDestination + type: object + GoogleCloudVisionV1p1beta1Word: + description: A word representation. + id: GoogleCloudVisionV1p1beta1Word type: object properties: property: - description: Additional information detected for the symbol. + description: Additional information detected for the word. $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1TextAnnotationTextProperty + #/components/schemas/GoogleCloudVisionV1p1beta1TextAnnotationTextProperty + confidence: + type: number + format: float + description: Confidence of the OCR results for the word. Range [0, 1]. boundingBox: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' description: >- - The bounding box for the symbol. The vertices are in the order of + The bounding box for the word. The vertices are in the order of top-left, top-right, bottom-right, bottom-left. When a rotation of the bounding box is detected the rotation is represented as around the top-left corner as defined when the text is read in the @@ -4552,28 +4575,29 @@ components: might look like: 0----1 | | 3----2 * when it's rotated 180 degrees around the top-left corner it becomes: 2----3 | | 1----0 and the vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' - text: - description: The actual UTF-8 representation of the symbol. - type: string - confidence: - description: Confidence of the OCR results for the symbol. Range [0, 1]. + symbols: + type: array + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Symbol' + description: >- + List of symbols in the word. The order of the symbols follows the + natural reading order. + GoogleCloudVisionV1p1beta1FaceAnnotation: + properties: + landmarkingConfidence: type: number + description: Face landmarking confidence. Range [0, 1]. format: float - GoogleCloudVisionV1p2beta1SafeSearchAnnotation: - id: GoogleCloudVisionV1p2beta1SafeSearchAnnotation - description: >- - Set of features pertaining to the image, computed by computer vision - methods over safe-search verticals (for example, adult, spoof, medical, - violence). - type: object - properties: - adult: + fdBoundingPoly: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' description: >- - Represents the adult content likelihood for the image. Adult content - may contain elements such as nudity, pornographic images or - cartoons, or sexual activities. - type: string + The `fd_bounding_poly` bounding polygon is tighter than the + `boundingPoly`, and encloses only the skin part of the face. + Typically, it is used to eliminate the face from any image analysis + that detects the "amount of skin" visible in an image. It is not + based on the landmarker results, only on the initial face detection, + hence the fd (face detection) prefix. + underExposedLikelihood: enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -4581,6 +4605,7 @@ components: - It is possible. - It is likely. - It is very likely. + description: Under-exposed likelihood. enum: - UNKNOWN - VERY_UNLIKELY @@ -4588,10 +4613,8 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - spoof: - description: >- - Spoof likelihood. The likelihood that an modification was made to - the image's canonical version to make it appear funny or offensive. + type: string + headwearLikelihood: type: string enumDescriptions: - Unknown likelihood. @@ -4607,16 +4630,8 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - medical: - description: Likelihood that this is a medical image. - type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. + description: Headwear likelihood. + joyLikelihood: enum: - UNKNOWN - VERY_UNLIKELY @@ -4624,11 +4639,7 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - violence: - description: >- - Likelihood that this image contains violent content. Violent content - may include death, serious harm, or injury to individuals or groups - of individuals. + description: Joy likelihood. type: string enumDescriptions: - Unknown likelihood. @@ -4637,6 +4648,18 @@ components: - It is possible. - It is likely. - It is very likely. + detectionConfidence: + type: number + description: Detection confidence. Range [0, 1]. + format: float + tiltAngle: + description: >- + Pitch angle, which indicates the upwards/downwards angle that the + face is pointing relative to the image's horizontal plane. Range + [-180,180]. + type: number + format: float + blurredLikelihood: enum: - UNKNOWN - VERY_UNLIKELY @@ -4644,12 +4667,7 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - racy: - description: >- - Likelihood that the request image contains racy content. Racy - content may include (but is not limited to) skimpy or sheer - clothing, strategically covered nudity, lewd or provocative poses, - or close-ups of sensitive body areas. + description: Blurred likelihood. type: string enumDescriptions: - Unknown likelihood. @@ -4658,363 +4676,243 @@ components: - It is possible. - It is likely. - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - GoogleCloudVisionV1p2beta1ImageProperties: - id: GoogleCloudVisionV1p2beta1ImageProperties - description: Stores image properties, such as dominant colors. - type: object - properties: - dominantColors: - description: If present, dominant colors completed successfully. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1DominantColorsAnnotation - GoogleCloudVisionV1p2beta1DominantColorsAnnotation: - id: GoogleCloudVisionV1p2beta1DominantColorsAnnotation - description: Set of dominant colors and their corresponding scores. - type: object - properties: - colors: - description: RGB color values with their score and pixel fraction. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1ColorInfo' - GoogleCloudVisionV1p2beta1ColorInfo: - id: GoogleCloudVisionV1p2beta1ColorInfo - description: >- - Color information consists of RGB channels, score, and the fraction of - the image that the color occupies in the image. - type: object - properties: - color: - description: RGB components of the color. - $ref: '#/components/schemas/Color' - score: - description: Image-specific score for this color. Value in range [0, 1]. + panAngle: + description: >- + Yaw angle, which indicates the leftward/rightward angle that the + face is pointing relative to the vertical plane perpendicular to the + image. Range [-180,180]. type: number format: float - pixelFraction: + landmarks: + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1FaceAnnotationLandmark + type: array + description: Detected face landmarks. + boundingPoly: description: >- - The fraction of pixels the color occupies in the image. Value in - range [0, 1]. + The bounding polygon around the face. The coordinates of the + bounding box are in the original image's scale. The bounding box is + computed to "frame" the face in accordance with human expectations. + It is based on the landmarker results. Note that one or more x + and/or y coordinates may not be generated in the `BoundingPoly` (the + polygon will be unbounded) if only a partial face appears in the + image to be annotated. + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' + angerLikelihood: + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + description: Anger likelihood. + type: string + sorrowLikelihood: + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + type: string + description: Sorrow likelihood. + surpriseLikelihood: + description: Surprise likelihood. + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + type: string + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + rollAngle: + description: >- + Roll angle, which indicates the amount of clockwise/anti-clockwise + rotation of the face relative to the image vertical about the axis + perpendicular to the face. Range [-180,180]. type: number format: float - GoogleCloudVisionV1p2beta1CropHintsAnnotation: - id: GoogleCloudVisionV1p2beta1CropHintsAnnotation - description: >- - Set of crop hints that are used to generate new crops when serving - images. + description: A face annotation object contains the results of face detection. + id: GoogleCloudVisionV1p1beta1FaceAnnotation type: object + GoogleCloudVisionV1p3beta1ProductKeyValue: + description: A product label represented as a key-value pair. properties: - cropHints: - description: Crop hint results. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1CropHint' - GoogleCloudVisionV1p2beta1CropHint: - id: GoogleCloudVisionV1p2beta1CropHint - description: >- - Single crop hint that is used to generate a new crop when serving an - image. + key: + description: >- + The key of the label attached to the product. Cannot be empty and + cannot exceed 128 bytes. + type: string + value: + description: >- + The value of the label attached to the product. Cannot be empty and + cannot exceed 128 bytes. + type: string type: object + id: GoogleCloudVisionV1p3beta1ProductKeyValue + Word: properties: - boundingPoly: - description: >- - The bounding polygon for the crop region. The coordinates of the - bounding box are in the original image's scale. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' confidence: - description: Confidence of this being a salient region. Range [0, 1]. - type: number format: float - importanceFraction: - description: >- - Fraction of importance of this salient region with respect to the - original image. type: number - format: float - GoogleCloudVisionV1p2beta1WebDetection: - id: GoogleCloudVisionV1p2beta1WebDetection - description: Relevant information for the image from the Internet. + description: Confidence of the OCR results for the word. Range [0, 1]. + property: + description: Additional information detected for the word. + $ref: '#/components/schemas/TextProperty' + boundingBox: + description: >- + The bounding box for the word. The vertices are in the order of + top-left, top-right, bottom-right, bottom-left. When a rotation of + the bounding box is detected the rotation is represented as around + the top-left corner as defined when the text is read in the + 'natural' orientation. For example: * when the text is horizontal it + might look like: 0----1 | | 3----2 * when it's rotated 180 degrees + around the top-left corner it becomes: 2----3 | | 1----0 and the + vertex order will still be (0, 1, 2, 3). + $ref: '#/components/schemas/BoundingPoly' + symbols: + items: + $ref: '#/components/schemas/Symbol' + type: array + description: >- + List of symbols in the word. The order of the symbols follows the + natural reading order. + id: Word + description: A word representation. type: object + GoogleCloudVisionV1p3beta1TextAnnotationDetectedBreak: + id: GoogleCloudVisionV1p3beta1TextAnnotationDetectedBreak + description: Detected start or end of a structural component. properties: - webEntities: - description: Deduced entities from similar images on the Internet. + isPrefix: + type: boolean + description: True if break prepends the element. + type: + enum: + - UNKNOWN + - SPACE + - SURE_SPACE + - EOL_SURE_SPACE + - HYPHEN + - LINE_BREAK + type: string + enumDescriptions: + - Unknown break label type. + - Regular space. + - Sure space (very wide). + - Line-wrapping break. + - >- + End-line hyphen that is not present in text; does not co-occur + with `SPACE`, `LEADER_SPACE`, or `LINE_BREAK`. + - Line break that ends a paragraph. + description: Detected break type. + type: object + GoogleCloudVisionV1p3beta1WebDetection: + properties: + bestGuessLabels: + description: >- + The service's best guess as to the topic of the request image. + Inferred from similar images on the open web. type: array items: $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1WebDetectionWebEntity - fullMatchingImages: - description: >- - Fully matching images from the Internet. Can include resized copies - of the query image. - type: array + #/components/schemas/GoogleCloudVisionV1p3beta1WebDetectionWebLabel + webEntities: items: $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1WebDetectionWebImage + #/components/schemas/GoogleCloudVisionV1p3beta1WebDetectionWebEntity + description: Deduced entities from similar images on the Internet. + type: array partialMatchingImages: description: >- Partial matching images from the Internet. Those images are similar enough to share some key-point features. For example an original image will likely have partial matching for its crops. - type: array items: $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1WebDetectionWebImage - pagesWithMatchingImages: - description: Web pages containing the matching images from the Internet. + #/components/schemas/GoogleCloudVisionV1p3beta1WebDetectionWebImage type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1WebDetectionWebPage' visuallySimilarImages: description: The visually similar image results. type: array items: $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1WebDetectionWebImage - bestGuessLabels: + #/components/schemas/GoogleCloudVisionV1p3beta1WebDetectionWebImage + pagesWithMatchingImages: + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1WebDetectionWebPage' + description: Web pages containing the matching images from the Internet. + type: array + fullMatchingImages: description: >- - The service's best guess as to the topic of the request image. - Inferred from similar images on the open web. + Fully matching images from the Internet. Can include resized copies + of the query image. type: array items: $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1WebDetectionWebLabel - GoogleCloudVisionV1p2beta1WebDetectionWebEntity: - id: GoogleCloudVisionV1p2beta1WebDetectionWebEntity - description: Entity deduced from similar images on the Internet. + #/components/schemas/GoogleCloudVisionV1p3beta1WebDetectionWebImage + description: Relevant information for the image from the Internet. type: object - properties: - entityId: - description: Opaque entity ID. - type: string - score: - description: >- - Overall relevancy score for the entity. Not normalized and not - comparable across different image queries. - type: number - format: float - description: - description: Canonical description of the entity, in English. - type: string - GoogleCloudVisionV1p2beta1WebDetectionWebImage: - id: GoogleCloudVisionV1p2beta1WebDetectionWebImage - description: Metadata for online images. - type: object - properties: - url: - description: The result image URL. - type: string - score: - description: (Deprecated) Overall relevancy score for the image. - type: number - format: float - GoogleCloudVisionV1p2beta1WebDetectionWebPage: - id: GoogleCloudVisionV1p2beta1WebDetectionWebPage - description: Metadata for web pages. - type: object - properties: - url: - description: The result web page URL. - type: string - score: - description: (Deprecated) Overall relevancy score for the web page. - type: number - format: float - pageTitle: - description: Title for the web page, may contain HTML markups. - type: string - fullMatchingImages: - description: >- - Fully matching images on the page. Can include resized copies of the - query image. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1WebDetectionWebImage - partialMatchingImages: - description: >- - Partial matching images on the page. Those images are similar enough - to share some key-point features. For example an original image will - likely have partial matching for its crops. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1WebDetectionWebImage - GoogleCloudVisionV1p2beta1WebDetectionWebLabel: - id: GoogleCloudVisionV1p2beta1WebDetectionWebLabel - description: Label to provide extra metadata for the web detection. - type: object - properties: - label: - description: Label for extra metadata. - type: string - languageCode: - description: >- - The BCP-47 language code for `label`, such as "en-US" or "sr-Latn". - For more information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. - type: string - GoogleCloudVisionV1p2beta1ProductSearchResults: - id: GoogleCloudVisionV1p2beta1ProductSearchResults - description: Results for a product search request. + id: GoogleCloudVisionV1p3beta1WebDetection + GcsSource: + id: GcsSource + description: The Google Cloud Storage location where the input will be read from. type: object properties: - indexTime: - description: >- - Timestamp of the index which provided these results. Products added - to the product set and products removed from the product set after - this time are not reflected in the current results. + uri: type: string - format: google-datetime - results: - description: List of results, one for each product match. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1ProductSearchResultsResult - productGroupedResults: description: >- - List of results grouped by products detected in the query image. - Each entry corresponds to one bounding polygon in the query image, - and contains the matching products specific to that region. There - may be duplicate product matches in the union of all the per-product - results. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1ProductSearchResultsGroupedResult - GoogleCloudVisionV1p2beta1ProductSearchResultsResult: - id: GoogleCloudVisionV1p2beta1ProductSearchResultsResult - description: Information about a product. - type: object + Google Cloud Storage URI for the input file. This must only be a + Google Cloud Storage object. Wildcards are not currently supported. + GoogleCloudVisionV1p4beta1ColorInfo: properties: - product: - description: The Product. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Product' score: - description: >- - A confidence level on the match, ranging from 0 (no confidence) to 1 - (full confidence). type: number + description: Image-specific score for this color. Value in range [0, 1]. format: float - image: - description: >- - The resource name of the image from the product that is the closest - match to the query. - type: string - GoogleCloudVisionV1p2beta1Product: - id: GoogleCloudVisionV1p2beta1Product - description: A Product contains ReferenceImages. - type: object - properties: - name: - description: >- - The resource name of the product. Format is: - `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID`. This - field is ignored when creating a product. - type: string - displayName: - description: >- - The user-provided name for this Product. Must not be empty. Must be - at most 4096 characters long. - type: string - description: - description: >- - User-provided metadata to be stored with this product. Must be at - most 4096 characters long. - type: string - productCategory: - description: >- - Immutable. The category for the product identified by the reference - image. This should be one of "homegoods-v2", "apparel-v2", - "toys-v2", "packagedgoods-v1" or "general-v1". The legacy categories - "homegoods", "apparel", and "toys" are still supported, but these - should not be used for new products. - type: string - productLabels: + color: + description: RGB components of the color. + $ref: '#/components/schemas/Color' + pixelFraction: + type: number description: >- - Key-value pairs that can be attached to a product. At query time, - constraints can be specified based on the product_labels. Note that - integer values can be provided as strings, e.g. "1199". Only strings - with integer values can match a range-based restriction which is to - be supported soon. Multiple values can be assigned to the same key. - One product may have up to 500 product_labels. Notice that the total - number of distinct product_labels over all products in one - ProductSet cannot exceed 1M, otherwise the product search pipeline - will refuse to work for that ProductSet. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1ProductKeyValue' - GoogleCloudVisionV1p2beta1ProductKeyValue: - id: GoogleCloudVisionV1p2beta1ProductKeyValue - description: A product label represented as a key-value pair. + The fraction of pixels the color occupies in the image. Value in + range [0, 1]. + format: float type: object - properties: - key: - description: >- - The key of the label attached to the product. Cannot be empty and - cannot exceed 128 bytes. - type: string - value: - description: >- - The value of the label attached to the product. Cannot be empty and - cannot exceed 128 bytes. - type: string - GoogleCloudVisionV1p2beta1ProductSearchResultsGroupedResult: - id: GoogleCloudVisionV1p2beta1ProductSearchResultsGroupedResult + id: GoogleCloudVisionV1p4beta1ColorInfo description: >- - Information about the products similar to a single product in a query - image. - type: object - properties: - boundingPoly: - description: The bounding polygon around the product detected in the query image. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' - results: - description: List of results, one for each product match. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1ProductSearchResultsResult - objectAnnotations: - description: List of generic predictions for the object in the bounding box. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1ProductSearchResultsObjectAnnotation - GoogleCloudVisionV1p2beta1ProductSearchResultsObjectAnnotation: - id: GoogleCloudVisionV1p2beta1ProductSearchResultsObjectAnnotation - description: Prediction for what the object in the bounding box is. - type: object - properties: - mid: - description: Object ID that should align with EntityAnnotation mid. - type: string - languageCode: - description: >- - The BCP-47 language code, such as "en-US" or "sr-Latn". For more - information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. - type: string - name: - description: Object name, expressed in its `language_code` language. - type: string - score: - description: Score of the result. Range [0, 1]. - type: number - format: float + Color information consists of RGB channels, score, and the fraction of + the image that the color occupies in the image. GoogleCloudVisionV1p2beta1ImageAnnotationContext: - id: GoogleCloudVisionV1p2beta1ImageAnnotationContext description: >- If an image was produced from a file (e.g. a PDF), this message gives information about the source of that image. - type: object properties: uri: description: The URI of the file used to produce the image. @@ -5023,431 +4921,149 @@ components: description: >- If the file was a PDF or TIFF, this field gives the page number within the file used to produce the image. - type: integer format: int32 - GoogleCloudVisionV1p2beta1AsyncBatchAnnotateFilesResponse: - id: GoogleCloudVisionV1p2beta1AsyncBatchAnnotateFilesResponse - description: Response to an async batch file annotation request. + type: integer type: object + id: GoogleCloudVisionV1p2beta1ImageAnnotationContext + GoogleCloudVisionV1p4beta1CropHint: properties: - responses: + importanceFraction: + format: float + type: number description: >- - The list of file annotation responses, one for each request in - AsyncBatchAnnotateFilesRequest. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p2beta1AsyncAnnotateFileResponse - GoogleCloudVisionV1p2beta1AsyncAnnotateFileResponse: - id: GoogleCloudVisionV1p2beta1AsyncAnnotateFileResponse - description: The response for a single offline file annotation request. - type: object - properties: - outputConfig: - description: The output location and metadata from AsyncAnnotateFileRequest. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1OutputConfig' - GoogleCloudVisionV1p2beta1OutputConfig: - id: GoogleCloudVisionV1p2beta1OutputConfig - description: The desired output location and metadata. - type: object - properties: - gcsDestination: - description: The Google Cloud Storage location to write the output(s) to. - $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1GcsDestination' - batchSize: - description: >- - The max number of response protos to put into each output JSON file - on Google Cloud Storage. The valid range is [1, 100]. If not - specified, the default value is 20. For example, for one pdf file - with 100 pages, 100 response protos will be generated. If - `batch_size` = 20, then 5 json files each containing 20 response - protos will be written under the prefix `gcs_destination`.`uri`. - Currently, batch_size only applies to GcsDestination, with potential - future support for other output configurations. - type: integer - format: int32 - GoogleCloudVisionV1p2beta1GcsDestination: - id: GoogleCloudVisionV1p2beta1GcsDestination - description: The Google Cloud Storage location where the output will be written to. - type: object - properties: - uri: + Fraction of importance of this salient region with respect to the + original image. + boundingPoly: description: >- - Google Cloud Storage URI prefix where the results will be stored. - Results will be in JSON format and preceded by its corresponding - input URI prefix. This field can either represent a gcs file prefix - or gcs directory. In either case, the uri should be unique because - in order to get all of the output files, you will need to do a - wildcard gcs search on the uri prefix you provide. Examples: * File - Prefix: gs://bucket-name/here/filenameprefix The output files will - be created in gs://bucket-name/here/ and the names of the output - files will begin with "filenameprefix". * Directory Prefix: - gs://bucket-name/some/location/ The output files will be created in - gs://bucket-name/some/location/ and the names of the output files - could be anything because there was no filename prefix specified. If - multiple outputs, each response is still AnnotateFileResponse, each - of which contains some subset of the full list of - AnnotateImageResponse. Multiple outputs can happen if, for example, - the output JSON is too large and overflows into multiple sharded - files. - type: string - GoogleCloudVisionV1p2beta1OperationMetadata: - id: GoogleCloudVisionV1p2beta1OperationMetadata - description: Contains metadata for the BatchAnnotateImages operation. + The bounding polygon for the crop region. The coordinates of the + bounding box are in the original image's scale. + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' + confidence: + format: float + description: Confidence of this being a salient region. Range [0, 1]. + type: number type: object - properties: - state: - description: Current state of the batch operation. - type: string - enumDescriptions: - - Invalid. - - Request is received. - - Request is actively being processed. - - The batch processing is done. - - The batch processing was cancelled. - enum: - - STATE_UNSPECIFIED - - CREATED - - RUNNING - - DONE - - CANCELLED - createTime: - description: The time when the batch request was received. - type: string - format: google-datetime - updateTime: - description: The time when the operation result was last updated. - type: string - format: google-datetime - GoogleCloudVisionV1p3beta1BatchOperationMetadata: - id: GoogleCloudVisionV1p3beta1BatchOperationMetadata description: >- - Metadata for the batch operations such as the current state. This is - included in the `metadata` field of the `Operation` returned by the - `GetOperation` call of the `google::longrunning::Operations` service. + Single crop hint that is used to generate a new crop when serving an + image. + id: GoogleCloudVisionV1p4beta1CropHint + GoogleCloudVisionV1p4beta1FaceAnnotation: type: object + id: GoogleCloudVisionV1p4beta1FaceAnnotation + description: A face annotation object contains the results of face detection. properties: - state: - description: The current state of the batch operation. + angerLikelihood: type: string enumDescriptions: - - Invalid. - - Request is actively being processed. - - >- - The request is done and at least one item has been successfully - processed. - - The request is done and no item has been successfully processed. - - >- - The request is done after the - longrunning.Operations.CancelOperation has been called by the - user. Any records that were processed before the cancel command - are output as specified in the request. + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. enum: - - STATE_UNSPECIFIED - - PROCESSING - - SUCCESSFUL - - FAILED - - CANCELLED - submitTime: - description: The time when the batch request was submitted to the server. + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + description: Anger likelihood. + blurredLikelihood: + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY type: string - format: google-datetime - endTime: + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + description: Blurred likelihood. + panAngle: + format: float + type: number description: >- - The time when the batch request is finished and - google.longrunning.Operation.done is set to true. + Yaw angle, which indicates the leftward/rightward angle that the + face is pointing relative to the vertical plane perpendicular to the + image. Range [-180,180]. + sorrowLikelihood: + description: Sorrow likelihood. type: string - format: google-datetime - GoogleCloudVisionV1p3beta1ImportProductSetsResponse: - id: GoogleCloudVisionV1p3beta1ImportProductSetsResponse - description: >- - Response message for the `ImportProductSets` method. This message is - returned by the google.longrunning.Operations.GetOperation method in the - returned google.longrunning.Operation.response field. - type: object - properties: - referenceImages: - description: The list of reference_images that are imported successfully. + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + recognitionResult: type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1ReferenceImage' - statuses: description: >- - The rpc status for each ImportProductSet request, including both - successes and errors. The number of statuses here matches the number - of lines in the csv file, and statuses[i] stores the success or - failure status of processing the i-th line of the csv, starting from - line 0. - type: array + Additional recognition information. Only computed if + image_context.face_recognition_params is provided, **and** a match + is found to a Celebrity in the input CelebritySet. This field is + sorted in order of decreasing confidence values. items: - $ref: '#/components/schemas/Status' - GoogleCloudVisionV1p3beta1ReferenceImage: - id: GoogleCloudVisionV1p3beta1ReferenceImage - description: >- - A `ReferenceImage` represents a product image and its associated - metadata, such as bounding boxes. - type: object - properties: - name: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1FaceRecognitionResult + tiltAngle: description: >- - The resource name of the reference image. Format is: - `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID/referenceImages/IMAGE_ID`. - This field is ignored when creating a reference image. + Pitch angle, which indicates the upwards/downwards angle that the + face is pointing relative to the image's horizontal plane. Range + [-180,180]. + format: float + type: number + surpriseLikelihood: + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY type: string - uri: - description: >- - Required. The Google Cloud Storage URI of the reference image. The - URI must start with `gs://`. + description: Surprise likelihood. + headwearLikelihood: type: string - boundingPolys: - description: >- - Optional. Bounding polygons around the areas of interest in the - reference image. If this field is empty, the system will try to - detect regions of interest. At most 10 bounding polygons will be - used. The provided shape is converted into a non-rotated rectangle. - Once converted, the small edge of the rectangle must be greater than - or equal to 300 pixels. The aspect ratio must be 1:4 or less (i.e. - 1:3 is ok; 1:5 is not). - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' - GoogleCloudVisionV1p3beta1BoundingPoly: - id: GoogleCloudVisionV1p3beta1BoundingPoly - description: A bounding polygon for the detected image annotation. - type: object - properties: - vertices: - description: The bounding polygon vertices. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Vertex' - normalizedVertices: - description: The bounding polygon normalized vertices. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1NormalizedVertex' - GoogleCloudVisionV1p3beta1Vertex: - id: GoogleCloudVisionV1p3beta1Vertex - description: >- - A vertex represents a 2D point in the image. NOTE: the vertex - coordinates are in the same scale as the original image. - type: object - properties: - x: - description: X coordinate. - type: integer - format: int32 - 'y': - description: Y coordinate. - type: integer - format: int32 - GoogleCloudVisionV1p3beta1NormalizedVertex: - id: GoogleCloudVisionV1p3beta1NormalizedVertex - description: >- - A vertex represents a 2D point in the image. NOTE: the normalized vertex - coordinates are relative to the original image and range from 0 to 1. - type: object - properties: - x: - description: X coordinate. - type: number - format: float - 'y': - description: Y coordinate. - type: number - format: float - GoogleCloudVisionV1p3beta1AnnotateFileResponse: - id: GoogleCloudVisionV1p3beta1AnnotateFileResponse - description: >- - Response to a single file annotation request. A file may contain one or - more images, which individually have their own responses. - type: object - properties: - inputConfig: - description: Information about the file for which this response is generated. - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1InputConfig' - responses: - description: >- - Individual responses to images found within the file. This field - will be empty if the `error` field is set. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1AnnotateImageResponse - totalPages: - description: This field gives the total number of pages in the file. - type: integer - format: int32 - error: - description: >- - If set, represents the error message for the failed request. The - `responses` field will not be set in this case. - $ref: '#/components/schemas/Status' - GoogleCloudVisionV1p3beta1InputConfig: - id: GoogleCloudVisionV1p3beta1InputConfig - description: The desired input location and metadata. - type: object - properties: - gcsSource: - description: The Google Cloud Storage location to read the input from. - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1GcsSource' - content: - description: >- - File content, represented as a stream of bytes. Note: As with all - `bytes` fields, protobuffers use a pure binary representation, - whereas JSON representations use base64. Currently, this field only - works for BatchAnnotateFiles requests. It does not work for - AsyncBatchAnnotateFiles requests. - type: string - format: byte - mimeType: - description: >- - The type of the file. Currently only "application/pdf", "image/tiff" - and "image/gif" are supported. Wildcards are not supported. - type: string - GoogleCloudVisionV1p3beta1GcsSource: - id: GoogleCloudVisionV1p3beta1GcsSource - description: The Google Cloud Storage location where the input will be read from. - type: object - properties: - uri: - description: >- - Google Cloud Storage URI for the input file. This must only be a - Google Cloud Storage object. Wildcards are not currently supported. - type: string - GoogleCloudVisionV1p3beta1AnnotateImageResponse: - id: GoogleCloudVisionV1p3beta1AnnotateImageResponse - description: Response to an image annotation request. - type: object - properties: - faceAnnotations: - description: If present, face detection has completed successfully. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1FaceAnnotation' - landmarkAnnotations: - description: If present, landmark detection has completed successfully. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1EntityAnnotation' - logoAnnotations: - description: If present, logo detection has completed successfully. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1EntityAnnotation' - labelAnnotations: - description: If present, label detection has completed successfully. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1EntityAnnotation' - localizedObjectAnnotations: - description: >- - If present, localized object detection has completed successfully. - This will be sorted descending by confidence score. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1LocalizedObjectAnnotation - textAnnotations: - description: If present, text (OCR) detection has completed successfully. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1EntityAnnotation' - fullTextAnnotation: - description: >- - If present, text (OCR) detection or document (OCR) text detection - has completed successfully. This annotation provides the structural - hierarchy for the OCR detected text. - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1TextAnnotation' - safeSearchAnnotation: - description: If present, safe-search annotation has completed successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1SafeSearchAnnotation' - imagePropertiesAnnotation: - description: If present, image properties were extracted successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1ImageProperties' - cropHintsAnnotation: - description: If present, crop hints have completed successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1CropHintsAnnotation' - webDetection: - description: If present, web detection has completed successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1WebDetection' - productSearchResults: - description: If present, product search has completed successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1ProductSearchResults' - error: - description: >- - If set, represents the error message for the operation. Note that - filled-in image annotations are guaranteed to be correct, even when - `error` is set. - $ref: '#/components/schemas/Status' - context: - description: >- - If present, contextual information is needed to understand where - this image comes from. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1ImageAnnotationContext - GoogleCloudVisionV1p3beta1FaceAnnotation: - id: GoogleCloudVisionV1p3beta1FaceAnnotation - description: A face annotation object contains the results of face detection. - type: object - properties: - boundingPoly: - description: >- - The bounding polygon around the face. The coordinates of the - bounding box are in the original image's scale. The bounding box is - computed to "frame" the face in accordance with human expectations. - It is based on the landmarker results. Note that one or more x - and/or y coordinates may not be generated in the `BoundingPoly` (the - polygon will be unbounded) if only a partial face appears in the - image to be annotated. - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' - fdBoundingPoly: - description: >- - The `fd_bounding_poly` bounding polygon is tighter than the - `boundingPoly`, and encloses only the skin part of the face. - Typically, it is used to eliminate the face from any image analysis - that detects the "amount of skin" visible in an image. It is not - based on the landmarker results, only on the initial face detection, - hence the fd (face detection) prefix. - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' - landmarks: - description: Detected face landmarks. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1FaceAnnotationLandmark - rollAngle: - description: >- - Roll angle, which indicates the amount of clockwise/anti-clockwise - rotation of the face relative to the image vertical about the axis - perpendicular to the face. Range [-180,180]. - type: number - format: float - panAngle: - description: >- - Yaw angle, which indicates the leftward/rightward angle that the - face is pointing relative to the vertical plane perpendicular to the - image. Range [-180,180]. - type: number - format: float - tiltAngle: - description: >- - Pitch angle, which indicates the upwards/downwards angle that the - face is pointing relative to the image's horizontal plane. Range - [-180,180]. - type: number - format: float - detectionConfidence: - description: Detection confidence. Range [0, 1]. - type: number - format: float - landmarkingConfidence: - description: Face landmarking confidence. Range [0, 1]. - type: number - format: float + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + description: Headwear likelihood. + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. joyLikelihood: - description: Joy likelihood. type: string + description: Joy likelihood. enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -5462,16 +5078,12 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - sorrowLikelihood: - description: Sorrow likelihood. + landmarkingConfidence: + format: float + description: Face landmarking confidence. Range [0, 1]. + type: number + underExposedLikelihood: type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. enum: - UNKNOWN - VERY_UNLIKELY @@ -5479,9 +5091,7 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - angerLikelihood: - description: Anger likelihood. - type: string + description: Under-exposed likelihood. enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -5489,174 +5099,44 @@ components: - It is possible. - It is likely. - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - surpriseLikelihood: - description: Surprise likelihood. - type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - underExposedLikelihood: - description: Under-exposed likelihood. - type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - blurredLikelihood: - description: Blurred likelihood. - type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - headwearLikelihood: - description: Headwear likelihood. - type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - GoogleCloudVisionV1p3beta1FaceAnnotationLandmark: - id: GoogleCloudVisionV1p3beta1FaceAnnotationLandmark - description: >- - A face-specific landmark (for example, a face feature). Landmark - positions may fall outside the bounds of the image if the face is near - one or more edges of the image. Therefore it is NOT guaranteed that `0 - <= x < width` or `0 <= y < height`. - type: object - properties: - type: - description: Face landmark type. - type: string - enumDescriptions: - - Unknown face landmark detected. Should not be filled. - - Left eye. - - Right eye. - - Left of left eyebrow. - - Right of left eyebrow. - - Left of right eyebrow. - - Right of right eyebrow. - - Midpoint between eyes. - - Nose tip. - - Upper lip. - - Lower lip. - - Mouth left. - - Mouth right. - - Mouth center. - - Nose, bottom right. - - Nose, bottom left. - - Nose, bottom center. - - Left eye, top boundary. - - Left eye, right corner. - - Left eye, bottom boundary. - - Left eye, left corner. - - Right eye, top boundary. - - Right eye, right corner. - - Right eye, bottom boundary. - - Right eye, left corner. - - Left eyebrow, upper midpoint. - - Right eyebrow, upper midpoint. - - Left ear tragion. - - Right ear tragion. - - Left eye pupil. - - Right eye pupil. - - Forehead glabella. - - Chin gnathion. - - Chin left gonion. - - Chin right gonion. - - Left cheek center. - - Right cheek center. - enum: - - UNKNOWN_LANDMARK - - LEFT_EYE - - RIGHT_EYE - - LEFT_OF_LEFT_EYEBROW - - RIGHT_OF_LEFT_EYEBROW - - LEFT_OF_RIGHT_EYEBROW - - RIGHT_OF_RIGHT_EYEBROW - - MIDPOINT_BETWEEN_EYES - - NOSE_TIP - - UPPER_LIP - - LOWER_LIP - - MOUTH_LEFT - - MOUTH_RIGHT - - MOUTH_CENTER - - NOSE_BOTTOM_RIGHT - - NOSE_BOTTOM_LEFT - - NOSE_BOTTOM_CENTER - - LEFT_EYE_TOP_BOUNDARY - - LEFT_EYE_RIGHT_CORNER - - LEFT_EYE_BOTTOM_BOUNDARY - - LEFT_EYE_LEFT_CORNER - - RIGHT_EYE_TOP_BOUNDARY - - RIGHT_EYE_RIGHT_CORNER - - RIGHT_EYE_BOTTOM_BOUNDARY - - RIGHT_EYE_LEFT_CORNER - - LEFT_EYEBROW_UPPER_MIDPOINT - - RIGHT_EYEBROW_UPPER_MIDPOINT - - LEFT_EAR_TRAGION - - RIGHT_EAR_TRAGION - - LEFT_EYE_PUPIL - - RIGHT_EYE_PUPIL - - FOREHEAD_GLABELLA - - CHIN_GNATHION - - CHIN_LEFT_GONION - - CHIN_RIGHT_GONION - - LEFT_CHEEK_CENTER - - RIGHT_CHEEK_CENTER - position: - description: Face landmark position. - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Position' - GoogleCloudVisionV1p3beta1Position: - id: GoogleCloudVisionV1p3beta1Position + rollAngle: + format: float + description: >- + Roll angle, which indicates the amount of clockwise/anti-clockwise + rotation of the face relative to the image vertical about the axis + perpendicular to the face. Range [-180,180]. + type: number + landmarks: + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1FaceAnnotationLandmark + description: Detected face landmarks. + type: array + detectionConfidence: + type: number + description: Detection confidence. Range [0, 1]. + format: float + fdBoundingPoly: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' + description: >- + The `fd_bounding_poly` bounding polygon is tighter than the + `boundingPoly`, and encloses only the skin part of the face. + Typically, it is used to eliminate the face from any image analysis + that detects the "amount of skin" visible in an image. It is not + based on the landmarker results, only on the initial face detection, + hence the fd (face detection) prefix. + boundingPoly: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' + description: >- + The bounding polygon around the face. The coordinates of the + bounding box are in the original image's scale. The bounding box is + computed to "frame" the face in accordance with human expectations. + It is based on the landmarker results. Note that one or more x + and/or y coordinates may not be generated in the `BoundingPoly` (the + polygon will be unbounded) if only a partial face appears in the + image to be annotated. + Position: + id: Position description: >- A 3D position in the image, used primarily for Face detection landmarks. A valid Position must have both x and y coordinates. The position @@ -5664,130 +5144,142 @@ components: type: object properties: x: - description: X coordinate. - type: number format: float - 'y': - description: Y coordinate. type: number + description: X coordinate. + 'y': format: float + type: number + description: Y coordinate. z: + format: float description: Z coordinate (or depth). type: number - format: float - GoogleCloudVisionV1p3beta1EntityAnnotation: - id: GoogleCloudVisionV1p3beta1EntityAnnotation - description: Set of detected entity features. - type: object + GoogleCloudVisionV1p3beta1ReferenceImage: + description: >- + A `ReferenceImage` represents a product image and its associated + metadata, such as bounding boxes. properties: - mid: - description: >- - Opaque entity ID. Some IDs may be available in [Google Knowledge - Graph Search API](https://developers.google.com/knowledge-graph/). - type: string - locale: + uri: description: >- - The language code for the locale in which the entity textual - `description` is expressed. + Required. The Google Cloud Storage URI of the reference image. The + URI must start with `gs://`. type: string - description: - description: Entity textual description, expressed in its `locale` language. + name: type: string - score: - description: Overall score of the result. Range [0, 1]. - type: number - format: float - confidence: - description: >- - **Deprecated. Use `score` instead.** The accuracy of the entity - detection in an image. For example, for an image in which the - "Eiffel Tower" entity is detected, this field represents the - confidence that there is a tower in the query image. Range [0, 1]. - deprecated: true - type: number - format: float - topicality: description: >- - The relevancy of the ICA (Image Content Annotation) label to the - image. For example, the relevancy of "tower" is likely higher to an - image containing the detected "Eiffel Tower" than to an image - containing a detected distant towering building, even though the - confidence that there is a tower in each image may be the same. - Range [0, 1]. - type: number - format: float - boundingPoly: + The resource name of the reference image. Format is: + `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID/referenceImages/IMAGE_ID`. + This field is ignored when creating a reference image. + boundingPolys: + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' + type: array description: >- - Image region to which this entity belongs. Not produced for - `LABEL_DETECTION` features. - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' - locations: + Optional. Bounding polygons around the areas of interest in the + reference image. If this field is empty, the system will try to + detect regions of interest. At most 10 bounding polygons will be + used. The provided shape is converted into a non-rotated rectangle. + Once converted, the small edge of the rectangle must be greater than + or equal to 300 pixels. The aspect ratio must be 1:4 or less (i.e. + 1:3 is ok; 1:5 is not). + id: GoogleCloudVisionV1p3beta1ReferenceImage + type: object + WebDetection: + properties: + partialMatchingImages: + type: array + items: + $ref: '#/components/schemas/WebImage' description: >- - The location information for the detected entity. Multiple - `LocationInfo` elements can be present because one location may - indicate the location of the scene in the image, and another - location may indicate the location of the place where the image was - taken. Location information is usually present for landmarks. + Partial matching images from the Internet. Those images are similar + enough to share some key-point features. For example an original + image will likely have partial matching for its crops. + webEntities: type: array + description: Deduced entities from similar images on the Internet. items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1LocationInfo' - properties: + $ref: '#/components/schemas/WebEntity' + bestGuessLabels: + items: + $ref: '#/components/schemas/WebLabel' description: >- - Some entities may have optional user-supplied `Property` - (name/value) fields, such a score or string that qualifies the - entity. + The service's best guess as to the topic of the request image. + Inferred from similar images on the open web. + type: array + pagesWithMatchingImages: + description: Web pages containing the matching images from the Internet. type: array items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Property' - GoogleCloudVisionV1p3beta1LocationInfo: - id: GoogleCloudVisionV1p3beta1LocationInfo - description: Detected entity location information. + $ref: '#/components/schemas/WebPage' + fullMatchingImages: + items: + $ref: '#/components/schemas/WebImage' + description: >- + Fully matching images from the Internet. Can include resized copies + of the query image. + type: array + visuallySimilarImages: + items: + $ref: '#/components/schemas/WebImage' + description: The visually similar image results. + type: array + id: WebDetection + description: Relevant information for the image from the Internet. + type: object + GoogleCloudVisionV1p4beta1AsyncBatchAnnotateImagesResponse: type: object properties: - latLng: - description: lat/long location coordinates. - $ref: '#/components/schemas/LatLng' - GoogleCloudVisionV1p3beta1Property: - id: GoogleCloudVisionV1p3beta1Property - description: A `Property` consists of a user-supplied name/value pair. + outputConfig: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1OutputConfig' + description: >- + The output location and metadata from + AsyncBatchAnnotateImagesRequest. + description: Response to an async batch image annotation request. + id: GoogleCloudVisionV1p4beta1AsyncBatchAnnotateImagesResponse + GoogleCloudVisionV1p4beta1TextAnnotationTextProperty: + description: Additional information detected on the structural component. type: object properties: - name: - description: Name of the property. - type: string - value: - description: Value of the property. - type: string - uint64Value: - description: Value of numeric properties. - type: string - format: uint64 - GoogleCloudVisionV1p3beta1LocalizedObjectAnnotation: - id: GoogleCloudVisionV1p3beta1LocalizedObjectAnnotation - description: Set of detected objects with bounding boxes. + detectedLanguages: + description: A list of detected languages together with confidence. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1TextAnnotationDetectedLanguage + detectedBreak: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1TextAnnotationDetectedBreak + description: Detected start or end of a text segment. + id: GoogleCloudVisionV1p4beta1TextAnnotationTextProperty + Vertex: type: object properties: - mid: - description: Object ID that should align with EntityAnnotation mid. - type: string - languageCode: - description: >- - The BCP-47 language code, such as "en-US" or "sr-Latn". For more - information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. - type: string - name: - description: Object name, expressed in its `language_code` language. - type: string - score: - description: Score of the result. Range [0, 1]. - type: number - format: float - boundingPoly: - description: Image region to which this object belongs. This must be populated. - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' - GoogleCloudVisionV1p3beta1TextAnnotation: - id: GoogleCloudVisionV1p3beta1TextAnnotation + x: + format: int32 + description: X coordinate. + type: integer + 'y': + description: Y coordinate. + format: int32 + type: integer + id: Vertex + description: >- + A vertex represents a 2D point in the image. NOTE: the vertex + coordinates are in the same scale as the original image. + CropHintsAnnotation: + id: CropHintsAnnotation + description: >- + Set of crop hints that are used to generate new crops when serving + images. + type: object + properties: + cropHints: + type: array + items: + $ref: '#/components/schemas/CropHint' + description: Crop hint results. + GoogleCloudVisionV1p4beta1TextAnnotation: description: >- TextAnnotation contains a structured representation of OCR extracted text. The hierarchy of an OCR extracted text structure is like this: @@ -5796,115 +5288,81 @@ components: properties. Properties describe detected languages, breaks etc.. Please refer to the TextAnnotation.TextProperty message definition below for more detail. - type: object + id: GoogleCloudVisionV1p4beta1TextAnnotation properties: - pages: - description: List of pages detected by OCR. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Page' text: description: UTF-8 text detected on the pages. type: string - GoogleCloudVisionV1p3beta1Page: - id: GoogleCloudVisionV1p3beta1Page - description: Detected page from OCR. + pages: + description: List of pages detected by OCR. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Page' + type: array + type: object + AsyncBatchAnnotateFilesResponse: + id: AsyncBatchAnnotateFilesResponse + description: Response to an async batch file annotation request. type: object properties: - property: - description: Additional information detected on the page. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1TextAnnotationTextProperty - width: - description: >- - Page width. For PDFs the unit is points. For images (including - TIFFs) the unit is pixels. - type: integer - format: int32 - height: - description: >- - Page height. For PDFs the unit is points. For images (including - TIFFs) the unit is pixels. - type: integer - format: int32 - blocks: - description: List of blocks of text, images etc on this page. + responses: type: array items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Block' - confidence: - description: Confidence of the OCR results on the page. Range [0, 1]. + $ref: '#/components/schemas/AsyncAnnotateFileResponse' + description: >- + The list of file annotation responses, one for each request in + AsyncBatchAnnotateFilesRequest. + GoogleCloudVisionV1p4beta1ProductSearchResultsResult: + description: Information about a product. + id: GoogleCloudVisionV1p4beta1ProductSearchResultsResult + properties: + image: + description: >- + The resource name of the image from the product that is the closest + match to the query. + type: string + product: + description: The Product. + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Product' + score: type: number + description: >- + A confidence level on the match, ranging from 0 (no confidence) to 1 + (full confidence). format: float - GoogleCloudVisionV1p3beta1TextAnnotationTextProperty: - id: GoogleCloudVisionV1p3beta1TextAnnotationTextProperty - description: Additional information detected on the structural component. type: object + DominantColorsAnnotation: + id: DominantColorsAnnotation + description: Set of dominant colors and their corresponding scores. properties: - detectedLanguages: - description: A list of detected languages together with confidence. + colors: + description: RGB color values with their score and pixel fraction. type: array items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1TextAnnotationDetectedLanguage - detectedBreak: - description: Detected start or end of a text segment. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1TextAnnotationDetectedBreak - GoogleCloudVisionV1p3beta1TextAnnotationDetectedLanguage: - id: GoogleCloudVisionV1p3beta1TextAnnotationDetectedLanguage - description: Detected language for a structural component. + $ref: '#/components/schemas/ColorInfo' + type: object + GoogleCloudVisionV1p3beta1Word: + description: A word representation. type: object properties: - languageCode: - description: >- - The BCP-47 language code, such as "en-US" or "sr-Latn". For more - information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. - type: string confidence: - description: Confidence of detected language. Range [0, 1]. type: number format: float - GoogleCloudVisionV1p3beta1TextAnnotationDetectedBreak: - id: GoogleCloudVisionV1p3beta1TextAnnotationDetectedBreak - description: Detected start or end of a structural component. - type: object - properties: - type: - description: Detected break type. - type: string - enumDescriptions: - - Unknown break label type. - - Regular space. - - Sure space (very wide). - - Line-wrapping break. - - >- - End-line hyphen that is not present in text; does not co-occur - with `SPACE`, `LEADER_SPACE`, or `LINE_BREAK`. - - Line break that ends a paragraph. - enum: - - UNKNOWN - - SPACE - - SURE_SPACE - - EOL_SURE_SPACE - - HYPHEN - - LINE_BREAK - isPrefix: - description: True if break prepends the element. - type: boolean - GoogleCloudVisionV1p3beta1Block: - id: GoogleCloudVisionV1p3beta1Block - description: Logical element on the page. - type: object - properties: + description: Confidence of the OCR results for the word. Range [0, 1]. + symbols: + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Symbol' + type: array + description: >- + List of symbols in the word. The order of the symbols follows the + natural reading order. property: - description: Additional information detected for the block. $ref: >- #/components/schemas/GoogleCloudVisionV1p3beta1TextAnnotationTextProperty + description: Additional information detected for the word. boundingBox: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' description: >- - The bounding box for the block. The vertices are in the order of + The bounding box for the word. The vertices are in the order of top-left, top-right, bottom-right, bottom-left. When a rotation of the bounding box is detected the rotation is represented as around the top-left corner as defined when the text is read in the @@ -5912,14 +5370,140 @@ components: might look like: 0----1 | | 3----2 * when it's rotated 180 degrees around the top-left corner it becomes: 2----3 | | 1----0 and the vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' - paragraphs: - description: List of paragraphs in this block (if this blocks is of type text). + id: GoogleCloudVisionV1p3beta1Word + GoogleCloudVisionV1p2beta1CropHint: + description: >- + Single crop hint that is used to generate a new crop when serving an + image. + id: GoogleCloudVisionV1p2beta1CropHint + type: object + properties: + confidence: + description: Confidence of this being a salient region. Range [0, 1]. + type: number + format: float + boundingPoly: + description: >- + The bounding polygon for the crop region. The coordinates of the + bounding box are in the original image's scale. + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' + importanceFraction: + type: number + description: >- + Fraction of importance of this salient region with respect to the + original image. + format: float + GoogleCloudVisionV1p4beta1ProductSearchResults: + id: GoogleCloudVisionV1p4beta1ProductSearchResults + description: Results for a product search request. + type: object + properties: + indexTime: + type: string + description: >- + Timestamp of the index which provided these results. Products added + to the product set and products removed from the product set after + this time are not reflected in the current results. + format: google-datetime + results: + description: List of results, one for each product match. + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1ProductSearchResultsResult type: array + productGroupedResults: + description: >- + List of results grouped by products detected in the query image. + Each entry corresponds to one bounding polygon in the query image, + and contains the matching products specific to that region. There + may be duplicate product matches in the union of all the per-product + results. items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Paragraph' + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1ProductSearchResultsGroupedResult + type: array + GoogleCloudVisionV1p1beta1Position: + description: >- + A 3D position in the image, used primarily for Face detection landmarks. + A valid Position must have both x and y coordinates. The position + coordinates are in the same scale as the original image. + properties: + 'y': + type: number + format: float + description: Y coordinate. + x: + description: X coordinate. + type: number + format: float + z: + format: float + type: number + description: Z coordinate (or depth). + id: GoogleCloudVisionV1p1beta1Position + type: object + GoogleCloudVisionV1p3beta1TextAnnotationDetectedLanguage: + type: object + id: GoogleCloudVisionV1p3beta1TextAnnotationDetectedLanguage + properties: + languageCode: + description: >- + The BCP-47 language code, such as "en-US" or "sr-Latn". For more + information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + type: string + confidence: + description: Confidence of detected language. Range [0, 1]. + format: float + type: number + description: Detected language for a structural component. + GroupedResult: + type: object + description: >- + Information about the products similar to a single product in a query + image. + id: GroupedResult + properties: + boundingPoly: + description: The bounding polygon around the product detected in the query image. + $ref: '#/components/schemas/BoundingPoly' + objectAnnotations: + items: + $ref: '#/components/schemas/ObjectAnnotation' + type: array + description: List of generic predictions for the object in the bounding box. + results: + description: List of results, one for each product match. + type: array + items: + $ref: '#/components/schemas/Result' + GoogleCloudVisionV1p4beta1ProductSearchResultsGroupedResult: + type: object + properties: + results: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1ProductSearchResultsResult + description: List of results, one for each product match. + objectAnnotations: + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1ProductSearchResultsObjectAnnotation + type: array + description: List of generic predictions for the object in the bounding box. + boundingPoly: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' + description: The bounding polygon around the product detected in the query image. + id: GoogleCloudVisionV1p4beta1ProductSearchResultsGroupedResult + description: >- + Information about the products similar to a single product in a query + image. + GoogleCloudVisionV1p3beta1Block: + description: Logical element on the page. + type: object + properties: blockType: - description: Detected block type (text, image etc) for this block. type: string enumDescriptions: - Unknown block type. @@ -5928,6 +5512,7 @@ components: - Image block. - Horizontal/vertical line box. - Barcode block. + description: Detected block type (text, image etc) for this block. enum: - UNKNOWN - TEXT @@ -5935,22 +5520,14 @@ components: - PICTURE - RULER - BARCODE - confidence: - description: Confidence of the OCR results on the block. Range [0, 1]. - type: number - format: float - GoogleCloudVisionV1p3beta1Paragraph: - id: GoogleCloudVisionV1p3beta1Paragraph - description: Structural unit of text representing a number of words in certain order. - type: object - properties: - property: - description: Additional information detected for the paragraph. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1TextAnnotationTextProperty + paragraphs: + type: array + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Paragraph' + description: List of paragraphs in this block (if this blocks is of type text). boundingBox: description: >- - The bounding box for the paragraph. The vertices are in the order of + The bounding box for the block. The vertices are in the order of top-left, top-right, bottom-right, bottom-left. When a rotation of the bounding box is detected the rotation is represented as around the top-left corner as defined when the text is read in the @@ -5959,612 +5536,366 @@ components: around the top-left corner it becomes: 2----3 | | 1----0 and the vertex order will still be (0, 1, 2, 3). $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' - words: - description: List of all words in this paragraph. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Word' + property: + description: Additional information detected for the block. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p3beta1TextAnnotationTextProperty confidence: - description: Confidence of the OCR results for the paragraph. Range [0, 1]. type: number + description: Confidence of the OCR results on the block. Range [0, 1]. format: float - GoogleCloudVisionV1p3beta1Word: - id: GoogleCloudVisionV1p3beta1Word - description: A word representation. - type: object + id: GoogleCloudVisionV1p3beta1Block + ListOperationsResponse: + description: The response message for Operations.ListOperations. properties: - property: - description: Additional information detected for the word. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1TextAnnotationTextProperty - boundingBox: + unreachable: + items: + type: string + type: array description: >- - The bounding box for the word. The vertices are in the order of - top-left, top-right, bottom-right, bottom-left. When a rotation of - the bounding box is detected the rotation is represented as around - the top-left corner as defined when the text is read in the - 'natural' orientation. For example: * when the text is horizontal it - might look like: 0----1 | | 3----2 * when it's rotated 180 degrees - around the top-left corner it becomes: 2----3 | | 1----0 and the - vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' - symbols: + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + operations: description: >- - List of symbols in the word. The order of the symbols follows the - natural reading order. - type: array + A list of operations that matches the specified filter in the + request. items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Symbol' - confidence: - description: Confidence of the OCR results for the word. Range [0, 1]. - type: number - format: float - GoogleCloudVisionV1p3beta1Symbol: - id: GoogleCloudVisionV1p3beta1Symbol - description: A single symbol representation. + $ref: '#/components/schemas/Operation' + type: array + nextPageToken: + type: string + description: The standard List next-page token. type: object + id: ListOperationsResponse + GoogleCloudVisionV1p2beta1GcsSource: properties: - property: - description: Additional information detected for the symbol. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1TextAnnotationTextProperty - boundingBox: + uri: description: >- - The bounding box for the symbol. The vertices are in the order of - top-left, top-right, bottom-right, bottom-left. When a rotation of - the bounding box is detected the rotation is represented as around - the top-left corner as defined when the text is read in the - 'natural' orientation. For example: * when the text is horizontal it - might look like: 0----1 | | 3----2 * when it's rotated 180 degrees - around the top-left corner it becomes: 2----3 | | 1----0 and the - vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' - text: - description: The actual UTF-8 representation of the symbol. + Google Cloud Storage URI for the input file. This must only be a + Google Cloud Storage object. Wildcards are not currently supported. type: string - confidence: - description: Confidence of the OCR results for the symbol. Range [0, 1]. - type: number - format: float - GoogleCloudVisionV1p3beta1SafeSearchAnnotation: - id: GoogleCloudVisionV1p3beta1SafeSearchAnnotation - description: >- - Set of features pertaining to the image, computed by computer vision - methods over safe-search verticals (for example, adult, spoof, medical, - violence). type: object + description: The Google Cloud Storage location where the input will be read from. + id: GoogleCloudVisionV1p2beta1GcsSource + AnnotateImageResponse: + description: Response to an image annotation request. + id: AnnotateImageResponse properties: - adult: + cropHintsAnnotation: + $ref: '#/components/schemas/CropHintsAnnotation' + description: If present, crop hints have completed successfully. + productSearchResults: + description: If present, product search has completed successfully. + $ref: '#/components/schemas/ProductSearchResults' + textAnnotations: + type: array + description: If present, text (OCR) detection has completed successfully. + items: + $ref: '#/components/schemas/EntityAnnotation' + safeSearchAnnotation: + $ref: '#/components/schemas/SafeSearchAnnotation' + description: If present, safe-search annotation has completed successfully. + localizedObjectAnnotations: + items: + $ref: '#/components/schemas/LocalizedObjectAnnotation' + type: array description: >- - Represents the adult content likelihood for the image. Adult content - may contain elements such as nudity, pornographic images or - cartoons, or sexual activities. - type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - spoof: + If present, localized object detection has completed successfully. + This will be sorted descending by confidence score. + webDetection: + $ref: '#/components/schemas/WebDetection' + description: If present, web detection has completed successfully. + context: + $ref: '#/components/schemas/ImageAnnotationContext' description: >- - Spoof likelihood. The likelihood that an modification was made to - the image's canonical version to make it appear funny or offensive. - type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - medical: - description: Likelihood that this is a medical image. - type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - violence: + If present, contextual information is needed to understand where + this image comes from. + fullTextAnnotation: + $ref: '#/components/schemas/TextAnnotation' description: >- - Likelihood that this image contains violent content. Violent content - may include death, serious harm, or injury to individuals or groups - of individuals. - type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - racy: + If present, text (OCR) detection or document (OCR) text detection + has completed successfully. This annotation provides the structural + hierarchy for the OCR detected text. + imagePropertiesAnnotation: + description: If present, image properties were extracted successfully. + $ref: '#/components/schemas/ImageProperties' + logoAnnotations: + description: If present, logo detection has completed successfully. + items: + $ref: '#/components/schemas/EntityAnnotation' + type: array + faceAnnotations: + type: array + items: + $ref: '#/components/schemas/FaceAnnotation' + description: If present, face detection has completed successfully. + error: + $ref: '#/components/schemas/Status' description: >- - Likelihood that the request image contains racy content. Racy - content may include (but is not limited to) skimpy or sheer - clothing, strategically covered nudity, lewd or provocative poses, - or close-ups of sensitive body areas. - type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - GoogleCloudVisionV1p3beta1ImageProperties: - id: GoogleCloudVisionV1p3beta1ImageProperties - description: Stores image properties, such as dominant colors. - type: object - properties: - dominantColors: - description: If present, dominant colors completed successfully. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1DominantColorsAnnotation - GoogleCloudVisionV1p3beta1DominantColorsAnnotation: - id: GoogleCloudVisionV1p3beta1DominantColorsAnnotation - description: Set of dominant colors and their corresponding scores. - type: object - properties: - colors: - description: RGB color values with their score and pixel fraction. + If set, represents the error message for the operation. Note that + filled-in image annotations are guaranteed to be correct, even when + `error` is set. + landmarkAnnotations: + description: If present, landmark detection has completed successfully. type: array items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1ColorInfo' - GoogleCloudVisionV1p3beta1ColorInfo: - id: GoogleCloudVisionV1p3beta1ColorInfo - description: >- - Color information consists of RGB channels, score, and the fraction of - the image that the color occupies in the image. + $ref: '#/components/schemas/EntityAnnotation' + labelAnnotations: + items: + $ref: '#/components/schemas/EntityAnnotation' + description: If present, label detection has completed successfully. + type: array + type: object + GoogleCloudVisionV1p3beta1Position: type: object + id: GoogleCloudVisionV1p3beta1Position + description: >- + A 3D position in the image, used primarily for Face detection landmarks. + A valid Position must have both x and y coordinates. The position + coordinates are in the same scale as the original image. properties: - color: - description: RGB components of the color. - $ref: '#/components/schemas/Color' - score: - description: Image-specific score for this color. Value in range [0, 1]. + 'y': type: number format: float - pixelFraction: - description: >- - The fraction of pixels the color occupies in the image. Value in - range [0, 1]. + description: Y coordinate. + z: type: number + description: Z coordinate (or depth). format: float - GoogleCloudVisionV1p3beta1CropHintsAnnotation: - id: GoogleCloudVisionV1p3beta1CropHintsAnnotation - description: >- - Set of crop hints that are used to generate new crops when serving - images. - type: object + x: + format: float + description: X coordinate. + type: number + GoogleCloudVisionV1p2beta1BoundingPoly: + description: A bounding polygon for the detected image annotation. properties: - cropHints: - description: Crop hint results. + vertices: + description: The bounding polygon vertices. type: array items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1CropHint' - GoogleCloudVisionV1p3beta1CropHint: - id: GoogleCloudVisionV1p3beta1CropHint - description: >- - Single crop hint that is used to generate a new crop when serving an - image. + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Vertex' + normalizedVertices: + description: The bounding polygon normalized vertices. + type: array + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1NormalizedVertex' type: object - properties: - boundingPoly: - description: >- - The bounding polygon for the crop region. The coordinates of the - bounding box are in the original image's scale. + id: GoogleCloudVisionV1p2beta1BoundingPoly + GoogleCloudVisionV1p3beta1Paragraph: + properties: + boundingBox: $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' + description: >- + The bounding box for the paragraph. The vertices are in the order of + top-left, top-right, bottom-right, bottom-left. When a rotation of + the bounding box is detected the rotation is represented as around + the top-left corner as defined when the text is read in the + 'natural' orientation. For example: * when the text is horizontal it + might look like: 0----1 | | 3----2 * when it's rotated 180 degrees + around the top-left corner it becomes: 2----3 | | 1----0 and the + vertex order will still be (0, 1, 2, 3). + property: + description: Additional information detected for the paragraph. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p3beta1TextAnnotationTextProperty confidence: - description: Confidence of this being a salient region. Range [0, 1]. - type: number format: float - importanceFraction: - description: >- - Fraction of importance of this salient region with respect to the - original image. + description: Confidence of the OCR results for the paragraph. Range [0, 1]. type: number - format: float - GoogleCloudVisionV1p3beta1WebDetection: - id: GoogleCloudVisionV1p3beta1WebDetection - description: Relevant information for the image from the Internet. - type: object - properties: - webEntities: - description: Deduced entities from similar images on the Internet. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1WebDetectionWebEntity - fullMatchingImages: - description: >- - Fully matching images from the Internet. Can include resized copies - of the query image. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1WebDetectionWebImage - partialMatchingImages: - description: >- - Partial matching images from the Internet. Those images are similar - enough to share some key-point features. For example an original - image will likely have partial matching for its crops. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1WebDetectionWebImage - pagesWithMatchingImages: - description: Web pages containing the matching images from the Internet. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1WebDetectionWebPage' - visuallySimilarImages: - description: The visually similar image results. - type: array + words: items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1WebDetectionWebImage - bestGuessLabels: - description: >- - The service's best guess as to the topic of the request image. - Inferred from similar images on the open web. + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Word' + description: List of all words in this paragraph. type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1WebDetectionWebLabel - GoogleCloudVisionV1p3beta1WebDetectionWebEntity: - id: GoogleCloudVisionV1p3beta1WebDetectionWebEntity - description: Entity deduced from similar images on the Internet. + id: GoogleCloudVisionV1p3beta1Paragraph + type: object + description: Structural unit of text representing a number of words in certain order. + GoogleCloudVisionV1p1beta1WebDetectionWebImage: type: object properties: - entityId: - description: Opaque entity ID. - type: string score: - description: >- - Overall relevancy score for the entity. Not normalized and not - comparable across different image queries. + description: (Deprecated) Overall relevancy score for the image. type: number format: float - description: - description: Canonical description of the entity, in English. + url: type: string - GoogleCloudVisionV1p3beta1WebDetectionWebImage: - id: GoogleCloudVisionV1p3beta1WebDetectionWebImage + description: The result image URL. + id: GoogleCloudVisionV1p1beta1WebDetectionWebImage description: Metadata for online images. + GoogleCloudVisionV1p2beta1ColorInfo: + description: >- + Color information consists of RGB channels, score, and the fraction of + the image that the color occupies in the image. type: object properties: - url: - description: The result image URL. - type: string score: - description: (Deprecated) Overall relevancy score for the image. - type: number format: float - GoogleCloudVisionV1p3beta1WebDetectionWebPage: - id: GoogleCloudVisionV1p3beta1WebDetectionWebPage - description: Metadata for web pages. - type: object - properties: - url: - description: The result web page URL. - type: string - score: - description: (Deprecated) Overall relevancy score for the web page. + type: number + description: Image-specific score for this color. Value in range [0, 1]. + pixelFraction: type: number format: float - pageTitle: - description: Title for the web page, may contain HTML markups. - type: string - fullMatchingImages: - description: >- - Fully matching images on the page. Can include resized copies of the - query image. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1WebDetectionWebImage - partialMatchingImages: description: >- - Partial matching images on the page. Those images are similar enough - to share some key-point features. For example an original image will - likely have partial matching for its crops. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1WebDetectionWebImage - GoogleCloudVisionV1p3beta1WebDetectionWebLabel: - id: GoogleCloudVisionV1p3beta1WebDetectionWebLabel - description: Label to provide extra metadata for the web detection. + The fraction of pixels the color occupies in the image. Value in + range [0, 1]. + color: + description: RGB components of the color. + $ref: '#/components/schemas/Color' + id: GoogleCloudVisionV1p2beta1ColorInfo + WebDetectionParams: + id: WebDetectionParams + description: Parameters for web detection request. type: object properties: - label: - description: Label for extra metadata. - type: string - languageCode: - description: >- - The BCP-47 language code for `label`, such as "en-US" or "sr-Latn". - For more information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. - type: string - GoogleCloudVisionV1p3beta1ProductSearchResults: - id: GoogleCloudVisionV1p3beta1ProductSearchResults - description: Results for a product search request. - type: object + includeGeoResults: + deprecated: true + type: boolean + description: This field has no effect on results. + GoogleCloudVisionV1p3beta1ProductSearchResultsGroupedResult: properties: - indexTime: - description: >- - Timestamp of the index which provided these results. Products added - to the product set and products removed from the product set after - this time are not reflected in the current results. - type: string - format: google-datetime results: description: List of results, one for each product match. - type: array items: $ref: >- #/components/schemas/GoogleCloudVisionV1p3beta1ProductSearchResultsResult - productGroupedResults: - description: >- - List of results grouped by products detected in the query image. - Each entry corresponds to one bounding polygon in the query image, - and contains the matching products specific to that region. There - may be duplicate product matches in the union of all the per-product - results. type: array + boundingPoly: + description: The bounding polygon around the product detected in the query image. + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' + objectAnnotations: items: $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1ProductSearchResultsGroupedResult - GoogleCloudVisionV1p3beta1ProductSearchResultsResult: - id: GoogleCloudVisionV1p3beta1ProductSearchResultsResult - description: Information about a product. + #/components/schemas/GoogleCloudVisionV1p3beta1ProductSearchResultsObjectAnnotation + type: array + description: List of generic predictions for the object in the bounding box. + id: GoogleCloudVisionV1p3beta1ProductSearchResultsGroupedResult + description: >- + Information about the products similar to a single product in a query + image. + type: object + Image: type: object properties: - product: - description: The Product. - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Product' - score: - description: >- - A confidence level on the match, ranging from 0 (no confidence) to 1 - (full confidence). - type: number - format: float - image: + source: + $ref: '#/components/schemas/ImageSource' description: >- - The resource name of the image from the product that is the closest - match to the query. + Google Cloud Storage image location, or publicly-accessible image + URL. If both `content` and `source` are provided for an image, + `content` takes precedence and is used to perform the image + annotation request. + content: + format: byte type: string - GoogleCloudVisionV1p3beta1Product: - id: GoogleCloudVisionV1p3beta1Product - description: A Product contains ReferenceImages. + description: >- + Image content, represented as a stream of bytes. Note: As with all + `bytes` fields, protobuffers use a pure binary representation, + whereas JSON representations use base64. Currently, this field only + works for BatchAnnotateImages requests. It does not work for + AsyncBatchAnnotateImages requests. + description: Client image to perform Google Cloud Vision API tasks over. + id: Image + GoogleCloudVisionV1p1beta1EntityAnnotation: + description: Set of detected entity features. + id: GoogleCloudVisionV1p1beta1EntityAnnotation type: object properties: - name: - description: >- - The resource name of the product. Format is: - `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID`. This - field is ignored when creating a product. - type: string - displayName: + topicality: description: >- - The user-provided name for this Product. Must not be empty. Must be - at most 4096 characters long. - type: string - description: + The relevancy of the ICA (Image Content Annotation) label to the + image. For example, the relevancy of "tower" is likely higher to an + image containing the detected "Eiffel Tower" than to an image + containing a detected distant towering building, even though the + confidence that there is a tower in each image may be the same. + Range [0, 1]. + type: number + format: float + locations: description: >- - User-provided metadata to be stored with this product. Must be at - most 4096 characters long. + The location information for the detected entity. Multiple + `LocationInfo` elements can be present because one location may + indicate the location of the scene in the image, and another + location may indicate the location of the place where the image was + taken. Location information is usually present for landmarks. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1LocationInfo' + type: array + boundingPoly: + description: >- + Image region to which this entity belongs. Not produced for + `LABEL_DETECTION` features. + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' + description: + description: Entity textual description, expressed in its `locale` language. type: string - productCategory: + locale: description: >- - Immutable. The category for the product identified by the reference - image. This should be one of "homegoods-v2", "apparel-v2", - "toys-v2", "packagedgoods-v1" or "general-v1". The legacy categories - "homegoods", "apparel", and "toys" are still supported, but these - should not be used for new products. + The language code for the locale in which the entity textual + `description` is expressed. + type: string + mid: type: string - productLabels: description: >- - Key-value pairs that can be attached to a product. At query time, - constraints can be specified based on the product_labels. Note that - integer values can be provided as strings, e.g. "1199". Only strings - with integer values can match a range-based restriction which is to - be supported soon. Multiple values can be assigned to the same key. - One product may have up to 500 product_labels. Notice that the total - number of distinct product_labels over all products in one - ProductSet cannot exceed 1M, otherwise the product search pipeline - will refuse to work for that ProductSet. + Opaque entity ID. Some IDs may be available in [Google Knowledge + Graph Search API](https://developers.google.com/knowledge-graph/). + properties: type: array items: - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1ProductKeyValue' - GoogleCloudVisionV1p3beta1ProductKeyValue: - id: GoogleCloudVisionV1p3beta1ProductKeyValue - description: A product label represented as a key-value pair. - type: object - properties: - key: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Property' description: >- - The key of the label attached to the product. Cannot be empty and - cannot exceed 128 bytes. - type: string - value: + Some entities may have optional user-supplied `Property` + (name/value) fields, such a score or string that qualifies the + entity. + score: + description: Overall score of the result. Range [0, 1]. + format: float + type: number + confidence: description: >- - The value of the label attached to the product. Cannot be empty and - cannot exceed 128 bytes. - type: string - GoogleCloudVisionV1p3beta1ProductSearchResultsGroupedResult: - id: GoogleCloudVisionV1p3beta1ProductSearchResultsGroupedResult - description: >- - Information about the products similar to a single product in a query - image. - type: object - properties: - boundingPoly: - description: The bounding polygon around the product detected in the query image. - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' - results: - description: List of results, one for each product match. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1ProductSearchResultsResult - objectAnnotations: - description: List of generic predictions for the object in the bounding box. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1ProductSearchResultsObjectAnnotation - GoogleCloudVisionV1p3beta1ProductSearchResultsObjectAnnotation: - id: GoogleCloudVisionV1p3beta1ProductSearchResultsObjectAnnotation - description: Prediction for what the object in the bounding box is. + **Deprecated. Use `score` instead.** The accuracy of the entity + detection in an image. For example, for an image in which the + "Eiffel Tower" entity is detected, this field represents the + confidence that there is a tower in the query image. Range [0, 1]. + format: float + deprecated: true + type: number + GoogleCloudVisionV1p3beta1LocalizedObjectAnnotation: type: object properties: mid: description: Object ID that should align with EntityAnnotation mid. type: string - languageCode: - description: >- - The BCP-47 language code, such as "en-US" or "sr-Latn". For more - information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. - type: string name: - description: Object name, expressed in its `language_code` language. type: string + description: Object name, expressed in its `language_code` language. + boundingPoly: + description: Image region to which this object belongs. This must be populated. + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' score: - description: Score of the result. Range [0, 1]. type: number + description: Score of the result. Range [0, 1]. format: float - GoogleCloudVisionV1p3beta1ImageAnnotationContext: - id: GoogleCloudVisionV1p3beta1ImageAnnotationContext - description: >- - If an image was produced from a file (e.g. a PDF), this message gives - information about the source of that image. - type: object - properties: - uri: - description: The URI of the file used to produce the image. - type: string - pageNumber: - description: >- - If the file was a PDF or TIFF, this field gives the page number - within the file used to produce the image. - type: integer - format: int32 - GoogleCloudVisionV1p3beta1AsyncBatchAnnotateFilesResponse: - id: GoogleCloudVisionV1p3beta1AsyncBatchAnnotateFilesResponse - description: Response to an async batch file annotation request. - type: object - properties: - responses: - description: >- - The list of file annotation responses, one for each request in - AsyncBatchAnnotateFilesRequest. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p3beta1AsyncAnnotateFileResponse - GoogleCloudVisionV1p3beta1AsyncAnnotateFileResponse: - id: GoogleCloudVisionV1p3beta1AsyncAnnotateFileResponse - description: The response for a single offline file annotation request. - type: object - properties: - outputConfig: - description: The output location and metadata from AsyncAnnotateFileRequest. - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1OutputConfig' - GoogleCloudVisionV1p3beta1OutputConfig: - id: GoogleCloudVisionV1p3beta1OutputConfig - description: The desired output location and metadata. - type: object - properties: - gcsDestination: - description: The Google Cloud Storage location to write the output(s) to. - $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1GcsDestination' - batchSize: - description: >- - The max number of response protos to put into each output JSON file - on Google Cloud Storage. The valid range is [1, 100]. If not - specified, the default value is 20. For example, for one pdf file - with 100 pages, 100 response protos will be generated. If - `batch_size` = 20, then 5 json files each containing 20 response - protos will be written under the prefix `gcs_destination`.`uri`. - Currently, batch_size only applies to GcsDestination, with potential - future support for other output configurations. - type: integer - format: int32 - GoogleCloudVisionV1p3beta1GcsDestination: - id: GoogleCloudVisionV1p3beta1GcsDestination - description: The Google Cloud Storage location where the output will be written to. - type: object - properties: - uri: + languageCode: description: >- - Google Cloud Storage URI prefix where the results will be stored. - Results will be in JSON format and preceded by its corresponding - input URI prefix. This field can either represent a gcs file prefix - or gcs directory. In either case, the uri should be unique because - in order to get all of the output files, you will need to do a - wildcard gcs search on the uri prefix you provide. Examples: * File - Prefix: gs://bucket-name/here/filenameprefix The output files will - be created in gs://bucket-name/here/ and the names of the output - files will begin with "filenameprefix". * Directory Prefix: - gs://bucket-name/some/location/ The output files will be created in - gs://bucket-name/some/location/ and the names of the output files - could be anything because there was no filename prefix specified. If - multiple outputs, each response is still AnnotateFileResponse, each - of which contains some subset of the full list of - AnnotateImageResponse. Multiple outputs can happen if, for example, - the output JSON is too large and overflows into multiple sharded - files. + The BCP-47 language code, such as "en-US" or "sr-Latn". For more + information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. type: string - GoogleCloudVisionV1p3beta1OperationMetadata: - id: GoogleCloudVisionV1p3beta1OperationMetadata - description: Contains metadata for the BatchAnnotateImages operation. + id: GoogleCloudVisionV1p3beta1LocalizedObjectAnnotation + description: Set of detected objects with bounding boxes. + OperationMetadata: type: object + id: OperationMetadata + description: Contains metadata for the BatchAnnotateImages operation. properties: + createTime: + format: google-datetime + type: string + description: The time when the batch request was received. state: - description: Current state of the batch operation. type: string + description: Current state of the batch operation. enumDescriptions: - Invalid. - Request is received. @@ -6577,25 +5908,61 @@ components: - RUNNING - DONE - CANCELLED - createTime: - description: The time when the batch request was received. - type: string - format: google-datetime updateTime: - description: The time when the operation result was last updated. - type: string format: google-datetime - GoogleCloudVisionV1p4beta1BatchOperationMetadata: - id: GoogleCloudVisionV1p4beta1BatchOperationMetadata + type: string + description: The time when the operation result was last updated. + GoogleCloudVisionV1p4beta1Word: + properties: + property: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1TextAnnotationTextProperty + description: Additional information detected for the word. + boundingBox: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' + description: >- + The bounding box for the word. The vertices are in the order of + top-left, top-right, bottom-right, bottom-left. When a rotation of + the bounding box is detected the rotation is represented as around + the top-left corner as defined when the text is read in the + 'natural' orientation. For example: * when the text is horizontal it + might look like: 0----1 | | 3----2 * when it's rotated 180 degrees + around the top-left corner it becomes: 2----3 | | 1----0 and the + vertex order will still be (0, 1, 2, 3). + symbols: + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Symbol' + description: >- + List of symbols in the word. The order of the symbols follows the + natural reading order. + type: array + confidence: + description: Confidence of the OCR results for the word. Range [0, 1]. + format: float + type: number + type: object + description: A word representation. + id: GoogleCloudVisionV1p4beta1Word + BatchOperationMetadata: + type: object description: >- Metadata for the batch operations such as the current state. This is included in the `metadata` field of the `Operation` returned by the `GetOperation` call of the `google::longrunning::Operations` service. - type: object + id: BatchOperationMetadata properties: - state: - description: The current state of the batch operation. - type: string + submitTime: + format: google-datetime + type: string + description: The time when the batch request was submitted to the server. + state: + type: string + enum: + - STATE_UNSPECIFIED + - PROCESSING + - SUCCESSFUL + - FAILED + - CANCELLED enumDescriptions: - Invalid. - Request is actively being processed. @@ -6608,64 +5975,36 @@ components: longrunning.Operations.CancelOperation has been called by the user. Any records that were processed before the cancel command are output as specified in the request. - enum: - - STATE_UNSPECIFIED - - PROCESSING - - SUCCESSFUL - - FAILED - - CANCELLED - submitTime: - description: The time when the batch request was submitted to the server. - type: string - format: google-datetime + description: The current state of the batch operation. endTime: + type: string description: >- The time when the batch request is finished and google.longrunning.Operation.done is set to true. - type: string format: google-datetime - GoogleCloudVisionV1p4beta1ImportProductSetsResponse: - id: GoogleCloudVisionV1p4beta1ImportProductSetsResponse - description: >- - Response message for the `ImportProductSets` method. This message is - returned by the google.longrunning.Operations.GetOperation method in the - returned google.longrunning.Operation.response field. - type: object + WebLabel: + description: Label to provide extra metadata for the web detection. + id: WebLabel properties: - referenceImages: - description: The list of reference_images that are imported successfully. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1ReferenceImage' - statuses: + languageCode: + type: string description: >- - The rpc status for each ImportProductSet request, including both - successes and errors. The number of statuses here matches the number - of lines in the csv file, and statuses[i] stores the success or - failure status of processing the i-th line of the csv, starting from - line 0. - type: array - items: - $ref: '#/components/schemas/Status' - GoogleCloudVisionV1p4beta1ReferenceImage: - id: GoogleCloudVisionV1p4beta1ReferenceImage - description: >- - A `ReferenceImage` represents a product image and its associated - metadata, such as bounding boxes. + The BCP-47 language code for `label`, such as "en-US" or "sr-Latn". + For more information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + label: + type: string + description: Label for extra metadata. type: object + ReferenceImage: properties: - name: - description: >- - The resource name of the reference image. Format is: - `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID/referenceImages/IMAGE_ID`. - This field is ignored when creating a reference image. - type: string uri: + type: string description: >- Required. The Google Cloud Storage URI of the reference image. The URI must start with `gs://`. - type: string boundingPolys: + type: array description: >- Optional. Bounding polygons around the areas of interest in the reference image. If this field is empty, the system will try to @@ -6674,39 +6013,156 @@ components: Once converted, the small edge of the rectangle must be greater than or equal to 300 pixels. The aspect ratio must be 1:4 or less (i.e. 1:3 is ok; 1:5 is not). - type: array items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' - GoogleCloudVisionV1p4beta1BoundingPoly: - id: GoogleCloudVisionV1p4beta1BoundingPoly - description: A bounding polygon for the detected image annotation. + $ref: '#/components/schemas/BoundingPoly' + name: + description: >- + The resource name of the reference image. Format is: + `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID/referenceImages/IMAGE_ID`. + This field is ignored when creating a reference image. + type: string type: object + description: >- + A `ReferenceImage` represents a product image and its associated + metadata, such as bounding boxes. + id: ReferenceImage + GoogleCloudVisionV1p2beta1GcsDestination: + id: GoogleCloudVisionV1p2beta1GcsDestination properties: - vertices: - description: The bounding polygon vertices. + uri: + type: string + description: >- + Google Cloud Storage URI prefix where the results will be stored. + Results will be in JSON format and preceded by its corresponding + input URI prefix. This field can either represent a gcs file prefix + or gcs directory. In either case, the uri should be unique because + in order to get all of the output files, you will need to do a + wildcard gcs search on the uri prefix you provide. Examples: * File + Prefix: gs://bucket-name/here/filenameprefix The output files will + be created in gs://bucket-name/here/ and the names of the output + files will begin with "filenameprefix". * Directory Prefix: + gs://bucket-name/some/location/ The output files will be created in + gs://bucket-name/some/location/ and the names of the output files + could be anything because there was no filename prefix specified. If + multiple outputs, each response is still AnnotateFileResponse, each + of which contains some subset of the full list of + AnnotateImageResponse. Multiple outputs can happen if, for example, + the output JSON is too large and overflows into multiple sharded + files. + type: object + description: The Google Cloud Storage location where the output will be written to. + Empty: + id: Empty + type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + properties: {} + GoogleCloudVisionV1p1beta1LocalizedObjectAnnotation: + description: Set of detected objects with bounding boxes. + id: GoogleCloudVisionV1p1beta1LocalizedObjectAnnotation + type: object + properties: + boundingPoly: + description: Image region to which this object belongs. This must be populated. + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' + name: + description: Object name, expressed in its `language_code` language. + type: string + score: + type: number + description: Score of the result. Range [0, 1]. + format: float + mid: + description: Object ID that should align with EntityAnnotation mid. + type: string + languageCode: + description: >- + The BCP-47 language code, such as "en-US" or "sr-Latn". For more + information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + type: string + GoogleCloudVisionV1p4beta1WebDetectionWebPage: + type: object + properties: + pageTitle: + description: Title for the web page, may contain HTML markups. + type: string + score: + description: (Deprecated) Overall relevancy score for the web page. + type: number + format: float + fullMatchingImages: + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1WebDetectionWebImage + description: >- + Fully matching images on the page. Can include resized copies of the + query image. type: array + partialMatchingImages: + type: array + description: >- + Partial matching images on the page. Those images are similar enough + to share some key-point features. For example an original image will + likely have partial matching for its crops. items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Vertex' - normalizedVertices: - description: The bounding polygon normalized vertices. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1WebDetectionWebImage + url: + description: The result web page URL. + type: string + description: Metadata for web pages. + id: GoogleCloudVisionV1p4beta1WebDetectionWebPage + TextProperty: + description: Additional information detected on the structural component. + id: TextProperty + type: object + properties: + detectedBreak: + $ref: '#/components/schemas/DetectedBreak' + description: Detected start or end of a text segment. + detectedLanguages: + description: A list of detected languages together with confidence. type: array items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1NormalizedVertex' - GoogleCloudVisionV1p4beta1Vertex: - id: GoogleCloudVisionV1p4beta1Vertex - description: >- - A vertex represents a 2D point in the image. NOTE: the vertex - coordinates are in the same scale as the original image. + $ref: '#/components/schemas/DetectedLanguage' + GoogleCloudVisionV1p4beta1BatchAnnotateFilesResponse: type: object + description: A list of file annotation responses. properties: - x: - description: X coordinate. - type: integer - format: int32 - 'y': - description: Y coordinate. - type: integer - format: int32 + responses: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1AnnotateFileResponse + description: >- + The list of file annotation responses, each response corresponding + to each AnnotateFileRequest in BatchAnnotateFilesRequest. + id: GoogleCloudVisionV1p4beta1BatchAnnotateFilesResponse + GoogleCloudVisionV1p1beta1ProductSearchResultsObjectAnnotation: + id: GoogleCloudVisionV1p1beta1ProductSearchResultsObjectAnnotation + properties: + mid: + type: string + description: Object ID that should align with EntityAnnotation mid. + languageCode: + type: string + description: >- + The BCP-47 language code, such as "en-US" or "sr-Latn". For more + information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + score: + type: number + format: float + description: Score of the result. Range [0, 1]. + name: + type: string + description: Object name, expressed in its `language_code` language. + type: object + description: Prediction for what the object in the bounding box is. GoogleCloudVisionV1p4beta1NormalizedVertex: id: GoogleCloudVisionV1p4beta1NormalizedVertex description: >- @@ -6715,205 +6171,37 @@ components: type: object properties: x: + format: float description: X coordinate. type: number - format: float 'y': description: Y coordinate. type: number format: float - GoogleCloudVisionV1p4beta1AnnotateFileResponse: - id: GoogleCloudVisionV1p4beta1AnnotateFileResponse - description: >- - Response to a single file annotation request. A file may contain one or - more images, which individually have their own responses. - type: object + GoogleCloudVisionV1p1beta1ProductKeyValue: + description: A product label represented as a key-value pair. properties: - inputConfig: - description: Information about the file for which this response is generated. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1InputConfig' - responses: + key: description: >- - Individual responses to images found within the file. This field - will be empty if the `error` field is set. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1AnnotateImageResponse - totalPages: - description: This field gives the total number of pages in the file. - type: integer - format: int32 - error: - description: >- - If set, represents the error message for the failed request. The - `responses` field will not be set in this case. - $ref: '#/components/schemas/Status' - GoogleCloudVisionV1p4beta1InputConfig: - id: GoogleCloudVisionV1p4beta1InputConfig - description: The desired input location and metadata. - type: object - properties: - gcsSource: - description: The Google Cloud Storage location to read the input from. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1GcsSource' - content: - description: >- - File content, represented as a stream of bytes. Note: As with all - `bytes` fields, protobuffers use a pure binary representation, - whereas JSON representations use base64. Currently, this field only - works for BatchAnnotateFiles requests. It does not work for - AsyncBatchAnnotateFiles requests. - type: string - format: byte - mimeType: - description: >- - The type of the file. Currently only "application/pdf", "image/tiff" - and "image/gif" are supported. Wildcards are not supported. + The key of the label attached to the product. Cannot be empty and + cannot exceed 128 bytes. type: string - GoogleCloudVisionV1p4beta1GcsSource: - id: GoogleCloudVisionV1p4beta1GcsSource - description: The Google Cloud Storage location where the input will be read from. - type: object - properties: - uri: + value: description: >- - Google Cloud Storage URI for the input file. This must only be a - Google Cloud Storage object. Wildcards are not currently supported. + The value of the label attached to the product. Cannot be empty and + cannot exceed 128 bytes. type: string - GoogleCloudVisionV1p4beta1AnnotateImageResponse: - id: GoogleCloudVisionV1p4beta1AnnotateImageResponse - description: Response to an image annotation request. + id: GoogleCloudVisionV1p1beta1ProductKeyValue type: object - properties: - faceAnnotations: - description: If present, face detection has completed successfully. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1FaceAnnotation' - landmarkAnnotations: - description: If present, landmark detection has completed successfully. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1EntityAnnotation' - logoAnnotations: - description: If present, logo detection has completed successfully. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1EntityAnnotation' - labelAnnotations: - description: If present, label detection has completed successfully. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1EntityAnnotation' - localizedObjectAnnotations: - description: >- - If present, localized object detection has completed successfully. - This will be sorted descending by confidence score. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1LocalizedObjectAnnotation - textAnnotations: - description: If present, text (OCR) detection has completed successfully. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1EntityAnnotation' - fullTextAnnotation: - description: >- - If present, text (OCR) detection or document (OCR) text detection - has completed successfully. This annotation provides the structural - hierarchy for the OCR detected text. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1TextAnnotation' - safeSearchAnnotation: - description: If present, safe-search annotation has completed successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1SafeSearchAnnotation' - imagePropertiesAnnotation: - description: If present, image properties were extracted successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1ImageProperties' - cropHintsAnnotation: - description: If present, crop hints have completed successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1CropHintsAnnotation' - webDetection: - description: If present, web detection has completed successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1WebDetection' - productSearchResults: - description: If present, product search has completed successfully. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1ProductSearchResults' - error: - description: >- - If set, represents the error message for the operation. Note that - filled-in image annotations are guaranteed to be correct, even when - `error` is set. - $ref: '#/components/schemas/Status' - context: - description: >- - If present, contextual information is needed to understand where - this image comes from. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1ImageAnnotationContext - GoogleCloudVisionV1p4beta1FaceAnnotation: - id: GoogleCloudVisionV1p4beta1FaceAnnotation - description: A face annotation object contains the results of face detection. + GoogleCloudVisionV1p4beta1SafeSearchAnnotation: + description: >- + Set of features pertaining to the image, computed by computer vision + methods over safe-search verticals (for example, adult, spoof, medical, + violence). + id: GoogleCloudVisionV1p4beta1SafeSearchAnnotation type: object properties: - boundingPoly: - description: >- - The bounding polygon around the face. The coordinates of the - bounding box are in the original image's scale. The bounding box is - computed to "frame" the face in accordance with human expectations. - It is based on the landmarker results. Note that one or more x - and/or y coordinates may not be generated in the `BoundingPoly` (the - polygon will be unbounded) if only a partial face appears in the - image to be annotated. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' - fdBoundingPoly: - description: >- - The `fd_bounding_poly` bounding polygon is tighter than the - `boundingPoly`, and encloses only the skin part of the face. - Typically, it is used to eliminate the face from any image analysis - that detects the "amount of skin" visible in an image. It is not - based on the landmarker results, only on the initial face detection, - hence the fd (face detection) prefix. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' - landmarks: - description: Detected face landmarks. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1FaceAnnotationLandmark - rollAngle: - description: >- - Roll angle, which indicates the amount of clockwise/anti-clockwise - rotation of the face relative to the image vertical about the axis - perpendicular to the face. Range [-180,180]. - type: number - format: float - panAngle: - description: >- - Yaw angle, which indicates the leftward/rightward angle that the - face is pointing relative to the vertical plane perpendicular to the - image. Range [-180,180]. - type: number - format: float - tiltAngle: - description: >- - Pitch angle, which indicates the upwards/downwards angle that the - face is pointing relative to the image's horizontal plane. Range - [-180,180]. - type: number - format: float - detectionConfidence: - description: Detection confidence. Range [0, 1]. - type: number - format: float - landmarkingConfidence: - description: Face landmarking confidence. Range [0, 1]. - type: number - format: float - joyLikelihood: - description: Joy likelihood. - type: string + medical: enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -6921,23 +6209,8 @@ components: - It is possible. - It is likely. - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - sorrowLikelihood: - description: Sorrow likelihood. type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. + description: Likelihood that this is a medical image. enum: - UNKNOWN - VERY_UNLIKELY @@ -6945,9 +6218,7 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - angerLikelihood: - description: Anger likelihood. - type: string + violence: enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -6955,6 +6226,10 @@ components: - It is possible. - It is likely. - It is very likely. + description: >- + Likelihood that this image contains violent content. Violent content + may include death, serious harm, or injury to individuals or groups + of individuals. enum: - UNKNOWN - VERY_UNLIKELY @@ -6962,8 +6237,13 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - surpriseLikelihood: - description: Surprise likelihood. + type: string + racy: + description: >- + Likelihood that the request image contains racy content. Racy + content may include (but is not limited to) skimpy or sheer + clothing, strategically covered nudity, lewd or provocative poses, + or close-ups of sensitive body areas. type: string enumDescriptions: - Unknown likelihood. @@ -6979,9 +6259,10 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - underExposedLikelihood: - description: Under-exposed likelihood. - type: string + spoof: + description: >- + Spoof likelihood. The likelihood that an modification was made to + the image's canonical version to make it appear funny or offensive. enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -6989,6 +6270,7 @@ components: - It is possible. - It is likely. - It is very likely. + type: string enum: - UNKNOWN - VERY_UNLIKELY @@ -6996,16 +6278,11 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - blurredLikelihood: - description: Blurred likelihood. - type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. + adult: + description: >- + Represents the adult content likelihood for the image. Adult content + may contain elements such as nudity, pornographic images or + cartoons, or sexual activities. enum: - UNKNOWN - VERY_UNLIKELY @@ -7013,9 +6290,6 @@ components: - POSSIBLE - LIKELY - VERY_LIKELY - headwearLikelihood: - description: Headwear likelihood. - type: string enumDescriptions: - Unknown likelihood. - It is very unlikely. @@ -7023,1116 +6297,1850 @@ components: - It is possible. - It is likely. - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - recognitionResult: - description: >- - Additional recognition information. Only computed if - image_context.face_recognition_params is provided, **and** a match - is found to a Celebrity in the input CelebritySet. This field is - sorted in order of decreasing confidence values. + type: string + GoogleCloudVisionV1p2beta1Symbol: + id: GoogleCloudVisionV1p2beta1Symbol + description: A single symbol representation. + properties: + property: + description: Additional information detected for the symbol. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1TextAnnotationTextProperty + boundingBox: + description: >- + The bounding box for the symbol. The vertices are in the order of + top-left, top-right, bottom-right, bottom-left. When a rotation of + the bounding box is detected the rotation is represented as around + the top-left corner as defined when the text is read in the + 'natural' orientation. For example: * when the text is horizontal it + might look like: 0----1 | | 3----2 * when it's rotated 180 degrees + around the top-left corner it becomes: 2----3 | | 1----0 and the + vertex order will still be (0, 1, 2, 3). + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' + confidence: + type: number + format: float + description: Confidence of the OCR results for the symbol. Range [0, 1]. + text: + description: The actual UTF-8 representation of the symbol. + type: string + type: object + GoogleCloudVisionV1p3beta1LocationInfo: + properties: + latLng: + description: lat/long location coordinates. + $ref: '#/components/schemas/LatLng' + id: GoogleCloudVisionV1p3beta1LocationInfo + description: Detected entity location information. + type: object + GoogleCloudVisionV1p2beta1TextAnnotation: + properties: + pages: + type: array + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Page' + description: List of pages detected by OCR. + text: + type: string + description: UTF-8 text detected on the pages. + type: object + description: >- + TextAnnotation contains a structured representation of OCR extracted + text. The hierarchy of an OCR extracted text structure is like this: + TextAnnotation -> Page -> Block -> Paragraph -> Word -> Symbol Each + structural component, starting from Page, may further have their own + properties. Properties describe detected languages, breaks etc.. Please + refer to the TextAnnotation.TextProperty message definition below for + more detail. + id: GoogleCloudVisionV1p2beta1TextAnnotation + GoogleCloudVisionV1p2beta1FaceAnnotation: + id: GoogleCloudVisionV1p2beta1FaceAnnotation + properties: + boundingPoly: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' + description: >- + The bounding polygon around the face. The coordinates of the + bounding box are in the original image's scale. The bounding box is + computed to "frame" the face in accordance with human expectations. + It is based on the landmarker results. Note that one or more x + and/or y coordinates may not be generated in the `BoundingPoly` (the + polygon will be unbounded) if only a partial face appears in the + image to be annotated. + detectionConfidence: + description: Detection confidence. Range [0, 1]. + format: float + type: number + panAngle: + format: float + description: >- + Yaw angle, which indicates the leftward/rightward angle that the + face is pointing relative to the vertical plane perpendicular to the + image. Range [-180,180]. + type: number + angerLikelihood: + type: string + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + description: Anger likelihood. + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + landmarkingConfidence: + description: Face landmarking confidence. Range [0, 1]. + type: number + format: float + tiltAngle: + description: >- + Pitch angle, which indicates the upwards/downwards angle that the + face is pointing relative to the image's horizontal plane. Range + [-180,180]. + format: float + type: number + underExposedLikelihood: + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + type: string + description: Under-exposed likelihood. + sorrowLikelihood: + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + description: Sorrow likelihood. + type: string + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + joyLikelihood: + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + description: Joy likelihood. + type: string + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + blurredLikelihood: + type: string + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + description: Blurred likelihood. + landmarks: + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1FaceAnnotationLandmark + type: array + description: Detected face landmarks. + surpriseLikelihood: + type: string + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + description: Surprise likelihood. + fdBoundingPoly: + description: >- + The `fd_bounding_poly` bounding polygon is tighter than the + `boundingPoly`, and encloses only the skin part of the face. + Typically, it is used to eliminate the face from any image analysis + that detects the "amount of skin" visible in an image. It is not + based on the landmarker results, only on the initial face detection, + hence the fd (face detection) prefix. + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' + rollAngle: + type: number + description: >- + Roll angle, which indicates the amount of clockwise/anti-clockwise + rotation of the face relative to the image vertical about the axis + perpendicular to the face. Range [-180,180]. + format: float + headwearLikelihood: + enum: + - UNKNOWN + - VERY_UNLIKELY + - UNLIKELY + - POSSIBLE + - LIKELY + - VERY_LIKELY + description: Headwear likelihood. + type: string + enumDescriptions: + - Unknown likelihood. + - It is very unlikely. + - It is unlikely. + - It is possible. + - It is likely. + - It is very likely. + type: object + description: A face annotation object contains the results of face detection. + GoogleCloudVisionV1p2beta1WebDetection: + id: GoogleCloudVisionV1p2beta1WebDetection + type: object + properties: + fullMatchingImages: + description: >- + Fully matching images from the Internet. Can include resized copies + of the query image. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1WebDetectionWebImage + visuallySimilarImages: + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1WebDetectionWebImage + type: array + description: The visually similar image results. + partialMatchingImages: + description: >- + Partial matching images from the Internet. Those images are similar + enough to share some key-point features. For example an original + image will likely have partial matching for its crops. + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1WebDetectionWebImage + type: array + bestGuessLabels: + description: >- + The service's best guess as to the topic of the request image. + Inferred from similar images on the open web. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1WebDetectionWebLabel + webEntities: + description: Deduced entities from similar images on the Internet. + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1WebDetectionWebEntity + pagesWithMatchingImages: + type: array + description: Web pages containing the matching images from the Internet. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1WebDetectionWebPage' + description: Relevant information for the image from the Internet. + WebEntity: + id: WebEntity + properties: + score: + format: float + description: >- + Overall relevancy score for the entity. Not normalized and not + comparable across different image queries. + type: number + description: + type: string + description: Canonical description of the entity, in English. + entityId: + description: Opaque entity ID. + type: string + type: object + description: Entity deduced from similar images on the Internet. + ListReferenceImagesResponse: + description: Response message for the `ListReferenceImages` method. + type: object + properties: + nextPageToken: + type: string + description: The next_page_token returned from a previous List request, if any. + pageSize: + type: integer + description: The maximum number of items to return. Default 10, maximum 100. + format: int32 + referenceImages: + items: + $ref: '#/components/schemas/ReferenceImage' + type: array + description: The list of reference images. + id: ListReferenceImagesResponse + GoogleCloudVisionV1p1beta1Vertex: + description: >- + A vertex represents a 2D point in the image. NOTE: the vertex + coordinates are in the same scale as the original image. + properties: + 'y': + description: Y coordinate. + format: int32 + type: integer + x: + description: X coordinate. + type: integer + format: int32 + type: object + id: GoogleCloudVisionV1p1beta1Vertex + GoogleCloudVisionV1p2beta1ProductKeyValue: + description: A product label represented as a key-value pair. + type: object + id: GoogleCloudVisionV1p2beta1ProductKeyValue + properties: + key: + description: >- + The key of the label attached to the product. Cannot be empty and + cannot exceed 128 bytes. + type: string + value: + description: >- + The value of the label attached to the product. Cannot be empty and + cannot exceed 128 bytes. + type: string + GoogleCloudVisionV1p3beta1DominantColorsAnnotation: + properties: + colors: + type: array + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1ColorInfo' + description: RGB color values with their score and pixel fraction. + type: object + id: GoogleCloudVisionV1p3beta1DominantColorsAnnotation + description: Set of dominant colors and their corresponding scores. + CropHintsParams: + type: object + id: CropHintsParams + description: Parameters for crop hints annotation request. + properties: + aspectRatios: + type: array + description: >- + Aspect ratios in floats, representing the ratio of the width to the + height of the image. For example, if the desired aspect ratio is + 4/3, the corresponding float value should be 1.33333. If not + specified, the best possible crop is returned. The number of + provided aspect ratios is limited to a maximum of 16; any aspect + ratios provided after the 16th are ignored. + items: + type: number + format: float + GoogleCloudVisionV1p2beta1Block: + type: object + properties: + paragraphs: + type: array + description: List of paragraphs in this block (if this blocks is of type text). + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Paragraph' + boundingBox: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' + description: >- + The bounding box for the block. The vertices are in the order of + top-left, top-right, bottom-right, bottom-left. When a rotation of + the bounding box is detected the rotation is represented as around + the top-left corner as defined when the text is read in the + 'natural' orientation. For example: * when the text is horizontal it + might look like: 0----1 | | 3----2 * when it's rotated 180 degrees + around the top-left corner it becomes: 2----3 | | 1----0 and the + vertex order will still be (0, 1, 2, 3). + property: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1TextAnnotationTextProperty + description: Additional information detected for the block. + blockType: + enum: + - UNKNOWN + - TEXT + - TABLE + - PICTURE + - RULER + - BARCODE + type: string + enumDescriptions: + - Unknown block type. + - Regular text block. + - Table block. + - Image block. + - Horizontal/vertical line box. + - Barcode block. + description: Detected block type (text, image etc) for this block. + confidence: + type: number + description: Confidence of the OCR results on the block. Range [0, 1]. + format: float + description: Logical element on the page. + id: GoogleCloudVisionV1p2beta1Block + GoogleCloudVisionV1p2beta1InputConfig: + id: GoogleCloudVisionV1p2beta1InputConfig + description: The desired input location and metadata. + type: object + properties: + mimeType: + type: string + description: >- + The type of the file. Currently only "application/pdf", "image/tiff" + and "image/gif" are supported. Wildcards are not supported. + content: + format: byte + type: string + description: >- + File content, represented as a stream of bytes. Note: As with all + `bytes` fields, protobuffers use a pure binary representation, + whereas JSON representations use base64. Currently, this field only + works for BatchAnnotateFiles requests. It does not work for + AsyncBatchAnnotateFiles requests. + gcsSource: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1GcsSource' + description: The Google Cloud Storage location to read the input from. + GoogleCloudVisionV1p3beta1ColorInfo: + type: object + id: GoogleCloudVisionV1p3beta1ColorInfo + properties: + score: + format: float + description: Image-specific score for this color. Value in range [0, 1]. + type: number + pixelFraction: + description: >- + The fraction of pixels the color occupies in the image. Value in + range [0, 1]. + format: float + type: number + color: + $ref: '#/components/schemas/Color' + description: RGB components of the color. + description: >- + Color information consists of RGB channels, score, and the fraction of + the image that the color occupies in the image. + GoogleCloudVisionV1p2beta1WebDetectionWebImage: + id: GoogleCloudVisionV1p2beta1WebDetectionWebImage + properties: + url: + type: string + description: The result image URL. + score: + format: float + description: (Deprecated) Overall relevancy score for the image. + type: number + description: Metadata for online images. + type: object + GoogleCloudVisionV1p3beta1AnnotateImageResponse: + id: GoogleCloudVisionV1p3beta1AnnotateImageResponse + description: Response to an image annotation request. + properties: + imagePropertiesAnnotation: + description: If present, image properties were extracted successfully. + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1ImageProperties' + context: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p3beta1ImageAnnotationContext + description: >- + If present, contextual information is needed to understand where + this image comes from. + labelAnnotations: + type: array + description: If present, label detection has completed successfully. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1EntityAnnotation' + landmarkAnnotations: + type: array + description: If present, landmark detection has completed successfully. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1EntityAnnotation' + error: + description: >- + If set, represents the error message for the operation. Note that + filled-in image annotations are guaranteed to be correct, even when + `error` is set. + $ref: '#/components/schemas/Status' + localizedObjectAnnotations: + description: >- + If present, localized object detection has completed successfully. + This will be sorted descending by confidence score. + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p3beta1LocalizedObjectAnnotation + type: array + fullTextAnnotation: + description: >- + If present, text (OCR) detection or document (OCR) text detection + has completed successfully. This annotation provides the structural + hierarchy for the OCR detected text. + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1TextAnnotation' + faceAnnotations: + description: If present, face detection has completed successfully. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1FaceAnnotation' + type: array + textAnnotations: + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1EntityAnnotation' + type: array + description: If present, text (OCR) detection has completed successfully. + productSearchResults: + description: If present, product search has completed successfully. + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1ProductSearchResults' + webDetection: + description: If present, web detection has completed successfully. + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1WebDetection' + logoAnnotations: + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1EntityAnnotation' + type: array + description: If present, logo detection has completed successfully. + cropHintsAnnotation: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1CropHintsAnnotation' + description: If present, crop hints have completed successfully. + safeSearchAnnotation: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1SafeSearchAnnotation' + description: If present, safe-search annotation has completed successfully. + type: object + TextDetectionParams: + description: >- + Parameters for text detections. This is used to control TEXT_DETECTION + and DOCUMENT_TEXT_DETECTION features. + properties: + advancedOcrOptions: + items: + type: string + description: >- + A list of advanced OCR options to further fine-tune OCR behavior. + Current valid values are: - `legacy_layout`: a heuristics layout + detection algorithm, which serves as an alternative to the current + ML-based layout detection algorithm. Customers can choose the best + suitable layout algorithm based on their situation. + type: array + enableTextDetectionConfidenceScore: + type: boolean + description: >- + By default, Cloud Vision API only includes confidence score for + DOCUMENT_TEXT_DETECTION result. Set the flag to true to include + confidence score for TEXT_DETECTION as well. + type: object + id: TextDetectionParams + GoogleCloudVisionV1p4beta1Page: + description: Detected page from OCR. + type: object + properties: + width: + format: int32 + type: integer + description: >- + Page width. For PDFs the unit is points. For images (including + TIFFs) the unit is pixels. + height: + type: integer + format: int32 + description: >- + Page height. For PDFs the unit is points. For images (including + TIFFs) the unit is pixels. + confidence: + description: Confidence of the OCR results on the page. Range [0, 1]. + format: float + type: number + property: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1TextAnnotationTextProperty + description: Additional information detected on the page. + blocks: + description: List of blocks of text, images etc on this page. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Block' type: array + id: GoogleCloudVisionV1p4beta1Page + GoogleCloudVisionV1p4beta1WebDetectionWebLabel: + id: GoogleCloudVisionV1p4beta1WebDetectionWebLabel + properties: + languageCode: + description: >- + The BCP-47 language code for `label`, such as "en-US" or "sr-Latn". + For more information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + type: string + label: + type: string + description: Label for extra metadata. + description: Label to provide extra metadata for the web detection. + type: object + LatLongRect: + id: LatLongRect + description: Rectangle determined by min and max `LatLng` pairs. + properties: + maxLatLng: + $ref: '#/components/schemas/LatLng' + description: Max lat/long pair. + minLatLng: + $ref: '#/components/schemas/LatLng' + description: Min lat/long pair. + type: object + GoogleCloudVisionV1p3beta1AsyncAnnotateFileResponse: + properties: + outputConfig: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1OutputConfig' + description: The output location and metadata from AsyncAnnotateFileRequest. + type: object + id: GoogleCloudVisionV1p3beta1AsyncAnnotateFileResponse + description: The response for a single offline file annotation request. + GoogleCloudVisionV1p1beta1OperationMetadata: + type: object + properties: + updateTime: + type: string + description: The time when the operation result was last updated. + format: google-datetime + state: + enum: + - STATE_UNSPECIFIED + - CREATED + - RUNNING + - DONE + - CANCELLED + type: string + description: Current state of the batch operation. + enumDescriptions: + - Invalid. + - Request is received. + - Request is actively being processed. + - The batch processing is done. + - The batch processing was cancelled. + createTime: + type: string + format: google-datetime + description: The time when the batch request was received. + id: GoogleCloudVisionV1p1beta1OperationMetadata + description: Contains metadata for the BatchAnnotateImages operation. + GoogleCloudVisionV1p1beta1AsyncBatchAnnotateFilesResponse: + description: Response to an async batch file annotation request. + type: object + id: GoogleCloudVisionV1p1beta1AsyncBatchAnnotateFilesResponse + properties: + responses: items: $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1FaceRecognitionResult - GoogleCloudVisionV1p4beta1FaceAnnotationLandmark: - id: GoogleCloudVisionV1p4beta1FaceAnnotationLandmark + #/components/schemas/GoogleCloudVisionV1p1beta1AsyncAnnotateFileResponse + description: >- + The list of file annotation responses, one for each request in + AsyncBatchAnnotateFilesRequest. + type: array + GoogleCloudVisionV1p3beta1BatchOperationMetadata: description: >- - A face-specific landmark (for example, a face feature). Landmark - positions may fall outside the bounds of the image if the face is near - one or more edges of the image. Therefore it is NOT guaranteed that `0 - <= x < width` or `0 <= y < height`. + Metadata for the batch operations such as the current state. This is + included in the `metadata` field of the `Operation` returned by the + `GetOperation` call of the `google::longrunning::Operations` service. + id: GoogleCloudVisionV1p3beta1BatchOperationMetadata type: object properties: - type: - description: Face landmark type. + submitTime: + format: google-datetime type: string - enumDescriptions: - - Unknown face landmark detected. Should not be filled. - - Left eye. - - Right eye. - - Left of left eyebrow. - - Right of left eyebrow. - - Left of right eyebrow. - - Right of right eyebrow. - - Midpoint between eyes. - - Nose tip. - - Upper lip. - - Lower lip. - - Mouth left. - - Mouth right. - - Mouth center. - - Nose, bottom right. - - Nose, bottom left. - - Nose, bottom center. - - Left eye, top boundary. - - Left eye, right corner. - - Left eye, bottom boundary. - - Left eye, left corner. - - Right eye, top boundary. - - Right eye, right corner. - - Right eye, bottom boundary. - - Right eye, left corner. - - Left eyebrow, upper midpoint. - - Right eyebrow, upper midpoint. - - Left ear tragion. - - Right ear tragion. - - Left eye pupil. - - Right eye pupil. - - Forehead glabella. - - Chin gnathion. - - Chin left gonion. - - Chin right gonion. - - Left cheek center. - - Right cheek center. + description: The time when the batch request was submitted to the server. + endTime: + type: string + format: google-datetime + description: >- + The time when the batch request is finished and + google.longrunning.Operation.done is set to true. + state: enum: - - UNKNOWN_LANDMARK - - LEFT_EYE - - RIGHT_EYE - - LEFT_OF_LEFT_EYEBROW - - RIGHT_OF_LEFT_EYEBROW - - LEFT_OF_RIGHT_EYEBROW - - RIGHT_OF_RIGHT_EYEBROW - - MIDPOINT_BETWEEN_EYES - - NOSE_TIP - - UPPER_LIP - - LOWER_LIP - - MOUTH_LEFT - - MOUTH_RIGHT - - MOUTH_CENTER - - NOSE_BOTTOM_RIGHT - - NOSE_BOTTOM_LEFT - - NOSE_BOTTOM_CENTER - - LEFT_EYE_TOP_BOUNDARY - - LEFT_EYE_RIGHT_CORNER - - LEFT_EYE_BOTTOM_BOUNDARY - - LEFT_EYE_LEFT_CORNER - - RIGHT_EYE_TOP_BOUNDARY - - RIGHT_EYE_RIGHT_CORNER - - RIGHT_EYE_BOTTOM_BOUNDARY - - RIGHT_EYE_LEFT_CORNER - - LEFT_EYEBROW_UPPER_MIDPOINT - - RIGHT_EYEBROW_UPPER_MIDPOINT - - LEFT_EAR_TRAGION - - RIGHT_EAR_TRAGION - - LEFT_EYE_PUPIL - - RIGHT_EYE_PUPIL - - FOREHEAD_GLABELLA - - CHIN_GNATHION - - CHIN_LEFT_GONION - - CHIN_RIGHT_GONION - - LEFT_CHEEK_CENTER - - RIGHT_CHEEK_CENTER - position: - description: Face landmark position. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Position' - GoogleCloudVisionV1p4beta1Position: - id: GoogleCloudVisionV1p4beta1Position + - STATE_UNSPECIFIED + - PROCESSING + - SUCCESSFUL + - FAILED + - CANCELLED + description: The current state of the batch operation. + enumDescriptions: + - Invalid. + - Request is actively being processed. + - >- + The request is done and at least one item has been successfully + processed. + - The request is done and no item has been successfully processed. + - >- + The request is done after the + longrunning.Operations.CancelOperation has been called by the + user. Any records that were processed before the cancel command + are output as specified in the request. + type: string + ImportProductSetsResponse: + id: ImportProductSetsResponse + properties: + referenceImages: + type: array + description: The list of reference_images that are imported successfully. + items: + $ref: '#/components/schemas/ReferenceImage' + statuses: + description: >- + The rpc status for each ImportProductSet request, including both + successes and errors. The number of statuses here matches the number + of lines in the csv file, and statuses[i] stores the success or + failure status of processing the i-th line of the csv, starting from + line 0. + type: array + items: + $ref: '#/components/schemas/Status' description: >- - A 3D position in the image, used primarily for Face detection landmarks. - A valid Position must have both x and y coordinates. The position - coordinates are in the same scale as the original image. + Response message for the `ImportProductSets` method. This message is + returned by the google.longrunning.Operations.GetOperation method in the + returned google.longrunning.Operation.response field. type: object + LocalizedObjectAnnotation: properties: - x: - description: X coordinate. - type: number - format: float - 'y': - description: Y coordinate. - type: number + boundingPoly: + description: Image region to which this object belongs. This must be populated. + $ref: '#/components/schemas/BoundingPoly' + name: + description: Object name, expressed in its `language_code` language. + type: string + score: + description: Score of the result. Range [0, 1]. format: float - z: - description: Z coordinate (or depth). type: number - format: float - GoogleCloudVisionV1p4beta1FaceRecognitionResult: - id: GoogleCloudVisionV1p4beta1FaceRecognitionResult - description: Information about a face's identity. + languageCode: + type: string + description: >- + The BCP-47 language code, such as "en-US" or "sr-Latn". For more + information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + mid: + description: Object ID that should align with EntityAnnotation mid. + type: string + description: Set of detected objects with bounding boxes. type: object + id: LocalizedObjectAnnotation + GoogleCloudVisionV1p3beta1ImageProperties: properties: - celebrity: - description: The Celebrity that this face was matched to. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Celebrity' - confidence: - description: Recognition confidence. Range [0, 1]. - type: number - format: float - GoogleCloudVisionV1p4beta1Celebrity: - id: GoogleCloudVisionV1p4beta1Celebrity - description: A Celebrity is a group of Faces with an identity. + dominantColors: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p3beta1DominantColorsAnnotation + description: If present, dominant colors completed successfully. type: object + id: GoogleCloudVisionV1p3beta1ImageProperties + description: Stores image properties, such as dominant colors. + GoogleCloudVisionV1p1beta1GcsSource: properties: - name: + uri: description: >- - The resource name of the preloaded Celebrity. Has the format - `builtin/{mid}`. - type: string - displayName: - description: The Celebrity's display name. - type: string - description: - description: The Celebrity's description. + Google Cloud Storage URI for the input file. This must only be a + Google Cloud Storage object. Wildcards are not currently supported. type: string - GoogleCloudVisionV1p4beta1EntityAnnotation: - id: GoogleCloudVisionV1p4beta1EntityAnnotation - description: Set of detected entity features. type: object + description: The Google Cloud Storage location where the input will be read from. + id: GoogleCloudVisionV1p1beta1GcsSource + GoogleCloudVisionV1p4beta1Position: properties: - mid: - description: >- - Opaque entity ID. Some IDs may be available in [Google Knowledge - Graph Search API](https://developers.google.com/knowledge-graph/). - type: string - locale: - description: >- - The language code for the locale in which the entity textual - `description` is expressed. - type: string - description: - description: Entity textual description, expressed in its `locale` language. - type: string - score: - description: Overall score of the result. Range [0, 1]. + 'y': type: number + description: Y coordinate. format: float - confidence: - description: >- - **Deprecated. Use `score` instead.** The accuracy of the entity - detection in an image. For example, for an image in which the - "Eiffel Tower" entity is detected, this field represents the - confidence that there is a tower in the query image. Range [0, 1]. - deprecated: true + x: type: number format: float - topicality: - description: >- - The relevancy of the ICA (Image Content Annotation) label to the - image. For example, the relevancy of "tower" is likely higher to an - image containing the detected "Eiffel Tower" than to an image - containing a detected distant towering building, even though the - confidence that there is a tower in each image may be the same. - Range [0, 1]. + description: X coordinate. + z: type: number format: float - boundingPoly: - description: >- - Image region to which this entity belongs. Not produced for - `LABEL_DETECTION` features. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' - locations: - description: >- - The location information for the detected entity. Multiple - `LocationInfo` elements can be present because one location may - indicate the location of the scene in the image, and another - location may indicate the location of the place where the image was - taken. Location information is usually present for landmarks. + description: Z coordinate (or depth). + description: >- + A 3D position in the image, used primarily for Face detection landmarks. + A valid Position must have both x and y coordinates. The position + coordinates are in the same scale as the original image. + id: GoogleCloudVisionV1p4beta1Position + type: object + GoogleCloudVisionV1p3beta1ImportProductSetsResponse: + id: GoogleCloudVisionV1p3beta1ImportProductSetsResponse + properties: + referenceImages: type: array + description: The list of reference_images that are imported successfully. items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1LocationInfo' - properties: - description: >- - Some entities may have optional user-supplied `Property` - (name/value) fields, such a score or string that qualifies the - entity. + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1ReferenceImage' + statuses: type: array + description: >- + The rpc status for each ImportProductSet request, including both + successes and errors. The number of statuses here matches the number + of lines in the csv file, and statuses[i] stores the success or + failure status of processing the i-th line of the csv, starting from + line 0. items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Property' - GoogleCloudVisionV1p4beta1LocationInfo: - id: GoogleCloudVisionV1p4beta1LocationInfo - description: Detected entity location information. + $ref: '#/components/schemas/Status' type: object - properties: - latLng: - description: lat/long location coordinates. - $ref: '#/components/schemas/LatLng' - GoogleCloudVisionV1p4beta1Property: - id: GoogleCloudVisionV1p4beta1Property - description: A `Property` consists of a user-supplied name/value pair. + description: >- + Response message for the `ImportProductSets` method. This message is + returned by the google.longrunning.Operations.GetOperation method in the + returned google.longrunning.Operation.response field. + AsyncBatchAnnotateFilesRequest: type: object + description: >- + Multiple async file annotation requests are batched into a single + service call. + id: AsyncBatchAnnotateFilesRequest properties: - name: - description: Name of the property. - type: string - value: - description: Value of the property. - type: string - uint64Value: - description: Value of numeric properties. + parent: + description: >- + Optional. Target project and location to make a call. Format: + `projects/{project-id}/locations/{location-id}`. If no parent is + specified, a region will be chosen automatically. Supported + location-ids: `us`: USA country only, `asia`: East asia areas, like + Japan, Taiwan, `eu`: The European Union. Example: + `projects/project-A/locations/eu`. type: string - format: uint64 - GoogleCloudVisionV1p4beta1LocalizedObjectAnnotation: - id: GoogleCloudVisionV1p4beta1LocalizedObjectAnnotation - description: Set of detected objects with bounding boxes. - type: object + labels: + description: >- + Optional. The labels with user-defined metadata for the request. + Label keys and values can be no longer than 63 characters (Unicode + codepoints), can only contain lowercase letters, numeric characters, + underscores and dashes. International characters are allowed. Label + values are optional. Label keys must start with a letter. + additionalProperties: + type: string + type: object + requests: + items: + $ref: '#/components/schemas/AsyncAnnotateFileRequest' + type: array + description: Required. Individual async file annotation requests for this batch. + GoogleCloudVisionV1p4beta1Product: + id: GoogleCloudVisionV1p4beta1Product + description: A Product contains ReferenceImages. properties: - mid: - description: Object ID that should align with EntityAnnotation mid. + name: + description: >- + The resource name of the product. Format is: + `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID`. This + field is ignored when creating a product. type: string - languageCode: + productLabels: + type: array description: >- - The BCP-47 language code, such as "en-US" or "sr-Latn". For more - information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + Key-value pairs that can be attached to a product. At query time, + constraints can be specified based on the product_labels. Note that + integer values can be provided as strings, e.g. "1199". Only strings + with integer values can match a range-based restriction which is to + be supported soon. Multiple values can be assigned to the same key. + One product may have up to 500 product_labels. Notice that the total + number of distinct product_labels over all products in one + ProductSet cannot exceed 1M, otherwise the product search pipeline + will refuse to work for that ProductSet. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1ProductKeyValue' + displayName: + description: >- + The user-provided name for this Product. Must not be empty. Must be + at most 4096 characters long. type: string - name: - description: Object name, expressed in its `language_code` language. + productCategory: type: string - score: - description: Score of the result. Range [0, 1]. - type: number - format: float - boundingPoly: - description: Image region to which this object belongs. This must be populated. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' - GoogleCloudVisionV1p4beta1TextAnnotation: - id: GoogleCloudVisionV1p4beta1TextAnnotation - description: >- - TextAnnotation contains a structured representation of OCR extracted - text. The hierarchy of an OCR extracted text structure is like this: - TextAnnotation -> Page -> Block -> Paragraph -> Word -> Symbol Each - structural component, starting from Page, may further have their own - properties. Properties describe detected languages, breaks etc.. Please - refer to the TextAnnotation.TextProperty message definition below for - more detail. + description: >- + Immutable. The category for the product identified by the reference + image. This should be one of "homegoods-v2", "apparel-v2", + "toys-v2", "packagedgoods-v1" or "general-v1". The legacy categories + "homegoods", "apparel", and "toys" are still supported, but these + should not be used for new products. + description: + type: string + description: >- + User-provided metadata to be stored with this product. Must be at + most 4096 characters long. type: object + GoogleCloudVisionV1p2beta1DominantColorsAnnotation: + id: GoogleCloudVisionV1p2beta1DominantColorsAnnotation properties: - pages: - description: List of pages detected by OCR. + colors: + description: RGB color values with their score and pixel fraction. type: array items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Page' - text: - description: UTF-8 text detected on the pages. - type: string - GoogleCloudVisionV1p4beta1Page: - id: GoogleCloudVisionV1p4beta1Page - description: Detected page from OCR. + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1ColorInfo' + description: Set of dominant colors and their corresponding scores. type: object + GoogleCloudVisionV1p3beta1Page: properties: - property: - description: Additional information detected on the page. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1TextAnnotationTextProperty - width: - description: >- - Page width. For PDFs the unit is points. For images (including - TIFFs) the unit is pixels. - type: integer - format: int32 + blocks: + description: List of blocks of text, images etc on this page. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Block' + type: array height: description: >- Page height. For PDFs the unit is points. For images (including TIFFs) the unit is pixels. type: integer format: int32 - blocks: - description: List of blocks of text, images etc on this page. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Block' confidence: description: Confidence of the OCR results on the page. Range [0, 1]. - type: number format: float - GoogleCloudVisionV1p4beta1TextAnnotationTextProperty: - id: GoogleCloudVisionV1p4beta1TextAnnotationTextProperty - description: Additional information detected on the structural component. - type: object - properties: - detectedLanguages: - description: A list of detected languages together with confidence. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1TextAnnotationDetectedLanguage - detectedBreak: - description: Detected start or end of a text segment. + type: number + width: + description: >- + Page width. For PDFs the unit is points. For images (including + TIFFs) the unit is pixels. + format: int32 + type: integer + property: $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1TextAnnotationDetectedBreak - GoogleCloudVisionV1p4beta1TextAnnotationDetectedLanguage: - id: GoogleCloudVisionV1p4beta1TextAnnotationDetectedLanguage - description: Detected language for a structural component. + #/components/schemas/GoogleCloudVisionV1p3beta1TextAnnotationTextProperty + description: Additional information detected on the page. type: object - properties: - languageCode: - description: >- - The BCP-47 language code, such as "en-US" or "sr-Latn". For more - information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. - type: string - confidence: - description: Confidence of detected language. Range [0, 1]. - type: number - format: float - GoogleCloudVisionV1p4beta1TextAnnotationDetectedBreak: - id: GoogleCloudVisionV1p4beta1TextAnnotationDetectedBreak - description: Detected start or end of a structural component. + description: Detected page from OCR. + id: GoogleCloudVisionV1p3beta1Page + GoogleCloudVisionV1p1beta1FaceAnnotationLandmark: + description: >- + A face-specific landmark (for example, a face feature). Landmark + positions may fall outside the bounds of the image if the face is near + one or more edges of the image. Therefore it is NOT guaranteed that `0 + <= x < width` or `0 <= y < height`. type: object + id: GoogleCloudVisionV1p1beta1FaceAnnotationLandmark properties: type: - description: Detected break type. - type: string - enumDescriptions: - - Unknown break label type. - - Regular space. - - Sure space (very wide). - - Line-wrapping break. - - >- - End-line hyphen that is not present in text; does not co-occur - with `SPACE`, `LEADER_SPACE`, or `LINE_BREAK`. - - Line break that ends a paragraph. - enum: - - UNKNOWN - - SPACE - - SURE_SPACE - - EOL_SURE_SPACE - - HYPHEN - - LINE_BREAK - isPrefix: - description: True if break prepends the element. - type: boolean - GoogleCloudVisionV1p4beta1Block: - id: GoogleCloudVisionV1p4beta1Block - description: Logical element on the page. - type: object - properties: - property: - description: Additional information detected for the block. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1TextAnnotationTextProperty - boundingBox: - description: >- - The bounding box for the block. The vertices are in the order of - top-left, top-right, bottom-right, bottom-left. When a rotation of - the bounding box is detected the rotation is represented as around - the top-left corner as defined when the text is read in the - 'natural' orientation. For example: * when the text is horizontal it - might look like: 0----1 | | 3----2 * when it's rotated 180 degrees - around the top-left corner it becomes: 2----3 | | 1----0 and the - vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' - paragraphs: - description: List of paragraphs in this block (if this blocks is of type text). - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Paragraph' - blockType: - description: Detected block type (text, image etc) for this block. type: string - enumDescriptions: - - Unknown block type. - - Regular text block. - - Table block. - - Image block. - - Horizontal/vertical line box. - - Barcode block. enum: - - UNKNOWN - - TEXT - - TABLE - - PICTURE - - RULER - - BARCODE - confidence: - description: Confidence of the OCR results on the block. Range [0, 1]. - type: number - format: float - GoogleCloudVisionV1p4beta1Paragraph: - id: GoogleCloudVisionV1p4beta1Paragraph - description: Structural unit of text representing a number of words in certain order. - type: object - properties: - property: - description: Additional information detected for the paragraph. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1TextAnnotationTextProperty - boundingBox: - description: >- - The bounding box for the paragraph. The vertices are in the order of - top-left, top-right, bottom-right, bottom-left. When a rotation of - the bounding box is detected the rotation is represented as around - the top-left corner as defined when the text is read in the - 'natural' orientation. For example: * when the text is horizontal it - might look like: 0----1 | | 3----2 * when it's rotated 180 degrees - around the top-left corner it becomes: 2----3 | | 1----0 and the - vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' - words: - description: List of all words in this paragraph. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Word' - confidence: - description: Confidence of the OCR results for the paragraph. Range [0, 1]. - type: number - format: float - GoogleCloudVisionV1p4beta1Word: - id: GoogleCloudVisionV1p4beta1Word - description: A word representation. - type: object - properties: - property: - description: Additional information detected for the word. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1TextAnnotationTextProperty - boundingBox: - description: >- - The bounding box for the word. The vertices are in the order of - top-left, top-right, bottom-right, bottom-left. When a rotation of - the bounding box is detected the rotation is represented as around - the top-left corner as defined when the text is read in the - 'natural' orientation. For example: * when the text is horizontal it - might look like: 0----1 | | 3----2 * when it's rotated 180 degrees - around the top-left corner it becomes: 2----3 | | 1----0 and the - vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' - symbols: - description: >- - List of symbols in the word. The order of the symbols follows the - natural reading order. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Symbol' - confidence: - description: Confidence of the OCR results for the word. Range [0, 1]. - type: number - format: float - GoogleCloudVisionV1p4beta1Symbol: - id: GoogleCloudVisionV1p4beta1Symbol - description: A single symbol representation. - type: object + - UNKNOWN_LANDMARK + - LEFT_EYE + - RIGHT_EYE + - LEFT_OF_LEFT_EYEBROW + - RIGHT_OF_LEFT_EYEBROW + - LEFT_OF_RIGHT_EYEBROW + - RIGHT_OF_RIGHT_EYEBROW + - MIDPOINT_BETWEEN_EYES + - NOSE_TIP + - UPPER_LIP + - LOWER_LIP + - MOUTH_LEFT + - MOUTH_RIGHT + - MOUTH_CENTER + - NOSE_BOTTOM_RIGHT + - NOSE_BOTTOM_LEFT + - NOSE_BOTTOM_CENTER + - LEFT_EYE_TOP_BOUNDARY + - LEFT_EYE_RIGHT_CORNER + - LEFT_EYE_BOTTOM_BOUNDARY + - LEFT_EYE_LEFT_CORNER + - RIGHT_EYE_TOP_BOUNDARY + - RIGHT_EYE_RIGHT_CORNER + - RIGHT_EYE_BOTTOM_BOUNDARY + - RIGHT_EYE_LEFT_CORNER + - LEFT_EYEBROW_UPPER_MIDPOINT + - RIGHT_EYEBROW_UPPER_MIDPOINT + - LEFT_EAR_TRAGION + - RIGHT_EAR_TRAGION + - LEFT_EYE_PUPIL + - RIGHT_EYE_PUPIL + - FOREHEAD_GLABELLA + - CHIN_GNATHION + - CHIN_LEFT_GONION + - CHIN_RIGHT_GONION + - LEFT_CHEEK_CENTER + - RIGHT_CHEEK_CENTER + description: Face landmark type. + enumDescriptions: + - Unknown face landmark detected. Should not be filled. + - Left eye. + - Right eye. + - Left of left eyebrow. + - Right of left eyebrow. + - Left of right eyebrow. + - Right of right eyebrow. + - Midpoint between eyes. + - Nose tip. + - Upper lip. + - Lower lip. + - Mouth left. + - Mouth right. + - Mouth center. + - Nose, bottom right. + - Nose, bottom left. + - Nose, bottom center. + - Left eye, top boundary. + - Left eye, right corner. + - Left eye, bottom boundary. + - Left eye, left corner. + - Right eye, top boundary. + - Right eye, right corner. + - Right eye, bottom boundary. + - Right eye, left corner. + - Left eyebrow, upper midpoint. + - Right eyebrow, upper midpoint. + - Left ear tragion. + - Right ear tragion. + - Left eye pupil. + - Right eye pupil. + - Forehead glabella. + - Chin gnathion. + - Chin left gonion. + - Chin right gonion. + - Left cheek center. + - Right cheek center. + position: + description: Face landmark position. + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Position' + ObjectAnnotation: properties: - property: - description: Additional information detected for the symbol. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1TextAnnotationTextProperty - boundingBox: + languageCode: + type: string description: >- - The bounding box for the symbol. The vertices are in the order of - top-left, top-right, bottom-right, bottom-left. When a rotation of - the bounding box is detected the rotation is represented as around - the top-left corner as defined when the text is read in the - 'natural' orientation. For example: * when the text is horizontal it - might look like: 0----1 | | 3----2 * when it's rotated 180 degrees - around the top-left corner it becomes: 2----3 | | 1----0 and the - vertex order will still be (0, 1, 2, 3). - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' - text: - description: The actual UTF-8 representation of the symbol. + The BCP-47 language code, such as "en-US" or "sr-Latn". For more + information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + mid: + description: Object ID that should align with EntityAnnotation mid. type: string - confidence: - description: Confidence of the OCR results for the symbol. Range [0, 1]. - type: number + name: + description: Object name, expressed in its `language_code` language. + type: string + score: format: float - GoogleCloudVisionV1p4beta1SafeSearchAnnotation: - id: GoogleCloudVisionV1p4beta1SafeSearchAnnotation - description: >- - Set of features pertaining to the image, computed by computer vision - methods over safe-search verticals (for example, adult, spoof, medical, - violence). + description: Score of the result. Range [0, 1]. + type: number type: object + description: Prediction for what the object in the bounding box is. + id: ObjectAnnotation + GoogleCloudVisionV1p1beta1ProductSearchResults: properties: - adult: + indexTime: description: >- - Represents the adult content likelihood for the image. Adult content - may contain elements such as nudity, pornographic images or - cartoons, or sexual activities. + Timestamp of the index which provided these results. Products added + to the product set and products removed from the product set after + this time are not reflected in the current results. type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - spoof: + format: google-datetime + productGroupedResults: + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1ProductSearchResultsGroupedResult + type: array description: >- - Spoof likelihood. The likelihood that an modification was made to - the image's canonical version to make it appear funny or offensive. - type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - medical: - description: Likelihood that this is a medical image. - type: string + List of results grouped by products detected in the query image. + Each entry corresponds to one bounding polygon in the query image, + and contains the matching products specific to that region. There + may be duplicate product matches in the union of all the per-product + results. + results: + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1ProductSearchResultsResult + description: List of results, one for each product match. + type: array + description: Results for a product search request. + id: GoogleCloudVisionV1p1beta1ProductSearchResults + type: object + GoogleCloudVisionV1p1beta1TextAnnotationDetectedBreak: + type: object + properties: + isPrefix: + description: True if break prepends the element. + type: boolean + type: + description: Detected break type. enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - violence: - description: >- - Likelihood that this image contains violent content. Violent content - may include death, serious harm, or injury to individuals or groups - of individuals. + - Unknown break label type. + - Regular space. + - Sure space (very wide). + - Line-wrapping break. + - >- + End-line hyphen that is not present in text; does not co-occur + with `SPACE`, `LEADER_SPACE`, or `LINE_BREAK`. + - Line break that ends a paragraph. type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. enum: - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - racy: + - SPACE + - SURE_SPACE + - EOL_SURE_SPACE + - HYPHEN + - LINE_BREAK + id: GoogleCloudVisionV1p1beta1TextAnnotationDetectedBreak + description: Detected start or end of a structural component. + GoogleCloudVisionV1p1beta1ProductSearchResultsGroupedResult: + type: object + properties: + objectAnnotations: + type: array + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1ProductSearchResultsObjectAnnotation + description: List of generic predictions for the object in the bounding box. + boundingPoly: + description: The bounding polygon around the product detected in the query image. + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1BoundingPoly' + results: + description: List of results, one for each product match. + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p1beta1ProductSearchResultsResult + type: array + description: >- + Information about the products similar to a single product in a query + image. + id: GoogleCloudVisionV1p1beta1ProductSearchResultsGroupedResult + ImageSource: + properties: + gcsImageUri: description: >- - Likelihood that the request image contains racy content. Racy - content may include (but is not limited to) skimpy or sheer - clothing, strategically covered nudity, lewd or provocative poses, - or close-ups of sensitive body areas. + **Use `image_uri` instead.** The Google Cloud Storage URI of the + form `gs://bucket_name/object_name`. Object versioning is not + supported. See [Google Cloud Storage Request + URIs](https://cloud.google.com/storage/docs/reference-uris) for more + info. type: string - enumDescriptions: - - Unknown likelihood. - - It is very unlikely. - - It is unlikely. - - It is possible. - - It is likely. - - It is very likely. - enum: - - UNKNOWN - - VERY_UNLIKELY - - UNLIKELY - - POSSIBLE - - LIKELY - - VERY_LIKELY - GoogleCloudVisionV1p4beta1ImageProperties: - id: GoogleCloudVisionV1p4beta1ImageProperties - description: Stores image properties, such as dominant colors. + imageUri: + type: string + description: >- + The URI of the source image. Can be either: 1. A Google Cloud + Storage URI of the form `gs://bucket_name/object_name`. Object + versioning is not supported. See [Google Cloud Storage Request + URIs](https://cloud.google.com/storage/docs/reference-uris) for more + info. 2. A publicly-accessible image HTTP/HTTPS URL. When fetching + images from HTTP/HTTPS URLs, Google cannot guarantee that the + request will be completed. Your request may fail if the specified + host denies the request (e.g. due to request throttling or DOS + prevention), or if Google throttles requests to the site for abuse + prevention. You should not depend on externally-hosted images for + production applications. When both `gcs_image_uri` and `image_uri` + are specified, `image_uri` takes precedence. type: object - properties: - dominantColors: - description: If present, dominant colors completed successfully. - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1DominantColorsAnnotation - GoogleCloudVisionV1p4beta1DominantColorsAnnotation: - id: GoogleCloudVisionV1p4beta1DominantColorsAnnotation - description: Set of dominant colors and their corresponding scores. + description: External image source (Google Cloud Storage or web URL image location). + id: ImageSource + GoogleCloudVisionV1p1beta1LocationInfo: + id: GoogleCloudVisionV1p1beta1LocationInfo type: object properties: - colors: - description: RGB color values with their score and pixel fraction. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1ColorInfo' - GoogleCloudVisionV1p4beta1ColorInfo: - id: GoogleCloudVisionV1p4beta1ColorInfo - description: >- - Color information consists of RGB channels, score, and the fraction of - the image that the color occupies in the image. + latLng: + description: lat/long location coordinates. + $ref: '#/components/schemas/LatLng' + description: Detected entity location information. + GoogleCloudVisionV1p4beta1AsyncAnnotateFileResponse: type: object + description: The response for a single offline file annotation request. + id: GoogleCloudVisionV1p4beta1AsyncAnnotateFileResponse properties: - color: - description: RGB components of the color. - $ref: '#/components/schemas/Color' - score: - description: Image-specific score for this color. Value in range [0, 1]. - type: number - format: float - pixelFraction: - description: >- - The fraction of pixels the color occupies in the image. Value in - range [0, 1]. - type: number - format: float + outputConfig: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1OutputConfig' + description: The output location and metadata from AsyncAnnotateFileRequest. + CancelOperationRequest: + type: object + id: CancelOperationRequest + description: The request message for Operations.CancelOperation. + properties: {} GoogleCloudVisionV1p4beta1CropHintsAnnotation: id: GoogleCloudVisionV1p4beta1CropHintsAnnotation description: >- Set of crop hints that are used to generate new crops when serving images. - type: object properties: cropHints: - description: Crop hint results. type: array items: $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1CropHint' - GoogleCloudVisionV1p4beta1CropHint: - id: GoogleCloudVisionV1p4beta1CropHint + description: Crop hint results. + type: object + CropHint: + type: object + id: CropHint description: >- Single crop hint that is used to generate a new crop when serving an image. - type: object properties: - boundingPoly: - description: >- - The bounding polygon for the crop region. The coordinates of the - bounding box are in the original image's scale. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' confidence: - description: Confidence of this being a salient region. Range [0, 1]. type: number + description: Confidence of this being a salient region. Range [0, 1]. format: float importanceFraction: description: >- Fraction of importance of this salient region with respect to the original image. + format: float + type: number + boundingPoly: + description: >- + The bounding polygon for the crop region. The coordinates of the + bounding box are in the original image's scale. + $ref: '#/components/schemas/BoundingPoly' + DetectedLanguage: + id: DetectedLanguage + properties: + languageCode: + description: >- + The BCP-47 language code, such as "en-US" or "sr-Latn". For more + information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + type: string + confidence: type: number format: float - GoogleCloudVisionV1p4beta1WebDetection: - id: GoogleCloudVisionV1p4beta1WebDetection - description: Relevant information for the image from the Internet. + description: Confidence of detected language. Range [0, 1]. + type: object + description: Detected language for a structural component. + GoogleCloudVisionV1p3beta1ProductSearchResultsObjectAnnotation: + description: Prediction for what the object in the bounding box is. type: object properties: - webEntities: - description: Deduced entities from similar images on the Internet. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1WebDetectionWebEntity - fullMatchingImages: - description: >- - Fully matching images from the Internet. Can include resized copies - of the query image. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1WebDetectionWebImage - partialMatchingImages: - description: >- - Partial matching images from the Internet. Those images are similar - enough to share some key-point features. For example an original - image will likely have partial matching for its crops. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1WebDetectionWebImage - pagesWithMatchingImages: - description: Web pages containing the matching images from the Internet. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1WebDetectionWebPage' - visuallySimilarImages: - description: The visually similar image results. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1WebDetectionWebImage - bestGuessLabels: + score: + type: number + format: float + description: Score of the result. Range [0, 1]. + mid: + description: Object ID that should align with EntityAnnotation mid. + type: string + name: + type: string + description: Object name, expressed in its `language_code` language. + languageCode: description: >- - The service's best guess as to the topic of the request image. - Inferred from similar images on the open web. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1WebDetectionWebLabel - GoogleCloudVisionV1p4beta1WebDetectionWebEntity: - id: GoogleCloudVisionV1p4beta1WebDetectionWebEntity - description: Entity deduced from similar images on the Internet. + The BCP-47 language code, such as "en-US" or "sr-Latn". For more + information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + type: string + id: GoogleCloudVisionV1p3beta1ProductSearchResultsObjectAnnotation + GoogleCloudVisionV1p2beta1OperationMetadata: + type: object + id: GoogleCloudVisionV1p2beta1OperationMetadata + properties: + createTime: + format: google-datetime + type: string + description: The time when the batch request was received. + state: + description: Current state of the batch operation. + enumDescriptions: + - Invalid. + - Request is received. + - Request is actively being processed. + - The batch processing is done. + - The batch processing was cancelled. + type: string + enum: + - STATE_UNSPECIFIED + - CREATED + - RUNNING + - DONE + - CANCELLED + updateTime: + description: The time when the operation result was last updated. + type: string + format: google-datetime + description: Contains metadata for the BatchAnnotateImages operation. + GoogleCloudVisionV1p1beta1WebDetectionWebEntity: type: object + description: Entity deduced from similar images on the Internet. + id: GoogleCloudVisionV1p1beta1WebDetectionWebEntity properties: entityId: - description: Opaque entity ID. type: string + description: Opaque entity ID. score: + format: float + type: number description: >- Overall relevancy score for the entity. Not normalized and not comparable across different image queries. - type: number - format: float description: - description: Canonical description of the entity, in English. type: string - GoogleCloudVisionV1p4beta1WebDetectionWebImage: - id: GoogleCloudVisionV1p4beta1WebDetectionWebImage - description: Metadata for online images. + description: Canonical description of the entity, in English. + GoogleCloudVisionV1p2beta1LocationInfo: + description: Detected entity location information. type: object properties: - url: - description: The result image URL. + latLng: + description: lat/long location coordinates. + $ref: '#/components/schemas/LatLng' + id: GoogleCloudVisionV1p2beta1LocationInfo + GoogleCloudVisionV1p4beta1AsyncBatchAnnotateFilesResponse: + properties: + responses: + description: >- + The list of file annotation responses, one for each request in + AsyncBatchAnnotateFilesRequest. + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p4beta1AsyncAnnotateFileResponse + type: array + id: GoogleCloudVisionV1p4beta1AsyncBatchAnnotateFilesResponse + description: Response to an async batch file annotation request. + type: object + GoogleCloudVisionV1p2beta1TextAnnotationTextProperty: + type: object + id: GoogleCloudVisionV1p2beta1TextAnnotationTextProperty + description: Additional information detected on the structural component. + properties: + detectedBreak: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1TextAnnotationDetectedBreak + description: Detected start or end of a text segment. + detectedLanguages: + type: array + description: A list of detected languages together with confidence. + items: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1TextAnnotationDetectedLanguage + GoogleCloudVisionV1p3beta1WebDetectionWebLabel: + type: object + id: GoogleCloudVisionV1p3beta1WebDetectionWebLabel + description: Label to provide extra metadata for the web detection. + properties: + languageCode: + description: >- + The BCP-47 language code for `label`, such as "en-US" or "sr-Latn". + For more information, see + http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + type: string + label: + description: Label for extra metadata. type: string - score: - description: (Deprecated) Overall relevancy score for the image. - type: number - format: float - GoogleCloudVisionV1p4beta1WebDetectionWebPage: - id: GoogleCloudVisionV1p4beta1WebDetectionWebPage - description: Metadata for web pages. - type: object + WebPage: properties: url: description: The result web page URL. type: string - score: - description: (Deprecated) Overall relevancy score for the web page. - type: number - format: float - pageTitle: - description: Title for the web page, may contain HTML markups. - type: string fullMatchingImages: + items: + $ref: '#/components/schemas/WebImage' + type: array description: >- Fully matching images on the page. Can include resized copies of the query image. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1WebDetectionWebImage + score: + description: (Deprecated) Overall relevancy score for the web page. + format: float + type: number partialMatchingImages: description: >- Partial matching images on the page. Those images are similar enough to share some key-point features. For example an original image will likely have partial matching for its crops. - type: array items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1WebDetectionWebImage - GoogleCloudVisionV1p4beta1WebDetectionWebLabel: - id: GoogleCloudVisionV1p4beta1WebDetectionWebLabel - description: Label to provide extra metadata for the web detection. + $ref: '#/components/schemas/WebImage' + type: array + pageTitle: + type: string + description: Title for the web page, may contain HTML markups. + description: Metadata for web pages. type: object + id: WebPage + DetectedBreak: properties: - label: - description: Label for extra metadata. + type: + description: Detected break type. + enum: + - UNKNOWN + - SPACE + - SURE_SPACE + - EOL_SURE_SPACE + - HYPHEN + - LINE_BREAK type: string - languageCode: - description: >- - The BCP-47 language code for `label`, such as "en-US" or "sr-Latn". - For more information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. + enumDescriptions: + - Unknown break label type. + - Regular space. + - Sure space (very wide). + - Line-wrapping break. + - >- + End-line hyphen that is not present in text; does not co-occur + with `SPACE`, `LEADER_SPACE`, or `LINE_BREAK`. + - Line break that ends a paragraph. + isPrefix: + description: True if break prepends the element. + type: boolean + description: Detected start or end of a structural component. + id: DetectedBreak + type: object + BoundingPoly: + id: BoundingPoly + description: A bounding polygon for the detected image annotation. + properties: + vertices: + description: The bounding polygon vertices. + items: + $ref: '#/components/schemas/Vertex' + type: array + normalizedVertices: + description: The bounding polygon normalized vertices. + items: + $ref: '#/components/schemas/NormalizedVertex' + type: array + type: object + GoogleCloudVisionV1p1beta1CropHintsAnnotation: + id: GoogleCloudVisionV1p1beta1CropHintsAnnotation + properties: + cropHints: + description: Crop hint results. + type: array + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1CropHint' + description: >- + Set of crop hints that are used to generate new crops when serving + images. + type: object + GoogleCloudVisionV1p3beta1TextAnnotation: + type: object + id: GoogleCloudVisionV1p3beta1TextAnnotation + properties: + pages: + description: List of pages detected by OCR. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1Page' + type: array + text: + description: UTF-8 text detected on the pages. type: string - GoogleCloudVisionV1p4beta1ProductSearchResults: - id: GoogleCloudVisionV1p4beta1ProductSearchResults - description: Results for a product search request. + description: >- + TextAnnotation contains a structured representation of OCR extracted + text. The hierarchy of an OCR extracted text structure is like this: + TextAnnotation -> Page -> Block -> Paragraph -> Word -> Symbol Each + structural component, starting from Page, may further have their own + properties. Properties describe detected languages, breaks etc.. Please + refer to the TextAnnotation.TextProperty message definition below for + more detail. + ProductSetPurgeConfig: type: object + description: Config to control which ProductSet contains the Products to be deleted. properties: - indexTime: + productSetId: description: >- - Timestamp of the index which provided these results. Products added - to the product set and products removed from the product set after - this time are not reflected in the current results. + The ProductSet that contains the Products to delete. If a Product is + a member of product_set_id in addition to other ProductSets, the + Product will still be deleted. type: string - format: google-datetime - results: - description: List of results, one for each product match. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1ProductSearchResultsResult - productGroupedResults: + id: ProductSetPurgeConfig + Page: + description: Detected page from OCR. + properties: + height: + type: integer + format: int32 description: >- - List of results grouped by products detected in the query image. - Each entry corresponds to one bounding polygon in the query image, - and contains the matching products specific to that region. There - may be duplicate product matches in the union of all the per-product - results. + Page height. For PDFs the unit is points. For images (including + TIFFs) the unit is pixels. + blocks: + description: List of blocks of text, images etc on this page. type: array items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1ProductSearchResultsGroupedResult - GoogleCloudVisionV1p4beta1ProductSearchResultsResult: - id: GoogleCloudVisionV1p4beta1ProductSearchResultsResult - description: Information about a product. + $ref: '#/components/schemas/Block' + property: + description: Additional information detected on the page. + $ref: '#/components/schemas/TextProperty' + confidence: + format: float + description: Confidence of the OCR results on the page. Range [0, 1]. + type: number + width: + format: int32 + description: >- + Page width. For PDFs the unit is points. For images (including + TIFFs) the unit is pixels. + type: integer type: object + id: Page + GoogleCloudVisionV1p2beta1EntityAnnotation: properties: - product: - description: The Product. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Product' - score: - description: >- - A confidence level on the match, ranging from 0 (no confidence) to 1 - (full confidence). + confidence: type: number + description: >- + **Deprecated. Use `score` instead.** The accuracy of the entity + detection in an image. For example, for an image in which the + "Eiffel Tower" entity is detected, this field represents the + confidence that there is a tower in the query image. Range [0, 1]. + deprecated: true format: float - image: + mid: description: >- - The resource name of the image from the product that is the closest - match to the query. + Opaque entity ID. Some IDs may be available in [Google Knowledge + Graph Search API](https://developers.google.com/knowledge-graph/). type: string - GoogleCloudVisionV1p4beta1Product: - id: GoogleCloudVisionV1p4beta1Product - description: A Product contains ReferenceImages. - type: object - properties: - name: + topicality: + format: float description: >- - The resource name of the product. Format is: - `projects/PROJECT_ID/locations/LOC_ID/products/PRODUCT_ID`. This - field is ignored when creating a product. + The relevancy of the ICA (Image Content Annotation) label to the + image. For example, the relevancy of "tower" is likely higher to an + image containing the detected "Eiffel Tower" than to an image + containing a detected distant towering building, even though the + confidence that there is a tower in each image may be the same. + Range [0, 1]. + type: number + boundingPoly: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1BoundingPoly' + description: >- + Image region to which this entity belongs. Not produced for + `LABEL_DETECTION` features. + properties: + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Property' + type: array + description: >- + Some entities may have optional user-supplied `Property` + (name/value) fields, such a score or string that qualifies the + entity. + score: + type: number + format: float + description: Overall score of the result. Range [0, 1]. + description: type: string - displayName: + description: Entity textual description, expressed in its `locale` language. + locale: description: >- - The user-provided name for this Product. Must not be empty. Must be - at most 4096 characters long. + The language code for the locale in which the entity textual + `description` is expressed. + type: string + locations: + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1LocationInfo' + type: array + description: >- + The location information for the detected entity. Multiple + `LocationInfo` elements can be present because one location may + indicate the location of the scene in the image, and another + location may indicate the location of the place where the image was + taken. Location information is usually present for landmarks. + id: GoogleCloudVisionV1p2beta1EntityAnnotation + description: Set of detected entity features. + type: object + Property: + type: object + id: Property + properties: + name: type: string - description: - description: >- - User-provided metadata to be stored with this product. Must be at - most 4096 characters long. + description: Name of the property. + value: + description: Value of the property. type: string - productCategory: - description: >- - Immutable. The category for the product identified by the reference - image. This should be one of "homegoods-v2", "apparel-v2", - "toys-v2", "packagedgoods-v1" or "general-v1". The legacy categories - "homegoods", "apparel", and "toys" are still supported, but these - should not be used for new products. + uint64Value: + format: uint64 + description: Value of numeric properties. type: string - productLabels: - description: >- - Key-value pairs that can be attached to a product. At query time, - constraints can be specified based on the product_labels. Note that - integer values can be provided as strings, e.g. "1199". Only strings - with integer values can match a range-based restriction which is to - be supported soon. Multiple values can be assigned to the same key. - One product may have up to 500 product_labels. Notice that the total - number of distinct product_labels over all products in one - ProductSet cannot exceed 1M, otherwise the product search pipeline - will refuse to work for that ProductSet. - type: array - items: - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1ProductKeyValue' - GoogleCloudVisionV1p4beta1ProductKeyValue: - id: GoogleCloudVisionV1p4beta1ProductKeyValue - description: A product label represented as a key-value pair. + description: A `Property` consists of a user-supplied name/value pair. + OutputConfig: type: object + description: The desired output location and metadata. properties: - key: + batchSize: + format: int32 + type: integer description: >- - The key of the label attached to the product. Cannot be empty and - cannot exceed 128 bytes. + The max number of response protos to put into each output JSON file + on Google Cloud Storage. The valid range is [1, 100]. If not + specified, the default value is 20. For example, for one pdf file + with 100 pages, 100 response protos will be generated. If + `batch_size` = 20, then 5 json files each containing 20 response + protos will be written under the prefix `gcs_destination`.`uri`. + Currently, batch_size only applies to GcsDestination, with potential + future support for other output configurations. + gcsDestination: + $ref: '#/components/schemas/GcsDestination' + description: The Google Cloud Storage location to write the output(s) to. + id: OutputConfig + GoogleCloudVisionV1p2beta1AsyncAnnotateFileResponse: + id: GoogleCloudVisionV1p2beta1AsyncAnnotateFileResponse + description: The response for a single offline file annotation request. + type: object + properties: + outputConfig: + description: The output location and metadata from AsyncAnnotateFileRequest. + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1OutputConfig' + GoogleCloudVisionV1p4beta1EntityAnnotation: + properties: + description: type: string - value: + description: Entity textual description, expressed in its `locale` language. + mid: description: >- - The value of the label attached to the product. Cannot be empty and - cannot exceed 128 bytes. + Opaque entity ID. Some IDs may be available in [Google Knowledge + Graph Search API](https://developers.google.com/knowledge-graph/). type: string - GoogleCloudVisionV1p4beta1ProductSearchResultsGroupedResult: - id: GoogleCloudVisionV1p4beta1ProductSearchResultsGroupedResult - description: >- - Information about the products similar to a single product in a query - image. - type: object - properties: boundingPoly: - description: The bounding polygon around the product detected in the query image. $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1BoundingPoly' - results: - description: List of results, one for each product match. - type: array + description: >- + Image region to which this entity belongs. Not produced for + `LABEL_DETECTION` features. + properties: items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1ProductSearchResultsResult - objectAnnotations: - description: List of generic predictions for the object in the bounding box. + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1Property' type: array + description: >- + Some entities may have optional user-supplied `Property` + (name/value) fields, such a score or string that qualifies the + entity. + confidence: + type: number + format: float + deprecated: true + description: >- + **Deprecated. Use `score` instead.** The accuracy of the entity + detection in an image. For example, for an image in which the + "Eiffel Tower" entity is detected, this field represents the + confidence that there is a tower in the query image. Range [0, 1]. + topicality: + description: >- + The relevancy of the ICA (Image Content Annotation) label to the + image. For example, the relevancy of "tower" is likely higher to an + image containing the detected "Eiffel Tower" than to an image + containing a detected distant towering building, even though the + confidence that there is a tower in each image may be the same. + Range [0, 1]. + type: number + format: float + locations: items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1ProductSearchResultsObjectAnnotation - GoogleCloudVisionV1p4beta1ProductSearchResultsObjectAnnotation: - id: GoogleCloudVisionV1p4beta1ProductSearchResultsObjectAnnotation - description: Prediction for what the object in the bounding box is. - type: object - properties: - mid: - description: Object ID that should align with EntityAnnotation mid. - type: string - languageCode: + $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1LocationInfo' description: >- - The BCP-47 language code, such as "en-US" or "sr-Latn". For more - information, see - http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. - type: string - name: - description: Object name, expressed in its `language_code` language. - type: string + The location information for the detected entity. Multiple + `LocationInfo` elements can be present because one location may + indicate the location of the scene in the image, and another + location may indicate the location of the place where the image was + taken. Location information is usually present for landmarks. + type: array score: - description: Score of the result. Range [0, 1]. - type: number + description: Overall score of the result. Range [0, 1]. format: float - GoogleCloudVisionV1p4beta1ImageAnnotationContext: - id: GoogleCloudVisionV1p4beta1ImageAnnotationContext - description: >- - If an image was produced from a file (e.g. a PDF), this message gives - information about the source of that image. + type: number + locale: + description: >- + The language code for the locale in which the entity textual + `description` is expressed. + type: string + description: Set of detected entity features. + id: GoogleCloudVisionV1p4beta1EntityAnnotation type: object + GoogleCloudVisionV1p2beta1Page: properties: - uri: - description: The URI of the file used to produce the image. - type: string - pageNumber: + property: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1TextAnnotationTextProperty + description: Additional information detected on the page. + height: description: >- - If the file was a PDF or TIFF, this field gives the page number - within the file used to produce the image. + Page height. For PDFs the unit is points. For images (including + TIFFs) the unit is pixels. + format: int32 type: integer + blocks: + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1Block' + description: List of blocks of text, images etc on this page. + type: array + width: format: int32 - GoogleCloudVisionV1p4beta1AsyncBatchAnnotateFilesResponse: - id: GoogleCloudVisionV1p4beta1AsyncBatchAnnotateFilesResponse - description: Response to an async batch file annotation request. + type: integer + description: >- + Page width. For PDFs the unit is points. For images (including + TIFFs) the unit is pixels. + confidence: + type: number + format: float + description: Confidence of the OCR results on the page. Range [0, 1]. + description: Detected page from OCR. + type: object + id: GoogleCloudVisionV1p2beta1Page + GoogleCloudVisionV1p2beta1AnnotateImageResponse: + id: GoogleCloudVisionV1p2beta1AnnotateImageResponse type: object properties: - responses: + webDetection: + description: If present, web detection has completed successfully. + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1WebDetection' + landmarkAnnotations: + type: array + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1EntityAnnotation' + description: If present, landmark detection has completed successfully. + textAnnotations: + type: array + description: If present, text (OCR) detection has completed successfully. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1EntityAnnotation' + logoAnnotations: + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1EntityAnnotation' + description: If present, logo detection has completed successfully. + type: array + productSearchResults: + description: If present, product search has completed successfully. + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1ProductSearchResults' + labelAnnotations: + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1EntityAnnotation' + type: array + description: If present, label detection has completed successfully. + safeSearchAnnotation: + description: If present, safe-search annotation has completed successfully. + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1SafeSearchAnnotation' + fullTextAnnotation: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1TextAnnotation' description: >- - The list of file annotation responses, one for each request in - AsyncBatchAnnotateFilesRequest. + If present, text (OCR) detection or document (OCR) text detection + has completed successfully. This annotation provides the structural + hierarchy for the OCR detected text. + context: + $ref: >- + #/components/schemas/GoogleCloudVisionV1p2beta1ImageAnnotationContext + description: >- + If present, contextual information is needed to understand where + this image comes from. + error: + $ref: '#/components/schemas/Status' + description: >- + If set, represents the error message for the operation. Note that + filled-in image annotations are guaranteed to be correct, even when + `error` is set. + cropHintsAnnotation: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1CropHintsAnnotation' + description: If present, crop hints have completed successfully. + faceAnnotations: type: array + description: If present, face detection has completed successfully. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1FaceAnnotation' + localizedObjectAnnotations: items: $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1AsyncAnnotateFileResponse - GoogleCloudVisionV1p4beta1AsyncAnnotateFileResponse: - id: GoogleCloudVisionV1p4beta1AsyncAnnotateFileResponse - description: The response for a single offline file annotation request. + #/components/schemas/GoogleCloudVisionV1p2beta1LocalizedObjectAnnotation + type: array + description: >- + If present, localized object detection has completed successfully. + This will be sorted descending by confidence score. + imagePropertiesAnnotation: + description: If present, image properties were extracted successfully. + $ref: '#/components/schemas/GoogleCloudVisionV1p2beta1ImageProperties' + description: Response to an image annotation request. + GoogleCloudVisionV1p1beta1BoundingPoly: type: object properties: - outputConfig: - description: The output location and metadata from AsyncAnnotateFileRequest. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1OutputConfig' - GoogleCloudVisionV1p4beta1OutputConfig: - id: GoogleCloudVisionV1p4beta1OutputConfig - description: The desired output location and metadata. - type: object + vertices: + type: array + description: The bounding polygon vertices. + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1Vertex' + normalizedVertices: + items: + $ref: '#/components/schemas/GoogleCloudVisionV1p1beta1NormalizedVertex' + description: The bounding polygon normalized vertices. + type: array + id: GoogleCloudVisionV1p1beta1BoundingPoly + description: A bounding polygon for the detected image annotation. + AnnotateFileRequest: + description: A request to annotate one single file, e.g. a PDF, TIFF or GIF file. properties: - gcsDestination: - description: The Google Cloud Storage location to write the output(s) to. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1GcsDestination' - batchSize: + features: + description: Required. Requested features. + type: array + items: + $ref: '#/components/schemas/Feature' + inputConfig: + $ref: '#/components/schemas/InputConfig' + description: Required. Information about the input file. + imageContext: + description: Additional context that may accompany the image(s) in the file. + $ref: '#/components/schemas/ImageContext' + pages: + items: + format: int32 + type: integer description: >- - The max number of response protos to put into each output JSON file - on Google Cloud Storage. The valid range is [1, 100]. If not - specified, the default value is 20. For example, for one pdf file - with 100 pages, 100 response protos will be generated. If - `batch_size` = 20, then 5 json files each containing 20 response - protos will be written under the prefix `gcs_destination`.`uri`. - Currently, batch_size only applies to GcsDestination, with potential - future support for other output configurations. - type: integer - format: int32 - GoogleCloudVisionV1p4beta1GcsDestination: - id: GoogleCloudVisionV1p4beta1GcsDestination - description: The Google Cloud Storage location where the output will be written to. + Pages of the file to perform image annotation. Pages starts from 1, + we assume the first page of the file is page 1. At most 5 pages are + supported per request. Pages can be negative. Page 1 means the first + page. Page 2 means the second page. Page -1 means the last page. + Page -2 means the second to the last page. If the file is GIF + instead of PDF or TIFF, page refers to GIF frames. If this field is + empty, by default the service performs image annotation for the + first 5 pages of the file. + type: array + id: AnnotateFileRequest type: object + GoogleCloudVisionV1p3beta1Symbol: + id: GoogleCloudVisionV1p3beta1Symbol properties: - uri: + property: + description: Additional information detected for the symbol. + $ref: >- + #/components/schemas/GoogleCloudVisionV1p3beta1TextAnnotationTextProperty + boundingBox: + $ref: '#/components/schemas/GoogleCloudVisionV1p3beta1BoundingPoly' description: >- - Google Cloud Storage URI prefix where the results will be stored. - Results will be in JSON format and preceded by its corresponding - input URI prefix. This field can either represent a gcs file prefix - or gcs directory. In either case, the uri should be unique because - in order to get all of the output files, you will need to do a - wildcard gcs search on the uri prefix you provide. Examples: * File - Prefix: gs://bucket-name/here/filenameprefix The output files will - be created in gs://bucket-name/here/ and the names of the output - files will begin with "filenameprefix". * Directory Prefix: - gs://bucket-name/some/location/ The output files will be created in - gs://bucket-name/some/location/ and the names of the output files - could be anything because there was no filename prefix specified. If - multiple outputs, each response is still AnnotateFileResponse, each - of which contains some subset of the full list of - AnnotateImageResponse. Multiple outputs can happen if, for example, - the output JSON is too large and overflows into multiple sharded - files. - type: string - GoogleCloudVisionV1p4beta1OperationMetadata: - id: GoogleCloudVisionV1p4beta1OperationMetadata - description: Contains metadata for the BatchAnnotateImages operation. - type: object - properties: - state: - description: Current state of the batch operation. - type: string - enumDescriptions: - - Invalid. - - Request is received. - - Request is actively being processed. - - The batch processing is done. - - The batch processing was cancelled. - enum: - - STATE_UNSPECIFIED - - CREATED - - RUNNING - - DONE - - CANCELLED - createTime: - description: The time when the batch request was received. - type: string - format: google-datetime - updateTime: - description: The time when the operation result was last updated. + The bounding box for the symbol. The vertices are in the order of + top-left, top-right, bottom-right, bottom-left. When a rotation of + the bounding box is detected the rotation is represented as around + the top-left corner as defined when the text is read in the + 'natural' orientation. For example: * when the text is horizontal it + might look like: 0----1 | | 3----2 * when it's rotated 180 degrees + around the top-left corner it becomes: 2----3 | | 1----0 and the + vertex order will still be (0, 1, 2, 3). + confidence: + description: Confidence of the OCR results for the symbol. Range [0, 1]. + type: number + format: float + text: + description: The actual UTF-8 representation of the symbol. type: string - format: google-datetime - GoogleCloudVisionV1p4beta1AsyncBatchAnnotateImagesResponse: - id: GoogleCloudVisionV1p4beta1AsyncBatchAnnotateImagesResponse - description: Response to an async batch image annotation request. - type: object - properties: - outputConfig: - description: >- - The output location and metadata from - AsyncBatchAnnotateImagesRequest. - $ref: '#/components/schemas/GoogleCloudVisionV1p4beta1OutputConfig' - GoogleCloudVisionV1p4beta1BatchAnnotateFilesResponse: - id: GoogleCloudVisionV1p4beta1BatchAnnotateFilesResponse - description: A list of file annotation responses. + description: A single symbol representation. type: object - properties: - responses: - description: >- - The list of file annotation responses, each response corresponding - to each AnnotateFileRequest in BatchAnnotateFilesRequest. - type: array - items: - $ref: >- - #/components/schemas/GoogleCloudVisionV1p4beta1AnnotateFileResponse parameters: - access_token: - description: OAuth access token. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: access_token + name: key schema: type: string - alt: - description: Data format for response. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: alt + name: prettyPrint schema: - type: string - enum: - - json - - media - - proto - callback: - description: JSONP + type: boolean + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: callback + name: oauth_token schema: type: string fields: @@ -8141,34 +8149,26 @@ components: name: fields schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: key + name: uploadType schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + alt: + description: Data format for response. in: query - name: oauth_token + name: alt schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + enum: + - json + - media + - proto + callback: + description: JSONP in: query - name: quotaUser + name: callback schema: type: string upload_protocol: @@ -8177,10 +8177,10 @@ components: name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + access_token: + description: OAuth access token. in: query - name: uploadType + name: access_token schema: type: string _.xgafv: @@ -8192,7 +8192,66 @@ components: enum: - '1' - '2' + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. + in: query + name: quotaUser + schema: + type: string x-stackQL-resources: + images: + id: google.vision.images + name: images + title: Images + methods: + images_async_batch_annotate: + operation: + $ref: '#/paths/~1v1~1images:asyncBatchAnnotate/post' + response: + mediaType: application/json + openAPIDocKey: '200' + images_annotate: + operation: + $ref: '#/paths/~1v1~1images:annotate/post' + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_images_async_batch_annotate: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1images:asyncBatchAnnotate/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_images_annotate: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1images:annotate/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_images_annotate: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1images:annotate/post' + response: + mediaType: application/json + openAPIDocKey: '200' + projects_images_async_batch_annotate: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1images:asyncBatchAnnotate/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] operations: id: google.vision.operations name: operations @@ -8204,7 +8263,7 @@ components: response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations + objectKey: $.unreachable operations_get: operation: $ref: '#/paths/~1v1~1operations~1{operationsId}/get' @@ -8261,30 +8320,80 @@ components: delete: - $ref: >- #/components/x-stackQL-resources/operations/methods/operations_delete + files: + id: google.vision.files + name: files + title: Files + methods: + projects_locations_files_annotate: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1files:annotate/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_locations_files_async_batch_annotate: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1files:asyncBatchAnnotate/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_files_async_batch_annotate: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1files:asyncBatchAnnotate/post + response: + mediaType: application/json + openAPIDocKey: '200' + projects_files_annotate: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1files:annotate/post' + response: + mediaType: application/json + openAPIDocKey: '200' + files_annotate: + operation: + $ref: '#/paths/~1v1~1files:annotate/post' + response: + mediaType: application/json + openAPIDocKey: '200' + files_async_batch_annotate: + operation: + $ref: '#/paths/~1v1~1files:asyncBatchAnnotate/post' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] product_sets: id: google.vision.product_sets name: product_sets title: Product_sets methods: - projects_locations_product_sets_create: + projects_locations_product_sets_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1productSets/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1productSets/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_product_sets_list: + objectKey: $.productSets + projects_locations_product_sets_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1productSets/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1productSets/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.productSets - projects_locations_product_sets_get: + projects_locations_product_sets_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1productSets~1{productSetsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1productSets~1{productSetsId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -8295,10 +8404,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - projects_locations_product_sets_delete: + projects_locations_product_sets_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1productSets~1{productSetsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1productSets~1{productSetsId}/get response: mediaType: application/json openAPIDocKey: '200' @@ -8330,17 +8439,17 @@ components: name: product_sets_product title: Product_sets_product methods: - projects_locations_product_sets_add_product: + projects_locations_product_sets_remove_product: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1productSets~1{productSetsId}:addProduct/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1productSets~1{productSetsId}:removeProduct/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_product_sets_remove_product: + projects_locations_product_sets_add_product: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1productSets~1{productSetsId}:removeProduct/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1productSets~1{productSetsId}:addProduct/post response: mediaType: application/json openAPIDocKey: '200' @@ -8367,46 +8476,46 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.products - projects_locations_products_create: + projects_locations_products_purge: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products:purge/post response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_list: + projects_locations_products_delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.products - projects_locations_products_get: + projects_locations_products_patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}/patch response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_patch: + projects_locations_products_get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_delete: + projects_locations_products_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products/get response: mediaType: application/json openAPIDocKey: '200' - projects_locations_products_purge: + objectKey: $.products + projects_locations_products_create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products:purge/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products/post response: mediaType: application/json openAPIDocKey: '200' @@ -8433,21 +8542,6 @@ components: name: reference_images title: Reference_images methods: - projects_locations_products_reference_images_create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1referenceImages/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_products_reference_images_list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1referenceImages/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.referenceImages projects_locations_products_reference_images_delete: operation: $ref: >- @@ -8462,134 +8556,110 @@ components: response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/reference_images/methods/projects_locations_products_reference_images_get - - $ref: >- - #/components/x-stackQL-resources/reference_images/methods/projects_locations_products_reference_images_list - insert: - - $ref: >- - #/components/x-stackQL-resources/reference_images/methods/projects_locations_products_reference_images_create - update: [] - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/reference_images/methods/projects_locations_products_reference_images_delete - images: - id: google.vision.images - name: images - title: Images - methods: - projects_locations_images_annotate: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1images:annotate/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_images_async_batch_annotate: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1images:asyncBatchAnnotate/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_images_annotate: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1images:annotate/post' - response: - mediaType: application/json - openAPIDocKey: '200' - projects_images_async_batch_annotate: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1images:asyncBatchAnnotate/post - response: - mediaType: application/json - openAPIDocKey: '200' - images_annotate: - operation: - $ref: '#/paths/~1v1~1images:annotate/post' - response: - mediaType: application/json - openAPIDocKey: '200' - images_async_batch_annotate: - operation: - $ref: '#/paths/~1v1~1images:asyncBatchAnnotate/post' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] - files: - id: google.vision.files - name: files - title: Files - methods: - projects_locations_files_annotate: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1files:annotate/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_locations_files_async_batch_annotate: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1files:asyncBatchAnnotate/post - response: - mediaType: application/json - openAPIDocKey: '200' - projects_files_annotate: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1files:annotate/post' - response: - mediaType: application/json - openAPIDocKey: '200' - projects_files_async_batch_annotate: + projects_locations_products_reference_images_list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1files:asyncBatchAnnotate/post - response: - mediaType: application/json - openAPIDocKey: '200' - files_annotate: - operation: - $ref: '#/paths/~1v1~1files:annotate/post' + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1referenceImages/get response: mediaType: application/json openAPIDocKey: '200' - files_async_batch_annotate: + objectKey: $.referenceImages + projects_locations_products_reference_images_create: operation: - $ref: '#/paths/~1v1~1files:asyncBatchAnnotate/post' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1products~1{productsId}~1referenceImages/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: - select: [] - insert: [] + select: + - $ref: >- + #/components/x-stackQL-resources/reference_images/methods/projects_locations_products_reference_images_get + - $ref: >- + #/components/x-stackQL-resources/reference_images/methods/projects_locations_products_reference_images_list + insert: + - $ref: >- + #/components/x-stackQL-resources/reference_images/methods/projects_locations_products_reference_images_create update: [] replace: [] - delete: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/reference_images/methods/projects_locations_products_reference_images_delete paths: - /v1/operations: + /v1/images:asyncBatchAnnotate: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/quotaUser' + post: + description: >- + Run asynchronous image detection and annotation for a list of images. + Progress and results can be retrieved through the + `google.longrunning.Operations` interface. `Operation.metadata` contains + `OperationMetadata` (metadata). `Operation.response` contains + `AsyncBatchAnnotateImagesResponse` (results). This service will write + image annotation outputs to json files in customer GCS bucket, each json + file containing BatchAnnotateImagesResponse proto. + operationId: vision.images.asyncBatchAnnotate + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncBatchAnnotateImagesRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-vision + Oauth2c: + - https://www.googleapis.com/auth/cloud-vision + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: [] + /v1/images:annotate: + parameters: *ref_1 + post: + description: Run image detection and annotation for a batch of images. + operationId: vision.images.annotate + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BatchAnnotateImagesRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-vision + Oauth2c: + - https://www.googleapis.com/auth/cloud-vision + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/BatchAnnotateImagesResponse' + parameters: [] + /v1/operations: + parameters: *ref_1 get: description: >- Lists operations that match the specified filter in the request. If the @@ -8613,7 +8683,11 @@ paths: $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: query - name: filter + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken schema: type: string - in: query @@ -8622,7 +8696,7 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string /v1/operations/{operationsId}: @@ -8760,14 +8834,22 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + /v1/projects/{projectsId}/locations/{locationsId}/files:annotate: parameters: *ref_1 - get: + post: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: vision.projects.locations.operations.get + Service that performs image detection and annotation for a batch of + files. Now only "application/pdf", "image/tiff" and "image/gif" are + supported. This service will extract at most 5 (customers can specify + which 5 in AnnotateFileRequest.pages) frames (gif) or pages (pdf or + tiff) from each file provided and perform detection and annotation for + each image extracted. + operationId: vision.projects.locations.files.annotate + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BatchAnnotateFilesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8783,7 +8865,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/BatchAnnotateFilesResponse' parameters: - in: path name: projectsId @@ -8795,24 +8877,22 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/productSets: + /v1/projects/{projectsId}/locations/{locationsId}/files:asyncBatchAnnotate: parameters: *ref_1 post: description: >- - Creates and returns a new ProductSet resource. Possible errors: * - Returns INVALID_ARGUMENT if display_name is missing, or is longer than - 4096 characters. - operationId: vision.projects.locations.productSets.create + Run asynchronous image detection and annotation for a list of generic + files, such as PDF files, which may contain multiple pages and multiple + images per page. Progress and results can be retrieved through the + `google.longrunning.Operations` interface. `Operation.metadata` contains + `OperationMetadata` (metadata). `Operation.response` contains + `AsyncBatchAnnotateFilesResponse` (results). + operationId: vision.projects.locations.files.asyncBatchAnnotate requestBody: content: application/json: schema: - $ref: '#/components/schemas/ProductSet' + $ref: '#/components/schemas/AsyncBatchAnnotateFilesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8828,7 +8908,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ProductSet' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -8840,10 +8920,48 @@ paths: required: true schema: type: string - - in: query - name: productSetId + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: vision.projects.locations.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + - Oauth2: + - https://www.googleapis.com/auth/cloud-vision + Oauth2c: + - https://www.googleapis.com/auth/cloud-vision + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/productSets: + parameters: *ref_1 get: description: >- Lists ProductSets in an unspecified order. Possible errors: * Returns @@ -8876,22 +8994,26 @@ paths: required: true schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/productSets/{productSetsId}: - parameters: *ref_1 - get: + post: description: >- - Gets information associated with a ProductSet. Possible errors: * - Returns NOT_FOUND if the ProductSet does not exist. - operationId: vision.projects.locations.productSets.get + Creates and returns a new ProductSet resource. Possible errors: * + Returns INVALID_ARGUMENT if display_name is missing, or is longer than + 4096 characters. + operationId: vision.projects.locations.productSets.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ProductSet' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8919,23 +9041,20 @@ paths: required: true schema: type: string - - in: path - name: productSetsId - required: true + - in: query + name: productSetId schema: type: string - patch: - description: >- - Makes changes to a ProductSet resource. Only display_name can be updated - currently. Possible errors: * Returns NOT_FOUND if the ProductSet does - not exist. * Returns INVALID_ARGUMENT if display_name is present in - update_mask but missing from the request or longer than 4096 characters. - operationId: vision.projects.locations.productSets.patch + /v1/projects/{projectsId}/locations/{locationsId}/productSets/{productSetsId}:removeProduct: + parameters: *ref_1 + post: + description: Removes a Product from the specified ProductSet. + operationId: vision.projects.locations.productSets.removeProduct requestBody: content: application/json: schema: - $ref: '#/components/schemas/ProductSet' + $ref: '#/components/schemas/RemoveProductFromProductSetRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8951,7 +9070,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ProductSet' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -8968,11 +9087,8 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/productSets/{productSetsId}: + parameters: *ref_1 delete: description: >- Permanently deletes a ProductSet. Products and ReferenceImages in the @@ -9011,20 +9127,18 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/productSets/{productSetsId}:addProduct: - parameters: *ref_1 - post: + patch: description: >- - Adds a Product to the specified ProductSet. If the Product is already - present, no change is made. One Product can be added to at most 100 - ProductSets. Possible errors: * Returns NOT_FOUND if the Product or the - ProductSet doesn't exist. - operationId: vision.projects.locations.productSets.addProduct + Makes changes to a ProductSet resource. Only display_name can be updated + currently. Possible errors: * Returns NOT_FOUND if the ProductSet does + not exist. * Returns INVALID_ARGUMENT if display_name is present in + update_mask but missing from the request or longer than 4096 characters. + operationId: vision.projects.locations.productSets.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/AddProductToProductSetRequest' + $ref: '#/components/schemas/ProductSet' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9040,7 +9154,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ProductSet' parameters: - in: path name: projectsId @@ -9057,16 +9171,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/productSets/{productSetsId}:removeProduct: - parameters: *ref_1 - post: - description: Removes a Product from the specified ProductSet. - operationId: vision.projects.locations.productSets.removeProduct - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RemoveProductFromProductSetRequest' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: >- + Gets information associated with a ProductSet. Possible errors: * + Returns NOT_FOUND if the ProductSet does not exist. + operationId: vision.projects.locations.productSets.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9082,7 +9196,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ProductSet' parameters: - in: path name: projectsId @@ -9144,15 +9258,20 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/productSets/{productSetsId}/products: + /v1/projects/{projectsId}/locations/{locationsId}/productSets/{productSetsId}:addProduct: parameters: *ref_1 - get: + post: description: >- - Lists the Products in a ProductSet, in an unspecified order. If the - ProductSet does not exist, the products field of the response will be - empty. Possible errors: * Returns INVALID_ARGUMENT if page_size is - greater than 100 or less than 1. - operationId: vision.projects.locations.productSets.products.list + Adds a Product to the specified ProductSet. If the Product is already + present, no change is made. One Product can be added to at most 100 + ProductSets. Possible errors: * Returns NOT_FOUND if the Product or the + ProductSet doesn't exist. + operationId: vision.projects.locations.productSets.addProduct + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AddProductToProductSetRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9168,7 +9287,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListProductsInProductSetResponse' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -9185,30 +9304,15 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/products: + /v1/projects/{projectsId}/locations/{locationsId}/productSets/{productSetsId}/products: parameters: *ref_1 - post: + get: description: >- - Creates and returns a new product resource. Possible errors: * Returns - INVALID_ARGUMENT if display_name is missing or longer than 4096 - characters. * Returns INVALID_ARGUMENT if description is longer than - 4096 characters. * Returns INVALID_ARGUMENT if product_category is - missing or invalid. - operationId: vision.projects.locations.products.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Product' + Lists the Products in a ProductSet, in an unspecified order. If the + ProductSet does not exist, the products field of the response will be + empty. Possible errors: * Returns INVALID_ARGUMENT if page_size is + greater than 100 or less than 1. + operationId: vision.projects.locations.productSets.products.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9224,7 +9328,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Product' + $ref: '#/components/schemas/ListProductsInProductSetResponse' parameters: - in: path name: projectsId @@ -9236,15 +9340,48 @@ paths: required: true schema: type: string + - in: path + name: productSetsId + required: true + schema: + type: string - in: query - name: productId + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - get: + /v1/projects/{projectsId}/locations/{locationsId}/products:purge: + parameters: *ref_1 + post: description: >- - Lists products in an unspecified order. Possible errors: * Returns - INVALID_ARGUMENT if page_size is greater than 100 or less than 1. - operationId: vision.projects.locations.products.list + Asynchronous API to delete all Products in a ProductSet or all Products + that are in no ProductSet. If a Product is a member of the specified + ProductSet in addition to other ProductSets, the Product will still be + deleted. It is recommended to not delete the specified ProductSet until + after this operation has completed. It is also recommended to not add + any of the Products involved in the batch delete to a new ProductSet + while this operation is running because those Products may still end up + deleted. It's not possible to undo the PurgeProducts operation. + Therefore, it is recommended to keep the csv files used in + ImportProductSets (if that was how you originally built the Product Set) + before starting PurgeProducts, in case you need to re-import the data + after deletion. If the plan is to purge all of the Products from a + ProductSet and then re-use the empty ProductSet to re-import new + Products into the empty ProductSet, you must wait until the + PurgeProducts operation has finished for that ProductSet. The + google.longrunning.Operation API can be used to keep track of the + progress and results of the request. `Operation.metadata` contains + `BatchOperationMetadata`. (progress) + operationId: vision.projects.locations.products.purge + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PurgeProductsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9260,7 +9397,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListProductsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9272,22 +9409,15 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}: parameters: *ref_1 - get: + delete: description: >- - Gets information associated with a Product. Possible errors: * Returns - NOT_FOUND if the Product does not exist. - operationId: vision.projects.locations.products.get + Permanently deletes a product and its reference images. Metadata of the + product and all its images will be deleted right away, but search + queries against ProductSets containing the product may still work until + all related caches are refreshed. + operationId: vision.projects.locations.products.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9303,7 +9433,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Product' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -9374,13 +9504,11 @@ paths: schema: type: string format: google-fieldmask - delete: + get: description: >- - Permanently deletes a product and its reference images. Metadata of the - product and all its images will be deleted right away, but search - queries against ProductSets containing the product may still work until - all related caches are refreshed. - operationId: vision.projects.locations.products.delete + Gets information associated with a Product. Possible errors: * Returns + NOT_FOUND if the Product does not exist. + operationId: vision.projects.locations.products.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9396,7 +9524,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Product' parameters: - in: path name: projectsId @@ -9413,84 +9541,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/products:purge: - parameters: *ref_1 - post: - description: >- - Asynchronous API to delete all Products in a ProductSet or all Products - that are in no ProductSet. If a Product is a member of the specified - ProductSet in addition to other ProductSets, the Product will still be - deleted. It is recommended to not delete the specified ProductSet until - after this operation has completed. It is also recommended to not add - any of the Products involved in the batch delete to a new ProductSet - while this operation is running because those Products may still end up - deleted. It's not possible to undo the PurgeProducts operation. - Therefore, it is recommended to keep the csv files used in - ImportProductSets (if that was how you originally built the Product Set) - before starting PurgeProducts, in case you need to re-import the data - after deletion. If the plan is to purge all of the Products from a - ProductSet and then re-use the empty ProductSet to re-import new - Products into the empty ProductSet, you must wait until the - PurgeProducts operation has finished for that ProductSet. The - google.longrunning.Operation API can be used to keep track of the - progress and results of the request. `Operation.metadata` contains - `BatchOperationMetadata`. (progress) - operationId: vision.projects.locations.products.purge - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PurgeProductsRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-vision - Oauth2c: - - https://www.googleapis.com/auth/cloud-vision - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/referenceImages: + /v1/projects/{projectsId}/locations/{locationsId}/products: parameters: *ref_1 - post: + get: description: >- - Creates and returns a new ReferenceImage resource. The `bounding_poly` - field is optional. If `bounding_poly` is not specified, the system will - try to detect regions of interest in the image that are compatible with - the product_category on the parent product. If it is specified, - detection is ALWAYS skipped. The system converts polygons into - non-rotated rectangles. Note that the pipeline will resize the image if - the image resolution is too large to process (above 50MP). Possible - errors: * Returns INVALID_ARGUMENT if the image_uri is missing or longer - than 4096 characters. * Returns INVALID_ARGUMENT if the product does not - exist. * Returns INVALID_ARGUMENT if bounding_poly is not provided, and - nothing compatible with the parent product's product_category is - detected. * Returns INVALID_ARGUMENT if bounding_poly contains more than - 10 polygons. - operationId: vision.projects.locations.products.referenceImages.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ReferenceImage' + Lists products in an unspecified order. Possible errors: * Returns + INVALID_ARGUMENT if page_size is greater than 100 or less than 1. + operationId: vision.projects.locations.products.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9506,7 +9563,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ReferenceImage' + $ref: '#/components/schemas/ListProductsResponse' parameters: - in: path name: projectsId @@ -9518,21 +9575,28 @@ paths: required: true schema: type: string - - in: path - name: productsId - required: true + - in: query + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: referenceImageId + name: pageToken schema: type: string - get: + post: description: >- - Lists reference images. Possible errors: * Returns NOT_FOUND if the - parent product does not exist. * Returns INVALID_ARGUMENT if the - page_size is greater than 100, or less than 1. - operationId: vision.projects.locations.products.referenceImages.list + Creates and returns a new product resource. Possible errors: * Returns + INVALID_ARGUMENT if display_name is missing or longer than 4096 + characters. * Returns INVALID_ARGUMENT if description is longer than + 4096 characters. * Returns INVALID_ARGUMENT if product_category is + missing or invalid. + operationId: vision.projects.locations.products.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Product' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9548,7 +9612,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListReferenceImagesResponse' + $ref: '#/components/schemas/Product' parameters: - in: path name: projectsId @@ -9560,18 +9624,8 @@ paths: required: true schema: type: string - - in: path - name: productsId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query - name: pageToken + name: productId schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/referenceImages/{referenceImagesId}: @@ -9662,16 +9716,14 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/images:annotate: + /v1/projects/{projectsId}/locations/{locationsId}/products/{productsId}/referenceImages: parameters: *ref_1 - post: - description: Run image detection and annotation for a batch of images. - operationId: vision.projects.locations.images.annotate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BatchAnnotateImagesRequest' + get: + description: >- + Lists reference images. Possible errors: * Returns NOT_FOUND if the + parent product does not exist. * Returns INVALID_ARGUMENT if the + page_size is greater than 100, or less than 1. + operationId: vision.projects.locations.products.referenceImages.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9687,7 +9739,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BatchAnnotateImagesResponse' + $ref: '#/components/schemas/ListReferenceImagesResponse' parameters: - in: path name: projectsId @@ -9699,23 +9751,41 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/images:asyncBatchAnnotate: - parameters: *ref_1 + - in: path + name: productsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string post: description: >- - Run asynchronous image detection and annotation for a list of images. - Progress and results can be retrieved through the - `google.longrunning.Operations` interface. `Operation.metadata` contains - `OperationMetadata` (metadata). `Operation.response` contains - `AsyncBatchAnnotateImagesResponse` (results). This service will write - image annotation outputs to json files in customer GCS bucket, each json - file containing BatchAnnotateImagesResponse proto. - operationId: vision.projects.locations.images.asyncBatchAnnotate + Creates and returns a new ReferenceImage resource. The `bounding_poly` + field is optional. If `bounding_poly` is not specified, the system will + try to detect regions of interest in the image that are compatible with + the product_category on the parent product. If it is specified, + detection is ALWAYS skipped. The system converts polygons into + non-rotated rectangles. Note that the pipeline will resize the image if + the image resolution is too large to process (above 50MP). Possible + errors: * Returns INVALID_ARGUMENT if the image_uri is missing or longer + than 4096 characters. * Returns INVALID_ARGUMENT if the product does not + exist. * Returns INVALID_ARGUMENT if bounding_poly is not provided, and + nothing compatible with the parent product's product_category is + detected. * Returns INVALID_ARGUMENT if bounding_poly contains more than + 10 polygons. + operationId: vision.projects.locations.products.referenceImages.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/AsyncBatchAnnotateImagesRequest' + $ref: '#/components/schemas/ReferenceImage' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9731,7 +9801,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ReferenceImage' parameters: - in: path name: projectsId @@ -9743,22 +9813,32 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/files:annotate: + - in: path + name: productsId + required: true + schema: + type: string + - in: query + name: referenceImageId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/images:asyncBatchAnnotate: parameters: *ref_1 post: description: >- - Service that performs image detection and annotation for a batch of - files. Now only "application/pdf", "image/tiff" and "image/gif" are - supported. This service will extract at most 5 (customers can specify - which 5 in AnnotateFileRequest.pages) frames (gif) or pages (pdf or - tiff) from each file provided and perform detection and annotation for - each image extracted. - operationId: vision.projects.locations.files.annotate + Run asynchronous image detection and annotation for a list of images. + Progress and results can be retrieved through the + `google.longrunning.Operations` interface. `Operation.metadata` contains + `OperationMetadata` (metadata). `Operation.response` contains + `AsyncBatchAnnotateImagesResponse` (results). This service will write + image annotation outputs to json files in customer GCS bucket, each json + file containing BatchAnnotateImagesResponse proto. + operationId: vision.projects.locations.images.asyncBatchAnnotate requestBody: content: application/json: schema: - $ref: '#/components/schemas/BatchAnnotateFilesRequest' + $ref: '#/components/schemas/AsyncBatchAnnotateImagesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9774,7 +9854,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BatchAnnotateFilesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -9786,22 +9866,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/files:asyncBatchAnnotate: + /v1/projects/{projectsId}/locations/{locationsId}/images:annotate: parameters: *ref_1 post: - description: >- - Run asynchronous image detection and annotation for a list of generic - files, such as PDF files, which may contain multiple pages and multiple - images per page. Progress and results can be retrieved through the - `google.longrunning.Operations` interface. `Operation.metadata` contains - `OperationMetadata` (metadata). `Operation.response` contains - `AsyncBatchAnnotateFilesResponse` (results). - operationId: vision.projects.locations.files.asyncBatchAnnotate + description: Run image detection and annotation for a batch of images. + operationId: vision.projects.locations.images.annotate requestBody: content: application/json: schema: - $ref: '#/components/schemas/AsyncBatchAnnotateFilesRequest' + $ref: '#/components/schemas/BatchAnnotateImagesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9817,7 +9891,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/BatchAnnotateImagesResponse' parameters: - in: path name: projectsId @@ -9829,16 +9903,22 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/images:annotate: + /v1/projects/{projectsId}/files:asyncBatchAnnotate: parameters: *ref_1 post: - description: Run image detection and annotation for a batch of images. - operationId: vision.projects.images.annotate + description: >- + Run asynchronous image detection and annotation for a list of generic + files, such as PDF files, which may contain multiple pages and multiple + images per page. Progress and results can be retrieved through the + `google.longrunning.Operations` interface. `Operation.metadata` contains + `OperationMetadata` (metadata). `Operation.response` contains + `AsyncBatchAnnotateFilesResponse` (results). + operationId: vision.projects.files.asyncBatchAnnotate requestBody: content: application/json: schema: - $ref: '#/components/schemas/BatchAnnotateImagesRequest' + $ref: '#/components/schemas/AsyncBatchAnnotateFilesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9854,30 +9934,29 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BatchAnnotateImagesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/images:asyncBatchAnnotate: + /v1/projects/{projectsId}/files:annotate: parameters: *ref_1 post: description: >- - Run asynchronous image detection and annotation for a list of images. - Progress and results can be retrieved through the - `google.longrunning.Operations` interface. `Operation.metadata` contains - `OperationMetadata` (metadata). `Operation.response` contains - `AsyncBatchAnnotateImagesResponse` (results). This service will write - image annotation outputs to json files in customer GCS bucket, each json - file containing BatchAnnotateImagesResponse proto. - operationId: vision.projects.images.asyncBatchAnnotate + Service that performs image detection and annotation for a batch of + files. Now only "application/pdf", "image/tiff" and "image/gif" are + supported. This service will extract at most 5 (customers can specify + which 5 in AnnotateFileRequest.pages) frames (gif) or pages (pdf or + tiff) from each file provided and perform detection and annotation for + each image extracted. + operationId: vision.projects.files.annotate requestBody: content: application/json: schema: - $ref: '#/components/schemas/AsyncBatchAnnotateImagesRequest' + $ref: '#/components/schemas/BatchAnnotateFilesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9893,29 +9972,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/BatchAnnotateFilesResponse' parameters: - in: path name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/files:annotate: + /v1/projects/{projectsId}/images:annotate: parameters: *ref_1 post: - description: >- - Service that performs image detection and annotation for a batch of - files. Now only "application/pdf", "image/tiff" and "image/gif" are - supported. This service will extract at most 5 (customers can specify - which 5 in AnnotateFileRequest.pages) frames (gif) or pages (pdf or - tiff) from each file provided and perform detection and annotation for - each image extracted. - operationId: vision.projects.files.annotate + description: Run image detection and annotation for a batch of images. + operationId: vision.projects.images.annotate requestBody: content: application/json: schema: - $ref: '#/components/schemas/BatchAnnotateFilesRequest' + $ref: '#/components/schemas/BatchAnnotateImagesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -9931,29 +10004,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BatchAnnotateFilesResponse' + $ref: '#/components/schemas/BatchAnnotateImagesResponse' parameters: - in: path name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/files:asyncBatchAnnotate: + /v1/projects/{projectsId}/images:asyncBatchAnnotate: parameters: *ref_1 post: description: >- - Run asynchronous image detection and annotation for a list of generic - files, such as PDF files, which may contain multiple pages and multiple - images per page. Progress and results can be retrieved through the + Run asynchronous image detection and annotation for a list of images. + Progress and results can be retrieved through the `google.longrunning.Operations` interface. `Operation.metadata` contains `OperationMetadata` (metadata). `Operation.response` contains - `AsyncBatchAnnotateFilesResponse` (results). - operationId: vision.projects.files.asyncBatchAnnotate + `AsyncBatchAnnotateImagesResponse` (results). This service will write + image annotation outputs to json files in customer GCS bucket, each json + file containing BatchAnnotateImagesResponse proto. + operationId: vision.projects.images.asyncBatchAnnotate requestBody: content: application/json: schema: - $ref: '#/components/schemas/AsyncBatchAnnotateFilesRequest' + $ref: '#/components/schemas/AsyncBatchAnnotateImagesRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -10011,67 +10085,6 @@ paths: required: true schema: type: string - /v1/images:annotate: - parameters: *ref_1 - post: - description: Run image detection and annotation for a batch of images. - operationId: vision.images.annotate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BatchAnnotateImagesRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-vision - Oauth2c: - - https://www.googleapis.com/auth/cloud-vision - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/BatchAnnotateImagesResponse' - parameters: [] - /v1/images:asyncBatchAnnotate: - parameters: *ref_1 - post: - description: >- - Run asynchronous image detection and annotation for a list of images. - Progress and results can be retrieved through the - `google.longrunning.Operations` interface. `Operation.metadata` contains - `OperationMetadata` (metadata). `Operation.response` contains - `AsyncBatchAnnotateImagesResponse` (results). This service will write - image annotation outputs to json files in customer GCS bucket, each json - file containing BatchAnnotateImagesResponse proto. - operationId: vision.images.asyncBatchAnnotate - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AsyncBatchAnnotateImagesRequest' - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - - Oauth2: - - https://www.googleapis.com/auth/cloud-vision - Oauth2c: - - https://www.googleapis.com/auth/cloud-vision - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: [] /v1/files:annotate: parameters: *ref_1 post: diff --git a/providers/src/googleapis.com/v00.00.00000/services/vmmigration.yaml b/providers/src/googleapis.com/v00.00.00000/services/vmmigration.yaml index 1d10ac19..d05e50fd 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/vmmigration.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/vmmigration.yaml @@ -9,8 +9,8 @@ info: Use the Migrate to Virtual Machines API to programmatically migrate workloads. version: v1 - x-discovery-doc-revision: '20250817' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251106' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/migrate/virtual-machines servers: @@ -51,6 +51,15 @@ components: nextPageToken: description: The standard List next-page token. type: string + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. + type: array + items: + type: string Operation: id: Operation description: >- @@ -821,6 +830,79 @@ components: plan: description: OS plan. type: string + FetchStorageInventoryResponse: + id: FetchStorageInventoryResponse + description: Response message for fetchStorageInventory. + type: object + properties: + resources: + description: The list of storage resources in the source. + type: array + items: + $ref: '#/components/schemas/SourceStorageResource' + updateTime: + description: >- + Output only. The timestamp when the source was last queried (if the + result is from the cache). + readOnly: true + type: string + format: google-datetime + nextPageToken: + description: >- + Output only. A token, which can be sent as `page_token` to retrieve + the next page. If this field is omitted, there are no subsequent + pages. + readOnly: true + type: string + SourceStorageResource: + id: SourceStorageResource + description: SourceStorageResource describes a storage resource in the source. + type: object + properties: + awsDiskDetails: + description: Source AWS volume details. + $ref: '#/components/schemas/AwsSourceDiskDetails' + AwsSourceDiskDetails: + id: AwsSourceDiskDetails + description: Represents the source AWS Disk details. + type: object + properties: + volumeId: + description: Required. AWS volume ID. + type: string + sizeGib: + description: Output only. Size in GiB. + readOnly: true + type: string + format: int64 + diskType: + description: Optional. Output only. Disk type. + readOnly: true + type: string + enumDescriptions: + - Unspecified AWS disk type. Should not be used. + - GP2 disk type. + - GP3 disk type. + - IO1 disk type. + - IO2 disk type. + - ST1 disk type. + - SC1 disk type. + - Standard disk type. + enum: + - TYPE_UNSPECIFIED + - GP2 + - GP3 + - IO1 + - IO2 + - ST1 + - SC1 + - STANDARD + tags: + description: Optional. Output only. A map of AWS volume tags. + readOnly: true + type: object + additionalProperties: + type: string ListUtilizationReportsResponse: id: ListUtilizationReportsResponse description: Response message for 'ListUtilizationReports' request. @@ -1525,6 +1607,13 @@ components: - BOOT_CONVERSION_UNSPECIFIED - NONE - BIOS_TO_EFI + adaptationModifiers: + description: >- + Optional. AdaptationModifiers are the set of modifiers used during + OS adaptation. + type: array + items: + $ref: '#/components/schemas/AdaptationModifier' diskReplicaZones: description: >- Optional. Additional replica zones of the target regional disks. If @@ -1538,6 +1627,15 @@ components: type: array items: type: string + storagePool: + description: >- + Optional. If specified this will be the storage pool in which the + disk is created. This is the full path of the storage pool resource, + for example: + "projects/my-project/zones/us-central1-a/storagePools/my-storage-pool". + The storage pool must be in the same project and zone as the target + disks. The storage pool's type must match the disk type. + type: string NetworkInterface: id: NetworkInterface description: NetworkInterface represents a NIC of a VM. @@ -1684,6 +1782,21 @@ components: type: array items: type: string + AdaptationModifier: + id: AdaptationModifier + description: >- + AdaptationModifier a modifier to be used for configuration of the OS + adaptation process. + type: object + properties: + modifier: + description: Optional. The modifier name. + type: string + value: + description: >- + Optional. The value of the modifier. The actual value depends on the + modifier and can also be empty. + type: string ComputeEngineDisksTargetDefaults: id: ComputeEngineDisksTargetDefaults description: >- @@ -2548,6 +2661,13 @@ components: - BOOT_CONVERSION_UNSPECIFIED - NONE - BIOS_TO_EFI + adaptationModifiers: + description: >- + Optional. Modifiers to be used as configuration of the OS adaptation + process. + type: array + items: + $ref: '#/components/schemas/AdaptationModifier' diskReplicaZones: description: >- Optional. Additional replica zones of the target regional disks. If @@ -2561,6 +2681,15 @@ components: type: array items: type: string + storagePool: + description: >- + Optional. The storage pool used for the VM disks. If specified this + will be the storage pool in which the disk is created. This is the + full path of the storage pool resource, for example: + "projects/my-project/zones/us-central1-a/storagePools/my-storage-pool". + The storage pool must be in the same project and zone as the target + disks. The storage pool's type must match the disk type. + type: string ComputeEngineDisksTargetDetails: id: ComputeEngineDisksTargetDetails description: >- @@ -3225,11 +3354,31 @@ components: - BOOT_CONVERSION_UNSPECIFIED - NONE - BIOS_TO_EFI + adaptationModifiers: + description: >- + Optional. Modifiers to be used as configuration of the OS adaptation + process. + type: array + items: + $ref: '#/components/schemas/AdaptationModifier' DataDiskImageImport: id: DataDiskImageImport - description: Mentions that the image import is not using OS adaptation process. + description: Used when the image import is not using OS adaptation process. type: object - properties: {} + properties: + guestOsFeatures: + description: >- + Optional. A list of guest OS features to apply to the imported + image. These features are flags that are used by Compute Engine to + enable certain capabilities for virtual machine instances that are + created from the image. This field does not change the OS of the + image; it only marks the image with the specified features. The user + must ensure that the OS is compatible with the features. For a list + of available features, see + https://cloud.google.com/compute/docs/images/create-custom#guest-os-features. + type: array + items: + type: string MachineImageTargetDetails: id: MachineImageTargetDetails description: >- @@ -3540,6 +3689,218 @@ components: description: Request message for 'CancelImageImportJob' request. type: object properties: {} + DiskMigrationJob: + id: DiskMigrationJob + description: >- + Describes the disk which will be migrated from the source environment. + The source disk has to be unattached. + type: object + properties: + awsSourceDiskDetails: + description: Details of the unattached AWS source disk. + $ref: '#/components/schemas/AwsSourceDiskDetails' + name: + description: Output only. Identifier. The identifier of the DiskMigrationJob. + readOnly: true + type: string + targetDetails: + description: Required. Details of the target Disk in Compute Engine. + $ref: '#/components/schemas/DiskMigrationJobTargetDetails' + createTime: + description: Output only. The time the DiskMigrationJob resource was created. + readOnly: true + type: string + format: google-datetime + updateTime: + description: >- + Output only. The last time the DiskMigrationJob resource was + updated. + readOnly: true + type: string + format: google-datetime + state: + description: Output only. State of the DiskMigrationJob. + readOnly: true + type: string + enumDescriptions: + - The state is unspecified. This is not in use. + - >- + The initial state of the disk migration. In this state the + customers can update the target details. + - The migration is active, and it's running or scheduled to run. + - The migration completed successfully. + - Migration cancellation was initiated. + - The migration was cancelled. + - >- + The migration process encountered an unrecoverable error and was + aborted. + enum: + - STATE_UNSPECIFIED + - READY + - RUNNING + - SUCCEEDED + - CANCELLING + - CANCELLED + - FAILED + errors: + description: >- + Output only. Provides details on the errors that led to the disk + migration job's state in case of an error. + readOnly: true + type: array + items: + $ref: '#/components/schemas/Status' + steps: + description: >- + Output only. The disk migration steps list representing its + progress. + readOnly: true + type: array + items: + $ref: '#/components/schemas/DiskMigrationStep' + DiskMigrationJobTargetDetails: + id: DiskMigrationJobTargetDetails + description: Details of the target disk in Compute Engine. + type: object + properties: + targetDisk: + description: Required. The target disk. + $ref: '#/components/schemas/ComputeEngineDisk' + targetProject: + description: >- + Required. The name of the resource of type TargetProject which + represents the Compute Engine project in which to create the disk. + Should be of the form: + projects/{project}/locations/global/targetProjects/{target-project} + type: string + labels: + description: Optional. A map of labels to associate with the disk. + type: object + additionalProperties: + type: string + encryption: + description: >- + Optional. The encryption to apply to the disk. If the + DiskMigrationJob parent Source resource has an encryption, this + field must be set to the same encryption key. + $ref: '#/components/schemas/Encryption' + ComputeEngineDisk: + id: ComputeEngineDisk + description: Compute Engine disk target details. + type: object + properties: + diskId: + description: >- + Optional. Target Compute Engine Disk ID. This is the resource ID + segment of the Compute Engine Disk to create. In the resource name + compute/v1/projects/{project}/zones/{zone}/disks/disk1 "disk1" is + the resource ID for the disk. + type: string + zone: + description: >- + Required. The Compute Engine zone in which to create the disk. + Should be of the form: projects/{target-project}/locations/{zone} + type: string + replicaZones: + description: >- + Optional. Replication zones of the regional disk. Should be of the + form: projects/{target-project}/locations/{replica-zone} Currently + only one replica zone is supported. + type: array + items: + type: string + diskType: + description: Required. The disk type to use. + type: string + enumDescriptions: + - An unspecified disk type. Will be used as STANDARD. + - A Standard disk type. + - SSD hard disk type. + - >- + An alternative to SSD persistent disks that balance performance + and cost. + - Hyperdisk balanced disk type. + enum: + - COMPUTE_ENGINE_DISK_TYPE_UNSPECIFIED + - COMPUTE_ENGINE_DISK_TYPE_STANDARD + - COMPUTE_ENGINE_DISK_TYPE_SSD + - COMPUTE_ENGINE_DISK_TYPE_BALANCED + - COMPUTE_ENGINE_DISK_TYPE_HYPERDISK_BALANCED + DiskMigrationStep: + id: DiskMigrationStep + description: >- + DiskMigrationStep holds information about the disk migration step + progress. + type: object + properties: + creatingSourceDiskSnapshot: + description: Creating source disk snapshot step. + $ref: '#/components/schemas/CreatingSourceDiskSnapshotStep' + copyingSourceDiskSnapshot: + description: Copying source disk snapshot step. + $ref: '#/components/schemas/CopyingSourceDiskSnapshotStep' + provisioningTargetDisk: + description: Creating target disk step. + $ref: '#/components/schemas/ProvisioningTargetDiskStep' + startTime: + description: Output only. The time the step has started. + readOnly: true + type: string + format: google-datetime + endTime: + description: Output only. The time the step has ended. + readOnly: true + type: string + format: google-datetime + CreatingSourceDiskSnapshotStep: + id: CreatingSourceDiskSnapshotStep + description: CreatingSourceDiskSnapshotStep contains specific step details. + type: object + properties: {} + CopyingSourceDiskSnapshotStep: + id: CopyingSourceDiskSnapshotStep + description: CopyingSourceDiskSnapshotStep contains specific step details. + type: object + properties: {} + ProvisioningTargetDiskStep: + id: ProvisioningTargetDiskStep + description: ProvisioningTargetDiskStep contains specific step details. + type: object + properties: {} + ListDiskMigrationJobsResponse: + id: ListDiskMigrationJobsResponse + description: Response message for 'ListDiskMigrationJobs' request. + type: object + properties: + diskMigrationJobs: + description: Output only. The list of the disk migration jobs. + readOnly: true + type: array + items: + $ref: '#/components/schemas/DiskMigrationJob' + nextPageToken: + description: >- + Optional. Output only. A token, which can be sent as `page_token` to + retrieve the next page. If this field is omitted, there are no + subsequent pages. + readOnly: true + type: string + unreachable: + description: Output only. Locations that could not be reached. + readOnly: true + type: array + items: + type: string + RunDiskMigrationJobRequest: + id: RunDiskMigrationJobRequest + description: Request message for 'RunDiskMigrationJobRequest' request. + type: object + properties: {} + CancelDiskMigrationJobRequest: + id: CancelDiskMigrationJobRequest + description: Request message for 'CancelDiskMigrationJob' request. + type: object + properties: {} ListLocationsResponse: id: ListLocationsResponse description: The response message for Locations.ListLocations. @@ -3672,6 +4033,9 @@ components: - >- Migrate to Virtual Machines encountered an error in image import operation. + - >- + Migrate to Virtual Machines encountered an error in disk migration + operation. enum: - ERROR_CODE_UNSPECIFIED - UNKNOWN_ERROR @@ -3684,6 +4048,7 @@ components: - UTILIZATION_REPORT_ERROR - APPLIANCE_UPGRADE_ERROR - IMAGE_IMPORT_ERROR + - DISK_MIGRATION_ERROR errorMessage: description: Output only. The localized error message. readOnly: true @@ -3927,6 +4292,26 @@ components: update: [] replace: [] delete: [] + sources_storage_inventory: + id: google.vmmigration.sources_storage_inventory + name: sources_storage_inventory + title: Sources_storage_inventory + methods: + fetch_storage_inventory: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}:fetchStorageInventory/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/sources_storage_inventory/methods/fetch_storage_inventory + insert: [] + update: [] + replace: [] + delete: [] utilization_reports: id: google.vmmigration.utilization_reports name: utilization_reports @@ -4228,6 +4613,74 @@ components: update: [] replace: [] delete: [] + disk_migration_jobs: + id: google.vmmigration.disk_migration_jobs + name: disk_migration_jobs + title: Disk_migration_jobs + methods: + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}~1diskMigrationJobs/post + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}~1diskMigrationJobs/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.diskMigrationJobs + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}~1diskMigrationJobs~1{diskMigrationJobsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}~1diskMigrationJobs~1{diskMigrationJobsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}~1diskMigrationJobs~1{diskMigrationJobsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + run: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}~1diskMigrationJobs~1{diskMigrationJobsId}:run/post + response: + mediaType: application/json + openAPIDocKey: '200' + cancel: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1sources~1{sourcesId}~1diskMigrationJobs~1{diskMigrationJobsId}:cancel/post + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/disk_migration_jobs/methods/get' + - $ref: '#/components/x-stackQL-resources/disk_migration_jobs/methods/list' + insert: + - $ref: >- + #/components/x-stackQL-resources/disk_migration_jobs/methods/create + update: + - $ref: '#/components/x-stackQL-resources/disk_migration_jobs/methods/patch' + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/disk_migration_jobs/methods/delete groups: id: google.vmmigration.groups name: groups @@ -4563,7 +5016,11 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + - in: query + name: returnPartialSuccess + schema: + type: boolean + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: description: >- @@ -4929,6 +5386,61 @@ paths: name: pageToken schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/sources/{sourcesId}:fetchStorageInventory: + parameters: *ref_1 + get: + description: >- + List remote source's inventory of storage resources. The remote source + is another cloud vendor (e.g. AWS, Azure). The inventory describes the + list of existing storage resources in that source. Note that this + operation lists the resources on the remote source, as opposed to + listing the MigratingVms resources in the vmmigration service. + operationId: vmmigration.projects.locations.sources.fetchStorageInventory + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/FetchStorageInventoryResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: sourcesId + required: true + schema: + type: string + - in: query + name: type + schema: + type: string + - in: query + name: forceRefresh + schema: + type: boolean + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/sources/{sourcesId}/utilizationReports: parameters: *ref_1 get: @@ -6276,6 +6788,310 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/sources/{sourcesId}/diskMigrationJobs: + parameters: *ref_1 + post: + description: Creates a new disk migration job in a given Source. + operationId: vmmigration.projects.locations.sources.diskMigrationJobs.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DiskMigrationJob' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: sourcesId + required: true + schema: + type: string + - in: query + name: diskMigrationJobId + schema: + type: string + - in: query + name: requestId + schema: + type: string + get: + description: Lists DiskMigrationJobs in a given Source. + operationId: vmmigration.projects.locations.sources.diskMigrationJobs.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListDiskMigrationJobsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: sourcesId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/sources/{sourcesId}/diskMigrationJobs/{diskMigrationJobsId}: + parameters: *ref_1 + get: + description: Gets details of a single DiskMigrationJob. + operationId: vmmigration.projects.locations.sources.diskMigrationJobs.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/DiskMigrationJob' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: sourcesId + required: true + schema: + type: string + - in: path + name: diskMigrationJobsId + required: true + schema: + type: string + patch: + description: Updates the parameters of a single DiskMigrationJob. + operationId: vmmigration.projects.locations.sources.diskMigrationJobs.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DiskMigrationJob' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: sourcesId + required: true + schema: + type: string + - in: path + name: diskMigrationJobsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + - in: query + name: requestId + schema: + type: string + delete: + description: Deletes a single DiskMigrationJob. + operationId: vmmigration.projects.locations.sources.diskMigrationJobs.delete + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: sourcesId + required: true + schema: + type: string + - in: path + name: diskMigrationJobsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/sources/{sourcesId}/diskMigrationJobs/{diskMigrationJobsId}:run: + parameters: *ref_1 + post: + description: Runs the disk migration job. + operationId: vmmigration.projects.locations.sources.diskMigrationJobs.run + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RunDiskMigrationJobRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: sourcesId + required: true + schema: + type: string + - in: path + name: diskMigrationJobsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/sources/{sourcesId}/diskMigrationJobs/{diskMigrationJobsId}:cancel: + parameters: *ref_1 + post: + description: Cancels the disk migration job. + operationId: vmmigration.projects.locations.sources.diskMigrationJobs.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CancelDiskMigrationJobRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: sourcesId + required: true + schema: + type: string + - in: path + name: diskMigrationJobsId + required: true + schema: + type: string /v1/projects/{projectsId}/locations/{locationsId}/groups: parameters: *ref_1 get: @@ -7001,7 +7817,7 @@ paths: /v1/projects/{projectsId}/locations/{locationsId}/imageImports/{imageImportsId}/imageImportJobs/{imageImportJobsId}:cancel: parameters: *ref_1 post: - description: Initiates the cancellation of a running clone job. + description: Initiates the cancellation of a running ImageImportJob. operationId: vmmigration.projects.locations.imageImports.imageImportJobs.cancel requestBody: content: diff --git a/providers/src/googleapis.com/v00.00.00000/services/vmwareengine.yaml b/providers/src/googleapis.com/v00.00.00000/services/vmwareengine.yaml index b6b551d9..35bd0a7d 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/vmwareengine.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/vmwareengine.yaml @@ -9,8 +9,8 @@ info: The Google VMware Engine API lets you programmatically manage VMware environments. version: v1 - x-discovery-doc-revision: '20250811' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251020' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/solutions/vmware-as-a-service servers: @@ -36,2086 +36,1964 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: + ListNodeTypesResponse: + properties: + nextPageToken: + type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + unreachable: + type: array + items: + type: string + description: >- + Locations that could not be reached when making an aggregated query + using wildcards. + nodeTypes: + description: A list of Node Types. + items: + $ref: '#/components/schemas/NodeType' + type: array + description: Response message for VmwareEngine.ListNodeTypes + type: object + id: ListNodeTypesResponse ListOperationsResponse: - id: ListOperationsResponse description: The response message for Operations.ListOperations. type: object + id: ListOperationsResponse properties: operations: + items: + $ref: '#/components/schemas/Operation' description: >- A list of operations that matches the specified filter in the request. type: array + unreachable: + type: array + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. items: - $ref: '#/components/schemas/Operation' + type: string nextPageToken: - description: The standard List next-page token. type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object + description: The standard List next-page token. + ExternalAccessRule: + id: ExternalAccessRule properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + description: type: string - details: + description: User-provided description for this external access rule. + sourceIpRanges: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + If source ranges are specified, the external access rule applies + only to traffic that has a source IP address in these ranges. These + ranges can either be expressed in the CIDR format or as an IP + address. As only inbound rules are supported, `ExternalAddress` + resources cannot be the source IP addresses of an external access + rule. To match all source addresses, specify `0.0.0.0/0`. type: array items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - ListPrivateCloudsResponse: - id: ListPrivateCloudsResponse - description: Response message for VmwareEngine.ListPrivateClouds - type: object - properties: - privateClouds: - description: A list of private clouds. - type: array + $ref: '#/components/schemas/IpRange' + sourcePorts: items: - $ref: '#/components/schemas/PrivateCloud' - nextPageToken: + type: string description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + A list of source ports to which the external access rule applies. + This field is only applicable for the UDP or TCP protocol. Each + entry must be either an integer or a range. For example: `["22"]`, + `["80","443"]`, or `["12345-12349"]`. To match all source ports, + specify `["0-65535"]`. + type: array + destinationIpRanges: + description: >- + If destination ranges are specified, the external access rule + applies only to the traffic that has a destination IP address in + these ranges. The specified IP addresses must have reserved external + IP addresses in the scope of the parent network policy. To match all + external IP addresses in the scope of the parent network policy, + specify `0.0.0.0/0`. To match a specific external IP address, + specify it using the `IpRange.external_address` property. + items: + $ref: '#/components/schemas/IpRange' + type: array + ipProtocol: type: string - unreachable: description: >- - Locations that could not be reached when making an aggregated query - using wildcards. + The IP protocol to which the external access rule applies. This + value can be one of the following three protocol strings (not + case-sensitive): `tcp`, `udp`, or `icmp`. + destinationPorts: type: array items: type: string - PrivateCloud: - id: PrivateCloud - description: >- - Represents a private cloud resource. Private clouds of type `STANDARD` - and `TIME_LIMITED` are zonal resources, `STRETCHED` private clouds are - regional. - type: object - properties: - name: description: >- - Output only. Identifier. The resource name of this private cloud. - Resource names are schemeless URIs that follow the conventions in - https://cloud.google.com/apis/design/resource_names. For example: - `projects/my-project/locations/us-central1-a/privateClouds/my-cloud` - readOnly: true - type: string - createTime: - description: Output only. Creation time of this resource. + A list of destination ports to which the external access rule + applies. This field is only applicable for the UDP or TCP protocol. + Each entry must be either an integer or a range. For example: + `["22"]`, `["80","443"]`, or `["12345-12349"]`. To match all + destination ports, specify `["0-65535"]`. + uid: + description: Output only. System-generated unique identifier for the resource. readOnly: true type: string - format: google-datetime + priority: + description: >- + External access rule priority, which determines the external access + rule to use when multiple rules apply. If multiple rules have the + same priority, their ordering is non-deterministic. If specific + ordering is required, assign unique priorities to enforce such + ordering. The external access rule priority is an integer from 100 + to 4096, both inclusive. Lower integers indicate higher precedence. + For example, a rule with priority `100` has higher precedence than a + rule with priority `101`. + format: int32 + type: integer updateTime: description: Output only. Last update time of this resource. - readOnly: true - type: string format: google-datetime - deleteTime: - description: Output only. Time when the resource was scheduled for deletion. readOnly: true type: string - format: google-datetime - expireTime: - description: Output only. Time when the resource will be irreversibly deleted. - readOnly: true + action: + enumDescriptions: + - Defaults to allow. + - Allows connections that match the other specified components. + - Blocks connections that match the other specified components. type: string - format: google-datetime + enum: + - ACTION_UNSPECIFIED + - ALLOW + - DENY + description: The action that the external access rule performs. state: - description: >- - Output only. State of the resource. New values may be added to this - enum when appropriate. readOnly: true - type: string - enumDescriptions: - - The default value. This value should never be used. - - The private cloud is ready. - - The private cloud is being created. - - The private cloud is being updated. - - The private cloud is in failed state. - - >- - The private cloud is scheduled for deletion. The deletion process - can be cancelled by using the corresponding undelete method. - - >- - The private cloud is irreversibly deleted and is being removed - from the system. enum: - STATE_UNSPECIFIED - ACTIVE - CREATING - UPDATING - - FAILED - - DELETED - - PURGING - networkConfig: - description: Required. Network configuration of the private cloud. - $ref: '#/components/schemas/NetworkConfig' - managementCluster: - description: >- - Required. Input only. The management cluster for this private cloud. - This field is required during creation of the private cloud to - provide details for the default cluster. The following fields can't - be changed after private cloud creation: - `ManagementCluster.clusterId`, `ManagementCluster.nodeTypeId`. - $ref: '#/components/schemas/ManagementCluster' - description: - description: User-provided description for this private cloud. - type: string - hcx: - description: Output only. HCX appliance. - readOnly: true - $ref: '#/components/schemas/Hcx' - nsx: - description: Output only. NSX appliance. - readOnly: true - $ref: '#/components/schemas/Nsx' - vcenter: - description: Output only. Vcenter appliance. - readOnly: true - $ref: '#/components/schemas/Vcenter' - uid: - description: Output only. System-generated unique identifier for the resource. - readOnly: true - type: string - type: - description: Optional. Type of the private cloud. Defaults to STANDARD. + - DELETING + description: Output only. The state of the resource. type: string enumDescriptions: - - Standard private is a zonal resource, with 3+ nodes. Default type. - - >- - Time limited private cloud is a zonal resource, can have only 1 - node and has limited life span. Will be deleted after defined - period of time, can be converted into standard private cloud by - expanding it up to 3 or more nodes. - - >- - Stretched private cloud is a regional resource with redundancy, - with a minimum of 6 nodes, nodes count has to be even. - enum: - - STANDARD - - TIME_LIMITED - - STRETCHED - NetworkConfig: - id: NetworkConfig - description: >- - Network configuration in the consumer project with which the peering has - to be done. - type: object - properties: - managementCidr: - description: Required. Management CIDR used by VMware management appliances. - type: string - vmwareEngineNetwork: - description: >- - Optional. The relative resource name of the VMware Engine network - attached to the private cloud. Specify the name in the following - form: - `projects/{project}/locations/{location}/vmwareEngineNetworks/{vmware_engine_network_id}` - where `{project}` can either be a project number or a project ID. - type: string - vmwareEngineNetworkCanonical: - description: >- - Output only. The canonical name of the VMware Engine network in the - form: - `projects/{project_number}/locations/{location}/vmwareEngineNetworks/{vmware_engine_network_id}` + - The default value. This value is used if the state is omitted. + - The rule is ready. + - The rule is being created. + - The rule is being updated. + - The rule is being deleted. + name: readOnly: true type: string - managementIpAddressLayoutVersion: - description: >- - Output only. The IP address layout version of the management IP - address range. Possible versions include: * - `managementIpAddressLayoutVersion=1`: Indicates the legacy IP - address layout used by some existing private clouds. This is no - longer supported for new private clouds as it does not support all - features. * `managementIpAddressLayoutVersion=2`: Indicates the - latest IP address layout used by all newly created private clouds. - This version supports all current features. - readOnly: true - type: integer - format: int32 - dnsServerIp: description: >- - Output only. DNS Server IP of the Private Cloud. All DNS queries can - be forwarded to this address for name resolution of Private Cloud's - management entities like vCenter, NSX-T Manager and ESXi hosts. + Output only. The resource name of this external access rule. + Resource names are schemeless URIs that follow the conventions in + https://cloud.google.com/apis/design/resource_names. For example: + `projects/my-project/locations/us-central1/networkPolicies/my-policy/externalAccessRules/my-rule` + createTime: + description: Output only. Creation time of this resource. readOnly: true type: string - ManagementCluster: - id: ManagementCluster - description: Management cluster configuration. + format: google-datetime + description: >- + External access firewall rules for filtering incoming traffic destined + to `ExternalAddress` resources. type: object + RevokeDnsBindPermissionRequest: + type: object + id: RevokeDnsBindPermissionRequest + description: Request message for VmwareEngine.RevokeDnsBindPermission properties: - clusterId: - description: >- - Required. The user-provided identifier of the new `Cluster`. The - identifier must meet the following requirements: * Only contains - 1-63 alphanumeric characters and hyphens * Begins with an - alphabetical character * Ends with a non-hyphen character * Not - formatted as a UUID * Complies with [RFC - 1034](https://datatracker.ietf.org/doc/html/rfc1034) (section 3.5) + requestId: type: string - nodeTypeConfigs: description: >- - Required. The map of cluster node types in this cluster, where the - key is canonical identifier of the node type (corresponds to the - `NodeType`). - type: object - additionalProperties: - $ref: '#/components/schemas/NodeTypeConfig' - stretchedClusterConfig: + Optional. A request ID to identify requests. Specify a unique + request ID so that if you must retry your request, the server will + know to ignore the request if it has already been completed. The + server guarantees that a request doesn't result in creation of + duplicate commitments for at least 60 minutes. For example, consider + a situation where you make an initial request and the request times + out. If you make the request again with the same request ID, the + server can check if original operation with the same request ID was + received, and if so, will ignore the second request. This prevents + clients from accidentally creating duplicate commitments. The + request ID must be a valid UUID with the exception that zero UUID is + not supported (00000000-0000-0000-0000-000000000000). + principal: + $ref: '#/components/schemas/Principal' description: >- - Optional. Configuration of a stretched cluster. Required for - STRETCHED private clouds. - $ref: '#/components/schemas/StretchedClusterConfig' - NodeTypeConfig: - id: NodeTypeConfig - description: >- - Information about the type and number of nodes associated with the - cluster. - type: object + Required. The consumer provided user/service account which needs to + be granted permission to bind with the intranet VPC corresponding to + the consumer project. + ListNetworkPeeringsResponse: + description: Response message for VmwareEngine.ListNetworkPeerings properties: - nodeCount: - description: Required. The number of nodes of this type in the cluster - type: integer - format: int32 - customCoreCount: + unreachable: + type: array + description: Unreachable resources. + items: + type: string + networkPeerings: + type: array + description: A list of network peerings. + items: + $ref: '#/components/schemas/NetworkPeering' + nextPageToken: description: >- - Optional. Customized number of cores available to each node of the - type. This number must always be one of - `nodeType.availableCustomCoreCounts`. If zero is provided max value - from `nodeType.availableCustomCoreCounts` will be used. - type: integer - format: int32 - StretchedClusterConfig: - id: StretchedClusterConfig - description: Configuration of a stretched cluster. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string type: object + id: ListNetworkPeeringsResponse + Upgrade: properties: - preferredLocation: - description: >- - Required. Zone that will remain operational when connection between - the two zones is lost. Specify the resource name of a zone that - belongs to the region of the private cloud. For example: - `projects/{project}/locations/europe-west3-a` where `{project}` can - either be a project number or a project ID. + type: + readOnly: true + enum: + - TYPE_UNSPECIFIED + - VSPHERE_UPGRADE + - VSPHERE_PATCH + - WORKAROUND + - FIRMWARE_UPGRADE + - SWITCH_UPGRADE + - OTHER + - INFRASTRUCTURE_UPGRADE + description: Output only. Output Only. The type of upgrade. + type: string + enumDescriptions: + - The default value. This value should never be used. + - >- + Upgrade of vmware components when a major version is available. + 7.0u2 -> 7.0u3. + - >- + Patching of vmware components when a minor version is available. + 7.0u2c -> 7.0u2d. + - >- + Workarounds are hotfixes for vulnerabilities or issues applied to + mitigate the known vulnerability or issue until a patch or update + is released. The description of the upgrade will have more + details. + - Firmware upgrade for VMware product used in the private cloud. + - Switch upgrade. + - The upgrade type that doesn't fall into any other category. + - Infrastructure upgrade in BM node maintenance. + name: + readOnly: true type: string - secondaryLocation: description: >- - Required. Additional zone for a higher level of availability and - load balancing. Specify the resource name of a zone that belongs to - the region of the private cloud. For example: - `projects/{project}/locations/europe-west3-b` where `{project}` can - either be a project number or a project ID. + Output only. Identifier. The resource name of the private cloud + `Upgrade`. Resource names are schemeless URIs that follow the + conventions in https://cloud.google.com/apis/design/resource_names. + For example: + `projects/my-project/locations/us-west1-a/privateClouds/my-cloud/upgrades/my-upgrade` + estimatedDuration: + readOnly: true + description: >- + Output only. Output Only. The estimated total duration of the + upgrade. This information can be used to plan or schedule upgrades + to minimize disruptions. Please note that the estimated duration is + only an estimate. The actual upgrade duration may vary. + format: google-duration type: string - Hcx: - id: Hcx - description: Details about a HCX Cloud Manager appliance. - type: object - properties: - internalIp: - description: Internal IP address of the appliance. + endTime: + description: Output only. Output Only. End time of the upgrade. type: string + format: google-datetime + readOnly: true version: - description: Version of the appliance. - type: string - state: - description: Output only. The state of the appliance. readOnly: true type: string - enumDescriptions: - - Unspecified appliance state. This is the default value. - - The appliance is operational and can be used. - - The appliance is being deployed. - - The appliance is being activated. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - CREATING - - ACTIVATING - fqdn: - description: Fully qualified domain name of the appliance. - type: string - Nsx: - id: Nsx - description: Details about a NSX Manager appliance. - type: object - properties: - internalIp: - description: Internal IP address of the appliance. - type: string - version: - description: Version of the appliance. + description: 'Output only. ' + targetVersion: type: string - state: - description: Output only. The state of the appliance. + description: Output only. Output Only. The target version + readOnly: true + description: + description: >- + Output only. Output Only. The description of the upgrade. This is + used to provide additional information about the private cloud + upgrade, such as the upgrade's purpose, the changes included in the + upgrade, or any other relevant information about the upgrade. readOnly: true type: string - enumDescriptions: - - Unspecified appliance state. This is the default value. - - The appliance is operational and can be used. - - The appliance is being deployed. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - CREATING - fqdn: - description: Fully qualified domain name of the appliance. + componentUpgrades: + description: Output only. Output Only. The list of component upgrades. + readOnly: true + items: + $ref: '#/components/schemas/VmwareUpgradeComponent' + type: array + etag: type: string - Vcenter: - id: Vcenter - description: Details about a vCenter Server management appliance. - type: object - properties: - internalIp: - description: Internal IP address of the appliance. + description: >- + The etag for the upgrade resource. If this is provided on update, it + must match the server's etag. + uid: type: string - version: - description: Version of the appliance. + readOnly: true + description: Output only. System-generated unique identifier for the resource. + updateTime: + readOnly: true type: string + description: Output only. Output Only. Last update time of this resource. + format: google-datetime state: - description: Output only. The state of the appliance. readOnly: true - type: string enumDescriptions: - - Unspecified appliance state. This is the default value. - - The appliance is operational and can be used. - - The appliance is being deployed. + - The default value. This value should never be used. + - The upgrade is scheduled but not started yet. + - The upgrade is currently in progress and has not completed yet. + - The upgrade completed successfully. + - The upgrade is currently paused. + - The upgrade failed. + - The upgrade is in process of being canceled. + - The upgrade is canceled. + - The upgrade is in process of being rescheduled. + type: string + description: Output only. The current state of the upgrade. enum: - STATE_UNSPECIFIED - - ACTIVE - - CREATING - fqdn: - description: Fully qualified domain name of the appliance. - type: string - AcceleratePrivateCloudDeletionRequest: - id: AcceleratePrivateCloudDeletionRequest - description: Request message for VmwareEngine.AcceleratePrivateCloudDeletion - type: object - properties: - requestId: - description: >- - Optional. The request ID must be a valid UUID with the exception - that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). - type: string - etag: - description: >- - Optional. Checksum used to ensure that the user-provided value is up - to date before the server processes the request. The server compares - provided checksum with the current checksum of the resource. If the - user-provided value is out of date, this request returns an - `ABORTED` error. + - SCHEDULED + - ONGOING + - SUCCEEDED + - PAUSED + - FAILED + - CANCELLING + - CANCELLED + - RESCHEDULING + createTime: + description: Output only. Output Only. Creation time of this resource. + readOnly: true + format: google-datetime type: string - UndeletePrivateCloudRequest: - id: UndeletePrivateCloudRequest - description: Request message for VmwareEngine.UndeletePrivateCloud - type: object - properties: - requestId: - description: >- - Optional. The request ID must be a valid UUID with the exception - that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). + startVersion: + description: Output only. Output Only. The start version type: string - ListClustersResponse: - id: ListClustersResponse - description: Response message for VmwareEngine.ListClusters + readOnly: true + schedule: + $ref: '#/components/schemas/Schedule' + description: Schedule details for the upgrade. + description: Describes Private cloud Upgrade. type: object + id: Upgrade + ListManagementDnsZoneBindingsResponse: + id: ListManagementDnsZoneBindingsResponse properties: - clusters: - description: A list of private cloud clusters. - type: array - items: - $ref: '#/components/schemas/Cluster' nextPageToken: + type: string description: >- A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. - type: string unreachable: + type: array description: >- Locations that could not be reached when making an aggregated query using wildcards. - type: array items: type: string - Cluster: - id: Cluster - description: A cluster in a private cloud. + managementDnsZoneBindings: + items: + $ref: '#/components/schemas/ManagementDnsZoneBinding' + type: array + description: A list of management DNS zone bindings. + type: object + description: Response message for VmwareEngine.ListManagementDnsZoneBindings + NodeType: type: object + description: Describes node type. + id: NodeType properties: + kind: + enumDescriptions: + - The default value. This value should never be used. + - Standard HCI node. + - Storage only Node. + type: string + description: Output only. The type of the resource. + readOnly: true + enum: + - KIND_UNSPECIFIED + - STANDARD + - STORAGE_ONLY name: + readOnly: true + type: string description: >- - Output only. Identifier. The resource name of this cluster. Resource - names are schemeless URIs that follow the conventions in + Output only. The resource name of this node type. Resource names are + schemeless URIs that follow the conventions in https://cloud.google.com/apis/design/resource_names. For example: - `projects/my-project/locations/us-central1-a/privateClouds/my-cloud/clusters/my-cluster` + `projects/my-proj/locations/us-central1-a/nodeTypes/standard-72` + nodeTypeId: + description: >- + Output only. The canonical identifier of the node type (corresponds + to the `NodeType`). For example: standard-72. readOnly: true type: string - createTime: - description: Output only. Creation time of this resource. + availableCustomCoreCounts: + items: + type: integer + format: int32 + description: Output only. List of possible values of custom core count. + type: array readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Last update time of this resource. + diskSizeGb: + type: integer + format: int32 + description: Output only. The amount of storage available, defined in GB. readOnly: true - type: string - format: google-datetime - state: - description: Output only. State of the resource. + capabilities: + type: array readOnly: true - type: string - enumDescriptions: - - The default value. This value should never be used. - - The Cluster is operational and can be used by the user. - - The Cluster is being deployed. - - >- - Adding or removing of a node to the cluster, any other cluster - specific updates. - - The Cluster is being deleted. - - >- - The Cluster is undergoing maintenance, for example: a failed node - is getting replaced. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - CREATING - - UPDATING - - DELETING - - REPAIRING - management: + description: Output only. Capabilities of this node type. + items: + enumDescriptions: + - >- + The default value. This value is used if the capability is + omitted or unknown. + - This node type supports stretch clusters. + enum: + - CAPABILITY_UNSPECIFIED + - STRETCHED_CLUSTERS + type: string + displayName: description: >- - Output only. True if the cluster is a management cluster; false - otherwise. There can only be one management cluster in a private - cloud and it has to be the first one. - readOnly: true - type: boolean - autoscalingSettings: - description: Optional. Configuration of the autoscaling applied to this cluster. - $ref: '#/components/schemas/AutoscalingSettings' - uid: - description: Output only. System-generated unique identifier for the resource. + Output only. The friendly name for this node type. For example: + ve1-standard-72 readOnly: true type: string - nodeTypeConfigs: + families: + items: + type: string + readOnly: true + type: array description: >- - Required. The map of cluster node types in this cluster, where the - key is canonical identifier of the node type (corresponds to the - `NodeType`). - type: object - additionalProperties: - $ref: '#/components/schemas/NodeTypeConfig' - stretchedClusterConfig: - description: >- - Optional. Configuration of a stretched cluster. Required for - clusters that belong to a STRETCHED private cloud. - $ref: '#/components/schemas/StretchedClusterConfig' - AutoscalingSettings: - id: AutoscalingSettings - description: >- - Autoscaling settings define the rules used by VMware Engine to - automatically scale-out and scale-in the clusters in a private cloud. - type: object - properties: - autoscalingPolicies: - description: >- - Required. The map with autoscaling policies applied to the cluster. - The key is the identifier of the policy. It must meet the following - requirements: * Only contains 1-63 alphanumeric characters and - hyphens * Begins with an alphabetical character * Ends with a - non-hyphen character * Not formatted as a UUID * Complies with [RFC - 1034](https://datatracker.ietf.org/doc/html/rfc1034) (section 3.5) - Currently there map must contain only one element that describes the - autoscaling policy for compute nodes. - type: object - additionalProperties: - $ref: '#/components/schemas/AutoscalingPolicy' - minClusterNodeCount: - description: >- - Optional. Minimum number of nodes of any type in a cluster. If not - specified the default limits apply. - type: integer - format: int32 - maxClusterNodeCount: - description: >- - Optional. Maximum number of nodes of any type in a cluster. If not - specified the default limits apply. + Output only. Families of the node type. For node types to be in the + same cluster they must share at least one element in the `families`. + virtualCpuCount: + description: Output only. The total number of virtual CPUs in a single node. type: integer + readOnly: true format: int32 - coolDownPeriod: - description: >- - Optional. The minimum duration between consecutive autoscale - operations. It starts once addition or removal of nodes is fully - completed. Defaults to 30 minutes if not specified. Cool down period - must be in whole minutes (for example, 30, 31, 50, 180 minutes). - type: string - format: google-duration - AutoscalingPolicy: - id: AutoscalingPolicy - description: >- - Autoscaling policy describes the behavior of the autoscaling with - respect to the resource utilization. The scale-out operation is - initiated if the utilization exceeds ANY of the respective thresholds. - The scale-in operation is initiated if the utilization is below ALL of - the respective thresholds. - type: object - properties: - nodeTypeId: - description: >- - Required. The canonical identifier of the node type to add or - remove. Corresponds to the `NodeType`. - type: string - scaleOutSize: - description: >- - Required. Number of nodes to add to a cluster during a scale-out - operation. Must be divisible by 2 for stretched clusters. During a - scale-in operation only one node (or 2 for stretched clusters) are - removed in a single iteration. - type: integer + totalCoreCount: + readOnly: true format: int32 - cpuThresholds: - description: Optional. Utilization thresholds pertaining to CPU utilization. - $ref: '#/components/schemas/Thresholds' - grantedMemoryThresholds: - description: >- - Optional. Utilization thresholds pertaining to amount of granted - memory. - $ref: '#/components/schemas/Thresholds' - consumedMemoryThresholds: - description: >- - Optional. Utilization thresholds pertaining to amount of consumed - memory. - $ref: '#/components/schemas/Thresholds' - storageThresholds: - description: >- - Optional. Utilization thresholds pertaining to amount of consumed - storage. - $ref: '#/components/schemas/Thresholds' - Thresholds: - id: Thresholds - description: >- - Thresholds define the utilization of resources triggering scale-out and - scale-in operations. - type: object - properties: - scaleOut: - description: >- - Required. The utilization triggering the scale-out operation in - percent. type: integer - format: int32 - scaleIn: - description: >- - Required. The utilization triggering the scale-in operation in - percent. + description: Output only. The total number of CPU cores in a single node. + memoryGb: type: integer + readOnly: true format: int32 - ListNodesResponse: - id: ListNodesResponse - description: Response message for VmwareEngine.ListNodes + description: Output only. The amount of physical memory available, defined in GB. + ForwardingRule: + description: >- + A forwarding rule is a mapping of a `domain` to `name_servers`. This + mapping allows VMware Engine to resolve domains for attached private + clouds by forwarding DNS requests for a given domain to the specified + nameservers. + id: ForwardingRule type: object properties: - nodes: - description: The nodes. + domain: + type: string + description: Required. Domain used to resolve a `name_servers` list. + nameServers: + description: Required. List of DNS servers to use for domain resolution type: array items: - $ref: '#/components/schemas/Node' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - Node: - id: Node - description: Node in a cluster. + type: string + NetworkConfig: type: object properties: - name: - description: >- - Output only. The resource name of this node. Resource names are - schemeless URIs that follow the conventions in - https://cloud.google.com/apis/design/resource_names. For example: - projects/my-project/locations/us-central1-a/privateClouds/my-cloud/clusters/my-cluster/nodes/my-node - readOnly: true - type: string - fqdn: - description: Output only. Fully qualified domain name of the node. - readOnly: true - type: string - internalIp: - description: Output only. Internal IP address of the node. + dnsServerIp: readOnly: true type: string - nodeTypeId: description: >- - Output only. The canonical identifier of the node type (corresponds - to the `NodeType`). For example: standard-72. - readOnly: true - type: string - version: + Output only. DNS Server IP of the Private Cloud. All DNS queries can + be forwarded to this address for name resolution of Private Cloud's + management entities like vCenter, NSX-T Manager and ESXi hosts. + managementIpAddressLayoutVersion: + type: integer description: >- - Output only. The version number of the VMware ESXi management - component in this cluster. + Output only. The IP address layout version of the management IP + address range. Possible versions include: * + `managementIpAddressLayoutVersion=1`: Indicates the legacy IP + address layout used by some existing private clouds. This is no + longer supported for new private clouds as it does not support all + features. * `managementIpAddressLayoutVersion=2`: Indicates the + latest IP address layout used by all newly created private clouds. + This version supports all current features. readOnly: true + format: int32 + vmwareEngineNetworkCanonical: + description: >- + Output only. The canonical name of the VMware Engine network in the + form: + `projects/{project_number}/locations/{location}/vmwareEngineNetworks/{vmware_engine_network_id}` type: string - customCoreCount: - description: Output only. Customized number of cores readOnly: true + vmwareEngineNetwork: + description: >- + Optional. The relative resource name of the VMware Engine network + attached to the private cloud. Specify the name in the following + form: + `projects/{project}/locations/{location}/vmwareEngineNetworks/{vmware_engine_network_id}` + where `{project}` can either be a project number or a project ID. type: string - format: int64 - state: - description: Output only. The state of the appliance. - readOnly: true + managementCidr: type: string - enumDescriptions: - - The default value. This value should never be used. - - Node is operational and can be used by the user. - - Node is being provisioned. - - Node is in a failed state. - - >- - Node is undergoing maintenance, e.g.: during private cloud - upgrade. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - CREATING - - FAILED - - UPGRADING - ListExternalAddressesResponse: - id: ListExternalAddressesResponse - description: Response message for VmwareEngine.ListExternalAddresses - type: object + description: Required. Management CIDR used by VMware management appliances. + description: >- + Network configuration in the consumer project with which the peering has + to be done. + id: NetworkConfig + ListLoggingServersResponse: + description: Response message for VmwareEngine.ListLoggingServers properties: - externalAddresses: - description: A list of external IP addresses. + loggingServers: + description: A list of Logging Servers. type: array items: - $ref: '#/components/schemas/ExternalAddress' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string + $ref: '#/components/schemas/LoggingServer' unreachable: description: >- Locations that could not be reached when making an aggregated query using wildcards. - type: array items: type: string - ExternalAddress: - id: ExternalAddress - description: >- - Represents an allocated external IP address and its corresponding - internal IP address in a private cloud. + type: array + nextPageToken: + description: >- + A token, which can be send as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string type: object + id: ListLoggingServersResponse + AuditLogConfig: properties: - name: + exemptedMembers: description: >- - Output only. Identifier. The resource name of this external IP - address. Resource names are schemeless URIs that follow the - conventions in https://cloud.google.com/apis/design/resource_names. - For example: - `projects/my-project/locations/us-central1-a/privateClouds/my-cloud/externalAddresses/my-address` - readOnly: true + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. + type: array + items: + type: string + logType: + enum: + - LOG_TYPE_UNSPECIFIED + - ADMIN_READ + - DATA_WRITE + - DATA_READ + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + description: The log type that this config enables. type: string + id: AuditLogConfig + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. + type: object + Empty: + id: Empty + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + type: object + properties: {} + DnsForwarding: + type: object + id: DnsForwarding + description: >- + DNS forwarding config. This config defines a list of domain to name + server mappings, and is attached to the private cloud for custom domain + resolution. + properties: + forwardingRules: + items: + $ref: '#/components/schemas/ForwardingRule' + type: array + description: Required. List of domain mappings to configure createTime: + type: string description: Output only. Creation time of this resource. readOnly: true - type: string format: google-datetime updateTime: description: Output only. Last update time of this resource. - readOnly: true type: string format: google-datetime - internalIp: - description: The internal IP address of a workload VM. - type: string - externalIp: - description: Output only. The external IP address of a workload VM. readOnly: true - type: string - state: - description: Output only. The state of the resource. - readOnly: true - type: string - enumDescriptions: - - The default value. This value should never be used. - - The address is ready. - - The address is being created. - - The address is being updated. - - The address is being deleted. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - CREATING - - UPDATING - - DELETING - uid: - description: Output only. System-generated unique identifier for the resource. + name: readOnly: true type: string - description: - description: User-provided description for this resource. - type: string - FetchNetworkPolicyExternalAddressesResponse: - id: FetchNetworkPolicyExternalAddressesResponse - description: Response message for VmwareEngine.FetchNetworkPolicyExternalAddresses + description: >- + Output only. Identifier. The resource name of this DNS profile. + Resource names are schemeless URIs that follow the conventions in + https://cloud.google.com/apis/design/resource_names. For example: + `projects/my-project/locations/us-central1-a/privateClouds/my-cloud/dnsForwarding` + Status: type: object + id: Status + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). properties: - externalAddresses: - description: >- - A list of external IP addresses assigned to VMware workload VMs - within the scope of the given network policy. + code: + type: integer + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + details: type: array + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. items: - $ref: '#/components/schemas/ExternalAddress' - nextPageToken: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + message: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. type: string - ListSubnetsResponse: - id: ListSubnetsResponse - description: Response message for VmwareEngine.ListSubnets + ResetVcenterCredentialsRequest: + id: ResetVcenterCredentialsRequest + description: Request message for VmwareEngine.ResetVcenterCredentials type: object properties: - subnets: - description: A list of subnets. - type: array + username: + type: string + description: >- + Optional. The username of the user to be to reset the credentials. + The default value of this field is CloudOwner@gve.local. The + provided value should be one of the following: + solution-user-01@gve.local, solution-user-02@gve.local, + solution-user-03@gve.local, solution-user-04@gve.local, + solution-user-05@gve.local, zertoadmin@gve.local. + requestId: + description: >- + Optional. A request ID to identify requests. Specify a unique + request ID so that if you must retry your request, the server will + know to ignore the request if it has already been completed. The + server guarantees that a request doesn't result in creation of + duplicate commitments for at least 60 minutes. For example, consider + a situation where you make an initial request and the request times + out. If you make the request again with the same request ID, the + server can check if original operation with the same request ID was + received, and if so, will ignore the second request. This prevents + clients from accidentally creating duplicate commitments. The + request ID must be a valid UUID with the exception that zero UUID is + not supported (00000000-0000-0000-0000-000000000000). + type: string + ListNetworkPoliciesResponse: + type: object + description: Response message for VmwareEngine.ListNetworkPolicies + id: ListNetworkPoliciesResponse + properties: + networkPolicies: items: - $ref: '#/components/schemas/Subnet' + $ref: '#/components/schemas/NetworkPolicy' + type: array + description: A list of network policies. nextPageToken: description: >- - A token, which can be sent as `page_token` to retrieve the next + A token, which can be send as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. type: string unreachable: description: >- Locations that could not be reached when making an aggregated query using wildcards. - type: array items: type: string - Subnet: - id: Subnet - description: >- - Subnet in a private cloud. Either `management` subnets (such as vMotion) - that are read-only, or `userDefined`, which can also be updated. + type: array + UndeletePrivateCloudRequest: + id: UndeletePrivateCloudRequest + description: Request message for VmwareEngine.UndeletePrivateCloud type: object + properties: + requestId: + description: >- + Optional. The request ID must be a valid UUID with the exception + that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). + type: string + HcxActivationKey: properties: name: description: >- - Output only. Identifier. The resource name of this subnet. Resource + Output only. The resource name of this HcxActivationKey. Resource names are schemeless URIs that follow the conventions in https://cloud.google.com/apis/design/resource_names. For example: - `projects/my-project/locations/us-central1-a/privateClouds/my-cloud/subnets/my-subnet` - readOnly: true - type: string - ipCidrRange: - description: The IP address range of the subnet in CIDR format '10.0.0.0/24'. - type: string - gatewayIp: - description: >- - The IP address of the gateway of this subnet. Must fall within the - IP prefix defined above. + `projects/my-project/locations/us-central1/privateClouds/my-cloud/hcxActivationKeys/my-key` type: string - type: - description: >- - Output only. The type of the subnet. For example "management" or - "userDefined". readOnly: true + createTime: type: string - state: - description: Output only. The state of the resource. + description: Output only. Creation time of HCX activation key. readOnly: true - type: string - enumDescriptions: - - The default value. This value should never be used. - - The subnet is ready. - - The subnet is being created. - - The subnet is being updated. - - The subnet is being deleted. - - Changes requested in the last operation are being propagated. - - >- - Last operation on the subnet did not succeed. Subnet's payload is - reverted back to its most recent working state. + format: google-datetime + state: enum: - STATE_UNSPECIFIED - - ACTIVE + - AVAILABLE + - CONSUMED - CREATING - - UPDATING - - DELETING - - RECONCILING - - FAILED - vlanId: - description: Output only. VLAN ID of the VLAN on which the subnet is configured + type: string + description: Output only. State of HCX activation key. + enumDescriptions: + - Unspecified state. + - State of a newly generated activation key. + - State of key when it has been used to activate HCX appliance. + - State of key when it is being created. readOnly: true - type: integer - format: int32 - ListExternalAccessRulesResponse: - id: ListExternalAccessRulesResponse - description: Response message for VmwareEngine.ListExternalAccessRules + activationKey: + type: string + description: Output only. HCX activation key. + readOnly: true + uid: + readOnly: true + type: string + description: Output only. System-generated unique identifier for the resource. + id: HcxActivationKey + description: >- + HCX activation key. A default key is created during private cloud + provisioning, but this behavior is subject to change and you should + always verify active keys. Use VmwareEngine.ListHcxActivationKeys to + retrieve existing keys and VmwareEngine.CreateHcxActivationKey to create + new ones. type: object + ListAnnouncementsResponse: properties: - externalAccessRules: - description: A list of external access firewall rules. - type: array + unreachable: items: - $ref: '#/components/schemas/ExternalAccessRule' + type: string + description: list of unreachable locations + type: array nextPageToken: + type: string description: >- A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. - type: string - unreachable: - description: >- - Locations that could not be reached when making an aggregated query - using wildcards. + announcements: type: array + description: A list of announcement runs. items: - type: string - ExternalAccessRule: - id: ExternalAccessRule - description: >- - External access firewall rules for filtering incoming traffic destined - to `ExternalAddress` resources. + $ref: '#/components/schemas/Announcement' + id: ListAnnouncementsResponse + description: Response message for VmwareEngine.ListAnnouncements type: object + Policy: + type: object + id: Policy properties: - name: - description: >- - Output only. The resource name of this external access rule. - Resource names are schemeless URIs that follow the conventions in - https://cloud.google.com/apis/design/resource_names. For example: - `projects/my-project/locations/us-central1/networkPolicies/my-policy/externalAccessRules/my-rule` - readOnly: true - type: string - createTime: - description: Output only. Creation time of this resource. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Last update time of this resource. - readOnly: true - type: string - format: google-datetime - description: - description: User-provided description for this external access rule. - type: string - priority: - description: >- - External access rule priority, which determines the external access - rule to use when multiple rules apply. If multiple rules have the - same priority, their ordering is non-deterministic. If specific - ordering is required, assign unique priorities to enforce such - ordering. The external access rule priority is an integer from 100 - to 4096, both inclusive. Lower integers indicate higher precedence. - For example, a rule with priority `100` has higher precedence than a - rule with priority `101`. - type: integer - format: int32 - action: - description: The action that the external access rule performs. - type: string - enumDescriptions: - - Defaults to allow. - - Allows connections that match the other specified components. - - Blocks connections that match the other specified components. - enum: - - ACTION_UNSPECIFIED - - ALLOW - - DENY - ipProtocol: - description: >- - The IP protocol to which the external access rule applies. This - value can be one of the following three protocol strings (not - case-sensitive): `tcp`, `udp`, or `icmp`. - type: string - sourceIpRanges: - description: >- - If source ranges are specified, the external access rule applies - only to traffic that has a source IP address in these ranges. These - ranges can either be expressed in the CIDR format or as an IP - address. As only inbound rules are supported, `ExternalAddress` - resources cannot be the source IP addresses of an external access - rule. To match all source addresses, specify `0.0.0.0/0`. - type: array + bindings: items: - $ref: '#/components/schemas/IpRange' - sourcePorts: + $ref: '#/components/schemas/Binding' description: >- - A list of source ports to which the external access rule applies. - This field is only applicable for the UDP or TCP protocol. Each - entry must be either an integer or a range. For example: `["22"]`, - `["80","443"]`, or `["12345-12349"]`. To match all source ports, - specify `["0-65535"]`. + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. type: array - items: - type: string - destinationIpRanges: + etag: + format: byte + type: string description: >- - If destination ranges are specified, the external access rule - applies only to the traffic that has a destination IP address in - these ranges. The specified IP addresses must have reserved external - IP addresses in the scope of the parent network policy. To match all - external IP addresses in the scope of the parent network policy, - specify `0.0.0.0/0`. To match a specific external IP address, - specify it using the `IpRange.external_address` property. - type: array + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + auditConfigs: items: - $ref: '#/components/schemas/IpRange' - destinationPorts: - description: >- - A list of destination ports to which the external access rule - applies. This field is only applicable for the UDP or TCP protocol. - Each entry must be either an integer or a range. For example: - `["22"]`, `["80","443"]`, or `["12345-12349"]`. To match all - destination ports, specify `["0-65535"]`. + $ref: '#/components/schemas/AuditConfig' + description: Specifies cloud audit logging configuration for this policy. type: array - items: - type: string + version: + format: int32 + type: integer + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + VmwareUpgradeComponent: + type: object + description: Per component upgrade resource + id: VmwareUpgradeComponent + properties: state: - description: Output only. The state of the resource. - readOnly: true - type: string enumDescriptions: - - The default value. This value is used if the state is omitted. - - The rule is ready. - - The rule is being created. - - The rule is being updated. - - The rule is being deleted. + - The default value. This value should never be used. + - Component's upgrade is in progress + - >- + The component's upgrade is paused. Will be resumed when upgrade + job is resumed + - The component's upgrade is successfully completed + - >- + The component's upgrade has failed. This will move to resume if + upgrade is resumed or stay as is + - Component's upgrade has not started yet + - >- + Component's upgrade is not applicable in this upgrade. It will be + skipped. + readOnly: true enum: - STATE_UNSPECIFIED - - ACTIVE - - CREATING - - UPDATING - - DELETING - uid: - description: Output only. System-generated unique identifier for the resource. - readOnly: true - type: string - IpRange: - id: IpRange - description: An IP range provided in any one of the supported formats. - type: object - properties: - ipAddress: - description: 'A single IP address. For example: `10.0.0.5`.' - type: string - ipAddressRange: - description: 'An IP address range in the CIDR format. For example: `10.0.0.0/24`.' + - RUNNING + - PAUSED + - SUCCEEDED + - FAILED + - NOT_STARTED + - NOT_APPLICABLE type: string - externalAddress: - description: >- - The name of an `ExternalAddress` resource. The external address must - have been reserved in the scope of this external access rule's - parent network policy. Provide the external address name in the form - of - `projects/{project}/locations/{location}/privateClouds/{private_cloud}/externalAddresses/{external_address}`. - For example: - `projects/my-project/locations/us-central1-a/privateClouds/my-cloud/externalAddresses/my-address`. + description: Output only. Component's upgrade state. + componentType: + enum: + - VMWARE_COMPONENT_TYPE_UNSPECIFIED + - VCENTER + - ESXI + - NSXT_UC + - NSXT_EDGE + - NSXT_MGR + - HCX + - VSAN + - DVS + - NAMESERVER_VM + - KMS_VM + - WITNESS_VM + - NSXT + - CLUSTER + readOnly: true + enumDescriptions: + - The default value. This value should never be used. + - vcenter + - esxi nodes + transport nodes + - nsxt upgrade coordinator + - nsxt edges cluster + - nsxt managers/management plane + - hcx + - VSAN cluster + - DVS switch + - Nameserver VMs + - KMS VM used for vsan encryption + - witness VM in case of stretch PC + - nsxt + - Cluster is used in case of BM type: string - ListLoggingServersResponse: - id: ListLoggingServersResponse - description: Response message for VmwareEngine.ListLoggingServers + description: Output only. Type of component + AutoscalingPolicy: + id: AutoscalingPolicy type: object + description: >- + Autoscaling policy describes the behavior of the autoscaling with + respect to the resource utilization. The scale-out operation is + initiated if the utilization exceeds ANY of the respective thresholds. + The scale-in operation is initiated if the utilization is below ALL of + the respective thresholds. properties: - loggingServers: - description: A list of Logging Servers. - type: array - items: - $ref: '#/components/schemas/LoggingServer' - nextPageToken: + storageThresholds: description: >- - A token, which can be send as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Optional. Utilization thresholds pertaining to amount of consumed + storage. + $ref: '#/components/schemas/Thresholds' + consumedMemoryThresholds: + $ref: '#/components/schemas/Thresholds' + description: >- + Optional. Utilization thresholds pertaining to amount of consumed + memory. + grantedMemoryThresholds: + $ref: '#/components/schemas/Thresholds' + description: >- + Optional. Utilization thresholds pertaining to amount of granted + memory. + cpuThresholds: + description: Optional. Utilization thresholds pertaining to CPU utilization. + $ref: '#/components/schemas/Thresholds' + scaleOutSize: + format: int32 + type: integer + description: >- + Required. Number of nodes to add to a cluster during a scale-out + operation. Must be divisible by 2 for stretched clusters. During a + scale-in operation only one node (or 2 for stretched clusters) are + removed in a single iteration. + nodeTypeId: type: string + description: >- + Required. The canonical identifier of the node type to add or + remove. Corresponds to the `NodeType`. + TestIamPermissionsResponse: + properties: + permissions: + items: + type: string + type: array + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + description: Response message for `TestIamPermissions` method. + id: TestIamPermissionsResponse + type: object + ListPrivateCloudsResponse: + type: object + properties: + privateClouds: + items: + $ref: '#/components/schemas/PrivateCloud' + description: A list of private clouds. + type: array unreachable: description: >- Locations that could not be reached when making an aggregated query using wildcards. - type: array items: type: string - LoggingServer: - id: LoggingServer - description: Logging server to receive vCenter or ESXi logs. - type: object + type: array + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + description: Response message for VmwareEngine.ListPrivateClouds + id: ListPrivateCloudsResponse + PeeringRoute: + id: PeeringRoute properties: - name: + destRange: + type: string description: >- - Output only. The resource name of this logging server. Resource - names are schemeless URIs that follow the conventions in - https://cloud.google.com/apis/design/resource_names. For example: - `projects/my-project/locations/us-central1-a/privateClouds/my-cloud/loggingServers/my-logging-server` + Output only. Destination range of the peering route in CIDR + notation. readOnly: true + type: type: string - createTime: - description: Output only. Creation time of this resource. + enumDescriptions: + - Unspecified peering route type. This is the default value. + - Dynamic routes in the peer network. + - Static routes in the peer network. + - >- + Created, updated, and removed automatically by Google Cloud when + subnets are created, modified, or deleted in the peer network. readOnly: true + description: Output only. Type of the route in the peer VPC network. + enum: + - TYPE_UNSPECIFIED + - DYNAMIC_PEERING_ROUTE + - STATIC_PEERING_ROUTE + - SUBNET_PEERING_ROUTE + nextHopRegion: type: string - format: google-datetime - updateTime: - description: Output only. Last update time of this resource. readOnly: true - type: string - format: google-datetime - hostname: description: >- - Required. Fully-qualified domain name (FQDN) or IP Address of the - logging server. - type: string - port: - description: Required. Port number at which the logging server receives logs. - type: integer - format: int32 - protocol: - description: Required. Protocol used by vCenter to send logs to a logging server. + Output only. Region containing the next hop of the peering route. + This field only applies to dynamic routes in the peer VPC network. + priority: + description: Output only. The priority of the peering route. type: string - enumDescriptions: - - Unspecified communications protocol. This is the default value. - - UDP - - TCP - - TLS - - SSL - - RELP - enum: - - PROTOCOL_UNSPECIFIED - - UDP - - TCP - - TLS - - SSL - - RELP - sourceType: + format: int64 + readOnly: true + imported: + type: boolean description: >- - Required. The type of component that produces logs that will be - forwarded to this logging server. + Output only. True if the peering route has been imported from a + peered VPC network; false otherwise. The import happens if the field + `NetworkPeering.importCustomRoutes` is true for this network, + `NetworkPeering.exportCustomRoutes` is true for the peer VPC + network, and the import does not result in a route conflict. + readOnly: true + direction: + description: >- + Output only. Direction of the routes exchanged with the peer + network, from the VMware Engine network perspective: * Routes of + direction `INCOMING` are imported from the peer network. * Routes of + direction `OUTGOING` are exported from the intranet VPC network of + the VMware Engine network. type: string - enumDescriptions: - - The default value. This value should never be used. - - Logs produced by ESXI hosts - - Logs produced by vCenter server enum: - - SOURCE_TYPE_UNSPECIFIED - - ESXI - - VCSA + - DIRECTION_UNSPECIFIED + - INCOMING + - OUTGOING + enumDescriptions: + - Unspecified exchanged routes direction. This is default. + - Routes imported from the peer network. + - Routes exported to the peer network. + readOnly: true + description: Exchanged network peering route. + type: object + ManagementDnsZoneBinding: + id: ManagementDnsZoneBinding + properties: uid: description: Output only. System-generated unique identifier for the resource. readOnly: true type: string - ListNodeTypesResponse: - id: ListNodeTypesResponse - description: Response message for VmwareEngine.ListNodeTypes - type: object - properties: - nodeTypes: - description: A list of Node Types. - type: array - items: - $ref: '#/components/schemas/NodeType' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + updateTime: + format: google-datetime + readOnly: true + description: Output only. Last update time of this resource. type: string - unreachable: - description: >- - Locations that could not be reached when making an aggregated query - using wildcards. - type: array - items: - type: string - NodeType: - id: NodeType - description: Describes node type. - type: object - properties: - name: - description: >- - Output only. The resource name of this node type. Resource names are - schemeless URIs that follow the conventions in - https://cloud.google.com/apis/design/resource_names. For example: - `projects/my-proj/locations/us-central1-a/nodeTypes/standard-72` + createTime: readOnly: true + description: Output only. Creation time of this resource. type: string - nodeTypeId: + format: google-datetime + vmwareEngineNetwork: description: >- - Output only. The canonical identifier of the node type (corresponds - to the `NodeType`). For example: standard-72. - readOnly: true + Network to bind is a VMware Engine network. Specify the name in the + following form for VMware engine network: + `projects/{project}/locations/global/vmwareEngineNetworks/{vmware_engine_network_id}`. + `{project}` can either be a project number or a project ID. + type: string + vpcNetwork: type: string - displayName: description: >- - Output only. The friendly name for this node type. For example: - ve1-standard-72 + Network to bind is a standard consumer VPC. Specify the name in the + following form for consumer VPC network: + `projects/{project}/global/networks/{network_id}`. `{project}` can + either be a project number or a project ID. + name: + type: string readOnly: true + description: >- + Output only. The resource name of this binding. Resource names are + schemeless URIs that follow the conventions in + https://cloud.google.com/apis/design/resource_names. For example: + `projects/my-project/locations/us-central1-a/privateClouds/my-cloud/managementDnsZoneBindings/my-management-dns-zone-binding` + description: type: string - virtualCpuCount: - description: Output only. The total number of virtual CPUs in a single node. + description: User-provided description for this resource. + state: readOnly: true - type: integer + type: string + description: Output only. The state of the resource. + enumDescriptions: + - The default value. This value should never be used. + - The binding is ready. + - The binding is being created. + - The binding is being updated. + - The binding is being deleted. + - The binding has failed. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - CREATING + - UPDATING + - DELETING + - FAILED + type: object + description: >- + Represents a binding between a network and the management DNS zone. A + management DNS zone is the Cloud DNS cross-project binding zone that + VMware Engine creates for each private cloud. It contains FQDNs and + corresponding IP addresses for the private cloud's ESXi hosts and + management VM appliances like vCenter and NSX Manager. + TimeOfDay: + description: >- + Represents a time of day. The date and time zone are either not + significant or are specified elsewhere. An API may choose to allow leap + seconds. Related types are google.type.Date and + `google.protobuf.Timestamp`. + properties: + seconds: format: int32 - totalCoreCount: - description: Output only. The total number of CPU cores in a single node. - readOnly: true + description: >- + Seconds of a minute. Must be greater than or equal to 0 and + typically must be less than or equal to 59. An API may allow the + value 60 if it allows leap-seconds. type: integer + minutes: format: int32 - memoryGb: - description: Output only. The amount of physical memory available, defined in GB. - readOnly: true + description: >- + Minutes of an hour. Must be greater than or equal to 0 and less than + or equal to 59. type: integer + nanos: + description: >- + Fractions of seconds, in nanoseconds. Must be greater than or equal + to 0 and less than or equal to 999,999,999. format: int32 - diskSizeGb: - description: Output only. The amount of storage available, defined in GB. - readOnly: true + type: integer + hours: type: integer format: int32 - availableCustomCoreCounts: - description: Output only. List of possible values of custom core count. - readOnly: true - type: array - items: - type: integer - format: int32 - kind: - description: Output only. The type of the resource. - readOnly: true + description: >- + Hours of a day in 24 hour format. Must be greater than or equal to 0 + and typically must be less than or equal to 23. An API may choose to + allow the value "24:00:00" for scenarios like business closing time. + type: object + id: TimeOfDay + Operation: + id: Operation + type: object + properties: + response: + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + metadata: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + type: object + description: >- + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + name: type: string - enumDescriptions: - - The default value. This value should never be used. - - Standard HCI node. - - Storage only Node. - enum: - - KIND_UNSPECIFIED - - STANDARD - - STORAGE_ONLY - families: description: >- - Output only. Families of the node type. For node types to be in the - same cluster they must share at least one element in the `families`. - readOnly: true - type: array + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + description: >- + This resource represents a long-running operation that is the result of + a network API call. + ListHcxActivationKeysResponse: + properties: + hcxActivationKeys: items: - type: string - capabilities: - description: Output only. Capabilities of this node type. - readOnly: true + $ref: '#/components/schemas/HcxActivationKey' + type: array + description: List of HCX activation keys. + nextPageToken: + type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + unreachable: type: array + description: >- + Locations that could not be reached when making an aggregated query + using wildcards. items: type: string - enumDescriptions: - - >- - The default value. This value is used if the capability is - omitted or unknown. - - This node type supports stretch clusters. - enum: - - CAPABILITY_UNSPECIFIED - - STRETCHED_CLUSTERS - Credentials: - id: Credentials - description: Credentials for a private cloud. + description: Response message for VmwareEngine.ListHcxActivationKeys type: object + id: ListHcxActivationKeysResponse + Hcx: properties: - username: - description: Initial username. + fqdn: type: string - password: - description: Initial password. + description: Fully qualified domain name of the appliance. + internalIp: + description: Internal IP address of the appliance. type: string - ResetNsxCredentialsRequest: - id: ResetNsxCredentialsRequest - description: Request message for VmwareEngine.ResetNsxCredentials - type: object - properties: - requestId: - description: >- - Optional. A request ID to identify requests. Specify a unique - request ID so that if you must retry your request, the server will - know to ignore the request if it has already been completed. The - server guarantees that a request doesn't result in creation of - duplicate commitments for at least 60 minutes. For example, consider - a situation where you make an initial request and the request times - out. If you make the request again with the same request ID, the - server can check if original operation with the same request ID was - received, and if so, will ignore the second request. This prevents - clients from accidentally creating duplicate commitments. The - request ID must be a valid UUID with the exception that zero UUID is - not supported (00000000-0000-0000-0000-000000000000). + state: type: string - ResetVcenterCredentialsRequest: - id: ResetVcenterCredentialsRequest - description: Request message for VmwareEngine.ResetVcenterCredentials + readOnly: true + description: Output only. The state of the appliance. + enumDescriptions: + - Unspecified appliance state. This is the default value. + - The appliance is operational and can be used. + - The appliance is being deployed. + - The appliance is being activated. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - CREATING + - ACTIVATING + version: + type: string + description: Version of the appliance. + description: Details about a HCX Cloud Manager appliance. type: object + id: Hcx + WeeklyTimeInterval: + id: WeeklyTimeInterval properties: - requestId: - description: >- - Optional. A request ID to identify requests. Specify a unique - request ID so that if you must retry your request, the server will - know to ignore the request if it has already been completed. The - server guarantees that a request doesn't result in creation of - duplicate commitments for at least 60 minutes. For example, consider - a situation where you make an initial request and the request times - out. If you make the request again with the same request ID, the - server can check if original operation with the same request ID was - received, and if so, will ignore the second request. This prevents - clients from accidentally creating duplicate commitments. The - request ID must be a valid UUID with the exception that zero UUID is - not supported (00000000-0000-0000-0000-000000000000). + endTime: + readOnly: true + $ref: '#/components/schemas/TimeOfDay' + description: Output only. The time on the end day at which the interval ends. + startTime: + readOnly: true + description: Output only. The time on the start day at which the interval starts. + $ref: '#/components/schemas/TimeOfDay' + endDay: + readOnly: true type: string - username: + enum: + - DAY_OF_WEEK_UNSPECIFIED + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + - SUNDAY + enumDescriptions: + - The day of the week is unspecified. + - Monday + - Tuesday + - Wednesday + - Thursday + - Friday + - Saturday + - Sunday description: >- - Optional. The username of the user to be to reset the credentials. - The default value of this field is CloudOwner@gve.local. The - provided value should be one of the following: - solution-user-01@gve.local, solution-user-02@gve.local, - solution-user-03@gve.local, solution-user-04@gve.local, - solution-user-05@gve.local, zertoadmin@gve.local. + Output only. The day on which the interval ends. Can be same as + start day. + startDay: + readOnly: true + enumDescriptions: + - The day of the week is unspecified. + - Monday + - Tuesday + - Wednesday + - Thursday + - Friday + - Saturday + - Sunday type: string - DnsForwarding: - id: DnsForwarding - description: >- - DNS forwarding config. This config defines a list of domain to name - server mappings, and is attached to the private cloud for custom domain - resolution. + description: Output only. The day on which the interval starts. + enum: + - DAY_OF_WEEK_UNSPECIFIED + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + - SUNDAY type: object + description: >- + Represents a time interval, spanning across days of the week. Until + local timezones are supported, this interval is in UTC. + ExternalAddress: properties: + state: + enumDescriptions: + - The default value. This value should never be used. + - The address is ready. + - The address is being created. + - The address is being updated. + - The address is being deleted. + enum: + - STATE_UNSPECIFIED + - ACTIVE + - CREATING + - UPDATING + - DELETING + description: Output only. The state of the resource. + readOnly: true + type: string + internalIp: + description: The internal IP address of a workload VM. + type: string name: - description: >- - Output only. Identifier. The resource name of this DNS profile. - Resource names are schemeless URIs that follow the conventions in - https://cloud.google.com/apis/design/resource_names. For example: - `projects/my-project/locations/us-central1-a/privateClouds/my-cloud/dnsForwarding` + type: string readOnly: true + description: >- + Output only. Identifier. The resource name of this external IP + address. Resource names are schemeless URIs that follow the + conventions in https://cloud.google.com/apis/design/resource_names. + For example: + `projects/my-project/locations/us-central1-a/privateClouds/my-cloud/externalAddresses/my-address` + uid: type: string + description: Output only. System-generated unique identifier for the resource. + readOnly: true createTime: - description: Output only. Creation time of this resource. readOnly: true type: string format: google-datetime + description: Output only. Creation time of this resource. + externalIp: + type: string + description: Output only. The external IP address of a workload VM. + readOnly: true updateTime: + format: google-datetime description: Output only. Last update time of this resource. + type: string readOnly: true + description: + description: User-provided description for this resource. type: string - format: google-datetime - forwardingRules: - description: Required. List of domain mappings to configure - type: array - items: - $ref: '#/components/schemas/ForwardingRule' - ForwardingRule: - id: ForwardingRule description: >- - A forwarding rule is a mapping of a `domain` to `name_servers`. This - mapping allows VMware Engine to resolve domains for attached private - clouds by forwarding DNS requests for a given domain to the specified - nameservers. + Represents an allocated external IP address and its corresponding + internal IP address in a private cloud. + type: object + id: ExternalAddress + Binding: type: object + id: Binding properties: - domain: - description: Required. Domain used to resolve a `name_servers` list. - type: string - nameServers: - description: Required. List of DNS servers to use for domain resolution - type: array + members: + description: >- + Specifies the principals requesting access for a Google Cloud + resource. `members` can have the following values: * `allUsers`: A + special identifier that represents anyone who is on the internet; + with or without a Google account. * `allAuthenticatedUsers`: A + special identifier that represents anyone who is authenticated with + a Google account or a service account. Does not include identities + that come from external identity providers (IdPs) through identity + federation. * `user:{emailid}`: An email address that represents a + specific Google account. For example, `alice@example.com` . * + `serviceAccount:{emailid}`: An email address that represents a + Google service account. For example, + `my-other-app@appspot.gserviceaccount.com`. * + `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + An identifier for a [Kubernetes service + account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + For example, + `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * + `group:{emailid}`: An email address that represents a Google group. + For example, `admins@example.com`. * `domain:{domain}`: The G Suite + domain (primary) that represents all the users of that domain. For + example, `google.com` or `example.com`. * + `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workforce identity pool. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: + All workforce identities in a group. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All workforce identities with a specific attribute value. * + `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: + All identities in a workforce identity pool. * + `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: + A single identity in a workload identity pool. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: + A workload identity pool group. * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: + All identities in a workload identity pool with a certain attribute. + * + `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: + All identities in a workload identity pool. * + `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + unique identifier) representing a user that has been recently + deleted. For example, `alice@example.com?uid=123456789012345678901`. + If the user is recovered, this value reverts to `user:{emailid}` and + the recovered user retains the role in the binding. * + `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + (plus unique identifier) representing a service account that has + been recently deleted. For example, + `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + If the service account is undeleted, this value reverts to + `serviceAccount:{emailid}` and the undeleted service account retains + the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + An email address (plus unique identifier) representing a Google + group that has been recently deleted. For example, + `admins@example.com?uid=123456789012345678901`. If the group is + recovered, this value reverts to `group:{emailid}` and the recovered + group retains the role in the binding. * + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: + Deleted single identity in a workforce identity pool. For example, + `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. items: type: string - NetworkPeering: - id: NetworkPeering - description: Details of a network peering. - type: object - properties: - name: + type: array + condition: description: >- - Output only. Identifier. The resource name of the network peering. - NetworkPeering is a global resource and location can only be global. - Resource names are scheme-less URIs that follow the conventions in - https://cloud.google.com/apis/design/resource_names. For example: - `projects/my-project/locations/global/networkPeerings/my-peering` - readOnly: true - type: string - createTime: - description: Output only. Creation time of this resource. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Last update time of this resource. - readOnly: true + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + $ref: '#/components/schemas/Expr' + role: type: string - format: google-datetime - peerNetwork: description: >- - Required. The relative resource name of the network to peer with a - standard VMware Engine network. The provided network can be a - consumer VPC network or another standard VMware Engine network. If - the `peer_network_type` is VMWARE_ENGINE_NETWORK, specify the name - in the form: - `projects/{project}/locations/global/vmwareEngineNetworks/{vmware_engine_network_id}`. - Otherwise specify the name in the form: - `projects/{project}/global/networks/{network_id}`, where `{project}` - can either be a project number or a project ID. - type: string - exportCustomRoutes: + Role that is assigned to the list of `members`, or principals. For + example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an + overview of the IAM roles and permissions, see the [IAM + documentation](https://cloud.google.com/iam/docs/roles-overview). + For a list of the available pre-defined roles, see + [here](https://cloud.google.com/iam/docs/understanding-roles). + description: Associates `members`, or principals, with a `role`. + ResetNsxCredentialsRequest: + properties: + requestId: description: >- - Optional. True if custom routes are exported to the peered network; - false otherwise. The default value is true. - type: boolean - importCustomRoutes: - description: >- - Optional. True if custom routes are imported from the peered - network; false otherwise. The default value is true. - type: boolean - exchangeSubnetRoutes: - description: >- - Optional. True if full mesh connectivity is created and managed - automatically between peered networks; false otherwise. Currently - this field is always true because Google Compute Engine - automatically creates and manages subnetwork routes between two VPC - networks when peering state is 'ACTIVE'. - type: boolean - exportCustomRoutesWithPublicIp: - description: >- - Optional. True if all subnet routes with a public IP address range - are exported; false otherwise. The default value is true. IPv4 - special-use ranges - (https://en.wikipedia.org/wiki/IPv4#Special_addresses) are always - exported to peers and are not controlled by this field. - type: boolean - importCustomRoutesWithPublicIp: - description: >- - Optional. True if all subnet routes with public IP address range are - imported; false otherwise. The default value is true. IPv4 - special-use ranges - (https://en.wikipedia.org/wiki/IPv4#Special_addresses) are always - imported to peers and are not controlled by this field. - type: boolean - state: - description: >- - Output only. State of the network peering. This field has a value of - 'ACTIVE' when there's a matching configuration in the peer network. - New values may be added to this enum when appropriate. - readOnly: true - type: string - enumDescriptions: - - Unspecified network peering state. This is the default value. - - The peering is not active. - - The peering is active. - - The peering is being created. - - The peering is being deleted. - enum: - - STATE_UNSPECIFIED - - INACTIVE - - ACTIVE - - CREATING - - DELETING - stateDetails: - description: >- - Output only. Output Only. Details about the current state of the - network peering. - readOnly: true + Optional. A request ID to identify requests. Specify a unique + request ID so that if you must retry your request, the server will + know to ignore the request if it has already been completed. The + server guarantees that a request doesn't result in creation of + duplicate commitments for at least 60 minutes. For example, consider + a situation where you make an initial request and the request times + out. If you make the request again with the same request ID, the + server can check if original operation with the same request ID was + received, and if so, will ignore the second request. This prevents + clients from accidentally creating duplicate commitments. The + request ID must be a valid UUID with the exception that zero UUID is + not supported (00000000-0000-0000-0000-000000000000). type: string - peerMtu: - description: >- - Optional. Maximum transmission unit (MTU) in bytes. The default - value is `1500`. If a value of `0` is provided for this field, - VMware Engine uses the default value instead. - type: integer - format: int32 - peerNetworkType: - description: >- - Required. The type of the network to peer with the VMware Engine - network. + id: ResetNsxCredentialsRequest + description: Request message for VmwareEngine.ResetNsxCredentials + type: object + TimeWindow: + id: TimeWindow + type: object + description: Represents the time window to perform upgrade activities. + properties: + dayOfWeek: type: string enumDescriptions: - - Unspecified - - >- - Peering connection used for connecting to another VPC network - established by the same user. For example, a peering connection to - another VPC network in the same project or to an on-premises - network. - - >- - Peering connection used for connecting to another VMware Engine - network. - - >- - Peering connection used for establishing [private services - access](https://cloud.google.com/vpc/docs/private-services-access). - - Peering connection used for connecting to NetApp Cloud Volumes. - - >- - Peering connection used for connecting to third-party services. - Most third-party services require manual setup of reverse peering - on the VPC network associated with the third-party service. - - Peering connection used for connecting to Dell PowerScale Filers - - >- - Peering connection used for connecting to Google Cloud NetApp - Volumes. - - >- - Peering connection used for connecting to Google Cloud Filestore - Instances. + - The day of the week is unspecified. + - Monday + - Tuesday + - Wednesday + - Thursday + - Friday + - Saturday + - Sunday + description: Required. Day of the week for this window. enum: - - PEER_NETWORK_TYPE_UNSPECIFIED - - STANDARD - - VMWARE_ENGINE_NETWORK - - PRIVATE_SERVICES_ACCESS - - NETAPP_CLOUD_VOLUMES - - THIRD_PARTY_SERVICE - - DELL_POWERSCALE - - GOOGLE_CLOUD_NETAPP_VOLUMES - - GOOGLE_CLOUD_FILESTORE_INSTANCES - uid: - description: Output only. System-generated unique identifier for the resource. - readOnly: true + - DAY_OF_WEEK_UNSPECIFIED + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + - SUNDAY + duration: type: string - vmwareEngineNetwork: + format: google-duration description: >- - Required. The relative resource name of the VMware Engine network. - Specify the name in the following form: - `projects/{project}/locations/{location}/vmwareEngineNetworks/{vmware_engine_network_id}` - where `{project}` can either be a project number or a project ID. - type: string - description: - description: Optional. User-provided description for this network peering. - type: string - ListNetworkPeeringsResponse: - id: ListNetworkPeeringsResponse - description: Response message for VmwareEngine.ListNetworkPeerings + Required. The duration of the window. The max allowed duration for + any window is 24 hours. + startTime: + description: Required. Time in UTC when the window starts. + $ref: '#/components/schemas/TimeOfDay' + OperationMetadata: + description: Represents the metadata of the long-running operation. type: object + id: OperationMetadata properties: - networkPeerings: - description: A list of network peerings. - type: array - items: - $ref: '#/components/schemas/NetworkPeering' - nextPageToken: + requestedCancellation: + type: boolean description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - unreachable: - description: Unreachable resources. - type: array - items: - type: string - ListPeeringRoutesResponse: - id: ListPeeringRoutesResponse - description: Response message for VmwareEngine.ListPeeringRoutes - type: object - properties: - peeringRoutes: - description: A list of peering routes. - type: array - items: - $ref: '#/components/schemas/PeeringRoute' - nextPageToken: + Output only. True if the user has requested cancellation of the + operation; false otherwise. Operations that have successfully been + cancelled have Operation.error value with a google.rpc.Status.code + of 1, corresponding to `Code.CANCELLED`. + readOnly: true + target: + readOnly: true description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Output only. Server-defined resource path for the target of the + operation. type: string - PeeringRoute: - id: PeeringRoute - description: Exchanged network peering route. - type: object - properties: - destRange: - description: >- - Output only. Destination range of the peering route in CIDR - notation. - readOnly: true + verb: type: string - type: - description: Output only. Type of the route in the peer VPC network. + description: Output only. Name of the verb executed by the operation. + readOnly: true + statusMessage: readOnly: true type: string - enumDescriptions: - - Unspecified peering route type. This is the default value. - - Dynamic routes in the peer network. - - Static routes in the peer network. - - >- - Created, updated, and removed automatically by Google Cloud when - subnets are created, modified, or deleted in the peer network. - enum: - - TYPE_UNSPECIFIED - - DYNAMIC_PEERING_ROUTE - - STATIC_PEERING_ROUTE - - SUBNET_PEERING_ROUTE - nextHopRegion: - description: >- - Output only. Region containing the next hop of the peering route. - This field only applies to dynamic routes in the peer VPC network. + description: Output only. Human-readable status of the operation, if any. + createTime: + description: Output only. The time the operation was created. + type: string readOnly: true + format: google-datetime + endTime: type: string - priority: - description: Output only. The priority of the peering route. readOnly: true + description: Output only. The time the operation finished running. + format: google-datetime + apiVersion: + description: Output only. API version used to start the operation. type: string - format: int64 - imported: - description: >- - Output only. True if the peering route has been imported from a - peered VPC network; false otherwise. The import happens if the field - `NetworkPeering.importCustomRoutes` is true for this network, - `NetworkPeering.exportCustomRoutes` is true for the peer VPC - network, and the import does not result in a route conflict. readOnly: true - type: boolean - direction: - description: >- - Output only. Direction of the routes exchanged with the peer - network, from the VMware Engine network perspective: * Routes of - direction `INCOMING` are imported from the peer network. * Routes of - direction `OUTGOING` are exported from the intranet VPC network of - the VMware Engine network. - readOnly: true - type: string - enumDescriptions: - - Unspecified exchanged routes direction. This is default. - - Routes imported from the peer network. - - Routes exported to the peer network. - enum: - - DIRECTION_UNSPECIFIED - - INCOMING - - OUTGOING - HcxActivationKey: - id: HcxActivationKey - description: >- - HCX activation key. A default key is created during private cloud - provisioning, but this behavior is subject to change and you should - always verify active keys. Use VmwareEngine.ListHcxActivationKeys to - retrieve existing keys and VmwareEngine.CreateHcxActivationKey to create - new ones. - type: object + ManagementCluster: + description: Management cluster configuration. properties: - name: + stretchedClusterConfig: description: >- - Output only. The resource name of this HcxActivationKey. Resource - names are schemeless URIs that follow the conventions in - https://cloud.google.com/apis/design/resource_names. For example: - `projects/my-project/locations/us-central1/privateClouds/my-cloud/hcxActivationKeys/my-key` - readOnly: true - type: string - createTime: - description: Output only. Creation time of HCX activation key. - readOnly: true - type: string - format: google-datetime - state: - description: Output only. State of HCX activation key. - readOnly: true - type: string - enumDescriptions: - - Unspecified state. - - State of a newly generated activation key. - - State of key when it has been used to activate HCX appliance. - - State of key when it is being created. - enum: - - STATE_UNSPECIFIED - - AVAILABLE - - CONSUMED - - CREATING - activationKey: - description: Output only. HCX activation key. - readOnly: true - type: string - uid: - description: Output only. System-generated unique identifier for the resource. - readOnly: true + Optional. Configuration of a stretched cluster. Required for + STRETCHED private clouds. + $ref: '#/components/schemas/StretchedClusterConfig' + clusterId: + description: >- + Required. The user-provided identifier of the new `Cluster`. The + identifier must meet the following requirements: * Only contains + 1-63 alphanumeric characters and hyphens * Begins with an + alphabetical character * Ends with a non-hyphen character * Not + formatted as a UUID * Complies with [RFC + 1034](https://datatracker.ietf.org/doc/html/rfc1034) (section 3.5) type: string - ListHcxActivationKeysResponse: - id: ListHcxActivationKeysResponse - description: Response message for VmwareEngine.ListHcxActivationKeys + nodeTypeConfigs: + type: object + additionalProperties: + $ref: '#/components/schemas/NodeTypeConfig' + description: >- + Required. The map of cluster node types in this cluster, where the + key is canonical identifier of the node type (corresponds to the + `NodeType`). + id: ManagementCluster type: object + GrantDnsBindPermissionRequest: + description: Request message for VmwareEngine.GrantDnsBindPermission properties: - hcxActivationKeys: - description: List of HCX activation keys. - type: array - items: - $ref: '#/components/schemas/HcxActivationKey' - nextPageToken: + principal: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Required. The consumer provided user/service account which needs to + be granted permission to bind with the intranet VPC corresponding to + the consumer project. + $ref: '#/components/schemas/Principal' + requestId: type: string - unreachable: description: >- - Locations that could not be reached when making an aggregated query - using wildcards. - type: array - items: - type: string - NetworkPolicy: - id: NetworkPolicy - description: >- - Represents a network policy resource. Network policies are regional - resources. You can use a network policy to enable or disable internet - access and external IP access. Network policies are associated with a - VMware Engine network, which might span across regions. For a given - region, a network policy applies to all private clouds in the VMware - Engine network associated with the policy. + Optional. A request ID to identify requests. Specify a unique + request ID so that if you must retry your request, the server will + know to ignore the request if it has already been completed. The + server guarantees that a request doesn't result in creation of + duplicate commitments for at least 60 minutes. For example, consider + a situation where you make an initial request and the request times + out. If you make the request again with the same request ID, the + server can check if original operation with the same request ID was + received, and if so, will ignore the second request. This prevents + clients from accidentally creating duplicate commitments. The + request ID must be a valid UUID with the exception that zero UUID is + not supported (00000000-0000-0000-0000-000000000000). + id: GrantDnsBindPermissionRequest + type: object + Constraints: + id: Constraints type: object properties: - name: + disallowedIntervals: + items: + $ref: '#/components/schemas/WeeklyTimeInterval' description: >- - Output only. Identifier. The resource name of this network policy. - Resource names are schemeless URIs that follow the conventions in - https://cloud.google.com/apis/design/resource_names. For example: - `projects/my-project/locations/us-central1/networkPolicies/my-network-policy` - readOnly: true - type: string - createTime: - description: Output only. Creation time of this resource. + Output only. Output Only. A list of intervals in which maintenance + windows are not allowed. Any time window that overlaps with any of + these intervals will be considered invalid. readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Last update time of this resource. + type: array + minHoursDay: + type: integer readOnly: true - type: string - format: google-datetime - internetAccess: - description: Network service that allows VMware workloads to access the internet. - $ref: '#/components/schemas/NetworkService' - externalIp: description: >- - Network service that allows External IP addresses to be assigned to - VMware workloads. This service can only be enabled when - `internet_access` is also enabled. - $ref: '#/components/schemas/NetworkService' - edgeServicesCidr: + Output only. Minimum number of hours must be allotted for the + upgrade activities for each selected day. This is a minimum; the + upgrade schedule can allot more hours for the given day. + format: int32 + minHoursWeek: + type: integer description: >- - Required. IP address range in CIDR notation used to create internet - access and external IP access. An RFC 1918 CIDR block, with a "/26" - prefix, is required. The range cannot overlap with any prefixes - either in the consumer VPC network or in use by the private clouds - attached to that VPC network. - type: string - uid: - description: Output only. System-generated unique identifier for the resource. + Output only. The minimum number of weekly hours must be allotted for + the upgrade activities. This is just a minimum; the schedule can + assign more weekly hours. + format: int32 readOnly: true - type: string - vmwareEngineNetwork: - description: >- - Optional. The relative resource name of the VMware Engine network. - Specify the name in the following form: - `projects/{project}/locations/{location}/vmwareEngineNetworks/{vmware_engine_network_id}` - where `{project}` can either be a project number or a project ID. - type: string - description: - description: Optional. User-provided description for this network policy. - type: string - vmwareEngineNetworkCanonical: + rescheduleDateRange: + $ref: '#/components/schemas/Interval' description: >- - Output only. The canonical name of the VMware Engine network in the - form: - `projects/{project_number}/locations/{location}/vmwareEngineNetworks/{vmware_engine_network_id}` + Output only. Output Only. The user can only reschedule an upgrade + that starts within this range. readOnly: true - type: string - NetworkService: - id: NetworkService description: >- - Represents a network service that is managed by a `NetworkPolicy` - resource. A network service provides a way to control an aspect of - external access to VMware workloads. For example, whether the VMware - workloads in the private clouds governed by a network policy can access - or be accessed from the internet. - type: object - properties: - enabled: - description: True if the service is enabled; false otherwise. - type: boolean - state: - description: >- - Output only. State of the service. New values may be added to this - enum when appropriate. - readOnly: true - type: string - enumDescriptions: - - Unspecified service state. This is the default value. - - Service is not provisioned. - - Service is in the process of being provisioned/deprovisioned. - - Service is active. - enum: - - STATE_UNSPECIFIED - - UNPROVISIONED - - RECONCILING - - ACTIVE - ListNetworkPoliciesResponse: - id: ListNetworkPoliciesResponse - description: Response message for VmwareEngine.ListNetworkPolicies + Constraints to be applied while editing a schedule. These constraints + ensure that `Upgrade` specific requirements are met. + ListVmwareEngineNetworksResponse: type: object + description: Response message for VmwareEngine.ListVmwareEngineNetworks properties: - networkPolicies: - description: A list of network policies. - type: array + vmwareEngineNetworks: items: - $ref: '#/components/schemas/NetworkPolicy' + $ref: '#/components/schemas/VmwareEngineNetwork' + description: A list of VMware Engine networks. + type: array nextPageToken: + type: string description: >- - A token, which can be send as `page_token` to retrieve the next + A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. - type: string unreachable: - description: >- - Locations that could not be reached when making an aggregated query - using wildcards. + description: Unreachable resources. type: array items: type: string - ListManagementDnsZoneBindingsResponse: - id: ListManagementDnsZoneBindingsResponse - description: Response message for VmwareEngine.ListManagementDnsZoneBindings + id: ListVmwareEngineNetworksResponse + RepairManagementDnsZoneBindingRequest: type: object properties: - managementDnsZoneBindings: - description: A list of management DNS zone bindings. - type: array - items: - $ref: '#/components/schemas/ManagementDnsZoneBinding' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + requestId: type: string - unreachable: description: >- - Locations that could not be reached when making an aggregated query - using wildcards. - type: array - items: - type: string - ManagementDnsZoneBinding: - id: ManagementDnsZoneBinding + Optional. A request ID to identify requests. Specify a unique + request ID so that if you must retry your request, the server will + know to ignore the request if it has already been completed. The + server guarantees that a request doesn't result in creation of + duplicate commitments for at least 60 minutes. For example, consider + a situation where you make an initial request and the request times + out. If you make the request again with the same request ID, the + server can check if the original operation with the same request ID + was received, and if so, will ignore the second request. This + prevents clients from accidentally creating duplicate commitments. + The request ID must be a valid UUID with the exception that zero + UUID is not supported (00000000-0000-0000-0000-000000000000). + id: RepairManagementDnsZoneBindingRequest + description: Request message for VmwareEngine.RepairManagementDnsZoneBindings + PrivateCloud: description: >- - Represents a binding between a network and the management DNS zone. A - management DNS zone is the Cloud DNS cross-project binding zone that - VMware Engine creates for each private cloud. It contains FQDNs and - corresponding IP addresses for the private cloud's ESXi hosts and - management VM appliances like vCenter and NSX Manager. + Represents a private cloud resource. Private clouds of type `STANDARD` + and `TIME_LIMITED` are zonal resources, `STRETCHED` private clouds are + regional. + id: PrivateCloud type: object properties: - name: - description: >- - Output only. The resource name of this binding. Resource names are - schemeless URIs that follow the conventions in - https://cloud.google.com/apis/design/resource_names. For example: - `projects/my-project/locations/us-central1-a/privateClouds/my-cloud/managementDnsZoneBindings/my-management-dns-zone-binding` - readOnly: true - type: string - createTime: - description: Output only. Creation time of this resource. - readOnly: true + deleteTime: type: string + description: Output only. Time when the resource was scheduled for deletion. format: google-datetime - updateTime: - description: Output only. Last update time of this resource. readOnly: true - type: string - format: google-datetime - state: - description: Output only. The state of the resource. + expireTime: readOnly: true + format: google-datetime type: string - enumDescriptions: - - The default value. This value should never be used. - - The binding is ready. - - The binding is being created. - - The binding is being updated. - - The binding is being deleted. - - The binding has failed. + description: Output only. Time when the resource will be irreversibly deleted. + nsx: + description: Output only. NSX appliance. + $ref: '#/components/schemas/Nsx' + readOnly: true + state: + description: >- + Output only. State of the resource. New values may be added to this + enum when appropriate. enum: - STATE_UNSPECIFIED - ACTIVE - CREATING - UPDATING - - DELETING - FAILED + - DELETED + - PURGING + readOnly: true + enumDescriptions: + - The default value. This value should never be used. + - The private cloud is ready. + - The private cloud is being created. + - The private cloud is being updated. + - The private cloud is in failed state. + - >- + The private cloud is scheduled for deletion. The deletion process + can be cancelled by using the corresponding undelete method. + - >- + The private cloud is irreversibly deleted and is being removed + from the system. + type: string + createTime: + type: string + description: Output only. Creation time of this resource. + format: google-datetime + readOnly: true + networkConfig: + $ref: '#/components/schemas/NetworkConfig' + description: Required. Network configuration of the private cloud. description: - description: User-provided description for this resource. type: string - vpcNetwork: - description: >- - Network to bind is a standard consumer VPC. Specify the name in the - following form for consumer VPC network: - `projects/{project}/global/networks/{network_id}`. `{project}` can - either be a project number or a project ID. + description: User-provided description for this private cloud. + type: + enumDescriptions: + - Standard private is a zonal resource, with 3+ nodes. Default type. + - >- + Time limited private cloud is a zonal resource, can have only 1 + node and has limited life span. Will be deleted after defined + period of time, can be converted into standard private cloud by + expanding it up to 3 or more nodes. + - >- + Stretched private cloud is a regional resource with redundancy, + with a minimum of 6 nodes, nodes count has to be even. + enum: + - STANDARD + - TIME_LIMITED + - STRETCHED type: string - vmwareEngineNetwork: + description: Optional. Type of the private cloud. Defaults to STANDARD. + managementCluster: + $ref: '#/components/schemas/ManagementCluster' description: >- - Network to bind is a VMware Engine network. Specify the name in the - following form for VMware engine network: - `projects/{project}/locations/global/vmwareEngineNetworks/{vmware_engine_network_id}`. - `{project}` can either be a project number or a project ID. - type: string + Required. Input only. The management cluster for this private cloud. + This field is required during creation of the private cloud to + provide details for the default cluster. The following fields can't + be changed after private cloud creation: + `ManagementCluster.clusterId`, `ManagementCluster.nodeTypeId`. + hcx: + $ref: '#/components/schemas/Hcx' + readOnly: true + description: Output only. HCX appliance. uid: description: Output only. System-generated unique identifier for the resource. readOnly: true type: string - RepairManagementDnsZoneBindingRequest: - id: RepairManagementDnsZoneBindingRequest - description: Request message for VmwareEngine.RepairManagementDnsZoneBindings - type: object - properties: - requestId: - description: >- - Optional. A request ID to identify requests. Specify a unique - request ID so that if you must retry your request, the server will - know to ignore the request if it has already been completed. The - server guarantees that a request doesn't result in creation of - duplicate commitments for at least 60 minutes. For example, consider - a situation where you make an initial request and the request times - out. If you make the request again with the same request ID, the - server can check if the original operation with the same request ID - was received, and if so, will ignore the second request. This - prevents clients from accidentally creating duplicate commitments. - The request ID must be a valid UUID with the exception that zero - UUID is not supported (00000000-0000-0000-0000-000000000000). + updateTime: type: string - VmwareEngineNetwork: - id: VmwareEngineNetwork + description: Output only. Last update time of this resource. + format: google-datetime + readOnly: true + name: + type: string + description: >- + Output only. Identifier. The resource name of this private cloud. + Resource names are schemeless URIs that follow the conventions in + https://cloud.google.com/apis/design/resource_names. For example: + `projects/my-project/locations/us-central1-a/privateClouds/my-cloud` + readOnly: true + vcenter: + readOnly: true + $ref: '#/components/schemas/Vcenter' + description: Output only. Vcenter appliance. + Thresholds: + id: Thresholds description: >- - VMware Engine network resource that provides connectivity for VMware - Engine private clouds. + Thresholds define the utilization of resources triggering scale-out and + scale-in operations. type: object + properties: + scaleOut: + type: integer + description: >- + Required. The utilization triggering the scale-out operation in + percent. + format: int32 + scaleIn: + format: int32 + type: integer + description: >- + Required. The utilization triggering the scale-in operation in + percent. + Node: properties: name: description: >- - Output only. Identifier. The resource name of the VMware Engine - network. Resource names are schemeless URIs that follow the - conventions in https://cloud.google.com/apis/design/resource_names. - For example: - `projects/my-project/locations/global/vmwareEngineNetworks/my-network` - readOnly: true + Output only. The resource name of this node. Resource names are + schemeless URIs that follow the conventions in + https://cloud.google.com/apis/design/resource_names. For example: + projects/my-project/locations/us-central1-a/privateClouds/my-cloud/clusters/my-cluster/nodes/my-node type: string - createTime: - description: Output only. Creation time of this resource. readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Last update time of this resource. + internalIp: readOnly: true + description: Output only. Internal IP address of the node. type: string - format: google-datetime - description: - description: User-provided description for this VMware Engine network. + version: + readOnly: true + description: >- + Output only. The version number of the VMware ESXi management + component in this cluster. type: string - vpcNetworks: + nodeTypeId: description: >- - Output only. VMware Engine service VPC networks that provide - connectivity from a private cloud to customer projects, the - internet, and other Google Cloud services. + Output only. The canonical identifier of the node type (corresponds + to the `NodeType`). For example: standard-72. + type: string readOnly: true - type: array - items: - $ref: '#/components/schemas/VpcNetwork' state: - description: Output only. State of the VMware Engine network. + enumDescriptions: + - The default value. This value should never be used. + - Node is operational and can be used by the user. + - Node is being provisioned. + - Node is in a failed state. + - >- + Node is undergoing maintenance, e.g.: during private cloud + upgrade. + description: Output only. The state of the appliance. readOnly: true type: string - enumDescriptions: - - The default value. This value is used if the state is omitted. - - The VMware Engine network is being created. - - The VMware Engine network is ready. - - The VMware Engine network is being updated. - - The VMware Engine network is being deleted. enum: - STATE_UNSPECIFIED - - CREATING - ACTIVE - - UPDATING - - DELETING - type: - description: Required. VMware Engine network type. + - CREATING + - FAILED + - UPGRADING + fqdn: type: string - enumDescriptions: - - The default value. This value should never be used. - - >- - Network type used by private clouds created in projects without a - network of type `STANDARD`. This network type is no longer used - for new VMware Engine private cloud deployments. - - Standard network type used for private cloud connectivity. - enum: - - TYPE_UNSPECIFIED - - LEGACY - - STANDARD - uid: - description: Output only. System-generated unique identifier for the resource. + description: Output only. Fully qualified domain name of the node. readOnly: true + customCoreCount: type: string - etag: - description: >- - Checksum that may be sent on update and delete requests to ensure - that the user-provided value is up to date before the server - processes a request. The server computes checksums based on the - value of other fields in the request. - type: string - VpcNetwork: - id: VpcNetwork - description: >- - Represents a VMware Engine VPC network that is managed by a VMware - Engine network resource. + readOnly: true + description: Output only. Customized number of cores + format: int64 + id: Node type: object + description: Node in a cluster. + Location: properties: - type: + displayName: + type: string description: >- - Output only. Type of VPC network (INTRANET, INTERNET, or - GOOGLE_CLOUD) - readOnly: true + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` type: string - enumDescriptions: - - The default value. This value should never be used. - - >- - VPC network that will be peered with a consumer VPC network or the - intranet VPC of another VMware Engine network. Access a private - cloud through Compute Engine VMs on a peered VPC network or an - on-premises resource connected to a peered consumer VPC network. - - VPC network used for internet access to and from a private cloud. - - >- - VPC network used for access to Google Cloud services like Cloud - Storage. - enum: - - TYPE_UNSPECIFIED - - INTRANET - - INTERNET - - GOOGLE_CLOUD - network: + labels: description: >- - Output only. The relative resource name of the service VPC network - this VMware Engine network is attached to. For example: - `projects/123123/global/networks/my-network` - readOnly: true + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + type: object + additionalProperties: + type: string + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' type: string - ListVmwareEngineNetworksResponse: - id: ListVmwareEngineNetworksResponse - description: Response message for VmwareEngine.ListVmwareEngineNetworks + description: A resource that represents a Google Cloud location. + type: object + id: Location + DnsBindPermission: type: object properties: - vmwareEngineNetworks: - description: A list of VMware Engine networks. - type: array + principals: items: - $ref: '#/components/schemas/VmwareEngineNetwork' - nextPageToken: + $ref: '#/components/schemas/Principal' description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - unreachable: - description: Unreachable resources. + Output only. Users/Service accounts which have access for binding on + the intranet VPC project corresponding to the consumer project. + readOnly: true type: array - items: - type: string + name: + type: string + readOnly: true + description: >- + Required. Output only. The name of the resource which stores the + users/service accounts having the permission to bind to the + corresponding intranet VPC of the consumer project. + DnsBindPermission is a global resource and location can only be + global. Resource names are schemeless URIs that follow the + conventions in https://cloud.google.com/apis/design/resource_names. + For example: + `projects/my-project/locations/global/dnsBindPermission` + id: DnsBindPermission + description: >- + DnsBindPermission resource that contains the accounts having the + consumer DNS bind permission on the corresponding intranet VPC of the + consumer project. PrivateConnection: - id: PrivateConnection + type: object description: >- Private connection resource that provides connectivity for VMware Engine private clouds. - type: object + id: PrivateConnection properties: - name: - description: >- - Output only. The resource name of the private connection. Resource - names are schemeless URIs that follow the conventions in - https://cloud.google.com/apis/design/resource_names. For example: - `projects/my-project/locations/us-central1/privateConnections/my-connection` - readOnly: true - type: string - createTime: - description: Output only. Creation time of this resource. - readOnly: true + vmwareEngineNetworkCanonical: type: string - format: google-datetime - updateTime: - description: Output only. Last update time of this resource. + description: >- + Output only. The canonical name of the VMware Engine network in the + form: + `projects/{project_number}/locations/{location}/vmwareEngineNetworks/{vmware_engine_network_id}` readOnly: true - type: string - format: google-datetime - description: - description: Optional. User-provided description for this private connection. - type: string state: + type: string description: Output only. State of the private connection. readOnly: true - type: string enumDescriptions: - The default value. This value is used if the state is omitted. - The private connection is being created. @@ -2144,42 +2022,40 @@ components: the form of `{location}`-default e.g. projects/project/locations/us-central1/vmwareEngineNetworks/us-central1-default. type: string - vmwareEngineNetworkCanonical: - description: >- - Output only. The canonical name of the VMware Engine network in the - form: - `projects/{project_number}/locations/{location}/vmwareEngineNetworks/{vmware_engine_network_id}` - readOnly: true + updateTime: type: string - type: - description: Required. Private connection type. + readOnly: true + format: google-datetime + description: Output only. Last update time of this resource. + serviceNetwork: type: string - enumDescriptions: - - The default value. This value should never be used. - - >- - Connection used for establishing [private services - access](https://cloud.google.com/vpc/docs/private-services-access). - - Connection used for connecting to NetApp Cloud Volumes. - - Connection used for connecting to Dell PowerScale. - - Connection used for connecting to third-party services. - enum: - - TYPE_UNSPECIFIED - - PRIVATE_SERVICE_ACCESS - - NETAPP_CLOUD_VOLUMES - - DELL_POWERSCALE - - THIRD_PARTY_SERVICE - peeringId: description: >- - Output only. VPC network peering id between given network VPC and - VMwareEngineNetwork. + Required. Service network to create private connection. Specify the + name in the following form: + `projects/{project}/global/networks/{network_id}` For type = + PRIVATE_SERVICE_ACCESS, this field represents servicenetworking VPC, + e.g. projects/project-tp/global/networks/servicenetworking. For type + = NETAPP_CLOUD_VOLUME, this field represents NetApp service VPC, + e.g. projects/project-tp/global/networks/netapp-tenant-vpc. For type + = DELL_POWERSCALE, this field represent Dell service VPC, e.g. + projects/project-tp/global/networks/dell-tenant-vpc. For type= + THIRD_PARTY_SERVICE, this field could represent a consumer VPC or + any other producer VPC to which the VMware Engine Network needs to + be connected, e.g. projects/project/global/networks/vpc. + createTime: + format: google-datetime readOnly: true type: string + description: Output only. Creation time of this resource. + description: + description: Optional. User-provided description for this private connection. + type: string routingMode: + type: string description: >- Optional. Routing Mode. Default value is set to GLOBAL. For type = PRIVATE_SERVICE_ACCESS, this field can be set to GLOBAL or REGIONAL, for other types only GLOBAL is supported. - type: string enumDescriptions: - The default value. This value should never be used. - Global Routing Mode @@ -2188,966 +2064,1252 @@ components: - ROUTING_MODE_UNSPECIFIED - GLOBAL - REGIONAL - uid: - description: Output only. System-generated unique identifier for the resource. - readOnly: true - type: string - serviceNetwork: - description: >- - Required. Service network to create private connection. Specify the - name in the following form: - `projects/{project}/global/networks/{network_id}` For type = - PRIVATE_SERVICE_ACCESS, this field represents servicenetworking VPC, - e.g. projects/project-tp/global/networks/servicenetworking. For type - = NETAPP_CLOUD_VOLUME, this field represents NetApp service VPC, - e.g. projects/project-tp/global/networks/netapp-tenant-vpc. For type - = DELL_POWERSCALE, this field represent Dell service VPC, e.g. - projects/project-tp/global/networks/dell-tenant-vpc. For type= - THIRD_PARTY_SERVICE, this field could represent a consumer VPC or - any other producer VPC to which the VMware Engine Network needs to - be connected, e.g. projects/project/global/networks/vpc. - type: string peeringState: - description: >- - Output only. Peering state between service network and VMware Engine - network. - readOnly: true type: string + readOnly: true enumDescriptions: - >- The default value. This value is used if the peering state is omitted or unknown. - The peering is in active state. - The peering is in inactive state. + description: >- + Output only. Peering state between service network and VMware Engine + network. enum: - PEERING_STATE_UNSPECIFIED - PEERING_ACTIVE - PEERING_INACTIVE - ListPrivateConnectionsResponse: - id: ListPrivateConnectionsResponse - description: Response message for VmwareEngine.ListPrivateConnections - type: object - properties: - privateConnections: - description: A list of private connections. - type: array - items: - $ref: '#/components/schemas/PrivateConnection' - nextPageToken: + peeringId: + readOnly: true description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Output only. VPC network peering id between given network VPC and + VMwareEngineNetwork. type: string - unreachable: - description: Unreachable resources. - type: array - items: - type: string - ListPrivateConnectionPeeringRoutesResponse: - id: ListPrivateConnectionPeeringRoutesResponse - description: Response message for VmwareEngine.ListPrivateConnectionPeeringRoutes - type: object - properties: - peeringRoutes: - description: A list of peering routes. - type: array - items: - $ref: '#/components/schemas/PeeringRoute' - nextPageToken: + name: + readOnly: true description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Output only. The resource name of the private connection. Resource + names are schemeless URIs that follow the conventions in + https://cloud.google.com/apis/design/resource_names. For example: + `projects/my-project/locations/us-central1/privateConnections/my-connection` type: string - GrantDnsBindPermissionRequest: - id: GrantDnsBindPermissionRequest - description: Request message for VmwareEngine.GrantDnsBindPermission - type: object - properties: - principal: - description: >- - Required. The consumer provided user/service account which needs to - be granted permission to bind with the intranet VPC corresponding to - the consumer project. - $ref: '#/components/schemas/Principal' - requestId: - description: >- - Optional. A request ID to identify requests. Specify a unique - request ID so that if you must retry your request, the server will - know to ignore the request if it has already been completed. The - server guarantees that a request doesn't result in creation of - duplicate commitments for at least 60 minutes. For example, consider - a situation where you make an initial request and the request times - out. If you make the request again with the same request ID, the - server can check if original operation with the same request ID was - received, and if so, will ignore the second request. This prevents - clients from accidentally creating duplicate commitments. The - request ID must be a valid UUID with the exception that zero UUID is - not supported (00000000-0000-0000-0000-000000000000). + uid: + readOnly: true type: string - Principal: - id: Principal - description: >- - Users/Service accounts which have access for DNS binding on the intranet - VPC corresponding to the consumer project. - type: object + description: Output only. System-generated unique identifier for the resource. + type: + description: Required. Private connection type. + enumDescriptions: + - The default value. This value should never be used. + - >- + Connection used for establishing [private services + access](https://cloud.google.com/vpc/docs/private-services-access). + - Connection used for connecting to NetApp Cloud Volumes. + - Connection used for connecting to Dell PowerScale. + - Connection used for connecting to third-party services. + type: string + enum: + - TYPE_UNSPECIFIED + - PRIVATE_SERVICE_ACCESS + - NETAPP_CLOUD_VOLUMES + - DELL_POWERSCALE + - THIRD_PARTY_SERVICE + Nsx: properties: - user: - description: The user who needs to be granted permission. + fqdn: type: string - serviceAccount: - description: The service account which needs to be granted the permission. + description: Fully qualified domain name of the appliance. + state: + enum: + - STATE_UNSPECIFIED + - ACTIVE + - CREATING + enumDescriptions: + - Unspecified appliance state. This is the default value. + - The appliance is operational and can be used. + - The appliance is being deployed. type: string - DnsBindPermission: - id: DnsBindPermission + readOnly: true + description: Output only. The state of the appliance. + internalIp: + description: Internal IP address of the appliance. + type: string + version: + type: string + description: Version of the appliance. + id: Nsx + type: object + description: Details about a NSX Manager appliance. + VmwareEngineNetwork: + id: VmwareEngineNetwork description: >- - DnsBindPermission resource that contains the accounts having the - consumer DNS bind permission on the corresponding intranet VPC of the - consumer project. + VMware Engine network resource that provides connectivity for VMware + Engine private clouds. type: object properties: + description: + type: string + description: User-provided description for this VMware Engine network. + state: + description: Output only. State of the VMware Engine network. + type: string + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - UPDATING + - DELETING + readOnly: true + enumDescriptions: + - The default value. This value is used if the state is omitted. + - The VMware Engine network is being created. + - The VMware Engine network is ready. + - The VMware Engine network is being updated. + - The VMware Engine network is being deleted. + type: + description: Required. VMware Engine network type. + enum: + - TYPE_UNSPECIFIED + - LEGACY + - STANDARD + enumDescriptions: + - The default value. This value should never be used. + - >- + Network type used by private clouds created in projects without a + network of type `STANDARD`. This network type is no longer used + for new VMware Engine private cloud deployments. + - Standard network type used for private cloud connectivity. + type: string + createTime: + description: Output only. Creation time of this resource. + type: string + format: google-datetime + readOnly: true + uid: + type: string + readOnly: true + description: Output only. System-generated unique identifier for the resource. + etag: + description: >- + Checksum that may be sent on update and delete requests to ensure + that the user-provided value is up to date before the server + processes a request. The server computes checksums based on the + value of other fields in the request. + type: string + updateTime: + description: Output only. Last update time of this resource. + format: google-datetime + readOnly: true + type: string name: + type: string + readOnly: true description: >- - Required. Output only. The name of the resource which stores the - users/service accounts having the permission to bind to the - corresponding intranet VPC of the consumer project. - DnsBindPermission is a global resource and location can only be - global. Resource names are schemeless URIs that follow the + Output only. Identifier. The resource name of the VMware Engine + network. Resource names are schemeless URIs that follow the conventions in https://cloud.google.com/apis/design/resource_names. For example: - `projects/my-project/locations/global/dnsBindPermission` - readOnly: true - type: string - principals: + `projects/my-project/locations/global/vmwareEngineNetworks/my-network` + vpcNetworks: description: >- - Output only. Users/Service accounts which have access for binding on - the intranet VPC project corresponding to the consumer project. + Output only. VMware Engine service VPC networks that provide + connectivity from a private cloud to customer projects, the + internet, and other Google Cloud services. readOnly: true - type: array items: - $ref: '#/components/schemas/Principal' - RevokeDnsBindPermissionRequest: - id: RevokeDnsBindPermissionRequest - description: Request message for VmwareEngine.RevokeDnsBindPermission + $ref: '#/components/schemas/VpcNetwork' + type: array + VpcNetwork: + description: >- + Represents a VMware Engine VPC network that is managed by a VMware + Engine network resource. + id: VpcNetwork type: object properties: - principal: + network: + type: string + readOnly: true description: >- - Required. The consumer provided user/service account which needs to - be granted permission to bind with the intranet VPC corresponding to - the consumer project. - $ref: '#/components/schemas/Principal' - requestId: + Output only. The relative resource name of the service VPC network + this VMware Engine network is attached to. For example: + `projects/123123/global/networks/my-network` + type: + enumDescriptions: + - The default value. This value should never be used. + - >- + VPC network that will be peered with a consumer VPC network or the + intranet VPC of another VMware Engine network. Access a private + cloud through Compute Engine VMs on a peered VPC network or an + on-premises resource connected to a peered consumer VPC network. + - VPC network used for internet access to and from a private cloud. + - >- + VPC network used for access to Google Cloud services like Cloud + Storage. description: >- - Optional. A request ID to identify requests. Specify a unique - request ID so that if you must retry your request, the server will - know to ignore the request if it has already been completed. The - server guarantees that a request doesn't result in creation of - duplicate commitments for at least 60 minutes. For example, consider - a situation where you make an initial request and the request times - out. If you make the request again with the same request ID, the - server can check if original operation with the same request ID was - received, and if so, will ignore the second request. This prevents - clients from accidentally creating duplicate commitments. The - request ID must be a valid UUID with the exception that zero UUID is - not supported (00000000-0000-0000-0000-000000000000). + Output only. Type of VPC network (INTRANET, INTERNET, or + GOOGLE_CLOUD) + readOnly: true + enum: + - TYPE_UNSPECIFIED + - INTRANET + - INTERNET + - GOOGLE_CLOUD type: string - ListAnnouncementsResponse: - id: ListAnnouncementsResponse - description: Response message for VmwareEngine.ListAnnouncements + ListPrivateConnectionPeeringRoutesResponse: + id: ListPrivateConnectionPeeringRoutesResponse + description: Response message for VmwareEngine.ListPrivateConnectionPeeringRoutes type: object properties: - announcements: - description: A list of announcement runs. - type: array + peeringRoutes: items: - $ref: '#/components/schemas/Announcement' + $ref: '#/components/schemas/PeeringRoute' + description: A list of peering routes. + type: array nextPageToken: description: >- A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. type: string - unreachable: - description: list of unreachable locations + ListClustersResponse: + type: object + description: Response message for VmwareEngine.ListClusters + id: ListClustersResponse + properties: + clusters: + items: + $ref: '#/components/schemas/Cluster' + description: A list of private cloud clusters. type: array + unreachable: items: type: string - Announcement: - id: Announcement - description: Announcement for the resources of Vmware Engine. - type: object - properties: - name: - description: >- - Output only. The resource name of the announcement. Resource names - are schemeless URIs that follow the conventions in - https://cloud.google.com/apis/design/resource_names. For example: - `projects/my-project/locations/us-west1-a/announcements/my-announcement-id` - readOnly: true - type: string - createTime: - description: >- - Output only. Creation time of this resource. It also serves as start - time of notification. - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. Last update time of this resource. - readOnly: true - type: string - format: google-datetime - code: - description: >- - Required. Code of the announcement. Indicates the presence of a - VMware Engine related announcement and corresponds to a related - message in the `description` field. - type: string - description: - description: Output only. Description of the announcement. - readOnly: true - type: string - state: - description: >- - Output only. State of the resource. New values may be added to this - enum when appropriate. - readOnly: true - type: string - enumDescriptions: - - The default value. This value should never be used. - - Active announcement which should be visible to user. - - Inactive announcement which should not be visible to user. - - Announcement which is being deleted - - Announcement which being created - enum: - - STATE_UNSPECIFIED - - ACTIVE - - INACTIVE - - DELETING - - CREATING - privateCloud: - description: A Private Cloud resource name. - type: string - cluster: - description: A Cluster resource name. - type: string - targetResourceType: + type: array description: >- - Output only. Target Resource Type defines the type of the target for - the announcement - readOnly: true + Locations that could not be reached when making an aggregated query + using wildcards. + nextPageToken: type: string - metadata: - description: Output only. Additional structured details about this announcement. - readOnly: true - type: object - additionalProperties: - type: string - activityType: description: >- - Optional. Activity type of the announcement There can be only one - active announcement for a given activity type and target resource. - type: string + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. ListUpgradesResponse: - id: ListUpgradesResponse description: Response message for VmwareEngine.ListUpgrades. type: object properties: upgrades: - description: A list of `Upgrades`. - type: array items: $ref: '#/components/schemas/Upgrade' + description: A list of `Upgrades`. + type: array nextPageToken: + type: string description: >- A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. - type: string unreachable: description: List of unreachable resources. type: array items: type: string - Upgrade: - id: Upgrade - description: Describes Private cloud Upgrade. + id: ListUpgradesResponse + AuditConfig: + description: >- + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + id: AuditConfig type: object properties: - name: - description: >- - Output only. Identifier. The resource name of the private cloud - `Upgrade`. Resource names are schemeless URIs that follow the - conventions in https://cloud.google.com/apis/design/resource_names. - For example: - `projects/my-project/locations/us-west1-a/privateClouds/my-cloud/upgrades/my-upgrade` - readOnly: true + service: type: string - createTime: - description: Output only. Output Only. Creation time of this resource. - readOnly: true + description: >- + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + auditLogConfigs: + description: The configuration for logging of each type of permission. + type: array + items: + $ref: '#/components/schemas/AuditLogConfig' + Principal: + type: object + id: Principal + description: >- + Users/Service accounts which have access for DNS binding on the intranet + VPC corresponding to the consumer project. + properties: + user: type: string - format: google-datetime - updateTime: - description: Output only. Output Only. Last update time of this resource. - readOnly: true + description: The user who needs to be granted permission. + serviceAccount: + description: The service account which needs to be granted the permission. type: string - format: google-datetime - endTime: - description: Output only. Output Only. End time of the upgrade. - readOnly: true + ListPeeringRoutesResponse: + properties: + peeringRoutes: + type: array + items: + $ref: '#/components/schemas/PeeringRoute' + description: A list of peering routes. + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - format: google-datetime + id: ListPeeringRoutesResponse + description: Response message for VmwareEngine.ListPeeringRoutes + type: object + NetworkService: + id: NetworkService + description: >- + Represents a network service that is managed by a `NetworkPolicy` + resource. A network service provides a way to control an aspect of + external access to VMware workloads. For example, whether the VMware + workloads in the private clouds governed by a network policy can access + or be accessed from the internet. + type: object + properties: + enabled: + description: True if the service is enabled; false otherwise. + type: boolean state: - description: Output only. The current state of the upgrade. readOnly: true - type: string + description: >- + Output only. State of the service. New values may be added to this + enum when appropriate. enumDescriptions: - - The default value. This value should never be used. - - The upgrade is scheduled but not started yet. - - The upgrade is currently in progress and has not completed yet. - - The upgrade completed successfully. - - The upgrade is currently paused. - - The upgrade failed. - - The upgrade is in process of being canceled. - - The upgrade is canceled. - - The upgrade is in process of being rescheduled. - enum: - - STATE_UNSPECIFIED - - SCHEDULED - - ONGOING - - SUCCEEDED - - PAUSED - - FAILED - - CANCELLING - - CANCELLED - - RESCHEDULING - type: - description: Output only. Output Only. The type of upgrade. - readOnly: true + - Unspecified service state. This is the default value. + - Service is not provisioned. + - Service is in the process of being provisioned/deprovisioned. + - Service is active. type: string - enumDescriptions: - - The default value. This value should never be used. - - >- - Upgrade of vmware components when a major version is available. - 7.0u2 -> 7.0u3. - - >- - Patching of vmware components when a minor version is available. - 7.0u2c -> 7.0u2d. - - >- - Workarounds are hotfixes for vulnerabilities or issues applied to - mitigate the known vulnerability or issue until a patch or update - is released. The description of the upgrade will have more - details. - - Firmware upgrade for VMware product used in the private cloud. - - Switch upgrade. - - The upgrade type that doesn't fall into any other category. - - Infrastructure upgrade in BM node maintenance. enum: - - TYPE_UNSPECIFIED - - VSPHERE_UPGRADE - - VSPHERE_PATCH - - WORKAROUND - - FIRMWARE_UPGRADE - - SWITCH_UPGRADE - - OTHER - - INFRASTRUCTURE_UPGRADE - description: + - STATE_UNSPECIFIED + - UNPROVISIONED + - RECONCILING + - ACTIVE + AcceleratePrivateCloudDeletionRequest: + properties: + etag: description: >- - Output only. Output Only. The description of the upgrade. This is - used to provide additional information about the private cloud - upgrade, such as the upgrade's purpose, the changes included in the - upgrade, or any other relevant information about the upgrade. - readOnly: true - type: string - estimatedDuration: - description: >- - Output only. Output Only. The estimated total duration of the - upgrade. This information can be used to plan or schedule upgrades - to minimize disruptions. Please note that the estimated duration is - only an estimate. The actual upgrade duration may vary. - readOnly: true + Optional. Checksum used to ensure that the user-provided value is up + to date before the server processes the request. The server compares + provided checksum with the current checksum of the resource. If the + user-provided value is out of date, this request returns an + `ABORTED` error. type: string - format: google-duration - schedule: - description: Schedule details for the upgrade. - $ref: '#/components/schemas/Schedule' - version: - description: 'Output only. ' - readOnly: true + requestId: type: string - etag: description: >- - The etag for the upgrade resource. If this is provided on update, it - must match the server's etag. - type: string - uid: - description: Output only. System-generated unique identifier for the resource. - readOnly: true - type: string - componentUpgrades: - description: Output only. Output Only. The list of component upgrades. - readOnly: true - type: array - items: - $ref: '#/components/schemas/VmwareUpgradeComponent' - startVersion: - description: Output only. Output Only. The start version - readOnly: true - type: string - targetVersion: - description: Output only. Output Only. The target version - readOnly: true - type: string - Schedule: - id: Schedule - description: Schedule for the upgrade. + Optional. The request ID must be a valid UUID with the exception + that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). + description: Request message for VmwareEngine.AcceleratePrivateCloudDeletion type: object + id: AcceleratePrivateCloudDeletionRequest + Schedule: properties: - startTime: - description: Required. The scheduled start time for the upgrade. - type: string - format: google-datetime - weeklyWindows: - description: >- - Required. Weekly time windows for upgrade activities. The server - performs upgrade activities during these time windows to minimize - disruptions. - type: array - items: - $ref: '#/components/schemas/TimeWindow' constraints: + $ref: '#/components/schemas/Constraints' + readOnly: true description: >- Output only. Output Only. Constraints applied to the schedule. These constraints should be applicable at the time of any rescheduling. - readOnly: true - $ref: '#/components/schemas/Constraints' editWindow: + $ref: '#/components/schemas/Interval' + readOnly: true description: >- Output only. Output Only. The schedule is open for edits during this time interval or window. - readOnly: true - $ref: '#/components/schemas/Interval' lastEditor: + enum: + - EDITOR_UNSPECIFIED + - SYSTEM + - USER + type: string description: >- Output only. Output Only. Indicates who most recently edited the upgrade schedule. The value is updated whenever the upgrade is rescheduled. - readOnly: true - type: string enumDescriptions: - The default value. This value should never be used. - The upgrade is scheduled by the System or internal service. - The upgrade is scheduled by the end user. - enum: - - EDITOR_UNSPECIFIED - - SYSTEM - - USER - TimeWindow: - id: TimeWindow - description: Represents the time window to perform upgrade activities. + readOnly: true + startTime: + type: string + description: Required. The scheduled start time for the upgrade. + format: google-datetime + weeklyWindows: + items: + $ref: '#/components/schemas/TimeWindow' + type: array + description: >- + Required. Weekly time windows for upgrade activities. The server + performs upgrade activities during these time windows to minimize + disruptions. type: object + description: Schedule for the upgrade. + id: Schedule + Vcenter: properties: - dayOfWeek: - description: Required. Day of the week for this window. + internalIp: + description: Internal IP address of the appliance. type: string - enumDescriptions: - - The day of the week is unspecified. - - Monday - - Tuesday - - Wednesday - - Thursday - - Friday - - Saturday - - Sunday + fqdn: + type: string + description: Fully qualified domain name of the appliance. + state: enum: - - DAY_OF_WEEK_UNSPECIFIED - - MONDAY - - TUESDAY - - WEDNESDAY - - THURSDAY - - FRIDAY - - SATURDAY - - SUNDAY - startTime: - description: Required. Time in UTC when the window starts. - $ref: '#/components/schemas/TimeOfDay' - duration: - description: >- - Required. The duration of the window. The max allowed duration for - any window is 24 hours. + - STATE_UNSPECIFIED + - ACTIVE + - CREATING + enumDescriptions: + - Unspecified appliance state. This is the default value. + - The appliance is operational and can be used. + - The appliance is being deployed. + readOnly: true type: string - format: google-duration - TimeOfDay: - id: TimeOfDay - description: >- - Represents a time of day. The date and time zone are either not - significant or are specified elsewhere. An API may choose to allow leap - seconds. Related types are google.type.Date and - `google.protobuf.Timestamp`. + description: Output only. The state of the appliance. + version: + description: Version of the appliance. + type: string + description: Details about a vCenter Server management appliance. + id: Vcenter + type: object + NodeTypeConfig: + id: NodeTypeConfig type: object properties: - hours: - description: >- - Hours of a day in 24 hour format. Must be greater than or equal to 0 - and typically must be less than or equal to 23. An API may choose to - allow the value "24:00:00" for scenarios like business closing time. - type: integer + nodeCount: format: int32 - minutes: - description: >- - Minutes of an hour. Must be greater than or equal to 0 and less than - or equal to 59. + description: Required. The number of nodes of this type in the cluster type: integer - format: int32 - seconds: - description: >- - Seconds of a minute. Must be greater than or equal to 0 and - typically must be less than or equal to 59. An API may allow the - value 60 if it allows leap-seconds. + customCoreCount: type: integer - format: int32 - nanos: description: >- - Fractions of seconds, in nanoseconds. Must be greater than or equal - to 0 and less than or equal to 999,999,999. - type: integer + Optional. Customized number of cores available to each node of the + type. This number must always be one of + `nodeType.availableCustomCoreCounts`. If zero is provided max value + from `nodeType.availableCustomCoreCounts` will be used. format: int32 - Constraints: - id: Constraints description: >- - Constraints to be applied while editing a schedule. These constraints - ensure that `Upgrade` specific requirements are met. + Information about the type and number of nodes associated with the + cluster. + StretchedClusterConfig: type: object + id: StretchedClusterConfig properties: - minHoursDay: - description: >- - Output only. Minimum number of hours must be allotted for the - upgrade activities for each selected day. This is a minimum; the - upgrade schedule can allot more hours for the given day. - readOnly: true - type: integer - format: int32 - minHoursWeek: - description: >- - Output only. The minimum number of weekly hours must be allotted for - the upgrade activities. This is just a minimum; the schedule can - assign more weekly hours. - readOnly: true - type: integer - format: int32 - rescheduleDateRange: + preferredLocation: description: >- - Output only. Output Only. The user can only reschedule an upgrade - that starts within this range. - readOnly: true - $ref: '#/components/schemas/Interval' - disallowedIntervals: + Required. Zone that will remain operational when connection between + the two zones is lost. Specify the resource name of a zone that + belongs to the region of the private cloud. For example: + `projects/{project}/locations/europe-west3-a` where `{project}` can + either be a project number or a project ID. + type: string + secondaryLocation: description: >- - Output only. Output Only. A list of intervals in which maintenance - windows are not allowed. Any time window that overlaps with any of - these intervals will be considered invalid. - readOnly: true - type: array - items: - $ref: '#/components/schemas/WeeklyTimeInterval' - Interval: - id: Interval - description: >- - Represents a time interval, encoded as a Timestamp start (inclusive) and - a Timestamp end (exclusive). The start must be less than or equal to the - end. When the start equals the end, the interval is empty (matches no - time). When both start and end are unspecified, the interval matches any - time. + Required. Additional zone for a higher level of availability and + load balancing. Specify the resource name of a zone that belongs to + the region of the private cloud. For example: + `projects/{project}/locations/europe-west3-b` where `{project}` can + either be a project number or a project ID. + type: string + description: Configuration of a stretched cluster. + ListExternalAddressesResponse: type: object properties: - startTime: + nextPageToken: description: >- - Optional. Inclusive start of the interval. If specified, a Timestamp - matching this interval will have to be the same or after the start. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - format: google-datetime - endTime: + unreachable: + type: array + items: + type: string description: >- - Optional. Exclusive end of the interval. If specified, a Timestamp - matching this interval will have to be before the end. - type: string - format: google-datetime - WeeklyTimeInterval: - id: WeeklyTimeInterval - description: >- - Represents a time interval, spanning across days of the week. Until - local timezones are supported, this interval is in UTC. + Locations that could not be reached when making an aggregated query + using wildcards. + externalAddresses: + type: array + items: + $ref: '#/components/schemas/ExternalAddress' + description: A list of external IP addresses. + id: ListExternalAddressesResponse + description: Response message for VmwareEngine.ListExternalAddresses + NetworkPeering: type: object + id: NetworkPeering + description: Details of a network peering. properties: - startDay: - description: Output only. The day on which the interval starts. - readOnly: true - type: string - enumDescriptions: - - The day of the week is unspecified. - - Monday - - Tuesday - - Wednesday - - Thursday - - Friday - - Saturday - - Sunday - enum: - - DAY_OF_WEEK_UNSPECIFIED - - MONDAY - - TUESDAY - - WEDNESDAY - - THURSDAY - - FRIDAY - - SATURDAY - - SUNDAY - startTime: - description: Output only. The time on the start day at which the interval starts. - readOnly: true - $ref: '#/components/schemas/TimeOfDay' - endDay: + importCustomRoutesWithPublicIp: description: >- - Output only. The day on which the interval ends. Can be same as - start day. - readOnly: true + Optional. True if all subnet routes with public IP address range are + imported; false otherwise. The default value is true. IPv4 + special-use ranges + (https://en.wikipedia.org/wiki/IPv4#Special_addresses) are always + imported to peers and are not controlled by this field. + type: boolean + createTime: + description: Output only. Creation time of this resource. + format: google-datetime type: string - enumDescriptions: - - The day of the week is unspecified. - - Monday - - Tuesday - - Wednesday - - Thursday - - Friday - - Saturday - - Sunday - enum: - - DAY_OF_WEEK_UNSPECIFIED - - MONDAY - - TUESDAY - - WEDNESDAY - - THURSDAY - - FRIDAY - - SATURDAY - - SUNDAY - endTime: - description: Output only. The time on the end day at which the interval ends. - readOnly: true - $ref: '#/components/schemas/TimeOfDay' - VmwareUpgradeComponent: - id: VmwareUpgradeComponent - description: Per component upgrade resource - type: object - properties: - componentType: - description: Output only. Type of component readOnly: true - type: string - enumDescriptions: - - The default value. This value should never be used. - - vcenter - - esxi nodes + transport nodes - - nsxt upgrade coordinator - - nsxt edges cluster - - nsxt managers/management plane - - hcx - - VSAN cluster - - DVS switch - - Nameserver VMs - - KMS VM used for vsan encryption - - witness VM in case of stretch PC - - nsxt - - Cluster is used in case of BM + peerNetworkType: enum: - - VMWARE_COMPONENT_TYPE_UNSPECIFIED - - VCENTER - - ESXI - - NSXT_UC - - NSXT_EDGE - - NSXT_MGR - - HCX - - VSAN - - DVS - - NAMESERVER_VM - - KMS_VM - - WITNESS_VM - - NSXT - - CLUSTER - state: - description: Output only. Component's upgrade state. - readOnly: true + - PEER_NETWORK_TYPE_UNSPECIFIED + - STANDARD + - VMWARE_ENGINE_NETWORK + - PRIVATE_SERVICES_ACCESS + - NETAPP_CLOUD_VOLUMES + - THIRD_PARTY_SERVICE + - DELL_POWERSCALE + - GOOGLE_CLOUD_NETAPP_VOLUMES + - GOOGLE_CLOUD_FILESTORE_INSTANCES + description: >- + Required. The type of the network to peer with the VMware Engine + network. type: string enumDescriptions: - - The default value. This value should never be used. - - Component's upgrade is in progress + - Unspecified - >- - The component's upgrade is paused. Will be resumed when upgrade - job is resumed - - The component's upgrade is successfully completed + Peering connection used for connecting to another VPC network + established by the same user. For example, a peering connection to + another VPC network in the same project or to an on-premises + network. - >- - The component's upgrade has failed. This will move to resume if - upgrade is resumed or stay as is - - Component's upgrade has not started yet + Peering connection used for connecting to another VMware Engine + network. - >- - Component's upgrade is not applicable in this upgrade. It will be - skipped. - enum: - - STATE_UNSPECIFIED - - RUNNING - - PAUSED - - SUCCEEDED - - FAILED - - NOT_STARTED - - NOT_APPLICABLE - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object - properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: + Peering connection used for establishing [private services + access](https://cloud.google.com/vpc/docs/private-services-access). + - Peering connection used for connecting to NetApp Cloud Volumes. + - >- + Peering connection used for connecting to third-party services. + Most third-party services require manual setup of reverse peering + on the VPC network associated with the third-party service. + - Peering connection used for connecting to Dell PowerScale Filers + - >- + Peering connection used for connecting to Google Cloud NetApp + Volumes. + - >- + Peering connection used for connecting to Google Cloud Filestore + Instances. name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' type: string - displayName: description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + Output only. Identifier. The resource name of the network peering. + NetworkPeering is a global resource and location can only be global. + Resource names are scheme-less URIs that follow the conventions in + https://cloud.google.com/apis/design/resource_names. For example: + `projects/my-project/locations/global/networkPeerings/my-peering` + readOnly: true + importCustomRoutes: + description: >- + Optional. True if custom routes are imported from the peered + network; false otherwise. The default value is true. + type: boolean + vmwareEngineNetwork: type: string - labels: description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: + Required. The relative resource name of the VMware Engine network. + Specify the name in the following form: + `projects/{project}/locations/{location}/vmwareEngineNetworks/{vmware_engine_network_id}` + where `{project}` can either be a project number or a project ID. + peerMtu: + type: integer description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: + Optional. Maximum transmission unit (MTU) in bytes. The default + value is `1500`. If a value of `0` is provided for this field, + VMware Engine uses the default value instead. + format: int32 + exportCustomRoutesWithPublicIp: description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. + Optional. True if all subnet routes with a public IP address range + are exported; false otherwise. The default value is true. IPv4 + special-use ranges + (https://en.wikipedia.org/wiki/IPv4#Special_addresses) are always + exported to peers and are not controlled by this field. + type: boolean + state: + readOnly: true + enum: + - STATE_UNSPECIFIED + - INACTIVE + - ACTIVE + - CREATING + - DELETING + enumDescriptions: + - Unspecified network peering state. This is the default value. + - The peering is not active. + - The peering is active. + - The peering is being created. + - The peering is being deleted. + type: string + description: >- + Output only. State of the network peering. This field has a value of + 'ACTIVE' when there's a matching configuration in the peer network. + New values may be added to this enum when appropriate. + exchangeSubnetRoutes: + type: boolean + description: >- + Optional. True if full mesh connectivity is created and managed + automatically between peered networks; false otherwise. Currently + this field is always true because Google Compute Engine + automatically creates and manages subnetwork routes between two VPC + networks when peering state is 'ACTIVE'. + description: + description: Optional. User-provided description for this network peering. + type: string + stateDetails: + readOnly: true + type: string + description: >- + Output only. Output Only. Details about the current state of the + network peering. + updateTime: + format: google-datetime + type: string + description: Output only. Last update time of this resource. + readOnly: true + uid: + readOnly: true + type: string + description: Output only. System-generated unique identifier for the resource. + exportCustomRoutes: + type: boolean + description: >- + Optional. True if custom routes are exported to the peered network; + false otherwise. The default value is true. + peerNetwork: + description: >- + Required. The relative resource name of the network to peer with a + standard VMware Engine network. The provided network can be a + consumer VPC network or another standard VMware Engine network. If + the `peer_network_type` is VMWARE_ENGINE_NETWORK, specify the name + in the form: + `projects/{project}/locations/global/vmwareEngineNetworks/{vmware_engine_network_id}`. + Otherwise specify the name in the form: + `projects/{project}/global/networks/{network_id}`, where `{project}` + can either be a project number or a project ID. + type: string + Cluster: + type: object + description: A cluster in a private cloud. + id: Cluster + properties: + autoscalingSettings: + $ref: '#/components/schemas/AutoscalingSettings' + description: Optional. Configuration of the autoscaling applied to this cluster. + nodeTypeConfigs: + type: object + additionalProperties: + $ref: '#/components/schemas/NodeTypeConfig' + description: >- + Required. The map of cluster node types in this cluster, where the + key is canonical identifier of the node type (corresponds to the + `NodeType`). + state: + description: Output only. State of the resource. + type: string + readOnly: true + enum: + - STATE_UNSPECIFIED + - ACTIVE + - CREATING + - UPDATING + - DELETING + - REPAIRING + enumDescriptions: + - The default value. This value should never be used. + - The Cluster is operational and can be used by the user. + - The Cluster is being deployed. + - >- + Adding or removing of a node to the cluster, any other cluster + specific updates. + - The Cluster is being deleted. + - >- + The Cluster is undergoing maintenance, for example: a failed node + is getting replaced. + stretchedClusterConfig: + description: >- + Optional. Configuration of a stretched cluster. Required for + clusters that belong to a STRETCHED private cloud. + $ref: '#/components/schemas/StretchedClusterConfig' + name: + readOnly: true + type: string + description: >- + Output only. Identifier. The resource name of this cluster. Resource + names are schemeless URIs that follow the conventions in + https://cloud.google.com/apis/design/resource_names. For example: + `projects/my-project/locations/us-central1-a/privateClouds/my-cloud/clusters/my-cluster` + management: + type: boolean + description: >- + Output only. True if the cluster is a management cluster; false + otherwise. There can only be one management cluster in a private + cloud and it has to be the first one. + readOnly: true + updateTime: + type: string + readOnly: true + description: Output only. Last update time of this resource. + format: google-datetime + createTime: + format: google-datetime + type: string + readOnly: true + description: Output only. Creation time of this resource. + uid: + type: string + readOnly: true + description: Output only. System-generated unique identifier for the resource. + Interval: + id: Interval + description: >- + Represents a time interval, encoded as a Timestamp start (inclusive) and + a Timestamp end (exclusive). The start must be less than or equal to the + end. When the start equals the end, the interval is empty (matches no + time). When both start and end are unspecified, the interval matches any + time. + type: object + properties: + startTime: + format: google-datetime + description: >- + Optional. Inclusive start of the interval. If specified, a Timestamp + matching this interval will have to be the same or after the start. + type: string + endTime: + description: >- + Optional. Exclusive end of the interval. If specified, a Timestamp + matching this interval will have to be before the end. + type: string + format: google-datetime + IpRange: + description: An IP range provided in any one of the supported formats. + properties: + ipAddress: + description: 'A single IP address. For example: `10.0.0.5`.' + type: string + externalAddress: + description: >- + The name of an `ExternalAddress` resource. The external address must + have been reserved in the scope of this external access rule's + parent network policy. Provide the external address name in the form + of + `projects/{project}/locations/{location}/privateClouds/{private_cloud}/externalAddresses/{external_address}`. + For example: + `projects/my-project/locations/us-central1-a/privateClouds/my-cloud/externalAddresses/my-address`. + type: string + ipAddressRange: + type: string + description: 'An IP address range in the CIDR format. For example: `10.0.0.0/24`.' + type: object + id: IpRange + LocationMetadata: + description: >- + VmwareEngine specific metadata for the given + google.cloud.location.Location. It is returned as a content of the + `google.cloud.location.Location.metadata` field. + properties: + capabilities: + readOnly: true + description: Output only. Capabilities of this location. + items: + type: string + enumDescriptions: + - >- + The default value. This value is used if the capability is + omitted or unknown. + - Stretch clusters are supported in this location. + enum: + - CAPABILITY_UNSPECIFIED + - STRETCHED_CLUSTERS + type: array + type: object + id: LocationMetadata + Subnet: + id: Subnet + properties: + gatewayIp: + type: string + description: >- + The IP address of the gateway of this subnet. Must fall within the + IP prefix defined above. + vlanId: + readOnly: true + description: Output only. VLAN ID of the VLAN on which the subnet is configured + type: integer + format: int32 + state: + enum: + - STATE_UNSPECIFIED + - ACTIVE + - CREATING + - UPDATING + - DELETING + - RECONCILING + - FAILED + readOnly: true + description: Output only. The state of the resource. + enumDescriptions: + - The default value. This value should never be used. + - The subnet is ready. + - The subnet is being created. + - The subnet is being updated. + - The subnet is being deleted. + - Changes requested in the last operation are being propagated. + - >- + Last operation on the subnet did not succeed. Subnet's payload is + reverted back to its most recent working state. + type: string + name: + type: string + readOnly: true + description: >- + Output only. Identifier. The resource name of this subnet. Resource + names are schemeless URIs that follow the conventions in + https://cloud.google.com/apis/design/resource_names. For example: + `projects/my-project/locations/us-central1-a/privateClouds/my-cloud/subnets/my-subnet` + type: + readOnly: true + description: >- + Output only. The type of the subnet. For example "management" or + "userDefined". + type: string + ipCidrRange: + description: The IP address range of the subnet in CIDR format '10.0.0.0/24'. + type: string + description: >- + Subnet in a private cloud. Either `management` subnets (such as vMotion) + that are read-only, or `userDefined`, which can also be updated. + type: object + LoggingServer: + type: object + properties: + name: + type: string + readOnly: true + description: >- + Output only. The resource name of this logging server. Resource + names are schemeless URIs that follow the conventions in + https://cloud.google.com/apis/design/resource_names. For example: + `projects/my-project/locations/us-central1-a/privateClouds/my-cloud/loggingServers/my-logging-server` + protocol: + description: Required. Protocol used by vCenter to send logs to a logging server. + type: string + enumDescriptions: + - Unspecified communications protocol. This is the default value. + - UDP + - TCP + - TLS + - SSL + - RELP + enum: + - PROTOCOL_UNSPECIFIED + - UDP + - TCP + - TLS + - SSL + - RELP + sourceType: + description: >- + Required. The type of component that produces logs that will be + forwarded to this logging server. + enum: + - SOURCE_TYPE_UNSPECIFIED + - ESXI + - VCSA + enumDescriptions: + - The default value. This value should never be used. + - Logs produced by ESXI hosts + - Logs produced by vCenter server + type: string + port: + type: integer + description: Required. Port number at which the logging server receives logs. + format: int32 + updateTime: + type: string + readOnly: true + description: Output only. Last update time of this resource. + format: google-datetime + uid: + description: Output only. System-generated unique identifier for the resource. + readOnly: true + type: string + hostname: + type: string + description: >- + Required. Fully-qualified domain name (FQDN) or IP Address of the + logging server. + createTime: + readOnly: true + description: Output only. Creation time of this resource. + type: string + format: google-datetime + description: Logging server to receive vCenter or ESXi logs. + id: LoggingServer + TestIamPermissionsRequest: + id: TestIamPermissionsRequest + properties: + permissions: + type: array + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). + items: + type: string + type: object + description: Request message for `TestIamPermissions` method. + NetworkPolicy: + type: object + properties: + description: + type: string + description: Optional. User-provided description for this network policy. + createTime: + description: Output only. Creation time of this resource. + type: string + format: google-datetime + readOnly: true + vmwareEngineNetwork: + description: >- + Optional. The relative resource name of the VMware Engine network. + Specify the name in the following form: + `projects/{project}/locations/{location}/vmwareEngineNetworks/{vmware_engine_network_id}` + where `{project}` can either be a project number or a project ID. + type: string + updateTime: + readOnly: true + type: string + format: google-datetime + description: Output only. Last update time of this resource. + externalIp: + description: >- + Network service that allows External IP addresses to be assigned to + VMware workloads. This service can only be enabled when + `internet_access` is also enabled. + $ref: '#/components/schemas/NetworkService' + edgeServicesCidr: + description: >- + Required. IP address range in CIDR notation used to create internet + access and external IP access. An RFC 1918 CIDR block, with a "/26" + prefix, is required. The range cannot overlap with any prefixes + either in the consumer VPC network or in use by the private clouds + attached to that VPC network. + type: string + vmwareEngineNetworkCanonical: + readOnly: true + type: string + description: >- + Output only. The canonical name of the VMware Engine network in the + form: + `projects/{project_number}/locations/{location}/vmwareEngineNetworks/{vmware_engine_network_id}` + uid: + type: string + readOnly: true + description: Output only. System-generated unique identifier for the resource. + name: + description: >- + Output only. Identifier. The resource name of this network policy. + Resource names are schemeless URIs that follow the conventions in + https://cloud.google.com/apis/design/resource_names. For example: + `projects/my-project/locations/us-central1/networkPolicies/my-network-policy` + type: string + readOnly: true + internetAccess: + description: Network service that allows VMware workloads to access the internet. + $ref: '#/components/schemas/NetworkService' + id: NetworkPolicy + description: >- + Represents a network policy resource. Network policies are regional + resources. You can use a network policy to enable or disable internet + access and external IP access. Network policies are associated with a + VMware Engine network, which might span across regions. For a given + region, a network policy applies to all private clouds in the VMware + Engine network associated with the policy. + SetIamPolicyRequest: + id: SetIamPolicyRequest + description: Request message for `SetIamPolicy` method. + properties: + policy: $ref: '#/components/schemas/Policy' + description: >- + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. updateMask: + type: string + format: google-fieldmask description: >- OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"` + type: object + ListExternalAccessRulesResponse: + properties: + externalAccessRules: + description: A list of external access firewall rules. + items: + $ref: '#/components/schemas/ExternalAccessRule' + type: array + unreachable: + items: + type: string + description: >- + Locations that could not be reached when making an aggregated query + using wildcards. + type: array + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - format: google-fieldmask - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + id: ListExternalAccessRulesResponse + description: Response message for VmwareEngine.ListExternalAccessRules + type: object + ListSubnetsResponse: type: object + id: ListSubnetsResponse + description: Response message for VmwareEngine.ListSubnets properties: - version: + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + unreachable: + type: array + description: >- + Locations that could not be reached when making an aggregated query + using wildcards. + items: + type: string + subnets: + description: A list of subnets. + type: array + items: + $ref: '#/components/schemas/Subnet' + ListPrivateConnectionsResponse: + properties: + unreachable: + items: + type: string + type: array + description: Unreachable resources. + privateConnections: + type: array + items: + $ref: '#/components/schemas/PrivateConnection' + description: A list of private connections. + nextPageToken: + type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + description: Response message for VmwareEngine.ListPrivateConnections + type: object + id: ListPrivateConnectionsResponse + ListLocationsResponse: + type: object + id: ListLocationsResponse + description: The response message for Locations.ListLocations. + properties: + nextPageToken: + description: The standard List next-page token. + type: string + locations: + type: array + description: >- + A list of locations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Location' + AutoscalingSettings: + properties: + minClusterNodeCount: + type: integer + description: >- + Optional. Minimum number of nodes of any type in a cluster. If not + specified the default limits apply. + format: int32 + coolDownPeriod: + format: google-duration description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + Optional. The minimum duration between consecutive autoscale + operations. It starts once addition or removal of nodes is fully + completed. Defaults to 30 minutes if not specified. Cool down period + must be in whole minutes (for example, 30, 31, 50, 180 minutes). + type: string + maxClusterNodeCount: type: integer format: int32 - bindings: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array - items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. - type: array - items: - $ref: '#/components/schemas/AuditConfig' - etag: + Optional. Maximum number of nodes of any type in a cluster. If not + specified the default limits apply. + autoscalingPolicies: + type: object description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte - Binding: - id: Binding - description: Associates `members`, or principals, with a `role`. + Required. The map with autoscaling policies applied to the cluster. + The key is the identifier of the policy. It must meet the following + requirements: * Only contains 1-63 alphanumeric characters and + hyphens * Begins with an alphabetical character * Ends with a + non-hyphen character * Not formatted as a UUID * Complies with [RFC + 1034](https://datatracker.ietf.org/doc/html/rfc1034) (section 3.5) + Currently there map must contain only one element that describes the + autoscaling policy for compute nodes. + additionalProperties: + $ref: '#/components/schemas/AutoscalingPolicy' + type: object + id: AutoscalingSettings + description: >- + Autoscaling settings define the rules used by VMware Engine to + automatically scale-out and scale-in the clusters in a private cloud. + Announcement: + description: Announcement for the resources of Vmware Engine. type: object + id: Announcement properties: - role: + updateTime: + type: string + readOnly: true + description: Output only. Last update time of this resource. + format: google-datetime + code: description: >- - Role that is assigned to the list of `members`, or principals. For - example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an - overview of the IAM roles and permissions, see the [IAM - documentation](https://cloud.google.com/iam/docs/roles-overview). - For a list of the available pre-defined roles, see - [here](https://cloud.google.com/iam/docs/understanding-roles). + Required. Code of the announcement. Indicates the presence of a + VMware Engine related announcement and corresponds to a related + message in the `description` field. type: string - members: + name: + readOnly: true description: >- - Specifies the principals requesting access for a Google Cloud - resource. `members` can have the following values: * `allUsers`: A - special identifier that represents anyone who is on the internet; - with or without a Google account. * `allAuthenticatedUsers`: A - special identifier that represents anyone who is authenticated with - a Google account or a service account. Does not include identities - that come from external identity providers (IdPs) through identity - federation. * `user:{emailid}`: An email address that represents a - specific Google account. For example, `alice@example.com` . * - `serviceAccount:{emailid}`: An email address that represents a - Google service account. For example, - `my-other-app@appspot.gserviceaccount.com`. * - `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: - An identifier for a [Kubernetes service - account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). - For example, - `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * - `group:{emailid}`: An email address that represents a Google group. - For example, `admins@example.com`. * `domain:{domain}`: The G Suite - domain (primary) that represents all the users of that domain. For - example, `google.com` or `example.com`. * - `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workforce identity pool. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: - All workforce identities in a group. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All workforce identities with a specific attribute value. * - `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: - All identities in a workforce identity pool. * - `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: - A single identity in a workload identity pool. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: - A workload identity pool group. * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: - All identities in a workload identity pool with a certain attribute. - * - `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: - All identities in a workload identity pool. * - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus - unique identifier) representing a user that has been recently - deleted. For example, `alice@example.com?uid=123456789012345678901`. - If the user is recovered, this value reverts to `user:{emailid}` and - the recovered user retains the role in the binding. * - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address - (plus unique identifier) representing a service account that has - been recently deleted. For example, - `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. - If the service account is undeleted, this value reverts to - `serviceAccount:{emailid}` and the undeleted service account retains - the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: - An email address (plus unique identifier) representing a Google - group that has been recently deleted. For example, - `admins@example.com?uid=123456789012345678901`. If the group is - recovered, this value reverts to `group:{emailid}` and the recovered - group retains the role in the binding. * - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: - Deleted single identity in a workforce identity pool. For example, - `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + Output only. The resource name of the announcement. Resource names + are schemeless URIs that follow the conventions in + https://cloud.google.com/apis/design/resource_names. For example: + `projects/my-project/locations/us-west1-a/announcements/my-announcement-id` + type: string + metadata: + readOnly: true + description: Output only. Additional structured details about this announcement. + type: object + additionalProperties: + type: string + createTime: + readOnly: true + type: string + format: google-datetime + description: >- + Output only. Creation time of this resource. It also serves as start + time of notification. + activityType: + description: >- + Optional. Activity type of the announcement There can be only one + active announcement for a given activity type and target resource. + type: string + state: + type: string + enumDescriptions: + - The default value. This value should never be used. + - Active announcement which should be visible to user. + - Inactive announcement which should not be visible to user. + - Announcement which is being deleted + - Announcement which being created + description: >- + Output only. State of the resource. New values may be added to this + enum when appropriate. + readOnly: true + enum: + - STATE_UNSPECIFIED + - ACTIVE + - INACTIVE + - DELETING + - CREATING + targetResourceType: + description: >- + Output only. Target Resource Type defines the type of the target for + the announcement + readOnly: true + type: string + description: + description: Output only. Description of the announcement. + readOnly: true + type: string + cluster: + description: A Cluster resource name. + type: string + privateCloud: + type: string + description: A Private Cloud resource name. + ListNodesResponse: + id: ListNodesResponse + type: object + properties: + nextPageToken: + type: string + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + nodes: type: array items: - type: string - condition: + $ref: '#/components/schemas/Node' + description: The nodes. + description: Response message for VmwareEngine.ListNodes + FetchNetworkPolicyExternalAddressesResponse: + type: object + properties: + nextPageToken: description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + externalAddresses: + type: array + description: >- + A list of external IP addresses assigned to VMware workload VMs + within the scope of the given network policy. + items: + $ref: '#/components/schemas/ExternalAddress' + id: FetchNetworkPolicyExternalAddressesResponse + description: Response message for VmwareEngine.FetchNetworkPolicyExternalAddresses + Credentials: + id: Credentials + properties: + username: + type: string + description: Initial username. + password: + type: string + description: Initial password. + description: Credentials for a private cloud. + type: object Expr: + type: object id: Expr description: >- Represents a textual expression in the Common Expression Language (CEL) @@ -3166,186 +3328,48 @@ components: string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. - type: object properties: - expression: - description: >- - Textual representation of an expression in Common Expression - Language syntax. - type: string title: description: >- Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. type: string - description: - description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. - type: string location: description: >- Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. type: string - AuditConfig: - id: AuditConfig - description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. - type: object - properties: - service: - description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. - type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. - type: array - items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. - type: object - properties: - logType: - description: The log type that this config enables. - type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' - enum: - - LOG_TYPE_UNSPECIFIED - - ADMIN_READ - - DATA_WRITE - - DATA_READ - exemptedMembers: - description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: - type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: - description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object - properties: - permissions: - description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. - type: array - items: - type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. - type: object - properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + description: type: string - format: google-datetime - target: description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + expression: type: string - requestedCancellation: description: >- - Output only. True if the user has requested cancellation of the - operation; false otherwise. Operations that have successfully been - cancelled have Operation.error value with a google.rpc.Status.code - of 1, corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string - LocationMetadata: - id: LocationMetadata - description: >- - VmwareEngine specific metadata for the given - google.cloud.location.Location. It is returned as a content of the - `google.cloud.location.Location.metadata` field. - type: object - properties: - capabilities: - description: Output only. Capabilities of this location. - readOnly: true - type: array - items: - type: string - enumDescriptions: - - >- - The default value. This value is used if the capability is - omitted or unknown. - - Stretch clusters are supported in this location. - enum: - - CAPABILITY_UNSPECIFIED - - STRETCHED_CLUSTERS + Textual representation of an expression in Common Expression + Language syntax. parameters: - access_token: - description: OAuth access token. + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. in: query - name: access_token + name: key + schema: + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol + schema: + type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType schema: type: string alt: @@ -3358,25 +3382,28 @@ components: - json - media - proto - callback: - description: JSONP + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: callback + name: quotaUser schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + _.xgafv: + description: V1 error format. in: query - name: fields + name: $.xgafv schema: type: string - key: - description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. + enum: + - '1' + - '2' + callback: + description: JSONP in: query - name: key + name: callback schema: type: string oauth_token: @@ -3385,99 +3412,149 @@ components: name: oauth_token schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: upload_protocol + name: fields schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + access_token: + description: OAuth access token. in: query - name: uploadType + name: access_token schema: type: string - _.xgafv: - description: V1 error format. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: $.xgafv + name: prettyPrint schema: - type: string - enum: - - '1' - - '2' + type: boolean x-stackQL-resources: - dns_bind_permission: - id: google.vmwareengine.dns_bind_permission - name: dns_bind_permission - title: Dns_bind_permission + external_access_rules: + id: google.vmwareengine.external_access_rules + name: external_access_rules + title: External_access_rules methods: - get_dns_bind_permission: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dnsBindPermission/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}~1externalAccessRules/get response: mediaType: application/json openAPIDocKey: '200' - grant: + objectKey: $.externalAccessRules + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dnsBindPermission:grant/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}~1externalAccessRules/post response: mediaType: application/json openAPIDocKey: '200' - revoke: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dnsBindPermission:revoke/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}~1externalAccessRules~1{externalAccessRulesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}~1externalAccessRules~1{externalAccessRulesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}~1externalAccessRules~1{externalAccessRulesId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: + - $ref: '#/components/x-stackQL-resources/external_access_rules/methods/get' - $ref: >- - #/components/x-stackQL-resources/dns_bind_permission/methods/get_dns_bind_permission - insert: [] - update: [] + #/components/x-stackQL-resources/external_access_rules/methods/list + insert: + - $ref: >- + #/components/x-stackQL-resources/external_access_rules/methods/create + update: + - $ref: >- + #/components/x-stackQL-resources/external_access_rules/methods/patch replace: [] - delete: [] - locations: - id: google.vmwareengine.locations - name: locations - title: Locations + delete: + - $ref: >- + #/components/x-stackQL-resources/external_access_rules/methods/delete + network_policies: + id: google.vmwareengine.network_policies + name: network_policies + title: Network_policies methods: - list: + delete: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.locations get: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.networkPolicies + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' + - $ref: '#/components/x-stackQL-resources/network_policies/methods/get' + - $ref: '#/components/x-stackQL-resources/network_policies/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/network_policies/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/network_policies/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/network_policies/methods/delete' + network_policies_external_addresses: + id: google.vmwareengine.network_policies_external_addresses + name: network_policies_external_addresses + title: Network_policies_external_addresses + methods: + fetch_external_addresses: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}:fetchExternalAddresses/get + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/network_policies_external_addresses/methods/fetch_external_addresses insert: [] update: [] replace: [] @@ -3487,14 +3564,13 @@ components: name: operations title: Operations methods: - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations get: operation: $ref: >- @@ -3502,13 +3578,14 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.operations sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/operations/methods/get' @@ -3518,204 +3595,206 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - private_clouds: - id: google.vmwareengine.private_clouds - name: private_clouds - title: Private_clouds + peering_routes: + id: google.vmwareengine.peering_routes + name: peering_routes + title: Peering_routes methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPeerings~1{networkPeeringsId}~1peeringRoutes/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.privateClouds - create: + objectKey: $.peeringRoutes + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/peering_routes/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + private_connections: + id: google.vmwareengine.private_connections + name: private_connections + title: Private_connections + methods: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateConnections~1{privateConnectionsId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateConnections~1{privateConnectionsId}/delete response: mediaType: application/json openAPIDocKey: '200' patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateConnections~1{privateConnectionsId}/patch response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateConnections/get response: mediaType: application/json openAPIDocKey: '200' - private_cloud_deletion_now: + objectKey: $.unreachable + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:privateCloudDeletionNow/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateConnections/post response: mediaType: application/json openAPIDocKey: '200' - undelete: + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/private_connections/methods/get' + - $ref: '#/components/x-stackQL-resources/private_connections/methods/list' + insert: + - $ref: >- + #/components/x-stackQL-resources/private_connections/methods/create + update: + - $ref: '#/components/x-stackQL-resources/private_connections/methods/patch' + replace: [] + delete: + - $ref: >- + #/components/x-stackQL-resources/private_connections/methods/delete + network_peerings: + id: google.vmwareengine.network_peerings + name: network_peerings + title: Network_peerings + methods: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:undelete/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPeerings~1{networkPeeringsId}/patch response: mediaType: application/json openAPIDocKey: '200' - show_nsx_credentials: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:showNsxCredentials/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPeerings~1{networkPeeringsId}/delete response: mediaType: application/json openAPIDocKey: '200' - show_vcenter_credentials: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:showVcenterCredentials/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPeerings~1{networkPeeringsId}/get response: mediaType: application/json openAPIDocKey: '200' - reset_nsx_credentials: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:resetNsxCredentials/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPeerings/post response: mediaType: application/json openAPIDocKey: '200' - reset_vcenter_credentials: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:resetVcenterCredentials/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPeerings/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/private_clouds/methods/get' - - $ref: '#/components/x-stackQL-resources/private_clouds/methods/list' + - $ref: '#/components/x-stackQL-resources/network_peerings/methods/get' + - $ref: '#/components/x-stackQL-resources/network_peerings/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/private_clouds/methods/create' + - $ref: '#/components/x-stackQL-resources/network_peerings/methods/create' update: - - $ref: '#/components/x-stackQL-resources/private_clouds/methods/patch' + - $ref: '#/components/x-stackQL-resources/network_peerings/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/private_clouds/methods/delete' - private_clouds_dns_forwarding: - id: google.vmwareengine.private_clouds_dns_forwarding - name: private_clouds_dns_forwarding - title: Private_clouds_dns_forwarding - methods: - get_dns_forwarding: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1dnsForwarding/get - response: - mediaType: application/json - openAPIDocKey: '200' - update_dns_forwarding: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1dnsForwarding/patch - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/private_clouds_dns_forwarding/methods/get_dns_forwarding - insert: [] - update: - - $ref: >- - #/components/x-stackQL-resources/private_clouds_dns_forwarding/methods/update_dns_forwarding - replace: [] - delete: [] - private_clouds_iam_policies: - id: google.vmwareengine.private_clouds_iam_policies - name: private_clouds_iam_policies - title: Private_clouds_iam_policies + - $ref: '#/components/x-stackQL-resources/network_peerings/methods/delete' + subnets: + id: google.vmwareengine.subnets + name: subnets + title: Subnets methods: - set_iam_policy: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1subnets/get response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + objectKey: $.unreachable + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1subnets~1{subnetsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1subnets~1{subnetsId}/patch response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/private_clouds_iam_policies/methods/get_iam_policy + - $ref: '#/components/x-stackQL-resources/subnets/methods/get' + - $ref: '#/components/x-stackQL-resources/subnets/methods/list' insert: [] - update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/private_clouds_iam_policies/methods/set_iam_policy + update: + - $ref: '#/components/x-stackQL-resources/subnets/methods/patch' + replace: [] delete: [] clusters: id: google.vmwareengine.clusters name: clusters title: Clusters methods: - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1clusters/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1clusters~1{clustersId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.clusters - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1clusters/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1clusters~1{clustersId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1clusters~1{clustersId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1clusters~1{clustersId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1clusters~1{clustersId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1clusters/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.clusters + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1clusters~1{clustersId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1clusters/post response: mediaType: application/json openAPIDocKey: '200' @@ -3735,21 +3814,21 @@ components: name: clusters_iam_policies title: Clusters_iam_policies methods: - set_iam_policy: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1clusters~1{clustersId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1clusters~1{clustersId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1clusters~1{clustersId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1clusters~1{clustersId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings test_iam_permissions: operation: $ref: >- @@ -3795,166 +3874,142 @@ components: update: [] replace: [] delete: [] - external_addresses: - id: google.vmwareengine.external_addresses - name: external_addresses - title: External_addresses + management_dns_zone_bindings: + id: google.vmwareengine.management_dns_zone_bindings + name: management_dns_zone_bindings + title: Management_dns_zone_bindings methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1externalAddresses/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.externalAddresses create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1externalAddresses/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1managementDnsZoneBindings/post response: mediaType: application/json openAPIDocKey: '200' - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1externalAddresses~1{externalAddressesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1managementDnsZoneBindings/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1externalAddresses~1{externalAddressesId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1externalAddresses~1{externalAddressesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1managementDnsZoneBindings~1{managementDnsZoneBindingsId}/patch response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/external_addresses/methods/get' - - $ref: '#/components/x-stackQL-resources/external_addresses/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/external_addresses/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/external_addresses/methods/patch' - replace: [] delete: - - $ref: '#/components/x-stackQL-resources/external_addresses/methods/delete' - subnets: - id: google.vmwareengine.subnets - name: subnets - title: Subnets - methods: - list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1subnets/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1managementDnsZoneBindings~1{managementDnsZoneBindingsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.subnets get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1subnets~1{subnetsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1managementDnsZoneBindings~1{managementDnsZoneBindingsId}/get response: mediaType: application/json openAPIDocKey: '200' - patch: + repair: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1subnets~1{subnetsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1managementDnsZoneBindings~1{managementDnsZoneBindingsId}:repair/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/subnets/methods/get' - - $ref: '#/components/x-stackQL-resources/subnets/methods/list' - insert: [] + - $ref: >- + #/components/x-stackQL-resources/management_dns_zone_bindings/methods/get + - $ref: >- + #/components/x-stackQL-resources/management_dns_zone_bindings/methods/list + insert: + - $ref: >- + #/components/x-stackQL-resources/management_dns_zone_bindings/methods/create update: - - $ref: '#/components/x-stackQL-resources/subnets/methods/patch' + - $ref: >- + #/components/x-stackQL-resources/management_dns_zone_bindings/methods/patch replace: [] - delete: [] - logging_servers: - id: google.vmwareengine.logging_servers - name: logging_servers - title: Logging_servers + delete: + - $ref: >- + #/components/x-stackQL-resources/management_dns_zone_bindings/methods/delete + external_addresses: + id: google.vmwareengine.external_addresses + name: external_addresses + title: External_addresses methods: - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1loggingServers/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1externalAddresses~1{externalAddressesId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.loggingServers - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1loggingServers/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1externalAddresses~1{externalAddressesId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1loggingServers~1{loggingServersId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1externalAddresses~1{externalAddressesId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1loggingServers~1{loggingServersId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1externalAddresses/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.unreachable + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1loggingServers~1{loggingServersId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1externalAddresses/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/logging_servers/methods/get' - - $ref: '#/components/x-stackQL-resources/logging_servers/methods/list' + - $ref: '#/components/x-stackQL-resources/external_addresses/methods/get' + - $ref: '#/components/x-stackQL-resources/external_addresses/methods/list' insert: - - $ref: '#/components/x-stackQL-resources/logging_servers/methods/create' + - $ref: '#/components/x-stackQL-resources/external_addresses/methods/create' update: - - $ref: '#/components/x-stackQL-resources/logging_servers/methods/patch' + - $ref: '#/components/x-stackQL-resources/external_addresses/methods/patch' replace: [] delete: - - $ref: '#/components/x-stackQL-resources/logging_servers/methods/delete' + - $ref: '#/components/x-stackQL-resources/external_addresses/methods/delete' hcx_activation_keys: id: google.vmwareengine.hcx_activation_keys name: hcx_activation_keys title: Hcx_activation_keys methods: - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1hcxActivationKeys/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1hcxActivationKeys/get response: mediaType: application/json openAPIDocKey: '200' - list: + objectKey: $.hcxActivationKeys + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1hcxActivationKeys/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1hcxActivationKeys/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.hcxActivationKeys get: operation: $ref: >- @@ -4009,330 +4064,284 @@ components: - $ref: >- #/components/x-stackQL-resources/hcx_activation_keys_iam_policies/methods/set_iam_policy delete: [] - management_dns_zone_bindings: - id: google.vmwareengine.management_dns_zone_bindings - name: management_dns_zone_bindings - title: Management_dns_zone_bindings + upgrades: + id: google.vmwareengine.upgrades + name: upgrades + title: Upgrades methods: - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1managementDnsZoneBindings/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1upgrades~1{upgradesId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.managementDnsZoneBindings - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1managementDnsZoneBindings/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1upgrades~1{upgradesId}/get response: mediaType: application/json openAPIDocKey: '200' - get: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1managementDnsZoneBindings~1{managementDnsZoneBindingsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1upgrades/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.upgrades + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/upgrades/methods/get' + - $ref: '#/components/x-stackQL-resources/upgrades/methods/list' + insert: [] + update: + - $ref: '#/components/x-stackQL-resources/upgrades/methods/patch' + replace: [] + delete: [] + logging_servers: + id: google.vmwareengine.logging_servers + name: logging_servers + title: Logging_servers + methods: patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1managementDnsZoneBindings~1{managementDnsZoneBindingsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1loggingServers~1{loggingServersId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1loggingServers~1{loggingServersId}/get response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1managementDnsZoneBindings~1{managementDnsZoneBindingsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1loggingServers~1{loggingServersId}/delete response: mediaType: application/json openAPIDocKey: '200' - repair: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1managementDnsZoneBindings~1{managementDnsZoneBindingsId}:repair/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1loggingServers/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.loggingServers + create: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1loggingServers/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/management_dns_zone_bindings/methods/get - - $ref: >- - #/components/x-stackQL-resources/management_dns_zone_bindings/methods/list + - $ref: '#/components/x-stackQL-resources/logging_servers/methods/get' + - $ref: '#/components/x-stackQL-resources/logging_servers/methods/list' insert: - - $ref: >- - #/components/x-stackQL-resources/management_dns_zone_bindings/methods/create - update: - - $ref: >- - #/components/x-stackQL-resources/management_dns_zone_bindings/methods/patch - replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/management_dns_zone_bindings/methods/delete - upgrades: - id: google.vmwareengine.upgrades - name: upgrades - title: Upgrades + - $ref: '#/components/x-stackQL-resources/logging_servers/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/logging_servers/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/logging_servers/methods/delete' + private_clouds_iam_policies: + id: google.vmwareengine.private_clouds_iam_policies + name: private_clouds_iam_policies + title: Private_clouds_iam_policies methods: - list: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1upgrades/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.upgrades - get: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1upgrades~1{upgradesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' - patch: + objectKey: $.bindings + set_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1upgrades~1{upgradesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:setIamPolicy/post response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/upgrades/methods/get' - - $ref: '#/components/x-stackQL-resources/upgrades/methods/list' + - $ref: >- + #/components/x-stackQL-resources/private_clouds_iam_policies/methods/get_iam_policy insert: [] - update: - - $ref: '#/components/x-stackQL-resources/upgrades/methods/patch' - replace: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/private_clouds_iam_policies/methods/set_iam_policy delete: [] - network_policies_external_addresses: - id: google.vmwareengine.network_policies_external_addresses - name: network_policies_external_addresses - title: Network_policies_external_addresses + private_clouds: + id: google.vmwareengine.private_clouds + name: private_clouds + title: Private_clouds methods: - fetch_external_addresses: + reset_nsx_credentials: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}:fetchExternalAddresses/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:resetNsxCredentials/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: >- - #/components/x-stackQL-resources/network_policies_external_addresses/methods/fetch_external_addresses - insert: [] - update: [] - replace: [] - delete: [] - network_policies: - id: google.vmwareengine.network_policies - name: network_policies - title: Network_policies - methods: - get: + reset_vcenter_credentials: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:resetVcenterCredentials/post response: mediaType: application/json openAPIDocKey: '200' - patch: + private_cloud_deletion_now: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:privateCloudDeletionNow/post response: mediaType: application/json openAPIDocKey: '200' - delete: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}/get response: mediaType: application/json openAPIDocKey: '200' - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.networkPolicies - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}/patch response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/network_policies/methods/get' - - $ref: '#/components/x-stackQL-resources/network_policies/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/network_policies/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/network_policies/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/network_policies/methods/delete' - external_access_rules: - id: google.vmwareengine.external_access_rules - name: external_access_rules - title: External_access_rules - methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}~1externalAccessRules/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.externalAccessRules + objectKey: $.privateClouds create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}~1externalAccessRules/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds/post response: mediaType: application/json openAPIDocKey: '200' - get: + undelete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}~1externalAccessRules~1{externalAccessRulesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:undelete/post response: mediaType: application/json openAPIDocKey: '200' - patch: + show_vcenter_credentials: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}~1externalAccessRules~1{externalAccessRulesId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:showVcenterCredentials/get response: mediaType: application/json openAPIDocKey: '200' - delete: + show_nsx_credentials: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPolicies~1{networkPoliciesId}~1externalAccessRules~1{externalAccessRulesId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}:showNsxCredentials/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/external_access_rules/methods/get' - - $ref: >- - #/components/x-stackQL-resources/external_access_rules/methods/list + - $ref: '#/components/x-stackQL-resources/private_clouds/methods/get' + - $ref: '#/components/x-stackQL-resources/private_clouds/methods/list' insert: - - $ref: >- - #/components/x-stackQL-resources/external_access_rules/methods/create + - $ref: '#/components/x-stackQL-resources/private_clouds/methods/create' update: - - $ref: >- - #/components/x-stackQL-resources/external_access_rules/methods/patch + - $ref: '#/components/x-stackQL-resources/private_clouds/methods/patch' replace: [] delete: - - $ref: >- - #/components/x-stackQL-resources/external_access_rules/methods/delete - node_types: - id: google.vmwareengine.node_types - name: node_types - title: Node_types + - $ref: '#/components/x-stackQL-resources/private_clouds/methods/delete' + private_clouds_dns_forwarding: + id: google.vmwareengine.private_clouds_dns_forwarding + name: private_clouds_dns_forwarding + title: Private_clouds_dns_forwarding methods: - list: + update_dns_forwarding: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nodeTypes/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1dnsForwarding/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.nodeTypes - get: + get_dns_forwarding: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nodeTypes~1{nodeTypesId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateClouds~1{privateCloudsId}~1dnsForwarding/get response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/node_types/methods/get' - - $ref: '#/components/x-stackQL-resources/node_types/methods/list' + - $ref: >- + #/components/x-stackQL-resources/private_clouds_dns_forwarding/methods/get_dns_forwarding insert: [] - update: [] + update: + - $ref: >- + #/components/x-stackQL-resources/private_clouds_dns_forwarding/methods/update_dns_forwarding replace: [] delete: [] - network_peerings: - id: google.vmwareengine.network_peerings - name: network_peerings - title: Network_peerings + dns_bind_permission: + id: google.vmwareengine.dns_bind_permission + name: dns_bind_permission + title: Dns_bind_permission methods: - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPeerings~1{networkPeeringsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPeerings~1{networkPeeringsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPeerings~1{networkPeeringsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - list: + grant: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPeerings/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dnsBindPermission:grant/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.networkPeerings - create: + revoke: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1networkPeerings/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dnsBindPermission:revoke/post response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/network_peerings/methods/get' - - $ref: '#/components/x-stackQL-resources/network_peerings/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/network_peerings/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/network_peerings/methods/patch' - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/network_peerings/methods/delete' - peering_routes: - id: google.vmwareengine.peering_routes - name: peering_routes - title: Peering_routes - methods: - list: + get_dns_bind_permission: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateConnections~1{privateConnectionsId}~1peeringRoutes/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1dnsBindPermission/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.peeringRoutes sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/peering_routes/methods/list' + - $ref: >- + #/components/x-stackQL-resources/dns_bind_permission/methods/get_dns_bind_permission insert: [] update: [] replace: [] @@ -4342,39 +4351,39 @@ components: name: vmware_engine_networks title: Vmware_engine_networks methods: - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareEngineNetworks/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareEngineNetworks~1{vmwareEngineNetworksId}/get response: mediaType: application/json openAPIDocKey: '200' - list: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareEngineNetworks/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareEngineNetworks~1{vmwareEngineNetworksId}/patch response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.vmwareEngineNetworks - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareEngineNetworks~1{vmwareEngineNetworksId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareEngineNetworks~1{vmwareEngineNetworksId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareEngineNetworks~1{vmwareEngineNetworksId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareEngineNetworks/get response: mediaType: application/json openAPIDocKey: '200' - get: + objectKey: $.vmwareEngineNetworks + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareEngineNetworks~1{vmwareEngineNetworksId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1vmwareEngineNetworks/post response: mediaType: application/json openAPIDocKey: '200' @@ -4394,108 +4403,105 @@ components: delete: - $ref: >- #/components/x-stackQL-resources/vmware_engine_networks/methods/delete - private_connections: - id: google.vmwareengine.private_connections - name: private_connections - title: Private_connections + announcements: + id: google.vmwareengine.announcements + name: announcements + title: Announcements methods: - create: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateConnections/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1announcements~1{announcementsId}/get response: mediaType: application/json openAPIDocKey: '200' list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateConnections/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1announcements/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.privateConnections + objectKey: $.unreachable + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/announcements/methods/get' + - $ref: '#/components/x-stackQL-resources/announcements/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + node_types: + id: google.vmwareengine.node_types + name: node_types + title: Node_types + methods: get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateConnections~1{privateConnectionsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateConnections~1{privateConnectionsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nodeTypes~1{nodeTypesId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1privateConnections~1{privateConnectionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1nodeTypes/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/private_connections/methods/get' - - $ref: '#/components/x-stackQL-resources/private_connections/methods/list' - insert: - - $ref: >- - #/components/x-stackQL-resources/private_connections/methods/create - update: - - $ref: '#/components/x-stackQL-resources/private_connections/methods/patch' + - $ref: '#/components/x-stackQL-resources/node_types/methods/get' + - $ref: '#/components/x-stackQL-resources/node_types/methods/list' + insert: [] + update: [] replace: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/private_connections/methods/delete - announcements: - id: google.vmwareengine.announcements - name: announcements - title: Announcements + delete: [] + locations: + id: google.vmwareengine.locations + name: locations + title: Locations methods: list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1announcements/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.announcements + objectKey: $.locations get: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1announcements~1{announcementsId}/get + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/announcements/methods/get' - - $ref: '#/components/x-stackQL-resources/announcements/methods/list' + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' insert: [] update: [] replace: [] delete: [] paths: - /v1/projects/{projectsId}/locations/{locationsId}/dnsBindPermission: + /v1/projects/{projectsId}/locations/{locationsId}/networkPolicies/{networkPoliciesId}/externalAccessRules: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/prettyPrint' get: - description: >- - Gets all the principals having bind permission on the intranet VPC - associated with the consumer project granted by the Grant API. - DnsBindPermission is a global resource and location can only be global. - operationId: vmwareengine.projects.locations.getDnsBindPermission + description: Lists `ExternalAccessRule` resources in the specified network policy. + operationId: vmwareengine.projects.locations.networkPolicies.externalAccessRules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4507,7 +4513,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DnsBindPermission' + $ref: '#/components/schemas/ListExternalAccessRulesResponse' parameters: - in: path name: projectsId @@ -4519,26 +4525,8 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations: - parameters: *ref_1 - get: - description: Lists information about the supported locations for this service. - operationId: vmwareengine.projects.locations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListLocationsResponse' - parameters: - in: path - name: projectsId + name: networkPoliciesId required: true schema: type: string @@ -4546,166 +4534,28 @@ paths: name: filter schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: type: string - - in: query - name: extraLocationTypes - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 - get: - description: Gets information about a location. - operationId: vmwareengine.projects.locations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Location' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: vmwareengine.projects.locations.operations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListOperationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: vmwareengine.projects.locations.operations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Operation' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true - schema: - type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: vmwareengine.projects.locations.operations.delete - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Empty' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: operationsId - required: true + name: orderBy schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds: - parameters: *ref_1 - get: - description: Lists `PrivateCloud` resources in a given project and location. - operationId: vmwareengine.projects.locations.privateClouds.list + post: + description: Creates a new external access rule in a given network policy. + operationId: >- + vmwareengine.projects.locations.networkPolicies.externalAccessRules.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ExternalAccessRule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4717,7 +4567,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListPrivateCloudsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -4729,37 +4579,25 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: networkPoliciesId + required: true schema: type: string - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: externalAccessRuleId schema: type: string - post: - description: >- - Creates a new `PrivateCloud` resource in a given project and location. - Private clouds of type `STANDARD` and `TIME_LIMITED` are zonal - resources, `STRETCHED` private clouds are regional. Creating a private - cloud also creates a [management - cluster](https://cloud.google.com/vmware-engine/docs/concepts-vmware-components) - for that private cloud. - operationId: vmwareengine.projects.locations.privateClouds.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PrivateCloud' + /v1/projects/{projectsId}/locations/{locationsId}/networkPolicies/{networkPoliciesId}/externalAccessRules/{externalAccessRulesId}: + parameters: *ref_1 + delete: + description: Deletes a single external access rule. + operationId: >- + vmwareengine.projects.locations.networkPolicies.externalAccessRules.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4783,23 +4621,23 @@ paths: required: true schema: type: string - - in: query - name: privateCloudId + - in: path + name: networkPoliciesId + required: true schema: type: string - - in: query - name: requestId + - in: path + name: externalAccessRulesId + required: true schema: type: string - in: query - name: validateOnly + name: requestId schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}: - parameters: *ref_1 + type: string get: - description: Retrieves a `PrivateCloud` resource by its resource name. - operationId: vmwareengine.projects.locations.privateClouds.get + description: Gets details of a single external access rule. + operationId: vmwareengine.projects.locations.networkPolicies.externalAccessRules.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4811,7 +4649,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PrivateCloud' + $ref: '#/components/schemas/ExternalAccessRule' parameters: - in: path name: projectsId @@ -4824,24 +4662,26 @@ paths: schema: type: string - in: path - name: privateCloudsId + name: networkPoliciesId + required: true + schema: + type: string + - in: path + name: externalAccessRulesId required: true schema: type: string patch: description: >- - Modifies a `PrivateCloud` resource. Only the following fields can be - updated: `description`. Only fields specified in `updateMask` are - applied. During operation processing, the resource is temporarily in the - `ACTIVE` state before the operation fully completes. For that period of - time, you can't update the resource. Use the operation status to - determine when the processing fully completes. - operationId: vmwareengine.projects.locations.privateClouds.patch + Updates the parameters of a single external access rule. Only fields + specified in `update_mask` are applied. + operationId: >- + vmwareengine.projects.locations.networkPolicies.externalAccessRules.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/PrivateCloud' + $ref: '#/components/schemas/ExternalAccessRule' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4866,7 +4706,12 @@ paths: schema: type: string - in: path - name: privateCloudsId + name: networkPoliciesId + required: true + schema: + type: string + - in: path + name: externalAccessRulesId required: true schema: type: string @@ -4879,23 +4724,14 @@ paths: name: requestId schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/networkPolicies/{networkPoliciesId}: + parameters: *ref_1 delete: description: >- - Schedules a `PrivateCloud` resource for deletion. A `PrivateCloud` - resource scheduled for deletion has `PrivateCloud.state` set to - `DELETED` and `expireTime` set to the time when deletion is final and - can no longer be reversed. The delete operation is marked as done as - soon as the `PrivateCloud` is successfully scheduled for deletion (this - also applies when `delayHours` is set to zero), and the operation is not - kept in pending state until `PrivateCloud` is purged. `PrivateCloud` can - be restored using `UndeletePrivateCloud` method before the `expireTime` - elapses. When `expireTime` is reached, deletion is final and all private - cloud resources are irreversibly removed and billing stops. During the - final removal process, `PrivateCloud.state` is set to `PURGING`. - `PrivateCloud` can be polled using standard `GET` method for the whole - period of deletion and purging. It will not be returned only when it is - completely purged. - operationId: vmwareengine.projects.locations.privateClouds.delete + Deletes a `NetworkPolicy` resource. A network policy cannot be deleted + when `NetworkService.state` is set to `RECONCILING` for either its + external IP or internet access service. + operationId: vmwareengine.projects.locations.networkPolicies.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4920,7 +4756,7 @@ paths: schema: type: string - in: path - name: privateCloudsId + name: networkPoliciesId required: true schema: type: string @@ -4928,29 +4764,24 @@ paths: name: requestId schema: type: string - - in: query - name: force - schema: - type: boolean - - in: query - name: delayHours - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:privateCloudDeletionNow: - parameters: *ref_1 - post: + patch: description: >- - Accelerates the deletion of a private cloud that is currently in soft - deletion A `PrivateCloud` resource in soft deletion has - `PrivateCloud.state` set to `SOFT_DELETED` and `PrivateCloud.expireTime` - set to the time when deletion can no longer be reversed. - operationId: vmwareengine.projects.locations.privateClouds.privateCloudDeletionNow + Modifies a `NetworkPolicy` resource. Only the following fields can be + updated: `internet_access`, `external_ip`, `edge_services_cidr`. Only + fields specified in `updateMask` are applied. When updating a network + policy, the external IP network service can only be disabled if there + are no external IP addresses present in the scope of the policy. Also, a + `NetworkService` cannot be updated when `NetworkService.state` is set to + `RECONCILING`. During operation processing, the resource is temporarily + in the `ACTIVE` state before the operation fully completes. For that + period of time, you can't update the resource. Use the operation status + to determine when the processing fully completes. + operationId: vmwareengine.projects.locations.networkPolicies.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/AcceleratePrivateCloudDeletionRequest' + $ref: '#/components/schemas/NetworkPolicy' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -4975,24 +4806,22 @@ paths: schema: type: string - in: path - name: privateCloudsId + name: networkPoliciesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:undelete: - parameters: *ref_1 - post: - description: >- - Restores a private cloud that was previously scheduled for deletion by - `DeletePrivateCloud`. A `PrivateCloud` resource scheduled for deletion - has `PrivateCloud.state` set to `DELETED` and `PrivateCloud.expireTime` - set to the time when deletion can no longer be reversed. - operationId: vmwareengine.projects.locations.privateClouds.undelete - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UndeletePrivateCloudRequest' + - in: query + name: requestId + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Retrieves a `NetworkPolicy` resource by its resource name. + operationId: vmwareengine.projects.locations.networkPolicies.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5004,7 +4833,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/NetworkPolicy' parameters: - in: path name: projectsId @@ -5017,15 +4846,17 @@ paths: schema: type: string - in: path - name: privateCloudsId + name: networkPoliciesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:showNsxCredentials: + /v1/projects/{projectsId}/locations/{locationsId}/networkPolicies/{networkPoliciesId}:fetchExternalAddresses: parameters: *ref_1 get: - description: Gets details of credentials for NSX appliance. - operationId: vmwareengine.projects.locations.privateClouds.showNsxCredentials + description: >- + Lists external IP addresses assigned to VMware workload VMs within the + scope of the given network policy. + operationId: vmwareengine.projects.locations.networkPolicies.fetchExternalAddresses security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5037,7 +4868,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Credentials' + $ref: >- + #/components/schemas/FetchNetworkPolicyExternalAddressesResponse parameters: - in: path name: projectsId @@ -5050,15 +4882,24 @@ paths: schema: type: string - in: path - name: privateCloudsId + name: networkPoliciesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:showVcenterCredentials: + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/networkPolicies: parameters: *ref_1 get: - description: Gets details of credentials for Vcenter appliance. - operationId: vmwareengine.projects.locations.privateClouds.showVcenterCredentials + description: Lists `NetworkPolicy` resources in a specified project and location. + operationId: vmwareengine.projects.locations.networkPolicies.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5070,7 +4911,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Credentials' + $ref: '#/components/schemas/ListNetworkPoliciesResponse' parameters: - in: path name: projectsId @@ -5082,25 +4923,74 @@ paths: required: true schema: type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: + description: >- + Creates a new network policy in a given VMware Engine network of a + project and location (region). A new network policy cannot be created if + another network policy already exists in the same scope. + operationId: vmwareengine.projects.locations.networkPolicies.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NetworkPolicy' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: privateCloudsId + name: locationsId required: true schema: type: string - in: query - name: username + name: networkPolicyId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:resetNsxCredentials: + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 - post: - description: Resets credentials of the NSX appliance. - operationId: vmwareengine.projects.locations.privateClouds.resetNsxCredentials - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ResetNsxCredentialsRequest' + delete: + description: >- + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: vmwareengine.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5112,7 +5002,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -5125,20 +5015,16 @@ paths: schema: type: string - in: path - name: privateCloudsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:resetVcenterCredentials: - parameters: *ref_1 - post: - description: Resets credentials of the Vcenter appliance. - operationId: vmwareengine.projects.locations.privateClouds.resetVcenterCredentials - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ResetVcenterCredentialsRequest' + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: vmwareengine.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5163,15 +5049,17 @@ paths: schema: type: string - in: path - name: privateCloudsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/dnsForwarding: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 get: - description: Gets details of the `DnsForwarding` config. - operationId: vmwareengine.projects.locations.privateClouds.getDnsForwarding + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: vmwareengine.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5183,7 +5071,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DnsForwarding' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -5195,21 +5083,28 @@ paths: required: true schema: type: string - - in: path - name: privateCloudsId - required: true + - in: query + name: filter schema: type: string - patch: - description: >- - Updates the parameters of the `DnsForwarding` config, like associated - domains. Only fields specified in `update_mask` are applied. - operationId: vmwareengine.projects.locations.privateClouds.updateDnsForwarding - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DnsForwarding' + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/privateConnections/{privateConnectionsId}/peeringRoutes: + parameters: *ref_1 + get: + description: Lists the private connection routes exchanged over a peering connection. + operationId: vmwareengine.projects.locations.privateConnections.peeringRoutes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5221,7 +5116,8 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: >- + #/components/schemas/ListPrivateConnectionPeeringRoutesResponse parameters: - in: path name: projectsId @@ -5234,32 +5130,27 @@ paths: schema: type: string - in: path - name: privateCloudsId + name: privateConnectionsId required: true schema: type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - in: query - name: requestId + name: pageSize schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:setIamPolicy: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/privateConnections/{privateConnectionsId}: parameters: *ref_1 - post: + get: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: vmwareengine.projects.locations.privateClouds.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + Retrieves a `PrivateConnection` resource by its resource name. The + resource contains details of the private connection, such as connected + network, routing mode and state. + operationId: vmwareengine.projects.locations.privateConnections.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5271,7 +5162,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/PrivateConnection' parameters: - in: path name: projectsId @@ -5284,17 +5175,16 @@ paths: schema: type: string - in: path - name: privateCloudsId + name: privateConnectionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:getIamPolicy: - parameters: *ref_1 - get: + delete: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: vmwareengine.projects.locations.privateClouds.getIamPolicy + Deletes a `PrivateConnection` resource. When a private connection is + deleted for a VMware Engine network, the connected network becomes + inaccessible to that VMware Engine network. + operationId: vmwareengine.projects.locations.privateConnections.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5306,7 +5196,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5319,30 +5209,25 @@ paths: schema: type: string - in: path - name: privateCloudsId + name: privateConnectionsId required: true schema: type: string - in: query - name: options.requestedPolicyVersion + name: requestId schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:testIamPermissions: - parameters: *ref_1 - post: + type: string + patch: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: vmwareengine.projects.locations.privateClouds.testIamPermissions + Modifies a `PrivateConnection` resource. Only `description` and + `routing_mode` fields can be updated. Only fields specified in + `updateMask` are applied. + operationId: vmwareengine.projects.locations.privateConnections.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/PrivateConnection' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5354,7 +5239,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5367,15 +5252,24 @@ paths: schema: type: string - in: path - name: privateCloudsId + name: privateConnectionsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/clusters: + - in: query + name: requestId + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/privateConnections: parameters: *ref_1 get: - description: Lists `Cluster` resources in a given private cloud. - operationId: vmwareengine.projects.locations.privateClouds.clusters.list + description: Lists `PrivateConnection` resources in a given project and location. + operationId: vmwareengine.projects.locations.privateConnections.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5387,7 +5281,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListClustersResponse' + $ref: '#/components/schemas/ListPrivateConnectionsResponse' parameters: - in: path name: projectsId @@ -5399,18 +5293,8 @@ paths: required: true schema: type: string - - in: path - name: privateCloudsId - required: true - schema: - type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: orderBy schema: type: string - in: query @@ -5418,21 +5302,24 @@ paths: schema: type: string - in: query - name: orderBy + name: pageToken schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 post: description: >- - Creates a new cluster in a given private cloud. Creating a new cluster - provides additional nodes for use in the parent private cloud and - requires sufficient [node - quota](https://cloud.google.com/vmware-engine/quotas). - operationId: vmwareengine.projects.locations.privateClouds.clusters.create + Creates a new private connection that can be used for accessing private + Clouds. + operationId: vmwareengine.projects.locations.privateConnections.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/Cluster' + $ref: '#/components/schemas/PrivateConnection' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5456,28 +5343,27 @@ paths: required: true schema: type: string - - in: path - name: privateCloudsId - required: true - schema: - type: string - - in: query - name: clusterId - schema: - type: string - in: query name: requestId schema: type: string - in: query - name: validateOnly + name: privateConnectionId schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/clusters/{clustersId}: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/networkPeerings/{networkPeeringsId}: parameters: *ref_1 - get: - description: Retrieves a `Cluster` resource by its resource name. - operationId: vmwareengine.projects.locations.privateClouds.clusters.get + patch: + description: >- + Modifies a `NetworkPeering` resource. Only the `description` field can + be updated. Only fields specified in `updateMask` are applied. + NetworkPeering is a global resource and location can only be global. + operationId: vmwareengine.projects.locations.networkPeerings.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NetworkPeering' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5489,7 +5375,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Cluster' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5502,28 +5388,26 @@ paths: schema: type: string - in: path - name: privateCloudsId + name: networkPeeringsId required: true schema: type: string - - in: path - name: clustersId - required: true + - in: query + name: updateMask schema: type: string - patch: - description: >- - Modifies a `Cluster` resource. Only fields specified in `updateMask` are - applied. During operation processing, the resource is temporarily in the - `ACTIVE` state before the operation fully completes. For that period of - time, you can't update the resource. Use the operation status to - determine when the processing fully completes. - operationId: vmwareengine.projects.locations.privateClouds.clusters.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Cluster' + format: google-fieldmask + - in: query + name: requestId + schema: + type: string + delete: + description: >- + Deletes a `NetworkPeering` resource. When a network peering is deleted + for a VMware Engine network, the peer network becomes inaccessible to + that VMware Engine network. NetworkPeering is a global resource and + location can only be global. + operationId: vmwareengine.projects.locations.networkPeerings.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5548,35 +5432,21 @@ paths: schema: type: string - in: path - name: privateCloudsId - required: true - schema: - type: string - - in: path - name: clustersId + name: networkPeeringsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - in: query name: requestId schema: type: string - - in: query - name: validateOnly - schema: - type: boolean - delete: + get: description: >- - Deletes a `Cluster` resource. To avoid unintended data loss, migrate or - gracefully shut down any workloads running on the cluster before - deletion. You cannot delete the management cluster of a private cloud - using this method. - operationId: vmwareengine.projects.locations.privateClouds.clusters.delete + Retrieves a `NetworkPeering` resource by its resource name. The resource + contains details of the network peering, such as peered networks, import + and export custom route configurations, and peering state. + NetworkPeering is a global resource and location can only be global. + operationId: vmwareengine.projects.locations.networkPeerings.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5588,7 +5458,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/NetworkPeering' parameters: - in: path name: projectsId @@ -5601,32 +5471,23 @@ paths: schema: type: string - in: path - name: privateCloudsId - required: true - schema: - type: string - - in: path - name: clustersId + name: networkPeeringsId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/clusters/{clustersId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/networkPeerings: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: vmwareengine.projects.locations.privateClouds.clusters.setIamPolicy + Creates a new network peering between the peer network and VMware Engine + network provided in a `NetworkPeering` resource. NetworkPeering is a + global resource and location can only be global. + operationId: vmwareengine.projects.locations.networkPeerings.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/NetworkPeering' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5638,7 +5499,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5650,23 +5511,19 @@ paths: required: true schema: type: string - - in: path - name: privateCloudsId - required: true + - in: query + name: requestId schema: type: string - - in: path - name: clustersId - required: true + - in: query + name: networkPeeringId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/clusters/{clustersId}:getIamPolicy: - parameters: *ref_1 get: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: vmwareengine.projects.locations.privateClouds.clusters.getIamPolicy + Lists `NetworkPeering` resources in a given project. NetworkPeering is a + global resource and location can only be global. + operationId: vmwareengine.projects.locations.networkPeerings.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5678,7 +5535,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListNetworkPeeringsResponse' parameters: - in: path name: projectsId @@ -5690,37 +5547,30 @@ paths: required: true schema: type: string - - in: path - name: privateCloudsId - required: true - schema: - type: string - - in: path - name: clustersId - required: true + - in: query + name: orderBy schema: type: string - in: query - name: options.requestedPolicyVersion + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/clusters/{clustersId}:testIamPermissions: + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/networkPeerings/{networkPeeringsId}/peeringRoutes: parameters: *ref_1 - post: + get: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: >- - vmwareengine.projects.locations.privateClouds.clusters.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + Lists the network peering routes exchanged over a peering connection. + NetworkPeering is a global resource and location can only be global. + operationId: vmwareengine.projects.locations.networkPeerings.peeringRoutes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5732,7 +5582,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ListPeeringRoutesResponse' parameters: - in: path name: projectsId @@ -5745,20 +5595,28 @@ paths: schema: type: string - in: path - name: privateCloudsId + name: networkPeeringsId required: true schema: type: string - - in: path - name: clustersId - required: true + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/clusters/{clustersId}/nodes: + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/subnets: parameters: *ref_1 get: - description: Lists nodes in a given cluster. - operationId: vmwareengine.projects.locations.privateClouds.clusters.nodes.list + description: Lists subnets in a given private cloud. + operationId: vmwareengine.projects.locations.privateClouds.subnets.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5770,7 +5628,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListNodesResponse' + $ref: '#/components/schemas/ListSubnetsResponse' parameters: - in: path name: projectsId @@ -5787,11 +5645,6 @@ paths: required: true schema: type: string - - in: path - name: clustersId - required: true - schema: - type: string - in: query name: pageSize schema: @@ -5801,11 +5654,11 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/clusters/{clustersId}/nodes/{nodesId}: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/subnets/{subnetsId}: parameters: *ref_1 get: - description: Gets details of a single node. - operationId: vmwareengine.projects.locations.privateClouds.clusters.nodes.get + description: Gets details of a single subnet. + operationId: vmwareengine.projects.locations.privateClouds.subnets.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5817,7 +5670,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Node' + $ref: '#/components/schemas/Subnet' parameters: - in: path name: projectsId @@ -5835,22 +5688,75 @@ paths: schema: type: string - in: path - name: clustersId + name: subnetsId required: true schema: type: string + patch: + description: >- + Updates the parameters of a single subnet. Only fields specified in + `update_mask` are applied. *Note*: This API is synchronous and always + returns a successful `google.longrunning.Operation` (LRO). The returned + LRO will only have `done` and `response` fields. + operationId: vmwareengine.projects.locations.privateClouds.subnets.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Subnet' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: - in: path - name: nodesId + name: projectsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/externalAddresses: + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: privateCloudsId + required: true + schema: + type: string + - in: path + name: subnetsId + required: true + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/clusters/{clustersId}: parameters: *ref_1 - get: + patch: description: >- - Lists external IP addresses assigned to VMware workload VMs in a given - private cloud. - operationId: vmwareengine.projects.locations.privateClouds.externalAddresses.list + Modifies a `Cluster` resource. Only fields specified in `updateMask` are + applied. During operation processing, the resource is temporarily in the + `ACTIVE` state before the operation fully completes. For that period of + time, you can't update the resource. Use the operation status to + determine when the processing fully completes. + operationId: vmwareengine.projects.locations.privateClouds.clusters.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Cluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5862,7 +5768,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListExternalAddressesResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5879,35 +5785,27 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: clustersId + required: true schema: type: string - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: validateOnly schema: - type: string - post: - description: >- - Creates a new `ExternalAddress` resource in a given private cloud. The - network policy that corresponds to the private cloud must have the - external IP address network service enabled - (`NetworkPolicy.external_ip`). - operationId: vmwareengine.projects.locations.privateClouds.externalAddresses.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ExternalAddress' + type: boolean + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + get: + description: Retrieves a `Cluster` resource by its resource name. + operationId: vmwareengine.projects.locations.privateClouds.clusters.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5919,7 +5817,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Cluster' parameters: - in: path name: projectsId @@ -5936,19 +5834,18 @@ paths: required: true schema: type: string - - in: query - name: externalAddressId - schema: - type: string - - in: query - name: requestId + - in: path + name: clustersId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/externalAddresses/{externalAddressesId}: - parameters: *ref_1 - get: - description: Gets details of a single external IP address. - operationId: vmwareengine.projects.locations.privateClouds.externalAddresses.get + delete: + description: >- + Deletes a `Cluster` resource. To avoid unintended data loss, migrate or + gracefully shut down any workloads running on the cluster before + deletion. You cannot delete the management cluster of a private cloud + using this method. + operationId: vmwareengine.projects.locations.privateClouds.clusters.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -5960,7 +5857,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ExternalAddress' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -5978,23 +5875,19 @@ paths: schema: type: string - in: path - name: externalAddressesId + name: clustersId required: true schema: type: string - patch: - description: >- - Updates the parameters of a single external IP address. Only fields - specified in `update_mask` are applied. During operation processing, the - resource is temporarily in the `ACTIVE` state before the operation fully - completes. For that period of time, you can't update the resource. Use - the operation status to determine when the processing fully completes. - operationId: vmwareengine.projects.locations.privateClouds.externalAddresses.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ExternalAddress' + - in: query + name: requestId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/clusters: + parameters: *ref_1 + get: + description: Lists `Cluster` resources in a given private cloud. + operationId: vmwareengine.projects.locations.privateClouds.clusters.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6006,7 +5899,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListClustersResponse' parameters: - in: path name: projectsId @@ -6023,26 +5916,35 @@ paths: required: true schema: type: string - - in: path - name: externalAddressesId - required: true + - in: query + name: orderBy schema: type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - in: query - name: requestId + name: filter schema: type: string - delete: + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: description: >- - Deletes a single external IP address. When you delete an external IP - address, connectivity between the external IP address and the - corresponding internal IP address is lost. - operationId: vmwareengine.projects.locations.privateClouds.externalAddresses.delete + Creates a new cluster in a given private cloud. Creating a new cluster + provides additional nodes for use in the parent private cloud and + requires sufficient [node + quota](https://cloud.google.com/vmware-engine/quotas). + operationId: vmwareengine.projects.locations.privateClouds.clusters.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Cluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6071,20 +5973,25 @@ paths: required: true schema: type: string - - in: path - name: externalAddressesId - required: true + - in: query + name: clusterId schema: type: string + - in: query + name: validateOnly + schema: + type: boolean - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/subnets: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/clusters/{clustersId}:getIamPolicy: parameters: *ref_1 get: - description: Lists subnets in a given private cloud. - operationId: vmwareengine.projects.locations.privateClouds.subnets.list + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: vmwareengine.projects.locations.privateClouds.clusters.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6096,7 +6003,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListSubnetsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6113,20 +6020,29 @@ paths: required: true schema: type: string + - in: path + name: clustersId + required: true + schema: + type: string - in: query - name: pageSize + name: options.requestedPolicyVersion schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/subnets/{subnetsId}: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/clusters/{clustersId}:setIamPolicy: parameters: *ref_1 - get: - description: Gets details of a single subnet. - operationId: vmwareengine.projects.locations.privateClouds.subnets.get + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: vmwareengine.projects.locations.privateClouds.clusters.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6138,7 +6054,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Subnet' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6156,22 +6072,26 @@ paths: schema: type: string - in: path - name: subnetsId + name: clustersId required: true schema: type: string - patch: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/clusters/{clustersId}:testIamPermissions: + parameters: *ref_1 + post: description: >- - Updates the parameters of a single subnet. Only fields specified in - `update_mask` are applied. *Note*: This API is synchronous and always - returns a successful `google.longrunning.Operation` (LRO). The returned - LRO will only have `done` and `response` fields. - operationId: vmwareengine.projects.locations.privateClouds.subnets.patch + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: >- + vmwareengine.projects.locations.privateClouds.clusters.testIamPermissions requestBody: content: application/json: schema: - $ref: '#/components/schemas/Subnet' + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6183,7 +6103,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -6201,20 +6121,15 @@ paths: schema: type: string - in: path - name: subnetsId + name: clustersId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/loggingServers: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/clusters/{clustersId}/nodes: parameters: *ref_1 get: - description: Lists logging servers configured for a given private cloud. - operationId: vmwareengine.projects.locations.privateClouds.loggingServers.list + description: Lists nodes in a given cluster. + operationId: vmwareengine.projects.locations.privateClouds.clusters.nodes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6226,7 +6141,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLoggingServersResponse' + $ref: '#/components/schemas/ListNodesResponse' parameters: - in: path name: projectsId @@ -6243,31 +6158,25 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: clustersId + required: true schema: type: string - in: query - name: filter + name: pageToken schema: type: string - in: query - name: orderBy + name: pageSize schema: - type: string - post: - description: Create a new logging server for a given private cloud. - operationId: vmwareengine.projects.locations.privateClouds.loggingServers.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LoggingServer' + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/clusters/{clustersId}/nodes/{nodesId}: + parameters: *ref_1 + get: + description: Gets details of a single node. + operationId: vmwareengine.projects.locations.privateClouds.clusters.nodes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6279,7 +6188,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Node' parameters: - in: path name: projectsId @@ -6296,19 +6205,34 @@ paths: required: true schema: type: string - - in: query - name: loggingServerId + - in: path + name: clustersId + required: true schema: type: string - - in: query - name: requestId + - in: path + name: nodesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/loggingServers/{loggingServersId}: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/managementDnsZoneBindings: parameters: *ref_1 - get: - description: Gets details of a logging server. - operationId: vmwareengine.projects.locations.privateClouds.loggingServers.get + post: + description: >- + Creates a new `ManagementDnsZoneBinding` resource in a private cloud. + This RPC creates the DNS binding and the resource that represents the + DNS binding of the consumer VPC network to the management DNS zone. A + management DNS zone is the Cloud DNS cross-project binding zone that + VMware Engine creates for each private cloud. It contains FQDNs and + corresponding IP addresses for the private cloud's ESXi hosts and + management VM appliances like vCenter and NSX Manager. + operationId: >- + vmwareengine.projects.locations.privateClouds.managementDnsZoneBindings.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ManagementDnsZoneBinding' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6320,7 +6244,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/LoggingServer' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6337,21 +6261,20 @@ paths: required: true schema: type: string - - in: path - name: loggingServersId - required: true + - in: query + name: managementDnsZoneBindingId schema: type: string - patch: - description: >- - Updates the parameters of a single logging server. Only fields specified - in `update_mask` are applied. - operationId: vmwareengine.projects.locations.privateClouds.loggingServers.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LoggingServer' + - in: query + name: requestId + schema: + type: string + get: + description: >- + Lists Consumer VPCs bound to Management DNS Zone of a given private + cloud. + operationId: >- + vmwareengine.projects.locations.privateClouds.managementDnsZoneBindings.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6363,7 +6286,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListManagementDnsZoneBindingsResponse' parameters: - in: path name: projectsId @@ -6380,23 +6303,36 @@ paths: required: true schema: type: string - - in: path - name: loggingServersId - required: true + - in: query + name: pageToken schema: type: string - in: query - name: updateMask + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter schema: type: string - format: google-fieldmask - in: query - name: requestId + name: orderBy schema: type: string - delete: - description: Deletes a single logging server. - operationId: vmwareengine.projects.locations.privateClouds.loggingServers.delete + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/managementDnsZoneBindings/{managementDnsZoneBindingsId}: + parameters: *ref_1 + patch: + description: >- + Updates a `ManagementDnsZoneBinding` resource. Only fields specified in + `update_mask` are applied. + operationId: >- + vmwareengine.projects.locations.privateClouds.managementDnsZoneBindings.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ManagementDnsZoneBinding' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6426,7 +6362,7 @@ paths: schema: type: string - in: path - name: loggingServersId + name: managementDnsZoneBindingsId required: true schema: type: string @@ -6434,16 +6370,18 @@ paths: name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/hcxActivationKeys: - parameters: *ref_1 - post: - description: Creates a new HCX activation key in a given private cloud. - operationId: vmwareengine.projects.locations.privateClouds.hcxActivationKeys.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/HcxActivationKey' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + delete: + description: >- + Deletes a `ManagementDnsZoneBinding` resource. When a management DNS + zone binding is deleted, the corresponding consumer VPC network is no + longer bound to the management DNS zone. + operationId: >- + vmwareengine.projects.locations.privateClouds.managementDnsZoneBindings.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6472,8 +6410,9 @@ paths: required: true schema: type: string - - in: query - name: hcxActivationKeyId + - in: path + name: managementDnsZoneBindingsId + required: true schema: type: string - in: query @@ -6481,8 +6420,9 @@ paths: schema: type: string get: - description: Lists `HcxActivationKey` resources in a given private cloud. - operationId: vmwareengine.projects.locations.privateClouds.hcxActivationKeys.list + description: Retrieves a 'ManagementDnsZoneBinding' resource by its resource name. + operationId: >- + vmwareengine.projects.locations.privateClouds.managementDnsZoneBindings.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6494,7 +6434,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListHcxActivationKeysResponse' + $ref: '#/components/schemas/ManagementDnsZoneBinding' parameters: - in: path name: projectsId @@ -6511,20 +6451,24 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: managementDnsZoneBindingsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/hcxActivationKeys/{hcxActivationKeysId}: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/managementDnsZoneBindings/{managementDnsZoneBindingsId}:repair: parameters: *ref_1 - get: - description: Retrieves a `HcxActivationKey` resource by its resource name. - operationId: vmwareengine.projects.locations.privateClouds.hcxActivationKeys.get + post: + description: >- + Retries to create a `ManagementDnsZoneBinding` resource that is in + failed state. + operationId: >- + vmwareengine.projects.locations.privateClouds.managementDnsZoneBindings.repair + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RepairManagementDnsZoneBindingRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6536,7 +6480,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/HcxActivationKey' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6554,24 +6498,18 @@ paths: schema: type: string - in: path - name: hcxActivationKeysId + name: managementDnsZoneBindingsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/hcxActivationKeys/{hcxActivationKeysId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/externalAddresses/{externalAddressesId}: parameters: *ref_1 - post: + delete: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: >- - vmwareengine.projects.locations.privateClouds.hcxActivationKeys.setIamPolicy - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + Deletes a single external IP address. When you delete an external IP + address, connectivity between the external IP address and the + corresponding internal IP address is lost. + operationId: vmwareengine.projects.locations.privateClouds.externalAddresses.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6583,7 +6521,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6601,18 +6539,17 @@ paths: schema: type: string - in: path - name: hcxActivationKeysId + name: externalAddressesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/hcxActivationKeys/{hcxActivationKeysId}:getIamPolicy: - parameters: *ref_1 + - in: query + name: requestId + schema: + type: string get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: >- - vmwareengine.projects.locations.privateClouds.hcxActivationKeys.getIamPolicy + description: Gets details of a single external IP address. + operationId: vmwareengine.projects.locations.privateClouds.externalAddresses.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6624,7 +6561,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ExternalAddress' parameters: - in: path name: projectsId @@ -6642,31 +6579,23 @@ paths: schema: type: string - in: path - name: hcxActivationKeysId + name: externalAddressesId required: true schema: type: string - - in: query - name: options.requestedPolicyVersion - schema: - type: integer - format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/hcxActivationKeys/{hcxActivationKeysId}:testIamPermissions: - parameters: *ref_1 - post: + patch: description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: >- - vmwareengine.projects.locations.privateClouds.hcxActivationKeys.testIamPermissions + Updates the parameters of a single external IP address. Only fields + specified in `update_mask` are applied. During operation processing, the + resource is temporarily in the `ACTIVE` state before the operation fully + completes. For that period of time, you can't update the resource. Use + the operation status to determine when the processing fully completes. + operationId: vmwareengine.projects.locations.privateClouds.externalAddresses.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/ExternalAddress' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6678,7 +6607,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -6696,18 +6625,26 @@ paths: schema: type: string - in: path - name: hcxActivationKeysId + name: externalAddressesId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/managementDnsZoneBindings: + - in: query + name: requestId + schema: + type: string + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/externalAddresses: parameters: *ref_1 get: description: >- - Lists Consumer VPCs bound to Management DNS Zone of a given private - cloud. - operationId: >- - vmwareengine.projects.locations.privateClouds.managementDnsZoneBindings.list + Lists external IP addresses assigned to VMware workload VMs in a given + private cloud. + operationId: vmwareengine.projects.locations.privateClouds.externalAddresses.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6719,7 +6656,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListManagementDnsZoneBindingsResponse' + $ref: '#/components/schemas/ListExternalAddressesResponse' parameters: - in: path name: projectsId @@ -6737,38 +6674,34 @@ paths: schema: type: string - in: query - name: pageSize + name: orderBy schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - in: query - name: filter + name: pageSize schema: - type: string + type: integer + format: int32 - in: query - name: orderBy + name: filter schema: type: string post: description: >- - Creates a new `ManagementDnsZoneBinding` resource in a private cloud. - This RPC creates the DNS binding and the resource that represents the - DNS binding of the consumer VPC network to the management DNS zone. A - management DNS zone is the Cloud DNS cross-project binding zone that - VMware Engine creates for each private cloud. It contains FQDNs and - corresponding IP addresses for the private cloud's ESXi hosts and - management VM appliances like vCenter and NSX Manager. - operationId: >- - vmwareengine.projects.locations.privateClouds.managementDnsZoneBindings.create + Creates a new `ExternalAddress` resource in a given private cloud. The + network policy that corresponds to the private cloud must have the + external IP address network service enabled + (`NetworkPolicy.external_ip`). + operationId: vmwareengine.projects.locations.privateClouds.externalAddresses.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/ManagementDnsZoneBinding' + $ref: '#/components/schemas/ExternalAddress' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6798,19 +6731,18 @@ paths: schema: type: string - in: query - name: managementDnsZoneBindingId + name: requestId schema: type: string - in: query - name: requestId + name: externalAddressId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/managementDnsZoneBindings/{managementDnsZoneBindingsId}: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/hcxActivationKeys: parameters: *ref_1 get: - description: Retrieves a 'ManagementDnsZoneBinding' resource by its resource name. - operationId: >- - vmwareengine.projects.locations.privateClouds.managementDnsZoneBindings.get + description: Lists `HcxActivationKey` resources in a given private cloud. + operationId: vmwareengine.projects.locations.privateClouds.hcxActivationKeys.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6822,7 +6754,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ManagementDnsZoneBinding' + $ref: '#/components/schemas/ListHcxActivationKeysResponse' parameters: - in: path name: projectsId @@ -6839,22 +6771,23 @@ paths: required: true schema: type: string - - in: path - name: managementDnsZoneBindingsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - patch: - description: >- - Updates a `ManagementDnsZoneBinding` resource. Only fields specified in - `update_mask` are applied. - operationId: >- - vmwareengine.projects.locations.privateClouds.managementDnsZoneBindings.patch + post: + description: Creates a new HCX activation key in a given private cloud. + operationId: vmwareengine.projects.locations.privateClouds.hcxActivationKeys.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/ManagementDnsZoneBinding' + $ref: '#/components/schemas/HcxActivationKey' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6883,27 +6816,28 @@ paths: required: true schema: type: string - - in: path - name: managementDnsZoneBindingsId - required: true - schema: - type: string - in: query - name: updateMask + name: requestId schema: type: string - format: google-fieldmask - in: query - name: requestId + name: hcxActivationKeyId schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/hcxActivationKeys/{hcxActivationKeysId}:setIamPolicy: + parameters: *ref_1 + post: description: >- - Deletes a `ManagementDnsZoneBinding` resource. When a management DNS - zone binding is deleted, the corresponding consumer VPC network is no - longer bound to the management DNS zone. + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. operationId: >- - vmwareengine.projects.locations.privateClouds.managementDnsZoneBindings.delete + vmwareengine.projects.locations.privateClouds.hcxActivationKeys.setIamPolicy + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6915,7 +6849,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6933,27 +6867,18 @@ paths: schema: type: string - in: path - name: managementDnsZoneBindingsId + name: hcxActivationKeysId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/managementDnsZoneBindings/{managementDnsZoneBindingsId}:repair: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/hcxActivationKeys/{hcxActivationKeysId}:getIamPolicy: parameters: *ref_1 - post: + get: description: >- - Retries to create a `ManagementDnsZoneBinding` resource that is in - failed state. + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. operationId: >- - vmwareengine.projects.locations.privateClouds.managementDnsZoneBindings.repair - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RepairManagementDnsZoneBindingRequest' + vmwareengine.projects.locations.privateClouds.hcxActivationKeys.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -6965,7 +6890,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -6983,15 +6908,20 @@ paths: schema: type: string - in: path - name: managementDnsZoneBindingsId + name: hcxActivationKeysId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/upgrades: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/hcxActivationKeys/{hcxActivationKeysId}: parameters: *ref_1 get: - description: Lists past, ongoing and upcoming `Upgrades` for the given private cloud. - operationId: vmwareengine.projects.locations.privateClouds.upgrades.list + description: Retrieves a `HcxActivationKey` resource by its resource name. + operationId: vmwareengine.projects.locations.privateClouds.hcxActivationKeys.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7003,7 +6933,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListUpgradesResponse' + $ref: '#/components/schemas/HcxActivationKey' parameters: - in: path name: projectsId @@ -7020,28 +6950,27 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: hcxActivationKeysId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/upgrades/{upgradesId}: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/hcxActivationKeys/{hcxActivationKeysId}:testIamPermissions: parameters: *ref_1 - get: - description: Retrieves a private cloud `Upgrade` resource by its resource name. - operationId: vmwareengine.projects.locations.privateClouds.upgrades.get + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: >- + vmwareengine.projects.locations.privateClouds.hcxActivationKeys.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7053,7 +6982,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Upgrade' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -7071,10 +7000,12 @@ paths: schema: type: string - in: path - name: upgradesId + name: hcxActivationKeysId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/upgrades/{upgradesId}: + parameters: *ref_1 patch: description: >- Update the private cloud `Upgrade` resource. Only `schedule` field can @@ -7121,21 +7052,17 @@ paths: schema: type: string - in: query - name: updateMask + name: requestId schema: type: string - format: google-fieldmask - in: query - name: requestId + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/networkPolicies/{networkPoliciesId}:fetchExternalAddresses: - parameters: *ref_1 + format: google-fieldmask get: - description: >- - Lists external IP addresses assigned to VMware workload VMs within the - scope of the given network policy. - operationId: vmwareengine.projects.locations.networkPolicies.fetchExternalAddresses + description: Retrieves a private cloud `Upgrade` resource by its resource name. + operationId: vmwareengine.projects.locations.privateClouds.upgrades.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7147,8 +7074,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/FetchNetworkPolicyExternalAddressesResponse + $ref: '#/components/schemas/Upgrade' parameters: - in: path name: projectsId @@ -7161,24 +7087,20 @@ paths: schema: type: string - in: path - name: networkPoliciesId + name: privateCloudsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: upgradesId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/networkPolicies/{networkPoliciesId}: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/upgrades: parameters: *ref_1 get: - description: Retrieves a `NetworkPolicy` resource by its resource name. - operationId: vmwareengine.projects.locations.networkPolicies.get + description: Lists past, ongoing and upcoming `Upgrades` for the given private cloud. + operationId: vmwareengine.projects.locations.privateClouds.upgrades.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7190,7 +7112,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NetworkPolicy' + $ref: '#/components/schemas/ListUpgradesResponse' parameters: - in: path name: projectsId @@ -7203,28 +7125,39 @@ paths: schema: type: string - in: path - name: networkPoliciesId + name: privateCloudsId required: true schema: type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/loggingServers/{loggingServersId}: + parameters: *ref_1 patch: description: >- - Modifies a `NetworkPolicy` resource. Only the following fields can be - updated: `internet_access`, `external_ip`, `edge_services_cidr`. Only - fields specified in `updateMask` are applied. When updating a network - policy, the external IP network service can only be disabled if there - are no external IP addresses present in the scope of the policy. Also, a - `NetworkService` cannot be updated when `NetworkService.state` is set to - `RECONCILING`. During operation processing, the resource is temporarily - in the `ACTIVE` state before the operation fully completes. For that - period of time, you can't update the resource. Use the operation status - to determine when the processing fully completes. - operationId: vmwareengine.projects.locations.networkPolicies.patch + Updates the parameters of a single logging server. Only fields specified + in `update_mask` are applied. + operationId: vmwareengine.projects.locations.privateClouds.loggingServers.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/NetworkPolicy' + $ref: '#/components/schemas/LoggingServer' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7249,7 +7182,12 @@ paths: schema: type: string - in: path - name: networkPoliciesId + name: privateCloudsId + required: true + schema: + type: string + - in: path + name: loggingServersId required: true schema: type: string @@ -7262,12 +7200,45 @@ paths: name: requestId schema: type: string + get: + description: Gets details of a logging server. + operationId: vmwareengine.projects.locations.privateClouds.loggingServers.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/LoggingServer' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: privateCloudsId + required: true + schema: + type: string + - in: path + name: loggingServersId + required: true + schema: + type: string delete: - description: >- - Deletes a `NetworkPolicy` resource. A network policy cannot be deleted - when `NetworkService.state` is set to `RECONCILING` for either its - external IP or internet access service. - operationId: vmwareengine.projects.locations.networkPolicies.delete + description: Deletes a single logging server. + operationId: vmwareengine.projects.locations.privateClouds.loggingServers.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7292,7 +7263,12 @@ paths: schema: type: string - in: path - name: networkPoliciesId + name: privateCloudsId + required: true + schema: + type: string + - in: path + name: loggingServersId required: true schema: type: string @@ -7300,11 +7276,11 @@ paths: name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/networkPolicies: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/loggingServers: parameters: *ref_1 get: - description: Lists `NetworkPolicy` resources in a specified project and location. - operationId: vmwareengine.projects.locations.networkPolicies.list + description: Lists logging servers configured for a given private cloud. + operationId: vmwareengine.projects.locations.privateClouds.loggingServers.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7316,7 +7292,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListNetworkPoliciesResponse' + $ref: '#/components/schemas/ListLoggingServersResponse' parameters: - in: path name: projectsId @@ -7328,11 +7304,15 @@ paths: required: true schema: type: string + - in: path + name: privateCloudsId + required: true + schema: + type: string - in: query - name: pageSize + name: orderBy schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: @@ -7342,20 +7322,18 @@ paths: schema: type: string - in: query - name: orderBy + name: pageSize schema: - type: string + type: integer + format: int32 post: - description: >- - Creates a new network policy in a given VMware Engine network of a - project and location (region). A new network policy cannot be created if - another network policy already exists in the same scope. - operationId: vmwareengine.projects.locations.networkPolicies.create + description: Create a new logging server for a given private cloud. + operationId: vmwareengine.projects.locations.privateClouds.loggingServers.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/NetworkPolicy' + $ref: '#/components/schemas/LoggingServer' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7379,19 +7357,34 @@ paths: required: true schema: type: string - - in: query - name: networkPolicyId + - in: path + name: privateCloudsId + required: true schema: type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/networkPolicies/{networkPoliciesId}/externalAccessRules: + - in: query + name: loggingServerId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:testIamPermissions: parameters: *ref_1 - get: - description: Lists `ExternalAccessRule` resources in the specified network policy. - operationId: vmwareengine.projects.locations.networkPolicies.externalAccessRules.list + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. + operationId: vmwareengine.projects.locations.privateClouds.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7403,7 +7396,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListExternalAccessRulesResponse' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -7416,36 +7409,20 @@ paths: schema: type: string - in: path - name: networkPoliciesId + name: privateCloudsId required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:resetNsxCredentials: + parameters: *ref_1 post: - description: Creates a new external access rule in a given network policy. - operationId: >- - vmwareengine.projects.locations.networkPolicies.externalAccessRules.create + description: Resets credentials of the NSX appliance. + operationId: vmwareengine.projects.locations.privateClouds.resetNsxCredentials requestBody: content: application/json: schema: - $ref: '#/components/schemas/ExternalAccessRule' + $ref: '#/components/schemas/ResetNsxCredentialsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7470,23 +7447,20 @@ paths: schema: type: string - in: path - name: networkPoliciesId + name: privateCloudsId required: true schema: type: string - - in: query - name: externalAccessRuleId - schema: - type: string - - in: query - name: requestId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/networkPolicies/{networkPoliciesId}/externalAccessRules/{externalAccessRulesId}: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:resetVcenterCredentials: parameters: *ref_1 - get: - description: Gets details of a single external access rule. - operationId: vmwareengine.projects.locations.networkPolicies.externalAccessRules.get + post: + description: Resets credentials of the Vcenter appliance. + operationId: vmwareengine.projects.locations.privateClouds.resetVcenterCredentials + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ResetVcenterCredentialsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7498,7 +7472,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ExternalAccessRule' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7511,26 +7485,24 @@ paths: schema: type: string - in: path - name: networkPoliciesId - required: true - schema: - type: string - - in: path - name: externalAccessRulesId + name: privateCloudsId required: true schema: type: string - patch: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:privateCloudDeletionNow: + parameters: *ref_1 + post: description: >- - Updates the parameters of a single external access rule. Only fields - specified in `update_mask` are applied. - operationId: >- - vmwareengine.projects.locations.networkPolicies.externalAccessRules.patch + Accelerates the deletion of a private cloud that is currently in soft + deletion A `PrivateCloud` resource in soft deletion has + `PrivateCloud.state` set to `SOFT_DELETED` and `PrivateCloud.expireTime` + set to the time when deletion can no longer be reversed. + operationId: vmwareengine.projects.locations.privateClouds.privateCloudDeletionNow requestBody: content: application/json: schema: - $ref: '#/components/schemas/ExternalAccessRule' + $ref: '#/components/schemas/AcceleratePrivateCloudDeletionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7555,28 +7527,22 @@ paths: schema: type: string - in: path - name: networkPoliciesId - required: true - schema: - type: string - - in: path - name: externalAccessRulesId + name: privateCloudsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId - schema: - type: string - delete: - description: Deletes a single external access rule. - operationId: >- - vmwareengine.projects.locations.networkPolicies.externalAccessRules.delete + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}/dnsForwarding: + parameters: *ref_1 + patch: + description: >- + Updates the parameters of the `DnsForwarding` config, like associated + domains. Only fields specified in `update_mask` are applied. + operationId: vmwareengine.projects.locations.privateClouds.updateDnsForwarding + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DnsForwarding' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7601,24 +7567,22 @@ paths: schema: type: string - in: path - name: networkPoliciesId + name: privateCloudsId required: true schema: type: string - - in: path - name: externalAccessRulesId - required: true + - in: query + name: requestId schema: type: string - in: query - name: requestId + name: updateMask schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/nodeTypes: - parameters: *ref_1 + format: google-fieldmask get: - description: Lists node types - operationId: vmwareengine.projects.locations.nodeTypes.list + description: Gets details of the `DnsForwarding` config. + operationId: vmwareengine.projects.locations.privateClouds.getDnsForwarding security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7630,7 +7594,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListNodeTypesResponse' + $ref: '#/components/schemas/DnsForwarding' parameters: - in: path name: projectsId @@ -7642,24 +7606,16 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: privateCloudsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/nodeTypes/{nodeTypesId}: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}: parameters: *ref_1 get: - description: Gets details of a single `NodeType`. - operationId: vmwareengine.projects.locations.nodeTypes.get + description: Retrieves a `PrivateCloud` resource by its resource name. + operationId: vmwareengine.projects.locations.privateClouds.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7671,7 +7627,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NodeType' + $ref: '#/components/schemas/PrivateCloud' parameters: - in: path name: projectsId @@ -7684,19 +7640,27 @@ paths: schema: type: string - in: path - name: nodeTypesId + name: privateCloudsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/networkPeerings/{networkPeeringsId}: - parameters: *ref_1 - get: + delete: description: >- - Retrieves a `NetworkPeering` resource by its resource name. The resource - contains details of the network peering, such as peered networks, import - and export custom route configurations, and peering state. - NetworkPeering is a global resource and location can only be global. - operationId: vmwareengine.projects.locations.networkPeerings.get + Schedules a `PrivateCloud` resource for deletion. A `PrivateCloud` + resource scheduled for deletion has `PrivateCloud.state` set to + `DELETED` and `expireTime` set to the time when deletion is final and + can no longer be reversed. The delete operation is marked as done as + soon as the `PrivateCloud` is successfully scheduled for deletion (this + also applies when `delayHours` is set to zero), and the operation is not + kept in pending state until `PrivateCloud` is purged. `PrivateCloud` can + be restored using `UndeletePrivateCloud` method before the `expireTime` + elapses. When `expireTime` is reached, deletion is final and all private + cloud resources are irreversibly removed and billing stops. During the + final removal process, `PrivateCloud.state` is set to `PURGING`. + `PrivateCloud` can be polled using standard `GET` method for the whole + period of deletion and purging. It will not be returned only when it is + completely purged. + operationId: vmwareengine.projects.locations.privateClouds.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7708,7 +7672,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NetworkPeering' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7721,17 +7685,37 @@ paths: schema: type: string - in: path - name: networkPeeringsId + name: privateCloudsId required: true schema: type: string - delete: + - in: query + name: force + schema: + type: boolean + - in: query + name: delayHours + schema: + type: integer + format: int32 + - in: query + name: requestId + schema: + type: string + patch: description: >- - Deletes a `NetworkPeering` resource. When a network peering is deleted - for a VMware Engine network, the peer network becomes inaccessible to - that VMware Engine network. NetworkPeering is a global resource and - location can only be global. - operationId: vmwareengine.projects.locations.networkPeerings.delete + Modifies a `PrivateCloud` resource. Only the following fields can be + updated: `description`. Only fields specified in `updateMask` are + applied. During operation processing, the resource is temporarily in the + `ACTIVE` state before the operation fully completes. For that period of + time, you can't update the resource. Use the operation status to + determine when the processing fully completes. + operationId: vmwareengine.projects.locations.privateClouds.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PrivateCloud' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7756,7 +7740,7 @@ paths: schema: type: string - in: path - name: networkPeeringsId + name: privateCloudsId required: true schema: type: string @@ -7764,17 +7748,16 @@ paths: name: requestId schema: type: string - patch: - description: >- - Modifies a `NetworkPeering` resource. Only the `description` field can - be updated. Only fields specified in `updateMask` are applied. - NetworkPeering is a global resource and location can only be global. - operationId: vmwareengine.projects.locations.networkPeerings.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/NetworkPeering' + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds: + parameters: *ref_1 + get: + description: Lists `PrivateCloud` resources in a given project and location. + operationId: vmwareengine.projects.locations.privateClouds.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7786,7 +7769,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListPrivateCloudsResponse' parameters: - in: path name: projectsId @@ -7798,27 +7781,37 @@ paths: required: true schema: type: string - - in: path - name: networkPeeringsId - required: true + - in: query + name: orderBy schema: type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - in: query - name: requestId + name: filter schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/networkPeerings: - parameters: *ref_1 - get: + - in: query + name: pageSize + schema: + type: integer + format: int32 + post: description: >- - Lists `NetworkPeering` resources in a given project. NetworkPeering is a - global resource and location can only be global. - operationId: vmwareengine.projects.locations.networkPeerings.list + Creates a new `PrivateCloud` resource in a given project and location. + Private clouds of type `STANDARD` and `TIME_LIMITED` are zonal + resources, `STRETCHED` private clouds are regional. Creating a private + cloud also creates a [management + cluster](https://cloud.google.com/vmware-engine/docs/concepts-vmware-components) + for that private cloud. + operationId: vmwareengine.projects.locations.privateClouds.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PrivateCloud' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7830,7 +7823,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListNetworkPeeringsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -7843,33 +7836,31 @@ paths: schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: validateOnly schema: - type: string + type: boolean - in: query - name: filter + name: privateCloudId schema: type: string - in: query - name: orderBy + name: requestId schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:undelete: + parameters: *ref_1 post: description: >- - Creates a new network peering between the peer network and VMware Engine - network provided in a `NetworkPeering` resource. NetworkPeering is a - global resource and location can only be global. - operationId: vmwareengine.projects.locations.networkPeerings.create + Restores a private cloud that was previously scheduled for deletion by + `DeletePrivateCloud`. A `PrivateCloud` resource scheduled for deletion + has `PrivateCloud.state` set to `DELETED` and `PrivateCloud.expireTime` + set to the time when deletion can no longer be reversed. + operationId: vmwareengine.projects.locations.privateClouds.undelete requestBody: content: application/json: schema: - $ref: '#/components/schemas/NetworkPeering' + $ref: '#/components/schemas/UndeletePrivateCloudRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7893,21 +7884,16 @@ paths: required: true schema: type: string - - in: query - name: networkPeeringId - schema: - type: string - - in: query - name: requestId + - in: path + name: privateCloudsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/networkPeerings/{networkPeeringsId}/peeringRoutes: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:showVcenterCredentials: parameters: *ref_1 get: - description: >- - Lists the network peering routes exchanged over a peering connection. - NetworkPeering is a global resource and location can only be global. - operationId: vmwareengine.projects.locations.networkPeerings.peeringRoutes.list + description: Gets details of credentials for Vcenter appliance. + operationId: vmwareengine.projects.locations.privateClouds.showVcenterCredentials security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7919,7 +7905,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListPeeringRoutesResponse' + $ref: '#/components/schemas/Credentials' parameters: - in: path name: projectsId @@ -7932,33 +7918,21 @@ paths: schema: type: string - in: path - name: networkPeeringsId + name: privateCloudsId required: true schema: type: string - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + name: username schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareEngineNetworks: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:getIamPolicy: parameters: *ref_1 - post: - description: Creates a new VMware Engine network that can be used by a private cloud. - operationId: vmwareengine.projects.locations.vmwareEngineNetworks.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/VmwareEngineNetwork' + get: + description: >- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + operationId: vmwareengine.projects.locations.privateClouds.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -7970,7 +7944,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -7982,17 +7956,21 @@ paths: required: true schema: type: string - - in: query - name: vmwareEngineNetworkId + - in: path + name: privateCloudsId + required: true schema: type: string - in: query - name: requestId + name: options.requestedPolicyVersion schema: - type: string + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:showNsxCredentials: + parameters: *ref_1 get: - description: Lists `VmwareEngineNetwork` resources in a given project and location. - operationId: vmwareengine.projects.locations.vmwareEngineNetworks.list + description: Gets details of credentials for NSX appliance. + operationId: vmwareengine.projects.locations.privateClouds.showNsxCredentials security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8004,7 +7982,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListVmwareEngineNetworksResponse' + $ref: '#/components/schemas/Credentials' parameters: - in: path name: projectsId @@ -8016,36 +7994,24 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy + - in: path + name: privateCloudsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/vmwareEngineNetworks/{vmwareEngineNetworksId}: + /v1/projects/{projectsId}/locations/{locationsId}/privateClouds/{privateCloudsId}:setIamPolicy: parameters: *ref_1 - patch: + post: description: >- - Modifies a VMware Engine network resource. Only the following fields can - be updated: `description`. Only fields specified in `updateMask` are - applied. - operationId: vmwareengine.projects.locations.vmwareEngineNetworks.patch + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. + operationId: vmwareengine.projects.locations.privateClouds.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/VmwareEngineNetwork' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8057,7 +8023,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -8070,26 +8036,24 @@ paths: schema: type: string - in: path - name: vmwareEngineNetworksId + name: privateCloudsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: requestId - schema: - type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/dnsBindPermission:grant: + parameters: *ref_1 + post: description: >- - Deletes a `VmwareEngineNetwork` resource. You can only delete a VMware - Engine network after all resources that refer to it are deleted. For - example, a private cloud, a network peering, and a network policy can - all refer to the same VMware Engine network. - operationId: vmwareengine.projects.locations.vmwareEngineNetworks.delete + Grants the bind permission to the customer provided principal(user / + service account) to bind their DNS zone with the intranet VPC associated + with the project. DnsBindPermission is a global resource and location + can only be global. + operationId: vmwareengine.projects.locations.dnsBindPermission.grant + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GrantDnsBindPermissionRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8113,19 +8077,45 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/dnsBindPermission:revoke: + parameters: *ref_1 + post: + description: >- + Revokes the bind permission from the customer provided principal(user / + service account) on the intranet VPC associated with the consumer + project. DnsBindPermission is a global resource and location can only be + global. + operationId: vmwareengine.projects.locations.dnsBindPermission.revoke + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RevokeDnsBindPermissionRequest' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: - in: path - name: vmwareEngineNetworksId + name: projectsId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - - in: query - name: etag + - in: path + name: locationsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/vmwareEngineNetworks/{vmwareEngineNetworksId}: + parameters: *ref_1 get: description: >- Retrieves a `VmwareEngineNetwork` resource by its resource name. The @@ -8161,18 +8151,17 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateConnections: - parameters: *ref_1 - post: + patch: description: >- - Creates a new private connection that can be used for accessing private - Clouds. - operationId: vmwareengine.projects.locations.privateConnections.create + Modifies a VMware Engine network resource. Only the following fields can + be updated: `description`. Only fields specified in `updateMask` are + applied. + operationId: vmwareengine.projects.locations.vmwareEngineNetworks.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/PrivateConnection' + $ref: '#/components/schemas/VmwareEngineNetwork' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8196,17 +8185,27 @@ paths: required: true schema: type: string + - in: path + name: vmwareEngineNetworksId + required: true + schema: + type: string - in: query - name: privateConnectionId + name: updateMask schema: type: string + format: google-fieldmask - in: query name: requestId schema: type: string - get: - description: Lists `PrivateConnection` resources in a given project and location. - operationId: vmwareengine.projects.locations.privateConnections.list + delete: + description: >- + Deletes a `VmwareEngineNetwork` resource. You can only delete a VMware + Engine network after all resources that refer to it are deleted. For + example, a private cloud, a network peering, and a network policy can + all refer to the same VMware Engine network. + operationId: vmwareengine.projects.locations.vmwareEngineNetworks.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8218,7 +8217,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListPrivateConnectionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -8230,31 +8229,24 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: vmwareEngineNetworksId + required: true schema: type: string - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: etag schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateConnections/{privateConnectionsId}: + /v1/projects/{projectsId}/locations/{locationsId}/vmwareEngineNetworks: parameters: *ref_1 get: - description: >- - Retrieves a `PrivateConnection` resource by its resource name. The - resource contains details of the private connection, such as connected - network, routing mode and state. - operationId: vmwareengine.projects.locations.privateConnections.get + description: Lists `VmwareEngineNetwork` resources in a given project and location. + operationId: vmwareengine.projects.locations.vmwareEngineNetworks.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8266,7 +8258,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PrivateConnection' + $ref: '#/components/schemas/ListVmwareEngineNetworksResponse' parameters: - in: path name: projectsId @@ -8278,22 +8270,31 @@ paths: required: true schema: type: string - - in: path - name: privateConnectionsId - required: true + - in: query + name: orderBy schema: type: string - patch: - description: >- - Modifies a `PrivateConnection` resource. Only `description` and - `routing_mode` fields can be updated. Only fields specified in - `updateMask` are applied. - operationId: vmwareengine.projects.locations.privateConnections.patch + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + post: + description: Creates a new VMware Engine network that can be used by a private cloud. + operationId: vmwareengine.projects.locations.vmwareEngineNetworks.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/PrivateConnection' + $ref: '#/components/schemas/VmwareEngineNetwork' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8317,26 +8318,19 @@ paths: required: true schema: type: string - - in: path - name: privateConnectionsId - required: true - schema: - type: string - in: query - name: updateMask + name: vmwareEngineNetworkId schema: type: string - format: google-fieldmask - in: query name: requestId schema: type: string - delete: - description: >- - Deletes a `PrivateConnection` resource. When a private connection is - deleted for a VMware Engine network, the connected network becomes - inaccessible to that VMware Engine network. - operationId: vmwareengine.projects.locations.privateConnections.delete + /v1/projects/{projectsId}/locations/{locationsId}/announcements/{announcementsId}: + parameters: *ref_1 + get: + description: Retrieves a `Announcement` by its resource name. + operationId: vmwareengine.projects.locations.announcements.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8348,7 +8342,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Announcement' parameters: - in: path name: projectsId @@ -8361,19 +8355,15 @@ paths: schema: type: string - in: path - name: privateConnectionsId + name: announcementsId required: true schema: type: string - - in: query - name: requestId - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/privateConnections/{privateConnectionsId}/peeringRoutes: + /v1/projects/{projectsId}/locations/{locationsId}/announcements: parameters: *ref_1 get: - description: Lists the private connection routes exchanged over a peering connection. - operationId: vmwareengine.projects.locations.privateConnections.peeringRoutes.list + description: Lists `Announcements` for a given region and project + operationId: vmwareengine.projects.locations.announcements.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8385,8 +8375,7 @@ paths: content: application/json: schema: - $ref: >- - #/components/schemas/ListPrivateConnectionPeeringRoutesResponse + $ref: '#/components/schemas/ListAnnouncementsResponse' parameters: - in: path name: projectsId @@ -8398,34 +8387,28 @@ paths: required: true schema: type: string - - in: path - name: privateConnectionsId - required: true - schema: - type: string - in: query name: pageSize schema: type: integer format: int32 + - in: query + name: filter + schema: + type: string - in: query name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dnsBindPermission:grant: + - in: query + name: orderBy + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/nodeTypes/{nodeTypesId}: parameters: *ref_1 - post: - description: >- - Grants the bind permission to the customer provided principal(user / - service account) to bind their DNS zone with the intranet VPC associated - with the project. DnsBindPermission is a global resource and location - can only be global. - operationId: vmwareengine.projects.locations.dnsBindPermission.grant - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GrantDnsBindPermissionRequest' + get: + description: Gets details of a single `NodeType`. + operationId: vmwareengine.projects.locations.nodeTypes.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8437,7 +8420,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/NodeType' parameters: - in: path name: projectsId @@ -8449,20 +8432,16 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/dnsBindPermission:revoke: + - in: path + name: nodeTypesId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/nodeTypes: parameters: *ref_1 - post: - description: >- - Revokes the bind permission from the customer provided principal(user / - service account) on the intranet VPC associated with the consumer - project. DnsBindPermission is a global resource and location can only be - global. - operationId: vmwareengine.projects.locations.dnsBindPermission.revoke - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RevokeDnsBindPermissionRequest' + get: + description: Lists node types + operationId: vmwareengine.projects.locations.nodeTypes.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8474,7 +8453,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListNodeTypesResponse' parameters: - in: path name: projectsId @@ -8486,11 +8465,24 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/announcements: + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken + schema: + type: string + /v1/projects/{projectsId}/locations: parameters: *ref_1 get: - description: Lists `Announcements` for a given region and project - operationId: vmwareengine.projects.locations.announcements.list + description: Lists information about the supported locations for this service. + operationId: vmwareengine.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8502,16 +8494,19 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListAnnouncementsResponse' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: pageToken + schema: + type: string + - in: query + name: extraLocationTypes schema: type: string - in: query @@ -8519,23 +8514,18 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - in: query name: filter schema: type: string - - in: query - name: orderBy - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/announcements/{announcementsId}: + /v1/projects/{projectsId}/locations/{locationsId}/dnsBindPermission: parameters: *ref_1 get: - description: Retrieves a `Announcement` by its resource name. - operationId: vmwareengine.projects.locations.announcements.get + description: >- + Gets all the principals having bind permission on the intranet VPC + associated with the consumer project granted by the Grant API. + DnsBindPermission is a global resource and location can only be global. + operationId: vmwareengine.projects.locations.getDnsBindPermission security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -8547,7 +8537,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Announcement' + $ref: '#/components/schemas/DnsBindPermission' parameters: - in: path name: projectsId @@ -8559,8 +8549,31 @@ paths: required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}: + parameters: *ref_1 + get: + description: Gets information about a location. + operationId: vmwareengine.projects.locations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Location' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string - in: path - name: announcementsId + name: locationsId required: true schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/vpcaccess.yaml b/providers/src/googleapis.com/v00.00.00000/services/vpcaccess.yaml index 58d4dbed..a58e4a26 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/vpcaccess.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/vpcaccess.yaml @@ -7,8 +7,8 @@ info: title: Serverless VPC Access API description: API for managing VPC access connectors. version: v1 - x-discovery-doc-revision: '20250817' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251201' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/vpc/docs/configure-serverless-vpc-access servers: @@ -34,76 +34,121 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object + Connector: + id: Connector properties: - locations: + minThroughput: + deprecated: true + format: int32 description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. + Minimum throughput of the connector in Mbps. Refers to the expected + throughput when using an `e2-micro` machine type. Value must be a + multiple of 100 from 200 through 900. Must be lower than the value + specified by --max-throughput. If both min-throughput and + min-instances are provided, min-instances takes precedence over + min-throughput. The use of `min-throughput` is discouraged in favor + of `min-instances`. + type: integer + ipCidrRange: + description: >- + Optional. The range of internal addresses that follows RFC 4632 + notation. Example: `10.132.0.0/28`. type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: + maxInstances: + type: integer + description: >- + Maximum value of instances in autoscaling group underlying the + connector. + format: int32 name: + type: string description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + The resource name in the format + `projects/*/locations/*/connectors/*`. + minInstances: + format: int32 + description: >- + Minimum value of instances in autoscaling group underlying the + connector. + type: integer + network: + description: Optional. Name of a VPC network. type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + machineType: type: string - displayName: description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + Machine type of VM Instance underlying connector. Default is + e2-micro + state: type: string - labels: + description: Output only. State of the VPC access connector. + readOnly: true + enum: + - STATE_UNSPECIFIED + - READY + - CREATING + - DELETING + - ERROR + - UPDATING + enumDescriptions: + - Invalid state. + - Connector is deployed and ready to receive traffic. + - An Insert operation is in progress. Transient condition. + - A Delete operation is in progress. Transient condition. + - Connector is in a bad state, manual deletion recommended. + - The connector is being updated. + maxThroughput: + type: integer + format: int32 description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: + Maximum throughput of the connector in Mbps. Refers to the expected + throughput when using an `e2-micro` machine type. Value must be a + multiple of 100 from 300 through 1000. Must be higher than the value + specified by --min-throughput. If both max-throughput and + max-instances are provided, max-instances takes precedence over + max-throughput. The use of `max-throughput` is discouraged in favor + of `max-instances`. + deprecated: true + connectedProjects: + type: array + readOnly: true + items: type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + description: Output only. List of projects using the connector. + subnet: + description: Optional. The subnet in which to house the VPC Access Connector. + $ref: '#/components/schemas/Subnet' type: object + description: Definition of a Serverless VPC Access connector. + ListOperationsResponse: properties: + nextPageToken: + description: The standard List next-page token. + type: string + unreachable: + type: array + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + items: + type: string operations: + items: + $ref: '#/components/schemas/Operation' description: >- A list of operations that matches the specified filter in the request. type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. - type: string + description: The response message for Operations.ListOperations. + type: object + id: ListOperationsResponse Operation: - id: Operation description: >- This resource represents a long-running operation that is the result of a network API call. - type: object + id: Operation properties: name: description: >- @@ -112,44 +157,132 @@ components: mapping, the `name` should be a resource name ending with `operations/{unique_id}`. type: string - metadata: + response: description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' done: description: >- If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available. type: boolean - error: + metadata: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object + OperationMetadataV1Alpha1: + id: OperationMetadataV1Alpha1 + properties: + insertTime: + readOnly: true + format: google-datetime + type: string + description: Output only. Time when the operation was created. + target: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object + Output only. Name of the resource that this operation is acting on + e.g. projects/my-project/locations/us-central1/connectors/v1. + type: string + readOnly: true + method: + description: >- + Output only. Method that initiated the operation e.g. + google.cloud.vpcaccess.v1alpha1.Connectors.CreateConnector. + type: string + readOnly: true + endTime: + readOnly: true + format: google-datetime + description: Output only. Time when the operation completed. + type: string + description: Metadata for google.longrunning.Operation. + type: object + Location: + properties: + metadata: additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + type: string + labels: + type: object + additionalProperties: + type: string + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + displayName: + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + type: string + description: A resource that represents a Google Cloud location. + type: object + id: Location + OperationMetadata: + id: OperationMetadata + description: Metadata for google.longrunning.Operation. + type: object + properties: + endTime: + type: string + format: google-datetime + readOnly: true + description: Output only. Time when the operation completed. + method: + type: string + readOnly: true + description: >- + Output only. Method that initiated the operation e.g. + google.cloud.vpcaccess.v1.Connectors.CreateConnector. + target: + readOnly: true + description: >- + Output only. Name of the resource that this operation is acting on + e.g. projects/my-project/locations/us-central1/connectors/v1. + type: string + createTime: + format: google-datetime + description: Output only. Time when the operation was created. + readOnly: true + type: string Status: - id: Status description: >- The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It @@ -158,119 +291,67 @@ components: details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). + id: Status type: object properties: code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string + type: integer + description: The status code, which should be an enum value of google.rpc.Code. details: description: >- A list of messages that carry the error details. There is a common set of message types for APIs to use. type: array items: - type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - Connector: - id: Connector - description: Definition of a Serverless VPC Access connector. - type: object - properties: - name: - description: >- - The resource name in the format - `projects/*/locations/*/connectors/*`. - type: string - network: - description: Optional. Name of a VPC network. + type: object + message: type: string - ipCidrRange: description: >- - Optional. The range of internal addresses that follows RFC 4632 - notation. Example: `10.132.0.0/28`. - type: string - state: - description: Output only. State of the VPC access connector. + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + OperationMetadataV1Beta1: + id: OperationMetadataV1Beta1 + properties: + createTime: readOnly: true + format: google-datetime + description: Output only. Time when the operation was created. type: string - enumDescriptions: - - Invalid state. - - Connector is deployed and ready to receive traffic. - - An Insert operation is in progress. Transient condition. - - A Delete operation is in progress. Transient condition. - - Connector is in a bad state, manual deletion recommended. - - The connector is being updated. - enum: - - STATE_UNSPECIFIED - - READY - - CREATING - - DELETING - - ERROR - - UPDATING - minThroughput: - description: >- - Minimum throughput of the connector in Mbps. Refers to the expected - throughput when using an `e2-micro` machine type. Value must be a - multiple of 100 from 200 through 900. Must be lower than the value - specified by --max-throughput. If both min-throughput and - min-instances are provided, min-instances takes precedence over - min-throughput. The use of `min-throughput` is discouraged in favor - of `min-instances`. - deprecated: true - type: integer - format: int32 - maxThroughput: + target: description: >- - Maximum throughput of the connector in Mbps. Refers to the expected - throughput when using an `e2-micro` machine type. Value must be a - multiple of 100 from 300 through 1000. Must be higher than the value - specified by --min-throughput. If both max-throughput and - max-instances are provided, max-instances takes precedence over - max-throughput. The use of `max-throughput` is discouraged in favor - of `max-instances`. - deprecated: true - type: integer - format: int32 - connectedProjects: - description: Output only. List of projects using the connector. + Output only. Name of the resource that this operation is acting on + e.g. projects/my-project/locations/us-central1/connectors/v1. readOnly: true - type: array - items: - type: string - subnet: - description: Optional. The subnet in which to house the VPC Access Connector. - $ref: '#/components/schemas/Subnet' - machineType: - description: >- - Machine type of VM Instance underlying connector. Default is - e2-micro type: string - minInstances: - description: >- - Minimum value of instances in autoscaling group underlying the - connector. - type: integer - format: int32 - maxInstances: + method: + readOnly: true description: >- - Maximum value of instances in autoscaling group underlying the - connector. - type: integer - format: int32 + Output only. Method that initiated the operation e.g. + google.cloud.vpcaccess.v1beta1.Connectors.CreateConnector. + type: string + endTime: + type: string + readOnly: true + description: Output only. Time when the operation completed. + format: google-datetime + type: object + description: Metadata for google.longrunning.Operation. Subnet: id: Subnet - description: The subnet in which to house the connector type: object + description: The subnet in which to house the connector properties: + projectId: + type: string + description: >- + Optional. Project in which the subnet exists. If not set, this + project is assumed to be the project for which the connector create + request was issued. name: description: >- Optional. Subnet name (relative, not fully qualified). E.g. if the @@ -278,135 +359,41 @@ components: https://compute.googleapis.com/compute/v1/projects/{project}/regions/{region}/subnetworks/{subnetName} the correct input for this field would be {subnetName} type: string - projectId: - description: >- - Optional. Project in which the subnet exists. If not set, this - project is assumed to be the project for which the connector create - request was issued. - type: string ListConnectorsResponse: - id: ListConnectorsResponse description: Response for listing Serverless VPC Access connectors. + id: ListConnectorsResponse type: object properties: connectors: - description: List of Serverless VPC Access connectors. - type: array items: $ref: '#/components/schemas/Connector' + description: List of Serverless VPC Access connectors. + type: array nextPageToken: - description: Continuation token. - type: string - OperationMetadataV1Alpha1: - id: OperationMetadataV1Alpha1 - description: Metadata for google.longrunning.Operation. - type: object - properties: - method: - description: >- - Output only. Method that initiated the operation e.g. - google.cloud.vpcaccess.v1alpha1.Connectors.CreateConnector. - readOnly: true - type: string - insertTime: - description: Output only. Time when the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. Time when the operation completed. - readOnly: true - type: string - format: google-datetime - target: - description: >- - Output only. Name of the resource that this operation is acting on - e.g. projects/my-project/locations/us-central1/connectors/v1. - readOnly: true type: string - OperationMetadataV1Beta1: - id: OperationMetadataV1Beta1 - description: Metadata for google.longrunning.Operation. - type: object + description: Continuation token. + ListLocationsResponse: properties: - method: - description: >- - Output only. Method that initiated the operation e.g. - google.cloud.vpcaccess.v1beta1.Connectors.CreateConnector. - readOnly: true - type: string - createTime: - description: Output only. Time when the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. Time when the operation completed. - readOnly: true - type: string - format: google-datetime - target: + locations: + type: array description: >- - Output only. Name of the resource that this operation is acting on - e.g. projects/my-project/locations/us-central1/connectors/v1. - readOnly: true + A list of locations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Location' + nextPageToken: type: string - OperationMetadata: - id: OperationMetadata - description: Metadata for google.longrunning.Operation. + description: The standard List next-page token. type: object - properties: - method: - description: >- - Output only. Method that initiated the operation e.g. - google.cloud.vpcaccess.v1.Connectors.CreateConnector. - readOnly: true - type: string - createTime: - description: Output only. Time when the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. Time when the operation completed. - readOnly: true - type: string - format: google-datetime - target: - description: >- - Output only. Name of the resource that this operation is acting on - e.g. projects/my-project/locations/us-central1/connectors/v1. - readOnly: true - type: string - parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. - in: query - name: alt - schema: - type: string - enum: - - json - - media - - proto + description: The response message for Locations.ListLocations. + id: ListLocationsResponse + parameters: callback: description: JSONP in: query name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. - in: query - name: fields - schema: - type: string key: description: >- API key. Your API key identifies your project and provides you with API @@ -416,18 +403,6 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -437,6 +412,16 @@ components: name: quotaUser schema: type: string + alt: + description: Data format for response. + in: query + name: alt + schema: + type: string + enum: + - json + - media + - proto upload_protocol: description: Upload protocol for media (e.g. "raw", "multipart"). in: query @@ -449,6 +434,30 @@ components: name: uploadType schema: type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string _.xgafv: description: V1 error format. in: query @@ -478,43 +487,29 @@ components: update: [] replace: [] delete: [] - operations: - id: google.vpcaccess.operations - name: operations - title: Operations + connectors: + id: google.vpcaccess.connectors + name: connectors + title: Connectors methods: - list: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectors~1{connectorsId}/delete response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectors~1{connectorsId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - connectors: - id: google.vpcaccess.connectors - name: connectors - title: Connectors - methods: - create: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectors/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectors~1{connectorsId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -526,51 +521,65 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.connectors - patch: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectors~1{connectorsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectors/post response: mediaType: application/json openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/connectors/methods/get' + - $ref: '#/components/x-stackQL-resources/connectors/methods/list' + insert: + - $ref: '#/components/x-stackQL-resources/connectors/methods/create' + update: + - $ref: '#/components/x-stackQL-resources/connectors/methods/patch' + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/connectors/methods/delete' + operations: + id: google.vpcaccess.operations + name: operations + title: Operations + methods: get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectors~1{connectorsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1connectors~1{connectorsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/connectors/methods/get' - - $ref: '#/components/x-stackQL-resources/connectors/methods/list' - insert: - - $ref: '#/components/x-stackQL-resources/connectors/methods/create' - update: - - $ref: '#/components/x-stackQL-resources/connectors/methods/patch' + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' + insert: [] + update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/connectors/methods/delete' + delete: [] paths: /v1/projects/{projectsId}/locations: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/_.xgafv' get: description: Lists information about the supported locations for this service. @@ -597,26 +606,26 @@ paths: name: filter schema: type: string + - in: query + name: pageToken + schema: + type: string - in: query name: pageSize schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - in: query name: extraLocationTypes schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/connectors/{connectorsId}: parameters: *ref_1 - get: + delete: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: vpcaccess.projects.locations.operations.list + Deletes a Serverless VPC Access connector. Returns NOT_FOUND if the + resource does not exist. + operationId: vpcaccess.projects.locations.connectors.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -628,7 +637,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -640,27 +649,16 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: connectorsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 get: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: vpcaccess.projects.locations.operations.get + Gets a Serverless VPC Access connector. Returns NOT_FOUND if the + resource does not exist. + operationId: vpcaccess.projects.locations.connectors.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -672,7 +670,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Connector' parameters: - in: path name: projectsId @@ -685,15 +683,13 @@ paths: schema: type: string - in: path - name: operationsId + name: connectorsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connectors: - parameters: *ref_1 - post: - description: Creates a Serverless VPC Access connector, returns an operation. - operationId: vpcaccess.projects.locations.connectors.create + patch: + description: Updates a Serverless VPC Access connector, returns an operation. + operationId: vpcaccess.projects.locations.connectors.patch requestBody: content: application/json: @@ -722,10 +718,18 @@ paths: required: true schema: type: string + - in: path + name: connectorsId + required: true + schema: + type: string - in: query - name: connectorId + name: updateMask schema: type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/connectors: + parameters: *ref_1 get: description: Lists Serverless VPC Access connectors. operationId: vpcaccess.projects.locations.connectors.list @@ -761,11 +765,9 @@ paths: name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/connectors/{connectorsId}: - parameters: *ref_1 - patch: - description: Updates a Serverless VPC Access connector, returns an operation. - operationId: vpcaccess.projects.locations.connectors.patch + post: + description: Creates a Serverless VPC Access connector, returns an operation. + operationId: vpcaccess.projects.locations.connectors.create requestBody: content: application/json: @@ -794,21 +796,18 @@ paths: required: true schema: type: string - - in: path - name: connectorsId - required: true - schema: - type: string - in: query - name: updateMask + name: connectorId schema: type: string - format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 get: description: >- - Gets a Serverless VPC Access connector. Returns NOT_FOUND if the - resource does not exist. - operationId: vpcaccess.projects.locations.connectors.get + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: vpcaccess.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -820,7 +819,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Connector' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -833,15 +832,17 @@ paths: schema: type: string - in: path - name: connectorsId + name: operationsId required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/operations: + parameters: *ref_1 + get: description: >- - Deletes a Serverless VPC Access connector. Returns NOT_FOUND if the - resource does not exist. - operationId: vpcaccess.projects.locations.connectors.delete + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: vpcaccess.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -853,7 +854,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -865,8 +866,20 @@ paths: required: true schema: type: string - - in: path - name: connectorsId - required: true + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean diff --git a/providers/src/googleapis.com/v00.00.00000/services/webrisk.yaml b/providers/src/googleapis.com/v00.00.00000/services/webrisk.yaml index 4ee4f17f..647c495d 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/webrisk.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/webrisk.yaml @@ -7,8 +7,8 @@ info: title: Web Risk API description: '' version: v1 - x-discovery-doc-revision: '20250824' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251202' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/web-risk/ servers: @@ -35,9 +35,9 @@ components: scopes: *ref_0 schemas: GoogleLongrunningListOperationsResponse: + type: object id: GoogleLongrunningListOperationsResponse description: The response message for Operations.ListOperations. - type: object properties: operations: description: >- @@ -46,172 +46,44 @@ components: type: array items: $ref: '#/components/schemas/GoogleLongrunningOperation' + unreachable: + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. + items: + type: string + type: array nextPageToken: description: The standard List next-page token. type: string - GoogleLongrunningOperation: - id: GoogleLongrunningOperation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object - properties: - name: - description: Matches the `/v1/{project-name}/operations/{operation-id}` pattern. - type: string - metadata: - description: Contains a `SubmitUriMetadata` object. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/GoogleRpcStatus' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleRpcStatus: - id: GoogleRpcStatus - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). + GoogleCloudWebriskV1ThreatEntryRemovals: type: object + id: GoogleCloudWebriskV1ThreatEntryRemovals + description: Contains the set of entries to remove from a local database. properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: + riceIndices: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleProtobufEmpty: - id: GoogleProtobufEmpty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - GoogleLongrunningCancelOperationRequest: - id: GoogleLongrunningCancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - GoogleCloudWebriskV1ComputeThreatListDiffResponse: - id: GoogleCloudWebriskV1ComputeThreatListDiffResponse + The encoded local, lexicographically-sorted list indices, using a + Golomb-Rice encoding. Used for sending compressed removal indices. + The removal indices (uint32) are sorted in ascending order, then + delta encoded and stored as encoded_data. + $ref: '#/components/schemas/GoogleCloudWebriskV1RiceDeltaEncoding' + rawIndices: + description: The raw removal indices for a local list. + $ref: '#/components/schemas/GoogleCloudWebriskV1RawIndices' + GoogleCloudWebriskV1Submission: + id: GoogleCloudWebriskV1Submission type: object properties: - responseType: - description: >- - The type of response. This may indicate that an action must be taken - by the client when the response is received. - type: string - enumDescriptions: - - Unknown. - - >- - Partial updates are applied to the client's existing local - database. - - >- - Full updates resets the client's entire local database. This means - that either the client had no state, was seriously out-of-date, or - the client is believed to be corrupt. - enum: - - RESPONSE_TYPE_UNSPECIFIED - - DIFF - - RESET - additions: - description: A set of entries to add to a local threat type's list. - $ref: '#/components/schemas/GoogleCloudWebriskV1ThreatEntryAdditions' - removals: - description: >- - A set of entries to remove from a local threat type's list. This - field may be empty. - $ref: '#/components/schemas/GoogleCloudWebriskV1ThreatEntryRemovals' - newVersionToken: - description: >- - The new opaque client version token. This should be retained by the - client and passed into the next call of ComputeThreatListDiff as - 'version_token'. A separate version token should be stored and used - for each threatList. - type: string - format: byte - checksum: - description: >- - The expected SHA256 hash of the client state; that is, of the sorted - list of all hashes present in the database after applying the - provided diff. If the client state doesn't match the expected state, - the client must discard this diff and retry later. - $ref: >- - #/components/schemas/GoogleCloudWebriskV1ComputeThreatListDiffResponseChecksum - recommendedNextDiff: - description: >- - The soonest the client should wait before issuing any diff request. - Querying sooner is unlikely to produce a meaningful diff. Waiting - longer is acceptable considering the use case. If this field is not - set clients may update as soon as they want. + uri: type: string - format: google-datetime - GoogleCloudWebriskV1ThreatEntryAdditions: - id: GoogleCloudWebriskV1ThreatEntryAdditions - description: >- - Contains the set of entries to add to a local database. May contain a - combination of compressed and raw data in a single response. - type: object - properties: - rawHashes: - description: >- - The raw SHA256-formatted entries. Repeated to allow returning sets - of hashes with different prefix sizes. - type: array - items: - $ref: '#/components/schemas/GoogleCloudWebriskV1RawHashes' - riceHashes: description: >- - The encoded 4-byte prefixes of SHA256-formatted entries, using a - Golomb-Rice encoding. The hashes are converted to uint32, sorted in - ascending order, then delta encoded and stored as encoded_data. - $ref: '#/components/schemas/GoogleCloudWebriskV1RiceDeltaEncoding' + Required. The URI that is being reported for malicious content to be + analyzed. + description: Wraps a URI that might be displaying malicious content. GoogleCloudWebriskV1RawHashes: - id: GoogleCloudWebriskV1RawHashes description: >- The uncompressed threat entries in hash format. Hashes can be anywhere from 4 to 32 bytes in size. A large majority are 4 bytes, but some @@ -219,110 +91,187 @@ components: Used for sending ThreatEntryAdditons to clients that do not support compression, or when sending non-4-byte hashes to clients that do support compression. + id: GoogleCloudWebriskV1RawHashes type: object properties: - prefixSize: - description: >- - The number of bytes for each prefix encoded below. This field can be - anywhere from 4 (shortest prefix) to 32 (full SHA256 hash). In - practice this is almost always 4, except in exceptional - circumstances. - type: integer - format: int32 rawHashes: + type: string + format: byte description: >- The hashes, in binary format, concatenated into one long string. Hashes are sorted in lexicographic order. For JSON API users, hashes are base64-encoded. - type: string - format: byte - GoogleCloudWebriskV1RiceDeltaEncoding: - id: GoogleCloudWebriskV1RiceDeltaEncoding - description: >- - The Rice-Golomb encoded data. Used for sending compressed 4-byte hashes - or compressed removal indices. - type: object - properties: - firstValue: - description: >- - The offset of the first entry in the encoded data, or, if only a - single integer was encoded, that single integer's value. If the - field is empty or missing, assume zero. - type: string - format: int64 - riceParameter: - description: >- - The Golomb-Rice parameter, which is a number between 2 and 28. This - field is missing (that is, zero) if `num_entries` is zero. - type: integer + prefixSize: format: int32 - entryCount: - description: >- - The number of entries that are delta encoded in the encoded data. If - only a single integer was encoded, this will be zero and the single - value will be stored in `first_value`. type: integer - format: int32 - encodedData: - description: The encoded deltas that are encoded using the Golomb-Rice coder. - type: string - format: byte - GoogleCloudWebriskV1ThreatEntryRemovals: - id: GoogleCloudWebriskV1ThreatEntryRemovals - description: Contains the set of entries to remove from a local database. - type: object - properties: - rawIndices: - description: The raw removal indices for a local list. - $ref: '#/components/schemas/GoogleCloudWebriskV1RawIndices' - riceIndices: description: >- - The encoded local, lexicographically-sorted list indices, using a - Golomb-Rice encoding. Used for sending compressed removal indices. - The removal indices (uint32) are sorted in ascending order, then - delta encoded and stored as encoded_data. - $ref: '#/components/schemas/GoogleCloudWebriskV1RiceDeltaEncoding' + The number of bytes for each prefix encoded below. This field can be + anywhere from 4 (shortest prefix) to 32 (full SHA256 hash). In + practice this is almost always 4, except in exceptional + circumstances. + GoogleLongrunningCancelOperationRequest: + id: GoogleLongrunningCancelOperationRequest + description: The request message for Operations.CancelOperation. + properties: {} + type: object GoogleCloudWebriskV1RawIndices: id: GoogleCloudWebriskV1RawIndices description: A set of raw indices to remove from a local list. - type: object properties: indices: - description: The indices to remove from a lexicographically-sorted local list. type: array items: type: integer format: int32 - GoogleCloudWebriskV1ComputeThreatListDiffResponseChecksum: - id: GoogleCloudWebriskV1ComputeThreatListDiffResponseChecksum - description: The expected state of a client's local database. + description: The indices to remove from a lexicographically-sorted local list. type: object + GoogleProtobufEmpty: + properties: {} + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + id: GoogleProtobufEmpty + type: object + GoogleRpcStatus: properties: - sha256: + code: + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + details: + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + id: GoogleRpcStatus + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + type: object + GoogleCloudWebriskV1ComputeThreatListDiffResponse: + type: object + id: GoogleCloudWebriskV1ComputeThreatListDiffResponse + properties: + additions: + description: A set of entries to add to a local threat type's list. + $ref: '#/components/schemas/GoogleCloudWebriskV1ThreatEntryAdditions' + recommendedNextDiff: + format: google-datetime + type: string + description: >- + The soonest the client should wait before issuing any diff request. + Querying sooner is unlikely to produce a meaningful diff. Waiting + longer is acceptable considering the use case. If this field is not + set clients may update as soon as they want. + checksum: + $ref: >- + #/components/schemas/GoogleCloudWebriskV1ComputeThreatListDiffResponseChecksum description: >- - The SHA256 hash of the client state; that is, of the sorted list of - all hashes present in the database. - type: string + The expected SHA256 hash of the client state; that is, of the sorted + list of all hashes present in the database after applying the + provided diff. If the client state doesn't match the expected state, + the client must discard this diff and retry later. + removals: + description: >- + A set of entries to remove from a local threat type's list. This + field may be empty. + $ref: '#/components/schemas/GoogleCloudWebriskV1ThreatEntryRemovals' + newVersionToken: format: byte - GoogleCloudWebriskV1SearchUrisResponse: - id: GoogleCloudWebriskV1SearchUrisResponse + description: >- + The new opaque client version token. This should be retained by the + client and passed into the next call of ComputeThreatListDiff as + 'version_token'. A separate version token should be stored and used + for each threatList. + type: string + responseType: + type: string + description: >- + The type of response. This may indicate that an action must be taken + by the client when the response is received. + enumDescriptions: + - Unknown. + - >- + Partial updates are applied to the client's existing local + database. + - >- + Full updates resets the client's entire local database. This means + that either the client had no state, was seriously out-of-date, or + the client is believed to be corrupt. + enum: + - RESPONSE_TYPE_UNSPECIFIED + - DIFF + - RESET + GoogleLongrunningOperation: + id: GoogleLongrunningOperation + description: >- + This resource represents a long-running operation that is the result of + a network API call. type: object properties: - threat: + done: + type: boolean description: >- - The threat list matches. This might be empty if the URI is on no - list. - $ref: '#/components/schemas/GoogleCloudWebriskV1SearchUrisResponseThreatUri' + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/GoogleRpcStatus' + response: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + name: + description: Matches the `/v1/{project-name}/operations/{operation-id}` pattern. + type: string + metadata: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: Contains a `SubmitUriMetadata` object. + type: object GoogleCloudWebriskV1SearchUrisResponseThreatUri: - id: GoogleCloudWebriskV1SearchUrisResponseThreatUri - description: Contains threat information on a matching uri. - type: object properties: threatTypes: - description: The ThreatList this threat belongs to. type: array items: - type: string + enum: + - THREAT_TYPE_UNSPECIFIED + - MALWARE + - SOCIAL_ENGINEERING + - UNWANTED_SOFTWARE + - SOCIAL_ENGINEERING_EXTENDED_COVERAGE enumDescriptions: - >- No entries should match this threat type. This threat type is @@ -333,48 +282,111 @@ components: - >- A list of extended coverage social engineering URIs targeting any platform. - enum: - - THREAT_TYPE_UNSPECIFIED - - MALWARE - - SOCIAL_ENGINEERING - - UNWANTED_SOFTWARE - - SOCIAL_ENGINEERING_EXTENDED_COVERAGE + type: string + description: The ThreatList this threat belongs to. expireTime: description: >- The cache lifetime for the returned match. Clients must not cache this response past this timestamp to avoid false positives. - type: string format: google-datetime + type: string + id: GoogleCloudWebriskV1SearchUrisResponseThreatUri + description: Contains threat information on a matching uri. + type: object GoogleCloudWebriskV1SearchHashesResponse: id: GoogleCloudWebriskV1SearchHashesResponse - type: object properties: + negativeExpireTime: + type: string + description: >- + For requested entities that did not match the threat list, how long + to cache the response until. + format: google-datetime threats: + items: + $ref: >- + #/components/schemas/GoogleCloudWebriskV1SearchHashesResponseThreatHash description: >- The full hashes that matched the requested prefixes. The hash will be populated in the key. type: array - items: - $ref: >- - #/components/schemas/GoogleCloudWebriskV1SearchHashesResponseThreatHash - negativeExpireTime: + type: object + GoogleCloudWebriskV1SearchUrisResponse: + type: object + id: GoogleCloudWebriskV1SearchUrisResponse + properties: + threat: + $ref: '#/components/schemas/GoogleCloudWebriskV1SearchUrisResponseThreatUri' description: >- - For requested entities that did not match the threat list, how long - to cache the response until. + The threat list matches. This might be empty if the URI is on no + list. + GoogleCloudWebriskV1ComputeThreatListDiffResponseChecksum: + description: The expected state of a client's local database. + id: GoogleCloudWebriskV1ComputeThreatListDiffResponseChecksum + type: object + properties: + sha256: type: string - format: google-datetime - GoogleCloudWebriskV1SearchHashesResponseThreatHash: - id: GoogleCloudWebriskV1SearchHashesResponseThreatHash - description: Contains threat information on a matching hash. + format: byte + description: >- + The SHA256 hash of the client state; that is, of the sorted list of + all hashes present in the database. + GoogleCloudWebriskV1RiceDeltaEncoding: type: object + description: >- + The Rice-Golomb encoded data. Used for sending compressed 4-byte hashes + or compressed removal indices. properties: - threatTypes: + riceParameter: + type: integer + format: int32 description: >- - The ThreatList this threat belongs to. This must contain at least - one entry. + The Golomb-Rice parameter, which is a number between 2 and 28. This + field is missing (that is, zero) if `num_entries` is zero. + entryCount: + format: int32 + type: integer + description: >- + The number of entries that are delta encoded in the encoded data. If + only a single integer was encoded, this will be zero and the single + value will be stored in `first_value`. + encodedData: + format: byte + type: string + description: The encoded deltas that are encoded using the Golomb-Rice coder. + firstValue: + format: int64 + type: string + description: >- + The offset of the first entry in the encoded data, or, if only a + single integer was encoded, that single integer's value. If the + field is empty or missing, assume zero. + id: GoogleCloudWebriskV1RiceDeltaEncoding + GoogleCloudWebriskV1ThreatEntryAdditions: + description: >- + Contains the set of entries to add to a local database. May contain a + combination of compressed and raw data in a single response. + properties: + rawHashes: + description: >- + The raw SHA256-formatted entries. Repeated to allow returning sets + of hashes with different prefix sizes. + type: array + items: + $ref: '#/components/schemas/GoogleCloudWebriskV1RawHashes' + riceHashes: + description: >- + The encoded 4-byte prefixes of SHA256-formatted entries, using a + Golomb-Rice encoding. The hashes are converted to uint32, sorted in + ascending order, then delta encoded and stored as encoded_data. + $ref: '#/components/schemas/GoogleCloudWebriskV1RiceDeltaEncoding' + id: GoogleCloudWebriskV1ThreatEntryAdditions + type: object + GoogleCloudWebriskV1SearchHashesResponseThreatHash: + properties: + threatTypes: type: array items: - type: string enumDescriptions: - >- No entries should match this threat type. This threat type is @@ -391,57 +403,62 @@ components: - SOCIAL_ENGINEERING - UNWANTED_SOFTWARE - SOCIAL_ENGINEERING_EXTENDED_COVERAGE + type: string + description: >- + The ThreatList this threat belongs to. This must contain at least + one entry. hash: + type: string + format: byte description: >- A 32 byte SHA256 hash. This field is in binary format. For JSON requests, hashes are base64-encoded. - type: string - format: byte expireTime: + format: google-datetime + type: string description: >- The cache lifetime for the returned match. Clients must not cache this response past this timestamp to avoid false positives. - type: string - format: google-datetime - GoogleCloudWebriskV1Submission: - id: GoogleCloudWebriskV1Submission - description: Wraps a URI that might be displaying malicious content. + id: GoogleCloudWebriskV1SearchHashesResponseThreatHash + description: Contains threat information on a matching hash. type: object - properties: - uri: - description: >- - Required. The URI that is being reported for malicious content to be - analyzed. - type: string parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: alt + name: oauth_token schema: type: string - enum: - - json - - media - - proto callback: description: JSONP in: query name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: fields + name: upload_protocol + schema: + type: string + access_token: + description: OAuth access token. + in: query + name: access_token + schema: + type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType schema: type: string + prettyPrint: + description: Returns response with indentations and line breaks. + in: query + name: prettyPrint + schema: + type: boolean key: description: >- API key. Your API key identifies your project and provides you with API @@ -451,18 +468,12 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: oauth_token + name: fields schema: type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -472,18 +483,6 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). - in: query - name: uploadType - schema: - type: string _.xgafv: description: V1 error format. in: query @@ -493,19 +492,46 @@ components: enum: - '1' - '2' + alt: + description: Data format for response. + in: query + name: alt + schema: + type: string + enum: + - json + - media + - proto x-stackQL-resources: + hashes: + id: google.webrisk.hashes + name: hashes + title: Hashes + methods: + search: + operation: + $ref: '#/paths/~1v1~1hashes:search/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: [] + insert: [] + update: [] + replace: [] + delete: [] operations: id: google.webrisk.operations name: operations title: Operations methods: - list: + cancel: operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1operations/get' + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations get: operation: $ref: >- @@ -520,13 +546,13 @@ components: response: mediaType: application/json openAPIDocKey: '200' - cancel: + list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1operations~1{operationsId}:cancel/post + $ref: '#/paths/~1v1~1projects~1{projectsId}~1operations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.operations sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/operations/methods/get' @@ -588,67 +614,86 @@ components: update: [] replace: [] delete: [] - hashes: - id: google.webrisk.hashes - name: hashes - title: Hashes - methods: - search: - operation: - $ref: '#/paths/~1v1~1hashes:search/get' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - replace: [] - delete: [] paths: - /v1/projects/{projectsId}/operations: + /v1/hashes:search: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/quotaUser' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/alt' get: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: webrisk.projects.operations.list - security: [] + Gets the full hashes that match the requested hash prefix. This is used + after a hash prefix is looked up in a threatList and there is a match. + The client side threatList only holds partial hashes so the client must + query this method to determine if there is a full hash match of a + threat. + operationId: webrisk.hashes.search + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform responses: '200': description: Successful response content: application/json: schema: - $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' + $ref: '#/components/schemas/GoogleCloudWebriskV1SearchHashesResponse' parameters: - - in: path - name: projectsId - required: true + - in: query + name: threatTypes schema: type: string - in: query - name: filter + name: hashPrefix schema: type: string - - in: query - name: pageSize + format: byte + /v1/projects/{projectsId}/operations/{operationsId}:cancel: + parameters: *ref_1 + post: + description: >- + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: webrisk.projects.operations.cancel + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' + security: [] + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/GoogleProtobufEmpty' + parameters: + - in: path + name: projectsId + required: true schema: - type: integer - format: int32 - - in: query - name: pageToken + type: string + - in: path + name: operationsId + required: true schema: type: string /v1/projects/{projectsId}/operations/{operationsId}: @@ -708,25 +753,13 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/operations/{operationsId}:cancel: + /v1/projects/{projectsId}/operations: parameters: *ref_1 - post: + get: description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: webrisk.projects.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleLongrunningCancelOperationRequest' + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: webrisk.projects.operations.list security: [] responses: '200': @@ -734,18 +767,30 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/GoogleLongrunningListOperationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: returnPartialSuccess + schema: + type: boolean /v1/projects/{projectsId}/submissions: parameters: *ref_1 post: @@ -807,10 +852,6 @@ paths: $ref: >- #/components/schemas/GoogleCloudWebriskV1ComputeThreatListDiffResponse parameters: - - in: query - name: threatType - schema: - type: string - in: query name: versionToken schema: @@ -822,14 +863,18 @@ paths: type: integer format: int32 - in: query - name: constraints.maxDatabaseEntries + name: threatType schema: - type: integer - format: int32 + type: string - in: query name: constraints.supportedCompressions schema: type: string + - in: query + name: constraints.maxDatabaseEntries + schema: + type: integer + format: int32 /v1/uris:search: parameters: *ref_1 get: @@ -853,43 +898,11 @@ paths: schema: $ref: '#/components/schemas/GoogleCloudWebriskV1SearchUrisResponse' parameters: - - in: query - name: uri - schema: - type: string - in: query name: threatTypes schema: type: string - /v1/hashes:search: - parameters: *ref_1 - get: - description: >- - Gets the full hashes that match the requested hash prefix. This is used - after a hash prefix is looked up in a threatList and there is a match. - The client side threatList only holds partial hashes so the client must - query this method to determine if there is a full hash match of a - threat. - operationId: webrisk.hashes.search - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/GoogleCloudWebriskV1SearchHashesResponse' - parameters: - - in: query - name: hashPrefix - schema: - type: string - format: byte - in: query - name: threatTypes + name: uri schema: type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/websecurityscanner.yaml b/providers/src/googleapis.com/v00.00.00000/services/websecurityscanner.yaml index d5d9dc59..401fdc34 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/websecurityscanner.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/websecurityscanner.yaml @@ -7,8 +7,8 @@ info: title: Web Security Scanner API description: Scans your Compute and App Engine apps for common web vulnerabilities. version: v1 - x-discovery-doc-revision: '20250810' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251109' + x-generated-date: '2025-12-10' externalDocs: url: >- https://cloud.google.com/security-command-center/docs/concepts-web-security-scanner-overview/ diff --git a/providers/src/googleapis.com/v00.00.00000/services/workflowexecutions.yaml b/providers/src/googleapis.com/v00.00.00000/services/workflowexecutions.yaml index 6b41a238..a5732fef 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/workflowexecutions.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/workflowexecutions.yaml @@ -7,8 +7,8 @@ info: title: Workflow Executions API description: Execute workflows created with Workflows API. version: v1 - x-discovery-doc-revision: '20250812' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251105' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/workflows servers: diff --git a/providers/src/googleapis.com/v00.00.00000/services/workflows.yaml b/providers/src/googleapis.com/v00.00.00000/services/workflows.yaml index 64c1b11c..e9e9f6f8 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/workflows.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/workflows.yaml @@ -9,8 +9,8 @@ info: Manage workflow definitions. To execute workflows and manage executions, see the Workflows Executions API. version: v1 - x-discovery-doc-revision: '20250814' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251112' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/workflows servers: @@ -36,253 +36,128 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. + Empty: + properties: {} + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } type: object + id: Empty + ListOperationsResponse: + description: The response message for Operations.ListOperations. + type: object + id: ListOperationsResponse properties: - locations: + unreachable: description: >- - A list of locations that matches the specified filter in the - request. + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections e.g. when attempting to list all resources across all + supported locations. type: array items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' - type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". - type: string - labels: - description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object - properties: operations: + items: + $ref: '#/components/schemas/Operation' description: >- A list of operations that matches the specified filter in the request. type: array - items: - $ref: '#/components/schemas/Operation' nextPageToken: - description: The standard List next-page token. type: string + description: The standard List next-page token. Operation: id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. - type: object properties: - name: + response: + type: object description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. - type: string + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + done: + type: boolean + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. metadata: + type: object description: >- Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any. - type: object additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean error: + $ref: '#/components/schemas/Status' description: >- The error result of the operation in case of failure or cancellation. - $ref: '#/components/schemas/Status' - response: - description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + name: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. type: string - details: - description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - ListWorkflowsResponse: - id: ListWorkflowsResponse - description: Response for the ListWorkflows method. + This resource represents a long-running operation that is the result of + a network API call. type: object - properties: - workflows: - description: The workflows that match the request. - type: array - items: - $ref: '#/components/schemas/Workflow' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. - type: string - unreachable: - description: Unreachable resources. - type: array - items: - type: string Workflow: - id: Workflow description: Workflow program to be executed by Workflows. + id: Workflow type: object properties: - name: - description: >- - The resource name of the workflow. Format: - projects/{project}/locations/{location}/workflows/{workflow}. This - is a workflow-wide field and is not tied to a specific revision. - type: string - description: - description: >- - Description of the workflow provided by the user. Must be at most - 1000 Unicode characters long. This is a workflow-wide field and is - not tied to a specific revision. - type: string - state: - description: Output only. State of the workflow deployment. - readOnly: true - type: string - enumDescriptions: - - Invalid state. - - The workflow has been deployed successfully and is serving. - - Workflow data is unavailable. See the `state_error` field. - enum: - - STATE_UNSPECIFIED - - ACTIVE - - UNAVAILABLE - revisionId: - description: >- - Output only. The revision of the workflow. A new revision of a - workflow is created as a result of updating the following properties - of a workflow: - Service account - Workflow code to be executed The - format is "000001-a4d", where the first six characters define the - zero-padded revision ordinal number. They are followed by a hyphen - and three hexadecimal random characters. - readOnly: true - type: string - createTime: - description: >- - Output only. The timestamp for when the workflow was created. This - is a workflow-wide field and is not tied to a specific revision. - readOnly: true - type: string - format: google-datetime - updateTime: - description: >- - Output only. The timestamp for when the workflow was last updated. - This is a workflow-wide field and is not tied to a specific - revision. - readOnly: true - type: string - format: google-datetime revisionCreateTime: description: >- Output only. The timestamp for the latest revision of the workflow's creation. - readOnly: true type: string + readOnly: true format: google-datetime - labels: + tags: + additionalProperties: + type: string + type: object + description: Optional. Input only. Immutable. Tags associated with this workflow. + stateError: + $ref: '#/components/schemas/StateError' + readOnly: true description: >- - Labels associated with this workflow. Labels can contain at most 64 - entries. Keys and values can be no longer than 63 characters and can - only contain lowercase letters, numeric characters, underscores, and - dashes. Label keys must start with a letter. International - characters are allowed. This is a workflow-wide field and is not - tied to a specific revision. + Output only. Error regarding the state of the workflow. For example, + this field will have error details if the execution data is + unavailable due to revoked KMS key permissions. + userEnvVars: type: object + description: >- + Optional. User-defined environment variables associated with this + workflow revision. This map has a maximum length of 20. Each string + can take up to 4KiB. Keys cannot be empty strings and cannot start + with "GOOGLE" or "WORKFLOWS". additionalProperties: type: string + description: + type: string + description: >- + Description of the workflow provided by the user. Must be at most + 1000 Unicode characters long. This is a workflow-wide field and is + not tied to a specific revision. serviceAccount: description: >- The service account associated with the latest workflow version. @@ -296,10 +171,55 @@ components: Modifying this field for an existing workflow results in a new workflow revision. type: string - sourceContents: - description: Workflow code to be executed. The size limit is 128KB. + allKmsKeysVersions: + readOnly: true + type: array + description: >- + Output only. A list of all KMS crypto key versions used to encrypt + or decrypt the data associated with the workflow. + items: + type: string + allKmsKeys: + items: + type: string + description: >- + Output only. A list of all KMS crypto keys used to encrypt or + decrypt the data associated with the workflow. + type: array + readOnly: true + updateTime: + description: >- + Output only. The timestamp for when the workflow was last updated. + This is a workflow-wide field and is not tied to a specific + revision. + readOnly: true + format: google-datetime + type: string + executionHistoryLevel: + enumDescriptions: + - The default/unset value. + - Enable execution history basic feature. + - Enable execution history detailed feature. + enum: + - EXECUTION_HISTORY_LEVEL_UNSPECIFIED + - EXECUTION_HISTORY_BASIC + - EXECUTION_HISTORY_DETAILED + description: >- + Optional. Describes the execution history level to apply to this + workflow. + type: string + revisionId: + readOnly: true type: string + description: >- + Output only. The revision of the workflow. A new revision of a + workflow is created as a result of updating the following properties + of a workflow: - Service account - Workflow code to be executed The + format is "000001-a4d", where the first six characters define the + zero-padded revision ordinal number. They are followed by a hyphen + and three hexadecimal random characters. cryptoKeyName: + type: string description: >- Optional. The resource name of a KMS crypto key used to encrypt or decrypt the data associated with the workflow. Format: @@ -307,21 +227,7 @@ components: Using `-` as a wildcard for the `{project}` or not providing one at all will infer the project from the account. If not provided, data associated with the workflow will not be CMEK-encrypted. - type: string - stateError: - description: >- - Output only. Error regarding the state of the workflow. For example, - this field will have error details if the execution data is - unavailable due to revoked KMS key permissions. - readOnly: true - $ref: '#/components/schemas/StateError' callLogLevel: - description: >- - Optional. Describes the level of platform logging to apply to calls - and call responses during executions of this workflow. If both the - workflow and the execution specify a logging level, the execution - level takes precedence. - type: string enumDescriptions: - No call logging level specified. - >- @@ -331,81 +237,183 @@ components: Log only exceptions that are raised from call steps within workflows. - Explicitly log nothing. + type: string + description: >- + Optional. Describes the level of platform logging to apply to calls + and call responses during executions of this workflow. If both the + workflow and the execution specify a logging level, the execution + level takes precedence. enum: - CALL_LOG_LEVEL_UNSPECIFIED - LOG_ALL_CALLS - LOG_ERRORS_ONLY - LOG_NONE - userEnvVars: + createTime: + type: string + format: google-datetime description: >- - Optional. User-defined environment variables associated with this - workflow revision. This map has a maximum length of 20. Each string - can take up to 4KiB. Keys cannot be empty strings and cannot start - with "GOOGLE" or "WORKFLOWS". + Output only. The timestamp for when the workflow was created. This + is a workflow-wide field and is not tied to a specific revision. + readOnly: true + sourceContents: + type: string + description: Workflow code to be executed. The size limit is 128KB. + state: + enumDescriptions: + - Invalid state. + - The workflow has been deployed successfully and is serving. + - Workflow data is unavailable. See the `state_error` field. + readOnly: true + enum: + - STATE_UNSPECIFIED + - ACTIVE + - UNAVAILABLE + description: Output only. State of the workflow deployment. + type: string + labels: type: object + description: >- + Labels associated with this workflow. Labels can contain at most 64 + entries. Keys and values can be no longer than 63 characters and can + only contain lowercase letters, numeric characters, underscores, and + dashes. Label keys must start with a letter. International + characters are allowed. This is a workflow-wide field and is not + tied to a specific revision. additionalProperties: type: string - executionHistoryLevel: + name: description: >- - Optional. Describes the execution history level to apply to this - workflow. + The resource name of the workflow. Format: + projects/{project}/locations/{location}/workflows/{workflow}. This + is a workflow-wide field and is not tied to a specific revision. + type: string + cryptoKeyVersion: + description: >- + Output only. The resource name of a KMS crypto key version used to + encrypt or decrypt the data associated with the workflow. Format: + projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{cryptoKey}/cryptoKeyVersions/{cryptoKeyVersion} + type: string + readOnly: true + Location: + properties: + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + labels: + additionalProperties: + type: string + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + type: object + displayName: + type: string + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + name: + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` type: string + metadata: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + Service-specific metadata. For example the available capacity at the + given location. + type: object + type: object + description: A resource that represents a Google Cloud location. + id: Location + ListLocationsResponse: + id: ListLocationsResponse + type: object + properties: + nextPageToken: + description: The standard List next-page token. + type: string + locations: + type: array + items: + $ref: '#/components/schemas/Location' + description: >- + A list of locations that matches the specified filter in the + request. + description: The response message for Locations.ListLocations. + StateError: + id: StateError + properties: + type: enumDescriptions: - - The default/unset value. - - Enable execution history basic feature. - - Enable execution history detailed feature. + - No type specified. + - Caused by an issue with KMS. + description: The type of this state error. + type: string enum: - - EXECUTION_HISTORY_LEVEL_UNSPECIFIED - - EXECUTION_HISTORY_BASIC - - EXECUTION_HISTORY_DETAILED - allKmsKeys: + - TYPE_UNSPECIFIED + - KMS_ERROR + details: + description: Provides specifics about the error. + type: string + description: Describes an error related to the current state of the workflow. + type: object + Status: + properties: + code: + description: The status code, which should be an enum value of google.rpc.Code. + format: int32 + type: integer + details: + items: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any description: >- - Output only. A list of all KMS crypto keys used to encrypt or - decrypt the data associated with the workflow. - readOnly: true + A list of messages that carry the error details. There is a common + set of message types for APIs to use. type: array + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + id: Status + type: object + ListWorkflowsResponse: + type: object + description: Response for the ListWorkflows method. + id: ListWorkflowsResponse + properties: + unreachable: items: type: string - allKmsKeysVersions: - description: >- - Output only. A list of all KMS crypto key versions used to encrypt - or decrypt the data associated with the workflow. - readOnly: true + description: Unreachable resources. type: array + workflows: + description: The workflows that match the request. items: - type: string - cryptoKeyVersion: + $ref: '#/components/schemas/Workflow' + type: array + nextPageToken: description: >- - Output only. The resource name of a KMS crypto key version used to - encrypt or decrypt the data associated with the workflow. Format: - projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{cryptoKey}/cryptoKeyVersions/{cryptoKeyVersion} - readOnly: true - type: string - tags: - description: Optional. Input only. Immutable. Tags associated with this workflow. - type: object - additionalProperties: - type: string - StateError: - id: StateError - description: Describes an error related to the current state of the workflow. - type: object - properties: - details: - description: Provides specifics about the error. - type: string - type: - description: The type of this state error. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. type: string - enumDescriptions: - - No type specified. - - Caused by an issue with KMS. - enum: - - TYPE_UNSPECIFIED - - KMS_ERROR ListWorkflowRevisionsResponse: id: ListWorkflowRevisionsResponse - description: Response for the ListWorkflowRevisions method. type: object properties: workflows: @@ -420,57 +428,61 @@ components: A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. type: string + description: Response for the ListWorkflowRevisions method. OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. - type: object properties: - createTime: - description: The time the operation was created. - type: string - format: google-datetime - endTime: - description: The time the operation finished running. - type: string - format: google-datetime target: - description: Server-defined resource path for the target of the operation. type: string + description: Server-defined resource path for the target of the operation. verb: description: Name of the verb executed by the operation. type: string apiVersion: description: API version used to start the operation. type: string + createTime: + description: The time the operation was created. + format: google-datetime + type: string + endTime: + description: The time the operation finished running. + type: string + format: google-datetime + description: Represents the metadata of the long-running operation. + id: OperationMetadata + type: object parameters: - access_token: - description: OAuth access token. + quotaUser: + description: >- + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: access_token + name: quotaUser schema: type: string - alt: - description: Data format for response. + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). in: query - name: alt + name: upload_protocol schema: type: string - enum: - - json - - media - - proto callback: description: JSONP in: query name: callback schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + alt: + description: Data format for response. in: query - name: fields + name: alt schema: type: string + enum: + - json + - media + - proto key: description: >- API key. Your API key identifies your project and provides you with API @@ -480,31 +492,16 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string prettyPrint: description: Returns response with indentations and line breaks. in: query name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. - in: query - name: quotaUser - schema: - type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). + access_token: + description: OAuth access token. in: query - name: upload_protocol + name: access_token schema: type: string uploadType: @@ -522,89 +519,65 @@ components: enum: - '1' - '2' + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token + schema: + type: string + fields: + description: Selector specifying which fields to include in a partial response. + in: query + name: fields + schema: + type: string x-stackQL-resources: locations: id: google.workflows.locations name: locations title: Locations methods: - list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations get: operation: $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - operations: - id: google.workflows.operations - name: operations - title: Operations - methods: list: operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - delete: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.locations sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' insert: [] update: [] replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + delete: [] workflows: id: google.workflows.workflows name: workflows title: Workflows methods: - list: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflows/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflows/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.workflows - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflows/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflows/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.workflows get: operation: $ref: >- @@ -612,17 +585,17 @@ components: response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflows~1{workflowsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflows~1{workflowsId}/patch response: mediaType: application/json openAPIDocKey: '200' - patch: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflows~1{workflowsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workflows~1{workflowsId}/delete response: mediaType: application/json openAPIDocKey: '200' @@ -658,23 +631,59 @@ components: update: [] replace: [] delete: [] + operations: + id: google.workflows.operations + name: operations + title: Operations + methods: + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + get: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.unreachable + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' + insert: [] + update: [] + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' paths: - /v1/projects/{projectsId}/locations: + /v1/projects/{projectsId}/locations/{locationsId}: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/upload_protocol' - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/fields' get: - description: Lists information about the supported locations for this service. - operationId: workflows.projects.locations.list + description: Gets information about a location. + operationId: workflows.projects.locations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -686,35 +695,23 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListLocationsResponse' + $ref: '#/components/schemas/Location' parameters: - in: path name: projectsId required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes + - in: path + name: locationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}: + /v1/projects/{projectsId}/locations: parameters: *ref_1 get: - description: Gets information about a location. - operationId: workflows.projects.locations.get + description: Lists information about the supported locations for this service. + operationId: workflows.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -726,25 +723,43 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Location' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + - in: query + name: extraLocationTypes + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/workflows: parameters: *ref_1 - get: + post: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: workflows.projects.locations.operations.list + Creates a new workflow. If a workflow with the specified name already + exists in the specified project and location, the long running operation + returns a ALREADY_EXISTS error. + operationId: workflows.projects.locations.workflows.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Workflow' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -756,7 +771,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -769,26 +784,14 @@ paths: schema: type: string - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + name: workflowId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 get: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: workflows.projects.locations.operations.get + Lists workflows in a given project and location. The default order is + not specified. + operationId: workflows.projects.locations.workflows.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -800,7 +803,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListWorkflowsResponse' parameters: - in: path name: projectsId @@ -812,18 +815,28 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: orderBy schema: type: string - delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: workflows.projects.locations.operations.delete + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/workflows/{workflowsId}: + parameters: *ref_1 + get: + description: Gets details of a single workflow. + operationId: workflows.projects.locations.workflows.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -835,7 +848,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Workflow' parameters: - in: path name: projectsId @@ -848,17 +861,26 @@ paths: schema: type: string - in: path - name: operationsId + name: workflowsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/workflows: - parameters: *ref_1 - get: + - in: query + name: revisionId + schema: + type: string + patch: description: >- - Lists workflows in a given project and location. The default order is - not specified. - operationId: workflows.projects.locations.workflows.list + Updates an existing workflow. Running this method has no impact on + already running executions of the workflow. A new revision of the + workflow might be created as a result of a successful update operation. + In that case, the new revision is used in new workflow executions. + operationId: workflows.projects.locations.workflows.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Workflow' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -870,7 +892,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListWorkflowsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -882,34 +904,21 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: workflowsId + required: true schema: type: string - in: query - name: orderBy + name: updateMask schema: type: string - post: + format: google-fieldmask + delete: description: >- - Creates a new workflow. If a workflow with the specified name already - exists in the specified project and location, the long running operation - returns a ALREADY_EXISTS error. - operationId: workflows.projects.locations.workflows.create - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Workflow' + Deletes a workflow with the specified name. This method also cancels and + deletes all running executions of the workflow. + operationId: workflows.projects.locations.workflows.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -933,15 +942,16 @@ paths: required: true schema: type: string - - in: query - name: workflowId + - in: path + name: workflowsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/workflows/{workflowsId}: + /v1/projects/{projectsId}/locations/{locationsId}/workflows/{workflowsId}:listRevisions: parameters: *ref_1 get: - description: Gets details of a single workflow. - operationId: workflows.projects.locations.workflows.get + description: Lists revisions for a given workflow. + operationId: workflows.projects.locations.workflows.listRevisions security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -953,7 +963,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Workflow' + $ref: '#/components/schemas/ListWorkflowRevisionsResponse' parameters: - in: path name: projectsId @@ -971,14 +981,23 @@ paths: schema: type: string - in: query - name: revisionId + name: pageToken schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 delete: description: >- - Deletes a workflow with the specified name. This method also cancels and - deletes all running executions of the workflow. - operationId: workflows.projects.locations.workflows.delete + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: workflows.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -990,7 +1009,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -1003,22 +1022,16 @@ paths: schema: type: string - in: path - name: workflowsId + name: operationsId required: true schema: type: string - patch: + get: description: >- - Updates an existing workflow. Running this method has no impact on - already running executions of the workflow. A new revision of the - workflow might be created as a result of a successful update operation. - In that case, the new revision is used in new workflow executions. - operationId: workflows.projects.locations.workflows.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Workflow' + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: workflows.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1043,20 +1056,17 @@ paths: schema: type: string - in: path - name: workflowsId + name: operationsId required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - /v1/projects/{projectsId}/locations/{locationsId}/workflows/{workflowsId}:listRevisions: + /v1/projects/{projectsId}/locations/{locationsId}/operations: parameters: *ref_1 get: - description: Lists revisions for a given workflow. - operationId: workflows.projects.locations.workflows.listRevisions + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: workflows.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -1068,7 +1078,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListWorkflowRevisionsResponse' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -1080,9 +1090,12 @@ paths: required: true schema: type: string - - in: path - name: workflowsId - required: true + - in: query + name: filter + schema: + type: string + - in: query + name: pageToken schema: type: string - in: query @@ -1091,6 +1104,6 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: returnPartialSuccess schema: - type: string + type: boolean diff --git a/providers/src/googleapis.com/v00.00.00000/services/workloadmanager.yaml b/providers/src/googleapis.com/v00.00.00000/services/workloadmanager.yaml index 7b41aa81..e43dafe4 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/workloadmanager.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/workloadmanager.yaml @@ -10,8 +10,8 @@ info: to automate the deployment and validation of your workloads against best practices and recommendations. version: v1 - x-discovery-doc-revision: '20250813' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251112' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/workload-manager/docs servers: @@ -37,511 +37,264 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. - type: object + Resource: + description: Message represent resource in execution result + id: Resource properties: - operations: - description: >- - A list of operations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + type: + description: The type of resource. type: string - Operation: - id: Operation - description: >- - This resource represents a long-running operation that is the result of - a network API call. + serviceAccount: + description: The service account associated with the resource. + type: string + name: + type: string + description: The name of the resource. + type: object + CloudResource: + description: The resource on GCP + id: CloudResource type: object properties: + kind: + enum: + - RESOURCE_KIND_UNSPECIFIED + - RESOURCE_KIND_INSTANCE + - RESOURCE_KIND_DISK + - RESOURCE_KIND_ADDRESS + - RESOURCE_KIND_FILESTORE + - RESOURCE_KIND_HEALTH_CHECK + - RESOURCE_KIND_FORWARDING_RULE + - RESOURCE_KIND_BACKEND_SERVICE + - RESOURCE_KIND_SUBNETWORK + - RESOURCE_KIND_NETWORK + - RESOURCE_KIND_PUBLIC_ADDRESS + - RESOURCE_KIND_INSTANCE_GROUP + type: string + description: 'Output only. ' + enumDescriptions: + - Unspecified resource kind. + - This is a compute instance. + - This is a compute disk. + - This is a compute address. + - This is a filestore instance. + - This is a compute health check. + - This is a compute forwarding rule. + - This is a compute backend service. + - This is a compute subnetwork. + - This is a compute network. + - This is a public accessible IP Address. + - This is a compute instance group. + readOnly: true + instanceProperties: + readOnly: true + description: Output only. All instance properties. + $ref: '#/components/schemas/InstanceProperties' name: - description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. type: string - metadata: - description: >- - Service-specific metadata associated with the operation. It - typically contains progress information and common metadata such as - create time. Some services might not provide such metadata. Any - method that returns a long-running operation should document the - metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - done: - description: >- - If the value is `false`, it means the operation is still in - progress. If `true`, the operation is completed, and either `error` - or `response` is available. - type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' - response: description: >- - The normal, successful response of the operation. If the original - method returns no data on success, such as `Delete`, the response is - `google.protobuf.Empty`. If the original method is standard - `Get`/`Create`/`Update`, the response should be the resource. For - other methods, the response should have the type `XxxResponse`, - where `Xxx` is the original method name. For example, if the - original method name is `TakeSnapshot()`, the inferred response type - is `TakeSnapshotResponse`. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object + Output only. resource name Example: + compute.googleapis.com/projects/wlm-obs-dev/zones/us-central1-a/instances/sap-pri + readOnly: true + SapDiscoveryResourceInstanceProperties: + id: SapDiscoveryResourceInstanceProperties + description: A set of properties only present for an instance type resource properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: + instanceNumber: + description: Optional. The VM's instance number. + deprecated: true + type: string + format: int64 + clusterInstances: description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. + Optional. A list of instance URIs that are part of a cluster with + this one. + items: + type: string + type: array + virtualHostname: + description: Optional. A virtual hostname of the instance if it has one. type: string - details: + osKernelVersion: + description: Optional. The kernel version of the instance. + $ref: >- + #/components/schemas/SapDiscoveryResourceInstancePropertiesKernelVersion + instanceRole: + enum: + - INSTANCE_ROLE_UNSPECIFIED + - INSTANCE_ROLE_ASCS + - INSTANCE_ROLE_ERS + - INSTANCE_ROLE_APP_SERVER + - INSTANCE_ROLE_DATABASE + - INSTANCE_ROLE_ASCS_ERS + - INSTANCE_ROLE_ASCS_APP_SERVER + - INSTANCE_ROLE_ASCS_DATABASE + - INSTANCE_ROLE_ERS_APP_SERVER + - INSTANCE_ROLE_ERS_DATABASE + - INSTANCE_ROLE_APP_SERVER_DATABASE + - INSTANCE_ROLE_ASCS_ERS_APP_SERVER + - INSTANCE_ROLE_ASCS_ERS_DATABASE + - INSTANCE_ROLE_ASCS_APP_SERVER_DATABASE + - INSTANCE_ROLE_ERS_APP_SERVER_DATABASE + - INSTANCE_ROLE_ASCS_ERS_APP_SERVER_DATABASE description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. + Optional. Bitmask of instance role, a resource may have multiple + roles at once. + enumDescriptions: + - Unspecified instance role. + - Application central services. + - Enqueue replication server. + - Application server. + - Database node. + - >- + Combinations of roles. Application central services and enqueue + replication server. + - Application central services and application server. + - Application central services and database. + - Enqueue replication server and application server. + - Enqueue replication server and database. + - Application server and database. + - >- + Application central services, enqueue replication server and + application server. + - >- + Application central services, enqueue replication server and + database. + - Application central services, application server and database. + - Enqueue replication server, application server and database. + - >- + Application central services, enqueue replication server, + application server and database. + type: string + isDrSite: + description: Optional. Instance is part of a DR site. + type: boolean + appInstances: + items: + $ref: >- + #/components/schemas/SapDiscoveryResourceInstancePropertiesAppInstance + description: Optional. App server instances on the host type: array + diskMounts: items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - Empty: - id: Empty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - ListEvaluationsResponse: - id: ListEvaluationsResponse - description: Message for response to listing Evaluations + $ref: >- + #/components/schemas/SapDiscoveryResourceInstancePropertiesDiskMount + type: array + description: Optional. Disk mounts on the instance. type: object + ResourceFilter: + description: Message describing resource filters properties: - evaluations: - description: The list of Evaluation + gceInstanceFilter: + description: Filter compute engine resource + $ref: '#/components/schemas/GceInstanceFilter' + resourceIdPatterns: + description: The id pattern for filter resource type: array items: - $ref: '#/components/schemas/Evaluation' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - unreachable: - description: Locations that could not be reached. + type: string + scopes: + description: The scopes of evaluation resource type: array items: type: string - Evaluation: - id: Evaluation - description: Message describing Evaluation object + inclusionLabels: + type: object + additionalProperties: + type: string + description: The label used for filter resource type: object - properties: - name: - description: >- - name of resource names have the form - 'projects/{project_id}/locations/{location_id}/evaluations/{evaluation_id}' - type: string - description: - description: Description of the Evaluation - type: string - resourceFilter: - description: annotations as key value pairs - $ref: '#/components/schemas/ResourceFilter' - ruleNames: - description: the name of the rule - type: array - items: - type: string - ruleVersions: - description: Output only. [Output only] The updated rule ids if exist. - readOnly: true - type: array - items: - type: string - resourceStatus: - description: Output only. [Output only] The updated rule ids if exist. - readOnly: true - $ref: '#/components/schemas/ResourceStatus' - createTime: - description: Output only. [Output only] Create time stamp - readOnly: true - type: string - format: google-datetime - updateTime: - description: Output only. [Output only] Update time stamp - readOnly: true - type: string - format: google-datetime + id: ResourceFilter + Location: + description: A resource that represents a Google Cloud location. + properties: labels: - description: Labels as key value pairs + description: >- + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} type: object additionalProperties: type: string - schedule: - description: >- - crontab format schedule for scheduled evaluation, currently only - support the following schedule: "0 */1 * * *", "0 */6 * * *", "0 - */12 * * *", "0 0 */1 * *", "0 0 */7 * *", - type: string - customRulesBucket: - description: The Cloud Storage bucket name for custom rules. - type: string - evaluationType: - description: Evaluation type + displayName: type: string - enumDescriptions: - - Not specified - - SAP best practices - - SQL best practices - - Customized best practices - - SCC IaC (Infra as Code) best practices. - enumDeprecated: - - false - - false - - false - - false - - true - enum: - - EVALUATION_TYPE_UNSPECIFIED - - SAP - - SQL_SERVER - - OTHER - - SCC_IAC - bigQueryDestination: - description: Optional. BigQuery destination - $ref: '#/components/schemas/BigQueryDestination' - kmsKey: description: >- - Optional. Immutable. Customer-managed encryption key name, in the - format projects/*/locations/*/keyRings/*/cryptoKeys/*. + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' type: string - ResourceFilter: - id: ResourceFilter - description: Message describing resource filters - type: object - properties: - scopes: - description: The scopes of evaluation resource - type: array - items: - type: string - resourceIdPatterns: - description: The id pattern for filter resource - type: array - items: - type: string - inclusionLabels: - description: The label used for filter resource - type: object + metadata: + description: >- + Service-specific metadata. For example the available capacity at the + given location. additionalProperties: - type: string - gceInstanceFilter: - description: Filter compute engine resource - $ref: '#/components/schemas/GceInstanceFilter' - GceInstanceFilter: - id: GceInstanceFilter - description: Message describing compute engine instance filter - type: object - properties: - serviceAccounts: - description: Service account of compute engine - type: array - items: - type: string - ResourceStatus: - id: ResourceStatus - description: Message describing resource status - type: object - properties: - rulesNewerVersions: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object + name: description: >- - Historical: Used before 2023-05-22 the new version of rule id if - exists - deprecated: true - type: array - items: - type: string - state: - description: State of the resource + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` type: string - enumDescriptions: - - The state has not been populated in this message. - - Resource has an active Create operation. - - >- - Resource has no outstanding operations on it or has active Update - operations. - - Resource has an active Delete operation. - enum: - - STATE_UNSPECIFIED - - CREATING - - ACTIVE - - DELETING - BigQueryDestination: - id: BigQueryDestination - description: Message describing big query destination type: object - properties: - destinationDataset: - description: Optional. destination dataset to save evaluation results - type: string - createNewResultsTable: - description: Optional. determine if results will be saved in a new table - type: boolean - ListExecutionsResponse: - id: ListExecutionsResponse - description: Message for response to listing Executions + id: Location + ListDiscoveredProfilesResponse: + description: List discovered profile Response returns discovered profiles from agents + id: ListDiscoveredProfilesResponse type: object properties: - executions: - description: The list of Execution + workloadProfiles: type: array items: - $ref: '#/components/schemas/Execution' + $ref: '#/components/schemas/WorkloadProfile' + readOnly: true + description: Output only. The list of workload profiles nextPageToken: - description: A token identifying a page of results the server should return. + readOnly: true type: string + description: >- + Output only. A token identifying a page of results the server should + return unreachable: description: Locations that could not be reached. type: array items: type: string - Execution: - id: Execution - description: Message describing Execution object - type: object + ExternalDataSources: properties: - name: + assetType: description: >- - The name of execution resource. The format is - projects/{project}/locations/{location}/evaluations/{evaluation}/executions/{execution} - type: string - startTime: - description: Output only. [Output only] Start time stamp - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. [Output only] End time stamp - readOnly: true - type: string - format: google-datetime - inventoryTime: - description: Output only. [Output only] Inventory time stamp - readOnly: true - type: string - format: google-datetime - state: - description: Output only. [Output only] State - readOnly: true + Required. The asset type of the external data source this can be one + of go/cai-asset-types to override the default asset type or it can + be a custom type defined by the user custom type must match the + asset type in the rule type: string - enumDescriptions: - - state of execution is unspecified - - the execution is running in backend service - - the execution run success - - the execution run failed - enum: - - STATE_UNSPECIFIED - - RUNNING - - SUCCEEDED - - FAILED - evaluationId: - description: Output only. [Output only] Evaluation ID - readOnly: true + uri: type: string - labels: - description: Labels as key value pairs - type: object - additionalProperties: - type: string - runType: description: >- - type represent whether the execution executed directly by user or - scheduled according evaluation.schedule field. + Required. URI of external data source. example of bq table + {project_ID}.{dataset_ID}.{table_ID} + name: + description: >- + Optional. Name of external data source. The name will be used inside + the rego/sql to refer the external data + type: string + type: type: string enumDescriptions: - - type of execution is unspecified - - type of execution is one time - - type of execution is scheduled + - Unknown type + - BigQuery table + description: Required. Type of external data source enum: - TYPE_UNSPECIFIED - - ONE_TIME - - SCHEDULED - ruleResults: - description: Output only. execution result summary per rule - readOnly: true - type: array - items: - $ref: '#/components/schemas/RuleExecutionResult' - externalDataSources: - description: Optional. External data sources - type: array - items: - $ref: '#/components/schemas/ExternalDataSources' - notices: - description: Output only. Additional information generated by the execution - readOnly: true - type: array - items: - $ref: '#/components/schemas/Notice' - engine: - description: Optional. Engine - type: string - enumDescriptions: - - The original CG - - SlimCG / Scanner - - Evaluation Engine V2 - enum: - - ENGINE_UNSPECIFIED - - ENGINE_SCANNER - - V2 - resultSummary: - description: Output only. [Output only] Result summary for the execution - readOnly: true - $ref: '#/components/schemas/Summary' - RuleExecutionResult: - id: RuleExecutionResult - description: Message for execution result summary per rule - type: object - properties: - rule: - description: rule name - type: string - state: - description: Output only. The execution status - readOnly: true - type: string - enumDescriptions: - - Unknown state - - execution completed successfully - - execution completed with failures - - execution was not executed - enum: - - STATE_UNSPECIFIED - - STATE_SUCCESS - - STATE_FAILURE - - STATE_SKIPPED - message: - description: Execution message, if any - type: string - resultCount: - description: Number of violations - type: string - format: int64 - scannedResourceCount: - description: Number of total scanned resources - type: string - format: int64 - ExternalDataSources: + - BIG_QUERY_TABLE id: ExternalDataSources description: Message for external data sources type: object - properties: - name: - description: >- - Optional. Name of external data source. The name will be used inside - the rego/sql to refer the external data - type: string - uri: - description: >- - Required. URI of external data source. example of bq table - {project_ID}.{dataset_ID}.{table_ID} - type: string - type: - description: Required. Type of external data source - type: string - enumDescriptions: - - Unknown type - - BigQuery table - enum: - - TYPE_UNSPECIFIED - - BIG_QUERY_TABLE - assetType: - description: >- - Required. The asset type of the external data source this can be one - of go/cai-asset-types to override the default asset type or it can - be a custom type defined by the user custom type must match the - asset type in the rule - type: string - Notice: - id: Notice - description: Message for additional information generated by the execution - type: object - properties: - message: - description: Output only. Message of the notice - readOnly: true - type: string - Summary: - id: Summary - description: Message for execution summary - type: object - properties: - failures: - description: Output only. Number of failures - readOnly: true - type: string - format: int64 - newFailures: - description: >- - Output only. Number of new failures compared to the previous - execution - readOnly: true - type: string - format: int64 - newFixes: - description: Output only. Number of new fixes compared to the previous execution - readOnly: true - type: string - format: int64 RunEvaluationRequest: id: RunEvaluationRequest - description: Message for creating a Execution - type: object properties: - executionId: - description: >- - Required. Id of the requesting object If auto-generating Id - server-side, remove this field and execution_id from the - method_signature of Create RPC - type: string - execution: - description: Required. The resource being created - $ref: '#/components/schemas/Execution' requestId: description: >- Optional. An optional request ID to identify requests. Specify a @@ -557,437 +310,793 @@ components: with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000). type: string - ListExecutionResultsResponse: - id: ListExecutionResultsResponse - description: Message for response of list execution results + executionId: + type: string + description: >- + Required. Id of the requesting object If auto-generating Id + server-side, remove this field and execution_id from the + method_signature of Create RPC + execution: + description: Required. The resource being created + $ref: '#/components/schemas/Execution' type: object + description: Message for creating a Execution + SapValidation: + id: SapValidation properties: - executionResults: - description: The versions from the specified publisher. - type: array + zone: + type: string + description: Optional. The zone of the instance that the Insight data comes from. + validationDetails: items: - $ref: '#/components/schemas/ExecutionResult' - nextPageToken: + $ref: '#/components/schemas/SapValidationValidationDetail' + type: array + description: Optional. A list of SAP validation metrics data. + projectId: description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + Required. The project_id of the cloud project that the Insight data + comes from. type: string - ExecutionResult: - id: ExecutionResult - description: Message describing the result of an execution type: object + description: >- + A presentation of SAP workload insight. The schema of SAP workloads + validation related data. + Summary: + id: Summary + description: Message for execution summary properties: - violationMessage: - description: The violation message of an execution. + newFixes: type: string - severity: - description: The severity of violation. + description: Output only. Number of new fixes compared to the previous execution + readOnly: true + format: int64 + newFailures: + readOnly: true type: string - rule: - description: The rule that is violated in an evaluation. + format: int64 + description: >- + Output only. Number of new failures compared to the previous + execution + failures: + format: int64 + description: Output only. Number of failures + readOnly: true type: string - documentationUrl: - description: The URL for the documentation of the rule. + type: object + SapComponent: + description: The component of sap workload + properties: + topologyType: + enum: + - TOPOLOGY_TYPE_UNSPECIFIED + - TOPOLOGY_SCALE_UP + - TOPOLOGY_SCALE_OUT + enumDescriptions: + - Unspecified topology. + - A scale-up single node system. + - A scale-out multi-node system. + description: The detected topology of the component. type: string - resource: - description: The resource that violates the rule. - $ref: '#/components/schemas/Resource' - violationDetails: - description: The details of violation in an evaluation result. - $ref: '#/components/schemas/ViolationDetails' - commands: - description: The commands to remediate the violation. + resources: + items: + $ref: '#/components/schemas/CloudResource' + description: Output only. resources in the component + readOnly: true + type: array + haHosts: type: array + description: >- + A list of host URIs that are part of the HA configuration if + present. An empty list indicates the component is not configured for + HA. items: - $ref: '#/components/schemas/Command' - type: - description: Execution result type of the scanned resource + type: string + databaseProperties: + description: Output only. All instance properties. + readOnly: true + $ref: '#/components/schemas/DatabaseProperties' + sid: + description: Output only. sid is the sap component identificator type: string - enumDescriptions: - - Unknown state - - resource successfully passed the rule - - resource violated the rule - enum: - - TYPE_UNSPECIFIED - - TYPE_PASSED - - TYPE_VIOLATED - Resource: - id: Resource - description: Message represent resource in execution result + readOnly: true type: object - properties: - type: - description: The type of resource. - type: string - name: - description: The name of the resource. - type: string - serviceAccount: - description: The service account associated with the resource. - type: string - ViolationDetails: - id: ViolationDetails - description: Message describing the violation in an evaluation result. + id: SapComponent + WriteInsightResponse: + type: object + properties: {} + description: The response for write insights request. + id: WriteInsightResponse + OperationMetadata: type: object + description: Represents the metadata of the long-running operation. + id: OperationMetadata properties: - asset: - description: The name of the asset. + statusMessage: + readOnly: true type: string - serviceAccount: - description: The service account associated with the resource. + description: Output only. Human-readable status of the operation, if any. + verb: + readOnly: true type: string - observed: - description: Details of the violation. - type: object - additionalProperties: - type: string - Command: - id: Command - description: '* Command specifies the type of command to execute.' - type: object - properties: - agentCommand: - description: >- - AgentCommand specifies a one-time executable program for the agent - to run. - $ref: '#/components/schemas/AgentCommand' - shellCommand: - description: ShellCommand is invoked via the agent's command line executor. - $ref: '#/components/schemas/ShellCommand' - AgentCommand: - id: AgentCommand - description: >- - * An AgentCommand specifies a one-time executable program for the agent - to run. - type: object - properties: - command: + description: Output only. Name of the verb executed by the operation. + target: description: >- - command is the name of the agent one-time executable that will be - invoked. + Output only. Server-defined resource path for the target of the + operation. type: string - parameters: - description: >- - parameters is a map of key/value pairs that can be used to specify - additional one-time executable settings. - type: object - additionalProperties: - type: string - ShellCommand: - id: ShellCommand - description: '* A ShellCommand is invoked via the agent''s command line executor' - type: object - properties: - command: - description: command is the name of the command to be executed. + readOnly: true + endTime: + readOnly: true type: string - args: - description: args is a string of arguments to be passed to the command. + format: google-datetime + description: Output only. The time the operation finished running. + createTime: type: string - timeoutSeconds: - description: Optional. If not specified, the default timeout is 60 seconds. - type: integer - format: int32 - ListRulesResponse: - id: ListRulesResponse - description: Mesesage of response of list rules + readOnly: true + description: Output only. The time the operation was created. + format: google-datetime + requestedCancellation: + readOnly: true + description: >- + Output only. Identifies whether the user has requested cancellation + of the operation. Operations that have been cancelled successfully + have Operation.error value with a google.rpc.Status.code of 1, + corresponding to `Code.CANCELLED`. + type: boolean + apiVersion: + description: Output only. API version used to start the operation. + type: string + readOnly: true + InvalidRulesWrapper: type: object + id: InvalidRulesWrapper + description: Message wrappes a list of invalid rules. properties: - rules: - description: all rules in response - type: array + invalidRules: items: - $ref: '#/components/schemas/Rule' - nextPageToken: - description: A token identifying a page of results the server should return. - type: string - Rule: - id: Rule - description: Message represent a rule + $ref: '#/components/schemas/InvalidRule' + description: The invalid rules that failed to be validated. + type: array + AgentStatusReference: type: object + description: The reference to public documentation. properties: - name: - description: rule name + url: type: string - revisionId: - description: Output only. the version of the rule + description: Output only. The URL of the reference. readOnly: true + name: type: string - displayName: - description: the name display in UI - type: string - description: - description: descrite rule in plain language - type: string - severity: - description: the severity of the rule - type: string - primaryCategory: - description: the primary category - type: string - secondaryCategory: - description: the secondary category - type: string - errorMessage: - description: the message template for rule - type: string - uri: - description: the docuement url for the rule - type: string - remediation: - description: the remediation for the rule + readOnly: true + description: Output only. The name of the reference. + id: AgentStatusReference + SapDiscoveryResourceInstancePropertiesDiskMount: + type: object + id: SapDiscoveryResourceInstancePropertiesDiskMount + description: Disk mount on the instance. + properties: + name: + description: Optional. Name of the disk. type: string - tags: - description: List of user-defined tags - type: array + diskNames: items: type: string - ListScannedResourcesResponse: - id: ListScannedResourcesResponse - description: Message for response to list scanned resources - type: object - properties: - scannedResources: - description: All scanned resources in response type: array - items: - $ref: '#/components/schemas/ScannedResource' - nextPageToken: - description: >- - A token, which can be sent as `page_token` to retrieve the next - page. If this field is omitted, there are no subsequent pages. + description: Optional. Names of the disks providing this mount point. + mountPoint: type: string + description: Optional. Filesystem mount point. ScannedResource: - id: ScannedResource description: Message of scanned resource - type: object + id: ScannedResource properties: - resource: - description: resource name - type: string type: description: resource type type: string - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object - properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. - type: array - items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. + resource: + description: resource name type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. + type: object + SapDiscoveryComponent: + id: SapDiscoveryComponent type: object properties: - name: - description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` + region: type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + description: >- + Optional. The region this component's resources are primarily + located in. + topologyType: + description: Optional. The detected topology of the component. type: string - displayName: + enumDescriptions: + - Unspecified topology. + - A scale-up single node system. + - A scale-out multi-node system. + enum: + - TOPOLOGY_TYPE_UNSPECIFIED + - TOPOLOGY_SCALE_UP + - TOPOLOGY_SCALE_OUT + haHosts: + items: + type: string + type: array description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + Optional. A list of host URIs that are part of the HA configuration + if present. An empty list indicates the component is not configured + for HA. + hostProject: type: string - labels: + description: Required. Pantheon Project in which the resources reside. + replicationSites: + items: + $ref: '#/components/schemas/SapDiscoveryComponentReplicationSite' + type: array description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object - additionalProperties: - type: string - metadata: + Optional. A list of replication sites used in Disaster Recovery (DR) + configurations. + applicationProperties: + description: Optional. The component is a SAP application. + $ref: '#/components/schemas/SapDiscoveryComponentApplicationProperties' + databaseProperties: + $ref: '#/components/schemas/SapDiscoveryComponentDatabaseProperties' + description: Optional. The component is a SAP database. + sid: description: >- - Service-specific metadata. For example the available capacity at the - given location. + Optional. The SAP identifier, used by the SAP software and helps + differentiate systems for customers. + type: string + resources: + description: Optional. The resources in a component. + items: + $ref: '#/components/schemas/SapDiscoveryResource' + type: array + description: Message describing the system component. + ListEvaluationsResponse: + properties: + evaluations: + items: + $ref: '#/components/schemas/Evaluation' + description: The list of Evaluation + type: array + unreachable: + type: array + items: + type: string + description: Locations that could not be reached. + nextPageToken: + type: string + description: A token identifying a page of results the server should return. + id: ListEvaluationsResponse + description: Message for response to listing Evaluations + type: object + TorsoValidation: + id: TorsoValidation + type: object + description: The schema of torso workload validation data. + properties: + validationDetails: + type: object + additionalProperties: + type: string + description: >- + Required. validation_details contains the pairs of validation data: + field name & field value. + instanceName: + type: string + description: >- + Optional. instance_name lists the human readable name of the + instance that the data comes from. + projectId: + description: >- + Required. project_id lists the human readable cloud project that the + data comes from. + type: string + workloadType: + enum: + - WORKLOAD_TYPE_UNSPECIFIED + - MYSQL + - ORACLE + - REDIS + description: Required. workload_type specifies the type of torso workload. + enumDescriptions: + - Unspecified workload type. + - MySQL workload. + - Oracle workload. + - Redis workload. + type: string + agentVersion: + description: >- + Required. agent_version lists the version of the agent that + collected this data. + type: string + SapDiscoveryResourceInstancePropertiesKernelVersionVersion: + description: Version is reported as Major.Minor.Build.Patch. + id: SapDiscoveryResourceInstancePropertiesKernelVersionVersion + properties: + remainder: + description: >- + Optional. A catch-all for any unparsed version components. This is + in case the number of points in the version string exceeds the + expected count of 4. + type: string + minor: + format: int32 + description: Optional. The minor version number. + type: integer + build: + type: integer + format: int32 + description: Optional. The build version number. + patch: + type: integer + format: int32 + description: Optional. The patch version number. + major: + description: Optional. The major version number. + type: integer + format: int32 + type: object + SapWorkload: + description: The body of sap workload + type: object + id: SapWorkload + properties: + metadata: + description: Output only. The metadata for SAP workload. + additionalProperties: + type: string + type: object + readOnly: true + application: + $ref: '#/components/schemas/SapComponent' + readOnly: true + description: Output only. the acsc componment + database: + $ref: '#/components/schemas/SapComponent' + description: Output only. the database componment + readOnly: true + products: + readOnly: true + type: array + items: + $ref: '#/components/schemas/Product' + description: Output only. the products on this workload. + architecture: + readOnly: true + description: Output only. the architecture + type: string + enumDescriptions: + - Unspecified architecture. + - Invaliad architecture. + - A centralized system. + - A distributed system. + - A distributed with HA system. + - A standalone database system. + - A standalone database with HA system. + enum: + - ARCHITECTURE_UNSPECIFIED + - INVALID + - CENTRALIZED + - DISTRIBUTED + - DISTRIBUTED_HA + - STANDALONE_DATABASE + - STANDALONE_DATABASE_HA + ListExecutionResultsResponse: + description: Message for response of list execution results + type: object + properties: + executionResults: + description: The versions from the specified publisher. + items: + $ref: '#/components/schemas/ExecutionResult' + type: array + nextPageToken: + description: >- + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: string + id: ListExecutionResultsResponse + UpcomingMaintenanceEvent: + description: Maintenance Event + properties: + startTime: + type: string + description: Optional. Start time + format: google-datetime + maintenanceStatus: + description: Optional. Maintenance status + type: string + onHostMaintenance: + type: string + description: >- + Optional. Instance maintenance behavior. Could be "MIGRATE" or + "TERMINATE". + endTime: + description: Optional. End time + type: string + format: google-datetime + type: + type: string + description: Optional. Type + id: UpcomingMaintenanceEvent + type: object + RuleExecutionResult: + properties: + rule: + type: string + description: rule name + resultCount: + description: Number of violations + format: int64 + type: string + state: + description: Output only. The execution status + enum: + - STATE_UNSPECIFIED + - STATE_SUCCESS + - STATE_FAILURE + - STATE_SKIPPED + type: string + enumDescriptions: + - Unknown state + - execution completed successfully + - execution completed with failures + - execution was not executed + readOnly: true + scannedResourceCount: + description: Number of total scanned resources + format: int64 + type: string + message: + description: Execution message, if any + type: string + type: object + id: RuleExecutionResult + description: Message for execution result summary per rule + DatabaseProperties: + description: Database Properties. + properties: + backupProperties: + readOnly: true + $ref: '#/components/schemas/BackupProperties' + description: Output only. Backup properties. + databaseType: + enum: + - DATABASE_TYPE_UNSPECIFIED + - HANA + - MAX_DB + - DB2 + - ORACLE + - SQLSERVER + - ASE + description: Output only. Type of the database. HANA, DB2, etc. + type: string + readOnly: true + enumDescriptions: + - unspecified + - SAP HANA + - SAP MAX_DB + - IBM DB2 + - Oracle Database + - Microsoft SQL Server + - SAP Sybase ASE + type: object + id: DatabaseProperties + SapDiscoveryResourceInstancePropertiesKernelVersion: + description: KernelVersion encapsulates the kernel version data for the system. + type: object + properties: + osKernel: + $ref: >- + #/components/schemas/SapDiscoveryResourceInstancePropertiesKernelVersionVersion + description: >- + Optional. Captures the OS-specific kernel version, the portion of + the string up to the first dash. + distroKernel: + description: >- + Optional. Captures the distro-specific kernel version, the portion + of the string following the first dash. + $ref: >- + #/components/schemas/SapDiscoveryResourceInstancePropertiesKernelVersionVersion + rawString: + type: string + description: Optional. Raw string of the kernel version. + id: SapDiscoveryResourceInstancePropertiesKernelVersion + SapDiscovery: + properties: + workloadProperties: + $ref: '#/components/schemas/SapDiscoveryWorkloadProperties' + description: Optional. The properties of the workload. + applicationLayer: + description: Optional. An SAP system may run without an application layer. + $ref: '#/components/schemas/SapDiscoveryComponent' + systemId: + readOnly: true + type: string + description: >- + Output only. A combination of database SID, database instance URI + and tenant DB name to make a unique identifier per-system. + updateTime: + format: google-datetime + type: string + description: Required. Unix timestamp this system has been updated last. + useDrReconciliation: + description: Optional. Whether to use DR reconciliation or not. + type: boolean + databaseLayer: + $ref: '#/components/schemas/SapDiscoveryComponent' + description: Required. An SAP System must have a database. + projectNumber: + type: string + description: Optional. The GCP project number that this SapSystem belongs to. + metadata: + $ref: '#/components/schemas/SapDiscoveryMetadata' + description: Optional. The metadata for SAP system discovery data. + type: object + id: SapDiscovery + description: The schema of SAP system discovery data. + SqlserverValidationDetails: + description: Message containing collected data names and values. + properties: + fields: + additionalProperties: + type: string + description: Required. Collected data is in format. type: object + type: object + id: SqlserverValidationDetails + BackupProperties: + id: BackupProperties + type: object + properties: + latestBackupTime: + description: The time when the latest backup was performed. + format: google-datetime + type: string + latestBackupStatus: + enumDescriptions: + - unspecified + - SUCCESS state + - FAILURE state + description: Output only. The state of the latest backup. + enum: + - BACKUP_STATE_UNSPECIFIED + - BACKUP_STATE_SUCCESS + - BACKUP_STATE_FAILURE + type: string + readOnly: true + description: Backup properties. + GceInstanceFilter: + description: Message describing compute engine instance filter + type: object + properties: + serviceAccounts: + items: + type: string + type: array + description: Service account of compute engine + id: GceInstanceFilter + SapDiscoveryComponentDatabaseProperties: + properties: + databaseSid: + description: Optional. SID of the system database. + type: string + primaryInstanceUri: + description: Required. URI of the recognized primary instance of the database. + type: string + sharedNfsUri: + type: string + description: >- + Optional. URI of the recognized shared NFS of the database. May be + empty if the database has only a single node. + landscapeId: + type: string + description: Optional. Landscape ID from the HANA nameserver. + instanceNumber: + type: string + description: Optional. Instance number of the SAP instance. + databaseType: + enumDescriptions: + - Unspecified database type. + - SAP HANA + - SAP MAX_DB + - IBM DB2 + - Oracle Database + - Microsoft SQL Server + - SAP Sybase ASE + type: string + enum: + - DATABASE_TYPE_UNSPECIFIED + - HANA + - MAX_DB + - DB2 + - ORACLE + - SQLSERVER + - ASE + description: Required. Type of the database. HANA, DB2, etc. + databaseVersion: + type: string + description: >- + Optional. The version of the database software running in the + system. + id: SapDiscoveryComponentDatabaseProperties + description: A set of properties describing an SAP Database layer. + type: object + WriteInsightRequest: + id: WriteInsightRequest + properties: + requestId: + type: string + description: >- + Optional. An optional request ID to identify requests. Specify a + unique request ID so that if you must retry your request, the server + will know to ignore the request if it has already been completed. + The server will guarantee that for at least 60 minutes since the + first request. For example, consider a situation where you make an + initial request and the request times out. If you make the request + again with the same request ID, the server can check if original + operation with the same request ID was received, and if so, will + ignore the second request. This prevents clients from accidentally + creating duplicate commitments. The request ID must be a valid UUID + with the exception that zero UUID is not supported + (00000000-0000-0000-0000-000000000000). + agentVersion: + description: Optional. The agent version collected this data point. + type: string + insight: + description: Required. The metrics data details. + $ref: '#/components/schemas/Insight' + type: object + description: Request for sending the data insights. + Operation: + id: Operation + properties: + response: + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + description: >- + The normal, successful response of the operation. If the original + method returns no data on success, such as `Delete`, the response is + `google.protobuf.Empty`. If the original method is standard + `Get`/`Create`/`Update`, the response should be the resource. For + other methods, the response should have the type `XxxResponse`, + where `Xxx` is the original method name. For example, if the + original method name is `TakeSnapshot()`, the inferred response type + is `TakeSnapshotResponse`. + type: object + error: + description: >- + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' + name: + type: string + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + done: + description: >- + If the value is `false`, it means the operation is still in + progress. If `true`, the operation is completed, and either `error` + or `response` is available. + type: boolean + metadata: additionalProperties: - type: any description: Properties of the object. Contains field @type with type URL. - WriteInsightRequest: - id: WriteInsightRequest - description: Request for sending the data insights. - type: object - properties: - insight: - description: Required. The metrics data details. - $ref: '#/components/schemas/Insight' - requestId: + type: any description: >- - Optional. An optional request ID to identify requests. Specify a - unique request ID so that if you must retry your request, the server - will know to ignore the request if it has already been completed. - The server will guarantee that for at least 60 minutes since the - first request. For example, consider a situation where you make an - initial request and the request times out. If you make the request - again with the same request ID, the server can check if original - operation with the same request ID was received, and if so, will - ignore the second request. This prevents clients from accidentally - creating duplicate commitments. The request ID must be a valid UUID - with the exception that zero UUID is not supported - (00000000-0000-0000-0000-000000000000). - type: string - agentVersion: - description: Optional. The agent version collected this data point. - type: string - Insight: - id: Insight - description: A presentation of host resource usage where the workload runs. + Service-specific metadata associated with the operation. It + typically contains progress information and common metadata such as + create time. Some services might not provide such metadata. Any + method that returns a long-running operation should document the + metadata type, if any. + type: object type: object + description: >- + This resource represents a long-running operation that is the result of + a network API call. + Command: + description: '* Command specifies the type of command to execute.' properties: - sentTime: - description: Output only. [Output only] Create time stamp - readOnly: true - type: string - format: google-datetime - sapValidation: - description: The insights data for the SAP workload validation. - $ref: '#/components/schemas/SapValidation' - sapDiscovery: + agentCommand: + $ref: '#/components/schemas/AgentCommand' description: >- - The insights data for SAP system discovery. This is a copy of SAP - System proto and should get updated whenever that one changes. - $ref: '#/components/schemas/SapDiscovery' - sqlserverValidation: - description: The insights data for the sqlserver workload validation. - $ref: '#/components/schemas/SqlserverValidation' - torsoValidation: - description: The insights data for workload validation of torso workloads. - $ref: '#/components/schemas/TorsoValidation' - agentStatus: - description: The insights data for the agent status. - $ref: '#/components/schemas/AgentStatus' - instanceId: - description: Required. The instance id where the insight is generated from - type: string - SapValidation: - id: SapValidation - description: >- - A presentation of SAP workload insight. The schema of SAP workloads - validation related data. + AgentCommand specifies a one-time executable program for the agent + to run. + shellCommand: + description: ShellCommand is invoked via the agent's command line executor. + $ref: '#/components/schemas/ShellCommand' type: object + id: Command + SapDiscoveryWorkloadProperties: + id: SapDiscoveryWorkloadProperties properties: - validationDetails: - description: Optional. A list of SAP validation metrics data. + productVersions: + description: >- + Optional. List of SAP Products and their versions running on the + system. type: array items: - $ref: '#/components/schemas/SapValidationValidationDetail' - projectId: + $ref: '#/components/schemas/SapDiscoveryWorkloadPropertiesProductVersion' + softwareComponentVersions: + type: array description: >- - Required. The project_id of the cloud project that the Insight data - comes from. - type: string - zone: - description: Optional. The zone of the instance that the Insight data comes from. - type: string - SapValidationValidationDetail: - id: SapValidationValidationDetail - description: Message describing the SAP validation metrics. + Optional. A list of SAP software components and their versions + running on the system. + items: + $ref: >- + #/components/schemas/SapDiscoveryWorkloadPropertiesSoftwareComponentProperties type: object + description: A set of properties describing an SAP workload. + Rule: properties: - sapValidationType: - description: Optional. The SAP system that the validation data is from. - type: string - enumDescriptions: - - Unspecified type. - - >- - The SYSTEM validation type collects underlying system data from - the VM. - - >- - The COROSYNC validation type collects Corosync configuration and - runtime data. Corosync enables servers to interact as a HA - cluster. - - >- - The PACEMAKER validation type collects Pacemaker configuration - data. Pacemaker is a high-availability cluster resource manager. - - >- - The HANA validation type collects HANA configuration data. SAP - HANA is an in-memory, column-oriented, relational database - management system. - - >- - The NETWEAVER validation type collects NetWeaver configuration - data. SAP NetWeaver is a software stack for many of SAP SE's - applications. - - >- - The HANA_SECURITY validation type collects HANA configuration data - as it relates to SAP security best practices. - - >- - The CUSTOM validation type collects any customer-defined data that - does not fall into any of the other categories of validations. + ruleType: enum: - - SAP_VALIDATION_TYPE_UNSPECIFIED - - SYSTEM - - COROSYNC - - PACEMAKER - - HANA - - NETWEAVER - - HANA_SECURITY + - RULE_TYPE_UNSPECIFIED + - BASELINE - CUSTOM - details: - description: 'Optional. The pairs of metrics data: field name & field value.' - type: object - additionalProperties: - type: string - isPresent: - description: Optional. Was there a SAP system detected for this validation type. - type: boolean - SapDiscovery: - id: SapDiscovery - description: The schema of SAP system discovery data. - type: object - properties: - metadata: - description: Optional. The metadata for SAP system discovery data. - $ref: '#/components/schemas/SapDiscoveryMetadata' - databaseLayer: - description: Required. An SAP System must have a database. - $ref: '#/components/schemas/SapDiscoveryComponent' - applicationLayer: - description: Optional. An SAP system may run without an application layer. - $ref: '#/components/schemas/SapDiscoveryComponent' - systemId: - description: >- - Output only. A combination of database SID, database instance URI - and tenant DB name to make a unique identifier per-system. + description: The type of the rule. + enumDescriptions: + - Not specified. + - Baseline rules + - Custom rules + type: string + primaryCategory: + type: string + description: the primary category + revisionId: + type: string readOnly: true + description: Output only. the version of the rule + errorMessage: type: string - updateTime: - description: Required. Unix timestamp this system has been updated last. + description: the message template for rule + secondaryCategory: type: string - format: google-datetime - projectNumber: - description: Optional. The GCP project number that this SapSystem belongs to. + description: the secondary category + name: + description: rule name type: string - workloadProperties: - description: Optional. The properties of the workload. - $ref: '#/components/schemas/SapDiscoveryWorkloadProperties' - useDrReconciliation: - description: Optional. Whether to use DR reconciliation or not. - type: boolean + assetType: + type: string + description: >- + The CAI asset type of the rule is evaluating, for joined asset + types, it will be the corresponding primary asset types. + displayName: + type: string + description: the name display in UI + tags: + type: array + items: + type: string + description: List of user-defined tags + severity: + description: the severity of the rule + type: string + description: + type: string + description: descrite rule in plain language + remediation: + description: the remediation for the rule + type: string + uri: + type: string + description: the docuement url for the rule + type: object + description: Message represent a rule + id: Rule SapDiscoveryMetadata: - id: SapDiscoveryMetadata description: Message describing SAP discovery system metadata + id: SapDiscoveryMetadata type: object properties: definedSystem: description: Optional. Customer defined, something like "E-commerce pre prod" type: string - sapProduct: - description: Optional. This SAP product name - type: string environmentType: description: Optional. Should be "prod", "QA", "dev", "staging", etc. type: string @@ -996,709 +1105,729 @@ components: Optional. Customer region string for customer's use. Does not represent GCP region. type: string - SapDiscoveryComponent: - id: SapDiscoveryComponent - description: Message describing the system component. - type: object - properties: - resources: - description: Optional. The resources in a component. - type: array - items: - $ref: '#/components/schemas/SapDiscoveryResource' - applicationProperties: - description: Optional. The component is a SAP application. - $ref: '#/components/schemas/SapDiscoveryComponentApplicationProperties' - databaseProperties: - description: Optional. The component is a SAP database. - $ref: '#/components/schemas/SapDiscoveryComponentDatabaseProperties' - hostProject: - description: Required. Pantheon Project in which the resources reside. + sapProduct: type: string - sid: - description: >- - Optional. The SAP identifier, used by the SAP software and helps - differentiate systems for customers. + description: Optional. This SAP product name + ViolationDetails: + description: Message describing the violation in an evaluation result. + properties: + observed: + description: Details of the violation. TODO(b/452163887) + additionalProperties: + type: string + type: object + asset: + description: The name of the asset. type: string - topologyType: - description: Optional. The detected topology of the component. + serviceAccount: + description: The service account associated with the resource. type: string - enumDescriptions: - - Unspecified topology. - - A scale-up single node system. - - A scale-out multi-node system. - enum: - - TOPOLOGY_TYPE_UNSPECIFIED - - TOPOLOGY_SCALE_UP - - TOPOLOGY_SCALE_OUT - haHosts: - description: >- - Optional. A list of host URIs that are part of the HA configuration - if present. An empty list indicates the component is not configured - for HA. + id: ViolationDetails + type: object + SapInstanceProperties: + id: SapInstanceProperties + properties: + numbers: type: array + description: Optional. SAP Instance numbers. They are from '00' to '99'. items: type: string - replicationSites: - description: >- - Optional. A list of replication sites used in Disaster Recovery (DR) - configurations. - type: array - items: - $ref: '#/components/schemas/SapDiscoveryComponentReplicationSite' - region: - description: >- - Optional. The region this component's resources are primarily - located in. + agentStates: + $ref: '#/components/schemas/AgentStates' + description: Optional. Sap Instance Agent status. + type: object + description: SAP instance properties. + IAMPermission: + type: object + id: IAMPermission + properties: + granted: + description: Output only. Whether the permission is granted. + readOnly: true + type: boolean + name: + description: Output only. The name of the permission. type: string - SapDiscoveryResource: - id: SapDiscoveryResource - description: Message describing a resource. + readOnly: true + description: The IAM permission status. + Empty: + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + properties: {} + id: Empty + type: object + CancelOperationRequest: + id: CancelOperationRequest + type: object + description: The request message for Operations.CancelOperation. + properties: {} + ServiceStates: + id: ServiceStates type: object properties: - resourceType: - description: Required. The type of this resource. + iamPermissions: + type: array + readOnly: true + description: Optional. Output only. The IAM permissions for the service. + items: + $ref: '#/components/schemas/IAMPermission' + state: + readOnly: true type: string - enumDescriptions: - - Undefined resource type. - - This is a compute resource. - - This a storage resource. - - This is a network resource. enum: - - RESOURCE_TYPE_UNSPECIFIED - - RESOURCE_TYPE_COMPUTE - - RESOURCE_TYPE_STORAGE - - RESOURCE_TYPE_NETWORK - resourceKind: - description: Required. ComputeInstance, ComputeDisk, VPC, Bare Metal server, etc. - type: string + - STATE_UNSPECIFIED + - CONFIG_FAILURE + - IAM_FAILURE + - FUNCTIONALITY_FAILURE + - ENABLED + - DISABLED enumDescriptions: - - Unspecified resource kind. - - This is a compute instance. - - This is a compute disk. - - This is a compute address. - - This is a filestore instance. - - This is a compute health check. - - This is a compute forwarding rule. - - This is a compute backend service. - - This is a compute subnetwork. - - This is a compute network. - - This is a public accessible IP Address. - - This is a compute instance group. - enum: - - RESOURCE_KIND_UNSPECIFIED - - RESOURCE_KIND_INSTANCE - - RESOURCE_KIND_DISK - - RESOURCE_KIND_ADDRESS - - RESOURCE_KIND_FILESTORE - - RESOURCE_KIND_HEALTH_CHECK - - RESOURCE_KIND_FORWARDING_RULE - - RESOURCE_KIND_BACKEND_SERVICE - - RESOURCE_KIND_SUBNETWORK - - RESOURCE_KIND_NETWORK - - RESOURCE_KIND_PUBLIC_ADDRESS - - RESOURCE_KIND_INSTANCE_GROUP - resourceUri: - description: Required. URI of the resource, includes project, location, and name. - type: string - relatedResources: - description: Optional. A list of resource URIs related to this resource. - type: array - items: - type: string - updateTime: - description: >- - Required. Unix timestamp of when this resource last had its - discovery data updated. + - The state is unspecified. + - The state means the service has config errors. + - The state means the service has IAM permission errors. + - The state means the service has functionality errors. + - The state means the service has no error. + - The state means the service disabled. + description: Output only. The overall state of the service. + description: The state of the service. + BigQueryDestination: + properties: + destinationDataset: type: string - format: google-datetime - instanceProperties: - description: >- - Optional. A set of properties only applying to instance type - resources. - $ref: '#/components/schemas/SapDiscoveryResourceInstanceProperties' - SapDiscoveryResourceInstanceProperties: - id: SapDiscoveryResourceInstanceProperties - description: A set of properties only present for an instance type resource + description: Optional. destination dataset to save evaluation results + createNewResultsTable: + description: Optional. determine if results will be saved in a new table + type: boolean + type: object + description: Message describing big query destination + id: BigQueryDestination + InvalidRule: type: object + id: InvalidRule + description: Message represent an rule that failed to be validated. properties: - virtualHostname: - description: Optional. A virtual hostname of the instance if it has one. + valiadtionError: type: string - clusterInstances: - description: >- - Optional. A list of instance URIs that are part of a cluster with - this one. - type: array - items: - type: string - instanceNumber: - description: Optional. The VM's instance number. - deprecated: true + description: The error message of valdating rule formats. + displayName: + description: display name of the invalid rule type: string - format: int64 - instanceRole: - description: >- - Optional. Bitmask of instance role, a resource may have multiple - roles at once. + name: + description: name of the invalid rule + type: string + gcsUri: + description: cloud storage destination of the invalid rule type: string + AgentStatusIAMPermission: + properties: + granted: enumDescriptions: - - Unspecified instance role. - - Application central services. - - Enqueue replication server. - - Application server. - - Database node. - - >- - Combinations of roles. Application central services and enqueue - replication server. - - Application central services and application server. - - Application central services and database. - - Enqueue replication server and application server. - - Enqueue replication server and database. - - Application server and database. - - >- - Application central services, enqueue replication server and - application server. - - >- - Application central services, enqueue replication server and - database. - - Application central services, application server and database. - - Enqueue replication server, application server and database. + - The state is unspecified and has not been checked yet. + - The state is successful (enabled, granted, fully functional). + - The state is failed (disabled, denied, not fully functional). - >- - Application central services, enqueue replication server, - application server and database. + There was an internal error while checking the state, state is + unknown. + readOnly: true + type: string enum: - - INSTANCE_ROLE_UNSPECIFIED - - INSTANCE_ROLE_ASCS - - INSTANCE_ROLE_ERS - - INSTANCE_ROLE_APP_SERVER - - INSTANCE_ROLE_DATABASE - - INSTANCE_ROLE_ASCS_ERS - - INSTANCE_ROLE_ASCS_APP_SERVER - - INSTANCE_ROLE_ASCS_DATABASE - - INSTANCE_ROLE_ERS_APP_SERVER - - INSTANCE_ROLE_ERS_DATABASE - - INSTANCE_ROLE_APP_SERVER_DATABASE - - INSTANCE_ROLE_ASCS_ERS_APP_SERVER - - INSTANCE_ROLE_ASCS_ERS_DATABASE - - INSTANCE_ROLE_ASCS_APP_SERVER_DATABASE - - INSTANCE_ROLE_ERS_APP_SERVER_DATABASE - - INSTANCE_ROLE_ASCS_ERS_APP_SERVER_DATABASE - appInstances: - description: Optional. App server instances on the host + - UNSPECIFIED_STATE + - SUCCESS_STATE + - FAILURE_STATE + - ERROR_STATE + description: Output only. Whether the permission is granted. + name: + readOnly: true + description: Output only. The name of the permission. + type: string + id: AgentStatusIAMPermission + type: object + description: The IAM permission status. + ListRulesResponse: + description: Mesesage of response of list rules + type: object + id: ListRulesResponse + properties: + rules: + description: all rules in response type: array items: - $ref: >- - #/components/schemas/SapDiscoveryResourceInstancePropertiesAppInstance - isDrSite: - description: Optional. Instance is part of a DR site. - type: boolean - diskMounts: - description: Optional. Disk mounts on the instance. + $ref: '#/components/schemas/Rule' + invalidRulesWrapper: + $ref: '#/components/schemas/InvalidRulesWrapper' + description: A wrapper of the invalid rules that failed to be validated. + Status: + properties: + message: + type: string + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + code: + format: int32 + description: The status code, which should be an enum value of google.rpc.Code. + type: integer + details: type: array + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. items: - $ref: >- - #/components/schemas/SapDiscoveryResourceInstancePropertiesDiskMount - osKernelVersion: - description: Optional. The kernel version of the instance. - $ref: >- - #/components/schemas/SapDiscoveryResourceInstancePropertiesKernelVersion - SapDiscoveryResourceInstancePropertiesAppInstance: - id: SapDiscoveryResourceInstancePropertiesAppInstance - description: Fields to describe an SAP application server instance. + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + id: Status type: object + ShellCommand: properties: - name: - description: Optional. Instance name of the SAP application instance. + command: type: string - number: - description: Optional. Instance number of the SAP application instance. + description: command is the name of the command to be executed. + args: + description: args is a string of arguments to be passed to the command. type: string - SapDiscoveryResourceInstancePropertiesDiskMount: - id: SapDiscoveryResourceInstancePropertiesDiskMount - description: Disk mount on the instance. + timeoutSeconds: + format: int32 + description: Optional. If not specified, the default timeout is 60 seconds. + type: integer type: object + description: '* A ShellCommand is invoked via the agent''s command line executor' + id: ShellCommand + AgentStatusConfigValue: + id: AgentStatusConfigValue properties: name: - description: Optional. Name of the disk. + description: Output only. The name of the configuration value. type: string - mountPoint: - description: Optional. Filesystem mount point. + readOnly: true + isDefault: + readOnly: true + description: >- + Output only. Whether the configuration value is the default value or + overridden. + type: boolean + value: type: string - diskNames: - description: Optional. Names of the disks providing this mount point. + readOnly: true + description: Output only. The value of the configuration value. + type: object + description: The configuration value. + ListOperationsResponse: + properties: + operations: + description: >- + A list of operations that matches the specified filter in the + request. + type: array + items: + $ref: '#/components/schemas/Operation' + nextPageToken: + description: The standard List next-page token. + type: string + unreachable: type: array + description: >- + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. items: type: string - SapDiscoveryResourceInstancePropertiesKernelVersion: - id: SapDiscoveryResourceInstancePropertiesKernelVersion - description: KernelVersion encapsulates the kernel version data for the system. + description: The response message for Operations.ListOperations. + type: object + id: ListOperationsResponse + Product: + id: Product type: object properties: - rawString: - description: Optional. Raw string of the kernel version. + name: type: string - osKernel: + description: Optional. Name of the product. + version: + description: Optional. Version of the product. + type: string + description: Product contains the details of a product. + OpenShiftValidation: + properties: + validationDetails: + type: object description: >- - Optional. Captures the OS-specific kernel version, the portion of - the string up to the first dash. - $ref: >- - #/components/schemas/SapDiscoveryResourceInstancePropertiesKernelVersionVersion - distroKernel: + Required. The validation details of the OpenShift cluster in JSON + format. + additionalProperties: + type: any + description: Properties of the object. + clusterId: + type: string description: >- - Optional. Captures the distro-specific kernel version, the portion - of the string following the first dash. - $ref: >- - #/components/schemas/SapDiscoveryResourceInstancePropertiesKernelVersionVersion - SapDiscoveryResourceInstancePropertiesKernelVersionVersion: - id: SapDiscoveryResourceInstancePropertiesKernelVersionVersion - description: Version is reported as Major.Minor.Build.Patch. + Required. The OpenShift cluster ID (e.g. + 8371bb05-7cac-4d38-82c0-0f58c4f6f936). + description: >- + A presentation of OpenShift workload insight. The schema of OpenShift + workloads validation related data. + id: OpenShiftValidation type: object + AgentCommand: properties: - major: - description: Optional. The major version number. - type: integer - format: int32 - minor: - description: Optional. The minor version number. - type: integer - format: int32 - build: - description: Optional. The build version number. - type: integer - format: int32 - patch: - description: Optional. The patch version number. - type: integer - format: int32 - remainder: + parameters: + type: object + additionalProperties: + type: string description: >- - Optional. A catch-all for any unparsed version components. This is - in case the number of points in the version string exceeds the - expected count of 4. + parameters is a map of key/value pairs that can be used to specify + additional one-time executable settings. + command: + description: >- + command is the name of the agent one-time executable that will be + invoked. + type: string + id: AgentCommand + description: >- + * An AgentCommand specifies a one-time executable program for the agent + to run. + type: object + Insight: + type: object + id: Insight + properties: + sapDiscovery: + description: >- + The insights data for SAP system discovery. This is a copy of SAP + System proto and should get updated whenever that one changes. + $ref: '#/components/schemas/SapDiscovery' + torsoValidation: + $ref: '#/components/schemas/TorsoValidation' + description: The insights data for workload validation of torso workloads. + sapValidation: + $ref: '#/components/schemas/SapValidation' + description: The insights data for the SAP workload validation. + instanceId: + type: string + description: Optional. The instance id where the insight is generated from + sqlserverValidation: + description: The insights data for the sqlserver workload validation. + $ref: '#/components/schemas/SqlserverValidation' + sentTime: type: string + readOnly: true + format: google-datetime + description: Output only. [Output only] Create time stamp + openShiftValidation: + description: The insights data for the OpenShift workload validation. + $ref: '#/components/schemas/OpenShiftValidation' + agentStatus: + description: The insights data for the agent status. + $ref: '#/components/schemas/AgentStatus' + description: A presentation of host resource usage where the workload runs. SapDiscoveryComponentApplicationProperties: - id: SapDiscoveryComponentApplicationProperties description: A set of properties describing an SAP Application layer. type: object properties: + nfsUri: + description: >- + Optional. Resource URI of the recognized shared NFS of the + application. May be empty if the application server has only a + single node. + type: string + ascsUri: + description: >- + Optional. Resource URI of the recognized ASCS host of the + application. + type: string applicationType: - description: Required. Type of the application. Netweaver, etc. type: string enumDescriptions: - Unspecified application type - SAP Netweaver - SAP Netweaver ABAP - SAP Netweaver Java + description: Required. Type of the application. Netweaver, etc. enum: - APPLICATION_TYPE_UNSPECIFIED - NETWEAVER - NETWEAVER_ABAP - NETWEAVER_JAVA - ascsUri: - description: >- - Optional. Resource URI of the recognized ASCS host of the - application. - type: string - nfsUri: - description: >- - Optional. Resource URI of the recognized shared NFS of the - application. May be empty if the application server has only a - single node. - type: string - kernelVersion: - description: Optional. Kernel version for Netweaver running in the system. - type: string abap: description: >- Optional. Deprecated: ApplicationType now tells you whether this is ABAP or Java. deprecated: true type: boolean - appInstanceNumber: - description: Optional. Instance number of the SAP application instance. - type: string ascsInstanceNumber: description: Optional. Instance number of the ASCS instance. type: string + appInstanceNumber: + type: string + description: Optional. Instance number of the SAP application instance. ersInstanceNumber: description: Optional. Instance number of the ERS instance. type: string - SapDiscoveryComponentDatabaseProperties: - id: SapDiscoveryComponentDatabaseProperties - description: A set of properties describing an SAP Database layer. + kernelVersion: + description: Optional. Kernel version for Netweaver running in the system. + type: string + id: SapDiscoveryComponentApplicationProperties + AgentStates: + type: object + description: Agent status. + properties: + systemDiscovery: + $ref: '#/components/schemas/ServiceStates' + description: Optional. The System discovery metrics of the agent. + isFullyEnabled: + description: >- + Optional. Whether the agent is fully enabled. If false, the agent is + has some issues. + type: boolean + processMetrics: + description: Optional. The Process metrics of the agent. + $ref: '#/components/schemas/ServiceStates' + installedVersion: + description: Optional. The installed version of the agent on the host. + type: string + hanaMonitoring: + $ref: '#/components/schemas/ServiceStates' + description: Optional. HANA monitoring metrics of the agent. + availableVersion: + type: string + description: Optional. The available version of the agent in artifact registry. + id: AgentStates + AgentStatusServiceStatus: + description: The status of a service (process metrics, host metrics, etc.). type: object + id: AgentStatusServiceStatus properties: - databaseType: - description: Required. Type of the database. HANA, DB2, etc. - type: string - enumDescriptions: - - Unspecified database type. - - SAP HANA - - SAP MAX_DB - - IBM DB2 - - Oracle Database - - Microsoft SQL Server - - SAP Sybase ASE - enum: - - DATABASE_TYPE_UNSPECIFIED - - HANA - - MAX_DB - - DB2 - - ORACLE - - SQLSERVER - - ASE - primaryInstanceUri: - description: Required. URI of the recognized primary instance of the database. + name: type: string - sharedNfsUri: + readOnly: true + description: Output only. The name of the service. + fullyFunctional: description: >- - Optional. URI of the recognized shared NFS of the database. May be - empty if the database has only a single node. + Output only. Whether the service is fully functional (all checks + passed). + enumDescriptions: + - The state is unspecified and has not been checked yet. + - The state is successful (enabled, granted, fully functional). + - The state is failed (disabled, denied, not fully functional). + - >- + There was an internal error while checking the state, state is + unknown. type: string - databaseVersion: + readOnly: true + enum: + - UNSPECIFIED_STATE + - SUCCESS_STATE + - FAILURE_STATE + - ERROR_STATE + iamPermissions: + readOnly: true + items: + $ref: '#/components/schemas/AgentStatusIAMPermission' + type: array + description: Output only. The permissions required for the service. + unspecifiedStateMessage: description: >- - Optional. The version of the database software running in the - system. + Output only. The message to display when the service state is + unspecified. type: string - instanceNumber: - description: Optional. Instance number of the SAP instance. + readOnly: true + configValues: + items: + $ref: '#/components/schemas/AgentStatusConfigValue' + readOnly: true + type: array + description: Output only. The configuration values for the service. + state: + enum: + - UNSPECIFIED_STATE + - SUCCESS_STATE + - FAILURE_STATE + - ERROR_STATE + enumDescriptions: + - The state is unspecified and has not been checked yet. + - The state is successful (enabled, granted, fully functional). + - The state is failed (disabled, denied, not fully functional). + - >- + There was an internal error while checking the state, state is + unknown. type: string - databaseSid: - description: Optional. SID of the system database. + readOnly: true + description: >- + Output only. The state of the service (enabled or disabled in the + configuration). + errorMessage: + readOnly: true + description: >- + Output only. The error message for the service if it is not fully + functional. type: string - landscapeId: - description: Optional. Landscape ID from the HANA nameserver. + ListExecutionsResponse: + properties: + executions: + description: The list of Execution + items: + $ref: '#/components/schemas/Execution' + type: array + unreachable: + description: Locations that could not be reached. + type: array + items: + type: string + nextPageToken: + description: A token identifying a page of results the server should return. type: string - SapDiscoveryComponentReplicationSite: - id: SapDiscoveryComponentReplicationSite - description: A replication site used in Disaster Recovery (DR) configurations. + type: object + id: ListExecutionsResponse + description: Message for response to listing Executions + SapValidationValidationDetail: + id: SapValidationValidationDetail type: object properties: - sourceSite: - description: >- - Optional. The name of the source site from which this one - replicates. + isPresent: + description: Optional. Was there a SAP system detected for this validation type. + type: boolean + details: + description: 'Optional. The pairs of metrics data: field name & field value.' + type: object + additionalProperties: + type: string + sapValidationType: type: string - component: - description: Optional. The system component for the site. - $ref: '#/components/schemas/SapDiscoveryComponent' - SapDiscoveryWorkloadProperties: - id: SapDiscoveryWorkloadProperties - description: A set of properties describing an SAP workload. + enumDescriptions: + - Unspecified type. + - >- + The SYSTEM validation type collects underlying system data from + the VM. + - >- + The COROSYNC validation type collects Corosync configuration and + runtime data. Corosync enables servers to interact as a HA + cluster. + - >- + The PACEMAKER validation type collects Pacemaker configuration + data. Pacemaker is a high-availability cluster resource manager. + - >- + The HANA validation type collects HANA configuration data. SAP + HANA is an in-memory, column-oriented, relational database + management system. + - >- + The NETWEAVER validation type collects NetWeaver configuration + data. SAP NetWeaver is a software stack for many of SAP SE's + applications. + - >- + The HANA_SECURITY validation type collects HANA configuration data + as it relates to SAP security best practices. + - >- + The CUSTOM validation type collects any customer-defined data that + does not fall into any of the other categories of validations. + enum: + - SAP_VALIDATION_TYPE_UNSPECIFIED + - SYSTEM + - COROSYNC + - PACEMAKER + - HANA + - NETWEAVER + - HANA_SECURITY + - CUSTOM + description: Optional. The SAP system that the validation data is from. + description: Message describing the SAP validation metrics. + Execution: type: object + id: Execution + description: Message describing Execution object properties: - productVersions: + name: + type: string description: >- - Optional. List of SAP Products and their versions running on the - system. - type: array + The name of execution resource. The format is + projects/{project}/locations/{location}/evaluations/{evaluation}/executions/{execution} + ruleResults: + description: Output only. execution result summary per rule + readOnly: true items: - $ref: '#/components/schemas/SapDiscoveryWorkloadPropertiesProductVersion' - softwareComponentVersions: - description: >- - Optional. A list of SAP software components and their versions - running on the system. + $ref: '#/components/schemas/RuleExecutionResult' + type: array + engine: + type: string + enumDescriptions: + - The original CG + - SlimCG / Scanner + - Evaluation Engine V2 + enum: + - ENGINE_UNSPECIFIED + - ENGINE_SCANNER + - V2 + description: Optional. Engine + externalDataSources: type: array + description: Optional. External data sources items: - $ref: >- - #/components/schemas/SapDiscoveryWorkloadPropertiesSoftwareComponentProperties - SapDiscoveryWorkloadPropertiesProductVersion: - id: SapDiscoveryWorkloadPropertiesProductVersion - description: A product name and version. - type: object - properties: - name: - description: Optional. Name of the product. + $ref: '#/components/schemas/ExternalDataSources' + notices: + description: Output only. Additional information generated by the execution + items: + $ref: '#/components/schemas/Notice' + type: array + readOnly: true + evaluationId: + description: Output only. [Output only] Evaluation ID + type: string + readOnly: true + state: + type: string + description: Output only. [Output only] State + enumDescriptions: + - state of execution is unspecified + - the execution is running in backend service + - the execution run success + - the execution run failed + readOnly: true + enum: + - STATE_UNSPECIFIED + - RUNNING + - SUCCEEDED + - FAILED + endTime: + readOnly: true + type: string + format: google-datetime + description: Output only. [Output only] End time stamp + runType: + type: string + enum: + - TYPE_UNSPECIFIED + - ONE_TIME + - SCHEDULED + description: >- + type represent whether the execution executed directly by user or + scheduled according evaluation.schedule field. + enumDescriptions: + - type of execution is unspecified + - type of execution is one time + - type of execution is scheduled + inventoryTime: + format: google-datetime + readOnly: true + description: Output only. [Output only] Inventory time stamp type: string - version: - description: Optional. Version of the product. + startTime: + readOnly: true type: string - SapDiscoveryWorkloadPropertiesSoftwareComponentProperties: - id: SapDiscoveryWorkloadPropertiesSoftwareComponentProperties - description: A SAP software component name, version, and type. + format: google-datetime + description: Output only. [Output only] Start time stamp + resultSummary: + readOnly: true + $ref: '#/components/schemas/Summary' + description: Output only. [Output only] Result summary for the execution + labels: + description: Labels as key value pairs + additionalProperties: + type: string + type: object + SapDiscoveryResourceInstancePropertiesAppInstance: type: object + id: SapDiscoveryResourceInstancePropertiesAppInstance properties: name: - description: Optional. Name of the component. - type: string - version: - description: Optional. The component's major version. - type: string - extVersion: - description: Optional. The component's minor version. + description: Optional. Instance name of the SAP application instance. type: string - type: - description: Optional. The component's type. + number: + description: Optional. Instance number of the SAP application instance. type: string + description: Fields to describe an SAP application server instance. SqlserverValidation: - id: SqlserverValidation - description: >- - A presentation of SQLServer workload insight. The schema of SqlServer - workloads validation related data. - type: object properties: - agentVersion: - description: Optional. The agent version collected this data point - type: string validationDetails: - description: Optional. A list of SqlServer validation metrics data. - type: array items: $ref: '#/components/schemas/SqlserverValidationValidationDetail' + description: Optional. A list of SqlServer validation metrics data. + type: array projectId: description: >- Required. The project_id of the cloud project that the Insight data comes from. type: string instance: + type: string description: >- Required. The instance_name of the instance that the Insight data comes from. According to https://linter.aip.dev/122/name-suffix: field names should not use the _name suffix unless the field would be ambiguous without it. + agentVersion: + description: Optional. The agent version collected this data point type: string - SqlserverValidationValidationDetail: - id: SqlserverValidationValidationDetail - description: Message describing the Sqlserver validation metrics. + description: >- + A presentation of SQLServer workload insight. The schema of SqlServer + workloads validation related data. type: object + id: SqlserverValidation + ListScannedResourcesResponse: + id: ListScannedResourcesResponse + description: Message for response to list scanned resources properties: - type: - description: Optional. The Sqlserver system that the validation data is from. - type: string - enumDescriptions: - - Unspecified type. - - The Sqlserver system named OS. - - The LOG_DISK_SEPARATION table. - - The MAX_PARALLELISM table. - - The CXPACKET_WAITS table. - - The TRANSACTION_LOG_HANDLING table. - - The VIRTUAL_LOG_FILE_COUNT table. - - The BUFFER_POOL_EXTENSION table. - - The MAX_SERVER_MEMORY table. - - The INSTANCE_METRICS table. - - The DB_INDEX_FRAGMENTATION table. - - The DB_TABLE_INDEX_COMPRESSION table. - - The DB_BACKUP_POLICY table. - enum: - - SQLSERVER_VALIDATION_TYPE_UNSPECIFIED - - OS - - DB_LOG_DISK_SEPARATION - - DB_MAX_PARALLELISM - - DB_CXPACKET_WAITS - - DB_TRANSACTION_LOG_HANDLING - - DB_VIRTUAL_LOG_FILE_COUNT - - DB_BUFFER_POOL_EXTENSION - - DB_MAX_SERVER_MEMORY - - INSTANCE_METRICS - - DB_INDEX_FRAGMENTATION - - DB_TABLE_INDEX_COMPRESSION - - DB_BACKUP_POLICY - details: - description: >- - Required. Details wraps map that represents collected data names and - values. - type: array + scannedResources: items: - $ref: '#/components/schemas/SqlserverValidationDetails' - SqlserverValidationDetails: - id: SqlserverValidationDetails - description: Message containing collected data names and values. - type: object - properties: - fields: - description: Required. Collected data is in format. - type: object - additionalProperties: - type: string - TorsoValidation: - id: TorsoValidation - description: The schema of torso workload validation data. - type: object - properties: - workloadType: - description: Required. workload_type specifies the type of torso workload. - type: string - enumDescriptions: - - Unspecified workload type. - - MySQL workload. - - Oracle workload. - - Redis workload. - enum: - - WORKLOAD_TYPE_UNSPECIFIED - - MYSQL - - ORACLE - - REDIS - validationDetails: - description: >- - Required. validation_details contains the pairs of validation data: - field name & field value. - type: object - additionalProperties: - type: string - agentVersion: - description: >- - Required. agent_version lists the version of the agent that - collected this data. - type: string - projectId: - description: >- - Required. project_id lists the human readable cloud project that the - data comes from. + $ref: '#/components/schemas/ScannedResource' + description: All scanned resources in response + type: array + nextPageToken: type: string - instanceName: description: >- - Required. instance_name lists the human readable name of the - instance that the data comes from. - type: string - AgentStatus: - id: AgentStatus - description: The schema of agent status data. + A token, which can be sent as `page_token` to retrieve the next + page. If this field is omitted, there are no subsequent pages. + type: object + SapDiscoveryWorkloadPropertiesSoftwareComponentProperties: type: object + description: A SAP software component name, version, and type. + id: SapDiscoveryWorkloadPropertiesSoftwareComponentProperties properties: - installedVersion: - description: Output only. The installed version of the agent on the host. - readOnly: true - type: string - availableVersion: - description: >- - Output only. The available version of the agent in artifact - registry. - readOnly: true - type: string - systemdServiceEnabled: - description: Output only. Whether the agent service is enabled in systemd. - readOnly: true - type: string - enumDescriptions: - - The state is unspecified and has not been checked yet. - - The state is successful (enabled, granted, fully functional). - - The state is failed (disabled, denied, not fully functional). - - >- - There was an internal error while checking the state, state is - unknown. - enum: - - UNSPECIFIED_STATE - - SUCCESS_STATE - - FAILURE_STATE - - ERROR_STATE - systemdServiceRunning: - description: Output only. Whether the agent service is running in systemd. - readOnly: true - type: string - enumDescriptions: - - The state is unspecified and has not been checked yet. - - The state is successful (enabled, granted, fully functional). - - The state is failed (disabled, denied, not fully functional). - - >- - There was an internal error while checking the state, state is - unknown. - enum: - - UNSPECIFIED_STATE - - SUCCESS_STATE - - FAILURE_STATE - - ERROR_STATE - configurationFilePath: - description: Output only. The path to the agent configuration file. - readOnly: true - type: string - configurationValid: - description: Output only. Whether the agent configuration is valid. - readOnly: true + name: + description: Optional. Name of the component. type: string - enumDescriptions: - - The state is unspecified and has not been checked yet. - - The state is successful (enabled, granted, fully functional). - - The state is failed (disabled, denied, not fully functional). - - >- - There was an internal error while checking the state, state is - unknown. - enum: - - UNSPECIFIED_STATE - - SUCCESS_STATE - - FAILURE_STATE - - ERROR_STATE - configurationErrorMessage: - description: >- - Output only. The error message for the agent configuration if - invalid. - readOnly: true + extVersion: type: string - services: - description: Output only. The services (process metrics, host metrics, etc.). - readOnly: true - type: array - items: - $ref: '#/components/schemas/AgentStatusServiceStatus' - references: - description: Output only. Optional references to public documentation. - readOnly: true - type: array - items: - $ref: '#/components/schemas/AgentStatusReference' - agentName: - description: Output only. The name of the agent. - readOnly: true + description: Optional. The component's minor version. + version: type: string - cloudApiAccessFullScopesGranted: - description: Output only. Whether the agent has full access to Cloud APIs. - readOnly: true + description: Optional. The component's major version. + type: + type: string + description: Optional. The component's type. + AgentStatus: + description: The schema of agent status data. + type: object + id: AgentStatus + properties: + installedVersion: + description: Output only. The installed version of the agent on the host. type: string - enumDescriptions: - - The state is unspecified and has not been checked yet. - - The state is successful (enabled, granted, fully functional). - - The state is failed (disabled, denied, not fully functional). - - >- - There was an internal error while checking the state, state is - unknown. - enum: - - UNSPECIFIED_STATE - - SUCCESS_STATE - - FAILURE_STATE - - ERROR_STATE - kernelVersion: - description: Output only. The kernel version of the system. readOnly: true - $ref: >- - #/components/schemas/SapDiscoveryResourceInstancePropertiesKernelVersion instanceUri: + readOnly: true description: >- Output only. The URI of the instance. Format: projects//zones//instances/ - readOnly: true - type: string - AgentStatusServiceStatus: - id: AgentStatusServiceStatus - description: The status of a service (process metrics, host metrics, etc.). - type: object - properties: - name: - description: Output only. The name of the service. - readOnly: true type: string - state: - description: >- - Output only. The state of the service (enabled or disabled in the - configuration). + configurationValid: readOnly: true - type: string - enumDescriptions: - - The state is unspecified and has not been checked yet. - - The state is successful (enabled, granted, fully functional). - - The state is failed (disabled, denied, not fully functional). - - >- - There was an internal error while checking the state, state is - unknown. + description: Output only. Whether the agent configuration is valid. enum: - UNSPECIFIED_STATE - SUCCESS_STATE - FAILURE_STATE - ERROR_STATE - fullyFunctional: - description: >- - Output only. Whether the service is fully functional (all checks - passed). - readOnly: true type: string enumDescriptions: - The state is unspecified and has not been checked yet. @@ -1707,48 +1836,19 @@ components: - >- There was an internal error while checking the state, state is unknown. + configurationFilePath: + type: string + readOnly: true + description: Output only. The path to the agent configuration file. + cloudApiAccessFullScopesGranted: + readOnly: true + type: string + description: Output only. Whether the agent has full access to Cloud APIs. enum: - UNSPECIFIED_STATE - SUCCESS_STATE - FAILURE_STATE - ERROR_STATE - errorMessage: - description: >- - Output only. The error message for the service if it is not fully - functional. - readOnly: true - type: string - iamPermissions: - description: Output only. The permissions required for the service. - readOnly: true - type: array - items: - $ref: '#/components/schemas/AgentStatusIAMPermission' - configValues: - description: Output only. The configuration values for the service. - readOnly: true - type: array - items: - $ref: '#/components/schemas/AgentStatusConfigValue' - unspecifiedStateMessage: - description: >- - Output only. The message to display when the service state is - unspecified. - readOnly: true - type: string - AgentStatusIAMPermission: - id: AgentStatusIAMPermission - description: The IAM permission status. - type: object - properties: - name: - description: Output only. The name of the permission. - readOnly: true - type: string - granted: - description: Output only. Whether the permission is granted. - readOnly: true - type: string enumDescriptions: - The state is unspecified and has not been checked yet. - The state is successful (enabled, granted, fully functional). @@ -1756,214 +1856,101 @@ components: - >- There was an internal error while checking the state, state is unknown. - enum: - - UNSPECIFIED_STATE - - SUCCESS_STATE - - FAILURE_STATE - - ERROR_STATE - AgentStatusConfigValue: - id: AgentStatusConfigValue - description: The configuration value. - type: object - properties: - name: - description: Output only. The name of the configuration value. - readOnly: true - type: string - value: - description: Output only. The value of the configuration value. - readOnly: true - type: string - isDefault: - description: >- - Output only. Whether the configuration value is the default value or - overridden. - readOnly: true - type: boolean - AgentStatusReference: - id: AgentStatusReference - description: The reference to public documentation. - type: object - properties: - name: - description: Output only. The name of the reference. - readOnly: true - type: string - url: - description: Output only. The URL of the reference. - readOnly: true - type: string - WriteInsightResponse: - id: WriteInsightResponse - description: The response for write insights request. - type: object - properties: {} - ListDiscoveredProfilesResponse: - id: ListDiscoveredProfilesResponse - description: List discovered profile Response returns discovered profiles from agents - type: object - properties: - workloadProfiles: - description: Output only. The list of workload profiles + kernelVersion: + $ref: >- + #/components/schemas/SapDiscoveryResourceInstancePropertiesKernelVersion + description: Output only. The kernel version of the system. readOnly: true - type: array - items: - $ref: '#/components/schemas/WorkloadProfile' - unreachable: - description: Locations that could not be reached. - type: array - items: - type: string - nextPageToken: - description: >- - Output only. A token identifying a page of results the server should - return + availableVersion: readOnly: true type: string - WorkloadProfile: - id: WorkloadProfile - description: workload resource - type: object - properties: - name: - description: >- - Identifier. name of resource names have the form - 'projects/{project_id}/locations/{location}/workloadProfiles/{workload_id}' - type: string - labels: description: >- - Optional. such as name, description, version. More example can be - found in deployment - type: object - additionalProperties: - type: string - refreshedTime: - description: Required. time when the workload data was refreshed - type: string - format: google-datetime - workloadType: - description: Required. The type of the workload - type: string - enumDescriptions: - - unspecified workload type - - running sap workload s4/hana - enum: - - WORKLOAD_TYPE_UNSPECIFIED - - S4_HANA - sapWorkload: - description: The sap workload content - $ref: '#/components/schemas/SapWorkload' - SapWorkload: - id: SapWorkload - description: The body of sap workload - type: object - properties: - metadata: - description: Output only. The metadata for SAP workload. - readOnly: true - type: object - additionalProperties: - type: string - database: - description: Output only. the database componment - readOnly: true - $ref: '#/components/schemas/SapComponent' - application: - description: Output only. the acsc componment - readOnly: true - $ref: '#/components/schemas/SapComponent' - products: - description: Output only. the products on this workload. - readOnly: true - type: array - items: - $ref: '#/components/schemas/Product' - architecture: - description: Output only. the architecture - readOnly: true - type: string - enumDescriptions: - - Unspecified architecture. - - Invaliad architecture. - - A centralized system. - - A distributed system. - - A distributed with HA system. - - A standalone database system. - - A standalone database with HA system. - enum: - - ARCHITECTURE_UNSPECIFIED - - INVALID - - CENTRALIZED - - DISTRIBUTED - - DISTRIBUTED_HA - - STANDALONE_DATABASE - - STANDALONE_DATABASE_HA - SapComponent: - id: SapComponent - description: The component of sap workload - type: object - properties: - sid: - description: Output only. sid is the sap component identificator + Output only. The available version of the agent in artifact + registry. + agentName: + type: string + description: Output only. The name of the agent. + readOnly: true + systemdServiceRunning: readOnly: true + enum: + - UNSPECIFIED_STATE + - SUCCESS_STATE + - FAILURE_STATE + - ERROR_STATE + description: Output only. Whether the agent service is running in systemd. type: string - resources: - description: Output only. resources in the component + enumDescriptions: + - The state is unspecified and has not been checked yet. + - The state is successful (enabled, granted, fully functional). + - The state is failed (disabled, denied, not fully functional). + - >- + There was an internal error while checking the state, state is + unknown. + services: readOnly: true + items: + $ref: '#/components/schemas/AgentStatusServiceStatus' + description: Output only. The services (process metrics, host metrics, etc.). type: array + references: items: - $ref: '#/components/schemas/CloudResource' - topologyType: - description: The detected topology of the component. + $ref: '#/components/schemas/AgentStatusReference' + readOnly: true + description: Output only. Optional references to public documentation. + type: array + systemdServiceEnabled: type: string - enumDescriptions: - - Unspecified topology. - - A scale-up single node system. - - A scale-out multi-node system. + readOnly: true enum: - - TOPOLOGY_TYPE_UNSPECIFIED - - TOPOLOGY_SCALE_UP - - TOPOLOGY_SCALE_OUT - haHosts: - description: >- - A list of host URIs that are part of the HA configuration if - present. An empty list indicates the component is not configured for - HA. - type: array - items: - type: string - databaseProperties: - description: Output only. All instance properties. + - UNSPECIFIED_STATE + - SUCCESS_STATE + - FAILURE_STATE + - ERROR_STATE + enumDescriptions: + - The state is unspecified and has not been checked yet. + - The state is successful (enabled, granted, fully functional). + - The state is failed (disabled, denied, not fully functional). + - >- + There was an internal error while checking the state, state is + unknown. + description: Output only. Whether the agent service is enabled in systemd. + configurationErrorMessage: readOnly: true - $ref: '#/components/schemas/DatabaseProperties' - CloudResource: - id: CloudResource - description: The resource on GCP + type: string + description: >- + Output only. The error message for the agent configuration if + invalid. + SapDiscoveryResource: type: object + description: Message describing a resource. + id: SapDiscoveryResource properties: - name: - description: Output only. resource name - readOnly: true + resourceType: + enumDescriptions: + - Undefined resource type. + - This is a compute resource. + - This a storage resource. + - This is a network resource. + enum: + - RESOURCE_TYPE_UNSPECIFIED + - RESOURCE_TYPE_COMPUTE + - RESOURCE_TYPE_STORAGE + - RESOURCE_TYPE_NETWORK type: string - kind: + description: Required. The type of this resource. + resourceUri: + type: string + description: Required. URI of the resource, includes project, location, and name. + updateTime: description: >- - Output only. ComputeInstance, ComputeDisk, VPC, Bare Metal server, - etc. - readOnly: true + Required. Unix timestamp of when this resource last had its + discovery data updated. + format: google-datetime type: string - enumDescriptions: - - Unspecified resource kind. - - This is a compute instance. - - This is a compute disk. - - This is a compute address. - - This is a filestore instance. - - This is a compute health check. - - This is a compute forwarding rule. - - This is a compute backend service. - - This is a compute subnetwork. - - This is a compute network. - - This is a public accessible IP Address. - - This is a compute instance group. + resourceKind: + type: string + description: Required. ComputeInstance, ComputeDisk, VPC, Bare Metal server, etc. enum: - RESOURCE_KIND_UNSPECIFIED - RESOURCE_KIND_INSTANCE @@ -1977,272 +1964,350 @@ components: - RESOURCE_KIND_NETWORK - RESOURCE_KIND_PUBLIC_ADDRESS - RESOURCE_KIND_INSTANCE_GROUP + enumDescriptions: + - Unspecified resource kind. + - This is a compute instance. + - This is a compute disk. + - This is a compute address. + - This is a filestore instance. + - This is a compute health check. + - This is a compute forwarding rule. + - This is a compute backend service. + - This is a compute subnetwork. + - This is a compute network. + - This is a public accessible IP Address. + - This is a compute instance group. + relatedResources: + items: + type: string + description: Optional. A list of resource URIs related to this resource. + type: array instanceProperties: - description: Output only. All instance properties. + description: >- + Optional. A set of properties only applying to instance type + resources. + $ref: '#/components/schemas/SapDiscoveryResourceInstanceProperties' + Notice: + description: Message for additional information generated by the execution + properties: + message: + type: string + description: Output only. Message of the notice readOnly: true - $ref: '#/components/schemas/InstanceProperties' - InstanceProperties: - id: InstanceProperties - description: Instance Properties. type: object + id: Notice + SapDiscoveryComponentReplicationSite: + type: object + description: A replication site used in Disaster Recovery (DR) configurations. properties: - status: - description: Optional. Instance status. + component: + $ref: '#/components/schemas/SapDiscoveryComponent' + description: Optional. The system component for the site. + sourceSite: + description: >- + Optional. The name of the source site from which this one + replicates. type: string - machineType: - description: Optional. Instance machine type. + id: SapDiscoveryComponentReplicationSite + ExecutionResult: + description: Message describing the result of an execution + id: ExecutionResult + properties: + documentationUrl: + description: The URL for the documentation of the rule. type: string - instanceNumber: - description: Optional. Instance number. + violationDetails: + $ref: '#/components/schemas/ViolationDetails' + description: The details of violation in an evaluation result. + violationMessage: + description: The violation message of an execution. type: string - upcomingMaintenanceEvent: - description: Optional. the next maintenance event on VM - $ref: '#/components/schemas/UpcomingMaintenanceEvent' - sapInstanceProperties: - description: Optional. SAP Instance properties. - $ref: '#/components/schemas/SapInstanceProperties' - roles: - description: Optional. Instance roles. + commands: type: array + items: + $ref: '#/components/schemas/Command' + description: The commands to remediate the violation. + severity: + type: string + description: The severity of violation. + resource: + description: The resource that violates the rule. + $ref: '#/components/schemas/Resource' + rule: + description: The rule that is violated in an evaluation. + type: string + type: + enumDescriptions: + - Unknown state + - resource successfully passed the rule + - resource violated the rule + type: string + enum: + - TYPE_UNSPECIFIED + - TYPE_PASSED + - TYPE_VIOLATED + description: Execution result type of the scanned resource + type: object + ResourceStatus: + id: ResourceStatus + description: Message describing resource status + properties: + rulesNewerVersions: + deprecated: true + description: >- + Historical: Used before 2023-05-22 the new version of rule id if + exists items: type: string - enumDescriptions: - - Unspecified role. - - ASCS role. - - ERS role. - - APP server. - - HANA primary role. - - HANA secondary role. - enum: - - INSTANCE_ROLE_UNSPECIFIED - - INSTANCE_ROLE_ASCS - - INSTANCE_ROLE_ERS - - INSTANCE_ROLE_APP_SERVER - - INSTANCE_ROLE_HANA_PRIMARY - - INSTANCE_ROLE_HANA_SECONDARY - UpcomingMaintenanceEvent: - id: UpcomingMaintenanceEvent - description: Maintenance Event + type: array + state: + enum: + - STATE_UNSPECIFIED + - CREATING + - ACTIVE + - DELETING + type: string + description: State of the resource + enumDescriptions: + - The state has not been populated in this message. + - Resource has an active Create operation. + - >- + Resource has no outstanding operations on it or has active Update + operations. + - Resource has an active Delete operation. + type: object + Evaluation: + description: Message describing Evaluation object type: object + id: Evaluation properties: - startTime: - description: Optional. Start time - type: string - format: google-datetime - endTime: - description: Optional. End time + updateTime: + readOnly: true type: string format: google-datetime - maintenanceStatus: - description: Optional. Maintenance status - type: string - type: - description: Optional. Type + description: Output only. [Output only] Update time stamp + kmsKey: + description: >- + Optional. Immutable. Customer-managed encryption key name, in the + format projects/*/locations/*/keyRings/*/cryptoKeys/*. type: string - onHostMaintenance: + schedule: description: >- - Optional. Instance maintenance behavior. Could be "MIGRATE" or - "TERMINATE". + crontab format schedule for scheduled evaluation, currently only + support the following schedule: "0 */1 * * *", "0 */6 * * *", "0 + */12 * * *", "0 0 */1 * *", "0 0 */7 * *", type: string - SapInstanceProperties: - id: SapInstanceProperties - description: SAP instance properties. - type: object - properties: - numbers: - description: Optional. SAP Instance numbers. They are from '00' to '99'. + ruleVersions: type: array + description: Output only. [Output only] The updated rule ids if exist. items: type: string - agentStates: - description: Optional. Sap Instance Agent status. - $ref: '#/components/schemas/AgentStates' - AgentStates: - id: AgentStates - description: Agent status. - type: object - properties: - installedVersion: - description: Optional. The installed version of the agent on the host. + readOnly: true + ruleNames: + items: + type: string + type: array + description: the name of the rule + resourceFilter: + $ref: '#/components/schemas/ResourceFilter' + description: annotations as key value pairs + labels: + type: object + additionalProperties: + type: string + description: Labels as key value pairs + bigQueryDestination: + $ref: '#/components/schemas/BigQueryDestination' + description: Optional. BigQuery destination + resourceStatus: + $ref: '#/components/schemas/ResourceStatus' + readOnly: true + description: Output only. [Output only] The updated rule ids if exist. + description: + description: Description of the Evaluation type: string - availableVersion: - description: Optional. The available version of the agent in artifact registry. + name: type: string - isFullyEnabled: description: >- - Optional. Whether the agent is fully enabled. If false, the agent is - has some issues. - type: boolean - processMetrics: - description: Optional. The Process metrics of the agent. - $ref: '#/components/schemas/ServiceStates' - systemDiscovery: - description: Optional. The System discovery metrics of the agent. - $ref: '#/components/schemas/ServiceStates' - hanaMonitoring: - description: Optional. HANA monitoring metrics of the agent. - $ref: '#/components/schemas/ServiceStates' - ServiceStates: - id: ServiceStates - description: The state of the service. - type: object - properties: - state: - description: Output only. The overall state of the service. - readOnly: true + name of resource names have the form + 'projects/{project_id}/locations/{location_id}/evaluations/{evaluation_id}' + customRulesBucket: + type: string + description: The Cloud Storage bucket name for custom rules. + evaluationType: type: string enumDescriptions: - - The state is unspecified. - - The state means the service has config errors. - - The state means the service has IAM permission errors. - - The state means the service has functionality errors. - - The state means the service has no error. - - The state means the service disabled. + - Not specified + - SAP best practices + - SQL best practices + - Customized best practices + - SCC IaC (Infra as Code) best practices. enum: - - STATE_UNSPECIFIED - - CONFIG_FAILURE - - IAM_FAILURE - - FUNCTIONALITY_FAILURE - - ENABLED - - DISABLED - iamPermissions: - description: Optional. Output only. The IAM permissions for the service. + - EVALUATION_TYPE_UNSPECIFIED + - SAP + - SQL_SERVER + - OTHER + - SCC_IAC + description: Evaluation type + enumDeprecated: + - false + - false + - false + - false + - true + createTime: readOnly: true - type: array - items: - $ref: '#/components/schemas/IAMPermission' - IAMPermission: - id: IAMPermission - description: The IAM permission status. + type: string + description: Output only. [Output only] Create time stamp + format: google-datetime + SapDiscoveryWorkloadPropertiesProductVersion: + description: A product name and version. type: object properties: name: - description: Output only. The name of the permission. - readOnly: true type: string - granted: - description: Output only. Whether the permission is granted. - readOnly: true - type: boolean - DatabaseProperties: - id: DatabaseProperties - description: Database Properties. - type: object + description: Optional. Name of the product. + version: + description: Optional. Version of the product. + type: string + id: SapDiscoveryWorkloadPropertiesProductVersion + WorkloadProfile: + id: WorkloadProfile properties: - backupProperties: - description: Output only. Backup properties. - readOnly: true - $ref: '#/components/schemas/BackupProperties' - databaseType: - description: Output only. Type of the database. HANA, DB2, etc. - readOnly: true + labels: + additionalProperties: + type: string + description: >- + Optional. such as name, description, version. More example can be + found in deployment + type: object + workloadType: + description: Required. The type of the workload type: string enumDescriptions: - - unspecified - - SAP HANA - - SAP MAX_DB - - IBM DB2 - - Oracle Database - - Microsoft SQL Server - - SAP Sybase ASE + - unspecified workload type + - running sap workload s4/hana enum: - - DATABASE_TYPE_UNSPECIFIED - - HANA - - MAX_DB - - DB2 - - ORACLE - - SQLSERVER - - ASE - BackupProperties: - id: BackupProperties - description: Backup properties. - type: object - properties: - latestBackupTime: - description: The time when the latest backup was performed. + - WORKLOAD_TYPE_UNSPECIFIED + - S4_HANA + refreshedTime: type: string + description: Required. time when the workload data was refreshed format: google-datetime - latestBackupStatus: - description: Output only. The state of the latest backup. - readOnly: true + name: + description: >- + Identifier. name of resource names have the form + 'projects/{project_id}/locations/{location}/workloadProfiles/{workload_id}' type: string - enumDescriptions: - - unspecified - - SUCCESS state - - FAILURE state - enum: - - BACKUP_STATE_UNSPECIFIED - - BACKUP_STATE_SUCCESS - - BACKUP_STATE_FAILURE - Product: - id: Product - description: Product contains the details of a product. + sapWorkload: + description: The sap workload content + $ref: '#/components/schemas/SapWorkload' + description: workload resource + type: object + InstanceProperties: + id: InstanceProperties type: object properties: - name: - description: Optional. Name of the product. + upcomingMaintenanceEvent: + description: Optional. the next maintenance event on VM + $ref: '#/components/schemas/UpcomingMaintenanceEvent' + sapInstanceProperties: + $ref: '#/components/schemas/SapInstanceProperties' + description: Optional. SAP Instance properties. + instanceNumber: + description: Optional. Instance number. type: string - version: - description: Optional. Version of the product. + machineType: + description: Optional. Instance machine type. + type: string + roles: + description: Optional. Instance roles. + type: array + items: + type: string + enum: + - INSTANCE_ROLE_UNSPECIFIED + - INSTANCE_ROLE_ASCS + - INSTANCE_ROLE_ERS + - INSTANCE_ROLE_APP_SERVER + - INSTANCE_ROLE_HANA_PRIMARY + - INSTANCE_ROLE_HANA_SECONDARY + enumDescriptions: + - Unspecified role. + - ASCS role. + - ERS role. + - APP server. + - HANA primary role. + - HANA secondary role. + status: type: string - OperationMetadata: - id: OperationMetadata - description: Represents the metadata of the long-running operation. + description: Optional. Instance status. + description: Instance Properties. + ListLocationsResponse: + id: ListLocationsResponse type: object properties: - createTime: - description: Output only. The time the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. The time the operation finished running. - readOnly: true + nextPageToken: type: string - format: google-datetime - target: + description: The standard List next-page token. + locations: + items: + $ref: '#/components/schemas/Location' + type: array description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true - type: string - requestedCancellation: + A list of locations that matches the specified filter in the + request. + description: The response message for Locations.ListLocations. + SqlserverValidationValidationDetail: + properties: + details: + type: array + items: + $ref: '#/components/schemas/SqlserverValidationDetails' description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. Operations that have been cancelled successfully - have Operation.error value with a google.rpc.Status.code of 1, - corresponding to `Code.CANCELLED`. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true + Required. Details wraps map that represents collected data names and + values. + type: + enumDescriptions: + - Unspecified type. + - The Sqlserver system named OS. + - The LOG_DISK_SEPARATION table. + - The MAX_PARALLELISM table. + - The CXPACKET_WAITS table. + - The TRANSACTION_LOG_HANDLING table. + - The VIRTUAL_LOG_FILE_COUNT table. + - The BUFFER_POOL_EXTENSION table. + - The MAX_SERVER_MEMORY table. + - The INSTANCE_METRICS table. + - The DB_INDEX_FRAGMENTATION table. + - The DB_TABLE_INDEX_COMPRESSION table. + - The DB_BACKUP_POLICY table. type: string + description: Optional. The Sqlserver system that the validation data is from. + enum: + - SQLSERVER_VALIDATION_TYPE_UNSPECIFIED + - OS + - DB_LOG_DISK_SEPARATION + - DB_MAX_PARALLELISM + - DB_CXPACKET_WAITS + - DB_TRANSACTION_LOG_HANDLING + - DB_VIRTUAL_LOG_FILE_COUNT + - DB_BUFFER_POOL_EXTENSION + - DB_MAX_SERVER_MEMORY + - INSTANCE_METRICS + - DB_INDEX_FRAGMENTATION + - DB_TABLE_INDEX_COMPRESSION + - DB_BACKUP_POLICY + id: SqlserverValidationValidationDetail + type: object + description: Message describing the Sqlserver validation metrics. parameters: - access_token: - description: OAuth access token. - in: query - name: access_token - schema: - type: string - alt: - description: Data format for response. + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). in: query - name: alt + name: uploadType schema: type: string - enum: - - json - - media - - proto callback: description: JSONP in: query @@ -2255,19 +2320,13 @@ components: name: fields schema: type: string - key: + quotaUser: description: >- - API key. Your API key identifies your project and provides you with API - access, quota, and reports. Required unless you provide an OAuth 2.0 - token. - in: query - name: key - schema: - type: string - oauth_token: - description: OAuth 2.0 token for the current user. + Available to use for quota purposes for server-side applications. Can be + any arbitrary string assigned to a user, but should not exceed 40 + characters. in: query - name: oauth_token + name: quotaUser schema: type: string prettyPrint: @@ -2276,25 +2335,32 @@ components: name: prettyPrint schema: type: boolean - quotaUser: - description: >- - Available to use for quota purposes for server-side applications. Can be - any arbitrary string assigned to a user, but should not exceed 40 - characters. + alt: + description: Data format for response. in: query - name: quotaUser + name: alt schema: type: string + enum: + - json + - media + - proto upload_protocol: description: Upload protocol for media (e.g. "raw", "multipart"). in: query name: upload_protocol schema: type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + oauth_token: + description: OAuth 2.0 token for the current user. in: query - name: uploadType + name: oauth_token + schema: + type: string + access_token: + description: OAuth access token. + in: query + name: access_token schema: type: string _.xgafv: @@ -2306,6 +2372,15 @@ components: enum: - '1' - '2' + key: + description: >- + API key. Your API key identifies your project and provides you with API + access, quota, and reports. Required unless you provide an OAuth 2.0 + token. + in: query + name: key + schema: + type: string x-stackQL-resources: locations: id: google.workloadmanager.locations @@ -2338,28 +2413,28 @@ components: name: operations title: Operations methods: - list: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.operations - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete response: mediaType: application/json openAPIDocKey: '200' - delete: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.operations cancel: operation: $ref: >- @@ -2381,21 +2456,21 @@ components: name: evaluations title: Evaluations methods: - list: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluations/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluations/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.evaluations - create: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluations/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.evaluations get: operation: $ref: >- @@ -2410,115 +2485,142 @@ components: response: mediaType: application/json openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluations~1{evaluationsId}/patch + response: + mediaType: application/json + openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/evaluations/methods/get' - $ref: '#/components/x-stackQL-resources/evaluations/methods/list' insert: - $ref: '#/components/x-stackQL-resources/evaluations/methods/create' - update: [] + update: + - $ref: '#/components/x-stackQL-resources/evaluations/methods/patch' replace: [] delete: - $ref: '#/components/x-stackQL-resources/evaluations/methods/delete' - executions: - id: google.workloadmanager.executions - name: executions - title: Executions + results: + id: google.workloadmanager.results + name: results + title: Results methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluations~1{evaluationsId}~1executions/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluations~1{evaluationsId}~1executions~1{executionsId}~1results/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.executions - get: + objectKey: $.executionResults + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/results/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + scanned_resources: + id: google.workloadmanager.scanned_resources + name: scanned_resources + title: Scanned_resources + methods: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluations~1{evaluationsId}~1executions~1{executionsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluations~1{evaluationsId}~1executions~1{executionsId}~1scannedResources/get response: mediaType: application/json openAPIDocKey: '200' - delete: + objectKey: $.scannedResources + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/scanned_resources/methods/list' + insert: [] + update: [] + replace: [] + delete: [] + executions: + id: google.workloadmanager.executions + name: executions + title: Executions + methods: + list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluations~1{evaluationsId}~1executions~1{executionsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluations~1{evaluationsId}~1executions/get response: mediaType: application/json openAPIDocKey: '200' - run: + objectKey: $.executions + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluations~1{evaluationsId}~1executions:run/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluations~1{evaluationsId}~1executions~1{executionsId}/get response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/executions/methods/get' - - $ref: '#/components/x-stackQL-resources/executions/methods/list' - insert: [] - update: [] - replace: [] delete: - - $ref: '#/components/x-stackQL-resources/executions/methods/delete' - results: - id: google.workloadmanager.results - name: results - title: Results - methods: - list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluations~1{evaluationsId}~1executions~1{executionsId}~1results/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluations~1{evaluationsId}~1executions~1{executionsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + run: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluations~1{evaluationsId}~1executions:run/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.executionResults sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/results/methods/list' + - $ref: '#/components/x-stackQL-resources/executions/methods/get' + - $ref: '#/components/x-stackQL-resources/executions/methods/list' insert: [] update: [] replace: [] - delete: [] - scanned_resources: - id: google.workloadmanager.scanned_resources - name: scanned_resources - title: Scanned_resources + delete: + - $ref: '#/components/x-stackQL-resources/executions/methods/delete' + rules: + id: google.workloadmanager.rules + name: rules + title: Rules methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1evaluations~1{evaluationsId}~1executions~1{executionsId}~1scannedResources/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1rules/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.scannedResources sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/scanned_resources/methods/list' + - $ref: '#/components/x-stackQL-resources/rules/methods/list' insert: [] update: [] replace: [] delete: [] - rules: - id: google.workloadmanager.rules - name: rules - title: Rules + discoveredprofiles: + id: google.workloadmanager.discoveredprofiles + name: discoveredprofiles + title: Discoveredprofiles methods: list: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1rules/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveredprofiles/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.rules + objectKey: $.workloadProfiles sqlVerbs: select: - - $ref: '#/components/x-stackQL-resources/rules/methods/list' + - $ref: '#/components/x-stackQL-resources/discoveredprofiles/methods/list' insert: [] update: [] replace: [] @@ -2549,40 +2651,20 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/insights/methods/delete' - discoveredprofiles: - id: google.workloadmanager.discoveredprofiles - name: discoveredprofiles - title: Discoveredprofiles - methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1discoveredprofiles/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.workloadProfiles - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/discoveredprofiles/methods/list' - insert: [] - update: [] - replace: [] - delete: [] paths: /v1/projects/{projectsId}/locations: parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/uploadType' - $ref: '#/components/parameters/callback' - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/prettyPrint' + - $ref: '#/components/parameters/alt' - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/access_token' - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/key' get: description: Lists information about the supported locations for this service. operationId: workloadmanager.projects.locations.list @@ -2605,7 +2687,7 @@ paths: schema: type: string - in: query - name: filter + name: pageToken schema: type: string - in: query @@ -2614,7 +2696,7 @@ paths: type: integer format: int32 - in: query - name: pageToken + name: filter schema: type: string - in: query @@ -2649,13 +2731,14 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: parameters: *ref_1 get: description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: workloadmanager.projects.locations.operations.list + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: workloadmanager.projects.locations.operations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2667,7 +2750,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListOperationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2679,27 +2762,18 @@ paths: required: true schema: type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: operationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 - get: + delete: description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: workloadmanager.projects.locations.operations.get + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: workloadmanager.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2711,7 +2785,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Empty' parameters: - in: path name: projectsId @@ -2728,13 +2802,13 @@ paths: required: true schema: type: string - delete: + /v1/projects/{projectsId}/locations/{locationsId}/operations: + parameters: *ref_1 + get: description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: workloadmanager.projects.locations.operations.delete + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: workloadmanager.projects.locations.operations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2746,7 +2820,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/ListOperationsResponse' parameters: - in: path name: projectsId @@ -2758,11 +2832,23 @@ paths: required: true schema: type: string - - in: path - name: operationsId - required: true + - in: query + name: filter schema: type: string + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: pageToken + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: @@ -2793,7 +2879,124 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Empty' + $ref: '#/components/schemas/Empty' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: path + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/evaluations: + parameters: *ref_1 + post: + description: Creates a new Evaluation in a given project and location. + operationId: workloadmanager.projects.locations.evaluations.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Evaluation' + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: evaluationId + schema: + type: string + - in: query + name: requestId + schema: + type: string + get: + description: Lists Evaluations in a given project and location. + operationId: workloadmanager.projects.locations.evaluations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListEvaluationsResponse' + parameters: + - in: path + name: projectsId + required: true + schema: + type: string + - in: path + name: locationsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: orderBy + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/evaluations/{evaluationsId}: + parameters: *ref_1 + get: + description: Gets details of a single Evaluation. + operationId: workloadmanager.projects.locations.evaluations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Evaluation' parameters: - in: path name: projectsId @@ -2806,15 +3009,13 @@ paths: schema: type: string - in: path - name: operationsId + name: evaluationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/evaluations: - parameters: *ref_1 - get: - description: Lists Evaluations in a given project and location. - operationId: workloadmanager.projects.locations.evaluations.list + delete: + description: Deletes a single Evaluation. + operationId: workloadmanager.projects.locations.evaluations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2826,7 +3027,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListEvaluationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2838,26 +3039,22 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: evaluationsId + required: true schema: type: string - in: query - name: filter + name: requestId schema: type: string - in: query - name: orderBy + name: force schema: - type: string - post: - description: Creates a new Evaluation in a given project and location. - operationId: workloadmanager.projects.locations.evaluations.create + type: boolean + patch: + description: Updates the parameters of a single Evaluation. + operationId: workloadmanager.projects.locations.evaluations.patch requestBody: content: application/json: @@ -2886,19 +3083,25 @@ paths: required: true schema: type: string - - in: query - name: evaluationId + - in: path + name: evaluationsId + required: true schema: type: string - in: query name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/evaluations/{evaluationsId}: + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/evaluations/{evaluationsId}/executions/{executionsId}/results: parameters: *ref_1 get: - description: Gets details of a single Evaluation. - operationId: workloadmanager.projects.locations.evaluations.get + description: Lists the result of a single evaluation. + operationId: workloadmanager.projects.locations.evaluations.executions.results.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2910,7 +3113,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Evaluation' + $ref: '#/components/schemas/ListExecutionResultsResponse' parameters: - in: path name: projectsId @@ -2927,9 +3130,30 @@ paths: required: true schema: type: string - delete: - description: Deletes a single Evaluation. - operationId: workloadmanager.projects.locations.evaluations.delete + - in: path + name: executionsId + required: true + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/evaluations/{evaluationsId}/executions/{executionsId}/scannedResources: + parameters: *ref_1 + get: + description: List all scanned resources for a single Execution. + operationId: >- + workloadmanager.projects.locations.evaluations.executions.scannedResources.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2941,7 +3165,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListScannedResourcesResponse' parameters: - in: path name: projectsId @@ -2958,14 +3182,32 @@ paths: required: true schema: type: string + - in: path + name: executionsId + required: true + schema: + type: string - in: query - name: requestId + name: rule schema: type: string - in: query - name: force + name: orderBy schema: - type: boolean + type: string + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 /v1/projects/{projectsId}/locations/{locationsId}/evaluations/{evaluationsId}/executions: parameters: *ref_1 get: @@ -2999,6 +3241,10 @@ paths: required: true schema: type: string + - in: query + name: filter + schema: + type: string - in: query name: pageSize schema: @@ -3008,10 +3254,6 @@ paths: name: pageToken schema: type: string - - in: query - name: filter - schema: - type: string - in: query name: orderBy schema: @@ -3132,11 +3374,11 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/evaluations/{evaluationsId}/executions/{executionsId}/results: + /v1/projects/{projectsId}/locations/{locationsId}/rules: parameters: *ref_1 get: - description: Lists the result of a single evaluation. - operationId: workloadmanager.projects.locations.evaluations.executions.results.list + description: Lists rules in a given project. + operationId: workloadmanager.projects.locations.rules.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3148,7 +3390,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListExecutionResultsResponse' + $ref: '#/components/schemas/ListRulesResponse' parameters: - in: path name: projectsId @@ -3160,70 +3402,20 @@ paths: required: true schema: type: string - - in: path - name: evaluationsId - required: true - schema: - type: string - - in: path - name: executionsId - required: true - schema: - type: string - in: query - name: pageSize + name: evaluationType schema: - type: integer - format: int32 + type: string - in: query name: pageToken schema: type: string - in: query - name: filter - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/evaluations/{evaluationsId}/executions/{executionsId}/scannedResources: - parameters: *ref_1 - get: - description: List all scanned resources for a single Execution. - operationId: >- - workloadmanager.projects.locations.evaluations.executions.scannedResources.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListScannedResourcesResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: path - name: evaluationsId - required: true - schema: - type: string - - in: path - name: executionsId - required: true + name: customRulesBucket schema: type: string - in: query - name: rule + name: filter schema: type: string - in: query @@ -3231,23 +3423,11 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: orderBy - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/rules: + /v1/projects/{projectsId}/locations/{locationsId}/discoveredprofiles: parameters: *ref_1 get: - description: Lists rules in a given project. - operationId: workloadmanager.projects.locations.rules.list + description: List discovered workload profiles + operationId: workloadmanager.projects.locations.discoveredprofiles.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3259,7 +3439,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListRulesResponse' + $ref: '#/components/schemas/ListDiscoveredProfilesResponse' parameters: - in: path name: projectsId @@ -3276,20 +3456,12 @@ paths: schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - in: query name: filter schema: type: string - in: query - name: customRulesBucket - schema: - type: string - - in: query - name: evaluationType + name: pageToken schema: type: string /v1/projects/{projectsId}/locations/{locationsId}/insights:writeInsight: @@ -3362,44 +3534,3 @@ paths: name: requestId schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/discoveredprofiles: - parameters: *ref_1 - get: - description: List discovered workload profiles - operationId: workloadmanager.projects.locations.discoveredprofiles.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListDiscoveredProfilesResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter - schema: - type: string diff --git a/providers/src/googleapis.com/v00.00.00000/services/workstations.yaml b/providers/src/googleapis.com/v00.00.00000/services/workstations.yaml index 3c1913da..c16aaee7 100644 --- a/providers/src/googleapis.com/v00.00.00000/services/workstations.yaml +++ b/providers/src/googleapis.com/v00.00.00000/services/workstations.yaml @@ -9,8 +9,8 @@ info: Allows administrators to create managed developer environments in the cloud. version: v1 - x-discovery-doc-revision: '20250811' - x-generated-date: '2025-08-28' + x-discovery-doc-revision: '20251202' + x-generated-date: '2025-12-10' externalDocs: url: https://cloud.google.com/workstations servers: @@ -36,57 +36,151 @@ components: tokenUrl: https://accounts.google.com/o/oauth2/token scopes: *ref_0 schemas: - ListOperationsResponse: - id: ListOperationsResponse - description: The response message for Operations.ListOperations. + PrivateClusterConfig: type: object properties: - operations: + allowedProjects: + type: array description: >- - A list of operations that matches the specified filter in the - request. + Optional. Additional projects that are allowed to attach to the + workstation cluster's service attachment. By default, the + workstation cluster's project and the VPC host project (if + different) are allowed. + items: + type: string + serviceAttachmentUri: + type: string + readOnly: true + description: >- + Output only. Service attachment URI for the workstation cluster. The + service attachment is created when private endpoint is enabled. To + access workstations in the workstation cluster, configure access to + the managed service using [Private Service + Connect](https://cloud.google.com/vpc/docs/configure-private-service-connect-services). + clusterHostname: + readOnly: true + type: string + description: >- + Output only. Hostname for the workstation cluster. This field will + be populated only when private endpoint is enabled. To access + workstations in the workstation cluster, create a new DNS zone + mapping this domain name to an internal IP address and a forwarding + rule mapping that address to the service attachment. + enablePrivateEndpoint: + type: boolean + description: Immutable. Whether Workstations endpoint is private. + description: Configuration options for private workstation clusters. + id: PrivateClusterConfig + CancelOperationRequest: + description: The request message for Operations.CancelOperation. + type: object + id: CancelOperationRequest + properties: {} + TestIamPermissionsRequest: + properties: + permissions: + description: >- + The set of permissions to check for the `resource`. Permissions with + wildcards (such as `*` or `storage.*`) are not allowed. For more + information see [IAM + Overview](https://cloud.google.com/iam/docs/overview#permissions). type: array items: - $ref: '#/components/schemas/Operation' - nextPageToken: - description: The standard List next-page token. + type: string + type: object + id: TestIamPermissionsRequest + description: Request message for `TestIamPermissions` method. + GenerateAccessTokenResponse: + id: GenerateAccessTokenResponse + description: Response message for GenerateAccessToken. + type: object + properties: + accessToken: type: string - Operation: - id: Operation + description: >- + The generated bearer access token. To use this token, include it in + an Authorization header of an HTTP request sent to the associated + workstation's hostname—for example, `Authorization: Bearer `. + expireTime: + format: google-datetime + type: string + description: Time at which the generated token will expire. + AuditConfig: + id: AuditConfig + type: object description: >- - This resource represents a long-running operation that is the result of - a network API call. + Specifies the audit configuration for a service. The configuration + determines which permission types are logged, and what identities, if + any, are exempted from logging. An AuditConfig must have one or more + AuditLogConfigs. If there are AuditConfigs for both `allServices` and a + specific service, the union of the two AuditConfigs is used for that + service: the log_types specified in each AuditConfig are enabled, and + the exempted_members in each AuditLogConfig are exempted. Example Policy + with multiple AuditConfigs: { "audit_configs": [ { "service": + "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", + "exempted_members": [ "user:jose@example.com" ] }, { "log_type": + "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": + "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": + "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ + "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy + enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts + `jose@example.com` from DATA_READ logging, and `aliya@example.com` from + DATA_WRITE logging. + properties: + service: + description: >- + Specifies a service that will be enabled for audit logging. For + example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + `allServices` is a special value that covers all services. + type: string + auditLogConfigs: + items: + $ref: '#/components/schemas/AuditLogConfig' + description: The configuration for logging of each type of permission. + type: array + StopWorkstationRequest: + id: StopWorkstationRequest + description: Request message for StopWorkstation. type: object properties: - name: + validateOnly: description: >- - The server-assigned name, which is only unique within the same - service that originally returns it. If you use the default HTTP - mapping, the `name` should be a resource name ending with - `operations/{unique_id}`. + Optional. If set, validate the request and preview the review, but + do not actually apply it. + type: boolean + etag: type: string + description: >- + Optional. If set, the request will be rejected if the latest version + of the workstation on the server does not have this ETag. + Operation: + type: object + id: Operation + properties: metadata: + type: object + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any description: >- Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any. - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. + name: + description: >- + The server-assigned name, which is only unique within the same + service that originally returns it. If you use the default HTTP + mapping, the `name` should be a resource name ending with + `operations/{unique_id}`. + type: string done: description: >- If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available. type: boolean - error: - description: >- - The error result of the operation in case of failure or - cancellation. - $ref: '#/components/schemas/Status' response: description: >- The normal, successful response of the operation. If the original @@ -101,878 +195,711 @@ components: additionalProperties: type: any description: Properties of the object. Contains field @type with type URL. - Status: - id: Status - description: >- - The `Status` type defines a logical error model that is suitable for - different programming environments, including REST APIs and RPC APIs. It - is used by [gRPC](https://github.com/grpc). Each `Status` message - contains three pieces of data: error code, error message, and error - details. You can find out more about this error model and how to work - with it in the [API Design - Guide](https://cloud.google.com/apis/design/errors). - type: object - properties: - code: - description: The status code, which should be an enum value of google.rpc.Code. - type: integer - format: int32 - message: - description: >- - A developer-facing error message, which should be in English. Any - user-facing error message should be localized and sent in the - google.rpc.Status.details field, or localized by the client. - type: string - details: + error: description: >- - A list of messages that carry the error details. There is a common - set of message types for APIs to use. - type: array - items: - type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - GoogleProtobufEmpty: - id: GoogleProtobufEmpty - description: >- - A generic empty message that you can re-use to avoid defining duplicated - empty messages in your APIs. A typical example is to use it as the - request or the response type of an API method. For instance: service Foo - { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } - type: object - properties: {} - CancelOperationRequest: - id: CancelOperationRequest - description: The request message for Operations.CancelOperation. - type: object - properties: {} - WorkstationCluster: - id: WorkstationCluster + The error result of the operation in case of failure or + cancellation. + $ref: '#/components/schemas/Status' description: >- - A workstation cluster resource in the Cloud Workstations API. Defines a - group of workstations in a particular region and the VPC network they're - attached to. - type: object + This resource represents a long-running operation that is the result of + a network API call. + GcePersistentDisk: properties: - name: - description: Identifier. Full name of this workstation cluster. + sourceImage: + description: >- + Optional. Name of the disk image to use as the source for the disk. + Must be empty if source_snapshot is set. Updating source_image will + update content in the ephemeral directory after the workstation is + restarted. Only file systems supported by Container-Optimized OS + (COS) are explicitly supported. For a list of supported file + systems, please refer to the [COS + documentation](https://cloud.google.com/container-optimized-os/docs/concepts/supported-filesystems). + This field is mutable. type: string - displayName: - description: Optional. Human-readable name for this workstation cluster. + sourceSnapshot: type: string - uid: description: >- - Output only. A system-assigned unique identifier for this - workstation cluster. - readOnly: true + Optional. Name of the snapshot to use as the source for the disk. + Must be empty if source_image is set. Must be empty if read_only is + false. Updating source_snapshot will update content in the ephemeral + directory after the workstation is restarted. Only file systems + supported by Container-Optimized OS (COS) are explicitly supported. + For a list of supported file systems, see [the filesystems available + in Container-Optimized + OS](https://cloud.google.com/container-optimized-os/docs/concepts/supported-filesystems). + This field is mutable. + diskType: + description: Optional. Type of the disk to use. Defaults to `"pd-standard"`. type: string - reconciling: - description: >- - Output only. Indicates whether this workstation cluster is currently - being updated to match its intended state. - readOnly: true + readOnly: type: boolean - annotations: - description: Optional. Client-specified annotations. - type: object - additionalProperties: - type: string - labels: description: >- - Optional. - [Labels](https://cloud.google.com/workstations/docs/label-resources) - that are applied to the workstation cluster and that are also - propagated to the underlying Compute Engine resources. - type: object - additionalProperties: - type: string - createTime: - description: Output only. Time when this workstation cluster was created. - readOnly: true + Optional. Whether the disk is read only. If true, the disk may be + shared by multiple VMs and source_snapshot must be set. + description: An EphemeralDirectory is backed by a Compute Engine persistent disk. + type: object + id: GcePersistentDisk + DomainConfig: + properties: + domain: + description: Immutable. Domain used by Workstations for HTTP ingress. type: string - format: google-datetime - updateTime: + type: object + id: DomainConfig + description: Configuration options for a custom domain. + GceShieldedInstanceConfig: + properties: + enableVtpm: + description: Optional. Whether the instance has the vTPM enabled. + type: boolean + enableSecureBoot: + description: Optional. Whether the instance has Secure Boot enabled. + type: boolean + enableIntegrityMonitoring: + description: Optional. Whether the instance has integrity monitoring enabled. + type: boolean + id: GceShieldedInstanceConfig + description: A set of Compute Engine Shielded instance options. + type: object + StartWorkstationRequest: + description: Request message for StartWorkstation. + type: object + id: StartWorkstationRequest + properties: + boostConfig: description: >- - Output only. Time when this workstation cluster was most recently - updated. - readOnly: true - type: string - format: google-datetime - deleteTime: - description: Output only. Time when this workstation cluster was soft-deleted. - readOnly: true + Optional. If set, the workstation starts using the boost + configuration with the specified ID. type: string - format: google-datetime etag: - description: >- - Optional. Checksum computed by the server. May be sent on update and - delete requests to make sure that the client has an up-to-date value - before proceeding. - type: string - network: - description: >- - Immutable. Name of the Compute Engine network in which instances - associated with this workstation cluster will be created. - type: string - subnetwork: - description: >- - Immutable. Name of the Compute Engine subnetwork in which instances - associated with this workstation cluster will be created. Must be - part of the subnetwork specified for this workstation cluster. - type: string - controlPlaneIp: - description: >- - Output only. The private IP address of the control plane for this - workstation cluster. Workstation VMs need access to this IP address - to work with the service, so make sure that your firewall rules - allow egress from the workstation VMs to this address. - readOnly: true type: string - privateClusterConfig: - description: Optional. Configuration for private workstation cluster. - $ref: '#/components/schemas/PrivateClusterConfig' - domainConfig: - description: Optional. Configuration options for a custom domain. - $ref: '#/components/schemas/DomainConfig' - degraded: description: >- - Output only. Whether this workstation cluster is in degraded mode, - in which case it may require user action to restore full - functionality. The conditions field contains detailed information - about the status of the cluster. - readOnly: true + Optional. If set, the request will be rejected if the latest version + of the workstation on the server does not have this ETag. + validateOnly: type: boolean - conditions: - description: >- - Output only. Status conditions describing the workstation cluster's - current state. - readOnly: true - type: array - items: - $ref: '#/components/schemas/Status' - tags: description: >- - Optional. Input only. Immutable. Tag keys/values directly bound to - this resource. For example: "123/environment": "production", - "123/costCenter": "marketing" - type: object - additionalProperties: - type: string - gatewayConfig: - description: Optional. Configuration options for Cluster HTTP Gateway. - $ref: '#/components/schemas/GatewayConfig' - PrivateClusterConfig: - id: PrivateClusterConfig - description: Configuration options for private workstation clusters. + Optional. If set, validate the request and preview the review, but + do not actually apply it. + GenerateAccessTokenRequest: type: object properties: - enablePrivateEndpoint: - description: Immutable. Whether Workstations endpoint is private. - type: boolean - clusterHostname: + expireTime: description: >- - Output only. Hostname for the workstation cluster. This field will - be populated only when private endpoint is enabled. To access - workstations in the workstation cluster, create a new DNS zone - mapping this domain name to an internal IP address and a forwarding - rule mapping that address to the service attachment. - readOnly: true + Desired expiration time of the access token. This value must be at + most 24 hours in the future. If a value is not specified, the + token's expiration time will be set to a default value of 1 hour in + the future. + format: google-datetime type: string - serviceAttachmentUri: + port: + type: integer description: >- - Output only. Service attachment URI for the workstation cluster. The - service attachment is created when private endpoint is enabled. To - access workstations in the workstation cluster, configure access to - the managed service using [Private Service - Connect](https://cloud.google.com/vpc/docs/configure-private-service-connect-services). - readOnly: true + Optional. Port for which the access token should be generated. If + specified, the generated access token grants access only to the + specified port of the workstation. If specified, values must be + within the range [1 - 65535]. If not specified, the generated access + token grants access to all ports of the workstation. + format: int32 + ttl: type: string - allowedProjects: + format: google-duration description: >- - Optional. Additional projects that are allowed to attach to the - workstation cluster's service attachment. By default, the - workstation cluster's project and the VPC host project (if - different) are allowed. - type: array - items: - type: string - DomainConfig: - id: DomainConfig - description: Configuration options for a custom domain. - type: object + Desired lifetime duration of the access token. This value must be at + most 24 hours. If a value is not specified, the token's lifetime + will be set to a default value of 1 hour. + id: GenerateAccessTokenRequest + description: Request message for GenerateAccessToken. + PersistentDirectory: + id: PersistentDirectory properties: - domain: - description: Immutable. Domain used by Workstations for HTTP ingress. + mountPath: type: string - GatewayConfig: - id: GatewayConfig - description: Configuration options for Cluster HTTP Gateway. + description: Optional. Location of this directory in the running workstation. + gceHd: + description: >- + A PersistentDirectory backed by a Compute Engine hyperdisk high + availability disk. + $ref: '#/components/schemas/GceHyperdiskBalancedHighAvailability' + gcePd: + description: A PersistentDirectory backed by a Compute Engine persistent disk. + $ref: '#/components/schemas/GceRegionalPersistentDisk' + description: >- + A directory to persist across workstation sessions. Updates to this + field will not update existing workstations and will only take effect on + new workstations. type: object + GceInstance: + type: object + description: A runtime using a Compute Engine instance. + id: GceInstance properties: - http2Enabled: + poolSize: description: >- - Optional. Whether HTTP/2 is enabled for this workstation cluster. - Defaults to false. + Optional. The number of VMs that the system should keep idle so that + new workstations can be started quickly for new users. Defaults to + `0` in the API. + type: integer + format: int32 + serviceAccount: + description: >- + Optional. The email address of the service account for Cloud + Workstations VMs created with this configuration. When specified, be + sure that the service account has `logging.logEntries.create` and + `monitoring.timeSeries.create` permissions on the project so it can + write logs out to Cloud Logging. If using a custom container image, + the service account must have [Artifact Registry + Reader](https://cloud.google.com/artifact-registry/docs/access-control#roles) + permission to pull the specified image. If you as the administrator + want to be able to `ssh` into the underlying VM, you need to set + this value to a service account for which you have the + `iam.serviceAccounts.actAs` permission. Conversely, if you don't + want anyone to be able to `ssh` into the underlying VM, use a + service account where no one has that permission. If not set, VMs + run with a service account provided by the Cloud Workstations + service, and the image must be publicly accessible. + type: string + disableSsh: type: boolean - ListWorkstationClustersResponse: - id: ListWorkstationClustersResponse - description: Response message for ListWorkstationClusters. - type: object - properties: - workstationClusters: - description: The requested workstation clusters. - type: array - items: - $ref: '#/components/schemas/WorkstationCluster' - nextPageToken: + description: Optional. Whether to disable SSH access to the VM. + shieldedInstanceConfig: + description: Optional. A set of Compute Engine Shielded instance options. + $ref: '#/components/schemas/GceShieldedInstanceConfig' + machineType: description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. + Optional. The type of machine to use for VM instances—for example, + `"e2-standard-4"`. For more information about machine types that + Cloud Workstations supports, see the list of [available machine + types](https://cloud.google.com/workstations/docs/available-machine-types). type: string - unreachable: - description: Unreachable resources. + bootDiskSizeGb: + type: integer + description: >- + Optional. The size of the boot disk for the VM in gigabytes (GB). + The minimum boot disk size is `30` GB. Defaults to `50` GB. + format: int32 + serviceAccountScopes: + description: >- + Optional. Scopes to grant to the service_account. When specified, + users of workstations under this configuration must have + `iam.serviceAccounts.actAs` on the service account. type: array items: type: string - WorkstationConfig: - id: WorkstationConfig - description: >- - A workstation configuration resource in the Cloud Workstations API. - Workstation configurations act as templates for workstations. The - workstation configuration defines details such as the workstation - virtual machine (VM) instance type, persistent storage, container image - defining environment, which IDE or Code Editor to use, and more. - Administrators and platform teams can also use [Identity and Access - Management (IAM)](https://cloud.google.com/iam/docs/overview) rules to - grant access to teams or to individual developers. - type: object - properties: - name: - description: Identifier. Full name of this workstation configuration. - type: string + enableNestedVirtualization: + type: boolean + description: >- + Optional. Whether to enable nested virtualization on Cloud + Workstations VMs created using this workstation configuration. + Defaults to false. Nested virtualization lets you run virtual + machine (VM) instances inside your workstation. Before enabling + nested virtualization, consider the following important + considerations. Cloud Workstations instances are subject to the + [same restrictions as Compute Engine + instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): + * **Organization policy**: projects, folders, or organizations may + be restricted from creating nested VMs if the **Disable VM nested + virtualization** constraint is enforced in the organization policy. + For more information, see the Compute Engine section, [Checking + whether nested virtualization is + allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). + * **Performance**: nested VMs might experience a 10% or greater + decrease in performance for workloads that are CPU-bound and + possibly greater than a 10% decrease for workloads that are + input/output bound. * **Machine Type**: nested virtualization can + only be enabled on workstation configurations that specify a + machine_type in the N1 or N2 machine series. + disablePublicIpAddresses: + description: >- + Optional. When set to true, disables public IP addresses for VMs. If + you disable public IP addresses, you must set up Private Google + Access or Cloud NAT on your network. If you use Private Google + Access and you use `private.googleapis.com` or + `restricted.googleapis.com` for Container Registry and Artifact + Registry, make sure that you set up DNS records for domains + `*.gcr.io` and `*.pkg.dev`. Defaults to false (VMs have public IP + addresses). + type: boolean + confidentialInstanceConfig: + description: Optional. A set of Compute Engine Confidential VM instance options. + $ref: '#/components/schemas/GceConfidentialInstanceConfig' + tags: + type: array + items: + type: string + description: >- + Optional. Network tags to add to the Compute Engine VMs backing the + workstations. This option applies [network + tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to + VMs created with this configuration. These network tags enable the + creation of [firewall + rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). + startupScriptUri: + type: string + description: >- + Optional. Link to the startup script stored in Cloud Storage. This + script will be run on the host workstation VM when the VM is + created. The URI must be of the form + gs://{bucket-name}/{object-name}. If specifying a startup script, + the service account must have [Permission to access the bucket and + script file in Cloud + Storage](https://cloud.google.com/storage/docs/access-control/iam-permissions). + Otherwise, the script must be publicly accessible. Note that the + service regularly updates the OS version used, and it is the + responsibility of the user to ensure the script stays compatible + with the OS version. + accelerators: + description: >- + Optional. A list of the type and count of accelerator cards attached + to the instance. + items: + $ref: '#/components/schemas/Accelerator' + type: array + vmTags: + description: >- + Optional. Resource manager tags to be bound to this instance. Tag + keys and values have the same definition as [resource manager + tags](https://cloud.google.com/resource-manager/docs/tags/tags-overview). + Keys must be in the format `tagKeys/{tag_key_id}`, and values are in + the format `tagValues/456`. + type: object + additionalProperties: + type: string + boostConfigs: + type: array + description: >- + Optional. A list of the boost configurations that workstations + created using this workstation configuration are allowed to use. If + specified, users will have the option to choose from the list of + boost configs when starting a workstation. + items: + $ref: '#/components/schemas/BoostConfig' + pooledInstances: + format: int32 + type: integer + readOnly: true + description: >- + Output only. Number of instances currently available in the pool for + faster workstation startup. + Workstation: + description: >- + A single instance of a developer workstation with its own persistent + storage. + type: object + properties: displayName: - description: Optional. Human-readable name for this workstation configuration. type: string + description: Optional. Human-readable name for this workstation. uid: description: >- Output only. A system-assigned unique identifier for this - workstation configuration. + workstation. + type: string + readOnly: true + startTime: + description: >- + Output only. Time when this workstation was most recently + successfully started, regardless of the workstation's initial state. readOnly: true type: string - reconciling: + format: google-datetime + host: + type: string + readOnly: true description: >- - Output only. Indicates whether this workstation configuration is - currently being updated to match its intended state. + Output only. Host to which clients can send HTTPS traffic that will + be received by the workstation. Authorized traffic will be received + to the workstation as HTTP on port 80. To send traffic to a + different port, clients may prefix the host with the destination + port in the format `{port}-{host}`. + createTime: + format: google-datetime readOnly: true - type: boolean + type: string + description: Output only. Time when this workstation was created. annotations: - description: Optional. Client-specified annotations. - type: object additionalProperties: type: string - labels: - description: >- - Optional. - [Labels](https://cloud.google.com/workstations/docs/label-resources) - that are applied to the workstation configuration and that are also - propagated to the underlying Compute Engine resources. type: object + description: Optional. Client-specified annotations. + runtimeHost: + readOnly: true + $ref: '#/components/schemas/RuntimeHost' + description: >- + Optional. Output only. Runtime host for the workstation when in + STATE_RUNNING. + env: additionalProperties: type: string - createTime: - description: Output only. Time when this workstation configuration was created. + type: object + description: >- + Optional. Environment variables passed to the workstation + container's entrypoint. + state: readOnly: true + enumDescriptions: + - Do not use. + - >- + The workstation is not yet ready to accept requests from users but + will be soon. + - The workstation is ready to accept requests from users. + - The workstation is being stopped. + - >- + The workstation is stopped and will not be able to receive + requests until it is started. + description: Output only. Current state of the workstation. type: string - format: google-datetime - updateTime: + enum: + - STATE_UNSPECIFIED + - STATE_STARTING + - STATE_RUNNING + - STATE_STOPPING + - STATE_STOPPED + etag: description: >- - Output only. Time when this workstation configuration was most - recently updated. - readOnly: true + Optional. Checksum computed by the server. May be sent on update and + delete requests to make sure that the client has an up-to-date value + before proceeding. type: string - format: google-datetime deleteTime: - description: >- - Output only. Time when this workstation configuration was - soft-deleted. + format: google-datetime + type: string readOnly: true + description: Output only. Time when this workstation was soft-deleted. + name: type: string + description: Identifier. Full name of this workstation. + updateTime: format: google-datetime - etag: + description: Output only. Time when this workstation was most recently updated. + readOnly: true + type: string + labels: + additionalProperties: + type: string description: >- - Optional. Checksum computed by the server. May be sent on update and - delete requests to make sure that the client has an up-to-date value - before proceeding. + Optional. + [Labels](https://cloud.google.com/workstations/docs/label-resources) + that are applied to the workstation and that are also propagated to + the underlying Compute Engine resources. + type: object + kmsKey: type: string - idleTimeout: + readOnly: true description: >- - Optional. Number of seconds to wait before automatically stopping a - workstation after it last received user traffic. A value of `"0s"` - indicates that Cloud Workstations VMs created with this - configuration should never time out due to idleness. Provide - [duration](https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#duration) - terminated by `s` for seconds—for example, `"7200s"` (2 hours). The - default is `"1200s"` (20 minutes). + Output only. The name of the Google Cloud KMS encryption key used to + encrypt this workstation. The KMS key can only be configured in the + WorkstationConfig. The expected format is + `projects/*/locations/*/keyRings/*/cryptoKeys/*`. + sourceWorkstation: + description: >- + Optional. The source workstation from which this workstation's + persistent directories were cloned on creation. type: string - format: google-duration - runningTimeout: + reconciling: + type: boolean + readOnly: true description: >- - Optional. Number of seconds that a workstation can run until it is - automatically shut down. We recommend that workstations be shut down - daily to reduce costs and so that security updates can be applied - upon restart. The idle_timeout and running_timeout fields are - independent of each other. Note that the running_timeout field shuts - down VMs after the specified time, regardless of whether or not the - VMs are idle. Provide duration terminated by `s` for seconds—for - example, `"54000s"` (15 hours). Defaults to `"43200s"` (12 hours). A - value of `"0s"` indicates that workstations using this configuration - should never time out. If encryption_key is set, it must be greater - than `"0s"` and less than `"86400s"` (24 hours). Warning: A value of - `"0s"` indicates that Cloud Workstations VMs created with this - configuration have no maximum running time. This is strongly - discouraged because you incur costs and will not pick up security - updates. + Output only. Indicates whether this workstation is currently being + updated to match its intended state. + id: Workstation + SetIamPolicyRequest: + id: SetIamPolicyRequest + properties: + updateMask: + description: >- + OPTIONAL: A FieldMask specifying which fields of the policy to + modify. Only the fields in the mask will be modified. If no mask is + provided, the following default mask is used: `paths: "bindings, + etag"` + format: google-fieldmask type: string - format: google-duration - maxUsableWorkstations: + policy: description: >- - Optional. Maximum number of workstations under this configuration a - user can have `workstations.workstation.use` permission on. Only - enforced on CreateWorkstation API calls on the user issuing the API - request. Can be overridden by: - granting a user - workstations.workstationConfigs.exemptMaxUsableWorkstationLimit - permission, or - having a user with that permission create a - workstation and granting another user `workstations.workstation.use` - permission on that workstation. If not specified, defaults to `0`, - which indicates unlimited. - type: integer - format: int32 - host: - description: Optional. Runtime host for the workstation. - $ref: '#/components/schemas/Host' - persistentDirectories: - description: Optional. Directories to persist across workstation sessions. - type: array - items: - $ref: '#/components/schemas/PersistentDirectory' - ephemeralDirectories: - description: >- - Optional. Ephemeral directories which won't persist across - workstation sessions. - type: array - items: - $ref: '#/components/schemas/EphemeralDirectory' - container: - description: >- - Optional. Container that runs upon startup for each workstation - using this workstation configuration. - $ref: '#/components/schemas/Container' - encryptionKey: - description: >- - Immutable. Encrypts resources of this workstation configuration - using a customer-managed encryption key (CMEK). If specified, the - boot disk of the Compute Engine instance and the persistent disk are - encrypted using this encryption key. If this field is not set, the - disks are encrypted using a generated key. Customer-managed - encryption keys do not protect disk metadata. If the - customer-managed encryption key is rotated, when the workstation - instance is stopped, the system attempts to recreate the persistent - disk with the new version of the key. Be sure to keep older versions - of the key until the persistent disk is recreated. Otherwise, data - on the persistent disk might be lost. If the encryption key is - revoked, the workstation session automatically stops within 7 hours. - Immutable after the workstation configuration is created. - $ref: '#/components/schemas/CustomerEncryptionKey' - readinessChecks: - description: >- - Optional. Readiness checks to perform when starting a workstation - using this workstation configuration. Mark a workstation as running - only after all specified readiness checks return 200 status codes. - type: array - items: - $ref: '#/components/schemas/ReadinessCheck' - replicaZones: - description: >- - Optional. Immutable. Specifies the zones used to replicate the VM - and disk resources within the region. If set, exactly two zones - within the workstation cluster's region must be specified—for - example, `['us-central1-a', 'us-central1-f']`. If this field is - empty, two default zones within the region are used. Immutable after - the workstation configuration is created. - type: array - items: - type: string - degraded: - description: >- - Output only. Whether this workstation configuration is in degraded - mode, in which case it may require user action to restore full - functionality. The conditions field contains detailed information - about the status of the configuration. - readOnly: true - type: boolean - conditions: - description: >- - Output only. Status conditions describing the workstation - configuration's current state. - readOnly: true - type: array - items: - $ref: '#/components/schemas/Status' - enableAuditAgent: - description: >- - Optional. Whether to enable Linux `auditd` logging on the - workstation. When enabled, a service_account must also be specified - that has `roles/logging.logWriter` and - `roles/monitoring.metricWriter` on the project. Operating system - audit logging is distinct from [Cloud Audit - Logs](https://cloud.google.com/workstations/docs/audit-logging) and - [Container output - logging](https://cloud.google.com/workstations/docs/container-output-logging#overview). - Operating system audit logs are available in the [Cloud - Logging](https://cloud.google.com/logging/docs) console by querying: - resource.type="gce_instance" log_name:"/logs/linux-auditd" - type: boolean - disableTcpConnections: - description: >- - Optional. Disables support for plain TCP connections in the - workstation. By default the service supports TCP connections through - a websocket relay. Setting this option to true disables that relay, - which prevents the usage of services that require plain TCP - connections, such as SSH. When enabled, all communication must occur - over HTTPS or WSS. - type: boolean - allowedPorts: - description: >- - Optional. A list of PortRanges specifying single ports or ranges of - ports that are externally accessible in the workstation. Allowed - ports must be one of 22, 80, or within range 1024-65535. If not - specified defaults to ports 22, 80, and ports 1024-65535. - type: array - items: - $ref: '#/components/schemas/PortRange' - grantWorkstationAdminRoleOnCreate: - description: >- - Optional. Grant creator of a workstation - `roles/workstations.policyAdmin` role along with - `roles/workstations.user` role on the workstation created by them. - This allows workstation users to share access to either their entire - workstation, or individual ports. Defaults to false. - type: boolean - Host: - id: Host - description: Runtime host for a workstation. + REQUIRED: The complete policy to be applied to the `resource`. The + size of the policy is limited to a few 10s of KB. An empty policy is + a valid policy but certain Google Cloud services (such as Projects) + might reject them. + $ref: '#/components/schemas/Policy' + description: Request message for `SetIamPolicy` method. type: object - properties: - gceInstance: - description: Specifies a Compute Engine instance as the host. - $ref: '#/components/schemas/GceInstance' - GceInstance: - id: GceInstance - description: A runtime using a Compute Engine instance. + ListOperationsResponse: type: object properties: - machineType: - description: >- - Optional. The type of machine to use for VM instances—for example, - `"e2-standard-4"`. For more information about machine types that - Cloud Workstations supports, see the list of [available machine - types](https://cloud.google.com/workstations/docs/available-machine-types). - type: string - serviceAccount: - description: >- - Optional. The email address of the service account for Cloud - Workstations VMs created with this configuration. When specified, be - sure that the service account has `logging.logEntries.create` and - `monitoring.timeSeries.create` permissions on the project so it can - write logs out to Cloud Logging. If using a custom container image, - the service account must have [Artifact Registry - Reader](https://cloud.google.com/artifact-registry/docs/access-control#roles) - permission to pull the specified image. If you as the administrator - want to be able to `ssh` into the underlying VM, you need to set - this value to a service account for which you have the - `iam.serviceAccounts.actAs` permission. Conversely, if you don't - want anyone to be able to `ssh` into the underlying VM, use a - service account where no one has that permission. If not set, VMs - run with a service account provided by the Cloud Workstations - service, and the image must be publicly accessible. - type: string - serviceAccountScopes: + unreachable: description: >- - Optional. Scopes to grant to the service_account. When specified, - users of workstations under this configuration must have - `iam.serviceAccounts.actAs` on the service account. - type: array + Unordered list. Unreachable resources. Populated when the request + sets `ListOperationsRequest.return_partial_success` and reads across + collections. For example, when attempting to list all resources + across all supported locations. items: type: string - tags: - description: >- - Optional. Network tags to add to the Compute Engine VMs backing the - workstations. This option applies [network - tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to - VMs created with this configuration. These network tags enable the - creation of [firewall - rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). type: array - items: - type: string - poolSize: - description: >- - Optional. The number of VMs that the system should keep idle so that - new workstations can be started quickly for new users. Defaults to - `0` in the API. - type: integer - format: int32 - pooledInstances: - description: >- - Output only. Number of instances currently available in the pool for - faster workstation startup. - readOnly: true - type: integer - format: int32 - disablePublicIpAddresses: - description: >- - Optional. When set to true, disables public IP addresses for VMs. If - you disable public IP addresses, you must set up Private Google - Access or Cloud NAT on your network. If you use Private Google - Access and you use `private.googleapis.com` or - `restricted.googleapis.com` for Container Registry and Artifact - Registry, make sure that you set up DNS records for domains - `*.gcr.io` and `*.pkg.dev`. Defaults to false (VMs have public IP - addresses). - type: boolean - enableNestedVirtualization: - description: >- - Optional. Whether to enable nested virtualization on Cloud - Workstations VMs created using this workstation configuration. - Defaults to false. Nested virtualization lets you run virtual - machine (VM) instances inside your workstation. Before enabling - nested virtualization, consider the following important - considerations. Cloud Workstations instances are subject to the - [same restrictions as Compute Engine - instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): - * **Organization policy**: projects, folders, or organizations may - be restricted from creating nested VMs if the **Disable VM nested - virtualization** constraint is enforced in the organization policy. - For more information, see the Compute Engine section, [Checking - whether nested virtualization is - allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). - * **Performance**: nested VMs might experience a 10% or greater - decrease in performance for workloads that are CPU-bound and - possibly greater than a 10% decrease for workloads that are - input/output bound. * **Machine Type**: nested virtualization can - only be enabled on workstation configurations that specify a - machine_type in the N1 or N2 machine series. - type: boolean - shieldedInstanceConfig: - description: Optional. A set of Compute Engine Shielded instance options. - $ref: '#/components/schemas/GceShieldedInstanceConfig' - confidentialInstanceConfig: - description: Optional. A set of Compute Engine Confidential VM instance options. - $ref: '#/components/schemas/GceConfidentialInstanceConfig' - bootDiskSizeGb: - description: >- - Optional. The size of the boot disk for the VM in gigabytes (GB). - The minimum boot disk size is `30` GB. Defaults to `50` GB. - type: integer - format: int32 - accelerators: - description: >- - Optional. A list of the type and count of accelerator cards attached - to the instance. - type: array - items: - $ref: '#/components/schemas/Accelerator' - boostConfigs: + operations: description: >- - Optional. A list of the boost configurations that workstations - created using this workstation configuration are allowed to use. If - specified, users will have the option to choose from the list of - boost configs when starting a workstation. - type: array + A list of operations that matches the specified filter in the + request. items: - $ref: '#/components/schemas/BoostConfig' - disableSsh: - description: Optional. Whether to disable SSH access to the VM. - type: boolean - vmTags: - description: >- - Optional. Resource manager tags to be bound to this instance. Tag - keys and values have the same definition as [resource manager - tags](https://cloud.google.com/resource-manager/docs/tags/tags-overview). - Keys must be in the format `tagKeys/{tag_key_id}`, and values are in - the format `tagValues/456`. - type: object - additionalProperties: - type: string - GceShieldedInstanceConfig: - id: GceShieldedInstanceConfig - description: A set of Compute Engine Shielded instance options. - type: object - properties: - enableSecureBoot: - description: Optional. Whether the instance has Secure Boot enabled. - type: boolean - enableVtpm: - description: Optional. Whether the instance has the vTPM enabled. - type: boolean - enableIntegrityMonitoring: - description: Optional. Whether the instance has integrity monitoring enabled. - type: boolean - GceConfidentialInstanceConfig: - id: GceConfidentialInstanceConfig - description: A set of Compute Engine Confidential VM instance options. - type: object - properties: - enableConfidentialCompute: - description: Optional. Whether the instance has confidential compute enabled. - type: boolean - Accelerator: - id: Accelerator - description: An accelerator card attached to the instance. - type: object - properties: - type: - description: >- - Optional. Type of accelerator resource to attach to the instance, - for example, `"nvidia-tesla-p100"`. - type: string - count: - description: Optional. Number of accelerator cards exposed to the instance. - type: integer - format: int32 - BoostConfig: - id: BoostConfig - description: >- - A boost configuration is a set of resources that a workstation can use - to increase its performance. If you specify a boost configuration, upon - startup, workstation users can choose to use a VM provisioned under the - boost config by passing the boost config ID in the start request. If the - workstation user does not provide a boost config ID in the start - request, the system will choose a VM from the pool provisioned under the - default config. - type: object - properties: - id: - description: Required. The ID to be used for the boost configuration. - type: string - machineType: - description: >- - Optional. The type of machine that boosted VM instances will use—for - example, `e2-standard-4`. For more information about machine types - that Cloud Workstations supports, see the list of [available machine - types](https://cloud.google.com/workstations/docs/available-machine-types). - Defaults to `e2-standard-4`. - type: string - accelerators: - description: >- - Optional. A list of the type and count of accelerator cards attached - to the boost instance. Defaults to `none`. + $ref: '#/components/schemas/Operation' type: array - items: - $ref: '#/components/schemas/Accelerator' - bootDiskSizeGb: - description: >- - Optional. The size of the boot disk for the VM in gigabytes (GB). - The minimum boot disk size is `30` GB. Defaults to `50` GB. - type: integer - format: int32 - enableNestedVirtualization: - description: >- - Optional. Whether to enable nested virtualization on boosted Cloud - Workstations VMs running using this boost configuration. Defaults to - false. Nested virtualization lets you run virtual machine (VM) - instances inside your workstation. Before enabling nested - virtualization, consider the following important considerations. - Cloud Workstations instances are subject to the [same restrictions - as Compute Engine - instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): - * **Organization policy**: projects, folders, or organizations may - be restricted from creating nested VMs if the **Disable VM nested - virtualization** constraint is enforced in the organization policy. - For more information, see the Compute Engine section, [Checking - whether nested virtualization is - allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). - * **Performance**: nested VMs might experience a 10% or greater - decrease in performance for workloads that are CPU-bound and - possibly greater than a 10% decrease for workloads that are - input/output bound. * **Machine Type**: nested virtualization can - only be enabled on boost configurations that specify a machine_type - in the N1 or N2 machine series. - type: boolean - poolSize: - description: >- - Optional. The number of boost VMs that the system should keep idle - so that workstations can be boosted quickly. Defaults to `0`. - type: integer - format: int32 - PersistentDirectory: - id: PersistentDirectory - description: >- - A directory to persist across workstation sessions. Updates to this - field will not update existing workstations and will only take effect on - new workstations. - type: object - properties: - gcePd: - description: A PersistentDirectory backed by a Compute Engine persistent disk. - $ref: '#/components/schemas/GceRegionalPersistentDisk' - mountPath: - description: Optional. Location of this directory in the running workstation. - type: string - GceRegionalPersistentDisk: - id: GceRegionalPersistentDisk - description: >- - A Persistent Directory backed by a Compute Engine regional persistent - disk. The persistent_directories field is repeated, but it may contain - only one entry. It creates a [persistent - disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that - mounts to the workstation VM at `/home` when the session starts and - detaches when the session ends. If this field is empty, workstations - created with this configuration do not have a persistent home directory. - type: object - properties: - sizeGb: - description: >- - Optional. The GB capacity of a persistent home directory for each - workstation created with this configuration. Must be empty if - source_snapshot is set. Valid values are `10`, `50`, `100`, `200`, - `500`, or `1000`. Defaults to `200`. If less than `200` GB, the - disk_type must be `"pd-balanced"` or `"pd-ssd"`. - type: integer - format: int32 - fsType: - description: >- - Optional. Type of file system that the disk should be formatted - with. The workstation image must support this file system type. Must - be empty if source_snapshot is set. Defaults to `"ext4"`. + nextPageToken: + description: The standard List next-page token. type: string - diskType: - description: >- - Optional. The [type of the persistent - disk](https://cloud.google.com/compute/docs/disks#disk-types) for - the home directory. Defaults to `"pd-standard"`. + description: The response message for Operations.ListOperations. + id: ListOperationsResponse + ReadinessCheck: + properties: + port: + type: integer + description: Optional. Port to which the request should be sent. + format: int32 + path: + description: Optional. Path to which the request should be sent. type: string - sourceSnapshot: + type: object + id: ReadinessCheck + description: A readiness check to be performed on a workstation. + Accelerator: + id: Accelerator + properties: + type: description: >- - Optional. Name of the snapshot to use as the source for the disk. If - set, size_gb and fs_type must be empty. Must be formatted as ext4 - file system with no partitions. + Optional. Type of accelerator resource to attach to the instance, + for example, `"nvidia-tesla-p100"`. type: string + count: + type: integer + format: int32 + description: Optional. Number of accelerator cards exposed to the instance. + description: An accelerator card attached to the instance. + type: object + GceHyperdiskBalancedHighAvailability: + description: >- + A Persistent Directory backed by a Compute Engine [Hyperdisk Balanced + High Availability + Disk](https://cloud.google.com/compute/docs/disks/hd-types/hyperdisk-balanced-ha). + This is a high-availability block storage solution that offers a balance + between performance and cost for most general-purpose workloads. + id: GceHyperdiskBalancedHighAvailability + type: object + properties: reclaimPolicy: - description: >- - Optional. Whether the persistent disk should be deleted when the - workstation is deleted. Valid values are `DELETE` and `RETAIN`. - Defaults to `DELETE`. - type: string enumDescriptions: - Do not use. - Delete the persistent disk when deleting the workstation. - >- Keep the persistent disk when deleting the workstation. An administrator must manually delete the disk. + description: >- + Optional. Whether the persistent disk should be deleted when the + workstation is deleted. Valid values are `DELETE` and `RETAIN`. + Defaults to `DELETE`. enum: - RECLAIM_POLICY_UNSPECIFIED - DELETE - RETAIN + type: string + sourceSnapshot: + type: string + description: >- + Optional. Name of the snapshot to use as the source for the disk. If + set, size_gb must be empty. Must be formatted as ext4 file system + with no partitions. + archiveTimeout: + description: >- + Optional. Number of seconds to wait after initially creating or + subsequently shutting down the workstation before converting its + disk into a snapshot. This generally saves costs at the expense of + greater startup time on next workstation start, as the service will + need to create a disk from the archival snapshot. A value of `"0s"` + indicates that the disk will never be archived. + format: google-duration + type: string + sizeGb: + format: int32 + type: integer + description: >- + Optional. The GB capacity of a persistent home directory for each + workstation created with this configuration. Must be empty if + source_snapshot is set. Valid values are `10`, `50`, `100`, `200`, + `500`, or `1000`. Defaults to `200`. + ListUsableWorkstationConfigsResponse: + id: ListUsableWorkstationConfigsResponse + type: object + properties: + unreachable: + type: array + items: + type: string + description: Unreachable resources. + workstationConfigs: + items: + $ref: '#/components/schemas/WorkstationConfig' + description: The requested configs. + type: array + nextPageToken: + type: string + description: >- + Token to retrieve the next page of results, or empty if there are no + more results in the list. + description: Response message for ListUsableWorkstationConfigs. + GceConfidentialInstanceConfig: + properties: + enableConfidentialCompute: + description: Optional. Whether the instance has confidential compute enabled. + type: boolean + id: GceConfidentialInstanceConfig + type: object + description: A set of Compute Engine Confidential VM instance options. EphemeralDirectory: id: EphemeralDirectory description: >- An ephemeral directory which won't persist across workstation sessions. It is freshly created on every workstation start operation. - type: object properties: gcePd: - description: An EphemeralDirectory backed by a Compute Engine persistent disk. $ref: '#/components/schemas/GcePersistentDisk' + description: An EphemeralDirectory backed by a Compute Engine persistent disk. mountPath: - description: Required. Location of this directory in the running workstation. type: string - GcePersistentDisk: - id: GcePersistentDisk - description: An EphemeralDirectory is backed by a Compute Engine persistent disk. + description: Required. Location of this directory in the running workstation. type: object + ListWorkstationsResponse: properties: - diskType: - description: Optional. Type of the disk to use. Defaults to `"pd-standard"`. - type: string - sourceSnapshot: - description: >- - Optional. Name of the snapshot to use as the source for the disk. - Must be empty if source_image is set. Must be empty if read_only is - false. Updating source_snapshot will update content in the ephemeral - directory after the workstation is restarted. Only file systems - supported by Container-Optimized OS (COS) are explicitly supported. - For a list of supported file systems, see [the filesystems available - in Container-Optimized - OS](https://cloud.google.com/container-optimized-os/docs/concepts/supported-filesystems). - This field is mutable. - type: string - sourceImage: - description: >- - Optional. Name of the disk image to use as the source for the disk. - Must be empty if source_snapshot is set. Updating source_image will - update content in the ephemeral directory after the workstation is - restarted. Only file systems supported by Container-Optimized OS - (COS) are explicitly supported. For a list of supported file - systems, please refer to the [COS - documentation](https://cloud.google.com/container-optimized-os/docs/concepts/supported-filesystems). - This field is mutable. + workstations: + items: + $ref: '#/components/schemas/Workstation' + description: The requested workstations. + type: array + nextPageToken: type: string - readOnly: description: >- - Optional. Whether the disk is read only. If true, the disk may be - shared by multiple VMs and source_snapshot must be set. - type: boolean - Container: - id: Container - description: A Docker container. + Optional. Token to retrieve the next page of results, or empty if + there are no more results in the list. + unreachable: + type: array + description: Optional. Unreachable resources. + items: + type: string + type: object + id: ListWorkstationsResponse + description: Response message for ListWorkstations. + ListWorkstationClustersResponse: + description: Response message for ListWorkstationClusters. type: object + id: ListWorkstationClustersResponse properties: - image: + workstationClusters: + description: The requested workstation clusters. + items: + $ref: '#/components/schemas/WorkstationCluster' + type: array + nextPageToken: description: >- - Optional. A Docker container image that defines a custom - environment. Cloud Workstations provides a number of [preconfigured - images](https://cloud.google.com/workstations/docs/preconfigured-base-images), - but you can create your own [custom container - images](https://cloud.google.com/workstations/docs/custom-container-images). - If using a private image, the `host.gceInstance.serviceAccount` - field must be specified in the workstation configuration. If using a - custom container image, the service account must have [Artifact - Registry - Reader](https://cloud.google.com/artifact-registry/docs/access-control#roles) - permission to pull the specified image. Otherwise, the image must be - publicly accessible. + Token to retrieve the next page of results, or empty if there are no + more results in the list. type: string - command: - description: >- - Optional. If set, overrides the default ENTRYPOINT specified by the - image. - type: array - items: - type: string - args: - description: Optional. Arguments passed to the entrypoint. + unreachable: + description: Unreachable resources. type: array items: type: string - env: + PortRange: + id: PortRange + type: object + description: >- + A PortRange defines a range of ports. Both first and last are inclusive. + To specify a single port, both first and last should be the same. + properties: + last: + format: int32 + type: integer description: >- - Optional. Environment variables passed to the container's - entrypoint. + Required. Ending port number for the current range of ports. Valid + ports are 22, 80, and ports within the range 1024-65535. + first: + description: >- + Required. Starting port number for the current range of ports. Valid + ports are 22, 80, and ports within the range 1024-65535. + type: integer + format: int32 + Location: + type: object + description: A resource that represents a Google Cloud location. + id: Location + properties: + locationId: + description: 'The canonical id for this location. For example: `"us-east1"`.' + type: string + name: + type: string + description: >- + Resource name for the location, which may vary between + implementations. For example: + `"projects/example-project/locations/us-east1"` + metadata: + additionalProperties: + description: Properties of the object. Contains field @type with type URL. + type: any + description: >- + Service-specific metadata. For example the available capacity at the + given location. type: object + displayName: + type: string + description: >- + The friendly name for this location, typically a nearby city name. + For example, "Tokyo". + labels: additionalProperties: type: string - workingDir: - description: Optional. If set, overrides the default DIR specified by the image. - type: string - runAsUser: + type: object description: >- - Optional. If set, overrides the USER specified in the image with the - given uid. + Cross-service attributes for the location. For example + {"cloud.googleapis.com/region": "us-east1"} + GoogleProtobufEmpty: + id: GoogleProtobufEmpty + type: object + description: >- + A generic empty message that you can re-use to avoid defining duplicated + empty messages in your APIs. A typical example is to use it as the + request or the response type of an API method. For instance: service Foo + { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } + properties: {} + Status: + id: Status + description: >- + The `Status` type defines a logical error model that is suitable for + different programming environments, including REST APIs and RPC APIs. It + is used by [gRPC](https://github.com/grpc). Each `Status` message + contains three pieces of data: error code, error message, and error + details. You can find out more about this error model and how to work + with it in the [API Design + Guide](https://cloud.google.com/apis/design/errors). + properties: + message: + description: >- + A developer-facing error message, which should be in English. Any + user-facing error message should be localized and sent in the + google.rpc.Status.details field, or localized by the client. + type: string + code: type: integer + description: The status code, which should be an enum value of google.rpc.Code. format: int32 + details: + description: >- + A list of messages that carry the error details. There is a common + set of message types for APIs to use. + type: array + items: + type: object + additionalProperties: + type: any + description: Properties of the object. Contains field @type with type URL. + type: object CustomerEncryptionKey: + type: object id: CustomerEncryptionKey description: >- A customer-managed encryption key (CMEK) for the Compute Engine @@ -980,15 +907,7 @@ components: of your Cloud KMS encryption key and the default service account. We recommend that you use a separate service account and follow [Cloud KMS best practices](https://cloud.google.com/kms/docs/separation-of-duties). - type: object properties: - kmsKey: - description: >- - Immutable. The name of the Google Cloud KMS encryption key. For - example, - `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. - The key must be in the same region as the workstation configuration. - type: string kmsKeyServiceAccount: description: >- Immutable. The service account to use with the specified KMS key. We @@ -998,509 +917,405 @@ components: `gcloud kms keys add-iam-policy-binding` [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). type: string - ReadinessCheck: - id: ReadinessCheck - description: A readiness check to be performed on a workstation. - type: object + kmsKey: + type: string + description: >- + Immutable. The name of the Google Cloud KMS encryption key. For + example, + `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. + The key must be in the same region as the workstation configuration. + Expr: + id: Expr properties: - path: - description: Optional. Path to which the request should be sent. + title: type: string - port: - description: Optional. Port to which the request should be sent. - type: integer - format: int32 - PortRange: - id: PortRange - description: >- - A PortRange defines a range of ports. Both first and last are inclusive. - To specify a single port, both first and last should be the same. + description: >- + Optional. Title for the expression, i.e. a short string describing + its purpose. This can be used e.g. in UIs which allow to enter the + expression. + location: + type: string + description: >- + Optional. String indicating the location of the expression for error + reporting, e.g. a file name and a position in the file. + description: + description: >- + Optional. Description of the expression. This is a longer text which + describes the expression, e.g. when hovered over it in a UI. + type: string + expression: + type: string + description: >- + Textual representation of an expression in Common Expression + Language syntax. type: object + description: >- + Represents a textual expression in the Common Expression Language (CEL) + syntax. CEL is a C-like expression language. The syntax and semantics of + CEL are documented at https://github.com/google/cel-spec. Example + (Comparison): title: "Summary size limit" description: "Determines if a + summary is less than 100 chars" expression: "document.summary.size() < + 100" Example (Equality): title: "Requestor is owner" description: + "Determines if requestor is the document owner" expression: + "document.owner == request.auth.claims.email" Example (Logic): title: + "Public documents" description: "Determine whether the document should + be publicly visible" expression: "document.type != 'private' && + document.type != 'internal'" Example (Data Manipulation): title: + "Notification string" description: "Create a notification string with a + timestamp." expression: "'New message received at ' + + string(document.create_time)" The exact variables and functions that may + be referenced within an expression are determined by the service that + evaluates it. See the service documentation for additional information. + GceRegionalPersistentDisk: properties: - first: + diskType: description: >- - Required. Starting port number for the current range of ports. Valid - ports are 22, 80, and ports within the range 1024-65535. - type: integer - format: int32 - last: + Optional. The [type of the persistent + disk](https://cloud.google.com/compute/docs/disks#disk-types) for + the home directory. Defaults to `"pd-standard"`. + type: string + sizeGb: description: >- - Required. Ending port number for the current range of ports. Valid - ports are 22, 80, and ports within the range 1024-65535. + Optional. The GB capacity of a persistent home directory for each + workstation created with this configuration. Must be empty if + source_snapshot is set. Valid values are `10`, `50`, `100`, `200`, + `500`, or `1000`. Defaults to `200`. If less than `200` GB, the + disk_type must be `"pd-balanced"` or `"pd-ssd"`. type: integer format: int32 - ListWorkstationConfigsResponse: - id: ListWorkstationConfigsResponse - description: Response message for ListWorkstationConfigs. - type: object - properties: - workstationConfigs: - description: The requested configs. - type: array - items: - $ref: '#/components/schemas/WorkstationConfig' - nextPageToken: + fsType: + type: string description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. + Optional. Type of file system that the disk should be formatted + with. The workstation image must support this file system type. Must + be empty if source_snapshot is set. Defaults to `"ext4"`. + sourceSnapshot: type: string - unreachable: - description: Unreachable resources. - type: array - items: - type: string - ListUsableWorkstationConfigsResponse: - id: ListUsableWorkstationConfigsResponse - description: Response message for ListUsableWorkstationConfigs. - type: object - properties: - workstationConfigs: - description: The requested configs. - type: array - items: - $ref: '#/components/schemas/WorkstationConfig' - nextPageToken: description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. + Optional. Name of the snapshot to use as the source for the disk. If + set, size_gb and fs_type must be empty. Must be formatted as ext4 + file system with no partitions. + reclaimPolicy: + description: >- + Optional. Whether the persistent disk should be deleted when the + workstation is deleted. Valid values are `DELETE` and `RETAIN`. + Defaults to `DELETE`. type: string - unreachable: - description: Unreachable resources. - type: array - items: - type: string - Workstation: - id: Workstation + enumDescriptions: + - Do not use. + - Delete the persistent disk when deleting the workstation. + - >- + Keep the persistent disk when deleting the workstation. An + administrator must manually delete the disk. + enum: + - RECLAIM_POLICY_UNSPECIFIED + - DELETE + - RETAIN description: >- - A single instance of a developer workstation with its own persistent - storage. + A Persistent Directory backed by a Compute Engine regional persistent + disk. The persistent_directories field is repeated, but it may contain + only one entry. It creates a [persistent + disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that + mounts to the workstation VM at `/home` when the session starts and + detaches when the session ends. If this field is empty, workstations + created with this configuration do not have a persistent home directory. type: object + id: GceRegionalPersistentDisk + WorkstationConfig: + type: object + id: WorkstationConfig + description: >- + A workstation configuration resource in the Cloud Workstations API. + Workstation configurations act as templates for workstations. The + workstation configuration defines details such as the workstation + virtual machine (VM) instance type, persistent storage, container image + defining environment, which IDE or Code Editor to use, and more. + Administrators and platform teams can also use [Identity and Access + Management (IAM)](https://cloud.google.com/iam/docs/overview) rules to + grant access to teams or to individual developers. properties: - name: - description: Identifier. Full name of this workstation. - type: string - displayName: - description: Optional. Human-readable name for this workstation. - type: string - uid: - description: >- - Output only. A system-assigned unique identifier for this - workstation. - readOnly: true - type: string - reconciling: - description: >- - Output only. Indicates whether this workstation is currently being - updated to match its intended state. - readOnly: true - type: boolean annotations: - description: Optional. Client-specified annotations. - type: object additionalProperties: type: string - labels: - description: >- - Optional. - [Labels](https://cloud.google.com/workstations/docs/label-resources) - that are applied to the workstation and that are also propagated to - the underlying Compute Engine resources. + description: Optional. Client-specified annotations. type: object - additionalProperties: - type: string - createTime: - description: Output only. Time when this workstation was created. - readOnly: true + uid: type: string - format: google-datetime - updateTime: - description: Output only. Time when this workstation was most recently updated. readOnly: true - type: string - format: google-datetime - startTime: description: >- - Output only. Time when this workstation was most recently - successfully started, regardless of the workstation's initial state. - readOnly: true + Output only. A system-assigned unique identifier for this + workstation configuration. + idleTimeout: + description: >- + Optional. Number of seconds to wait before automatically stopping a + workstation after it last received user traffic. A value of `"0s"` + indicates that Cloud Workstations VMs created with this + configuration should never time out due to idleness. Provide + [duration](https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#duration) + terminated by `s` for seconds—for example, `"7200s"` (2 hours). The + default is `"1200s"` (20 minutes). + format: google-duration type: string - format: google-datetime - deleteTime: - description: Output only. Time when this workstation was soft-deleted. - readOnly: true + runningTimeout: + description: >- + Optional. Number of seconds that a workstation can run until it is + automatically shut down. We recommend that workstations be shut down + daily to reduce costs and so that security updates can be applied + upon restart. The idle_timeout and running_timeout fields are + independent of each other. Note that the running_timeout field shuts + down VMs after the specified time, regardless of whether or not the + VMs are idle. Provide duration terminated by `s` for seconds—for + example, `"54000s"` (15 hours). Defaults to `"43200s"` (12 hours). A + value of `"0s"` indicates that workstations using this configuration + should never time out. If encryption_key is set, it must be greater + than `"0s"` and less than `"86400s"` (24 hours). Warning: A value of + `"0s"` indicates that Cloud Workstations VMs created with this + configuration have no maximum running time. This is strongly + discouraged because you incur costs and will not pick up security + updates. type: string - format: google-datetime + format: google-duration + allowedPorts: + description: >- + Optional. A list of PortRanges specifying single ports or ranges of + ports that are externally accessible in the workstation. Allowed + ports must be one of 22, 80, or within range 1024-65535. If not + specified defaults to ports 22, 80, and ports 1024-65535. + items: + $ref: '#/components/schemas/PortRange' + type: array + maxUsableWorkstations: + type: integer + description: >- + Optional. Maximum number of workstations under this configuration a + user can have `workstations.workstation.use` permission on. Only + enforced on CreateWorkstation API calls on the user issuing the API + request. Can be overridden by: - granting a user + workstations.workstationConfigs.exemptMaxUsableWorkstationLimit + permission, or - having a user with that permission create a + workstation and granting another user `workstations.workstation.use` + permission on that workstation. If not specified, defaults to `0`, + which indicates unlimited. + format: int32 etag: + type: string description: >- Optional. Checksum computed by the server. May be sent on update and delete requests to make sure that the client has an up-to-date value before proceeding. - type: string - state: - description: Output only. Current state of the workstation. - readOnly: true - type: string - enumDescriptions: - - Do not use. - - >- - The workstation is not yet ready to accept requests from users but - will be soon. - - The workstation is ready to accept requests from users. - - The workstation is being stopped. - - >- - The workstation is stopped and will not be able to receive - requests until it is started. - enum: - - STATE_UNSPECIFIED - - STATE_STARTING - - STATE_RUNNING - - STATE_STOPPING - - STATE_STOPPED - host: + enableAuditAgent: description: >- - Output only. Host to which clients can send HTTPS traffic that will - be received by the workstation. Authorized traffic will be received - to the workstation as HTTP on port 80. To send traffic to a - different port, clients may prefix the host with the destination - port in the format `{port}-{host}`. + Optional. Whether to enable Linux `auditd` logging on the + workstation. When enabled, a service_account must also be specified + that has `roles/logging.logWriter` and + `roles/monitoring.metricWriter` on the project. Operating system + audit logging is distinct from [Cloud Audit + Logs](https://cloud.google.com/workstations/docs/audit-logging) and + [Container output + logging](https://cloud.google.com/workstations/docs/container-output-logging#overview). + Operating system audit logs are available in the [Cloud + Logging](https://cloud.google.com/logging/docs) console by querying: + resource.type="gce_instance" log_name:"/logs/linux-auditd" + type: boolean + conditions: + type: array readOnly: true - type: string - env: + items: + $ref: '#/components/schemas/Status' description: >- - Optional. Environment variables passed to the workstation - container's entrypoint. - type: object - additionalProperties: - type: string - kmsKey: + Output only. Status conditions describing the workstation + configuration's current state. + reconciling: + type: boolean description: >- - Output only. The name of the Google Cloud KMS encryption key used to - encrypt this workstation. The KMS key can only be configured in the - WorkstationConfig. The expected format is - `projects/*/locations/*/keyRings/*/cryptoKeys/*`. + Output only. Indicates whether this workstation configuration is + currently being updated to match its intended state. readOnly: true - type: string - sourceWorkstation: + readinessChecks: + items: + $ref: '#/components/schemas/ReadinessCheck' + type: array description: >- - Optional. The source workstation from which this workstation's - persistent directories were cloned on creation. - type: string - runtimeHost: + Optional. Readiness checks to perform when starting a workstation + using this workstation configuration. Mark a workstation as running + only after all specified readiness checks return 200 status codes. + host: + description: Optional. Runtime host for the workstation. + $ref: '#/components/schemas/Host' + container: description: >- - Optional. Output only. Runtime host for the workstation when in - STATE_RUNNING. - readOnly: true - $ref: '#/components/schemas/RuntimeHost' - RuntimeHost: - id: RuntimeHost - description: Runtime host for the workstation. - type: object - properties: - gceInstanceHost: - description: Specifies a Compute Engine instance as the host. - $ref: '#/components/schemas/GceInstanceHost' - GceInstanceHost: - id: GceInstanceHost - description: The Compute Engine instance host. - type: object - properties: + Optional. Container that runs upon startup for each workstation + using this workstation configuration. + $ref: '#/components/schemas/Container' name: - description: Optional. Output only. The name of the Compute Engine instance. - readOnly: true - type: string - id: - description: Optional. Output only. The ID of the Compute Engine instance. - readOnly: true - type: string - zone: - description: Optional. Output only. The zone of the Compute Engine instance. - readOnly: true type: string - ListWorkstationsResponse: - id: ListWorkstationsResponse - description: Response message for ListWorkstations. - type: object - properties: - workstations: - description: The requested workstations. - type: array - items: - $ref: '#/components/schemas/Workstation' - nextPageToken: + description: Identifier. Full name of this workstation configuration. + replicaZones: description: >- - Optional. Token to retrieve the next page of results, or empty if - there are no more results in the list. - type: string - unreachable: - description: Optional. Unreachable resources. - type: array + Optional. Immutable. Specifies the zones used to replicate the VM + and disk resources within the region. If set, exactly two zones + within the workstation cluster's region must be specified—for + example, `['us-central1-a', 'us-central1-f']`. If this field is + empty, two default zones within the region are used. Immutable after + the workstation configuration is created. items: type: string - ListUsableWorkstationsResponse: - id: ListUsableWorkstationsResponse - description: Response message for ListUsableWorkstations. - type: object - properties: - workstations: - description: The requested workstations. - type: array - items: - $ref: '#/components/schemas/Workstation' - nextPageToken: - description: >- - Token to retrieve the next page of results, or empty if there are no - more results in the list. - type: string - unreachable: - description: Unreachable resources. type: array - items: - type: string - StartWorkstationRequest: - id: StartWorkstationRequest - description: Request message for StartWorkstation. - type: object - properties: - validateOnly: + degraded: + type: boolean + readOnly: true description: >- - Optional. If set, validate the request and preview the review, but - do not actually apply it. + Output only. Whether this workstation configuration is in degraded + mode, in which case it may require user action to restore full + functionality. The conditions field contains detailed information + about the status of the configuration. + disableTcpConnections: type: boolean - etag: description: >- - Optional. If set, the request will be rejected if the latest version - of the workstation on the server does not have this ETag. - type: string - boostConfig: + Optional. Disables support for plain TCP connections in the + workstation. By default the service supports TCP connections through + a websocket relay. Setting this option to true disables that relay, + which prevents the usage of services that require plain TCP + connections, such as SSH. When enabled, all communication must occur + over HTTPS or WSS. + grantWorkstationAdminRoleOnCreate: + type: boolean description: >- - Optional. If set, the workstation starts using the boost - configuration with the specified ID. - type: string - StopWorkstationRequest: - id: StopWorkstationRequest - description: Request message for StopWorkstation. - type: object - properties: - validateOnly: + Optional. Grant creator of a workstation + `roles/workstations.policyAdmin` role along with + `roles/workstations.user` role on the workstation created by them. + This allows workstation users to share access to either their entire + workstation, or individual ports. Defaults to false. + labels: description: >- - Optional. If set, validate the request and preview the review, but - do not actually apply it. - type: boolean - etag: + Optional. + [Labels](https://cloud.google.com/workstations/docs/label-resources) + that are applied to the workstation configuration and that are also + propagated to the underlying Compute Engine resources. + additionalProperties: + type: string + type: object + encryptionKey: description: >- - Optional. If set, the request will be rejected if the latest version - of the workstation on the server does not have this ETag. - type: string - GenerateAccessTokenRequest: - id: GenerateAccessTokenRequest - description: Request message for GenerateAccessToken. - type: object - properties: - expireTime: + Immutable. Encrypts resources of this workstation configuration + using a customer-managed encryption key (CMEK). If specified, the + boot disk of the Compute Engine instance and the persistent disk are + encrypted using this encryption key. If this field is not set, the + disks are encrypted using a generated key. Customer-managed + encryption keys do not protect disk metadata. If the + customer-managed encryption key is rotated, when the workstation + instance is stopped, the system attempts to recreate the persistent + disk with the new version of the key. Be sure to keep older versions + of the key until the persistent disk is recreated. Otherwise, data + on the persistent disk might be lost. If the encryption key is + revoked, the workstation session automatically stops within 7 hours. + Immutable after the workstation configuration is created. + $ref: '#/components/schemas/CustomerEncryptionKey' + persistentDirectories: + items: + $ref: '#/components/schemas/PersistentDirectory' + description: Optional. Directories to persist across workstation sessions. + type: array + updateTime: + format: google-datetime + readOnly: true description: >- - Desired expiration time of the access token. This value must be at - most 24 hours in the future. If a value is not specified, the - token's expiration time will be set to a default value of 1 hour in - the future. + Output only. Time when this workstation configuration was most + recently updated. type: string + createTime: format: google-datetime - ttl: - description: >- - Desired lifetime duration of the access token. This value must be at - most 24 hours. If a value is not specified, the token's lifetime - will be set to a default value of 1 hour. type: string - format: google-duration - port: - description: >- - Optional. Port for which the access token should be generated. If - specified, the generated access token grants access only to the - specified port of the workstation. If specified, values must be - within the range [1 - 65535]. If not specified, the generated access - token grants access to all ports of the workstation. - type: integer - format: int32 - GenerateAccessTokenResponse: - id: GenerateAccessTokenResponse - description: Response message for GenerateAccessToken. - type: object - properties: - accessToken: + description: Output only. Time when this workstation configuration was created. + readOnly: true + ephemeralDirectories: description: >- - The generated bearer access token. To use this token, include it in - an Authorization header of an HTTP request sent to the associated - workstation's hostname—for example, `Authorization: Bearer `. + Optional. Ephemeral directories which won't persist across + workstation sessions. + type: array + items: + $ref: '#/components/schemas/EphemeralDirectory' + displayName: type: string - expireTime: - description: Time at which the generated token will expire. + description: Optional. Human-readable name for this workstation configuration. + deleteTime: + description: >- + Output only. Time when this workstation configuration was + soft-deleted. type: string + readOnly: true format: google-datetime - ListLocationsResponse: - id: ListLocationsResponse - description: The response message for Locations.ListLocations. - type: object + Container: properties: - locations: - description: >- - A list of locations that matches the specified filter in the - request. + command: type: array items: - $ref: '#/components/schemas/Location' - nextPageToken: - description: The standard List next-page token. - type: string - Location: - id: Location - description: A resource that represents a Google Cloud location. - type: object - properties: - name: + type: string description: >- - Resource name for the location, which may vary between - implementations. For example: - `"projects/example-project/locations/us-east1"` - type: string - locationId: - description: 'The canonical id for this location. For example: `"us-east1"`.' + Optional. If set, overrides the default ENTRYPOINT specified by the + image. + args: + description: Optional. Arguments passed to the entrypoint. + items: + type: string + type: array + workingDir: type: string - displayName: - description: >- - The friendly name for this location, typically a nearby city name. - For example, "Tokyo". + description: Optional. If set, overrides the default DIR specified by the image. + image: type: string - labels: description: >- - Cross-service attributes for the location. For example - {"cloud.googleapis.com/region": "us-east1"} - type: object + Optional. A Docker container image that defines a custom + environment. Cloud Workstations provides a number of [preconfigured + images](https://cloud.google.com/workstations/docs/preconfigured-base-images), + but you can create your own [custom container + images](https://cloud.google.com/workstations/docs/custom-container-images). + If using a private image, the `host.gceInstance.serviceAccount` + field must be specified in the workstation configuration. If using a + custom container image, the service account must have [Artifact + Registry + Reader](https://cloud.google.com/artifact-registry/docs/access-control#roles) + permission to pull the specified image. Otherwise, the image must be + publicly accessible. + env: additionalProperties: type: string - metadata: - description: >- - Service-specific metadata. For example the available capacity at the - given location. type: object - additionalProperties: - type: any - description: Properties of the object. Contains field @type with type URL. - SetIamPolicyRequest: - id: SetIamPolicyRequest - description: Request message for `SetIamPolicy` method. - type: object - properties: - policy: description: >- - REQUIRED: The complete policy to be applied to the `resource`. The - size of the policy is limited to a few 10s of KB. An empty policy is - a valid policy but certain Google Cloud services (such as Projects) - might reject them. - $ref: '#/components/schemas/Policy' - updateMask: + Optional. Environment variables passed to the container's + entrypoint. + runAsUser: + type: integer description: >- - OPTIONAL: A FieldMask specifying which fields of the policy to - modify. Only the fields in the mask will be modified. If no mask is - provided, the following default mask is used: `paths: "bindings, - etag"` - type: string - format: google-fieldmask - Policy: - id: Policy - description: >- - An Identity and Access Management (IAM) policy, which specifies access - controls for Google Cloud resources. A `Policy` is a collection of - `bindings`. A `binding` binds one or more `members`, or principals, to a - single `role`. Principals can be user accounts, service accounts, Google - groups, and domains (such as G Suite). A `role` is a named list of - permissions; each `role` can be an IAM predefined role or a user-created - custom role. For some types of Google Cloud resources, a `binding` can - also specify a `condition`, which is a logical expression that allows - access to a resource only if the expression evaluates to `true`. A - condition can add constraints based on attributes of the request, the - resource, or both. To learn which resources support conditions in their - IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - **JSON example:** ``` { "bindings": [ { "role": - "roles/resourcemanager.organizationAdmin", "members": [ - "user:mike@example.com", "group:admins@example.com", - "domain:google.com", - "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { - "role": "roles/resourcemanager.organizationViewer", "members": [ - "user:eve@example.com" ], "condition": { "title": "expirable access", - "description": "Does not grant access after Sep 2020", "expression": - "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": - "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - - members: - user:mike@example.com - group:admins@example.com - - domain:google.com - - serviceAccount:my-project-id@appspot.gserviceaccount.com role: - roles/resourcemanager.organizationAdmin - members: - - user:eve@example.com role: roles/resourcemanager.organizationViewer - condition: title: expirable access description: Does not grant access - after Sep 2020 expression: request.time < - timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` - For a description of IAM and its features, see the [IAM - documentation](https://cloud.google.com/iam/docs/). + Optional. If set, overrides the USER specified in the image with the + given uid. + format: int32 type: object + description: A Docker container. + id: Container + ListWorkstationConfigsResponse: + description: Response message for ListWorkstationConfigs. properties: - version: - description: >- - Specifies the format of the policy. Valid values are `0`, `1`, and - `3`. Requests that specify an invalid value are rejected. Any - operation that affects conditional role bindings must specify - version `3`. This requirement applies to the following operations: * - Getting a policy that includes a conditional role binding * Adding a - conditional role binding to a policy * Changing a conditional role - binding in a policy * Removing any role binding, with or without a - condition, from a policy that includes conditions **Important:** If - you use IAM Conditions, you must include the `etag` field whenever - you call `setIamPolicy`. If you omit this field, then IAM allows you - to overwrite a version `3` policy with a version `1` policy, and all - of the conditions in the version `3` policy are lost. If a policy - does not include any conditions, operations on that policy may - specify any valid version or leave the field unset. To learn which - resources support conditions in their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - type: integer - format: int32 - bindings: + nextPageToken: description: >- - Associates a list of `members`, or principals, with a `role`. - Optionally, may specify a `condition` that determines how and when - the `bindings` are applied. Each of the `bindings` must contain at - least one principal. The `bindings` in a `Policy` can refer to up to - 1,500 principals; up to 250 of these principals can be Google - groups. Each occurrence of a principal counts towards these limits. - For example, if the `bindings` grant 50 different roles to - `user:alice@example.com`, and not to any other principal, then you - can add another 1,450 principals to the `bindings` in the `Policy`. - type: array + Token to retrieve the next page of results, or empty if there are no + more results in the list. + type: string + unreachable: + description: Unreachable resources. items: - $ref: '#/components/schemas/Binding' - auditConfigs: - description: Specifies cloud audit logging configuration for this policy. + type: string type: array + workstationConfigs: items: - $ref: '#/components/schemas/AuditConfig' - etag: - description: >- - `etag` is used for optimistic concurrency control as a way to help - prevent simultaneous updates of a policy from overwriting each - other. It is strongly suggested that systems make use of the `etag` - in the read-modify-write cycle to perform policy updates in order to - avoid race conditions: An `etag` is returned in the response to - `getIamPolicy`, and systems are expected to put that etag in the - request to `setIamPolicy` to ensure that their change will be - applied to the same version of the policy. **Important:** If you use - IAM Conditions, you must include the `etag` field whenever you call - `setIamPolicy`. If you omit this field, then IAM allows you to - overwrite a version `3` policy with a version `1` policy, and all of - the conditions in the version `3` policy are lost. - type: string - format: byte + $ref: '#/components/schemas/WorkstationConfig' + type: array + description: The requested configs. + id: ListWorkstationConfigsResponse + type: object Binding: id: Binding description: Associates `members`, or principals, with a `role`. - type: object properties: role: description: >- @@ -1511,7 +1326,21 @@ components: For a list of the available pre-defined roles, see [here](https://cloud.google.com/iam/docs/understanding-roles). type: string + condition: + $ref: '#/components/schemas/Expr' + description: >- + The condition that is associated with this binding. If the condition + evaluates to `true`, then this binding applies to the current + request. If the condition evaluates to `false`, then this binding + does not apply to the current request. However, a different role + binding might grant the same role to one or more of the principals + in this binding. To learn which resources support conditions in + their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). members: + type: array + items: + type: string description: >- Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A @@ -1571,195 +1400,456 @@ components: `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. + type: object + Policy: + id: Policy + properties: + auditConfigs: + type: array + items: + $ref: '#/components/schemas/AuditConfig' + description: Specifies cloud audit logging configuration for this policy. + bindings: + type: array + description: >- + Associates a list of `members`, or principals, with a `role`. + Optionally, may specify a `condition` that determines how and when + the `bindings` are applied. Each of the `bindings` must contain at + least one principal. The `bindings` in a `Policy` can refer to up to + 1,500 principals; up to 250 of these principals can be Google + groups. Each occurrence of a principal counts towards these limits. + For example, if the `bindings` grant 50 different roles to + `user:alice@example.com`, and not to any other principal, then you + can add another 1,450 principals to the `bindings` in the `Policy`. + items: + $ref: '#/components/schemas/Binding' + etag: + type: string + format: byte + description: >- + `etag` is used for optimistic concurrency control as a way to help + prevent simultaneous updates of a policy from overwriting each + other. It is strongly suggested that systems make use of the `etag` + in the read-modify-write cycle to perform policy updates in order to + avoid race conditions: An `etag` is returned in the response to + `getIamPolicy`, and systems are expected to put that etag in the + request to `setIamPolicy` to ensure that their change will be + applied to the same version of the policy. **Important:** If you use + IAM Conditions, you must include the `etag` field whenever you call + `setIamPolicy`. If you omit this field, then IAM allows you to + overwrite a version `3` policy with a version `1` policy, and all of + the conditions in the version `3` policy are lost. + version: + type: integer + format: int32 + description: >- + Specifies the format of the policy. Valid values are `0`, `1`, and + `3`. Requests that specify an invalid value are rejected. Any + operation that affects conditional role bindings must specify + version `3`. This requirement applies to the following operations: * + Getting a policy that includes a conditional role binding * Adding a + conditional role binding to a policy * Changing a conditional role + binding in a policy * Removing any role binding, with or without a + condition, from a policy that includes conditions **Important:** If + you use IAM Conditions, you must include the `etag` field whenever + you call `setIamPolicy`. If you omit this field, then IAM allows you + to overwrite a version `3` policy with a version `1` policy, and all + of the conditions in the version `3` policy are lost. If a policy + does not include any conditions, operations on that policy may + specify any valid version or leave the field unset. To learn which + resources support conditions in their IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + description: >- + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. A `Policy` is a collection of + `bindings`. A `binding` binds one or more `members`, or principals, to a + single `role`. Principals can be user accounts, service accounts, Google + groups, and domains (such as G Suite). A `role` is a named list of + permissions; each `role` can be an IAM predefined role or a user-created + custom role. For some types of Google Cloud resources, a `binding` can + also specify a `condition`, which is a logical expression that allows + access to a resource only if the expression evaluates to `true`. A + condition can add constraints based on attributes of the request, the + resource, or both. To learn which resources support conditions in their + IAM policies, see the [IAM + documentation](https://cloud.google.com/iam/help/conditions/resource-policies). + **JSON example:** ``` { "bindings": [ { "role": + "roles/resourcemanager.organizationAdmin", "members": [ + "user:mike@example.com", "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { + "role": "roles/resourcemanager.organizationViewer", "members": [ + "user:eve@example.com" ], "condition": { "title": "expirable access", + "description": "Does not grant access after Sep 2020", "expression": + "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": + "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - + members: - user:mike@example.com - group:admins@example.com - + domain:google.com - + serviceAccount:my-project-id@appspot.gserviceaccount.com role: + roles/resourcemanager.organizationAdmin - members: - + user:eve@example.com role: roles/resourcemanager.organizationViewer + condition: title: expirable access description: Does not grant access + after Sep 2020 expression: request.time < + timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` + For a description of IAM and its features, see the [IAM + documentation](https://cloud.google.com/iam/docs/). + type: object + GceInstanceHost: + description: The Compute Engine instance host. + type: object + properties: + zone: + description: Optional. Output only. The zone of the Compute Engine instance. + readOnly: true + type: string + id: + description: Optional. Output only. The ID of the Compute Engine instance. + type: string + readOnly: true + name: + type: string + description: Optional. Output only. The name of the Compute Engine instance. + readOnly: true + id: GceInstanceHost + ListLocationsResponse: + properties: + locations: + description: >- + A list of locations that matches the specified filter in the + request. + items: + $ref: '#/components/schemas/Location' + type: array + nextPageToken: + type: string + description: The standard List next-page token. + id: ListLocationsResponse + type: object + description: The response message for Locations.ListLocations. + Host: + properties: + gceInstance: + $ref: '#/components/schemas/GceInstance' + description: Specifies a Compute Engine instance as the host. + id: Host + type: object + description: Runtime host for a workstation. + OperationMetadata: + properties: + requestedCancellation: + description: >- + Output only. Identifies whether the user has requested cancellation + of the operation. + type: boolean + readOnly: true + statusMessage: + description: Output only. Human-readable status of the operation, if any. + type: string + readOnly: true + target: + type: string + description: >- + Output only. Server-defined resource path for the target of the + operation. + readOnly: true + apiVersion: + type: string + readOnly: true + description: Output only. API version used to start the operation. + verb: + readOnly: true + description: Output only. Name of the verb executed by the operation. + type: string + endTime: + format: google-datetime + description: Output only. Time that the operation finished running. + readOnly: true + type: string + createTime: + readOnly: true + description: Output only. Time that the operation was created. + format: google-datetime + type: string + id: OperationMetadata + description: Metadata for long-running operations. + type: object + TestIamPermissionsResponse: + description: Response message for `TestIamPermissions` method. + type: object + id: TestIamPermissionsResponse + properties: + permissions: + items: + type: string type: array + description: >- + A subset of `TestPermissionsRequest.permissions` that the caller is + allowed. + WorkstationCluster: + id: WorkstationCluster + properties: + updateTime: + description: >- + Output only. Time when this workstation cluster was most recently + updated. + type: string + format: google-datetime + readOnly: true + conditions: + description: >- + Output only. Status conditions describing the workstation cluster's + current state. + readOnly: true items: + $ref: '#/components/schemas/Status' + type: array + labels: + description: >- + Optional. + [Labels](https://cloud.google.com/workstations/docs/label-resources) + that are applied to the workstation cluster and that are also + propagated to the underlying Compute Engine resources. + additionalProperties: + type: string + type: object + network: + type: string + description: >- + Immutable. Name of the Compute Engine network in which instances + associated with this workstation cluster will be created. + domainConfig: + description: Optional. Configuration options for a custom domain. + $ref: '#/components/schemas/DomainConfig' + subnetwork: + type: string + description: >- + Immutable. Name of the Compute Engine subnetwork in which instances + associated with this workstation cluster will be created. Must be + part of the subnetwork specified for this workstation cluster. + tags: + description: >- + Optional. Input only. Immutable. Tag keys/values directly bound to + this resource. For example: "123/environment": "production", + "123/costCenter": "marketing" + additionalProperties: + type: string + type: object + privateClusterConfig: + description: Optional. Configuration for private workstation cluster. + $ref: '#/components/schemas/PrivateClusterConfig' + annotations: + description: Optional. Client-specified annotations. + additionalProperties: type: string - condition: + type: object + uid: + readOnly: true description: >- - The condition that is associated with this binding. If the condition - evaluates to `true`, then this binding applies to the current - request. If the condition evaluates to `false`, then this binding - does not apply to the current request. However, a different role - binding might grant the same role to one or more of the principals - in this binding. To learn which resources support conditions in - their IAM policies, see the [IAM - documentation](https://cloud.google.com/iam/help/conditions/resource-policies). - $ref: '#/components/schemas/Expr' - Expr: - id: Expr - description: >- - Represents a textual expression in the Common Expression Language (CEL) - syntax. CEL is a C-like expression language. The syntax and semantics of - CEL are documented at https://github.com/google/cel-spec. Example - (Comparison): title: "Summary size limit" description: "Determines if a - summary is less than 100 chars" expression: "document.summary.size() < - 100" Example (Equality): title: "Requestor is owner" description: - "Determines if requestor is the document owner" expression: - "document.owner == request.auth.claims.email" Example (Logic): title: - "Public documents" description: "Determine whether the document should - be publicly visible" expression: "document.type != 'private' && - document.type != 'internal'" Example (Data Manipulation): title: - "Notification string" description: "Create a notification string with a - timestamp." expression: "'New message received at ' + - string(document.create_time)" The exact variables and functions that may - be referenced within an expression are determined by the service that - evaluates it. See the service documentation for additional information. - type: object - properties: - expression: + Output only. A system-assigned unique identifier for this + workstation cluster. + type: string + name: + description: Identifier. Full name of this workstation cluster. + type: string + etag: description: >- - Textual representation of an expression in Common Expression - Language syntax. + Optional. Checksum computed by the server. May be sent on update and + delete requests to make sure that the client has an up-to-date value + before proceeding. type: string - title: + gatewayConfig: + $ref: '#/components/schemas/GatewayConfig' + description: Optional. Configuration options for Cluster HTTP Gateway. + controlPlaneIp: description: >- - Optional. Title for the expression, i.e. a short string describing - its purpose. This can be used e.g. in UIs which allow to enter the - expression. + Output only. The private IP address of the control plane for this + workstation cluster. Workstation VMs need access to this IP address + to work with the service, so make sure that your firewall rules + allow egress from the workstation VMs to this address. type: string - description: + readOnly: true + degraded: + type: boolean + readOnly: true description: >- - Optional. Description of the expression. This is a longer text which - describes the expression, e.g. when hovered over it in a UI. + Output only. Whether this workstation cluster is in degraded mode, + in which case it may require user action to restore full + functionality. The conditions field contains detailed information + about the status of the cluster. + createTime: + description: Output only. Time when this workstation cluster was created. + format: google-datetime type: string - location: + readOnly: true + deleteTime: + description: Output only. Time when this workstation cluster was soft-deleted. + type: string + format: google-datetime + readOnly: true + reconciling: description: >- - Optional. String indicating the location of the expression for error - reporting, e.g. a file name and a position in the file. + Output only. Indicates whether this workstation cluster is currently + being updated to match its intended state. + readOnly: true + type: boolean + displayName: + description: Optional. Human-readable name for this workstation cluster. type: string - AuditConfig: - id: AuditConfig + type: object description: >- - Specifies the audit configuration for a service. The configuration - determines which permission types are logged, and what identities, if - any, are exempted from logging. An AuditConfig must have one or more - AuditLogConfigs. If there are AuditConfigs for both `allServices` and a - specific service, the union of the two AuditConfigs is used for that - service: the log_types specified in each AuditConfig are enabled, and - the exempted_members in each AuditLogConfig are exempted. Example Policy - with multiple AuditConfigs: { "audit_configs": [ { "service": - "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", - "exempted_members": [ "user:jose@example.com" ] }, { "log_type": - "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": - "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": - "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ - "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy - enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts - `jose@example.com` from DATA_READ logging, and `aliya@example.com` from - DATA_WRITE logging. + A workstation cluster resource in the Cloud Workstations API. Defines a + group of workstations in a particular region and the VPC network they're + attached to. + BoostConfig: + description: >- + A boost configuration is a set of resources that a workstation can use + to increase its performance. If you specify a boost configuration, upon + startup, workstation users can choose to use a VM provisioned under the + boost config by passing the boost config ID in the start request. If the + workstation user does not provide a boost config ID in the start + request, the system will choose a VM from the pool provisioned under the + default config. type: object + id: BoostConfig properties: - service: + accelerators: description: >- - Specifies a service that will be enabled for audit logging. For - example, `storage.googleapis.com`, `cloudsql.googleapis.com`. - `allServices` is a special value that covers all services. + Optional. A list of the type and count of accelerator cards attached + to the boost instance. Defaults to `none`. + type: array + items: + $ref: '#/components/schemas/Accelerator' + bootDiskSizeGb: + type: integer + format: int32 + description: >- + Optional. The size of the boot disk for the VM in gigabytes (GB). + The minimum boot disk size is `30` GB. Defaults to `50` GB. + id: type: string - auditLogConfigs: - description: The configuration for logging of each type of permission. + description: Required. The ID to be used for the boost configuration. + enableNestedVirtualization: + type: boolean + description: >- + Optional. Whether to enable nested virtualization on boosted Cloud + Workstations VMs running using this boost configuration. Defaults to + false. Nested virtualization lets you run virtual machine (VM) + instances inside your workstation. Before enabling nested + virtualization, consider the following important considerations. + Cloud Workstations instances are subject to the [same restrictions + as Compute Engine + instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): + * **Organization policy**: projects, folders, or organizations may + be restricted from creating nested VMs if the **Disable VM nested + virtualization** constraint is enforced in the organization policy. + For more information, see the Compute Engine section, [Checking + whether nested virtualization is + allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). + * **Performance**: nested VMs might experience a 10% or greater + decrease in performance for workloads that are CPU-bound and + possibly greater than a 10% decrease for workloads that are + input/output bound. * **Machine Type**: nested virtualization can + only be enabled on boost configurations that specify a machine_type + in the N1 or N2 machine series. + poolSize: + description: >- + Optional. The number of boost VMs that the system should keep idle + so that workstations can be boosted quickly. Defaults to `0`. + format: int32 + type: integer + machineType: + description: >- + Optional. The type of machine that boosted VM instances will use—for + example, `e2-standard-4`. For more information about machine types + that Cloud Workstations supports, see the list of [available machine + types](https://cloud.google.com/workstations/docs/available-machine-types). + Defaults to `e2-standard-4`. + type: string + GatewayConfig: + properties: + http2Enabled: + type: boolean + description: >- + Optional. Whether HTTP/2 is enabled for this workstation cluster. + Defaults to false. + type: object + description: Configuration options for Cluster HTTP Gateway. + id: GatewayConfig + RuntimeHost: + properties: + gceInstanceHost: + description: Specifies a Compute Engine instance as the host. + $ref: '#/components/schemas/GceInstanceHost' + description: Runtime host for the workstation. + id: RuntimeHost + type: object + ListUsableWorkstationsResponse: + properties: + workstations: type: array + description: The requested workstations. items: - $ref: '#/components/schemas/AuditLogConfig' - AuditLogConfig: - id: AuditLogConfig - description: >- - Provides the configuration for logging a type of permissions. Example: { - "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ - "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This - enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting - jose@example.com from DATA_READ logging. + $ref: '#/components/schemas/Workstation' + nextPageToken: + type: string + description: >- + Token to retrieve the next page of results, or empty if there are no + more results in the list. + unreachable: + type: array + description: Unreachable resources. + items: + type: string type: object + id: ListUsableWorkstationsResponse + description: Response message for ListUsableWorkstations. + AuditLogConfig: properties: logType: description: The log type that this config enables. type: string - enumDescriptions: - - Default case. Should never be this. - - 'Admin reads. Example: CloudIAM getIamPolicy' - - 'Data writes. Example: CloudSQL Users create' - - 'Data reads. Example: CloudSQL Users list' enum: - LOG_TYPE_UNSPECIFIED - ADMIN_READ - DATA_WRITE - DATA_READ - exemptedMembers: - description: >- - Specifies the identities that do not cause logging for this type of - permission. Follows the same format of Binding.members. - type: array - items: - type: string - TestIamPermissionsRequest: - id: TestIamPermissionsRequest - description: Request message for `TestIamPermissions` method. - type: object - properties: - permissions: - description: >- - The set of permissions to check for the `resource`. Permissions with - wildcards (such as `*` or `storage.*`) are not allowed. For more - information see [IAM - Overview](https://cloud.google.com/iam/docs/overview#permissions). - type: array - items: - type: string - TestIamPermissionsResponse: - id: TestIamPermissionsResponse - description: Response message for `TestIamPermissions` method. - type: object - properties: - permissions: + enumDescriptions: + - Default case. Should never be this. + - 'Admin reads. Example: CloudIAM getIamPolicy' + - 'Data writes. Example: CloudSQL Users create' + - 'Data reads. Example: CloudSQL Users list' + exemptedMembers: description: >- - A subset of `TestPermissionsRequest.permissions` that the caller is - allowed. + Specifies the identities that do not cause logging for this type of + permission. Follows the same format of Binding.members. type: array items: type: string - OperationMetadata: - id: OperationMetadata - description: Metadata for long-running operations. + description: >- + Provides the configuration for logging a type of permissions. Example: { + "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ + "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This + enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting + jose@example.com from DATA_READ logging. type: object - properties: - createTime: - description: Output only. Time that the operation was created. - readOnly: true - type: string - format: google-datetime - endTime: - description: Output only. Time that the operation finished running. - readOnly: true - type: string - format: google-datetime - target: - description: >- - Output only. Server-defined resource path for the target of the - operation. - readOnly: true - type: string - verb: - description: Output only. Name of the verb executed by the operation. - readOnly: true - type: string - statusMessage: - description: Output only. Human-readable status of the operation, if any. - readOnly: true - type: string - requestedCancellation: - description: >- - Output only. Identifies whether the user has requested cancellation - of the operation. - readOnly: true - type: boolean - apiVersion: - description: Output only. API version used to start the operation. - readOnly: true - type: string + id: AuditLogConfig parameters: - access_token: - description: OAuth access token. + callback: + description: JSONP in: query - name: access_token + name: callback + schema: + type: string + uploadType: + description: Legacy upload protocol for media (e.g. "media", "multipart"). + in: query + name: uploadType + schema: + type: string + upload_protocol: + description: Upload protocol for media (e.g. "raw", "multipart"). + in: query + name: upload_protocol schema: type: string alt: @@ -1772,16 +1862,25 @@ components: - json - media - proto - callback: - description: JSONP + _.xgafv: + description: V1 error format. in: query - name: callback + name: $.xgafv schema: type: string - fields: - description: Selector specifying which fields to include in a partial response. + enum: + - '1' + - '2' + access_token: + description: OAuth access token. in: query - name: fields + name: access_token + schema: + type: string + oauth_token: + description: OAuth 2.0 token for the current user. + in: query + name: oauth_token schema: type: string key: @@ -1793,18 +1892,6 @@ components: name: key schema: type: string - oauth_token: - description: OAuth 2.0 token for the current user. - in: query - name: oauth_token - schema: - type: string - prettyPrint: - description: Returns response with indentations and line breaks. - in: query - name: prettyPrint - schema: - type: boolean quotaUser: description: >- Available to use for quota purposes for server-side applications. Can be @@ -1814,102 +1901,38 @@ components: name: quotaUser schema: type: string - upload_protocol: - description: Upload protocol for media (e.g. "raw", "multipart"). - in: query - name: upload_protocol - schema: - type: string - uploadType: - description: Legacy upload protocol for media (e.g. "media", "multipart"). + fields: + description: Selector specifying which fields to include in a partial response. in: query - name: uploadType + name: fields schema: type: string - _.xgafv: - description: V1 error format. + prettyPrint: + description: Returns response with indentations and line breaks. in: query - name: $.xgafv + name: prettyPrint schema: - type: string - enum: - - '1' - - '2' + type: boolean x-stackQL-resources: - locations: - id: google.workstations.locations - name: locations - title: Locations - methods: - list: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.locations - get: - operation: - $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/locations/methods/get' - - $ref: '#/components/x-stackQL-resources/locations/methods/list' - insert: [] - update: [] - replace: [] - delete: [] - operations: - id: google.workstations.operations - name: operations - title: Operations + workstation_clusters: + id: google.workstations.workstation_clusters + name: workstation_clusters + title: Workstation_clusters methods: - list: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get - response: - mediaType: application/json - openAPIDocKey: '200' - objectKey: $.operations - get: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}/patch response: mediaType: application/json openAPIDocKey: '200' delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete - response: - mediaType: application/json - openAPIDocKey: '200' - cancel: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}/delete response: mediaType: application/json openAPIDocKey: '200' - sqlVerbs: - select: - - $ref: '#/components/x-stackQL-resources/operations/methods/get' - - $ref: '#/components/x-stackQL-resources/operations/methods/list' - insert: [] - update: [] - replace: [] - delete: - - $ref: '#/components/x-stackQL-resources/operations/methods/delete' - workstation_clusters: - id: google.workstations.workstation_clusters - name: workstation_clusters - title: Workstation_clusters - methods: get: operation: $ref: >- @@ -1917,17 +1940,10 @@ components: response: mediaType: application/json openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: + create: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters/post response: mediaType: application/json openAPIDocKey: '200' @@ -1939,13 +1955,6 @@ components: mediaType: application/json openAPIDocKey: '200' objectKey: $.workstationClusters - create: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters/post - response: - mediaType: application/json - openAPIDocKey: '200' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/workstation_clusters/methods/get' @@ -1965,24 +1974,24 @@ components: name: workstation_configs title: Workstation_configs methods: - get: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}/delete response: mediaType: application/json openAPIDocKey: '200' - patch: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}/patch + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}/get response: mediaType: application/json openAPIDocKey: '200' - delete: + patch: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -2047,21 +2056,21 @@ components: response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + test_iam_permissions: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}:testIamPermissions/post response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + get_iam_policy: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}:getIamPolicy/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.bindings sqlVerbs: select: - $ref: >- @@ -2073,28 +2082,14 @@ components: #/components/x-stackQL-resources/workstation_configs_iam_policies/methods/set_iam_policy delete: [] workstations: - id: google.workstations.workstations - name: workstations - title: Workstations - methods: - get: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}~1workstations~1{workstationsId}/get - response: - mediaType: application/json - openAPIDocKey: '200' - patch: - operation: - $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}~1workstations~1{workstationsId}/patch - response: - mediaType: application/json - openAPIDocKey: '200' - delete: + id: google.workstations.workstations + name: workstations + title: Workstations + methods: + generate_access_token: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}~1workstations~1{workstationsId}/delete + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}~1workstations~1{workstationsId}:generateAccessToken/post response: mediaType: application/json openAPIDocKey: '200' @@ -2127,10 +2122,24 @@ components: response: mediaType: application/json openAPIDocKey: '200' - generate_access_token: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}~1workstations~1{workstationsId}:generateAccessToken/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}~1workstations~1{workstationsId}/get + response: + mediaType: application/json + openAPIDocKey: '200' + delete: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}~1workstations~1{workstationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + patch: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}~1workstations~1{workstationsId}/patch response: mediaType: application/json openAPIDocKey: '200' @@ -2145,6 +2154,43 @@ components: replace: [] delete: - $ref: '#/components/x-stackQL-resources/workstations/methods/delete' + workstations_iam_policies: + id: google.workstations.workstations_iam_policies + name: workstations_iam_policies + title: Workstations_iam_policies + methods: + test_iam_permissions: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}~1workstations~1{workstationsId}:testIamPermissions/post + response: + mediaType: application/json + openAPIDocKey: '200' + set_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}~1workstations~1{workstationsId}:setIamPolicy/post + response: + mediaType: application/json + openAPIDocKey: '200' + get_iam_policy: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}~1workstations~1{workstationsId}:getIamPolicy/get + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.bindings + sqlVerbs: + select: + - $ref: >- + #/components/x-stackQL-resources/workstations_iam_policies/methods/get_iam_policy + insert: [] + update: [] + replace: + - $ref: >- + #/components/x-stackQL-resources/workstations_iam_policies/methods/set_iam_policy + delete: [] workstations_usable: id: google.workstations.workstations_usable name: workstations_usable @@ -2166,174 +2212,97 @@ components: update: [] replace: [] delete: [] - workstations_iam_policies: - id: google.workstations.workstations_iam_policies - name: workstations_iam_policies - title: Workstations_iam_policies + operations: + id: google.workstations.operations + name: operations + title: Operations methods: - set_iam_policy: + cancel: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}~1workstations~1{workstationsId}:setIamPolicy/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}:cancel/post response: mediaType: application/json openAPIDocKey: '200' - get_iam_policy: + get: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}~1workstations~1{workstationsId}:getIamPolicy/get + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/get response: mediaType: application/json openAPIDocKey: '200' - objectKey: $.bindings - test_iam_permissions: + delete: operation: $ref: >- - #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1workstationClusters~1{workstationClustersId}~1workstationConfigs~1{workstationConfigsId}~1workstations~1{workstationsId}:testIamPermissions/post + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations~1{operationsId}/delete + response: + mediaType: application/json + openAPIDocKey: '200' + list: + operation: + $ref: >- + #/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}~1operations/get response: mediaType: application/json openAPIDocKey: '200' + objectKey: $.unreachable sqlVerbs: select: - - $ref: >- - #/components/x-stackQL-resources/workstations_iam_policies/methods/get_iam_policy + - $ref: '#/components/x-stackQL-resources/operations/methods/get' + - $ref: '#/components/x-stackQL-resources/operations/methods/list' insert: [] update: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/workstations_iam_policies/methods/set_iam_policy + replace: [] + delete: + - $ref: '#/components/x-stackQL-resources/operations/methods/delete' + locations: + id: google.workstations.locations + name: locations + title: Locations + methods: + list: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations/get' + response: + mediaType: application/json + openAPIDocKey: '200' + objectKey: $.locations + get: + operation: + $ref: '#/paths/~1v1~1projects~1{projectsId}~1locations~1{locationsId}/get' + response: + mediaType: application/json + openAPIDocKey: '200' + sqlVerbs: + select: + - $ref: '#/components/x-stackQL-resources/locations/methods/get' + - $ref: '#/components/x-stackQL-resources/locations/methods/list' + insert: [] + update: [] + replace: [] delete: [] paths: - /v1/projects/{projectsId}/locations: - parameters: &ref_1 - - $ref: '#/components/parameters/access_token' - - $ref: '#/components/parameters/alt' - - $ref: '#/components/parameters/callback' - - $ref: '#/components/parameters/fields' - - $ref: '#/components/parameters/key' - - $ref: '#/components/parameters/oauth_token' - - $ref: '#/components/parameters/prettyPrint' - - $ref: '#/components/parameters/quotaUser' - - $ref: '#/components/parameters/upload_protocol' - - $ref: '#/components/parameters/uploadType' - - $ref: '#/components/parameters/_.xgafv' - get: - description: Lists information about the supported locations for this service. - operationId: workstations.projects.locations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListLocationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: extraLocationTypes - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}: - parameters: *ref_1 - get: - description: Gets information about a location. - operationId: workstations.projects.locations.get - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/Location' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations: - parameters: *ref_1 - get: - description: >- - Lists operations that match the specified filter in the request. If the - server doesn't support this method, it returns `UNIMPLEMENTED`. - operationId: workstations.projects.locations.operations.list - security: - - Oauth2: - - https://www.googleapis.com/auth/cloud-platform - Oauth2c: - - https://www.googleapis.com/auth/cloud-platform - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/ListOperationsResponse' - parameters: - - in: path - name: projectsId - required: true - schema: - type: string - - in: path - name: locationsId - required: true - schema: - type: string - - in: query - name: filter - schema: - type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: - parameters: *ref_1 - get: - description: >- - Gets the latest state of a long-running operation. Clients can use this - method to poll the operation result at intervals as recommended by the - API service. - operationId: workstations.projects.locations.operations.get + /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}: + parameters: &ref_1 + - $ref: '#/components/parameters/callback' + - $ref: '#/components/parameters/uploadType' + - $ref: '#/components/parameters/upload_protocol' + - $ref: '#/components/parameters/alt' + - $ref: '#/components/parameters/_.xgafv' + - $ref: '#/components/parameters/access_token' + - $ref: '#/components/parameters/oauth_token' + - $ref: '#/components/parameters/key' + - $ref: '#/components/parameters/quotaUser' + - $ref: '#/components/parameters/fields' + - $ref: '#/components/parameters/prettyPrint' + patch: + description: Updates an existing workstation cluster. + operationId: workstations.projects.locations.workstationClusters.patch + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/WorkstationCluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2358,17 +2327,26 @@ paths: schema: type: string - in: path - name: operationsId + name: workstationClustersId required: true schema: type: string + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: allowMissing + schema: + type: boolean + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask delete: - description: >- - Deletes a long-running operation. This method indicates that the client - is no longer interested in the operation result. It does not cancel the - operation. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. - operationId: workstations.projects.locations.operations.delete + description: Deletes the specified workstation cluster. + operationId: workstations.projects.locations.workstationClusters.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2380,7 +2358,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2393,29 +2371,25 @@ paths: schema: type: string - in: path - name: operationsId + name: workstationClustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: - parameters: *ref_1 - post: - description: >- - Starts asynchronous cancellation on a long-running operation. The server - makes a best effort to cancel the operation, but success is not - guaranteed. If the server doesn't support this method, it returns - `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation - or other methods to check whether the cancellation succeeded or whether - the operation completed despite cancellation. On successful - cancellation, the operation is not deleted; instead, it becomes an - operation with an Operation.error value with a google.rpc.Status.code of - `1`, corresponding to `Code.CANCELLED`. - operationId: workstations.projects.locations.operations.cancel - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CancelOperationRequest' + - in: query + name: force + schema: + type: boolean + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: etag + schema: + type: string + get: + description: Returns the requested workstation cluster. + operationId: workstations.projects.locations.workstationClusters.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2427,7 +2401,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GoogleProtobufEmpty' + $ref: '#/components/schemas/WorkstationCluster' parameters: - in: path name: projectsId @@ -2440,15 +2414,20 @@ paths: schema: type: string - in: path - name: operationsId + name: workstationClustersId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}: + /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters: parameters: *ref_1 - get: - description: Returns the requested workstation cluster. - operationId: workstations.projects.locations.workstationClusters.get + post: + description: Creates a new workstation cluster. + operationId: workstations.projects.locations.workstationClusters.create + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/WorkstationCluster' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2460,7 +2439,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WorkstationCluster' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -2472,19 +2451,17 @@ paths: required: true schema: type: string - - in: path - name: workstationClustersId - required: true + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: workstationClusterId schema: type: string - patch: - description: Updates an existing workstation cluster. - operationId: workstations.projects.locations.workstationClusters.patch - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/WorkstationCluster' + get: + description: Returns all workstation clusters in the specified location. + operationId: workstations.projects.locations.workstationClusters.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2496,7 +2473,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListWorkstationClustersResponse' parameters: - in: path name: projectsId @@ -2508,27 +2485,25 @@ paths: required: true schema: type: string - - in: path - name: workstationClustersId - required: true - schema: - type: string - in: query - name: updateMask + name: pageToken schema: type: string - format: google-fieldmask - in: query - name: validateOnly + name: filter schema: - type: boolean + type: string - in: query - name: allowMissing + name: pageSize schema: - type: boolean + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}: + parameters: *ref_1 delete: - description: Deletes the specified workstation cluster. - operationId: workstations.projects.locations.workstationClusters.delete + description: Deletes the specified workstation configuration. + operationId: >- + workstations.projects.locations.workstationClusters.workstationConfigs.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2557,23 +2532,27 @@ paths: required: true schema: type: string - - in: query - name: validateOnly + - in: path + name: workstationConfigsId + required: true schema: - type: boolean + type: string - in: query name: etag schema: type: string + - in: query + name: validateOnly + schema: + type: boolean - in: query name: force schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters: - parameters: *ref_1 get: - description: Returns all workstation clusters in the specified location. - operationId: workstations.projects.locations.workstationClusters.list + description: Returns the requested workstation configuration. + operationId: >- + workstations.projects.locations.workstationClusters.workstationConfigs.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2585,7 +2564,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListWorkstationClustersResponse' + $ref: '#/components/schemas/WorkstationConfig' parameters: - in: path name: projectsId @@ -2597,27 +2576,25 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: workstationClustersId + required: true schema: type: string - - in: query - name: filter + - in: path + name: workstationConfigsId + required: true schema: type: string - post: - description: Creates a new workstation cluster. - operationId: workstations.projects.locations.workstationClusters.create + patch: + description: Updates an existing workstation configuration. + operationId: >- + workstations.projects.locations.workstationClusters.workstationConfigs.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/WorkstationCluster' + $ref: '#/components/schemas/WorkstationConfig' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2641,20 +2618,37 @@ paths: required: true schema: type: string + - in: path + name: workstationClustersId + required: true + schema: + type: string + - in: path + name: workstationConfigsId + required: true + schema: + type: string - in: query - name: workstationClusterId + name: updateMask schema: type: string + format: google-fieldmask + - in: query + name: allowMissing + schema: + type: boolean - in: query name: validateOnly schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}: + /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs:listUsable: parameters: *ref_1 get: - description: Returns the requested workstation configuration. + description: >- + Returns all workstation configurations in the specified cluster on which + the caller has the "workstations.workstation.create" permission. operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.get + workstations.projects.locations.workstationClusters.workstationConfigs.listUsable security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2666,7 +2660,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/WorkstationConfig' + $ref: '#/components/schemas/ListUsableWorkstationConfigsResponse' parameters: - in: path name: projectsId @@ -2683,20 +2677,29 @@ paths: required: true schema: type: string - - in: path - name: workstationConfigsId - required: true + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string - patch: - description: Updates an existing workstation configuration. + /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.patch + workstations.projects.locations.workstationClusters.workstationConfigs.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/WorkstationConfig' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2708,7 +2711,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2727,26 +2730,25 @@ paths: type: string - in: path name: workstationConfigsId - required: true - schema: - type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: allowMissing + required: true schema: - type: boolean - delete: - description: Deletes the specified workstation configuration. + type: string + /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}:testIamPermissions: + parameters: *ref_1 + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.delete + workstations.projects.locations.workstationClusters.workstationConfigs.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2758,7 +2760,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -2780,18 +2782,6 @@ paths: required: true schema: type: string - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: etag - schema: - type: string - - in: query - name: force - schema: - type: boolean /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs: parameters: *ref_1 get: @@ -2826,11 +2816,6 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - in: query name: pageToken schema: @@ -2839,6 +2824,11 @@ paths: name: filter schema: type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 post: description: Creates a new workstation configuration. operationId: >- @@ -2876,22 +2866,22 @@ paths: required: true schema: type: string - - in: query - name: workstationConfigId - schema: - type: string - in: query name: validateOnly schema: type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs:listUsable: + - in: query + name: workstationConfigId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}:getIamPolicy: parameters: *ref_1 get: description: >- - Returns all workstation configurations in the specified cluster on which - the caller has the "workstations.workstation.create" permission. + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.listUsable + workstations.projects.locations.workstationClusters.workstationConfigs.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2903,7 +2893,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListUsableWorkstationConfigsResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -2920,29 +2910,30 @@ paths: required: true schema: type: string + - in: path + name: workstationConfigsId + required: true + schema: + type: string - in: query - name: pageSize + name: options.requestedPolicyVersion schema: type: integer format: int32 - - in: query - name: pageToken - schema: - type: string - /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}:setIamPolicy: + /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations/{workstationsId}:generateAccessToken: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. + Returns a short-lived credential that can be used to send authenticated + and authorized traffic to a workstation. Once generated this token + cannot be revoked and is good for the lifetime of the token. operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.setIamPolicy + workstations.projects.locations.workstationClusters.workstationConfigs.workstations.generateAccessToken requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/GenerateAccessTokenRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2954,7 +2945,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/GenerateAccessTokenResponse' parameters: - in: path name: projectsId @@ -2976,14 +2967,17 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}:getIamPolicy: + - in: path + name: workstationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations: parameters: *ref_1 get: - description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. + description: Returns all Workstations using the specified workstation configuration. operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.getIamPolicy + workstations.projects.locations.workstationClusters.workstationConfigs.workstations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -2995,7 +2989,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/ListWorkstationsResponse' parameters: - in: path name: projectsId @@ -3018,26 +3012,27 @@ paths: schema: type: string - in: query - name: options.requestedPolicyVersion + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}:testIamPermissions: - parameters: *ref_1 + - in: query + name: pageToken + schema: + type: string + - in: query + name: filter + schema: + type: string post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. + description: Creates a new workstation. operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.testIamPermissions + workstations.projects.locations.workstationClusters.workstationConfigs.workstations.create requestBody: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + $ref: '#/components/schemas/Workstation' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3049,7 +3044,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3071,12 +3066,30 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations/{workstationsId}: + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: workstationId + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations/{workstationsId}:testIamPermissions: parameters: *ref_1 - get: - description: Returns the requested workstation. + post: + description: >- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of permissions, + not a `NOT_FOUND` error. Note: This operation is designed to be used for + building permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without warning. operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.workstations.get + workstations.projects.locations.workstationClusters.workstationConfigs.workstations.testIamPermissions + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TestIamPermissionsRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3088,7 +3101,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Workstation' + $ref: '#/components/schemas/TestIamPermissionsResponse' parameters: - in: path name: projectsId @@ -3115,15 +3128,20 @@ paths: required: true schema: type: string - patch: - description: Updates an existing workstation. + /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations/{workstationsId}:setIamPolicy: + parameters: *ref_1 + post: + description: >- + Sets the access control policy on the specified resource. Replaces any + existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and + `PERMISSION_DENIED` errors. operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.workstations.patch + workstations.projects.locations.workstationClusters.workstationConfigs.workstations.setIamPolicy requestBody: content: application/json: schema: - $ref: '#/components/schemas/Workstation' + $ref: '#/components/schemas/SetIamPolicyRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3135,7 +3153,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -3162,23 +3180,14 @@ paths: required: true schema: type: string - - in: query - name: updateMask - schema: - type: string - format: google-fieldmask - - in: query - name: validateOnly - schema: - type: boolean - - in: query - name: allowMissing - schema: - type: boolean - delete: - description: Deletes the specified workstation. + /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations:listUsable: + parameters: *ref_1 + get: + description: >- + Returns all workstations using the specified workstation configuration + on which the caller has the "workstations.workstations.use" permission. operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.workstations.delete + workstations.projects.locations.workstationClusters.workstationConfigs.workstations.listUsable security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3190,7 +3199,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Operation' + $ref: '#/components/schemas/ListUsableWorkstationsResponse' parameters: - in: path name: projectsId @@ -3212,25 +3221,26 @@ paths: required: true schema: type: string - - in: path - name: workstationsId - required: true - schema: - type: string - in: query - name: validateOnly + name: pageSize schema: - type: boolean + type: integer + format: int32 - in: query - name: etag + name: pageToken schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations: + /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations/{workstationsId}:start: parameters: *ref_1 - get: - description: Returns all Workstations using the specified workstation configuration. + post: + description: Starts running a workstation so that users can connect to it. operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.workstations.list + workstations.projects.locations.workstationClusters.workstationConfigs.workstations.start + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/StartWorkstationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3242,7 +3252,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListWorkstationsResponse' + $ref: '#/components/schemas/Operation' parameters: - in: path name: projectsId @@ -3264,28 +3274,22 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken - schema: - type: string - - in: query - name: filter + - in: path + name: workstationsId + required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations/{workstationsId}:stop: + parameters: *ref_1 post: - description: Creates a new workstation. + description: Stops running a workstation, reducing costs. operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.workstations.create + workstations.projects.locations.workstationClusters.workstationConfigs.workstations.stop requestBody: content: application/json: schema: - $ref: '#/components/schemas/Workstation' + $ref: '#/components/schemas/StopWorkstationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3319,22 +3323,17 @@ paths: required: true schema: type: string - - in: query - name: workstationId - schema: - type: string - - in: query - name: validateOnly + - in: path + name: workstationsId + required: true schema: - type: boolean - /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations:listUsable: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations/{workstationsId}: parameters: *ref_1 get: - description: >- - Returns all workstations using the specified workstation configuration - on which the caller has the "workstations.workstations.use" permission. + description: Returns the requested workstation. operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.workstations.listUsable + workstations.projects.locations.workstationClusters.workstationConfigs.workstations.get security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3346,7 +3345,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListUsableWorkstationsResponse' + $ref: '#/components/schemas/Workstation' parameters: - in: path name: projectsId @@ -3368,26 +3367,15 @@ paths: required: true schema: type: string - - in: query - name: pageSize - schema: - type: integer - format: int32 - - in: query - name: pageToken + - in: path + name: workstationsId + required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations/{workstationsId}:start: - parameters: *ref_1 - post: - description: Starts running a workstation so that users can connect to it. + delete: + description: Deletes the specified workstation. operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.workstations.start - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/StartWorkstationRequest' + workstations.projects.locations.workstationClusters.workstationConfigs.workstations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3426,17 +3414,23 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations/{workstationsId}:stop: - parameters: *ref_1 - post: - description: Stops running a workstation, reducing costs. + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: etag + schema: + type: string + patch: + description: Updates an existing workstation. operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.workstations.stop + workstations.projects.locations.workstationClusters.workstationConfigs.workstations.patch requestBody: content: application/json: schema: - $ref: '#/components/schemas/StopWorkstationRequest' + $ref: '#/components/schemas/Workstation' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3475,20 +3469,27 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations/{workstationsId}:generateAccessToken: + - in: query + name: validateOnly + schema: + type: boolean + - in: query + name: allowMissing + schema: + type: boolean + - in: query + name: updateMask + schema: + type: string + format: google-fieldmask + /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations/{workstationsId}:getIamPolicy: parameters: *ref_1 - post: + get: description: >- - Returns a short-lived credential that can be used to send authenticated - and authorized traffic to a workstation. Once generated this token - cannot be revoked and is good for the lifetime of the token. + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.workstations.generateAccessToken - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GenerateAccessTokenRequest' + workstations.projects.locations.workstationClusters.workstationConfigs.workstations.getIamPolicy security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3500,7 +3501,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GenerateAccessTokenResponse' + $ref: '#/components/schemas/Policy' parameters: - in: path name: projectsId @@ -3527,20 +3528,30 @@ paths: required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations/{workstationsId}:setIamPolicy: + - in: query + name: options.requestedPolicyVersion + schema: + type: integer + format: int32 + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel: parameters: *ref_1 post: description: >- - Sets the access control policy on the specified resource. Replaces any - existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and - `PERMISSION_DENIED` errors. - operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.workstations.setIamPolicy + Starts asynchronous cancellation on a long-running operation. The server + makes a best effort to cancel the operation, but success is not + guaranteed. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation + or other methods to check whether the cancellation succeeded or whether + the operation completed despite cancellation. On successful + cancellation, the operation is not deleted; instead, it becomes an + operation with an Operation.error value with a google.rpc.Status.code of + `1`, corresponding to `Code.CANCELLED`. + operationId: workstations.projects.locations.operations.cancel requestBody: content: application/json: schema: - $ref: '#/components/schemas/SetIamPolicyRequest' + $ref: '#/components/schemas/CancelOperationRequest' security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3552,7 +3563,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -3565,28 +3576,53 @@ paths: schema: type: string - in: path - name: workstationClustersId + name: operationsId + required: true + schema: + type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}: + parameters: *ref_1 + get: + description: >- + Gets the latest state of a long-running operation. Clients can use this + method to poll the operation result at intervals as recommended by the + API service. + operationId: workstations.projects.locations.operations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Operation' + parameters: + - in: path + name: projectsId required: true schema: type: string - in: path - name: workstationConfigsId + name: locationsId required: true schema: type: string - in: path - name: workstationsId + name: operationsId required: true schema: type: string - /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations/{workstationsId}:getIamPolicy: - parameters: *ref_1 - get: + delete: description: >- - Gets the access control policy for a resource. Returns an empty policy - if the resource exists and does not have a policy set. - operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.workstations.getIamPolicy + Deletes a long-running operation. This method indicates that the client + is no longer interested in the operation result. It does not cancel the + operation. If the server doesn't support this method, it returns + `google.rpc.Code.UNIMPLEMENTED`. + operationId: workstations.projects.locations.operations.delete security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3598,7 +3634,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/GoogleProtobufEmpty' parameters: - in: path name: projectsId @@ -3611,41 +3647,62 @@ paths: schema: type: string - in: path - name: workstationClustersId + name: operationsId required: true schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}/operations: + parameters: *ref_1 + get: + description: >- + Lists operations that match the specified filter in the request. If the + server doesn't support this method, it returns `UNIMPLEMENTED`. + operationId: workstations.projects.locations.operations.list + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/ListOperationsResponse' + parameters: - in: path - name: workstationConfigsId + name: projectsId required: true schema: type: string - in: path - name: workstationsId + name: locationsId required: true schema: type: string - in: query - name: options.requestedPolicyVersion + name: pageToken + schema: + type: string + - in: query + name: pageSize schema: type: integer format: int32 - /v1/projects/{projectsId}/locations/{locationsId}/workstationClusters/{workstationClustersId}/workstationConfigs/{workstationConfigsId}/workstations/{workstationsId}:testIamPermissions: + - in: query + name: returnPartialSuccess + schema: + type: boolean + - in: query + name: filter + schema: + type: string + /v1/projects/{projectsId}/locations: parameters: *ref_1 - post: - description: >- - Returns permissions that a caller has on the specified resource. If the - resource does not exist, this will return an empty set of permissions, - not a `NOT_FOUND` error. Note: This operation is designed to be used for - building permission-aware UIs and command-line tools, not for - authorization checking. This operation may "fail open" without warning. - operationId: >- - workstations.projects.locations.workstationClusters.workstationConfigs.workstations.testIamPermissions - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TestIamPermissionsRequest' + get: + description: Lists information about the supported locations for this service. + operationId: workstations.projects.locations.list security: - Oauth2: - https://www.googleapis.com/auth/cloud-platform @@ -3657,30 +3714,55 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TestIamPermissionsResponse' + $ref: '#/components/schemas/ListLocationsResponse' parameters: - in: path name: projectsId required: true schema: type: string - - in: path - name: locationsId - required: true + - in: query + name: extraLocationTypes schema: type: string - - in: path - name: workstationClustersId - required: true + - in: query + name: filter + schema: + type: string + - in: query + name: pageSize + schema: + type: integer + format: int32 + - in: query + name: pageToken schema: type: string + /v1/projects/{projectsId}/locations/{locationsId}: + parameters: *ref_1 + get: + description: Gets information about a location. + operationId: workstations.projects.locations.get + security: + - Oauth2: + - https://www.googleapis.com/auth/cloud-platform + Oauth2c: + - https://www.googleapis.com/auth/cloud-platform + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/Location' + parameters: - in: path - name: workstationConfigsId + name: projectsId required: true schema: type: string - in: path - name: workstationsId + name: locationsId required: true schema: type: string